From: Micah Y. <yo...@ho...> - 2001-08-27 21:33:29
|
Hi, Am writing a plugin and making good progress. I just need to allow an administrator to select a user on the system. Any good way to do that, reinventing little if any code and templates? I was thinking of maybe writing another plugin that would allow browsing/searching users from a popup window and when one is selected it would copy the username into a form field. Then other plugins could use that mechanism. I think something like that is needed if Slash is going to become an application development platform (and I really see it heading that way). Perhaps I'll get to coding it unless someone has a better idea. :-) -- Like to travel? http://TravTalk.org Micah Yoder Internet Development http://yoderdev.com |
From: shane <sh...@lo...> - 2001-08-28 13:50:16
|
At 02:34 PM 8/27/2001 -0400, you wrote: >Hi, > >Am writing a plugin and making good progress. > >I just need to allow an administrator to select a user on the system. Any >good way to do that, reinventing little if any code and templates? If I were you, I'd use a user param. (I just figured this out last week for my bookiejoint site): # name of param that we'll use for the example - usredtallow # check whether they have the param set, if not, redirect them redirect('/users.pl') if !defined $user->{'usredtallow'} # code to *set* the param, we'll set it with the current time. my $slashdb = getCurrentDB(); my $user = getCurrentUser(); my $time= $slashdb->getTime(); my $users_table = { usredtallow => $time, }; $slashdb->setUser($user->{uid},$users_table); so either set it by hand for the user in the table users_param or create some code that will let you dynamically set it for a given user. then add some similar code that checks whether the user has that param defined. if not, don't let them do whatever it is you want to protect. I don't know if this is the "proper" way to be using user params. This is only what I just figured out. Slashguys - please comment on this to let me know if it's right or wrong or how it could be improved. Shane |
From: Micah Y. <yo...@ho...> - 2001-08-29 00:05:34
|
> If I were you, I'd use a user param. Well that may be a good idea for some things, but is not really what I was asking. :-) I was using seclevs to allow users to do this. Their seclev must be higher than the 'adminuserblockseclev' variable in order to do this (grant permission for a specific user to edit a specific block). What I'm asking is for a good way to allow the (already authenticated) user to browse, search, and select a specific user from the database. Seems like there really should be a plugin for this -- it could be useful in many other plugins. I'll release it if I write a general purpose one. Any other ideas? Thanks -- Like to travel? http://TravTalk.org Micah Yoder Internet Development http://yoderdev.com |
From: <al...@ya...> - 2001-08-29 12:21:28
|
Hi folks, I am just after a show of hands regarding who requires LDAP and what development is going on. The following assumes that there are no LDAP facilities in slash or are being put into slash. The problem: I have several websites (or parts of websites) including a slash site which require the same user database. My users of DiverseBooks.com don't quite realise that the http://news.DiverseBooks.com slash site has a different user database to the http://www.DiverseBooks.com java servlet based site. They complain to me about not being able to login in without realising that it is a different site. :-( Since the software which makes up the site is quite varied (java progs and perl progs) it seems that LDAP would be a good middleware between these apps and their user databases. There is discussion of LDAP enabling my java programs so I can ignore them for now. I would be happy if the LDAP database just contained username, email address, and password but no doubt more would be required. First Possible Solution At first I thought that I could use perl's Net::LDAP to create an (read only) LDAP server which gave out the information stored in Slash's own database. This had the advantage of requiring no changes to slashcode. Unfortunately it appears that the perl LDAP code is just for clients and not servers - please correct me if I am wrong. Second Possible Solution: I set up OpenLDAP with the same database that slash uses. Unfortunately from a quick scan of the documents this also appears to be impossible. Third Possible Solution: I set up OpenLDAP with mirrored information as that stored in the database that slash uses. This involves initially dumping all the user info into LDIF files (I think) and using ldapadd to import them and then figuring out how to refresh this periodically. Fourth "ideal" solution: I set up OpenLDAP with the same schema as required by slash and change slash to read and write what user info it requires to LDAP instead of directly to database. Comments folks? Am I talking rubbish? I know roughly what LDAP does but don't have experience of it. Alex McLintock ===== Alex McLintock alex@OWAL.co.uk Open Source Consultancy in London OpenWeb Analysts Ltd, http://www.OWAL.co.uk/ SF and Computing Book News and Reviews: http://news.diversebooks.com/ Get Your XML T-Shirt <t-shirt/> at http://www.inversity.co.uk/ ____________________________________________________________ Do You Yahoo!? Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk or your free @yahoo.ie address at http://mail.yahoo.ie |
From: Markus A. <mar...@ub...> - 2001-08-29 12:42:12
|
al...@ya... wrote: > I have several websites (or parts of websites) including a slash site which require > the same user database. My users of DiverseBooks.com don't quite realise that the > http://news.DiverseBooks.com slash site has a different user database to the > http://www.DiverseBooks.com java servlet based site. They complain to me about > not being able to login in without realising that it is a different site. :-( > > Since the software which makes up the site is quite varied (java progs and perl progs) > it seems that LDAP would be a good middleware between these apps and their user databases. > There is discussion of LDAP enabling my java programs so I can ignore them for now. Why don't you just use the Slash DB with your java programs? It's MySQL, the schema is public, and it's even allowed to add another table in case you need to save more info for your www-page than is assumed for plain slash. LDAP can be quite an PITA to setup and maintain securely. Markus. |
From: Phil R. <pr...@dn...> - 2001-08-29 13:48:41
|
Greetings. I'm relatively new to the world of Linux (been in the fringes for a while, but just now getting seriously started). I have a dual-processor box with Red Hat 7.1 on it, and I'm slowly trudging my way through the instructions on installing Slashcode. Things have been proceeding more-or-less acceptably, until I get to the point of installing Apache via the mod_perl route as listed in the Slash Install document. I do the 'make test' step, and it fails thusly: cp t/conf/mod_perl_srm.conf t/conf/srm.conf ../apache/src/httpd -f `pwd`/t/conf/httpd.conf -X -d `pwd`/t & httpd listening on port 8529 will write error_log to: t/logs/error_log letting apache warm up...\c done /usr/bin/perl t/TEST 0 still waiting for server to warm up...............not ok server failed to start! (please examine t/logs/error_log) at t/TEST line 95. make: *** [run_tests] Error 9 [root@www mod_perl]# now, at this time, ps -A shows that httpd is in fact running, so the error message is slightly bogus. Time to look at the logs: [root@www mod_perl]# cd t/logs [root@www logs]# ls error_log httpd.pid [root@www logs]# cat error_log [notice] Destruction->DESTROY called for $global_object [Wed Aug 29 09:20:10 2001] [warn] [notice] child_init for process 2615, report any problems to [no address given] [root@www logs]# (Process 2615 is httpd.) OK, WTF happened here? Looking at the TEST script tells me (I think) that the script was trying to retrieve test.html from the web server and couldn't do it. And, when I try to connect to the same port via a browser, I get "Connection closed by remote server." Could this be directory related? Is there some magic directory that Apache is supposed to be installed in? (The command I used to start the mod_perl/based Apache install was: [root@www bin]# perl Makefile.PL APACHE_SRC=/home/phil/apache DO_HTTPD=1 USE_APACI=1 / PERL_MARK_WHERE=1 EVERYTHING=1 APACHE_PREFIX=/usr/bin/apache ) So, could somebody help me figure out what I'm missing here? Thanks in advance. --- ...phil "For a list of all the ways technology has failed to improve the quality of life, press 3." |
From: <al...@ya...> - 2001-08-29 14:15:40
|
--- Phil Reed <pr...@dn...> wrote: > Greetings. I'm relatively new to the world of Linux (been in the fringes > for a while, but just now getting seriously started). I have a > dual-processor box with Red Hat 7.1 on it, and I'm slowly trudging my way > through the instructions on installing Slashcode. Things have been > proceeding more-or-less acceptably, until I get to the point of installing > Apache via the mod_perl route as listed in the Slash Install document. I do > the 'make test' step, and it fails thusly: > > cp t/conf/mod_perl_srm.conf t/conf/srm.conf > ../apache/src/httpd -f `pwd`/t/conf/httpd.conf -X -d `pwd`/t & > httpd listening on port 8529 > will write error_log to: t/logs/error_log > letting apache warm up...\c > done > /usr/bin/perl t/TEST 0 > still waiting for server to warm up...............not ok > server failed to start! (please examine t/logs/error_log) at t/TEST line 95. > make: *** [run_tests] Error 9 > [root@www mod_perl]# I'm actually at the same stage with my test slash installation. When I installed my live one (http://news.DiverseBooks.com) I think I just ignored this test and it worked ok anyway. One possibility is that you installed RedHat Linux with the ipchains firewalling stuff. The test starts httpd on an abnormal port (8529 I see) and it may be that your ipchains is banning access to that. Of course I could be wrong. The setup of Apache is the biggest problem with the slashcode docs (which are in general quite good). setup of Apache is not easy and if you want anything out of the ordinary then you need an expert handy IMHO. Alex ===== Alex McLintock alex@OWAL.co.uk Open Source Consultancy in London OpenWeb Analysts Ltd, http://www.OWAL.co.uk/ SF and Computing Book News and Reviews: http://news.diversebooks.com/ Get Your XML T-Shirt <t-shirt/> at http://www.inversity.co.uk/ ____________________________________________________________ Do You Yahoo!? Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk or your free @yahoo.ie address at http://mail.yahoo.ie |
From: LT V. H. W. <wa...@us...> - 2001-08-29 15:09:35
|
> > > > >One possibility is that you installed RedHat Linux with the ipchains >firewalling stuff. The test starts httpd on an abnormal port (8529 I see) >and it may be that your ipchains is banning access to that. > This is where I'd look. Try an ipchains -F to clear your firewall rules then re-run the test. Depending on which firewall setup you choose on install and what your desired final configuration is, you may need to alter them more permanently (the ipchains -F will reset after a reboot). Also, if you're really using the firewall rule set for security, make sure to get it back up quickly... Vann |
From: Phil R. <pr...@dn...> - 2001-08-29 16:15:17
|
Thanks for the prompt reply (both you and Vann). >I'm actually at the same stage with my test slash installation. When I >installed my >live one (http://news.DiverseBooks.com) I think I just ignored this test and >it worked ok anyway. > >One possibility is that you installed RedHat Linux with the ipchains >firewalling stuff. The test starts httpd on an abnormal port (8529 I see) >and it may be that your ipchains is banning access to that. Yes, I did install IPchains. At Vann's suggestion, I flushed the chain rules. make test gives the same error as before, but this time when I try to connect with a browser to the server (still at port 8529), I get a "Forbidden" error. So, in fact the ipchains was in the way, but there's something else going on. >Of course I could be wrong. You're doing OK so far. :-) --- ...phil "For a list of all the ways technology has failed to improve the quality of life, press 3." |
From: Phil R. <pr...@dn...> - 2001-08-30 12:14:55
|
Well, after the last problem seemed to go away (I went ahead and finished the Apache installation, and it seems to be working correctly), I've been madly installing and reinstalling Perl modules. I finally got to the point of installing Bundle::Slash, and after a couple of tries, I am now consistently getting this from CPAN: Bundle summary: The following items in bundle Bundle::Slash had installation problems: Bundle::CPAN DBI DBI::FAQ Bundle::DBD::mysql Apache::Cookie Template and the following items had problems during recursive bundle calls: Bundle::libnet DBD::mysql Mysql Net::Telnet So much scrolls past that I couldn't begin to tell what in particular fails (can somebody tell me how to capture the output from CPAN?). How many of these are important? Picking one that looks needed, I decided to force install DBD::mysql just to see what happens. It failed, apparently looking for something related to DBI. So, I force installed DBI, and *IT* fails, with make: *** No rule to make target `blib/arch/auto/DBI/Driver.xst', needed by `Perl.xsi'. Stop. Hmmm. Dig around. Maybe I should be installing Bundle::DBI? Well, it can't hurt. When I try that, it runs for a while and then I get the same failure. Hmm. Have I stumbled on a real bug? So. Is this part really necessary for Slashcode? If so, then how did anybody else get it installed? (And how the hell do you tell CPAN to quit trying to reinstall Perl? I'm already running the current version 5.6.1. Half my time yesterday was spent installing modules, then finally installing Perl 5.6.1 because stuff kept trying to install it, then discovering that reinstalling Perl wiped out all the modules so trying to get them reinstalled. Then stupid Data::Dumper kept on trying to recursively install Perl again. This is getting to be as bad as trying to figure out Microsoft service packs.) Moderately frustrated, --- ...phil "For a list of all the ways technology has failed to improve the quality of life, press 3." |
From: <al...@ya...> - 2001-08-30 14:08:40
|
--- Phil Reed <pr...@dn...> wrote: > Picking one that looks needed, I decided to force install DBD::mysql just > to see what happens. It failed, apparently looking for something related to > DBI. So, I force installed DBI, and *IT* fails, with You should really have installed DBI before the DBD like it said. > Hmmm. Dig around. Maybe I should be installing Bundle::DBI? Well, it can't > hurt. When I try that, it runs for a while and then I get the same failure. > Hmm. Have I stumbled on a real bug? Have you read the install document ? it explains this. > So. Is this part really necessary for Slashcode? If so, then how did > anybody else get it installed? Apparently someone on this mailing list noticed recently that Bundle Slash doesn't work. Install each individual perl module separately. If you think that CPAN.pm is not helping then don't use it. It is optional. Sounds like you've messed up your perl installation. PS do you have multiple versions of perl on your machine? I bet that is why CPAN is repeatedly installing perl 5.6.1 - because it looks and finds an old version of perl. Do a find / -name "perl" -exec ls -l {} \; Goodluck. Yep perl modules are a bit of a pain but they are FAR better than anything else I have come across in any language or any platform. Alex ===== Alex McLintock alex@OWAL.co.uk Open Source Consultancy in London OpenWeb Analysts Ltd, http://www.OWAL.co.uk/ SF and Computing Book News and Reviews: http://news.diversebooks.com/ Get Your XML T-Shirt <t-shirt/> at http://www.inversity.co.uk/ ____________________________________________________________ Do You Yahoo!? Get your free @yahoo.co.uk address at http://mail.yahoo.co.uk or your free @yahoo.ie address at http://mail.yahoo.ie |
From: Micah Y. <yo...@ho...> - 2001-08-29 20:06:59
|
I would also be interested in anything that comes out of this. I have some PHP based travel sites that I'd like to integrate more with TravTalk. I could perhaps use the same user database as Slash, except for the minor issue that my PHP programs use PostgreSQL ... -- Like to travel? http://TravTalk.org Micah Yoder Internet Development http://yoderdev.com |
From: shane <sh...@lo...> - 2001-08-28 15:29:29
|
Has anyone tried to come up with a system and/or code to let people download files from a slash-site, but render the source of the file unreadable? ie so if you had a bunch of files available for download, someone couldn't wget -R the whole thing and leech it, but instead would have to click on each file, which would run a perl script, determine current download load, and either deny the request or let it go through - something like a file-push? I'm in need of such a beast. Any suggestions appreciated. Shane |
From: Markus A. <mar...@ub...> - 2001-08-28 15:46:20
|
sh...@lo... wrote: > Has anyone tried to come up with a system and/or code to let people download > files from a slash-site, but render the source of the file unreadable? > > ie so if you had a bunch of files available for download, someone couldn't > wget -R > the whole thing and leech it, but instead would have to click on each file, > which > would run a perl script, determine current download load, and either deny the > request or let it go through - something like a file-push? > > I'm in need of such a beast. Any suggestions appreciated. Have the files somewhere not in Apache's DocumentRoot and let your download.pl just read in the file and print it out again. This sure works for plaintext files but should work for binaries (mp3?) too. If you don't mind users getting the same files again and again (i.e. bookmarking them) just return a link to the file and put the files in a dir together with a index.html showing <title>feeling clever?</title><h2>not clever enough</h2>. This prevents Apache from showing a dir listing. Markus. |
From: Chris N. <pu...@po...> - 2001-08-28 15:51:41
|
At 11:30 -0400 2001.08.28, shane wrote: >Has anyone tried to come up with a system and/or code to let people download >files from a slash-site, but render the source of the file unreadable? I am planning this for an image gallery plugin (is that what you want it for?). That is, if I do my own instead of using yours. Basically, have perl code can read in the file, and then send it to the browser directly (setting the proper HTTP header, esp. MIME type). The URL to this could be, for example: http://site/plugin.pl?op=download&file=foo.jpg However, you might want to mix it up a lot more. For example: http://site/plugin.pl?op=download&file=foo.jpg&key=876FA3BD12 Key could be a few things. It could be a random string inserted into the DB for that file's record (see the routine used to create new passwords; you could just use that). Or for more protection, it could be that random string crypt'ed with the user's password as salt: my $key = crypt($record->{key}, $user->{passwd}); Then $key is unique for each user and each file, so users cannot give the URL to each other (well, they could, but chances are it won't work). Actually, now that I think of it, if you just get two random characters as the key, you can use that as the salt, and then crypt the user's password with that salt: my $key = crypt($user->{passwd}, $record->{key}); Then it should be even more unique per user. -- Chris Nandor pu...@po... http://pudge.net/ Open Source Development Network pu...@os... http://osdn.com/ |
From: shane <sh...@lo...> - 2001-08-28 17:24:34
|
At 11:50 AM 8/28/2001 -0400, you wrote: >At 11:30 -0400 2001.08.28, shane wrote: > >Has anyone tried to come up with a system and/or code to let people download > >files from a slash-site, but render the source of the file unreadable? > >I am planning this for an image gallery plugin (is that what you want it >for?). Yes, and no :) I need to come up with something over the next week because I offered to mirrors someone's files for them. But I need to keep a cautious eye on how much/what's downloaded so that it doesn't eat up my own bandwidth. The yes part was that I definitely wanted to put this sort of functionality into the galleria plugin eventually, as an option. > That is, if I do my own instead of using yours. If you want to combo the effort, email me. >Basically, have perl code can read in the file, and then send it to the >browser directly (setting the proper HTTP header, esp. MIME type). The URL >to this could be, for example: > > http://site/plugin.pl?op=download&file=foo.jpg > >However, you might want to mix it up a lot more. For example: > > http://site/plugin.pl?op=download&file=foo.jpg&key=876FA3BD12 > >Key could be a few things. It could be a random string inserted into the >DB for that file's record (see the routine used to create new passwords; >you could just use that). Or for more protection, it could be that random >string crypt'ed with the user's password as salt: > > my $key = crypt($record->{key}, $user->{passwd}); > >Then $key is unique for each user and each file, so users cannot give the >URL to each other (well, they could, but chances are it won't work). >Actually, now that I think of it, if you just get two random characters as >the key, you can use that as the salt, and then crypt the user's password >with that salt: > > my $key = crypt($user->{passwd}, $record->{key}); > >Then it should be even more unique per user. that'll work. thanks for the advice guys. I've got my work cut out for me now :) Shane |