From dirk at haun-online.de Mon May 14 14:20:13 2007 From: dirk at haun-online.de (Dirk Haun) Date: Mon, 14 May 2007 20:20:13 +0200 Subject: [geeklog-devel] Journal plugin (was: Sponsoring) In-Reply-To: <678946.21075.qm@web714.biz.mail.mud.yahoo.com> References: <678946.21075.qm@web714.biz.mail.mud.yahoo.com> Message-ID: <20070514182013.1377245284@smtp.haun-online.de> Tony Bibbs wrote: [Journal plugin in CVS] >If it is there it shouldn't be. FYI: It isn't there. Neither is the "tools" directory which contained my release script and the scripts I use to update the language files. I still have copies of all of those, of course. So, where do we put them? gplugs.sf.net? I was hoping Tom Willet would have had a chance to chime in by now ... bye, Dirk -- http://www.haun-online.de/ http://geeklog.info/ From tomw at pigstye.net Mon May 14 14:29:59 2007 From: tomw at pigstye.net (Tom Willett) Date: Mon, 14 May 2007 14:29:59 -0400 Subject: [geeklog-devel] Journal plugin In-Reply-To: <20070514182013.1377245284@smtp.haun-online.de> References: <678946.21075.qm@web714.biz.mail.mud.yahoo.com> <20070514182013.1377245284@smtp.haun-online.de> Message-ID: <4648AAA7.1020600@pigstye.net> I did chime in early on and gave Michael access to cvs. You are welcome to use gplugs, I believe you are listed as an admin Dirk. On 5/14/2007 2:20 PM, Dirk Haun wrote: > Tony Bibbs wrote: > > [Journal plugin in CVS] > >> If it is there it shouldn't be. >> > > FYI: It isn't there. Neither is the "tools" directory which contained my > release script and the scripts I use to update the language files. > > I still have copies of all of those, of course. > > So, where do we put them? gplugs.sf.net? I was hoping Tom Willet would > have had a chance to chime in by now ... > > bye, Dirk > > > -- Tom Willett tomw at pigstye.net -------------- next part -------------- An HTML attachment was scrubbed... URL: From dirk at haun-online.de Mon May 14 14:38:58 2007 From: dirk at haun-online.de (Dirk Haun) Date: Mon, 14 May 2007 20:38:58 +0200 Subject: [geeklog-devel] Journal plugin In-Reply-To: <4648AAA7.1020600@pigstye.net> References: <678946.21075.qm@web714.biz.mail.mud.yahoo.com> <20070514182013.1377245284@smtp.haun-online.de> <4648AAA7.1020600@pigstye.net> Message-ID: <20070514183858.364435821@smtp.haun-online.de> Tom Willett wrote: >I did chime in early on and gave Michael access to cvs. Ah, good. Didn't know that. >You are welcome >to use gplugs, I believe you are listed as an admin Dirk. I am, thanks. I think I'd rather have the "tools" back in the Geeklog CVS, but I'll add all my other plugins to gplugs eventually. I think the last time I tried that, all of SF's CVS servers were down ... bye, Dirk -- http://spam.tinyweb.net/ From tomw at pigstye.net Mon May 14 14:43:28 2007 From: tomw at pigstye.net (Tom Willett) Date: Mon, 14 May 2007 14:43:28 -0400 Subject: [geeklog-devel] Journal plugin In-Reply-To: <20070514183858.364435821@smtp.haun-online.de> References: <678946.21075.qm@web714.biz.mail.mud.yahoo.com> <20070514182013.1377245284@smtp.haun-online.de> <4648AAA7.1020600@pigstye.net> <20070514183858.364435821@smtp.haun-online.de> Message-ID: <4648ADD0.3080407@pigstye.net> On 5/14/2007 2:38 PM, Dirk Haun wrote: > Tom Willett wrote: > > >> I did chime in early on and gave Michael access to cvs. >> > > Ah, good. Didn't know that. > > > >> You are welcome >> to use gplugs, I believe you are listed as an admin Dirk. >> > > I am, thanks. > > I think I'd rather have the "tools" back in the Geeklog CVS, but I'll > add all my other plugins to gplugs eventually. I think the last time I > tried that, all of SF's CVS servers were down ... > > That has been my greatest frustration with sourceforge also. > bye, Dirk > > > -- Tom Willett tomw at pigstye.net -------------- next part -------------- An HTML attachment was scrubbed... URL: From mjervis at gmail.com Mon May 14 14:55:59 2007 From: mjervis at gmail.com (Michael Jervis) Date: Mon, 14 May 2007 19:55:59 +0100 Subject: [geeklog-devel] Journal plugin In-Reply-To: <4648ADD0.3080407@pigstye.net> References: <678946.21075.qm@web714.biz.mail.mud.yahoo.com> <20070514182013.1377245284@smtp.haun-online.de> <4648AAA7.1020600@pigstye.net> <20070514183858.364435821@smtp.haun-online.de> <4648ADD0.3080407@pigstye.net> Message-ID: <7b42e7470705141155s1e6f3e40nae88e4e7771ecfc4@mail.gmail.com> Ok so it's gplugs then. I still think migrating it to SVN is a good idea though ;-) Mike From dirk at haun-online.de Mon May 14 16:56:59 2007 From: dirk at haun-online.de (Dirk Haun) Date: Mon, 14 May 2007 22:56:59 +0200 Subject: [geeklog-devel] Journal plugin In-Reply-To: <7b42e7470705141155s1e6f3e40nae88e4e7771ecfc4@mail.gmail.com> References: <678946.21075.qm@web714.biz.mail.mud.yahoo.com> <20070514182013.1377245284@smtp.haun-online.de> <4648AAA7.1020600@pigstye.net> <20070514183858.364435821@smtp.haun-online.de> <4648ADD0.3080407@pigstye.net> <7b42e7470705141155s1e6f3e40nae88e4e7771ecfc4@mail.gmail.com> Message-ID: <20070514205659.124622201@smtp.haun-online.de> Michael Jervis wrote: >I still think migrating it to SVN is a good idea though ;-) Would be fine with me. We're using SVN at work, so I'm familiar with it. bye, Dirk -- http://spam.tinyweb.net/ From dirk at haun-online.de Mon May 14 17:04:16 2007 From: dirk at haun-online.de (Dirk Haun) Date: Mon, 14 May 2007 23:04:16 +0200 Subject: [geeklog-devel] Mailing list archives Message-ID: <20070514210416.565469811@smtp.haun-online.de> FYI: The mailing list archives should work again. We have some gaping holes in them, but at least they're back now ... bye, Dirk -- http://www.geeklog.net/ http://geeklog.info/ From dirk at haun-online.de Thu May 17 10:45:09 2007 From: dirk at haun-online.de (Dirk Haun) Date: Thu, 17 May 2007 16:45:09 +0200 Subject: [geeklog-devel] Blogger remote auth not working any more? Message-ID: <20070517144509.643794968@smtp.haun-online.de> Looks like our Blogger remote authentication module isn't working any more. At least I was unable to log into a site with remote auth enabled using my old Blogger login. Blogger / Blogspot wants people to use their Google account now but even that didn't work (after I "reclaimed" my old Blogger account). So they may have changed the protocol as well. Anyone more familiar with the changes? bye, Dirk -- http://www.geeklog.net/ http://geeklog.info/ From mjervis at gmail.com Thu May 17 11:37:35 2007 From: mjervis at gmail.com (Michael Jervis) Date: Thu, 17 May 2007 16:37:35 +0100 Subject: [geeklog-devel] Blogger remote auth not working any more? In-Reply-To: <20070517144509.643794968@smtp.haun-online.de> References: <20070517144509.643794968@smtp.haun-online.de> Message-ID: <7b42e7470705170837j3dafecf4ge8dbeb867bb995b7@mail.gmail.com> > Anyone more familiar with the changes? Sadly, yes, not had time to fully investigate but my blog crossposting tool (http://www.skinmaster.co.uk/multiblog) is also broken, it's a totally different protocol now. I've got as far as finding it's a fundamental change, but not as far as producing working software. Cheers, Mike From dirk at haun-online.de Thu May 17 14:51:42 2007 From: dirk at haun-online.de (Dirk Haun) Date: Thu, 17 May 2007 20:51:42 +0200 Subject: [geeklog-devel] OpenID revisited (new patch) Message-ID: <20070517185142.529067341@smtp.haun-online.de> I've gone over Choplair's OpenID patch, cleaned it up somewhat and made it more conforming to Geeklog's way of doing things in some places. The new version (with instructions) can be found here: http://www.geeklog.net/nightly/openid_patch.tar.gz It works against 1.4.1 and the 1.4.1-1 branch in CVS. Haven't tried it against the CVS trunk yet, but it's not as invasive as suspected and could be ported manually, if necessary. --- snip --- Changes over Choplair's patch: - Moved the inlined class from users.php to classes/openidhelper.class.php - Error messages use a fixed text. For security reasons, we shouldn't display any messages coming from a remote server. They are logged in error.log, though - typekey.com doesn't send a username. Tried to compensate by guessing which portion of the OpenID URL could be the username. If that fails (not for typekey.com, but maybe for other services), we abort rather then using an empty username. - Added CUSTOM_uniqueRemoteUsername function to ensure unique usernames (attaches a random number to the conflicting username). - Added OpenID login form to users/loginform.thtml (the PHP code was already in place, it was only missing from the actual template file) - Converted the icons to PNG To do: - Security audit. We shouldn't trust the data we get from the OpenID server ... USE AT YOUR OWN RISK --- snip --- In my opinion, Choplair has earned himself the bounty. Any objections? bye, Dirk -- http://www.geeklog.net/ http://geeklog.info/ From tony at tonybibbs.com Fri May 18 08:57:53 2007 From: tony at tonybibbs.com (Tony Bibbs) Date: Fri, 18 May 2007 05:57:53 -0700 (PDT) Subject: [geeklog-devel] OpenID revisited (new patch) Message-ID: <336531.70585.qm@web714.biz.mail.mud.yahoo.com> No objections. I've been working with the MediaWiki implementation and there are a couple of settings they have: 1) Deny by Default - If a user uses any openID account we deny access by default. This is used in conjunction with: 2) Allowed OpenID Services - array of regex URL's we would allow access to 3) Denied OpenID Services - array of regex URL's we explicitly deny Just passing this on as an FYI. Does this patch simply make Geeklog capable of using an existing OpenID providers? More specifically, does it also allow Geeklog accounts to be exposed as an OpenID provider as well? If not, that would be highly desirable. --Tony ----- Original Message ---- From: Dirk Haun To: geeklog-devel Sent: Thursday, May 17, 2007 1:51:42 PM Subject: [geeklog-devel] OpenID revisited (new patch) I've gone over Choplair's OpenID patch, cleaned it up somewhat and made it more conforming to Geeklog's way of doing things in some places. The new version (with instructions) can be found here: http://www.geeklog.net/nightly/openid_patch.tar.gz It works against 1.4.1 and the 1.4.1-1 branch in CVS. Haven't tried it against the CVS trunk yet, but it's not as invasive as suspected and could be ported manually, if necessary. --- snip --- Changes over Choplair's patch: - Moved the inlined class from users.php to classes/openidhelper.class.php - Error messages use a fixed text. For security reasons, we shouldn't display any messages coming from a remote server. They are logged in error.log, though - typekey.com doesn't send a username. Tried to compensate by guessing which portion of the OpenID URL could be the username. If that fails (not for typekey.com, but maybe for other services), we abort rather then using an empty username. - Added CUSTOM_uniqueRemoteUsername function to ensure unique usernames (attaches a random number to the conflicting username). - Added OpenID login form to users/loginform.thtml (the PHP code was already in place, it was only missing from the actual template file) - Converted the icons to PNG To do: - Security audit. We shouldn't trust the data we get from the OpenID server ... USE AT YOUR OWN RISK --- snip --- In my opinion, Choplair has earned himself the bounty. Any objections? bye, Dirk -- http://www.geeklog.net/ http://geeklog.info/ _______________________________________________ geeklog-devel mailing list geeklog-devel at lists.geeklog.net http://eight.pairlist.net/mailman/listinfo/geeklog-devel From dirk at haun-online.de Fri May 18 13:35:01 2007 From: dirk at haun-online.de (Dirk Haun) Date: Fri, 18 May 2007 19:35:01 +0200 Subject: [geeklog-devel] Congratulations, OpenID Spam has Arrived Message-ID: <20070518173501.1414133842@smtp.haun-online.de> Of course we all knew it wouldn't take long: (via Planet OpenID): --- snip --- iwantmyopenid.org has been pretty much brain dead. Other than being the home of the infamous OpenID Bounty, which managed to discourage most OpenID enthusiasts (Heck, I nearly abandoned phpbb-openid when I realized I wasn't going to get it!), it produced virtually no interest until the other day. Enter h*tp://iwantmyopenid#org/node/19. "The community marketing home of OpenID" is now home to the world's first OpenID spam comment. Please refrain from linking to that page directly. Don't feed the spammers. --- snip --- (URL mangled) -- http://spam.tinyweb.net/ From dirk at haun-online.de Fri May 18 13:53:08 2007 From: dirk at haun-online.de (Dirk Haun) Date: Fri, 18 May 2007 19:53:08 +0200 Subject: [geeklog-devel] OpenID revisited (new patch) In-Reply-To: <336531.70585.qm@web714.biz.mail.mud.yahoo.com> References: <336531.70585.qm@web714.biz.mail.mud.yahoo.com> Message-ID: <20070518175308.363206103@smtp.haun-online.de> Tony Bibbs wrote: >1) Deny by Default - If a user uses any openID account we deny access by >default. This is used in conjunction with: >2) Allowed OpenID Services - array of regex URL's we would allow access to >3) Denied OpenID Services - array of regex URL's we explicitly deny You can still ban users by their OpenID accounts. I guess we should also make it honor the user submission queue setting. Not sure about the regexps. Those are blacklists and we all know by now how good those work ... >Does this patch simply make Geeklog >capable of using an existing OpenID providers? I believe the OpenID term is "consumer": If you have an OpenID account somewhere, you can use it to log into Geeklog. Just like with the remote authentication modules. >More specifically, does >it also allow Geeklog accounts to be exposed as an OpenID provider as >well? If not, that would be highly desirable. Nope, it does not do that. bye, Dirk -- http://www.haun-online.de/ http://www.haun.info/ From tony at tonybibbs.com Fri May 18 14:05:46 2007 From: tony at tonybibbs.com (Tony Bibbs) Date: Fri, 18 May 2007 11:05:46 -0700 (PDT) Subject: [geeklog-devel] OpenID revisited (new patch) Message-ID: <599001.18846.qm@web710.biz.mail.mud.yahoo.com> Seems to me that's a reasonable expectation, no? Just seems like without it we are walking around with one shoe on. --Tony ----- Original Message ---- From: Dirk Haun To: geeklog-devel Sent: Friday, May 18, 2007 12:53:08 PM Subject: Re: [geeklog-devel] OpenID revisited (new patch) >More specifically, does >it also allow Geeklog accounts to be exposed as an OpenID provider as >well? If not, that would be highly desirable. Nope, it does not do that. From dirk at haun-online.de Sat May 19 11:16:20 2007 From: dirk at haun-online.de (Dirk Haun) Date: Sat, 19 May 2007 17:16:20 +0200 Subject: [geeklog-devel] Journal plugin In-Reply-To: <4648AAA7.1020600@pigstye.net> References: <678946.21075.qm@web714.biz.mail.mud.yahoo.com> <20070514182013.1377245284@smtp.haun-online.de> <4648AAA7.1020600@pigstye.net> Message-ID: <20070519151620.695613695@smtp.haun-online.de> Tom Willett wrote: >You are welcome to use gplugs I have now added the following to the gplugs CVS: Akismet modules for Spam-X Bad Behavior plugin: Flickr plugin: I'll consider gplugs the official CVS repository for those from now on. I have some unfinished plugins and other scripts here that I'll probably add as well eventually, as soon as I get an idea how unfinished they really are. Still better than let them rot on my hard drive, I guess ... Other stuff by me that's already in the gplugs CVS: Manual Digest plugin: This is still being maintained, although it didn't need an update in a while. Classifads plugin: I no longer maintain this. If anyone wants to do something with it, be my guest. YaBB to Forum plugin converter: See . No longer maintained. YaBB coexistence scripts: An attempt to let Geeklog and a YaBB forum coexist. No longer maintained. This includes the only Perl code I ever wrote, btw :) ... plus the ClearBlue and RudeColors themes (in the Themes directory) which are horribly out of date and no longer maintained either. bye, Dirk -- http://www.geeklog.net/ http://geeklog.info/ From dirk at haun-online.de Sun May 20 05:01:31 2007 From: dirk at haun-online.de (Dirk Haun) Date: Sun, 20 May 2007 11:01:31 +0200 Subject: [geeklog-devel] OpenID revisited (new patch) In-Reply-To: <20070517185142.529067341@smtp.haun-online.de> References: <20070517185142.529067341@smtp.haun-online.de> Message-ID: <20070520090131.721747535@smtp.haun-online.de> Dirk Haun wrote: >It works against 1.4.1 and the 1.4.1-1 branch in CVS. I have it up on geeklog.info now. Some notes and first impressions: - Despite the comment in the readme, the OpenID login form is missing from users/loginform.thtml. Sorry about that. - The rand() in CUSTOM_uniqueRemoteUsername() should be changed to something like rand(2,9999) or you'll end up with usernames like Dirk123456789. Actually, we should have a built-in function to resolve duplicate usernames and only use CUSTOM_uniqueRemoteUsername to let users override it. - Speaking of duplicates: Duplicate email addresses are a problem. Two of my OpenID accounts now use the same email address as my actual Geeklog account, so I can't change my preferences in any of those accounts without changing the email address at the same time. Any ideas how to resolve this? - When logging in with my typekey.com account, the URL needs to end in a slash or it won't find the OpenID server. This only happens on geeklog.info, though, and not on my local test setup. Odd. - And of course it didn't take long: Sa 19 Mai 2007 14:46:04 CEST - Unable to find an OpenID server for the identity URL h*tp://ywusorepup#hotmail#ru/buy-zyban-online-canada.html Stupid spambots ... bye, Dirk -- http://www.haun-online.de/ http://geeklog.info/ From mjervis at gmail.com Sun May 20 05:13:25 2007 From: mjervis at gmail.com (Michael Jervis) Date: Sun, 20 May 2007 10:13:25 +0100 Subject: [geeklog-devel] Journal plugin In-Reply-To: <20070519151620.695613695@smtp.haun-online.de> References: <678946.21075.qm@web714.biz.mail.mud.yahoo.com> <20070514182013.1377245284@smtp.haun-online.de> <4648AAA7.1020600@pigstye.net> <20070519151620.695613695@smtp.haun-online.de> Message-ID: <7b42e7470705200213p44f0805chc144576e2e9aec84@mail.gmail.com> And I've just added (now I've replaced the router that died...) Comment Feeds: Podcast: And merged back in my journal work: Journal: Journal needs a lot of love still, mostly statically generated non-compliant HTML. With some template stuff introduced (badly) and also probably non-compliant. Podcast needs a few bits and pieces of further functionality to reach 1.0, but is solid, secure and stable as is. Comment Feeds is all done and won't need any changes unless we change Syndication or plugin API's again. Mike From joe at ThrowingDice.com Mon May 21 22:29:07 2007 From: joe at ThrowingDice.com (Joe Mucchiello) Date: Mon, 21 May 2007 22:29:07 -0400 Subject: [geeklog-devel] Forums hack In-Reply-To: <7b42e7470705200213p44f0805chc144576e2e9aec84@mail.gmail.co m> References: <678946.21075.qm@web714.biz.mail.mud.yahoo.com> <20070514182013.1377245284@smtp.haun-online.de> <4648AAA7.1020600@pigstye.net> <20070519151620.695613695@smtp.haun-online.de> <7b42e7470705200213p44f0805chc144576e2e9aec84@mail.gmail.com> Message-ID: <0JIF000UF8A9FSB0@mta2.srv.hcvlny.cv.net> There's an annoying forum hack plaguing www.geeklog.net. I'm posting here, rather than directly to Dirk, so Blaine finds out too. Apparently no filtering is being done on the anonymous author. Someone figured this out and put a meta-equiv command as their name to refresh. Of course the whole refresh didn't fit in the database so you just get an error. But every occurrence of that "name" reloads the bad url. This includes the "last ten posts" on the home page and on the forum page, whatever forum contains the bad name causes the list of forums to reset. Here's the offending line. Thankfully the refresh was set to "1;".
Started by:, url. This includes the "last ten posts" on the home page and on the > forum page, whatever forum contains the bad name causes the list of > forums to reset. Here's the offending line. Thankfully the refresh was > set to "1;". > > href="http://www.geeklog.net/forum/viewtopic.php?showtopic=76496"> style="left:50px;">
Started by:, content="1; URL=www.gre,05/21/07 18:49 PM
Views:7, > Replies:0
 > > Dirk, you might want to update the aname field on the topic before > deleting the record. See if there's anything else interesting about > whomever posted this. > > ---- > Joe Mucchiello > Throwing Dice Games > http://www.throwingdice.com > _______________________________________________ > geeklog-devel mailing list > geeklog-devel at lists.geeklog.net > http://eight.pairlist.net/mailman/listinfo/geeklog-devel > > From mjervis at gmail.com Tue May 22 15:08:59 2007 From: mjervis at gmail.com (Michael Jervis) Date: Tue, 22 May 2007 20:08:59 +0100 Subject: [geeklog-devel] Trendy Message-ID: <7b42e7470705221208n2267694ao81abfe48d55374a5@mail.gmail.com> http://www.google.com/trends?q=geeklog%2Cwordpress%2Cdrupal%2Cphpnuke%2Cpostnuke&ctab=0&geo=all&date=all&sort=1 Google trends is fascinating. -- Michael Jervis mjervis at gmail.com 504B03041400000008008F846431E3543A820800000006000000060000007765 62676F642B4F4D4ACF4F0100504B010214001400000008008F846431E3543A82 0800000006000000060000000000000000002000000000000000776562676F64 504B05060000000001000100340000002C0000000000 From geeklog at mystral-kk.net Wed May 23 09:21:47 2007 From: geeklog at mystral-kk.net (geeklog at mystral-kk.net) Date: Wed, 23 May 2007 22:21:47 +0900 (JST) Subject: [geeklog-devel] $_CONF['path'] setting Message-ID: <48924.192.168.1.22.1179926507.squirrel@www.s215.xrea.com> Hi all, Every time you install Geeklog, you have to edit config.php and set some values. But is it necessary to set $_CONF['path'] manually? I tried setting $_CONF['path'] = dirname( __FILE__ ) . '/'; and it worked fine. I've asked some friends to see if this hack works and none of them have said "No", including CGI-version PHP. Any suggestions? -- mystral-kk http://mystral-kk.net From tony at tonybibbs.com Wed May 23 10:15:59 2007 From: tony at tonybibbs.com (Tony Bibbs) Date: Wed, 23 May 2007 07:15:59 -0700 (PDT) Subject: [geeklog-devel] $_CONF['path'] setting Message-ID: <326498.54915.qm@web713.biz.mail.mud.yahoo.com> So what's your goal here? Is it to not have to edit config.php? If so you've got a lot more problems than $_CONF['path'] such as all the database parameters. Also, technically you'd want to replace the '/' with the PHP constant DIRECTORY_SEPARATOR. --Tony ----- Original Message ---- From: "geeklog at mystral-kk.net" To: geeklog-devel at lists.geeklog.net Sent: Wednesday, May 23, 2007 8:21:47 AM Subject: [geeklog-devel] $_CONF['path'] setting Hi all, Every time you install Geeklog, you have to edit config.php and set some values. But is it necessary to set $_CONF['path'] manually? I tried setting $_CONF['path'] = dirname( __FILE__ ) . '/'; and it worked fine. I've asked some friends to see if this hack works and none of them have said "No", including CGI-version PHP. Any suggestions? -- mystral-kk http://mystral-kk.net _______________________________________________ geeklog-devel mailing list geeklog-devel at lists.geeklog.net http://eight.pairlist.net/mailman/listinfo/geeklog-devel From cweiske at cweiske.de Wed May 23 10:46:21 2007 From: cweiske at cweiske.de (Christian Weiske) Date: Wed, 23 May 2007 16:46:21 +0200 Subject: [geeklog-devel] $_CONF['path'] setting In-Reply-To: <326498.54915.qm@web713.biz.mail.mud.yahoo.com> References: <326498.54915.qm@web713.biz.mail.mud.yahoo.com> Message-ID: <20070523164621.dafe0b3d.cweiske@cweiske.de> Tony, > So what's your goal here? Is it to not have to edit config.php? If so you've got a lot more problems than $_CONF['path'] such as all the database parameters. Also, technically you'd want to replace the '/' with the PHP constant DIRECTORY_SEPARATOR. I think the goal is to requir the user to make as few changes as possible, and possibly work out-of-the-box. Christian From tony at tonybibbs.com Wed May 23 10:48:38 2007 From: tony at tonybibbs.com (Tony Bibbs) Date: Wed, 23 May 2007 07:48:38 -0700 (PDT) Subject: [geeklog-devel] $_CONF['path'] setting Message-ID: <50070.56734.qm@web706.biz.mail.mud.yahoo.com> Yeah, minimizing changes is possible, obviously. But I don't see us ever getting out of making changes unless our GSoC students pay big dividends on their installer/configuration tasks. Closest thing would be the current PEAR installer which leaves the config.php alone (which we've had only one person provide feedback on thus far). --Tony ----- Original Message ---- From: Christian Weiske To: geeklog-devel at lists.geeklog.net Sent: Wednesday, May 23, 2007 9:46:21 AM Subject: Re: [geeklog-devel] $_CONF['path'] setting Tony, > So what's your goal here? Is it to not have to edit config.php? If so you've got a lot more problems than $_CONF['path'] such as all the database parameters. Also, technically you'd want to replace the '/' with the PHP constant DIRECTORY_SEPARATOR. I think the goal is to requir the user to make as few changes as possible, and possibly work out-of-the-box. Christian _______________________________________________ geeklog-devel mailing list geeklog-devel at lists.geeklog.net http://eight.pairlist.net/mailman/listinfo/geeklog-devel From geeklog at mystral-kk.net Wed May 23 19:10:44 2007 From: geeklog at mystral-kk.net (geeklog at mystral-kk.net) Date: Thu, 24 May 2007 08:10:44 +0900 (JST) Subject: [geeklog-devel] $_CONF['path'] setting Message-ID: <33560.192.168.1.22.1179961844.squirrel@www.s215.xrea.com> Tony wrote, > So what's your goal here? Is it to not have to edit config.php? If so > you've got a lot more problems than $_CONF['path'] such as all the database > parameters. Also, technically you'd want to replace the '/' with the PHP > constant DIRECTORY_SEPARATOR. Of course you have to edit all the database parameters manually, but it seems people make few mistakes here. On the other hand, $_CONF['path'] is hard to define for newbies. -- mystral-kk http://mystral-kk.net From info at heatherengineering.com Wed May 23 22:03:46 2007 From: info at heatherengineering.com (Heather Engineering) Date: Thu, 24 May 2007 11:03:46 +0900 Subject: [geeklog-devel] Coding standards clarification Message-ID: <660A8B98-9A7E-4723-86E2-F371667EDA8E@heatherengineering.com> Hi, I'm trying to be good lately. Just like to clarify a couple of coding standards points. Any feedback welcomed. /* A */ < from http://wiki.geeklog.net/wiki/index.php/Coding_Guidelines and PEAR > Including Code Anywhere you are unconditionally including a class file, use require_once. Anywhere you are conditionally including a class file (for example, factory methods), use include_once. Either of these will ensure that class files are included only once. They share the same file list, so you don't need to worry about mixing them - a file included with require_once will not be included again by include_once. Note: include_once and require_once are statements, not functions. Parentheses should not surround the subject filename. < end snippet > So which of the following should I be writing? (1) require_once '../../../lib-common.php'; // no brackets, one space before, no space after (2) require_once('../../../lib-common.php'); // brackets, no spaces (3) require_once( '../../../lib-common.php' ); // brackets, spaces I would assume (1) from the guidelines, but I see some of (2) and lots of (3) in core geeklog code. /* B */ Operators in control structures. Didn't see this anywhere in the guidelines, but all examples in the php manual use (1): (1) if( $groupid == $_CONF['remote_users_group_id'] ) // spaces around comparison operator (2) if( $groupid==$_CONF['remote_users_group_id'] ) // no spaces around comparison operator (1) is easier to read I think, but I see lots of (2) as well. /* C */ Indenting. Never quite sure about this. The following line has to wrap. How many spaces should I indent the second line? I would normally do about 16 spaces more than the $retval in this case. $retval .= COM_startBlock($LANG_AR_ADMIN[1], '', COM_getBlockTemplate('_admin_block', 'header')); But I also do things like this: $result = DB_query("SELECT DISTINCT ug_uid FROM {$_TABLES['group_assignments']} WHERE ug_main_grp_id={$rootgroup} ORDER BY ug_uid LIMIT 1"); lining up the SELECT, FROM, WHERE, ORDER, LIMIT. Is this permitted? It's easy to read but takes up lots of space. Particularly when it's something like this (MySQL which could probably be improved, I'm sure): $sql = "SELECT @now:={$iid}, ( SELECT sortorder FROM {$_TABLES['doc_item']} WHERE iid=@now LIMIT 1 ) AS current, ( SELECT did FROM {$_TABLES['doc_item']} WHERE iid=@now LIMIT 1 ) AS currentdid, ( SELECT rid FROM {$_TABLES['doc_item']} WHERE iid=@now LIMIT 1 ) AS id, ( SELECT iid FROM {$_TABLES['doc_item']} WHERE sortordercurrent AND rid=id ORDER by sortorder ASC LIMIT 0,1 ) AS nextiid, ( SELECT did FROM {$_TABLES['doc_item']} WHERE iid=nextiid LIMIT 1 ) AS nextdid FROM {$_TABLES['doc_item']} ORDER by sortorder LIMIT 1"; Should this kind of thing be avoided? Cheers, Euan. From joe at ThrowingDice.com Thu May 24 00:33:23 2007 From: joe at ThrowingDice.com (Joe Mucchiello) Date: Thu, 24 May 2007 00:33:23 -0400 Subject: [geeklog-devel] Coding standards clarification In-Reply-To: <660A8B98-9A7E-4723-86E2-F371667EDA8E@heatherengineering.co m> References: <660A8B98-9A7E-4723-86E2-F371667EDA8E@heatherengineering.com> Message-ID: <0JIJ00M773DF5WB0@mta5.srv.hcvlny.cv.net> At 10:03 PM 5/23/2007, Heather Engineering wrote: >(1) require_once '../../../lib-common.php'; // no brackets, >one space before, no space after >(2) require_once('../../../lib-common.php'); // brackets, no >spaces >(3) require_once( '../../../lib-common.php' ); // brackets, spaces > >I would assume (1) from the guidelines, but I see some of (2) and >lots of (3) in core geeklog code. The guidelines are new. Core Geeklog does not fully conform to the new standards. (1) above is correct as I understand the guidelines. >/* B */ > >Operators in control structures. Didn't see this anywhere in the >guidelines, but all examples in the php manual use (1): > >(1) if( $groupid == $_CONF['remote_users_group_id'] ) // spaces >around comparison operator >(2) if( $groupid==$_CONF['remote_users_group_id'] ) // no >spaces around comparison operator > >(1) is easier to read I think, but I see lots of (2) as well. Actually, if is not a function. It's a control structure so there should be a space after if. No spaces after the parens: 3) if ($groupid == $_CONF['whatever']) >/* C */ > >Indenting. Never quite sure about this. The following line has to >wrap. How many spaces should I indent the second line? I would >normally do about 16 spaces more than the $retval in this case. The standards don't address this but I would guess a continued line should be indented further than normal. Making it look "nice" is up to you. >$retval .= COM_startBlock($LANG_AR_ADMIN[1], '', > COM_getBlockTemplate('_admin_block', 'header')); if $retval is indented 4 spaces, then COM_getBlockTemplate... should be indented at least 8 spaces, more than 8 optionally. >Should this kind of thing be avoided? Yes, because it is hard to maintain because it is ugly and it has so many side effects. Make multiple trips to the database for code clarity. Speed it up only if you do tests that show it is a bottleneck. ---- Joe Mucchiello Throwing Dice Games http://www.throwingdice.com From info at heatherengineering.com Thu May 24 02:44:09 2007 From: info at heatherengineering.com (Heather Engineering) Date: Thu, 24 May 2007 15:44:09 +0900 Subject: [geeklog-devel] Coding standards clarification In-Reply-To: <0JIJ00M773DF5WB0@mta5.srv.hcvlny.cv.net> References: <660A8B98-9A7E-4723-86E2-F371667EDA8E@heatherengineering.com> <0JIJ00M773DF5WB0@mta5.srv.hcvlny.cv.net> Message-ID: <86E5F4CE-D044-4E82-91C4-EC187293E6A9@heatherengineering.com> On 2007/05/24, at 13:33, Joe Mucchiello wrote: >> /* B */ >> >> Operators in control structures. Didn't see this anywhere in the >> guidelines, but all examples in the php manual use (1): >> >> (1) if( $groupid == $_CONF['remote_users_group_id'] ) // spaces >> around comparison operator >> (2) if( $groupid==$_CONF['remote_users_group_id'] ) // no >> spaces around comparison operator >> >> (1) is easier to read I think, but I see lots of (2) as well. > > Actually, if is not a function. It's a control structure so there > should be a space after if. No spaces after the parens: > > 3) if ($groupid == $_CONF['whatever']) Sorry, there should have been a space before the left bracket. I was asking about around the comparator '=='. >> $retval .= COM_startBlock($LANG_AR_ADMIN[1], '', >> COM_getBlockTemplate('_admin_block', 'header')); > > if $retval is indented 4 spaces, then COM_getBlockTemplate... > should be indented at least 8 spaces, more than 8 optionally. > >> Should this kind of thing be avoided? > > Yes, because it is hard to maintain because it is ugly and it has > so many side effects. Make multiple trips to the database for code > clarity. Speed it up only if you do tests that show it is a > bottleneck. That's a different question, but actually one I wanted to ask. Is it usually better to make one big query, or several smaller ones? Performance-wise, which is better? I was under the impression it was generally better to combine into as few queries as possible. Thanks for the comments. Euan. From mathfox at xs4all.nl Thu May 24 08:05:35 2007 From: mathfox at xs4all.nl (Peter Roozemaal) Date: Thu, 24 May 2007 14:05:35 +0200 Subject: [geeklog-devel] Coding standards clarification In-Reply-To: <86E5F4CE-D044-4E82-91C4-EC187293E6A9@heatherengineering.com> References: <660A8B98-9A7E-4723-86E2-F371667EDA8E@heatherengineering.com> <0JIJ00M773DF5WB0@mta5.srv.hcvlny.cv.net> <86E5F4CE-D044-4E82-91C4-EC187293E6A9@heatherengineering.com> Message-ID: <46557F8F.9030701@xs4all.nl> Heather Engineering wrote: >> Yes, because it is hard to maintain because it is ugly and it has so >> many side effects. Make multiple trips to the database for code >> clarity. Speed it up only if you do tests that show it is a bottleneck. > > That's a different question, but actually one I wanted to ask. Is it > usually better to make one big query, or several smaller ones? > Performance-wise, which is better? I was under the impression it was > generally better to combine into as few queries as possible. For performance it is generally better to reduce the number of round trips to the database; if you know in advance that you are going to need several records from the same table, get them all at once. If you need unrelated records from different tables, just do two queries. (Standard joins are fine; don't cruft one complex SQL statement where two simple ones are the straight-forward implementation. (Parsing and optimising complex SQL adds to the database load.)) My gripe: avoid "SELECT *"; instead specify the fields you need for your query. You'll reduce the load on your network (and memory use in web- and database server.) I've seen memory overflow on the admin story list when it loaded more than 32Mb of body texts. It only needed titles and dates! Peter. From info at heatherengineering.com Thu May 24 09:16:24 2007 From: info at heatherengineering.com (Heather Engineering) Date: Thu, 24 May 2007 22:16:24 +0900 Subject: [geeklog-devel] Coding standards clarification In-Reply-To: <46557F8F.9030701@xs4all.nl> References: <660A8B98-9A7E-4723-86E2-F371667EDA8E@heatherengineering.com> <0JIJ00M773DF5WB0@mta5.srv.hcvlny.cv.net> <86E5F4CE-D044-4E82-91C4-EC187293E6A9@heatherengineering.com> <46557F8F.9030701@xs4all.nl> Message-ID: On 2007/05/24, at 21:05, Peter Roozemaal wrote: > Heather Engineering wrote: > >>> Yes, because it is hard to maintain because it is ugly and it has >>> so many side effects. Make multiple trips to the database for >>> code clarity. Speed it up only if you do tests that show it is a >>> bottleneck. >> That's a different question, but actually one I wanted to ask. Is >> it usually better to make one big query, or several smaller ones? >> Performance-wise, which is better? I was under the impression it >> was generally better to combine into as few queries as possible. > > For performance it is generally better to reduce the number of round > trips to the database; if you know in advance that you are going to > need > several records from the same table, get them all at once. If you need > unrelated records from different tables, just do two queries. > (Standard > joins are fine; don't cruft one complex SQL statement where two simple > ones are the straight-forward implementation. (Parsing and optimising > complex SQL adds to the database load.)) Thanks - that's what I wanted to know. > My gripe: avoid "SELECT *"; instead specify the fields you need for > your > query. You'll reduce the load on your network (and memory use in web- > and database server.) I've seen memory overflow on the admin story > list > when it loaded more than 32Mb of body texts. It only needed titles and > dates! Yup, I'm on to that one. Cheers, Euan. From joe at ThrowingDice.com Thu May 24 16:46:57 2007 From: joe at ThrowingDice.com (Joe Mucchiello) Date: Thu, 24 May 2007 16:46:57 -0400 Subject: [geeklog-devel] Coding standards clarification In-Reply-To: <86E5F4CE-D044-4E82-91C4-EC187293E6A9@heatherengineering.co m> References: <660A8B98-9A7E-4723-86E2-F371667EDA8E@heatherengineering.com> <0JIJ00M773DF5WB0@mta5.srv.hcvlny.cv.net> <86E5F4CE-D044-4E82-91C4-EC187293E6A9@heatherengineering.com> Message-ID: <0JIK00EO3CG3ZT81@mta4.srv.hcvlny.cv.net> At 02:44 AM 5/24/2007, Heather Engineering wrote: >>3) if ($groupid == $_CONF['whatever']) > >Sorry, there should have been a space before the left bracket. I was >asking about around the comparator '=='. I was emphasizing that there is no space after the left paren or before the right paren. As for your question, all of the code examples in the coding standard places spaces on both sides of all binary operators. >That's a different question, but actually one I wanted to ask. Is it >usually better to make one big query, or several smaller ones? >Performance-wise, which is better? I was under the impression it was >generally better to combine into as few queries as possible. Put that query into the mysql query analyzer. You will see an ugly execution path. ---- Joe Mucchiello Throwing Dice Games http://www.throwingdice.com From dirk at haun-online.de Thu May 24 14:44:15 2007 From: dirk at haun-online.de (Dirk Haun) Date: Thu, 24 May 2007 20:44:15 +0200 Subject: [geeklog-devel] Coding standards clarification In-Reply-To: <46557F8F.9030701@xs4all.nl> References: <660A8B98-9A7E-4723-86E2-F371667EDA8E@heatherengineering.com> <0JIJ00M773DF5W B0@mta5.srv.hcvlny.cv.net> <86E5F4CE-D044-4E82-91C4-EC187293E6A9@heatherengineering.com> <46557F8F.9030701@xs4all.nl> Message-ID: <20070524184415.97246402@smtp.haun-online.de> Peter Roozemaal wrote: >I've seen memory overflow on the admin story list >when it loaded more than 32Mb of body texts. It only needed titles and >dates! Good point. I know we have a few SELECT * in the admin lists, but I always considered them to ve less of a problem - a performance problem, that is. Didn't think about memory consumption ... bye, Dirk -- http://www.haun-online.de/ http://spam.tinyweb.net/ From mjervis at gmail.com Sat May 26 04:00:23 2007 From: mjervis at gmail.com (Michael Jervis) Date: Sat, 26 May 2007 09:00:23 +0100 Subject: [geeklog-devel] Coding standards clarification In-Reply-To: <0JIK00EO3CG3ZT81@mta4.srv.hcvlny.cv.net> References: <660A8B98-9A7E-4723-86E2-F371667EDA8E@heatherengineering.com> <0JIJ00M773DF5WB0@mta5.srv.hcvlny.cv.net> <86E5F4CE-D044-4E82-91C4-EC187293E6A9@heatherengineering.com> <0JIK00EO3CG3ZT81@mta4.srv.hcvlny.cv.net> Message-ID: <7b42e7470705260100y626bf3f2nf218608002a206d3@mail.gmail.com> > Put that query into the mysql query analyzer. You will see an ugly > execution path. Where can I get MySQL Query Analyzer? Not run into it before... From dirk at haun-online.de Thu May 24 14:47:36 2007 From: dirk at haun-online.de (Dirk Haun) Date: Thu, 24 May 2007 20:47:36 +0200 Subject: [geeklog-devel] Coding standards clarification In-Reply-To: <660A8B98-9A7E-4723-86E2-F371667EDA8E@heatherengineering.com> References: <660A8B98-9A7E-4723-86E2-F371667EDA8E@heatherengineering.com> Message-ID: <20070524184736.300174120@smtp.haun-online.de> Heather Engineering wrote: >I would assume (1) from the guidelines, but I see some of (2) and >lots of (3) in core geeklog code. As Joe said, the coding standards are a late addition and therefore a lot of the existing code may not follow them yet. Any new (core) code should follow them, though. bye, Dirk -- http://www.geeklog.net/ http://geeklog.info/ From joe at ThrowingDice.com Sat May 26 13:00:43 2007 From: joe at ThrowingDice.com (Joe Mucchiello) Date: Sat, 26 May 2007 13:00:43 -0400 Subject: [geeklog-devel] Coding standards clarification In-Reply-To: <7b42e7470705260100y626bf3f2nf218608002a206d3@mail.gmail.co m> References: <660A8B98-9A7E-4723-86E2-F371667EDA8E@heatherengineering.com> <0JIJ00M773DF5WB0@mta5.srv.hcvlny.cv.net> <86E5F4CE-D044-4E82-91C4-EC187293E6A9@heatherengineering.com> <0JIK00EO3CG3ZT81@mta4.srv.hcvlny.cv.net> <7b42e7470705260100y626bf3f2nf218608002a206d3@mail.gmail.com> Message-ID: <0JIN0004ORB4MT20@mta1.srv.hcvlny.cv.net> Actually you don't need anything special. I believe "Explain" is a standard mySql command (now that I think about it): Explain works with any SELECT statement. The mysql query browser (part of the gui tools distribution) outputs the explain in a more easily read format. At 04:00 AM 5/26/2007, Michael Jervis wrote: >>Put that query into the mysql query analyzer. You will see an ugly >>execution path. > >Where can I get MySQL Query Analyzer? Not run into it before... ---- Joe Mucchiello Throwing Dice Games http://www.throwingdice.com From dirk at haun-online.de Sat May 26 15:51:56 2007 From: dirk at haun-online.de (Dirk Haun) Date: Sat, 26 May 2007 21:51:56 +0200 Subject: [geeklog-devel] OpenID support in CVS Message-ID: <20070526195156.1057528591@smtp.haun-online.de> For those who don't read geeklog-cvs: OpenID support is now in CVS. So, first of all a big thanks to Choplair for providing the patches. Good work! And let me know your PayPal account so I can send you the bounty :-) For the record: We are now bundling a slightly modified version of PHP OpenID, . I made some minor changes over the patch for 1.4.1. Of note: There's now a function USER_uniqueUsername that checks if a given username exists and returns a unique username by appending random digits, if necessary. To override, you can create your own CUSTOM_uniqueUsername function (note that I dropped the "remote" from that function's name). I found a problem where you would end up in a loop when the OpenID server sent a referrer. $_CONF['remoteauthentication'] has been removed from config.php. Instead, there is now an array: $_CONF['user_logging_method'] = array( 'standard' => true, // Geeklog's built-in login method // Note: can not be disabled yet 'openid' => false, // Set to true to enable OpenID remote login support. '3rdparty' => false // Set to true to enable various other remote // authentification methods (requires custom classes in // system/classes/authentication). ); So '3rdparty' => true would be the equivalent of $_CONF ['remoteauthentication'] = true. However, since the Blogger module doesn't work any more and LiveJournal accounts can also use OpenID, there's no real need for the remote auth modules at the moment. Still unresolved: What to do about duplicate email addresses. Duplicate usernames are resolved on the fly (see above) but I have no good idea what to do about duplicate email addresses - other than to abort the login. The problem manifests itself when such a user tries to change their preferences or an Admin tries to make some change to the user. The code could still use a critical eye wrt security issues. And lots of testing ... bye, Dirk -- http://www.geeklog.net/ http://geeklog.info/ From joe at ThrowingDice.com Sat May 26 18:02:29 2007 From: joe at ThrowingDice.com (Joe Mucchiello) Date: Sat, 26 May 2007 18:02:29 -0400 Subject: [geeklog-devel] OpenID support in CVS In-Reply-To: <20070526195156.1057528591@smtp.haun-online.de> References: <20070526195156.1057528591@smtp.haun-online.de> Message-ID: <0JIO00CXN5A2CNU0@mta3.srv.hcvlny.cv.net> At 03:51 PM 5/26/2007, Dirk Haun wrote: >Still unresolved: What to do about duplicate email addresses. > >Duplicate usernames are resolved on the fly (see above) but I have no >good idea what to do about duplicate email addresses - other than to >abort the login. The problem manifests itself when such a user tries to >change their preferences or an Admin tries to make some change to the user. I don't see any reason why you shouldn't deny access. The enduser has already made an account here so why let him associate another login with the same email. Perhaps a screen telling the user that email address is already registered and that they must either login with a different openid or login as the user who already possesses that email address. The only issue there is the user has more than one OpenID with the same email. I get the feeling the robust answer (and hard to code answer) is to allow more than one "login id" associated with one user. So I could login with my jmucchiello handle or user and openid address and both methods resolve to uid 12345. But that would probably require rethinking how gl_users works. ---- Joe Mucchiello Throwing Dice Games http://www.throwingdice.com From dirk at haun-online.de Sun May 27 06:16:46 2007 From: dirk at haun-online.de (Dirk Haun) Date: Sun, 27 May 2007 12:16:46 +0200 Subject: [geeklog-devel] OpenID support in CVS In-Reply-To: <20070526195156.1057528591@smtp.haun-online.de> References: <20070526195156.1057528591@smtp.haun-online.de> Message-ID: <20070527101646.1845759248@smtp.haun-online.de> Dirk Haun wrote: >And lots of testing ... Here's a nice one (or two, actually): --- snip --- An error has occurred: 2 - fsockopen() [function.fsockopen]: SSL operation failed with code 114. OpenSSL Error messages: error:00000000:lib(0):func(0):reason(0) @ / usr/local/apache/vhost/geeklog/system/classes/openid/httpclient.php line 189 --- snip --- Only happens on my Linux box when trying to login via typekey.com. Turns out this is a bug in MySQL(!) when used with PHP 5.1 or later. It seems to affect MySQL versions 5.0.20 through 5.0.30. An update to the latest version (5.0.41) and recompiling PHP fixed that. After that, I ran into this: --- snip --- An error has occurred: 2 - fgets() [function.fgets]: SSL: fatal protocol error @ /usr/local/ apache/vhost/geeklog/system/classes/openid/httpclient.php line 199 --- snip --- This, it appears, is a problem on the other end (the OpenID server, in this case). It's often attributed to IIS having an incorrect implementation of the SSL protocol, but in my case it happend with the typekey.com server, which claims to run some version of Apache (it simply says "Server: Apache", no version number). You'll only see this with error_reporting(E_ALL) and on PHP 5 (otherwise it's simply a warning that may flash up shortly before the login continues). So I've patched openid/httpclient.php to suppress error messages there. Just in case someone else runs into these problems ... bye, Dirk -- http://www.haun-online.de/ http://www.handful-of-sparks.de/ From casual.dodo at gmail.com Mon May 28 10:32:18 2007 From: casual.dodo at gmail.com (Ramnath R Iyer) Date: Mon, 28 May 2007 20:02:18 +0530 Subject: [geeklog-devel] Tagging support Message-ID: <465AE7F2.6090307@gmail.com> Hi, I was wondering if there's any support planned for attaching tags to stories in GL, as opposed to topics. Can the effect of "free tagging" be achieved with GL as it stands now? -- Ramnath R Iyer http://www.silentyak.com/ /* Today is the beginning of the rest of your life */ From dirk at haun-online.de Mon May 28 12:01:24 2007 From: dirk at haun-online.de (Dirk Haun) Date: Mon, 28 May 2007 18:01:24 +0200 Subject: [geeklog-devel] Tagging support In-Reply-To: <465AE7F2.6090307@gmail.com> References: <465AE7F2.6090307@gmail.com> Message-ID: <20070528160124.305942149@smtp.haun-online.de> Ramnath R Iyer wrote: >I was wondering if there's any support planned for attaching tags to >stories in GL, as opposed to topics. We did actually agree (more or less) that tags would be the way to go instead of trying to cram support for multiple topics into the code somehow. Oliver is supposedly working on a tags plugin, but nobody else has seen it yet. I actually wrote a quick'n'dirty tagging plugin back in 2005 (I would have pointed you to the relevant post, but the holes in our mailing list archives are bigger than I thought). Nothing fancy - it simply implements a [tag:] autotag and collects all those at the end of the post then. It was missing any search capabilities, though. bye, Dirk -- http://www.haun-online.de/ http://geeklog.info/