Joriz

+Clients
  • Content count

    198
  • Joined

  • Last visited

About Joriz

  • Rank
    IPB Newbie

Recent Profile Visitors

8,939 profile views
  1. Nope. Sorry. still running a heavy modified 3.3.x. We will start do test upgrades to 4.x soon. But it will probably take multiple months before we actually have everything working in production on IPS4
  2. I tried this yesterday. It gave unsecure content error's in Chrome, so I think more changes on the IPS side are needed.
  3. This requires changes to the code by IPB. All url's are currently hardcoded as http://
  4. Also didn't notice that this was a new update due to the same title. It's a shame that IPB doesn't update the version number when a security update is released. By this you can easily check if you're running the latest version.
  5. Looking forward to see IPS4 Chat with SSL. We also modified our url structure in PublicOutput.php to make the chat work via http:// and many other pages via https:// Please notice if you make your forum work via a secure connection (https://) that visitors in most cases will get mixed content warnings in their browser because many external elements such as added images by the members are hosted at third parties who don't support SSL.
  6. Can you provide some more information? Can you see with the debugger in your browser what is actually happening when you try to login? Please notice you can also report bugs in the bug tracker.
  7. It seems that the changes in core.php in IPB 3.3.x break embedded videos from YouTube, Vimeo, etc... The iframe part seems to break all embedded media video's when you edit a post with a media video. if ( $fixScript ) { $txt = preg_replace( '#<(\s+?)?s(\s+?)?c(\s+?)?r(\s+?)?i(\s+?)?p(\s+?)?t#is' , "&lt;script" , $txt ); $txt = preg_replace( '#<(\s+?)?/(\s+?)?s(\s+?)?c(\s+?)?r(\s+?)?i(\s+?)?p(\s+?)?t#is', "&lt;/script", $txt ); $txt = preg_replace( '#<(\s+?)?i(\s+?)?f(\s+?)?r(\s+?)?a(\s+?)?m(\s+?)?e#is' , "&lt;iframe" , $txt ); $txt = preg_replace( '#<(\s+?)?/(\s+?)?i(\s+?)?f(\s+?)?r(\s+?)?a(\s+?)?m(\s+?)?e#is', "&lt;/iframe", $txt ); }Please notice that a check for script is always good and a script should never be embedded in a user post.
  8. Some issues with the new classPost.php and classPostForms.php on IPB 3.3.4. I get white pages and are not able to post. I compared the files and just applied some fixes I felt necessary. Most webservers also check for exploits and XSS when making use of mod_security, Suhosin and other security additions.
  9. Great to hear that the community forum is the biggest test for IPS4. Even with cache disabled everything seems to work fine and fast from the Netherlands. So I'm really looking forward to experience the new software at full speed with more optimizations and caching enabled.
  10. Looks great. Can't wait to update my own community to IPS4, although we also need to do a lot of testing and rebuilding hooks and modules before we can also enjoy IPS4.
  11. Why do I need to change my password to login via the forget password procedure and why do I have to add 'security' questions? This almost seems there has been a leak. Is there something IPS is not telling me? If you guys really value security you should look at Two-step Authentication (eg. Google Authenticator) . It is very easy to integrate in your website and it is actually an extra layer of security because somone actually has to fysical steal a device from you such as your phone or token generator and have to know your password to login. This is very unlikely. What is likely someone guessing or just Google'ing or check your Facebook for the 'security' answers. It is really easy to find stuff as which movie I like (is on my Facebook) and what my mothers name is. That's why I use fake questions and fake answers and just write them on a piece of paper (also not that secure). I hope IPS really take a second look at the security. All those horror stories about peoples there Apple/Paypal or Twitter account being hacked has been done thanks to social engineering and just simply Google'ing the answers to security questions. I really think security questions give a false sense of security!
  12. Converting dates isn't that easy for most people. With daylight saving time and such. So I like your idea even when most of our visitors are in the same timezone.
  13. You will find a boardIndexMembersOnlineToday_{some numbers and letters}.php file in the hook directory of Invision Power Board. If you replace it with my file it should work. Please notice that I only tested this with two Invision Power Board installations. Probably my example could be improved that the caching value (now 600 seconds) could also be set in the admin panel.
  14. Thanks for sharing this great Hook for Invision Power Board. For our crew it is very motivating to see that there are so many members online on our board each day. The only thing I didn’t like about the hook is that it is using a resource intensive JOIN query to our database. That's why I made a small modification that caches the values for 10 minutes within the Invision Power Board disk cache. NOTE: Why is the Invision cache so under used in plugins/hooks? It really makes your board run quicker if you do some 'smart' caching :smile: boardIndexMembersOnlineToday.txt
  15. Thank you for confirming SSL in version 4 :)