Email
Pages
Archives
Categories
- computer security (6)
- Logs (4)
- Physics (3)
- programming (20)
- Random (5)
- Uncategorized (4)
- ZX-6R (1)
Meta
Archive for the ‘programming’ Category
Stacking PostBack Events
February 11th, 2011 - Be the First Comment!
The other day at work I was working through a problem with a coworker. The short of it is that he had something going on that I didn’t even know could happen. I made a small project to experiment with this and it attached for download if you want to try it out. It is in ASP.NET and C#. He was stacking postbacks (accidently, causing strange behavior). He had a checkbox with an OnCheckChanged event specified, but it also had AutoPostBack=”false” on it.
Check the checkbox first, then click the Submit button.
/* Front End Code
* One check box has a normal postback the other creates
* a stacked PostBack.
*/
<div>
<asp:CheckBox ID="cb1" Text="CheckBox 1 (AutoPostBack=false)" OnCheckedChanged="cb1_CheckChanged" AutoPostBack="false" runat="server" />
<asp:CheckBox ID="cb2" Text="CheckBox 2" OnCheckedChanged="cb2_CheckChanged" AutoPostBack="true" runat="server" />
<br />
<br />
<asp:Label ID="lblTarget" runat="server" />
<br />
<br />
<asp:Button ID="Submit" Text="Submit" runat="server" OnClick="Submit_Click" />
<asp:Button ID="Reset" Text="Reset" OnClick="Reset_Click" runat="server" />
</div>
/* Back End Code
* The back end code just adds the name of the ID of the button lblTarget
*/
protected void cb1_CheckChanged(object sender, EventArgs e)
{
if (lblTarget.Text.Equals(lblTargetText))
{
lblTarget.Text = " cb1 ";
}
else
{
lblTarget.Text += " cb1 ";
}
}
Effectively he was doing something that requires a PostBack then saying not to PostBack. This leads to a stacking effect (which was unknown to us until recently). On the next PostBack the method for the OnCheckedChanged event was fired then the actual item that caused the PostBack’s method is executed. I never realized you could queue up PostBack events. Hopefully this will help someone else out.
[ Tags ]: asp.net, c#, oncheckchanged, PostBack, Programming, Stacking Events, Strange Behavior
[ Category ]: programming
Passwords: Beating the Dead Horse
December 14th, 2010 - Be the First Comment!
Edit: Any comments expanding on password security would be great.
It seems that everyone who is security oriented in computing knows that everyone who isn’t security oriented in computing doesn’t manage passwords properly. It is even the case that some people who do know a lot about security manage their passwords poorly as well. In my eyes the main reasons for poor passwords is 3 fold.
- Poor enforcement
- Lack of education
- Loss of Convenience
Poor enforcement and loss of convenience I believe are the developers fault and I will discuss them later. Lack of education is not entirely the developers fault in my opinion. There is no reason this issue still plagues the internet. We have classes in school about learning basic computer skills and yet we don’t cover password security. To me it is as important or more important then learning things like Excel and Word. A mere day of password security in school could go a long way.
Rolling your own
First and foremost I blame developers for the state of password based security. Developer’s are the front line when it comes to security. If we don’t contemplate security, it is likely the rest of the organization won’t either. Gawker’s recent password debacle is a prime example of what not to do. It is amazing to me that a network that has technically oriented sites like LifeHacker can use such horrible password procedures (DES with 8 char max). Here are the results and some evidence of encryption failures.
If you are going to roll your own password security at least look into a little bit before you develop a million plus user database. Three of the basics everyone should know are:
- Use hashes, not encryption to store your passwords. Also you’ll probably want to use SHA2-512 or SHA3 once it is available. MD5 and SHA1 are both vulnerable to collision based attacks already and it will only get worse as time progresses. In PHP it is as simple as
hash('sha512', $pswd) - Salt the passwords before hashing. Salting is adding a “secret” phrase to the password.
$pswd = "secret".$pswd."phrase";
- Password Complexity Requirements. Passwords like “password” or “password1″ should never be used. You should enforce some type of password complexity requirement on your site that prevents them from being used. Including symbols, numbers, as well as upper and lower case letters with a minimum length of 12 is what I would consider secure.
To create a very basic authentication system using these concepts you would have a user input their password, then append your salt (secret phrase) to it, and last hash the password. This hashed result is stored (if they’re signing up) or compared (if they’re logging in) to the user information stored in the database. There are many other things to consider when developing an authentication system, but those are basics ANYONE should know (except Gawker apparently).
OAuth, the Single Sign On (SSO) of the internet
All of that being said, I support using OAuth. They may have their weaknesses, but I believe it is the most effective way to create a secure internet infrastructure. One reason I believe so is that it eliminates the convenience problem discussed below. By making it more convenient for users you may be able to encourage them to use more secure passwords. Since you are basically using a SSO for the entire internet, you can create more complex password policies on the SSO and add very little inconvenience which then translate into better security for all the websites involved. It also centralizes the focus of security on the large OAuth suppliers like Google. Eventually we may be able to complete solve the password problem, but until then I think OAuth are a step in the right direction.
Convenience is the enemy of most security. This is really unfortunate because it encourages people to be less secure to regain convenience. Passwords are something everyone has and most people hate. Even I hate when my domain credentials at work need to be changed. Coming up with a decently secure password that you can remember is a pain. OAuth allow you to only have one painful password instead of many.
Note: OpenID is another similar concept to OAuth that could also work.
Reality
OAuth aren’t widely used yet.
The solution I use involves creating individual passwords for most sites, and a common password for sites I don’t care about. I then store these passwords for recovery purposes in an encrypted database that I can retrieve. Although it might sound complicated to some, it isn’t. It is however inconvenient. You can use programs like KeePass to help you manage and encrypt your passwords if this interests you, but for most it won’t because it is still inconvenient.
Hopefully someone will be touched by this post and understand a little more about password security and the basic concepts surrounding it.
[ Tags ]: 512, Gawker, keepass, LifeHacker, md5, oauth, openid, password, passwords, security, sha1, sha2
[ Category ]: computer security, programming
ASP.NET Masterpage, JavaScript, and ResolveUrl
October 6th, 2010 - Be the First Comment!
Today was an interesting day for many reasons. The one I’m going to share with you has to do with javascript and the ResolveUrl method in ASP.NET Masterpage. I recently added jQuery to our web project at work. We have a strange setup and using /Script/jQuery.js in the script tags src attribute won’t work. For that reason I decided to use ResolveUrl() which gets the URL of a file you pass it (i.e. ResolveUrl(“~/Script/jQuery.js”) ). This worked great until I was going through the application working on something else and randomly received this error message:
System.Web.HttpException:The Controls collection cannot be modifiedbecause the control contains code blocks (i.e. <% … %>).
It only happened on a couple of pages and the others would load fine which added to the confusion. Honestly, this error made little to no sense when I first saw it, so I did what any resourceful individual would. I googled it. Luckily the first result was the answer to my issue! The fix is to use data binding (<%#) instead of writing it out (<%=). It is strange, but it resolves the problem. This is the wonderful explanation and solution: http://leedumond.com/blog/the-controls-collection-cannot-be-modified-because-the-control-contains-code-blocks/.
[ Tags ]: asp.net, c#, data binding, javascript, jQuery, master page, masterpage, ResolveUrl, script
[ Category ]: programming
Tiny MCE Comments – Problems on iPhone
March 30th, 2010 - 4 Comments
Today at work we realized that Tiny MCE doesn’t work properly on the iPhone. At least MCEComments for WordPress doesn’t This prevented users from commenting from a mobile device on the MSU blogs. I fixed this pretty simply by doing browser detection in PHP before loading the files for MCEComments. I modified the loaders for the plugin. Only two modifications of the tinyMCEComments.php was neccesary.
// Line 311
function mcecomment_init() {
global $post;
if (strpos(strtolower($_SERVER['HTTP_USER_AGENT']), "iphone") === false) {
$loadJS = false;
if (is_plugin_page()) {
$loadJS = true;
} else if (is_singular()) {
if (comments_open() && ( !get_option('comment_registration') || is_user_logged_in() )) {
$loadJS = true;
}
}
if ($loadJS)
mcecomment_getInitJS();
}
}
// Line 350
function mcecomment_loadCoreJS() {
global $post, $mce_locale;
if (is_singular() && (strpos(strtolower($_SERVER['HTTP_USER_AGENT']), "iphone") === false))
{
if (comments_open() && ( !get_option('comment_registration') || is_user_logged_in() )) {
wp_enqueue_script('tiny_mce', get_option('siteurl') .
'/wp-includes/js/tinymce/tiny_mce.js', false, '20081129');
wp_enqueue_script('tiny_mce_lang', get_option('siteurl') .
'/wp-includes/js/tinymce/langs/wp-langs-' . $mce_locale . '.js',
false, '20081129');
wp_deregister_script('comment-reply');
wp_enqueue_script( 'comment-reply', get_option('siteurl') .
'/wp-content/plugins/' . plugin_basename ( dirname ( __FILE__ ) ) .
"/comment-reply.dev.js", false, '20090102');
}
}
}
[ Tags ]: javascript, MCEComments, tincymcecomments, tiny MCE, wordpress
[ Category ]: programming
Single Sign On (SSO)
March 19th, 2010 - 3 Comments
Recently at work I have been trying to integrate a MediaWiki’s login with our SSO. My boss explained to me how SSO works. I decided to make a diagram of the way it works and write up a blog post about it. This is a basic overview of SSO. I made an image
Step 1: Step one is the initial request from the client to view a page that requires signing in. When the page receives it checks to see if the client is logged in. Login information is stored in a cookie which I will explain more in the last step. If they are logged in, they are allowed to view the page. Otherwise move to Step 2.
Step 2: Redirect the user to the CAS (Central Authentication Service) server. In the URL used for the redirection urlencode and pass the current webpage as a parameter in the url to the CAS server (Example: https://cas.brokenbytes.info/login/?service=http://admin.brokenbytes.info/index.php). This will be used later (in step 3). CAS provides a login page to the user where they can enter their credentials. If it fails, let them attempt it again. If validation is successful, generate a SSO Token ID (Example: 165asdefASD5). This is a unique token for this single sign on for the client. It will be used for only this session. In memory or a database associate the client with that token. Now move to Step 3.
Step 3: In step 3 the client has just been validated. In this step we need to redirect the user back to the Web Server, but first we must modify the URL to pass the SSO Token ID back to the Web Server. So something like this will be your redirect address: http://admin.brokenbytes.info/index.php?token=165asdefASD5.
Step 4: When the Web Server receives this request, it sees the token variable and then it knows to check the CAS server for its validity. This check to see if the token is valid is between the Web Server and the CAS Server. The client is not involved at all. In PHP you can do this by using file_get_contents(“https://cas.brokenbytes.info/login/validate?token=165asdefASD5″) or similar. If the CAS server replies with an okay, true, yes, etc response then you generate an encrypted cookie for the user to authenticate them. From this point forward they authenticate with the cookie until deleted or time out.
Notes: The SSO Token ID should only be valid for a few minutes or until used and then it should be unassigned.
Downfalls: Session hijacking can still happen because the cookie is stored on the clients machine.
SSO Diagram
[ Tags ]: Single Sign On, SSO
[ Category ]: computer security, programming
Friday’s Weekly Log
March 12th, 2010 - Be the First Comment!
I happen to be lucky enough to be taking a class that allows me to get college credit for working because my job is related to my major. One of the requirements for this class is that I keep a log of what I did that week at work. Previously I have just been emailing them to myself to keep track of them, but I thought it would be a great blog category and provide some regular content so I am going to start putting them up here as well. I will apply the Log category to all of these.
So here I go:
It was spring break this week but I worked anway so I thought I would
write a journal entry. Today we rolled out the RSS and XSLT changes
that I talked about last week in my journal entry. I finally finished
up with all the blog changes and rolled them live as well. I also
modified our templates to use a PHP file that generates a CSS document
(changes the header data type so it is interpreted as one) for all the
blogs. This way if we change something we don’t have to change a bunch
of different themes, just one. It uses variables passed in the URL
(like type=single) to determine what stuff to output. I also started
to work on a authentication plugin that integrates with our current
SSO (single sign on) architecture and MediaWiki. One other thing I did
was introduce one of our workers to how CSS works. He is new and
doesn’t really know much about web programming but is definitely smart
enough to learn. He is doing pretty well with it and I barely had to
help him today after working with him for a week.
All my previous entries (newest on top):
This week I added a new feature to the photo services page to add for
checking out with waived charges. It requires you to login before you
can do it. It also record your information with the purchase. I also
added another option for the picture size on the same application.
After that I continued to work on the new wider 960px template for the
blogs. I finished most of this but I need to make sure everything
validates and then make a version for West Plains. I fixed a database
problem for the breathe easy mo site which was pretty fast. They’re
primary key was suppose to be auto incrementing but it wasn’t. I
started to work on a problem with RSS feeds going through an XSLT and
not working properly with the way our feeds interpret, but I didn’t
finish. The problem is relating to that fact that one of the XML tags
has an attribute on it and this isn’t accounted for in the XSLT.
This we I continued working on resizing the blog. I also started to
teach a fellow employee how to write CSS. Writing CSS is an intricate
part of web developing and understand how it meshes together with
other technologies and itself is critical. I also introduced him to
Firebug which will allow him to more easily test and develop the CSS
he writes. He is also a CSC major, but a freshman so he has very
little experience. It is an interesting experience and I kind of like
helping him with learn it.
Although I thought I was finished with the class tooltip popup last
week I wasn’t. I realized that it didn’t work properly in IE and also
that there were some errors with it that have to do with the
asynchronous nature of JavaScript. I had an issue where the function
called by my Ajax would run before the Tooltip returned the tooltip
contents so it would’nt properly fill the Tooltip in IE due to
caching. To fix this I modified the jQuery ToolTip plugin to call a
function after it put the content in the tooltip. This fixed
everything. I also started working on another WordPress project that
involves resizing the blog sizes to the upcoming 960px wide standard
that MSU is moving too. It has been uneventful so far.
This week I finished the magazine.missouristate.edu website and ti
should be viewable by the public now. I learned a lot about WordPress
like how to create custom widgets, plugins, and making custom pages
with custom templates. Every page on the site has been modified to use
custom fields and many other cool things. I also worked on a project
that allows you to view course information in the online course
catalog by hovering over a course in the major and minor description.
When you float over one of them a script uses an external page that
queries the database based on information passed in the URL then
returns a JSON object and function call. This causes a function i
wrote to replace the text in the popup with the information
transmitted by the ajax like call. This page isn’t live yet. I also
created a slideshow using the flickr API call to get a JSON object
with callback function and using it to create a slideshow with
easyslider. A callback function was added to easyslider to allow for
this integration. It also shows custom image information on the right
hand side of the slideshow. You can see it on the presidential search
website at http://www.missouristate.edu/presidentialsearch/missouristate.htm
I am still working on the magazine site. It is suppose to be released
on Monday for the public. Right now it is hidden from everyone except
a few people who log in to view it. I have to create a custom style
sheet to fix some compatibility issues with IE7. IE7 incorrectly uses
padding on elements and requires special styles because of it. I think
its pretty amazing that a product by such a large company could have
such a major flaw in it.
This week on continued working on the magazine.missouristate.edu
website. I finished the plugin I was writing for WordPress that allows
somone to easily embed content from various sources (youtube, .mp4
URLs, .mp3 URLs, and flickr slideshows). A lot of custom coding work
has gone into the homepage, table of contents, and archives. Even the
search and 404 pages have some custom code. Unfortunately I also spent
some of my time changing some of the design which is always annoying.
Hopefully by next week I will be done with this project and it will be
production ready.
This week I have been working on http://magazine.missouristate.edu.
This project is based uses WordPress which is based in PHP. I am
creating a custom template for the site. It will include a custom
archive, index, and table of contents pages. I am also making a plugin
for wordpress that allows easier insertion of media. I think I will be
working on this much of next week as well. I am using WordPress, PHP,
JavaScript, CSS, and HTML with Dreamweaver.
[ Category ]: Logs, programming
WordPress – MCEComments and Threaded Comments Fix
February 23rd, 2010 - 1 Comment
Edit: After further investigation it looks like the only real problem was problem number 2 (hidden field and iframe named the same). All you have to do is implement the fix for problem 2 discussed below and it should work fine.
Problem number 2 was more of a conflict and wasn’t really anyones fault, but was rather troublesome to fix. We thought it would be easier to change the TinyMCEComments plugin then modify the install of WordPress. We also had already modified the plugin to remove/insert TinyMCE boxes correctly so we might as well keep working with that. To fix the problem before TinyMCE is initialized we change the hidden field with id=”comment_parent” so it is id=”comment_parent_hf”. This doesn’t effect WordPress comment submission because form submissions use the name field server side to identify an attribute.
Change in tinyMCEComments.php
Before (start line 295):
if (subBtn != null) {
subBtn.onclick=function() {
var inst = tinyMCE.getInstanceById("comment");
document.getElementById("comment").value = inst.getContent();
document.getElementById("commentform").submit();
return false;
}
}
tinyMCEPreInit.go();
tinyMCE.init(tinyMCEPreInit.mceInit);
After:
var subBtn = document.getElementById("submit");
if (subBtn != null) {
subBtn.onclick=function() {
var inst = tinyMCE.getInstanceById("comment");
document.getElementById("comment").value = inst.getContent();
document.getElementById("commentform").submit();
return false;
}
}
tinyMCEPreInit.go();
tinymce.dom.Event.add(window, "load", function() {
// Change the hidden fields id
var pId = document.getElementById("comment_parent");
if(pId) pId.id = "comment_parent_hf";
tinyMCE.init(tinyMCEPreInit.mceInit);
});
The last thing that was changed in the script was a hard coded name of the comment_parent hidden filed inside comment-reply.dev.js in the TinyMCEComments plugin folder. Change parent = t.I(‘comment_parent’) to parent = t.I(‘comment_parent_hf’) to reflect the change we make on the load of TinyMCEComments:
Before (line 3):
var t = this, div, comm = t.I(commId), respond = t.I(respondId), cancel = t.I('cancel-comment-reply-link'), parent = t.I('comment_parent'), post = t.I('comment_post_ID');
After:
var t = this, div, comm = t.I(commId), respond = t.I(respondId), cancel = t.I('cancel-comment-reply-link'), parent = t.I('comment_parent_hf'), post = t.I('comment_post_ID');
Now it works! Woohoo! I’m going to try to contact the other and have these changes included in the next release so everyone can enjoy threaded comments with TinyMCEComments. Thanks for reading and hopefully someone will find this helpful.
Today at work I was trying to convert our blog theme to a wider stance for an upcoming template switch, I thought this would be a very simple task. Little did I know the long day that would ensue. Our blog system at work used to use a plugin to create threaded functionality for posts. My boss decided that since WordPress now supports threaded comments we would switch over to that. I thought this would be a great idea (the less code, the less complex, the better). I began to convert our comments template to the new version required for Threaded Comments. After this was done I tried it out. It wouldn’t work with TinyMCEComments (plugin) enabled, but worked fine with it off. When TinyMCEComments was enabled it created two TinyMCE textareas whenever you tried to do a threaded reply. This seemed very odd to me but I had a feeling it had to do with moving the comment box below the comment that you’re replying too. After quite awhile and a little bit of help from my boss I was able to figure out all the issues and get TinyMCEComments working with the new threaded comments feature. There were two main issues:
- Double insertion of TinyMCE editors.
- TinyMCE has a bug where if create an editor with an id, then destroy that editor, and then try to create a new editor with that same id it will not work.
- TinyMCE names its iframe the id of the textarea concatenated with “_parent”. So when you add TinyMCE functionality to a textare with id=”comments” you get an iframe with id=”comments_parent”. Unfortunately, WordPress uses “comment_parent” as the id for a hidden field used to transfer information about where your new comment should be added in the threading (or to the base comments). The hidden fields are output by the function comment_id_fields(). Also WordPress says “the comment textarea, it MUST have an id=”comment”. The JavaScript expects it for focus purposes. If you used anything else, change it. Note that because of this, no other element on your page can have the “comment” ID”.
Before I explain the fixes let me first say that TinyMCEComments overrides the addComment.moveForm function that is used by WordPress to move the comment box under the comment you want to reply too. It has the same code except that it has the added functionality for enabling TinyMCE on the comment box. Unfortunately it doesn’t work out of the box with WordPress’ thread comments.
Problem 1 was an issue with the TinyMCEComments plugin and TinyMCE. Using the remove method doesn’t remove the the TinyMCE’s iframe from the DOM. This was fixed with Problem 2. The removing and adding method being used doesn’t work correctly for Problem number 2 is a TinyMCE problem and we can’t really do to much about it other then implementing a name change when we reinsert the comment box. So we modified the TinyMCEComments plugin to rename the text area on reinsertion.
Before
Remove TinyMCE Comment box:
try {
tinyMCE.triggerSave();
tinyMCE.execCommand('mceFocus', false,'comment');
tinyMCE.execCommand('mceRemoveControl', false,'comment');
} catch(el) { console.error(el); }
Add TinyMCE Comment box code:
addTiny : function() {
try { tinyMCE.execCommand('mceAddControl', false, 'comment');
} catch (e) { console.error(e); }
}
After:
Remove TinyMCE Comment box:
// **** Remove the TinyMCE Editor
var editor = tinymce.EditorManager.activeEditor;
var editorId = editor.getParam('elements');
editor.remove();
tinymce.DOM.remove(editor.getContainer());
editor.destroy();
tinymce.EditorManager.activeEditor = null;
Add TinyMCE Comment box code:
var commentElement = document.getElementById(editorId);
if (editorId == "comment")
editorId = "comment_1";
else {
var count = parseInt(editorId.replace(/comment_/, ""), 10) + 1;
editorId = "comment_" + count;
}
commentElement.id = editorId;
tinyMCEPreInit.mceInit.elements = editorId;
tinyMCE.init(tinyMCEPreInit.mceInit);
Problem number 2 was more of a conflict and wasn’t really anyones fault, but was rather troublesome to fix. We thought it would be easier to change the TinyMCEComments plugin then modify the install of WordPress. We also had already modified the plugin to remove/insert TinyMCE boxes correctly so we might as well keep working with that. To fix the problem before TinyMCE is initialized we change the hidden field with id=”comment_parent” so it is id=”comment_parent_hf”. This doesn’t effect WordPress comment submission because form submissions use the name field server side to identify an attribute.
Change in tinyMCEComments.php
Before (start line 295):
if (subBtn != null) {
subBtn.onclick=function() {
var inst = tinyMCE.getInstanceById("comment");
document.getElementById("comment").value = inst.getContent();
document.getElementById("commentform").submit();
return false;
}
}
tinyMCEPreInit.go();
tinyMCE.init(tinyMCEPreInit.mceInit);
After:
var subBtn = document.getElementById("submit");
if (subBtn != null) {
subBtn.onclick=function() {
var inst = tinyMCE.getInstanceById("comment");
document.getElementById("comment").value = inst.getContent();
document.getElementById("commentform").submit();
return false;
}
}
tinyMCEPreInit.go();
tinymce.dom.Event.add(window, "load", function() {
// Change the hidden fields id
var pId = document.getElementById("comment_parent");
if(pId) pId.id = "comment_parent_hf";
tinyMCE.init(tinyMCEPreInit.mceInit);
});
The last thing that was changed in the script was a hard coded name of the comment_parent hidden filed inside comment-reply.dev.js in the TinyMCEComments plugin folder. Change parent = t.I(‘comment_parent’) to parent = t.I(‘comment_parent_hf’) to reflect the change we make on the load of TinyMCEComments:
Before (line 3):
var t = this, div, comm = t.I(commId), respond = t.I(respondId), cancel = t.I('cancel-comment-reply-link'), parent = t.I('comment_parent'), post = t.I('comment_post_ID');
After:
var t = this, div, comm = t.I(commId), respond = t.I(respondId), cancel = t.I('cancel-comment-reply-link'), parent = t.I('comment_parent_hf'), post = t.I('comment_post_ID');
Now it works! Woohoo! I’m going to try to contact the other and have these changes included in the next release so everyone can enjoy threaded comments with TinyMCEComments. Thanks for reading and hopefully someone will find this helpful.
Completed Files in Zip: DevTinyMCEComments
[ Tags ]: error, fix, javascript, MCEComments, problem, problems, threaded comments, TinyMCE, tinymcecomments, wordpress
[ Category ]: programming
Weekly
March 31st, 2010 - Be the First Comment!
I’m still excited about being the employee of the month, but heres what happened in the rest of my week:
This week I continued my work on integrating MSU SSO with the MediaWiki login. It now is able to effectively use the CAS server to authenticate users. I made a properly functioning logout for our requirements too. I also made it so after the login is completed LDAP/AD is queried for information about the user to setup their MediaWiki account. I the login process to update the users information from LDAP/AD on each login though. I also fixed a problem with MCEComments. It loaded for iPhone which for some reason doesn’t work with Tiny MCE preventing users from leaving comments on their iPhone. I talked about how I fixed it in a post on my blog already. This was only a three day week so I feel I made a lot of progress.
[ Tags ]: Active Directory, LDAP, MCEComments, MediaWiki, TinyMCE
[ Category ]: Logs, programming