News | Forum | People | FAQ | Links | Search | Register | Log in
Site Help
This is the forum to ask questions about this website, report things that are broken, request features, etc.

Be sure to check out the FAQ as well.
First | Previous | Next | Last
 
And Also, WHO THE HELL RUNS THIS SITE?!?

I know, right!?!

I don't know who those old guys are but think it's time for these dinosaurs to step aside and make room for some some new blood - I can help with this, I learned some javascripts in class the other day and I can put those codes in this website at no extra fee.

Also, I notice this website has lots of adverts which display as normal posts - e.g. the Louis Vuitton handbag ads - I assume these guys are your sponsors? - anyway I think it could really help the Louis Vuitton guys and increase your ad revenue if you had some sort of ad streaming down either side of the main page? (There's a lot of space here and it's a waste not to put it to good use)

Let me know if this sounds like something we can look at going forward, also I can advise re: SEO. 
Hello, Microsoft Tech Support Here, 
I have detected a virus on your website! If you give me access to the webserver, I'll get rid of it in no time!

lol 
Triceratops 
Anyone here play Primal Rage way back in the 90s in the arcade?

Seriously, yea while this site could stand to be upgraded / improved with new scrpiting etc, the chances of something being exploited also increases, so there is some wisdom in "keeping it simple" for now. Other Quake sites have these fancy gizmo's going and have either folded or lost alot of decent members or are borderline dead as far as new energy goes.

@Specialbomb, its fine to offer your help, but it sounded like maybe you were demanding access, so I can understand the "no thanks".

A long time ago, someone told me :

"If I need your help, I will ask for it"

Thought it was kind of rude, and very narrow minded, but has alot of truth to it. Lots of times people dont appreciate the help to begin with, and you give it out anyway, just a source for future disappointment....my 2 cents. 
Teknoskillz 
Yeah, I get that. It's like making a painting, and some random guy in the art community says "hey, can I help paint that?" If you let him, he just ends up messing you painting up. 
Password Recovery 
I can not recover my password. I enter my email, but the letter did not come. I tried to write to metlslime in on the problem, but he does not answer. 
 
hmm, the email feature seems broken.

It's using PHP's mail() function, i haven't changed it in a long time, so maybe the server configuration has changed? Or, email services like gmail are rejecting the message. I will have to test soon. 
Metlslime 
I haven't changed the server config, but that doesn't mean anything. Sometimes there are config changed as a result of an update. I'll have a look at the log files, too. 
Also 
I tested it with a gmail address too, can you please check a different provider for the recipient so that we can exclude this as the reason? 
 
Minor thing, but it just struck me that the headers of the forum categories are somewhat misleading. Last 10 Discussion threads and Last 10 News threads suggests they're the latest ones in terms of creation date, not the last ones with activity as it actually is. 
Says You. 
 
Waitasecond, Passwords Are Stored?!?! 
You guys should switch to a hash security system NOW. It's not safe to store passwords like that. 
 
it's true, so don't use the same password here as you use somewhere else. 
Just To Be Sure 
To change password, just go to "Account", type in a new one and (type it again to) confirm? 
 
Correct. I should probably make it more of an explicit process someday. 
Hashing Is Easy 
I'm pretty sure you can easily get a SHA hash generator working on this site in no time. Wikipedia has a great example,

https://en.wikipedia.org/wiki/Hash_function

Super easy to set up hashes, you just generate it and store it instead of a password on the server. The server takes the password, hashes it, stores it, and uses it for verification later. 
 
Func is php so the simple password_hash() would be the best choice. Every thing else requires knowledge.

I would be more interested in HTTPS still. 
HTTPS Would Also Be A Good Idea, 
But would be pretty hard to implement now. Honestly, SHA is super easy to implement, especially since Spirit mentioned a function just for it in php. Honestly, just a days work really. HTTPS should be a later goal, but getting rid of the password storage system should be top priority. 
Specific IPs 
...and please block Tor exit nodes IPs for non-registered users. Someone posting here through Tor usually has bad intentions. 
 
Please don't. Tor is a great tool to protect your privacy especially with func's stupid public IP display. It's no one's business. 
Yo Metl 
Go hash that shit! 
 
Just don't make a hash of it. 
 
Changing the password doesn't work, either. 
Php 
Have to check new php versions, when released they sometimes decide to depreciate some older codes, but I dont think they messed with sendmail in a while that ones too dangerous.

Gmail will sometimes reject mail unless the sender is now, IPV6 friendly..and you have IPV6 enabled on the sendmail server. I turned it off and only have IPV4 , so the mails can go thru. 
 
Nevermind. Changing the password does work after all. It just requires enabling the http referer. 
How Are You Hosting This? 
Are you using a separate webserver, or are you self hosting? 
First | Previous | Next | Last
You must be logged in to post in this thread.
Website copyright © 2002-2024 John Fitzgibbons. All posts are copyright their respective authors.