DeeEmm

Pragmatism in code

Waxing lyrical about life the universe and everything software related since lunchtime 2006.

Boonex Blogs Gone

Well, maybe the title is not strictly true, but for all intents and purposes, the user blogs over at Boonex Unity are now dead. Andrew Boon, in his infinite wisdom, has decided to remove the user blogs from displaying in the blog index, leaving this solely for Boonex team posts. Whilst there is (some) merit in this, from a commercial perspective, it leaves the user blogs with no index, and no way of knowing if there is a new post.

So whilst the blogs still exist, you now have to navigate to each blog individually, via each members user profile to view them. Needless to say, I cannot imagine anyone bothering to post any more.

It's ironic that the focus on the community at Boonex has always centered around their core philosophy of 'Unity', it seems that this is far from uniting people, in fact I woud go as far as to say that it has the opposite effect.

If I were to be blatantly honest, I think that it is Andrews way of dealing with opinions that do not agree with his. I am probably one of the contributing factors in this respect, as i have often made very pointed statements in the Blogs, but if you do not want people to have opinions, why have blogs in the first place? I guess that is what has now happened.

Continue reading
Tags:
2457 Hits
1 Comment

Dolphin Maintenance Tools Module

We have just released a free module that allows you to easily enable / disable your website. This is a great help for performing maintenance tasks such as adding modifications or backing up.

The module is easily installed within the standard Dolphin module structure, and requires a small modification to one file to be able to utilise.

The module provides an easy place to edit a maintenance page that will be displayed in the browser to visitors when the site is disabled.

There are future plans to add additional features to the basic module, so if you have an idea for s setting that you feel should be included, just let me know.

Continue reading
2646 Hits
0 Comments

Increasing server memory limit

If you are experiencing memory issues with scripts, it may be necessary to increase the memory available to the script.

If you have access to your servers php.ini file, this is relatively straightforward -  simply increase the value of the memory_limit directive to 128M then restart apache. However, I'm guessing that if you're reading this post, looking for a solution to memory issues, then the last sentence probably made little sense, and chances are that you do not have access to your servers php.ini file - this is true for most shared servers.

If you do not have access, all is not lost - you can override the value in either a custom php.ini file, or via the htaccess file - the method needed depends on the following:

If PHP is compiled to run as a cgi script then you will need to use a custom php.ini, but if it is compiled to run as a module then you will need to use htaccess. (tip - you can view your servers php_info() to find out which one)

Continue reading
2598 Hits
0 Comments

Dolphin 7 - Increase text size in comments box

If you have the tinymce editor enabled for comments boxes, and you wish to increase the size of the text, then you will need to do the following.

To alter the size of the text in the comments area - if you have tinymce enabled for comments.

Edit /tinymce/themes/advanced/skins/default/content.css

look for the following element

Continue reading
4466 Hits
0 Comments

Dolphin 7.0.2 Released

The Boonex team have just released the not so long awaited 7.0.2 release. It seems that they have taken community comments about a shorter release cycle on board and trimmed down the releases to enable them to be released one a month. Got to admit, i was a little skeptical that they would pull it off, but its nice to be proven wrong. Lets hope that this is the shape of things to come.

The 7.0.2 release addresses a number of bugs and enhancements. It also removes the callbacks to the Boonex site to prevent the issues seen during the recent DDOS attacks, where many users were locked out of their admin panels.Probably the most important bug fixed is the bug that prevented profile fields from being updated, happily, this is now fixed.

i have already jumped in and upgraded my D7 site, and so far there are no issues.

/DM

Continue reading
2139 Hits
0 Comments

Dolphin Tag Converter

If like me, you used the migration tool to transfer your Dolphin 6 based site over to Dolphin 7, you will notice that there are some things that need a little tweaking. One of these things for me was the tags.

On D6 tags could use a space as a delimiter, but on Dolphin 7 the space is ignored, this is to allow multi word tags. What this effectively does is create massive long 'tag words' out of those tags that were entered without using a comma as a delimiter in D6.

The following code reads the tags and splits them up if more than one word is detected. it then deletes the original entry and creates a new entry for each word detected using the original data. Single word tags are ignored

$sql_query = mysql_query("SELECT * FROM `sys_tags`");

Continue reading
3156 Hits
1 Comment

Google Chrome for Mac

If, like me, you have been using the beta version of Google chrome for mac, you will be pleased to learn that Google have now released the final version. Chrome for mac is only available for intel based macs, OSX version 10.5 or later. Being a long time Firefox user, I've been noticing a slowdown in performance lately that has been causing a little frustration, especially when it comes to developing. A pet peeve of mine is having to wait for the browser to finish loading pages - it's simply lost time that i could put to better use.

Chrome is without doubt much faster than Firefox, with very impressive page load times, even with slower pages. With the addition of a few of my favourite tools available (FireBug and Web Developer), Chrome is possibly looking like a replacement for my long term love affair with Firefox. The only downside is that FireBug is only available as a Lite version - which means that there are some critical features missing (javascript tools), but for general day to day use, you could substitute other dedicated tools instead. Of course, it's also possible that an updated version of FireBug for the Crome platform might surface in the future, but this is probably just fanciful thinking, as there are no reports of this as yet.

Chrome also comes with a nice bookmarks migration tool to easily import bookmarks from your other browsers, and includes up to the minute support for HTML5 and the emergent new web technologies. Bundle this with a with a nice clean interface, and you have an improved web experience.

So, if you've yet to try it, or haven't updated form the beta, I recommend to give it a go.

Continue reading
1634 Hits
1 Comment

Boonex Dolphin Security Vulnerability

It seems like this week is a bit of a strange one so far. Not only is it National Cyber Security Awareness Week here in Australia, but first the Boonex site suffered a massive DDOS attack and then my own dolphin site suffered a similar fate. I believe that the two events are probably coincidental, as the attack on my site was not particularly well formed, and was easily defeated - most likely just some kiddie with a script. I managed to get the service that the attack was coming from terminated due to a violation of the providers TOS - they're probably in big trouble with mom and dad now. The attack on the Boonex site continued over the weekend, and there are still some services out of action.

I believe that the main source of the attack on my site was to take advantage of the exploit recently published on Boonex's site, and reported about here on DeeEmm.com in an earlier news article - http://www.deeemm.com/news/154-dolphin-7-security-vulnerability-exposed.html Whilst the noise about this issue seems to have been muted a little, after the attack on my site I am pretty convinced that the solution given by Boonex is no solution at all.

The main crux of the problem was claimed to be the DB_FULL_VISUAL_PROCESSING or DB_FULL_DEBUG_MODE settings, which caused the debug backtrace to be echoed directly to the browser in the event of a fault. Boonex's comments were simply that these were disabled by default and so the issue was a non-issue. This glaring oversight caused an obvious embarrassment to those who made the claims that the issue was with the DB_FULL_VISUAL_PROCESSING setting, this then caused them to promptly back off a little.

Whilst Boonex's solution has seemingly pacified the masses, it does not address the initial issue - that the debug back-trace is getting echoed to the browser in some error situations. The fact is that the issue has been reported by many, and until now no one had been sure of a definite cause, unfortunately the DB_FULL_VISUAL_PROCESSING setting was little more than a red herring, and whilst easily dismissed by Boonex, their solution does not actually fix the issue.

Continue reading
4448 Hits
0 Comments

National Cyber Security Awareness Week

This week is National Cyber Security Awareness Week here in Australia.

National Cyber Security Awareness Week is an annual initiative of the Australian Government held in partnership with industry, community and consumer groups and state and territory governments.

It is designed to raise awareness among Australians of cyber security risks and simple steps they can take to protect their personal and financial information online.

National Cyber Security Awareness Week 2010 is from 6 to 11 June. It will promote six easy tips for better online security:

Continue reading
1401 Hits
0 Comments

Dolphin Orca Update

The Dolphin forum, or Orca, as it is known, was a parallel stand alone development that was integrated as a module into the Dolphin 7 release. This module is a massive improvement over the previous integration in Dolphin 6, and has provided an easier opportunity to improve it.

Many Dolphin users are unhappy with the features supplied with the standard forum module, often opting to replace it with other forums such as phpBB or IPB. This has mixed success, as often the integrations are simply iframe hacks, or miss out important aspects such as avatars or messaging. This is where Orca is already a step ahead. The integration is already completed, it is a core part of the Dolphin product, and so already has all of the needed variables and data available to it, to use in improving its features.

We have been working on an update to Orca, to add in the missing features that many complain about, these are usability features for both users and administrators alike, as well as the creation of a set of moderation tools.

The project is in it's very early stages, and only in Alpha release, but as it's based on a functional product, we already have a demo set up. This will be updated as the project progresses.

Continue reading
3346 Hits
0 Comments

Dolphin 7 Security Vulnerability Exposed

It would seem that this weekend has been an active time in the CMS community for security vulnerabilities, first Joomla issue a patch for a potential XSS issue, and now Boonex's Dolphin package has been raising some eyebrows with, an as yet unresolved security issue that exposes the database name, username and password, in plain text to the browser via a verbose error report. This report is triggered by any number of bugs, and could easily be used to compromise a website or server.

The security 'hole' had previously been reported and raised as an issue with the Dolphin developers, who's response was that it had been addressed. Amusingly this seems not to have been the case, with the latest attention being that the bug has now been witnessed on the Boonex admin test site, and the resulting full error report published. - http://www.boonex.com/unity/forums/topic/Hey-BoonEx-Notice-Something-.htm There is some further discussion in the blogs as well - Major Security Risk: Information and Temporary Solution

The community were quick to act, with a couple of suggested workarounds published on modmysite - http://www.modmysite.com/general-issues-comments-questions/10491-db_full_visual_processing.html#post39764 as well as on the Boonex site, but there has been no official response.

As of the time of this post, some three days after the original post, Boonex have still yet to comment, and there has been no official patch available to address the issue.

Continue reading
7521 Hits
4 Comments

Joomla 1.5.18 Released

XSS Vulnerability addressed.

Joomla 1.5.18 has recently been released and includes a security update to fix a core XSS vulnerability. All Joomla users are advised to upgrade. More details about the vulnerabilty can be found on Joomla's developers board HERE.  If you wish to stay abreast of the latest security announcements and updates for Joomla, you are advised to keep a check on the Joomla Developer Vulnerability News Feed.

 

More information on the 1.5.18 release, including the downloads can be found on the product release page - HERE

Continue reading
2164 Hits
0 Comments

Free Mods Released

It's been a very busy week here in the software office. Hot on the heels of the recent Flat Comments and Group Forum Posts Block mods, we have a further three - yes that's THREE!! new mods available in the store, plus a re-released oldie.

Whats more, three of the mods are free!

The first mod is a re-release of our Login redirect mod for Dolphin 6. Whilst this has been available for download over at Boonex.com, for some reason it was omitted from the store, so we added it in. You can download it HERE

Next up is Auto Friend on Join. This is another Dolphin 6 mod that has been updated to work with Dolphin 7. The Mod automatically adds a friend to the joining members profile - a bit like Tom on myspace. This mod differs a little as it will add select the friend it adds based on the gender of the joining member. It can be set  to add either a friend of the same sex, or opposite sex. Get it HERE

Continue reading
2861 Hits
1 Comment

Dolphin Forum - Show Expanded Categories

Here's a quick hack to get the forum categories to display as expanded by default on the forum home page.

Edit modules/boonex/forum/classes/Forum.php

Search for the following...

            if (( isset($p['cat']) && $p['cat'] == $r['cat_uri'] ) /*|| 1 == $r['cat_id'] */)            {                $this->setTitle ($r['cat_name']);                $c .= ''.$this->getForumsXML ($r['cat_uri'], 0) . '';            }

Comment the following lines

Continue reading
4676 Hits
0 Comments

2 New Dolphin MODs Released

Just released two new mods for the Boonex Dolphin platform.

The first mod is a Dolphin 6 mod that changes the standard threaded comments layout to a normal flat comment structure. All existing comments are changed to the new layout, as will all new comments.

The second modification is a Dolphin 7 MOD that creates a custom block for the groups home / view page that aggregates the groups forum posts.  This increases the usefulness of the groups home page by providing all information in one place.

As a bonus, we have also included an additional mod that will show you how to add a block anywhere on your site to aggregate ALL group forum posts into one block.

Continue reading
3310 Hits
0 Comments

Nowdoc string handler

Some of you may be familiar with the heredoc string handler which allows multi-line strings to be easily assigned to a variable, this great tool has many uses - such as retaining pre-formatted layout and improving the readability of code. The heredoc handler also parses variables contained within the string - much the same way that using double quotes does. Replacing any variables with their respective values

This has some not so obvious drawbacks, one of which i discovered whilst trying to inject complex PHP code into a database for later evaluation via the eval() statement. (please don't ask why)

The problem I found was that whilst it was easy to escape the string so that it would not break the SQL statement, The same escape characters also broke the evaluation. This might not have been an issue in any other situation, but for this particular project i did not have access to the code that carried out the evaluation so that I could strip the escape characters out before running the eval query.

However, PHP 5.3 has now introduced the nowdoc syntax - this basically operates in the same manner as heredoc, but does not parse any of the content. This means that not only are variables not parsed, but neither are any characters that would normally require escaping. In essence, any string read into a variable by the nowdoc handler will not require any escaping whatsoever.

Continue reading
2214 Hits
0 Comments

Dophin 7 TinyMCE Browser MOD updated

The DeeEmm Dolphin Tiny MCE Browser modification has now been updated to work with the new Dolphin 7.0.1 release.

This release is a compatibility update, There are no additional features or bugfixes included.

If you have previously purchased the 7.0.0 version, you will be pleased to know that you are entitled to a free update. If you would like a copy of the updated files, please email me and i will send a copy out to you.

As usual, support for purchasers of our premium modifications are all entitled to access to the help-desk for priority 1-on-1 support. General support, bug reports, and feature requests can be posted to the forums.

Continue reading
2057 Hits
0 Comments

CVS changed to SVN

The Sourceforge DMCMS source control active repository has now been changed from CVS to SVN. The old CVS repository will remain accessible for historical reasons.

At this point there are no plans to migrate existing data from CVS to SVN.

The SVN repository will be routinely updated as changes are made. The ability to easily download a tarball may mean that interim builds will simply be made available via the SVN repository instead of for direct download via the forums, but this will be assessed as usage progresses.

If there are any questions, please leave them in the comments section below.

Continue reading
Tags:
1803 Hits
0 Comments

It's Official. IE6 is Outdated

ie8advert

I have long held the view that the internet needs to be ridded of Internet explorer 6. IE 6 still equates to a massive 10% of all user-agents - some 180,233,045 users worldwide. This figure has fortunately been getting smaller, and the latest statistics show that IE6 has been in steady decline this year.

IE6 is the veritable thorn in the side of most web developers (with IE7 little better). With a userbase numerous enough to still require having to account for when developing websites, IE6 requires extraneous coding hacks to get it to function along side more modern browsers. But this may soon be a thing of the past. It seems that Microsoft themselves are now promoting the demise of IE6. This is great news, and one could only like to think that it is as the result of folk such as you and I actively promoting it's drawbacks. I personally think that IE6 has finally bitten Microsoft on the proverbial backside, with Internet Explorer usage failing to the ever more popular Firefox, which now reports some 45% market share.

The pain in the proverbials, has seemingly spurned Microsoft into action to try and win back some users, and tip the scales back in their favor - and they seem to be targeting IE6 users. So what have they done?

Continue reading
3689 Hits
0 Comments

Dolphin 7.0.1 and beyond

The latest release to Boonex's CMS system - Dolphin 7, has now been out on the wild for some time. Released at Christmas, the much anticipated Dolphin 7 was to be heralded as the latest in web tech, offering an advanced platform for social networking sites that was far ahead of the competition. With several public beta releases, the anticipation was fueled by the glimpses offered in each release, building up the expectations to a massive level. Also adding fuel to this fire, was the long overdue update and bugfix release due for Dolphin 6. As a result, Dolphin 7 had a lot to deliver.

With the release of Dolphin 7 finally made a year later than expected, it was unleashed into the public with a massive amount of issues, over 300 bugs to be precise. This left the Dolphin community a little abashed, with many users having stuck with Dolphin, through the extended development period, now feeling disappointed. Lots of these users had put development plans on hold, with the expectation that the promised release would be the answer to their needs.

It is now a further 5 months down the line, and the recent update release 7.0.1 has addressed many of the problems that plagued version 7. The problems are not completely fixed however, and there are still many issues surrounding how development and releases are handled, but it seems that Boonex are moving in the right direction with a shorter release cycle, and prioritisation of bugs addressed for each release. I previously touched on this issue with one of my blog posts over at unity - http://www.boonex.com/unity/blog/entry/Product_release_cycles

Based on past performance at Boonex, and anticipating the issues and extended wait with version 7, when it was originally announced, I decided to stick with version 6  - This is a choice that i am glad i made. Not only as the expected release date slipped way beyond the original estimate, and there were more issues than even I anticipated, but also as it has meant that I have managed to build my user-base over the past year, and develop the community for which the site serves.

Continue reading
4722 Hits
0 Comments