| ../irclogs/#mantishelp.2009-11-06.log | ||
| --- scribe started --- | 00:00 | |
| dhx_m | vb123: we do have quite a lot of faulty plugins on MantisForge... some with glaring security (XSS) vulnerabilities, etc | 01:02 |
|---|---|---|
| vb123 | dhx_m: we should make sure to report any security issues to the authors. | 02:34 |
| vb123 | we should also think about certain plugins for which we refer to explicitly and hence providing some level of confidence. | 02:34 |
| vb123 | The core plugins is a subset of that. | 02:35 |
| kirillka | vb123: lo | 04:15 |
| kirillka | what about faq? | 04:15 |
| kirillka | vb123: contact with me kirillkr on googlemail | 04:33 |
| vb123 | kirillka: ? | 08:45 |
| kirillka | vb123: hi | 08:46 |
| vb123 | my user name on mantisforge is vboctor | 08:46 |
| kirillka | one sec | 08:46 |
| kirillka | vb123: ok | 08:48 |
| kirillka | now you have access to 3 plugins | 08:49 |
| vb123 | which ones? | 08:49 |
| kirillka | with owner krasnovforum | 08:49 |
| kirillka | where owner cas I don't know pass | 08:50 |
| kirillka | faq, bbcode, highlightcode | 08:50 |
| kirillka | dhx_m: hi, you here? | 08:50 |
| dhx_m | kirillka: yep, hi :) | 08:51 |
| vb123 | I checked in some FAQ fixes: http://git.mantisforge.org/w/faq.git?a=commitdiff;h=d602552badcdf282eac57b17f09d459c954145f3 | 08:51 |
| kirillka | what you accaunt on git? | 08:51 |
| dhx_m | dhx on mantisforge I believe | 08:51 |
| dhx_m | I'll confirm | 08:51 |
| kirillka | ok | 08:51 |
| vb123 | kirillka: can you check why these errors were not showing in your environment? | 08:52 |
| kirillka | add | 08:52 |
| dhx_m | hmmm there are usernames on mantisforge? | 08:52 |
| dhx_m | oh yeah there is | 08:52 |
| dhx_m | I see it now | 08:52 |
| dhx_m | dhx it is | 08:52 |
| kirillka | I add you too | 08:53 |
| kirillka | vb123: one sec | 08:53 |
| vb123 | ok | 08:54 |
| dhx_m | thanks | 08:54 |
| kirillka | vb123: you right. on test - machine not work. | 08:58 |
| vb123 | you mean the FAQ before my checkin? | 08:59 |
| kirillka | ÎÕÙ | 08:59 |
| kirillka | yes | 08:59 |
| vb123 | so you changed your error reporting settings? | 09:01 |
| kirillka | yes. | 09:01 |
| vb123 | ok, no you can check all the plugins you have access to. | 09:02 |
| vb123 | I just noticed something with the bbcode plugin. | 09:02 |
| vb123 | once it is installed, the following happens: | 09:02 |
| vb123 | Before: NoteA | 09:02 |
| kirillka | in highlight more notice from dhx_m | 09:02 |
| vb123 | After: <p>NoteA</p> | 09:02 |
| vb123 | sorry, I meant the highlight not the bbcode. | 09:02 |
| vb123 | bbcode was installed as well. | 09:03 |
| kirillka | this plugins must rewriten with bbcode - bar | 09:04 |
| vb123 | what do you mean? | 09:04 |
| kirillka | in textarea add bar with button | 09:04 |
| dhx_m | bbcode is prone to xss attacks | 09:05 |
| dhx_m | and fixing it doesn't seem easy | 09:05 |
| kirillka | dhx_m: highlightcode - too | 09:05 |
| dhx_m | yep | 09:07 |
| kirillka | vb123: on test site last version of faq | 09:10 |
| kirillka | all work | 09:10 |
| vb123 | yep, I did some testing here. | 09:13 |
| vb123 | after my fixes. | 09:13 |
| kirillka | vbBig thanks | 09:19 |
| kirillka | vb123: Big thanks | 09:19 |
| vb123 | no problem. | 09:19 |
| kirillka | dhx_m: If you help fix xss from plugins - big thanks too ;) | 09:22 |
| dhx_m | if I get time, sure :) | 09:40 |
| dhx_m | is there some sort of "bbcode standard"? | 09:41 |
| ln- | once a bug report has been entered to project X, can it be modified to belong to project Y? | 12:43 |
| dhx_m | yes | 12:45 |
| dhx_m | just move it ;) | 12:45 |
| dhx_m | you will then need to manually update the category once it is in project Y | 12:45 |
| ln- | oh, there's the Move button indeed | 12:46 |
| ln- | thanks | 12:46 |
| dhx_m | :) | 12:48 |
| CIA-22 | Mantisbt: jreese * r82a3b9ced185 /core/ (5 files in 2 dirs): Implement optional sorting for custom columns | 16:16 |
| CIA-22 | Mantisbt: jreese master-1.2.x * re99d93b12a8d /core/ (5 files in 2 dirs): Implement optional sorting for custom columns | 16:16 |
| daryn | nuclear_eclipse - that seems like a new feature to me. Why did you merge it to 1.2.x? | 17:22 |
| nuclear_eclipse | because it "fixes" incompleteness that I had started adding to 1.2 from before we had an RC | 17:25 |
| daryn | oh, ok. | 17:25 |
| nuclear_eclipse | eg, I'm finally finishing what I had started weeks ago :P | 17:25 |
| daryn | just wondering | 17:25 |
| nuclear_eclipse | yeah, there are definitely a lot of things that went into the RC's lately that have been altogether new features or changes, and I don't like to do things like that, but the custom filter/column features were incomplete without the stuff I added yesterday/today | 17:26 |
| nuclear_eclipse | at this point though, I think I'm ready to drop an RC3 with all the SOAP fixes, or even just push a final release | 17:27 |
| daryn | would be nice to get to final for sure | 17:27 |
| nuclear_eclipse | rombert's fixes for SOAP have really been what I was hoping to get before a final release all along... | 17:28 |
| daryn | i've seen some complaints about new features on here but seems like nobody actually asks about it so I thought I'd ask | 17:28 |
| daryn | new features in an RC that is | 17:28 |
| nuclear_eclipse | paul just makes snarky comments :P | 17:28 |
| daryn | yeah i don't really like passive agressive...just tell me you disagree and we'll deal with it | 17:29 |
| daryn | so...your explanation works for me. looks like a good feature. | 17:29 |
| nuclear_eclipse | thanks :) | 17:30 |
| nuclear_eclipse | It will allow things like `filter on issues with changesets attached`, or `show me how many changesets are attached to each issue in this list` | 17:30 |
| daryn | i like the direction you took with the filters. i was looking in a similar direction but hadn't had time to work on it | 17:32 |
| daryn | should make things easier, better for future | 17:32 |
| nuclear_eclipse | yeah | 17:32 |
| nuclear_eclipse | anywho, lunchtime here | 17:32 |
| nuclear_eclipse | cheers | 17:32 |
| daryn | cheers | 17:33 |
| Watergad | Good evening. Sometime being actively used Mantis ends an event with a blank page (bug_update.php, bugnote add etc.). Could anyone give a clue? | 18:02 |
| Watergad | about 50-70 users, <100 projects, <500 issues | 18:04 |
| Watergad | s/Good evening/Good day or even morning for you, I suppose (: | 18:05 |
| daryn | Watergad that is usually some sort of php error. have you checked the web server logs? | 18:11 |
| Watergad | oops... I didn't | 18:12 |
| Watergad | sorry, had to do it first | 18:12 |
| daryn | no problem | 18:12 |
| lwf | hi! is it possible to allow signups without checking the email address? | 19:30 |
| lwf | or if i put it like this, can mantis 1.1.8 be used without a mail server? | 19:38 |
| nuclear_eclipse | lwf: if you run Mantis on unix/linux, yes | 19:39 |
| lwf | nuclear_eclipse: unfortunately not, it's running on windows | 19:40 |
| nuclear_eclipse | hmm, it "can" run without email, but bug trackers tend to not be as useful without email and notifications... | 19:43 |
| lwf | i suppose that's true | 19:46 |
| lwf | can you recommend any simple mail server for that purpose that is easy to setup on windows? | 19:47 |
| lwf | oh, and it won't have any domain name | 19:47 |
| lwf | if that makes any difference | 19:47 |
| nuclear_eclipse | that's fine, it just needs to be a relay | 19:48 |
| nuclear_eclipse | and no, I don't know any off-hand, but http://en.wikipedia.org/wiki/Comparison_of_mail_servers might help | 19:48 |
| lwf | i'll give that a try, thanks | 19:49 |
| lwf | doesn't a relay need a smtp server to forward the mails to? | 20:01 |
| Watergad | what for if you even wanted to run w/out mailserver, just use standalone email server. No, it's optional - to forward email further | 20:02 |
| lwf | would this do? http://emailrelay.sourceforge.net/ | 20:03 |
| Watergad | Seems that it's not exactly what you want | 20:05 |
| Watergad | But I can be wrong, I'm not familiar with email servers enough | 20:05 |
| lwf | i want mantis to be able to send mails from a windows machine, that's all :) | 20:06 |
| lwf | other than that i don't know much about email either | 20:06 |
| Watergad | There are many small easy win mailservers | 20:07 |
| Watergad | I don't remember exactly names, I just opened google and found the smallest (: | 20:07 |
| Watergad | it was about 4 years ago but I don't think anything changed | 20:08 |
| lwf | shoot | 20:08 |
| Watergad | just check out URL nuclear_eclipse has given | 20:09 |
| Watergad | *give | 20:09 |
| lwf | oh | 20:09 |
| lwf | so i want SMTP then and that's all? | 20:10 |
| Watergad | afaik yes | 20:10 |
| Watergad | http://www.google.com/search?hl=en&source=hp&q=mail+server+windows smth like that | 20:13 |
| lwf | i'l looking at hMailServer atm | 20:13 |
| Watergad | yes, it looks enough for your needs | 20:13 |
| Watergad | and quite simple to not to think a lot about it | 20:14 |
| lwf | it doesn't look a so bad | 20:14 |
| Watergad | I suppose my last phrase was not composed properly, nevermind | 20:19 |
| Watergad | lack of english practice, sorry... | 20:20 |
| lwf | no problem, your english is fine | 20:21 |
| paulr_ | . | 20:27 |
| paulr_ | 7:44 < nuclear_eclipse> paul just makes snarky comments :P | 20:29 |
| paulr_ | nuclear_eclipse: out of interest | 20:29 |
| paulr_ | did you look at ldap patch? | 20:29 |
| nuclear_eclipse | you mean the patch to lang_api? | 20:30 |
| paulr_ | nod | 20:31 |
| paulr_ | it should be a no-op | 20:31 |
| nuclear_eclipse | I saw it and wasn't really sure what the change was for | 20:32 |
| paulr_ | changing lang files to array | 20:33 |
| paulr_ | it should be a non-change backwards compatible | 20:33 |
| paulr_ | until we change lang files | 20:33 |
| paulr_ | which is something siebrand/myself have been discussing logistics of | 20:33 |
| nuclear_eclipse | ok | 20:33 |
| paulr_ | iirc, we discussed in here 2-3 months ago | 20:33 |
| paulr_ | but basically | 20:33 |
| paulr_ | $s_foo = 'bar', $s_moo = 'moo' | 20:33 |
| paulr_ | becomes | 20:33 |
| paulr_ | $g_lang['foo'=bar, $g_lang['moo']=moo | 20:34 |
| nuclear_eclipse | would be nice to be able to keep multiple langs in memory at once for places like email generation where X people getting notified use diff langs each | 20:37 |
| paulr_ | I dont change/limit that through right? | 20:37 |
| nuclear_eclipse | I dunno | 20:37 |
| paulr_ | this if anything should be a no-change-performance fix | 20:37 |
| nuclear_eclipse | I'm just saying it'd be nice to not have to re-read the lang files every time | 20:37 |
| paulr_ | (i.e. we dont do preg_replace or whatever on 500 strings) | 20:38 |
| paulr_ | i'm thinking of long term | 20:38 |
| paulr_ | once we have an array | 20:38 |
| paulr_ | we can serialise array and cache if somewhere | 20:38 |
| paulr_ | (file/memcache maybe?) | 20:38 |
| nuclear_eclipse | yeah | 20:41 |
| paulr_ | if we can confirm the lang api change is a no-change | 20:41 |
| paulr_ | we can commit | 20:41 |
| paulr_ | and then siebrand/myself can work out logistics of getting translate wiki sort | 20:42 |
| paulr_ | +ed | 20:42 |
| lwf | it's alive! i just got my first email server working... on windows 2000 | 20:50 |
| lwf | i feel a little dirty but it's ok | 20:51 |
| lwf | thanks guys! | 20:51 |
| Watergad | congratulations | 20:51 |
| nuclear_eclipse | lwf: just make sure it can't be accessed outside your network, don't want to be acting as a spam relay | 20:52 |
| lwf | it's already protected by a firewall but i suppose configuring the server not to accept any connections from other hosts couldn't hurt, thanks | 20:53 |
| paulr_ | nuclear_eclipse: so anything wrong/invalid with patch? :P | 21:08 |
| paulr_ | lwf: windows 2000??? | 21:08 |
| lwf | paulr_: windows 2000 professional, actually | 21:10 |
| lwf | that mean it's good | 21:10 |
| nuclear_eclipse | paulr_: not that I could tell really | 21:13 |
| paulr_ | so its fine I guess? | 21:17 |
| nuclear_eclipse | if it breaks 1.3 for a while, I'm not going to be heartbroken ;) | 21:18 |
| paulr_ | ok | 21:20 |
| paulr_ | :) | 21:20 |
| paulr_ | worksforme | 21:20 |
| * nuclear_eclipse assumes you won't be committing that patch to 1.2 | 21:21 | |
| paulr_ | trunk | 21:21 |
| paulr_ | I only commit to trunk / | 21:21 |
| * paulr_ pokes siebrand | 21:21 | |
Generated by irclog2html.py