The Legendary Next Update (365)

34 Name: Anonymous 2005-10-14 12:36 ID:hjzD4Li4 [Del]

Tell me more about these pre-compiled binaries. I thought that was impractical...I mean, instruction set differences and so on.

240 Name: 214 2005-10-22 09:22 ID:Heaven [Del]

Let's get to 1000 by "I want a pretty pony" only! ヽ(´ー`)ノ

315 Name: anon!21anon4H3U : 2005-10-24 20:46 ID:Heaven [Del]

>>313 Like lots of people use them anyway </sarcasm>. Yes, security is a good idea. What are the holes, anyway?

230 Name: Anonymous 2005-10-21 18:43 ID:Heaven [Del]

I think it'd be a better idea to have some kind of load-balancing/distributed server cluster approach, like what dmpk2k was working on for Wakaba.

242 Name:   2005-10-22 10:53 ID:Heaven [Del]

Here's a fun little game for you all!

I'm looking into adding support for using HTML markup in addition to WakabaMark, but since most boards use XHTML, I can't just let through any old HTML, and most people can't write well-formed XHTML. Also, I don't want any cross-site scripting going on. So I've tried to write a piece of code that takes any horribly written piece of HTML, sanitizes it by removing all tags and attributes that are not an approved list, checks the attribute values, and turns it into well-formed XML.

Now I'd like to see if anyone can break this. The objective is to get some Javascript onto the page, or making the page break in Firefox (or any other browser that parses XML strictly), or otherwise causing trouble. Have at it!

http://wakaba.c3.cx/test/sanitize.pl

354 Name: !WAHa.06x36 : 2005-10-28 18:01 ID:Heaven [Del]

Gah, I am totally confused about what to do about the admin interface. Separate script? Built-in? Javascript? How do I display the data? I have no idea!

294 Name: !WAHa.06x36 : 2005-10-23 20:38 ID:Heaven [Del]

> I don't see a big fat ugly WakabaMark FAQ next to the post form either.

You don't see the link to the WakabaMark page either?

> I am just guessing here, but I am pretty sure most people will only change their settings in very rare cases.

I just added the Text Art mode so that people could post AA on any board and have it work right, but the only way for that to work is if you can quickly change modes between posts.

Look, it's getting just a tiny bit annoying with the complaining. I've been putting a huge amount of effort into making this work well both for those who want markup and those who don't. If you don't like it, you turn it off and don't need to bother with it again. There's just a tiny little link there to let people do this. Is this really a such a huge bother to deal with? It's *two words*.

237 Name: Anonymous 2005-10-21 22:39 ID:Heaven [Del]

>>236
I mean, thread titles in <h2> and post headers in <h3>.

75 Name: 74 2005-10-17 08:41 ID:Heaven [Del]

> 2channel does not do this either by default. It can make browsing a bit more convenient (and I suspect dedicated 2channel browsers to insert & read these in some kind of standardized way) but I don't think that's reason enough to impose it on users by default.

whoops, I misread "postcount" as "posticon". Nevermind!

45 Name: Anonymous 2005-10-14 19:39 ID:1l2MEdqn [Del]

>>41

>database redesign

You mean requiring SQL software, or just making backwards-incompatible changes that would screw up old threads?

>prevent abuse

Are you only referring to flooding and spamming, or also trolls and flamewars?

Finally, out of curiosity: how much of the functionality in the .js file do you think could be properly implemented into a new or existing perl script?

220 Name:   2005-10-21 15:45 ID:Heaven [Del]

Kareha can't use different layouts for posts on different pages, except by CSS trickery. I could add the second colon, though.

Also, I've implemented optional thread closing now, but there's no extra post. That would just be a total mess to implement, and would make re-opening threads annoying, if such a feature was requested. It replaces the posting form with a notice that the thread has been closed, instead.

213 Name:   2005-10-21 14:44 ID:Heaven [Del]

> More information on the all threads page, date of the last post? file size?

That might be somewhat useful, I suppose. I'll have a look at it.

> A quote button that puts >>n and puts the post prefixed by > in the reply box

There's already a way to put in >>n. However, quoting an entire post is seldom something you want to do anyway, so I don't think that's worth cluttering up the page with a million buttons for.

> Different secret strings for different functions (e.g. one for ID generation and one for secure tripcodes)

Most admins probably don't get point of the secret string anyway, and asking them to put in several is just too annoying. In retrospect, I'd like to add a second layer of hashing to these, but that'd mean breaking secure trips AGAIN.

> A trigger for turning wakabamark off and one for forcing a monospace font

I've been trying to work out a more elegant solution for this.

62 Name: test 2005-10-17 04:43 ID:Heaven [Del]

Please put alt tags in image refs, kthnx.

247 Name: Anonymous 2005-10-22 12:15 ID:Heaven [Del]

Why would there be any use in writing actual HTML in posts? Seems to me like it's just inviting abuse.

225 Name: 214 2005-10-21 17:05 ID:Heaven [Del]

Okay then, for starters, how about the closing message to exactly look like a post (although it's sad it won't be accesable with >>1001)?

356 Name: !WAHa.06x36 : 2005-10-28 20:05 ID:Heaven [Del]

I'm not sure I want to make a ban system. I'd rather just make it easy to interface with a simple banning script that does whatever's needed for the server it's running on.

222 Name: Anonymous 2005-10-21 16:19 ID:Heaven [Del]

>>220
I meant only using the extra post for autoclose situations where the thread has exceeded the defined postcount limit in config.pl. As for the implementation, couldn't you just have Kareha use post_stuff() and (somehow) replace the timestamp with "Over XXXX Thread"?

5 Name: Anonymous 2005-10-12 17:15 ID:Heaven [Del]

Additionally, I'd like WakabaMark to be fixed somehow.
I don't know how, though. You know my resentments.

Finally, thanks for your fine work throughout all this time.
It is appreciated!

231 Name: Anonymous 2005-10-21 21:04 ID:Heaven [Del]

How about adding a link to 2ch in footer.html called "2ch mode"?

256 Name: Anonymous 2005-10-22 13:23 ID:Heaven [Del]

>>255
By replacing it with AN EVEN DUMBER PUN!

136 Name: Anonymous 2005-10-18 18:52 ID:Heaven [Del]

Hey, I just noticed this: where did the admin link go? Or are you working on a separate interface already? :D

213 Name:   2005-10-21 14:44 ID:Heaven [Del]

> More information on the all threads page, date of the last post? file size?

That might be somewhat useful, I suppose. I'll have a look at it.

> A quote button that puts >>n and puts the post prefixed by > in the reply box

There's already a way to put in >>n. However, quoting an entire post is seldom something you want to do anyway, so I don't think that's worth cluttering up the page with a million buttons for.

> Different secret strings for different functions (e.g. one for ID generation and one for secure tripcodes)

Most admins probably don't get point of the secret string anyway, and asking them to put in several is just too annoying. In retrospect, I'd like to add a second layer of hashing to these, but that'd mean breaking secure trips AGAIN.

> A trigger for turning wakabamark off and one for forcing a monospace font

I've been trying to work out a more elegant solution for this.

15 Name: Anonymous 2005-10-13 06:01 ID:Heaven [Del]

> Pruning set to furthest-back instead of oldest.

I don't like this one. You just have to continually age a topic (until it hits the permasage treshold) in order for it so survive a long time. Normal users might have good reason to ignore simply it, though...

> Size limit instead of post number limit, maybe?

Sounds good.

> I was thinking of setting the default behaviour to never permasage or close threads.

I guess I don't have a strong opinion on this one. As long as the values will be customizable, I don't really care, I suppose.
Also: I just noticed that "¦" in tripcodes will work correctly but turn into "�U" through the cookie on /soc/ but not on the sandbox.

362 Post deleted by moderator.

18 Name: !WAHa.06x36 2005-10-13 10:11 ID:gBva8ggI [Del]

>>16

What browser are you using? I think I've tracked down the problem, and it's most likely a browser bug. The ancient Firebird (not fox, even) version I tested at work had the same bug (character set issues in the escape() and unescape() functions). It looks like your browser also doesn't follow the spec for how they are supposed to work.

19 Name: Anonymous 2005-10-13 11:43 ID:Heaven [Del]

>>18
Firefox 1.0.7, WindowsXP Pro.

238 Name: Anonymous 2005-10-21 23:15 ID:0dCD+kFU [Del]

>Most admins probably don't get point of the secret string anyway, and asking them to put in several is just too annoying. In retrospect, I'd like to add a second layer of hashing to these, but that'd mean breaking secure trips AGAIN.

You could take the route that MrVB (I think?) did and generate the strings on first run? openssl, /dev/random, perl's random as last resort. In almost every case you are going to get a better random string than most people will supply, and if they want to change it they can. Or only have them generated if they are not supplied.

Honestly, when people care so much about anonymity they can put up with the changes required to ensure it.

285 Name: !WAHa.06x36 : 2005-10-23 18:38 ID:Heaven [Del]

>>284

HTML mode handles >> references, but not URLs because I've been too lazy to figure out a regexp that would handle that correctly. Also, yes, newlines are converted to <br /> intentionally. This matches how most sites that accept HTML markup work.

149 Name: Anonymous 2005-10-19 08:31 ID:Heaven [Del]

> 3) A specific string for ID:Heaven instead of anything in the email field

Isn't that already an option in the config?

> 5) Seperation of sage et al from the email field to something else...

Strong oppose! I am of the (strong! lol) opinion that the current situation is the one working the best and also that it is widely accepted on almost all similiar board scripts (save for Shiichan and one obscure Japanese discussion board script that I once stumbled upon).

Previous discussion of this can be found here:
http://wakaba.c3.cx/sup/kareha.pl/1102984488/

103 Name: Anonymous 2005-10-17 15:05 ID:Heaven [Del]

>>101
If that is legit, then fusianasan needs to display IPs just like tripcodes: not bold/strong.

This thread has been closed. You cannot post in this thread any longer.