Wedge

Wedge was the first bigger codebase I worked with and later contributed to. In that
time (and it still goes on) I learned a lot. Not only the benefits of open source and how
much fun it can be to work on project, but also It's the first time that code i wrote and ideas
I have, really get used in projects which aren't my own :lol:.
Thanks for making this possible.
 I hope we can obtain this friendly working condition in the future.
I wish you best luck and success with your LT project  :cool:

- First thing I want to do is moving all "validate_funcs" to
  Subs-BBC (nearly done with that).
- Next thing is refactoring those functions, making more
  clear what they do (figured out that the do nothing which
  you should describe with the term "validate", most of them
  trim or beautify the content.) and  understanding why the
  hell there are often the same tag twice with nearly the same
  "validate_func". I'm sure it would be enough to have one of
  those function for each tag (which needs this stuff).
https://github.com/C3realGuy/wedge/commit/791bdfa2632190b0c23f570e4bc581de9a7bc2bd#diff-ea931b81508cfb000ca2c54e529ff570R1520
- If this is done I want to look if it's possible to "hardcode" all those
  default bbc tags in a nice function. Something like loadBBCodes(),
  which returns all default bbc tags plus loads all others from sql.
  Have to see how the disable tag stuff is done. Want to add a
  hook here too, so plugins really have all the power over bbcodes
  without the need of modifying the bbc parse code or doing some
  regex stuff on top of it.

It's a bit to do, won't get bored the next days. The Problem is not
the coding, it's understanding what goes on in Subs-BBC :lol:Didn't play with a pure webspace in years, and i know why :D You just have more control, more power and of course more responsibility. But stuff like let's encrypt (free ssl certificates in case you don't know them), full control about software which is running and the configuration will always let me choose an vps/kvm/whatever over a webspace.Wedge is quite finished. It's totally usable, I only tweak stuff which I don't like how it behaves. For example the WYSIWG Editor. It's fully working, but awful :D Will be the next thing i want to look at. And some features I see around other forum softwares which i like. For example mark quotes. So you mark a part of post and you can only quote this part. Really like this idea, have to see how i can implement that. Maybe stuff for a plugin.

Besides that, i said it already in parts here and there, wedge is in my opinion the only good forum software around.
It's nearly perfect with balancing out pure html/css functions and extra js. It has many js stuff which makes it feel modern and dynamic without making it unusable on browsers without js. I mean solutions like nodebb they won't work in a browser without js. Those "in browser apps" are cool for sure, but not for a forum software (in my opinion). They are slow, make problems with search engines, are unusable with noscript. But forums should be accessable by as many people as possible and shouldn't make problems.
The next thing is mobile/responsive design. A lot of forum softwares aren't able to this. Xenforo just looks really really bad on a smartphone. They didn't understand this *less thing which wedge does. Less padding and style elements is more on a mobile screen. You wan't to use as much of the screen as possible to show content without confusing the user. Xenforo also didn't do this js thing well. It's just bloated with js even if it's more of traditional "non ajax" solution compared to nodebb. I hate it to surf on any xenforo forum. Only thing which is maybe worse is an old vbulletin forum. I just always fear to lose my account's email and password to some hackers :D
Wedge feels lightweight, it loads super fast on the browser. It looks modern, has a special touch to it which you will recognize. And it has a lot of really good ideas implemented. Besides that, it's super stable. I think we use wedge on our forum since 3 years. Never had a serious problem with the forum software. Not even a small one.

But still there are problems with wedge.
- PHP is just not modern anymore. In fact, it's a bit dying.
  I'm not sure about that, but for example websockets aren't
  supported yet in php. Which could be a nice thing to have,
  also for wedge. Especially for notifications. Wedge is maybe
  the last and best php Forum Software.
- Besides the PHP thing, the codebase is old and unmaintained.
  No unit tests, no coding style standards. You also don't want to
  touch that code, risks are too high to break a thing and don't even
  notice it. Not a big of a problem, there aren't too many who use wedge
  anyway :D 
- No documentation, no helper/"framework like" functions to make life
  easier for plugin developers. As a plugin developer you write so many
  functions again, which are maybe already implemented in the wedge
  core and you just could reuse. But you don't know of them and never will.
- In general you can make wedge do everything you want, but it's often not
  a nice way. It's more like forging it with a flamethrower.
- Some standard functions are just not as good as they should. For example
  the editor. Color chaning is bad, you can't asign a choosen color to another
  marked text without first changing it's color to something else and than to
  the color you want. Makes no fun.
  Or Private Messages. It's this old private messaging system you know from
  Bulletin Boards. It's just old and feels bad to use. It's a bit like emails and this
  is already bad. In fact i would always prefer to write you a message on any
  instant messanger instead of using wedge.

Wow this is more of an essay and totally off topic. But who cares.

Yup, totally aggree with your points. On the other hand, adding bbcodes via plugins is quite a handy thing. So i won't say the idea is bad, just the way it's done in the moment is not the best. Also this validate thing i really don't like. The name suspects a very limited function, even if it's not. Have to think of something for this.
I will give it a try and see what i can do. I'm ill in the moment (EB Virus is quite a nasty one) so I have some time.

OT:What kind of a server are you using that the configuration issues give you nightmares :hmm:

PS: It feels good to see wedge back under active developement :D

Advanced Home Topics

A plugin for wedge giving you more control over the topics block you can add to you Homepage->Custom Content.
Features:
  - Multiple working `topics` blocks
  - Change title of each `topics` block
  - Limit include boards
  - Limit exclude boards
  - Modify steps in which n increases
 
Can you give me an Example?
Sure, look here:


How to install?

Drop the `advanced-home-topics` folder which you can find in this repository in to your `<wedge_install>/plugins` folder and activate it over your Admin Control Panel.

How to configure?

1. Go to `Admin->Configuration->General Options->Homepage`
2. Modify `Custom Contents`
3. Add something like `topics:1|Some Special Posts|3;4||false|1;2;3;4;5;6;7`
4. Format looks like this `topics:<num posts to show by default>|<custom name, empty for default>|<include these boards, empty for all, divide with ;>|<exclude these boards, empty for none, divide with ;>|<set to true if you want to hide Boards>|<steps in which we shall increase. By default 5;10;20;50;100. Divide with ;>`

Where to find?
https://github.com/C3realGuy/AdvancedHomeTopics

ssi_recentTopics() is not filtering the $num_recent argument correctly.

The dangerous part: 'LIMIT ' . $num_recent,'
You can exploit it through custom homepage contents over acp. (Adding something like 'topics:10 UNION SELECT...'). But you need permissions to acp. And even if you have them, the anti hacking protection of wedge looks quite nice. No multiple statemants, it detects weird behaviour couldn't really exploit it besides an more or less useless blind sqli which just worked once :lol:.
But still, better fix it.

How to fix:

PR: https://github.com/Wedge/wedge/pull/43

Many limit arguments don't get passed parameterized in SSI.php. We should change that.

EDIT1: WTF. This is nearly the same in the SMF codebase. Do I miss something or is this just really bad practice? I mean, i don't know if they have a hacking protection like wedge, but if they don't...
Besides that it looks like they fixed it sometimes and sometimes not :whistle:
https://github.com/SimpleMachines/SMF2.1/blob/release-2.1/SSI.php#L518

EDIT2: Fixed other limits too. https://github.com/Wedge/wedge/pull/44

Looks fine and works how it should. Thanks :)

Why do you want support for an old php version? XY Problem?

http://mywiki.wooledge.org/XyProblem

So, what do you REALLY want to do? :D

Umm... don't know exactly what to say except of THANKS A LOT!
Didn't even know that there's something like a private board :D

What I think is missing are some functions which make it easier to develop plugins faster.
And extending wedge is such a great thing with endless possibilities, but sometimes you just don't know what's the right way.
Small example, extending the menu:
You need to add css for the icon, which is okay when you do something special, but just a normal icon shouldn't need that.
Or integrating your own bbc tag handler, a small callback thing would be awesome for more complex stuff (directly into plugin-info.xml). You could link that directly with extending the bbc post buttons.
Or to name admin interface design, admin-page offers a good basis, but when you need some more complex stuff it get's tricky and you need to do everything manually (or at least i didn't find a better way). Adding a way to call own code would make this a lot easier.

Tl;dr: Better and more efficient tools for plugin developers. Maybe something for Wedge 2.0? :D

Normally LAMP should be enough, have a look into your error files, they should give you a hint about what's wrong.