Site updates February 2018

February 8th 2018

• Avoid division by zero on userpage
• Don't use entity cache when loading userpage
• Silence PHP warning in Peon::format_username()
• Reverse order of invitees on invite page
• Enhance get_pages() to work with both Luminance and Gazelle paths
• Pagify invites page
• Fix userclass error when mixing with promotion permissions
• Fix high memory usage by DB & Cache debug arrays
• Fix slot machine stats
• Fix recent snatches cookie state
• Fix recent snatches div show/hide
• Fix copy/pasta mistake in recent snatch div on userpage
• Fix snatched & grabbed on user.php
• Fix userpage donation div
• Fix toggle view issue in userpage
• Add decode to username as well, just in case
• Fix Titles with html characters
• Fix disabled icons in username template
• Fix Joined Date field on userpage
• Fix PHP warning in Peon::format_username()
• Fix user links from Peon::format_username()
• Fix retrun code in Request::checkReferer() when HTTP_REFERER is missing
• Fix PHP warning for System (no user) in Peon::format_username()
• Fix paranoia error in profile page (global weirdness)
• Bunch of bugfixes after deploy
• Fix description of site_search_many permission
• Fix torrent page caching with differnt $MaxMatches values
• Another update to tracker file from the AutoDL guys this time
• Fix staff buttons alignment in admin-sidebar (torrents)
• Convert article manager to PDO & TWIG
• Better IP displaying in security logs
• New security logs
• Update torrent download link processing and autodl config file
• Update luminance.tracker
• Add SQL transaction protection to user creation
• Fix the color of linked comments
• Fix typo in registration_log.php
• First draft of invites manager tool
• Fix wrong operator in canInvite check
• Hide invite form if user cannot invite (still able to see invitees list)
• Updates to registration log
• Add edit history and edit link for articles
• Upgrade ORM to be able to modify column types
• Convert news tool to PDO
• Migrate news tool to TWIG
• Update news manager to pagify
• Enable final email migration
• Fix binary issue with 2FA secret column.
• Add shortcut routes for setup plugin
• Add after-login feature in legacy routes
• Fix XSS and single-quote issue in torrents/delete.php
• Update advanced search such that it can be used without IP and Email privs
• Change user search bar from GET to POST
• Implement new user search for non-staff users
• Re-implement send_staff_pm function
• Fixes for advanced user search
• Update username template
• More ajax cleanup
• Strip down unused/broken ajax.php endpoints
• Make invite checking more robust
• Don't remove sessions when the user is disabled (could still be useful)
• Fix various issues with advanced searcg
• Fix permission issue when searching a specific thread
• Fix XSS in FwdBody PM
• Fix XSS in subscribed collages
• Fix typo in userpage.html.twig
• Fix setup configuration error (wrong var type)
• Fix email error in Auth service during user creation
• Fix error in IP entity
• Fix XSS in collage manage page
• Fix time_diff HTML escaping in userpage.html.twig
• Add authorization check when manually creating users
• Fix typo in userpage JS
• Fix CSS layout issue with CSS permissions class
• Migrate format_username to new TWIG based Peon::format_username function
• Redirect if logged in user_create form
• Fix a few invite path
• Fix reportv2 message preview
• Make 'Mass PM Snatchers' appear in Torrent Log
• Fix XSS in torrent log
• Log request edition
• CSS issue fix
• Switch to new invite page
• Fix layout issue on userpage
• Prettier error on top10 access
• Fix PHP Warning when user ID is not found
• Fix tracker history display on userpage
• Fix a bunch of undefined variables
• Rename IPRepository::new() for PHP 5.6 compat
• Fix HTML error in login page
• Migrate the remaining userpage display code to TWIG template
• Fixes for badge section of userpage
• Update userpage template
• Attempt to fix inlinesize BBCode bug
• Implement after-login redirection
• Don't show invites link if user has disabled priv
• Fix typo in Auth.php
• Don't update LastSeen field if the user has not pass 2FA login step
• Add paranoia to invitees list
• Change time_diff level in invitees list
• No invite sorting for now
• Move staffWatch logic to invite template
• WIP: new invite page (add/send new invite)
• Fix perm loading order in Peon.php (internal error on public_index)
• Fix single quotes parsing issue in takeinvite.php
• More userpage TWIG work
• Extend Repository::load() to short circuit if passes a valid object
• Rearrange invite email logic
• Fix public CSP
• Fix flash.success color
• Fix some more twig template references #3
• A little template cleanup
• More userpage divs converted to TWIG
• WIP: new invite page
• Move some of the main column into TWIG template on the user page
• Fix tags on userpage a different way
• Fix some more twig template references #2
• Fix some more twig template references
• Rename templates to have extension .twig
• Stage 1 of migrating userpage to TWIG template
• More userpage cleanup, almost all DB queries converted
• Upgrade to allow searching by user groups
• Fix confirmed XSS via the avatar on user page
• Fix IPs in user sessions page
• More cleanup on userpage
• More userpage cleanup
• Cleanup on userpage code
• Fix some IP related issues
• Update IP ban endtime options
• Fix bug in IPRepository
• Add CSRF to logout
• Cleanup some user moderation code
• Pagify subscribed collages
• Fixes to email and username validation
• More fixes for Email Repository
• Fix torrent zip for sections/torrents/redownload.php
• Tweak code sniffer config
• Fix invalid DB reference in advanced search
• Check if invited e-mail already exists in DB
• Fix so the tab key navs past the tags field on the upload form
• Fix email history elapsed time
• Fix IP error on sessions page
• Fix IP ban expiry query in scheduler
• Another fix for time functions
• Changes for floating torrent controls
• Move ASN monitoring to IP change
• Add http(s) to torrent file comment field
• Another scheduler fix
• Fix scheduler referencing old IP table
• Fix Guardian ban message
• Update login watch to use new IP scheme
• Reinstate IP ban check on every page
• Slight tweak to IPRepository.php
• Remove references to deprecated Luminance/Entity/IP::get_ip()
• Update email sending for disabled emails
• Back-off IP ban check interval
• IP bans rework continues
• Sidebar CSS tweak
• IP bans rework
• Update MFD messages
• Move the torrent "sidebar" to a header
• Fix DateTime in Invite expiration check
• Performance update for IP bans tool
• Fix pagination of IP bans and error in time_functions.php
• Add some safety catches for empty Urgent parameters
• Minor issue in remembering special gift ratio setting
• Fix wrong flasher call
• Fix time tooltip
• Add fixUser call for setup plugin
• Remove redundant urldecode calls
• Upgrade special gift system to use flasher and remember choices
• Update to official IPLib release
• Fix IP ban urlencode for IPv6
• Fix time functions
• Fix IP bans to use upgraded IPLib
• Fix validation bug
• Scheduler SQL fix
• Various DB related fixes
• Some minor tweaks for importing What.CD gazelle tables
• Add reasonable error message when composer autoloader is missing
• Fix configure migration for gazelle to luminance
• Split articles edit and delete permissions
• Upgrade IP ban searching to handle ranges and provide invalid IP errors
• Fix post history paranoia
• Cleanup time functions a little and fix inactivity warning email time
• Centralize the torrent download function
• Tweaks to floating torrent controls
• Fix corrupted smiley
• floating sidebar on torrent details
• Add some checking on IP ban search
• Fix some IP ban stuff
• More updates to ORM
• Handle password migration a little smarter
• Add 2FA to user migration
• Fix PHP warning in table creation
• Better handling of duplicate emails during migration
• ORM fixes for legacy tables
• Update users_main and users_info table schemas to remove redundant columns
• Remove unneeded CLI stuff
• Allow importing already bcrypted passwords
• Fix function name typo
• More ORM upgrades
• Fix scripts
• Minor bug fixes
• Updated ORM legacy table handling
• Added settings for DB: strict mode, connection persistence and buffer size
• Enable MySQL safe mode DB hack for testing
• First cut of MySQL safe mode compliance (breakage expected)
• Add IPv6 bans
• Migrate IP bans fully into Luminance, check ip ban on every request, backend support for IPv6 bans
• Top10 update
• Add MathJax reprocessing to edit and preview functions
• Update gitignore
• Minor fixes and improvements
• More security enhancements (SRI)
• Unanswered Staff PMs now include User Resolved PMs
• CSS fixes
• Enable SameOrigin protected cookies
• Update modern style
• Add tag search box to header
• Users with disabled tag privs can no longer vote
• Fix presentation weight
• Remove old $ScriptStartTime usage
• Check permissions on bookmarks download
• Fix unpack warnings from Crypto service
• Minor bug fixes for Zip downloads
• Actually delete Legacy Zip this time
• More ZipStream fixes and updates, Legacy Zip removed
• Performance updates and fixes for ZipStreamer implemetation
• Add ZipStream for collages
• Add ZipStreamer as an experiment
• Remove forums link on userpage from comments paranoia
• Fix errors and warnings
• Fix receive typos
• Fix minor PHP errors in legacy sections #2
• Fix minor PHP errors in legacy sections
• Fix SQL error in tag voting logic
• Fix request upload function
• Fix PHP warning when fecthing permissions for a user that does not exist
• Fix error in UserPlugin if email is not found during recovery
• Fix missing smilies when Text class is instanced multiple times
• Fix poll display when user voted blank
• Allow th bbcode tag as substitute for tr or td tags
• Add user group in Sentbox
• Fix unban from Login Watch
• Fix infinite redirect loop on locked sessions
• Fix PHP warning when CustomForums is null
• Remove MYSQL_ASSOC and MYSQL_NUM workarounds
• Minor formatting updates and query tidy-up
• Try to cope with huge snatch&grab lists better (100K+)
• Resolve some static files issues
• Interpolate PDO queries for debugger
• Fix Cache replace_value function
• Add native scheduler lock
• Pass through args in Cache->getStats()
• Update internal bitcoin binding
• Fix many, many, many absolute links with http:// addressing
• Fix some bad http references
• Fix Cache Service getStats for Memcached
• Fix rendering issue with table tags outside of their parent
• Update to README.md to announce PHP 7.0 compatibility
• Request search now allows Enter key to submit form
• Fix HTML in ban message
• Fix BannedUntil in IPRepository
• Fix infinite loop when CollageCovers = 0
• Small code cleaning from IDE inspection
• Remove undefined var in Peon
• Fix duplicated DB entries in Debug Service
• Performance update for collage browse page
• Fix debug execution time

Hats off. Those guys are working really hard on their tracker