Dan

+Clients
  • Content count

    3,664
  • Joined

  • Last visited


About Dan

  • Rank
    the same

IPS Marketplace

  • Resources Contributor Total file submissions: 1

Recent Profile Visitors


69,839 profile views

Dan's Activity

  1. Dan added a post in a topic Social Networks login   

    Just a quick question - How hard are these sign in methods to implement? I'm thinking of setting up a forum, but would need Github as a sign in option.
  2. Dan added a post in a topic Heartbleed and IPB   

    I think Greenlinks is referring to the idea that if you can steal someone's session ID by exploiting the Heartbleed vulnerability, you can gain access to other people's accounts within IP.Board by hijacking their session, and is looking for mitigations for that.

    I guess this is where session IP validation would come in, if you're particularly paranoid about man-in-the-middle attacks, but there's very little else IP.Board could do.
  3. Dan added a post in a topic IPS 4.0 backward compatibility   


    I think this is your key misunderstanding, which is logical, but still incorrect. Whilst it would certainly be possible to maintain near 100% backwards compatibility if IP.Board included a specific app-facing API, wrapped around the core logic that actually makes things happen, that is not the case.

    In IP.Board (and all competing products,) any part of the software can be used as an API. Third party developers have the ability to extend and modify *any* class within the system, as well as hooking into specific points within templates and pre-defined data hooks. In theory, certain data hooks could be maintained as part of a rewrite, and there could be an intermediary layer allowing "old style" plugins to continue working where they only use those data hooks. However, by their very nature, plugins that hook into core classes within the platform couldn't possibly work if that class no longer exists. The same applies to hooking into templates, if that template (or the part of it you were relying on) is no longer there, how can it be hooked into?

    It is very different developing a piece of forum software than it is developing firmware (or even, for example, a ReST API.) In the latter case you pre-define everything you want to expose, you know what you need to maintain and how to maintain it. It's just not possible to do that when you allow developers limitless access to the core of your application.
  4. Dan added a comment on a blog entry 4.0 - Rethinking XML Handling   

     
    That's fighting talk. :p 
     
    I think the support folk would agree that your sentence should end "That will no longer happen in 4.x (except when it does.)"  GoDaddy and XTREME MEGA HOSTING will make sure of it.
  5. Dan added a post in a topic Use SQL Timestamp & Datetime for dates in 4.0   

    I agree on the front of using DATE/DATETIME columns in SQL, they're more commonly accepted as the standard for storing dates these days - There was a time when you'd be seen as a crazy person for doing so, but that time has passed. All of the major frameworks use DateTime in PHP and the appropriate DATE types in MySQL now.

    ENUMs, however, I disagree with. They're fine if you're going to use MySQL strict mode, but in a situation where you can't control that (as IPS is,) I wouldn't go near them. In anything other than strict mode, MySQL will silently fail if you pass an invalid value for an ENUM column, storing a blank value in the database - they just can't be trusted.

    The biggest improvement I could see for the IPS suite in terms of using the database is properly using foreign keys (incl. the ON UPDATE / DELETE functionality) and, where fitting, triggers. It can save an awful lot of code.
  6. Dan added a comment on a blog entry 4.0 - Javascript framework   

    Neato. 
     
    I like the look of this. :)
  7. Dan added a comment on a blog entry 4.0 - Login Handlers   

     
    I'm sure I'm rehashing (har har!) old discussions here, but why are you targeting an already end-of-life version of PHP as your baseline for a brand new version? 
  8. Dan added a comment on a blog entry 4.0 - Login Handlers   

    Is there a reason you opted not to use the new built-in password_hash() method in PHP? There's a library that provides compatibility to older versions: https://github.com/ircmaxell/password_compat
  9. Dan added a comment on a blog entry 4.0 - Dev Introduction   

    Out of interest, how have you guys implemented monkey patching? I assume you're still allowing for multiple hooks to extend any given class?
  10. Dan added a comment on a blog entry Introducing IPS Backup Service   

    This sounds pretty awesome!

    How does the service get initialised in the first place, for a pre-existing database? Do you send a full SQL dump to the service?
  11. Dan added a post in a topic IP SEO - Options not to track visitors and keywords   



    I don't work at IPS any more, but I do believe they are currently working on an upgrade to IP.SEO for IP.Board 3.3. :)
  12. Dan added a post in a topic IP SEO - Options not to track visitors and keywords   

    Assuming it hasn't changed since I last saw it, you can just disable that one hook and the rest of IP.SEO will continue to work fine without it. :)
  13. Dan added a post in a topic Dan what are you doing?   



    I no longer work for IPS, so I don't know what the status of this project is, nor what is going to happen to it going forward.

    Sorry guys.
  14. Dan added a post in a topic Suggestion - Improve the "Manage ACP Restrictions"   

    Have you seen this blog entry?

    If it doesn't cover what you're suggesting, can you please provide a little more detail. It's not clear what you want changing.
  15. Dan added a post in a topic IPB 3.2 feature set -- frozen?   

    We have selected the list of features we're going to finish implementing in IP.Board 3.2, and we'll blog about them as and when they are ready to be announced, as we have done with the other features so far.

    We always use the features from this forum when coming up with the feature list for new versions, so yes we will keep anything else in mind for the next release after 3.2. :)