User Essentials [Paid] 4.4.1

[Danny88]

Running on 3.5.0

In admincp edit user setting -> Previous names log

And these was set in the addon options

 

[SeToY]

I think I just found a bug. When editing a thread that contains an emoji in its title the following exception is thrown upon saving:

XF\Db\Exception: MySQL query error [1366]: Incorrect string value: '\xF0\x9F\xA7\xB9' for column `db`.`xf_sv_user_log`.`content_title` at row 1 src\XF\Db\AbstractStatement.php:228

Stack trace
INSERT  INTO `xf_sv_user_log` (`content_type`, `content_id`, `user_id`, `ip_address`, `content_user_id`, `content_username`, `content_title`, `content_url`, `discussion_content_type`, `discussion_content_id`, `action`, `action_params`, `user_log_id`, `log_date`) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
------------

#0 src\XF\Db\Mysqli\Statement.php(196): XF\Db\AbstractStatement->getException('MySQL query err...', 1366, '22007')
#1 src\XF\Db\Mysqli\Statement.php(77): XF\Db\Mysqli\Statement->getException('MySQL query err...', 1366, '22007')
#2 src\XF\Db\AbstractAdapter.php(94): XF\Db\Mysqli\Statement->execute()
#3 src\XF\Db\AbstractAdapter.php(218): XF\Db\AbstractAdapter->query('INSERT INTO `x...', Array)
#4 src\XF\Mvc\Entity\Entity.php(1452): XF\Db\AbstractAdapter->insert('xf_sv_user_log', Array, false)
#5 src\XF\Mvc\Entity\Entity.php(1184): XF\Mvc\Entity\Entity->_saveToSource()
#6 src\addons\SV\UserEssentials\UserLog\AbstractHandler.php(130): XF\Mvc\Entity\Entity->save()
#7 src\addons\SV\UserEssentials\UserLog\AbstractHandler.php(75): SV\UserEssentials\UserLog\AbstractHandler->log(Object(SV\UserEssentials\XF\Entity\Post), 'edit', Array, Object(SV\SignupAbuseBlocking\XF\Entity\User))
#8 src\addons\SV\UserEssentials\UserLog\Logger.php(90): SV\UserEssentials\UserLog\AbstractHandler->logChange(Object(SV\UserEssentials\XF\Entity\Post), 'message', 'Größe: 0,00 M...', 'Größe: 0,00 M...', Object(SV\SignupAbuseBlocking\XF\Entity\User))
#9 src\addons\SV\UserEssentials\XF\Logger.php(90): SV\UserEssentials\UserLog\Logger->logChanges('post', Object(SV\UserEssentials\XF\Entity\Post), true)
#10 src\addons\SV\UserEssentials\XF\Entity\Post.php(138): SV\UserEssentials\XF\Logger->logUserChanges('post', Object(SV\UserEssentials\XF\Entity\Post))
#11 src\XF\Mvc\Entity\Entity.php(1208): SV\UserEssentials\XF\Entity\Post->_postSave()
#12 src\XF\Service\Post\Editor.php(187): XF\Mvc\Entity\Entity->save(true, false)
#13 src\XF\Service\ValidateAndSavableTrait.php(40): XF\Service\Post\Editor->_save()
#14 src\XF\Pub\Controller\Post.php(135): XF\Service\Post\Editor->save()
#15 src\addons\EWR\Porta\Pub\Controller\Post.php(39): XF\Pub\Controller\Post->actionEdit(Object(XF\Mvc\ParameterBag))
#16 src\XF\Mvc\Dispatcher.php(350): EWR\Porta\Pub\Controller\Post->actionEdit(Object(XF\Mvc\ParameterBag))
#17 src\XF\Mvc\Dispatcher.php(257): XF\Mvc\Dispatcher->dispatchClass('XF:Post', 'Edit', Object(XF\Mvc\RouteMatch), Object(SV\UserEssentials\XF\Pub\Controller\Post), NULL)
#18 src\XF\Mvc\Dispatcher.php(113): XF\Mvc\Dispatcher->dispatchFromMatch(Object(XF\Mvc\RouteMatch), Object(SV\UserEssentials\XF\Pub\Controller\Post), NULL)
#19 src\XF\Mvc\Dispatcher.php(55): XF\Mvc\Dispatcher->dispatchLoop(Object(XF\Mvc\RouteMatch))
#20 src\XF\App.php(2184): XF\Mvc\Dispatcher->run()
#21 src\XF.php(391): XF\App->run()
#22 index.php(20): XF::runApp('XF\\Pub\\App')
#23 {main}

It seems as the content_title column does not allow unicode.

 

[Xon]

Ensure you've converted all tables to utf8mb4, it is safe to run it multiple times

 

[SeToY]

Could this be a remnant of the XF 1.5 update? Because I converted all tables to utf8mb4 during the upgrade but apparently it did not convert add-on tables? I've now converted it manually and it did work.

 

[Xon]

Yes, if the tables aren't in the format that the utf8mb4 conversion expects from the XF1 version you'll need to run it after updating all add-ons to XF2 standards

 

[Joe Link]

What does "[UserEss] Edit any thread" permission do?

 

[Xon]

@Joe Link it lets uses edit any thread without the full permissions that "Manage any thread" gives. Ie they can't move/delete/etc threads but can edit them

 

[Xon]

Xon updated User Essentials with a new update entry:

3.6.0 - Feature update

• Fix username changes showing a moderator/date when the request is auto-approved without intervention
• Extend admin user search
  • Search by custom title, location, website, about, signature
• Extend admin batch user update
  • Spam clean action
  • Remove custom titles
  • Remove locations
  • Remove About sections

Read the rest of this update entry...

 

[Nirjonadda]

@Xon One more bug, I have set User name change custom title duration to 0 but still using Formerly username title. Does not revert back to User title ladder.

 

[Nirjonadda]

@Xon Mentions user mini-avatar does not showing correctly when using text size.

 

[Xon]

@Xon One more bug, I have set User name change custom title duration to 0 but still using Formerly username title. Does not revert back to User title ladder.

For existing name changes, changes to this setting are only applied on the next cron run "Daily clean up (User essentials)".

@Xon Mentions user mini-avatar does not showing correctly when using text size.

View attachment 219626

Text size doesn't interact with the avatar bits well, I'm not really sure how best to fix this.

 

[Feanor]

I have a couple of questions before purchasing:

Username change:
I have another add-on that already allows users to change names, but it doesn't show a log of the changes. Do 3rd party add-on / admin control panel changes show in the previous usernames tab? If so, is this log pruned by XF's change log pruning setting at all (because I wouldn't want these to be pruned)? Also, is it possible to set permissions so no one can change their username through the add-on and only admins/mods can see the previous usernames tab?

Login Attempt Log:
When is this logged? Whenever a user logs in, when they make a failed login attempt, or both? And what does it log? Only IP address or does it also log user agent?

Thanks.

 

[lazy llama]

Do 3rd party add-on / admin control panel changes show in the previous usernames tab? If so, is this log pruned by XF's change log pruning setting at all (because I wouldn't want these to be pruned)? Also, is it possible to set permissions so no one can change their username through the add-on and only admins/mods can see the previous usernames tab?

I can answer some of these as I have the addon installed.
Q: Do 3rd party add-on / admin control panel changes show in the previous usernames tab?
A: Admin control panel changes do for sure.
Q: Also, is it possible to set permissions so no one can change their username through the add-on and only admins/mods can see the previous usernames tab?
A: Yes, we don't let users change their own names. Knowing what they're like they'd mess around with it too much. You can set the visbility of name change.
You can set the expiry on the user change log including to never expire, but I'm not 100% whether that's linked or separate from the normal XF settings.

 

[Xon]

@lazy llama's answers are correct (and thanks!).

User name change history never expires, and is stored separately from the username change log.

 

[Feanor]

@lazy llama's answers are correct (and thanks!).

User name change history never expires, and is stored separately from the username change log.

That's good to know. What about the Login Attempt Log? (see above)

 

[Xon]

That table is the XF (failed) login attempts and is managed by XenForo, it is really only populated on failed attempts and cleared for that user/ip on successful logins. Yeah, not the best

 

[Feanor]

That table is the XF (failed) login attempts and is managed by XenForo, it is really only populated on failed attempts and cleared for that user/ip on successful logins. Yeah, not the best

Thanks, I guess what I described doesn't exist. One more question about User Essentials though:

"Lock / Unlock own thread. Permission to allow thread authors to lock/unlock their own threads. User cannot unlock threads locked by a moderator. "

Can these permissions only apply to certain boards? For example, I want user group X to be able to lock their own threads in boards A and B only.

 

[lazy llama]

"Lock / Unlock own thread. Permission to allow thread authors to lock/unlock their own threads. User cannot unlock threads locked by a moderator. "

Can these permissions only apply to certain boards? For example, I want user group X to be able to lock their own threads in boards A and B only.

Yes, that is a "Forum Permission" so can be applied to different forums. We have one "Freecycle"-type forum where we want members of a specific group to be able to lock their own threads.

 

[Xon]

Thanks, I guess what I described doesn't exist.

I think @DragonByte Tech's (paid) Security add-on track user logins in more detail.

 

[Xon]

Xon updated User Essentials with a new update entry:

3.6.1 - Minor feature update

• Expose all username change records under admincp logs\username-change

Read the rest of this update entry...