Menu
▾
▴
phpwiki-talk
You can subscribe to this list here.
| 2000 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(1) |
Jun
(103) |
Jul
(105) |
Aug
(16) |
Sep
(16) |
Oct
(78) |
Nov
(36) |
Dec
(58) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2001 |
Jan
(100) |
Feb
(155) |
Mar
(84) |
Apr
(33) |
May
(22) |
Jun
(77) |
Jul
(36) |
Aug
(37) |
Sep
(183) |
Oct
(74) |
Nov
(235) |
Dec
(165) |
| 2002 |
Jan
(187) |
Feb
(183) |
Mar
(52) |
Apr
(10) |
May
(15) |
Jun
(19) |
Jul
(43) |
Aug
(90) |
Sep
(144) |
Oct
(144) |
Nov
(171) |
Dec
(78) |
| 2003 |
Jan
(113) |
Feb
(99) |
Mar
(80) |
Apr
(44) |
May
(35) |
Jun
(32) |
Jul
(34) |
Aug
(34) |
Sep
(30) |
Oct
(57) |
Nov
(97) |
Dec
(139) |
| 2004 |
Jan
(132) |
Feb
(223) |
Mar
(300) |
Apr
(221) |
May
(171) |
Jun
(286) |
Jul
(188) |
Aug
(107) |
Sep
(97) |
Oct
(106) |
Nov
(139) |
Dec
(125) |
| 2005 |
Jan
(200) |
Feb
(116) |
Mar
(68) |
Apr
(158) |
May
(70) |
Jun
(80) |
Jul
(55) |
Aug
(52) |
Sep
(92) |
Oct
(141) |
Nov
(86) |
Dec
(41) |
| 2006 |
Jan
(35) |
Feb
(62) |
Mar
(59) |
Apr
(52) |
May
(51) |
Jun
(61) |
Jul
(30) |
Aug
(36) |
Sep
(12) |
Oct
(4) |
Nov
(22) |
Dec
(34) |
| 2007 |
Jan
(49) |
Feb
(19) |
Mar
(37) |
Apr
(16) |
May
(9) |
Jun
(38) |
Jul
(17) |
Aug
(31) |
Sep
(16) |
Oct
(34) |
Nov
(4) |
Dec
(8) |
| 2008 |
Jan
(8) |
Feb
(16) |
Mar
(14) |
Apr
(6) |
May
(4) |
Jun
(5) |
Jul
(9) |
Aug
(36) |
Sep
(6) |
Oct
(3) |
Nov
(3) |
Dec
(3) |
| 2009 |
Jan
(14) |
Feb
(2) |
Mar
(7) |
Apr
(16) |
May
(2) |
Jun
(10) |
Jul
(1) |
Aug
(10) |
Sep
(11) |
Oct
(4) |
Nov
(2) |
Dec
|
| 2010 |
Jan
(1) |
Feb
|
Mar
(13) |
Apr
(11) |
May
(18) |
Jun
(44) |
Jul
(7) |
Aug
(2) |
Sep
(14) |
Oct
|
Nov
(6) |
Dec
|
| 2011 |
Jan
(2) |
Feb
(6) |
Mar
(3) |
Apr
(2) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2012 |
Jan
(11) |
Feb
(3) |
Mar
(11) |
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(1) |
Nov
(4) |
Dec
|
| 2013 |
Jan
|
Feb
|
Mar
|
Apr
(3) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2014 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(4) |
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
(8) |
Dec
(1) |
| 2015 |
Jan
(3) |
Feb
(2) |
Mar
|
Apr
(3) |
May
(1) |
Jun
|
Jul
(1) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(2) |
| 2016 |
Jan
|
Feb
(4) |
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2017 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
(3) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2018 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(3) |
Jun
(1) |
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2020 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(3) |
Jun
|
Jul
(5) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2021 |
Jan
|
Feb
(4) |
Mar
|
Apr
|
May
|
Jun
|
Jul
(1) |
Aug
(6) |
Sep
(3) |
Oct
|
Nov
|
Dec
|
| 2022 |
Jan
(11) |
Feb
(2) |
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2023 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(1) |
Nov
(3) |
Dec
(3) |
| 2024 |
Jan
(7) |
Feb
(2) |
Mar
(1) |
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2025 |
Jan
|
Feb
|
Mar
|
Apr
(1) |
May
(1) |
Jun
|
Jul
(3) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: Reini U. <ru...@x-...> - 2002-09-27 16:11:21
|
aphid schrieb:
> followup, i think I've sucessfully disabled LDAP, but now I'm not too
> clear on how to properly direct it to my external db auth.. I don't see
> anything in the flavor of:
>
> if (!defined('ALLOW_EXTERNAL_DB_LOGIN))) define...
> (as IMAP and LDAP are formatted)
>
> I've set up the DBAuthParams, but I don't believe it is attempting to
> connect.
It's not in CVS yet. I'm currently testing it.
I'll commit tommorrow.
--
Reini Urban
http://xarch.tu-graz.ac.at/home/rurban/
|
|
From: Michael H. <mi...@ho...> - 2002-09-27 10:07:42
|
Hi list members! Is there any how to out there for creating own themes? I tried to copy a theme and adapt it, but that does not seem to work. If I patch the "default" theme, after a while it is reset to the original :-( Thanks Michael -- Hostsharing eG / Boytinstr. 10 / D-22143 Hamburg phone+fax: +49 700 HOSTSHARING (= +49 700 46787427) http://www.hostsharing.net: where YOU make the difference |
|
From: Wandrer <wa...@gl...> - 2002-09-26 21:56:58
|
At 05:12 PM 9/26/2002 -0700, you wrote: >Paul Pearson wrote: >>One of the features which I found to be missing from phpWiki is the >>ability to have a page trail of the last pages which you clicked on. <snip> > >Thanks Paul. I have added it to my pc wiki. Not sure how to make use of it; >maybe you can shed some light. Here's the location of PageTrail in the pcwiki: <snip> >I get a number of error messages at the top of the above page. >Cheers, >LL The errors are because the plugin is trying to send multiple cookie(s) to your computer to store the pages that you have visited. Add: <?plugin PageTrail?> to some of your pages and see how it works. When you first do that to your HomePage, you should see something like: ==> ==> ==> ==> HomePage! and then after you visit SomeOtherPage, the link should be something like: ==> ==> ==> HomePage ==> SomeOtherPage Then, after you visit TheOtherPage, the link should be something like: ==> ==> HomePage ==> SomeOtherPage ==> TheOtherPage In that way, it lists a trail of the pages you have visited that have the plugin in the page. As for the errors, do you have output buffering turned on ? Paul |
|
From: Lawrence F. L. Jr. <lf...@in...> - 2002-09-26 21:17:53
|
Lawrence F. London, Jr. wrote: > Reini Urban wrote: >> Lawrence F. London, Jr. schrieb: >> <....> >> do you get an error, an empty page or just an empty list? It works now, perfectly. Thanks very much, Reini. Can be seen at: http://www.ibiblio.org/ecolandtech/pcwiki/index.php/SiteMap >> if the list is empty, be sure to add a link from your StartPage to the >> SiteMap. Otherwise the recursion will not find it's startpoint. I had failed to do this. Cheers, Lawrence -- L.F.London lf...@in... http://market-farming.com PermacultureWiki http://www.ibiblio.org/ecolandtech/pcwiki/index.php |
|
From: aphid <me...@ap...> - 2002-09-26 20:59:36
|
On Thursday, September 26, 2002, at 10:40 AM, aphid wrote:
>
> i'm not totally clear on what LDAP is or why the wiki is choosing to
> try LDAP rather than the external auth db I set up. is there a place
> I'm not seeing in the index.php that tells it which method is
> preferred?
>
followup, i think I've sucessfully disabled LDAP, but now I'm not too
clear on how to properly direct it to my external db auth.. I don't see
anything in the flavor of:
if (!defined('ALLOW_EXTERNAL_DB_LOGIN))) define...
(as IMAP and LDAP are formatted)
I've set up the DBAuthParams, but I don't believe it is attempting to
connect.
cheers
a
|
|
From: Paul P. <wa...@gl...> - 2002-09-26 20:11:40
|
One of the features which I found to be missing from phpWiki is the ability
to have a page trail of the last pages which you clicked on. I worked for a
while trying to understand the phpWiki plugins and I think I have it. If
anyone would like to try it, feel free, and let me know if you have
suggestions, comments, or questions. The basis for this is the
HelloWorld.php plugin...
===Start of PageTrail.php===
<?php // -*-php-*-
rcs_id('$Id: PageTrail.php,v 1.1 2002/09/24 21:56:28 ppearson Exp $');
/**
* A simple PageTrail WikiPlugin.
*
* Usage:
* <?plugin PageTrail?>
* <?plugin PageTrail numberlinks=5?>
*/
// Constants are defined before the class.
if (!defined('THE_END'))
define('THE_END', "!");
class WikiPlugin_PageTrail
extends WikiPlugin
{
// Four required functions in a WikiPlugin.
function getName () {
return _("PageTrail");
}
function getDescription () {
return _("PageTrail Plugin");
}
// Establish default values for each of this plugin's arguments.
function getDefaultArguments() {
return array('numberlinks' => "5");
}
function run($dbi, $argstr, $request) {
global $Theme;
extract($this->getArgs($argstr, $request));
if ($numberlinks>5 || $numberlinks<0) { $numberlinks=5;}
// Get name of the current page we are on
$thispage = $GLOBALS['request']->args['pagename'];
$Page=array();
// Shift down the page names and store them back to cookies
for ($count=$numberlinks; $count>0; $count--) {
$thisvalue="PageTrail".$count;
$thiscookie = @$_COOKIE["$thisvalue"];
if ($thiscookie!="") {
$Page[$count+1]=$thiscookie;
} else {
$Page[$count+1]="";
}
}
$Page[1]=$thispage;
// Now lets cycle through them saving them with setcookie
$html = " ";
for ($count=$numberlinks; $count>0; $count--) {
if ($Page[$count]!="") {
$Name="PageTrail" . $count;
$Value = $Page[$count];
setcookie ($Name, $Value, 0, '/');
}
}
$html = HTML::tt(fmt('%s ==> %s ==> %s ==> %s ==> %s', WikiLink($Page[5],
'auto'), WikiLink($Page[4], 'auto'), WikiLink($Page[3], 'auto'),
WikiLink($Page[2], 'auto'), WikiLink($Page[1], 'auto')),THE_END);
return $html;
}
};
// For emacs users
// Local Variables:
// mode: php
// tab-width: 8
// c-basic-offset: 4
// c-hanging-comment-ender-p: nil
// indent-tabs-mode: nil
// End:
?>
===End of PageTrail.php===
Comments ???
Paul
|
|
From: aphid <me...@ap...> - 2002-09-26 17:40:00
|
i've been playing around with the most recent build to see if i could get userauth working.. i'm getting: lib/WikiUser.php:216: Warning[2]: LDAP: Unable to perform the search: Can't contact LDAP server lib/WikiUser.php:217: Warning[2]: ldap_get_entries(): supplied argument is not a valid ldap result and then 'invalid password or userid' whenever I try a login. i'm not totally clear on what LDAP is or why the wiki is choosing to try LDAP rather than the external auth db I set up. is there a place I'm not seeing in the index.php that tells it which method is preferred? cheers a |
|
From: Liu W. <are...@ch...> - 2002-09-25 15:43:37
|
SGVsbG8sDQoNCkkgaW5zdGFsbGVkIHBocHdpa2kgdG8gL2h0bWwvd2lraS4gVGhlbiBJIGNhbiBn ZXQgY29ycmVjdGx5IHdlYnBhZ2Ugb2YgaHR0cDovL215aG9zdC5jb20vd2lraS8NCmJ1dCBpZiBJ IG1hZGUgYSB2aXJ0dWFsIGhvc3Qgb2Ygd2lraSwgZS5nLiANCg0KPFZpcnR1YWxIb3N0IDE5Mi4x NjguMS4xODg+DQpTZXJ2ZXJBZG1pbiBhZG1pbkBteWhvc3QuY29tDQpTZXJ2ZXJOYW1lIHdpa2ku bXlob3N0LmNvbQ0KRG9jdW1lbnRyb290IC9odG1sL3dpa2kNCkVycm9yTG9nIGxvZ3Mvd2lraV9l cnJvci5sb2cNCjwvVmlydHVhbEhvc3Q+DQoNCldoZW4gSSBhY2Nlc3MgaHR0cDovL3dpa2kubXlo b3N0LmNvbS8gLCBubyBzdHlsZSBkaXNwbGF5ZWQgb24gdGhlIHdlYnBhZ2UuIGJlY2F1c2UgYWxs IHRoZSBVUkwgb2YgY3NzIGZpbGUgYmVjYW1lIHRvIGhyZWY9Ii8vKi5jc3MiIGFuZCB0aGUgaWNv biBmaWxlJ3MgVVJMIGJlY2FtZSB0byA8bGluayByZWw9InNob3J0Y3V0IGljb24iIGhyZWY9Ii8v dGhlbWVzL2RlZmF1bHQvaW1hZ2VzL2Zhdmljb24uaWNvIiAvPg0KDQpIb3cgY2FuIEkgZGVsZXRl IHRoZSByZWR1bmRhbnQgc2xhc2g/DQoNCi1BcmVzDQo= |
|
From: Rodolfo P. <ro...@pi...> - 2002-09-25 15:25:50
|
I am using the Sep.24 CVS night package. When I create a new WikiPage I see the following text: ==Object(wikipagename)== ? When the new page (through the ?) has its saved text, the proper name is showed at the backlink page. -- --- Rodolfo Pilas Quien los puso a estos tipos donde estan, ro...@pi... Quien los deja seguir en su lugar, http://rodolfo.pilas.net Quien los baja ahora de su altar, Yahoo ID: ysidorito Quien les paga para que hagan lo que haran http://xtralinux.org -=# Apocalipsis Now % Cuarteto de Nos #=- Public GnuPG key: http://www.keyserver.net 1024D/57153363 2001-06-02 key fingerprint = DAAE 3246 3F7D A420 B7A0 48A5 D120 C773 5715 3363 |
|
From: Liu W. <are...@ch...> - 2002-09-25 14:40:27
|
SGVsbG8sDQoNCkFmdGVyIEkgaW5zdGFsbGVkIHBocHdpa2kgdW5kZXIgd2lueHAsIEkgb25seSBj YW4gZ2V0IHNvbWUgY29tcHJlc3NlZCBmaWxlIGZyb20gbXkgSUUuIElmIEkgc2F2ZWQgaXQgb24g ZGlzayBhbmQgdGhlbiByZW5hbWVkIGl0IGFzIHh4eC5odG1sLmd6LCBJIGNhbiBvcGVuIGl0IGZy b20gSUUgNi4gU28gSSBndWVzcyB0aGF0IHBocHdpa2kganVzdCBvdXRwdXQgdGhlIHJlc3VsdHMg YWZ0ZXIgY29tcHJlc3NlZCBpdCBidXQgd2l0aG91dCBhIGNvbXByZXNzIGZpbGUgZXh0ZW5kIG5h bWUuIFdobyBjYW4gdGVsbCBtZSBob3cgdG8gcmVzdWx0IHRoaXMgcHJvYmxlbT8NCg0KLUFyZXMN Cg== |
|
From: Reini U. <ru...@x-...> - 2002-09-23 07:36:09
|
Jeff Dairiki wrote: > The reason I wrote the Transclusion plugin was not that I'm so > crazy about Trans-/In-clusion, but rather as a, IMHO, cleaner > alternative to Reini's FrameInclude. (Note that the recursion > and security issues listed above pertain equally to the > FrameInclude plugin.) I'm hoping to convince Reini at some point > that we can do without the FrameInclude plugin and it's little hooks > all over the PhpWiki code... Only one to check for _GET['frame'] and display this frame only. The other early one is needed for plugin-head anyway, not to display any template before. Afterwards we cannot write any header anymore. BTW: This weekend I couldn't finish the WikiAuth code. Mainboard failure. -- Reini Urban http://xarch.tu-graz.ac.at/home/rurban/ |
|
From: Jeff D. <da...@da...> - 2002-09-21 16:08:58
|
On Thu, 19 Sep 2002 13:12:28 +0100 Lawrence Akka <la...@us...> wrote: > Name: What on earth is transclusion? I see it as indicating inclusion from some other published source. As such having a different word for it is useful. The term "tranclusion" did not come out of nowhere. It seems to be the invention of Ted Nelson, who says he concieved of the idea in 1960(!). (It is currently a key component of his Xanadu system.) http://www.almaden.ibm.com/almaden/npuc97/1996/tnelson.htm http://www.wikipedia.com/wiki/Hypertext/Transclusion http://xanadu.com/xuvision.html http://seed.cs.colorado.edu/dynagloss.makeGlossPage.fcgi$Term=Transclusion http://www.zerohour.net/~reed/wri/hypertext/xanadu/transclusion.html > It just sounds a bit silly to me. What's wrong with "Include"? I > thought wiki was supposed to be easy to use/intuitive :-) Again, I have not beef with "Include", but I have brainwashed into accepting "Transclude" as a more specific term. > Recursion: Whilst it is relatively easy (I guess) to detect if a page > includes itself, what if a page1 includes page2 includes page1 ... Yes that's a problem. > Actually, this same problem applies to the Redirect plugin - see: > http://phpwiki.sourceforge.net/demo/en/RedirectLoop. Possibility for > DoS attacks? Less of a problem. Or, what I mean is: that can (and will, eventually) be fixed. A couple options on how to fix that: 1. The UseMod solution. When redirecting add a "redirected from" query arg. This is used to display a "Redirected from ..." message on the target page. Also, we can refuse to redirect more than once, so if a request already has a "redirected from" query, dont redirect again. (We need a way to disable redirection anyway, so as to be able to view/edit the original page. e.g. the "Redirected from OtherPage" message should include a link to the redirecting page with redirection disabled...) 2. "Internal redirect": Don't actually issue an HTTP redirect, but just treat the request like it was a request for the other page. Then we have complete knowledge of the "redirect" history, and can avoid loops that way... (This should probably be named Alias instead of Redirect.) > Bad scripts: Security problems if A Bad User can include all sorts of > html in a wiki page? Isn't this why we don't generally allow raw html Maybe... not sure, err ... probably. Can anyone give examples? It could be we do need to treat Transclusion like raw html. Enabled on locked pages only, etc... (Of course, once we have real user authentication, that constraint will need to become more flexible...) > Two plugins: Can we merge the IncludePage plugin with this one in some > way? We could. From the user's point of view, they are quite similar. I'm not sure it's a good idea though. The inner workings of the two mechanisms are, however, quite different. And, as you point out, Transclusion (at least in its current form) is frought with numerous perils. Keeping them in separate plugins emphasizes to users how different the two are, in spite of the fact they produce similar results. (Also, it makes it easy to disable transclusion: delete the plugin...) The reason I wrote the Transclusion plugin was not that I'm so crazy about Trans-/In-clusion, but rather as a, IMHO, cleaner alternative to Reini's FrameInclude. (Note that the recursion and security issues listed above pertain equally to the FrameInclude plugin.) I'm hoping to convince Reini at some point that we can do without the FrameInclude plugin and it's little hooks all over the PhpWiki code... (The one drawback I see of Transclusion over FrameInclude is that it doesn't work with older browsers...) |
|
From: Reini U. <ru...@x-...> - 2002-09-20 13:45:51
|
Joby Walker wrote: > Reini Urban wrote: >> does anyone knows more about endless redirect loops on the apache? >> php has a timeout for this kind of beast, but apache not. > > Yes, it can be an issue. Mainly because each redirect is a new session > and thus apache thinks it is new. You can use mod_throttle and > mod_bandwidth to mitigate the potential threat. Within PHP we could > impliment a redirect counter so prevent too many redirects. So this is the same session problem as with the robotblocker. Looks like we have to do that... -- Reini Urban http://xarch.tu-graz.ac.at/home/rurban/ |
|
From: Lawrence F. L. Jr. <lf...@in...> - 2002-09-19 19:42:24
|
Reini Urban wrote: > Lawrence F. London, Jr. schrieb: >> I downloaded the source for SiteMap.php from: >> http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/phpwiki/phpwiki/lib/plugin/SiteMap.php#rev1.2 >> and uploaded it to /pcwiki/lib/plugins >> & added this link to HomePage !View Site Map: <?plugin SiteMap?> >> It would not run this way. >> The demo at: http://phpwiki.sourceforge.net/demo/en/SiteMap works well >> Curious what it would take to get it to work for me. > do you get an error, an empty page or just an empty list? None of the above. I am running this version of phpwiki, out of the box: PHPWIKI_VERSION 1.3.2-jeffs-hacks I don't get an error message or a blank page. The plugin just doesn't run; it interprets the "SiteMap" portion of the link: <?plugin SiteMap?> as a new page-to-be-edited called SiteMap, with the usual ? after it and the <? ?> part displays as extraneous text. I just tried it again and the new link looks like this: <?plugin SiteMap??> I went to the download page, cut and pasted the php code into SiteMap.php, then uploaded to /lib/plugins. Since it works fine on the demo site I cannot see why it will not work on mine. > if the list is empty, be sure to add a link from your StartPage to the > SiteMap. Otherwise the recursion will not find it's startpoint. I will do that for sure. Thanks for the reminder. Lawrence -- L.F.London lf...@in... http://market-farming.com PermacultureWiki http://www.ibiblio.org/ecolandtech/pcwiki/index.php |
|
From: Joby W. <joby@u.washington.edu> - 2002-09-19 18:48:50
|
Reini Urban wrote: > Lawrence Akka schrieb: > >> Recursion: Whilst it is relatively easy (I guess) to detect if a page >> includes itself, what if a page1 includes page2 includes page1 ... >> Actually, this same problem applies to the Redirect plugin - see: >> http://phpwiki.sourceforge.net/demo/en/RedirectLoop. >> >> Possibility for DoS attacks? > > > does anyone knows more about endless redirect loops on the apache? > php has a timeout for this kind of beast, but apache not. > Yes, it can be an issue. Mainly because each redirect is a new session and thus apache thinks it is new. You can use mod_throttle and mod_bandwidth to mitigate the potential threat. Within PHP we could impliment a redirect counter so prevent too many redirects. jbw |
|
From: Reini U. <ru...@x-...> - 2002-09-19 17:31:36
|
Lawrence Akka schrieb: > Some random jottings on the Transclude plugin, for > discussion/flames/whatever: > > Name: What on earth is transclusion? OK, I know about > http://www.usemod.com/cgi-bin/mb.pl?TransClusion but see also > http://scriptingnews.userland.com/backissues/2002/03/30#transOrIn > It just sounds a bit silly to me. What's wrong with "Include"? I > thought wiki was supposed to be easy to use/intuitive :-) true. what about "IframeInclude"? but meatball as quasi-reference called it "TransClusion", so that's a strong point. > Recursion: Whilst it is relatively easy (I guess) to detect if a page > includes itself, what if a page1 includes page2 includes page1 ... > Actually, this same problem applies to the Redirect plugin - see: > http://phpwiki.sourceforge.net/demo/en/RedirectLoop. > Possibility for DoS attacks? does anyone knows more about endless redirect loops on the apache? php has a timeout for this kind of beast, but apache not. > Bad scripts: Security problems if A Bad User can include all sorts of > html in a wiki page? Isn't this why we don't generally allow raw html. So we should check for ENABLE_RAW_HTML on the external inclusion parameters: src in FrameInclude and Transclusion. href in RedirectTo. Otherwise only internal pages are allowed. Or? -- Reini Urban http://xarch.tu-graz.ac.at/home/rurban/ |
|
From: Reini U. <ru...@x-...> - 2002-09-19 17:22:57
|
Lawrence F. London, Jr. schrieb: > I downloaded the source for SiteMap.php from: > http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/phpwiki/phpwiki/lib/plugin/SiteMap.php#rev1.2 > and uploaded it to /pcwiki/lib/plugins > & added this link to HomePage !View Site Map: <?plugin SiteMap?> > It would not run this way. > The demo at: http://phpwiki.sourceforge.net/demo/en/SiteMap works well > Curious what it would take to get it to work for me. do you get an error, an empty page or just an empty list? if the list is empty, be sure to add a link from your StartPage to the SiteMap. Otherwise the recursion will not find it's startpoint. -- Reini Urban http://xarch.tu-graz.ac.at/home/rurban/ |
|
From: Lawrence A. <la...@us...> - 2002-09-19 12:12:55
|
Some random jottings on the Transclude plugin, for discussion/flames/whatever: Name: What on earth is transclusion? OK, I know about http://www.usemod.com/cgi-bin/mb.pl?TransClusion but see also http://scriptingnews.userland.com/backissues/2002/03/30#transOrIn It just sounds a bit silly to me. What's wrong with "Include"? I thought wiki was supposed to be easy to use/intuitive :-) Recursion: Whilst it is relatively easy (I guess) to detect if a page includes itself, what if a page1 includes page2 includes page1 ... Actually, this same problem applies to the Redirect plugin - see: http://phpwiki.sourceforge.net/demo/en/RedirectLoop. Possibility for DoS attacks? Bad scripts: Security problems if A Bad User can include all sorts of html in a wiki page? Isn't this why we don't generally allow raw html Two plugins: Can we merge the IncludePage plugin with this one in some way? Lawrence |
|
From: Robert O. <rl...@pe...> - 2002-09-18 21:55:14
|
The List-Unsubscribe header says to send email to php...@li... with a subject of "unsubscribe". Robert Orenstein > > Sorry for spamming you all with this, but when I go to: > > https://lists.sourceforge.net/lists/listinfo/phpwiki-talk > > > > In order to try and unsubscribe, I get a > > "Security Failure. Data Encryption Error." > > When I enter my email address and choose "Edit Options" |
|
From: Jan S. <Ja...@By...> - 2002-09-18 21:06:25
|
>On your Wiki Home, every time I click on Most Popular I get an error >that kills the browser, Netscape 4.73. >Don't know if it's browser related or a problem on your side. The error >comes up as a dr. watson window. Let me know if you need more detail. Hi Jim! Thanks for the report. Unfortunately, I'm unable to duplicate this with either OmniWeb 4.1v422, Chimera 0.5 (a Mozilla browser), Netscape 7, Mozilla 0.8+, or Opera 5.0b2.393. (I don't do Microsoft products, so I can't help you with "dr. watson". :-) I suspect it's a combination browser/OS problem. I'm Cc'ing the developer so others can give it a try: <http://www.bytesmiths.com/wiki/MostPopular>. -- : Jan Steinman -- nature photography: <http://www.Bytesmiths.com> : Bytesmiths -- artists' services: <http://www.Bytesmiths.com/Services> : Join the forums at <http://www.Bytesmiths.com/wiki> |
|
From: Lawrence F. L. Jr. <lf...@in...> - 2002-09-18 18:22:32
|
Reini Urban wrote: > Sorry, there must be brackets around it. > * Src: [PhpWikiCvs:lib/plugin/SiteMap.php] > > http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/phpwiki/phpwiki/lib/plugin/SiteMap.php I downloaded the source for SiteMap.php from: http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/phpwiki/phpwiki/lib/plugin/SiteMap.php#rev1.2 and uploaded it to /pcwiki/lib/plugins & added this link to HomePage !View Site Map: <?plugin SiteMap?> It would not run this way. The demo at: http://phpwiki.sourceforge.net/demo/en/SiteMap works well Curious what it would take to get it to work for me. Thanks, LL -- L.F.London lf...@in... http://market-farming.com PermacultureWiki http://www.ibiblio.org/ecolandtech/pcwiki/index.php |
|
From: Jeff D. <da...@da...> - 2002-09-18 15:35:32
|
> Sorry for spamming you all with this, but when I go to: > https://lists.sourceforge.net/lists/listinfo/phpwiki-talk > > In order to try and unsubscribe, I get a > "Security Failure. Data Encryption Error." > When I enter my email address and choose "Edit Options" Interesting, ... works for me. (With your e-mail address.) You might try it without SSL. (http: instead of https:) I think you can unsubscribe via e-mail too, though I've never tried. Send an e-mail to <php...@li...> containing a single line with the word 'help'. That should elicit an automated response with more information on how to proceed... Otherwise, I think Steve Wainstead <sw...@pa...> is the only one who can take you off the list without knowing your password. Jeff |
|
From: Eric C. <er...@ec...> - 2002-09-18 15:05:22
|
Hi, Sorry for spamming you all with this, but when I go to: https://lists.sourceforge.net/lists/listinfo/phpwiki-talk In order to try and unsubscribe, I get a "Security Failure. Data Encryption Error." When I enter my email address and choose "Edit Options" Is there another way I might be able to unsubscribe from this list? Eric |
|
From: Jeff D. <da...@da...> - 2002-09-18 14:38:28
|
On Wed, 7 Aug 2002 23:58:10 -0400 "Laurence Berland" <lau...@is...> wrote: > I've got a phpwiki set up at > http://laurence.isp.northwestern.edu/volvowiki > and I'm having some trouble. The big problem is that for recently-added > categories, backlinks just doesn't work. As such, I can't generate > category pages. Also, footnotes don't work correctly, but that's not as > important. Can anyone tell me what I've done wrong? In case you haven't figured this out yet, the problem was a bug in PhpWiki which was causing links to pages with digits in their names to be ignored... It's fixed in CVS, and the fix for 1.3.3 is a one liner which can be viewed at: http://cvs.sf.net/cgi-bin/viewcvs.cgi/phpwiki/phpwiki/lib/stdlib.php.diff?r1=1.118&r2=1.119 |
|
From: Jeff D. <da...@da...> - 2002-09-18 14:20:10
|
On 08 Aug 2002 01:11:23 -0300 Rodolfo Pilas <ro...@pi...> wrote: > Is there are any way to produce a index page with cross link references > like a index and titles? As of a couple a days ago, the CVS version supports this. # [Introduction|ThisPage#intro] # [First view|ThisPage#fv] !! #[|intro]Introduction ( => <a name="intro"></a>Introduction ) ..... !! #[First view|fv] ( => <a name="fv">First view</a> ) ..... Or you can use a more raw style: # [#Introduction] ( => <a href="#Introduction">#Introduction</a> ) # [#First View] ... !! #[Introduction] ( => <a name="Introduction">Introduction</a> ) Blah, blah.. !! #[First View] Blah, blah... PS: Good I wrote this response. I think I've just thought of a bug.... "First View" is not a valid name for an anchor.... |
207 messages has been excluded from this view by a project administrator.
