News:

Testamonial:  And i have actually gone to a bar and had a bouncer try to start a fight with me on the way in. I broke his teeth out of his fucking mouth and put his face through a passenger side window of a car.

Guess thats what the Internet was build for, pussy motherfuckers taking shit in safety...

Main Menu

for the imageboard users...

Started by Banned User 1, December 02, 2011, 04:56:18 AM

Previous topic - Next topic

Triple Zero

(friendly request: use more paragraphs, it's easier on the eyes and less likely for the reader to keep getting lost in)

Quote from: Von Zwietracht on December 05, 2011, 01:26:39 AM
Well, I actually drafted a roughly working version of the pm system. Ok, because there aren't traditional user accounts on an imageboard, the only way to ostentiably ban an unruly user is by identifying them by their IP and then using that to block them (personally, my script uses .htaccess denys  and serves a custom 403 page that says essentially "you've been banned; contact ban appeals to plea your case"). So, each post already has an IP tied to it (based on the contents of php's $_SERVER[REMOTE_ADDR] superglobal). I have it now so that each post displays a "send pm" button that takes the user to a page where said user may enter a brief text message to the user via a form. The form submits not only the text message, but also the timestamp of the post and the intended recipient's IP. (These three values are inserted into a sql table with a column for each datum) The way a user views his PMs is via a php script which gets the users IP and then queries sql to show all messages where the IP field of the sql row=the user's IP. To ensure that users with dynamic public IPs don't end up seeing one another's messages, the system is set to delete any post older than a given amount of time (my test version is set to two hours). With the whole idea of "message from author of post X" I think that's a bit of overkill. As has been highly stated in this thread, chans present highly transient data. PMs are no different. My reason for implementing this is for situations where two or more users are talking about, say a project (I'd say this is a good example of such a thread) and they want to move things beyond the transient realm of the chan. User "a" makes a post directed to user "b" on the board that is something along the lines of "hey that's a great idea; let's get together and work on this, I just sent you my a link to my facebook in a PM". User "b" would hopefully check his PMs, see the only likely post containing a facebook URL from the past two hours and things would move beyond the transient scope of the board. It does have severe vulnerabilities, and I think that requiring users to authenticate by both a tripcode (the closest thing a chan has to a user account..if your unfamiliar, all I can say is google it...my expalination would be too longwinded and I'm posting from a shit phone) AND an IP, but that whole side of things will have to wait untill later tonight when I start working on things again.

Yeah I roughly know what a tripcode is. Since it's basically a public hash of a password, it cannot be secure (only obscure, if you don't publish the code), unless you use a key-stretching hash like PBKDF2, BCrypt or SCrypt. The tripcode would change if you change the number of rounds/iterations, but since you don't do that too often (once a year?), combined with the transient nature of imageboards that would work.

Interestingly, a few years ago this was not much of a problem, when salted MD5 hashes were still considered tough as shit, unlike today when some random kid can simply spend $2 per hour per machine to rent a couple of high power Amazon EC2 Cloud GPU units and crunch some hashes :)

About your idea to use the IP as identification for PMs, it would sort of work, but it's not entirely clear to me whether people get to see eachother's IP in plain as they're PMing? Because you don't want to do that if people want to be anonymous, they don't want others to see their IP.

Additionally, there's many other reasons why "IP == person" does not work. It's just a bad assumption to work from. People could be roommates, flatmates, they could be an entire company behind a NAT, they could be using Tor to stay extra anonymous (switching circuits every couple of minutes), home connection with a dynamic IP, they could be on WiFi in a coffeeshop or whatever. And this is just a few from the top of my head :)

No, you're going to need to identify your users by having a cookie, or using the new Javascript LocalStorage and SessionStorage objects. As I'm not sure how well-versed you are with modern JS, and you're wanting to learn more PHP, a cookie is probably easiest.

Easiest way to use cookies in PHP is to use sessions. It's super easy. Just put session_start() at the top of your script (must be before there's any output since it modifies the HTTP headers to include a session cookie), and then you can put whatever in the $_SESSION superglobal, and whatever you put there will be preserved between requests (but separate for each user).

Basically, PHP keeps account of a list of session keys and their corresponding data stores. The user's browser is given a cookie with the session key, and it will include this cookie on every request until the session expires. PHP receives the cookie, looks up the session key's data store and puts that in your $_SESSION superglobal. The great thing is that's it's not a big problem to put sensitive data in $_SESSION since the user cannot see it, all they have is the session key, the data is securely on the server.

How to use this to create a workable PM system is up to you :) But at the very least you can simply put a random identifier into $_SESSION['user_id'] (if it is not already set) and simply use that instead of $_SERVER['REMOTE_ADDR'].

This has the advantage of keeping two users on the same IP/network separate (assuming they use separate browsers) or any of the other examples I named.

The disadvantage is that sessions don't last forever (check your PHP.ini settings thing for how long) but it should be at least an hour or two, which is what you were planning on anyway. You might even want to keep a "start_time" in your $_SESSION to make sure it's expired after some time [cookies are kinda unreliable this way, best to make sure double].

Additionally, you can do all sorts of other cool tricks with the $_SESSION like keeping a per-user list of recently-viewed threads to show as a quick navigation bar, that sort of thing.

You might want to consider putting a link/button on your page says "Clear Session" (or whatever), which clears the $_SESSION superglobal.

In fact, using sessions, it's kind of like when you load the page from a fresh browser you "log in" into a completely new auto-created account, which exists only for the duration of the session, or when the user clears the cookie, or hits the "Clear Session" button.

Quotethe only way to ostentiably ban an unruly user is by identifying them by their IP and then using that to block them (personally, my script uses .htaccess denys  and serves a custom 403 page that says essentially "you've been banned; contact ban appeals to plea your case")

Yeah that works. Sometimes you have to use IPs to ban people, in your case there's not much choice. You might however also want to consider the "slowban" in some cases, dunno if you can do it with just .htaccess, but PHP has a sleep() function. Persistent unruly users like to come back on different IPs via proxies or whatever, a slowban is a psychologically proven method to make them get bored and actually leave.

QuoteAnyway, the whole "memetic egregore" concept of old mysticism is something I'm relatively familiar with and actually consiter to be a major aspect of my worldview...but I haven't thought to use it outside of defining things like gods, corporate persons and standalone complexies like the infamous "anonymous". It could be because I use chans moreso than western boards, but it definitely is good food for thought.

Sounds like you'd definitely want to check out Art of Memetics, then. PDF is free for download from Lulu
Ex-Soviet Bloc Sexual Attack Swede of Tomorrow™
e-prime disclaimer: let it seem fairly unclear I understand the apparent subjectivity of the above statements. maybe.

INFORMATION SO POWERFUL, YOU ACTUALLY NEED LESS.

Mesozoic Mister Nigel

Ooooh, I had to look up slowban, and it's very devious! I was also delighted to read about hellbanning, which is like what we used to call twitting on the old citadel boards. When I was a sysop it was always fun to watch a twitted user slowly losing their minds about nobody responding to them.
"I'm guessing it was January 2007, a meeting in Bethesda, we got a bag of bees and just started smashing them on the desk," Charles Wick said. "It was very complicated."


Triple Zero

Quote from: Nigel on December 05, 2011, 05:28:21 PM
Ooooh, I had to look up slowban, and it's very devious! I was also delighted to read about hellbanning, which is like what we used to call twitting on the old citadel boards. When I was a sysop it was always fun to watch a twitted user slowly losing their minds about nobody responding to them.

There's a pretty good writeup on hellbans and its variations here:

http://www.codinghorror.com/blog/2011/06/suspension-ban-or-hellban.html

I especially like that he talks about in which situations they are useful and in which ones they aren't.

Like on HackerNews there's a hellban, which can either be triggered automatically (posting too quickly) or apparently if some mod catches you making a particularly tasteless joke. Wasn't me btw, and it was about killing children so I can imagine it deserving a warning, suspension or even regular ban, but a hellban without notification is just completely useless in that case since the guy never knows what he did wrong, and happily continued posting fairly productive comments that nobody could see unless they enabled "show dead" in the user config screen. Which I have because the modding is retarded over there. Oh one more thing, their hellban is temporary. That is so useless because it will only piss people off and waste their time. Fuck, if that place wasn't such a great source of super interesting news and links, I'd be so out of there.
Ex-Soviet Bloc Sexual Attack Swede of Tomorrow™
e-prime disclaimer: let it seem fairly unclear I understand the apparent subjectivity of the above statements. maybe.

INFORMATION SO POWERFUL, YOU ACTUALLY NEED LESS.

Mesozoic Mister Nigel

A temporary hellban makes no sense at all unless the user knows.

It seems like the best use for a hellban would be the case of a very persistent troll... not knowing that she was invisible, she would be less likely to proxy in and make dupe accounts.

"I'm guessing it was January 2007, a meeting in Bethesda, we got a bag of bees and just started smashing them on the desk," Charles Wick said. "It was very complicated."


Triple Zero

Quote from: Nigel on December 05, 2011, 11:49:17 PM
A temporary hellban makes no sense at all unless the user knows.

but if the user knows their posts are invisible, they might as well get a regular ban or posting-suspension.

QuoteIt seems like the best use for a hellban would be the case of a very persistent troll... not knowing that she was invisible, she would be less likely to proxy in and make dupe accounts.

exactly.
Ex-Soviet Bloc Sexual Attack Swede of Tomorrow™
e-prime disclaimer: let it seem fairly unclear I understand the apparent subjectivity of the above statements. maybe.

INFORMATION SO POWERFUL, YOU ACTUALLY NEED LESS.

The Good Reverend Roger

Quote from: Von Zwietracht on December 02, 2011, 05:11:39 AM
Well, I did say "discordian" board, but I guess that is a bit vague. Meh, I'm looking for an audience that falls into the range of 16-30 year olds that have an intrest in technology, science, the humanities, "secret knowledge" (like how to lockpick etc...not old world mysticism), and have at least a fleeting knowledge of discordian philosophy as well as some technical knowledge. Current users of imageboards are not nessisarily targeted, as my systems only borrowings from chan software is the facts of no user registration and optional image posting

Nobody under the age of 40 knows how to pick a lock or hotwire a car.  Tapping the right combo on your video game controller doesn't count.
" It's just that Depeche Mode were a bunch of optimistic loveburgers."
- TGRR, shaming himself forever, 7/8/2017

"Billy, when I say that ethics is our number one priority and safety is also our number one priority, you should take that to mean exactly what I said. Also quality. That's our number one priority as well. Don't look at me that way, you're in the corporate world now and this is how it works."
- TGRR, raising the bar at work.

Banned User 1

I beg to differ...I'm only 20 and have formal training in locksmithing. Also, google "locksport international". I attend their meetings monthly in my area and a good number of our ranks happen to be between 21 and 35. Also, a guy named john king (definitely under 40) is one of the people who found a way to manually pick the medeco m3 series of locks; since the medeco biaxial came out decades ago, their products have been consitered to be literally impossible to pick by even the most skilled of locksmiths.

Triple Zero

Quote from: The Good Reverend Roger on December 06, 2011, 03:10:55 AM
Quote from: Von Zwietracht on December 02, 2011, 05:11:39 AM
Well, I did say "discordian" board, but I guess that is a bit vague. Meh, I'm looking for an audience that falls into the range of 16-30 year olds that have an intrest in technology, science, the humanities, "secret knowledge" (like how to lockpick etc...not old world mysticism), and have at least a fleeting knowledge of discordian philosophy as well as some technical knowledge. Current users of imageboards are not nessisarily targeted, as my systems only borrowings from chan software is the facts of no user registration and optional image posting

Nobody under the age of 40 knows how to pick a lock or hotwire a car.  Tapping the right combo on your video game controller doesn't count.

The guys from the Amsterdam lockpicking club TOOOL are definitely--well most of them--under the age of 40. Those are the guys that invented the "bumpkey" lockpicking method a bunch of years ago.
Ex-Soviet Bloc Sexual Attack Swede of Tomorrow™
e-prime disclaimer: let it seem fairly unclear I understand the apparent subjectivity of the above statements. maybe.

INFORMATION SO POWERFUL, YOU ACTUALLY NEED LESS.

The Good Reverend Roger

Quote from: Triple Zero on December 06, 2011, 08:45:44 PM
Quote from: The Good Reverend Roger on December 06, 2011, 03:10:55 AM
Quote from: Von Zwietracht on December 02, 2011, 05:11:39 AM
Well, I did say "discordian" board, but I guess that is a bit vague. Meh, I'm looking for an audience that falls into the range of 16-30 year olds that have an intrest in technology, science, the humanities, "secret knowledge" (like how to lockpick etc...not old world mysticism), and have at least a fleeting knowledge of discordian philosophy as well as some technical knowledge. Current users of imageboards are not nessisarily targeted, as my systems only borrowings from chan software is the facts of no user registration and optional image posting

Nobody under the age of 40 knows how to pick a lock or hotwire a car.  Tapping the right combo on your video game controller doesn't count.

The guys from the Amsterdam lockpicking club TOOOL are definitely--well most of them--under the age of 40. Those are the guys that invented the "bumpkey" lockpicking method a bunch of years ago.

Well, maybe in Belgium there's still people who know how to do it.

But not here in Fat City.
" It's just that Depeche Mode were a bunch of optimistic loveburgers."
- TGRR, shaming himself forever, 7/8/2017

"Billy, when I say that ethics is our number one priority and safety is also our number one priority, you should take that to mean exactly what I said. Also quality. That's our number one priority as well. Don't look at me that way, you're in the corporate world now and this is how it works."
- TGRR, raising the bar at work.

Cain

Most of the English language textfiles on that kind of thing date from the mid-90s, and so the flaws were written out years ago anyway, and a lot of the more sophisticated locking systems now have electronic components to them.

Not that this is a challenge for anyone who has access to the manuals on such devices....

Cramulus

Oh! It occurs to me that the OP may dig our friend Shii, a discordian who did a lot of good work defending the Discordianism wikipedia article, and did some of the original code work for 4chan.

http://shii.org/knows/Category:Internet

Banned User 1

I knew shii was big on wikipedia, but I didn't have any idea he explicitly defended the discordianism article. Yeah, I'm familiar with shii's wiki (matter of fact, my who set of spiels about how user accounts promote "internet addict" posts is literally my parroting of ideas found in an older article by shii concerning the benefits of 2channel style anonymous boards), but as I understand it, shii doesn't nessisarily agree with half the stuff there anymore. You, cram, say "our friend" shii; do you imply he is a member here or that he is simply someone who is both rational minded and pro-"discordian". I have a half-hearted desire to speak with him about imageboards and anonymous sociological systems in general, but I'm also intimidated; I'd say his knowledge on the subject matter is such that I wouldn't even know how to begin a conversation with him.

Speaking about lockpickerei again, paricularly the aspect of ancient textfiles, a god-like comprehensive guide to all things security hardware is a 4000 (no really) page book by a man named mark weber tobias called "locks safes and security". This book is updated frequently, and I myself have an unscrupulous copy of the 2004 edition. If the topic actually interests anyone, ill say I learned more about locksmithing from this book alone than from my formal education (barring hands-on experience that is)...it covers electromagnetic locking systems thoroughly (in the gov't edition anyway). The only downside is that...to legitimately purchase a copy, the book is well over 200 bucks.

And lastly, covering my OP topic of my board system, I think I've got the software to a point where I feel it meets the functionality I want for it. (Un)fortunately, this thread kinda opened my eyes to the "fact" that, no, discordianism doesn't really benefit from this technology, and honestly I don't feel I have enough intellectual guile to be a competent mod/admin for such a community (seriously, if I had to argue a philosophical point with anyone half as intellegent as this community as a whole, I'd be shit-fucked), so I think ill end up making the boards follow a more mundane (likely technical) theme. And this is ok; as trip 0 said, I'm "building bikes" rather than attempting to develop a product to meet a specific market's needs. Regardless, ill keep any interested parties here posted when I get my servers online and the whole situation with my isp resolved.

Cramulus

Quote from: Von Zwietracht on December 07, 2011, 01:55:22 AM
I knew shii was big on wikipedia, but I didn't have any idea he explicitly defended the discordianism article. Yeah, I'm familiar with shii's wiki (matter of fact, my who set of spiels about how user accounts promote "internet addict" posts is literally my parroting of ideas found in an older article by shii concerning the benefits of 2channel style anonymous boards), but as I understand it, shii doesn't nessisarily agree with half the stuff there anymore. You, cram, say "our friend" shii; do you imply he is a member here or that he is simply someone who is both rational minded and pro-"discordian". I have a half-hearted desire to speak with him about imageboards and anonymous sociological systems in general, but I'm also intimidated; I'd say his knowledge on the subject matter is such that I wouldn't even know how to begin a conversation with him.

He's got an account here, and posted here a few times. (like,  under 10)

After finding his wiki, and reading his section "Discordianism is not Fruitbat Neo-Paganism", we tracked him down and gave him a hearty thanks for "getting it"

He gives us a shout out here http://shii.org/knows/Discordianism#What_inspired_this_page



QuoteAnd lastly, covering my OP topic of my board system, I think I've got the software to a point where I feel it meets the functionality I want for it. (Un)fortunately, this thread kinda opened my eyes to the "fact" that, no, discordianism doesn't really benefit from this technology, and honestly I don't feel I have enough intellectual guile to be a competent mod/admin for such a community (seriously, if I had to argue a philosophical point with anyone half as intellegent as this community as a whole, I'd be shit-fucked)

If you want to build a Discordian community, if that's what's in your guts, I say do it! The Good Word is spreading even faster than it did in the 70s and we (collectively) need people with the balls to herd cats.

There is no entry requirement to be a community leader. Don't think that you're not *whatever* enough ---- you sell yourself short. And also, there are thriving communities out there managed by incredibly stupid people. Patience, resilience, and creativity are more important character traits for that kind of work.

I also want to point out that there are zillions of discordians on facebook that are itching for a location to post dumb images and witty observations. We're a very "long form" board by contrast, but there is a demand that's not being met by this community.

Banned User 1

Humility to the point of self-insult is one of my more prominent traits unfortunately.
Anyway, I heard the site chaosneverdied.com a few times...appearently an imageboard concerning discordia. I know they're dead now, but in seeing that you, cram, have made youtube videos addressing that lost community directly, I assume you have at least a taste of what they were all about. I'm not implying that I want to revive/plagiarize that community, but I can certainly learn from them; does anyone know the how's and why's of their appearent failure?

Pæs

Put me down as an interested party for updates on how your board goes.
I'm thinking of ways that Discordia could be aided by imageboard software now.

Social currency can't be abolished entirely, not would it be useful to do so, but I think we need to be more aware and in control of what currency it is we're trading in. The currency traded on a Discordian imageboard might be something as simple as awareness and familiarity with the developments in that community's understanding of Discordia, which I can think of no downside to.

I can see some potential for this as a tool for developing Discordia without the associated personalities.