Zope Weekly News - Wed, 5 Jan 2000

Mike Pelletier mike@digicool.com
Thu, 06 Jan 00 21:52:10 GMT


    Zope Weekly News is a digest of some of the useful and interesting
    events which have occurred on the various Zope mailing lists and the
    Zope.org site.  It is published each Wednesday evening.

    Any opinions contained in the Zope Weekly News are those of the
    chronicler exclusively.


  * A security hole has been found and patched.  The problem, found
    thanks to Kevin Littlejohn's efforts, affects those sites which
    make their Zope management interface available to untrusted users.
    All Zope users are encouraged to read the announcement and update
    their Zope installation.  Patches are available for both 2.x and

    This patch forced two new Zope releases, 2.1.2 and 1.10.4.


New Products

  * Jephte CLAIN has released a new NT Domain authenticator:
    jcNTUserFolder.  Jephte's Product differs from "htrd"'s in that
    roles are given through the web and impersonation is not used.



  * "Drew" updated the Photo Product.  Photo resizes images to the
    user's preferred size.  The present version is 0.1.0.


  * "vladap" updated the mysqlUserFolder Product.  This update fixes a
    folder creation bug.  mysqlUserFolder allows you to authenticate
    users with data stored in a mysql database.  It also allows you to
    store arbitrary per-user data, and it supports HTTP and
    cookie-based authentication schemes.  The present version is


  * Jephte CLAIN has also released two patches, one to the MIME tag,
    and one to the import/export system.

    The MIME patch adds *_expr versions of the type, disposition,
    encode and name attributes of the MIME tag.  These allow you to
    evaluate an expression for the value of the attribute rather than
    specifying a literal value.  The patch also adds the attributes
    filename and filename_expr to the tag.  These attributes supply
    hints that the client will use to determine the file's name.

    The import/export patch allows you to import objects through the
    web instead of having to place files on the filesystem.


  * "phd" released an update to the mod_pcgi2 package.  This update
    adds a PCGI_ROOT command for virtual hosting.  mod_pcgi2 is an
    Apache module which moves the PCGI client into Apache's address
    space, preventing the need to start a new process to avoid the
    "fork tax".  The present version is 0.2.0.


Zope.org items

  * "Gregor" had some quibbles with a couple aspects of Zope's user
    interface.  He wrote and submitted a How-To describing how to
    prevent the "Powered by Zope" link from opening in a frame, and
    how to make the Zope document editing TEXTAREA soft-wrap.


Notable Discussions

  * Olivier Deckmyn <olivier.deckmyn@mail.dotcom.fr> has just started
    what stands to be an interesting thread for those wishing to take
    the first step developing Zope applications.  Olivier has a set of
    classes which implement the logic of the application he wishes to
    produce.  He is looking for advice on how to move from a set of
    standalone objects to a Zope application.


  * To ring in the new year, Wei Tao <taow@bd748.pku.edu.cn> started a
    Zope wishlist thread.  Got a wish, rant or suggestion?  Chime in.


  * A thread significant to Product developers: Martijn Faassen
    <m.faassen@vet.uu.nl> desires to develop a set of Product
    standards.  He points out that there are some rather arcane things
    that one has to do to produce a well-behaved Zope Product, but
    that many people do not know what they are and even those who do
    know do not always know _why_ ("voodoo programming").  Martijn
    makes a number of suggestions to rectify this problem.  Chris
    McDonough graciously offers to contribute some effort to the cause.


Mike Pelletier.

----------- comp.lang.python.announce (moderated) ----------
Article Submission Address:  python-announce@python.org
Python Language Home Page:   http://www.python.org/
Python Quick Help Index:     http://www.python.org/Help.html