News: Apr 1 2008 at 8:42 GMT by Jos

This morning Web-APP was offered a tidy sum (USD $4,123,850) by a party who will remain unnamed, for exclusive use of the WebAPP script as developed at the site web-app.org for several years. The offer was rejected, reason being according to an interview with a main developer at the Web-APP community: "Putting a price tag on it would spoil all the fun."

Oh well, to each his or her own.

Programming: Mar 17 2008 at 13:55 GMT by Yaza

"The Software Freedom Law Center (SFLC), provider of pro-bono legal services to protect and advance free and open source software, today published a paper that considers the legal implications of Microsoft's Open Specification Promise (OSP) and explains why it should not be relied upon by developers concerned about patent risk."

The paper was published in response to the open source community's questions regarding the compatibility of the "OSP" with the GNU General Public License (GPL). "The paper says that the promise should not be relied upon because of Microsoft's ability to revoke the promise for future versions of specifications, the promise's limited scope, and its incompatibility with free software licenses, including the GPL."

Karen Sandler, SFLC Counsel, stated: "Based on our review of the OSP, we do not recommend that free software developers rely on it for assurance." Sandler said that because developers of free software are unable to implement OOXML freely, "we urge that it not be approved as an ISO standard."

The paper is available on SFLC's Web site

Links: http://www.softwarefreedom.org/

Source: http://www.pr-inside.com/print487398.htm

Internet: Mar 14 2008 at 23:51 GMT by Yaza

An interesting article from back in July of last year, where the author, Jonathan Bailey, gives some interesting ideas to help stop image and file hotlinking, and how to block RSS scraping for those who might not be familiar with this ability.  

These ideas are not new to those who have been working with the manipulation of .htaccess files on their server, provided they have access to their own server, but the ideas presented in Bailey's article should be of interest for newcomers to Web-APP.  Web-APP users, just like any other site owners, often find their bandwidth rising due to image and file hotlinking through free Online services such as the popular MySpace, Facebook, and other similiar social networking sites.

Bailey says, "Though these manipulations won’t do anything to stop human plagiarism it can stop some of the more common types of plagiarism before they happen, all without impacting legitimate users at all. It makes sense, if possible, to use these methods to your advantage."

To find out more on how you can fight bandwidth theft, you can access the article here.  

Newsletter: Mar 9 2008 at 3:42 GMT by Q

We’re starting a new look for our newsletter and hope you enjoy the new pdf format. Included in the newsletter will be topics such as a “How-To” column that will discuss WebAPP tips on various items such as how to implement a hack.
. . . . . . . . . . . . .

Editorials: Mar 2 2008 at 20:05 GMT by Jos

Today I was doing some reading on the net and ran across this very interesting and well put together article about Content Management Systems and what to look for when going about to select one. I thought it had so many good ideas that might be something we could think about working into WebAPP in a future version. We'll be starting with our version 1.0 soon, and we should consider things like this to make WebAPP more professional and to provide more of what people who have used other systems have come to expect.

Here is the article:



Here is a link to the article on the web (PDF file): How to Evaluate a Content
Management System

Security: Feb 13 2008 at 15:29 GMT by Homer_Simpson

Washington D.C.
FBI National Press Office
(202) 324-3691

Internet Alert: St. Valentine’s Day E-Card Carries Storm Worm Virus

If you unexpectedly receive a Valentine’s Day e-card, be careful. It may not be from a secret admirer, but instead might contain the Storm Worm virus.

With the holiday approaching, be on the lookout for spam e-mails spreading the Storm Worm malicious software (malware). The e-mail directs the recipient to click on a link to retrieve the electronic greeting card (e-card). Once the user clicks on the link, malware is downloaded to the Internet-connected device and causes it to become infected and part of the Storm Worm botnet. A botnet is a network of compromised machines under the control of a single user. Botnets are typically set up to facilitate criminal activity such as spam e-mail, identity theft, denial of service attacks, and spreading malware to other machines on the Internet.

The Storm Worm virus has capitalized on various holidays in the last year by sending millions of e-mails advertising an e-card link within the text of the spam e-mail. Valentine's Day has been identified as the next target.

Be wary of any e-mail received from an unknown sender. Do not open any unsolicited e-mail and do not click on any links provided.

To receive the latest information about cyber scams please go to the FBI website and sign up for e-mail alerts by clicking on one of the red envelopes. If you have received a scam e-mail, please notify the IC3 by filing a complaint at www.ic3.gov . For more information on e-scams, please visit the FBI's New E-Scams and Warnings webpage at http://www.fbi.gov/cyberinvest/escams.htm

####

Security: Jan 22 2008 at 13:23 GMT by Jos

and succeeding.

Someone is running some script off of various servers, trying some exploit in trying to get this site to load some remote script and/or just trying to crash the logs. Here they are folks:

87.255.1.130
195.96.238.2
72.3.240.146
83.138.146.79
217.172.33.83
83.168.217.40
82.165.146.67
208.100.55.68
87.229.14.10
195.205.77.30
213.168.18.162
88.212.205.5
66.11.122.105
203.146.140.58
220.135.250.253
89.248.80.35
205.161.188.15
216.145.9.178
202.71.129.99
200.29.4.54

These were pretty much all either one after another or at the same moment.

Announcements: Dec 31 2007 at 18:18 GMT by Jos

2007 out, and in with 2008!

Perl: Dec 21 2007 at 6:43 GMT by Jos

Seattle Perl Users Group (SPUG) celebrated the 20th anniversary of the Perl programming language. See the cake and hear the music HERE .

Announcements: Nov 16 2007 at 17:05 GMT by my2cents

Well, I was going to put up a bunch of old themes in my site downloads, Classics from folks, like Carter, Ditto, SimonJ, John-Gr, Drakken20, and Bill Huff. And even the progressive stages of my own style of WebAPP theme development.

Which I still may do, but I wanted some screenshots of the themes so members could see what they are downloading. So I loaded up what I thought was the cleanest old build html wise that most of these layouts would work ok in, 9.9.2.

Well, things just never work out as you plan, none of them displayed properly or even close, some were just wacked. So, slowly I started working up some of the classics into complete new builds from the newer files, some went great, until I needed tables.

So I surfed over to web-app.org to grab the tabled standard in the downloads there and build myself a template. That was the first set back, the standard tabled theme was not validating, was a brain tease for sure, but problem solved.

Next was adding a table to the center block for image corner based themes like "Spun Glass"(Ditto), and "Neo"(C-Central or Drakken20)".
That went well as I had already had that done a while back on my "original-custom"{Custom 2) theme, which loaded up perfectly from the last build(9.9.3), into 9.9.8 layout wise.

Now I have some validating functioning templates to rebuild all the classic from, but still the work was consuming as each theme with image corners need their own specific layout. I started with Spun Glass, a favorite of mine, just because it's not a normal look.

Once again, another bad choice, I gotta chuckle,  even after rebuilding the theme with new correct files and good html code for the layout, it failed. Now I can't even remember what it was exactly as I've been though so many updated bits for these tabled themes.

Once past that stage, the rest came slow and easy, with each build the templates and the rest of the tabled themes became stronger, some even out doing the originals by far.

What I have now is, this list of themes running now on the current build of 9.9.8, in tabled or colorme(current standard) forms.

• 1orange
• 1wiz
• bbu
• blackvelvet
• bluestar
• classic
• colorific
• custom1
• floride
• goth2
• graphics
• grid
• holiday
• neo
• neogreen
• neosilver
• orig-custom
• psi
• pub
• redglow
• rhombus
• slate
• snow
• spunglass
• stop
• tomorrow
• tube

Just about wrapped up and ready for the downloads, all in my theme changer right now as I check them over for final touches. Then I'm taking a break for the holidays!

Announcements: Nov 2 2007 at 21:54 GMT by Jos

Note to all when upgrading:

Any upgrades these days require a check against modifications in the user-lib, even more so than usual in the past, as we move ahead on upgrading WebAPP's old code. Although we try to minimize it as much as possible, we will need to let go of a certain amount of backwards-compatibility in order to correct and improve upon certain things in the way in which the code is written. And we are just now to the point where we will be moving in to the real nitty gritty of this process, so this will probably be even more so in the near future, that we need to upgrade our user-lib hacks when upgrading the WebAPP version we are using.

Security: Oct 31 2007 at 8:14 GMT by Jos

IP 66.246.218.218 slam hit this site real hard for about 10 minutes tonight. I'm not sure how many hundreds of hits, and I'm not about to count them. The hits were in multiples per second ranging clear up to 7 hits per second. This was the hardest hits I have yet seen with these bots set on dedicated servers, presumably in an effort to crash our database. Not sure what the purpose of that is since even if they do succeed, we keep frequent backups and would not lose much if anything. That's the nice thing about flat file text databases - Although they are easier than some types of data storage systems to crash, they are also very easy to restore which can't be said about some of the more complex systems.

Nevertheless, I wish these bot setting fools would go away.

Announcements: Oct 18 2007 at 3:25 GMT by Jos

Just released today - See our downloads area, Current Stable Version for the full install or upgrade packages.

Lots of work went into this one - mostly on boring technical things, but we did add a few nice new items that people will notice.

Perl: Jul 1 2007 at 11:56 GMT by Jos

1999 interview with Larry Wall by Marjorie Richardson.

"Discover a bit about Perl's creator and what's happening with Perl."

Larry Wall, the Guru of Perl

"I wanted a short name with positive connotations. (I would never name a language "Scheme" or "Python", for instance.) I actually looked at every three- and four-letter word in the dictionary and rejected them all."

News: Jun 25 2007 at 23:28 GMT by Jos

WebAPP site as of May 20 2006

Last year, I wanted to use the Archive feature to move some of our old threads into an archive. I figured this would speed up the site by not having to load all that old database on every page load (for the latest forum posts), and also to speed up the forum Search feature. So the Web-APP team here all pitched in to help clear off the "Lost and Found" board that we had here at the time, and then I ran the Archiver to archive all threads last posted or replied to earlier than February 2005.

Sometimes I miss the old site the way it was before we did the archiving, so I assumed maybe others did too. The "old db" site is for those of you who prefer the forums all-in-one rather than as we have it now with the more recent files being in the main Forums and the old, historical thread in the Archives.

I didn't put up the membership files there since there are about 20,000 of them (4 for each active member, 3 for inactive) and most were inactive. There were 5 thousand some odd members before late 2005 - early 2006 when I went through one by one and cleaned out all those who had been members for over a year and either never logged in or never logged in within a year with no profile data or posts. At the time the membership db cleanup was first complete, the membership was brought down to about 17 hundred some odd of members who were ever active at all in any way.

The "old db" site is the last known backup (May 20 2006) of the old site before the 3 months down time we experienced here at web-app.org before coming back online on September 7 of last year. Hope some people will find this helpful. I enjoy it for its nostalgic value at very least.

FAQ: Jun 21 2007 at 9:55 GMT by rbarron

Macs running OS X have Apache web servers built into them, and since I'm a Mac tech by trade I decided to give it a go and install Web-App on my Mac. So I thought I would share what I did and  help any other Mac users who wanted to try doing the same. I'm running OS 10.4.x, so your mileage may vary.

1) Go to the Apple menu and select system Preferences - Sharing.

2) Check "Personal Web Sharing" and "FTP Access" and note the web address link  for Personal Web Sharing at the bottom (not the personal site adress with the /~).

3) Go to Hard Drive - Library - WebServer. You will see two folders - one called "CGI-Executables" and the other "Documents". You want to copy all the files from inside the WebApp CGI-BIN folder (that you just downloaded) and put them into the CGI-Executables folder. All the other files/folders get dumpped into Documents.

4) Use TextEdit and make a new index.html file with the following:






5) Use an FTP program (such as the free CyberDuck) and connect to your own computer using the FTP address at the bottom of the Sharing preference pane. It shows up when you have FTP Access selected.

6) Navigate to the Hard Drive - Library - WebServer - CGI-Executables folder and set permissions as follows:

All .cgi .pl and folders get 777
All .txt .log .dat and everything else gets 666
(755, 775, 644, and 664 do not work for me)

7) Open your web browser and type in your IP address like this:
http://123.234.345.456/cgi-bin/install.cgi

You should see the config/install page and be able to go from there. If you get error messages (Can't find file, can't open file, etc) check your permissions again. And again.

One thing I like about CyberDuck is that it has a view where I can see all the folders, click the triangle to see all the contents and subfolders, and keep going until I see every file and folder in WebApp. THEN I start setting permissions by  selecting all the CGI PL and Folders and doing a "Get Info" to set them all to 777 in one shot. Then do the same with the other files, but to 666.

I had to manually create the redirect index.html files, but it has been working like a champ. I can even get e-mails that web-app sends for user notifications (new user signups - users get their passwords in e-mail).

Hope that helps!

Security: Jun 8 2007 at 20:53 GMT by Jos

Several IPs were spamming the form input parsing subroutine with huge amounts of data. This was getting irritating, so I started banning them. Here is a list of all IPs that have been banned as a result, so far. If your IP is on this list and you have not been making these form data spam visits, then probably either your IP has been hijacked or it is serving as an open proxy for anyone to use. Please contact me if you are unable to access this site and feel that you are innocent and should not be banned.

87.118.113.30
201.44.15.21
212.0.126.202
74.104.46.202
88.39.192.99
84.144.242.220
210.212.162.171
200.87.6.19
125.244.82.2
69.145.112.232
75.85.61.179
74.106.4.247
221.124.166.201
200.253.110.252
203.227.46.120
69.226.148.222
58.49.110.86
69.253.179.179
72.193.86.189
151.38.202.97
207.255.34.60
59.94.41.148
216.155.165.233
201.17.190.40
12.218.127.177
12.72.151.190
81.104.183.39
202.103.218.207
165.228.128.11
84.94.7.162
64.230.84.218
24.2.3.90 All
213.198.74.44
200.29.167.10
121.185.49.160
58.237.149.59
24.128.84.42
200.253.110.252
69.62.206.206
212.70.181.215
24.151.244.223
87.50.32.75
207.61.242.110
219.93.178.162

Security: Jun 8 2007 at 12:41 GMT by Jos

Was doing some research on internet law as related to cybercrimes such as hacking, denial of service attacks, stalking, cybersquatting, internet defamation, slander, impersonation, misuse of intellectual property, software licensing violations, trademark violations, copyright violations, and some other such things, and I came across a small set of resources for reporting such issues, at Kowboys Place.

So if you are one who has been experiencing problems with such activities being done against you and were wondering what you can do about it, this small list may be a good place to start. Since I've been experiencing some problems with some of these things myself, I plan to continue to research these topics and to post more resources as I come across them.

People must live together on the internet just as they do in the physical world. Some people refuse to try to be decent to each other. If no one does anything to try to stop this antisocial behavior, the perpetrators will keep on doing more and more of these things until anarchy becomes the rule of the web.

Internet crime should be deterred just like any crime, to make the internet safe for decent people to use openly. Cyberterrorism is real terrorism and should not be tolerated. Certainly we would not want to let Mafia-type threats be what dictates our activities on our own websites and on those in which we wish to participate.

Old News: Jun 4 2007 at 0:12 GMT by bantychick

Posted HERE .

Contributors are listed in the change logs and on the Version Page .

News: May 21 2007 at 13:51 GMT by bantychick



It was 3 years ago today, May 21, when the files with which we are now working were uploaded to the CVS. This was the beginning of a new era for the Web-APP project. Ditto started a whole bunch of new forum boards for people to sign up for different areas of specialization for the project. I signed up as a bug-zapper then, HERE to work with Abywn fixing bugs. A few other people signed up around that time as well.

Some of our files still carried the 5/21/04 date until we started the new CVS on this server last September and uploaded to it which changed the file dates. Mostly all of the 5/21/04 files were image files by then as all other files have been upgraded over these past 3 years.

It's been a long 3 years.

Editorials: May 20 2007 at 23:27 GMT by Yaza

Some individuals come along and stay in the Web-APP community for a while and leave for different reasons.  Some people come and get a taste of the code and think they've become a Perl expert and are asked to assist with the code and they might eventually be given the status of a developer...but all too often, some of the "developers" leave the Web-APP community to do other things for whatever reason.

But there are others that have had a strong determination to continue with the Web-APP community, even when at odds with others who are against Web-APP and when those enemies try to destroy their character, reputation and their hard work.  These are the people who need to be told "Thank you" many times.  They need to know that we appreciate them for what they do for all of us.

I am thinking of one person in particular right now...

Jos' (bantychick's) persistence in the face of everything bad that's been thrown at her by enemies of Web-APP.org has been an inspiration to many of us, and I would like to say, especially to myself.  Her determination and ongoing, steadfast resolve to offer support and continuing development of the original Web-APP script has been awesome to say the least.

Jos' desire to help everyone who comes on the forums, from the seasoned to the "newbie", is admirable and should be emulated by each staff member here at Web-APP if not already.  When others gave up and walked away from Web-APP because of personal reasons, or other, Jos was still there tweaking and pumping out the code that we all love so much and have become addicted to.

So, here's to you, Jos, our number one developer for Web-APP for a long time now.  Thank you for sticking around and keeping the Web-APP community together and being such an inspiration for us.  You are appreciated.  

Announcements: May 11 2007 at 21:09 GMT by bantychick

Yaza just made a great looking theme that is just right for summertime. It is based on John-Gr's Fine Blue theme. The name is "Green Nostalgia", and it is available for use in our theme changer here, in the top left menu panel on most themes. I just love it.

Security: May 4 2007 at 14:45 GMT by bantychick

Web-APP is pleased to know that recent attempts to crash our forums and forum archives databases have been fruitless. Seeing these failed attempts is a good reward for our efforts to resolve the old forum board database loss problem that some might remember from the somewhat distant past. The IPs that have been most agressive at this slamming of our forum threads are also the most recent, being 85.255.117.221 and 75.144.11.246, who have been hitting the forums today and yesterday with countless repeat hits at the rate of several hits per second on the same thread before cycling to another thread to do the same thing. So far, our forums here still stand intact. We keep frequent backups nevertheless, as data loss is a known drawback of using a flat file base system such as Web-APP has. Many thanks to Anton for the efficiency improvement code for the forums. This is probably the main thing that has saved us since the views timer on forum threads was found to be broken some time ago and had been that way for a long time. Also Carter's timer code, which did work when it was first included and works again now that it is fixed, is a great mechanism for stopping exploit attempts on the refresh bug that we used to have in the forums.

Announcements: May 3 2007 at 12:29 GMT by bantychick

The old Standard theme from version 0.9.9.1 was updated to 0.9.9.7 and is now available in the Downloads area. This is the 3D Standard designed by DenDen way back when. It's a great theme for a base for other 3D designs using any colors, backgrounds, or images.

Announcements: Apr 26 2007 at 8:34 GMT by bantychick

There was a group making a simultaneous attack on our site search here. All entered the same search phrase "None", and all used the same browser information using a generic IE browser string. 32 hits were made within 5 minutes, with up to 8 in any one single minute and some with multiple hits on the site by the same IP in the same second. Here are the IPs that were banned: