Skip to main content

December 29

Hi everyone, hope you had a good Christmas and everything :) lots of updates below!

Documentation Server: Published

It’s now publicly viewable! I changed a bit of the documentation structure, moving webserver setup stuff out of the AWS part of the docs and into its own section, as much of it isn’t specific to AWS so it didn’t make sense.

The docs can be found here: https://docs.desertedchateau.com/, complete with excellent memes to show each category. There's a lot of guides and other info for other people who want to make an art website on there.

Migration of non-tech articles to Bookstack

Where Deserted Chateau’s non-tech articles are concerned (e.g. guides on how to use the site and that sort of thing, I set up a separate BookStack server to serve as the gateway for that. If I find a way to have the tech and non-tech docs on one Bookstack instance in a neat and easily accessible way, then I’ll do that, but otherwise I think it makes more sense for them to be separate.

Either way, I’ve started the migration; I’ve made the new server, and now it’s a case of formatting the old articles and writing new ones.

Backend code improvements

  • Cleaned up various areas of code that were generating PHP warnings (undefined array keys, etc). Still a fair bit to do on that front, mostly due to some sloppy code I did while making things work and then didn’t go back to.

Bug Fixes

  • Fixed a firewall bug that was blocking uploads (one of the AWS WAF core rules blocks request bodies over 8KB, which in this case wasn’t helpful)

  • Fixed a bug causing commission-info pages to not load correctly, as Apache was not redirecting them properly.

Security improvements

Changed the PHP session prefix, so it isn’t the default one, and updated the documentation with instructions on that in the php.ini file.

WAF & Lightsail changes

Instead of using a Lightsail Load Balancer, the site now uses an Application Load Balancer. The main difference is that since it’s part of EC2 and not Lightsail, it has a lot more features, meaning it’s possible to restrict access to the load balancer to only coming from CloudFront (ensuring nobody can bypass the CDN and go straight to the load balancer, which would bypass the firewall as well).

The single load balancer now servers both the webserver and the messaging server, by routing traffic to separate target groups via host headers. I will need to test using multiple messaging servers, and double check the code for that to ensure there is nothing that depends on the local messaging server’s state.

Profile sub-pages: TinyMCE usage

With many technical things out of the way, it’s about time I started finishing some of the functionality that is left to be implemented. I’ve started designing the templates for commission info pages, OC pages and so forth. Some of the Apache changes above, among other things, were problems I fixed while starting to do this.

In theory, this shouldn’t be too difficult: the code is now properly set up to show each part of a user’s profile. I’ve cleaned up the scripts that handle loading each separate area of the profile page, and so the main task now is to design and implement the individual page templates.

Artists like to be able to customise these pages a lot, so I need to design it with that in mind. Initially, I thought to do this via some preconfigured templates that could be used and customised, but I’ve been investigating another possibility that occurred to me: using TinyMCE as a way of letting users make a “custom page” of sorts. It doesn’t solve the problem outright, but it allows for a lot of customisation which would be implausible to do manually.

OC pages won’t be doable this way (it would be very inconvenient, and it makes more sense to have configurable templates that let people specify common traits like colour palettes easily).

Figuring out TinyMCE plugin functionalities

As part of the profile templates idea above, I’ve been figuring out and debugging a few oddities in TinyMCE, mainly due to do with the previews plugin and the image upload handling.

Image Upload Handling

When uploading or dragging and dropping images into TinyMCE, there’s a default handler that processes the upload, but it’s generally intended to be overridden for the website using it. The existing system for uploading artworks does the job fairly well here, but it’ll need some extra customisation (namely, a new “upload type”, to customise how they’re uploaded and handled).

I also need to decide on a method of handling temporary uploads. In the normal artwork submission, this is fairly easy: when an artwork is submitted, it’s moved from the temp uploads folder to a permanent one. For TinyMCE it’s a bit more awkward, because trying to change the URL of an uploaded image in the editor’s contents would basically mean string replacement, so I need to make sure it doesn’t inadvertently break any user content in the editor.

The Preview Plugin

One of the official plugins for TinyMCE lets you preview the content in the editor, but it seems to come with a security vulnerability (the iframe it’s rendered in allows scripts and same-origin together, meaning it can escape its sandbox constraints). I’m asking the TinyMCE community about that to see if there’s some info about this, as nothing is mentioned in the official documentation for the plugin, or for the security docs for TinyMCE either.

Remaining on the to-do list

At the moment, these are the main things that need to be implemented.

Artwork Comments

Part of this is done - the comment box appears on artwork pages, and submitting comments will be an easy process. The main challenge is going to be laying out comments in the details area so they’re neat and tidy, and handling cases where there are too many comments to show, etc. Not a major difficulty in itself, just one that might be a hassle in terms of getting the styling right.

Polishing up the Search Control Panel

The control panel that lets users customise searches is in barebones format at the moment; this should be quite easy to do, as the SQL query to make it all work was the difficult part. With that done (hopefully no bugs left in it) the control panel itself should be fairly straightforward.

Moderation tools

The moderation tools need to be polished up, big time, for backend purposes. The underlying data structures and database tables are done, though I might examine them again to see if there’s a better way of storing reports and collections of reports (e.g. active reports on a given artwork).

Bookmarks & Following pages

Two things here; bookmarks pages need to have better styling and the ability to navigate folders of bookmarks, and the following pages need some additional styling and options, to let users e.g. hide reblogs or otherwise filter their following feed. The bookmarks page is the one that needs the most work, partially as the folders are a bit weirder to display, but also to try and figure out the logistics of showing small size images in bookmarks folders when a user wants that. It’s easy to display them per se, but how to approach e.g title overlays and so on is difficult in that small space.

Profile sub-pages

This is the one I’m in the middle of. The main goals here are to sort out TinyMCE configuration for this purpose, and then to figure out some basic templates for users (both pre-made TinyMCE content, but also page layouts themselves).

Back to top