10:20:15 	~copypaste 	dusty: gives me an ieda for a new spam filter
10:20:22 	~copypaste 	one that processes URLs only. We have a few spam filters
10:20:46 	~copypaste 	I'll make one that attaches to markup_urls and rejects posts with urls whose domains contain things like "viagra", "cialias", "gucci", "vuitton"
10:20:52 	~copypaste 	that will stop a lot of it.
10:21:19 	dusty 	hthat's a great idea!
10:21:45 	dusty 	is there a hidden field that, if you fill it in - the post is rejected?
10:21:50 	dusty 	i've heard that can catch a bit of spam
10:21:57 	~copypaste 	yes there is.
10:22:13 	~copypaste 	next version will have proper CSRF too. that requires an all page rebuild tho.
10:22:23 	~copypaste 	currently there's tinyboard's antispam system, but that's -shit-.
10:22:31 	~copypaste 	so i will be rewriting it. it's disabled right now
10:22:35 	~copypaste 	that's how bad it is. it doesn't even work lol
10:22:39 	~copypaste 	rejects posts randomly.
10:22:42 	@linear 	lmao
10:22:49 	@linear 	"An anti-spam system so advanced that it doens't stop spam"
10:23:05 	~copypaste 	well it was made to be complicated
10:23:08 	~copypaste 	"complicated"
10:23:12 	~copypaste 	STI never heard of Mechanize
10:23:17 	~copypaste 	so really what it is is very hard to debug
10:23:22 	~copypaste 	while very easy for attackers to avoid anyway
10:23:26 	__uguu__ 	mechanize is awesome
10:23:26 	~copypaste 	Just ask Bui he knows
10:23:39 	~copypaste 	So I will change to just simple CSRF.
10:23:56 	~copypaste 	Like just a hash is all you need. secret_salt + thread id + board name
10:24:00 	~copypaste 	That's all you need.
10:24:26 	~copypaste 	if you don't believe me that it's bad, look at this file
10:24:33 	~copypaste 	https://github.com/ctrlcctrlv/infinity/blob/master/inc/anti-bot.php
10:24:37 	Bui 	csrf? but how will you handle multiple people using one hash? like tinyboard does?
10:24:38 	~copypaste 	this is unchanged from Tinyboard
10:24:43 	~copypaste 	it has a function called "make_confusing"
10:24:49 	dusty 	doesn't CSRF block caching?
10:24:59 	~copypaste 	this is my favorite
10:25:00 	~copypaste 	> global $config, $purged_old_antispam;
10:25:02 	@linear 	lmao
10:25:04 	~copypaste 	>global $purged_old_antispam;
10:25:07 	~copypaste 	that's used nowhere else btw.
10:25:17 	__uguu__ 	oh balls tinyboards "antispam"
10:25:20 	__uguu__ 	i hate that shit
10:25:26 	~copypaste 	it doesn't even work lol.
10:25:35 	~copypaste 	it rejects random posts due to a bug czaks and i cannot figure out.
10:25:39 	__uguu__ 	it's the bane of my existence back when i ran a tinyboard instance on tor
10:25:40 	~copypaste 	it just sometimes rejects valid hashes.
10:25:44 	__uguu__ 	it simply did NOT work
10:25:45 	~copypaste 	yeah it sucks
10:25:47 	~copypaste 	it doesn't.
10:25:52 	~copypaste 	i disabled it on 8chan months ago.
10:26:05 	~copypaste 	make
10:26:06 	~copypaste 	confusing
10:26:07 	~copypaste 	:^)
10:26:09 	__uguu__ 	so that's why the site is so awesome
10:26:22 	__uguu__ 	no tinyboard spam filter
10:26:25 	~copypaste 	Bui: just new simple hash. like i said, the same thread will always have same hash
10:26:34 	~copypaste 	it's just to stop random viagra bots.
10:26:38 	Bui 	oh ok
10:26:42 	~copypaste 	thinking you can stop people writing scripts is stupid.
10:26:47 	~copypaste 	like STI tier stupid.
10:26:53 	Bui 	what about board indexes though
10:27:01 	Bui 	/new threads
10:27:22 	~copypaste 	that's a bit more challenging.
10:27:38 	~copypaste 	that might have to use a DB.
10:27:44 	__uguu__ 	you could always rebase the site on top of overchan :^3
10:27:55 	~copypaste 	__uguu__: we have something called tinyboard-boardlink
10:27:57 	~copypaste 	actually
10:28:00 	~copypaste 	i was just thinking about it.
10:28:04 	~copypaste 	we used to use it with /int/
10:28:08 	~copypaste 	it syncs over HTTP though, not NNTP.
10:28:13 	~copypaste 	two chan owners share passwords.
10:28:14 	__uguu__ 	interdastin
10:28:19 	~copypaste 	it's already done. i could open it right now 
10:28:21 	~copypaste 	lol
10:28:26 	__uguu__ 	do eeet
10:28:34 	~copypaste 	it's not as good as an NNTP solution though, but all i'd need to do is write a sync function
10:28:39 	~copypaste 	because right now all it does is sync new posts
10:28:44 	~copypaste 	all it needs is a "dump all posts you know"
10:28:52 	~copypaste 	and boom, we have an overchan clone.
10:28:56 	~copypaste 	(except not NNTP)
10:29:09 	__uguu__ 	it'd suck because of http
10:29:13 	~copypaste 	yeah.
10:29:19 	__uguu__ 	it'd get bottlenecked really fast
10:29:33 	~copypaste 	but now that i think about it
10:29:49 	~copypaste 	what if we just use the existing codebase as the frontend and rework tinyboard-boardliink to interface with NNTP?
10:29:51 	~copypaste 	:3
10:29:55 	__uguu__ 	yes
10:29:57 	__uguu__ 	YES
10:30:07 	* 	__uguu__ jizzes a little
10:30:12 	~copypaste 	https://github.com/vichan-devel/Tinyboard-BoardLink
10:30:16 	~copypaste 	you can see how it works here. it's very simple.
10:30:18 	~copypaste 	i've used it before 
10:30:23 	~copypaste 	i helped czaks write it actually lol.
10:30:55 	__uguu__ 	idea: use that + nntpd
10:30:57 	~copypaste 	all we'd need to do is use NNTP for sync instead of HTTP.
10:30:59 	~copypaste 	yup
10:31:08 	~copypaste 	and you could use inifnity as an overchan frontend.
10:31:10 	__uguu__ 	oh that's what you are saying
10:31:11 	~copypaste 	with no problems.
10:31:12 	~copypaste 	yes
10:31:49 	__uguu__ 	so as long as it interfaces with vichan it's gud right?
10:31:56 	~copypaste 	Yes.
10:32:02 	__uguu__ 	oh that's easy
10:32:03 	~copypaste 	vichan support is an important goal of the project.
10:32:17 	~copypaste 	pm
10:32:34 	__uguu__ 	i could implement a little shim between vichan and srnd
10:33:46 	__uguu__ 	hmmm otr fuckery