« Plugin revs
New revs - Public comments
Resize images no in Wedge? »

Arantor

  • As powerful as possible, as complex as necessary.
  • Posts: 14,278
Re: New revs - Public comments
« Reply #525, on January 23rd, 2013, 02:25 PM »
Almost nothing gets cached anyway.

I can't just blindly remove everything because other parts still use it! Do a search on read_tgz and see what you find...
Posted: January 23rd, 2013, 02:25 PM

Yes even Aeva uses it...
When we unite against a common enemy that attacks our ethos, it nurtures group solidarity. Trolls are sensational, yes, but we keep everyone honest. | Game Memorial

Nao

  • Dadman with a boy
  • Posts: 16,082
Re: New revs - Public comments
« Reply #526, on January 23rd, 2013, 02:41 PM »
Quote from Arantor on January 23rd, 2013, 02:25 PM
Almost nothing gets cached anyway.
Oh... Are you sure?
Quote
I can't just blindly remove everything because other parts still use it! Do a search on read_tgz and see what you find...
I didn't mean to remove these functions anyway... I was mostly talking about anything directly related to packages.
For instance, do we really need to keep functions like parsePackageInfo (never called anywhere), parse_path (only used in parsePackageInfo..), packageRequireFTP (never used), package_crypt (only used in packageRequireFTP and create_chmod_control, which I'm not sure we need at all?), or listtree (never used)?
These are the functions I noted as 'deletable' in Subs-Package, in addition to listInstalledPackages...

Arantor

  • As powerful as possible, as complex as necessary.
  • Posts: 14,278

Nao

  • Dadman with a boy
  • Posts: 16,082
Re: New revs - Public comments
« Reply #528, on January 23rd, 2013, 03:01 PM »
Well I did the search work for you... :P Didn't actually remove anything but listInstalled, so I'll just commit 'as is' and will trust you with the rest.

Arantor

  • As powerful as possible, as complex as necessary.
  • Posts: 14,278
Re: New revs - Public comments
« Reply #529, on January 23rd, 2013, 03:27 PM »
Don't you mean "byte me" in reference to Android icon? :lol: I shouldn't try to be funny after only just having breakfast.

Also, yes, it will all go, I did think of removing the log table last night but saw it had at least two references and couldn't be arsed chasing them down last night.

Nao

  • Dadman with a boy
  • Posts: 16,082
Re: New revs - Public comments
« Reply #530, on January 23rd, 2013, 04:12 PM »
Quote from Arantor on January 23rd, 2013, 03:27 PM
Don't you mean "byte me" in reference to Android icon? :lol: I shouldn't try to be funny after only just having breakfast.
Well I thought the pun was obvious to begin with........ :whistle:
Oh, and when zipped (dunno about gzipped), it's "only" 3 extra bytes.
Quote
Also, yes, it will all go, I did think of removing the log table last night but saw it had at least two references and couldn't be arsed chasing them down last night.
I just finished reviewing your latest commit, and didn't realize you'd already removed that much ;)
I can understand you'd be tired at some point!

Arantor

  • As powerful as possible, as complex as necessary.
  • Posts: 14,278
Re: New revs - Public comments
« Reply #531, on January 23rd, 2013, 04:56 PM »
It is a pretty big change, and I was trying to prune language strings as I went...

Nao

  • Dadman with a boy
  • Posts: 16,082
Re: New revs - Public comments
« Reply #532, on January 23rd, 2013, 05:54 PM »
Yup, I can see that, and in French too ;)

Re: parse_bbc(), I'll leave it as it is for now... Feel free to change it by yourself if you feel inspired!
Re: New revs - Public comments
« Reply #533, on January 29th, 2013, 10:42 AM »
So, I'm looking at the latest commit, plenty of good stuff, and a couple of things that required my attention:

- error.lock (cool thing BTW) is never created. Why doesn't it go through the same logic as the other lock file..? :geek:

- It's amusing that I never understood the logic in that Subs-Login block, and with your rewrite it's even fuzzier in my mind... :lol:

- The ob_end_clean() function is often called in SMF/Wedge, but never the same way. Sometimes it's just it, other times it's done with a while() on ob_get_level(), and finally my method: a single-line while (@ob_end_clean()); that will delete all buffers and stop at the last (because when none are left, PHP returns false.)
I modified all of the calls that seemed to require deleting all buffers, to do that single-line while() instead. Hopefully everything'll be okay.

- ob_end_clean() is called multiple times in the anti-prefetch code. I'm bothered with that one. First of all, having the same code repeated all over Wedge is a bit ugly, so I moved it to Subs.php in a preventPrefetch() function.
I need opinions on two things here:

- I added a $always parameter to it specifically for the call in MessageIndex, because it also sends a 403 when trying to load a board while the action is attempting to load an attachment. So this becomes basically preventPrefetch($and_also_if_loading_attachment), where $always will bypass the prefetcher test. That seems ugly to me... Isn't it?

- If MessageIndex prevents loading topics to ensure they're not 'read', why not do the same on topic pages..? Prefetching the next page means that if you're on a topic with 10 unread pages, next time you click on the topic from the MessageIndex list, you'll have skipped an entire page because it was marked as read... Instead of preventing prefetching, we could also just check whether the prefetcher is loading the current page, and if yes, skip updating the topic read/page read tables... But that means when we get to reading the actual page, it's loaded from the cache, and thus the tables aren't updated either. It would make more sense if prefetchers also sent an asynchronous extra request to that page to tell it that it's actually been read... But it's unrealistic to expect them to do it.
- At this point, do we want prefetchers at all on Wedge?! If not, then... robots.txt... Disallow Fasterfox. There may be other prefetchers to prevent, too. Or just add a rule to the htaccess file, I dunno.

Woohoo, Opera has just changed my textarea's font to a serif font... WHILE TYPING.?
Good job! And then it crashed on me. At least that serif problem was a good warning. Then I launched Chrome, and it crashed on me before I had time to send this.

It's interesting that back in my Windows XP + 2GB RAM days, I was able to run Opera with up to 900 tabs, albeit very slowly...
Now with Windows 7 + 8GB RAM, I've never been able to get above 200 tabs in Opera without it making my life hell, and Chrome is actually behaving better but after 400 tabs it's also much harder to work with...
Anyway!

Arantor

  • As powerful as possible, as complex as necessary.
  • Posts: 14,278
Re: New revs - Public comments
« Reply #534, on January 29th, 2013, 01:50 PM »
Quote from Nao on January 29th, 2013, 10:42 AM
So, I'm looking at the latest commit, plenty of good stuff, and a couple of things that required my attention:

- error.lock (cool thing BTW) is never created. Why doesn't it go through the same logic as the other lock file..? :geek:
Because while cache.lock should be present at all times, error.lock probably won't be for a good number of people. The @touch should create it.
Quote from Nao on January 29th, 2013, 10:42 AM
- It's amusing that I never understood the logic in that Subs-Login block, and with your rewrite it's even fuzzier in my mind... :lol:
Don't worry, it took me a few goes to make sense of it.
Quote from Nao on January 29th, 2013, 10:42 AM
- The ob_end_clean() function is often called in SMF/Wedge, but never the same way. Sometimes it's just it, other times it's done with a while() on ob_get_level(), and finally my method: a single-line while (@ob_end_clean()); that will delete all buffers and stop at the last (because when none are left, PHP returns false.)
I modified all of the calls that seemed to require deleting all buffers, to do that single-line while() instead. Hopefully everything'll be okay.
That should be fine. Most of the original uses of it predate being able to rely on ob_get_level which only became available in PHP 4.2 (SMF used to support PHP 4.1)

It always seemed to me to be clearer to indicate what you're doing and the one-liner, while efficient and compact, is not exactly conducive to its meaning. I'm cool with it, until I forget what it does and have to mentally shift to make sense of it ;)
Quote from Nao on January 29th, 2013, 10:42 AM
- ob_end_clean() is called multiple times in the anti-prefetch code. I'm bothered with that one. First of all, having the same code repeated all over Wedge is a bit ugly, so I moved it to Subs.php in a preventPrefetch() function.
I need opinions on two things here:
I don't remember that in the anti-prefetch code. I thought it just caused things to die if it was trying to process a prefetch.
Quote from Nao on January 29th, 2013, 10:42 AM
- I added a $always parameter to it specifically for the call in MessageIndex, because it also sends a 403 when trying to load a board while the action is attempting to load an attachment. So this becomes basically preventPrefetch($and_also_if_loading_attachment), where $always will bypass the prefetcher test. That seems ugly to me... Isn't it?
I'm not sure I follow how we get from messageindex to attachment :/ But I've only just got up.
Quote from Nao on January 29th, 2013, 10:42 AM
- If MessageIndex prevents loading topics to ensure they're not 'read', why not do the same on topic pages..? Prefetching the next page means that if you're on a topic with 10 unread pages, next time you click on the topic from the MessageIndex list, you'll have skipped an entire page because it was marked as read... Instead of preventing prefetching, we could also just check whether the prefetcher is loading the current page, and if yes, skip updating the topic read/page read tables... But that means when we get to reading the actual page, it's loaded from the cache, and thus the tables aren't updated either. It would make more sense if prefetchers also sent an asynchronous extra request to that page to tell it that it's actually been read... But it's unrealistic to expect them to do it.
Doesn't the display code have a prevent prefetch on it as well? Could have sworn it did.
Quote from Nao on January 29th, 2013, 10:42 AM
- At this point, do we want prefetchers at all on Wedge?! If not, then... robots.txt... Disallow Fasterfox. There may be other prefetchers to prevent, too. Or just add a rule to the htaccess file, I dunno.
The thing about prefetchers is that most of the time it's done purely with headers which can't always be sifted out so easily. Remember, not everyone uses Apache and not everyone has htaccess files even if using Apache.
Quote from Nao on January 29th, 2013, 10:42 AM
Woohoo, Opera has just changed my textarea's font to a serif font... WHILE TYPING.?
Good job! And then it crashed on me. At least that serif problem was a good warning. Then I launched Chrome, and it crashed on me before I had time to send this.

It's interesting that back in my Windows XP + 2GB RAM days, I was able to run Opera with up to 900 tabs, albeit very slowly...
Now with Windows 7 + 8GB RAM, I've never been able to get above 200 tabs in Opera without it making my life hell, and Chrome is actually behaving better but after 400 tabs it's also much harder to work with...
Anyway!
You should use a real browser like Chrome instead of this hipster Opera :P :P :lol:

Nao

  • Dadman with a boy
  • Posts: 16,082
Re: New revs - Public comments
« Reply #535, on January 29th, 2013, 06:08 PM »
Quote from Arantor on January 29th, 2013, 01:50 PM
Don't worry, it took me a few goes to make sense of it.
Everything related to logging in escapes me, actually.
Guess what is the latest thing my girlfriend asked me..? She wants me to build her a small testcase where I'll supply a form for her to log into a site, and generate a session cookie. I'm okay with the form, but... Oh my, I know the basics of cookies and session communication, but it suddenly seems like I can't do anything about this! Argh.
Quote
It always seemed to me to be clearer to indicate what you're doing and the one-liner, while efficient and compact, is not exactly conducive to its meaning. I'm cool with it, until I forget what it does and have to mentally shift to make sense of it ;)
Oh, I'm sure you'll at least remember this conversation....
Quote
I don't remember that in the anti-prefetch code. I thought it just caused things to die if it was trying to process a prefetch.
Yep, but before dying it deletes the buffers. I guess the idea is that there's no reason to waste time calling gzipping and sessrewrite just for an error message that's here to save bandwidth...
Quote
I'm not sure I follow how we get from messageindex to attachment :/ But I've only just got up.
The 'particular' piece of code was in Load.php, IIRC, not MessageIndex, sorry about that.
But MI still has a preventPrefetch() call. And Display doesn't, to answer your question.
Quote
The thing about prefetchers is that most of the time it's done purely with headers which can't always be sifted out so easily. Remember, not everyone uses Apache and not everyone has htaccess files even if using Apache.
I don't even know if people still use prefetchers these days... And whether or not Fasterfox is still the only one around!
Also, robots.txt isn't an Apache tech, so it should work on every server. (Provided the file is uploaded at the root of the domain name, if available.......)

Arantor

  • As powerful as possible, as complex as necessary.
  • Posts: 14,278
Re: New revs - Public comments
« Reply #536, on January 29th, 2013, 06:55 PM »
Quote
Everything related to logging in escapes me, actually.
Essentially this is about cases where users attempt to log in, fail, and we don't let them log in too many times.
Quote
Guess what is the latest thing my girlfriend asked me..? She wants me to build her a small testcase where I'll supply a form for her to log into a site, and generate a session cookie. I'm okay with the form, but... Oh my, I know the basics of cookies and session communication, but it suddenly seems like I can't do anything about this! Argh.
The complexity of the testcase is the key thing here. If it's just about setting a session on validation then logging in, that's about as easy as it gets. Anything more than that really depends on how hardened it has to be against brute forcing.
Quote
Oh, I'm sure you'll at least remember this conversation....
Probably. Or more likely I'll find it, think WTF, remember that we discussed it, then swear at the search facility for a moment until I find this conversation.
Quote
The 'particular' piece of code was in Load.php, IIRC, not MessageIndex, sorry about that.
But MI still has a preventPrefetch() call. And Display doesn't, to answer your question.
Display.php, lines 86-92...?
Quote
I don't even know if people still use prefetchers these days... And whether or not Fasterfox is still the only one around!
Also, robots.txt isn't an Apache tech, so it should work on every server. (Provided the file is uploaded at the root of the domain name, if available.......)
robots.txt isn't an Apache tech, no. But not all prefetchers respect it, which brings me back to things in the headers (i.e. like FF used to do, hence the test for the X-Moz header) which can't be sifted out in robots.txt, but can in htaccess - if you're using Apache.

Nao

  • Dadman with a boy
  • Posts: 16,082
Re: New revs - Public comments
« Reply #537, on January 29th, 2013, 11:31 PM »
Quote from Arantor on January 29th, 2013, 06:55 PM
Essentially this is about cases where users attempt to log in, fail, and we don't let them log in too many times.
I understand the basic idea, just not the execution... ;)
Quote
The complexity of the testcase is the key thing here. If it's just about setting a session on validation then logging in, that's about as easy as it gets. Anything more than that really depends on how hardened it has to be against brute forcing.
I don't think security is an important matter here, it's mostly about an intranet thingy...
I don't even get what she needs exactly. Apparently it's some complicated tech and they need to have a cookie in their browser that already contains the ID and password info, and transmit it to the remote server to get access without having to actually do the logging in... Except that AFAIK, it's not possible to locally create a cookie that's "visible" to a remote server without actually being on it first... (?) Maybe it could be done via the stuff we discussed the other day about a remote server for serving downloads... But I don't even know if that's what her team wants.
I'm telling you, it's complicated...
Quote
Probably. Or more likely I'll find it, think WTF, remember that we discussed it, then swear at the search facility for a moment until I find this conversation.
Oh, reminds me, how about implementing that select box for search scoping?
Or do you want me to copy-paste it directly from my noisen code? No problem really... I just tend to forget it ;)
Quote
Display.php, lines 86-92...?
Yes indeed, the problem was that I unchecked that file when committing (because of a partial commit I didn't wanna do), and then only based my assumption on the changelog list of files, ah ah.
Only problem, once I committed... I forgot to remove said partial commit from the file :P
So it has a paragraph now, that should be gone... And I think I'll also remove it locally. I wanted to add an e-mail icon in the mini-menu, but it isn't worth the effort -- it can be found in the profile area, and for guests the mini-menu doesn't show up anyway and it's replaced by said e-mail icon... Anyway! I removed the paragraph locally, it'll be in my next commit.
Quote
robots.txt isn't an Apache tech, no. But not all prefetchers respect it, which brings me back to things in the headers (i.e. like FF used to do, hence the test for the X-Moz header) which can't be sifted out in robots.txt, but can in htaccess - if you're using Apache.
But if Display prevents prefetching, WHERE the hell is it actually USEFUL to have prefetching...? Lol. Might as well prevent it entirely...
At worst, we should actually do that test right at the beginning, e.g. in index.php, instead of while in the action array.

MultiformeIngegno

  • Posts: 1,337

Nao

  • Dadman with a boy
  • Posts: 16,082
Re: New revs - Public comments
« Reply #539, on February 3rd, 2013, 10:16 PM »
Bump for my post above. I think that doing that robots.txt thing or htaccess or whatever should be discussed.

@Lorenzo> I'm surprised a CDN not advertised on jquery.com would offer it..? Anyway, isn't this only for cloudflare customers?
I wouldn't be fussed over whether we should add it or not, but I just don't know if they're going to keep up with jQuery's releases, precisely because they're not officially sanctioned. It'd be a disaster if I started having to check whether all CDNs provide the version I'm targeting... Right now I'm only doing a special test for beta versions -- forcing the CDN to code.jquery.com (which is the only one to host beta versions), in case a beta or RC tag is found in the filename. (I think that one's a good idea. :cool:)
Quote from Arantor on February 3rd, 2013, 04:29 AM
! Did I mention that I love the @language embedding into script files?
I'm not sure, but that's the idea :)

I've had a look at your code, and you're too kind with suggest.js, you shouldn't have kept the opt.sTextDeletItem stuff at all I'd say... ;) Who's going to change it anyway..? A plugin? Bad semantics, bad karma!

Also, I was thinking we could rename pm.js to member.js and instead include in that file all of the small functions that aren't targeted to guests... e.g. the draft auto-save, things like that. But if it forces members to load the PM JS code on every page where draft auto-saving is required (for instance), it might not be that helpful.
Haven't looked at all the functions that could benefit from being moved there.
Quote
Set a default string from index, set it once and never have to explicitly set it again in any of the multiple places it is called (unless you *really* want to).
Yup, definitely the idea ;)
Quote
All this for the 'delete item' help text on the auto suggest... it's the same everywhere, so just embed it in to the suggester as a default! It bugged me, mkay? (all files)
Yep yep yep, my you're scaring me! :lol:
Quote
@ And since it's now embedded in the suggest file, it will not only be gzipped and cached, it no longer has to be inlined into all the pages it's in, or declared in those pages where used. I would imagine that's actually a tidy little saving everywhere that uses the auto suggester, all in all. Every little helps.
Okay, seriously... Have I started tainting you with my madness? I'm so sorry... :^^;:

Anyway, I did a few @language stunts when I implemented the thing, then I pretty much stopped because of a bug which I only fixed recently, and then I was too busy with other things to think of it.

I looked into the code and found some more...

- txt.done in spellcheck.js -- however, I'd advise against adding it for one reason: if you're not using the default language, you'll get another instance of your language name in the spellcheck JS URL, while the txt.done string seems to be initialized only in the spellcheck popup. Actually, I'd be interested in knowing why spellcheck.js is loaded at all in the editor, when all of the operations are done from the popup (which can load the JS file by itself...)

- your very own draft auto-save code :) I don't think there's anything preventing that one from being passed on.

- the YUI uploader -- we need to rewrite it to use HTML5, by the way... :-/

- the upshrink description for toggles could be a 'default' instead of being explicitly set (it's the only text string that's actually sent to them, except from a few "-" here and there.) Either with something like altExpanded: 'default', or not setting it at all in the HTML -- although we'd have to ensure that it 'works' on all toggles that don't specify an alt. It's important to check on this one -- it's on every single page! :)

- message_txt_delete in wedgeAttachSelect is a given :)

- register.js always uses the same regTextStrings, with the Register page adding a few strings compared to the Reminder page. We could, instead of sending the text strings, send a boolean determining whether register.js will use one set of strings or the other.

That's all I could find for now... (Okay, "forever", since I'm unlikely to do that again!)
I searched through "JavaScriptEscape($txt", by the way, in case you know of a few places where we don't sanitize the strings when passing them to JS. I don't think there are any ;)

Do you want to do them all, or split the job, or let me do them?
Whichever you prefer. Right now I'm busy at work on splitting skeleton stuff anyway.
« Plugin revs
Resize images no in Wedge? »