Jump to content

Community

Washerhelp

+Clients
  • Content Count

    124
  • Joined

  • Last visited

1 Follower

About Washerhelp

  • Rank
    Member

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Thanks. It's not a big problem, though wouldn't "Subject" be better? That would avoid confusion from newbies and autofill?
  2. Hello there. I can't remember if the "Title" entry box when creating a topic has always been called title, or did it once used to be called, "Subject"? For some strange reason I am finding recently that a lot of people are posting on my forum and instead of putting the subject in the title box they are putting, Mr, or Mrs. At first I just thought these people were a bit dim, (to be honest it's hard to argue otherwise), but I must have had about a dozen over the last six months. I can only imagine they are of the, let's say, older generation. If it's always been called title then fair enough, but if it's been changed from something like subject, which I have to admit seems more appropriate I wonder if anybody else is having the same issue.
  3. That might be a good compromise. I've just had confirmation from someone at tech support that it's a common thing now where people manually join up and post apparently legitimate contributions - but including spam links. It's clear that it's only a small step to get these people to join up and not post any spam, but then edit their posts later when the topic has sunk out of sight to include spam. These links could go completely unnoticed. I'm currently using the workaround suggested earlier to limit editing of posts to 1 hour after posting. It's not ideal because it restricts genuine users, but I'm a lot happier knowing people can't add spam links to older posts. I think if someone edits a post quite some time after it has been finished with and adds links it is very suspicious and I would like to be notified to check them. I've had several cases recently where people have joined my forum manually and posted completely legitimate questions but just with 3 spam links - all of which got through Invision's spam detection.
  4. Hi tonyv. Yes I can see how you would need longer editing times. The main thing is that the people running forums need the option to limit the editing time as in the vast majority of cases such as ones described by Black Tiger there is no need to edit a post after it has been replied to other than if someone spots a spelling mistake etc. This is presumably why the edited by notification was relatively recently introduced so that people can't change what they put to make a subsequent reply look weaker or pointless. I think that if Invision are not wanting to introduce a notification about when any post is edited after X amount of time they should maybe at least reduce the default amount of time for editing or as Black Tiger suggested lock editing once a reply has been added. Of course if administrators are aware of this potential issue they can quite easily change editing times themselves, but the problem is that this kind of spam is very sneaky and relatively low-key but potentially quite damaging and most people are not aware of it.
  5. Just a quick update to say that this has now happened to me a couple of times since posting this request. I have to confess I didn't get round to restricting the amount of time that someone can edit one of their posts as kindly suggested in one of the replies above. Needless to say I have set it to one hour now, which I presume and hope means that no one can edit any of their posts at all after one hour has past. As I speculated when I originally posted this issue it is a very clever and devious way to introduce spam. I appreciate that most spam is probably automated but if someone wants to do it manually it is very easy to edit one of their posts at some point after - potentially be even weeks after when the post has dropped down out of sight. Here's an example of what happened to me. Someone posted a question on my forum, I answered the question. Then a couple of days later they just log back in and added some spam links to their original post. The underlined text in the screenshot are links to spam sites. Because no further activity happened on the topic it was undiscovered until I stumbled across it by accident. I still think an administrator should have an option to receive notifications if a previously legitimate post is edited in order to prevent this sort of thing. It may be rare at the moment but it may also be something that is set to catch on and become quite prevalent. For now I have set limitations for editing at 60 minutes which hopefully will prevent this happening again though.
  6. Thanks. I didn't realise you could do this. It's a workaround of sorts. Unfortunately it would restrict genuine users from being able to edit something for perfectly legitimate reasons. If the feature doesn't become available I might try setting restriction for something like 24 hours. I would hope it doesn't apply to administrators because I need the option to edit posts I've made on my own forum indefinitely.
  7. I get notification on all new posts, but can I get notifications if someone edits one of their posts? I've realised it's easy for someone to be able to get past moderators and admins with innocuous posts and return later when the topic has sunk out of sight to add spam links or inappropriate content? In a busy forum it might get noticed, but on quiet forums like mine or on unpopular topics it would go unnoticed. I would hope it's easy enough to do. We can already see if a post has been edited if we are reading it. It might not be for everyone so an option would be good. I don't expect many people edit their posts at all apart from not long after posting it. But if someone edits a post say weeks or months later it would be good to be able to know so I can check it out.
  8. Thanks ehren. I didn't think to use the control panel. I usually find files using ftp and edit them directly. Will give that a try cheers.
  9. Thanks ehren. I just had a look in the forums folder but couldn't see a stylesheet.
  10. Thanks. When my first user emailed me saying they couldn't post I checked my site, it seemed OK. So I replied back asking for more details but they didn't respond. I couldn't see any issue with my forums so I left it at that. It was only after another user emailed me a week later that I decided to contact support. That's when I saw the notice. If I'd have been notified about the identified issue I would have been able to deal with it before another user had the frustration of not being able to post. Presumably someone has to make judgement calls about these things but I don't think it would do any harm to keep us more informed - especially on the dashboard. As with my original point about the security issues it feels to me as a customer of IPS that the system is aware of issues but leaving me to discover them myself instead of letting me know asap. It's puzzling to me that software I am using identifies known bugs and serious security issues but doesn't proactively notify users about them. What possible harm could it do to put newly found security warnings on the dashboard so as soon as an admin logs in they can see them?
  11. Thanks, although the issue is about being notified of warnings rather than how to deal with these specific ones. I've sadly just found another example of this issue. Two people have recently complained that they are receiving a server error when trying to post. So I logged into my Dashboard and clicked "support/Something isn't working correctly". I was then shown another warning - "You are running the latest version, but there are known issues: An issue has been identified with PHP7.1 when using the Zend Opcache extension that may cause features on your site, such as member posting, not to work correctly. To resolve this issue, please disable the Zend Opcache PHP extension. The underlying issue is related to a third party library used by the Community Suite which has been updated in our upcoming 4.2 release, at which point the Opcache extension may be re-enabled" I apologise if I'm not using the control panel properly or misunderstanding something, but again I find this quite astounding, and to be honest unacceptable as a paying customer. Here's how it feels to me - I was advised a new version of IPS was available. I updated and was advised that upgrading to PHP 7 was recommended. I upgraded to PHP 7 After upgrading to PHP 7, IPS ran tests and discovered 3 security issues related to PHP 7 - 1 of them "serious". It didn't tell me, or in anyway flag up that there were new security warnings found. Then (presumably some time later) IPS discovered the above issue with the Zend Opcache extension that can cause some users to be unable to post. But again IPS or my Control panel didn't tell me. I only discovered it after trying to contact support. How is it possible that these things are found but not notified? They deserve to be flagged on the Dashboard with far more priority than the current relatively benign notifications about members waiting for approval, how many people have registered recently and the percentage of users by app. I appreciate there might be an argument that anyone running and administrating forums should maybe constantly roam around in the control panel. But I can't be the only person that uses the control panel like I do. I open control panel to carry out specific tasks like deal with a member issue or maybe edit an advert etc. So when I go to control panel it opens up on my dashboard. I look at the information in the dashboard before moving directly to the area I came to deal with and then log out. I thought dashboards were the place where an admin can quickly get a look at how things are going. Anything important should be there surely? How can there be known security or php issues that are not there for admins to see? Why is the information essentially hidden and left for us to chance across? I don't think it's fair to say that these particular issues are related to the server and not IPS because it was IPS that advised me to update the PHP. Basically if IPS has looked for and found any security or functional issues related directly or indirectly to the forums they should be flagged up to admins - ideally on the dashboard please
  12. Thanks Charles. Like many other people I run my own server supplied by a big hosting company so I have to do everything myself. It's beyond me why even the most up to date PHP comes with all these "dangerous" features switched on. If you are only checking and advising as a good will gesture (which we greatly appreciate) it seems a little disingenuous to then say but we won't actually proactively tell you. It's up to you to discover the warning yourself. I fully appreciate that these issues are technically not part of the forums, but someone at IPS thinks it's important to check these things. It's built into the control panel to display these warnings. So why after doing that would you just leave it up to us to discover them when you could so easily display them in the dashboard? Either IPS think it's nothing to do with them how our servers are configured or they don't. As they clearly do think it's important to check some things and warn us it feels a little like a friend noticing my house has a serious potential security vulnerability and if I ask him he'll tell me about it but otherwise he'd leave me to discover it myself
  13. Hi. I recently updated my forums. I took the advice of the pre-upgrade checker to get PHP 7 installed on my server. Anyway, several weeks later I happened to click on the "security" link in the control panel and found 3 warnings. One of them in red and flagged as serious. The warnings are related to the new PHP and included disabling several commands in PHP. I had done this already in the past, but updating to PHP 7 had re-enabled these apparently dangerous commands. I'm disappointed that if IPS finds serious security issues it doesn't actually tell me. Why aren't those warnings on the dashboard with the other warnings about admins logging in and failed login attempts? I appreciate someone might say I should have realised installing a new version of PHP would override previous amendments or that I should regularly click the security link to check for new warnings. But the dashboard is already designated as a place to display important information and stats and is where I'm always taken when I log in. From there I navigate to the place I came to do work on. I haven't felt I needed to regularly check the security tab. I appreciate from now on if I change anything or upgrade IPS I will check the link but surely admins should be proactively warned about security issues as soon as they log onto the control panel? Ideally in the dashboard widgets? Andy
  14. Thanks. Does anyone know why sigs should be completely banished by the developers? As I say I understand how it might be desirable to have them not display in restricted space especially as many of them are just rubbish - no offence meant but I don't understand why so many things are decided by IPS with no option to override by admins. Some signatures used by admins contain useful, pertinent and even essential information.
  15. Invision Power has decided no one wants to show signatures on the mobile platform. I'm sure there's a logical reason why this might be a good idea for many forums. But I need my signature to show on my forums in the mobile version. Can it not be made an administrators choice? I give a lot of advice on my forums and need a disclaimer in my signature. This plays a very important role. I can't be the only admin with important information in their signature? Please give us more choices of how we run our forums. I need people to see my safety warnings and disclaimer. I don't care about any other signatures but it would be great to be able to switch them on for admins.
×
×
  • Create New...

Important Information

We use technologies, such as cookies, to customise content and advertising, to provide social media features and to analyse traffic to the site. We also share information about your use of our site with our trusted social media, advertising and analytics partners. See more about cookies and our Privacy Policy