Author Topic: pacspire - A simple package manager for the TI-Nspire/Ndless (WIP)  (Read 57894 times)

0 Members and 1 Guest are viewing this topic.

Offline Adriweb

  • Editor
  • LV10 31337 u53r (Next: 2000)
  • **********
  • Posts: 1708
  • Rating: +229/-17
    • View Profile
    • TI-Planet.org
Re: pacspire - A simple package manager for the TI-Nspire/Ndless (WIP)
« Reply #120 on: August 15, 2013, 05:46:59 am »
- the key would only be for the app store software, so just one key, not for its users.

Then it's a public key, it can't protect you from anything.
Well, running a strings command on the executable would reveal it, probably (depending on how it's hardcoded, though), but 0.01% of the people would try that - and I'm not sure to see why they would do it if they can get their own by "asking".... It's certainly not the best protection but at least it's not nothing, and would stop 90% of novice "hackers"-wannabe. But anyway, without a secure connection, a wireshark sniffing could reveal the data sent... like any program using an api with a key, when not over an encrypted connection

Quote
- I'm not sure a cache would be such a great ID as the request can vary quite enormously, and the cache would get quite huge (?)

It would make sense for requests heavy for the database, search as full-text search (these one are actually not so random) or app listing (a few hundred kb, not so big but I/O intensive for a database).
Well, we'll have to see after some usages what the most often requested things are, and plan accordingly ?
« Last Edit: August 15, 2013, 06:34:20 am by adriweb »
My calculator programs
TI-Planet.org co-admin.
TI-Nspire Lua programming : Tutorials  |  API Documentation

Offline Adriweb

  • Editor
  • LV10 31337 u53r (Next: 2000)
  • **********
  • Posts: 1708
  • Rating: +229/-17
    • View Profile
    • TI-Planet.org
Re: pacspire - A simple package manager for the TI-Nspire/Ndless (WIP)
« Reply #121 on: August 15, 2013, 06:37:51 am »
(mods: feel free to merge if judging as double post, meh)

I have integrated the &gz=1 (default 0) flag, but I don't really know how to test - at least it gives me no error, either on the client side not the server side :

https://github.com/TI-Planet/API/commit/6dc9c20b761753d08104a9a14173fbbae9e22eaa


I'll be looking at http auth (but there may be some underlying issues with apache/lighttpd that I don't really control / know about
Lionel ?)
« Last Edit: August 15, 2013, 06:40:01 am by adriweb »
My calculator programs
TI-Planet.org co-admin.
TI-Nspire Lua programming : Tutorials  |  API Documentation

Offline Vogtinator

  • LV9 Veteran (Next: 1337)
  • *********
  • Posts: 1193
  • Rating: +108/-5
  • Instruction counter
    • View Profile
Re: pacspire - A simple package manager for the TI-Nspire/Ndless (WIP)
« Reply #122 on: August 15, 2013, 07:19:33 am »
(mods: feel free to merge if judging as double post, meh)

I have integrated the &gz=1 (default 0) flag, but I don't really know how to test - at least it gives me no error, either on the client side not the server side :

https://github.com/TI-Planet/API/commit/6dc9c20b761753d08104a9a14173fbbae9e22eaa
Delete that useless header( stuff. It will only confuse file_get_contents on the other side, me, and my browser, which wants to download a file api-response-something.gz  Just output it directly. BTW: gzencode is PHP > 4.0.4, but gzdecode is PHP > 5.4 -.-

Quote
I'll be looking at http auth (but there may be some underlying issues with apache/lighttpd that I don't really control / know about
Lionel ?)
Just a .htaccess with auth user file and requre valid-user. In the PHP file you can get the user with $_SERVER[PHP_AUTH_USER].
Or make the authentication optional, then serching should only be allowed if the user is authenticated.

Offline Adriweb

  • Editor
  • LV10 31337 u53r (Next: 2000)
  • **********
  • Posts: 1708
  • Rating: +229/-17
    • View Profile
    • TI-Planet.org
Re: pacspire - A simple package manager for the TI-Nspire/Ndless (WIP)
« Reply #123 on: August 15, 2013, 08:06:25 am »
(mods: feel free to merge if judging as double post, meh)

I have integrated the &gz=1 (default 0) flag, but I don't really know how to test - at least it gives me no error, either on the client side not the server side :

https://github.com/TI-Planet/API/commit/6dc9c20b761753d08104a9a14173fbbae9e22eaa
Delete that useless header( stuff. It will only confuse file_get_contents on the other side, me, and my browser, which wants to download a file api-response-something.gz  Just output it directly. BTW: gzencode is PHP > 4.0.4, but gzdecode is PHP > 5.4 -.-

Quote
I'll be looking at http auth (but there may be some underlying issues with apache/lighttpd that I don't really control / know about
Lionel ?)
Just a .htaccess with auth user file and requre valid-user. In the PHP file you can get the user with $_SERVER[PHP_AUTH_USER].
Or make the authentication optional, then serching should only be allowed if the user is authenticated.

Ok, for the header; do I just leave one for the charset or something ?
And... what about encode/decode, do I need to do something else ?

And for the .htaccess that's exactly the problem, we don't use them our tiplanet as they don't work (don't ask me why) - last time we tried to understand, we couldn't see...
Maybe it's changed since some updates recently, but I doubt it, it's been like this for quite a while...

btw, for us lighttpd is for http and apache for https.
« Last Edit: August 15, 2013, 10:39:31 am by adriweb »
My calculator programs
TI-Planet.org co-admin.
TI-Nspire Lua programming : Tutorials  |  API Documentation

Offline Vogtinator

  • LV9 Veteran (Next: 1337)
  • *********
  • Posts: 1193
  • Rating: +108/-5
  • Instruction counter
    • View Profile
Re: pacspire - A simple package manager for the TI-Nspire/Ndless (WIP)
« Reply #124 on: August 15, 2013, 01:04:38 pm »
Quote
Ok, for the header; do I just leave one for the charset or something ?
And... what about encode/decode, do I need to do something else?
For our RPC the output is simply the following:
Code: [Select]
echo gzencode(json_encode($result));Our RPC client uses:
Code: [Select]
$remote = @file_get_contents("http://" . self::$username . ":" . self::$password . "@" . self::$host . "(...)", false, $context);
        if($remote === FALSE) (...)
        $result = json_decode(gzdecode($remote), true);

Quote
And for the .htaccess that's exactly the problem, we don't use them our tiplanet as they don't work (don't ask me why) - last time we tried to understand, we couldn't see...
Grep the whole apache config directory for "AllowOverride", most likely that's your issue.

Quote
btw, for us lighttpd is for http and apache for https.
May I ask why?

Offline Lionel Debroux

  • LV11 Super Veteran (Next: 3000)
  • ***********
  • Posts: 2135
  • Rating: +290/-45
    • View Profile
    • TI-Chess Team
Re: pacspire - A simple package manager for the TI-Nspire/Ndless (WIP)
« Reply #125 on: August 15, 2013, 01:28:48 pm »
Quote
Quote
btw, for us lighttpd is for http and apache for https.
May I ask why?
Historical reasons :)
Member of the TI-Chess Team.
Co-maintainer of GCC4TI (GCC4TI online documentation), TILP and TIEmu.
Co-admin of TI-Planet.

Offline AlexisVieira

  • LV4 Regular (Next: 200)
  • ****
  • Posts: 100
  • Rating: +1/-1
    • View Profile
Re: pacspire - A simple package manager for the TI-Nspire/Ndless (WIP)
« Reply #126 on: August 17, 2013, 06:48:20 pm »
it's normal to show me this if I've ndless r825?
I'm Portuguese, sorry bad English

Offline Vogtinator

  • LV9 Veteran (Next: 1337)
  • *********
  • Posts: 1193
  • Rating: +108/-5
  • Instruction counter
    • View Profile
Re: pacspire - A simple package manager for the TI-Nspire/Ndless (WIP)
« Reply #127 on: August 17, 2013, 06:48:46 pm »
Yes, it's too old.

Offline AlexisVieira

  • LV4 Regular (Next: 200)
  • ****
  • Posts: 100
  • Rating: +1/-1
    • View Profile
Re: pacspire - A simple package manager for the TI-Nspire/Ndless (WIP)
« Reply #128 on: August 17, 2013, 06:50:38 pm »
Yes, it's too old.

the 825?:s as I know it's the newest...

EDIT: nevermind, I didn't saw the r848
« Last Edit: August 17, 2013, 06:51:45 pm by AlexisVieira »
I'm Portuguese, sorry bad English

Offline Vogtinator

  • LV9 Veteran (Next: 1337)
  • *********
  • Posts: 1193
  • Rating: +108/-5
  • Instruction counter
    • View Profile
Re: pacspire - A simple package manager for the TI-Nspire/Ndless (WIP)
« Reply #129 on: August 17, 2013, 06:51:40 pm »
No, 877. By request of compu a new feature got added which pacspire uses.

Offline AlexisVieira

  • LV4 Regular (Next: 200)
  • ****
  • Posts: 100
  • Rating: +1/-1
    • View Profile
Re: pacspire - A simple package manager for the TI-Nspire/Ndless (WIP)
« Reply #130 on: August 17, 2013, 06:54:12 pm »
No, 877. By request of compu a new feature got added which pacspire uses.
the 848 is the newest as I can see
I'm Portuguese, sorry bad English

Offline Vogtinator

  • LV9 Veteran (Next: 1337)
  • *********
  • Posts: 1193
  • Rating: +108/-5
  • Instruction counter
    • View Profile

Offline AlexisVieira

  • LV4 Regular (Next: 200)
  • ****
  • Posts: 100
  • Rating: +1/-1
    • View Profile
I'm Portuguese, sorry bad English

Offline Vogtinator

  • LV9 Veteran (Next: 1337)
  • *********
  • Posts: 1193
  • Rating: +108/-5
  • Instruction counter
    • View Profile
Re: pacspire - A simple package manager for the TI-Nspire/Ndless (WIP)
« Reply #133 on: August 17, 2013, 06:57:29 pm »
But the last one is 877.
877 > 848!

Offline AlexisVieira

  • LV4 Regular (Next: 200)
  • ****
  • Posts: 100
  • Rating: +1/-1
    • View Profile
Re: pacspire - A simple package manager for the TI-Nspire/Ndless (WIP)
« Reply #134 on: August 17, 2013, 07:00:03 pm »
But the last one is 877.
877 > 848!
:O I was thinking that i was writting/seeing 884 -.-
I think that I need a rest xD
I'm Portuguese, sorry bad English