From john.habermann at wilderness.org.au Fri Mar 16 03:35:47 2007 From: john.habermann at wilderness.org.au (john habermann) Date: Fri, 16 Mar 2007 13:35:47 +1100 Subject: [COREblog-en] perform a redirect after changing a comment state In-Reply-To: References: Message-ID: I thought I would follow up my own post explaining how I come up with the solution to get the comment workflow to work as I wanted, so at least if other run into the same problem and come looking on the list they won't find an unanswered question something I personally find very frustrating :) It is a bit of a detailed post so apologies to peoples inboxes. The problems I had and things that I wanted to do with commenting in COREBlog2 where: 1. Creating an easy to use workflow to allow my bloggers to process comments that are submitted to their blog entries. Requirements where to allow a simple "Publish" or "Reject" from the state drop down and that this process be as simple as possible, Ideally blogger would have a specific role and not have to be made a manager in order to make the interface as simple as possible. 2. Email notifications for comments where easy to understand and worked in mozilla-thunderbird as by default they where unreadable in thunderbird due to every character being spaced apart. 3. Spam via comments and trackbacks should be reduced to an absolute minimum as to not turn off our bloggers from the process. Having them being barraged by spam and spending all their time time rejecting these would really reduce the appeal of a blog. 4. Commentors would be notified by email when their comment was approved. This was something requested by our bloggers as a courteous thing to do. 1. SETTING UP A SMOOTH WORKFLOW FOR COMMENT APPROVAL I created an editor role that had the following permissions to my editor role in the root plone site permissions tab: ATContentTypes: Add Document ATContentTypes: Add Event ATContentTypes: Add File ATContentTypes: Add Image ATContentTypes: Add Link ATContentTypes: Add News Item Access contents information Add portal content List folder contents Modify portal content Request review View I initially had real problems understanding what was happening in the permissions as they didn't seem to work, but the problems was due to me falsely assuming that all the folder objects and the articles would by default just be aquiring their permissions from the root folder but that was not the case. The article folder was not aquiring from the root in case of the "modify portal content" permission nor where the articles themselves set to aquire for that permission. You need to look at the workflow that applies to objects as that determines what permissions they are created with or at least the settings of those permissions that are managed by the workflow. There where 4 permissions managed by the cb_comments_workflow, which was just a copy of the plone_default_workflow I had made: Access contents information Change portal events Modify portal content View Each state has its own specific security settings which you can control by clicking on the "Permissions" tab for that state. For example when an object is in the "Pending" state the Reviewer role is given all the 4 permissions while when and object is in "Published" state only the Manager role has permission to edit the object. For the cb_comment_workflow I just needed 3 states: Pending (set this to the default state) Published Rejected ( a new state I created) and 3 transitions: Publish Reject Submit I deleted all other states and transitions. My bloggers are added to an Editors group which has been given the editor role. All bloggers are also placed in the Reviewers Group. REJECTING COMMENTS After thinking initially that I would have the reject transition just delete the rejected comments I thought it might be better to have a system they are kept available for historical purposes so switching them to a state where they are not visible to my bloggers or anonymous users would be a better option. One way I have thought that I could do it was to have reject be set to make the state of the comment private and private to be only viewable by the manager. This might have the added benefit of keeping the comments for historical puposes. The manger could easily go in and chose the delete option to clean out all obvious spam ones now and then but to a person who doesn't have the manager role they would effectively deleted. I changed the state that the reject transition changes to from visible to private. That works the comment disappears from the review list as it is not in the pending state but it doesn't appear to anonymous users as the private state has the view permission only allowed in Manager and Owner. The manager will see the comments as still showing in recent comments portlet but others won't. To delete the comments the manager just needs to go to http://simpson.wilderness.org.au:8081/test/blog/comments/folder_contents to see the full list of comments. The ones that have been set to private can be reviewed and cleaned out if they are spam but it might be that ones that are rejected from legitimate people who have made inappropriate comments could be kept, perhaps moved to another folder. However when I tested trying to move the comments to another folder I found that I wasn't allowed, I guess because they are strongly associated with their parent entry. What I found though was that if I rejected a comment as a user with the "Editor" role they would be shown a login page as they didn't have permission to see private comments and the default behaviour is to show the comment in its new state. I thought that the easiest way to deal with this would simply be to add a script to the reject transition that redirects the user to the blog root so they can just continue on with their review process. This turned out to be a long exercise in frustration though as even though I eventually figured out how to get a redirect to occur using the ObjectMoved method which the state_change object has it would still only work if you had permission to view objects in the private state. This is the way you can easily do redirects on a page that you have permissions: return context.REQUEST.RESPONSE.redirect(context.portal_url.getPortalPath() + '/blog') and you see it being used in various products. However this wouldn't do anything when called from a script running off a transition even when running the script logged in as manager. The following script would perform a redirect when called from a transition but only if you had rights to view the new object: ------------------------------ obj = state_change.object obj.plone_log('Beginning redirect_to script') url = obj.portal_url.getPortalObject() obj.plone_log(url) rootobj = context.portal_url.getPortalObject() id = obj.id obj.plone_log(id) newobj = state_change.new_state newid = newobj.id newobj.plone_log(newid) conid = context.id context.plone_log(conid) raise state_change.ObjectMoved(newobj, url) ------------------------------------ I also tried altering the comment view template to perform a redirect but once again the permission are such that the redirect is not called because permissions block the page before it loads the redirect. CREATING A NEW STATE AND MODIFYING COREBLOG2 Ok I had given up on the idea of making use of the private state and decided to see what happened if I created a state. I added a rejected state to the cb_commments workflow and made it the state that the reject transition moves an object to. Changing it to this state removes it from the Review list but they still display in the comment listing and the recent comment entries portlet. I then had to look at changing the COREBLog2 code to not display comments in the rejected state. There is a portlet_global_recent_comment.pt file which is not displayed in the portlets but offered a way to restrict the search of comments that are displayed. I copied this file to portlet_tws_recent_comment.pt and then added "review_state='published'" to the portal_catalog.searchResuls keywords. I also changed the style and the title to match the default Recent Comments. This recent comments portlet will now only display comments that have a state of published. Just need to swap that with the other recent comment portlet in the left slots of the properties tab for the blog. The next step was to try and stop the comments from displaying in the entry listing. It looked like the object method to do that came from the COREBlog2/content/coreblogentry.py file and was based around a catalog search again. CUSTOMISING COREBLOG2 TO ONLY SHOW PUBLISHED COMMENTS I made the following changes to 2 files to show only published comments in the list of comments displayed with an entry. I added the following to the COREBlog2/config.py file: coreblogcomment_state = 'published I then made the following changes to the COREBlog2/content/coreblogentry.py file: changed: from Products.COREBlog2.config import PROJECTNAME,\ comemnt_rel_id,trackback_rel_id,\ coreblogentry_meta_type,coreblogcomment_meta_type,\ coreblogtrackback_meta_type to from Products.COREBlog2.config import PROJECTNAME,\ comemnt_rel_id,trackback_rel_id,\ coreblogentry_meta_type,coreblogcomment_meta_type,\ coreblogtrackback_meta_type,coreblogcomment_state and changed this line in the getComment method: contentFilter = {'path':path,'portal_type':coreblogcomment_meta_type} to contentFilter = {'path':path,'portal_type':coreblogcomment_meta_type,'review_state':coreblogcomment_state} the contentFilter variable is passed into a call to the searchResults which is called via the queryCatalog in this script. Ok that caused only published comments to be shown in the comments listing for an entry but the count was still displaying all comments. To fix that I just had to change the contentFilter in the countComment method in the coreblogentry.py file to be the same as the one I had in the getComment method. I had to restart Zope after these changes to get them to load. RESTRICTING ACCESS TO COMMENTS IN THE REJECTED STATE Ok the remaining problem I have now with the comments is that I need to restrict access to the comments folder because an anonymous user can still go to .....t/blog/comments folder and see all comments except those that are private or pending. What I need to do is make it so that anonymous users don't have the right to see comments that are in an rejected state. This will also stop them being able to access these comments by search. Setting the permissions that you want on a particular state is quite easy. To do it go to the workflow that is managing the content type that you are interesting in and then click on the states tab, select the state that you want to change permissions for and then click on the Permissions tab. By default it appears that when you create a new state it is set to aquire all the permissions. I set the permissions for the rejected state so that they wheren't aquired and the manager had rights for all permissions and the Editor role had "View" and "Access Content Information" permissions. The other roles had no permissions for objects in the rejected state. You need to click on the "Update Security Settings" button in the portal_workflow page to apply any changes to permissions you make. Ok that has fixed that if anonymous goes to the comments folder now they will only see comments that are in the published state. Ok that appears to be it as far as workflowing comments goes. Bloggers now have a nice simple workflow and the anonymous user only sees content if they are published. 2. FIXING CONFIRMATION EMAIL ON COMMENT SUBMISSION The email notification that coreblog sends to people when someone submitts a comment or trackback has a number of problems: 1. There is no subject 2. The from address is not the one specified in the blog settings but the same as the to address. 3. The format of the email in thunderbird is unreadable with large spaces between every character. COREBlog doesn't use the normal mailhost that you see used in other scripts. The author has written his own method "send_mail" in order to bypass Zopes security and allow anonymous users the ability to send email by submitting a comment. What I ended up doing was changing the send_mail() method in the COREBlogTool.py. I changed the send_mail() from: def send_mail(self, body,to_addr,from_addr,subject): # # Method to bypass Zope's security. # For case of comment/trackback post by anonymous user # try: self.MailHost.send(body,to_addr, from_addr, subject) to: def send_mail(self, msg): # # Method to bypass Zope's security. # For case of comment/trackback post by anonymous user # try: self.MailHost.send(msg) I then worked on trying to get the message created properly. Ok after some stuffing around to get date field right for mozilla thunderbird people monitoring the blog now get an email that provides the comment and the comment details with a subject in the format of "[blog comment] comment title". I couldn't figure out exactly what was causing the wierd formatting in mozilla but thought it could possibly be the translate functions as they where used in the script. Here is a diff from fcomp of the original cbaddComment.cpy and my changes: ------------------------------------------------- FILE A: cbaddComment.cpy-original FILE B: cbaddComment.cpy TOTALS: 43 inserted 7 deleted 67 matched ******************** INSERT [A 15, B 15]: from DateTime import DateTime ******************** REPLACE [A 40-41, B 41-46]: from_addr = context.getNotify_to() msgbody = context.translate('comment_notify_body') ******************** WITH: from_addr = context.getNotify_from() Date = DateTime() commondate = DateTime.aCommon(Date) context.plone_log(commondate) #Get elements from the form setting them to empty strings if they don't exist ******************** REPLACE [A 50-52, B 55-66]: msgbody = msgbody % (elements) msgsubject = context.translate('comment_notify_title') mgsheader = """To: %s ******************** WITH: #Set variables to be inserted in message title = elements['title'] author = elements['author'] url = elements['url'] ip = elements['post_ip'] entryurl = elements['entry_url'] msgbody = elements['body'] msgsubject = '[blog comment] ' + title message = """ To: %s ******************** INSERT [A 56, B 70-71]: Date: %s Subject: %s ******************** REPLACE [A 57-58, B 73-94]: """ % (to_addr,from_addr) cbtool.send_mail(mgsheader+msgbody, to_addr, from_addr, msgsubject) ******************** WITH: Comment Title: %s Author: %s Url: %s Client IP: %s Entry URL: %s %s """ msg = message % ( to_addr, from_addr, commondate, msgsubject, title, author, url, ip, entryurl, msgbody ) cbtool.send_mail(msg) ------------------------------------------ 3. INSTALL ANTI-COMMENT SPAM TOOL CAPTCHA'S - First I registered an account at http://captchas.net/registration/ - They emailed me a key to use with the username I had created. - I then installed the plonecatpcha product using the latest version which you can get from http://sourceforge.net/project/showfiles.php?group_id=177298, be aware that it unpacks just the files and not the folder so you need to create the PloneCaptcha folder in your products directory and then unpack into that. - This latest version allows you to add the username and password you got from captchas.net via the properties tab in the ZMI. To do that go the root of your plone site and then click on plone_captcha. It will default to displaying the properties so just enter your username and password there. - - I had added the following to my "cbcomment_form.pt" file above the
line:
This helps us prevent automated spamming.
Validation error output
as suggested in this post http://postaria.com/pipermail/coreblog-en/2006-June/000428.html - I had also added the validate_captcha to via the ZMI to the portal_skins/COREBlog2/cbcomment_preview.pt file and cbentry_view file. To save having to do this for every plone site that used the COREBlog2 product I added "validate_captcha" on to the list of validators in the metadata files for these 2 forms cbcomment_preview.cpt.metadata and cbentry_view.cpt.metadata. ** Note the .cpt stands for controller page template which gives you an associated metadata file as it lets you set up validators and actions for your page template. validators=validateComment,validate_captcha Trackback spam just poured in as soon as the blog got linked to an google. I was uncertain how useful it was myself and thought that it could just be too confusing for our bloggers so I disabled it. Setting the permissions so that anonymous users couldn't create trackback entries didn't appear to stop it. In the blog settings -> Edit Entries tab I set trackbacks to "None/Hidden" and then applied the suggested patch at http://coreblog.org/trac/coreblog2/ticket/50 now when I create a new entry trackbacks are not shown. 4. SETUP EMAIL NOTIFICATIONS FOR COMMENTERS WHEN THEIR COMMENT IS APPROVED It turned out to be quite a bit of stuffing around to get this to work as i got caught up on a couple of things that wheren't documented in any of the documentation I saw about writing scripts to send emails. This was the fact that not all methods return strings that are in a format that will be accepted by mailhost.send. With these you need to transform them using the encode() method. If you get the following error when passing a msg to mailhost.send: Error Value No message recipients designated then look for some of your variables not being encoded correctly for email and you need to use the encode method prior to passing them to mailhost.send. If you add .encode() for email = obj.email.encode() for example you can then get it accepted by mailhost.send. This is what my comment_approved script that is called after the "publish" transition: --------------------------------------------- #This script lets people know that their comment has been published from DateTime import DateTime obj = state_change.object mhost = context.MailHost from_addr = 'blogs at domain.com' #Get the email to send to make sure you encode it otherwise mailhost choke on message to_addr = obj.email.encode() #Set the date for the date header need to use commondate format for thunderbirds sake. date = DateTime() commondate = DateTime.aCommon(date) #Get the author's name name = obj.author.encode() #Get the url of the blog entry parent = obj.getParentEntry() parenturl = parent.absolute_url() #Get the title of the blog entry parentTitle = parent.Title() # the message format, %s will be filled in from data message = """ From: %s To: %s Date: %s Subject: comment on nuclear dump blog published Hi %s Your comment on my blog entry "%s" has been published see %s#comments Thank you for your input """ msg = message % ( from_addr, to_addr, commondate, name, parentTitle, parenturl ) #Log message for referece purposes context.plone_log(msg) mhost.send(msg) -------------------------------------- Ok thats was it the comment process in COREBlog2 is now nice and simple for my bloggers. cheers John -- John Habermann Internet Programmer, System Administrator The Wilderness Society Inc http://www.wilderness.org.au From rbh at neohawk.org Fri Mar 16 16:30:07 2007 From: rbh at neohawk.org (Robert B. Hawkins) Date: Fri, 16 Mar 2007 11:30:07 -0400 Subject: [COREblog-en] perform a redirect after changing a comment state In-Reply-To: References: Message-ID: <200703161130.08014.rbh@neohawk.org> John, Nice. Thanks for this. Rob On Thursday 15 March 2007 10:35:47 pm john habermann wrote: > I thought I would follow up my own post explaining how I come up with > the solution to get the comment workflow to work as I wanted, so at > least if other run into the same problem and come looking on the list > they won't find an unanswered question something I personally find > very frustrating :) It is a bit of a detailed post so apologies to > peoples inboxes. > > The problems I had and things that I wanted to do with commenting in > COREBlog2 where: > > 1. Creating an easy to use workflow to allow my bloggers to process > comments that are submitted to their blog entries. Requirements where to > allow a simple "Publish" or "Reject" from the state drop down and that this > process be as > simple as possible, Ideally blogger would have a specific role and not > have to be made a manager in order to make the interface as simple as > possible. > > 2. Email notifications for comments where easy to understand and worked > in mozilla-thunderbird as by default they where unreadable in > thunderbird due to every character being spaced apart. > > 3. Spam via comments and trackbacks should be reduced to an absolute > minimum as to not turn off our bloggers from the process. Having them > being barraged by spam and spending all their time time rejecting > these would really reduce the appeal of a blog. > > 4. Commentors would be notified by email when their comment was approved. > This was something requested by our bloggers as a courteous thing to do. > > > 1. SETTING UP A SMOOTH WORKFLOW FOR COMMENT APPROVAL > > I created an editor role that had the following permissions to my > editor role in the root plone site permissions tab: > > > ATContentTypes: Add Document > ATContentTypes: Add Event > ATContentTypes: Add File > ATContentTypes: Add Image > ATContentTypes: Add Link > ATContentTypes: Add News Item > > Access contents information > Add portal content > List folder contents > Modify portal content > Request review > View > > I initially had real problems understanding what was happening in the > permissions as they didn't seem to work, but the problems was due to > me falsely assuming that all the folder objects and the articles would > by default just be aquiring their permissions from the root folder but > that was not the case. The article folder was not aquiring from the > root in case of the "modify portal content" permission nor where the > articles themselves set to aquire for that permission. > > You need to look at the workflow that applies to objects as that > determines what permissions they are created with or at least the > settings of those permissions that are managed by the workflow. > > There where 4 permissions managed by the cb_comments_workflow, which > was just a copy of the plone_default_workflow I had made: > > Access contents information > Change portal events > Modify portal content > View > > Each state has its own specific security settings which you can > control by clicking on the "Permissions" tab for that state. For > example when an object is in the "Pending" state the Reviewer role is > given all the 4 permissions while when and object is in "Published" > state only the Manager role has permission to edit the object. > > For the cb_comment_workflow I just needed 3 states: > > Pending (set this to the default state) > Published > Rejected ( a new state I created) > > and 3 transitions: > > Publish > Reject > Submit > > I deleted all other states and transitions. My bloggers are added to > an Editors group which has been given the editor role. All bloggers > are also placed in the Reviewers Group. > > REJECTING COMMENTS > > After thinking initially that I would have the reject transition just > delete the rejected comments I thought it might be better to have a > system they are kept available for historical purposes so switching > them to a state where they are not visible to my bloggers or anonymous > users would be a better option. > > One way I have thought that I could do it was to have reject be set to > make the state of the comment private and private to be only viewable by > the manager. This might have the added benefit of keeping the comments > for historical puposes. The manger could easily go in and chose the > delete option to clean out all obvious spam ones now and then but to a > person who doesn't have the manager role they would effectively deleted. > > I changed the state that the reject transition changes to from visible > to private. That works the comment disappears from the review list as it > is not in the pending state but it doesn't appear to anonymous users as > the private state has the view permission only allowed in Manager and > Owner. > > The manager will see the comments as still showing in recent comments > portlet but others won't. To delete the comments the manager just needs > to go to > http://simpson.wilderness.org.au:8081/test/blog/comments/folder_contents > to see the full list of comments. The ones that have been set to private > can be reviewed and cleaned out if they are spam but it might be that > ones that are rejected from legitimate people who have made > inappropriate comments could be kept, perhaps moved to another folder. > However when I tested trying to move the comments to another folder I > found that I wasn't allowed, I guess because they are strongly > associated with their parent entry. > > What I found though was that if I rejected a comment as a user with the > "Editor" role they would be shown a login page as they didn't have > permission to see private comments and the default behaviour is to show > the comment in its new state. I thought that the easiest way to deal > with this would simply be to add a script to the reject transition that > redirects the user to the blog root so they can just continue on with > their review process. > > This turned out to be a long exercise in frustration though as even > though I eventually figured out how to get a redirect to occur using the > ObjectMoved method which the state_change object has it would still only > work if you had permission to view objects in the private state. > > This is the way you can easily do redirects on a page that you have > permissions: > > return > context.REQUEST.RESPONSE.redirect(context.portal_url.getPortalPath() + > '/blog') > > and you see it being used in various products. However this wouldn't do > anything when called from a script running off a transition even when > running the script logged in as manager. > > The following script would perform a redirect when called from a > transition but only if you had rights to view the new object: > > ------------------------------ > obj = state_change.object > obj.plone_log('Beginning redirect_to script') > > url = obj.portal_url.getPortalObject() > obj.plone_log(url) > > rootobj = context.portal_url.getPortalObject() > > id = obj.id > obj.plone_log(id) > > newobj = state_change.new_state > newid = newobj.id > newobj.plone_log(newid) > > conid = context.id > context.plone_log(conid) > > raise state_change.ObjectMoved(newobj, url) > ------------------------------------ > > I also tried altering the comment view template to perform a redirect > but once again the permission are such that the redirect is not called > because permissions block the page before it loads the redirect. > > CREATING A NEW STATE AND MODIFYING COREBLOG2 > > Ok I had given up on the idea of making use of the private state and > decided to see what happened if I created a state. I added a rejected > state to the cb_commments workflow and made it the state that the reject > transition moves an object to. Changing it to this state removes it from > the Review list but they still display in the comment listing and the > recent comment entries portlet. > > I then had to look at changing the COREBLog2 code to not display > comments in the rejected state. > > There is a portlet_global_recent_comment.pt file which is not > displayed in the portlets but offered a way to restrict the search of > comments that are displayed. > > I copied this file to portlet_tws_recent_comment.pt and then added > "review_state='published'" to the portal_catalog.searchResuls keywords. > > I also changed the style and the title to match the default Recent > Comments. This recent comments portlet will now only display comments > that have a state of published. Just need to swap that with the other > recent comment portlet in the left slots of the properties tab for the > blog. > > The next step was to try and stop the comments from displaying in the > entry listing. It looked like the object method to do that came from the > COREBlog2/content/coreblogentry.py file and was based around a catalog > search again. > > CUSTOMISING COREBLOG2 TO ONLY SHOW PUBLISHED COMMENTS > > I made the following changes to 2 files to show only published comments > in the list of comments displayed with an entry. > > I added the following to the COREBlog2/config.py file: > > coreblogcomment_state = 'published > > I then made the following changes to the > COREBlog2/content/coreblogentry.py file: > > changed: > > from Products.COREBlog2.config import PROJECTNAME,\ > comemnt_rel_id,trackback_rel_id,\ > coreblogentry_meta_type,coreblogcomment_meta_type,\ > coreblogtrackback_meta_type > > to > > from Products.COREBlog2.config import PROJECTNAME,\ > comemnt_rel_id,trackback_rel_id,\ > coreblogentry_meta_type,coreblogcomment_meta_type,\ > coreblogtrackback_meta_type,coreblogcomment_state > > and changed this line in the getComment method: > > contentFilter = {'path':path,'portal_type':coreblogcomment_meta_type} > > to > > contentFilter = > {'path':path,'portal_type':coreblogcomment_meta_type,'review_state':coreblo >gcomment_state} > > the contentFilter variable is passed into a call to the searchResults > which is called via the queryCatalog in this script. > > Ok that caused only published comments to be shown in the comments > listing for an entry but the count was still displaying all comments. To > fix that I just had to change the contentFilter in the countComment > method in the coreblogentry.py file to be the same as the one I had in > the getComment method. > > I had to restart Zope after these changes to get them to load. > > RESTRICTING ACCESS TO COMMENTS IN THE REJECTED STATE > > Ok the remaining problem I have now with the comments is that I need to > restrict access to the comments folder because an anonymous user can > still go to .....t/blog/comments folder and see all comments except those > that are private or pending. What I need to do is make it so that anonymous > users don't have the right to see comments that are in an rejected state. > This will also stop them being able to access these comments by search. > > Setting the permissions that you want on a particular state is quite > easy. To do it go to the workflow that is managing the content type that > you are interesting in and then click on the states tab, select the > state that you want to change permissions for and then click on the > Permissions tab. > > By default it appears that when you create a new state it is set to > aquire all the permissions. I set the permissions for the rejected state > so that they wheren't aquired and the manager had rights for all > permissions and the Editor role had "View" and "Access Content > Information" permissions. The other roles had no permissions for > objects in the rejected state. > > You need to click on the "Update Security Settings" button in the > portal_workflow page to apply any changes to permissions you make. Ok > that has fixed that if anonymous goes to the comments folder now they > will only see comments that are in the published state. > > Ok that appears to be it as far as workflowing comments goes. Bloggers now > have a nice simple workflow and the anonymous user only sees content if > they are published. > > > 2. FIXING CONFIRMATION EMAIL ON COMMENT SUBMISSION > > The email notification that coreblog sends to people when someone > submitts a comment or trackback has a number of problems: > > 1. There is no subject > 2. The from address is not the one specified in the blog settings but > the same as the to address. > 3. The format of the email in thunderbird is unreadable with large > spaces between every character. > > COREBlog doesn't use the normal mailhost that you see used in other > scripts. The author has written his own method "send_mail" in order to > bypass Zopes security and allow anonymous users the ability to send > email by submitting a comment. > > What I ended up doing was changing the send_mail() method in the > COREBlogTool.py. > > I changed the send_mail() from: > > def send_mail(self, body,to_addr,from_addr,subject): > # > # Method to bypass Zope's security. > # For case of comment/trackback post by anonymous user > # > try: > self.MailHost.send(body,to_addr, from_addr, subject) > > to: > > def send_mail(self, msg): > # > # Method to bypass Zope's security. > # For case of comment/trackback post by anonymous user > # > try: > self.MailHost.send(msg) > > I then worked on trying to get the message created properly. > > Ok after some stuffing around to get date field right for mozilla > thunderbird people monitoring the blog now get an email that provides > the comment and the comment details with a subject in the format of > "[blog comment] comment title". I couldn't figure out exactly what was > causing the wierd formatting in mozilla but thought it could possibly be > the translate functions as they where used in the script. > > Here is a diff from fcomp of the original cbaddComment.cpy and my changes: > ------------------------------------------------- > > FILE A: cbaddComment.cpy-original > FILE B: cbaddComment.cpy > TOTALS: 43 inserted 7 deleted 67 matched > > ******************** INSERT [A 15, B 15]: > from DateTime import DateTime > > ******************** REPLACE [A 40-41, B 41-46]: > from_addr = context.getNotify_to() > msgbody = context.translate('comment_notify_body') > ******************** WITH: > from_addr = context.getNotify_from() > Date = DateTime() > commondate = DateTime.aCommon(Date) > context.plone_log(commondate) > > #Get elements from the form setting them to empty strings if they don't > exist > > ******************** REPLACE [A 50-52, B 55-66]: > msgbody = msgbody % (elements) > msgsubject = context.translate('comment_notify_title') > mgsheader = """To: %s > ******************** WITH: > > #Set variables to be inserted in message > title = elements['title'] > author = elements['author'] > url = elements['url'] > ip = elements['post_ip'] > entryurl = elements['entry_url'] > msgbody = elements['body'] > msgsubject = '[blog comment] ' + title > > message = """ > To: %s > > ******************** INSERT [A 56, B 70-71]: > Date: %s > Subject: %s > > ******************** REPLACE [A 57-58, B 73-94]: > """ % (to_addr,from_addr) > cbtool.send_mail(mgsheader+msgbody, to_addr, from_addr, msgsubject) > ******************** WITH: > Comment Title: %s > Author: %s > Url: %s > Client IP: %s > Entry URL: %s > > %s > > """ > msg = message % ( > to_addr, > from_addr, > commondate, > msgsubject, > title, > author, > url, > ip, > entryurl, > msgbody > ) > cbtool.send_mail(msg) > ------------------------------------------ > > 3. INSTALL ANTI-COMMENT SPAM TOOL CAPTCHA'S > > - First I registered an account at http://captchas.net/registration/ > > - They emailed me a key to use with the username I had created. > > - I then installed the plonecatpcha product using the latest version > which you can get from > http://sourceforge.net/project/showfiles.php?group_id=177298, be aware > that it unpacks just the files and not the folder so you need to create > the PloneCaptcha folder in your products directory and then unpack into > that. > > - This latest version allows you to add the username and password you > got from captchas.net via the properties tab in the ZMI. To do that go > the root of your plone site and then click on plone_captcha. It will > default to displaying the properties so just enter your username and > password there. > > - - I had added the following to my "cbcomment_form.pt" file above the >
line: > >
tal:define="error errors/captcha| nothing;" > tal:attributes="class python:test(error, 'field error', > 'field')"> > > >
i18n:translate="help_plone_captcha"> > This helps us prevent automated spamming. >
> >
Validation error output
>
>
> > as suggested in this post > http://postaria.com/pipermail/coreblog-en/2006-June/000428.html > > - I had also added the validate_captcha to via the ZMI to the > portal_skins/COREBlog2/cbcomment_preview.pt file anborder="0" d cbentry_view file. > To save having to do this for every plone site that used the COREBlog2 > product I added "validate_captcha" on to the list of validators in the > metadata files for these 2 forms cbcomment_preview.cpt.metadata and > cbentry_view.cpt.metadata. > > ** Note the .cpt stands for controller page template which gives you an > associated metadata file as it lets you set up validators and actions > for your page template. > > validators=validateComment,validate_captcha > > Trackback spam just poured in as soon as the blog got linked to an > google. I was uncertain how useful it was myself and thought that it > could just be too confusing for our bloggers so I disabled it. Setting > the permissions so that anonymous users couldn't create trackback > entries didn't appear to stop it. In the blog settings -> Edit Entries > tab I set trackbacks to "None/Hidden" and then applied the suggested > patch at http://coreblog.org/trac/coreblog2/ticket/50 now when I > create a new entry trackbacks are not shown. > > 4. SETUP EMAIL NOTIFICATIONS FOR COMMENTERS WHEN THEIR COMMENT IS APPROVED > > It turned out to be quite a bit of stuffing around to get this to work > as i got caught up on a couple of things that wheren't documented in any > of the documentation I saw about writing scripts to send emails. This > was the fact that not all methods return strings that are in a format > that will be accepted by mailhost.send. With these you need to transform > them using the encode() method. If you get the following error when > passing a msg to mailhost.send: > > Error Value > No message recipients designated > > then look for some of your variables not being encoded correctly for > email and you need to use the encode method prior to passing them to > mailhost.send. If you add .encode() for email = obj.email.encode() for > example you can then get it accepted by mailhost.send. > > This is what my comment_approved script that is called after the > "publish" transition: > > --------------------------------------------- > #This script lets people know that their comment has been published > from DateTime import DateTime > > obj = state_change.object > > mhost = context.MailHost > from_addr = 'blogs at domain.com' > > #Get the email to send to make sure you encode it otherwise mailhost > choke on message > to_addr = obj.email.encode() > > #Set the date for the date header need to use commondate format for > thunderbirds sake. > date = DateTime() > commondate = DateTime.aCommon(date) > > #Get the author's name > name = obj.author.encode() > > #Get the url of the blog entry > parent = obj.getParentEntry() > parenturl = parent.absolute_url() > > #Get the title of the blog entry > parentTitle = parent.Title() > > # the message format, %s will be filled in from data > message = """ > From: %s > To: %s > Date: %s > Subject: comment on nuclear dump blog published > > Hi %s > > Your comment on my blog entry "%s" has been published see > %s#comments > > Thank you for your input > """ > > msg = message % ( > from_addr, > to_addr, > commondate, > name, > parentTitle, > parenturl > ) > > #Log message for referece purposes > context.plone_log(msg) > > mhost.send(msg) > -------------------------------------- > > Ok thats was it the comment process in COREBlog2 is now nice and > simple for my bloggers. > > cheers > John -- Robert B. Hawkins http://www.neohawk.org 440-210-1621 (home) 440-829-4993 (cell) rbh at neohawk.org From qcxhome at gmail.com Tue Mar 20 07:52:39 2007 From: qcxhome at gmail.com (=?GB2312?B?wvPM78rYzfvV3w==?=) Date: Tue, 20 Mar 2007 14:52:39 +0800 Subject: [COREblog-en] cannot save new entry Message-ID: I cannot save my new entry. When I click the save button after editing a new entry, coreblog ask me to login. And the navigation bar display the following text: home -> acl_users -> credentials_cookie_auth Why does it happen, and how to solve this problem? Thanks a lot! -- GoogleTalk: qcxhome at gmail.com MSN: qcxhome at hotmail.com My Space: tkdchen.spaces.live.com BOINC: boinc.berkeley.edu ?????????: www.equn.com From sirloon at sirloon.net Tue Mar 20 17:40:16 2007 From: sirloon at sirloon.net (sirloon) Date: Tue, 20 Mar 2007 17:40:16 +0100 Subject: [COREblog-en] Preventing tbping spamming ? Message-ID: <20070320164016.GA14869@beast.sirloon.net> Hi, I'm using CoreBlog2 0.9b for Plone, and I get spammed with trackback pinging. I've disable trackback in my entries (cannot add/hidden), but I'm still receiving mail notifications. So I dig a little and found a possible bug (at least annoyance), in the tbping python script: 1. the script first sends mail notification 2. then tries to add the trackback I would have expected: try *then* notify. More, while adding trackback, the script isn't interrested into the return value of addTrackback2Entry(). As a result, event if the trackback is closed/hidden (that is, not open), the script won't be aware about this error (addTrackback2Entry() will return None), and will return a tbping_result with error code ok. FWIW, attached is my customized tbping script. Hope it helps, Cheers, Seb -- S?bastien LELONG sebastien.lelong[at]sirloon.net http://www.sirloon.net http://sirbot.org "Syntactic sugar is just sugar, but it makes life tasty..." :wq! -------------- next part -------------- A non-text attachment was scrubbed... Name: customized.py Type: text/x-python Size: 2031 bytes Desc: not available Url : http://postaria.com/pipermail/coreblog-en/attachments/20070320/f0806af2/attachment.py -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 191 bytes Desc: Digital signature Url : http://postaria.com/pipermail/coreblog-en/attachments/20070320/f0806af2/attachment.pgp From john.habermann at wilderness.org.au Mon Mar 26 04:03:27 2007 From: john.habermann at wilderness.org.au (john habermann) Date: Mon, 26 Mar 2007 12:03:27 +1000 Subject: [COREblog-en] cannot save new entry In-Reply-To: References: Message-ID: You need to check the permissions on as to whether you have allowed the user that you are logged in as to create comments. Generally if you perform an action in plone and then are shown the login screen it is because you don't have the correct permissions to perform that action or see the subsequent screen that is displayed. cheers John On 3/20/07, ????? wrote: > I cannot save my new entry. > > When I click the save button after editing a new entry, coreblog ask > me to login. And the navigation bar display the following text: > home -> acl_users -> credentials_cookie_auth > > Why does it happen, and how to solve this problem? Thanks a lot! > > -- > GoogleTalk: qcxhome at gmail.com > MSN: qcxhome at hotmail.com > My Space: tkdchen.spaces.live.com > BOINC: boinc.berkeley.edu > ?????????: www.equn.com > _______________________________________________ > COREblog-en mailing list > COREblog-en at postaria.com > http://postaria.com/mailman/listinfo/coreblog-en > Unsubscription writing to coreblog-en-leave at postaria.com -- John Habermann Internet Programmer, System Administrator The Wilderness Society Inc http://www.wilderness.org.au From qcxhome at gmail.com Mon Mar 26 09:42:45 2007 From: qcxhome at gmail.com (=?GB2312?B?wvPM78rYzfvV3w==?=) Date: Mon, 26 Mar 2007 15:42:45 +0800 Subject: [COREblog-en] cannot save new entry In-Reply-To: References: Message-ID: On 3/26/07, john habermann wrote: > You need to check the permissions on as to whether you have allowed > the user that you are logged in as to create comments. Generally if > you perform an action in plone and then are shown the login screen it > is because you don't have the correct permissions to perform that > action or see the subsequent screen that is displayed. > > cheers > John > > On 3/20/07, ????? wrote: > > I cannot save my new entry. > > > > When I click the save button after editing a new entry, coreblog ask > > me to login. And the navigation bar display the following text: > > home -> acl_users -> credentials_cookie_auth > > > > Why does it happen, and how to solve this problem? Thanks a lot! > > Thanks for your reply! Would you please show me where to view the user's permissions to coreblog application and how to make it correct? Thanks a lot! -- GoogleTalk: qcxhome at gmail.com MSN: qcxhome at hotmail.com My Space: tkdchen.spaces.live.com BOINC: boinc.berkeley.edu ?????????: www.equn.com From john.habermann at wilderness.org.au Mon Mar 26 11:41:25 2007 From: john.habermann at wilderness.org.au (john habermann) Date: Mon, 26 Mar 2007 19:41:25 +1000 Subject: [COREblog-en] cannot save new entry In-Reply-To: References: Message-ID: If you go into your ZMI click on the Security tab in the root folder. Scroll down that page about half way and you should see a number of coreblog entries. By default in my install I had "COREBlog2: Add COREBlogComment" and "COREBlog2: Add COREBlogTrackback" had the anonymous box ticked which means that anonymous visitors to your site are able to create comments or trackbacks. You might also check the security tab in the plone site and the blog itself although by default they should be set to aquire permission from their parent container. The workflow being used for comments might also be something that could cause something like this if it is transitioning the comment into a state that the user doesn't have permission for. cheers John On 3/26/07, ????? wrote: > On 3/26/07, john habermann wrote: > > You need to check the permissions on as to whether you have allowed > > the user that you are logged in as to create comments. Generally if > > you perform an action in plone and then are shown the login screen it > > is because you don't have the correct permissions to perform that > > action or see the subsequent screen that is displayed. > > > > cheers > > John > > > > On 3/20/07, ????? wrote: > > > I cannot save my new entry. > > > > > > When I click the save button after editing a new entry, coreblog ask > > > me to login. And the navigation bar display the following text: > > > home -> acl_users -> credentials_cookie_auth > > > > > > Why does it happen, and how to solve this problem? Thanks a lot! > > > > > Thanks for your reply! Would you please show me where to view the > user's permissions to coreblog application and how to make it correct? > > Thanks a lot! > > -- > GoogleTalk: qcxhome at gmail.com > MSN: qcxhome at hotmail.com > My Space: tkdchen.spaces.live.com > BOINC: boinc.berkeley.edu > ?????????: www.equn.com > _______________________________________________ > COREblog-en mailing list > COREblog-en at postaria.com > http://postaria.com/mailman/listinfo/coreblog-en > Unsubscription writing to coreblog-en-leave at postaria.com -- John Habermann Internet Programmer, System Administrator The Wilderness Society Inc http://www.wilderness.org.au From garito at sistes.net Mon Mar 26 14:49:24 2007 From: garito at sistes.net (Garito) Date: Mon, 26 Mar 2007 14:49:24 +0200 Subject: [COREblog-en] Capcha Coreblog for Zope Message-ID: Hi! Anyone has a capcha product for zope (not Plone!!!!!)??? The 2 steps comment process don't work anymore Thanks! -- Mis Cosas http://blogs.sistes.net/Garito -------------- next part -------------- An HTML attachment was scrubbed... URL: http://postaria.com/pipermail/coreblog-en/attachments/20070326/c2632d04/attachment.htm From eiben at weite-welt.com Mon Mar 26 22:41:06 2007 From: eiben at weite-welt.com (Henning Eiben) Date: Mon, 26 Mar 2007 22:41:06 +0200 Subject: [COREblog-en] Error after upgrading Plone Message-ID: <46082FE2.4030503@weite-welt.com> Hi, I just recently upgrade my plone installation from 2.1.2 to 2.5.1. So far everything worked fine, but when I wanted to add a new coreblog-entry to my site I get the following message: 'ascii' codec can't decode byte 0xc3 in position 109: ordinal not in range(128) Does anyone know how to "fix" this problem? -=-=- ... Black holes suck. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 479 bytes Desc: OpenPGP digital signature Url : http://postaria.com/pipermail/coreblog-en/attachments/20070326/4c03ee8a/attachment.pgp From shibata at webcore.co.jp Tue Mar 27 02:25:01 2007 From: shibata at webcore.co.jp (Atsushi Shibata) Date: Tue, 27 Mar 2007 09:25:01 +0900 Subject: [COREblog-en] Error after upgrading Plone In-Reply-To: <46082FE2.4030503@weite-welt.com> References: <46082FE2.4030503@weite-welt.com> Message-ID: <20070327092501.955962.ca5fd159@webcore.co.jp> Hi :-). Please try nightly. http://coreblog.org/junk_l/COREBlog2_nightly.tgz Regards. On Mon, 26 Mar 2007 22:41:06 +0200, wrote: > Hi, > > I just recently upgrade my plone installation from 2.1.2 to 2.5.1. So > far everything worked fine, but when I wanted to add a new > coreblog-entry to my site I get the following message: > > 'ascii' codec can't decode byte 0xc3 in position 109: ordinal not in > range(128) > > Does anyone know how to "fix" this problem? ---------------------------------------- Atsushi Shibata (Webcore Corp.) shibata at webcore.co.jp http://www.webcore.co.jp/ ---------------------------------------- From eiben at weite-welt.com Tue Mar 27 17:18:37 2007 From: eiben at weite-welt.com (Henning Eiben) Date: Tue, 27 Mar 2007 17:18:37 +0200 Subject: [COREblog-en] Error after upgrading Plone In-Reply-To: <20070327092501.955962.ca5fd159@webcore.co.jp> References: <46082FE2.4030503@weite-welt.com> <20070327092501.955962.ca5fd159@webcore.co.jp> Message-ID: <460935CD.5000908@weite-welt.com> Atsushi Shibata schrieb: > Hi :-). > > Please try nightly. > > http://coreblog.org/junk_l/COREBlog2_nightly.tgz Hm, ok. So I replaced my Version 0.9b with the nightly build ... but the message remains :( -=-=- ... Black holes suck. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 479 bytes Desc: OpenPGP digital signature Url : http://postaria.com/pipermail/coreblog-en/attachments/20070327/2c9fee1d/attachment.pgp From qcxhome at gmail.com Wed Mar 28 03:44:04 2007 From: qcxhome at gmail.com (=?GB2312?B?wvPM78rYzfvV3w==?=) Date: Wed, 28 Mar 2007 09:44:04 +0800 Subject: [COREblog-en] cannot save new entry In-Reply-To: References: Message-ID: On 3/26/07, john habermann wrote: > If you go into your ZMI click on the Security tab in the root folder. > Scroll down that page about half way and you should see a number of > coreblog entries. By default in my install I had "COREBlog2: Add > COREBlogComment" and "COREBlog2: Add COREBlogTrackback" had the > anonymous box ticked which means that anonymous visitors to your site > are able to create comments or trackbacks. You might also check the > security tab in the plone site and the blog itself although by default > they should be set to aquire permission from their parent container. > > The workflow being used for comments might also be something that > could cause something like this if it is transitioning the comment > into a state that the user doesn't have permission for. > > cheers > John > > On 3/26/07, ????? wrote: > > On 3/26/07, john habermann wrote: > > > You need to check the permissions on as to whether you have allowed > > > the user that you are logged in as to create comments. Generally if > > > you perform an action in plone and then are shown the login screen it > > > is because you don't have the correct permissions to perform that > > > action or see the subsequent screen that is displayed. > > > > > > cheers > > > John > > > > > > On 3/20/07, ????? wrote: > > > > I cannot save my new entry. > > > > > > > > When I click the save button after editing a new entry, coreblog ask > > > > me to login. And the navigation bar display the following text: > > > > home -> acl_users -> credentials_cookie_auth > > > > > > > > Why does it happen, and how to solve this problem? Thanks a lot! > > > > > > > > Thanks for your reply! Would you please show me where to view the > > user's permissions to coreblog application and how to make it correct? > > > > Thanks a lot! > > > > -- > > GoogleTalk: qcxhome at gmail.com > > MSN: qcxhome at hotmail.com > > My Space: tkdchen.spaces.live.com > > BOINC: boinc.berkeley.edu > > ?????????: www.equn.com > > _______________________________________________ > > COREblog-en mailing list > > COREblog-en at postaria.com > > http://postaria.com/mailman/listinfo/coreblog-en > > Unsubscription writing to coreblog-en-leave at postaria.com > > > -- > John Habermann > Internet Programmer, System Administrator > The Wilderness Society Inc > http://www.wilderness.org.au > _______________________________________________ > COREblog-en mailing list > COREblog-en at postaria.com > http://postaria.com/mailman/listinfo/coreblog-en > Unsubscription writing to coreblog-en-leave at postaria.com Thanks! In my install, I saw the two items you mentioned have been checked. I found a problem, and I think it may be a bug. Later, I will send the description to mail list in my spare time. Thanks again for your help! -- GoogleTalk: qcxhome at gmail.com MSN: qcxhome at hotmail.com My Space: tkdchen.spaces.live.com BOINC: boinc.berkeley.edu ?????????: www.equn.com From eiben at weite-welt.com Wed Mar 28 08:24:07 2007 From: eiben at weite-welt.com (Henning Eiben) Date: Wed, 28 Mar 2007 08:24:07 +0200 Subject: [COREblog-en] Error after upgrading Plone In-Reply-To: <460935CD.5000908@weite-welt.com> References: <46082FE2.4030503@weite-welt.com> <20070327092501.955962.ca5fd159@webcore.co.jp> <460935CD.5000908@weite-welt.com> Message-ID: <460A0A07.30505@weite-welt.com> Henning Eiben schrieb: > Atsushi Shibata schrieb: > >> Hi :-). >> >> Please try nightly. >> >> http://coreblog.org/junk_l/COREBlog2_nightly.tgz > > Hm, ok. So I replaced my Version 0.9b with the nightly build ... but the > message remains :( Well, maybe I should give some more information: - I tested the upgrade of plone on my workstation running Windows XP - my "productive" environment is running on Debian Sarge Both systems have python 2.3.5 and zope 2.8.8 ... anything else? Well, on my workstation there seems to be no problem to add new entries to my existing coreblog, but when adding new entries to my production-site I get the described error. BTW: what does this error mean - what is going "wrong"? -=-=- ... Black holes suck. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 479 bytes Desc: OpenPGP digital signature Url : http://postaria.com/pipermail/coreblog-en/attachments/20070328/35b27516/attachment.pgp From coreblog.low at gmail.com Wed Mar 28 17:35:29 2007 From: coreblog.low at gmail.com (Low Kian Seong) Date: Wed, 28 Mar 2007 23:35:29 +0800 Subject: [COREblog-en] Preventing tbping spamming ? In-Reply-To: <20070320164016.GA14869@beast.sirloon.net> References: <20070320164016.GA14869@beast.sirloon.net> Message-ID: <7e0a44d80703280835h51c5a8a4p889e9869396c0bf2@mail.gmail.com> On 3/21/07, sirloon wrote: > Hi, > > I'm using CoreBlog2 0.9b for Plone, and I get spammed with trackback pinging. I've disable trackback in my entries (cannot add/hidden), but I'm still receiving mail notifications. So I dig a little and found a possible bug (at least annoyance), in the tbping python script: > > 1. the script first sends mail notification > 2. then tries to add the trackback > > I would have expected: try *then* notify. More, while adding trackback, the script isn't interrested into the return value of addTrackback2Entry(). As a result, event if the trackback is closed/hidden (that is, not open), the script won't be aware about this error (addTrackback2Entry() will return None), and will return a tbping_result with error code ok. > > FWIW, attached is my customized tbping script. > > Hope it helps, > > Cheers, > > Seb > -- > S?bastien LELONG > sebastien.lelong[at]sirloon.net > http://www.sirloon.net > http://sirbot.org > "Syntactic sugar is just sugar, but it makes life tasty..." > :wq! But does this mean that you open up trackback to all now ? I mean with this script is it enough to lessen the huge number of trackback spams ? > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.2.2 (GNU/Linux) > > iD8DBQFGAA5wwi2+M5caSkYRAljeAJ9X2P+FNcrzN1WLRxTpHRDhSm1oNgCdGWVY > BW9mnGAvAMvZyOPLSdHZlw8= > =gCNR > -----END PGP SIGNATURE----- > > _______________________________________________ > COREblog-en mailing list > COREblog-en at postaria.com > http://postaria.com/mailman/listinfo/coreblog-en > Unsubscription writing to coreblog-en-leave at postaria.com > > From coreblog.low at gmail.com Wed Mar 28 17:37:24 2007 From: coreblog.low at gmail.com (Low Kian Seong) Date: Wed, 28 Mar 2007 23:37:24 +0800 Subject: [COREblog-en] How do i add the full text description to rss_template ? In-Reply-To: <7e0a44d80612310211w324ef782t8069cbbdf486d3c4@mail.gmail.com> References: <7e0a44d80612310211w324ef782t8069cbbdf486d3c4@mail.gmail.com> Message-ID: <7e0a44d80703280837u55f0b04ak76aa59e7428b41c1@mail.gmail.com> Dear all, I am using Plone-2.5 and CoreBlog2. My question is how do i add the full text Description to the rss_template so that my full description appears on my rss feed generated by plone. The howtos that appear on the net are normally catered for plone-2.1.x and as the format has changed... the howtos can no longer be used. Thank you in advanced. Low Kian Seong ( http://lowks.inigo-tech.com/blog/) From coreblog_low at yahoo.com Thu Mar 29 01:21:44 2007 From: coreblog_low at yahoo.com (Low Kian Seong) Date: Wed, 28 Mar 2007 16:21:44 -0700 (PDT) Subject: [COREblog-en] rss_template question Message-ID: <20070328232144.91760.qmail@web63510.mail.re1.yahoo.com> Dear all, I am using Plone-2.5 and CoreBlog2. My question is how do i add the full text Description to the rss_template so that my full description appears on my rss feed generated by plone. The howtos that appear on the net are normally catered for plone-2.1.x and as the format has changed... the howtos can no longer be used. Thank you in advanced. --------------------------------- Food fight? Enjoy some healthy debate in the Yahoo! Answers Food & Drink Q&A. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://postaria.com/pipermail/coreblog-en/attachments/20070328/46e95910/attachment.htm From coreblog_low at yahoo.com Thu Mar 29 01:24:00 2007 From: coreblog_low at yahoo.com (Low Kian Seong) Date: Wed, 28 Mar 2007 16:24:00 -0700 (PDT) Subject: [COREblog-en] Preventing tbping spamming ? Message-ID: <20070328232400.24167.qmail@web63511.mail.re1.yahoo.com> But does this mean that you open up trackback to all now ? I mean with this script is it enough to lessen the huge number of trackback spams ? --------------------------------- The fish are biting. Get more visitors on your site using Yahoo! Search Marketing. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://postaria.com/pipermail/coreblog-en/attachments/20070328/3c61d1c3/attachment.htm From qcxhome at gmail.com Thu Mar 29 03:37:34 2007 From: qcxhome at gmail.com (=?GB2312?B?wvPM78rYzfvV3w==?=) Date: Thu, 29 Mar 2007 09:37:34 +0800 Subject: [COREblog-en] maybe I found a bug. Message-ID: Hi, I have posted an email about "Cannot post new entry in coreblog". But I think I did not describe the problem clearly. So sorry to everyone, I wrote that again. A strange thing happened to me. And I think it may be a bug to of coreblog. After I added a comment to an entry using the username and email of an existed registered user, when haven't logged in. I couldn't post new entries when I logged in later as that user. Plone takes me to login page. However, this action does not affect other rights of that user in the Plone. Thanks everybody for helping! tkdchen -- GoogleTalk: qcxhome at gmail.com MSN: qcxhome at hotmail.com My Space: tkdchen.spaces.live.com BOINC: boinc.berkeley.edu ?????????: www.equn.com From sirloon at sirloon.net Thu Mar 29 13:57:17 2007 From: sirloon at sirloon.net (sirloon) Date: Thu, 29 Mar 2007 13:57:17 +0200 Subject: [COREblog-en] Preventing tbping spamming ? Message-ID: <20070329115717.GA16902@beast.sirloon.net> > But does this mean that you open up trackback to all now ? I mean with > this script is it enough to lessen the huge number of trackback spams > ? Trackbacks keep closed (or open if you want them to be). This script shouldn't affect the way trackbacks and tbpings work. Problem is (was) whatever the state of the trackbacks, the original script fist sent the notification, then try to add the entry. So, now, with this customized script, every ****** spammer trying to add trackback receive an error (because trackback is closed), so I'm not notified at all. In that way, I'm not spammed anymore, *with mail notification*. Of course, no script would prevent them trying to tbping your blog, but important is the way this script checks if the entry's been added or not. Original script did not, so even if it failed, ****** spammers receives a success return code and may spread the word "Hey guys, this blog is spammable, you can freely add tbpings !!!" :). So I may hope this would reduce tbping. Hope it helps, Cheers, Seb -- S?bastien LELONG sebastien.lelong[at]sirloon.net http://www.sirloon.net "Syntactic sugar is just sugar, but it makes life tasty..." :wq! -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 191 bytes Desc: Digital signature Url : http://postaria.com/pipermail/coreblog-en/attachments/20070329/e7998896/attachment.pgp From welter at betabug.ch Thu Mar 29 14:24:25 2007 From: welter at betabug.ch (Sascha Welter) Date: Thu, 29 Mar 2007 14:24:25 +0200 Subject: [COREblog-en] Preventing tbping spamming ? In-Reply-To: <20070329115717.GA16902@beast.sirloon.net> References: <20070329115717.GA16902@beast.sirloon.net> Message-ID: <20070329122425.GA17506@betabug.ch> (Thu, Mar 29, 2007 at 01:57:17PM +0200) sirloon wrote/schrieb/egrapse: > Of course, no script would prevent them trying to tbping your blog, > but important is the way this script checks if the entry's been added > or not. Original script did not, so even if it failed, ****** spammers > receives a success return code and may spread the word "Hey guys, this > blog is spammable, you can freely add tbpings !!!" :). So I may hope > this would reduce tbping. Indeed. When I started to return 403 status code to trackbacks I wouldn't accept (instead of 200 and the "no success" message in the body of the reply) attempts to trackback were reduced. Regards, Sascha From eiben at weite-welt.com Thu Mar 29 16:46:00 2007 From: eiben at weite-welt.com (Henning Eiben) Date: Thu, 29 Mar 2007 16:46:00 +0200 Subject: [COREblog-en] Error after upgrading Plone In-Reply-To: <460A0A07.30505@weite-welt.com> References: <46082FE2.4030503@weite-welt.com> <20070327092501.955962.ca5fd159@webcore.co.jp> <460935CD.5000908@weite-welt.com> <460A0A07.30505@weite-welt.com> Message-ID: <460BD128.30003@weite-welt.com> Henning Eiben schrieb: >> Atsushi Shibata schrieb: >> >>> Hi :-). >>> >>> Please try nightly. >>> >>> http://coreblog.org/junk_l/COREBlog2_nightly.tgz >> Hm, ok. So I replaced my Version 0.9b with the nightly build ... but the >> message remains :( > > Well, maybe I should give some more information: > > - I tested the upgrade of plone on my workstation running Windows XP > - my "productive" environment is running on Debian Sarge > > Both systems have python 2.3.5 and zope 2.8.8 ... anything else? Well, > on my workstation there seems to be no problem to add new entries to my > existing coreblog, but when adding new entries to my production-site I > get the described error. > > BTW: what does this error mean - what is going "wrong"? BTW: this only seems to happen to an existing blog. I just created on the same instance a new blog, and I don't seem to have trouble creating new entries ... very strange! -=-=- ... ERROR: CPU not found. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 479 bytes Desc: OpenPGP digital signature Url : http://postaria.com/pipermail/coreblog-en/attachments/20070329/c0f87412/attachment.pgp From sirloon at sirloon.net Fri Mar 30 16:24:45 2007 From: sirloon at sirloon.net (sirloon) Date: Fri, 30 Mar 2007 16:24:45 +0200 Subject: [COREblog-en] Preventing tbping spamming ? Message-ID: <20070330142445.GA19466@beast.sirloon.net> > Indeed. When I started to return 403 status code to trackbacks I > wouldn't accept (instead of 200 and the "no success" message in the body > of the reply) attempts to trackback were reduced. Good to hear this. I'll switch to 403 status code. As you said, this may be a more explicit message to spammers... Cheers Seb -- S?bastien LELONG sebastien.lelong[at]sirloon.net http://www.sirloon.net http://sirbot.org "Syntactic sugar is just sugar, but it makes life tasty..." :wq! -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 191 bytes Desc: Digital signature Url : http://postaria.com/pipermail/coreblog-en/attachments/20070330/4b6ef2eb/attachment.pgp From garito at sistes.net Sat Mar 31 15:21:53 2007 From: garito at sistes.net (Garito) Date: Sat, 31 Mar 2007 15:21:53 +0200 Subject: [COREblog-en] Comments spam Message-ID: Hi I have a lot of spam at my blog. Even with the session solution How can I avoid spam? Or how can I close comments at ALL weblog? Thanks! -- Mis Cosas http://blogs.sistes.net/Garito -------------- next part -------------- An HTML attachment was scrubbed... URL: http://postaria.com/pipermail/coreblog-en/attachments/20070331/d333746d/attachment.htm From nekstrand at gmail.com Sat Mar 31 15:49:37 2007 From: nekstrand at gmail.com (Niklas) Date: Sat, 31 Mar 2007 15:49:37 +0200 Subject: [COREblog-en] Comments spam In-Reply-To: References: Message-ID: Hi, If it is Coreblog2 (Plone) then you can use one of the captchas products. /Niklas http://zoone.se On 3/31/07, Garito wrote: > > Hi > I have a lot of spam at my blog. Even with the session solution > > How can I avoid spam? Or how can I close comments at ALL weblog? > > Thanks! > > -- > Mis Cosas > http://blogs.sistes.net/Garito > _______________________________________________ > COREblog-en mailing list > COREblog-en at postaria.com > http://postaria.com/mailman/listinfo/coreblog-en > Unsubscription writing to coreblog-en-leave at postaria.com > -- With best regards / med v?nlig h?lsning Niklas -------------- next part -------------- An HTML attachment was scrubbed... URL: http://postaria.com/pipermail/coreblog-en/attachments/20070331/75fa2fff/attachment.htm From garito at sistes.net Sat Mar 31 16:20:54 2007 From: garito at sistes.net (Garito) Date: Sat, 31 Mar 2007 16:20:54 +0200 Subject: [COREblog-en] Comments spam In-Reply-To: References: Message-ID: No, isn't coreblog2 Is coreblog project stoped? I only read messages about coreblog2 2007/3/31, Niklas : > > Hi, > > If it is Coreblog2 (Plone) then you can use one of the captchas products. > > /Niklas http://zoone.se > > On 3/31/07, Garito wrote: > > > Hi > > I have a lot of spam at my blog. Even with the session solution > > > > How can I avoid spam? Or how can I close comments at ALL weblog? > > > > Thanks! > > > > -- > > Mis Cosas > > http://blogs.sistes.net/Garito > > _______________________________________________ > > COREblog-en mailing list > > COREblog-en at postaria.com > > http://postaria.com/mailman/listinfo/coreblog-en > > Unsubscription writing to coreblog-en-leave at postaria.com > > > > > > -- > With best regards / med v?nlig h?lsning > > Niklas > _______________________________________________ > COREblog-en mailing list > COREblog-en at postaria.com > http://postaria.com/mailman/listinfo/coreblog-en > Unsubscription writing to coreblog-en-leave at postaria.com > -- Mis Cosas http://blogs.sistes.net/Garito -------------- next part -------------- An HTML attachment was scrubbed... URL: http://postaria.com/pipermail/coreblog-en/attachments/20070331/db4a876b/attachment.htm From nekstrand at gmail.com Sat Mar 31 16:26:43 2007 From: nekstrand at gmail.com (Niklas) Date: Sat, 31 Mar 2007 16:26:43 +0200 Subject: [COREblog-en] Comments spam In-Reply-To: References: Message-ID: There is an general description for python, that you might be able to adapt http://captchas.net/sample/python/ I dont think coreblog is stopped but i think a lot of people see the usability of Plone as a plus and more users are able to use it. /Niklas On 3/31/07, Garito wrote: > > No, isn't coreblog2 > > Is coreblog project stoped? I only read messages about coreblog2 > > 2007/3/31, Niklas : > > > > Hi, > > > > If it is Coreblog2 (Plone) then you can use one of the captchas > > products. > > > > /Niklas http://zoone.se > > > > On 3/31/07, Garito wrote: > > > > > Hi > > > I have a lot of spam at my blog. Even with the session solution > > > > > > How can I avoid spam? Or how can I close comments at ALL weblog? > > > > > > Thanks! > > > > > > -- > > > Mis Cosas > > > http://blogs.sistes.net/Garito > > > _______________________________________________ > > > COREblog-en mailing list > > > COREblog-en at postaria.com > > > http://postaria.com/mailman/listinfo/coreblog-en > > > Unsubscription writing to coreblog-en-leave at postaria.com > > > > > > > > > > > -- > > With best regards / med v?nlig h?lsning > > > > Niklas > > _______________________________________________ > > COREblog-en mailing list > > COREblog-en at postaria.com > > http://postaria.com/mailman/listinfo/coreblog-en > > Unsubscription writing to coreblog-en-leave at postaria.com > > > > > > -- > Mis Cosas > http://blogs.sistes.net/Garito > > _______________________________________________ > COREblog-en mailing list > COREblog-en at postaria.com > http://postaria.com/mailman/listinfo/coreblog-en > Unsubscription writing to coreblog-en-leave at postaria.com > -- With best regards / med v?nlig h?lsning Niklas -------------- next part -------------- An HTML attachment was scrubbed... URL: http://postaria.com/pipermail/coreblog-en/attachments/20070331/0e806d0e/attachment.htm From shibata at webcore.co.jp Sat Mar 31 17:02:31 2007 From: shibata at webcore.co.jp (Atsushi Shibata) Date: Sun, 1 Apr 2007 00:02:31 +0900 Subject: [COREblog-en] Error after upgrading Plone In-Reply-To: <460935CD.5000908@weite-welt.com> References: <46082FE2.4030503@weite-welt.com> <20070327092501.955962.ca5fd159@webcore.co.jp> <460935CD.5000908@weite-welt.com> Message-ID: <20070401000231.429295.a0bfd44e@webcore.co.jp> Hi :-). Can I have full error message ? It has a further information for error. So I examin for more details. Thanks in advance. On Tue, 27 Mar 2007 17:18:37 +0200, wrote: > Atsushi Shibata schrieb: > >> Hi :-). >> >> Please try nightly. >> >> http://coreblog.org/junk_l/COREBlog2_nightly.tgz > > Hm, ok. So I replaced my Version 0.9b with the nightly build ... but the > message remains :( ---------------------------------------- Atsushi Shibata (Webcore Corp.) shibata at webcore.co.jp http://www.webcore.co.jp/ ---------------------------------------- From nekstrand at gmail.com Sat Mar 31 17:23:40 2007 From: nekstrand at gmail.com (Niklas) Date: Sat, 31 Mar 2007 17:23:40 +0200 Subject: [COREblog-en] Coreblog2 PloneLightboxJS imagesize question Message-ID: Hi all, Im using Coreblog2 together with the PloneLightboxJS product but i would like to have the images viewed in a bit larger size but cant find where to modify it, anyone who has any ideeas about this? -- With best regards / med v?nlig h?lsning Niklas http://zoone.se -------------- next part -------------- An HTML attachment was scrubbed... URL: http://postaria.com/pipermail/coreblog-en/attachments/20070331/07659127/attachment.htm From garito at sistes.net Sat Mar 31 17:53:36 2007 From: garito at sistes.net (Garito) Date: Sat, 31 Mar 2007 17:53:36 +0200 Subject: [COREblog-en] Comments spam In-Reply-To: References: Message-ID: Thanks! 2007/3/31, Niklas : > There is an general description for python, that you might be able to adapt > http://captchas.net/sample/python/ > > I dont think coreblog is stopped but i think a lot of people see the > usability of Plone as a plus and more users are able to use it. > > /Niklas > > > On 3/31/07, Garito wrote: > > No, isn't coreblog2 > > > > Is coreblog project stoped? I only read messages about coreblog2 > > > > > > 2007/3/31, Niklas < nekstrand at gmail.com>: > > > Hi, > > > > > > If it is Coreblog2 (Plone) then you can use one of the captchas > products. > > > > > > /Niklas http://zoone.se > > > > > > > > > > > > On 3/31/07, Garito wrote: > > > > > > > > Hi > > > > I have a lot of spam at my blog. Even with the session solution > > > > > > > > How can I avoid spam? Or how can I close comments at ALL weblog? > > > > > > > > Thanks! > > > > > > > > -- > > > > Mis Cosas > > > > http://blogs.sistes.net/Garito > > > > _______________________________________________ > > > > COREblog-en mailing list > > > > COREblog-en at postaria.com > > > > http://postaria.com/mailman/listinfo/coreblog-en > > > > Unsubscription writing to coreblog-en-leave at postaria.com > > > > > > > > > > > > > > > > -- > > > With best regards / med v?nlig h?lsning > > > > > > Niklas > > > _______________________________________________ > > > COREblog-en mailing list > > > COREblog-en at postaria.com > > > http://postaria.com/mailman/listinfo/coreblog-en > > > Unsubscription writing to coreblog-en-leave at postaria.com > > > > > > > > > > > > > -- > > Mis Cosas > > http://blogs.sistes.net/Garito > > _______________________________________________ > > COREblog-en mailing list > > COREblog-en at postaria.com > > http://postaria.com/mailman/listinfo/coreblog-en > > Unsubscription writing to coreblog-en-leave at postaria.com > > > > > > -- > With best regards / med v?nlig h?lsning > > Niklas > _______________________________________________ > COREblog-en mailing list > COREblog-en at postaria.com > http://postaria.com/mailman/listinfo/coreblog-en > Unsubscription writing to coreblog-en-leave at postaria.com > -- Mis Cosas http://blogs.sistes.net/Garito From nekstrand at gmail.com Sat Mar 31 19:30:02 2007 From: nekstrand at gmail.com (Niklas) Date: Sat, 31 Mar 2007 19:30:02 +0200 Subject: [COREblog-en] Coreblog2 PloneLightboxJS imagesize question In-Reply-To: References: Message-ID: I found part of the answer my self, but still needs help with second part. The first part is fixed by changing /image_preview to /image_large in the media_view and atct_album_view files in PloneLightboxJS product then the images used is the larger max 768x768 images. The second thing is how do i change the fixed size for example image_preview or image_large, i would like to have one of them set to a size in between (Max 600x600). /Niklas On 3/31/07, Niklas wrote: > > Hi all, > > Im using Coreblog2 together with the PloneLightboxJS product but i would > like to have the images viewed in a bit larger size but cant find where to > modify it, anyone who has any ideeas about this? > > -- > With best regards / med v?nlig h?lsning > > Niklas > http://zoone.se > -- With best regards / med v?nlig h?lsning Niklas -------------- next part -------------- An HTML attachment was scrubbed... URL: http://postaria.com/pipermail/coreblog-en/attachments/20070331/727cd366/attachment.htm From nekstrand at gmail.com Sat Mar 31 19:56:29 2007 From: nekstrand at gmail.com (Niklas) Date: Sat, 31 Mar 2007 19:56:29 +0200 Subject: [COREblog-en] Coreblog2 PloneLightboxJS imagesize question In-Reply-To: References: Message-ID: now the second part is solved as well, The sizes are fixed in the file image.py in ATContentTypes/content, when the size is changed the images has to rebuilt this is done in ZMI portal atct / image scales recreate. To get the images shown correctly in the blog you have to change the settings in the coreblog2 file getMediaSize as well. /Niklas On 3/31/07, Niklas wrote: > > I found part of the answer my self, but still needs help with second part. > > The first part is fixed by changing /image_preview to /image_large in the > media_view and atct_album_view files in PloneLightboxJS product then the > images used is the larger max 768x768 images. > > > The second thing is how do i change the fixed size for example > image_preview or image_large, i would like to have one of them set to a size > in between (Max 600x600). > > /Niklas > > On 3/31/07, Niklas wrote: > > > > Hi all, > > > > Im using Coreblog2 together with the PloneLightboxJS product but i would > > like to have the images viewed in a bit larger size but cant find where to > > modify it, anyone who has any ideeas about this? > > > > -- > > With best regards / med v?nlig h?lsning > > > > Niklas > > http://zoone.se > > > > > > -- > With best regards / med v?nlig h?lsning > > Niklas > -- With best regards / med v?nlig h?lsning Niklas -------------- next part -------------- An HTML attachment was scrubbed... URL: http://postaria.com/pipermail/coreblog-en/attachments/20070331/713813a3/attachment.htm