Search found 3100 matches

by MarkDHamill
Tue Oct 15, 2019 12:26 am
Forum: Extensions in Development
Topic: [RC] Filter by country - version 1.0.7
Replies: 199
Views: 10558

Re: [RC] Filter by country - version 1.0.7

Interesting. Hopefully that catches all the generic HTTP headers with possible IPs. So HTTP_X_FORWARDED_FOR is authoritative and X_FORWARDED_FOR is not? X_FORWARDED_FOR seems to be a thing:

https://en.wikipedia.org/wiki/X-Forwarded-For
by MarkDHamill
Mon Oct 14, 2019 11:53 pm
Forum: Extensions in Development
Topic: [RC] Filter by country - version 1.0.7
Replies: 199
Views: 10558

Re: [RC] Filter by country - version 1.0.7

Some notes as I look into this: HTTP_CF_CONNECTING_IP is a header added by Cloudflare. There are other CDNs out there and they probably add their own proprietary headers, although Cloudflare can be assumed to be the one most likely to be used. It's not practical to scan for every header a CDN might ...
by MarkDHamill
Mon Oct 14, 2019 7:24 pm
Forum: Extensions in Development
Topic: [RC] Selective mass emails 1.0.7
Replies: 27
Views: 2615

Re: [RC] Selective mass emails 1.0.7

That's a link to the page for the extension where it can be downloaded. Not sure how that URL is being grabbed since it's not in the composer.json file. Also, the Uploads extension does not indicate it works for phpBB 3.2.
by MarkDHamill
Mon Oct 14, 2019 1:41 pm
Forum: Extensions in Development
Topic: [RC] Selective mass emails 1.0.7
Replies: 27
Views: 2615

Selective mass emails 1.0.7

A newest version is now available, having gotten a quick review of the last one by the extension review team. See first post for links. There was a minor bug fix regarding unapproved email filtering, otherwise just improving the way the extension works based on the team's feedback.
by MarkDHamill
Sun Oct 13, 2019 8:55 pm
Forum: Extensions in Development
Topic: [RC] Filter by country - version 1.0.7
Replies: 199
Views: 10558

Re: [RC] Filter by country - version 1.0.7

You are a newbie. I started in 2002.
by MarkDHamill
Sun Oct 13, 2019 7:26 pm
Forum: Extensions in Development
Topic: [RC] Filter by country - version 1.0.7
Replies: 199
Views: 10558

Re: [RC] Filter by country - version 1.0.7

I thank you and others for your thoughts on these matters. Looks like I need to work on another version of the extension incorporating these suggestions. I'm always amazed by how learned my peers around here are, generally more so than me.
by MarkDHamill
Sun Oct 13, 2019 12:34 pm
Forum: Extensions in Development
Topic: [RC] Filter by country - version 1.0.7
Replies: 199
Views: 10558

Re: [RC] Filter by country - version 1.0.7

This is all quite interesting. I hadn't thought that HTTP headers might provide multiple IP addresses. So is the suggestion that I test for IPs attached to any HTTP_CF_CONNECTING_IP and X_FORWARDED_FOR HTTP headers and if present check these IPs too? And if present, then determine the country of ori...
by MarkDHamill
Sun Oct 13, 2019 12:51 am
Forum: Extension Writers Discussion
Topic: Avoiding htmlspecialchars()
Replies: 14
Views: 376

Re: Avoiding htmlspecialchars()

I wasn't arguing, I just didn't have a chance to test it out. htmlentities() does not trigger an EPV error and doesn't appear on initial testing to cause any issues with feed validation. Presumably htmlspecialchars() was flagged by EPV for a reason. Maybe htmlentities() should have been too. Not sur...
by MarkDHamill
Sat Oct 12, 2019 9:24 pm
Forum: Extension Writers Discussion
Topic: Avoiding htmlspecialchars()
Replies: 14
Views: 376

Re: Avoiding htmlspecialchars()

I have downloaded EPV and checked it locally. I haven't tried it with this change. It would seem strange if it were allowed and htmlspecialchars were not, since I don't see much difference between them.
by MarkDHamill
Sat Oct 12, 2019 8:57 pm
Forum: Extension Writers Discussion
Topic: Avoiding htmlspecialchars()
Replies: 14
Views: 376

Re: Avoiding htmlspecialchars()

I assume this does not trigger EPV errors.
by MarkDHamill
Sat Oct 12, 2019 3:06 pm
Forum: Extension Writers Discussion
Topic: Avoiding htmlspecialchars()
Replies: 14
Views: 376

Re: Avoiding htmlspecialchars()

Mostly it's URLs where the & must be change to & for key/value pairs. When the feed is validated, it won't pass validation unless these are changed. Much of the content is placed inside of CDATA sections which gives an escape from the rules. The feed title also needs entities replaced.
by MarkDHamill
Sat Oct 12, 2019 2:37 pm
Forum: Extensions in Development
Topic: [RC] Filter by country - version 1.0.7
Replies: 199
Views: 10558

Re: [RC] Filter by country - version 1.0.7

Thanks for the clarification. This will show up on the next version.
by MarkDHamill
Sat Oct 12, 2019 12:49 pm
Forum: Extensions in Development
Topic: [RC] Filter by country - version 1.0.7
Replies: 199
Views: 10558

Re: [RC] Filter by country - version 1.0.7

I don't quite see the advantage to using stripos() vs. stristr() . All I want to know is if the string is present; I don't care about its location. If present, it tells me the user is on the login page link. The return statement means access is allowed. It's allowed because even though access would ...
by MarkDHamill
Sat Oct 12, 2019 1:47 am
Forum: Extensions in Development
Topic: [RC] Filter by country - version 1.0.7
Replies: 199
Views: 10558

Re: [RC] Filter by country - version 1.0.7

I think you caught a bug. That line of code should be: if (!$allow_ip && $this->config['phpbbservices_filterbycountry_allow_out_of_country_logins']) A "URLs to protect" feature is an interesting idea. Like a lot of extensions I write, I like to see how it evolves based on user input. The VPN mode is...
by MarkDHamill
Fri Oct 11, 2019 10:55 pm
Forum: Extension Writers Discussion
Topic: Avoiding htmlspecialchars()
Replies: 14
Views: 376

Re: Avoiding htmlspecialchars()

AbaddonOrmuz wrote:
Fri Oct 11, 2019 10:04 pm
You could use the wrapper utf8_htmlspecialchars() to fix that warning.

https://github.com/phpbb/phpbb/blob/3.2 ... 1344-L1350
Thanks. This looks like a reasonable solution. It still gives one error in the function, but that's an improvement on many.

Go to advanced search