Menu
▾
▴
phpwebsite-developers — For our development team.
You can subscribe to this list here.
| 2001 |
Jan
|
Feb
(1) |
Mar
(265) |
Apr
(166) |
May
(25) |
Jun
(17) |
Jul
(20) |
Aug
(47) |
Sep
(6) |
Oct
(14) |
Nov
(66) |
Dec
(64) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2002 |
Jan
(109) |
Feb
(64) |
Mar
(34) |
Apr
(23) |
May
(64) |
Jun
(9) |
Jul
(13) |
Aug
(6) |
Sep
(33) |
Oct
(272) |
Nov
(67) |
Dec
(75) |
| 2003 |
Jan
(264) |
Feb
(244) |
Mar
(171) |
Apr
(119) |
May
(54) |
Jun
(93) |
Jul
(51) |
Aug
(48) |
Sep
(14) |
Oct
(49) |
Nov
(47) |
Dec
(15) |
| 2004 |
Jan
(13) |
Feb
(27) |
Mar
(18) |
Apr
(44) |
May
(35) |
Jun
(24) |
Jul
(39) |
Aug
(142) |
Sep
(35) |
Oct
(34) |
Nov
(49) |
Dec
(24) |
| 2005 |
Jan
(60) |
Feb
(71) |
Mar
(19) |
Apr
(27) |
May
(68) |
Jun
(4) |
Jul
(30) |
Aug
(10) |
Sep
(23) |
Oct
(24) |
Nov
(13) |
Dec
(6) |
| 2006 |
Jan
(4) |
Feb
(46) |
Mar
(64) |
Apr
(18) |
May
(16) |
Jun
(37) |
Jul
(7) |
Aug
(19) |
Sep
(9) |
Oct
(8) |
Nov
(3) |
Dec
(23) |
| 2007 |
Jan
(25) |
Feb
(21) |
Mar
(32) |
Apr
(36) |
May
(12) |
Jun
(1) |
Jul
(7) |
Aug
(15) |
Sep
(13) |
Oct
(1) |
Nov
|
Dec
|
| 2008 |
Jan
(3) |
Feb
(5) |
Mar
(1) |
Apr
(2) |
May
|
Jun
(1) |
Jul
(2) |
Aug
(7) |
Sep
|
Oct
(5) |
Nov
(1) |
Dec
|
| 2009 |
Jan
(7) |
Feb
(1) |
Mar
|
Apr
|
May
(1) |
Jun
(2) |
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(3) |
| 2011 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(1) |
Nov
|
Dec
|
|
From: Karsten D. <k.d...@fi...> - 2002-02-14 15:07:34
|
Hi everybody! I finally managed to update the API documentation on http://www.k-fish.de/krabutzig/phpwebsite/apidoc/ once again. Sadly the list of errors is still somewhat long :-/ Two additional notes on the website at phpwebsite.appstate.edu. In the article describing the new core are some examples exhibiting the php_short_open tag. Since this is "forbidden" by the PEAR coding standard (which we adopted for phpWS) that should be changed to <?php. Just nitpicking :-) And the link to the PEAR coding standard on the coding standards page is broken. It now lies under: http://pear.php.net/manual/en/standards.php Regards, Karsten -- fishfarm netsolutions - Karsten Dambekalns Echternstr. 73 - 38100 Braunschweig Tel. +49 531 1232902 mailto:k.d...@fi... Fax. +49 531 1232906 http://www.fishfarm.de/ ----------------------------------------------------- |
|
From: Alessandro P. (T. / J578) <al...@ti...> - 2002-02-14 11:00:15
|
Hi all, i've just written and commited a small doc about usage of the new Modules Installer feature. Hopefully this will help developers and admins. Let me know if it is okay or it need corrections :> You can find it in CVS as: docs/developers/modules_installer_api.html Bye, Alessandro -- Alessandro "TXM" Pisani - al...@ti... - ICQ #2209087 phpWebSite Development Team http://phpwebsite.appstate.edu INWO Project coordinator http://inwoproject.sourceforge.net "I will carry you through, hicking and screaming, and in the end you will thank me" - Tyler Durden [from "Fight Club"] |
|
From: Alessandro P. (T. / J578) <al...@ti...> - 2002-02-11 17:50:39
|
Hi all :>
This email contains info about the new check_html() function and other
bugfixes I committed during the weekend: some of them could be
interesting also for module developers: see below.
Features and improvements of the new check_html():
- now relies on PHP strip_tags() [this fixes the "more than 10
qualifiers in one tag" potential bug in the previous implementation)
- the distinguish between "tag only" and "tag and qualifiers" mode had
been dropped: this fixes a lot of stripping bugs which plagued previous
versions. (this change had been also asked from a large number of users)
- stripping of <% %> (PHP ASP-style tags) for better security
- code is now compact and more readable
- tags syntax auto-checking and auto-repair:
"< tag>" -> "<tag>"
"< / tag> -> "</tag>"
"<tag > -> "<tag>
"<tag / > -> "<tag />"
"</tag />" -> "</tag>" (for tags with name<=4 chars)
"</tag />" -> "<tag />" (for tags with name>=5 chars)
since this is based on regexp(s), also all the combinations of the
above are fixed.
Please note that indeed the last 2 transformations might be wrong in
some cases, but those simply rules will work for the most frequent
situations.
- the <script> tag is allowed only in pages being edited by an admin.
it is also NEVER allowed in a comment (even if posted by an admin)
this improves security.
Previous check_html() code is still in place, wrapped in a /* */ comment
for safety's sake.
I also committed an "emergency" new option in the Admin->Configuration
subpanel which restores the default mainpage in case someone messed it
up
Then, during the weekend I also silently committed a set of bug-fixes:
- fixed a bug which prevented Mozilla 0.9.8 and IE6 to correctly deal
with the header("Location: ..."); command.
Even if this had been previously addressed by the new
html_header_location() function introduction, a fix to it was needed.
For those interested in details, the header(); function MUST be
always followed by exit; to be executed. This had been also applied
to the large amount of index.php phpWS has in its source tree.
- fixed a bug which prevented articles to be posted even when empty,
both from users and admins.
More candies to come :>
Bye!
Alessandro
--
Alessandro "TXM" Pisani - al...@ti... - ICQ #2209087
phpWebSite Development Team http://phpwebsite.appstate.edu
INWO Project coordinator http://inwoproject.sourceforge.net
"I will carry you through, hicking and screaming,
and in the end you will thank me"
- Tyler Durden [from "Fight Club"]
|
|
From: Matthew M. <ma...@tu...> - 2002-02-11 13:54:36
|
> Hi all > since i'm working on the new check_html() functions, I would ask all of > you what d'you think about the "tag only"/"tag and qualifiers" > distinction. Some users questioned me to removed such difference (btw > PHP's strip_tags() always assume the "tags and qualifiers" > setting), since it is felt as a not-so-needed feature. > Let me know what d'you think about this. > > Alessandro Agreed. There probably needs to be a way an admin can set a strict setting, but currently it does curtail a lot of tags. Matthew McNaney Internet Systems Architect Electronic Student Services Email: ma...@tu... URL: http://phpwebsite.appstate.edu Phone: 828-262-6493 ICQ: 141057403 |
|
From: Alessandro P. (T. / J578) <al...@ti...> - 2002-02-11 10:33:43
|
Hi all since i'm working on the new check_html() functions, I would ask all of you what d'you think about the "tag only"/"tag and qualifiers" distinction. Some users questioned me to removed such difference (btw PHP's strip_tags() always assume the "tags and qualifiers" setting), since it is felt as a not-so-needed feature. Let me know what d'you think about this. Alessandro -- Alessandro "TXM" Pisani - al...@ti... - ICQ #2209087 phpWebSite Development Team http://phpwebsite.appstate.edu INWO Project coordinator http://inwoproject.sourceforge.net "I will carry you through, hicking and screaming, and in the end you will thank me" - Tyler Durden [from "Fight Club"] |
|
From: Alessandro P. (T. / J578) <al...@ti...> - 2002-02-11 10:07:11
|
On Mon, 2002-02-11 at 10:36, W.D.Sumilang wrote: > Hello all: > I'm working with fallout codebase... but may have found a bug that > applies to userpage mod in general please confirm/dismiss: > It appeared (codewise) that newlines were being replaced with the proper > xhtml "<br />" yet I kept getting non-xhtml "<br>"... after much searching > and trials i discovered that the allowed_html array set the tag br=1, > when this was changed to br=2, i got the proper xhtml br / tags... however > if this is a bug i think a closer look at check_html in the mainfile.php > and/or some other functions. > So if anyone is deeply entrenched with the userpage page mod... please > have a look. Thanks > -warren I'm currently working on a major rewrite of check_html() for the current 0.8.x branch of phpWebSite (i hopefully land it today) : hope this will enter in fallout, but i do not know. Matt...? :> Bye, Alessandro -- Alessandro "TXM" Pisani - al...@ti... - ICQ #2209087 phpWebSite Development Team http://phpwebsite.appstate.edu INWO Project coordinator http://inwoproject.sourceforge.net "I will carry you through, hicking and screaming, and in the end you will thank me" - Tyler Durden [from "Fight Club"] |
|
From: W.D.Sumilang <wa...@on...> - 2002-02-11 09:36:20
|
Hello all: I'm working with fallout codebase... but may have found a bug that applies to userpage mod in general please confirm/dismiss: It appeared (codewise) that newlines were being replaced with the proper xhtml "<br />" yet I kept getting non-xhtml "<br>"... after much searching and trials i discovered that the allowed_html array set the tag br=1, when this was changed to br=2, i got the proper xhtml br / tags... however if this is a bug i think a closer look at check_html in the mainfile.php and/or some other functions. So if anyone is deeply entrenched with the userpage page mod... please have a look. Thanks -warren __________________________________________________ FREE voicemail, email, and fax...all in one place. Sign Up Now! http://www.onebox.com |
|
From: Alessandro P. (T. / J578) <al...@ti...> - 2002-02-10 20:11:01
|
just to fix some english-errors in my email... > Yes, there is one and it pretty big :> should be instead: > Yes, there is one and it is pretty big :> > Perhaps, i'm the most exposed member of it actually...this could cause > you and some users there is only me behind phpWS but this is not true: > there are a lot of people behind it, involved in different tasks. should be instead: > Perhaps, i'm the most exposed member of it actually...this could cause > you and some users think there is only me behind phpWS but this is not true: > there are a lot of people behind it, involved in different tasks. -- Alessandro "TXM" Pisani - al...@ti... - ICQ #2209087 phpWebSite Development Team http://phpwebsite.appstate.edu INWO Project coordinator http://inwoproject.sourceforge.net "I will carry you through, hicking and screaming, and in the end you will thank me" - Tyler Durden [from "Fight Club"] |
|
From: Alessandro P. (T. / J578) <al...@ti...> - 2002-02-10 19:46:42
|
On Sun, 2002-02-10 at 13:07, Marc Albrecht wrote: > Ciao, Alessandro, > > since the phpwebsite developers do not answer on my requests to supply > me with information about planned changes and development for phpws, I > will now create my own content management system. I really would have Uhm...what your informations you required? Please note that a lot of informations about our roadmap is available on phpwebsite.appstate.edu, in a recent article of Matthew McNaney, which expose the new core we're working on. This core will rely on PEAR's db abstraction layer and will offer full modularity, templates usage (instead of current layouts), advanced autentication systems (different levels of admin and users, applicable to each module/component) and so on. Btw, if you want to create a new one...well, good luck. > liked to support phpwebsite - but I expect a minimum of progress. My There had been a lot of progress since oct 2001 (0.8.1) : see CVS version. > main problem with phpwebsite is, that the database structure can be > expected to change with future releases, just as well as the way a web > site is "created on the fly" by the system. This makes external, > "unknowing" development impossible, one has to rely on the basic system > to be comfortable enough for ones own projects _and_ stay the way it is > - as far as possible. This is partially true: as said above, the new core will cause a revolution in phpWebSite. > I am wishing you and the development team (is there any?) all the best, > Marc Albrecht Yes, there is one and it pretty big :> Perhaps, i'm the most exposed member of it actually...this could cause you and some users there is only me behind phpWS but this is not true: there are a lot of people behind it, involved in different tasks. Even if we're sory to lose you, I wish you, along with the phpWebSite development team, all the best for your new content manager; Alessandro -- Alessandro "TXM" Pisani - al...@ti... - ICQ #2209087 phpWebSite Development Team http://phpwebsite.appstate.edu INWO Project coordinator http://inwoproject.sourceforge.net "I will carry you through, hicking and screaming, and in the end you will thank me" - Tyler Durden [from "Fight Club"] |
|
From: W.D.Sumilang <wa...@on...> - 2002-02-08 19:02:30
|
Matt: call me dense... but where are userpages getting the layout formating (layouts 1-6)? tia ---- "W.D.Sumilang" <wa...@on...> wrote: > I found the formatting in "layout" module... duh :/ > > ---- "W.D.Sumilang" <wa...@on...> wrote: > > > also i've been banging my head to find where boxtyles are formating > > the > > module output in the codebase... could i get a hint? > > fallout is a nice improvement... thanks Matt:) > > cheers, > > -warren > > > > __________________________________________________ > > FREE voicemail, email, and fax...all in one place. > > Sign Up Now! http://www.onebox.com > > > > > > __________________________________________________ > FREE voicemail, email, and fax...all in one place. > Sign Up Now! http://www.onebox.com > > __________________________________________________ FREE voicemail, email, and fax...all in one place. Sign Up Now! http://www.onebox.com |
|
From: W.D.Sumilang <wa...@on...> - 2002-02-08 18:12:47
|
I found the formatting in "layout" module... duh :/ ---- "W.D.Sumilang" <wa...@on...> wrote: > also i've been banging my head to find where boxtyles are formating > the > module output in the codebase... could i get a hint? > fallout is a nice improvement... thanks Matt:) > cheers, > -warren > > __________________________________________________ > FREE voicemail, email, and fax...all in one place. > Sign Up Now! http://www.onebox.com > > __________________________________________________ FREE voicemail, email, and fax...all in one place. Sign Up Now! http://www.onebox.com |
|
From: Matthew M. <ma...@tu...> - 2002-02-08 17:45:46
|
> > hello folks - > > has anyone been thinking about possibly implementing a multi-tier > authentication system for the admin interface, so different admin users > could only have access to certain admin functions? > > cheers > > Vlad > Yes. It is in the new core. Matthew McNaney Internet Systems Architect Electronic Student Services Email: ma...@tu... URL: http://phpwebsite.appstate.edu Phone: 828-262-6493 ICQ: 141057403 |
|
From: W.D.Sumilang <wa...@on...> - 2002-02-08 17:38:56
|
For Matt or anyone else familiar with fallout:)
Userpages didn't work unless $user_data was set which required someone
to log in... userpage/index.php:
if ($user_data->allow_access("userpage")) {
$admintest = $security_hash;
} else { $admintest = 0; }
so just a hack to get pages working...
if(is_object($user_data)){ //added
if ($user_data->allow_access("userpage")) {
$admintest = $security_hash;
} else { $admintest = 0; }
} else { $admintest = 0; } //added
---
although i haven't got a complete grasp of fallout, i was wondering if
a user should be authenticated with 'anonymous/or something' permissions
initially and have access to everything in the system not requiring log
in... and possibly even userpages can also have permissioned access.
just my $.02.
also i've been banging my head to find where boxtyles are formating the
module output in the codebase... could i get a hint?
fallout is a nice improvement... thanks Matt:)
cheers,
-warren
__________________________________________________
FREE voicemail, email, and fax...all in one place.
Sign Up Now! http://www.onebox.com
|
|
From: Vlad S. <vl...@hu...> - 2002-02-08 17:17:47
|
DQpoZWxsbyBmb2xrcyAtDQoNCmhhcyBhbnlvbmUgYmVlbiB0aGlua2luZyBhYm91dCBwb3NzaWJs eSBpbXBsZW1lbnRpbmcgYSBtdWx0aS10aWVyIGF1dGhlbnRpY2F0aW9uIHN5c3RlbSBmb3IgdGhl IGFkbWluIGludGVyZmFjZSwgc28gZGlmZmVyZW50IGFkbWluIHVzZXJzIGNvdWxkIG9ubHkgaGF2 ZSBhY2Nlc3MgdG8gY2VydGFpbiBhZG1pbiBmdW5jdGlvbnM/DQoNCmNoZWVycw0KDQpWbGFkDQoN Cg== |
|
From: Alessandro P. (T. / J578) <al...@ti...> - 2002-02-05 18:20:01
|
Hi all, this is just to notify i'm quite finished with my next major patch for phpWebSite which will include a major upgrade of the poll system (which will also allow you to have more than 1 poll per page, as requested in feature requests), move of another dozens of configs variables to SQL and some other enhancements. I'm also going through with the new help module, hope to land it soon :> Bye, Alessandro -- Alessandro "TXM" Pisani - al...@ti... - ICQ #2209087 phpWebSite Development Team http://phpwebsite.appstate.edu INWO Project coordinator http://inwoproject.sourceforge.net "I will carry you through, hicking and screaming, and in the end you will thank me" - Tyler Durden [from "Fight Club"] |
|
From: Adam M. <ad...@tu...> - 2002-02-05 17:33:12
|
I took the liberty of fixing that minor flaw in the update for userpages that Vlad reported. It now sets the text_mode variable to 1 for all pre-existing pages. Also I should be finished with the file upload feature for userpages today. It allows you to attach files to userpages for download. Adam --------------------------------- Adam Morton Developer - Web Technology Group Appalachian State University ad...@tu... |
|
From: Vlad S. <vl...@bi...> - 2002-02-03 08:46:47
|
hey folks - just a little oops in the new CVS version - there's an extra newline at the end of admin/stats.php - makes changing admins' information a bit difficult ;) ciao Vlad |
|
From: Alessandro P. (T. / J578) <al...@ti...> - 2002-02-01 22:17:57
|
This man didn't installed 0.8.1.1 right.
I'm using CVS since mid january 2002, and it has THE SAME fixes 0.8.1.1
has (infact I backported them from CVS to 0.8.1.1) and I'm able to
access ALL options of the admin panel.
Just tell him to verify his install and do create false alarms: php
4.1.x compatibility issue is okay.
Augh! alextxm spoke :>
Alessandro
On Fri, 2002-02-01 at 21:48, Matthew McNaney wrote:
> Anyone else seeing this?
> ----------------------------------------------
> Incompatibility 8.1.1 with PHP 4.1.1
>
> There is incompatibility with 8.1.1 and PHP 4.1.1. When you log-in as
> administrator and click on any link on page, you will be immeditely logged-
> out. Therefore it is not possible to administer your website.
>
> Problem is in different work with global variables and sessions in PHP
> 4.1.1.
>
> You have to find all presences of "global $admintest..." in non-function
> scope and to comment it ("//global $admintest...").
>
> Source of the problem is illustrated on this piece of code:
>
> session_start();
> global $counter; //when you remove this row, all will work properly
> session_register("counter");
> $counter++;
> echo $counter;
>
> On PHP 4.0.6 works both versions (with "global $counter;" and without it)
> properly.
> On PHP 4.1.1 works properly only version without "global $counter;".
>
--
Alessandro "TXM" Pisani - al...@ti... - ICQ #2209087
phpWebSite Development Team http://phpwebsite.appstate.edu
INWO Project coordinator http://inwoproject.sourceforge.net
"I will carry you through, hicking and screaming,
and in the end you will thank me"
- Tyler Durden [from "Fight Club"]
|
|
From: Matthew M. <ma...@tu...> - 2002-02-01 20:49:57
|
Anyone else seeing this?
----------------------------------------------
Incompatibility 8.1.1 with PHP 4.1.1
There is incompatibility with 8.1.1 and PHP 4.1.1. When you log-in as
administrator and click on any link on page, you will be immeditely logged-
out. Therefore it is not possible to administer your website.
Problem is in different work with global variables and sessions in PHP
4.1.1.
You have to find all presences of "global $admintest..." in non-function
scope and to comment it ("//global $admintest...").
Source of the problem is illustrated on this piece of code:
session_start();
global $counter; //when you remove this row, all will work properly
session_register("counter");
$counter++;
echo $counter;
On PHP 4.0.6 works both versions (with "global $counter;" and without it)
properly.
On PHP 4.1.1 works properly only version without "global $counter;".
br...@se...
Matthew McNaney
Internet Systems Architect
Electronic Student Services
Email: ma...@tu...
URL: http://phpwebsite.appstate.edu
Phone: 828-262-6493
ICQ: 141057403
|
|
From: Alessandro P. (T. / J578) <al...@ti...> - 2002-02-01 09:53:37
|
On Fri, 2002-02-01 at 05:11, Mike Windsor wrote: > Would this be any help with session variables, http://0x00.org/php/phpApplication/ > It allows you to have a set of variables that are scoped to the entire PHP site, not just the session or page. > > Mike Interesting...but to do what it does it uses tmp files as storage for variables. I think it should be carefully analyzed since it may be cause of potential security problems. Btw, nice tool :> Bye, Alessandro -- Alessandro "TXM" Pisani - al...@ti... - ICQ #2209087 phpWebSite Development Team http://phpwebsite.appstate.edu INWO Project coordinator http://inwoproject.sourceforge.net "I will carry you through, hicking and screaming, and in the end you will thank me" - Tyler Durden [from "Fight Club"] |
|
From: Alessandro P. (T. / J578) <al...@ti...> - 2002-02-01 09:49:19
|
On Fri, 2002-02-01 at 10:41, dyn...@us... wrote: > Alessandro or Jeremy, > > I was testing your update check. I found a bug that I am not > sure if you forgot about or in the process of looking into, but here it is > in the admin folder: > update_admin.php on line 52 You're right: it was old code which wasn't stripped out when I moved update check to its proper admin panel. Now I fixed it. thank you Tat Bye, Alessandro -- Alessandro "TXM" Pisani - al...@ti... - ICQ #2209087 phpWebSite Development Team http://phpwebsite.appstate.edu INWO Project coordinator http://inwoproject.sourceforge.net "I will carry you through, hicking and screaming, and in the end you will thank me" - Tyler Durden [from "Fight Club"] |
|
From: <dyn...@us...> - 2002-02-01 09:41:34
|
Alessandro or Jeremy,
I was testing your update check. I found a bug that I am not
sure if you forgot about or in the process of looking into, but here it is
in the admin folder:
update_admin.php on line 52
The problem is that you have the mysql looking into flags table
which I'm not sure you intend to do or not. If so, the check_version
column was not created within flags table in a new installation of
phpws. So you have to either add a new row/column to the install script
or change the sql to search else where. It would make sense to have it
look into the version table, but the title would be version and not
check_version to comply. Hope that helps you get into the mode into
what's wrong. I'm sure there are other things you are focusing on. But
trying to help out.
Also...Matt: You might want to modify the footer to have it powered by
phpwebsite cvs vs. just phpwebsite. That way people know what version is
being used. Helps in debuging.
TaT
|
|
From: Mike W. <wi...@ce...> - 2002-02-01 04:17:02
|
Would this be any help with session variables, = http://0x00.org/php/phpApplication/ It allows you to have a set of variables that are scoped to the entire = PHP site, not just the session or page. Mike |
|
From: Matthew M. <ma...@tu...> - 2002-01-31 20:57:24
|
> Hey Matt, > Will you make a daily tarball for fallout that we can get to? > > Mike Yes I will. Probably start next week. Matthew McNaney Internet Systems Architect Electronic Student Services Email: ma...@tu... URL: http://phpwebsite.appstate.edu Phone: 828-262-6493 ICQ: 141057403 |
|
From: Mike W. <wi...@ce...> - 2002-01-31 17:32:58
|
Hey Matt, Will you make a daily tarball for fallout that we can get to? Mike |
5 messages has been excluded from this view by a project administrator.
