[00:32:06] https://issue-tracker.miraheze.org/T12078 [00:35:37] Commented [00:37:30] what do indigo and violate look like [00:38:48] likely going with violet [00:39:25] Indigo https://usercontent.irccloud-cdn.com/file/Wz8amotX/Screenshot%202024-04-27%20at%208.38.45%E2%80%AFPM.png [00:40:07] Violet https://usercontent.irccloud-cdn.com/file/t7Jju0Ej/Screenshot%202024-04-27%20at%208.39.50%E2%80%AFPM.png [00:40:50] @pixldev ^ [00:40:57] thanks! [00:40:59] looking rn [00:41:01] to me at least the difference is very subtle [00:41:13] agreed [00:41:31] indigo seems more my kind of dark royal purple thou [00:41:35] ill update the task [00:42:08] does phorge not have strikeout markup dang [00:42:16] ah [00:42:20] same as discord [00:44:53] for the record, https://we.phorge.it/book/phorge/article/remarkup/ contains all of the documentation for phorge markup aka remarkup [00:45:23] oh thanks forgot [00:46:29] side note how would one represent IS NOT/ greater than select comparisons in the database abstraction? [00:47:09] ie select where visibility is not greater then $viewLevel [04:17:53] So basically less than? < [09:40:45] Note: If you are operating a bot, please set a User Agent. You may very well find that the use of generic UAs or blank UAs gets you banned. [12:05:16] I mean in that the current syntax is an array that seems to be only equals `'cw_visibility' => $viewLevel`, would just I need to supply a SQL string directly or am I just being stupid [16:18:07] is that noted somewhere [16:19:38] I don't think we have a global bot policy. I can DM you the security reasons. [16:20:18] I can DM you info on most of the blocks if CF doesn't show why [16:20:24] I can look them up [16:20:32] yeah obv a ua policy would be good [16:23:27] @evalprime any questions ask [16:23:39] but ye we should document an acceptable use policy [16:27:55] @evalprime you around? [16:27:59] to check something [16:37:42] I agree with this as well btw. [16:38:18] I LOVE DOCUMENTATION [16:39:47] sure [17:01:01] very quick - https://meta.miraheze.org/wiki/Tech:User_Agents [17:04:32] thanks rhinos! [17:07:04] feel free to spurce it up [17:08:10] [1/17] also this may be a stupid question but is the way we do db calls different then the normal? I don’t see this array based method on the mw.org docs [17:08:10] [2/17] ```php [17:08:10] [3/17] $check = $this->cwdb->selectRow( [17:08:11] [4/17] 'cw_wikis', [17:08:11] [5/17] 'wiki_dbname', [17:08:11] [6/17] [ [17:08:12] [7/17] 'wiki_dbname' => $dbname [17:08:12] [8/17] ], [17:08:12] [9/17] METHOD [17:08:13] [10/17] );``` [17:08:13] [11/17] ```php [17:08:14] [12/17] $res = $dbr->newSelectQueryBuilder() [17:08:14] [13/17] ->select( [ 'cat_title', 'cat_pages' ] ) [17:08:15] [14/17] ->from( 'category' ) [17:08:15] [15/17] ->where( $dbr->expr( 'cat_pages', '>', 0 ) ) [17:08:16] [16/17] ->orderBy( 'cat_title', SelectQueryBuilder::SORT_ASC ) [17:08:16] [17/17] ->caller( METHOD )->fetchResultSet();``` [17:08:30] will later today maybe if i get time [17:08:38] i want to resolve my cw pr [17:35:12] @pixldev wanna make custom cf error pages too? [17:35:34] Would be interesting [17:35:34] cause we really should have better than the default cf banned pages [17:35:40] I ass at css though [17:36:17] ha [17:36:23] Is it for those cloudflare cant reach this errors or blocks? [17:36:23] they are docs at https://developers.cloudflare.com/support/more-dashboard-apps/cloudflare-custom-pages/configuring-custom-pages-error-and-challenge/ [17:36:27] blocks [17:36:51] hm [17:36:58] at the moment they do not say how to contact [17:37:06] i could probably think of something cool [17:37:10] hm? [17:37:11] origin errors will show the miraheze error page [17:37:48] https://cdn.discordapp.com/attachments/1006789349498699827/1234196888073408643/Screenshot_2024-04-28_at_18.37.43.png?ex=662fdaec&is=662e896c&hm=c50c175f6212841e00fda994a27dd27f8f2a8a8e5d172cd6e1970e4d91040a46& [17:37:56] that is if I've blocked your IP [17:38:24] https://cdn.discordapp.com/attachments/1006789349498699827/1234197038531608586/Screenshot_2024-04-28_at_18.38.20.png?ex=662fdb10&is=662e8990&hm=49ab9211608f1cce7a2816c7fe094edf69f849080217a88193e5b7a863f728f3& [17:38:28] is for firewall rules [17:40:03] Hm [17:40:25] Visually speaking black and red I think would make sense [17:40:52] either an ❌, padlock or a crossed out connection symbol [17:41:14] https://cdn.discordapp.com/attachments/1006789349498699827/1234197748199194635/image.png?ex=662fdbb9&is=662e8a39&hm=cc375758402c7cf1ccd626264ec55420a726962fd42471cdb68d1236015436b1& [17:42:19] I'm more bothered about us giving a solution [17:42:24] which is primarilly email us [17:42:30] yeah that too [17:42:35] cause you can't use phab if you're blocked [17:42:44] either sre or a special front email [17:43:00] that forwards to say sre and security engineers [17:43:29] my brain just kicks into looking cool [17:44:00] I mean hopefully no one sees it [17:44:28] Cause I'm trying to avoid blocking anything that isn't obviously malicious or extremely excessive [17:44:55] I don't really think it needs images [17:45:10] probably not [17:45:15] It's going to be a bot relaying it to a user in most cases [17:45:30] Nothing much probably just like the deleted wiki/502 screen [17:45:44] maybe minus the image yea [17:45:51] just really needs the info [17:46:00] Ye [17:46:09] Cause hopefully no human gets it [17:46:40] I am trying very very hard to make blocks as narrow as possible [17:46:53] Do we semi obfuscate the email like we do on wiki? [17:46:56] And challenging anything that isn't obvious [17:47:03] I'd say that's a good idea [17:47:05] sre [at] miraheze [dot] org [17:47:25] Cause like a fair number of people who see it are vuln scanning [17:47:43] im assuming that also means a mailto: link is bunk [17:47:58] Ye [17:48:09] Cc @evalprime [17:50:08] should we include the cloudflare thing that shows your ip? [17:50:23] that is not the right message to reply too [17:50:39] But um accidentally bump ig? [17:50:44] ¯\_(ツ)_/¯ [17:50:59] The ray ID & IP are needed ye [17:51:11] Cause without it we don't know why you're blocked [17:51:56] if we can include js on the page id say maybe a button that just copies all relevant information to the clipboard so you can paste into the email [17:56:22] Sure [17:59:37] just Ray ID and IP? [18:01:43] Ye [18:04:49] I doubt ill do it today between createwiki work because database abstraction is confungled my brain and I need to get something running on my server [18:49:09] Ok [18:56:22] feel free to slap me sometime this week to test if i get off my ass [19:34:04] catch me up to speed [19:50:53] I was nerd sniping @pixldev into making error pages. Wanted to know if you had thoughts. [20:01:54] yeah I read the part above about including an email for blocks [20:02:03] it's not a bad idea [20:02:12] Haha, yeah that sounds about right 😄 [20:02:54] I personally think a specific email would be best but if yall think normal sre is fine we can work with it. [20:03:19] sre is a google group that already gets some spam [20:04:12] Partly I was thinking people like Rhinos who do cloudflare stuff but to my knowledge isn’t on the SRE list [20:04:43] we could create a cloudflare google group [20:05:05] what's that? [20:05:20] All of the blocks are my fault [20:05:29] Cause I narrowed agent's [20:05:44] What's what [20:06:09] the google group [20:08:48] I don’t know the full details but it’s what manages emails, and a group I assume is an email that forwards to its members [20:09:12] ie you email sre@miraheze.org Thats sent to the entire team) [20:10:20] i hate a certain hosting provider's DC [20:11:07] DC as in datacenter? [20:11:35] yes [20:11:55] Does said certain provider have the initials FS [20:16:12] @rhinosf1 yo, is creating personal herald rules restricted to admins? I thought trusted contributors can but trying to find where [20:16:30] no [20:17:55] Thanks! [20:18:09] oh wait [20:18:22] i think im in the menu to configure herald that explains it [20:20:50] ill make a rule later once i figure out what i want [20:21:16] Preferably a notification without subscribing [20:23:21] never understood how agent could be subed to every new task [21:06:47] The way we do it is technically deprecated, or at least no longer the preferred way to do it since MW 1.35 [21:07:28] Oh, I see! That makes sense. Thanks [21:07:43] I’m assuming I can just use the modern documented method? [21:08:23] Yeah, we'll probably even want to update to the new method over time, but there's no reason to make an immediate change. [21:09:50] If it becomes a minor priority to switch over, I could try to do it. It seems simple enough and I’d hate to see anyone with actual skill waste more time on this then needed when they could be doing something productive. Assuming I’m not too busy at the time. [21:44:51] it's a listserv [21:45:05] but yeah [21:49:13] Ah thanks. I’m not familiar with the terms for google groups or mailing lists. Truthfully most of the tech stuff I just bullshit my way through until I actually understand but its worked fairly well so far [22:02:01] [1/8] @orduin something more like this? ```php [22:02:02] [2/8] $requestCount = $this->cwdb->newSelectQueryBuilder() [22:02:02] [3/8] ->select('*') [22:02:02] [4/8] ->from('cw_requests') [22:02:03] [5/8] ->where([ [22:02:03] [6/8] $this->cwdb->expr('cw_visibility', '<=', $viewLevel), [22:02:03] [7/8] 'cw_user' => $userID]) [22:02:03] [8/8] ->caller( METHOD );``` [22:03:02] great now how do I do counts in this new way [22:04:16] aha [22:22:03] [1/4] @bluemoon0332 this good for the perm check? ```php [22:22:04] [2/4] if ( $permissionManager->userHasRight( $userR, 'createwiki-deleterequest' ) ) { $viewerCwDeleteLevel = 1; } [22:22:04] [3/4] else { $permissionManager->userHasRight( $userR, 'createwiki-suppressrequest') ? 2 : 0;} [22:22:04] [4/4] ``` then a >= on the DB call [22:22:24] from the where array `$this->cwdb->expr('cw_visibility', '<=', $viewLevel),` [22:23:54] (gonna have to go soonish so if no reply ill assume yes and will fix tmr if im an idiot) [22:42:32] already pinged OS so not gonna ping again but https://github.com/miraheze/CreateWiki/pull/511 updated commits why do i keey adding these 'Merge branch 'master' into master' i hate it [22:42:45] CC @reception123 as like this was your Idea [22:49:32] drafting rn [22:50:29] idk how i could access the Ip and ray id [22:59:29] [1/2] @rhinosf1 (and @evalprime since rhinos was concerning you with the error pages ill follow suit, if you don't want to be bothered about this just lmk sorry) for the page you get when rhinos decides your life I mean IP is forfit [22:59:30] [2/2] https://cdn.discordapp.com/attachments/1006789349498699827/1234277842603343902/v6sDfYl.png?ex=66302651&is=662ed4d1&hm=e3fa6e2555cb8198b2c5e900d691298a97a8623bd9fb43771b9d53d807239211& [23:00:31] https://cdn.discordapp.com/attachments/1006789349498699827/1234278102696333492/miracloudflareerror.html?ex=6630268f&is=662ed50f&hm=2dbee3fecb59ae8ced603f1b6b2c41241f17ec1e0562f8c7314b931d9b745d54& [23:00:59] i still need to add the js gonna try and do the show ip [23:01:43] actually if theres a way to get it from cf with the ray id thats better [23:02:19] (this looked so horror movie-y with red text) [23:02:55] php has a count function that you can call on an array or on a map's keys to count number of map values [23:03:31] yea but i thought there would be a way to tell the query builder to do COUNT(*) and yea [23:04:19] i'd be careful calling php operations inside a sql query [23:04:27] im not? [23:04:40] just mentioning, not saying you are or did [23:04:41] I'm using mediawiki's query builder as documented [23:04:50] ah gucci [23:04:52] those should be safe [23:05:05] since it will automatically escape [23:05:10] I'd hope or dear lord lots of devs are gonna have patching to do [23:05:15] SQL injection <3 [23:05:55] there are certain db functions that do the escaping. there is one that is build your own query, that one may not escape [23:07:07] [1/2] suggestion, what about a big stop sign? [23:07:07] [2/2] text tweak: due to suspected and unauthorized bot activity originating from this IP address [23:07:56] idk about images but yea im adding the text [23:08:08] also had to google how to center text [23:08:14] (it was text-aling) [23:08:17] wait [23:08:30] don't use center tags [23:08:46] nah [23:08:50] [1/42] ```html [23:08:50] [2/42] [23:08:51] [3/42] [23:08:51] [4/42] [23:08:51] [5/42] [23:08:51] [6/42] 1006 Internal Server Error/title [23:08:52] <MirahezeRelay> <pixldev> [7/42] <style> [23:08:52] <MirahezeRelay> <pixldev> [8/42] body { [23:08:52] <MirahezeRelay> <pixldev> [9/42] background-color: black; [23:08:53] <MirahezeRelay> <pixldev> [10/42] color: goldenrod; [23:08:53] <MirahezeRelay> <pixldev> [11/42] font-family: Arial, sans-serif; [23:08:54] <MirahezeRelay> <pixldev> [12/42] display: flex; [23:08:54] <MirahezeRelay> <pixldev> [13/42] flex-direction: column; [23:08:55] <MirahezeRelay> <pixldev> [14/42] justify-content: center; [23:08:55] <MirahezeRelay> <pixldev> [15/42] align-items: center; [23:08:56] <MirahezeRelay> <pixldev> [16/42] height: 100vh; [23:08:56] <MirahezeRelay> <pixldev> [17/42] padding: 50px; [23:08:57] <MirahezeRelay> <pixldev> [18/42] } [23:08:57] <MirahezeRelay> <pixldev> [19/42] h1 { [23:08:58] <MirahezeRelay> <pixldev> [20/42] font-size: 48px; [23:08:58] <MirahezeRelay> <pixldev> [21/42] margin-bottom: 20px; [23:08:59] <MirahezeRelay> <pixldev> [22/42] } [23:08:59] <MirahezeRelay> <pixldev> [23/42] h2{ [23:09:00] <MirahezeRelay> <pixldev> [24/42] font-size: 36px; [23:09:00] <MirahezeRelay> <pixldev> [25/42] margin-bottom: 20px; [23:09:01] <MirahezeRelay> <pixldev> [26/42] } [23:09:01] <MirahezeRelay> <pixldev> [27/42] p { [23:09:02] <MirahezeRelay> <pixldev> [28/42] font-size: 24px; [23:09:02] <MirahezeRelay> <pixldev> [29/42] margin-bottom: 20px; [23:09:03] <MirahezeRelay> <pixldev> [30/42] text-align: center; [23:09:03] <MirahezeRelay> <pixldev> [31/42] } [23:09:04] <MirahezeRelay> <pixldev> [32/42] /style [23:09:04] <MirahezeRelay> <pixldev> [33/42] /head [23:09:05] <MirahezeRelay> <pixldev> [34/42] <body> [23:09:05] <MirahezeRelay> <pixldev> [35/42] <h1>1006/h1 [23:09:06] <MirahezeRelay> <pixldev> [36/42] <h2><span style="color: crimson">❌ Access Denied ❌/span/h2 [23:09:06] <MirahezeRelay> <pixldev> [37/42] <p>Your access to this website has been blocked due to suspected and unauthorized bot activity originating from this IP address. [23:09:07] <MirahezeRelay> <pixldev> [38/42] If you believe this was made in error, please contact <span style="color:gold"><tt>cloudflare[at]miraheze[dot]org/tt/span. [23:09:07] <MirahezeRelay> <pixldev> [39/42] Thank you./p [23:09:08] <MirahezeRelay> <pixldev> [40/42] /body [23:09:08] <MirahezeRelay> <pixldev> [41/42] /html [23:09:09] <MirahezeRelay> <pixldev> [42/42] ``` [23:09:09] <MirahezeRelay> <pixldev> wait [23:09:10] <MirahezeRelay> <pixldev> why did i use a span [23:09:10] <MirahezeRelay> <m3w> you can use `text-align: center;` [23:09:16] <MirahezeRelay> <pixldev> i could just \put it in the style thingy [23:09:19] <MirahezeRelay> <pixldev> 🤡 [23:09:22] <MirahezeRelay> <m3w> https://www.w3schools.com/css/css_align.asp [23:09:46] <MirahezeRelay> <pixldev> google <3