DSLRUsers.com

Well it looks as if the DPReview mention of the firmware upgrade has resulted in the biggest influx of members since Gary started this forum.

68 new members and for any of those that have not posted yet or we have not welcomed personally through a thread - welcome

Congratulations to Gary & Son (sounds like a new sitcom) for starting this fantastic site for D70 lovers.

Chris

A pre-emptive "hi and welcome" to the influx of newcomers. We are a friendly bunch - please don't hesitate to post!

I noticed that there were 22 visitors on line yesterday afternoon so there’s more to come I think

Cheers
Ray

I'm wondering how many of those "visitors" were members who didn't actually log in?

Consequently I'm also wondering if there might be some value in closing off a few of the forum sections to guests (which ones?) and thus force yall to log in rather than just browse?

Hi Gary, yeh that would do it for sure, not that i would have to worry about as i never log out, only to reboot the oldgirl here every few days or so i just stay in and hit the refresh buton now and then to see whats changed.LOl
Cheers
John

Yep... I'm thinking that's a good idea Gary... especially all the event, bargain and evaluation sections might make a good start.

Michael.

Mj wrote:Yep... I'm thinking that's a good idea Gary... especially all the event, bargain and evaluation sections might make a good start.

Michael.

I’ll go with Mj on this Gary - I am logged in all the time so it does not worry me.

Chris

I believe we should isolate the core of the D70Users.com forum ie. Bargins, Calendar of Events etc............ to guests.


Cheers,

Sounds like a good idea. Wondering if keeping image critiques private might encourage more people to post as well.

Andy

Agreed.

Greg B wrote:Agreed.

Agree also

Chris

I understand what you're saying, but it seems to me that the honesty, openness and maturity of the image critiquing here, seems to be something that we'd want to display.

Bargains ... perhaps.

Trader opinions?

Tutorials? I can hide the tutorials block from the main page if you're not logged in ...

Thats an excellent idea atencati. That is one of the major reasons why I haven't posted an image for critique yet - its basically open to be flamed - yet I don't believe the current registered members would flame people...

Oh yeah, the other reason is that most of my images are cr@p - but thats another story all together...

I like the idea of blocking bargains, trader opinions, and tutorials.

Calendar I'm not sure about.

wile_E wrote:Thats an excellent idea atencati. That is one of the major reasons why I haven't posted an image for critique yet - its basically open to be flamed - yet I don't believe the current registered members would flame people...

Actually, not from the future member base either, if I have any say in the matter. (I believe that I might ... )

We would come down bloody hard on anyone who would flame anyone else here. It serves no useful purpose at all, and it simply goes against the spirit of community that we've built up here.

Honest and open criticisim, in a positive manner and with a positive attitude, is one thing, and like active and vigorous debate, it is both welcome and encouraged.

But you shouldn't be expecting your photography skills to be improving as rapidly as they might if you're not going to be prepared to post images for comments and critiques.

I think Bargians is a good blocking candidate... seeing as many of them are Poon Birddog specials only available to memebers

MHD wrote:I think Bargians is a good blocking candidate... seeing as many of them are Poon Birddog specials only available to memebers

I think this has been done long ago and it can be accesed by active members only.

Non-members can view, but may not post.

It's the only restriction that we have in place at this time.

Just FYI... I'm a member of another phpBB forum and we conciously blocked even view access to non-members, just so that we could avoid spammers picking up e-mail addresses, MSN/ICQ accounts and other facts from members' posts... Maybe we are paranoid, but phpBB is such common forum software, I can imagine that people write software to mine the members' directory etc...

Personally, I would have no problems with all sections of the forum being locked out for viewing until you register...
However, that may have 2 knock-on effects:
- you may lose out on people who casually drop by, but can't be bothered to go thru the registration process...
- you may get a lot of litter in your member directory coz people who registered didn't know what they were getting into... had a quick read and decided it probably wasn't for them...

leek wrote:Just FYI... I'm a member of another phpBB forum and we conciously blocked even view access to non-members, just so that we could avoid spammers picking up e-mail addresses, MSN/ICQ accounts and other facts from members' posts... Maybe we are paranoid, but phpBB is such common forum software, I can imagine that people write software to mine the members' directory etc... .

What version of phpbb are they using? I've been using it for well over 2 years, and basically the same version - 2.x. I don't know (nor care too much) about ICQ/MSN addresses, but email addresses are never displayed, even to members. Hell, I've got to go into SQL to grab them!

The only way they could get this stuff would be to gain access to the configuration file that conatins the the SQL server login details, and then they would need to write a suitable script that could be loaded onto the server, and then it would need to be executed.

Not impossible, but not exactly easy.

If they've got access at that level, then the server is already seriously compromised, and email address leakage would be the last of their concerns.

They are using v. 2.0.4. You are correct about the main e-mail address (of course)... I was referring to the e-mail address used for MSN. In addition, this other group have made improvements to the profile to hold mobile numbers and other personal information... Hence the need for increased privacy...

Ok, that makes sense.

They should probably look to updating to 2.11; there are a couple of serious security issues with earlier versions, and we were bitten by one in mid December.

Recovery was relatively easy because of the brainless nature of the hack, but it was still a real PITA to deal with.

And while the specific mode of attack has been neutralised, the vulnerability still exists, and the upgrade to 2.11 should be considered as essential.

I thought the flaw was within the PHP version we were running itself, not phpBB.

No.

While there is an issue in php, the susceptibility that we fell foul of was a buffer overflow issue in the way the phpbb's showtopic call was written.