hmm, the email feature seems broken.

It's using PHP's mail() function, i haven't changed it in a long time, so maybe the server configuration has changed? Or, email services like gmail are rejecting the message. I will have to test soon. 

I haven't changed the server config, but that doesn't mean anything. Sometimes there are config changed as a result of an update. I'll have a look at the log files, too. 

I tested it with a gmail address too, can you please check a different provider for the recipient so that we can exclude this as the reason? 

Minor thing, but it just struck me that the headers of the forum categories are somewhat misleading. Last 10 Discussion threads and Last 10 News threads suggests they're the latest ones in terms of creation date, not the last ones with activity as it actually is. 

 

You guys should switch to a hash security system NOW. It's not safe to store passwords like that. 

it's true, so don't use the same password here as you use somewhere else. 

To change password, just go to "Account", type in a new one and (type it again to) confirm? 

Correct. I should probably make it more of an explicit process someday. 

I'm pretty sure you can easily get a SHA hash generator working on this site in no time. Wikipedia has a great example,

https://en.wikipedia.org/wiki/Hash_function

Super easy to set up hashes, you just generate it and store it instead of a password on the server. The server takes the password, hashes it, stores it, and uses it for verification later. 

Func is php so the simple password_hash() would be the best choice. Every thing else requires knowledge.

I would be more interested in HTTPS still. 

But would be pretty hard to implement now. Honestly, SHA is super easy to implement, especially since Spirit mentioned a function just for it in php. Honestly, just a days work really. HTTPS should be a later goal, but getting rid of the password storage system should be top priority. 

...and please block Tor exit nodes IPs for non-registered users. Someone posting here through Tor usually has bad intentions. 

Please don't. Tor is a great tool to protect your privacy especially with func's stupid public IP display. It's no one's business. 

Go hash that shit! 

Just don't make a hash of it. 

Changing the password doesn't work, either. 

Have to check new php versions, when released they sometimes decide to depreciate some older codes, but I dont think they messed with sendmail in a while that ones too dangerous.

Gmail will sometimes reject mail unless the sender is now, IPV6 friendly..and you have IPV6 enabled on the sendmail server. I turned it off and only have IPV4 , so the mails can go thru. 

Nevermind. Changing the password does work after all. It just requires enabling the http referer. 

Are you using a separate webserver, or are you self hosting? 

How I make quotes for text looking white in this website? 

Be sure to check out the FAQ as well. 

it works finally 

I love func_msgboard but since day one it's annoyed me that I have to click every single image link to actually see the image. If you're like me, create a bookmarklet and use this bit of javascript as the URL:

-----
javascript:!function(){function e(){(window.myBookmarklet=function(){$('a[href$=".gif"], a[href$=".jpg"], a[href$=".png"], a[href$=".jpg:orig"]').each(function(){var e=$(this).attr("href");$(this).replaceWith('<img src="'+e+'" width="100%" height="auto"></img>')})})()}if(void 0===window.jQuery){var t=!1,a=document.createElement("script");a.src="https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js",a.onload=a.onreadystatechange=function(){t||this.readyState&&"loaded"!=this.readyState&&"complete"!=this.readyState||(t=!0,e())},document.getElementsByTagName("head")[0].appendChild(a)}else e()}();
-----

(I promise this isn't spyware or anything nasty, just code to replace hrefs with images and some jQuery loading preamble.)

Load a thread, click the bookmarklet and every image link will become an inline image.