Re: Encrypting Stack Breaks Field References

2020-12-22 Thread J. Landman Gay via use-livecode 
Rather, I didn't mean the team invented script-only stacks for Trevor in 
particular, but rather than they moved to git and needed text files.


English is such a positional language.
--
Jacqueline Landman Gay | jac...@hyperactivesw.com
HyperActive Software | http://www.hyperactivesw.com
On December 22, 2020 8:51:36 PM "J. Landman Gay via use-livecode" 
 wrote:



Trevor uses git, which is why script-only stacks were invented. The LC team
uses git too.
--
Jacqueline Landman Gay | jac...@hyperactivesw.com
HyperActive Software | http://www.hyperactivesw.com
On December 22, 2020 6:24:22 PM Bob Sneidar via use-livecode
 wrote:


Hmmm… Isn’t Levure almost completely based on script only stacks?

Bob S



On Dec 22, 2020, at 4:09 PM, J. Landman Gay via use-livecode
 wrote:

Unless you specifically need text files for git or some other reason, you
don't really need script-only stacks. Put the script in a button and then
put it in use or use it as a backscript. It will be encrypted when the
stack is. Another advantage to keeping scripts in the stack is that they
work with remote debugging, unlike text based scripts.

Brian Milby's script tracker is also a way to get the best of both worlds.
It saves scripts out to text files for uploading to github while keeping
the advantages of stack-based scripts.
--
Jacqueline Landman Gay | jac...@hyperactivesw.com
HyperActive Software | http://www.hyperactivesw.com
On December 22, 2020 3:24:11 PM Bob Sneidar via use-livecode
 wrote:


What he said. The promise of creating standalones and encrypted stacks
containing code sounds promising, but there are caveats. It begs the
question, how do we encrypt script only stacks or libraries? I don’t use
encrypted stacks because my code is for internal use only, but if I ever
went commercial, this would be something I would need.

Bob S



On Dec 13, 2020, at 4:02 PM, Richard Gaskin via use-livecode
 wrote:

Ron Noice wrote:

? My program (built with LC 9.6.1 Indy Windows) contains a large number
> of references to fields by variables.
...
> only when I encrypt it does it fight back. Here's a simplified example
> of what I'm doing:
>
> create group "grpTree"
> ...
> copy fld "baseBox" to grp "grpTree"

^ that's your issue.

Copying objects is disallowed in an encrypted stack, since of course once
an object is copied it could be pasted into an unencrypted stack, and thus
expose the source.

You might consider moving the code from the encrypted stack to an encrypted
behavior object, leaving the stack where copying must be done unencrypted.

But if these objects are being copied only by script for the purpose of
automatically building out a UI, without a need to alter the user's
clipboard, you might consider using the clone command instead.

--
Richard Gaskin
Fourth World Systems
Software Design and Development for the Desktop, Mobile, and the Web


___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your
subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode





___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your
subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode


___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your
subscription preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode





___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your 
subscription preferences:

http://lists.runrev.com/mailman/listinfo/use-livecode





___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode

Re: Encrypting Stack Breaks Field References

2020-12-22 Thread J. Landman Gay via use-livecode 
Trevor uses git, which is why script-only stacks were invented. The LC team 
uses git too.

--
Jacqueline Landman Gay | jac...@hyperactivesw.com
HyperActive Software | http://www.hyperactivesw.com
On December 22, 2020 6:24:22 PM Bob Sneidar via use-livecode 
 wrote:



Hmmm… Isn’t Levure almost completely based on script only stacks?

Bob S


On Dec 22, 2020, at 4:09 PM, J. Landman Gay via use-livecode 
 wrote:


Unless you specifically need text files for git or some other reason, you 
don't really need script-only stacks. Put the script in a button and then 
put it in use or use it as a backscript. It will be encrypted when the 
stack is. Another advantage to keeping scripts in the stack is that they 
work with remote debugging, unlike text based scripts.


Brian Milby's script tracker is also a way to get the best of both worlds. 
It saves scripts out to text files for uploading to github while keeping 
the advantages of stack-based scripts.

--
Jacqueline Landman Gay | jac...@hyperactivesw.com
HyperActive Software | http://www.hyperactivesw.com
On December 22, 2020 3:24:11 PM Bob Sneidar via use-livecode 
 wrote:


What he said. The promise of creating standalones and encrypted stacks 
containing code sounds promising, but there are caveats. It begs the 
question, how do we encrypt script only stacks or libraries? I don’t use 
encrypted stacks because my code is for internal use only, but if I ever 
went commercial, this would be something I would need.


Bob S


On Dec 13, 2020, at 4:02 PM, Richard Gaskin via use-livecode 
 wrote:


Ron Noice wrote:

? My program (built with LC 9.6.1 Indy Windows) contains a large number
> of references to fields by variables.
...
> only when I encrypt it does it fight back. Here's a simplified example
> of what I'm doing:
>
> create group "grpTree"
> ...
> copy fld "baseBox" to grp "grpTree"

^ that's your issue.

Copying objects is disallowed in an encrypted stack, since of course once 
an object is copied it could be pasted into an unencrypted stack, and thus 
expose the source.


You might consider moving the code from the encrypted stack to an encrypted 
behavior object, leaving the stack where copying must be done unencrypted.


But if these objects are being copied only by script for the purpose of 
automatically building out a UI, without a need to alter the user's 
clipboard, you might consider using the clone command instead.


--
Richard Gaskin
Fourth World Systems
Software Design and Development for the Desktop, Mobile, and the Web


___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your 
subscription preferences:

http://lists.runrev.com/mailman/listinfo/use-livecode





___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your 
subscription preferences:

http://lists.runrev.com/mailman/listinfo/use-livecode


___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your 
subscription preferences:

http://lists.runrev.com/mailman/listinfo/use-livecode





___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode

Re: Encrypting Stack Breaks Field References

2020-12-22 Thread Bob Sneidar via use-livecode 
Hmmm… Isn’t Levure almost completely based on script only stacks? 

Bob S


> On Dec 22, 2020, at 4:09 PM, J. Landman Gay via use-livecode 
>  wrote:
> 
> Unless you specifically need text files for git or some other reason, you 
> don't really need script-only stacks. Put the script in a button and then put 
> it in use or use it as a backscript. It will be encrypted when the stack is. 
> Another advantage to keeping scripts in the stack is that they work with 
> remote debugging, unlike text based scripts.
> 
> Brian Milby's script tracker is also a way to get the best of both worlds. It 
> saves scripts out to text files for uploading to github while keeping the 
> advantages of stack-based scripts.
> --
> Jacqueline Landman Gay | jac...@hyperactivesw.com
> HyperActive Software | http://www.hyperactivesw.com
> On December 22, 2020 3:24:11 PM Bob Sneidar via use-livecode 
>  wrote:
> 
>> What he said. The promise of creating standalones and encrypted stacks 
>> containing code sounds promising, but there are caveats. It begs the 
>> question, how do we encrypt script only stacks or libraries? I don’t use 
>> encrypted stacks because my code is for internal use only, but if I ever 
>> went commercial, this would be something I would need.
>> 
>> Bob S
>> 
>> 
>>> On Dec 13, 2020, at 4:02 PM, Richard Gaskin via use-livecode 
>>>  wrote:
>>> 
>>> Ron Noice wrote:
>>> 
>>> ? My program (built with LC 9.6.1 Indy Windows) contains a large number
>>> > of references to fields by variables.
>>> ...
>>> > only when I encrypt it does it fight back. Here's a simplified example
>>> > of what I'm doing:
>>> >
>>> > create group "grpTree"
>>> > ...
>>> > copy fld "baseBox" to grp "grpTree"
>>> 
>>> ^ that's your issue.
>>> 
>>> Copying objects is disallowed in an encrypted stack, since of course once 
>>> an object is copied it could be pasted into an unencrypted stack, and thus 
>>> expose the source.
>>> 
>>> You might consider moving the code from the encrypted stack to an encrypted 
>>> behavior object, leaving the stack where copying must be done unencrypted.
>>> 
>>> But if these objects are being copied only by script for the purpose of 
>>> automatically building out a UI, without a need to alter the user's 
>>> clipboard, you might consider using the clone command instead.
>>> 
>>> --
>>> Richard Gaskin
>>> Fourth World Systems
>>> Software Design and Development for the Desktop, Mobile, and the Web
>> 
>> ___
>> use-livecode mailing list
>> use-livecode@lists.runrev.com
>> Please visit this url to subscribe, unsubscribe and manage your subscription 
>> preferences:
>> http://lists.runrev.com/mailman/listinfo/use-livecode
> 
> 
> 
> 
> ___
> use-livecode mailing list
> use-livecode@lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your subscription 
> preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode

___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode

Re: Encrypting Stack Breaks Field References

2020-12-22 Thread J. Landman Gay via use-livecode 
Unless you specifically need text files for git or some other reason, you 
don't really need script-only stacks. Put the script in a button and then 
put it in use or use it as a backscript. It will be encrypted when the 
stack is. Another advantage to keeping scripts in the stack is that they 
work with remote debugging, unlike text based scripts.


Brian Milby's script tracker is also a way to get the best of both worlds. 
It saves scripts out to text files for uploading to github while keeping 
the advantages of stack-based scripts.

--
Jacqueline Landman Gay | jac...@hyperactivesw.com
HyperActive Software | http://www.hyperactivesw.com
On December 22, 2020 3:24:11 PM Bob Sneidar via use-livecode 
 wrote:


What he said. The promise of creating standalones and encrypted stacks 
containing code sounds promising, but there are caveats. It begs the 
question, how do we encrypt script only stacks or libraries? I don’t use 
encrypted stacks because my code is for internal use only, but if I ever 
went commercial, this would be something I would need.


Bob S


On Dec 13, 2020, at 4:02 PM, Richard Gaskin via use-livecode 
 wrote:


Ron Noice wrote:

? My program (built with LC 9.6.1 Indy Windows) contains a large number
> of references to fields by variables.
...
> only when I encrypt it does it fight back. Here's a simplified example
> of what I'm doing:
>
> create group "grpTree"
> ...
> copy fld "baseBox" to grp "grpTree"

^ that's your issue.

Copying objects is disallowed in an encrypted stack, since of course once 
an object is copied it could be pasted into an unencrypted stack, and thus 
expose the source.


You might consider moving the code from the encrypted stack to an encrypted 
behavior object, leaving the stack where copying must be done unencrypted.


But if these objects are being copied only by script for the purpose of 
automatically building out a UI, without a need to alter the user's 
clipboard, you might consider using the clone command instead.


--
Richard Gaskin
Fourth World Systems
Software Design and Development for the Desktop, Mobile, and the Web


___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your 
subscription preferences:

http://lists.runrev.com/mailman/listinfo/use-livecode





___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode

Re: Secure connection to server

2020-12-22 Thread Bob Sneidar via use-livecode 
I think I remember why I couldn’t do it. I was using the loopback connector for 
some reason.

Bob S


On Dec 22, 2020, at 2:21 PM, Ralph DiMola via use-livecode 
mailto:use-livecode@lists.runrev.com>> wrote:

Tried it on Mac (Mojave) and it worked. Though I did have to use the IP address 
rather than the Mac's name in the client. I wonder what I'm doing wrong?

Ralph DiMola
IT Director
Evergreen Information Services
rdim...@evergreeninfo.net

___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode

Re: Encrypting Stack Breaks Field References

2020-12-22 Thread Curry Kenworthy via use-livecode 



Bob:

> The promise of creating standalones and encrypted stacks
> containing code sounds promising, but there are caveats.

Just like anything else - you have to learn the ropes. First time at any 
task can present some challenges. For those in the habit of encrypting 
stacks, it comes more naturally.


Script-only would require the most discipline, so start with UI+script 
projects and work your way up from there.


(Bug-reporting as you go, if necessary. The history of LC protection, 
like LC everything else, has not been without hiccups along the way.)


Also

No idea if it happened in this particular case, but I see plenty of 
similar problems people have due to the copy/paste LC coding culture.


By which I mean: How do I do X in LC? Ah, here's some code - presto!

The problem SEEMS solved. Learning SEEMS to have happened.

The perfect Acme solution. Then a different context comes along, maybe a 
different OS, or an encrypted stack and - wham - coyote hits a wall. 
Road runner zooms away.


People don't realize (and someone may pipe up and argue against) the 
fact that just because code works once, in one context, doesn't mean 
it's good code that should be liberally pasted. Or promoted as sample 
code. There is so much sample code out there, but the quality really 
varies. Bad sample code can hurt people.


So to all coders in general and Livecoders in particular - be careful 
what you paste. Have realistic expectations and a cautious approach. 
Take the time to understand the code you're working with and the LC 
keywords involved.


Good code has some extra qualities, such as: robust, efficient, modular, 
easy to maintain, and widely applicable. Bonus for heavily tested.


Likewise, copy/paste coding does not result in the same level of coding 
proficiency as fluency to think and write in the LC language. You have 
to exercise your LC-cep just like any other muscle.


(Here I would anticipate a smart aleck asking why don't I post all the 
perfect samples; there is always some pushback against both common sense 
and less-frequent posters on this list. But as usual, I've already 
answered that question before it was asked. Sorry coyote. Beep beep.)


Hope everyone is doing well!

Best wishes,

Curry Kenworthy

Custom Software Development
"Better Methods, Better Results"
LiveCode Training and Consulting
http://livecodeconsulting.com/

___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode

Re: Encrypting Stack Breaks Field References

2020-12-22 Thread Trevor DeVore via use-livecode 
On Tue, Dec 22, 2020 at 3:23 PM Bob Sneidar via use-livecode <
use-livecode@lists.runrev.com> wrote:

> What he said. The promise of creating standalones and encrypted stacks
> containing code sounds promising, but there are caveats. It begs the
> question, how do we encrypt script only stacks or libraries? I don’t use
> encrypted stacks because my code is for internal use only, but if I ever
> went commercial, this would be something I would need.


It is possible to convert script only stacks to binary, encrypted stacks
and save them using the same file name. The Levure app packaging  scripts
will do this when you package up an app. So you get the benefit of script
only stacks during development and the protection of encrypted when you
distribute.

-- 
Trevor DeVore
ScreenSteps

>
___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode

RE: Secure connection to server

2020-12-22 Thread Ralph DiMola via use-livecode 
Tried it on Mac (Mojave) and it worked. Though I did have to use the IP address 
rather than the Mac's name in the client. I wonder what I'm doing wrong?

Ralph DiMola
IT Director
Evergreen Information Services
rdim...@evergreeninfo.net

-Original Message-
From: use-livecode [mailto:use-livecode-boun...@lists.runrev.com] On Behalf Of 
Bob Sneidar via use-livecode
Sent: Tuesday, December 22, 2020 4:48 PM
To: How to use LiveCode
Cc: Bob Sneidar
Subject: Re: Secure connection to server

Hmmm… didn’t work on my Mac. Not sure why, it may be something I did.

Bob S


On Dec 22, 2020, at 1:48 PM, Ralph DiMola via use-livecode 
mailto:use-livecode@lists.runrev.com>> wrote:

I'm able to have the socket client and server on the same device. (Win 10)

Ralph DiMola
IT Director
Evergreen Information Services
rdim...@evergreeninfo.net

___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode


___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode

Re: Secure connection to server

2020-12-22 Thread Bob Sneidar via use-livecode 
Hmmm… didn’t work on my Mac. Not sure why, it may be something I did.

Bob S


On Dec 22, 2020, at 1:48 PM, Ralph DiMola via use-livecode 
mailto:use-livecode@lists.runrev.com>> wrote:

I'm able to have the socket client and server on the same device. (Win 10)

Ralph DiMola
IT Director
Evergreen Information Services
rdim...@evergreeninfo.net

___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode

RE: Secure connection to server

2020-12-22 Thread Ralph DiMola via use-livecode 
I'm able to have the socket client and server on the same device. (Win 10)

Ralph DiMola
IT Director
Evergreen Information Services
rdim...@evergreeninfo.net


-Original Message-
From: use-livecode [mailto:use-livecode-boun...@lists.runrev.com] On Behalf Of 
Bob Sneidar via use-livecode
Sent: Tuesday, December 22, 2020 4:34 PM
To: How to use LiveCode
Cc: Bob Sneidar
Subject: Re: Secure connection to server

I created a simple client and server stack combo that uses sockets to pass an 
encrypted stream of data back and forth. I have been meaning to implement it 
for the very reasons you suggest, but since the nature of the data doesn’t 
demand it, and since I develop basically gratis for the company I work for, it 
hasn’t been a priority. The concept is simple though. Start with a server stack 
that listens on a certain port, then create a client stack that opens a port to 
that server. (You can’t do it on a single workstation, the server has to be a 
different device.)

Once you have that, code the server to accept the data, then send it back to 
the client. Once that is working, encrypt / decrypt the data both ways and 
check that what you sent is what you receive.

Finally code the server to receive the data, do some process then return the 
resulting data. Simple, right? :-)

Bob S


On Dec 15, 2020, at 4:32 PM, Neville Smythe via use-livecode 
mailto:use-livecode@lists.runrev.com>> wrote:

A little while ago in this forum we were alerted to the fact that LC direct 
connection to a remote database not using SSL was a security hole. This also 
applies to managing Mailman lists on a remote server.

After a steep (re-)learning curve with the various technologies, I now have a 
working method in place for both mysql and Mailman connections, using php as 
middleware and posting via curl in a shell script. But it is sooo slooow.

Direct connection downloaded an sql query in a fraction of a second. It now 
takes over a second. This is acceptable (barely) for an isolated call,  but I 
sometimes need to make a sequence of posts. As I understand it, the slowness is 
due to the time required to establish the secure connection, not an LC problem. 
For example establishing an ssh connection in Terminal is even slower; but once 
established an ssh session is super fast. Similarly curl will reuse 
authentication credentials within a shell session, so I aggregate as many calls 
as I can with a single shell script before using shell(myscript), and this 
definitely helps.

What I would like to do however is use LC server as the middleware: I could 
then process the required data on the server side; I could not contemplate 
using php to do this. I suspect the LC post command uses curl under the hood, 
but I also suspect each post call would create its own session. I don’t think 
it is possible to establish a single session to talk sequentially to lcserver; 
if so this would be too slow. Am I correct?

Actually I guess I could  just use my present method using curl and shell() 
instead of post, but addressed to an .lc script instead of .php?

Or is there a whole better way to do what I want?

Neville Smythe

___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode


___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode

Re: Secure connection to server

2020-12-22 Thread Bob Sneidar via use-livecode 
I created a simple client and server stack combo that uses sockets to pass an 
encrypted stream of data back and forth. I have been meaning to implement it 
for the very reasons you suggest, but since the nature of the data doesn’t 
demand it, and since I develop basically gratis for the company I work for, it 
hasn’t been a priority. The concept is simple though. Start with a server stack 
that listens on a certain port, then create a client stack that opens a port to 
that server. (You can’t do it on a single workstation, the server has to be a 
different device.)

Once you have that, code the server to accept the data, then send it back to 
the client. Once that is working, encrypt / decrypt the data both ways and 
check that what you sent is what you receive.

Finally code the server to receive the data, do some process then return the 
resulting data. Simple, right? :-)

Bob S


On Dec 15, 2020, at 4:32 PM, Neville Smythe via use-livecode 
mailto:use-livecode@lists.runrev.com>> wrote:

A little while ago in this forum we were alerted to the fact that LC direct 
connection to a remote database not using SSL was a security hole. This also 
applies to managing Mailman lists on a remote server.

After a steep (re-)learning curve with the various technologies, I now have a 
working method in place for both mysql and Mailman connections, using php as 
middleware and posting via curl in a shell script. But it is sooo slooow.

Direct connection downloaded an sql query in a fraction of a second. It now 
takes over a second. This is acceptable (barely) for an isolated call,  but I 
sometimes need to make a sequence of posts. As I understand it, the slowness is 
due to the time required to establish the secure connection, not an LC problem. 
For example establishing an ssh connection in Terminal is even slower; but once 
established an ssh session is super fast. Similarly curl will reuse 
authentication credentials within a shell session, so I aggregate as many calls 
as I can with a single shell script before using shell(myscript), and this 
definitely helps.

What I would like to do however is use LC server as the middleware: I could 
then process the required data on the server side; I could not contemplate 
using php to do this. I suspect the LC post command uses curl under the hood, 
but I also suspect each post call would create its own session. I don’t think 
it is possible to establish a single session to talk sequentially to lcserver; 
if so this would be too slow. Am I correct?

Actually I guess I could  just use my present method using curl and shell() 
instead of post, but addressed to an .lc script instead of .php?

Or is there a whole better way to do what I want?

Neville Smythe

___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode

Re: Encrypting Stack Breaks Field References

2020-12-22 Thread Bob Sneidar via use-livecode 
What he said. The promise of creating standalones and encrypted stacks 
containing code sounds promising, but there are caveats. It begs the question, 
how do we encrypt script only stacks or libraries? I don’t use encrypted stacks 
because my code is for internal use only, but if I ever went commercial, this 
would be something I would need. 

Bob S


> On Dec 13, 2020, at 4:02 PM, Richard Gaskin via use-livecode 
>  wrote:
> 
> Ron Noice wrote:
> 
> ? My program (built with LC 9.6.1 Indy Windows) contains a large number
> > of references to fields by variables.
> ...
> > only when I encrypt it does it fight back. Here's a simplified example
> > of what I'm doing:
> >
> > create group "grpTree"
> > ...
> > copy fld "baseBox" to grp "grpTree"
> 
> ^ that's your issue.
> 
> Copying objects is disallowed in an encrypted stack, since of course once an 
> object is copied it could be pasted into an unencrypted stack, and thus 
> expose the source.
> 
> You might consider moving the code from the encrypted stack to an encrypted 
> behavior object, leaving the stack where copying must be done unencrypted.
> 
> But if these objects are being copied only by script for the purpose of 
> automatically building out a UI, without a need to alter the user's 
> clipboard, you might consider using the clone command instead.
> 
> -- 
> Richard Gaskin
> Fourth World Systems
> Software Design and Development for the Desktop, Mobile, and the Web

___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode

Re: Rer: Decrypt problem on Windows solved

2020-12-22 Thread Bob Sneidar via use-livecode 
I get a user entered password and encrypt it before storing it. It works cross 
platform. I suppose it would depend on what is in the original string. For 
instance option-v produces a checkmark on a Mac, but NOT on a PC and I assume 
Linux. Normal ASCII-256 characters should work fine.

Bob S


On Dec 14, 2020, at 2:56 PM, Neville Smythe via use-livecode 
mailto:use-livecode@lists.runrev.com>> wrote:

Could you try to textEncode the encrypted data before saving it in the
custom property, and then, in the other platform, textDecode it before
decrypting it?

Many thanks Panos, yes, that fixed the problem.

It never occurred to me that reading binary data from the custom properties of 
a stack should be treated with same caveat as downloading from an external 
source. Todays “learnings” (horrible newly fashionable word).

Neville Smythe

___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode

RE: Android Keystore signing problem

2020-12-22 Thread Ralph DiMola via use-livecode 
Scott,

Well thanks to Panos also. Two other options are to edit the script and add a 
"put" or an "answer". This edit will disappear after an LC restart.

Ralph DiMola
IT Director
Evergreen Information Services
rdim...@evergreeninfo.net

-Original Message-
From: use-livecode [mailto:use-livecode-boun...@lists.runrev.com] On Behalf Of 
scott--- via use-livecode
Sent: Tuesday, December 22, 2020 4:41 AM
To: How to use LiveCode
Cc: sc...@elementarysoftware.com
Subject: Re: Android Keystore signing problem

Thank you, Panos.

—
Scott

> On Dec 21, 2020, at 11:38 PM, panagiotis merakos via use-livecode 
>  wrote:
> 
> Hello Scott,
> 
> When adding breakpoints in IDE scripts, you also need to do (in the 
> msg
> box):
> 
> put true into gRevDevelopment
> 
> otherwise breakpoints won't be respected.
> 
> Kind regards,
> Panos
> --
> 
> On Tue, 22 Dec 2020 at 02:20, scott--- via use-livecode < 
> use-livecode@lists.runrev.com> wrote:
> 
>> Hello All,
>> 
>> I used edit the script of stack “revSaveAsAndroidStandalone”in the
>> message box and  tried putting a breakpoint in at that spot (and several
>> others) but it isn’t triggering.   This inside the handler:
>> 
>> private command revSaveAsMobileStandaloneMain
>> 
>> I’m not sure that I’ve ever done more than examine LC scripts. Is 
>> there something else I need to know in order to get the debugger to 
>> open on a breakpoint with them? (Script Debug Mode is checked :- )
>> 
>> I’ve restarted the computer and tried a couple different versions of 
>> Livecode… feeling even more clueless than usual.
>> 
>> —
>> Scott
>> 
>>> On Dec 21, 2020, at 7:24 AM, Ralph DiMola via use-livecode <
>> use-livecode@lists.runrev.com> wrote:
>>> 
>>> Scott.
>>> 
>>> I looked at the source of stack "revSaveAsAndroidStandalone" and it
>> looks like it failed at line 1067 or 1069 (9.6.1). As JLM said this 
>> appears that the keystore your referencing does not hold the alias your 
>> entering.
>> Everything after "There was an error while saving the standalone 
>> application signing failed-" is coming from the jar signer(but only 
>> word 4 to -1). You can put in a breakpoint at 1065 and examine the 
>> full result of the shell to jar signer.
>>> 
>>> Ralph DiMola
>>> IT Director
>>> Evergreen Information Services
>>> rdim...@evergreeninfo.net
>>> 
>>> 
>>> -Original Message-
>>> From: use-livecode [mailto:use-livecode-boun...@lists.runrev.com] On
>> Behalf Of J. Landman Gay via use-livecode
>>> Sent: Sunday, December 20, 2020 11:18 PM
>>> To: How to use LiveCode
>>> Cc: J. Landman Gay
>>> Subject: Re: Android Keystore signing problem
>>> 
>>> If it was working before then it should still work now. Check the
>> Android settings and make sure that the path to the file is correct. 
>> The error sounds like LC can't find it.
>>> 
>>> --
>>> Jacqueline Landman Gay | jac...@hyperactivesw.com HyperActive 
>>> Software
>> | http://www.hyperactivesw.com On December 20, 2020 7:07:05 PM 
>> | scott---
>> via use-livecode  wrote:
>>> 
 When trying to create an update for an app on Google Play I am 
 getting this message when attempting to create the standalone .apk.
 
 "There was an error while saving the standalone application signing 
 failed - Certificate chain not found for: .
>> 
  must reference a valid KeyStore key entry 
 containing a private key and corresponding public key certifcate chain."
 
 (Where  is actually my keystore alias.)
 
 This is the same keystore file that I have used in the past. My 
 understanding (and failed attempts) indicate that creating a new 
 keystore file won’t work if I’m using it to update an existing app 
 on
>> the Play Store.
 I’m quite inexperienced with android builds. Any suggestions would 
 be most welcome as I’ve about run out of ideas (and Google search
 queries.)
 
 --
 Scott Morrow
 
 Elementary Software
 (Now with 20% less chalk dust!)
 web   https://elementarysoftware.com/
 email sc...@elementarysoftware.com
 booth1-360-734-4701
 --
 
 
 
 
 
 
 
 
 ___
 use-livecode mailing list
 use-livecode@lists.runrev.com
 Please visit this url to subscribe, unsubscribe and manage your 
 subscription preferences:
 http://lists.runrev.com/mailman/listinfo/use-livecode
>>> 
>>> 
>>> 
>>> 
>>> ___
>>> use-livecode mailing list
>>> use-livecode@lists.runrev.com
>>> Please visit this url to subscribe, unsubscribe and manage your
>> subscription preferences:
>>> http://lists.runrev.com/mailman/listinfo/use-livecode
>>> 
>>> 
>>> ___
>>> use-livecode mailing list
>>> use-livecode@lists.runrev.com
>>> Please visit this url to subscribe, unsubscribe and manage your
>> subscription

Re: Android Keystore signing problem

2020-12-22 Thread scott--- via use-livecode 
Thank you, Panos.

—
Scott

> On Dec 21, 2020, at 11:38 PM, panagiotis merakos via use-livecode 
>  wrote:
> 
> Hello Scott,
> 
> When adding breakpoints in IDE scripts, you also need to do (in the msg
> box):
> 
> put true into gRevDevelopment
> 
> otherwise breakpoints won't be respected.
> 
> Kind regards,
> Panos
> --
> 
> On Tue, 22 Dec 2020 at 02:20, scott--- via use-livecode <
> use-livecode@lists.runrev.com> wrote:
> 
>> Hello All,
>> 
>> I used edit the script of stack “revSaveAsAndroidStandalone”in the
>> message box and  tried putting a breakpoint in at that spot (and several
>> others) but it isn’t triggering.   This inside the handler:
>> 
>> private command revSaveAsMobileStandaloneMain
>> 
>> I’m not sure that I’ve ever done more than examine LC scripts. Is there
>> something else I need to know in order to get the debugger to open on a
>> breakpoint with them? (Script Debug Mode is checked :- )
>> 
>> I’ve restarted the computer and tried a couple different versions of
>> Livecode… feeling even more clueless than usual.
>> 
>> —
>> Scott
>> 
>>> On Dec 21, 2020, at 7:24 AM, Ralph DiMola via use-livecode <
>> use-livecode@lists.runrev.com> wrote:
>>> 
>>> Scott.
>>> 
>>> I looked at the source of stack "revSaveAsAndroidStandalone" and it
>> looks like it failed at line 1067 or 1069 (9.6.1). As JLM said this appears
>> that the keystore your referencing does not hold the alias your entering.
>> Everything after "There was an error while saving the standalone
>> application signing failed-" is coming from the jar signer(but only word 4
>> to -1). You can put in a breakpoint at 1065 and examine the full result of
>> the shell to jar signer.
>>> 
>>> Ralph DiMola
>>> IT Director
>>> Evergreen Information Services
>>> rdim...@evergreeninfo.net
>>> 
>>> 
>>> -Original Message-
>>> From: use-livecode [mailto:use-livecode-boun...@lists.runrev.com] On
>> Behalf Of J. Landman Gay via use-livecode
>>> Sent: Sunday, December 20, 2020 11:18 PM
>>> To: How to use LiveCode
>>> Cc: J. Landman Gay
>>> Subject: Re: Android Keystore signing problem
>>> 
>>> If it was working before then it should still work now. Check the
>> Android settings and make sure that the path to the file is correct. The
>> error sounds like LC can't find it.
>>> 
>>> --
>>> Jacqueline Landman Gay | jac...@hyperactivesw.com HyperActive Software
>> | http://www.hyperactivesw.com On December 20, 2020 7:07:05 PM scott---
>> via use-livecode  wrote:
>>> 
 When trying to create an update for an app on Google Play I am getting
 this message when attempting to create the standalone .apk.
 
 "There was an error while saving the standalone application
 signing failed - Certificate chain not found for: .
>> 
  must reference a valid KeyStore key entry
 containing a private key and corresponding public key certifcate chain."
 
 (Where  is actually my keystore alias.)
 
 This is the same keystore file that I have used in the past. My
 understanding (and failed attempts) indicate that creating a new
 keystore file won’t work if I’m using it to update an existing app on
>> the Play Store.
 I’m quite inexperienced with android builds. Any suggestions would be
 most welcome as I’ve about run out of ideas (and Google search
 queries.)
 
 --
 Scott Morrow
 
 Elementary Software
 (Now with 20% less chalk dust!)
 web   https://elementarysoftware.com/
 email sc...@elementarysoftware.com
 booth1-360-734-4701
 --
 
 
 
 
 
 
 
 
 ___
 use-livecode mailing list
 use-livecode@lists.runrev.com
 Please visit this url to subscribe, unsubscribe and manage your
 subscription preferences:
 http://lists.runrev.com/mailman/listinfo/use-livecode
>>> 
>>> 
>>> 
>>> 
>>> ___
>>> use-livecode mailing list
>>> use-livecode@lists.runrev.com
>>> Please visit this url to subscribe, unsubscribe and manage your
>> subscription preferences:
>>> http://lists.runrev.com/mailman/listinfo/use-livecode
>>> 
>>> 
>>> ___
>>> use-livecode mailing list
>>> use-livecode@lists.runrev.com
>>> Please visit this url to subscribe, unsubscribe and manage your
>> subscription preferences:
>>> http://lists.runrev.com/mailman/listinfo/use-livecode
>> 
>> 
>> ___
>> use-livecode mailing list
>> use-livecode@lists.runrev.com
>> Please visit this url to subscribe, unsubscribe and manage your
>> subscription preferences:
>> http://lists.runrev.com/mailman/listinfo/use-livecode
>> 
> ___
> use-livecode mailing list
> use-livecode@lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your subscription 
> preferences:
>