Nice to see the forum back

For everything that's not in any way related to PureBasic. General chat etc...
User avatar
Lord
Addict
Addict
Posts: 847
Joined: Tue May 26, 2009 2:11 pm

Nice to see the forum back

Post by Lord »

Looks like everything is ok. :D
Image
SeregaZ
Enthusiast
Enthusiast
Posts: 617
Joined: Fri Feb 20, 2009 9:24 am
Location: Almaty (Kazakhstan. not Borat, but Triple G)
Contact:

Re: Nice to see the forum back

Post by SeregaZ »

yes, but how to know what new items is in this new version?
User avatar
mk-soft
Always Here
Always Here
Posts: 5335
Joined: Fri May 12, 2006 6:51 pm
Location: Germany

Re: Nice to see the forum back

Post by mk-soft »

As it looks like, the server has moved to England.
My Projects ThreadToGUI / OOP-BaseClass / EventDesigner V3
PB v3.30 / v5.75 - OS Mac Mini OSX 10.xx - VM Window Pro / Linux Ubuntu
Downloads on my Webspace / OneDrive
User avatar
Lord
Addict
Addict
Posts: 847
Joined: Tue May 26, 2009 2:11 pm

Re: Nice to see the forum back

Post by Lord »

Brexit exit? :wink:
Image
SeregaZ
Enthusiast
Enthusiast
Posts: 617
Joined: Fri Feb 20, 2009 9:24 am
Location: Almaty (Kazakhstan. not Borat, but Triple G)
Contact:

Re: Nice to see the forum back

Post by SeregaZ »

it was russians hackers! :twisted:
User avatar
Sicro
Enthusiast
Enthusiast
Posts: 538
Joined: Wed Jun 25, 2014 5:25 pm
Location: Germany
Contact:

Re: Nice to see the forum back

Post by Sicro »

Since the forum is online again, the login needs the sid-parameter ("http://www.purebasic.fr/english/index.php?sid=e4e12..."). In the previous forum version, the sid-parameter was also appended to the URL, but the login didn't depend on this parameter because all the required data was stored in a cookie. As it is now, someone only needs a URL with the sid-parameter of the logged in user and he is also logged in as the user without having the cookie. I find that dangerous. In the past I have seen some forum members posting URLs to forum threads or forum posts that still contained the sid-parameter.

Unfortunately, the forum still does not use an encrypted connection ("https://"). Our login data (user name and password) are sent through the Internet in plain text.
For the website of PureBasic was changed to "https://" ([Done] https://www.purebasic.com), why not also for the forum (Forum login isn't protected (https))?

Edit:
The text, which I have now colored green above, seems to work only with Firefox and only locally on the computer, as I have now noticed.
In a few days I have enough time again to investigate the problem further. I will then edit this post again.

Edit 2:
It looks like someone from the PB team has changed the forum configuration, because now only the logout link contains the sid parameter.
Image
Why OpenSource should have a license :: PB-CodeArchiv-Rebirth :: Pleasant-Dark (syntax color scheme) :: RegEx-Engine (compiles RegExes to NFA/DFA)
Manjaro Xfce x64 (Main system) :: Windows 10 Home (VirtualBox) :: Newest PureBasic version
Post Reply