@fyhao I guess it's not really an "image show" plugin anymore, is it
Posts
-
[nodebb-plugin-imgshow] Nodebb Imgshow Plugin (Latest ver 0.0.14 20160706) -
Ye Olde EnglishBy far, my favourite story when telling people about translations in NodeBB was from fairly early on in the project:
One very early adopter of NodeBB was a fan forum for the Kansas University Basketball Team. Their community, KUBuckets, grew very quickly, surpassing our own community support forum, and kickstarted our efforts to optimize NodeBB, as we had never really tested NodeBB at scale*.
Click here to see the full blog post
-
Email Notification SupportThat's a shame, really, because Outlook (and Outlook Express) was just so terrible at managing email. I got my parents switched off of that years ago though, so haven't looked at Thunderbird since.
-
for future releases pls use protocol relative URIs@frissdiegurke Heh, I fixed our hosted instances, but not our dev server. One moment...
Edit: Back to A-, Forward Secrecy to come later.
-
for future releases pls use protocol relative URIs@ekn33 We do, as far as we know. All internal assets are coded to use the
base_url
, which defines http/https for us, so that's up to the configuration to control. Otherwise, assets to other third party assets are protocol-relative.(See: Green lock icon in address bar in this page).
Occasionally, you'll stumble upon a user's avatar that's loaded via HTTP, but that's because a couple months ago, we didn't have SSL enabled.
-
Email Notification SupportThanks for the link @a_5mith! Going to work on this shortly...
Edit: What really boggles my mind is that Thunderbird/Outlook seem to think that an anchor with a URL as the text is more dangerous than one with any other kind of text... I suppose there's a smidge of a chance that you can trick somebody with a specially crafted url, but that happens with all anchors really...
-
Email Notification Support@a_5mith said:
In fact you've reminded me, @julian thunderbird treats reset emails as a scam as it contains a hyperlink, they still send, but some may drop them in spam immediately.
Eh, that sort of behaviour is why we use third-party emailers... if Thunderbird is that paranoid, I'm afraid there's not much we can do
-
[fixed] My "new topic" button doesn't load the composer on first loadIn console:
require(['composer'], function(cmp) { console.log(cmp, cmp.newTopic); });
What does it output?
Now try:
require(['composer'], function(cmp) { cmp.newTopic(1); });
Does the composer come up?
-
Plugin Hook for editorAh... that's why I couldn't find it earlier, it's not a hook, but a method
-
EmailWe use Google Apps, and registered our domain back when it was still free
Not an option anymore, though , so alternatives are good.
-
If someone creates the username Guest, all hell breaks loose.I empathise
In the meantime, you can always reset your rep by db diving...
hset user:1 reputation 5
Though I don't vouch for the safety of doing so
-
If someone creates the username Guest, all hell breaks loose.@a_5mith If you could find out how they managed to skirt around the downvoting, that would be helpful
-
How can I customize share menu?Heh, found it! gh#35
Implemented exactly one year ago... what are the odds!
-
How can I customize share menu?Yeah, the "share via social network" was one of the first features I added to NodeBB... this was before we had a templating engine, plugin system, theming engine, or admin panel
A lot has changed since then, but this bit of code definitely hasn't... that's why it feels so hardcoded.
-
If someone creates the username Guest, all hell breaks loose.Issues Identified
- Banning a user should log out that user's browser tabs. This used to be the case, but seems to have regressed
- issue #1749, as mentioned in the previous post.
At this time, we cannot reproduce the issue of a banned or deleted user being able to downvote another user's posts...
-
If someone creates the username Guest, all hell breaks loose.Have banned a Guest user, user can no longer post, as expected (although there's a "double reply button" glitch, gh#1749, that needs to be taken care of).
User also can't downvote.
-
If someone creates the username Guest, all hell breaks loose.Note the correct handling in the topic:
User named "Guest"
A real guest
-
If someone creates the username Guest, all hell breaks loose.Hearing back from @psychobunny now: It seems templates.js interprets "0" as true, and 0 as false (similar to javascript interpretation of those values).
- Core should be updated to return integers in the post/topic/category data.
- Template should be updated to check the uid instead of a userslug
But this is more just for "better code" purposes... still seeing whether a user named "Guest" can do all sorts of shenanigans...
@dylenbrivera said:
if username guest, then have user choose new name. Shouldn't it be this simple? In theory?
Sure -- but "Guest" is a valid username, technically. No reason why not, from a technological sense, but in a social context, it's not "right", per se.
-
If someone creates the username Guest, all hell breaks loose.Now, in hindsight, whoever implemented this checks specifically for the userslug by adding this in the template:
<!-- IF posts.user.userslug -->
Looking at it now, I believe this was done because our templating engine doesn't parse "0" correctly (interprets it as true), so we can't just check the poster's uid. (Guests have a uid of 0).
As it stands, it seems to be correctly handling the differentiation between a real guest and a user named "Guest". We also don't allow two users to share the same userslug.
We should update templates.js so that an integer uid is returned from
getPostData
, and interpreted correctly by templates.js... -
If someone creates the username Guest, all hell breaks loose.The "guest" itself is not an actual account, per se. We detect whether a guest is posting by looking at the post object and checking for a blank userslug.
e.g.
{ "pid": "1", "uid": "2", "tid": "1", "content": "<p>This was posted by a real account under the name "Guest"</p>\n", -✂- snip snip -✂- "user": { "username": "Guest", "userslug": "guest", "reputation": "0", "postcount": "1", "banned": false, "picture": "https://secure.gravatar.com/avatar/c5d5cc05e15e794cdf17459b53e7a793?size=128&default=identicon&rating=pg", "signature": "", "groups": [] }, -✂- snip snip -✂- }
vs.
{ "pid": "3", "uid": "0", "tid": "1", "content": "<p>Now I am posting as an actual guest.</p>\n", -✂- snip snip -✂- "user": { "username": "[[global:guest]]", "userslug": "", "reputation": 0, "postcount": "1", "banned": false, "picture": "https://secure.gravatar.com/avatar/d41d8cd98f00b204e9800998ecf8427e?size=128&default=identicon&rating=pg", "signature": "", "groups": [] }, -✂- snip snip -✂- }