Jump to content

Community

Dreamlander

Features removed from 3.1.4

Recommended Posts

I must say I do miss Topic Descriptions quite a lot. I'm holding out on upgrading my community until 3.2.2 in the hope that perhaps, just maybe, IPS will re-add them as an option, or at the very least some kind developer will release a Mod for them to be reinstated. What use for 'Tags' I would have I just don't know %7Boption%7D

Share this post


Link to post
Share on other sites

For example... url avatars. I don't want to host images, reasons being they take up disk space, bandwidth, server resources etc. There are image hosting companies out there specifically there for that reason and we can't use them. Lets not forget avatars are now also shown on the board index now as well. There was nothing wrong with the old system and I have not seen a reason for removing it yet.




There was good reason in removing it: It's a security risk. Images are small anyway. Most people just upload their avatars anyway, or use Gravitar.

Share this post


Link to post
Share on other sites


There was good reason in removing it: It's a security risk. Images are small anyway. Most people just upload their avatars anyway, or use Gravitar.



Can you explain how they are a security risk? I ain't that tech savvy.

Share this post


Link to post
Share on other sites

Can you explain how they are a security risk? I ain't that tech savvy.




Someone could put in a URL that isn't an image. That URL could redirect to an action on the board. Because the URL is loaded in an image tag, the most a user will see is an image that can't be loaded. This only works with requests that don't require POST but can use a simple GET (some ajax requests, as an example).

The avatar is loaded on every topic the user posts in, and now pretty much on every page.

Share this post


Link to post
Share on other sites

avatars can be risk correct, they can link to a small picture, then change the picture by uploading a different on their server, a really huge and 10mb size avatar :P

how do u like that now? The only way to over come this is to allow url linking to fixed number of sites, like tinypic, imageshack, etc.. this way they can reintegrate it again.

Share this post


Link to post
Share on other sites


Someone could put in a URL that isn't an image. That URL could redirect to an action on the board. Because the URL is loaded in an image tag, the most a user will see is an image that can't be loaded. This only works with requests that don't require POST but can use a simple GET (some ajax requests, as an example).



The avatar is loaded on every topic the user posts in, and now pretty much on every page.




avatars can be risk correct, they can link to a small picture, then change the picture by uploading a different on their server, a really huge and 10mb size avatar [img]

[/img]



how do u like that now? The only way to over come this is to allow url linking to fixed number of sites, like tinypic, imageshack, etc.. this way they can reintegrate it again.




However, we can still insert images from remote locations into our posts and signatures using the image tags so disallowing images from remote locations only in avatars doesn't make any sense.

Share this post


Link to post
Share on other sites


However, we can still insert images from remote locations into our posts and signatures using the image tags so disallowing images from remote locations only in avatars doesn't make any sense.




Is that really true?

I'm not sure whether to laugh or cry.

Share this post


Link to post
Share on other sites


Is that really true?



I'm not sure whether to laugh or cry.




Yes, try it out for yourself using the image tags. If you're uncomfortable typing out the image tags yourself, you may simply use the image button in the editor.

Share this post


Link to post
Share on other sites

I won't allow avatar uploads for new members anyway so for me this is not a security risk. Even if they did I would just delete whatever it was.

If this was a really big security risk then should sigs and posts not require uploaded images as well or is this different?

Share this post


Link to post
Share on other sites

Signatures are not everywhere :). Avatars are. Board index, topic listing, etc... Signatures are only in posts. Those posts have to be viewed.

Share this post


Link to post
Share on other sites

Actually I think the urls to images that are in posts and signatures are checked and validated for security before being submitted. idk

Wow, did IPS get this much backlash with 3.0 -> 3.1?

Share this post


Link to post
Share on other sites

Sheesh... I've just noticed the "View Auto Saved Content" in the Fast Reply box.


Sounds good, where is it?

edit: found it. Cool!

Share this post


Link to post
Share on other sites

Having now upgraded, I am getting a few moans about missing avatars. but not too many at the moment.

My biggest loss is the avatar galleries, which I fail to see any security issues with - it does not seem possible to allow anyone to grab an image from say a gallery either - if it was then that would be a get around, although not perfect.

Share this post


Link to post
Share on other sites

Wow, I didn't realize they removed that. What in the world were they thinking? I'd like to know their justifications for this. Who the heck makes these decisions? -_-




This is the justification.
You used this board since update (18 post in 40 days) and you did not realize they removed a such important feature. Maybe the feature was not so important.

Share this post


Link to post
Share on other sites

My biggest issue is IPS is trying to make IPB a like facebook when facebook is at best a fad. I would think IPS would have more foresight of decision when they made big sweeping changes.



1 - Explain? How is this turning into Facebook?
2 - A fad doesn't last 7 years and have over 750 million users.

Share this post


Link to post
Share on other sites

Main thing I dont like about auto saved reply is apparently it never clears itself and remains there forever.




This was a bug that has been partially fixed in 3.2.1 and completely fixed in 3.2.2.


Trash can in 3,2,1?




There is the Mod CP which shows deleted content. If you really really wanted to keep a trash can, then set up a multi-moderation for it and remove all delete permissions for your moderators. It's the very same thing.


If simply using a url is a security risk we wouldn't be able to have links in the posts themselves. How could someone do anythign any more risky by giving a lnik in one place as opposed to another?




No other system (Facebook, Twitter, LinkedIn, etc) allows URL avatars anymore. They are too unpredictable. I know many will now reach for "BUT THIS ISN'T FACEBOOK". I agree with that but my comparison is now down to user expectations. The average user is more comfortable with uploading an image than finding the URL.

The main reason it was removed is because it is a small security risk. We had to stop showing a user's avatar in the Admin CP because of the risks of it redirecting to another page. We have a lot of protection against that within the forum, but less so in the Admin CP because it's behind a separate log in.

Ultimately, we have simplified the forum and removed a lot of legacy features. I don't expect everyone to cheer with approval, but when you lead the pack, you make tough decisions for the good of the product.

I fully expect the grumpy minority to now dissect this post completely. :)

Share this post


Link to post
Share on other sites

There is the Mod CP which shows deleted content. If you really really wanted to keep a trash can, then set up a multi-moderation for it and remove all delete permissions for your moderators. It's the very same thing.


I don't really count myself in the "grumpy minority", but this isn't quite accurate.

Last I checked, multi-mod couldn't delete posts within a topic, just the entire topic. If it could, then I'd certainly agree with you. As it stands, the posts would have to first be split from the topic, then moved to the "trash can".

Perhaps an upgrade to multi-mod to allow mods/admins to tick the checkboxes to posts and apply a multi-mod to those posts?

Share this post


Link to post
Share on other sites


I fully expect the grumpy minority to now dissect this post completely. [img]

[/img]




Not grumpy at all - and I agree about remote images.

My issue and that of my members who moan to me is the loss of an avatar gallery for them to display their club badge.

if there was a workaround for this (which I cannot see as being a security risk) then they would be happy. Those who had a remote avatar can simply upload.

The issue with asking lots of people to upload say a club badge is everyone would load up badges of varying quality and image size which does not look good. Plus they have to go and find a badge and more often than not edit it themselves. Not to mention loading the same physical image, but different file names, multiple times on one page. I could supply badges for them to copy and then re upload but this seems daft on a modern website, especially when we have a gallery and other hosting/display options.

Share this post


Link to post
Share on other sites

I know my users and and I know some of them will miss being able to use a remote url for avatars but I do not see it as a big deal. The thing I don't like is that when avatars get cached the users change them and then they can't see their changes and freak out because the system is 'broken'. Also the rest of the users won't notice user x changed their avatar.

Obviously I will make an announcement before upgrading so they know they have to save their current avatar in case it gets lost in the transition.


Now, I am more interested in being able to bring back the settings that allow users to turn off signatures, avatars, and images inside a topic (regular images and emoticons) since a lot of my users use my forum from a work environment. I am not too concerned about nude pictures per se as we have rules about those. However, my forum is a football forum (regular football, not American football) where a lot of people post images about football in their avatars/signatures/posts and plenty of my users like to hide them while at the office.

I am not familiar with writing hooks but I will ask.... Are these settings something that could be brought back using a hook?

Share this post


Link to post
Share on other sites

I'm not sure why people want the old fashion trash can while we have a better system for dealing with deleted contents?

with the old system, there was no straight forward method to restore deleted posts to their original topics unless you use the merge thingie which I've never mastered! Now you can do it with nothing more than a click of a mouse button.

Share this post


Link to post
Share on other sites


Someone could put in a URL that isn't an image. That URL could redirect to an action on the board. Because the URL is loaded in an image tag, the most a user will see is an image that can't be loaded. This only works with requests that don't require POST but can use a simple GET (some ajax requests, as an example).



The avatar is loaded on every topic the user posts in, and now pretty much on every page.




Not a good enough excuse for me, my fandom have used Photobucket &the like for years & our members originally couldn't upload or have an avatar until they had made a few posts

The removal of Avatar Galleries was disasterous for us as our members have competitions & only a few months ago we had our members design & create 25 New Avatars for our Avatar gallery for members who couldn't create their own to use. NOW THEY ARE USELESS because the galleries are no longer available & sorry but I chose IPB 6+ years ago for features that they have now simply removed

if we can't get some of this functionality back I will have to start investigating a change to a software that still has the features we need to appease our community needs, very disheartening & again several steps backward as far as my community is concerned, maybe it's finally time to explore the opposition to see whether they provide what our community needs.

As I said previously disgusting since we've spent so much on our forums over the past 6+ years with purchasing & renewing support packages & to have major features just simply removed for STUPID reasons is appalling

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

We use technologies, such as cookies, to customise content and advertising, to provide social media features and to analyse traffic to the site. We also share information about your use of our site with our trusted social media, advertising and analytics partners. See more about cookies and our Privacy Policy