Re: [Radiant] Security Update to Rails 2.3.15?
Or should that file go in radiant-0.9.1/vendor/rails/railties/configs/initializers ? On Wednesday, January 9, 2013 4:53:52 AM UTC-6, Kevin Triplett wrote: > > Yes, I saw that, thanks. > > Okay, here's what I did, please tell me if this will not work. :) > > Added new file in radiant-0.9.1/config/initializers called rails.rb with > this single line: > > ActionController::Base.param_parsers.delete(Mime::XML) > > Thanks for your help! :D > > > On Wednesday, January 9, 2013 4:42:04 AM UTC-6, Jim Gay wrote: >> >> Kevin, >> >> See the rails security post here with details about getting around this >> problem. >> >> https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion >> >> >> >> On Wed, Jan 9, 2013 at 5:25 AM, Kevin Triplett >> wrote: >> > Hi Jim, >> > >> > What about us poor sods who are running 0.9 and unable to update >> Radiant? :) >> > >> > Kevin >> > >> > >> > On Wednesday, January 9, 2013 4:01:45 AM UTC-6, Jim Gay wrote: >> >> >> >> Radiant no longer keeps vendor/rails in the gem. It's loaded by the >> >> Gemfile. >> >> >> >> I've just pushed Radiant 1.1.1 with a dependency on Rails 2.3.15 >> >> >> >> Thanks for reporting this! >> >> >> >> On Wed, Jan 9, 2013 at 4:28 AM, Toine Diepstraten >> >> wrote: >> >> > Hi, >> >> > >> >> > an important security update for Rails 2.3 was released, read more >> about >> >> > it >> >> > here: >> >> > >> >> > >> >> > >> http://weblog.rubyonrails.org/2013/1/8/Rails-3-2-11-3-1-10-3-0-19-and-2-3-15-have-been-released/ >> >> >> > >> >> > >> >> > As I understand Radiant uses a vendor Rails 2.3.14 version. How can >> one >> >> > update Radiant to use the security fixed Rails 2.3.15 version? >> >> > >> >> > Thanks for any suggestions. >> >> > >> >> > Best, >> >> > Toine >> >> > >> >> >> >> >> >> >> >> -- >> >> Write intention revealing code #=> http://www.clean-ruby.com >> >> >> >> Jim Gay >> >> Saturn Flyer LLC >> >> 571-403-0338 >> >> >> >> -- >> Write intention revealing code #=> http://www.clean-ruby.com >> >> Jim Gay >> Saturn Flyer LLC >> 571-403-0338 >> >
Re: [Radiant] Security Update to Rails 2.3.15?
Yes, I saw that, thanks. Okay, here's what I did, please tell me if this will not work. :) Added new file in radiant-0.9.1/config/initializers called rails.rb with this single line: ActionController::Base.param_parsers.delete(Mime::XML) Thanks for your help! :D On Wednesday, January 9, 2013 4:42:04 AM UTC-6, Jim Gay wrote: > > Kevin, > > See the rails security post here with details about getting around this > problem. > > https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion > > > > On Wed, Jan 9, 2013 at 5:25 AM, Kevin Triplett > > > wrote: > > Hi Jim, > > > > What about us poor sods who are running 0.9 and unable to update > Radiant? :) > > > > Kevin > > > > > > On Wednesday, January 9, 2013 4:01:45 AM UTC-6, Jim Gay wrote: > >> > >> Radiant no longer keeps vendor/rails in the gem. It's loaded by the > >> Gemfile. > >> > >> I've just pushed Radiant 1.1.1 with a dependency on Rails 2.3.15 > >> > >> Thanks for reporting this! > >> > >> On Wed, Jan 9, 2013 at 4:28 AM, Toine Diepstraten > >> wrote: > >> > Hi, > >> > > >> > an important security update for Rails 2.3 was released, read more > about > >> > it > >> > here: > >> > > >> > > >> > > http://weblog.rubyonrails.org/2013/1/8/Rails-3-2-11-3-1-10-3-0-19-and-2-3-15-have-been-released/ > > >> > > >> > > >> > As I understand Radiant uses a vendor Rails 2.3.14 version. How can > one > >> > update Radiant to use the security fixed Rails 2.3.15 version? > >> > > >> > Thanks for any suggestions. > >> > > >> > Best, > >> > Toine > >> > > >> > >> > >> > >> -- > >> Write intention revealing code #=> http://www.clean-ruby.com > >> > >> Jim Gay > >> Saturn Flyer LLC > >> 571-403-0338 > > > > -- > Write intention revealing code #=> http://www.clean-ruby.com > > Jim Gay > Saturn Flyer LLC > 571-403-0338 >
Re: [Radiant] Security Update to Rails 2.3.15?
Hi Jim, What about us poor sods who are running 0.9 and unable to update Radiant? :) Kevin On Wednesday, January 9, 2013 4:01:45 AM UTC-6, Jim Gay wrote: > > Radiant no longer keeps vendor/rails in the gem. It's loaded by the > Gemfile. > > I've just pushed Radiant 1.1.1 with a dependency on Rails 2.3.15 > > Thanks for reporting this! > > On Wed, Jan 9, 2013 at 4:28 AM, Toine Diepstraten > > wrote: > > Hi, > > > > an important security update for Rails 2.3 was released, read more about > it > > here: > > > > > http://weblog.rubyonrails.org/2013/1/8/Rails-3-2-11-3-1-10-3-0-19-and-2-3-15-have-been-released/ > > > > > > > As I understand Radiant uses a vendor Rails 2.3.14 version. How can one > > update Radiant to use the security fixed Rails 2.3.15 version? > > > > Thanks for any suggestions. > > > > Best, > > Toine > > > > > > -- > Write intention revealing code #=> http://www.clean-ruby.com > > Jim Gay > Saturn Flyer LLC > 571-403-0338 >
Re: [Radiant] Re: Radiant and Rails 3
I'll second this advice. I may not know enough about your needs, but with a CMS, it doesn't seem importance what version of Rails or Ruby a CMS runs on, since a full-blown app is not what Radiant CMS is designed for. And with RVM, it's easy to admin a server with multiple versions of Ruby and Rails to accommodate different projects with different version needs running on the same server. More important, IMO, is how well documented each CMS is or (perhaps better) how easy it is to get help from other developers, including contractors (lots and lots of good developers are fluent in Radiant and are available to help). I'm not one of them although I've created several Radiant CMS sites, and it's very easy once you do one, but I'm not familiar with developing complex applications in Radiant. It's more difficult when you try to create a complex app but at that point a straight Rails project is a better choice. But I've been told that a Rails app can be written and included into a Radiant site as a plugin, although I haven't done that (yet). Kevin On Aug 7, 2011, at 7:30 AM, Bob Sleys wrote: > I know everyone like to use the latest and greatest versions of software and > all but IMHO I don't think its a good idea to limit an evaluation of CMS to > specific build versions of ruby or rails. Instead it would be far better to > make sure they are being actively developed and have a good solid team behind > them. For something you want to be able to depend on often you don't want > the latest and greatest, cutting edge version, but something that you know > will work, has a good team behind it and well supported by a community of > users where you can get questions answered. > > Bob
[Radiant] Re: Radiant 9.0.1 hangs up after a while, and how i store forminputs in mysqldatabase
> [Tue Dec 14 21:00:23 2010] [error] VirtualHost *:80 -- mixing * ports > and non-* ports with a NameVirtualHost address is not supported, > proceeding with undefined results >From what I've read online and the error message, if you find the configuration file that specifies NameVirtualHost address and change it to *:80, that may fix the problem. I also notice that your configuration file refers to Passenger and that you have Passenger on your server. Make sure that Passenger is unloaded from Apache: http://tinyurl.com/39l3ave Kevin -- Posted via http://www.ruby-forum.com/.
[Radiant] Re: Radiant 9.0.1 hangs up after a while, and how i store forminputs in mysqldatabase
> # Configuration: > > - Apache/2.2.8 (Ubuntu) > - Phusion Passenger version 3.0.0 > - Rails 3.0.3 > - Ruby 1.8.7 (2008-08-11 patchlevel 72) [x86_64-linux] > - WEBrick 1.3.1 > - gem 1.3.7 > > # Problem 1 - Server hangs up after a while: > > When i start my radiant with this command: script/server -e production > my cms will run nearly 2 hours and after this time it keeps to be hang > up. I'm not sure script/server is the way to run your webserver. I think that starts WEBrick, which is not an ideal choice for production webserver. There should be a site configuration file for apache that points to your application's public directory. Let me know if you have that configuration file -- if not, I'll send you a sample configuration file. > # Problem 1 - Store userinputs from webformular in MYSQL Database > How it is possible - to send formularinputs to a phpscript that stores > this values > in my database? Do you mean you have a PHP script that receives the form input and needs to store the input into the database? -- Posted via http://www.ruby-forum.com/.
[Radiant] Archive index infinite loop
Hi all, I have the standard issue Articles:Archive Monthly Index with four child pages but I'm getting an infinite application loop when getting a monthly index. I have to reboot my server whenever this happens. I've attached a log snippet (with just the head of the infinite loop) and a screen shot of my pages hierarchy. The only thing I can figure out is that my monthly-archives page is published in the same month as my child pages, so when I do an archive search, the SQL statement pulls in the archive index page. So I changed the published date to a year earlier and it worked, no infinite loop. Yay! Is this a known issue? Or should the archive index pages not be marked as published? What did I do wrong? Sorry if this is a newbie question. Thanks for any advice, Kevin Attachments: http://www.ruby-forum.com/attachment/5545/archive_index_log.txt http://www.ruby-forum.com/attachment/5546/Screen_shot_2010-12-14_at_12.49.50_AM.png -- Posted via http://www.ruby-forum.com/.
[Radiant] Re: How to down migrate an extension?
Of course! I keep forgetting that Radiant is a Rails application. Thanks, that works perfectly! -- Posted via http://www.ruby-forum.com/.
[Radiant] How to down migrate an extension?
Hi all, New to Radiant and lovin' it so far. But I've been trying to find out how to down-migrate an extension migration so I can remove the extension. Specifically, I'm trying to migrate a project from sns to sheets, so I'm needing to undo the db from sns. Thank for any help -- Kevin -- Posted via http://www.ruby-forum.com/.
[Radiant] Re: Re: best code syntax highlighting solution
John Doe wrote in post #967984: > So looks like there are two radiant extensions below that allow you to > leverage the coderay gem: > https://github.com/phallstrom/code_ray > https://github.com/alno/radiant-code-extension > > I'm inclined to use the the 2nd one since it supports other syntax > highlighters beyond coderay. What are your thoughts on which one to use? I tried to use alno/radiant-code-extension for the same reason but had to switch over to phallstrom/code_ray because I couldn't overcome an processor error and I decided that coderay was an acceptably easy library to implement and use. Ultimately, I forked it so I could merge envygeek's fork and pallstrom's. Kevin -- Posted via http://www.ruby-forum.com/.