Jump to content

Colonel_mortis

Clients
  • Posts

    1,451
  • Joined

  • Last visited

  • Days Won

    5

Colonel_mortis last won the day on November 11 2021

Colonel_mortis had the most liked content!

6 Followers

Profile Information

  • Gender
    Male
  • Location
    localhost
  • Interests
    Breaking things
    Making the devs pull their hair out

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

Colonel_mortis's Achievements

  1. That's not true today for replies (they get requeued for approval), only new topics. It also defeats the point of content moderation if they can post something ok and later make it bad.
  2. If a user has content moderation enabled, any new topics or posts need to be approved by a moderator, and any edits to existing non-topic-startong posts. However, editing the topic's original post does not need to be approved. Especially when used to combat spam, this is a pretty big loophole. To reproduce: * Enable content moderation for a user * Have that user post a new topic - moderator approval will be required * Have a moderator approve the topic * Have the user go back and edit that post - moderator approval will incorrectly not be required
  3. https://invisioncommunity.com/forums/topic/475949-uncaught-exception-when-page-query-param-is-invalid/?page=5%0a causes an uncaught exception because it tries to construct it with path /page/5%0a, which is invalid. You already guard other usages of the param with intval, so you probably want that here too.
  4. This change, made in 4.7.12, breaks applications that don't have an extensions.json or that haven't got all their extensions registered there. Any app that created extensions a while ago (and hasn't updated them recently?) will silently have stopped working. diff --git a/system/Application/Application.php b/system/Application/Application.php index 66c5fc8cd..854837fa7 100644 --- a/system/Application/Application.php +++ b/system/Application/Application.php @@ -786,7 +786,6 @@ public function extensions( $app, $extension, $construct=TRUE, $checkAccess=FALS $classes = array(); $jsonFile = $this->getApplicationPath() . "/data/extensions.json"; - $directory = $this->getApplicationPath() . "/extensions/{$app}/{$extension}"; /* New extensions.json based approach */ if ( file_exists( $jsonFile ) and $json = @json_decode( \file_get_contents( $jsonFile ), TRUE ) ) @@ -814,56 +813,6 @@ public function extensions( $app, $extension, $construct=TRUE, $checkAccess=FALS } } } - - /* Legacy DirectoryIterator approach */ - elseif ( is_dir( $directory ) ) - { - $dir = new \DirectoryIterator( $directory ); - - foreach ( $dir as $file ) - { - /* Macs create copies of files with "._" prefix which breaks when we just load up all files in a dir, ignore those */ - if ( !$file->isDir() and !$file->isDot() and mb_substr( $file, -4 ) === '.php' AND mb_substr( $file, 0, 2 ) != '._' ) - { - $classname = 'IPS\\' . $this->directory . '\extensions\\' . $app . '\\' . $extension . '\\' . mb_substr( $file, 0, -4 ); - - /* Check if class exists - sometimes we have to use blank files to wipe out old extensions */ - try - { - if( !class_exists( $classname ) ) - { - continue; - } - - if ( method_exists( $classname, 'deprecated' ) ) - { - continue; - } - } - catch( \ErrorException $e ) - { - continue; - } - - if ( method_exists( $classname, 'generate' ) ) - { - $classes = array_merge( $classes, $classname::generate() ); - } - elseif ( !$construct ) - { - $classes[ mb_substr( $file, 0, -4 ) ] = $classname; - } - else - { - try - { - $classes[ mb_substr( $file, 0, -4 ) ] = new $classname( $checkAccess === TRUE ? \IPS\Member::loggedIn() : ( $checkAccess === FALSE ? NULL : $checkAccess ) ); - } - catch( \RuntimeException $e ){} - } - } - } - } return $classes; } Aren't we past this yet...?
  5. FastCGI sent in stderr: "PHP message: PHP Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 10485760 bytes) in [...]/system/Node/Statistics.php on line 118" while reading response header from upstream, client: [], server: [], request: "GET /forum/17-[...]/?sortby=views&sortdirection=desc HTTP/2.0" That's in authorsPostedIn. It looks like there's two places where that gets called - computing the content that the current user has posted in, and computing which postedIn indicator to show. The query that gets run for this will load about 260k entries (there are a bunch of topics with a very large range of contributors). I'm surprised that's enough to OOM PHP with 128M memory, but it seems to be the case. For computing content that the current user has posted in, you can do a way more efficient query by filtering by user. For computing the postedIn indicator, you could just skip it entirely on installs where that feature isn't used, but also I think you could make it much more efficient by joining the members in the query to just end up with the group IDs (though that query is probably a bit non-trivial).
  6. If the account is validating or partially registered (due to social logins), the cookie page isn't on the allowlist, so users get redirected back to the validating page when they try to view it.
  7. It looks like someone figured it out today, the 107668 diff appears to fix this now.
  8. That patch doesn't fix it I do have a custom upgrade script, so it's possible that I messed up and missed running some code that deletes the tasks, but I also reproduced it on a test install using the normal upgrader and can't find mention of any code that does perform the deletes.
  9. The terminateHosting, monitor and expectedOutputMonitoring tasks were deleted in 4.7.9, but you don't clean up the tasks from the DB, so they get stuck and trigger the "tasks not running" warning (even with the latest 107667 build that deleted references to a couple more of the tasks). I'm pretty sure 3rd party devs have complained about this a few times before - deleting a task ought to automatically clean it up from the tasks table!
  10. The new(ish) Images profile tab shows all the time, even if it has nothing to show. That's different to the other extensions (eg gallery albums, which is separate for reasons that elude me, or custom fields), which only show up if there's content to display. My personal opinion is that this tab is pretty pointless for most sites, because the same stuff is already available in the user's content page. I'm not bothered whether it stays or goes though, as long as it can stay out of the way when it's empty and just a waste of space.
  11. There's no check that the user has permission to see the post being edited, so it's possible to edit a post after it has already been hidden. To reproduce: Post in a topic Start editing that post Moderator hides the post Submit the edit Edit goes through successfully It's not so bad in that repro, because they must have had it open already, but it's not great if the user constructs the calls manually to both load the current version of the post, and make changes to it.
  12. Yeah that did it. There was a period where due to a bug on my side we weren't running some manual upgrade code (just the json-defined changes) - if it was meant to be changed in an upgrade, that's probably the root cause, in which case that's on me.
  13. The background task to delete guest content from pages is spewing uncaught exceptions SELECT * FROM `cms_custom_database_1` WHERE record_author_name='<redacted>' ORDER BY primary_id_field LIMIT 0,250 Unknown column 'record_author_name' in 'where clause' #0 /opt/forum/system/Db/Select.php(388): IPS\_Db->preparedQuery() #1 /opt/forum/system/Db/Select.php(446): IPS\Db\_Select->runQuery() #2 [internal function]: IPS\Db\_Select->rewind() #3 /opt/forum/applications/core/extensions/core/Queue/MemberContent.php(93): IteratorIterator->rewind() #4 /opt/forum/system/Task/Task.php(47): IPS\core\extensions\core\Queue\_MemberContent->run() #5 /opt/forum/applications/core/tasks/queue.php(43): IPS\_Task::runQueue() #6 /opt/forum/system/Task/Task.php(375): IPS\core\tasks\_queue->IPS\core\tasks\{closure}() #7 /opt/forum/applications/core/tasks/queue.php(38): IPS\_Task->runUntilTimeout() #8 /opt/forum/system/Task/Task.php(274): IPS\core\tasks\_queue->execute() #9 /opt/forum/system/Task/Task.php(237): IPS\_Task->run() #10 /opt/forum/applications/core/interface/task/task.php(58): IPS\_Task->runAndLog() #11 {main}
×
×
  • Create New...