Jump to content

Thomas P

Clients
  • Posts

    415
  • Joined

  • Last visited

 Content Type 

Downloads

Release Notes

IPS4 Guides

IPS4 Developer Documentation

Invision Community Blog

Development Blog

Deprecation Tracker

Providers Directory

Forums

Events

Store

Gallery

Everything posted by Thomas P

  1. This is uncommon as this sounds like your member use weak passwords and those accounts got compromised - at least you should consider this possibility imo. Good luck
  2. Hi mates, I am observing from the sytem log that we are experiencing attacks on single attachment URLs. As it seems someone is hammering the attachment engine/URLs with random IDs: The URLs itself look like this: https://www.mcseboard.de/index.php?app=core&module=system&controller=ajax&do=attachmentInfo&attachIDs[14365]=true Now what is bugging me is: Why are they hammering those attachment URLs and why do they do that as a guest user. Case A: As guest an error is being thrown ("Sorry, there is a problem. Something went wrong. Please try again. Error code: EX0") in the frontend - thus the system log entry. Case B: If a logged in user tries to reach such an URL the output of the a.m. one is: Not that isn't really exciting as a result or desirable output. So I am wondering: why is this type of attachment URL being hammered? is there a known vulnerability or was there one in the past? what is the use of that URL, i.e. for what reason is the output presented to logged in users? and last not least: How to address it? Can those request be denied altogether? Or should I even bother as a valid error is presented to a guest user? I ignored such pointless requests showing in the system log, but there are plenty of it. Thanks, Thomas
  3. Hi mates, just a moderate bump to my feedback or request: Please consider it to be included in one of the next releases. It is more of a gap or improvement than a new feature imo. Thank you, Thomas
  4. Thank you, we're going to think about it 👍
  5. That's a bummer, as it affects the automated mass emails to our +70K users and the very different use case of a human generated newsletter. So thanks. I wasn't blind, there is just no way 😞
  6. That would affect all emails outgoing, not just bulk mails...
  7. Hi mates, I am pretty sure I am blind here, but how to remove the default salutation when using the Bulk Email feature? Thanks, Thomas
  8. Hi, an update from my side - got to know this Add-On to hide a spammer's profile with possibly stuffed "about me" or other spammy profile info: Block Banned Member Profiles - Applications - IC Essentials (ic-essentials.com) Works well and does what it should, I like and recommend it. BR
  9. Thank you guys, checked as you suggested and yes: It was there. And verified via support ticket, as well - so we are good. 🙂 Thanks again, appreciated. Thomas
  10. Hi, no issues identified. Apart of the a.m. error message all sections are clear without issues... BR
  11. Hi mates, after upgrading to latest and greatest 4.7.14 I see one error in our log: Error (1054) Unknown column 'chart_timescale' in 'ipb_core_saved_charts': changeColumn ["core_saved_charts","chart_timescale",{"name":"chart_timescale","type":"ENUM","length":null,"decimals":null,"values":["hourly","daily","weekly","monthly","none"],"allow_null":true,"default":null,"comment":"","unsigned":false,"auto_increment":false}] The error was thrown at this step of the upgrade: .../admin/upgrade/?controller=upgrade&key=abcdef&mr=16&_=1704058060594 Any ideas on why we got this error? Apart of that the forum looks fine after upgrade. Happy New Year btw. 🥳 Thanks, Thomas
  12. Awesome changes as usual, very well made. Looking forward to them
  13. Hi all, we had and have spammers who try to abuse the homepage link ("Website URL") or the "About me" section, i.e. profile fields, for link stuffing and unsolicited advertisement - which is spam. Marking the spammer using the built-in function hides the posts and threads but not the profile fields or the member profile itself. Suggestion is to hide the entire content of a spammer after being marked so. Regarding the profile fields specifically: Either the profile field content should be removed (A) or the entire profile should be set to hidden except for the Mods & Admins (B). This is just to give you an idea how it can be done, but in those details I trust your judgement as you are more into the details. This is the follow-up to this q&a topic: Thanks, Thomas
  14. Thank you for your feedback. Will do so. Meanwhile I took out the permissions for guests to view member profiles, which is our temporary workaround to that. BR
  15. Hi mates, as it seems the "About me" section of a member profile shows all the added text and links, i.e. Spam, even after marked as spammer. All posts and thread are hidden automagically but not the profile spam stuffing. So I guess our beloved spammers managed to bypass our spam measures... Any ideas? Thanks, Thomas
  16. If I read it correctly the table was already dropped before, so it is a duplicate "safe" statement. Anyway, thanks for the short info 🙂
  17. Hi mates, upgrade to 4.7.9 latest went fine, I have one error I couldn't associate with, in the system log. Upgrade went flawless so far judging from the Upgrade UI and the frontend outcome, it is just this one error in the system log, what concerns me. admin/upgrade/?controller=upgrade&key=25f9c38812d4c22588ddaf2368d5f8fe&mr=43&_=1681843838469 Type: Upgrade error Error (1051) Unknown table 'xyz.ipb_core_members_features_seen': dropTable ["core_members_features_seen"] #0 /home/xyz/system/Application/Application.php(1672): IPS\_Log::log() #1 /home/xyz/applications/core/sources/Setup/Upgrade.php(511): IPS\_Application->installDatabaseUpdates() #2 /home/xyz/applications/core/sources/Setup/Upgrade.php(326): IPS\core\Setup\_Upgrade->step1() #3 /home/xyz/applications/core/modules/setup/upgrade/upgrade.php(47): IPS\core\Setup\_Upgrade->process() #4 /home/xyz/system/Helpers/MultipleRedirect/MultipleRedirect.php(93): IPS\core\modules\setup\upgrade\_upgrade->IPS\core\modules\setup\upgrade\{closure}() #5 /home/xyz/applications/core/modules/setup/upgrade/upgrade.php(77): IPS\Helpers\_MultipleRedirect->__construct() #6 /home/xyz/system/Dispatcher/Controller.php(118): IPS\core\modules\setup\upgrade\_upgrade->manage() #7 /home/xyz/system/Dispatcher/Setup.php(220): IPS\Dispatcher\_Controller->execute() #8 /home/xyz/admin/upgrade/index.php(34): IPS\Dispatcher\_Setup->run() #9 {main} Thanks for any hint or detail, Thomas
  18. Just asking because this issue here. Regarding development my question is, if there are any new features or planned improvements for the future. Thanks 🙂
  19. Hello, is this Add-On still being supported and developed? Thanks, Thomas
  20. OK, I re-enabled curl_multi_exec and upgrade went through. I still would like to put it back after upgrade and wonder, if this upgrade (exceptionally) needed it or I have to dig when it was added. My guess would be it came with PHP 8.x on our side. I see, thanks. For functions in general or just during upgrade? I can leave it on of course, if required generally.
  21. Just checked: Curl is installed, but curl_multi_exec is disabled in our php setup via disable_functions. As I uploaded all files needed, is this needed? Our setup did not change since quite while...
  22. Hi mates, right after login I get the following error message during upgrade: Call to undefined function IPS\Http\Request\curl_multi_exec() The log shows me: Error: Call to undefined function IPS\Http\Request\curl_multi_exec() (0) #0 /home/xyz/system/Http/Request/Curl.php(496): IPS\Http\Request\_Curl->_executeMh() #1 /home/xyz/system/Http/Request/Curl.php(302): IPS\Http\Request\_Curl->_executeAndFollowRedirects() #2 /home/xyz/system/Application/Application.php(553): IPS\Http\Request\_Curl->get() #3 /home/xyz/applications/core/modules/setup/upgrade/systemcheck.php(95): IPS\_Application::md5Check() #4 /home/xyz/system/Dispatcher/Controller.php(118): IPS\core\modules\setup\upgrade\_systemcheck->manage() #5 /home/xyz/system/Dispatcher/Setup.php(220): IPS\Dispatcher\_Controller->execute() #6 /home/xyz/admin/upgrade/index.php(34): IPS\Dispatcher\_Setup->run() #7 {main} Anyone experienced the same? Any hint to what went wrong? Thanks, Thomas
×
×
  • Create New...