It should have been handled during the upgrade. Not sure why it wasn't but then this whole template system is plagued with issues like that.

The contents should be:

<form action="{$this->self}?a=member_control&amp;s=delete&amp;id={$this->get['id']}" method="post">
{$this->table}
 <div class="title">{$this->lang->mc_delete}: {$member['user_name']}</div>
 {$this->lang->mc_confirm} <b>{$member['user_name']}</b>?
 <p class="line"></p>

 <input type="hidden" name="token" value="$token" />
 <input type="submit" name="submit" value="{$this->lang->submit}" />
{$this->etable}
</form>

Posted Aug 30, 2010, 9:33 pm

Yep. Apparently it didn't like the way QSFP's censor processing got wedged into Sandbox's bbcode parser. Since the censor code is used globally anyway I just moved the routine that queries them to the init() function. Guaranteed to only load once that way, regardless of how many segments need processing.

Posted Aug 5, 2010, 7:07 pm

Good thing I spotted the latest mess when I saw this post with 56 queries. Now we're back down to 19

Posted Aug 5, 2010, 4:35 pm

And one less mess on the front page - previous news posts are in a select box now.

Posted Aug 5, 2010, 2:10 am

If anyone is paying any attention at all, I'm making a few messes on my 3 QSFP sites. One of those situations where the urge to code struck, and I've answered it thusly:

Changes for 1.5:

* Implementation of a math based captcha to replace the image based system that was filled with deprecated PHP function calls.
* General cleanup of the default skin.
* Dropped Brightcove and Google Video BBCode controls.
* Fatal errors will no longer report the details to the browser.
* Replaced BBCode parser with the code used in Sandbox 2.x due to numerous PHP 5.3 deprecations in the old code.
* Emoticons are now handled on a per-skin basis properly as they should have been.
* Replacements table holding censored words trimmed of unneeded columns only used by emoticons.
* Emoticon management module in the AdminCP has been removed.
* Ashlander 3 has been formally adopted as the official skin.

Bugs addressed:

* SECURITY: Secunia Advisory SA38783 fixed.
* Security token for permissions update was not provided, causing form submission to fail.
* Category display broken by split() deprecation.
* Language fix for Akismet registration filtering.
* Fixes for broken user lists and corrupted downloads.
* Missing language for required registration cookies.
* A few functions got missed in the cross-site request forgery sweep.

Still more to go though, so if you are waiting in the wings to get the update, just hold out a bit longer. I still want to clean up the front page news display so that lots of old news articles don't cause a massively long page to load.

I'd REALLY like to axe the template system, but with 181 templates to process, that's a hell of a lot of work, and the only suitable replacement system I've found isn't even being supported anymore. Talking about XTemplate btw, not Smarty, Smarty would add way too much crud I don't want to deal with. XTemplate worked well for Sandbox, but that's infinitely less complex than QSFP and XTemplate really needs the ability to call child templates from a module template. It would sure make doing upgrades a whole lot easier. Always seems like those botch themselves up in some way.

Anyway, there it is. When I get to the point of being sick of dealing with code, I'll package it all up.

A side note for anyone who still cares too, I transplanted the Quicksilver Forums SVN repository over to Google Code. The old one had locked out everyone's old passwords, but fortunately I was still able to do a checkout and Google didn't bitch about needing the password to resync it there. It's getting some long needed attention right now too to shore up Secunia's list of advisories for it.

Posted Aug 5, 2010, 12:24 am

Well unless CSS files can be used to execute malicious javascript code, the only person who is going to get screwed by deliberately uploading a bad one is the person using it.

Posted Aug 5, 2010, 3:32 pm

*performs ritual of threadomancy*

Having previously done this for Sandbox, one thing should be mentioned. The user cannot host the CSS file locally on their own PC. The browsers will not read it from local storage. It has to be stored on the web somewhere.

It would be a relatively simple addition to make too, which is always good. Though I suspect anyone who actually wanted it is no longer paying attention

Posted Aug 5, 2010, 6:01 am

So can anyone say necroposting?

After nearly 3 years, QSFP is finally getting post edit preview. Who knew it would be such a pain to set up too.

Posted Aug 5, 2010, 5:21 am

Better late than never.... the two extra video buttons are gone now.

Posted Aug 3, 2010, 6:13 am