G17 Media

As noted in your ticket: 
 
I can appreciate you've done some research on this, but you are referencing deprecated extensions in MySQL. Invision Community utilizes mysqli and the process (ssl_set()) is different than simply appending a flag. In addition to changes to the database handler, you would need to generate a certificate, bind that certificate to your installation, etc. It's certainly not as simple as setting a flag and while Azure may provide a mechanism to somewhat simplify this by generating a certificate (though it doesn't work with mysqli without additional setup), it's unfortunately not something we presently support on an application level or have roadmapped to support in a self-hosted capacity. 
The proper method, with SSL DB or not, is to secure transmission between your web nodes and the database on a network level. There should never be an opportunity to "sniff" a connection from other nodes on a network to database, because only your web nodes should be able to access the DB. A virtual network, vlan, virtual private cloud and appropriate security rules should be utilized so that only web nodes are able to communicate with your database. In the case of off-premise access to the database, network rules to only allow specific IPs should be created and enforced. 
I apologize for any frustration and inconvenience. This is rather environment specific and not generally an out-of-the-box offering. 
I'm sorry I couldn't be of more assistance, but we appreciate the feedback. 
 

Isn’t this the way the web works? 
HEAD requests are an optimization so no need to refetch the page/file if it hasn’t changed. 
You wouldn’t want Google or some other search engine re-downloading something that hasn’t changed. This would waste tremendous amounts of bandwidth. 

I don't believe this is something which we provide and if one is not provided, typically the email service would cover that. Like in an example I just sent through Amazon SES, SES provided the Message-ID header for me as I did not supply it. I have tagged this to a developer to confirm.

I understand that, but when I login to the account, and view the support page, I see the attached message, which implies that I AM authorized to submit a support ticket. Otherwise why would it be there? The owner is unavailable on vacation for a month, so it is unlikely he will make any changes during that time.

I manage a community for the owner, and I am listed on the account as an Alternative Contact. When I log into the site, and go to support, it says the support email must come from the following email and lists my correct email. HOWEVER every time I attempt to open a support request, I get the email stating:
Your support email was not received.

Thank you for contacting Invision Community!

Unfortunately, we could not find an active customer account or an alternative account with this email address.
- i can see the community under my account
- my email is listed as the alternate contact
- my email is listed as the email that the support request comes from

Can you guys fix this process? It would be great if you had a ticketing system like most companies, where I could submit a form, get a ticket number I can track, and see my past tickets.  As of now I have to email someone on the sales side, they forward it to a support person and THEN, days later, I get some response. Also - all your support people seem to have the same email, so I can't even email a support person who previously handled an issue for me.
It would be great if you could get this aspect sorted out.
Thanks
 

The core of the issue I uncovered during testing was a failure in IPS' URL encoding and had nothing to do with Minio/Wasabi (although I am happy to be wrong -- works fine in our environment with a one line fix). The "scariest" feature IPS really uses is multipart file uploads, which work on pretty much any S3 compatible service I've used.

What’s the question? What are you trying to achieve/what’s the issue you’ve run into? 
 
what’s happening when you try to show the table?
without any further code i would guess:
- your passed url is wrong
- You‘re missing the table templates 

Did you specify the $table->rowsTemplate value? 🙂
It's required for a front DB Helpers if I'm not wrong.

I'm confused. 🤨
 
You're adding data to $_SESSION, but then you're dumping \IPS\Member::loggedIn() which doesn't contain/read $_SESSION in the other file.
 
What exactly are you trying to do?

Unless Im misunderstanding something (quite possible lol), wouldn't that be for the author of that theme to do?

ok thanks for feedback

Want to add captcha in login forms how to do ?

Can I ask why, seems like an obvious omission.

@Marc Stridgen The error should still be fixed, though:
Call to undefined method IPS\core\extensions\core\EditorLocations\Contact::attachmentPermissionCheck()  
Even if the ID being looked up doesn't exist, it shouldn't throw a PHP error but show a proper error page at least.

As mentioned, if you are bothered about it, you could block the IP if needed. Its very likely a crawler that is hitting these

You can do that with a 3rd-party resource:

See:
 
https://www.sosinvision.com.br/index.php?/file/194-enhanced-links-moderation/

GBoard is the default keyboard of the Google Android OS (it's on Pixel devices, it's on most OnePlus devices, plus others that don't massively deviate from the stock OS)
'Samsung Keyboard' is the native keyboard on the Samsung version of the Google Android OS, but can be overridden by the manual installation of GBoard from Google Play, just like SwiftKey is available for all Android devices.

Let me be skeptical... I became your customer when version 4.0.x launched with similar promises... That was 9 years ago... Now you are promising a change with version 5.x.x... I'm not sure that will happen I'm...I'm sorry...

...and you've known about this issue since 2020.

Third party cookies are cookies set by a website other than the website you're viewing. Cookies are an essential part of web applications and aren't going away.

Judging by my quoted post from 2020, should we expect a change in 2028?😇

After versions 3.x.x for the "future" 4.x.x there were similar promises... Alas, many of the promises remained an empty hope... And whether version 5.x.x will meet expectations - is forthcoming, but the pre-ad is just an ad…

Hello. The problem is still relevant. Hackers check login information from other hacked forums and other databases. They use an array of proxy servers and will check emails and passwords from other services. Users often use the same emails and passwords. A captcha on the login form could prevent such an attack.

Hi all,
we had and have spammers who try to abuse the homepage link ("Website URL") or the "About me" section, i.e. profile fields, for link stuffing and unsolicited advertisement - which is spam.
Marking the spammer using the built-in function hides the posts and threads but not the profile fields or the member profile itself.

Suggestion is to hide the entire content of a spammer after being marked so.
Regarding the profile fields specifically: Either the profile field content should be removed (A) or the entire profile should be set to hidden except for the Mods & Admins (B). This is just to give you an idea how it can be done, but in those details I trust your judgement as you are more into the details.
This is the follow-up to this q&a topic: 
 
Thanks,
Thomas