Menu
▾
▴
slashcode-general — This is the general discussion list. Install questions welcome.
You can subscribe to this list here.
| 2001 |
Jan
|
Feb
(30) |
Mar
(123) |
Apr
(188) |
May
(90) |
Jun
(68) |
Jul
(129) |
Aug
(72) |
Sep
(97) |
Oct
(99) |
Nov
(168) |
Dec
(35) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2002 |
Jan
(75) |
Feb
(55) |
Mar
(104) |
Apr
(49) |
May
(12) |
Jun
(11) |
Jul
(47) |
Aug
(104) |
Sep
(14) |
Oct
(26) |
Nov
(31) |
Dec
(10) |
| 2003 |
Jan
(78) |
Feb
(76) |
Mar
(47) |
Apr
(30) |
May
(19) |
Jun
(36) |
Jul
(48) |
Aug
(43) |
Sep
(54) |
Oct
(25) |
Nov
(79) |
Dec
(39) |
| 2004 |
Jan
(43) |
Feb
(14) |
Mar
(17) |
Apr
(15) |
May
(18) |
Jun
(20) |
Jul
(7) |
Aug
(30) |
Sep
(49) |
Oct
(17) |
Nov
(14) |
Dec
(72) |
| 2005 |
Jan
(55) |
Feb
(27) |
Mar
(34) |
Apr
(15) |
May
(8) |
Jun
(23) |
Jul
(7) |
Aug
(19) |
Sep
(3) |
Oct
(44) |
Nov
(3) |
Dec
|
| 2006 |
Jan
(20) |
Feb
(5) |
Mar
(8) |
Apr
(12) |
May
(16) |
Jun
(22) |
Jul
(39) |
Aug
(65) |
Sep
(4) |
Oct
(11) |
Nov
|
Dec
(5) |
| 2007 |
Jan
(2) |
Feb
(2) |
Mar
(8) |
Apr
(3) |
May
(28) |
Jun
(6) |
Jul
(3) |
Aug
(9) |
Sep
(15) |
Oct
|
Nov
(12) |
Dec
(2) |
| 2008 |
Jan
(3) |
Feb
(14) |
Mar
|
Apr
(4) |
May
|
Jun
(12) |
Jul
|
Aug
|
Sep
|
Oct
|
Nov
(1) |
Dec
(1) |
| 2009 |
Jan
|
Feb
(2) |
Mar
(4) |
Apr
|
May
|
Jun
(14) |
Jul
|
Aug
(1) |
Sep
(66) |
Oct
(21) |
Nov
|
Dec
(1) |
| 2010 |
Jan
(2) |
Feb
(2) |
Mar
(2) |
Apr
(1) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2011 |
Jan
|
Feb
(100) |
Mar
(17) |
Apr
(1) |
May
(1) |
Jun
|
Jul
(3) |
Aug
|
Sep
|
Oct
(2) |
Nov
|
Dec
|
|
From: Wakko <una...@ho...> - 2001-08-31 17:06:03
|
Or maybe a more immediate solution is to have redundancy checking in slash. If more than one slash-site is installed, there could be an optional flag to have it only cache one copy of the templates, and share the cache between the sites. However, this would only work if the sites all used the same templates. Though, the big problem would be when more than one site accessed a particular template at the same time. Any sort of file-access queueing would effectively reduce the performance of ALL the installed slash-sites ---Wakko. ----- Original Message ----- From: "Micah Yoder" <yo...@ho...> To: <sla...@li...> Sent: Wednesday, August 29, 2001 6:06 PM Subject: Re: [Slashcode-general] Memory usage > > decrease the number of httpd processes you have running - if the sites > > you're running aren't that busy, then you won't be needing as many. > > Since Slash does so much caching, it does tend to use a good deal of > > memory. > > OK. there are 11 processes now. So compiled Perl modules and cached > templates are NOT shared between httpd processes? > > Will Apache 2 fix this problem with its hybrid thread/process model? Will > mod_perl and Slash be able to take advantage of this? > > Thanks > > -- > Like to travel? http://TravTalk.org > Micah Yoder Internet Development http://yoderdev.com > > > _______________________________________________ > Slashcode-general mailing list > Sla...@li... > http://lists.sourceforge.net/lists/listinfo/slashcode-general > |
|
From: Josh K. <kr...@ma...> - 2001-08-31 14:08:47
|
I had the same thing with an author with a seclev of 500. It hasn't happened since I (reluctantly) gave them a seclev of 1000. I just had to tell them not to mess with anything but writing stories. ---------------------------- Josh Krikke Systems Administrator Macatawa Area Community Network 76 1/2 E. 8th St. Holland, MI 49423 > -----Original Message----- > From: sla...@li... > [mailto:sla...@li...]On Behalf Of Micah > Yoder > Sent: Thursday, August 30, 2001 2:45 PM > To: sla...@li... > Subject: [Slashcode-general] Author flag keeps getting cleared > > > This is strange. > > I have another author, to whom I gave seclev 100, keeps having his author > flag cleared in the database. This has happened twice. What gives? > > Thanks for the mod_perl site suggestion. Heavy reading there but i guess > I'll have to do it before I get many more sites. > > -- > Like to travel? http://TravTalk.org > Micah Yoder Internet Development http://yoderdev.com > > > _______________________________________________ > Slashcode-general mailing list > Sla...@li... > http://lists.sourceforge.net/lists/listinfo/slashcode-general > |
|
From: Micah Y. <yo...@ho...> - 2001-08-30 21:44:43
|
This is strange. I have another author, to whom I gave seclev 100, keeps having his author flag cleared in the database. This has happened twice. What gives? Thanks for the mod_perl site suggestion. Heavy reading there but i guess I'll have to do it before I get many more sites. -- Like to travel? http://TravTalk.org Micah Yoder Internet Development http://yoderdev.com |
|
From: Alessio B. <al...@al...> - 2001-08-30 14:54:23
|
Dave Hodgkinson wrote: > Sit down and have a good read of the mod_perl guide: > http://perl.apache.org/guide/ > > What you need is to put a "lite" apache on the front and trim the > number of Apache processes right back. I strongly agree with both suggestions. -- Alessio F. Bragadini al...@al... APL Financial Services http://village.albourne.com Nicosia, Cyprus phone: +357-2-755750 "It is more complicated than you think" -- The Eighth Networking Truth from RFC 1925 |
|
From: <al...@ya...> - 2001-08-30 14:08:40
|
--- Phil Reed <pr...@dn...> wrote:
> Picking one that looks needed, I decided to force install DBD::mysql just
> to see what happens. It failed, apparently looking for something related to
> DBI. So, I force installed DBI, and *IT* fails, with
You should really have installed DBI before the DBD like it said.
> Hmmm. Dig around. Maybe I should be installing Bundle::DBI? Well, it can't
> hurt. When I try that, it runs for a while and then I get the same failure.
> Hmm. Have I stumbled on a real bug?
Have you read the install document ? it explains this.
> So. Is this part really necessary for Slashcode? If so, then how did
> anybody else get it installed?
Apparently someone on this mailing list noticed recently that Bundle Slash doesn't
work. Install each individual perl module separately. If you think that CPAN.pm is not
helping then don't use it. It is optional.
Sounds like you've messed up your perl installation.
PS do you have multiple versions of perl on your machine? I bet that is why CPAN
is repeatedly installing perl 5.6.1 - because it looks and finds an old version of perl.
Do a
find / -name "perl" -exec ls -l {} \;
Goodluck.
Yep perl modules are a bit of a pain but they are FAR better than anything else I have
come across in any language or any platform.
Alex
=====
Alex McLintock al...@OW... Open Source Consultancy in London
OpenWeb Analysts Ltd, http://www.OWAL.co.uk/
SF and Computing Book News and Reviews: http://news.diversebooks.com/
Get Your XML T-Shirt <t-shirt/> at http://www.inversity.co.uk/
____________________________________________________________
Do You Yahoo!?
Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk
or your free @yahoo.ie address at http://mail.yahoo.ie
|
|
From: Phil R. <pr...@dn...> - 2001-08-30 12:14:55
|
Well, after the last problem seemed to go away (I went ahead and finished
the Apache installation, and it seems to be working correctly), I've been
madly installing and reinstalling Perl modules. I finally got to the point
of installing Bundle::Slash, and after a couple of tries, I am now
consistently getting this from CPAN:
Bundle summary: The following items in bundle Bundle::Slash had
installation problems:
Bundle::CPAN DBI DBI::FAQ Bundle::DBD::mysql Apache::Cookie Template and
the following items had problems during recursive bundle calls:
Bundle::libnet DBD::mysql Mysql Net::Telnet
So much scrolls past that I couldn't begin to tell what in particular fails
(can somebody tell me how to capture the output from CPAN?). How many of
these are important?
Picking one that looks needed, I decided to force install DBD::mysql just
to see what happens. It failed, apparently looking for something related to
DBI. So, I force installed DBI, and *IT* fails, with
make: *** No rule to make target `blib/arch/auto/DBI/Driver.xst',
needed by `Perl.xsi'. Stop.
Hmmm. Dig around. Maybe I should be installing Bundle::DBI? Well, it can't
hurt. When I try that, it runs for a while and then I get the same failure.
Hmm. Have I stumbled on a real bug?
So. Is this part really necessary for Slashcode? If so, then how did
anybody else get it installed?
(And how the hell do you tell CPAN to quit trying to reinstall Perl? I'm
already running the current version 5.6.1. Half my time yesterday was spent
installing modules, then finally installing Perl 5.6.1 because stuff kept
trying to install it, then discovering that reinstalling Perl wiped out all
the modules so trying to get them reinstalled. Then stupid Data::Dumper
kept on trying to recursively install Perl again. This is getting to be as
bad as trying to figure out Microsoft service packs.)
Moderately frustrated,
---
...phil
"For a list of all the ways technology has failed
to improve the quality of life, press 3."
|
|
From: Dave H. <da...@ho...> - 2001-08-30 08:12:30
|
Micah Yoder <yo...@ho...> writes: > > decrease the number of httpd processes you have running - if the sites > > you're running aren't that busy, then you won't be needing as many. > > Since Slash does so much caching, it does tend to use a good deal of > > memory. > > OK. there are 11 processes now. So compiled Perl modules and cached > templates are NOT shared between httpd processes? Sit down and have a good read of the mod_perl guide: http://perl.apache.org/guide/ What you need is to put a "lite" apache on the front and trim the number of Apache processes right back. Also, you _can_ share a truckload of code. The techniques for doing this are again in the guide. > > Will Apache 2 fix this problem with its hybrid thread/process model? Will > mod_perl and Slash be able to take advantage of this? To an extent. -- Dave Hodgkinson, http://www.hodgkinson.org Editor-in-chief, The Highway Star http://www.deep-purple.com Interim CTO, web server farms, technical strategy ---------------------------------------- |
|
From: Dave K. <da...@fq...> - 2001-08-30 06:11:33
|
At 10:34 AM +0300 8/28/01, Alessio Bragadini or a damn good imposter wrote: > > If I change it to "slash:slash:nanodot.org", slashd simply exists with no error and "PID = (blank)". > >Does user slash have a valid shell? Yes, and a valid home directory. So does "nobody". Dave Dave Krieger | dav...@po... | http://www.davekrieger.net da...@fq... is going away! Update all your address books and aliases to dav...@po... PGP Key Hashes: RSA: 86B2 B14F 18D2 63B4 2A48 6B66 B2F7 B6F9 DSS: DE8C 9199 2733 AE2B B6CE 04FB A788 735D B6A8 59F7 |
|
From: Micah Y. <yo...@ho...> - 2001-08-30 04:05:46
|
> decrease the number of httpd processes you have running - if the sites > you're running aren't that busy, then you won't be needing as many. > Since Slash does so much caching, it does tend to use a good deal of > memory. OK. there are 11 processes now. So compiled Perl modules and cached templates are NOT shared between httpd processes? Will Apache 2 fix this problem with its hybrid thread/process model? Will mod_perl and Slash be able to take advantage of this? Thanks -- Like to travel? http://TravTalk.org Micah Yoder Internet Development http://yoderdev.com |
|
From: Patrick G. <cap...@sl...> - 2001-08-30 03:12:52
|
Micah Yoder wrote: > > When my httpd goes 2 or 3 days without a restart, it appears to be hogging > about 300 megs of RAM. My server has 4 Slash sites, none of which are > getting a lot of traffic. What gives? > > Is this a memory leak somewhere or does Slash really take that much memory, > with compiled templates & such? > decrease the number of httpd processes you have running - if the sites you're running aren't that busy, then you won't be needing as many. Since Slash does so much caching, it does tend to use a good deal of memory. > I was hoping to get at least 10-15 sites into my 512MB RAM... What are your > experiences? Guess I might have to upgrade to a gig or two sooner than I was > hoping. > > -- > Like to travel? http://TravTalk.org > Micah Yoder Internet Development http://yoderdev.com > > _______________________________________________ > Slashcode-general mailing list > Sla...@li... > http://lists.sourceforge.net/lists/listinfo/slashcode-general |
|
From: Micah Y. <yo...@ho...> - 2001-08-30 00:07:08
|
When my httpd goes 2 or 3 days without a restart, it appears to be hogging about 300 megs of RAM. My server has 4 Slash sites, none of which are getting a lot of traffic. What gives? Is this a memory leak somewhere or does Slash really take that much memory, with compiled templates & such? I was hoping to get at least 10-15 sites into my 512MB RAM... What are your experiences? Guess I might have to upgrade to a gig or two sooner than I was hoping. -- Like to travel? http://TravTalk.org Micah Yoder Internet Development http://yoderdev.com |
|
From: Micah Y. <yo...@ho...> - 2001-08-29 20:06:59
|
I would also be interested in anything that comes out of this. I have some PHP based travel sites that I'd like to integrate more with TravTalk. I could perhaps use the same user database as Slash, except for the minor issue that my PHP programs use PostgreSQL ... -- Like to travel? http://TravTalk.org Micah Yoder Internet Development http://yoderdev.com |
|
From: Phil R. <pr...@dn...> - 2001-08-29 16:15:17
|
Thanks for the prompt reply (both you and Vann). >I'm actually at the same stage with my test slash installation. When I >installed my >live one (http://news.DiverseBooks.com) I think I just ignored this test and >it worked ok anyway. > >One possibility is that you installed RedHat Linux with the ipchains >firewalling stuff. The test starts httpd on an abnormal port (8529 I see) >and it may be that your ipchains is banning access to that. Yes, I did install IPchains. At Vann's suggestion, I flushed the chain rules. make test gives the same error as before, but this time when I try to connect with a browser to the server (still at port 8529), I get a "Forbidden" error. So, in fact the ipchains was in the way, but there's something else going on. >Of course I could be wrong. You're doing OK so far. :-) --- ...phil "For a list of all the ways technology has failed to improve the quality of life, press 3." |
|
From: LT V. H. W. <wa...@us...> - 2001-08-29 15:09:35
|
> > > > >One possibility is that you installed RedHat Linux with the ipchains >firewalling stuff. The test starts httpd on an abnormal port (8529 I see) >and it may be that your ipchains is banning access to that. > This is where I'd look. Try an ipchains -F to clear your firewall rules then re-run the test. Depending on which firewall setup you choose on install and what your desired final configuration is, you may need to alter them more permanently (the ipchains -F will reset after a reboot). Also, if you're really using the firewall rule set for security, make sure to get it back up quickly... Vann |
|
From: <al...@ya...> - 2001-08-29 14:15:40
|
--- Phil Reed <pr...@dn...> wrote: > Greetings. I'm relatively new to the world of Linux (been in the fringes > for a while, but just now getting seriously started). I have a > dual-processor box with Red Hat 7.1 on it, and I'm slowly trudging my way > through the instructions on installing Slashcode. Things have been > proceeding more-or-less acceptably, until I get to the point of installing > Apache via the mod_perl route as listed in the Slash Install document. I do > the 'make test' step, and it fails thusly: > > cp t/conf/mod_perl_srm.conf t/conf/srm.conf > ../apache/src/httpd -f `pwd`/t/conf/httpd.conf -X -d `pwd`/t & > httpd listening on port 8529 > will write error_log to: t/logs/error_log > letting apache warm up...\c > done > /usr/bin/perl t/TEST 0 > still waiting for server to warm up...............not ok > server failed to start! (please examine t/logs/error_log) at t/TEST line 95. > make: *** [run_tests] Error 9 > [root@www mod_perl]# I'm actually at the same stage with my test slash installation. When I installed my live one (http://news.DiverseBooks.com) I think I just ignored this test and it worked ok anyway. One possibility is that you installed RedHat Linux with the ipchains firewalling stuff. The test starts httpd on an abnormal port (8529 I see) and it may be that your ipchains is banning access to that. Of course I could be wrong. The setup of Apache is the biggest problem with the slashcode docs (which are in general quite good). setup of Apache is not easy and if you want anything out of the ordinary then you need an expert handy IMHO. Alex ===== Alex McLintock al...@OW... Open Source Consultancy in London OpenWeb Analysts Ltd, http://www.OWAL.co.uk/ SF and Computing Book News and Reviews: http://news.diversebooks.com/ Get Your XML T-Shirt <t-shirt/> at http://www.inversity.co.uk/ ____________________________________________________________ Do You Yahoo!? Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk or your free @yahoo.ie address at http://mail.yahoo.ie |
|
From: Phil R. <pr...@dn...> - 2001-08-29 13:48:41
|
Greetings. I'm relatively new to the world of Linux (been in the fringes
for a while, but just now getting seriously started). I have a
dual-processor box with Red Hat 7.1 on it, and I'm slowly trudging my way
through the instructions on installing Slashcode. Things have been
proceeding more-or-less acceptably, until I get to the point of installing
Apache via the mod_perl route as listed in the Slash Install document. I do
the 'make test' step, and it fails thusly:
cp t/conf/mod_perl_srm.conf t/conf/srm.conf
../apache/src/httpd -f `pwd`/t/conf/httpd.conf -X -d `pwd`/t &
httpd listening on port 8529
will write error_log to: t/logs/error_log
letting apache warm up...\c
done
/usr/bin/perl t/TEST 0
still waiting for server to warm up...............not ok
server failed to start! (please examine t/logs/error_log) at t/TEST line 95.
make: *** [run_tests] Error 9
[root@www mod_perl]#
now, at this time, ps -A shows that httpd is in fact running, so the error
message is slightly bogus. Time to look at the logs:
[root@www mod_perl]# cd t/logs
[root@www logs]# ls
error_log httpd.pid
[root@www logs]# cat error_log
[notice] Destruction->DESTROY called for $global_object
[Wed Aug 29 09:20:10 2001] [warn] [notice] child_init for process 2615,
report any problems to
[no address given]
[root@www logs]#
(Process 2615 is httpd.)
OK, WTF happened here? Looking at the TEST script tells me (I think) that
the script was trying to retrieve test.html from the web server and
couldn't do it. And, when I try to connect to the same port via a browser,
I get "Connection closed by remote server."
Could this be directory related? Is there some magic directory that Apache
is supposed to be installed in? (The command I used to start the
mod_perl/based Apache install was:
[root@www bin]# perl Makefile.PL APACHE_SRC=/home/phil/apache
DO_HTTPD=1 USE_APACI=1 /
PERL_MARK_WHERE=1 EVERYTHING=1 APACHE_PREFIX=/usr/bin/apache
)
So, could somebody help me figure out what I'm missing here?
Thanks in advance.
---
...phil
"For a list of all the ways technology has failed
to improve the quality of life, press 3."
|
|
From: Markus A. <mar...@ub...> - 2001-08-29 12:42:12
|
al...@ya... wrote: > I have several websites (or parts of websites) including a slash site which require > the same user database. My users of DiverseBooks.com don't quite realise that the > http://news.DiverseBooks.com slash site has a different user database to the > http://www.DiverseBooks.com java servlet based site. They complain to me about > not being able to login in without realising that it is a different site. :-( > > Since the software which makes up the site is quite varied (java progs and perl progs) > it seems that LDAP would be a good middleware between these apps and their user databases. > There is discussion of LDAP enabling my java programs so I can ignore them for now. Why don't you just use the Slash DB with your java programs? It's MySQL, the schema is public, and it's even allowed to add another table in case you need to save more info for your www-page than is assumed for plain slash. LDAP can be quite an PITA to setup and maintain securely. Markus. |
|
From: <al...@ya...> - 2001-08-29 12:21:28
|
Hi folks, I am just after a show of hands regarding who requires LDAP and what development is going on. The following assumes that there are no LDAP facilities in slash or are being put into slash. The problem: I have several websites (or parts of websites) including a slash site which require the same user database. My users of DiverseBooks.com don't quite realise that the http://news.DiverseBooks.com slash site has a different user database to the http://www.DiverseBooks.com java servlet based site. They complain to me about not being able to login in without realising that it is a different site. :-( Since the software which makes up the site is quite varied (java progs and perl progs) it seems that LDAP would be a good middleware between these apps and their user databases. There is discussion of LDAP enabling my java programs so I can ignore them for now. I would be happy if the LDAP database just contained username, email address, and password but no doubt more would be required. First Possible Solution At first I thought that I could use perl's Net::LDAP to create an (read only) LDAP server which gave out the information stored in Slash's own database. This had the advantage of requiring no changes to slashcode. Unfortunately it appears that the perl LDAP code is just for clients and not servers - please correct me if I am wrong. Second Possible Solution: I set up OpenLDAP with the same database that slash uses. Unfortunately from a quick scan of the documents this also appears to be impossible. Third Possible Solution: I set up OpenLDAP with mirrored information as that stored in the database that slash uses. This involves initially dumping all the user info into LDIF files (I think) and using ldapadd to import them and then figuring out how to refresh this periodically. Fourth "ideal" solution: I set up OpenLDAP with the same schema as required by slash and change slash to read and write what user info it requires to LDAP instead of directly to database. Comments folks? Am I talking rubbish? I know roughly what LDAP does but don't have experience of it. Alex McLintock ===== Alex McLintock al...@OW... Open Source Consultancy in London OpenWeb Analysts Ltd, http://www.OWAL.co.uk/ SF and Computing Book News and Reviews: http://news.diversebooks.com/ Get Your XML T-Shirt <t-shirt/> at http://www.inversity.co.uk/ ____________________________________________________________ Do You Yahoo!? Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk or your free @yahoo.ie address at http://mail.yahoo.ie |
|
From: Micah Y. <yo...@ho...> - 2001-08-29 00:05:34
|
> If I were you, I'd use a user param. Well that may be a good idea for some things, but is not really what I was asking. :-) I was using seclevs to allow users to do this. Their seclev must be higher than the 'adminuserblockseclev' variable in order to do this (grant permission for a specific user to edit a specific block). What I'm asking is for a good way to allow the (already authenticated) user to browse, search, and select a specific user from the database. Seems like there really should be a plugin for this -- it could be useful in many other plugins. I'll release it if I write a general purpose one. Any other ideas? Thanks -- Like to travel? http://TravTalk.org Micah Yoder Internet Development http://yoderdev.com |
|
From: shane <sh...@lo...> - 2001-08-28 17:24:34
|
At 11:50 AM 8/28/2001 -0400, you wrote:
>At 11:30 -0400 2001.08.28, shane wrote:
> >Has anyone tried to come up with a system and/or code to let people download
> >files from a slash-site, but render the source of the file unreadable?
>
>I am planning this for an image gallery plugin (is that what you want it
>for?).
Yes, and no :)
I need to come up with something over the next week because
I offered to mirrors someone's files for them. But I need to keep
a cautious eye on how much/what's downloaded so that it doesn't
eat up my own bandwidth.
The yes part was that I definitely wanted to put this sort of
functionality into the galleria plugin eventually, as an option.
> That is, if I do my own instead of using yours.
If you want to combo the effort, email me.
>Basically, have perl code can read in the file, and then send it to the
>browser directly (setting the proper HTTP header, esp. MIME type). The URL
>to this could be, for example:
>
> http://site/plugin.pl?op=download&file=foo.jpg
>
>However, you might want to mix it up a lot more. For example:
>
> http://site/plugin.pl?op=download&file=foo.jpg&key=876FA3BD12
>
>Key could be a few things. It could be a random string inserted into the
>DB for that file's record (see the routine used to create new passwords;
>you could just use that). Or for more protection, it could be that random
>string crypt'ed with the user's password as salt:
>
> my $key = crypt($record->{key}, $user->{passwd});
>
>Then $key is unique for each user and each file, so users cannot give the
>URL to each other (well, they could, but chances are it won't work).
>Actually, now that I think of it, if you just get two random characters as
>the key, you can use that as the salt, and then crypt the user's password
>with that salt:
>
> my $key = crypt($user->{passwd}, $record->{key});
>
>Then it should be even more unique per user.
that'll work. thanks for the advice guys. I've got my work cut out for me
now :)
Shane
|
|
From: Chris N. <pu...@po...> - 2001-08-28 15:51:41
|
At 11:30 -0400 2001.08.28, shane wrote:
>Has anyone tried to come up with a system and/or code to let people download
>files from a slash-site, but render the source of the file unreadable?
I am planning this for an image gallery plugin (is that what you want it
for?). That is, if I do my own instead of using yours.
Basically, have perl code can read in the file, and then send it to the
browser directly (setting the proper HTTP header, esp. MIME type). The URL
to this could be, for example:
http://site/plugin.pl?op=download&file=foo.jpg
However, you might want to mix it up a lot more. For example:
http://site/plugin.pl?op=download&file=foo.jpg&key=876FA3BD12
Key could be a few things. It could be a random string inserted into the
DB for that file's record (see the routine used to create new passwords;
you could just use that). Or for more protection, it could be that random
string crypt'ed with the user's password as salt:
my $key = crypt($record->{key}, $user->{passwd});
Then $key is unique for each user and each file, so users cannot give the
URL to each other (well, they could, but chances are it won't work).
Actually, now that I think of it, if you just get two random characters as
the key, you can use that as the salt, and then crypt the user's password
with that salt:
my $key = crypt($user->{passwd}, $record->{key});
Then it should be even more unique per user.
--
Chris Nandor pu...@po... http://pudge.net/
Open Source Development Network pu...@os... http://osdn.com/
|
|
From: Markus A. <mar...@ub...> - 2001-08-28 15:46:20
|
sh...@lo... wrote: > Has anyone tried to come up with a system and/or code to let people download > files from a slash-site, but render the source of the file unreadable? > > ie so if you had a bunch of files available for download, someone couldn't > wget -R > the whole thing and leech it, but instead would have to click on each file, > which > would run a perl script, determine current download load, and either deny the > request or let it go through - something like a file-push? > > I'm in need of such a beast. Any suggestions appreciated. Have the files somewhere not in Apache's DocumentRoot and let your download.pl just read in the file and print it out again. This sure works for plaintext files but should work for binaries (mp3?) too. If you don't mind users getting the same files again and again (i.e. bookmarking them) just return a link to the file and put the files in a dir together with a index.html showing <title>feeling clever?</title><h2>not clever enough</h2>. This prevents Apache from showing a dir listing. Markus. |
|
From: shane <sh...@lo...> - 2001-08-28 15:29:29
|
Has anyone tried to come up with a system and/or code to let people download files from a slash-site, but render the source of the file unreadable? ie so if you had a bunch of files available for download, someone couldn't wget -R the whole thing and leech it, but instead would have to click on each file, which would run a perl script, determine current download load, and either deny the request or let it go through - something like a file-push? I'm in need of such a beast. Any suggestions appreciated. Shane |
|
From: shane <sh...@lo...> - 2001-08-28 13:50:16
|
At 02:34 PM 8/27/2001 -0400, you wrote:
>Hi,
>
>Am writing a plugin and making good progress.
>
>I just need to allow an administrator to select a user on the system. Any
>good way to do that, reinventing little if any code and templates?
If I were you, I'd use a user param.
(I just figured this out last week for my bookiejoint site):
# name of param that we'll use for the example - usredtallow
# check whether they have the param set, if not, redirect them
redirect('/users.pl') if !defined $user->{'usredtallow'}
# code to *set* the param, we'll set it with the current time.
my $slashdb = getCurrentDB();
my $user = getCurrentUser();
my $time= $slashdb->getTime();
my $users_table = {
usredtallow => $time,
};
$slashdb->setUser($user->{uid},$users_table);
so either set it by hand for the user in the table users_param
or create some code that will let you dynamically set it for a
given user.
then add some similar code that checks whether the user
has that param defined. if not, don't let them do whatever it is
you want to protect.
I don't know if this is the "proper" way to be using user params.
This is only what I just figured out. Slashguys - please comment on this
to let me know if it's right or wrong or how it could be improved.
Shane
|
|
From: Alessio B. <al...@al...> - 2001-08-28 07:34:20
|
Dave Krieger wrote: > If I change it to "slash:slash:nanodot.org", slashd simply exists with no error and "PID = (blank)". Does user slash have a valid shell? -- Alessio F. Bragadini al...@al... APL Financial Services http://village.albourne.com Nicosia, Cyprus phone: +357-2-755750 "It is more complicated than you think" -- The Eighth Networking Truth from RFC 1925 |
19 messages has been excluded from this view by a project administrator.
