Old Posts - September 2018

Old posts from September are archived here

Version of this page: ~~version~~

Moving any pertinent posts from cms3.perl-user.com over to this page as well.

DONE for cms3.pm

  • Get /api/login DONE - Sept 15
  • Add sessions for logged in user. DONE Sept 16
  • /api/logout added. DONE Sept 16
  • /api/show_my_cookies added. DONE Sept 16
  • /api/delete_my_cookies added. DONE - also deletes the session Sept 16
  • Add a sessions table to init script. DONE Sept 16
  • Make an api-register.txt page to load with initialization script. DONE Sept 20
  • LOL, had to look up creation_time for /api/register in the pages table, then subtract that from current unix time in perl -e 'print time()-X' to get second since creation_time of /api/register, ie when I loaded the last version into the database with load-register.pl Six days ago. DONE Sept 26

  • CREATE TABLE sessions (
    useruuid UUID,
    last_login integer,
    last_access integer,
    remote_addr TEXT,
    ); # DONE Sept 16
  • Verified that init-tables-userconfig.pl has the correct TYPE for last_login, last_access in sessions. DONE Sept 26
  • Updated code above and add-table-sessions.pl standalone script to use TYPE integer on those columns. DONE Sept 26

30 Sep 2018

Coded a bit on cms3.pm today on cms3.perl-user.com. Got emails going for /api/register, still needs work on validation and authentication bits, not to mention creating the /api/validate endpoint code. Emails went thru fine to my email addresses at cox.net, yahoo.com and gmail.com addresses, not to mention the server's email domain, perl-user.com.

27 Sep 2018

After extensive fighting with Apache2.4 configuration and numerous perl module installs from AUR and regular Arch sources, I got my cms3.pm working on an ArchLinux VM. Found a few hard coded references to cms3.perl-user.com that needed a global variable to replace, should pick them up from apache conf really... Like dbuser and dbname.

Brief debug output from /api/register now outputs correct number of *'s to mask password entered in form. Too revealing?

23 Sep 2018

Ok, went thru cms3.pm repeatedly, trying to figure out why some UA's from facebook's external hit brigade get 200 status codes and some make a 206 status code in my logs. I wasn't always returning Apache2::CONST::Ok when I should have, but now I am and facebook is still getting those 206 partial content status returns.

19 Sep 2018

Deleted profile pics from Facebook today. Left an angry face in place. They blocked mooo.com again. I have a chat server running on a high port number on xmas.mooo.com and have had for several years. I got my free domains from FREEdns.afraid.org

I checked today and there were 514,100 hosts on mooo.com. That's probably 514,099 decent websites/etc that are now blocked from linking to their own stuff by Facebook because of one sack of sh*t that can't control bad impulses.

18 Sep 2018

perlcritic --brutal cms3.pm is.

I spent most of my programming time today weeding out the easier instances that it was complaining about in cms3.pm (i did change it back from Cms3.pm cuz i type it 100 times or more a day editing it, testing, editing it, repeat) Ignoring that warning...

18 Sep 2018

Note: this site is currently being served by cms3.pm, a mod_perl2 response handler. Cms3.pm is the third iteration of my handler. perl-user.com uses Lynk2.pm, the 2nd iteration.

16 Sep 2018

Here's an interesting command to remember:
echo | openssl s_client -connect example.com:443 -servername example.com 2>/dev/null | openssl x509 -noout -dates
Where example.com is the domain you want to see SSL Certificate start/end dates on.

13 Sep 2018

I was hitting a slight barrier getting automatic initialization of the database, CRUD, and logins working. It was a sort of chicken before the egg before the chicken problem.

Solved it by loading two forms and inserting the admin user in the initialization script

Then, implementing ?edit to load the /api/add_page form with correct hidden form values set, giving cms3 C&R&U.

Just D (for delete) to add now. Side effect: i keep each version in the database, so i can add versioned rollbacks/views as well.

12 Sep 2018

Finally, a frontpage back up on cms3.perl-user.com

Today's commits for cms3 include working create page and edit page. Only the active page is displayed although the database can have several versions, which will allow for versioning/rollbacks/etc.

4 Sep 2018

How to make sha256 pin for HPKP
To rate security on a domain (does need SSL or rating will be high=insecure)

My domain, cms3.perl-user.com, is now sending 4/7 of the headers that page recommends. The other three do require SSL to work.

Also useful:
Mozilla HTTP Header reference

3 Sep 2018

Worked on init-tables-userconfig.pl script for new cms3.

Got functioning hash code using Crypt::Eksblowfish::Bcrypt and Crypt::Random for the salt

Added a note on the gist I found noting that converting from 16 characters of binary octets to base64 produces 1/3 more octets, thus requiring just 12 bytes to get a 16 byte base64 salt for the encrypt function.