When I'm creating a story, I often have been "timed out" and logged out without warning. When I finally go to "save" I am told I must log in and when I do all of my unsaved story is gone. Is there an auto-save feature I might activate? Or at least some warning to save before I'm kicked off?

to fix a security-hole in antville we had to change the cookie-creation and -handling three days ago. as some of you already noticed the "remember me"-feature seems to work differently. this is because of our fix, and unfortunatly it seems to be the only possible solution:

from now on the "remember me"-feature will only work for those who have a static ip-address, for most modem/adsl-users it won't resp. just as long as they they keep their ip-address. this is because we're now using the client-ip as part of the key that is stored in one of the cookies used by the "remember me"-feature.

those who have antville installed somewhere should update their installations (the fix is already in cvs, in both the main- and the need_for_speed-branch). to give you a brief description: before it was possible for a weblog-owner to retrieve the "remember-me"-cookies of visitors and use them to log in as a differnt user. this has never happened (afaik), but of course we had to fix the hole.

sorry for the inconvenience.

first of all: sorry for the outage of antville.org between 0:15 and 1:00. i had to do alot of maintenance tonight, and it wasn't possible without switching antville off. here's what i did:

• switched to apache 1.3.26 (compiled from sources), restructured apache-config. the home-directory of apache has changed too (and more important: the config is not anymore where it used to be on suse-systems)
• compiled and installed mod_jk 1.2 from sources (for some hidden reasons apache was pretty unwilling to start with the precompiled binary ...)
• cleaned and optimized accesslog-table in database
• switched to helma-snapshot compiled on 20021120

and btw.: anybody knows why the f*** j2sdk1.4.1 needs a hidden directory /etc/.java/? obviously it leads to timeouts in image-upload if this directory is not existing (thanks kris for your report, but you deleted your story before i was able to comment ;-)

so now for the more interesting things: due to the switch to a new helma-version the following problems are solved:

1. there are no problems anymore with spaces encoded as '+' in urls.
2. since hns changed the gif-encoder used in helma (big thanks!) the problems with uploading gifs (some of them would throw a lengthy error) are gone too.

if any of the above problems still occur please report them here.