From sebastien at aperghis.net Mon Jul 1 00:21:12 2013 From: sebastien at aperghis.net (=?iso-8859-1?Q?S=E9bastien_Aperghis-Tramoni?=) Date: Mon, 1 Jul 2013 00:21:12 +0200 Subject: LPW 2013 In-Reply-To: <51CFE0E7.6000806@shadowcat.co.uk> References: <2029245488.254746822.1372149062958.JavaMail.root@spooler3-g27.priv.proxad.net> <51C9599B.1090906@shadowcat.co.uk> <51CFE0E7.6000806@shadowcat.co.uk> Message-ID: <0341E547-6D52-4E3D-958C-9C570BBEE6E4@aperghis.net> Mark Keating wrote: > On 25/06/2013 09:49, Mark Keating wrote:Philippe just said on IRC that he emailed the bank to ask more >>> information and see whether it's possible to keep the funds in GBP. >> > Hi S?bastien, Hello Mark, > I have gone with Euros as I want to get the site launched and this is just easier ;). > > I am not sure that the config I set is working however as there seems to be no way I can choose ticket price when I register, so i obviously did something wrong. Could you have a quick look. Could you also set Me as admin for the front end so I can manage the site and news. That's normal: I had to enable the payment in the global config as well. That's a mechanism which is here so we can make last time checks, like we just did, and be sure that, for example, the organizers have arranged things with YEF. -- S?bastien Aperghis-Tramoni Close the world, txEn eht nepO. From m.keating at shadowcat.co.uk Mon Jul 1 10:59:20 2013 From: m.keating at shadowcat.co.uk (Mark Keating) Date: Mon, 01 Jul 2013 09:59:20 +0100 Subject: LPW 2013 In-Reply-To: <0341E547-6D52-4E3D-958C-9C570BBEE6E4@aperghis.net> References: <2029245488.254746822.1372149062958.JavaMail.root@spooler3-g27.priv.proxad.net> <51C9599B.1090906@shadowcat.co.uk> <51CFE0E7.6000806@shadowcat.co.uk> <0341E547-6D52-4E3D-958C-9C570BBEE6E4@aperghis.net> Message-ID: <51D144E8.9090709@shadowcat.co.uk> On 30/06/2013 23:21, S?bastien Aperghis-Tramoni wrote: > Mark Keating wrote: > >> On 25/06/2013 09:49, Mark Keating wrote:Philippe just said on IRC that he emailed the bank to ask more >>>> information and see whether it's possible to keep the funds in GBP. >> Hi S?bastien, > Hello Mark, > >> I have gone with Euros as I want to get the site launched and this is just easier ;). >> >> I am not sure that the config I set is working however as there seems to be no way I can choose ticket price when I register, so i obviously did something wrong. Could you have a quick look. Could you also set Me as admin for the front end so I can manage the site and news. > > That's normal: I had to enable the payment in the global config as well. > That's a mechanism which is here so we can make last time checks, like we just did, and be sure that, for example, the organizers have arranged things with YEF. > > Does that mean it is working now or do I need to do something else? Want to announce the workshop :0 Philippe - what do i have to do to get YEF to agree to take payments? Regards mark -- Mark Keating BA (Hons), Writer, Photographer, Cat-Herder. Managing Director: http://www.shadow.cat For more that I do visit: http://www.mdk.me From sebastien at aperghis.net Mon Jul 1 11:37:32 2013 From: sebastien at aperghis.net (=?utf-8?Q?S=C3=A9bastien?= Aperghis-Tramoni) Date: Mon, 1 Jul 2013 11:37:32 +0200 (CEST) Subject: LPW 2013 In-Reply-To: <51D144E8.9090709@shadowcat.co.uk> Message-ID: <22603800.273392522.1372671452187.JavaMail.root@spooler3-g27.priv.proxad.net> Mark Keating wrote: > Does that mean it is working now or do I need to do something else? As far as I can say, yes, it is working. At least, I see different choices when confirming the registration ? http://act.yapc.eu/lpw2013/purchase > Want to announce the workshop :0 > > Philippe - what do i have to do to get YEF to agree to take payments? -- S?bastien Aperghis-Tramoni Close the world, txEn eht nepO. From philippe.bruhat at free.fr Mon Jul 1 12:20:30 2013 From: philippe.bruhat at free.fr (Philippe Bruhat (BooK)) Date: Mon, 1 Jul 2013 12:20:30 +0200 Subject: LPW 2013 In-Reply-To: <51D144E8.9090709@shadowcat.co.uk> References: <2029245488.254746822.1372149062958.JavaMail.root@spooler3-g27.priv.proxad.net> <51C9599B.1090906@shadowcat.co.uk> <51CFE0E7.6000806@shadowcat.co.uk> <0341E547-6D52-4E3D-958C-9C570BBEE6E4@aperghis.net> <51D144E8.9090709@shadowcat.co.uk> Message-ID: <20130701102030.GD6761@zlott> On Mon, Jul 01, 2013 at 09:59:20AM +0100, Mark Keating wrote: > > Philippe - what do i have to do to get YEF to agree to take payments? > http://www.yapceurope.org/organizers/payment.html Basically, ask YEF. -- Philippe Bruhat (BooK) When you open a new door, the bad comes in with the good. (Moral from Groo The Wanderer #102 (Epic)) From philippe.bruhat at free.fr Mon Jul 1 12:26:44 2013 From: philippe.bruhat at free.fr (Philippe Bruhat (BooK)) Date: Mon, 1 Jul 2013 12:26:44 +0200 Subject: LPW 2013 In-Reply-To: <20130630215205.GB6761@zlott> References: <51BAF4FC.3040706@shadowcat.co.uk> <51C88EA0.9080900@shadowcat.co.uk> <35ABB792-9B0C-4838-AD83-0D8B6A60DCEB@aperghis.net> <20130630215205.GB6761@zlott> Message-ID: <20130701102644.GE6761@zlott> On Sun, Jun 30, 2013 at 11:52:05PM +0200, Philippe Bruhat (BooK) wrote: > > I've emailed the bank a few days ago to ask about getting an account > in GBP for YEF. No answer yet, because my contact was on holidays. > (back this week) > Our account manager will call me tomorrow to work out the details. -- Philippe Bruhat (BooK) When it is time for voting- / In the West or in the East- Why must we always settle for- / The man we hate the least? (Intro poem to Groo The Wanderer #108 (Epic)) From philippe.bruhat at free.fr Mon Jul 1 13:26:51 2013 From: philippe.bruhat at free.fr (Philippe Bruhat (BooK)) Date: Mon, 1 Jul 2013 13:26:51 +0200 Subject: LPW 2013 In-Reply-To: <20130701102644.GE6761@zlott> References: <51BAF4FC.3040706@shadowcat.co.uk> <51C88EA0.9080900@shadowcat.co.uk> <35ABB792-9B0C-4838-AD83-0D8B6A60DCEB@aperghis.net> <20130630215205.GB6761@zlott> <20130701102644.GE6761@zlott> Message-ID: <20130701112651.GF6761@zlott> On Mon, Jul 01, 2013 at 12:26:44PM +0200, Philippe Bruhat (BooK) wrote: > On Sun, Jun 30, 2013 at 11:52:05PM +0200, Philippe Bruhat (BooK) wrote: > > > > I've emailed the bank a few days ago to ask about getting an account > > in GBP for YEF. No answer yet, because my contact was on holidays. > > (back this week) > > > > Our account manager will call me tomorrow to work out the details. > Summary: - if all goes well, you'll have payment in GBP and the money will flow through a new and shiny YEF account in held in GBP - otherwise, you'll have the payment in EUR open by next Friday Regards, -- Philippe Bruhat (BooK) In the contest between simplicity and silence, silence hasn't got a prayer. (Moral from Groo The Wanderer #15 (Epic)) From sebastien at aperghis.net Mon Jul 1 13:30:13 2013 From: sebastien at aperghis.net (=?utf-8?Q?S=C3=A9bastien?= Aperghis-Tramoni) Date: Mon, 1 Jul 2013 13:30:13 +0200 (CEST) Subject: LPW 2013 In-Reply-To: <20130701112651.GF6761@zlott> Message-ID: <572123164.273694734.1372678213320.JavaMail.root@spooler3-g27.priv.proxad.net> Philippe Bruhat wrote: > On Mon, Jul 01, 2013 at 12:26:44PM +0200, Philippe Bruhat (BooK) > wrote: > > On Sun, Jun 30, 2013 at 11:52:05PM +0200, Philippe Bruhat (BooK) > > wrote: > > > > > > I've emailed the bank a few days ago to ask about getting an > > > account > > > in GBP for YEF. No answer yet, because my contact was on > > > holidays. > > > (back this week) > > > > Our account manager will call me tomorrow to work out the details. > > Summary: > - if all goes well, you'll have payment in GBP and the money will flow > through a new and shiny YEF account in held in GBP > - otherwise, you'll have the payment in EUR open by next Friday As requested on IRC, I closed lpw2013 payment for now. -- S?bastien Aperghis-Tramoni Close the world, txEn eht nepO. From philippe.bruhat at free.fr Tue Jul 2 14:23:00 2013 From: philippe.bruhat at free.fr (Philippe Bruhat (BooK)) Date: Tue, 2 Jul 2013 14:23:00 +0200 Subject: LPW 2013 In-Reply-To: <20130701112651.GF6761@zlott> References: <51BAF4FC.3040706@shadowcat.co.uk> <51C88EA0.9080900@shadowcat.co.uk> <35ABB792-9B0C-4838-AD83-0D8B6A60DCEB@aperghis.net> <20130630215205.GB6761@zlott> <20130701102644.GE6761@zlott> <20130701112651.GF6761@zlott> Message-ID: <20130702122300.GK6761@zlott> On Mon, Jul 01, 2013 at 01:26:51PM +0200, Philippe Bruhat (BooK) wrote: > On Mon, Jul 01, 2013 at 12:26:44PM +0200, Philippe Bruhat (BooK) wrote: > > On Sun, Jun 30, 2013 at 11:52:05PM +0200, Philippe Bruhat (BooK) wrote: > > > > > > I've emailed the bank a few days ago to ask about getting an account > > > in GBP for YEF. No answer yet, because my contact was on holidays. > > > (back this week) > > > > > > > Our account manager will call me tomorrow to work out the details. > > > > Summary: > - if all goes well, you'll have payment in GBP and the money will flow > through a new and shiny YEF account in held in GBP > - otherwise, you'll have the payment in EUR open by next Friday > Just got the call from the bank: good news all around! I've just requested a bank account in GBP for YEF (amazingly, this is free), which will be connected to our online payment system so that payments in GBP end up in that account. Because the billing is done on the EUR account, that means 100% of the funds paid in GBP will end up on the GBP account, which means refunds are going to be dead easy! The fun bit is that this apparently possible because we have an old contract (since 2005). Newer contracts don't seem to allow this directly. Mark, we'll need to setup a test payment in GBP soonish, so that we can fully test the system. -- Philippe Bruhat (BooK) Everyone is somebody's hero. (Moral from Groo The Wanderer #29 (Epic)) From m.keating at shadowcat.co.uk Tue Jul 2 17:30:29 2013 From: m.keating at shadowcat.co.uk (Mark Keating) Date: Tue, 02 Jul 2013 16:30:29 +0100 Subject: LPW 2013 In-Reply-To: <20130702122300.GK6761@zlott> References: <51BAF4FC.3040706@shadowcat.co.uk> <51C88EA0.9080900@shadowcat.co.uk> <35ABB792-9B0C-4838-AD83-0D8B6A60DCEB@aperghis.net> <20130630215205.GB6761@zlott> <20130701102644.GE6761@zlott> <20130701112651.GF6761@zlott> <20130702122300.GK6761@zlott> Message-ID: <51D2F215.4010200@shadowcat.co.uk> On 02/07/2013 13:23, Philippe Bruhat (BooK) wrote: > On Mon, Jul 01, 2013 at 01:26:51PM +0200, Philippe Bruhat (BooK) wrote: >> On Mon, Jul 01, 2013 at 12:26:44PM +0200, Philippe Bruhat (BooK) wrote: >>> On Sun, Jun 30, 2013 at 11:52:05PM +0200, Philippe Bruhat (BooK) wrote: >>>> I've emailed the bank a few days ago to ask about getting an account >>>> in GBP for YEF. No answer yet, because my contact was on holidays. >>>> (back this week) >>>> >>> Our account manager will call me tomorrow to work out the details. >>> >> Summary: >> - if all goes well, you'll have payment in GBP and the money will flow >> through a new and shiny YEF account in held in GBP >> - otherwise, you'll have the payment in EUR open by next Friday >> > Just got the call from the bank: good news all around! > > I've just requested a bank account in GBP for YEF (amazingly, this is free), > which will be connected to our online payment system so that payments in > GBP end up in that account. > > Because the billing is done on the EUR account, that means 100% of the > funds paid in GBP will end up on the GBP account, which means refunds > are going to be dead easy! > > The fun bit is that this apparently possible because we have an old > contract (since 2005). Newer contracts don't seem to allow this directly. > > Mark, we'll need to setup a test payment in GBP soonish, so that we > can fully test the system. > That's ace. If you turn the payment system back on for the site I will sign up as a new user and make a payment to test. Thanks for all the hard work as always. Kind regards Mark -- Mark Keating BA (Hons), Writer, Photographer, Cat-Herder. Managing Director: http://www.shadow.cat For more that I do visit: http://www.mdk.me From philippe.bruhat at free.fr Thu Jul 4 09:29:55 2013 From: philippe.bruhat at free.fr (Philippe Bruhat (BooK)) Date: Thu, 4 Jul 2013 09:29:55 +0200 Subject: LPW 2013 In-Reply-To: <20130702122300.GK6761@zlott> References: <51BAF4FC.3040706@shadowcat.co.uk> <51C88EA0.9080900@shadowcat.co.uk> <35ABB792-9B0C-4838-AD83-0D8B6A60DCEB@aperghis.net> <20130630215205.GB6761@zlott> <20130701102644.GE6761@zlott> <20130701112651.GF6761@zlott> <20130702122300.GK6761@zlott> Message-ID: <20130704072955.GA10740@zlott> On Tue, Jul 02, 2013 at 02:23:00PM +0200, Philippe Bruhat (BooK) wrote: > > I've just requested a bank account in GBP for YEF (amazingly, this is free), > which will be connected to our online payment system so that payments in > GBP end up in that account. > This is now setup on the bank side. > Mark, we'll need to setup a test payment in GBP soonish, so that we > can fully test the system. > We can start testing! -- Philippe Bruhat (BooK) Sometimes only by losing the battle can you win the war. (Moral from Groo The Wanderer #117 (Epic)) From m.keating at shadowcat.co.uk Fri Jul 5 12:57:40 2013 From: m.keating at shadowcat.co.uk (Mark Keating) Date: Fri, 05 Jul 2013 11:57:40 +0100 Subject: LPW 2013 In-Reply-To: <20130704072955.GA10740@zlott> References: <51BAF4FC.3040706@shadowcat.co.uk> <51C88EA0.9080900@shadowcat.co.uk> <35ABB792-9B0C-4838-AD83-0D8B6A60DCEB@aperghis.net> <20130630215205.GB6761@zlott> <20130701102644.GE6761@zlott> <20130701112651.GF6761@zlott> <20130702122300.GK6761@zlott> <20130704072955.GA10740@zlott> Message-ID: <51D6A6A4.7060704@shadowcat.co.uk> Can you make me Admin for the site please :) Want to make a news item. -- Mark Keating BA (Hons), Writer, Photographer, Cat-Herder. Managing Director: http://www.shadow.cat For more that I do visit: http://www.mdk.me From m.keating at shadowcat.co.uk Mon Jul 8 11:48:48 2013 From: m.keating at shadowcat.co.uk (Mark Keating) Date: Mon, 08 Jul 2013 10:48:48 +0100 Subject: LPW 2013 In-Reply-To: <51D6A6A4.7060704@shadowcat.co.uk> References: <51BAF4FC.3040706@shadowcat.co.uk> <51C88EA0.9080900@shadowcat.co.uk> <35ABB792-9B0C-4838-AD83-0D8B6A60DCEB@aperghis.net> <20130630215205.GB6761@zlott> <20130701102644.GE6761@zlott> <20130701112651.GF6761@zlott> <20130702122300.GK6761@zlott> <20130704072955.GA10740@zlott> <51D6A6A4.7060704@shadowcat.co.uk> Message-ID: <51DA8B00.2070904@shadowcat.co.uk> On 05/07/2013 11:57, Mark Keating wrote: > Can you make me Admin for the site please :) > > Want to make a news item. > Still need to be Admin for the site - I can't make any News Items or do any work on managing it ;) - Is it something in the config - /me goes to look to make sure he isn't dim -- Mark Keating BA (Hons), Writer, Photographer, Cat-Herder. Managing Director: http://www.shadow.cat For more that I do visit: http://www.mdk.me From chris at prather.org Mon Jul 8 19:40:39 2013 From: chris at prather.org (Chris Prather) Date: Mon, 8 Jul 2013 13:40:39 -0400 Subject: LPW 2013 In-Reply-To: <51DA8B00.2070904@shadowcat.co.uk> References: <51BAF4FC.3040706@shadowcat.co.uk> <51C88EA0.9080900@shadowcat.co.uk> <35ABB792-9B0C-4838-AD83-0D8B6A60DCEB@aperghis.net> <20130630215205.GB6761@zlott> <20130701102644.GE6761@zlott> <20130701112651.GF6761@zlott> <20130702122300.GK6761@zlott> <20130704072955.GA10740@zlott> <51D6A6A4.7060704@shadowcat.co.uk> <51DA8B00.2070904@shadowcat.co.uk> Message-ID: It's not you being dim this time, it's a database entry that needs to be manually set if I recall. -Chris On Mon, Jul 8, 2013 at 5:48 AM, Mark Keating wrote: > On 05/07/2013 11:57, Mark Keating wrote: > >> Can you make me Admin for the site please :) >> >> Want to make a news item. >> >> Still need to be Admin for the site - I can't make any News Items or do > any work on managing it ;) - Is it something in the config - /me goes to > look to make sure he isn't dim > > > -- > Mark Keating BA (Hons), Writer, Photographer, Cat-Herder. > Managing Director: http://www.shadow.cat > For more that I do visit: http://www.mdk.me > > ______________________________**_________________ > Act mailing list > Act at mongueurs.net > http://listes.mongueurs.net/**mailman/listinfo/act > -------------- next part -------------- An HTML attachment was scrubbed... URL: From sebastien at aperghis.net Tue Jul 9 21:12:09 2013 From: sebastien at aperghis.net (=?iso-8859-1?Q?S=E9bastien_Aperghis-Tramoni?=) Date: Tue, 9 Jul 2013 21:12:09 +0200 Subject: LPW 2013 In-Reply-To: <51DA8B00.2070904@shadowcat.co.uk> References: <51BAF4FC.3040706@shadowcat.co.uk> <51C88EA0.9080900@shadowcat.co.uk> <35ABB792-9B0C-4838-AD83-0D8B6A60DCEB@aperghis.net> <20130630215205.GB6761@zlott> <20130701102644.GE6761@zlott> <20130701112651.GF6761@zlott> <20130702122300.GK6761@zlott> <20130704072955.GA10740@zlott> <51D6A6A4.7060704@shadowcat.co.uk> <51DA8B00.2070904@shadowcat.co.uk> Message-ID: Mark Keating wrote: > On 05/07/2013 11:57, Mark Keating wrote: >> Can you make me Admin for the site please :) >> >> Want to make a news item. >> > Still need to be Admin for the site - I can't make any News Items or do any work on managing it ;) - Is it something in the config - /me goes to look to make sure he isn't dim Apologies. You're now admin. -- S?bastien Aperghis-Tramoni Close the world, txEn eht nepO. From andy at shitov.ru Sat Jul 13 09:21:36 2013 From: andy at shitov.ru (Andrew Shitov) Date: Sat, 13 Jul 2013 11:21:36 +0400 Subject: Fwd: Talk updated: Opening. Day 1 In-Reply-To: <1373655255.B1Ec0.47770@spectre.mongueurs.net> References: <1373655255.B1Ec0.47770@spectre.mongueurs.net> Message-ID: Hi, It looks like the user was somehow able to change the description of my talk, while being a regular user with no special rights. ---------- Forwarded message ---------- From: Date: Fri, Jul 12, 2013 at 10:54 PM Subject: Talk updated: Opening. Day 1 To: talks at yapcrussia.org Talk updated: Opening. Day 1 http://act.yapc.eu/ye2013/talk/4490 Submitted by: Eugene Dokukin The following fields have been updated: Abstract: @@ -1,3 +1,7 @@ Welcome to the YAPC::Europe 2013 in Kiev! -A brief information of the conference workflow, small announcements and survival information. +A brief information of the conference workflow, small announcements and survival information. + +P.S. + +Don't forget to visit my talk "Security of Perl and web applications". By: Andrew Shitov Date: Monday, 12 August 2013 10:00 Duration: 10 minutes Target audience: Any Welcome to the YAPC::Europe 2013 in Kiev! A brief information of the conference workflow, small announcements and survival information. P.S. Don't forget to visit my talk "Security of Perl and web applications". TRANSLATEME -- Andrew Shitov ______________________________________________________________________ andy at shitov.ru | http://shitov.ru From domm at cpan.org Sat Jul 13 11:27:52 2013 From: domm at cpan.org (Thomas Klausner) Date: Sat, 13 Jul 2013 11:27:52 +0200 Subject: Fwd: Talk updated: Opening. Day 1 In-Reply-To: References: <1373655255.B1Ec0.47770@spectre.mongueurs.net> Message-ID: <20130713092752.GQ22088@plix.at> Hi! On Sat, Jul 13, 2013 at 11:21:36AM +0400, Andrew Shitov wrote: > +P.S. > + > +Don't forget to visit my talk "Security of Perl and web applications". wow, that's good avertising :-) -- #!/usr/bin/perl http://domm.plix.at for(ref bless{},just'another'perl'hacker){s-:+-$"-g&&print$_.$/} From ddn123456 at gmail.com Sat Jul 13 11:47:13 2013 From: ddn123456 at gmail.com (Dirk De Nijs) Date: Sat, 13 Jul 2013 11:47:13 +0200 Subject: Talk updated: Opening. Day 1 In-Reply-To: <20130713092752.GQ22088@plix.at> References: <1373655255.B1Ec0.47770@spectre.mongueurs.net> <20130713092752.GQ22088@plix.at> Message-ID: <073B9174-2482-4530-AB57-636502E15438@gmail.com> Let's learn from this! Op 13-jul.-2013 om 11:27 heeft Thomas Klausner het volgende geschreven: > Hi! > > On Sat, Jul 13, 2013 at 11:21:36AM +0400, Andrew Shitov wrote: > >> +P.S. >> + >> +Don't forget to visit my talk "Security of Perl and web applications". > > wow, that's good avertising :-) > > > > -- > #!/usr/bin/perl http://domm.plix.at > for(ref bless{},just'another'perl'hacker){s-:+-$"-g&&print$_.$/} > _______________________________________________ > Act mailing list > Act at mongueurs.net > http://listes.mongueurs.net/mailman/listinfo/act From andy at shitov.ru Sun Jul 14 23:40:22 2013 From: andy at shitov.ru (Andrew Shitov) Date: Sun, 14 Jul 2013 23:40:22 +0200 Subject: Talk updated: Opening. Day 1 In-Reply-To: <073B9174-2482-4530-AB57-636502E15438@gmail.com> References: <1373655255.B1Ec0.47770@spectre.mongueurs.net> <20130713092752.GQ22088@plix.at> <073B9174-2482-4530-AB57-636502E15438@gmail.com> Message-ID: Hi, He reported that the user which is logged in can edit any talk by substituting an ID to the talk edit page like that: Insufficient Authorization (WASC-02): http://act.yapc.eu/ye2013/edittalk?talk_id=4931 http://act.yapc.eu/ye2013/edittalk?talk_id=4932 I was not able to reproduce that but could somebody familiar with the Act code please take a look at this? Thank you. On Sat, Jul 13, 2013 at 11:47 AM, Dirk De Nijs wrote: > Let's learn from this! > > Op 13-jul.-2013 om 11:27 heeft Thomas Klausner het volgende geschreven: > >> Hi! >> >> On Sat, Jul 13, 2013 at 11:21:36AM +0400, Andrew Shitov wrote: >> >>> +P.S. >>> + >>> +Don't forget to visit my talk "Security of Perl and web applications". >> >> wow, that's good avertising :-) >> >> >> >> -- >> #!/usr/bin/perl http://domm.plix.at >> for(ref bless{},just'another'perl'hacker){s-:+-$"-g&&print$_.$/} >> _______________________________________________ >> Act mailing list >> Act at mongueurs.net >> http://listes.mongueurs.net/mailman/listinfo/act > _______________________________________________ > Act mailing list > Act at mongueurs.net > http://listes.mongueurs.net/mailman/listinfo/act -- Andrew Shitov ______________________________________________________________________ andy at shitov.ru | http://shitov.ru From tobez at tobez.org Mon Jul 15 00:40:28 2013 From: tobez at tobez.org (Anton Berezin) Date: Mon, 15 Jul 2013 00:40:28 +0200 Subject: Talk updated: Opening. Day 1 In-Reply-To: References: <1373655255.B1Ec0.47770@spectre.mongueurs.net> <20130713092752.GQ22088@plix.at> <073B9174-2482-4530-AB57-636502E15438@gmail.com> Message-ID: <20130714224028.GX26604@heechee.tobez.org> I was able to reproduce it. On Sun, Jul 14, 2013 at 11:40:22PM +0200, Andrew Shitov wrote: > Hi, > > He reported that the user which is logged in can edit any talk by > substituting an ID to the talk edit page like that: > > Insufficient Authorization (WASC-02): > http://act.yapc.eu/ye2013/edittalk?talk_id=4931 > http://act.yapc.eu/ye2013/edittalk?talk_id=4932 > > I was not able to reproduce that but could somebody familiar with the > Act code please take a look at this? > > Thank you. > > > > On Sat, Jul 13, 2013 at 11:47 AM, Dirk De Nijs wrote: > > Let's learn from this! > > > > Op 13-jul.-2013 om 11:27 heeft Thomas Klausner het volgende geschreven: > > > >> Hi! > >> > >> On Sat, Jul 13, 2013 at 11:21:36AM +0400, Andrew Shitov wrote: > >> > >>> +P.S. > >>> + > >>> +Don't forget to visit my talk "Security of Perl and web applications". > >> > >> wow, that's good avertising :-) > >> > >> > >> > >> -- > >> #!/usr/bin/perl http://domm.plix.at > >> for(ref bless{},just'another'perl'hacker){s-:+-$"-g&&print$_.$/} > >> _______________________________________________ > >> Act mailing list > >> Act at mongueurs.net > >> http://listes.mongueurs.net/mailman/listinfo/act > > _______________________________________________ > > Act mailing list > > Act at mongueurs.net > > http://listes.mongueurs.net/mailman/listinfo/act > > > > -- > Andrew Shitov > ______________________________________________________________________ > andy at shitov.ru | http://shitov.ru > _______________________________________________ > Act mailing list > Act at mongueurs.net > http://listes.mongueurs.net/mailman/listinfo/act -- Our society can survive even a large amount of irrational regulation. -- John McCarthy From philippe.bruhat at free.fr Tue Jul 23 10:52:03 2013 From: philippe.bruhat at free.fr (Philippe Bruhat (BooK)) Date: Tue, 23 Jul 2013 10:52:03 +0200 Subject: Talk updated: Opening. Day 1 In-Reply-To: <20130714224028.GX26604@heechee.tobez.org> References: <1373655255.B1Ec0.47770@spectre.mongueurs.net> <20130713092752.GQ22088@plix.at> <073B9174-2482-4530-AB57-636502E15438@gmail.com> <20130714224028.GX26604@heechee.tobez.org> Message-ID: <20130723085203.GK3579@zlott> On Mon, Jul 15, 2013 at 12:40:28AM +0200, Anton Berezin wrote: > I was able to reproduce it. > S?bastien and I think we have found the bug. We will fix the production server on Saturday, during the patch -p0 hackathon. Given that this bug has been live for the past 6 years or so, I think that: - it can wait a few more days - we have a very nice community -- Philippe Bruhat (BooK) The greatest monster of them all is ignorance. (Moral to Pal'n Drumm Story in Groo #89 (Epic)) From andy at shitov.ru Wed Jul 31 11:13:13 2013 From: andy at shitov.ru (Andrew Shitov) Date: Wed, 31 Jul 2013 11:13:13 +0200 Subject: 500 Message-ID: Hi guys, Yesterday there was a number of 500 internal server error on the ye2013 Act instance. I just got one again today. Is it a problem on the server or increased load or such? Could someone please take a look at this? Thank you. -- Andrew Shitov ______________________________________________________________________ andy at shitov.ru | http://shitov.ru -------------- section suivante -------------- Une pi?ce jointe HTML a ?t? nettoy?e... URL: From sebastien at aperghis.net Wed Jul 31 11:56:23 2013 From: sebastien at aperghis.net (=?utf-8?Q?S=C3=A9bastien?= Aperghis-Tramoni) Date: Wed, 31 Jul 2013 11:56:23 +0200 (CEST) Subject: 500 In-Reply-To: Message-ID: <115096761.358683919.1375264583655.JavaMail.root@spooler3-g27.priv.proxad.net> Andrew Shitov a ?crit : > Hi guys, Hello Andrew, > Yesterday there was a number of 500 internal server error on the > ye2013 Act instance. I just got one again today. Is it a problem on > the server or increased load or such? Could someone please take > a look at this? There doesn't seem to be an increased load. The only difference is that since saturday, the server is running using the code from the github repository, branch master. It seem that some of the included changes have the effect to make Apache segfaults pretty hard: [Wed Jul 31 11:09:27 2013] [notice] child pid 20883 exit signal Bus error (10) [Wed Jul 31 11:09:38 2013] [notice] child pid 20845 exit signal Bus error (10) [Wed Jul 31 11:09:49 2013] [notice] child pid 20840 exit signal Segmentation fault (11) [Wed Jul 31 11:09:54 2013] [notice] child pid 20849 exit signal Bus error (10) Bad free() ignored (PERL_CORE) at /usr/local/lib/perl5/site_perl/5.8.9/Wiki/Toolkit/Store/Database.pm line 118. [Wed Jul 31 11:09:55 2013] [error] Bizarre copy of UNKNOWN in helem at /usr/local/lib/perl5/site_perl/5.8.9/Wiki/Toolkit.pm line 141.\n then it regularly generates these errors: [Wed Jul 31 11:10:55 2013] [error] Bizarre copy of UNKNOWN in sassign at /usr/local/lib/perl5/site_perl/5.8.9/mach/Apache/Request.pm line 36.\n Like yesterday, I restarted Apache, but it doesn't look very promising. I guess we'll have to somehow patch the wiki part so it doesn't make Apache crash again. -- S?bastien Aperghis-Tramoni Close the world, txEn eht nepO.