>>Well, then you are out of luck, aren't you? So you want to enter your E-Mail but cannot because then the post wouldn't bump then? Solution: Write it in the comment field, problem fixed.

There is no reason to change well-known keywords for this or even turn this into a frustratingly unconvenient tickbox/checkbox.
Having a specific trigger to trigger ID would also work.

>discussion of only one comment box, then you couldn't talk about sage/fusianasan/whatever

You could only trigger the functions in a specific format, say

:link-sage
:name-blah#faggot

lol comment

I do not believe this was an actual request, but it is obviously possible and usable. Another way would be escaping keywords that you want to post.

> partition to kill secure tripcodes

Why? If you are going to get rid of secure tripcodes you should get rid of tripcodes by the same reasons. On another note, why have I seen partition instead of petition multiple times?

>So I misspelled one word once. Sue me!

My point was that it is unnesessarily obtuse, not nit-picking that you misspelled it.

>This is a widely used system. There is a very low learning curve here. sage = does not bump thread when replying, that's all there is to know. People can then figure out why it is useful on their own.

You would think there is a low learning curve, but that is not really the case. For example, on an imageboard, what effect do you have making a sage post (with no real content) with prune oldest and a permasage limit? What about prune oldest with a permasage limit that excludes sage replies?

>trigger replacements

I'm not sure what to replace sage with, if anything. Down certainly doesn't describe it (to me it implies the reverse of age, which is not the case). don't_bump or dont_bump? show_host or show_ip works for fusianasan imo... show_ID to trigger ID?

>>16

Yes, it's throwing Javascript errors for me if I use that character. Gonna look into that some more.

>>343

"When they shouldn't be?" They've always been bolded.

Wow, >>243 sure looks like shit in Safari. What the hell? Looks right in Firefox, though.

>>201

Yeah, no, maybe. Using secure trips for capcodes also adds extra protections against accidentially misspellingyour capcode and leaving it open to attack.

Thanks for the links at the top. Previously, I had to search for those threads over and over again if I wanted to find them.

>>184
If people are going to decide to use custom names for paramaters, then there isn't much you can do about it anyway, or is there?

Well, both >>30 and >>31 didn't change the ¦ into ?U so I am out of ideas what happened...

> forced fusianasan

that seems kind of evil.

>>313 Like lots of people use them anyway </sarcasm>. Yes, security is a good idea. What are the holes, anyway?

>Most admins probably don't get point of the secret string anyway, and asking them to put in several is just too annoying. In retrospect, I'd like to add a second layer of hashing to these, but that'd mean breaking secure trips AGAIN.

You could take the route that MrVB (I think?) did and generate the strings on first run? openssl, /dev/random, perl's random as last resort. In almost every case you are going to get a better random string than most people will supply, and if they want to change it they can. Or only have them generated if they are not supplied.

Honestly, when people care so much about anonymity they can put up with the changes required to ensure it.

> Right, I guess it was dumb to mention 0ch/Futaba in the first place. The point is, as you said yourself, tripcodes are a gimmick, and if someone wants to maintain a persistent identity across multiple boards and sites (ie, everyone here with a tripcode), they have no choice but to use ordinary tripcodes. Secure tripcodes are useless because they limit your identity to a single board, supposing each board/site's cipher key is different -- which it should be, since that's the point of having a secure tripcode in the first place. No one should be so paranoid about a tripcode that they'd need to have a different one per board/site.

True, they're of limited usefulness, but people like admins might prefer to use them. And there are certain cases were you might use them temporarily for various purposes. I wrote the code already, so I might as well leave it in. It has some uses at least.

> Shouldn't we sacrifice some backwards compatibility for a more robust and scalable design? It might even be possible to provide an upgrade.pl for old threads.

I think I'm too lazy to do it. It's kind of hairy. Besides, as I said, you can remove a lot of the drawbacks of seprate installations by using symlinks.

The "Entire thread" link in the top navigation bar of the thread page is still broken.

Wakaba:

• Better handling of the code that automatically inserts the >> links for quote-replies. Right now it inserts them numerous times if you go back and forth several times before actually hitting "submit".
• Reintroduction of "Marked for deletion (old)" (it's just handy to have that)
• Prune-limit mode that is defined by number of files or size sum of files on a board

Currently, pruning by age is measured from the time of the newest post in the thread, so it wouldn't really work. I'm not sure if this is the best behaviour or not, but it seems it makes more sense to kill threads nobody cares about than to kill slow-moving threads just because they get old.

In mode_image: shouldn't the board title be in <h1>, and the post headers in <h2>?

Here's a fun little game for you all!

I'm looking into adding support for using HTML markup in addition to WakabaMark, but since most boards use XHTML, I can't just let through any old HTML, and most people can't write well-formed XHTML. Also, I don't want any cross-site scripting going on. So I've tried to write a piece of code that takes any horribly written piece of HTML, sanitizes it by removing all tags and attributes that are not an approved list, checks the attribute values, and turns it into well-formed XML.

Now I'd like to see if anyone can break this. The objective is to get some Javascript onto the page, or making the page break in Firefox (or any other browser that parses XML strictly), or otherwise causing trouble. Have at it!

http://wakaba.c3.cx/test/sanitize.pl

The point is to make a portable file, so you do not /have/ to compile it on the host. Statically linked lets you use libraries that the host does not have.

Sure, doing it in perl is an option though.

>>180

The one with encoded Javascript that makes you post with fusianasan is cute.

> I'd like to have the interface reduced to what is absolutely neccessary

That's why there is a "More options..." link, instead of putting the controls there on every single thread everywhere.

If we must discuss Shiichan's bug (which I believe we don't): I like the one where it sometimes turns an existing thread at the end of the All thread list into a thread with no subject, creation date set as 31 Dec 1969: 19:00 and then set to -1 posts (!) - and when you post in it, you 0GET and your IP appears as the subject.

It's a brilliant, better than fusianasan! Try it out: http://dis.4chan.org/read.php/dis/1121735647/

Too late! Already released!

>>71
forgot to add that turning the CSS selector and Admin functions into drop-down menus and moving them to the right side of board and thread title headers would remove that top bar entirely on the front page.

　　　∧∧
　　（　 ･ω･） 　 　It's late
　 ＿|　⊃／(＿＿_
／　└-(＿＿＿_／

　　　∧∧
　　（ ･ω･ ） 　 　Good night!
　 ＿|　⊃／(＿＿_
／　└-(＿＿＿_／

　 ＜⌒／ヽ-、_＿_
／＜_/＿＿＿＿／
￣￣

> how about having a third party create extensions for those browsers and freeing up the real estate on the actual page?

What's with this obsession on removing the CSS options? It's a single line, and some of us find it useful.

Real estate? Scroll down.

>>210

monospace font? like this?

/-100 shows the first post two times.