MartinCleaver: svn, ricks99 ricks99: k. upping now... nkoth3: MartinCleaver: that's good. Just wanted to make sure it is tolerant to font size changes MartinCleaver: ok, am going to apply these changes to vps7 nkoth3 - it might affect ie7 too nkoth3: ok. MartinCleaver: if so we can later componetize it so it doesn't break ff marclaporte: ricks99: : latest svn ***: luminoso has joined #tikiwiki
jonnyb has quit IRC (Read error: 110 (Connection timed out)) marclaporte: amette: : please svn up doc & dev so we may test the hundreds of commits jonnyb_: coo - (finally) - http://skitch.com/jonnybradley/bxsnk/microsoft-windows-xp ricks99: k. in installed new from svn w/ Personal Blog and Profile ***: luminoso has quit IRC ("Leaving")
luminoso has joined #tikiwiki nkoth3: jonnyb_: is that ie8? jonnyb_: sorry no, ie7
but oddly diff to MartinCleaver's nkoth3: well, yesterday during the workshop, we saw what MartinCleaver's has
the login boxes weren't accessible
they were on the "next line" in the white area ***: btiffin has joined #tikiwiki MartinCleaver: thx jonnyb_ jonnyb_: they're ok for me (too high obviously) ***: luminoso has quit IRC (Read error: 104 (Connection reset by peer)) MartinCleaver: f12 will get you the developer toolbar nkoth3: jonnyb_: try vps7.etazo.net/3.0
and see if it's any different jonnyb_: ta, will do
yes, broken ricks99: minor issue with login area in header jonnyb_: suspecting the menus nkoth3: same suspicion^ ricks99: actually, lots of issues in ie8 ***: luminoso has joined #tikiwiki ricks99: blogs are way messed up nkoth3: ricks99: could you post some screenshots? ricks99: where nkoth3: skitch.com ? ricks99: k.... ***: franck has quit IRC (Read error: 113 (No route to host)) -: jonnyb_ found skitch.com quite painless after working out you have to download the app ricks99: "Windows version is not yet available"
wtf? -: ricks99 can't believe that some folks don't make their applications availble to 75% of the world! MartinCleaver: heh ricks99: no skitch for rick :(
i'll upload to tw.o file gallery.... nkoth3: k ***: franck_ has quit IRC (Read error: 113 (No route to host)) ricks99: http://tikiwiki.org/gallery42
give me a few moments to upload... jonnyb_: ok, i'm getting somewhere with evil absolute positioning css stuff - anyone got anything better? ricks99: take @ look at blog page... there's a huge left hand margin
header area has xtra whitespace by username/pw area, too MartinCleaver: somewhere or nowhere, jonnyb_
? jonnyb_: hard to tell - plan b - gimme 10 MartinCleaver: y, know the feeling -: jonnyb_ finds it helps to be testing the same files you are modifying generally
MartinCleaver thinks it would be nice to be in the same 1/3 of the planet as his browser jonnyb_: ok, i have a fix(ish) for ie7 - functional but not perfect - new strasa/ie7.css (shall i commit or post somewhere?) MartinCleaver: oooooooooo - I just did the same thing, jonnyb_ -- modified for the wrong machine
commit please jonnyb_: roger rog -: MartinCleaver impatiently svn ups 6 times MartinCleaver: thx CIA-65: tikiwiki: 03jonnybradley * r18869 10/branches/3.0/styles/strasa/ie7.css: [FIX] Tentative fix for login bar in Strasa on IE7 jonnyb_: go! :) MartinCleaver: does it, er, work for you, jonnyb_ ?
oh, it's a step in the right direction -: MartinCleaver looks back at old screen shots jonnyb_: yes, i get password & login (oh, i don't have menus on - 3 moments...)
yes, still works with Personal_Blog_and_Profile prof installed (menus etc) MartinCleaver: http://skitch.com/martincleaver/bxsrq/ie7-after-jonnys-change-18869
seems to now show lots of random links (e.g. VLog) top right - these didn't show before http://skitch.com/martincleaver/bxi68/ie7-2
is this what it looks like to you? The login box still is not right for me jonnyb_: no, i get http://skitch.com/jonnybradley/bxsrx/ie7-after-jb-change
doesn't look like it's picking up the ie7.css? nkoth3: links are caused by me MartinCleaver: ok nkoth3 nkoth3: i installed the blog profile on top of what we already had MartinCleaver: aha -: jonnyb_ thinks profiles must be a good example of something, just not sure what nkoth3: but other than the links, which don't matter other than they ran out of space
the login box is still too high, right?
ok, let me reduce my number of links .. jonnyb_: the bg goes down too far (i think - gets rulers out) MartinCleaver: ah - my fix did work!
this may break FF CIA-65: tikiwiki: 03mrjc * r18870 10/branches/3.0/styles/strasa.css: temp fix for ie7 MartinCleaver: y, this is okay for me on ie7, too low on ie8 and ff
what browsers are you supporting anyhow? jonnyb_: why not put it in ie7.css? MartinCleaver: I will do. jonnyb_: upsets safari slightly (login box too high by 3px)
same in ff
alignment perfect on ie7 - but no login inputs again (too low & white) MartinCleaver: y, thx. Am adjusting.
18871 CIA-65: tikiwiki: 03mrjc * r18871 10/branches/3.0/styles/ (strasa/ie7.css strasa.css): header height fixes - pushing to ie7.css MartinCleaver: login inputs gone, eh?
not sure I can diagnose that too well without tools on ie7 ***: _dthacker_ has joined #tikiwiki jonnyb_: you have DevToolBar? MartinCleaver: not on my ie7 box - can't touch it
only on ie8
hmm. ie7 has a gap again
looks like #header-top[id] hasn't taken effect.
anyone got an ie7 with dev tools I can borrow?
do you agree, jonnyb_ , that ie8 looks ok, and safari still ok? jonnyb_: mine's only local
svn upping...
hmm - saf and ff good again - ie7 has gap but inputs visible (& usable!)
i don't think you need the [id] 'hack' in an ie7 only css - i think it ignores it (mostly)
in fact i'm not sure the ie7.css is doing anything :(
nope - only ie6 style specific css picked up...
can't fix now - need sleep - stuff to do tomorrow (soon)
shall i rollback the ie7.css? (kil) nkoth3: we'll continue to try it jonnyb_: needs a fix in lib/setup/theme.php and header.tpl i think (for ie7 to work - and you might as well do 8! ;) )
anyway - good luck & good night ***: jonnyb_ has left MartinCleaver: thx jonnyb_
ok, I'll add ie7 and ie8 ***: marclaporte has quit IRC (Read error: 113 (No route to host))
franck has joined #tikiwiki
vkumar has joined #tikiwiki vkumar: hello everybody CIA-65: tikiwiki: 03nkoth * r18872 10/branches/3.0/ (css/ie8.css lib/headerlib.php lib/setup/theme.php): [FIX][ENH] ie7.css was not working properly for individual theme before. Also allow ie8.css
tikiwiki: 03mrjc * r18873 10/branches/3.0/styles/strasa/ie7.css: Hopefully the last ie7 fix. Thanks to jonny for pointing out ie7 hacks file doesn't need [id] ***: franck__ has quit IRC (Read error: 113 (No route to host)) ricks99: hi vkumar MartinCleaver: gallery42 bug is infinitely wide on ie8 nkoth3: ricks99: ar eyou still around? ricks99: y, back (more or less) nkoth3: can you go to http://vps7.etazo.net/3.0/tiki-view_blog.php?blogId=1 and tell me what you see with ie8? ricks99: huge left margin before the first column
looks identical the sample image i uploaded MartinCleaver: hmm. nkoth3: MartinCleaver: note ^ -: MartinCleaver did nkoth3: maybe we have a different version of ie8... ***: chibaguy has joined #tikiwiki MartinCleaver: can you clear caches, ricks99 ? ricks99: y.
note, that the *wiki* page looks good
issue is only with tiki-view_blog chibaguy: polom nkoth3: you can try svn up your copy and see if the wiki page is fixed on your side as well... ricks99: i mean, view_blog_post
view_blog is ok
interesting.... http://vps7.etazo.net/3.0/tiki-view_blog.php gives me "you are not logged in" but I can access http://vps7.etazo.net/3.0/tiki-view_blog.php?blogId=1
i take it back, view_blog produces the left margin too
updating svn and will try local...
no difference with latest svn local MartinCleaver: ok ricks99: note: if i enable the compatilibty view, it looks fine
wow... BIG differences MartinCleaver: what does compatibility view actually do? ricks99: displays using ie7 standards
hold on i'll send u the ref.... chibaguy: ricks99, w/o compatibility mode in ie8, do you get really wide pages in tiki strasa? ricks99: @chibaguy: no. in compatibilyt mode it looks normal
we wiil need an ie8 specifiic meta tag for 100% compatiblity MartinCleaver: y, I see really wide pages, chibaguy ricks99: see http://blogs.msdn.com/ie/archive/2008/08/27/introducing-compatibility-view.aspx details MartinCleaver: thx ricks99: @MartinCleaver: are you in compatiblity mode? chibaguy: I think lite/lite.css needs updating for ie8 MartinCleaver: I don't know. ricks99: using IE8? -: MartinCleaver reads ricks99 page MartinCleaver: y
and ie7 ricks99: for ie8, look at ur address bar, small button near REFRESH icon
click it to toggle MartinCleaver: ok chibaguy: ie7 has been handled ok by lite.css, so ie8 is ok too as long as the browser is in compatibity mode MartinCleaver: nkoth3: you finished with that machine? nkoth3: yes chibaguy: so the fix for strasa's header is to specify a height for it?
(i guess the positioning doesn't allow a flexible height?)
just asking because my test site has a large icon, and the login bar is pushed down away from the darkblue header a ways due to the logo size. ricks99: can force compatibiltiy mode: value ‘IE=EmulateIE7’ -: chibaguy dreams of the good old days of theme-specific tpl files.) ricks99: simple doctype fix
maybe for 3.1 we test fully in ie8 native mode MartinCleaver: y, ie8 in compatibility mode = menus out of place. with it off = infinitely wide chibaguy: i imagine ie8 users are accustomed to switching in and out of compatibility mode per site, but it'd be good to force the mode if it gives a good first-view. MartinCleaver: it's a bit off in compatibility mode
it's horribly broken in ie8 native mode chibaguy: seems to go as wide as the longest line in the center column
(no wrapping) nkoth3: forcing compatibility mode seems like a reasonable enough fix if that's the best we can do ricks99: @chibaguy: i doubt ie8 users have any idea what compatibilty mode is
*we* should force the mode, cannot rely on users to fix it themselves chibaguy: intential early adapters will. MartinCleaver: the header height fix did take out height: auto. I think ie7 doesn't want height:auto at all. chibaguy: people getting it by default on new machines probably don't. ricks99: need to add to release notes, too chibaguy: intentional -: chibaguy heads for another cup of coffee MartinCleaver: nkoth3: I'm tempted to put height:auto back in and retest again chibaguy: so users will be advised to just limit logo sizes to those that will fit in a 97px height, in this theme. correct?
in ie6, my logo is peeking out from under the login-bar. kinda cute. nkoth3: MartinCleaver: with a big logo? MartinCleaver: no, I'd let chibaguy test with a big logo. ;)
I'd just test the standard ones chibaguy: well, users' sites have all kinds of logo sizes. MartinCleaver: if #header-top[id] is an IE specific hack, why is it in the main strasa.css file? chibaguy: and there's also the custom code div up there, and the possibility to put a banner a.
ad MartinCleaver: vs. in a ie.hacks file? chibaguy: MartinCleaver: generally I've been putting all the code in one css file. MartinCleaver: ok.
why? chibaguy: the ie specific files in theme style directories are kinda new MartinCleaver: ok.
makes things kinda tricky chibaguy: right, I was just going to say that. MartinCleaver: you were going to say tricky together or tricky apart? chibaguy: probably there should be a best-practices doc or something.
tricky apart
I mean to find where things are set.
with firefox/firebug you can easily see what's being used on the page.
but with ie, the tools aren't so good to track down where the css is coming from, i think MartinCleaver: You use the IE dev toolbar? chibaguy: yes, a little so far. MartinCleaver: doesn't that have a view to detect where the css is coming from? -: MartinCleaver is getting tired chibaguy: maybe so, I need to take another look.
you guys have been pretty busy, i see from the log. MartinCleaver: ;) CIA-65: tikiwiki: 03mrjc * r18874 10/branches/3.0/styles/strasa/ie8.css: Empty ie8 hacks file nkoth3: why the empty file? MartinCleaver: 1) because we are going to need a file really soon nkoth3: ok ***: mlaporte has joined #tikiwiki MartinCleaver: 2) because it tells people where to put their code
really it should contain a string 'ie8' inside it, for the greppers in the dev community nkoth3: chibaguy: have you got any idea what to do about the ie8? MartinCleaver: anyway, that's it for me for now
I'll check in in the morning, see what's up. nkoth3: k. thanks. I suppose given all this ie fixing, we might package in the morning MartinCleaver: sure thing
y.w. ***: MartinCleaver has left chibaguy: ie8 should be ok if people use compatibility mode. ricks99 mentioned forcing that, but I don't know how, off hand. ***: ricks99 has quit IRC (Read error: 54 (Connection reset by peer))
ricks99 has joined #tikiwiki ricks99: @chibaguy: http://blogs.msdn.com/ie/archive/2008/06/10/introducing-ie-emulateie7.aspx
<meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" /> should do it ***: franck__ has joined #tikiwiki chibaguy: ok, can we add that to branch 3.0, then, and if so, who? nkoth3: I suppose it should show only on IE8 detection... Tikiwiki|bot: New Forum Posts: How do i find out what version of Tikiwiki i have installed - http://tikiwiki.org/tiki-view_forum_thread.php?forumId=1&comments_parentId=33028 vkumar: hi ricks, nelson.. I have an issue
hi gary
INSERT INTO `tiki_calendar_items` (`user`,`name`,`description`,`status`,`url`,`lang`,`calendarId`,`start`,`end`,`locationId`,`categoryId`,`priority`,`nlId`,`lastmodif`,`created`) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)
getting this sql error while adding an item to calendar
is this a known issue ? ***: Caarrie is now known as Caarrie|sleeping chibaguy: vkumar, what tiki version? vkumar: v 2.3 chibaguy: is that all of the error message? vkumar: hi gary i googled and got an article.. http://dev.tikiwiki.org/tiki-view_tracker_item.php?itemId=1988&trackerId=5&show=view
hopefully this should fix ?? -: chibaguy wonders why the wiki edit help/plugin help appears at the bottom of center column to anonymous visitor at dev.tw.o (in opera anyway). ***: franck has quit IRC (Read error: 113 (No route to host))
danopia` has joined #tikiwiki vkumar: Hi gary " An error occured in a database query! " ( the error message )
tiki-calendar_edit_item.php nkoth3: chibaguy: only in opera? chibaguy: also in ie7
(I don't have firefox open right now) ***: franck has joined #tikiwiki nkoth3: chibaguy, on the tracker pages? chibaguy: yes, when view a tracker item nkoth3: I think that is fixed in the latest svn already chibaguy: in ie6, it's ok nkoth3: really in ie6 it is ok? chibaguy: yep
icon at upper left, as designed
oops, upper right
i mean nkoth3: what icon? chibaguy: oh, sorry, no icon is there (help icon I meant).
was looking at two different views, one logged in.
to clarify, in current svn, opera and ie8 don't see the help in center column when anonymous, on view tracker item. so it's fixed.
heh, opera and ie7. -: chibaguy wishes fingers on keyboard weren't slightly ahead of brain. chibaguy: vkumar: sorry, I'm not sure about the calendar error. it would be good to ask later when sylvieg is around, maybe. ***: danopia has quit IRC (Connection timed out) chibaguy: gotta take dog out. will be back soon. ***: chibaguy is now known as chibaguy_away
franck__ has quit IRC (Read error: 113 (No route to host)) mlaporte: chibaguy_away: when edit help is at bottom, if could be because js is off ***: Yoni has joined #tikiwiki
vkumar has quit IRC ("http://www.mibbit.com ajax IRC Client")
vkumar has joined #tikiwiki vkumar: Hi that article really worked.. i used phpmyadmin : ALTER TABLE `tiki_calendar_items` CHANGE `priority` `priority` TINYINT( 4 ) NULL DEFAULT '0'
all i did was to change the priority from enum to tiny int .. then deleted the 1,2,3,4,5,6,7,8,9 and put 4 there... then put a tick mark on null ***: chibaguy_away is now known as chibaguy chibaguy: mlaporte: that makes sense, all right. but js is on in the two browsers I checked with.
but it appears to be fixed in latest svn, anyway. :-)
hm, can't get themes.tw.o now (was ok a few hours ago) ***: PrezKennedy has joined #tikiwiki chibaguy: ah, the logjam's broken. now themes.tw.o displayes. ***: ricks99 has quit IRC ("ChatZilla 0.9.84 [Firefox 3.0.10/2009042316]")
SEWilco2 has quit IRC ("Leaving.") CIA-65: tikiwiki: 03pkdille * r18875 10/branches/3.0/templates/tiki-forums.tpl: [FIX] tiki-forums: fix the sections in list forums (broken in r16691) ***: Yoni has quit IRC ()
mib_8q7grm has joined #tikiwiki
mib_8q7grm has quit IRC (Client Quit) nkoth3: chibaguy: just to recap, with a large logo, how does strasa look now in various browsers to you? chibaguy: In ie6, there's no white space below the dark blue header top area and above the bright blue login area, but the logo extends under the login form (logo covered by form), and is visible below the form.
in ie7, the header-top area stops at 97px height, but the logo apparently pushes the login bar farther down the page, making a white gap between the dark blue and bright blue areas.
same appearance in opera 9 as in ie7 nkoth3: what abt in firefox? chibaguy: same behavior/appearance in firefox
the darkblue stops where it's supposed to. but the siteloginbar gets pushed down the page by the logo. nkoth3: ok. I understand.
Well, our logo in use in doc and dev now is 100 px tall vkumar: hi gary.. in stylesheet forum section.. what is this even odd thing ? nkoth3: let me try using that logo on my site and see what I get chibaguy: nkoth3: ok, the logo I was checking with is from the tikipedia theme - it's 137px that includes some transparent areas around it, similar to mediawiki original.
vkumar: the odd and even td (table cell) classes, you mean?
initially they are for alternating background colors on tall table's rows, but also are used for contrasting tds in the old forum post layouts. Not used in the current forum posts. nkoth3: chibaguy: do you have a url to this tikipedia logo?
anyway, it looks like a 100px logo is ok
I'll update the release notes chibaguy: http://zukakakina.com/styles/tikipedia/logo.png mlaporte: polom ***: MIA has joined #tikiwiki MIA: Hi, i need help with tikiwiki
if anyone is here
umm.. i guess ill ask the qestion, is there a module that tells the hits? how many views were on the site? chibaguy: MIA, I don't recall offhand. Did you check the docs: http://doc.tikiwiki.org/Modules ?
hi mlaporte
Should branch2 stylesheets be updated? .clearfix class there should be improved.
but I guess the only new tiki 2 releases will be if there is a security fix needed. ***: vilisi_t has quit IRC ("Leaving.")
MIA has quit IRC ("http://www.mibbit.com ajax IRC Client") nkoth3: chibaguy: i tracked down the ie8 taking up
"infinite" width problem to the #c1c2 #wrapper width: auto !important in lite.css
I mean, #c1c2 #wrapper #col1 > .content chibaguy: ok. so ie8 needs another property there? or just to not see that property? nkoth3: well, if I try and set it to fixed width, it does not stretch on forever but instead stays constrained
removing that property does not help chibaguy: luciash is the expert on lite.css nkoth3: ok, will ask him... ***: Yoni has joined #tikiwiki
xavi has joined #tikiwiki xavi: toctoc Yoni: tictic :) xavi: mlaporte: I was looking for a "Calendar handler" on profiles.tw.o...
any schedule for that?
hi Yoni mlaporte: no shedule luciash: polomorning xavi: btw, mlaporte: thanks for improving the sample menu
toctocmorning luciash: :) mlaporte: xavi: if you need, just move up on todo list Yoni: kui kui morning too luciash: should i read the messages back again ? :-p xavi: mlaporte: Collaborative Community: inconsistency in collaborative community profile: no calendar single created at installation time (neither from tiki nor from profile), and that profile has a module called "upcoming events" on the right column, visible for anons... :-/
how should we fix this usability issue for new users, so that they find a calendar already created for them, as with file galleries (created by that profile)?
ok, I'll move it up in the todo list ***: ChanServ sets mode: +o luciash mlaporte: instuction page can explain to them how to add calendar, until we get handler ***: LordVan has joined #tikiwiki
navster has joined #tikiwiki xavi: mlaporte: yes, and it's not that bad, since the "error page" (calendar is missing, etc.), already offers the link to the admin in order to create one ***: navster has left xavi: btw, page menu param is "pagemenu", not "page". mlaporte and pascalstjean (and anyone interested): is it fine for you if I add that sample menu to the right column for that profile? http://profiles.tikiwiki.org/Collaborative_Community_menupage ***: luciash changes topic to: Welcome to #tikiwiki! Just ask, don't ask to ask! ;) Check out Tiki 3.0rc2! Pls, don't paste code/errors here, use http://pastey.net This channel is logged @ http://irc.tikiwiki.org (start line with [off] to exclude msg from log), say !help to get info from Tikiwiki|bot or >help from Sug4r. Have fun!
mlaporte has quit IRC ("http://www.mibbit.com ajax IRC Client")
ChanServ sets mode: -o luciash chibaguy: are display bugs still being fixed in branch 2? luciash: i doubt gary chibaguy: I was thinking there may be no more tiki 2 releases, right?
except major security problems. ***: btiffin has quit IRC (Remote closed the connection) chibaguy: well, I'll add an updated clearfix class to transitions css, just in case a release happens. xavi: chibaguy: +1 (imho)
btw, anybody knows how to validate a page which is in stage status? chibaguy: problem was reported with ie7 and top menu not positioned correctly in some themes due to bad float clearing.
(in tiki 2) luciash: oh, no, no IE7 compatibility modes, get rid of that crap ! :-p -: luciash reads back chibaguy: heh xavi: I've never used that before yet, and collaborative community has that enbaled, which is driving me cracy
s/enbaled/enablec
enabled luciash: no idea xavi chibaguy: pages are way wide in ie8 when not in compatibility mode, in litecss themes.
center column content lines aren't wrapped ***: mlaporte has joined #tikiwiki xavi: amette: +1 to svn up dev.tw.o, please
and doc.tw.o, if (almost) the same effort
mlaporte: do you know how to validate a page which is in staging? (<- collaborative community profile has that enabled by default) CIA-65: tikiwiki: 03chibaguy * r18876 10/branches/2.0/styles/transitions/1.9to2.2.css: [FIX] Improve float clearing in IE7 (committed in case there is another Tiki 2 release). xavi: I thought it was through categories, but there seems to be no categories there... mlaporte: xavi: please turn it off xavi: what, staging? mlaporte: yes
too advanced for a basic profile. We'll make special profiles for that xavi: ok, feature_wikiapproval: n
from now onwards
(not saved that page, yet, though)
I wonder why that was on (pascalstjean, maybe?) nkoth3: probably...
just turn it off. xavi: I'm adding also the calendar_new module to that profile
as well as the wikibase menu
wikibased menu, I mean mlaporte: it works for you? xavi: mlaporte : how did you call a profile from within a profile?
yes, it works for me
it has some link repeated from the horizontal menu on top, but it will aloow new users/admins to see the potential of wiki based menus for their sites
it takes a (long) while to create one, otherwise...
even you got the wrong name for the param to call the pagemenu (not "page", not "menupage", on tiki2+ ...)
I hope I can add a screenshot in short to that page to the instructions page to show it...
as an example
btw, module controls are missing to me in strasa.css luciash: chibaguy: oh, that's annoying bug with *lite in IE8 then xavi: (seeting in Admin > Modules > Show module controls; which was an easy way for a newbie to learn how to move modules from one place to another one...) -: luciash tired from just reading the irc log :-p luciash: chibaguy: is it caused by the .content width: auto !important in lite.css ? ***: mlaporte has quit IRC ("http://www.mibbit.com ajax IRC Client") -: luciash hopes tiki3 gets released soon finally to allow him focus on other things too xavi: nkoth3 or luciash: do you know where the settings for new users are recorded on the admin panels nowadays?
I read somewhere/sometime that this had been fixed... but I dont know where... chibaguy: luciash, I didn't test that but nkoth3 said that removing that property didn't make a difference. luciash: ok, so it's not the case
it must be swomething else nkoth3: well, if I set the width to a fixed width, it works
removing it does not luciash: do you have site where the problem appears ? (long text unwrapped) ***: marclaporte has joined #tikiwiki nkoth3: http://vps7.etazo.net/3.0/tiki-view_blog.php?blogId=1 luciash: i can see in http://ipinfo.info/netrenderer nkoth3: it is not just a long text unwrapped, it is that there is a lot of white space to left of left column
and a lot of width in the center column (almost like infinite) luciash: nkoth3: it's not the case
nkoth3: if it appears only in blog, it's blog tpl problem again nkoth3: ok. yes, it's only in blog luciash: or is it in all themes ? nkoth3: i did not try other themes chibaguy: luciash, I tried in thenews. same problem. luciash: ah
is it standards compliance or quirks mode (if there's any for IE8) ?
chibaguy: link ? chibaguy: but there is no space to the left of the left column at my site. luciash: argh, so is it same problem or not ? chibaguy: this is happening when compliance mode is off. luciash: ok, space on left, strasa blog tpl problem
i cannot say for the no-wrapping problem
can you give me a link to test ?
or is it everywhere in tiki where long sentence appears ? nkoth3: if I turn compliance mode on, I have login box problem (the one that was in ie7 but now fixed) luciash: compliance mode off, can you test with standards mode ?
(if we talk about the same thing) chibaguy: I don't know about that left-side space problem. not happening at my site. nkoth3: I suppose we mean compatibility mode off
i.e. we are using IE8 standards moed xavi: marclaporte around? Need help on including profile in profiles luciash: must be some wrong if condition introducing some unwanted/unclosed </div> imho
"if condition" chibaguy: compatiility mode off is the one with problems, right? luciash: if someone gets that and someone doesn't xavi: marclaporte: it seems that this syntax is not welcome by profiles, or by the installer, at least:
dependencies: - $profiles.tikiwiki.org:Collaborative_Community_Wiki_Menu:Collaborative_Community_Wiki_Menu luciash: chibaguy: is it the same standards/quirks mode as for IE6/IE7 ? xavi: marclaporte: I wrote that from the syntax I saw in http://profiles.tikiwiki.org/Test_All_Features luciash: all should be tested in standards compliance i think to avoid confusions marclaporte: xavi: : make sure to double-check. Sometimes, it doesn't work -: luciash svn upped test.ground and going to test long sentence xavi: marclaporte: I mean, can you check the syntax at the end of http://profiles.tikiwiki.org/Collaborative_Community chibaguy: luciash: some description here: http://blog.strictly-software.com/2009/03/detecting-ie-8-compatibility-settings.html xavi: That's my last thing before leaving off for work at uni ***: btiffin has joined #tikiwiki xavi: I mean, how do I tell a profile to include another tiny one? luciash: i didn't talk bout any compatibility crap, just standard compliance, is that compatibility == IE7 in quirks mode ? xavi: This way, that simple menu can also be reused from other profiles I will write later on
marclaporte: nowadays, from the tiki installer, I get:
Fatal error: Uncaught exception 'Exception' with message 'Unknown objects are referenced: profiles.tikiwiki.org/Collaborative_Community_Wiki_Menu#Collaborative_Community_Wiki_Menu' in /var/www/tiki3svn/lib/profilelib/installlib.php:97 Stack trace: #0 /var/www/tiki3svn/lib/profilelib/installlib.php(143): Tiki_Profile_Installer->getInstallOrder(Object(Tiki_Profile)) #1 /var/www/tiki3svn/installer/tiki-installer.php(767): Tiki_Profile_Installer->install(Object(T
sorry for the long error message :-/
ok, I'll disable the automatic inclusion of the profile with the simple wiki based menu for the time being luciash: great, now i get WSoD when trying to edit the HomePage on test.ground.cz :-/ chibaguy: luciash, as far as I can tell, compatibility mode in ie8 means displaying as ie7 not in quirks mode. luciash: the guys in M$ must always make things more complicated :-[07:01] <xavi> and the error message is logged here, in case there is a bug somewhere (or probably, my unability to write the inclusion syntax properly at the profile call) nkoth3: xavi: you cannot use $profiles.tikiwiki.org in profile definitions
it does not work with windows servers xavi: ? nkoth3 , I copied that from here: http://profiles.tikiwiki.org/Test_All_Features
and I'm using GNU/Linux nkoth3: really? xavi: yes nkoth3: does the Test_All_Features profile work for you? xavi: Ubuntu GNU/Linux 9.04
no idea, never tried nkoth3: try it, xavi: anyway, need to quit in short.
I'll deactivate that menu inclusion
and leave it as micro profile to be added later on (which works fine, afaik) nkoth3: and then if it fails, try removing the $tikiwiki.profiles.org: part of the definition
you can just leave the part following that
it's just the $tikiwiki.profiles.org: part that should not be used in any of the main featured profiles especially luciash: chibaguy: i give up, it must be tiki's problem, http://www.ground.cz/luci/css/lite/test/lite.html looks nice and wraps lines nicely there
in IE8 -: chibaguy goes to have a look at test/lite.html with IE8 luciash: chibaguy: so it's something else in Tiki what is affecting it, not *lite css xavi: so nkoth3: like this?:
dependencies:
- Collaborative_Community_Wiki_Menu:Collaborative_Community_Wiki_Menu -: luciash doesn't like all those additional css and hacks included around in tiki's header... it makes complicated to debug
xavi is trying nkoth3: xavi: yes
give it a try luciash: chibaguy: *lite test looks good, isn't it ? chibaguy: actually the center column text line isn't wrapped in my winxp ie8. ***: pkdille has joined #tikiwiki chibaguy: on a 1440x900 display, I still have a scrollbar, and the right column is only half in view luciash: when you shrink the window ? xavi: btw, "Hide anonymous-only modules from registered users." doesn't work for me on tiki3rc2
well, tiki3 svn , I mean chibaguy: no wrapping
:-/ luciash: chibaguy: weird, hmm, i see it well wrapped via http://ipinfo.info/netrenderer/index.php IE8 screenshot -: xavi trying again, in case there was an issue with cache luciash: goddamnit
seems that netrenderer IE8 thing renders it differently than chibaguy's IE8 chibaguy: yep, I agree NetRenderer shows it looking good. luciash: chibaguy: can you re-test in the "other" mode ? LordVan: hi xavi: nkoth3: didn't work for me LordVan: ah .. rc2 ;)
:D xavi: at least, it didn't complain with install error chibaguy: In compatibility (w/ie7) mode, it looks normal, wrapped lines, etc. xavi: the main collab. comm. profile is installed, but not the (expected to be) included profile luciash: chibaguy: so it must be that netrenderer does the compaibility mode by default it seems
i will try to add some more tests to the lite css page soon i think
chibaguy: thank you for patience and testing chibaguy: maybe so. I was checking my ie8 version. I assume it's up to date.
sure, luciash. these ie problems are a pain in the butt.
i'll try updating ie8 to see if it makes a difference. luciash: ok
chibaguy: i just hope IE8 for Win XP doesn't behave differently that the other ones for Vista etc. ;) chibaguy: ah, my ie8 is not the latest version....
updating now... LordVan: do you guys prefer if ppl use svn or rc2 - in regards to testing,.. ? luciash: svn LordVan: ok good ;)
i'll svn up some time soon then .. i assume no db updates in last like 2 weeks or so right? luciash: Tiki will tell you ***: pkdille has quit IRC (Remote closed the connection) luciash: if there's need for db upgrade
strasa siteloginbar looks good in IEs now, good job guys ! i hope there are no more blockers for releasing then !
(at least they look good in the netrenderer screenshots ;))
nkoth3, marclaporte already/still awake ? marclaporte: tired nkoth3: blog layout in IE8 luciash: and pascalstjean :)
aye, that blog layout ***: btiffin has quit IRC (Remote closed the connection) nkoth3: blog layout in IE8 is the final blocker. When martin gets up, we should be able to start packaging luciash: i'm going to test fresh new blog, not the one from profiles... nkoth3: good idea xavi: marclaporte: I added some screenshot also here, in case anybody knows how to fix the automatic inclusion of profiles, or just copying that content to the main "Collaborative Community" profile, after you tried. I tried, and it works fine
off to uni. cheers
http://profiles.tikiwiki.org/Collaborative_Community_Wiki_Menu (oups, forgot the link) ***: xavi has left luciash: nkoth3: no blog post yet, no left col: http://test.ground.cz/tiki/3.0/tiki-view_blog.php?blogId=1
nkoth3: looks good to me so far in IE8 screenshot
i'll add left col after you test nkoth3: ok, one sec luciash: test in IE8 and save a screenshot just for evidence ;)
if you can nkoth3: give me 2 min luciash: ok
but i cannot give you more :D
(gotta start some work in 15 minutes)
added left col (still looks fine to me in IE8) nkoth3: can you ad a blog post? luciash: yes, going to do that, just have to replace some old plugin which yells php error on help
ok, lets add the post marclaporte: intranet profile, IE6 : menus are not working luciash: nkoth3: ok, after adding the post, the bug appears
i'll check for the rendered code if it's valid
hmm, looks valid chibaguy: damn, 2 restarts needed to install ie updates... luciash: chibaguy: got new IE8 ?
:) chibaguy: anyway, sites look good! luciash: chibaguy: is it different ? chibaguy: in any mode luciash: wrapping works ? chibaguy: yes luciash: ok, test http://test.ground.cz/tiki/3.0/tiki-view_blog.php?blogId=1 please
it renders same as nelson reports in netrenderer too
left column gets shifted right when post is added
but validator doesn't report any unclosed tag nkoth3: yes, this is the same situation as I have discovered chibaguy: Coelesce theme has the same problem, on that page.
they both have different blog layouts than the other themes. ***: Beestje has joined #tikiwiki chibaguy: forum posts too luciash: the standard tpl themes are ok ?
interestingly, when i remove the left column all looks good chibaguy: well, blog posts and forum posts have similar/same divs as they use same comment tpls luciash: i think i would release even with this if thenews is ok and mostly people have blogs without left column anyway chibaguy: darkroom is bad in ie8, feb12 is ok
(on tiki-view_forum_thread...) luciash: sorry guys, gotta go now chibaguy: thenews and tikinewt are ok -: luciash passes lot of power and good luck with the release luciash: byez, bbl chibaguy: bye luci, thanks.
looks like the themes that don't specify a width for .post .postbody are the ones that ie8 handles ok.
when width is set to 100% or min-width is 100%, then ie8 pages go wide.
I'm testing now and will commit if the width gets fixed and there are no side effects. nkoth3: if you put it in css/ie8.css
i mean, you could try putting it in css/ie8.css
but I'm not 100% sure the conditional comment works... chibaguy: I don't see any problem with removing the width:100% for the stylesheets. in other browsers the posts display correctly, etc.
I wonder what overrides a % width, if I use css/ie8.css to fix.
will width:auto work in that way?
I'll try that first. nkoth3: it looks to me that just by removing the width:100% from the .post .postbody
is enough chibaguy: yes, seems so. CIA-65: tikiwiki: 03chibaguy * r18877 10/branches/3.0/styles/ (coelesce.css darkroom.css layout/layout.css strasa.css): [FIX] Wide pages caused in IE8 by 100%-wide div.postbody (blogs and forums). ***: pkdille has joined #tikiwiki CIA-65: tikiwiki: 03nkoth * r18878 10/branches/3.0/tiki-admin_system.php: [FIX] The existing UI suggests that clearing all caches includes clearing user prefs sessions, and should in fact do so chibaguy: how do you configure search to have the simpler form in the page header? (ie, no dropdown for site sections/features) marclaporte: chibaguy: : in admin search chibaguy: yes, and what checkbox, etc.?
I'm there now and don't see how.
ah, got it. object filter
....under the search results tab
I'm trying to reduce the form width in ie6. ;-) nkoth3: i'll be back in a handful of hours. chibaguy: ok, see you later ***: nkoth3 has quit IRC () marclaporte: chibaguy: : tks ***: Yoni has quit IRC () chibaguy: marclaporte: actually it should be reduced for all browsers, in case they have the simple form chosen.
I think I got it now. marclaporte: bbl franck: Hi
I have done an upgrade from 1.x to 2.x and realize now, all the trackers are gone
what happened?
I used to use mirror tables CIA-65: tikiwiki: 03chibaguy * r18879 10/branches/3.0/styles/coelesce.css: [FIX] Site header search form width reduced (expands as needed); #siteloginbar's second div display:inline removed to allow more logical line break (after submit button). ***: FF|Skyrider has joined #tikiwiki FF|Skyrider: Hi guys! again! ^_^ chibaguy: franck, I think I recall something about no more mirror tables, but don't know any details, sorry. franck: yes I kind of remember that... FF|Skyrider: Do you guys mind if I ask another question? I've been asking quite a lot lately :p franck: but there is no upgrade path? chibaguy: sorry FF|Skyrider, your free introductory period is over. you'll need to send some money to ask more questions. FF|Skyrider: awww :( chibaguy: ;-) just kidding.
however, you will need to pay, to receive answers.
:-) kidding again ***: reno- has joined #tikiwiki reno-: help Tikiwiki|bot: Welcome to the official Tikiwiki English Irc Channel. TikiWiki or better known as TW, is your Groupware/CMS (Content Management System) solution, you can get more infomation at http://info.tikiwiki.org/ . ***: reno- has quit IRC (Client Quit) chibaguy: FF|Skyrider, what was your question? FF|Skyrider: ^_^
http://tikiwiki.org/ConnectingToIrc
http://themes.tikiwiki.org/tiki-index.php
the menu's of these sites
the script menu bars
How can I add that on my site?
I assume this is build in within tikiwiki. chibaguy: do you mean the horizontal menus near the top of the page? franck: otherwise you go admin-> menu create your menu and then admin-> modules, create a custom module and stick your menu in it FF|Skyrider: chibaguy, yes
on the first, top right.
*first link I gave chibaguy: after you make a menu, like franck said at admin -> menu (tiki-admin_menus.php).... FF|Skyrider: looks a bit complicated :D chibaguy: then go to admin look and feel (tiki-admin.php?page=look), and under the "General Layout" tab, you can activate the top bar and site menu bar.
well, yeah, you have to configure a few things. There isn't artificial intelligence built in, to know what you want automatically. ;-) FF|Skyrider: hehe :p
Thanks
Neato
that looks much better
I assume I can disable the left menu from the same page=look?
Yup, found it! :D ***: FrankP_german has joined #tikiwiki
FrankP_german has quit IRC (Client Quit)
vkumar has quit IRC ("http://www.mibbit.com ajax IRC Client") luciash: re
chibaguy: congrats for the ie8 fix chibaguy: sure. I just compared working - not working themes. luciash: Sug4r: do you think we can have a release now ? -: Sug4r you think we can have a release now ? luciash: hehm the do alias isn't the best one
Sug4r: do you think we can have a release now ? Sug4r: The outlook is poor. luciash: hrm, i agree with Sug4r after all that postponing... :-p
chibaguy: usually i consider width: 100% on divs as a fail because that's what divs already do by default ***: Caarrie|sleeping is now known as Caarrie luciash: well, they do width: auto, but it's expected behavior divs expand to available space as blocks when not floated chibaguy: yeah, I'm not sure why those divs had width:100%. I remember some trouble with them before (not expanding to fill space in center column) luciash: little glitches in strasa but not fatal: hr ugly/unstyled in left col, blog posts do not have the "Posted by..." nicely aligned to middle as articles/siteloginbar and padding on right
(like the "By admin on Mon 18 of May, 2009 09:49 CEST" on http://test.ground.cz/tiki/3.0/tiki-view_blog.php?blogId=1 )
lunch time, bbl chibaguy: ok CIA-65: tikiwiki: 03sylvieg * r18880 10/branches/3.0/templates/tiki-admin-include-wiki.tpl: typo thx geoff FF|Skyrider: Is the "sandbox previw" small bug known to people? ***: GillesM has joined #tikiwiki
GillesM has quit IRC (Remote closed the connection) franck: I have something strange on my site
when I go admin-> menus it shows me 3 menu entries but there is no text in each row ***: eromneg has joined #tikiwiki franck: mmm, problems points to the style
when I change the style, it is ok
what could be wrong... chibaguy: franck, what style has the problem? franck: it is a custom style
and I did not rewrite too many tpl files ***: FrankP_german has joined #tikiwiki
FrankP_german has quit IRC (Client Quit) chibaguy: I don't know; I haven't noticed that problem in other tiki 2 themes.
FF|Skyrider, you could search the dev.tikiwiki.org bug tracker for the sandbox preview bug. ***: ScaryLptp has joined #tikiwiki franck: and yes the tracker module is all broken
argggghhh!!!
I hate when there are changes that break the past luciash: franck: cleared caches ? franck: this is something tw should fix
well not for the theme, I'll fix that
for trackers
I use mirror trackers and when I duplicate a tracker it has not created the tracker correctly
I will have to dig, and figure out why
the whole tracker admin interface works, but when it is time to display trackers it tells me, table not created... luciash: i have no clue what mirror trackers are and why people suggested not to use them... apparently others have no clue how to fix them too :-/
sorry franck franck: well in trackers there were 2 ways to store data
one in a kind of single table that would include all trackers, the other method more like a classical table ScaryLptp: I still have no idea what the heck made the quicktag formatting buttons in the editor stop working in v2.2/2.3/2.4 yesterday. franck: which would led eventually the possibility to use tracker on tables on other db... ScaryLptp: if ever there was a time to describe something as "bonkers", this is it luciash: franck: why they're "mirror trackers" ? franck: I don't know, funny name luciash: ScaryLptp: are you clicking them and nothing happens ? JS is on ? franck: the first method use a table like trID,fieldID,value luciash: franck: yes :-p ScaryLptp: it happens on 4 different computer on 3 different OS's in 2 different browsers at 2 different locations.
it worked fine on saturday, possibly even late sunday morning, and then sunday afternoon it stopped working luciash: ScaryLptp: ah ScaryLptp: but if I click full-screen edit, they work, and then back to regular edit, they work
but the first time you click edit, those buttons don't do anything luciash: ScaryLptp: any link ? ScaryLptp: unfortunately, no. franck: while the second method "mirror" would use one table per tracker called tiki_trk_trakername which would be field1,field2,field3,... luciash: ScaryLptp: it stopped withou t changing anything ? franck: this is more like a normal table ScaryLptp: seemingly. I do have one other admin but I'm pretty sure he didn't work yesterday and he only has access to the site from work
I emailed him anyway to see if he made any changes
but I scoured the options and can't find anything franck: so now it is all messed up ***: jonnyb has joined #tikiwiki franck: I have same grudge with ldap, the imap capability was removed, I fixed, committed and now it is gone again...
tw does not progress without breaking stuff that used to work, we need some test, to make sure we progress without loosing stuff Tikiwiki|bot: Welcome to the official Tikiwiki English Irc Channel. TikiWiki or better known as TW, is your Groupware/CMS (Content Management System) solution, you can get more infomation at http://info.tikiwiki.org/ . chibaguy: franck, do you follow the tikiwiki-devel mailing list? franck: not much chibaguy: just wondering if you noticed any discussion about this. franck: no, was there any?
well, I don't think I subscribe to tw-devel list ;) chibaguy: I don't really remember. franck: any how this is my late night rant... because now I have more work to fix all of this... ScaryLptp: grr. guy replied saying he hasn't touched the site since friday ***: Wilkins has joined #tikiwiki Tikiwiki|bot: New Forum Posts: Find out what version i am currently running ? - http://tikiwiki.org/tiki-view_forum_thread.php?forumId=6&comments_parentId=33033 ***: rodrigo_sampaio has joined #tikiwiki chibaguy: anyone else having trouble with user (custom) modules not obeying parameters like title=n?
(in tiki3 svn)
i made one a last week that worked fine. but today, trying another one, its title, etc. also display despite parameter. ***: Caarrie is now known as Caarrie|away
ricks99 has joined #tikiwiki
ChadDa3mon has joined #tikiwiki
marclaporte has quit IRC (Read error: 60 (Operation timed out))
ricks99 has quit IRC (Remote closed the connection)
Caarrie|away is now known as Caarrie
nkoth3 has joined #tikiwiki chibaguy: nevermind about the module parameters thing: user error :-/ ***: SEWilco2 has joined #tikiwiki ChadDa3mon: Whoa...when you use the wiki-syntax help button and put it in full screen mode while running Darkroom....it's rather hard to read :) ***: jonnyb has left ChadDa3mon: Using a the code plugin really messes up the page width as well, working on getting an external site up to demo ***: ricks99 has joined #tikiwiki ChadDa3mon: The directory '' does not exist or PHP is not allowed to access it
???
thats from the installer ricks99: confirm that the directory exists and perms allow tiki to write to it ChadDa3mon: which directory?
it's blank :/
thats not a double quote, two single quotes ricks99: error msg did not include directory? ChadDa3mon: directory ' '
no
this web server is running virtual sites....not sure if that would matter
This is in my php.ini - ;open_basedir =
which based on the description, sounds right
should be left disabled ricks99: shouldnt the open_basedir = temp (or some other writable directory)? ChadDa3mon: I think that would be a security feature only
which I'm not too worried about on this box, I can try though
; open_basedir, if set, limits all file operations to the defined directory ricks99: not sure... confirm that you have all the listed directories on your host and that all are writable ChadDa3mon: yea, I did a big recursive 777 on the directory
even used the startup.sh they recommend ricks99: and all the files/folders were succesffully ftped to your host? ChadDa3mon: no FTP involved, I have SSH access, it's my home test server
just unzipped the installer ricks99: k.
not sure then, sorry.
most common cause of that error is that some folders are missing ChadDa3mon: that would help explain the blank directory given
I'd guess it's this server running multiple www sites in virtual mode
took the exact same steps I took on my production server CIA-65: tikiwiki: 03sylvieg * r18881 10/trunk/ (90 files in 61 dirs): [MRG] Automatic merge, branches/3.0 18811 to 18880 ***: tomb has joined #tikiwiki
tomb has left "Ex-Chat" CIA-65: tikiwiki: 03sylvieg * r18882 10/trunk/tiki-view_tracker.php: [FIX]tracker: do not look for the item value of fields that are only searcheable ***: MartinCleaver has joined #tikiwiki nkoth3: Hi, we are going to start packaging Tiki 3.0 now :0 MartinCleaver: What's this, 3.0 rc3 ?
nkoth3: nkoth3: it is pre3.0 sylvieg: there is a bug with style_ie8_css
can I commit? nkoth3: sylvieg: ok CIA-65: tikiwiki: 03sylvieg * r18883 10/branches/3.0/lib/headerlib.php: missing global sylvieg: ok thx nkoth3: do you have an ie8 with you? ScaryLptp: so when I click Edit, those quicktag buttons still don't work unless I go fullscren edit and then exit fullscreen, but I just realized they also work if I click preview first. ***: btiffin has joined #tikiwiki ScaryLptp: so I click edit, then preview, and suddenly quicktags work again -: MartinCleaver is wondering about the convention for building "pre" and final releases
MartinCleaver seeks documentation or someone more sagely than himself ricks99: @ScaryLptp... check for JS errors -: MartinCleaver reads php release.php --howto MartinCleaver: " - Test the whole Installer and check if everything is OK" - what's that mean? ScaryLptp: ricks99, there are none sylvieg: nkoth3: no chibaguy: would be nice to be able to commit the fix for bad Darkroom quicktags contrast.... ricks99: sorry ScaryLptp... out of ideas :( -: MartinCleaver does php doc/devtools/securitycheck.php MartinCleaver: I get a whitescreen on that file if I run it through the browser
and I get HTML sent to Terminal if I run from the command line nkoth3: it used to work for me.
maybe file perms? -: chibaguy wonders where the quicktags went in Darkroom fullscreen editing mode, then realizes that, with the same background color as FF skin, they look like part of the browser chrome. MartinCleaver: -rwxrwx--- 1 apache cr_devel 9560 Apr 25 12:03 doc/devtools/securitycheck.php nkoth3: chibaguy, what is the fix? chibaguy: a couple background colors in darkroom.css. ***: jonnyb has joined #tikiwiki nkoth3: for which css class? MartinCleaver: http://vps7.etazo.net/3.0/a.html ***: marclaporte has joined #tikiwiki MartinCleaver: Is the output of securitycheck.php run from the command line amette: I see a pre-release..?!? :)
doc/dev are svn upped! :) jonnyb: hi gang chibaguy: #wikihelp-tab td img {background: #e4e4e4} and #textarea-toolbar {background: #e4e4e4} MartinCleaver: hi jonnyb marclaporte: amette: : thank you!! amette: you're welcome ***: Caarrie is now known as Caarrie|away MartinCleaver: hundreds of "Potentiall unsafe files" jonnyb: hi MartinCleaver - look like the ie-mares were resolved eventually - all ok? nkoth3: imo, chibaguy should just commit that for darkroom.css MartinCleaver: as far as I know, yes. Nelson was working on it late into the morning. nkoth3: chibaguy fixed the ie8
I was just around to help test and figure it out MartinCleaver: smells like team spirit jonnyb: well done team :) chibaguy: well, one the wide blog/forum post thing in the ie8. nkoth3: chibaguy, just commit, otherwise darkroom is very useless if people can't see the quicktags chibaguy: ok MartinCleaver: so the release how-to doesn't say how to read the output of securitycheck.php
currently >'d to http://vps7.etazo.net/3.0/a.html nkoth3: that's the way I did it MartinCleaver: 1934 "unsafe files" nkoth3: please improve the release documentation as you do this MartinCleaver: ok nkoth3: btw, the version number is not updated yet CIA-65: tikiwiki: 03chibaguy * r18884 10/branches/3.0/styles/darkroom.css: [FIX] Bad QuickTags background contrast. nkoth3: the instruction is probably in the release script somewhere -: marclaporte checks the list MartinCleaver: I need to know your checking criteria
so at minimum I can document them marclaporte: the idea is that each file is a potential security risk. And we want to be able to tell people deactivate feature X or upgrade MartinCleaver: and better I can flag to the reader whether things are likely to be an issue marclaporte: MartinCleaver: +1 sylvieg: the script must check also access_check marclaporte: : This is not supposed to be accessible: http://vps7.etazo.net/3.0/db/convertscripts/mysql3tooci8.php MartinCleaver: This " - Test the whole Installer and check if everything is OK" - needs replacing with something actionable
how about ./about.php ?
so what's the rule, nothing in /db but everything in / ? marclaporte: the guideline is: can this file be unsafe
unfortunately, that is vague MartinCleaver: Does it have to be done on a per-file basis? marclaporte: yes, unless we find ways to be smart about it
ex.: we trust libs from Zend MartinCleaver: how by directory first, and then a per-file basis?
you have the secdb generation process, we could put rules in there marclaporte: ex.: we identify file tiki-login_scr.php as something that can never be turned off and has to be trusted nkoth3: One question, must htaccess.sh or something be run before the security check , or does it matter?
that might make many files "not web accessible" hence shortening the list MartinCleaver: What's your definition of unsafe, BTW? Shouldn't be webaccessible?
how you enforcing this? Through htaccess? marclaporte: one of the goals, is that, as people add things to Tiki, we have some sort of safety net to make sure that we can turn off MartinCleaver: people = tiki authorised developers or the local admin? nkoth3: people = committers MartinCleaver: ok marclaporte: agree with Nelson MartinCleaver: ok nkoth3: as for .htaccess, we should not depend on it completely since not all installs will have that configured
all the lib files of Tiki in fact have a check at the top of them to prevent them from being called directly MartinCleaver: sounds like the flag can't be in the files themselves, else there is no workflow through the packager to authorise a file
so this is a check that the committer has used the same check? nkoth3: yes
obviously this does not apply to external libs, such as zend, so we can't do anything about those marclaporte: secdb is a good idea, because it avoids checking the file between releases if it doesn't change MartinCleaver: except for externals, should they have written something explicit if they add something that can be used directly? nkoth3: right now, the security check checks for patterns
it's not that sophisticated for now MartinCleaver: and is it up to the file to check itself? or does the checker defer to something central? nkoth3: i don't think it checks itself marclaporte: background: we had an obscure feature a while back that caused us a security nightmare. There was no way to turn off. Obscure features have less eyeballs and can have security issues.
sylvieg: : can you elaborate on access_check? MartinCleaver: So, reading the table, and testing, it seems that ./doc/devtools/usergeo.php is not checked but that the next one, ./fgal_listing_conf.php
is
fgal has:
/this script may only be included - so its better to err & die if called directly.
/smarty is not there - we need setup
if (strpos($_SERVER["SCRIPT_NAME"],basename(__FILE__)) !== false) {
header("location: index.php"); nkoth3: I think doc/devtools dont make it into the tarball packages, so it is distributed only through svn MartinCleaver: exit;
} nkoth3: so the risk there is less
MartinCleaver: exactly MartinCleaver: And I noticed secdb generates for every file but not every file gets packaged sylvieg: there are a couple of php that use access_check - this lib was supposed to dissapear - but lph reintroduced some nkoth3: Right now, a lot of this is up to the "judgement" of the checker, so it's great if you can help in more documentation/guideline type things MartinCleaver: why was the lib to disappear? sylvieg: - a lot of lines - for almost nothing -: MartinCleaver does an almighty grep MartinCleaver: ok - we have two things going on here: 1) checking today's release 2) a discussion about whether and how to improve the checker
presumably we don't want to halt the release while we improve the process? nkoth3: right MartinCleaver: grepping for access_check yielded no hits, BTW
so either it's called something else or it has been removed sylvieg sylvieg: sorry $access->check_feature MartinCleaver: aha -: MartinCleaver passes on the apology to his almighty grep marclaporte: One way to check for security: I click manually on all files. If I get message of some sort, it needs a check. It if redirects me to root, it's feels ok sylvieg: so these files are 'secure' but the check security does not know taht because it was supposed to disappeear.. or not - I do not know MartinCleaver: so, I need someone to run down the 1934 unsafe files listed and bracket them for me
how many lines pasted here would kick me for flooding?
MartinCleaversMBP:CitRock3.0 martincleaver$ grep -R check_feature *
changelog.txt:get rid of check_feature
changelog.txt:two params version of check_feature
lib/.svn/text-base/tikiaccesslib.php.svn-base: $this->check_feature($features);
lib/.svn/text-base/tikiaccesslib.php.svn-base: function check_feature($features, $feature_name="") {
lib/tikiaccesslib.php: $this->check_feature($features);
lib/tikiaccesslib.php: function check_feature($features, $feature_name="") {
tiki-index.php:$access->check_feature( 'feature_wiki' );
tiki-listpages.php:$access->check_feature( array( 'feature_wiki', 'feature_listPages' ) );
tiki-listpages.php: $access->check_feature( 'feature_wiki_multiprint' );
tiki-listpages.php: $access->check_feature( 'feature_wiki_usrlock' );
tiki-listpages.php: $access->check_feature( 'feature_wiki_usrlock' ); nkoth3: please use pastebin MartinCleaver: tiki-mindmap.php:$access->check_feature( 'feature_wiki_mindmap' );
tiki-orphan_pages.php:$access->check_feature( array( 'feature_wiki', 'feature_listorphanPages' ) );
tiki-plugins.php:$access->check_feature('wiki_validate_plugin');
tiki-print_indexed.php:$access->check_feature( 'feature_print_indexed' );
tiki-print_indexed.php: $access->check_feature( 'feature_categories' );
tiki-print_indexed.php: $access->check_feature( 'feature_categories' );
heh
:) ***: jonnyb_ has joined #tikiwiki MartinCleaver: ok ***: SEWilco2 has left marclaporte: my understanding is that a centralized feature check thing would help us do: http://dev.tikiwiki.org/wish2428 MartinCleaver: so, is someone going to click on each of the 1934 files, or can we come up with some heuristics? nkoth3: we roughly know. MartinCleaver: e.g. lib/core/lib/Zend is okay
is lib/core/lib okay? sylvieg: .. why tiki-change_password is not happy - there is a prefs check? MartinCleaver: or maybe even lib ? ***: xavi has joined #tikiwiki xavi: toctoc MartinCleaver: Good question, sylvieg - it has an X in the 4th column nkoth3: the column where it has an X is "includes tiki-setup.php"
under the features column, there is no feature
so it theory, it has no feature check sylvieg: ./tiki-confirm_user_email.php is fine too
tiki-handlers.php ... everything is in comment - is it a useful file? ***: LordVan has quit IRC ("Leaving")
SEWilco2 has joined #tikiwiki
eromneg_ has joined #tikiwiki
Caarrie|away is now known as Caarrie sylvieg: not sure about this one tiki-jsplugin.php -: MartinCleaver wonders why securitycheck.php has {{{ in many places MartinCleaver: is lphuberdeau about? nkoth3: {{{ is php coding convention I think marclaporte: lph is offline jonnyb_: hmmm - just found a nasty bug (my fault again i'm afraid) - CODE() plugin doesn't show the code (body) content in the plugin edit form :( - have a fix i'm committing to trunk SEWilco2: jonnyb_: I think I saw CODE() not working right in preview, but OK after save.
jonnyb_: ... in case that 2.* behavior is relevant. marclaporte: SEWilco2 : & jonnyb: there has been a change in baehvior in code with is messing up hundreds of pages of doc, like this: http://doc.tikiwiki.org/PluginDBReport jonnyb_: not for me - it was my fix of saving it in $plugin_data_saved, but i set that in the bit that runs only if not CODE nkoth3: jonnyb_: so it was more of an incomplete fix rather than a bug jonnyb_: marclaporte: you mean the html encoding? marclaporte: yes jonnyb_: nkoth3: um, more like an incomplete fix leading to another bug - sorry
odd, as i did test (obviously not properly) -: MartinCleaver is reading securitycheck.php ***: jonnyb has quit IRC (Read error: 110 (Connection timed out)) nkoth3: sylvieg: what do we normally do with files like that one that is totally commented out? sylvieg: the CODE stuff - I rollbacked back a fix on nyloth's request MartinCleaver: ok - I don't think I need to understand everything, just the permission_check, right? ***: eromneg has quit IRC (Read error: 110 (Connection timed out)) sylvieg: perhaps it was a security hole - and to avoid problem with people that do a copy and not a replace on new install...
perhaps we can handle this with the installer now - can the installer do a rm file? MartinCleaver: and in this file is feature_check. Didn't I read that you want an incremental list of features added per release? nkoth3: sylvieg: ok, we can talk about this later. So now we leave such files around sylvieg: yeh... -: sylvieg needs nyloth for the CODE problem... nkoth3: MartinCleaver: I think is was a feature request on the HowToRelease page on dev.tw.o MartinCleaver: y, read it somewhere like that.
just dumping out the features per release would help: the diff you can handle later -: marclaporte prepares CODE email
MartinCleaver is figuring out why is a file might be deemed unsafe if it matches extract( ... ) sylvieg: I just sent a message to nyloth to join if he can CIA-65: tikiwiki: 03jonnybradley * r18885 10/trunk/lib/tikilib.php: [FIX] Move setting of $plugin_data_saved to before handling for CODE plugins (CODE body wasn't appearing in plugin edit form) nkoth3: MartinCleaver: most important is to check if the "risky" files in the webroot have some kind of feature/perms check that enables any TIki admininstrator to turn off a certain feature in case of a security issue they need to address MartinCleaver: ok - so rule: "if the file is in root then it must have a feature or perm"
? marclaporte: a file in doc/devtools could be very unsafe nkoth3: MartinCleaver: yes, except for a few exceptions regarding fckeditor because those need to be called directly to work MartinCleaver: ok - so rule: "no files from doc/devtools can be distributed nkoth3: Files in lib can be blocked from direct access through .htaccess as a secondary measure, so although it is ideal if all of them are protected by other means as well, and audited sometime, the risk is not as high as for files in the webroot CIA-65: tikiwiki: 03pkdille * r18886 10/trunk/modules/mod-last_articles.php: [FIX] mod last articles: remove offset param from smarty to avoid some bad side effects on all pagination_links when ajax is active (broken in r17911) nkoth3: Fundamentally, this is a tool for better security risk management, not designed to be watertight, and still work in progress in the sense that it can be improved much ***: ricks99 has quit IRC (Remote closed the connection) MartinCleaver: ok -: MartinCleaver discovers that securitychech.php does do grouping of files into type - this will be helpful.
MartinCleaver adds comment to file's preamble marclaporte: some things we did in the past: we added code to each *.sh file to force to use sh filename.sh to run. Apparently, a poorly configured server could let them execute via web access. This clean up was done once. Not sure if it's part of the check. And new files and changes have not systematically been checkec -: marclaporte thinks this is a good preamble to work on continuous quality effort MartinCleaver: y, manual one-off checks are only proofs-of-concept : they are no capabilities. You need security capabilities - regular processes - to be secure. marclaporte: MartinCleaver: : is there a way to script to check files that are just libs and have no executable code (and are thus safe for sure?) MartinCleaver: perhaps make sure everything is inside a function?
I'd need a meta description of php to be sure
s/meta description/meta model/ marclaporte: If we can do that, we can validate hundreds of files MartinCleaver: php feels very hacky: I'd imagine its hard to parse in a lexical (non executable) way -: marclaporte is checking list of files, starting from the bottom to scout for suspicious files ***: nyloth has joined #tikiwiki nyloth: Hi all :) MartinCleaver: hi nyloth
thanks marclaporte sylvieg: hi :-) -: SEWilco2 draws nyloth a beer.
MartinCleaver is making securitycheck.php output the typing it assigns to files nyloth: What's the problem with CODE ? just the default value ?!
SEWilco2: thx sylvieg: http://doc.tikiwiki.org/tiki-index.php?page=PluginTrackerList
for instance the wiki code =&gt;...
adding ishtml=y ... it not really a solution SEWilco2: Just call me ishtml. nyloth: the problem is that CODE was not well handled before
and migration of data to the new version is a problem sylvieg: but why put ishtml=y on wiki code??? nyloth: in your example, instead of storing '>' chars, it stored '&gt;', or am I wrong ?
sylvieg: no, you should not put ishtml=y. It's not HTML, but the old data is probably wrong (I suppose)
If you create a new page with this, do you still have the problem ? sylvieg: I juste created a CODE on wiki - the same problem
new page or new edit? nyloth: new edit sylvieg: yeh still the problem marclaporte: MartinCleaver & all: how/where should I log files that I check and that are approved? wiki page? in code (for 4.0)? one day, as part of the security script? perhaps with secdb so manual security checks have to be made at each change? nyloth: well, I'll make a test, it was just suppositions MartinCleaver: make me a wiki page please marclaporte: polom Nyloth! MartinCleaver: in future we can set up a round trip against a wiki page.
system checks, sees everything not listed on the wiki page nyloth: but, in principle, if you put '<div>' and don't want this to be interpreted as an HTML, you have to use ishtml=n, and it's the default I presume ***: tim432 has joined #tikiwiki sylvieg: ishtml=n produces {TRACKERLIST(trackerId=&gt;80) /} tim432: This is probably an easy fix, but when creating pages in tikiwiki, lets say i have pages ((Screen)) and ((Screen - 1)). If i create ((Screen)) and then attempt to create ((Screen -1)), the ((Screen -1)) link will go to the ((Screen)) page. Any thouughts? I appreciate the help. nyloth: Ohhhh... In fact it's maybe not the CODE plugin which is in cause... sylvieg: tim432 - there is an option somewhere... nyloth: have a look at http://dev.tikiwiki.org/tiki-index.php?page=TestPageCode
It's broken, right ?
But... If you edit and try a preview, it's OK
so, it's a difference between save and preview
and it's maybe not due to the CODE plugin itself
the behavior in preview mode is OK to me, as I would expect
something somewhere htmlencode too much the output sylvieg: not for me I have loosing the true html... nyloth: You have "loosed the true html" ?
What do you have if you edit and preview the TestPageCode on dev ? marclaporte: http://dev.tikiwiki.org/Security+Check+exceptions -> started -: MartinCleaver clicks nyloth: SecurityCheckExceptions -> why a wiki page instead of a config inside the script ?! MartinCleaver: so others can do the analysis first
before we script nyloth: ok marclaporte: ok, so this is like a buffer? MartinCleaver: and perhaps, we can round trip between the wiki page and the script
for now, we just need enough to do a release nyloth: sylvieg: ? sylvieg: each save on dev.tw took me 250s excution time - you need to be very patient with me when accessing dev.tew or doc.tw nyloth: sylvieg: If you have another uptodate site where we can work together, I'm open :)
sylvieg: and about dev.tw being slow, I don't have the problem here sylvieg: http://dev.tikiwiki.org/tiki-index.php?page=TestPageCode
the ishtml is not working on the last one nyloth: sylvieg: please leave the edit mode if you have finished, so I can make another test sylvieg: lucky dev.tw was fast nyloth: sylvieg: first, your param value was wrong. You have to use "1" and not "y"
sylvieg: I updated the page sylvieg: ak ok thx.. nyloth: sylvieg: and as I said before, the problem is probably not in CODE, because, as you can check, the output of the PREVIEW is not the same as the SAVE (and preview is fine) sylvieg: the rpeview on my local interprets the html... CIA-65: tikiwiki: 03lphuberdeau * r18887 10/trim/ (8 files in 3 dirs): [MOD] Preparing for FTP support nyloth: sylvieg: yes, so there is a bug somewhere which is not related to CODE, that implies a different result between wiki preview and wiki display (save) sylvieg: ok... MartinCleaver: oh! This data structure is very unhelpful: it's set up so I can't immediately index to a record for a given file
is LP on skype?
found him
have asked him to come in - assuming he's logged into skype at the mo
Is it only indexed by position and not by name?
[18/05/09 11:59:46 AM, 18-May-09] Louis-Philippe Huberdeau: don't remember much from that script, wrote it around a year ago and barely touched it since nyloth: marclaporte: I answeredyou on the list marclaporte: nyloth: : tks ***: Wilkins has quit IRC (Read error: 104 (Connection reset by peer)) nyloth: sylvieg: could you have a look for the preview/display difference problem ? -: marclaporte just noticed that maketoc got smarter and can deal with multiple headers with same name http://dev.tikiwiki.org/Release30process#Todo_3 sylvieg: it is what I am doing - but as I tried alerady... not sure I will be more lucky this time MartinCleaver: wow. why is tw.org so slow? nyloth: marclaporte: Yes, but not only. I made many other enhancements to maketoc ;p.... but it was monthes ago
sylvieg: ok, thx sylvieg: I will try 30mn - after I give up nyloth: sylvieg: should be enough for you ;p sylvieg: I already spent one day on this code problem ;-) marclaporte: nyloth: : I noticed also that !# is smart and permits permanent URLs/bookmarks while still showing nice numbering. Very slick nyloth: marclaporte: thx :) you're not often happy from what I commit ;p
s/from/of/ marclaporte: hahahhaha
I want you to commit more! nyloth: lol marclaporte: even after freeze! nyloth: lol, no way ;p ***: snarlydwarf has joined #tikiwiki nyloth: but I'll work on some new things after the release MartinCleaver: marclaporte: is that the only file? marclaporte: MartinCleaver: as of now, yes, I got distracted MartinCleaver: well it's a boring as hell task nyloth: about CODE plugin: afaics, ishtml param was already in 2.x branch.... and problems appeared after an upgrade of 2.x to 3.x, no ? MartinCleaver: which is precisely why it needs to be scripted nkoth3: MartinCleaver: how about I cut and paste the list in for now, and put next to each item a comment MartinCleaver: and the 'as for now' means what, we just let them out unchecked? or we wait?
ok
sounds a good start
thx sylvieg: nyloth: problem pccurs when lph tried to change soem plugin parsing marclaporte: nyloth: : we were wondering above: http://irc.tikiwiki.org/irclogger_log/tikiwiki?date=2009-05-18,Mon&sel=1067#l1063 nyloth: sylvieg: ok. Do you found how to fix ? sylvieg: in the database should we have => or =&gt;
i thought it must eb => but it is escaping right at the begining in tiki-editpage nyloth: I suppose we should have =>
well, not sure, there are so many options (wysiwyf, html, ...)
but I think it should be =>
It's easy to know by checking on a 2.x
marclaporte: good question ;) ***: jonnyb_ has left sylvieg: tiki2 saves as =&gt;
so both save the content of code in the same way
so ... we are back to code plugin MartinCleaver: ok, I can see the type of each file now
http://vps7.etazo.net/3.0/b.html
what's the rule for libs, as these are the largest set
how do files get put in there? Are they all external dependencies? sylvieg: CODE(wiki=1) interprets the plugin - I am lost MartinCleaver: ah, go figure, there are some designated '3rdparty' and 'safe' in the code
so actually zend needs adding to this list methinks sylvieg: ok for wiki - I should read the doc nkoth3: MartinCleaver: -: MartinCleaver perks up nkoth3: can you add it? MartinCleaver: I just did. Didn't work yet. nkoth3: lib/calendar/tikicalendarlib.php MartinCleaver: whacky
what about that one nkoth3: sorry MartinCleaver: k nkoth3: I mean this file needs a include only check
can you add it (just use the same check in other libs) sylvieg: nyloth: I can not figure out - if you say that the database in tiki2 is well set - it means that it must be saved as =&gt; then the escape_html must be false by default and not true MartinCleaver: k nkoth3: hi, anyone knows what is lib/debug/... ? sylvieg: nyloth - and I come back to my commit 17317 - you asked me to rollback - So I have no idea ... Tikiwiki|bot: New Forum Posts: Configurar foro - http://tikiwiki.org/tiki-view_forum_thread.php?forumId=15&comments_parentId=33040 nyloth: sylvieg: I don't think it's related to CODE plugin. ***: Caarrie is now known as Caarrie|away nyloth: sylvieg: from my point of view, it's probably better to store => instead of =&gt; ***: Simmi has joined #tikiwiki nyloth: sylvieg: but it's not the CODE plugin that stores, btw. sylvieg: nyloth: I agree but I do not fell ready to change all tle wiki pages... nyloth: sylvieg: CODE is just used to display and it displays well in preview. The display mode is broken sylvieg: but explain me why http://dev.tikiwiki.org/tiki-index.php?page=TestPageCode I can see <php but not => nyloth: sylvieg: yes, as you wish, but you still can't fix that by looking at CODE plugin nkoth3: MartinCleaver: can you add a permissions check to check for tiki_p_admin to tiki-channels.php
tiki-channel.php, I mean MartinCleaver: k nkoth3: similar check can be found in tiki-admin.php sylvieg: nyloth and what about a big patch in code if &amp;gt;-> replace > ***: chibaguy has quit IRC ("http://www.mibbit.com ajax IRC Client") MartinCleaver: thx sylvieg: nyloth - why this param - if all the > are stored in the database as &gt; -: sylvieg gives up - because my solution is to rerollback the rollback.. nyloth: sylvieg: you will break things, as seen by me and luci nkoth3: MartinCleaver: add an "include only " check to ./lib/wiki/semanticlib.php as well nyloth: sylvieg: this param ishtml is used to decide if the HTML code has to be interpreted (not escaped) or not MartinCleaver: k sylvieg: but this line breaks things too ... nyloth: sylvieg: the preview mode is OK, so how can you consider that the CODE plugin is not ok ???
sylvieg: the CODE plugin does not have a specific behavior for preview sylvieg: it remains me a long time ago discussion about previer and view... nyloth: sylvieg: it was broken after our discussions
sylvieg: we discussed about this before the 2.x release I think
sylvieg: and if I'm not wrong, it's not broken in 2.x
sylvieg: and the ishtml param is the same in 2.x too
sylvieg: in tikilib, line 5488
there is a special handling of CODE plugin
I don't know why
but if you put this instead, it works:
if( false && preg_match( '/^ *{CODE(/', $plugin_start ) ) { sylvieg: I tryed to roll back a lot of lph commits about plugin.. nyloth: I think lph made this special case for CODE
maybe we could just handle CODE as any other plugin by removing this special code that causes problems
it's weird, btw, to have a condition on this plugin only
and this is apparently also the cause of the difference between display and preview xavi: sorry to interrupt (hi all). I was wondering were are the settings for default user preferecens in tiki admin panels nowadays (in tiki3svn ) nyloth: hi xavi xavi: I couldn't find it in the last days
hi nyloth marclaporte: xavi: in community xavi: thanks, marclaporte, I?ll check
there is typo in tiki-admin-include-community.tpl, line 270, which makes the label of a checkbox to be hidden by error
it's not that important, I guess, considering nkoth3 is packaging... Tikiwiki|bot: New Forum Posts: How to display category when printing? - http://tikiwiki.org/tiki-view_forum_thread.php?forumId=4&comments_parentId=33041 nkoth3: hi nyloth/sylvieg: according to lph, he tells me that the special treatment of code was from before, and he tried to remove it but stuff broke. Apparently the parser parses from inside out so when code is nested or nests plugins, things break... CIA-65: tikiwiki: 03marcoaasilva * r18888 10/branches/3.0/lang/pt-br/language.php: pt-br translation xavi: commit-freeze in 3.0? ***: Simmi has quit IRC ("Leaving.") nkoth3: nyloth/sylvieg: not sure if jonnyb's commit on trunk this morning in this place regarding $plugin_data is any help...
I mean $plugin_data_saved sylvieg: is it for the edit of plugin - at only one level? nyloth: nkoth3: do lph has an opinion about the special treatment of CODE plugin ? For me, there is no reason why a plugin should have this kind of treatment.
? nkoth3: because CODE could have wiki syntax in them which you want to keep as e.g. to show the syntax
I think there is a chance it gets parsed or reparsed or something and in the end you can't have any wiki syntax in CODE that stays unparsed nyloth: nkoth3: other plugins mauy have wiki syntax in them nkoth3: yes, but you'd like them parsed, right? nyloth: not necessarily nkoth3: yeah, it is a generic problem, but because CODE is used often to show wiki syntax examples, it is the worst problem nyloth: well, it doesn't explain why a special treatment has to be done. For me, the plugin system should take care of those cases and be rock solid nkoth3: yes, but the plugin parser (legacy) is rather dumb in that it parses from inside out with no knowledge of the tree (or DOM if you wish)
to fix this is major rewrite
the special treatment of CODE I think was not introduced my lph. He says it's legacy nyloth: yes, I know this part is not from lph, but sad that he didn't found a way to handle this sylvieg: sorry - yes it wah already there in 2005 - lph tried to delete it - I rrollbacked marclaporte: I have a ride to catch back to Montreal. Thanks everyone and keep up the great work! nkoth3: on different topic (I am looking through sec. check list) can anyone confirm that tiki-view_cache is something to do with a feature, and if so, which one? MartinCleaver: [18/05/09 1:05:10 PM, 18-May-09] Louis-Philippe Huberdeau: it existed long before my time
[18/05/09 1:06:01 PM, 18-May-09] Martin Cleaver http://twitter.com/mrjcleaver: I'm not in that conversation...
[18/05/09 1:06:18 PM, 18-May-09] Louis-Philippe Huberdeau: I don't feel the need to be in it
sorry, shouldn't have pasted all that nkoth3: lol
anyone knows about the tiki-view_cache?
also, any reason why tiki-wap should not have a check for feature_mobile? ***: caralluna_ has quit IRC (Read error: 104 (Connection reset by peer)) nkoth3: MartinCleaver: I have updated the sec check page -: MartinCleaver looks nyloth: I need to go ... bye all ***: caralluna has joined #tikiwiki MartinCleaver: tata ***: nyloth has left "Konversation terminated!"
marclaporte has quit IRC (Read error: 60 (Operation timed out)) nkoth3: ok, updated again - minor fix for one missing comment
MartinCleaver: the TODO seems to be good to do
to me
after which I think we are good to proceed, if no other comments from any others -: MartinCleaver is reading MartinCleaver: great work
I've been working on a making securitycheck.php take a set of regexs
almost there nkoth3: MartinCleaver: i think it already takes a set of regexes, but i suppose you are adding more? MartinCleaver: didn't take regexs for type, took the 2nd component part of the path, but many libs are deeper than /lib/ nkoth3: ah
MartinCleaver: we do want to release today, so if improvign the sec check script takes too long, it can wait MartinCleaver: y, I can do rough regexes based on the input you just gave. Looks like the code change I made is working.
long term, I think we'll take a secdb-centric approach
maybe md5 every incoming file,
but this will do for now -: MartinCleaver is down from 1394 to 399. MartinCleaver: 131 ChadDa3mon: is there no way to have tikiwiki do ldap and static user accounts now?
I could swear it worked in some version of 3.X sylvieg: not yet - need to be reintroduced as this feature ws a security hole ChadDa3mon: yea, I figured that was it
just makes my testing with dummy users rather difficult
but security does come first xavi: off topic, but I need to sort it out in short: I'm attempting to provide information to my students on their final grade, and I was planning to use a tracker, in which each user can only see the record for that user, not the others. MartinCleaver: brb - lunchtime xavi: I 've been following the http://doc.tikiwiki.org/Group+Tracker instructions, but it doesn't work for me: ...
... I mean, either a student can see more than his own record, or he cannot see anyone
anyone's, no even the one from himself, I mean
sylvieg, did group tracker work for you?
btw, using a tiki 2.4 sylvieg: was working 2 weeks ago xavi: on 2.x? sylvieg: 3
not working at all in 2 xavi: "not working at all in 2": so that the documentation from mlpvolt was for tiki 3, and it had never worked for 2.x? sylvieg: doc is straneg view=+user - should be view=+group xavi: well, I could figure out that bit. But besides that, it doesn't seem to work for me as explained there for tiki 2.4
I'll give it a try playing with the "visible by author and admin" at the field level, with a link to full record. CIA-65: tikiwiki: 03jonnybradley * r18889 10/branches/proposed/ (31 files in 17 dirs): [MRG] manual merge, /branches/3.0:18363-18887 -: MartinCleaver is back MartinCleaver: It would be nice to move all the external libraries into lib/external
or move tiki libs from /lib into /tiki-lib/ CIA-65: tikiwiki: 03jonnybradley * r18890 10/branches/proposed/lib/tikilib.php: [FIX] Move setting of $plugin_data_saved to before handling for CODE plugins (CODE body wasn't appearing in plugin edit form) xavi: sylvieg, I managed to get the same kind of (expected) behavior through the "visible by" field type
fyi
in 2.4 MartinCleaver: nkoth3: there's a section near 1875 in http://dev.tikiwiki.org/Security+Check+exceptions
seems incomplete?
http://vps7.etazo.net/3.0/b.html is where I am at nkoth3: right
I kind of skipped that part MartinCleaver: :) nkoth3: basically all the lib/......php are either should have a check
or be exempted for some other reason. ***: zsircusr has joined #tikiwiki nkoth3: check for include only -: zsircusr is in car... nkoth3: so should the smarty_tiki
they should all be include only
brb ***: zsircusr has quit IRC (Client Quit) MartinCleaver: k ***: mlaporte has joined #tikiwiki
mlaporte has quit IRC (Read error: 104 (Connection reset by peer))
tim432 has quit IRC ("http://www.mibbit.com ajax IRC Client")
ScaryLptp has quit IRC ("( www.nnscript.com :: NoNameScript 4.22 :: www.esnation.com )")
ChadDa3mon has quit IRC ("~ Trillian Astra - www.trillian.im ~") nkoth3: MartinCleaver: ok updated MartinCleaver: thx
this code is clever, but hell it is confusing
write-only code. yuk.
there must be some code quality tools you can apply to the code base
maybe some voting on nicest and horriblest parts of the code
ok - please explain someone - http://pastey.net/114484
This is the output of var_dump
what data structure is this?
says its an array of three elements, but the 0th element is followed by an element labelled [0] ***: FrankP_german has joined #tikiwiki MartinCleaver: is it an array of 3, with the zeroth element being a named element whose value is an array of one element?
and the other elements being named, not numbered?
I suppose it is. Now I don't know why, but there you go. sylvieg: ir is an array of 3 elts and the first elt is an array on one elt MartinCleaver: y, its a dually numbered and named array
I don't understand why its built this way, but at least I understand now
thansk sylvieg: I agree it is not clean
code programming do not put together strunh key and numeric key
string key ***: shawn-ffbh has joined #tikiwiki SEWilco2: Or convert numeric key to string by prepending a string to it? ***: vilisi_t has joined #tikiwiki
franck_ has joined #tikiwiki
pascalstjean has quit IRC ("http://www.mibbit.com ajax IRC Client")
pascalstjean has joined #tikiwiki
gezza has joined #tikiwiki
franck has quit IRC (Read error: 113 (No route to host))
snarlydwarf has quit IRC (Remote closed the connection)
snarlydwarf has joined #tikiwiki
pretor31 has joined #tikiwiki pretor31: i have a question. i just installed tikiwiki on a local machine to test the quiz plugin. this wiki seems to have much potential but i seems to be somehow confusing. i checked http://doc.tikiwiki.org/tiki-index.php?page=Quiz+Admin&structure=Documentation but following the manual i still dont find this plugin, so does anyone know how i can activate it using twiki 2.4? Tikiwiki|bot: Welcome to the official Tikiwiki English Irc channel, Please just ask your question, dont ask to ask, someone will reply if and when they know the answer. Welcome again and please stay awhile
Welcome to the official Tikiwiki English Irc channel, Please just ask your question, dont ask to ask, someone will reply if and when they know the answer. Welcome again and please stay awhile luciash: pretor31: try on Admin > Text area pretor31: yes and how does that help me? luciash: is there list of the plugins ?
to enable/disable nkoth3: anyone knows what feature is tiki-view_cache for? pretor31: there is a list on admin mods but this quiz as mentioned in the webpage is not available, that is my problem luciash: nkoth3: i think it was used to view cached websites/external images nkoth3: and is there any feature associate to it? luciash: nkoth3: i believe yes
nkoth3: tiki-view_cache.php pretor31: no or at least i cant find it. it also isnt mentioned that this plugin is based on any other luciash: nkoth3: amette uses that on his blog for example
pretor31: lemme see the doc page, just a moment pretor31: k thx
oh damn i just found it :/ luciash: pretor31: what plugin you mean ? pretor31: i used to search directlyand thought it were all plugins there but to found under features > more functionality > quizzed luciash: the "plugin disabled" message ? sorry for confusion, it is picture plugin disabled on doc.tw.o
yes, it is feature, not plugin actually pretor31: that was my fault, i will test this plugin now .. thanks for helpin ***: pretor31 has quit IRC ("ChatZilla 0.9.84 [Firefox 3.0.10/2009042316]") nkoth3: luciash: can't find it. Only thing I can find is $prefs['cachepages'] ***: rodrigo_sampaio has quit IRC ("Leaving.") nkoth3: that is it, I think MartinCleaver: nkoth3: if ($prefs['cachepages'] != 'y') sylvieg: tiki-list_cache.php? nkoth3: yes ***: nyloth has joined #tikiwiki nkoth3: well, view_cache is the one that has no check right now
but list_cache is an admin on ly page anyway
is it essential to put a feature check in admin pages? nyloth: Hi again :)
sylvieg: did you find a solution for CODE ? sylvieg: for a security reason - no a perm check is enough
nyloth: http://pastey.net/114489 gezza: hi! I am translating the promotion sheet and got a bit uncertain about the KDE reference there..just checked kde.org, are they really using Tiki? sylvieg: :-X nkoth3: wiki.kde.org gezza: ok, thanks ***: danopia` is now known as danopia gezza: that looks like tiki, ok :) nyloth: sylvieg: this still not fix the preview/display difference, right ? sylvieg: no - this one is a deeper problem
as it is not only for CODE
and plugin ***: pascalstjean has quit IRC ("http://www.mibbit.com ajax IRC Client")
franck_ has quit IRC () CIA-65: tikiwiki: 03mrjc * r18891 10/branches/3.0/ (tiki-channel.php tiki-view_cache.php tiki-wap.php): With nkoth3, added missing permissions and feature checks ***: SEWilco2 has quit IRC ("Leaving.") CIA-65: tikiwiki: 03mrjc * r18892 10/branches/3.0/doc/devtools/securitycheck.php:
tikiwiki: Changes to allow lookup by pathname, and accepted as 3rd party many other libs.
tikiwiki: Built part of new feature to aggregate files according to which feature the file
tikiwiki: contributes to, but this is disabled as it has a bug (introduces 'Array' into
tikiwiki: the last column of the table) ***: franck has joined #tikiwiki MartinCleaver: after running sh convertsqls.sh , do I need to commit them? -: MartinCleaver sets $this->version = '3.0'; on nkoth3's head nyloth: MartinCleaver: convertsqls.sh has probably not changed any files, no ? Is suppose there was no DB changes since rc2 nkoth3: nyloth: some strange " escaping of some lines
you want to see the diff in a pastebin? nyloth: nkoth3: yes nkoth3: something like this http://pastey.net/114492 nyloth: nkoth3: strange. I fear that those changes are bad. I think it's better to revert them (svn revert) and commit nothing (since there are no DB changes) nkoth3: ok, then we just commit lib/setup/twversion.class.php right? nyloth: nkoth3: yes CIA-65: tikiwiki: 03mrjc * r18893 10/branches/3.0/doc/devtools/securitycheck.php: [ENH] better comments - functionally same nkoth3: maybe we should introduce [DOC] for just code documenting/commenting changes... nyloth: nkoth3: yes, DOC might be a good addition. And we also need something for translations ***: jonnyb has joined #tikiwiki CIA-65: tikiwiki: 03mrjc * r18894 10/branches/3.0/doc/devtools/release.php: [DOC] updating documentation re: weird SQL quote problem after convertsqls.sh
tikiwiki: 03mrjc * r18895 10/branches/3.0/lib/setup/twversion.class.php: [REL] Preparing 3.0 release -: MartinCleaver pre-pares php doc/devtools/release.php 3.0 pre nyloth: cool :)
thx MartinCleaver for handling the release :) CIA-65: tikiwiki: 03mrjc * r18896 10/branches/3.0/README: [REL] Update README file for 3.0 MartinCleaver: lang in process ***: gezza has quit IRC ("http://www.mibbit.com ajax IRC Client") nkoth3: if the pre package is good, we don't have to rerun all these lanugage/readme/copyright etc... right? MartinCleaver: tiki is presently accomodating the flag:fj nyloth: nkoth3: right, you could reply 'n' to these steps in the interactive mode of the release script
since they will already be commited and uptodate MartinCleaver: thx nyloth: well, it seems that the 'pre' was put in README file (maybe we should change release script to avoid the 'pre' part)... so, this means that, ideally, you will still have to answer 'y' to the README update step (but this is the fastest one ;) ) CIA-65: tikiwiki: 03mrjc * r18897 10/branches/3.0/lang/ (35 files in 35 dirs): [REL] Update language.php files for 3.0
tikiwiki: 03mrjc * r18898 10/branches/3.0/changelog.txt: [REL] Update changelog.txt for 3.0 nyloth: MartinCleaver: the copyright step is _very_ long, due to sf.net ... it's the coffee step :) MartinCleaver: :) nyloth: (or beer if you prefer ;) ) MartinCleaver: hmmm. beer
it is a vacation day, officially, here in Canada nyloth: ok :)
lucky guy :) MartinCleaver: well, if I'd had the day off ***: FrankP_german has quit IRC ("Nettalk6 - www.ntalk.de") nyloth: yes, sure amette: nkoth3 luciash : cache feauture? nkoth3: hi amette: I found prefs['cachepages'] amette: nkoth3: alright... I just read back...
... I think it's not essential to do anything about it... ***: marclaporte has joined #tikiwiki amette: ... it might be nice to have more prefs there - but it's an ages old feature and no one ever complained and it's mostly ok like that..
... it's like having a small mirror of archive.org on your site, I think! ;)
But basically - yes, it would be definitely nice to have more prefs for that! :D nkoth3: np, all i added was a check for the prefs['cachepages'] == y to access tiki-view_cache.php -: amette assumes that it is the "(cache)" links after off-site-(wiki)-links - which he is rather sure about amette: aaaah, ok, that is the HTML-only version inside the Tiki-cache, yeah...
so your addition means that generally people are allowed to view the cached version? nkoth3: people are already allowed amette: I think that should be more or less ok (even though I usually would say "site admin has to opt-in instead of opt-out")
ok marclaporte: polom amette: moloq nkoth3: hi - I just saw your email about the readme.txt CIA-65: tikiwiki: 03mrjc * r18899 10/branches/3.0/copyright.txt: [REL] Update copyright.txt for 3.0 ***: eromneg_ has left nkoth3: MartinCleaver: can you merge the second last version of the text of README (the one before you ran the script) into the release.php? MartinCleaver: ok nkoth3: btw, you made copyright.txt this time : nyloth: hi marclaporte -: MartinCleaver looks at the README file nkoth3: thereis a broken link in that version
or maybe in the current version as well. http://tikiwiki.org/TikiReleases
this is also broke http://doc.tikiwiki.org/Install+Problems
I think we can remove this line: * http://doc.tikiwiki.org/Install+Problems for what to do in case of problems CIA-65: tikiwiki: 03mrjc * r18900 10/branches/3.0/README: [DOC] Merged back Xavi's doc changes as per marclaporte's email Mon, May 18, 2009 at 6:49 PM MartinCleaver: hang on - do you want a change other than in README?
Is copyright manually updated as well as automated? nkoth3: I think we have to update the "text" in release.php MartinCleaver: ah nkoth3: otherwise everytime you update README using the script, it will replace it again...
we should also (to avoid broken link) remove this line: * http://doc.tikiwiki.org/Install+Problems for what to do in case of problems MartinCleaver: oh, I see copyrights now nkoth3: before you commit, let me check. there are a bunch of broken links
in the README -: MartinCleaver makes the change again, this time on vps7 instead of on his laptop ***: Caarrie|away is now known as Caarrie
marclaporte has quit IRC (Read error: 110 (Connection timed out))
mlaporte has joined #tikiwiki -: MartinCleaver looks for a replacement for releases link MartinCleaver: http://tikiwiki.org/TikiReleasesDoc ?
Would be better to list newer releases first nkoth3: why not just http://tikiwiki.org/ReleaseNotes30 and change the text to indicate that it is a link to the release notes for this version? mlaporte: woahhhhh /me never knew (forgot?) about http://tikiwiki.org/TikiReleasesDoc -: MartinCleaver waits for decision nkoth3: well, if we are updating the README manually, then we don't have to update it using the script later...
Having it in 2 places seems messy
anyway,
go with http://tikiwiki.org/ReleaseNotes30 unless anyone else has another better page
because http://tikiwiki.org/TikiReleasesDoc needs updating/cleaning before it can be used nyloth: nkoth3: we should not update README manually. The release script handles this and updates years, etc.
so, the best is to update text in release.php MartinCleaver: doc.tikiwiki.org?
brb nkoth3: nyloth: hmm... ok... then MartinCleaver, change release.php and also put a step in the howto section to "update text in the README text , check links, and check if anyone has committed anything to README independently that needs to be merge ***: snarlydwarf has quit IRC ("Ex-Chat") jonnyb: Ahoy all about The Good Ship Tiki! We have 3? Not quite i gather... nyloth: hi jonnyb :) jonnyb: Anything i can do? (not hanging around for long - 3am finishes too painful these days)
hi nyloth MartinCleaver: ok nyloth: jonnyb: well.. In fact I would very much appreciate one particular fix from you :)
jonnyb: related to jquery -: jonnyb hope's it's an easy one... nyloth: jonnyb: in fact I don't use your wonderful work just because the tree explorer in filegals is not working with jquery :'(
so, if you have a few minutes ... :) -: jonnyb thinks about it and adopts the "brace" position nyloth: :) jonnyb: tree is good for me in filegals with jq - in firefox? ***: marclaporte has joined #tikiwiki nyloth: well, sorry, not the tree itself, but the show/hide tre jonnyb: aha - lemme check it out nyloth: :) jonnyb: is ok in safari... nyloth: I'm using FF jonnyb: also in ff - ok
(doh! jq off ;) ) nyloth: LOL jonnyb: it's late... :)
ok, yes - mangled show/hide effect - should be do-able nyloth: thank you :)
so... I have to go... see you later :) jonnyb: if there's a clean fix should i commit to trunk? ***: nyloth has left "Konversation terminated!" CIA-65: tikiwiki: 03mrjc * r18901 10/branches/3.0/doc/devtools/release.php: [DOC] updated release instructions jonnyb: i guess not - it's packed and gone, y? MartinCleaver: not gone yet, can't comment on whether you can commit jonnyb: i mean commit to 3.0? But nyloth's gone now, so i guess it's one for 'proposed' nkoth3: trunk, sure
you were asking about 3.0? jonnyb: it's adding " || foo == 'fgalexplorer'" ro the filp function in tiki-jquery.js
i meant 3.0, nkoth3 - was checking what nyloth's expectations were
it's not a blocker nkoth3: ah, but he left before he could indicate what his expectations were jonnyb: indeed
wasn't sure if it was part of the release thing - can't see it really matters, i'll stick it in trunk nkoth3: k jonnyb: in fact i'll come up with a better solution - but another day - nite all, happy tiki'ing ***: jonnyb has left