| ID |
Date |
Icon |
Author |
Author Email |
Category |
OS |
ELOG Version |
Subject |
|
1615
|
Fri Jan 20 02:53:40 2006 |
 | Chris Warner | christopher_warner@dcd.uscourts.gov | Comment | Linux | 2.6 | Re: Buffer Overflow? |
| Stefan Ritt wrote: |
| Chris Warner wrote: | Users can access root level directories by using a modified URL. I saw on some security web sites that this was a problem in previous versions. Was it not fixed in 2.6?
To recreate enter http://yourhost.yourdomain.com/../../../../etc/passwd
view your password file in the browser.
If this was previously reported, is there a fix?
Chris Warner |
Thanks for telling me, I didn't know. I was able to reproduce your problem under certain conditions, and I just released version 2.6.1 to fix it. However it has nothing to do with an old buffer overflow (see elog:941).
I would strongly advise everybody to upgrade as soon as possible. |
Thanks for the quick response! |
|
1660
|
Tue Feb 7 21:02:22 2006 |
 | Chris Warner | christopher_warner@dcd.uscourts.gov | Question | Linux | | email problems | When I select to get email notification on new logbook entries I receive this error when entering a new record.
Error sending Email via "xxx.xxx.xxx.xx": Syntax error, parameters in command "MAIL FROM: christopher_warner@xxx.gov SIZE=1985" unrecognized or missing
The user that sent the message was a test account that I set up. I entered the email address in the box provided and I am not sure what may be causing the difficulty.
Any thoughts as to what may be causing this? |
|
1667
|
Wed Feb 8 18:38:30 2006 |
 | Chris Warner | christopher_warner@dcd.uscourts.gov | Question | Linux | | Re: email problems | The email address id correct. I am using an Elog Binary. I don't have the source code .
Chris Warner
| Stefan Ritt wrote: |
| Chris Warner wrote: | Error sending Email via "xxx.xxx.xxx.xx": Syntax error, parameters in command "MAIL FROM: christopher_warner@xxx.gov SIZE=1985" unrecognized or missing
|
There are two possible reasons:
1) The email address "christopher_warner@xxx.gov" is invalid. Some SMTP server immediately complain about invalid email addresses and refuse to send any mail then. In that case just supply an existing email address or remove that test account.
2) The SMTP server does not like the "SIZE=xxx" option. This comes from a single line in elogd.c:
snprintf(str, strsize - 1, "MAIL FROM: %s SIZE=%d\r\n", from, strlen(text));
you could just go there and remove the " SIZE=%d", so that the line looks like:
snprintf(str, strsize - 1, "MAIL FROM: %s\r\n", from);
to see if that makes any difference. |
|
|
1682
|
Fri Feb 10 21:26:33 2006 |
| Chris Warner | christopher_warner@dcd.uscourts.gov | Question | Linux | | Re: email problems | Do you have an ise when that will be?
| Stefan Ritt wrote: |
| Chris Warner wrote: | | The email address id correct. I am using an Elog Binary. I don't have the source code. |
Ok, so I removed the SIZE=xxx parameter, which is not strictly necessary anyhow I believe. So wait for the next release, and you can try. |
|
|
1780
|
Fri Mar 31 22:14:38 2006 |
| Chris Warner | christopher_warner@dcd.uscourts.gov | Question | Linux | 2.61 | Anonymous vs user posts | | If I have a logbook that will let both registered users Anonymous users post. I would like the author attribute to default to the value in $long_name but if the post is Anonymous display a default text string "Anonymous". Is it possible to do this? |
|
1930
|
Fri Sep 8 18:42:05 2006 |
 | Chris Warner | christopher_warner@dcd.uscourts.gov | Question | Linux | 2.6 | Unsubscribe from logbooks | | Is there a way for user to unsubscribe from a logbook? Can a user delete their own account? |
|
67306
|
Wed Aug 8 21:23:59 2012 |
| cowden | christopher.cowden@ttu.edu | Question | Linux | 2.9.0-2411 | Authentication problem with wget and links (text browser) | Hello,
I'm not able to authenticate to a logbook using my text based browser links, so I've started investigating with wget hoping solving the problem one will lead to a solution for the other. I've seen some examples on how to use wget to parse logbook entries in this forum, but my attempts keep returning the login page. Any advice would be helpful and appreciated. Here are a couple of the command line arguments I've tried:
wget --save-cookies cookie.txt --keep-session-cookies -d "http://hostname/LOGBOOK?unamee=YYY&upassword=XXX" -O elog.txt
wget --save-cookies cookie.txt --keep-session-cookies -d --post-data="redit=&uname=YYY&upassword=XXX&remember=1" -e robots=off "http://hostname/LOGBOOK" -O elog.txt
After these executions, my cookies.txt file remains empty. Running subsequent command with "--load-cookies=cookies.txt" still points me to the login page.
Many Thanks,
Chris
|
|
68465
|
Wed Nov 23 09:25:15 2016 |
| Christine Quicot | christine.quicot@meteo.fr | Request | All | 3.1.2 | Re: Cancel button missing when editing an entry | Hello,
In my opinion, there should be a "close/return" button (discard changes), even with the drafts enabled, but effectively there will have to be several saves made (at least before/after).
I chose to unable the drafts because of this unwanted behaviour: when I modify an entry without any change and click on another tab/logbook without saving, then choose to close the window, the entry is deleted.
Chris
| Stefan Ritt wrote: |
|
Well, the "undesired effect" you describe is exactly the reason for having drafts. Somebody works on a lengthy message, then the browser dies, or the user by accident hits the "back" button and (by accidnt, ehem...) confirms the dialog popping up which says "changes will be lost". In that case the draft mechanism should take care of that the lengthy message is not lost. That's where it is for. If one does not like it, one can always turn it off. If one now hits "New", there is the option to continue the previous draft message rather than creating a blank message. Originally, draft messages were shown on the list of entries in a different colors, but people got confused by that, since the draft message appears already during the editing of the message by the user writing it. So upon request I removed it from the listing. Actually the system cannot differentiate between "user still has the message open and works on it" and "browser has crashed". So there is no elegant way to make everybody happy. The only option I can think of is to make the listing of draft messages optioinal (with a new flag in the config file). Would that make sense? Or does anybody see another conecpt?
Stefan
| Grant Jeffcote wrote: |
|
Andreas,
Doesn't using the Save Drafts = 0 option result in the old 'Back' button returning (replacing the Delete option) meaning you can revert back to your old (unmodified) version without saving, sure it doesn't save a draft but I'd rather be able to return back and lose the changes I didn't want then mess up an old entry, I guess the back button on the browser could also do what you want?
The issue I had was that entries were being deleted accidently by persons other than those that created them, I reduced the edit time to try and mitigate it but ended up going back to what we had in Ver 2.9.2, a 'Back' button.
Grant
| Stefan Ritt wrote: |
|
The problem is that the elog database does not allow for a copy of an entry before you make modifications (and therefore get a "draft"). This is actually very simila to other note taking programs. I use Evernote, which constantly synchronizes between devices, and there I also cannot go back to the version before I started making modification. What one would need is a version system (and Evernote has one), so you can go back to the previous verison, the pre-previous version and so on. But this requires a complete redesign of the elog database.
A quick and dirty solution would be to store the origianal entry inside the browser (using JavaScript). You could then restore the initial version with a "cancel" button. But this mechanism relies then on the browser. If you just leave the page, there is no way the browser can put back the old version.
Stefan
| Andreas Luedeke wrote: |
|
If I edit an old entry, and do some mistake while editing, then there is currently no way to savely discard the changes.
The problem is that the entry will become a draft: if I close the window without saving, then the whole entry is gone: it will be converted into a draft entry. But the draft does contain my changes, it is not the originally saved entry!
The draft mechanism should keep a copy of the entry before I opened it in edit mode, and allow to go back to that copy. The edit form has currently the buttons "Submit", "Save", "Preview" and "Delete"; it should have in addition the button "Cancel", that just closes the edit window without saving the entry and even deleting the draft that was saved while the entry was modified. This should bring you back to the previous list view.
Is anyone out there in favour of this change?
|
|
|
|
|
|