pre tarballs uploading... my first test worked, so it shouldn't be terrible
what is the <x> I keep seeing?
kerrnel: a tie fighter ?
lol
:)
SEWilco2: no, <x> is not handled by HTML Purifier, it's the var sanitizer and it's a necessary feature for security reasons
SEWilco2: it seems you try to save a page that contains things that could be seen as dangerous
nyloth: Aha.  That sounds messy.  I hope someone familiar with the code comes up with an elegant solution.  Goodnight.
no comment :)
night fols
folks
'night
http://profiles.tikiwiki.org/tikirel/
need testing ;)
Btw, there really is a problem with HTML Purifier :/
lphuberdeau: everything seems fine for me, when trying a fresh install of your tar.bz2
2 more to go
ok, now I have to sleep, it's very early here :) See you later !
After way too much effort and flailing, I'm somewhat proud to present the results of my research on my little "registration approval email link to the user_information page" issue.   Here is my ./templates/mail/moderate_validation_mail.tpl:   http://sh.nu/p/24746 ,  and here is the svn diff:   http://sh.nu/p/24747    The punch-line being:   http://{$mail_site}{$tikiroot}tiki-user_information.php?view_user={$mail_user}      Commen
The commas between parameters in wikiplugins are being stripped out (2.0rc2).
Actually _all_ commas in wikitext are being stripped out.
Rrr, the commas are ok at one 2.0 site, sorry. I need to check what file versions are having trouble with commas.
Latest svn up, and commas are stripped out in wiki page edit and submit.
(branch 20)
(wysiwyg isn't turned on)
I wonder why I'm logged in as admin but still get a "permission denied" message in the theme switcher module.
Just for fun, I put {$user} in the module's permission denied message, so now I get "permission denied, admin". :-)
This is probably due to some problem in my local install -- WAMP setup on XP. If I delete "or $user 'eq'" from the module perm/pref check, it displays ok.
or $user eq ''
... Was "request passcode to register" passcode always 32 characters long?
polom
I'm trying to give total permission to a branch of a structure (not the overall structure though) to one user-group.   By setting all permssions to the groups "default" page in the structure (and all subpages) it's working by and large, but I can't seem to get the structure navigation to show up for members of the group.   I'm a member of the root structure's group, so I can see it.   Is there a way to make the group see the structur
e nav?
using 1.10
sorry if that's confusing...hopfully not too bad
btw, the users access is set up for full structure editing and they can do so on other structures present on the site, just not their "private" branch of my root structure.
got it....declared "and all subpages" for the structure root as well as the "branch root".....double-negative apparently.  :-)   I have to assign page specific perms to the pages above that private branch.
eh....or maybe I still didn't get it....I'll be back after more testing....let me know (if I'm making sense) if I'm on the right track pls.  :-)
ya....change in perms mentioned above made no difference...user of that private group can still see/edit all other structures, even modify all perms assigned to his private branch (as well as all the pages assigned to it), but he can't see the structure.
not in the Structures page and not the nav within the structure.
Okay....seems like alternate strategy of managing them under a completely different structure is needed.
Good morning all
Hi all :)
lphuberdeau: around ?
Guys - How do I stop groups inheiriting permissions?
Paragtim: : don't include them
Page comments seem a little flakey in latest branch20. If a "reply" link on a page comment is clicked, the comment zone goes away. Then click the "comments" link again and there's the reply-to form, with re: topic and quoted body, ready to use.
So it works, but in a strange way. ;-)
This could be a local problem, so others should test page comment functionality in 20rc .
Ah, on another domain (not laptop), page comments are ok.
...so I guess it's a problem with my local files. 
Sorry - Wrong Question - I'm trying to make menus specific to groups (one bog standard for users and 1 for a group to view stats etc.  Now both menus are showing.  One for Registered and the other for stats
In the permissions for the stats group it is showing inheirited permission from registered.  
All users at the site are members of Registered by default.
Oh, I got ahead of myself. Maybe that's not what you're asking... 
The registered user menu is working fine.  and I have the mnu_application working for admins only.  The problem is the stats group.
When I login as a mmber of the stats group both the registered menu and the stats menu show in the left hand column
Members of stats group are also Registered.
yep - when I look in the perms for the stats group it is inheiriting the perms from registered.  How can I stop stats inheiriting - if that is the problem
I'm not sure. By definition everyone registered at a site is in the Registered group.
I currently have 4 groups (registered, Moderators, stats and admin).  The Admin group shows the original menu and is displaying as I want it.  The registered is displaying fine and as I want it.  The problem seem is that the 2 other groups, which by definition need different menu structures are showing 2 menus instead of 1
Maybe you could put some code in the module to filter the menu displays -- if stats, show menu a; if not stats show menu b.
to avoid the problem of Registered being all-inclusive.
Or use the GROUP wikiplugin, or equivalent Smarty syntax.
The mnU_application_menu can be set a admin only in the grouping and this works, dispite inheiriting perms from registered.
Any idea what I'm missing
Admin is a subset of Registered, and you can give view perms to a subset so users outside the set can't view. But Registered includes all non-anonymous groups. So if you assign a view perm to Registered, every subset (non-anon group) can view.
Admin inherits the perms of Registered, but also has its own, such as to view a particular menu. When an object perm is given to a group, it means _only_ the group gets the perm.
(I'm not sure how clear this is -- I haven't thought about perms for a while. :-) ) 
I think I'm getting confused and confusing everyone else. Is there an easy way, In assigned modules to stop the registered group menu displaying when the user belongs to another group?
No, the perms are additive, not subtractive, so to speak.
You need to use logic in a new user module.
Right - that solves the first part. Can add perms and they carry up the tree from where they are added.
So where would I start to try and add some logic to get to where i need to go?
Make a new user module on admin modules page. Then maybe something like {if $group neq "stats"}{menu id=x{else}{menu id=y{/if}
But I'm not sure if the group variable can work like this.
You could also create a new group
ex: members
Or, use wikisyntax: {GROUP(notgroups=>stats)}{menu id=x}{GROUP}
nyloth, is everything ok for RC4?
Yeah, to avoid making another group, though, maybe the GROUP plugin would be the easiest. 
registered, members, Moderators, stats and admin
And give no rights or views to Registered
Only to Stats and/or members, as needed
I've found it in doc.tikiwiki.org.  I can't see any ref to the menu id
Marc - Are you suggested moving permissions up the tree to the other groups?
sorry suggesting
yes
I'll give that a try before first - Thanks guys I'll keep you posted
lphuberdeau: well, if you can, maybe wait one or two hours to see if there is no new important bug detected. But if you prefer to do it right now, I think it's ok.
I can wait
ok :)
I should be there to help test, in 2 hours
I've removed all perms from registered and set a group called users with no inheirited perms.  When I login as a member of user there is only the one menu.  when I login as stats there are still 2 menus
Paragtim: you may have set stats as inherits the permissions of Registerd
There are no perms in registered.  Removed as per Marcs suggestion.  Still open to other suggestions tho
nyloth ?
lphuberdeau ?
polom
should I put the new HTMLPurifier in 2.0 before RC4 ?
there are security fix according to changelog...
isn't that for 3.0?
well the question is should we ship tiki2.0 with know vulnerabilities in third party libraries ?
that's why I ask ! ;p
I don't even know where it's used
is it used?
I just submitted some clean up/optimizations to sanatization.php
yes...
well at least we have an option to use HTMLPurifier in the admin panel ! ;p
what is it used for?
&search_index in refresh-function.php, to clean up data before indexing... for one
tikilib use it to clean up page code
if it the user says that the page is HTML...
for tiki3.0 as it is supposed to be PHP5 only, we will udpate third party libraries to PHP5 versions...
if the plan is still ok...
can you check how much is impacted by upgrading the library?
if it's only replacing the library and no impact on our code, it's probably a good thing
hi sept
ok with lphuberdeau for html purifier
ok to update all libs to PHP5 only for tiki 3.0.
one thing... don't do both at once
do 2.0 first, let me merge to trunk, then replace in trunk
(just to save me some pain)
and I suggest to put it in third_party/htmlpurifier for trunk instead of trunk/lib/htmlpurifier 
+1
nyloth : it is not that simple as there are files in lib and lib/HTMLPurifier...
don't know...
sept: many files in lib/ ?
3 to 4
lib/HTMLPurifier.auto.php  lib/HTMLPurifier.func.php  lib/HTMLPurifier.php
3 ...
lphuberdeau : only modification of lib/HTMLPurifier/* and the 3 files above...
sept: hmmm... I think it might not be a problem to keep them in lib/ ... have to check 
no other changes required in tiki/no major impact?
I am testing know...
sept: IMO it should work fine if those 3 files are put into third_party/htmlpurifier too. we just have to change path of them in files that includes them.
ugh... update dev.tw.o... commas get kicked out
with latest version ? strange...
I just edited a page and all commas are gone
was it updated since the fix?
lphuberdeau: oops, yes, I will update it now
oh, and if you could rollback TikiCoreRFC-1 (which I can't do), it would be great ;)
dev.tw.o is up-to-date now :) thx
ok, rolledback
still no commas on the page
hmm... looks like the problem was there when I first wrote it
lphuberdeau : HTMLpurifier 2.1.5 seems to work ok
with my lasted commit on sanatization.php it should be ok...
+1 for commit in 2.0
ok I do it now...
ok done
http://dev.tikiwiki.org/TikiCoreRFC-1 -- now with commas!
there are now two open positions, any takers?
In changelog, should we add that we fully support commas ? ;p
does sound like a 2.0 feature
:)
updating trunk in case that bug was in
are we good for RC4 now?
sourceforge is going to hate me for overloading their SVN server
lphuberdeau: about the open positions, for "Define the list of individuals" could be the TAG, not just one guy. There is already a way to take decisions for the TAG, so , should be ok.
that's OK, but I want a single person to be accountable
basically the person who will initiate the discussions and publish the results
lphuberdeau: then I propose that you submit this request to the TAG mailing list, so that will be discussed
(I'm not on that list)
(and I think that's just fine)
lphuberdeau: yes, but I thought you can post on it even if not a subscriber
but the point is, this is not my proposal, I want many people to be part of it
if it's only me, I will reject it myself
lphuberdeau: ok
lphuberdeau: for RC4, just wait a bit more ;p I have to test something right now
what ? :D
sept: well, I wanted to remove <x> from strings that are already converted into html entities because they are not dangerous anymore. I wanted to make a test on the search tool, but I saw that the var used there ($words) is not escaped in template associated php... so I have to find where it is ;p
my goal is to hide whenever is possible, those <x> to the end user. When we have some in a rendered content, no problem, they are treated as ignored HTML tags. But in inputs/textarea they are shown... It's probably better to remove them
(some users complained yesterday evening, this is why)
ok
yes it is annoying to have <x>somestuff</x> :(
hi all
hi
ok, commited for search and other places (in fact, the search is handled differently and converted in html entities inside tiki-setup_base...)
it should be ok, maybe just have a look and test if you can :)
well, apart from that, I think we are ready for RC4. lph ?
I just need to fire up the script
'k
Is there a limit to the number of dynamic variables you can have?
why would there be?
well, perhaps my question was not phrased well
obviously there are limits
computers can only store so many numbers
I just wondered if for practical purposes there were any limits that humans might have a problem with
sept: around ?
or run into
I found a bug with sanitization and htmlpurifier... hmmm
strange, I can't reproduce it now... ok, nevermind ;p
nyloth : yes ?
i believe i have found a bug in 2.0rc3 regarding freetags and blog posts
mstef, likely not to be fixed - blogs are low priority at this stage
lphuberdeau: i am atm trying to fix it.
sept: could you please test wysiwyg with htmlpurifier with bad things ? I think it's not ok
nyloth : do you have exmaples of bad things ? 
yes, many ;p
sept: look at your mail
well, in fact I know what is wrong... fckeditor make an unhtmlentities for the wysiwyg... and this reactivate bad things since <x> are removed before htmlentities ... not sure what the best choice is
<SCRIPT a=">'>" SRC="http://ha.ckers.org/xss.js"></SCRIPT>
doesn't work,
you have : 
ript a="&gt;'&gt;" SRC="http://ha.ckers.org/xss.js"&gt;</p>
what do you mean by "does not work" ?
after a save/edit
the exploit doesn't work...
well, sure, but in the iframe of the wysiwyg, it works
no, maybe not this one
but check your mail and save a page containing the mail body
nope, no exploit...
did you test my mail ?
in wysiwyg
under FF
you copy paste all in SOURCE mode of fck + you make a PREVIEW (not a save)
yes, I am copy/pasting....
you will have a warning
yes...
either we remove the <x> removal... either we find a solution for fckeditor... what a f***ing s*** :(
if you have an idea...
well, what is exactly the pb ? let's me summurize :
1) sanatisation clean the exploit and introduce <x> tags
2) fckeditor finds <x> tags and removes it ?
no
is that right ?
2) I modified ./lib/smarty_tiki/modifier.escape.php to remove <x> for strings that will be htmlentitized, since the exploit is no more dangerous in this state
3) fckeditor convert back (unhtmlentities) and reactivate exploir
s/r$/t/
for the purpose of wysiwyg, in it's iframe
well : if I copy/paste your mail in fckeditor I got a problem
already when copy-pasting ?
when I click on source I've got the warning...
so we need to do the clean up in fck
well, this case is not so important since we can't do nothing and it affects only the bad guy
when we switch from/to source
yes
but if I do not click on source after pasting, and I click on preview I've got the warning....
well I am still the bad guy...
yes but this case worries me a bit more
if I click on save, then no warning...
so a bad guy, can annoy himself... and only himself...
this can be acceptable, yes... mhhh
well we need to see if it is the only effect...
but the exploit is not recorded in the database... which is good ! ;p
sept: no, we are wrong
sept: try the same without html purifier feature
sept: copy/paste in source, save, edit, preview
html purifier does its job, but man can disable the feature (I even think it's disabled by default)
if there is no more idea, I will convert back &lt;x&gt; into <x> in ./lib/smarty_tiki/modifier.escape.php, instead of removing the tag completely. This should be ok.
well: we should enable HTMLPurifier for html page and fckeditor
well it is only used in this case...
sept: yes, but maybe not for 2.0. It will break other non XHTML strict content...
sept: we are not ready for this right now, IMO
sept: I'll commit my proposition in a few seconds, let me know if it's ok for you too
well HTMLPurifier is called only for page with HTML, in tikilib::create_page
and update_page
I've just commited something... could you have a look please ?
yes, I know, but the same problem may exist with other parts of the code (not only fckeditor)
and I think we should support XHTML transitional in HTMLPurifier before enabling it all the time
nyloth : I don't understand what you are saying... did you read what I told you ?
lol
maybe I misunderstood you, what do you suggest exactly then ?
we have problem with page that include HTML right ?
yes, and probably in other places too, as I said (but not sure)
the sanatization.php takes care to remove exploits, right ?
yes
or not remove, but disable
we only have pb with page parsed by HTMLpurifier ?
no
ok
It's worse if not parsed by html purifier
we have pb with page we they do to fck ?
we they do ?
well if parsed by HTMLpurifier, <x> could be removed, reactivating the exploit no ?
no
well I'am puzzled at the problem you are looking at
HTMLPurifier leaves them and add </x> to close them
lol
well I still don't understand what your are trying to achive :(
ok, let me explain :)
please...
I wanted to hide <x> in textarea, inputs, etc. So, to achieve this, I changed lib/smarty_tiki/modifier.escape.php to remove them before doing an htmlentities
But I was supposing that the encoded string won't be reverted into dangerous data back
It was wrong since it's done by fckeditor
In fact, nothing to do with purifier
So, I just changed my commit to convert &lt;x&gt; into <x> AFTER htmlentities
then I got lost by : <nyloth> sept: try the same without html purifier featur
this way, dangerous things are still disabled
sept: I said "without html purifier" because you thought it was not dangerous when saving... and it was wrong if disabling HTMLPurifier. HTMLPurifier removes bad things.
sept: so, it was to show you that we could not leave the code as it was.
sept: and forcing HTMLPurifier is not a good option because it only applies to wiki page
only for page with html, so if you use the normal editor and do not click on is html, you don't go through Purifier...
So, the way it's made now will hide <x> in many places without risks... but sadly, they are shown in textarea... well, no better solution yet
ok, should we try to have less false positive ?
yes, so forcing it is not a solution
no...
sept: so, we probably agree on this point since the beginning ;pp
well yes I got confused by one of your remarks...
well, I'm not sure there is still really annoying false positive (except that all inline stylesheets won't work in wiki pages, but it's more careful)
ok :)
ok so the pb is that you have <x> tags all over the place right ?
well, with my modification of lib/smarty_tiki/modifier.escape.php , it's not in so much places... but still in wiki textarea for example
well I don't see that as a pb... don't try to influence the style in user input HTML... seems reasonnable to me ! ;p
for textareas, I don't have any clue to hide them without removing them... which may be dangerous
sept: for css, I agree, yes
well ... I think we could accept <x> in textareas for 2.0
maybe we could discuss this tomorrow when we will be in the same room : ;p
only affects wysiwyg?
sept: sure :)
for wysiwig the exploit is run only on the browser the bad guy is...
yes, not a real problem
that's OK with me
nyloth I feel unconfortable to hide/delete what ever the <x> tags...
not really an XSS... and anyone can hack their own computer
right...
sept: well, do you have something against the current solution (in SVN) ?
I need to test this
so I put style or javascript in my page right ?
sept: not so simple, at least javascript:
or style=
and then I have ja<x>vascript: ?
yes, but only in the textarea
and in source code of what is rendered
but this is not seen in the browser
hum... no, not in the source code too (I'm tired :) )
well in fckeditor to...
yes, forgot my last remark ;p
so, this seems ok for me
well the pb is that you search for exploit in flat files without the DOM context so you have lots of false positive
there is no good solution, I my opinion
well no perfect solution
sept: stop :) we agree on this and you know my position about this for 3.0 .... but for 2.0, we have no better way yet
exactly
yes
for 2.0 it can be ok
ok ;)
I think...
lphuberdeau: so, finally, RC4 :)
sept: me too, we've done our best for now I think
the problem is with the combination of user input, like in trackers... where the exploit is splitted ...
... phone... bbl
we will have to check the output of smarty
to be on the safe side...
sept: I agree. could you commit something with HTMLPurifier on 3.0 (for smarty output) ? :-)
sept: It would be nice ;p
so, it's a go for RC4?
well if there is no more things on the showstopper list  ! ;p
nyloth : I will try... but not today ! ;p
fired up
sept: ok :)
sept: not a so huge work, you know ? ;-p
well I am on something annoying right now...
sept: for Tiki ?
nyloth : yes...
templates/tiki-admin_trackers.tpl is not nice ! ;p
well it is better now : ;p
:)
uploading...
hi all
http://profiles.tikiwiki.org/tikirel/ -- gz and bz2 ready for testing
second week?
isn't that when it's due for release?
I thought that was what I read somewhere
lphuberdeau: the tar.bz2 works fine for me for an update of existing 2.0 and for a fresh 2.0 install. Also tested <x> stuff that seems acceptable.
sounds good, two more to go
SEWilco2: hi, did you test 2.0 RC4 to see if it's better for you ?
zip now ready
Hi all.  In IE7, my tw trunk/head 13972 geo-light.css site is too wide (zoom and text are set at 100% and medium).  In firefox, it looks fine.   The relevant links from view-source seem to be:
<div id="tiki-main"><div id="tiki-mid"><table id="tiki-midtbl" border="0" cellpadding="0" cellspacing="0" width="100%">
<tr><td id="leftcolumn" valign="top">
Any ideas?  Should the midtbl be 100% or something more like 70 or 80%?   Thanks.
nyloth: RC4 exists?  Will try it.  Been busy setting up for big file upload with Search indexing.
s/links/lines/
http://profiles.tikiwiki.org/tikirel/ (prereleases)
SEWilco2: the tarballs are in test and if ok they will be uploaded to sourceforge
lphuberdeau: I think you can also launch a merge to trunk
nyloth: 'svn update' under way.  Thanks.
will do after RC4 is fully packaged
SEWilco2: of branches/2.0 or trunk ?
lphuberdeau: ok :)
sewilico2, we need people to test tarballs ;)
nyloth: SVN 2.0 Stable.  Interesting bunch of file updates.
ok
so hard to get 3 tests
lphuberdeau: probably not the best hour of the day...
I'm trying to figure out how the 2.0 SEFURL code works (I think I have to learn about Smarty modifiers); should I create SEFURL fixes for 2.0 Stable or trunk?
tomb: around ?
SEWilco2: for trunk only, now
SEWilco2: In stable, only bugfixes, major critical bugs, and translations
s/bugfixes/secutiry fixes/
I could argue SEFURL performs translations. :-)
SEWilco2: http://dev.tikiwiki.org/tiki-index.php?page=Where+to+commit
SEWilco2: lol yes, but ... no :)
nyloth: there is no good time of the day
lphuberdeau: maybe, but it seems there is quite nobody here right now :)
next time I hear discussions, I'll announce tarball tests, then you will hear the silence ;)
lol :)
I've got a new clean default install of 13973 if you need me to test anything on it.  I can svn switch it to something else if you  like.
Deepak: So, are your tests of TikiWiki 2.0 RC4 tarballs ok ?
:)
Petjal2: well, in fact we just need to test tarballs, right now, to send them to sourceforge if ok.
OK.  Let me know how this noob can help.
http://profiles.tikiwiki.org/tikirel/ (preRC4 tarballs to test)
I want to stress test my TW server...and maybe some scripts would help test TW versions. Any suggestions for HTTP scripted load tools?
ok.. so I tested the tarball, nyloth did as well, and we had tests of svn at same version
and no files are corrupt
will have to call this a go
can't wait forever
fwiw, sha1 and ripemd160 of the 2.0.preRC4 tarballs here:  http://sh.nu/p/24748
...and a signed listing here http://sh.nu/p/24749
polom
Hi - is there any way to assign view / edit permissions for a group to an entire category? I am really stumped trying to find out how
Have already looked here - http://doc.tikiwiki.org/tiki-index.php?page=Category+Admin&bl=y
harold: I think that is described in a 2.0 document... hold on.
harold: part is in here... the "edit content in categories" refers to being able to edit articles which are in a group-permitted category. http://tikiwiki.org/ReleaseNotes20&bl=n
I've got another tab someplace with the details...
Thanks SEWilco2 - so, if I understand you correctly, I cannot assign groupwide edit permissions to a category in 1.9.1 (which I am currently running)
harold: Part of the missing piece is here: http://doc.tikiwiki.org/tiki-index.php?page=groups
harold: Mostly correct.  One of the 2.0 documents mentions 1.9.11 has the 2.0 capability partially implemented under a different permission name.
harold: There is no 1.9.11 tool for activating the new permission; I have not tested it, only looked at its code.
harold: Thus, because I also need the new permission, I'm switching to 2.0 if possible.
ok - so outside of upgrading to 2.0 there's no easy way to assign the edit content in a category to a group within 1.9,1?
Can someone tell me the trick for getting comments on to the page for groups other than admin.  I'm pretty sure I 've ticked all the boxes.  Its works for admin but nothing else !!
harold: without the new permission, anyone with edit permission is able to edit anything which they can view.  The new permission allows only editing of things which are in a category which has the edit permission attached to it.
Paragtim: Maybe there is a permission related to comments?  Look under Admin>Groups at the permission for the group which can't use Comments.  Try the "find" tool for "comment".
harold: Before 2.0 there was only a global edit permission.  The new 2.0 permission allows edit permission to be controlled through categorization.  If I understand it correctly.
Found 7 and they are all selected - still nothing in the registered group but working fine in the admin group
Paragtim: Clear your cache in Admin>Sys Admin?
Sys Admin?
Found it
https://sourceforge.net/project/showfiles.php?group_id=64258&package_id=266122&release_id=616722
Not worked - Rebooted as well - still the same as before
Paragtim: I'm puzzled then.  Which TW version?  1.9.11?
1.10
1.10 does not exist anymore
1.10.0b1
upgrade to 2.0RC4
re-labeled the version
what damage will it do to my system - permissions, features etc?
Paragtim: 1. It can't hurt to do a database backup just in case.  2. You can put 2.0RC4 in a directory of its own and point it at the same database (or a copy).
Just did a release check and it came back as 1.10.0b1  - !!!
but 2.0 is really 1.10 with more fixes
download is available from sourceforge
where can I get it?
Paragtim: https://sourceforge.net/project/showfiles.php?group_id=64258&package_id=266122&release_id=616722
Is a MIME type converter needed for plain text files which are uploaded to a File Directory, in order to enable text search of plain text files? "cat %1"?
i!
hi!
I'm confusing about the 2.0 release status.
The release notes page (http://tikiwiki.org/ReleaseNotes20) sez that it "was released in July 2008"
RC was
That doesn't seem to jive with the Topic msg in this channel, or the news on the home page.
RC4 was released earlier today
is that considered stable?
MacLeod: hi, this probably means "technical release" or "creation of 2.0" ... but as lphuberdeau says, we are in RC stage and the stable release will probably be out in something like one or two weeks
MacLeod: quite stable, yes, you can test it :)
I aim for next week, but that's all right
ah, OK
thanks for the clarification
lphuberdeau: ok
unless we get something critical, I don't expect much more movement on that branch, except maybe translations
how's WYSIWYG working?
incidentally, we're planning to do our corporate-wide launch of our 1.9.11 Tiki by the end of this week
might be good to consider 2.0 then
it's been in a sort of beta mode for months now, and the last few prereqs are being wrapped up
i don't think our contractors could do the upgrade by the end of the week
do you have custom code?
no, just template mods
we'll announce with 1.9.11, and have them upgrade as they can get to it
MacLeod: I'm in the middle of planning for our upgrade from 1.9.11 to 2.0.  It's actually not bad.
A couple of minor items with the template we've been running, and some tracker issues, but nothing major
The upgrade itself was pretty simple.  I started Monday this week and am now working on tweaking our existing tracker database to be compatible with 2.0 (we made some changes in 1.9.11 that exist differnetly in 2.0)
I'd recommend upgrading.  Especially so close to the 2.0 launch.
Answering my own question: Looks like uploaded text files are not indexed unless text/plain has a handler such as "cat %1", based upon filegallib.php
Hi, I have a category permission bug to report - who is the brave soul to whom I can assign it :) ?
hi all having a problem getting the user name to be added to a tracker during registration. I have followed the instructions on doc.tw.o. All my additional fields get stored just missing the vital user name. Tanks
@test
"remember me" hates me.  :(
I remember you - long time not seen, rlpowell - nice to have you here! :)
Hi.
heya ho :)
I only come here when I'm having problems, I'm afraid.  :)
Mostly Tiki is nice to me and Just Works (tm).
hmm, ok, that makes you a little bit awkward... ;P
well, that's good to hear - so that makes up for it! :D
I do contribute back any fixes I write though, so I'm not a completely bad person.  :D
ok, then you're really totally and completely excused! ;)
Right now I've got a multitiki where the "remember me" feature isn't working at all.  If I wait for an hour or so and hit reload, I'm logged out.
Unfortunately, I don't understand web logins at all, so it's not something I can easily debug myself.
hmmm... I never really worked with remember me (at least not to a level that I would know after which time it logs me out)....
.... I just know that it somehow works for me (even over the browser closing/opening session break)...
... but how it really is done - no idea either, I'm afraid!
But I think that playing with remember me/cookie path and so on is the only way to go...
... imho, basically it works nicely!
But apart from that you gotta wait for others who have more knowledge.
Yeah, see, I don't even know what "cookie path" means really.
I've never understood cookies.
oh, ok :)
http://en.wikipedia.org/wiki/HTTP_cookie ;)
basically Tiki saves the login in a cookie - you can clearly see that, when you clear your browser cookies, you are logged out
so the cookie path is something to distinguish different cookies afaik
making sure that the cookie-paths are different makes sure that you distinguish your MultiTiki-instances...
... but why you are logged out that quickly... hmmm...!??!!
can anyone help a desperate man fix his user registration tracker?
MatWho_: I can't, but I'll let you know that you are not alone - I am having very similar tracker problems 
harold: what are the symptoms?
MatWho_ and harold : I used it once, but lots changed - lately there was somewhere posted a link to a tw.o site where it was described - did you search those sites?
and apart from that - yeah, you two guys found each other - probably your exchange will help both of you :)
( and then let others know please )
amette: yes - I have created trackers and assigned them to the "Registered" group, used the user selector - No dice (ie, the fields do not show up as part of the registration process)
harold: there is a "none" option for assigning bugs.
harold: I remember it as being shown in your "User Preferences" as something like "View personal tracker information"....
... but yes - I heard something about there being a possibility to show those fields at registration time, true! But I think that was after my usage of it.
Search devel-list on sourceforge.net for that, I think...!?!?
amette: so in the end were you able to add those fields to the registration form?
no
I found the thing from devel-list: http://doc.tikiwiki.org/tiki-index.php?page=User+tracker
amette - Yep, that is what I went through as well
ok, the post on devel-list said: "Kind-of-found-the-way through irc yesterday, and already briefly 
described on doc.tw.o."
so the rest must be experimenting as long as someone finally posts the solution to that doc.tw.o page
( or reading the code )
Any Smarty people on?
here's a list of stuff done to tw.o in that regard (there it works partially) and a list of known bugs in that regard, too: http://tikiwiki.org/TikiFestStrasbourg#Distant_participation_agenda
kerrnel22: basic or specific smarty question?
and btw just "ask, don't ask to ask" ;)
amette: I have been through the stuff on doc.tw.o but it still does not work.
no point asking if there's no Smarty smarties around. :)    There are a number of string manipulator functions, but was wondering if they had an equivalent to substr() ?
well, it has a point if they are in lib/smarty_tiki - otherwise there is more use of asking in #smarty - and overall it is always more use in asking, than asking to ask ;)
even a smarty smartician can't know if he can answer your question as long as he doesn't know the question - but if you ask the question, it could be that some not so smart smartician reads it and knows the answer by accident - you know? ;)
and also btw - we are trying to establish again a culture of reading back IRC-logs as we are going to establish a new nicely searchable web-IRC-logging...
... yes, that will take some time for people to learn to and get used to it - but it will be essential to be brave enough to throw ones questions just in and on the other hand be disciplined enough to keep discussions on focus...
... focus being "the problem" not "asking for the problem".
( yeah, I know that I'm verbose on IRC, if I'm on IRC - but well, fun has to be - but as topic says "asking to ask" is more unnecessary than fun ;)) )
sleep well, SEWilco2 :)
Normally I just ask, but I've been told in the past with smarty questions to go to #smarty.  Unfortunately I am limited to using the Linux-Quebec web portal to #tiki which doesnt' allow access to #smarty or anything.
I'd gladly search the IRC logs if I knew of a place where the log was working.
rc4 is out?  I thought rc2 was just released a week or two ago?  I haven't seen r3 yet
hmm, ok, yeah, that's unfortunate... so four options here: 1. ask and don't ask to ask, 2. ask here with a clean conscience, if it is in lib/smarty_tiki, 3. ask here, if it is smarty in general (not so bad actually), 4. ask in #smarty (no option for you)
first option being highly preferred ;)
yup, it was just today released - no big announcement yet, I just noticed and put it here
"Release early, release often" ;)
what happened to r3?
I think it was pretty short-lived... ;)
apparently lol
*g*
amette: Hi I have tried many things to get the user registration tracker working. It must be a bug, whats the best way to get it reported?
MatWho_: basically the best solution is to report it on http://dev.tikiwiki.org ....
... in this special case though - I'd recommend getting in touch with developers interested in it (as this is a moving target right now, so you might very well throw in own ideas for example, too )
MatWho_: as you could see on the WikiPage I posted above: xavi is interested in this (and he actually even posted the devel-list post with the link to the doc.tw.o page - he wrote it) - so I think that asking him and getting involved in the process would be a good thing to do! :)
amette: so that answers my first question, what is the best way to contact xavi?
isn't his mail-adress public on tw.o?
I can't find a similar function to substr...I guess I'll write one
could try edu.tikiwiki.org
Generally I find if you send him a PM on tw.o he'll respond within a day or two
kerrnel22: uhm... why? I mean: what is so special about kerrnel22_substr() in difference to substr() ?
amette: its not there
I need it in smartycode not php
MatWho_, harold:  I had the same user tracker username problem earlier in the week (or was it last week...), and sylvieg fixed something, then I did a svn up, and it works now.  
MatWho_: then do as kerrnel22 said and contact him by tw.o PM or wait for him in here.
kerrnel22: aaah, ok!
Petjal2:  when did you do the svn and from where?
kerrnel22: ok, no idea at all then! Ask smarty-people please about how much sense it makes - they will know for sure about any diffuse implications it brings with it - otherwise: welcome to commit it (to smarty even)! :)
I do a lot of svn up's cuz sylvieg is fixing lots of things all the time, so, sorry I can't recall, but it was within the past week, maybe Monday?  svn up https://tikiwiki.svn.sourceforge.net/svnroot/tikiwiki/trunk .
ok so I will do the same. Thanks.
Good luck.  Let us know...
I'll probably have it committed in a few mins.  Though I'm getting gunshy lately with commits, even to the trunk.
Looking through my old IM log with sylvieg, it looks like it was fixed the afternoon of 7//23 US Eastern time.  (Wow, time flies...)
Petjal2: Great thanks
kerrnel22: yeah, it's good to be gunshy nowadays - though in trunk it is much easier to be promiscuous - it is still wanted and greatly encouraged to be brave, but in trunk you'll have to stand for it for half a year!!
you can do it in an experimental branch (which is encouraged also) for completely and totally free, if you like! But for something like a smarty filter that most absolutely probably is overkill....
... on the other hand I wouldn't promise anything for a smarty filter surviving in trunk without any devel-list discussion proving its relevance beforehand!
So: Do what you gotta do! ;)
I'm off to fetch something to drink now - but be back soon! ;)
It's a very minor addition to the smarty libs.
kerrnel22: it might be a minor addition, but it still is an addition and moves us further away from standard smarty - so for example: if it makes us something really special in the smarty community, it is really bad, if we don't commit it back to the smarty community - that's why I asked you to ask in #smarty first, if and how this makes sense
ok - just packed my backpack - now I'm really gone and back in about some couple of dozen of minutes... ;)
Well, if it gets rejected, then I give up.  Keep trying to add value and features to tiki and keep hitting roadblocks or complaints.  No 'hey that's a decent addition' or 'hey thanks for adding that'.  Usually I get "that's got security problems" or "we already have that" and am asked to roll back, even though I've asked in various ways if XX was already in the software.  Frustrating.
Nobody cared much when I was working on stuff in 1.9.  I don't want to develop just for our site.  I think our needs match what the tiki communities needs are, whether they are known or not.  I like to think I don't code like a 6th grader and I've got some solid ideas, but I sure don't get that in feedback.
Anyway, been in the office too long today.  night, and thanks for the help
Strange thing happening.  I've just uploaded rc4 to a virgin site and have looked at the problem of comments.  So 1 x admin a/c and 1 x reg + plus the standard admin log in.  3 Pc's - 1 for each a/c.  One is showing a totally different tikiwiki logo than the other 2 and 1 is showing 2 menu tress on the left column.  Any ideas whats going on?
Paragtim:  I don't know, but it sounds like tiki and/or browser caching problems (which I have hit several times).  
 A rational explanation - thanks - and with that I think it is time to call it a day.  Hope for a better day tomorrow
:)
nyloth: got your e-mail, will send an e-mail, may be an announce of RC4 on info.tikwiki.org would be nice
so I can point to it
put in the announce that security issues were fixed after report from Joshua..
anyone can post to info.tw.o ? I don't think I have access to this site