phpicalendar-devel — Mailing list for PHP iCalendar Developers

Re: [PHPiCalendar-DEV] CVS problems

[Richard K. <kar...@gm...>]

> Anyone else having problems with CVS?  I can't checkout phpicalendar
> since this weekend.
There's a partial outage:
http://sourceforge.net/docman/display_doc.php?docid=3D2352&group_id=3D1

--Rick

[PHPiCalendar-DEV] CVS problems

[Jim Hu <ji...@ta...>]

Anyone else having problems with CVS?  I can't checkout phpicalendar  
since this weekend.

I put 2.22rc3 on the website:

http://phpicalendar.net/forums/viewtopic.php?p=2389#2389

I went back to putting the event info into the main calendars and  
passing it to event.php instead of having event.php reparse the .ics  
files.  To do this, I just serialized the event info from the master  
array, and passed it as a single parameter via the javascript.   
event.php unserializes it, so anything that is in the master array is  
available if we want to display it.

I also added two additional rss feeds that validated using sample  
data based on an icalendar namespace I found on the web.  I thought  
we should keep the original feed, however, for backward compatibility  
with sites that parse the output (like mine!).

Jim Hu

Re: [PHPiCalendar-DEV] Is this a new security vuln?

[Jim Hu <ji...@ta...>]

On Mar 25, 2006, at 1:15 AM, Wesley Miaw wrote:

> We could use the approach required by taint-mode in Perl, where any  
> inputs from the user must pass through your grep patterns and be  
> pulled into separate values from the matching values. I guess this  
> would work by having a separate function that is the only place in  
> PHP iCalendar that can access _GET, _REQUEST, or cookies, and it  
> will return an array of the values it has pulled out of any of  
> those inputs. This would isolate things and make it easy to  
> identify code that isn't following this rule.

I think we could accomplish this by putting a module of this kind as  
a require_once from init.inc.php.  We'd move the cookie stuff into  
it.  I'm not very good with regex, though...so help is needed!    
Anyone know if  there a good module we could use for this from PEAR  
or elsewhere?

I propose that 2.2x continue to be minor tweaks of what we currently  
have, and this be a goal for 2.3.

If danon is still working on his improved admin page, I think this  
will be needed.

Jim

>
> On Mar 23, 2006, at 8:28 AM, Jim Hu wrote:
>>
>> Getting back to #1, we really should not be using any superglobals  
>> without verifying their content.  I've been thinking this for a  
>> while.  I suggest that this should be a high priority item.  The  
>> approach I am thinking of is a script that runs early that reads  
>> all of these, checks their content, and throws a breakin attempt  
>> error if anything looks inappropriate.  There are two approaches  
>> to this:
>>
>> 1) Rewrite the content of the superglobals we use.  This is  
>> probably not a good way, since as we add code, we may add a new  
>> $_GET or $_REQUEST that isn't checked.
>> 2) Move all the validated content into a new array $clean[$key]  
>> (or some other array name) and then unset the other superglobals  
>> after the validation script runs.  This is my preferred method,  
>> but it means that we may frustrate people who are trying to add  
>> new features or customize their code.
>
> --
> Wesley Miaw
> we...@we...
>
>
>
>
> -------------------------------------------------------
> This SF.Net email is sponsored by xPML, a groundbreaking scripting  
> language
> that extends applications into web and mobile media. Attend the  
> live webcast
> and join the prime developer group breaking into this new coding  
> territory!
> http://sel.as-us.falkag.net/sel? 
> cmd=lnk&kid=110944&bid=241720&dat=121642
> _______________________________________________
> Phpicalendar-devel mailing list
> Php...@li...
> https://lists.sourceforge.net/lists/listinfo/phpicalendar-devel

Re: [PHPiCalendar-DEV] release candidate for 2.22 = 2.22rc1

[Wesley M. <we...@we...>]

My server is running PHP 5.0.4 on OpenSuSE 10.0 right now. I also use  
an Apple iCal repository. Working for me.

On Mar 21, 2006, at 8:01 AM, Jim Hu wrote:

> The current CVS is a release candidate for 2.2  I'm also providing  
> a link from the website so the users can beat on it to see if I  
> really got the various bugs.
>
> Some of the things I did in the last round of changes:
> added year printview
> added sidebar to year view
> changed rss.php so it
> 	gets the cal_displaynames from those found be ical_parser.php
> 	gets the filemtime from the master_array instead of trying to find  
> them again
>
> I can only test this on my server with my php configuration (OS X  
> php5.0.3)...testing on other platforms would be great.

--
Wesley Miaw
we...@we...

Re: [PHPiCalendar-DEV] Is this a new security vuln?

[Wesley M. <we...@we...>]

We could use the approach required by taint-mode in Perl, where any  
inputs from the user must pass through your grep patterns and be  
pulled into separate values from the matching values. I guess this  
would work by having a separate function that is the only place in  
PHP iCalendar that can access _GET, _REQUEST, or cookies, and it will  
return an array of the values it has pulled out of any of those  
inputs. This would isolate things and make it easy to identify code  
that isn't following this rule.

On Mar 23, 2006, at 8:28 AM, Jim Hu wrote:
>
> Getting back to #1, we really should not be using any superglobals  
> without verifying their content.  I've been thinking this for a  
> while.  I suggest that this should be a high priority item.  The  
> approach I am thinking of is a script that runs early that reads  
> all of these, checks their content, and throws a breakin attempt  
> error if anything looks inappropriate.  There are two approaches to  
> this:
>
> 1) Rewrite the content of the superglobals we use.  This is  
> probably not a good way, since as we add code, we may add a new  
> $_GET or $_REQUEST that isn't checked.
> 2) Move all the validated content into a new array $clean[$key] (or  
> some other array name) and then unset the other superglobals after  
> the validation script runs.  This is my preferred method, but it  
> means that we may frustrate people who are trying to add new  
> features or customize their code.

--
Wesley Miaw
we...@we...

Re: [PHPiCalendar-DEV] Is this a new security vuln?

[Jim Hu <ji...@ta...>]

Scott,

Thanks, I wish they would let us know before publishing on their  
website.  :^(
Glad you are subscribed to their alerts.

Vuln #1 is from cookies, and I posted a temporary filling on the bbs  
- comment out the code that reads the cookie in init.inc.php.

Vuln #2 is related to the publish scripts, which we technically say  
we don't support.  We may need someone to take this on.  Anybody?

Getting back to #1, we really should not be using any superglobals  
without verifying their content.  I've been thinking this for a  
while.  I suggest that this should be a high priority item.  The  
approach I am thinking of is a script that runs early that reads all  
of these, checks their content, and throws a breakin attempt error if  
anything looks inappropriate.  There are two approaches to this:

1) Rewrite the content of the superglobals we use.  This is probably  
not a good way, since as we add code, we may add a new $_GET or  
$_REQUEST that isn't checked.
2) Move all the validated content into a new array $clean[$key] (or  
some other array name) and then unset the other superglobals after  
the validation script runs.  This is my preferred method, but it  
means that we may frustrate people who are trying to add new features  
or customize their code.

What do people think?

Jim
=====================================

On Mar 23, 2006, at 8:22 AM, Scott Garman wrote:

> I received this advisory from Secunia a couple of days ago and  
> wonder if it has been fixed yet? I'm not seeing any discussion of  
> it here or on the message board:
>
> http://secunia.com/advisories/19285/
>
> If this is just the same issue that was fixed with this patch:
>
> http://phpicalendar.net/forums/viewtopic.php? 
> t=396&sid=fe5fe3f127aadecad7c0016108357259
>
> please let me know. I have disabled a public PHPiCal installation  
> temporarily until I know for sure.
>
> Thanks,
>
> Scott
>
> -- 
> Scott Garman
> sgarman at iname dot com
>
>
> -------------------------------------------------------
> This SF.Net email is sponsored by xPML, a groundbreaking scripting  
> language
> that extends applications into web and mobile media. Attend the  
> live webcast
> and join the prime developer group breaking into this new coding  
> territory!
> http://sel.as-us.falkag.net/sel? 
> cmd=lnk&kid=110944&bid=241720&dat=121642
> _______________________________________________
> Phpicalendar-devel mailing list
> Php...@li...
> https://lists.sourceforge.net/lists/listinfo/phpicalendar-devel

[PHPiCalendar-DEV] Is this a new security vuln?

[Scott G. <sg...@in...>]

I received this advisory from Secunia a couple of days ago and wonder if 
it has been fixed yet? I'm not seeing any discussion of it here or on 
the message board:

http://secunia.com/advisories/19285/

If this is just the same issue that was fixed with this patch:

http://phpicalendar.net/forums/viewtopic.php?t=396&sid=fe5fe3f127aadecad7c0016108357259

please let me know. I have disabled a public PHPiCal installation 
temporarily until I know for sure.

Thanks,

Scott

-- 
Scott Garman
sgarman at iname dot com

Re: [PHPiCalendar-DEV] release candidate for 2.22 = 2.22rc1

[<goe...@fi...>]

Hi,

I love PHPiCalendar and we use it for all our courses. So A big Thankyou=20
to the developers.

Today I downloaded the recent phpicalendar-2.22rc1.zip file and=20
installed it on our server. After loading the url in a browser, first I=20
do get the error:

	Template file ./templates/silver/week.tpl not found.

The config-file is the original one, there ist the default set to:

	$template	=3D 'default';	// Template support

If I copy the default folder to silver, the page and the calender is load=
ed.

A request is: How to go back to a dayly/monthly/yearly/weekly-view while=20
having clicked on the print-preview-link... Do I have to use the=20
browser-Back-Button?

Thanks for your work and best regards

G=F6tz Reinicke


Jim Hu schrieb:
> The current CVS is a release candidate for 2.2  I'm also providing a=20
> link from the website so the users can beat on it to see if I really go=
t=20
> the various bugs.
>=20
> Some of the things I did in the last round of changes:
> added year printview
> added sidebar to year view
> changed rss.php so it
>     gets the cal_displaynames from those found be ical_parser.php
>     gets the filemtime from the master_array instead of trying to find=20
> them again
>=20
> I can only test this on my server with my php configuration (OS X=20
> php5.0.3)...testing on other platforms would be great.
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> Jim Hu
>=20
>=20
> -------------------------------------------------------
> This SF.Net email is sponsored by xPML, a groundbreaking scripting lang=
uage
> that extends applications into web and mobile media. Attend the live=20
> webcast
> and join the prime developer group breaking into this new coding territ=
ory!
> http://sel.as-us.falkag.net/sel?cmd=3Dlnk&kid=3D110944&bid=3D241720&dat=
=3D121642
> _______________________________________________
> Phpicalendar-devel mailing list
> Php...@li...
> https://lists.sourceforge.net/lists/listinfo/phpicalendar-devel


--=20
G=F6tz Reinicke
IT Koordinator - IT OfficeNet

Tel. +49 (0) 7141 - 969 420
Fax  +49 (0) 7141 - 969 55 420
goe...@fi...

Filmakademie Baden-W=FCrttemberg
Mathildenstr. 20
71638 Ludwigsburg
www.filmakademie.de

[PHPiCalendar-DEV] release candidate for 2.22 = 2.22rc1

[Jim Hu <ji...@ta...>]

The current CVS is a release candidate for 2.2  I'm also providing a  
link from the website so the users can beat on it to see if I really  
got the various bugs.

Some of the things I did in the last round of changes:
added year printview
added sidebar to year view
changed rss.php so it
	gets the cal_displaynames from those found be ical_parser.php
	gets the filemtime from the master_array instead of trying to find  
them again

I can only test this on my server with my php configuration (OS X  
php5.0.3)...testing on other platforms would be great.
=====================================
Jim Hu

[PHPiCalendar-DEV] Alexis ROUSSEL is out of the office.

[<ale...@un...>]

I will be out of the office starting Fri 03/17/2006 and will not return
until Wed 04/05/2006.

I will be away until the 5 of april 2006

During my absence please forward all messages to Akiko Miyahara
aki...@un...

thank you
--
Alexis Roussel
Programme Assistant
--------------------
Local e-Governance
DCP - Decentralized Cooperation Programme
UNITAR
Palais des Nations
CH-1211 GENEVA 10
Switzerland

tel: +41.22.917.84.18
fax: +41.22.917.89.93
http://www.unitar.org/dcp

[PHPiCalendar-DEV] Recent updates to CVS...bug fix release soon?

[Jim Hu <ji...@ta...>]

It's Spring Break here, and I've been squashing various minor bugs  
while watching basketball and am thinking of doing a 2.22 bug fix  
release.

Things fixed:
- Problem with webcals not being selected when navigating from  
all_calendars_combined
- Lots of notices and warnings fixed
- Pick multiple caption now controlled by language files (but more  
translations needed)
- Event status now controlled by language files (but more  
translations needed)
- Problem with repeating events where first instance is an exception
Features:
-The real names of calendars as found in the .ics files are used in  
$cal_displayname (I reset this during parsing).
-Images allowed in events

I'm working on another repeating event bug [ 1362515 ] December  
Monthly View Corruption
=====================================
Jim Hu

Re: [PHPiCalendar-DEV] Updating the docs

[Wesley M. <we...@we...>]

I've made some documentation changes to the Wiki. But I'm afraid I'm  
not familiar with Wiki syntax and it seems some stuff may be  
incorrect. But I'm also afraid that it might just be a display  
problem in Safari, as I've noticed that Safari has some issues with  
correct character display in certain conditions.

So if someone could please take a look and make corrections as  
necessary, I'd appreciate it.
--
Wesley Miaw
we...@we...

Re: [PHPiCalendar-DEV] Updating the docs

[Jim Hu <ji...@ta...>]

The default mediawiki setup doesn't allow usernames to start with a  
lowercase letter - I'm guessing that's the problem.  I'll change it  
when I remember how (I have several other wikis and I know I've done  
this before).  Sorry 'bout that.
=====================================
Jim Hu

On Feb 18, 2006, at 1:37 PM, Wesley Miaw wrote:

> Hey Jim,
>
> I'm unable to create a login for the Wiki. It says my username is  
> invalid. What are the rules for the username?
>
> On Feb 17, 2006, at 11:04 PM, Jim Hu wrote:
>
>> I noticed that this page in the docs is out of date
>> http://phpicalendar.net/documentation/index.php/Contact
>>
>> I updated it to reflect my taking over the project - please add/ 
>> update your info.  If you have CVS rights, I consider you a  
>> developer...others who contributed code should add themselves as  
>> code contributors.
>> It might also be good if we could add some info somewhere about  
>> what parts of the code different people have expertise in.  For  
>> example, I think that I get the blame for the current state of  
>> rss.php.
>>
>> I've also started pages on the docs wiki to try to explain how the  
>> code works...please add to this too...if you have time, of course.
>>
>> Thanks!
>>
>> Jim
>> =====================================
>> Jim Hu
>>
>>
>> -------------------------------------------------------
>> This SF.net email is sponsored by: Splunk Inc. Do you grep through  
>> log files
>> for problems?  Stop!  Download the new AJAX search engine that makes
>> searching your log files as easy as surfing the  web.  DOWNLOAD  
>> SPLUNK!
>> http://sel.as-us.falkag.net/sel? 
>> cmd=lnk&kid=103432&bid=230486&dat=121642
>> _______________________________________________
>> Phpicalendar-devel mailing list
>> Php...@li...
>> https://lists.sourceforge.net/lists/listinfo/phpicalendar-devel
>
> --
> Wesley Miaw
> we...@we...
>
>
>
>
> -------------------------------------------------------
> This SF.net email is sponsored by: Splunk Inc. Do you grep through  
> log files
> for problems?  Stop!  Download the new AJAX search engine that makes
> searching your log files as easy as surfing the  web.  DOWNLOAD  
> SPLUNK!
> http://sel.as-us.falkag.net/sel? 
> cmd=lnk&kid=103432&bid=230486&dat=121642
> _______________________________________________
> Phpicalendar-devel mailing list
> Php...@li...
> https://lists.sourceforge.net/lists/listinfo/phpicalendar-devel

Re: [PHPiCalendar-DEV] Updating the docs

[Wesley M. <we...@we...>]

Hey Jim,

I'm unable to create a login for the Wiki. It says my username is  
invalid. What are the rules for the username?

On Feb 17, 2006, at 11:04 PM, Jim Hu wrote:

> I noticed that this page in the docs is out of date
> http://phpicalendar.net/documentation/index.php/Contact
>
> I updated it to reflect my taking over the project - please add/ 
> update your info.  If you have CVS rights, I consider you a  
> developer...others who contributed code should add themselves as  
> code contributors.
> It might also be good if we could add some info somewhere about  
> what parts of the code different people have expertise in.  For  
> example, I think that I get the blame for the current state of  
> rss.php.
>
> I've also started pages on the docs wiki to try to explain how the  
> code works...please add to this too...if you have time, of course.
>
> Thanks!
>
> Jim
> =====================================
> Jim Hu
>
>
> -------------------------------------------------------
> This SF.net email is sponsored by: Splunk Inc. Do you grep through  
> log files
> for problems?  Stop!  Download the new AJAX search engine that makes
> searching your log files as easy as surfing the  web.  DOWNLOAD  
> SPLUNK!
> http://sel.as-us.falkag.net/sel? 
> cmd=lnk&kid=103432&bid=230486&dat=121642
> _______________________________________________
> Phpicalendar-devel mailing list
> Php...@li...
> https://lists.sourceforge.net/lists/listinfo/phpicalendar-devel

--
Wesley Miaw
we...@we...

[PHPiCalendar-DEV] Updating the docs

[Jim Hu <ji...@TA...>]

I noticed that this page in the docs is out of date
http://phpicalendar.net/documentation/index.php/Contact

I updated it to reflect my taking over the project - please add/ 
update your info.  If you have CVS rights, I consider you a  
developer...others who contributed code should add themselves as code  
contributors.
It might also be good if we could add some info somewhere about what  
parts of the code different people have expertise in.  For example, I  
think that I get the blame for the current state of rss.php.

I've also started pages on the docs wiki to try to explain how the  
code works...please add to this too...if you have time, of course.

Thanks!

Jim
=====================================
Jim Hu

Re: [PHPiCalendar-DEV] Fwd: [eVuln] PHP iCalendar File Inclusion Vulnerability

[Jim Hu <ji...@ta...>]

Yes, CVS has been updated to include the patches.

On Feb 9, 2006, at 2:32 AM, Nicolas Contamin wrote:

> Here is the post sent to bugTraq.
>
> Has the CVS version been updated ? (It sounds bad english, isn't it ?)
>
>
> Danon'.
> ---------- Forwarded message ----------
> From: al...@ev... < al...@ev...>
> Date: 8 Feb 2006 23:29:47 -0000
> Subject: [eVuln] PHP iCalendar File Inclusion Vulnerability
> To: bu...@se...
>
> New eVuln Advisory:
> PHP iCalendar File Inclusion Vulnerability
> http://evuln.com/vulns/70/summary.html
>
> --------------------Summary----------------
> eVuln ID: EV0070
> Software: PHP iCalendar
> Sowtware's Web Site: http://phpicalendar.net/
> Versions: 2.0.1 2.1 2.2
> Critical Level: Dangerous
> Type: File Inclusion
> Class: Remote
> Status: Patched
> Exploit: Not Available
> Solution: Available
> Discovered by: Aliaksandr Hartsuyeu (eVuln.com)
>
> -----------------Description---------------
> File: functions/template.php
> Function parse($file) calls include($file) without correct  
> sanitation of variable $file
>
> File: search.php
> Parameter getdate isn't properly sanitized and may contain a filepath.
>
> All this can be used to make inclusion of arbitrary server-side file.
>
> System access is possible.
>
> --------------Exploit----------------------
> Exploitation code will be published in 3 days
> http://evuln.com/vulns/70/exploit.html
>
> --------------Solution---------------------
> Vendor-provided patch is available at:
>
> http://dimer.tamu.edu/phpicalendar.net/forums/viewtopic.php? 
> p=1869#1869
>
> --------------Credit-----------------------
> Discovered by: Aliaksandr Hartsuyeu ( eVuln.com)
>
>
> -- 
> I'm a poor and lonesome Yaourt... (Air connu)

[PHPiCalendar-DEV] Fwd: [eVuln] PHP iCalendar File Inclusion Vulnerability

[Nicolas C. <nic...@gm...>]

Here is the post sent to bugTraq.

Has the CVS version been updated ? (It sounds bad english, isn't it ?)


Danon'.
---------- Forwarded message ----------
From: al...@ev... <al...@ev...>
Date: 8 Feb 2006 23:29:47 -0000
Subject: [eVuln] PHP iCalendar File Inclusion Vulnerability
To: bu...@se...

New eVuln Advisory:
PHP iCalendar File Inclusion Vulnerability
http://evuln.com/vulns/70/summary.html

--------------------Summary----------------
eVuln ID: EV0070
Software: PHP iCalendar
Sowtware's Web Site: http://phpicalendar.net/
Versions: 2.0.1 2.1 2.2
Critical Level: Dangerous
Type: File Inclusion
Class: Remote
Status: Patched
Exploit: Not Available
Solution: Available
Discovered by: Aliaksandr Hartsuyeu (eVuln.com)

-----------------Description---------------
File: functions/template.php
Function parse($file) calls include($file) without correct sanitation of
variable $file

File: search.php
Parameter getdate isn't properly sanitized and may contain a filepath.

All this can be used to make inclusion of arbitrary server-side file.

System access is possible.

--------------Exploit----------------------
Exploitation code will be published in 3 days
http://evuln.com/vulns/70/exploit.html

--------------Solution---------------------
Vendor-provided patch is available at:

http://dimer.tamu.edu/phpicalendar.net/forums/viewtopic.php?p=3D1869#1869

--------------Credit-----------------------
Discovered by: Aliaksandr Hartsuyeu ( eVuln.com)


--
I'm a poor and lonesome Yaourt... (Air connu)

Re: [PHPiCalendar-DEV] can someone help me understand bug 1417012?

[Jo R. <jr...@sv...>]

On Wed, Feb 01, 2006 at 10:17:04AM +0000, Nicolas Contamin wrote:
> I'm a coder too. And even if I'm not native english speaker, I've understood
> Chad's sentence. Your words seemed to intend that coders are stupid... 
> That's not a good point for you.

No, it means I tend to avoid amiguity.  I work with a lot of non-english
speakers and have found that these kind of assumptions can make problems
worse.  And I did grep for "publish system" in the source tree/docs before I
wrote that too, really ;-)
 
> All right, we're glad to welcome you in the dev team.
> I'm sure, your help will be greatfull.

Uh, maybe someone will be grateful but I doubt my code is great-full ;-)
(that is a wink giggle...)

> Would you mind to be the referent for publish*.php problems ?

I'm not sure what you mean by that.  Let me get my arms around them first.
If I rewrite them I'll be willing to take on bugs reported on them.  I
suspect that many "bugs" are lack of understanding of how to implement and
I'm already working on my new docs for them...

-- 
Jo Rhett
senior geek
SVcolo : Silicon Valley Colocation

[PHPiCalendar-DEV] Website move

[Jim Hu <ji...@ta...>]

OK, as I guess people saw in the Chad asked me to take over and I've  
moved the website.  The DNS should point now phpicalendar.net to my  
server.  I imagine that there will be some shakedown problems in the  
transition.  Please let me know if you find any.

I think I'll need the help of the dev team much more than Chad did.   
I hope I can do close to the job he did in keeping this project  
working.  I know I could not have gotten it to its current level of  
success the way he did.

Jim Hu

Re: [PHPiCalendar-DEV] can someone help me understand bug 1417012?

[Nicolas C. <nic...@gm...>]

2006/1/31, Jo Rhett <jr...@sv...>:
>
> > I think Chad is saying is that the main phpicalendar project does not
> > support the publish.ical.php or publish.mozilla.php scripts.  He says
> >
> > " we do not take bugs in the pulbish system, including documentation"
>
> I'm a coder. The "publish system" doesn't really mean anything to me.
> The "publish system" could mean the documentation on Sourceforge for
> all I know :-( If he had said that publish.ical.php and
> publish.mozilla.php
> are provided as-is and not supported, then I would have understood.


I'm a coder too. And even if I'm not native english speaker, I've understoo=
d
Chad's sentence.
Your words seemed to intend that coders are stupid... That's not a good
point for you.

> These were provided by others, and while they are important to those
> > in the phpicalendar community who can't or won't use WebDAV, they are
> > a pain for the developers since their behavior is very sensitive to
> > server configurations.  If you look on the bbs, you'll see that we
> > get a LOT of people with problems using these.
>
> They are important to me, and I'm prepared to invest some time in
> improving
> them to work better.  That's why I need to understand where they are
> going.
>

All right, we're glad to welcome you in the dev team.
I'm sure, your help will be greatfull.
Would you mind to be the referent for publish*.php problems ?

Thanks,

Danon'.
Ps: I may have a hosting to maintain 'phpicalendar.net', if Chad really
doesn't want to. But it would be a shame for us that he quits.

Re: [PHPiCalendar-DEV] can someone help me understand bug 1417012?

[Jo R. <jr...@sv...>]

On Tue, Jan 31, 2006 at 12:35:59PM -0800, Chad Little wrote:
> I did respond, and responded with a "Won't Fix". Thats my perogative  
> as admin to not fix an issue if I so deem. I have no issues with  
> other bugs you've submitted. We don't take bugs on publish.php or  
> whatever its named. They are provided as is. Why is this of such  
> importance you continue to waste my time with.
 
I was unaware that they were unsupported.  I saw nothing to indicate this
to me.  It appeared that you was closing it because you thought it was a
documentation issue.

-- 
Jo Rhett
senior geek
SVcolo : Silicon Valley Colocation

Re: [PHPiCalendar-DEV] can someone help me understand bug 1417012?

[Jo R. <jr...@sv...>]

On Tue, Jan 31, 2006 at 02:48:20PM -0600, Jim Hu wrote:
> From what I can tell, there is one reference to publish.php in  
> comments in the main code; this is a vestige from before publish.php  
> split into the ical and mozilla specific scripts.  So while it should  
> probably be fixed, it's not clear to me that it counts as a bug.  It  
> has no effect on the functionality, but it does direct the reader to  
> a nonexistent file.
 
Which is an issue that should be fixed.  Minor, but relevant.  However,
part of what I was wondering was how/what the approach was for the 
publish.php scripts.  Is there a desire to re-integrate them?  Or should
the comments be updated?
(in short, before I spent time to write patches, who owns this and what are
they intending to do with it?)

> I think Chad is saying is that the main phpicalendar project does not  
> support the publish.ical.php or publish.mozilla.php scripts.  He says
> 
> " we do not take bugs in the pulbish system, including documentation"

I'm a coder. The "publish system" doesn't really mean anything to me. 
The "publish system" could mean the documentation on Sourceforge for 
all I know :-( If he had said that publish.ical.php and publish.mozilla.php
are provided as-is and not supported, then I would have understood.

> These were provided by others, and while they are important to those  
> in the phpicalendar community who can't or won't use WebDAV, they are  
> a pain for the developers since their behavior is very sensitive to  
> server configurations.  If you look on the bbs, you'll see that we  
> get a LOT of people with problems using these.

They are important to me, and I'm prepared to invest some time in improving
them to work better.  That's why I need to understand where they are going.

> If I understand your request, you are also asking for changes in the  
> _comments_ on line 52 of config.inc.php, which is supported by the  
> project.  But your reopening looked like you are still asking for  
> stuff related to publish.ical.php and publish.mozilla.php.  You might  
> try clarifying what you said earlier instead of blaming Chad for  
> being confused and asking him to reread something that wasn't clear.

I did try to clarify.  I was confused by Chad's absolute slam down on the
topic.  It wasn't like there was anything expressed to help me understand
what he was thinking about this, other than that I had annoyed him.

> The instances in the README accurately reflect the project history as  
> far as I can tell.
 
The only related lines I can find are:
  -Added iCal specific publish.php.
  -Mozilla calendar support added to publish.php.

There's nothing here to tell me that the publish stuff is unsupported, or
what the intent is for the future.

-- 
Jo Rhett
senior geek
SVcolo : Silicon Valley Colocation

Re: [PHPiCalendar-DEV] can someone help me understand bug 1417012?

[Jim Hu <ji...@ta...>]

 From what I can tell, there is one reference to publish.php in  
comments in the main code; this is a vestige from before publish.php  
split into the ical and mozilla specific scripts.  So while it should  
probably be fixed, it's not clear to me that it counts as a bug.  It  
has no effect on the functionality, but it does direct the reader to  
a nonexistent file.

I think Chad is saying is that the main phpicalendar project does not  
support the publish.ical.php or publish.mozilla.php scripts.  He says

" we do not take bugs in the pulbish system, including documentation"

These were provided by others, and while they are important to those  
in the phpicalendar community who can't or won't use WebDAV, they are  
a pain for the developers since their behavior is very sensitive to  
server configurations.  If you look on the bbs, you'll see that we  
get a LOT of people with problems using these.

If I understand your request, you are also asking for changes in the  
_comments_ on line 52 of config.inc.php, which is supported by the  
project.  But your reopening looked like you are still asking for  
stuff related to publish.ical.php and publish.mozilla.php.  You might  
try clarifying what you said earlier instead of blaming Chad for  
being confused and asking him to reread something that wasn't clear.

The instances in the README accurately reflect the project history as  
far as I can tell.


=====================================
Jim Hu

On Jan 31, 2006, at 2:13 PM, Jo Rhett wrote:

> This is regarding bug 1417012.
>
> There are several references in the code to publish.php, which  
> doesn't exist
> in the current distribution.
>
> Chad closed the bug immediately saying he doesn't support  
> documentation.  I
> realized I wasn't being clear, and reopened it explaining that it was
> references in the code itself.  Chad's final note on this is:
>
>   Please stop harrassing me, I've closed this twice. If you persist  
> I will
>   lodge a complaint with sourceforge. This is not going to be fixed.
>
> What exactly about pointing out problems in the code is  
> harrassing?  These
> problems do exist.  If there is a reason for it to be this way (I  
> suggested
> several possible explanations) then why not take a quick moment to  
> explain
> why it is this way?
>
> I'd really hate to start off my relationship with this project on  
> such an
> argumentative approach.  Frankly, I'm confused by this sort of  
> behavior.
>
> I like phpicalendar, and I'm working on a number of patches to  
> improve it
> (including several that are in your feature request list)  But if bug
> reports are going to be slammed down with threats of harrassment,  
> without
> even acknowledging or responding to the issue ... that's pretty  
> difficult
> to work with.
>
> In looking through the bugs, I've noted that Chad tends to  
> aggressively
> close out bugs even when people have documented that the issue  
> isn't fixed.
> So it apparently isn't just me that is observing this behavior.
>
> -- 
> Jo Rhett
> senior geek
> SVcolo : Silicon Valley Colocation
>
>
> -------------------------------------------------------
> This SF.net email is sponsored by: Splunk Inc. Do you grep through  
> log files
> for problems?  Stop!  Download the new AJAX search engine that makes
> searching your log files as easy as surfing the  web.  DOWNLOAD  
> SPLUNK!
> http://sel.as-us.falkag.net/sel? 
> cmd=lnk&kid=103432&bid=230486&dat=121642
> _______________________________________________
> Phpicalendar-devel mailing list
> Php...@li...
> https://lists.sourceforge.net/lists/listinfo/phpicalendar-devel

Re: [PHPiCalendar-DEV] can someone help me understand bug 1417012?

[Chad L. <ch...@ch...>]

I did respond, and responded with a "Won't Fix". Thats my perogative  
as admin to not fix an issue if I so deem. I have no issues with  
other bugs you've submitted. We don't take bugs on publish.php or  
whatever its named. They are provided as is. Why is this of such  
importance you continue to waste my time with.

I'm officially done with PHP iCalendar at this point. Jim, Ive made  
you admin and I'm removing myself from all of Sourceforge. If anyone  
wants the website let me know, it's going down tonight too.

-C


On Jan 31, 2006, at 12:13 PM, Jo Rhett wrote:

> This is regarding bug 1417012.
>
> There are several references in the code to publish.php, which  
> doesn't exist
> in the current distribution.
>
> Chad closed the bug immediately saying he doesn't support  
> documentation.  I
> realized I wasn't being clear, and reopened it explaining that it was
> references in the code itself.  Chad's final note on this is:
>
>   Please stop harrassing me, I've closed this twice. If you persist  
> I will
>   lodge a complaint with sourceforge. This is not going to be fixed.
>
> What exactly about pointing out problems in the code is  
> harrassing?  These
> problems do exist.  If there is a reason for it to be this way (I  
> suggested
> several possible explanations) then why not take a quick moment to  
> explain
> why it is this way?
>
> I'd really hate to start off my relationship with this project on  
> such an
> argumentative approach.  Frankly, I'm confused by this sort of  
> behavior.
>
> I like phpicalendar, and I'm working on a number of patches to  
> improve it
> (including several that are in your feature request list)  But if bug
> reports are going to be slammed down with threats of harrassment,  
> without
> even acknowledging or responding to the issue ... that's pretty  
> difficult
> to work with.
>
> In looking through the bugs, I've noted that Chad tends to  
> aggressively
> close out bugs even when people have documented that the issue  
> isn't fixed.
> So it apparently isn't just me that is observing this behavior.
>
> -- 
> Jo Rhett
> senior geek
> SVcolo : Silicon Valley Colocation
>
>
> -------------------------------------------------------
> This SF.net email is sponsored by: Splunk Inc. Do you grep through  
> log files
> for problems?  Stop!  Download the new AJAX search engine that makes
> searching your log files as easy as surfing the  web.  DOWNLOAD  
> SPLUNK!
> http://sel.as-us.falkag.net/sel? 
> cmd=lnk&kid=103432&bid=230486&dat=121642
> _______________________________________________
> Phpicalendar-devel mailing list
> Php...@li...
> https://lists.sourceforge.net/lists/listinfo/phpicalendar-devel

[PHPiCalendar-DEV] can someone help me understand bug 1417012?

[Jo R. <jr...@sv...>]

This is regarding bug 1417012.

There are several references in the code to publish.php, which doesn't exist
in the current distribution.

Chad closed the bug immediately saying he doesn't support documentation.  I
realized I wasn't being clear, and reopened it explaining that it was
references in the code itself.  Chad's final note on this is:

  Please stop harrassing me, I've closed this twice. If you persist I will 
  lodge a complaint with sourceforge. This is not going to be fixed.

What exactly about pointing out problems in the code is harrassing?  These
problems do exist.  If there is a reason for it to be this way (I suggested
several possible explanations) then why not take a quick moment to explain 
why it is this way?

I'd really hate to start off my relationship with this project on such an 
argumentative approach.  Frankly, I'm confused by this sort of behavior.

I like phpicalendar, and I'm working on a number of patches to improve it
(including several that are in your feature request list)  But if bug
reports are going to be slammed down with threats of harrassment, without
even acknowledging or responding to the issue ... that's pretty difficult
to work with.

In looking through the bugs, I've noted that Chad tends to aggressively
close out bugs even when people have documented that the issue isn't fixed.
So it apparently isn't just me that is observing this behavior.

-- 
Jo Rhett
senior geek
SVcolo : Silicon Valley Colocation