|
FULLTEXT KEY in XOOPS
from PEAK XOOPS Support&Experiment
(2006/7/15 5:05)
|
There are some modules using "FULLTEXT KEY" in mysql.sql. But I can find no queries with "MATCH()". This makes useless indexes, and can harm its performance. Moreover, MySQL does not support "splitting words" for multibyte language. I will check the performance of ... - "splitting words" by kakasi, chasen, or mecab - implode the words by a space into a string - stores the string into a column for searching - query with MATCH()
|
|
How to create icons for D3 modules
from PEAK XOOPS Support&Experiment
(2006/7/14 16:12)
|
If you develop D3 module, set the base png with "indexed colors". And you should not its color depth as 32,64,128 or 256. I recommend you to save the png as 63 indexed colors. This is bulletin2's module_icon.png with 63 indexed colors. (You can understand what I mean, just by replacing module_icon.png under xoops_trust_path/modules/bulletin/ )
|
|
un-well-known(?) usage of Smarty modifier (1)
from PEAK XOOPS Support&Experiment
(2006/7/9 17:53)
|
You can use any functions as modifier for the Smarty.(Not only plugins/modifier.*.php)eg.If you want to cut a multibyte-string, you have to use mb_strcut() instead of substr().But you don't have to create and put a Smarty's modifier with mb_strcut().Just write like this:[code] [/code]To be continued ...
|
|
minihaku released
from PEAK XOOPS Support&Experiment
(2006/6/29 17:52)
|
[/xlang:ja]hakusen made by suin is a great module.However, it has alreay finished releasing.minihaku -quite a little module- can work like hakusen.That's because this is a corpus of cutting-corners. :-)If you are a skilled developper, minihaku might be useful to you.
|
|
un-well-known right usage of xhld
from PEAK XOOPS Support&Experiment
(2006/6/26 6:14)
|
Don't you misunderstand"xhld is a heavy module"?No."xhld is a light module".Try this crontab. (rewrite path into yours)[code]5 * * * * cd /home/yourhome/public_html/modules/xhld0/include;/home/yourhome/public_html/modules/xhld0/include/update_cache.sh[/code]If you don't get success, execute update_cache.sh via shell.And check there:- set the permission of update_cache.sh 700 or 755- check /usr/local/bin/php exists. Else rewrite the 1st line of update_cache.shIf you use fastestcache, get the latest version of update_cache.sh
|
|
anti-XSS system (4)
from PEAK XOOPS Support&Experiment
(2006/6/25 18:20)
|
This is the last chapter of BigUmbrella.The code in (3) has two points should be argued.- Is the check pattern OK?[code]preg_match('/[
|
|
anti-XSS system (3)
from PEAK XOOPS Support&Experiment
(2006/6/22 12:46)
|
The simple pattern of BigUmbrella has 3 problems.(A) XSS check should be done only for"Content-Type: text/html".(B) ob_start() will increase server's load when php transfers a huge file.(C) preview situation with html allowed.For (B), you should disable ob fileter manually.[code]// remove output bufferingswhile( ob_get_level() ) {ob_end_clean() ;}[/code]For (C), you should disable BigUmbrella manually.[code]define('BIGUMBRELLA_DISABLED', true ) ;[/code]Don't forget checking referer or ticket in the situation.This is the modified code for (A) and (C).I will argue about super variables of $_COOKIE and $_SERVER in next article.
|
|
anti-XSS system (2)
from PEAK XOOPS Support&Experiment
(2006/6/21 15:27)
|
This is the simple pattern of"Big Umbrella anti-XSS system".(1) make a file.eg) /usr/local/lib/php/bigumbrella.php[code]
|
|
anti-XSS system (1)
from PEAK XOOPS Support&Experiment
(2006/6/20 13:16)
|
I've found much better anti-XSS system like"Big umbrella".1. check doubtful request (eg."
|
|
right usage of xoops_notification
from PEAK XOOPS Support&Experiment
(2006/6/17 4:31)
|
There are two way to limit notification.For unauthorized users(groups):(1) disable to register notification(2) disable to trigger eventIn fact, (1) is almost non-sense.When users(groups) are changed their permissions, it is not easy to maintain notification table.Thus, (2) is the only way to limit notification.If you write a module with view permissioning in module, you should specify user_list into triggerEvent().
|
