Here's some thoughts I've amassed so far on the msg. board upgrade:
- One of the easiest methods for attackers that have just procured their new msg. board 0-day exploit in the shadier parts of the internet to test the effectiveness of their new wares is to search for specific software & version numbers combinations and proceed (to make an account there first and then) with the actual testing. With that in mind, it might be best to judiciously comment out parts of the footer here in the relevant .php assets since it currently states both the msg. board software as well as its version, a cautionary measure we've been taking with previous versions for awhile now.
- Another issue regarding security that might be apropos now would be something already discussed awhile back internally, namely whether it's time the site started forcing https. Looking into the issue of how one might go about acquiring a certificate for the site is something I've admittedly never dived into myself (or even if such a thing would be granted to a host's subscriber automatically), but I've noticed plenty of other hobbyist-level sites switching to https over the past year, and just going by that, I'm assuming hosts and authentication services should be making an effort to provide these relatively easily these days. Oh, also maybe finally resolving the www subdomain discrepancy that's probably divided the community for years now into two groups unbeknownst to anyone as well :s. I distinctly remember cookies not being interoperable between the two as quite a baffling discovery that first led me to start looking into this 'round the time Cat became the boss.
- While sorting members by the "last visited" stat isn't offered anymore in the memberlist page
- and it's a feature the return of which I'd certainly welcome back - the code itself to achieve that doesn't seem to've been removed in the php. This leads to the weird situation where one can
perform that particular query, but only after guessing the correct relevant variable's value (or look it up in their pre-upgrade browsing history). To wit and for convenience, here's the members list by last visit sorted in descending
order. Given that it's still possible to do this and I'm assuming this wasn't a conscious choice on CEONSS' part, the omission of that option seems to've been decided either officially, but late in main version dev and after the old code was allowed to remain, or, even more bizarrely, on the theme level. Long rant short, plz keep it in mind in case there's a way to re-enable that column/toggle.
- In the aesthetic/stylesheet department now, I almost immediately noticed two issues, which were both easy enough to resolve through some simple additions to an already existing Greasemonkey script I've had for the site, so let's go through those for a bit. The first was already brought up above by Maniac and involves the #linkrow element being given a "width: 100%" attribute (Firefox says that's in stylesheet.css line 1311), which causes its contents to stack vertically instead of spreading horizontally. Removing that entry should fix the needless cramming.
Issue number two has to do with the background image's two columns seeming a bit too indented, which screws with the rest of the theme's otherwise cohesive design (although I definitely preferred the older one myself, but more on this later). Obviously, this is more of a subjective assessment than a proper bug report, but I'd still recommend giving the body element a "background-size: 82.3% auto;" attribute just to see how much nicer it can look that way (IMO), and then decide where you finally leave it at.
- Speaking of the older theme, any chance that a backup of its assets was made somewhere that we could theoretically access & use to improve some of the current one's... less than stellar assets? It's those yellowish/orange square status icons I find especially catch one's eye as strikingly generic and flavourless :/. More of a longer term low priority issue this, but just thought I'd poke the subject, see what people think of this theme now that it's actually been in use for awhile and where any of their criticisms might focus on.
- Been seeing Bing's little spiders crawling around recently and it made me wonder where exactly the current robots.txt (and/or equivalent directives) configuration stands right now. I think there was also a long enough previous period where the msg. board was prohibiting google trawling through our premises, so which way would you say this mentality has evolved towards now? For my part, I've always been kinda distant on the whole matter myself, so don't take this as veiled criticism for or against any recent changes, btw.
- Last, but not least, anyone else finds it weird how the site no longer has a favicon? You know, that weird feeling you'd get if the badge in the front (or atop the bonnet) of your car just got ganked? That yellow star wasn't exactly high-concept art, but it was the trinket that tied our whole theme together, damnit
Anyway, that's all I could think of for now, hope some of it helps.