[17:01] <photomatt> okay let's get started
[17:01] <skippy> <meetup>
[17:02] <photomatt> the agenda is pretty sparse, so we can keep it short
[17:02] <photomatt> start with podz?
[17:02] <Podz> k
[17:02] * Joins: mikelittle
[17:02] <Podz> I've been working on something for the past week, and the end result is that
[17:02] <Podz> I've taken all the Codex info - or a lot of it - and turned it into PDF files.
[17:03] <masquerade> Ohh, just what I was thinking would be useful last weekend
[17:03] <Podz> I've set a page up with an explanation here: http://www.tamba2.org.uk/T2/codex-and-pdf/
[17:03] <Podz> and the downloads are here: http://www.tamba2.org.uk/wordpress/docs/
[17:03] <skippy> fantastic!
[17:04] <Podz> it needs work as an overall project, but it also needed a bumpstart to get things into docs..I'm hoping this is it
[17:04] * Joins: shep|lappy
[17:05] <ringmaster> Each Codex page is its own PDF?
[17:05] <Podz> pretty much, yes
[17:05] <skippy> Podz: are you making these manually?
[17:05] <Podz> and as each page updates, so does the pdf
[17:06] <masquerade> perhaps with a bit of work from everyone we could organize it, make a table of contents and all, and make a book-style PDF
[17:06] <Podz> skippy:: open Office is helping :) It's not as hard as it seems
[17:06] <Podz> Open Office beta is superb for this.
[17:06] <skippy> Podz: okay; it could be automated even more with some command-line magic (curl / wget / lynx piping into gs perhaps)
[17:07] <Podz> skippy:: yes, but I had to remove all the TOC, edit links and do some formatting so it's not quite as easy, but then I don't know what tools there are.
[17:07] <skippy> okay. This is an awesome start.
[17:07] * Joins: mdawaffe
[17:08] <Podz> When codex is back, I'll create a howto page
[17:08] <robl1> Podz: are you using the WikiReader tools or something of your own creation?
[17:09] * Parts: shep|lappy
[17:09] <Podz> With Open Office beta: Highlight all Codex text, copy over. It brings all the hyperlinks :) Then just edit a few fontsizes
[17:10] <Podz> It's tedious, not tricky
[17:10] * Quits: robla (Read error: 110 (Connection timed out)�)
[17:10] <Podz> robl1 - 'my creation' ? I can't code for my life :)
[17:11] <photomatt> okay that sounds great
[17:11] <photomatt> so coordinate with Podz if you're interested in that
[17:11] <photomatt> " Codex Condition - Lorelle"
[17:11] <Podz> A codex page wil explain all
[17:12] <relle> photomatt?
[17:12] <photomatt> the codex is broken, I'm trying to figure out why
[17:12] <relle> what's the condition of codex?
[17:12] <photomatt> logging in doesn't seem to work right
[17:12] <photomatt> so until that's resolved it'll be read-only
[17:13] <photomatt> obviously it's a priority, but some WP dev issues have come up that are taking precedence
[17:13] <photomatt> which brings us to
[17:13] <photomatt> " Bug Hunting - skippy"
[17:13] <skippy> I'd like to encourage everyone to go through the trac tickets and help us squash bugs. Here's how:
[17:14] <skippy> we're tagging tickets that have patches, and don't have patches. The tags are "bg|has-patch" and "bg|needs-patch"
[17:14] <photomatt> which has been INCREDIBLY helpful when I go through trac
[17:14] <skippy> if we can get folks to test the submitted patched; and submit missing patches; we can expidite the bug hunts.
[17:14] <photomatt> skippy: that bears posting to the hackers list as well
[17:14] <skippy> photomatt: okay.
[17:15] <skippy> The more eyes we can put to the list of bugs, the faster we'll whittle it down.
[17:15] <mdawaffe> photomatt: can we get WP branded butterfly nets for all the bug gardeners?
[17:15] <mikelittle> Is this testing on the 1.5 branch?
[17:15] <photomatt> we're going to do a immediate release in the next day or so
[17:15] <ringmaster> Yeah, I didn't know that. I'll use that from now on.
[17:15] <photomatt> yes on the 1.5 branch
[17:15] <photomatt> skippy: what about setting up a 1.5.2 milestone and assigning bugs to that?
[17:15] <skippy> you can also use bg|2nd-opinion to request a second opionion
[17:15] * Joins: skeltoac|brb
[17:16] <skippy> photomatt: I've been milestoning most things against 1.6; but 1.5.2 is just as good.
[17:16] <photomatt> I think we should triage things against the 1.5 branch for this very-soon release
[17:16] * Joins: element
[17:16] <photomatt> hopefully things like hooks and simple bug fixes that don't touch a lot of code
[17:16] * Joins: stevecooley
[17:16] <mdawaffe> photomatt: is there more security stuff to be checked in?
[17:16] <skippy> photomatt: did any of the responses to your list of fixes sound inappropriate for the immediate release?
[17:17] * skeltoac|brb is now known as skeltoac
[17:17] <photomatt> not that I recall
[17:17] <skippy> if we can check off a handful of the annoying niggling bugs, all the better.
[17:17] <photomatt> mdawaffe: there's a potential issue in post.php that we're investigating
[17:17] <mdawaffe> k
[17:17] <skippy> I'll try to collect the list of resposnes, and put a call for attention on the list later.
[17:18] <photomatt> what we need to do in the 1.6 branch
[17:18] <photomatt> is go through every single instance of isset() and see where that variable is coming from
[17:18] * Quits: skeltoac|mobile (Remote closed the connection�)
[17:18] <masquerade> Well, then let's post that to the hackers list, I'm sure it'll get done much quicker with more eyes on the code
[17:18] <skippy> should we schedule a "security review" day?
[17:19] <skippy> no bug fixes, just documenting each variable's provenance ?
[17:19] <ringmaster> ...or otentially looking for what?
[17:20] <skippy> ringmaster: following isset()s as photomatt said; also looking for/at all user-supplied data.
[17:20] <photomatt> things we've missed historically are places where we don't expect user data
[17:20] <ringmaster> Ok.
[17:20] <photomatt> most of the actual submissions are pretty well reviewed
[17:21] <masquerade> Ever considered running WP through http://securityscanner.lostfiles.de/index.php that one time?
[17:21] <skippy> that's all I had: I wanted to get some energy going for more trac reviews.
[17:21] <masquerade> I haven't looked into it too far, saw it posted on Planet WP this morning
[17:22] <ringmaster> There are 378 matches in 82 files for isset(.*?) in the latest SVN.
[17:23] <masquerade> ringmaster, I'd imagine a good amount of that will be for Query Based Templates
[17:23] <ringmaster> http://asymptomatic.net/temp/isset.txt
[17:23] <photomatt> I'm not saying it'll be fun, but it needs to be done
[17:23] <mdawaffe> well there's 19 of us here, that's... 20 apiece :)
[17:24] <photomatt> heh
[17:24] <photomatt> so skippy, you good for creating a 1.5.2 milestone?
[17:24] <masquerade> well, you have to count out those who don't know PHP though, which I know knocks at least a few out ;-)
[17:24] <skippy> photomatt: do you want me to make the milestone? Sure.
[17:24] <photomatt> please
[17:25] <photomatt> the better we can organize the issues the faster we can get a release out without forgetting something
[17:25] <photomatt> next up: " WP-Medic - masquerade"
[17:25] <masquerade> Well, I just figured I'd throw out a little project set to release this friday
[17:25] <masquerade> basically, an external script to debug WP, especially useful for helping on the forums
[17:26] <masquerade> features:
[17:26] <masquerade> file integrity checker: http://68.33.239.27/1.5/wp-medic/sections/diag/fileintegrity.php
[17:26] <masquerade> siteurl fixer: http://68.33.239.27/1.5/wp-medic/sections/db/paths.php
[17:26] <masquerade> full blown options editor: http://68.33.239.27/1.5/wp-medic/sections/diag/options.php
[17:27] <masquerade> basically, its to get rid of the need for phpmyadmin and such when trying to fix sites
[17:27] <mdawaffe> how does it know when to unserialize and when to not?
[17:27] <photomatt> nice graphic :-p
[17:27] <skeltoac> Cute.
[17:27] <masquerade> mdawaffe, same way WP does
[17:28] <mdawaffe> ah - right
[17:28] <mdawaffe> ok
[17:28] <photomatt> looks like a very cool project
[17:28] <masquerade> the one other feature that isn't done is a whitespace fixer
[17:29] <masquerade> automagically get rid of [some] of those headers already sent errors from people editing files and leaving a newline
[17:29] <photomatt> while we're on plugins, what do you guys think of an XML-RPC call that would tell you the active plugins on a blog?
[17:29] <ringmaster> One other thing, while we're on this topic: the web esrvice for version info?
[17:29] <photomatt> ringmaster: http://rpc.wordpress.org/latest-stable/
[17:29] <skeltoac> photomatt: I like it.
[17:29] <photomatt> sent to the hackers list
[17:29] <ringmaster> Right. It's a date? How about a version number? Or an SVN revision?
[17:29] <photomatt> we could provide all of those
[17:29] <ringmaster> And then including the SVN rev in source with $Id$?
[17:29] <skippy> I don't think anyone needs to know which plugins I'm running, unless I tell them.
[17:30] <masquerade> skippy, its all locked down, I commented out auth for now
[17:30] <skeltoac> skippy: There could be an opt-in checkbox for it.
[17:30] <skeltoac> Oops, more options...
[17:30] <skippy> <sarcasm>options are bad!!</sarcasm
[17:30] <photomatt> :-p
[17:30] <photomatt> yes, I wouldn't want an option for it
[17:30] <skippy> make it a plugin in itself.
[17:30] <skippy> then people who don't want it can not activate it.
[17:31] <mdawaffe> seems you might want to work per-plugin - some might not want people to know which spam plugins they use, e.g.
[17:31] <masquerade> oh yeah, and WP-Medic has a plugin manager for when a pesky plugin runs astray and can't be deactivated
[17:31] <photomatt> skippy: we actually want it to be the reverse
[17:31] <photomatt> the idea is to get as much data as possible
[17:31] <ringmaster> What would listing the plugins of a blog offer to the blogger?
[17:31] <photomatt> someone could also check your plugins by hitting your wp-content/plugins folder or checking that folder for known file names
[17:31] <skippy> ringmaster: it's to help the supporter, I think
[17:31] <skeltoac> yes.
[17:32] <photomatt> in fact I heard people suggesting that, so I thought it would make more sense just to have an official hook for it
[17:32] <skippy> photomatt: but that directory listing won't tell them which ones are activated.
[17:32] <photomatt> it would also be very valuable data for any plugin directory, knowing what plugins are actually USED rather than what's downloaded
[17:32] <photomatt> which is a very rough metric
[17:32] <skippy> My concern is this: if a plugin I use has a vulnerability, I don't want people to be able to sniff for that plugin.
[17:33] <relle> FYI - This plugin is designed to create a list of activated plugins for displaying on a Page: http://www.andrewsw.com/pages/pluginsUsedPlugin
[17:33] <masquerade> skippy, if people want to get you that bad, there are ways to sniff otherwise
[17:33] <photomatt> you have the same problem (more, actually) with WP exposing its version various places
[17:33] <skippy> masquerade: yes, I understand. But if an automated attack is prefaced by a sniff, I would like to deny the sniffer and avoid the automated attack.
[17:34] <skippy> I'm not the end-all-be-all, though. If it gets rolled in, I'll disable it.
[17:34] <skeltoac> To mitigate the concern about automated attacks, such functions could require some form of human authentication.
[17:34] <masquerade> skippy, what about if we found a DSA library for PHP or something and all data sent is DSA encrypted with a public-key which only Matt holds
[17:34] <photomatt> skippy: from your point of view, would you want it to be a hidden pref or something a plugin / flag would disable?
[17:34] <masquerade> er, a private key whicho nly matt holds
[17:35] <photomatt> masquerade: that'll just make them hack me first!
[17:35] <skippy> photomatt: my preference would be for it to be something which needs to be specifically _enabled_, instead of disabled.
[17:35] <masquerade> photomatt, so? :-P
[17:35] <skippy> The user ought to know what it does, and why they're enabling it.
[17:35] <masquerade> photomatt, at least the rest of us feel safe ;-)
[17:35] * mdawaffe hacks photomatt
[17:35] <photomatt> ouch
[17:36] <skeltoac> WP Debug Mode?
[17:36] <photomatt> so just to summarize
[17:36] <ringmaster> Yeah, I think that's probably a better idea, along with a big warning not to turn it on unless for good reason.
[17:36] <photomatt> the cons are if a plugin had a vuln it could be used by an automated scanner
[17:37] <photomatt> the pros would be support techs could look it up, and plugin directories could aggregate it
[17:37] * robl1 is now known as robla
[17:37] <photomatt> related to that, we could reward plugin authors as well using that data
[17:37] <skeltoac> If I were a hacker and if I knew command that could take down your blog given a certain plugin, I'd just send the command. Why bother requesting the plugin list?
[17:38] <photomatt> good point, I still get worms aimed at that IIS vuln from years ago, code red or something
[17:38] <photomatt> they don't bother to check that I don't run IIS
[17:39] <Podz> some users will see it as a privacy issue whether you guys do or not, so this should be transparent
[17:39] <masquerade> photomatt, oh yeah, I get those to my home laptop at about 10 or so a minute
[17:39] * mdawaffe realizes photomatt doesn't run IIS. Stops hacking
[17:39] <photomatt> the difficult part about this is
[17:39] <skeltoac> heh
[17:40] <photomatt> the benefits are tangible, the cons are potential
[17:40] <skeltoac> True.
[17:40] <ringmaster> What about privacy?
[17:40] <Podz> is that at me ?
[17:40] <skippy> if it needs to be an option, we could make it a one-off option in upgrade.php, as a new step ?
[17:41] <skeltoac> ringmaster: Do you see the version as a privacy problem?
[17:41] <ringmaster> I also have a ton of plugins that I wrote that I'm not going to release. I'd rather not have that list available to a directory/anyone.
[17:41] <photomatt> what if it was just a filename or similar?
[17:42] <photomatt> rather than all the info about the plugin, which may be private
[17:42] <photomatt> that would address ringmaster's concern
[17:42] <ringmaster> I see it now: "Oooh, ringmaster, can I have that xosoiwehf.php plugin?"
[17:42] <mdawaffe> photomatt: I change some of the filenames - I'd be corrupting your data
[17:42] <skeltoac> Or an extra field in the comments section of the plugin itself.
[17:42] <masquerade> mdawaffe, the number of users who would rename the files are slim
[17:42] <photomatt> mdawaffe: that's fine, you're an outlier
[17:42] <mdawaffe> take that, inliers!
[17:43] <Podz> but what you do not need is a "WP are looking inside my blog" type affair going on, which you will unless you make this clear to all with reasons. We may know what the web is like, but as far as users are concerned, their blog, their privacy
[17:44] <skippy> explain to me again how the list of plugins will help anyone other than a plugin manager ?
[17:44] <skeltoac> Plugin authors could take advantage of the feature by including an extra field in the top of their plugin file. The RPC function could just send those out and a number representing the unknown plugins also activated.
[17:45] <ringmaster> Podz: That's really the thing. Most programs will ask you if you want to submit anonymous usage data. As long as the user is cool with that, then ok. WP should do this if this feature is included.
[17:45] <Podz> agreed
[17:46] <masquerade> I think asking during installation/upgrade would be a great idea, that way its neither enabled nor disabled by default
[17:46] <photomatt> should we disable other data we send out?
[17:46] <photomatt> such as the wordpress meta tag
[17:46] <photomatt> version data
[17:46] <photomatt> RSS fields such as author, time posted, etc may not be exposed in the templates
[17:46] <Podz> thats just 'there'. this you are going in and getting. It's a definite change
[17:47] <masquerade> really, I see nothing in the ideas that couldn't already be accomplished out of the box
[17:47] <photomatt> masquerade: which way?
[17:47] <masquerade> photomatt, sending plugin data, version info
[17:47] <masquerade> wondering what plugins are running? Test for a list of known plugins
[17:49] <photomatt> I'd hate for a spider to be flailing about randomly in people's wp-content directory
[17:49] <skeltoac> I think the volume of opinions in this discussion is enough to warrant the addition of at least one option to turn off RPC calls.
[17:49] <masquerade> photomatt, I mean from the whole privacy, sniffer standpoint
[17:49] <masquerade> I wouldn't see much of a problem with enabling it by default, but if there's people with a problem, I'd think the install/upgrade process should let you choose
[17:49] <photomatt> then again we had that guy running around forums claiming WP was spyware because it had a link to an external image
[17:50] <Podz> while installation is one place, there needs to be a way to later kill it off. People will be so eager to install they will allow the defualt, which will undoubtedly be to send.
[17:50] <skippy> can't we stage this?
[17:51] <skippy> Make it an install-only option now, default to off.
[17:51] <skippy> So people get used to seeing it.
[17:51] <Podz> Hey - if this was on a MSN blog, what would we be saying ?
[17:51] <skippy> we can tlak abotu it.
[17:51] <skippy> Then, in 1.6, we bring it out again
[17:51] <masquerade> Podz, on by default, make it difficult to disable :-P
[17:51] <skippy> give ample opportunity for community discussion in the forums.
[17:51] <ringmaster> My gut reaction is that I like my privacy, but I might change my mind (or become more adamant) by next week.
[17:51] <Podz> pah - the code to kill would be in the forums :)
[17:51] <skeltoac> photomatt: Are there any other things you'd like to make discoverable via RPC?
[17:52] <photomatt> skeltoac: totally
[17:52] <Podz> photomatt:: do you have a search box on your blog ?
[17:52] <ringmaster> skeltoac: You can make everything discoverable via RPC via plugin. I'm surprised that BOTD doesn't do that.
[17:52] <photomatt> my leaning is for it to be default on, but very easy for users to turn off if they feel like it for whatever reason
[17:52] <photomatt> just like pinging
[17:52] <skeltoac> So if we're looking at a growing list of RPCs, we're looking at having this discussion every time unless we handle it once and for all.
[17:52] <photomatt> Podz: you can search through the query string, just add ?s=
[17:53] <relle> podz NO he doesn't and it makes me CRAZY to use his site.
[17:53] <Podz> photomatt:: that's a no then :)
[17:53] <photomatt> I have a firefox shortcut so I just type "p term" and it searches my site for that term
[17:53] <Podz> photomatt:: you choose one way, but it's unfindable for 90% of users
[17:53] <Podz> there is a standard here :)
[17:53] <skeltoac> For the tin-foil-hat people, we may need to start a Privacy tab.
[17:54] * skippy casually slips off his tin-foil hat.
[17:54] <photomatt> when I get a chance I'm going to drop the yahoo code in, I've just been too lazy to have the search go through my archives in addition to photos and scripts and quotes
[17:54] * ringmaster looks at his tin foil hat, and eyes skeltoac carefully.
[17:54] <skeltoac> =P
[17:54] <Podz> I'm not privacy bothered - but the screamers WILL hit wp from all angles unless this is done properly
[17:54] <skippy> http://wordpress.org/support/topic/41562 <-- should I kill this ?
[17:54] <skeltoac> Does anyone think privacy isn't a big enough issue to make an options tab for?
[17:55] <photomatt> skippy: just say "we know" and close it
[17:55] <Podz> For the work to do it vs the potential hassles, I would say do it.
[17:55] <photomatt> let me outline a larger plan
[17:55] <photomatt> hopefully in 1.6
[17:55] <masquerade> skippy, can you move it? it doesn't belong there
[17:56] <masquerade> it belongs in plugins/hacks
[17:56] <photomatt> there should be an install checkbox
[17:56] <Podz> we can't move posts yet
[17:56] <photomatt> "[ ] This is a public blog"
[17:56] <mdawaffe> Podz: as soon as photomatt updates you can
[17:56] <photomatt> if it's not checked, it shouldn't ping anyplace
[17:56] <Podz> mdawaffe:: cool ! thanks !
[17:56] <photomatt> and maybe add meta noindex tags
[17:56] <photomatt> just for people who want to blog but not let the whole internet know about it
[17:56] <skeltoac> photomatt: I like that idea.
[17:57] <ringmaster> Does that affect this RPC thing, too?
[17:57] <photomatt> I'm a big believer in privacy, if people don't want crawlers and technorati and google on their blog, that should be an easy option
[17:57] <photomatt> ringmaster: I think that could be the global switch
[17:57] <mdawaffe> photomatt: I say rock it. The only thing I can think of off the top of my head that I would mind being discoverable are email and pass, which I assume will stay safe :)
[17:58] <Podz> can we have solid info for users BEFORE they upgrade. 1.6 is goig to be changing a lot and I would hate to see security used as the crowbar and then we have all these people with blogs that are actually very different
[17:58] <mdawaffe> the global on/off is a good idea
[17:58] <ringmaster> "This is a public blog" should link to a Codex WP Privacy Policy page.
[17:58] <mdawaffe> yes
[17:58] <Podz> and all this can be altered ?
[17:59] <mdawaffe> Podz: all what?
[17:59] <Podz> the privacy stuff
[17:59] <mdawaffe> oh - on codex? I guess we should lock that page
[17:59] <skippy> make a privacy tab. A top-level "Public / Private" checkbox sets or unsets a list of per-item checkboxes. I'd like that.
[18:00] <mdawaffe> (Podz - I'm not sure I correctly interpreted your question)
[18:00] <Podz> Matt - you posted a long time ago about windows updates and your data loss. That post/comments went on forever. You did not like how the MS product behaved. You are proposing changes to WP that will change it's behaviour and people will react just the same. This must be completely above board
[18:02] <masquerade> Podz, WP is a bit more sane than an MS product
[18:02] <masquerade> and, we're not altering files
[18:02] <photomatt> I don't see the parallel, but I understand that this should be done deliberately
[18:02] <skippy> can we defer this for the mailing list? I'd like to see the last two agenda items brielfly.
[18:02] <Podz> hey - it's not me you have to convince :) It's the people wanting to find ground to shoot from
[18:03] <ringmaster> There needs to be a codex page that describes what information your WP blog will expose when you toggle that switch off and on.
[18:04] <Podz> that would be excelelnt
[18:06] <photomatt> okay last two items
[18:06] <photomatt> " Forums: topics with no replies - mdawaffe"
[18:06] <mdawaffe> uh - this can happen very easily now (though is not implemented yet)
[18:06] <mdawaffe> something like ?noreplies=1 will make it all work
[18:06] <mdawaffe> do people want an actual link?
[18:07] <mdawaffe> where should it go?
[18:07] <photomatt> I would love to see
[18:07] <photomatt> a new file, view.php
[18:07] <photomatt> then the URL could be /view/no-replies/
[18:07] <photomatt> and /view/untagged/
[18:07] <mdawaffe> ok
[18:08] <skippy> are the tags proving useful to anyone?
[18:08] <mdawaffe> skippy: to me :)
[18:08] <skippy> ok
[18:08] <skippy> that's enough for me then.
[18:08] <relle> The people who would use the no replies would be volunteers, right?
[18:08] <mdawaffe> I follow http://wordpress.org/tags/bbpress
[18:08] <relle> Not general users.
[18:08] <skippy> relle: general users COULD use it; but most wouldn't
[18:09] <mdawaffe> relle: Anyone could, I would suppose the people who would would be the "volunteers" as you call them
[18:09] <relle> right.
[18:09] <relle> so it would make sense to have such a link in an inconspicuous place or on the Profile page.
[18:10] <photomatt> I think it's a great idea, let's make it happen
[18:10] <Podz> I think it should be public. Why hide them ?
[18:10] <relle> Maybe in the footer?
[18:10] <mdawaffe> I say don't hide them
[18:10] <photomatt> nah put it right under the tag cloud
[18:10] <mdawaffe> but I don't know where to put them
[18:10] <relle> I'm not talking about hiding.
[18:10] <mdawaffe> done
[18:10] <mdawaffe> ? above latest discussions?
[18:10] <photomatt> yep
[18:10] <relle> How about below the Forum Topic sections instead.
[18:11] <photomatt> Views: X, Y, Z
[18:11] <relle> Scrolling past the tags is already a lot to scroll past to get to the questions.
[18:11] <mdawaffe> k - it'll only be one line, I suppose
[18:11] <photomatt> as people decide which other ones they want we can add them
[18:11] <photomatt> but the two that come to mind are untagged and no replies
[18:11] <photomatt> we could link unresolved too
[18:12] <Podz> those 3 would be very useful
[18:12] <mdawaffe> You want it under a <h2> ?
[18:12] <relle> I really think that the users need to get to the posts and the forum sections as fast as possible. These particular links could go below easily.
[18:12] <skippy> can we get some more space between the ads and the pagination links ?
[18:12] <relle> I still feel that the tag cloud should be below Search in the column.
[18:12] <skippy> i agree with relle.
[18:12] <relle> Having spent 6 weeks with a 600x800 monitor, it's HELL scrolling down all the way.
[18:12] <masquerade> I have a request for the forums while on the subject...
[18:12] <relle> Just to get to the good stuff.
[18:13] <masquerade> can we get a fluid layout, some of us have these things called normal sized monitors
[18:13] <Podz> I too would like to see that grey bar used..
[18:13] * relle hugs masquerade
[18:13] <Podz> masquerade:: greasemonkey ?
[18:14] <masquerade> Podz, find a JS guru that'll write me one and sure
[18:14] <Podz> TG mentioned this to forums list - maybe someone can come up with some skinning for FF users ? Or if someone tells me where to look, I'll try
[18:14] <photomatt> okay, wrapping up
[18:14] <photomatt> " Media status - ringmaster"
[18:14] <ringmaster> Really quick...
[18:15] <ringmaster> Just wanted to note that I am progressing on the media features that have been listed in the 1.6 features for months.
[18:15] <ringmaster> For those that haven't seen it or played with it, there is a screenshot here: http://asymptomatic.net/temp/media1.html
[18:15] <relle> It's work of art!!!!
[18:15] <ringmaster> The latest version (not pictured) works with WYSI, which is why I've been sending in a few patches for TinyMCE.
[18:15] <ringmaster> Current work is for making the rewriter get the thumbnails.
[18:15] <ringmaster> General or specific thoughts on this could be helpful.
[18:15] <relle> Personally, I think of all the features for the new version, this media ability will push WordPress to the top.
[18:17] <photomatt> ringmaster: would it be possible to make the primary mode of interaction attaching files to the post
[18:17] <photomatt> and then have browsing as an option for already existing media?
[18:17] <skeltoac> ringmaster: That's the first I've seen it and let me just say OMG WOW!
[18:18] <photomatt> I'd like to stay away from the complexity of nested folders everywhere, people already deal with that on their HDs
[18:18] <ringmaster> Ok. I should be able to have it do that when there's only one filesystem.
[18:19] <ringmaster> In the example, it's getting files from the local server and from Flickr.
[18:19] <ringmaster> I might be able to root things other than the local files in a different way so that images are on the first browser page.
[18:19] <photomatt> then yeah, let's try to stay away from folders
[18:20] <ringmaster> Do users with many many images not organize them into folders?
[18:20] <relle> Yes, but let's not forget that some of "us" have spent years organizing and structuring our image folders.
[18:20] <photomatt> well if they want to browse their local files
[18:20] <masquerade> Could scrap folders entirely and put in a tags browser instead
[18:20] <photomatt> the built-in OS browser is going to be better for that
[18:20] <photomatt> every time
[18:20] <photomatt> for files on the server
[18:20] <photomatt> the most common use case is posting and attaching images
[18:21] <stevecooley> wowzer, that looks cool
[18:21] <photomatt> we can auto-create folders for those just like we have "fake folders" for posts
[18:21] <photomatt> so the file you uploaded today can go in wp-content/2005/08/
[18:21] <relle> ICK
[18:22] <photomatt> if they already have things uploaded, they can just link, but for new attachments we should auto-file
[18:23] <ringmaster> Ok, so the upload link should automatically choose where the image goes.
[18:23] <ringmaster> And the link would be available on the root browser page.
[18:23] <relle> then auto-file should be controllable so people could upload to wp-content/photos/cats and wp-content/photos/dogs not just by date.
[18:23] <stevecooley> I use Phpix, which is ridiculously easy to post photos with.. would I be able to get it to post photos into my structure maybe?
[18:23] <stevecooley> ie: http://www.somejunkwelike.com/oow3/
[18:24] <ringmaster> The trouble would be figuring out a good way to handle more than one categorization scheme. Better to just choose a default one and let plugins override them.
[18:24] <stevecooley> that's where I spend a lot of time when i post photos, making sure it's on the server, finding the file on the server, then ascertaining the URL, then posting it in an article
[18:25] <photomatt> totally
[18:25] <photomatt> the hardest part should be selecting the photo on your HD
[18:25] <photomatt> everything after that can be handled
[18:25] <stevecooley> yeah
[18:26] <ringmaster> Ok, so I'm still in the process of revising. :)
[18:27] <photomatt> thanks for the update ringmaster!
[18:27] <stevecooley> btw, what's cool about phpix is that I wrote a mime detector and media handler piece of code so that I can throw anything quicktime can read in there, and it's viewable in a gallery instantly
[18:27] <ringmaster> Same with this. ;)
[18:27] <stevecooley> cool :)
[18:27] <stevecooley> can't wait to see it in action on my install :)
[18:28] <ringmaster> I'm done talkin'.
[18:30] <Podz> mdawaffe:: main channel for a moment ?
[18:30] <mdawaffe> #wordpress ?
[18:30] <Podz> yup
[18:31] <skippy> okay, any last items?
[18:31] <relle> Is there anything else on the agenda?
[18:32] <skippy> I think that's it.
[18:32] <skeltoac> I'm full.
[18:32] <relle> photomatt?
[18:33] <skippy> going once...
[18:33] <relle> OH, just do it.
[18:33] <skippy> </meetup>