franck: If you have some more minutes, I have another test for you ;) yes fire! ok : $tiki_setup_dir = realpath(dirname(__FILE__));$tiki_script_filename = realpath($_SERVER['SCRIPT_FILENAME']); if ( strpos($tiki_script_filename, $tiki_setup_dir) === false ) { well, no, wait, just another change... so... $tiki_setup_dir = realpath(dirname(__FILE__));$tiki_script_filename = realpath($_SERVER['SCRIPT_FILENAME']); f ( substr($tiki_script_filename, 0, strlen($tiki_setup_dir)) != $tiki_setup_dir ) { $tiki_script_filename = realpath($_SERVER['PATH_TRANSLATED']); } $tmp = dirname(str_replace($tiki_setup_dir,'',$tiki_script_filename)); $tikipath = dirname($tiki_script_filename); is it ok, this way ? hold on the 'f' before '( substr' should be an 'if' got that ;) :) it looks happy too let me clear the cache to make sure ok, nice. I'll commit this version right now and you will be able to test after updating your branches/2.0 yes after clearing the cache it is still happy ok, just commited could you test just once again, after an svn update, please ? back well, the site I have is not under svn I took the RC ok, no problem. It should be ok btw. so, it's late here, I'll leave now :) s/late/really early/ ;) bye franck: : got all security contacts? Can I see a draft of your email to them, b4 you send? marclaporte: sent already super@ it should be in your security@tikiwiki.org can you just read now excellent mail thans Franck thanks no worries and with nyloth we fixed an install bug on the RC good stuff it was real strange, due to detection of paths where tw is installed, but we found a way to make it work in his environment and one I have so now http://wiki.chapters.isoc.org/ is tw2.0 Hi all, Hopefully a quick question. How do I change the returned search data sort from "Relevance" to "hits"? Paragtim, this is the slow time of day in this channel. If you try again in Europe/Americas daytime, there'll be more people active. Hi Gary, Appreciate that, Just threw it out on the off chance. I have a dev meeting later and I know its going to be one of the questions raised. ok. chilbaguy. I was looking to add another link into the footer bar (footer.tpl) In the default theme there is a div section that I was going to edit however in the tikineat theme the footer does not have this section. As you are the author I thought I would ask if add the div would cause a problem The file to edit is tiki-bot_bar.tpl. footer.tpl only contains the doc closing tags (body and html, etc.). (I'm not the author of Tikineat btw.) Paragtim ^^^ Thanks - understand your not the author. FYI - Here's the confusion (Default Style/footer.tpl = (* $id footer.tpl xxxxxxxxx marclaporte) (tikineat Style/footer.tpl ($id footer.tpl xxxxxxxxxxxxx chibaguy) And the code in default contains the div - hence the question I need to edit in different places then to get the same result? Where are you getting that information from ("(tikineat Style/footer.tpl ($id footer.tpl xxxxxxxxxxxxx chibaguy)"? footer.tpl was modified a while back by marc but actually tiki-bot_bar.tpl is the proper place for page-bottom links. I think conceptually footer.tpl's function is to wrap up the page, not to display visible content. tiki-bot_bar.tpl contains the copyright info, rss icons, powered-by stuff, etc. As far as I know, that's true for all themes. bbl Hi all :) polom nyloth :-) hello nyloth - for the saved_msg - I agree that we need parameters... but after a tiki-editpage I think we can really for http_referer for both bl and saved_msg I like after editpage to have a clean url - a clean screen - kind of reward to my editing - and I will do saveg_msg optional too... sylvieg: I understand your wish, even if it will not be possible (or not easily) for other features... sylvieg: why not using session instead of referer, then ? sylvieg: as I said before, I don't like using referer because of URL that could have be rewritten ... hard to match something on mozilla's urls for example (and it's harder to fake session values) bbl good idea btw : thre is a bad use of REFERER in tiki-editpage for categorisation - it is testing against tiki-index.php :) I need to add something like do not search on page of this category. does it make sense to add a perm tiki_p_not_search_categorized? seems not very nice to me we should avoid negations in perms... instead we will end with tiki_p_not_edit , ... yes I know so tiki_p_search_categorized + update each time I find tiki_p_view_categorized, add tiki_p_search_categorized I prefer this solution, yes but maybe this is the right time to start a work to have all perms for categories too (not only *categorized)... ;) what is the difference between tiki-calendar and tiki-action calendar? franck: calendar is a 'normal' calendar of events, meetings, ... and action calendar is a log of every actions registered in tiki (modified pages, deleted pages, ...) displayed as a calendar ah ok I did not see any TZ support in tiki-calendar? franck: TZ is choosed in admin panels franck: and tiki is able to detect the user TZ hmmm I entered an event and it seems it took the time I put as UTC franck: check your TZ settings in admin panels then :) will do franck: your user may also have wrong TZ settings in user_preferences yes set all working fine the calendar should display the time of the user, so we know which timezone it uses additionnaly a TZ drop dow could allow you to change the TZ yes, the calendar displays everything in the user TZ. a drop down to change TZ will be nice, yes... which is good, but a little extra feedback would be helpful hi all :) next to the date range in the calendar would be nice to print the time zone anyone know how to kick-start irc.tw.o? it does not appear to be updating anymore :( ricks99, marc : Is it possible to get rights to edit pages on info.tw.o ? franck: I agree @nyloth: sure.... thx :) @nyloth: *should* be set now yes, thx ricks99_: how about migrating to 2.0 ? ;) y. i've been playing with a new theme, too.... ok :) Hi all. Can someone point me in the right direction for this. I need to add some extra info on the initial log in screen (copyright Info and discalaimer etc). I thought I bookmarked the page telling me where to look but can find it any more!! Hi Paragtim, maybe have a look at doc.tikiwiki.org @Paragtim: just plain, static text? chibaguy: hi :) hi nyloth Rick - Initially yes. Eventually there will need to be a DB call for T & C's acceptence, but for the moment that not critical @Paragtim: for "quick fix" simply add the text to your tiki-register.tpl template. for "correct fix" use a registration tracker (not sure which tiki version this was introduced) Thanks - will have a look and play now np If I find a bug and then discover that it's already in the dev tracker, is it worth while adding comments to the original bug submission? Is there anything else I should do? I don't quite understand the rating thing -2=>serious bug, -1=>not life threatening bug? Is the rating cumulative or absolute? Darkbee: iiuic the rating is there for letting devs know how many users vote for the bug to be solved asap +2 solve it now, -2 forget it Ok thanks... I wasn't sure if it was a count like you say or a fixed value... but I can change my "vote" right? i believe it counts every vote and displays average then oops...nick change np :) That is what would make most sense to me It just isn't explained very clearly on DevTiki.... there is something about it AFTER you submit the bug report DarrenB: please change the explanation to what you see fit ok... I get a bit nervous about updating information... I don't want to get it wrong and give everybody the wrong information :) I just want to be a well-behaved "law" abiding community member ;) fear is something which has permitted life to survive for millions of years So fear has its use :-) well-behaving people too :-) lol so as luciash said negative implies less important... positive implies more important? yes What about the numerical priority? That seems to be arbitrary. Is that something that the devs set? (although I know that it can be set at submission time) that part is documented ok http://dev.tikiwiki.org/How+to+Submit+a+new+item+on+the+Wishlist Please improve as you see fit bbl I was just reading that very page :) I think there should be a more prominent link to it on the Dev homepage maybe I can update that too ;) Can anyone help with the new staging & approal feature on TW1.10.0b1? http://doc.tikiwiki.org/tiki-index.php?page=Wiki%20Page%20Staging%20and%20Approval&structure=Documentation sylvieg - thanks for the documentation. I have already read that and I am still having trouble. I think the problem is with my category permissions. http://doc.tikiwiki.org/tiki-pagehistory.php?page=Wiki%20Page%20Staging%20and%20Approval&preview=15 In the staged category everyone has view and edit perms. In the Approved category everyone has view and only admins have edit perms. this onme has a permission example need to fixc the comment to put this in comments Yea, I see the example at the bottom. Looks like exactly what i need. thanks! Themes site showed me a few pages, now is emitting pages with no source. http://themes.tikiwiki.org/ SEWilco2, I'm getting an "Unable to connect to the database !" error at themes.tw.o. Maybe someone is rebooting now. "Firefox can't establish a connection to the server at themes.tikiwiki.org." Well, I connected with Opera but it took a long time, and then the db connection error. Hmm, now completely unavailable. I'm just getting a straight out, can't connect. using Firefox 3 marclaporte deals with that server, but I guess he's not around. Oh, it's up again :-) . concur hi all hello How do I force reload of newly selected theme? Looked OK on Theme admin screen, but other pages still use old theme. Nope, theme won't change. Reloaded page, restarted Firefox, reloaded page, cleared Firefox cache, reloaded page, deleted stuff in temp/cache, reloaded page. maybe you have themes per user... you could try changing in it MyTiki do you have a theme control by section or categ? Nope. Theme Control not enabled. Checking MyTiki. do you have a user pref for theme? I do see a theme in MyTiki. Logged out... anonymous still showing the same theme instead of the new one I selected. which version 1.9.11 when you changed the theme in admin did you choose apply style changes only or did you do a full save of the preferences? clean your cookie First I did apply, then I did Save. Looking for oven... what sylvieg said :) I bow to sylvieg's superior knowledge thx I just wanted to look I knew what I was talking about ;) Yup, it was the tiki-style cookie that was the problem. Thanks. .. perhaps we can force a cookie cleaning in the code I've changed themes though and never had that problem before Cookie should be reset by the Theme page, and at login/logout. although I don't think I allow users to change themes if that makes a difference me eat cookie....myum myum myum You spelled "Monastery" wrong. I ate some of the letters Is there a way to reset the site stats (mainly the hit counters) without messing with direct database updates? Sure... write code to do resetting. I'll get right on that I just wondered if the functionality already existed somewhere and I missed it. otherwise maybe I will take a stab at writing some code (heaven help us) :P only some stats can be reset? I haven't noticed an option in 1.9.11 for resetting, and I've been wandering around the Admin pages a fair amount lately. it does not exist so far I know - because it is not simple I suppose mainly the page hits... the reason is that I've been working on a site prior to opening it up to the public so I don't want the pages hits to inaccurately reflect most popular pages and so on. Oops. I haven't selected the "Stats" feature. Maybe that's why I haven't noticed stats stuff. obviously some stats cannot be reset... like the number of wiki pages... it doesn't make any sense to set it to zero. well it's not a "show stopper" .. just wondered if it was possible... it's easy to miss things when administering Tiki (not that, that is a bad thing necessarily. It just means Tiki is very comprehensive!) Yup, that's why I kept Stats turned off on my development sites. When I transfer to the final site with the right domain name, then I'll turn on Stats. well I was a noob of an admin and was experimenting still am a noob AND experimenting page hits though I believe are separate from site stats not much you can do about those all this talk of cookies is making me hungry..off to get some lunch Speaking of hits... is there a way to request that Directory entries be sorted by name by default, rather than hits? I need people to be able find stuff, not have the most popular things stuck under their nose. back lphuberdeau: around ? yeah lphuberdeau: hi, one question about your merges : when we delete (or rename) some files on branches/2.0, do you also delete them on trunk ? (it should) yes, it does svn does that, not me all I do is run a script and fix conflicts lphuberdeau: ok, this is why I'm surprised to see some files that were deleted on branches/2.0 and still remain in trunk :/ hum... lphuberdeau: for example : trunk/lib/Date and trunk/lib/htmlarea the merge I just did removed: D doc/devtools/tikimerge_110to111.sh D doc/devtools/convert_templates_prefs-1.10.php D doc/devtools/search_smarty_prefs-1.10.php yes, nice, but there is some problems that remain do ou have an idea why those files were not handled by the merge ? might have found it... caused by some error... will look out for this one next time lphuberdeau: ok, thanx :) made a fix on my setup, but can't really test without anything to merge :) ok :) oh, I can update plugin_ui ok... error did not show up, but that's not really conclusive evidence.. will keep looking at the issue ok Moo In 1.9x, is it possible to add files to the file gallery directly from one of the Tiki directories, or does it have to be uploaded? snif a svn up on trunk and I lost my db/local.php sylvieg: how did you do that ? svn up only I get that too must be the merge strange... there was no db/local.php under versioning. It should not attempt to delete the file then. file still there sorry my db/local.php is still there but it can not find it hmmm... this may be due to changes I made on tiki-setup.php then :/ try commenting lines 25,26,27 of tiki-setup.php is it related to this ? resolved what was wrong ? that line felt weird in the first place, appeared to be wrong thx lph - working now ok, nice, thx maybe should I backport those path changes to branches/2.0 to reduce risks of bad merges... are you against ? ...bbl backporting causes bad merges by itself yes I know lphuberdeau - sorry will try try not to do it again was mostly aimed to answer nyloth ;) :-) (I feel so guilty ;-) I do not know svn but cvs backporting was ok - if not changing both at the same time so merge backport merge should work yeah, usually not too bad if the fix is exactly the same I try to merge often takes less effort when done often back How is one to activate tiki_p_edit_categories in 1.9.11? I only see it in tikilib.php being tested, not being set in DB anywhere. I have two clients needing article access control. Without tiki_p_edit_categories, any editor can edit any page. lphuberdeau: ok, so you would prefer not backporting path fixes. Not a problem for me neither. for info, about backports, either I backport fixes on {php} smarty tags, either I remove the smarty_security feature from 2.0 ... but since it's a huge security enhancement, I'm planing to backport those fixes to branches/2.0 (also requested by sylvie if I remember well). does anyone now if db/profiles/default-inserts.sql is used in tiki, at any time ? It seems we can remove it since a long time ago... only db/profiles/*.prf seems to be used from tiki-install I think lphuberdeau: it seems not lphuberdeau: _default.prf is the one used by default, and you can choose between db/profiles/*prf lphuberdeau: I will remove it from trunk well, the plan was to make it obsolete in 3.0 anyway so yes, it can be removed from trunk ok, I can clean some stuff then ;) lphuberdeau: did you take some time to check tiki pass encryption methods to see which one is the best for 2.0 and more ? lphuberdeau: I think we should use the md5+crypt one nyloth: it is a security hole if you can change templates - but if you can not .....it is ok? I am speaking about the {php} stuff nyloth: +1 for the lastest encryption by defautl which file are they located in? sylvieg: yes, but if you enable smarty_security under 2.0, your tiki may be unusable since there is some {php} even in header.tpl... this is why I prefer to backport all fixes lphuberdeau: in ./lib/userslib.php ? lphuberdeau: it's the pref 'feature_crypt_passwords' ok it is either backport - either take awayu the setting (thax to you I activate smarty security for the pretty templates) yes :) I think backport is a better choice since we may have security problems that could be due to a lack of smarty security before 3.0 release. marclaporte: around ? they are all really weird crypt-md5 does seem to be the best thought lphuberdeau: I agree lphuberdeau: I change the default to crypt-md5 then, if no objections (I mean, even for 2.0) wouldn't change the default on 2.0 no idea how much this has been tested lphuberdeau: we are using it since 2 years now :) how is the transition from other versions? I noticed there is a lot of code to test older versions lphuberdeau: without any problems since it does only affect new installs (upgrades will keep their method) lphuberdeau: but, if you prefer to change the default only for 3.0, I'm ok. otherwise I think we are forced to do an RC3 lphuberdeau: well, there is some changes on installer that may imply an RC3 btw ;) change the default in 2.0 then ok In Admin:Theme, what does the "Change style only" button do? How is that different from clicking "Save"? I am running TW1.10.0b1. In the Categories feature I can only assign these permissions: tiki_p_view_categories and tiki_p_admin_categories. How do I add permissions such as tiki_p_edit_categorized? hum... switch to 2.0RC2 Am I missing something obvious or is that feature missing in the beta? ...I'll try 2.0RC2 Thanks 1.10 beta was packaged months ago... quite a lot was fixed since OK, I'll try it we should have RC3 out in a couple of days, but I havn't seen any changes going through on permissions since RC2 sylvieg: around ? Does the WMV plugin work in 1.9x? not sure this file format existed when 1.9 was made stable ;p lphuberdeau: great news :) actually, it's just so I don't have to bother about secdb anymore... was a pain every time lphuberdeau: yes, I know :) lphuberdeau: when you will have some time, please also document your scripts (for packaging, but also for merging) in a wiki page on dev.tw.o you mean dev.tikiwiki.org/svntips ? merging already there lphuberdeau: yes, I didn't saw this page, sorry :) lphuberdeau: are you on security list ? yes lphuberdeau: about the last mail, concerning galaxia, what is missing is simply the usual check to avoid using the file if not included... but I thought you have a script that should list files that does not have this checks... no ? I really don't see the exploit path disclosure? is that it? yes, not really harmful I didn't check all files in galaxia... spot check indicated they were really class definitions spot check didn't fall on Base lphuberdeau: what do we do, then, for other files ? do we check them manually or do you enhance a bit your script ? which version do we get rid of galaxia anyway? :) lphuberdeau: lol, I agree ;p lphuberdeau: but marc said someone somewhere is using it ;p mi all :) someone somewhere will have a surprise? :) bleah, what a pita sylvieg: Hi! I'm using TRACKER on one page pointing to a wiki template. In that template, I need to create a conditional table that will display a row only if a prior checkbox is checked. This is what I now have in my wiki template: {TRACKERITEMFIELD(trackerId=1, fieldId=50, test=1, value=on)} __RowLabel__{TAG(tag=>sup)}a, b, c{TAG}|{$f_355}|{$f_356}|{$f_357}|{$f_358}|{$f_359}| {TRACKERITEMFIELD} (fieldID 50 is the checkbox that is checked on a previous page, fieldids 355+ are text boxes to be displayed on this page.) I only want that row of the table to display if the checkbox fieldId 50 is checked. The way it is above, the row is never displayed. Is what I want to do possible, and if so, what do I need to change to make it work? Thanks!