Menu
▾
▴
phpwiki-talk
You can subscribe to this list here.
| 2000 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(1) |
Jun
(103) |
Jul
(105) |
Aug
(16) |
Sep
(16) |
Oct
(78) |
Nov
(36) |
Dec
(58) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2001 |
Jan
(100) |
Feb
(155) |
Mar
(84) |
Apr
(33) |
May
(22) |
Jun
(77) |
Jul
(36) |
Aug
(37) |
Sep
(183) |
Oct
(74) |
Nov
(235) |
Dec
(165) |
| 2002 |
Jan
(187) |
Feb
(183) |
Mar
(52) |
Apr
(10) |
May
(15) |
Jun
(19) |
Jul
(43) |
Aug
(90) |
Sep
(144) |
Oct
(144) |
Nov
(171) |
Dec
(78) |
| 2003 |
Jan
(113) |
Feb
(99) |
Mar
(80) |
Apr
(44) |
May
(35) |
Jun
(32) |
Jul
(34) |
Aug
(34) |
Sep
(30) |
Oct
(57) |
Nov
(97) |
Dec
(139) |
| 2004 |
Jan
(132) |
Feb
(223) |
Mar
(300) |
Apr
(221) |
May
(171) |
Jun
(286) |
Jul
(188) |
Aug
(107) |
Sep
(97) |
Oct
(106) |
Nov
(139) |
Dec
(125) |
| 2005 |
Jan
(200) |
Feb
(116) |
Mar
(68) |
Apr
(158) |
May
(70) |
Jun
(80) |
Jul
(55) |
Aug
(52) |
Sep
(92) |
Oct
(141) |
Nov
(86) |
Dec
(41) |
| 2006 |
Jan
(35) |
Feb
(62) |
Mar
(59) |
Apr
(52) |
May
(51) |
Jun
(61) |
Jul
(30) |
Aug
(36) |
Sep
(12) |
Oct
(4) |
Nov
(22) |
Dec
(34) |
| 2007 |
Jan
(49) |
Feb
(19) |
Mar
(37) |
Apr
(16) |
May
(9) |
Jun
(38) |
Jul
(17) |
Aug
(31) |
Sep
(16) |
Oct
(34) |
Nov
(4) |
Dec
(8) |
| 2008 |
Jan
(8) |
Feb
(16) |
Mar
(14) |
Apr
(6) |
May
(4) |
Jun
(5) |
Jul
(9) |
Aug
(36) |
Sep
(6) |
Oct
(3) |
Nov
(3) |
Dec
(3) |
| 2009 |
Jan
(14) |
Feb
(2) |
Mar
(7) |
Apr
(16) |
May
(2) |
Jun
(10) |
Jul
(1) |
Aug
(10) |
Sep
(11) |
Oct
(4) |
Nov
(2) |
Dec
|
| 2010 |
Jan
(1) |
Feb
|
Mar
(13) |
Apr
(11) |
May
(18) |
Jun
(44) |
Jul
(7) |
Aug
(2) |
Sep
(14) |
Oct
|
Nov
(6) |
Dec
|
| 2011 |
Jan
(2) |
Feb
(6) |
Mar
(3) |
Apr
(2) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2012 |
Jan
(11) |
Feb
(3) |
Mar
(11) |
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(1) |
Nov
(4) |
Dec
|
| 2013 |
Jan
|
Feb
|
Mar
|
Apr
(3) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2014 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(4) |
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
(8) |
Dec
(1) |
| 2015 |
Jan
(3) |
Feb
(2) |
Mar
|
Apr
(3) |
May
(1) |
Jun
|
Jul
(1) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(2) |
| 2016 |
Jan
|
Feb
(4) |
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2017 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
(3) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2018 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(3) |
Jun
(1) |
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2020 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(3) |
Jun
|
Jul
(5) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2021 |
Jan
|
Feb
(4) |
Mar
|
Apr
|
May
|
Jun
|
Jul
(1) |
Aug
(6) |
Sep
(3) |
Oct
|
Nov
|
Dec
|
| 2022 |
Jan
(11) |
Feb
(2) |
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2023 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(1) |
Nov
(3) |
Dec
(3) |
| 2024 |
Jan
(7) |
Feb
(2) |
Mar
(1) |
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2025 |
Jan
|
Feb
|
Mar
|
Apr
(1) |
May
(1) |
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: John S. <jst...@gm...> - 2007-06-05 00:08:35
|
Hi Reini, All the links I try to download the latest release from are broken. Are you sure this has gone out? Cheers |
|
From: Reini U. <ru...@x-...> - 2007-06-04 20:24:37
|
ENABLE_MARKUP_COLOR = true (default) something like: <pre> %color=red%red test%% black %color=yellow%yellow test%% black </pre> ------ 2007/6/4, Sabri LABBENE <sab...@st...>: > Hi all, > I want to make prefomatted text (inside pre or verbatim tags) display in a colored area (light yellow for example). This will make wiki pages look nicer. > I've been trying to do it for too long without results. Phpwiki parsers seems complex to me and I can't figure out how to add something like 'style="backgroud-color:#FDFDF7"' to transformed pre tags. > > Can someone help me to figure out how this could be done. > > Thanks, > -- Sabri. > > > ------------------------------------------------------------------------- > This SF.net email is sponsored by DB2 Express > Download DB2 Express C - the FREE version of DB2 express and take > control of your XML. No limits. Just data. Click to get it now. > http://sourceforge.net/powerbar/db2/ > _______________________________________________ > Phpwiki-talk mailing list > Php...@li... > https://lists.sourceforge.net/lists/listinfo/phpwiki-talk > -- Reini Urban http://phpwiki.org/ http://murbreak.at/ http://spacemovie.mur.at/ http://helsinki.at/ |
|
From: Sabri L. <sab...@st...> - 2007-06-04 14:12:37
|
Hi all, I want to make prefomatted text (inside pre or verbatim tags) display in = a colored area (light yellow for example). This will make wiki pages = look nicer. I've been trying to do it for too long without results. Phpwiki parsers = seems complex to me and I can't figure out how to add something like = 'style=3D"backgroud-color:#FDFDF7"' to transformed pre tags. Can someone help me to figure out how this could be done.=20 Thanks, -- Sabri. |
|
From: Reini U. <ru...@x-...> - 2007-06-03 20:58:48
|
Sabri LABBENE schrieb:
>
> Sabri LABBENE wrote:
>> Reini Urban wrote:
>>> it's not easy.
>>> if so I would have done it years ago. (around 2003)
>>>
>>> you can search the archives how jeff tried to get rid of it, and/or i
>>> introduced it again somehow.
>> Ok. Personally I tried to remove/unset it but I can't.
>> Unfortunately this parameter causes problems for me... Anyway,
>> I'll try to live with it until I'll get a solution to remove it.
>
> In editpage.php (function savePage()) at line ~317 there is a :
> //$request->setArg('action', false);
> When I uncommented that line, 'action=edit' parameter has gone but only
> once. I edit another time then save and the parameter stay there as before +
> a Notice:
>
> In template 'head':51: Notice: Undefined index: action:
>
> * $action = $args['action'];
This is easy to fix :)
Ok, I just checked the logic.
Whenever you have the theme signature defined or a save warning,
the action=edit will be sticky, because then we do no redirect.
Without signature and no warning the request is redirected and the
action=edit will be gone.
We need it to support more than one submit button.
We have Save, Preview and lateron maybe Changes and Upload.
For the later three we need "edit", unless we do some js tricks
to submit the form from the button, enabling edit only there. This is
what we wanted to avoid.
But I'll test that idea.
--
Reini Urban
http://phpwiki.org/ http://murbreak.at/
http://helsinki.at/ http://spacemovie.mur.at/
|
|
From: Reini U. <ru...@x-...> - 2007-06-02 23:17:39
|
I released 1.3.13 today and will install it tomorrow at the sf.net site. Under http://phpwiki.sf.net/phpwiki/ as usual. I'll also import all the old pages. You want to check the TODO. Mediawiki import and Creole Markup is what I'm working on right now. The next releases will come quicker. -- Reini Urban http://phpwiki.org/ http://murbreak.at/ http://helsinki.at/ http://spacemovie.mur.at/ |
|
From: Sabri L. <sab...@st...> - 2007-06-02 10:01:36
|
Sabri LABBENE wrote:
>Reini Urban wrote:
>>it's not easy.
>>if so I would have done it years ago. (around 2003)
>>
>>you can search the archives how jeff tried to get rid of it, and/or i
>>introduced it again somehow.
>
>Ok. Personally I tried to remove/unset it but I can't.
>Unfortunately this parameter causes problems for me... Anyway,
>I'll try to live with it until I'll get a solution to remove it.
In editpage.php (function savePage()) at line ~317 there is a :
//$request->setArg('action', false);
When I uncommented that line, 'action=edit' parameter has gone but only
once. I edit another time then save and the parameter stay there as before +
a Notice:
In template 'head':51: Notice: Undefined index: action:
* $action = $args['action'];
>>2007/5/31, Sabri LABBENE <sab...@st...>:
>>> Hi all,
>>>
>>> If I edit a page in Phpwiki then save it. The 'action=edit'
>>url parameter still there. Can some one tell how to remove/unset it?
>>--
>>Reini Urban
>>http://phpwiki.org/ http://murbreak.at/
>>http://spacemovie.mur.at/ http://helsinki.at/
>>
>>---------------------------------------------------------------
>>----------
>>This SF.net email is sponsored by DB2 Express Download DB2
>Express C -
>>the FREE version of DB2 express and take control of your XML. No
>>limits. Just data. Click to get it now.
>>http://sourceforge.net/powerbar/db2/
>>_______________________________________________
>>Phpwiki-talk mailing list
>>Php...@li...
>>https://lists.sourceforge.net/lists/listinfo/phpwiki-talk
>>
>
>
>---------------------------------------------------------------
>----------
>This SF.net email is sponsored by DB2 Express Download DB2
>Express C - the FREE version of DB2 express and take control
>of your XML. No limits. Just data. Click to get it now.
>http://sourceforge.net/powerbar/db2/
>_______________________________________________
>Phpwiki-talk mailing list
>Php...@li...
>https://lists.sourceforge.net/lists/listinfo/phpwiki-talk
>
|
|
From: Sabri L. <sab...@st...> - 2007-06-02 07:56:42
|
Reini Urban wrote: >it's not easy. >if so I would have done it years ago. (around 2003) > >you can search the archives how jeff tried to get rid of it, >and/or i introduced it again somehow. Ok. Personally I tried to remove/unset it but I can't. Unfortunately this parameter causes problems for me... Anyway, I'll try to live with it until I'll get a solution to remove it. Thanks, -- Sabri. >2007/5/31, Sabri LABBENE <sab...@st...>: >> Hi all, >> >> If I edit a page in Phpwiki then save it. The 'action=edit' >url parameter still there. Can some one tell how to remove/unset it? >-- >Reini Urban >http://phpwiki.org/ http://murbreak.at/ >http://spacemovie.mur.at/ http://helsinki.at/ > >--------------------------------------------------------------- >---------- >This SF.net email is sponsored by DB2 Express Download DB2 >Express C - the FREE version of DB2 express and take control >of your XML. No limits. Just data. Click to get it now. >http://sourceforge.net/powerbar/db2/ >_______________________________________________ >Phpwiki-talk mailing list >Php...@li... >https://lists.sourceforge.net/lists/listinfo/phpwiki-talk > |
|
From: Reini U. <ru...@x-...> - 2007-06-01 18:30:50
|
it's not easy. if so I would have done it years ago. (around 2003) you can search the archives how jeff tried to get rid of it, and/or i introduced it again somehow. 2007/5/31, Sabri LABBENE <sab...@st...>: > Hi all, > > If I edit a page in Phpwiki then save it. The 'action=edit' url parameter still there. Can some one tell how to remove/unset it? -- Reini Urban http://phpwiki.org/ http://murbreak.at/ http://spacemovie.mur.at/ http://helsinki.at/ |
|
From: Sabri L. <sab...@st...> - 2007-05-31 14:44:55
|
Hi all, If I edit a page in Phpwiki then save it. The 'action=3Dedit' url = parameter still there. Can some one tell how to remove/unset it? Thanks, -- Sabri. |
|
From: Sabri L. <sab...@st...> - 2007-05-31 14:25:09
|
Sabri LABBENE wrote: >Hi all, > >If I edit a page in Phpwiki then save it. The 'action=edit' >url parameter still there. Can some one tell how to remove/unset it? Any comments on the subject ? Regards, Sabri. |
|
From: Reini U. <ru...@x-...> - 2007-05-30 22:04:57
|
AlJeux schrieb:
> Hi Reini,
>
> Thank you for answering so quickly to my question.
>
> My question was only related to the second part of the code, not all the
> code.
>
> If I comment the following code (the one working with $newpage), the
> renaming bug is fixed.
>
> (code in WikiDB.php in the rename_page func)
> === begin ===
> $links = $newpage->getBackLinks();
> while ($linked_page = $links->next()) {
> WikiPlugin_WikiAdminSearchReplace::replaceHelper($this,
> $linked_page->getName(),
> $from, $to);
> }
> === end ===
>
> Is it safe to comment these lines ?
>
> As I said, I don't understand so I'm afraid of making a mistake.
Yes, it's save to comment out, because the
WikiAdminSearchReplace::replaceHelper call is broken anyway.
You might end with too many renamed pages.
I'll try to fix it before the release.
BTW: I already uploaded the release but found another bug yesterday.
php-5.2.x sessions still don't work.
--
Reini Urban
http://phpwiki.org/ http://murbreak.at/
http://helsinki.at/ http://spacemovie.mur.at/
|
|
From: AlJeux <al...@fr...> - 2007-05-30 19:06:58
|
Hi Reini,
Thank you for answering so quickly to my question.
My question was only related to the second part of the code, not all the
code.
If I comment the following code (the one working with $newpage), the
renaming bug is fixed.
(code in WikiDB.php in the rename_page func)
=== begin ===
$links = $newpage->getBackLinks();
while ($linked_page = $links->next()) {
WikiPlugin_WikiAdminSearchReplace::replaceHelper($this,
$linked_page->getName(),
$from, $to);
}
=== end ===
Is it safe to comment these lines ?
As I said, I don't understand so I'm afraid of making a mistake.
Best Regards,
Alain.
|
|
From: Reini U. <ru...@x-...> - 2007-05-30 18:56:27
|
aljeux schrieb:
> Message body follows:
>
> Hello,
>
> Please, excuse me to contact directly, but as you seems the
> author of the lines, I think it's better to ask you directly.
>
> I am a gforge developer running a gforge with phpwiki 1.3
> inside for projects.
>
> When renaming a page, I've found a strange thing.
>
> How to reproduce:
>
> Create a link: PageAlain
> Create the page with the default text.
> Rename the page (with links) to: PageAlainTwo
>
> => The page is renamed but now the links are named
> 'PageAlainTwoTwo'.
>
> I have noticied that the code responsible for this is in
> lib/WikiDB.php
> In this code, there is a section:
>
> if ($updateWikiLinks) {
> require_once('lib/plugin/WikiAdminSearchReplace.php');
> $links = $oldpage->getBackLinks();
> while ($linked_page = $links->next()) {
> WikiPlugin_WikiAdminSearchReplace::replaceHelper($this,
>
> $linked_page->getName(),
> $from,
> $to);
> }
> $links = $newpage->getBackLinks();
> while ($linked_page = $links->next()) {
> WikiPlugin_WikiAdminSearchReplace::replaceHelper($this,
>
> $linked_page->getName(),
>
> $from, $to);
> }
> }
>
> To solve the problem, I am tempted to comment the second
> part of the code (the one renaming link to the new page) but
> as I don't understand what is it for, I am quite reserved.
>
> Can you help me to understand it's goal ?
>
> Many thanks for for time,
> Alain Peyrat.
Hi Alain, better use the phpwiki-talk mailinglist.
this code does renaming all pagenames in all backlinked pages,
and is only executed if $updateWikiLinks is true.
Generally it is not good to do that automatically also,
because the old pagename detection is not strict enough.
--
Reini Urban
http://phpwiki.org/ http://murbreak.at/
http://helsinki.at/ http://spacemovie.mur.at/
|
|
From: Sabri L. <sab...@st...> - 2007-05-29 07:57:50
|
Hi all, If I edit a page in Phpwiki then save it. The 'action=3Dedit' url = parameter still there. Can some one tell how to remove/unset it? Thanks, -- Sabri.=20 |
|
From: Mark M. <ma...@ic...> - 2007-05-21 15:41:35
|
Please stop sending emails to jef...@ic... -----Original Message----- From: php...@li... [mailto:php...@li...] On Behalf Of Reini Urban Sent: Saturday, May 19, 2007 7:34 PM To: Discussion on PhpWiki features, bugs, development. Subject: [Phpwiki-talk] Montreal 07 Outcome http://www.rocococamp.info/FutureWikiProjectsCollaboration -- Reini Urban http://phpwiki.org/ http://murbreak.at/ http://spacemovie.mur.at/ http://helsinki.at/ ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Phpwiki-talk mailing list Php...@li... https://lists.sourceforge.net/lists/listinfo/phpwiki-talk |
|
From: Reini U. <ru...@x-...> - 2007-05-20 00:34:11
|
http://www.rocococamp.info/FutureWikiProjectsCollaboration -- Reini Urban http://phpwiki.org/ http://murbreak.at/ http://spacemovie.mur.at/ http://helsinki.at/ |
|
From: Reini U. <ru...@x-...> - 2007-05-15 15:56:29
|
So see some of there. This Friday to Sunday in Montreal. http://www.rocococamp.info/InvitationList Hi Crao people! |
|
From: Sabri L. <sab...@st...> - 2007-04-26 08:44:45
|
Hi all, I have some questions related to monitoring preferences storage and user = pages that phpwiki creates if a user sets some preferences. It will be = great if someone could provide some explanations on the subject. First I want to know how monitoring data is stored in Phpwkii when users = and preferences are stored in wiki pages? I found the monitoring data in pref table and in 'global_data' wiki page = ! Then, I want to know where phpwiki find the monitoring data after a page = change for example. Then is it possible to remove a monitoring data from 'global_data' page = ? If I rename a user then his monitoring data will not change and the = notification emails keep sent to the old user adress. So, what is the = procedure for user rename without altering monitoring data. Any help will be too much appreciated. Thanks, -- Sabri. |
|
From: Frank P. L. <fr...@th...> - 2007-04-19 19:24:47
|
I changed LDAP_SEARCH_FIELD to uid and now do not get the (nosuchuser) tag in the debug message: DEBUG: ALLOW_ANON_EDIT = false, ALLOW_BOGO_LOGIN = false, ALLOW_USER_PASSWORDS = true, ENABLE_PAGEPERM = true, USER_AUTH_ORDER: => LDAP => Forbidden, USER_AUTH_POLICY: first-only, PASSWORD_LENGTH_MINIMUM: 0 Still a little confounded. Been trying to get slapd to push out its debug messages on the LDAP server, in case it's my end. Again, any ideas would be helpful. I'm slowly making (some) progress (I think). --Frank On Apr 19, 2007, at 1:00 PM, Leef wrote: > > Hi Folks, I've been looking and trying several different Wikis to > use in > conjunction with. I finally settled on phpWiki a week ago - so I'm > pretty > much a noob at phpwiki. > > I am trying to get it to authenticate against our LDAP server. (an > OsX > Tiger server (10.4.8) running Open Directory) > > It would seem that have successfully been able to bind to the LDAP > server > however I am now getting new debug messages above. I've read > through the > talks in the forum online and they've been very helpful getting me > this far > but now I'm lost. > > DEBUG: ALLOW_ANON_EDIT = false, ALLOW_BOGO_LOGIN = false, > ALLOW_USER_PASSWORDS = true, ENABLE_PAGEPERM = true, > USER_AUTH_ORDER: => > LDAP (nosuchuser) => Forbidden, USER_AUTH_POLICY: first-only, > PASSWORD_LENGTH_MINIMUM: 0 > > Any thoughts or ideas? Perhaps I have overlooked something small? > Thank you in advance. > > --Frank > > > config.ini > USER_AUTH_ORDER = LDAP > USER_AUTH_POLICY = first-only > ;ENABLE_USER_NEW = false > ;ENABLE_PAGEPERM = false > > LDAP_AUTH_HOST = "ldap://10.10.1.10" > LDAP_BASE_DN = "cn=users,dc=Name,dc=local" > LDAP_SET_OPTION = "LDAP_OPT_PROTOCOL_VERSION=3:LDAP_OPT_REFERRALS=0" > LDAP_AUTH_USER = "uid=root,cn=users,dc=Name,dc=local" > LDAP_AUTH_PASSWORD = somePassHere > LDAP_SEARCH_FIELD = memberUID > ;LDAP_OU_USERS = ou=Users > ;LDAP_OU_GROUP = ou=Groups > > > -- > View this message in context: http://www.nabble.com/LDAP-Config- > tf3608405.html#a10082231 > Sent from the phpwiki-talk mailing list archive at Nabble.com. > > > ---------------------------------------------------------------------- > --- > This SF.net email is sponsored by DB2 Express > Download DB2 Express C - the FREE version of DB2 express and take > control of your XML. No limits. Just data. Click to get it now. > http://sourceforge.net/powerbar/db2/ > _______________________________________________ > Phpwiki-talk mailing list > Php...@li... > https://lists.sourceforge.net/lists/listinfo/phpwiki-talk |
|
From: Leef <fr...@th...> - 2007-04-19 17:00:41
|
Hi Folks, I've been looking and trying several different Wikis to use in conjunction with. I finally settled on phpWiki a week ago - so I'm pretty much a noob at phpwiki. I am trying to get it to authenticate against our LDAP server. (an OsX Tiger server (10.4.8) running Open Directory) It would seem that have successfully been able to bind to the LDAP server however I am now getting new debug messages above. I've read through the talks in the forum online and they've been very helpful getting me this far but now I'm lost. DEBUG: ALLOW_ANON_EDIT = false, ALLOW_BOGO_LOGIN = false, ALLOW_USER_PASSWORDS = true, ENABLE_PAGEPERM = true, USER_AUTH_ORDER: => LDAP (nosuchuser) => Forbidden, USER_AUTH_POLICY: first-only, PASSWORD_LENGTH_MINIMUM: 0 Any thoughts or ideas? Perhaps I have overlooked something small? Thank you in advance. --Frank config.ini USER_AUTH_ORDER = LDAP USER_AUTH_POLICY = first-only ;ENABLE_USER_NEW = false ;ENABLE_PAGEPERM = false LDAP_AUTH_HOST = "ldap://10.10.1.10" LDAP_BASE_DN = "cn=users,dc=Name,dc=local" LDAP_SET_OPTION = "LDAP_OPT_PROTOCOL_VERSION=3:LDAP_OPT_REFERRALS=0" LDAP_AUTH_USER = "uid=root,cn=users,dc=Name,dc=local" LDAP_AUTH_PASSWORD = somePassHere LDAP_SEARCH_FIELD = memberUID ;LDAP_OU_USERS = ou=Users ;LDAP_OU_GROUP = ou=Groups -- View this message in context: http://www.nabble.com/LDAP-Config-tf3608405.html#a10082231 Sent from the phpwiki-talk mailing list archive at Nabble.com. |
|
From: Reini U. <ru...@x-...> - 2007-04-13 11:48:36
|
VGhpcyBidWd0cmFxIGFuc3dlciBzaG93cyBhIGxpbmsgdG8gYSBzY3JlZW4gc2hvdCBvZiB0aGUg Yzk5IHNoZWxsLgoKICBodHRwOi8vd3d3LmhvbmV5bmV0Lm9yZy9wYXBlcnMvd2ViYXBwLwoKU28g cGhwMywgcGhwNCBhbmQgcGhwNSBzaG91bGQgYmUgYmxvY2tlZCBub3cuCgpCdXQgdW50aWwgZnVy dGhlciBhbmFseXNpcyBJIHdvdWxkIGNvbXBsZXRlbHkgZGlzYWJsZSB0aGUgVXBMb2FkIHBsdWdp biBmb3IKdW5zZWN1cmUgdXNlcnMuCgotLS0tLS0tLS0tIEZvcndhcmRlZCBtZXNzYWdlIC0tLS0t LS0tLS0KRnJvbTogSmFtaWUgUmlkZW4gPGphbWllLnJpZGVuQGdtYWlsLmNvbT4KRGF0ZTogMTIu MDQuMjAwNyAxODo1OQpTdWJqZWN0OiBSZTogQ3JpdGljYWwgcGhwd2lraSBjOTlzaGVsbCBleHBs b2l0ClRvOiBidWd0cmFxQHNlY3VyaXR5Zm9jdXMuY29tLCAicnVyYmFuQHgtcmF5LmF0IiA8cnVy YmFuQHgtcmF5LmF0PgoKCk9uIDEyIEFwciAyMDA3IDEzOjE0OjE0IC0wMDAwLCBydXJiYW5AeC1y YXkuYXQgPHJ1cmJhbkB4LXJheS5hdD4gd3JvdGU6Cj4gVmlhIHRoZSBQaHB3aWtpIDEuMy54IFVw TG9hZCBmZWF0dXJlIHNvbWUgaGFja2VycyBmcm9tIHJ1c3NpYSB1cGxvYWRlZCBhIHBocDMgb3Ig cGhwNCBmaWxlLAo+IGluc3RhbGwgYSBiYWNrZG9vciBhdCBwb3J0IDgwODEgYW5kIGhhdmUgYWNj ZXNzIHRvIHlvdXIgd2hvbGUgZGlzYyBhbmQgb3ZlcnRha2UgdGhlIHNlcnZlci4KPgo+IEEgdXJs IGluIHRoZSBmaWxlIGlzIGh0dHA6Ly9jY3RlYW0ucnUvcmVsZWFzZXMvYzk5c2hlbGwKPgo+IFRo ZSB1cGxvYWRlZCBmaWxlIGhhcyBhIHBocCwgcGhwMyBvciBwaHA0IGV4dGVuc2lvbiBhbmQgbG9v a3MgbGlrZSBhIGdpZiB0byB0aGUgbWltZSBtYWdpYy4KPiBTbyBhcGFjaGUgdXN1YWxseSBhY2Nl cHRzIGl0Lgo+Cj4gVG8gZml4IHRoaXMgcGhwd2lraSBpc3N1ZSBhdCBmaXJzdCBtb3ZlIHRoZSBs aWIvcGx1Z2luL1VwTG9hZC5waHAgZmlsZSBvdXQgb2YgdGhpcyBkaXJlY3RvcnkuCj4KPiBZb3Ug Y2FuIGZpeCBpdCBieSBhZGRpbmcgdGhvc2UgdHdvIGxpbmVzIHRvIHlvdXIgbGlzdCBvZiBkaXNh bGxvd2VkIGV4dGVuc2lvbnM6Cj4gICBwaHAzCj4gICBwaHA0Cj4gQ3VycmVudGx5IG9ubHkgInBo cCIgaXMgZGlzYWxsb3dlZC4KClNvbWUgcGVvcGxlIGFsc28gbWFwIC5waHA1IC0gZ29vZ2xlIGZv ciAiQWRkVHlwZQphcHBsaWNhdGlvbi94LWh0dHBkLXBocDUgLnBocDUiIGFuZCAiQWRkVHlwZSBh cHBsaWNhdGlvbi94LWh0dHBkLXBocAoucGhwNSIgLSBhbmQgZ29vZG5lc3Mga25vd3Mgd2hhdCBl bHNlLgoKVGhpcyB3b3VsZCBiZSBtdWNoIGJldHRlciByZS13cml0dGVuIHRvIHVzZSBrbm93biBz YWZlIGV4dGVuc2lvbnMsIG9yCnRoZSBhZG1pbiBuZWVkcyB0byBjYXJlZnVsbHkgY29tcGFyZSB0 aGUgZGlzYWxsb3dlZCBsaXN0IGFnYWluc3QKaGlzL2hlciBodHRwZCBjb25maWcuCgooSWYgdGhl cmUncyBhbnlvbmUgd2hvIGRvZXNuJ3Qga25vdyBjOTlzaGVsbCwgaXQncyBzb3J0IG9mIGEgaGVs cGVyCmFwcCBmb3IgZG9pbmcgdGhpbmdzIG9uIHNlcnZlcnMgLSB0aGUga2luZCBvZiB0aGluZ3Mg eW91IHByb2JhYmx5CmRvbid0IHdhbnQgZG9uZSAtIGFuZCBpcyBvZnRlbiB1c2VkIGluIGNvbmp1 bmN0aW9uIHdpdGggcmVtb3RlIGZpbGUKaW5jbHVkZSBhdHRhY2tzIHRvIGV4ZWN1dGUgc2hlbGwg Y29tbWFuZHMuIFRoZXJlJ3MgYSBzY3JlZW5zaG90IGluCkFwcGVuZGl4IEIgYXQgaHR0cDovL3d3 dy5ob25leW5ldC5vcmcvcGFwZXJzL3dlYmFwcC8gLiAiRGVmYWNpbmcgVG9vbAoyLjAgYnkgcjN2 M25nNG5zIiBhbmQgcjU3c2hlbGwgYXJlIHNpbWlsYXIgdXRpbGl0aWVzIHlvdSBtYXkgaGF2ZSBj b21lCmFjcm9zcy4pCgpjaGVlcnMsCiBKYW1pZQoKUFMuIEkgY2FuJ3Qgc2VlIHdoZXJlIGl0IGNo ZWNrcyBpZiB0aGUgZmlsZSBpcyBhIEdJRiwgYnV0IGl0J3Mgbm90CmhhcmQgdG8gZm9vbCBzb21l IHByb2dyYW1zLCBhbmQgSSBkb24ndCBsaWtlIHRoZSBpZGVhIG9mIGd1ZXNzaW5nIGZpbGUKdHlw ZXMgYmFzZWQgb24gY29udGVudHMuIEl0J3Mgbm90IHNhZmUuCgo9PSBmb28ucGhwID09CkdJRjg5 YSFeQCJeQAo8P3BocAogIGVjaG8gImZvbyI7Cj8+Cj09PT09PT09PT09CgokIGZpbGUgZm9vLnBo cApmb28ucGhwOiBHSUYgaW1hZ2UgZGF0YSwgdmVyc2lvbiA4OWEsIDMzIHggMzQKClRoZSBvdXRw dXQgb2YgdmlzaXRpbmcgaHR0cDovL2xvY2FsaG9zdC9mb28ucGhwIHVuZGVyIGFwYWNoZSBpcwon R0lGODlhIe+/vSLvv70gZm9vJy4KLS0KSmFtaWUgUmlkZW4gLyBqYW1lc3JAZXVyb3BlLmNvbSAv IGphbWllQGhvbmV5bmV0Lm9yZy51awpVSyBIb25leW5ldCBQcm9qZWN0OiBodHRwOi8vd3d3LnVr aG9uZXluZXQub3JnLwotLSAKUmVpbmkgVXJiYW4KaHR0cDovL3BocHdpa2kub3JnLyAgICAgICAg ICAgICAgaHR0cDovL211cmJyZWFrLmF0LwpodHRwOi8vc3BhY2Vtb3ZpZS5tdXIuYXQvICAgaHR0 cDovL2hlbHNpbmtpLmF0Lwo= |
|
From: Harold H. <ha...@ha...> - 2007-04-12 17:31:56
|
> 2007/4/12, Harold Hallikainen <ha...@ha...>: >> > 2007/4/12, Sabri LABBENE <sab...@st...>: >> >> Reini Urban wrote: >> >> >Via the Phpwiki 1.3.x UpLoad feature some hackers from russia upload >> a >> >> >php3 or php4 file, >> >> >install a backdoor at port 8081 and have access to your whole >> >> >disc and overtake the server. >> >> > >> >> >See http://ccteam.ru/releases/c99shell >> >> >> >> I think that the URL is wrong. >> > >> > This url obviously worked in 2006. Now it is gone. >> > >> > I submitted a critical security alert to CERT and it will be in the >> > cve reports of mitre.org >> > also then (hopefully). >> >> As the one who was attacked, I can give you the IP addresses of the >> attackers. Second, instead of disallowed extensions, I think it would be >> much safet to have a list of ALLOWED extensions. I see this as a todo in >> the upload plugin. > > Hm, I will think about it. Other opinions? > >> I have set my upload directory as read only and require users to now >> email >> me stuff to post. >> >> As to how much was visible to the hackers (and I have the code for their >> script), it SEEMS that it would only be what user apache could see, >> which >> would be stuff it owns and stuff that is world readable. Is that >> correct? > > Well not really. The c99shell script tries in various ways to get more > access. > At first it compiles and installs a backdoor at port 8081 and then > with shell access it's normally quite easy for an experienced hacker > to get root. > > -- > Reini Urban THANKS for the support on this issue! I did an updatedb, then did locate c99. The only stuff that comes up is this: /usr/include/boost/numeric/interval/detail/c99sub_rounding_control.hpp /usr/include/boost/numeric/interval/detail/c99_rounding_control.hpp /usr/share/man/man1p/c99.1p.gz /usr/bin/c99 In addition, port 8081 is blocked at the router (for incoming requests). So, I'm hoping I'm ok! I really think an approved filetype list for uploads would be nice. It seems a lot easier than trying to anticipate everything bad that someone will try. THANKS for the support on this! Harold -- FCC Rules Updated Daily at http://www.hallikainen.com - Advertising opportunities available! |
|
From: Reini U. <ru...@x-...> - 2007-04-12 17:10:30
|
2007/4/12, Harold Hallikainen <ha...@ha...>: > > 2007/4/12, Sabri LABBENE <sab...@st...>: > >> Reini Urban wrote: > >> >Via the Phpwiki 1.3.x UpLoad feature some hackers from russia upload a > >> >php3 or php4 file, > >> >install a backdoor at port 8081 and have access to your whole > >> >disc and overtake the server. > >> > > >> >See http://ccteam.ru/releases/c99shell > >> > >> I think that the URL is wrong. > > > > This url obviously worked in 2006. Now it is gone. > > > > I submitted a critical security alert to CERT and it will be in the > > cve reports of mitre.org > > also then (hopefully). > > As the one who was attacked, I can give you the IP addresses of the > attackers. Second, instead of disallowed extensions, I think it would be > much safet to have a list of ALLOWED extensions. I see this as a todo in > the upload plugin. Hm, I will think about it. Other opinions? > I have set my upload directory as read only and require users to now email > me stuff to post. > > As to how much was visible to the hackers (and I have the code for their > script), it SEEMS that it would only be what user apache could see, which > would be stuff it owns and stuff that is world readable. Is that correct? Well not really. The c99shell script tries in various ways to get more access. At first it compiles and installs a backdoor at port 8081 and then with shell access it's normally quite easy for an experienced hacker to get root. -- Reini Urban http://phpwiki.org/ http://murbreak.at/ http://spacemovie.mur.at/ http://helsinki.at/ |
|
From: Harold H. <ha...@ha...> - 2007-04-12 16:37:57
|
> 2007/4/12, Sabri LABBENE <sab...@st...>: >> Reini Urban wrote: >> >Via the Phpwiki 1.3.x UpLoad feature some hackers from russia upload a >> >php3 or php4 file, >> >install a backdoor at port 8081 and have access to your whole >> >disc and overtake the server. >> > >> >See http://ccteam.ru/releases/c99shell >> >> I think that the URL is wrong. > > This url obviously worked in 2006. Now it is gone. > > I submitted a critical security alert to CERT and it will be in the > cve reports of mitre.org > also then (hopefully). > -- > Reini Urban > http://phpwiki.org/ http://murbreak.at/ > http://spacemovie.mur.at/ http://helsinki.at/ > As the one who was attacked, I can give you the IP addresses of the attackers. Second, instead of disallowed extensions, I think it would be much safet to have a list of ALLOWED extensions. I see this as a todo in the upload plugin. I have set my upload directory as read only and require users to now email me stuff to post. As to how much was visible to the hackers (and I have the code for their script), it SEEMS that it would only be what user apache could see, which would be stuff it owns and stuff that is world readable. Is that correct? THANKS! Harold -- FCC Rules Updated Daily at http://www.hallikainen.com - Advertising opportunities available! |
|
From: Reini U. <ru...@x-...> - 2007-04-12 13:18:37
|
2007/4/12, Sabri LABBENE <sab...@st...>: > Reini Urban wrote: > >Via the Phpwiki 1.3.x UpLoad feature some hackers from russia upload a > >php3 or php4 file, > >install a backdoor at port 8081 and have access to your whole > >disc and overtake the server. > > > >See http://ccteam.ru/releases/c99shell > > I think that the URL is wrong. This url obviously worked in 2006. Now it is gone. I submitted a critical security alert to CERT and it will be in the cve reports of mitre.org also then (hopefully). -- Reini Urban http://phpwiki.org/ http://murbreak.at/ http://spacemovie.mur.at/ http://helsinki.at/ |
207 messages has been excluded from this view by a project administrator.
