I've read the third edition of the XOOPS letter updating the different aspects of xoops. Nice read, whistles and bells are neat, but where's the basic meat?

What I'm talking about specifically is:

Forums - When should we expect to see basic functions like "mark all read" etc., to be included?

Notifications - What's the progress on these? i.e., streamlined and some type of size quota per user.

Avatars - When should we expect to have the option of having users avatars being remotely hosted?

Auto Login - When will the method be implemented and on by default?

Again, the newsletter was nice - like it - nice edition. But the above things are things that we see someone asking about everyday on the forums here. So, what's the scoop?

Forums - Not a core area anymore, but a Modules Dev project. "Mark all read" will be in the next version. Check newbb project on dev.xoops.org for more

Notifications - Haven't heard this voiced. Streamlined how?

Avatars - XOOPS 2.2 would be my guess

Auto Login - I wouldn't count on this being on by default. At least not until someone comes up with an auto login feature without too many security holes.

The 'mark all read' feature is included in the upgrade of newbb. The newsletter said 'some of the features' )

Notifications: what do you mean with 'streamlined'? Quota's are handled by the PM system, not the notification system. Or do you want a feature that sets 'recieve x notifications maximum'? (These are new features I haven't seen asked before here, but are interesting)

Avatars: Also a nice feature I haven't seen before -add it to the feature request tracker on the sourceforge.net XOOPS project pages

Auto-login: Since it enlarges the risk of possible security holes, and since it is only recommended in smaller sites, this feature isn't enabled by default. But, with the great help of GIJOE, this feature will be made as safe as possible, and then we're looking into making it optional. Don't expect this to happen for 2.0.7 tho.

Herko

(Just quick seaches provided for your convenience)

Heh! Yeah, I read the newbb - feature part, just trying to ensure that basic items - items sorely needed for some time - weren't forgotten with whistles and bells. I mean - that one feature alone will unclutter so many sites that have had no other choice but slap up the recent topics block as a way for the users to be able to follow threads.

Interesting that newbb isn't core anymore.... will this open up the ability to use of 3rd party forums (with the next release) without having to alter core files?

Inbox Quota:
https://xoops.org/modules/newbb/viewtopic.php?topic_id=10955&forum=7#forumpost44002

Notifications / PM's I kind of lump together since they all end up in the inbox - streamlined might not be the best wording on it. Regardless, there needs to be a size/amount limit put on these. For example, the xoops_priv_msgs table on my site is starting to compete with the size of the forums . I've recently gone through and pruned over 20 pages of them - just notifications for new topics, new files, etc. I've had to resort to turning off the notifcation feature for everything but forums, and if i could find that, it would be off. Anyway, another basic should of been included - sorely needed item - that needs to be implemented. Ala invision board, phpbb, or how the others out there do it.

Avatars:
https://xoops.org/modules/newbb/viewtopic.php?topic_id=15466&forum=7#forumpost64588 https://xoops.org/modules/newbb/viewtopic.php?topic_id=17840&forum=4#forumpost76950
https://xoops.org/modules/newbb/viewtopic.php?topic_id=9357&forum=10#forumpost41995

Again, standard among the others out there - but for some reason XOOPS wants a large uploads folder

Autologin - It's a gaping hole in XOOPS - but not the others out there?

I've followed GIJoe's threads. He's done some fine work on setting it up - testing vulnerabilities, etc.

I just wonder what the problem is then? If others can incorporate it within the product without exposing vulnerabilities...? Is the message XOOPS is only secure while you're sitting in front of it? It's a feature that webmasters and users request daily - shouldn't there be a better solution on the horizon?

newbb isn't core anymore - just like all the other "core modules". This, however, mainly mean that it is not the core devs, who update the modules.

I have also read somewhere (I think) that in time there will be multiple XOOPS packages with a selection of modules suitable for a certain segment (news site, gaming clan, company) - and I do hope that the best modules will be selected there. E.g. I don't really think that Sections has much to do in a XOOPS package after WF-Sections.
So this will give a little more competition in e.g. forum modules etc. but I think it will be a good competition, which will help to heighten the quality of XOOPS packages.

Re. Notifications, your problem is mainly that the notification PM's are not deleted? Perhaps it is possible to do a little hack in readpmsg.php to delete notification PM's on read?

I think I have a way to do offsite avatars, but I will have to work with it a bit.

Re. autologin, we didn't say "gaping" hole, but it is (if I have understood GIJOE correctly) a fact that the current autologins for XOOPS have security holes - I cannot speak for other CMS's/BB's

Damn, prime example. This is the second writing - hit submit - "you don't have ...." (now third but i remembered to copy/paste this time!)

Good Info - appreciate it! But, back to the meat.

Yeah, I could hack the inbox - but I perfer to avoid hacking the core for obvious reasons. What I presented was what Webmasters/Users are asking for - things they find everywhere but at a ..... XOOPS site.

You're correct - Gaping my words, not yours. But if enabling the system to remember a user - something found across the board on other CMS/BB's - presents a security flaw in xoops, then? If a user asks a webmaster, "How come here or there or yahoo or blah blah blah can remember me, why can't you?" What ammo do we have to respond? Do we aknowledge that there is a flaw in XOOPS that prevents this? Is it a flaw? Users absolutley hate to relog. Users hate to have their sessions expire as they are posting.....

I could understand if the above things were a new concept, but they arent. They're basic features. These things have been around (avatar, inbox size, autologin, mark all read, new posts, etc) - for some time and can even be found in older CGI systems.

If part of the hindrance is that the devs/core personnel are not familar with what is going on with other CMS/BB's - I would be more than happy to toss up working copies for them to browse. Just name it!

Sorry that I'm trying to pin you guys down - you guys know me and know this is the first time I have ever posted anything along these lines. But again, I think these should be standard included in the core. Let's reserve Hacks for, well hacks. Again, if you guys need me to toss up the other CMS/BB's so you can see whats going on with the competition, just say the word!

I'm with you HughG! I'd love to have my auto login work right. I have members bugging me even now to have it work again. Lots of people don't want to have to remember or type in usernames and passwords for sites that they go to everyday. It's inconvenient. I'm hoping that this will be fixed in XOOPS in the near future. :)

I haven't seen a problem with the autologin, what/when did it change? It seems to work great on my site, users would be whining loudly if it didn't.

Having said that I'd actually prefer not using autologin because of security. It is certainly common practice all over the CMS world but these days it is not safe IMHO.

I don't belive that the XOOPS implementation of autologin is any less secure than other systems. In general it isn't safe period. But it seems to work like any other system's for me.

I'd vote for making autologin as it is a GUI option just to make it easier for newbies to activate. But NOT on as default. Very easy to turn it on if needed. And by all means continue working on the security side of the code.

Remote avatars, there is a sore subject for me. I'll only say that I really don't like them for various reasons and wouldn't allow it on my site ever. But fine by me if it was an option, make it possible but NOT on as default.

Hi DonXoop! I installed the autologin hack for 2.0.6 after upgrading my XOOPS and it isn't working for me or my users. It has the remember me check box and I uploaded all the files in the hack but no go. I was hoping that someone would fix this. :(

Quote:

Most feature request, which are usefull will be/or are added. To call all now is much writing. Just take a look to the testsite:

http://testsite.xoops2.org/modules/newbb/

Greetz