bfarber

What it is The BBCode extension allows your application to add additional BBCode tags to the parsing system within Invision Community. It should be noted that the preferred way of adding new editing capabilities is through CKEditor plugins (and custom editor plugins which can be created right from the AdminCP), however in some cases, particularly when an application has been upgraded from an older version of the software, you may wish to allow direct BBCode content to be translated during submission as well. How to use When you create a new instance of this extension through the Developer Center, it is important that you supply the BBCode tag as the extension name. If you want to use the BBCode tag "myapplication", then this should be the extension name. As an example, Blog supports both 'blog' and 'entry' as custom BBCodes, and these are the file names and class names for the extensions themselves. The extension defines two methods. The first method allows you to control who can use the BBCode tag. public function permissionCheck( \IPS\Member $member, $area ) { return \IPS\Text\Parser::canUse( $member, 'ipsLink', $area ); } Here, as an example we are simply checking if the member can use the 'link' button in the editor. If so, we will allow them to use this BBCode tag as well. The second method returns a definition for how to parse the BBCode tag. It would be prudent to take a look at \IPS\Text\Parser::bbcodeTags() to see how the existing built in tags are defined as a reference point. Some tags are very simply - for instance, this is the definition for the acronym BBCode tag array( 'tag' => 'abbr', 'attributes' => array( 'title' => '{option}' ), 'allowOption' => TRUE ); Other tags, however, define much more complicated parsing structures out of necessity. For instance, here is the definition for the member BBCode tag array( 'tag' => 'a', 'attributes'=> array( 'contenteditable' => 'false', 'data-ipsHover' => '' ), 'callback' => function( \DOMElement $node, $matches, \DOMDocument $document ) { try { $member = \IPS\Member::load( $matches[2], 'name' ); if ( $member->member_id != 0 ) { $node->setAttribute( 'href', $member->url() ); $node->setAttribute( 'data-ipsHover-target', $member->url()->setQueryString( 'do', 'hovercard' ) ); $node->setAttribute( 'data-mentionid', $member->member_id ); $node->appendChild( $document->createTextNode( '@' . $member->name ) ); } ); 'allowOption' => TRUE 'single' => TRUE, }, return $node; catch ( \Exception $e ) {} } The single method, named getConfiguration(), should return a definition array akin to the above examples. The complete list of array elements which can be returned include: tag: (string) This is the HTML tag that will be used when creating the BBCode replacement, e.g. 'span' or 'div' attributes: (array) An array of HTML attributes to add to the tag in key => value pairs. You can use the special macro {option} to retrieve the value of any user supplied option data. e.g. [mycustomtag=somevalue] may be represented here with array( 'title' => '{option}' ) defaultOption: (string) The default value to use for {option} if one has not been specified by the user. block: (bool) Whether the resulting HTML replacement should be considered a block-level element or not. Defaults to FALSE. single: (bool) Whether this is a single tag without content and a closing tag (e.g. 'member' is a single BBCode tag as it does not contain a closing tag). Defaults to FALSE. noParse: (bool) Enable this flag to prevent other BBCode parsing within this tag (for instance, BBCode should not be parsed inside 'code' BBCode tags). Defaults to FALSE. noChildren: (bool) Enable this flag if it is not appropriate for the resulting HTML element to have children elements (for instance, a <pre> HTML tag should not have children <p> HTML tags). Defaults to FALSE. callback: (callable) This is a callback that is passed 3 parameters (\DOMElement $node, $matches, \DOMDocument $document) which allows you to modify the DOMNode object as needed. This is optional, but necessary for more complex BBCode tags. getBlockContentElement: (callable) If callback is defined, this is an optional additional callback which can be defined in order to allow you to specify which node the children should be placed into. The callback function is passed a single parameter: \DOMElement $node. As an example, spoilers have both a header element and a content body element, and the content supplied by a user must be placed into the content body element. finishedCallback: (callable) The only argument passed to this callback is \DOMElement $originalNode. This parameter allows you to define a callback which is called after all other parsing has completed, in order to allow you to do any additional or post processing as needed. allowOption: (bool) Whether or not to allow option values to be specified. Defaults to TRUE, however some tags (such as 'b') do not require or support any optional values passed in. The custom 'blog' BBCode, thus, is defined as so: public function getConfiguration() { return array( 'tag' => 'a', 'callback' => function( \DOMElement $node, $matches, \DOMDocument $document ) { try { $node->setAttribute( 'href', (string) \IPS\blog\Blog::load( intval( $matches[2] ) )->url() ); } catch ( \Exception $e ) {} return $node; }, ); }

What it does Announcement extensions allow your applications to show announcements in specific areas of the application, e.g. showing announcements in a specific category or section of your application. When the extension is available, while creating or editing announcements moderators will be able to configure the announcement based on your specifications (for instance, to select one or more categories). How to use Upon creating a new instance of this extension in the developer center, the template file will contain one method and two class properties that you can adjust. The first class property specifies the database column (without the table prefix defined in your model class) to look for the container ID public static $idField = "id"; The second property allows you to specify which controllers within your application the announcement should be displayed within. You can use this, for example, to only show announcements within the container and not when viewing the content items within those containers. public static $controllers = array( "browse" ); The sole method in this extension allows you to return a form element which will allow the moderator to choose which categories (corresponding to the $idField property) the announcement should be shown within. You will generally be returning an instance of \IPS\Helpers\Form\Node here. public function getSettingField( $announcement ) { return new \IPS\Helpers\Form\Node( 'announce_download_categories', ( $announcement AND $announcement->ids ) ? explode( ",", $announcement->ids ) : 0, FALSE, array( 'class' => 'IPS\downloads\Category', 'zeroVal' => 'any', 'multiple' => TRUE ), NULL, NULL, NULL, 'announce_download_categories' ); } That's all there is to it. The announcement widget handles the rest by checking the requested content item and/or node ID against the configuration for individual announcements to ensure that they only show up where configured.

What it does An AdvertisementLocations extension allows you to define locations and settings for advertisements in order to allow you to insert advertisements in specific locations within your application. The forums application uses this, for example, to allow advertisements to be shown after the first post in a topic and in the topic listing. How to use When you create a new instance of this application extension, you will need to define two methods (which will already be defined via a template if you use the Developer Center to create the extension). /** * Get the locations and the additional settings * * @param array $settings Current setting values * @return array Array with two elements: 'locations' which should have keys as the location keys and values as the fields to toggle, and 'settings' which are additional fields to add to the form */ public function getSettings( $settings ) The getSettings method accepts one parameter (an array) and should return an array with two elements. The first, with key 'locations', should be an array with its keys being the advertisement location keys you are defining, and the values being an array of setting keys to use for the location. The second element should use a key 'settings' and define an array of form helper objects to return. For example: /** * Get the locations and the additional settings * * @param array $settings Current setting values * @return array Array with two elements: 'locations' which should have keys as the location keys and values as the fields to toggle, and 'settings' which are additional fields to add to the form */ public function getSettings( $settings ) { return array( 'locations' => array( 'ad_fluid_index_view' => array( 'ad_fluid_index_view_number', 'ad_fluid_index_view_repeat' ) ), 'settings' => array( new \IPS\Helpers\Form\Number( 'ad_fluid_index_view_number', ( isset( $settings['ad_fluid_index_view_number'] ) ) ? $settings['ad_fluid_index_view_number'] : 0, FALSE, array(), NULL, NULL, \IPS\Member::loggedIn()->language()->addToStack('ad_fluid_index_view_number_suffix'), 'ad_fluid_index_view_number' ), new \IPS\Helpers\Form\Number( 'ad_fluid_index_view_repeat', ( isset( $settings['ad_fluid_index_view_repeat'] ) ) ? $settings['ad_fluid_index_view_repeat'] : 0, FALSE, array( 'unlimited' => -1 ), NULL, NULL, \IPS\Member::loggedIn()->language()->addToStack('ad_fluid_index_view_repeat_suffix'), 'ad_fluid_index_view_repeat' ) ) ); } The second method in this file is parseSettings(), which is a callback allowing you to adjust the setting values that are stored during an administrator's submission. If there are no settings, this method should just return an empty array. /** * Return an array of setting values to store * * @param array $values Values from the form submission * @return array Array of setting key => value to store */ public function parseSettings( $values ) { return array( 'ad_fluid_index_view_number' => $values['ad_fluid_index_view_number'], 'ad_fluid_index_view_repeat' => $values['ad_fluid_index_view_repeat'] ); } You can then use the advertisement in your output with the loadByLocation method of \IPS\core\Advertisement. For instance: {{if $advertisement = \IPS\core\Advertisement::loadByLocation( 'ad_fluid_index_view' )}} {$advertisement|raw} {{endif}}

This is an entry about our IPS Community Suite 4.2 release We are happy to introduce several changes to our Gallery application to both refine the existing capabilities and to introduce new useful functionality; particularly for Albums. We have clarified how to submit images directly to a category on the first step of the upload form in Gallery. Clarification for submitting directly to a category When submitting images to the Gallery, a simple "Add more images" button has been added to the wizard. While it has always been possible to add more images by dragging and dropping them on to the upload area, or by clicking the "Choose files" button again, the addition of this button should help add some clarity for users who overlooked these capabilities. A new "Add more images" button makes adding additional images easier Applying the same details to all of the images you are submitting has been made much simpler. When you begin entering the details for the first image, you can specify a template to use for the caption name leveraging a special replacement "%n". A small help icon next to the caption field label explains how to use this capability. When you are done supplying the details, you can click "Copy details to all images" and your submission will start instantly, using all of the details supplied for the image you are editing. You can quickly set tags, an image description and a caption name template (for instance "Aquarium %n") to all images using this new capability, useful when submitting 50+ images at once. Of course, you can still supply the details for each individual image as well, if you wish. Submitting a lot of images at once has been made easier In addition to improvements for submitting images, albums have been updated to include many new features, including: Commenting Reviews Reactions Messages Featuring Hiding Locking Reporting Searching A new Gallery widget (sidebar block) to show albums anywhere throughout the Community Suite has been added as well. Album overview page Going along with these changes, we've improved how groups of images that are submitted to an album are handled in searches. If you submit multiple images to an album, you will only see the album listed in activity streams, and similarly if you follow a bunch of images in an album these are grouped as well, making activity streams more useful and easier to follow. Activity streams have been updated as well The changes to albums and image submissions will simplify your users' interaction with Gallery in 4.2, and make submitting images and new albums, and working with those albums more useful and robust.

This is an entry about our IPS Community Suite 4.2 release Statistics can be an important part of monitoring your site and ensuring it grows and responds to your marketing and promotion efforts effectively, and several new statistic tools have been added to the 4.2 Community Suite which we know you will be excited to learn about! A simple tool has been added that will allow you to look up and list all member accounts that have last visited the site within a specified time period. Look up members who have visited within a set time period Additionally, online user (both logged in user and guest) counts are now tracked every 15 minutes and graphed in the AdminCP for you to reference. You can view online user trends over a specified date period, view just guest counts or just member counts (or both), and view the graph in multiple different modes (such as an area chart or as a column chart). By default, the data is retained for 180 days, however you can control how often to prune this statistical data in the AdminCP. Online user trends graphed You can also view a graph of member activity on the site. Member activity is defined as any "activity" beyond simply browsing, such as submitting a new post, reacting to any content item or comment, or following any content item or node. Activity information about your member base You will also be able to define keywords that you would like to monitor and then see both a graph of usage of those keywords, as well as a table listing all usages of those keywords. You can use this to track usage of competitor names, find out if hash tags you define are trending, or learn if promotional materials are making an impact on your membership. Keyword tracking can help you closely monitor your community Along with these additions, we've cleaned up the menu and wording for the rest of the existing statistic options to make their functions more clear. We hope these additions help you better track and control your community, making the most of your time and money. Note for developers: A new chart class has been added which allows you to populate dynamic charts using callbacks, in addition to the standard methods that already exist for pulling data directly from a specified database table.

This entry is about our IPS Community Suite 4.2 release Improvements to our Gallery application, both in terms of new functionality and minor enhancements, are coming in 4.2. One area that was identified early on for improvement was the Gallery image view page and specifically how the lightbox feature available on this page behaved. We adjusted the buttons that overlay the main Gallery image to use icons instead of text If you click to view an alternative image size, we improved the header styling of this page as well for clarity and to allow easier downloading of the image you are viewing When viewing an image, you can open the image in a lightbox by clicking the icon at the very top far right corner. When doing so, there was previously a button at the bottom left hand corner of the lightbox if you wanted to download the image. We modernized this experience by implementing an overlay that you can click on in order to download the full size image instead. You will notice there are now left/right arrows in the lightbox view here. You can click left/right to scroll through the images in the container, just as if you clicked through the images in the photostrip immediately below the image on the main page. You can also use the left/right arrow keys on your keyboard. While this would navigate through the photostrip previously, it will now also navigate through the images in the lightbox as well. When viewing on your mobile device, the lightbox has been cleaned up allowing more image to display which is a welcome change for your mobile users. We have more changes coming to Gallery in 4.2 which we will be revealing soon but in the mean time we hope you enjoy these useful improvements.

This entry is about our IPS Community Suite 4.2 release IPS Community Suite comes with a default profile photo which is used when members have not set a profile photo for their account. While this model has served the software well for years, we felt it was time for an update to the software to keep pace with current internet trends. This has led to one of the latest changes you can expect to see with version 4.2: letter profile photos When upgrading you will be asked if you wish to use letter profile photos, or if you wish to stick with the generic per-theme default profile photo that is used presently. You can change your mind any time after upgrading by adjusting the setting in the AdminCP as well. AdminCP members list We have tested many languages to ensure maximum compatibility. The font used in the image is automatically selected based upon the characters to be written to the image, so sites that have more than one language will see compatibility for all of the profile photos that are created automatically. The colors are not set for each letter. You will notice in the screenshot that each "A" letter photo has a different color. They are chosen randomly when generated. Letter photos in a sidebar widget We hope that this change helps bring your communities to life with a little more style, flair, and uniqueness for each new user on your site. Developer Note The code is structured in such a manner that third party developers can further extend the feature with plugins. The methods for writing text to images are exposed through our central \IPS\Image class introducing new possibilities in your own custom code.

When the IPS Community Suite creates new files and folders, by default it uses the following permissions or "chmod" mask: Folders that the software will write to: 0777 Folders that the software will not write to: 0755 Files that the software may overwrite: 0666 Files that the software will not overwrite: 0644 While these permissions work in most environments, you may find that the permissions are not appropriate in your particular hosting environment. You have the ability to override these options if necessary. Warning Only your webhost can advise you as to what the most appropriate permissions are in your hosting environment. If you believe file and folder permissions are not being set appropriately, please contact your host to inquire as to the best values to use in your hosting environment. To override the default permission levels used, you must create (or modify) the constants.php file in your Community Suite root directory, and then add the following lines, adjusting the masks accordingly. /* Folders that will be written to later */ define( 'IPS_FOLDER_PERMISSION', 0777 ); /* Folders that will be created and not written to later */ define( 'FOLDER_PERMISSION_NO_WRITE', 0755 ); /* Files that will be written, and then later deleted or overwritten */ define( 'IPS_FILE_PERMISSION', 0666 ); /* Files that will be written once, and would not later be updated or deleted */ define( 'FILE_PERMISSION_NO_WRITE', 0644 ); Be advised that the values defined are in octal notation and the leading 0 is required. Additionally, these should be defined as you see above without enclosing the values in quotes.

We are releasing a patch for IP.Board 3.4.x and IP.Nexus 1.5.x to address two potential security issues brought to our attention. It has been brought to our attention that an open redirect exists within IP.Nexus which might allow a user to redirect other users to a remote site of their choosing through IP.Nexus. Additionally, an issue has been brought to our attention where-by sensitive user data may be exposed in certain circumstances. To apply the patch Simply download the attached zip and upload the files to your server. This single zip file includes the patch files for both IP.Board as well as IP.Nexus. patch-34x-05252016.zip If you are an IPS Community in the Cloud client running IP.Board 3.4 or above, no further action is necessary as we have already automatically patched your account. If you are using a version older than IP.Board 3.4, you should contact support to upgrade. If you install or upgrade to IP.Board 3.4.9 after the date and time of this post, no further action is necessary as we have already updated the main download zips.

We are releasing a patch for IP.Board 3.4.x to address a potential cross-site scripting (XSS) issue. It has been brought to our attention that specifically crafted posted content followed by specific user actions can cause a scenario where untrusted javascript can execute. A patch is being released to address this potential issue. This download also includes a patch for an email issue previously reported to us. To apply the patch Simply download the attached zip and upload the files to your forum server. This single zip file includes the patch files for both IP.Board as well as IP.Gallery. patch_2016_1_21.zip If you are an IPS Community in the Cloud client running IP.Board 3.4 or above, no further action is necessary as we have already automatically patched your account. If you are using a version older than IP.Board 3.4, you should contact support to upgrade. If you install or upgrade to IP.Board 3.4.9 after the date and time of this post, no further action is necessary as we have already updated the main download zips. We would like to thank @newbie LAC for responsibly disclosing this issue to us.

IP.Board 3.4.9 is now available in the client area This is a maintenance release to consolidate security updates released since 3.4.8, release additional security updates, and fix some minor bugs impacting many clients. We recommend you upgrade to ensure you have all security updates in place. You can download in the client area and upgrade as normal. We would like to thank newbie LAC for responsibly reporting a potential CSRF (cross-site request forgery) issue related to warnings resolved with the release of 3.4.9. Support Notes IPS will no longer provide upgrade services for self-hosted licenses on the 3.x series. You can do the upgrade yourself (it's very easy) but our support will only do upgrades for you to IPS Community Suite 4. If you are a IPS Cloud client we will still do the upgrades for you. IP.Board 3.4.x will reach "End of Support" status soon and we strongly encourage all clients to upgrade to the 4.x Community Suite.

We are releasing a patch for IP.Board 3.4.x and IP.Gallery 5.x to address a potential cross-site scripting (XSS) issue. It has been brought to our attention that specifically crafted posted content followed by specific user actions can cause a scenario where untrusted javascript can execute. A patch is being released to address this potential issue. This download also includes a patch for an email issue previously reported to us. To apply the patch Simply download the attached zip and upload the files to your forum server. This single zip file includes the patch files for both IP.Board as well as IP.Gallery. patch_12_15_15.zip If you are an IPS Community in the Cloud client running IP.Board 3.4 or above, no further action is necessary as we have already automatically patched your account. If you are using a version older than IP.Board 3.4, you should contact support to upgrade. If you install or upgrade to IP.Board 3.4.8 or IP.Gallery 5.0.5 after the date and time of this post, no further action is necessary as we have already updated the main download zips. We would like to thank @newbie LAC for responsibly disclosing this issue to us.

Fixes a security issue when importing statuses from Facebook, Twitter or Google Plus. Introduces support for PayPal Billing Agreements in Commerce. Introduces new REST API for developers. Changes the behaviour of media embedding in the editor so links that can be embedded no longer need to be on their own line. General bug fixes and improvements.

This is a maintenance release which includes some improvements to embedded content.

This is a maintenance release which resolves some issues reported since the release of 4.1.5. Specifically: Emails may not send correctly, or may send to the wrong person Some activity streams may be slow Searching tags may be slow Some applications may not be available to upgrade when you initially visit the upgrader Other general slowness may be noticed We strongly advise that all 4.1.5 clients upgrade to this release as soon as possible.

This is a maintenance release to fix common issues reported in 4.1.4. Some specifics include: Memcache issues Errors when issuing a warning Errors when editing members Default sort order in containers not honored PHP error when submitting a new file in Downloads

4.1.3.2 fixes an XSS issue reported to us in Blog. We would like to thank TickTackk for responsibly disclosing this issue to us.

08-07-2015 We are releasing a patch for IP.Board 3.3.x and 3.4.x to address a potential cross-site scripting (XSS) issue, and we are releasing a patch for IP.Nexus 1.5.9 to address an issue where license keys may be exposed to unauthorized users. The IP.Nexus patch also includes an updated SagePay payment gateway, required for all users that use Sagepay integration as of July 31, 2015, as well as an update to the Stripe payment gateway to use their "v2" javascript integration. It has been brought to our attention that specifically crafted files uploaded as attachments to IP.Board may allow for javascript to execute. It has also been brought to our attention that specifically crafted URLs may allow for exposure of license keys otherwise kept private throughout IP.Nexus. To apply the patch Simply download the attached zip for your IP.Board version and upload the files to your forum server. IP.Nexus 1.5.x: nexus_patch_08072015.zip IP.Board 3.4.x: board34x_patch_08072015.zip IP.Board 3.3.x: board33x_patch_08072015.zip If you are an IPS Community in the Cloud client running IP.Board 3.3 or above, no further action is necessary as we have already automatically patched your account. If you are using a version older than IP.Board 3.3, you should contact support to upgrade. If you install or upgrade to IP.Board 3.4.8 or IP.Nexus 1.5.9 after the date and time of this post, no further action is necessary as we have already updated the main download zips. We would like to thank ESET for reporting the IP.Board XSS issue to us, and we would like to thank user "vekmor" for reporting the IP.Nexus license key exposure issue to us.

This release primarily focuses on stability with many bug fixes from both tickets and the bug tracker. In addition to dozens of fixes, important items include: When unflagging a member as a spammer, if any tasks are still queued to delete or hide the member's content the tasks will be cancelled. This is useful if you flag a user as a spammer and then immediately change your mind and unflag the member.NO_STEP issue during upgrade should now be resolvedLists were not rebuilding correctly coming from 3.4.xChanged rebuild routines to not use internal embeds as it represents a change from the way content looked pre-upgradeThere were some infinite redirect issues in some cases when Pages was used, particularly when the gateway file was usedFixed an issue related to core_cache and the task not runningUpdate Version 4.0.13.1 fixes an issue in a recent Google Chrome update that caused some pages to render poorly.

04-30-2015 We are releasing a patch for IP.Board 3.3.x and 3.4.x to address three cross-site scripting (XSS) issues. It has been brought to our attention that specifically crafted URLs may allow an attacker to adjust another user's ignored user preferences and private message options. To apply the patch Simply download the attached zip for your IP.Board version and upload the files to your forum server. IP.Board 3.4.x: patch_34x_04272015.zip IP.Board 3.3.x: patch_33x_04272015.zip If you are an IPS Community in the Cloud client running IP.Board 3.3 or above, no further action is necessary as we have already automatically patched your account. If you are using a version older than IP.Board 3.3, you should contact support to upgrade. If you install or upgrade to IP.Board 3.4.7 after the date and time of this post, no further action is necessary as we have already updated the main download zips. We would like to thank rack911labs.com for bringing the private message to our attention.