Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - Nao
6286
Archived fixes / Re: Fixed SMF bugs
« on February 29th, 2012, 06:33 PM »
Me too!

And no time to deal with it today (I'm having guests) and possibly tomorrow... UNTIL WE HAVE TO GO LIVE >_<

Very bad timing for guests, eh?
6287
Bug reports / Re: SMF bug 4714 (replace GIFs with PNGs)
« on February 29th, 2012, 06:32 PM »
I'm against it. What matters is that GIF/PNG files are the smallest possible. Not their particular file format. GIF is smaller than PNG most of the time when optimized correctly.
6288
Bug reports / Re: Possible incorrect behaviour in fatal error handling?
« on February 29th, 2012, 12:17 PM »
I don't remember, I'll admit. Last time it happened, it was because of a failed query.
I never looked much into Errors.php, myself.
6289
Bug reports / Re: Possible incorrect behaviour in fatal error handling?
« on February 29th, 2012, 12:08 PM »
In your particular case, that would fix it. In my case (the matryoshkas), I strongly suspect that wouldn't.
6290
Bug reports / Re: Possible incorrect behaviour in fatal error handling?
« on February 29th, 2012, 12:04 PM »
You meant resetting the skeleton to just <default><error-template /></default>...? Hmm... I don't know. It can certainly be tried.
6291
Features / Re: Privacy options
« on February 29th, 2012, 11:37 AM »
Quote from Arantor on February 26th, 2012, 03:58 PM
Quote
Looks like you didn't compile the list I asked you to do... I know, I know, it's annoying for you too
There's an awful lot here >_> I'm actually at the point where I don't know where to start with compiling such a list.
Me neither... Which is a big problem :P

And I guess no one else than us is reading this...
Quote
That's how I feel about working with Aeva's code a lot of the time, actually.
You shouldn't worry about it. If only because Aeva's code is originally not by me -- so I had to learn how Dragooon did his gallery stuff and how Karl did his embed stuff. Then I did my best to improve on their already very good work. :)
I'm sure I could get to work on the plugin code too if I wanted, but I have to admit I was scared by the amount of commits related to it. It's just.. Easier to let people who use plugins debug it :P
Because one of my reasons for doing Wedge was that I could have in core whatever I had in my mods or custom code... :P
Quote
So... (I just find it easier to visualise it in a real hierarchy)
Yes.
Quote
Hm. I'd rather bring anti-spam under the moderation menu, really.
Certainly a good suggestion.
Quote
It's really closer to that than to general configuration. In which case we're really talking about:
More like... (When it comes to entry names.)

Configuration
   Features and Settings
      General
      ---------------
      Pretty URLs
   Moderation
      Settings
      ---------------
      Anti-Spam
      Warnings
      ---------------
      Filters
      Add filter

(I'm also positive Pretty URLs configuration could still be moved somewhere else, so that Features and Settings could let go of the sub-menus.)
Quote
It doesn't save us anything and has a byproduct of pushing things to side entries - I deliberately made Mod Filters a top level item, much as I would do if Post Moderation were its own item (and not configured through mod filters), simply because it's a task of configuration that needs to be prominent - it's forum wide and not subtle.
I understand that. That's also why I added the separator between moderation settings and filters.
Technically, though, we could always do that restructuring later, to give people time to 'discover' the filter system, but then again we'll probably have forgotten about the restructuring by then... :P
Quote
Quote
I have this fear all of a sudden... If t.approved=0, then m.approved=0 where m.id_msg=t.id_first_msg...
When a topic is moderated, the first post is also moderated.
Which means that, in SMF developers' minds, a m.approved test is very close to a t.approved test because in SMF, an unapproved topic can't hold approved posts. I think. Meaning I'll definitely have to add {query_see_topic} for all m.approved occurrences... Which is a bit too much. Doing a {query_see_message} will be simpler whenever there's a query without a 't' join, but it still means that this will have to hold a subselect on the topic table...

Oh, my...
Quote
I'm not seeing the problem? If you're validating topic access, the topic's approved state is all that matters - when the topic is approved, the first post is also updated.
Let's take a concrete example. Recent.php.
Look at the only query with a m.approved test. It doesn't test for topic privacy. Then, the subsequent query does a topic join but doesn't have query_see_topic, either. In the end -- it's broken.
Quote
Actually, though, that's still not a problem. When would you ever make a query against messages when you haven't already checked the topic in some fashion? Be that directly yourself or less directly by way of loadBoard()...
See just above. :(
Quote
Quote
It would seem to me that unapprovedTopics and unapprovedPosts variables would be good things to have, if only to make the queries faster.

Basically, I thought that we had unapproved_posts somewhere, so it was easy thinking: because a topic is a post, if there are no unapproved posts, then there are no unapproved topics, thus we can skip the test entirely.
It would make a difference, certainly. It's just a little housekeeping that's needed is all.
Would you feel up to the task for this, by any chance......? :whistle:

Oh, I'm doing the privacy tables, and a bit of a bummer with indexes... I have no auto-incrementing fields, and just a id_topic, privacy_type (groups, members...) and privacy_id (group ID, member ID...). So basically an index on this would be based on all three items, not one more.
Would it help at all to add a primary key based on the three keys...? Or is it a waste of space? (Maybe if I add a field later it'll be useful, of course... But right now I'm not so sure and I'm not well versed in MySQL indexing.)
Quote
Quote
So... Shall we change these to use postmod_active all the time?
Heck... Maybe we could have a {query_see_message} as well. Why not? It'd be simpler -- just the 'approved' test. Although sometimes the tables have a different alias from 'm'...
I'd suggest leaving it as is for now - there are people who aren't going to use moderation filters, no sense penalising them.
They wouldn't be penalized...? query_see_message would always return 1=1 on a filter-free environment. However, and that's important, the topic table would always need to be tested against. Unless I make the privacy system an option, of course, rather than something always active...
Quote
As  far as tables go, there are plenty of times m isn't the table alias (message index is the one that really comes to mind) so it's not like we can directly make it easy that way, sadly.
Would be fixable I think -- if anything, by renaming these custom aliases to 'm', and renaming the other 'm' to something else...
Quote
Quote
Why XSS? If we're careful to replace 039 with a quoted single quote right before insertion, it shouldn't be a problem...?
There isn't a *huge* risk from XSS, because it sort of implies weaknesses elsewhere that have to be compromised too, but in the case I'm thinking of, ' can be used instead of " for quoting attributes.
I have no idea what you meant here :P
To me, single quotes and double quotes can always be used in a field. It's just when *communicating* with that field that one has to be careful... i.e. you have to escape quotes at the last moment when inserting data. But that's really the ONLY moment I can think of where we absolutely NEED to escape stuff... Unlike a 039 that has no particular purpose in a table row.
Quote
Yes, that's a valid POV (and no, drafts can't be accessed by anyone other than the author - but just as with PMs, admins can still read them in the DB... there are no other protections made in that respect, so the software doesn't enable but it doesn't proactively prevent it either)
It's always going to be this way. Even if we encrypted data in the database -- there's nothing preventing a plugin from accessing said data through Wedge functions, and then returning them to the admin, etc. It's a trust issue.

So, basically, respecting topic privacy against admins means that query_see_topic will need to test against the privacy field, rather than just returning 1=1. I'm fine with that, BTW.
Quote
I wasn't really debating subselect vs join, the real performance is whether the table's able to be kept in memory or not.
That's way out of my league.
Quote
I guess it just never came up.
Any interesting topics to catch up with over there...?
Quote
(And re Kevin Smith, his earlier stuff is far funnier than his latest stuff, though his later stuff is meant to be less comedic, I guess.)
I don't know, I've never watched Jersey Girl and I hated Jay & Silent Bob Strike Back, his worse movie by far IMO, but I loved the rest -- Clerks, Mallrats was okay, Chasing Amy is still is best to day, Dogma was great, Clerks II was as good as the first, and Zack & Miri was as sweet as it was crude, which I enjoyed. I finished watching the first episode of Comic Book Men since last time I mentioned it, and it really, really sucked HARD. I ended up doing something else while the episode was playing. Which I usually don't do... I guess my main problem is that I hate French unscripted shows. It's the first time I'm watching a US show of that bastard kind. It's just every bit as boring and annoying. And unnatural. Which is not exactly was unscripted should stand for.... And did I mention boring? Yes I did. And boring? Did too. I really don't care about people selling collectible items in a comic book store. And *I* worked for some time for a comic book store back in the mid 90's! (Wasn't selling items or anything, it just means I should really be interested in that kind of show.)
Quote
Quote
Hmm, maybe it could be set within the 'author' privacy setting. i.e. if you reply another thought but set it to 'author', what good is it...? If it's just to say "Die, die sucker!", it's not very smart...
This needs its own topic.
It's on my to-do-list, at worst ;)
Quote
Essentially you create groups as you see fit and you can share items to none, one or more groups.
Just like my current plans. :)
6292
Features / Re: New revs
« on February 29th, 2012, 10:40 AM »
rev 1404
(7 files, forgot KB)

* Some postbg-related simplifications. Removed .wrc from topic posts. Because posts use postbg instead of windowbg, they can easily extend the class from wrc manually, which Wine will be doing for instance. Removed inheritance from .pm class, as it was already explicit in the HTML code. Removed .postbg styling for Split Topic page, as it was no longer used there anyway (it's a .windowbg with a .post child div). (PersonalMessage.template.php, index.member.css, Wine/sections.css)

* Indenazi for the Post page and Topic posts (this one will actually save quite a few bytes). Quick Reply editor indentation will still be broken, but slightly less. (Class-Editor.php, Display.template.php, Post.template.php)
6293
Bug reports / Re: Possible incorrect behaviour in fatal error handling?
« on February 29th, 2012, 09:47 AM »
The error system has its errors itself.

For instance a template error (index?) will sometimes regenerate the full page inside of itself. I always smile when it happens. No biggie though. I don't know about the problem you mention though.
6294
Bug reports / Re: Possible incorrect behaviour in fatal error handling?
« on February 29th, 2012, 08:20 AM »
Is it anything mote than a cosmetic issue?
6295
Features / Re: Board access
« on February 28th, 2012, 12:31 AM »
Yep, I remember that...

Okay, time for bed. I'm gonna get killed otherwise :P
6296
Features / Re: New revs
« on February 28th, 2012, 12:27 AM »
rev 1399
(2 files, 1kb)

* Forgot a translated file. (Profile.french.php)

* Updated Weaving to use a Segoe UI Light/Optima font stack instead of Bebas Neue, which requires font embedding. (index.css)
6297
Features / Re: Using HTML5 form inputs
« on February 28th, 2012, 12:14 AM »
Quote from Arantor on February 28th, 2012, 12:07 AM
Quote
I always loved placeholder, never used it enough though. I think I added it to the admin homepage... That must be all.
And I never even noticed?
"Quick search" ;)

BTW, I tested the PM settings page -- shouldn't there be a "min" setting of 0 for minimum number of PMs etc...? I can go under 0 by clicking the buttons, it's funny ;)
Quote
What can I say? Three months of not doing a lot and now it's time to set that little record straight, so to speak :)
Well, it's going to be... interesting, seeing whether I manage to put Wedge online here on March 1st as promised, or if I'll have to postpone it again because we're in the middle of some complex changes... :P
6298
Features / Re: Board access
« on February 28th, 2012, 12:10 AM »
Hey, feel free to scratch :) We're natural born scratchers!
6299
Features / Re: Board access
« on February 28th, 2012, 12:05 AM »
With that kind of granularity, I'm surprised you could even consider not allowing topic privacy for multiple specific membergroups and contact lists... I'm sure that's something you'd have brought up less than a few months after the feature was implemented :P
6300
Features / Re: Using HTML5 form inputs
« on February 28th, 2012, 12:04 AM »
Quote from live627 on February 27th, 2012, 11:51 PM
I think it introduced about 12 new types. Email, number, slider, the others escape me atm. Also, autofocus, and placeholder text.. I've read some tips from a website my brother recommended to me. I'll  dig it up.
I always loved placeholder, never used it enough though. I think I added it to the admin homepage... That must be all.

(Pete, I see you're in full "I'm going to overcome Nao's postcount" mode again :P :lol:)