So, it's finally release time!
http://wakaba.c3.cx/releases/wakaba_3.0.0.zip
http://wakaba.c3.cx/releases/kareha_3.0.0.zip
I decided to bump the version number up to 3.0.0, partly because of a number of new features, and partly because there's been lots of messing around in the guts of the scripts, which means there are probably some new and interesting bugs. I do not recommend installing these scripts on any busy boards without doing some testing first, or waiting for others to test them for you. Conversely, testing is very welcome. Report those bugs!
Specific information will follow in the next posts.
Would there be any way to get an sql dump that is not made for SQLite? I have already setup a wakaba imageboard and have been able to get it to connect and communicate just fine with a PostgreSQL server, and would like to be able to enter the initial data into there.
It might not work on PostgreSQL, even though it will talk to it. The syntax for making an autoincrementing column in the database seems to be different on all databases, and there's no code for doing it on PostegreSQL, so post numbers might not work right.
That said, what is the problem with the current SQL dump and Postegres? It should be simple enough to work with any SQL database, unless there is some lingering bug (there have been a number of them, so use the newest Wakaba to generate it).
>>237
Well I am using the DBI postgres driver so that should handle talking to the server no matter what the call correct? But the problem is importing the dump to the database, I can't seem to get it to work, so if someone had a different type of dump (plain diagram even, for me to input by hand) then I could make my own database for it.
That would be true is SQL was actually a standard that people follow, but it's not. There are subtle differences between pretty much every database out there. Wakaba is not built to support Postgres, and is pretty much guaranteed to not work right.
What version are you creating the dump with, by the way?
>>239
I have not created the dump, I was using the .sql dump provided in the zip of wakaba. It's an SQLite dump and I need either a postgresql dump or a more human readable dump if possible, so that I may input it by hand.
>>240
Look at the init_database, init_admin_database, and init_proxy_database functions in wakaba.pl. They do the database creation, and they're quite well commented.
If that's included, it's by mistake. It's not meant to be used for anything, it's just my test database. Wakaba creates its tables itself. However, even if you try to do it by hand, I doubt it will work with Postgres. Last I looked, the way to make an autoincrementing column in Postgres was completely different from other databases and would not work with the current code.
Hmmm, okay, then how do I get it to use the init_ functions, because at first when I made the db and started the board it said "SQL Connection Error." Then when I made all of the tables it said "SQL Fatal Error." And after reviewing the code they should be the first things executed if database pieces are missing, but they don't seem to be doing so.
Well, if you get an SQL connection error, then you're not even connecting to the database.
The thing is, I got that and then the only thing I changed was adding the "admin", "comments", "proxy", and (can't remember right now but there was another) tables to the database and that changed it from "SQL Connection Error" to "SQL Fatal Error."
I found a pretty annoying bug that I needed to fix, so I finally sat down and fixed a couple of old ones too.
http://wakaba.c3.cx/releases/wakaba_3.0.7.zip
http://wakaba.c3.cx/releases/kareha_3.1.2.zip
Changes only in wakautils.pl, wakaba.pl, kareha.pl, spam.txt and the config_default.pl files (just bumped the version number in those).
Hopefully I didn't fuck up anything too badly packaging this, it's been a while.
:( did you put any comments in the files where you edited them?
>>252
there will be many differences between the two :(
Diff against a plain wakaba 3.0.6, it's in the old/ directory.
also, the more robust entity parser fixes a more serious bug that can let people put in their posts... this is really bad because then people can inject javascript, like the bee flying around this page...
p.s. hey WAHa you need to update this board.
Indeed I do. There, should be fixed now.
Also, that only works in Kareha, so Wakaba boards need not worry. Although it's still a good idea to upgrade to fix the spam filter.
gawd, that bee's annoying. I'm so glad this board's been updated xD
thanks for the update! Bees!
A little something that might be of interest to those running Wakaba boards with the captcha enabled: http://dmpk2k.wakachan.org/captcha.txt
It's a replacement for the stock captcha.pl, and reduces the load per board between 85-95% if you have FastCGI installed. It should work whether you have FastCGI or not, but you won't see the reduced load without FastCGI. Some of the letter strokes have had a little bit of tweaking as well.
It was tested on all the wakachan.org boards for several months, so I'm fairly confident it'll behave.
i have a user that is recieving the spammer msg whenever he tries posting. there is no text in his post and the msg it shows when he attempts posting is as follows:
Anti-spam filters triggered.
If you are not a spammer, you are probably accidentially trying to use an URL that is listed in the spam file. Try editing your post to remove it. Sorry for any inconvenience.
post
Joe#tripcode
0k1je6gP
1162910789576.jpg
anddddddddddd now i can't make any post that has an image attached to it.
.......it decided to work for a few minutes and now it's doing the same thing again.
[Sun Jan 21 21:00:35 2007] [error] [client 68.148.7.216] [Sun Jan 21 21:00:35 2007] wakaba.pl: Malformed UTF-8 character (UTF-16 surrogate 0xdc80) in substitution iterator at wakautils.pl line 391., referer: http://wtfux.org/temp/res/501.html
hmmmm
line 391 of wakautils.pl:
$str=~s{(&#([0-9]*)([;&])|&#([x&])([0-9a-f]*)([;&]))}{no one has any ideas? this is causing a lot of problems :( the only 2 files that i edited are futaba_style.pl and wakaba.pl. i have placed the right changes from 3.0.6 to 3.0.7 into my wakaba.pl. When used on my friends hosting the wakaba.pl works fine. I have seen no changes in the futaba_style.pl on the switch to 3.0.7 so that cannot be the problem. The error i am getting, as seen above, is going on in wakautils.pl. I have no idea what the error means or how to go about debugging it.
What all do I have to upload to upgrade from 3.0.6 to 3.0.7? I'm lazy~
>>269
wakautils.pl, wakaba.pl, spam.txt, and the config_default.pl
Under what exact circumstance does this happen, or not happen?
>>271
replying to a thread with an image. and also sometimes when creating a thread. it does not happen to everyone and the people it happens to are not experiencing it 24/7.
I can't reproduce it. Can you determine if it happens to specific images or not?
>>273
images with less than 8 letters and numbers in it's filename (extension not included) post fine. more than that and i recieve the spam message.
As a side effect of the spam engine, it may be that the filename is checked against the spam filters... Do you have something unusual in spam.txt?
>>275
it is the same copy that you have hosted. i will replace it again to see if that helps.
Well, I can't reproduce it locally. What happens if you edit wakaba.pl and change
spam_engine(
query=>$query,
trap_fields=>SPAM_TRAP?["name","link"]:[],
spam_files=>[SPAM_FILES],
charset=>CHARSET,
) unless $whitelisted;to
spam_engine(
query=>$query,
trap_fields=>SPAM_TRAP?["name","link"]:[],
spam_files=>[SPAM_FILES],
charset=>CHARSET,
excluded_files=>["file"],
) unless $whitelisted;Anti-spam filters triggered.
If you are not a spammer, you are probably accidentially trying to use an URL that is listed in the spam file. Try editing your post to remove it. Sorry for any inconvenience.
post
cho0b
uWZbOD0k
OKAY KIDS DOES THIS WORK?
1142201616186.jpg
sadly that does not work waha. I am going to setup a wakaba board on my server that has none of my edits in it (again) to see if it works.
what does this error mean (in dumb people terms):
wakaba.pl: Malformed UTF-8 character (UTF-16 surrogate 0xdc80) in substitution iterator at wakautils.pl line 391
Maybe somebody tried to post a UTF-16 surrogate character? I don't know, what caused it?
okay, even without my edited version of the files (ie stock wakaba) I am getting the error. something strange is going on.
i am with dreamhost atm..... ahhhh
>>281
that error shows up in my error.log whenever anyone tries to post an image and gets the spam message.
also, another problem I have been having lately (of much smaller importance) why can't I put adbrite ads into my board? if i put the ad code into the post form i get xml not well formed errors :(
...what the hell haha. i replaced spam_engine with this code and at first it didn't fix it... but i removed the spam_engine portion and replaced it AGAIN and now it seems to be working... weiiiird. we shall see if it continues to work. :D
it seems i still can't post to certain threads with an image that has more than seven characters in it's filename (excluding the extension etc etc etc etc) Yes, I did rebuild caches. Also, whWREHSFDHBASFDGS GET THE FUCK OUT OF MY COMPUTER YOU FUCKING BEE AFGWERGAD
This really is weird. And I still can't reproduce it at all.
In the worst case, you can try disabling the spam.txt checker by commenting out the lines starting from:
my $spam_checker=compile_spam_checker(@spam_files);in wakautils.pl until the end of the function.
I'll try to take a wild guess at what might be the problem and try to work around that a bit later, and give you some code to try instead, if you want.
>>287
It seems to be only happening in certain (older) threads, now. And not often at all. Most users are saying that it is working fine now. Although, I don't understand why it would still happen sometimes with older threads.
Do not lose sleep over it, but if you can think of anything to try I would appreciate it very much.
Anti-spam filters triggered.
If you are not a spammer, you are probably accidentially trying to use an URL that is listed in the spam file. Try editing your post to remove it. Sorry for any inconvenience.
post
642
anonymous
lgsexiuS
HELLO BEN HOW ARE YOU
1142072561943.jpg
Delete password. It just dumps all the fields from the form onto that page in order to confuse spam bots into thinking they succeeded in posting.
ah i see i see.
p.s. still getting the error every now and again. :( still hates lengthy filenames for some reason.
http://wakaba.c3.cx/releases/kareha_3.1.3.zip
A bugfix for a very annoying bug that can cause multiplying mojibake in threads. This was a pretty subtle bug related to Perl's unicode handling, but it's hopefully fixed now.
I hope this fixes 4-ch.
Yeah, that was pretty much the point.
why are there a bee on this page
Somebody must've left the window open.
will pay user 10 dollars via paypal to insert 3 google ads on my wakaba form. please leave you email or aim address if you are interested.
will pay user 10 dollars via paypal to insert 3 google ads on my wakaba form. please leave you email or aim address if you are interested.
>>299
[email protected] send me an email
Alrighty, we have added the option to choose whether you will be returned to the main thread list or taken back to the thread you were posting in to wakaba. also, we added a "bump thread" button to clear up any confusion about saging. the bump checkbox is auto checked and the user must uncheck to not bump (sage) the thread.
>>278
I believe that should be "excluded_fields=>["file"]," not excluded_files=>["file"],
Didn't help on my installation. You can select no file and only enter "a" and it'll trigger the spam filter :(
>>302
Javascript!
Using 3.0.4 javascript with a 3.0.7 install will not work at all.
Minor bug I thought I'd report:
If I set: USE_SECURE_ADMIN => 1;
and click 'Manage', Firefox displays an error:
(my site) has sent an incorrect or unexpected message. Error code: -12263
The perl test script floating around this board works fine for me, and so does my imageboard when that option is not enabled, so it should be a genuine bug.
Running Firefox 2.0.0.3, Perl 5.8.7
No, that probably just means you have not set up your webserver to handle https.
I believe this line (1048) in wakautils.pl contains a bug:
my %excluded_fields=map ($_=>1),@{$args{excluded_fields}||[]};
It should be
my %excluded_fields=map +($_=>1),@{$args{excluded_fields}||[]};
Otherwise adding fields to the spam_engine call in wakaba.pl will do all of nothing. since file and password really really need to be on there if you intend to post to your board, this is a bit of a problem.
>>308
correction, adding entries to excluded_fields in spam_engine.
Is it possible to read Kareha boards with 2ch viewers now?
There was some trouble with that earlier, and that is probably the reason. I'll look into it when I get back home. Thanks!
Why does wakaba have a big <style type="text/css"> block in addition to the CSS?
Why aren't those styles just stuck in the CSS files (where they'd be cached)
Compatibility with old Futallaby CSS files.
>>314
That the same reason you haven't fixed "inert" after all this time?
Why are you maintaining compatibility with futallaby CSS files? I don't see the benefit.
Fixed what now? If there is a problem, somebody would have to report it before I could fix it.
I'm maintaining compatibility because I did it once, and it required no work after that. It would require work to break compatibility, and there would be no real benefit. Saving a couple hundred bytes per HTML page on an image board means pretty much nothing at all compared to the rest of the bandwidth usage.
>>317
There's a typo in one of the CSS rules:
.unkfunc {
background:inert;
It's "inherit" , not inert. Loading a wakababoard on firefox spams 2 lines of "Warning: Expected color but found 'inert'. Error in parsing value for property 'background'. Declaration dropped."
(Two because the typo is in both futaba.css and gurochan.css)
It's annoying when you're trying to debug javascript errors on wakaba, as every page gives those two errors.
Just deleting that line will have no effect on the rendering of the page, since all browsers are just ignoring it.
(I finally managed to get 4chan to fix this same CSS error.)
Huh, that's a new warning, because I never saw it back when I was doing actual development on that stuff. Also, I think that typo is inherited from Futallaby. That's my excuse, anyway, and also explains why 4chan would have it too.
Thanks to http://wakaba.c3.cx/sup/kareha.pl/1256252904/88, here is a security update for Wakaba:
http://wakaba.c3.cx/releases/wakaba_3.0.9.zip
I also disabled XHTML. Times sure do change, huh.
Hopefully I didn't mess anything up, I don't really have a good test setup at the moment. Report bugs and problems!
>>320
You left out an <html> tag in the templates. Other than that, it looks fine.
Speaking of changing times, have you considered implementing IPv6 support? It's tricky, but ISPs like Comcast have started rolling out IPv6 to residential customers, and lots of webhosts are beginning to support it.
Also, you might want to consider removing the XHTML options entirely — browsers aren't going to render the page correctly if the correct DOCTYPE isn't there.
Its amazing how long it took for someone to find a vulnerability in Wakaba. Was it really that secure?
>>323
Writing secure software in Perl is quite easy, actually. Unlike PHP, there aren't billions of pitfalls which can screw you over (such as using include() to grab HTML pages, a common beginner mistake), and the DBI module makes it easy to use parameterised statements, which practically makes successful SQL injection nearly impossible.
The attitude of the developer also means a lot; compare Waha's response to bugs and vulnerabilities with the Kusaba X developers':
<Taclink> RewriteCond %{REMOTE_ADDR} (77\.247\.181\.163|124\.186\.170\.134|76\.200\.120\.201|173\.254\.192\.38|184\.56\.238\.123|69\.47\.119\.236)$
<Taclink> is the current one
<savetheinternet> shouldn't there be a ^ at the start of that RewriteCond? otherwise, banning 10.0.0.0 would also ban 110.0.0.0 etc
<Sazpaimon> savetheinternet, that's such a small edge case it isnt even worth itOk, added <html> back, and removed USE_XHTML. I'm too lazy to bump the version again for that though so it's still 3.0.9. It doesn't really matter much with HTML5, anyway.
I never really understood the point of xhtml. Was it useful at some point? All it seemed to do was cause pages to render incorrectly because they didn't like the way a certain tag looked if there was too much white space between two tags.
It is a lot more consistent and easier to write a parser for. The parsing rules are simple and you know you'll get the same result in every parser.
HTML5 instead standardized all the weird behaviors of the old regular HTML parsers, which means parsing is still complicated but at least you can know how to do it, and the result is consistent.
>>327
Interesting. Well in any case, I'm happier this way. It makes modifying Wakaba SO much easier. I mean, I already got rid of XHTML myself a while back, but changing things to your liking really is a lot easier without it.
>such as using include() to grab HTML pages, a common beginner mistake
What the proper way to do something like this? All I've managed to do was make a whitelist of pages that can be included.
>>329echo file_get_contents($filename);
But this is really off-topic and you're better off seeking PHP help elsewhere.
Okay, so, what the fuck is going on here? My wakaba.pl is highly modified. What was actually changed? Is the patch in the other thread the only changed lines?
It's only that, and a few changes to disable XHTML which probably doesn't interest you if you've modified stuff a lot anyway.
After looking over the files, I saw that the changes were very minimal. I already made Wakaba XHTML compliant 5 or so years ago.
http://wakabatest.heliohost.org/wakaba.pl
Bad name after comments' at config_defaults.pl line 15.
Compilation failed in require at wakaba.pl line 17.
BEGIN failed--compilation aborted at wakaba.pl line 17.
how i can fix it?
the "place" is just for test wakaba
Don't edit config_defaults.pl.