CoffeeCake

Are you using gd or imagemagick? You should enable logging for PHP and see what errors you get from whichever extension you're using.

We absolutely will! I'd encourage anyone here to install 4.6 on their test sites and doing a high degree of testing prior to upgrading their community when 4.6 is eventually released. This is to be expected and natural. What are the blockers for releasing a beta? The sooner we start to be involved in testing, the earlier feedback your team gets, and the sooner those who won't test (despite all my warnings to the contrary) get a release.

Things look a bit different this time around. With 4.5, there was the "alpha" domain hosted site, then there was a series of beta releases, followed by full releases that may as well have been beta releases. It didn't go as smoothly as maybe would be ideal. So I'm wondering if we take our lessons learned, and have adjusted things perhaps, what the plan this time is for 4.6.

Yes, find reputable and recognized places for knowledge, just as you'd search for any other product or service online. 🙂 Depending on your learning style, seek out paid or free training/courses from reputable providers (consider looking into MOOCs) or go straight to the source for documentation: PHP: https://www.php.net/docs.php MySQL: https://dev.mysql.com/doc/ Javascript: https://developer.mozilla.org/en-US/docs/Web/JavaScript HTML/CSS: https://www.w3.org/standards/webdesign/htmlcss

That just means you'll have a dedicated IP address for outbound mail, not that your server's sending IP will be revealed. We use the regular version with no issues. Make sure you setup SPF & DKIM.

Have you looked at the providers that are built into IPS? In particular, SendGrid?

If the bug tracker is any indication, you need client testing before it will be ready for production. What's the plan for releasing alpha/beta releases for testing purposes to self-hosted clients? We're not particularly interested in achievements and will likely not activate them in our community, however speaking from a 4.6 release as a whole the changes look like they would benefit from testing code revisions and third-party integrations.

I would urge caution at using w3schools. I have found that they frequently show bad practice behaviors in their examples.

Invision (broadly) uses five languages: Front End - things that run in the context of a user's browser: JavaScript (often in the form of reusable libraries) CSS (Cascading Style Sheets) HTML (HyperText Markup Language) - all web sites use this, and Backend - things that run on a server: PHP -- what actually runs on the server In addition, SQL is used through extraction layers in PHP via MySQL (or its swap in, MariaDB). You will also find some use of JSON and XML. And you will find interactions with other technologies via PHP such as elasticsearch and Redis. Your ability to establish working proficiency in any of these and then to develop an understanding of the existing codebase is an exercise we can only speculate about. I'd recommend looking for open, free courses that touch on the basics of PHP and front-end web development and see for yourself your ability to pick things up. Many of us have no formal education on these things and have largely taught ourselves. Many of us have formal education in one or more of these areas. If you have the desire and drive, you're most of the way there.

... Analytics solutions aren't intrusion detection systems. If you need something that's looking for suspicious behavior, that solution should be ingesting your web server's logs or, more ideally, sit in front of your web server via something like a firewall and use things like inspection. Matomo and Google Analytics are simply tools that help you understand your audience. You can only control the software running on your services and cannot force any user or robot to run software client side.

Looks like the same behavior happens here. You should encourage whoever administers that site to consider a hyphen instead of an underscore. In other words, dev-tc instead of dev_tc.

The hostname of the link you posted contains an underscore. Underscores are not supposed to be used in hostnames and violate the RFCs for valid hostnames. My guess would be that CKEditor is doing something with this link. Posting it here as a test. Test link

Are you sure this is not a mechanism brought on by the settings of your PayPal account? Are you using a PayPal business account? Have you look into alternative payment processors? https://developer.paypal.com/docs/admin/checkout-settings/

Practically every allocated resource and configuration on your server(s), your community's usage of various features, resources allocated/consumed by the various services and tools powering your community, your community's guest to member ratio, and the design and architecture of your server(s) setup.

These are decisions that require a technical understanding and cannot be realistically answered within the scope of a post here. Depending on a multitude of factors, the best choice may vary and IPS gives flexibility in that regard. If you don't understand something, don't use it until you do. If you do not have the personal time or skillset to seek out and obtain an understanding of these things, then consider hiring someone who does: https://invisioncommunity.com/third-party/providers/

This is a very limited use case and would likely not be used by most other IPS communities to make it worthwhile adding to the core software. Consider creating an extension to add this functionality or finding a developer who can do it for you from here: https://invisioncommunity.com/third-party/providers/ You can alternatively protect the contents of e-mails being available in an unencrypted form by not including the text of the message in the e-mail templates. This way, your members need to view their messages through your encrypted site. SMS is an insecure method to perform password resets.

You probably want to prevent traffic from this misbehaving spider entirely then by creating rules at your CDN/web server/firewall prior to IPS having to serve out the request. I'm not sure what you are referring to by "Hot Link Protect" yet it's probably better to stop this traffic before IPS has to do any work on the PHP/MySQL side of things.

You do not need to move the file to require http authentication. Simply create a Files rule within your IPS directory that the file requires authentication. Assuming Apache and that you're not a CIC customer, something like the following should work: <Directory /var/www/html> <Files sitemap.php> AuthType basic AuthName "Protected Super Secret SiteMap" AuthUserFile /path/to/.htpasswd Require valid-user </Files> <!-- Include everything else you had in here --> </Directory>

Pages is all about templates. It's not a secret--you can simply view the source and create a similar template yourself. It's just a nav box with links to anchors and some CSS: <nav class="sGuidesMenu"> <h2 class="ipsType_reset">In This Guide:</h2> <ul class="sGuidesMenu__list"> <li class="sGuidesMenu__item sGuidesMenu__item--H2"><a href="#generalterms"> General Terms </a></li> <li class="sGuidesMenu__item sGuidesMenu__item--H2"><a href="#apps"> Applications </a></li> </ul> </nav>

Here's a link to dbfiddle that shows the output: https://dbfiddle.uk/?rdbms=mysql_8.0&fiddle=0238af66d4e90f4553c5769a13e0f2b9

Ahhh... The sample I provided is for 8.x+. It may be worth upgrading your MySQL server version. You'd otherwise need to create a user-defined function to create a similar tool to do it.

What version of MySQL are you running?

You could use REGEX_REPLACE(): SELECT REGEXP_REPLACE('This is some text with a url in it like https://www.example.com/profile/34251-username/ and https://www.exAMPLE.com/profile/95823-another-guy and such.','www\.example\.com\/profile\/([0-9]+)-','www.example.com/p$1/',1,0,'i');