vanderaj / gaiabb Goto Github PK
View Code? Open in Web Editor NEWFull featured web forum software written in PHP
Home Page: https://github.com/vanderaj/gaiabb
Full featured web forum software written in PHP
Home Page: https://github.com/vanderaj/gaiabb
What steps will reproduce the problem?
1. Log in as admin
2. Go to Admin CP
3. Select Cleaning Tools -> Fix Orphaned Favorites
What is the expected output? What do you see instead?
Should show confirmation box with Yes or No buttons. Won't show up.
What version of the product are you using? On what operating system?
Revision 10
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 19 Feb 2010 at 1:33
User Story
Settings table has maximum value set to 200. Board Rules and Admin Notes
are include in this table so rules and notes can be only 200 characters
and it's not enough.
Constraints
Other settings should be at 200 vars limit.
Tests
Action
Original issue reported on code.google.com by [email protected]
on 24 Feb 2010 at 7:47
User Story
The Close Inactive Threads tool is very basic. Add a forum list like Prune
Threads tool.
Constraints
Only super | administrators should be able to see this tool. Therefore, forum
restrictions do not
apply to this tool.
If this tool was to become a moderation tool, forum restrictions would have to
apply.
Tests
Ensure that only valid forums are allowed.
Test for invalid forum values (-z, -1, 0, non-existant forum ID)
Action
Original issue reported on code.google.com by [email protected]
on 21 Feb 2010 at 1:58
What steps will reproduce the problem?
1. Log in
2. Go to topic with poll
3. In browser open new tab with same topic
4. Vote in first tab
5. Vote in second tab
What is the expected output? What do you see instead?
Should give a vote and show results and in second tab should give error.
Using this cheat you can vote forever and you can see the results only
when logged out or using other account.
What version of the product are you using? On what operating system?
Revision 10
Please provide any additional information below.
Old bug from XMB
Original issue reported on code.google.com by [email protected]
on 19 Feb 2010 at 7:27
What steps will reproduce the problem?
1. Make sure your logged out
2. Go to Index
3. Choose Who's online
What is the expected output? What do you see instead?
One header and error message. Two faulty headers.
Please use labels and text to provide additional information.
Added screenshot
Original issue reported on code.google.com by [email protected]
on 2 Mar 2010 at 11:37
Attachments:
What steps will reproduce the problem?
1. With debug enabled, Go to admin/cp_general.php
2. See the strict warning for inactiveusers
L255: printsetting2($lang['inactiveusers'], 'inactiveusersnew',
$CONFIG['inactiveusers'], 3);
What is the expected output? What do you see instead?
Inactive Users needs to exist. It should be set to zero (0) by default for
safety.
Please use labels and text to provide additional information.
Original issue reported on code.google.com by [email protected]
on 11 Apr 2010 at 11:58
Attachments:
What steps will reproduce the problem?
NB! Flood control must be turned on
1. Log in
2. Go to topic and post
3. Post again before flood control time runs out
What is the expected output? What do you see instead?
Error message/notice and redirection back to topic. I see only error message
and no redirection
What version of the product are you using? On what operating system?
Revision 26
Please provide any additional information below.
Is it possible after redirecting back to topic quick-reply box restores text
you have inserted or is
it to complicated?
Original issue reported on code.google.com by [email protected]
on 26 Feb 2010 at 8:43
What steps will reproduce the problem?
1. Log in
2. Go to UserCP
3. Choose Change Password
4. Insert current pass
5. Insert new password
6. Insert new password with mistake
What is the expected output? What do you see instead?
Expected output is seen in picture one (on left side UserCP tools and from
center to right side error message). I see picture two (no UserCP tools on
left, only error message) and no redirection back to UserCP/Change Password
What version of the product are you using? On what operating system?
Revision 14
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 21 Feb 2010 at 9:38
Attachments:
What steps will reproduce the problem?
1. Enter something like <username> or similar in a quick reply or post
2. Submit the post
What is the expected output? What do you see instead?
To show the <username> with < and > on screen (thus de-fanging output)
It's safe now, but wrong. Probably best to remove strip tags altogether.
Original issue reported on code.google.com by [email protected]
on 18 Feb 2010 at 4:09
When logging out and token code is already took, then error page is faulty.
Added picture!
Logout link is from viewonline.php
Original issue reported on code.google.com by [email protected]
on 15 Feb 2010 at 5:25
Attachments:
User Story
Import the XMB installer.
Constraints
- Make it look like GaiaBB
- Make it work with our DB layer
Tests
Must install from scratch with no errors
Must upgrade XMB 1.9.11 to GaiaBB 1.0 with no errors
Action
Original issue reported on code.google.com by [email protected]
on 12 May 2010 at 8:02
What steps will reproduce the problem?
1. Go to topic where banned user has posted
2. Click Printable button(text)
What is the expected output? What do you see instead?
Should not show text what banned member has posted. Does show a banned members
post.
Please use labels and text to provide additional information.
Original issue reported on code.google.com by [email protected]
on 12 Mar 2010 at 3:50
What steps will reproduce the problem?
1. Log in
2. Go to User CP
3. Choose Change Password and change it
What is the expected output? What do you see instead?
No post message is shown. Password in database will be changed. Added
picture.
What version of the product are you using? On what operating system?
Revision 8
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 18 Feb 2010 at 7:55
Attachments:
User Story
Because there is no ModCP and i don't see much point of this feature, maybe
this should be removed.
Action
Remove from DB and from cp_general
Original issue reported on code.google.com by [email protected]
on 7 Apr 2010 at 1:43
What steps will reproduce the problem?
1. Log in
2. Go to UserCP
3. Choose Avatars
4. Click Change Avatar without selecting any
What is the expected output? What do you see instead?
Should show error message with UserCP on the left side and should redirect
back to Avatars or UserCP. Added screenshot
What version of the product are you using? On what operating system?
Revision 14
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 21 Feb 2010 at 10:06
Attachments:
What steps will reproduce the problem?
1. Log in as user
2. Report a post
3. Send
What is the expected output? What do you see instead?
Should recieve one PM but recieves two exact copies.
What version of the product are you using? On what operating system?
Revision 10
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 19 Feb 2010 at 11:52
What steps will reproduce the problem?
1. Turn Duplicate e-mail status ON
2. Register 2 or more users with same e-mail
3. Try to recover all those users password
What is the expected output? What do you see instead?
Every user with same e-mail should have reset password. Only first user
with this e-mail can reset password. Others have error: "Username and e-
mail wrong".
What version of the product are you using? On what operating system?
Revision27
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 9 Mar 2010 at 9:52
User Story
Currently, GaiaBB uses an old robots (user agents) list. Update the list to be
as modern as
possible.
Constraints
Drop off non-robotic UA's
Ensure remaining UA's do not have prohibited characters
Tests
TBA
Action
Original issue reported on code.google.com by [email protected]
on 19 Feb 2010 at 5:37
What steps will reproduce the problem?
1. Log in as admin
2. Go to Admin CP
3. Change RPG acitvity status to OFF under General Settings
4. Go to User CP and change RPG status to ON
What is the expected output? What do you see instead?
RPG activity isn't showed in threads. Should show RPG acitivity in threads
Please use labels and text to provide additional information.
Revision 33
Like I understand, when turning this feature OFF in Admin CP, it should
change DEFAULT setting to OFF, but when user changes his profile to show
it, it should show. Am I wrong?
Original issue reported on code.google.com by [email protected]
on 7 Apr 2010 at 2:46
What steps will reproduce the problem?
1. Log in as admin
2. Go to Admin CP
3. Send newsletter to EMAIL
What is the expected output? What do you see instead?
Excpected output should be:
Tere armas meeskond,
vabandan spämmi eest, kuid testin kahte olulist asja!
Lugupidamisega,
Voldemar Kuslap.
I see:
Tere armas meeskond,rnvabandan spämmi eest, kuid testin kahte olulist
asja!rnLugupidamisega,rnrnVoldemar Kuslap.
What version of the product are you using? On what operating system?
Revision 10
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 19 Feb 2010 at 12:02
What steps will reproduce the problem?
1. Log in
2. Go to PM
3. Create some new folders
4. You need to have sent messages in your Outbox. If you dont, then send
some.
5. Go to Outbox, select all or some messages and move them to created
folder.
What is the expected output? What do you see instead?
You should see messages in created folder, but you will only see number
behind folder name and folder itself stays emtpy.
Should give error that sent messages cannot be moved!
What version of the product are you using? On what operating system?
Revision 14
Please provide any additional information below.
Added screenshot
Original issue reported on code.google.com by [email protected]
on 21 Feb 2010 at 12:22
Attachments:
What steps will reproduce the problem?
1. Login as admin
2. Go to Admin CP
3. Select Moderation Tools -> Close Inactive Threads
What is the expected output? What do you see instead?
Should close topics in selected fids. Will cause database error. Added
screenshot
What version of the product are you using? On what operating system?
Revision 10
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 19 Feb 2010 at 1:44
Attachments:
What steps will reproduce the problem?
1. Log in as admin
2. Change some forums theme different from default
3. Go to this forum after saving changes
What is the expected output? What do you see instead?
Should change theme. You must hop different places in this forum (reply ->
back to the forum -> new reply) before it changes to selected theme.
What version of the product are you using? On what operating system?
Revision 14
Please provide any additional information below.
When logged out, no theme changes!!!
Probably related with cookies.
Original issue reported on code.google.com by [email protected]
on 21 Feb 2010 at 12:43
What steps will reproduce the problem?
1. Log in as admin
2. Go to Admin CP
3. Choose Cleaning Tools -> Fix Orphaned Posts
What is the expected output? What do you see instead?
Should show confirmation box with Yes or No buttons. Won't show up.
What version of the product are you using? On what operating system?
Revision 10
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 19 Feb 2010 at 1:31
User Story
Students using XO should be able to sign on to GaiaBB using their Moodle
account without re-
typing a credential.
Constraints
The first user of the GaiaBB forum will be the administrator, as with the XS
Moodle install.
Moodle admins are GaiaBB super admins. Users are not provisioned until they
visit.
Tests
Action
Original issue reported on code.google.com by [email protected]
on 19 Apr 2010 at 2:33
What steps will reproduce the problem?
1. Go to UserCP -> Options
2. Change the language and tamper with the POST
3. Change the langfile to whatever you want.
It's not validated. This is replicated throughout the code.
What is the expected output? What do you see instead?
Only installed language files should be able to be saved in the database
record. If the language file
doesn't exist, English should be chosen (it's required for many reasons).
Consider the use of a RARM
and ensure that when the first someone is trying to use a non-existing file,
all database choices are
validated and returned to English if that choice doesn't exist.
It is possible to choose a non-installed file, and possibly cause a local file
include (or worse, a remote
file include) issue with this code.
Original issue reported on code.google.com by [email protected]
on 21 Feb 2010 at 1:31
User Story
Some tools take a long time, particularly on large boards.
Create an Ajax progress bar for these tools, and figure out how to get a
reasonable status from
them rather than just timing out.
Constraints
IE 7+, Firefox 3+, Safari 3+
Tests
Action
Original issue reported on code.google.com by [email protected]
on 21 Feb 2010 at 1:59
User Story
Currently, the board will ALWAYS e-mail the administrator when a database
panic. This should
be configurable, as not every host has correctly configured SMTP.
Constraints
TBA
Tests
TBA
Action
Change this code in mysql5php5.class.php, lines 143 - 148.
// TODO: make this configurable as not every host has mail configured
// TODO: make this use the SMTP classes, if possible
if ( isset($CONFIG['adminemail']) && isset($CONFIG['bbname']) )
{
mail($CONFIG['adminemail'], 'GaiaBB :: Database panic from '.$CONFIG['bbname'],
$msg->getMessage() . "\r\n" . $this->conn->error );
}
Original issue reported on code.google.com by [email protected]
on 20 Feb 2010 at 4:15
What steps will reproduce the problem?
1. Log in
2. Go to UserCP
3. Choose Change Email
What is the expected output? What do you see instead?
Post message saying Your password has been changed. Nothing appears, no
redirecting or loggout. Added screenshot.
What version of the product are you using? On what operating system?
Revision 14.
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 21 Feb 2010 at 9:30
Attachments:
What steps will reproduce the problem?
1. Log in as admin
2. Go to Admin CP
3. Select Forums -> Prune
4. Select Prune by X days
What is the expected output? What do you see instead?
Should prune forums. Will cause database error.
What version of the product are you using? On what operating system?
Revision 10
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 19 Feb 2010 at 1:51
What steps will reproduce the problem?
1. Go to registration page
2. Fill all the forms
3. Click register
What is the expected output? What do you see instead?
Should show Successful registration text. Shows nothing.
Please use labels and text to provide additional information.
No email with password is sent!
Original issue reported on code.google.com by [email protected]
on 2 Jun 2010 at 4:34
User Story
Upgrade the members table to take longer salted SHA-256 password hashes.
Upgrade all
password handling code to handle the newer passwords.
The salt is a random six character blob of 0-255 values, and stored in a new
"salt" column.
If the salt is empty, the password is an older MD5 unsalted password and the
old code paths
should continue to work unchanged.
Constraints
Must remain compatible with older unsalted password hashes, but create new
stronger hashes
under all change password circumstances
Tests
Login with an old unsalted password
Login with a new salted password
Change password (userCP, edit profile and admin) must create a new salted
password
Reset password must create a new salted password
Register user (anon & admin) must create a new salted password
Action
Original issue reported on code.google.com by [email protected]
on 14 Apr 2010 at 2:07
User Story
Add a feature that allows users to ignore another user. The ignore list must be
maintainable by the
user and the administrator.
Constraints
Users cannot ignore themselves.
Tests
Action
Original issue reported on code.google.com by [email protected]
on 6 Nov 2009 at 10:24
If you insert wrong password or username then template is not right. Addedd
screenshot
Using latest revision (r8).
Original issue reported on code.google.com by [email protected]
on 13 Feb 2010 at 5:46
Attachments:
What steps will reproduce the problem?
1. Log in as admin
2. Change some forum settings to allow anonymous posting
3. Log out
4. Go to this forum and try to create new topic/poll
What is the expected output? What do you see instead?
Should be able to reply topics, but cannot. Should be able to create new
topic/poll, but gives an error that anonymous posting is not allowed.
What version of the product are you using? On what operating system?
Revision 14
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 21 Feb 2010 at 12:39
What steps will reproduce the problem?
1. Go to Lost Password
2. Submit without inserting any data
What is the expected output? What do you see instead?
Error and redirection back to recovery part. No redirection. Added picture.
Please use labels and text to provide additional information.
Original issue reported on code.google.com by [email protected]
on 7 Mar 2010 at 1:34
Attachments:
What steps will reproduce the problem?
1. Do something not so nice with SQL
2. E-mail is sent to [email protected]
What is the expected output? What do you see instead?
E-mail should be sent to the board administrator.
Enhancement - make it optional (add a new option to the board CP)
Original issue reported on code.google.com by [email protected]
on 19 Feb 2010 at 5:33
User Story
As the system has stopped anyway, and can't reproduce the user's chosen theme,
it's best to have a
really visual indication of badness. Change to prored for errors and panics at
the database layer
Constraints
Tests
Action
Original issue reported on code.google.com by [email protected]
on 22 May 2010 at 12:59
What steps will reproduce the problem?
1. Go to registering page
2. Create new user but insert wrong veryfication code
What is the expected output? What do you see instead?
I see two headers without images.
Please use labels and text to provide additional information.
Added image. Same bug when posting blank username and/or password!
Revision 27
Original issue reported on code.google.com by [email protected]
on 1 Apr 2010 at 8:00
Attachments:
What steps will reproduce the problem?
1. Create a filename with an apostrophe
2. Try to upload the filename
3. Database panic
What is the expected output? What do you see instead?
Filename to uploaded correctly.
Database panic.
Original issue reported on code.google.com by [email protected]
on 18 Feb 2010 at 4:15
What steps will reproduce the problem?
1. Top and or close a thread
2. View it
3. The topped and close checkboxes are not checked as per the thread's status
What is the expected output? What do you see instead?
The topped and closed checkboxes should be as per the thread. It should be
possible to untick
these as part of quick reply (and reply, too) and make that stick.
Please use labels and text to provide additional information.
Original issue reported on code.google.com by [email protected]
on 12 May 2010 at 1:23
What steps will reproduce the problem?
1. Go to register page
2. Post with blank information
What is the expected output? What do you see instead?
Error with no logo and two headers.
Please use labels and text to provide additional information.
Revision 28
Original issue reported on code.google.com by [email protected]
on 7 Apr 2010 at 1:31
Attachments:
User Story
Constraints
Tests
Action
Original issue reported on code.google.com by [email protected]
on 1 Apr 2010 at 7:51
User Story
Currently, GaiaBB uses templates from the database. This requires the use of
eval(), which is may
lead to PHP remote execution. Each template needs to be converted into a file
based template
system.
Constraints
Ensure all templates are HTML 5 compliant
Ensure all templates properly escape user supplied data (prevents XSS)
Tests
TBA
Action
Original issue reported on code.google.com by [email protected]
on 23 Feb 2010 at 12:15
What steps will reproduce the problem?
1. Go to admin/cp_faq.php
2. Change URL param fdetail or gdetail to a SQL injection
3. BLAM
What is the expected output? What do you see instead?
No SQL injection. SQL injection
Original issue reported on code.google.com by [email protected]
on 8 Mar 2010 at 7:57
What steps will reproduce the problem?
1. Log in as admin
2. Go to Admin CP
3. Select Forums -> Prune
What is the expected output? What do you see instead?
Should show post message. Nothing is shown
What version of the product are you using? On what operating system?
Revision 10
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 19 Feb 2010 at 1:52
What steps will reproduce the problem?
1. Log in as admin
2. Go to Admin CP
3. Select Cleaning Tools -> Fix Orphaned Subscriptions
What is the expected output? What do you see instead?
Should show confirmation box with Yes or No buttons. Won't show up.
What version of the product are you using? On what operating system?
Revision 10
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 19 Feb 2010 at 1:34
What steps will reproduce the problem?
1. Log in as a user
2. Click Report a post
3. Enter the subject line with a '
4. Error
What is the expected output? What do you see instead?
No error.
Database panic error.
Original issue reported on code.google.com by [email protected]
on 18 Feb 2010 at 4:10
What steps will reproduce the problem?
1. Certain parameters in pm.php are suscipitable to attribute based XSS
2. Change these parameters to a style based XSS
3. BLAM
What is the expected output? What do you see instead?
No XSS. XSS particularly with IE 6.0
Original issue reported on code.google.com by [email protected]
on 8 Mar 2010 at 7:58
User Story
The current layout is sucky. It would be best to move forum, member and other
defaults closer to
their own sections to avoid overloading the first three control panels.
Constraints
Ensure that admins are the only folks allowed to change these settings.
Consider adding
Moderator roles to them, too.
Tests
TBA
Action
Original issue reported on code.google.com by [email protected]
on 19 Feb 2010 at 5:18
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.