Beefy Boxes and Bandwidth Generously Provided by pair Networks
Syntactic Confectionery Delight
 
PerlMonks  

Perl Monks Discussion

( #1040=superdoc: print w/replies, xml ) Need Help??

This section is only for discussing issues pertaining to the PerlMonks web site. You can ask about how things work, or offer ideas on how the site could be improved, for example.

Unless the topic pertains to the PerlMonks web site, it does not belong in this section. If you're unsure, check out Where should I post X? and The Perl Monks Guide to the Monastery, or ask in the chatterbox.

PerlMonks Discussions
Nodelet style broken?
3 direct replies — Read more / Contribute
by Anonymous Monk
on Jan 24, 2017 at 14:24
    The nodelets are displaying without the usual small font and blue border at the moment, just plain text, still aligned at the right of the page, web inspector isn't showing any errors. Did something change?
Anger Management
1 direct reply — Read more / Contribute
by afoken
on Jan 22, 2017 at 05:47

    So, this meditation is about anger management. Or maybe failed anger management. You will notice an abrupt end, at a point where I just wanted to yell at everyone.


    I stumbled over an old thread, Is there a Perl authentication and authorisation framework for CGI web application?, where Your Mother gave this really good answer:

    Password recovery means passwords are stored in a readable fashion and this is a worst practice, so itís just as well it doesnít do it.

    And that reminds me of an even older thread, What happened?. Linked from there, there is Status of Recent User Information Leak, with the following promise:

    Strengthening Authentication

    The administrators are planning to implement hashed passwords (allowing more than 8 chars).

    What happened since then?

    This is what I found in Tidings through 2014-11-10 atfer visiting Tidings:

    10-character passwords now allowed

    Jun 10, 2012 at 06:30 CEST

    PerlMonks forms used to specify a maximum password length of 8 characters while it was possible to give yourself a 10-character password by bypassing these forms. Now the forms specify a maximum password length of 10 characters.

    I must have missed something. It must be so. I don't want to believe that it took three f***ing years to increase the password length by just two characters and call that "case closed". I don't want to believe that after 7.5 years, perlmonks still stores passwords unhashed, unsalted in plain text.

    But still, there is a link to What's my password? on the login form, it still requires just a username or a mail address, and it sends me my password in plain text in an unencrypted mail, together with my username!

    Hey there.

    You or someone else has requested a password for your username or e-mail address.

    Before you freak out, take a few deep breaths and remember that it's YOU and not THEM who is getting this password.

    Here's your info:

    username: afoken

    passwd: *****

    human name: Alexander Foken

    love, the management

    http://perlmonks.org/

    WHAT THE F**K?!

    Yes, I took a deep breath. Several. I slowly counted to 100. Several times.

    But:

    ARE YOU KIDDING ME?!

    7.5 years and nothing relevant has changed. Perlmonks passwords are obviously still stored in plain text, or in a form that can be decrypted on the server, which is as bad as plain text.

    That's a login system that would make the worst amateurs blush.

    People have been told for years to avoid MD5 hashes because they are insecure. People have been told for years to salt hashes with long, random salts, and to use really expensive hash functions, like bcrypt or PBKDF2.

    Yet, perlmonks still uses plain text passwords, 7.5 years after many, if not all, passwords have been copied by some script kiddies? And to add insult to injury, perlmonks happily sends out login name and password in plain text. No traces of a time-limited one-time link for setting a new password. No trace of even the simplest way, sending out one mail with the username, and a second one with the password.

    Alexander

    --
    Today I will gladly share my knowledge and experience, for there are no sweeter words than "I told you so". ;-)
Bad reasoning?
4 direct replies — Read more / Contribute
by BrowserUk
on Jan 19, 2017 at 16:14

    Why is this post (or indeed, any of these:_ _ _ _ _ _) which asks a generic question in the title, and only provides the specific information to what that question relates, inside the body of the post, deemed completely acceptable;

    Whilst this entirely similar post requires godly intervention, involving implications of stupidity, laziness and more besides, in a sustained attack?

    Not to mention drawing the inevitable attentions of the bandwagon joiners.

    (I mean something, other than the originator of the latter post.)

    For ancillary demerits I'll also ask the question: Does anyone look for old answers to their questions by doing a title-only search? You know, rather than a Super Search or Site specific google search.

    (If you follow that last link please note that this post is not found!)


    With the rise and rise of 'Social' network sites: 'Computers are making people easier to use everyday'
    Examine what is said, not who speaks -- Silence betokens consent -- Love the truth but pardon error.
    "Science is about questioning the status quo. Questioning authority". The enemy of (IT) success is complexity.
    In the absence of evidence, opinion is indistinguishable from prejudice.
How do I attach a large source file to my question?
3 direct replies — Read more / Contribute
by dhannotte
on Jan 16, 2017 at 10:00
    Must I upload the file to some website, and then give its URL in the posting? Thanks!
Orphaned Page, Lost Content, Other Issues
2 direct replies — Read more / Contribute
by kcott
on Jan 08, 2017 at 00:05

    I just wrote a reply to "Re^2: how to improve: use MODULE VERSION LIST" (id://1179142). I previewed twice then created. All looked good and perfectly normal up to this point.

    When the "created" page appeared, I followed the link to the start of the thread: "how to improve: use MODULE VERSION LIST" (id://1179107). This appeared but, when I scrolled down, my post was nowhere to be seen.

    I went to Newest Nodes and a post by me was at the top of the Notes list. I followed that link "Reaped: Re^3: how to improve: use MODULE VERSION LIST (id://1179154) but found an orphaned page (i.e. no "in reply to" or "in thread" links at the top). The page also had no content. It did have what appeared to be the correct title ("Re^3: how to improve: use MODULE VERSION LIST"): small consolation.

    I went back to the tab where I'd created my response. I hit the back button and the content of my response was there BUT it said "by 1nickt" followed by "on Jan 08, 2017 at 09:00 AEDT ( #1179146=note: print w/replies, xml )". Note, that ID (1179146) is different from the one in Newest Nodes (1179154).

    I followed that link: it was an earlier reply by 1nickt to a different node in the same thread.

    Hitting the back button again (on the tab where I'd created my response) took me back to my final edit prior to posting. I've saved the content: I can post it again when the problem's fixed.

    — Ken

2 Days until the big birthday!
2 direct replies — Read more / Contribute
by sparkyichi
on Dec 20, 2016 at 04:53
    Just two more days and PM will turn 17?

    What do you have planned to celebrate?

    I have a bottle of bubbly saved just for such an occasion.

    Sparky
    FMTEYEWTK
Inline code tags don't line-wrap
5 direct replies — Read more / Contribute
by Athanasius
on Dec 19, 2016 at 02:51

    Code tags are described in a footnote within Perl Monks Approved HTML tags as follows:

    2<code> and <c>, used for displaying code/data, are not true HTML tags, but are interpreted by the PerlMonks engine. They inhibit the normal interpretation of enclosed HTML special characters like <, >, &, [, and ]. Any newlines in the enclosed code will be rendered such that long lines wrap....

    However, this is not always the case. Looking at the recent thread Regex string trimming help, I noticed that the display was significantly wider than my (wide!) monitor, because the first block of code in the OP was not wrapping (whereas the same code in tybalt89’s reply was wrapping as expected). As a janitor I was able to fix this by putting the opening and closing <code> tags in the first code block of the OP onto separate lines. So the description in Perl Monks Approved HTML tags is not true for inline code.

    Is this a bug, or the intended behaviour? I suspect it’s the latter. In which case, should the explanation in Perl Monks Approved HTML tags (and perhaps also in Markup in the Monastery) be changed to reflect the fact that line wrapping occurs only when the code tags are separated from the enclosed text by line breaks, but not when they are inlined?

    Although the problem of over-wide nodes arising from <code>-tagged lines that don’t wrap is not overly common, I do think it arises often enough to make this an issue worth addressing.

    Thanks,

    Athanasius <°(((><contra mundum Iustus alius egestas vitae, eros Piratica,

Unanswered Nodes
4 direct replies — Read more / Contribute
by cormanaz
on Dec 16, 2016 at 16:56
    Have the monastery keepers ever considered adding a filter link or something in Seekers that would show any nodes that have not received a reply? Whenever I come on the site I have a look for things that I might be able to answer that others have not, and such a link would help do this without clicking through nodes 10 at a time.
    No cerveza, no trabajo.
SSCCE down? (updated)
5 direct replies — Read more / Contribute
by haukex
on Dec 08, 2016 at 03:02
No update of headlines.rdf...
1 direct reply — Read more / Contribute
by Anonymous Monk
on Nov 23, 2016 at 12:38

    ..for a week or two.

    Is the url still valid?

    http://www.perlmonks.org/headlines.rdf

    Jan
Editing node titles w.r.t. Perl 6
5 direct replies — Read more / Contribute
by talexb
on Nov 23, 2016 at 10:29

    I just read [Perl6] [+] on a list... with a Junction, and saw the Consideration for it to be re-titled as OT: "Perl6" from [+] on a list... with a Junction, and wondered if this is something that needs standardization. There are going to be more posts that deal specifically with Perl 6 -- and it would be nice to use the title differentiate these posts in some way. This would serve readers, as well as future archivists.

    For this post, how about Perl 6: [+] on a list... with a Junction?

    Alex / talexb / Toronto

    Thanks PJ. We owe you so much. Groklaw -- RIP -- 2003 to 2013.

MCPAN Nodelet
3 direct replies — Read more / Contribute
by choroba
on Nov 13, 2016 at 03:42
    I find MetaCPAN much more readable and comfortable to use than plain CPAN. Could the CPAN Nodelet be changed to link to MetaCPAN instead of CPAN? Or to be at least configurable?

    ($q=q:Sq=~/;[c](.)(.)/;chr(-||-|5+lengthSq)`"S|oS2"`map{chr |+ord }map{substrSq`S_+|`|}3E|-|`7**2-3:)=~y+S|`+$1,++print+eval$q,q,a,
The Monastery Gates reverted?
2 direct replies — Read more / Contribute
by Anonymous Monk
on Nov 12, 2016 at 12:11

    Is there a reason why the entry page to the site - The Monastery Gates -- reverted from having posts in maybe 6 or 7 NOV, to where the newest post was from OCT31? (Or is that somehow stuck in my cache? But reloading the page from my browser did not help.)

Selected Best Nodes: 2011-2015
4 direct replies — Read more / Contribute
by eyepopslikeamosquito
on Nov 11, 2016 at 05:52
PM currently very slow, caused empty post? (updated)
2 direct replies — Read more / Contribute
by haukex
on Nov 05, 2016 at 11:58

    Hi all,

    Accessing PerlMonks has been very slow for me today, and my first attempt at posting a reply to amazon sns subscription resulted in the empty node Reaped: Re: amazon sns subscription, which also didn't end up as a child of that node, but in RAT it shows up in the "Notes" section. Not sure what's going on, but I did notice that yesterday's node Re^4: wide scrollbars also ended up in the "Notes" section.

    Update 2: I'm assuming someone saw my post, since now, a few minutes after posting, the site's speed seems to be picking up a little bit - still not fast, but better. Thanks!

    Thanks,
    -- Hauke D

    Update: Clarification: first attempt was unsuccessful, second attempt was successful


Discussion Item
Title:
Give us your input:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post; it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.