From websitemaster at cogeco.net Fri Nov 1 21:24:23 2013 From: websitemaster at cogeco.net (Tom) Date: Fri, 1 Nov 2013 21:24:23 -0400 Subject: [geeklog-devel] Geeklog - Locking the Session table Message-ID: <041701ced76a$43608fb0$ca21af10$@cogeco.net> On my live Geeklog 2.1.0 site a see a few deadlock errors every couple of days. Here are the 2 examples: An SQL error has occurred. Please see error.log for details. @ C:\inetpub\geeklog\system\databases\mysqli.class.php line 279 1213: Deadlock found when trying to get lock; try restarting transaction in C:\inetpub\geeklog\system\lib-sessions.php:336. SQL in question: DELETE FROM gl_sessions WHERE (start_time < 1379748688) 256 - An SQL error has occurred. Please see error.log for details. @ C:\inetpub\geeklog\system\databases\mysqli.class.php line 279 1213: Deadlock found when trying to get lock; try restarting transaction in C:\inetpub\geeklog\system\lib-sessions.php:486. SQL in question: UPDATE gl_sessions SET start_time = 1379785338, whos_online = 1 WHERE (md5_sess_id = 'a16f14f7db6601529da31738be7d4d9b') They obviously involve the Geeklog Sessions, deleting expired sessions and updating ones who are online. For comments I know we lock the whole table before updating like so: DB_lockTable ($_TABLES['comments']); ... DB_unlockTable($_TABLES['comments']); Should we do this when we delete sessions? I believe this check is done on every page load so I am not sure if we will create more issues (or longer wait periods) by locking the entire table every single time. MySQL suggests http://dev.mysql.com/doc/refman/5.5/en/innodb-deadlocks.html we should just rerun the query when this happens. (which we currently can't because an error is triggered) Does anyone have any experience dealing with these type of issues? Tom From websitemaster at cogeco.net Sat Nov 2 15:32:24 2013 From: websitemaster at cogeco.net (Tom) Date: Sat, 2 Nov 2013 15:32:24 -0400 Subject: [geeklog-devel] Geeklog - Oauth User Images Message-ID: <044c01ced802$42a9edd0$c7fdc970$@cogeco.net> I fixed a small bug in the OAuth user creation for services like Google that return a https link to an image for us to retrieve for a new user. While working on the bug I realize that when we retrieve the OAuth user photo we completely ignore the Geeklog config options for max photo width, height and size (we always have). http://project.geeklog.net/tracking/view.php?id=1716 I am not up really on image manipulation in PHP but I took a quick look at the photo upload for a normal user account and saw that it is built into the upload class. At some point this needs to be fixed. We should probably remove the image manipulation stuff from the upload class (it should just deal with uploading) and include an image manipulating class that can be used both by the upload class and Oauth class (along with anything else that needs it). Tom _______________________________________________ geeklog-devel mailing list geeklog-devel at lists.geeklog.net http://eight.pairlist.net/mailman/listinfo/geeklog-devel From niemans at nlbox.com Thu Nov 14 15:57:33 2013 From: niemans at nlbox.com (Niemans) Date: Thu, 14 Nov 2013 21:57:33 +0100 Subject: [geeklog-devel] caching template Message-ID: <9DD81FC2-27A2-4E6A-82ED-0F3E7A72E71F@nlbox.com> The caching template system is leaking information due to the inclusion of complete paths in the cache and resulting html. The bugger is {templatelocation} All standard themes are full of comments showing it. I know I can turn that on/off in configuration. But that option is hidden somewhere, without comments what it is doing. But still, the path to my config should never leak. Same for the path to my public_html. Cheers, wim niemans ri From websitemaster at cogeco.net Thu Nov 14 17:22:11 2013 From: websitemaster at cogeco.net (Tom) Date: Thu, 14 Nov 2013 17:22:11 -0500 Subject: [geeklog-devel] caching template In-Reply-To: <9DD81FC2-27A2-4E6A-82ED-0F3E7A72E71F@nlbox.com> References: <9DD81FC2-27A2-4E6A-82ED-0F3E7A72E71F@nlbox.com> Message-ID: <009901cee187$f6687b00$e3397100$@cogeco.net> It is turned off by default and it is explained in the docs that it should only be used when testing templates. Tom -----Original Message----- From: geeklog-devel-bounces at lists.geeklog.net [mailto:geeklog-devel-bounces at lists.geeklog.net] On Behalf Of Niemans Sent: November-14-13 3:58 PM To: Geeklog Development Subject: [geeklog-devel] caching template The caching template system is leaking information due to the inclusion of complete paths in the cache and resulting html. The bugger is {templatelocation} All standard themes are full of comments showing it. I know I can turn that on/off in configuration. But that option is hidden somewhere, without comments what it is doing. But still, the path to my config should never leak. Same for the path to my public_html. Cheers, wim niemans ri _______________________________________________ geeklog-devel mailing list geeklog-devel at lists.geeklog.net http://eight.pairlist.net/mailman/listinfo/geeklog-devel From websitemaster at cogeco.net Mon Nov 18 07:02:56 2013 From: websitemaster at cogeco.net (Tom) Date: Mon, 18 Nov 2013 07:02:56 -0500 Subject: [geeklog-devel] Oauth Login and open_basedir Message-ID: <003301cee456$1e144b90$5a3ce2b0$@cogeco.net> With Oauth logins Facebook now sends a url to the profile photo that actually gets redirected to the actual photo. To handle this I switched to using the pear library HTTP/Request2.php which uses CURL to handle any redirections. This means in the php configuration safemode needs to be off along with open_basedir. From my understanding safemode is not used much anymore but open_basedir tends to be used in shared hosting environments. If open_basedir is set then it looks like our OAuth logins will fail (if a profile pic is present). What is everyone's thoughts on this? The only way around this would be rewrite the profile picture downloading and manually follow the redirections until we get what we want (an image). Tom From geeklog at mystral-kk.net Mon Nov 18 07:34:19 2013 From: geeklog at mystral-kk.net (Kenji ITO) Date: Mon, 18 Nov 2013 21:34:19 +0900 (JST) Subject: [geeklog-devel] Oauth Login and open_basedir In-Reply-To: <003301cee456$1e144b90$5a3ce2b0$@cogeco.net> References: <003301cee456$1e144b90$5a3ce2b0$@cogeco.net> Message-ID: <33369.203.189.105.202.1384778059.squirrel@www.s215.xrea.com> Tom wrote: > With Oauth logins Facebook now sends a url to the profile photo that > actually gets redirected to the actual photo. > > To handle this I switched to using the pear library HTTP/Request2.php > which > uses CURL to handle any redirections. > > This means in the php configuration safemode needs to be off along with > open_basedir. From my understanding safemode is not used much anymore but > open_basedir tends to be used in shared hosting environments. If > open_basedir is set then it looks like our OAuth logins will fail (if a > profile pic is present). > > What is everyone's thoughts on this? > > The only way around this would be rewrite the profile picture downloading > and manually follow the redirections until we get what we want (an image). HTTP/Request2 could use socket as its adapter. How about changing line 404 of "oauthhelper.class.php" from 'adapter' => 'HTTP_Request2_Adapter_Curl', to 'adapter' => 'HTTP_Request2_Adapter_Socket', and seeing how it will work out? Or, HTTP/Request2 with socket as its adapter doesn't support redirects? -- mystral-kk (Kenji ITO) From komma at ivywe.co.jp Mon Nov 18 09:17:52 2013 From: komma at ivywe.co.jp (=?ISO-2022-JP?B?GyRCOiM2cEUvO1IbKEI=?=) Date: Mon, 18 Nov 2013 23:17:52 +0900 Subject: [geeklog-devel] Oauth Login and open_basedir In-Reply-To: <33369.203.189.105.202.1384778059.squirrel@www.s215.xrea.com> References: <003301cee456$1e144b90$5a3ce2b0$@cogeco.net> <33369.203.189.105.202.1384778059.squirrel@www.s215.xrea.com> Message-ID: ITO san, Thanks! >'adapter' => 'HTTP_Request2_Adapter_Socket', It works well. -- Ivy 2013/11/18 Kenji ITO : > Tom wrote: > >> With Oauth logins Facebook now sends a url to the profile photo that >> actually gets redirected to the actual photo. >> >> To handle this I switched to using the pear library HTTP/Request2.php >> which >> uses CURL to handle any redirections. >> >> This means in the php configuration safemode needs to be off along with >> open_basedir. From my understanding safemode is not used much anymore but >> open_basedir tends to be used in shared hosting environments. If >> open_basedir is set then it looks like our OAuth logins will fail (if a >> profile pic is present). >> >> What is everyone's thoughts on this? >> >> The only way around this would be rewrite the profile picture downloading >> and manually follow the redirections until we get what we want (an image). > > HTTP/Request2 could use socket as its adapter. How about changing line > 404 of "oauthhelper.class.php" from > > 'adapter' => 'HTTP_Request2_Adapter_Curl', > > to > > 'adapter' => 'HTTP_Request2_Adapter_Socket', > > and seeing how it will work out? Or, HTTP/Request2 with socket as its > adapter doesn't support redirects? > -- > mystral-kk (Kenji ITO) From websitemaster at cogeco.net Mon Nov 18 17:54:02 2013 From: websitemaster at cogeco.net (Tom) Date: Mon, 18 Nov 2013 17:54:02 -0500 Subject: [geeklog-devel] Oauth Login and open_basedir In-Reply-To: References: <003301cee456$1e144b90$5a3ce2b0$@cogeco.net> <33369.203.189.105.202.1384778059.squirrel@www.s215.xrea.com> Message-ID: <007101cee4b1$13751e70$3a5f5b50$@cogeco.net> Works for me as well. I am glad the fix is so easy. I will update the repository. Tom -----Original Message----- From: geeklog-devel-bounces at lists.geeklog.net [mailto:geeklog-devel-bounces at lists.geeklog.net] On Behalf Of ???? Sent: November-18-13 9:18 AM To: Geeklog Development Subject: Re: [geeklog-devel] Oauth Login and open_basedir ITO san, Thanks! >'adapter' => 'HTTP_Request2_Adapter_Socket', It works well. -- Ivy 2013/11/18 Kenji ITO : > Tom wrote: > >> With Oauth logins Facebook now sends a url to the profile photo that >> actually gets redirected to the actual photo. >> >> To handle this I switched to using the pear library HTTP/Request2.php >> which uses CURL to handle any redirections. >> >> This means in the php configuration safemode needs to be off along >> with open_basedir. From my understanding safemode is not used much >> anymore but open_basedir tends to be used in shared hosting >> environments. If open_basedir is set then it looks like our OAuth >> logins will fail (if a profile pic is present). >> >> What is everyone's thoughts on this? >> >> The only way around this would be rewrite the profile picture >> downloading and manually follow the redirections until we get what we want (an image). > > HTTP/Request2 could use socket as its adapter. How about changing > line > 404 of "oauthhelper.class.php" from > > 'adapter' => 'HTTP_Request2_Adapter_Curl', > > to > > 'adapter' => 'HTTP_Request2_Adapter_Socket', > > and seeing how it will work out? Or, HTTP/Request2 with socket as its > adapter doesn't support redirects? > -- > mystral-kk (Kenji ITO) _______________________________________________ geeklog-devel mailing list geeklog-devel at lists.geeklog.net http://eight.pairlist.net/mailman/listinfo/geeklog-devel From websitemaster at cogeco.net Mon Nov 18 18:16:30 2013 From: websitemaster at cogeco.net (Tom) Date: Mon, 18 Nov 2013 18:16:30 -0500 Subject: [geeklog-devel] Oauth Login and open_basedir In-Reply-To: <007101cee4b1$13751e70$3a5f5b50$@cogeco.net> References: <003301cee456$1e144b90$5a3ce2b0$@cogeco.net> <33369.203.189.105.202.1384778059.squirrel@www.s215.xrea.com> <007101cee4b1$13751e70$3a5f5b50$@cogeco.net> Message-ID: <007801cee4b4$36d49230$a47db690$@cogeco.net> I may have spoken to soon. Google Oauth login is not working at the moment. HTTP_Request2_Adapter_Socket should be able to handle https requests right? Tom -----Original Message----- From: geeklog-devel-bounces at lists.geeklog.net [mailto:geeklog-devel-bounces at lists.geeklog.net] On Behalf Of Tom Sent: November-18-13 5:54 PM To: 'Geeklog Development' Subject: Re: [geeklog-devel] Oauth Login and open_basedir Works for me as well. I am glad the fix is so easy. I will update the repository. Tom -----Original Message----- From: geeklog-devel-bounces at lists.geeklog.net [mailto:geeklog-devel-bounces at lists.geeklog.net] On Behalf Of ???? Sent: November-18-13 9:18 AM To: Geeklog Development Subject: Re: [geeklog-devel] Oauth Login and open_basedir ITO san, Thanks! >'adapter' => 'HTTP_Request2_Adapter_Socket', It works well. -- Ivy 2013/11/18 Kenji ITO : > Tom wrote: > >> With Oauth logins Facebook now sends a url to the profile photo that >> actually gets redirected to the actual photo. >> >> To handle this I switched to using the pear library HTTP/Request2.php >> which uses CURL to handle any redirections. >> >> This means in the php configuration safemode needs to be off along >> with open_basedir. From my understanding safemode is not used much >> anymore but open_basedir tends to be used in shared hosting >> environments. If open_basedir is set then it looks like our OAuth >> logins will fail (if a profile pic is present). >> >> What is everyone's thoughts on this? >> >> The only way around this would be rewrite the profile picture >> downloading and manually follow the redirections until we get what we want (an image). > > HTTP/Request2 could use socket as its adapter. How about changing > line > 404 of "oauthhelper.class.php" from > > 'adapter' => 'HTTP_Request2_Adapter_Curl', > > to > > 'adapter' => 'HTTP_Request2_Adapter_Socket', > > and seeing how it will work out? Or, HTTP/Request2 with socket as its > adapter doesn't support redirects? > -- > mystral-kk (Kenji ITO) _______________________________________________ geeklog-devel mailing list geeklog-devel at lists.geeklog.net http://eight.pairlist.net/mailman/listinfo/geeklog-devel _______________________________________________ geeklog-devel mailing list geeklog-devel at lists.geeklog.net http://eight.pairlist.net/mailman/listinfo/geeklog-devel From geeklog at mystral-kk.net Tue Nov 19 06:46:19 2013 From: geeklog at mystral-kk.net (Kenji ITO) Date: Tue, 19 Nov 2013 20:46:19 +0900 (JST) Subject: [geeklog-devel] Oauth Login and open_basedir In-Reply-To: <007801cee4b4$36d49230$a47db690$@cogeco.net> References: <003301cee456$1e144b90$5a3ce2b0$@cogeco.net> <33369.203.189.105.202.1384778059.squirrel@www.s215.xrea.com> <007101cee4b1$13751e70$3a5f5b50$@cogeco.net> <007801cee4b4$36d49230$a47db690$@cogeco.net> Message-ID: <58637.203.189.105.202.1384861579.squirrel@www.s215.xrea.com> Tom wrote: > I may have spoken to soon. Google Oauth login is not working at the > moment. > HTTP_Request2_Adapter_Socket should be able to handle https requests > right? It should be, since Facebook Oauth login, which also requires https, works well. Do you happen to use proxies without setting proxy configurations?[1] [1] http://pear.php.net/manual/en/package.http.http-request2.config.php -- mystral-kk (Kenji ITO) From websitemaster at cogeco.net Tue Nov 19 07:01:16 2013 From: websitemaster at cogeco.net (Tom) Date: Tue, 19 Nov 2013 07:01:16 -0500 Subject: [geeklog-devel] Oauth Login and open_basedir In-Reply-To: <58637.203.189.105.202.1384861579.squirrel@www.s215.xrea.com> References: <003301cee456$1e144b90$5a3ce2b0$@cogeco.net> <33369.203.189.105.202.1384778059.squirrel@www.s215.xrea.com> <007101cee4b1$13751e70$3a5f5b50$@cogeco.net> <007801cee4b4$36d49230$a47db690$@cogeco.net> <58637.203.189.105.202.1384861579.squirrel@www.s215.xrea.com> Message-ID: <009e01cee51f$0d4d26f0$27e774d0$@cogeco.net> Yeah as soon as I wrote that I realized my mistake. No I don't use a proxy. I am going to have to step through the code again and figure out the issue. I am not sure what happen as it was working fine a couple of weeks ago. Tom -----Original Message----- From: geeklog-devel-bounces at lists.geeklog.net [mailto:geeklog-devel-bounces at lists.geeklog.net] On Behalf Of Kenji ITO Sent: November-19-13 6:46 AM To: Geeklog Development Subject: Re: [geeklog-devel] Oauth Login and open_basedir Tom wrote: > I may have spoken to soon. Google Oauth login is not working at the > moment. > HTTP_Request2_Adapter_Socket should be able to handle https requests > right? It should be, since Facebook Oauth login, which also requires https, works well. Do you happen to use proxies without setting proxy configurations?[1] [1] http://pear.php.net/manual/en/package.http.http-request2.config.php -- mystral-kk (Kenji ITO) _______________________________________________ geeklog-devel mailing list geeklog-devel at lists.geeklog.net http://eight.pairlist.net/mailman/listinfo/geeklog-devel From tani.os2 at gmail.com Thu Nov 21 07:25:50 2013 From: tani.os2 at gmail.com (Yuji Tsuchida) Date: Thu, 21 Nov 2013 21:25:50 +0900 Subject: [geeklog-devel] Oauth Login and open_basedir In-Reply-To: <009e01cee51f$0d4d26f0$27e774d0$@cogeco.net> References: <003301cee456$1e144b90$5a3ce2b0$@cogeco.net> <33369.203.189.105.202.1384778059.squirrel@www.s215.xrea.com> <007101cee4b1$13751e70$3a5f5b50$@cogeco.net> <007801cee4b4$36d49230$a47db690$@cogeco.net> <58637.203.189.105.202.1384861579.squirrel@www.s215.xrea.com> <009e01cee51f$0d4d26f0$27e774d0$@cogeco.net> Message-ID: I have one question. Why you set 'ssl_verify_peer' => false and 'ssl_verify_host' => false? I think it is not safety(ex. DNS spoofing), and ?ou might want to 'ssl_verify_peer' => true and 'ssl_cafile' => '/somewhere/ca-bundle.crt' (or 'ssl_capath' => '/etc/ssl/certs/') You can get ca-bundle.crt from http://curl.haxx.se/ca/. #wget http://curl.haxx.se/ca/cacert.pem -O ca-bundle.crt And Wordpress(>ver3.7) with ca-bundle.crt in it. Geeklog is secure? 2013/11/19 Tom : > Yeah as soon as I wrote that I realized my mistake. No I don't use a proxy. > I am going to have to step through the code again and figure out the issue. > I am not sure what happen as it was working fine a couple of weeks ago. > > Tom > > -----Original Message----- > From: geeklog-devel-bounces at lists.geeklog.net > [mailto:geeklog-devel-bounces at lists.geeklog.net] On Behalf Of Kenji ITO > Sent: November-19-13 6:46 AM > To: Geeklog Development > Subject: Re: [geeklog-devel] Oauth Login and open_basedir > > Tom wrote: > >> I may have spoken to soon. Google Oauth login is not working at the >> moment. >> HTTP_Request2_Adapter_Socket should be able to handle https requests >> right? > > It should be, since Facebook Oauth login, which also requires https, works > well. > > Do you happen to use proxies without setting proxy configurations?[1] > > [1] http://pear.php.net/manual/en/package.http.http-request2.config.php > -- > mystral-kk (Kenji ITO) > > > _______________________________________________ > geeklog-devel mailing list > geeklog-devel at lists.geeklog.net > http://eight.pairlist.net/mailman/listinfo/geeklog-devel > > _______________________________________________ > geeklog-devel mailing list > geeklog-devel at lists.geeklog.net > http://eight.pairlist.net/mailman/listinfo/geeklog-devel From websitemaster at cogeco.net Thu Nov 21 17:18:06 2013 From: websitemaster at cogeco.net (Tom) Date: Thu, 21 Nov 2013 17:18:06 -0500 Subject: [geeklog-devel] Oauth Login and open_basedir In-Reply-To: References: <003301cee456$1e144b90$5a3ce2b0$@cogeco.net> <33369.203.189.105.202.1384778059.squirrel@www.s215.xrea.com> <007101cee4b1$13751e70$3a5f5b50$@cogeco.net> <007801cee4b4$36d49230$a47db690$@cogeco.net> <58637.203.189.105.202.1384861579.squirrel@www.s215.xrea.com> <009e01cee51f$0d4d26f0$27e774d0$@cogeco.net> Message-ID: <01ea01cee707$8dc68cb0$a953a610$@cogeco.net> Hi Yuji, Thanks for pointing that out and actually that was one of the things on my list to review. I highly doubt it will make it into this version of Geeklog as my time has become pretty limited for the next few months. It sounds like you know a fair bit about it. Can you add in a feature report for it in our Geeklog Bugtracker and if you are willing/able/have the time submit a patch? The other thing that needs fixing with OAuth logins is the profile pictures. They currently do not follow Geeklogs settings in the config (and the Google Plus pictures can get pretting big). Tom -----Original Message----- From: geeklog-devel-bounces at lists.geeklog.net [mailto:geeklog-devel-bounces at lists.geeklog.net] On Behalf Of Yuji Tsuchida Sent: November-21-13 7:26 AM To: Geeklog Development Subject: Re: [geeklog-devel] Oauth Login and open_basedir I have one question. Why you set 'ssl_verify_peer' => false and 'ssl_verify_host' => false? I think it is not safety(ex. DNS spoofing), and ?ou might want to 'ssl_verify_peer' => true and 'ssl_cafile' => '/somewhere/ca-bundle.crt' (or 'ssl_capath' => '/etc/ssl/certs/') You can get ca-bundle.crt from http://curl.haxx.se/ca/. #wget http://curl.haxx.se/ca/cacert.pem -O ca-bundle.crt And Wordpress(>ver3.7) with ca-bundle.crt in it. Geeklog is secure? 2013/11/19 Tom : > Yeah as soon as I wrote that I realized my mistake. No I don't use a proxy. > I am going to have to step through the code again and figure out the issue. > I am not sure what happen as it was working fine a couple of weeks ago. > > Tom > > -----Original Message----- > From: geeklog-devel-bounces at lists.geeklog.net > [mailto:geeklog-devel-bounces at lists.geeklog.net] On Behalf Of Kenji > ITO > Sent: November-19-13 6:46 AM > To: Geeklog Development > Subject: Re: [geeklog-devel] Oauth Login and open_basedir > > Tom wrote: > >> I may have spoken to soon. Google Oauth login is not working at the >> moment. >> HTTP_Request2_Adapter_Socket should be able to handle https requests >> right? > > It should be, since Facebook Oauth login, which also requires https, > works well. > > Do you happen to use proxies without setting proxy configurations?[1] > > [1] > http://pear.php.net/manual/en/package.http.http-request2.config.php > -- > mystral-kk (Kenji ITO) > > > _______________________________________________ > geeklog-devel mailing list > geeklog-devel at lists.geeklog.net > http://eight.pairlist.net/mailman/listinfo/geeklog-devel > > _______________________________________________ > geeklog-devel mailing list > geeklog-devel at lists.geeklog.net > http://eight.pairlist.net/mailman/listinfo/geeklog-devel _______________________________________________ geeklog-devel mailing list geeklog-devel at lists.geeklog.net http://eight.pairlist.net/mailman/listinfo/geeklog-devel From tani.os2 at gmail.com Fri Nov 22 09:22:21 2013 From: tani.os2 at gmail.com (Yuji Tsuchida) Date: Fri, 22 Nov 2013 23:22:21 +0900 Subject: [geeklog-devel] Oauth Login and open_basedir In-Reply-To: <01ea01cee707$8dc68cb0$a953a610$@cogeco.net> References: <003301cee456$1e144b90$5a3ce2b0$@cogeco.net> <33369.203.189.105.202.1384778059.squirrel@www.s215.xrea.com> <007101cee4b1$13751e70$3a5f5b50$@cogeco.net> <007801cee4b4$36d49230$a47db690$@cogeco.net> <58637.203.189.105.202.1384861579.squirrel@www.s215.xrea.com> <009e01cee51f$0d4d26f0$27e774d0$@cogeco.net> <01ea01cee707$8dc68cb0$a953a610$@cogeco.net> Message-ID: 2013/11/22 Tom : > Hi Yuji, > Thanks for pointing that out and actually that was one of the things on my > list to review. I highly doubt it will make it into this version of Geeklog > as my time has become pretty limited for the next few months. It sounds like > you know a fair bit about it. Can you add in a feature report for it in our > Geeklog Bugtracker and if you are willing/able/have the time submit a patch? OK, When I felt like it, I report it. But now, i am not able to write patch. Because its needed, Geeklog will have to decide that method to update "ca-bundle.crt", which include ca.crt(or use mozilla data) and etc.. > The other thing that needs fixing with OAuth logins is the profile pictures. > They currently do not follow Geeklogs settings in the config (and the Google > Plus pictures can get pretting big). > > Tom I attach "NOT TESTED" patch for profile picture resize. -------------- next part -------------- A non-text attachment was scrubbed... Name: user_photo_resize_not_tested.patch Type: application/octet-stream Size: 5124 bytes Desc: not available URL: From websitemaster at cogeco.net Fri Nov 29 06:53:49 2013 From: websitemaster at cogeco.net (Tom) Date: Fri, 29 Nov 2013 06:53:49 -0500 Subject: [geeklog-devel] Geeklog 2.1.0 Release Schedule Message-ID: <00b001ceecf9$aad80a20$00881e60$@cogeco.net> Hi All, I wanted to do a rc release of Geeklog this month but my time has been pretty limited. There are a few more bugs added in the bugtracker that should be squashed. What I hope to do now is get a few of these worked out in December (by myself and others) with the idea of doing a beta release during the Christmas Holidays (when I should have a bit more time). If we get most of the bugs fixed we can do a release candidate but if we don't I would still like to get a beta out there for testing by the general public and to show the community that a release is in the works. Thoughts? Tom