Archive

Archive for December, 2007

Update 3 for Flash 9 Linux – Still no V4L2 or GStreamer support

December 30, 2007 2 comments
A new version of this article has been compiled here to cover
version 10 of the Flash plugin which reportedly
supports V4L2 in its second beta version!

The problem behind V4L2 or GStreamer not being supported in Flash is best observed when trying to use a Flash-based videoconference tool in a browser (like Dim-Dim or the Dokeos videoconference tool). You might have a configuration that allows you to use your webcam under Linux pretty well in other non-Flash-based videoconference applications (like Ekiga), yet you will not be able to send your video stream in the Flash-based application.This is because your Linux distribution (if it is any newer than around January 2007) will have removed support for the video driver V4L in favour of the more recent and reliable driver V4L2.

As Flash 9 client for Linux (up to update 3 at least) does not support V4L2 (but supports V4L), it is impossible for your video stream to be dealt with by the Flah client.

Despite massive requests (on the same blog, one year and a half before) for support of V4L2 or GStreamer (which includes support for V4L2), any improvement or communication on this topic has yet to be seen. Rather, the development is centered on full-screen features, support for sound codecs and the XEmbed protocol.

Too bad for the videoconference tool in Dokeos…

In the meantime, solutions might come from unexpected locations…

  • Gnash is a GNU version of a Flash player
  • OpenLaszlo offers DHTML output, which means that we only need support for video streaming in JavaScript to be able to have the same videoconference tool in all-DHTML
  • other interesting projects might be around that I don’t know of, or that I don’t remember at the moment

Time will tell which one of these solutions will give us a solution first for videoconferencing under Linux.

As pointed out by Swift in the comments to this post, there is a proposed solution here: http://swifthumors.blogspot.com/2008/03/linux-flash-webcam-headache.html

I haven’t tried it, but I must say it looks alright (considering the very little work involved). I have asked one of our admins to review it and tell me if it’s not dangerous and if it works correctly (I’m worried about the fact that modifying the devices order as suggested might prevent other Linux tools to use my webcam).

Choosing a PHP PDF generation library for Chamilo

December 28, 2007 8 comments

2014 update: This article is outdated. To date, the library that matches most of the comparison elements below is mPDF. You can include it in your project using Composer: https://packagist.org/packages/mpdf/mpdf

Today (and for the last few days) I am faced with a choice of PDF-generation libraries available in PHP.


The requirements are:

  • GPLv2 or compatible
  • possibility to generate PDF files (obviously) easily
  • possibility to transform an HTML file into a PDF file easily
  • recently developed or still active, with an active community and a possibility to contribute
  • possibility to handle UTF-8

What it can do without being a problem:

  • require PHP5
  • require PHP’s DOM extension
  • require PHP’s PDFlib extension

What it cannot do:

  • require PHP4
  • require anything else than PHP extensions (and the PHP files in the package) (to the exception of font files)
  • have an unclear license
  • have incomplete/unusable documentation

Now the possible libraries that do what I want are:

  • FPDF
  • eZPDF
  • CPDF (from what I read it’s the initial class on which eZPDF was developed, so can be ruled out safely as being too complex)
  • dompdf
  • FPDI (extension built on FPDF to use existing PDF documents as templates, but in itself seems quite useless in our case)
  • TCPDF (extension built on FPDF)
  • PDFlib (ruled out for too strict licensing reasons)
  • PDF PHP (ruled out because it’s just a wrapper for ezpdf)
  • PHP PDF Lib (ruled out because no longer developed)

Let’s analyse them all…

Feature FPDF eZPDF dompdf FPDI TCPDF
License Public domain Public domain LGPL Apache SLv2 LGPL
Easy PDF generation ? yes yes ? ?
Create from HTML no no yes no partial?
Recent activity ? ? yes yes ?
UTF-8 (or -16)? no unclear yes ? yes
Requires PHP5? ? no yes ? no
Requires PHP4? ? no no ? no
Requires DOM ? no yes no no
Requires PDFLib ? no optional no no
Good doc ? yes yes yes yes

The result of all this is that two challengers remain in Dokeos’ case: dompdf and TCPDF.

Considering the conversion from HTML to UTF-8 might be very important in the case of certificates, but that UTF-8 might become very important in the future, and that TCPDF includes UTF-8 handling as well as some HTML elements, I will first give a go to TCPDF and, if satisfying, I will keep to that.

Categories: Development, English Tags: ,

Better files filtering in Dokeos 1.8.5

December 19, 2007 Leave a comment

It’s already in the code for Dokeos 1.8.5 since 2 weeks ago: files extensions filtering. It was possible, in 1.8.4, to filter files extensions coming from ZIP files, but I didn’t have time back then to include a widespread file filtering. It is included now.

There is still a problem whereby Windows interprets files looking inside them, so it does not need the extension to be wrong in order to execute the file as is needed for a virus to spread. This is not yet filtered in Dokeos, so we are looking into integrating an (old) extension called “virusscanner” on our extensions page so that we cover that point as well. That extension connects to the ClamAV database to check the uploaded file for any trace of virus.

The problem with all that is still that some human minds prefer self interest to common interest, and take time to spread their viruses all around so we have to spend time fighting them. Humans vs humans is a tougher battle than machine vs machine.

The crackers before Christmas

December 19, 2007 Leave a comment

I don’t know why exactly, maybe it’s because some system administrators go on holiday, or maybe it’s because evil students (understand young crackers) are on holiday themselves, but the festive season is always a time when we have more attempted security attacks on our servers.

Oh, by the way, hackers are just people looking into the code to change it, they’re not evil. Crackers are people getting onto other’s systems and trying to misuse it. They’re evil.

This week, two security problems were reported “in” Dokeos [1] [2]. We finally realized that number one was a very old Dokeos installation where the recommended configuration settings (magic_quotes on) had been ignored, making the system vulnerable to SQL injection, and that the second one was also due to some kind of weird feature added to the default web server config to allow the uncompression and execution of an uploaded rar file.

Yeah, that’s right… Dokeos doesn’t handle rar files uncompressing, so basically you have to send a .rar file containing PHP files on web server, and if you’re lucky enough that the system administrators of that server are completely missing the point of security, *then* you can execute the contents of the .rar file by calling it from a web browser.

No need to say that we don’t have that *special feature* activated at Dokeos’ company, so our customers are safe regarding this one.

Categories: English, security Tags: , ,

Gradebooks and certificates for Dokeos

December 18, 2007 9 comments

I’m currenty doing two things in Dokeos

  1. adding and extending the gradebook extension (originally developed by Bert Steppé and Stijn Konings while on internship at Hogeschool Gent)
  2. adding a certificates system, based on the gradebook (or more precisely on an evaluation from the gradebook), so that a student can print a certificate once he has succesfully completed an evaluation/course/learning-process

The first part is almost complete (added the learning paths as a evaluable resource and allowed evaluations to spread over several courses). There is still some integration to be done, and study around the PDF library in use (the ezpdf code is a bit unclear about its license), but the thing works, mainly.

The second part is something that is actively asked by medium and large companies, where a need for a notion of “completion” appears. They want to know who “finished” a course, and because of the very interactive and community aspect of Dokeos, it is hard to tell when a course in itself should be “finished” (a course can include forums, chat, works, etc).
The gradebook extension adds the notion of achievable goals inside one or several courses. You can subscribe an evaluation in the form of a quiz, a work, an assignment or a learning path, give them rankings, and assign a weight to any resource (although the weight is not documented enough at this stage to be considered very usable). Once a student has reached the minimum score for the whole evaluation, he is considered as having succeeded in this evaluation (achievable goal).

The second part will thus add an HTML and PDF certificate to this, to make it possible to print out the fact that he succeeded in the exam.

** 2008-01-13 update **

The gradebook integration is now available on the Dokeos demo website.

** 2008-01-23 update **

To answer Krishnesh’s comment, the gradebook and certificate features should be ready by mid- or end-february, when Dokeos 1.8.5 is released.

Opera suing Microsoft

December 15, 2007 Leave a comment

Opera has recently decided to sue Microsoft in the European Court for

  • making it difficult for users to choose another browser (as I understand it, to remove Internet Explorer easily and replace it by another one)
  • not respecting web standards

This second point is of incredible importance for the future of the web. I’m glad somebody’s done it.

More info here: http://people.opera.com/howcome/2007/msft/

Categories: Development, English

LDAP, Active Directory and LDAP/SSO

December 14, 2007 13 comments

I’ve had to reply to part of a call for tender today. The interesting question was “Can Dokeos interact with our LDAP/SSO system?”.

So first I should review the vocabulary a bit. After searching the web for a while, I can most probably say that LDAP and LDAP/SSO are actually the same thing.

  • LDAP goes for Lightweight Directory Access Protocol (there is actually a heavyweight DAP protocol)
  • SSO goes for Single Sign-On (which means it’s a system by which a user only has to sign-in once to access multiple applications, for example)

Basically, the implemented result of LDAP is that one server has the credentials of a lot of users in a structured data tree, and that anybody using an application connected to that LDAP server can say “I’m xyz” and the authentication is then made by contacting the LDAP server to ask if the user is really who he says he is, and what information we can get.

So this is a Single Sign-On technology, which means LDAP/SSO is a redundant acronym.

Active Directory is the Microsoft’s home-made system that has the same features as LDAP but is not LDAP, so you have to do an implementation just for them (I’m being told the rules also change from one version of Windows server to the other, which makes implementations dependent on versions, which is not practical).

Luckily, Microsoft (or other people actually, I don’t know) realised that this was not practical, so they offered a translation system from Active Directory to LDAP, which makes it easily possible to use an Active Directory server as a LDAP server.

Now, let’s talk a bit about Dokeos and LDAP

Dokeos offers an LDAP extension which provides it with an almost-easy way to connect to an LDAP server and get authentication data from there. It’s almost easy because:

  • it’s shipped by default with all versions of Dokeos (from 1.6.0 at least)
  • it’s configurable via only one file (but it’s not configurable via the web interface)
  • there is a different login page for LDAP which takes the login in charge

The LDAP extension had been originally contributed by Evie (R.) Embrechts around 2003.
Just recently, a contribution (to be integrated by me in the coming weeks) has been shared by Mustapha Alouani, which eases greatly the use of the LDAP extension by providing a web interface to do various administrative tasks.

This is a massive improvement regarding LDAP integration. You can tell that over 4 years of development, this is the first big step in that direction.

On another bright side, I’ve just integrated OpenID login support into Dokeos 1.8.5 using the Drupal code for OpenID, which means it’s now possible to use another, very recent, practical and easy, Single Sign-On method in Dokeos.

Categories: Development, English Tags: , ,
%d bloggers like this: