Schaken

I am working on an application for my website. When I grab notifications using OAuth2, grabbing "/core/members/{id}/notifications" There is 2 big issues. MOST of the return data tells me that it is a "Guest" that linked a comment, or a "Guest" did something. But I go online, and it shows it was a member. For starters, I don't allow guests to interact on my site, and there is no anonymous actions either. I can go on my site, and it right now says there is 8 unread notifications. Then the data that comes back shows only 3 that are unread. Only the ones that say "Guest" return as unread, while the ones that DO say the actual user, return as read, but on the site, it will show unread every time. One of these are not telling me the truth. Here is a simple snippet that was returned to me, as well as a pic to show this is not correct. { "notificationType": "new_likes", "notificationApp": "core", "itemClass": "IPS\downloads\File\Comment", "itemId": 9128, "subItemClass": "IPS\downloads\File\Comment", "subItemId": 9128, "item": { "id": 9128, "item_id": 2700, "author": { "id": 3, "name": "Schaken", "title": null, "formattedName": "Schaken", "primaryGroup": { "id": 4, "name": "Administrators", "formattedName": "Administrators" }, "joined": "2019-01-19T18:21:24Z", "reputationPoints": 2795, "photoUrl": "https://XXXXXXXX3381a472bf76c7dbdc.png", "photoUrlIsDefault": false, "coverPhotoUrl": "https://XXXXXXXXnShot1-Copy-Copy.png.186194ebd604576ee027495e84b23e77.png", "profileUrl": "https://XXXXXXXX/", "posts": 2290, "lastActivity": "2022-10-09T18:18:08Z", "birthday": "1/20/1986", "profileViews": 69950, "customFields": { "4": { "name": "Retained", "fields": [] }, "1": { "name": "Personal Information", "fields": { "1": { "name": "About Me", "value": "Removed Information" } } }, "3": { "name": "Tip Jar", "fields": { "2": { "name": "Donate (Ko-Fi)", "value": "https://XXXXXXXXbed=true&preview=true" } } }, "5": { "name": "Explicit content", "fields": { "4": { "name": "Explicit Content", "value": "0" } } } }, "rank": { "id": 9, "name": "Jedi", "icon": "https:/XXXXXXXXecfbd36c3d7acd948d3c218cccdc32.gif", "points": 4000 }, "achievements_points": 93565, "allowAdminEmails": false, "completed": true }, "date": "2022-10-09T18:18:11Z", "content": "those are upcoming features. NOT available to the public yet.", "hidden": false, "url": "https://XXXXXXXXomment&comment=9128&tab=comments", "reactions": { "139409": [ { "title": "Haha", "id": 3, "value": 1, "icon": "https://XXXXXXXXs/react_haha.png" } ] } }, "itemSub": { "id": 9128, "item_id": 2700, "author": { "id": 3, "name": "Schaken", "title": null, "formattedName": "Schaken", "primaryGroup": { "id": 4, "name": "Administrators", "formattedName": "Administrators" }, "joined": "2019-01-19T18:21:24Z", "reputationPoints": 2795, "photoUrl": "https://XXXXXXXXbf76c7dbdc.png", "photoUrlIsDefault": false, "coverPhotoUrl": "https://XXXXXXXXe84b23e77.png", "profileUrl": "https://XXXXXXXX/", "posts": 2290, "lastActivity": "2022-10-09T18:18:08Z", "birthday": "1/20/1986", "profileViews": 69950, "customFields": { "4": { "name": "Retained", "fields": [] }, "1": { "name": "Personal Information", "fields": { "1": { "name": "About Me", "value": "Removed Information :)" } } }, "3": { "name": "Tip Jar", "fields": { "2": { "name": "Donate (Ko-Fi)", "value": "XXXXXXXXXXXhidefeed=true&widget=true&embed=true&preview=true" } } }, "5": { "name": "Explicit content", "fields": { "4": { "name": "Explicit Content", "value": "0" } } } }, "rank": { "id": 9, "name": "Jedi", "icon": "https://XXXXXXXX.com/uploads/monthly_2022_07/RotatingGear.gif.f4ecfbd36c3d7acd948d3c218cccdc32.gif", "points": 4000 }, "achievements_points": 93565, "allowAdminEmails": false, "completed": true }, "date": "2022-10-09T18:18:11Z", "content": "those are upcoming features. NOT available to the public yet.", "hidden": false, "url": "https://XXXXXXXX.com/file/mod-hunter?do=findComment&comment=9128&tab=comments", "reactions": { "139409": [ { "title": "Haha", "id": 3, "value": 1, "icon": "https://XXXXXXXX.com/uploads/reactions/react_haha.png" } ] } }, "sentDate": "2022-10-09T18:20:09Z", "updatedDate": "2022-10-09T18:20:09Z", "readDate": null, "notificationData": { "title": "somebody reacted to a comment on a Mod Mod Hunter", "url": "https://XXXXXXXX.com/file/mod-hunter?do=findComment&comment=9128&tab=comments", "content": "those are upcoming features. NOT available to the public yet.", "author": { "id": null, "name": "Guest", "title": null, "timeZone": "UTC", "formattedName": "Guest", "primaryGroup": { "id": 2, "name": "Guests", "formattedName": "Guests" }, "secondaryGroups": [], "email": null, "joined": "2022-10-09T18:21:07Z", "registrationIpAddress": "XXXXXXXX", "warningPoints": 0, "reputationPoints": 0, "photoUrl": "https://XXXXXXXX.com/uploads/set_resources_8/84c1e40ea0e759e3f1505eb1788ddf3c_default_photo.png", "photoUrlIsDefault": false, "coverPhotoUrl": "", "profileUrl": null, "validating": false, "posts": 0, "lastActivity": null, "lastVisit": null, "lastPost": null, "birthday": null, "profileViews": null, "customFields": [], "rank": { "id": 1, "name": "NOOB", "icon": "https://XXXXXXXX.com/uploads/monthly_2021_09/Empty.png.3fdbf1263ccbef13547c106243f8d99a.png", "points": 0 }, "achievements_points": null, "allowAdminEmails": false, "completed": false }, "unread": true } }, here is an image showing different data.

I went to the editor in the ACP, and toggles the "Option" and entered this as the HTML: <div class="ipsEmbeddedVideo" contenteditable="false"> <div> <iframe allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen="" frameborder="0" height="113" src="{option}" title="Odysee.com" width="200"></iframe> </div> </div> after that, here is a logo I edited to work nice with the editor button. Hint: I did same thing for Rumble, just edited slightly.

Thanks for the info on the server. I use BunnyCDN because they are very cheap! They claim they will soon have S3 service, so I will give them some time to make that happen. @Stuart Silvester you are amazing! I just tested this (Thats why I am replying late) and this works! Thank you so much guys! You both just made my day!

That is what I was afraid of. I was actually messing with another websites API before my own, they had an API that would generate a link, and if you download it, they somehow seen it and updated the count. Pretty cool feature. I guess this is why I am having so much trouble with this API, just as it SHOULD be, each API is a whole different animal. Invision Community API is honestly Awesome, very detailed and does MANY cool things that I have not seen anywhere else, So I cannot complain. Thank you for your time. I seen a forum here somewhere for suggestions for improvements and ideas or something like that. I may just put this idea there. Thanks again @Marc Stridgen Once I am done with my tool, I am going to make a video of its use and send it to you. lol. You have been a big help.

Does it add to the "Downloaded X amount of times" count?

Hello! I was not expecting you to write out the C# code for me, thought you did, and I didn't even know that function existed, now I can do even better work and I really appreciate that! After playing with this and testing it (Works perfectly!), I am still at the same issue. I went to the Downloads page and clicked on "Who downloaded this" and my name is not there, and the download count did not change. I am using the OAuth2 so the system does know it is me downloading it. I am using the "Downloads Plus" 3rd party extension and i am up to date, except I am not using PHP8.0 yet doe to the "Downloads Plus" not being up to date yet. IF this is due to the PHP being old, then ill drop this and come back if it is still an issue when I update. But I am on the latest version of Invision. Also I marked this complete because you solved my security issue and my biggest concern. Though i would still need the system to register that I did download the file from the downloads app.

I asked this question just a bit too early. I figured it out finally. https://MySite.com/api/downloads/files/143?version=1420

I am working on an application using C#. I am trying to get the endpoints for OLD versions of Download files. As I look at this (AND TRIED IT) I cannot get this. I tried with a OAuth2 connection, and RestAPI. it tells me: 9/27/2022 6:41:17 PM: Received: { "errorCode": "3S291\/2", "errorMessage": "BAD_METHOD" } Is there a way to access the old versions of files? I know we can on our sites, I have that enabled.

I just thought i would update this in case anyone else needs it. I finally got it. This is to get OAuth2: // This part, you are just sending the user to the Login page. public void LoginTest1() { string MyClientID = "1234"; string MyRandomNumber = "4321";// <-- This is your own made up code, you will use this //again, make it anything you want. it gets sent back to you again to let you know it was a secure connection string MyRedirectURI = "https://MySite.com/URIPage/";// <-- This i made a custom page with an input field and make it //capture the code from the URL. string MyScope = "Files?"; string uri = "https://MySite.com/oauth/authorize?client_id="+MyClientID+"&response_type=code&state="+MyRandomNumber+"&redirect_uri="+MyRediectURI+"&scope="+MyScope+""; // <-- I has to put quotes at the end. Dont know why.. Application.OpenURL (uri); } // once they login, the "Code" will be displayed in the URL of "https://MySite.com/URIPage/" you will see a code, and the random number you made. // you will need to make a way for them to enter this into your app. private IEnumerator GetAccessToken() { Dictionary<string, string> content = new Dictionary<string, string>(); content.Add("grant_type", "authorization_code"); content.Add("code", RequestToken); // <-- I used a variable for this, but your "Code" in the URL goes here. content.Add("redirect_uri", "https://MySite.com/URIPage/"; content.Add("client_id", "123456789"); content.Add("code_verifier", "432151");// <-- This is the random code you made up at the very start UnityWebRequest www = UnityWebRequest.Post("https://MySite.com/oauth/token/", content); yield return www.Send(); if (!www.isNetworkError) { string resultContent = www.downloadHandler.text; Debug.Log("Response: "+resultContent); <-- This will show you your Token you are looking for. :) } else { // This needs to show an error, saying something went wrong. Found i had a disabled scope. } } else { Debug.Log("Failed: "+www.error);// <-- displayes the error, if you have any. :) } } This is to get information: public void CallForSomething(uri) { string Bearer = "1234567890";// <- Your Bearer ID var httpRequest = (HttpWebRequest)WebRequest.Create(uri); httpRequest.Headers["Authorization"] = "Bearer "+Bearer; HttpWebResponse httpResponse; try { httpResponse = (HttpWebResponse)httpRequest.GetResponse(); } catch (WebException ex) { httpResponse = (HttpWebResponse)ex.Response; } using (var streamReader = new StreamReader(httpResponse.GetResponseStream())) { var result = streamReader.ReadToEnd(); string FullTXT = result.Replace(@"\", string.Empty); Debug.Log(FullTXT); // <-- This is what comes back :) } }

Hello. I am using a C# application I am creating, I am logged in via OAuth2. I am using the endpoint "/downloads/files/{id}/download" (Yes, it is enabled in the scope) This all works, it sends me a link to the file, the name and size, exactly it should. But the issue is there is no API to tell the site "Hey, I downloaded this" and not only that, but the link returned is https://XXXXXXXXXX.com/files/modupload/monthly_2022_09/1435978003_MyCustomPi-ChoENB_7z.ff0e2dd34912345d81fba665432e6208 which the link works. So, problem 1 is that file should be an archive, but instead it is... not... and second this does not have a key. Very unsecure. If this is intercepted, anyone can download this file at any point, they can also just right click the download in their browser and get the link, and now this file is public. Can we get a "generate download link" API? otherwise this is just too unsafe to use. The "Downloads" app is what my entire site is focused on, and this is how I make my living. Can the "Generated Download Link" have its correct file extension? If these features are already there somewhere and I am overlooking them, please let me know, or if anyone has any idea on how to achieve this?

Hey, how is progress coming along on updating this?

Thank you all, there were all great and I appreciate it. I currently use BunnyCDN because they are by far the cheapest and they help me with everything I need. Turns out I had all my settings correct, it was just Invision itself not letting it work. So, I downloaded the plugin for FTP and was able to just FTP it to my CDN, which works 100% and perfect! Thank you all for your assistance!

I opened it up is VS Code and no errors were found. I do not know the library enough to tell what is 8+/- so I have no idea what needed to be changed to make it compatible. I do know that my site wont load with it on. everything just says template is out of date and in the ACP, it shows there is only 1 line that was in error, and showed the (var?) {$container} and that is what I was going off of. I mean this app will not work on 8+ php the way it is right now. I had to revert back to 7.X in order for my site to still load correctly. So right now, you really do not have to, but when Invision forces us all on to 8+ then we all have to drop this app or just never update again. I do have a strong feeling that forced update will be the next update or the one after though.

you are awesome. 🙂

Honestly, Im not real sure what the need for any of that PHP is. Im debating trying to make it all with the theme editor. I know I can do at least 90% of it. I got pretty good with editing things, sadly i have no idea how to make anything a plugin though. lol

I am not real good with PHP, but it seems the $Container is no longer a function, I believe it was replaced by accessing via \IPS\downloads\Category::roots('view'); But im am not sure how to get this exactly short of: $category = \IPS\downloads\Category::roots('view'); but i never used PHP, I use C#. the language is alot alike though

I have had LOTS of issues with big companies. I imagine amazon would be only worse from there. I like the smaller companies that still care about individuals. I appreciate that advice. I really do not mind spending a little money. Right now, my site with all expenses costs my almost $5K a month to keep running. Thats not huge I know, but its good enough I can call a successful small business.

yeah, I actually use Cloudflare, and alot. But I need file storage, not a cache. My website is over a few TB in size, some files are over 5GB. I host video game content. Cloudflare does its job really well, I agree, but not for delivering files. Before this insane catastrophe, my members were downloading close to 10MB/s. right now it's not even 1MB/s. Same services and everything.

I was currently using BunnyCDN, but only for images. My "Downloads" is all just straight on my metal server. but they can not handle our downloads system from here at Invision community. Right now my server is allowing pwople to download at dial-up speeds because of the backbone every since that last doomsday sole flare. So I am FORCED to get a CDN that will support S3 (Unless someone is willing to share some secrets) Is anyone willing to toss me some ideas for a cheap CDN? 🙂 thanks!

hello. I cannot seem to solve this dilemma. I have been all over the internet for a solid 3 days trying to figure this out. I went to Microsoft to get just the basic format of what an OAuth URL should look like. I can manually type it all out into my browser and it will take me to the Authentication login screen on my site, So honestly, I'm pretty proud there. But when I call it from my app it is not doing anything. I am using Unity by the way. The idea here is on my app people can click a "Login" button, and it should take them to my site to login and send back a token which i will store on their PC. public void test() { StartCoroutine(GetAccessTokenA()); } private static IEnumerator GetAccessTokenA() { string uri = "http://localhost:8080/callback"; string Client_Secret = "1234567890"; string Client_ID = "abcdefghijkl"; string url = "https://XXXXXXXXX.com/oauth/authorize/"; string url2 = "https://XXXXXXXXX.com/oauth/token/"; string Scope = "files"; string SEND = url+"?client_id="+Client_ID+"&response_type=code&state="+Client_Secret+"&redirect_uri="+uri+"&scope="+Scope; Dictionary<string, string> content = new Dictionary<string, string>(); //Fill key and value content.Add("grant_type", "client_credentials"); content.Add("client_id", Client_ID); content.Add("client_secret", Client_Secret); UnityWebRequest www = UnityWebRequest.Get(SEND); //Send request yield return www.Send(); if (!www.isNetworkError) { string resultContent = www.downloadHandler.text; TokenClassName json = JsonUtility.FromJson<TokenClassName>(resultContent); Debug.Log("Success: "+json.access_token); } else { Debug.Log("failed"); } } In the end I guess I'm wondering why I'm not opening in a new window, and then if I have the rest of this correct. I apologize if this is a really poor way of doing this, I am just now learning C#.

So now im working on making a user:Password for Oauth. I really thought this would work. lol. IEnumerator GetForumArray() { Dictionary<string, string> content = new Dictionary<string, string>(); //Fill key and value content.Add("grant_type", "UserEMail:Password"); content.Add("client_id", "ab1c0a4383a8ca2XXXXXXXXbe111111116"); content.Add("client_secret", "7b5040ce3eecdaXXXXXXX7f161e4f43011111113b2ba3a"); UnityWebRequest www = UnityWebRequest.Get("https://XXXXXXXXXX.com/oauth/token/", content); //Send request yield return www.Send(); if (!www.isNetworkError) { string resultContent = www.downloadHandler.text; TokenClassName json = JsonUtility.FromJson<TokenClassName>(resultContent); //Return result Debugger(json.access_token); } else { //Return null Debugger("failed"); } } I got part of the information from looking at someone elses. Im trying to get the token, and then I assume I pass the token in an API to get information, or post. As of right now I get a error on compile telling me " No overload for method 'Get' takes 2 arguments" which it should be post. So I change Get to Post and I get nothing returned PS "Debugger" is basically Debug.Log, I just have a on/off switch for it for when I am debugging.

Cool news, that was the trick. I appreciate it. I will be playing with this for a few days and then I will be making the app have a Login, then the hard part will begin...

Hey! Thank you very much for responding @Martin A.! Based off of what you said, Im going to show you my now edited version of the code. All the failed attempts made system ban me and then it messed up something in the database... I dont know much about server stuff, I have a good friend I pay to manage it all for me. anyway, here is the code, as I can not test it at the moment due to him updating the database. StartCoroutine(getRequest("https://XXXXXXX.com/api/core/hello?key=12AB34CD56EF78GH")); //// My API + ?key= + API Key IEnumerator getRequest(string uri) { Debugger("GET Function Started"); UnityWebRequest uwr = UnityWebRequest.Get(uri); yield return uwr.SendWebRequest(); if (uwr.result == UnityWebRequest.Result.ConnectionError) { Debugger("Error While Sending: " + uwr.error); } else { Debugger("Received: " + uwr.downloadHandler.text); // Jest to post the information, from here i can do whatever with it } } With this being said, I plan on working with the Oauth next. do you have any experience with that? I would love to bounce some ideas and thoughts off you if you have the time and dont mind.

After spending 2 whole days on this same topic, I am at a loss. No matter what I do i keep getting "Invalid Token" I am trying to get the basic /core/hello I am using C# as I am building an application using Unity. There is many tutorials out there but they are all old and unity updates their code so much, all of it is redundant already. in your documents, there is a /ips4 in there, when i use that, I always get an invalid address. So I am using (reqbin.com) to test this. I enter my address (https://XXXXXXX.com/api/core/hello then, for the token, Im going to enter... well my token. (Im just screenshotting Zapier because we are all familiar with it) but this is where i always get invalid token. and lastly, the endpoint is enabled. So I cross checked all this info using C# using many different premade API tools made for Unity, which is what I am using. And i also get invalid token there as well. I am sure it is something super small that I am overlooking, but if you could point me in the right direction, I would appreciate it. Thank you.

Honestly, I will admit, I was betting it was something on my end, I was hoping for advice to fix it, usually it is on my end. Thank you very much for your time! I am sure it will be fixed quickly, as your team is always fast and very good.