NineChime forum

Furry stuff, oekaki stuff, and other stuff.

You are not logged in.

Post a reply

Write your message and submit
Options
Humanity test

What is two + two?

Go back

Topic review (newest first)

Waccoon
03-01-2015 18:40:35

Yes, version 1.6.0 is finally done, save for some last minute testing.  Given how badly the oekaki community has dried up over the years, finding a reasonably large audience for testing has been quite difficult.

Head on over to the products download page to get it.

Code:

v1.6.0 - March 1, 2015

NOTES:
- Wacintaki has not reached EOL and I do intend to maintain it, but I doubt I'll do much more overhauling as Java applets are effectively dead and there's little point to extending Wacintaki.
- If a good HTML5 paint app shows up, Wacintaki will be recoded from the ground up and probably renamed.
- 1.6.x will be the last branch to support mods and custom templates/translations.  Future versions will cleanup all the global, config, and database messes.

CHANGES:
- Several modernizations, while respecting things that might break mods (such as globals and template controlers).
- Some syntactic cleanup, such as removing trailing "?>", fixing capitalization, alignment issues, etc.
- boot.php has had most of its globals cleaned up and organized.
- New $glob[] array for program state and config values NOT found in config.php file.
- $user and $flags arrays now cascade, allowing for cleaner defaults.
- Database layer now uses mysqli exclusively.  The mysql_* functions have been deprecated since PHP 5.5.
- Database layer error reporting and debugging has been much improved.
- Finally using SQL LEFT JOINS for avatars on index page.  Cuts number of SQL queries roughly in half.
- Hacks entry FORCE_MYSQL_API removed (hacks file is still 1.2.0 compatible).
- Replaced badly-written PHP version detection with version_compare().
- Microtime handling improved with proper string casting.
- Replaced $mailbox_status[] array with constants.
- Updated all applet code to eliminate $OekakiU and updated boot to salvage login details from multiple sources.
- Fixed missing 'all' flag in parse_flags() for legacy reasons.
- Removed $header_extra_metatags (only used in WaxPoteto).
- New password hashing using Blowfish if available and Extended DES as a fallback.
- Oekaki automatically updates old password hashes to the strength defined in boot.php.
- Random salt generator for passwords.  Uses mcrypt, openssl, or /dev/urandom/ if available and a decent fallback for Windows.
- Password detection no longer relies on config salt, so salt may be changed.
- Salt removed from installer and is now set automatically during installation (and is virtually useless).
- Retouching password-protected pictures now uses a standard hash format with the salt intact.
- Removed blinking mailbox hack (as most browsers no longer support it) and "stupid name" hack.
- report_err() now includes "error.php" rather than using a HTTP redirect.  This solves many technical and usability problems compared to passing error messages via CGI.
- Added experimental "X_DISABLE_REPORT_ERR_HACK" to boot to disable the report_err() hack.  Use this if your custom header isn't working with the new error reporting.
- Removed multiple tries from applet picture save code -- potential DDoS vector.

BUGFIXES:
- age_to_date(): fixed problem with $_GLOBALS being confused with $GLOBALS.
- Debug config no longer overlaps with NineChime.com specific hacks.
- Fixed a non-destructive issue with update_rc.php where a recode that timed out may restart at the beginning rather than resuming.
- Fixed problem where people may not be able to edit comments after retouching another artist's picture and a password is set.
- Fixed problem with comment editor clearing a non-public password if the original owner retouches the picture.
- Fixed error message in image uploader not reporting max dimensions upon rejection.
- Fixed logic error with cache management causing language files to rebuild on every page view.  Wacintaki should be a bit faster, now.

FEATURES:
- Now PHP 5.0 native.  Many PHP 5.3+ enhancements.  PHP4 fallback code removed.
- Diagnostics page now shows avatar stats as well as deprecated salt setting and database encoding state.
- Database log and statistics table for when board is in debug mode.

"U-DO-IT":
- I've done a lot of cleanup of globals and other nasty stuff, but many issues remain as I wish to remain friendly to mods and old templates.  Be aware that a diff will show radical changes, but little has actually been recoded.  Check the top of boot.php for most of the rearranged stuff.
- Use the $glob array for anything you need to make global, local vaiables for everything else.  $cfg, $user, $flags, and $datef are still distinct singletons.
- Password handling has radically changed.  Make sure to use the new functions in common.php to check hashes.  Do NOT use $cfg['salt'] as it has been obsoleted and using fixed salts is bad practice.

Board footer

Yep, still running PunBB
© Copyright 2002–2008 PunBB