New Changes!

ÄlphämönkëyÄlphämönkëy Registered User regular
Ok, just to let you all know, there are a few changes that took place tonight.
#1) I cached the global options. To most of you, this means nothing more than things run faster.
#2) I retooled the user group page, the change should not be noticable in terms of what you see, but the stuf that runs it got completly re-tooled. It is a ton faster now. I dont know how the phpBB group slept at night knowing they released a file that slow.
#3) THIS ONE IS IMPORTANT: I am changing the logins to be more secure. The change only affects javascript powered browsers, the rest will still be able to connect with clear text passwords. Basically when you click login javascript does some funky stuff and makes your password uuber encrypted and also makes it so people can't "replay" the encryption to login as you. If that didnt make sense, it boils down to this, if you have a computer with a browser that is newer than 1996 I have made your password a bit safer. The problem is I borked the code somewhere and I need sleep, so this final change will be turned on tommorow.

If you admin your own phpBB board and want a copy of the patches they will be available by the end of the week. They wont be in that stupid easy mod format they will be available in .patch form. This works two fold, a) I dont have to handwrite easy mod code, b) if you dont know how to use the patch < /path/to/file.patch system, you probably shouldnt be using "experimental" code.

If you are having any problems especially with the user group pages, logging in, or you see something about a cache/ directory, please post in here.

Thanks.

Älphämönkëy on

Posts

  • StevenSteven Registered User regular
    edited July 2004
    If you admin your own phpBB board and want a copy of the patches they will be available by the end of the week.

    Cool!

    Does that include the chash MOD?

    Steven on
  • ÄlphämönkëyÄlphämönkëy Registered User regular
    edited July 2004
    Right now, Im thinking yes, but the tar \ zip file will exclude the documentation and proof of concept code for the exploit, but it will still have full documentation for the patch itself :P

    Älphämönkëy on
  • DogDog Registered User, Administrator, Vanilla Staff admin
    edited July 2004
    Sweet. Yanno, you're close enough, I think this deserves a drive up to MN for a good old-fashioned molestation. See ya in a couple hours.

    Unknown User on
  • Garlic BreadGarlic Bread i'm a bitch i'm a bitch i'm a bitch i'm a Registered User, Disagreeable regular
    edited July 2004
    If you are having any problems especially with the user group pages, logging in, or you see something about a cache/ directory, please post in here.

    Kinda hard, isn't it?

    Garlic Bread on
  • RamiusRamius Joined: July 19, 2000 Administrator, ClubPA admin
    edited July 2004
    yeah, Keith has a point.

    FYI, alpha, I had login problems and I posted about them in the mod forum because I hadn't seen this post yet.

    Ramius on
    1zxt8dhasaon.png
  • GABBO GABBO GABBOGABBO GABBO GABBO Registered User regular
    edited July 2004
    You're even gonna give the code away?
    Awww thanks!

    GABBO GABBO GABBO on
  • ÄlphämönkëyÄlphämönkëy Registered User regular
    edited July 2004
    Keith wrote:
    If you are having any problems especially with the user group pages, logging in, or you see something about a cache/ directory, please post in here.

    Kinda hard, isn't it?
    It shouldnt be, while the index is patched to the new version, I have left the login.php page unchanged as a "failsafe"

    Älphämönkëy on
  • The GeekThe Geek Oh-Two Crew, Omeganaut Registered User, ClubPA regular
    edited July 2004
    When I try to log in from the main forum page, it keeps giving me the "You have specified an incorrect or inactive username, or an invalid password." message. But when I lot in from the page that has only the login and password field, it lets me in.

    The Geek on
    BLM - ACAB
  • incognitoincognito Registered User regular
    edited July 2004
    Same problem as the person above me, I thought I was banned for a second :)

    incognito on
    My art thread.
    Janson: Listen bitches, just shut up and get back to licking my floor clean.
    I'm not dealing with your kind of crap today.
  • crosspunishercrosspunisher Registered User, ClubPA regular
    edited July 2004
    Same as The Geek and incognito.

    crosspunisher on
  • Munkus BeaverMunkus Beaver You don't have to attend every argument you are invited to. Philosophy: Stoicism. Politics: Democratic SocialistRegistered User, ClubPA regular
    edited July 2004
    I have mozilla set to save my password but not auto log in.

    Except when I DO hit the login button, it says "Oops, wrong pw or invalid user id, try again" and I have to enter it manually.

    Munkus Beaver on
    Humor can be dissected as a frog can, but dies in the process.
  • ObbiObbi Registered User, ClubPA regular
    edited July 2004
    So alpha, what about those..

    other changes?

    You know, the...new and improved.

    Obbi on
  • MammalMammal Registered User regular
    edited July 2004
    You could probably disregard the PM i sent before reading this Alpha if I'm eventually gonna have access to your patchful-ness.

    Mammal on
    mkds9kt.png
  • PheezerPheezer Registered User, ClubPA regular
    edited July 2004
    I can't log in at the main forum page at all, but I can if I login to post or by clicking Login to view private messages.

    Pheezer on
    IT'S GOT ME REACHING IN MY POCKET IT'S GOT ME FORKING OVER CASH
    CUZ THERE'S SOMETHING IN THE MIDDLE AND IT'S GIVING ME A RASH
  • DogDog Registered User, Administrator, Vanilla Staff admin
    edited July 2004
    Obbi wrote:
    new and improved.

    NO SUCH THING! :x

    Unknown User on
  • ObbiObbi Registered User, ClubPA regular
    edited July 2004
    Obbi wrote:
    new and improved.

    NO SUCH THING! :x

    I think this is actually true.

    Obbi on
  • DogDog Registered User, Administrator, Vanilla Staff admin
    edited July 2004
    The Geek wrote:
    When I try to log in from the main forum page, it keeps giving me the "You have specified an incorrect or inactive username, or an invalid password." message. But when I lot in from the page that has only the login and password field, it lets me in.

    Unknown User on
  • PheezerPheezer Registered User, ClubPA regular
    edited July 2004
    Obbi wrote:
    Obbi wrote:
    new and improved.

    NO SUCH THING! :x

    I think this is actually true.

    YES! ALLOW US TO ABANDON THIS INTARWEBTERNET POST HASTE AND RETURN TO THE TELEGRAPH! NO! CARRIER PIGEONS! NOW.

    Pheezer on
    IT'S GOT ME REACHING IN MY POCKET IT'S GOT ME FORKING OVER CASH
    CUZ THERE'S SOMETHING IN THE MIDDLE AND IT'S GIVING ME A RASH
  • ObbiObbi Registered User, ClubPA regular
    edited July 2004
    The Geek wrote:
    When I try to log in from the main forum page, it keeps giving me the "You have specified an incorrect or inactive username, or an invalid password." message. But when I lot in from the page that has only the login and password field, it lets me in.

    Ramius made a post about this earlier today, only he was a little more freaked about it.

    Now what did Alpha say...?
    I rolled out the patch, and then realized it wasn't generating pure hashes. I needed to spend more time on it, but I realized it was 3am and I wanted sleep. I quickly threw in that comment and forced a javascript error on login.php. :P

    Obbi on
  • DogDog Registered User, Administrator, Vanilla Staff admin
    edited July 2004
    Obbi wrote:
    Obbi wrote:
    new and improved.

    NO SUCH THING! :x

    I think this is actually true.

    We had a big long discussion about this in SE. I claimed there could be no such thing that is both new and improved. Several others disagreed. It was fun.

    Unknown User on
  • LegacyLegacy Stuck Somewhere In Cyberspace The Grid(Seattle)Registered User, ClubPA regular
    edited July 2004
    Obbi wrote:
    Obbi wrote:
    new and improved.

    NO SUCH THING! :x

    I think this is actually true.

    We had a big long discussion about this in SE. I claimed there could be no such thing that is both new and improved. Several others disagreed. It was fun.

    What if there's this playground that's all beat up. But someone makes a new one of it and improves a little bit on it? Then it's new AND improved. Right?

    Legacy on
    Can we get the chemicals in. 'Cause anything's better than this.
  • ÄlphämönkëyÄlphämönkëy Registered User regular
    edited July 2004
    *destickified*
    Things seem to have mellowed out. No bugs to date. I just installed a security hack, that shouldn't be too noticible unless you are trying to do something malicious :wink:
    EDIT : The security mod is here and my variation on it is listed here. I highly reccomend the mod to anyone running a forum (with register_globals enabled)

    Älphämönkëy on
  • FeintFeint Registered User regular
    edited July 2004
    It's probably nothing.

    it went away after two refreshes.
    *shrug*

    Feint on
    fixedsig.gif
  • Johnny SmashJohnny Smash Tucson, AZRegistered User regular
    edited July 2004
    Feint wrote:
    It's probably nothing.

    it went away after two refreshes.
    *shrug*

    That happens to me sometimes, but I don't think it's just PA. Maybe the browser is getting the info and it's loading the page then it's like "Oh crap, what was I doing"

    Johnny Smash on
    cFhq9lX.jpg
  • TIE FighterTIE Fighter Registered User regular
    edited July 2004
    I dunno if this is related to the changes, but I'm getting MySQL errors like crazy. And the weird thing is, I only need to refresh like once or twice and the page loads normally. But it's happening for like every second link I click.

    TIE Fighter on
  • ÄlphämönkëyÄlphämönkëy Registered User regular
    edited July 2004
    I just spent a good ammount of time trying to hack the database to kill off unused threads. It is working better, but not optimally.

    Älphämönkëy on
  • ÄlphämönkëyÄlphämönkëy Registered User regular
    edited July 2004
    I just spent a good ammount of time trying to hack the database to kill off unused threads. It is working better, but not optimally.

    Älphämönkëy on
  • AneurhythmiaAneurhythmia Registered User regular
    edited July 2004
    Is it worth noting that i'm having login issues still?
    i'm running Opera 7.somethingprettyrecent, but i'm going to download 7.evenmorerecent and try that out.
    Basically, now when i log in, it kicks me back to the log in screen and never acts as though i'm logged in. If i refresh it does nothing, but if i close and reopen the window, it shows me as logged in.
    i was thinking it was an issue with Opera and cookies or something, but then i saw this thread...

    Edit: i have no IE to test on this computer, but i may download some hot Mozilla action and see what's up. No problems on the FreeBSD box though.

    Aneurhythmia on
  • ÄlphämönkëyÄlphämönkëy Registered User regular
    edited July 2004
    Really?
    Say more....

    Älphämönkëy on
  • AneurhythmiaAneurhythmia Registered User regular
    edited July 2004
    Really?
    Say more....
    It seems to have gone away with the new Opera version...
    i was on 7.3something and now i'm on 7.52.
    If you guys are still tracking some login issues and it comes up again, i can take note.

    The only way i could imagine that the issue is only temporarily fixed is if there's a discrepancy between how the browser handles logging out manually and the cookie or whatever expiring.

    Aneurhythmia on
Sign In or Register to comment.