IPBSupport News

A little history For many years, IP.Board functioned under a relatively normal model of managing a content's status. A topic, for example, was either unapproved or approved. If a moderator did not like the topic, that moderator could delete the topic. This worked well for many years, but improvements in technology and processes necessitated changes. As IPS software evolved we recognized the need to handle all content throughout the entire suite in a uniform manner, so old concepts like the "trash can" forum were no longer relevant when considering how you work with Gallery images or Download Manager files. Additionally, many sites today employ moderators that they do not wish to entrust with the complete ability to irrevocably delete content, yet they still need the moderator to be able to clean up a mess should it occur. A few years ago, we introduced the concept of "soft delete". In practice what this meant was that when a user soft deleted a topic, the topic would be removed from general view for most users, but the topic would not actually be deleted. Administrators could choose who can view soft deleted topics, and who could "un-delete" the soft deleted topic. Some time after this, the way topics were deleted changed as well (which was now referred to as "hard delete" in contrast to "soft delete"). If a topic was truly deleted, it would not actually be immediately removed from the database. Instead, a flag was set and the topic would be deleted from the database at some future point in time by a task. The idea was that you may need to restore something that was deleted by a moderator...but then, the software already supports a soft-delete concept to account for this, right? When clients proved to be confused with all of the terminology (we can't blame you!), "hard delete" was renamed back to "delete", and "soft delete" was renamed to hidden. Nevertheless, behind the scenes we still had all of the various statuses to account for Content is awaiting approval (unapproved)Content is approved and viewable (approved)Content has been hidden or soft deleted (hidden)Content has been deleted but not removed from the database yet by the task (pending deletion)Content has been deleted and is gone permanently (deleted)And how about 4.0? In reviewing the needs of most admins and how the process of managing the content and your moderator roles works in the real world, we decided to simplify and improve this experience. The 4.0 Suite now has just 4 of the above statuses, and they behave in a manner you would expect. If you require moderator approval of new content, when something is submitted it will be in an unapproved status. If you do not require moderator approval of new content, that content will be approved automatically and immediately viewable.If a moderator has permission to hide content, the moderator will be able to hide any content that has been submitted. The moderator may or may not be able to see content that is hidden, and may or may not be able to restore hidden content to viewable status. (All that depends on Admin settings.)If a moderator has permission to delete content, the moderator will be able to delete content that has been submitted. Upon doing so, the content is immediately and permanently deleted.You can configure your moderators such that they are able to hide content, delete content, or both. As with 3.x, moderators who can see hidden content will be able to review all hidden content in the Moderator Control Panel, and those with permission to restore hidden content will be able to do so from here as well. You will not have to worry about the content you are viewing in the Moderator Control Panel is deleted or hidden, as there is only one status now. This is an example of a very minor change that was made after careful consideration of how the software functions and should "flow" when being used in a real-world situation. It is often the case that the smallest changes can make the biggest impact in the eyes of the users. View the full article Quelle: http://community.invisionpower.com/topic/396670-40-simplification-of-deletion-and-approval-process/

A little history For many years, IP.Board functioned under a relatively normal model of managing a content's status. A topic, for example, was either unapproved or approved. If a moderator did not like the topic, that moderator could delete the topic. This worked well for many years, but improvements in technology and processes necessitated changes. As IPS software evolved we recognized the need to handle all content throughout the entire suite in a uniform manner, so old concepts like the "trash can" forum were no longer relevant when considering how you work with Gallery images or Download Manager files. Additionally, many sites today employ moderators that they do not wish to entrust with the complete ability to irrevocably delete content, yet they still need the moderator to be able to clean up a mess should it occur. A few years ago, we introduced the concept of "soft delete". In practice what this meant was that when a user soft deleted a topic, the topic would be removed from general view for most users, but the topic would not actually be deleted. Administrators could choose who can view soft deleted topics, and who could "un-delete" the soft deleted topic. Some time after this, the way topics were deleted changed as well (which was now referred to as "hard delete" in contrast to "soft delete"). If a topic was truly deleted, it would not actually be immediately removed from the database. Instead, a flag was set and the topic would be deleted from the database at some future point in time by a task. The idea was that you may need to restore something that was deleted by a moderator...but then, the software already supports a soft-delete concept to account for this, right? When clients proved to be confused with all of the terminology (we can't blame you!), "hard delete" was renamed back to "delete", and "soft delete" was renamed to hidden. Nevertheless, behind the scenes we still had all of the various statuses to account for Content is awaiting approval (unapproved)Content is approved and viewable (approved)Content has been hidden or soft deleted (hidden)Content has been deleted but not removed from the database yet by the task (pending deletion)Content has been deleted and is gone permanently (deleted)And how about 4.0? In reviewing the needs of most admins and how the process of managing the content and your moderator roles works in the real world, we decided to simplify and improve this experience. The 4.0 Suite now has just 4 of the above statuses, and they behave in a manner you would expect. If you require moderator approval of new content, when something is submitted it will be in an unapproved status. If you do not require moderator approval of new content, that content will be approved automatically and immediately viewable.If a moderator has permission to hide content, the moderator will be able to hide any content that has been submitted. The moderator may or may not be able to see content that is hidden, and may or may not be able to restore hidden content to viewable status. (All that depends on Admin settings.)If a moderator has permission to delete content, the moderator will be able to delete content that has been submitted. Upon doing so, the content is immediately and permanently deleted.You can configure your moderators such that they are able to hide content, delete content, or both. As with 3.x, moderators who can see hidden content will be able to review all hidden content in the Moderator Control Panel, and those with permission to restore hidden content will be able to do so from here as well. You will not have to worry about the content you are viewing in the Moderator Control Panel is deleted or hidden, as there is only one status now. This is an example of a very minor change that was made after careful consideration of how the software functions and should "flow" when being used in a real-world situation. It is often the case that the smallest changes can make the biggest impact in the eyes of the users. Kompletten Blogeintrag lesen

IPS Connect is our in-house cross-site authentication framework utilized by IP.Board in order to facilitate sharing of login credentials on one or more of your websites. While IP.Board supports Connect out of the box (meaning administrators of two or more IP.Board installations can allow users to use the same login credentials on any site in the network with just a few clicks in the ACP), the design of the system allows for third party software to tie in to the network as well. Indeed, one of the more popular addons in our Marketplace is the Wordpress IPS Connect plugin. We have made several changes to IPS Connect in 4.0 that we believe will help you better manage a network of sites designed to share login credentials amongst them. These changes stemmed both from our own internal use of IPS Connect and from direct user feedback in our feedback forums. Fundamental Improvements In IP.Board 3.4, a "master" installation has no knowledge of any "slave" installations that may call to it. Any IP.Board can be set up to call to the master installation and this mater installation will never remember that the slave has called to it in the future. While this is fine for basic login credential checking, the original design of IPS Connect introduces many limitations. For instance, updating your email address on any given site cannot cause the email address to be updated on all sites because there is no central installation that knows about any of the sites in the network. Similarly, logging in to one site cannot log you in to all sites because all of the sites on the network are not actually known at any one location (we do, however, work around this if all sites are on the same domain). Beginning with 4.0, the master installation will "register" any site that connects to it using IPS Connect. This introduces many benefits: If you make a change on any individual site (master or slave), that change can now be propagated to all other sites in the network.Logging in or out of any given site can log you in to all other sites (because all other sites are now "known")Requests can be queued if there are problemsYou can create a listing of all sites in the network from the master installationFurther, we have thought through potential issues and have implemented a queue system where-by if requests to an individual site in the network begin failing then those requests will be queued and reattempted at a later date in the order they were originally received. If failed requests start queuing on the master installation, an ACP dashboard block will show you this and let you attempt to process them manually. If the issue causing the requests to fail has been resolved, the queue can quickly clear out in this manner (vs waiting for the task to clear them out). If the issue is still occurring, however, you will be given some additional information which will be helpful in determining why the requests are failing. Finally, if the site in question has been taken offline and future requests should not be sent to it, you are given the opportunity to unregister the "slave" installation so that the master will no longer communicate with it. More changes propagated We found while using IPS Connect internally that we wanted certain actions to propagate across all sites on the network but IPS Connect did not handle this, and we subsequently had to develop custom hooks in-house to account for the missing functionality. As a result, with 4.0 IPS Connect will now manage a few additional capabilities. Banning As of 4.0, if you permanently ban a user from the admin control panel, the ban will be copied to the rest of the sites in the IPS Connect network. Bans are only propagated to other sites if initiated via the admin control panel as a security precaution. It is probable in many cases that you do not want moderator actions on one site affecting accounts on another site, so front-end bans will not be copied to other sites. Deleting As of 4.0, deleting users from one site in an IPS Connect network will now cause the user to be deleted on all sites in the network. Merging Similarly, as of 4.0 when you merge two users on a site in an IPS Connect network, the users will be merged on all sites in the network. Password Changes As of 4.0, password changes are fully propagated to all sites in an IPS Connect network. The net effect will be no different than IP.Board 3.4 in this regard, unless you later disable IPS Connect on a site in the network - in this case, the last used password will still be valid on that site, rather than some random password potentially stored on a "slave" installation 5 years ago that the user cannot remember. Cross Domain Logins (and Logouts) Beginning with 4.0, IPS Connect will now support logging in and out across different domains. Cookie restrictions (and the fact that the master installation did not register and/or remember any of the slave installations) prevented this capability with 3.4.x, so while the login credentials could be shared across domains, signing in to one installation did not sign you in to any other installation automatically (unless they were on the same domain). Similarly if you logged out of an installation you were not automatically logged out of any other installation in 3.4.x. As of 4.0, if you sign in to an installation (whether it is the master or an individual slave application), you will be redirected to the master installation, then redirected to each slave application in turn, and finally redirected back to your original destination. This is all very seamless to the end-user and largely unnoticeable. Logging out will, similarly, redirect you to each application to log you out of that application, bypassing security restrictions applied to cookies in a multi-domain environment. Wrapping Up Just as with IP.Board 3.4, other applications can tie in to the IPS Connect network, either as a master installation or as a slave installation. IPS Connect support has otherwise been greatly improved and now offers a much wider range of functionality, a more robust built-in SSO system, and more reliability when problems do occur via the new request queuing system. It should be noted that IPS Connect with 4.0 is NOT compatible with IP.Board 3.4.x, and sites will need to "re-register" with the master so that it can know about them. That minor limitation aside, we believe you will enjoy the great improvements coming in the next release! View the full article Quelle: http://community.invisionpower.com/topic/396671-40-ips-connect/

IPS Connect is our in-house cross-site authentication framework utilized by IP.Board in order to facilitate sharing of login credentials on one or more of your websites. While IP.Board supports Connect out of the box (meaning administrators of two or more IP.Board installations can allow users to use the same login credentials on any site in the network with just a few clicks in the ACP), the design of the system allows for third party software to tie in to the network as well. Indeed, one of the more popular addons in our Marketplace is the Wordpress IPS Connect plugin. We have made several changes to IPS Connect in 4.0 that we believe will help you better manage a network of sites designed to share login credentials amongst them. These changes stemmed both from our own internal use of IPS Connect and from direct user feedback in our feedback forums. Fundamental Improvements In IP.Board 3.4, a "master" installation has no knowledge of any "slave" installations that may call to it. Any IP.Board can be set up to call to the master installation and this mater installation will never remember that the slave has called to it in the future. While this is fine for basic login credential checking, the original design of IPS Connect introduces many limitations. For instance, updating your email address on any given site cannot cause the email address to be updated on all sites because there is no central installation that knows about any of the sites in the network. Similarly, logging in to one site cannot log you in to all sites because all of the sites on the network are not actually known at any one location (we do, however, work around this if all sites are on the same domain). Beginning with 4.0, the master installation will "register" any site that connects to it using IPS Connect. This introduces many benefits: If you make a change on any individual site (master or slave), that change can now be propagated to all other sites in the network.Logging in or out of any given site can log you in to all other sites (because all other sites are now "known")Requests can be queued if there are problemsYou can create a listing of all sites in the network from the master installationFurther, we have thought through potential issues and have implemented a queue system where-by if requests to an individual site in the network begin failing then those requests will be queued and reattempted at a later date in the order they were originally received. If failed requests start queuing on the master installation, an ACP dashboard block will show you this and let you attempt to process them manually. If the issue causing the requests to fail has been resolved, the queue can quickly clear out in this manner (vs waiting for the task to clear them out). If the issue is still occurring, however, you will be given some additional information which will be helpful in determining why the requests are failing. Finally, if the site in question has been taken offline and future requests should not be sent to it, you are given the opportunity to unregister the "slave" installation so that the master will no longer communicate with it. More changes propagated We found while using IPS Connect internally that we wanted certain actions to propagate across all sites on the network but IPS Connect did not handle this, and we subsequently had to develop custom hooks in-house to account for the missing functionality. As a result, with 4.0 IPS Connect will now manage a few additional capabilities. Banning As of 4.0, if you permanently ban a user from the admin control panel, the ban will be copied to the rest of the sites in the IPS Connect network. Bans are only propagated to other sites if initiated via the admin control panel as a security precaution. It is probable in many cases that you do not want moderator actions on one site affecting accounts on another site, so front-end bans will not be copied to other sites. Deleting As of 4.0, deleting users from one site in an IPS Connect network will now cause the user to be deleted on all sites in the network. Merging Similarly, as of 4.0 when you merge two users on a site in an IPS Connect network, the users will be merged on all sites in the network. Password Changes As of 4.0, password changes are fully propagated to all sites in an IPS Connect network. The net effect will be no different than IP.Board 3.4 in this regard, unless you later disable IPS Connect on a site in the network - in this case, the last used password will still be valid on that site, rather than some random password potentially stored on a "slave" installation 5 years ago that the user cannot remember. Cross Domain Logins (and Logouts) Beginning with 4.0, IPS Connect will now support logging in and out across different domains. Cookie restrictions (and the fact that the master installation did not register and/or remember any of the slave installations) prevented this capability with 3.4.x, so while the login credentials could be shared across domains, signing in to one installation did not sign you in to any other installation automatically (unless they were on the same domain). Similarly if you logged out of an installation you were not automatically logged out of any other installation in 3.4.x. As of 4.0, if you sign in to an installation (whether it is the master or an individual slave application), you will be redirected to the master installation, then redirected to each slave application in turn, and finally redirected back to your original destination. This is all very seamless to the end-user and largely unnoticeable. Logging out will, similarly, redirect you to each application to log you out of that application, bypassing security restrictions applied to cookies in a multi-domain environment. Wrapping Up Just as with IP.Board 3.4, other applications can tie in to the IPS Connect network, either as a master installation or as a slave installation. IPS Connect support has otherwise been greatly improved and now offers a much wider range of functionality, a more robust built-in SSO system, and more reliability when problems do occur via the new request queuing system. It should be noted that IPS Connect with 4.0 is NOT compatible with IP.Board 3.4.x, and sites will need to "re-register" with the master so that it can know about them. That minor limitation aside, we believe you will enjoy the great improvements coming in the next release! Kompletten Blogeintrag lesen

Back in June, we announced several updates to our proprietary Spam Service, which includes influences from existing spam mitigation services (Project Honeypot and Stop Forum Spam). Today, we are announcing the release of more options to help you fine-tune the spam service for your site. These features are being released as a part of our new Enterprise Spam Service package, which is available now. Weighting The first feature added, as a part of this new package, is “Weighting.” With this feature, you will be able to adjust how influential the Spam Service is against registrations to your site. As you can see, the slider here presents several options to help fine-tune the service for your site. The options presented are fairly straightforward. If you find your site to be a heavy target of spam, you can adjust the slider to Strict or Very Strict as a means of telling the spam service that registrations to your site should be evaluated more vigorously than normal, and treat all registrations with higher caution than normal. Conversely, if you find the spam service to be too rough on registrations to your site, you can adjust the slider to Loose or Very Loose. Doing so will tell the spam service to take a step back on registrations, and treat them with less verbosity than normal. And finally, the middle option (Normal) will simply tell the spam service to act as it does now, with no preferential influence one way or another. Whitelisting / Blacklisting Another feature added as the ability to define your own custom White and Black Lists for your site, providing even more granular control in addition to weighting. First, you can define your own custom Whitelist entries. Using this interface, you will be able to add any Email Address or IP Address to your own custom whitelist. If a member registers, and is using any IP Address or Email Address defined here, then they will automatically be flagged as Not a Spammer, and no action taken against the account by the spam service. This is useful for Administrators, Moderators, and Developers who frequently test registrations on their own sites, allowing them to do so without turning the service off. Further, you can also define a custom Blacklist. If you find that the spam service may not be catching a newly released spammer fast enough, and need to prevent them from accessing the site immediately, then you may add their email address or IP Address to the Blacklist. Once added, any registrations from either of those will be flagged as a spammer and will be denied registration (depending on your community settings for Code Level 4). Calls from multiple origins As mentioned in the previous entry, this service also allows administrators to use the spam service in Load Balanced and Cloud environments with ease, using the same license key. The Enterprise Spam Mitigation is now available for $100/6 months as an additional add-on to your license. Please feel free to contact Sales for any additional information regarding this new service. Attached Thumbnails View the full article Quelle: http://community.invisionpower.com/topic/396407-enterprise-spam-mitigation/

Back in June, we announced several updates to our proprietary Spam Service, which includes influences from existing spam mitigation services (Project Honeypot and Stop Forum Spam). Today, we are announcing the release of more options to help you fine-tune the spam service for your site. These features are being released as a part of our new Enterprise Spam Service package, which is available now. Weighting The first feature added, as a part of this new package, is “Weighting.” With this feature, you will be able to adjust how influential the Spam Service is against registrations to your site. As you can see, the slider here presents several options to help fine-tune the service for your site. The options presented are fairly straightforward. If you find your site to be a heavy target of spam, you can adjust the slider to Strict or Very Strict as a means of telling the spam service that registrations to your site should be evaluated more vigorously than normal, and treat all registrations with higher caution than normal. Conversely, if you find the spam service to be too rough on registrations to your site, you can adjust the slider to Loose or Very Loose. Doing so will tell the spam service to take a step back on registrations, and treat them with less verbosity than normal. And finally, the middle option (Normal) will simply tell the spam service to act as it does now, with no preferential influence one way or another. Whitelisting / Blacklisting Another feature added as the ability to define your own custom White and Black Lists for your site, providing even more granular control in addition to weighting. First, you can define your own custom Whitelist entries. Using this interface, you will be able to add any Email Address or IP Address to your own custom whitelist. If a member registers, and is using any IP Address or Email Address defined here, then they will automatically be flagged as Not a Spammer, and no action taken against the account by the spam service. This is useful for Administrators, Moderators, and Developers who frequently test registrations on their own sites, allowing them to do so without turning the service off. Further, you can also define a custom Blacklist. If you find that the spam service may not be catching a newly released spammer fast enough, and need to prevent them from accessing the site immediately, then you may add their email address or IP Address to the Blacklist. Once added, any registrations from either of those will be flagged as a spammer and will be denied registration (depending on your community settings for Code Level 4). Calls from multiple origins As mentioned in the previous entry, this service also allows administrators to use the spam service in Load Balanced and Cloud environments with ease, using the same license key. The Enterprise Spam Mitigation is now available for $100/6 months as an additional add-on to your license. Please feel free to contact Sales for any additional information regarding this new service. Attached Thumbnails Kompletten Blogeintrag lesen

We are releasing patches for IP.Board 3.3.x and IP.Board 3.4.x to address two cross site scripting issues recently reported to us. IP.Board takes precaution against cross site scripting issues by ensuring sensitive forms and buttons have a unique key in them and also by ensuring that sensitive cookie data is not readable by javascript. However, we feel that it is in our clients best interest to have these issues resolved. To apply the patch Simply download the attached zip for your IP.Board version and upload the files to your forum server. You do not need to run any scripts or the upgrade system. IP.Board 3.3.x ipb33_patch_dec_13.zip 36.27KB 52 downloads IP.Board 3.4.x ipb34_patch_dec_13.zip 53.02KB 302 downloads If you are an IPS Community in the Cloud customer running IP.Board 3.3 or above, no further action is necessary; we have already automatically patched your account. If you are using a version older than IP.Board 3.3, you should contact support to upgrade. If you have installed or upgraded to IP.Board 3.4.6 today, no further action is necessary; we have already updated the main download zips. We extend our thanks to indistic for notifying us of the BBCode issue and Artur Czyż ( http://www.arturczyz.pl ) for notifying us of the search issue. Quelle: http://community.invisionpower.com/topic/396002-ipboard-33x-34x-security-update/

We have seen a huge increase in people switching to us over the last year or two and want to take advantage of this momentum and offer an exciting conversion promotion. But first some information... Our Pre-Packaged Converters Our conversion scripts make it very easy to convert your existing community to the IPS Community Suite. The process is very simple: just install IPS, upload the converters, and then tell the converters what software you're coming from. It will ask you a few questions and then copy over your data to our format. For many systems we even include scripts to 301 redirect your old links so internal references and search engines don't get lost! Our converters are free to use and well-tested with thousands of successful conversions. Of course converting is not an exact science and things change all the time so we are always releasing updates to make them better and faster. Need some help? But some clients really do not have the desire to take on the process of converting data themselves. In this case we do offer professional services for a fee to have us do it for you. Normally these fees range from $500 - $1000 but for the month of December we are offering a flat-rate fee of $350 to convert your community to IPS if it is on the list of one of our pre-made converters. Just contact sales@invisionpower.com to get started. Even better news: if you're converting to IPS Community in the Cloud we will convert your existing database at no cost! Contact sales@invisionpower.com for full information. Converting from something else? If your software is not listed on our pre-made converter list we can still assist in converting. Maybe you're using something that's old, niche, or even custom. We have a lot of experience converting people to our platform and would love to assist you. Contact sales@invisionpower.com with questions. What about 4.0? If you follow our blog entries you know we are hard at work on the next version of our software: IPS Social Suite 4.0. When version 4.0 is released if you have an active license you will of course get access at no extra charge! Upgrading from 3.4 to 4.0 will be very easy and our staff can even do it for you if you like. vBulletin Converter Update Over the last several months we have seen a huge increase in interest from vBulletin users wanting to convert to IPS. As we are asked so often, we want to highlight some of the key reasons to switch to us. We do not make you re-buy with each new major version release. So long as your IPS license is active you get access to new versions.We do not limit your support ticket access or charge extra fees. With an active license you get private access to our support staff.Our staff will install our software on your server at no extra charge.Our staff will even install major upgrades on your server at no extra charge.We have a whole community suite: forums, blog, gallery, CMS, chat, ecommerce, support, and with the flexibility of our platform the possibilities are endless.The IPS Marketplace is a great resource for our clients to get enhancements for their community. Think Apple's AppStore but for IPS products.IPS makes community software and services. That's all we do and our focus is helping you succeed not working against you.Ready to convert? Have Questions? You can download our free converters to give them a try. If you have questions about IPS before purchasing please email sales@invisionpower.com and we would be happy to assist. And as a reward for reading through the end there's one more thing: use the coupon code SWITCH through the end of December for 10% off your order. View the full article Quelle: http://community.invisionpower.com/topic/395802-convert-to-ips-promotion/

We have seen a huge increase in people switching to us over the last year or two and want to take advantage of this momentum and offer an exciting conversion promotion. But first some information... Our Pre-Packaged Converters Our conversion scripts make it very easy to convert your existing community to the IPS Community Suite. The process is very simple: just install IPS, upload the converters, and then tell the converters what software you're coming from. It will ask you a few questions and then copy over your data to our format. For many systems we even include scripts to 301 redirect your old links so internal references and search engines don't get lost! Our converters are free to use and well-tested with thousands of successful conversions. Of course converting is not an exact science and things change all the time so we are always releasing updates to make them better and faster. Need some help? But some clients really do not have the desire to take on the process of converting data themselves. In this case we do offer professional services for a fee to have us do it for you. Normally these fees range from $500 - $1000 but for the month of December we are offering a flat-rate fee of $350 to convert your community to IPS if it is on the list of one of our pre-made converters. Just contact sales@invisionpower.com to get started. Even better news: if you're converting to IPS Community in the Cloud we will convert your existing database at no cost! Contact sales@invisionpower.com for full information. Converting from something else? If your software is not listed on our pre-made converter list we can still assist in converting. Maybe you're using something that's old, niche, or even custom. We have a lot of experience converting people to our platform and would love to assist you. Contact sales@invisionpower.com with questions. What about 4.0? If you follow our blog entries you know we are hard at work on the next version of our software: IPS Social Suite 4.0. When version 4.0 is released if you have an active license you will of course get access at no extra charge! Upgrading from 3.4 to 4.0 will be very easy and our staff can even do it for you if you like. vBulletin Converter Update Over the last several months we have seen a huge increase in interest from vBulletin users wanting to convert to IPS. As we are asked so often, we want to highlight some of the key reasons to switch to us. We do not make you re-buy with each new major version release. So long as your IPS license is active you get access to new versions.We do not limit your support ticket access or charge extra fees. With an active license you get private access to our support staff.Our staff will install our software on your server at no extra charge.Our staff will even install major upgrades on your server at no extra charge.We have a whole community suite: forums, blog, gallery, CMS, chat, ecommerce, support, and with the flexibility of our platform the possibilities are endless.The IPS Marketplace is a great resource for our clients to get enhancements for their community. Think Apple's AppStore but for IPS products.IPS makes community software and services. That's all we do and our focus is helping you succeed not working against you.Ready to convert? Have Questions? You can download our free converters to give them a try. If you have questions about IPS before purchasing please email sales@invisionpower.com and we would be happy to assist. And as a reward for reading through the end there's one more thing: use the coupon code SWITCH through the end of December for 10% off your order. Kompletten Blogeintrag lesen

IPS is happy to offer 15% off starting now through Monday on all new purchases for both new and existing clients! This includes all software licenses and Community in the Cloud hosting. This is a great time to add on those extra Suite applications you're missing or to go ahead and try out IPS if you have always been considering us. Just use the coupon code HOLIDAY2013 at checkout. Conversion Promotion Coming Soon... Are you using another community software and thinking of switching to IPS? We will be posting a great conversion promotion on Tuesday for those wanting help in converting their community data to our format. So take advantage of the 15% coupon above to order your licenses or hosting services now and then stay tuned for our conversion promotion next week! View the full article Quelle: http://community.invisionpower.com/topic/395608-black-friday-and-cyber-monday-promotion/

IPS is happy to offer 15% off starting now through Monday on all new purchases for both new and existing clients! This includes all software licenses and Community in the Cloud hosting. This is a great time to add on those extra Suite applications you're missing or to go ahead and try out IPS if you have always been considering us. Just use the coupon code HOLIDAY2013 at checkout. Conversion Promotion Coming Soon... Are you using another community software and thinking of switching to IPS? We will be posting a great conversion promotion on Tuesday for those wanting help in converting their community data to our format. So take advantage of the 15% coupon above to order your licenses or hosting services now and then stay tuned for our conversion promotion next week! Kompletten Blogeintrag lesen

In IP.Board 3.x, we have a setting group where you can specify some global advertisement HTML. You can enable and disable advertisements, and you can specify code to insert into the header and footer of the page. For the forum index, forum listings and topic view pages, you can override these header and footer ad codes, and you can specify advertisement code to insert into a couple of other areas specific to those pages. If you install IP.Nexus, this setting group redirects you to the IP.Nexus advertisement control panel where you can effectively do the same thing, but with a few more options (including click and impression tracking, advertisement image uploading, automatic cutoffs for advertisements, and more). We felt that the entire system and process was too basic when IP.Nexus was not installed, and too disorienting once you do install IP.Nexus. This setting group suddenly redirects you to another application and configuring the advertisements is an entirely different experience prior to installing this application. Subsequently, we have done the only logical thing and consolidated the two systems and improved the functionality. (Please be aware that, as with all early screenshots of the 4.0 Social Suite, the interface displayed in the following screenshots is very much subject to change before release) Advertisement Configuration First and foremost, we have consolidated the functionality provided by IP.Board and IP.Nexus in previous software releases into one control panel. Now, whether you install IP.Nexus or not, you can have powerful advertisement management at your fingertips. Installing IP.Nexus still provides additional enhanced functionality, such as the ability to sell advertisements to your members. You can now have both HTML and image-based advertisements available, and you can create multiple advertisements for the same "location" (more on this in a minute). There is a setting available to tell the software how to pick which advertisement to show if more than one is configured for a single area (options include picking one at random, showing the newest advertisement, showing the oldest advertisement, and showing the advertisement with the least number of impressions). You can configure start and end dates for advertisements, set them to cut off after a certain number of impressions (or clicks, in the case of image advertisements), and you can filter by status (and toggle the status from this page). If IP.Nexus is installed, an additional status of "pending" is present and supported for advertisements that have been purchased but not yet approved. Naturally once you reach any cut offs specified or the end date has passed, the advertisement will no longer be rotated. As you can see in the screenshot, javascript is removed from the preview for security reasons. If you have a caching engine enabled, advertisement data will be cached to improve performance. Some new functionality If you are already familiar with the feature set of the current release of IP.Nexus, the advertisement functionality you already know and love will be carried over to the 4.0 Suite. You can still specify which groups are exempt from seeing advertisements, for example, to help you upsell subscription packages to users on your site. In addition to the current functionality, however, we've made some great improvements. Ability to specify SSL advertisement code Google Ads does not have an SSL version of its advertisement code, and including their advertisements on secure pages can lead to browser warnings for your visitors. This is especially troublesome when you only use SSL for logins or for your store (IP.Nexus), as it gives an impression that the page is not secure. Now, you can specify an alternative secure page advertisement code if you wish, or choose not to show a specific advertisement on secure pages at all. Ability to specify multiple images When uploading an image advertisement, you now have the option to also upload a small and/or medium version of the advertisement image. The small and medium versions, if present, will be used on the responsive layout on the alternate views for mobile devices and tablets. If not provided, the software will simply use the next best size available. We have NOT included the ability to specify alternate HTML for the different resolutions. In our research, most advertisement partners either (1) already handle responsiveness with their own javascript code or (2) provide alternative instructions for responsive ads. If you use a CDN such as Amazon S3 for your file storage in the 4.0 Suite, your advertisement images will be served from the CDN. Extendable application support As of 4.0, any and all applications that wish to support advertisements can do so via the extension system built into the software. All an application will need to do is provide an extension for the advertisement system, and then call the advertisement location in the template where they feel the advertisement should display. You can even add custom settings (so for example, the forum application can allow you to configure which forums an advertisement will be displayed in...). Skinners can move the advertisements around however they like in their skin templates simply by moving the appropriate custom tag. Custom locations You can now define entirely custom locations for advertisements easily in the advertisement configuration page. Once you have defined a custom location for the advertisement, defining where to show that advertisement in your themes is as simple as inserting a tag where you want the advertisement to be displayed. Closing We hope these small changes will help you better manage your advertisements and provide you with the options you need to capitalize upon your community. If you have no use for advertisements, you can completely ignore this area of the software and no resources will be used by it, but if you do utilize advertisements on your community, the new tools should make it much easier to manage your site. Attached Thumbnails View the full article Quelle: http://community.invisionpower.com/topic/394892-40-advertisements/

In IP.Board 3.x, we have a setting group where you can specify some global advertisement HTML. You can enable and disable advertisements, and you can specify code to insert into the header and footer of the page. For the forum index, forum listings and topic view pages, you can override these header and footer ad codes, and you can specify advertisement code to insert into a couple of other areas specific to those pages. If you install IP.Nexus, this setting group redirects you to the IP.Nexus advertisement control panel where you can effectively do the same thing, but with a few more options (including click and impression tracking, advertisement image uploading, automatic cutoffs for advertisements, and more). We felt that the entire system and process was too basic when IP.Nexus was not installed, and too disorienting once you do install IP.Nexus. This setting group suddenly redirects you to another application and configuring the advertisements is an entirely different experience prior to installing this application. Subsequently, we have done the only logical thing and consolidated the two systems and improved the functionality. (Please be aware that, as with all early screenshots of the 4.0 Social Suite, the interface displayed in the following screenshots is very much subject to change before release) Advertisement Configuration First and foremost, we have consolidated the functionality provided by IP.Board and IP.Nexus in previous software releases into one control panel. Now, whether you install IP.Nexus or not, you can have powerful advertisement management at your fingertips. Installing IP.Nexus still provides additional enhanced functionality, such as the ability to sell advertisements to your members. You can now have both HTML and image-based advertisements available, and you can create multiple advertisements for the same "location" (more on this in a minute). There is a setting available to tell the software how to pick which advertisement to show if more than one is configured for a single area (options include picking one at random, showing the newest advertisement, showing the oldest advertisement, and showing the advertisement with the least number of impressions). You can configure start and end dates for advertisements, set them to cut off after a certain number of impressions (or clicks, in the case of image advertisements), and you can filter by status (and toggle the status from this page). If IP.Nexus is installed, an additional status of "pending" is present and supported for advertisements that have been purchased but not yet approved. Naturally once you reach any cut offs specified or the end date has passed, the advertisement will no longer be rotated. As you can see in the screenshot, javascript is removed from the preview for security reasons. If you have a caching engine enabled, advertisement data will be cached to improve performance. Some new functionality If you are already familiar with the feature set of the current release of IP.Nexus, the advertisement functionality you already know and love will be carried over to the 4.0 Suite. You can still specify which groups are exempt from seeing advertisements, for example, to help you upsell subscription packages to users on your site. In addition to the current functionality, however, we've made some great improvements. Ability to specify SSL advertisement code Google Ads does not have an SSL version of its advertisement code, and including their advertisements on secure pages can lead to browser warnings for your visitors. This is especially troublesome when you only use SSL for logins or for your store (IP.Nexus), as it gives an impression that the page is not secure. Now, you can specify an alternative secure page advertisement code if you wish, or choose not to show a specific advertisement on secure pages at all. Ability to specify multiple images When uploading an image advertisement, you now have the option to also upload a small and/or medium version of the advertisement image. The small and medium versions, if present, will be used on the responsive layout on the alternate views for mobile devices and tablets. If not provided, the software will simply use the next best size available. We have NOT included the ability to specify alternate HTML for the different resolutions. In our research, most advertisement partners either (1) already handle responsiveness with their own javascript code or (2) provide alternative instructions for responsive ads. If you use a CDN such as Amazon S3 for your file storage in the 4.0 Suite, your advertisement images will be served from the CDN. Extendable application support As of 4.0, any and all applications that wish to support advertisements can do so via the extension system built into the software. All an application will need to do is provide an extension for the advertisement system, and then call the advertisement location in the template where they feel the advertisement should display. You can even add custom settings (so for example, the forum application can allow you to configure which forums an advertisement will be displayed in...). Skinners can move the advertisements around however they like in their skin templates simply by moving the appropriate custom tag. Custom locations You can now define entirely custom locations for advertisements easily in the advertisement configuration page. Once you have defined a custom location for the advertisement, defining where to show that advertisement in your themes is as simple as inserting a tag where you want the advertisement to be displayed. Closing We hope these small changes will help you better manage your advertisements and provide you with the options you need to capitalize upon your community. If you have no use for advertisements, you can completely ignore this area of the software and no resources will be used by it, but if you do utilize advertisements on your community, the new tools should make it much easier to manage your site. Attached Thumbnails Kompletten Blogeintrag lesen

Invision Power Services, Inc. is pleased to announce the release of the following applications: IP.Board 3.4.6 IP.Nexus 1.5.9 IP.Board 3.4.6 IP.Board is a fully featured community platform including forums, members profiles, calendar, status system, integration, and much, much more. The release of IP.Board 3.4.6 is a maintenance release and includes bug fixes. IP.Nexus 1.5.9 IP.Nexus is our fully featured commerce system to sell products, membership access, advertising, digital downloads, and more. Includes tools like a support desk to help manage your clients. The release of IP.Nexus 1.5.9 is a maintenance release and includes bug fixes. How to Upgrade To upgrade simply log into your client area, click on "Purchases" from the menu and select the community you wish to upgrade and click "Upgrade Now". You can read more about upgrading in our documentation. Quelle: http://community.invisionpower.com/topic/394840-ipboard-346-and-ipnexus-159-updates-released/

Last week I attended ZendCon 2013, a prominent PHP developer-oriented conference designed to give industry professionals information on tools, practices and trends which will help them deliver enterprise-class software to customers. During the conference, many sponsors set up booths in order to demonstrate new products and services, and many industry professionals hold tutorials and sessions that attendees can attend in order to learn more about our trade. The conference was held in Santa Clara, CA (about an hour south of San Francisco, just outside of San Jose) from October 7th through October 10th. I spent a lot of time at the conference focusing on tutorials and sessions that I felt might provide the most value for our company, in order to deliver better, faster and more stable software for our clients. One tutorial that I attended, for instance, focused entirely on best practices for implementing caching into software (and at the server level), and tuning settings in PHP, MySQL and Apache/NginX to deliver the highest possible performance. Another session I attended focused on Object-Oriented Javascript Programming and the future of Javascript (or, more specifically, ECMAScript 6). By the very nature of the conference, all sessions were very technical in nature, so don't feel too bad if any of this sounds like Greek to you. The point I want readers to take away is that we take our profession seriously, and IPS feels that an investment into continuing education is important for our clients. I had the pleasure of meeting many industry professionals in the PHP world, including Andi Gutmans (CEO and co-founder of Zend Technologies), Zeev Suraski (CTO and co-founder of Zend Technologies), Elizabeth Smith (very active contributor to the PHP project and various PHP extensions), Derick Rethans (creator of XDebug, MongoDB PHP extension, and other PHP project contributions), John Coggeshall (active lead for the PHP Tidy extension) and many other wonderful contributors to the PHP ecosystem. The passion that these people share for the products and services is just amazing, and serves as a great role model for developers everywhere. I won't spend much time getting into the nitty gritty details of each session I attended. Some were very technical in nature, while some focused on more abstract necessities of running a team of developers and managing day-to-day development duties (for example, discussing things like time management, gathering project requirements effectively, and so on). All in all, every session I attended provided useful information that I feel we can make use of to better our processes and delivery of future software releases. As I said, here at IPS we take our profession very seriously. We will always strive to deliver the best possible software, and are thankful for the contributions of our third party developer community as well as the rest of our clients, whom provide us with bug reports and feedback that help to improve our products. We have many exciting things in store in the coming months, so stay tuned by subscribing to our company blog to be notified of changes and updates. View the full article Quelle: http://community.invisionpower.com/topic/394566-zendcon-2013/

Last week I attended ZendCon 2013, a prominent PHP developer-oriented conference designed to give industry professionals information on tools, practices and trends which will help them deliver enterprise-class software to customers. During the conference, many sponsors set up booths in order to demonstrate new products and services, and many industry professionals hold tutorials and sessions that attendees can attend in order to learn more about our trade. The conference was held in Santa Clara, CA (about an hour south of San Francisco, just outside of San Jose) from October 7th through October 10th. I spent a lot of time at the conference focusing on tutorials and sessions that I felt might provide the most value for our company, in order to deliver better, faster and more stable software for our clients. One tutorial that I attended, for instance, focused entirely on best practices for implementing caching into software (and at the server level), and tuning settings in PHP, MySQL and Apache/NginX to deliver the highest possible performance. Another session I attended focused on Object-Oriented Javascript Programming and the future of Javascript (or, more specifically, ECMAScript 6). By the very nature of the conference, all sessions were very technical in nature, so don't feel too bad if any of this sounds like Greek to you. The point I want readers to take away is that we take our profession seriously, and IPS feels that an investment into continuing education is important for our clients. I had the pleasure of meeting many industry professionals in the PHP world, including Andi Gutmans (CEO and co-founder of Zend Technologies), Zeev Suraski (CTO and co-founder of Zend Technologies), Elizabeth Smith (very active contributor to the PHP project and various PHP extensions), Derick Rethans (creator of XDebug, MongoDB PHP extension, and other PHP project contributions), John Coggeshall (active lead for the PHP Tidy extension) and many other wonderful contributors to the PHP ecosystem. The passion that these people share for the products and services is just amazing, and serves as a great role model for developers everywhere. I won't spend much time getting into the nitty gritty details of each session I attended. Some were very technical in nature, while some focused on more abstract necessities of running a team of developers and managing day-to-day development duties (for example, discussing things like time management, gathering project requirements effectively, and so on). All in all, every session I attended provided useful information that I feel we can make use of to better our processes and delivery of future software releases. As I said, here at IPS we take our profession very seriously. We will always strive to deliver the best possible software, and are thankful for the contributions of our third party developer community as well as the rest of our clients, whom provide us with bug reports and feedback that help to improve our products. We have many exciting things in store in the coming months, so stay tuned by subscribing to our company blog to be notified of changes and updates. Kompletten Blogeintrag lesen

Introduction The IPS Social Suite needs to store lots of different files - there's attachments and profile photos uploaded by members, CSS and JavaScript files, emoticons, etc. In IP.Board 3.x, various images got stored in different places: Files uploaded by users get put in the /uploads directory. If you have a complicated setup, it's difficult to handle these. If you have a load-balanced cluster you need to set up an environment whereby all files are stored on a single server, or all uploaded files are synched between servers, but serving these files over a high-performance CDN can be difficult.CSS, JavaScript files, images and emoticons get put in /style_* directories. If you want to serve these over a CDN, you can do so, but you need to copy the files over yourself.Other pieces of data are written to disk as a caching mechanism. This has the same issue with load-balanced environments as file uploads.Some applications had other methods - for example, IP.Downloads allows you to store files on a remote server using FTP.In 4.0, we wanted to pull this all together and build a much better system for storing files and build the whole system with high-performance environments in mind. File Storage In 4.0, you have several different ways to store files: On a local serverOn a remote server using FTP (which you can use to upload files to many CDN services)As binary data in the databaseOn Amazon S3You can set up different configurations and choose which configuration to use for different types of files. For example, if you want to store user's profile photos on Amazon S3, but you want attachments to be on the local server, or even a different Amazon S3 bucket - 4.0 can handle that. And if at any point you change your mind about which storage method you want to use, the system will automatically handle moving all the files for you. Everywhere that writes a file will use this central system - so IP.Downloads and IP.Gallery are included too. Caching There are lots of places throughout the suite where the same stuff needs to be retrieved or calculated over and over - for example, certain configuration settings, language data, information about the installed applications, etc. If this data can be cached, not only does it alleviate database load, it means the PHP code doesn't need to re-process the data. In IP.Board 3.x, some of this was stored in a particular database table and could be cached using a proper caching system - but it was difficult to configure, and not everything used it - compiled HTML templates, language strings and more were saved as files in the /cache directory, which causes difficulties for load-balanced cluster environments. In 4.0, we've overhauled all of this. For things that need cold storage (like compiled HTML templates) - you can choose either the file system or the database for storage. The data can then cached, along with anything else which might benefit from caching (like settings, application data, etc.) using one of 5 supported caching methods: APCeAcceleratorMemcachedWincacheXCache Attached Thumbnails View the full article Quelle: http://community.invisionpower.com/topic/394248-40-file-storage/

Introduction The IPS Social Suite needs to store lots of different files - there's attachments and profile photos uploaded by members, CSS and JavaScript files, emoticons, etc. In IP.Board 3.x, various images got stored in different places: Files uploaded by users get put in the /uploads directory. If you have a complicated setup, it's difficult to handle these. If you have a load-balanced cluster you need to set up an environment whereby all files are stored on a single server, or all uploaded files are synched between servers, but serving these files over a high-performance CDN can be difficult.CSS, JavaScript files, images and emoticons get put in /style_* directories. If you want to serve these over a CDN, you can do so, but you need to copy the files over yourself.Other pieces of data are written to disk as a caching mechanism. This has the same issue with load-balanced environments as file uploads.Some applications had other methods - for example, IP.Downloads allows you to store files on a remote server using FTP.In 4.0, we wanted to pull this all together and build a much better system for storing files and build the whole system with high-performance environments in mind. File Storage In 4.0, you have several different ways to store files: On a local serverOn a remote server using FTP (which you can use to upload files to many CDN services)As binary data in the databaseOn Amazon S3You can set up different configurations and choose which configuration to use for different types of files. For example, if you want to store user's profile photos on Amazon S3, but you want attachments to be on the local server, or even a different Amazon S3 bucket - 4.0 can handle that. And if at any point you change your mind about which storage method you want to use, the system will automatically handle moving all the files for you. Everywhere that writes a file will use this central system - so IP.Downloads and IP.Gallery are included too. Caching There are lots of places throughout the suite where the same stuff needs to be retrieved or calculated over and over - for example, certain configuration settings, language data, information about the installed applications, etc. If this data can be cached, not only does it alleviate database load, it means the PHP code doesn't need to re-process the data. In IP.Board 3.x, some of this was stored in a particular database table and could be cached using a proper caching system - but it was difficult to configure, and not everything used it - compiled HTML templates, language strings and more were saved as files in the /cache directory, which causes difficulties for load-balanced cluster environments. In 4.0, we've overhauled all of this. For things that need cold storage (like compiled HTML templates) - you can choose either the file system or the database for storage. The data can then cached, along with anything else which might benefit from caching (like settings, application data, etc.) using one of 5 supported caching methods: APCeAcceleratorMemcachedWincacheXCache Attached Thumbnails Kompletten Blogeintrag lesen

IPS Social Suite 4 is a modernization of our software line and rather than just refactor existing work, we are rewriting the code from scratch which gives us a chance to really evaluate the interface elements and labels. We felt that "themes" was a much more modern and better understood term than "skins". Of course, the name is just the start, here are some of the other improvements: Managing Themes in IPS Social Suite 4 As you would expect, the interface has been completely overhauled in IP.Social Suite 4. All the familiar elements are there but we've simplified areas and made it easier to manage your themes. As you can see from this screen shot, theme authors can now inform customers when they have an update available for them. The interface makes use of the new IPS Social Suite 4 Trees model which means you can quickly search for theme names and re-order themes. In IP.Board 3, you could change the logo of the suite. We've made this even easier in IP.Social Suite 4. The upload fields are easily accessible on the edit theme form. You can even upload a Facebook sharer image and favicon! Downloading and Uploading Themes In IPS Social Suite 4, downloading and uploading a new version of a theme could not be easier. Just select the menu item and it's done. You no longer need to navigate to separate areas of the Admin CP to do this. Conflict Management What happens if you upload a new version of a theme but it contains changes to templates you have also changed? You'll get a chance to review these changes and select which version to use on the conflict management page. Editing templates and CSS The template and CSS editor should be familiar for any existing customers. The editor is now fully syntax highlighted which will make writing and editing code so much easier. The template syntax is now much more compact as you can see from the above screen shot. We've also added a few things to reduce the amount of template logic required. A common need is to load a template if a condition is matched: {{if member.isAdmin()}} {template="admin_bar"} {{endif}}You can now put the conditional inside the template tag like so: {template="admin_bar" if="member.isAdmin()"}This is much easier to read and reduces a lot of visual clutter. The combination of the better template syntax and HTML 5 mark-up results in a dramatic reduction in size and complexity of often edited templates such as the globalTemplate which is commonly used to add your own site chrome. The screenshot below shows all of the IPS Social Suite 4 globalTemplate and for comparison, part of the IP.Board 3.4 globalTemplate which is over 340 lines long! The CSS framework much like the javascript framework has been completely rewritten and is now modular. This means that most CSS files are very small which makes looking for specific selectors much easier. In addition, upgrades are less destructive to your themes. If you made edits to the button styles, then only that one style sheet is altered leaving the rest as default. Of course, IPS Social Suite combines and minifies these separate CSS into fewer files when saved. This blog entry is just an overview of the theme section in the Admin CP. We'll go into more detail in a later entry on the new tools available designed to make theme creation and management a breeze for theme authors. We know you will have a ton of questions but please be patient with us if we keep saying "wait for next blog entry" :smile: Attached Thumbnails View the full article Quelle: http://community.invisionpower.com/topic/393919-40-introducing-themes/

IPS Social Suite 4 is a modernization of our software line and rather than just refactor existing work, we are rewriting the code from scratch which gives us a chance to really evaluate the interface elements and labels. We felt that "themes" was a much more modern and better understood term than "skins". Of course, the name is just the start, here are some of the other improvements: Managing Themes in IPS Social Suite 4 As you would expect, the interface has been completely overhauled in IP.Social Suite 4. All the familiar elements are there but we've simplified areas and made it easier to manage your themes. As you can see from this screen shot, theme authors can now inform customers when they have an update available for them. The interface makes use of the new IPS Social Suite 4 Trees model which means you can quickly search for theme names and re-order themes. In IP.Board 3, you could change the logo of the suite. We've made this even easier in IP.Social Suite 4. The upload fields are easily accessible on the edit theme form. You can even upload a Facebook sharer image and favicon! Downloading and Uploading Themes In IPS Social Suite 4, downloading and uploading a new version of a theme could not be easier. Just select the menu item and it's done. You no longer need to navigate to separate areas of the Admin CP to do this. Conflict Management What happens if you upload a new version of a theme but it contains changes to templates you have also changed? You'll get a chance to review these changes and select which version to use on the conflict management page. Editing templates and CSS The template and CSS editor should be familiar for any existing customers. The editor is now fully syntax highlighted which will make writing and editing code so much easier. The template syntax is now much more compact as you can see from the above screen shot. We've also added a few things to reduce the amount of template logic required. A common need is to load a template if a condition is matched: {{if member.isAdmin()}} {template="admin_bar"} {{endif}}You can now put the conditional inside the template tag like so: {template="admin_bar" if="member.isAdmin()"}This is much easier to read and reduces a lot of visual clutter. The combination of the better template syntax and HTML 5 mark-up results in a dramatic reduction in size and complexity of often edited templates such as the globalTemplate which is commonly used to add your own site chrome. The screenshot below shows all of the IPS Social Suite 4 globalTemplate and for comparison, part of the IP.Board 3.4 globalTemplate which is over 340 lines long! The CSS framework much like the javascript framework has been completely rewritten and is now modular. This means that most CSS files are very small which makes looking for specific selectors much easier. In addition, upgrades are less destructive to your themes. If you made edits to the button styles, then only that one style sheet is altered leaving the rest as default. Of course, IPS Social Suite combines and minifies these separate CSS into fewer files when saved. This blog entry is just an overview of the theme section in the Admin CP. We'll go into more detail in a later entry on the new tools available designed to make theme creation and management a breeze for theme authors. We know you will have a ton of questions but please be patient with us if we keep saying "wait for next blog entry" :smile: Attached Thumbnails Kompletten Blogeintrag lesen

We are releasing security patches for IP.Board 3.3.4, IP.Board 3.4.5, IP.Gallery 4.2.1 and IP.Gallery 5.0.5 to address four cross-site scripting issues recently reported to us. It has come to our attention that an unpatched security issue exists in a third party script included with the IP.Board release called "Flowplayer". While this script is included with IP.Board, it is presently only utilized by IP.Gallery to facilitate embedding of certain media files when the administrator allows them to be uploaded. The exploit that has been reported to us may expose a specific type of cross-site scripting vulnerability through Flowplayer and requires a certain level of user-interaction to trigger (in other words, a user must follow a link to the affected target - to our knowledge this issue cannot be triggered automatically by viewing a page normally accessible through typical navigation of the software). It has come to our attention that an unpatched security issue exists in a third party script included with the IP.Board release called "swfupload". The cross site scripting vulnerability, like the one described above, requires a user to visit a specially crafted link to the swfupload flash file directly, where-by arbitrary javascript may be executed. It has come to our attention that two potential cross site scripting vulnerabilities exist within the IP.Board editor routines. These vulnerabilities are not persistent (meaning you can only trigger them against yourself, as opposed to causing them to be stored in the database and triggered against another user), however we feel that it is in the best interests of our clients to release an update to address the issues reported. We are releasing patches today to address all four issues. To apply the patch, please perform the following steps: Identify which version of IP.Board you are running. If you are running IP.Board 3.3.x, you will also need to identify which version of IP.Gallery you are running. Download the appropriate patch file below Extract the contents locally on your computer Upload the contents of the "upload" folder to your forum root directory (where conf_global.php is located), overwriting any files when prompted. Please refer to this knowledgebase article if you are unfamiliar with using FTP to transfer files to your server. If you are an IPS Community in the Cloud customer running IP.Board 3.3 or above, no further action is necessary; we have already automatically patched your account. If you are using a version older than IP.Board 3.3, you should contact support to upgrade. If you are running IP.Board 3.4.x, please use the following zip: ipb3_4_and_gallery_5_0-9-13-2013.zip 79.87KB 9 downloads If you are running IP.Board 3.3.x without IP.Gallery, or with IP.Gallery 5.0.x, please use the following zip: ipb3_3_and_gallery_5_0-9-13-2013.zip 85.32KB 0 downloads If you are running IP.Board 3.3.x with IP.Gallery 4.2.x, please use the following zip: ipb3_3_and_gallery_4_2-9-13-2013.zip 84.91KB 1 downloads As of the time of this post, the full IP.Board and IP.Gallery packages in our client center have been updated. If you are running any version of IP.Board or IP.Gallery that is not listed above, we recommend that you upgrade to the latest version to obtain these security fixes, as well as several other security and bug fixes. We would like to thank Sahil Saif for bringing the flowplayer vulnerability to our attention. We would like to thank Masato Kinugawa for bringing the swfupload vulnerability to our attention. We would like to thank Jakub at http://hauntit.blogspot.com/ for bringing the editor vulnerabilities to our attention. Quelle: http://community.invisionpower.com/topic/393888-ipboard-33x-34x-and-ipgallery-42x-50x-security-update/

In 3.x, we support HTML emails being sent by the software. However, due to constraints we had at the time, HTML emails use pretty much the same content as plain text emails, but wrapped in a simple HTML wrapper. Additionally, users had to explicitly decide whether they wanted to receive HTML or plain text emails via a preference setting - quite an anachronism. All in all, not a very satisfactory user experience. Email handling in 4.0 In 4.0, users no longer choose which type of email to receive. Our email handler sends both types in a single email, and the email client chooses the most appropriate to show based on its capabilities. If it can display a fancy HTML version, that's what they'll see by default, but plain text is used if not. Email template system In 3.x, email content is defined by the language system, and each email has one language string which forms the content for both the plain text and HTML versions. Clearly, if we were going to improve the HTML templates we ship with, this would have to change. In 4.x, each type of email has two templates - one for HTML, one for plain text. This means a better display of content can be created for HTML emails, while keeping the plain text ones simple and to the point. Email templates make use of the skinning system foundation (which we'll reveal later), meaning they have full use of logic, template tags and more - so we can also customize the emails depending on the user they are being sent to (note though that email templates are not per-skin; they are global to the site). And, of course, email templates can be added and edited via an interface in the AdminCP. This isn't groundbreaking stuff, but a vast improvement on email handling in 3.x. Email template design We also wanted to improve our email templates, so that each type of email sent was designed specifically for the purpose. The data shown in a registration email will be different to a topic digest, for example, and the email should reflect that. Coding email templates is not a trivial thing, unfortunately. The latest version of Microsoft Outlook uses the Microsoft Word rendering engine(!!), while GMail strips out all CSS included in style tags - and that's just the start of the gotchas. This makes designing email templates a tricky business, and one that requires lots of testing to ensure compatibility. For our first 10 templates alone, I reviewed 900 screenshots to spot problems. As a result, we've taken the approach of creating email templates which are simple in appearance and would work well for most sites, with the goal of hopefully avoiding the need of most sites to edit them at all (though you can, if you wish). The colors we've used are fairly neutral, for this reason. For those mail agents that are a little more... advanced, our email templates in 4.0 will be responsive. They will look great on mobile devices as well as desktop clients. I have included some examples of email templates, along with their mobile counterparts. I should note at this point that this does not reveal the main skin design. As discussed above, emails are intentionally separate in design. Admin-completed registration Friend request New personal message New profile comment Attached Thumbnails View the full article Quelle: http://community.invisionpower.com/topic/393544-40-email-templates/

In 3.x, we support HTML emails being sent by the software. However, due to constraints we had at the time, HTML emails use pretty much the same content as plain text emails, but wrapped in a simple HTML wrapper. Additionally, users had to explicitly decide whether they wanted to receive HTML or plain text emails via a preference setting - quite an anachronism. All in all, not a very satisfactory user experience. Email handling in 4.0 In 4.0, users no longer choose which type of email to receive. Our email handler sends both types in a single email, and the email client chooses the most appropriate to show based on its capabilities. If it can display a fancy HTML version, that's what they'll see by default, but plain text is used if not. Email template system In 3.x, email content is defined by the language system, and each email has one language string which forms the content for both the plain text and HTML versions. Clearly, if we were going to improve the HTML templates we ship with, this would have to change. In 4.x, each type of email has two templates - one for HTML, one for plain text. This means a better display of content can be created for HTML emails, while keeping the plain text ones simple and to the point. Email templates make use of the skinning system foundation (which we'll reveal later), meaning they have full use of logic, template tags and more - so we can also customize the emails depending on the user they are being sent to (note though that email templates are not per-skin; they are global to the site). And, of course, email templates can be added and edited via an interface in the AdminCP. This isn't groundbreaking stuff, but a vast improvement on email handling in 3.x. Email template design We also wanted to improve our email templates, so that each type of email sent was designed specifically for the purpose. The data shown in a registration email will be different to a topic digest, for example, and the email should reflect that. Coding email templates is not a trivial thing, unfortunately. The latest version of Microsoft Outlook uses the Microsoft Word rendering engine(!!), while GMail strips out all CSS included in style tags - and that's just the start of the gotchas. This makes designing email templates a tricky business, and one that requires lots of testing to ensure compatibility. For our first 10 templates alone, I reviewed 900 screenshots to spot problems. As a result, we've taken the approach of creating email templates which are simple in appearance and would work well for most sites, with the goal of hopefully avoiding the need of most sites to edit them at all (though you can, if you wish). The colors we've used are fairly neutral, for this reason. For those mail agents that are a little more... advanced, our email templates in 4.0 will be responsive. They will look great on mobile devices as well as desktop clients. I have included some examples of email templates, along with their mobile counterparts. I should note at this point that this does not reveal the main skin design. As discussed above, emails are intentionally separate in design. Admin-completed registration Friend request New personal message New profile comment Attached Thumbnails Kompletten Blogeintrag lesen

Diagnostics For the development team here at IPS, we're constantly striving to make the most stable and reliable software we can. We currently have three main channels through which we hear about potential issues: Our QA team and other power users submit bug reports to our bug tracker.Community owners contact our technical support team who then, where necessary, communicate issues to us.Our Community In The Cloud team monitor server error logs (etc) and where necessary, communicate issues to us.For IPS Social Suite 4.0, I really wanted to examine how potential software issues (as well as general questions and support enquiries, which I'll talk about in another blog entry) come through to us, and if any improvements can be made. The problem with all of these channels is that they're not direct (we don't get the information directly to us) which means we sometimes don't have all the information we need, and if the issue is never reported, we might not hear about it at all. Desktop applications and Operating Systems handle this in a very particular way - they send a diagnostic report straight to the vendor when something goes wrong. This means the vendor gets all the information they need about the problem in a way that requires no input from the user - it's automatic, anonymous and instant. In IPS 4.0, we're introducing the same system. When a problem happens, a report is automatically sent to our servers to let us know. Participation is optional and the report sent is entirely anonymous. What causes a diagnostic report to send? Error handling in IPS 4.0 on the programming level is handled through Exceptions. If a class does something unexpected (for example, if the class which communicates with the database gets an error from the database server, or the class which makes HTTP requests gets an unexpected response), the class will throw an Exception (specifically, a RuntimeException). If an Exceptions is not caught (accounted for in the code), a report will be sent. Also, if a PHP error of a level greater than a notice (a warning) is encountered, it will also throw an Exception (specifically, an ErrorException) which will also cause a report to be sent. What information does a diagnostic report contain? The diagnostic report contains: The trace route of the exception, with personal information (the path to your site, which is usually in the trace of all exceptions, and your database name which is often in the message for MySQL errors) removed.The version number of the IPS Social Suite you are running.The version number of the application which caused the error.The diagnostic report does not contain: Your license key.Your site URL.Any information about the user that triggered the error or any other users.Any information which would allow us to work out which site sent the report. Here's an example of the contents of a diagnostic report, which would be sent if the code tried to get information from a database table that doesn't exist: How do I opt-out? You'll be asked when you install IPS Social Suite, or upgrade to version 4.0 if you want to opt-out. You can change this choice at any time in the Admin CP by simply adjusting a setting, which is in a prominent location. Usage While we were working on diagnostics reporting, we had another thought. The other thing that we as developers really want to know besides if there are any problems in the software is how the software is being used. What features are the most popular? How many forums does the average site have? Do most people use the articles system in IP.Content to manage content or do they create pages manually? How many people have upgraded to our new version so far? While a lot of site owners post in our feedback forum (and we love having that communication) - having the raw statistics for these sorts of questions would be really helpful in knowing what we should focus on (plus, everyone loves charts and graphs). So in a similar vein, IPS 4.0 will also (assuming you've enabled it) periodically (once a month) send a report to us with this sort of information. Participation is optional and the report sent is entirely anonymous. What information does a usage report contain? The usage report contains: The number of rows in each database table.MD5-encoded values of settings - see below.The PHP and MySQL versions installed on the server.A list of the PHP extensions installed on the server.A list of installed applications (e.g. IP.Board, IP.Blog, IP.Gallery, etc.) and their versions.A number indicating the number of active applications in your license (for example, if you have purchased IP.Board and IP.Blog, and both are active, the number “2” will be sent).The usage report does not contain: Your license key.Your site URL.Any information about about users or any user-submitted content.Any information which would allow us to work out which site sent the report. For the settings values - the values are encoded we cannot see the value (so we can’t see your site name, URL, etc.) - this is a blanket protection so that we do not send anything sensitive and the information cannot be used to work out which site sent the report. The encoded values though are still useful - for text-entry settings, we can see if the value has been changed from the default value (since we know the md5 hash for the default value) which is useful to know how many people change the default configuration. For settings which have a limited number of options, for example, can only be turned on or off, or have a drop down list of options, the hash value has meaning as we know the hash values for each option. Even though values are encoded, particularly sensitive settings such as database connection details are stripped completely. Here's an example of the contents of a usage report: How do I opt-out? You'll be asked when you install IPS Social Suite, or upgrade to version 4.0 if you want to opt-out. You can change this choice at any time in the Admin CP by simply adjusting a setting, which is in a prominent location. Attached Files diagnostics.txt (676bytes)downloads: 7 usage.txt (12.4KB)downloads: 6 View the full article Quelle: http://community.invisionpower.com/topic/393468-ips-40-diagnostics-usage-reports/

Diagnostics For the development team here at IPS, we're constantly striving to make the most stable and reliable software we can. We currently have three main channels through which we hear about potential issues: Our QA team and other power users submit bug reports to our bug tracker.Community owners contact our technical support team who then, where necessary, communicate issues to us.Our Community In The Cloud team monitor server error logs (etc) and where necessary, communicate issues to us.For IPS Social Suite 4.0, I really wanted to examine how potential software issues (as well as general questions and support enquiries, which I'll talk about in another blog entry) come through to us, and if any improvements can be made. The problem with all of these channels is that they're not direct (we don't get the information directly to us) which means we sometimes don't have all the information we need, and if the issue is never reported, we might not hear about it at all. Desktop applications and Operating Systems handle this in a very particular way - they send a diagnostic report straight to the vendor when something goes wrong. This means the vendor gets all the information they need about the problem in a way that requires no input from the user - it's automatic, anonymous and instant. In IPS 4.0, we're introducing the same system. When a problem happens, a report is automatically sent to our servers to let us know. Participation is optional and the report sent is entirely anonymous. What causes a diagnostic report to send? Error handling in IPS 4.0 on the programming level is handled through Exceptions. If a class does something unexpected (for example, if the class which communicates with the database gets an error from the database server, or the class which makes HTTP requests gets an unexpected response), the class will throw an Exception (specifically, a RuntimeException). If an Exceptions is not caught (accounted for in the code), a report will be sent. Also, if a PHP error of a level greater than a notice (a warning) is encountered, it will also throw an Exception (specifically, an ErrorException) which will also cause a report to be sent. What information does a diagnostic report contain? The diagnostic report contains: The trace route of the exception, with personal information (the path to your site, which is usually in the trace of all exceptions, and your database name which is often in the message for MySQL errors) removed.The version number of the IPS Social Suite you are running.The version number of the application which caused the error.The diagnostic report does not contain: Your license key.Your site URL.Any information about the user that triggered the error or any other users.Any information which would allow us to work out which site sent the report. Here's an example of the contents of a diagnostic report, which would be sent if the code tried to get information from a database table that doesn't exist: How do I opt-out? You'll be asked when you install IPS Social Suite, or upgrade to version 4.0 if you want to opt-out. You can change this choice at any time in the Admin CP by simply adjusting a setting, which is in a prominent location. Usage While we were working on diagnostics reporting, we had another thought. The other thing that we as developers really want to know besides if there are any problems in the software is how the software is being used. What features are the most popular? How many forums does the average site have? Do most people use the articles system in IP.Content to manage content or do they create pages manually? How many people have upgraded to our new version so far? While a lot of site owners post in our feedback forum (and we love having that communication) - having the raw statistics for these sorts of questions would be really helpful in knowing what we should focus on (plus, everyone loves charts and graphs). So in a similar vein, IPS 4.0 will also (assuming you've enabled it) periodically (once a month) send a report to us with this sort of information. Participation is optional and the report sent is entirely anonymous. What information does a usage report contain? The usage report contains: The number of rows in each database table.MD5-encoded values of settings - see below.The PHP and MySQL versions installed on the server.A list of the PHP extensions installed on the server.A list of installed applications (e.g. IP.Board, IP.Blog, IP.Gallery, etc.) and their versions.A number indicating the number of active applications in your license (for example, if you have purchased IP.Board and IP.Blog, and both are active, the number “2” will be sent).The usage report does not contain: Your license key.Your site URL.Any information about about users or any user-submitted content.Any information which would allow us to work out which site sent the report. For the settings values - the values are encoded we cannot see the value (so we can’t see your site name, URL, etc.) - this is a blanket protection so that we do not send anything sensitive and the information cannot be used to work out which site sent the report. The encoded values though are still useful - for text-entry settings, we can see if the value has been changed from the default value (since we know the md5 hash for the default value) which is useful to know how many people change the default configuration. For settings which have a limited number of options, for example, can only be turned on or off, or have a drop down list of options, the hash value has meaning as we know the hash values for each option. Even though values are encoded, particularly sensitive settings such as database connection details are stripped completely. Here's an example of the contents of a usage report: How do I opt-out? You'll be asked when you install IPS Social Suite, or upgrade to version 4.0 if you want to opt-out. You can change this choice at any time in the Admin CP by simply adjusting a setting, which is in a prominent location. Attached Files diagnostics.txt (676bytes) downloads: 7 usage.txt (12.4KB) downloads: 6 Kompletten Blogeintrag lesen