Category Archives: Explanation

Update: IP address detection in PHP

Explanation, Programming, WOU website

We now actually have an even better workaround for the IP address problem I talked about last time.  Near the top of any PHP page,  include the following line:

require_once('wou_web_patch.inc.php');

After that, the normal IP address variable $_SERVER[‘REMOTE_ADDR’] will hold the actual IP instead of one of the four load-balancer addresses.  $_SERVER[‘HTTP_WOU_REAL_IP’] will continue to hold the real IP as well, but you should use the normal variable whenever possible.

By the way, the patch is already included in the WOU standard template, so if you are using those topinclude and bottominclude files, you only need to include the above code if you need the IP address before you call topinclude. Since it uses require_once(), there will be no conflict when the topinclude calls the patch again.

IP address detection in PHP

Explanation, Programming, Uncategorized, WOU website

In PHP, the standard way to get the user’s IP address is from the $_SERVER[‘REMOTE_ADDR’] variable.  Unfortunately, that doesn’t work on our main webserver.  That’s because that server is really several servers sitting behind a special server called a load-balancer.  When anyone goes to wou.edu, they are really going to the load-balancer, which hands off the request to one of the actual webservers.  This is a fairly common setup in the web world, because it means the whole website will no longer go down if a single webserver fails.

Unfortunately, there’s a drawback.  Because of some peculiarities of our network setup, when the load-balancer passes a request to one of our webservers, that server sees the load-balancer’s IP address instead of the actual user’s.  If you code in PHP on our server, you may have noticed that $_SERVER[‘REMOTE_ADDR’] always has one of four specific IP addresses. (Though you might expect only one from my oversimplified description just now.)

Luckily, we now have a workaround. Dave McEvilly figured out how to have the load-balancer include the user’s actual IP in a new, custom variable when it hands the request to whichever actual webserver it chooses.  So the normal ‘REMOTE ADDR’ variable still has one of those same four addresses, but you can use $_SERVER[‘HTTP_WOU_REAL_IP’] to get the IP of the user who made the actual request.

I know this was a pretty technical post, but as always you can contact me with questions at swartzer@wou.edu.

 

It’s already added to the standard template, so after you have called the topinclude file, you can

 

How to search for WOU blogs

Blogging, Explanation

Since Blogger is one of those weird services that’s still not quite compatible with Google Apps, there’s not an easy way to list blogs owned by others in our domain.  Not that I’ve yet found, anyway.

You can try Blogger Search, though; it’s available in a bunch of different ways:

Some help is available at the Blog Search FAQ page, but it seems to be a bit outdated.
Currently, just searching for “mail.wou.edu” (our Google Apps domain name) doesn’t get you much, but once more of us get active and start linking to each other, that should change. Right now it’s probably best to search for a specific person’s blog using “mail.wou.edu” and their name, like so:

This will search the contents of all publicly available entries in the Blogger system, so you’ll probably also get results from outside WOU, but anything from the blog you’re looking for should be near the top.

Now, I’m not sure why this search only returned one entry, since Nathan has more than that in his blog, but the important thing is that it gives the blog’s address.
Later I’ll post on how to add a blog to your blog’s sidebar, or to the list of blogs in your dashboard.

Help reduce confusion: fix your WOU Gmail ‘from’ address!

Email, Explanation, Google Apps

As promised, here’s how you fix the ‘From’ address Google Apps puts on your messages. Note that the illustrations are from Google’s new look, but if your account still has the old layout, things should be the same except for colors and other details.

1. On the main Gmail page, click the gear icon at the top right and choose Mail settings in the popup menu.
2. On the Settings page, click the Accounts tab, and then the “Add another email address you own” link; a popup window should appear.
3. In the popup, enter yourlogin@wou.edu in the email address box and make sure the Treat As Alias checkbox is checked, then click Next Step.
4. The popup will change and show you three buttons. Click Send Verification.
5. The popup will change again, giving you two choices for what to do after the email verification arrives. You don’t have to leave the popup open, because you’ll use the first method which doesn’t require you to enter the verification code here; either way, though, go back to your inbox using the link in the folder list.

6. Since your @wou.edu address delivers to gmail, you don’t have to go anywhere else to get the verification message. If it doesn’t show up in your gmail inbox after a minute, reload or refresh the inbox page. When it does appear, click on it just like any other message.

7. In the email, click the verification link.
8. This should open a new page that says the verification has succeeded. Click the link to go back to the inbox.
9. As before, click the gear to go back to Settings.
10. In the Accounts tab, the @wou.edu version of your address should now be in the list; click the “make default” link next to it.
11. Finally, check that the @wou.edu address says “default” next to it. If it does, you’re done!
From now on, whenever you send a message in Gmail, it will say “From: yourname@wou.edu” instead of the confusing “@mail.wou.edu” address.

No, your WOU email address has not changed!

Email, Explanation, Google Apps

I’m not sure how this happened, but a fair number of students seem to think that their email addresses have actually changed because they signed up for a WOU Google Apps account. The confusion probably stems from seeing messages from “somebody@mail.wou.edu” where they’re used to seeing “somebody@wou.edu”. The ‘mail.wou.edu’ address only shows up because of the way we had to set up our Google Apps domain; we would have hidden it if we could have. In other words: use the same addresses you’ve always used! They will reach people whether or not they have set up their WOU Google Apps account, and even if they have set it up but still use the old webmail to actually get mail. Coming soon: instructions to make your Google Apps email show up as from youraddress@wou.edu instead of the mail.wou.edu version.

Setting up a blog on Blogger with your WOU Google Apps Account

Accounts, Blogging, Explanation, Google Apps

Updated April 4, 2012

As promised earlier, here is how you get started on Blogger, AKA Blogspot.

Before you go through this process, though, check to see if it works already; that’s happened for some people, and it may work for more now that we have Google Profiles and Google+ enabled on our Google Apps domain.

  1. Log in to the WOUPortal.

  2. Go to gmail (Google’s systems need to know you’re online or this won’t work.)

  3. Go to http://www.blogger.com/.  If you get a server error, or are redirected to the Portal login page, then blogger isn’t already set up for you and you need to do the workaround process below.

  4. If you see the login page for blogger, try logging in with your WOU Google Apps account: “yourname@mail.wou.edu”.  It is important to use “mail.wou.edu”, not just “wou.edu”!

Here’s a snapshot of the blogger.com login page, so you know you’re in the right place:

If none of that got you in to blogger’s control panel, here’s the workaround to use:

  1. Sign out of Gmail, which should return you to the Portal login page. This won’t work unless you are actually signed out; just closing browser tabs is not enough.

  2. Go to http://www.blogger.com/ and click the “Sign up for a new Google Account” link in the upper right.  Enter your mail.wou.edu address, and the same password you use in the WOUPortal, then fill out the rest of the form.

  3. Click Continue.  You will probably see a message like this: 
    Blogger is not available for mail.wou.edu. Learn more about 
    Google products you can use with @mail.wou.edu.

    Did you use this product with a different Google Account? 
    Sign out of your current Google Account and then sign in 
    to the account you want.

    The text might be different, but that should be the gist of it. This is actually a good sign, and you’re almost done with the process.

  4. If the text “Sign out” in the message is a link, click it. Either way, next go to the WOUPortal, where you should see the login form.

  5. Log in, go to Gmail, and then go to www.blogger.com. Instead of the login screen, you should see a user profile including the option to create a new blog. If you do see the login form, click Sign In but don’t enter any email or password. That should take you to the blogger user profile if you weren’t there already.

That’s it! From then on, as long as you’re signed in to Gmail, you should be able to go directly to blogger and be logged in.

Google Apps Accounts vs. Google Accounts

Accounts, Explanation, Google Apps

There’s a lot of confusion about this, so hopefully I can explain it in a way that makes more sense.

A “Google Account” is basically a personal account.  This is the original type of account Google offered, back when they started up Gmail and Google Apps didn’t yet exist.  If you created an account on any Google service, it would be a Google Account.

A “Google Apps Account”, on the other hand, is what you get when a whole domain is set up to use Google services.  If you own a domain you can sign up for this yourself, but more likely you got it when an organization signed up and then gave you an account. These accounts are managed centrally by the owner of the domain. For brevity, I’m going to refer to these as “GA accounts”, and domains with Google Apps enabled as “GA domains”.

When you log in to the WOUPortal and go to gmail, you’re using a GA account; WOU’s GA domain is “mail.wou.edu”, which is why you’ll often see “yourname@mail.wou.edu” instead of “yourname@wou.edu” in Google services. Particularly, when you send an email, Gmail will use “yourname@mail.wou.edu” as the From address, unless you tell it to use “yourname@wou.edu” instead.  (We have instructions for that in the WOU Google Apps tutorial page; see step C in the PDF guide to transferring your old mail.)

Google accounts and GA accounts used to be completely different under the hood, and GA accounts could not access services like Picasa and Blogger that aren’t part of the core Google Apps suite like Gmail, Google Calendar, Google Docs, etc.  In 2010, however, Google changed the inner workings of GA accounts so they were more like Google Accounts; if you’re looking at Google’s help pages and see a reference to “transitioning Google Apps Accounts to a new infrastructure”, it’s referring to this change.

Since the change, GA accounts can use most services offered by Google, not just the Google Apps suite.  Most, but not all; Blogger and the new Google+ and any other service requiring a public profile are still not available to GA accounts.  Well, Blogger sort of is, but only if you sign up for it using a Google Account and then link your GA account to it.  (I’ll post a separate entry about that soon.)

As of the start of November 2011, Google announced that Google+ would be available to most Google Apps domains.  Because the minimum age for Google+ is 18, any educational institution wanting to enable Google+  for their GA domain needs to prove that they’re a college or university.  We’ve put in an application for this, and soon should get the option to enable Google+ on mail.wou.edu.

However, I don’t know when that will be; supposedly there’s a wait time because they have lots of applications to process.  Once that’s done, your WOU GA Account will be almost exactly like a Google Account, and you (hopefully) won’t have to worry about the difference anymore.

Meanwhile, I hope this helped!

SSL certificate weirdness

Explanation, Security, WOU website

Recently we moved the WOU forums server to a better machine, but then we noticed that Internet Explorer was no longer accepting the server’s SSL certificate, so it couldn’t make a secure connection. Firefox, on the other hand, was perfectly fine with the cert and established a perfectly valid SSL connection.

Those of you who are all up on modern web security practices probably recognize this problem already, but I didn’t have the relevant information and was completely boggled.

When I looked at our certificate vendor’s support site for the third or fourth time, I found a certificate installation checker. It was right there on the support homepage all along, but I guess you tend to miss things if you’re only focusing in on your latest guess rather than keeping the main problem in your mind.
Anyway, this checker lets you enter a hostname and port and it will tell you if the cert on that connection is valid, and if not, what’s wrong with it. That told me that the forums server was missing two intermediate CA certs. I didn’t understand what was up with that, but it gave me the certs to install, so I shrugged and dropped them into the webserver’s cert DB and voila– IE quit complaining and reported a valid secure connection.
I still didn’t understand what was going on and why that solution worked, so I did a bit of digging around.
Apparently in recent years, certification authorities have moved from signing customer certs directly with a root certificate, to signing them with an intermediate certificate which is signed by the CA’s root (or possibly by a higher-level intermediate cert that is signed by the root). All modern browsers come with root certs from many different certification authorities, but that is no longer enough by itself because most site certs are no longer directly signed by the CA root.
Firefox has a bunch of intermediate certs installed in it by default, so it can validate certs from sites that don’t provide the whole chain. IE on the other hand only has the root certs, so unless a webserver provides the intermediate certs, IE users are out of luck (insert obligatory firefox-is-better assertion here.)
I suppose at some point I could explain about SSL and certificates and signing and all that, but maybe later.

Connecting to a website with Macromedia Contribute (Updated for CS4)

Email, Explanation, WOU website

(As of July 2011, this entry has been updated for use with Contribute CS4. If you are still using CS3, see Danielle or I for help with updating.)

This is another in an occasional series of instructional entries.

Most people who edit pages on the WOU website use Macromedia Contribute. (Well, OK, technically it’s adobe now, since they bought out Macromedia.) Before you can get started editing, though, you need to connect to your site. Here’s how to do that:

  1. First, you need to know your website folder. For example, if your website is https://wou.edu/test/example/index.php, then your website folder is test/example.
  2. Open Macromedia Contribute. You probably don’t have it installed on your machine, so you will need to use Remote Desktop to log into ts.wou.edu. Once there, look in the Start Menu, All Programs for Contribute CS4. Important: do not go to “ts9.wou.edu” as before; just use “ts.wou.edu”.
  3. In Contribute’s address bar, enter “X:\(your web folder)\_mm\publisher”. Continuing the example above, you would enter “X:\test\example\_mm\publisher”. Be sure to use backslashes (above the enter key on most keyboards) rather than normal slashes. Take a moment to thank Bill Gates for making this more complicated than it needs to be.
  4. After hitting Enter on that address, you should see a purple and grey icon in the main window of Contribute. Double-click it. If you are warned about an unsafe system action, click Yes to continue. A dialog box should pop up, asking for your name, email address, and a connection password.
  5. If your personal info is not automatically entered, put it in. For the password, use “publisher4” instead of your own password. Don’t worry about this password being insecure; the real security on the website works at a deeper level.
  6. The dialog box should disappear, and you should be taken to your site’s home page. From there, you can navigate to any page within your site and use the Edit button to begin editing. That’s all! Next time you start Contribute, it should remember your connection, but if you ever start up Contribute and it doesn’t show your connection, just go through these steps again.

One more thing: After clicking Edit and making changes on a page, make sure you either publish it, cancel it, or save it for later. If you quit the program without doing any of these things, the page will be locked and you will get an error the next time you try to edit the page; Contribute will think that you are already editing it on another machine and not let you in. Call or email me to get that lock cleared.

If you want training with Contribute or about Web design, contact Scott Carter in the Technology Resource Center, at carters@wou.edu or extension 88848. I can answer basic questions and help if anything seems to be wrong, but Scott handles any training beyond that.

Google Docs Basics: uploading and sharing.

Explanation, Google Apps

This is another in an occasional series of “howto” instructional documents.

To use Google Docs, go to docs.google.com. If you already have a Gmail or Google Docs account, log in with that username and password. Otherwise, create an account by following the instructions in this howto doccument.

The first time you log in, there will be a “Getting Started” box with an arrow pointing to the Upload button. This button is, naturally enough, what you use to upload files. Next to it is the “Create New” menu; we’ll get to that in a moment, but first let’s talk about uploading.

When you click the Upload button, you’ll be taken to a separate page which tells you how much storage you are currently using, and gives you upload options. Let’s look at these:

  • The Files to upload box shows what files you have currently selected to upload. When you first see open the page, it will say “No files selected”; click the “Select files to upload” link to open a file browser box that lets you choose files from anywhere on your computer or network drives. Navigate to the file you want and click Open to add it to the list of files to upload. You may then click the “Select more files” link if you want to upload more files now.

  • Below this box are conversion options. Regardless of whether you want to cooperatively edit files online, or merely store them for others to view or download, you probably want to leave the checkmark in the box labeled “Convert documents, presentations, and spreadsheets to the corresponding Google Docs formats”. Word processing documents, spreadsheets, powerpoint presentations, and similar documents will be converted into Google Docs formats. This makes them take less storage space, and allows you to edit them online (and optionally allow others to do so.) Images and other file types like PDF documents are unaffected.

  • The other conversion option should probably be left unchecked. However, if you upload an image or PDF document and want Google to attempt to convert it into editable text, check this box. This is a new feature of Google Docs and is not foolproof.

  • Below the legal notice about the Terms of Service, you have two important menus and the upload button. Before clicking “Start upload”, make sure you understand the settings in the menus.

  • The first menu is labeled “Destination folder”. If you don’t choose anything here, the document will be uploaded into your main folder, but you may also choose to put it into any folder you have created, or any folder that others have shared with you. If you are sharing documents (see below), you will probably have a folder in which you want to upload the document into.

  • The second and more important menu lets you choose the document’s visibility setting. By default, it says “Private”, and this is where you will want to leave it most of the time. It is important to note that private documents can still be shared if you specifically designate people to be able to view or edit them, or if you put them in a shared folder. Your other options are “Public on the Web” which makes the document available to anyone and findable in searches, and “Available to anyone who has the link” which means the document won’t be found in searches, but the link to it can be used by anyone to whom you give it (and to anyone those people share it with, and so forth) without requiring a Google Docs account. I strongly recommend leaving documents private unless you have a specific reason the whole world should be able to see them.

  • Finally, you have the Start Upload button, which uploads the documents you’ve selected and converts them according to the options you’ve chosen. While this is happening, you’ll see a progress indicator, and when all files are done you can either click “Upload more files” to, obviously, upload more documents. If you don’t want to upload more documents, just click the “Back to Google Docs” link near the top of the page to return to the main page.

You can share individual documents by clicking on them and then using the Share menu on the details page, but if you have many files to share it is easier to create a shared folder and then simply put documents into it. Here’s how to do that:

  • First, you need to create the folder. Remember that “Create New” menu I mentioned a bit ago? Click it, and choose Folder. This will pop up a window asking you to name the folder; name it something that will make sense to everyone who will be sharing the folder, and click OK.
  • The folder will now appear under “My Folders” in the sidebar. Its name should also be showing in the colored header bar to the right of the Upload button; that means you have it open as the current folder. If it is not open (for example, the header bar it might say “All Items” instead) then click on its name in the sidebar.

  • Once you have the folder open, find the Share menu just below the header bar. In an empty folder like this one, it will only have one item, with greyed-out text saying “Use the checkboxes to select one or more items, or share this folder”. That last part should be a link; click it to bring up the sharing settings window. Note that if you share a document individually, the sharing settings window will be the same, so you can follow the same instructions in that case.
  • The Sharing settings window lists the visibility setting of the folder (the settings are the same as when you upload documents) and anyone who can currently access it in any way. Currently, the folder should be set private, and the only name in the list should be your own. Next to your name, the text “Is Owner” designates that you won this folder and have full rights to it.
  • Below this list is a text box labeled “Add people:” when you click in it, more options will appear, but before you do that, take note of the text below the box. On a newly created folder, it should say “Editors will be allowed to add people and change the permissions” and there will be a Change link next to it. This is very important: if you leave the settings this way, you need to trust everyone to whom you give editing rights, because they will be able to give rights to additional people or even set the folder to be publicly viewable. If you do trust everybody, you can leave this setting alone, otherwise click the “Change” link and choose the other option. This one says “Only the owner can change the permissions” and explains what this means, I highly recommend choosing this more restrictive option if you plan to share any sensitive data in this folder. Whichever you decide, click the Save button to return to the main Sharing settings window.
  • Now, click the Add people box. It will transform into two separate text boxes and some other controls will appear as well. If you have a Gmail account, you can use the “Choose from contacts” link to find people who are already in your Gmail contacts list. Otherwise, you can type the email address of another person who uses Google Docs; however it will only work if you use the exact address they used when creating their account. You can type more than one address if you separate them with commas.
  • Next to that, you will see the permissions menu, which by default says “Can Edit”. If you don’t want these people to edit items in this folder, choose the other option, “Can view”. The larger textbox just below lets you type in a message to be sent to these people along with the automatic notification that this folder has been shared with them.
  • With the first checkbox below the personal message box, you can choose whether to send a copy of the notification to yourself so you see what it looks like; this isn’t really necessary but you can check the box if you wish. The other checkbox is checked by default, and indicates that you want to send the notifications via email; if you uncheck it, the people will only see the notification when they log in to Google Docs. Unless you know they log in regularly, you should leave this box checked.
  • Below the Save and cancel buttons, the editor setting is displayed again, and you have another chance to change it as described above. If it is the way you want it, click Save. The names of the people you added should now be visible in the sharing list, along with the permissions they have; you can change the permission setting by clicking on it, or completely remove their sharing rights by clicking the X.

  • When you are done adding people, click the close button. They should now be able to see this folder in their list of “Folders shared with me” in their sidebar, and click it to see all the documents in it.

Once you’ve shared a folder, you can simply upload documents into it, or drag them from the All Documents list onto the folder name in the sidebar. Now here’s something that will seem weird if you don;t already use Gmail: documents can be in more than one folder. If you share one folder with a certain group of people, and another folder with a different group, you can share a document with both groups by dragging it to both folders. Whether you’re looking at All Documents or the contents of a folder, each document will show the names of the folders it is in; if you want to remove it from a folder, just drag it to the All Documents item in the sidebar (though this only works if you have editing rights on the document.)

Now, you might be thinking “but what about viewing and downloading documents? All this uploading, sharing, and foldering is pretty useless otherwise.” Fair enough; luckily this is easy. Whenever you see the name of a document, you can just click it to get to its details page. This will show you a preview if one is available, and give you links to download the document or open it. Note that some documents, such as video files, cannot be previewed or opened in Google Docs, but can be downloaded.

Anyway, this was just the basic introduction. Like most Google services, there’s a Help link next to the sign our link in the upper right; explore that for lots more about Google Docs!