define('VALIDATE_EMAIL_TO_POST', '1');
in your project.inc, users have to validate their email addrs
to post in the forums, send PMs, or create profiles.
Our current translation system (Transifex) introduced a new editor feature which autodetects C-style placeholders in PO files. This wrongly detects our placeholders in the web code where a word immediately follows the digit. This leads to wrong translations if the placeholder is copied using this new transifex feature. The feature can not be globally disabled for our project. Instead every translator would need to use "raw" mode to disable it which is hard to communicate. Instead I added a space around problematic placeholders which is possing a smaller problem than wrong translations.
In messages (forum or PM) a [pre] section with a long line
would stretch the table cell,
causing that message and others to run off the edge of the window.
The solution, as Juha pointed out, is to use table-layout:fixed
for those tables, and to explicitly set the width of the other columns.
This causes the long lines to be put in boxes with a horizontal scrollbar,
and nothing overflows.
- change dark-background link color
- change dark-background colors for <pre>
- fix heading color for striped tables
It turns out that, for striped tables, Bootstrap ignores classes for <tr>.
You have to put them in the <th>.
row_heading() and row_heading_array() do this for you.
- put Preview content into a table w/ heading
Consensus is that showing team member addrs to team admins is bad for privacy,
even if members can opt out.
So: omit email addr from all forms of member list.
Instead, add a feature where team admins can send a PM to all team members.
When deleting a spammer, delete
- forum_logging
- private messages
- notifications
Also, when displaying private messages, check if sender
doesn't exist, and delete if so
- one of their posts is moderated
- a banishment vote starts or completes.
This is needed in cases where the user can't or doesn't
read email to their account's address.
The "from" address of the PM is that of the user, not the moderator.
svn path=/trunk/boinc/; revision=23941
- web: remove file_get_contents() workaround for PHP4
- web: If Akismet or ReCaptcha failure,
display the form again with a warning message at the top.
That way the user doesn't lose the text they just typed.
svn path=/trunk/boinc/; revision=16175
(mostly from Simek)
fixes#716
- validator: tweak the way host error rate is computed,
e.g. on error bump rate by .1 instead of .05
svn path=/trunk/boinc/; revision=15771
There are two aspects:
1) undoing magic quotes (if it's being used).
This must be done for all GET and POST string inputs.
It is now done automatically by get_str() and post_str().
The places that refer to $_GET and $_POST directly
must do it themselves using undo_magic_quotes().
2) Escaping user-supplied strings before using them in DB queries.
This is done by process_user_text()
(which should be renamed db_escape_string()).
The new principle:
call process_user_text() in the function that does the DB query
(not at any higher level).
svn path=/trunk/boinc/; revision=15389
1) it's not correct to apply stripslashes() to all form input.
That should be done only if magic quotes is on.
I fixed this by adding a function undo_magic_quotes()
that does the right thing.
2) There's no reason to strip backslashes from user-supplied text
(forum titles and bodies, private messages, passwords etc.)
I'm not sure why this was being done.
It prevented messages from containing backslashes.
svn path=/trunk/boinc/; revision=15364
Users can choose whether to get 1 email per notification,
a daily "digest" email, or no email.
(All notifications are shown on the Account page).
Currently used for:
- Friend requests and confirmations
- Posts to subscribed threads
- Private messages
NOTE: To implement the "daily digest" feature, projects must add
a periodic task for html/ops/notify.php to config.xml
- web: have project_footer() generate links for
Account Page and Message Boards as well as Home
NOTE: projects that want this change
will have to modify their own project.inc.
svn path=/trunk/boinc/; revision=14447
strip HTML tags from text (e.g. to remove photos)
- user web: show_image(): separate title (tooltip text)
from "alt" (replaces image if images disabled).
The latter must be terse.
- user web: show_button(): make it work even if Javascript disabled
svn path=/trunk/boinc/; revision=14294
David Anderson