Sparda Posted May 12, 2008 Share Posted May 12, 2008 On the old forum, I could 'login' on three computers and the sessions would be perminant unless I loged out or deleted the cookie. The new forum only seems to be be able to remember one session. I could copy the cookie to the other compters, but thats alot of effot. Is this intentional or just the way the new forum is? Also, just for fun, I oppend a old session on another computer and it logged me out of my current session. Quote Link to comment Share on other sites More sharing options...
SomeoneE1se Posted May 12, 2008 Share Posted May 12, 2008 yeah IPB is fail I miss smf... Quote Link to comment Share on other sites More sharing options...
Rab Posted May 12, 2008 Share Posted May 12, 2008 yeah thats pissin me off too, i bookmark the link for 'new posts' but this has some random shit in the link Quote Link to comment Share on other sites More sharing options...
Rab Posted May 12, 2008 Share Posted May 12, 2008 yea seriously fix this, or i might just stop logging in, effort. Quote Link to comment Share on other sites More sharing options...
nicatronTg Posted May 13, 2008 Share Posted May 13, 2008 And fix the auto log out problem. I don't think "Remember me" works... Quote Link to comment Share on other sites More sharing options...
SomeoneE1se Posted May 13, 2008 Share Posted May 13, 2008 and now the read/unread posts is borked Quote Link to comment Share on other sites More sharing options...
moonlit Posted May 13, 2008 Share Posted May 13, 2008 ...and quoting doesn't... well, quote. Quote Link to comment Share on other sites More sharing options...
digip Posted May 13, 2008 Share Posted May 13, 2008 Can we has SMF back please? We is sad without it... Quote Link to comment Share on other sites More sharing options...
Sparda Posted May 13, 2008 Author Share Posted May 13, 2008 The forum been unable to manage sessions properly is getting rather irritating. Been able to login on my laptop at home then take that laptop else where (perhaps to some unsecured network) and use the same session is far more secure then sending my password over the unsecured network, this forum seems to refuse to let me do this. Quote Link to comment Share on other sites More sharing options...
Deveant Posted May 13, 2008 Share Posted May 13, 2008 haha so far everytime i use fast reply, it logs me out, and i have to type in my user / pass again just to make a post <_< Quote Link to comment Share on other sites More sharing options...
digip Posted May 13, 2008 Share Posted May 13, 2008 The forum been unable to manage sessions properly is getting rather irritating. Been able to login on my laptop at home then take that laptop else where (perhaps to some unsecured network) and use the same session is far more secure then sending my password over the unsecured network, this forum seems to refuse to let me do this. Having the session transmit from another location vs entering your password from said location is no more secure than the other. Ferret and Hamster would capture the session and allow someone to login as you just by clicking a link in the browser, so unless its SSL traffic or some other encrypted transmission, any transmission of data on an unsecured network is pretty much public disclosure weather we want to admit it or not. No site should allow you to login based on continuously on the same session data anyway, otherwise it becomes a flaw that anyone can spoof your login. I found a site whos forums had session data show up un a google search one time and I was able to log on to the site as another user by using just the php session data, so each time you visit, it should change and not allo wyou to use the same session data or something a lot worse than me logging in as a general user could happen. Someone gets ahold of the admin session data and it relies persistent, then anyone can log on as the Admin. Quote Link to comment Share on other sites More sharing options...
Sparda Posted May 13, 2008 Author Share Posted May 13, 2008 Having the session transmit from another location vs entering your password from said location is no more secure than the other. Ferret and Hamster would capture the session and allow someone to login as you just by clicking a link in the browser, so unless its SSL traffic or some other encrypted transmission, any transmission of data on an unsecured network is pretty much public disclosure weather we want to admit it or not. No site should allow you to login based on continuously on the same session data anyway, otherwise it becomes a flaw that anyone can spoof your login. I found a site whos forums had session data show up un a google search one time and I was able to log on to the site as another user by using just the php session data, so each time you visit, it should change and not allo wyou to use the same session data or something a lot worse than me logging in as a general user could happen. Someone gets ahold of the admin session data and it relies persistent, then anyone can log on as the Admin. I'm going to use a phrase my friends laugh every time I use it at this point. "Actually, I disagree" If they steal my session, thats bad, if they steal my password, that is much worse. If some one steals my ssion they can pretend to be me, post as me and pm people, that stops as soon as I step in and click "logout" then login again on a secure connection. With out my password they can't change my password. Hence, much more secure. Quote Link to comment Share on other sites More sharing options...
digip Posted May 14, 2008 Share Posted May 14, 2008 With out my password they can't change my password. Hence, much more secure. Yeah, I can see your point there. Quote Link to comment Share on other sites More sharing options...
Matt Lestock Posted May 14, 2008 Share Posted May 14, 2008 There are security measures besides sessions. For users, your login keys expire every 7 days if not used, your session is mached to your IP during session validation, among other things, All of the other issues including sessions expiring, and not being able to login from multiple places should all be resolved now that we've corrected some settings in the cookie properties. And if you want to quote a single post, you want to click REPLY. If you want to quote multiple posts click quote for each post you want quoted and then click add reply at the top or bottom. SMF is garbage, and we will not be going back to it. Matt Quote Link to comment Share on other sites More sharing options...
Rab Posted May 14, 2008 Share Posted May 14, 2008 i want it to remember my login from one day to the next, and it currently isnt doing that. Quote Link to comment Share on other sites More sharing options...
Matt Lestock Posted May 14, 2008 Share Posted May 14, 2008 The login cookie is working correctly now. Quote Link to comment Share on other sites More sharing options...
SomeoneE1se Posted May 15, 2008 Share Posted May 15, 2008 SMF is garbage, and we will not be going back to it. First off SMF is not garbage it worked just fine for the entire time we've used it, and just because y'all don't like it doesn't make it garbage. Second we've had more problems with this install of IPB in the first week then in the entire time we've used the SMF. And what was the real reason for the move to IPB? Quote Link to comment Share on other sites More sharing options...
digip Posted May 15, 2008 Share Posted May 15, 2008 First off SMF is not garbage it worked just fine for the entire time we've used it, and just because y'all don't like it doesn't make it garbage. Second we've had more problems with this install of IPB in the first week then in the entire time we've used the SMF. And what was the real reason for the move to IPB? QFE! We could have just skinned SMF to look like the new IPB forums. + We could have built upon it to add features you wanted from these forums, but in overall functionality, I think SMF worked better. Maybe it was harder to configure, or didn't have some feature you wanted, but I seriously do not like the new forums other than the look/skin/style of it. Everytime I come back, it seems there is a new post to view, only I go in, and have read all the ones I want to see. To fix it, I have to mark the thread as read, which is just silly to have to keep doing to see new posts. If I don't read a thread but viewed that section, SMF was smart enough to grey out the icon so I knew that there wasn't new topics to read. IPB doesn't seem to do this. The reply area is too bulky and clumsy. I shouldn't have to scroll up and down so much. Quick reply is nice to some extent, but when you quote someone, you get this like 1000 pixel scroll down to hit the submit button with all these extra links and functions we never use. How many people are going to use that attachment function? Other than maybe some people with no hosting, but I can't see a need to have uploads for forum software other than to show your avatar. SMF seemed faster, more light weight. IPB seems bulky and clumsy. About the only new thing I like from it is the profile pages are a little nicer and have that friends and comment boxes so you can quickly chat with specific people, although, I think comments from mutual friends should be private two way conversations. I also like seeing who recently visited my profile, but these are all nice extras, but things that don't contribute to the functionality of the main forums themself. Now, these are just my opinions. Please don't take offense, but I would say that there is a lot to be desired about SMF from a user's perspective. Maybe not so much form behind the scenes and the administration side of things, but for us, SMF seemed to be our sweet spot. Maybe there should be a poll to see what the community thinks? What do they prefer? What ideas do we have that we would like to see change on IPB to better serve the functionality of the forums? One unique thing about Hak5 is it is as much community run as it is anything else, so if we all sound like a bunch of whiny little bitches who complain about every little thing, it's because we all take so much pride in Hak5, the show, and the community side of things, liek the forums, IRC, etc. Quote Link to comment Share on other sites More sharing options...
Rab Posted May 15, 2008 Share Posted May 15, 2008 Please don't take offense This is the internet, everyone takes offense. Quote Link to comment Share on other sites More sharing options...
SomeoneE1se Posted May 15, 2008 Share Posted May 15, 2008 Maybe there should be a poll to see what the community thinks? What do they prefer? they've already made it clear, that it doesn't matter what we think or want they don't like SMF so fuck it/us. Quote Link to comment Share on other sites More sharing options...
Sparda Posted May 15, 2008 Author Share Posted May 15, 2008 Sessions seem fixed now.Thanks. Quote Link to comment Share on other sites More sharing options...
VaKo Posted May 16, 2008 Share Posted May 16, 2008 I tried to quote something and it failed lol. I think IPB needs some more work to it. I will endeavor to see if there is anything in the admin CP that needs tweaking. Quote Link to comment Share on other sites More sharing options...
Sparda Posted May 16, 2008 Author Share Posted May 16, 2008 For me, the pressing the quote buttons add each message to the message I wish to add (by pressing the "Add Reply" Button near the bottom of the page. The reply buttons next to each page quotes on that that message, I actualy perfer this method. Quote Link to comment Share on other sites More sharing options...
SomeoneE1se Posted May 16, 2008 Share Posted May 16, 2008 Sessions are borked again! Quote Link to comment Share on other sites More sharing options...
SomeoneE1se Posted May 18, 2008 Share Posted May 18, 2008 Anyone else still getting logged out, or is it just me? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.