Jump to content

Community

Mark

Invision Community Team
  • Content Count

    36,165
  • Joined

  • Days Won

    109

 Content Type 

Profiles

Downloads

IPS4 Documentation

IPS4 Providers

Release Notes

IPS4 Guides

IPS4 Developer Documentation

Invision Community Blog

Forums

Everything posted by Mark

  1. Mark

    4.4.10 Beta 3

    This is a maintenance release to fix bugs.
  2. When you select a reason for the warning, it will automatically set the number of points and the amount of time before those points will be removed. Depending on what has been set up in AdminCP > Members > Warnings > Reasons the moderator may be able to override either of these decisions (the number of points and how long before they expire). If the new total number of points triggers an action to take (moderating content, restricting content or banning the member) this will also automatically be taken, including setting how long that punishment lasts. Again though, depending on what has been set up in AdminCP > Members > Warnings > Actions the moderator may be able to override the punishment. The points expiration is different to the punishment length, but something like what you're looking for can probably still be achieved by setting them the same. So you might do something quite complicated, like... Set all reasons to be 1 point, points expire after 1 month Have an action at 1 point that suspends the member for 1 day Have an action at 2 points that suspends the member for 1 month Then the flow would be: Member is given their first warning and is suspended for 1 day After their 1 day suspension... If they commit no further infractions, their points drops back to 0 after 1 month, after which any subsequent warnings would start this process If they commit a further infraction within 1 month, they would be suspended for 1 month, after that they would be reset to 0 points because their points and the expiration would expire at the same time Or you could have something simpler, or leave it up to the moderator issuing the warning to make appropriate decisions.
  3. In order for a website to use Sign In With Apple, that website needs to be associated with an (individual) iOS app.
  4. It should use whatever your browser has it's region set to, and if there is nothing there, not select anything as the default. Look here and see what your browser is reporting for "Language": https://www.whatsmybrowser.org Or, if you enable Google Maps autocomplete information and the user grants access, it will use your real location and autocomplete favouring addresses that are in the same city/etc as you
  5. Go to AdminCP > Customization > Languages, click the Edit button for your language and check the Locale setting.
  6. Mark

    4.4.6

    Version 4.4.6 is a maintenance update to fix issues reported since 4.4.5.
  7. Those all show (as the actual posts) and can't be disabled.
  8. You can turn it off: AdminCP > System > Streams > Activity Stream Settings
  9. It looks like (though I am still waiting for more details to emerge) that it can be done on standalone websites but you'd need to sign up for Apple's Developer Program, which costs $99/year. We can't create one thing and use it for all sites because each domain and email address you will send emails from to cloaked addresses has to be registered, and there's a limit of 10.
  10. It took a lot of careful consideration and elaborate engineering to come up with the sophisticated solution for keeping track of the entries. But I think it was worth the blood, sweat and tears I poured into it. (It's a .txt file)
  11. If you mean for buying our products: we only accept payments by card or PayPal. But if you mean for taking payments on your own community: our Stripe integration supports iDEAL.
  12. You should invest in a password manager πŸ˜‰
  13. For a straightforward total of all account credit: SELECT SUM( CAST( JSON_EXTRACT( cm_credits,'$.USD' ) AS DECIMAL(20,2) ) ) FROM core_members WHERE cm_credits IS NOT NULL To count only positive amounts (because people can have negative balances): SELECT SUM( GREATEST( CAST( JSON_EXTRACT( cm_credits,'$.USD' ) AS DECIMAL(20,2) ), 0 ) ) FROM core_members WHERE cm_credits IS NOT NULL; Requires MySQL 5.7 or higher. Replace "USD" with the currency code you're using.
  14. I think you may have misunderstood the way the header works. X-XSS-Protection basically provides a way to the browser "if anything on this page looks suspicious, don't run it" (either the whole page or just the bit that looks suspicious). It isn't supported by all browsers (Firefox, for example, doesn't support it). In theory it's a reasonable idea, although a pretty weak protection - it only benefits the users of those browsers from being victims of XSS attacks if your server has already been compromised. Web applications therefore need to take much more sensible measures against XSS protection such as ensuring proper escaping of output (to stop them happening at all), http-only cookies (so even if there is an XSS exploitation it can't access your cookies), etc. We do all of this. So in other words: all it provides is a very weak level of protection against something the backend already has much better protection for. And, as @Makoto points out, it kind of sucks at doing even that; it is known to have bugs and ironically, some of those bugs cause security issues themselves. Also, there are known ways to bypass it. That's probably why some browsers don't even support it. Normally, it would barely be worth any thought and we would leave it at the default value. But it was breaking things with false-positives (i.e. it was thinking that code we deliberately wanted to run was suspicious) so turned it off. Apparently we are not alone in going for this option: I just quickly checked Google and Facebook, and both have it turned off (full disclosure: the other two sites I checked, Twitter and Amazon, don't). You can turn it back online with a plugin or via your server configuration if you really want to, and it's also possible that the Content-Security-Policy header which we do have a setting for will override it (you'll have to check each browser), but we're not going to add a setting specifically for it. -- tldr: It's a thing that isn't supported by all browsers, with a much grander sounding name than it deserves, which is buggy, and was breaking things. You don't need it on.
  15. Have you submitted a ticket so the support team can look into it?
  16. It won't get overridden unless you're uploading the full set of files every upgrade.
  17. Just don't create add any servers - the features sort of have to be specifically enabled.
  18. If you don't want to change anything, you don't have to. Everything will continue working as it does now. If, however, you did want to migrate to Braintree, you have two options: The sensible option is probably to set up Braintree and use it for new purchases. Keep your PayPal gateway set up but disabled to new purchases. That way, new purchases will use Braintree, but any existing billing agreements will continue to churn away without lost revenue. If you wanted, you could cancel all the Billing Agreements with PayPal, and then when it gets to people's expiry dates, they will receive an email asking them to pay, and that would allow them to set up a new billing agreement using Braintree.
  19. You should see this: And then the form your screenshotted is what appears if you click "Continue as New Member".
  20. I still use an RSS client πŸ˜…
  21. PHP 7.1 or higher required (no particular recommendation beyond that other than of course the latest is always a good idea). MySQL 5.5.3 or higher required, 5.6.2 or higher recommended (though again, latest is always a good idea).
  22. There is backwards compatibility so you should be fine πŸ™‚ If you want to update it, we don't have any specific documentation, but if you take a look at one of our login handlers, the methods are all well documented.
  23. Not to the end user. Mostly from people who either didn't read the terms and got their accounts closed or are confused about how chargebacks work (which is not something the gateway has any control over).
  24. End-to-end encryption is not really possible as there is no method for storing the keys in a browser with reliable persistence (unlike in a mobile app). Note that "secret comversations" in Facebook Messenger, for example, can only be created and viewed on their mobile app, not their website.
  25. Not at this time. Most gateways, including Stripe, Braintree, and PayPal, do not allow most types of adult content. It was probably that. Obviously this is out of our control. I have expensive tastes πŸ˜‚ (also specific purchase amounts trigger certain behaviours when in testing mode).
Γ—
Γ—
  • Create New...