Jump to content
You're invited! Join our 4.6 Live Event on ZOOM 6/24 ×

Community

dancingbear

+Clients
  • Posts

    234
  • Joined

  • Last visited

 Content Type 

Profiles

Downloads

IPS4 Providers

Release Notes

IPS4 Guides

IPS4 Developer Documentation

Invision Community Blog

Forums

Store

Everything posted by dancingbear

  1. it's great that you've added value to your product by including the app. However, for forums which have their revenue stream via ads, it's not added value its detracting value as the app doesn't include the ads. Could the app include code from the ACP adverts feature? If so, it would perhaps be best to be able to flag specific adverts for inclusion in the app. Alternatively, as I also have subscription users who pay to not see the adverts, could the app be usable by a specific user group(s)?
  2. I've discovered what the change is within v4.1.16, and that's that a call to the necessary IPB login code will kill a session you've created in your own code (it didn't do this in previous versions). It was easily rectified in my code by starting the session after verifying the user against IPB. Hope that helps someone.
  3. I've been using the IPS login as verification for access to my website's content manager. IPB have changed the login stuff in v4.1.16. So now my content manager doesn't work, and my websites are stuffed. Until now, I've been passing the following function the username & pw, but what do I do now? Any help hugely appreciated. $IPSLogin = new \IPS\Login\Internal; $IPSLogin->init(); // Catch exceptions here (bad pass/unregistered) // Doesn't check if account is locked/banned etc $member = $IPSLogin->authenticate(array('auth' => $username, 'password' => $password)); if ($member) { $expire = new \IPS\DateTime; $expire->add( new \DateInterval( 'P7D' ) ); \IPS\Request::i()->setCookie( 'member_id', $member->member_id, $expire ); \IPS\Request::i()->setCookie( 'pass_hash', $member->member_login_key, $expire ); return "true"; }else{ return "false"; }
  4. doesn't seem to work for me - nexus 7, v6.01. Has it really been addressed?
  5. yep - as you've told me in the support email you've just sent me. So it's clearly an identified system issue, even tho the cause of me raising it is a numptie user.
  6. or alternatively, IPB should have a way of logging out just the affected user. You might as well be saying "turn it off and back on again". I thought the IT world moved on from that about 20 years ago ... it certainly did where I worked.
  7. It's not impossible, so would you like to tell me where you think I have?
  8. yep. But it's become an IPB issue, because IPB shares the password across different sessions. his 'friend' doesn't now have access to his email (because his mail password isn't shared across sessions), but it's naff-all use for the user to do anything with reseting his own IPB password - because the password is shared across sessions.
  9. I'm not going to be logging everyone out. Using nuclear weapons against a bank robbery isn't anything the sane world does. The sessions table isn't showing any instance of that user logged in, so I've just changed the user password in ACP and hopefully that's locked out the 'friend'. Thanks for that suggestion, and my fingers are firmly crossed. But it does because....? That's how your company have designed the login system.
  10. that's only good if the 'friend' user goes offline, and I have some way of knowing that they have. They're deliberately not going offline so they can stay logged in. You're not saying anything I've not thought of myself, but the problem is it's not a guaranteed solution. I need something that's guaranteed to work.
  11. because the 'friend' user would remain logged in, and if their IP changes they'll have access again. It's not a secure solution.
  12. one of my users inadvertently revealed his password, and now one of his friends is logged in and is posting as him. He's tried changing his password, but the password change appears to be getting passed across to his friend's session, as the friend remains logged in. I've just tried replicating that with a dummy account and two different browsers, and yep, if the password is changed in one browser the other browser stays logged in. Is there some method I can use to log out all instances of that user before I change their password? Or another method I can use to remove the 'friend' from having access to his account?
  13. I can't be sure now, but I think I might have had to set the permissions of my chosen s3 'bucket' to public, but other than that IPB handled it* all automatically. (I say 'handled it', but because of the size of some files it didn't, and IPB support had to advise me to change some of my PHP settings temporarily to enable the transfer of files to s3 to complete) More than that I can't tell you, sorry.
  14. it works fine with my install. View the page source, and one of the top lines should be <meta charset="utf-8"> Also, check your database setup, to ensure that both the database and any tables have "utf8_unicode_ci" as the collation. If it doesn't have that as a collation, you'll need to google for the best way to change it - and note that changing the table collation without also running some code on the table content might not be enough by itself (I forget what I had to do to change mine, but I think some of the content data needed acting on as well as the table setup).
  15. I know I re-entered the info into the various fields on the page in ACP. Its possible I entered different - correct - info. 'bucket name' is the name of a bucket you've created within your s3 account. 'bucket path' is the name of a folder (directory) you've created within that bucket, without a leading or trailing slash. The 'access key' and 'secret key' are the ones you get from the page that has a link by the ACP's 'access key' field, from the box that pops up on the screen when you arrive on that page. There's no need for the 'users' bit (I've not used it), so just click on 'continue to security credentials' button and go to the 'Access Keys (Access Key ID and Secret Access Key)' bit where you can get the access and secret keys. Click on the blue 'create new access key' button which will create your keys. That should be it. I hope that helps.
  16. you can edit the 'footer' template of your theme to code in any extra links you might want to add. ACP -> customisation -> themes -> <your theme> -> Edit HTML & CSS -> templates -> footer
  17. Never mind. It seems to have worked now, tho I'm not sure what was different.
  18. I'm trying to set-up Amazon s3 for remote file storage. S3 is all new to me, tho I've created an account and been able to upload a test file from within the s3 console and then access it via a browser. I've then gone to the ACP, to do the set-up there, and after filling in the details and submitting it gives me the error msg:- -------- There appears to be a problem with your Amazon (bucketname) file storage settings which can cause problems with uploads. After attempting to upload a file to the directory, the URL to the file is returning a HTTP 411 error. Update your settings and then check and see if the problem has been resolved -------- I've looked around the s3 settings but can't find anything that might be the problem, so i'm hoping someone here might be able to tell me what i need to do. Thanks.
  19. In the real world there's a full paper-trail back to the buyer's full details via the PayPal transaction so the buyer isn't actually able to deny the seller those details. But having discussed it with the few users who'd made this lack-of-anonymity complaint to me, they wanted their details on the systems of as few places as possible from where it might get hacked, which is fair enough. And as there's no need for me to know who these people are, why would I want it anyway? For some websites operating in some of the darker corners (and not necessarily anything remotely illegal), this can be a bit of an issue. I think in my case it's a few with leanings towards tin foil hats, but there you go.
  20. I do exactly that (not software licences tho, ad-free subscriptions). I declare the sale amount, I pay the required VAT on it as tho every sale is an internal UK sale. Job done. I am not required to keep buyers details, tho I can be subject to a tax investigation at any time where I might have to justify everything I've done towards tax and suffer the consequences if I can't,. For the amounts i'm talking about proof of transactions accurately recorded would suffice (and that would be easily done by the PayPal front page numbers matching what I have recorded in my accounts).
  21. OK, fair enough. Tho this isn't really a discussion about taxes, but about software functionality - where the functionality doesn't cover all tax law possibilities around the world. It's derived via VAT (sales tax) law. A seller is required to provide a receipt detailing VAT on request by the customer, and the customer has to provide nothing in return. Other laws and regs can impact over that, but that's the baseline and would be applicable in most retail transactions (which would include online for the occasions when no goods need shipping so no details are required).
  22. The world is not the USA. All that is required in the UK is that income is properly declared. There is no requirement in law for a seller to take the buyer's personal details no matter whether face to face or online. In fact, the buyer has a right in law to NOT to give his personal details and the seller has to accept that.
  23. I've got a user who is getting an email for "new content from your followed items for the past week", but within that user's notifications all email options are set to off. Does anyone have any suggestions for why, and how I can make them stop?
  24. I've had people moan at me about the same thing. I've no idea how it was done, but one user did manage to purchase (a subscription, so there were no goods to ship) without giving personal info directly to me by purchasing as 'guest' (tho was available to me within PayPal), and the payment was matched up with the correct purchase via PayPal's Instant Payment Notification. I also had someone give completely fake name/address details, and again it was auto-matched up via the IPN. But really, this is about users being a bit of a numptie about 'me' having their personal data - because that personal data is always available to me via PayPal.
×
×
  • Create New...

Important Information

We use technologies, such as cookies, to customise content and advertising, to provide social media features and to analyse traffic to the site. We also share information about your use of our site with our trusted social media, advertising and analytics partners. See more about cookies and our Privacy Policy