RIP to BT Garner of MindRec.com... BT passed away early 2023 from health problems. He was one of the top PCE homebrew developers and founder of the OG Turbo List, then PCECP.com. Condolences to family and friends.
IMG
IMG
Main Menu

PC Engine-FX Change/Update Log

Started by NightWolve, 04/16/2017, 02:48 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

NightWolve

** 8/19/2018 **

* A JavaScript+DHTML version of the classic PCECD Online Catolog was developed and an additional Reviews section was opened. Details below.

https://www.pcengine-fx.com/catalog/
https://www.pcengine-fx.com/reviews/
https://www.pcengine-fx.com/reviews/duomazov/

** 6/4/2018 **

* Integrated Chatbox module reinstalled... It's risky to run the chat "experiment" again but I'm gonna try. Follow ALL PCEFX forum rules (expect Chat rules thread as well), no-to-low tolerance for trolling/bullying/harassment/spamming/etc.!

* Upgraded Tapatalk SMF 2.0 Plugin to version 4.5.2, stable release of 05/29/2018. The old version generated lots of PHP errors that annoyingly filled up on the logging sys on occasion, hope this one is better.
- Tapatalk is down until I can talk to Aaron, it requires him logging into their site to reestablish a link.
( Source: https://www.tapatalk.com/download_SimpleMachines.php )


** 5/5/2018 **

* http:// v. https:// now works either way, so you may update your PCEFX bookmarks for secure/encrypted logins to https://www.pcengine-fx.com. Tech Details.

* Found a setting for a feature that was always available on the Neo-Geo.com forums, but by default was turned off with this forum. You'll now see members who are viewing the same thread as you when clicking in it instead of looking at the "Who's Online" feature as the only source to see what others are browsing. I think that's useful.

* I deleted a StyleBot Chrome extension I was using to modify the forum theme to full-width. The forum went back to being fixed-width which I hated, so I updated the CSS to convert the design to full width of the browser. If you were using this StyleBot ext and the CSS override by a certain DoxPhile, it is now obsolete. You can delete or remove the hack, save CPU/parsing execution on a page load for the PCEFX domain.


** 2/18/2018 **

Forum patched to SMF 2.0.15 with NO problems this time, thanks goodness! - Details below.

Lemme know if something broke. I took a risk doing it in a "feeling lucky" click of a button since last time caused a corruption of the database user account password, preventing access and effectively shutting down the forum...


** 9/14/2017 **

Barely succeeded in patching the forum to SMF 2.0.14... This was the 1st bad patch I've ever seen from SMF, it caused major problems to recover from, the forum went down for at least 2-3 hours or more while Aaron and I scrambled to solve it...  #-o #-o #-o Details below.


** 4/16/2017 **

Forum patched to SMF 2.0.13. It addresses a few vulnerabilities in SMF 2.0.12 and fixes several bugs. If this causes new bugs, issues, strange behavior, lemme know - Details below.


** 9/26/2016 **

Forum patched to SMF 2.0.12 - Details below.


** 9/2/2016 **

Forum Registration/Profile New Field Additions. Should help registration pruning and encourage people to share interesting personal details - Details here.


** 8/29/2016 **

The auto-embed feature for Youtube/Facebook videos was upgraded to HTML5 standards to deprecate Adobe Flash (so long Flash, we hardly knew ye!) - Details here.

NightWolve

#1
OK, thread joining, I can put SMF Change Log history here and not cloud the OP.

This forum runs on http://www.simplemachines.org which has a pretty good update/patch system. I'll try to keep their changes log when a patch is applied for bugs/changes/vulnerability fixes here. If something does break soon after a patch is applied, let us know, it can be easily unpatched.

QuoteSMF 2.0.15                                                    November 19, 2017
===============================================================================

September 2017
 ! Fixed a minor $smcFunc bug in Search-Fulltext.php
 ! Fixed a saving Settings.php bools being reset bug
 ! Fixed a security issue (Reported by Daniel Le Gall from SCRT SA)

June 2017
-------------------------------------------------------------------------------
 ! Cache the admin search results in the session and avoid IE's 2083 character limit
 ! Fixed a Mark Board Read bug

May 2017
-------------------------------------------------------------------------------
 ! Fixed Proxy URLs not handling redirects properly due to case sensitivity
 ! Fixed SendTopic using incorrect Post data
 ! Fixed SSI.php having a bad login panel
 ! Fixed Maintenance Page having a double login button
 ! Fixed a minor unsigned int typo in MySQL DB
 ! Fixed Deprecated installer message for ftp_connection.
 ! Fixed a loop bug in custom search
 ! Fixed SM Stat collection
 ! Added SM Stat collection registration to the Admin Control Panel
QuoteSMF 2.0.14                                           May 14, 2017
===============================================================================
 ! Updating session handlers
 ! Adding HTTPS
 ! fetch_web_data now uses cURL, falling back to sockets
 ! Ported image proxy support from SMF 2.1
 ! Also added HTTPS for avatars
 ! Added a simple exception handler
 ! Check session while logging in
 ! Sanitize some fields to help guard against XSS
 ! Validate email addresses with PHP's filter method
 ! Fix search highlighting to not mangle/expose some HTML
 ! Fix password acceptance when special characters were used in UTF-8;
 ! Correct some random logic errors in the profile area
 ! Use ampersands instead of semi-colons for PayPal's return link
 ! Fix sending multiple MIME-Version headers in notification mail
 ! Fix sending multipel Content-Type headers in all requests
QuoteSMF 2.0.13                                           January 4, 2017
===============================================================================
 ! Some file versions didn't get modified in the 2.0.12 patch
 ! Added check and sanitization for $_REQUEST['u'] in LogInOut.php and Reminder.php
 ! Added check and sanitization for $_REQUEST['uid'] in Reminder.php
 ! Properly sanitize author's website for packages
 ! Added session check when uploading packages
 ! Added session check when copying template files from one theme to another
 ! The code to remove empty BBCode was sometimes breaking things (reported by @rjen; fix provided by Sesquipedalian)
 ! Remove hardcoded limits for safe_unserialize as it was causing cache problems
 ! Update the cal_max_year setting to 2030
QuoteSMF 2.0.12                                              July 7, 2016
===============================================================================
 ! Fixed word censor injection by disallowing an empty 'proper word'
 ! Fixed vulnerable unserialize() code by converting all instances to safe_unserialize()
 ! Added a more thorough safe_unserialize() function to prevent object injection
 ! Fixed a bug where leaving a custom profile field blank on registration that has an email mask would throw an error
 ! Fixed PayPal integration to comply with the new forced SSL
 ! Fixed a bug where notifications were sent for messages in inaccessible boards
 ! Fixed editor to make the editor work with Microsoft Edge
 ! Fixed issue where smiley popup is blank on iOS 9 devices
 ! Fixed WYSIWYG editor in mobile devices
 ! Fixed an undefined $_POST['icon'] in Sources/Post.php
 ! Fixed a minor bug in Login2()
 ! Fixed an issue where SMF doesn't recognize new domain names and considers these as invalid
 ! Fixed an issue where SMF would allow empty BBC
 ! Fixed an issue where theme variants could not be selected
 ! Fixed an issue where the file version of Subs-Post.php could have been 2.0.8 or 2.0.11. It will be updated to 2.0.12 in either case.
 ! Updated copyright year to 2016

NightWolve

#2
Consolidated TroubleShooting:
Quote from: guest on 05/07/2018, 01:20 PMWith recent changes I'm now logged out after being inactive for a while, even though I log in "forever". I also get an error when I first try to log in and have to try again, but it usually works the second time.
Quote from: NightWolve on 05/08/2018, 11:36 AMUpdate all bookmarks to https://. With Mathias' info, I decided to force upgrading to https:, the security is better in the long run & if it's still a problem, I may have to set the any subdomain option for the login cookie.
Quote from: guest on 05/08/2018, 12:00 PMI don't use bookmarks.  I type it in every visit, and I've tried both http: and https: with the same issues.
Alright, independent subdomain session cookie mode is now turned on. Everyone should log out, if you're not forced out, log in again to properly set it.

That means https://pcengine-fx.com or https://www.pcengine-fx.com (OR in the future https://m.pcengine-fx.com) will send the SAME cookie session info whereas before it meant 2 separate files of cookie data were created and maintained. Another option is to also force cookies to secure mode only, but might need to wait on that.

PENDING: This is still an issue as seen on SMF troubleshooting forums. It's a been problem for others with https given a static template/skin/theme versus the core of SMF forum code continuously advancing. I have an idea of what to try when I get a chance.

UPDATED: I believe I resolved the issue. After SMF v 2.0.13-14, the login code added more session checks, and they forgot to add certain code to the default theme, plus your own template theme (ours being Habboland) needed some modding to keep in line... Since other websites were already 'https', the problem was evident right from the start. Anyway, I'll have to keep an eye out on this but I think login action is working better now (looks like).

(Had lots of research to do on SMF support forums to find a solution)
https://www.simplemachines.org/community/index.php?topic=555857.0
https://www.simplemachines.org/community/index.php?topic=558444.0
https://www.simplemachines.org/community/index.php?topic=558445.0
https://custom.simplemachines.org/mods/index.php?mod=4167

UPDATE: ** 6/26/2018 **

// Beyond this point you are assumed to be a guest trying to login.
if (!$user_info['is_guest'])
redirectexit();

// Are you guessing with a script?
//checkSession('post');
spamProtection('login');

I blocked/disabled this "checkSession('post')" function in the Login SMF source code hoping it reduces the login problems SMF introduced since version 2.0.14. I'm still seeing MANY failed login attempts in the SMF error log by people. I applied the other recommended bug fixes for this problem, but looks like it only improved it for some cases. I'll have to be on the lookout if this "fix" causes other issues, but it appears SMF still hasn't offered a clear solution to this...

Source: https://www.simplemachines.org/community/index.php?topic=555941.msg3940384#msg3940384

NightWolve

** 6/7/2018 **

Self-Delete -> Re-Register -> Repeat multi-account merge experiment concluded - 3 accounts merged/repaired.
Results: https://s5.postimg.cc/pq6y8ex7r/Account_Merge_Repair_Cases.png

1) Bonknuts first registered as 'Bonknuts' years ago, deleted it, then registered again as Bonknuts. His post count is now 2905, the total of both, and all are searchable under the Show Posts link.

2) Bernie Bro, the Dogi of the PCE Community, has 2 self-deletions, he's on a 3rd account and pending...

* He had 19 posts with the new account, after merging with 'bernielindell', it increased to 210.
* The other deleted account was also titled 'Bernie', after merging, his count increased to 4266.
* The Show Posts link

3) Finally, we have galam/gynt/agent_orange/bob (sup?)... What about bob? Well, he first registered as galam and deleted it. Registered again as 'gynt', but changed the display name anywhere from 'agent_orange' to what it's known by now, just 'bob'... So before the merge, he had 989 posts, now he has 4877.

Bugs:

* Their new post count is slightly low, I'd have to run a PHP script with a SQL COUNT(*) query to make the count match the final page of the Show Posts link. I didn't know SMF had this feature, thought I'd have to write a whole script for merging, so at least it did that right.

* Display name in old quotes by others aren't updated by this feature.

Example: https://www.pcengine-fx.com/forums/index.php?topic=5211.msg89710#msg89710

The quote is shown as by 'Bonknuts' but if you scroll up, his normal looking post with account association appears as 'Bonknuts'. This is remedied by a simple find/replace PHP/SQL script which I have, it's easy enough if the search string is unique enough, and 'Bonknuts' is or making it more unique (e.g. Find "quote=Bonknuts", Replace with "quote=Bonknuts").

That concludes the experiment, can't recall other multi-accounts to merge.

NightWolve

** 6/11/2018 **

* Fixed a few hundred broken postimages.org links. Background: postimages.org lost their domain some months back, so all image links were broken! They could not repurchase the same shorthand hosting "postimg.org" domain again, so they bought a new domain: "postimg.cc". They also moved to the secure "https://" standard, so some old links need updating from "http://" to "https://" to work proper.

Example Case throughout PCEFX:

Broken Link: http://s15.postimg.org/3r098ew0n/680_Kpulse.jpg

Solution: https://s15.postimg.cc/3r098ew0n/680_Kpulse.jpg

That's all it usually takes to fix your links elsewhere on other forums, so FYI to anyone who has also been using this free image host... You don't have to reupload the images, just fix the links as seen above!

It was a PITA, but the code to safely, programmatically update all posts using this image host went something like this:
function SMFFixFindReplaceBrokenLinks() {
$mysql = "SELECT id_msg, body FROM smf_messages where instr(body, '.postimg.org/')>0 ";
$result = ExecSqlCmd($mysql);
$Count = 0;
while ( $row = mysql_fetch_assoc($result) ) {
$body = $row['body'];
$body = preg_replace('/http:\/\/(\w+)\.postimg\.org\//', 'https://${1}.postimg.cc/', $body);
$body = preg_replace('/http:\/\/(\w+)\.postimg\.cc\//', 'https://${1}.postimg.cc/', $body);
$body = str_replace('http://postimg.org/', 'https://postimg.cc/', $body);
$body = str_replace('http://postimages.org/', 'https://postimg.cc/', $body);
if ( is_numeric($row['id_msg']) ) {
ExecSqlCmd("UPDATE smf_messages SET body='" . $body . "' WHERE id_msg=" . $row['id_msg'] . " LIMIT 1");
$Count++;
}
}
mysql_free_result($result);
print "<p>Total Links Fixed: $Count";
}

function ExecSqlCmd($mySql) {
$result = mysql_query($mySql);
if ( !$result ) {
$message = 'Invalid query: ' . mysql_error() . "\nWhole query: " . $mySql;
die($message);
}
return $result;
}

I had some trial and error to get the main regular expression correct, but yeah, all done I believe.

Fixed Examples after execution:

/forums/index.php?topic=19088.msg411330#msg411330
/forums/index.php?topic=19319.msg411926#msg411926
/forums/index.php?topic=19267.msg412861#msg412861
/forums/index.php?topic=19531.msg419131#msg419131
/forums/index.php?topic=14453.msg422218#msg422218

NightWolve

** 8/19/2018 **

* The "PC Engine CD Offline Catalog" was ported to JavaScript & DHTML on PCEFX to function almost exact as the classic, 2003 Windows app by the defunct French group NEC-Ro-Pole. Developed by RAPH99 with FagEmul in the heyday of French PCE groups, the group long ago shut down but left behind very impressive software like this and CD image extractors. I knew FagEmul from my Ys I Complete fan translation project, he's credited for helping with image work. A download to the retro app itself will be made available on the page too and I just rediscovered there was a HuCard version, so I can quickly port that now as well.

https://www.pcengine-fx.com/catalog/

IMG



https://www.pcengine-fx.com/reviews/
https://www.pcengine-fx.com/reviews/duomazov/

* A PCEFX Reviews section was opened up starting with Emerald Rocker. More people are welcome to join and submit any quality reviews if they wanna be published here. I also partially preserved some reviews from The Brothers DuoMazov given its mysterious shutdown since June, this may only be temporary if RuninRuder/IvaNEC returns from MIA status.

Details: https://www.pcengine-fx.com/forums/index.php?topic=23291.0

NightWolve

** 10/21/2018 **

* Updated the PCEFX news root for the first time in 10 years to pay respects to the Yuki project as it sells off the final remaining 75 copies. :)
https://www.pcengine-fx.com/main/ :yuki:

/PCEFX-Yuki-News.png

NightWolve

** 11/24/2018 **

* It's official: Viewing/Spying on PCEFX with Free Proxy Web Servers is ~100% disabled... This reduces options for ban-evading, spying, harassing, cyberbully psychos (e.g. Psycho ClodBusted, No-Sex-Gex, Punch, and Nintega if he ever actually learned how).

** 11/18/2018 **

* Visitor logging/history added to PCEFX Chatbox. Normally only available to admins, but not anymore. Expect more tweaks in the future.

* Registration with Free Proxy Web Servers for spam harassment/vandalism was blocked. This deals with registration vandalism & other type by known psychotic saboteur trolls/cyberbullies e.g. Psycho Nulltard, Nintega, No-Sex-Gex, Punch, Joe Tucci, etc. This complicated port-scanning proxy block is limited just to registration as it's slow.

Disclaimer: Details/History below. Avoid reading if you don't care for bitter dramaqueens and their embarrassing troll/sabotage history...
QuoteHistory: PCEFX Registration vandalism began in April 2018 when Psycho John Nulltard's sock puppet "ButtSniffMcNippleGrinder" account was deleted (yes, how creative!). He also had an alt/fake "Xak" account for past shenanigans that we know of. Upon deletion, he quickly registered again to spam insults with an email like "Nicolas.Retardicus@cuck . com" and no further known spamming by him occurred since... Nulltard is thusly the 2nd known PCEFX Registration spam vandal besides helping to destroy/sabotage the forum because of his own PCE forum obsession (1st place prize goes to Psycho Nintega obviously for his years of dedication to harassment of this forum)...

After Joshua the TurboTrollX-16 (his CPU core may be 8-bit, but his true colors are in 16-bit, don't let this bully fool ya!) created a proxy harassment thread on his Facebook account to angrily incite members to take troll actions against this forum to make me ban you, collect a screenshot of the ban message and share in it his thread, Joe Tucci answered the call with CTRL+V paste mania and pathetically lied about it, claiming all he did is "type big brother..." What he actually did is create multiple posts while holding CTRL+V down dumping MASSIVE spam on the forum that was tough to delete because the DELETE button is at the bottom of the page... I was incredibly disgusted, it was stunning! The manchild was quickly blocked/banned and is NOT ever welcomed to return here again!

However, after the in-forum spam vandalism to purposefully get banned ended, it moved to the PCEFX registration system starting with what I call the Joshua Jaeger Homophobes who had Illinois IP addresses at first (like Joe Tucci) but later began using proxies as I banned their IP ranges... 

https://i.postimg.cc/xj7YzkR1/Joshua-Jaeger-Homophobes.png

So this spam/insult vandalism of the PCEFX registration system in some way has continued since April by at least Psycho ClodBusted, No-Sex-Gex, Punch, Nintega and possibly someone else... Hard to tell, certain things are unique to Punch who doesn't type anything but "Brazil," while Psycho Nintega and ClodBusted will write some kind of crazed troll rant depending on what information they can use in the present...

In this latest example, the psycho-stalker-spammer is spying on random members like JoeQuaker, attempting to compare his writing style with NightWolve, ultimately formulating a crackpot conspiracy theory that JoeQuaker is an alt sock puppet account of NightWolve's (i.e. JoeQuaker=NightWolve). Necromancer and other saboteur trolls in their own spying started a conspiracy theory that NightWolve was "doing lots of things" to "fake" forum activity (and hide bannings) to combat their open/transparent sabotage efforts to silence/kill the forum as part of some sort of scorched-earth extortion effort... This troll seems to be talking to Necromancer in the discord chat he hijacked I suspect given his rant, but I'm not sure if it's Psycho ClodBusted, Gex, or another manchild in the suspect list (Correction: It was all Ryley "Gex" Reynolds who then crank-called me endlessly when Aaron closed the forum...)... Ah well, what's the difference ? They're all batshit crazzzy! :/

https://i.postimg.cc/5twQpXhm/PCEFXPsycho-Spammer-Reg-Vandal.png

Anyway, this ends their desperate jumping from proxy after proxy after proxy, and actually bragging about it, telling me I'll never be able to stop them, etc. Who knew we had trolls here more crazy than Nintega, including Necromancer ?? Really sad... :(

NightWolve

** December/January 2019 ** (Dating not too accurate, some things done in December)

* I increased the font size of Post/Preview buttons and added a pre/post space charatacter (e.g. " POST ", " PREVIEW ") and also removed Spell Check since it didn't work and your Chrome client browser takes care of that with red underlining. This makes the buttons friendly on a 5-6" smartphone without zooming, so a little convenience.

* "Keith Kursor" was implemented as the default web cursor for a more PCE theme. :) I figured out how to make it work as a ".cur" file for FireFox even - it required 24-bit true color mode instead of leaving it 256 colors as it was from the raw sprites out of the game, or it would appear garbled.

* Chatbox was defaulted back to "Fast Mode" to reduce server load.

* The ban logs/triggers from the normal ban system were significantly cleaned out from most of Psycho Nintega's garbage... I implemented the newer "Banned" group which is less of a server load, only matters when the account logs in instead, a KEY difference!

The forum should be a little faster because now the SMF PHP code doesn't have to loop through hundreds of IP addresses to compare against *your* IP in the endless sock puppet/alt accounts that he created across 10 years (as well as other members), to decide to allow you to view the board or not (if in ban range). It's a much more efficient ban technique. But yeah, his alt accounts being added with IP range bans kept adding to more comparison operations every IP address that comes here has to be checked against (if that makes sense)... :/

Sidenote: Unfortunately, Psycho Punch & Darkkobold noticed the normal ban system cleanup, and were identified spying/stalking PCEFX again due to Guest mode and were banned yet again (Punch, as Nintega, has 50 IP Ranges, can't be stopped, drives around like a loon for WiFi hotspots perhaps)... This shows that like Creepy Psycho Nintega, you'll never be able to get rid of them... :(

* If I didn't already mention it, some Guest viewing was enabled to help regrow the forum, keep Google ad flow/revenue, while bandwidth balancing was considered - I banned some spambot IP Ranges to make that work out which seemed OK for months... Up to Aaron if it stays that way in the future.

* Aaron has his own update/announcement to mention going forward for 2019 that should make some of you Nulltard Avengers quite giddy... Not sure of the future of PCEFX, registrations will now freeze and any other upgrade plans are nixed - the unsolicited harassment by John Luedtke (KingDrool/jlued686 AKA The Mad Chatroom Stalker), JoshuaTurboTrollX-16, Tim Favro and certainly thanks to the greatest PCE Community menace/saboteur/destroyer, AtherButt Arkhan, helped lead to this outcome in their bitter, vindictive desire for revenge/sabotage...

Darkkobold and Nulltard tagteam trolling/cornering Aaron on Sarumaru's Facebook post also helped play a role I imagine, with Psycho John Nulltard/Bullity/Spamity/Insanity/Harassity/Doxxity and his DuoDildoDoxPhile gang's crazed PCEFX chatbox harassment being the root cause after all...