I thought fusianasan was supposed to be a mod-only function to weed out bad posters. And what would be the difference between revealing the persons's IP and his ISP's domain?

>>99
I didn't mean to include Forcenick in there, sorry.
Adding to that, however, how about forced sage for specificed IPs? It'd make for a great slogan: Remember kids, tripcodes and aging are privileges, not rights!

If you want to have a look at what the code actually does to dig out flaws, here is the current version:

sub sanitize_html($%)
{
	my ($html,%tags)=@_;
	my (@stack,$clean);
	my $entity_re=qr/&(?!\#[0-9]+;|\#x[0-9a-fA-F]+;|amp;)/;

	while($html=~/(?:([^<]+)|<([^<>]*)>?)/g)
	{
		my ($text,$tag)=($1,$2);

		if($text)
		{
			$text=~s/$entity_re/&amp;/g;
			$text=~s/>/&gt;/g;
			$clean.=$text;
		}
		else
		{
			if($tag=~m!^\s*(/?)\s*([a-z0-9_:\-\.]+)(?:\s+(.*?)|)\s*(/?)\s*$!si)
			{
				my ($closing,$name,$args,$implicit)=($1,lc($2),$3,$4);

				if($tags{$name})
				{
					if($closing)
					{
						if(grep { $_ eq $name } @stack)
						{
							my $entry;

							do {
								$entry=pop @stack;
								$clean.="</$entry>";
							} until $entry eq $name;
						}
					}
					else
					{
						my %args;

						$args=~s/\s/ /sg;

						while($args=~/([a-z0-9_:\-\.]+)(?:\s*=\s*(?:'([^']*?)'|"([^"]*?)"|['"]?([^'" ]*))|)/gi)
						{
							my ($arg,$value)=(lc($1),defined($2)?$2:defined($3)?$3:$4);
							$value=$arg unless defined($value);

							my $type=$tags{$name}{args}{$arg};

							if($type)
							{
								my $passes=1;

								if($type=~/url/i) { $passes=0 unless $value=~/(?:^$protocol_re:|^[^:]+$)/ }
								if($type=~/number/i) { $passes=0 unless $value=~/^[0-9]+$/  }

								if($passes)
								{
									$value=~s/$entity_re/&amp;/g;

									if($value=~/"/) { $value="'$value'" }
									else { $value="\"$value\"" }

									$args{$arg}=$value;
								}
							}
						}

						my $cleanargs=join " ",map { "$_=$args{$_}" } keys %args;

						$implicit="/" if($tags{$name}{empty});

						push @stack,$name unless $implicit;

						$clean.="<$name";
						$clean.=" $cleanargs" if $cleanargs;
						$clean.=" $implicit" if $implicit;
						$clean.=">";
					}
				}
			}
		}
	}

	my $entry;
	while($entry=pop @stack) { $clean.="</$entry>" }

	return $clean;
}

the text

c < d

causes a <d> tag to be opened, which is not on the list, and therefore all the text until the next tag will be deleted. a better behavior in this case would be to just convert that < to &lt;. you even ought to do this for

a < b

too, despite the fact that b is a valid tag, because who the hell leaves the closing angle bracket out of their HTML tag?

creating the correct regexes for this is an exercise left to the reader.

I almost forgot this:

For thread-closing, it would be nice if Kareha would post a last post, telling the thread is now over and closed (with some default message that can be customized for each board), akin to the 0ch 1001th post behaviour.

> Also, I'd like to ask exactly how Kareha does automatically generates deletion passwords. I'm guessing it's similar if not identical to how it creates ID session codes with a user's IP.

Actually, no, the Javascript just strings some random numbers and letters together.

> Because it's one of the two requirements for creating a new thread, and it's a lot more important to have a well-defined topic than to fill in your name.

But the body text is even more important, and that goes at the bottom. So I dunno.

>It's more convenient if you want to start a new thread, but for those who don't it's one more form to have to scroll by.

Would it maybe make sense to make a separate thread creation page?

>>89

>But the body text is even more important, and that goes at the bottom. So I dunno.

Yeah, I considered this too. I'm mainly suggesting for the sake of convention.

We definitely don't need a separate page for creating new threads (I get bad memories of Shiichan), mainly because it's inconvenient and requires a whole other page for something that really shouldn't. The fact that it'd be at the bottom of the board page already detracts bad posters with itchy trigger fingers. I think most of us have an "End" key on our keyboards, so we don't really have to scroll all the way down anyway. :) Really, the only issue I have with moving the post box to the bottom is that it ruins my personal visualization of new threads falling on top of the "stack of threads" and replies emerging from below the "stack of replies".

In reference to >>90, there's something I see on every 2ch board that is a lot less prevalent in Western counterparts (barring certain 4-ch boards): a rules/disclaimer block at the top, above the thread-list, with links to a newbie guide, site FAQ, and the like. Yes, it may be an annoyance to veterans, but being at the very top means it's most visible to newbies. That way, we don't get a constant influx of people wondering whether or not they need to fill in the Name and Link fields and what the hell sage and tripcodes are.

PS: I always wanted to say this: The # anchors on the TiddlyWiki automatically scroll me (FF, 1.0.7) just below the actual text box of the entry. Is that a bug, a feature or... ?

I meant Remote host adress instead of IP.

durr hurr

And this:

だってよ。

231 ：ひろゆき ◆3SHRUNYAXA ＠どうやら管理人 ★：04/02/05 14:13 ID:???
ハンマー投げゲーム機能つけてみました。
名前の欄に『murofusianasan』と書き込めば
【６０ｍ】とか【７５ｍ】とか記録が出ます。
数値はランダムで０～１００くらいまでありますよ。。。
お暇なら遊んでください。

fusianasan + sage test

Oh, and "AA mode" should be changed to "Text art mode" so we won't be incessantly quibbling about the difference between ASCII and SJIS art.

>>Well, then you are out of luck, aren't you? So you want to enter your E-Mail but cannot because then the post wouldn't bump then? Solution: Write it in the comment field, problem fixed.

There is no reason to change well-known keywords for this or even turn this into a frustratingly unconvenient tickbox/checkbox.
Having a specific trigger to trigger ID would also work.

>discussion of only one comment box, then you couldn't talk about sage/fusianasan/whatever

You could only trigger the functions in a specific format, say

:link-sage
:name-blah#faggot

lol comment

I do not believe this was an actual request, but it is obviously possible and usable. Another way would be escaping keywords that you want to post.

> partition to kill secure tripcodes

Why? If you are going to get rid of secure tripcodes you should get rid of tripcodes by the same reasons. On another note, why have I seen partition instead of petition multiple times?

>So I misspelled one word once. Sue me!

My point was that it is unnesessarily obtuse, not nit-picking that you misspelled it.

>This is a widely used system. There is a very low learning curve here. sage = does not bump thread when replying, that's all there is to know. People can then figure out why it is useful on their own.

You would think there is a low learning curve, but that is not really the case. For example, on an imageboard, what effect do you have making a sage post (with no real content) with prune oldest and a permasage limit? What about prune oldest with a permasage limit that excludes sage replies?

>trigger replacements

I'm not sure what to replace sage with, if anything. Down certainly doesn't describe it (to me it implies the reverse of age, which is not the case). don't_bump or dont_bump? show_host or show_ip works for fusianasan imo... show_ID to trigger ID?

I don't see what's so bad about >>330. The alternative is to force the table to be full width, which will make it uglier (because in HTML all columns will become wider, including the skinniest ones), and harder to read.

> No need for a database, just a text file. You're right about storing IPs, though, but then how can you implement a banning system? Do you use an encrypted IP like the algorithm to generate ID codes?

Banning is done through Apache, which really makes more sense than doing it in the script. I don't want to re-invent the wheel for that.

> I mean that (for example) if I wanted to replace the permasaging function under the MAX_POSTS condition (permasage after X posts) with the thread-closing function (close after X posts), all it would require is a simple replacement of the proper function references in post_stuff(), correct?

No, they're done at different different places, because they are essentially different functions. The permasage behaviour doesn't actually permasage a thread, it only refrains from bumping it. There's no permsage flag added to the thread. The closing, on the other hand, does add a flag to the thread.

> Making "More options..." an option in the configs.
> Seems sensible, when you already have the ability to turn off WakabaMark as a board admin.

No. And I actually removed the DISABLE_WAKABAMARK option since it's no longer really needed. The replacement will be an option to select the default markup for a board, which makes much more sense overall.

Please put alt tags in image refs, kthnx.

Currently, pruning by age is measured from the time of the newest post in the thread, so it wouldn't really work. I'm not sure if this is the best behaviour or not, but it seems it makes more sense to kill threads nobody cares about than to kill slow-moving threads just because they get old.

>>336
IMO minimalist web applications like Kareha should only focus on core content/functionality and leave the inconsequential presentation options up to browser extensions so that each user can tweak them to his whim. That's why I was pushing to offload the CSS selector to an extension.

>>337
Here's a better example, I think. Even if we can't remove the excessive side borders, is there a way to at least have rounded corners?

On formatting options: I think >>338 fails to understand that leaving the formatting options up to each individual user is a good thing by all means. Besides, they are absolutely necessary to the interface and core functionality, just like the Name and URL fields are. Preview functionality, on the other hand, should be implemented in an extension.

I think the issue that people have with the formatting options is that we don't have a Japanese counterpart to blindly model it after. Since we're going at this on our own, nobody is quite sure how it should be done. I'd like to see how it turns out on mode_image (if you feel the need to include it at all). :)

> Is it intentional that thread links without a trailing slash

Uh, I was wondering the same thing. I'm not sure. I guess I should fix that.

> More information on the all threads page [...] file size?

If (optional) closing on filesize should be implemented, this would probably be a good idea.

> More information on the all threads page, date of the last post? file size?

That might be somewhat useful, I suppose. I'll have a look at it.

> A quote button that puts >>n and puts the post prefixed by > in the reply box

There's already a way to put in >>n. However, quoting an entire post is seldom something you want to do anyway, so I don't think that's worth cluttering up the page with a million buttons for.

> Different secret strings for different functions (e.g. one for ID generation and one for secure tripcodes)

Most admins probably don't get point of the secret string anyway, and asking them to put in several is just too annoying. In retrospect, I'd like to add a second layer of hashing to these, but that'd mean breaking secure trips AGAIN.

> A trigger for turning wakabamark off and one for forcing a monospace font

I've been trying to work out a more elegant solution for this.

> Would it maybe make sense to make a separate thread creation page?

Considering that the ratio of users who start new threads to those who don't is pretty small on most message boards, I think it does.
A seperate page could also be used to put a more visible disclaimer/set of rules, as a seperate page with a different layout is likely to generate more attention from the user. Stuff that can be put there also wouldn't clutter up the frontpage.
I don't think this is an urgent matter, though.

> 3) A specific string for ID:Heaven instead of anything in the email field

Isn't that already an option in the config?

> 5) Seperation of sage et al from the email field to something else...

Strong oppose! I am of the (strong! lol) opinion that the current situation is the one working the best and also that it is widely accepted on almost all similiar board scripts (save for Shiichan and one obscure Japanese discussion board script that I once stumbled upon).

Previous discussion of this can be found here:
http://wakaba.c3.cx/sup/kareha.pl/1102984488/

> but I don't quite see why there should be a "First 100" at the top but not at the bottom.

Probably to avoid clutter and because of the assumption that if you arrive at the bottom of a page, you can do without the "First 100" link. "First 100" seems to be a navigational aid for beginners who are new to the thread, so it makes sense to only have it at the top.

I want a 1001th post! :(

>>10
Exactly, but considering a lot of people can't make heads from tails in config.pl, how about a saner default?

>>11
That's true, but if least-popular threads are set to be deleted, instead of oldest-first, you don't have to guess.

Too late! Already released!

Okay then, for starters, how about the closing message to exactly look like a post (although it's sad it won't be accesable with >>1001)?

>>327-328
All of this would be better handled by an external application. I think you are putting way too much work into user gimmicks as it is.

More options means putting more buttons, links, etc. into the interface. I am still bothered by the "More options...", but I am just a text purist (doing my fair share of AA, though) anyway, so meh meh... ( ´･ω･｀)

Hmm, looks like my ISP fails at keeping my IP secret.

No, but that's not the point.