WIKI and FORUM BUG REPORTING

[CentralWare]

@PatrikG:

The way Let's Encrypt works is their SSL Certificates are good for 3 months, thus reducing abuse and hacking risks, BUT it also means that transition periods (time between one key expiring and a replacement going online and then that replacement's Start time/date to get here) has quadrupled.  This SSL renewal process is a lot more streamlined than in was only ten years ago (before services like Let's Encrypt even existed openly) and yes, there's a server-side software that's running all of those thousands of Let's Encrypt renewals DreamHost tends to, but there are also pre-written scripts and apps available allowing admins and end-users to do the same for themselves "on the spot" if the hosting company doesn't support Let's Encrypt directly.

HTTP to HTTPs redirection, or forced HTTPs, IS TURNED OFF intentionally at the moment during the backup, relocation and upgrade periods.

ETA: Probably tomorrow night or earlier, depending on a few tests.

Years of suffering...  Honestly, I don't even know why it took this long for someone to do any of this.  I just spoke with one of the Tiny Core Admins earlier today who claims to be a SMF expert (and why we won't be making any changes/enhancements to the forum.)  What I don't get is if people are so experienced, why they didn't fix these problems years ago?  However, I am very happy that you're happy and by tomorrow evening, hopefully everyone is happy!   That's a lot of Happy!!! 

[CentralWare]

Forum: Upgraded from a customized v2.0.15; last update Sep 2017
             Now running v2.0.19, last update Nov 2021; PHP v8.1 compliance issues tended to.
             Current release v2.1.2 is incompatible as-is, Admin requested "no mods"; project marked complete.

Wiki: 2011 "Racewind" version crashed with PHP v7.x; wiki upgraded and modified for 2020 "Hogfather."
           v2020 "Hogfather" release is not PHP8.x compliant, downgraded to PHP v7.4
           2022 "Igor" release is not compliant to the template and vice-versa; leaving it alone.
           The Forum authentication is being re-created with an Hash/BCrypt backup

Once these are finished and the bug board is checked off as being completed, the bug board will be deleted
(cleaned up after; keeping it doesn't make sense as it's a one-time thing ) and we should be upgraded
and operational for a number of years to come!

[patrikg]

It's not bug related.
The header of the forum, Welcome, FAQ and Downloads links don't use https.
But the wiki does. Maybe this because the tinycorelinux.net don't support https.
 

Code: [Select]

<tbody><tr class="tcm_row">
  <td class="tcm_col">
<a class="tca" href="http://tinycorelinux.net/"><img class="tcicon" height="16" src="/Themes/tinycore/images/core_circle32.png" alt="Welcome">Welcome</a>
  </td>
<td class="tcm_sep">|</td>
  <td class="tcm_col">
<a class="tca" href="http://tinycorelinux.net/faq.html"><img class="tcicon" height="16" src="/Themes/tinycore/images/faq32.png" alt="FAQ">FAQ</a>
  </td>
<td class="tcm_sep">|</td>
  <td class="tcm_col">
<a class="tca" href="http://tinycorelinux.net/downloads.html"><img class="tcicon" height="16" src="/Themes/tinycore/images/downloads32.png" alt="Downloads">Downloads</a>
  </td>
<td class="tcm_sep">|</td>
  <td class="tcm_col">
<a class="tca" href="https://wiki.tinycorelinux.net"><img class="tcicon" height="16" src="/Themes/tinycore/images/wiki32.png" alt="Wiki">Wiki</a>
  </td>
</tr>
</tbody>

[Rich]

Hi patrikg
Already addressed here:

Hi CentralWare
They're not being flagged, and it may not be an issue, but the following
still have  http  prefixes:
The  Welcome | FAQ | Downloads | Wiki  links at the top of the page.
The links directly under  News:  in the top right corner of the page.
The   SMF © 2017  Simple Machines  XHTML  links at the bottom center of the page.

@Rich: Any links for www, repo, etc. I have to leave alone (http) as there's no SSL on that server and it's not within my reach to make changes there.  I only have access to wiki and forum.  If that changes, it's a quick fix.  If not, it shouldn't have any repercussions on wiki/forum.  (The wiki link has been updated.)

[Rich]

Hi CentralWare

... Now running v2.0.19, last update Nov 2021; PHP v8.1 compliance issues tended to. ...

The bottom of the page still says:

Code: [Select]

SMF 2.0.15 | SMF © 2017, Simple Machines

[bmarkus]

I have an old SMF forum running 2.1.2 migrated from 2.0.x Works fine, has some nice new features, e.g. much more mobile friendly. It would be good to make a trial update on a backup copy.

[CentralWare]

@Béla: I ran exactly that; upgrade.php complained about multiple missing files, an outdated language file (which it allowed to be skipped) then quit.  I have not tried to upgrade one release at a time (2.1.0, 2.1.1, then 2.1.2) as the initial goal was to make forum PHP8 compliant and functional, repeat for Wiki, get them to authenticate (the old authentication file for wiki, auth_smf, is not the same vintage of a class so functions don't match up) SO, what I plan to do is have Admins log into Forum, then use the wiki link at the top if wiki editing is needed; the session/cookie information from Forum will be passed over to wiki and checked...  should be a simple process without editing a single forum file.

Note: 2.1.x upgrade MAY be complaining about template related files in the mix.  I haven't launched it from the shell to see if the logs are more informative.

@PatrikG: When upgrades are complete, both wiki and forum will be Forced HTTPS; regardless of what WWW supports, links from WWW will be redirected when they land on the new sites. On our end, we just have to make sure links back to WWW are in http and not https as it'll time-out if directed to SSL.

@Rich: Regarding 2.0.19 see https://forum.tinycorelinux.top/ (disregard the session content at the bottom; this is the sand-box that will eventually go live. The TOP domain is being used for development and testing before we launch it on NET.)

[CNK]

@PatrikG: When upgrades are complete, both wiki and forum will be Forced HTTPS; regardless of what WWW supports, links from WWW will be redirected when they land on the new sites. On our end, we just have to make sure links back to WWW are in http and not https as it'll time-out if directed to SSL.

Damn! I've been using browsers that don't have up-to-date support for HTTPS to access the forum, and although I have alternatives it will make things more of a pain. Page loads are also noticably quicker with HTTP vs HTTPS via my often-slow internet, which is especially important here because this forum's layout requires a lot of link-clicks!

If people want to use HTTPS there have been browser extensions around for years that will automatically load via HTTPS if a server supports it (I think this functionality is even built into some browsers now) - there's no reason to force people over to HTTPS when anyone who actually cares can make the switch themselves.

Extended versions of this rant are available upon request. Yes they've been falling on deaf ears for many years at this point. Anyway, you'll probably see less of me, for one, if you go HTTPS-only.

Also, Tiny Core does have at least one browser without HTTPS support in the repo for the current release, in the elink-nodep.tcz extension for x86.

[CentralWare]

@CNK: I don't disagree; but I'm far from the only vote.  Once patches and upgrades are complete to where we don't have an immediate fear of repeating the past wiki/forum anomalies, let me ponder your request.

[gadget42]

as of 20221003-0728am-cdt-usa

still getting quite a few of these 403 errors when using various functions of the forum(especially the advanced search function)

Error 403

We're sorry, but we could not fulfill your request for /index.php?action=search2 on this server.

You do not have permission to access this server. Before trying again, close your browser, run anti-virus and anti-spyware software and remove any viruses and spyware from your computer.

Your technical support key is: xxxx-xxxx-xxxx-xxxx

You can use this key to fix this problem yourself.

If you are unable to fix the problem yourself, please contact the WEBMA5TER and be sure to provide the technical support key shown above.

sometimes just refreshing the page fixes the issue but other times it happens repeatedly and we just give up and try it again at a later time...

just an fyi...

[CentralWare]

@gadget: The live forum is running the old 2.0.15 version of the forum.  The sandbox is running 2.0.19.  Just for grins I'm going to launch 19 live tonight when time permits and have 15 ready to take back over should we find any major issues.  Permission issues shouldn't be a problem (causing 403s) so I can only think 15 has issues writing temp files ("somewhere" -- I haven't researched it yet) so maybe it's trying to create a file/directory somewhere it's not always capable or trying to delete something it created, but the parent directory's permission says otherwise.  We shall see; thanks for the head's up!

[CentralWare]

I have an old SMF forum running 2.1.2 migrated from 2.0.x Works fine, has some nice new features, e.g. much more mobile friendly. It would be good to make a trial update on a backup copy.

@Béla: Is this 2.1.2 copy your running, by chance, using the VECTOR template?  ("...mobile friendly" only applies if the template is also made to be so; if you have a working VECTOR and it's mobile compatible, I'd appreciate a copy!)  The Tiny Core "light blue" template is based on this "Vector."

[CentralWare]

@EVERYONE

If anyone is familiar with the Way-Back Machine please run a comparison between the Way-Back and the live Wiki as there are discrepancies where pages have been lost.
There's a good chance the backup I grabbed from the old server was not the most recent.  (It was in a folder called wiki.tinycorelinux.net BUT there's no guarantee the old host wasn't pointing to something like new_wiki.tinycorelinux.net or the likes.)

SOURCE: http://web.archive.org/web/20220930134920/http://wiki.tinycorelinux.net/
COMPARE: http://wiki.tinycorelinux.net

If you find a page that doesn't exist on OUR wiki, please copy/paste the way-back's link here; it'll take a little special formatting, but it's not horribly difficult to replace missing pages on the wiki.  (If the link works but the content is different, please post here as well!  We'll figure out which version is newest and update as needed!)

Thanks!

T.J.

[rhermsen]

With a compare in a text editor I see also some double-quote differences (not visible in the browser, maybe changed to prevent annoying issues if trying to copy-past?).

Source: http://web.archive.org/web/20200208152109/http://wiki.tinycorelinux.net/wiki:creating_extensions
Compare: https://wiki.tinycorelinux.net/doku.php?id=wiki:creating_extensions

CNK already mentioned the missing bcrypt remark on this page, but here once more the missing lines (without formatting):

Code: [Select]

Our email provider sometimes blocks emails with .tar or .tar.gz attachments, so please encrypt your contribution using bcrypt (use 'tinycore' as the encryption key):

bcrypt extension.tar.gz
Encryption key: tinycore

[patrikg]

I think a better solution of doing this is to use wget -r to follow links and download all from web archive.  Then doing some diff, or another way of compare.

And then cut that part from the html files that belongs to web archive.
Cut the url's that has been appended with web archive url.
Make use of your regex magic.