| ID |
Date |
Icon |
Author |
Author Email |
Category |
OS |
ELOG Version |
Subject |
|
1327
|
Tue Jul 26 10:59:45 2005 |
 | Stefan Ritt | stefan.ritt@psi.ch | Question | Linux | 2.6.0b | Re: Can't set Author attribute properly in reply? |
| Emiliano Gabrielli wrote: | | The following code will assure that, if the HTML generated by elog would be modified by hand by a malicious user the server can still preset the author field with the right $long_name? |
Ok, you're right. But that requires quite some knowledge to change the generated HTML by hand. So for paranoiac people the "Subst" might be better. Actually you could have both the "Preset on Reply" and the "Subst on Reply", so on the reply entry form one sees already the correct author. |
|
1326
|
Tue Jul 26 10:55:03 2005 |
| Emiliano Gabrielli | AlberT@SuperAlberT.it | Question | Linux | 2.6.0b | Re: Can't set Author attribute properly in reply? |
| Stefan Ritt wrote: |
| Emiliano Gabrielli wrote: | | Substitute is the only way I have to be assure it is as I want ... |
No, that's not true. A
Locked attributes = Author
will do the job as well. |
I can't argue how it works ...
The following code will assure that, if the HTML generated by elog would be modified by hand by a malicious user the server can still preset the author field with the right $long_name?
Locked attributes = Author
Preset on Reply Author = $long_name
how works in details the "Locked Attribute" parameter then ?? ... |
|
1325
|
Tue Jul 26 10:51:12 2005 |
| Stefan Ritt | stefan.ritt@psi.ch | Question | Linux | 2.6.0b | Re: Can't set Author attribute properly in reply? |
| Emiliano Gabrielli wrote: | | Substitute is the only way I have to be assure it is as I want ... |
No, that's not true. A
Locked attributes = Author
will do the job as well. |
|
1324
|
Tue Jul 26 10:49:12 2005 |
 | Emiliano Gabrielli | AlberT@SuperAlberT.it | Question | Linux | 2.6.0b | Re: Can't set Author attribute properly in reply? |
| Stefan Ritt wrote: |
| Chris Green wrote: | | 1) With the configuration below, I can't set the Author attribute to be the author of the reply. As written, it gives the Author field as blank. If the Remove on Reply line is removed, it is set to the parent's author. What am I doing wrong? |
Hey, elog made it to MiniBooNE! I'm working on MEG...
What you need is the following:Preset on reply subject = Re: $subject
Preset Author = $long_name
Preset on Reply Author = $long_name
Locked Attributes = Author
The Subst statements work after the entry gets submitted, while the preset statements work before. So Preset on Reply <attribute> is what you need.
|
Depending of what your paranoia level is 
Substitute is the only way I have to be assure it is as I want ... yes, in real life nobody of my users will never try to change the generated HTML ad replace by hand the Author, but ...  |
|
1323
|
Tue Jul 26 10:45:14 2005 |
| Emiliano Gabrielli | AlberT@SuperAlberT.it | Request | All | | Re: <img> in Display Attribute |
| Stefan Ritt wrote: |
| Emiliano Gabrielli wrote: | | donno if a "List Display <Attribute>" could be *the* solution ... |
That's a good idea. Unfortunately, "List Display" is already used to specify which attributes to display in list mode. So I changed "Display <attibute>" to "Change <attribute>" and added "List change <attribute>", just to be different from "List display". In principle "List display =" and "List display <attibute> =" can be distinguished by elog, but it could be confusing to have the same option for two different things. The downside is that everybody using "Display <attribute>=" has to change this to "Change <attribute>=". |
It works perfectly now thank you Stefan |
|
1322
|
Tue Jul 26 10:02:58 2005 |
| Stefan Ritt | stefan.ritt@psi.ch | Question | Linux | 2.6.0b | Re: Can't set Author attribute properly in reply? |
| Chris Green wrote: | | 1) With the configuration below, I can't set the Author attribute to be the author of the reply. As written, it gives the Author field as blank. If the Remove on Reply line is removed, it is set to the parent's author. What am I doing wrong? |
Hey, elog made it to MiniBooNE! I'm working on MEG...
What you need is the following:Preset on reply subject = Re: $subject
Preset Author = $long_name
Preset on Reply Author = $long_name
Locked Attributes = Author
The Subst statements work after the entry gets submitted, while the preset statements work before. So Preset on Reply <attribute> is what you need.
| Chris Green wrote: | | 2) With the Page Title line set as shown, $logbook gets expanded as "Charged+Current+Pi+Plus". If the line is left blank, the correct "Charged Current Pi Plus" gets put in the title line. |
The substitution $logbook originally produces a valid URL to the logbook, and thus replaces blanks by "+". I changed that so that $logbook produces the original name containing blanks, and $elogbook is the encoded one with the "+"'s. The change is in revision 1.723 |
|
1321
|
Tue Jul 26 10:00:34 2005 |
| Emiliano Gabrielli | AlberT@SuperAlberT.it | Question | Linux | 2.6.0b | Re: Can't set Author attribute properly in reply? |
| Chris Green wrote: | Hi,
I have two problems:
1) With the configuration below, I can't set the Author attribute to be the author of the reply. As written, it gives the Author field as blank. If the Remove on Reply line is removed, it is set to the parent's author. What am I doing wrong?
|
Subst on reply Author = $long_name |
|
1320
|
Tue Jul 26 09:38:07 2005 |
| Stefan Ritt | stefan.ritt@psi.ch | Request | Linux | V2.6.0 | Re: hide attributes when view the logbook |
| Juliana Peng wrote: | I downloaded Revision 1.717, replaced the source code with the new elogd.c, then run " dpkg-buildpackage -uc -b"
(debian linux) to build the package. Now after i add a new entry, once I select it I got
"Attachment #1 of entry #0 not found" error |
I fixed that bug in Revision 1.722 |