Denial of Service Vulnerability of elog 2.6.2-6, posted by Stefan Ritt on Wed Nov 8 13:59:52 2006
|
Dear ELOG users,
a denial of service vulnerability has been reported which affects all elog versions prior to 2.6.2-7. With a special request one can crash the elogd server, given that one has access either through a public read access or through an account. This vulnerability has been fixed in version 2.6.2-7. It is advised that all sensitive installations of ELOG are being updated.
Stefan Ritt |
|
Version 2.6.3 released today, posted by Stefan Ritt on Tue Nov 28 12:48:47 2006
|
Dear ELOG users,
ELOG version 2.6.3 has been released today. It contains all the bug fixes, security fixes and a few new features collected since the last release which was actually almost half a year ago. The changelog contains all the details.
Due to the security fixes it is recommended to upgrade from any version prior to 2.6.3. Please note that the location of all password and log files has been moved from the main elog directory to the logbook directory. This means that after upgrading you have to move your password file manually, otherwise you cannot log in any more. This modification was requested because some ELOG installations (especially ones with top groups) can now have a read-only main directory.
Stefan Ritt |
|
Simple table implemented in ELCode, posted by Stefan Ritt on Wed Feb 28 21:04:59 2007
|
Starting from SVN revision 1801, simple tables are supported in ELCode tags. One can now embed tables in elog entries like this:
[table border=3 cellpadding=10]
One | Two
|-
Three | Four
[/table]
which produces following table:
The syntax is explained in the ELCode help page. |
|
Finding conditions in Search page., posted by Robert-Jan Schrijvers on Thu Mar 1 15:46:59 2007
|
Hi all,
My config file (a part of it) looks like this:
Options Locatie = Intern{a}, Extern{b}, Demo/Ontwikkel{c}, Hardware{d}, ---------------------, Anders
{a}Options Sessies = p-zis-pr1{1}, p-szh-pro{2}, p-dia-pro{3}, a-zis-ac1{1}, a-zis-ac2{2}, a-dia-acc{3}, ---------------------, Anders
{b} Options Sessies = FSC Pro{4}, FSC Acc{4}, Risc/Bus/Sms Pro{5}, Risc/Bus/Sms Acc{5}, ---------------------, Anders
{c} Options Sessies = BAO, BEH, BAOMPSO, BEHMPSO, Demonstrator, AFS, PTG, BSN, ---------------------, Anders
{d} Options Sessies = Wijziging, Storing
{1} Options Orgus = AZS, IZR, HPZ, iSOFT
{2} Options Orgus = VZL, Trombo, iSOFT
{3} Options Orgus = Diac, iSOFT
{4} Options Orgus = AMG, ZHH/Tergooi, ZNB
{5} Options Orgus = GOZL, MCA, MZG, SEH, SJD, ZGN
This is my question: when i use the "search/find" page and select the first drop down menu "Locatie", the next field "Sessies" will not be displayed (and all following fields either). On the other hand, when i create a new entry, it works perfect, select "Locatie", field "Sessies" displays his content and so on. I hope that someone can help me with this. |
|
Multiple ideas for multiple logbooks, posted by Yoshio Imai on Tue Apr 3 13:17:27 2007
|
Hi!
After a long pause, here we are again with a bunch of new ideas (and problems ...;) )
1. Multiple login
Since we are using the elog system now for most aspects of our work, we are more and more often confronted with the need to work with different logbooks open in parallel (e.g. the shift logbook as well as the personal analysis logbook, via tabbed browsing). These logbooks do not always have the same users allowed to access them, so when having logged on to one logbook and then opening another one in a different browser tab, I have to log on as a different user, thereby losing the login on the first logbook. Is there any way to change the cookie structure so as to allow one (physical) user to be logged on as more than one elog user at a time?
2. <Ctrl-T>
While using this logbook (and tabbed browsing), I noticed that the keyboard shortcut <Ctrl-T> now leads to the creation of a table (great thing, btw). However, many of our users are accustomed to this shortcut opening a new browser Tab. Is there any way to disable these elog shortcuts or otherwise disentangle these functions (by using <Alt> instead of <Ctrl> or something similar, since the functionality itself is very good)?
Thanks for any idea on these issues, and thanks for the great software! |
|
How to make a table of contents, posted by Stefan Ritt on Fri Apr 27 14:06:34 2007
|
For those people who have not fully understood the discussion of elog:2218, here is an example table of contents.
First Chapter
The table of contents consists of a set of [url] tags like this:
[url=#first]First chapter[/url]
[url=#second]Second chapter[/url]
[url=#thirs]Third chapter[/url]
Then the chapter header contains a tag like this:
[ANCHOR]first[/ANCHOR]
to which the browser ups if you click the corresponding entry in the table of contents.
... empty lines to full up some space ...
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Second chapter
You should jump here if you click on Second chapter at the table of contents.
Third chapter
You should jump here if you click on Third chapter at the table of contents. |
|
Boolean, posted by Grant Jeffcote on Fri Aug 3 15:49:05 2007
|
Stefan,
I've noticed in the latest release when using the 'Find' page that any boolean expression (tick box) is now shown as '0,1 or unspecified'. Is this intentional? My colleagues are finding it hard to get their heads around what to choose and preferred the old 'Tick Box' option. Have there been changes to the configuration arguments used for Boolean that I've missed?
Thanks |
|
New ELOG version with HTML Editor, posted by Stefan Ritt on Fri Oct 26 14:00:48 2007
|
I'm pleased to announce the release of ELOG version 2.7.0 which contains the HTML editor FCKeditor. This allows the formatting of ELOG entries just as one is used from a word processor. I tried to make all functionality working as one is used from the ELCode system (like replies quote the original text in a yellow text box), but I'm not sure if I covered everything. So if you experience problems with the new editor, please report it and I will try to fix it. Anyhow it is always possible to switch back to the old ELCode encoding.
One warning for site administrators: Since it is possible to enter HTML code directly into a web page, one risks a XSS vulnerability. If someone knows how to protect the FCKeditor against submission of JavaScript, please let me know and I will add it. If this is an issue, you can turn off HTML encoding completely for public ELOG sites with allowed encoding = 3 in elogd.cfg.
Finally I would like to give credits to An Thai who proposed this editor.
|
|