Problem posting

Wear your anorak proudly here! The place to discuss website & forum developments, administration, wish-lists, bugs, abuse etc
Post Reply
Rachael
Posts: 2455
Joined: 23 Jan 2010 13:42
Location: Sydenham / Forest Hill Intersection

Problem posting

Post by Rachael »

Getting this error when trying to reply to a thread in the main forum:

SQL ERROR [ mysql4 ]

Incorrect string value: '\xF0\x9F\xA4\xA6\xE2\x80...' for column 'post_text' at row 1 [1366]

An SQL error occurred while fetching this page. Please contact the Board Administrator if this problem persists.
admin
Site Admin
Posts: 2578
Joined: 20 Sep 2004 21:49

Re: Problem posting

Post by admin »

I've checked with Stuart and he says:


Does Rachael use an Apple? I thing it can generate strings which are
uniquely Apple and are not part of unicode (or the other way round). If
so the fix is not to use that character. It may be an emoji or something
peculiar.
Rachael
Posts: 2455
Joined: 23 Jan 2010 13:42
Location: Sydenham / Forest Hill Intersection

Re: Problem posting

Post by Rachael »

That was exactly it - Apple + emoji. Thanks.
brazil nut
Posts: 65
Joined: 22 Jan 2018 12:38
Location: Forest Hill

Re: Problem posting

Post by brazil nut »

I am more of a lurker here than a poster but I am a member nonetheless and I have been alerted to it being posted on another forum in SE23 that STF database and technology "presents an outright security risk for members". This of course worries me as a member and I should be grateful if Admin would respond to this serious issue raised. Am I and is my data at risk due to being a member of STF?

https://se23.life/t/spam-from-other-loc ... ms/11003/3
Rachael
Posts: 2455
Joined: 23 Jan 2010 13:42
Location: Sydenham / Forest Hill Intersection

Re: Problem posting

Post by Rachael »

Good question. Although it’s not like the forum holds a lot of my personal data, certainly not data that would be of much use to anyone.

It’s good practice to use ‘spare’ email address and aliases for signing up to anything like a forum, and not the email address you use for any organisation that holds more sensitive or financial data. If there is a data breach you can easily kill that email address. It also makes it much easier to identify where someone misusing your email might have got it from.
brazil nut
Posts: 65
Joined: 22 Jan 2018 12:38
Location: Forest Hill

Re: Problem posting

Post by brazil nut »

Thank you Rachael for these useful tips. In this instance I am keen to know whether there are any legs to the allegations of this forum posing a security risk to its members or whether this might be a further groundless attempt by the gentleman in question to undermine and discredit STF for personal satisfaction and gain. It is no secret that the man in question has expressed his grievances about being evicted from this forum and indeed it is no secret that the man in question is (rather aggressively in my view, but that is my view) attempting to build up his own competing SE26 life dot forum. It would certainly aid him no end in this quest to instil fear amongst existing STF users and drive them away from this forum to his own. I may be thinking rather too cynically and it could well be that he genuinely does care about the people of Sydenham and their susceptibility to data breaches, however if my memory serves me correctly I do seem to recall that similarly aggressive tactics were used when setting up the original dot life forum in SE23. It is all rather tiresome and feels at times very much like "dicks at dawn" (to pen a phrase I heard recently in connection with the present infighting at Lewisham Council). But nevertheless a serious allegation has been made and I would be very grateful if the admin of this site could let us know whether there is any substance to it.
admin
Site Admin
Posts: 2578
Joined: 20 Sep 2004 21:49

Re: Problem posting

Post by admin »

I am investigating, Brazil nut, and am awaiting a response from the software guru of this site. I hope it will be soon, but I can't do anything till he responds as it's not in my area of expertise. I share your concerns and both in connection to the individual who runs the rival site and the software point.

Cheers!

admin
stuart
Posts: 3680
Joined: 21 Sep 2004 10:13
Location: Lawrie Park
Contact:

Re: Problem posting

Post by stuart »

brazil nut wrote:I am more of a lurker here than a poster but I am a member nonetheless and I have been alerted to it being posted on another forum in SE23 that STF database and technology "presents an outright security risk for members". This of course worries me as a member and I should be grateful if Admin would respond to this serious issue raised. Am I and is my data at risk due to being a member of STF?

https://se23.life/t/spam-from-other-loc ... ms/11003/3
No there is no risk. Quite the reverse. The scaremongering post on SE23.life was either done malevolently or in ignorance. You choose.

The issue is well known, well documented - and has afair - been raised here before. It happens when anyone attempts to inject an illegal character into the database - it is spat back out again which is exactly what it should do. In this case Apple used a non-unicode based emoji. Its a pain but there you are.

The forum software we use - is the most used and most stable forum software money can buy, Except it's free.

Stuart
brazil nut
Posts: 65
Joined: 22 Jan 2018 12:38
Location: Forest Hill

Re: Problem posting

Post by brazil nut »

Thank you for confirming this Stuart. I am sorry that STF is being subjected to these repeated allegations which could undermine this well-respected and well-administered forum that has served its community well for many years. Long may STF continue and we can but hope that those peddling these allegations may now STFU!
JRobinson
Posts: 1104
Joined: 5 Jan 2010 12:40
Location: De Frene Rd

Re: Problem posting

Post by JRobinson »

I have just logged out of both dot life fora, and deleted my bookmark/shortcuts - I'm just not that happy with the way he goes about stuff.

his loss, not mine.

STF - is where I'll find the information I need on this locality as and when I need to.
stuart
Posts: 3680
Joined: 21 Sep 2004 10:13
Location: Lawrie Park
Contact:

Re: Problem posting

Post by stuart »

Incidentally this may be a covenient moment to share the protocols good IT people follow when they suspect any security breach. It's also good practice for anyone else.

1. Check whether the issue is known [Mr Google is your best friend]
2. If yes, is the security issue real?
3. If not already reported then notify those responsible in COMPLETE confidence
4. If there is not a satisfactory response then notify those responsible you will go public
5. If there is no fix after the specified time - WARN THE PUBLIC!

This enables and encourages any security issue to be mitigated quickly and without alerting bad people. Or needlessly scaring good people if it isn't a problem.

Stuart
JGD
Posts: 1243
Joined: 5 Feb 2018 11:39
Location: Perry Hill, SE6 (free-transferred to Perry Vale Ward, next to Bell Green; distinct from Sydenham).
Contact:

Re: Problem posting

Post by JGD »

rod taylor wrote:Who is Chris Beach? :roll:
Also known as the Correspondent from RTW.
stuart
Posts: 3680
Joined: 21 Sep 2004 10:13
Location: Lawrie Park
Contact:

Re: Problem posting

Post by stuart »

I see our friend on SE23.life is continuing to be abusive and spreading disinformation. But the what's new in his attempts to control or take down this forum?

He is reported as saying:
The reason STF’s forum software is unable to handle emojis (and the current Unicode characterset) is because its database is MySQL version 4 (as revealed in the error message Rachael received). This database software was released in 2004 and hasn’t received any security updates for years. In fact the subsequent MySQL release (version 5.1) stopped receiving security updates in 2013, which means anyone running MySQL 5.1 or earlier (especially MySQL 4.X) is not keeping their user’s data safe.
That would be a stupendous deriliction of duty on my part. Even he can't believe I could be that stupid. It is, in fact the very latest version available from the repositories. For those into CLI:
root@v1:~# mysql -V
mysql Ver 15.1 Distrib 10.0.37-MariaDB, for debian-linux-gnu (x86_64) using readline 5.2
Yep it isn't even MySQL but a later fork MariaDB to which most heavy users have switched. I won't reply on his forum because ... well he just makes up stuff to try and stuff other people.

Stuart
michael
Posts: 1274
Joined: 26 Sep 2006 12:56
Location: Forest Hill

Re: Problem posting

Post by michael »

I'm sure Chris will be reading your comments (and mine) and responding appropriately - by which I mean apologising for claiming that this forum offers "outright security risk for members" based on the little evidence he had to hand at the time.
stuart
Posts: 3680
Joined: 21 Sep 2004 10:13
Location: Lawrie Park
Contact:

Re: Problem posting

Post by stuart »

michael wrote:I'm sure Chris will be reading your comments (and mine) and responding appropriately - by which I mean apologising for claiming that this forum offers "outright security risk for members" based on the little evidence he had to hand at the time.
I'm not hollding my breath. And I'm not into Forum Wars.

Simply instead of rubbishing each other the time would be better spent improving both. Much to be done here and I hear his own are not impervious to criticism. Or maybe that's the problem?

Stuart
Rachael
Posts: 2455
Joined: 23 Jan 2010 13:42
Location: Sydenham / Forest Hill Intersection

Re: Problem posting

Post by Rachael »

I’m very sorry my original question has reignited this fracas. It was never my intention.
michael
Posts: 1274
Joined: 26 Sep 2006 12:56
Location: Forest Hill

Re: Problem posting

Post by michael »

Rachael wrote:I’m very sorry my original question has reignited this fracas. It was never my intention.
I don't think you have anything to apologise for.
brazil nut
Posts: 65
Joined: 22 Jan 2018 12:38
Location: Forest Hill

Re: Problem posting

Post by brazil nut »

What I genuinely fail to understand is why he is targeting Sydenham? Why does he not put his efforts into developing Catford dot life where there is no pre-existing forum (so far as I am aware)? Or Brockley perhaps? Or even Royal Tunbridge Wells (what a nice way that would be to introduce himself to his new neighbours)?! If he developed the brand elsewhere first where there is no existing conflict then would that not make him better placed to strike some form of (collaborative) deal with STF in the future? I do find it quite puzzling and it does not seem to me to make good business sense. Unless, of course, it is the conflict that drives him.

I don't solicit a response from anyone on these questions, I am merely presenting my thoughts aloud (so to speak). Apologies to the OP (whose query was indeed misappropriated elsewhere and who should not feel like she should be required to apologise for anything) as I'm minded to think that she would probably rather this discussion about this particular individual should end.
Rachael
Posts: 2455
Joined: 23 Jan 2010 13:42
Location: Sydenham / Forest Hill Intersection

Re: Problem posting

Post by Rachael »

I’m dismayed, though, to see my OP screenshot and posted on Twitter, as well as the other forum, as proof of this forum’s dangerous decrepitude. I hope the tweets at least will be deleted now in the light of Stuart’s reply here. If my user name had been cropped from the screenshot I’d be less unhappy.
brazil nut
Posts: 65
Joined: 22 Jan 2018 12:38
Location: Forest Hill

Re: Problem posting

Post by brazil nut »

Oh my word, this was tweeted too? In which case that seals the deal as far as I am concerned, to do such a thing is most indicative in my mind of an aggressive and spiteful intent. I sincerely hope that people will open their eyes and see this for what it is. It is highly unprofessional behaviour, but it goes far beyond an immature lack of professionalism, it really is quite alarming and (in my opinion) much darker. How anyone can continue to support the dot life brand Is beyond me.
Post Reply