Re: Eu website
- Posted by mattlewis (admin) Aug 27, 2009
- 2078 views
And i am confused when you say i can edit it on the site, but someone else hasto deploy it. If i edit it, and do not commit it, isn't what i wrote all gone byebye? And if i commit it, isn't it deployed?
I was referring to the svn repository, where you can edit the css and commit the changes. That updates the svn repository, which is separate from the actual live website. Jeremy (or someone else) can then deploy the changes to the site. openeuphoria.org is its own thing...it doesn't serve off of the svn repository.
If you mean how to make the forum more bulletproof against errant (those things that cause server error 500's), well, alias the creole commands with the html people know and luv, and fix the creole parser. Make it test for crash-causing commands before it crashes. I have not studied the parser output vs input, nor it's limits. I didn't know till today that editing the parser in any way was possible. I thought it was pulled off a creole open source site somewhere and installed as-is, like Apache or php. But i mean, really, not even testing for matching (those things that cause server error 500's)?!
My limited experience with CGI tells me that the error 500s mean that the euphoria program generating the web page has crashed.
Before you come down on me for the suggestion of aliasing html to the creole, it's worked out well to not fix words for Tiggr's commands, she accepts a range of words meaning roughly "define". Altho the languages (24 of them) translator is no longer in existance, so she is now english-only. First thing i'd do, if allowed, is fix the idiot (those other things that cause server error 500's), so their position on the line isn't important, make sure they match opening-for-closing or return the poster to the preview page, and alias them with <pre></pre> as someone else suggested.
I don't see any of this as unreasonable.
I can see how that would work nicely for tomething like Tiggr. The problem, as I see it, is that the stuff that people put in ends up being displayed to other people in html. I believe that it's a lot easier to sanitize the creole input to prevent malicious content than if we allow some html. The quoting really isn't that difficult (certainly no more than html tags!).
Though I think that the forum (or whatever component of the software stack is appropriate) should probably be validating that all tags are closed at the end of a post, and if not, then either add the tags to ensure that, or reject the post until the user fixes it.
Matt
