Latest revision |
Your text |
Line 1: |
Line 1: |
| == Main Page test == | | == Proposals == |
| Since the main page is locked from spam, maybe we could try putting things in templates to hide them from the bots. We'll be needing to add the new town soon(ish) so I've made the town list into a template first.
| |
| | |
| == whiteSortArrows ==
| |
| | |
| think we need ur magic to link these guys:
| |
| {| style="background-color:royalblue; margin-right:15px; text-align:center;"
| |
| | [[Image:Sort up white.gif]] [[File:Sort down white.gif]] [[File:Sort both white.gif]]
| |
| |}
| |
| to the class="sortable whiteSortArrows" again.
| |
| | |
| (example of how its not working for the moment: [[Template:Creature table]])
| |
| | |
| : [[MediaWiki:Common.css]] needs to be fixed because the way the site links stuff is different now.
| |
| : You need special privileges to edit that page. I think Terra is currently the only one who can.
| |
| : Replace what is currently there with this:
| |
| <pre>
| |
| table.whiteSortArrows.jquery-tablesorter th.headerSortUp{
| |
| background-image: url(https://heroes.thelazy.net/images/8/82/Sort_up_white.gif) !important;
| |
| }
| |
| table.whiteSortArrows.jquery-tablesorter th.headerSortDown{
| |
| background-image: url(https://heroes.thelazy.net/images/5/56/Sort_down_white.gif) !important;
| |
| }
| |
| table.whiteSortArrows.jquery-tablesorter th.headerSort{
| |
| background-image: url(https://heroes.thelazy.net/images/3/36/Sort_both_white.gif);
| |
| }
| |
| </pre>
| |
| :: Another option is to add it to all the specific skin css pages:
| |
| :: MediaWiki:Vector.css
| |
| :: MediaWiki:Monobook.css
| |
| :: MediaWiki:Timeless.css
| |
| | |
| ::: (Just wanted to note this was fixed some time ago.)
| |
| | |
| == Discord ==
| |
| | |
| Was thinking of having a more interactive channel than this page that I forget to check often enough, set up a discord channel at https://discord.gg/4XuzYKx - any interest?
| |
| | |
| --[[User:Terra|Terrasque]] ([[User talk:Terra|talk]]) 08:01, 21 February 2018 (CET)
| |
| | |
| :: Cool! Added it to the [[Main Page|main page]].
| |
| :: --[[user:imahero|imahero]] 08:53, 21 February 2018 (CET)
| |
| | |
| == Images ==
| |
| | |
| Some images have been messed up on the server.<br>
| |
| [[File:Specialty_Archers.png]]
| |
| [[File:Specialty_Archery.png]]
| |
| [[File:Specialty_Beholders.png]]
| |
| [[File:Specialty_Bless.png]]
| |
| [[File:Hero_Adela.png]]
| |
| [[File:Hero_Ajit.png]]
| |
| <br>And many more in the same fashion. Any idea what's going on?
| |
| <br>--[[user:imahero|imahero]] 08:59, 26 January 2018 (CET)
| |
| | |
| :: I fixed all the ones you originally uploaded. Hopefully that was the extent of the damage. Look at the revision history of the above images to see what they looked like.
| |
| :: --[[user:imahero|imahero]] 02:16, 30 January 2018 (CET)
| |
| | |
| ::: Can't see any issues with the old one, maybe some browser thing. New pictures certainly work, so all's good :)
| |
| ::: [[User:Terra|Terrasque]] ([[User talk:Terra|talk]]) 08:00, 21 February 2018 (CET)
| |
| | |
| == Main Page ==
| |
| | |
| Would you mind updating the main page with my [[User:imahero/Proposals/Conservative Main Page|proposal]] again?
| |
| <br>--[[user:imahero|imahero]] 15:13, 9 January 2018 (CET)
| |
| | |
| :For what my opinion is worth, I do not think that these unofficial towns are necessary for this wiki. Personally I would like that we would concentrate on the original {{homm}} {{roe}} and the official expansion {{ab}} and {{sod}}. I believe [[User:Ibraesil|Ibraesil]] feels about the same. –[[User:Kapteeni Ruoska|Kapteeni Ruoska]] ([[User talk:Kapteeni Ruoska|talk]]) 13:54, 11 January 2018 (CET)
| |
| | |
| :: Which do you prefer [[User:Terra|Terra]]? The [[User:imahero/Proposals/Conservative Main Page|proposal with unofficial towns]] or the [[User:imahero/Proposals/Purist Main Page|one without]]? How about [[User:imahero/Proposals/Cove Main Page|one with only Cove]]? This is what I would personally choose. Also what is your opinion on having [[Cove]] in the sidebars throughout the site? I believe that {{hota}} is a worthy successor to {{sod}}.
| |
| :: --[[user:imahero|imahero]] 16:35, 11 January 2018 (CET)
| |
| | |
| ::: Well I kinda like the one with all of them, makes people curious and start exploring. I don't know the current state of WoG tho, if that's buggy / substandard it might be best to leave it out from the list. But if that's still good I prefer the one with all :) Lets us have a space for potential other ones in the future. Also, considering unlocking the front page. We generally don't have much vandalism these days
| |
| ::: --[[User:Terra|Terrasque]] ([[User talk:Terra|talk]]) 20:26, 11 January 2018 (CET)
| |
| | |
| :::: Awesome! So you're OK with [[Cove]] on the sidebars throughout the site? It greatly increases usability of the site for those of us playing with HotA and I honestly don't think it should impact those playing SoD (in the same way those playing RoE wouldn't really be affected by having a [[Conflux]] link for those playing AB or SoD).
| |
| :::: --[[user:imahero|imahero]] 20:28, 11 January 2018 (CET)
| |
| | |
| :::::I am not entirely aware what [[user:imahero|imahero's]] intentions are, but as I understood it he/she wishes to mix fanbased mod information with the original data. [[user:imahero|imahero]], am I correct? To me this seems illogical and confusing for everyone, because where do we draw the line after that. How do we separate what information is worthy and what is unworthy to add to this wiki? Now the "rules" are clear, the main wiki contains information only from the official game and perhaps a few anekdotes around it. And if we crosslink these different information sources then it quickly becomes unclear what features are available in each different version of the game and all its mods. In summary, my biggest fear is, that the wiki becomes a web of pointless information about some nonsense mods. –[[User:Kapteeni Ruoska|Kapteeni Ruoska]] ([[User talk:Kapteeni Ruoska|talk]]) 06:15, 12 January 2018 (CET)
| |
| | |
| :::::: Nah. Like I said before. Just links to [[Cove]] in the sidebar to increase usability for those of us playing with HotA. No other mod comes anywhere close to the level of HotA.
| |
| :::::: --[[user:imahero|imahero]] 06:34, 12 January 2018 (CET)
| |
| | |
| :::::::Because you develop it? ;) I admit that I am not too familiar with HotA, but to me it seems difficult to draw a line between different mods. Next week some a new user comes along and starts to write about WoG or some other. I just think there are other places and platforms to deal with these mods than this wiki. –[[User:Kapteeni Ruoska|Kapteeni Ruoska]] ([[User talk:Kapteeni Ruoska|talk]]) 07:25, 12 January 2018 (CET)
| |
| | |
| :::::::: Haha. No.
| |
| :::::::: I don't think a link back to [[Cove]] is asking too much. Some people ban [[Conflux]]. Should we remove it from the sidebar too? [[Horn of the Abyss]] does more for the game than both of the two official expansions combined.
| |
| :::::::: --[[user:imahero|imahero]] 07:30, 12 January 2018 (CET)
| |
| | |
| ::::::::: We should have information on noteworthy unofficial stuff - noteworthy being somewhat subjective - but it should be clearly marked and separated from information about the official game. So on it's own pages, not mixed into pages about official information. "Official" pages can hold references to it, as long as it's marked as unofficial content and it makes sense to link to it. Also, we should try not to play favorites :) So for sidebar, if it's in it's own "Unofficial" section and also refers to WoG one.
| |
| ::::::::: The reason I want noteworthy / good unofficial addons listed is because they add significantly to the game, and active players / fans should know that they exist and what they are. But at the same time clearly have them separate from the official game.
| |
| ::::::::: --[[User:Terra|Terrasque]] ([[User talk:Terra|talk]]) 08:30, 12 January 2018 (CET)
| |
| | |
| :::::::::: Awesome! So you're going to [[User:imahero/Proposals/Conservative Main Page|update the main page]] right? Or are you going to set it as unprotected?
| |
| :::::::::: --[[user:imahero|imahero]] 20:03, 12 January 2018 (CET)
| |
| | |
| == [[Proposals]] ==
| |
|
| |
|
| This is my proposed update to the main page: [[User:imahero/Proposals/Conservative Main Page|Conservative Main Page]]. <br> | | This is my proposed update to the main page: [[User:imahero/Proposals/Conservative Main Page|Conservative Main Page]]. <br> |
| --[[User:imahero|imahero]] 23:45, 16 September 2016 (CEST) | | --[[User:imahero|imahero]] 23:45, 16 September 2016 (CEST) |
|
| |
|
| : But why? What's the goal of changing it?
| |
| : --[[User:Terra|Terrasque]]
| |
|
| |
| :: Much more concise and easier for new users to navigate. Also I don't like how the unofficial towns are listed right along with the official ones.
| |
| :: --[[user:imahero|imahero]] 15:25, 31 October 2016 (CET)
| |
|
| |
| ::: Have you given this any further thought? Are there any additional changes you'd like me to make to it?
| |
| ::: --[[user:imahero|imahero]] 00:42, 23 November 2016 (CET)
| |
|
| |
| :::: Ah damn.. Sorry, thought I had replied here. I see it's simpler, but I don't see it being better than what's now. The current page immediately let you jump to something central and familiar - the towns, and lets you explore the wiki from there. I think that's a great start spot if you're not already looking for something specific. And having things like the Forge there directly is an eye catcher and prods people's curiosity. Maybe someone realize they don't know quite as much as they thought about the game, and start reading. There might be things to improve on the front page, but I think those belong there and have a purpose.
| |
| :::: --[[User:Terra|Terrasque]] 22:19, 25 November 2016 (CET)
| |
|
| |
| ::::: OK. I've adjusted the proposal according to your guidance. I've only fixed links and made things more consistent rather than removing anything. Is it ready now, or are there any other changes I need to make?
| |
| ::::: --[[user:imahero|imahero]] 00:30, 26 November 2016 (CET)
| |
|
| |
| :::::: That looks pretty good :) changed the frontpage. And sorry for responding so slowly
| |
| :::::: --[[User:Terra|Terrasque]] 15:43, 1 December 2016 (CET)
| |
|
| |
|
| == Images == | | == Images == |
Line 131: |
Line 19: |
|
| |
|
| : I still have my RSS reader monitoring changes to the wiki, so get noticed when something happens :) | | : I still have my RSS reader monitoring changes to the wiki, so get noticed when something happens :) |
| : --[[User:Terra|Terrasque]] 12:49, 11 November 2012 (UTC) | | : [[User:Terra|Terrasque]] 12:49, 11 November 2012 (UTC) |
|
| |
|
| :: Well, that's good to know. :-) (Guess I'll be careful not to do anything crazy. ;-) [[User:Memetics|Memetics]] 14:15, 11 November 2012 (UTC) | | :: Well, that's good to know. :-) (Guess I'll be careful not to do anything crazy. ;-) [[User:Memetics|Memetics]] 14:15, 11 November 2012 (UTC) |
Line 146: |
Line 34: |
|
| |
|
| : Wiki has now been updated to latest version, sorry about the delay. | | : Wiki has now been updated to latest version, sorry about the delay. |
| : --[[User:Terra|Terrasque]] | | :--Terrasque |
| | |
| | ::If you could update to the latest version again, that would be great! :) <br> |
| | ::--[[User:imahero|imahero]] 13:24, 11 September 2016 (CEST) |
|
| |
|
| == Spammer == | | :::I see that the wiki is currently using 1.23.5 LTS, so it should only be necessary to update to 1.23.15 LTS to get all the most recent <span class="plainlinks">[https://phabricator.wikimedia.org/diffusion/MW/browse/REL1_23/RELEASE-NOTES-1.23 security updates]</span> without having to worry too much about breaking anything on the site. It'll be a different story in May 2017 when 1.23.x reaches end of life. At that point we'll want to update to the <span class="plainlinks">[https://www.mediawiki.org/wiki/Version_lifecycle#Versions_and_their_end-of-life latest LTS release]</span>. <br> |
| | :::--[[User:imahero|imahero]] 09:36, 15 September 2016 (CEST) |
|
| |
|
| Is there something you can do to block the IP address [[User:172.26.0.4|172.26.0.4]]? The guy using it is spamming the wiki for days. --[[User:Fire Paladin|Fire Paladin]] ([[User talk:Fire Paladin|talk]]) 14:13, 8 November 2019 (UTC)
| |
| :It looks like the same guy also made an account: [[User:KarineHornung|KarineHornung]]. This account created another article in the same style like the other ones. --[[User:Fire Paladin|Fire Paladin]] ([[User talk:Fire Paladin|talk]]) 11:14, 11 November 2019 (UTC)
| |
| ::Now he has invaded the wiki with tens (hundreds?) of clones. And also tens of promotion articles. Now he uses this IP [[User:172.26.0.3|172.26.0.3]].
| |
| :::As more of a side note, I think you can let new pages be created only by logged users or let them be verified by admins first; just like in english Wikipedia (where you have to wait for admins to publish the certain page), since both this site and Wikipedia use MediaWiki. This would probably stop these unacceptable promotion pages by weird IPs from being created.--[[User:FirePaladin2|FirePaladin2]] ([[User talk:FirePaladin2|talk]]) 14:02, 24 February 2020 (UTC)
| |
| ::::The guy is now editing the main page at his own will. Because we all know the Main page doesn't need any change, I think you can protect the page, right? Since this is a site created with MediaWiki.--[[User:FirePaladin2|FirePaladin2]] ([[User talk:FirePaladin2|talk]]) 12:59, 26 February 2020 (UTC)
| |
| :::::Maaan, thank you... For finally protecting main page and deleting his spam...--[[User:FirePaladin2|FirePaladin2]] ([[User talk:FirePaladin2|talk]]) 23:08, 28 February 2020 (UTC)
| |
| ::::::some outdated weeds to grub up:
| |
| ::::::<nowiki>[[Putting Youtube Videos From Your Ipod Free-of-charge]]</nowiki>
| |
| ::::::<nowiki>[[The Fastest Tool Get Youtube Videos On Mac]]</nowiki>
| |
| ::::::<nowiki>[[That s What You ll Be Doing Plenty Of At A Russian Sauna And Amazingly This.]]</nowiki>
| |
| ::::::<nowiki>[[New Questions About Buy Viagra Online Answered And Why You Must Read Every Word Of This Report]]</nowiki>
| |
| ::::::<nowiki>[[What s Proper About Bramy Wjazdowe Pomorskie]]</nowiki> --[[User:GroundhogYear|GroundhogYear]] ([[User talk:GroundhogYear|talk]]) 03:38, 28 April 2020 (UTC)
| |
| :::::https://heroes.thelazy.net/index.php?title=User:Prom-electric.ru_mcx34 this guy needs a special attention --[[User:GroundhogYear|GroundhogYear]] ([[User talk:GroundhogYear|talk]]) 11:22, 25 April 2021 (UTC)
| |
|
| |
|
| == Tactics and info == | | == Permission requests == |
| Are the new sections I created okay for creatures?--[[User:FirePaladin2|FirePaladin2]] ([[User talk:FirePaladin2|talk]]) 13:40, 23 April 2020 (UTC)
| |
| :We should keep fact pages and opinion pages separate. This would go for the town pages as well. And pretty much everything else. I would put links to opinion pages at the bottom of fact pages if people are interested.
| |
| ::I say we should put a disclaimer, for Trivia and it, saying these are either general strategy, etc. and trivia is well... trivia. There are wikis which keep such info on the creature page, but in a more unorganized form than how I've put it. I think Tactics blabla should also be put at the bottom of the page. I will do it, of course, since I started all of this.--[[User:FirePaladin2|FirePaladin2]] ([[User talk:FirePaladin2|talk]]) 15:20, 23 April 2020 (UTC)
| |
| :::I did that. "Tactics and info" and "Trivia" are at the bottom of the pages, with a notice telling you it's just a general opinion on the subject.--[[User:FirePaladin2|FirePaladin2]] ([[User talk:FirePaladin2|talk]]) 12:24, 25 April 2020 (UTC)
| |
|
| |
|
| == Spam 2==
| | I'd like to request permission to edit and update the [[Main Page|main page]]. <br> |
| Can you please add the abuse filter extension, so the bots won't be able to spam (also delete all bot pages)? Also, I would like to contact you in private regarding something more important than this for the wiki.--[[User:FirePaladin2|FirePaladin2]] ([[User talk:FirePaladin2|talk]]) 09:22, 24 June 2020 (UTC)
| | --[[User:imahero|imahero]] 23:24, 11 September 2016 (CEST) |
|
| |
|
| : Might want to try contacting him on discord.
| |
|
| |
|
| ::Which one?--[[User:FirePaladin2|FirePaladin2]] ([[User talk:FirePaladin2|talk]]) 15:30, 24 June 2020 (UTC)
| | == List of security issues currently affecting the site, possibly putting all users at risk == |
|
| |
|
| ::: discord.gg/4XuzYKx | | * Security reminder: MediaWiki does not require PHP's register_globals. If you have it on, turn it '''off''' if you can. |
| | * BREAKING CHANGE: $wgHTTPProxy is now *required* for all external requests made by MediaWiki via a proxy. Relying on the http_proxy environment variable is no longer supported. |
| | * (T139565) SECURITY: API: Generate head items in the context of the given title |
| | * (T137264) SECURITY: XSS in unclosed internal links |
| | * (T133147) SECURITY: Escape '<' and ']]>' in inline <style> blocks |
| | * (T133147) SECURITY: Require login to preview user CSS pages |
| | * (T132926) SECURITY: Do not allow undeleting a revision deleted file if it is the top file |
| | * (T129738) SECURITY: Make $wgBlockDisablesLogin also restrict logged in permissions |
| | * (T129738) SECURITY: Make blocks log users out if $wgBlockDisablesLogin is true |
| | * (T115333) SECURITY: Check read permission when loading page content in ApiParse |
| | * Remove support for $wgWellFormedXml = false, all output is now well formed |
| | * (T121892) Fix fatal errors on some Special pages, introduced in 1.23.12. |
| | * (T122056) Old tokens are remaining valid within a new session |
| | * (T127114) Login throttle can be tricked using non-canonicalized usernames |
| | * (T123653) Cross-domain policy regexp is too narrow |
| | * (T123071) Incorrectly identifying http link in a's href attributes, due to m modifier in regex |
| | * (T129506) MediaWiki:Gadget-popups.js isn't renderable |
| | * (T125283) Users occasionally logged in as different users after SessionManager deployment |
| | * (T103239) Patrol allows click catching and patrolling of any page |
| | * (T122807) [tracking] Check php crypto primatives |
| | * (T98313) Graphs can leak tokens, leading to CSRF |
| | * (T130947) Diff generation should use PoolCounter |
| | * (T133507) Careless use of $wgExternalLinkTarget is insecure |
| | * (T132874) API action=move is not rate limited |
| | * (T110143) strip markers can be used to get around html attribute escaping in (many?) parser tags |
| | * (T126685) Globally throttle password attempts |
| | * (T117899) SECURITY: $wgArticlePath can no longer be set to relative paths that do not begin with a slash. This enabled trivial XSS attacks.Configuration values such as <nowiki>"http://my.wiki.com/wiki/$1"</nowiki> are fine, as are "/wiki/$1". A value such as "$1" or "wiki/$1" is not and will now throw an error. |
| | * (T119309) SECURITY: Use hash_compare() for edit token comparison |
| | * (T118032) SECURITY: Don't allow cURL to interpret POST parameters starting with '@' as file uploads |
| | * (T115522) SECURITY: Passwords generated by User::randomPassword() can no longer be shorter than $wgMinimalPasswordLength |
| | * (T97897) SECURITY: Improve IP parsing and trimming. Previous behavior could result in improper blocks being issued |
| | * (T109724) SECURITY: Special:MyPage, Special:MyTalk, Special:MyContributions and related pages no longer use HTTP redirects and are now redirected by MediaWiki |
| | * (T91850) SECURITY: Add throttle check in ApiUpload and SpecialUpload |
| | * (T91203, T91205) SECURITY: API: Improve validation in chunked uploading |
| | * (T108616) SECURITY: Avoid exposure of local path in PNG thumbnails |
| | * (T94116) SECURITY: Compare API watchlist token in constant time |
| | * (T97391) SECURITY: Escape error message strings in thumb.php |
| | * (T106893) SECURITY: Don't leak autoblocked IP addresses on Special:DeletedContributions |
| | * (bug 67644) Make AutoLoaderTest handle namespaces |
| | * (T91653) Minimal PSR-3 debug logger to support backports from 1.25+. |
| | * (T102562) Fix InstantCommons parameters to handle the new HTTPS-only policy of Wikimedia Commons. |
| | * (T85848, T71210) SECURITY: Don't parse XMP blocks that contain XML entities, to prevent various DoS attacks. |
| | * (T85848) SECURITY: Don't allow directly calling Xml::isWellFormed, to reduce likelihood of DoS. |
| | * (T88310) SECURITY: Always expand xml entities when checking SVG's. |
| | * (T73394) SECURITY: Escape > in Html::expandAttributes to prevent XSS. |
| | * (T85855) SECURITY: Don't execute another user's CSS or JS on preview. |
| | * (T85349, T85850, T86711) SECURITY: Multiple issues fixed in SVG filtering to prevent XSS and protect viewer's privacy. |
| | * (bug T68650) Fix indexing of moved pages with PostgreSQL. Requires running update.php to fix. |
| | * (bug T70087) Fix Special:ActiveUsers page for installations using PostgreSQL. |
| | * (bug T76686) [SECURITY] thumb.php outputs wikitext message as raw HTML, which could lead to xss. Permission to edit MediaWiki namespace is required to exploit this. |
| | * (bug T77028) [SECURITY] Malicious site can bypass CORS restrictions in $wgCrossSiteAJAXdomains in API calls if it only included an allowed domain as part of its name. |
| | * (bug T74222) The original patch for T74222 was reverted as unnecessary. |
| | * (bugs 66776, 71478) SECURITY: User PleaseStand reported a way to inject code into API clients that used format=php to process pages that underwent flash policy mangling. This was fixed along with improving how the mangling was done for format=json, and allowing sites to disable the mangling using $wgMangleFlashPolicy. |
| | * (bug 70901) SECURITY: User Jackmcbarn reported that the ability to update the content model for a page could allow an unprivileged attacker to edit another user's common.js under certain circumstances. The user right "editcontentmodel" was added, and is needed to change a revision's content model. |
| | * (bug 71111) SECURITY: User PleaseStand reported that on wikis that allow raw HTML, it is not safe to preview wikitext coming from an untrusted source such as a cross-site request. Thus add an edit token to the form, and when raw HTML is allowed, ensure the token is provided before showing the preview. This check is not performed on wikis that both allow raw HTML and anonymous editing, since there are easier ways to exploit that scenario. |
| | * (bug 72222) SECURITY: Do not show log action when the entry is revdeleted with DELETED_ACTION. NOTICE: this may be reverted in a future release pending a public RFC about the desired functionality. This issue was reported by user Bawolff. |
| | * (bug 71621) Make allowing site-wide styles on restricted special pages a config option. |
| | * (bug 42723) Added updated version history from 1.19.2 to 1.22.13 |
| | * $wgMangleFlashPolicy was added to make MediaWiki's mangling of anything that might be a flash policy directive configurable. |
| | * (Bug 72274) Job queue not running (HTTP 411) due to missing Content-Length: header |
| | * (Bug 67440) Allow classes to be registered properly from installer |
|
| |
|
| ::::Thanks!--[[User:FirePaladin2|FirePaladin2]] ([[User talk:FirePaladin2|talk]]) 15:33, 24 June 2020 (UTC)
| |
|
| |
|
| [[Special:AbuseFilter|Abuse filter]] is installed, but it's not configured to [[Special:AbuseLog|catch enough spam]]. I'll repeat the suggestion to look into copying some of the rules from [https://doomwiki.org/wiki/Special:AbuseFilter this other wiki].
| |
| __notoc__ | | __notoc__ |