Textpattern CMS support forum
You are not logged in. Register | Login | Help
- Topics: Active | Unanswered
Bug Collection
- Textpattern should have a bugzilla or similar site to track bugs. Is there one that I don’t know about?
- The maximum Textpattern password length of 15 characters is much too short. “mydogeatspurplegardenias” is a better password that “L33t$p33k”.
- The 4.5.2 default page template use the <hgroup> tag, which is obsolete for HTML5.
- Textpattern 4.5.2 puts <p></p> around <ul> and <ol> constructs. The w3.org validator objects to this.
- The 4.5.2 default css.php template generates 40 errors using the w3.org validator.
Offline
Re: Bug Collection
bcq Textpattern should have a bugzilla or similar site to track bugs. Is there one that I don’t know about?
admin>Preferences>Production Status>Debug helps in finding bugs in your site structure.
Textpattern 4.5.2 puts <p></p> around <ul> and <ol> constructs. The w3.org validator objects to this.
I cannot reproduce this. Can you please post the steps?
Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.
Offline
Re: Bug Collection
The W3C validator for CSS is not worth worrying about, unless you want to unprefix everything. Use something like CSSLint instead.
I’ll look into <hgroup> deprecation – the W3C can’t make up their mind on that tag. It was in, then out, then in again, last time I checked (which was a few months back, admittedly).
The bug tracker is here
Last edited by philwareham (2013-05-17 06:31:24)
Offline
Re: Bug Collection
Ok, <hgroup> is officially out again. I’ll remove from the theme later today.
Offline
Re: Bug Collection
colak wrote:
Textpattern 4.5.2 puts <p></p> around <ul> and <ol> constructs. The w3.org validator objects to this.
I cannot reproduce this. Can you please post the steps?
Are you asking for the steps to make Textpattern put <p>‘s around a list? Doesn’t any Textile article with a list surrounded by empty lines ends up with a pair of <p>‘s?
Offline
Re: Bug Collection
philwareham wrote:
The W3C validator for CSS is not worth worrying about, unless you want to unprefix everything. Use something like CSSLint instead.
CSSLint give 101 warnings, but no errors. I suppose that is better than 40 errors and 77 warnings from w3.org.
Offline
Re: Bug Collection
philwareham wrote:
The bug tracker is "here":http://code.google.com/p/textpattern/issues/listCan my request for allowing longer passwords pretty please be added? I chose Textpattern over WordPress primarily because of security – WordPress is a popular hacker target. Allowing longer passwords allows people like me with old and decrepit brains to create decent passwords we can remember.
Last edited by skewray (2013-05-17 16:43:48)
Offline
Re: Bug Collection
skewray wrote:
Are you asking for the steps to make Textpattern put <p>‘s around a list? Doesn’t any Textile article with a list surrounded by empty lines ends up with a pair of <p>‘s?
- hi skewray
- not
- in
- my
- tests
- :)
or yours in the first post or in anyone of my sites.
If you could point us to a page we might be able to diagnose more accurately.
Last edited by colak (2013-05-17 17:30:00)
Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.
Offline
Re: Bug Collection
@skewray
I don’t know where you’re reports are coming from, but I see 2 ‘errors’ on W3C, see here
If you want me to explain those two false-positive errors – one is a hack to get IE8 to respect responsive images, the other is a vendor specific media query.
The warnings are all to highlight vendor prefixed rules, and as such are to be ignored.
Regarding password lengths – I think Gocom rewrote a lot of the login systems a few months back in the 4.6 branch – maybe try a nightly build and see if that is agreeable.
Last edited by philwareham (2013-05-17 17:50:48)
Offline
#10 2013-05-17 17:39:19
- els
- Moderator
- From: The Netherlands
- Registered: 2004-06-06
- Posts: 7,458
Re: Bug Collection
skewray wrote:
Doesn’t any Textile article with a list surrounded by empty lines ends up with a pair of <p>‘s?
Textpattern 4.5.2
Upgrade :)
Last edited by els (2013-05-17 17:41:17)
Offline
Re: Bug Collection
skewray wrote:
The maximum Textpattern password length of 15 characters is much too short
The limit is 128 characters, as far as I can make out. Admittedly I’ve just tested it on 4.6-dev which certainly allowed me to create a 20-char password and it validated all 20 chars, including case sensitivity.
From what I can tell from the changesets, nothing has changed between 4.5 and 4.6 in this regard. The functions have been consolidated, moved to better places, and the API improved, but that is all.
On what do you base the observation that passwords can only be 15 chars long? If there’s a bug like that, we need to squash it pronto!
The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.
Txp Builders – finely-crafted code, design and Txp
Offline
Re: Bug Collection
skewray wrote:
The maximum Textpattern password length of 15 characters is much too short
There are no limitations for passwords. Passwords can be as long as you want, include any symbols, numbers and characters you want.
Bloke wrote:
The limit is 128 characters, as far as I can make out.
Passwords can be as long as you want, and consisting of any bytes you want. There is no length limitation at all. You will get hash collisions of course (i.e. other shorter password will generate same hash), but the password can be anything you want. 128 makes me think you are somehow referring to the field length, which has no relation to password length. The field only hosts hashes and only limits the hash and hashing algorithm you can store. We by default use salted 128 bit MD5 hashes to store passwords. The salts we use are user-tied random values.
But. The way we handle sessions, using a password longer than x characters becomes bit redundant. The weak link in Textpattern is session handling, to be honest. The public-side session keys aren’t even stored properly in hashed format.
philwareham wrote:
I think Gocom rewrote a lot of the login systems a few months back in the 4.6 branch
Not yet, but we really need to. The login system is a pile of stinking shit. At least it doesn’t store passwords and private session keys in plain-text format, but it does some other serious don’ts in the process.
Last edited by Gocom (2013-05-18 11:10:29)
Offline