| Author |
Message |
Raven
Site Admin/Owner
Joined: Aug 27, 2002
Posts: 17088
|
 Posted:
Wed Mar 24, 2004 5:43 am |
|
Just to let you all know that Chris Karakas and I are in the process of setting up the development framework and hope to start the actual design work shortly  |
| |
|
|
|
twelves
Regular
Joined: Aug 22, 2003
Posts: 84
|
| Posted:
Wed Mar 24, 2004 10:31 am |
|
I sent this post and missed the last 12 pages. I only responded to the first page.
I’m only good as an end user any way,
However!
One thing that is missing from nuke, *I guess your not making nuke any more*
Any way, A good file Up loader. I have one with individual folders, file upload and its very nice. Password protected users...
It’s about orphaned now.
I wish you the best of successes with your project.
http://phpatm.free.fr/ <--- Good document sharing progroam.  |
| |
|
|
|
reikimaster
PHP-Portal Project
Joined: Mar 05, 2004
Posts: 12
|
| Posted:
Wed Mar 24, 2004 3:36 pm |
|
This initial development planning is kind of like playing against yourself in a chess game and trying to predict 12 moves out for all possibilities. As you set up the framework you have to consider the impact of *this* against *that*.
yeah... I did project management on large projects with multiple prime contractors for 9 years. Millions of dollars spent per project. In fact I was part of a tem of 3 guys that actually had the power to stop these multimillion dollar projects and get everyone together and get them back on track. Those were the days....
I'm going to sit here and wish you luck and hope you don't paint yourself into any corners. And I'll look forward to helping when it's my time to help. |
| |
|
|
|
|
sixonetonoffun
Spouse Contemplates Divorce
Joined: Jan 02, 2003
Posts: 2496
|
| Posted:
Wed Mar 24, 2004 3:44 pm |
|
File uploading is treacherous territory but no doubt this is in the addon catagory. I use Only registered users can see links on this board! Get registered or login! on my site its not the most user friendly interface but its got the basics. Works great on PN I think its a little buggy on phpnuke mostly due to the authors lack of interest in keeping up with the gads of changes phpnuke has gone through.
Remember when ZX found out a user was hosting files on nukecops because he hadn't set very restrictive limits on the uploads? Like I said treacherous territory. |
| |
|
|
|
|
CodyG
Life Cycles Becoming CPU Cycles
Joined: Jan 02, 2003
Posts: 714
Location: Vancouver Island
|
| Posted:
Thu Mar 25, 2004 12:46 am |
|
Setting those limits is the key and a decent upload module, shareable across other modules, is what I would consider a core module. As long as the restrictions are in place, uploading is essential BBS.
Raven, your project has me laying awake at night thinking of the possibilities. I want my nuke to be like PCBoard/WinServer ... only way better with phpbb and mods and blocks and scripty things I can use to create the magic. |
| |
|
|
|
|
sixonetonoffun
|
| Posted:
Thu Mar 25, 2004 7:21 pm |
|
Ok this is really putting the cart before the horse but...
CodyG I think we can agree to disagree. While I see this as a shining example of why this portal will be better then brandX. Uploads are not an essential function for all sites.
I think you'll get what you want in the end but I still believe this is a addon feature.
I use PNPHPBB and I find the attachment mod included to be useless and a pain in the a*******.
If it was done as you described like nukeupload but integrated into the forum as the attachment mod. It would be something to have. But again not for everyone.
But all this speaks to how integrated the forums will be with the core. I think everyone would agree it would be nice to have some global user levels instead of global levels for most of the site but not the areas where its not |
| |
|
|
|
|
Raven
|
| Posted:
Thu Mar 25, 2004 7:39 pm |
|
Just for clarification ....
When we are talking Core, we are referring to core functionality of the wrapper, if you will. In other words things like security, authentication, database -- functionality that all objects may need to do 'stuff', but not the actual 'stuff'. Case in point, uploading. Uploading requires a CORE process: database access and/or file access. So, the Core API will provide the means to the end but not the end. We are hoping to abstract what you do from how you do it. We'll provide the glue and you provide the parts. Okay, I'm out of analogies and such. Have I belabored this enough or shall I labor on  ? |
| |
|
|
|
|
sixonetonoffun
|
| Posted:
Thu Mar 25, 2004 9:23 pm |
|
<~ Thinks class has been dismissed for the day... |
| |
|
|
|
|
Rikk03
Worker
Joined: Feb 16, 2004
Posts: 164
|
| Posted:
Fri Mar 26, 2004 2:19 am |
|
Speaking from my own needs but i do need a good upload module - i currently use EDL V2.0 and I am eagerly awaiting EDL 2.1 which should be out in the next few days.
I like it because of its admin side control but also because it allows you to browse not only for your file of choice but allows for image upload to go with the description and file.
If you will be creating an upload module of some description PLEASE allow for image AND file upload WITH description - and allow for the access to be set for certain groups - ie subscription. Take a look at EDL2.1 admin side also at nukestyles.com
Love that module
Richard |
| |
|
|
|
|
Raven
|
| Posted:
Fri Mar 26, 2004 9:44 am |
|
| sixonetonoffun wrote: | | <~ Thinks class has been dismissed for the day... |
 |
| |
|
|
|
|
Raven
|
| Posted:
Fri Mar 26, 2004 2:04 pm |
|
I have been rethinking my total approach to my Nirvana. Let me toss another thought out here. My Nirvana was to develop an entire framework that you could basically plug Nuke into or many other 'models'. With the recent plethora of exploits I am thinking smaller for the time being but still keeping the larger scope in mind. I am proposing that we slice-n-dice the critical areas of phpnuke and fix them (great revelation, huh?). What I mean is we take security as a 'slice'. Now, we develop a security plug-in (yes, I love that phrase!). Nuke code writers could choose to plug in to this layer or not. Whereby this does not interrupt the sad state that nuke now has. What this layer would do is that it will more properly handle security issues and then pass back only cleansed information/messages to the calling module/block. The beauty in this approach? It will be written in such a way that it is still independent of nuke so I can still use it in PHP-Portal (Nirvana). We can do the same with Database, Authentication (ldap anyone?), etc. |
| |
|
|
|
|
sixonetonoffun
|
| Posted:
Fri Mar 26, 2004 8:44 pm |
|
That should make the masses breathe a little easier.
But I'm still protesting PHPNuke by not using it wink*
Can't wait to see more. |
| |
|
|
|
|
webdev1
New Member
Joined: Feb 17, 2004
Posts: 4
|
| Posted:
Sun Mar 28, 2004 12:21 am |
|
I have to say I completely agree with all of your concerns. I had several PHP-Nuke sites (Raven, thanks for the KISSQ, its great). But I'm now changing them all to CPG-Nuke, the security and speed improvements were just to much to overlook.
I understand there are others, Raven, NC, NSN, etc, but I must say I think CPG-Nuke is on the right path in the major rewrite of the core PHP-Nuke files that DJMaze and team have done. CPG-Nuke is now working with the Dreamlite Team who have created a OSCNukeLite Module for CPG-Nuke, you can see a demo at cpgnuke.com.
I would appreciate some feedback if this is not a path we should all join and build one great Nuke successor, I believe with CPG-Nuke daily security updates are a thing of the past. Also, they are kicking around ideas for a name change on the cpgnuke.com forums, so if forces were joined you could put in your name ideas. (Raven I followed your link here from nukecops.com, so I reposted here as well as this is an important thread). |
_________________
Only registered users can see links on this board! Get registered or login! |
|
|
|
|
karakas
Hangin' Around
Joined: Feb 20, 2004
Posts: 29
|
| Posted:
Sun Mar 28, 2004 5:15 am |
|
Where can I read more on the security model of CPG-Nuke? |
| |
|
|
|
|
webdev1
|
| Posted:
Sun Mar 28, 2004 9:33 am |
|
|
|
|
|
Raven
|
| Posted:
Sun Mar 28, 2004 9:54 am |
|
Thanks for the info but I'd like to move a CPG discussion to a thread of its own. So if you would please do an edit, copy, and paste to a separate thread, I will then delete this one or you can edit this post and just put a link to the new thread. Also, I have read the security link and unfortunately there are some flaws and misassumptions in this coding. This is not an attack but he has made misassumptions similar to how php functions as I have pointed out in other posts of his. That's not to say that his methods may not work, but there are better and more secure ways to do some of those things. Thanks.
Discussion for CPG-Nuke moved here:
http://www.ravenphpscripts.com/postt1243.html |
| |
|
|
|
|
webdev1
|
| Posted:
Fri Apr 02, 2004 8:17 pm |
|
| karakas wrote: | | Where can I read more on the security model of CPG-Nuke? |
Hi Karakas,
This is not realy a security issue but, the CPG-Nuke Team finaly did something no-one has done before with any Nuke version. A descriptive and good documentation to understand and use the internal functions of CPG-Nuke/PHP-Nuke.
It fully explains what the functions in the selected file do, and a explanation of all variables that can be passed to that function. The help docs are mostly generated for CPG-Nuke but it will explain a lot about PHP-Nuke as well.
This will help all module and add-ons developers how to use the CMS's so they know where security problems could occur.
http://www.cpgnuke.com/index.php?name=Source_Docs |
| |
|
|
|
|
demianturner
New Member
Joined: Apr 06, 2004
Posts: 2
|
| Posted:
Tue Apr 06, 2004 3:24 am |
|
| Raven wrote: | | I never cease to be amazed at timing! Somebody already stole my vision http://seagull.phpkitchen.com Not really. They've been at it alot longer. I never even knew it existed. It just reaffirms my committment to my vision. |
hi raven - just to confirm i've never seen your site, heard of MCP, or stolen anything. Seagull has been in development for around 2 years, and has nothing to do with nuke or other procedural projects. we use MVC, as do thousands of other projects, and the project's only really distinctive feature is the validate/process/display workflow used.
good luck with your project 
cheers
demian |
| |
|
|
|
|
Raven
|
| Posted:
Tue Apr 06, 2004 5:28 am |
|
Thanks demian. As I said, you guys had been at it for a lot longer and it was just a tongue-in-cheek comment about 'stealing'. Hope you understood that . How did you happen to stop by? |
| |
|
|
|
|
demianturner
|
| Posted:
Tue Apr 06, 2004 5:46 am |
|
sure i understood ... the magic of referers |
| |
|
|
|
|
Raven
|
| Posted:
Wed Apr 07, 2004 10:41 am |
|
Since this thread has pretty much run its course, I have decided to lock it down. Feel free to open up another one if needed. The project is still alive and being worked. I am looking at many things that many of you have pointed out, suggested, etc. To that end, I have placed a pdf document for you to download, if you desire, that is this entire thread. I needed this to be able to easily review the thread to extract the requirements that were discussed here. Here is the link to the pdf http://www.ravenphpscripts.com/public/RavenFork.pdf |
| |
|
|
|
|
Raven
|
| Posted:
Thu Apr 08, 2004 7:48 am |
|
One other important note. I had identified a Lead Team, if you will, that is to work with me on the concept and design. I am trying to lock down that they are still interested. Obviously, their reply will weigh in heavily. But, I wanted you all to know where this is. |
| |
|
|
|
|
Raven
|
| Posted:
Mon Jul 19, 2004 12:11 am |
|
I am back to the sole Lead Team member. I still beleive in this but have been very focused on other things up to now - my dad's health, Sentinel, my job status. The only one that has settled down is Sentinel as we are preparing for the v2.0 release .
Anyway, I have unlocked this thread to see where everyone else's head is at. Are we still as empassioned as before? Is it still needed? Or is it basically one man's dream? Or, do we reshape the vision, scale it back?  |
| |
|
|
|
|
paranor
Worker
Joined: Aug 28, 2003
Posts: 227
|
| Posted:
Mon Jul 19, 2004 10:27 am |
|
I switched to Mambo. |
| |
|
|
|
|
Raven
|
| Posted:
Mon Jul 19, 2004 10:29 am |
|
| paranor wrote: | | I switched to Mambo. |
 |
| |
|
|
|
|
|
|
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
