simplog-devel Mailing List for Simplog (Page 4)
Brought to you by:
f-bomb
Menu
▾
▴
simplog-devel — Mailing list for Simplog developers
You can subscribe to this list here.
| 2004 |
Jan
(5) |
Feb
(1) |
Mar
(1) |
Apr
(1) |
May
(1) |
Jun
|
Jul
|
Aug
(26) |
Sep
(29) |
Oct
|
Nov
(4) |
Dec
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2005 |
Jan
|
Feb
(2) |
Mar
(3) |
Apr
(3) |
May
(4) |
Jun
(12) |
Jul
(15) |
Aug
|
Sep
(4) |
Oct
(4) |
Nov
|
Dec
|
| 2006 |
Jan
(1) |
Feb
|
Mar
|
Apr
(4) |
May
(2) |
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2007 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(1) |
|
From: <ja...@bu...> - 2004-09-21 17:04:57
|
Jim Hu writes:
> Can't say about 4.2, but I also put it on my server, which is still
> running 4.3. Seems to work with Simplog. The Sourceforge page says it
> requires php 4.0.5 or later.
Based on that, I would suggest that we do the upgrade to the latest version
of ADODB.
> OK, I figured out the problem. The index file I had modified uses:
>
> <?php @include("$baseurl/blog.php?blogid=$blogid"); ?>
>
> which I think was based on an older version of index.php. Yours uses
>
> <?php include("blog.php"); ?>
Aaaah yes. I remember making that change - had to do that to get the session
data to be preserved.
> However, there is a design issue regarding the
> meaning of public, protected, and private that should be resolved before
> going further - I think that your function changes the meanings...it does
> so in a way that I sort of agree with, but here's the problem:
>
> In the help files, Jeremy defines the three kinds of blogs as follows:
>
>> A new blog can be Public, Protected or Private, and this provides a
>> method of pre-defining which users can contribute new comments without
>> explicitly defining each. In a public blog, any user with a logon can add
>> entries. In a protected blog, any one of a specfic set of users can add
>> entries, and others are stopped. In a private blog, only one person can
>> add entries. Regardless of whether the blog is public, protected or
>> private, everyone can read the blog.
I actually looked for an official definition of what those three things
meant, but didn't find anything, so I just made up what I thought was
appropriate (public = anyone, protected = any authenticated, private = user
on the acl).
Keep in mind that I haven't implemented any of the protection stuff on the
insert/update operations in class.BlogInfo or class.BlogEntry yet.
> With isUserAuthorized, this has changed so that only authorized users can
> _read_ protected and private blogs. I think that having blogs that are
> not accessible to the public is useful, and I took a different approach to
> get this functionality by adding auth() to the index files for each blog.
> However, this is trivially defeated by bypassing the index file via
> http://host/simplog/blog.php?blogid=X, so your solution should be better.
Well, it's not 'trivially defeated' - because the protection is enforced
near the data - in class.BlogInfo. That is why the calls to
isUserAuthorized() were placed there. Which is where the data security
should be enforced.
> The problem is - I think your solution breaks something we've been telling
> users about how to customize their pages - by using blog.php to pass
> formatted content to the target website. This means that upgrading to
> 0.91 may break some existing sites.
Well, it's a bit too late, seeing as 0.9.1 has been released. I haven't seen
any traffic on the user list to indicate that this has caused problems.
> It seems to me that it would be better to define the kinds of blogs
> differently than either of the above, based on four kinds of access
> permissions: view, comment, post, and administer. I'm not sure that the
> current distinction between protected and private is useful, as one could
> in principle make protected blogs with only one user. I'd suggest that
> all kinds of blogs should only allow posts by acl users, and all kinds of
> blogs should allow administration within a blog by anyone set as an
> administrator in the blog_acl table (not clear to me that the admin column
> in blog_acl does anything in current versions). The site administrator
> would still have global admin privileges. In addition, the three kinds
> would mean:
The only thing missing from the above suggestion is 'simplicity'. Of course
we could come up with a much richer, more sophisticated ACL implementation.
The question is: Do users need it? Do administrators want it? Would it
justify the increase in complexity of the UI?
If we are to continue to think of simplog as a 'personal blog publishing
tool', I would think could adopt:
1. Public - anyone can read, only ACL-users can insert/update/delete.
2. Protected - only ACL-users can read/insert/update/delete
3. Private - ACL-users can read, only owner can insert/update/delete
-jason
|
|
From: Jim Hu <ji...@ta...> - 2004-09-21 08:37:34
|
Jason,
Can't say about 4.2, but I also put it on my server, which is still=20
running 4.3. Seems to work with Simplog. The Sourceforge page says it=20=
requires php 4.0.5 or later.
OK, I figured out the problem. The index file I had modified uses:
<?php @include("$baseurl/blog.php?blogid=3D$blogid"); ?>
which I think was based on an older version of index.php. Yours uses
<?php include("blog.php"); ?>
I believe what is happening is that when the include statement looks=20
for http://hostname/simplog/blog.php?blodid=3DX, the session info is not=20=
being transferred via the http request...in other words, the content is=20=
being called by user Apache, not the user logged in. Since Apache is=20
not on the blog_acl, and is not logged in, isUserAuthorized returns=20
false and no content comes back.
So, the good news is that I can fix this to work now with=20
isUserAuthorized on all of my blogs. However, there is a design issue=20=
regarding the meaning of public, protected, and private that should be=20=
resolved before going further - I think that your function changes the=20=
meanings...it does so in a way that I sort of agree with, but here's=20
the problem:
In the help files, Jeremy defines the three kinds of blogs as follows:
> A new blog can be Public, Protected or Private, and this provides a=20=
> method of pre-defining which users can contribute new comments without=20=
> explicitly defining each. In a public blog, any user with a logon can=20=
> add entries. In a protected blog, any one of a specfic set of users=20
> can add entries, and others are stopped. In a private blog, only one=20=
> person can add entries. Regardless of whether the blog is public,=20
> protected or private, everyone can read the blog.
With isUserAuthorized, this has changed so that only authorized users=20
can _read_ protected and private blogs. I think that having blogs that=20=
are not accessible to the public is useful, and I took a different=20
approach to get this functionality by adding auth() to the index files=20=
for each blog. However, this is trivially defeated by bypassing the=20
index file via http://host/simplog/blog.php?blogid=3DX, so your solution=20=
should be better. The problem is - I think your solution breaks=20
something we've been telling users about how to customize their pages -=20=
by using blog.php to pass formatted content to the target website. =20
This means that upgrading to 0.91 may break some existing sites.
It seems to me that it would be better to define the kinds of blogs=20
differently than either of the above, based on four kinds of access=20
permissions: view, comment, post, and administer. I'm not sure that=20
the current distinction between protected and private is useful, as one=20=
could in principle make protected blogs with only one user. I'd=20
suggest that all kinds of blogs should only allow posts by acl users,=20
and all kinds of blogs should allow administration within a blog by=20
anyone set as an administrator in the blog_acl table (not clear to me=20
that the admin column in blog_acl does anything in current versions). =20=
The site administrator would still have global admin privileges. In=20
addition, the three kinds would mean:
public =3D anyone can view or comment
protected =3D anyone can view, only acl users can comment
private =3D only acl users can view or comment.
What do people think? I'm wondering if I'm missing some history or=20
standards within the blogging software world.
Jim
On Sep 21, 2004, at 12:24 AM, Jason L. Buberel wrote:
> is the new adodb backwards compatible with php 4.3 and 4.2? if so, I=20=
> would vote we upgrade simplog to use the new version.
>
> -jason
>
> PS Told you so :)
>
> Jim Hu wrote:
> While playing with installing simplog on another computer (my laptop)=20=
> to see if the distribution version of Simplog works without my=20
> modifications, I discovered that the version of adodb in the=20
> distribution is not compatible with php5.=A0 There is one available =
at:
>
> http://adodb.sourceforge.net/
>
> which seems to work fine.=A0 Jason's security system seems to work on=20=
> my laptop too, so I'll have to hunt down what I did differently in the=20=
> other installation...looks like one of my changes is incompatible with=20=
> his. :^(
>
> Jim Hu
>
>
>
> -------------------------------------------------------
> This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170
> Project Admins to receive an Apple iPod Mini FREE for your judgement=20=
> on
> who ports your project to Linux PPC the best. Sponsored by IBM.
> Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php
> _______________________________________________
> Simplog-devel mailing list
> Sim...@li...
> https://lists.sourceforge.net/lists/listinfo/simplog-devel
>
> !DSPAM:414fba2e123313405524358!
>
>
>
>
> --=20
> Jason L. Buberel - ja...@bu... - http://www.buberel.org
> JabberID:ja...@im... - m:+16504831989
|
|
From: Jason L. B. <ja...@bu...> - 2004-09-21 05:24:19
|
is the new adodb backwards compatible with php 4.3 and 4.2? if so, I would vote we upgrade simplog to use the new version. -jason PS Told you so :) Jim Hu wrote: > While playing with installing simplog on another computer (my laptop) > to see if the distribution version of Simplog works without my > modifications, I discovered that the version of adodb in the > distribution is not compatible with php5. There is one available at: > > http://adodb.sourceforge.net/ > > which seems to work fine. Jason's security system seems to work on my > laptop too, so I'll have to hunt down what I did differently in the > other installation...looks like one of my changes is incompatible with > his. :^( > > Jim Hu > > > > ------------------------------------------------------- > This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 > Project Admins to receive an Apple iPod Mini FREE for your judgement on > who ports your project to Linux PPC the best. Sponsored by IBM. > Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php > _______________________________________________ > Simplog-devel mailing list > Sim...@li... > https://lists.sourceforge.net/lists/listinfo/simplog-devel > > !DSPAM:414fba2e123313405524358! > -- Jason L. Buberel - ja...@bu... - http://www.buberel.org JabberID:ja...@im... - m:+16504831989 |
|
From: Jim Hu <ji...@ta...> - 2004-09-21 05:19:20
|
While playing with installing simplog on another computer (my laptop) to see if the distribution version of Simplog works without my modifications, I discovered that the version of adodb in the distribution is not compatible with php5. There is one available at: http://adodb.sourceforge.net/ which seems to work fine. Jason's security system seems to work on my laptop too, so I'll have to hunt down what I did differently in the other installation...looks like one of my changes is incompatible with his. :^( Jim Hu |
|
From: Jeremy A. <ash...@13...> - 2004-09-20 03:43:54
|
I pulled the build straight from CVS, so everything that was in CVS was in the release.... I'm still thinking about 1.0.....but i'm open for suggestions Jason L. Buberel wrote: > Great news J! Does this include all of the recent CVS checkins from > various folks (like me) that happened in the last couple of weeks? > > Is there anything specific that you want to see addressed in 1.0? I > know that I would like to complete the data security implementation > that I started with the isUserAuthorized method. > > cheers, > jason > > > Jeremy Ashcraft wrote: > >> After much procrastination, Simplog 0.9.1 is available for download. >> This release fixes a few minor bugs in 0.9. >> >> Now the march towards 1.0! >> >> >> ------------------------------------------------------- >> This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 >> Project Admins to receive an Apple iPod Mini FREE for your judgement on >> who ports your project to Linux PPC the best. Sponsored by IBM. >> Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php >> _______________________________________________ >> Simplog-devel mailing list >> Sim...@li... >> https://lists.sourceforge.net/lists/listinfo/simplog-devel >> >> !DSPAM:414bcf2b245434155912830! >> |
|
From: Jason L. B. <ja...@bu...> - 2004-09-19 06:06:43
|
Yep- it must be you :) > Finally (Jason, take note!), isUserAuthorized is NOT working properly > for me. On my server it's acting like the values in $_SESSION are > undefined within the function, so it always evaluates false and > doesn't show the blog entries on a protected blog. I'm not sure > why...I assume it works for you guys. I don't think it has to do with > any of the modifications I did to my copy, but I'm still checking that. It probably has to do with the method being invoked before start_session() is called, which initializes the session hash ($_SESSION) according to the php session cookie ID. It might be as simple as putting a 'start_session()' inside the isUserAuthorized method, but that doesn't seem like the right place for it. -jason -- Jason L. Buberel - ja...@bu... - http://www.buberel.org JabberID:ja...@im... - m:+16504831989 |
|
From: Jason L. B. <ja...@bu...> - 2004-09-19 06:04:14
|
Jim, tableName was a legacy value, and with the new DB schema in place, can now be removed. there should no longer be any code that makes use of it...and if there is, it should be fixed anyways. -jason Jim Hu wrote: > > > - I'm getting undefined warnings for $this->entryTableName = > $tableName; in class.blogEntry.php. Being adventurous, I commented it > out and can't see any difference in things working. Does this do > anything? > > - in archive.php and blog.php, > > $line = > marker_sub(stripslashes($blogInfo->getBlogTemplate()),&$blogEntry, > &$blogInfo); > > my PHP installation gives a warning about pass-by-reference being > deprecated in this situation. I removed the "&"s without obvious > deleterious effects. > > - in blocks.php, there is a line that doesn't seem to do anything, but > which generates a warning: > $mo = $match[2]; > I commented it out. > > - In class.Bloginfo.php, there are four places where I think > $blogEntry = new BlogEntry($rs, $this->blogTableName, $this->blogId); > should be changed to > $blogEntry = new BlogEntry($rs); > > - in news.php line 42, > array_push($ids,$res->fields[blog_id]); > should be: > array_push($ids,$res->fields['blog_id']); > with quotes around 'blog_id' > > - note that cache directory should be assigned to group www with read > & write permissions (or whatever is appropriate to allow cache to be > written) > > Finally (Jason, take note!), isUserAuthorized is NOT working properly > for me. On my server it's acting like the values in $_SESSION are > undefined within the function, so it always evaluates false and > doesn't show the blog entries on a protected blog. I'm not sure > why...I assume it works for you guys. I don't think it has to do with > any of the modifications I did to my copy, but I'm still checking that. > > Jim Hu > > > On Sep 18, 2004, at 1:18 AM, Jeremy Ashcraft wrote: > >> After much procrastination, Simplog 0.9.1 is available for download. >> This release fixes a few minor bugs in 0.9. >> >> Now the march towards 1.0! >> >> >> ------------------------------------------------------- >> This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 >> Project Admins to receive an Apple iPod Mini FREE for your judgement on >> who ports your project to Linux PPC the best. Sponsored by IBM. >> Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php >> _______________________________________________ >> Simplog-devel mailing list >> Sim...@li... >> https://lists.sourceforge.net/lists/listinfo/simplog-devel > > > > > ------------------------------------------------------- > This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 > Project Admins to receive an Apple iPod Mini FREE for your judgement on > who ports your project to Linux PPC the best. Sponsored by IBM. > Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php > _______________________________________________ > Simplog-devel mailing list > Sim...@li... > https://lists.sourceforge.net/lists/listinfo/simplog-devel > > !DSPAM:414d1fc663451936720345! > -- Jason L. Buberel - ja...@bu... - http://www.buberel.org JabberID:ja...@im... - m:+16504831989 |
|
From: Jim Hu <ji...@ta...> - 2004-09-19 05:56:01
|
Jeremy,
Great! I just downloaded 0.9.1 and am going through the modified files
to preserve the customizations I did. Minor comments:
- It looked like the fix to bug#43 didn't make it into the copy of
user.php in the release on Sourceforge.
- In blocks.php, insert
$blogid = $_GET['blogid'];
at the beginning of the file for the usual register_globals issue.
I also notice that while things are generally working, Simplog
generates a lot of warnings to my error log. These don't affect
whether Simplog works, but they do fill up the error log and make
debugging things harder. I've listed below how I've dealt with them,
but would very much like feedback about whether any of the changes
proposed below are going to have unintended consequences!
- Many warnings come from entries that do not have trackbacks or
pingbacks, in which case function list_trackbacks($postid) and function
list_pingbacks($postid) never define $list, so that return $list gives
a warning. I changed return $list to
if (isset($list)){
return $list;
}else{
return null;
}
in both functions. I'm not sure if that's a good solution, but it
works.
- Other warnings come from undefined stuff in marker_sub. Looking at
the code, I'm confused about where $row->fields['date'] comes from.
I'm clearly missing something! I changed these to @row->fields['date']
to suppress the warnings
- I'm getting undefined warnings for $this->entryTableName =
$tableName; in class.blogEntry.php. Being adventurous, I commented it
out and can't see any difference in things working. Does this do
anything?
- in archive.php and blog.php,
$line =
marker_sub(stripslashes($blogInfo->getBlogTemplate()),&$blogEntry,
&$blogInfo);
my PHP installation gives a warning about pass-by-reference being
deprecated in this situation. I removed the "&"s without obvious
deleterious effects.
- in blocks.php, there is a line that doesn't seem to do anything, but
which generates a warning:
$mo = $match[2];
I commented it out.
- In class.Bloginfo.php, there are four places where I think
$blogEntry = new BlogEntry($rs, $this->blogTableName, $this->blogId);
should be changed to
$blogEntry = new BlogEntry($rs);
- in news.php line 42,
array_push($ids,$res->fields[blog_id]);
should be:
array_push($ids,$res->fields['blog_id']);
with quotes around 'blog_id'
- note that cache directory should be assigned to group www with read &
write permissions (or whatever is appropriate to allow cache to be
written)
Finally (Jason, take note!), isUserAuthorized is NOT working properly
for me. On my server it's acting like the values in $_SESSION are
undefined within the function, so it always evaluates false and doesn't
show the blog entries on a protected blog. I'm not sure why...I assume
it works for you guys. I don't think it has to do with any of the
modifications I did to my copy, but I'm still checking that.
Jim Hu
On Sep 18, 2004, at 1:18 AM, Jeremy Ashcraft wrote:
> After much procrastination, Simplog 0.9.1 is available for download.
> This release fixes a few minor bugs in 0.9.
>
> Now the march towards 1.0!
>
>
> -------------------------------------------------------
> This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170
> Project Admins to receive an Apple iPod Mini FREE for your judgement on
> who ports your project to Linux PPC the best. Sponsored by IBM.
> Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php
> _______________________________________________
> Simplog-devel mailing list
> Sim...@li...
> https://lists.sourceforge.net/lists/listinfo/simplog-devel
|
|
From: Jason L. B. <ja...@bu...> - 2004-09-18 06:15:02
|
Great news J! Does this include all of the recent CVS checkins from various folks (like me) that happened in the last couple of weeks? Is there anything specific that you want to see addressed in 1.0? I know that I would like to complete the data security implementation that I started with the isUserAuthorized method. cheers, jason Jeremy Ashcraft wrote: > After much procrastination, Simplog 0.9.1 is available for download. > This release fixes a few minor bugs in 0.9. > > Now the march towards 1.0! > > > ------------------------------------------------------- > This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 > Project Admins to receive an Apple iPod Mini FREE for your judgement on > who ports your project to Linux PPC the best. Sponsored by IBM. > Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php > _______________________________________________ > Simplog-devel mailing list > Sim...@li... > https://lists.sourceforge.net/lists/listinfo/simplog-devel > > !DSPAM:414bcf2b245434155912830! > |
|
From: Jeremy A. <ash...@13...> - 2004-09-18 06:00:19
|
After much procrastination, Simplog 0.9.1 is available for download. This release fixes a few minor bugs in 0.9. Now the march towards 1.0! |
|
From: Carlos G. <car...@us...> - 2004-09-11 10:51:12
|
Hi! I have one problem with my RSS when use the "=F1" char I recive this error Warning: Undeclared entity error at line 31, column 391 in=20 W:\www\simplog\class.RSS.php on line 411 And the same error when I try to parse it with IE 6.0 You can test this isue at http://www.carlos-garces.com/simplog/rss2.php "=F1" has encoded as ñ. =BFWhat is the correct encoding? Un saludo Carlos Garces |
|
From: Jim Hu <ji...@ta...> - 2004-09-06 22:11:37
|
I'll post this to bugs too. Line 52 in user.php should read: $enc = md5($_REQUEST['pass1']); Otherwise, users will reset their passwords to the encoding of undef. Jim |
|
From: Jim Hu <ji...@ta...> - 2004-09-02 21:26:03
|
This may be getting beyond the simple in Simplog, but I think it
wouldn't be hard to do.
In edit.php, there is a snippet of code that sets which blog to show
based on the user:
if(!$_REQUEST['blogid']) {
$sql = "SELECT blog_id from blog_acl where user_id=$uid order by
blog_id";
$res = $db->Execute($sql);
$blogid = $res->fields[blog_id];
} else {
$blogid = $_REQUEST['blogid'];
}
It seems to me that this should be in header.php, so it would apply to
all views. $blogid should be passed by login.php and logout.php so
that if a user goes back to the blog they logged out of, instead of to
a default blog.
Jim
|
|
From: Jim Hu <ji...@ta...> - 2004-08-30 23:09:12
|
I'm thinking about modifying comments.php to make comments viewable by all, but postable only by authorized users. I thought that something like this would be useful to avoid comment spambots. Is this a real problem? Is it worth doing this? I'm also wondering if there is a way to have something like Moveable Type's typekey, that creates a universal authorization across multiple sites...is there a way to make Simplog detect Typekey registration? Jim |
|
From: Jim Hu <ji...@ta...> - 2004-08-29 22:32:21
|
Jason, I'm a little confused...I'm viewing what I posted as propose first, get=20= feedback...with code to try since I want to make sure that it works (or=20= at least works almost - I found a minor problem with previewing with my=20= altered config). I've been trying all of my tweaks first before=20 posting, just to make sure that they don't crash and burn horribly. =20= This was a pretty trivial change to implement, so I thought I might as=20= well try it. Are you suggesting I should propose the concept without=20 coding it first (even on my own site?! - note that I didn't post this=20 to the bbs, just to the dev listserve for exactly the reason that you=20 allude to) so that others can suggest better ways to do it? I can do=20 that in future if that's better. I had thought that it would be better=20= to have a working example. I'm very new to this developer list=20 culture, so I apologize if this isn't the way it's done. On Aug 29, 2004, at 9:51 AM, Jason L. Buberel wrote: > Jim, > > Now this would have been a good case for 'propose your changes first,=20= > get feedback, and make the changes afterwards'. Although your approach=20= > does work, I'm not convinced it's the right approach. To be honest, I think my approach is a kludge, and the right way would=20= probably add some fields to the blog_list table in the database for the=20= page_template (I'd probably store the path/filename instead of the html=20= itself, as is done for the entry templates) and to indicate whether a=20 login should be required to view the blog. However, I've been trying=20 to avoid making changes to the database schema. I'm also enough of a=20 newbie to try to make changes in a way where I can go back easily if=20 something goes wrong! > > simplog's current mechanism for this kind of thing, as seen in the=20 > first few lines below, is to check for a file (config.php), then=20 > create it from a master or template if it does not exist (via=20 > install.php process).=A0 Note that I am NOT doing this to customize the appearance of the blog=20 entries - I understand how Simplog does that now, and although the=20 template admin script doesn't work on my setup (I've been editing them=20= directly in mySQL), the entry templating is unchanged by my proposal. =20= I'm changing the ability to customize the web page wrapper that lays=20 out the header/menu/entries/edit/admin/blocks/other. As far as I can=20 tell, the release of Simplog doesn't currently include that, and the=20 standard approach is to make a wrapper that calls blog.php or the rss=20 feed to place the content inside a custom layout. I don't see where=20 config.php comes into it.. I may be missing something...but it seems=20 like this is what we tell people on the bbs all the time. The problem with this is - and I was led to think about this by=20 visiting your blog (which is much prettier than anything I've done with=20= Simplog so far) - that you can have your main entry views laid out as=20 you want, but when you search, pick categories, go to archives, or=20 whatever, Simplog runs archive.php, takes its default header, and now=20 your page doesn't look like your other pages...for example, when I go=20 to http://www.buberel.org/myphpblog/jason.php, you have that nice blue=20= margin, black on white header, tasteful grey background etc. But when=20= I click on "Cooking", I get no blue margin, dark grey text on light=20 grey head banner and so on. When I click "back to jason's blog at=20 buberel.com" instead of using the back button on my browser, I'm still=20= in the grey blog version. Looking at your blog makes me hungry, btw! If you ever make it down=20 here to central TX, look me up and I'll take you out for BBQ or=20 Mexican. > Although separating index.php and header.php is probably a good=20 > thing, what if the 'new blog' creation process was reformulated to do=20= > the same thing? > > 1. Click 'Blog Admin' > 2. Click 'Add Blog' > 3. On the 'new blog' form, there would be a checkbox for 'Use custom=20= > templates' > 4. When the user clicks 'Save', we check the value of the checkbox > 5. If selected, we create copies of the blog layout and formatting=20 > template files, using the blog_id as part of the file name, then show=20= > a message to the user with the names of the files they can now=20 > customize. > > How about that approach? That might be a nice way to do it - and would be compatible with the=20 approach I proposed, unless I misunderstand you. However, I think a=20 simpler alternative would be to leave off the checkbox and just create=20= the copies of the files - and tell the users in the help=20 file/documentation/bbs how to customize. The copies are small, so the=20= extra storage is pretty trivial, and if the user doesn't want to=20 customize, it would be transparent that the different blogs are running=20= off different but identical template copies (I have a feeling I could=20 have said that more clearly but I hope you see what I mean...). Jim > > -jason > <snip>= |
|
From: Jason L. B. <ja...@bu...> - 2004-08-29 14:46:37
|
Jim,
Now this would have been a good case for 'propose your changes first,
get feedback, and make the changes afterwards'. Although your approach
does work, I'm not convinced it's the right approach.
simplog's current mechanism for this kind of thing, as seen in the first
few lines below, is to check for a file (config.php), then create it
from a master or template if it does not exist (via install.php
process). Although separating index.php and header.php is probably a
good thing, what if the 'new blog' creation process was reformulated to
do the same thing?
1. Click 'Blog Admin'
2. Click 'Add Blog'
3. On the 'new blog' form, there would be a checkbox for 'Use custom
templates'
4. When the user clicks 'Save', we check the value of the checkbox
5. If selected, we create copies of the blog layout and formatting
template files, using the blog_id as part of the file name, then show a
message to the user with the names of the files they can now customize.
How about that approach?
-jason
Jim Hu wrote:
> To make customizing the appearance and behavior of different blogs
> easier (at least for me), I broke up the index.php and header.php
> files so that they would call different layout options that I'm
> keeping in a subdirectory called layout.
>
> The new index.php is just:
> ------------------------------------------------------------------------
> ----
> <?php
> if(!file_exists("config.php")) {
> header("Location: install.php");
> exit(0);
> }
>
> session_start();
> require_once("lib.php");
> require_once("class.BlogInfo.php");
> require_once("class.BlogEntry.php");
>
> $blogid = $_GET['blogid'];
>
> if(!isset($blogid)) {
> $blogid = 1; #set default blog to see
> }
> $blogInfo = new BlogInfo($blogid);
> include("header.php");
>
> $testindexfile = "layout/index".$blogid.".php";
> if (file_exists($testindexfile)){
> $indexfile = $testindexfile;
> }else{
> $indexfile = "layout/index0.php";
> }
> include($indexfile);
> ?>
> ------------------------------------------------------------------------
> ----
> The new header.php file is reduced to:
>
> <?php
> header("X-Pingback: $baseurl/api.php\n");
>
> if(!isset($blogInfo)) {
> $btitle = "Simplog";
> } else {
> $btitle = $blogInfo->getBlogTitle();
> $btag = $blogInfo->getBlogTagline();
> }
>
> if(isLoggedIn()) {
> $uid = getUID($_SESSION['login']);
> }
>
> $testheaderfile = "layout/header".$blogid.".php";
> if (file_exists($testheaderfile)){
> $headerfile = $testheaderfile;
> }else{
> $headerfile = "layout/header0.php";
> }
>
> include($headerfile);
>
> if(isLoggedIn()) {
> show_menu();
> }
> ?>
> <br>
> ------------------------------------------------------------------------
> ----
> inside the layout subdirectory I have a series of files named
> header0, header1, header11 etc, and index0, index1.... plus the css
> files. Only header0 and index0 are necessary
> layout/header0.php is the missing pieces of the original header.php:
> ------------------------------------------------------------------------
> ----
> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
> <html>
> <head>
> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
> <title><?=$btitle?>: <?=$btag?></title>
>
> <script language="javascript" type="text/javascript"
> src="<?=$baseurl?>/simplog.js"></script>
>
> <link rel="alternate" type="text/xml" title="RSS"
> href="<?=$baseurl?>/rss2.php" />
> <link rel="pingback" href="<?=$baseurl?>/api.php" />
> <link rel="stylesheet" href="<?=$baseurl?>/layout/simplog.css"
> type="text/css" />
> </head>
> <body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0
> topmargin=0>
> <table width=100% border=0 cellspacing=0 cellpadding=5 class=header>
> <tr>
> <td align=left><span class=blogname><?=$btitle?></span><br><span
> class=blogtag><?=$btag?></span></td>
> </tr>
> </table>
> ------------------------------------------------------------------------
> ----
> The alternate headers are customized to modify appearance (I specify
> which css to use in each one, so some blogs can share css files),
> plus to make a blog require user login (which I want for all the
> blogs I'm using to control other websites), I add
>
> <?php
> if(!isLoggedIn()) {
> auth();
> }
> ?>
> to the header. This also makes the headers look different for all
> the views of the blog - archives, search results, edit pages etc.
>
> layout/index0.php is just the missing pieces of the original index.php:
> ------------------------------------------------------------------------
> ----
>
> <table cellpadding=0 cellspacing=0 border=0 width="100%"
> style="height:90%;">
> <tr valign="top">
> <td style="border-right:1px solid #999999;padding-right:24px;">
> <div style="padding:10px;">
>
> <?php @include("$baseurl/blog.php?blogid=$blogid"); ?>
>
> </div>
> </td>
> <td align="center" width=150 style="padding-left: 24px;">
>
> <?php include("blocks.php"); ?>
>
> </td>
> </tr>
> </table>
>
> </body>
> </html>
> ------------------------------------------------------------------------
> ----
> Obviously, this allows me to alter the appearance of the individual
> blog pages, put blocks on the left, add other stuff etc.
>
> To a naive user, one could just install and use the defaults.
> Changing the appearance of different blogs and staying within that
> look and feel is easier for the slightly more sophisticated user with
> this approach than by feeding blog content to another page, as
> internal navigation links don't have to be adjusted at all. Would
> this be worth including in the next version?
>
> Jim
>
>
>
> -------------------------------------------------------
> This SF.Net email is sponsored by BEA Weblogic Workshop
> FREE Java Enterprise J2EE developer tools!
> Get your free copy of BEA WebLogic Workshop 8.1 today.
> http://ads.osdn.com/?ad_id=5047&alloc_id=10808&op=click
> _______________________________________________
> Simplog-devel mailing list
> Sim...@li...
> https://lists.sourceforge.net/lists/listinfo/simplog-devel
>
> !DSPAM:4131891c71631195073659!
>
|
|
From: Jim Hu <ji...@ta...> - 2004-08-29 07:42:21
|
To make customizing the appearance and behavior of different blogs
easier (at least for me), I broke up the index.php and header.php files
so that they would call different layout options that I'm keeping in a
subdirectory called layout.
The new index.php is just:
------------------------------------------------------------------------
----
<?php
if(!file_exists("config.php")) {
header("Location: install.php");
exit(0);
}
session_start();
require_once("lib.php");
require_once("class.BlogInfo.php");
require_once("class.BlogEntry.php");
$blogid = $_GET['blogid'];
if(!isset($blogid)) {
$blogid = 1; #set default blog to see
}
$blogInfo = new BlogInfo($blogid);
include("header.php");
$testindexfile = "layout/index".$blogid.".php";
if (file_exists($testindexfile)){
$indexfile = $testindexfile;
}else{
$indexfile = "layout/index0.php";
}
include($indexfile);
?>
------------------------------------------------------------------------
----
The new header.php file is reduced to:
<?php
header("X-Pingback: $baseurl/api.php\n");
if(!isset($blogInfo)) {
$btitle = "Simplog";
} else {
$btitle = $blogInfo->getBlogTitle();
$btag = $blogInfo->getBlogTagline();
}
if(isLoggedIn()) {
$uid = getUID($_SESSION['login']);
}
$testheaderfile = "layout/header".$blogid.".php";
if (file_exists($testheaderfile)){
$headerfile = $testheaderfile;
}else{
$headerfile = "layout/header0.php";
}
include($headerfile);
if(isLoggedIn()) {
show_menu();
}
?>
<br>
------------------------------------------------------------------------
----
inside the layout subdirectory I have a series of files named header0,
header1, header11 etc, and index0, index1.... plus the css files. Only
header0 and index0 are necessary
layout/header0.php is the missing pieces of the original header.php:
------------------------------------------------------------------------
----
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title><?=$btitle?>: <?=$btag?></title>
<script language="javascript" type="text/javascript"
src="<?=$baseurl?>/simplog.js"></script>
<link rel="alternate" type="text/xml" title="RSS"
href="<?=$baseurl?>/rss2.php" />
<link rel="pingback" href="<?=$baseurl?>/api.php" />
<link rel="stylesheet" href="<?=$baseurl?>/layout/simplog.css"
type="text/css" />
</head>
<body bgcolor=#ffffff marginwidth=0 marginheight=0 leftmargin=0
topmargin=0>
<table width=100% border=0 cellspacing=0 cellpadding=5 class=header>
<tr>
<td align=left><span class=blogname><?=$btitle?></span><br><span
class=blogtag><?=$btag?></span></td>
</tr>
</table>
------------------------------------------------------------------------
----
The alternate headers are customized to modify appearance (I specify
which css to use in each one, so some blogs can share css files), plus
to make a blog require user login (which I want for all the blogs I'm
using to control other websites), I add
<?php
if(!isLoggedIn()) {
auth();
}
?>
to the header. This also makes the headers look different for all the
views of the blog - archives, search results, edit pages etc.
layout/index0.php is just the missing pieces of the original index.php:
------------------------------------------------------------------------
----
<table cellpadding=0 cellspacing=0 border=0 width="100%"
style="height:90%;">
<tr valign="top">
<td style="border-right:1px solid #999999;padding-right:24px;">
<div style="padding:10px;">
<?php @include("$baseurl/blog.php?blogid=$blogid"); ?>
</div>
</td>
<td align="center" width=150 style="padding-left: 24px;">
<?php include("blocks.php"); ?>
</td>
</tr>
</table>
</body>
</html>
------------------------------------------------------------------------
----
Obviously, this allows me to alter the appearance of the individual
blog pages, put blocks on the left, add other stuff etc.
To a naive user, one could just install and use the defaults. Changing
the appearance of different blogs and staying within that look and feel
is easier for the slightly more sophisticated user with this approach
than by feeding blog content to another page, as internal navigation
links don't have to be adjusted at all. Would this be worth including
in the next version?
Jim
|
|
From: Jason B. <ja...@bu...> - 2004-08-27 04:25:38
|
My commits are in CVS now. This includes the 'isUserAuthorzied' method on class.BlogInfo.php and related security checks in blog.php, blocks.php, archive.php. A few other minor changes. |
|
From: Jeremy A. <ash...@13...> - 2004-08-26 22:13:29
|
got the latest fixes in CVS, mainly just a cleanup of that last remaining vars that were supposed to be $_REQUEST vars that weren't. I also fixed the JS code in admin.php so the user list behaves correctly when creating a new blog (attached) I'm heading out of town tomorrow until after labor day and will make 0.9.1 available after i get back. Jim: set up a sourceforge account and I'll add you to the project so you can have CVS access and pull the latest code. later jeremy |
|
From: Jeremy A. <ash...@13...> - 2004-08-25 15:42:04
|
I started on fixing the JS last night and have all of the little fixes from 0.9.1 already checked in. I'll finish up the JS fix(hopefully today as i'm not real busy at work at the moment), release 0.9.1, then we can sit down and figure out what to work on next. Jim Hu wrote: > Jeremy, > > I was thinking along the same lines - with your new kid etc., I'm sure > you're swamped! How can we help? Not that I should be spending a lot > of time on this now that the semester is about to start...but I enjoy > coding as a recreational distraction from the other stuff in my life. > Would either of you like me to send an archive of my installation that > has my mods in it (I'm still clueless about the CVS)? > > Jim > > On Aug 25, 2004, at 9:06 AM, Jason Buberel wrote: > >> How soon might that be coming up? I've got some time that I could >> spend trying to get some of the recent fixes (from myself RE: >> security, from Jim, etc.) submitted to CVS. Want me to take a shot at >> that? >> >> -jason >> >> Jeremy Ashcraft wrote: >> >>> ya, there is some JS i need to fix. It is indescriminately >>> selecting all users in the list (left over from an old version of th >>> admin interface). It needs to be based on the type selected. I'm >>> working on correcting it for the 0.9.1 maintenence release. >>> >>> Jason Buberel wrote: >>> >>>> Jim, >>>> >>>> I also ran into some funky javascript problems recently when trying >>>> to create that new 'private' blog for my wife. In the end, I >>>> created the blog manually with some SQL statements then used the >>>> Admin UI to finish it up. >>>> >>>> The user ACL javascript stuff is definitely crufty and in need of >>>> some fixups. >>>> >>>> -jason >>>> >>>> Jim Hu wrote: >>>> >>>>> Is anyone else having problems with the user admin stuff? I'm >>>>> trying to figure out >>>>> >>>>> 1) how to make adding a new blog stop adding all the users in the >>>>> user list to every new blog. >>>>> 2) why the add/delete users to blog_acl isn't working the way I >>>>> expect. >>>>> >>>>> I'm also having more trouble than usual navigating my way through >>>>> the code...probably due to my lack of expertise in javascript. >>>>> >>>>> Jim >>>>> >>>>> >>>>> >>>>> ------------------------------------------------------- >>>>> SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank >>>>> Media >>>>> 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 >>>>> Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift. >>>>> http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 >>>>> _______________________________________________ >>>>> Simplog-devel mailing list >>>>> Sim...@li... >>>>> https://lists.sourceforge.net/lists/listinfo/simplog-devel >>>>> >>>>> >>>>> >>> >>> >>> !DSPAM:412c29c163872044317020! >>> >> >> >> ------------------------------------------------------- >> SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media >> 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 >> Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift. >> http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 >> _______________________________________________ >> Simplog-devel mailing list >> Sim...@li... >> https://lists.sourceforge.net/lists/listinfo/simplog-devel >> > |
|
From: Jason B. <ja...@bu...> - 2004-08-25 14:06:27
|
How soon might that be coming up? I've got some time that I could spend trying to get some of the recent fixes (from myself RE: security, from Jim, etc.) submitted to CVS. Want me to take a shot at that? -jason Jeremy Ashcraft wrote: > ya, there is some JS i need to fix. It is indescriminately selecting > all users in the list (left over from an old version of th admin > interface). It needs to be based on the type selected. I'm working > on correcting it for the 0.9.1 maintenence release. > > Jason Buberel wrote: > >> Jim, >> >> I also ran into some funky javascript problems recently when trying >> to create that new 'private' blog for my wife. In the end, I created >> the blog manually with some SQL statements then used the Admin UI to >> finish it up. >> >> The user ACL javascript stuff is definitely crufty and in need of >> some fixups. >> >> -jason >> >> Jim Hu wrote: >> >>> Is anyone else having problems with the user admin stuff? I'm >>> trying to figure out >>> >>> 1) how to make adding a new blog stop adding all the users in the >>> user list to every new blog. >>> 2) why the add/delete users to blog_acl isn't working the way I expect. >>> >>> I'm also having more trouble than usual navigating my way through >>> the code...probably due to my lack of expertise in javascript. >>> >>> Jim >>> >>> >>> >>> ------------------------------------------------------- >>> SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media >>> 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 >>> Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift. >>> http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 >>> _______________________________________________ >>> Simplog-devel mailing list >>> Sim...@li... >>> https://lists.sourceforge.net/lists/listinfo/simplog-devel >>> >>> >>> > > > !DSPAM:412c29c163872044317020! > |
|
From: Jeremy A. <ash...@13...> - 2004-08-25 05:55:01
|
ya, there is some JS i need to fix. It is indescriminately selecting all users in the list (left over from an old version of th admin interface). It needs to be based on the type selected. I'm working on correcting it for the 0.9.1 maintenence release. Jason Buberel wrote: > Jim, > > I also ran into some funky javascript problems recently when trying to > create that new 'private' blog for my wife. In the end, I created the > blog manually with some SQL statements then used the Admin UI to > finish it up. > > The user ACL javascript stuff is definitely crufty and in need of some > fixups. > > -jason > > Jim Hu wrote: > >> Is anyone else having problems with the user admin stuff? I'm trying >> to figure out >> >> 1) how to make adding a new blog stop adding all the users in the >> user list to every new blog. >> 2) why the add/delete users to blog_acl isn't working the way I expect. >> >> I'm also having more trouble than usual navigating my way through the >> code...probably due to my lack of expertise in javascript. >> >> Jim >> >> >> >> ------------------------------------------------------- >> SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media >> 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 >> Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift. >> http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 >> _______________________________________________ >> Simplog-devel mailing list >> Sim...@li... >> https://lists.sourceforge.net/lists/listinfo/simplog-devel >> >> !DSPAM:412b886a137221429143427! >> |
|
From: Jason B. <ja...@bu...> - 2004-08-24 18:38:20
|
Jim, I also ran into some funky javascript problems recently when trying to create that new 'private' blog for my wife. In the end, I created the blog manually with some SQL statements then used the Admin UI to finish it up. The user ACL javascript stuff is definitely crufty and in need of some fixups. -jason Jim Hu wrote: > Is anyone else having problems with the user admin stuff? I'm trying > to figure out > > 1) how to make adding a new blog stop adding all the users in the user > list to every new blog. > 2) why the add/delete users to blog_acl isn't working the way I expect. > > I'm also having more trouble than usual navigating my way through the > code...probably due to my lack of expertise in javascript. > > Jim > > > > ------------------------------------------------------- > SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media > 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 > Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift. > http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 > _______________________________________________ > Simplog-devel mailing list > Sim...@li... > https://lists.sourceforge.net/lists/listinfo/simplog-devel > > !DSPAM:412b886a137221429143427! > |
|
From: Jim Hu <ji...@ta...> - 2004-08-24 18:25:13
|
Is anyone else having problems with the user admin stuff? I'm trying to figure out 1) how to make adding a new blog stop adding all the users in the user list to every new blog. 2) why the add/delete users to blog_acl isn't working the way I expect. I'm also having more trouble than usual navigating my way through the code...probably due to my lack of expertise in javascript. Jim |
|
From: Jim Hu <ji...@ta...> - 2004-08-24 02:01:27
|
I found that when I inserted a variety of html tags in the simplog
textarea, the nl2br function was putting in many more <br /> tags than
I wanted. This was especially bad when I would include a table, as the
<br />s would be displayed outside the table, pushing it down the page
a long way from the preceding text, unless I changed the table part to
one big line, which made it hard to read. I wanted to keep the ability
to provide <br /> tags at the end of blocks of text, however...so I did
a brute force patch of marker_sub in lib.php. Here's the altered code:
I changed:
if($blogEntry->entryFormat) {
$blogEntry->entryBody = nl2br($blogEntry->entryBody);
}
to:
if($blogEntry->entryFormat) {
#remove trailing spaces
$blogEntry->entryBody =
preg_replace("/\040+\n/","\${1}\n\$3",$blogEntry->entryBody);
#add breaks
$blogEntry->entryBody = nl2br($blogEntry->entryBody);
#remove breaks following selected formatting tags
$blogEntry->entryBody = str_replace('tr><br
/>','tr>',$blogEntry->entryBody);
$blogEntry->entryBody = str_replace('th><br
/>','th>',$blogEntry->entryBody);
$blogEntry->entryBody = str_replace('td><br
/>','td>',$blogEntry->entryBody);
$blogEntry->entryBody = str_replace('h1><br
/>','h1>',$blogEntry->entryBody);
$blogEntry->entryBody = str_replace('h2><br
/>','h2>',$blogEntry->entryBody);
$blogEntry->entryBody = str_replace('h3><br
/>','h3>',$blogEntry->entryBody);
$blogEntry->entryBody = str_replace('h4><br
/>','h4>',$blogEntry->entryBody);
$blogEntry->entryBody = str_replace('h5><br
/>','h5>',$blogEntry->entryBody);
$blogEntry->entryBody = str_replace('\"top\"><br
/>','\"top\">',$blogEntry->entryBody);
$blogEntry->entryBody = str_replace('\"left\"><br
/>','\"left\">',$blogEntry->entryBody);
$blogEntry->entryBody = str_replace('ul><br
/>','ul>',$blogEntry->entryBody);
$blogEntry->entryBody = str_replace('li><br
/>','li>',$blogEntry->entryBody);
}
I didn't want to just str_replace on '><br />' in case there is a tag
that really should be followed by a line break. Note that I used
\040+\n in the preg_replace instead of \s+\n to catch only spaces
before newlines. The latter removes whitespace between paragraphs that
the user usually wants. The code is ugly, but the display is a lot
nicer! If there is a cleaner way to do this (for example, I suspect
that I could make better use of preg_replace so that I wouldn't need to
do each of the h tags separately, but I'm not sure how), I'd be
interested.
Jim
|
