Wakaba & Kareha 3.0.0 (349)

173 Name: Anonymous : 2006-01-28 15:33 ID:HJQS1KIL [Del]

Bug: You can make empty posts by selecting HTML formatting and typing a post that consists only of an HTML tag that isn't allowed. Apparently the tag gets removed, thus leaving the post empty but bypassing the empty post check. For instance, entering just <!-- hello --> will make an empty post, if you select HTML formatting.

174 Name: !WAHa.06x36 : 2006-01-28 16:23 ID:j/j8XBOa [Del]

I'd hardly call that a bug. There are any number of ways of making empty posts, with any formatting mode. It's hardly a problem. The check is only there to catch you if you click Reply by mistake.

175 Name: Anonymous : 2006-01-28 20:06 ID:Heaven [Del]

<!-- hello --> testing anonymous's claims.

176 Name: Anonymous : 2006-01-30 13:32 ID:a9Zm7NBm [Del]

>>174
What other possible ways are there to make an empty post without formatting?

__
**

177 Name: !WAHa.06x36 : 2006-01-30 14:32 ID:Heaven [Del]

>>176

There are a whole bunch of unicode characters that are completely invisible.

178 Name: Anonymous : 2006-01-31 09:05 ID:k6YbZ0f4 [Del]

179 Name: !WAHa.06x36 : 2006-01-31 09:30 ID:Heaven [Del]

> The requested URL /sup/javascript:alert(document.cookie was not found on this server.

It might work in IE (if you fixed the missing end parenthesis), but properly filtering out all the idiotic ways that IE will go out of its way to execute Javascript is pretty hard.

180 Name: Anonymous : 2006-02-25 07:33 ID:ZWk6fM4J [Del]

i was just reading >>157 and i thought of something... if you use a host that restricts perl to /cgi-bin/, can you just make a php script that just does passthru("./kareha.pl")?

also, maybe you could implement this?
http://beta.4-ch.net/dis/kareha.pl/1130990333/

181 Name: Anonymous : 2006-03-08 23:55 ID:H3N7cOmT [Del]

Links made with html formatting don't have rel=nofollow added. You might want to fix that before spammers start using it.

182 Name: !WAHa.06x36 : 2006-03-09 08:10 ID:Heaven [Del]

>>181

Yes, I know, I've fixed that already but I haven't had the time to put together a full release with the rest of the needed fixes.

183 Name: Anonymous : 2006-03-15 19:39 ID:EfjcvG5a [Del]

>>182 in those setups, php is usually also restricted and it cannot run external programs. Usually -- YMMV.

184 Name: Anonymous : 2006-03-16 01:57 ID:Heaven [Del]

The auto linker seems to not work right with urls that have a ) in them.
Example: http://en.wikipedia.org/wiki/Aspect_(linguistics)
So you have to use http://en.wikipedia.org/wiki/Aspect_(linguistics%29 or HTML formatting to link them properly.

185 Name: !WAHa.06x36 : 2006-03-16 06:46 ID:Heaven [Del]

That's a feature, because if it wasn't for Wikipedia, nobody would ever end a link with a ), but lots of people would say something (and include an URL: http://wakaba.c3.cx).

186 Name: Anonymous : 2006-03-17 05:19 ID:Heaven [Del]

It would be a hack but you could include it in the link if the url is from wikipedia and it has a ( in it that is unmatched.

187 Name: Anonymous : 2006-03-17 08:51 ID:TtKPzDp1 [Del]

>>186 Likely not worth the work - click the link and add your own ) at the end, ya pansy!

188 Name: Anonymous : 2006-03-17 08:55 ID:ZWk6fM4J [Del]

>>187
or just replace the ) with %29

189 Name: !WAHa.06x36 : 2006-03-17 11:24 ID:j/j8XBOa [Del]

A better solution would be to include the ) if there's a matching ( in the URL, but I'm really not sure I feel like writing that regexp. It's pretty horrendous already.

If somebody writes it for me, I'll put it in, though.

190 Name: Anonymous : 2006-03-18 02:08 ID:Heaven [Del]

#https?://[^\s]+(?<!\([^\s]+)\)# doesn't match if there is a ( in the url
#https?://[^\s]+(?<=\([^\s]+)\)# does match if there is a ( in the url
#https?://[^\s]+\([^\s\)]+\)# if you don't want to be fancy about it, matches any url with a ( in it and a ) at the end

When are you ever going to have more than one set of parens in a url? I figured never so i didn't bother thinking about it.

So for the whole thing you end up with something like
#(https?://[^\s](?(?<=//[^s]\()[^\s]|[^\s\)])#<a href='\1' rel='nofollow'>#

191 Post deleted by user.

192 Name: Anonymous : 2006-03-18 02:13 ID:Heaven [Del]

Er, the last one should be

#(https?://[^\s]+(?(?<=//[^s]+\()[^\s]*?|[^\s\)]*?))#<a href='\1' rel='nofollow'>#

.. fucking wakabamark

193 Name: !WAHa.06x36 : 2006-03-18 07:50 ID:Heaven [Del]

There's a lot more to that regexp currently than what yours does, though. There are a number of of characters that are ignored at the end, for instance.

194 Name: !WAHa.06x36 : 2006-03-18 07:51 ID:Heaven [Del]

Currently it is:

($protocol_re:[^\s<>"]*?)((?:\s|<|>|"|\.|\)|\]|!|\?|,|,|&quot;)*(?:[\s<>"]|$))

195 Name: !WAHa.06x36 : 2006-03-18 09:58 ID:Heaven [Del]

...except that one of the commas is a numerical entity, which can not be posted. Sigh.

196 Name: Anonymous : 2006-03-18 13:20 ID:Heaven [Del]

One is & # 44 ; Why didn't you do (?:[\s<>".)!?,\]]|&quot;|& #44;)
It is kind of amazing how much I screwed up the ones last night, never drink and regexp =(... varible length lookbehind is perl6 even. I'll try to rewrite it with lookahead and factor in all of the current crap if this hangover doesn't kill me.

197 Name: coda : 2006-03-18 14:05 ID:Heaven [Del]

i wrote a recursive regexp that behaves exactly like the existing one in wakabamark (i think) except for including balanced parentheses. of course it's perl 5.8+ only, but since i have the regex in a slightly more readable form it might be a better place to start for doing the 'one or no pairs of parentheses' regex.

http://rafb.net/paste/results/BohIqW25.html

198 Name: Anonymous : 2006-03-20 13:45 ID:3NuvY/X8 [Del]

Suggestion: How about making a JavaScript box pop up when you ban someone in the Wakaba Management Panel, prompting to enter a comment, so that one doesn't have to copypaste the IP address into the ban Ban page every time?

199 Name: !WAHa.06x36 : 2006-03-20 20:43 ID:Heaven [Del]

>>198

Not a bad idea, probably.

200 Post deleted by moderator.

201 Name: !WAHa.06x36 : 2006-04-11 20:20 ID:j/j8XBOa [Del]

I found a scrap of spare time, and started to work on putting together a Kareha 3.1.0 version with the bug fixes that have been piling up. So far I've done this:

  • Admin updates: easier configuration of IP masking and file editing, plus multiple deletion.
  • Fixed URL parser to handle Wikipedia links, and removed the http: bug.
  • Fixed >>q links.
  • Fixed the auto thread closing (which wasn't working on 4-ch)
  • Fixed the bug that wiped out a bunch of threads here.
  • Added rel=nofollow to HTML mode.
  • Made the error page for too long comments mention how much too long they are.
  • Added .rb to FORBIDDEN_EXTENSIONS.

I'm still looking into:

  • Post previewing
  • Option to disable formatting modes
  • Better anti-spam support
  • Banning

What did I forget? Also, got any brilliant ideas for anti-spam measures? I'm thinking mostly heuristics to run on the post text, but I'll consider other tricks too.

202 Name: Anonymous : 2006-04-11 21:17 ID:ZWk6fM4J [Del]

>Also, got any brilliant ideas for anti-spam measures?

how about http://wakaba.c3.cx/soc/kareha.pl/1104803127/35?

203 Name: !WAHa.06x36 : 2006-04-11 21:18 ID:j/j8XBOa [Del]

>>202

I've been considering it. As stated it'd be too ugly, but adding an input field with style="display:none" should do the trick.

204 Name: Anonymous : 2006-04-16 19:54 ID:tT7YvHIV [Del]

Bug: IMAGE_REPLIES_PER_THREAD counts the image in the first post.

Also, could you fix the "omitted posts/images" line in mode_image for when there's only a single post/image omitted?

Will this update include changes to mode_image's template? I have a highly customized version of the file, so a diff between 3.0.9 and 3.1.0 would be much appreciated.

P.S. What's the argument for implementing a ban system when you can configure it through the web server?

205 Name: !WAHa.06x36 : 2006-04-16 20:01 ID:Heaven [Del]

> Bug: IMAGE_REPLIES_PER_THREAD counts the image in the first post.

Hmm. I suppose that's a bug of config option naming at the very least. I'll try to get that fixed.

> Also, could you fix the "omitted posts/images" line in mode_image for when there's only a single post/image omitted?

Not easily, if I want to retain support for multiple languages.

> Will this update include changes to mode_image's template?

Probably not. The old version will be kept in the releases/old subdirectory though, so you can run your own diff on it in case I end up making any changes, though.

206 Name: Anonymous : 2006-04-16 20:22 ID:tT7YvHIV [Del]

>>205

>Hmm. I suppose that's a bug of config option naming at the very least. I'll try to get that fixed.

It doesn't make sense to omit any content in the first post. Maybe you could distinguish between first-post images and reply images just as you do with text.

207 Name: Anonymous : 2006-04-16 20:25 ID:tT7YvHIV [Del]

>Not easily, if I want to retain support for multiple languages.

If need be, the board owner can modify the string text by hand.

208 Name: !WAHa.06x36 : 2006-04-16 22:35 ID:Heaven [Del]

>>207

That makes no sense.

209 Name: !WAHa.06x36 : 2006-05-15 16:03 ID:j/j8XBOa [Del]

All right, I've installed an almost-complete v3.1.0 here and on /soc/, as a test. It has the empty-field spam trap, so I've disabled captchas to see if it helps any.

Post previewing should also work now.

Feel free to do some testing and report problems! You may need to shift-reload the page to get the new CSS and JS files for everything to work right.

210 Post deleted by user.

211 Name: Anonymous : 2006-05-16 09:09 ID:Heaven [Del]

This may be asking too much, but I'd like to see mode_message's deletion functionality match mode_image's more closely -- that is, the post/reply boxes include a field for deletion passwords, a checkbox appears to the left of each post header, and there's a confirmation area at the bottom of each page for re-inputting the password -- granted that user deletion is enabled in the first place, of course.

212 Name: !WAHa.06x36 : 2006-05-16 09:19 ID:j/j8XBOa [Del]

>>211

Not going to happen, as it changes the 0ch page layout too much. You can make it for yourself by editing the templates, though (although you might run into trouble with nested forms).

213 Name: Anonymous : 2006-05-24 14:32 ID:HJQS1KIL [Del]

Is there some reason the text "Lorem ipsum dolor" has to be there (I don't have CSS support)? It's kind of annoying. How about a &nbsp; if you need some text there for some reason.

214 Name: !WAHa.06x36 : 2006-05-24 14:39 ID:j/j8XBOa [Del]

>>213

Oh, oops, that's a leftover from development. I'll remove it in the next version.

215 Name: Anonymous : 2006-05-26 10:41 ID:gyhxCkel [Del]

For some reason it says "Thumbnail displayed, click image for full size." even though it isn't supposed to be thumbnailed. I set max widthxheight to 700x500 and posted a 640x480 picture. kareha thumbnailed it to same size, only difference being the thumbnailed picture got shittier in quality.
So I just turned on stupid thumbnailing for now. Is this a bug?

216 Name: !WAHa.06x36 : 2006-05-26 12:29 ID:j/j8XBOa [Del]

No, it's just not designed to be used for full-size images. It will always say "Thumbnail displayed", for instance. If you don't want it, you have to edit the template to remove it. If you always want full-size images, turn on STUPID_THUMBNAILING, and set the sizes to huge. If you want to display images, except if they are REALLY big, you can set THUMBNAIL_SMALL to 0 instead, which should make it stop recompressing images that are smaller than the thumbnail size.

217 Name: Anonymous : 2006-05-28 16:59 ID:9kd0qapF [Del]

I just upgraded my Kareha version, and now I need to delete some spam posts, but when I click on the "del" link beside the posts, it says the Admin password is incorrect. Where am I supposed to enter this password? In the documentation, it says to click on the "manage" link, but I don't see any such link!

Also, is it possible to completely remove a post, instead of having to see the "this post was deleted by a moderator" message? My board has been hit really hard by spam, and now its completely covered in these messages.

218 Post deleted by user.

219 Name: !WAHa.06x36 : 2006-05-30 03:56 ID:j/j8XBOa [Del]

>>217

The Manage link is for Wakaba only. For Kareha, go to admin.pl in your board directory manually to get to the admin interface. And no, there's no way to completely remove a post as it stands now.

220 Post deleted by user.

221 Name: !WAHa.06x36 : 2006-08-23 14:22 ID:j/j8XBOa [Del]

http://wakaba.c3.cx/release/wakaba_3.0.5.zip

I finally got off my ass and fixed some outstanding bugs, and also put in the spam trap code from Kareha. This is a recommended upgrade for anyone who has problems with spam bots!

NOTE: You must rebuild caches after this upgrade, or the spam filter will stop all posting!

Fixes:

  • Spam code from Kareha ported over and extended. The option SPAM_TRAP controls whether to use the spam trap. It is on by default. SPAM_FILE is replaced with an array named SPAM_FILES so you can have several spam files, spam files can use regexps.
  • Fixed SQL dump and importing.
  • Added a Javascript popup for the "Ban" links in the admin interface, to let you enter a ban reason.
  • Fixed oekaki_style.pl (hopefully).
  • Added a button to the admin interface to manually archive stuff.

Changes to lots of files, wakaba.pl, wakaba.js, wakautils.pl, futaba_style.pl, oekaki_style.pl, strings_*.pl and config_defaults.pl. Note for people with custom templates: You will have to rename the fields name,email,subject and comment to field1,field2,field3 and field4!

222 Name: Anonymous : 2006-08-23 14:44 ID:fxNTiZmI [Del]

223 Name: !WAHa.06x36 : 2006-08-23 16:11 ID:j/j8XBOa [Del]

>>222

Indeed.

224 Name: Anonymous : 2006-08-24 02:14 ID:pfTpBYkQ [Del]

>You will have to rename the fields name,email,subject and comment to field1,field2,field3 and field4!

Wait, so you went from descriptive variables that are useful to generic, non-descriptive variables? Why?

Are you trying to make Wakaba unmaintainable or something?

225 Name: !WAHa.06x36 : 2006-08-24 03:29 ID:j/j8XBOa [Del]

>>224

Thank the spam bots. I am trying to confuse them. There are fake hidden fields with descriptive names that will cause the post to be discarded if they are filled in.

226 Name: Foone!9i78bPeIxI : 2006-08-24 20:34 ID:283pN5Zv [Del]

I don't know if this could be some unrelated problem of mine (I don't see how, since this is a fresh install using standard stuff), but I'm getting a very weird error with this new version that I'm not seeing on older installs.
Specifically, it's thumb nailing images with the dimensions reversed.
For example, a 1280x853 image (wide) is getting thumbnailed to a 133x200 image (tall). It's not instantly obvious because the img tag has width="200" height="133", so it's "correcting" the mistake. (Using quotes cause it doesn't really correct it, it still looks like shit)
Anyone else seeing this problem with 3.0.5 or do I need to pull apart my perl/imagemagick (Does wakaba even use imagemagick? I can't remember) install and look for brokenness?

227 Name: Foone!9i78bPeIxI : 2006-08-24 21:23 ID:283pN5Zv [Del]

Did some more testing, and it's not an imagemagick problem (Or it is, in a roundabout way)
convert wasn't in the path of the webserver, so putting a full path for CONVERT_COMMAND fixed it.

Aha. sips is the problem. According to sips --help:
-z, --resampleHeightWidth pixelsH pixelsW

Height, then width. No, I don't know why either.
But just switching the order makes it work fine:
sips -z $height $width -s formatOptions $quality -s format jpeg $filename --out $thumbnail >/dev/null; # quality setting doesn't seem to work

Also, even when it's working it gives this error in the logs:
Warning: File format jpeg does not support option 70
It looks like the way to do quality is either "formatOptions" or "quality", but neither of them supports integer settings, only low/normal/high (ewww)
I found this from doing "sips --helpProperties" (which is bloody hard to find out about)

228 Name: !WAHa.06x36 : 2006-08-25 03:46 ID:Iu4Ln97/ [Del]

>>227

Man, that's fucked up. Especially since the test board run on sips and I never even noticed. Well, I did notice the problem with the quality, but got so tired of it I never fixed it.

229 Name: !WAHa.06x36 : 2006-08-26 08:02 ID:j/j8XBOa [Del]

Oh, and also: A general request to board admins:

If you edit your own style based on futaba.css, please give it a new name. "Futaba" actually means something here, and many people also want to keep using that style. Give your style a new name, and keep the old futaba.css in place. There is an option to select the default style for a board, you don't need to rename it to "Futaba" just for that.

Thank you.

230 Name: Anonymous : 2006-08-26 13:51 ID:N7Gfl67P [Del]

where would i find a list of usercodes to modifiy text within their posts?.. like bold, colors, strikeout and so on?.. wakabamarkup only explains so much.

231 Name: Anonymous : 2006-08-26 15:18 ID:QVla1U7o [Del]

232 Name: !WAHa.06x36 : 2006-08-26 18:28 ID:j/j8XBOa [Del]

After some testing, it appears there were a few bug left in 3.0.5, so here's a somewhat fixed version:

http://wakaba.c3.cx/releases/wakaba_3.0.6.zip

Bugfixes:

  • The post number insertion Javascript was broken.
  • wakaba.js has been renamed to wakaba3.js, because the old version would fill in the name field, which triggered the anti-spam filter, and people's browsers kept the old version in cache. Renaming forces them to reload the new file.
  • Better support for unicode characters in spam.txt - it now works as you'd expect if you put in a HTML numerical entity (like & #x202e;, or a Perl unicode regexp (like /\x{202e}/).

233 Name: !WAHa.06x36 : 2006-08-26 18:30 ID:j/j8XBOa [Del]

(There were also some further fixes of the handling of numerical entities and charset internally, which may have broken something else. I hope it didn't, but report any problems. SQL dumps were also tweaked again and should work better now.)

234 Name: Foone!9i78bPeIxI : 2006-09-14 18:48 ID:283pN5Zv [Del]

Minor problems with 3.0.6:
Typos in the "YOU FUCK SPAMMER" error:
"[...] you are probably accidentiallytrying to use an URL that is listed in the spam file. Tryediting your post to remove it. [...]"

Also, the example.htaccess file uses "line-end comments", which apache (at least 1.3.x) doesn't support, and it will tell you this during every single access of your imageboard.
Just move the comment on "AddCharset utf-8 html" to the line above it, and it'll stop yelling on every access.

235 Post deleted by user.

236 Name: RyuKojiro!jhN8iCOSfc : 2006-09-15 23:58 ID:ECgOE7K5 [Del]

Would there be any way to get an sql dump that is not made for SQLite? I have already setup a wakaba imageboard and have been able to get it to connect and communicate just fine with a PostgreSQL server, and would like to be able to enter the initial data into there.

237 Name: !WAHa.06x36 : 2006-09-16 04:37 ID:j/j8XBOa [Del]

>>236

It might not work on PostgreSQL, even though it will talk to it. The syntax for making an autoincrementing column in the database seems to be different on all databases, and there's no code for doing it on PostegreSQL, so post numbers might not work right.

That said, what is the problem with the current SQL dump and Postegres? It should be simple enough to work with any SQL database, unless there is some lingering bug (there have been a number of them, so use the newest Wakaba to generate it).

238 Name: RyuKojiro!jhN8iCOSfc : 2006-09-16 13:20 ID:ECgOE7K5 [Del]

>>237
Well I am using the DBI postgres driver so that should handle talking to the server no matter what the call correct? But the problem is importing the dump to the database, I can't seem to get it to work, so if someone had a different type of dump (plain diagram even, for me to input by hand) then I could make my own database for it.

239 Name: !WAHa.06x36 : 2006-09-16 13:28 ID:Heaven [Del]

>>238

That would be true is SQL was actually a standard that people follow, but it's not. There are subtle differences between pretty much every database out there. Wakaba is not built to support Postgres, and is pretty much guaranteed to not work right.

What version are you creating the dump with, by the way?

240 Name: RyuKojiro!jhN8iCOSfc : 2006-09-16 21:48 ID:ECgOE7K5 [Del]

>>239
I have not created the dump, I was using the .sql dump provided in the zip of wakaba. It's an SQLite dump and I need either a postgresql dump or a more human readable dump if possible, so that I may input it by hand.

241 Name: Foone!9i78bPeIxI : 2006-09-17 02:43 ID:283pN5Zv [Del]

>>240
Look at the init_database, init_admin_database, and init_proxy_database functions in wakaba.pl. They do the database creation, and they're quite well commented.

242 Name: !WAHa.06x36 : 2006-09-17 09:31 ID:j/j8XBOa [Del]

>>240

If that's included, it's by mistake. It's not meant to be used for anything, it's just my test database. Wakaba creates its tables itself. However, even if you try to do it by hand, I doubt it will work with Postgres. Last I looked, the way to make an autoincrementing column in Postgres was completely different from other databases and would not work with the current code.

243 Post deleted by user.

244 Post deleted by user.

245 Name: RyuKojiro!jhN8iCOSfc : 2006-09-17 19:06 ID:ECgOE7K5 [Del]

Hmmm, okay, then how do I get it to use the init_ functions, because at first when I made the db and started the board it said "SQL Connection Error." Then when I made all of the tables it said "SQL Fatal Error." And after reviewing the code they should be the first things executed if database pieces are missing, but they don't seem to be doing so.

246 Name: !WAHa.06x36 : 2006-09-17 19:32 ID:j/j8XBOa [Del]

Well, if you get an SQL connection error, then you're not even connecting to the database.

247 Name: RyuKojiro!jhN8iCOSfc : 2006-09-17 21:54 ID:9yQUyVF9 [Del]

The thing is, I got that and then the only thing I changed was adding the "admin", "comments", "proxy", and (can't remember right now but there was another) tables to the database and that changed it from "SQL Connection Error" to "SQL Fatal Error."

248 Name: ch,j c : 2007-01-20 12:06 ID:ZsO1HtxX [Del]

jhgc c

249 Name: !WAHa.06x36 : 2007-01-20 12:34 ID:j/j8XBOa [Del]

I found a pretty annoying bug that I needed to fix, so I finally sat down and fixed a couple of old ones too.

http://wakaba.c3.cx/releases/wakaba_3.0.7.zip
http://wakaba.c3.cx/releases/kareha_3.1.2.zip

  • The spam.txt filter was not working at all in Wakaba! Apparently the spam trap has been effective enough that nobody even noticed, but when I had to deal with that spammer who's posting by hand, I noticed it was broken. This seems to be because of some obscure Perl bug (or strange but correct behaviour), actually, which I've hopefully managed to work around.
  • Made the entity parser a bit more robust against abuse. This should remove the possibility to make javascript: links in Kareha, and remove some possibilties to introduce XHTML errors. Thanks to hotaru for the testing.
  • Fixed the "Del all" link in Wakaba.

Changes only in wakautils.pl, wakaba.pl, kareha.pl, spam.txt and the config_default.pl files (just bumped the version number in those).

Hopefully I didn't fuck up anything too badly packaging this, it's been a while.

250 Name: Anonymous : 2007-01-20 12:55 ID:Heaven [Del]

:( did you put any comments in the files where you edited them?

251 Name: Anonymous : 2007-01-20 13:08 ID:Heaven [Del]

403?

252 Name: !WAHa.06x36 : 2007-01-20 13:09 ID:j/j8XBOa [Del]

>>250

No, use diff if you need to know.

>>251

?

253 Name: Anonymous : 2007-01-20 13:18 ID:Heaven [Del]

>>252
there will be many differences between the two :(

254 Name: !WAHa.06x36 : 2007-01-20 13:20 ID:Heaven [Del]

>>253

Diff against a plain wakaba 3.0.6, it's in the old/ directory.

255 Name: Anonymous : 2007-01-20 13:35 ID:Heaven [Del]

>>252 The links are 403'ing for me.

256 Name: !WAHa.06x36 : 2007-01-20 15:00 ID:j/j8XBOa [Del]

>>255

They're just fine from here.

257 Name: !hoTarufiRE : 2007-01-20 16:06 ID:Heaven [Del]

also, the more robust entity parser fixes a more serious bug that can let people put arbitrary html in their posts... this is really bad because then people can inject javascript, like the bee flying around this page...

p.s. hey WAHa you need to update this board.

258 Name: !WAHa.06x36 : 2007-01-20 16:41 ID:Heaven [Del]

Indeed I do. There, should be fixed now.

259 Name: !WAHa.06x36 : 2007-01-20 16:42 ID:Heaven [Del]

Also, that only works in Kareha, so Wakaba boards need not worry. Although it's still a good idea to upgrade to fix the spam filter.

260 Name: hrei^^ : 2007-01-21 05:48 ID:Heaven [Del]

gawd, that bee's annoying. I'm so glad this board's been updated xD

thanks for the update! Bees!

261 Name: dmpk2k!hinhT6kz2E : 2007-01-21 17:55 ID:Heaven [Del]

A little something that might be of interest to those running Wakaba boards with the captcha enabled: http://dmpk2k.wakachan.org/captcha.txt

It's a replacement for the stock captcha.pl, and reduces the load per board between 85-95% if you have FastCGI installed. It should work whether you have FastCGI or not, but you won't see the reduced load without FastCGI. Some of the letter strokes have had a little bit of tweaking as well.

It was tested on all the wakachan.org boards for several months, so I'm fairly confident it'll behave.

262 Name: Anonymous : 2007-01-21 20:15 ID:Heaven [Del]

i have a user that is recieving the spammer msg whenever he tries posting. there is no text in his post and the msg it shows when he attempts posting is as follows:

Anti-spam filters triggered.
If you are not a spammer, you are probably accidentially trying to use an URL that is listed in the spam file. Try editing your post to remove it. Sorry for any inconvenience.

post
Joe#tripcode
0k1je6gP
1162910789576.jpg

263 Name: Anonymous : 2007-01-21 20:26 ID:Heaven [Del]

anddddddddddd now i can't make any post that has an image attached to it.

264 Name: Anonymous : 2007-01-21 20:37 ID:Heaven [Del]

.......it decided to work for a few minutes and now it's doing the same thing again.

265 Name: Anonymous : 2007-01-21 21:01 ID:Heaven [Del]

[Sun Jan 21 21:00:35 2007] [error] [client 68.148.7.216] [Sun Jan 21 21:00:35 2007] wakaba.pl: Malformed UTF-8 character (UTF-16 surrogate 0xdc80) in substitution iterator at wakautils.pl line 391., referer: http://wtfux.org/temp/res/501.html

hmmmm

266 Post deleted by user.

267 Name: Anonymous : 2007-01-21 21:11 ID:Heaven [Del]

line 391 of wakautils.pl:

$str=~s{(&#([0-9]*)([;&])|&#([x&])([0-9a-f]*)([;&]))}{

268 Name: Anonymous : 2007-01-22 13:42 ID:Heaven [Del]

no one has any ideas? this is causing a lot of problems :( the only 2 files that i edited are futaba_style.pl and wakaba.pl. i have placed the right changes from 3.0.6 to 3.0.7 into my wakaba.pl. When used on my friends hosting the wakaba.pl works fine. I have seen no changes in the futaba_style.pl on the switch to 3.0.7 so that cannot be the problem. The error i am getting, as seen above, is going on in wakautils.pl. I have no idea what the error means or how to go about debugging it.

269 Name: Anonymous : 2007-01-22 14:09 ID:Evf/CttQ [Del]

What all do I have to upload to upgrade from 3.0.6 to 3.0.7? I'm lazy~

270 Name: Anonymous : 2007-01-22 14:12 ID:Heaven [Del]

>>269
wakautils.pl, wakaba.pl, spam.txt, and the config_default.pl

271 Name: !WAHa.06x36 : 2007-01-22 14:23 ID:j/j8XBOa [Del]

>>265

Under what exact circumstance does this happen, or not happen?

272 Name: Anonymous : 2007-01-22 14:33 ID:Heaven [Del]

>>271
replying to a thread with an image. and also sometimes when creating a thread. it does not happen to everyone and the people it happens to are not experiencing it 24/7.

273 Name: !WAHa.06x36 : 2007-01-22 15:36 ID:Heaven [Del]

>>272

I can't reproduce it. Can you determine if it happens to specific images or not?

274 Name: Anonymous : 2007-01-22 16:12 ID:Heaven [Del]

>>273
images with less than 8 letters and numbers in it's filename (extension not included) post fine. more than that and i recieve the spam message.

275 Name: !WAHa.06x36 : 2007-01-22 17:30 ID:Heaven [Del]

>>274

As a side effect of the spam engine, it may be that the filename is checked against the spam filters... Do you have something unusual in spam.txt?

276 Name: Anonymous : 2007-01-22 17:38 ID:Heaven [Del]

>>275
it is the same copy that you have hosted. i will replace it again to see if that helps.

277 Name: Anonymous : 2007-01-22 17:40 ID:Heaven [Del]

seems to have made no difference.

278 Name: !WAHa.06x36 : 2007-01-22 17:45 ID:Heaven [Del]

Well, I can't reproduce it locally. What happens if you edit wakaba.pl and change

spam_engine(
query=>$query,
trap_fields=>SPAM_TRAP?["name","link"]:[],
spam_files=>[SPAM_FILES],
charset=>CHARSET,
) unless $whitelisted;

to

spam_engine(
query=>$query,
trap_fields=>SPAM_TRAP?["name","link"]:[],
spam_files=>[SPAM_FILES],
charset=>CHARSET,
excluded_files=>["file"],
) unless $whitelisted;

279 Name: :( : 2007-01-22 17:50 ID:Heaven [Del]

Anti-spam filters triggered.

If you are not a spammer, you are probably accidentially trying to use an URL that is listed in the spam file. Try editing your post to remove it. Sorry for any inconvenience.
post

cho0b

uWZbOD0k
OKAY KIDS DOES THIS WORK?
1142201616186.jpg

280 Name: Anonymous : 2007-01-22 17:57 ID:Heaven [Del]

sadly that does not work waha. I am going to setup a wakaba board on my server that has none of my edits in it (again) to see if it works.

what does this error mean (in dumb people terms):

wakaba.pl: Malformed UTF-8 character (UTF-16 surrogate 0xdc80) in substitution iterator at wakautils.pl line 391

281 Name: !WAHa.06x36 : 2007-01-22 18:00 ID:Heaven [Del]

>>280

Maybe somebody tried to post a UTF-16 surrogate character? I don't know, what caused it?

282 Name: Anonymous : 2007-01-22 18:00 ID:Heaven [Del]

okay, even without my edited version of the files (ie stock wakaba) I am getting the error. something strange is going on.

i am with dreamhost atm..... ahhhh

283 Name: Anonymous : 2007-01-22 18:00 ID:Heaven [Del]

>>281
that error shows up in my error.log whenever anyone tries to post an image and gets the spam message.

284 Name: Anonymous : 2007-01-22 18:32 ID:Heaven [Del]

also, another problem I have been having lately (of much smaller importance) why can't I put adbrite ads into my board? if i put the ad code into the post form i get xml not well formed errors :(

285 Name: Anonymous : 2007-01-22 18:48 ID:Heaven [Del]

>>278

...what the hell haha. i replaced spam_engine with this code and at first it didn't fix it... but i removed the spam_engine portion and replaced it AGAIN and now it seems to be working... weiiiird. we shall see if it continues to work. :D

286 Name: Anonymous : 2007-01-22 22:05 ID:Heaven [Del]

it seems i still can't post to certain threads with an image that has more than seven characters in it's filename (excluding the extension etc etc etc etc) Yes, I did rebuild caches. Also, whWREHSFDHBASFDGS GET THE FUCK OUT OF MY COMPUTER YOU FUCKING BEE AFGWERGAD

287 Name: !WAHa.06x36 : 2007-01-23 04:23 ID:Heaven [Del]

This really is weird. And I still can't reproduce it at all.

In the worst case, you can try disabling the spam.txt checker by commenting out the lines starting from:

my $spam_checker=compile_spam_checker(@spam_files);

in wakautils.pl until the end of the function.

I'll try to take a wild guess at what might be the problem and try to work around that a bit later, and give you some code to try instead, if you want.

288 Name: Anonymous : 2007-01-23 13:03 ID:Heaven [Del]

>>287
It seems to be only happening in certain (older) threads, now. And not often at all. Most users are saying that it is working fine now. Although, I don't understand why it would still happen sometimes with older threads.

Do not lose sleep over it, but if you can think of anything to try I would appreciate it very much.

289 Name: Anonymous : 2007-01-23 18:18 ID:Heaven [Del]

Anti-spam filters triggered.

If you are not a spammer, you are probably accidentially trying to use an URL that is listed in the spam file. Try editing your post to remove it. Sorry for any inconvenience.
post
642

anonymous

lgsexiuS
HELLO BEN HOW ARE YOU
1142072561943.jpg

290 Name: Anonymous : 2007-01-23 19:33 ID:Heaven [Del]

>>289
where does the "lgsexiuS" bit come from?

291 Name: !WAHa.06x36 : 2007-01-24 04:26 ID:Heaven [Del]

>>290

Delete password. It just dumps all the fields from the form onto that page in order to confuse spam bots into thinking they succeeded in posting.

292 Name: Anonymous : 2007-01-24 17:55 ID:Heaven [Del]

ah i see i see.

p.s. still getting the error every now and again. :( still hates lengthy filenames for some reason.

293 Name: !WAHa.06x36 : 2007-01-28 06:32 ID:j/j8XBOa [Del]

http://wakaba.c3.cx/releases/kareha_3.1.3.zip

A bugfix for a very annoying bug that can cause multiplying mojibake in threads. This was a pretty subtle bug related to Perl's unicode handling, but it's hopefully fixed now.

294 Name: Anonymous : 2007-01-28 09:02 ID:BwprLQeo [Del]

I hope this fixes 4-ch.

295 Name: !WAHa.06x36 : 2007-01-28 15:14 ID:Heaven [Del]

Yeah, that was pretty much the point.

296 Name: Anonymous : 2007-03-11 16:15 ID:d7OcYldw [Del]

why are there a bee on this page

297 Name: !WAHa.06x36 : 2007-03-11 18:45 ID:Heaven [Del]

Somebody must've left the window open.

298 Name: lama : 2007-03-18 15:17 ID:YddKAadv [Del]

will pay user 10 dollars via paypal to insert 3 google ads on my wakaba form. please leave you email or aim address if you are interested.

299 Name: lama : 2007-03-18 15:17 ID:YddKAadv [Del]

will pay user 10 dollars via paypal to insert 3 google ads on my wakaba form. please leave you email or aim address if you are interested.

300 Name: Anonymous : 2007-03-18 15:45 ID:Heaven [Del]

>>299
[email protected] send me an email

301 Name: Anonymous : 2007-03-19 01:58 ID:Heaven [Del]

Alrighty, we have added the option to choose whether you will be returned to the main thread list or taken back to the thread you were posting in to wakaba. also, we added a "bump thread" button to clear up any confusion about saging. the bump checkbox is auto checked and the user must uncheck to not bump (sage) the thread.

302 Name: Popcorn Mariachi : 2007-04-14 15:55 ID:9F+RlsRU [Del]

>>278
I believe that should be "excluded_fields=>["file"]," not excluded_files=>["file"],

Didn't help on my installation. You can select no file and only enter "a" and it'll trigger the spam filter :(

303 Name: Popcorn Mariachi : 2007-04-14 16:03 ID:9F+RlsRU [Del]

>>302
Javascript!

Using 3.0.4 javascript with a 3.0.7 install will not work at all.

304 Name: Furvy (moved from other thread) : 2007-04-17 04:24 ID:Iu4Ln97/ [Del]

Minor bug I thought I'd report:

If I set: USE_SECURE_ADMIN => 1;
and click 'Manage', Firefox displays an error:

(my site) has sent an incorrect or unexpected message. Error code: -12263

The perl test script floating around this board works fine for me, and so does my imageboard when that option is not enabled, so it should be a genuine bug.

Running Firefox 2.0.0.3, Perl 5.8.7

305 Name: !WAHa.06x36 : 2007-04-17 04:26 ID:Iu4Ln97/ [Del]

>>304

No, that probably just means you have not set up your webserver to handle https.

306 Post deleted by moderator.

307 Post deleted by moderator.

308 Name: Popcorn Mariachi : 2007-05-18 23:26 ID:2qGbUEJW [Del]

I believe this line (1048) in wakautils.pl contains a bug:
my %excluded_fields=map ($_=>1),@{$args{excluded_fields}||[]};
It should be
my %excluded_fields=map +($_=>1),@{$args{excluded_fields}||[]};

Otherwise adding fields to the spam_engine call in wakaba.pl will do all of nothing. since file and password really really need to be on there if you intend to post to your board, this is a bit of a problem.

309 Name: Popcorn Mariachi : 2007-05-18 23:27 ID:2qGbUEJW [Del]

>>308
correction, adding entries to excluded_fields in spam_engine.

310 Name: Anonymous : 2007-05-20 05:13 ID:UFCs+tDe [Del]

Is it possible to read Kareha boards with 2ch viewers now?

311 Name: !WAHa.06x36 : 2007-05-20 06:58 ID:+nQepnyP [Del]

>>308

There was some trouble with that earlier, and that is probably the reason. I'll look into it when I get back home. Thanks!

312 Post deleted by moderator.

313 Name: Popcorn Mariachi : 2007-05-23 04:45 ID:2qGbUEJW [Del]

Why does wakaba have a big <style type="text/css"> block in addition to the CSS?
Why aren't those styles just stuck in the CSS files (where they'd be cached)

314 Name: !WAHa.06x36 : 2007-05-23 05:56 ID:Heaven [Del]

>>313

Compatibility with old Futallaby CSS files.

315 Name: Anonymous : 2007-05-23 06:29 ID:Heaven [Del]

>>313
ALALALLALALALAH KILL THE INQUISITIVE OUTSIDER

316 Name: Popcorn Mariachi : 2007-05-23 22:10 ID:2qGbUEJW [Del]

>>314
That the same reason you haven't fixed "inert" after all this time?
Why are you maintaining compatibility with futallaby CSS files? I don't see the benefit.

317 Name: !WAHa.06x36 : 2007-05-24 03:41 ID:Heaven [Del]

>>316

Fixed what now? If there is a problem, somebody would have to report it before I could fix it.

I'm maintaining compatibility because I did it once, and it required no work after that. It would require work to break compatibility, and there would be no real benefit. Saving a couple hundred bytes per HTML page on an image board means pretty much nothing at all compared to the rest of the bandwidth usage.

318 Name: Anonymous : 2007-05-29 09:22 ID:2qGbUEJW [Del]

>>317
There's a typo in one of the CSS rules:

.unkfunc {
background:inert;

It's "inherit" , not inert. Loading a wakababoard on firefox spams 2 lines of "Warning: Expected color but found 'inert'. Error in parsing value for property 'background'. Declaration dropped."
(Two because the typo is in both futaba.css and gurochan.css)
It's annoying when you're trying to debug javascript errors on wakaba, as every page gives those two errors.

Just deleting that line will have no effect on the rendering of the page, since all browsers are just ignoring it.
(I finally managed to get 4chan to fix this same CSS error.)

319 Name: !WAHa.06x36 : 2007-05-29 10:13 ID:Heaven [Del]

Huh, that's a new warning, because I never saw it back when I was doing actual development on that stuff. Also, I think that typo is inherited from Futallaby. That's my excuse, anyway, and also explains why 4chan would have it too.

320 Name: !WAHa.06x36 : 2012-02-05 18:38 ID:B/wgJLf7 [Del]

Thanks to http://wakaba.c3.cx/sup/kareha.pl/1256252904/88, here is a security update for Wakaba:

http://wakaba.c3.cx/releases/wakaba_3.0.9.zip

I also disabled XHTML. Times sure do change, huh.

Hopefully I didn't mess anything up, I don't really have a good test setup at the moment. Report bugs and problems!

321 Name: Anonymous : 2012-02-05 22:15 ID:qHfPzlDY [Del]

>>320
You left out an <html> tag in the templates. Other than that, it looks fine.

Speaking of changing times, have you considered implementing IPv6 support? It's tricky, but ISPs like Comcast have started rolling out IPv6 to residential customers, and lots of webhosts are beginning to support it.

322 Name: Anonymous : 2012-02-05 22:19 ID:qHfPzlDY [Del]

Also, you might want to consider removing the XHTML options entirely — browsers aren't going to render the page correctly if the correct DOCTYPE isn't there.

323 Name: Anonymous : 2012-02-05 22:22 ID:34bG1rD6 [Del]

Its amazing how long it took for someone to find a vulnerability in Wakaba. Was it really that secure?

324 Name: Anonymous : 2012-02-05 22:59 ID:qHfPzlDY [Del]

>>323
Writing secure software in Perl is quite easy, actually. Unlike PHP, there aren't billions of pitfalls which can screw you over (such as using include() to grab HTML pages, a common beginner mistake), and the DBI module makes it easy to use parameterised statements, which practically makes successful SQL injection nearly impossible.

The attitude of the developer also means a lot; compare Waha's response to bugs and vulnerabilities with the Kusaba X developers':

<Taclink> RewriteCond %{REMOTE_ADDR} (77\.247\.181\.163|124\.186\.170\.134|76\.200\.120\.201|173\.254\.192\.38|184\.56\.238\.123|69\.47\.119\.236)$
<Taclink> is the current one
<savetheinternet> shouldn't there be a ^ at the start of that RewriteCond? otherwise, banning 10.0.0.0 would also ban 110.0.0.0 etc
<Sazpaimon> savetheinternet, that's such a small edge case it isnt even worth it

325 Name: !WAHa.06x36 : 2012-02-06 08:50 ID:Heaven [Del]

>>321

Ok, added <html> back, and removed USE_XHTML. I'm too lazy to bump the version again for that though so it's still 3.0.9. It doesn't really matter much with HTML5, anyway.

326 Name: Anonymous : 2012-02-06 09:53 ID:34bG1rD6 [Del]

I never really understood the point of xhtml. Was it useful at some point? All it seemed to do was cause pages to render incorrectly because they didn't like the way a certain tag looked if there was too much white space between two tags.

327 Name: !WAHa.06x36 : 2012-02-06 10:38 ID:Heaven [Del]

>>326

It is a lot more consistent and easier to write a parser for. The parsing rules are simple and you know you'll get the same result in every parser.

HTML5 instead standardized all the weird behaviors of the old regular HTML parsers, which means parsing is still complicated but at least you can know how to do it, and the result is consistent.

328 Name: Anonymous : 2012-02-06 11:04 ID:Heaven [Del]

>>327
Interesting. Well in any case, I'm happier this way. It makes modifying Wakaba SO much easier. I mean, I already got rid of XHTML myself a while back, but changing things to your liking really is a lot easier without it.

329 Name: Anonymous : 2012-02-06 14:18 ID:Heaven [Del]

>>324

>such as using include() to grab HTML pages, a common beginner mistake

What the proper way to do something like this? All I've managed to do was make a whitelist of pages that can be included.

330 Name: Anonymous : 2012-02-06 22:53 ID:Heaven [Del]

>>329
echo file_get_contents($filename);

But this is really off-topic and you're better off seeking PHP help elsewhere.

331 Name: Anonymous : 2012-02-28 02:32 ID:2IBlnUDk [Del]

Okay, so, what the fuck is going on here? My wakaba.pl is highly modified. What was actually changed? Is the patch in the other thread the only changed lines?

332 Name: !WAHa.06x36 : 2012-02-28 04:46 ID:Heaven [Del]

>>331

It's only that, and a few changes to disable XHTML which probably doesn't interest you if you've modified stuff a lot anyway.

333 Name: Anonymous : 2012-02-28 13:25 ID:2IBlnUDk [Del]

After looking over the files, I saw that the changes were very minimal. I already made Wakaba XHTML compliant 5 or so years ago.

334 Name: Anonymous : 2012-03-07 15:57 ID:fJQxQi55 [Del]

http://wakabatest.heliohost.org/wakaba.pl

Bad name after comments' at config_defaults.pl line 15.
Compilation failed in require at wakaba.pl line 17.
BEGIN failed--compilation aborted at wakaba.pl line 17.
how i can fix it?
the "place" is just for test wakaba

335 Name: !WAHa.06x36 : 2012-03-07 16:16 ID:Heaven [Del]

>>334

Don't edit config_defaults.pl.

336 Name: Anonymous : 2012-03-08 14:10 ID:fJQxQi55 [Del]

>>335
but i don't edit config_defaults.pl

337 Name: !WAHa.06x36 : 2012-03-08 15:20 ID:Heaven [Del]

>>336

Most likely either something broke the file, or your perl is broken.

338 Name: Anonymous : 2012-03-10 12:47 ID:fJQxQi55 [Del]

>>337
was an error on the config_defaults.pl
but i have another error
No ADMIN_PASS or NUKE_PASS defined in the configuration at config_defaults.pl line 8.
BEGIN failed--compilation aborted at config_defaults.pl line 125.
Compilation failed in require at wakaba.pl line 17.
BEGIN failed--compilation aborted at wakaba.pl line 17.
i have the config_defaults.pl without any edit

339 Name: Anonymous : 2012-03-11 10:45 ID:Heaven [Del]

>>338
Edit config.pl. It says "config_defaults.pl" there, because that's where the script craps out and dies.

340 Name: Anonymous : 2012-03-15 15:03 ID:fJQxQi55 [Del]

>>339
how i can fix it, erase the "config_defaults.pl"?

341 Name: Anonymous : 2012-03-16 05:36 ID:Heaven [Del]

>>340 Delete the entire directory with the files. Delete your hosting account. Go away.

Fixed!

342 Name: Anonymous : 2012-03-17 20:29 ID:Heaven [Del]

>>341
This. If you can't follow simple instructions, you shouldn't be running a website.

343 Name: Anonymous : 2012-03-21 04:31 ID:2xfKTrKI [Del]

Upped a fresh Wakaba install and managed to make it run. However, visiting it in Firefox generates the error "This XML file does not appear to have any style information associated with it. The document tree is shown below."

Using wakaba 3.0.9

http://psybuster.unixtech.ph/wakaba/wakaba.html

344 Name: !WAHa.06x36 : 2012-03-21 04:34 ID:Heaven [Del]

>>343

Don't set the web server to set the Content-Type to application/xhtml+xml.

345 Name: Anonymous : 2012-03-21 04:36 ID:2xfKTrKI [Del]

>>344
What is the proper Content-Type for it then? text/html?

346 Name: !WAHa.06x36 : 2012-03-21 04:39 ID:Heaven [Del]

>>345

Yes. HTML5 is back to that one.

347 Name: Anonymous : 2012-03-21 04:40 ID:2xfKTrKI [Del]

>>345
Ok fixed it. I was using the example.htaccess file as .htaccess and comment out the rewrite rule.

348 Name: !WAHa.06x36 : 2012-03-21 07:18 ID:Heaven [Del]

>>347

I thought I removed that from the example.htaccess but maybe I forgot.

349 Name: matic : 2012-04-06 02:57 ID:iyCbsBez [Del]

Unarchiver no longer opens the folder after extracting it. Why?

Name: Link:
Leave these fields empty (spam trap):
More options...
Verification: