(2016-02-20, 06:43 PM)Sgt Cheesepuffs Wrote: [ -> ]This shoutbox looks nice and clean however it doesn't work. When I used it there was no buttons to send the message. And no other buttons.
reply all questions below...
reply all questions without exceptions:
1- you readed first post and follow install guide?
2- installed too Miuna shoutbox server in openshift?
3- tested with default theme?
4- appear javascript error? if not know how see javascript error so check
https://codex.wordpress.org/Using_Your_B...ipt_Errors (step 3 only) and post here javascript error.
5- repeat step 4 too with default theme if you using custom theme.
(2016-02-20, 02:43 PM)martec Wrote: [ -> ] (2016-02-17, 02:20 PM)Predatorz Wrote: [ -> ]~snip
before people make some confusion...
not has any confirmed exploit in this version.
and i won't more accept people saying word "exploit" in question of authenticated and logged user making thing that not make any sense. If user make spam in shout or in forum so work of moderator is ban this user.
any people saying "exploit" word i will deny any type of support
i will only accpet insecure question about unauthenticated access. So in this case of cource, people can use word exploit.
about this question all shouts (DVZ others) i know not has any limitation in number of times to edit one shout. So all shouts has exploit? make sense?
Other shouts appear that has control about what group can edit. Only thing that i will made about this is add option what group can edit in next version like others.
Need more customized thing? So paid for customization.
![[Image: 989f63bfcffe6409f46c890232a02440.gif]](https://camo.mybb.com/b59d38f0b2916414a6c00d1120a4e8bcc0580b1c/68747470733a2f2f6779617a6f2e636f6d2f39383966363362666366666536343039663436633839303233326130323434302e676966)
This is one of the many exploits / scripts he is talking about. It lags / crashes the server.
edit: here is another one
![[Image: AxghDtA.png]](https://camo.mybb.com/22b53e727b648f4ac993ea9416a8baf5fb6f81dc/687474703a2f2f692e696d6775722e636f6d2f417867684474412e706e67)
(2016-02-22, 10:01 PM)Vanissery Wrote: [ -> ]~
so you know what people making this... so ban this user... what difficult?
he ask for to add limit of number of edit times or time out to edit...
what shoutbox has this feature? so make all other soutbox that not has this feature too exploit? What logic?
want this customization? so paid for customization request.
only thing that i will add is group that can make edit like other shoutbox. If not satisfied, and not want paid for customization so please use another shoutbox instead flame my product using term "exploit".
for me after i install and active the plugin it did show on the forum but it kept loading. I can't post message on the chat. any reason why?
(2016-02-24, 12:13 AM)Beerus Wrote: [ -> ]for me after i install and active the plugin it did show on the forum but it kept loading. I can't post message on the chat. any reason why?
reply all questions below...
reply all questions without exceptions:
1- you readed first post and follow install guide?
2- installed too Miuna shoutbox server in openshift?
3- tested with default theme?
4- appear javascript error? if not know how see javascript error so check
https://codex.wordpress.org/Using_Your_B...ipt_Errors (step 3 only) and post here javascript error.
5- repeat step 4 too with default theme if you using custom theme.
Nice shoutbox and it works well. Only problem is that the @username mentions aren't working. Perhaps because I have DVZ mentions installed? the Autocomplete function does work but it just shows the username as @"username" instead of it being coloured with profile link. Is there a fix for this?
(2016-02-24, 02:43 PM)dwl Wrote: [ -> ]Nice shoutbox and it works well. Only problem is that the @username mentions aren't working. Perhaps because I have DVZ mentions installed? the Autocomplete function does work but it just shows the username as @"username" instead of it being coloured with profile link. Is there a fix for this?
this is not generated any profile link...
so normal behavior
(2016-02-20, 02:43 PM)martec Wrote: [ -> ] (2016-02-17, 02:20 PM)Predatorz Wrote: [ -> ]@martec
Here are some exploits / things you should fix:
-Add an edit message timeout so people cant edit their messages 100 times a second.
People are currently making messages and then using edit exploits to edit the message very fast causing people to disconnect and the server to crash sometimes or reset connections...
People also can make 5 messages and edit those 5 messages at the same time causing massive spam and crashes, so just adding an edit timeout would fix a bunch of stuff.
before people make some confusion...
not has any confirmed exploit in this version.
and i won't more accept people saying word "exploit" in question of authenticated and logged user making thing that not make any sense. If user make spam in shout or in forum so work of moderator is ban this user.
any people saying "exploit" word i will deny any type of support
i will only accpet insecure question about unauthenticated access. So in this case of cource, people can use word exploit.
about this question all shouts (DVZ others) i know not has any limitation in number of times to edit one shout. So all shouts has exploit? make sense?
Other shouts appear that has control about what group can edit. Only thing that i will made about this is add option what group can edit in next version like others.
Need more customized thing? So paid for customization.
Sir, Sir, Sir...
Well @martec seems as you do not know the meaning of eploit.
You have a timer that stops people from sending more than 1 message every 3 seconds or whatever you set it to? Why even have it????? When you can just use some javascript to EXPLOIT the system and send 100 messages every 3 second.
Anyhow dude yes DVZ have protection against this and all other errors this shoutbox has had.
With DVZ I can not just get some Javascript and EXPLOIT the spam timer system like I can with your shoutbox.
Anyhow this is not my software so its your choice if you want to fix EXPLOITS.
If its not an exploit then what is it? Did you expect people / want people to use these javascripts in the first place to bypass your measures/code? Besides I can just edit the server side with the current edit protection and apply it to editing if you really do not want to fix this, No need to pay for something I can do I just do not want to do it because its not my software, I am advertising your shoutbox on my forum for no reason basically which I might just start editing it left and right and make it my own.
(2016-02-24, 09:35 PM)Predatorz Wrote: [ -> ]~
so good luck with DVZ shoutbox.
i will denied any type of support request by you.
bye.
programmer that understand programming i post below part of code of DVZ shoutbox, i not need say what mean (if you not know who saying true so download DVZ shoutbox and check code yourself)
case 'dvz_sb_update':
$permissions = (
self::can_mod($mybb->get_input('id', MyBB::INPUT_INT)) &&
verify_post_check($mybb->get_input('key'), true)
);
$handler = function () use ($mybb) {
self::update($mybb->get_input('id', MyBB::INPUT_INT), $mybb->get_input('text'));
echo self::parse($mybb->get_input('text'), self::get_username($mybb->get_input('id', MyBB::INPUT_INT)));
};
break;
static function update($id, $text)
{
global $db;
return $db->update_query('dvz_shoutbox', [
'text' => $db->escape_string($text),
'modified' => time(),
], 'id=' . (int)$id);
}
(2016-02-23, 02:04 AM)martec Wrote: [ -> ] (2016-02-22, 10:01 PM)Vanissery Wrote: [ -> ]~
so you know what people making this... so ban this user... what difficult?
he ask for to add limit of number of edit times or time out to edit...
what shoutbox has this feature? so make all other soutbox that not has this feature too exploit? What logic?
want this customization? so paid for customization request.
only thing that i will add is group that can make edit like other shoutbox. If not satisfied, and not want paid for customization so please use another shoutbox instead flame my product using term "exploit".
.... are you serious.
As you can see in the example. A message is getting edited numerous times a second, bypassing antiflood, to make a letter in a long message. This results in the servers receiving a lot of data at one time, having it lag and crash...
I don't get what "Feature" you are talking about. Are you talking about the feature to edit a message? because I'm positive other shoutboxes have that feature / it has the same rules for antiflood.
This orange isn't "customization". This is a patch. This fix would make your shoutbox actually usable, and not have people lagging and crashing it every 10 minutes. Do you wan't people to keep using your shoutbox? Or are you just gonna drive people away by saying "Just use DVZ lol xd". The only reason I have ever heard of Miuna Shoutbox was thanks to @Predatorz. And many other people have too.
All you have to do is patch a javascript exploit. We (or I at least) don't wan't the whole edit feature changed, just this exploit.
I will send you the exploit for the first example if it makes you happy, so you have something to go off of...
I'm sure that this guy can edit the shoutbox just fine, but he brought it up so you can make it a default thing, and so other people who aren't very fond of Javascript don't have to deal with ruining their shoutbox trying to fix it.