From volkan.ozcelik at gmail.com  Mon Nov  7 01:46:51 2005
From: volkan.ozcelik at gmail.com (=?ISO-8859-9?Q?VOLKAN_=D6Z=C7EL=DDK?=)
Date: Mon, 7 Nov 2005 09:46:51 +0200
Subject: [thelist] @media and @import
In-Reply-To: <3896CE5B-51C3-43CA-806C-90A4F5B23994@fstorr.demon.co.uk>
References: <3896CE5B-51C3-43CA-806C-90A4F5B23994@fstorr.demon.co.uk>
Message-ID: <dfc81b090511062346x502de71fx@mail.gmail.com>

> Is there actually a way to import (rather than just specify via a
> load of @media rules) a media-specific stylesheet from within another
> stylesheet?  I'm aware that it can obviously done via the <head> of
> an HTML document, but that's not what I'm after.

How about trying things the other way around?
I meain including only two imports in head:

@import url("print.css");
@import url("master.css")

and then

in print.css usin media declarations

Print.css
-------------
@media print{
    ... print related rules here...
}
---------------

and in master.css using apropriate media declarations as well.

Master.css
---------------
@media all{
   ...general rules here...
}

@media screen{
    ...screen related rules here...
}
---------------

That basically changes the nesting order of things.

Does it make sense?

Cheers,
--
Volkan Ozcelik
+>Yep! I'm blogging! : http://www.volkanozcelik.com/volkanozcelik/blog/
+> My projects/studies/trials/errors : http://www.sarmal.com/


From volkan.ozcelik at gmail.com  Mon Nov  7 01:54:25 2005
From: volkan.ozcelik at gmail.com (=?ISO-8859-9?Q?VOLKAN_=D6Z=C7EL=DDK?=)
Date: Mon, 7 Nov 2005 09:54:25 +0200
Subject: [thelist] Hypercell doesnt validate
In-Reply-To: <436EB675.60709@hockeymail.com>
References: <436EB675.60709@hockeymail.com>
Message-ID: <dfc81b090511062354v347ac4bby@mail.gmail.com>

> I have a page that doesn't validate (W3C HTML) the hypercells on the
> menu. That's the code:

Excuse my ignorance, but what does hypercell mean? I've been
developing web applications for years and heard about the term for the
first time.

>
> <TD width="15%" align="center" valign="middle" class="hMenu1"
> onMouseOver=this.style.backgroundColor="#FFFFFF"
> onMouseOut=this.style.backgroundColor=""><A
> href="../card/index.php">cards</A></TD>
>

as per the solution.

i. either google "unbtrusive javascript"

ii. or first change your markup accordingly.

<td width="15%" align="center" valign="middle" class="hMenu1"
onmouseover='this.style.backgroundColor="#FFFFFF";'
onmouseout='this.style.backgroundColor="";'><a
href="../card/index.php">cards</a></td>

and then google "unobstrusive javascript".

p.s.
I am assuming that you use a transitional doctype here (if you are
unsure what doctype you are using, there are plenty of resources out
there on how to choose an apropriate doctype)

HTH,
--
Volkan Ozcelik
+>Yep! I'm blogging! : http://www.volkanozcelik.com/volkanozcelik/blog/
+> My projects/studies/trials/errors : http://www.sarmal.com/


From volkan.ozcelik at gmail.com  Mon Nov  7 01:56:45 2005
From: volkan.ozcelik at gmail.com (=?ISO-8859-9?Q?VOLKAN_=D6Z=C7EL=DDK?=)
Date: Mon, 7 Nov 2005 09:56:45 +0200
Subject: [thelist] Hypercell doesnt validate
In-Reply-To: <dfc81b090511062354v347ac4bby@mail.gmail.com>
References: <436EB675.60709@hockeymail.com>
	<dfc81b090511062354v347ac4bby@mail.gmail.com>
Message-ID: <dfc81b090511062356j778e9986n@mail.gmail.com>

sorry for the typo

"unobstrusive" -> "Unobtrusive"


From fffrancis at fstorr.demon.co.uk  Mon Nov  7 01:58:32 2005
From: fffrancis at fstorr.demon.co.uk (fstorr)
Date: Mon, 7 Nov 2005 07:58:32 +0000
Subject: [thelist] @media and @import
In-Reply-To: <dfc81b090511062346x502de71fx@mail.gmail.com>
References: <3896CE5B-51C3-43CA-806C-90A4F5B23994@fstorr.demon.co.uk>
	<dfc81b090511062346x502de71fx@mail.gmail.com>
Message-ID: <09813299-C26C-49F8-9BAF-A246CD7A068D@fstorr.demon.co.uk>


On 7 Nov, 2005, at 07:46, VOLKAN ?Z?EL?K wrote:
>
> How about trying things the other way around?
> I meain including only two imports in head:
>
> @import url("print.css");
> @import url("master.css")
>
> and then in print.css usin media declarations
>
> Print.css
> -------------
> @media print{
>     ... print related rules here...
> }
> ---------------


That makes perfect sense, but doesn't work, and I've no idea why. In  
styles.css I've got:

@import url("print.css");
h1{
color:red;
}

And in print.css I've got:

@media print{
h1{
color:blue;
}
}

And the red always wins out.  Very strange.

Regards

F



From email at kristinafloyd.co.uk  Mon Nov  7 03:14:43 2005
From: email at kristinafloyd.co.uk (Kristina Floyd)
Date: Mon, 7 Nov 2005 09:14:43 +0000
Subject: [thelist] @media and @import
In-Reply-To: <09813299-C26C-49F8-9BAF-A246CD7A068D@fstorr.demon.co.uk>
References: <3896CE5B-51C3-43CA-806C-90A4F5B23994@fstorr.demon.co.uk>
	<dfc81b090511062346x502de71fx@mail.gmail.com>
	<09813299-C26C-49F8-9BAF-A246CD7A068D@fstorr.demon.co.uk>
Message-ID: <1054332938.20051107091443@kristinafloyd.co.uk>

Monday, November 7, 2005, 7:58:32 AM, you wrote:

> In styles.css I've got:

> @import url("print.css");
> h1{
> color:red;
> }

> And in print.css I've got:

> @media print{
> h1{
> color:blue;
> }
> }

> And the red always wins out.  Very strange.

Do you have a URL we can look at?

What are you testing this in/on?

-- 
Cheers now,
 Kristina



From vreeland at studioframework.com  Mon Nov  7 08:31:28 2005
From: vreeland at studioframework.com (Robert Vreeland)
Date: Mon, 7 Nov 2005 09:31:28 -0500
Subject: [thelist] Hypercell doesnt validate
In-Reply-To: <436EB675.60709@hockeymail.com>
Message-ID: <0MKoyl-1EZ82V264b-00075P@mrelay.perfora.net>

Try putting your mouseover and mouseout in double quotes and use single
quotes inside the function; like this:
 
<TD width="15%" align="center" valign="middle" class="hMenu1" 

onMouseOver="this.style.backgroundColor='#FFFFFF'" 
onMouseOut="this.style.backgroundColor=''"><A
href="../card/index.php">cards</A></TD>

Robert Vreeland



From evolt_org at striderweb.com  Mon Nov  7 09:26:07 2005
From: evolt_org at striderweb.com (Stephen Rider)
Date: Mon, 7 Nov 2005 09:26:07 -0600
Subject: [thelist] Multilingual Sites: Best approach?
In-Reply-To: <20051104120036.18445.qmail@web26714.mail.ukl.yahoo.com>
References: <20051104120036.18445.qmail@web26714.mail.ukl.yahoo.com>
Message-ID: <FB53FCB7-92AE-46B0-8345-8104D71E647A@striderweb.com>

Just a question, but has anyone ever done something like:

en.example.com
fr.example.com
de.example.com

and so forth?  That may make linking easier since your templates can  
use links relative to "/" (root directory).

Steve


On Nov 4, 2005, at 6:00 AM, Dave Stevens wrote:

> This month sees me implementing my first project with
> multiple languages. All content on the site in
> question will be available in at least four languages,
> though obviously with the ability to scale to further
> languages if the demand exists.


From evolt_org at striderweb.com  Mon Nov  7 09:52:51 2005
From: evolt_org at striderweb.com (Stephen Rider)
Date: Mon, 7 Nov 2005 09:52:51 -0600
Subject: [thelist] Who really turns off JavaScript?
In-Reply-To: <1131232576.9945.9.camel@xevious.platypuslabs.org>
References: <20051104170722.53507.qmail@web51408.mail.yahoo.com>
	<1131232576.9945.9.camel@xevious.platypuslabs.org>
Message-ID: <7861E3D7-146A-45B3-9752-E2A571097C98@striderweb.com>


On Nov 5, 2005, at 5:16 PM, Shawn K. Quinn wrote:

> On Fri, 2005-11-04 at 09:07 -0800, Tom Dell'Aringa wrote:
>> Lynx...ok, same question... who is really using a Lynx viewer these
>> days (other than us developers making sure our sites work in it)...
>>
>> I have not seen a Lynx UA in a web report in *years* - many years...
>
> I use Lynx once in a while, and can speak from experience that  
> there are
> situations where it is the only browser available.

My small personal site (striderweb.com) gets about 2000 visitors a  
month.  Though there are not a ton of them, almost every month a few  
using Lynx show up in my Users Agents log.  I don't know who they  
are, but they're out there.

Steve


From evolt_org at striderweb.com  Mon Nov  7 10:01:45 2005
From: evolt_org at striderweb.com (Stephen Rider)
Date: Mon, 7 Nov 2005 10:01:45 -0600
Subject: [thelist] Creating thumbnails of websites?
In-Reply-To: <436B0898.4080107@farstrider.org>
References: <436B0898.4080107@farstrider.org>
Message-ID: <8D1708B3-0C5C-443F-B495-9681166BC13A@striderweb.com>

Maybe not _quite_ what you're looking for, but there is an awesome  
program for Mac OS X called "Paparazzi!" that takes a screenshot of a  
web page and saves it as a graphic.  The real beauty of this program  
is that it captures the entire page, not just the part that fits on  
your screen at one time.

It's tiny, fast and free.  Can't miss!  :)

<http://www.derailer.org/paparazzi/> or check Versiontracker.

Steve

On Nov 4, 2005, at 1:07 AM, April wrote:

> I'm looking for some sort of program, plugin, script or script library
> that creates thumbnails of websites.  It's important to me that it
> actually creates those thumbnails[....]


From evolt_org at striderweb.com  Mon Nov  7 10:06:11 2005
From: evolt_org at striderweb.com (Stephen Rider)
Date: Mon, 7 Nov 2005 10:06:11 -0600
Subject: [thelist] Free DNS forwarding?
In-Reply-To: <20051104020719.37763.qmail@web51110.mail.yahoo.com>
References: <20051104020719.37763.qmail@web51110.mail.yahoo.com>
Message-ID: <DF4210DF-F2E6-4ECB-A712-8865C068EF83@striderweb.com>

Register mine.com at GoDaddy.com. They have free domain forwarding,  
with masking.  Forward mine.com to foo.dyndns.org with masking on.   
(Oh, and they only charge $8 a year for the domain registration.)

Steve

On Nov 3, 2005, at 8:07 PM, Anthony Ettinger wrote:

> I'm using "foo.dyndns.org" right now to forward to my
> home server (dynamic ip from sbc).
>
> Anybody know how to forward a real domain like
> "mine.com" and update it dynamically?


From nadeem at essex.ac.uk  Mon Nov  7 10:36:37 2005
From: nadeem at essex.ac.uk (Ahmad, Nadeem)
Date: Mon, 7 Nov 2005 16:36:37 -0000
Subject: [thelist] Creating thumbnails of websites?
Message-ID: <7AC902A40BEDD411A3A800D0B7847B661860BF38@sernt14.essex.ac.uk>

You could try this (windows) freeware URL2BMP
http://www.pixel-technology.com/freeware/url2bmp/english/ which despite
its name can also save as png, jpg and tiff, and can run as a command
line


On Nov 4, 2005, at 1:07 AM, April wrote:

> I'm looking for some sort of program, plugin, script or script library

> that creates thumbnails of websites.  It's important to me that it 
> actually creates those thumbnails[....]


From evolt_org at striderweb.com  Mon Nov  7 11:00:29 2005
From: evolt_org at striderweb.com (Stephen Rider)
Date: Mon, 7 Nov 2005 11:00:29 -0600
Subject: [thelist] Scheduling People
In-Reply-To: <20051024120907.FEMG21916.smta04.mail.ozemail.net@Jazz03>
References: <20051024120907.FEMG21916.smta04.mail.ozemail.net@Jazz03>
Message-ID: <B19EAEC8-47DB-4350-80D1-7CF985CD69DB@striderweb.com>

As nobody else replied to this, here's my humble submission:

<http://www.striderweb.com/blog/190>

Steve


On Oct 24, 2005, at 7:09 AM, Justin Zachan wrote:

> I have a client who needs some sort of web system to book and
> schedule a small number of staff. They are all out of the office  
> but can
> access the web, but don't want a VPN or network type thing.
>
> They basically want to book appointments and tasks. The staff can  
> logon from
> where ever and see where they need to be.
>
> Using a php MySQL solution can anyone recommend anything, especially
> something can be easily customised.


From hut at hockeymail.com  Mon Nov  7 11:43:36 2005
From: hut at hockeymail.com (Eduardo)
Date: Mon, 07 Nov 2005 12:43:36 -0500
Subject: [thelist] Hypercell doesnt validate
In-Reply-To: <dfc81b090511062354v347ac4bby@mail.gmail.com>
References: <436EB675.60709@hockeymail.com>
	<dfc81b090511062354v347ac4bby@mail.gmail.com>
Message-ID: <436F9248.8090902@hockeymail.com>


>Excuse my ignorance, but what does hypercell mean? I've been
>developing web applications for years and heard about the term for the
>first time.
>
Thats the term I saw when I first look into it, at phpBB support
forums,  maybe it's not the commom use... I really don't know.

Hypercell = cells using javascript to change background color


>as per the solution.
>
>i. either google "unbtrusive javascript"
>
>ii. or first change your markup accordingly.
>
><td width="15%" align="center" valign="middle" class="hMenu1"
>onmouseover='this.style.backgroundColor="#FFFFFF";'
>onmouseout='this.style.backgroundColor="";'><a
>href="../card/index.php">cards</a></td>
>
>and then google "unobstrusive javascript".
>
>p.s.
>I am assuming that you use a transitional doctype here (if you are
>unsure what doctype you are using, there are plenty of resources out
>there on how to choose an apropriate doctype)
>
>  
>
That worked perfect, thanks a lot Volkan and Robert.

Eduardo




From dwclifton at gmail.com  Mon Nov  7 12:43:24 2005
From: dwclifton at gmail.com (Douglas Clifton)
Date: Mon, 7 Nov 2005 13:43:24 -0500
Subject: [thelist] Access Denied
Message-ID: <7d6cdcb0511071043p6e2779des3087a2105d623c6a@mail.gmail.com>

Sorry if this is the wrong list or off-topic.

When Evolt.org 3.0 was first released, I was getting "Access Denied"
errors after logging in and then trying to view/comment on the articles.

I assumed this was a temporary problem and would be fixed. However,
yesterday, after having been away for awhile, I revisited and wanted to
comment on the "These Things I Know, PHP Tips" piece -- same thing.

Any ideas? Thanks,

--
Douglas Clifton
dwclifton at gmail.com
http://loadaveragezero.com/
http://loadaveragezero.com/app/s9y/
http://loadaveragezero.com/drx/rss/recent


From jay.blanchard at THERMON.com  Mon Nov  7 12:57:58 2005
From: jay.blanchard at THERMON.com (Jay Blanchard)
Date: Mon, 7 Nov 2005 12:57:58 -0600 
Subject: [thelist] Access Denied
Message-ID: <0CEC8258A6E4D611BE5400306E1CC9270915AA17@smtmb.tmc.local>

[snip]
Sorry if this is the wrong list or off-topic.

When Evolt.org 3.0 was first released, I was getting "Access Denied"
errors after logging in and then trying to view/comment on the articles.

I assumed this was a temporary problem and would be fixed. However,
yesterday, after having been away for awhile, I revisited and wanted to
comment on the "These Things I Know, PHP Tips" piece -- same thing.
[/snip]

Worked for me, I added a comment.


From misha.genkin at gmail.com  Mon Nov  7 13:19:15 2005
From: misha.genkin at gmail.com (Misha Genkin)
Date: Mon, 7 Nov 2005 21:19:15 +0200
Subject: [thelist] DOM + IE elements creation problem
Message-ID: <000001c5e3d0$2c1f5200$0301a8c0@caemlyn>

Hi.
I am having a little problem with getting some JS/DOM script to work.
It works just fine when using Firefox 1.0.6, but renders nothing but a few
blank lines when using IE 6.0 or IE 7.0 Beta.
 
for (i = 0; i < wysiwygEditor.menuRes.emoticons.length - 3; i ++)
{
xAnchor = document.createElement("a");
            xAnchor.href = "#";
            xAnchor.onclick = menuEventHandler;
            xEl = document.createElement("img");
            aTemp = wysiwygEditor.menuRes.emoticons[i].split(";;");
            xEl.id = "insertImage;" + aTemp[i] + ";" + nID
            xEl.src = wysiwygEditor.menuRes.emoticons.baseURL + aTemp[0] +
wysiwygEditor.menuRes.emoticons.fileType;
            if (aTemp[1].indexOf("xClass") == -1)
            {
                        aCSS = aTemp[1].split(";");
                        for (i = 0; i < aCSS.length; i++)
                                    xEl.style[aCSS[i].substring(0,
aCSS[i].indexOf(":"))] = aCSS[i].substr(aCSS[i].indexOf(":") + 1);
            }
            else xEl.className = aTemp[1].substr(7);
                                    
            xEl.alt = aTemp[2];
            xAnchor.appendChild(xEl);
            document.getElementById("real" + sType +
nID).appendChild(xAnchor);
}
 
All the variables have the right values, and defined elsewhere in the code
before that part. Once again the code is fully functional when using Firefox
1.0.6.
Does anybody have any idea what may be the problem with this code?
 
Thanks in advance
Misha.


From web at ryanrushton.com  Mon Nov  7 13:34:51 2005
From: web at ryanrushton.com (Ryan Rushton)
Date: Mon, 7 Nov 2005 19:34:51 -0000 (UTC)
Subject: [thelist] Closing PDF pop-up windows
Message-ID: <2177.206.169.227.100.1131392091.squirrel@mail.getalive.com>

I use javascript to open a new window that contains a PDF help file.  I
want to be able to include a link in the parent window that closes this
popup window.  My script works just fine when the popup is an HTML file,
but when I open a PDF in the popup it no longer closes.

Here is the script:

<html>
<head>
<title>My Parent Window</title>
<script type="text/javascript">
function openHelp(url) {
	helpWin = window.open(url,'help');
}

function closeHelp() {
	if (helpWin && !helpWin.closed)
		helpWin.close();
}
</script>
</head>

<body>

<p>Get help with <a href="#" onclick="openHelp('filename.pdf'); return
false;">something</a>.</p>

<p><a href="#" onclick="closeHelp(); return false;">Close help
window</a>.</p>

</body>
</html>


Does anyone know how to get the window to close?




From discuss at alphanumeric.cz  Mon Nov  7 13:37:51 2005
From: discuss at alphanumeric.cz (Jan Brasna)
Date: Mon, 07 Nov 2005 20:37:51 +0100
Subject: [thelist] Multilingual Sites: Best approach?
In-Reply-To: <FB53FCB7-92AE-46B0-8345-8104D71E647A@striderweb.com>
References: <20051104120036.18445.qmail@web26714.mail.ukl.yahoo.com>
	<FB53FCB7-92AE-46B0-8345-8104D71E647A@striderweb.com>
Message-ID: <436FAD0F.7020505@alphanumeric.cz>

> en.example.com
> fr.example.com
> de.example.com

Great remark, an approach I forgot to mention ;) Eg. sun.com uses it 
pretty efficently, redirecting all national (sun.de, sun.cz ...) content 
to its appropriate (eg. cz.sun.com) option.

-- 
Jan Brasna aka JohnyB :: www.alphanumeric.cz | www.janbrasna.com


From dan.mccullough at gmail.com  Mon Nov  7 13:43:15 2005
From: dan.mccullough at gmail.com (Dan McCullough)
Date: Mon, 7 Nov 2005 14:43:15 -0500
Subject: [thelist] Multilingual Sites: Best approach?
In-Reply-To: <436FAD0F.7020505@alphanumeric.cz>
References: <20051104120036.18445.qmail@web26714.mail.ukl.yahoo.com>
	<FB53FCB7-92AE-46B0-8345-8104D71E647A@striderweb.com>
	<436FAD0F.7020505@alphanumeric.cz>
Message-ID: <faf1d2bd0511071143w95dfac8w8bc7d98f3ae0d9c8@mail.gmail.com>

sun.cz etc is a way that I have done a few sites, also I have done
sun.com/cz sun.com/en etc both of those are very common.

On 11/7/05, Jan Brasna <discuss at alphanumeric.cz> wrote:
> > en.example.com
> > fr.example.com
> > de.example.com
>
> Great remark, an approach I forgot to mention ;) Eg. sun.com uses it
> pretty efficently, redirecting all national (sun.de, sun.cz ...) content
> to its appropriate (eg. cz.sun.com) option.
>
> --
> Jan Brasna aka JohnyB :: www.alphanumeric.cz | www.janbrasna.com
> --
>
> * * Please support the community that supports you.  * *
> http://evolt.org/help_support_evolt/
>
> For unsubscribe and other options, including the Tip Harvester
> and archives of thelist go to: http://lists.evolt.org
> Workers of the Web, evolt !
>


From neal at constructweb.com  Mon Nov  7 13:45:21 2005
From: neal at constructweb.com (Neal Watkins)
Date: Mon, 07 Nov 2005 14:45:21 -0500
Subject: [thelist] Multilingual Sites: Best approach?
In-Reply-To: <faf1d2bd0511071143w95dfac8w8bc7d98f3ae0d9c8@mail.gmail.com>
References: <20051104120036.18445.qmail@web26714.mail.ukl.yahoo.com>
	<FB53FCB7-92AE-46B0-8345-8104D71E647A@striderweb.com>
	<436FAD0F.7020505@alphanumeric.cz>
	<faf1d2bd0511071143w95dfac8w8bc7d98f3ae0d9c8@mail.gmail.com>
Message-ID: <20051107144521.czml8emu4bfkk0sk@www.constructweb.com>

What is the best way to get the actual content in different languages?

Just pay one professional translator/organization?





From dan.mccullough at gmail.com  Mon Nov  7 13:49:02 2005
From: dan.mccullough at gmail.com (Dan McCullough)
Date: Mon, 7 Nov 2005 14:49:02 -0500
Subject: [thelist] Multilingual Sites: Best approach?
In-Reply-To: <20051107144521.czml8emu4bfkk0sk@www.constructweb.com>
References: <20051104120036.18445.qmail@web26714.mail.ukl.yahoo.com>
	<FB53FCB7-92AE-46B0-8345-8104D71E647A@striderweb.com>
	<436FAD0F.7020505@alphanumeric.cz>
	<faf1d2bd0511071143w95dfac8w8bc7d98f3ae0d9c8@mail.gmail.com>
	<20051107144521.czml8emu4bfkk0sk@www.constructweb.com>
Message-ID: <faf1d2bd0511071149p5c14ab74ubd4f5cdd3814b914@mail.gmail.com>

I think one organization there is a better chance to get the
translations quickly, as they would have more people to throw at the
project, however if price is a concern then your probably going to
have to go the freelance route.

On 11/7/05, Neal Watkins <neal at constructweb.com> wrote:
> What is the best way to get the actual content in different languages?
>
> Just pay one professional translator/organization?
>
>
>
> --
>
> * * Please support the community that supports you.  * *
> http://evolt.org/help_support_evolt/
>
> For unsubscribe and other options, including the Tip Harvester
> and archives of thelist go to: http://lists.evolt.org
> Workers of the Web, evolt !
>


From dean.mah at gmail.com  Mon Nov  7 13:51:29 2005
From: dean.mah at gmail.com (Dean Mah)
Date: Mon, 7 Nov 2005 12:51:29 -0700
Subject: [thelist] Access Denied
In-Reply-To: <7d6cdcb0511071043p6e2779des3087a2105d623c6a@mail.gmail.com>
References: <7d6cdcb0511071043p6e2779des3087a2105d623c6a@mail.gmail.com>
Message-ID: <f4a098c50511071151i79bc28eg2f7f7bc4a3e24ae2@mail.gmail.com>

Hi,

If anyone else is having this problem, please contact me offlist with
your username.

Dean


On 11/7/05, Douglas Clifton <dwclifton at gmail.com> wrote:
> Sorry if this is the wrong list or off-topic.
>
> When Evolt.org 3.0 was first released, I was getting "Access Denied"
> errors after logging in and then trying to view/comment on the articles.
>
> I assumed this was a temporary problem and would be fixed. However,
> yesterday, after having been away for awhile, I revisited and wanted to
> comment on the "These Things I Know, PHP Tips" piece -- same thing.


From mwarden at gmail.com  Mon Nov  7 14:57:14 2005
From: mwarden at gmail.com (Matt Warden)
Date: Mon, 07 Nov 2005 15:57:14 -0500
Subject: [thelist] DOM + IE elements creation problem
In-Reply-To: <000001c5e3d0$2c1f5200$0301a8c0@caemlyn>
References: <000001c5e3d0$2c1f5200$0301a8c0@caemlyn>
Message-ID: <436FBFAA.9090505@gmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Misha,

Misha Genkin wrote:
>             xEl.id = "insertImage;" + aTemp[i] + ";" + nID

Shot in the dark here, but I highly doubt ';' is a valid character in
identifiers. Try to restrict it to alphanumeric and hyphen characters.


- --
Matt Warden
Miami University
Oxford, OH, USA
http://mattwarden.com


This email proudly and graciously contributes to entropy.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDb7+qrI3LObhzHRMRAsLsAJ48dmstcCNwJwmgTOHZtEGXPFWMWQCfbHMe
f2EMJvqybrM3kPtjK3S/60w=
=qL8I
-----END PGP SIGNATURE-----


From discuss at alphanumeric.cz  Mon Nov  7 15:08:02 2005
From: discuss at alphanumeric.cz (Jan Brasna)
Date: Mon, 07 Nov 2005 22:08:02 +0100
Subject: [thelist] Multilingual Sites: Best approach?
In-Reply-To: <20051107144521.czml8emu4bfkk0sk@www.constructweb.com>
References: <20051104120036.18445.qmail@web26714.mail.ukl.yahoo.com>	<FB53FCB7-92AE-46B0-8345-8104D71E647A@striderweb.com>	<436FAD0F.7020505@alphanumeric.cz>	<faf1d2bd0511071143w95dfac8w8bc7d98f3ae0d9c8@mail.gmail.com>
	<20051107144521.czml8emu4bfkk0sk@www.constructweb.com>
Message-ID: <436FC232.9050500@alphanumeric.cz>

> What is the best way to get the actual content in different languages?

Definitely a language/tranlation agency. You need to sound "native" if 
you want to make a good impression, these agencies have many 
professionals (pros in various topics as well as native speakers to make 
the text more natural) that can make your text really good.

(Just read my broken English here, you probably don't want your web 
sites to sound that silly...)

-- 
Jan Brasna aka JohnyB :: www.alphanumeric.cz | www.janbrasna.com


From RPringle at aurora-il.org  Mon Nov  7 16:04:46 2005
From: RPringle at aurora-il.org (Pringle, Ron)
Date: Mon, 7 Nov 2005 16:04:46 -0600 
Subject: [thelist] 301 Redirect or...
Message-ID: <4A27645B1A4F4D4181909FA5D213FEF402C822@coaexb.coa.aurora-il.org>

I've just switched over our municipal website from .html files to .asp,
including completely rebuilding the directory structure and much of the
content ( on an IIS 5 server).

In some places the content has changed dramatically and in other places, it
is taken from the old page, but with new sidebar content, etc.

We're talking about 500+ pages of content here.

Should I be creating 301 permanent redirects for main sections of content or
just let the old links die a peaceful death and wait for the search engines
to re-index?

I'm probably more concerned with people who have direct links to internal
pages, but I also don't know that I can create redirects for all of those
pages, or even know what they are.

Advice and suggestions appreciated.

Regards,
Ron


From meganwh at wi.rr.com  Mon Nov  7 16:09:30 2005
From: meganwh at wi.rr.com (Megan Holbrook)
Date: Mon, 07 Nov 2005 16:09:30 -0600
Subject: [thelist] 301 Redirect or...
In-Reply-To: <4A27645B1A4F4D4181909FA5D213FEF402C822@coaexb.coa.aurora-il.org>
References: <4A27645B1A4F4D4181909FA5D213FEF402C822@coaexb.coa.aurora-il.org>
Message-ID: <436FD09A.10302@wi.rr.com>

Pringle, Ron wrote:

> Should I be creating 301 permanent redirects for main sections of content or
> just let the old links die a peaceful death and wait for the search engines
> to re-index?

It might be a better use of your time to customize your 404 message to 
include information about the site redevelopment, and suggest pages on 
the site that might help them find what they're looking for (i.e., site 
map, search, etc.).

We did something like this on a recent site: http://www.swlaw.edu/error

HTH, M.
-- 
Megan Holbrook - megan at kapow.com
Partner - Business Development
kapow, inc. (www.kapow.com) - website design, development & consulting

Most recent website launches:
Milwaukee Symphony Orchestra (www.milwaukeesymphony.org)
Southwestern Law School (www.swlaw.edu)

kapow, inc. Milwaukee               kapow, inc. Los Angeles
2405 E. Wyoming Place               1301 Montana Ave., Suite A
Milwaukee, WI 53202                 Santa Monica, CA  90403
T: 414-273-2446 * F: 414-278-9056   T: 310.394.5276 * F: 310.394.5278
	


From Brian at hondaswap.com  Mon Nov  7 16:14:24 2005
From: Brian at hondaswap.com (Brian Cummiskey)
Date: Mon, 07 Nov 2005 17:14:24 -0500
Subject: [thelist] 301 Redirect or...
In-Reply-To: <436FD09A.10302@wi.rr.com>
References: <4A27645B1A4F4D4181909FA5D213FEF402C822@coaexb.coa.aurora-il.org>
	<436FD09A.10302@wi.rr.com>
Message-ID: <436FD1C0.1030202@hondaswap.com>

Megan Holbrook wrote:
> Pringle, Ron wrote:
> 
> 
>>Should I be creating 301 permanent redirects for main sections of content or
>>just let the old links die a peaceful death and wait for the search engines
>>to re-index?
> 
> 
> It might be a better use of your time to customize your 404 message to 
> include information about the site redevelopment, and suggest pages on 
> the site that might help them find what they're looking for (i.e., site 
> map, search, etc.).

Or take it a step fruther, and do a redirect FROM the 404.  For example:

test.html has become test.asp
so, test.html -> 404.shtml -> redirects to test.asp
then if it STILL doesn't exist, it will return to the 404 page once again.

Tracking it with a cookie or a session of some sort will be necessary to 
avoid endless re-directs.



From fffrancis at fstorr.demon.co.uk  Mon Nov  7 16:22:12 2005
From: fffrancis at fstorr.demon.co.uk (fstorr)
Date: Mon, 7 Nov 2005 22:22:12 +0000
Subject: [thelist] @media and @import
In-Reply-To: <1054332938.20051107091443@kristinafloyd.co.uk>
References: <3896CE5B-51C3-43CA-806C-90A4F5B23994@fstorr.demon.co.uk>
	<dfc81b090511062346x502de71fx@mail.gmail.com>
	<09813299-C26C-49F8-9BAF-A246CD7A068D@fstorr.demon.co.uk>
	<1054332938.20051107091443@kristinafloyd.co.uk>
Message-ID: <A5834A51-FA9A-4C37-AD7C-25312CD72607@fstorr.demon.co.uk>


On 7 Nov, 2005, at 09:14, Kristina Floyd wrote:

> Do you have a URL we can look at?
>
> What are you testing this in/on?
>
> --  
> Cheers now,
>  Kristina


Hi

Okay, there's a basic page here: http://www.thespiceweasel.com/ 
experiments/css/
The main CSS is here: http://www.thespiceweasel.com/experiments/css/ 
styles.css and the print stylesheet that that imports in is here:
http://www.thespiceweasel.com/experiments/css/print.css

I'm testing this in  Opera 8.5, FF 1.5 and Safari 2.0.2.

Regards

F



From tim at freewayactions.com  Mon Nov  7 16:36:52 2005
From: tim at freewayactions.com (Tim Plumb)
Date: Mon, 7 Nov 2005 22:36:52 +0000
Subject: [thelist] Creating thumbnails of websites?
In-Reply-To: <7AC902A40BEDD411A3A800D0B7847B661860BF38@sernt14.essex.ac.uk>
References: <7AC902A40BEDD411A3A800D0B7847B661860BF38@sernt14.essex.ac.uk>
Message-ID: <c30fd20df551e7f49e7b18fa1e1682dd@freewayactions.com>

On OS X you could try webkit2PNG 
(http://www.paulhammond.org/webkit2png/) for a command line tool or 
Paparazzi (http://www.derailer.org/paparazzi/) for something with a 
GUI.
Regards,
Tim.



From itsallaboutashlee at yahoo.co.uk  Mon Nov  7 16:56:11 2005
From: itsallaboutashlee at yahoo.co.uk (Dave Stevens)
Date: Mon, 07 Nov 2005 22:56:11 +0000
Subject: [thelist] Multilingual Sites: Best approach?
In-Reply-To: <20051107144521.czml8emu4bfkk0sk@www.constructweb.com>
References: <20051104120036.18445.qmail@web26714.mail.ukl.yahoo.com>	<FB53FCB7-92AE-46B0-8345-8104D71E647A@striderweb.com>	<436FAD0F.7020505@alphanumeric.cz>	<faf1d2bd0511071143w95dfac8w8bc7d98f3ae0d9c8@mail.gmail.com>
	<20051107144521.czml8emu4bfkk0sk@www.constructweb.com>
Message-ID: <436FDB8B.7090603@yahoo.co.uk>

Neal Watkins wrote:

>What is the best way to get the actual content in different languages?
>
>  
>
Native speakers who can read English fluently, volunteering their time 
free of charge as they share a great interest in what I'm creating 
(which is not for profit, naturally) - that's what I love about the web!

Dave

	
	
		
___________________________________________________________ 
Yahoo! Messenger - NEW crystal clear PC to PC calling worldwide with voicemail http://uk.messenger.yahoo.com


From evolt at ultraspace.com  Mon Nov  7 17:04:04 2005
From: evolt at ultraspace.com (Gog Ogo)
Date: Mon, 07 Nov 2005 16:04:04 -0700
Subject: [thelist] The best shopping cart?
Message-ID: <436FDD64.4000403@ultraspace.com>


Hello, everybody:

I did a search of the archives, but it looks like it's been awhile since this 
topic has been addressed.

I'm looking for an easy to use, secure, stable, shopping cart.

I prefer open source, free, LAMP-based code, and I would pay for support, if 
necessary.

My hosting folk offer these titles:

Agora Shopping Cart
CubeCart
OS Commerce
Zen Cart

Any thoughts on these or other solutions?

Thanks!
Go







From eikes.lists at dynamique.de  Mon Nov  7 17:38:06 2005
From: eikes.lists at dynamique.de (Eike Pierstorff)
Date: Tue, 08 Nov 2005 00:38:06 +0100
Subject: [thelist] Paypal IPN and PHP
Message-ID: <436FE55E.4090503@dynamique.de>

Dear List,

can anybody recommend a good tutorial for integrating Paypal IPN in a 
PHP-based website (apart from paypals own manuals) ? Most of the stuff I 
found with search engines seems to be outdated.

Thank you

-- eike



From skquinn at speakeasy.net  Mon Nov  7 18:00:50 2005
From: skquinn at speakeasy.net (Shawn K. Quinn)
Date: Mon, 07 Nov 2005 18:00:50 -0600
Subject: [thelist] Closing PDF pop-up windows
In-Reply-To: <2177.206.169.227.100.1131392091.squirrel@mail.getalive.com>
References: <2177.206.169.227.100.1131392091.squirrel@mail.getalive.com>
Message-ID: <1131408051.10144.0.camel@xevious.platypuslabs.org>

On Mon, 2005-11-07 at 19:34 +0000, Ryan Rushton wrote:
> I use javascript to open a new window that contains a PDF help file.  I
> want to be able to include a link in the parent window that closes this
> popup window.  My script works just fine when the popup is an HTML file,
> but when I open a PDF in the popup it no longer closes.
[...]
> Does anyone know how to get the window to close?

What's wrong with the "X" in the upper right corner (or wherever the
user's window manager of choice puts it)?

-- 
Shawn K. Quinn <skquinn at speakeasy.net>



From skquinn at speakeasy.net  Mon Nov  7 18:03:12 2005
From: skquinn at speakeasy.net (Shawn K. Quinn)
Date: Mon, 07 Nov 2005 18:03:12 -0600
Subject: [thelist] 301 Redirect or...
In-Reply-To: <4A27645B1A4F4D4181909FA5D213FEF402C822@coaexb.coa.aurora-il.org>
References: <4A27645B1A4F4D4181909FA5D213FEF402C822@coaexb.coa.aurora-il.org>
Message-ID: <1131408193.10144.3.camel@xevious.platypuslabs.org>

On Mon, 2005-11-07 at 16:04 -0600, Pringle, Ron wrote:
> I've just switched over our municipal website from .html files to .asp,
> including completely rebuilding the directory structure and much of the
> content ( on an IIS 5 server).
> 
> In some places the content has changed dramatically and in other places, it
> is taken from the old page, but with new sidebar content, etc.
> 
> We're talking about 500+ pages of content here.
> 
> Should I be creating 301 permanent redirects for main sections of content or
> just let the old links die a peaceful death and wait for the search engines
> to re-index?

This time: make the 301 redirects.

Next time: make URLs that don't need to be changed.

"What makes a cool URI?
A cool URI is one which does not change.
What sorts of URI change?
URIs don't change: people change them."

 --Tim Berners-Lee, Style Guide for Online Hypertext

-- 
Shawn K. Quinn <skquinn at speakeasy.net>



From syoung at unitec.ac.nz  Mon Nov  7 18:33:15 2005
From: syoung at unitec.ac.nz (Stuart Young)
Date: Tue, 08 Nov 2005 13:33:15 +1300
Subject: [thelist] database schema for shopping transaction
Message-ID: <s370a92a.060@gwia1.unitec.ac.nz>

> apwebdesign at yahoo.com 04/11/2005 10:18:17 >
> Anyone have any good pointers on this?
> The idea is to have an online shopping cart where the
> customer can place multiple items (and quantities).

Download a copy of osCommerce or ZenCart or something and install it and then look at the DB schema in that for ideas.

cheers

--
Dr Stuart Young,       	+64 (0)9-815 4321 x 8656
<syoung at unitec.ac.nz> 	+64 021 183 2846 (mob)
Lecturer, School of Computing and Information Technology,
Unitec New Zealand, Auckland, New Zealand
http://tinyurl.com/4956o
(the official URL for my staffpage is too long and complex)
http://blog.stuart.cpanel.unitec.ac.nz/
My Unitec internet and web development blog.
http://www.pixelandgrain.co.nz/
Web development, graphic design and photography



From evolt at roselli.org  Mon Nov  7 19:40:01 2005
From: evolt at roselli.org (aardvark)
Date: Mon, 07 Nov 2005 20:40:01 -0500
Subject: [thelist] Multilingual Sites: Best approach?
In-Reply-To: <20051107144521.czml8emu4bfkk0sk@www.constructweb.com>
References: <faf1d2bd0511071143w95dfac8w8bc7d98f3ae0d9c8@mail.gmail.com>
Message-ID: <436FBBA1.14488.43272996@localhost>

On 7 Nov 2005 at 14:45, Neal Watkins wrote:

> What is the best way to get the actual content in different languages?
> 
> Just pay one professional translator/organization?

i've been trying very hard not to get into this thread, lest it sound 
like i am pimping my services... but i do have a good deal of 
experience localizing sites for different markets (that's more than 
just translations)...

last year i spoke at the TOevolt conference (http://toevolt.org/) and 
presented on the topic of locatalization and internationalization... 
while my presentation was really intended to be heard (my jokes were 
many and lame), i did create slides for the presentation, which you 
can grab here:
	http://roselli.org/adrian/presentations/toevolt.asp

it's obviously very general, but there are some examples and 
statistics in there...

i also co-wrote an article for Multilingual Coomputng & Technology 
magazine, which you can download here:
http://algonquinstudios.com/Home/Tech/ContentManagementandLocalization

it's from May 2002, but it may offer some insight into issues we 
dealth with that you might encounter...

the most recent issue of same magazine has a series of articles 
dealing with how to ensure multilingual sites enjoy high pagerank in 
localized search engines...

finally, look for a translation company that has relationships with 
in-country translators who are familiar with the industry for which 
you are looking for translations... just knowing both languages isn't 
enough... i can't speak accountant, so i wouldn't try to translate 
from Spanish into it...

and there you go...

this where i would now mention all the localization services that 
algonquin studios offers... but i won't take up your valuable time...



From web at ryanrushton.com  Mon Nov  7 19:41:25 2005
From: web at ryanrushton.com (Ryan Rushton)
Date: Tue, 8 Nov 2005 01:41:25 -0000 (UTC)
Subject: [thelist] Closing PDF pop-up windows
Message-ID: <3167.206.169.227.100.1131414085.squirrel@mail.getalive.com>

> On Mon, 2005-11-07 at 19:34 +0000, Ryan Rushton wrote:
>> I use javascript to open a new window that contains a PDF help file.  I
want to be able to include a link in the parent window that closes this
popup window.  My script works just fine when the popup is an HTML
file, but when I open a PDF in the popup it no longer closes.
> [...]
>> Does anyone know how to get the window to close?
>
> What's wrong with the "X" in the upper right corner (or wherever the
user's window manager of choice puts it)?
>
> --
> Shawn K. Quinn <skquinn at speakeasy.net>
>

Well I simplified the problem in my example to avoid confusion.  In
implementation the "close" link in my example code will actually be a link
that closes the existing help window and opens a new with the same name
containing a different help file.
(Background: originally I tried to simply replace the content in the help
window with the new content, but this was not respecting different
nameddest within the same PDF, so I decided to opt for closing the window
and opening it fresh with the new nameddest)

Anyone?






From evolt at markgroen.com  Mon Nov  7 20:10:03 2005
From: evolt at markgroen.com (Mark Groen)
Date: Mon, 7 Nov 2005 18:10:03 -0800
Subject: [thelist] Paypal IPN and PHP
References: <436FE55E.4090503@dynamique.de>
Message-ID: <002801c5e409$8b2abe40$6400a8c0@vn.shawcable.net>

----- Original Message ----- 
From: "Eike Pierstorff" <>
To: <thelist at lists.evolt.org>
Sent: Monday, November 07, 2005 3:38 PM
Subject: [thelist] Paypal IPN and PHP


> Dear List,
>
> can anybody recommend a good tutorial for integrating Paypal IPN in a
> PHP-based website (apart from paypals own manuals) ? Most of the stuff
I
> found with search engines seems to be outdated.

Yup, and even an area where you can test to see if it works on the PP
servers. I haven't found an easy way to describe how to get there except
for this convoluted trail:

Log in to your Paypal account, left hand menu click on "Community Page",
then scroll down to the bottom of that one and click on "Developers"
which takes you to the place you want - there are tutorials, SDK's and a
whole lot more. Again in the left menu, click on "How-To Articles" and
the last one is "An Introduction to PayPal and IPN for Developers"

cheers,

        Mark



From discuss at alphanumeric.cz  Mon Nov  7 20:01:39 2005
From: discuss at alphanumeric.cz (Jan Brasna)
Date: Tue, 08 Nov 2005 03:01:39 +0100
Subject: [thelist] Multilingual Sites: Best approach?
In-Reply-To: <436FBBA1.14488.43272996@localhost>
References: <faf1d2bd0511071143w95dfac8w8bc7d98f3ae0d9c8@mail.gmail.com>
	<436FBBA1.14488.43272996@localhost>
Message-ID: <43700703.5090106@alphanumeric.cz>

> just knowing both languages isn't enough... i can't
> speak accountant, so i wouldn't try to translate 
> from Spanish into it...

Exactly!

Thanks for your valuable input and the links.

-- 
Jan Brasna aka JohnyB :: www.alphanumeric.cz | www.janbrasna.com


From evolt at markgroen.com  Mon Nov  7 23:38:52 2005
From: evolt at markgroen.com (Mark Groen)
Date: Mon, 7 Nov 2005 21:38:52 -0800
Subject: [thelist] Paypal IPN and PHP
References: <436FE55E.4090503@dynamique.de>
	<002801c5e409$8b2abe40$6400a8c0@vn.shawcable.net>
Message-ID: <001601c5e426$d2f52ae0$6400a8c0@vn.shawcable.net>

> > ........(apart from paypals own manuals) ?

I missed that, sorry.

Is there something a bit more specific that isn't working for you that
maybe someone has the answer to? Basically all you do is use the code
they supply, then make use of php sessions to pass the variables along
from page to page until the cart is done, replacing their bits with your
$phpstuff. It's important to have the return pages configured properly
etc. too, and their test area lets you try it out before going live.

imho, you're probably better off using the paypal forum and resources as
it will be the most up to date for the actual code to use, even if it is
a pita to get around their web site.

cheers,

        Mark






From rwd at csi1st.net  Tue Nov  8 01:28:36 2005
From: rwd at csi1st.net (Ron Dorman)
Date: Tue, 08 Nov 2005 01:28:36 -0600
Subject: [thelist] The best shopping cart?
In-Reply-To: <436FDD64.4000403@ultraspace.com>
References: <436FDD64.4000403@ultraspace.com>
Message-ID: <437053A4.1090609@csi1st.net>

Gog Ogo wrote:

>I'm looking for an easy to use, secure, stable, shopping cart.
>
>I prefer open source, free, LAMP-based code, and I would pay for support, if 
>necessary.
>
>My hosting folk offer these titles:
>
>Agora Shopping Cart
>CubeCart
>OS Commerce
>Zen Cart
>
>Any thoughts on these or other solutions?
>
Agora is a basic feature set, no frills cart. Works well with little 
modification for simple carts and no more than a few hundred items.

Haven't worked with CubeCart

Bypassed OS Commerce

Have two sites based on ZenCart (a branch, rewrite, combination, 
whatever of OSC; newer and better than IMHO). Site One, the whole site 
is ZenCart delivered (minor CMS features) and the other is ZenCart 
embedded into the site (otherwise totally custom, CSS layout). Many 
bells and whistles via modules and config options. Templated with 
modifications/overides system to assist in retaining custom mods during 
upgrades.

May want to add Drupal with e-comm module to you list of consideration. 
Even though your current host doesn't offer it, they can probably 
support it if they are LAMP based. If not, I can point you to a host 
that does support it, and modifies it if you need.

I you were to post your requirements, the members here could better 
answer a solution to your needs.

Ron D.



From toney at systemsplanning.com  Tue Nov  8 04:28:21 2005
From: toney at systemsplanning.com (Stephen Toney)
Date: Tue, 08 Nov 2005 05:28:21 -0500
Subject: [thelist] Validator with cookies/JS
Message-ID: <1824082212.20051108052821@systemsplanning.com>

Hi,

I would like to validate some dynamic pages using the W3C validator, 
but the site requires cookies and Javascript to work. Since the 
validator doesn't pass the cookie and JS tests, all it sees is a error 
page.

Does anyone know how to fake this, so the validator can get past the 
error page into a real content page?

(By "dynamic pages" I mean that all content is generated by a CGI.)

URL is http://65.209.2.12/clccgi/MWebLive.exe

Thanks for any advice!

Stephen Toney
Systems Planning
toney at systemsplanning.com
http://www.systemsplanning.com



From ian at zstudio.co.uk  Tue Nov  8 04:40:53 2005
From: ian at zstudio.co.uk (Ian Anderson)
Date: Tue, 08 Nov 2005 10:40:53 +0000
Subject: [thelist] Validator with cookies/JS
In-Reply-To: <1824082212.20051108052821@systemsplanning.com>
References: <1824082212.20051108052821@systemsplanning.com>
Message-ID: <437080B5.1040406@zstudio.co.uk>

Stephen Toney wrote:

> Does anyone know how to fake this, so the validator can get past the 
> error page into a real content page?

While viewing the relevant page, save the HTML source as a file and 
upload it to the validator manually?

I'm sure I have done it this way in the past when in this situation.

Cheers

Ian

-- 
_________________________________________________
zStudio - Web development and accessibility
http://zStudio.co.uk

Snippetz.net BETA - Online code library
File, manage and re-use your code snippets online
http://snippetz.net



From evolt at kasimir-k.fi  Tue Nov  8 04:48:21 2005
From: evolt at kasimir-k.fi (Kasimir K)
Date: Tue, 08 Nov 2005 10:48:21 +0000
Subject: [thelist] Validator with cookies/JS
In-Reply-To: <1824082212.20051108052821@systemsplanning.com>
References: <1824082212.20051108052821@systemsplanning.com>
Message-ID: <43708275.1050604@kasimir-k.fi>

Stephen Toney scribeva in 2005-11-08 10:28:
> Does anyone know how to fake this, so the validator can get past the 
> error page into a real content page?

Firefox web developer toolbar extension has "Validate local HTML"

(Your site is lacking quite a few alt-attributes ;-)

.k


From paul at xk7.net  Tue Nov  8 05:34:40 2005
From: paul at xk7.net (Paul Waring)
Date: Tue, 8 Nov 2005 11:34:40 +0000
Subject: [thelist] 301 Redirect or...
In-Reply-To: <4A27645B1A4F4D4181909FA5D213FEF402C822@coaexb.coa.aurora-il.org>
References: <4A27645B1A4F4D4181909FA5D213FEF402C822@coaexb.coa.aurora-il.org>
Message-ID: <20051108113440.GA40416@kryten.xk7.net>

On Mon, Nov 07, 2005 at 04:04:46PM -0600, Pringle, Ron wrote:
> Should I be creating 301 permanent redirects for main sections of content or
> just let the old links die a peaceful death and wait for the search engines
> to re-index?

If you put 301s in, I believe the major search engines (certainly Google
does this) will automatically update their indexes to point at the new
content. So you might want to do that for a while, then remove them
after a few months once everything has been pushed through, although I'd
recommend just leaving them in permanently.

Paul

-- 
Rogue Tory
http://www.roguetory.org.uk


From misha.genkin at gmail.com  Tue Nov  8 05:57:30 2005
From: misha.genkin at gmail.com (Misha Genkin)
Date: Tue, 8 Nov 2005 13:57:30 +0200
Subject: [thelist] DOM + IE elements creation problem
In-Reply-To: <436FBFAA.9090505@gmail.com>
Message-ID: <000301c5e45b$9a9e7540$0301a8c0@caemlyn>

Hi Matt

I've tried to use hyphens instead of ";" but it didn't help.
Also I'm using the ";" character in several more place as identifiers, and
none caused any trouble yet.
Do you have any others ideas? I'm out in the dark here :\

Misha Genkin.

-----Original Message-----
From: thelist-bounces at lists.evolt.org
[mailto:thelist-bounces at lists.evolt.org] On Behalf Of Matt Warden
Sent: Monday, November 07, 2005 10:57 PM
To: thelist at lists.evolt.org
Subject: Re: [thelist] DOM + IE elements creation problem

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Misha,

Misha Genkin wrote:
<              xEl.id = "insertImage;" + aTemp[i] + ";" + nID

Shot in the dark here, but I highly doubt ';' is a valid character in
identifiers. Try to restrict it to alphanumeric and hyphen characters.


- --
Matt Warden
Miami University
Oxford, OH, USA
http://mattwarden.com


This email proudly and graciously contributes to entropy.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDb7+qrI3LObhzHRMRAsLsAJ48dmstcCNwJwmgTOHZtEGXPFWMWQCfbHMe
f2EMJvqybrM3kPtjK3S/60w=
=qL8I
-----END PGP SIGNATURE-----
-- 

* * Please support the community that supports you.  * *
http://evolt.org/help_support_evolt/

For unsubscribe and other options, including the Tip Harvester 
and archives of thelist go to: http://lists.evolt.org 
Workers of the Web, evolt ! 



From codepo8 at gmail.com  Tue Nov  8 06:01:49 2005
From: codepo8 at gmail.com (Christian Heilmann)
Date: Tue, 8 Nov 2005 12:01:49 +0000
Subject: [thelist] DOM + IE elements creation problem
In-Reply-To: <000301c5e45b$9a9e7540$0301a8c0@caemlyn>
References: <436FBFAA.9090505@gmail.com>
	<000301c5e45b$9a9e7540$0301a8c0@caemlyn>
Message-ID: <30bd6ffd0511080401x38eb3239p9f04cc3ade150573@mail.gmail.com>

> Hi Matt
>
> I've tried to use hyphens instead of ";" but it didn't help.
> Also I'm using the ";" character in several more place as identifiers, and
> none caused any trouble yet.
> Do you have any others ideas? I'm out in the dark here :\

I am not sure you can use the style as an array

xEl.style[aCSS[i].substring(0,
aCSS[i].indexOf(":"))] = aCSS[i].substr(aCSS[i].indexOf(":") + 1);

isn't there a "." missing somewhere?

all of this would be a lot easier if you'd detangle your code a bit,
and use more variables. Or give us a URL to check it at.

It'd also help if MSIE had error messages that do make any sense. Did
you try to put alerts in and see exactly after which line it fails?

--
Chris Heilmann
Blog: http://www.wait-till-i.com
Writing: http://icant.co.uk/
Binaries: http://www.onlinetools.org/


From eikes.lists at dynamique.de  Tue Nov  8 06:39:52 2005
From: eikes.lists at dynamique.de (Eike Pierstorff)
Date: Tue, 08 Nov 2005 13:39:52 +0100
Subject: [thelist] Paypal IPN and PHP
In-Reply-To: <001601c5e426$d2f52ae0$6400a8c0@vn.shawcable.net>
References: <436FE55E.4090503@dynamique.de>	<002801c5e409$8b2abe40$6400a8c0@vn.shawcable.net>
	<001601c5e426$d2f52ae0$6400a8c0@vn.shawcable.net>
Message-ID: <43709C98.2060805@dynamique.de>

Hello Mark,

Mark Groen schrieb:
> Is there something a bit more specific that isn't working for you that
> maybe someone has the answer to? 

It's not that it's not working, it's more that I don't know if I'm doing 
things right - I found very little information on security issues and 
possible pitfalls in the manuals and had hoped a good tutorial would 
discuss these things. I guess I'm just a little nervous when I fiddle 
around with other peoples money.

-- eike



From dan.mccullough at gmail.com  Tue Nov  8 07:57:45 2005
From: dan.mccullough at gmail.com (Dan McCullough)
Date: Tue, 8 Nov 2005 08:57:45 -0500
Subject: [thelist] Paypal IPN and PHP
In-Reply-To: <43709C98.2060805@dynamique.de>
References: <436FE55E.4090503@dynamique.de>
	<002801c5e409$8b2abe40$6400a8c0@vn.shawcable.net>
	<001601c5e426$d2f52ae0$6400a8c0@vn.shawcable.net>
	<43709C98.2060805@dynamique.de>
Message-ID: <faf1d2bd0511080557qc2f8801yba38331aaa1666ff@mail.gmail.com>

http://www.zend.com/zend/tut/tutorial-paypal.php
http://www.felgall.com/php6a.htm
https://www.paypal.com/cgi-bin/webscr?cmd=p/pdn/how-to-outside



On 11/8/05, Eike Pierstorff <eikes.lists at dynamique.de> wrote:
> Hello Mark,
>
> Mark Groen schrieb:
> > Is there something a bit more specific that isn't working for you that
> > maybe someone has the answer to?
>
> It's not that it's not working, it's more that I don't know if I'm doing
> things right - I found very little information on security issues and
> possible pitfalls in the manuals and had hoped a good tutorial would
> discuss these things. I guess I'm just a little nervous when I fiddle
> around with other peoples money.
>
> -- eike
>
> --
>
> * * Please support the community that supports you.  * *
> http://evolt.org/help_support_evolt/
>
> For unsubscribe and other options, including the Tip Harvester
> and archives of thelist go to: http://lists.evolt.org
> Workers of the Web, evolt !
>


From fdy at mcc.org  Tue Nov  8 08:03:45 2005
From: fdy at mcc.org (Fred D Yocum)
Date: Tue, 8 Nov 2005 09:03:45 -0500
Subject: [thelist] Multilingual Sites: Best approach?
In-Reply-To: <mailman.7.1131425282.19374.thelist@lists.evolt.org>
Message-ID: <OF1CF3D639.83D066DC-ON852570B3.004BDE06-852570B3.004D3F8A@mcc.org>

As a designer that works for a North American charity with offices in at 
least thirty countries I would echo this comment. Translation is an 
expensive and time consuming business, but if you have ever chortled over 
a translation into your own language you know why it is important to get 
it as right as you can. Spanish translation, particularly in the North 
America where the Hispanic community is made up of people from many 
different Latin Amreican/Caribbean countries is complex. There is no 
dominant "Received" or "Standard" way of speaking or writing, 

>Finally, look for a translation company that has relationships with
>in-country translators who are familiar with the industry for which
>you are looking for translations... just knowing both languages isn't
>enough... i can't speak accountant, so i wouldn't try to translate
>from Spanish into it...


From RPringle at aurora-il.org  Tue Nov  8 09:01:46 2005
From: RPringle at aurora-il.org (Pringle, Ron)
Date: Tue, 8 Nov 2005 09:01:46 -0600 
Subject: [thelist] 301 Redirect or...
Message-ID: <4A27645B1A4F4D4181909FA5D213FEF402C824@coaexb.coa.aurora-il.org>

Paul Wrote:

> If you put 301s in, I believe the major search engines 
> (certainly Google
> does this) will automatically update their indexes to point at the new
> content. So you might want to do that for a while, then remove them
> after a few months once everything has been pushed through, 
> although I'd
> recommend just leaving them in permanently.
> 
> Paul

I think I may go ahead and 301 the main pages, or rather the ones that are
showing up highest ranked as errors in the log, and the index page.

I'll definitely do a custom 404 page as well. I was considering that anyhow.

As for Shaun's advice, that'd be great if I lived in PerfectWorldLand.
However, since I inherited this site from another person who didn't do a
very good job in developing or structuring the site in the first place, file
renaming and directory re-ordering were necessary. And since I work for
municipal government, I'm sure the politics will demand that things be
changed again in the future, according to the prevailing political climate.

Tim Berners-Lee forgot to factor in Ego. ;)

Ron


From misha.genkin at gmail.com  Tue Nov  8 09:20:14 2005
From: misha.genkin at gmail.com (Misha Genkin)
Date: Tue, 8 Nov 2005 17:20:14 +0200
Subject: [thelist] DOM + IE elements creation problem
In-Reply-To: <30bd6ffd0511080401x38eb3239p9f04cc3ade150573@mail.gmail.com>
Message-ID: <000501c5e477$ec5b1340$0301a8c0@caemlyn>

Chris,

Using style a associative array is described in a several W3C document, so I
think that it shouldn't be the source of the problem.
I'm afraid there is no available URL at which you could check this code, but
I'll be more than willing to detangle it, if it'll help.
Another problem is that the code doesn't fail, it works seamingly at 100%
but without the desired result when using IE. I've tried using alerts and
haven't found any problems, also IE doesn't show any error messages. When
using Firefox browser, this script works seamlessly.

Detangled code for your review:
for (i = 0; i < wysiwygEditor.menuRes.emoticons.length - 3; i ++)
{
	xAnchor = document.createElement("a");
	xAnchor.href = "#";
	xAnchor.onclick = menuEventHandler;
	xEl = document.createElement("img");
	var sEmoticonData = wysiwygEditor.menuRes.emoticons[i];
	aTemp = sEmoticonData.split(";;");
	xEl.id = "insertImage;" + aTemp[i] + ";" + nID
	var sBaseURL = wysiwygEditor.menuRes.emoticons.baseURL;
	var sFileType = wysiwygEditor.menuRes.emoticons.fileType;
	xEl.src = sBaseURL + aTemp[0] + sFileType;
		if (aTemp[1].indexOf("xClass") == -1)
            {
            	aCSS = aTemp[1].split(";");
            	for (i = 0; i < aCSS.length; i++)
			{
				var nValueIndex = aCSS[i].indexOf(":");
				var sPropery =
aCSS[i].substring(0,nValueIndex);
				var sValue = aCSS[i].substr(nValueIndex +
1);
				xEl.style[sProperty] = sValue;
			}
            }
            else xEl.className = aTemp[1].substr(7);

            xEl.alt = aTemp[2];
            xAnchor.appendChild(xEl);
		var sContainerID = "real" + sType + nID;
            document.getElementById(sContainerID).appendChild(xAnchor);
}

I hope this version of the code is more understandable.
Misha Genkin.

-----Original Message-----
From: thelist-bounces at lists.evolt.org
[mailto:thelist-bounces at lists.evolt.org] On Behalf Of Christian Heilmann
Sent: Tuesday, November 08, 2005 2:02 PM
To: thelist at lists.evolt.org
Subject: Re: [thelist] DOM + IE elements creation problem

> Hi Matt
>
> I've tried to use hyphens instead of ";" but it didn't help.
> Also I'm using the ";" character in several more place as identifiers, and
> none caused any trouble yet.
> Do you have any others ideas? I'm out in the dark here :\

I am not sure you can use the style as an array

xEl.style[aCSS[i].substring(0,
aCSS[i].indexOf(":"))] = aCSS[i].substr(aCSS[i].indexOf(":") + 1);

isn't there a "." missing somewhere?

all of this would be a lot easier if you'd detangle your code a bit,
and use more variables. Or give us a URL to check it at.

It'd also help if MSIE had error messages that do make any sense. Did
you try to put alerts in and see exactly after which line it fails?

--
Chris Heilmann
Blog: http://www.wait-till-i.com
Writing: http://icant.co.uk/
Binaries: http://www.onlinetools.org/
-- 

* * Please support the community that supports you.  * *
http://evolt.org/help_support_evolt/

For unsubscribe and other options, including the Tip Harvester 
and archives of thelist go to: http://lists.evolt.org 
Workers of the Web, evolt ! 



From misha.genkin at gmail.com  Tue Nov  8 09:39:05 2005
From: misha.genkin at gmail.com (Misha Genkin)
Date: Tue, 8 Nov 2005 17:39:05 +0200
Subject: [thelist] DOM + IE elements creation problem
In-Reply-To: <30bd6ffd0511080401x38eb3239p9f04cc3ade150573@mail.gmail.com>
Message-ID: <000b01c5e47a$8e678860$0301a8c0@caemlyn>

A little correction to the code [don't worry, it still doesn't work]

for (i = 0; i < wysiwygEditor.menuRes.emoticons.length - 3; i ++) {
	xAnchor = document.createElement("a");
	xAnchor.href = "#";
	xAnchor.onclick = menuEventHandler;
	xEl = document.createElement("img");
	var sEmoticonData = wysiwygEditor.menuRes.emoticons[i];
	aTemp = sEmoticonData.split(";;");
	xEl.id = "insertImage;" + aTemp[0] + ";" + nID;
	//				  ^ - changed aTemp[i] to aTemp[0]
	var sBaseURL = wysiwygEditor.menuRes.emoticons.baseURL;
	var sFileType = wysiwygEditor.menuRes.emoticons.fileType;
	xEl.src = sBaseURL + aTemp[0] + sFileType;
		if (aTemp[1].indexOf("xClass") == -1)
            {
            	aCSS = aTemp[1].split(";");
            	for (i = 0; i < aCSS.length; i++)
			{
				var nValueIndex = aCSS[i].indexOf(":");
				var sPropery =
aCSS[i].substring(0,nValueIndex);
				var sValue = aCSS[i].substr(nValueIndex +
1);
				xEl.style[sProperty] = sValue;
			}
            }
            else xEl.className = aTemp[1].substr(7);

            xEl.alt = aTemp[2];
            xAnchor.appendChild(xEl);
		var sContainerID = "real" + sType + nID;
            document.getElementById(sContainerID).appendChild(xAnchor);
}


-----Original Message-----
From: thelist-bounces at lists.evolt.org
[mailto:thelist-bounces at lists.evolt.org] On Behalf Of Christian Heilmann
Sent: Tuesday, November 08, 2005 2:02 PM
To: thelist at lists.evolt.org
Subject: Re: [thelist] DOM + IE elements creation problem

> Hi Matt
>
> I've tried to use hyphens instead of ";" but it didn't help.
> Also I'm using the ";" character in several more place as identifiers, and
> none caused any trouble yet.
> Do you have any others ideas? I'm out in the dark here :\

I am not sure you can use the style as an array

xEl.style[aCSS[i].substring(0,
aCSS[i].indexOf(":"))] = aCSS[i].substr(aCSS[i].indexOf(":") + 1);

isn't there a "." missing somewhere?

all of this would be a lot easier if you'd detangle your code a bit,
and use more variables. Or give us a URL to check it at.

It'd also help if MSIE had error messages that do make any sense. Did
you try to put alerts in and see exactly after which line it fails?

--
Chris Heilmann
Blog: http://www.wait-till-i.com
Writing: http://icant.co.uk/
Binaries: http://www.onlinetools.org/
-- 

* * Please support the community that supports you.  * *
http://evolt.org/help_support_evolt/

For unsubscribe and other options, including the Tip Harvester 
and archives of thelist go to: http://lists.evolt.org 
Workers of the Web, evolt ! 



From neal at constructweb.com  Tue Nov  8 11:23:53 2005
From: neal at constructweb.com (Neal Watkins)
Date: Tue, 08 Nov 2005 12:23:53 -0500
Subject: [thelist] Multilingual Sites: Best approach?
In-Reply-To: <OF1CF3D639.83D066DC-ON852570B3.004BDE06-852570B3.004D3F8A@mcc.org>
References: <OF1CF3D639.83D066DC-ON852570B3.004BDE06-852570B3.004D3F8A@mcc.org>
Message-ID: <20051108122353.gxtetsu4v4004g8w@www.constructweb.com>

great input thanks

How about asian languages? font issues? any experiences there - ?
The "romance languages" can dispaly well, i would assume we just need some
special characters - but do we just leave it to the user to have the correct
font if they are expecting a site in say - "chinese"

thanks
Neal

Quoting Fred D Yocum <fdy at mcc.org>:

> As a designer that works for a North American charity with offices in at
> least thirty countries I would echo this comment. Translation is an
> expensive and time consuming business, but if you have ever chortled over
> a translation into your own language you know why it is important to get
> it as right as you can. Spanish translation, particularly in the North
> America where the Hispanic community is made up of people from many
> different Latin Amreican/Caribbean countries is complex. There is no
> dominant "Received" or "Standard" way of speaking or writing,
>
>> Finally, look for a translation company that has relationships with
>> in-country translators who are familiar with the industry for which
>> you are looking for translations... just knowing both languages isn't
>> enough... i can't speak accountant, so i wouldn't try to translate
>> from Spanish into it...
> --
>
> * * Please support the community that supports you.  * *
> http://evolt.org/help_support_evolt/
>
> For unsubscribe and other options, including the Tip Harvester
> and archives of thelist go to: http://lists.evolt.org
> Workers of the Web, evolt !
>



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Neal Watkins
www.constructweb.com



From dan.mccullough at gmail.com  Tue Nov  8 11:29:02 2005
From: dan.mccullough at gmail.com (Dan McCullough)
Date: Tue, 8 Nov 2005 12:29:02 -0500
Subject: [thelist] Multilingual Sites: Best approach?
In-Reply-To: <20051108122353.gxtetsu4v4004g8w@www.constructweb.com>
References: <OF1CF3D639.83D066DC-ON852570B3.004BDE06-852570B3.004D3F8A@mcc.org>
	<20051108122353.gxtetsu4v4004g8w@www.constructweb.com>
Message-ID: <faf1d2bd0511080929q59dea311s7a829efbbe12f9a8@mail.gmail.com>

Well for starters you have to change the charset to the one that
corresponds to the language, also if you are serving content from a
database you have to have your database setup to handle the character
set, utf-8 is the most common and can support most charater sets out
there.

On 11/8/05, Neal Watkins <neal at constructweb.com> wrote:
> great input thanks
>
> How about asian languages? font issues? any experiences there - ?
> The "romance languages" can dispaly well, i would assume we just need some
> special characters - but do we just leave it to the user to have the correct
> font if they are expecting a site in say - "chinese"
>
> thanks
> Neal
>
> Quoting Fred D Yocum <fdy at mcc.org>:
>
> > As a designer that works for a North American charity with offices in at
> > least thirty countries I would echo this comment. Translation is an
> > expensive and time consuming business, but if you have ever chortled over
> > a translation into your own language you know why it is important to get
> > it as right as you can. Spanish translation, particularly in the North
> > America where the Hispanic community is made up of people from many
> > different Latin Amreican/Caribbean countries is complex. There is no
> > dominant "Received" or "Standard" way of speaking or writing,
> >
> >> Finally, look for a translation company that has relationships with
> >> in-country translators who are familiar with the industry for which
> >> you are looking for translations... just knowing both languages isn't
> >> enough... i can't speak accountant, so i wouldn't try to translate
> >> from Spanish into it...
> > --
> >
> > * * Please support the community that supports you.  * *
> > http://evolt.org/help_support_evolt/
> >
> > For unsubscribe and other options, including the Tip Harvester
> > and archives of thelist go to: http://lists.evolt.org
> > Workers of the Web, evolt !
> >
>
>
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Neal Watkins
> www.constructweb.com
>
> --
>
> * * Please support the community that supports you.  * *
> http://evolt.org/help_support_evolt/
>
> For unsubscribe and other options, including the Tip Harvester
> and archives of thelist go to: http://lists.evolt.org
> Workers of the Web, evolt !
>


From dan.mccullough at gmail.com  Tue Nov  8 11:30:07 2005
From: dan.mccullough at gmail.com (Dan McCullough)
Date: Tue, 8 Nov 2005 12:30:07 -0500
Subject: [thelist] Multilingual Sites: Best approach?
In-Reply-To: <faf1d2bd0511080929q59dea311s7a829efbbe12f9a8@mail.gmail.com>
References: <OF1CF3D639.83D066DC-ON852570B3.004BDE06-852570B3.004D3F8A@mcc.org>
	<20051108122353.gxtetsu4v4004g8w@www.constructweb.com>
	<faf1d2bd0511080929q59dea311s7a829efbbe12f9a8@mail.gmail.com>
Message-ID: <faf1d2bd0511080930l7e5c214am2abc3997ce35fdde@mail.gmail.com>

the charset set in the content-type in the meta http-equiv tag.

On 11/8/05, Dan McCullough <dan.mccullough at gmail.com> wrote:
> Well for starters you have to change the charset to the one that
> corresponds to the language, also if you are serving content from a
> database you have to have your database setup to handle the character
> set, utf-8 is the most common and can support most charater sets out
> there.
>
> On 11/8/05, Neal Watkins <neal at constructweb.com> wrote:
> > great input thanks
> >
> > How about asian languages? font issues? any experiences there - ?
> > The "romance languages" can dispaly well, i would assume we just need some
> > special characters - but do we just leave it to the user to have the correct
> > font if they are expecting a site in say - "chinese"
> >
> > thanks
> > Neal
> >
> > Quoting Fred D Yocum <fdy at mcc.org>:
> >
> > > As a designer that works for a North American charity with offices in at
> > > least thirty countries I would echo this comment. Translation is an
> > > expensive and time consuming business, but if you have ever chortled over
> > > a translation into your own language you know why it is important to get
> > > it as right as you can. Spanish translation, particularly in the North
> > > America where the Hispanic community is made up of people from many
> > > different Latin Amreican/Caribbean countries is complex. There is no
> > > dominant "Received" or "Standard" way of speaking or writing,
> > >
> > >> Finally, look for a translation company that has relationships with
> > >> in-country translators who are familiar with the industry for which
> > >> you are looking for translations... just knowing both languages isn't
> > >> enough... i can't speak accountant, so i wouldn't try to translate
> > >> from Spanish into it...
> > > --
> > >
> > > * * Please support the community that supports you.  * *
> > > http://evolt.org/help_support_evolt/
> > >
> > > For unsubscribe and other options, including the Tip Harvester
> > > and archives of thelist go to: http://lists.evolt.org
> > > Workers of the Web, evolt !
> > >
> >
> >
> >
> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> > Neal Watkins
> > www.constructweb.com
> >
> > --
> >
> > * * Please support the community that supports you.  * *
> > http://evolt.org/help_support_evolt/
> >
> > For unsubscribe and other options, including the Tip Harvester
> > and archives of thelist go to: http://lists.evolt.org
> > Workers of the Web, evolt !
> >
>


From evolt at ultraspace.com  Tue Nov  8 11:30:48 2005
From: evolt at ultraspace.com (Gog Ogo)
Date: Tue, 08 Nov 2005 10:30:48 -0700
Subject: [thelist] The best shopping cart?
Message-ID: <4370E0C8.3000108@ultraspace.com>

Hello:

Replying to my own post here, with more details (thanks Ron for the hint!).

I'm a seasoned web developer, but my experience is almost all in academia, so 
I've never had to develop an e-commerce site (I'm doing this as a favor for a 
friend).

My hosting folk are fully LAMP capable, so I can (probably) install anything I 
need to get going.

The client has only a few items for sale, and would never grow beyond a few hundred.

There isn't much need for a full-blown CMS (at least for now, probably never), 
but it would be great if the cart application could handle basic chores like a 
main page, and drill down through categories to specific products.

Other wants/needs are:
Template and/or CSS-driven design options
Ease of use (for the merchant)
Security
Feature-rich shipping and payment options

Some more specific questions include:
What to look for as far as security goes?
What about payment options and gateways? Any opinions?
Support (both payed and free)?

I know this is a broad request, so thanks for your time!
Go


> Hello, everybody:
> 
> I did a search of the archives, but it looks like it's been awhile 
> since this topic has been addressed.
> 
> I'm looking for an easy to use, secure, stable, shopping cart.
> 
> I prefer open source, free, LAMP-based code, and I would pay for support, 
 > if necessary.
> 
> My hosting folk offer these titles:
> 
> Agora Shopping Cart
> CubeCart
> OS Commerce
> Zen Cart
> 
> Any thoughts on these or other solutions?
> 
> Thanks! 




From jnm at catenare.com  Tue Nov  8 11:40:22 2005
From: jnm at catenare.com (Johan Martin)
Date: Tue, 8 Nov 2005 09:40:22 -0800
Subject: [thelist] The best shopping cart?
In-Reply-To: <4370E0C8.3000108@ultraspace.com>
Message-ID: <BCD5909E-507E-11DA-8056-000A9575D85C@catenare.com>

Just embedded zencart into a client's site 
(http://www.diamondnuts.com/store/).
- Template based - can override the default templates.
- Actually has an administrator's manual - client can learn to 
administer the site with the help of a manual.
- Plenty of options available for shipping, payment, sales, coupons, 
etc.

On Tuesday, Nov 8, 2005, at 09:30 US/Pacific, Gog Ogo wrote:

> Hello:
>
> Replying to my own post here, with more details (thanks Ron for the 
> hint!).
>
> I'm a seasoned web developer, but my experience is almost all in 
> academia, so
> I've never had to develop an e-commerce site (I'm doing this as a 
> favor for a
> friend).
>
> My hosting folk are fully LAMP capable, so I can (probably) install 
> anything I
> need to get going.
>
> The client has only a few items for sale, and would never grow beyond 
> a few hundred.
>
> There isn't much need for a full-blown CMS (at least for now, probably 
> never),
> but it would be great if the cart application could handle basic 
> chores like a
> main page, and drill down through categories to specific products.
>
> Other wants/needs are:
> Template and/or CSS-driven design options
> Ease of use (for the merchant)
> Security
> Feature-rich shipping and payment options
>
> Some more specific questions include:
> What to look for as far as security goes?
> What about payment options and gateways? Any opinions?
> Support (both payed and free)?
>
> I know this is a broad request, so thanks for your time!
> Go
>
>
>> Hello, everybody:
>>
>> I did a search of the archives, but it looks like it's been awhile
>> since this topic has been addressed.
>>
>> I'm looking for an easy to use, secure, stable, shopping cart.
>>
>> I prefer open source, free, LAMP-based code, and I would pay for 
>> support,
>> if necessary.
>>
>> My hosting folk offer these titles:
>>
>> Agora Shopping Cart
>> CubeCart
>> OS Commerce
>> Zen Cart
>>
>> Any thoughts on these or other solutions?
>>
>> Thanks!
>
>
> -- 
>
> * * Please support the community that supports you.  * *
> http://evolt.org/help_support_evolt/
>
> For unsubscribe and other options, including the Tip Harvester
> and archives of thelist go to: http://lists.evolt.org
> Workers of the Web, evolt !
>
>
>
Johan Martin
Catenare LLC
534 Pacific Ave
San Francisco, CA. 94133
Phone: (415) 834-9802
Fax: (415) 294-4495
http://www.catenare.com

AOL: catenarellc
Yahoo: martin_johan
MSN: catenarellc at hotmail.com
GTalk: catenarellc at gmail.com

FWD: 716798



From hershelr at netvision.net.il  Tue Nov  8 11:56:51 2005
From: hershelr at netvision.net.il (Hershel Robinson)
Date: Tue, 08 Nov 2005 19:56:51 +0200
Subject: [thelist] The best shopping cart?
In-Reply-To: <BCD5909E-507E-11DA-8056-000A9575D85C@catenare.com>
References: <BCD5909E-507E-11DA-8056-000A9575D85C@catenare.com>
Message-ID: <4370E6E3.3010001@netvision.net.il>

Johan Martin wrote:
> Just embedded zencart into a client's site 
> (http://www.diamondnuts.com/store/).
> - Template based - can override the default templates.
> - Actually has an administrator's manual - client can learn to 
> administer the site with the help of a manual.

FWIW, one of my clients can't make head or tails of the manual as it 
doesn't apparently match the latest release of zencart. I told her to 
dothe best she can without the manual and call for help when necessary.

Hershel


From evolt at kasimir-k.fi  Tue Nov  8 12:08:12 2005
From: evolt at kasimir-k.fi (Kasimir K)
Date: Tue, 08 Nov 2005 18:08:12 +0000
Subject: [thelist] Multilingual Sites: Best approach?
In-Reply-To: <faf1d2bd0511080930l7e5c214am2abc3997ce35fdde@mail.gmail.com>
References: <OF1CF3D639.83D066DC-ON852570B3.004BDE06-852570B3.004D3F8A@mcc.org>	<20051108122353.gxtetsu4v4004g8w@www.constructweb.com>	<faf1d2bd0511080929q59dea311s7a829efbbe12f9a8@mail.gmail.com>
	<faf1d2bd0511080930l7e5c214am2abc3997ce35fdde@mail.gmail.com>
Message-ID: <4370E98C.203@kasimir-k.fi>

Dan McCullough scribeva in 2005-11-08 17:30:
> the charset set in the content-type in the meta http-equiv tag.

Yes, or rather the Content-Type header set by the server, if possible.

And for character coding issues an excellent starting point are articles 
by Jukka Korpela: http://www.cs.tut.fi/~jkorpela/chars/index.html

.k


From lists at neptunewebworks.com  Tue Nov  8 13:45:02 2005
From: lists at neptunewebworks.com (Max Schwanekamp)
Date: Tue, 08 Nov 2005 11:45:02 -0800
Subject: [thelist] Project Management
In-Reply-To: <436BAF18.6060201@alphanumeric.cz>
References: <4367F8AF.5060009@neptunewebworks.com>	<dfc81b090511012351o712f74f2h@mail.gmail.com>
	<436BAF18.6060201@alphanumeric.cz>
Message-ID: <4371003E.6020105@neptunewebworks.com>

Jan Brasna wrote:
>>http://sidejobtrack.com/
> +1 ... It looks sweet.

Sidejobtrack is nice but it's not a project management app, rather it's 
more of an cost-tracking & invoicing tool.

> Next good one is <http://www.sugarcrm.com/> which could satisfy your 
> groupware/simplewebprojectmngmt/crm needs.

Hm, I had not considered a CRM solution, but you're right Sugar does 
have some interesting PM features, especially with a few add-ons.  I'll 
give it a whirl.  I'm also reviewing Double Choco Latte[0], an obscure 
but pretty full-featured PM app hosted on sourceforge.  I found it via a 
list of open source PM apps[1].

Thanks to all for the responses on- & offlist!

[0] http://dcl.sourceforge.net/features.php
[1] http://proj.chbs.dk/

-- 
Max Schwanekamp
http://www.neptunewebworks.com/



From hagerman at mcn.org  Tue Nov  8 20:44:42 2005
From: hagerman at mcn.org (Garth Hagerman)
Date: Tue, 8 Nov 2005 18:44:42 -0800
Subject: [thelist] php session variable needs to persist
In-Reply-To: <mailman.207.1131472539.12167.thelist@lists.evolt.org>
References: <mailman.207.1131472539.12167.thelist@lists.evolt.org>
Message-ID: <77c56fa357923336c95bd18c6598556c@mcn.org>

   Hi-
This is probably real simple, but I'm new to sessions and all of my 
Google queries lead nowhere.
One of my clients want to know what site originally  referred the 
people who actually buy their dvd.  I've got a  system using sessions 
which tracks the original referrerr as the visitor moves around the 
site just fine, but when they leave the site to go to Paypal and then 
come back to the "thanks for your order" page, the sessions data has 
been lost.  Is there a simple way to get the session data to persist? 
Or, do I need to write the referrer to a database and then query the db 
from the thanks page?

     thanks in advance
     Garth


                            * * * * * * * * * * * * * * * *
                                my online portfolio

                           http://garthhagerman.com/



From mwarden at gmail.com  Tue Nov  8 20:58:18 2005
From: mwarden at gmail.com (Matt Warden)
Date: Tue, 08 Nov 2005 21:58:18 -0500
Subject: [thelist] php session variable needs to persist
In-Reply-To: <77c56fa357923336c95bd18c6598556c@mcn.org>
References: <mailman.207.1131472539.12167.thelist@lists.evolt.org>
	<77c56fa357923336c95bd18c6598556c@mcn.org>
Message-ID: <437165CA.1090804@gmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Garth Hagerman wrote:
> been lost.  Is there a simple way to get the session data to persist? 
> Or, do I need to write the referrer to a database and then query the db 
> from the thanks page?

If you can do that, that's what I would suggest. Your other option is
setting a persistent cookie.

- --
Matt Warden
Miami University
Oxford, OH, USA
http://mattwarden.com


This email proudly and graciously contributes to entropy.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDcWXKrI3LObhzHRMRAmfMAJ9noVR7UZpO0jLDzBb/r70IRGELmQCfXfFi
GmtCFM9qUSsaMmT0eL0uq2o=
=vxsM
-----END PGP SIGNATURE-----


From Paul.Bennett at wcc.govt.nz  Tue Nov  8 21:08:30 2005
From: Paul.Bennett at wcc.govt.nz (Paul Bennett)
Date: Wed, 9 Nov 2005 16:08:30 +1300
Subject: [thelist] php session variable needs to persist
Message-ID: <F6284A42697D094DBAA8E7BF1594775F07BABA8E@exchmb1.net.ad.wcc.govt.nz>

Can't you set a cookie via the session value before they go to paypal?

That would be accessible when they return...


Paul


From vreeland at studioframework.com  Tue Nov  8 21:09:27 2005
From: vreeland at studioframework.com (Robert Vreeland)
Date: Tue, 8 Nov 2005 22:09:27 -0500
Subject: [thelist] php session variable needs to persist
In-Reply-To: <77c56fa357923336c95bd18c6598556c@mcn.org>
Message-ID: <0MKoyl-1EZgLa2Ydj-0005zp@mrelay.perfora.net>

Hello,

<snip>
when they leave the site to go to Paypal and then come back to the "thanks
for your order" page, the sessions data has been lost.  Is there a simple
way to get the session data to persist? 
Or, do I need to write the referrer to a database and then query the db from
the thanks page?
</snip>

Try launching the Paypal link in a new window - dread to say it, a pop up.

Robert
     



From Paul.Bennett at wcc.govt.nz  Tue Nov  8 21:14:55 2005
From: Paul.Bennett at wcc.govt.nz (Paul Bennett)
Date: Wed, 9 Nov 2005 16:14:55 +1300
Subject: [thelist] php session variable needs to persist
Message-ID: <F6284A42697D094DBAA8E7BF1594775F07BABA8F@exchmb1.net.ad.wcc.govt.nz>

Robert,

I can't see how this would help, the popup would still go to Paypal and when Paypal redirects to the 'thank you' page it'll be in the popup and will still lack access to the session variable.....

Can you clarify?

Paul


From vreeland at studioframework.com  Tue Nov  8 21:42:33 2005
From: vreeland at studioframework.com (Robert Vreeland)
Date: Tue, 8 Nov 2005 22:42:33 -0500
Subject: [thelist] php session variable needs to persist
In-Reply-To: <F6284A42697D094DBAA8E7BF1594775F07BABA8F@exchmb1.net.ad.wcc.govt.nz>
Message-ID: <0MKoyl-1EZgrc2lwr-0006ug@mrelay.perfora.net>

<snip>
I can't see how this would help, the popup would still go to Paypal and when
Paypal redirects to the 'thank you' page it'll be in the popup and will
still lack access to the session variable.....

Can you clarify?
</snip>

Sure,
As long as the window that launched the session is still open so is the
session. Once the User returns to your site via the pop up close or have the
user close the pop up window. I believe you could achieve the same result
launching the link in an iframe(thoughts anyone?).

Hope this helps,
Robert



From mwarden at gmail.com  Tue Nov  8 21:50:40 2005
From: mwarden at gmail.com (Matt Warden)
Date: Tue, 08 Nov 2005 22:50:40 -0500
Subject: [thelist] php session variable needs to persist
In-Reply-To: <0MKoyl-1EZgrc2lwr-0006ug@mrelay.perfora.net>
References: <0MKoyl-1EZgrc2lwr-0006ug@mrelay.perfora.net>
Message-ID: <43717210.2030302@gmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Robert Vreeland wrote:
> As long as the window that launched the session is still open so is the
> session.

This is actually not the case. The issue with sessions is the timeout of
20ish minutes (or when the browser window is closed).

You could use various methods to keep the session alive, but I would
suggest using a persistent cookie or other persistent identification method.

- --
Matt Warden
Miami University
Oxford, OH, USA
http://mattwarden.com


This email proudly and graciously contributes to entropy.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDcXIQrI3LObhzHRMRAvJSAKDVhJ4kp7BFCoY7IkhxtuO4zJJuwgCguwGl
HY38ZxBdDdb3nQYJZ+jzwjE=
=34g+
-----END PGP SIGNATURE-----


From Paul.Bennett at wcc.govt.nz  Tue Nov  8 21:52:47 2005
From: Paul.Bennett at wcc.govt.nz (Paul Bennett)
Date: Wed, 9 Nov 2005 16:52:47 +1300
Subject: [thelist] php session variable needs to persist
Message-ID: <F6284A42697D094DBAA8E7BF1594775F07BABA92@exchmb1.net.ad.wcc.govt.nz>

Good point Robert,

I guess all you'd need then is the popup to close and redirect the parent. I know .Jeff has figured out how to get JavaScript to talk from parent to child, not sure if there are any JavaScript issues with talking from child to parent...?

Paul

-----Original Message-----
From: thelist-bounces at lists.evolt.org [mailto:thelist-bounces at lists.evolt.org] On Behalf Of Robert Vreeland
Sent: Wednesday, November 09, 2005 4:43 PM
To: thelist at lists.evolt.org
Subject: Re: [thelist] php session variable needs to persist

<snip>
I can't see how this would help, the popup would still go to Paypal and when Paypal redirects to the 'thank you' page it'll be in the popup and will still lack access to the session variable.....

Can you clarify?
</snip>

Sure,
As long as the window that launched the session is still open so is the session. Once the User returns to your site via the pop up close or have the user close the pop up window. I believe you could achieve the same result launching the link in an iframe(thoughts anyone?).

Hope this helps,
Robert

-- 

* * Please support the community that supports you.  * * http://evolt.org/help_support_evolt/

For unsubscribe and other options, including the Tip Harvester and archives of thelist go to: http://lists.evolt.org Workers of the Web, evolt ! 


From vreeland at studioframework.com  Tue Nov  8 22:23:06 2005
From: vreeland at studioframework.com (Robert Vreeland)
Date: Tue, 8 Nov 2005 23:23:06 -0500
Subject: [thelist] php session variable needs to persist
In-Reply-To: <F6284A42697D094DBAA8E7BF1594775F07BABA92@exchmb1.net.ad.wcc.govt.nz>
Message-ID: <0MKoyl-1EZhUr2Uvh-0008Fg@mrelay.perfora.net>

Paul Wrote
<snip>

I guess all you'd need then is the popup to close and redirect the parent. I
know .Jeff has figured out how to get JavaScript to talk from parent to
child, not sure if there are any JavaScript issues with talking from child
to parent...?

Paul
</snip>

You can use window.top to get a bead on the parent window, or window.opener
(note :window.opener may be IE specific). Additionally, you can setTimer to
close the pop up directly with a window.close() call.

Matt wrote
<snip>
This is actually not the case. The issue with sessions is the timeout of
20ish minutes (or when the browser window is closed).
</snip>

This is partially true, the session will expire after whatever number of
minutes the server is configured to do so (in IIS on windows the max is 20
minutes) from the last Uri request (page, image etc..); but I assumed Paul
understood this. My apologies for not being clearer. In any event, if you
need to keep the session going for more then the allotted amount of
inactivity (requests to the server) then you can use an iframe absolutely
positioned of the viewable page to the left or top with a blank page that
has a meta refresh of about 1/2 the maximum session time out. I know some
people may scream about that, but I think Paul is looking for a way to keep
session variables alive without having to get into working with a database.

Robert



From vreeland at studioframework.com  Tue Nov  8 22:29:40 2005
From: vreeland at studioframework.com (Robert Vreeland)
Date: Tue, 8 Nov 2005 23:29:40 -0500
Subject: [thelist] Email Servers
Message-ID: <0MKoyl-1EZhbD0qUq-0000KD@mrelay.perfora.net>

Hello,
 
I manage a couple of sites and web application and have found myself in the
position of needing a dedicated email server for my clients (and  self).
Currently, I'm looking at using a godaddy virtual dedicated server as the
host. It comes with Qmail ( it is a Linux box) ,but the documentation that
I've looked at for Qmail indicates configuring it will be a nightmare for a
windows user like me. 
 
So here is my question, two really.
 
1. Can anyone recommend a secure email server for Linux with a gui / web
interface that is reasonably priced (or free) ?
2. Does anyone no of a gui / web interface for Qmail?
 
Thanks in advance,
 
Robert Vreeland


From apwebdesign at yahoo.com  Tue Nov  8 23:09:59 2005
From: apwebdesign at yahoo.com (Anthony Ettinger)
Date: Tue, 8 Nov 2005 21:09:59 -0800 (PST)
Subject: [thelist] Email Servers
In-Reply-To: <0MKoyl-1EZhbD0qUq-0000KD@mrelay.perfora.net>
Message-ID: <20051109050959.95351.qmail@web51101.mail.yahoo.com>

> I've looked at for Qmail indicates configuring it
> will be a nightmare for a
> windows user like me. 

learn to type?

Anthony Ettinger
ph: (408) 656-2473
web: http://www.apwebdesign.com


From rob at wildlime.com  Tue Nov  8 23:22:41 2005
From: rob at wildlime.com (Rob Agar)
Date: Wed, 9 Nov 2005 15:22:41 +1000
Subject: [thelist] cause of flickering in Firefox?
In-Reply-To: <436B60BB.8BBD7D18@voanews.com>
Message-ID: <01eb01c5e4ed$9b90fe40$d600000a@WS1>

hiya

> Just for the record, I see the flickering also in FF v.1.0.7.  

fwiw, I don't.  FF1.0.7 on win xp

Rob



From evolt at netalytical.com  Wed Nov  9 00:43:03 2005
From: evolt at netalytical.com (Scott Wolpow)
Date: Wed, 09 Nov 2005 01:43:03 -0500
Subject: [thelist] Getting all IP's
In-Reply-To: <01eb01c5e4ed$9b90fe40$d600000a@WS1>
References: <436B60BB.8BBD7D18@voanews.com>
	<01eb01c5e4ed$9b90fe40$d600000a@WS1>
Message-ID: <6.2.5.6.0.20051109013332.01df2478@netalytical.com>

I need to get all the IP's from eBay's servers that request graphics. 
I already have a list of some of them from my logs. The purpose is to 
stop theft of my images.
I did an IPWHOIS on samspade.org, but those numbers do not match my logs.
Any ideas?
Thanks
Scott Wolpow
www.myfilm.com
www.spamextinct.com
www.publiccto.com



From dwain.alford at gmail.com  Wed Nov  9 01:34:44 2005
From: dwain.alford at gmail.com (Dwain Alford)
Date: Wed, 9 Nov 2005 01:34:44 -0600
Subject: [thelist] wordpress-mysql step one
In-Reply-To: <4357E484.9070605@worlddomination.net>
References: <43532635.1020400@gmail.com> <435342BE.6020802@worlddomination.net>
	<43549780.1080604@gmail.com> <4355E046.9060107@worlddomination.net>
	<43576369.2090000@gmail.com> <4357E484.9070605@worlddomination.net>
Message-ID: <956c96920511082334o68bf7094q75bc353f3f2527f1@mail.gmail.com>

thanks for replying. i've been swamped lately and haven't had a chance to
"play" since i moved.

i did what you suggested and the file still cannot be found.

to reiterate, this is on a local windows machine for web development with
xammp as the host program for wordpress. wordpress is a drag and drop
process from the desk top to the htdoc folder *after* the wp-config file is
created. but i think i did a boneheaded procedure when i opened the sample
config file.

all php files are set to always open with notepad. i think i'm going to have
to reload windows to wipe the setting, unless there is another way to do it
without wiping the entire drive.

sigh, this is almost more trouble than it's worth, but i want to make this
idea work, so i must press on. any suggestions, including reloading windows,
would be appreciated.

dwain

On 10/20/05, Steve Lewis <nepolon at worlddomination.net> wrote:
>
> dwain alford wrote:
>
> > it appears that the wp-config file is not being located to initialize
> > the install.
>
> I would recommend wiping your wordpress directory, extracting from the
> zip and starting over, than. As I said before, you shouldn't move files
> around until after you have successfully gotten wordpress working and
> read the instructions on Codex for applying the blog index to the web
> root. I can think of no other reason this wouldn't work.
>
> --
> SteveL
> --
>
> * * Please support the community that supports you. * *
> http://evolt.org/help_support_evolt/
>
> For unsubscribe and other options, including the Tip Harvester
> and archives of thelist go to: http://lists.evolt.org
> Workers of the Web, evolt !
>


From Ken at adOpenStatic.com  Wed Nov  9 02:22:29 2005
From: Ken at adOpenStatic.com (Ken Schaefer)
Date: Wed, 9 Nov 2005 19:22:29 +1100
Subject: [thelist] Getting all IP's
Message-ID: <160489103479AB4892187638EE7D1E691F49D7@kjserver1.kjhome.local>

Why would eBay's servers be making requests for your images? If someone puts
up an ad that includes a link to your image, then the actual request for the
image would be coming from the user's browser, not eBay's server. Or am I
misunderstanding things here?

Cheers
Ken

> -----Original Message-----
> From: thelist-bounces at lists.evolt.org [mailto:thelist-
> bounces at lists.evolt.org] On Behalf Of Scott Wolpow
> Sent: Wednesday, 9 November 2005 5:43 PM
> To: thelist at lists.evolt.org
> Subject: Re: [thelist] Getting all IP's
> 
> I need to get all the IP's from eBay's servers that request graphics.
> I already have a list of some of them from my logs. The purpose is to
> stop theft of my images.
> I did an IPWHOIS on samspade.org, but those numbers do not match my logs.
> Any ideas?
> Thanks
> Scott Wolpow


From ian at zstudio.co.uk  Wed Nov  9 03:22:38 2005
From: ian at zstudio.co.uk (Ian Anderson)
Date: Wed, 09 Nov 2005 09:22:38 +0000
Subject: [thelist] php session variable needs to persist
In-Reply-To: <0MKoyl-1EZhUr2Uvh-0008Fg@mrelay.perfora.net>
References: <0MKoyl-1EZhUr2Uvh-0008Fg@mrelay.perfora.net>
Message-ID: <4371BFDE.1040100@zstudio.co.uk>

Robert Vreeland wrote:

> but I think Paul is looking for a way to keep
> session variables alive without having to get into working with a database.

Hmm, some sort of "persistent state", in other words.

Why is complicating matters with popups and cross-window JavaScript 
communication a more elegant solution than using the Persistent State 
Mechanism - cookies, in other words?

This is what they are for, no?

-- 
_________________________________________________
zStudio - Web development and accessibility
http://zStudio.co.uk

Snippetz.net BETA - Online code library
File, manage and re-use your code snippets online
http://snippetz.net



From lee.kowalkowski at hmrcaspire.com  Wed Nov  9 03:37:32 2005
From: lee.kowalkowski at hmrcaspire.com (Kowalkowski, Lee (ASPIRE))
Date: Wed, 9 Nov 2005 09:37:32 -0000
Subject: [thelist] Getting all IP's
Message-ID: <76B1640C9BB1D546BA798A2C95E3155403A4215E@irm80489>

> Ken Schaefer says:
> Why would eBay's servers be making requests for your images? 

Perhaps when the creator of an auction item adds a picture, they can type
the URL of an image, instead of uploading one from their machine, eBay would
then be making the request.  Not sure.

> > Scott Wolpow says:
> > I need to get all the IP's from eBay's servers that request 
> graphics.

I can't help you with that, good luck.

> > The purpose is to stop theft of my images.
> > Any ideas?

I don't think you've thought this through.  If a user can see your images
when browsing your website, they can "steal" them.  For example, what's
stopping them from saving the pictures from your website and uploading them
to eBay that way?  Suppose you found a fool-proof way of preventing the
"Save Picture As...", do you think you could stop a screen capture?

You could always sue for breach of copyright, but you might need to
demonstrate you're out of pocket if you're also after damages.

Can't you mark your images, and treat it as a rather fortunate marketing
opportunity?

- LK





===========================================================
Our e-mail domain has now changed from iraspire.com to hmrcaspire.com. Please update your address books.
===========================================================



From evolt at kasimir-k.fi  Wed Nov  9 03:44:33 2005
From: evolt at kasimir-k.fi (Kasimir K)
Date: Wed, 09 Nov 2005 09:44:33 +0000
Subject: [thelist] Email Servers
In-Reply-To: <0MKoyl-1EZhbD0qUq-0000KD@mrelay.perfora.net>
References: <0MKoyl-1EZhbD0qUq-0000KD@mrelay.perfora.net>
Message-ID: <4371C501.90202@kasimir-k.fi>

Robert Vreeland scribeva in 2005-11-09 04:29:
> 1. Can anyone recommend a secure email server for Linux with a gui / web
> interface that is reasonably priced (or free) ?

They usually are free, and come without gui/web interface... Qmail and 
Exim are good.

> 2. Does anyone no of a gui / web interface for Qmail?

With Webmin you can administer pretty much anything on your *nix box
http://www.webmin.com/


.k


From evolt at kasimir-k.fi  Wed Nov  9 03:59:35 2005
From: evolt at kasimir-k.fi (Kasimir K)
Date: Wed, 09 Nov 2005 09:59:35 +0000
Subject: [thelist] Grammatical advice (was: Email Servers)
In-Reply-To: <20051109050959.95351.qmail@web51101.mail.yahoo.com>
References: <20051109050959.95351.qmail@web51101.mail.yahoo.com>
Message-ID: <4371C887.4020100@kasimir-k.fi>

Anthony Ettinger scribeva in 2005-11-09 05:09:
> learn to type?

Dear Anthony,

I'm afraid that this kind of replies won't help the OP with his problems.

Besides, you should type "learn" with a capital "L", as it starts the 
sentence.

.k


From bclark at eccotours.dyndns.org  Wed Nov  9 05:35:41 2005
From: bclark at eccotours.dyndns.org (Brent Clark)
Date: Wed, 09 Nov 2005 13:35:41 +0200
Subject: [thelist] (no subject)
Message-ID: <4371DF0D.9030301@eccotours.dyndns.org>

Hi all

I seem to have this problem, where if I load a table and insert a image, the greater outer table goes greater in width.

For the likes of me, I cant insert the image and stop the width of the greater outer table from expanding.

Here is my code below, if anyone could help, I would really appreciate it.
===================================================================================
             <tr>
                 <td colspan="5" class="bold_eight" bgcolor="#f0f0f0">&nbsp;&nbsp;Selling Tips For Lodges &amp; Maps Of Game Reserves In Southern Africa</td>
             </tr>
             <tr><td>&nbsp;</td></tr>
             <tr>
                 <td>

                     <table border="1" cellpadding="0" cellspacing="0" width="100%">

                         <tbody><tr>
                             <td width="30%">
                                 <table border="1" cellpadding="0" cellspacing="0" width="100%">
                                     <tbody><tr>
                                         <td>hello</td>
                                     </tr>
                                 </tbody></table>
                             </td>

                             <td width="70%">
                                 <table border="1" cellpadding="0" cellspacing="0" width="100%">
                                     <tbody><tr>
                                         <td>
                                             <img src="/images/agent/safari/sabisand.jpg">
                                         </td>
                                     </tr>
                                 </tbody></table>
                             </td>

                         </tr>
                     </tbody></table>


                 </td>
             </tr>



From vreeland at studioframework.com  Wed Nov  9 07:04:12 2005
From: vreeland at studioframework.com (Robert Vreeland)
Date: Wed, 9 Nov 2005 08:04:12 -0500
Subject: [thelist] php session variable needs to persist
In-Reply-To: <4371BFDE.1040100@zstudio.co.uk>
Message-ID: <0MKoyl-1EZpd22hHz-0000A2@mrelay.perfora.net>


>>Robert Vreeland wrote:

>> but I think Paul is looking for a way to keep session variables alive 
>> without having to get into working with a database.

Ian Wrote
>Hmm, some sort of "persistent state", in other words.

>Why is complicating matters with popups and cross-window JavaScript
communication a more elegant solution than >using the Persistent State
Mechanism - cookies, in other words?

>This is what they are for, no?

Yes and no, there is a limit to how much, and what you can store in a cookie
as well as how many cookies you can set. Since storing actual user data in a
cookie is a big security no-no, he would still be looking at using a local
data store on the server - either a database or a flat file, and depending
on the location and configuration of the directory used for the flat files
there is a risk of exposing session data to public access.

Additionally, it, in my opinion, is less work to launch a pop up and then
close it then to connect and query a database and then parse the results.
Also, maybe someone will no the answer to this, if Paul launches the link in
an IFRAME or Frame, the Thank You page, if it is a return link from paypal,
will resides on the host server and may have direct access to the session.
This would be even simpler, since, then, all Paul would need to do is use
the target attribute of the link to load the page in the FRAME / IFRAME.

Please note, I am not advocating against a persistent cookie, but there is
more backend work involved and my impression was that Paul was looking to
avoid that.

Robert

--
_________________________________________________
zStudio - Web development and accessibility http://zStudio.co.uk

Snippetz.net BETA - Online code library
File, manage and re-use your code snippets online http://snippetz.net

-- 

* * Please support the community that supports you.  * *
http://evolt.org/help_support_evolt/

For unsubscribe and other options, including the Tip Harvester and archives
of thelist go to: http://lists.evolt.org Workers of the Web, evolt ! 



From ian at zstudio.co.uk  Wed Nov  9 07:39:13 2005
From: ian at zstudio.co.uk (Ian Anderson)
Date: Wed, 09 Nov 2005 13:39:13 +0000
Subject: [thelist] php session variable needs to persist
In-Reply-To: <0MKoyl-1EZpd22hHz-0000A2@mrelay.perfora.net>
References: <0MKoyl-1EZpd22hHz-0000A2@mrelay.perfora.net>
Message-ID: <4371FC01.5030402@zstudio.co.uk>

Robert Vreeland wrote:

> Yes and no, there is a limit to how much, and what you can store in a cookie
> as well as how many cookies you can set. 

Well, yes, fair point.

> Since storing actual user data in a
> cookie is a big security no-no

I take your point. But in this application, the relevant data as I 
understood the requirement was the referrer hostname from when the 
visitor entered the site.

I can't see there is any great risk to storing this in the cache folder 
of the user's computer (especially since the data from that site is 
already cached there, and the information is in the user's local history 
file...)

And the size thing is not an issue either.

So, good points but I think cookies are still the way to go; no 
JS/popups or extra backend work needed, imho.

Cheers

Ian
-- 
_________________________________________________
zStudio - Web development and accessibility
http://zStudio.co.uk

Snippetz.net BETA - Online code library
File, manage and re-use your code snippets online
http://snippetz.net



From pp.koch at gmail.com  Wed Nov  9 07:41:44 2005
From: pp.koch at gmail.com (Peter-Paul Koch)
Date: Wed, 9 Nov 2005 14:41:44 +0100
Subject: [thelist] Turning on .htaccess in Apache Mac OS X
Message-ID: <21e4a1280511090541x3a5fb691jc0ab6d50ff3f3070@mail.gmail.com>

Hello,

How do I turn on .htaccess in my Apache on Mac OS X? I seem to have to
put an AllowOverride All somewhere, but the Apache documentation is
totally silent on the actual file I have to put this in. Besides, OS X
is very adept at hiding all important Apache files.

Could someone please tell me what to add to which file, and please
specify a complete path name? Thanks.

--
-------------------------------------------------------------------
ppk, freelance web developer
http://www.quirksmode.org/
------------------------------------------------------------------


From volkan.ozcelik at gmail.com  Wed Nov  9 07:51:01 2005
From: volkan.ozcelik at gmail.com (=?ISO-8859-9?Q?VOLKAN_=D6Z=C7EL=DDK?=)
Date: Wed, 9 Nov 2005 15:51:01 +0200
Subject: [thelist] (no subject)
In-Reply-To: <4371DF0D.9030301@eccotours.dyndns.org>
References: <4371DF0D.9030301@eccotours.dyndns.org>
Message-ID: <dfc81b090511090551n786a5b6cu@mail.gmail.com>

>                                         <td>
>                                             <img src="/images/agent/safari/sabisand.jpg">
>                                         </td>

Why don't you use width and height for your image or
clip it via css?

<img src="/images/agent/safari/sabisand.jpg" style="width:100px;height:100px;"
alt="alt is a necessary attribute, not a luxury." />

or

<img src="/images/agent/safari/sabisand.jpg" style="clip:rect(10px ,
50px, 10px, 50px);" alt="alt is a necessary attribute, not a luxury."
/>


HTH,
--
Volkan Ozcelik
+>Yep! I'm blogging! : http://www.volkanozcelik.com/volkanozcelik/blog/
+> My projects/studies/trials/errors : http://www.sarmal.com/


From codepo8 at gmail.com  Wed Nov  9 07:55:48 2005
From: codepo8 at gmail.com (Christian Heilmann)
Date: Wed, 9 Nov 2005 13:55:48 +0000
Subject: [thelist] Turning on .htaccess in Apache Mac OS X
In-Reply-To: <21e4a1280511090541x3a5fb691jc0ab6d50ff3f3070@mail.gmail.com>
References: <21e4a1280511090541x3a5fb691jc0ab6d50ff3f3070@mail.gmail.com>
Message-ID: <30bd6ffd0511090555x5657d748n7da0e3a6eaafa7b4@mail.gmail.com>

> Hello,
>
> How do I turn on .htaccess in my Apache on Mac OS X? I seem to have to
> put an AllowOverride All somewhere, but the Apache documentation is
> totally silent on the actual file I have to put this in. Besides, OS X
> is very adept at hiding all important Apache files.
>
> Could someone please tell me what to add to which file, and please
> specify a complete path name? Thanks.

You normally just create a file called .htaccess and define the
settings in that one. Seems that OSX hides all files starting with a .
(hence all the .DS_store files on PC shares). Try using the shell
instead of finder.

http://forum.textpattern.com/viewtopic.php?pid=81372
http://www.javascriptkit.com/howto/htaccess.shtml

--
Chris Heilmann
Blog: http://www.wait-till-i.com
Writing: http://icant.co.uk/
Binaries: http://www.onlinetools.org/


From pp.koch at gmail.com  Wed Nov  9 07:58:06 2005
From: pp.koch at gmail.com (Peter-Paul Koch)
Date: Wed, 9 Nov 2005 14:58:06 +0100
Subject: [thelist] Turning on .htaccess in Apache Mac OS X
In-Reply-To: <30bd6ffd0511090555x5657d748n7da0e3a6eaafa7b4@mail.gmail.com>
References: <21e4a1280511090541x3a5fb691jc0ab6d50ff3f3070@mail.gmail.com>
	<30bd6ffd0511090555x5657d748n7da0e3a6eaafa7b4@mail.gmail.com>
Message-ID: <21e4a1280511090558y247aca5yafca48578827903c@mail.gmail.com>

> > How do I turn on .htaccess in my Apache on Mac OS X? I seem to have to
> > put an AllowOverride All somewhere, but the Apache documentation is
> > totally silent on the actual file I have to put this in. Besides, OS X
> > is very adept at hiding all important Apache files.
> >
> > Could someone please tell me what to add to which file, and please
> > specify a complete path name? Thanks.
>
> You normally just create a file called .htaccess and define the
> settings in that one. Seems that OSX hides all files starting with a .
> (hence all the .DS_store files on PC shares). Try using the shell
> instead of finder.
>
> http://forum.textpattern.com/viewtopic.php?pid=81372
> http://www.javascriptkit.com/howto/htaccess.shtml


The .htaccess file is there and contains the right commands. It's just
not being executed. I want to set the MIME type of all html files to
text/xml, doesn't work. I tried to get SSI to work, it didn't work.
Somehow the instructions in .htaccess are ignored.

--
-------------------------------------------------------------------
ppk, freelance web developer
http://www.quirksmode.org/
------------------------------------------------------------------


From thelist at alex.fu2k.org  Wed Nov  9 08:17:04 2005
From: thelist at alex.fu2k.org (Alex Robinson)
Date: Wed, 9 Nov 2005 14:17:04 +0000
Subject: [thelist] Turning on .htaccess in Apache Mac OS X
In-Reply-To: <21e4a1280511090558y247aca5yafca48578827903c@mail.gmail.com>
References: <21e4a1280511090541x3a5fb691jc0ab6d50ff3f3070@mail.gmail.com>
	<30bd6ffd0511090555x5657d748n7da0e3a6eaafa7b4@mail.gmail.com>
	<21e4a1280511090558y247aca5yafca48578827903c@mail.gmail.com>
Message-ID: <p06230923bf97b1b9ce93@[192.168.0.3]>

>>  > How do I turn on .htaccess in my Apache on Mac OS X? I seem to have to
>>  > put an AllowOverride All somewhere, but the Apache documentation is
>>  > totally silent on the actual file I have to put this in. Besides, OS X
>>  > is very adept at hiding all important Apache files.
>>  >
>>  > Could someone please tell me what to add to which file, and please
>>  > specify a complete path name? Thanks.


The file you need to put the AllowOverride All in is the httpd.conf file.

On OS X that lives at:

    /private/etc/httpd/httpd.conf

though that file, by default has the following line

    Include /private/etc/httpd/users/*.conf

so you can just add your stuff there


Note that Apple's default httpd.conf contains (at line 373 in my original)

>>>
# First, we configure the "default" to be a very restrictive set of
# permissions.
#
<Directory />
     Options FollowSymLinks
     AllowOverride None
</Directory>
<<<

So you could just change that to All.

Mind you, if you're hacking the httpd.conf, you might as well use the 
http.conf to do all the stuff you're planning to do in .htaccess 
files. That's the official line inn any case.

    http://httpd.apache.org/docs/1.3/howto/htaccess.html


From evolt at netalytical.com  Wed Nov  9 08:26:56 2005
From: evolt at netalytical.com (Scott Wolpow)
Date: Wed, 09 Nov 2005 09:26:56 -0500
Subject: [thelist] Getting all IP's
In-Reply-To: <76B1640C9BB1D546BA798A2C95E3155403A4215E@irm80489>
References: <76B1640C9BB1D546BA798A2C95E3155403A4215E@irm80489>
Message-ID: <6.2.5.6.0.20051109092202.01e5ab78@netalytical.com>

Exactly, I am holding the auctions. I only want to grant eBay' 
servers the right to grab a picture off my server. I just want to 
prevent someone from grabbing all the graphics off my server. If they 
want to do it one at a time, fine.
Here is the scenario.
I sell on eBay. On my selling page I have my graphic. That graphic 
lives on my server. When eBay creates the page it requests the image. 
Hence using .htaccess I can prevent mass downloads.
Unless i am confused here.
Scott Wolpow
At 04:37 AM 11/9/2005, you wrote:
> > Ken Schaefer says:
> > Why would eBay's servers be making requests for your images?
>
>Perhaps when the creator of an auction item adds a picture, they can type
>the URL of an image, instead of uploading one from their machine, eBay would
>then be making the request.  Not sure.
>
> > > Scott Wolpow says:
> > > I need to get all the IP's from eBay's servers that request
> > graphics.
>
>I can't help you with that, good luck.
>
> > > The purpose is to stop theft of my images.
> > > Any ideas?
>
>I don't think you've thought this through.  If a user can see your images
>when browsing your website, they can "steal" them.  For example, what's
>stopping them from saving the pictures from your website and uploading them
>to eBay that way?  Suppose you found a fool-proof way of preventing the
>"Save Picture As...", do you think you could stop a screen capture?
>
>You could always sue for breach of copyright, but you might need to
>demonstrate you're out of pocket if you're also after damages.
>
>Can't you mark your images, and treat it as a rather fortunate marketing
>opportunity?
>
>- LK
>
>
>
>
>
>===========================================================
>Our e-mail domain has now changed from iraspire.com to 
>hmrcaspire.com. Please update your address books.
>===========================================================
>
>--
>
>* * Please support the community that supports you.  * *
>http://evolt.org/help_support_evolt/
>
>For unsubscribe and other options, including the Tip Harvester
>and archives of thelist go to: http://lists.evolt.org
>Workers of the Web, evolt !



From evolt at markgroen.com  Wed Nov  9 08:29:27 2005
From: evolt at markgroen.com (Mark Groen)
Date: Wed, 9 Nov 2005 06:29:27 -0800
Subject: [thelist] wordpress-mysql step one
References: <43532635.1020400@gmail.com>
	<435342BE.6020802@worlddomination.net><43549780.1080604@gmail.com>
	<4355E046.9060107@worlddomination.net><43576369.2090000@gmail.com>
	<4357E484.9070605@worlddomination.net>
	<956c96920511082334o68bf7094q75bc353f3f2527f1@mail.gmail.com>
Message-ID: <006101c5e53a$01220dc0$6400a8c0@vn.shawcable.net>

----- Original Message ----- 
From: "Dwain Alford" <>
To: "thelist at lists.evolt.org" <thelist at lists.evolt.org.uk>
Sent: Tuesday, November 08, 2005 11:34 PM
Subject: Re: [thelist] wordpress-mysql step one


> thanks for replying. i've been swamped lately and haven't had a chance
to
> "play" since i moved.
>
> i did what you suggested and the file still cannot be found.

Didn't follow the original post, found WP's docs to be more than enough
for myself.

> to reiterate, this is on a local windows machine for web development
with
> xammp as the host program for wordpress. wordpress is a drag and drop
> process from the desk top to the htdoc folder *after* the wp-config
file is
> created. but i think i did a boneheaded procedure when i opened the
sample
> config file.

Here's my local structure, WP is in a directory called 'blogx' that
mirrors the live server after the xammp bit:

D:\apache\xampp\htdocs\accountname\public_html\blogx\wp-config.php
the rest of the files are in their original config inside the blogx
directory:
D:\apache\xampp\htdocs\accountname\public_html\blogx\wp-includes\etc.

> all php files are set to always open with notepad. i think i'm going
to have
> to reload windows to wipe the setting, unless there is another way to
do it
> without wiping the entire drive.

ouch! don't do that! You just need to change the file associations. I'm
avoiding the whole NT-XP experience and still using win98, so here's the
XP version:
http://support.microsoft.com/default.aspx?scid=kb;en-us;307859&product=winxp

> sigh, this is almost more trouble than it's worth, but i want to make
this
> idea work, so i must press on. any suggestions, including reloading
windows,
> would be appreciated.

Sounds like you are getting the classic case of frustration looking for
that missing single darn character that's making your application bork,
always helps for me to drop it and look another day from scratch rather
than wiping everything out.

cheers,

        Mark



From pp.koch at gmail.com  Wed Nov  9 08:37:41 2005
From: pp.koch at gmail.com (Peter-Paul Koch)
Date: Wed, 9 Nov 2005 15:37:41 +0100
Subject: [thelist] Turning on .htaccess in Apache Mac OS X
In-Reply-To: <p06230923bf97b1b9ce93@192.168.0.3>
References: <21e4a1280511090541x3a5fb691jc0ab6d50ff3f3070@mail.gmail.com>
	<30bd6ffd0511090555x5657d748n7da0e3a6eaafa7b4@mail.gmail.com>
	<21e4a1280511090558y247aca5yafca48578827903c@mail.gmail.com>
	<p06230923bf97b1b9ce93@192.168.0.3>
Message-ID: <21e4a1280511090637w33fb9f53l94ce15ae9150cb99@mail.gmail.com>

> >>  > How do I turn on .htaccess in my Apache on Mac OS X? I seem to have to
> >>  > put an AllowOverride All somewhere, but the Apache documentation is
> >>  > totally silent on the actual file I have to put this in. Besides, OS X
> >>  > is very adept at hiding all important Apache files.
> >>  >
> >>  > Could someone please tell me what to add to which file, and please
> >>  > specify a complete path name? Thanks.
>
>
> The file you need to put the AllowOverride All in is the httpd.conf file.
>
> On OS X that lives at:
>
>     /private/etc/httpd/httpd.conf

Changed that line to AllowOverride All.

> Note that Apple's default httpd.conf contains (at line 373 in my original)
>
> >>>
> # First, we configure the "default" to be a very restrictive set of
> # permissions.
> #
> <Directory />
>      Options FollowSymLinks
>      AllowOverride None
> </Directory>
> <<<
>
> So you could just change that to All.

OK, found that, too, and changed None to All, but .htaccess still
doesn't work. In one directory it contains

AddHandler server-parsed .shtml
AddType text/html .shtml

Standard SSI configuration, as far as I know. But it still doesn't work at all.

What am I doing wrong?

>
> Mind you, if you're hacking the httpd.conf, you might as well use the
> http.conf to do all the stuff you're planning to do in .htaccess
> files. That's the official line inn any case.

I just want to mess with content types in one test directory, so it's
definitely a local change that shouldn't be propagated to the entire
server.

--
-------------------------------------------------------------------
ppk, freelance web developer
http://www.quirksmode.org/
------------------------------------------------------------------


From juha.suni at ilmiantajat.fi  Wed Nov  9 08:46:26 2005
From: juha.suni at ilmiantajat.fi (Juha Suni)
Date: Wed, 9 Nov 2005 16:46:26 +0200
Subject: [thelist] php session variable needs to persist
References: <mailman.207.1131472539.12167.thelist@lists.evolt.org>
	<77c56fa357923336c95bd18c6598556c@mcn.org>
Message-ID: <02af01c5e53c$5c938f60$3500a8c0@Zuni>

Garth Hagerman wrote:
> I've got a  system using sessions
> which tracks the original referrerr as the visitor moves around the
> site just fine, but when they leave the site to go to Paypal and then
> come back to the "thanks for your order" page, the sessions data has
> been lost.  Is there a simple way to get the session data to persist?
> Or, do I need to write the referrer to a database and then query the
> db from the thanks page?

Even after reading other peoples posts about this subject, it still seems 
people make it more complicated than it is.

Under normal circumstances leaving your site and coming back a bit later 
(with the same browser window etc) should not break the session at all. I 
just tested this with two sites on different domains and servers, and 
bouncing between them causes no problems; They both remember their own 
sessions perfectly well (Why wouldn't they, the browser still has the cookie 
which it deals out as necessary since the window has not been closed).

Even if this would break the session in the same way that closing a window 
does, it could easily be overcome. PHP Sessions default their 
cookie-lifetimes to 0 (meaning that browser clears these cookies on close 
and therefore can no longer provide the session id), but this can be changed 
to be a specified time. (for example using session_set_cookie_params(900) 
before calling for session_start()). This way, even if the window was 
closed, the browser would remember the cookie with the session id, and hence 
the session would be remembered if the user came back within 15 minutes. 
This is also tested [1].

I just wanted to point out that you dont need to go the route of manually 
setting up cookies since the PHP sessions already support their use and 
parameters rather well.

Considering the above, I think there is something else going wrong if the 
session is not staying alive as it should.

[1] Note that if the session_cookie_lifetime is increased beyond garbage 
collection limits (default on apache is 24 minutes I think) then the garbage 
collection rules need to be modified too in order for the session to stay 
alive that long. Otherwise even if the cookie still exists in the browser, 
the actual session data from the server might have been purged.

HTH

-- 
Suni 



From Chris at globet.com  Wed Nov  9 08:44:48 2005
From: Chris at globet.com (Chris at globet.com)
Date: Wed, 9 Nov 2005 14:44:48 -0000
Subject: [thelist] Getting all IP's
Message-ID: <CD3ADD94E937C04F8E0B27E964D506BC03224361@globetpds.globet.com>

Scott

[..]

> I sell on eBay. On my selling page I have my graphic. That 
> graphic lives on my server. When eBay creates the page it 
> requests the image. 

I would have thought that when eBay creates the page, it simply includes a reference to your images on your server within the HTML. Thus, when the user requests the page from eBay's servers it is the user's computer that the HTTP request for your images originates from. The requesting IP address is therefore the user's, not eBay's.

> Hence using .htaccess I can prevent mass downloads.
> Unless i am confused here.

Chris Marsh
Web Developer
http://www.globet.com/
Tel: +44 20 8246 4804 Ext 828
Fax: +44 20 8246 4808

Any opinions expressed in this email are those of the individual and not necessarily the Company. This message is intended for the use of the individual or entity to which it is addressed and may contain information that is confidential and privileged and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution, or copying of this communication is strictly prohibited.
If you have received this communication in error, please contact the sender immediately and delete it from your system. 


From Brian at hondaswap.com  Wed Nov  9 08:46:33 2005
From: Brian at hondaswap.com (Brian Cummiskey)
Date: Wed, 09 Nov 2005 09:46:33 -0500
Subject: [thelist] Getting all IP's
In-Reply-To: <6.2.5.6.0.20051109092202.01e5ab78@netalytical.com>
References: <76B1640C9BB1D546BA798A2C95E3155403A4215E@irm80489>
	<6.2.5.6.0.20051109092202.01e5ab78@netalytical.com>
Message-ID: <43720BC9.3050509@hondaswap.com>

Scott Wolpow wrote:

> I sell on eBay. On my selling page I have my graphic. That graphic 
> lives on my server. When eBay creates the page it requests the image. 
> Hence using .htaccess I can prevent mass downloads.
> Unless i am confused here.
> Scott Wolpow

Let 'em steal your images. But, water mark them with your ebay store name.

putting:  http://stores.ebay.com/yourstorename
on your images will probably help pay for the extra bandwidth.

Plus, you can tell if someone is using your image...  Ebay has strong 
policy's against using other peoples images on their auctions.





From thelist at alex.fu2k.org  Wed Nov  9 08:50:44 2005
From: thelist at alex.fu2k.org (Alex Robinson)
Date: Wed, 9 Nov 2005 14:50:44 +0000
Subject: [thelist] Turning on .htaccess in Apache Mac OS X
In-Reply-To: <21e4a1280511090637w33fb9f53l94ce15ae9150cb99@mail.gmail.com>
References: <21e4a1280511090541x3a5fb691jc0ab6d50ff3f3070@mail.gmail.com>
	<30bd6ffd0511090555x5657d748n7da0e3a6eaafa7b4@mail.gmail.com>
	<21e4a1280511090558y247aca5yafca48578827903c@mail.gmail.com>
	<p06230923bf97b1b9ce93@192.168.0.3>
	<21e4a1280511090637w33fb9f53l94ce15ae9150cb99@mail.gmail.com>
Message-ID: <p06230924bf97bb78176e@[192.168.0.3]>

>What am I doing wrong?

Did you restart the server?

Yes, I'm sure you did.

It's quite possible that the httpd.conf has further instructions that 
are, er, overriding the AllowOverride directive.

Indeed, a quick google later

http://www.clagnut.com/blog/350/

reveals that you also have to edit the users' *.conf files too. Apparently.


>I just want to mess with content types in one test directory, so it's
>definitely a local change that shouldn't be propagated to the entire
>server.

Something along the lines of

    <Location /foo/bar>
    DefaultType text/xml
    </Location>

should work just fine


From evolt at kasimir-k.fi  Wed Nov  9 08:56:23 2005
From: evolt at kasimir-k.fi (Kasimir K)
Date: Wed, 09 Nov 2005 14:56:23 +0000
Subject: [thelist] Turning on .htaccess in Apache Mac OS X
In-Reply-To: <21e4a1280511090637w33fb9f53l94ce15ae9150cb99@mail.gmail.com>
References: <21e4a1280511090541x3a5fb691jc0ab6d50ff3f3070@mail.gmail.com>	<30bd6ffd0511090555x5657d748n7da0e3a6eaafa7b4@mail.gmail.com>	<21e4a1280511090558y247aca5yafca48578827903c@mail.gmail.com>	<p06230923bf97b1b9ce93@192.168.0.3>
	<21e4a1280511090637w33fb9f53l94ce15ae9150cb99@mail.gmail.com>
Message-ID: <43720E17.7050202@kasimir-k.fi>

Peter-Paul Koch scribeva in 2005-11-09 14:37:
> I just want to mess with content types in one test directory, so it's
> definitely a local change that shouldn't be propagated to the entire
> server.

You could put the directives in httpd.conf like this
<Directory /your/test/directory/>
    AddHandler server-parsed .shtml
    AddType text/html .shtml
</Directory>

.k


From hershelr at netvision.net.il  Wed Nov  9 09:08:36 2005
From: hershelr at netvision.net.il (Hershel Robinson)
Date: Wed, 09 Nov 2005 17:08:36 +0200
Subject: [thelist] X-Cart Experience
Message-ID: <437210F4.8090507@netvision.net.il>

I have a site running X-cart Gold. We needed some customizations and so 
we worked up with their staff a specification and paid them for it and 
they did the programming and asked me to look at it.

I looked and said it doesn't work and explained to them what the problem 
was.

I did this 4 or 5 times (each time waiting for the programmer to respond 
and tell me that he fixed it and I could examine it again) and I started 
practically begging the guy to do his own QA and testing and debugging 
*before* he asks me to look at his code.

Well, I just wrote him for the 8th time (not counting one time that may 
have been a problem with caching but I have my doubts) that his code has 
yet more bugs. And each time now he promises me that he checked it twice 
and everything works.

Just a word to the wise for those considering this product and its 
customization option.

The product itself works fine, if you don't mind front-end tag soup. :)

After two sites with x-cart I anyhow am not planning to use it again. I 
have gone with zencart for 2 new sites I have begun.

Hershel


From pp.koch at gmail.com  Wed Nov  9 09:11:19 2005
From: pp.koch at gmail.com (Peter-Paul Koch)
Date: Wed, 9 Nov 2005 16:11:19 +0100
Subject: [thelist] Turning on .htaccess in Apache Mac OS X
In-Reply-To: <p06230924bf97bb78176e@192.168.0.3>
References: <21e4a1280511090541x3a5fb691jc0ab6d50ff3f3070@mail.gmail.com>
	<30bd6ffd0511090555x5657d748n7da0e3a6eaafa7b4@mail.gmail.com>
	<21e4a1280511090558y247aca5yafca48578827903c@mail.gmail.com>
	<p06230923bf97b1b9ce93@192.168.0.3>
	<21e4a1280511090637w33fb9f53l94ce15ae9150cb99@mail.gmail.com>
	<p06230924bf97bb78176e@192.168.0.3>
Message-ID: <21e4a1280511090711v618b74fdi243348bff79c08ef@mail.gmail.com>

> >What am I doing wrong?
>
> Did you restart the server?
>
> Yes, I'm sure you did.

I belatedly thought of that: no results.

> It's quite possible that the httpd.conf has further instructions that
> are, er, overriding the AllowOverride directive.
>
> Indeed, a quick google later
>
> http://www.clagnut.com/blog/350/
>
> reveals that you also have to edit the users' *.conf files too. Apparently.

httpd.conf

AllowOverride All

ppk.conf

AllowOverride AuthConfig

I noticed that the path to my files in ppk.conf was wrong, instead of
/Users/ppk/Sites my files are in /Library/Webserver/Documents, but
when I reset the path my entire server threw errors and nothing worked
any more. So I changed it back to the default /Users/ppk/Sites.

I tried the same setup on my external webserver, and there it does
exactly what I want: an html file is served as text/xml . So the error
definitely lies within the Apache configuration, and not in the
.htaccess files themselves.

I can of course test everything on my external server, but I'd prefer
my internal OS X server to follow my commands. Bloody OS X shitstem.

Thanks anyway, and if somebody has an additional clue, please tell me.

--
-------------------------------------------------------------------
ppk, freelance web developer
http://www.quirksmode.org/
------------------------------------------------------------------


From marun2 at gmail.com  Wed Nov  9 09:23:19 2005
From: marun2 at gmail.com (L. Mohan Arun)
Date: Wed, 9 Nov 2005 18:23:19 +0300
Subject: [thelist] .htaccess
Message-ID: <ca1b22cc0511090723oa9dcb0akdee00672c4250ee5@mail.gmail.com>

Hi
 I am looking to "retire" some old URLs from a site transparently so that
their Google PR's are maintained. The HTTP request coming in should be
transparently routed to the new site's corresponding page. The old site is
on Apache with .htaccess. The domains are different. Can somebody point me
to a simple to understand tutorial on understanding and editing the
.htaccess file to do this?
 Thanks
L Mohan Arun


From evolt at kasimir-k.fi  Wed Nov  9 09:36:02 2005
From: evolt at kasimir-k.fi (Kasimir K)
Date: Wed, 09 Nov 2005 15:36:02 +0000
Subject: [thelist] php session variable needs to persist
In-Reply-To: <02af01c5e53c$5c938f60$3500a8c0@Zuni>
References: <mailman.207.1131472539.12167.thelist@lists.evolt.org>	<77c56fa357923336c95bd18c6598556c@mcn.org>
	<02af01c5e53c$5c938f60$3500a8c0@Zuni>
Message-ID: <43721762.40309@kasimir-k.fi>

Juha Suni scribeva in 2005-11-09 14:46:
> Even after reading other peoples posts about this subject, it still seems 
> people make it more complicated than it is.

True, and I'd like to simplify things even a bit more...

> Under normal circumstances leaving your site and coming back a bit later 
> (with the same browser window etc) should not break the session at all.

It helps to bear in mind that HTTP is a stateless protocol. To tie a 
request to a session, the request must carry a session identifier 
(usually in a cookie, but can be deliverd in the URI too, or even in a 
POST request body).

As long as the browser sends this identifier with the request (and the 
session has not timed out on the server), the session is 'alive'.

Usually cookies used for storing a session id have lifetime 0, meaning 
that the browser deletes them when it is closed. So the browser window 
doesn't have to be the same, but the process must be.

And to answer the OP, using PHP's session_start() function and $_SESSION 
superglobal array there shouldn't be any problems. Please have a look at 
http://php.net/session

And some (untested) code that you might find helpful:
<?php
session_start();
$ref = $_SERVER['HTTP_REFERER'];
if (!isset($_SESSION['originalReferer'])) {
    $_SESSION['originalReferer'] = $ref
}
?>

.k


From dan.mccullough at gmail.com  Wed Nov  9 09:38:03 2005
From: dan.mccullough at gmail.com (Dan McCullough)
Date: Wed, 9 Nov 2005 10:38:03 -0500
Subject: [thelist] wordpress-mysql step one
In-Reply-To: <006101c5e53a$01220dc0$6400a8c0@vn.shawcable.net>
References: <43532635.1020400@gmail.com> <435342BE.6020802@worlddomination.net>
	<43549780.1080604@gmail.com> <4355E046.9060107@worlddomination.net>
	<43576369.2090000@gmail.com> <4357E484.9070605@worlddomination.net>
	<956c96920511082334o68bf7094q75bc353f3f2527f1@mail.gmail.com>
	<006101c5e53a$01220dc0$6400a8c0@vn.shawcable.net>
Message-ID: <faf1d2bd0511090738xae4797ck3baec1bbde602dcb@mail.gmail.com>

I'm jumping in a bit late I know and hopefully I will assist rather
then confuse.  The wp-config.php file if is still has a text icon has
not been renamed you should open it in Notepad and do a save as and in
the save as window type with quotes "wp-config.php" or find/re-extract
the wp-config-sample.php and renmae that by selecting and deleteing
the -sample part of the file name.  Just remember Notepad saves
everything with .txt as the file extension to get around this you have
to enclose the file name in quotes.

About your question of file structure, if you can edit apcahes
httpd.conf file then you can name the root directory anything as long
as you point the DirectoryRoot in the httpd.conf to that path.

So for example if you go to mccullough-net.com you will see a
Wordpress opening page.  My path is something like
/home/me/mypersonaldomain/www/web/wordpress now in httpd.conf I make
sure that the complete path is listed in the DirectoryRoot.  Now if I
wanted to switch back to my normal site I would just change the path
in DirectoryRoot to
/home/me/mypersonaldomain/www/web and my regular site would appear.

HTH

Dan

On 11/9/05, Mark Groen <evolt at markgroen.com> wrote:
> ----- Original Message -----
> From: "Dwain Alford" <>
> To: "thelist at lists.evolt.org" <thelist at lists.evolt.org.uk>
> Sent: Tuesday, November 08, 2005 11:34 PM
> Subject: Re: [thelist] wordpress-mysql step one
>
>
> > thanks for replying. i've been swamped lately and haven't had a chance
> to
> > "play" since i moved.
> >
> > i did what you suggested and the file still cannot be found.
>
> Didn't follow the original post, found WP's docs to be more than enough
> for myself.
>
> > to reiterate, this is on a local windows machine for web development
> with
> > xammp as the host program for wordpress. wordpress is a drag and drop
> > process from the desk top to the htdoc folder *after* the wp-config
> file is
> > created. but i think i did a boneheaded procedure when i opened the
> sample
> > config file.
>
> Here's my local structure, WP is in a directory called 'blogx' that
> mirrors the live server after the xammp bit:
>
> D:\apache\xampp\htdocs\accountname\public_html\blogx\wp-config.php
> the rest of the files are in their original config inside the blogx
> directory:
> D:\apache\xampp\htdocs\accountname\public_html\blogx\wp-includes\etc.
>
> > all php files are set to always open with notepad. i think i'm going
> to have
> > to reload windows to wipe the setting, unless there is another way to
> do it
> > without wiping the entire drive.
>
> ouch! don't do that! You just need to change the file associations. I'm
> avoiding the whole NT-XP experience and still using win98, so here's the
> XP version:
> http://support.microsoft.com/default.aspx?scid=kb;en-us;307859&product=winxp
>
> > sigh, this is almost more trouble than it's worth, but i want to make
> this
> > idea work, so i must press on. any suggestions, including reloading
> windows,
> > would be appreciated.
>
> Sounds like you are getting the classic case of frustration looking for
> that missing single darn character that's making your application bork,
> always helps for me to drop it and look another day from scratch rather
> than wiping everything out.
>
> cheers,
>
>        Mark
>
> --
>
> * * Please support the community that supports you.  * *
> http://evolt.org/help_support_evolt/
>
> For unsubscribe and other options, including the Tip Harvester
> and archives of thelist go to: http://lists.evolt.org
> Workers of the Web, evolt !
>


From dan.mccullough at gmail.com  Wed Nov  9 09:40:44 2005
From: dan.mccullough at gmail.com (Dan McCullough)
Date: Wed, 9 Nov 2005 10:40:44 -0500
Subject: [thelist] X-Cart Experience
In-Reply-To: <437210F4.8090507@netvision.net.il>
References: <437210F4.8090507@netvision.net.il>
Message-ID: <faf1d2bd0511090740m7b38630bh87451b1a3ef8c829@mail.gmail.com>

Thanks for the information thats good to know.

On 11/9/05, Hershel Robinson <hershelr at netvision.net.il> wrote:
> I have a site running X-cart Gold. We needed some customizations and so
> we worked up with their staff a specification and paid them for it and
> they did the programming and asked me to look at it.
>
> I looked and said it doesn't work and explained to them what the problem
> was.
>
> I did this 4 or 5 times (each time waiting for the programmer to respond
> and tell me that he fixed it and I could examine it again) and I started
> practically begging the guy to do his own QA and testing and debugging
> *before* he asks me to look at his code.
>
> Well, I just wrote him for the 8th time (not counting one time that may
> have been a problem with caching but I have my doubts) that his code has
> yet more bugs. And each time now he promises me that he checked it twice
> and everything works.
>
> Just a word to the wise for those considering this product and its
> customization option.
>
> The product itself works fine, if you don't mind front-end tag soup. :)
>
> After two sites with x-cart I anyhow am not planning to use it again. I
> have gone with zencart for 2 new sites I have begun.
>
> Hershel
> --
>
> * * Please support the community that supports you.  * *
> http://evolt.org/help_support_evolt/
>
> For unsubscribe and other options, including the Tip Harvester
> and archives of thelist go to: http://lists.evolt.org
> Workers of the Web, evolt !
>


From paul at xk7.net  Wed Nov  9 09:41:50 2005
From: paul at xk7.net (Paul Waring)
Date: Wed, 9 Nov 2005 15:41:50 +0000
Subject: [thelist] .htaccess
In-Reply-To: <ca1b22cc0511090723oa9dcb0akdee00672c4250ee5@mail.gmail.com>
References: <ca1b22cc0511090723oa9dcb0akdee00672c4250ee5@mail.gmail.com>
Message-ID: <20051109154150.GA60272@kryten.xk7.net>

On Wed, Nov 09, 2005 at 06:23:19PM +0300, L. Mohan Arun wrote:
>  I am looking to "retire" some old URLs from a site transparently so that
> their Google PR's are maintained. The HTTP request coming in should be
> transparently routed to the new site's corresponding page. The old site is
> on Apache with .htaccess. The domains are different. Can somebody point me
> to a simple to understand tutorial on understanding and editing the
> .htaccess file to do this?

All you should need is a line like this for each URL:

Redirect permanent /path/to/old_file.html http://www.newdomain.com/new/file.html

The "permanent" part should make sure that Apache returns a 301 status
code with the new URL so that search engines know to pick up the new
page instead.

Paul

-- 
Rogue Tory
http://www.roguetory.org.uk


From evolt at kasimir-k.fi  Wed Nov  9 09:54:29 2005
From: evolt at kasimir-k.fi (Kasimir K)
Date: Wed, 09 Nov 2005 15:54:29 +0000
Subject: [thelist] Turning on .htaccess in Apache Mac OS X
In-Reply-To: <21e4a1280511090711v618b74fdi243348bff79c08ef@mail.gmail.com>
References: <21e4a1280511090541x3a5fb691jc0ab6d50ff3f3070@mail.gmail.com>	<30bd6ffd0511090555x5657d748n7da0e3a6eaafa7b4@mail.gmail.com>	<21e4a1280511090558y247aca5yafca48578827903c@mail.gmail.com>	<p06230923bf97b1b9ce93@192.168.0.3>	<21e4a1280511090637w33fb9f53l94ce15ae9150cb99@mail.gmail.com>	<p06230924bf97bb78176e@192.168.0.3>
	<21e4a1280511090711v618b74fdi243348bff79c08ef@mail.gmail.com>
Message-ID: <43721BB5.8000705@kasimir-k.fi>

Peter-Paul Koch scribeva in 2005-11-09 15:11:
> I can of course test everything on my external server, but I'd prefer
> my internal OS X server to follow my commands. Bloody OS X shitstem.

You could wipe OS X's Apache and reinstall it as you would on any *nix 
system.

> Thanks anyway, and if somebody has an additional clue, please tell me.

If <Directory> is not your cup of tea and you really need to have 
.htaccess, then try having a look at http://www.macdevcenter.com/ and 
put Apache in the search box. That give articles like this 
http://www.macdevcenter.com/pub/a/mac/2002/01/29/apache_macosx_four.html?page=2

.k


From jono at charlestonwebsolutions.com  Wed Nov  9 10:04:12 2005
From: jono at charlestonwebsolutions.com (jono at charlestonwebsolutions.com)
Date: Wed, 9 Nov 2005 08:04:12 -0800 (PST)
Subject: [thelist] PHP include & Spambots
Message-ID: <61587.216.215.170.194.1131552252.squirrel@charlestonwebsolutions.com>

I do not believe that SPAMbots will see this, but I figured I'd consult
the masses.  I have a php include that calls to a .class file.  When the
page is loaded, you do not see the include, you see the intended html that
was called in the include.  Regular site visitors won't see the include,
or the "name at domain.com" line, but I am curious if SPAMbots see the
include?

Will the following be seen by SPAMbots?

<?php
include('MailToForm.class');
$MailObject = new MailToForm("name at domain.com");
?>

Thanks,
Jono
Charleston Web Solutions
http://www.charlestonwebsolutions.com/


From jay.blanchard at THERMON.com  Wed Nov  9 10:10:26 2005
From: jay.blanchard at THERMON.com (Jay Blanchard)
Date: Wed, 9 Nov 2005 10:10:26 -0600 
Subject: [thelist] PHP include & Spambots
Message-ID: <0CEC8258A6E4D611BE5400306E1CC9270915AA2C@smtmb.tmc.local>

[snip]
I do not believe that SPAMbots will see this, but I figured I'd consult
the masses.  I have a php include that calls to a .class file.  When the
page is loaded, you do not see the include, you see the intended html that
was called in the include.  Regular site visitors won't see the include,
or the "name at domain.com" line, but I am curious if SPAMbots see the
include?

Will the following be seen by SPAMbots?

<?php
include('MailToForm.class');
$MailObject = new MailToForm("name at domain.com");
?>
[/snip]

No they will not see the include, only the 'output' from it.


From dan.mccullough at gmail.com  Wed Nov  9 10:14:04 2005
From: dan.mccullough at gmail.com (Dan McCullough)
Date: Wed, 9 Nov 2005 11:14:04 -0500
Subject: [thelist] PHP include & Spambots
In-Reply-To: <61587.216.215.170.194.1131552252.squirrel@charlestonwebsolutions.com>
References: <61587.216.215.170.194.1131552252.squirrel@charlestonwebsolutions.com>
Message-ID: <faf1d2bd0511090814q4361c9a6hac4aff9b4cf5e035@mail.gmail.com>

No they should not be able to see that piece of code as that is done
on the server side of things as apposed to the client side of things. 
What Spambots can see is, <a href="mailto: me at localhost.com"> link and
any other email addresses left in the content that havent been altered
to protect from spambots.

On 11/9/05, jono at charlestonwebsolutions.com
<jono at charlestonwebsolutions.com> wrote:
> I do not believe that SPAMbots will see this, but I figured I'd consult
> the masses.  I have a php include that calls to a .class file.  When the
> page is loaded, you do not see the include, you see the intended html that
> was called in the include.  Regular site visitors won't see the include,
> or the "name at domain.com" line, but I am curious if SPAMbots see the
> include?
>
> Will the following be seen by SPAMbots?
>
> <?php
> include('MailToForm.class');
> $MailObject = new MailToForm("name at domain.com");
> ?>
>
> Thanks,
> Jono
> Charleston Web Solutions
> http://www.charlestonwebsolutions.com/
> --
>
> * * Please support the community that supports you.  * *
> http://evolt.org/help_support_evolt/
>
> For unsubscribe and other options, including the Tip Harvester
> and archives of thelist go to: http://lists.evolt.org
> Workers of the Web, evolt !
>


From pp.koch at gmail.com  Wed Nov  9 10:23:56 2005
From: pp.koch at gmail.com (Peter-Paul Koch)
Date: Wed, 9 Nov 2005 17:23:56 +0100
Subject: [thelist] Turning on .htaccess in Apache Mac OS X
In-Reply-To: <43721BB5.8000705@kasimir-k.fi>
References: <21e4a1280511090541x3a5fb691jc0ab6d50ff3f3070@mail.gmail.com>
	<30bd6ffd0511090555x5657d748n7da0e3a6eaafa7b4@mail.gmail.com>
	<21e4a1280511090558y247aca5yafca48578827903c@mail.gmail.com>
	<p06230923bf97b1b9ce93@192.168.0.3>
	<21e4a1280511090637w33fb9f53l94ce15ae9150cb99@mail.gmail.com>
	<p06230924bf97bb78176e@192.168.0.3>
	<21e4a1280511090711v618b74fdi243348bff79c08ef@mail.gmail.com>
	<43721BB5.8000705@kasimir-k.fi>
Message-ID: <21e4a1280511090823y661879b4s131eaba18d4af802@mail.gmail.com>

> > I can of course test everything on my external server, but I'd prefer
> > my internal OS X server to follow my commands. Bloody OS X shitstem.
>
> You could wipe OS X's Apache and reinstall it as you would on any *nix
> system.

No thanks. I have no idea how to install anything under Unix.

> > Thanks anyway, and if somebody has an additional clue, please tell me.
>
> If <Directory> is not your cup of tea and you really need to have
> .htaccess, then try having a look at http://www.macdevcenter.com/ and
> put Apache in the search box. That give articles like this
> http://www.macdevcenter.com/pub/a/mac/2002/01/29/apache_macosx_four.html?page=2

Yes! This is the clue! I changed the AllowOverride in the wrong place
in httpd.conf . I have to switch it below

DocumentRoot "/Library/WebServer/Documents"

Now everything works fine!

Thanks, all.

--
-------------------------------------------------------------------
ppk, freelance web developer
http://www.quirksmode.org/
------------------------------------------------------------------


From evolt at netalytical.com  Wed Nov  9 10:34:45 2005
From: evolt at netalytical.com (Scott Wolpow)
Date: Wed, 09 Nov 2005 11:34:45 -0500
Subject: [thelist] Getting all IP's
In-Reply-To: <CD3ADD94E937C04F8E0B27E964D506BC03224361@globetpds.globet. com>
References: <CD3ADD94E937C04F8E0B27E964D506BC03224361@globetpds.globet.com>
Message-ID: <6.2.5.6.0.20051109113147.01dfa600@netalytical.com>

I'm going to check my logs again. I think it makes a request for the 
gallery image.
As to letting them steal it, the watermark can not have my url in it, 
and my user id and domain name is discount jewelry.

If anyone has any ideas let me know.
Thanks
Scott



From codepo8 at gmail.com  Wed Nov  9 10:37:44 2005
From: codepo8 at gmail.com (Christian Heilmann)
Date: Wed, 9 Nov 2005 16:37:44 +0000
Subject: [thelist] Turning on .htaccess in Apache Mac OS X
In-Reply-To: <21e4a1280511090823y661879b4s131eaba18d4af802@mail.gmail.com>
References: <21e4a1280511090541x3a5fb691jc0ab6d50ff3f3070@mail.gmail.com>
	<30bd6ffd0511090555x5657d748n7da0e3a6eaafa7b4@mail.gmail.com>
	<21e4a1280511090558y247aca5yafca48578827903c@mail.gmail.com>
	<p06230923bf97b1b9ce93@192.168.0.3>
	<21e4a1280511090637w33fb9f53l94ce15ae9150cb99@mail.gmail.com>
	<p06230924bf97bb78176e@192.168.0.3>
	<21e4a1280511090711v618b74fdi243348bff79c08ef@mail.gmail.com>
	<43721BB5.8000705@kasimir-k.fi>
	<21e4a1280511090823y661879b4s131eaba18d4af802@mail.gmail.com>
Message-ID: <30bd6ffd0511090837h57b21274v30555c66dbda7996@mail.gmail.com>

> > > I can of course test everything on my external server, but I'd prefer
> > > my internal OS X server to follow my commands. Bloody OS X shitstem.
> >
> > You could wipe OS X's Apache and reinstall it as you would on any *nix
> > system.
>
> No thanks. I have no idea how to install anything under Unix.

Alternatively, there is also mamp, a preinstalled apache+php+mysql
package that comes with a nice dashboard start/stop widget.

http://www.mamp.info/en/home/



--
Chris Heilmann
Blog: http://www.wait-till-i.com
Writing: http://icant.co.uk/
Binaries: http://www.onlinetools.org/


From morrison.ben at gmail.com  Wed Nov  9 10:54:06 2005
From: morrison.ben at gmail.com (ben morrison)
Date: Wed, 9 Nov 2005 16:54:06 +0000
Subject: [thelist] Turning on .htaccess in Apache Mac OS X
In-Reply-To: <30bd6ffd0511090837h57b21274v30555c66dbda7996@mail.gmail.com>
References: <21e4a1280511090541x3a5fb691jc0ab6d50ff3f3070@mail.gmail.com>
	<30bd6ffd0511090555x5657d748n7da0e3a6eaafa7b4@mail.gmail.com>
	<21e4a1280511090558y247aca5yafca48578827903c@mail.gmail.com>
	<p06230923bf97b1b9ce93@192.168.0.3>
	<21e4a1280511090637w33fb9f53l94ce15ae9150cb99@mail.gmail.com>
	<p06230924bf97bb78176e@192.168.0.3>
	<21e4a1280511090711v618b74fdi243348bff79c08ef@mail.gmail.com>
	<43721BB5.8000705@kasimir-k.fi>
	<21e4a1280511090823y661879b4s131eaba18d4af802@mail.gmail.com>
	<30bd6ffd0511090837h57b21274v30555c66dbda7996@mail.gmail.com>
Message-ID: <6073aef90511090854j2ea3054ftd65fd342dd5f8aab@mail.gmail.com>

> Alternatively, there is also mamp, a preinstalled apache+php+mysql
> package that comes with a nice dashboard start/stop widget.
>
> http://www.mamp.info/en/home/

Is it straightforward to install?

I gave up trying to get apache, php etc. working and I'm not even sure
how to remove it either.

I've been thinking of a OS re-install to clean my system out, but
thats very drastic.

ben


From akamm at demicooper.com  Wed Nov  9 11:13:58 2005
From: akamm at demicooper.com (Andrew Kamm)
Date: Wed, 09 Nov 2005 11:13:58 -0600
Subject: [thelist] Turning on .htaccess in Apache Mac OS X
In-Reply-To: <6073aef90511090854j2ea3054ftd65fd342dd5f8aab@mail.gmail.com>
Message-ID: <BF978A76.3E52%akamm@demicooper.com>

> Is it straightforward to install?
> 

MAMP is very easy to install (it's like any other app installation on OSX)
-- and it does a great job.  Highly recommend it.  You're also able to
switch between PHP4 and 5 by clicking a button, which is nice if you are
maintaining older apps and developing new ones.


-Andy





From codepo8 at gmail.com  Wed Nov  9 11:20:34 2005
From: codepo8 at gmail.com (Christian Heilmann)
Date: Wed, 9 Nov 2005 17:20:34 +0000
Subject: [thelist] Turning on .htaccess in Apache Mac OS X
In-Reply-To: <6073aef90511090854j2ea3054ftd65fd342dd5f8aab@mail.gmail.com>
References: <21e4a1280511090541x3a5fb691jc0ab6d50ff3f3070@mail.gmail.com>
	<21e4a1280511090558y247aca5yafca48578827903c@mail.gmail.com>
	<p06230923bf97b1b9ce93@192.168.0.3>
	<21e4a1280511090637w33fb9f53l94ce15ae9150cb99@mail.gmail.com>
	<p06230924bf97bb78176e@192.168.0.3>
	<21e4a1280511090711v618b74fdi243348bff79c08ef@mail.gmail.com>
	<43721BB5.8000705@kasimir-k.fi>
	<21e4a1280511090823y661879b4s131eaba18d4af802@mail.gmail.com>
	<30bd6ffd0511090837h57b21274v30555c66dbda7996@mail.gmail.com>
	<6073aef90511090854j2ea3054ftd65fd342dd5f8aab@mail.gmail.com>
Message-ID: <30bd6ffd0511090920k6eba51f2q2179ae333f0f5945@mail.gmail.com>

On 11/9/05, ben morrison <morrison.ben at gmail.com> wrote:
> > Alternatively, there is also mamp, a preinstalled apache+php+mysql
> > package that comes with a nice dashboard start/stop widget.
> >
> > http://www.mamp.info/en/home/
>
> Is it straightforward to install?

dmg and off you go. Same as XAMPP[1] on windows, that one was an unpack, too.

None of these should be used on live systems though, as they are not hardened.

[1] http://www.apachefriends.org/
--
Chris Heilmann
Blog: http://www.wait-till-i.com
Writing: http://icant.co.uk/
Binaries: http://www.onlinetools.org/


From jono at charlestonwebsolutions.com  Wed Nov  9 12:10:55 2005
From: jono at charlestonwebsolutions.com (jono at charlestonwebsolutions.com)
Date: Wed, 9 Nov 2005 10:10:55 -0800 (PST)
Subject: [thelist] PHP include & Spambots
In-Reply-To: <faf1d2bd0511090814q4361c9a6hac4aff9b4cf5e035@mail.gmail.com>
References: <61587.216.215.170.194.1131552252.squirrel@charlestonwebsolutions.com>
	<faf1d2bd0511090814q4361c9a6hac4aff9b4cf5e035@mail.gmail.com>
Message-ID: <63741.216.215.170.194.1131559855.squirrel@charlestonwebsolutions.com>

OK, good enough.  That's what I thought.

Thanks
> No they should not be able to see that piece of code as that is done
> on the server side of things as apposed to the client side of things.
>
> On 11/9/05, jono wrote:
>> Will the following be seen by SPAMbots?
>>
>> <?php
>> include('MailToForm.class');
>> $MailObject = new MailToForm("name at domain.com");
>> ?>


From hagerman at mcn.org  Wed Nov  9 12:35:14 2005
From: hagerman at mcn.org (Garth Hagerman)
Date: Wed, 9 Nov 2005 10:35:14 -0800
Subject: [thelist] php session variable needs to persist
In-Reply-To: <mailman.601.1131552267.12167.thelist@lists.evolt.org>
References: <mailman.601.1131552267.12167.thelist@lists.evolt.org>
Message-ID: <d969c8b3c4428f60a583fee3ad9ce326@mcn.org>

Hi again-
Thanks to all who replied. I gave up (perhaps too easily) on the 
sessions-only solution and just set a persistent cookie and logged the 
referrer to a database. While that is rather inelegant for this static 
site, it does have the advantages of working and not introducing the 
browser compatibility issues of popups and javascript. Now that I've 
got the cookie-db method operational, I learn about  
session_set_cookie_params(900) . That sounds like the simple solution I 
was looking for. I'll need to re-visit this project in a few days when 
I finish some other high priority projects. For now, I've got the thing 
working, albeit in an unnecessarily complicated way.

  thanks again
  Garth

                            * * * * * * * * * * * * * * * *
                                my online portfolio

                           http://garthhagerman.com/



From Ed at ComSimplicity.com  Wed Nov  9 13:10:59 2005
From: Ed at ComSimplicity.com (Ed McCarroll)
Date: Wed, 9 Nov 2005 11:10:59 -0800
Subject: [thelist] Grammatical advice (was: Email Servers)
In-Reply-To: <4371C887.4020100@kasimir-k.fi>
Message-ID: <000501c5e561$570f8330$0a00a8c0@Inspiron9300>

> > learn to type?
> 
> Besides, you should type "learn" with a capital "L", as it starts the 
> sentence.

But it's a not a sentence, it's a sentence fragment.  <grin>

"I would rather be inconsistent than wrong."  (Mohandas Ghandi) 
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Ed McCarroll                             http://www.ComSimplicity.com
(310) 838-4330                      PO Box 654, Culver City, CA 90232
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -



From ronr at linuxdude.com  Wed Nov  9 14:02:18 2005
From: ronr at linuxdude.com (Ron)
Date: Wed, 09 Nov 2005 15:02:18 -0500
Subject: [thelist] Grammatical advice
In-Reply-To: <4371C887.4020100@kasimir-k.fi>
References: <20051109050959.95351.qmail@web51101.mail.yahoo.com>
	<4371C887.4020100@kasimir-k.fi>
Message-ID: <437255CA.6060507@linuxdude.com>

Actually I thought 'learn to type' was excellent advice.

Why not help the OP understand that 'text file' configs are easy to work 
with and much more efficient than tabs, buttons, check boxes and text 
boxes scattered all over some gui configurator. Much easier to grep for 
changes and it's much easier to copy/paste to a text file than it is a 
gui. Especially since the OP is talking about a mail server running on 
Linux where he'll find tons of help but it will all be regarding the 
text file configs....  not which buttons to click on some 'no longer 
maintained' gui thingamagig.

~



Kasimir K wrote:

>Anthony Ettinger scribeva in 2005-11-09 05:09:
>  
>
>>learn to type?
>>    
>>
>
>Dear Anthony,
>
>I'm afraid that this kind of replies won't help the OP with his problems.
>
>Besides, you should type "learn" with a capital "L", as it starts the 
>sentence.
>
>.k
>  
>



From evolt at kasimir-k.fi  Wed Nov  9 14:13:52 2005
From: evolt at kasimir-k.fi (Kasimir K)
Date: Wed, 09 Nov 2005 20:13:52 +0000
Subject: [thelist] Grammatical advice (was: Email Servers)
In-Reply-To: <000501c5e561$570f8330$0a00a8c0@Inspiron9300>
References: <000501c5e561$570f8330$0a00a8c0@Inspiron9300>
Message-ID: <43725880.8070701@kasimir-k.fi>

>>> learn to type?
>> Besides, you should type "learn" with a capital "L", as it starts the 
>> sentence.

Ed McCarroll scribeva in 2005-11-09 19:10:
> But it's a not a sentence, it's a sentence fragment.  <grin>

Well, looking at the words it is an imperative sentence, but ends with 
an question mark as if it was an interrogative sentence. But I didn't 
want to pick on that lest I'm too harsh ;-) After all, this list about 
web development, not grammar.

.k

<tip type="Bookmarklet for checking words in Merriam-Webster" 
author="Kasimir K">

Put this in your bookmarks toolbar and checking words is just a click away:

javascript:void(location.href = 
"http://www.m-w.com/cgi-bin/dictionary?va=" + prompt('word'));

</tip>



From evolt at kasimir-k.fi  Wed Nov  9 15:12:53 2005
From: evolt at kasimir-k.fi (Kasimir K)
Date: Wed, 09 Nov 2005 21:12:53 +0000
Subject: [thelist] 'text file' config [was: Grammatical] advice
In-Reply-To: <437255CA.6060507@linuxdude.com>
References: <20051109050959.95351.qmail@web51101.mail.yahoo.com>	<4371C887.4020100@kasimir-k.fi>
	<437255CA.6060507@linuxdude.com>
Message-ID: <43726655.1040806@kasimir-k.fi>

Ron scribeva in 2005-11-09 20:02:
> Actually I thought 'learn to type' was excellent advice.

> Why not help the OP understand that 'text file' configs are easy to work 
> with 

Oh yes, it indeed is an excellent advice. It's just that as the OP 
actually had some typos in his mail I thought that AE was referring to 
those with his reply. If this is not the case, I'm sorry for my mistake.

But instead of "learn to type?", why not just tell that working with 
configuration files is actually quite easy, and maybe point to some 
sites where one could learn the basics, like 
http://www.lifewithqmail.org/ or even 
http://www.hotwired.com/webmonkey/backend/index.html

.k


From steve at plankdesign.com  Wed Nov  9 15:52:22 2005
From: steve at plankdesign.com (Steve Bissonnette)
Date: Wed, 09 Nov 2005 16:52:22 -0500
Subject: [thelist] PostgreSQL mysql_insert_id equivalent ?
Message-ID: <BF97D9C6.D4CB%steve@plankdesign.com>

Hi,

I?m looking for some code that will best give me the last INSERTED ID in a
PostgreSQL database using PHP ?

It would be the equivalent to the function - mysql_insert_id().
http://ca3.php.net/mysql_insert_id

Is there a simple way to do this ?


Thanks,
Steve
-- 
steve bissonnette
director of production
steve at plankdesign.com

PLANK. A multi-faceted-media company.
http://www.plankdesign.com
v. 514.875.0003   f. 514.875.7611




From aspnet at thecrookstons.com  Wed Nov  9 17:06:39 2005
From: aspnet at thecrookstons.com (Casey)
Date: Wed, 9 Nov 2005 17:06:39 -0600
Subject: [thelist] Cookies between ASP and ASP.NET?
Message-ID: <00a501c5e582$3e3188b0$6401a8c0@Papabear>

Is it possible to set a cookie in ASP and retrieve it in ASP.NET?

The client has a legacy application all written years ago in ASP, and they 
have requested a small add on which uses a third party plug-in written in 
ASP.NET.  Not a problem, but the one .NET page needs a session variable 
passed around between pages in on the ASP side.

I was never a fan of session variables in ASP and never used them.  But 
regardless, I thought I could just put the value into a cookie on an ASP 
page and then call it back from the .NET page.

It ain't working.  (Both the ASP and .NET files are being served from the 
same server, which I think made a difference in ASP, but they are running in 
the same application context.)

I'd rather not write to a database or external file if I don't have to, and 
passing the value in a querystring is not an option for security reasons. 
(I know... cookies are not secure either, but for the purposes of this 
application, cookies are good enough.)

I found this on Microsoft (and many other similar articles on other sites): 
How to Share Session State Between Classic ASP and ASP.NET

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnaspp/html/converttoaspnet.asp

But what they prose (building a custom COM object) is WAY overkill -  I just 
need to share one little string!!!  I also found some support group posts 
asking more or less the same question, but did not find a definitive answer.

Thanks, Casey 



From Ken at adOpenStatic.com  Wed Nov  9 18:28:19 2005
From: Ken at adOpenStatic.com (Ken Schaefer)
Date: Thu, 10 Nov 2005 11:28:19 +1100
Subject: [thelist] Cookies between ASP and ASP.NET?
Message-ID: <160489103479AB4892187638EE7D1E691F49DC@kjserver1.kjhome.local>

-----Original Message-----
From: thelist-bounces at lists.evolt.org
[mailto:thelist-bounces at lists.evolt.org] On Behalf Of Casey
Subject: [thelist] Cookies between ASP and ASP.NET?

: Is it possible to set a cookie in ASP and retrieve it in ASP.NET?

Absolutely

: It ain't working. 

Then I think you may be doing something wrong.

: I found this on Microsoft (and many other similar 
: articles on other sites): 
: How to Share Session State Between Classic ASP and ASP.NET

Session State <> Cookies - I think this is where you are going wrong. 

Session state is maintained on the server (for ASP inside the hosting Windows
process, and for ASP.NET either inproc, in SQL Server or in ASP.NET Session
State Service). The ASP process (e.g. dllhost.exe) can't just natively reach
into a SQL Server database and transparently retrieve an ASP.NET session. The
only link between sessions and cookies is that the SessionID (something that
identifies the user's session) is passed in a cookie.

If you just want to pass a value, and it's not particularly sensitive, then
just write it to a cookie (Response.Cookies), and read it back again in your
other pages (Request.Cookies)

Cheers
Ken 


From syoung at unitec.ac.nz  Wed Nov  9 18:37:53 2005
From: syoung at unitec.ac.nz (Stuart Young)
Date: Thu, 10 Nov 2005 13:37:53 +1300
Subject: [thelist] Creating thumbnails of websites?
Message-ID: <s3734d49.092@gwia1.unitec.ac.nz>

> I'm hoping to avoid the tedious process of using Prt Scr and Photoshop.

I recommend MWSnap - makes taking screenshots a breeze
freeware (donateware)
http://www.mirekw.com/winfreeware/mwsnap.html 

cheers

--
Dr Stuart Young,       	+64 (0)9-815 4321 x 8656
<syoung at unitec.ac.nz> 	+64 021 183 2846 (mob)
Lecturer, School of Computing and Information Technology,
Unitec New Zealand, Auckland, New Zealand
http://tinyurl.com/4956o
(the official URL for my staffpage is too long and complex)
http://blog.stuart.cpanel.unitec.ac.nz/
My Unitec internet and web development blog.
http://www.pixelandgrain.co.nz/
Web development, graphic design and photography



From peter at easylistbox.com  Wed Nov  9 18:50:16 2005
From: peter at easylistbox.com (Peter Brunone (EasyListBox.com))
Date: Wed, 9 Nov 2005 17:50:16 -0700
Subject: [thelist] Cookies between ASP and ASP.NET?
Message-ID: <ca368a69078546f2b1b6508f55ee8797@easylistbox.com>

   Bear in mind that non-alphanumeric characters may be encoded when attempting this.  That is, if you set a cookie to "bob -- ???"" in Classic, you will notice that it has become "bob+%2D%2D+%EB%FA%FF" when you retrieve it via ASP.NET.

   I'm not sure of the convention (looks like hex-something), although the use of Server.UrlDecode() on the result yields "bob -- " which seems to indicate that most "normal" English characters will be decoded correctly, and anything in the two-byte range will be discarded.

HTH,

Peter

 From: "Ken Schaefer"  Ken at adOpenStatic.com 

-----Original Message-----
From: thelist-bounces at lists.evolt.org

: Is it possible to set a cookie in ASP and retrieve it in ASP.NET?

Absolutely

: It ain't working. 

Then I think you may be doing something wrong.

: I found this on Microsoft (and many other similar 
: articles on other sites): 
: How to Share Session State Between Classic ASP and ASP.NET

Session State <> Cookies - I think this is where you are going wrong. 

Session state is maintained on the server (for ASP inside the hosting Windows
process, and for ASP.NET either inproc, in SQL Server or in ASP.NET Session
State Service). The ASP process (e.g. dllhost.exe) can't just natively reach
into a SQL Server database and transparently retrieve an ASP.NET session. The
only link between sessions and cookies is that the SessionID (something that
identifies the user's session) is passed in a cookie.

If you just want to pass a value, and it's not particularly sensitive, then
just write it to a cookie (Response.Cookies), and read it back again in your
other pages (Request.Cookies)

Cheers
Ken 


From pixelmech at yahoo.com  Wed Nov  9 20:14:41 2005
From: pixelmech at yahoo.com (Tom Dell'Aringa)
Date: Wed, 9 Nov 2005 18:14:41 -0800 (PST)
Subject: [thelist] JavaScript (Ajax) question - IE
Message-ID: <20051110021441.12098.qmail@web51402.mail.yahoo.com>

Hi all,

I'm working on a little script for an Ajax article I'm writing. If you look here in
FireFox/Mozzy..

http://www.pixelmech.com/ajax/ajaxController.html

Click on 'colorado' and ajax loads a photo. Whippee. (you'll see the request object alert) Problem
is, in IE I get the old JS error "object does not support this property or method". The
problematic area seems to be my request setup for the XmlHttp object:

var request = (window.ActiveXObject) ? new ActiveXObject("Microsoft.XMLHTTP") : new
XMLHttpRequest();

request is null for IE, no matter what I try - even in try/catch blocks it fails. I thought it
might want the other IE object (MSXML2.ServerXMLHTTP) but that did not work either. I reset my
browser to defaults in privacy and security...I can't think of what else to try. Any suggestions?
Seems to me this should work no problem...

TIA

Tom





http://www.pixelmech.com/
"I was in a convenience store reading a magazine and the clerk came up to me and said "This is not a library". so I said, "All right, I will talk louder then!"


From joshua at waetech.com  Wed Nov  9 20:35:15 2005
From: joshua at waetech.com (Joshua Olson)
Date: Wed, 9 Nov 2005 21:35:15 -0500
Subject: [thelist] JavaScript (Ajax) question - IE
In-Reply-To: <20051110021441.12098.qmail@web51402.mail.yahoo.com>
Message-ID: <mailman.11.1260243360.27034.thelist@lists.evolt.org>

> -----Original Message-----
> From: Tom Dell'Aringa
> Sent: Wednesday, November 09, 2005 9:15 PM
> 
> http://www.pixelmech.com/ajax/ajaxController.html
> 
> Click on 'colorado' and ajax loads a photo. Whippee. (you'll 
> see the request object alert) Problem
> is, in IE I get the old JS error "object does not support 
> this property or method". The
> problematic area seems to be my request setup for the XmlHttp object:

Tom,

I've had pretty good luck with this block of code for creating the object:

function jb()
{
  var A=null;
  try
  {
    A=new ActiveXObject("Msxml2.XMLHTTP")
  }
  catch(e)
  {
    try
    {
      A=new ActiveXObject("Microsoft.XMLHTTP")
    }
    catch(oc)
    {
      A=null
    }
  }
  if(!A&&typeof XMLHttpRequest!="undefined")
  {
    A=new XMLHttpRequest()
  }
  return A
}  

It's the code Google first used when they launched Google Suggest, so I'm
fairly confident it'll work.  :-)

<><><><><><><><><><>
Joshua L. Olson
WAE Tech Inc.
http://www.waetech.com/
Phone: 706.210.0168 
Fax: 413.812.4864

Monitor bandwidth usage on IIS6 in real-time:
http://www.waetech.com/services/iisbm/




From lead at offlead.com  Wed Nov  9 20:58:21 2005
From: lead at offlead.com (Jeniffer C. Johnson)
Date: Wed, 9 Nov 2005 20:58:21 -0600
Subject: [thelist] Small Job -- Seeking a German Copyeditor
Message-ID: <mailman.12.1260243360.27034.thelist@lists.evolt.org>

I am working up a quote for a new potential client, and one of the things
they are considering is whether or not to have the site in just English, or
in German and English both. I have a copyeditor that I use for going through
a site in English, but neither she nor I are able to do this task in German.
I need someone who is fluent in English as well as German, and who can do
simple copy-editing, looking primarily for correct grammar and spelling.
This isn't a business website, just a hobby site, but I still want anything
with my company name attached to it to read well. The client will provide
copy, but I always have to clean up the English copy a fair bit. I assume
I'll need to do the same with any language. ;-) 

If you are proficient in both languages, and are interested, please contact
me off-list with rate information. I don't have precise information yet on
the number of pages, but an hourly rate will do. 

Thank you,
Jeniffer

 

Jeniffer C. Johnson
OffLead Productions
http://www.offlead.com





From pixelmech at yahoo.com  Wed Nov  9 21:26:18 2005
From: pixelmech at yahoo.com (Tom Dell'Aringa)
Date: Wed, 9 Nov 2005 19:26:18 -0800 (PST)
Subject: [thelist] JavaScript (Ajax) question - IE
Message-ID: <20051110032618.22048.qmail@web51415.mail.yahoo.com>

--- Joshua Olson <joshua at waetech.com> wrote:

> I've had pretty good luck with this block of code for creating the object:
> 
> function jb()
> {
>   var A=null;
>   try
>   {
>     A=new ActiveXObject("Msxml2.XMLHTTP")
>   }
>   catch(e)
>   {
>     try
>     {
>       A=new ActiveXObject("Microsoft.XMLHTTP")
>     }
>     catch(oc)
>     {
>       A=null
>     }
>   }
>   if(!A&&typeof XMLHttpRequest!="undefined")
>   {
>     A=new XMLHttpRequest()
>   }
>   return A
> }  
> 
> It's the code Google first used when they launched Google Suggest, so I'm
> fairly confident it'll work.  :-)

Dang, it still errors out! :( I was confident too! Could this possibly be a local setting issue?
In any event, I put some alerts in the function you supplied, it errors out without ever entering
the catch block or the 'undefined' block.

Current page at:

http://www.pixelmech.com/ajax/ajaxController.html

JS is inline.. I'm fairly sure I have it implemented fine, it still works in FireFox just peachy.
Does it work for anyone else in IE?

Tom


http://www.pixelmech.com/
"I was in a convenience store reading a magazine and the clerk came up to me and said "This is not a library". so I said, "All right, I will talk louder then!"


From asifsuria at yahoo.com  Wed Nov  9 21:38:24 2005
From: asifsuria at yahoo.com (Asif Suria)
Date: Wed, 9 Nov 2005 19:38:24 -0800 (PST)
Subject: [thelist] Weird ASP.NET problem
In-Reply-To: <ca368a69078546f2b1b6508f55ee8797@easylistbox.com>
Message-ID: <20051110033824.14105.qmail@web53403.mail.yahoo.com>

Hello,

I am trying to write some ASP.NET (C#) code that will
copy the information entered in certain fields
(current address) to certain other fields (permanent
address) when a checkbox is clicked. I used an example
listed on a microsoft website to build my code but
when the checkbox is clicked, nothing happens. The
page seems to have some sort of Javascript error (this
Javascript is generated by the ASP.NET page)

"error: object doesn't support this property or
method"

A stripped down version of the code is given below.
Any insights would be greatly appreciated as I have
been staring at this for over 2 hours and cant seem to
figure out what is wrong. Googling this problem brough
up posts from other folks who had the same problem but
no resolutions. 

Thanks,
Asif
http://www.sinletter.com


--------------BEGIN CODE------------------------------

<%@ Page Language="C#" Debug="true"
autoeventwireup="True" %>

<script runat="server">   
    
    void Check_Clicked(object sender, EventArgs e)
    {
        if(SameAddress.Checked)
            txtOStreet1.Text = txtCStreet1;
        else
            txtOStreet1.Text = "";
    
    }
    
    
    void Submit_Click(object sender, EventArgs e) {
    
    panelForm.Visible = false;
    
        MyHeading.Text="Thank you. Your request has
been submitted.";
        MyHeading.Visible = true;
    }

</script>
<html>
<head>
    <title>Some Form</title>
    <link href="../../images/interface/PageFeel.css"
type="text/css" rel="stylesheet" />
</head>
<body>
    <form id="someForm" runat="server">
        <center><asp:Label id="MyHeading"
runat="server"></asp:Label>
        </center>
        <asp:Panel id="panelForm" Visible="True"
Runat="Server">
            <div align="center">
                
                <table class="tablefont"
cellspacing="2" cellpadding="2" width="650"
border="0">
                    <tbody>
                        <tr>
                            <td align="right"
width="400">
                                <b>Current Mailing
Address</b> 
                            </td>
                            <td align="right"
width="250">
                                &nbsp; 
                            </td>
                        </tr>
                    </tbody>
                </table>
                <br />
                <table class="tablefont"
cellspacing="2" cellpadding="2" width="650"
border="1">
                    <tbody>
                        <tr>
                            <td valign="bottom"
width="150" height="25">
                                <font size="2">Street
1</font></td>
                            <td width="200"
height="25">
                                <asp:TextBox
id="txtCStreet1" Runat="Server" MaxLength="75"
Columns="20"></asp:TextBox>
                            </td>
                            <td valign="bottom"
width="150" height="25">
                                <font size="2">Street
2*</font></td>
                            <td width="200"
height="25">
                                <asp:TextBox
id="txtCStreet2" Runat="Server" MaxLength="75"
Columns="20"></asp:TextBox>
                            </td>
                        </tr>
                        <tr>
                            <td valign="bottom"
width="150" height="25">
                                <font
size="2">City</font></td>
                            <td width="200"
height="25">
                                <asp:TextBox
id="txtCCity" Runat="Server" MaxLength="30"
Columns="20"></asp:TextBox>
                            </td>
                            <td valign="bottom"
width="150" height="25">
                                <font
size="2">State</font></td>
                            <td width="200"
height="25">
                                <asp:TextBox
id="txtCState" Runat="Server" MaxLength="25"
Columns="20"></asp:TextBox>
                            </td>
                        </tr>
                        <tr>
                            <td valign="bottom"
width="150" height="25">
                                <font
size="2">Zip</font></td>
                            <td width="200"
height="25">
                                <asp:TextBox
id="txtCZip" Runat="Server" MaxLength="50"
Columns="20"></asp:TextBox>
                            </td>
                            <td valign="bottom"
width="150" height="25">
                                <font size="2">Valid
Until</font></td>
                            <td width="200"
height="25">
                                <asp:TextBox
id="txtCValid" Runat="Server" MaxLength="15"
Columns="20"></asp:TextBox>
                            </td>
                        </tr>
                    </tbody>
                </table>
                <br />
                <br />
                <table class="tablefont"
cellspacing="2" cellpadding="2" width="650"
border="0">
                    <tbody>
                        <tr>
                            <td align="right"
width="400">
                                <b>Permanent
Address</b> 
                            </td>
                            <td align="right"
width="250">
                                <asp:CheckBox
id="SameAddress" Runat="Server" Text=" Check if same
as above" AutoPostBack="True"
OnCheckedChanged="Check_Clicked"></asp:CheckBox>
                            </td>
                        </tr>
                    </tbody>
                </table>
                <br />
                <table class="tablefont"
cellspacing="2" cellpadding="2" width="650"
border="1">
                    <tbody>
                        <tr>
                            <td valign="bottom"
width="150" height="25">
                                <font size="2">Street
1</font></td>
                            <td width="200"
height="25">
                                <asp:TextBox
id="txtOStreet1" Runat="Server" MaxLength="75"
Columns="20"></asp:TextBox>
                            </td>
                            <td valign="bottom"
width="150" height="25">
                                <font size="2">Street
2*</font></td>
                            <td width="200"
height="25">
                                <asp:TextBox
id="txtOStreet2" Runat="Server" MaxLength="75"
Columns="20"></asp:TextBox>
                            </td>
                        </tr>
                        <tr>
                            <td valign="bottom"
width="150" height="25">
                                <font
size="2">City</font></td>
                            <td width="200"
height="25">
                                <asp:TextBox
id="txtOCity" Runat="Server" MaxLength="30"
Columns="20"></asp:TextBox>
                            </td>
                            <td valign="bottom"
width="150" height="25">
                                <font
size="2">State</font></td>
                            <td width="200"
height="25">
                                <asp:TextBox
id="txtOState" Runat="Server" MaxLength="25"
Columns="20"></asp:TextBox>
                            </td>
                        </tr>
                        <tr>
                            <td valign="bottom"
width="150" height="25">
                                <font
size="2">Zip</font></td>
                            <td width="200"
height="25">
                                <asp:TextBox
id="txtOZip" Runat="Server" MaxLength="50"
Columns="20"></asp:TextBox>
                            </td>
                            <td valign="bottom"
width="150" height="25">
                                <font size="2">Valid
Until</font></td>
                            <td width="200"
height="25">
                                <asp:TextBox
id="txtOValid" Runat="Server" MaxLength="15"
Columns="20"></asp:TextBox>
                            </td>
                        </tr>
                    </tbody>
                </table>
                <br />
                <br />
                <asp:Button id="submit"
onclick="Submit_Click" runat="server"
Text="Submit"></asp:Button>
            </div>
        </asp:Panel>
    </form>
</body>
</html>

--------------END CODE------------------------------



		
__________________________________ 
Start your day with Yahoo! - Make it your home page! 
http://www.yahoo.com/r/hs


From rob at wildlime.com  Wed Nov  9 22:16:09 2005
From: rob at wildlime.com (Rob Agar)
Date: Thu, 10 Nov 2005 14:16:09 +1000
Subject: [thelist] JavaScript (Ajax) question - IE
In-Reply-To: <20051110032618.22048.qmail@web51415.mail.yahoo.com>
Message-ID: <001b01c5e5ad$7a601fb0$d600000a@WS1>

hi Tom

According to the VS debugger, it's actually barfing on this line:

	content = document.getElementById("content");

Dunno why though I'm afraid. Even IE supports document.getElementById
:-/

Rob



From joshua at waetech.com  Wed Nov  9 22:35:52 2005
From: joshua at waetech.com (Joshua Olson)
Date: Wed, 9 Nov 2005 23:35:52 -0500
Subject: [thelist] JavaScript (Ajax) question - IE
In-Reply-To: <20051110032618.22048.qmail@web51415.mail.yahoo.com>
Message-ID: <mailman.13.1260243360.27034.thelist@lists.evolt.org>

> -----Original Message-----
> From: Tom Dell'Aringa [mailto:pixelmech at yahoo.com] 
> Sent: Wednesday, November 09, 2005 10:26 PM
> 
> Dang, it still errors out! :( I was confident too! Could this 
> possibly be a local setting issue?
> In any event, I put some alerts in the function you supplied, 
> it errors out without ever entering
> the catch block or the 'undefined' block.

It's erroring out on this line.

content = document.getElementById("content");

You'll need to pick another variable name other than content.

<><><><><><><><><><>
Joshua L. Olson
WAE Tech Inc.
http://www.waetech.com/
Phone: 706.210.0168 
Fax: 413.812.4864

Monitor bandwidth usage on IIS6 in real-time:
http://www.waetech.com/services/iisbm/




From rob at wildlime.com  Wed Nov  9 22:52:25 2005
From: rob at wildlime.com (Rob Agar)
Date: Thu, 10 Nov 2005 14:52:25 +1000
Subject: [thelist] JavaScript (Ajax) question - IE
In-Reply-To: <200511100435.jAA4ZrLo016253@araska.wildlime.com>
Message-ID: <002201c5e5b2$8ba23510$d600000a@WS1>

> You'll need to pick another variable name other than content.

or, it seems, add "var" to the beginning of the line



From joshua at waetech.com  Wed Nov  9 23:00:24 2005
From: joshua at waetech.com (Joshua Olson)
Date: Thu, 10 Nov 2005 00:00:24 -0500
Subject: [thelist] JavaScript (Ajax) question - IE
In-Reply-To: <002201c5e5b2$8ba23510$d600000a@WS1>
Message-ID: <mailman.14.1260243360.27034.thelist@lists.evolt.org>

> -----Original Message-----
> From: Rob Agar
> Sent: Wednesday, November 09, 2005 11:52 PM
> 
> > You'll need to pick another variable name other than content.
> 
> or, it seems, add "var" to the beginning of the line

Adding var makes the variable a local variable, which means that the
variable won't conflict with a global object.  In this page in ie, the
variable "content" was already taken because there was an element with an id
of "content".  That is why he couldn't assign a value to that variable name.

<><><><><><><><><><>
Joshua L. Olson
WAE Tech Inc.
http://www.waetech.com/
Phone: 706.210.0168 
Fax: 413.812.4864

Monitor bandwidth usage on IIS6 in real-time:
http://www.waetech.com/services/iisbm/




From aspnet at thecrookstons.com  Wed Nov  9 23:03:15 2005
From: aspnet at thecrookstons.com (Casey)
Date: Wed, 9 Nov 2005 23:03:15 -0600
Subject: [thelist] Cookies between ASP and ASP.NET?
References: <160489103479AB4892187638EE7D1E691F49DC@kjserver1.kjhome.local>
Message-ID: <00c001c5e5b4$10234cb0$6401a8c0@Papabear>

> : Is it possible to set a cookie in ASP and retrieve it in ASP.NET?
>
> Absolutely

Okay, thanks Ken.  At least I know I'm headed in the right direction.

In the ASP page, the cookie is set as follows:
    response.cookies("access_level") = session("access_level")

Then just to be sure the cookies is being set, I called it again on the same 
page:
    response.write("level=" & request.cookies("access_level"))

It returns the value as expected.  In the ASP.NET file, this returns 
nothing:
    response.write(Request.Cookies("access_level"))

And this returns an error:
    response.write(Request.Cookies("access_level").value)

 System.NullReferenceException: Object reference not set to an instance of 
an object.

Thus my confusion.  I'll keep searching, and in the mean time if anyone else 
can point out my (silly?) error....

Casey
 



From email at timburgan.com  Wed Nov  9 23:06:27 2005
From: email at timburgan.com (Tim Burgan)
Date: Thu, 10 Nov 2005 15:36:27 +1030
Subject: [thelist] Link color problem
Message-ID: <4372D553.4010003@timburgan.com>

Hello,

I've designed a new site, but I'm having trouble with link colors.

In all browsers on Windows, the links show as intended - blue.

In Safari and Opera on Mac, the links show as red. Other Mac browsers
are blue.

Screenshots: http://tinyurl.com/ab6mo

In my CSS I have my links defined as follows:

a:link    { color: blue;   }
a:visited { color: purple; }
a:hover   { color: red;    }
a:active  { color: red;    }

I cannot figure out why this is occurring. I've tried removing the
:hover and :active, but this changes nothing.

Am I missing something? Has anyone come across this before?


Tim




From aspnet at thecrookstons.com  Wed Nov  9 23:24:11 2005
From: aspnet at thecrookstons.com (Casey)
Date: Wed, 9 Nov 2005 23:24:11 -0600
Subject: [thelist] Cookies between ASP and ASP.NET?
References: <160489103479AB4892187638EE7D1E691F49DC@kjserver1.kjhome.local>
	<00c001c5e5b4$10234cb0$6401a8c0@Papabear>
Message-ID: <00c701c5e5b6$fb5c83c0$6401a8c0@Papabear>

Solved.  Thanks!

----- Original Message ----- 
From: "Casey" <aspnet at thecrookstons.com>
To: <thelist at lists.evolt.org>
Sent: Wednesday, November 09, 2005 11:03 PM
Subject: Re: [thelist] Cookies between ASP and ASP.NET?


>> : Is it possible to set a cookie in ASP and retrieve it in ASP.NET?
>>
>> Absolutely
>
> Okay, thanks Ken.  At least I know I'm headed in the right direction.
>
> In the ASP page, the cookie is set as follows:
>    response.cookies("access_level") = session("access_level")
>
> Then just to be sure the cookies is being set, I called it again on the 
> same
> page:
>    response.write("level=" & request.cookies("access_level"))
>
> It returns the value as expected.  In the ASP.NET file, this returns
> nothing:
>    response.write(Request.Cookies("access_level"))
>
> And this returns an error:
>    response.write(Request.Cookies("access_level").value)
>
> System.NullReferenceException: Object reference not set to an instance of
> an object.
>
> Thus my confusion.  I'll keep searching, and in the mean time if anyone 
> else
> can point out my (silly?) error....
>
> Casey
>
>
> -- 
>
> * * Please support the community that supports you.  * *
> http://evolt.org/help_support_evolt/
>
> For unsubscribe and other options, including the Tip Harvester
> and archives of thelist go to: http://lists.evolt.org
> Workers of the Web, evolt ! 



From peter at easylistbox.com  Wed Nov  9 23:25:59 2005
From: peter at easylistbox.com (Peter Brunone (EasyListBox.com))
Date: Wed, 9 Nov 2005 22:25:59 -0700
Subject: [thelist] Cookies between ASP and ASP.NET?
Message-ID: <34c93c902cc3472e91c7c545c568aa1f@easylistbox.com>

   Are cookies enabled in the browser?  Even if they're not, you'll still be able to set and retrieve on the same page load.  Try posting to another .asp file and retrieving the cookie in *that* page to be sure.

 From: "Casey" aspnet at thecrookstons.com

> : Is it possible to set a cookie in ASP and retrieve it in ASP.NET?
>
> Absolutely

Okay, thanks Ken. At least I know I'm headed in the right direction.

In the ASP page, the cookie is set as follows:
response.cookies("access_level") = session("access_level")

Then just to be sure the cookies is being set, I called it again on the same 
page:
response.write("level=" & request.cookies("access_level"))

It returns the value as expected. In the ASP.NET file, this returns 
nothing:
response.write(Request.Cookies("access_level"))

And this returns an error:
response.write(Request.Cookies("access_level").value)

System.NullReferenceException: Object reference not set to an instance of 
an object.

Thus my confusion. I'll keep searching, and in the mean time if anyone else 
can point out my (silly?) error....

Casey


From email at timburgan.com  Thu Nov 10 00:46:32 2005
From: email at timburgan.com (Tim Burgan)
Date: Thu, 10 Nov 2005 17:16:32 +1030
Subject: [thelist] Link color problem
In-Reply-To: <4372D553.4010003@timburgan.com>
References: <4372D553.4010003@timburgan.com>
Message-ID: <4372ECC8.7010601@timburgan.com>

I've found the issue.
Most Mac browsers (Camino, Safari and Opera) do this when the (X)HTML 
links to CSS files that don't exist.

Hope this assists someone else.

Tim




From volkan.ozcelik at gmail.com  Thu Nov 10 01:21:15 2005
From: volkan.ozcelik at gmail.com (=?ISO-8859-9?Q?VOLKAN_=D6Z=C7EL=DDK?=)
Date: Thu, 10 Nov 2005 09:21:15 +0200
Subject: [thelist] JavaScript (Ajax) question - IE
In-Reply-To: <4372d42f.7037e47f.4bb5.317aSMTPIN_ADDED@mx.gmail.com>
References: <002201c5e5b2$8ba23510$d600000a@WS1>
	<4372d42f.7037e47f.4bb5.317aSMTPIN_ADDED@mx.gmail.com>
Message-ID: <dfc81b090511092321l7b2e0f97m@mail.gmail.com>

>
> Adding var makes the variable a local variable, which means that the
> variable won't conflict with a global object
>

Exactly!
That's why assigning your local variances with var is a "good coding
practice". There are several other subtler issues (which I cannot
remember by now but have pained a lot) that raise rarely when you
don't declare your variances with var as well.

Cheers,
--
Volkan Ozcelik
+>Yep! I'm blogging! : http://www.volkanozcelik.com/volkanozcelik/blog/
+> My projects/studies/trials/errors : http://www.sarmal.com/


From pixelmech at yahoo.com  Thu Nov 10 06:32:03 2005
From: pixelmech at yahoo.com (Tom Dell'Aringa)
Date: Thu, 10 Nov 2005 04:32:03 -0800 (PST)
Subject: [thelist] JavaScript (Ajax) question - IE [solved]
Message-ID: <20051110123203.69069.qmail@web51411.mail.yahoo.com>

--- Joshua Olson <joshua at waetech.com> wrote:

> Apparently "content" is a reserved word in IE.  You can't create a variable
> of that name (line 17).

Huh! Who would have thought - I cannot believe I have never run across that considering how often
I use the id 'content'. I changed the id and all ref's to 'livearea' and it works just fine.

Thanks Josh!

Tom


http://www.pixelmech.com/
"I was in a convenience store reading a magazine and the clerk came up to me and said "This is not a library". so I said, "All right, I will talk louder then!"


From bclark at eccotours.dyndns.org  Thu Nov 10 07:02:56 2005
From: bclark at eccotours.dyndns.org (Brent Clark)
Date: Thu, 10 Nov 2005 15:02:56 +0200
Subject: [thelist] display text based on co-ordinates on image
Message-ID: <43734500.3000300@eccotours.dyndns.org>

Hi all

I have a map that I would like to share some comments / text  on, based on the co ordinates of the map.

Obviously I have code like so

<map name="$areaInQuestion">
<area  href="javascript:popup('')"    shape="rect" coords="10,870,90,880" />
</map>

But I cant get the text to display based on the co-ordinate, I cant use onhover or onmouse etc, because there is no link.

I would like to use

http://www.bosrup.com/web/overlib/

With the example of  "Navigations help"

If anyone has any tips or advice, I would be most gratefull.

Kind Regards
Brent Clark


From volkan.ozcelik at gmail.com  Thu Nov 10 07:42:55 2005
From: volkan.ozcelik at gmail.com (=?ISO-8859-9?Q?VOLKAN_=D6Z=C7EL=DDK?=)
Date: Thu, 10 Nov 2005 15:42:55 +0200
Subject: [thelist] backordering, domain transfer and other issues.
Message-ID: <dfc81b090511100542j7ae72661s@mail.gmail.com>

Hi everyone,

May be you remember my previous post on "how to work freelance on a
global scale". Thank for all your support and motivation.

And here I am holding first freelance agreement (Well not a big step
for the human kind, but a big big step for me. ... no I've not
resigned my full-time job yet :) )

However I'm a bit novice in these kinda stuff, and I don't want to
p*ss off my very first attempt.

Here is the situation:

My client had made his site (say ABC.com) design by someone else whom
he cannot contact anymore. His domain will expire in less than a
month.

1. He says that he can stand if his site is down a few weeks but
he does not want to stop his e-mail correspondence (info at ABC.com,
sales at ABC.com etc) for more than a day (or two at most)
2. (corollary to 1) He never forever wants to change his domain name
or worse lose it.

Therefore two options come to my mind:

1. find the current owner of the domain name and request him cancel
his registration.
2. issue an "instant backorder" from some registrar service and hope
that the owner does not extend his registration period.

Anything else that I can do?

Thank you very much in advance.
--
Volkan Ozcelik
+>Yep! I'm blogging! : http://www.volkanozcelik.com/volkanozcelik/blog/
+> My projects/studies/trials/errors : http://www.sarmal.com/


From morrison.ben at gmail.com  Thu Nov 10 08:08:32 2005
From: morrison.ben at gmail.com (ben morrison)
Date: Thu, 10 Nov 2005 14:08:32 +0000
Subject: [thelist] [WebAIM] display text based on co-ordinates on image
In-Reply-To: <43734500.3000300@eccotours.dyndns.org>
References: <43734500.3000300@eccotours.dyndns.org>
Message-ID: <6073aef90511100608p2d87043ct350eafe476ed575b@mail.gmail.com>

> I have a map that I would like to share some comments / text  on, based on the co ordinates of the map.
>
> Obviously I have code like so
>
> <map name="$areaInQuestion">
> <area  href="javascript:popup('')"    shape="rect" coords="10,870,90,880" />
> </map>
>
> But I cant get the text to display based on the co-ordinate, I cant use onhover or onmouse etc, because there is no link.

Maybe you could use 'nice titles'

http://www.kryogenix.org/code/browser/nicetitle/

and instead of searching for links:

for (var ti=0;ti<document.links.length;ti++) {

search for area - is that possible? or give the map an id then find
its childnodes and then attach the onmousover/mouseout events.

I'm sure others can be more helpful..

ben

ben


From pixelmech at yahoo.com  Thu Nov 10 08:08:42 2005
From: pixelmech at yahoo.com (Tom Dell'Aringa)
Date: Thu, 10 Nov 2005 06:08:42 -0800 (PST)
Subject: [thelist] JavaScript (Ajax) question - IE [solved]
Message-ID: <20051110140842.32456.qmail@web51405.mail.yahoo.com>

--- Joshua Olson <joshua at waetech.com> wrote:

> I want to amend the statement I made... it's only reserved because you also
> have an element with the id of "content".   :-)  Sorry about the confusion.

Ah...it's not a JS reserved word then (I thought that was odd). Was it that the JS interpreter in
IE got confused on what "content" I meant (tried to run a method on a DIV maybe - thus object
doesn't support method..)? It's wierd that Mozzy didn't have any problem with it whatsoever.

Tom


http://www.pixelmech.com/
"I was in a convenience store reading a magazine and the clerk came up to me and said "This is not a library". so I said, "All right, I will talk louder then!"


From vreeland at studioframework.com  Thu Nov 10 08:36:33 2005
From: vreeland at studioframework.com (Robert Vreeland)
Date: Thu, 10 Nov 2005 09:36:33 -0500
Subject: [thelist] backordering, domain transfer and other issues.
In-Reply-To: <dfc81b090511100542j7ae72661s@mail.gmail.com>
Message-ID: <0MKp2t-1EaDXx04zh-0003hx@mrelay.perfora.net>

Hello,
 I assume but just to clarify, have you checked whois to determine who is
listed as the domain owner the site to see who is listed as the owner?

I'm not entirely positive, but if your client submits a dispute over the
ownership of the domain it may prevent the site from being grabbed by
someone else or renewed by the old developer until the dispute is resolved;
additionally, I think the current DNS record will stay in effect until the
dispute is resolved. This is assuming your client is able to prove they paid
for the domain registration, or at the very least they own the web site -
pay the hosting fees and engaged the developer to create the site.

I'm sure someone will point out if I'm way off base.

Robert Vreeland



From vreeland at studioframework.com  Thu Nov 10 08:38:42 2005
From: vreeland at studioframework.com (Robert Vreeland)
Date: Thu, 10 Nov 2005 09:38:42 -0500
Subject: [thelist] 'text file' config [was: Grammatical] advice Solved(I
	thinkl)
In-Reply-To: <43726655.1040806@kasimir-k.fi>
Message-ID: <0MKp2t-1EaDa21Flq-0003ek@mrelay.perfora.net>

Thanks for the advice everyone,

I am going with a vps solution from spry that comes pre-configured with
Webmin and am working through getting Qmail installed.

Robert Vreeland



From dan.mccullough at gmail.com  Thu Nov 10 08:49:52 2005
From: dan.mccullough at gmail.com (Dan McCullough)
Date: Thu, 10 Nov 2005 09:49:52 -0500
Subject: [thelist] backordering, domain transfer and other issues.
In-Reply-To: <0MKp2t-1EaDXx04zh-0003hx@mrelay.perfora.net>
References: <dfc81b090511100542j7ae72661s@mail.gmail.com>
	<0MKp2t-1EaDXx04zh-0003hx@mrelay.perfora.net>
Message-ID: <faf1d2bd0511100649o38e843ftd2512382bc79733e@mail.gmail.com>

Those are very good steps for getting this resolved.  That's what I
would suggest as well, and do it quickly.  If the domain is not in
your clients name anywhere and has the designer as owner and so forth
it will be very difficult for you client to get it and you should
proceed with the backorder, but if you client is listed as owner or
billing contact you will have a strong case.  But your first step as
mentioned by Robert should be to to check whois and find out all the
information on the contacts listed and who the domain is owned by,
then go to the registrar (it should be listed on the whois, and find
out their policies on transfers, dispute etc.

On 11/10/05, Robert Vreeland <vreeland at studioframework.com> wrote:
> Hello,
>  I assume but just to clarify, have you checked whois to determine who is
> listed as the domain owner the site to see who is listed as the owner?
>
> I'm not entirely positive, but if your client submits a dispute over the
> ownership of the domain it may prevent the site from being grabbed by
> someone else or renewed by the old developer until the dispute is resolved;
> additionally, I think the current DNS record will stay in effect until the
> dispute is resolved. This is assuming your client is able to prove they paid
> for the domain registration, or at the very least they own the web site -
> pay the hosting fees and engaged the developer to create the site.
>
> I'm sure someone will point out if I'm way off base.
>
> Robert Vreeland
>
> --
>
> * * Please support the community that supports you.  * *
> http://evolt.org/help_support_evolt/
>
> For unsubscribe and other options, including the Tip Harvester
> and archives of thelist go to: http://lists.evolt.org
> Workers of the Web, evolt !
>


From volkan.ozcelik at gmail.com  Thu Nov 10 09:32:06 2005
From: volkan.ozcelik at gmail.com (=?ISO-8859-9?Q?VOLKAN_=D6Z=C7EL=DDK?=)
Date: Thu, 10 Nov 2005 17:32:06 +0200
Subject: [thelist] backordering, domain transfer and other issues.
In-Reply-To: <0MKp2t-1EaDXx04zh-0003hx@mrelay.perfora.net>
References: <dfc81b090511100542j7ae72661s@mail.gmail.com>
	<0MKp2t-1EaDXx04zh-0003hx@mrelay.perfora.net>
Message-ID: <dfc81b090511100732q115211d0i@mail.gmail.com>

>  I assume but just to clarify, have you checked whois to determine who is
> listed as the domain owner the site to see who is listed as the owner?

Yes I did. It belongs to some individual (perhaps a freelance
developer), an e-mail and a phone is provided.

But I don't want to contact him unless absolutely necessary. This will
make the deal hotter. May be has has alredy forgotten about it and me
asking to drop his domain registration will pop a light bulb over his
hand and offer me a high-price for it etc.

> This is assuming your client is able to prove they paid
> for the domain registration, or at the very least they own the web site -
> pay the hosting fees and engaged the developer to create the site.

I think he can prove he has paid for it. He is a legal entity, has
accounting records, bills etc. But acting dispute legally will make
things harder.

As you may have deduced from the situation he does not even have a
user/pass for the dns record he (or the developer) has purchased. He
is -sorta- ignorant on the issue (though he is very competent in his
business, the internet is relatively new for him ).

I am not a legal man, but the domain name belongs to the one who has
paid for it (i.e. the developer) - he has the power to renew it, drop
it, re-sell it etc. - unless there is an issue on trademark, copyright
infringement or other rights.

Worse of all, the law related to cyberspace is not very well-formed here.

Cheers,
--
Volkan Ozcelik
+>Yep! I'm blogging! : http://www.volkanozcelik.com/volkanozcelik/blog/
+> My projects/studies/trials/errors : http://www.sarmal.com/


From april at farstrider.org  Thu Nov 10 09:49:12 2005
From: april at farstrider.org (April)
Date: Thu, 10 Nov 2005 07:49:12 -0800
Subject: [thelist] backordering, domain transfer and other issues.
In-Reply-To: <dfc81b090511100542j7ae72661s@mail.gmail.com>
References: <dfc81b090511100542j7ae72661s@mail.gmail.com>
Message-ID: <43736BF8.3030608@farstrider.org>

You can renew domains you don't have account access to at everywhere 
I've tried it.  If all you're doing is giving them money, they don't 
care who it is.  If you're okay with the server that the domain is 
currently pointed at, this can buy you some extra time to contact the 
old developer.

If the site owner is listed on the whois, not the developer, then 
usually the site owner will be able to do something like fax in a copy 
of his driver's license and a utility bill to regain control of the account.

If the old developer is listed on the whois, that information should 
work for contacting him.  If it doesn't, that can really help your case 
if you need to dispute it.

If you let a domain expire with the intent of getting a backorder on it, 
you're relying on some luck to be sure you do end up with that domain in 
a timely manner.  All might work out well, but the domain might end up 
on hold somewhere for 2 or 3 months or bought by someone else.  If the 
domain is a decent one, someone else might already have it on instant 
backorder.  You probably would lose mail for more than a day.


VOLKAN ?Z?EL?K wrote:
> Hi everyone,
> 
> May be you remember my previous post on "how to work freelance on a
> global scale". Thank for all your support and motivation.
> 
> And here I am holding first freelance agreement (Well not a big step
> for the human kind, but a big big step for me. ... no I've not
> resigned my full-time job yet :) )
> 
> However I'm a bit novice in these kinda stuff, and I don't want to
> p*ss off my very first attempt.
> 
> Here is the situation:
> 
> My client had made his site (say ABC.com) design by someone else whom
> he cannot contact anymore. His domain will expire in less than a
> month.
> 
> 1. He says that he can stand if his site is down a few weeks but
> he does not want to stop his e-mail correspondence (info at ABC.com,
> sales at ABC.com etc) for more than a day (or two at most)
> 2. (corollary to 1) He never forever wants to change his domain name
> or worse lose it.
> 
> Therefore two options come to my mind:
> 
> 1. find the current owner of the domain name and request him cancel
> his registration.
> 2. issue an "instant backorder" from some registrar service and hope
> that the owner does not extend his registration period.
> 
> Anything else that I can do?
> 
> Thank you very much in advance.
> --
> Volkan Ozcelik
> +>Yep! I'm blogging! : http://www.volkanozcelik.com/volkanozcelik/blog/
> +> My projects/studies/trials/errors : http://www.sarmal.com/



From dan.mccullough at gmail.com  Thu Nov 10 09:52:44 2005
From: dan.mccullough at gmail.com (Dan McCullough)
Date: Thu, 10 Nov 2005 10:52:44 -0500
Subject: [thelist] backordering, domain transfer and other issues.
In-Reply-To: <dfc81b090511100732q115211d0i@mail.gmail.com>
References: <dfc81b090511100542j7ae72661s@mail.gmail.com>
	<0MKp2t-1EaDXx04zh-0003hx@mrelay.perfora.net>
	<dfc81b090511100732q115211d0i@mail.gmail.com>
Message-ID: <faf1d2bd0511100752i19fc0080n57e620b97e994deb@mail.gmail.com>

You are correct the law is not very well former here and to make
matters worse is if the parties are from other countries, then you are
at the mercy of the registrar of record.  Who is the registrar? 
GoDaddy, NetSol?  Does your clients name appear anywhere on the
contact list for the registrar?

If the domain is that important to your client I would find an
inexpensive domain backorder service and sign up for the domain, but
in the meantime try and secure the domain from the registrar.

On 11/10/05, VOLKAN ?Z?EL?K <volkan.ozcelik at gmail.com> wrote:
> >  I assume but just to clarify, have you checked whois to determine who is
> > listed as the domain owner the site to see who is listed as the owner?
>
> Yes I did. It belongs to some individual (perhaps a freelance
> developer), an e-mail and a phone is provided.
>
> But I don't want to contact him unless absolutely necessary. This will
> make the deal hotter. May be has has alredy forgotten about it and me
> asking to drop his domain registration will pop a light bulb over his
> hand and offer me a high-price for it etc.
>
> > This is assuming your client is able to prove they paid
> > for the domain registration, or at the very least they own the web site -
> > pay the hosting fees and engaged the developer to create the site.
>
> I think he can prove he has paid for it. He is a legal entity, has
> accounting records, bills etc. But acting dispute legally will make
> things harder.
>
> As you may have deduced from the situation he does not even have a
> user/pass for the dns record he (or the developer) has purchased. He
> is -sorta- ignorant on the issue (though he is very competent in his
> business, the internet is relatively new for him ).
>
> I am not a legal man, but the domain name belongs to the one who has
> paid for it (i.e. the developer) - he has the power to renew it, drop
> it, re-sell it etc. - unless there is an issue on trademark, copyright
> infringement or other rights.
>
> Worse of all, the law related to cyberspace is not very well-formed here.
>
> Cheers,
> --
> Volkan Ozcelik
> +>Yep! I'm blogging! : http://www.volkanozcelik.com/volkanozcelik/blog/
> +> My projects/studies/trials/errors : http://www.sarmal.com/
> --
>
> * * Please support the community that supports you.  * *
> http://evolt.org/help_support_evolt/
>
> For unsubscribe and other options, including the Tip Harvester
> and archives of thelist go to: http://lists.evolt.org
> Workers of the Web, evolt !
>

From volkan.ozcelik at gmail.com  Thu Nov 10 10:19:14 2005
From: volkan.ozcelik at gmail.com (=?ISO-8859-9?Q?VOLKAN_=D6Z=C7EL=DDK?=)
Date: Thu, 10 Nov 2005 18:19:14 +0200
Subject: [thelist] backordering, domain transfer and other issues.
In-Reply-To: <faf1d2bd0511100752i19fc0080n57e620b97e994deb@mail.gmail.com>
References: <dfc81b090511100542j7ae72661s@mail.gmail.com>
	<0MKp2t-1EaDXx04zh-0003hx@mrelay.perfora.net>
	<dfc81b090511100732q115211d0i@mail.gmail.com>
	<faf1d2bd0511100752i19fc0080n57e620b97e994deb@mail.gmail.com>
Message-ID: <dfc81b090511100819i3faf72cw@mail.gmail.com>

> Who is the registrar?
> GoDaddy, NetSol?

Registrar: ONLINENIC, INC.
Whois Server: whois.OnlineNIC.com
Referral URL: http://www.OnlineNIC.com

> Does your clients name appear anywhere on the
> contact list for the registrar?

no it does not :(

Here are other details:

Registrant:
<the developer guy.>

Administrator:
<the developer guy.>

Technical Contactor:
<the developer guy.>

Billing Contactor:
<the developer guy.>

Registration Service Provider:
<some other corporation.>

Cheers,
--
Volkan Ozcelik
+>Yep! I'm blogging! : http://www.volkanozcelik.com/volkanozcelik/blog/
+> My projects/studies/trials/errors : http://www.sarmal.com/


From vreeland at studioframework.com  Thu Nov 10 10:35:14 2005
From: vreeland at studioframework.com (Robert Vreeland)
Date: Thu, 10 Nov 2005 11:35:14 -0500
Subject: [thelist] backordering, domain transfer and other issues.
In-Reply-To: <dfc81b090511100819i3faf72cw@mail.gmail.com>
Message-ID: <0MKp2t-1EaFOn4BKg-0003fl@mrelay.perfora.net>

Consider all that, I would go ahead and put in for a domain name transfer
through ONLINENINC and with ONLINENINC, after you get control you can move
it to another registrar, but for know you want them working with you. As
long as the developer guy isn't auto blocking domain name transfers he will
need to respond to the request to block it, and if he is out of business the
email may not be valid and the transfer will go through after a set time. \

Anyone else have a thought on this?

Robert

-----Original Message-----
From: thelist-bounces at lists.evolt.org
[mailto:thelist-bounces at lists.evolt.org] On Behalf Of VOLKAN ?Z?ELIK
Sent: Thursday, November 10, 2005 11:19 AM
To: thelist at lists.evolt.org
Subject: Re: [thelist] backordering, domain transfer and other issues.

> Who is the registrar?
> GoDaddy, NetSol?

Registrar: ONLINENIC, INC.
Whois Server: whois.OnlineNIC.com
Referral URL: http://www.OnlineNIC.com

> Does your clients name appear anywhere on the contact list for the 
> registrar?

no it does not :(

Here are other details:

Registrant:
<the developer guy.>

Administrator:
<the developer guy.>

Technical Contactor:
<the developer guy.>

Billing Contactor:
<the developer guy.>

Registration Service Provider:
<some other corporation.>

Cheers,
--
Volkan Ozcelik
+>Yep! I'm blogging! : http://www.volkanozcelik.com/volkanozcelik/blog/
+> My projects/studies/trials/errors : http://www.sarmal.com/
-- 

* * Please support the community that supports you.  * *
http://evolt.org/help_support_evolt/

For unsubscribe and other options, including the Tip Harvester and archives
of thelist go to: http://lists.evolt.org Workers of the Web, evolt ! 



From dan.mccullough at gmail.com  Thu Nov 10 10:37:13 2005
From: dan.mccullough at gmail.com (Dan McCullough)
Date: Thu, 10 Nov 2005 11:37:13 -0500
Subject: [thelist] backordering, domain transfer and other issues.
In-Reply-To: <dfc81b090511100819i3faf72cw@mail.gmail.com>
References: <dfc81b090511100542j7ae72661s@mail.gmail.com>
	<0MKp2t-1EaDXx04zh-0003hx@mrelay.perfora.net>
	<dfc81b090511100732q115211d0i@mail.gmail.com>
	<faf1d2bd0511100752i19fc0080n57e620b97e994deb@mail.gmail.com>
	<dfc81b090511100819i3faf72cw@mail.gmail.com>
Message-ID: <faf1d2bd0511100837q1f983fe3t1487a03a5d2e748d@mail.gmail.com>

Thats a tough one, I dont see many ways to get the domain back without
backorder (risky) or working something out with the former developer.

On 11/10/05, VOLKAN ?Z?EL?K <volkan.ozcelik at gmail.com> wrote:
> > Who is the registrar?
> > GoDaddy, NetSol?
>
> Registrar: ONLINENIC, INC.
> Whois Server: whois.OnlineNIC.com
> Referral URL: http://www.OnlineNIC.com
>
> > Does your clients name appear anywhere on the
> > contact list for the registrar?
>
> no it does not :(
>
> Here are other details:
>
> Registrant:
> <the developer guy.>
>
> Administrator:
> <the developer guy.>
>
> Technical Contactor:
> <the developer guy.>
>
> Billing Contactor:
> <the developer guy.>
>
> Registration Service Provider:
> <some other corporation.>
>
> Cheers,
> --
> Volkan Ozcelik
> +>Yep! I'm blogging! : http://www.volkanozcelik.com/volkanozcelik/blog/
> +> My projects/studies/trials/errors : http://www.sarmal.com/
> --
>
> * * Please support the community that supports you.  * *
> http://evolt.org/help_support_evolt/
>
> For unsubscribe and other options, including the Tip Harvester
> and archives of thelist go to: http://lists.evolt.org
> Workers of the Web, evolt !
>

From dan.mccullough at gmail.com  Thu Nov 10 10:47:34 2005
From: dan.mccullough at gmail.com (Dan McCullough)
Date: Thu, 10 Nov 2005 11:47:34 -0500
Subject: [thelist] backordering, domain transfer and other issues.
In-Reply-To: <0MKp2t-1EaFOn4BKg-0003fl@mrelay.perfora.net>
References: <dfc81b090511100819i3faf72cw@mail.gmail.com>
	<0MKp2t-1EaFOn4BKg-0003fl@mrelay.perfora.net>
Message-ID: <faf1d2bd0511100847p1a38eed2ld7a551ec70bfdb98@mail.gmail.com>

Forgot about that one, that is a good thought.  There is a time limit
to which he can respond to as well, and I will check but I believe it
is 72 hours.  The only problem I see is that if they dont want to
remind the developer about the domain as he might do something to make
it more difficult then this would definatly alert him unless as Robert
said he is no longer in business or that email address is no longer
valid.

On 11/10/05, Robert Vreeland <vreeland at studioframework.com> wrote:
> Consider all that, I would go ahead and put in for a domain name transfer
> through ONLINENINC and with ONLINENINC, after you get control you can move
> it to another registrar, but for know you want them working with you. As
> long as the developer guy isn't auto blocking domain name transfers he will
> need to respond to the request to block it, and if he is out of business the
> email may not be valid and the transfer will go through after a set time. \
>
> Anyone else have a thought on this?
>
> Robert
>
> -----Original Message-----
> From: thelist-bounces at lists.evolt.org
> [mailto:thelist-bounces at lists.evolt.org] On Behalf Of VOLKAN ?Z?ELIK
> Sent: Thursday, November 10, 2005 11:19 AM
> To: thelist at lists.evolt.org
> Subject: Re: [thelist] backordering, domain transfer and other issues.
>
> > Who is the registrar?
> > GoDaddy, NetSol?
>
> Registrar: ONLINENIC, INC.
> Whois Server: whois.OnlineNIC.com
> Referral URL: http://www.OnlineNIC.com
>
> > Does your clients name appear anywhere on the contact list for the
> > registrar?
>
> no it does not :(
>
> Here are other details:
>
> Registrant:
> <the developer guy.>
>
> Administrator:
> <the developer guy.>
>
> Technical Contactor:
> <the developer guy.>
>
> Billing Contactor:
> <the developer guy.>
>
> Registration Service Provider:
> <some other corporation.>
>
> Cheers,
> --
> Volkan Ozcelik
> +>Yep! I'm blogging! : http://www.volkanozcelik.com/volkanozcelik/blog/
> +> My projects/studies/trials/errors : http://www.sarmal.com/
> --
>
> * * Please support the community that supports you.  * *
> http://evolt.org/help_support_evolt/
>
> For unsubscribe and other options, including the Tip Harvester and archives
> of thelist go to: http://lists.evolt.org Workers of the Web, evolt !
>
> --
>
> * * Please support the community that supports you.  * *
> http://evolt.org/help_support_evolt/
>
> For unsubscribe and other options, including the Tip Harvester
> and archives of thelist go to: http://lists.evolt.org
> Workers of the Web, evolt !
>


From evolt at roselli.org  Thu Nov 10 10:48:08 2005
From: evolt at roselli.org (aardvark)
Date: Thu, 10 Nov 2005 11:48:08 -0500
Subject: [thelist] backordering, domain transfer and other issues.
In-Reply-To: <dfc81b090511100819i3faf72cw@mail.gmail.com>
References: <faf1d2bd0511100752i19fc0080n57e620b97e994deb@mail.gmail.com>
Message-ID: <43733378.2389.50B31B97@localhost>


i've been through the ICANN dispute resolution process for a domain 
name before, using WIPO as the arbitrator...

it sounds like the domain was registered by someone else for the 
client... your client needs to provide you with any correspondence 
supporting that...

you should also contact this person (the one who registered it) and 
outline the situation -- in writing... you could take care of this in 
no time in a best-case scenario...

in a worst-case scenario, i see two things happening...

1. the registrant tries to hold it hostage, in which case you file a 
dispute and go into arbitration...

2. the domain name gets grabbed by someone else, in which case you 
file a dispute and go into arbitration...

in which case, any correspondence asserting your claim can  help you 
out, especially if it's all accurate and friendly...

however, if calling this person can end this more quickly, then call 
the person... perhaps the person will just transfer it... they may 
even request a fee (time and materials), which is normal for any 
consultant because it is time out of his/her day...

asking for a fee dramatically above the cost of the domain only 
jeapordizes his/her case if it goes to arbitration...

remember, arbitatration considers three things:

- is domain name registered/used in bad faith
- does party have rights / legitimate interest in domain
- is domain identical / confusingly similar

if the person requests a large sum for transfer of a domain that was 
otherwise unused, then he/she has just satisfied the first item for 
you...

for some "caselaw" examples of former decisions, WIPO posts all the 
cases they arbitrate on their site:
	http://arbiter.wipo.int/domains/cases/all.html

i also receive a daily email linking to all cases decided that day:
	http://arbiter.wipo.int/subscribe/decisions.html

and no, IANAL, so YMMV

(insert 40 line disclaimer here...)



From dan.mccullough at gmail.com  Thu Nov 10 10:51:00 2005
From: dan.mccullough at gmail.com (Dan McCullough)
Date: Thu, 10 Nov 2005 11:51:00 -0500
Subject: [thelist] backordering, domain transfer and other issues.
In-Reply-To: <faf1d2bd0511100847p1a38eed2ld7a551ec70bfdb98@mail.gmail.com>
References: <dfc81b090511100819i3faf72cw@mail.gmail.com>
	<0MKp2t-1EaFOn4BKg-0003fl@mrelay.perfora.net>
	<faf1d2bd0511100847p1a38eed2ld7a551ec70bfdb98@mail.gmail.com>
Message-ID: <faf1d2bd0511100851jb999efdx587731c5be6d6b7d@mail.gmail.com>

Nope I was incorrect, and thought it was kinda funny.  The email must
be responsed to within 5 days of the transfer request, if not the
transfer is rejected.

On 11/10/05, Dan McCullough <dan.mccullough at gmail.com> wrote:
> Forgot about that one, that is a good thought.  There is a time limit
> to which he can respond to as well, and I will check but I believe it
> is 72 hours.  The only problem I see is that if they dont want to
> remind the developer about the domain as he might do something to make
> it more difficult then this would definatly alert him unless as Robert
> said he is no longer in business or that email address is no longer
> valid.
>
> On 11/10/05, Robert Vreeland <vreeland at studioframework.com> wrote:
> > Consider all that, I would go ahead and put in for a domain name transfer
> > through ONLINENINC and with ONLINENINC, after you get control you can move
> > it to another registrar, but for know you want them working with you. As
> > long as the developer guy isn't auto blocking domain name transfers he will
> > need to respond to the request to block it, and if he is out of business the
> > email may not be valid and the transfer will go through after a set time. \
> >
> > Anyone else have a thought on this?
> >
> > Robert
> >
> > -----Original Message-----
> > From: thelist-bounces at lists.evolt.org
> > [mailto:thelist-bounces at lists.evolt.org] On Behalf Of VOLKAN ?Z?ELIK
> > Sent: Thursday, November 10, 2005 11:19 AM
> > To: thelist at lists.evolt.org
> > Subject: Re: [thelist] backordering, domain transfer and other issues.
> >
> > > Who is the registrar?
> > > GoDaddy, NetSol?
> >
> > Registrar: ONLINENIC, INC.
> > Whois Server: whois.OnlineNIC.com
> > Referral URL: http://www.OnlineNIC.com
> >
> > > Does your clients name appear anywhere on the contact list for the
> > > registrar?
> >
> > no it does not :(
> >
> > Here are other details:
> >
> > Registrant:
> > <the developer guy.>
> >
> > Administrator:
> > <the developer guy.>
> >
> > Technical Contactor:
> > <the developer guy.>
> >
> > Billing Contactor:
> > <the developer guy.>
> >
> > Registration Service Provider:
> > <some other corporation.>
> >
> > Cheers,
> > --
> > Volkan Ozcelik
> > +>Yep! I'm blogging! : http://www.volkanozcelik.com/volkanozcelik/blog/
> > +> My projects/studies/trials/errors : http://www.sarmal.com/
> > --
> >
> > * * Please support the community that supports you.  * *
> > http://evolt.org/help_support_evolt/
> >
> > For unsubscribe and other options, including the Tip Harvester and archives
> > of thelist go to: http://lists.evolt.org Workers of the Web, evolt !
> >
> > --
> >
> > * * Please support the community that supports you.  * *
> > http://evolt.org/help_support_evolt/
> >
> > For unsubscribe and other options, including the Tip Harvester
> > and archives of thelist go to: http://lists.evolt.org
> > Workers of the Web, evolt !
> >
>


From dan.mccullough at gmail.com  Thu Nov 10 10:55:45 2005
From: dan.mccullough at gmail.com (Dan McCullough)
Date: Thu, 10 Nov 2005 11:55:45 -0500
Subject: [thelist] backordering, domain transfer and other issues.
In-Reply-To: <faf1d2bd0511100851jb999efdx587731c5be6d6b7d@mail.gmail.com>
References: <dfc81b090511100819i3faf72cw@mail.gmail.com>
	<0MKp2t-1EaFOn4BKg-0003fl@mrelay.perfora.net>
	<faf1d2bd0511100847p1a38eed2ld7a551ec70bfdb98@mail.gmail.com>
	<faf1d2bd0511100851jb999efdx587731c5be6d6b7d@mail.gmail.com>
Message-ID: <faf1d2bd0511100855u3ba4d6bfp6c8a90ec4acd592e@mail.gmail.com>

Just as an FYI.

http://www.onlinenic.com/english/agreements/disputes.html

The Dispute Policy that OnlineNIC abides by.

On 11/10/05, Dan McCullough <dan.mccullough at gmail.com> wrote:
> Nope I was incorrect, and thought it was kinda funny.  The email must
> be responsed to within 5 days of the transfer request, if not the
> transfer is rejected.
>
> On 11/10/05, Dan McCullough <dan.mccullough at gmail.com> wrote:
> > Forgot about that one, that is a good thought.  There is a time limit
> > to which he can respond to as well, and I will check but I believe it
> > is 72 hours.  The only problem I see is that if they dont want to
> > remind the developer about the domain as he might do something to make
> > it more difficult then this would definatly alert him unless as Robert
> > said he is no longer in business or that email address is no longer
> > valid.
> >
> > On 11/10/05, Robert Vreeland <vreeland at studioframework.com> wrote:
> > > Consider all that, I would go ahead and put in for a domain name transfer
> > > through ONLINENINC and with ONLINENINC, after you get control you can move
> > > it to another registrar, but for know you want them working with you. As
> > > long as the developer guy isn't auto blocking domain name transfers he will
> > > need to respond to the request to block it, and if he is out of business the
> > > email may not be valid and the transfer will go through after a set time. \
> > >
> > > Anyone else have a thought on this?
> > >
> > > Robert
> > >
> > > -----Original Message-----
> > > From: thelist-bounces at lists.evolt.org
> > > [mailto:thelist-bounces at lists.evolt.org] On Behalf Of VOLKAN ?Z?ELIK
> > > Sent: Thursday, November 10, 2005 11:19 AM
> > > To: thelist at lists.evolt.org
> > > Subject: Re: [thelist] backordering, domain transfer and other issues.
> > >
> > > > Who is the registrar?
> > > > GoDaddy, NetSol?
> > >
> > > Registrar: ONLINENIC, INC.
> > > Whois Server: whois.OnlineNIC.com
> > > Referral URL: http://www.OnlineNIC.com
> > >
> > > > Does your clients name appear anywhere on the contact list for the
> > > > registrar?
> > >
> > > no it does not :(
> > >
> > > Here are other details:
> > >
> > > Registrant:
> > > <the developer guy.>
> > >
> > > Administrator:
> > > <the developer guy.>
> > >
> > > Technical Contactor:
> > > <the developer guy.>
> > >
> > > Billing Contactor:
> > > <the developer guy.>
> > >
> > > Registration Service Provider:
> > > <some other corporation.>
> > >
> > > Cheers,
> > > --
> > > Volkan Ozcelik
> > > +>Yep! I'm blogging! : http://www.volkanozcelik.com/volkanozcelik/blog/
> > > +> My projects/studies/trials/errors : http://www.sarmal.com/
> > > --
> > >
> > > * * Please support the community that supports you.  * *
> > > http://evolt.org/help_support_evolt/
> > >
> > > For unsubscribe and other options, including the Tip Harvester and archives
> > > of thelist go to: http://lists.evolt.org Workers of the Web, evolt !
> > >
> > > --
> > >
> > > * * Please support the community that supports you.  * *
> > > http://evolt.org/help_support_evolt/
> > >
> > > For unsubscribe and other options, including the Tip Harvester
> > > and archives of thelist go to: http://lists.evolt.org
> > > Workers of the Web, evolt !
> > >
> >
>


From volkan.ozcelik at gmail.com  Thu Nov 10 10:58:00 2005
From: volkan.ozcelik at gmail.com (=?ISO-8859-9?Q?VOLKAN_=D6Z=C7EL=DDK?=)
Date: Thu, 10 Nov 2005 18:58:00 +0200
Subject: [thelist] backordering, domain transfer and other issues.
In-Reply-To: <faf1d2bd0511100847p1a38eed2ld7a551ec70bfdb98@mail.gmail.com>
References: <dfc81b090511100819i3faf72cw@mail.gmail.com>
	<0MKp2t-1EaFOn4BKg-0003fl@mrelay.perfora.net>
	<faf1d2bd0511100847p1a38eed2ld7a551ec70bfdb98@mail.gmail.com>
Message-ID: <dfc81b090511100858g23616930n@mail.gmail.com>

> unless as Robert said he is no longer in business or that email address is no
> longer valid.

The email address is supposed to be valid, since the contact urls
provided are all valid urls.

--
Volkan Ozcelik
+>Yep! I'm blogging! : http://www.volkanozcelik.com/volkanozcelik/blog/
+> My projects/studies/trials/errors : http://www.sarmal.com/


From dan.mccullough at gmail.com  Thu Nov 10 10:59:18 2005
From: dan.mccullough at gmail.com (Dan McCullough)
Date: Thu, 10 Nov 2005 11:59:18 -0500
Subject: [thelist] backordering, domain transfer and other issues.
In-Reply-To: <43733378.2389.50B31B97@localhost>
References: <faf1d2bd0511100752i19fc0080n57e620b97e994deb@mail.gmail.com>
	<dfc81b090511100819i3faf72cw@mail.gmail.com>
	<43733378.2389.50B31B97@localhost>
Message-ID: <faf1d2bd0511100859q104ada89jf7eda34e55826570@mail.gmail.com>

Good suggestions, and is the best option especially in this case.

On 11/10/05, aardvark <evolt at roselli.org> wrote:
>
> i've been through the ICANN dispute resolution process for a domain
> name before, using WIPO as the arbitrator...
>
> it sounds like the domain was registered by someone else for the
> client... your client needs to provide you with any correspondence
> supporting that...
>
> you should also contact this person (the one who registered it) and
> outline the situation -- in writing... you could take care of this in
> no time in a best-case scenario...
>
> in a worst-case scenario, i see two things happening...
>
> 1. the registrant tries to hold it hostage, in which case you file a
> dispute and go into arbitration...
>
> 2. the domain name gets grabbed by someone else, in which case you
> file a dispute and go into arbitration...
>
> in which case, any correspondence asserting your claim can  help you
> out, especially if it's all accurate and friendly...
>
> however, if calling this person can end this more quickly, then call
> the person... perhaps the person will just transfer it... they may
> even request a fee (time and materials), which is normal for any
> consultant because it is time out of his/her day...
>
> asking for a fee dramatically above the cost of the domain only
> jeapordizes his/her case if it goes to arbitration...
>
> remember, arbitatration considers three things:
>
> - is domain name registered/used in bad faith
> - does party have rights / legitimate interest in domain
> - is domain identical / confusingly similar
>
> if the person requests a large sum for transfer of a domain that was
> otherwise unused, then he/she has just satisfied the first item for
> you...
>
> for some "caselaw" examples of former decisions, WIPO posts all the
> cases they arbitrate on their site:
>        http://arbiter.wipo.int/domains/cases/all.html
>
> i also receive a daily email linking to all cases decided that day:
>        http://arbiter.wipo.int/subscribe/decisions.html
>
> and no, IANAL, so YMMV
>
> (insert 40 line disclaimer here...)
>
> --
>
> * * Please support the community that supports you.  * *
> http://evolt.org/help_support_evolt/
>
> For unsubscribe and other options, including the Tip Harvester
> and archives of thelist go to: http://lists.evolt.org
> Workers of the Web, evolt !
>


From evolt at kasimir-k.fi  Thu Nov 10 11:27:49 2005
From: evolt at kasimir-k.fi (Kasimir K)
Date: Thu, 10 Nov 2005 17:27:49 +0000
Subject: [thelist] backordering, domain transfer and other issues.
In-Reply-To: <dfc81b090511100858g23616930n@mail.gmail.com>
References: <dfc81b090511100819i3faf72cw@mail.gmail.com>	<0MKp2t-1EaFOn4BKg-0003fl@mrelay.perfora.net>	<faf1d2bd0511100847p1a38eed2ld7a551ec70bfdb98@mail.gmail.com>
	<dfc81b090511100858g23616930n@mail.gmail.com>
Message-ID: <43738315.4090507@kasimir-k.fi>

VOLKAN ?Z?EL?K scribeva in 2005-11-10 16:58:
> The email address is supposed to be valid

Take a new hotmail address and send a mail "Hi, just testing if your 
email address is valid, sorry for any inconvenience". If it bounces, 
then you know address was invalid. If it doesn't, then it is supposedly 
valid.

Bear in mind though, that the said developer might be reading this list, 
and if he receives a mail with those words he might get suspicious :-)

.k


From peter at easylistbox.com  Thu Nov 10 11:29:57 2005
From: peter at easylistbox.com (Peter Brunone (EasyListBox.com))
Date: Thu, 10 Nov 2005 10:29:57 -0700
Subject: [thelist] Weird ASP.NET problem
Message-ID: <6a2e29e85f7d42e6823e551c52a2e355@easylistbox.com>

   It might help to know what line of Javascript is causing this error.  The rendered HTML of the page would be good to have (send a link if you like to avoid posting all of that to the list).

 From: Asif Suria asifsuria at yahoo.com

Hello,

I am trying to write some ASP.NET (C#) code that will
copy the information entered in certain fields
(current address) to certain other fields (permanent
address) when a checkbox is clicked. I used an example
listed on a microsoft website to build my code but
when the checkbox is clicked, nothing happens. The
page seems to have some sort of Javascript error (this
Javascript is generated by the ASP.NET page)

"error: object doesn't support this property or
method"

A stripped down version of the code is given below.
Any insights would be greatly appreciated as I have
been staring at this for over 2 hours and cant seem to
figure out what is wrong. Googling this problem brough
up posts from other folks who had the same problem but
no resolutions. 

Thanks,
Asif
http://www.sinletter.com

--------------BEGIN CODE------------------------------

 void Check_Clicked(object sender, EventArgs e)
 {
 if(SameAddress.Checked)
 txtOStreet1.Text = txtCStreet1;
 else
 txtOStreet1.Text = "";

 }

 void Submit_Click(object sender, EventArgs e) {

 panelForm.Visible = false;

 MyHeading.Text="Thank you. Your request has
been submitted.";
 MyHeading.Visible = true;
 }

type="text/css" rel="stylesheet" />

Runat="Server">

cellspacing="2" cellpadding="2" width="650"
border="0">

 width="400">
Current Mailing
Address 
	 width="250">
  

cellspacing="2" cellpadding="2" width="650"
border="1">

 width="150" height="25">
Street
1 	 height="25">
Street
2* 	 height="25">
Valid
Until 	 height="25">

cellspacing="2" cellpadding="2" width="650"
border="0">

 width="400">
Permanent
Address 
	 width="250">

cellspacing="2" cellpadding="2" width="650"
border="1">

 width="150" height="25">
Street
1 	 height="25">
Street
2* 	 height="25">
Valid
Until 	 height="25">




From philip at turmel.org  Thu Nov 10 12:10:55 2005
From: philip at turmel.org (Phil Turmel)
Date: Thu, 10 Nov 2005 13:10:55 -0500
Subject: [thelist] backordering, domain transfer and other issues.
In-Reply-To: <dfc81b090511100732q115211d0i@mail.gmail.com>
References: <dfc81b090511100542j7ae72661s@mail.gmail.com>	<0MKp2t-1EaDXx04zh-0003hx@mrelay.perfora.net>
	<dfc81b090511100732q115211d0i@mail.gmail.com>
Message-ID: <43738D2F.8000900@turmel.org>

VOLKAN ?Z?EL?K wrote:
> I am not a legal man, but the domain name belongs to the one who has
> paid for it (i.e. the developer) - he has the power to renew it, drop
> it, re-sell it etc. - unless there is an issue on trademark, copyright
> infringement or other rights.
> 
> Worse of all, the law related to cyberspace is not very well-formed here.

IANAL either, but I did read the domain name dispute resolution policy 
some years ago.  It was pretty explicit that registering a domain name 
did NOT give you exclusive rights to it, just presumed rights until 
challenged.

If the developer registered the name for your client as part of a paid 
transaction, then the developer is just an agent, and your client is 
entitled to hold the domain name directly.  If original contract terms 
dictate specific payments in this case, they would be binding, but 
otherwise your client should be able to ask for the registration to be 
transferred to his name.

Dispute resolution doesn't apply until there's a dispute, though.  So 
you won't be able to do ANYTHING until you ask the developer to transfer 
the name, and he/she says no.

You have to ask (nicely would be a good idea).

Then you might want to look at para 4.c.iii of the policy:

http://www.icann.org/udrp/udrp-policy-24oct99.htm

Phil


From evoltlist at delime.com  Thu Nov 10 12:44:41 2005
From: evoltlist at delime.com (M. Seyon)
Date: Thu, 10 Nov 2005 14:44:41 -0400
Subject: [thelist] backordering, domain transfer and other issues.
In-Reply-To: <dfc81b090511100819i3faf72cw@mail.gmail.com>
References: <faf1d2bd0511100752i19fc0080n57e620b97e994deb@mail.gmail.com>
	<dfc81b090511100542j7ae72661s@mail.gmail.com>
	<0MKp2t-1EaDXx04zh-0003hx@mrelay.perfora.net>
	<dfc81b090511100732q115211d0i@mail.gmail.com>
	<faf1d2bd0511100752i19fc0080n57e620b97e994deb@mail.gmail.com>
Message-ID: <4.2.0.58.20051110143115.01fc88c0@mx.delime.com>

Message from =?ISO-8859-9?Q?VOLKAN_=D6Z=C7EL=DDK?= (11/10/2005 06:19 PM)



>Registrant:
><the developer guy.>

Although this is a bit after the fact, this article may be useful for 
future reference:
http://www.keytlaw.com/urls/whocontrols.htm

Particularly, look about 14 paragraphs down, the one that starts,
"Whenever a person or entity other than the party that is the actual owner 
of a domain name is named as the Registrant of the domain name..."

Also I wouldn't recommend the idea of letting the domain expire then 
renewing as it'll probably be at least a month, and as much as 2+ months 
before it becomes available again. You can google around for how it works, 
it varies from registrar to registrar, but this article sums it up quite 
nicely:
http://www.igoldrush.com/expired1.htm

I'm curious. Did the developer and the site owner part on bad terms? Is 
that why he can't just contact him and ask him to transfer the domain? If 
so remember there are two sides to every story - the site owner may not 
have paid the developer, or some such, hence the breakdown in 
communication. If that is the case, would you want to work with this person?

regards.
-marc


From asifsuria at yahoo.com  Thu Nov 10 12:57:05 2005
From: asifsuria at yahoo.com (Asif Suria)
Date: Thu, 10 Nov 2005 10:57:05 -0800 (PST)
Subject: [thelist] Weird ASP.NET problem - Link Posted
In-Reply-To: <6a2e29e85f7d42e6823e551c52a2e355@easylistbox.com>
Message-ID: <20051110185705.10305.qmail@web53403.mail.yahoo.com>

Here is a link to the page so that you can take a look
at the rendered HTML and Javascript.

The error occurs when you click on the check box.

http://www.sinletter.com/TestFile.aspx

Thanks,
Asif

--- Peter Brunone <peter at easylistbox.com> wrote:

>    It might help to know what line of Javascript is
> causing this error.  The rendered HTML of the page
> would be good to have (send a link if you like to
> avoid posting all of that to the list).
> 
>  From: Asif Suria asifsuria at yahoo.com
> 
> Hello,
> 
> I am trying to write some ASP.NET (C#) code that
> will
> copy the information entered in certain fields
> (current address) to certain other fields (permanent
> address) when a checkbox is clicked. I used an
> example
> listed on a microsoft website to build my code but
> when the checkbox is clicked, nothing happens. The
> page seems to have some sort of Javascript error
> (this
> Javascript is generated by the ASP.NET page)
> 
> "error: object doesn't support this property or
> method"
> 
> A stripped down version of the code is given below.
> Any insights would be greatly appreciated as I have
> been staring at this for over 2 hours and cant seem
> to
> figure out what is wrong. Googling this problem
> brough
> up posts from other folks who had the same problem
> but
> no resolutions. 
> 
> Thanks,
> Asif
> http://www.sinletter.com
> 
> --------------BEGIN
> CODE------------------------------
> 
>  void Check_Clicked(object sender, EventArgs e)
>  {
>  if(SameAddress.Checked)
>  txtOStreet1.Text = txtCStreet1;
>  else
>  txtOStreet1.Text = "";
> 
>  }
> 
>  void Submit_Click(object sender, EventArgs e) {
> 
>  panelForm.Visible = false;
> 
>  MyHeading.Text="Thank you. Your request has
> been submitted.";
>  MyHeading.Visible = true;
>  }
> 
> type="text/css" rel="stylesheet" />
> 
> Runat="Server">
> 
> cellspacing="2" cellpadding="2" width="650"
> border="0">
> 
>  width="400">
> Current Mailing
> Address 
> 	 width="250">
>   
> 
> cellspacing="2" cellpadding="2" width="650"
> border="1">
> 
>  width="150" height="25">
> Street
> 1 	 height="25">
> Street
> 2* 	 height="25">
> Valid
> Until 	 height="25">
> 
> cellspacing="2" cellpadding="2" width="650"
> border="0">
> 
>  width="400">
> Permanent
> Address 
> 	 width="250">
> 
> cellspacing="2" cellpadding="2" width="650"
> border="1">
> 
>  width="150" height="25">
> Street
> 1 	 height="25">
> Street
> 2* 	 height="25">
> Valid
> Until 	 height="25">
> 
> 
> -- 
> 
> * * Please support the community that supports you. 
> * *
> http://evolt.org/help_support_evolt/
> 
> For unsubscribe and other options, including the Tip
> Harvester 
> and archives of thelist go to:
> http://lists.evolt.org 
> Workers of the Web, evolt ! 
> 



	
		
__________________________________ 
Yahoo! Mail - PC Magazine Editors' Choice 2005 
http://mail.yahoo.com


From RPringle at aurora-il.org  Thu Nov 10 13:03:35 2005
From: RPringle at aurora-il.org (Pringle, Ron)
Date: Thu, 10 Nov 2005 13:03:35 -0600
Subject: [thelist] backordering, domain transfer and other issues.
Message-ID: <4A27645B1A4F4D4181909FA5D213FEF402C82A@coaexb.coa.aurora-il.org>


> I'm curious. Did the developer and the site owner part on bad 
> terms? Is 
> that why he can't just contact him and ask him to transfer 
> the domain? If 
> so remember there are two sides to every story - the site 
> owner may not 
> have paid the developer, or some such, hence the breakdown in 
> communication. If that is the case, would you want to work 
> with this person?
> 
> regards.
> -marc 

I agree with Marc. Having been a freelance developer and designer for many
years, I have come across situations like this maybe half a dozen times. Of
those 6 times, twice I was burned by the client. The first time was my own
naivete, the second time it happened despite my research efforts. Turns out
both the former developer AND the client were #$!%holes.

Of course as a freelancer, you have to find work, take on jobs and get the
bills paid. But I highly recommend that you interview the client as much as
they interview you. And don't be afraid to fire bad clients. And remember
that legally binding contracts are only legally binding if you have the
willpower and money to enforce them.

In this situation, I'd highly recommend attempting to contact the former
developer and find out the rest of the story. As others have suggested, this
might lead to a very quick resolution, or at the very least may inform your
decision as to whether this job is worth having.

Good luck!

Ron


From judah at wiredotter.com  Thu Nov 10 14:30:31 2005
From: judah at wiredotter.com (Judah McAuley)
Date: Thu, 10 Nov 2005 12:30:31 -0800
Subject: [thelist] mysql fulltext index and relational tables
Message-ID: <4373ADE7.1010001@wiredotter.com>

I suspect I know that answer to this already, but I want to check in 
with thelist before I go back and change things.

I'm setting up a new mysql db (version 4.1) and have set up several 
tables with foriegn keys defined. Now I want to add a full text index to 
a field in a table.

However, as near as I can tell, you have to have tables of type InnoDB 
for foreign keys and InnoDB tables do not support full text indices.
Fulltext seems to require a MyIsam table type and that table type 
doesn't support foreign keys.

So, is there any way to have full text indices and relational integrity?

Thanks,
Judah


From john.destefano at gmail.com  Thu Nov 10 15:06:49 2005
From: john.destefano at gmail.com (John DeStefano)
Date: Thu, 10 Nov 2005 16:06:49 -0500
Subject: [thelist] live site thumbnails?
Message-ID: <f2160e0d0511101306m5cd60eeeq534b217bff4f0d78@mail.gmail.com>

Hi all!

Was about to update a portfolio page, and wondered if there were an
app/function out there that could take a peek at a live page, and from
that produce a "live" image... "live" being relative, meaning I
wouldn't mind if there were a delay in updating the image (a few
hours, a day, even a week would be fine).

I have a table with thumbnail images of sites in one column, and a
brief description of the site/design in another.  When one clicks that
thumbnail, they're brought either to the live site, or to a
non-functioning replica of a defunct site.  I'm wondering whether
something could auto-magically create those current site thumbnails
for me to keep them current (and help promote my laziness).

While it would take me all of a few minutes to take some screen shots
every so often and upload them, if there's already a very cool
solution out there, why not use it?  So I figured I'd ask...

Thanks!
~John


From neal at constructweb.com  Thu Nov 10 15:54:36 2005
From: neal at constructweb.com (Neal Watkins)
Date: Thu, 10 Nov 2005 16:54:36 -0500
Subject: [thelist] special character auto render
Message-ID: <20051110165436.03qbkfkvb400gwcg@www.constructweb.com>

anybody remember the site (sites) that auto render sprecial characters for bulk
text

it will render all the  "  ?  " in text to  " &#243;  "  etc etc

gracius mucho

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Neal Watkins
www.constructweb.com


From codepo8 at gmail.com  Thu Nov 10 16:05:49 2005
From: codepo8 at gmail.com (Christian Heilmann)
Date: Thu, 10 Nov 2005 22:05:49 +0000
Subject: [thelist] special character auto render
In-Reply-To: <20051110165436.03qbkfkvb400gwcg@www.constructweb.com>
References: <20051110165436.03qbkfkvb400gwcg@www.constructweb.com>
Message-ID: <30bd6ffd0511101405u46652d4dsbe5553ac7df91088@mail.gmail.com>

> anybody remember the site (sites) that auto render sprecial characters for bulk
> text
>
> it will render all the  "  ?  " in text to  " &#243;  "  etc etc

I did one shortly after I learnt how to bang rocks together:

http://www.onlinetools.org/tools/htmlizerdata/

If you have PHP at your disposal the functions to use are
htmlspecialchars() and htmlentities().

http://uk.php.net/htmlentities

Most editors also come with that option, and I wrote a script for
Homesite if you need it.

--
Chris Heilmann
Blog: http://www.wait-till-i.com
Writing: http://icant.co.uk/
Binaries: http://www.onlinetools.org/


From apwebdesign at yahoo.com  Thu Nov 10 17:00:48 2005
From: apwebdesign at yahoo.com (Anthony Ettinger)
Date: Thu, 10 Nov 2005 15:00:48 -0800 (PST)
Subject: [thelist] best registrar?
Message-ID: <20051110230049.98731.qmail@web51104.mail.yahoo.com>

I've used godaddy.com, smallbiz.yahoo.com, and
mydomain.com

Yahoo offer's $3 initial domain, the others are under
$10 ongoing.

I don't like godaddy's spammyness, but they do have a
good interface aside from the ads. Also, I can put bs
in a contact field instead o f my rel addy. I think
it's total bs that they want me to pay $10 extra to
"privitize' my info.

Yahoo forces me to use my real name.

Mydomain.com, nothin' special. Not as good an
interface as godaddy.com

Anybody have any other suggestions?

I have about 20 domains, and it's getting expensive.




Anthony Ettinger
ph: (408) 656-2473
web: http://www.apwebdesign.com


From JCanfield at PacAdvantage.org  Thu Nov 10 17:13:47 2005
From: JCanfield at PacAdvantage.org (Canfield, Joel)
Date: Thu, 10 Nov 2005 15:13:47 -0800
Subject: [thelist] best registrar?
Message-ID: <D989D815774A9D45BB0AF4892EF73008B0E4C8@sem01prd.smf.pacadvantage.org>

> Anybody have any other suggestions?

Best? No idea. I use joker.com because, well, I always have. Not cheap
($12/year) but it works *exactly* as I expect in every aspect. Geeky
interface appeals to me as a recovering network admin, and despite being
in Germany (as in, time zone and language differences), their tech
support has always been responsive and helpful. I feel like I have total
control of my domain names (about 30 registered there.) Other than
higher cost than some, I've never had a single negative thought about
dealing with joker other than the scam-fear-triggering name.

joel


From april at farstrider.org  Thu Nov 10 19:09:38 2005
From: april at farstrider.org (April)
Date: Thu, 10 Nov 2005 17:09:38 -0800
Subject: [thelist] live site thumbnails?
In-Reply-To: <f2160e0d0511101306m5cd60eeeq534b217bff4f0d78@mail.gmail.com>
References: <f2160e0d0511101306m5cd60eeeq534b217bff4f0d78@mail.gmail.com>
Message-ID: <4373EF52.6070102@farstrider.org>

I actually asked this question a week or so ago (in a different form). 
I got many helpful answers, but none that were headless.  It was mostly 
software that takes screen captures with basic editing functionality, 
which should speed up the process a bit... but it only takes me a few 
second to do using the windows built in screen capture and a photoshop 
action, so it wasn't quite what I needed.  I'm did get a suggestion 
elsewhere to run mozilla and screen capturing software in linux, which 
is my big plans for this weekend.  I'll let you know how it goes.

John DeStefano wrote:
> Hi all!
> 
> Was about to update a portfolio page, and wondered if there were an
> app/function out there that could take a peek at a live page, and from
> that produce a "live" image... "live" being relative, meaning I
> wouldn't mind if there were a delay in updating the image (a few
> hours, a day, even a week would be fine).
> 
> I have a table with thumbnail images of sites in one column, and a
> brief description of the site/design in another.  When one clicks that
> thumbnail, they're brought either to the live site, or to a
> non-functioning replica of a defunct site.  I'm wondering whether
> something could auto-magically create those current site thumbnails
> for me to keep them current (and help promote my laziness).
> 
> While it would take me all of a few minutes to take some screen shots
> every so often and upload them, if there's already a very cool
> solution out there, why not use it?  So I figured I'd ask...
> 
> Thanks!
> ~John



From evoltlist at delime.com  Thu Nov 10 20:13:07 2005
From: evoltlist at delime.com (M. Seyon)
Date: Thu, 10 Nov 2005 22:13:07 -0400
Subject: [thelist] best registrar?
In-Reply-To: <20051110230049.98731.qmail@web51104.mail.yahoo.com>
Message-ID: <4.2.0.58.20051110221134.02b62ef8@mx.delime.com>

These days I use domainsite.com - from a recommendation I got on this same 
list some months back. $6.99 basic works for me.


>Also, I can put bs in a contact field instead o f my rel addy.
>
>Yahoo forces me to use my real name.

"A Registered Name Holder's willful provision of inaccurate or unreliable 
information...shall constitute a material breach of the Registered Name 
Holder-registrar contract and be a basis for cancellation of the Registered 
Name registration."
http://www.icann.org/registrars/ra-agreement-17may01.htm#3.7.7.2

If it bugs you that much get a PO box.

regards.
-marc


From Brian at hondaswap.com  Thu Nov 10 22:10:14 2005
From: Brian at hondaswap.com (Brian Cummiskey)
Date: Thu, 10 Nov 2005 23:10:14 -0500
Subject: [thelist] best registrar?
In-Reply-To: <20051110230049.98731.qmail@web51104.mail.yahoo.com>
References: <20051110230049.98731.qmail@web51104.mail.yahoo.com>
Message-ID: <437419A6.1080309@hondaswap.com>

Anthony Ettinger wrote:

> Anybody have any other suggestions?
> 

I've been using 10-domains.com for about 4 years now.  if you buy in 
bulk, you get a discount.  Also if you buy "credits" for future domains, 
its cheaper.


From vreeland at studioframework.com  Thu Nov 10 22:25:44 2005
From: vreeland at studioframework.com (Robert Vreeland)
Date: Thu, 10 Nov 2005 23:25:44 -0500
Subject: [thelist] Weird ASP.NET problem - Link Posted
In-Reply-To: <20051110185705.10305.qmail@web53403.mail.yahoo.com>
Message-ID: <0MKp2t-1EaQUN3qeg-0003iP@mrelay.perfora.net>

Asif,
Does your form tag have the attribute
	 runat="server"
In the tag; it is not there in the output. I ask because it looks like your
trying to use a post back event on a button which I believe will only work
from an ASP. Net Web Form, someone correct me if I'm wrong.

Robert



From volkan.ozcelik at gmail.com  Fri Nov 11 00:16:39 2005
From: volkan.ozcelik at gmail.com (=?ISO-8859-9?Q?VOLKAN_=D6Z=C7EL=DDK?=)
Date: Fri, 11 Nov 2005 08:16:39 +0200
Subject: [thelist] backordering, domain transfer and other issues.
In-Reply-To: <4A27645B1A4F4D4181909FA5D213FEF402C82A@coaexb.coa.aurora-il.org>
References: <4A27645B1A4F4D4181909FA5D213FEF402C82A@coaexb.coa.aurora-il.org>
Message-ID: <dfc81b090511102216h674decem@mail.gmail.com>

> > I'm curious. Did the developer and the site owner part on bad
> > terms?

Yes but this time it was, imho, the developer's fault. The current
site looks like a pile of garbage: both visually and the source code
behind:
- there is no style in text, (all times new roman, if you consider it
as a style)
- a layout with zillions of nested tables,
- hence extremely high body load,
- the layout distorts when resizing text (at least the text is
resizable -- that's a good thing anyway),
- the markup is full of MM_XXXyyzz (dreamweaver specific) scripts
written using in combination with a browser sniffing mechinism...
- There is no harmony, no color scheme; no saturation (full of vibrant
colors like #EE0000, #00CC00... which does not fit in the concept at
all),
- onclick event handlers all around and an extreme dependency on
javascript (well that's debatable as we are in the ajax era),
- extreme use of flash buttons (I don't say that flash is bad, but his
use of it was really really bad - It is apperant that he just dragged
and dropped the object into a table cell using dreamweaver),
- invalid markup (not the missing single quote or "your input is
placed in a missing container thing", the cell layout for the tables
was invalid; overlapping cell, wrong colspan rowspan value -- which is
also a consequence of extreme use of tables without knowing anything
at all about the internals and relying on the WYSIYWG stuff to
position them)

... I can extend the list further but I don't want to bore you.

If I were the client, I would not have paid a single penny for that design.

...

Anyway, thanks everyone for their input (including off the list replies).

I've contacted the client tonight and asked him that he should sort
things out with the developer, otherwise I'd do my best to re-take the
domain but underlined the fact that we cannot be 100% sure.

It was a long conversation, me explaining that he actually owns the
domain, if there is no contradictory term in his former agreement he
can dispute by legal means but it may take months (even years) to
conclude. I also offered instead of say abc.com we can take something
like theAbc.com which will not destroy the meaning as a worst case
scenario.

As per the payments, he does not seem to be a problem guy. I've
already invoiced and taken about one third of the estimate we agreed
upon without having written a single line of code. That was his offer
actually, not mine. He says, if I want to cancel the job before
starting it for any reason, it would be enough to send him the USD
equivalent of the initial capital (which is in local currency) back.
Not a bad deal, unless there is a develuation, economic crisis etc.

Cheers,
--
Volkan Ozcelik
+>Yep! I'm blogging! : http://www.volkanozcelik.com/volkanozcelik/blog/
+> My projects/studies/trials/errors : http://www.sarmal.com/


From evoltlist at delime.com  Fri Nov 11 00:39:41 2005
From: evoltlist at delime.com (M. Seyon)
Date: Fri, 11 Nov 2005 02:39:41 -0400
Subject: [thelist] backordering, domain transfer and other issues.
In-Reply-To: <dfc81b090511102216h674decem@mail.gmail.com>
References: <4A27645B1A4F4D4181909FA5D213FEF402C82A@coaexb.coa.aurora-il.org>
	<4A27645B1A4F4D4181909FA5D213FEF402C82A@coaexb.coa.aurora-il.org>
Message-ID: <4.2.0.58.20051111023409.02be4ee8@mx.delime.com>

Message from =?ISO-8859-9?Q?VOLKAN_=D6Z=C7EL=DDK?= (11/11/2005 08:16 AM)

> > > I'm curious. Did the developer and the site owner part on bad
> > > terms?
>
>Yes but this time it was, imho, the developer's fault.

Hi Volkan,

I'm not saying that it wasn't the developer's fault, and in this case you 
do seem to be correct. However when freelancing it's important to consider 
these things.


>I've contacted the client tonight and asked him that he should sort
>things out with the developer, otherwise I'd do my best to re-take the
>domain but underlined the fact that we cannot be 100% sure.

This sounds like a good idea. Keep in mind that goodwill is all well and 
good, but the time you may have spent analysing legal and technical issues 
and ramifications, and attempting to reclaim the domain, should be billable 
hours.

Your client is not in a position to know these things himself, partly 
through his own choice. That's why he has engaged your services, and you 
should be paid for this. Payment isn't only due for writing lines of code.


>I also offered instead of say abc.com we can take something
>like theAbc.com

unrelatedly, it's generally considered good practice, when referring to 
example domains, to say example.com as this domain has actually be reserved 
for exactly that purpose.

regards.
-marc


From volkan.ozcelik at gmail.com  Fri Nov 11 01:08:11 2005
From: volkan.ozcelik at gmail.com (=?ISO-8859-9?Q?VOLKAN_=D6Z=C7EL=DDK?=)
Date: Fri, 11 Nov 2005 09:08:11 +0200
Subject: [thelist] DOM + IE elements creation problem
In-Reply-To: <000b01c5e47a$8e678860$0301a8c0@caemlyn>
References: <30bd6ffd0511080401x38eb3239p9f04cc3ade150573@mail.gmail.com>
	<000b01c5e47a$8e678860$0301a8c0@caemlyn>
Message-ID: <dfc81b090511102308t6571813ft@mail.gmail.com>

Have you tried microsoft script debugger. It sometimes spots errors
that do not show in normal situations.

HTH,
--
Volkan Ozcelik
+>Yep! I'm blogging! : http://www.volkanozcelik.com/volkanozcelik/blog/
+> My projects/studies/trials/errors : http://www.sarmal.com/


From volkan.ozcelik at gmail.com  Fri Nov 11 01:59:31 2005
From: volkan.ozcelik at gmail.com (=?ISO-8859-9?Q?VOLKAN_=D6Z=C7EL=DDK?=)
Date: Fri, 11 Nov 2005 09:59:31 +0200
Subject: [thelist] Weird ASP.NET problem - Link Posted
In-Reply-To: <0MKp2t-1EaQUN3qeg-0003iP@mrelay.perfora.net>
References: <20051110185705.10305.qmail@web53403.mail.yahoo.com>
	<0MKp2t-1EaQUN3qeg-0003iP@mrelay.perfora.net>
Message-ID: <dfc81b090511102359m32a5e0fcg@mail.gmail.com>

> Does your form tag have the attribute
>         runat="server"

The form has a runat server. else there won't be any __VIEWSTATE.
runat attribute will not be visible on the response output. it is a
server-side tag.


--
Volkan Ozcelik
+>Yep! I'm blogging! : http://www.volkanozcelik.com/volkanozcelik/blog/
+> My projects/studies/trials/errors : http://www.sarmal.com/


From volkan.ozcelik at gmail.com  Fri Nov 11 02:18:42 2005
From: volkan.ozcelik at gmail.com (=?ISO-8859-9?Q?VOLKAN_=D6Z=C7EL=DDK?=)
Date: Fri, 11 Nov 2005 10:18:42 +0200
Subject: [thelist] special character auto render
In-Reply-To: <30bd6ffd0511101405u46652d4dsbe5553ac7df91088@mail.gmail.com>
References: <20051110165436.03qbkfkvb400gwcg@www.constructweb.com>
	<30bd6ffd0511101405u46652d4dsbe5553ac7df91088@mail.gmail.com>
Message-ID: <dfc81b090511110018x2dccc133q@mail.gmail.com>

>
> I did one shortly after I learnt how to bang rocks together:
>
> http://www.onlinetools.org/tools/htmlizerdata/
>

It has problems with some Turkish characters (who doesn't have -- even
gmail fails to encode my surname properly so I use Latin chars in my
signature.)

for instance ( ? ) ( small letter i with no dots on) is converted to
yacute which is incorrect.

But it does a good job none the less.

"encoding" is a universal headache anyway.

Cheers,
--
Volkan Ozcelik
+>Yep! I'm blogging! : http://www.volkanozcelik.com/volkanozcelik/blog/
+> My projects/studies/trials/errors : http://www.sarmal.com/

From evolt at kasimir-k.fi  Fri Nov 11 02:58:55 2005
From: evolt at kasimir-k.fi (Kasimir K)
Date: Fri, 11 Nov 2005 08:58:55 +0000
Subject: [thelist] special character auto render
In-Reply-To: <dfc81b090511110018x2dccc133q@mail.gmail.com>
References: <20051110165436.03qbkfkvb400gwcg@www.constructweb.com>	<30bd6ffd0511101405u46652d4dsbe5553ac7df91088@mail.gmail.com>
	<dfc81b090511110018x2dccc133q@mail.gmail.com>
Message-ID: <43745D4F.4020909@kasimir-k.fi>


VOLKAN ?Z?EL?K scribeva in 2005-11-11 08:18:
> It has problems with some Turkish characters (who doesn't have -- even
> gmail fails to encode my surname properly so I use Latin chars in my
> signature.)
...
> "encoding" is a universal headache anyway.


Yep, that's why we all should endeavor to use Unicode. Then the only 
html-entities we'd have to worry about are for <, > and &

.k


From evolt at kasimir-k.fi  Fri Nov 11 03:42:18 2005
From: evolt at kasimir-k.fi (Kasimir K)
Date: Fri, 11 Nov 2005 09:42:18 +0000
Subject: [thelist] Email header injection
Message-ID: <4374677A.1070007@kasimir-k.fi>

Hello,

on my personal site I've got a contact form, which is using PHP's mail() 
function. I do clean senders name and email address, as I want to have 
them in the header:
$name = preg_replace('/\n|\r/m', '', stripslashes($_POST['name']));

I thought this would keep me safe from header injections. But oddly it 
doesn't seem to be enough :-(

Here's the tail of headers from one mail:

To: mail at kasimir-k.fi
Subject: message from kasimir-k.fi
From: "witzerland6193 at kasimir-k.fi" <opens at eternal.nebula.fi>
Content-Type: text/plain; charset=\"us-ascii\"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: it could be called, on which the wheels
Status: O
X-UID: 23573
Content-Length: 133
X-Keywords:

Two first lines are as they should be. The third line is constructed 
from (cleaned) user input. Lines 4-7 should not be there - how did they 
get there? The last four lines I presume are added by the MTA or MDA.

So if I clean anything going in the header, and do stripslashes() to the 
message body, what on earth can put those extra headers in?

thanks,
.k


From juha.suni at ilmiantajat.fi  Fri Nov 11 03:53:08 2005
From: juha.suni at ilmiantajat.fi (Juha Suni)
Date: Fri, 11 Nov 2005 11:53:08 +0200
Subject: [thelist] special character auto render
References: <20051110165436.03qbkfkvb400gwcg@www.constructweb.com>	<30bd6ffd0511101405u46652d4dsbe5553ac7df91088@mail.gmail.com><dfc81b090511110018x2dccc133q@mail.gmail.com>
	<43745D4F.4020909@kasimir-k.fi>
Message-ID: <001601c5e6a5$b89b1250$3500a8c0@Zuni>

Kasimir K wrote:
> VOLKAN ?Z?EL?K scribeva in 2005-11-11 08:18:
> Yep, that's why we all should endeavor to use Unicode. Then the only
> html-entities we'd have to worry about are for <, > and &
>

&quot; would be nice too for, for example, quote-characters inside 
textfields:)

-- 
Suni 



From n.wilsdon at e3internet.com  Fri Nov 11 07:10:33 2005
From: n.wilsdon at e3internet.com (Nick Wilsdon)
Date: Fri, 11 Nov 2005 16:10:33 +0300
Subject: [thelist] Email header injection
In-Reply-To: <4374677A.1070007@kasimir-k.fi>
Message-ID: <200511111416.jABEGYAm023507@secure.e3host.com>

> So if I clean anything going in the header, and do stripslashes() to the 
>message body, what on earth can put those extra headers in?

Hi Kasimir

We had similar problems here which only ceased after protecting both the
front end form and the sendmail.php page. We stripped out 'Content-Type' as
well as putting in a capcha on the worse hit ones. If they can turn the form
into HTML they have an opportunity to use HEX characters, which you aren't
stripping out there. 

This link was very helpful:

http://securephp.damonkohler.com/index.php/Email_Injection

Best Regards,
 
Nick 
 
Managing Director
e3internet
http://www.e3internet.com 
 
 
 



From evolt at kasimir-k.fi  Fri Nov 11 08:26:09 2005
From: evolt at kasimir-k.fi (Kasimir K)
Date: Fri, 11 Nov 2005 14:26:09 +0000
Subject: [thelist] Email header injection
In-Reply-To: <200511111416.jABEGYAm023507@secure.e3host.com>
References: <200511111416.jABEGYAm023507@secure.e3host.com>
Message-ID: <4374AA01.3040203@kasimir-k.fi>

Nick Wilsdon scribeva in 2005-11-11 13:10:
> If they can turn the form
> into HTML they have an opportunity to use HEX characters, which you aren't
> stripping out there. 

But aren't both \n and %0A just different ways of presenting 00001010?

And injections seems to have been succesfull only a couple times (probes 
only fortunately). Another curious thing is, that as this exploit script 
seems to be using as form input the domain name in questions, I've put a 
test to catch those, and send myself a message with request headers and 
body. But a couple times this seems to have failed too.

Here's a sample of request bodies:
[message] => over3449 at kasimir-k.fi
[email] => at
Content-Type: text/plain; charset=\"us-ascii\"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: ow, suppose illigan s father whin he
bcc: onemoreaddress at hotpop.com

9048a0399b07ab486baafd4a0334ef1f
.

[send] => over3449 at kasimir-k.fi
[name] => over3449 at kasimir-k.fi

The script is normally executed as many times as there are fields in the 
form. It tries the header input for each field in turn, and rest it 
populates with the fake address.

So now I added a check for 'send' field - it is the submit button, so 
it's value should never be anything else than what it is set to. So if 
the value of 'send' is not 'send', then it is an exploit attempt. Let's 
see if this is enough.

.k


From evoltlist at delime.com  Fri Nov 11 08:40:09 2005
From: evoltlist at delime.com (M. Seyon)
Date: Fri, 11 Nov 2005 10:40:09 -0400
Subject: [thelist] Email header injection
In-Reply-To: <4374AA01.3040203@kasimir-k.fi>
References: <200511111416.jABEGYAm023507@secure.e3host.com>
	<200511111416.jABEGYAm023507@secure.e3host.com>
Message-ID: <4.2.0.58.20051111103206.028afd20@mx.delime.com>

Message from Kasimir K (11/11/2005 02:26 PM)

>Nick Wilsdon scribeva in 2005-11-11 13:10:
> > If they can turn the form
> > into HTML they have an opportunity to use HEX characters, which you aren't
> > stripping out there.
>
>But aren't both \n and %0A just different ways of presenting 00001010?

I strip the phrase Content-Type as well as those strings you mentioned.

>bcc: onemoreaddress at hotpop.com

I'll be keeping an eye on this thread as I got a bunch of these last night 
with this same bcc address.

regards.
-marc


From tonedoggydogg at hotmail.com  Thu Nov 10 16:23:00 2005
From: tonedoggydogg at hotmail.com (Tone Doggy Dogg)
Date: Thu, 10 Nov 2005 17:23:00 -0500
Subject: [thelist]  The best shopping cart?
Message-ID: <BAY107-F276CDE2CF053E10170613FA6660@phx.gbl>

As an owner of a hosting company and a web developer myselfl, I'd say the 
best free, Open Source option would be Zen-Cart followed by OS Commerce.  
Zen Cart is built using OS Commerce, but appears to be slightly more 
supported.  But OS Commerce has a lot more templates available.

Our hosting accounts come equipped with both OS Commerce and Zen Cart within 
(pretty much) 1-click installs.

In terms of payment solutions, both support Pay Pal and other 3rd party 
solutions, and they also support the most popular options.  I'd recommend 
using AuthorizeNet, since we can get your friend sete up w/ a merchant 
account w/ NO monthly fee.  :)

Visit ecommerce.toneee.com for more information on e-commerce and other 
merchant services.

:)




From dan.mccullough at gmail.com  Fri Nov 11 09:02:06 2005
From: dan.mccullough at gmail.com (Dan McCullough)
Date: Fri, 11 Nov 2005 10:02:06 -0500
Subject: [thelist] The best shopping cart?
In-Reply-To: <BAY107-F276CDE2CF053E10170613FA6660@phx.gbl>
References: <BAY107-F276CDE2CF053E10170613FA6660@phx.gbl>
Message-ID: <faf1d2bd0511110702r2b8c7933tb32bc3358b4edc86@mail.gmail.com>

Advertising?

On 11/10/05, Tone Doggy Dogg <tonedoggydogg at hotmail.com> wrote:
> As an owner of a hosting company and a web developer myselfl, I'd say the
> best free, Open Source option would be Zen-Cart followed by OS Commerce.
> Zen Cart is built using OS Commerce, but appears to be slightly more
> supported.  But OS Commerce has a lot more templates available.
>
> Our hosting accounts come equipped with both OS Commerce and Zen Cart within
> (pretty much) 1-click installs.
>
> In terms of payment solutions, both support Pay Pal and other 3rd party
> solutions, and they also support the most popular options.  I'd recommend
> using AuthorizeNet, since we can get your friend sete up w/ a merchant
> account w/ NO monthly fee.  :)
>
> Visit ecommerce.toneee.com for more information on e-commerce and other
> merchant services.
>
> :)
>
>
> --
>
> * * Please support the community that supports you.  * *
> http://evolt.org/help_support_evolt/
>
> For unsubscribe and other options, including the Tip Harvester
> and archives of thelist go to: http://lists.evolt.org
> Workers of the Web, evolt !
>


From jay.blanchard at THERMON.com  Fri Nov 11 09:03:02 2005
From: jay.blanchard at THERMON.com (Jay Blanchard)
Date: Fri, 11 Nov 2005 09:03:02 -0600
Subject: [thelist] The best shopping cart?
Message-ID: <0CEC8258A6E4D611BE5400306E1CC9270915AA6B@smtmb.tmc.local>

[snip]
Visit ecommerce.toneee.com for more information on e-commerce and other 
merchant services.

:)
[/snip]

:( SPAM

<tip type="smart questions">
http://www.catb.org/~esr/faqs/smart-questions.html
</tip>


From andrew at milords.com  Fri Nov 11 09:10:06 2005
From: andrew at milords.com (A Maynes)
Date: Fri, 11 Nov 2005 15:10:06 -0000
Subject: [thelist] The best shopping cart?
In-Reply-To: <faf1d2bd0511110702r2b8c7933tb32bc3358b4edc86@mail.gmail.com>
Message-ID: <001a01c5e6d2$00862880$4c64a8c0@WEBALIZER>

Of course he was and shame him


-----Original Message-----
From: Dan McCullough [mailto:dan.mccullough at gmail.com] 
Sent: 11 November 2005 15:02
To: thelist at lists.evolt.org
Subject: Re: [thelist] The best shopping cart?


Advertising?

On 11/10/05, Tone Doggy Dogg <tonedoggydogg at hotmail.com> wrote:
> As an owner of a hosting company and a web developer myselfl, I'd say 
> the best free, Open Source option would be Zen-Cart followed by OS 
> Commerce. Zen Cart is built using OS Commerce, but appears to be 
> slightly more supported.  But OS Commerce has a lot more templates 
> available.
>
> Our hosting accounts come equipped with both OS Commerce and Zen Cart 
> within (pretty much) 1-click installs.
>
> In terms of payment solutions, both support Pay Pal and other 3rd 
> party solutions, and they also support the most popular options.  I'd 
> recommend using AuthorizeNet, since we can get your friend sete up w/ 
> a merchant account w/ NO monthly fee.  :)
>
> Visit ecommerce.toneee.com for more information on e-commerce and 
> other merchant services.
>
> :)
>
>
> --
>
> * * Please support the community that supports you.  * * 
> http://evolt.org/help_support_evolt/
>
> For unsubscribe and other options, including the Tip Harvester and 
> archives of thelist go to: http://lists.evolt.org Workers of the Web, 
> evolt !
>
-- 

* * Please support the community that supports you.  * *
http://evolt.org/help_support_evolt/

For unsubscribe and other options, including the Tip Harvester 
and archives of thelist go to: http://lists.evolt.org 
Workers of the Web, evolt ! 




From pixelmech at yahoo.com  Fri Nov 11 09:13:40 2005
From: pixelmech at yahoo.com (Tom Dell'Aringa)
Date: Fri, 11 Nov 2005 07:13:40 -0800 (PST)
Subject: [thelist] Automatically updating copyright date in JavaScript -
	fallback?
Message-ID: <20051111151340.57600.qmail@web51412.mail.yahoo.com>

Hey there,

I've been using a kind of kludgy way to keep from updating our many pages with copyright dates
every year with a new year (2005-2006 for example). Here tis:

Copyright 2000-<span id="cdate"></span> Company name, etc etc.

<script type="text/javascript">
// <![CDATA[
var now = new Date()
document.getElementById("cdate").innerHTML = now.getFullYear();
// ]]>
</script>

This is problematic for a couple reasons:

1. JS inline code
2. Fails (no date) if JS turned off

We're not using a server side script for this because in some instances these are flat HTML files,
so the server side solution would only work for most, but not all pages.

Any suggestions? Possibly a way to use CSS :content? This is low on the radar with people here,
but I'd like a better solution.

Tom



http://www.pixelmech.com/
"I was in a convenience store reading a magazine and the clerk came up to me and said "This is not a library". so I said, "All right, I will talk louder then!"


From vreeland at studioframework.com  Fri Nov 11 09:19:00 2005
From: vreeland at studioframework.com (Robert Vreeland)
Date: Fri, 11 Nov 2005 10:19:00 -0500
Subject: [thelist] Weird ASP.NET problem - Link Posted
In-Reply-To: <dfc81b090511102359m32a5e0fcg@mail.gmail.com>
Message-ID: <0MKp2t-1EaagZ1t4t-0003fs@mrelay.perfora.net>

 

>> Does your form tag have the attribute
>>         runat="server"

>The form has a runat server. else there won't be any __VIEWSTATE.
>runat attribute will not be visible on the response output. it is a
server-side tag.


>Volkan Ozcelik

Right you are, sorry about that, my mind was swimming in molasses yesterday.
In any event, I ran the error through MS Visual Studio debugger and it is
choking on theForm.submit(). From the viewable code, it looks like your
trying to submit the form if they check the checkbox for use the same
address; personally, I would not want to auto-submit on that incase the User
made a mistake or wants to change their mind. Instead, let the User submit
normally and decide how to handle the mailing address server side based on
whether or not they checked the box.

Robert



From mrees at itsagoodprice.com  Fri Nov 11 09:20:45 2005
From: mrees at itsagoodprice.com (Mark Rees)
Date: Fri, 11 Nov 2005 15:20:45 -0000
Subject: [thelist] Automatically updating copyright date in JavaScript
	-fallback?
References: <20051111151340.57600.qmail@web51412.mail.yahoo.com>
Message-ID: <010501c5e6d3$7cc2db40$4500010a@gammaglobal.com>

> Copyright 2000-<span id="cdate"></span> Company name, etc etc.
>
> <script type="text/javascript">
> // <![CDATA[
> var now = new Date()
> document.getElementById("cdate").innerHTML = now.getFullYear();
> // ]]>
> </script>
>
> This is problematic for a couple reasons:
>
> 1. JS inline code
> 2. Fails (no date) if JS turned off

3. it uses the time on the client. Therefore if your client's clock is set
to 1984, your copyright line will read "2000-1984". I wonder what a lawyer
would make of that?

> We're not using a server side script for this because in some instances
these are flat HTML files,
> so the server side solution would only work for most, but not all pages.

Is SSI an option? Otherwise perhaps an annual search and replace in files
scheduled for January 1st? You could write a script to do this, or use a
suitable editor.








From codepo8 at gmail.com  Fri Nov 11 09:20:47 2005
From: codepo8 at gmail.com (Christian Heilmann)
Date: Fri, 11 Nov 2005 15:20:47 +0000
Subject: [thelist] Automatically updating copyright date in JavaScript -
	fallback?
In-Reply-To: <20051111151340.57600.qmail@web51412.mail.yahoo.com>
References: <20051111151340.57600.qmail@web51412.mail.yahoo.com>
Message-ID: <30bd6ffd0511110720r41de4ee0g14941350283a57da@mail.gmail.com>

> Hey there,
>
> I've been using a kind of kludgy way to keep from updating our many pages with copyright dates
> every year with a new year (2005-2006 for example). Here tis:
>
> Copyright 2000-<span id="cdate"></span> Company name, etc etc.
>
> <script type="text/javascript">
> // <![CDATA[
> var now = new Date()
> document.getElementById("cdate").innerHTML = now.getFullYear();
> // ]]>
> </script>
>
> This is problematic for a couple reasons:
>
> 1. JS inline code
> 2. Fails (no date) if JS turned off
>
> We're not using a server side script for this because in some instances these are flat HTML files,
> so the server side solution would only work for most, but not all pages.
>
> Any suggestions? Possibly a way to use CSS :content? This is low on the radar with people here,
> but I'd like a better solution.

You could set your server to parse .html as .shtml and use SSI
instead? Is it really necessary to renew the copyright statement, or
isn't it just *starting* from that year?


From joshua at waetech.com  Fri Nov 11 09:24:28 2005
From: joshua at waetech.com (Joshua Olson)
Date: Fri, 11 Nov 2005 10:24:28 -0500
Subject: [thelist] The best shopping cart?
In-Reply-To: <BAY107-F276CDE2CF053E10170613FA6660@phx.gbl>
Message-ID: <mailman.15.1260243362.27034.thelist@lists.evolt.org>

> -----Original Message-----
> From: Tone Doggy Dogg
> Sent: Thursday, November 10, 2005 5:23 PM
> 
> In terms of payment solutions, both support Pay Pal and other 
> 3rd party solutions, and they also support the most popular 
> options.   I'd recommend using AuthorizeNet, since we can 
> get your friend sete up w/ a merchant account w/ NO monthly 
> fee.  :)

Tone,

Even though your post does seem like blatant advertising, I'm curious as to
how one acquires a merchant account with no monthly fees.

Please elaborate.

<><><><><><><><><><>
Joshua L. Olson
WAE Tech Inc.
http://www.waetech.com/
Phone: 706.210.0168 
Fax: 413.812.4864

Monitor bandwidth usage on IIS6 in real-time:
http://www.waetech.com/services/iisbm/




From mwarden at gmail.com  Fri Nov 11 09:27:07 2005
From: mwarden at gmail.com (Matt Warden)
Date: Fri, 11 Nov 2005 10:27:07 -0500
Subject: [thelist] Automatically updating copyright date in JavaScript -
	fallback?
In-Reply-To: <20051111151340.57600.qmail@web51412.mail.yahoo.com>
References: <20051111151340.57600.qmail@web51412.mail.yahoo.com>
Message-ID: <bbc8fa430511110727p36941f50s388818873b1f332e@mail.gmail.com>

Tom,

On 11/11/05, Tom Dell'Aringa <pixelmech at yahoo.com> wrote:
> Copyright 2000-<span id="cdate"></span> Company name, etc etc.
>
> <script type="text/javascript">
> // <![CDATA[
> var now = new Date()
> document.getElementById("cdate").innerHTML = now.getFullYear();
> // ]]>
> </script>

Why not just put the word 'Present' in the span by default? So, non-JS
users will get "Copyright 2000-Present', JS users will get "Copyright
2000-$currentYear". Or, if you don't like that, move the 2000 into the
span, and have "Copyright <span>since 2000</span>" for non-JS,
"Copyright <span>2000-$currentYear</span>" for JS users.



--
Matt Warden
Miami University
Oxford, OH, USA
http://mattwarden.com


This email proudly and graciously contributes to entropy.


From mlist at dakic.com  Fri Nov 11 09:31:39 2005
From: mlist at dakic.com (Zeljko Dakic)
Date: Fri, 11 Nov 2005 09:31:39 -0600
Subject: [thelist] backordering, domain transfer and other issues.
In-Reply-To: <dfc81b090511100732q115211d0i@mail.gmail.com>
References: <dfc81b090511100542j7ae72661s@mail.gmail.com>	<0MKp2t-1EaDXx04zh-0003hx@mrelay.perfora.net>
	<dfc81b090511100732q115211d0i@mail.gmail.com>
Message-ID: <4374B95B.5020303@dakic.com>

Hey Volkan,

that other person, freelancer might be a guy just like you and client 
you have might have a dark side you will discover in a month or two. Why 
not try emailing it with nice note that you were asked by what is your 
client to modify his site and while looking at things you saw that 
domain is in his name, and ask him whats the story and whether he would 
be willing to transfer to your new client.

Most of the time I would discover that fellow developers can find common 
ground, there are exceptions though. Still this would seem like the most 
natural, painless and quickest method to resolve this issue.

Zeljko Dakic


VOLKAN ?Z?EL?K wrote:

>Yes I did. It belongs to some individual (perhaps a freelance
>developer), an e-mail and a phone is provided.
>
>But I don't want to contact him unless absolutely necessary. This will
>make the deal hotter. May be has has alredy forgotten about it and me
>asking to drop his domain registration will pop a light bulb over his
>hand and offer me a high-price for it etc.
>  
>



From pixelmech at yahoo.com  Fri Nov 11 09:32:10 2005
From: pixelmech at yahoo.com (Tom Dell'Aringa)
Date: Fri, 11 Nov 2005 07:32:10 -0800 (PST)
Subject: [thelist] Automatically updating copyright date in JavaScript -
	fallback?
In-Reply-To: <30bd6ffd0511110720r41de4ee0g14941350283a57da@mail.gmail.com>
Message-ID: <20051111153210.53672.qmail@web51411.mail.yahoo.com>

--- Christian Heilmann <codepo8 at gmail.com> wrote:

> You could set your server to parse .html as .shtml and use SSI
> instead? Is it really necessary to renew the copyright statement, or
> isn't it just *starting* from that year?

I think SSI is not an option (for whatever reason - I don't control these decisions). Apparently
according to our legal counsel, it's necessary. From what I've researched on the web, they are
wrong, but who am I!

Tom



http://www.pixelmech.com/
"I was in a convenience store reading a magazine and the clerk came up to me and said "This is not a library". so I said, "All right, I will talk louder then!"


From pixelmech at yahoo.com  Fri Nov 11 09:34:57 2005
From: pixelmech at yahoo.com (Tom Dell'Aringa)
Date: Fri, 11 Nov 2005 07:34:57 -0800 (PST)
Subject: [thelist] Automatically updating copyright date in JavaScript -
	fallback?
In-Reply-To: <bbc8fa430511110727p36941f50s388818873b1f332e@mail.gmail.com>
Message-ID: <20051111153457.52969.qmail@web51402.mail.yahoo.com>


--- Matt Warden <mwarden at gmail.com> wrote:

> Why not just put the word 'Present' in the span by default? So, non-JS
> users will get "Copyright 2000-Present', JS users will get "Copyright
> 2000-$currentYear". Or, if you don't like that, move the 2000 into the
> span, and have "Copyright <span>since 2000</span>" for non-JS,
> "Copyright <span>2000-$currentYear</span>" for JS users.

Yeah, that's the ticket! I was trying to think of a default value to put in there (since JS will
overwrite it anyway) for non-JS - that's exactly what I need. I like the 'since 2000' idea. 

Thanks

Tom


http://www.pixelmech.com/
"I was in a convenience store reading a magazine and the clerk came up to me and said "This is not a library". so I said, "All right, I will talk louder then!"


From peter at easylistbox.com  Fri Nov 11 09:37:59 2005
From: peter at easylistbox.com (Peter Brunone (EasyListBox.com))
Date: Fri, 11 Nov 2005 09:37:59 -0600
Subject: [thelist] Weird ASP.NET problem - Link Posted
In-Reply-To: <0MKp2t-1EaagZ1t4t-0003fs@mrelay.perfora.net>
Message-ID: <003a01c5e6d5$e5c5dfa0$0500a8c0@monkeyhouse>


	He's doing the copy action on postback.  Not necessarily the
best strategy, but that's the way ASP.NET works out of the box.  It's
not *processing* the information whhen you click the checkbox; it's
merely submitting the form back to the server for some alterations and
then reloading the page.  That's the postback mechanism.

	I saw it choke on the form.submit as well, as if the form
doesn't really exist.  This has been reported by someone else in the
past couple of months, and I wish I could remember what the answer was
(or what the subject line/list was).  For some reason it seems like
either (a) the tag structure was bad or (b) the dev needed to run the
asp.net install again.

*brain grinding*

Peter

-----Original Message-----
From: thelist-bounces at lists.evolt.org On Behalf Of Robert Vreeland

>> Does your form tag have the attribute
>>         runat="server"

>The form has a runat server. else there won't be any __VIEWSTATE. runat

>attribute will not be visible on the response output. it is a
server-side tag.


>Volkan Ozcelik

Right you are, sorry about that, my mind was swimming in molasses
yesterday. In any event, I ran the error through MS Visual Studio
debugger and it is choking on theForm.submit(). From the viewable code,
it looks like your trying to submit the form if they check the checkbox
for use the same address; personally, I would not want to auto-submit on
that incase the User made a mistake or wants to change their mind.
Instead, let the User submit normally and decide how to handle the
mailing address server side based on whether or not they checked the
box.

Robert





From evolt at kasimir-k.fi  Fri Nov 11 09:38:30 2005
From: evolt at kasimir-k.fi (Kasimir K)
Date: Fri, 11 Nov 2005 15:38:30 +0000
Subject: [thelist] Email header injection
In-Reply-To: <4.2.0.58.20051111103206.028afd20@mx.delime.com>
References: <200511111416.jABEGYAm023507@secure.e3host.com>	<200511111416.jABEGYAm023507@secure.e3host.com>
	<4.2.0.58.20051111103206.028afd20@mx.delime.com>
Message-ID: <4374BAF6.5010301@kasimir-k.fi>

> Message from Kasimir K (11/11/2005 02:26 PM)
>> bcc: onemoreaddress at hotpop.com

M. Seyon scribeva in 2005-11-11 14:40:
> I'll be keeping an eye on this thread as I got a bunch of these last night 
> with this same bcc address.

The same person is using also battsl1005 at aol.com, as last night I got 
attempts with both addresses at the same minute from the same IP-address 
(anonymous proxies allways of course).

Which makes me wonder: does the exploit script listen for any response? 
If so, would sending large amounts of garbage as a respons have any 
effect? And what are the resons not send garbage :-)

.k


From liam at megaproducts.co.uk  Fri Nov 11 10:09:58 2005
From: liam at megaproducts.co.uk (Liam Delahunty)
Date: Fri, 11 Nov 2005 16:09:58 +0000
Subject: [thelist] Email header injection
In-Reply-To: <4374BAF6.5010301@kasimir-k.fi>
References: <200511111416.jABEGYAm023507@secure.e3host.com>
	<4.2.0.58.20051111103206.028afd20@mx.delime.com>
	<4374BAF6.5010301@kasimir-k.fi>
Message-ID: <84367ce10511110809s246826caq@mail.gmail.com>

On 11/11/05, Kasimir K <evolt at kasimir-k.fi> wrote:
>
> Which makes me wonder: does the exploit script listen for any response?
> If so, would sending large amounts of garbage as a respons have any
> effect? And what are the resons not send garbage :-)

Because it's pointless, and bandwidth (+ costs).

I had a whole bunch of these a few weeks back, everything went quiet
and now another loads of attempts at almost every form on almost every
site. At least they've got a good spider!

Anyway, one simple addition to the form (this is in php) Just check if
the form has been submit ed from the web page.

if ($submit){
  if ($HTTP_REFERER != $SCRIPT_URI){
    reset($HTTP_POST_VARS);
    while (list($key,$val) = each($HTTP_POST_VARS)){
      $message .= "$key: $val\n";
    }
    // email admin / write to database
  }else{
    // deal with email normally...
    // DON'T FORGET LOTS MORE ERROR CHECKING!!!
  }
}

--
Kind regards,
Liam Delahunty


From cdorer at gmail.com  Fri Nov 11 10:14:17 2005
From: cdorer at gmail.com (Chris Dorer)
Date: Fri, 11 Nov 2005 11:14:17 -0500
Subject: [thelist] Email header injection
In-Reply-To: <84367ce10511110809s246826caq@mail.gmail.com>
References: <200511111416.jABEGYAm023507@secure.e3host.com>
	<4.2.0.58.20051111103206.028afd20@mx.delime.com>
	<4374BAF6.5010301@kasimir-k.fi>
	<84367ce10511110809s246826caq@mail.gmail.com>
Message-ID: <8ac626620511110814j6a423557g42e6258b330f625f@mail.gmail.com>

Can't you just spoof the referer from firefox. Sometimes it's blank b/c you
config'd ff not to send the referer

On 11/11/05, Liam Delahunty <liam at megaproducts.co.uk> wrote:
>
> On 11/11/05, Kasimir K <evolt at kasimir-k.fi> wrote:
> >
> > Which makes me wonder: does the exploit script listen for any response?
> > If so, would sending large amounts of garbage as a respons have any
> > effect? And what are the resons not send garbage :-)
>
> Because it's pointless, and bandwidth (+ costs).
>
> I had a whole bunch of these a few weeks back, everything went quiet
> and now another loads of attempts at almost every form on almost every
> site. At least they've got a good spider!
>
> Anyway, one simple addition to the form (this is in php) Just check if
> the form has been submit ed from the web page.
>
> if ($submit){
> if ($HTTP_REFERER != $SCRIPT_URI){
> reset($HTTP_POST_VARS);
> while (list($key,$val) = each($HTTP_POST_VARS)){
> $message .= "$key: $val\n";
> }
> // email admin / write to database
> }else{
> // deal with email normally...
> // DON'T FORGET LOTS MORE ERROR CHECKING!!!
> }
> }
>
> --
> Kind regards,
> Liam Delahunty
> --
>
> * * Please support the community that supports you. * *
> http://evolt.org/help_support_evolt/
>
> For unsubscribe and other options, including the Tip Harvester
> and archives of thelist go to: http://lists.evolt.org
> Workers of the Web, evolt !
>


From lee.kowalkowski at hmrcaspire.com  Fri Nov 11 10:17:18 2005
From: lee.kowalkowski at hmrcaspire.com (Kowalkowski, Lee (ASPIRE))
Date: Fri, 11 Nov 2005 16:17:18 -0000
Subject: [thelist] Automatically updating copyright date in JavaScript -
 fallback?
Message-ID: <76B1640C9BB1D546BA798A2C95E3155403A4216F@irm80489>

> Tom Dell'Aringa says:
>
> I've been using a kind of kludgy way to keep from updating 
> our many pages with copyright dates
> every year with a new year (2005-2006 for example). Here tis:
> 

Eh?  What's the point in giving your copyright a date range?  Copyright
should have a single date, the date of first publication.

Dunno where you are, so:

http://www.copyright.gov/title17/92chap3.html (US Law)
http://www.intellectual-property.gov.uk/std/faq/copyright/how_long.htm (UK
Law, Computer software falls under "Literary Work")

What's the purpose of expressing a date range when copyright's duration is
relative to the date you die?  Or the date of creation or first publication
for "works made for hire", whatever that means.

- LK.


===========================================================
Our e-mail domain has now changed from iraspire.com to hmrcaspire.com. Please update your address books.
===========================================================



From liam at megaproducts.co.uk  Fri Nov 11 10:19:44 2005
From: liam at megaproducts.co.uk (Liam Delahunty)
Date: Fri, 11 Nov 2005 16:19:44 +0000
Subject: [thelist] Email header injection
In-Reply-To: <8ac626620511110814j6a423557g42e6258b330f625f@mail.gmail.com>
References: <200511111416.jABEGYAm023507@secure.e3host.com>
	<4.2.0.58.20051111103206.028afd20@mx.delime.com>
	<4374BAF6.5010301@kasimir-k.fi>
	<84367ce10511110809s246826caq@mail.gmail.com>
	<8ac626620511110814j6a423557g42e6258b330f625f@mail.gmail.com>
Message-ID: <84367ce10511110819j65e450abq@mail.gmail.com>

On 11/11/05, Chris Dorer <cdorer at gmail.com> wrote:
> Can't you just spoof the referer from firefox. Sometimes it's blank b/c you
> config'd ff not to send the referer
>

True, but when you have a few hundred cases of emails coming in
(because they try the injection on every field) then missing the odd
one is a fair enough compromise.

Plus, for me the messages are put somewhere, and will still get
checked, it just will avoid the mail function and therefore reduce the
relaying threat.

--
Kind regards, Liam Delahunty


From pixelmech at yahoo.com  Fri Nov 11 10:31:20 2005
From: pixelmech at yahoo.com (Tom Dell'Aringa)
Date: Fri, 11 Nov 2005 08:31:20 -0800 (PST)
Subject: [thelist] Automatically updating copyright date in JavaScript -
	fallback?
In-Reply-To: <76B1640C9BB1D546BA798A2C95E3155403A4216F@irm80489>
Message-ID: <20051111163120.29457.qmail@web51415.mail.yahoo.com>

--- "Kowalkowski, Lee (ASPIRE)" <lee.kowalkowski at hmrcaspire.com> wrote:

> Eh?  What's the point in giving your copyright a date range?  Copyright
> should have a single date, the date of first publication.

You know how it is - we do what legal tells us to do. 

> Dunno where you are, so:
> http://www.copyright.gov/title17/92chap3.html (US Law)

I'm in the U.S., I've forwarded this to a legal contact for their review.

> What's the purpose of expressing a date range when copyright's duration is
> relative to the date you die?  Or the date of creation or first publication
> for "works made for hire", whatever that means.

I'm hardly a lawyer nor do I understand any of this - my main concern is the code. I hope it's
true we don't need a range, then we can leave the originating date hard coded and remove the
script altogether - removing a maintenance issue.

Tom


http://www.pixelmech.com/
"I was in a convenience store reading a magazine and the clerk came up to me and said "This is not a library". so I said, "All right, I will talk louder then!"


From evolt at kasimir-k.fi  Fri Nov 11 10:40:31 2005
From: evolt at kasimir-k.fi (Kasimir K)
Date: Fri, 11 Nov 2005 16:40:31 +0000
Subject: [thelist] Email header injection
In-Reply-To: <84367ce10511110809s246826caq@mail.gmail.com>
References: <200511111416.jABEGYAm023507@secure.e3host.com>	<4.2.0.58.20051111103206.028afd20@mx.delime.com>	<4374BAF6.5010301@kasimir-k.fi>
	<84367ce10511110809s246826caq@mail.gmail.com>
Message-ID: <4374C97F.1060807@kasimir-k.fi>

Liam Delahunty scribeva in 2005-11-11 16:09:
> Anyway, one simple addition to the form (this is in php) Just check if
> the form has been submit ed from the web page.

>   if ($HTTP_REFERER != $SCRIPT_URI){

This is good idea, but has some problems. The request headers are like:

     [Referer] => http://www.kasimir-k.fi/
     [Host] => www.kasimir-k.fi
     [Content-Type] => application/x-www-form-urlencoded
     [Connection] => Keep-Alive
     [Content-Length] => 332

So as on the web there are no links to my site that would include the 
script name (index.php), then the spiders have no way of knowing it. But 
if there were such links, then this method would fail, wouldn't it?

And the other problem is, that this would give false alarms: many people 
choose to hide the Referer for various reasons. And I believe that some 
firewalls do this by default (no sure though).

.k


From edc at wnc.quik.co.nz  Fri Nov 11 10:55:06 2005
From: edc at wnc.quik.co.nz (michael ensor)
Date: Sat, 12 Nov 2005 05:55:06 +1300
Subject: [thelist] [SPAM] Re: Automatically updating copyright date in
	JavaScript -	fallback?
References: <20051111163120.29457.qmail@web51415.mail.yahoo.com>
Message-ID: <001301c5e6e0$ad8403a0$8a7fea3c@oemcomputer>


Because in a [periodical] publication there are several different "flavours" of copyright, including layout, typography etc as well
as literary content.

Most of these operate on calendar years, so run from year of first creation, eg layout, so we end up having a range of relevant
years........up to and including the year of the latest content
----- Original Message -----
From: "Tom Dell'Aringa"
Sent: Saturday, November 12, 2005 5:31 AM
Subject: [SPAM] Re: [thelist] Automatically updating copyright date in JavaScript - fallback?


: --- "Kowalkowski, Lee (ASPIRE)" wrote:
:
: > Eh?  What's the point in giving your copyright a date range?  Copyright
: > should have a single date, the date of first publication.
:
: You know how it is - we do what legal tells us to do.
:
: > Dunno where you are, so:
: > http://www.copyright.gov/title17/92chap3.html (US Law)
:
: I'm in the U.S., I've forwarded this to a legal contact for their review.
:
: > What's the purpose of expressing a date range when copyright's duration is
: > relative to the date you die?  Or the date of creation or first publication
: > for "works made for hire", whatever that means.
:
: I'm hardly a lawyer nor do I understand any of this - my main concern is the code. I hope it's
: true we don't need a range, then we can leave the originating date hard coded and remove the
: script altogether - removing a maintenance issue.
:
: Tom



-- 
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.362 / Virus Database: 267.13.0/167 - Release Date: 11/11/05



From codepo8 at gmail.com  Fri Nov 11 10:58:04 2005
From: codepo8 at gmail.com (Christian Heilmann)
Date: Fri, 11 Nov 2005 16:58:04 +0000
Subject: [thelist] [SPAM] Re: Automatically updating copyright date in
	JavaScript - fallback?
In-Reply-To: <001301c5e6e0$ad8403a0$8a7fea3c@oemcomputer>
References: <20051111163120.29457.qmail@web51415.mail.yahoo.com>
	<001301c5e6e0$ad8403a0$8a7fea3c@oemcomputer>
Message-ID: <30bd6ffd0511110858v2a2c1944w6a2ce8cca3dad7fe@mail.gmail.com>

On 11/11/05, michael ensor <edc at wnc.quik.co.nz> wrote:
>
> Because in a [periodical] publication there are several different "flavours" of copyright, including layout, typography etc as well
> as literary content.
>
> Most of these operate on calendar years, so run from year of first creation, eg layout, so we end up having a range of relevant
> years........up to and including the year of the latest content

Which implies a real change of content, and not a constant change - or
displaying the date of the visitors' computers.

Therefore a logical (c) should only be changed at deployment and not
all the time.

--
Chris Heilmann
Blog: http://www.wait-till-i.com
Writing: http://icant.co.uk/
Binaries: http://www.onlinetools.org/


From n.wilsdon at e3internet.com  Fri Nov 11 11:01:52 2005
From: n.wilsdon at e3internet.com (Nick Wilsdon)
Date: Fri, 11 Nov 2005 20:01:52 +0300
Subject: [thelist] Email header injection
In-Reply-To: <84367ce10511110809s246826caq@mail.gmail.com>
Message-ID: <200511111807.jABI7Pt4019291@secure.e3host.com>

Liam wrote:

    // DON'T FORGET LOTS MORE ERROR CHECKING!!!
  }
}

Yes we were capturing IP's as well on the servers and banning them on the
firewall for a while. A lot of extra work for us over the weekend (200+ site
forms) but we've heard nothing since. 

Good luck though Kasimir. What was worrying me at the time is that spam is
reported pretty easily now, a few of these could get your IP(s) banned on
one of the RBLs. 

Best Regards,
 
Nick 
 
Managing Director
e3internet
http://www.e3internet.com 
 
 
 



From edc at wnc.quik.co.nz  Fri Nov 11 11:15:34 2005
From: edc at wnc.quik.co.nz (michael ensor)
Date: Sat, 12 Nov 2005 06:15:34 +1300
Subject: [thelist] [SPAM] Re: Automatically updating copyright date
	inJavaScript - fallback?
References: <20051111163120.29457.qmail@web51415.mail.yahoo.com><001301c5e6e0$ad8403a0$8a7fea3c@oemcomputer>
	<30bd6ffd0511110858v2a2c1944w6a2ce8cca3dad7fe@mail.gmail.com>
Message-ID: <000401c5e6e3$89ee7d00$8a7fea3c@oemcomputer>


----- Original Message -----
From: "Christian Heilmann"
Sent: Saturday, November 12, 2005 5:58 AM
Subject: Re: [thelist] [SPAM] Re: Automatically updating copyright date inJavaScript - fallback?


: On 11/11/05, michael ensor  wrote:
: >
: > Because in a [periodical] publication there are several different "flavours" of copyright, including layout, typography etc as
well
: > as literary content.
: >
: > Most of these operate on calendar years, so run from year of first creation, eg layout, so we end up having a range of relevant
: > years........up to and including the year of the latest content
:
: Which implies a real change of content, and not a constant change - or
: displaying the date of the visitors' computers.
:
: Therefore a logical (c) should only be changed at deployment and not
: all the time.

Correct, unless the content might be third party but then the author should request a specific copyright flag..........

and  even if using javascript, one can still just display the relevant year(s), and of course the headers can have more exact
information if applicable.

simple example: "date web site went live - fixed"  - " script [this_year] "....

I use a SSI with env variable, so that there is only one file to maintain, similarly the header reflects the content creation
date.....



-- 
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.362 / Virus Database: 267.13.0/167 - Release Date: 11/11/05



From jay.blanchard at THERMON.com  Fri Nov 11 11:20:31 2005
From: jay.blanchard at THERMON.com (Jay Blanchard)
Date: Fri, 11 Nov 2005 11:20:31 -0600
Subject: [thelist] Nested divs and a horizontal scrollbar PITA
Message-ID: <0CEC8258A6E4D611BE5400306E1CC9270915AA75@smtmb.tmc.local>

Alrighty, I have run smack into the "IE can't properly render nested divs
problem". It displays a horizontal scrollbar without a width attribute being
set for the body;

body {
	width: 99.75%; /* as large as I could go */
	margin: 0;
	padding: 0;
	background: #FFFFFF;
	font: 1em/1.7em verdana, arial, sans-serif;
}

The reason that this width has to be set is this, a div using the following;

#content div.warning{
	background-color: #FFCC99;
	border: 1px solid #993300;
	font-style: italic;
	padding: 5px;
}

is nested within a div using;

#content {
	background: #FFFFFF;
	font: 0.8em tahoma, arial, sans-serif;
	height: auto;
	text-align: justify;
	padding: 160px 70px 0px 70px;
}

so that the underlying mark-up looks like this;

<div id="content">
   <div class="warning">
   ...
   </div>
</div>

Is there a more elegant way of getting rid of the horizontal scrollbar that
degrades more cleanly? I have googled for a while now and have found nothing
that works well.

TVMIA!


From noah at tookish.net  Fri Nov 11 11:40:25 2005
From: noah at tookish.net (Noah St. Amand)
Date: Fri, 11 Nov 2005 12:40:25 -0500
Subject: [thelist] Email header injection
In-Reply-To: <200511111807.jABI7Pt4019291@secure.e3host.com>
References: <200511111807.jABI7Pt4019291@secure.e3host.com>
Message-ID: <BAYC1-PASMTP0422FE978602A5D7DD951886590@CEZ.ICE>

I've been seeing a bunch of these lately (as with Marc, I was getting a 
pile of them a few weeks ago, then they disappeared; they've come back 
in the last 24 hours or so).

One note -- I am checking the referrer, but allowing the mail to be sent 
when there's no referrer (because products like Norton Internet Security 
apparently strip the referrer).

Here are two solutions I'm considering:

1. setting a hidden variable in the form, and requiring that it be set 
in order to send the mail; this is obviously not a complete solution, 
but my thought is that setting the bar a little higher might cause the 
person/bot responsible to move on

2. setting a session cookie on the form page, and checking for its 
existence before mail is sent; setting a cookie that's completely 
superfluous for the user is obviously not ideal, but I think this would 
be effective

Anyway, I'm just interested in what other people with the same problem 
think about these solutions.

Cheers,
Noah


From evoltlist at delime.com  Fri Nov 11 11:44:30 2005
From: evoltlist at delime.com (M. Seyon)
Date: Fri, 11 Nov 2005 13:44:30 -0400
Subject: [thelist] Automatically updating copyright date in JavaScript -
 fallback?
In-Reply-To: <76B1640C9BB1D546BA798A2C95E3155403A4216F@irm80489>
Message-ID: <4.2.0.58.20051111133026.025a5d20@mx.delime.com>

Message from Kowalkowski, Lee (ASPIRE) (11/11/2005 04:17 PM)

> > Tom Dell'Aringa says:
> >
> > I've been using a kind of kludgy way to keep from updating
> > our many pages with copyright dates
> > every year with a new year (2005-2006 for example). Here tis:
> >
>
>Eh?  What's the point in giving your copyright a date range?  Copyright
>should have a single date, the date of first publication.

Because different portions of a website may have been published on 
different dates between that range?

regards.
-marc


From evolt at kasimir-k.fi  Fri Nov 11 12:45:22 2005
From: evolt at kasimir-k.fi (Kasimir K)
Date: Fri, 11 Nov 2005 18:45:22 +0000
Subject: [thelist] Email header injection
In-Reply-To: <BAYC1-PASMTP0422FE978602A5D7DD951886590@CEZ.ICE>
References: <200511111807.jABI7Pt4019291@secure.e3host.com>
	<BAYC1-PASMTP0422FE978602A5D7DD951886590@CEZ.ICE>
Message-ID: <4374E6C2.8040502@kasimir-k.fi>

Noah St. Amand scribeva in 2005-11-11 17:40:
> 1. setting a hidden variable in the form

The problem with this one is, that for the bots the hidden fields are 
not that hidden... Then again, as the bot is using the same value for 
all input fields (including submit) it would be easy to check if this is 
the case.

But no need for a hidden field, as submit's value can be also checked. 
In the form:
<input type="submit" name="send" value="send">
In PHP
if ($_POST['send'] != 'send') { ...

The strange thing though is, that this is not working for me every 
time... most of the time yes, but not always. And it sure beats me how 
it possible that 'weeping9702 at kasimir-k.fi' == 'send'

Obviously something very stupid which I'll be ashamed of later :-)

> 2. setting a session cookie on the form page

Same problem as with Referer: legit users would be bit - some people 
don't like cookies.

> Anyway, I'm just interested in what other people with the same problem 
> think about these solutions.

I think the key is that these bots use a fake email address as input for 
all fields except the one where they put the headers. If there are 
fields that we definitely know should not contain anything like that 
(submit, hidden fields, checkboxes, radios, ..) it is easy to check.

Once the bots learn to be so cleaver that they don't touch those fields, 
  one could use regular text input with value like: "check field, don't 
touch", and maybe disable the field too, maybe put it outside the 
viewport with css.

This is intriguing problem, as it shows us that even something so 
ridiculously simple as a contact form must be made secure. So it's no 
more just e-commerce and the likes that must be done properly - any 
script we put up there for public access must be throughly solid.

.k


From lists at ardentnewmedia.com  Fri Nov 11 13:08:32 2005
From: lists at ardentnewmedia.com (David Eleuterius)
Date: Fri, 11 Nov 2005 13:08:32 -0600
Subject: [thelist] Nested divs and a horizontal scrollbar PITA
In-Reply-To: <0CEC8258A6E4D611BE5400306E1CC9270915AA75@smtmb.tmc.local>
References: <0CEC8258A6E4D611BE5400306E1CC9270915AA75@smtmb.tmc.local>
Message-ID: <4374EC30.8000505@ardentnewmedia.com>

Jay Blanchard wrote:

> Is there a more elegant way of getting rid of the horizontal scrollbar that
> degrades more cleanly? I have googled for a while now and have found nothing
> that works well.
> 
> TVMIA!

Instead of setting a padding wdith, why not set a margin on your 
warning? Does that yield the same result?


From jay.blanchard at THERMON.com  Fri Nov 11 13:18:10 2005
From: jay.blanchard at THERMON.com (Jay Blanchard)
Date: Fri, 11 Nov 2005 13:18:10 -0600
Subject: [thelist] Nested divs and a horizontal scrollbar PITA
Message-ID: <0CEC8258A6E4D611BE5400306E1CC9270915AA79@smtmb.tmc.local>

[snip]
> Is there a more elegant way of getting rid of the horizontal scrollbar
that
> degrades more cleanly? I have googled for a while now and have found
nothing
> that works well.
> 
> TVMIA!

Instead of setting a padding wdith, why not set a margin on your 
warning? Does that yield the same result?
[/snip]

I tried that David, but to no avail. I can set a width on the warning that
removes the scrollbar. Interestingly enough I have another div nested later
in the page that does not cause this to happen...

#content div.footnote{
	padding: 5px;
	background-color: #CCCCCC;
	border: 1px solid #000000;
	text-align: center;
}


From asifsuria at yahoo.com  Fri Nov 11 13:43:46 2005
From: asifsuria at yahoo.com (Asif Suria)
Date: Fri, 11 Nov 2005 11:43:46 -0800 (PST)
Subject: [thelist] Weird ASP.NET problem - Link Posted
In-Reply-To: <003a01c5e6d5$e5c5dfa0$0500a8c0@monkeyhouse>
Message-ID: <20051111194346.20647.qmail@web53407.mail.yahoo.com>

Peter is right about the copy action during the
postback instead of a regular submit. 

I found a couple of articles on Microsoft's website
about making changes to the registry and changing some
settings. If that works out, I will email the solution
to the list. In the meantime if anyone else has clues,
please do let me know.

I wanted to thank all of you for taking the time to
look into this.

Asif
---------------------------------------------------
If the doors of perception were cleansed everything
would appear to man as it is, infinite. ? William
Blake.

http://www.sinletter.com

--- "Peter Brunone (EasyListBox.com)"
<peter at easylistbox.com> wrote:

> 
> 	He's doing the copy action on postback.  Not
> necessarily the
> best strategy, but that's the way ASP.NET works out
> of the box.  It's
> not *processing* the information whhen you click the
> checkbox; it's
> merely submitting the form back to the server for
> some alterations and
> then reloading the page.  That's the postback
> mechanism.
> 
> 	I saw it choke on the form.submit as well, as if
> the form
> doesn't really exist.  This has been reported by
> someone else in the
> past couple of months, and I wish I could remember
> what the answer was
> (or what the subject line/list was).  For some
> reason it seems like
> either (a) the tag structure was bad or (b) the dev
> needed to run the
> asp.net install again.
> 
> *brain grinding*
> 
> Peter
> 
> -----Original Message-----
> From: thelist-bounces at lists.evolt.org On Behalf Of
> Robert Vreeland
> 
> >> Does your form tag have the attribute
> >>         runat="server"
> 
> >The form has a runat server. else there won't be
> any __VIEWSTATE. runat
> 
> >attribute will not be visible on the response
> output. it is a
> server-side tag.
> 
> 
> >Volkan Ozcelik
> 
> Right you are, sorry about that, my mind was
> swimming in molasses
> yesterday. In any event, I ran the error through MS
> Visual Studio
> debugger and it is choking on theForm.submit(). From
> the viewable code,
> it looks like your trying to submit the form if they
> check the checkbox
> for use the same address; personally, I would not
> want to auto-submit on
> that incase the User made a mistake or wants to
> change their mind.
> Instead, let the User submit normally and decide how
> to handle the
> mailing address server side based on whether or not
> they checked the
> box.
> 
> Robert
> 
> 
> 
> -- 
> 
> * * Please support the community that supports you. 
> * *
> http://evolt.org/help_support_evolt/
> 
> For unsubscribe and other options, including the Tip
> Harvester 
> and archives of thelist go to:
> http://lists.evolt.org 
> Workers of the Web, evolt ! 
> 


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 


From evolt at kasimir-k.fi  Fri Nov 11 16:45:29 2005
From: evolt at kasimir-k.fi (Kasimir K)
Date: Fri, 11 Nov 2005 22:45:29 +0000
Subject: [thelist] Email header injection
In-Reply-To: <BAYC1-PASMTP0422FE978602A5D7DD951886590@CEZ.ICE>
References: <200511111807.jABI7Pt4019291@secure.e3host.com>
	<BAYC1-PASMTP0422FE978602A5D7DD951886590@CEZ.ICE>
Message-ID: <43751F09.8050809@kasimir-k.fi>

Noah St. Amand scribeva in 2005-11-11 17:40:
> 1. setting a hidden variable in the form, 

How about creating an unique id each time the form is requested, saving 
that id in a db and putting it also in the form in a hidden field. When 
a POST request is received the value of the hidden field must be found 
in the db or the script exits.

As the bot only makes the submitting request it can't have a correct 
value for the hidden field, however clever it is.

Even for forms that don't put any user input in the mail message's 
headers, this approach would save the annoyance of receiving the attempts.

.k


From nepolon at worlddomination.net  Fri Nov 11 17:00:19 2005
From: nepolon at worlddomination.net (Steve Lewis)
Date: Fri, 11 Nov 2005 15:00:19 -0800
Subject: [thelist] Email header injection
In-Reply-To: <43751F09.8050809@kasimir-k.fi>
References: <200511111807.jABI7Pt4019291@secure.e3host.com>	<BAYC1-PASMTP0422FE978602A5D7DD951886590@CEZ.ICE>
	<43751F09.8050809@kasimir-k.fi>
Message-ID: <43752283.8070100@worlddomination.net>

Kasimir K wrote:

> As the bot only makes the submitting request it can't have a correct 
> value for the hidden field, however clever it is.

so I code my bot to make a curl request, read your hidden form field 
value, and send it back for each request.  cake.

-- 
SteveL


From aspnet at thecrookstons.com  Fri Nov 11 16:55:58 2005
From: aspnet at thecrookstons.com (Casey)
Date: Fri, 11 Nov 2005 16:55:58 -0600
Subject: [thelist] parameters in classic asp
Message-ID: <001b01c5e713$15a336e0$6401a8c0@Papabear>

I have a new client with a large site written all in classic asp.  They have 
a login page that validates against an MS SQL database that is wide open to 
SQL injection attacks (I even demonstrated to the client: 'hi' or 1 = 1-- )

So, I need to swap out "SELECT * FROM users WHERE userid = '" & user_id & "' 
AND password = '" & password & "'"

with parameters: "SELECT * FROM users WHERE userid = @userid AND password = 
@password"

But I am having trouble figuring out how to do this in classic ASP.  I'm 
getting rather tired trying to find the answer on google.

http://www.webconcerns.co.uk/asp/accessqueries/accessqueries.asp
http://www.webconcerns.co.uk/asp/accessqueries/accessqueries.asp
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/ado270/htm/mdmthcreateparam.asp

To name a few.

I'm not looking for a free handout- just a point in the right direction.

Thanks. 



From aspnet at thecrookstons.com  Fri Nov 11 17:20:25 2005
From: aspnet at thecrookstons.com (Casey)
Date: Fri, 11 Nov 2005 17:20:25 -0600
Subject: [thelist] parameters in classic asp
References: <001b01c5e713$15a336e0$6401a8c0@Papabear>
Message-ID: <002001c5e716$7f478ee0$6401a8c0@Papabear>


> So, I need to swap out "SELECT * FROM users WHERE userid = '" & user_id & 
> "'
> AND password = '" & password & "'"
>
> with parameters: "SELECT * FROM users WHERE userid = @userid AND password 
> =
> @password"


We're using ODBC if that makes a difference. 



From evolt at kasimir-k.fi  Fri Nov 11 17:37:57 2005
From: evolt at kasimir-k.fi (Kasimir K)
Date: Fri, 11 Nov 2005 23:37:57 +0000
Subject: [thelist] Email header injection
In-Reply-To: <43752283.8070100@worlddomination.net>
References: <200511111807.jABI7Pt4019291@secure.e3host.com>	<BAYC1-PASMTP0422FE978602A5D7DD951886590@CEZ.ICE>	<43751F09.8050809@kasimir-k.fi>
	<43752283.8070100@worlddomination.net>
Message-ID: <43752B55.4040502@kasimir-k.fi>

Steve Lewis scribeva in 2005-11-11 23:00:
> so I code my bot to make a curl request, read your hidden form field 
> value, and send it back for each request.  cake.

Obviously it is possible/easy to make bot that mimics human behavior so 
well, that none of these gimmicks will stop it form attempting header 
injections.

But while the majority of the bots are dafter than that, the hidden form 
field with unique id can save from a lot of annoyance.

And once they all can pass a Turing test, well, I guess we'll be seeing 
helluva lot less of contact forms out there ;-)

.k


From thelist at cjmarsh.com  Fri Nov 11 17:45:03 2005
From: thelist at cjmarsh.com (thelist at cjmarsh.com)
Date: Fri, 11 Nov 2005 23:45:03 -0000
Subject: [thelist] parameters in classic asp
In-Reply-To: <002001c5e716$7f478ee0$6401a8c0@Papabear>
Message-ID: <000e01c5e719$f0011a90$0200000a@CJMLTP01>

Casey

> > So, I need to swap out "SELECT * FROM users WHERE userid = '" & 
> > user_id &
> > "'
> > AND password = '" & password & "'"
> >
> > with parameters: "SELECT * FROM users WHERE userid = @userid AND 
> > password
> > =
> > @password"

The best thing to do would be to learn a little more about ADO, and
W3Schools.com is not a bad place to start:

<http://www.w3schools.com/ado/ado_ref_command.asp>

In the meanwhile, ensure that you escape single quotes thus:

<%
Function SQLSafe(ByVal strSQL)
    SQLSafe = Replace(strSQL, "'", "''")
End Function

"SELECT * FROM users WHERE userid = '" & SQLSafe(user_id) & "'"
%>

Also, don't try to reformat input if it does not conform to your expected
pattern. For example, if you find "--" within the input string for a first
name, then gracefully exit - don't strip it out and continue. Use single
quotes around numbers thus:

"SELECT * FROM users WHERE userNumber = '1'"

Handle your errors so that detailed error messages are not displayed in the
browser, so that malicious input does not result in exposure of the database
structure.

HTH

Regards

Chris Marsh

-- 
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.362 / Virus Database: 267.13.0/167 - Release Date: 11/11/2005
 



From philip at turmel.org  Fri Nov 11 18:57:26 2005
From: philip at turmel.org (Phil Turmel)
Date: Fri, 11 Nov 2005 19:57:26 -0500
Subject: [thelist] Email header injection
In-Reply-To: <43752B55.4040502@kasimir-k.fi>
References: <200511111807.jABI7Pt4019291@secure.e3host.com>	<BAYC1-PASMTP0422FE978602A5D7DD951886590@CEZ.ICE>	<43751F09.8050809@kasimir-k.fi>	<43752283.8070100@worlddomination.net>
	<43752B55.4040502@kasimir-k.fi>
Message-ID: <43753DF6.1050607@turmel.org>

Kasimir K wrote:
> Steve Lewis scribeva in 2005-11-11 23:00:
> 
>>so I code my bot to make a curl request, read your hidden form field 
>>value, and send it back for each request.  cake.
> 
> 
> Obviously it is possible/easy to make bot that mimics human behavior so 
> well, that none of these gimmicks will stop it form attempting header 
> injections.
> 
> But while the majority of the bots are dafter than that, the hidden form 
> field with unique id can save from a lot of annoyance.
> 
> And once they all can pass a Turing test, well, I guess we'll be seeing 
> helluva lot less of contact forms out there ;-)
> 
> .k
Careful...

You have to realize there are two separate objectives here, one more 
important than the other:

1) Prevent bots from filling in contact forms, so they don't bother the 
webmaster, and

2) Prevent bots from injecting headers, so they don't use your server to 
bother the rest of the web.

Failing in #1 will just fill the contact inbox.

Failing in #2 will get your server blacklisted so fast it'll make your 
clients' heads spin.

Client side games only address #1, and if a real human spammer 
investigates why his favorite script fails on your site, your defenses 
will crumble.  (They're exposed in your html source, after all.)

Sanitizing form input, where that input will be used in mailer code, 
addresses #2 in a way the spammer can't crack, as it's NOT exposed on 
the client side.

I don't run any contact forms on my sites, so I can't offer further 
advice.  I'd did have an open SMTP relay once, though (for a very short 
time).  Blacklisting is no fun, and hard to clear up.  Good luck.

Phil


From email at timburgan.com  Fri Nov 11 20:53:34 2005
From: email at timburgan.com (Tim Burgan)
Date: Sat, 12 Nov 2005 13:23:34 +1030
Subject: [thelist] Email header injection
In-Reply-To: <43753DF6.1050607@turmel.org>
References: <200511111807.jABI7Pt4019291@secure.e3host.com>	<BAYC1-PASMTP0422FE978602A5D7DD951886590@CEZ.ICE>	<43751F09.8050809@kasimir-k.fi>	<43752283.8070100@worlddomination.net>	<43752B55.4040502@kasimir-k.fi>
	<43753DF6.1050607@turmel.org>
Message-ID: <4375592E.9090407@timburgan.com>

I've been watching this thread and gaining a greater understanding of 
basic problems designers face.

Thanks Phil for providing that summary.

Going on from what you said (attached below), so to:
  a. Prevent issue #1:
       Use techniques discussed in this thread.
  b. Prevent issue #2:
       Sanitise all input ( for example in PHP,
       use the htmlspecialschars() function )

Is this correct?
Tim


Phil Turmel wrote:

>1) Prevent bots from filling in contact forms, so they don't bother the 
>webmaster, and
>
>2) Prevent bots from injecting headers, so they don't use your server to 
>bother the rest of the web.
>
>Failing in #1 will just fill the contact inbox.
>
>Failing in #2 will get your server blacklisted so fast it'll make your 
>clients' heads spin.
>
>Client side games only address #1, and if a real human spammer 
>investigates why his favorite script fails on your site, your defenses 
>will crumble.  (They're exposed in your html source, after all.)
>
>Sanitizing form input, where that input will be used in mailer code, 
>addresses #2 in a way the spammer can't crack, as it's NOT exposed on 
>the client side.
>





From Ken at adOpenStatic.com  Fri Nov 11 21:24:59 2005
From: Ken at adOpenStatic.com (Ken Schaefer)
Date: Sat, 12 Nov 2005 14:24:59 +1100
Subject: [thelist] parameters in classic asp
Message-ID: <160489103479AB4892187638EE7D1E691F49EB@kjserver1.kjhome.local>

IIRC:

strSQL = "SELECT UserID FROM Users WHERE UserName = @UserName AND
UserPassword= @UserPassword"

With objCommand
	Set .ActiveConnection = objConn
	.CommandText = strSQL
	.Parameters.Append .CreateParameter("@UserName", adVarChar, 50)
	.Parameters.Append .CreateParameter("@UserPassword", adVarChar, 50)
End With

Set objRS = objCommand.Execute

Best off looking the ADO reference on MSDN for the exact syntax/parameter
list for each method above.

Cheers
ken



: -----Original Message-----
: From: thelist-bounces at lists.evolt.org [mailto:thelist-
: bounces at lists.evolt.org] On Behalf Of Casey
: Sent: Saturday, 12 November 2005 10:20 AM
: To: thelist at lists.evolt.org
: Subject: Re: [thelist] parameters in classic asp
: 
: 
: > So, I need to swap out "SELECT * FROM users WHERE userid = '" & user_id
: &
: > "'
: > AND password = '" & password & "'"
: >
: > with parameters: "SELECT * FROM users WHERE userid = @userid AND
: password
: > =
: > @password"
: 
: 
: We're using ODBC if that makes a difference.



From evolt at kasimir-k.fi  Sat Nov 12 05:09:01 2005
From: evolt at kasimir-k.fi (Kasimir K)
Date: Sat, 12 Nov 2005 11:09:01 +0000
Subject: [thelist] Email header injection
In-Reply-To: <43753DF6.1050607@turmel.org>
References: <200511111807.jABI7Pt4019291@secure.e3host.com>	<BAYC1-PASMTP0422FE978602A5D7DD951886590@CEZ.ICE>	<43751F09.8050809@kasimir-k.fi>	<43752283.8070100@worlddomination.net>	<43752B55.4040502@kasimir-k.fi>
	<43753DF6.1050607@turmel.org>
Message-ID: <4375CD4D.2020108@kasimir-k.fi>

Phil Turmel scribeva in 2005-11-12 00:57:
> You have to realize there are two separate objectives here, one more 
> important than the other:
> 
> 1) Prevent bots from filling in contact forms, so they don't bother the 
> webmaster, and
> 
> 2) Prevent bots from injecting headers, so they don't use your server to 
> bother the rest of the web.

Yes, important point, well put, and I fully agree.

To be really safe, simply don't put any user input in the mail header. 
For all my client work I do contact forms this way - as I might not be 
monitoring them constantly, I want to be really sure that they are safe 
now and tomorrow.

On my personal site I (for now) put stuff (carefully sanitized) in the 
header. There's the little convenience of being able to just hit reply - 
but more importantly, I'm reluctant to change functionality of my site 
because of some damn script kiddie... I rather spend an hour or two 
securing it.

All the tricks of using hidden fields etc. naturally don't provide any 
real protection - only convenience. Any real protection indeed comes 
only from accepting user input of expected type, and carefully 
sanitizing that (and not using it in mail headers).

Kasimir K scribeva in 2005-11-11 18:45:
 > The strange thing though is, that this is not working for me every
 > time...
 > Obviously something very stupid which I'll be ashamed of later :-)

I had a forgotten script on my site... I am very, very ashamed :-)

<tip>
To be sure that your PHP site hasn't any forgotten mailing scripts, do a 
site wide search for "mail(", and make sure it only appears where it should.
</tip>

.k



From philip at turmel.org  Sat Nov 12 09:52:28 2005
From: philip at turmel.org (Phil Turmel)
Date: Sat, 12 Nov 2005 10:52:28 -0500
Subject: [thelist] Email header injection
In-Reply-To: <4375592E.9090407@timburgan.com>
References: <200511111807.jABI7Pt4019291@secure.e3host.com>	<BAYC1-PASMTP0422FE978602A5D7DD951886590@CEZ.ICE>	<43751F09.8050809@kasimir-k.fi>	<43752283.8070100@worlddomination.net>	<43752B55.4040502@kasimir-k.fi>	<43753DF6.1050607@turmel.org>
	<4375592E.9090407@timburgan.com>
Message-ID: <43760FBC.9060002@turmel.org>

Tim Burgan wrote:
> Going on from what you said (attached below), so to:
>   a. Prevent issue #1:
>        Use techniques discussed in this thread.
>   b. Prevent issue #2:
>        Sanitise all input ( for example in PHP,
>        use the htmlspecialschars() function )
> 
> Is this correct?
> Phil Turmel wrote:
>>1) Prevent bots from filling in contact forms, so they don't bother the 
>>webmaster, and
>>
>>2) Prevent bots from injecting headers, so they don't use your server to 
>>bother the rest of the web.

Tim,

When it comes to security from spammers, defense in depth is required:

For #1, start with speed bumps.

Require session cookies, and a hidden unique ID in the form, for form 
submittal.  Set the unique ID on pages that link to the contact form, 
but not on the contact form page itself.  Timestamp the unique ID 
creation within your session data.  If the contact form is opened 
without a unique ID in the session, redirect back to the home page.  If 
the contact form is submitted before the unique ID is 10 seconds old, 
throw an error page w/ apology, and redirect back to the home page. 
Delete the unique ID in your session on successful submission.

For #2, sanitize the submitted form's from address and subject

First, run the submitted from address (and any other email addresses) 
through a validator function, like this PHP one:

function EmailOK( $addr ) {
	$pattern1 = '/(@.*@)|(\.\.)|(@\.)|(\.@)|(^\.)/';
	if ( preg_match( $pattern1, $addr ))
		return FALSE;
	$pattern2 = '/^[-\.a-z0-9_\+]+@([-a-z0-9_]+\.)+[a-z]{2,5}$/i';
	return preg_match( $pattern2, $addr );
}

Second, search for any form of newline in the submitted subject.  If you 
find one, fail.

If either of these sanitizers find a problem, return the form to the 
submitter for further editing.

I also run the submitted message body through PHP's wordwrap() function, 
but that's not a failure point.

If you're really paranoid, you could load the message body as XML, scan 
the tree to delete unacceptable tags, then convert it back to text.

Bottom line:
Speed bumps stop the trivial scripter.  Input sanitization stops the 
spammer.  Failure to deliver spam causes the serious scripter to leave 
you alone. (Cracking effort for no gain... not gonna happen.)

HTH,

Phil


From lists at frankmarion.com  Sat Nov 12 12:08:00 2005
From: lists at frankmarion.com (Frank)
Date: Sat, 12 Nov 2005 13:08:00 -0500
Subject: [thelist] Your favourite site backup utility?
Message-ID: <6.1.1.1.2.20051112130711.01fdaba8@127.0.0.1>


We've just had a hard drive crash on one of our servers. Good thing that we 
backup hourly. Still, it's a pain in the butt, and a reminder that 
redundancy is good. I've been looking at a *lot* of automated utilities for 
backing up sites, and I'd like to get your opinion on what your favourite 
one is.

My server is linux, my backup machine is PC. I'd like to backup the whole 
server's worth of sites on a site-per-site basis, and the ability to 
compress would be nice. Bonus if the utility can also dump the mysql 
database to an sql file in the site archive. I suspect that I might be 
looking at a php+ chron job, but thought that it might be nice to have an 
all-in-one that runs on my PC.

What have you tried that you like? What do you recommend that I stay clear of?




Frank Marion     lists at frankmarion.com      Keep the signal high.





From misha.genkin at gmail.com  Sat Nov 12 15:48:21 2005
From: misha.genkin at gmail.com (Misha Genkin)
Date: Sat, 12 Nov 2005 23:48:21 +0200
Subject: [thelist] DOM + IE elements creation problem
In-Reply-To: <dfc81b090511102308t6571813ft@mail.gmail.com>
Message-ID: <000101c5e7d2$d0670cd0$0301a8c0@caemlyn>

Is there a way to run the script debugger without an error bieng triggered?

-----Original Message-----
From: thelist-bounces at lists.evolt.org
[mailto:thelist-bounces at lists.evolt.org] On Behalf Of VOLKAN ?Z?EL?K
Sent: Friday, November 11, 2005 9:08 AM
To: thelist at lists.evolt.org
Subject: Re: [thelist] DOM + IE elements creation problem

Have you tried microsoft script debugger. It sometimes spots errors
that do not show in normal situations.

HTH,
--
Volkan Ozcelik
+>Yep! I'm blogging! : http://www.volkanozcelik.com/volkanozcelik/blog/
+> My projects/studies/trials/errors : http://www.sarmal.com/
-- 

* * Please support the community that supports you.  * *
http://evolt.org/help_support_evolt/

For unsubscribe and other options, including the Tip Harvester 
and archives of thelist go to: http://lists.evolt.org 
Workers of the Web, evolt ! 



From fuzzylizard at gmail.com  Sat Nov 12 19:36:41 2005
From: fuzzylizard at gmail.com (Chris Johnston)
Date: Sat, 12 Nov 2005 20:36:41 -0500
Subject: [thelist] Your favourite site backup utility?
In-Reply-To: <6.1.1.1.2.20051112130711.01fdaba8@127.0.0.1>
References: <6.1.1.1.2.20051112130711.01fdaba8@127.0.0.1>
Message-ID: <a72f3110511121736k6cce5202lfc1e33c037ff6299@mail.gmail.com>

On 11/12/05, Frank <lists at frankmarion.com> wrote:
>
>
> My server is linux, my backup machine is PC. I'd like to backup the whole
> server's worth of sites on a site-per-site basis, and the ability to
> compress would be nice. Bonus if the utility can also dump the mysql
> database to an sql file in the site archive.
>
>
rsync
shell script
tar

The above three, when put together, should be able to handle all your back
up needs. However, they will have to be run from the server and not from
your PC.

Chris
--
www.fuzzylizard.com <http://www.fuzzylizard.com>


From ekm at seastorm.com  Sat Nov 12 23:45:10 2005
From: ekm at seastorm.com (Erika Meyer)
Date: Sat, 12 Nov 2005 21:45:10 -0800
Subject: [thelist] photoshop: rounding corners on a rectangular image
In-Reply-To: <a72f3110511121736k6cce5202lfc1e33c037ff6299@mail.gmail.com>
References: <6.1.1.1.2.20051112130711.01fdaba8@127.0.0.1>
	<a72f3110511121736k6cce5202lfc1e33c037ff6299@mail.gmail.com>
Message-ID: <a0621021cbf9c823d2d62@[192.168.0.3]>

hiya.

Design question.

In Photoshop, how would I take a rectangular image, and round off the 
corners?  Or cut out other shapes?  I mean, as if my image were 
cookie dough, and I wanted to cookie-cutter a shape out of it.

tia,

Erika


From fuzzylizard at gmail.com  Sun Nov 13 00:29:17 2005
From: fuzzylizard at gmail.com (Chris Johnston)
Date: Sun, 13 Nov 2005 01:29:17 -0500
Subject: [thelist] photoshop: rounding corners on a rectangular image
In-Reply-To: <a0621021cbf9c823d2d62@192.168.0.3>
References: <6.1.1.1.2.20051112130711.01fdaba8@127.0.0.1>
	<a72f3110511121736k6cce5202lfc1e33c037ff6299@mail.gmail.com>
	<a0621021cbf9c823d2d62@192.168.0.3>
Message-ID: <a72f3110511122229g2965cd1eo40805fae9ee1d19d@mail.gmail.com>

On 11/13/05, Erika Meyer <ekm at seastorm.com> wrote:
>
>
> In Photoshop, how would I take a rectangular image, and round off the
> corners? Or cut out other shapes? I mean, as if my image were
> cookie dough, and I wanted to cookie-cutter a shape out of it.
>
>
Create a selection using the select tool, then invert the selection and do a
cut. Inverting the selection will select everything outside what you
originally selected allowing you to cut out a shape.

I am not sure what the menu options are, but they should be easy to find.

Chris

--
www.fuzzylizard.com <http://www.fuzzylizard.com>


From volkan.ozcelik at gmail.com  Sun Nov 13 01:33:30 2005
From: volkan.ozcelik at gmail.com (=?ISO-8859-9?Q?VOLKAN_=D6Z=C7EL=DDK?=)
Date: Sun, 13 Nov 2005 09:33:30 +0200
Subject: [thelist] photoshop: rounding corners on a rectangular image
In-Reply-To: <a72f3110511122229g2965cd1eo40805fae9ee1d19d@mail.gmail.com>
References: <6.1.1.1.2.20051112130711.01fdaba8@127.0.0.1>
	<a72f3110511121736k6cce5202lfc1e33c037ff6299@mail.gmail.com>
	<a0621021cbf9c823d2d62@192.168.0.3>
	<a72f3110511122229g2965cd1eo40805fae9ee1d19d@mail.gmail.com>
Message-ID: <dfc81b090511122333p7b45b919x@mail.gmail.com>

Just to mention a different method using a different tool:

in fireworks:

create a rounded rectangle. position it over the image. select both
the rectangle and the image. use punch action under transform menu.

I find it easier to cut / joing / slice things in fireworks. May be
that's just me.

Cheers,
--
Volkan Ozcelik
+>Yep! I'm blogging! : http://www.volkanozcelik.com/volkanozcelik/blog/
+> My projects/studies/trials/errors : http://www.sarmal.com/


From volkan.ozcelik at gmail.com  Sun Nov 13 07:05:22 2005
From: volkan.ozcelik at gmail.com (=?ISO-8859-9?Q?VOLKAN_=D6Z=C7EL=DDK?=)
Date: Sun, 13 Nov 2005 15:05:22 +0200
Subject: [thelist] JS memory leak detection?
In-Reply-To: <dfc81b090510240528s36567709s@mail.gmail.com>
References: <dfc81b090510230309t6c80fda4x@mail.gmail.com>
	<cee13aa30510231514gad60d5dmd286ccc28f14cf0f@mail.gmail.com>
	<dfc81b090510232225x26fdd15at@mail.gmail.com>
	<dfc81b090510232353j66c5354fu@mail.gmail.com>
	<dfc81b090510240215m4fc19eb4k@mail.gmail.com>
	<cee13aa30510240316y5abffdadwaa5e1eefdf8f858c@mail.gmail.com>
	<dfc81b090510240335u75d3653ew@mail.gmail.com>
	<cee13aa30510240404u40c4bd36w6418c517fb888119@mail.gmail.com>
	<dfc81b090510240411l92b43f4q@mail.gmail.com>
	<dfc81b090510240528s36567709s@mail.gmail.com>
Message-ID: <dfc81b090511130505v28a7caf5u@mail.gmail.com>

Long time have passed over this thread but I have recently completed a
related article:

http://www.codeproject.com/useritems/LeakPatterns.asp

for the interested...

Cheers,
--
Volkan Ozcelik
+>Yep! I'm blogging! : http://www.volkanozcelik.com/volkanozcelik/blog/
+> My projects/studies/trials/errors : http://www.sarmal.com/


From cdorer at gmail.com  Sun Nov 13 08:34:58 2005
From: cdorer at gmail.com (Chris Dorer)
Date: Sun, 13 Nov 2005 09:34:58 -0500
Subject: [thelist] photoshop: rounding corners on a rectangular image
In-Reply-To: <a0621021cbf9c823d2d62@[192.168.0.3]>
References: <6.1.1.1.2.20051112130711.01fdaba8@127.0.0.1>	<a72f3110511121736k6cce5202lfc1e33c037ff6299@mail.gmail.com>
	<a0621021cbf9c823d2d62@[192.168.0.3]>
Message-ID: <43774F12.3090102@gmail.com>

The first link will direct you to the right place for doing rounded edges.

These both will provide a plethora of tricks and tips on using photoshop 
for great effects.

http://www.pixel2life.com/tutorials/Adobe_Photoshop/All/?tut=4
http://www.stab.se/aq/ny/pstips/fwf_all.htm

Erika Meyer wrote:

>hiya.
>
>Design question.
>
>In Photoshop, how would I take a rectangular image, and round off the 
>corners?  Or cut out other shapes?  I mean, as if my image were 
>cookie dough, and I wanted to cookie-cutter a shape out of it.
>
>tia,
>
>Erika
>  
>


From volkan.ozcelik at gmail.com  Sun Nov 13 16:19:59 2005
From: volkan.ozcelik at gmail.com (=?ISO-8859-9?Q?VOLKAN_=D6Z=C7EL=DDK?=)
Date: Mon, 14 Nov 2005 00:19:59 +0200
Subject: [thelist] 301 Redirect or...
In-Reply-To: <436FD09A.10302@wi.rr.com>
References: <4A27645B1A4F4D4181909FA5D213FEF402C822@coaexb.coa.aurora-il.org>
	<436FD09A.10302@wi.rr.com>
Message-ID: <dfc81b090511131419v299030d0m@mail.gmail.com>

> We did something like this on a recent site: http://www.swlaw.edu/error

cool. I receive an error message in Turkish :)

"istediginiz nesne bu sunucuda ya yok ya da sunulamiyor.
aradiginizi bulabilmek icin lutfen adresi kontrol edin..."

What a glocal (globally local) world we are emerging to.

... and I think to myself, what a wonderful world ...

--
Volkan Ozcelik
+>Yep! I'm blogging! : http://www.volkanozcelik.com/volkanozcelik/blog/
+> My projects/studies/trials/errors : http://www.sarmal.com/


From webguync at gmail.com  Sun Nov 13 20:03:31 2005
From: webguync at gmail.com (Bruce Gilbert)
Date: Sun, 13 Nov 2005 21:03:31 -0500
Subject: [thelist] form that sends to emailing list stores in MySQL table
	not working
Message-ID: <463b785d0511131803x41a62f43xf8a834783f923573@mail.gmail.com>

I have set up a form where you can enter your email address and
confirm to be entered into a MySQL table database.

this part works fine, but when I try to send a sample email to the
list, nothing comes through. I was hoping somone could take a look at
my code and see if they might know what is going wrong.
// here is the form to send to the list
<form id="mailinglist" method="post" action="sendmailinglist.php">
<fieldset >
<legend>Inspired-Evolution.com Nation Mailing List</legend>
  <table class="mailinglist" summary="sends email newsletter out to
Inspired-Evolution.com Nation">
    <tr>
      <td>
          <label for="subject">Subject of email:</label> </td>
      <td> <input type="text" id="subject" name="subject"
value="<?=$subject ?>" maxlength="200" size="25" />
      </td>
    </tr>
    <tr>
      <td>
          <label for="message">Type The Message Here:</label>
          </td>
      <td> <textarea name="message" id="message" value="<?=$message ?>
cols="" rows=""></textarea>
      </td>
    </tr>
    <tr>
      <td>&nbsp; </td>
      <td align="right">
        <input class="submit" src="/images/submit.gif" alt="Submit"
type="image" name="submit" value="submit" />
      </td>
    </tr>
  </table>
</fieldset>
</form>


// code which is supposed to send to MySQL list
<?php
include("config.php");
$subject = $_REQUEST['subject'];
$message = $_REQUEST['message'];
$sender = "Bruce Gilbert <webguync at gmail.com>\n"; //put your name and
sending address here
$reply_to = "<webguync at gmail.com>\n"; //reply-to, insert your address
here,  might not be supported by your server
$return_path = "webguync at gmail.com\n"; // return-path, if you have
one, also might not be supported by your server
$x_sender = "<webguync at gmail.com>\n"; //your address, another setting
possibly not supported by your server

$message .= "\n\n This is a double opt-in mailing list. All recipients
have confirmed their subscription. If you no longer wish to receive
these emails, please go to http://http:www/inspired-evolution.com \n
				";
$query = "
	SELECT
		*
	FROM
		mailinglist
	WHERE
		subscribe=1
		AND
		confirmed=1";

$result = mysql_query($query);

while ( $row = mysql_fetch_array($result))
	{
	$rec_id = $row["rec_id"];
	$email = $row["email"];

	$recipient = $email;

	$headers = "From: $sender";
	$headers .= "Reply-To: $reply_to";
	$headers .= "Return-Path: $return_path";
	$headers .= "X-Sender: $x_sender";
	$headers .= "X-Mailer: PHP4\n"; //mailer
	$headers .= "X-Priority: 3\n"; //1 UrgentMessage, 3 Normal
	$headers .= "Mime-Version:1.0\n Content-Type: text/plain;
charset=\"iso-8859-1\nContent-Transfer-Encoding: 8bit\n";
		
	mail( $recipient, $subject, stripslashes($message), $headers );
	sleep(1);

}

// run second query to automatically dump unsubscribed email addresses.
$query2 = "
	DELETE FROM
		mailinglist
	WHERE
		subscribe='0'
		AND
		confirmed='0' ";

//run the query
mysql_query($query2, $link) or die (mysql_error());

mysql_close();

header("location: mailsent.php");
exit;
?>


From ian at zstudio.co.uk  Sun Nov 13 20:15:48 2005
From: ian at zstudio.co.uk (Ian Anderson)
Date: Mon, 14 Nov 2005 02:15:48 +0000
Subject: [thelist] form that sends to emailing list stores in MySQL
 table not working
In-Reply-To: <463b785d0511131803x41a62f43xf8a834783f923573@mail.gmail.com>
References: <463b785d0511131803x41a62f43xf8a834783f923573@mail.gmail.com>
Message-ID: <4377F354.2080504@zstudio.co.uk>

Bruce Gilbert wrote:

> this part works fine, but when I try to send a sample email to the
> list, nothing comes through. I was hoping somone could take a look at
> my code and see if they might know what is going wrong.

Are you testing it to your gmail account?

I think I read on the list somewhere recently that messages that are 
both from and to your gmail account get swallowed up by Google's 
anti-anti-matter filters (or something).

Just to exclude the possibility, have you tried a different combination 
of email addresses?

HTH

Cheers

Ian

-- 
_________________________________________________
zStudio - Web development and accessibility
http://zStudio.co.uk

Snippetz.net BETA - Online code library
File, manage and re-use your code snippets online
http://snippetz.net


From ekm at seastorm.com  Sun Nov 13 21:15:48 2005
From: ekm at seastorm.com (Erika Meyer)
Date: Sun, 13 Nov 2005 19:15:48 -0800
Subject: [thelist] photoshop: rounding corners on a rectangular image
In-Reply-To: <43774F12.3090102@gmail.com>
References: <6.1.1.1.2.20051112130711.01fdaba8@127.0.0.1>
	<a72f3110511121736k6cce5202lfc1e33c037ff6299@mail.gmail.com>
	<a0621021cbf9c823d2d62@[192.168.0.3]> <43774F12.3090102@gmail.com>
Message-ID: <a06210202bf9da7dc4700@[192.168.0.4]>

yay!   thanks, Chris, I managed to figure it out.  & those links are 
fantastic and will keep me busy for hours building shiny flaming 
bevels...

for anyone else who's wondering, it's kinda like this (I'm using 
Adobe Photoshop CS on OSX).

1. you have to make sure the shape is a path (which is setting you 
need to select on the shape tool.  It off to the left in the shape 
selection bar; it looks like a little pen in a box & is called 
"paths")

2. with "paths" and your shape of choice selected, draw your shape on 
the layer you want to modify.

3. "control click" on the path (windows) or "control shift click" 
(mac).  this should give you a menu of options.

4. select "make selection"  then "new slection" This turns your path 
into marching ants. (hurrah!)

5. select -> inverse... and chop out everything around your shape.  & voila!
cookie cutter shapes!  & just in time for the holidays.

thanks again.

Erika

----------------------

Chris Dorer wrote:

>The first link will direct you to the right place for doing rounded edges.
>
>These both will provide a plethora of tricks and tips on using photoshop
>for great effects.
>
>http://www.pixel2life.com/tutorials/Adobe_Photoshop/All/?tut=4
>http://www.stab.se/aq/ny/pstips/fwf_all.htm
>