Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

[07:36:43 EDT(-0400)] * athena7 (n=athena7@lumina.its.yale.edu) has joined ##uportal
[09:16:43 EDT(-0400)] * anastasiac (n=team@142.150.154.105) has joined ##uportal
[09:52:00 EDT(-0400)] * michelled (n=team@142.150.154.197) has joined ##uportal
[09:57:11 EDT(-0400)] * EricDalquist (n=dalquist@bohemia.doit.wisc.edu) has joined ##uportal
[09:58:14 EDT(-0400)] * theclown (n=theclown@142.150.154.101) has joined ##uportal
[09:59:10 EDT(-0400)] * dstn (n=dstn@unaffiliated/dstn) has joined ##uportal
[10:25:53 EDT(-0400)] * colinclark (n=colin@142.150.154.101) has joined ##uportal
[11:35:25 EDT(-0400)] * anastasiac (n=team@142.150.154.105) has joined ##uportal
[11:50:08 EDT(-0400)] <athena7> EricDalquist: I think the Yale bookmarks portlet changes are mostly together
[11:50:16 EDT(-0400)] <EricDalquist> neat
[11:50:19 EDT(-0400)] <athena7> should i go ahead and commit them to the trunk?
[11:50:25 EDT(-0400)] <EricDalquist> sure
[11:50:50 EDT(-0400)] <athena7> ok
[11:51:04 EDT(-0400)] <athena7> do i need to update the portlet version in the pom.xml or anything?
[11:51:31 EDT(-0400)] <EricDalquist> it should be a -SNAPSHOT version in the trunk
[11:51:47 EDT(-0400)] <athena7> yeah, it is
[11:51:48 EDT(-0400)] <EricDalquist> so whenever the next release is cut the person doing so will update the version number for the release
[11:52:04 EDT(-0400)] <athena7> i just want to make sure nothing gets stepped on for the up3 release
[11:52:14 EDT(-0400)] <athena7> what's that pointing at?
[11:52:42 EDT(-0400)] * holdorph (n=holdorph@wsip-98-174-242-39.ph.ph.cox.net) has joined ##uportal
[11:53:02 EDT(-0400)] <EricDalquist> ah
[11:53:09 EDT(-0400)] <EricDalquist> no that is pointing to a released version
[11:53:13 EDT(-0400)] <athena7> ok, great
[11:53:23 EDT(-0400)] <EricDalquist> plus you would have to actually deploy it to the jasig maven repository
[11:53:24 EDT(-0400)] <athena7> i figured it probably was
[11:53:40 EDT(-0400)] <athena7> what would you get though if you'd been building the portlet locally?
[11:53:52 EDT(-0400)] <athena7> would the jasig version override it?
[11:54:08 EDT(-0400)] <EricDalquist> ah
[11:54:09 EDT(-0400)] <EricDalquist> no
[11:54:20 EDT(-0400)] <EricDalquist> in that case you could get the local version
[11:54:34 EDT(-0400)] <athena7> yeah
[11:54:37 EDT(-0400)] <EricDalquist> but that is also why the code that lives in SVN will always have a -SNAPSHOT suffix
[11:54:59 EDT(-0400)] <EricDalquist> and the repository is checked every day for new -SNAPSHOTs by maven
[11:54:59 EDT(-0400)] <athena7> (smile)
[11:55:02 EDT(-0400)] <athena7> yeah
[11:55:10 EDT(-0400)] <athena7> hard to get too broken
[11:55:15 EDT(-0400)] <EricDalquist> yup
[11:55:30 EDT(-0400)] <EricDalquist> as long as no-one makes changes to a tagged version
[11:56:29 EDT(-0400)] <EricDalquist> I realize you've already migrated but with our ugprade here we've been doing outage planning (we have to start a long way off) and were concerned with the import/export script speeds
[11:56:46 EDT(-0400)] <athena7> migrated what?
[11:56:52 EDT(-0400)] <EricDalquist> uPortal versions
[11:56:56 EDT(-0400)] <EricDalquist> well up to 2.6 for you
[11:57:01 EDT(-0400)] <athena7> ah
[11:57:02 EDT(-0400)] <athena7> yes
[11:57:02 EDT(-0400)] <EricDalquist> so this could help for 3.0 (smile)
[11:57:04 EDT(-0400)] <EricDalquist> to address it I think I've hacked up some CRN tasks that run sub-tasks in a thread pool
[11:57:07 EDT(-0400)] <athena7> yes, very much so
[11:57:15 EDT(-0400)] <athena7> we've yet to actually use the import/export tool in production
[11:57:25 EDT(-0400)] <athena7> sounds good
[11:57:36 EDT(-0400)] <athena7> i was a little worried about script running time as well
[11:57:48 EDT(-0400)] <athena7> although yale's just not that big of a school
[11:58:40 EDT(-0400)] <EricDalquist> how many people do you have in up_user ... if you happen to know
[11:59:24 EDT(-0400)] <athena7> no idea
[11:59:32 EDT(-0400)] <athena7> we've been running for a long time, so probably a lot
[11:59:43 EDT(-0400)] <athena7> but we don't have the student body size that you have
[12:00:02 EDT(-0400)] <EricDalquist> yeah, we're at about 120k right now
[12:00:16 EDT(-0400)] <EricDalquist> though we're looking into removing all the deactivated users before we migrate
[12:00:58 EDT(-0400)] <athena7> that makes sense
[12:01:19 EDT(-0400)] <athena7> looks like 27K
[12:11:41 EDT(-0400)] <EricDalquist> how not to write web applications: http://thedailywtf.com/Articles/Oklahoma-Leaks-Tens-of-Thousands-of-Social-Security-Numbers,-Other-Sensitive-Data.aspx
[12:21:01 EDT(-0400)] <dstn> eeek
[12:21:45 EDT(-0400)] <EricDalquist> yeah ... the app gives you pretty much direct SQL execution support, you don't even need to bother with anything fancy
[12:23:12 EDT(-0400)] <dstn> whhhhhhat the crap!!!!
[12:23:23 EDT(-0400)] <dstn> ?sqlString=
[12:23:25 EDT(-0400)] <dstn> ahahaha
[12:28:27 EDT(-0400)] <EricDalquist> yeah ...
[12:28:44 EDT(-0400)] <EricDalquist> for more fun ... go to google and search for:
[12:28:45 EDT(-0400)] <EricDalquist> inurl:SELECT inurl:FROM inurl:WHERE
[12:28:58 EDT(-0400)] <EricDalquist> you have to go down a ways before you start finding them .... but they are there
[12:29:00 EDT(-0400)] <EricDalquist> lots of them
[12:29:17 EDT(-0400)] <EricDalquist> I found one that was a US CoastGaurd Auxillary Q&A site
[12:34:41 EDT(-0400)] <athena7> the coast guard had sql injection problems?
[12:34:52 EDT(-0400)] <athena7> that's pretty excellent
[12:35:03 EDT(-0400)] <athena7> not in an actually excellent way
[12:35:03 EDT(-0400)] <EricDalquist> doing that search is scary
[12:35:09 EDT(-0400)] <athena7> yeah i bet . . .
[12:35:15 EDT(-0400)] <athena7> wow that wtf posting is pretty ba
[12:35:16 EDT(-0400)] <athena7> d
[12:35:16 EDT(-0400)] <EricDalquist> a co-worker just found a .edu with an alumni records site
[12:35:33 EDT(-0400)] <EricDalquist> and the SQL in the url pretty much describes the whole table
[12:36:01 EDT(-0400)] <EricDalquist> makes the password they ask for on their edit link kind of pointless when you can run arbitrary SQL via URL parameters
[12:36:13 EDT(-0400)] <EricDalquist> and this is why PreparedStatements are good (smile)
[12:36:22 EDT(-0400)] <athena7> no kidding
[12:36:36 EDT(-0400)] <athena7> in that posting, i wonder if other people could have added new people to the registry
[12:36:40 EDT(-0400)] <athena7> that'd be really bad
[12:37:10 EDT(-0400)] <EricDalquist> I would be supprised if insert/update/drop/delete/alter all didn't workl
[12:37:28 EDT(-0400)] <athena7> yeah
[13:22:51 EDT(-0400)] <EricDalquist> athena7: I'll have a commit in just a few that uses pags to ensure everyone is in the Everyone group
[13:22:59 EDT(-0400)] * athena7 cheers
[13:23:37 EDT(-0400)] <EricDalquist> I just had fun writing the 'AlwaysTrueTester;
[13:24:30 EDT(-0400)] <athena7> (smile)
[13:26:42 EDT(-0400)] <EricDalquist> all set
[13:27:51 EDT(-0400)] <athena7> great!
[13:27:58 EDT(-0400)] <athena7> i'll test out our dev server this afternoon
[13:28:02 EDT(-0400)] <EricDalquist> cool
[13:34:20 EDT(-0400)] <athena7> trying to get a better sense of what's breaking and what's not when multiple jquery libs are included
[13:35:22 EDT(-0400)] <EricDalquist> ah
[13:35:27 EDT(-0400)] <EricDalquist> https://mywebspace.wisc.edu/dalquist/web/crn/
[13:35:29 EDT(-0400)] <EricDalquist> oops
[13:35:37 EDT(-0400)] <EricDalquist> wrong chat window (smile)
[13:35:52 EDT(-0400)] <EricDalquist> though if you're interested those are the two tasks to enable concurrent execution in crn
[13:45:08 EDT(-0400)] <athena7> cool (smile)
[13:47:22 EDT(-0400)] * michelled (n=team@142.150.154.197) has left ##uportal
[13:49:50 EDT(-0400)] <athena7> colinclark: are you around?
[13:49:57 EDT(-0400)] * michelled (n=team@142.150.154.197) has joined ##uportal
[13:50:06 EDT(-0400)] <athena7> i think i've identified my jquery problems
[13:50:44 EDT(-0400)] <colinclark> athena7: Yup, I'm here.
[13:50:49 EDT(-0400)] <athena7> heya
[13:50:52 EDT(-0400)] <colinclark> I'm multitasking. (smile)
[13:50:54 EDT(-0400)] <colinclark> hey
[13:51:05 EDT(-0400)] <athena7> so including multiple jquery libs seems to work
[13:51:11 EDT(-0400)] <athena7> but only if they're included in the <head>
[13:51:30 EDT(-0400)] <athena7> if they're included later on in the page, things break in very sad ways
[13:53:04 EDT(-0400)] <athena7> also, the calendar widget can't be included properly multiple times in the same page because it creates a div with a set ID
[13:54:16 EDT(-0400)] <dstn> we ran into that...made it a class instead of id
[13:54:37 EDT(-0400)] <colinclark> interesting!
[13:54:38 EDT(-0400)] <athena7> just edited the calendar library?
[13:54:57 EDT(-0400)] <dstn> other portlets, sorry
[13:55:22 EDT(-0400)] <colinclark> athena7: This is extremely helpful information, thanks so much.
[13:55:22 EDT(-0400)] <dstn> but same problem with multiple div's with the same id
[13:55:27 EDT(-0400)] <athena7> i mean the library itself creates a div iwth an id, not my code
[13:55:35 EDT(-0400)] <dstn> ohhh
[13:55:35 EDT(-0400)] <athena7> good, i'm glad (smile)
[13:55:40 EDT(-0400)] <dstn> sorry
[13:55:46 EDT(-0400)] <athena7> i need to figure out how i'm going to handle it though
[13:55:53 EDT(-0400)] <athena7> oh it's cool (smile) i wasn't clear
[13:57:15 EDT(-0400)] <colinclark> athena7: Have you tried it with just jQuery core?
[13:57:23 EDT(-0400)] <athena7> yep
[13:57:31 EDT(-0400)] <athena7> so the jquery library itself has that problem
[13:57:32 EDT(-0400)] <colinclark> Also, what UI library are you using? Are you still using Interface? Or are you using jQuery UI 1.0?
[13:57:42 EDT(-0400)] <athena7> as well as the jquery ui 1.5 beta libraries
[13:57:52 EDT(-0400)] <colinclark> athena7: Interesting. I'll have to talk to John Resig about it.
[13:57:53 EDT(-0400)] <athena7> and the datepicker widget is from the jquery ui 1.5 beta
[13:57:59 EDT(-0400)] <athena7> they may have fixed that in the head by now
[13:58:01 EDT(-0400)] <colinclark> Do you have any sample markup that shows the problem?
[13:58:22 EDT(-0400)] <athena7> i could create a simple test page if that would help
[13:58:43 EDT(-0400)] <athena7> probably be easier to see that looking at an entire portal page
[14:06:40 EDT(-0400)] <colinclark> athena7: That would be awesome if it's not too much trouble. Then I can file a bug against jQuery and jQuery-UI and bring it up with John and Paul.
[14:06:47 EDT(-0400)] <athena7> no problem
[14:06:55 EDT(-0400)] <athena7> pm me a convenient email address?
[14:17:29 EDT(-0400)] <athena7> so dstn, any chance the ajax stuff will be into the weather portlet before the conference? (smile)
[14:26:52 EDT(-0400)] <athena7> ok colin, sent you a zip
[14:30:52 EDT(-0400)] <colinclark> athena7: Thanks!
[14:31:13 EDT(-0400)] <athena7> yep (smile)
[14:35:33 EDT(-0400)] <athena7> the portal knows me!
[14:35:34 EDT(-0400)] * athena7 claps
[14:35:39 EDT(-0400)] <athena7> wooo
[14:35:47 EDT(-0400)] <athena7> thanks eric, fix looks great
[14:35:48 EDT(-0400)] <EricDalquist> (smile)
[14:35:58 EDT(-0400)] <EricDalquist> no problem, I'm glad we went the PAGs route
[14:36:09 EDT(-0400)] <EricDalquist> it will be nice not adding new users to some DB group by default
[14:36:26 EDT(-0400)] <athena7> yeah
[14:36:36 EDT(-0400)] <athena7> sounds good to me (smile)
[14:38:15 EDT(-0400)] <athena7> initportal seems to work nicely on oracle and all that
[14:38:23 EDT(-0400)] <EricDalquist> great
[14:38:41 EDT(-0400)] <EricDalquist> I'm fixing up some of the delete-*.crn scripts right now
[14:38:56 EDT(-0400)] <EricDalquist> and will be doing testing on windows later (uhg)
[14:40:07 EDT(-0400)] <athena7> bleh, indeed!
[14:40:42 EDT(-0400)] <EricDalquist> especially since I have to do it all in a VM
[14:40:51 EDT(-0400)] <EricDalquist> oh well
[14:41:23 EDT(-0400)] <athena7> oh, double ugh
[14:41:23 EDT(-0400)] <athena7> yeah
[15:13:53 EDT(-0400)] <athena7> i realized i never added licenses for jquery and interface.js
[15:14:00 EDT(-0400)] <athena7> they're both licensed under MIT and GPL
[15:14:37 EDT(-0400)] <athena7> any thoughts on what exactly i should include in the license files?
[15:15:20 EDT(-0400)] <athena7> just the text of the MIT license or something?