Jump to content

G17 Media

Clients
  • Posts

    102
  • Joined

  • Last visited

 Content Type 

Downloads

Release Notes

IPS4 Guides

IPS4 Developer Documentation

Invision Community Blog

Development Blog

Deprecation Tracker

Providers Directory

Forums

Events

Store

Gallery

Posts posted by G17 Media

  1. On 1/11/2024 at 11:04 PM, Nathan Explosion said:

    Well, considering it is the place where you configure Google authenticator to allow you to use it for 2FA and Google needs to render the QR code, yes.

    Google doesn't need to render the code. 2FA/TOTP QR code generation does not require data being sent to Google. There is not a need for IPS to be sending these codes to Google for rendering, it could be done locally.

    Google Authenticator is one app for 2FA/TOTP codes, but you can use other apps. Even Google Authenticator itself does not transmit/backup TOTP codes to Google unless you activate its optional backup function.

  2. To replicate on any IPS community:

    • Create File Moderator subgroup, add it to Moderators, give every File/Downloads permission (including hide/unhide).
    • Post a file where approval is required. Note that the file appears in the approval queue for a user in that moderator group.
    • Post an update to said file, where approval is required. Note that the file is not shown in the approval queue for this moderator group, nor can they actually approve the file.

    I've fixed this on my community so I don't need this to be fixed upstream - but this is a heads up for a bug in Invision Community.

  3. We're experiencing an issue with moderators with only file permissions granted being unable to see pending versions in the approval queue.

    I looked into this and there's a check in ./applications/downloads/extensions/core/ContentRouter/Files.php:49 where PendingVersion is only inserted where \IPS\downloads\File::modPermission( 'unhide', $member ) is true. However, since no container is provided, this will only return true if the user has global content unhide permission.

  4. That's a complete bizarre modification DigitalOcean have made to MySQL. There are definitely use cases for not using a primary ID in some tables. As @Marc Stridgen mentions it's not even needed for replication. We also use replication on our self-hosted infra without this need.

    Be aware that if you make any schema change, IPS will attempt to undo it every upgrade.

  5. On 10/26/2022 at 5:37 PM, Daniel F said:

    There’s a great way to utilize the cloudflare workers for the guest page counts, so that the page count is increased even if the guest gets only the cached page and the original request never makes it to your own server. 
    It’s going to take some time, but I’ll share the instructions ( or app) in few weeks 

    Did you ever get a chance to do this?

  6. Hello,

    I've discovered a bug in how IPS' lazyloading works on dynamic elements.

    in ./dev/js/library/app.js, line 61, you define a hook/override for $.fn.html. This makes sure that if dynamically loaded HTML contains lazyload elgible content, you instate the lazyload handler on it.

    The problem seems to be instead of looping each lazyload element, ips.utils.lazyLoad.observe is called on the entire element. This then registers the IntersectionObserver on the entire element, causing each lazyloading element to be loaded straight away, defeating the point of the lazyload.

    The fix is to instead call ips.utils.lazyLoad.observe on each lazyload capable element, like it's done elsewhere in the suite. I have patched this locally, but thought it would be useful to share to the IPS developers.

    Happy new year!

  7. I remember IPS mentioning their S3 implementation was meant for S3 and not S3 compatible services. So you will probably be on your own here hacking at /system/File/Amazon.php to make it work.

    There is also an incompatibility in their generateTemporaryDownloadUrl/URL system which at some point made their signature URLs invalid with Wasabi & Minio. I'm not sure if it's still an issue, as we use a heavily patched /system/File/Amazon.php for our Minio deployment.

  8. I'm seeing the following exceptions in the Gallery on PHP8:

    the first on gallery/front/view/imageFrame

    TypeError: count(): Argument #1 ($value) must be of type Countable|array, null given in /suite/system/Theme/Theme.php(885) : eval()'d code:536
    Stack trace:
    #0 /suite/system/Theme/SandboxedTemplate.php(61): IPS\Theme\class_gallery_front_view->imageFrame(Object(IPS\gallery\Image))
    #1 /suite/system/Theme/Theme.php(885) : eval()'d code(339): IPS\Theme\_SandboxedTemplate->__call('imageFrame', Array)
    #2 /suite/system/Theme/SandboxedTemplate.php(61): IPS\Theme\class_gallery_front_view->image(Object(IPS\gallery\Image), '\n<div data-cont...')
    #3 /suite/applications/gallery/modules/front/gallery/view.php(339): IPS\Theme\_SandboxedTemplate->__call('image', Array)
    #4 /suite/system/Dispatcher/Controller.php(118): IPS\gallery\modules\front\gallery\_view->manage()
    #5 /suite/system/Content/Controller.php(50): IPS\Dispatcher\_Controller->execute()
    #6 /suite/applications/gallery/modules/front/gallery/view.php(65): IPS\Content\_Controller->execute()
    #7 /suite/system/Dispatcher/Dispatcher.php(153): IPS\gallery\modules\front\gallery\_view->execute()
    #8 /suite/index.php(13): IPS\_Dispatcher->run()
    #9 {main}

    second on gallery/front/view/imageLightboxFrame

    TypeError: count(): Argument #1 ($value) must be of type Countable|array, null given in /suite/system/Theme/Theme.php(885) : eval()'d code:2818
    Stack trace:
    #0 /suite/system/Theme/SandboxedTemplate.php(61): IPS\Theme\class_gallery_front_view->imageLightboxFrame(Object(IPS\gallery\Image))
    #1 /suite/system/Theme/Theme.php(885) : eval()'d code(2673): IPS\Theme\_SandboxedTemplate->__call('imageLightboxFr...', Array)
    #2 /suite/system/Theme/SandboxedTemplate.php(61): IPS\Theme\class_gallery_front_view->imageLightbox(Object(IPS\gallery\Image), '\n<div data-cont...')
    #3 /suite/applications/gallery/modules/front/gallery/view.php(334): IPS\Theme\_SandboxedTemplate->__call('imageLightbox', Array)
    #4 /suite/system/Dispatcher/Controller.php(118): IPS\gallery\modules\front\gallery\_view->manage()
    #5 /suite/system/Content/Controller.php(50): IPS\Dispatcher\_Controller->execute()
    #6 /suite/applications/gallery/modules/front/gallery/view.php(65): IPS\Content\_Controller->execute()
    #7 /suite/system/Dispatcher/Dispatcher.php(153): IPS\gallery\modules\front\gallery\_view->execute()
    #8 /suite/index.php(13): IPS\_Dispatcher->run()
    #9 {main}

    Both fixed locally by changing a count to also include an non-null check on the $image->_notes count.

    is there something inconsistent with my installation, or is this a PHP8 compat issue?

  9. Hello guys,

    Apologies if I'm missing something, but I've just ran into an issue upgrading one of our forums to PHP8.

    We make use of theme hooks which override theme functions and call the parent when necessary.
    With our upgrade to PHP8 without IN_DEV, this all stopped working, presenting errors like:

    Cannot use "parent" when current class scope has no parent (at ./system/Theme/Theme.php line 2703).

    As far as I can tell by looking at the code in ./system/Theme/Theme.php, I cannot see how calling parent classes would work in that eval statement, as I think a parent call inside a class function in PHP8 without a parent will cause the eval to fail with a fatal error. But this is what IPS is doing. Have I massively overlooked something here or is this behavior expected?

    The code works fine with PHP 7.4.X, as well as in IN_DEV mode, as the templates are not compiled in the same manner.

    Thanks!

  10. 39 minutes ago, Paul E. said:

    That link has a discussion from 2017. We use sendgrid, and haven't had reports of any issues. Deliverability seems to be just fine. I'm sure there are others with issues, yet this has not been an issue for us (or at least one we've been made aware of).

    We have made attempts to reduce the amount of outbound mail significantly by defaulting members to notifications only unless they opt-in to e-mail notifications, but this makes sense for our community and may not work for yours.

    We use @stoo2000's bounce email management application to address any bouncing addresses with great success (though it's not yet upgraded to 4.5).

    The issue is still very current; see Kreb's on Security's post here, from last month: https://krebsonsecurity.com/2020/08/sendgrid-under-siege-from-hacked-accounts/

    We get a lot of mail rejections from corporate domains from SendGrid, deliverability to Google is still quite high, although read rates are much lower. We are using our own custom e-mail stack now and hardly ever deal with rejections.

    Either way, if SendGrid is still working great for you, I wish you the best.

  11. Well, the idea of at least making it an int would make it consistent to how dates are stored elsewhere in the framework.

    The indexing would be useful for particularly for our use in putting edits in the activity stream so they are searchable by date/time, so probably isn't needed in the core framework (but might be useful if IPS wants to count/filter these by date/time) -- I'm happy to make our database inconsistent with an extra index.

  12. 42 minutes ago, Unlucky said:

    @asigno

    Are you having any problems with member IP addresses?

    We are getting the Ezoic servers IP's instead of the member IPs registered in the CMS

    We have logged a call about this with invision but the only support we have is a suggestion to switch on the setting -Trust IP addresses provided by proxies?

    This has made no difference unfortunately and invision say any more support is outside the scope of their support.

    I just wondered if any Ezoic users have found a solution?

    Ezoic have offered the following support to help but we have no idea which file we would need to add this code in.

    By implementing the XFF header, Ezoic will send the IP address of the original web visitor through to your server in the X-Forwarded-For header.

    How to Add the XFF?

    • In PHP it is available in: $_SERVER['HTTP_X_FORWARDED_FOR']
    • You need to put the code above in a file that all of your pages access (e.g. header.php, init.php or config.php)
    • You should see $_SERVER['REMOTE_ADDR'], which you can replace with$_SERVER['HTTP_X_FORWARDED_FOR']

     

    • In .NET it's available in:  HttpContext.Current.Request.Headers["X-Forwarded-For"]

     

    Thanks in advance if anyone can offer any help or suggestion

     

     

     

    It's definitely outside the scope of IPS support if you are self-hosted -- this is something your sysadmin can advise on.
    I'm assuming Ezoic's solution is acting as a reverse proxy -- like CloudFlare, and so the situation is not too dissimilar.

     

    Changing 'Trust IP addresses provided by proxies' isn't hugely advisable because then anyone can spoof IP addresses (if your webserver is contacted directly).

    You will need to configure your webserver (nginx or apache) to accept the X-Forwarded-For header from a trusted proxy list that Ezoic specify. 

     

    That may not fix your other issues that you described in the first post though (certain things not working). It may be that Ezoic is caching too aggressively and isn't meant for a dynamic community like Invision. This is something you'll have to explore with your sysadmin or Ezoic's support.

     

×
×
  • Create New...