1CMS - Version 1.0 Demonstration Domain - By Steph Benoit

Statistics Module recoded, again!

The past week has been kind of slow for me (as I wait around the house for my next deployment) and while I fight the battle about recovering my 64bit.us domain name from the people that are trying to sell it back to me, I decided I would break down and start writing some code.

The first hurdle to overcome was that my hosting was setup for 64BIT.US at the root. All of that has now changed, so at last http://1cms.org is at the root of the hosting domain. With that 2-day process (not mine, but my hosts') out of the way, I was able to turn on GoogleTap functions as well as start fixing code.

64BIT.US Victim of Cybersquatting

Just as a heads-up to everyone that has been asking about it, yes, our primary 64bit.us domain (owned by Steph Benoit since .us domain names became available), got grabbed up by a guy in Reading, Massachusetts who has ideas on selling it back to me.

''Report Post'' Function Added To Forums

I have recently noticed a lot of posts on other sites that need moderation. Unfortunately, I also discovered that the standard phpBB forums offer no way to report these problems to moderators.

In an effort to help moderators better handle forum post issues (or more accurately, to help users notify moderators of problems), the "Report Post" feature has been added to 1CMS forums.

In a nutshell, this feature allows any registered user to "Report" any forum post and to include some comments to tell moderators just what problems are seen such as forbidden content, posted in the wrong forum, etc...

Once this information has been posted, an email is automatically sent to moderators. Any moderators visiting the site can also see a detailed queue of posts that have been reported. Inside the, "Report Queue" moderators can see each new "report", and can take actions to moderate any post in question. Once completed, they can then change the status of the report and add their own comments regarding actions they took to deal with that report.

Moderators can of course see the complete history of all "new", "open" and "closed" reports as well as comments posted by any moderators that have worked on any reports. This is useful for tracking the history of each moderators actions.

I hope everyone enjoys this new, 100% W3C Compliant feature.
Steph Benoit, Primary Developer

So many desires to go forward (not sideways); yet, so little time!

After being gone for a year (my first post since last October), let me begin by mentioning that this is more of a blog post of my thoughts than anything else though I'll start a discussion thread on this topic in my forums

I am presently in the (probably) not-so-unique position of pondering exactly where I should be going in terms of moving forward with CMS Software Development.

New BBtoNuke Forum Mods Added To ''1CMS''

In an effort to make the baseline build of Forums a tad more feature rich (without over-doing it), I have added 2 additional baseline features.

1) Advanced Quick Reply Mod - This custom made solution is based on two different Quick Reply mods for phpBB. After being combined, it delivers all of the functions that you might want in a "Quick Reply" mod. It can be viewed (if you are logged in) at the bottom of any forum post.

2) Recent Forum Posts "At A Glance" Mod - This mod is simply a recent posts block that appears at the top of the forums index file. It is permissions based, so for example if you are a user that has permissions to read xyz forum, you would see posts from public forums as well as xyz forums in that block.

You can see the details about these mods in the credits module.

Enjoy!
Steph

Fractured Function Filtering Forbidden Forum Phrases Fixed!

The Problems that Nuke has always created in Forums where it would inappropriately filter so-called, "Forbidden Technical Words" has now been fixed. The curse of ineffective and inappropriate filtering of Forum Posts has been lifted!

Unlike every PHP-Nuke build, '1CMS' allows your phpBB forums to work as they were intended with none of the needless special filtering that Nuke has always applied to them (in addition to phpBB filtering rules).

This configuration has been tested as safe with multiple types of XSS and other hack attempts with ZERO successful intrusions.

You'll notice for example that you can post the word "javascript" or other phrases normally blocked by Nuke and you won't get banned or blocked!

While you cannot use that word in an execution string of html code (as the HTML execution functions that would allow you to do so ARE filtered), but you can post it as a word in a sentence or even wherever it might appear when copy or pasting in code snippets.

In other words, you no longer need to go through your post and find forbidden words and change the spelling to make them work! No, Javascript is NOT spelled jabaskript! :)

Enjoy!
Steph Benoit, Developer
'1CMS'

Impossible to create XHTML Compliant Domains?

Just when you thought that you had seen it all.

http://79.64bit.us

Yes, that is "1CMS" Recoded to 100% W3C XHTML 1.0 Transitional Compliance with UTF-8 (unicode) instead of ISO-8859-1.... Go figure. So much for impossible!

Steph Benoit, Developer
"1CMS"

'1CMS', PHP-Nuke 7.9 and The Future

Hi Everyone

I wanted to take a moment to talk a little about the current state of affairs with PHP-Nuke and the intentions of what is now becoming "many" of us in the PHP-Nuke development community.

I am addressing this because it is important for everyone in the community of PHP-Nuke Webmasters to realize some of the facts about what is going on with PHP-Nuke, where it has been and where it seems to be going.

In the latter regard, I can only assure everyone that the biggest obstacle to PHP-Nuke evolution is the self-proclaimed "Author", Mr. Burzi. I say this only because with each new version of PHP-Nuke that is released, Mr. Burzi fails to apply previous version fixes, while he also creates new bugs and security holes. If you use any version of PHP-Nuke that comes from Mr. Burzi, quite frankly you are at severe risk of intrusion and hacking. There is no easier or nicer way to put it.

New Security Filtering

In an effort to increase security, today I tried to implement some of the new security filtering practices first seen in PHP-Nuke 7.9. Unfortunately, I discovered some major flaws in that new function including the fact that it strips 99% of the HTML editors formatting rules.

The bottom line is that the filtering rules included with PHP-Nuke 7.9 (and Patched 7.9) are simply wrong and I will need to setup another test domain to figure out exactly how to fix them, though I already have several ideas on the subject.

The intention is to get to a point where all queries are pre-filtered against rules that define permissions and prevent XSS and other known vulnerabilities.

The upside is that once every input field has been defined this way, it should really "harden" nuke against vulnerabilities that have been "Patched" (band aided if you will) since Nuke's inception.

The downside is that once again, every block and module will need to be recoded along with Nuke's primary files and all includes. A great deal of work to say the least.

Anyway, work continues in that direction.
Thanks for your patience while I try to make "1CMS" ready for distribution!

Steph Benoit (64bitguy)
Webmaster, "1CMS" Developer

New TinyMCE Editor Changes For The Better

Hi Everyone

If you've been playing with the domain in the past days, you probably have noticed a few changes for the better.

One of the major adjustments I have made is modification of the TinyMCE Editor functions to add images capabilities to certain modules. This was done because frankly, it's pretty stupid not to have the ability to add an image to your signature in the Your Account module.

I also thought the Submit News and Feedback modules should have at least the ability to insert pictures, even if they are remotely sourced.

I have also added the "HTML" button to all of the various types of editors to allow users to see what the code looks like that is being generated. This will allow you to clean up invisible <br /> elements at the end of your submissions for example. One habit I have quickly picked up from using the TinyMCE editor is I now find myself hitting the delete key 3 or 4 times at the end of every submission to ensure that I don't get that annoying blank line.