multipage topics displaying replies from the first page on the last page

[AEnterprise]

I'm the admin of the Buildcraft forum and some users are reporting that they have problems viewing some threads. In each case they are saying that on the last page of the thread they are seeing the contents of the first page. This doesn't seem brower or OS related, we checked for that. This is the second time they are reporting this.  The first time was a bit ago when whe had a spam bot invasion. I locked down the forum to clean it all up, ban the bots and remove there posts. Then a few people reported this to me and i googled a bit but didn't find anything. they didn't realy remind me of it and modified there settings to see more posts on each page so it got forgotten.

Also due to that bot attack up until last week all posts had to be aproved making people post less often untill i made new usergroups with permission to post again and added people to that so new people and bots only have to be aproved to keep the forum clean.

Now that people are posting again and threads are reaching 2 pages again more people are reporting this issue. Now more and more people are reporting this, the issue was probably arround since the bot attack but went unnoticed for a while.

But the odd thing about this bug is that i personally am not affected by this bug as admin so i suspect it has something todo with permissions but i'm not sure.

The forum version is 2.0.7.

I hope someone here knows what's going on and how to fix this cause it's getting verry annoying

P.S. i can't post a link to the forum i get an error that i'm not allowed, probably because i'm new here

[Kindred]

post the link/url, just not as a URL (in other words, remove the http and www when you post)
that limitation goes away after a few posts

1- upgrade your forum.  2.0.9 is the current version and includes fixes for some issues with 2.0.7 as well as security updates.
2- add anti-spam measures. (see the FAQ/Wiki regarding the best options to avoid spammer registrations)
3- We really would need to see the issue that you report.... so, please do post a URL of a thread which demonstrates the reported issue?

4- mods installed?

[Illori]

3- We really would need to see the issue that you report.... so, please do post a URL of a thread which demonstrates the reported issue?

maybe
profile -> look and layout uncheck Show most recent posts at the top. and save the page

[AEnterprise]

ok forum link: mod-buildcraft.com/forums/index.php

as for upgrading i am a forum admin but i don't have ftp access to the site, the owner/maintainer is MIA atm and isn't responding to emails and i have no way of knowing when i'll be able to contact him again.

this also means adding anti-spam mods isn't possible, he is also strongly agains adding mods so there are non installed

as for showing it: i personally am not affected i can see it all as it should be but when viewing the forum as guest you can see it. multipage thread: mod-buildcraft.com/forums/index.php?topic=890.135

this also only heapens on the last page, pages 2 -9 are ok but 10 is a copy of 1

[Kindred]

Ok... thanks for the links.  That is definitely weird -- and is not at all the expected behavior.
Are you certain that there are no mods installed? because the link that you included definitely shows odd behavior and I have never seen that before in any standard installation.
(strangely, that repeat of the first page of the thread actually has the reply numbers that you would expect from page 10 (in other words, although the individual posts seem to be duplicated, they seem to be MARKED as reply #135, #136, etc...  not #1, #2, etc

regarding mods...   some admins can be pretty stupid....   but those anti-spam mods are pretty much required at this point (the reason they are not included int he core product is because they use third party sites/databases)

At the very least, add about 15 GOOD questions and set it to use three random ones per registration...

Upgrading can be done in the package manager without separate FTP access (assuming the file permissions allow)

[AEnterprise]

i am 100% sure about the no mods installed as proven by this screenshot: imgur.com/mtEQC1D

as for security questions: i added questions and awnsers that DIDN'T match by accident (only one matched and 2 where required), later someone reported it to me and i fixed it yet bots kept signing up so i think they are using an exploit in the forum to get past it

as for upgrading i didn't knew that was possible without ftp access, i'll put the forum in maintenence mode look up how to do it and upgrade to 2.0.9 then

[Drunken Clam]

As you managed to successfully remove the SMF copyright, you should be able to sort this out yourself. 

Although you are allowed to remove the copyright in this version, you should not expect support when things go wrong. 

[AEnterprise]

As you managed to successfully remove the SMF copyright, you should be able to sort this out yourself. 

Although you are allowed to remove the copyright in this version, you should not expect support when things go wrong. 

the copyright was removed only because it contained the version of the forum running, that is the only modification made and this issue poped up long before that was done, and with results: over 75% of the bots didn't return cause they don't know the forum version

[AEnterprise]

update: i tried updating the forum but it failed and i got this error: imgur.com/VAGCHn5

failed 2x, first time i downloaded myself and used the interface of the forum up upload it and a second time i had the forum download it directly, i guess that means current FTP permissions are not alowing the update and i can't fix it

also are you guys sure that update will fix it?

[Kindred]

ok...  a few things.

1- there are no known exploits in 2.0.9 (and no known exploits to do registration in 2.0.7, for that matter)
2- I did not look at your questions... but, if you got spammers and bots registering, then they are not good enough or the answers were logged into the spammer database. You need to change them every few months.

3- copyright.  Sorry, but that is complete and utter BS.
a- you can remove the version number without removing the copyright.
b- even doing that does absolutely nothing at all to protect your forum...   hackers and script kiddies don't' even both to look at what software you are running, let alone the version. They just use a both to try every single hack they know of.  Security through obscurity does not work, at all.
c- Although it is within your legal rights to remove the copyright, under the by removing the copyright, you have essentially stated that you don't need the support of the SMF community -- and, in general we do not provide support to such sites...


4- your error indicates that directory permissions may be screwed up...   but did you try to download the patch from here and use the package manager to upload it instead of the "atuo run"?

[AEnterprise]

ok...  a few things.

1- there are no known exploits in 2.0.9 (and no known exploits to do registration in 2.0.7, for that matter)
2- I did not look at your questions... but, if you got spammers and bots registering, then they are not good enough or the answers were logged into the spammer database. You need to change them every few months.

3- copyright.  Sorry, but that is complete and utter BS.
a- you can remove the version number without removing the copyright.
b- even doing that does absolutely nothing at all to protect your forum...   hackers and script kiddies don't' even both to look at what software you are running, let alone the version. They just use a both to try every single hack they know of.  Security through obscurity does not work, at all.
c- Although it is within your legal rights to remove the copyright, under the by removing the copyright, you have essentially stated that you don't need the support of the SMF community -- and, in general we do not provide support to such sites...


4- your error indicates that directory permissions may be screwed up...   but did you try to download the patch from here and use the package manager to upload it instead of the "atuo run"?

as for the expliots i was guessing but the questions may be a logged also

for the copyright: i didn't found the part that specified the number so i deleted the call to the function, i barely know php but that is all that that i edited, i can put it back if you guys wana help then. the removal of it was a sugestion by someone else, he said he looked intro the smf terms of servise and all that and that i was no issue and wouldn't make a difference to remove it, fact remains that alot of bots are gone, only other explanation is that they left on there own then

where can i find that 'auto run' button? no mention of it on the online manual on the page about updating the forum

EDIT: put the copyright back

[AEnterprise]

did some more googling and i used the patches to update first to 2.0.8 and then to 2.0.9 but it sadly doesn't solve the issue

[Arantor]

No, it wouldn't make a difference to remove it - but the team here feel that it isn't appropriate to provide support if a link back won't be left, it's not exactly a huge price to pay for free software.

That said, there is a correlation between removing it and forums getting spammed because they didn't - it's long been a thing for spammers to find forums by scanning for the forum copyright. But I guarantee you it has nothing to do with the version per-se, it's actually the fact the entire copyright is hidden. I discovered this when I experimented with rewording the footer text.

[AEnterprise]

No, it wouldn't make a difference to remove it - but the team here feel that it isn't appropriate to provide support if a link back won't be left, it's not exactly a huge price to pay for free software.

That said, there is a correlation between removing it and forums getting spammed because they didn't - it's long been a thing for spammers to find forums by scanning for the forum copyright. But I guarantee you it has nothing to do with the version per-se, it's actually the fact the entire copyright is hidden. I discovered this when I experimented with rewording the footer text.

i have put the link back, i'm sorry for that but i didn't think of that, i've replaced it with a static recreation, it has the right links but not the forum number, i appologize for it but at that time i just had enough of the bots, one spam post every 5 mins was getting to much to handle

[Arantor]

It is unlikely that will actually help you.

[AEnterprise]

It is unlikely that will actually help you.

i duno if it helps or not, thought it was worth it to try it

[Arantor]

I'm just going on my experience... it generally didn't show signs of helping, and proper anti-spam defences are the answer.

[Kindred]

Seriously... 

adding a series of GOOD questions will cut down the spammers, immediately.
create at least 15 questions, require 3

installing the bad behavior + httpBL mod and/or the Stop Spammer mod will then stop the rest of them, pretty much.
I have not had a single spammer get through in close to 2 years now - with the exception of the recent spam database update that required 90% of us to change our questions

[AEnterprise]

Seriously... 

adding a series of GOOD questions will cut down the spammers, immediately.
create at least 15 questions, require 3

installing the bad behavior + httpBL mod and/or the Stop Spammer mod will then stop the rest of them, pretty much.
I have not had a single spammer get through in close to 2 years now - with the exception of the recent spam database update that required 90% of us to change our questions

yes i know i should redo it, didn't get arround to doing it yet

but that is not why i created this thread, the same issue of the last page displaying the first pages posts is still an issue on the forum, even with the patches that updated it to 2.0.9

[Kindred]

yes, I didn't expect the 2.0.9 upgrade to fix that...   THAT issue is related to something else, entirely...
I wanted you to do the upgrade for your own security

unfortunately, without FTP or at least host control panel access, I am not sure what we can do...   since this does NOT happen on any other installation that I have ever seen and you claim to have no mods installed. You also indicate that guests and some users see the issue, but you do not...   

So, something is incredibly screwed up, somewhere in your system... and direct file and database access is likely to be the only way to fix things.



Side note:   you have removed the version from the copyright statement in the footer... but
http://mod-buildcraft.com/forums/index.php?action=credits
still shows it...   so - if you think that you are preventing anything by removing it, you are unfortunately confused... since the spammer or hacker can just check that page...