XMB Forum Software

Holiday Project

miqrogroove - 12-20-2017 at 12:45 PM

Greetings XMB Community!

I've carved out some vacation time for code projects, and XMB made it to the top of my to-do list.

I understand I've missed some significant activity in the community, and I will have to bring myself up to speed on all of that so we can work together as much as possible.

Other immediate tasks have come up that I need to deal with:

Merry Christmas!

lottos - 12-20-2017 at 12:48 PM

Quote: Originally posted by miqrogroove  
Greetings XMB Community!

I've carved out some vacation time for code projects, and XMB made it to the top of my to-do list.

I understand I've missed some significant activity in the community, and I will have to bring myself up to speed on all of that so we can work together as much as possible.

Other immediate tasks have come up that I need to deal with:

  • XMB Must Be Encrypted - Any XMB bugs or inconsistency with HTTPS URLs will have omg-pants-on-fire priority, right now.

  • Host Migration - The xmbforum2.com website must be moved to a better host that provides encryption, in support of the task above. The bug tracker is already on a new server at https://bugs.xmbforum2.com/ My annual bill for the old host is due January 19, and I do not want to pay that bill. That's called motivation!

  • Compatibility with Latest PHP and MySQL Servers - I did already commit some code changes earlier this year, so I hope this is nearly complete. This ties in with the host migration. The "new" community server will run the latest software.

Merry Christmas!


Great to see you back!

miqrogroove - 12-20-2017 at 12:59 PM

Thank you. And my subscription e-mail never came through on your reply. Is it just me?

Also, temporarily disabled hotlink protection. The Vary:Referer header was interfering with Chrome's image cache. Apache requires a special "NV" flag to avoid this problem. Will test this more later.

lottos - 12-20-2017 at 08:58 PM

Quote: Originally posted by miqrogroove  
Thank you. And my subscription e-mail never came through on your reply. Is it just me?

Also, temporarily disabled hotlink protection. The Vary:Referer header was interfering with Chrome's image cache. Apache requires a special "NV" flag to avoid this problem. Will test this more later.


Not sure, I don't usually subscribe to topics, but here is another reply as requested! I did receive an email in regard to one of the bugs I reported - the trivial spelling issue [XMB1 0000510]: Spelling mistake in English.php

kuba1 - 12-20-2017 at 10:59 PM

Awesomeness! I can probably assist if needed. I havenít done much in quite some time, but, Iíll do whatever I can

miqrogroove - 12-20-2017 at 11:15 PM

I'm in the middle of reviewing the HTTPS avatars patch. It gets part of the problem fixed, but needs to touch many more files that duplicate the code.

After the migration and patching, we should have a regular release cycle. That means testing and review, at least.

kuba1 - 12-20-2017 at 11:46 PM

Iíll be around. This is the first holiday season in years we are staying home. I can definitely help with testing, or anything else you need.

miqrogroove - 12-21-2017 at 12:48 AM

Avatar rabbit holes patched. This forum is updated and r2710 - r2711 in SVN takes care of it. Props to Xian for getting the user side of that bug fixed.

This patch touches user control panel, user registration, admin user editor, automatic remote image attachment in posts, and the [img] bbcode. All should allow HTTPS addressing.

You can drop your cache before testing by clicking here: http://forums.xmbforum2.com/js/header.js and then click the reload button.

kuba1 - 12-21-2017 at 01:29 AM

Image BBcode won't allow https ....


205e460b479e2e5b48aec07710c08d50.jpg - 3kB


what-is-ssl-2.png - 20kB

kuba1 - 12-21-2017 at 01:37 AM

testing






DSC_0323_cropped_adjusted_signed_1500.JPG - 409kB


DSC_0692_adjusted_signed_1500.jpg - 269kB


google-https.jpg - 25kB


http-search.gif - 890kB


image bbcode seems to be broken ....

kuba1 - 12-21-2017 at 01:55 AM

user control panel - GOOD
user registration - GOOD
admin user editor - GOOD

These are broken:

automatic remote image attachment in posts
and the [img] bbcode

miqrogroove - 12-21-2017 at 01:58 AM

Cool! :lol: The code and the auto attach feature both work on one of my test servers. So I'll go dig on this server here.

kuba1 - 12-21-2017 at 02:01 AM

Just like the good old days :rolleyes:

miqrogroove - 12-21-2017 at 02:41 AM

Yeah some incompatibility between the servers. file_get_contents() returns false, but curl can get the image. Not sure what the bug is here, if any.

miqrogroove - 12-21-2017 at 02:47 AM

aaand now it's working perfectly

sulpherspringscourthouse-793x526.jpg - 94kB

I didn't change anything. Probably just a transient DNS failure or something.

kuba1 - 12-21-2017 at 02:57 AM

bbs code is allowing https now, too .... probably was a dns failure, I changed the url and remote images work consistently. The other url still fails, often.

kuba1 - 12-21-2017 at 03:03 AM

user control panel - GOOD
user registration - GOOD
admin user editor - GOOD
automatic remote image attachment in posts - GOOD
and the [img] bbcode - GOOD

miqrogroove - 12-21-2017 at 06:07 PM

Time for a lunch break. The following bugs are recently fixed and can be tested:

#497 - Cache-Control headers for attachments should now have a comma instead of a semicolon.
#507 - Thread icons with participation dots should work now in today.php.
#517 - HTTPS member 'site' links will no longer source like "http://https://example.com" Chrome did a good job of hiding this, but the HTML and PHP were both ugly.
#520 - MySQL 5.6+ no longer throws warnings in XMB DEBUG mode in today.php.

kuba1 - 12-21-2017 at 11:45 PM

#497 - I see nothing but commas in cache control headers
#507 - Participation Dots Good
#517 - I tested this a bunch of ways registration, admin edit user edit with http:// without http:// adding the s after Http and https:// everything worked. it added http:// if it was not present in the URL. ie: if one inputs www.google.com it adds http:// if anything is already there (http:// or http://) it does not add anything.

Also, members on this forum have no access to the site field in user control panel.

#520 Not Tested, yet. I don't remember having creds to modify config php on this server for debug mode .... maybe I just forgot?

Daniel Gouveia - 12-22-2017 at 12:26 AM

The folders dont update when I view a thread.

test.png - 291kB

kuba1 - 12-22-2017 at 12:29 AM

Thatís been that way since before miqro arrived. I noticed it but forgot they were supposed to. Good catch Daniel! New bug for mantis

lottos - 12-22-2017 at 12:32 AM

Quote: Originally posted by kuba1  
Thatís been that way since before miqro arrived. I noticed it but forgot they were supposed to. Good catch Daniel! New bug for mantis


Clarification: dot folder for threads/topics you have posted in, different folder if you have simply viewed the thread/topic?

kuba1 - 12-22-2017 at 12:40 AM

Dot folder is threads you post in

lottos - 12-22-2017 at 12:42 AM

Quote: Originally posted by kuba1  
Dot folder is threads you post in


Yes, I knew that :)

Just trying to understand what Daniel means as he hadn't posted in this thread before taking the screen capture, so he would not see a dot folder, so his issue is different?

kuba1 - 12-22-2017 at 12:42 AM

Hot folders are not clearing once the topic is viewed

Daniel Gouveia - 12-22-2017 at 12:48 AM

Quote: Originally posted by lottos  
Quote: Originally posted by kuba1  
Dot folder is threads you post in


Yes, I knew that :)

Just trying to understand what Daniel means as he hadn't posted in this thread before taking the screen capture, so he would not see a dot folder, so his issue is different?



I saw this topic first only after that I took the screenshot, but the folder dont change.

it's like having new answers without having.

miqrogroove - 12-22-2017 at 01:01 AM

Quote: Originally posted by kuba1  
#520 Not Tested, yet. I don't remember having creds to modify config php on this server for debug mode .... maybe I just forgot?


I'll turn it on now. I want to do some testing for #491 as well.

I'm taking the weekend off. I've already cleared several bugs for the roadmap, including a bunch involving HTTPS or PHP 7+ I've branched, tagged, merged, and for the most part re-written the patches from 1.9.11.14 all except for the MySQL layer. Saving the best for last. All the code is in the SVN logs where it belongs.

At this rate, I should be able to do the server migration next week.

kuba1 - 12-22-2017 at 01:07 AM

Iíll go back to testing in a few ... maybe 10 min

miqrogroove - 12-22-2017 at 01:25 AM

Now in debug mode I can see we are generating tons of errors about a template named "css_davis". The heck is this...

kuba1 - 12-22-2017 at 01:33 AM

520 looks good.

491 I'm not sure I even know how to test that. I'm generally moving around the website looking for warnings.

I haven't seen anything about css_davis ...

miqrogroove - 12-22-2017 at 01:49 AM

When I turned on debug mode, I also found the error logging was off. Now it's all on. Warnings will go to disk.

The css_davis thing was some kind of unfinished hack I probably put in there a long time ago. That's off now.

kuba1 - 12-22-2017 at 02:31 AM

I can't access the bug tracker at all. email isn't working, apparently. I registered 2 new accounts and tried to retrieve lost password, not happening.

Don't forget the hot folders bug Daniel found. If you feel like it, and can do it, set my kuba1 systems<at>cteksys bug tracker password to something easy. I'm signing off for the night. Be back, tomorrow. I have the day off, so I can do a lot of whatever you need done with XMB!

It's the red folders that aren't resetting after viewing a post.

miqrogroove - 12-22-2017 at 03:56 AM

hmm.. I've been getting plenty of emails from the forum and from Sourceforge. I'll look into that bug tracker email for ya before bed.

miqrogroove - 12-22-2017 at 04:04 AM

Emails are coming to my gmail account just fine. Looks like the only option it gives me is to send you another email.

lottos - 12-22-2017 at 04:08 AM

I used the lost password form for the bug tracker yesterday and it worked for me to a gmail email account.

miqrogroove - 12-25-2017 at 07:19 PM

Merry Christmas!

I've revised the MySQLi driver proposed in 1.9.11.14. The old MySQL driver got some style changes to match. I'm testing the old one now. A bunch more files need to be reviewed and improved to get the new driver up to beta status without breaking everything. As soon as all of that is done, I will start debugging on the new server. After that, I will adjust DNS and enable LetsEncrypt. TTL is now at 1800 in anticipation of changes happening today or tomorrow.

The docs subdomain will be next. Hopefully the software for that has some updates or alternatives that will be compatible with the new server.

I've added an SPF record to the bugs subdomain in the hope that might clear up some email issues. If not, we will have to find out why the emails still aren't going through to some domains.

miqrogroove - 12-26-2017 at 01:46 PM

Had to sleep on bug #522. When I started using the correct character encoding from the translation files as the PHP default_charset, it caused many errors. From now on, XMB will only attempt to detect UTF-8 and Windows-1251 compatible translations. All others will default back to ISO-8859-1 to prevent errors.

miqrogroove - 12-26-2017 at 05:30 PM

Now running PHP 7.1, MySQL 5.6.34-log, and TLS 1.2. :cool:

lottos - 12-27-2017 at 01:37 AM

Quote: Originally posted by miqrogroove  
Now running PHP 7.1, MySQL 5.6.34-log, and TLS 1.2. :cool:


Nice!

Any issues getting TLS 1.2 to work with the forum?
Noticed cp.php?action=settings still has board url as http...

miqrogroove - 12-27-2017 at 03:13 AM

I think you're looking at Site URL, not Board URL. Check this out: https://docs.xmbforum2.com/index.php?title=New_settings_for_...

On that note, you'll see we now have a full-blown MediaWiki. Contact me for edit access. Should be read-only to public.

lottos - 12-27-2017 at 06:27 AM

Quote: Originally posted by miqrogroove  
I think you're looking at Site URL, not Board URL. Check this out: https://docs.xmbforum2.com/index.php?title=New_settings_for_...

On that note, you'll see we now have a full-blown MediaWiki. Contact me for edit access. Should be read-only to public.


You're correct, it was Full Site URL.

Nice work re the Wiki!

miqrogroove - 12-27-2017 at 04:49 PM

Trying to figure out this report from Google. It's showing slightly different results for the docs and bugs subdomain mail. For bugs, there is some discrepancy between the header_from domain and the SPF domain. hmmm :cool2:

Code:
<record> <row> <source_ip>208.113.157.50</source_ip> <count>5</count> <policy_evaluated> <disposition>none</disposition> <dkim>fail</dkim> <spf>fail</spf> </policy_evaluated> </row> <identifiers> <header_from>bugs.xmbforum2.com</header_from> </identifiers> <auth_results> <spf> <domain>red-hulk.dreamhost.com</domain> <result>none</result> </spf> </auth_results> </record> <record> <row> <source_ip>208.113.157.50</source_ip> <count>1</count> <policy_evaluated> <disposition>none</disposition> <dkim>fail</dkim> <spf>fail</spf> </policy_evaluated> </row> <identifiers> <header_from>docs.xmbforum2.com</header_from> </identifiers> <auth_results> <spf> <domain>docs.xmbforum2.com</domain> <result>neutral</result> </spf> </auth_results> </record>

miqrogroove - 12-27-2017 at 09:01 PM

Found the problem. Mantis has a config variable named $g_return_path_email that I had left blank, and it was filling in the ISP server name by default.

So it's fixed!

And, while I was tinkering there I set up DKIM for the bugs subdomain. Yay.

Now that I'm looking at this in so much detail, it looks like XMB has a similar problem of not setting a Return-Path header. hmm.

lottos - 12-27-2017 at 09:17 PM

Quote: Originally posted by miqrogroove  
Found the problem. Mantis has a config variable named $g_return_path_email that I had left blank, and it was filling in the ISP server name by default.

So it's fixed!

And, while I was tinkering there I set up DKIM for the bugs subdomain. Yay.

Now that I'm looking at this in so much detail, it looks like XMB has a similar problem of not setting a Return-Path header. hmm.


one thing leads to another!

miqrogroove - 12-28-2017 at 03:06 PM

All bugs with target 1.9.11.15 are resolved in the bug tracker.

I'm going to take a quick look through the support forums to see what bugs were discussed and not reported.

I'd like to release 1.9.11.15 later today if there are no objections. All the code and logs are in svn://svn.code.sf.net/p/xmb-forum/code/xmb19x/trunk/source but I can make a beta ZIP if needed.

miqrogroove - 12-28-2017 at 07:08 PM

"Red" icons for threads fixed and documented at https://bugs.xmbforum2.com/view.php?id=526

kuba1 - 12-30-2017 at 12:22 AM

Iím sorry I wasnít around a lot this week .... I got so busy at work. Great job, again, Rob! Thank you so much for sharing your efforts!

lottos - 1-1-2018 at 09:15 AM

Now that xmb is TLS compliant, should
https://forums.xmbforum2.com/misc.php?action=login
form field:
Secure Login - increased security on public computers

be looked at and handled differently?

To be honest, I've never been sure what that option is/was for if a forum was not running TLS/https?

miqrogroove - 1-1-2018 at 06:03 PM

The option only modifies cookie expiration. Unrelated to TLS.

lottos - 1-4-2018 at 02:01 AM

What's next?

:)

Daniel Gouveia - 1-4-2018 at 12:44 PM

Quote: Originally posted by lottos  
What's next?

:)


HTML5 & CSS3.

I'm working on it now.
This will be my Christmas present.

lottos - 1-6-2018 at 01:42 AM

Quote: Originally posted by Daniel Gouveia  

HTML5 & CSS3.

I'm working on it now.
This will be my Christmas present.


Nice!