You're looking at an archived, read-only version of our old community forum. See our new community forum here.

hashel

Location: Liège (Belgium)

Joined: Mar 04 2008

Wow the new interface is so sexy :D

List of problems

auriplane

Joined: Sep 06 2008

Current list of problems:

----------

Auriplane!!

even so, it looks really nice

Rook

Location: US

Joined: Jun 21 2011

even so, it looks really nice

Hmm I only saw it when it had

BigHeadClan

Joined: Jan 20 2012

Hmm I only saw it when it had a broken .php file so it didn't look all that different. lol

Fun

Ash

Joined: Dec 10 2011

Greetings humans,
The server got hacked and, as part of the cleanup, I've had to install a lot of updates to the platform GT is built on. These breakages will either be due to incompatibilities with the updates or because Archard made some changes to the core which have now been overwritten. I have a backup, so I can compare.
It's going to take some time to put this right. I was up for 9 hours until 5am my time working on the security stuff so I needed some rest. I'll get back to work on this soon.

Who the hell would hack

hashel

Location: Liège (Belgium)

Joined: Mar 04 2008

Who the hell would hack gamtetabs? o_O

@Ash, don't worry boss, take the time !

----------

I do VGM covers and stuff at https://www.youtube.com/c/hashel

It looks like it was just a

Ash

Joined: Dec 10 2011

It looks like it was just a worm that found a vulnerability and assimilated the server into a botnet. I think we're ok now...I mean, apart from the fact the site is totally broken lol. Sorry guys, it had to be done :(

Whatever the difficulties on

hashel

Location: Liège (Belgium)

Joined: Mar 04 2008

Whatever the difficulties on our path, we will stand as one !

----------

I do VGM covers and stuff at https://www.youtube.com/c/hashel

That's pretty cool.

surreal

Eric: tank,godlike

Location: Arizona

Joined: Jan 04 2009

That's pretty cool.

Re: It looks like it was just a

BigHeadClan

Joined: Jan 20 2012

Ugh scary, you doing any penetration testing on the new version? I'd offer my help but my security skills haven't put my security skills to work so I don't think I'd be much help. lol

Progress

AshTest

Joined: Dec 18 2011

Just a quick update. I'm slowly working my way through these issues. It's a bit of a nightmare so please bear with me. I've updated Auri's post above to reflect the state of things so far.

@BigHeadClan, I'll be doing some pen testing later but right now my focus is on getting this functionality sorted out. It doesn't look like the box was routed. Processes were running as the webserver and it doesn't initially appear that any privilege escalation had been achieved so hopefully a rebuild isn't necessary, but I'll do some more research. The core and modules of the CMS have all been patched and I haven't seen anymore suspicious activity so I'm keeping an eye on things while fixing everything up. I'll do a proper audit when the site's functioning properly again. OK, back to work...

OK, that's most of the issues

Ash

Joined: Dec 10 2011

OK, that's most of the issues fixed. Please add to the list if you notice anything that Auri hasn't already mentioned.
The final few issues are very difficult to debug. I'm going to establish a new test environment with the old version of GT. I'll then apply all the updates one by one and keep an eye on this functionality to see which update breaks it. If the update is not important, I will roll it back. If it is important, I'll compare the broken code to the working code to formulate a workaround. But I'm absolutely dead. I'll get working on this over the next few days.

Thank you for fixing things

karathrow

Joined: Oct 26 2010

Thank you for fixing things Ash. We may not be a big community but it's much appreciated.

Thanks for the encouragement

Ash

Joined: Dec 10 2011

Thanks for the encouragement - I feel like my eyeballs are gonna fall out lol. And thanks for not mentioning the part where I broke everything in the first place!

Ugh props to you doing this

BigHeadClan

Joined: Jan 20 2012

Ugh props to you doing this on your spare time Ash, besides getting everything working on the first try is boring!

wow I just read this that the

soundsandstuff

Joined: Sep 27 2009

wow I just read this that the site was hacked, it's a good thing that we have you guys Ash, Auriplane, and anyone else who is able to spot issues and help with the fixes with their computer skills. thanks for all the effort and hard work you guys put in to keep this place safe and running!

Thanks for all your work ash!

hslesperance

Location: Walpole, MA

Joined: Aug 10 2008

Thanks for all your work Ash! Should I not post any new tabs to the site until everything is fixed?

Also the upload limit for tabs has been changed from 10mb for the tab file and 5mb for sound file to 2mb for each. Is this a problem from the hack or did you just change it?

And normally there is a list of the latest threads to the right of the 'online users' section on the main forum page.

----------

My Original Songs - https://soundcloud.com/hslesperance

I still can't upload pictures

hashel

Location: Liège (Belgium)

Joined: Mar 04 2008

I still can't upload pictures ont he forum, is it the same for everybody ? Or am i just making it wrong ?

----------

I do VGM covers and stuff at https://www.youtube.com/c/hashel

Hey guys, thanks for the

Ash

Joined: Dec 10 2011

Hey guys, thanks for the reports. I believe the site is secure now. That's been my priority and I'm aware that there is still some broken functionality. And I'll take care of it as soon as I can. It's just been a busy couple of days. I'm on my phone right now but hopefully I'll fix the upload limits tomorrow when I can get to a computer.

Re: Ugh props to you doing this

musenji

Joined: Feb 02 2010

BigHeadClan said:

"Ugh props to you doing this on your spare time Ash, besides getting everything working on the first try is boring!"

I mean, I'm pretty sure he's getting the ad revenue from the site, so it's probably very worth it financially. :p

----------

And then I realized that the chord progression from Chrono Cross's Another World is the same progression as the chorus from Peace of Mind by Boston, and life was never quite the same.

I didn't even know we had ads

BigHeadClan

Joined: Jan 20 2012

I didn't even know we had ads lol (ad blocker ftw), pretty sure they don't make much off of them though. Maybe enough for the site upkeep but I doubt much more.

Either way thx for the hardwork Ash

Sorry guys. I haven't had

Ash

Joined: Dec 10 2011

Sorry guys. I haven't had much time today but I think the uploads are now fixed. If someone could confirm that would be great as I have to go now.

@musenji you're right but it's not like it pays the bills lol. I work in software. I can make more in a day than this site generates in a month. But yeah, of course I'm not going to leave it broken :) cheers guys. I'll update again soon.

HTML is filtered on new

auriplane

Joined: Sep 06 2008

HTML is filtered on new comments now. This is a good thing--the site has been super-vulnerable to XSS for a long time. Not being able to post pictures is a side-effect of the way filtering is set up at the moment.

Although the site could be changed to allow images to be inserted, for the time being you can at least link to them. (Or if it's really important, tell a mod to go change your post to unfiltered so the image shows up.)

----------

Auriplane!!

Re: List of problems

Ash

Joined: Dec 10 2011

auriplane said

Current list of problems:

  • Can't edit composers, series, or styles (although I can edit games). The pages look weird, and when I try to submit changes, it fails and says "Get out of here." for composers/series and "Page not found" for styles.

Auri, when was the last time you were able to successfully do this stuff? I've built a test environment from a snapshot of the gt code + db from 2 years ago. My assumption was that recent drupal updates broke this stuff so my plan was to keep applying the drupal updates until it broke the test environment...but...the test site is acting in exactly the same way(?)

Hmm... I have no idea!

auriplane

Joined: Sep 06 2008

Hmm... I have no idea! :-)

It's possible I've only edited games before. I'm certain I've never edited styles. I'm not sure about series.

I do remember editing composers in the past, but memory isn't always such a reliable thing :-/

----------

Auriplane!!

Same problem for me, but I

hslesperance

Location: Walpole, MA

Joined: Aug 10 2008

Same problem for me, but I also don't think I have ever edited a style, composer, or series; only deleted composers.

The upload file limit seems to be back to normal, hooray!

One more minor problem. Usually when you hover over the 'my account' drop down box there should be a number next to private messages telling you how many are unread. There's no number.

----------

My Original Songs - https://soundcloud.com/hslesperance

And i don't have the "+1"

hashel

Location: Liège (Belgium)

Joined: Mar 04 2008

And i don't have the "+1" next to Privates Messages when i got one.

May the courage be with you Ash ^^

----------

I do VGM covers and stuff at https://www.youtube.com/c/hashel

Oh hai guys. How's it

archard

Joined: Jan 11 2007

Oh hai guys. How's it going?

Ash if you have any specific questions about code stuff I'd be happy to help out.

----------

DANG

Hey Archard, nice to see you

hashel

Location: Liège (Belgium)

Joined: Mar 04 2008

Hey Archard, nice to see you :D
Do you still make covers ? Looks like the last one was 3 years ago :o

----------

I do VGM covers and stuff at https://www.youtube.com/c/hashel

This is weird. Every

hslesperance

Location: Walpole, MA

Joined: Aug 10 2008

This is weird. Every unpublished tab has Joe Hisaishi as the composer, even the ones posted before the site was hacked. There is no game listed in the game field, but that's how it's always been with unpublished tabs.

----------

My Original Songs - https://soundcloud.com/hslesperance

Okay, one more thing. The pre

hslesperance

Location: Walpole, MA

Joined: Aug 10 2008

Okay, one more thing. The pre formatting tags don't work in comments or the forum. It does work when posting a new tab to the site.

Edit: Nevermind, the pre tags don't work when posting a new tab so I guess I won't be publishing anything new until that's fixed.

----------

My Original Songs - https://soundcloud.com/hslesperance

Just ooooooonnnneeee more

hslesperance

Location: Walpole, MA

Joined: Aug 10 2008

Just ooooooonnnneeee more thing. When you click on a platform the heading reads 'Super Awesome Fun' for each one. I think I've seen it do that before. None of the other browse tab sections do this.

----------

My Original Songs - https://soundcloud.com/hslesperance

Also the sorting filters are

hslesperance

Location: Walpole, MA

Joined: Aug 10 2008

Also the sorting filters are not working on individual games or when browsing by instrument.

----------

My Original Songs - https://soundcloud.com/hslesperance

Re: Oh hai guys. How's it

auriplane

Joined: Sep 06 2008

archard said

Oh hai guys. How's it going?

Ash if you have any specific questions about code stuff I'd be happy to help out.

Hello, Fearless Leader! Welcome back! :-)

----------

Auriplane!!

So Archard does exists! I

BigHeadClan

Joined: Jan 20 2012

So Archard does exists! I thought he was just a legend passed down by the site admins. :D

HSL, you can work around the

auriplane

Joined: Sep 06 2008

HSL, you can work around the PRE thing. Go to "Input format" and pick "Full HTML". It appears directly under the textarea where you input the tab itself.

----------

Auriplane!!

I posted almost all the tabs

auriplane

Joined: Sep 06 2008

I posted almost all the tabs that were in the queue.

----------

Auriplane!!

Auri saves gametabs, thanks

hslesperance

Location: Walpole, MA

Joined: Aug 10 2008

Auri saves gametabs, thanks so much! I'd still like to go through the transciptions for accuracy and add missing audio links.

----------

My Original Songs - https://soundcloud.com/hslesperance

Yeah, sorry for just posting

auriplane

Joined: Sep 06 2008

Yeah, sorry for just posting most of them without doing too much actual moderation--I felt like the site was too far behind, and I didn't have enough time to spend on it :-( I did do a little bit here and there.

----------

Auriplane!!

Might want to fix the

Hakoria

Laon King

Location: gmt+1

Joined: Apr 03 2011

Might want to fix the copyright year at bottom of site sometime. That'd be sexy.

Hey HSL, are you still

auriplane

Joined: Sep 06 2008

Hey HSL, are you still approving tabs?

I just did a few, but it's hard for me to play through them right now since I cut my index finger open :-/ I can sorta half-ass the more melody-ish ones, but I just approved some fingerstyle arrangements without trying them.

Anyway, I approved 5 tabs. There's five more to post, but I can do those after these have had a chance to be on the front page for a bit.


We still have some basic features broken we need fixed--the site is filtering out PRE tags, which people need to post tabs in comments, and which makes it more annoying to submit/approve tabs. Hopefully Ash comes back and does that sometime soon.

----------

Auriplane!!

The meta tag description for

hslesperance

Location: Walpole, MA

Joined: Aug 10 2008

The meta tag description for the site on google says something about consolidation loans. It only happens on google, not yahoo or bing.

Yeah, I should put the rest of the tabs up tonight, I've just been busy with finals and then lazy with not-finals.

----------

My Original Songs - https://soundcloud.com/hslesperance

Oh, maybe that loans thing is

auriplane

Joined: Sep 06 2008

Oh, maybe that loans thing is from when it was hacked...

----------

Auriplane!!

Hey guys

Ash

Joined: Dec 10 2011

Sorry guys, I was struck down with a serious case of man-flu. I was in bed for like 2 weeks and then I was in a mad rush to get prepared for Christmas. I'm back now and I'm trying to work through the remaining issues. Hope you're all enjoying the holidays and hope we can get the site running soon.

OK, I've made some changes to

Ash

Joined: Dec 10 2011

OK, I've made some changes to the way text input is filtered. Pre tags are now allowed everywhere, including comments. And links are no longer allowed in comments to help prevent comment spam. The only things is...the system wasn't set up to allow different filter types on comments, posts tabs etc. so I've had to install some extra stuff to allow to give us this extra level of control so it's possible that this may cause some unpredictable results until we tweak it properly. So yeah, if you think your input is being inappropriately filtered, please let me know.

Cheers!

Hey, thanks! I'll let you

auriplane

Joined: Sep 06 2008

Hey, thanks! I'll let you know if I come across any problems. (I haven't tested anything yet.)

I'm glad you're feeling better, Ash!

----------

Auriplane!!

The Snail of Testing

auriplane

Joined: Sep 06 2008

                                                                d::
                                                                ''d$:     :h
                                                                   d$   :$h'
                                .......                             d$..$h'
                           ..cc$$$$$$$$$c.                  ...c$$$$$$$$$h
                         .d$$'        '$$$h.              cc$$$$:::::d$!$h
                       c$$'              '$$c           .$$$$:::()::d$!$h'
                     .c$$'                 $$h.        .d$$::::::::d$!!$h
                   .$$h'                    $$$.       $$$::::::::$$!!$h'
                  .$$h'      .;dd,           $$$.      $$$:::::::d$!!$h'
                  $$$'      dd$$$hh,          $$$.     $$$:::::::d$!!$h
                  $$$      d$$' '$hh.          $$$.   .$$$:::::d$!!!!$h
                  $$$      $$d    $$$           d$$.  $$$:::::d$!!!!$h'
                  $$$      $$$ d  $$$          .d$$$.c$$::::::d$!!!!$h
                  $$$.     '$$$$  $$$         .$$$$$$$$::::::d$$!!!$h'
                  '$$h.           $$$       .d$$:::::::::::::d$$!!!$h
                    "$$$h        .$$$    ,$$$:::::::::::::::d$$!!!$h'
  .hh              .c$$:$h       $$$'   ,$$$::::::::::::::d$$!!!$h'
  d$$           .c$$$:::$$h,     $$h    $$$:::::::::::::d$$$!!!$h'
  $$$.        .$$h::::::::$$$dddd$h'   $$$::::::::::::dd$$!!!!$h'
  '$$$$c...cc$$h:::::::::::$$$$$$$hhhh$$$::::::::::d$$$$$$$hhh'
   '$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$hhhhhhhh'''

EDIT: Looks like <pre> is working! :-)

----------

Auriplane!!

Re: The Snail of Testing

Ash

Joined: Dec 10 2011

auriplane said

                                                                d::
                                                                ''d$:     :h
                                                                   d$   :$h'
                                .......                             d$..$h'
                           ..cc$$$$$$$$$c.                  ...c$$$$$$$$$h
                         .d$$'        '$$$h.              cc$$$$:::::d$!$h
                       c$$'              '$$c           .$$$$:::()::d$!$h'
                     .c$$'                 $$h.        .d$$::::::::d$!!$h
                   .$$h'                    $$$.       $$$::::::::$$!!$h'
                  .$$h'      .;dd,           $$$.      $$$:::::::d$!!$h'
                  $$$'      dd$$$hh,          $$$.     $$$:::::::d$!!$h
                  $$$      d$$' '$hh.          $$$.   .$$$:::::d$!!!!$h
                  $$$      $$d    $$$           d$$.  $$$:::::d$!!!!$h'
                  $$$      $$$ d  $$$          .d$$$.c$$::::::d$!!!!$h
                  $$$.     '$$$$  $$$         .$$$$$$$$::::::d$$!!!$h'
                  '$$h.           $$$       .d$$:::::::::::::d$$!!!$h
                    "$$$h        .$$$    ,$$$:::::::::::::::d$$!!!$h'
  .hh              .c$$:$h       $$$'   ,$$$::::::::::::::d$$!!!$h'
  d$$           .c$$$:::$$h,     $$h    $$$:::::::::::::d$$$!!!$h'
  $$$.        .$$h::::::::$$$dddd$h'   $$$::::::::::::dd$$!!!!$h'
  '$$$$c...cc$$h:::::::::::$$$$$$$hhhh$$$::::::::::d$$$$$$$hhh'
   '$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$hhhhhhhh'''

EDIT: Looks like <pre> is working! :-)

Looks like pre in blockquote is working too :)

Testing: Auriplane.net

Ash

Joined: Dec 10 2011

Testing: Auriplane.net

EDIT: ooh, that's not good...

Ugh, I guess it considers a

Ash

Joined: Dec 10 2011

Ugh, I guess it considers a 'node comment' and a 'forum comment' to be the same thing, so it's blocking links in the forum now...hmm...

take 2

Ash

Joined: Dec 10 2011

Auriplane.net

EDIT: OK, done. Links are not allowed in tab comments and are allowed on forums. All new links are automatically nofollowed in a futile attempt to deter spam.