Chris89

I'm assuming because nobody has replied to this IPS don't think this is an issue?

I would have contacted support about this but because I no longer have an active license because the fees are way too high, apparently I can't report security concerns??? I've noticed that on my installation of IPS, when trying to use the URL encoded RTL Unicode character in the URL (%E2%80%AE) in the middle of params, it's still reversing the text direction and causing issues on the site. Not sure if this will work on the example below, but after the "do=" I added the above url encoded value and it reversed it on my forum and it broke the page. i.e. http://localhost/community/index.php?/topic/2-test/&do=‮getLastComment

Thank you so much guys! I cannot believe I didn't think of this, it's so obvious to clear the original cookies... This is exactly what it was. And as a P.S. it's also fixed my original issue too, which is awesome 🙂

So first off I'm still running 4.4.10. I don't really like the direction the software has gone since then to be honest and I feel pretty disillusioned with it, despite recognising that there are some good features that have been added since (which is a shame). It's also too difficult to keep upgrading the forum all the time and keeping compatibility with my existing themes, plugins and applications (some of which haven't even been upgraded for the newest versions now) among more and my own SSO setup. It's just not possible for me to keep making these large changes at the scale you're making them and keep my site actually running, unfortunately. I would have contacted support about the issue I'm going to post below, but my license has expired and I've just found out when I tried to renew it IPS have now increased the cost from $25 to $40 per 6 months just to get: support (which mostly although very quick is pretty terrible and you don't really want to know IMO) ability to post in virtually any forum here (which is helpful because support doesn't help you, but not worth $40) upgrades (which I've already said I'm not bothered about) spam monitoring (which is nice, but not worth $40 on its own) I have no idea why this change has been made and it's never been communicated to me as a Client, and I don't want this topic to turn into another "bash IPS" one as I can see that a few customers seem to be complaining about other things too. But I do feel I need to state that this change is pretty disgusting. That cost is more than 25% of the cost I actually paid for the software.. and you want me to continue forking out $40 every 6 months just to get access to the above? $25 is justifiable IMO, just. But what this is, is basically taking advantage of clients. Regardless of that now onto what I actually wanted to say. So my Suite sits on a 'forums' subdirectory of my main domain, and I want the cookies set by IPS to be present over my whole site too. When I check the HTTP headers for cookies I can see that one of them is presently residing in only the /forums/ directory. Obviously this is possible with the cookie options, so I've tried modifying my constants.php file with this: <?php define( 'COOKIE_PATH', '/' ); It seems to work fine, but then for some bizarre reason, when I log out and log back in again, it's locking me straight out of my account on the first attempt even though my username and password are 100% correct. I'm using LastPass so I'm not even typing them. They autofill. Every time I make this change, the software is bugging for some reason, and locks me out of my account on the first sign in attempt (claiming I tried 3 times?), I even get an email saying I've been locked out. When I try to sign in again, it repeats this and says to try again in 14 minutes. When I try again after that time, it's also locking me out again. This pattern basically continues until I remove or rename the constants.php file and clear my browser cache. I've even tried in different browsers. Just wondering whether anyone else has had these issues or whwther they might have any ideas why this might be occuring for me? Thank you.

Can anyone help let me know what tables or queries I would need to run in order to update this manually via the database? Support aren't helping at all, just throwing up a block and just pointing me to this forum.

Hi @Makoto just hoping you can let me know that query if you aren't too busy 🙂

Thanks for your advice. Yeah I am permanently redirecting the domain and I intend at this point to keep it in perpetuity but obviously need the old domain to redirect properly so that users don't get the landing page extra redirect. I wouldn't mind trying this myself if you could let me know an example query to follow. I'd be so grateful if you couldprovide that for me 🙂

Hi guys, I recently migrated my community to another domain and I'm a bit unsure how to move forward with all the posts that contain references to my old domain (outside of the IPS suite). I do have redirect forwarding on so the links do forward correctly to my new domain, but obviously, I need to update them. I've contacted support and they suggested maybe a manual SQL query, but this isn't really something they help with and I'm hoping that someone here has encountered some problem like this in the past and knows a potentially easier way. Won't I have to re-index all the posts as well once I've changed all this, via some kind of background task?

To be honest it's mainly a styling reason why I don't want to upgrade to 4.5.... plus it would be hassle because I have lots of plugins and I don't know exactly what changes have been made as to how compatible things are now. But I don't really like a lot of the new changes that have been made style-wise and prefer the older 4.4 style. I think some of the new features are great (though not too keen about removing the Admin CP session from the URL) and I'd love to have them... it's just things like in topic where it states "X months later" and the way that some post actions etc are hidden to name a few things offhand.

Has this been implemented yet? If so are you able to let me know where abouts in thev PHP this has been done? I've checked the latest version but the login cofde still seems the same... I'm trying to integrate it with my SSO.

Does this work on regular topics as well as pages? And do you still have a 4.4 version to download?

I'm not really sure where this question belongs to be honest, so this may well be the wrong forum. However, I'm interested in adding custom emoticons to my IPS board. Problem is, I don't have the graphical skills to create them myself and I'm not sure where to look for them (the x2 size thing really confuses me). Does anyone know where I can find a list or pack of emotions that are compatible with IPS anywhere? Thanks!

Fantastic! What sort of timeframe are we looking at? Any way I could fix this now ready in advance of when it's released?

So as part of my site integration that I've done, I've added a custom HTML form on my site which will submit login details to the login form on my IPS forum. This works fine, and the user is logged in great. Except when they get logged in, they get redirected back to the forum index, rather than the page they were previously on, on my main site. I've tried adding a base64 encoded 'ref' query string to the URL to provide a redirect URL (i.e. the URL they are on), but this isn't working. It's not so much that it's not working, but just rather by design from what I can gather. I understand why this security measure is in place, to prevent CSRF attacks etc and to prevent redirect to malicious websites. My question really, is, is there some way I can allow IPS to redirect back to my own domain from the login form & the page they were previously on, while keeping this protection in place? It isn't on a seperate subdomain or anything, both the forum and my site are running off the main domain. The only difference is that my forum is in a 'forums' subfolder, and it's redirecting back out of there that I can't currently do. Is this possible? I don't really want to have to modify the core IPS files, so an extension would be better if I have to do any development, but I'd appreciate any advice and guidance on this issue. Thanks guys

You’re correct, I do use it for browsing privately. I like it personally, I never really understood what all the fuss was about. The simple fact is that I feel it resonates with me in a way that I just don’t with other browsers, I just don’t like them, particularly Chrome which I think is awful. I don’t mind Safari on my iPhone, I do kind of like that, but not on a desktop computer.