Recent content by BassMan

No, this can do anybody with an account and even no posts published.

Yes, but I don't allow guest posting.

Exactly this.

Someone sent me a message about this via the contact form. Image URLs were included and warned me about phishing attacks with images that are uploaded to my server. I checked the images and it was obvious it was spam. I deleted it from the server after I located the attachment.

Thanks, I enabled hotlink protection in Cloudflare too. But still, to use image URLs in the email I'm not sure how much this helps.

I received a message about this with the URLs of the images via the contact form. And then the investigation began. I'm not sure what else to do here to prevent this except to reduce Store drafts for X hours a bit.

Or this one... Upload images in the quick editor and never post a reply. Use the URL of those images in an email for various phishing attacks. The URL points to your forum (images are uploaded to your server).

Got it. phpMyAdmin, of course... 🤦‍♂️ What a dumb moment...

Hi! I only have an image URL, ie /attachments/test-png.15105/?hash=dd5638329548e2703c0fb6f2968f3117 How can I find that attachment in a post? Also, how can I locate this image on the server so I can delete it? Thank you.

No problem at all. Thank you for the quick fix.

After updating to the latest version, I get this: Server error log XF\Db\Exception: MySQL statement prepare error [1054]: Unknown column 'iso_code' in 'field list' src/XF/Db/AbstractStatement.php:230 Generated by: Unknown account 12. May 2024 at 07:35 Stack trace INSERT INTO `xf_aqp_user_data`...

Forget about it, now I've seen you have XF 2.2. Sorry.

Hi, Check the styles/fa folder on your server to see if icons are inside. If not, manually upload this folder from the install zip and rebuild the master data (add the /install at the end of your root forum URL). If icons are already inside, just rebuild the master data.

I contacted my host and they confirmed. It is not server-related and it is a known Stripe "issue". They also recommend creating separate Stripe accounts for each site. Hmm, not very convenient.

To change the phrase check phrases in the admin CP.