Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
31
News And Views / Request for Patience (RFP)
« on: July 08, 2013, 12:49:29 AM »
Thanks for all the feedback over the weekend - there's obviously a lot to get through, but I am working through the list and hopefully get a build 7.15 out within the next couple days. If I don't reply to your post immediately please give me some grace - I have noted all the current threads, and as I eliminate one I'll reply with feedback in that thread.
cheers
Bruce
cheers
Bruce
32
Web Server - Share Knowledge / New Form Field Type: Signature
« on: April 23, 2013, 07:19:22 AM »
Build 7.08 sees the inclusion of a new Form Field Type, called "Signature".
This (in concept) allows the user to enter a "free form" signature on a form, which is then stored in the database and displayed back to the user when they view the form later on.
Caveats
The basic field works well, but your mileage may vary depending on the input mechnism. For example, writing a signature with a mouse is quite hard, and writing it with a finger on a phone is very coarse.
On a "slow" phone it also pays to move your finger slowly, and (again on some phones) it sometimes pays to place the finger in the field, wait a bit, and then start drawing. the slower the phone, and the older the browser, the more likely there are to be issues. So I recommend testing on a specific device before assuming it'll work on that device.
I've also seen it not work at all with the Opera browser on one phone, but work with the built-in browser on the same phone, so again some caution and testing recommended.
Storage
The result is stored as a "string" of data. The length of the string can depend a lot on how long the signature is. In my testing, and example, I've used a MEMO(64000) to hold it. All the chars in the string are "text" not "binary", so it should be very compatible with whatever backend you use.
The received text is a string of co-ordinates which maps the signature picture, and it can be converted into a BMP if you desire. This might be useful if, for example, you want to use the signature on a report. The example uses CapeSoft DRAW to convert the string to an image, but you could use another tool to do this if you prefer. NetTalk has a "hook" into a conversion procedure, and an example conversion procedure is in the attached example.
(Called SigToImage, it relies on the Draw accessory.)
Global Settings
Globally - turn on the Signature Script in the WebServer procedure, NetTalk Extension, Scripts tab.
Local Settings Tab
Width, Height : The size of the box into which the signature will be draw & displayed.
Allow on Insert Only : Only allow signatures to be drawn when the form is in Insert mode. In other modes (Change / View) the signature will be visible (ie redrawn), but cannot be changed.
Include Clear Button : Includes a button "clear" which allows the signature field to be cleared, so the user can start again.
Include Guide Line: Includes a light grey line as the background for the user to sign onto.
Local Save Tab
Save Signatures as Image File : If on will call a procedure to convert the signature to an image. this is in addition to storing the image in the data field.
Save to file on Insert / Save to file on Change: Save the image when a record is created, and/or save it when the record is changed.
Procedure : the procedure in your app to do the conversion. (Typically SigToImage)
FileName : The name of the file to save the signature as. You could use the record ID as part of the name. For example;
'Sign-' & p_web.GSV('fil:id') & '.bmp'
Format
(This is included FYI, but you don't really need to care about this.)
The format of the string looks like this;
Z[{XxxYyyWwwHhh-XxxYyyWwwHhh-.....-XxxYyyWwwHhh}]
Each instance of xx, yy, ww and hh is a number.
Each group matches a call to draw a LINE(xx,yy,ww,hh)
The signature is formed from all of these "little lines"
SigToImage
The template allows you to "call" a procedure to convert the lines to an image, when the signature is submitted. the procedure can have any name, but the prototype must be (compatible with)
Procedure(String pSig,Long pWidth,Long pHeight,String pFileName)
as these are settings that come from the template.
An example sigToImage function is included in the attached example. This procedure uses the DRAW library to draw the lines, and save the image.
The source code for this example procedure is as follows;
SigToImage PROCEDURE (String pSig,Long pWidth,Long pHeight,String pFileName)
drw draw
Window WINDOW('Caption'),AT(,,200,60),GRAY
IMAGE,AT(0,0,200,60),USE(?Draw)
END
st stringTheory
liner stringTheory
ln long
x long
y long
w long
h long
a long
b long
CODE
open(window)
window{prop:pixels} = 1
window{prop:width} = pWidth
window{prop:height} = pHeight
?Draw{prop:width} = pWidth
?Draw{prop:height} = pHeight
drw.init(?Draw)
st.SetValue(pSig)
st.remove('Z[{{')
st.split('-')
drw.Blank(color:white)
drw.SetPenColor(color:black)
drw.SetPenWidth(1)
loop ln = 1 to st.records()
liner.setvalue(st.GetLine(ln))
x = liner.between('X','Y')
y = liner.between('Y','W')
w = liner.between('W','H') - x
h = liner.after('H') - y
drw.Line(x,y,w,h)
end
drw.display()
drw.WriteBMP(pFileName)
drw.kill()
close(window)
This (in concept) allows the user to enter a "free form" signature on a form, which is then stored in the database and displayed back to the user when they view the form later on.
Caveats
The basic field works well, but your mileage may vary depending on the input mechnism. For example, writing a signature with a mouse is quite hard, and writing it with a finger on a phone is very coarse.
On a "slow" phone it also pays to move your finger slowly, and (again on some phones) it sometimes pays to place the finger in the field, wait a bit, and then start drawing. the slower the phone, and the older the browser, the more likely there are to be issues. So I recommend testing on a specific device before assuming it'll work on that device.
I've also seen it not work at all with the Opera browser on one phone, but work with the built-in browser on the same phone, so again some caution and testing recommended.
Storage
The result is stored as a "string" of data. The length of the string can depend a lot on how long the signature is. In my testing, and example, I've used a MEMO(64000) to hold it. All the chars in the string are "text" not "binary", so it should be very compatible with whatever backend you use.
The received text is a string of co-ordinates which maps the signature picture, and it can be converted into a BMP if you desire. This might be useful if, for example, you want to use the signature on a report. The example uses CapeSoft DRAW to convert the string to an image, but you could use another tool to do this if you prefer. NetTalk has a "hook" into a conversion procedure, and an example conversion procedure is in the attached example.
(Called SigToImage, it relies on the Draw accessory.)
Global Settings
Globally - turn on the Signature Script in the WebServer procedure, NetTalk Extension, Scripts tab.
Local Settings Tab
Width, Height : The size of the box into which the signature will be draw & displayed.
Allow on Insert Only : Only allow signatures to be drawn when the form is in Insert mode. In other modes (Change / View) the signature will be visible (ie redrawn), but cannot be changed.
Include Clear Button : Includes a button "clear" which allows the signature field to be cleared, so the user can start again.
Include Guide Line: Includes a light grey line as the background for the user to sign onto.
Local Save Tab
Save Signatures as Image File : If on will call a procedure to convert the signature to an image. this is in addition to storing the image in the data field.
Save to file on Insert / Save to file on Change: Save the image when a record is created, and/or save it when the record is changed.
Procedure : the procedure in your app to do the conversion. (Typically SigToImage)
FileName : The name of the file to save the signature as. You could use the record ID as part of the name. For example;
'Sign-' & p_web.GSV('fil:id') & '.bmp'
Format
(This is included FYI, but you don't really need to care about this.)
The format of the string looks like this;
Z[{XxxYyyWwwHhh-XxxYyyWwwHhh-.....-XxxYyyWwwHhh}]
Each instance of xx, yy, ww and hh is a number.
Each group matches a call to draw a LINE(xx,yy,ww,hh)
The signature is formed from all of these "little lines"
SigToImage
The template allows you to "call" a procedure to convert the lines to an image, when the signature is submitted. the procedure can have any name, but the prototype must be (compatible with)
Procedure(String pSig,Long pWidth,Long pHeight,String pFileName)
as these are settings that come from the template.
An example sigToImage function is included in the attached example. This procedure uses the DRAW library to draw the lines, and save the image.
The source code for this example procedure is as follows;
SigToImage PROCEDURE (String pSig,Long pWidth,Long pHeight,String pFileName)
drw draw
Window WINDOW('Caption'),AT(,,200,60),GRAY
IMAGE,AT(0,0,200,60),USE(?Draw)
END
st stringTheory
liner stringTheory
ln long
x long
y long
w long
h long
a long
b long
CODE
open(window)
window{prop:pixels} = 1
window{prop:width} = pWidth
window{prop:height} = pHeight
?Draw{prop:width} = pWidth
?Draw{prop:height} = pHeight
drw.init(?Draw)
st.SetValue(pSig)
st.remove('Z[{{')
st.split('-')
drw.Blank(color:white)
drw.SetPenColor(color:black)
drw.SetPenWidth(1)
loop ln = 1 to st.records()
liner.setvalue(st.GetLine(ln))
x = liner.between('X','Y')
y = liner.between('Y','W')
w = liner.between('W','H') - x
h = liner.after('H') - y
drw.Line(x,y,w,h)
end
drw.display()
drw.WriteBMP(pFileName)
drw.kill()
close(window)
33
Web Server - Share Knowledge / Server Stability
« on: March 11, 2013, 10:29:38 PM »
There have been a couple threads lately about server stability. Obviously there are innumerable potential reasons for why a program is unstable, but I thought I'd share some solutions I've found in one place.
1) Edit AbUtil.Clw (c:\clarion8\LibSrc\win\abutil.clw)
This applies more to Windows programs than web programs, but could also affect Web programs in specific cases.
In ABUTIL.CLW is the INIClass and the TranslatorClass. Both make the error of including ASSERTs inside procedures that contain a CriticalProcedure.
the short version - comment out any ASSERT which occurs in a method that contains a CriticalProcedure.
the longer version - Asserts are a form of user interface. User interfaces should never happen inside a bit of code which is protected by a CriticalSection, or CriticalProcedure. This is especially true if you happen to Hook the ASSERT into a normal Clarion Window (or hook the MESSAGE into a normal clarion window).
I dislike editing shipping ABC files, but this has been reported to SV and will hopefully be fixed by them in future releases.
2) run as Exe
If the program is unstable as a service, then consider running it as an EXE for a period of time. Running it as an Exe serves two purposes; (a) if it's more stable that gives you some clues and (b) if it's unstable for a reason, it may show you a message telling you what that reason is.
1) Edit AbUtil.Clw (c:\clarion8\LibSrc\win\abutil.clw)
This applies more to Windows programs than web programs, but could also affect Web programs in specific cases.
In ABUTIL.CLW is the INIClass and the TranslatorClass. Both make the error of including ASSERTs inside procedures that contain a CriticalProcedure.
the short version - comment out any ASSERT which occurs in a method that contains a CriticalProcedure.
the longer version - Asserts are a form of user interface. User interfaces should never happen inside a bit of code which is protected by a CriticalSection, or CriticalProcedure. This is especially true if you happen to Hook the ASSERT into a normal Clarion Window (or hook the MESSAGE into a normal clarion window).
I dislike editing shipping ABC files, but this has been reported to SV and will hopefully be fixed by them in future releases.
2) run as Exe
If the program is unstable as a service, then consider running it as an EXE for a period of time. Running it as an Exe serves two purposes; (a) if it's more stable that gives you some clues and (b) if it's unstable for a reason, it may show you a message telling you what that reason is.
34
Web Server - Ask For Help / Focus - osquiabro
« on: February 12, 2013, 02:43:52 AM »
I'm starting a new thread for this as the other thread
(http://www.nettalkcentral.com/index.php?option=com_smf&Itemid=36&topic=4196.msg16193)
is "full" (at least for me.)
Unfortunately I still don't have an example that I can use. your latest zip contained the .6app and .6dct files, but I think from before you edited them, so there's no ChangePassword procedure.
All I need for you to zip is the current clarion 8 app (the one you tweaked), the current clarion 8 dict that that app is using, and the tps files.
cheers
Bruce
(http://www.nettalkcentral.com/index.php?option=com_smf&Itemid=36&topic=4196.msg16193)
is "full" (at least for me.)
Unfortunately I still don't have an example that I can use. your latest zip contained the .6app and .6dct files, but I think from before you edited them, so there's no ChangePassword procedure.
All I need for you to zip is the current clarion 8 app (the one you tweaked), the current clarion 8 dict that that app is using, and the tps files.
cheers
Bruce
35
Web Server - Ask For Help / 7.04 Site Feedback
« on: February 05, 2013, 02:00:51 AM »
As some of you may be aware I try and keep the engine on www.capesoft.com as up to date as possible, in part to make use of new features, but also in part so that the engine is getting a good work-out as well.
Usually this is pretty transparent to everyone, something you don't, or at least shouldn't, notice at all.
With 7.04 that changed because the server became very unstable - crashing multiple times per day. At first it seemed like a memory leak was causing it, and I held back the 7.05 build until the cause was known for sure.
The short report is - no, it wasn't a memory leak, and the issue was confined to the HOST.EXE program, so it's not something you need to worry about too much. If you are using the Host though I recommend upgrading to 7.05 as soon as possible.
The issue only occurred because of two factors. One is the large number of DLL's attached to the Host on the CapeSoft site. At the moment we have around 17 DLL's (and around 40 static domains) being served by the server. This means it also gets a large number of sessions (typically 600 or so sessions are active at a time) and a fair amount of traffic (around 20 000 hits per day).
This large amount of DLL's means that the Ram consumed to start a thread is quite high. Recent changes in the host sends a NotifyDelete message to each DLL (on it's own thread) when a session is deleted. These threads were not being considered when calculating the maximum threads the server should have open at any one time.
Couple all these facts together and it was possible for 100 to 200 threads to be created "instantly" when a bunch of sessions were marked for deletion. This drove the memory up too high, and Windows spat the program.
Once the cause was understood it was relativity simple to fix. DeleteSession threads are now counted against the thread limit and other minor tweaks help keep the load under control.
On the up side the Logging in the host has been extended a lot. This can be seen on the "Log File" tab of the hot. Many machine related parameters are now captured with requests, and requests are logged both as they arrive, and when they complete. If a request should crash the server for some reason, it'll be a lot easier to see that in the log.
In addition the "Sites" tab, which shows list of DLL's now includes the date and time the DLL was compiled, and also the Exe date and time. This should make spotting version mis-matches a lot easier.
Thanks for all your patience during this time - I appreciate that it's a pain not being able to access the site on demand. However the result is a stronger engine for all of us, which I think is a good thing overall.
Cheers
Bruce
Usually this is pretty transparent to everyone, something you don't, or at least shouldn't, notice at all.
With 7.04 that changed because the server became very unstable - crashing multiple times per day. At first it seemed like a memory leak was causing it, and I held back the 7.05 build until the cause was known for sure.
The short report is - no, it wasn't a memory leak, and the issue was confined to the HOST.EXE program, so it's not something you need to worry about too much. If you are using the Host though I recommend upgrading to 7.05 as soon as possible.
The issue only occurred because of two factors. One is the large number of DLL's attached to the Host on the CapeSoft site. At the moment we have around 17 DLL's (and around 40 static domains) being served by the server. This means it also gets a large number of sessions (typically 600 or so sessions are active at a time) and a fair amount of traffic (around 20 000 hits per day).
This large amount of DLL's means that the Ram consumed to start a thread is quite high. Recent changes in the host sends a NotifyDelete message to each DLL (on it's own thread) when a session is deleted. These threads were not being considered when calculating the maximum threads the server should have open at any one time.
Couple all these facts together and it was possible for 100 to 200 threads to be created "instantly" when a bunch of sessions were marked for deletion. This drove the memory up too high, and Windows spat the program.
Once the cause was understood it was relativity simple to fix. DeleteSession threads are now counted against the thread limit and other minor tweaks help keep the load under control.
On the up side the Logging in the host has been extended a lot. This can be seen on the "Log File" tab of the hot. Many machine related parameters are now captured with requests, and requests are logged both as they arrive, and when they complete. If a request should crash the server for some reason, it'll be a lot easier to see that in the log.
In addition the "Sites" tab, which shows list of DLL's now includes the date and time the DLL was compiled, and also the Exe date and time. This should make spotting version mis-matches a lot easier.
Thanks for all your patience during this time - I appreciate that it's a pain not being able to access the site on demand. However the result is a stronger engine for all of us, which I think is a good thing overall.
Cheers
Bruce
36
News And Views / Bruce is away until Friday
« on: January 14, 2013, 07:22:37 AM »
I'll be offline until Friday Jan 18. I was planning the release of 7.03 today, but I think it's better to wait till I'm back on Friday. Please play nicely, and help each other while I'm gone...
cheers
Bruce
cheers
Bruce
37
Web Server - Ask For Help / Re: Where can I process file and folder name prior to upload? pt2
« on: September 27, 2012, 10:53:20 PM »
From Rick:
--------------------
In the file upload example most of the activity takes place in the complete form start embed and uses the value queue. Also all three browsers work properly with slightly different UI elements.
Mine does most of the processing in the handler rename method and I use the session queue exclusively and only IE functions properly. Why are you using the value queue instead of session queue? I looked it up in the nettalk book but has very little about the value queue other then it is pertaining to passed parameters to browser (or from browser?).
When is the complete form embed called? When getting ready to return to browse?
I was also trying to force a field to update... the field being used by the file upload button... it is VERY RESISTANT to that. Almost like I don't really have access to that field like the others.
If I put the following code in the file upload example in the complete form code start embed... p_web.ssv('MAI:MailBoxPicture','') the file does not get updated with this "null" value. This is what I have been fighting with in my application... I cannot clear this field.
RJ
--------------------
In the file upload example most of the activity takes place in the complete form start embed and uses the value queue. Also all three browsers work properly with slightly different UI elements.
Mine does most of the processing in the handler rename method and I use the session queue exclusively and only IE functions properly. Why are you using the value queue instead of session queue? I looked it up in the nettalk book but has very little about the value queue other then it is pertaining to passed parameters to browser (or from browser?).
When is the complete form embed called? When getting ready to return to browse?
I was also trying to force a field to update... the field being used by the file upload button... it is VERY RESISTANT to that. Almost like I don't really have access to that field like the others.
If I put the following code in the file upload example in the complete form code start embed... p_web.ssv('MAI:MailBoxPicture','') the file does not get updated with this "null" value. This is what I have been fighting with in my application... I cannot clear this field.
RJ
38
E-Mail - Ask For Help / GPF When Sending Emails Pt3
« on: September 24, 2012, 12:15:35 AM »
Richard,
I don't know why the threads seems to go blank in these forums - I suspect somewhere it has something to do with the length of the actual page. But it's hard to say.
Here's your last post to recap;
------------------------------
I've removed the NetAutoCloseServer from the main app window and I've added
IF Loc:FirstTimeRun = 0
Loc:FirstTimeRun = 1
Loc:RandomSleepPeriod = Random(GLO:EmailThreads * 10,GLO:EmailThreads * 1000)
dbg.DebugOut(Thread() &' '& GetCurrentThreadID() & ' Timer1 Loc:RandomSleepPeriod='&Loc:RandomSleepPeriod)
Sleep(Loc:RandomSleepPeriod)
dbg.DebugOut(Thread() &' '& GetCurrentThreadID() & ' Timer1 In the words of Murray Walker... He''s Off, He''s Off, He''s Off!')
END
to the SendScheduleEmail window immediately before the routine call Do SendEmail in the TimerEvent to make sure each thread doesnt start at the same time.
So the 1st random delayed start on which ever thread is first in theory fires up the NT send email engine which should do the equivalent job of your suggestion to place NetAutoCloseServer on the main app window?
However despite the above workaround the NT send email engine is duplicating emails and I still get some GPF's but not as often, its random.
Does the NT send email engine need a minimum period of time between each 1st send on each thread because the risk with the random delay workaround is I might still get two threads starting for the first time very close together in terms of term, maybe just milliseconds apart?
Is the NT SendEmail code threaded or is it just one thread handling the asynchronous communication despite being called multiple threads?
I wonder why you havent seen this in your apps which are running multi threaded that you mentioned in a previous post?
I don't know why the threads seems to go blank in these forums - I suspect somewhere it has something to do with the length of the actual page. But it's hard to say.
Here's your last post to recap;
------------------------------
I've removed the NetAutoCloseServer from the main app window and I've added
IF Loc:FirstTimeRun = 0
Loc:FirstTimeRun = 1
Loc:RandomSleepPeriod = Random(GLO:EmailThreads * 10,GLO:EmailThreads * 1000)
dbg.DebugOut(Thread() &' '& GetCurrentThreadID() & ' Timer1 Loc:RandomSleepPeriod='&Loc:RandomSleepPeriod)
Sleep(Loc:RandomSleepPeriod)
dbg.DebugOut(Thread() &' '& GetCurrentThreadID() & ' Timer1 In the words of Murray Walker... He''s Off, He''s Off, He''s Off!')
END
to the SendScheduleEmail window immediately before the routine call Do SendEmail in the TimerEvent to make sure each thread doesnt start at the same time.
So the 1st random delayed start on which ever thread is first in theory fires up the NT send email engine which should do the equivalent job of your suggestion to place NetAutoCloseServer on the main app window?
However despite the above workaround the NT send email engine is duplicating emails and I still get some GPF's but not as often, its random.
Does the NT send email engine need a minimum period of time between each 1st send on each thread because the risk with the random delay workaround is I might still get two threads starting for the first time very close together in terms of term, maybe just milliseconds apart?
Is the NT SendEmail code threaded or is it just one thread handling the asynchronous communication despite being called multiple threads?
I wonder why you havent seen this in your apps which are running multi threaded that you mentioned in a previous post?
39
Web Server - Share Knowledge / Security: HTML Injection / XSS attacks.
« on: August 16, 2012, 02:01:09 AM »
HTML Injection is a security issue which occurs when you let users enter "html" content. So, for example, if you have a text control on a form, and Allow xHTML is on, then you're allowing the user to enter HTML and content, and then you will display that content using their HTML markup.
Unfortunately HTML is not limited to visual markup though. It includes things like the <script> tag, which allow code to be embedded inside the content. When unwanted html appears in user content, that is called HTML Injection. If the code they inject is JavaScript then that is the start of a "Cross Site Scripting" (XSS) attack.
If this code runs on _another_ users browser (no code runs on the server), then the attacker may be able to get information from them, or their computer in a way that the programmer did not expect, or intend.
In short, "cosmetics good, code bad."
For builds of NetTalk before 6.40 it was the responsibility of the developer (you) to make sure that anywhere you ticked on "allow xHtml", you checked that the xHtml you were displaying was "safe". However that's hard to do.
Scrubbing html of code is tricky because there are a large number of vectors that can be used. the <script> tag is not hard to remove, but it's the tip of the iceberg. So, to make it a bit easier, and ultimately more secure, from build 6.40, NetTalk has automatic scrubbing built in.
NetTalk uses a whitelist approach, accepting html it specifically recognizes as valid, and rejecting unrecognized html. This makes it more secure (because "new attacks" generally fall into the "unrecognized" camp.) The alternative (searching for specific bad code) may require updating regularly as new attack vectors are discovered.
In other words, some perfectly legitimate html tags are "blanket excluded" simply because they allow the user too much power. The legal tags excluded in this way are;
Excluded (by design):
base, body, button, canvas, comments, command, datalist, embed, eventsource, frameset, frame, form, head, html, iframe, input, keygen, link, menu, meta, nav, object, optgroup, option, param, script, select, style & textarea
In other words, content stored in your database, which will be displayed via a browse or form or whatever, will not be allowed to contain these tags.
Let me be 100% clear here. This does not affect the xHTML tab (where you can enter your own custom xHtml). It does not affect the html being generated by the templates. It only applies to html which is being read from the database - ie those places where you have explicitly ticked on "Allow xHTML".
The downside with this approach is that some "legitimate" HTML is not allowed. For example, the Hyperlinks example has a browse (BrowseMedia) which included HTML (youtube videos) containing <iframe> and <object>. Since those are both on the "not allowed" list, they are (by default) no longer playable. This may affect your application if you currently have very rich HTML content stored in your database.
So an extra switch has been added to the template wherever an "Allow xHTML" option is located, there's now also an option to "Allow UNSAFE xHtml". This puts the onus back on you to scrub the HTML in an appropriate way.
But wait, there's more...
You may want to change the list of tags that are allowed, either by adding more allowable tags, or by disallowing some tags which are allowed by default. In this way you can adjust the level of safety, without having to go to a completely unsafe mode. To do this you can embed code in the .TagOk method in the WebServer procedure. for example;
case lower(p_tag)
of 'object'
return true
end
Embedding this before the parent call, would make the <object> tag allowable.
As always, security remains a process, not a destination, so remaining up to date (or reasonably up to date) with NetTalk builds is always recommended.
Unfortunately HTML is not limited to visual markup though. It includes things like the <script> tag, which allow code to be embedded inside the content. When unwanted html appears in user content, that is called HTML Injection. If the code they inject is JavaScript then that is the start of a "Cross Site Scripting" (XSS) attack.
If this code runs on _another_ users browser (no code runs on the server), then the attacker may be able to get information from them, or their computer in a way that the programmer did not expect, or intend.
In short, "cosmetics good, code bad."
For builds of NetTalk before 6.40 it was the responsibility of the developer (you) to make sure that anywhere you ticked on "allow xHtml", you checked that the xHtml you were displaying was "safe". However that's hard to do.
Scrubbing html of code is tricky because there are a large number of vectors that can be used. the <script> tag is not hard to remove, but it's the tip of the iceberg. So, to make it a bit easier, and ultimately more secure, from build 6.40, NetTalk has automatic scrubbing built in.
NetTalk uses a whitelist approach, accepting html it specifically recognizes as valid, and rejecting unrecognized html. This makes it more secure (because "new attacks" generally fall into the "unrecognized" camp.) The alternative (searching for specific bad code) may require updating regularly as new attack vectors are discovered.
In other words, some perfectly legitimate html tags are "blanket excluded" simply because they allow the user too much power. The legal tags excluded in this way are;
Excluded (by design):
base, body, button, canvas, comments, command, datalist, embed, eventsource, frameset, frame, form, head, html, iframe, input, keygen, link, menu, meta, nav, object, optgroup, option, param, script, select, style & textarea
In other words, content stored in your database, which will be displayed via a browse or form or whatever, will not be allowed to contain these tags.
Let me be 100% clear here. This does not affect the xHTML tab (where you can enter your own custom xHtml). It does not affect the html being generated by the templates. It only applies to html which is being read from the database - ie those places where you have explicitly ticked on "Allow xHTML".
The downside with this approach is that some "legitimate" HTML is not allowed. For example, the Hyperlinks example has a browse (BrowseMedia) which included HTML (youtube videos) containing <iframe> and <object>. Since those are both on the "not allowed" list, they are (by default) no longer playable. This may affect your application if you currently have very rich HTML content stored in your database.
So an extra switch has been added to the template wherever an "Allow xHTML" option is located, there's now also an option to "Allow UNSAFE xHtml". This puts the onus back on you to scrub the HTML in an appropriate way.
But wait, there's more...
You may want to change the list of tags that are allowed, either by adding more allowable tags, or by disallowing some tags which are allowed by default. In this way you can adjust the level of safety, without having to go to a completely unsafe mode. To do this you can embed code in the .TagOk method in the WebServer procedure. for example;
case lower(p_tag)
of 'object'
return true
end
Embedding this before the parent call, would make the <object> tag allowable.
As always, security remains a process, not a destination, so remaining up to date (or reasonably up to date) with NetTalk builds is always recommended.
40
Web Server - Ask For Help / Error in Javascript Web9 SSL Example (cont)
« on: July 12, 2012, 02:38:58 AM »
Hi Richard,
This forum software doesn't like long threads, so you may have trouble accessing my last reply. Here it is again in case you do;
hi Richard,
While I understand your frustration, I think you are perhaps missing some key understandings and this is making it hard for you to diagnose what is going on.
The installer installs the "default" web folder into \clarion6\3rdparty\libsrc\netweb. So from the point of view of checking the installer behavior delete this folder, then install nettalk, then see if the folder now contains a "web" folder. (I just did that here, and on mine it does.)
Inside that folder you should find a bunch of stuff, including a scripts folder, and a themes folder. In the themes folder you'll see sub-folders - one for each theme (including Midnight.)
This is somewhat different to Nettalk 5, because NT5 installer then copied this web folder into each example preemptively. In NT6 the installer does not do this (for reasons I'll get to in a moment).
Given that the web folder is not copied by the installer, the template needs to copy the files into the app folder for you. It does this on the first compile, and reports to you, via the error window, that it has done so. In C6 this pauses the compile, in C8 it doesn't. The mechanism internally is that it creates a COPYALL.BAT file and a GZIPALL.BAT file, and then executes these during the generate of the app. If the copy, or Gzip fails for some reason then of course things are not going to work right.
The reasons for the change are several. Firstly, in all too many cases developers would forget to copy the updated web folder to their app folder when updating NetTalk. Making this automatic reduces problems. There is a version number in one of the files (netweb.js) and this is compared against the version number in the template. If they don't match, it does a copy. In this way your work-load reduces.
Another reason has to do with the improved Theme support, and specifically the ability for you to add themes, and for the user to change themes at runtime. In order to make this process manageable the GZIP has to be more automatic (in NT5 it's a manual process). As themes are added it also does a bit of work to re-zip and so on. When I added the Midnight theme for example it noticed that and initiated the zip (which you pointed out earlier.)
Of course whenever there is an automatic process there are things that may fail. For example, on one of my virtual machines, it doesn't like copying from one network drive to another. That's a permissions issue on the server. In order to diagnose the issue I can run the CopyAll.Bat file manually (and the GzipAll.Bat file manually), and hence look at the output to see if it worked, or didn't work.
As I alluded to earlier it's clear that something is not working on your machine, and thus following the steps allows you to determine what it is. Once you've got that, it's easier to be more specific as to the exact cause, or how you can fix it so it does work.
Again, I sympathize with your frustrations, but I assure you I'm not giving you the run around, nor am I giving you pathetic tasks. The problem you are having seems to lie between the \clarion6\3rdparty\libsrc\netweb folder and the app\web folder of the program you are trying to compile. If you follow the instructions I posted earlier, and report your findings, then I suspect you'll be a lot closer to the solution.
Your note that it's working ok in C8 is helpful. While many, if not most developers are now using C8, there are still a fair few on C6. I'm not having reports from others about this, and given that you've been having the problem since April it's unlikely that none of the C6 users have updated since then (especially given the volume of traffic on this forum - where many users are upgrading to every build.) Indeed we still have one web app compiling in C6, and that has been updated with most every build (including 6.37), on an XP machine, without problems. So I'm reasonably confident it works ok on a basic C6 / XP setup - but of course every machine is different and machine-related (network-related, permission-related) issues can, and do occur.
Cheers
Bruce
The note before that was;
excellent. that's what we're looking for.
So, ok, look in your application\web\scripts folder.
How big is the all.js.gz file there? (I'm guessing 0 bytes).
So delete all the .gz files, open a command-prompt window and go to the app folder.
run gzipall.bat manually, and look to see if there are any errors.
afterwards check the size of the gz files again. If it's still 0, then find the line that Gzip's all.js
in my app it looks like this;
"C:\Clarion8NT6\accessory\bin\gzip" -9 -n -f -c web\scripts\all.js > "web\scripts\all.js.gz"
and run that manually from the command prompt, looking for errors.
Let us know what happens
cheers
Bruce
This forum software doesn't like long threads, so you may have trouble accessing my last reply. Here it is again in case you do;
hi Richard,
While I understand your frustration, I think you are perhaps missing some key understandings and this is making it hard for you to diagnose what is going on.
The installer installs the "default" web folder into \clarion6\3rdparty\libsrc\netweb. So from the point of view of checking the installer behavior delete this folder, then install nettalk, then see if the folder now contains a "web" folder. (I just did that here, and on mine it does.)
Inside that folder you should find a bunch of stuff, including a scripts folder, and a themes folder. In the themes folder you'll see sub-folders - one for each theme (including Midnight.)
This is somewhat different to Nettalk 5, because NT5 installer then copied this web folder into each example preemptively. In NT6 the installer does not do this (for reasons I'll get to in a moment).
Given that the web folder is not copied by the installer, the template needs to copy the files into the app folder for you. It does this on the first compile, and reports to you, via the error window, that it has done so. In C6 this pauses the compile, in C8 it doesn't. The mechanism internally is that it creates a COPYALL.BAT file and a GZIPALL.BAT file, and then executes these during the generate of the app. If the copy, or Gzip fails for some reason then of course things are not going to work right.
The reasons for the change are several. Firstly, in all too many cases developers would forget to copy the updated web folder to their app folder when updating NetTalk. Making this automatic reduces problems. There is a version number in one of the files (netweb.js) and this is compared against the version number in the template. If they don't match, it does a copy. In this way your work-load reduces.
Another reason has to do with the improved Theme support, and specifically the ability for you to add themes, and for the user to change themes at runtime. In order to make this process manageable the GZIP has to be more automatic (in NT5 it's a manual process). As themes are added it also does a bit of work to re-zip and so on. When I added the Midnight theme for example it noticed that and initiated the zip (which you pointed out earlier.)
Of course whenever there is an automatic process there are things that may fail. For example, on one of my virtual machines, it doesn't like copying from one network drive to another. That's a permissions issue on the server. In order to diagnose the issue I can run the CopyAll.Bat file manually (and the GzipAll.Bat file manually), and hence look at the output to see if it worked, or didn't work.
As I alluded to earlier it's clear that something is not working on your machine, and thus following the steps allows you to determine what it is. Once you've got that, it's easier to be more specific as to the exact cause, or how you can fix it so it does work.
Again, I sympathize with your frustrations, but I assure you I'm not giving you the run around, nor am I giving you pathetic tasks. The problem you are having seems to lie between the \clarion6\3rdparty\libsrc\netweb folder and the app\web folder of the program you are trying to compile. If you follow the instructions I posted earlier, and report your findings, then I suspect you'll be a lot closer to the solution.
Your note that it's working ok in C8 is helpful. While many, if not most developers are now using C8, there are still a fair few on C6. I'm not having reports from others about this, and given that you've been having the problem since April it's unlikely that none of the C6 users have updated since then (especially given the volume of traffic on this forum - where many users are upgrading to every build.) Indeed we still have one web app compiling in C6, and that has been updated with most every build (including 6.37), on an XP machine, without problems. So I'm reasonably confident it works ok on a basic C6 / XP setup - but of course every machine is different and machine-related (network-related, permission-related) issues can, and do occur.
Cheers
Bruce
The note before that was;
excellent. that's what we're looking for.
So, ok, look in your application\web\scripts folder.
How big is the all.js.gz file there? (I'm guessing 0 bytes).
So delete all the .gz files, open a command-prompt window and go to the app folder.
run gzipall.bat manually, and look to see if there are any errors.
afterwards check the size of the gz files again. If it's still 0, then find the line that Gzip's all.js
in my app it looks like this;
"C:\Clarion8NT6\accessory\bin\gzip" -9 -n -f -c web\scripts\all.js > "web\scripts\all.js.gz"
and run that manually from the command prompt, looking for errors.
Let us know what happens
cheers
Bruce
41
News And Views / Clarion Web Hosting
« on: May 09, 2012, 10:13:58 PM »
I'm not affiliated to this at all, and I don't use it myself, but I thought I'd pass the information along;
This was posted to the 3rd party newsgroup this week;
Cheers
Bruce
Hi All!
In addition to Clarion coding my company has been doing web development for years and started providing hosting solutions 2 years ago for my largest clients. All has been going well so we decided to
open it up to all Clarion developers.
See all the details at:
http://clarionwebhosting.com/
Dedicated servers... virtual machines... whatever you need.
For the first 10 virtual machine orders we are offering a 10% discount. Enter "CWrules" as the promo code.
If you have any hosting-specific questions just let me know.
-Alec Sherman
http://ProgrammingLabs.com
alec <who is at> proglabspm.com
This was posted to the 3rd party newsgroup this week;
Cheers
Bruce
Hi All!
In addition to Clarion coding my company has been doing web development for years and started providing hosting solutions 2 years ago for my largest clients. All has been going well so we decided to
open it up to all Clarion developers.
See all the details at:
http://clarionwebhosting.com/
Dedicated servers... virtual machines... whatever you need.
For the first 10 virtual machine orders we are offering a 10% discount. Enter "CWrules" as the promo code.
If you have any hosting-specific questions just let me know.
-Alec Sherman
http://ProgrammingLabs.com
alec <who is at> proglabspm.com
42
News And Views / Web Forums Source code available
« on: May 03, 2012, 05:59:28 AM »
Hi All,
We're pleased to announce the release of the source code to our Web Forums software.
This is being released as an app & dict which you can take, extend, modify whatever. There is no royalty charge for distribution of the result. The source code itself costs $399 (less 21% if you use the BIG BIRTHDAY BASH comment in the comments field when ordering.
I wanted to get this out before the end of the special (which ends this Friday) because it has a number of dependencies, and so it's a good time for you to get those if you need them as well.
We've been using the forum software for a while now, for support on our other products, and this build represents the second major iteration of this product. Indeed this NetTalkCentral forum will be converting over to that software in the coming weeks.
The key improvement I wanted to make, and the reason for writing the forums in the first place, was to improve the speed of participating in forums - not just the speed of the site itself, but rather the work-flow speed, allowing a much faster way to browse topics, read replies and post comments etc.
The "splurb" page for the software is here http://www.capesoft.com/Source/Forums/forums.htm.
the documentation is here http://www.capesoft.com/docs/Forums/forums.htm and
the purchase link is here https://www.clarionshop.com/checkout.cfm?pid=1314&q=1&
Another key thing I was looking for was speed-of-deployment. We often want to set up forums internally, but we wanted a system which is trivial to deploy in no-time at all. Obviously being NetTalk based it's completely self-contained, so can easily run on any machine.
It currently uses TPS for the data-store, however it's been written with SQL in mind so the same code should run equally well against a SQL backend. We'll be deploying it against a SQL back end ourselves in the near future, and we'll document that process as well.
Apart from the value of the code as actual forums, it provides a good bit of example code as well, as a number of interesting techniques have been used to achieve some of the effects. I'll be doing a webinar on those features in the coming weeks.
Remember the special price ends this Friday, so this is an excellent opportunity to save some cash.
Cheers
Bruce
We're pleased to announce the release of the source code to our Web Forums software.
This is being released as an app & dict which you can take, extend, modify whatever. There is no royalty charge for distribution of the result. The source code itself costs $399 (less 21% if you use the BIG BIRTHDAY BASH comment in the comments field when ordering.
I wanted to get this out before the end of the special (which ends this Friday) because it has a number of dependencies, and so it's a good time for you to get those if you need them as well.
We've been using the forum software for a while now, for support on our other products, and this build represents the second major iteration of this product. Indeed this NetTalkCentral forum will be converting over to that software in the coming weeks.
The key improvement I wanted to make, and the reason for writing the forums in the first place, was to improve the speed of participating in forums - not just the speed of the site itself, but rather the work-flow speed, allowing a much faster way to browse topics, read replies and post comments etc.
The "splurb" page for the software is here http://www.capesoft.com/Source/Forums/forums.htm.
the documentation is here http://www.capesoft.com/docs/Forums/forums.htm and
the purchase link is here https://www.clarionshop.com/checkout.cfm?pid=1314&q=1&
Another key thing I was looking for was speed-of-deployment. We often want to set up forums internally, but we wanted a system which is trivial to deploy in no-time at all. Obviously being NetTalk based it's completely self-contained, so can easily run on any machine.
It currently uses TPS for the data-store, however it's been written with SQL in mind so the same code should run equally well against a SQL backend. We'll be deploying it against a SQL back end ourselves in the near future, and we'll document that process as well.
Apart from the value of the code as actual forums, it provides a good bit of example code as well, as a number of interesting techniques have been used to achieve some of the effects. I'll be doing a webinar on those features in the coming weeks.
Remember the special price ends this Friday, so this is an excellent opportunity to save some cash.
Cheers
Bruce
43
News And Views / Possible UK gathering on March 9th 2012
« on: February 10, 2012, 03:01:09 AM »
hi All,
I'll be in Cardiff, Wales in early March for a meeting, and I've got the 9th
free, so I'm prepared to host a get-together for the day if anyone is
interested.
I'm not wanting to make a big production out of it, so there won't be any
major things prepared, but I'm happy to do any demos folk are interested in,
maybe some NetTalk training, answer questions, help with any problems you
might be having, and so on. Somewhere between a workshop and a user-group
meeting. We'd run it for all day Friday, with folk able to come and go
whenever they wanted.
The cost would be 36 pounds per person. Neil Porter, a Clarion developer in
Cardiff, has organized a good price at a local facility which includes
access to all the facilities, tea, coffee and lunch. Neither he nor I take
any money from it – indeed we'd need to pay the same.
If you're interested please drop me an email or post here and if there's sufficient interest I'll set it up.
Cheers
Bruce
I'll be in Cardiff, Wales in early March for a meeting, and I've got the 9th
free, so I'm prepared to host a get-together for the day if anyone is
interested.
I'm not wanting to make a big production out of it, so there won't be any
major things prepared, but I'm happy to do any demos folk are interested in,
maybe some NetTalk training, answer questions, help with any problems you
might be having, and so on. Somewhere between a workshop and a user-group
meeting. We'd run it for all day Friday, with folk able to come and go
whenever they wanted.
The cost would be 36 pounds per person. Neil Porter, a Clarion developer in
Cardiff, has organized a good price at a local facility which includes
access to all the facilities, tea, coffee and lunch. Neither he nor I take
any money from it – indeed we'd need to pay the same.
If you're interested please drop me an email or post here and if there's sufficient interest I'll set it up.
Cheers
Bruce
44
News And Views / Items of special interest in the recent build.
« on: February 03, 2012, 10:12:25 PM »
Version 6.18 contains a number of new features that are worth exploring. They are obviously new, so use with some caution, and please report any issues. The example "Locators (49)" has been overhauled to show these features in action.
1. Server-side auto-complete.
I didn't think this would turn out to be quite as addictive as it has been. In short it allows String fields to suggest options, based on what the user is typing.
The most obvious use case is the lookup field. While all the normal lookup features remain, auto-complete adds to the experience by offering likely solutions to the user as he types. Because of the "enter description instead of value" behavior, which has always applied to lookups, the user can type the description for a field, and auto-complete suggests descriptions - thus making the data entry feel very natural.
The auto-complete filter has 3 options - BeginsWith, Contains and Search. In other words you can determine if the user has to start typing from the beginning of the description to get a match (Begins With), or simply types anything and all INSTRING matches are shown (Contains). "Search" is new option, it allows the user to enter a "space separated list" and the resulting INSTRINGS are AND'd together. for example typing "b j" returns all descriptions that contain the letters "b" and "j". Think of "search" as "contains plus".
Obviously both contains, and search need to do a full-table scan, so can be slow on large tables (and slow back-ends) so use appropriately.
All auto-complete options are on their own tab, and are visible for form fields of type STRING.
auto-complete can be used when there _isn't_ a lookup. The source can be from a table (working in the same way as a lookup) but the suggestions are not enforced (ie the user can still enter anything they like in the string). It is also possible (with some embed code) to create a custom list of suggestions, not from a table.
The auto-complete "Description" field (and by extension the lookup Description field) allows for a comma separated list of field names. This allows the "search" to operate over multiple fields in the remote table. This can make the input seriously smart, but of course performance on large tables may be (even) slower.
The "Update Mailboxes Form" in the Locators example contains a number of auto-complete fields, set in different ways. For really interesting results enter "eng" in the "country" field and see what happens.
Some of the fields are set to require a number of characters to be typed before the auto-complete kicks in, others allow you to press the down-arrow (on the keyboard) to see options immediately.
There are likely to be a few refinements to the auto-complete in future builds, but we've been using it in a big app conversion, and it seems quite solid so far. Definitely recommended. Auto-Complete has not been test on mobile yet.
2) Locator type "search" added.
Works the same as the auto-complete "search" option. ie a space separated list. Think of it as "contains" on steroids. Of course supports the multiple-field-list (a comma separated list of fields) as it always has.
3) "Content Body" support.
The nettalk page has a header, and a footer, and these are well known, but up to now it hasn't had the option to "wrap everything between the header and footer in a div". In NT5 people were using the header and footer to create this effect (which the NT6 upgrade often broke) and had to rework it slightly to get it to work in 6.
I'm pleased to say though, that in NT6 the concept of a "content body" is now built-in, so the hacks can be removed.
ContentBody support requires that your app have a page-header-tag procedure, and a page-footer-tag procedure. Also they must BOTH be set correctly, identifying them as header and footer respectively. (The checkboxes on the NetWebSource saying This Is a HEADER, and This is a FOOTER). Assuming you have those, then the only thing you need to do to activate the feature is set the "Content Body" option on the WebServer extension. (It's on the first tab just after setting the Generic stuff). The recommended default is just
'contentbody'
This is the ID for a div, so no spaces are allowed.
The use of a content body has two major advantages.
a) For CSS styling it's very handy to have the "middle bit" wrapped in a DIV. At the moment you need to style it using the #contentbody_div classname. (note the trailing _div which is added to the name automatically.) Future releases will have a template setting for the classes.
b) It allows the menu to update "just the content" when an option is chosen. ie when opening a browse or form from the menu, it is faster because only the "content" part of the page is changing. This can make the whole thing feel a lot snappier. I've set the Locators example to do this, so you'll get an idea of the feel there.
To make a menu item "replace just the content" there is an option, "Open as Content" for each menu item. You will need to manually turn this on. NOTE - you cannot fetch a NetWebPage like this. Only a Form, Browse, or Calendar. If you're fetching a page, then clearly the whole page must be replaced.
Current limitation: The current build does not support "page based apps". In other words if your browse opens a form, NOT as a popup, then don't use this feature yet. Also it probably breaks mobile apps, so don't use it there yet either. These restrictions will likely be lifted in a build or two.
Cheers
Bruce
1. Server-side auto-complete.
I didn't think this would turn out to be quite as addictive as it has been. In short it allows String fields to suggest options, based on what the user is typing.
The most obvious use case is the lookup field. While all the normal lookup features remain, auto-complete adds to the experience by offering likely solutions to the user as he types. Because of the "enter description instead of value" behavior, which has always applied to lookups, the user can type the description for a field, and auto-complete suggests descriptions - thus making the data entry feel very natural.
The auto-complete filter has 3 options - BeginsWith, Contains and Search. In other words you can determine if the user has to start typing from the beginning of the description to get a match (Begins With), or simply types anything and all INSTRING matches are shown (Contains). "Search" is new option, it allows the user to enter a "space separated list" and the resulting INSTRINGS are AND'd together. for example typing "b j" returns all descriptions that contain the letters "b" and "j". Think of "search" as "contains plus".
Obviously both contains, and search need to do a full-table scan, so can be slow on large tables (and slow back-ends) so use appropriately.
All auto-complete options are on their own tab, and are visible for form fields of type STRING.
auto-complete can be used when there _isn't_ a lookup. The source can be from a table (working in the same way as a lookup) but the suggestions are not enforced (ie the user can still enter anything they like in the string). It is also possible (with some embed code) to create a custom list of suggestions, not from a table.
The auto-complete "Description" field (and by extension the lookup Description field) allows for a comma separated list of field names. This allows the "search" to operate over multiple fields in the remote table. This can make the input seriously smart, but of course performance on large tables may be (even) slower.
The "Update Mailboxes Form" in the Locators example contains a number of auto-complete fields, set in different ways. For really interesting results enter "eng" in the "country" field and see what happens.
Some of the fields are set to require a number of characters to be typed before the auto-complete kicks in, others allow you to press the down-arrow (on the keyboard) to see options immediately.
There are likely to be a few refinements to the auto-complete in future builds, but we've been using it in a big app conversion, and it seems quite solid so far. Definitely recommended. Auto-Complete has not been test on mobile yet.
2) Locator type "search" added.
Works the same as the auto-complete "search" option. ie a space separated list. Think of it as "contains" on steroids. Of course supports the multiple-field-list (a comma separated list of fields) as it always has.
3) "Content Body" support.
The nettalk page has a header, and a footer, and these are well known, but up to now it hasn't had the option to "wrap everything between the header and footer in a div". In NT5 people were using the header and footer to create this effect (which the NT6 upgrade often broke) and had to rework it slightly to get it to work in 6.
I'm pleased to say though, that in NT6 the concept of a "content body" is now built-in, so the hacks can be removed.
ContentBody support requires that your app have a page-header-tag procedure, and a page-footer-tag procedure. Also they must BOTH be set correctly, identifying them as header and footer respectively. (The checkboxes on the NetWebSource saying This Is a HEADER, and This is a FOOTER). Assuming you have those, then the only thing you need to do to activate the feature is set the "Content Body" option on the WebServer extension. (It's on the first tab just after setting the Generic stuff). The recommended default is just
'contentbody'
This is the ID for a div, so no spaces are allowed.
The use of a content body has two major advantages.
a) For CSS styling it's very handy to have the "middle bit" wrapped in a DIV. At the moment you need to style it using the #contentbody_div classname. (note the trailing _div which is added to the name automatically.) Future releases will have a template setting for the classes.
b) It allows the menu to update "just the content" when an option is chosen. ie when opening a browse or form from the menu, it is faster because only the "content" part of the page is changing. This can make the whole thing feel a lot snappier. I've set the Locators example to do this, so you'll get an idea of the feel there.
To make a menu item "replace just the content" there is an option, "Open as Content" for each menu item. You will need to manually turn this on. NOTE - you cannot fetch a NetWebPage like this. Only a Form, Browse, or Calendar. If you're fetching a page, then clearly the whole page must be replaced.
Current limitation: The current build does not support "page based apps". In other words if your browse opens a form, NOT as a popup, then don't use this feature yet. Also it probably breaks mobile apps, so don't use it there yet either. These restrictions will likely be lifted in a build or two.
Cheers
Bruce
45
Web Server - Ask For Help / Ping: Robert Kolanko
« on: January 17, 2012, 11:45:39 PM »
Hi Robert,
My emails to you are bouncing;
-- Error Details --
Error Description:The requested connection could not be opened. The Open command timed out or failed to connect
Error Number: -53
Remote SMTP Server: 198.73.214.23
Do you have an alternate address I can send to?
cheers
Bruce
My emails to you are bouncing;
-- Error Details --
Error Description:The requested connection could not be opened. The Open command timed out or failed to connect
Error Number: -53
Remote SMTP Server: 198.73.214.23
Do you have an alternate address I can send to?
cheers
Bruce