bewelcome / rox Goto Github PK

Route isn't the issue but the redirect afterwards.

Couldn't find a good way for that either yet.

This is needed to handle bounces to group and other notificiations

As of request of the Safety Team: perform bulk actions on members list. This should enable easier removal of multiple spam accounts at once

All web sites should be accessible, especially those whose mission statement is about inclusiveness and connecting people. The standard guidelines are the Web Content Accessibility Guidelines from W3C:
https://www.w3.org/TR/WCAG21/

The latest alpha web site, as of today, has at least a few accessibility problems... It would probably be a good idea to run an automated accessibility checker to see if there are more problems. The most commonly used accessibility checker is WAVE:
http://wave.webaim.org/

Problems that I noticed (and I'm not really an accessibility expert):

a) All information presented as icons/images, needs to have a text alternative.
https://www.w3.org/TR/WCAG21/#text-alternatives

Examples of icons/images without text alternatives: Navigation icons in the top bar after you log in (messages, logout). In addition, using standard icons similar to those on other sites might make these more understandable -- I personally had no idea what they were meant to be until I either clicked on them or looked at the URLs.

b) Minimize abbreviations, or provide text that expands them.
https://www.w3.org/TR/WCAG21/#abbreviations

Example of this: the "Vol" link (meaning Volunteer) in the top navigation bar when you are logged in. Again, I personally had no idea what this meant until I looked at the URL or clicked on the link, and I am a native speaker of English. It could stand for many words. Also this would be difficult for translators to translate.

c) Can the home page (not logged in) be navigated without a mouse? I don't think so.
https://www.w3.org/TR/WCAG21/#keyboard-accessible

• make descending (newest first)
• search not working locally (amnesiac84)

1. User visits http://www.bewelcome.org/groups/570/membersettings
2. User sees I want to receive e-mail updates from this group:  No  Yes
3. If 'no' User expects to also see a setting to still receive e-mail updates from:

1. Threads he has started
2. Thread he has comment on
3. Threads he has marked as following

Yes, only following specific threads is probably already implemented. It's just that the user visiting the above URL can't tell.

Go to your profile. Click on "Forum posts", which takes you to a page like
https://www.bewelcome.org/forums/member/[your member name]

On this page, you can see the posts that you have made. Unfortunately, you cannot tell which group the posts were made in, just the thread/topic title, which (out of context) could be fairly confusing.

There's a missing in either one of the column layouts, which makes the sidebar move below the content. Fixing it for one type of lay-out creates the problem for the other lay-out.

Examples:

• /activities/985 (layout A)
• /activities/past (layout B)

Hi guys
I've been working in PHP about 6 years and now I want to contribute some open-source projects. I think BeWelcome is a good starting point, because it has a lot of potential to be a first host-guest website in the world.
I was looking for CONTRIBUTING.md file but I couldn't find it. Now I want to know how can I contribute and what is the starting point?
thanks

An email notification of a message within a group should be accompanied by a direct link to the group (and/or message)

• Opening page

• Login page

• Dashboard

• Inbox (including requests)

• Message-pages

• Message / request writing pages

• Map Search

• Browse countries

• Trips (display, create)

• Discussions

• Group search / display

• Groups pages

• Group admin

• Discussion display

• Report to moderator page

• Activities (display, create)

• FAQ

• Contact

• Statistics

• Terms

• Help BeWelcome

• Donate

• BeWelcome news

• Profile

• Profile edit

• My groups, notes

• Volunteer / Admin pages

Bonjour,
J'ouvre une demande de problème sur github car le boggue perdure depuis trop longtemps maintenant. Depuis plusieurs mois, il m'est impossible de me connecter sur le site bewelcome.org.
J'ai donc fait la demande pour recevoir un nouveau mot de passe. Je reçois bien les courriels avec le nouveau mot de passe. Mais impossible de me connecter avec mon identifiant habituel et le nouveau mot de passe... ??
J'ai donc à 2 reprises envoyer un rapport de bug via le site bewelcome.org mais aucune réponse depuis bien plus d'un mois déjà.
Le projet est-il encore vivant ou est-il juste mort ? Il ne serait probablement pas encore mort vu qu'il y a eu un commit il y a moins d'un mois.
Cordialement.

It's not possible to paste a text in private message.
It says "use Ctrl+v"
Android

As per the title, our geodata provider (geonames.org) license their work under a Creative Commons Attribution 3.0 License, but none such attribution can be found in the repo or the site. Can we amend this?

Since more and more websites let you login with an e-mail address, the members assume it can be done on BeWelcome as well. This saves frustration with members and work for the support team.

Requests could/should be sorted by date of request not date of sending.

Code gets a bit confusing with the mix of requests and messages.

The search map tries to connect with google (maps.googleapis.com). As we're using OpenStreetMap on default, would it be possible to not connect with Google? Members from countries where Google is blocked could otherwise not use the map functionality.

On current production Web site, with Iceweasel 38.0.1 (firefox) or Chromium 43.0.2357.65 on Debian Testing, the following message appears in a textarea on the top of the page when I open the setlocation page:

Please implement
SetLocationPage
 ::_getLoginMessages()

or create a file
"/var/rox/deployment/www.bewelcome.org-4dea01b/htdocs/../build/members/templates/setlocation._getloginmessages.php"

The second name always returns to the digit 0;

The last name is not saved. It shows an error when editing other parts of the profile and not providing a last name.

When a group gets deleted the code should remove the membership entries in the database as well but obviously fails to do so. This wasn't a problem with the old code but the new code uses the memberships as the entry point and not the groups so this leads to problems.

A database cleanup is needed and the group deletion process needs to be changed so that membership is really removed. (Use cascade in Doctrine entity class?)

At this moment, the map search gives only the number of comments left on a profile page of active members. It ignores comments from inactive members.

For example:
a member has 18 profile comments, and 8 of the authors are inactive. The map search states that the member has 10 profile comments. The text search states 18 comments. On the profile page 18 comments can be read.

As per request of the Safety Team: some profiles are dubious, but not clearly spam accounts or safety issues (for example: empty profiles). An additional status/label would help the Safety Team, and perhaps the NMBW team, to follow dubious profiles over time.

Hitting https://www.bewelcome.org/members/mikael to the browser works normally.

Opening that link (with target="_blank") from another page breaks https and causes the page load without CSS.

Refreshing doesn't help but hitting enter at URL bar helps.

Chrome.

Log;

Mixed Content: The page at 'https://www.bewelcome.org/members/mikael' was loaded over HTTPS, but requested an insecure image 'http://www.bewelcome.org/gallery/thumbimg?id=15567'. This content should also be served over HTTPS.
mikael:489 Mixed Content: The page at 'https://www.bewelcome.org/members/mikael' was loaded over HTTPS, but requested an insecure image 'http://www.bewelcome.org/gallery/thumbimg?id=15568'. This content should also be served over HTTPS.
mikael:489 Mixed Content: The page at 'https://www.bewelcome.org/members/mikael' was loaded over HTTPS, but requested an insecure image 'http://www.bewelcome.org/gallery/thumbimg?id=15564'. This content should also be served over HTTPS.
mikael:489 Mixed Content: The page at 'https://www.bewelcome.org/members/mikael' was loaded over HTTPS, but requested an insecure image 'http://www.bewelcome.org/gallery/thumbimg?id=15562'. This content should also be served over HTTPS.
mikael:522 Mixed Content: The page at 'https://www.bewelcome.org/members/mikael' was loaded over a secure connection, but contains a form which targets an insecure endpoint 'http://www.bewelcome.org/a'. This endpoint should be made available over a secure connection.

Stats are based on pChart which isn't developed anymore and not compatible with PHP 7.

There is no need to send the user an e-mail copy of the message he posts to groups.
Just like GitHub does not send one a copy of the issues we post here.

I'd like to link to BeWelcome from http://nomadwiki.org, ideally automatically from all city and country pages. For this to work there should be something like bewelcome.org/geo/Paris and bewelcome.org/geo/France - these 301 pages can be redirected elsewhere of course, but I don't want to manually construct this link for each page.

See also warmshowers/Warmshowers.org#620

Hi and thanks for making rox (and BeWelcome)!
Here's the issue:
You send a message to someone. A few days later, you realise they haven't replied and so you want to send them a second message. There is currently no _easy_¹ way to send a second message that is connected to the first one (ie: keeps the conversation context).

Most email clients make it possible to reply to your own sent messages, as if they had been received. This will automatically quote your own message, and let you write your new message above.

A simple "reply" button under messages, next to "edit" (which I'm not sure should exist, by the way), would be a simple way of sending follow ups while maintaining the conversation context.

Thanks!

1. Sure, you can copy your last sent message, click "reply" to your correspondent's last message, paste your last sent message, select the whole text in the text box, click "blockquote" and then start typing above that, but only nerds like me will do that.

Thought you guys would like to know, Bootstrap v3 just got deprecated:

twbs/bootstrap#20631

Change the call for resetpassword finish to redirect to a login widget on mypreferences. Show flash notice to user above.

• go back to the previous steps
• no check if 2nd password is the same as 1st
• no check if 2nd e-mail address is same as 1st
• no general input checks
• white bar over language selector (text not visible)
• question mark after date of birth is for gender
• setting hosting marker (step 3) shows insecure connection
• unable to set location
• "save settings" should be renamed to "finish signup" (or something like that) and button should be doubled at bottom of the page

I'm surprised that the old code ever worked.

Needs to be investigated.

• can't get past step 4 - showing input array (with password as cleartext)
• Language selector not showing/working properly

For some regions, it shows only ([num]) instead of [region name]([num])

Examples:

• Serbia
• Kosovo

Accounts that have never logged in (yet confirmed their account), have an active status and are ignored by the yearly login reminder. The result is many inactive (empty) accounts, with an active status

In the new email notification template BW logo gets out from the top grey bar. Depending on the dimension of the window and/or from the length of the title of the thread, it can also overlap text making it illegible.

When entering a destination on the Dashboard page (Where do you want to go?) it redirects to an empty map.

New FAQ questions are wrapped in <p> </p> making it shown with an empty line

Add a possibility to translate on the new website as the old version doesn't work anymore.

Trac issue #1976 reported by sitatara:

When I create a blog post and set it to "private" everyone who knows the direct link, can access the blog post. So, basically it currently is the same as the setting "protected".
By the way, I don't quite understand why we do not offer a "members only" visibilty setting for blog posts.

This should be revalued / rewritten, or give the Support Team the option to manually set a new temporary password.

Heya!

Would you guys be interested in adding oAuth to BW? I'd like to have verified links to BW profiles from @Trustroots profiles.

Right now I'm simply asking for BW username and forming a link from it:

Output:

Maybe in the future this could be developed towards something where changing hosting status at one site changes it at all the other hospex sites as well...

Upon the same topic at WS: warmshowers/Warmshowers.org#716

Logging in and/or loading the landing page takes quite some time. Anything we can do about it?

To reproduce: search for Crete in text search --> nothing related to Greece comes up

Works as intended in map search.

Locations affected (spotted so far):

• Crete
• Transnistria

As result of suggestion 49 already the visibility for new posts was changed. Finalize this by blocking access to the forums and groups for non members.

Not sure what the issue is. Worked fine locally.

Trips are a nice idea but unfortunately don't match with the community expectations.

There is a trips rewrite going on in a branch:
https://github.com/BeWelcome/rox/tree/feature/trips

Feel free to test on https://api.bewelcome.org

• hiding the latest entry does not work, it still shows up

Not really a rox-related bug, but would it be possible to enable third-party application restrictions for BW organization on github?

'Cause I'm trying to set up CI at work and it looks like BW allows third-party access by default (i.e. any member with read access can authorize an application to access BW organization's data) and I'd rather not give access for BW if possible (I don't think we have particularly sensitive data in BW github organization, but still)

A good read about third party restrictions can be find here

This:

Lorem 👍  Ipsum

Would render just:

Lorem

Didn't test if this is the case with other text fields at the site as well.

(I don't know if we are tracking issues now here or still on trac, so I put this on both. Sorry for the confusion, feel free to close the one that is wrong)

Some of the wordcodes that should be added by running migrations are already present in the words.sql database dump. This causes the migrations to fail. The workaround that I used to continue with my install was replacing the INSERT INTO queries in the tools/roxmigration/roxmigration.php/_writeWordCodeToDb() function with REPLACE INTO queries. This way the query succeeds even if there is already an identical wordcode in the database.

Should we make this change to the official code too? Is there a reason why we would like to have a fatal error instead of silent replacement in such a conflict between the existing wordcode and a migration? Or would it be better to fix the developer db dump instead?