Beginning to move over to using CGI.pm, and it has broken quite a bit already. This will be quite an involved and trying process.

-- AaronGraves Wed Mar 5 21:50:11 UTC 2014 (69.4.28.21)


Actually it turns out it didn't break quite a bit, only one thing was broken. That one thing was the ReDirect() sub. It's been fixed, and things seem to be working well now. I may move the prototype 0.40 into active state for the main site.

-- AaronGraves Thu Mar 6 16:16:31 UTC 2014 (69.4.28.21)


DoSearch() is going to be re-written to be faster (it's fast if you only have a few pages, but as you get up around 100 or more, it slows down noticeably).

Also, file uploads should be implemented soon and tested.

-- AaronGraves Mon Mar 10 16:24:56 UTC 2014 (69.4.28.21)


New search is in place and seems to work fairly well. Unsure at this time if there is a "noticeable" speed difference.

-- AaronGraves Mon Mar 10 17:15:48 UTC 2014 (69.4.28.21)


File uploads are implemented, and working. This will introduce two new variables to the config file. They are:

  • $UploadsAllowed - Set to 1 for allowed, 0 for not allowed. Default will be 0.
  • @UploadTypes - Array that holds the MIME types of allowed file uploads. The default is set to include 'image/jpeg', 'image/gif', and 'image/png'.

-- AaronGraves Tue Mar 11 16:11:44 UTC 2014 (69.4.28.21)


Moved File Uploads to Implemented, and CGI.pm to Partially Implemented

-- AaronGraves Tue Mar 11 16:36:57 UTC 2014 (69.4.28.21)


Here's a list of mime types (for reference): http://webdesign.about.com/od/multimedia/a/mime-types-by-file-extension.htm

-- AaronGraves Tue Mar 11 18:06:18 UTC 2014 (69.4.28.21)


Shortcodes were implemented on the 20th of March.

-- AaronGraves Mon Mar 24 16:26:41 UTC 2014 (69.4.28.21)


Debating on renaming Shortcodes to Macros.

Also, I changed shortcodes from using single brackets to single percent signs.

-- AaronGraves Wed Apr 2 14:48:45 UTC 2014 (69.4.28.21)


Today I changed the way DoVisit and DoAdminListVisitors work. Basically, the visitor log file will be much easier to get information from.

-- AaronGraves Wed May 7 19:57:58 UTC 2014 (69.4.28.21)


The code for reading/writing cookies needs to be changed (convert to using CGI.pm)

-- AaronGraves Thu May 8 19:33:38 UTC 2014 (69.4.28.21)


Reading and writing cookies has been converted to CGI.pm methods.

-- AaronGraves Wed May 21 18:37:25 UTC 2014 (69.4.28.21)


I have fixed a bug in the URI handling for Aneuch whereby the semicolon was being sent at %3B by some requesters (ahem, Google), and was causing some rather unexpected results.

-- AaronGraves Thu May 22 18:06:49 UTC 2014 (69.4.28.21)


Thinking of a new short code, called discusspage which provides a link to the discussion page (if enabled) of an article. If you're on the discussion page, it'll provide a link back to the article page. Further, it can take arguments for link text, and possibly even page (for example, if you want to point to the discussion page for article XYZ)

-- AaronGraves Thu May 22 19:44:27 UTC 2014 (69.4.28.21)


Yesterday I implemented robots.txt handling. Now, I want to implement page description and keyword fields, for SEO purposes. I also want to develop an algorithm that will auto-populate the description and keyword fields if they have not been manually set.

-- AaronGraves Tue Jun 3 13:34:03 UTC 2014 (69.4.28.21)


Version 0.40 should be pushed to ship. It's stalled for too long. The things holding it back will likely get scrubbed in favor of Version 0.50.

-- AaronGraves Thu Sep 4 20:25:37 UTC 2014 (69.4.28.21)


A bot has again triggered the reversion of some pages on the main Aneuch site. So for the next release, page reversion needs to be rethought so that it cannot be triggered by a bot in any way. A couple of ideas:

  • Make page reversion only possible if the user is logged in (IsAdmin)
  • Make page reversion require a unique identifier in the confirm= field. So instead of 'yes' maybe it could be something like the date, time, and IP address

-- AaronGraves Mon Sep 8 16:01:03 UTC 2014 (69.4.28.21)


There's actually even a third option:

  • Allow the editing of page versions besides the current version. When revert is triggered, call edit on the version that was triggered by the revert.

-- AaronGraves Mon Sep 8 16:08:15 UTC 2014 (69.4.28.21)


As a temporary stop-gap measure, in the development version of Aneuch running this website, I have set the DoRevert action to pass the IsAdmin() check. It will fail if it does not.

-- AaronGraves Mon Sep 8 21:01:00 UTC 2014 (69.4.28.21)


Before I push out 0.40, I want to add in the basic elements for notifications/subscriptions. The goal is to make subscribing to the RecentChanges possible at minimum.

-- AaronGraves Fri Oct 3 14:43:54 UTC 2014 (69.4.28.21)


Ok, gotta get my butt in gear on this. I need to take stock and figure out what's waiting to go into 0.40, and what can be pushed. This has gone on long enough, and it needs to get out the door.

-- AaronGraves Tue Oct 14 03:33:11 UTC 2014 (68.106.213.102)


For the problem of bots triggering a revert of a page, I'm thinking this solution will work... allow Aneuch to edit previous versions of a page. When the revert button is clicked, an edit is triggered of the particular version of the page. This would require the edit to be submitted, which would require it to pass all the other sanity checks. This would (effectively) eliminate bots from triggering a page reversion.

-- AaronGraves Tue Oct 14 19:41:03 UTC 2014 (69.4.28.21)


A couple of things for the 0.40 release...

For nowiki switches, I need to code to the creole standard and use triple-braces ({ and }). However, the creole standard does not allow for HTML code embedded in the nowiki switches. This is particularly problematic, as anywhere I use nowiki switches, it's to embed HTML (another user has expressed similar concerns).

However, from a security standpoint, allowing an "anybody can edit" wiki to have embedded HTML code is a recipe for disaster. So a couple of things need to be done. I'm thinking that I will make HTML embedded code non-allowable inside the nowiki switches by default. Then I'll add a toggle option to the config file to switch that on if desired by the site administrator. Finally, I'm thinking of making it so that even if HTML embeds are allowed, you will have to have the administrator password. This, however, could cause some site admins to balk a bit, because they might want to allow certain users to embed HTML, however not give them the site password.

This will require the introduction of another password possibility, something like "editor password" or similar. Or, I could simply code the wiki to allow individual accounts with ACLs. This will be a HUGE undertaking, however, and 0.40 has already languished in development stage for quite some time. So maybe as a stop-gap measure, introduce the editor password to 0.40, and work on user accounts for 0.50.

-- AaronGraves Thu Oct 16 15:50:21 UTC 2014 (69.4.28.21)


Several changes were made today:

  • The framework for editing pages was updated to allow editing previous versions of the page
  • The "DoRevert" action was removed. Instead, clicking on the revert button takes you the edit screen where you are editing that revision of the page
  • DoEdit now uses ReadDB and WriteDB to store temp files (rather than the hokey way it was doing it before)

The second change mentioned above should all but eliminate bots "accidentally" reverting pages to previous revisions.

-- AaronGraves Thu Oct 23 19:57:56 UTC 2014 (69.4.28.21)


I wrote the snippets plugin, however I'm debating on adding it in to the base code of Aneuch. There are obvious benefits, but also obvious drawbacks.

Firstly, I'd like to attempt to keep Aneuch fairly light-weight. To avoid feature creep. Yet, this might be a handy feature.

On the other hand, snippets open a channel for abuse. Given the way they work, a malicious user could fairly easily use them for nefarious purposes. Which is why it's important that only authenticated administrators can edit/create snippet code.

-- AaronGraves Tue Nov 11 15:53:34 UTC 2014 (69.4.28.21)


The sub DoRevision() has been removed. DoRequest() now can handle revision= parameters of the URL. So beginning with this version of Aneuch, to see a past revision of a page, one simply need append ?revision=NUMBER to their request.

-- AaronGraves Wed Nov 12 16:51:52 UTC 2014 (69.4.28.21)


Name:
Message:

Show markup help