Fixes and Features in this release:
* Add Enabled/Disabled Option to Application Settings in Modify Account enhancement
* Add delete account option enhancement
* Export path throws null pointer exception if does not exist before attempting to export data. bug
* Log full path of uploaded imports and make configurable bug
* Max number of threads should be configurable in appearance maintenance page. enhancement
* Implement Thread Depth for Expanded Threads enhancement
* Preview length for first topic and replies should be configurable. enhancement
* New Threads or Replies should bring user to posted thread instead of main view on submit bug
* Thread Maintenace Page Does Not Remember What Tab You're On bug
* Add paging functionality to thread maintenance page enhancement
* ReCaptcha Responses are not being verified against Google's Services bug needed
Some bug fixes in this release for recaptcha, new thread redirects, etcs. I believe this covers the last of the new user-end features that we actually use on this site. I've created tickets for the configuration page where you can set different posting regulations but we've never used any of those. (As well as all the other config pages I have missing even if they probably won't get implemented before the 10/31 deadline)
Enable/Disable of Disc Apps per app per account is a new feature that the original does not have. Here you can set the disc app as enabled (like this is currently) or disabled where no one will be able to access it on the fly.
Also added feature to delete your account. It's actually a soft delete that doesn't actually remove anything from the database but your account will become inaccessible to log in as well as any Disc Apps associated with your account will be disabled as well. I went with a soft delete so I could easily re-enable any accounts that were accidentally disabled. (Even though there's two screens you have to go through as well as a ReCaptcha to do so...)
Max thread depth feature was from original site and works just like the original site. If max nested threads are reached it will say "x more comments" with a link. The actual feature on the Disc App site isn't correct because it starts the count from zero. So it will say "3 more comments" when there is four. This is fixed in my version.
Max number of threads per page is a new feature for this site. You can set how many top level threads appear per page.
Next page feature is implemented now. Previous page is a new feature that didn't exist in the original site. You can now go back to a previous page on the main app view as well as in the thread maintenance page.
Configurable preview lengths are also new to this site. On the original site they were hard coded. Originally I was going to make them site wide default configs but decided to make them per app. There's only a select number of sizes you can choose from so it's not completely free range. (though technically any int value would work)
I think that's about it... usually I don't go on about the new features but this time I actually added some stuff the original didn't have (even if they're sort of 'whatever'...).
with a redesign a little more security conscious, a little more general purpose programming aware, and understanding things like state.
Oh, and doing things like actually letting smart people handle security. Just tell the system it's a password and let it figure things out from there. Don't kn... more
Passwords are hashed using BCrypt library so no actual passwords are stored in the DB and all the log in / log out leg works is handled by the Spring library.
If I was to implement my own, it would most likely have security holes galore and not work right.
The weirdness now with the log in i... more
I didn't have any other option at the time. It's a clever and secureish way of doing things, but time has passed it by. Data goes to the server (a hole, I know) and gets hashed (using an old hash function), then stored in the database. I salted the hash, but I didn't know you should use different... more
it's probably fine (like you said.)
So, if someone was to figure out the salt for your passwords, would they be able to decrypt all passwords in your database?
Even with using an encryption library for the passwords, probably shouldn't be using any shared or important passwords here either.
up and have it figured out in maybe an hour's worth of computing time. (Now, back 10 years ago it was a couple years worth.)
I like to tell people there's three passwords that should be unique: Your bank, your Facebook, and your e-mail. Everything else, it's hard to do much irreversible damage. ... more
how secure I need it to be. Ex: level 1 top security would be unique hard passwords for work and banks and such. Then level 2 for middle ground and then easier level 3 passwords for stupid throw away stuff.
Even then though with having to reset passwords after x amount of time being more common,... more
I can't remember every password and my password manager isn't always accessible.
And if it's on the phone, it's not convenient for the computer. Too bad user accounts are so effective at preventing spam.
Right now all deletes are soft deletes through the actual app so if anything is getting hard deleted, it needs to be done manually. Making things easily reversible is definitely a priority (Especially if there's a bug and someone finds out how to hard delete records from the DB... that would be terr... more
per disc app and auto pruned any old records past that.
Currently where at 4270 threads and they go back as far as late 2006.
We have about ~2000 records before hitting the cap so if we use an average of 610 threads/year (4270 threads /12 years)... we would have about 3.25 years before hittin... more
For a lot of things, it's just "I need to log in to get to this admin page to test" so it doesn't really matter if I'm isolated in a private window. Also, I do almost everything with my local dev instance which invalidates all authenticated sessions every time I rebuild and restart the app.
I'm using session cookies so it logs me out automatically when I close the browser. (It's a nice way to do auto signout for things that are low reward security. Most timed auto signouts are too short.)
This site uses session cookies as well. I almost never close the browser completely (just the tabs) because I like to keep some things accessible at all times.
I don't think I've actually tried to close the browser and reopen and see if I'm still logged in... hmm... *throws it onto the 'to-do' p... more
Of course all that scary stuff just looks silly, though.
You know how if a machine's been running for months and you shut it down you might not get it to turn back on? Is it like that and your browser?
On the "new tab" screen in FF, NEMB is #7.. but it has some catching up to do because it's on a new host now.
I might give Pale Moon a try. I used to use SeaMonkey back in the day when I used Debian instead of Ubuntu. I'm happy with FF but something new is always worth a glance. :)
Edit: Al... more
I think they sorted that out, but I'm not sure.
Hm... I'm not exactly happy with Mint (It's SO HARD to access a network drive. Good ol' Windows treats \\name\ as a first class citizen, while Linux is "ohph! Gotta mount it first."), and I'm getting tired of focus stealing. Just flash the icon or... more
with FireFox. Seamonkey is basically the same thing but according to Google based off Mozilla/Netscape instead of directly from FF...?
Does Mint have Samba sharing? It's been ages since I've used it. I know in Ubuntu I can just go to the location bar in the file browser and user smb:// to get my... more
How was I supposed to discover that?
Seamonkey was like Netscape but actually developed. I used it for a long time. Pale Moon was better--a little more light weight and faster.
Now I wonder how to connect to network drives in those stupid windows that don't have text box fields for paths. I... more
when I was trying to transfer things between computers at my parent's old house.
If I didn't go digging into Samba crap then (might have even been Slackware.. oof) then, I wouldn't have known either.
As for having them in windows that don't have a location bar... there's always the Linux way ... more
back in the early 2000s.
At the time for some reason I thought it was cool that everything was built from source and there was no package management really. I think I stuck around with it way longer than I should have. I still remember losing sleep over figuring out what conf file and dependency... more
I think I may not of even had gcc installed--having to build it from scratch. Or maybe it was g++???
I do remember trying to load Xwindows on a 386. I left, went away for 2 hours for dinner and finally, finally, got a X-shaped mouse cursor to appear.
I remember doing almost the same thing but on a random old Sparc station I had floating around. Took forever to get X windows installed... got it working then messed with something and broke it and never got it to come back up again.
I think it was g++ you had to build of gcc for slackware but my... more
It's cool to forge your own hammer head, but doing it bare handed with no other hammers at all in which to beat your steel?
Then even things like Debian on iBook: The clock is off, would you like to screw up your OS?