(Sep 30, 2018 01:09 AM)RainbowUnicorn Wrote: [ -> ]there is a glitch with password recovery often accross different platforms.
i have seen it on email servers and message boards and some internal custom made commercial platforms.
there seems to be about a 5% failure rate often.
i dont know why or how but it simply fails to send the reset email or it times out its own reset email immediately after sending it.
maybe it is some type of clash between the web site and the email server OS.
There was a number of things I considered while tracking down the problem, I'm going to bore everyone with the details but it should give you an idea of what's going on when you have problems with another site.
Was it an exploitation/hack?
Combing through the files to check for changes proved that the only changes made were by me and nothing I directly did would have caused the problem, so it ruled my potential for error out.
Was it a setting error?
There are settings that define the environment the software uses which contains some custom filters for various things to both improve the sites uptime and reduce overall spam, non of those settings were effecting the script.
Was it the email gateway?
When you have a site either served under co-location or dedicated on a corporate backbone, those systems are usually configured to allow CGI software to access their internal mail transport daemons. Sometimes there are limits on how much traffic a site is allowed to generate in email, when such limits are reached it can cause a temporary block to occur for sending for a duration of time (and if the pattern of bulk mail continues it can lead to larger durations of suspension) I tested if that was the case by registering a test user (which I promptly removed after it was proven that wasn't the problem) another method of testing would be to run a custom script to send an email, but there was no point since the forum software had other avenues of testing.
Was it the software?
This sites software can "queue" messages to be sent, mailqueues were how servers were originally developed to send mail. Rather than open and close a process everytime a mail needed to be sent, it would use a bulk email method where emails would be cached for a duration which would be defined by a CRON event. The CRON event could be a simple timer of "once every 15 minutes", so emails could stack for that duration before being sent. In the case of the site software it uses a poormans CRON triggered by page loads where a trigger is embedded in the pages (The trigger runs a whole host of crone events however the email one might be similar to: '
If >15mins since last cron trigger, run cron event')
The email server too could also have a mailqueue for delivery using an actual proper CRON service, however with technologies expanse mail is less likely to be queued as processors have higher idle time available and networks are filled with redundancies (Queuing emails was/is also one of the ways that emails can be intercepted, so keeping them out of queues is also part in parcel of security, since emails were stored in plaintext even if they went through a SSL tunnel to get there. It is possible to "encoded or encrypt" email either by the email clients or during storage. But on a shared host the concern is often with how many sites emails are being queued.)
Incidentally nothing appeared after a time period and nothing was showing in the logs as being sent from the server let alone getting bounced around in limbo.
So was it the last update?
there wasn't much in direction communication on the softwares own forum, but I did find it mentioned as a bug that needed to be fixed in their repository so I found the needle eventually buried in the haystack.
While I did try to patch it with the '"concept/protoytype" code, I believe that it relied on other file changes that I wasn't aware of (internal changes for the library it uses, changes in the namespace conventions etc) So I either spend time trying to patch something that will be fixed in the next couple of patch iterations (meaning my hacks could cause future problems) or we just deal with it until then (I'd prefer the fix, but uptimes more important).
RainbowUnicorn Wrote:seing the low cost of mass produced tablets i have often wondered why there is not more people like yourself who would be able to have a cheap tablet that clones like a remote desktop over lay of your phone.
like a clip board size you can sit in your lap at home that is kinda dumb(holds no data so poses no security issues)
for around 30 to 40 $ it surely would be possible.
im guessing the big companys are trying to keep such concepts of cheap peripherals out of th emarket so they can maintain maximum pricing on their own tablets and dependant watches etc.
blue tooth tablet that can be used in your lap connected to your phone, so you have a almost normal sized keyboard and a big screen... all touch screen.
surely a coder would be able to think up something super cheap.
the market for aging people to use internet through their cell phones and have better video phone on their cheap blue tooth tablet would be massive.
it can also be used to link in dumb to a house system which monitors water and electricity and doors.
the probable health benefits for aged care residents being able to life size face time their grandkids(family or friends/all) as part of their weekly or some daily routine would be likely to have a great beneficial impact.
Microsoft did at one point come up with a method (probably an old undervalued one now) which allowed devices using the same OS to take what was on one system and move it to another. I'm sure that Iphones and iMacs/Ipads have something similar, although I'm not sure of android (perhaps there is a chrome extension for it) I know its possible to do files and streaming media, so I wouldn't be surprised if a simple rdp shell would be possible too.