>>96
forgot to mention that maybe a parameter could be included in config.pl to define an XHTML file for the disclaimer/rules block. It could be used both in 2ch and Futaba (right under the posting area) modes.

Here's a fun little game for you all!

I'm looking into adding support for using HTML markup in addition to WakabaMark, but since most boards use XHTML, I can't just let through any old HTML, and most people can't write well-formed XHTML. Also, I don't want any cross-site scripting going on. So I've tried to write a piece of code that takes any horribly written piece of HTML, sanitizes it by removing all tags and attributes that are not an approved list, checks the attribute values, and turns it into well-formed XML.

Now I'd like to see if anyone can break this. The objective is to get some Javascript onto the page, or making the page break in Firefox (or any other browser that parses XML strictly), or otherwise causing trouble. Have at it!

http://wakaba.c3.cx/test/sanitize.pl

The test thread seems to be broken too.

Uh, kind of a bug. I really should fix it, but, lazy.

Text Art's description about auto-linking URLs and >> references is redundant. Not a bad solution with the layout, though (hiding the menu behind "More options..." still bugs me).

I hate that blue link next to the reply box! It looks ugly!

Also, there's no "Less options..."

Can't this be somewhere else but the post form?

> some other trickery

I smell JavaScript coming in about >>90-120

>>178
There will always be pranksters around. This is probably a good example on what matters to trust tripcoders more than anonymous contributors.

Trivia: Here is a list of 2ch kopipe to fool people into using fusianasan:
http://ansitu.xrea.jp/guidance/?fusianasan

I don't see what's so bad about >>330. The alternative is to force the table to be full width, which will make it uglier (because in HTML all columns will become wider, including the skinniest ones), and harder to read.

> No need for a database, just a text file. You're right about storing IPs, though, but then how can you implement a banning system? Do you use an encrypted IP like the algorithm to generate ID codes?

Banning is done through Apache, which really makes more sense than doing it in the script. I don't want to re-invent the wheel for that.

> I mean that (for example) if I wanted to replace the permasaging function under the MAX_POSTS condition (permasage after X posts) with the thread-closing function (close after X posts), all it would require is a simple replacement of the proper function references in post_stuff(), correct?

No, they're done at different different places, because they are essentially different functions. The permasage behaviour doesn't actually permasage a thread, it only refrains from bumping it. There's no permsage flag added to the thread. The closing, on the other hand, does add a flag to the thread.

> Making "More options..." an option in the configs.
> Seems sensible, when you already have the ability to turn off WakabaMark as a board admin.

No. And I actually removed the DISABLE_WAKABAMARK option since it's no longer really needed. The replacement will be an option to select the default markup for a board, which makes much more sense overall.

> The File field is almost never there.

...especially not when I've added a bug that makes it disappear. Where the hell did it go?

Text Art's description about auto-linking URLs and >> references is redundant. Not a bad solution with the layout, though (hiding the menu behind "More options..." still bugs me).

Tell me more about these pre-compiled binaries. I thought that was impractical...I mean, instruction set differences and so on.

Argh, beaten and >>n isn't even implemented. orz

Oops, forgot to link the first point to my original thread: http://wakaba.c3.cx/sup/kareha.pl/1127326007

Oh, and see if dmpk2k is willing to port over the proxy detection and load-balancing/distributed server cluster functions to Kareha. Those would be neat.

First thought: It would eliminate the concept of sageing as a protest entirely.

>>46
Well, I haven't checked to see exactly where the ban functionality exists in Kareha, but my idea is something along the lines of: (1) encrypting the offender's IP, (2) writing it to a bans.txt list, and (3) writing a parameter next to the IP specifying the time when the ban should be lifted. Of course, you also need underlying code to check bans.txt every time a user tries to post or reply, and also to remove a ban entry at its specified time.

> how about having a third party create extensions for those browsers and freeing up the real estate on the actual page?

What's with this obsession on removing the CSS options? It's a single line, and some of us find it useful.

Real estate? Scroll down.

>>103

Noted.

More information on the all threads page, date of the last post? file size?

A quote button that puts >>n and puts the post prefixed by > in the reply box

Different secret strings for different functions (e.g. one for ID generation and one for secure tripcodes)

> Red, bold thread filesizes displayed near the bottom of subpages?

I support this, especially if thread-closing by filesize should be implemented.

Well, both >>30 and >>31 didn't change the ¦ into ?U so I am out of ideas what happened...

http://wakaba.c3.cx/sup/kareha.pl/1114201493/l50

Or use some sort of filter to replace them characters with underscores on upload.
This offcourse for files that keep their original filename.

>>343

"When they shouldn't be?" They've always been bolded.

n is implemented, but not for >> yet.

Also, >>1 is, as it is, only added to URLs of the form xx-yy and lxx. 2ch doesn't add >>1 for single-reply URLs, and if you're using commas, I figure you can add >>1 yourself if you want it. I'm not sure if this is the best behaviour, but that's how it works at the moment.

> metadata

Not sure, that would require a database redesign and I don't want to force people with a current install to do that. Also, it seems something like that would work better for a whole new script, properly designed around the idea.

> config.pl parameter for a generic image that takes the place of a deleted image (ie, Hello Kitty)

Ah, good, been meaning to do, forgot about.

> Fine-grained banning options that let you choose whether or not the user is blocked from reading a board, posting to a board, or both. Another parameter defines the duration of his ban ('0' for permaban), and another defines a reason/message displayed when the user tries to access a board.

None of those seem useful to me, because I'm of the opinion that bans are to prevent abuse, not to punish users.

> Replace HTML error pages with dialog box equivalents using JavaScript.

Would require a bunch of hidden-iframing and such. I'd like to do a complete re-design full of javascript trickery, and this idea would fit better in such a context... That is to say, I'm lazy and the current version is robust, and I'm loathe to go around changing it, since it would introduce new problems.

> Kill user deletion. I can't see any case for when it'd have constructive uses.

On image boards, it has a very definite use - people do fuck up and post in the wrong thread, or create new threads. It's better if they can clean up after themselves. In Kareha, you can already disable deletion.

> Conversion to mod_perl?

As far as I know, it should work in mod_perl already, modulo some prototype bugs. I'll try to get those fixed.

> The standalone thumbnailer project is a great idea too. As a suggestion, how about adding functionality to also read and thumbnail document files like TXT, PDF, and DOC?

That would require a LOT of code, especially when you don't want external dependencies, so it's a bit iffy.

>>165

>There's no one English word that does the job of the pseudo-Japanese "sage".

How about "dontbump" or "nobump"? Using "down" is pretty misleading, since sage doesn't bump a thread up nor down; it just stays in its place until a thread below is bumped.

>>167 orz

In reference WAHa's post in http://wakaba.c3.cx/sup/kareha.pl/1127713568/l50

>It's been suggested to change the no-ID-on-email to no-ID-on-sage

That sounds good to me.