Tapatalk Forum App for xenForo - iOS / Android / Windows Phone Mobile App [Deleted]

I have not, but I'm open to it. We were running 2.0.3 for the past 6 or 7 weeks without issue, though. I'm really trying to figure out WHAT the problem was, too.
 
Update: going back to 1.9.0 didn't fix it.

What DID fix it, ironically, was when I was messing around with DocumentRoot settings. I dropped the /forum from after /public_html and it worked. I think ultimately I'll have to do that and then make sure it redirects via .htaccess.
 
Are there any issues with downgrading 2.0.3 to 1.9.0, eg db schema changes?

I've been having site issues, which may be related to tapatalk (and may not).

Worked fine with 1.9.0, although I only had that running with XF 1.2.4, now on XF 1.3.1
 
Last edited:
Dakis said:
I don't understand, why on earth would they do that?
Click to expand...
They claim, in their own words, that there is more money to be had if they offer a free version filled with marketing ads.

Quoting them directly....
https://support.tapatalk.com/threads/i-paid-years-ago.24661/#post-131228

I must not have bought it at the sale price of $2.99 either and paid for the full price (was $4.99 I believe when I bought). Granted, I can write off $5, but it is the principle of the thing that bothers me.

They have yet to say exactly what VIP Status will truly give me except a nice fancy badge for self bragging rights. :rolleyes:
 
Anyone else not able to see their forum in the Feed?

It says "Feed Not Available" next to my site and several others I visit. However it does have the feeds for competitor sites...

The closest I can find on their support forums was a reference to IPB where they state

Not all forums has feed generated, currently we only generate it for part of most popular and activated forums, however, we're continue expanding the coverage.
Click to expand...

I've put this question on their forum to see if I get a response.
 
With the last script vunrability on this apps some members on my forum got hit and personal information was hacked. I have since removed it from my forum and would suggest others think very carfully about running it at all. With XF responsive design I cannot think why anyone would put their members at risk using TapaTalk
 
DaveM said:
With the last script vunrability on this apps some members on my forum got hit and personal information was hacked. I have since removed it from my forum and would suggest others think very carfully about running it at all. With XF responsive design I cannot think why anyone would put their members at risk using TapaTalk
Click to expand...

Can you prove that it was Tapatalk? The exploit was a very low risk exploit.
 
Yes I can but it is up to anybody to take it as it is I suppose. You know the old saying “use it or lose it,” Well I am indifferent to what anybody does with it :D
 
@DaveM I did NOT know about their security issue, because they did not bother telling anyone about TapaTalk having a security flaw.

They even publicly admit to patching it silently, but NOT issuing a release or any notice telling people they should replace their files (because they did not even bother changing the version number either). :eek:

So I can only imagine how many sites are using the other copy without knowing they have a problem. This is completely irresponsible. :mad:

winter said:
Hi,

This issue has been addressed in April 26th, 9 days before this site published the issue. However, since this is a low risk item - we have simply replaced all the plugins that are affected. If this is concerning you and If you have updated the plugin after April 26th, you are not affected.
Click to expand...
Source: https://support.tapatalk.com/threads/tapatalk-cross-site-scripting-vulnerability.24719/#post-131407

attached screenshot to confirm

 

Attachments

  • Screenshot from 2014-05-23 11:19:55.webp
    Screenshot from 2014-05-23 11:19:55.webp
    40.7 KB · Views: 19
  • Screenshot from 2014-05-23 11:21:54.webp
    Screenshot from 2014-05-23 11:21:54.webp
    55.9 KB · Views: 13
  • Screenshot from 2014-05-23 11:22:03.webp
    Screenshot from 2014-05-23 11:22:03.webp
    47.2 KB · Views: 11
Adam Howard said:
@DaveM I did NOT know about their security issue, because they did not bother telling anyone about TapaTalk having a security flaw.

They even publicly admit to patching it silently, but NOT issuing a release or any notice telling people they should replace their files (because they did not even bother changing the version number either). :eek:

So I can only imagine how many sites are using the other copy without knowing they have a problem. This is completely irresponsible. :mad:


Source: https://support.tapatalk.com/threads/tapatalk-cross-site-scripting-vulnerability.24719/#post-131407

attached screenshot to confirm
Click to expand...

@tapatalk

TapaTalk,

You dropped the ball. And while it is not my 'job' to inform people of potential security threat... I felt bad sitting here thinking how many unsuspected sites could be unknowingly using your insecure software, simply because you decided it was not important enough to tell people they should update to patch a security flaw.

You have effectively, "punished" your user base for adapting your software, because you did not update the version number, nor did you have the respectful courtesy to make announcement or email your user base of the security patch. You even went so far as to keeping this thread here hidden from public viewing as this part of your forum is only viewable to people who login and who also know where to look.

But as I said, I felt people had the right to know. So where you dropped the ball, I picked it up and manually informed all the 3rd party developments listed on this site of the security concern. I provided to them not only a direct link and copied quote of your reply, but also full screenshot.

And while you may not have found this concerning, your userbase very much thought differently. As did the 3rd party developments you promote to; one of which made my public announcement into a public sticky and another is likely to send out a general mass email.

Please take this into consideration for future development of your software and the user base which is including paying customer to use your products and services. Just as my presence here is privilege, so is your presence everywhere else.

Thank you.
 
@tapatalk

I have noticed that you have forked some of your development base to github
https://github.com/tapatalk

It has become clear to many people that you have not been actively developing or resolving issues in a "timely" manner. Perhaps allowing others to modify and further help with development may indeed help move things along.

Please and thank you in advance. :)
 
You must log in or register to reply here.

Similar threads

Jean-Baptiste
📲 XenForo native mobile app for Android and iOS - Appify.mobi (XenForo 2.0 & 2.1) 🔥 [Deleted]
3 4 5
Replies
93
Views
12K
Niro
N
Back
Top Bottom