> You mean requiring SQL software, or just making backwards-incompatible changes that would screw up old threads?

I mean, needing to alter the table that is already in the database. I don't want to try to do that any more than I have to, as it's pretty hard to get right in a database-independent manner.

> Are you only referring to flooding and spamming, or also trolls and flamewars?

Yes, only flooding and spamming. Trolling and flamewars are not a problem one should use banning to try and solve.

> Finally, out of curiosity: how much of the functionality in the .js file do you think could be properly implemented into a new or existing perl script?

Well, if you serve up dynamic pages, you can do the form-filling on the server, but that's about it. The rest is dynamic stuff.

> More information on the all threads page, date of the last post? file size?

That might be somewhat useful, I suppose. I'll have a look at it.

> A quote button that puts >>n and puts the post prefixed by > in the reply box

There's already a way to put in >>n. However, quoting an entire post is seldom something you want to do anyway, so I don't think that's worth cluttering up the page with a million buttons for.

> Different secret strings for different functions (e.g. one for ID generation and one for secure tripcodes)

Most admins probably don't get point of the secret string anyway, and asking them to put in several is just too annoying. In retrospect, I'd like to add a second layer of hashing to these, but that'd mean breaking secure trips AGAIN.

> A trigger for turning wakabamark off and one for forcing a monospace font

I've been trying to work out a more elegant solution for this.

Uh, kind of a bug. I really should fix it, but, lazy.

sup

Oh yeah, regarding the CSS selector: HTML dropdowns aren't styleable, and will look like shit. I'll look into using some other trickery for that, though.

If you want to have a look at what the code actually does to dig out flaws, here is the current version:

sub sanitize_html($%)
{
	my ($html,%tags)=@_;
	my (@stack,$clean);
	my $entity_re=qr/&(?!\#[0-9]+;|\#x[0-9a-fA-F]+;|amp;)/;

	while($html=~/(?:([^<]+)|<([^<>]*)>?)/g)
	{
		my ($text,$tag)=($1,$2);

		if($text)
		{
			$text=~s/$entity_re/&amp;/g;
			$text=~s/>/&gt;/g;
			$clean.=$text;
		}
		else
		{
			if($tag=~m!^\s*(/?)\s*([a-z0-9_:\-\.]+)(?:\s+(.*?)|)\s*(/?)\s*$!si)
			{
				my ($closing,$name,$args,$implicit)=($1,lc($2),$3,$4);

				if($tags{$name})
				{
					if($closing)
					{
						if(grep { $_ eq $name } @stack)
						{
							my $entry;

							do {
								$entry=pop @stack;
								$clean.="</$entry>";
							} until $entry eq $name;
						}
					}
					else
					{
						my %args;

						$args=~s/\s/ /sg;

						while($args=~/([a-z0-9_:\-\.]+)(?:\s*=\s*(?:'([^']*?)'|"([^"]*?)"|['"]?([^'" ]*))|)/gi)
						{
							my ($arg,$value)=(lc($1),defined($2)?$2:defined($3)?$3:$4);
							$value=$arg unless defined($value);

							my $type=$tags{$name}{args}{$arg};

							if($type)
							{
								my $passes=1;

								if($type=~/url/i) { $passes=0 unless $value=~/(?:^$protocol_re:|^[^:]+$)/ }
								if($type=~/number/i) { $passes=0 unless $value=~/^[0-9]+$/  }

								if($passes)
								{
									$value=~s/$entity_re/&amp;/g;

									if($value=~/"/) { $value="'$value'" }
									else { $value="\"$value\"" }

									$args{$arg}=$value;
								}
							}
						}

						my $cleanargs=join " ",map { "$_=$args{$_}" } keys %args;

						$implicit="/" if($tags{$name}{empty});

						push @stack,$name unless $implicit;

						$clean.="<$name";
						$clean.=" $cleanargs" if $cleanargs;
						$clean.=" $implicit" if $implicit;
						$clean.=">";
					}
				}
			}
		}
	}

	my $entry;
	while($entry=pop @stack) { $clean.="</$entry>" }

	return $clean;
}

And this:

だってよ。

231 ：ひろゆき ◆3SHRUNYAXA ＠どうやら管理人 ★：04/02/05 14:13 ID:???
ハンマー投げゲーム機能つけてみました。
名前の欄に『murofusianasan』と書き込めば
【６０ｍ】とか【７５ｍ】とか記録が出ます。
数値はランダムで０～１００くらいまでありますよ。。。
お暇なら遊んでください。

>>251

Again, the list of tags allowed on that page don't correspond to what would be allowed in Kareha. Of course <img> tags wouldn't be allowed, for instance. This is just for testing the actual cleanup engine.

So, I made the All threads page a lot fancier. Might need some shift-reloading to get the proper CSS.

Is this about done, besides the admin bit? I'm getting a bit tired and distractions are looming to the left and right.

You can't document easter eggs! That's crazy talk!

Also, I find it insanely more annoying to write text in five-line tunnel vision than whatever annoyance might be caused by a comment box that expands.

I'll sign that partition for a separate admin script and XHTML interface (one that includes the banning, board nuking, and spamlist-changing functions in Wakaba).

How about adding flexibility to the DELETE_FIRST option in config.pl, using booleans to define when to keep or remove a thread (including AND/OR/NOT arguments)?

Also, options for both automated permasaging and pruning by postcount, creation date/time, and board position (all configurable in config.pl of course).

Some other layout points:

• The Title field should go above the Name and Link fields in 2ch mode.

• 2ch's "new thread" post box is at the bottom of the main page. From every practical standpoint, the current solution in Kareha is a lot more convenient, but you may want to go over that just in case.

• Futaba now uses "..." instead of ">>>" to prefix repy blocks.

I meant Remote host adress instead of IP.

durr hurr

Whoops, sorry. I read "close" instead of "permasage".
Permasage on filesize seems pretty silly, yes.

The test thread seems to be broken too.

I've been meaning to change some of the defaults away from Futaba-style to saner behaviours. Any suggestions for what to change are welcome. So far:

• Pruning set to furthest-back instead of oldest.
• Size limit instead of post number limit, maybe?
• I'll add thread closing to Kareha, but I was thinking of setting the default behaviour to never permasage or close threads.

Should be fixed now.

The problem reported in >>143 is still present.

>>46
Well, I haven't checked to see exactly where the ban functionality exists in Kareha, but my idea is something along the lines of: (1) encrypting the offender's IP, (2) writing it to a bans.txt list, and (3) writing a parameter next to the IP specifying the time when the ban should be lifted. Of course, you also need underlying code to check bans.txt every time a user tries to post or reply, and also to remove a ban entry at its specified time.

"page top" is better imho

> Would it maybe make sense to make a separate thread creation page?

Considering that the ratio of users who start new threads to those who don't is pretty small on most message boards, I think it does.
A seperate page could also be used to put a more visible disclaimer/set of rules, as a seperate page with a different layout is likely to generate more attention from the user. Stuff that can be put there also wouldn't clutter up the frontpage.
I don't think this is an urgent matter, though.

>>275
Heh, I thought you had disabled it manually.

>The File field is almost never there.

Right, and when it isn't, the Formatting menu can still reside on the same line.

The error page in mode_message should more closely resemble that of 0ch (complete with "ERROR!" title).

(Lots of stuff in here, click "whole post"!)

> How about listing what dmpk2k or you have done already?

Truth be told, I haven't even looked over his contributions yet. I'm doing some work on Kareha first. He did bandwidth load balancing for Wakaba across several servers, and image file archiving, at least. Plus some proxy checking and other goodies.

> Split threads and posts into separate tables. You're repeating the lasthit and parent column over and over.

Bad idea. Adds a lot of code complexity without adding any new functionality. The current solution is simple and robust.

> Automatic closing and moving of threads that do not get any activity in a certain timeframe (based on average activity frequency of the board)

This is nearly impossible to get right, and I don't think I'm going to try unless someone can think up a reliable algorithm that uses the data that is availble (not much).

> Reintroduction of "Marked for deletion (old)" (it's just handy to have that)

I tried several times, and concluded it wasn't worth the code and database overhead it would take. This feature is relatively easy to implement for Futaba-style post number limited boards (and Futaba implements it really stupidly), but it gets tricky when you have different deletion modes and want to do it right.

> Prune-limit mode that is defined by number of files or size sum of files on a board

Size limit is already implemented. I might add file limit, but I'm not sure it's all that useful, when you already have the size limit.

The rest, I agree with, and I will try to get most of it done. I'm sure there's some more stuff hidden in old threads, though!

Random post: The test thread could use some linking in the notes at the bottom (what's the common nomenclature for that one?).

Thought of something else: can there be the ability to separately place a title on a board and what the head <title> element says?

Like "Music" for the header but "foolchan - music" for the title in the browser window.

>>16

Yes, it's throwing Javascript errors for me if I use that character. Gonna look into that some more.