# IMPORTANT: SciForums Update - Report All Issues Here

Discussion in 'Site Feedback' started by Plazma Inferno!, Sep 26, 2014.

1. ### QuarkHeadRemedial Math StudentValued Senior Member

Messages:
1,728
I cannot understand why people are worrying about avatars, animated or not

1. Latex doesn't work - this is a major problem

2. "Go to last post" isn't available - this is very inconvenient

The guys at Physics Forums recently made the same server migration, and it works seamlessly. It may be worth the admins here talking to the admins there.

Otherwise this site is all but useless

cluelusshusbund likes this.

3. ### Dr_ToadIt's green!Valued Senior Member

Messages:
2,527
LaTeX should be one of the simplest things to implement. If y'all would like to use mathtex.cgi instead of mimetex.cgi, I will offer my server to parse the calls. It looks much better as png graphics, anyway.

5. ### C CConsular Corps - "the backbone of diplomacy"Valued Senior Member

Messages:
2,343
You mean the XenForo consultants are aware of and concerned that this is a science forum trying to using their software? Fascinating, the way things are going I felt that would be one of the tail-end breakthroughs requiring days, weeks, months.
Only an extra step of the "Page Down" key after clicking the last page number link displayed. Topics displayed up-front on the SF index already seem to go to the last post.
Remarkable that there are people actually trying to carry on the usual discussions. I see no point in doing anything here other than irregularly visiting the Site Feedback porch to watch the corn grow.

cluelusshusbund likes this.

7. ### Dr_ToadIt's green!Valued Senior Member

Messages:
2,527
LaTeX bbcode is called in the same way it is on free software like phpBB3. I just created a demo xenforo site, and here's a screenshot of the "Add custom bbCode" page.

All we need is  to be defined and pointed to <img src="http://myserver.net/cgi-bin/mathtex.cgi?{TEXT}" align="absmiddle" title="{TEXT}">

8. ### Dr_ToadIt's green!Valued Senior Member

Messages:
2,527
As I said, I'll host tex on my machine. Trippy can attest that it is robust and reasonably complete in packages. Y'all let me know.

cluelusshusbund likes this.
9. ### Dr_ToadIt's green!Valued Senior Member

Messages:
2,527

Do you need to edit functions for every file? This is getting ridiculous. Are the XenForo devs working on this?

cluelusshusbund likes this.
10. ### Dr_ToadIt's green!Valued Senior Member

Messages:
2,527
The image I posted is visible in the editor, and was visible on the thread view a moment ago, but now it's not? What the hell?

Edit: And now it is again.

cluelusshusbund likes this.
11. ### Dr_ToadIt's green!Valued Senior Member

Messages:
2,527
Sorry, guys. Now y'all should be able to see the images too. I had to modify my .htaccess to allow images from my site to be viewable here.

Let's check:

Animated gifs display in the editor window at least. And in the thread view, for me. Do y'all see the image?

cluelusshusbund likes this.
12. ### QuarkHeadRemedial Math StudentValued Senior Member

Messages:
1,728
The image posted in #124 gives me "denied access". Anyway, this is hardly a full solution. Only fully operational tex tags and embedded url links will even go part way to restoring full functionality here.

Are members willing to go that extra mile (in terms of number of key strokes etc) to get even a fraction of what they had before the migration?

I doubt it - get on the case!!

cluelusshusbund likes this.
13. ### Dr_ToadIt's green!Valued Senior Member

Messages:
2,527
No more 403 errors for you!

cluelusshusbund likes this.
14. ### KittamaruAshes to ashes, dust to dust. Adieu, Sciforums.Valued Senior Member

Messages:
13,938
I can see em now!

cluelusshusbund likes this.
15. ### Dr_ToadIt's green!Valued Senior Member

Messages:
2,527
Yee-hah! (It should have occurred to me that I'd need to change permissions for my server, duh..)

cluelusshusbund likes this.

Messages:
4,833
17. ### garbonzoRegistered Senior Member

Messages:
790
Still can't confirm accounts, guys.

18. ### Dr_ToadIt's green!Valued Senior Member

Messages:
2,527
A lot seems to be browser dependant. My son has Chrome on Win 7, and the CSS isn't properly rendered I guess. Everything here is in black and white for his machine..

Mathtex.cgi is a compiled C program not called by the shell, and my bash is fully patched. If the LaTeX markup isn't parsed properly it throws an error graphic, just like mimetex. But you know that..

19. ### SylvesterRegistered Senior Member

Messages:
467
TEST...Toad, can you see me now?

Messages:
2,527
No?

21. ### Plazma Inferno!Ding Ding Ding DingAdministrator

Messages:
4,610
Hey guys.

We're trying to fix the JS error, we created a ticket and apparently it's XenForo problem. Some of the problems are related, so they'll probably be fixed too when the JS error is solved.

1. LaTex

We installed the BB Code pack add-on, but apparently it doesn't work. We'll play around until we enable it.

2. Ban List

Same goes here. Ban list is also an add-on. We installed it, options are ok, but it still doesn't show.

3. Last post

I thought that XenForo will use same structure for posts (but apparently that's not the case). Currently, when you click the thread title you'll open the last post. We'll figure out something.

cluelusshusbund likes this.
22. ### Captain KremmenAll aboard, me Hearties!Valued Senior Member

Messages:
12,738
Yes, but everyone knows they are cleverer than us.
It's not a fair comparison.

cluelusshusbund likes this.
23. ### rpennerFully WiredValued Senior Member

Messages:
4,833
Having bash patched is the important part, because if Mathtex.cgi passes environmental variables to the shell (the default behavior of the system(3) call and simpler variants) then there remains a shellshock vector.

The bash shell since at least version 2, has allowed passing of not just environmental variables in the environment, but arbitrary shell functions.
That's pretty insane if useful in a programming sense:
Code:
env echo='() { :; }; # Silence echo' bash -c "echo This is a test"
However as dangerous it is to be able to re-write unqualified command names (for protection write code with exact paths or totally lock down the environment passed to bash), it is entirely possible to inject arbitrary code even when no shell functions are called, because the shell runs code trailing functions at time of reading the environmental variables and function definitions.
Code:
env x='() { :; }; echo vulnerable to running arbitrary command' bash -c "echo This is a test"
On an unpatched system this gives:
Code:
vulnerable to running arbitrary command
This is a test
as output.