Hardkap

Macpup, Pritlog, Pritdeals discussion forums

1. 

   Prit
   Pritlogger

   After John showed interest to see the preview version, I thought of releasing an Alpha. There maybe bugs. If any of you find time, please do test this out. This includes an update script to upgrade from 0.7 to 0.8 Alpha 1. Even though it is Alpha, please do report any bugs you may find.

   You can visit the below link to download:
   http://hardkap.net/pritlog/pmwiki.php?n=Pritlog.Downloads

   This is for Ken: Sqlite database does not require any userid, password and the other stuff that MySql needs

   Here are some of the changes:

   • Sqlite Database. Pritlog now uses Sqlite database instead of flat files.
   • Login Management. Using sessions, users can login, logout, self register.
   • Sticky Posts. Posts can be made stickies to show up on front page.
   • Commenters name can be a link (optional URL and email fields on add comment form)
   • Users are auto logged out after few minutes of being inactive.

   Posted 3 years ago #
2. 

   john
   Member

   Thanks Prit !

   I uploaded the package as an -empty- blog to http://enbaires.com/blog3/index.php
   But I can't get the login form (I already checked permissions and server address on config_admin.php) Any suggestion ?

   I'm placing all bets to the SQLite version as it will offer better performance, allow to implement everything learned so far, and also learn about SQLite itself.

   Posted 3 years ago #
3. 

   john
   Member

   I used the update script to load SQLite with the posts of my original test blog (v0.41)
   Posts were loaded, but all links I clicked (including login, paging, view by category, etc) always return the main page.

   Posted 3 years ago #
4. 

   john
   Member

   Prit, I think I found what my problem is: the new test blog isn't using any .htaccess
   Could you please post the code of the .htaccess you currently use in Alpha1. Thanks

   Posted 3 years ago #
5. 

   Prit
   Pritlogger

   Hi John .. Can you edit the index.php and locate the following lines of code?
   $option = isset($data[$optionIndex])?$data[$optionIndex]:"mainPage";

   Now try adding the below code right after the above line:
   

   echo 'Option = '.$option.'<br />';
   var_dump($data);

   Lets see what shows up for these fields.

   Posted 3 years ago #
6. 

   john
   Member

   it displays >

   Option = mainPage
   string(0) ""

   Option is always = mainPage no matter what link I click
   Please see my previous post (I just edited it) i think its all .htaccess related
   (if that's the case, I suggest to add the file to the release)

   Posted 3 years ago #
7. 

   Prit
   Pritlogger

   Hi John .. did you change anything at all on your server setup between 0.7 and 0.8A1? If it detects the Option correctly in 0.7, I wonder why it would behave differently now.

   I will give it some more thought and post back.

   Posted 3 years ago #
8. 

   Prit
   Pritlogger

   Hi John .. Can you add the below display statements also and let me know the output?
   

   echo 'PATH_INFO: '.$_SERVER['PATH_INFO'].'<br />';
     echo 'SCRIPT_NAME: '.$_SERVER["SCRIPT_NAME"].'<br />';
     echo 'ORIG_PATH_INFO: '.$_SERVER["ORIG_PATH_INFO"].'<br />';

   I think PHP server variables don't act same when PHP is running as CGI on the server.

   Posted 3 years ago #
9. 

   john
   Member

   Again Prit, I might be wrong but it seems to me that mosst links in index.php require .htaccess redirect to work properly, otherwise no "option" parameter is passed.

   No I didn't change anything on my server, but since my test blogs are in different subdirectories, the .htaccess I developed for my own 0.41 versión included the subdir name as part of the rules -on purpose- to only affect the folder were my test blog was located.

   Please let me know the .htaccess you currently use as I think it will solve my problem.

   Posted 3 years ago #
10. 

    Prit
    Pritlogger

    Hi John ..

    I think PHP server variables don't act same when PHP is running as CGI on the server. It is not related to htaccess because I don't use htaccess for my test blogs except to deny access to the new data directories. No redirects are done in my htaccess.

    Can you add the below display statements also and let me know the output?
    

    echo 'PATH_INFO: '.$_SERVER['PATH_INFO'].'';
    echo 'SCRIPT_NAME: '.$_SERVER["SCRIPT_NAME"].'';
    echo 'ORIG_PATH_INFO: '.$_SERVER["ORIG_PATH_INFO"].'';
    echo 'PHP_SELF: '.$_SERVER["PHP_SELF"].'<br />';

    Posted 3 years ago #
11. 

    john
    Member

    Prit, below are the results when adding your code:

    MAIN PAGE
    Option = mainPage
    string(0) ""
    PATH_INFO:
    SCRIPT_NAME: /blog3/index.php
    ORIG_PATH_INFO:
    PHP_SELF: /blog3/index.php

    WHEN CLICKING THE LOGIN LINK
    Option = mainPage
    string(0) ""
    PATH_INFO:
    SCRIPT_NAME: /blog3/index.php
    ORIG_PATH_INFO: /loginPage
    PHP_SELF: /blog3/index.php

    PD: please post your .htaccess here, as I still want to do my test (if .htaccess has nothing to do with my problem then I'm missing a very basic understanding on how url parameters are passed to the script :)

    Posted 3 years ago #
12. 

    Prit
    Pritlogger

    John ..

    Can you try this?
    remove the displays you added and now change the below line:
    $data = explode("/",$_SERVER['PATH_INFO']);
    to this:
    $data = isset($_SERVER['PATH_INFO'])?(trim($_SERVER['PATH_INFO']) == ""?explode("/",$_SERVER['ORIG_PATH_INFO']):explode("/",$_SERVER['PATH_INFO'])):"";

    Please post back what happens.

    Instead of going back and forth this way, it would be awesome if I can replicate this problem. But with my server setups (test and production), it does not happen.

    The only htaccess I have is in the data folder and it is:
    deny from all

    Posted 3 years ago #
13. 

    john
    Member

    AA)
    - Statement (1) doesn't exist in index.php. Instead I found (2)
    - I replaced (2) with (3) and also (2) with (1) but no change

    (1) $data = explode("/",$_SERVER['PATH_INFO']); statement in index.php

    (2) $data = isset($_SERVER['PATH_INFO'])?explode("/",$_SERVER['PATH_INFO']):"";

    (3) $data = isset($_SERVER['PATH_INFO'])?(trim($_SERVER['PATH_INFO']) == ""?explode("/",$_SERVER['ORIG_PATH_INFO']):explode("/",$_SERVER['PATH_INFO'])):"";

    BB)
    I also learned something new today about forced query strings in urls.
    This explains my misunderstanding as I thought .htaccess was responsible for the problem. It also seems that hostings can turn off this feature. In that case only urls with parameters would be accepted.

    CC)
    As you know, I stayed with my customized 0.41 version (my test blog1) which uses my own approach to clean urls. My clean links look as "mainPage.html" which gets converted into "index.php?option=mainPage" through .htaccess

    I JUST MADE SOME MORE TESTS WITH 0.412 AND DISCOVERED THAT UNDER PHP5 LINKS DONT WORK EITHER BUT THEY WORK WHEN I SWITCH BACK TO PHP4 (remember that I switched php versions to get SQLite)

    My approach to clean urls seems to work both under PHP4 and 5

    Posted 3 years ago #
14. 

    Prit
    Pritlogger

    Hi John ..

    The problem you are having with PHP5 maybe because it is running as CGI on your server and the server has chosen not to give values to certain SERVER variables. PHP4 on your server seems to be working with these variables.

    I decided to go with this approach rather than .htaccess because some hosting companies do not let individual users have .htaccess.

    If I find out a solution to your problem, I will post it here.

    Posted 3 years ago #
15. 

    john
    Member

    Prit, after checking mi php info I used
    $data = explode("/",$_SERVER['REQUEST_URI']);
    instead of
    $data = explode("/",$_SERVER['PATH_INFO']);

    And everything works again !! (under PHP5)
    Test blog at: http://enbaires.com/blog3/

    Posted 3 years ago #
16. 

    Prit
    Pritlogger

    John ... Thanks for not giving up. I guess, now I need to modify Pritlog to figure out which $_SERVER variable to choose depending on what is available.

    Can you add the below lines of code in your index.php and remove that $data = explode line?

    $op = 0;
      $path = (isset($_SERVER['PATH_INFO'])) ? $_SERVER['PATH_INFO'] : @getenv('PATH_INFO');
      if (trim($path, '/') != '' && $path != "/".$_SERVER['PHP_SELF']) { $op = 1; $path1 = $path; }
      $path =  (isset($_SERVER['QUERY_STRING'])) ? $_SERVER['QUERY_STRING'] : @getenv('QUERY_STRING');
      if (trim($path, '/') != '') { $op = 2;	$path1 = $path; }
      $path = (isset($_SERVER['ORIG_PATH_INFO'])) ? $_SERVER['ORIG_PATH_INFO'] : @getenv('ORIG_PATH_INFO');
      if (trim($path, '/') != '' && $path != "/".SELF) { $op = 3; $path1 = str_replace($_SERVER['SCRIPT_NAME'], '', $path); }
      if ($op == 0) { $op = 4; $path1 = (isset($_SERVER['REQUEST_URI'])) ? $_SERVER['REQUEST_URI'] : @getenv('REQUEST_URI'); }
      echo 'Option selected = '.$op.' Path = '.$path1.'<br />';
    
      $data = explode("/",$path1);

    Please report back what you find. Thanks for your patience.

    Posted 3 years ago #
17. 

    john
    Member

    Prit, some results as follows:

    1. loading site... Option selected = 4 Path = /blog3/
    2. archive link... Option selected = 3 Path = /viewArchive
    3. login link... Option selected = 3 Path = /loginPage

    4. failure when trying to submit login...
    Option selected = 3 Path = /loginPageSubmit

    Warning: session_regenerate_id() [function.session-regenerate-id]: Cannot regenerate session id - headers already sent in /.../enbaires.com/blog3/index.php on line 2967

    Warning: Cannot modify header information - headers already sent by (output started at /.../www/enbaires.com/blog3/index.php:105) in /.../www/enbaires.com/blog3/index.php on line 618

    Posted 3 years ago #
18. 

    Prit
    Pritlogger

    Thanks John. I think the fix works on your server.

    The warning message will go away if you remove the display statement (echo). I have added this fix (slightly modified) and uploaded the Alpha again. If you just replace the index.php, it should work. This will have the about page nicEdit fix also.

    Posted 3 years ago #
19. 

    klhrevolution
    Member

    Okay, I downloaded one of the .8 releases uploaded it to /blog ran the update script.. Do I need to move my old posts, comments to this new directory ?? I'm willing to at least test this sqlite, though I'm probably gonna stick with the version I got.

    Posted 3 years ago #
20. 

    Prit
    Pritlogger

    Hi Ken .. the update script loads the posts and comments in the text format to the Sqlite database to be used in 0.8 A1. You need to have your existing posts and comments directories in order to update. Let me know how it goes.

    Since your blog is the most active Pritlog I have seen, if Sqlite works well for you, it would be better to move to Sqlite for better performance.

    Posted 3 years ago #
21. 

    klhrevolution
    Member

    I don't think my hosts has sqlite enabled. The update.php script does not seem to be working: http://www.greenvilleroad.info/prit/

    Posted 3 years ago #
22. 

    Prit
    Pritlogger

    Hi Ken .. this must have been permission related. Changing the permission to the data folder to writable must fix this. Let me know if this is fixed.

    Posted 3 years ago #
23. 

    klhrevolution
    Member

    Well, this is most interesting. But, I wonder how secure this single file sqlite is? And do the comments get their own sqlite file ? And what about upgrade issues that may arise both ends (pritlog & people's server) ? And I'm also interested in where the direction in themes is going. Sparked my interest for sure. Sqlite manager firefox add-on https://addons.mozilla.org/en-US/firefox/addon/5817 , http://sqliteman.com/

    Posted 3 years ago #
24. 

    Prit
    Pritlogger

    Hey Ken .. for my server, the Sqlite database worked with 755 permissions which is ofcourse better than 777. I also added the "deny all" in the data folder .htaccess to prevent direct access to this file. This should prevent anyone from accessing this file directly.

    All the tables - posts, comments, stats etc will go to this single database called postdb.sqlite.

    This is a good point though. I will add it to my reading list and if I find anything to improve here, I will make sure to post it.

    By upgrades, I think you mean the Sqlite versions - correct? If the servers start using the latest Sqlite versions, then we would supply an upgrade script to take care of the upgrade process. Most of the PHP installations are using Sqlite 2 even though Sqlite 3 is out. I think the firefox addon works only with Sqlite3 databases. Anyway, there are other tools available to read/update the Sqlite database.

    For the themes, I want to separate the business logic and presentation in a better way so that multiple themes can be easily developed and selected at any time. Something like all the popular blog apps already do. But, I am searching for the solution that will not add any bloat to Pritlog.

    Edit:
    After reading some good php sites regarding Sqlite security, the impression I get is that the best way would be to treat it like a simple file and secure it by using access restrictions through .htaccess or appropriate permissions. If we use this in IIS, then .htaccess is not going to work. So the user should look at the permission or other means of securing that IIS will use. I don't have experience working on IIS. But with apache and htaccess, the database should be secure. Also, Pritlog does not store the userids/passwords in Sqlite. They are stored separately in files.

    Posted 3 years ago #

RSS feed for this topic

Reply

You must log in to post.