| ../irclogs/#mantishelp.2010-06-21.log | ||
| --- scribe started --- | 00:00 | |
| dhx_m | I'm now up to testing my new bug_update.php | 07:23 |
|---|---|---|
| dhx_m | will try and push it to MantisForge later for more testing | 07:23 |
| dhx_m | it fixes millions and billions of bugs :) | 07:23 |
| dhx_m | and probably introduces a couple of new ones I imagine | 07:23 |
| nuclear_eclipse | Draggor: there/ | 12:51 |
| dhx_m | no but I am :) | 13:04 |
| nuclear_eclipse | hi dhx_m | 13:32 |
| Draggor | nuclear_eclipse: heyo | 15:44 |
| slestak | is there a cron I can add to update my repos in sourcecontrol plugin? | 16:28 |
| slestak | maybe an Import Latest Data every 60 minutes? | 16:28 |
| nuclear_eclipse | slestak: yep | 16:37 |
| nuclear_eclipse | `curl http://domain/mantis//plugin.php?page=Source/repo_import_latest.php` sort of thing | 16:38 |
| nuclear_eclipse | requires enabling "Remote Imports" from your source integration configuration page | 16:38 |
| nuclear_eclipse | and adding the server's IP to the whitelist | 16:39 |
| nuclear_eclipse | Draggor: re URL sniffing | 16:39 |
| Draggor | nuclear_eclipse: What's up? | 16:39 |
| nuclear_eclipse | I'm all ears if you have a better idea of how it should work, but afaik, if you're setting up a reverse proxy system, you shouldn't need to be rewriting urls behind the proxy -- that just seems like it's a) asking for trouble, and b) has no proper solution for the application | 16:41 |
| nuclear_eclipse | ie, how can the application possibly know what URL is being used from in front of the reverse proxy? | 16:41 |
| Draggor | Well, I set the $g_path and that's exactly what I want it to use | 16:42 |
| nuclear_eclipse | also, if you really do have something really complex, you should be able to just set $g_path, $g_short_path, etc in your config_inc.php, and everything should just work | 16:42 |
| Draggor | That's not entirely true | 16:42 |
| Draggor | unless I'm misconfiguring things | 16:42 |
| nuclear_eclipse | if you're setting $g_path in your config_inc.php, then I don't know how it can't be working right, because all of the URL sniffing takes ploce before config_your inc.php overrides those values | 16:43 |
| Draggor | What I keep seeing, for instance, when as an admin I go to delete another user | 16:44 |
| Draggor | When it gets to the confirm page, the action of the form is different from everything else I see | 16:44 |
| nuclear_eclipse | are you setting $g_short_path? | 16:45 |
| Draggor | So my g_path is www.dracolair.net/tracker/ and my short path is /tracker/. My mod rewrite transforms the request to dracolair.net/www/tracker/. The action on the form comes out as /www/tracker/manage_user_delete.php instead of just manage_user_delete.php | 16:45 |
| nuclear_eclipse | oh, that sounds like your reverse proxy is doing something that it shouldn't be | 16:47 |
| nuclear_eclipse | for manage_user_delete.php, mantis never does anything but output just the page name | 16:47 |
| Draggor | So far I've had no issues with forum software, wikis, custom apps, etc, mantisbt is the first one I've had trouble with. The function is one of the helpers, let me look it up | 16:48 |
| Draggor | I mean SCRIPT_NAME will pull everything after the domain | 16:48 |
| nuclear_eclipse | right, but if you're overridding $g_path/$g_short_path, the SCRIPTNAME stuff is just ignored/overwritten | 16:49 |
| nuclear_eclipse | and like I said: for manage_user_delete.php, mantis never does anything but output just the | 16:49 |
| nuclear_eclipse | page name | 16:49 |
| nuclear_eclipse | it doesn't use a short or full path for that, so if you don't see `action="manage_user_delete.php"` in your form, then it more or less has to be something the reverse proxy is munging | 16:50 |
| Draggor | So, where in the code is it modifying $_SERVER['SCRIPT_NAME']? | 16:51 |
| nuclear_eclipse | it's not modifying it | 16:51 |
| Draggor | I'm afraid I don't quite follow how in this case my path and short path are being used then | 16:52 |
| nuclear_eclipse | in config_defaults_inc.php, the code reads that value to guess at what $g_path should be | 16:52 |
| nuclear_eclipse | well, in the case of that form, neither is being used at all | 16:52 |
| nuclear_eclipse | which is why I say that it must be your revzerse proxy munging that form target | 16:53 |
| Draggor | It's in the helper_ensure_confirmed function that I tried making a change and it appeared to work | 16:53 |
| nuclear_eclipse | oh, I see | 16:54 |
| nuclear_eclipse | it's when you're trying to submit the confirmation that it's breaking? | 16:54 |
| Draggor | Yes | 16:54 |
| nuclear_eclipse | gotcha | 16:54 |
| nuclear_eclipse | that's the disconnect we were missing | 16:55 |
| Draggor | as the action of that form is /www/tracker/manage_user_delete.php | 16:55 |
| Draggor | Yeah, sorry | 16:55 |
| nuclear_eclipse | np | 16:55 |
| nuclear_eclipse | let me stew on that | 16:55 |
| Draggor | A similar problem shows up where if you're logged in for a long while and you go to do an admin action, it requests that you re-verify your password | 16:55 |
| nuclear_eclipse | yeah, they both do a very similar action | 16:56 |
| Draggor | Everything else works fine as far as i can tell | 16:56 |
| nuclear_eclipse | in both of those cases, it most likely makes sense to just drop everything up to and including the last "/" from SCRIPT_PATH | 16:57 |
| nuclear_eclipse | SCRIPT_NAME rather | 16:57 |
| nuclear_eclipse | I can't think of any possible situation where a form action relative to itself wouldn't work | 16:58 |
| Draggor | I ended up doing this: | 16:58 |
| Draggor | $modpath = explode("/", $_SERVER['PHP_SELF']); | 16:58 |
| Draggor | echo '<form method="post" action="' . $modpath[count($modpath)-1] . "\">\n"; | 16:58 |
| Draggor | Granted, I'm not a php guy, heh | 16:58 |
| nuclear_eclipse | yeah, that's a simple method of what I was thinking | 16:59 |
| nuclear_eclipse | array_pop() is better in this case than $foo[count($foo)-1] | 16:59 |
| Draggor | Ah, cool | 17:00 |
| nuclear_eclipse | actually, even better overall would be basename($_SERVER[SCRIPT_NAME]) | 17:00 |
| Draggor | lemme try it | 17:01 |
| nuclear_eclipse | or basename($_SERVER[PHP_SELF]) | 17:02 |
| Draggor | Yep works fine | 17:03 |
| Draggor | Now to just find those other instances | 17:05 |
| daryn | nuclear_eclipse, any look at filters yet? :) | 17:05 |
| nuclear_eclipse | afaik, it should just be helper_ensure_confirmed and auth_reauthenticate | 17:06 |
| Draggor | I believe line 677 in authentication_api.php | 17:06 |
| Draggor | yeah | 17:06 |
| nuclear_eclipse | hmm, `ack _SERVER` shows quite a ew other questionable uses... | 17:08 |
| nuclear_eclipse | hi daryn | 17:08 |
| nuclear_eclipse | not yet | 17:08 |
| Draggor | Yeah I saw that too | 17:11 |
| Draggor | would a blanket replace of that work? | 17:20 |
| nuclear_eclipse | Draggor: I'm looking to replace them with a function that'll centralize that logic | 17:21 |
| Draggor | Cool, cool | 17:24 |
| nuclear_eclipse | Draggor: do you have abug opened on mantisbt.org? | 17:26 |
| nuclear_eclipse | hi paulr_ | 17:35 |
| * paulr_ sighs | 17:36 | |
| paulr_ | i mean, hi | 17:36 |
| paulr_ | ;( | 17:36 |
| kirillka | paulr_: hi | 17:56 |
| kirillka | paulr_: mantisforge not sync with mantisbt again? | 17:57 |
| slestak | nuclear_eclipse: did the curl thing. got al error that a parm is missing. tried appending &id=4 to teh end as well to choose a particular repo | 17:59 |
| slestak | going into a meeting, bbl | 17:59 |
| nuclear_eclipse | Draggor: can you test and verify that these two patches fix the issue for you? | 18:11 |
| nuclear_eclipse | Draggor: http://mantis.pastebin.com/SNi0kH61 and http://mantis.pastebin.com/y9k3FsCS | 18:11 |
| Draggor | nuclear_eclipse: So I'm new at this stuff, how do I actually apply those patches? | 18:18 |
| Draggor | patch -p0 < patch_file in the main mantisbt dir? | 18:22 |
| nuclear_eclipse | Draggor: if you're using git, you can do `git am filename`, otherwise use `patch -p1 < filename` | 18:26 |
| paulr_ | nuclear_eclipse: php_Self is broken in some builds of php btw | 18:35 |
| paulr_ | I vaguely recall us adding a function at one point to return current filename without using that | 18:36 |
| paulr_ | i.e. iirc, that was why we used $_SERVER['SCRIPT_NAME'] | 18:36 |
| nuclear_eclipse | well, considering that we require PHP 5.1+, I'm pretty sure there aren't any broken PHP_SELF anymore | 18:37 |
| nuclear_eclipse | besides, SCRIPT_NAME breaks quite badly if your server is doing any sort of URL rewriting | 18:40 |
| Draggor | I proved that one! | 18:43 |
| nuclear_eclipse | Draggor: your issue is somewhat unrelated to that though :P | 18:44 |
| Draggor | Shhh! | 18:45 |
| nuclear_eclipse | if your apache rewrites /foo/* to /bar/*, SCRIPT_NAME shows /bar/*, but PHP_SELF and REQUEST_URI show /foo/* | 18:45 |
| nuclear_eclipse | well, assuming your rewrite doesn't generate a 302 header | 18:46 |
| nuclear_eclipse | Draggor: any result on testing those patches? | 18:50 |
| paulr_ | nuclear_eclipse: it was in a 5.1 or 5.2 release it was broken :P | 18:50 |
| nuclear_eclipse | paulr_: meh | 18:52 |
| nuclear_eclipse | seriously though, SCRIPT_NAME is not something to use for URL detection | 18:52 |
| paulr_ | yea | 18:52 |
| nuclear_eclipse | REQUEST_URI would be better than SCRIPT_NAME | 18:52 |
| paulr_ | it's fixed now | 18:53 |
| paulr_ | but was reported as broken in 5.2.4 | 18:53 |
| nuclear_eclipse | I'd imagine not many people are running 5.2.4 anymore, and ever if they are, it's their fault if mantis breaks because they're 8 minor versions behind | 18:53 |
| paulr_ | Version 5.3.0 | 18:54 |
| paulr_ | 30-June-2009 | 18:54 |
| paulr_ | I mean | 18:54 |
| paulr_ | 5.3 was june 2009 | 18:54 |
| nuclear_eclipse | sorry, 9 minor versions bihend... | 18:54 |
| paulr_ | :) | 18:54 |
| paulr_ | again the problem is distributions | 18:55 |
| paulr_ | :) | 18:55 |
| paulr_ | i mean, on windows, you either a) install from php.net b) install from MS's web installer | 18:55 |
| nuclear_eclipse | I can't imagine any proper distro wouldn't have a security/bugfix for that in place by now | 18:55 |
| paulr_ | and i'm pretty sure both are fairly current :P | 18:55 |
| nuclear_eclipse | and once again, it's their fault if mantis breaks because they're 8 minor versions behind | 18:55 |
| paulr_ | I think we should commit to support php versions <2 years old | 18:56 |
| paulr_ | and at that point, bb | 18:56 |
| nuclear_eclipse | our webapp shouldn't be tiptoeing around bugs in PHP that have been fixed for years | 18:56 |
| paulr_ | i.e. we test/support php up to 1 year old | 18:56 |
| paulr_ | once stuff drops off | 18:56 |
| paulr_ | we'll support mantis | 18:56 |
| paulr_ | but may ask users to run a newer php | 18:56 |
| paulr_ | if we can't repro | 18:56 |
| nuclear_eclipse | it's one thing if it's a feature of PHP that we have to work around, eg, changes to PHP functions, but it's completely different if it's a bug that's only found in one older revision | 18:57 |
| mantisbt_47401 | hi there | 19:25 |
| mantisbt_47401 | anybody has experience with Mantis email services? | 19:25 |
| moto-moi | mantisbt_47401: what do you mean by that? | 19:29 |
| mantisbt_47401 | I have some issues with sending emails with mantis | 19:30 |
| mantisbt_47401 | can you tell me what is cronjob? | 19:30 |
| moto-moi | it normaly doesn't use a cronjob to send emails, just an inline mail()-command | 19:39 |
| mantisbt_47401 | oh ok | 19:40 |
| mantisbt_47401 | in other words there is no use to use this in the config_inc.php | 19:40 |
| mantisbt_47401 | ? | 19:40 |
| moto-moi | well, there isn't one mailsetup, so to enable people with other kinds of mailsetups, eg an external mailmachine which wants a login, you can change the emailsettings in the configfile | 19:41 |
| mantisbt_47401 | ok | 19:44 |
| mantisbt_47401 | another question | 19:44 |
| mantisbt_47401 | whenever somebody creates a new issue I'd like to have certain people get notified (lets say mail list #1) | 19:45 |
| mantisbt_47401 | besides this it would be great if the user could notifiy other people not on the list#1 as well | 19:46 |
| mantisbt_47401 | is there an easy way to do this? | 19:46 |
| moto-moi | afaik not | 19:51 |
| moto-moi | the user doesn't deside which developer gets a notification | 19:51 |
| slestak | nuclear_eclipse: i tried curl http://mantis.commercecorp.com/plugin.php?page=Source/repo_import_latest.php&id=4 but the page returned says it is missing (id). Specifically "A required parameter to this page (id) was not found." | 19:54 |
| slestak | i pasted wrong one | 19:54 |
| slestak | I didnt use ampersand, I replaced with ? | 19:55 |
| mantisbt_47401 | ok. Can I fix somehow at least who should be on the list#1? (this requires no user interaction, and should be defined once) | 19:59 |
| slestak | where in the url is the id arg expected? | 19:59 |
| slestak | hrm, i see it is an ampersand, let me try a regular escape | 20:02 |
| slestak | i got it working with a regular escape .i.e. \&id=4 | 20:05 |
| Draggor | nuclear_eclipse: I return, so far so good on the patches | 20:20 |
| nuclear_eclipse | Draggor: thanks | 20:48 |
| CIA-24 | Mantisbt: jreese * r532b0501149d / (7 files in 2 dirs): Migrate from existing usages to form_action_self() | 20:49 |
| CIA-24 | Mantisbt: jreese * r00e60da3b589 /config_defaults_inc.php: Fix #12092: Detect SOAP API in url sniffing | 20:49 |
| CIA-24 | Mantisbt: jreese master-1.2.x * rc98310c19023 / (7 files in 2 dirs): Migrate from existing usages to form_action_self() | 20:49 |
| CIA-24 | Mantisbt: jreese master-1.2.x * r193f3be7bb79 /core/form_api.php: Added form_action_self() API function | 20:49 |
| CIA-24 | Mantisbt: jreese * r9d357c23fc62 /core/form_api.php: Added form_action_self() API function | 20:49 |
| CIA-24 | Mantisbt: jreese master-1.2.x * rcf7f557fbc48 /config_defaults_inc.php: Fix #12092: Detect SOAP API in url sniffing | 20:49 |
| paulr_ | <CIA-24> Mantisbt: jreese master-1.2.x * rcf7f557fbc48 /config_defaults_inc.php: Fix #12092: Detect SOAP API in url sniffing | 21:00 |
| paulr_ | dare I want to look at what that changes | 21:00 |
| Draggor | for integrating mantisbt and dokuwiki, do I just have to install theplugin in dokuwiki or do I need more than that? | 21:25 |
| kirillka | Draggor: For now this plugin not work, imho | 21:28 |
| kirillka | paulr_: can you fix sync 2 project? | 21:38 |
| dhx_m | boop | 22:07 |
| daryn | hi dhx_m | 22:10 |
| dhx_m | daryn: hi :) | 22:11 |
| daryn | i'm bugging people about looking at filters branch :) | 22:11 |
| dhx_m | the latest is on mforge? | 22:19 |
| daryn | well the latest until two minutes ago | 22:20 |
| daryn | i have a small bug fix to push | 22:20 |
| dhx_m | ok | 22:22 |
| daryn | dhx_mjust pushed it | 22:26 |
| dhx_m | thanks | 22:28 |
| dhx_m | will try and check it soon... just upgrading Postgres at the moment | 22:28 |
| daryn | cool, thx | 22:29 |
| paulr_ | dhx_m: moo | 22:52 |
| dhx_m | paulr_: hi :) | 22:52 |
| paulr_ | we need to talk | 22:52 |
| paulr_ | can we arrange a date? :) | 22:53 |
| dhx_m | more a time zone :) | 22:53 |
| paulr_ | yea so erm | 22:55 |
| paulr_ | your exams are done? | 22:55 |
| dhx_m | yep | 22:56 |
| dhx_m | have a bunch of significant changes to push soon (after I finish testing) | 22:56 |
Generated by irclog2html.py