So, it's finally release time!
http://wakaba.c3.cx/releases/wakaba_3.0.0.zip
http://wakaba.c3.cx/releases/kareha_3.0.0.zip
I decided to bump the version number up to 3.0.0, partly because of a number of new features, and partly because there's been lots of messing around in the guts of the scripts, which means there are probably some new and interesting bugs. I do not recommend installing these scripts on any busy boards without doing some testing first, or waiting for others to test them for you. Conversely, testing is very welcome. Report those bugs!
Specific information will follow in the next posts.
That's very weird... I can't think of any way that could happen in the first place. I'm even using CAPPED_TRIPS right now on this board and it works fine.
Is there a function yet that limits the number of times you can post / start threads in a given time?
That can be controlled to some extent with the ancient RENZOKU options that were inherited from Futaba. For Kareha, no such options exist.
Maybe there should be. Just to be able to prevent people from scriptspamming.
Also: Is it possible to define a keyword that one could use as name or link and that would sage a thread but reveal the ID code (for boards that have it usually turned off or turned off when saged)?
>>140
yes, if you don't mind writing a little bit of perl.
i would do it for you, but i'm too lazy.
maybe WAHa will do it for you, but he's almost as lazy as me, so i wouldn't count on it.
http://wakaba.c3.cx/soc/kareha.pl/1100499906/q81 gives
Software error:
Undefined subroutine &main::get_reply_text called at /home/waha/public_html/soc/kareha.pl line 875.
For help, please send mail to the webmaster ([email protected]), giving this error message and the time and date of the error.
So, will Kareha maybe get its needed banning script soon maybe? Please?
Don't you think that Kareha has awfully bloated and complicated code for what it does? Come on, you can write it with maybe two hundred lines, and you don't have to include the sources of a http server... :)
The idea is very cool, but I'd be afraid to run this code on my server.
> you can write it with maybe two hundred lines,
then why don't you?
Actually, I might end up adding some banning functionality, just so I can put in traps to automatically ban spammers. But we'll see.
And >>145, are you sure you know "what it does"?
I think >>145 is looking for something more like http://www.graffitiwall.net/
>>146
I'm going to ;)
Got something like >>149 so far...
>>147
You know, including the sources of perl libraries you use just to make some changes in them... Copy-paste programming...
I know, I know, it's Perl, it must be ugly ;)
>>148
I thought so at the beginning, but the more I read the sources the less sure I am ;)
>>149
Much simplier, indeed, but lacks some of the less-frequently used functionalities of this board :).
Sorry for the harsh words, but I really think it could benefit greatly from some code cleanup.
> You know, including the sources of perl libraries you use just to make some changes in them...
Pretty much the only external library that is included is MIME::Base64. This is because it's not in all default installs, and most people can't install external libraries. A lot of other code is written from scratch, but duplicates functionality that exist in third-party modules, but since lots of people can't install those, I can't use them if I want people to be able to use the script.
>>151
If you want to be free of dependencies, why don't you make it into an operating system?
I always hate programs that require root access to install. It's a huge damper on popularity.
Ever written any software for public consumption, >>152? --;
To give a straigh answer to a rhethorical question: Because if people can't install modules because they're on a shared host, they can't install a new operating system either.
I'm not avoiding dependencies for the sake of it, I'm doing what is needed in order that the largest number of people be able to use the software.
Well, besides switching to PHP. There are limits.
I don't think using PHP would gain you much. Very few hosts that offer PHP don't offer the other two P's.
The main thing it would gain is that idiots who limit Perl to running in /cgi-bin/ usually don't apply the same restriction to PHP (making the restriction pretty useless in the first place, needless to say).
What's wrong with putting all the scripts in cgi-bin/ and your custom perl modules in some directory in your home?
It just works, unless you try to use some scripts with hardcoded paths in them.
It's not rocket science.
Most Perl modules use compiled code. Even for those modules that are pure Perl, most people don't know how to do this anyway. It is more work when installing, and people are more likely to not bother.
As it is now, you upload a handful of files, chmod, and it works pretty much just like that. The fact that your program will be more popular the less trouble it makes for your users shouldn't be this difficult to grasp.
You mean there are hosts that have all those fancy image processing libraries you use, but lack base64 modules? Come on...
Ban-script.
>>160
Wakaba can work without any of those libraries. It's not a good idea, but it's possible.
> As it is now, you upload a handful of files, chmod, and it works pretty much just like that.
I think it's quite telling that there are many people who have difficulty doing only this. If anything, the installation should be made significantly more easy.
So if they have problems with editing config.pl and using chmod, does anyone think they'll be able to do it if they need to install additional perl modules too?
The point is to have a running board. Making users jump hoops isn't.
I see, so ugly code and sloppy programming is for dummies...
Sounds fair. Sorry for my bitching, didn't think about the "marketing" part of programming.
Forsaking code reuse through external dependencies might not appeal to your sense of aesthetics, but I will take offense at "ugly" or "sloppy". If you want to make claims like that, you'd better come up with a better reason than not using external dependencies.
Well, wakaba (at least) could be cleaner. It's a prettier than the alternatives, but it has certainly grown a few hairs over time.
Yet I think worrying about this is silly. There's one main developer. This individual has a limited amount of time. What would be a better idea in spending it: refactoring code that isn't broken, or fixing code that is? What about adding requested features?
From a user's point of view, the former gives no return. Remember, successful software is "good enough". The perfectionists never go anywhere (except in circles), while the imperfect software is actually being useful to the market.
This is reality.
Well, right, for Wakaba, what I'd really like to do is cut certain parts up in modules, but there are only so many hours in the day. The moderation interface in particular could really use some sort of plugin system, so one could implement various kinds of other moderation options and features.
Anyone feel like doing that, go ahead.
>>166
Sorry, didn't mean to offend you, just got a little carried away.
I'll just shut up and go now.
Btw. Somehow didn't say it before, but it's really the best kind of "forum" I ever tried, and the idea that the code doesn't look as beautiful as it could comes from the assumption that it's really top quality.
It happens to the best of us. Donmai, donmai.
My host has Perl v5.6.1 and I'm having trouble installing kareha 3.0.9. I followed the instructions in the documentation but I get a software error when try to run kareha.pl
It said
Invalid [] range "}-\x" before HERE mark in regex m/([\x{100}-\x << HERE {ffff}])/
Compilation failed in require at templates.pl line 3.
BEGIN failed--compilation aborted at templates.pl line 3.
Compilation failed in require at /kunden/homepages/5/d92823313/htdocs/bbs2/kareha.pl line 14.
BEGIN failed--compilation aborted at /kunden/homepages/5/d92823313/htdocs/bbs2/kareha.pl line 14.
I also tried to install an earlier version (2.0.4) in another directory and that works just fine. Anyone know how to get 3.0.9 to work correctly? Any help would be greatly appreciated.
Oh, I seem to have accidentially gotten a 5.8-only feature in there without any checking for earlier versions. I'm pretty sure that line is not important, so you can just open up wakautils.pl, find the line, and comment it out. I'll have to fix that.
Bug: You can make empty posts by selecting HTML formatting and typing a post that consists only of an HTML tag that isn't allowed. Apparently the tag gets removed, thus leaving the post empty but bypassing the empty post check. For instance, entering just <!-- hello --> will make an empty post, if you select HTML formatting.
I'd hardly call that a bug. There are any number of ways of making empty posts, with any formatting mode. It's hardly a problem. The check is only there to catch you if you click Reply by mistake.
>>174
What other possible ways are there to make an empty post without formatting?
__
**
There are a whole bunch of unicode characters that are completely invisible.
is this a bug?
http:javascript:alert(document.cookie)
> The requested URL /sup/javascript:alert(document.cookie was not found on this server.
It might work in IE (if you fixed the missing end parenthesis), but properly filtering out all the idiotic ways that IE will go out of its way to execute Javascript is pretty hard.
i was just reading >>157 and i thought of something... if you use a host that restricts perl to /cgi-bin/, can you just make a php script that just does passthru("./kareha.pl")?
also, maybe you could implement this?
http://beta.4-ch.net/dis/kareha.pl/1130990333/
Links made with html formatting don't have rel=nofollow added. You might want to fix that before spammers start using it.
Yes, I know, I've fixed that already but I haven't had the time to put together a full release with the rest of the needed fixes.
>>182 in those setups, php is usually also restricted and it cannot run external programs. Usually -- YMMV.
The auto linker seems to not work right with urls that have a ) in them.
Example: http://en.wikipedia.org/wiki/Aspect_(linguistics)
So you have to use http://en.wikipedia.org/wiki/Aspect_(linguistics%29 or HTML formatting to link them properly.
That's a feature, because if it wasn't for Wikipedia, nobody would ever end a link with a ), but lots of people would say something (and include an URL: http://wakaba.c3.cx).
It would be a hack but you could include it in the link if the url is from wikipedia and it has a ( in it that is unmatched.
>>186 Likely not worth the work - click the link and add your own ) at the end, ya pansy!
A better solution would be to include the ) if there's a matching ( in the URL, but I'm really not sure I feel like writing that regexp. It's pretty horrendous already.
If somebody writes it for me, I'll put it in, though.
#https?://[^\s]+(?<!\([^\s]+)\)# doesn't match if there is a ( in the url
#https?://[^\s]+(?<=\([^\s]+)\)# does match if there is a ( in the url
#https?://[^\s]+\([^\s\)]+\)# if you don't want to be fancy about it, matches any url with a ( in it and a ) at the end
When are you ever going to have more than one set of parens in a url? I figured never so i didn't bother thinking about it.
So for the whole thing you end up with something like
#(https?://[^\s](?(?<=//[^s]\()[^\s]|[^\s\)])#<a href='\1' rel='nofollow'>#
Er, the last one should be
#(https?://[^\s]+(?(?<=//[^s]+\()[^\s]*?|[^\s\)]*?))#<a href='\1' rel='nofollow'>#.. fucking wakabamark
There's a lot more to that regexp currently than what yours does, though. There are a number of of characters that are ignored at the end, for instance.
Currently it is:
($protocol_re:[^\s<>"]*?)((?:\s|<|>|"|\.|\)|\]|!|\?|,|,|")*(?:[\s<>"]|$))...except that one of the commas is a numerical entity, which can not be posted. Sigh.
One is & # 44 ; Why didn't you do (?:[\s<>".)!?,\]]|"|& #44;)
It is kind of amazing how much I screwed up the ones last night, never drink and regexp =(... varible length lookbehind is perl6 even. I'll try to rewrite it with lookahead and factor in all of the current crap if this hangover doesn't kill me.
i wrote a recursive regexp that behaves exactly like the existing one in wakabamark (i think) except for including balanced parentheses. of course it's perl 5.8+ only, but since i have the regex in a slightly more readable form it might be a better place to start for doing the 'one or no pairs of parentheses' regex.
Suggestion: How about making a JavaScript box pop up when you ban someone in the Wakaba Management Panel, prompting to enter a comment, so that one doesn't have to copypaste the IP address into the ban Ban page every time?
Not a bad idea, probably.
I found a scrap of spare time, and started to work on putting together a Kareha 3.1.0 version with the bug fixes that have been piling up. So far I've done this:
I'm still looking into:
What did I forget? Also, got any brilliant ideas for anti-spam measures? I'm thinking mostly heuristics to run on the post text, but I'll consider other tricks too.
>Also, got any brilliant ideas for anti-spam measures?
I've been considering it. As stated it'd be too ugly, but adding an input field with style="display:none" should do the trick.
Bug: IMAGE_REPLIES_PER_THREAD counts the image in the first post.
Also, could you fix the "omitted posts/images" line in mode_image for when there's only a single post/image omitted?
Will this update include changes to mode_image's template? I have a highly customized version of the file, so a diff between 3.0.9 and 3.1.0 would be much appreciated.
P.S. What's the argument for implementing a ban system when you can configure it through the web server?
> Bug: IMAGE_REPLIES_PER_THREAD counts the image in the first post.
Hmm. I suppose that's a bug of config option naming at the very least. I'll try to get that fixed.
> Also, could you fix the "omitted posts/images" line in mode_image for when there's only a single post/image omitted?
Not easily, if I want to retain support for multiple languages.
> Will this update include changes to mode_image's template?
Probably not. The old version will be kept in the releases/old subdirectory though, so you can run your own diff on it in case I end up making any changes, though.
>Hmm. I suppose that's a bug of config option naming at the very least. I'll try to get that fixed.
It doesn't make sense to omit any content in the first post. Maybe you could distinguish between first-post images and reply images just as you do with text.
>Not easily, if I want to retain support for multiple languages.
If need be, the board owner can modify the string text by hand.
That makes no sense.
All right, I've installed an almost-complete v3.1.0 here and on /soc/, as a test. It has the empty-field spam trap, so I've disabled captchas to see if it helps any.
Post previewing should also work now.
Feel free to do some testing and report problems! You may need to shift-reload the page to get the new CSS and JS files for everything to work right.
This may be asking too much, but I'd like to see mode_message's deletion functionality match mode_image's more closely -- that is, the post/reply boxes include a field for deletion passwords, a checkbox appears to the left of each post header, and there's a confirmation area at the bottom of each page for re-inputting the password -- granted that user deletion is enabled in the first place, of course.
Not going to happen, as it changes the 0ch page layout too much. You can make it for yourself by editing the templates, though (although you might run into trouble with nested forms).
Is there some reason the text "Lorem ipsum dolor" has to be there (I don't have CSS support)? It's kind of annoying. How about a if you need some text there for some reason.
Oh, oops, that's a leftover from development. I'll remove it in the next version.
For some reason it says "Thumbnail displayed, click image for full size." even though it isn't supposed to be thumbnailed. I set max widthxheight to 700x500 and posted a 640x480 picture. kareha thumbnailed it to same size, only difference being the thumbnailed picture got shittier in quality.
So I just turned on stupid thumbnailing for now. Is this a bug?
No, it's just not designed to be used for full-size images. It will always say "Thumbnail displayed", for instance. If you don't want it, you have to edit the template to remove it. If you always want full-size images, turn on STUPID_THUMBNAILING, and set the sizes to huge. If you want to display images, except if they are REALLY big, you can set THUMBNAIL_SMALL to 0 instead, which should make it stop recompressing images that are smaller than the thumbnail size.
I just upgraded my Kareha version, and now I need to delete some spam posts, but when I click on the "del" link beside the posts, it says the Admin password is incorrect. Where am I supposed to enter this password? In the documentation, it says to click on the "manage" link, but I don't see any such link!
Also, is it possible to completely remove a post, instead of having to see the "this post was deleted by a moderator" message? My board has been hit really hard by spam, and now its completely covered in these messages.
The Manage link is for Wakaba only. For Kareha, go to admin.pl in your board directory manually to get to the admin interface. And no, there's no way to completely remove a post as it stands now.
http://wakaba.c3.cx/release/wakaba_3.0.5.zip
I finally got off my ass and fixed some outstanding bugs, and also put in the spam trap code from Kareha. This is a recommended upgrade for anyone who has problems with spam bots!
NOTE: You must rebuild caches after this upgrade, or the spam filter will stop all posting!
Fixes:
oekaki_style.pl (hopefully).Changes to lots of files, wakaba.pl, wakaba.js, wakautils.pl, futaba_style.pl, oekaki_style.pl, strings_*.pl and config_defaults.pl. Note for people with custom templates: You will have to rename the fields name,email,subject and comment to field1,field2,field3 and field4!
>You will have to rename the fields name,email,subject and comment to field1,field2,field3 and field4!
Wait, so you went from descriptive variables that are useful to generic, non-descriptive variables? Why?
Are you trying to make Wakaba unmaintainable or something?
Thank the spam bots. I am trying to confuse them. There are fake hidden fields with descriptive names that will cause the post to be discarded if they are filled in.
I don't know if this could be some unrelated problem of mine (I don't see how, since this is a fresh install using standard stuff), but I'm getting a very weird error with this new version that I'm not seeing on older installs.
Specifically, it's thumb nailing images with the dimensions reversed.
For example, a 1280x853 image (wide) is getting thumbnailed to a 133x200 image (tall). It's not instantly obvious because the img tag has width="200" height="133", so it's "correcting" the mistake. (Using quotes cause it doesn't really correct it, it still looks like shit)
Anyone else seeing this problem with 3.0.5 or do I need to pull apart my perl/imagemagick (Does wakaba even use imagemagick? I can't remember) install and look for brokenness?
Did some more testing, and it's not an imagemagick problem (Or it is, in a roundabout way)
convert wasn't in the path of the webserver, so putting a full path for CONVERT_COMMAND fixed it.
Aha. sips is the problem. According to sips --help:
-z, --resampleHeightWidth pixelsH pixelsW
Height, then width. No, I don't know why either.
But just switching the order makes it work fine:sips -z $height $width -s formatOptions $quality -s format jpeg $filename --out $thumbnail >/dev/null; # quality setting doesn't seem to work
Also, even when it's working it gives this error in the logs:
Warning: File format jpeg does not support option 70
It looks like the way to do quality is either "formatOptions" or "quality", but neither of them supports integer settings, only low/normal/high (ewww)
I found this from doing "sips --helpProperties" (which is bloody hard to find out about)
Man, that's fucked up. Especially since the test board run on sips and I never even noticed. Well, I did notice the problem with the quality, but got so tired of it I never fixed it.
Oh, and also: A general request to board admins:
If you edit your own style based on futaba.css, please give it a new name. "Futaba" actually means something here, and many people also want to keep using that style. Give your style a new name, and keep the old futaba.css in place. There is an option to select the default style for a board, you don't need to rename it to "Futaba" just for that.
Thank you.
where would i find a list of usercodes to modifiy text within their posts?.. like bold, colors, strikeout and so on?.. wakabamarkup only explains so much.
After some testing, it appears there were a few bug left in 3.0.5, so here's a somewhat fixed version:
http://wakaba.c3.cx/releases/wakaba_3.0.6.zip
Bugfixes:
wakaba.js has been renamed to wakaba3.js, because the old version would fill in the name field, which triggered the anti-spam filter, and people's browsers kept the old version in cache. Renaming forces them to reload the new file./\x{202e}/).(There were also some further fixes of the handling of numerical entities and charset internally, which may have broken something else. I hope it didn't, but report any problems. SQL dumps were also tweaked again and should work better now.)
Minor problems with 3.0.6:
Typos in the "YOU FUCK SPAMMER" error:
"[...] you are probably accidentiallytrying to use an URL that is listed in the spam file. Tryediting your post to remove it. [...]"
Also, the example.htaccess file uses "line-end comments", which apache (at least 1.3.x) doesn't support, and it will tell you this during every single access of your imageboard.
Just move the comment on "AddCharset utf-8 html" to the line above it, and it'll stop yelling on every access.