Forum Replies Created

Viewing 15 replies - 211 through 225 (of 268 total)
  • Thread Starter LostInNetwork

    (@lostinnetwork)

    Thank you very very much!
    Incredibly fast answer.
    Problem solved.

    🙂

    … and most of our categories are public, but some are restricted to members only (and WE create the accounts / assign user levels), and a few are for the board only and even fewer are for the admin group.

    Now if you would edit that little category visibility gem and include support for pages/subpages, then we would be very thankfull… It might be wise to take a look at WP 2.1 before that, though.

    We are using the “Category Visibility” plugin to have both public and members-only categories. It works well. The “Role Manager” plugin is GREAT and WONDERFULL, because it lets us create many new user groups (levels) such as “public subscriber” (level 1), “member” (2), “board” (5) and so on. We have even created a “user manager” role for the person who maintains users, but does not write.

    Unfortunately, nothing quite as good exists for static pages, but the “Page restriction” plugin allows you to have a members-only page.

    Thread Starter LostInNetwork

    (@lostinnetwork)

    Update:

    Blocking new login attempts would make DoS attacks really simple. It would be better to add delay to logins after a few failures (oh well, then someone could make 10.000.000 parallel connections…) Some sort of delay would be appreciarted, though. I would happily limit the number of simultaneous connections and add some delay. That would work in our case.

    We need more control here. It may be optinal, but it’s still wanted.

    Thanks

    Let me continue the praise.

    I love the user roles feature. I can assign contributor or author roles to new and inexperienced writers, and give more rights (such as editor) to more experienced users. Using certain plugins I can even create custom roles for membership managers etc. I love this flexibility.

    The amount of available plugins is also huge and it is a huge bonus and the search for “new toys” is always so exciting!

    The admin interface is simple and efficient and elegant and even better with javascript based drop down menus (I heard that it is coming… although it’s already available as a plugin).

    I compared many blogs and cms’es before choosing WordPress. I chose WorPress because of it’s clean admin interface, clean looks, and plugins. I really appreciate the simplicity of WordPress! …although a few new admin features would not hurt, as you can see from my complaints that are all over the place 😉 But yeah, this is a great tool.

    Forum: Plugins
    In reply to: New plugin avaiable, dbfile

    “I have decided to drop the development of the dbfiles plugin, since WordPress 2.0 handles file uploads smoothly with meta data and such”

    I’m sorry to read this (but I understand that there are better things to do in life than maintaining old plugins…).

    The file system based access control (usually apache rw-) does not allow one to keep members-only files available for download. This db_files combined with “page restriction” would have been a good and reasonably safe solution. Unfortunately, initial configuration fails due to some bug…

    Some people really don’t want more readers.

    Thread Starter LostInNetwork

    (@lostinnetwork)

    The “DB Files” plugin doesn’t work either:

    WordPress database error: [You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ‘db_file_use_fileupload” LIMIT 1’ at line 1]
    SELECT option_value FROM wp_options WHERE option_name = ”db_file_use_fileupload” LIMIT 1

    …and the DB Files development has been ended because the developer thought that this plugin would not be needed anymore :”(

    I have no options left, except htaccess files 🙁

    Giving up for today.

    Thread Starter LostInNetwork

    (@lostinnetwork)

    The plugin was called “secure files” but it is of no use. The file upload feature is severely flawed. The uploads folder is writable for all. The secure files plugin allows the upload folder to be placed outside the document root and hence out of reach of browsers. But it still remains readable/writable by the web server user and hence it can be attacked locally from another account. Security doesn’t seem to be a high priority in WP… The ilfilosofo plugin isn’t going to solve this, either. I need to find something that stores files in the database. THEN I can assign permissions by user classes. Hmmm… DB_Files? I’ll try that next…

    [ Oh shit. Even Gallery2 has images in chmod 755 directories. It’s all open for stealing – from ANY another local account. One just needs to create an own plugin and connect to it and take all our images, all our files, all those files we are required to protect… ]

    Thread Starter LostInNetwork

    (@lostinnetwork)

    Thanks! I will try the ilfilosofo plugin soon.

    I just detected a way of quickly adding OpenOffice support:
    edit functions-post.php:
    ‘doc’ => ‘application/msword’,
    ‘odt’ => ‘application/vnd.oasis.opendocument.text’,

    After this one line odt addition, WordPress accepts OpenOffice documents. The only problem is that even if I use “page restriction” plugin, the uploaded file remains publicly available in the uploads folder. There is a “safe files” plugin to solve this little security flaw, though. Next I’ll try it – and then the IlFilosofo.

    This seems to work out. Wonderfull!

    Thread Starter LostInNetwork

    (@lostinnetwork)

    But FileZilla is just an ftp client! I have several ftp-clients and other upload tools – but they all require unix login access and I cannot share that password. WordPress also has an upload feature but it complains that the file is “not safe” and refuses to embed it because it is not a picture(!).

    It’s that built-in file attachment feature that I need upgraded: I need something that lets our editor-level users upload zip and doc files (without shell password) and embed download links to the static pages.

    I don’t think FileZilla is capable of that. And the tool really needs to work on Windows XP, Linux, MacOS and PalmOS and in public computers in public libraries.

    Thread Starter LostInNetwork

    (@lostinnetwork)

    Warning: Using the suggested DIV may cause problems. At least my WordPress–Theme–RichEditor combo dislikes these DIV’s very much. Does not display, destroys content from the edited page and so on.

    Solution: <p style=”height: 2em”></p>

    That works perfectly.
    I’m so happy, so happy.

    Thread Starter LostInNetwork

    (@lostinnetwork)

    Wonderfull! Thanks!

    Thread Starter LostInNetwork

    (@lostinnetwork)

    I meant align=”justify” …

    True, wysiwyg seems to create a lot of trouble – for me, at least. That’s why I recommend that we all uninstall our <insert favorite word processor> and start editing LaTex source in VIsual editor, or even better, in ED (which allows you to replace the screen with a clean and tidy line printer)

    😉

    Marking this as resolved.

    Thread Starter LostInNetwork

    (@lostinnetwork)

    OK, next time I’ll post more detail. I’m just trying to restrict readers to the target group, so that I could conserve limited bandwidth. I was too conservative in the wrong place.

    I found the cause: My rich editor creates <div align=”full” /> tags when I select text including empty lines, and hit align. These tags break several themes.

    I have to clean them away when I mistakenly create them.

    Thread Starter LostInNetwork

    (@lostinnetwork)

    Also, have you tried editing the admin theme css? There must be a width there somewhere (maybe 600px or something). Make it bigger.

Viewing 15 replies - 211 through 225 (of 268 total)