#dev | Logs for 2014-03-19
« return
[01:25:46] -!- Tachyon has quit [Ping timeout: 246 seconds]
[01:55:36] -!- Tachyon [Tachyon!Tachyon@hollhb.kolej.mff.cuni.cz] has joined #dev
[02:06:31] FoobarBazbot is now known as FoobarBazbot|afk
[02:16:09] -!- zford has quit [Quit: Goodbye]
[02:34:56] FoobarBazbot|afk is now known as FoobarBazbot
[02:36:36] FoobarBazbot is now known as FoobarBazbot|watch
[02:42:17] -!- dan has quit [Quit: dan]
[02:44:16] FoobarBazbot|watch is now known as FoobarBazbot|watch|afk
[02:44:35] FoobarBazbot|watch|afk is now known as FoobarBazbot
[02:46:07] FoobarBazbot is now known as FoobarBazbot|watch
[02:54:01] FoobarBazbot|watch is now known as FoobarBazbot
[02:58:19] FoobarBazbot is now known as FoobarBazbot|watch
[03:21:37] -!- Tachyon has quit [Ping timeout: 246 seconds]
[03:25:55] FoobarBazbot|watch is now known as FoobarBazbot
[03:28:50] FoobarBazbot is now known as FoobarBazbot|watch
[03:43:56] -!- MrBluze [MrBluze!~daniel@Soylent/Staff/IRC/MrBluze] has joined #dev
[03:45:00] FoobarBazbot|watch is now known as FoobarBazbot|watch|afk
[03:58:28] -!- mrcoolbp [mrcoolbp!~mrcoolbp@Soylent/Staff/mrcoolbp] has joined #dev
[04:00:41] -!- NightHawk [NightHawk!~dce96b2a@56.861.447.934.static.exetel.com.au] has joined #dev
[04:01:14] <NightHawk> Possible bug to report, is it a known issue that the achievements page doesn't work properly?
[04:01:31] FoobarBazbot|watch|afk is now known as FoobarBazbot
[04:05:01] -!- MrBluze has quit [Ping timeout: 246 seconds]
[04:06:03] <mrcoolbp> Nighthawk, I belive it is, we have a lot of code rolling out soon
[04:06:10] <mrcoolbp> I can check the bug tracker if you like
[04:09:43] <NightHawk> Feel free, i'm not a dev, just wanted to point it out.
[04:11:15] <NightHawk> Got a msg saying you've unlocked 'days viewed......' but the link to ~me/achievements/ just shows the same page as ~me/
[04:11:34] <mrcoolbp> I know that whole user section is a little screwy
[04:11:53] <mrcoolbp> as I said a lot of it has been re-worked and is awaiting a huge code deployment
[04:12:48] <NightHawk> Fair enough, thats only the 2nd bug I think I've noticed, so you're doing well :-)
[04:15:13] -!- NightHawk [NightHawk!~dce96b2a@56.861.447.934.static.exetel.com.au] has parted #dev
[04:15:18] <mrcoolbp> thanks, there are most definitely more, but hopefully we've swatted at enough that it should be even more negligible in a few days.....
[04:15:21] <mrcoolbp> oh he left
[04:15:22] <mrcoolbp> oh well
[06:17:06] -!- mrcoolbp has quit []
[06:44:54] FoobarBazbot is now known as FoobarBazbot|afk
[06:46:45] FoobarBazbot|afk is now known as FoobarBazbot
[06:52:01] FoobarBazbot is now known as FoobarBazbot|afk
[06:53:20] FoobarBazbot|afk is now known as FoobarBazbot
[06:55:57] FoobarBazbot is now known as FoobarBazbot|afk
[06:57:11] FoobarBazbot|afk is now known as FoobarBazbot
[07:05:30] FoobarBazbot is now known as FoobarBazbot|afk
[07:35:01] -!- combatserver [combatserver!~chatzilla@k-21-827-19-772.hsd5.wa.comcast.net] has joined #dev
[07:37:13] <combatserver> Heya, folks. Just a heads-up. When not logged in, only parent posts are being expanded (even the trolls), while NONE of the responses are being expanded (even ones moderated higher than the expanded posts). Much like I assumed /. was pushing certain posts that same way, it appears that we are too, until you realize that only parent posts are being expanded.
[07:37:38] <combatserver> Either way, very easy to come to the wrong conclusion.
[07:37:44] <combatserver> I did.
[07:47:57] -!- combatserver has quit [Quit: zzz]
[08:37:46] -!- crutchy [crutchy!~cb811792@724-640-25-593.cust.aussiebb.net] has joined #dev
[08:57:30] -!- Tachyon [Tachyon!Tachyon@2002:4e80:oqgk::rknq:jgvp] has joined #dev
[09:40:02] -!- stdhell [stdhell!~pohol@GetOffMyLawn/stderr] has joined #dev
[10:26:10] -!- MrBluze_ [MrBluze_!~daniel@Soylent/Staff/IRC/MrBluze] has joined #dev
[10:41:28] MrBluze_ is now known as MrBluze
[11:19:15] MrBluze is now known as MrBluze__
[11:46:04] -!- MrBluze__ has quit [Quit: Konversation terminated!]
[12:35:58] -!- Bender has quit [Remote host closed the connection]
[12:37:24] -!- Bender [Bender!sylnt@Soylent/Bot/Bender] has joined #dev
[13:37:13] -!- crutchy [crutchy!~cb811792@724-640-25-593.cust.aussiebb.net] has parted #dev
[14:21:39] -!- Bender has quit [Remote host closed the connection]
[14:22:05] -!- Bender [Bender!sylnt@Soylent/Bot/Bender] has joined #dev
[14:22:52] FoobarBazbot|afk is now known as FoobarBazbot
[14:46:55] -!- FoobarBazbot has quit [Ping timeout: 246 seconds]
[14:50:25] -!- FoobarBazbot_ has quit [Ping timeout: 246 seconds]
[14:51:20] -!- FoobarBazbot [FoobarBazbot!~FoobarBaz@orra-63.196.137.35.nptpop-79cis62-dial-sub.rdns-bnin.net] has joined #dev
[14:57:42] -!- FoobarBazbot_ [FoobarBazbot_!~FoobarBaz@orra-63.196.137.35.nptpop-79cis62-dial-sub.rdns-bnin.net] has joined #dev
[15:23:19] -!- mrcoolbp [mrcoolbp!~mrcoolbp@Soylent/Staff/mrcoolbp] has joined #dev
[15:33:41] FoobarBazbot is now known as FoobarBazbot|afk
[17:03:45] -!- stdhell has quit [Quit: Leaving]
[17:29:19] -!- Tachyon has quit [Ping timeout: 246 seconds]
[17:48:57] -!- song-of-the-pogo [song-of-the-pogo!~song-of-t@Soylent/Users/1315/song-of-the-pogo] has joined #dev
[17:56:56] -!- Tachyon [Tachyon!Tachyon@hollhb.kolej.mff.cuni.cz] has joined #dev
[18:13:25] -!- G-forze has quit [Ping timeout: 246 seconds]
[18:41:00] -!- song-of-the-pogo has quit [Quit: beer! cheese! bacon!!]
[18:51:25] <NCommander> Any perl gurus around?
[18:52:12] <mrcoolbp> NCommander: we should make a post on the front page
[18:52:53] <NCommander> mrcoolbp, rather not be alarmist
[18:53:21] <mrcoolbp> NCommander: oh, I meant regarding volunteers
[18:55:46] -!- mrcoolbp has quit []
[19:42:57] -!- G-forze [G-forze!~nicke@jp336.netikka.fi] has joined #dev
[19:47:05] -!- Tachyon has quit [Read error: Connection reset by peer]
[19:48:14] -!- Tachyon [Tachyon!Tachyon@hollhb.kolej.mff.cuni.cz] has joined #dev
[19:54:58] <NCommander> Huh
[19:55:03] <NCommander> slashcode has an official IRC server
[20:57:07] <stderr> Are you talking about the one that haven't been used by anyone from slashdot-staff in years?
[20:58:29] <stderr> NCommander: I wouldn't say I'm a perl "guru", but I do write perl... I can't promise I can answer, but what do you need?
[20:59:03] <NCommander> stderr, security review of Environent.pm
[20:59:16] <NCommander> I suspect its an SQL injection
[20:59:29] <stderr> That wouldn't surprise me at all... :-/
[21:00:19] <NCommander> stderr, I suspect its something similar to the last two security flaws posted on slashcode.com
[21:01:05] <stderr> Do we have any idea where in that file?
[21:01:20] <stderr> Or you want me to read all of it?
[21:01:28] <NCommander> stderr, I suspect its in the sanitization functions
[21:01:38] <NCommander> Which are ... ahem
[21:01:40] <NCommander> less than useful
[21:01:47] <NCommander> due to the way they work
[21:01:58] <NCommander> (line ~1200-ish, look for a big list of variable names)
[21:02:30] <NCommander> stderr, this is the type of exploit I think we're looking for: http://slashcode.com
[21:09:42] <stderr> BTW: Did you upload those .deb files?
[21:26:04] <NCommander> stderr, no
[21:32:14] -!- Bender has quit [Remote host closed the connection]
[21:32:27] -!- crutchy [crutchy!~cb811792@724-640-25-593.cust.aussiebb.net] has joined #dev
[21:32:58] -!- Bender [Bender!sylnt@Soylent/Bot/Bender] has joined #dev
[21:54:10] <stderr> NCommander: I'm sorry, but I can't even find the stuff you're talking about... :-(
[21:55:46] <NCommander> stderr, let me find the line number
[21:56:13] <stderr> NCommander: Can it wait till tomorrow when I have much better time?
[21:56:35] <NCommander> stderr, sure, sub filter_param {
[21:57:24] <stderr> 2085 = 1200-ish ? :-)
[21:57:42] <stderr> No wonder I couldn't find it.
[22:03:27] <stderr> I haven't studied it in depth yet, but it seems to be filtering alright... EXCEPT it only filters some parameters (for good reasons)... E.g. a comment can contain pretty much everything, so it can't really that in such a simple way.
[22:04:15] <stderr> It would IMHO be much more sane to make some prepared statements and then execute those. As far as I can tell that would solve all of those problems.
[22:06:00] -!- xlefay [xlefay!~xlefay@Soylent/Staff/IRC/xlefay] has joined #dev
[22:14:20] -!- combatserver [combatserver!~chatzilla@k-21-827-19-772.hsd5.wa.comcast.net] has joined #dev
[22:15:21] <combatserver> NCom present?
[22:16:59] -!- combatserver [combatserver!~chatzilla@k-21-827-19-772.hsd5.wa.comcast.net] has parted #dev
[22:22:50] FoobarBazbot|afk is now known as FoobarBazbot
[22:32:49] -!- crutchy has quit [Quit: Web client closed]
[23:26:05] <NCommander> com-
[23:26:06] <NCommander> Yeah
[23:26:08] <NCommander> fuck
[23:26:29] <NCommander> stderr, slash predates SQL prepared statements
[23:26:33] <NCommander> stderr, we need a real database
[23:27:51] <stderr> Like PostgreSQL?
[23:28:01] <stderr> That is one of our goals, right?
[23:29:06] <xlefay> "A real database" ^
[23:29:17] <xlefay> Thus yes, PostgreSQL would fit that description ;-)
[23:29:21] <xlefay> MySQL, not so much.
[23:33:06] <NCommander> eh
[23:33:10] <NCommander> les just use Oracle!
[23:33:15] <NCommander> Then we have 10 problems
[23:33:33] <xlefay> 11* because oracle can't count
[23:36:06] <stderr> 12* because they probably don't start at 0 like real men.
[23:36:32] <xlefay> Does that mean Bender's a fake man too?
[23:36:33] <stderr> The first rule of computer club is... rule #0.
[23:36:48] <xlefay> ^
[23:37:40] <stderr> Yes, Bender isn't a real man... (It's a bot in case you hadn't noticed...)
[23:38:14] <xlefay> rorfl
[23:39:33] <stderr> Ruby On Rails Floor Laughing?
[23:39:37] <stderr> What?!
[23:39:59] <xlefay> rofl*
[23:57:13] -!- NCommander has quit [Killed (kobach (fatality))]
[23:57:14] -!- NCommander [NCommander!~mcasadeva@2600:3c00::gkjo:ggkm:vshr:juyz] has joined #dev