Invision Community 4: SEO, prepare for v5 and dormant account notifications Matt November 11, 2024Nov 11
February 8, 20213 yr Author 58 minutes ago, Unlucky said: Is there any way of including unique guest views? Not in the current version.
March 9, 20213 yr Security Issue! I have 2 groups that are part of my staff, the Moderators and the Administrators. Both these groups have permission to see who read topics and to see the corresponding tab on a users profile. However, the list of viewed topics on an persons profile isn't filtered by who can view a certain forum. For example, I have a private forum for Administrators that Moderators cannot see, read, or even see the topic listing. Most of them don't even know it exists. However, when a moderator looks at the "Recently Viewed" tab on an Administrators profile, they can see the titles of topics recently visited that are in the Admin-ONLY forum. Now, of course, they don't have permission to read the topic, but they now know the private admin only forum exists and can see the topic title. This could be particularly embarrassing if we had a thread titled "Moderator Ed and Moderator Suzy are crazy and should be fired". The normal function of Invision software is to only display links to topics that a person has permission to read. When you visit a profile and see a list of someone's activity, what they reacted to or what they replied to, you are only seeing reactions and replies to what you yourself can read. Your application does not filter in the same way that the Invision Power Suite does by default. This is a major problem, imo. My fix for now is to exempt Administrators from having their viewed topics logged. But if a moderator notices that admins don't have anything listed in their Recently Viewed tab on their profile page, it might look like we're hiding something and sow some discord among the staff. I hope I explained this clear enough. When a group who has permission to see the tab on profiles looks at that tab, they should only see the topic titles of topics from forums they can access, just like the default behaviour of Invision software.
March 9, 20213 yr Author 6 hours ago, Robert Angle said: Security Issue! I have 2 groups that are part of my staff, the Moderators and the Administrators. Both these groups have permission to see who read topics and to see the corresponding tab on a users profile. However, the list of viewed topics on an persons profile isn't filtered by who can view a certain forum. For example, I have a private forum for Administrators that Moderators cannot see, read, or even see the topic listing. Most of them don't even know it exists. However, when a moderator looks at the "Recently Viewed" tab on an Administrators profile, they can see the titles of topics recently visited that are in the Admin-ONLY forum. Now, of course, they don't have permission to read the topic, but they now know the private admin only forum exists and can see the topic title. This could be particularly embarrassing if we had a thread titled "Moderator Ed and Moderator Suzy are crazy and should be fired". The normal function of Invision software is to only display links to topics that a person has permission to read. When you visit a profile and see a list of someone's activity, what they reacted to or what they replied to, you are only seeing reactions and replies to what you yourself can read. Your application does not filter in the same way that the Invision Power Suite does by default. This is a major problem, imo. My fix for now is to exempt Administrators from having their viewed topics logged. But if a moderator notices that admins don't have anything listed in their Recently Viewed tab on their profile page, it might look like we're hiding something and sow some discord among the staff. I hope I explained this clear enough. When a group who has permission to see the tab on profiles looks at that tab, they should only see the topic titles of topics from forums they can access, just like the default behaviour of Invision software. Yes, you explained it very clear. I was able to reporduce it as well. I have fixed said issue and I have uploaded a new version that contains the fix. I sent it to you in private as well so you can upgrade it a.s.a.p. Thank you for reporting it. Kind regards Edited March 9, 20213 yr by Miss_B
March 12, 20213 yr Thank you. The patch seems to be working. It replaces the topic titles/links they don't have permission to view with the words "content deleted". It would be nicer if it just skipped it altogether, but this is definitely better than it was.
July 21, 20222 yr 13 hours ago, Adrienne said: When will the update for 4.7 come out? I just wanted to say that the current version still works fine with 4.7
July 23, 20222 yr On 7/21/2022 at 8:52 AM, Robert Angle said: I just wanted to say that the current version still works fine with 4.7 I can't install it with 4.7.
July 23, 20222 yr Author 12 hours ago, Adrienne said: I can't install it with 4.7. What seems to be the problem?
July 23, 20222 yr 4 minutes ago, Miss_B said: What seems to be the problem? The file is not marked as compatible with 4.7 in the marketplace (only 4.5 & 4.6) so it won't show up in Admin CPs running 4.7.
July 24, 20222 yr Author On 7/23/2022 at 6:15 AM, Adrienne said: I can't install it with 4.7. Hello. I have edited the app to update the version compatiility field to include the 4.7 version as well. Currently it is waiting approval. Once it gets approved you can download it from your Acp.
October 29, 20222 yr Author 10 hours ago, iiioroh said: Invision Community 4.7.4 Beta 2 Error when logging in as user I 've adjusted the code in the widget to suppress the OutOfRangeException error and uploaded the new package. Thank you for bringing this to my attention.
November 23, 20222 yr I receive this error when attempting to look at users. I am in the only group approved to see this.
November 23, 20222 yr Author 17 minutes ago, Christopher Iosca said: I receive this error when attempting to look at users. I am in the only group approved to see this. It looks like the permissions are not set. Can you double check them?
November 25, 20222 yr Which permissions am I missing? I have the allowed group set and also I and others are in that group.
November 29, 20222 yr Still need help with this. Permissions are ok per the images supplied. What am I missing?
November 29, 20222 yr Author 36 minutes ago, Christopher Iosca said: Still need help with this. Permissions are ok per the images supplied. What am I missing? I can't reproduce this. Can you send me the link to your Admin Panel with an account log in info and I will look into this for you.
August 19, 20231 yr Author From now on the app will be supported only at my own forum. https://www.yourforumservices.com/index.php?/topic/14-who-read-this-thread/ I apologise for any inconvenience caused. Thank you for your understanding.
September 15, 20231 yr Author Thank you for being a client! The Invision Community Marketplace is closing October 30 2023, so I am moving all of my files over to my personal site https://www.yourforumservices.com. How to transfer Marketplace files from IPS to me -- read this link Need help? Browse my new support topics hosted on https://www.yourforumservices.com Want to buy? Browse my updated files hosted on https://www.yourforumservices.com Bookmark https://www.yourforumservices.com and the new Marketplace Directory https://www.invisioneer.org/.
