we can haz...
04-11-2015, 01:19 AM,
Post: #1
we can haz...
A sloganator? Please?
Clubbie Clubbie Clubbie Clubbie Clubbie Clubbie Clubbie Clubbie ClubbieClubbieClubbieClubbie




04-11-2015, 02:03 AM,
Post: #2
RE: we can haz...
Dude, we can't even tell this sumbitch to not serve up the mobile versions very goddamn time.
ClubbieClubbieClubbieClubbieClubbieClubbieClubbie
ClubbieClubbieClubbieClubbieClubbieClubbieClubbie
ClubbieClubbieClubbieClubbieClubbieClubbie
04-11-2015, 02:07 AM,
Post: #3
RE: we can haz...
This level of customer service is Comcastic.
Clubbie Clubbie Clubbie Clubbie Clubbie Clubbie Clubbie Clubbie ClubbieClubbieClubbieClubbie




04-11-2015, 02:24 AM,
Post: #4
RE: we can haz...
Yeah, this gift horse has terrible teeth.
ClubbieClubbieClubbieClubbieClubbieClubbieClubbie
ClubbieClubbieClubbieClubbieClubbieClubbieClubbie
ClubbieClubbieClubbieClubbieClubbieClubbie
04-11-2015, 07:05 AM,
Post: #5
RE: we can haz...
And bites.
My logic is infallible. Resistance is futile.
04-11-2015, 11:58 AM,
Post: #6
RE: we can haz...
Yeah, I blame Alden. He suggested the forum system.

Maybe a switch to phpBB is in order. Sure, it's a turd as well, but it's a well known turd.
The chaos army seems suspiciously well organized.
flickr | Stupid Blog | Twitter
04-11-2015, 11:59 AM,
Post: #7
RE: we can haz...
But, yeah, that will require work. Work needs time. Time enough to do a forum switch is something few of us have.
The chaos army seems suspiciously well organized.
flickr | Stupid Blog | Twitter
04-11-2015, 12:07 PM, (This post was last modified: 04-11-2015, 12:08 PM by tobobo.)
Post: #8
RE: we can haz...
What if the sloganator was pure javascript and could just be enabled by a script tag?

I'd be willing to set up a little backend for it and make a little widget that we could drop in. So all we'd have to do is change the template, not mess with the database or anything.
04-11-2015, 01:23 PM,
Post: #9
RE: we can haz...
Let's all just grin, bear it, and blame Alden.
ClubbieClubbieClubbieClubbieClubbieClubbieClubbie
ClubbieClubbieClubbieClubbieClubbieClubbieClubbie
ClubbieClubbieClubbieClubbieClubbieClubbie
04-11-2015, 05:17 PM,
Post: #10
RE: we can haz...
Too bad we didn't think about this when we moved up from the clubhouse
My logic is infallible. Resistance is futile.
04-11-2015, 10:39 PM,
Post: #11
RE: we can haz...
(04-11-2015, 11:59 AM)Gippy Wrote: But, yeah, that will require work. Work needs time. Time enough to do a forum switch is something few of us have.

You know that xkcd chart that measures effort / ROI? I shudder to think how long it would take to recover the time spent switching forums for current membership / activity.

And I think those of us who do check in, will check in regardless of lousy the forum software is.
bedstuy Wrote:mocking a pair of $500 jeans is a form of class warfare... why do you hate my social status?
04-12-2015, 12:58 AM,
Post: #12
RE: we can haz...
True dat.
The chaos army seems suspiciously well organized.
flickr | Stupid Blog | Twitter
04-12-2015, 10:39 AM,
Post: #13
RE: we can haz...
My life became so much better when I found out how to just "request desktop site" in ios.
Clubbie
04-14-2015, 05:13 AM, (This post was last modified: 04-14-2015, 05:15 AM by tobobo.)
Post: #14
RE: we can haz...
so I built a prototype of a sloganator that we should be able to easily insert into the theme. just add the script tag:

Code:
<script src="http://sloganator.herokuapp.com/sloganator.js" id="sloganator"></script>

to wherever in the template you want the sloganator to show up. minified script is about 6 kilobytes. http://sloganator.herokuapp.com/sloganator.js

here's an example of how it's used: http://sloganator.herokuapp.com/example

here's the source for the client https://github.com/tobobo/sloganator/blo...tor.coffee
and for the server https://github.com/tobobo/sloganator/blo...ver.coffee

so this could be a possibility.

hipsterJavascript++
04-14-2015, 08:21 PM,
Post: #15
RE: we can haz...
Shoeman Some hipster is masquerading!
bedstuy Wrote:mocking a pair of $500 jeans is a form of class warfare... why do you hate my social status?
04-15-2015, 05:34 AM,
Post: #16
RE: we can haz...
The Sloganator does not lie
04-15-2015, 07:09 AM,
Post: #17
RE: we can haz...
Hmm... I could probably rig it to play back an audio or video.
My logic is infallible. Resistance is futile.
04-15-2015, 09:02 AM,
Post: #18
RE: we can haz...
1337
bedstuy Wrote:mocking a pair of $500 jeans is a form of class warfare... why do you hate my social status?
04-15-2015, 09:41 AM,
Post: #19
RE: we can haz...
so 1337. kind of disappointed that you didn't try, as all it would have taken was posting the embed code in the sloganator box, but I decided to add HTML sanitization. You can still use <strong> and <em> but all other tags will be filtered out.
04-15-2015, 11:07 AM,
Post: #20
RE: we can haz...
(04-15-2015, 09:41 AM)tobobo Wrote: so 1337. kind of disappointed that you didn't try, as all it would have taken was posting the embed code in the sloganator box, but I decided to add HTML sanitization. You can still use <strong> and <em> but all other tags will be filtered out.
I probably should have. I was pretty sure you might have missed input sanitization because we're all friends here and can trust each other (maybe), but I was too lazy to check.
My logic is infallible. Resistance is futile.
04-15-2015, 03:59 PM, (This post was last modified: 04-15-2015, 04:02 PM by tobobo.)
Post: #21
RE: we can haz...
The database input was always sanitized, so you wouldn't have been able to fux with the server. Also, the whole thing is open source, so you could have just directly checked what the vulnerabilities are.

If you do fux, report it to http://knexjs.org/
04-15-2015, 07:08 PM,
Post: #22
RE: we can haz...
(04-15-2015, 03:59 PM)tobobo Wrote: The database input was always sanitized, so you wouldn't have been able to fux with the server. Also, the whole thing is open source, so you could have just directly checked what the vulnerabilities are.

If you do fux, report it to http://knexjs.org/
I meant HTML sanitization. I don't give a crap about the server, just if I can get a video of a pug singing the batman song on this site.
My logic is infallible. Resistance is futile.
04-15-2015, 08:27 PM,
Post: #23
RE: we can haz...
If only there were some way to review the source code to see how it works. Maybe then the plan would succeed.
bedstuy Wrote:mocking a pair of $500 jeans is a form of class warfare... why do you hate my social status?
04-15-2015, 08:47 PM,
Post: #24
RE: we can haz...
In all seriousness, slogan id 7 didn't come out as expected. I don't know what's in the database, but it didn't work. Also, slogan 10 didn't fare well after I injected javascript. It stripped out the content of the element (it was originally <em onmouseover="alert(9)">hover</em>).

Otherwise, the standard suite of tricks aren't working -- in terms of OMGHAX

But if you want to try to get 1337 5747U5, FUTURR, this will help you:

Code:
curl 'http://sloganator.herokuapp.com/' -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8' -H 'Accept-Encoding: gzip, deflate' -H 'Accept-Language: en-US,en;q=0.5' -H 'Cache-Control: no-cache' -H 'Connection: keep-alive' -H 'Content-Type: application/x-www-form-urlencoded; charset=UTF-8' -H 'Host: sloganator.herokuapp.com' -H 'Pragma: no-cache' -H 'Referer: http://sloganator.herokuapp.com/example' -H 'User-Agent: OMFG1337ICEFIRE' -H 'X-Requested-With: XMLHttpRequest' --data 'slogan[slogan]=<em onmouseover="alert(9)">hover me</em> doot doot&slogan[user]=1337'
bedstuy Wrote:mocking a pair of $500 jeans is a form of class warfare... why do you hate my social status?
04-16-2015, 02:17 AM,
Post: #25
RE: we can haz...
I blame coffeescript.
The chaos army seems suspiciously well organized.
flickr | Stupid Blog | Twitter


Forum Jump: