nim-lang / nimforum Goto Github PK

How does one remove their account?

Steps to reproduce:

1. Create post
2. Copy the link for "Edit Post"
3. Change postid parameter in http://forum.nim-lang.org/t/<thread_number>?action=edit&postid=<new_post_ID> to a lower post.

Opens view for editing post; if you try to actually submit changes this will fail if you're not the owner (so not a security issue), but should still fail earlier (and not bring unauthorized user to edit page).

When the forum is searched for the word htmlgen one of result posts is mine with the text Something like **htmlgen**?. The extra asterisks are not present in the original post, and the hyperlink leads to http://nim-lang.org/**htmlgen**.html. Clicking on the post shows the expected text and correct url.

I'd like to deploy a modified nimforum to a website, but I would like it to support the immutable infrastructure patterns I've been setting up my infrastructure around. Would it be possible to add support for Nimforum to connect to Posgres servers instead of just using SQLite?

There are no CSRF token used.

It is not possible to directly jump to the first new post - one always has to open a thread at the beginning and then jump manually to the end of the posts that are already read, which is difficult to find when there are multiple new posts.

Contained error message from [email protected] (forum mirror?):

[email protected]: host turing.freelists.org[206.53.239.180] said: 450
4.7.1 Client host rejected: cannot find your hostname, [178.62.143.63] (in
reply to RCPT TO command)

Since 178.62.143.63 is nim-lang.org, this looks as if freelists.org chokes on forum-generated mails.
Probably related to #93.

The varchar(1000) for posts' content is not enforced, you can easily post over that limit by copying/pasting a text repeatedly. Length of both subject and content need to be checked before sql insertion.

It would be nice also if the html had some javascript which told the user about this limit as the number of left chars. An example of this behaviour can be seen on stackoverflow, where above a certain limit, the number of characters left is displayed in different colors near the text area.

I'm getting a 502 error.

foo bar

> asdf

The bottom quote won't render.

Searching the forum for linq will yield a few results in the form http://forum.nim-lang.org/t/389#2146 which go to the first page. That link should instead point to the third page: http://forum.nim-lang.org/t/389/3#2146.

Searching for destructors shows three empty posts, but going to them shows they actually have content. Attaching screen capture.

All new posts in the Forum's DB have 127.0.0.1 as the IP address.

Every new message on the forum could be also sent to a mailing list (possibly in a way that allows threading).
It would be awsome if people could also reply to the emails on the mailing list and nimforum coulld ingest them and replicate them in the forum (effectivly mirroring the mailing list)

• Forum to mailing list
• Sender/Resent-From field
• Email threading
• Mailing list to forum

Should be able to view comments / titles of threads submitted by user in the user's profile.

I'll start working on this if no objections. :)

Would be nice if there was a way to reset the password. It already asks for email, so you could just send confirmation to that.

(I forgot my password for nim-lang.org's forum, heh.)

When a thread is deleted the user is redirected to /t/-1, they should be redirected to the front page.

...
ast.nim(1245)            sonsLen
system.nim(2533)         sysFatal
Error: unhandled exception: sons is not accessible [FieldError]
FAILURE: Build failed for package: nimforum

On Linux AMD64 with f3814be5305743b version of Nim

Forum shuts down with "semaphore timeout exceeded" error on windows after working for some hours.

When I try to compile I first get a problem because "rst" is not imported.

The cfg File seems not to work for me (obviously I do not have $nimrod defined)!

--path:"$nimrod/lib/packages/docutils"

--path:"$nimrod"

I added path="$lib/packages/docutils" to my /etc/nim.cfg and that was fixed.

I tried to do the same in forum.nim.cfg and it worked. So I guess that could be fixed in this repository. I would be happy to make a PR.

After that was done it complained about:

clang: error: no such file or directory: '/Users/hara/devsys/workspace/nim/nimforum/nimcache/crypt-blowfish.o'

I found this is because the nim bcrypt lib does not compile on OS X. I could fix that and created a pull request (runvnc/bcryptnim#2)

After those changes I can compile with nimble build and it runs. But on the website I get this error:

An error has occured in one of your routes.

Detail: no such table: thread

I thought this could be fixed by importing the fts.sql I saw in the directory. Blindly trying with sqlite3 nimforum.db < fts.sql gave an error. The file is obviously not what I thought :)

Here I can't continue? How to initialise the sql and get the Forum flying?

Implement threads which are hidden because they have been marked as "spam" by many users.

Meaning that nobody does not even need to break in to the server to break the password hashes with pen and paper

Sorry for cross post -- just for sake of completeness.

None of my email addresses are allowed, due to the apparent restrictions:

• Addresses can have at most 30 characters (as a hard limit on the input box).
• University addresses (e.g., kit.edu) are not accepted as a valid domain (results in: Error: Invalid email address).

No confirmation email after registration.

Would it be possible to have an email sent to you when either:

• Someone mentions your name via @username syntax.
• You "track" a topic.

This would be amazing!

Searches like "-qwe" result in a run-time error (exception).
This due to - before a word stands for exclusion (for no such word in results) in SQLite's full-text search, and it disallows using only exclusions in a search. Though I expected just an empty result from such a search, not an exception.

Such code replacing line 1338 in forum.nim solves the problem:

    var q = @"q".strip
    if q[0]=='-' and not q.contains(Whitespace):
      q=""

If a PR's needed, I can make it, or the code can be taken from here.

Add ability for poster (or admin) to flag the topic as solved,
and then the topic title gets prepended with the "Solved: " tag

Menu at the top of the page differes to the rest of the Nim-Lang website, which has
Learn Docs Download Support Forum FAQ

https://news.ycombinator.com/item?id=10935311

Ah, sorry that I assumed it was all Araq's doing. Here's my feedback:

I see no way to keep track of threads I've posted in, or threads I am interested in, or get notifications when people reply. That would be the most important thing. Maybe I'm missing something, because right now I read down the list of subjects for threads I'm interested in, and look for whether the most recent responder is different from who I remember.

Writing forum comments in ReStructuredText is not friendly. Anyone who is not wise to the ways of the forum is going to fail the first time they try to post code, and I still have to look up a ReStructuredText reference, because I never use RST for anything else. Just use GitHub-flavored Markdown, the markup language of least surprise for developers.

As another person responded, reading a thread longer than 10 messages is unnecessarily awkward. The navigation buttons -- which must be used frequently -- are not particularly prominent on a computer screen, and on a phone they're like a millimeter in diameter.

Interface elements are strange. Why is someone's username a link if the page behind it doesn't do anything useful such as list their posts? Why does the timestamp have a dotted line under it? What am I supposed to be able to do with the timestamp? I would expect from other places that it would be a permalink, but it seems to just be nothing.

nim-lang.org is not available over HTTPS at all. Since it includes a way for people to log in it should be HTTPS-only.

Free TLS certificates are available from Let's Encrypt.

The following are 5 attempts at defining a /= operator for a simple vector compiled via

nimrod c --run test.nim

Changing ATTEMPT to 1 through 4 compiles just fine. ATTEMPT = 0 results in the compilation failure at the bottom. Summary:

• This seems to happen when using double-nested templates.
• The problem seems to be specific to the /= operator as +=, -=, and *= define just fine using the double-nested template.

type TVec2* {.pure, final.}[Scalar] = object
  elts: array[0..1, Scalar]

template defineOpAssign(tvec: expr, op: expr) {.immediate.} =
  proc op*(v: var tvec, w: tvec) {.inline.} =
    for i in 0..1:
      op(v.elts[i], w.elts[i])

const ATTEMPT = 0

when ATTEMPT == 0:
  # FAILS: defining `/=` with template calling template
  # ERROR about sem.nim line 144
  template defineOpAssigns(tvec: expr) {.immediate.} =
    defineOpAssign(tvec, `/=`)

  defineOpAssigns(TVec2)

when ATTEMPT == 1:
  # WORKS: defining `*=` with template calling template
  template defineOpAssigns(tvec: expr) {.immediate.} =
    defineOpAssign(tvec, `*=`)

  defineOpAssigns(TVec2)

when ATTEMPT == 2:
  # WORKS: defining `/=` calling the inner template directly
  defineOpAssign(TVec2, `/=`)

when ATTEMPT == 3:
  # WORKS: inlining inner template
  template defineOpAssigns(tvec: expr) {.immediate.} =
    proc `/=`*(v: var tvec, w: tvec) {.inline.} =
      for i in 0..1:
        `/=`(v.elts[i], w.elts[i])

  defineOpAssigns(TVec2)

when ATTEMPT == 4:
  # WORKS: defining `/=` directly
  proc `/=`*(v: var TVec2, w: TVec2) {.inline.} =
    for i in 0..1:
      `/=`(v.elts[i], w.elts[i])

The error is

Hint: system [Processing]
lib/system/ansi_c.nim(81, 12) Warning: undeclared conditional symbol; use --symbol to declare it: nimSigSetjmp [User]
lib/system/ansi_c.nim(81, 42) Warning: undeclared conditional symbol; use --symbol to declare it: nimStdSetjmp [User]
lib/system/ansi_c.nim(88, 12) Warning: undeclared conditional symbol; use --symbol to declare it: nimRawSetjmp [User]
lib/system/ansi_c.nim(88, 42) Warning: undeclared conditional symbol; use --symbol to declare it: nimStdSetjmp [User]
Hint: test [Processing]
test.nim(17, 17) Info: instantiation from here
test.nim(15, 18) Info: instantiation from here
test.nim(17, 17) Info: instantiation from here
test.nim(15, 18) Info: instantiation from here
Error: internal error: (filename: compiler/sem.nim, line: 144)
No stack traceback available

.. image:: http://i.imgur.com/oCem13Y.png should place an inline image, but it is simply ignored at the moment. See http://forum.nim-lang.org/t/812#4702 for an example. IIRC they've worked in the past. This may be a bug in Araq/Nim.

If a user creates a post and later decides to edit it changing the subject line, the subject title won't change on the main list view of threads despite that individual post subject being updated correctly.

When post is edited the user is not redirected to the post they edited correctly. They are simply redirected to the thread without any anchor or page redirection.

Follow the idea behind http://forum.nimrod-code.org/t/139 and make the necessary changes to license the forum content under cc-wiki license.

The thread at http://forum.nim-lang.org/t/693/1 shows the title "Problems with the "Download" page". The second page at http://forum.nim-lang.org/t/693/2 shows only "Re: Problems with the". Looks like there is an escaping error somewhere regarding double quotes.

The profile view should show the user's IP address so that we can more easily determine whether the user should be banned or not.

Spammers are using the following keywords:

fifa and UK.

Check if the user is new, and disallow those.

http://forum.nim-lang.org/t/738/123

When a post is selected the background color is a dark blue, and this makes hyperlinks hard to read (blue over blue). Attaching screenshot.

You can basically crack an md5 hash with pen an paper.

Get (with nimble build as well)

$ nim c forum.nim
...
forms.tmpl(17, 13) Error: invalid indentation
$ 

You should change the topic URL slightly every time someone posts something on the forum so new posts mark links unread; just add a &t={lastposttime}

This sometimes happens if threads are removed, which causes the URL to be re-used

A user is allowed to input any character sequence for the subject of a post, the only restriction seems to be three characters of length. By entering three spaces the post is created and can be accessed directly by its id url, but it won't show up properly in the thread list of the forums since the whitespace characters don't provide any surface for clicking.

A better validation would be to check the length of the subject after removing whitespace from front/tail of user input.

Looks like mailing list mirroring has been broken since the beginning of January:
first broken post: http://www.freelists.org/post/nim-dev/Nim-threads-vs-Pthreads

Looks like it does not allow html posts anymore?
Maybe there's an option to set on the mailing list: http://www.freelists.org/wiki/faq/enable_html
Or we should just send plain rst (without converting to html).

time wget 'http://forum.nimrod-lang.org/postActivity.xml' -q -O/dev/null 0,00s user 0,00s system 0% cpu 39,923 total
Single-threading and 40 seconds per request means that I could DoS forum from 56kbit modem.

I think that this is caused by SQLite being unable to optimize this request:

SELECT A.id, B.name, A.content, A.thread, A.header, strftime('%Y-%m-%dT%H:%M:%SZ', A.creation), A.creation, COUNT(C.id) FROM post AS A, person AS B, post AS C WHERE A.author = B.id AND A.thread = C.thread AND C.id <= A.id GROUP BY A.id ORDER BY A.creation DESC LIMIT ?"

I think that there is nothing inherently slow in this request, but SQLite has rather primitive optimizer (compared to MsSQL/Postgres). Maybe explicit join or subqueries will be faster?