21
irmtfan
Re: Xoops On Crack?
  • 2005/1/1 5:57

  • irmtfan

  • Module Developer

  • Posts: 3419

  • Since: 2003/12/7


GIJOE,
your an expert programmer and mature in php and so on.everyone know this as well.in this topic (3rd post) you see i recommended your protector module.
but i have 2 question from you.
1- why you dont write good documentation for your works?
personally i use your modules and hacks ( protector , autologin , xhld ) but there is no documentation in your site or i cant find it.for regular modules the documentation is not very need and important but for a module like 'protector' we MUST have a very compelete detailes documentation to use. if we cant understand it how we can recommended it?

2- why you dont write any news about your works in xoops.org site?
report to community is very important. e.g. you release protector 2.2 in http://www.peak.ne.jp but a person like me how know about it? i dont know what you think about it but i can tell you "many people dont know about you and your works"

Quote:
Come on, let's work on this together, shall we?

why you dont like to supprot community?we have a warm community here with many people. if you dont have too time to spend here please just take some time here and see the result.in according to your join date and your post numbers its a fact that you are very low active member of XOOPS in comunity.
instead of just coding and coding and coding .... just spend some times with us .the community waiting for you

22
Mithrandir
Re: Xoops On Crack?

Quote:
why you dont like to supprot community?we have a warm community here with many people. if you dont have too time to spend here please just take some time here and see the result.in according to your join date and your post numbers its a fact that you are very low active member of XOOPS in comunity.
instead of just coding and coding and coding .... just spend some times with us .the community waiting for you

Ok, this is getting a bit one-sided. GIJOE is not very visible here, but I am sure he does a tremendous job in the Asian community sites, so it is not the case of a guy just coding, coding and coding and not doing any support work.

However, I AM a bit disappointed that we don't seem to get the goodies from developments and discoveries made in Asia (sorry for grouping so many people together by referring to an entire continent)
It is hard for me to frequent the Japanese, Chinese etc. sites as I neither read nor write languages other than Danish, English and some French.

23
carnuke
Re: Xoops On Crack?
  • 2005/1/1 10:13

  • carnuke

  • Home away from home

  • Posts: 1955

  • Since: 2003/11/5


Having just read this entire thread, I have a concern that politics and bad feelings may get in the way of valuable and important developments regarding security. The protector module IS useful and I have highlighted this in the XOOPS FAQ in a long detailed entry.

The demonstration, though extreme does prove a point and one that we should listen too in preference to highlighting it's unethical quality.

As this new year starts, let's invite some positive constructive response to this discussion in a way that all parties feel they are heard, appreciated and respected.

24
vinit
Re: Xoops On Crack?
  • 2005/1/1 12:52

  • vinit

  • Just can't stay away

  • Posts: 530

  • Since: 2004/1/10


I dont have words to express, bang in with a blast.
A shocking, blasting new year start at xoops.
Things which we felt is secured is been torn apart in seconds, and if xoops.org can be brought to knees then any lam sham bam site is just waiting for opportunitist. This might sound odd at this moment but what GIJOE has demonstrated is "TRUTH" and we got to work together face realities of this kind and lets develop needfull solutions for it in core.

I guess a team for special sercurity scrutinising should be brought in. Efforts from all the corners of the world needs to be channelized. I do understand and accept that Asian developers works has not got that attention, but then language at times act as barriers. I would urge the developers associated with XOOPS to work together to resort the common issues of XOOPS to make it a better CMS. At the same time lets respect everyones work and have open ears for everyone.

25
Olorin
Let's just calm down...
  • 2005/1/1 14:33

  • Olorin

  • Just popping in

  • Posts: 50

  • Since: 2003/7/5 1


Quote:

Mithrandir wrote:
Ok, this is getting a bit one-sided. GIJOE is not very visible here, but I am sure he does a tremendous job in the Asian community sites, so it is not the case of a guy just coding, coding and coding and not doing any support work.
GIJOE is the most active supporter in Japan. Moreover, he couldn't be more active in his personal support site as you can see.

Quote:

carnuke wrote:
As this new year starts, let's invite some positive constructive response to this discussion in a way that all parties feel they are heard, appreciated and respected.
I quite agree with you. As Mithrandir stated on the news, XOOPS seems to be looking for the developers for the current version. At the same time, Japanese developers seem to be serious about leaving XOOPS and making their own one.

So why don't you make the best of Japanese developers' enthusiasm? For instance, you can let the Japanese team alter the current 2.0.x series. And the others focus on the 2.1 series.

Of course, there should be a consensus for the development so as not to make a difference between the current and the future one in their features.

This may delay the release of 2.1, eventually. But even Onokazu thinks there should be another release with a few, but not too radical, changes in the feature before 2.1 arrives.

In the end, all the Xoopsers can have more secure Xoops, Japanese team doesn't need to worry about the language, and English team can focus on the future version.

Surely, I'm not ignoring the other local communities. But Japanese developers are just HEATED in many ways.

This is "ORETEKI Xoops":
http://marijuana.ddo.jp/xoops/modules/mydownloads/
http://marijuana.ddo.jp/xoops/modules/mydownloads/visit.php?cid=1&lid=20&type=0

Some modules have already exceeded the standards of the core, I think. So it's high time we thought how to adopt these advanced features to the core, isn't it?

26
JMorris
Re: Xoops On Crack?
  • 2005/1/1 14:34

  • JMorris

  • XOOPS is my life!

  • Posts: 2722

  • Since: 2004/4/11


@GIJOE

In the spirit of the new year and new beginnings, let me first apologise for my harsh tone. I do not agree with how your point was made, but it is a valid point and it needs to be addressed. It would be a tremendous benefit to all if you would share what you have learned regardging XOOPS security with the XOOPS Core Team.

@The core Team and Carnuke

The FAQ section touches on XOOPS security, but it's lumped in with Fault-finding, Upgrades, and Backups. Perhaps a dedicated FAQ section for security would be more appropriate.

Also, it seems that the average XOOPS user is not necessarily server savy. I've seen countless posts on "how do I chmod?". Perhaps a special script could be added to the installation process that sets folder and file permissions for the end user. The example on "How to CHMOD to 0444 ?" provides a good example of where to start on this.

It just seems that the few XOOPS sites I have heard of being hacked, the majority of them were hacked because they didn't have appropriate permissions set.

Just a suggestion.

27
Mithrandir
Re: Let's just calm down...

Quote:

Olorin wrote:
Quote:

carnuke wrote:
As this new year starts, let's invite some positive constructive response to this discussion in a way that all parties feel they are heard, appreciated and respected.
I quite agree with you. As Mithrandir stated on the news, XOOPS seems to be looking for the developers for the current version. At the same time, Japanese developers seem to be serious about leaving XOOPS and making their own one.

So why don't you make the best of Japanese developers' enthusiasm? For instance, you can let the Japanese team alter the current 2.0.x series. And the others focus on the 2.1 series.

Of course, there should be a consensus for the development so as not to make a difference between the current and the future one in their features.

I would simply love to have some more people working on making the XOOPS core more secure. For both 2.0.x and 2.1/2.2

So far, the Asian communities have the better of us as it is more likely to find a Japanese that knows English than the other way around - therefore it is not possible for many of us to frequent the Asian sites and pick up security tips here and there. We *need* some help on this.

28
hervet
Re: Let's just calm down...
  • 2005/1/1 14:44

  • hervet

  • Friend of XOOPS

  • Posts: 2267

  • Since: 2003/11/4


Olorin,

Can you, the Japanese community and developpers, teach us too ?

Bye,
Hervé

29
smdcom
Re: Xoops On Crack?

I hope this thread moved to other place privately. Personally, we should invite japanese xoopsers, developer & GIJOE of course sit together and discuss.

I'm afraid public will scared about this thread. lol.. just a suggestion. don't make me wrong.

30
Bender
Re: Xoops On Crack?
  • 2005/1/1 15:11

  • Bender

  • Home away from home

  • Posts: 1899

  • Since: 2003/3/10


Quote:

smdcom wrote:
I hope this thread moved to other place privately. Personally, we should invite japanese xoopsers, developer & GIJOE of course sit together and discuss.

I'm afraid public will scared about this thread. lol.. just a suggestion. don't make me wrong.


I don´t think so. We don´t live in a perfect world and if someone can´t deal with that its his/her problem. Taking this thread behind locked doors now would imho cause more damage and just raise suspicions. (just my impression of course )


Back to the general issue:

Quote:
Mithrandir wrote:
I would simply love to have some more people working on making the XOOPS core more secure. For both 2.0.x and 2.1/2.2


I think this not going far enough. However need to formulate what i think in some more lines so i will elaborate a little later.

Login

Who's Online

369 user(s) are online (296 user(s) are browsing Support Forums)


Members: 0


Guests: 369


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits