The Old Man

Thanks Adriano, tbh that's a bit overkill for me.

Hi, I need to credit a new member with a purchase of a downloadable file in Commerce. Do I just move them to the correct customer group then create an invoice for zero amount, add the item and then mark it paid? Then they will see it in their client centre and will be able to download it from Downloads app, as if they had made an actual purchase? Many thanks!

I noticed the word "after" is repeated on the Login tab of the Login and Registration page in v4.7.2.1. It isn't there in the previous versions.

Don't give them any more bright ideas! 🤯

Probably more so just another nail in the coffin. Actually I first saw this news on Ars Technica and I'm sure it was titled differently, something along the lines of 'the end of forums?' : https://arstechnica.com/gadgets/2022/09/discord-mimics-reddit-with-new-forum-feature/ because briefly scanning through it at the time reminded how many times in the last few weeks I've relied upon trusty forums whilst researching some PC related technical issues, in particular in relation to BIOS issues revolving around the late, great 2500k and Q6600 related motherboards and also modern UEFI BIOS issues causing problems. Some of the forum content is so useful and I recall thinking to myself a few times how useful forums and forum search features was, and how you'd never find this on social media or other modern platforms. The biggest negative with the legacy content was the frustrating broken images hosted on third party sites and broken links in a lot of cases, but that's the web for you.

Absolutely agree, hiding the CSS templates is ridiculous! It was like a live, instant reference, so useful and tbh having realised, I'm unwilling to update the last of my live sites. Having to enter and exit designers mode is no good, it's slow, clunky, buggy, and you even advise us not to do it on live sites. Who in their right mind would do that when they need to make some quick changes to custom css templates or look up some css to refresh their memory? By all means, remove edit permissions if you absolutely must, but what's the harm in leaving the templates read only and searchable?

Have you got cache-control headers set up on that file? https://fisiculturismo.com.br/applications/core/interface/font/fontawesome-webfont.woff2?v=4.7.0 Check the cache-control meta data on the file in S3 console, should look something like: What does your cache behaviour configuration look like? Do you have it set to use the origin cache headers? If so they can be set incorrectly, with the cache-control and/or file-type incorrect or missing. If you have it set to custom, make sure the minimum TTL isnt 0. E.g. These TTL shown above are too short for Woff2 fonts, you could use much longer times.

Hi Sobrenome, Yes your CSS files etc are being served by Cloudfront on your CDN domain, in fact when I first looked at your site, all the CSS, images etc were missing, so I assumed either you were working on it or you just have Cloudfront unavailable from the UK where I am, no biggie of course, it just means your CDN content is only available in Brazil and wherever else you have it enabled for. I used a Brazil based endpoint to view the site and it loaded the CSS just fine. I just checked your first link and you tested from Virgina US, so it is available there too. I'm wondering though if it's because your whole site is hosted on S3 and behind Cloudfront and you have a sub domain behind Cloudfront too; so your font isn't being served from the same origin. The font doesn't get transferred to the CDN domain by IPS like images, CSS etc hosted on S3 storage do, it's remains located on the main local domain, not cdn.yoursite.com. Have you therefore got 2 Cloudfront origins set up, one for the IPS site and one for the CDN subdomain? If you only have one for the CDN domain it may be the cause? Hope this makes sense.

Hi, I'm guessing but it looks like the caching behaviour isn't set up correctly on your Cloudfront distribution. You may have a general configuration that needs to be checked, or you may have individual caching behaviours set up for different types of content, in which case check the one for fonts or WOFF2 files. If you have some individual behaviours say for CSS or Images but don't have one one for fonts Cloudfront falls back to the default caching behaviour so check that in case it's not configured to cache properly. Double check your paths have wild cards for your caching behaviours: https://aws.amazon.com/premiumsupport/knowledge-center/cloudfront-not-following-cache-behavior/ If you have made changes but are not seeing them you may need to invalidate the cache. https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Invalidation.html Hope this helps.

None at the time, before and after.

One for the rare circumstances to do list, perhaps... I created an uncaught exception which resulted in the AdminCP Dashboard home showing the error message instead of the normal view. IPS 4.6.12 Commerce (Full Suite), PHP 8.0.21 How I broked it good: Changed an existing chargeable product (downloadable file) to free (no issues), then used the option to cancel all purchases (I had none). Went to the AdminCP but site displayed the uncaught exception: The URL of page the error occurred on was https://mysite.com/admin/?app=core&module=overview&controller=dashboard DivisionByZeroError: Division by zero (0) #0 /home/mysite/public_html/applications/core/extensions/core/Dashboard/BackgroundQueue.php(56): IPS\nexus\extensions\core\Queue\_MassChangePurchases->getProgress(Array, 0) #1 /home/mysite/public_html/applications/core/modules/admin/overview/dashboard.php(64): IPS\core\extensions\core\Dashboard\_BackgroundQueue->getBlock() #2 /home/mysite/public_html/system/Dispatcher/Controller.php(101): IPS\core\modules\admin\overview\_dashboard->manage() #3 /home/mysite/public_html/system/Dispatcher/Dispatcher.php(153): IPS\Dispatcher\_Controller->execute() #4 /home/mysite/public_html/admin/index.php(13): IPS\_Dispatcher->run() #5 {main} Backtrace #0 /home/mysite/public_html/init.php(1015): IPS\_Log::log('DivisionByZeroE...', 'uncaught_except...') #1 [internal function]: IPS\IPS::exceptionHandler(Object(DivisionByZeroError)) #2 {main} I'm unsure if it was the price being set to 0.00 first or the fact there were no purchases and renewals to mass cancel. I just stepped backwards in the browser to the change the price back to 10.00 and then the error disappeared immediately from the AdminCP homepage.

Great to see its kind of on the to do list. I posted about this in a different topic here, and I still believe a system task/s used to create dynamic templates would address a lot of these one-size doesn't fit all related issues in terms of critical CSS and optimised CSS. The current custom lazy loading approach is a quick fix (to switch to use the widely adopted and simple loading='lazy' tag and either remove or switch the current but clunky method to optionally support legacy browsers that doesn't support the loading tag). Similarly image optimisation in terms of system task-based Local WebP generation on servers that support it by having the relevant libraries available. Actually, thinking about it, that presents a timely opportunity to address the heinous issue of IPS deleting original uploaded image resources after copying them to AWS S3; that's really bad practice unless the admin opts in to transferring to save storage space. Retaining your media library should be the default. ... It quite annoys me when the proverbial we/I contribute to the bottomless pit known as the IPS feedback forum and never receive an IPS Team response, of any fashion. I'm not talking about just obscure or niche requests for individual sites, some relate to form accessibility improvements, oversights like referring to font weights in CSS that have never been called in the HTML etc. A topic in a client feedback forum should NEVER go unanswered or unacknowledged. A person in the IPS team should be tasked with monitoring your feedback forum to at least acknowledge feedback or requests and then flag them back to your relevant team.

Hi there, Please can you change the current single line text input field for Content Security Policy (custom) in the AdminCP > Advanced Configuration > Security section to a larger text area field? Modifying a CSP entry is very difficult (especially when using a tablet!) which makes the current type of form field unsuitable. An example: content-security-policy: default-src 'self'; script-src 'self' 'report-sample' disqus.com c.disquscdn.com platform.instagram.com cdnjs.cloudflare.com scotthelme.disqus.com a.disquscdn.com go.disqus.com platform.twitter.com cdn.syndication.twimg.com syndication.twitter.com gist.github.com/ScottHelme/ static.cloudflareinsights.com js.stripe.com https://unpkg.com/@tryghost/; style-src 'self' 'report-sample' 'unsafe-inline' c.disquscdn.com a.disquscdn.com fonts.googleapis.com cdnjs.cloudflare.com platform.twitter.com assets-cdn.github.com github.githubassets.com; img-src 'self' data: www.gravatar.com links.services.disqus.com referrer.disqus.com a.disquscdn.com cdn.syndication.twimg.com syndication.twitter.com pbs.twimg.com platform.twitter.com abs.twimg.com www.google-analytics.com; child-src www.instagram.com twitter.com fusiontables.googleusercontent.com fusiontables.google.com www.google.com disqus.com www.youtube.com syndication.twitter.com platform.twitter.com www.youtube-nocookie.com js.stripe.com https://drive.google.com/file/; connect-src 'self' syndication.twitter.com links.services.disqus.com scotthelme.ghost.io cloudflareinsights.com; font-src 'self' cdnjs.cloudflare.com fonts.gstatic.com fonts.googleapis.com; form-action 'self' syndication.twitter.com; frame-ancestors 'none'; prefetch-src 'self' c.disquscdn.com disqus.com; object-src 'none'; base-uri 'none'; upgrade-insecure-requests; report-uri https://scotthelme.report-uri.com/r/d/csp/enforce; report-to default Many thanks!

I don't know about you, but I'm wondering if it's perhaps overdue that IPS got stuck into a huge performance and speed based review and implement it in the next medium sized update! I think a lot has changed in recent years in relation to site performance. Core Vitals in Lighthouse as many admins will be aware are now much more important in terms of SEO ranking, performance isn't just for the obsessed enthusiasts any longer! Google Search Console tells me that on one of my IPS Communities, my Mobile Pagespeed test result sucks, just 28%-30% at present, so I started checking a few things under the hood. I like to keep my sites high performing, so I was quite surprised it was so low. One thing I found out in minutes looking at the optimisation list and then checking my IPS configuration is that if you have the IPS Lazy Loading feature enabled, it doesn't apply to your uploaded images in Advertisements or Post Author Member Group Icons. Both are shown in my topic view so I get scored down on mobile in particular. I think it's now time that Native Lazy Loading was offered, either as a choice or as the default if enabled. Also where possible IPS should support Local WebP conversion via the Task Manager. I know some of us sometimes bash IPS for not delivering more obvious updates like Gallery, Blog, Pages and Commerce improvements for the sake of instead quick things like disabling features but IPS4 is quite a huge behemoth these days, no matter your pricey VPS, CiC, use of Redis pools etc. More performance improvements I'd like to see considered include... (Now admittedly I'm basing this list on a similar big audit that another website framework I invested in conducted and implemented last year. These are the options you can now simply toggle off/on as a result in their Dashboard. They can make a huge difference to bloat.) Dynamic Modular Framework Enable this to allow the IPS Framework to only load code that are actually used on the page, and process the logic for the features in actual use. Dynamic CSS Dynamic CSS could greatly reduce CSS file size by dynamically generating only the styles and assets necessary for the features and modules you actually use. This eliminates most if not all CSS file bloat and greatly improves load times. Dynamic Icons Font Awesome is 2 generations behind. The FA4 icon font could be broken up into various subsets. These subsets are loaded only when needed based on the modules and features used on each page. If you need access to the entire icon font on all pages (for example, if you are using lots of FA icons in a custom theme or want to allow members to insert them via the post editor), then you could disable this option and load the entire icon font library on all pages. Load Dynamic Stylesheet In-line This option dequeues the IPS style.css file and prints the needed contents in-line. This removes a render blocking request and improves the PageSpeed scores of individual pages. However, it also prevents the style.css file from being cached. Since the stylesheet is often smaller when dynamic or critical, it could be recommended to keep this option enabled. Accepted there are some potential CSP-related security concerns with inline CSS an or JS. Critical CSS Critical CSS greatly improves website load times and Google PageSpeed scores by deferring non-critical styles and eliminating render-blocking CSS requests. Critical CSS often covers what most users see when first loading the page, so called 'above the fold' content. Critical Threshold Height When Critical CSS is enabled, IPS would determine an "above the fold threshold" and defer all styles for elements below the fold. However, this threshold is just a estimate and can vary on different devices. Increasing threshold height will deffer fewer styles, resulting in slightly slower load times but less of a chance for Cumulative Layout Shifts to occur. If you are experiencing CLS issues you can then increase or lower the threshold 'height' via a drop-down low, medium, high setting. Dynamic JavaScript Libraries When enabled, IPS would only load external JavaScript libraries when they are needed by a specific sections or modules on the page. This removes unused JavaScript from the main scripts bundle and improves load times. Improve Google Fonts Loading Enable caching of Google Fonts and load them inline. This reduces render-blocking requests and improves page load times. Also presents an opportunity to switch to the Google Fonts API, to offer a dynamic dropdown list to allow admin to choose from all available GFonts. The Task Manager could check for and cache new versions of selected fonts in use weekly. Limit Google Fonts Support For Legacy Browsers Enabling this option will lower the size of Google Fonts and improve load times, however it will limit Google Fonts support in some very old browsers. You can turn this off to increase support for losers insisting on their older insecure browsers at a slight cost to performance. Defer jQuery And jQuery Migrate When possible, jQuery and jQuery Migrate could be moved to the body to speed up load times. If a third party plugin registers jQuery as a dependency, it would be moved back to the head. Enqueue jQuery Compatibility Script Some third party scripts may be incorrectly enqueued without declaring jQuery as dependency. If jQuery is deferred, these scripts could break. If you are experiencing console errors after enabling the "Defer jQuery And jQuery Migrate" option, you can enable this option, which will load an additional compatibility script that will attempt to solve the issue. (You can turn this feature off if everything is working fine without it). Defer Additional Third Party Scripts Warning: This can cause JavaScript errors in some cases and should be used with care. When enabled, scripts registered by plugins and themes will be deferred to improve performance and jQuery will always be loaded in the body.

Hi, Please can you enable/re-enable the code button here on the IPS site for iPad tablets? I see it here, but Quote editor is available when needing to paste code in replies when your sidebar is enabled in some forums. Thank you 😊

Hello @HeadStand ! Hope you're well. Sorry to bother you but I'm seeing fatal PHP errors with the Sparkpost plugin since upgrading from PHP74 to PHP8.0. Many thanks! Regards, Graham

Thanks both for sharing your thoughts on this.

TL;DR - For best practice, please can you enable the secure cookie prefix in http headers for https enabled IPS4 sites? Whilst looking into unrelated http caching headers, I've become aware that https://securityheaders.com/ is reporting the following message: set-cookie ips4_IPSSessionFront=fjgyudsrydugilgkufgudiyfulfykdjgd; path=/; secure; HttpOnly I tested all my IPS4 sites and the IPS website here (quick link below) and it happens on them all, so I'm thinking it's IPS4 rather than my Apache server: https://securityheaders.com/?q=https%3A%2F%2Finvisioncommunity.com%2Fforums%2F&hide=on&followRedirects=on Although I have https enabled which meets the second requirement, the cookie isn't treated as same site because the cookie isn't configured with the necessary prefix. I imagine it's a fairly quick fix so that it outputs something like this on an https enabled site: set-cookie __Secure-ips4_IPSSessionFront=fjgyudsrydugilgkufgudiyfulfykdjgd; path=/; secure; HttpOnly Thanks for reading.

I think it's just for Wordpress and I have some IPS only sites. I'll take a look at that though.

Warning if you opt in to read this following content, you'll be heading out for a packet of these soon afterwards... I was wondering if there will be any improvements to the cookie banner so we can offer clear unhindered choice ( REJECT ALL, ACCEPT and ACCEPT ALL), plus either CCPA and/or GDPR modes? Reason I ask, is that I recently switched from CivicUK to a different free plugin (CookieYes) that I'm super impressed with for use on some Wordpress sites combined with IPS, and it reminded me how limited the IPS cookie banner is. After install, you can opt to let them scan your site and collect and optionally auto categorise cookies for you. They then tell you by email when it's done (usually seems under say 30 mins), and they've imported your cookies into the admin dashboard, where you can then optionally move them to different categories (necessary, advertising, analytics, etc). It even adds descriptions for known cookies. This means your visitors can quickly reject, accept or enter a toggle panel with cookie descriptions to make granular consent choices. It's a great timesaver and it picks up on cookies placed by 3rd parties from rich embeds like YouTube and Vimeo embeds etc. You can opt to switch modes and text wording for the banner message based on whether you want to go comply with GDPR or/and CPPA compatibility accordingly. You can have a pop up modal, widget or banner, I like widget because I can reduce it down to a less intrusive simple 🍪 emoji after a user chooses. You can also opt to let the company log acceptances for you if you need to. I added the IPS4 cookies to it manually using the descriptions IPS generates for its own cookie policy but I suppose one option would be to deactivate the IPS cookie banner and let this WP plugin handle it all, but I also have IPS sites without WP, where better cookie banner support would be ideal. I'm sure IPS4 and it's database functionality could provide something similar, but most importantly we really need these simple choices to make it easier and unobstructive to reject non-necessary cookies or accept analytics, accept all (necessary, analytics, advertising etc).

Thanks for that, I was wondering why they had stopped responding to bug reports there. I used to use the Support forum to report them but switched to the dev forum as it made more sense, then they got abandoned! Thanks for the updates Matt!

Hi @Rikki Is it possible that elements of this useful topic could be added to the Help guides for convenience? Also I've been looking at the built-in Flexbox classes to refresh my ailing memory, as I'm making a mega-menu footer template using the new built in Flex properties, basically a div set to flex containing about 6 small blocks of ul lists of site links. Am I too sleepy or has the Flexbox value Space-Evenly overlooked or purposely left out in the info above (and in the actual default IPS4.6 CSS template)? So for example with Justify Content property: (Sorry the code editor button isn't showing for me on my iPad so I'm using quotes) Assuming then something like: Lastly, with regards to use of the new ipsGap, should we solely use this on a Flex parent container for adding spacing on the Flex children, instead of using the new spacer ipsMargins and ipsPaddings on the child elements? Many thanks!

If you have Club Forums on the main forum index in Grid View, they are all stacked vertically with no margin spacing between them. (Default IPS Theme) Normal Grid View Club Forums that are shown at the bottom of the page:

Thanks Marc. Yes, just pasting the link in a standard blog post entry.

Hi, If I insert a link to a public IPS4.6 Gallery Album into a Wordpress post, should the link show some kind of preview like a rich embed or card etc? Both latest IPS Gallery and WP are on the same website domain/host. All I see at the moment is the clickable URL that leads to the album but in plain text, like this: I'm not expecting anything grandiose, it's not a Pages block I'm trying to embed, but I thought it should at least show the IPS Gallery's open graph image or sharing icons something, which made me wonder if it's configured properly. The IPS Gallery does have favicons etc set up. Updated: I may have answered my own question! I've tried posting a link to one of my site's public Gallery albums here and it doesn't generate any kind of link, just a plain link. I thought one IPS Community link posted on another would show something more decadent than plain text. Like a Twitter style card or something.