This thread is for all your simple questions about installing and running Wakaba or Kareha, that just require quick answers. Please don't create new threads for issues like that, post them in here instead.

Before posting, check that the question has not already been answered in this thread, or in the previous thread: http://wakaba.c3.cx/sup/kareha.pl/1141929669/

Questions about "500 Internal Server Errors" go in this thread: http://wakaba.c3.cx/sup/kareha.pl/1109033191/

No ADMIN_PASS or NUKE_PASS defined in the configuration at config_defaults.pl line 8.
BEGIN failed--compilation aborted at config_defaults.pl line 126.
Compilation failed in require at wakaba.pl line 17.
BEGIN failed--compilation aborted at wakaba.pl line 17.

I am getting that page when I attempt to install Wakaba. Can someone help me out?

The config_defaults.pl file says when the message No ADMIN_PASS or NUKE_PASS defined in the configuration appears, it means the config.pl file is incomplete. I checked over the config.pl file and everything was completed.

>>451
http://wakaba.c3.cx/sup/kareha.pl/1141929669/n213-216
http://wakaba.c3.cx/sup/kareha.pl/1141929669/n529-530
http://wakaba.c3.cx/sup/kareha.pl/1109033191/n138-139

>>450

Wakaba installs are completely independent, and handle one single board each. Anything beyond that is up to you to arrange however you want it.

>>453
Thanks a lot, it worked.

Does anyone know how to get rid of the captcha? I tried editing something and it gave me some error lol.

>>456
Yes, you set ENABLE_CAPTCHA to 0. It really isn't that hard to figure out if you actually read the file and use your head. Seriously, are we supposed to handhold you through your entire installation and configuration?

>>457
Yes.

I've been trying to figure it out, but I do believe this is beyond my skills.

As you can see, the top is Firefox and below is Opera. The "choose" or "browse" button does not look the way it's supposed as per CSS. Is this a matter that can be remedied or is that just a browser issue that I cannot help?

I've got a problem with Kareha. I cannot use the delete file function. It just does not work. I want to delete an image without deleting a person's post but nothing happens, the picture is still there. I've tried all the browsers, that doesn't seem to be the problem. It doesn't even give me any errors, I click on 'delete file' and it does something and then it reloads the admin page but the image I wanted to delete is still there...

>>460
Oh, also I am using kareha MESSAGE board with image uploads enabled.

>>459
For the most part, you cannot edit file input via css.

Am I a dumbass or is there no way to sticky or lock threads under Wakaba? I don't see any such option in the management panel.

>>459
that's a browser issue.

>>463
why would you want to do that?

>>464
Was going to make a rules sticky, because most people are dumb and don't actually read the rules.

I have a problem with encoding in Wakaba. My .htacess file is configured for using utf-8, the same about global encoding settings of Wakaba and DB encodings. I only use cp1251 in my strings file with "use encoding 'cp1251'" and "no encoding" uncommented.
That all works fine, but anything added into database turns into crappy junk. I'm lame so I have no clue of where the error could be.
P.S. sorry for my bad English.

>>466
Well that's why. Stop using cp1251.

>>467
Thanks, Anon. I've converted strings file into utf-8 and now it seems to work perfectly.
Also, happy New Year everyone!

>>465
you really think people who don't read the rules are going to read them if you move the rules section down the page a little bit?

>>469
Good point.

This is a suggestion regarding security. I assume this is the correct place to post it; otherwise, I can start a new topic.

Please implement proper file content filtering in Wakaba/Kareha. As of right now, Wakaba filters out forbidden file types through an array of forbidden extensions, but this is not necessarily sufficient. For example, a PHP file may be uploaded with extension ".php.7z." If a board allows the 7z extension and if the file is not renamed (as is default in the case of Wakaba), an Apache server may in fact still execute it, resulting in the execution of malicious code. This has actually caused a significant disturbance in a site with which I help out. A simple two-line patch that relies on the UNIX file() utility has been written to address this for the moment.

>>472
the default is to not allow any files except jpg, png, or gif images (and rename them). it's possible to make it insecure by configuring it improperly, but it's certainly not the default.

Like >>473 says.

Also, I'm really tempted to say that that is in fact a PHP bug, and until they fix it you're better off disabling PHP on your server.

>>475
Even if it isn't a bug, it's probably caused by shitty/careless PHP coding.

>>472 also, remove the +x from your uploads folder.

>>473

When I say default, I mean Wakaba's behavior when enabling non-prohibited filetypes in config.pl, such as MP3s. I'm pretty sure Wakaba is set up not to rename those after uncommenting the respective lines.

>>476

I am told by the server admin that it is actually a bug with the latest Apache (or perhaps mod_php), possibly affecting only Gentoo. I could not find a citation (beyond this anecdote) to support the claim, but this is seems to be a known issue. It does turn out that if ".php" is found anywhere in the filename, it is still executed by Apache. A PHP file can then be disguised as a 7zip file or MP3 file (e.g., nasty_hax.php.mp3), and be uploaded. If the extension is uncommented config.pl, it gets uploaded. If the server (or PHP interpreter) suffers from the issue, the attacker executes the malicious code and has fun. I have neither tested nor asked about this for other script types. Indeed, renaming files would technically render this exploit moot, but by default Wakaba does not do this with non-pictures. There are Wakaba boards out there that support non-picture uploading, and I have seen only one (Pooshlmer) that renames files.

>>477

Indeed, that is a wise suggestion. In fact, I've just chmod-ed the src/ directories myself.

...and then the pictures could not be accessed by anyone. I set permissions to 644, but no one could see the pictures unless the execute bits were set. I'll have to ask the admin about it myself, unless someone here has an idea.

At any rate, I just thought I'd share the (admittedly nontrivial) suggestion and post about this potential exploit for other people. It completely blindsided us. Having a layer of security at the board software level in case of a future server exploit sounds like the best solution, though I understand leaving it in the hands of the administration rather than adding feature bloat.

Kudos for the script.

it is a mod_mime "feature"

http://shsc.info/FileUploadSecurity

Well, the core issue is that PHP is broken and will execute files without the +x bit set. This is horribly insecure, and should never have been implemented, but apparently now we're stuck with it.

The best solution is to completely disable PHP. If you have to use it, enable it only for folders known to be safe from uploads and disable it everywhere else.

To add extra protection in Wakaba for it, though, rather than mess with file, it'd be far easier to just dump all files whose filename matches /\.php/. This issue shouldn't affect any CGI languages, since those won't run without +x.

>>480

Thank you! That explains loads.

>>481

I personally am not a fan of PHP, myself, but I think the admin wants to run some PHP scripts. Simply using the regular expression on the filename was indeed the first idea that came to mind.

I've got a problem somehow related to encoding.
I successfully installed Kareha, but every time I try to make a post I get a white screen with text saying "Software error: Unknown encoding 'utf-8' at wakautils.pl line 613". It doesn't abort the posting though (my messages still appear despite the error), but the flashing is no good.
I didn't do any changes to wakautils.pl since the very install. What could be that?

>>484
what version of perl are you using?

>>485
Nevermind, it's alright now... I really forgot to update my perl.

http://wakaba.c3.cx/sup/kareha.pl/1130723862/318

I noticed this issue was never addressed. The CSS typo is still included in the current version of Kareha. I don't know if you forgot about it or if it's intentional...

Hello, is there any built in way or any code snippets you guys have that would allow my to set an image limit on a threads (like a single on) I could probably manage this myself eventually, but I was wondering if it was done already.

>>488
RTFM, it's in the config.

I have a problem with kareha, I cannot set a maximum image limit per thread.

I thought IMAGE_REPLIES_PER_THREAD actually meant IMAGE REPLIES PER THREAD! Apparently it doesn't do anything. I am still able to post image replies way beyond the limit. Is there any way to control this problem?

I think it makes the thread stop bumping when you pass the limit.

Why on earth would you want to limit the number of image replies anyway? That's just annoying, and adds no value to anyone.

>>491
It allows me to control the amount of images uploaded so that I don't go over a certain limit. I'm running a small board with limited bandwith and space.

I want to be able to control the space in terms of number of threads. There's no shame in that. Why are you trying to control my methods so much by just waving it off as "I don't like it, therefore, it is bad." ?

>>492
There is a configuration option for limiting the threads by filesize, you know.

>>492

Like the guy says, there's an option already for setting the maximum disk space usage across the entire board. That's what you want to use, not some weird and ineffective limiting of posts per thread.

>>479
Wakaba starts off by renaming files uploaded with those filetypes, but restores the name afterward. If you want to use the generated names on files, search wakaba.pl for "externally defined filetype - restore the name" and commment out that entire if block. I'd give the line numbers, but I've done a bunch of other custom stuff in mine, so they won't be accurate.

>>495
Should be around line 1075-ish.

OK, so I just closed a thread in Kareha, and I ended up getting this error when I tried to reopen it. Is this normal? By the way, I'm using image mode, on a Linux server.

>>497 did the thread reopen? That's sometimes an artifact of a page that didn't load completely.

>>498
No, the page didn't reopen. Not even when I refreshed it.

Hey I've got a bit of a problem. I've got Kareha pretty much set up but I'd like my .htacess to default to a different page.

Googling gets me the syntax for that (DirectoryIndex etc.) but I don't understand the included example.htaccess file and the directions to change the RewriteRule stuff. Maybe this is more of a general IT question but what am i missing?

http://httpd.apache.org/docs/2.2/mod/mod_dir.html

• > A file written by the user, typically called index.html. The DirectoryIndex directive sets the name of this file. This is controlled by mod_dir.

(In case you simply stopped reading the example.htaccess after the very first line, the mod_rewrite directives at the bottom are purely optional, and have nothing to do with the index page. They only are there to provide better hints to web browsers about the document character set.)

Don't touch config_defaults.pl, ever. That's just where the error was triggered. Your problem is still in config.pl, and you've either removed, commented, or renamed ADMIN_PASS or NUKE_PASS.

Not sure about your verification code error, but to change the title (or anything else), just edit config.pl and let wakaba.pl regenerate your html.

And, yes, wakaba.pl has a purpose; it's what your site runs on...

Can you use the same mysql database for multiple boards? If not, how do you use the same admin table for every board to make global ip bans?

>>502-503,505-506,508
what

>>509
Yes.

Another question:

When you run wakaba.pl, wakaba.html is created. But I'm wondering if there's a way to edit something so when the html file is created, it's named something like board.html, or imageboard.html.

>>512
http://www.google.com/codesearch/p#ug-nylQR254/wakaba/config.pl&l=127

>>513
Doesn't work, I changed that and it had no affect. Edited the field in config.pl, deleted wakaba.html and re-ran wakaba.pl but it still creates wakaba.html.

>>512
Did you try uncommenting it?

is there any way i can disable the ability to post images?

>>516
Yes, it's very plainly in the configuration. Look for the word "image".

ok i thought so i just haven't gotten the script yet and it didn't say anything about like if you put it to 1 or 0 so i was just making sure. thanks though

is there any way to have multiple boards?

>>519
Multiple wakaba installations.

im talking about kareha and i mean have things like /board 1/ /board 2/ like different sections where multiple threats and posts can be made sorta like kasuba

i asked people on 4chan and they said i could make a portalish type thing and run multiple karehas off the main page, this is i guess what i want to do, any advice on how to go about doing this?

>>523
Multiple kareha installations.

This really isn't that hard.

I've been running my Kareha imageboard for about a month now, and I've been looking to add new CSS. However, I tried just making a new .css file and putting it in the /css folder, and it doesn't work... How do I add new CSS styles to Kareha in image mode?

>>526

Did you rebuild caches?

>>527
Ah, forgot to do that. Thanks for your help!

http://rokuchan.org/wakaba/wakaba.pl does any one know what the problem is and how to fix it

Software error:

Bad name after comments' at config_defaults.pl line 15.
Compilation failed in require at /home98c/sub009/sc61836-VWOA/rokuchan.org/wakaba/wakaba.pl line 17.
BEGIN failed--compilation aborted at /home98c/sub009/sc61836-VWOA/rokuchan.org/wakaba/wakaba.pl line 17.

>>529
Help please

>>529

We aren't psychic, we can't tell what you put in that file that broke it.

Can anyone help me, please? I usually got "Error: No verification code on record - it probably timed out." when trying to post in my oekaki board. I fixed it for posts on main page as this guy said http://wakaba.c3.cx/sup/kareha.pl/1168935423/7 but I still can not fix it for replies.

is there some who can help me please I'm using Futallaby right now and I hate it
I'm >529

>>531
well here is the file I put * over the some stuff like the pw user name and other stuff
here is the txt file
http://rapidshare.com/files/209442147/wkbrokuchan.txt.html

>>534
If you'd just uploaded that file to this board, or used a pastebin, I might have had a shred of care to look at it.

there

>>537-538
I daresay you're editing the wrong file. Start over, and pay closer attention, you should not be touching config_defaults.pl at all.

Whew. This thread is quite the read.
I'm having an issue where I delete wakaba.html and run (access via browser) wakaba.pl. I am then redirected to wakaba.html, which does not exist. It is not built/rebuild when I access wakaba.pl. Clearing cache results in the same 404. Suggestions?

>>540

What if you go to admin.pl?task=admin and rebuild it?

>>541 admin.pl isn't in the zip file I downloaded. I can still rebuild from wakaba.pl using wakaba.pl?task=admin (or something close), but the problem persists.

Something interesting I noticed. If I use permissions 755 for folders (res, in particular), line 378 (inside print_page) goes crazy and throws errors saying a temp file can't be created. It works only if I chmod res to 777.

So with chmod 777 to res, I get wakaba.html not found.
With chmod 755 to res, I get Error: Can not write to directory.

>>541 Issue resolved:
Had to mod /var/www to 777. Icky solution, but maybe my live environment will be better configured than my bevelopment environment. Thank you for your help.

I'm wondering why Wakaba doesn't automatically truncate threads beyond a certain point, if it does,, there do I find this option
thanks

I have a quick question, does posting (running kareha.pl) cause that script to rebuild all the pages?

>>544

Truncate how?

>>545

Only if index.html does not exist. Also, do not run it from a command line, that will create broken pages.

Hi, I love your scripts ;)
truncate as in, now I have 31 pages of threads after I was testing it..
and I want it to only show say 150 threads at any one time ;)
using Wakaba

Anyway, just wondering if you're going to release your notes.pl script, thanks!

oops, I found the notes.pl script :)
I thought it was just in indefinite testing, sorry

thanks

How do you get rid of the bee? I cant seem to find it in any of the .pl files. Is there something i comment out to stop embedding of files?

> How do you get rid of the bee? I cant seem to find it in any of the .pl files.

remove it from include/rules.html. it's not part of kareha.
people who have the admin password for your board keep adding it through the admin interface.

> Is there something i comment out to stop embedding of files?

yes. fix your php script so people can't inject perl code (so they can't just get the password again), and then change the admin password for your board.