WikiIndex:2013-2014 bugs and upgrades

From WikiIndex
Revision as of 10:00, 29 September 2014 by Zhuyifei1999 (talk | contribs) (→‎why https?: h3)
Jump to navigation Jump to search

Template:TOCright

For earlier upgrading discussions from 2006, see: WikiIndex:Upgrade Discussion.
For discussions from 2011, see: WikiIndex:Spring 2011 Upgrade Path.

WikiIndex:Upgrades needed — this page is to be used for raising suggestions and discussing strategies for upgrading our MediaWiki software used by WikiIndex. It can typically include any of the published, and stable, MediaWiki Extensions; or any other applicable and workable strategies. Please add any suggestions or offerings in any of the subheadings below (or create a new subheading), and discuss.

requesting account

There is a huge bug with trying to get an account here at WikiIndex currently. File:AccountCreationPath.png and File:AccountCreationPath2.png are screen shots of the account creation path, but there seems to be no completion screen or email. I worked through it after being alerted by Manorainjan. ~~ MarkDilley

Maybe it is difficult to really solve the problem completely. If possible one should disconnect this case from the email problem and treat them separately. That no mails being sent, is a known fact. So, no wonder that the procedure hangs somewhere. At least it makes it impossible for new users to see where the problem is. So, first thing would be to explain the existence of the bug to the new user. Then he/she/it can turn to an admin and ask for fixing his case at least.--Manorainjan (talk) 20:33, 30 July 2014 (UTC)
I am not really sure how to pull this apart. Email is sent to many of us here at WikiIndex. There are a handful of you that are not getting email, so it is spotty, which is worse. ~~ ~~
I suggest You check with the last 32 active users, ask them to register their email address if not yet done and create a list of account names, mail address and got/not got the mails. Possibly it will show some hint like which mail servers get and which not. I did not know, that the email function is working for some people/accounts. Maybe the status of wikiindex sending server in the world of email is bad. Maybe some providers care and others not. Maybe the way the server sends is to be corrected. I'm positive that some kind of grid investigation will get us further. --Manorainjan (talk) 17:35, 3 August 2014 (UTC)
Can you suggest grid headers? ~~ MarkDilley
I thought I did. I understand grid headers as names of columns for tables of data collected or to be collected:
UserName, TheirEmail, (TheirEmail)ServerName, GotMail, GotNot, GotInSPAM, noResponse(of User), (got=received). That would be for a first test, no use to be more specific until the results are in. First phase is anyway to contact many hopefully active users and make clear that they should look on their talk page regularly within the period of testing and then see that everybody has got email configured here. I assume as mod You can read out their email address and contact them directly to activate. That alone could have a nice collateral effect ;- Manorainjan (talk) 21:22, 3 August 2014 (UTC)
WikiIndex:Email Bug

You have to compile that list in private because of the email addresses which most likely will not be public.Manorainjan (talk) 15:50, 4 August 2014 (UTC)

I don't think I have access to people's email - so all the stuff I would be doing would be public anyway. :-) ~~ MarkDilley
You do now <wink>. Can't understand that oversight thou! Sean, aka Hoof HeartedAdmin / 'Crattalk2HH 20:45, 7 August 2014 (UTC)
oversight = hide information (such as logs and page revisions) that's *super* sensitive so that only oversighters could see them. --YiFei | talk 06:57, 8 August 2014 (UTC)
Don't know what check user is and I am not altogether sure I want to be able and see into people's accounts. ~~ MarkDilley

Fresh start of the email-specific here: http://wikiindex.org/Category_talk:Active_administrators_of_this_wiki#Getting_the_email_function_to_work_for_all

Maps

Let's see about Maps... Emufarmers (talk) 05:42, 9 July 2013 (UTC)

older thoughts needed to be integrated above

Semantic extensions version

Especially for Semantic Forms and Semantic MediaWiki

Possible fixed bug: Form:Wiki/sandbox textarea only preload when previewing. --YiFei | talk 10:08, 30 October 2013 (UTC)

LinkSpam / WikiSpam / Vandalism

Need -
  1. mw:Extension:NoBogusUserpagesPro: - would obviate the need to police User: (IP address) pages since they cannot be created by anyone except the legitimate user of the IP - Con - would not stop spammer from posting spam on the User IP page if that is their actual IP.
    1. Spambots aren't (thankfully) very intelligent; usually they create a (bogus) User: page and a main namespace with the same title, i.e. User:FooBar123 and FooBar123. In my experience, this type of spam is commonly done by IP addresses as opposed to registered users. As such, installing the NoBogusUserpages extension would cut down this type of spam by 50%, which isn't a bad rate at all. The code is simple enough that it should work even with the latest version of MediaWiki. --Jack Phoenix (talk) 06:44, 28 April 2013 (PDT)
    2. + from me --[[kgh]] (talk) 14:22, 3 May 2013 (PDT)
    3.  Strong oppose I do not think think it's a good idea. --YiFei | talk 04:15, 22 June 2013 (UTC)
      1. Why YiFei? ~~ MarkDilley
        1. We have some user pages in the main namespace, which this extension won't help.
        2. Also, I haven't seen they create a (bogus) User: page and a main namespace with the same title, i.e. User:FooBar123 and FooBar123.
          1. I have seen it on wiki, but not so much here. ~~ MarkDilley
        3. would not stop spammer from posting spam on the User IP page if that is their actual IP.
        4. We hardly have any bogus user pages. --YiFei | talk 02:54, 23 June 2013 (UTC)
    4. Thanks ~~ MarkDilley
  2. Add restrictions for being an autoconfirmed user, such as $wgAutoConfirmAge = 3600; $wgAutoConfirmCount = 5; — Con:

Account creation protection

Need -
  1. mw:Extension:User Merge and DeletePro: Rename changes the name of one account, whereas this can merge or combine two accounts into one, and deletes the account not needed. – Con: Very dangerous, can permanently delete user accounts (but this can be set for 'crat permission only)
    1. Pro: I've used it on my own localhost wiki to get rid of surplus test accounts when testing out extensions, and while the danger of screwing up an actual account is real, it could be used to trim the database of obvious spam accounts. Con: Cannot be done as a batch, must do one merge and delete job at a time. Arcane (talk) 05:34, 30 April 2013 (PDT)Arcane - so basically you are saying we could clean up the spam accounts by deleting the one at a time? ~~ MarkDilley - Yes, unfortunately. It may be possible to code a bot or script with a selected list of spam accounts to trim and execute this script multiple times, never tried it myself, but in-wiki, it only works one at a time. Arcane (talk) 14:10, 30 April 2013 (PDT)Arcane - sounds brilliant, with the bot thing :-) I could see one person having control over a bot and a list. ~~ MarkDilley
    2. I'm personally still skeptical about this one. Elassint 3 May 2013
      1. Please say more Elassint - is it not a worry to have spam accounts sitting in the database? Best, MarkDilley
        1. It's bad when we look at Special:ListUsers -- full of spam accounts. But Wikipedia doesn't use it though wp:Special:ListUsers is also full of spam accounts. In addition, LifeWiki and WikiApiary use it. --YiFei | talk 11:34, 24 May 2013 (UTC)
          1. I would love to clean up this, but I wonder if there is another way to do it than one at a time... not sure, ~~ MarkDilley
            Might need a bot. But pywikipedia don't seem to have a library for mw:Extension:User Merge and Delete, so if we have to do that,
            1. Manually delete, or
            2. Make a bot library
            Either of them would be very hard to do. --YiFei | talk 07:29, 24 June 2013 (UTC)
  2. Sorry for being away recently. Can we mass-oversight those user creations and blocks? It's flooding RC. --YiFei | talk 07:48, 21 August 2013 (UTC)
CAPTCHA -
  1. This is "epic-failing" we need a better CAPTCHA system...preferably the one from Google...--Comets (talk) 02:12, 21 August 2013 (UTC)
    I hope that's not a serious suggestion. --Jack Phoenix (talk) 15:11, 21 August 2013 (UTC)
    Maybe so Roosa but its a suggestion, the current captcha is failing badly....unless you know something better? I have been away from this for a while now..--Comets (talk) 15:41, 21 August 2013 (UTC)
  2. Google:Recaptcha for MediaWiki - Create the key ~~ MarkDilley
    cracked: I hope that's not a serious suggestion. --Jack Phoenix (talk) 15:11, 21 August 2013 (UTC) --YiFei | talk 05:07, 26 August 2013 (UTC)
    I read through that and it is from 2009 - looks like it is kept up and when it gets cracked, it gets fixed. Is that not what you see? ~~ MarkDilley
    I guess that's Jack's opinion. --YiFei | talk 04:55, 27 August 2013 (UTC)
    Indeed so. I'm inclined to believe that a properly configured mw:Extension:QuestyCaptcha with multiple questions that are simple enough (i.e. "What is the first name of Mr. Wales, the co-founder of Wikipedia?" or the classic, "What is this site's name?") is far more effective than reCAPTCHA. Just because it says "by Google" on the box doesn't mean that it's automatically good, you know.
    True enough, QuestyCaptcha has some flaws too (such as the lack of an admin panel of any kind, but I'm hoping we could eventually work around that), but the core concept is far more fascinating and harder for spambot operators to crack, I believe. Cracking a (re)CAPTCHA doesn't require any real thinking whatsoever, whereas topic-specific questions might be really obvious for humans trying to register but not so much for spambots and their automated spamming software.
    Naturally it should be remembered that no matter what, some will always slip past the automated mechanisms, and that's why we have administrators — to clean up after these spambots and block the associated accounts, IP addresses, etc. --Jack Phoenix (talk) 07:26, 27 August 2013 (UTC)
    Some irc chat log with Emufarmers:
    (07:36:43) <Emufarmers> it's hard to make questions that are meaningful but not potentially confusing or exclusory
    (07:37:53) <Emufarmers> just having a trivial one like this keeps out most bots simply because they don't know how to deal with it, even if they could easily send it to a human
    (07:38:47) <Emufarmers> (it would also be easy enough for them to just do that and compile a database of answers, but, fortunately, most don't seem to be there yet)
    (07:40:42) <Emufarmers> depends whether saying "if you can't google, you can't register" is desirable or not
    --YiFei | talk 08:06, 27 August 2013 (UTC)

reCAPTCHA , as I remember it, was developed by others - so my want of it has nothing to do with Google. I am simply trying to figure out what would be the best for this community to have. Looks like Benjamin is saying similar things above (thanks YiFei for pasting that) - I would be willing to try a simple question - it seems to take someone on the backend to create / maintain it. 'What is this index of?' answer wiki, Wiki, wikis, Wikis to complete. Best, MarkDilley (in fact Jack, I pretty much despise Google :-)

  1. mw:Extension:ConfirmEdit as MathCaptcha (needs mw:Extension:Math installed, which is easy with shell access on Linux (@Emufarmers: ask me if you have problems with mw:Extension:Math)) --YiFei | talk 16:06, 21 August 2013 (UTC)

General housekeeping

Need -
  1. Please change notification emails from WikiIndex <[email protected]> to WikiIndex <[email protected]>
  2. mw:Extension:WikiEditorPro - More user friendly editing interface, simpler to understand and has many features to assist inexperienced editors Arcane (talk) 15:17, 21 January 2013 (PST)Arcane
    1. I'm not sure if this is really needed. And more importantly, is this compatible with Semantic MediaWiki? Are there any SMW sites which use this? Sean, aka Hoof HeartedAdmintalk2HH 02:39, 22 April 2013 (PDT)
    2. As far as I know, it is compatible with Semantic MediaWiki, since I have tested SMW with multiple versions of this extension and found no problems. As for whether this is needed, I wouldn't call it absolutely essential, but for those who are not familiar with wikicode or more familiar with using programs like Wordpad, this is a good extension, since it simplifies much of the most common editing processes. Arcane (talk) 18:35, 29 April 2013 (PDT)Arcane
      1. It is compatible with SMW. + from me --[[kgh]] (talk) 14:28, 3 May 2013 (PDT)
    3.  Strong support --YiFei | talk 08:27, 24 June 2013 (UTC)
  3. mw:Extension:MapsPro: this would be really good for our City-Wiki entries, uses maps from more than one source (Google, Yahoo, OpenStreetMaps, etc)
    1. + from me --[[kgh]] (talk) 14:28, 3 May 2013 (PDT)
    Done. Emufarmers (talk) 05:49, 9 July 2013 (UTC)
  4. mw:Extension:LastUserLoginPro: would let us know a person's activity and it helps people to see who is building WikiIndex. - Con: Why????? Either use Special:RecentChanges, or if you want to watch a specific user, add them to your watchlist :/ Sean, aka Hoof HeartedAdmintalk2HH 02:39, 22 April 2013 (PDT) Special:WhosOnline can be a replacement, but records within a day. --YiFei | talk 02:38, 4 May 2013 (PDT)
  5. mw:Extension:DismissableSiteNoticePro: would let us hide the Site Notice. - Con:
    1. I hate to see it everyday. --YiFei | talk 03:58, 21 June 2013 (UTC)
    2. Wasn't this the case before the upgrade? I seem to remember not seeing the site notice when logged in. ~~ MarkDilley
      1. Administrators can delete MediaWiki:Sitenotice to disable it. --YiFei | talk 23:18, 21 June 2013 (UTC)
    Done. Increase the value on MediaWiki:Sitenotice id to un-dismiss the sitenotice for everybody. Emufarmers (talk) 03:22, 9 July 2013 (UTC)
  6. Disable redirects to special pages and interwiki redirects, which use a 302 and have no "redirected from" link. (mw:Manual:$wgDisableHardRedirects) --YiFei | talk 06:57, 25 May 2013 (UTC)
    1. Sean especially hate this (Special:Permalink/140054). --YiFei | talk 12:54, 26 June 2013 (UTC)
      1. I think Sean went too far in banning the person (I don't know if there was previous history off wiki), although a good idea to have soft redirects off wiki. I personally really like redirects to special pages. ~~ MarkDilley
  7. mw:Extension:Replace Text seem to be removed a while ago, and I think it would be a good idea to restore it — Pro: mass editing - Con: not sure. --YiFei | talk 13:48, 30 October 2013 (UTC)
    Done. Emufarmers (talk) 23:47, 14 June 2014 (UTC)

Bugs

Some bugs might be fixed by the update. --YiFei | talk 11:21, 24 May 2013 (UTC)

Need -

Email system issues:

  1. Sean can not get his email confirmed, this has happened to a few people.
    1. I never got an e-mail from WikiIndex. Would be cool to have it working somehow. --[[kgh]] (talk) 14:28, 3 May 2013 (PDT)
    2. I can't reproduce this. Have you tried resending the confirmation email? Emufarmers (talk) 01:22, 19 May 2013 (PDT)
      1. if (smtp_server != email.split("@")[1]) { email_won't_work() } else { I_don't_know_why() } --YiFei | talk 10:05, 30 October 2013 (UTC)
Want -sure about
  1. Why are Sysops blocked by our anti-spam tools, but new accounts able to over-ride them at will? Sean, aka Hoof HeartedAdmintalk2HH 02:42, 22 April 2013 (PDT)
    1. I'm not sure about the first question, but I noticed that most spammers come from China (See User:Zhuyifei1999/Spam IP List). We use dynamic IPs in China, so it's hard to block them unless you use range blocks. --Zhuyifei1999 (talk) 04:05, 22 April 2013 (PDT)
      1. Do we know what might be the issue here? ~~ MarkDilley
  2. Atom feed (on Android devices) - seems to lag a few 'edits' behind current desktop version. Sean, aka Hoof HeartedAdmintalk2HH 03:49, 20 March 2013 (PDT)

adding subdomain

Brahfous is wanting a subdomain for right to left writing... (need to link to conversation) ~~ MarkDilley

On the back-burner

This sub-section can be used making suggestions for beta extensions, ie, those we might like to add at a later date once they've evolved into a stable extension

  1. mw:Extension:MassEditRegexPro: can be used by Sysops for 'bot'-like edits, without the need for creating bot scripts - Con: still in beta phase
    1. The extension status (alpha/beta/stable) means very little in reality...installing and testing it is a better way to see whether it works on WikiIndex's version of MediaWiki. --Jack Phoenix (talk) 14:41, 22 December 2012 (PST)
    2. I can vouch for this. I've used the MassEditRegex extension on my own wiki repeatedly and it has proven quite stable and does what it is intended to do. I highly recommend it. Arcane (talk) 12:43, 25 January 2013 (PST)Arcane
    3. Issue is we don't have a dedicated back end developer to work on WikiIndex, know anyone who can? :-) So I say strike out for now.
      I added Replace Text. Is this still desired too? Emufarmers (talk) 23:49, 14 June 2014 (UTC)
  2. http://wikiapiary.com/w/images/wikiapiary/b/b4/Monitored_by_WikiApiary.png
    • Why???
      • To show that WikiIndex in on board!? --[[kgh]] (talk) 14:11, 3 May 2013 (PDT)
  3. We need a mini-banner like that WikiApiary which states something like "Indexed on WikiIndex" - to be used as a kind of voluntary banner exchange on other sites which we've indexed. (good idea ~~ MarkDilley)
    • I think WikiApiary is a very similar project as WikiIndex and has a couple people working on it that are in the wiki community. Was just a suggestion - we linked to Wiki101 in sidebar for same reason. ~~ MarkDilley
      • WikiApiary is focused on MediaWiki and it's technical aspects. WikiIndex is focused on wiki communities. I do not think that is too similar. However, a WikiIndex banner would be nice to have, too. --[[kgh]] (talk) 14:11, 3 May 2013 (PDT)

Technology via the community

This isn't the right section title, but what I am trying to get across is - what technology does the community

  1. need to have access to, to make WikiIndex even better.
  2. who here understands how to do the backend work needed?
  1. Jack Phoenix
  2. Emufarmers
  3. YiFei
  4. Kghbln

Cite extension

I recommend installing mw:Extension:Cite; it would enable citations to be done in what's become the standard format across the wikisphere. Thanks. Leucosticte (talk) 12:29, 6 January 2014 (UTC)

Is there an example of use here on WikiIndex? --YiFei | talk 13:48, 6 January 2014 (UTC)
A few pages at Special:LongPages have a lot of inline citations, e.g. Let.sysops.be. There aren't a lot of examples, perhaps because people aren't going to do a lot of citations without Cite. The lack of it makes it so that you have to put them inline, which disrupts the flow of the article, or just put a barelink, which can rot and doesn't give a lot of information (e.g. author, date, etc.). Also, it makes it so that people can't port content about wikis to and from WikiIndex without converting the references. Leucosticte (talk) 14:02, 6 January 2014 (UTC)
Hmm @Mark: Why it wasn't installed in WikiIndex:Spring_2011_Upgrade_Path? --YiFei | talk 14:14, 6 January 2014 (UTC)

Another advantage to using Cite rather than inline URLs is that it would look nicer when the pages are printed. Then we could disable external links from showing in the printable version of a page. Template:Wiki in particular tends not to print well; the lengthy URLs often cause the text to intrude into the wiki logo. Leucosticte (talk) 09:35, 30 January 2014 (UTC)

YiFei I imagine there weren't enough folks that wanted it back then. Upgrades page? ~~ MarkDilley

I think that extension would be a good idea. It would look nicer and would minimize article flow disruption. Arcane (talk) 19:25, 30 January 2014 (UTC)
Actually, I notice that stuff prints a lot cleaner on Chrome than Firefox. Leucosticte (talk) 15:51, 2 February 2014 (UTC)

Disable Logs

The wiki looks quite "spammy due to all the new spammy names in the user creation log and all the deletions and blocks, I believe its possible to disable "logs" for 'normal' view which means its prevents those logs from being seeing by anyone without admin privileges..it could help improve how the wiki looks to others but admins can still work in the background fighting off vandals and deleting the spam..it generally 'puts off' people when they come to a wiki for the first time and all they see is red links spam deletions and blocks on the Recent Changes page...--Comets (talk) 00:18, 7 February 2014 (UTC)

How about setting all user creation logs as bots? --YiFei | talk 01:11, 7 February 2014 (UTC)

Great idea! How!! ~~ MarkDilley

Not sure what he is saying, but you may need to install this Extension which hides new user log as well as blocks, deletions and protections (we need to only focus on new user, deletions and blocks)....--Comets (talk) 07:02, 7 February 2014 (UTC)

QuestyCaptcha with questions and answers that sysops can change

See bug 61302. If I write a fork of QuestyCaptcha that will make it possible for you to edit a page, e.g. MediaWiki:QuestyCaptcha, containing questions and answers that only sysops are allowed to view, for the QuestyCaptcha, would you have any interest in installing it? Leucosticte (talk) 23:35, 15 February 2014 (UTC)

I for one would be excited about this option. The issue here is getting it installed... ~~ MarkDilley
Is that difficult to make happen? I thought you owned this site. Leucosticte (talk) 00:07, 19 February 2014 (UTC)
Don't own it Nathan, check out a little of WikiIndex:History and the history of the Upgrades page for a view into the struggles around the technical issues. ~~ MarkDilley

why https?

(import from news page) https://WikiIndex.org fails for me, is this a browser issue or a configuration issue with the website? ~~ MarkDilley

Failing I also have a failure to connect. Koavf (talk) 15:58, 29 June 2014 (UTC)
Why the need for a secure https configuration? And you can't just put https infront of a standard url,.and expect it to load, without correctly configuring the server to accept https page access. --Sean, aka Hoof HeartedAdmin / 'Crattalk2HH 23:33, 5 July 2014 (UTC)
That's right. As well could You rename a picture.bmp into a picture-jpeg and expect it to become compressed ;-)
But back to the original question: It seams not to be important to have secure connection, because the content of a Wiki that is even IP-edited would not be in anyway private, rather the opposite, very, very public ;-) But for those who log on, they have to send a password which is unprotected and could be read out during login. And than look at admins whose passwords would be read out and anybody could mess around as they please.... --Manorainjan (talk) 13:40, 29 July 2014 (UTC)
Thanks for the responses, at minimum, can it be redirected if anyone happens upon it? I would rather it didn't just fail. ~~ MarkDilley

I presume you mean can anyone else 'hijack' or steal https://WikiIndex.org? The answer to that is NO. "WikiIndex.org" is the domain name, and that is the important bit – providing the domain name registration doesn't expire (and I get the feeling from Ray's other interests, that is likely to be zero), you can't let anyone else take the domain name over. Furthermore, the "WikiIndex.org" domain can be configured in a number of related ways – in addition to our current "www.WikiIndex.org", you can also have "m.WikiIndex.org" (typically for mobile-configured displays), "ftp.WikiIndex.org" (file transfer protocol), and I'm sure I've missed a couple of others.

The "http" vs "https" can be applied to any of the above – but the "https" means in laymans terms a 'secure' communication method. In order to have an "https" site, you need an 'SSL' (secure socket layer) certificate (often regulated by the likes of VeriSign, Comodo, and many others). The secure "https" is typically used on internet trading sites (which take payment via Visa, MasterCard, Amex, PayPal, etc), banking, insurance and other commerce sites. As Manorainjan states above, there is no real need to have a secure connection on a wiki. If a password is compromised (which is honestly very doubtful), simply reset your password! Sean, aka Hoof HeartedAdmin / 'Crattalk2HH 21:52, 30 July 2014 (UTC)

Security on a wiki While wikis generally aren't as privacy-centered as (e.g.) banking, there are definitely times when added security is important. If a dissident journalist were dumping documents to Wikileaks (which is no longer a wiki) or Wikinews, he would certainly want greater security. Koavf (talk) 23:17, 30 July 2014 (UTC)
I did not mean to say that there is no need for a secure connection on a Wiki. I mean, "it looks like" there would be no need. But actually there is a need, because many people do logins. And every login procedure wherever should be secured. German end English Wikipedia connect via https by default. Wherever there is a SPAM or vandalism risk, there You need to have security as well to counteract it. Here and there I was reading about SPAMers, imposters and the like also here on WikiIndex. You need to have secure login at least for admins. And when the capability is installed, there is no reason whatsoever not to make it available for all. --Manorainjan (talk) 00:05, 31 July 2014 (UTC)
Agreed If you login, make it secure. Koavf (talk) 00:08, 31 July 2014 (UTC)
Retrieved from "https://wikiindex.org/index.php?title=WikiIndex:2013-2014_bugs_and_upgrades&oldid=184382"