Andy Badwool's Activity
Andy Badwool added a record in IPS ExtrasUTF8 Converter 1.1.10 (Web) doesn't progress unless refreshed[b]My server configuration: [/b]PHP 5.3, 128 MB, Mysql 5.5. Everything is compatible with "Are you ready for IPS 4.0?".
Tested the Converter on Firefox and Chrome, the conversion wouldn't progress to the next table unless I manually refreshed the page each time. I saw this reported by other users as well in the entry blog comments and other posts. This is what happens:[list]
[*]"Converting first table"... gets stuck.
[*]Converter proceeds to second table and gets stuck.
[*]Converter proceeds to third table and gets stuck.
[*]And so on.
At this point i just repeatedly pressed refresh each time a new page loaded and wait for the next page to load.By doing this, it did everything pretty fast (around 15 mins for a 600 mb board). It would obviously take longer to refresh based on the size of that current table, longest was obviously the posts table.
At the end, once all tables were processed, it got stuck at 93% saying "Converting..." (when there was nothing else to convert). I just pressed "Tools" and then went back to the Convert page and it said Conversion Successful.
And it was successful indeed as everything worked perfectly when I tested it on my forums. All new UTF tables were there in the database and working as expected.
[b]Just... I think the Converter is supposed to progress through each table by itself rather than having to be guided manually with refreshes?[/b]
- 14 replies
- 462 views
Andy Badwool added a record in IPS Web Site and Client Area (not for software issues)Can't download Marketplace files contained in "Old Categories (Being Migrated)"I was trying to download this addon [url="http://community.invisionpower.com/files/file/6402-media-tag-ign-video/"]http://community.invisionpower.com/files/file/6402-media-tag-ign-video/[/url] but it didn't et me.
I investigated and realized there must be a permission issue. Infact, all files still contained inside "Old Categories (Being Migrated)" ([url="http://community.invisionpower.com/files/category/150-old-categories-being-migrated/"]http://community.invisionpower.com/files/category/150-old-categories-being-migrated/[/url]) can't be downloaded. An incorrect "missing license" message is displayed instead.
They should be downloadable even if they're not migrated to the new categories yet, shouldn't they?
- 10 replies
- 11,432 views
Andy Badwool added a comment on a blog entry 4.0 - Simplification of deletion and approval process
Andy Badwool added a record in IP.BoardMajor Twitter sign-up overlooksHello,
After a user reported a problem of not being able to change his Display Name after signing up with Twitter, I decided to test it out, and found out even more issues:
First of all, it appears that when [b]signing up via Twitter [/b](mind that we're talking actually signing up via Twitter, not connecting the account to Twitter at a later date), [b]no forum password is set [/b]for the account. Now this not only means that the user will only be able to login by using the twitter connect button, but also this brings several problems:[list]
[*]User can't ever change his [b]display name [/b](requires password input)
[*]User can't ever change his[b] email address[/b] (requires password input)
[*]User can't even change his [b]password[/b] either, ever, because there's no "current password" set
This is not even the worst part about it.
[b]The user can't effectively disassociate twitter from his account without completely losing access to his forum account[/b]. If the user intentionally or accidentally disconnects his twitter account from his forum account... he's done for. He's not going to be able to login into that account anymore, ever again: if he clicks on twitter sign up again, [b]he's not going to be able to associate it back to the previous account because it requires that account password[/b], and that password was never set.
I guess the only way around would be doing a password recovery, but it's not really ideal to point everybody that signs up via twitter to do a password recovery as the first thing they should do...
While testing this, I also noticed something else. [b]When somebody signs up via Twitter[/b], he's prompted to also enter an email address. So it doesn't import the email address from Twitter. BUT it bypass the email validation. I always thought that signing up via twitter would import the email from that social network therefore making sure the account was legit and already confirmed by those services, so there was no need to validate their emails. Now I found out I was wrong and it doesn't work like that. But what's the point of even doing twitter and facebook connect if [b]they can just put any random email address and bypass validation[/b]? Isn't this a major security overlook?
Effectively, one could do this:
- Click sign up via twitter
- Insert a fake email address
- Create account
- Disassociate twitter
...to create an infinite number accounts in matter of minutes.
[b]PS: All of this may apply to signing up with Facebook as well, but I haven't tested it as I don't have an extra account.[/b]
- 3 replies
- 440 views
Andy Badwool added a post in a topic [Feature request] Displaying all the topics of sub-forums
Andy Badwool added a topic in Product FeedbackEnabling Flag as Spammer only for members with less than n postsCurrently, the Flag as Spammer option will appear for all accounts if it is enabled and there is no setting for it. However, my question is: Why?
After all... Spammers are the ones that show their intentions immediately. They sign up and they spam. It's not like an actual member suddenly turns into a spam bot or a human spammer. Assuming "Spam" is intended as... well.. random advertisements and external links that have nothing to do with the forum. Is this what the Flag as spammer option is intended for, right?
I've set the option to ban the user and delete all of his posts in one click. However, why do I have to see this enabled for every member (maybe risking that a moderator does something bad by accident)? What's the need for it?
Hardly a spammer will ever be able to reach more than 10 posts before getting taken care of. Or say, 20.
I think there should be an option to simple show the Flag as Spammer icon only for members with less than a certain amount of posts. I actually wonder how comes it's not there already.
- 2 replies
- 332 views