Understanding through Discussion


Welcome! You are not logged in. [ Login ]
EvC Forum active members: 83 (8942 total)
36 online now:
AZPaul3, DrJones*, Faith, Tanypteryx, Theodoric (5 members, 31 visitors)
Chatting now:  Chat room empty
Newest Member: John Sullivan
Post Volume: Total: 863,527 Year: 18,563/19,786 Month: 983/1,705 Week: 235/518 Day: 59/50 Hour: 1/2


Thread  Details

Email This Thread
Newer Topic | Older Topic
  
Author Topic:   General Discussion Of Moderation Procedures (aka 'The Whine List')
Admin
Director
Posts: 12630
From: EvC Forum
Joined: 06-14-2002


Message 4 of 1043 (594381)
12-03-2010 9:37 AM


Thread Now Open
There was a technical glitch when this thread was first promoted. The problem has been fixed and this thread is now open.


--Percy
EvC Forum Director

    
Admin
Director
Posts: 12630
From: EvC Forum
Joined: 06-14-2002


Message 48 of 1043 (595540)
12-09-2010 9:21 AM
Reply to: Message 43 by arachnophilia
12-08-2010 8:27 PM


Re: Whine & Cheese

It turns out that paragraph indents are remarkably easy. All you need is a little bit of HTML. I could also very easily provide a dBCode, but it wouldn't be much more convenient than HTML, so I'll think about it and see if I can come up with something convenient. Perhaps a user preference.

Anyway, in the meantime just use this HTML at the beginning of each paragraph:

<p style="text-indent: 30px">

Change the "30" to be as much or as little indent as you want.


--Percy
EvC Forum Director

This message is a reply to:
 Message 43 by arachnophilia, posted 12-08-2010 8:27 PM arachnophilia has responded

Replies to this message:
 Message 49 by arachnophilia, posted 12-09-2010 10:15 AM Admin has responded

    
Admin
Director
Posts: 12630
From: EvC Forum
Joined: 06-14-2002


Message 51 of 1043 (595605)
12-09-2010 1:17 PM
Reply to: Message 49 by arachnophilia
12-09-2010 10:15 AM


Re: Whine & Cheese
arachnophilia writes:

...the more universal "style" tag...

I'm not familiar with it. Can you point me to a board that has it?

AbE: Never mind, I understand now. I thought you were referring to a [style] code, but you meant the <style> tag. Yes, the <style> tag is disallowed.

Edited by Admin, : Add AbE comment.


--Percy
EvC Forum Director

This message is a reply to:
 Message 49 by arachnophilia, posted 12-09-2010 10:15 AM arachnophilia has responded

Replies to this message:
 Message 52 by arachnophilia, posted 12-09-2010 1:23 PM Admin has responded

    
Admin
Director
Posts: 12630
From: EvC Forum
Joined: 06-14-2002


Message 54 of 1043 (595613)
12-09-2010 1:35 PM
Reply to: Message 52 by arachnophilia
12-09-2010 1:23 PM


Re: Whine & Cheese
arachnophilia writes:

your board allows far more html than most.

That's because I pass all message text through an HTML parser that uses a white list of safe tags. All tags not on the white list disappear. I don't know of any other bulletin board software that does this, hence they must disable HTML due to the risks involved.


--Percy
EvC Forum Director

This message is a reply to:
 Message 52 by arachnophilia, posted 12-09-2010 1:23 PM arachnophilia has not yet responded

Replies to this message:
 Message 55 by crashfrog, posted 12-09-2010 2:04 PM Admin has responded

    
Admin
Director
Posts: 12630
From: EvC Forum
Joined: 06-14-2002


Message 57 of 1043 (595633)
12-09-2010 2:26 PM
Reply to: Message 55 by crashfrog
12-09-2010 2:04 PM


Re: Whine & Cheese
Can you provide an example of what you're talking about?


--Percy
EvC Forum Director

This message is a reply to:
 Message 55 by crashfrog, posted 12-09-2010 2:04 PM crashfrog has responded

Replies to this message:
 Message 58 by crashfrog, posted 12-09-2010 2:40 PM Admin has responded

    
Admin
Director
Posts: 12630
From: EvC Forum
Joined: 06-14-2002


Message 62 of 1043 (595648)
12-09-2010 3:51 PM
Reply to: Message 58 by crashfrog
12-09-2010 2:40 PM


Re: Whine & Cheese
Okay, I see how you're thinking about this, and in this case the attempted insertion doesn't need to be inside an HTML tag. To keep it simple let's say this is your entire message:

');DROP TARLE users;

And now I'm going to add this message to the message database, and the SQL query would look like this:

insert into messages values (..., '');DROP TARLE users;', ...);

Your close quote ends the insert query, after which the users table is deleted.

However, a message is text, and all single quotes in message text are escaped, so the actual query becomes:

insert into messages values (..., '\');DROP TARLE users;', ...);

But interestingly, this has uncovered a bug. The mere presence of the string "drop tarle" in message text hangs the message preview feature, and that explains why I've used "tarle" in place of "table" in this message. I'm really curious about this one.

Edited by Admin, : Typo.


--Percy
EvC Forum Director

This message is a reply to:
 Message 58 by crashfrog, posted 12-09-2010 2:40 PM crashfrog has responded

Replies to this message:
 Message 63 by crashfrog, posted 12-09-2010 4:09 PM Admin has responded
 Message 67 by Jon, posted 12-09-2010 7:31 PM Admin has responded

    
Admin
Director
Posts: 12630
From: EvC Forum
Joined: 06-14-2002


Message 77 of 1043 (595700)
12-09-2010 11:38 PM
Reply to: Message 63 by crashfrog
12-09-2010 4:09 PM


Re: Whine & Cheese
Actually, I didn't add any filtering to the software until this past summer when some hackers targeted the site, but there's nothing secret about this stuff, you can find SQL hacking info all over the Internet, so if you have any questions just ask away. The basics for filtering are pretty simple:

  • For integers, filter all characters after the first non-digit.
  • For reals, filter all characters after the first non-digit/non-decimal-point or from the second decimal point.
  • For text, escape all single quotes and backslashes.

AbE: Oh, about the hangs if "drop table" is in the message text? Works fine from everywhere but work. Evidently my place of work blocks certain external CGI traffic that includes the string "drop table". The exact same thing happens at vBulletin-based boards. Why would my place of work do that? I'm going to guess that it's a side effect of their own tracking software protecting itself, although blocking instead of filtering seems way overly aggressive.

Edited by Admin, : AbE.

Edited by Admin, : Add backslashes.


--Percy
EvC Forum Director

This message is a reply to:
 Message 63 by crashfrog, posted 12-09-2010 4:09 PM crashfrog has responded

Replies to this message:
 Message 78 by crashfrog, posted 12-10-2010 12:05 AM Admin has responded

    
Admin
Director
Posts: 12630
From: EvC Forum
Joined: 06-14-2002


Message 79 of 1043 (595704)
12-10-2010 12:31 AM
Reply to: Message 78 by crashfrog
12-10-2010 12:05 AM


Re: Whine & Cheese
All CGI parameters get filtered. For example, the URL for the page where I'm typing this reply is:

http://www.evcforum.net/cgi-bin/Messages.cgi?control=replynew&m=595701

But the browser address box could be edited to instead be this:

http://www.evcforum.net/cgi-bin/Messages.cgi?control=replynew&m=595701;drop table users

Note: I didn't bother, but some characters have to be encoded - for example, the semicolon should be "%3B" and the space between drop and table should really be "+".

Now if I don't filter the "m" CGI parameter then when I look up your message in the database the query will look like this:

select * from MessageTable where MessageNumber=595701;drop table users

Oops!

So, yes, everything gets filtered.


--Percy
EvC Forum Director

This message is a reply to:
 Message 78 by crashfrog, posted 12-10-2010 12:05 AM crashfrog has not yet responded

    
Admin
Director
Posts: 12630
From: EvC Forum
Joined: 06-14-2002


Message 80 of 1043 (595734)
12-10-2010 7:45 AM
Reply to: Message 67 by Jon
12-09-2010 7:31 PM


Re: Whine & Cheese
I think this was fixed a while back - let me know if you run into it again.


--Percy
EvC Forum Director

This message is a reply to:
 Message 67 by Jon, posted 12-09-2010 7:31 PM Jon has not yet responded

    
Admin
Director
Posts: 12630
From: EvC Forum
Joined: 06-14-2002


Message 129 of 1043 (612897)
04-19-2011 9:31 PM


Following the Guidelines
No set of rules of reasonable length can cover all contingencies, and so I've often asked people to follow the spirit of the guidelines. The goal of EvC Forum is productive discussion that promotes knowledge and understanding. Approaches that place too great an emphasis on a Socratic or overly terse and cryptic style tend to be provocative and are not consistent with EvC's philosophy. And in any event, whether anyone agrees or not, there's always rule 1:

  1. Follow all moderator requests.


--Percy
EvC Forum Director

    
Admin
Director
Posts: 12630
From: EvC Forum
Joined: 06-14-2002


Message 134 of 1043 (613015)
04-21-2011 6:26 AM


Definition of Natural Selection
I agree with Adminnemooseus. I've seen evolutionists define natural selection in many different ways over the years, and this one seems okay, certainly more than adequate for a thread about the number of designers. If the thread were more directly about evolution then exerting effort getting the definition of natural selection precisely right would make more sense.


--Percy
EvC Forum Director

    
Admin
Director
Posts: 12630
From: EvC Forum
Joined: 06-14-2002


Message 186 of 1043 (629819)
08-20-2011 8:57 AM
Reply to: Message 184 by Buzsaw
08-19-2011 10:56 PM


Re: Buzsaw Banned From Biblically Related Threads
Hi Buz,

I saw AdminPD's response, and while she's correct that I'm the final arbiter, I don't want to be a dictator. Decisions by myself or any moderator should be rational, proportionate and unbiased.

You're restricted from evidence-based threads because your participation distracts from the thread's topic. The thread's other participants begin requesting evidence from you. You claim that what you're providing *is* evidence. It's explained why it isn't evidence. The pattern continues and the thread's topic is ignored.

I know that Wyatt's theories interest you, and if you'd like to discuss them why don't you go to a board whose idea of what constitutes evidence is more congruent with your own?


--Percy
EvC Forum Director

This message is a reply to:
 Message 184 by Buzsaw, posted 08-19-2011 10:56 PM Buzsaw has responded

Replies to this message:
 Message 187 by Buzsaw, posted 08-20-2011 2:48 PM Admin has responded

    
Admin
Director
Posts: 12630
From: EvC Forum
Joined: 06-14-2002


(1)
Message 189 of 1043 (629859)
08-20-2011 3:45 PM
Reply to: Message 187 by Buzsaw
08-20-2011 2:48 PM


Re: Buzsaw Banned From Biblically Related Threads
Hi Buz,

I was only trying to give you constructive feedback so that, if you choose, you can use it to return to participation in the science forums. But your reaction was to accuse me of biased moderating and purposeful silencing of opposing views.

You're restricted from the science forums because you cause those threads to go off-topic to argue about whether your evidence is really evidence, not because moderators are opposed to your views on the Exodus. The goal of EvC Forum is constructive debate, and we can't turn every science thread you participate in into an argument over what constitutes valid evidence. If you'd truly like to return to the science forums then why don't you propose a thread to discuss the nature of valid evidence. If you can reach a consensus with other people about evidence then you can return to the science forums.

Buz, sincerely, I could care less about whether the Exodus was real or not. I could care less about whether they crossed the Reed Sea, the Red Sea or the Gulf of Aqaba. I have no strong feelings either way about any religion - you know this because I almost never participate in the religious threads. What possible impact could the Exodus have on evolution, which I do discuss quite a bit?

What is important to me is rational thinking and preventing threads from bogging down, and it is because your participation works against both these goals that you're restricted from the science forums. It has nothing to do with your religious views. Sometimes I think you forget that I am not an atheist. I have no problem with any religion when it comes to matters of faith.


--Percy
EvC Forum Director

This message is a reply to:
 Message 187 by Buzsaw, posted 08-20-2011 2:48 PM Buzsaw has responded

Replies to this message:
 Message 191 by Buzsaw, posted 08-20-2011 5:42 PM Admin has acknowledged this reply

    
Admin
Director
Posts: 12630
From: EvC Forum
Joined: 06-14-2002


Message 199 of 1043 (629929)
08-21-2011 7:59 AM
Reply to: Message 197 by Buzsaw
08-21-2011 7:02 AM


Re: Buzsaw Banned From Biblically Related Threads
Hi Buz,

The first three paragraphs of Crash's Message 196 pose the key question: Why is it that even people who share your position on a matter do not believe you're presenting any evidence?


--Percy
EvC Forum Director

This message is a reply to:
 Message 197 by Buzsaw, posted 08-21-2011 7:02 AM Buzsaw has responded

Replies to this message:
 Message 203 by Buzsaw, posted 08-21-2011 7:41 PM Admin has acknowledged this reply

    
Admin
Director
Posts: 12630
From: EvC Forum
Joined: 06-14-2002


Message 214 of 1043 (631649)
09-02-2011 8:15 AM
Reply to: Message 209 by Adminnemooseus
09-01-2011 10:59 PM


Re: Ignoring the Y in YEC, and other considerations
Adminnemooseus writes:

Much of what he got suspended for (and I did give a "-" to Admin's suspension message) was building on Jar's and your messages.

IamJoseph was suspended for ignoring moderator requests to stop discussing the Bible in science forums in these three threads:

Discussing the Bible in science threads is a longstanding IamJoseph problem, and combined with his inability to stay on topic or clearly articulate anything he is a significant disruptive force in threads and I am actively trying to discourage his participation here.


--Percy
EvC Forum Director

This message is a reply to:
 Message 209 by Adminnemooseus, posted 09-01-2011 10:59 PM Adminnemooseus has not yet responded

    
Newer Topic | Older Topic
Jump to:


Copyright 2001-2018 by EvC Forum, All Rights Reserved

™ Version 4.0 Beta
Innovative software from Qwixotic © 2019