• Welcome to Final Fantasy Hacktics. Please login or sign up.
 

Welcome to Our New Server!

Started by Xifanie, February 18, 2020, 04:57:52 am

Xifanie

February 18, 2020, 04:57:52 am Last Edit: February 25, 2020, 06:59:20 am by Xifanie
Please post about any bugs you find!

Huge huge security updates (like bcrypt password hashing for the forum's passwords) and hopefully this server with the newest version of will behave better for emails that have been down for what, 2 years now?

Updates:
  • HTTPS
  • Upgraded to PHP 7.4.2
  • Upgraded the forum to SMF 2.1 RC2
  • Upgraded the wiki to MediaWiki 1.34.0
  • Fixed the mail system (WARNING: you won't receive emails for Private Messages until you enable the setting -here-)
  • Removed the ban from Microsoft email accounts, but any emails will likely end up in your junk folder, please mark the emails as "This is not junk" (it looks like it was an IP ban, and being on a new server, new IP!)

Pending:
  • Fixing the forum style

Known Bugs:
  • "Custom Sprites" and "Patches" sections on the main website don't work (cause: deprecated PHP functions)
  • Missing checkmark icon for solved topics
  • Missing logo on the wiki
  • Mail settings for the wiki
  • Broken spoiler tag
  • FTP subdomains are down

Deprecated/Gone Forever:
  • .bmp custom avatars do not display (but are still otherwise available on the server)
  • "Topic Solved" addon



Huge thanks to Kivutar for providing us a server for almost a decade! 🤟
  • Modding version: PSX
Love what you're seeing? https://supportus.ffhacktics.com/ 💜 it's really appreciated

Anything is possible as long as it is within the hardware's limits. (ie. disc space, RAM, Video RAM, processor, etc.)
<R999> My target market is not FFT mod players
<Raijinili> remember that? it was awful

Xifanie

February 18, 2020, 07:36:51 am #1 Last Edit: February 19, 2020, 04:16:03 pm by Xifanie Reason: Hello World!
I still have access to the old server if necessary, but for now I'm really drained and will likely tackle issues one by one fairly slowly over the course of the week, if not longer. I'm just glad the move was made before Kivutar's server gets shut down.

And we could definitely use whatever help we can get to re-create the old FFT-style theme.
  • Modding version: PSX
Love what you're seeing? https://supportus.ffhacktics.com/ 💜 it's really appreciated

Anything is possible as long as it is within the hardware's limits. (ie. disc space, RAM, Video RAM, processor, etc.)
<R999> My target market is not FFT mod players
<Raijinili> remember that? it was awful

RetroTypes

February 23, 2020, 03:25:31 am #2 Last Edit: February 23, 2020, 05:09:36 am by RetroTypes
Hey Xif, not sure if you're already aware or not but a lot of spoiler tags aren't working anymore. Some just show the code outright, and others show the spoiler box but it's no longer clickable to reveal the contents (they definitely worked before). For example, some spoiler tags
no longer hide the spoiler
, and others show a box
So close!
but it's not expandable (that box is hiding "So close!" in it, without the quotes).

Is this something that can be changed in the forum settings or will old posts have to be edited?
  • Modding version: PSX
  • Discord username: RetroTypes

Xifanie

@RetroTypes Thank you, I'll look into it. And I'm only aware of stuff I posted in here. Spoilers didn't open with quotes in the previous version of the forum either though, I never managed to make that work.
  • Modding version: PSX
Love what you're seeing? https://supportus.ffhacktics.com/ 💜 it's really appreciated

Anything is possible as long as it is within the hardware's limits. (ie. disc space, RAM, Video RAM, processor, etc.)
<R999> My target market is not FFT mod players
<Raijinili> remember that? it was awful

RetroTypes

Well the quotes thing I was pointing out mainly because, before the new update, you could use quotation marks in your posts' spoiler tag to make the box say anything other than "spoiler". It never displayed the quote marks in the final post, but it still worked. Now they don't, and as a result any threads that already had them in place now have the quote marks displayed and the spoiler no longer clickable.
  • Modding version: PSX
  • Discord username: RetroTypes

Xifanie

@RetroTypes I just tested on the old server and... you're right. I'll do my best to restore the full functionality of the spoiler tag but I'm not making any promises.
  • Modding version: PSX
Love what you're seeing? https://supportus.ffhacktics.com/ 💜 it's really appreciated

Anything is possible as long as it is within the hardware's limits. (ie. disc space, RAM, Video RAM, processor, etc.)
<R999> My target market is not FFT mod players
<Raijinili> remember that? it was awful

RetroTypes

At the end of the day I'll get by either way lol, I was just reading some old threads that now have broken spoilers and figured I'd mention it (I've been reading a LOT of threads lately lmao). I appreciate you looking into it though!
  • Modding version: PSX
  • Discord username: RetroTypes

Xifanie

@RetroTypes Well you may enjoy reading once again 👍

Hello World!
World!
World!

Well, at the end of the day, that's what I could get working. I'd rather not go edit the forum's source code like when I did on the old server, because it's stuff like that that got me into this mess in the first place (i.e. being unable to update the forum software for 5 years because of my modifications lol).
  • Modding version: PSX
Love what you're seeing? https://supportus.ffhacktics.com/ 💜 it's really appreciated

Anything is possible as long as it is within the hardware's limits. (ie. disc space, RAM, Video RAM, processor, etc.)
<R999> My target market is not FFT mod players
<Raijinili> remember that? it was awful

RetroTypes

Awesome! Thanks Xif. As an aside (I promise I'm not complaining, just figured I might as well report it while we're talking about it), lists within spoilers break the spoiler. Spoilers within spoilers do work as intended though, but not offset like they used to be.

darkness
friend
list is supposed to be in this spoiler
  • A
  • B
  • Modding version: PSX
  • Discord username: RetroTypes

Xifanie

Oh that is WEIRD. Also annoying. Also no idea how to fix that other than writing my own PHP BBCode function like I mentioned in my last post... and even then it probably wouldn't work because it seems to be an inherent flaw of the new software. :/
  • Modding version: PSX
Love what you're seeing? https://supportus.ffhacktics.com/ 💜 it's really appreciated

Anything is possible as long as it is within the hardware's limits. (ie. disc space, RAM, Video RAM, processor, etc.)
<R999> My target market is not FFT mod players
<Raijinili> remember that? it was awful

RetroTypes

Yeah something about the [ /li] also ends the spoiler tag (checked with an empty [ list] [ /list] and that works fine). Everything else that isn't a format justification works fine, but [/justify][/right][/center][/left] all break it as well. Was gonna test highlights too but apparently we don't have that anymore?

test test test test test test test
  • Modding version: PSX
  • Discord username: RetroTypes

DarthFutuza

Hooray https!  Thanks Xix.

Quote from: Xifanie on February 18, 2020, 07:36:51 amAnd we could definitely use whatever help we can get to re-create the old FFT-style theme.
It looks like SMF mostly just is a css theme and some php we'd need to recreate?  I might be able to help with that, but I should probably see how much time it takes to install SMF on a test site and create a new theme first before I volunteer myself.  Right now, I'm looking at wayback machine as a reference to get stuff like this which works, but maybe you already have something set up?

I've noticed some important threads, such as this don't have quite working spoilers like they used to, probably related to what RetroTypes just mentioned.
  • Modding version: PSX

Xifanie

@DarthFutuza I actually started working on something, though right now it's just a css sheet that is tied to my account lol. It also has many bugs right now, especially in the administration panel...

I'm not sure what would be the best way to handle this really. I'm thinking your own theme with your own CSS file via SFTP would do the trick.

Actually, I need rest right now, but I'll create it as a user-selectable theme instead of my hack based on the user ID lol.
  • Modding version: PSX
Love what you're seeing? https://supportus.ffhacktics.com/ 💜 it's really appreciated

Anything is possible as long as it is within the hardware's limits. (ie. disc space, RAM, Video RAM, processor, etc.)
<R999> My target market is not FFT mod players
<Raijinili> remember that? it was awful

DarthFutuza

Just as a suggestion I'd just do it as a user selectable themes, that way we can have a dark theme or whatever later on too if we wanted.  (Where the FFT style theme is the default one for all users when its finished, but they can manually select a different one).  Maybe include the FFT forum theme when it looks somewhat passable as a "beta" theme user's can select while you work on it?  Also, you might want to still use the hack based on userid so the forum can remember what the user's last selected theme was, rather than getting rid of it entirely.
  • Modding version: PSX

Xifanie

@DarthFutuza 
Unfortunately right now we're running on RC2, so it does come with its fair share of bugs... However, the alternatives sucked. In the first place I needed PHP 7.4+ just to run the newest MediaWiki, and only SMF 2.1 officially supports PHP7. SMF 2.1 is also the only one with updated password hashing, instead of, y'know, shitty MD5 hashes... ¬_¬ (those password hashes seem to update on successful login btw, which I think is pretty clever)

As the theme files will drastically change every update, I want the theme to be as easy to upgrade as possible, so it looks like this involves editing /smf/Themes/FFT/css/index.css, and to make it easier to upgrade to newer versions I figured I'd just put the extra stuff in /smf/FFT/. Ideally no PHP changes at all as possible, because those break the update engine very easily.

Because this is also RC, there is no functional Dark theme. I tried one (i.e. the only one), but it was old enough that it was severely breaking stuff, like no Preview button for posting.

You can change the theme here: https://ffhacktics.com/smf/index.php?action=theme;sa=pick
  • Modding version: PSX
Love what you're seeing? https://supportus.ffhacktics.com/ 💜 it's really appreciated

Anything is possible as long as it is within the hardware's limits. (ie. disc space, RAM, Video RAM, processor, etc.)
<R999> My target market is not FFT mod players
<Raijinili> remember that? it was awful

DarthFutuza

March 03, 2020, 11:09:32 am #15 Last Edit: March 03, 2020, 12:59:28 pm by DarthFutuza
Quote from: Xifanie on March 02, 2020, 04:02:18 pmYou can change the theme here: https://ffhacktics.com/smf/index.php?action=theme;sa=pick
Ah there it is, thanks.

FFT theme seems to be mostly working, so good job so far.  There's a couple of issues I'm noticing if this is the place to point them out.  Quotes in some cases seem to be overflowing beyond the containing div, eg: here, its probably related to having code blocks in the same post looking at the CSS.  Go up/go down buttons don't have their text vertically centered like the rest of the buttons do, eg: this.  The 'forum profile' section is still white colored.  I'm sure there's other things, but that's just what stood out on first glance.  Oh I also think its weird to have the blue color for link underlines.  I'd probably just use red if you have to have underlines.

EDIT: View Recent Posts is also unstyled.
  • Modding version: PSX

Xifanie

@DarthFutuza
I just fixed the first one (not super happy about the solution, but it works), that one I didn't know about, unlike the others... lots of bugs are to be expected, and it is probably going to take me many more weeks to a few months to fix everything on my own unless my health drastically improves within that time frame.

At the same time, this isn't the biggest priority for me right now as I need to focus on things that make me relaxed/happy. Debugging CSS for hours, just like most things I do for FFH that doesn't involve directly interacting with people, is very stressful to me.

EDIT: I was also delirious when I typed that, so I don't know if I said anything off/weird
  • Modding version: PSX
Love what you're seeing? https://supportus.ffhacktics.com/ 💜 it's really appreciated

Anything is possible as long as it is within the hardware's limits. (ie. disc space, RAM, Video RAM, processor, etc.)
<R999> My target market is not FFT mod players
<Raijinili> remember that? it was awful

DarthFutuza

Quote from: Xifanie on March 03, 2020, 01:21:39 pm@DarthFutuza
I just fixed the first one (not super happy about the solution, but it works), that one I didn't know about, unlike the others... lots of bugs are to be expected, and it is probably going to take me many more weeks to a few months to fix everything on my own unless my health drastically improves within that time frame.

At the same time, this isn't the biggest priority for me right now as I need to focus on things that make me relaxed/happy. Debugging CSS for hours, just like most things I do for FFH that doesn't involve directly interacting with people, is very stressful to me.

EDIT: I was also delirious when I typed that, so I don't know if I said anything off/weird
Oh yeah no worries, I wasn't expecting a fix this soon haha!  I'm just going to leave bugs I find in this thread to try to be helpful in helping you find issues, don't feel like you gotta do em asap, just whenever you get to it. :)
  • Modding version: PSX

Cerabow

Thanks @Xifanie for all your hard work keeping the lights on!

 :welcome:
  • Modding version: PSX
--
Robert'); DROP TABLE Students;--
  • Discord username: Cerabow

evisceratus

March 15, 2020, 08:34:09 pm #19 Last Edit: March 15, 2020, 09:03:48 pm by evisceratus Reason: Additional content
First post. Not sure if you're taking security bugs here, but hopefully these are easy fixes on your end. If not, please feel free to delete. Please see attached.

There are two cookies without recommended flags. First of which is PHPSESSID which lacks HttpOnly, Secure, and SameSite. The second, SMFCookie451 lacks Secure and SameSite.

Briefly, HttpOnly prevents arbitrary JavaScript from reading the contents of a given cookie. Secure instructs the browser that only HTTPS connections can read a given cookie. And finally, SameSite (set as Strict) enforces that cookies can only be read in a first-party context.

All of these flags should be set, if possible, for session (and session-like) cookies.

EDIT: The homepage is also loading mixed HTTP/HTTPS content which potentially could degrade the security benefits of going HTTPS. Specifically -

Affiliates

<a href="http://www.ff6hacking.com/"><img class="af" src="http://www.ff6hacking.com/FF6Hacking.gif"; alt="FFVI Hacking" title="FFVI Hacking" /></a>

<a href="http://www.humanbalance.net/gale/us/"><img class="af" src="http://www.humanbalance.net/gale/pics/Galeban88x31.gif"; alt="Graphics Gale" title="Final Fantasy Hacktics recommends GraphicsGale for spriting." /></a>


<a href="http://validator.w3.org/check?uri=referer"><img src="http://www.w3.org/Icons/valid-xhtml10"; class="af" alt="Valid XHTML 1.0 Transitional" /></a>

<a href="http://jigsaw.w3.org/css-validator/check/referer"><img class="af" src="http://jigsaw.w3.org/css-validator/images/vcss"; alt="CSS Valide !" /></a>
  • Modding version: PSX