Devflarum - Sandbox Server

0E800

Try saving an image.

That is the message. It's broke.

Kulga

Well, considering that it enables, has basic functionality and seems to recently be broken, that this is a issue with either flarum core or the extension itself and not devflarum ?
Everything runs on dev-master so things are going to break and be fixed mostly unpredictably.

Submit a bug report for the signature extension here and see what can be done?

0E800

Kulga
I'm not sure. The extension works fine for me and the 2 sites I am dev'ing on.

Not too big of a deal. Thanks.

Kulga

0E800

Hmm..

Well, on these sites, are the versions identical to what's currently on devflarum atm?

flarum/core dev-master 2140619 Delightfully simple forum software.
xengine/flarum-ext-signature dev-master 880371a Signature for Flarum

jordanjay29

The latest commit is the same as the latest tag, Kulga

kishoresahoo

datitisev How you are inserting an image, I can not see nay option here.

clarkwinkelmann

kishoresahoo you're trying to post an image here? Use the markdown markup for images: ![alt](url) (BBCode works as well)

kishoresahoo

works well thanks but not working in my local installation ?

Zeokat

@Kulga i just broke the install testing this issue: flarum/core1169

Kulga

Zeokat Do not worry about such things, but thanks for letting me know ?

Breaking it and finding bugs is a intended usage and permitted

You may notice it is already functioning again (without any manual intervention)

Edit: I can't resist

amdad

@Kulga So we got security issue in Flarum or this was other situation?

Kulga

amdad

IS FLARUM HAckED?

hacked by Maria Ozawa

hacked by Maria Ozawa

https://devflarum.xyzz.work/

Short answer: no

Long answer:
DevFlarum is admin accessible, so anyone can go in and change it as far as flarum allows.
Examining the logs (below) reveals that the landing page extension was enabled shortly prior to your post, so my assumption is they enabled it and changed it to some messaged inspired to scare.
It violates one of the few rules of devflarum

However, usage of clearly malicious words [...] is not allowed.

... So I will likely block them.

xxxxxxxxxxx - [10/May/2017:09:54:13 -0700] 200 "POST /login HTTP/1.1" "496" "0.077" "https://devflarum.xyzz.work/d/1-info" "devflarum.xyzz.work" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.96 Safari/537.36"
xxxxxxxxxxx - [10/May/2017:09:56:24 -0700] 204 "POST /api/settings HTTP/1.1" "350" "0.029" "https://devflarum.xyzz.work/admin" "devflarum.xyzz.work" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.96 Safari/537.36"
xxxxxxxxxxx - [10/May/2017:09:57:09 -0700] 200 "POST /api/extensions/johnhearfield-landing-page HTTP/1.1" "342" "0.031" "https://devflarum.xyzz.work/admin" "devflarum.xyzz.work" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.96 Safari/537.36"
xxxxxxxxxxx - [10/May/2017:09:58:05 -0700] 204 "POST /api/settings HTTP/1.1" "350" "0.019" "https://devflarum.xyzz.work/admin" "devflarum.xyzz.work" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.96 Safari/537.36"

As for being hacked, no. It was just a user logging in, enabling a extension and typing words. Not much of a "hack" when there is public admin access ?
Naturally, DevFlarum has already removed any trace of it (since it happened a short period ago)

amdad

Kulga So, it was just a Trolling. Thanks for answer!

code_addict

The Sandbox server seems down... please confirm.

luceos

Not down but broken, confirmed to be a JS error. The reset probably won't help, @Kulga

Kulga

Ah yeah..

2017/06/08 13:44:20 [error] 26009#26009: *538316 FastCGI sent in stderr: "PHP message: PHP Warning:  Invalid argument supplied for foreach() in /www/devflarum/forum/storage/views/ff7171ca3d43f941c1ca0c2215094862 on line 8" while reading response header from upstream, client: xxx.xxx.xxx.xxx, server: devflarum.xyzz.work, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/var/run/php7-fpm.sock:", host: "devflarum.xyzz.work"

Well, I presume that just means the the current dev-master is broken. :\

luceos

Kulga would you be able to trace that to the view and the line, I'd like to take a look or report the bug so this doesn't happen after a release.

MISC

Franz I am still experiencing this problem in an new installation ...

Kulga

luceos

2017/06/12 06:59:26 [error] 26010#26010: *639587 FastCGI sent in stderr: "PHP message: PHP Warning:  Invalid argument supplied for foreach() in /www/devflarum/forum/storage/views/ff7171ca3d43f941c1ca0c2215094862 on line 8" while reading response header from upstream, client: xxx.xxx.xxx.xxx, server: devflarum.xyzz.work, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/var/run/php7-fpm.sock:", host: "devflarum.xyzz.work"

www/devflarum/forum/storage/views/ff7171ca3d43f941c1ca0c2215094862:

<?php
$url = app('Flarum\Forum\UrlGenerator');
?>
<div class="container">
    <h2><?php echo e($translator->trans('core.views.index.all_discussions_heading')); ?></h2>

    <ul>
        <?php foreach($document->data as $discussion): ?>
            <li>
                <a href="<?php echo e($url->toRoute('discussion', [
                    'id' => $discussion->id . '-' . $discussion->attributes->slug
                ])); ?>">
                    <?php echo e($discussion->attributes->title); ?>

                </a>
            </li>
        <?php endforeach; ?>
    </ul>

    <a href="<?php echo e($url->toRoute('index')); ?>?page=<?php echo e($page + 1); ?>"><?php echo e($translator->trans('core.views.index.next_page_button')); ?> &raquo;</a>
</div>

datitisev

I got this same error as well. It seems to be your PR about private discussions & posts, @luceos.
git checkout 4c0339c30e46f9a2d6bc434a4063fcd8c34b0481 works fine (the previous commit).

luceos

datitisev interesting it breaks on a foreach, I'll look into it ?

luceos

datitisev I'm not sure, I just tried creating a project with dev-master, I also updated a test install to dev-master, but I can't reproduce this ?

« Previous Page