ownCloud Using Wrong PHP Configuration

The ownCloud community dropped support for Windows Server, so I must resort to documenting such problems here instead of contributing open source.

One major symptom that confirmed ownCloud was using more than one PHP environment on my server was the presence of session handler files in more than one directory.  Specifically, I was finding orphaned files in C:\WINDOWS\Temp even though my one and only php.ini production file specified a different path as well as garbage collection.

I traced the session file generation as far as the ownCloud calendar “app”, which lives in owncloud\apps\calendar\appinfo\remote.php and related places.

Debugging results were fascinating in that not only was the wrong configuration file loaded, after dumping all phpinfo() to disk I also found that the calendar app was running under an entirely different version of PHP.

The culprit:  After the most recent PHP upgrade, my site-specific Handler Mappings ended up with mismatched verb restrictions.  Somehow the new version ended up restricted to GET,HEAD,POST by default, while the old version remained unrestricted.  Although my handlers were in the correct order to give all *.php files to the correct module, any time a CalDAV client sent a PROPFIND or similar request, IIS essentially downgraded to the unrestricted version of PHP.

The solution:  Remove verb restrictions for the ownCloud site’s Handler Mappings, and then remove all but one of the PHP Handler Mappings to prevent any other versions from running without throwing errors.

If you get a bogus error about spaces in “the path to the script processor” when updating verb restrictions, just add double quotes around the path, and then click “No” on the ensuing bogus error about needing to create a new FastCGI application.  (facepalm)

Offline Files Access Denied over VPN

I just tried taking a Windows 10 laptop on the road for the first time.  Everything was great until I tried the VPN for the first time.  Suddenly, I was getting Access Denied errors, and “You do not have permissions” errors for all files made available offline.  I confirmed the VPN tunnel and even browsed to other shared folders on the same server.  The offline files errors persisted after dropping the VPN.

When I returned to the domain Wi Fi, file synchronization completed normally and there were no errors at all.

Am I to believe that Windows 10 is completely incompatible with VPN synchronization?  I never had a problem with this on Windows XP, and I am dreading the months of research and experimentation normally involved in fixing this kind of Microsoft failure.

Continue reading Offline Files Access Denied over VPN

Shortcode Problems: WordPress 4.4

I will briefly summarize Shortcode API changes since WordPress 4.0 and then kick off some ideas for a roadmap.

The first major accomplishment was the expansion of the API documentation, including a new large section I wrote about the formal syntax for shortcode input.

I also put forward a robust parser concept for the function wptexturize() that promised to re-introduce the ability to use unrestricted HTML code inside of shortcodes and shortcode attributes.  That concept went through many, many changes before being introduced in v4.2.3.  After consulting with the WordPress security team, and after extensive testing of the shortcode parsing functions, we determined that the shortcodes-first parsing strategy was fundamentally flawed and could not be included with any version beyond v4.2.2.  This is why I added an HTML parser to the Shortcode API and ultimately curtailed the use of shortcodes inside HTML rather than expand the use of HTML inside shortcodes.

Continue reading Shortcode Problems: WordPress 4.4

Cookies Not Working in IE10

I’ve finally fixed a crippling bug in Internet Explorer 10 that was preventing me from using any website that required cookie support.

This problem seemed to plague my Windows 2012 server from day one.  I’m not yet sure what was special about this configuration.  No matter how many settings I changed, every website I visited told me that I had cookies completely disabled.

I used these steps right before the browser started working correctly:

Step 1 – Find the “Delete Browsing History” dialog box.

ie-safety-menu

Continue reading Cookies Not Working in IE10

How to Block the Amazon AWS EC2

Years ago, I found it necessary to start maintaining a list of Amazon’s subnets so that I could block them easily.  This list can be used in .htaccess and firewalls that can block access using CIDR subnet addresses.

This topic was formerly hosted on the forumpostersunion.com website, which now appears to be gone.  The AWS Forums and AWS re:Post threads are also obsolete.

For current information, see: Amazon EC2 Public IP Ranges

Shortcode Problems to be Resolved in WordPress 4.1

Illustration of wptexturize_parse() concept.
Achieving correct and exact results in several steps.

When WordPress first introduced its Shortcode API, it included an all-too-simple line of code that was supposed to help curly quotes not appear inside of the shortcode attributes while still adding curly quotes outside of the shortcodes.  But there were several known problems with this one line of code, such as what would happen if a URL contained square braces, and what would happen if a plugin author wanted to use HTML inside a shortcode.

In version 4.0, I made a substantial effort to fix these problems, but it resulted in some new limitations being placed on the ways shortcodes could be used.  Although I couldn’t find any documented examples or official support for the HTML features, I did hear from several members of the WordPress community who enjoy the full power of customizing their website HTML by using shortcode attributes and HTML values.

My proposed solution is to write a new parser function that will exactly identify the shortcodes and HTML elements being used, so that the function wptexturize() will finally be able to create its curly quotes without interfering with shortcode features.  Click on the diagram to see how this new code works.

Continue reading Shortcode Problems to be Resolved in WordPress 4.1

like_escape() is Deprecated in WordPress 4.0

Plugin authors and website developers who work with WordPress database queries should notice an important change coming in WordPress 4.0.

The function like_escape() is no longer used in WordPress core code.  It is still available as a deprecated function, so it still works in any existing plugins that rely on it.  However, a new and different function is available that should be used in all new code.

Deprecated means that anyone using code that calls like_escape() with WP_DEBUG enabled will see an error message.  If WP_DEBUG_LOG is also enabled, the error message will appear in the /wp-content/debug.log file.

Let’s look at an example of core code where I removed like_escape() and implemented the new function $wpdb->esc_like().

3.9 Old Style

$search_orderby_s = like_escape( esc_sql( $q['s'] ) );

$search_orderby .= "WHEN $wpdb->posts.post_title LIKE '%{$search_orderby_s}%' THEN 1 ";

What did this do?  It was an old snippet from /wp-includes/query.php that set up a search for post titles.  The input $q['s'] was escaped using two functions before it was added to the post_title LIKE expression.  Now let’s see how I replaced that snippet in the next version.

4.0 New Style

$like = '%' . $wpdb->esc_like( $q['s'] ) . '%';

$search_orderby .= $wpdb->prepare( "WHEN $wpdb->posts.post_title LIKE %s THEN 1 ", $like );

Continue reading like_escape() is Deprecated in WordPress 4.0

Folder Redirection Broken After GPO Changes

I am learning quite a bit about the Windows 2012 environment thanks to a recent server migration.  The biggest lesson so far deals with Folder Redirection, and the effects of repeated adjustments to the GPO settings.

Under certain circumstances, folder redirection seems to get “stuck” showing either an old folder path or none at all when the user goes looking for their documents.  The Group Policy Results tool seems to confirm that the Folder Redirection settings are not being applied at all for the user/computer profile that is stuck.  Frustratingly, I couldn’t find any problem with my Group Policy configuration.

No amount of logging off and on, adjusting permissions, or messing with Group Policy seems to have any effect.

In the end, I was able to clear up the problem by running this command:

gpupdate /Target:User /Force /Logoff

The key here is the Force option, which successfully resets the folder redirection policy for that user profile, and perhaps all the profiles on that particular computer.  Problem solved!  Windows 8.1, Windows 2012, and possibly other versions are affected.

16-bit Color Limitation in RDP

GPO Editor showing the path to the color policy.
This Policy Needs to be Enabled

If you’ve ever been under the mistaken impression that the RDP client controls the color settings for remote connections, then you came to the right place for help.

Windows XP and Windows 2003 servers won’t show more than 16-bit color depth to RDP clients requesting 24-bit or better color.  You can confirm this by looking at the display settings in the control panel of the remote server.  As a result, black text looks like funny shades of purple, photos look slightly posterized, and any color-critical tasks may be impossible to accomplish by remote control.

To fix this problem, you must enable the following policy:

Computer Configuration > Administrative Templates > Windows Components > Terminal Services > Limit maximum color depth

Set the Color Depth field to 24 bit and click OK.

I can’t explain why Windows would be limited in this way by default, but it is.

Regarding GoodNotes 4

Screen shot of GoodNotes version 4.
iTunes Import for GoodNotes Templates

I’m receiving questions about a new version of GoodNotes that doesn’t allow direct imports of new template pages.  Here are my thoughts so far.

In GoodNotes 3, the easy method was to download a new template in Safari, choose “Open in GoodNotes”, tap the new page on the bookshelf, select Change Template from the menu, then add the Current Template and adjust its settings.

In GoodNotes 4, it is still possible to download pages and write on them, but I see no way to add them directly to the list of templates.  This does not prevent creation of multi-page notebooks, but it does become problematic for creating notebooks offline or trying to swap to a custom template on an existing notebook.

I was able to install custom templates in GoodNotes 4 through iTunes synchronization.  The less complex method is to tap the “Wi-Fi File Transfer” on the GoodNotes Options menu.  This requires a second computer to connect to the iPad’s web server through a wired or wireless LAN connection.

Another alternative is the monumental task of installing iTunes on a second computer, making a physical USB connection, dealing with a variety of error messages, and struggling to transfer files while the program attempts to fill up my network drives with 64 GB of backup data.

Bottom line:  You can keep GoodNotes 3, if you have it, and wait for better features in new versions, or you can deal with iTunes synchronization to install the templates you want.

Questions and comments are welcome.

Previous Post: White Templates for GoodNotes