Thursday, 2010-08-05

../irclogs/#mantishelp.2010-08-05.log
--- scribe started ---		00:00
dhx_m	pau:o	06:35
davidinc	hi	07:10
davidinc	mantis docbook doesn't support xml text file format because it use jw converter.	07:11
davidinc	it only convert .sgml file.	07:11
davidinc	it would be nice if mantis uses xsltproc converter in the Makefile	07:12
giallu	davidinc, I can be bribed to work on that ;)	07:33
dhx_m	giallu: I can't... it's documentation :p	07:45
CIA-25	Mantisbt: hickseydr * rbfc9e9fff9a5 /print_all_bug_page_word.php: Fix #12238: XSS in print_all_bug_page_word.php project/category names	08:02
CIA-25	Mantisbt: hickseydr master-1.2.x * r9fc1dd815411 /print_all_bug_page_word.php: Fix #12238: XSS in print_all_bug_page_word.php project/category names	08:03
Yisas	Hello	08:14
dhx_m	hi	08:14
Yisas	I am adding some echo debug messages in ldap_api.php	08:14
Yisas	how can I see them? what is the default stdout? I am currently using IIS	08:15
dhx_m	you may not see them	08:17
dhx_m	it's not quite as easy as throwing around debug echo statements	08:17
dhx_m	it'd be better to log messages to a file	08:17
dhx_m	or perhaps even die(message)	08:17
Yisas	yep	08:18
Yisas	I think using a file will be the best option	08:18
Yisas	thanks dhx!	08:18
dhx_m	afaik there is meant to be LDAP logging built in but I've never used it	08:18
CIA-25	Mantisbt: hickseydr master-1.2.x * r5709cc992eb6 /core/email_api.php: Fix #11852: Forgotton password feature prevents admin password reset	08:37
CIA-25	Mantisbt: hickseydr * r23b1d934f64f /core/email_api.php: Fix #11852: Forgotton password feature prevents admin password reset	08:38
samtuke	is there a way of making project news display at the top of each page, or at least the view issues page? or would I have to add that as a module/patch myself?	09:20
dhx_m	it sounds like something you'd add using a plugin	09:20
dhx_m	or within the header_include (you can specify a PHP file that gets included in the header of each page)	09:21
samtuke	dhx_m: hmm, the news feature is soon to be split off into a module, right? but currently its still part of the main release?	09:24
dhx_m	right, it's something we'd ideally split into a plugin	09:26
samtuke	dhx_m: Ideally I'd like to add a config option so that others can get news to appear on more pages, but if the feature is going to split off, there isn't much point on me working on the existing code it seems	09:27
dhx_m	if it is a bug fix I'd consider committing it	09:28
dhx_m	but adding new features/configuration options... not so sure	09:28
Yisas	Hello Again	09:28
Yisas	regarding the issue with the Active Directory connection	09:29
Yisas	I have found out that the following line $t_br = @ldap_bind( $t_ds, $p_binddn, $p_password );	09:29
samtuke	dhx_m: so I should just modify my header_include instead then?	09:29
Yisas	of the ldap_connect_bind function (ldap_api.php ) does not return anything	09:30
Yisas	is it possible to obtain more information	09:30
dhx_m	samtuke: yes	09:30
dhx_m	remove the ampersand to see any errors that function is causing	09:31
samtuke	dhx_m: you're support in this room is a great feature of the mantisbt project, IMO. Thanks for your help :)	09:32
Yisas	I mean the function that return nothing is the ldap_bind not ldap_connect_bind	09:32
dhx_m	samtuke: np, let me know if you need any more help	09:33
Yisas	I am checking the variable $t_br but it´s empty	09:33
dhx_m	Yisas: @ldap_bind will suppress error messages that would normally be raised by ldap_bind	09:34
paulr	morning	09:34
dhx_m	paulr: hi	09:34
Yisas	and where is teh ldap_bin function located, so I could add more trace messages?	09:35
dhx_m	<Yisas> I have found out that the following line $t_br = @ldap_bind( $t_ds, $p_binddn, $p_password );	09:35
dhx_m	just remove the @	09:35
Yisas	what does the @ mean?	09:37
dhx_m	suppress errors raised from the function	09:38
dhx_m	ie. ignore them, do nothing	09:38
Yisas	ok... great	09:39
Yisas	thanks for the hint	09:39
Yisas	now I get invalid credentials	09:39
dhx_m	:)	09:40
Yisas	the password has to be codified in any special way?	09:41
Yisas	such as CN= ??? I dont know ... what would be the problem, as everything seems to be fine	09:42
Yisas	the user name CN has accents, do you think it may cause problems in the logon proces?	09:45
Yisas	GREAT!	09:55
Yisas	IT's WORKING!	09:55
Yisas	It was a problem related with the accents!	09:56
Yisas	DHX THANKS!	10:00
dhx_m	ah	10:01
dhx_m	:)	10:01
Yisas	g_logo_image is it working on 1.1.8 version?	10:47
* paulr_ pokes nuclear_eclipse and dhx_m		11:11
CIA-25	Mantisbt: paul * rea729d74b9e4 /javascript/min/ (15 files in 3 dirs): Remove pre-compiled jscript files - a compile.php can be used to compile these as part of build process using the google closure compiler from http://code.google.com/closure/compiler/	11:14
CIA-25	Mantisbt: paul * r0cad50d74a7e / (16 files in 4 dirs): Merge branch 'master' of mantisbt.org:mantisbt	11:14
CIA-25	Mantisbt: paul * rcc87385166f6 /javascript/dev/ (jquery-1.4.2.js jquery-ui-1.8.2.js jquery-ui.js jquery.js): Don't use symlinks in git repo's - not all OS's support them e.g. windows.	11:14
paulr_	hmm	11:14
paulr_	whats with paul * r0cad50d74a7e / (16 files in 4 dirs): Merge branch 'master' of mantisbt.org:mantisbt	11:15
nuclear_eclipse	hi paulr_	11:46
nuclear_eclipse	paulr_: if you made any local commits before doing a `git pull`, it merges by default unless you specify `git pull --rebase`	11:46
paulr_	dunno	11:46
paulr_	:@)	11:47
paulr_	dhx has gone quiet :)	11:47
nuclear_eclipse	probably eating dinner or something :P	11:50
dhx_m	busy unbreaking your commits :p	11:52
paulr_	wtf?	11:52
paulr_	they shouldn't break anything	11:52
paulr_	dhx_m: how in install.php do we want to generate a random string for crypto_master_salt?	11:53
dhx_m	this.previousComment.sarcasm = true;	11:53
dhx_m	paulr_: /dev/urandom if available, otherwise get the user to select it themselves?	11:53
paulr_	if(( $salt = crypto_generate_random_string(64, true)) === null) {	11:54
paulr_	$salt = base64_encode(m_rand()) ;	11:54
paulr_	}	11:54
paulr_	something like that maybe?	11:54
dhx_m	whooa no	11:54
dhx_m	we have functions for this :)	11:54
dhx_m	crypto_api.php	11:54
paulr_	yea	11:55
paulr_	which is the last param isn't true	11:55
paulr_	requires crypto_master_salt to be set	11:55
paulr_	which i want a way to generate :P	11:55
paulr_	other option is we ask user to type in a random string	11:55
paulr_	atabase connection failed. Error received from database was #1045: Access denied for user 'root'@'localhost' (using password: NO).	11:57
dhx_m	oh yeah heh	11:57
paulr_	interestingly	11:57
paulr_	i'd like to know why installers not set my db pass ;/	11:57
paulr_	when did footer change?	11:58
dhx_m	IMO just look for /dev/urandom and get some random bytes, try openssl_get_pseudorandom_bytes() or ask the user to do some random stuff	11:58
dhx_m	a few months ago	11:58
paulr_	why?	11:58
dhx_m	nuclear_eclipse: Secunia got back to me, your fix was the same one they found :)	11:58
paulr_	echo "\t<address id=\"mantisbt-copyright\">Powered by <a href=\"http://www.mantisbt.org\" title=\"Mantis Bug Tracker: a free and open source web based bug tracking system.\">Mantis Bug Tracker</a> (MantisBT)$t_version_suffix. Copyright ©$t_copyright_years MantisBT contributors. Licensed under the terms of the <a href=\"http://www.gnu.org/licenses/old-licenses/gpl-2.0.html\" title=\"GNU General Public License (GPL) ve	11:58
paulr_	622	11:58
paulr_	i'm specifically talking that	11:59
nuclear_eclipse	dhx_m: great :)	11:59
dhx_m	nuclear_eclipse: although I think they may be pushing their advisory release sooner now that we've fixed it	11:59
nuclear_eclipse	I thought they said august 17th?	11:59
dhx_m	perhaps that is what they meant be "shortly" then	12:00
nuclear_eclipse	"A preliminary disclosure date of August 17, 2010 has been set, where	12:00
nuclear_eclipse	the	12:00
nuclear_eclipse	details will be publicly disclosed. However, we are naturally prepared	12:00
nuclear_eclipse	to postpone the disclosure date if you need more time to address the	12:00
nuclear_eclipse	vulnerability.	12:00
dhx_m	paulr_: a problem? :)	12:01
paulr_	Powered by Mantis Bug Tracker (MantisBT). Copyright � MantisBT contributors. Licensed under the terms of the GNU General Public License (GPL) version 2 or a later version	12:02
paulr_	sure	12:02
paulr_	:)	12:02
paulr_	it wraps	12:02
paulr_	also seeing the words 'gpl' reminds me i'm starting to hate gpl	12:02
nuclear_eclipse	yay	12:02
paulr_	makes we want to email all contributors asking them to transfer their copyright to me	12:02
nuclear_eclipse	I'm not the only one :P	12:02
paulr_	dhx_m: so why we do feel the need to have a 3000 word footer? :)	12:03
dhx_m	I'm all for dropping that copyright statement	12:08
dhx_m	the only reason I put it there is because we always had it :)	12:08
paulr_	mm	12:09
paulr_	on bug_report page	12:09
paulr_	should the javascript be collapsible?	12:09
dhx_m	?	12:10
paulr_	Select Profile	12:11
paulr_	Or Fill In	12:11
paulr_	Platform	12:11
paulr_	OS	12:11
paulr_	OS Version	12:11
paulr_	Or Fill In	12:11
paulr_	I get that with a box that looks like it collapses	12:12
paulr_	a) it does't	12:12
paulr_	b) there's nothing under the 2nd 'or fill in'	12:12
dhx_m	nuclear_eclipse: here's a fun one for you...	12:15
dhx_m	if ( $t_prefix === 'UNUSED' ) {	12:15
dhx_m	echo $t_prefix;	12:15
dhx_m	I'm getting a result of "0" from that	12:16
dhx_m	go PHP 5.3.3!	12:16
paulr_	really?	12:16
dhx_m	perhaps it's a caching issue, let me see	12:16
nuclear_eclipse	gotta head to work now	12:16
nuclear_eclipse	cheers guys	12:17
dhx_m	cya later	12:17
dhx_m	paulr_: that box is ugly	12:17
paulr_	?	12:17
paulr_	box?	12:17
dhx_m	paulr_: the profile box	12:17
dhx_m	paulr_: feel free to cut it to pieces :)	12:17
dhx_m	("0" == 'unused') is true for me... great	12:30
paulr_	in php5.3.3 ?	12:30
dhx_m	right	12:30
paulr_	eval that on the cmdline	12:30
dhx_m	php > var_dump("0"=="UNUSED");	12:31
dhx_m	bool(false)	12:31
dhx_m	works there... perhaps it's an FPM/APC bug	12:32
paulr_	what apc version?	12:32
dhx_m	3.1.3p1	12:32
paulr_	try their svn trunk version	12:34
dhx_m	APC disabled, same result	12:35
paulr_	this on mantis code ?	12:35
paulr_	or are you saying var_dump("0"=="UNUSED"); in its own file does it in a browser?	12:35
dhx_m	I'll check	12:35
dhx_m	false there	12:37
dhx_m	it's happening inside a for each loop	12:37
dhx_m	here you go:	12:38
dhx_m	$t_prefix_array = array();	12:38
dhx_m	for ( $i = 0; $i <= 9; $i++ ) {	12:38
dhx_m	$t_prefix_array["$i"] = "$i";	12:38
dhx_m	}	12:38
dhx_m	foreach ( $t_prefix_array as $t_prefix => $t_caption ) {	12:38
dhx_m	var_dump($t_prefix == 'UNUSED');	12:38
dhx_m	}	12:38
paulr_	that returns true,falseX9 for me right?	12:39
dhx_m	yep	12:39
dhx_m	notice the error?	12:39
dhx_m	$t_prefix is an "int" each time btw	12:40
dhx_m	int(0) bool(true) int(1) bool(false) int(2) bool(false) int(3) bool(false) int(4) bool(false) int(5) bool(false) int(6) bool(false) int(7) bool(false) int(8) bool(false) int(9) bool(false)	12:40
dhx_m	that's var_dump($t_prefix); var_dump($t_prefix == 'UNUSED');	12:41
dhx_m	=== is also no help	12:41
paulr_	it's always returned that value	12:41
paulr_	even in 5.2.4	12:41
dhx_m	hmmm?	12:41
paulr_	HP 5.2.4-2ubuntu5.10 with Suhosin-Patch 0.9.6.2 (cli) (built: Jan 6 2010 21:59:29)	12:42
dhx_m	outside the loop "0" == 'UNUSED' is false	12:42
paulr_	php foo.php	12:42
paulr_	bool(true)	12:42
paulr_	bool(false)	12:42
paulr_	bool(false)	12:42
paulr_	bool(false)	12:42
dhx_m	I'm not using Suhosin btw	12:42
paulr_	nod	12:42
paulr_	inside the loop	12:45
paulr_	your comparing	12:45
paulr_	(int)0 == (string)'UNUSED'	12:45
paulr_	which is defined as true	12:45
paulr_	outside the loop	12:45
paulr_	your comparing	12:45
paulr_	(string)"0" == (stirng)'UNUSED'	12:46
dhx_m	yep	12:46
paulr_	and (int)0 == (string)'UNUSED' is defined as true	12:46
dhx_m	so "UNUSED" is an internal string constant only used inside loops?	12:46
paulr_	no	12:47
paulr_	0 == "STRING" is true	12:47
paulr_	0 = "foobar" is true	12:47
paulr_	0 == "foobar" is true even	12:47
dhx_m	why is "0" == "STRING" true	12:48
paulr_	because http://www.php.net/manual/en/types.comparisons.php says it is!	12:49
paulr_	The way PHP handles comparisons when multiple types are concerned is quite confusing.	12:50
paulr_	For example:	12:50
paulr_	"php" == 0	12:50
paulr_	This is true, because the string is casted interally to an integer. Any string (that does not start with a number), when casted to an integer, will be 0.	12:50
paulr_	from a user comment btw :)	12:50
paulr_	just use === :P	12:50
paulr_	and cast the int's to a string first :P	12:50
paulr_	my plan is to have lunch, read a bit thenbreak stuff :)	12:52
dhx_m	I knew '0' == 0 == "0" == '' and so forth	12:59
dhx_m	I guess PHP was converting string "0" to int 0 in the foreach statement	13:06
dhx_m	thus causing the int 0 == string "0" check	13:06
dhx_m	;/	13:07
nuclear_eclipse	dhx_m: http://us2.php.net/manual/en/types.comparisons.php	13:14
paulr_	slow ;)	13:14
nuclear_eclipse	sorry, just got to work, haven't fully gone throguh the backlog	13:15
dhx_m	the actual problem wasn't that	13:15
dhx_m	it was my prefix_filters array containing string keys	13:15
dhx_m	and the foreach loop converting the key "0" (a string) into an integer 0	13:16
dhx_m	or something like that	13:16
dhx_m	it's quite funny seeing a huge table trying to tell people whether 0 is equal to 1 :p	13:16
nuclear_eclipse	type coercion is both useful and painful	13:16
dhx_m	paulr_: error: git checkout-index: unable to create symlink javascript/dev/jquery-ui.js (File name too long)	13:34
dhx_m	you broke it? :p	13:34
paulr_	no	13:48
paulr_	that file doesn't exist anymore	13:48
dhx_m	hmm?	13:48
CIA-25	Mantisbt: hickseydr * ra4e6b210fcae /manage_user_page.php: Fix #11930: Fix unused/new prefix filters on manage users page	13:48
dhx_m	see my latest commit	13:48
CIA-25	Mantisbt: hickseydr * r24e117c53b81 /javascript/dev/ (jquery-ui.js jquery.js): Fix type of jQuery files from symlink to file	13:48
CIA-25	Mantisbt: hickseydr master-1.2.x * r94aaca8058b5 /manage_user_page.php: Fix #11930: Fix unused/new prefix filters on manage users page	13:48
paulr_	windows doesn't support symlinks	13:48
dhx_m	yes but the replacement files you put on top of the symlinks	13:49
dhx_m	were still being treated as symlinks by git	13:49
paulr_	heh	13:49
dhx_m	as the type hadn't changed	13:49
dhx_m	must be a Windows/git thing	13:49
paulr_	worked fine in windows :P	13:49
paulr_	and that's not the dev version of jquery	13:49
* paulr_ sighs		13:49
dhx_m	nope	13:51
paulr_	it should be ;p	13:51
dhx_m	I'd rather use their minified version that one we compress ourselves	13:51
paulr_	we'd compress their minified version anyway..	13:51
paulr_	this was why we said about using the same compressor	13:51
paulr_	;p	13:51
dhx_m	no point ;)	13:51
paulr_	the point is that if your using the /dev jscript	13:52
paulr_	you should be able to debug issues	13:52
dhx_m	hmm ok I was just wanting to keep the same hash as upstream for those files	13:52
paulr_	I dont really want to get into the case of having to compress some files but not others	13:52
dhx_m	that way we can be sure that our compressor hasn't introduced bugs that don't occur in the official distribution	13:53
paulr_	if we hit issues, we can always change	13:53
paulr_	but in theory as we using same compressor	13:53
nuclear_eclipse	why are we even trying to use our own compressor?	13:54
nuclear_eclipse	that just seems like added complexity for no reason	13:54
paulr_	such that all jscript is compressed	13:54
paulr_	why do people compress javascript :)	13:55
nuclear_eclipse	if a developer really needs to debug into jQuery, they can get their own copy of it....	13:55
nuclear_eclipse	granted, I'd be perfectly fine only ever having the full jQuery included with mantis, and if people really need to save space, they can get the compressed version themselves...	13:56
nuclear_eclipse	but I don't think we should be trying to keep multiple versions of our scripts around, or adding build steps to compress things, that's just a waste of time and effort that could be better spent on a lot of other things in mantis	13:56
paulr_	we had the discussion a couple of weeks back now about compressing jscript	13:57
paulr_	when I wrote script	13:57
nuclear_eclipse	paulr_: you need to start having these decisions on the developer mailing list where everyone can join in, not just one or two people from IRC	13:57
paulr_	iirc, the same time you made the comment about integrity stuff in /check	13:58
paulr_	and whether it's waste of time building those files	13:58
paulr_	so dhx has code to check integrity	13:58
paulr_	I made script to build files for said code	13:58
nuclear_eclipse	what does that have to do with compressing javascript files?!	13:58
paulr_	we've had minified/dev versions of javascript files for ages	13:59
paulr_	the only thing i've done	13:59
paulr_	is removed the minified versions and written a script to rebuild them	13:59
paulr_	and instead of using yahoo's compressor, used google's one (such that it's the same one as jquery uses)	13:59
nuclear_eclipse	yes, and I never liked that because a) it's just extra copies of the same thing, and b) I don't even know how you can select between them, so it's worthless IMO	13:59
paulr_	there's a config variable of minimal_jscss	14:00
paulr_	which i'd like to dump	14:00
paulr_	for debug/production mode	14:00
nuclear_eclipse	just leave the uncompressed versions and be done with it; no scripts or anything	14:00
paulr_	there's no reason not to compress them	14:01
paulr_	it's no more work	14:01
nuclear_eclipse	yes it is	14:01
paulr_	wow 2 seconds of computer time	14:01
paulr_	:)	14:01
nuclear_eclipse	no	14:01
paulr_	yes	14:01
nuclear_eclipse	it means a bigger toolchain	14:01
paulr_	sure	14:02
paulr_	which I've already got setup	14:02
nuclear_eclipse	a bigger toolchain, and more things that have changed between development and release	14:02
nuclear_eclipse	I don't care what you have set up, youdon't build any of our relesase	14:02
paulr_	i'm happy to build releases if it's too much work	14:03
paulr_	that's a crap comment :)	14:03
nuclear_eclipse	paulr_: you're not getting my point	14:03
paulr_	I do however	14:03
paulr_	take the point that having minified jscript could potentially add a bug if there's a bug in the minifier	14:03
nuclear_eclipse	when I make a release, I don't want to have to do a bunch of testing just to make sure that the minifier didn't bork the javascript that worked in my dev environment	14:04
paulr_	well, I personally think we should minify the javascript	14:05
paulr_	and that was the suggestion of how not to have two copies of the files	14:05
nuclear_eclipse	I don't really care whether we keep a full or minified version in our repo, but I don't want minifying script to be part of the build process	14:05
paulr_	maybe i'll see if I can tweak it such that	14:05
paulr_	the build process does a git commit if the dev versions change	14:06
paulr_	and by default the code always uses the minified version	14:06
nuclear_eclipse	what?	14:06
paulr_	i.e. if someone updates jscript/dev	14:06
paulr_	automatically regenerate jscript/min files and commit back to git	14:06
nuclear_eclipse	even if we use a minified version in our repo, why would we need to keep a full version around? how often do we ever need to debug inside of jQuery? it's pointless	14:06
nuclear_eclipse	paulr_: no, that's just being complex	14:07
paulr_	it's not just jquery	14:07
paulr_	http://git.mantisbt.org/?p=mantisbt.git;a=blob;f=javascript/dev/ajax.js;h=01f824109916e0e158f3926f1bfa84c1bf425a2e;hb=HEAD	14:07
paulr_	it's more for files like that	14:07
paulr_	and jscalendar	14:07
paulr_	etc	14:07
dhx_m	"the build process does a git commit if the dev versions change"... bad idea	14:08
nuclear_eclipse	paulr_: SIMPLE	14:08
nuclear_eclipse	KEEP IT SIMPLE	14:08
dhx_m	I much prefer just minifying the files in the build script before putting them in the tarball	14:08
paulr_	this was supposed to be simple	14:08
paulr_	atm we had 2 copies of the javascript	14:08
dhx_m	it sounds simple to me :)	14:08
paulr_	dhx/myself were trying to reduce it to ONE	14:09
nuclear_eclipse	I don't see why it's such a big deal to just pick one and only ever have that...	14:09
giallu	boy	14:09
dhx_m	yeah I agree actually	14:09
nuclear_eclipse	trying to switch between multiple copies or compressing during build script is just a pain in the ass	14:09
giallu	are we compressing jquery stuff ourselves?	14:09
dhx_m	pick upstream's file	14:09
nuclear_eclipse	hi giallu	14:09
* giallu sighs		14:09
dhx_m	as we're only going to be using jQuery in the future anyway :)	14:10
dhx_m	it does everything	14:10
dhx_m	giallu: nope :)	14:10
dhx_m	we hardly need to compress our own scripts because they're small	14:10
dhx_m	that is why web servers support gzipped output :)	14:11
nuclear_eclipse	dhx_m: exactly!	14:11
istvanb	hi there	14:23
istvanb	quick question: how can I disable the clone button? (I can not found the word "clone" in the config defaults.inc)	14:24
nuclear_eclipse	istvanb: I don't think that's configurable	14:25
istvanb	oh, ok	14:26
istvanb	thanks man!	14:27
nuclear_eclipse	you're welcome	14:28
istvanb	I am not sure if this is the right place, but issue 0012099 can be closed	14:30
nuclear_eclipse	foobot: bug 12099	14:30
foobot	Bug 12099 - istvanb - open - new	14:30
istvanb	as well as 0012142	14:30
foobot	Can not send mail thru smtp.gmail.com - http://www.mantisbt.org/bugs/view.php?id=12099	14:30
nuclear_eclipse	foobot: bug 12142	14:31
foobot	Bug 12142 - istvanb - open - new	14:31
foobot	Removing the Assigned to field from the Report Issue page - http://www.mantisbt.org/bugs/view.php?id=12142	14:31
alexsander	I'm trying 1.2.2 and I think the phpmailer has a bug	14:40
alexsander	phpmailer does not validate emails like user@box that are valid if the mail() is used	14:41
nuclear_eclipse	alexsander: iirc this is a bug that was traced into core PHP?	14:42
paulr_	nuclear_eclipse: whats the lgpl allow you to do/not do?	14:43
alexsander	nuclear_eclipse, http://bugs.php.net/bug.php?id=49576 <--- I do not agree with Rasmus' fix	14:44
alexsander	the RFC states "local aliases MUST NOT appear in any SMTP transaction" but when mail() method is used they should be OK	14:45
nuclear_eclipse	lgpl allows you to use code however you like, but if you distribute a modified version of the code, you have to release those changes	14:45
paulr_	nuclear_eclipse: so similar to mit etc ?	14:45
nuclear_eclipse	no	14:45
nuclear_eclipse	MIT doesn't require you to release any source code at all	14:45
paulr_	lets do this a quicker way	14:45
paulr_	do I hate lgpl?	14:45
nuclear_eclipse	not as much as GPL	14:45
paulr_	ok	14:45
alexsander	is there a #phpmailer channel?	14:46
paulr_	alexsander: what mail is not actually sending?	14:46
nuclear_eclipse	alexsander: not that I know of, I think it's maintained by a company	14:47
alexsander	paulr_, for user@box addresses	14:47
paulr_	alexsander: as that reads like rasmus is gonna fix the regex in php, but some of the examples in the framework described are not	14:47
paulr_	in fact	14:47
paulr_	why not just change the phpmailer method	14:47
paulr_	and be done with it?	14:47
alexsander	paulr_, I'm using mail() and local addresses	14:47
paulr_	nuclear_eclipse: right, gonna break/fix this jscript mess in some fashion in a bit	14:48
paulr_	going to read for an hour first	14:48
paulr_	alexsander	14:48
alexsander	paulr_, if I change the method the local addresses will be, according with the RFC, invalid	14:48
paulr_	alexsander: so no smtp server in loop?	14:48
alexsander	paulr_, no	14:48
paulr_	what address do you think should work, but rasmus says is invalid?	14:49
alexsander	paulr_, I think phpmailer should not validate for mail() method -- or at least, it should use a more flexible validator	14:49
alexsander	paulr_, the user@box (or test@test for that matter)	14:49
paulr_	[2010-04-02 17:57 UTC] rasmus@php.net	14:53
paulr_	A much better RFC-compliant regex has been committed now.	14:53
paulr_	and have you seen/proved that his better regex doesn't work?	14:53
alexsander	paulr_, the problem is: the RFC talk about SMTP	14:53
alexsander	test@test is, indeed, invalid for SMTP	14:54
alexsander	but phpmailer also uses the mail() method -- it should NOT use the standard REGEX for that method	14:54
alexsander	the RFC states "local aliases MUST NOT appear in any SMTP transaction"	14:55
alexsander	http://tools.ietf.org/html/rfc5321#section-2.3.5	14:55
paulr_	and let me guess	14:56
nuclear_eclipse	alexsander: don't you have sendmail on the box that you could use instead of mail()?	14:56
paulr_	mail() calls FILTER_VALIDATE_EMAIL ?	14:56
alexsander	paulr_, no but phpmailer calls	14:57
paulr_	yea, I see now	14:57
nuclear_eclipse	alexsander: I would report that to the upstream bugtracker for phpmailer	14:57
nuclear_eclipse	and then just comment out the call in your local install	14:57
paulr_	right i'm gonna email person who wrote the jscalendar we are using	15:01
paulr_	and try and work out how he licenses he's 'new' version	15:01
paulr_	(as it supports timestamp thing that jquery's one doesnt)	15:01
paulr_	Licensing quote:	15:02
paulr_	"The new calendar isn't exactly free. There was a lot of demand for a commercial version and I believe this new product it's worth the price. It includes code from various other products of Dynarch.com, such as the DynarchLIB AJAX Toolkit, which aren't free softwar"	15:02
paulr_	"The version you can download from here is fully functional, but the source code is minified and mangled (using the YUI compressor). If you want the full source code, please purchase a license."	15:02
paulr_	"Feel free to use the version distributed here for non-commercial purposes, i.e. on your personal blog, on a charity or educational website, in your free software, etc."	15:02
paulr_	since that was written however, DynarchLIB is now bsd licensed apparently	15:02
alexsander	nuclear_eclipse, paulr_ : https://sourceforge.net/tracker/?func=detail&aid=3040090&group_id=26031&atid=385707	15:10
alexsander	the bug report	15:10
alexsander	nuclear_eclipse, it's done! changed line 525 of library/phpmailer/class.phpmailer.php	15:34
alexsander	if(this-Mailer != 'mail' && filter_var($address, FILTER_VALIDATE_EMAIL) === FALSE) {	15:36
alexsander	ok, I managed to upgrade from 1.1.8	15:57
alexsander	how do I fix the admin/check that says all my "table collations" are latin1 ?	15:58
Shakra	I don't know if it's the right way to do it, but I took my backup of the mantis database, changed all the charsets to utf8 in the table creates in the backup and then restored the database... worked for me ;)	16:03
yapt	Hello to all..... I would like how to upgrade to version 1.2.2 from 1.2.1.	16:05
yapt	I mean.... I am sure I must to maintain some files untouch.... But what files ?	16:06
nuclear_eclipse	yapt: there's a file in the release named doc/INSTALL which has that information	16:06
yapt	Oppppssss.... :-(	16:06
yapt	Sorry.... I am going to read it.... Sorry again.	16:06
nuclear_eclipse	np	16:07
yapt	I have upload Mantis 1.2.2 to the web server, unzipped it and check: mantisbt-1.2.2/admin/check.php But a red box at the right is showed with the word: 'BAD' It seems bad, doesn't it ?	16:14
yapt	After the 'check' I have executed install.php and all boxes are green.....	16:21
nuclear_eclipse	yapt: assuming 1.2.1 was working just fine, then 1.2.2 should work fine too	16:22
yapt	Ok... but I have a question. If I had mantis 1.2.1 on this directory: /www/mantis and I unzipped the new 1.2.2 on this directory: /www/mantis122 After the upgrade (executing install.php) what would be the directory in production ?	16:23
yapt	Perhaps I must to copy now my ../mantis122/* to ../mantis/ to get it on the same folder....	16:26
Github	mantisbt: master David Hicks * bfc9e9f (1 files in 1 dirs): Fix #12238: XSS in print_all_bug_page_word.php project/category names ...	16:30
Github	mantisbt: master David Hicks * 23b1d93 (1 files in 1 dirs): Fix #11852: Forgotton password feature prevents admin password reset ...	16:30
Github	mantisbt: master Paul * 0cad50d (14 files in 4 dirs): Merge branch 'master' of mantisbt.org:mantisbt	16:30
Github	mantisbt: master David Hicks * 24e117c (2 files in 1 dirs): Fix type of jQuery files from symlink to file ...	16:30
Github	mantisbt: master David Hicks * a4e6b21 (1 files in 1 dirs): Fix #11930: Fix unused/new prefix filters on manage users page ...	16:30
yapt	\part	16:42
paulr_	.	16:58
--- scribe started ---		17:17
paulr_	http://blogs.msdn.com/b/sqlphp/archive/2010/08/04/microsoft-drivers-for-php-for-sql-server-2-0-released.aspx	17:45
nuclear_eclipse	so... they're bragging that they've finally produced what all the other database types have had for years?	17:48
nuclear_eclipse	why is mssql the only mainstream database that hasn't been able to decide on any given driver implementation for more than a year or so before finding something new to say is the "standard"?	17:49
nuclear_eclipse	</hyperbole>	17:49
nuclear_eclipse	*angry hyperbole	17:50
paulr_	shh	17:52
paulr_	;)	17:52
paulr_	it means I might now be able to do db laye	17:52
* alexsander added notes here --> http://www.mantisbt.org/bugs/view.php?id=12216		18:11
alexsander	nuclear_eclipse, I added a patch to http://www.mantisbt.org/bugs/view.php?id=12216	19:30
alexsander	doing what you suggested	19:30
paulr_	alexsander: is the issue that php denies foo@localhost as a email address now?	19:36
alexsander	paulr_, yes	19:38
alexsander	paulr_, I edited "class.phpmailer.php" to check if the method is mail() in order to validate	19:38
paulr_	so you can't email paul@com anymore I assume?	19:42
alexsander	paulr_, with the vanilla installation, you can't	19:42
paulr_	alexsander: you are on 5.3.3 right?	20:20
alexsander	nope	20:21
alexsander	paulr_, I'm on 5.2.14	20:21
paulr_	so <?php mail('foo@localhost'); doesn't work since what version?	20:21
paulr_	@ alexsander	20:22
foobot	paulr_: Error: "alexsander" is not a valid command.	20:22
alexsander	paulr_, it does work -- but phpmail do not	20:23
nuclear_eclipse	foobot: set reply.whenNotCommand False	20:24
foobot	nuclear_eclipse: Error: "set" is not a valid command.	20:24
nuclear_eclipse	foobot: config reply.whenNotCommand False	20:24
foobot	nuclear_eclipse: Error: You don't have the owner capability. If you think that you should have this capability, be sure that you are identified before trying again. The 'whoami' command can tell you if you're identified.	20:24
alexsander	paulr_, phpmailer has a ValidateAddress function that checks if an address is valid BEFORE even try to send the email -- and it uses the PHP's FILTER_VALIDATE_EMAIL regex	20:24
paulr_	yea	20:24
paulr_	foobot: help	20:25
foobot	paulr_: (help [<plugin>] [<command>]) -- This command gives a useful description of what <command> does. <plugin> is only necessary if the command is in more than one plugin.	20:25
paulr_	foobot: help list	20:25
foobot	paulr_: (list [--private] [<plugin>]) -- Lists the commands available in the given plugin. If no plugin is given, lists the public plugins available. If --private is given, lists the private plugins.	20:25
paulr_	foobot: help list *	20:25
foobot	paulr_: Error: There is no command "list *".	20:25
paulr_	foobot: help list --private	20:25
foobot	paulr_: Error: There is no command "list private".	20:25
paulr_	foobot: list	20:25
foobot	paulr_: Admin, Anonymous, Channel, Config, Mantis, Misc, Owner, Plugin, Seen, Status, Unix, and User	20:25
paulr_	foobot: Mantis	20:25
foobot	paulr_: Error: "Mantis" is not a valid command.	20:25
paulr_	foobot: help Mantis	20:25
foobot	paulr_: Error: There is no command "mantis".	20:25
nuclear_eclipse	list Mantis	20:25
paulr_	foobot: Mantis help	20:25
foobot	paulr_: Error: The "Mantis" plugin is loaded, but there is no command named "help" in it. Try "list Mantis" to see the commands in the "Mantis" plugin.	20:25
paulr_	list Mantis	20:25
paulr_	foobot: list mantis	20:25
paulr_	foobot: list Mantis	20:26
foobot	paulr_: bug and version	20:26
foobot	paulr_: bug and version	20:26
paulr_	foobot: version	20:26
foobot	paulr_: The current (running) version of this Supybot is 0.83.4.1. The newest version available online is 0.83.4.1.	20:26
paulr_	foobot: Mantis version	20:26
foobot	paulr_: Mantis SOAP API version: 1.2.2	20:26
paulr_	foobot: bug	20:26
foobot	paulr_: (bug <bug number>) -- Expand bug # to a full URI	20:26
paulr_	foobot: Mantis bug	20:26
foobot	paulr_: (mantis bug <bug number>) -- Expand bug # to a full URI	20:26
paulr_	foobot: Mantis bug 1	20:26
foobot	Bug 1 - prescience - no change required - closed	20:26
foobot	The blockhead admin deleted the database - http://www.mantisbt.org/bugs/view.php?id=1	20:26
paulr_	wow	20:26
moto-moi	:D	20:27
nuclear_eclipse	paulr_: foobot runs the same code that mantisbot did	20:28
paulr_	ahh	20:28
nuclear_eclipse	whoami	20:31
nuclear_eclipse	@whoami	20:31
foobot	nuclear_eclipse: nuclear_eclipse	20:31
nuclear_eclipse	foobot: config reply.whenNotCommand False	20:31
foobot	nuclear_eclipse: The operation succeeded.	20:31
nuclear_eclipse	@howdy	20:32
nuclear_eclipse	yay~!	20:32
nuclear_eclipse	paulr_: I just actually have foobot running on my server with an init script so that it will automatically come online, versus giallu who was only running it manually from his home workstation	20:38
paulr_	ya	20:43
paulr_	@whoami	20:58
foobot	paulr_: I don't recognize you.	20:58
micahg	foobot: can you fix bug 5668	21:17
nuclear_eclipse	micahg: we wish :P	21:18
micahg	foobot: bug 5668	21:18
foobot	Bug 5668 - polzin - open - acknowledged	21:18
foobot	"versions" of parent project should be used in subprojects. - http://www.mantisbt.org/bugs/view.php?id=5668	21:18
nuclear_eclipse	micahg: on the surface, that's implemented, but it's woefully incomplete... =/	21:18
micahg	nuclear_eclipse: how soon is the next release approximately, this one's really biting me ATM, mostly the ones related to it	21:19
micahg	nuclear_eclipse: I want to work on a patch, but won't get to it for another 4 weeks	21:19
micahg	I can use the version in the chlid project, but it doesn't appear on any roadmap	21:19
micahg	oh, I should check if another bug is in there related	21:20
micahg	my current issue is actually bug 10873	21:20
foobot	Bug 10873 - andy_mbt - open - acknowledged	21:20
foobot	Change Log/Roadmap do not work with inherited versions. - http://www.mantisbt.org/bugs/view.php?id=10873	21:20
nuclear_eclipse	micahg: I'll probably push another release for 1.2 with the recent round of security fixes, but there are a lot of underlying design issues that were never taken into account for 5669	21:20
micahg	nuclear_eclipse: I jsut ran into an issue that if subprojects are sharing the same version, you can't do a bulk update from teh top project view issues page	21:21
nuclear_eclipse	micahg: that's actually the one reported by one of my project's, and we have a local "fix" that just comments out the sections where versions get cached...	21:21
nuclear_eclipse	micahg: yeah, that too :P	21:22
micahg	right, I don't even know if you can properly implement it in the 1.2.x branch, I think it requires a bit of schema change	21:22
nuclear_eclipse	yes, there are definite schema changes that should have been made to support this, similar to the round of schema changes made for categories in 1.2.0	21:22
nuclear_eclipse	but there are wholesale sections of code that should have been rewritten with inheriting versions in mind, that are still left just the way they were...	21:23
micahg	nuclear_eclipse: bug 12189 is a dupe of bug 0010873	21:25
foobot	Bug 12189 - ha17 - open - new	21:25
foobot	Subprojects using Parent project versions don't have roadmaps - http://www.mantisbt.org/bugs/view.php?id=12189	21:25
foobot	Bug 0010873 - andy_mbt - open - acknowledged	21:25
foobot	Change Log/Roadmap do not work with inherited versions. - http://www.mantisbt.org/bugs/view.php?id=0010873	21:25
* micahg doesn't have privs		21:25
nuclear_eclipse	would you like to?	21:25
micahg	nuclear_eclipse: idk if I"ve earned it	21:25
nuclear_eclipse	you've stuck around long enough that I have no problem giving you developer access to the tracker if you ever want to help out on triaging stuff	21:26
micahg	nuclear_eclipse: ok, I'm willing to help where I can	21:26
micahg	s/where/when	21:26
nuclear_eclipse	done	21:27
micahg	thanks	21:27
nuclear_eclipse	always looking for good help around here :)	21:28
micahg	nuclear_eclipse: actually, this new bug has a patch :)	21:29
micahg	nuclear_eclipse: what's the process for that?	21:30
nuclear_eclipse	usually get one of the core developer's attention long enough to get them to test it and push the patch to main repo :P	21:30
micahg	k, but more specifically WRT the duplication of issues	21:31
nuclear_eclipse	oh, just mark the duplicate as resolved, and put the main issue # is the duplicate id field	21:32
nuclear_eclipse	and ofc select "duplicate" as the resolution	21:32
micahg	nuclear_eclipse: right, but the other bug is already set at related to the main bug	21:32
nuclear_eclipse	issues can have multiple relationships, so I wouldn't worry about that	21:33
micahg	nuclear_eclipse: right, but I don't want to lose the patch, I'm wondering if I need to make the old issue a dupe of the one with the patch and update the relationships accordingly	21:33
nuclear_eclipse	oh, yeah, that's fine too	21:34
nuclear_eclipse	just gotta decide which issue will be the "main" one, and resolve the other one	21:34
micahg	will the people watching see my change and then choose if they want to follow the new issue or shoudl I not worry about that?	21:35
nuclear_eclipse	they'll get a notice that it's been marked as a duplicate, so they'll watch the new one if they really want to	21:36
micahg	k	21:36
nuclear_eclipse	I think there was some discussion about automatically merging monitor lists when doing that, but I don't think anything ever happened with that	21:37
micahg	I see people using closed for dupes, is that better than resolved?	21:38
micahg	or resolved duplicate is fine	21:39
nuclear_eclipse	I personally prefer to use resolved	21:39
micahg	k	21:39
nuclear_eclipse	that gives users a chance to reopen the issue if they feel the action was incorrect	21:39
micahg	ok	21:39
nuclear_eclipse	then I periodically go through and mark undisputed issues as closed	21:39
micahg	I've been using bugzilla heavily and was wondering if parent/child is meant to operate in a similar way to Depends on/Blocks	21:40
nuclear_eclipse	yes, somewhat	21:40
nuclear_eclipse	it's a bit more abstract though because we don't have any well-defined process for things like that	21:40
nuclear_eclipse	so it can mean just about anything depending on context :P	21:41
micahg	which category for a bug with change target version on teh View issues page?	21:42
nuclear_eclipse	hmm?	21:42
micahg	actually, idk if I should report since I'm still on 1.2.0rc2	21:42
nuclear_eclipse	yes, please upgrade :P	21:43
micahg	well, I can't afford a broken installation till this project is close to being done, so I'm waiting, should be about 3 weeks	21:43
nuclear_eclipse	I like to mark issues reported against out of date versions as "please upgrade and then reopen"	21:43
nuclear_eclipse	yeah, that's understandable	21:43
nuclear_eclipse	I usually use that line because then people will say "cant upgrade due to custom changes" so I can then go back and say "we can't support installations with changed code"	21:45
micahg	well, I can tell you with Ubuntu, if we think it's solved, that's what we do, but we're supposed to try to replicate it, otherwise people get annoyed if they're asked to reproduce after every release and stop reporting bugs	21:45
micahg	nuclear_eclipse: I would think any bugs again 0.x could probably have that done though	21:45
nuclear_eclipse	hehe	21:45
micahg	wow, they're not even in the list anymore	21:46
micahg	which makes sense	21:46
nuclear_eclipse	micahg: 11802 doesn't seem to me to be a dupe of 10873 though	21:50
micahg	nuclear_eclipse: did I goof?	21:50
micahg	maybe I subscribed to the wrong bug	21:50
micahg	ugh	21:51
micahg	I did the wrong bug	21:51
nuclear_eclipse	:P	21:51
micahg	I'll undo it	21:51
micahg	sorry	21:51
nuclear_eclipse	no worries	21:51
nuclear_eclipse	it's difficult to keep on top of so many different bug tracker implementations	21:52
micahg	I meant to do it to 12189	21:52
nuclear_eclipse	between bugzilla, launchpad, trac, and mantis I sometimes want to just want to blow up the internet :P	21:52
micahg	which has no patch	21:53
micahg	that's better	21:54
micahg	well, I have super privs in all 3 now :)	21:55
micahg	it does get confusing	21:55
nuclear_eclipse	dhx_m: http://seclists.org/bugtraq/2010/Aug/47	22:12
micahg	nuclear_eclipse: speaking of security issues, do I have to worry about the RSS feed link with my username/key	22:18
nuclear_eclipse	micahg: you would likely want to use SSL to prevent snooping over the wire, but otherwise I wouldn't consider it a risk	22:19
nuclear_eclipse	unless the bugs in that list have ultra-sensitive data, the only thing (afaik) that someone could do with your rss key is subscribe to your personal feed	22:20
micahg	k, I'm going to add the feed for mantisbt and do what I can	22:20
micahg	I'm sorry I haven't had time to look into getting 1.2.x into Debian, the maintainer is afraid to upgrade	22:23
nuclear_eclipse	no worries	22:23
nuclear_eclipse	no offense to you, but I personally don't care if distros pick it up because I never use web apps packaged by distros, for multiple reasons	22:24
nuclear_eclipse	I understand the benefits of using packages from your distro, and I love it for actual native software, but web apps never seem to package well, and they always try to package apache configs that conflict with what I'm trying to do, and they're almost always behind because they insist on using some native database schema management that never works well with what web apps are trying to accomplish...	22:26
nuclear_eclipse	literally the only webapp I use from a distro package is gitweb, just because it's so tightly tied to the version of git installed on the machine	22:27
nuclear_eclipse	anyways, sorry for ranting there, I still have some pent up frustrations from dealing with the previous maintainer for debian... =\	22:29
nuclear_eclipse	apparently the fact that the 1.1 => 1.2 upgrade required running code to migrate data from an old schema format to a new schema was enough to break any chance of being compatible with debian's schema management system, so he put up a fuss and then abandoned the package	22:31
dhx_m	nuclear_eclipse: ready for 1.2.3? :)	22:34
nuclear_eclipse	no, I'm not in a rush this time	22:34
nuclear_eclipse	it's not a critical vuln either	22:34
dhx_m	the other ones I fixed may be :)	22:34
nuclear_eclipse	dhx_m: you should email victor and ask for access to manage files for the project on sourceforge.net	22:35
dhx_m	nuclear_eclipse: yep will do	22:35
nuclear_eclipse	then maybe when I get around to documenting the release process, you'll be able to roll some on your own :P	22:36
nuclear_eclipse	most of the work involved is all the stuff besides generating the tarballs	22:36
dhx_m	ok good, that's the easy part for me	22:36
nuclear_eclipse	ie, create the release notes, wrangle the issues on the official tracker	22:36
dhx_m	do you close fixed issues for the latest release?	22:37
nuclear_eclipse	yep	22:37
dhx_m	ok	22:37
dhx_m	I guess I'd need project manager permissions to add a new version?	22:38
nuclear_eclipse	I tag the release in git, generate tarballs, rename 1.2.x to 1.2.3, create a new 1.2.x, mass update issues to retarget for 1.2.x, do some other minor cleanups, close all the issues related to 1.2.3, upload the tarballs, update mantisbt.org to 1.2.3, send the release announcement email, and then post a blog entry announcement	22:39
nuclear_eclipse	and yes, it does require quite a bit of access to various areas	22:40
nuclear_eclipse	anywho, dinner time	22:42
dhx_m	ok I'll look into it when I get back, gtg too, cya	22:42
nuclear_eclipse	cheers dhx_m	22:42
paulr_	dhx_m: morning!	22:47

Generated by irclog2html.py