Date   

moderated Updates to Trello

beta@groups.io Integration <beta@...>
 

[Beta] New comment on card "Ability to mark a wiki page as a banner, and revert large sized sticky posts." by Mark Fletcher:

Done.


[Beta] The card "Ability to mark a wiki page as a banner, and revert large sized sticky posts." was archived.


[Beta] New comment on card "Spell check for all textareas." by Mark Fletcher:

Done.


[Beta] The card "Spell check for all textareas." was archived.


[Beta] New card "Create custom codesample plugin for TinyMCE" was added to list "Messages and Archives".


[Beta] The description of card "Create custom codesample plugin for TinyMCE" was changed to:

The included codesample plugin uses prismjs to do code highlighting. We have traditionally used Google's code-prettify.

Prismjs does not guess languages. code-prettify does, which is why we want to continue using code-prettify.

Prismjs expects code blocks starting with '

...
'

code-prettify expects code blocks starting with '

...
'. Note, the language class does not have to be specified.

Currently, we manually convert Markdown, adding classes from code-prettify.

We should create a new plugin based on the existing codesample plugin, that simply adds the correct HTML block. The other changes are that we should remove the Markdown conversion code. And we should call the code-prettify javascript instead of just relying on the CSS.


[Beta] The blue label "Messages & Archives" was added to the card "Create custom codesample plugin for TinyMCE".


moderated Re: Capability to add PDFs or documents #suggestion

 

Frances,

You can open a PDF from a file in a public group in your own group
wiki. I don't expect to be able to open a file in a private group.
No group can make its Files public, there isn't a setting for that. Wiki and Messages can be made public, but not other features as far as I know.

But it would be nice to be able to upload a PDF right into the wiki!
And that would work better for those who want a public wiki.
Or the File section could make an exception and allow access in the case of a link from that group's own public Wiki section. That might have to be a special kind of link (with a "magic cookie" in it) to avoid opening a security loophole that could expose other files.

Shal
https://groups.io/g/Group_Help
https://groups.io/g/GroupManagersForum


moderated Re: Capability to add PDFs or documents #suggestion

 

Bob,

BUT! Will a link in a public wiki to a file in the Files area ofa
restricted group activate the file?
Short answer: only if you're logged on as a member of the group.

It doesn't matter whether the group's membership is restricted or not. What matters is that while the Wiki feature has a "Public can view" setting, the files section does not.

Shal
https://groups.io/g/Group_Help
https://groups.io/g/GroupManagersForum


moderated Re: Capability to add PDFs or documents #suggestion

Frances
 

You can open a PDF from a file in a public group in your own group wiki. I don't expect to be able to open a file in a private group.

I guess you want a public wiki for a restricted group.

Actually I just wanted to be able to upload a PDF to my private group so that users of the group's wiki can click to open the PDF. So the workaround is good enough for me. But it would be nice to be able to upload a PDF right into the wiki! And that would work better for those who want a public wiki.

Frances



moderated Re: Capability to add PDFs or documents #suggestion

Bob Bellizzi
 

Just answered my own question.  You cannot open a file in a restricted group unless you are a member.

So the wiki pdf is still sticky

bob bellizzi


moderated Re: Capability to add PDFs or documents #suggestion

Bob Bellizzi
 

BUT! Will a link in a public wiki to a file in the Files area ofa restricted group activate the file?

Bob Bellizzi


moderated Re: Capability to add PDFs or documents #suggestion

Frances
 

Well, I now have a PDF in my wiki!

Thank you to Lena who sent me an example of linking to an uploaded PDF in Files to the wiki. So I uploaded the PDF to Files and used the URL from that page to insert into the wiki using the Link tool.

Works!

Frances

On May 4 17, at 3:36 PM, Frances <travel@...> wrote:

I would be happy with uploading a PDF to Files and then linking to the specific file in the wiki using the Link Tool. Whatever works! I just would like a user to go to a wiki page and find everything on that page or on a link from that page.

As for examples of adding a PDF to a wiki - a Google search adding a pdf to a wiki retrieved several. National Cancer Institute wiki. MediaWiki. Wikipedia!

Wikipedia:Creation_and_usage_of_media_files

It says that "As of March 2012, the following file types may be uploaded: png, gif, jpg/jpeg, xcf, pdf, mid, ogg/ogv/oga, svg, djvu. All others are prohibited for security reasons, and pdf and djvu are intended primarily for projects like Wikisource."

Frances

_._,_._,_

Groups.io Links:

Every message in topics or hashtags you are following is emailed to you.
The first message of every new topic is also emailed to you.
You automatically follow any topics you start or reply to.

View/Reply Online (#13642) | Reply To Group | Reply To Sender | Unfollow This Topic | New Topic
Mute #suggestion | Mute #wiki



moderated Re: Capability to add PDFs or documents #suggestion

Frances
 

I would be happy with uploading a PDF to Files and then linking to the specific file in the wiki using the Link Tool. Whatever works! I just would like a user to go to a wiki page and find everything on that page or on a link from that page.

As for examples of adding a PDF to a wiki - a Google search adding a pdf to a wiki retrieved several. National Cancer Institute wiki. MediaWiki. Wikipedia!

Wikipedia:Creation_and_usage_of_media_files

It says that "As of March 2012, the following file types may be uploaded: png, gif, jpg/jpeg, xcf, pdf, mid, ogg/ogv/oga, svg, djvu. All others are prohibited for security reasons, and pdf and djvu are intended primarily for projects like Wikisource."

Frances


moderated Re: Regarding emailed login links

 

Hi Dano,

On Wed, May 3, 2017 at 11:30 PM, D R Stinson <dano@...> wrote:

I just lost a group member. This is most frustrating for me because he made the transition to the new group fine and was getting messages by email. Unfortunately, he was never able to get logged in to the web page and finally gave up in frustration and quit. I had worked with him quite a bit and provided him with the detailed procedure that follows this message.

Can you send me his email address off-list? If the logs haven't rotated out, I can look up his interactions and see what happened.
 
In exchanges with him he indicated that all his attempts at clicking on the link in the email took him to "the page with elephants", which suggests to me that the messages were timing out for him.

What could also be the case is that he has cookies disabled. In which case he'd never be able to log in.

 
This happened repeatedly for him. Is there a way that half hour could be extended to a "Cinderella hour" for members who have problems?

I've bumped the expiration to an hour.

 
Alternately, for premium groups, could there be a way that owners could send (or have sent) a message with a temporary password directly to a member having problems, which they would then have to change upon their first login? These members would have to be fully moderated until we knew they were okay, but it might be a way around the problem that drove my member away.

I can definitely consider something like that. But I'd first like to find out why your member had problems.

Thanks,
Mark 


moderated Re: Google Docs invite phishing attack

 

On Thu, May 4, 2017 at 12:22 AM, Shal Farley <shals2nd@...> wrote:

The second factor is only required the first time you access Groups.io from a given browser/device -- not on every sign-in.

Slight addition. The login cookie expires every 30 days, which means you have to go through the entire login process every 30 days.

Still, it's a good idea to add it if you can.

Thanks,
Mark 


moderated ability to display members list ordered by posting status #suggestion

 

I sometimes wish I could easily see all the members who are on NuM, or on Mod, etc. It would be nice, if feasible, to make that a separate, sortable column in the members list (like display name, delivery method, etc.).
--
J

Messages are the sole opinion of the author. Especially the fishy ones.

I wish I could shut up, but I can't, and I won't. - Desmond Tutu


moderated Re: Google Docs invite phishing attack

Brian Vogel <britechguy@...>
 

I guess it really depends on how you interact with cyberspace in general. I use Google Docs extensively, but were I to receive an invitation "out of the blue" from someone I didn't know it would be instant "electronic round file." I make it a point to let anyone that I will be sending an invitation to (which virtually never happens, I just make most things shareable to the world and send a link) that it will be forthcoming and expect the same. For myself, two-factor authentication is gross overkill and I don't use it and have no intention of doing so. Most vulnerabilities are the direct result of inadequate reflection on the part of the user before they take an action.


moderated Re: Google Docs invite phishing attack

 

Dave,

For those of us who don't spend all their time staring at their smart
phones it is far from convenient. My PAYG mobile is only turned on if
and when I need to use it, very rarely, so I won't be enabling two
factor here.
The second factor is only required the first time you access Groups.io from a given browser/device -- not on every sign-in. This makes it far less arduous than you're imagining. It primarily happens when you bring up a new device/machine or install a new browser (or use someone else's computer). Unless you routinely use public computers or for other reasons frequently flush your browser's memory.

I don't use Google Docs either - so any email I receive about that
would be instantly known to be spam.
You don't have to be a Google Docs user to know someone who might want to share a file with you.

Shal
https://groups.io/g/Group_Help
https://groups.io/g/GroupManagersForum


moderated Regarding emailed login links

 

On 9/27/2016 at 10:33:57 AM, Mark posted:

I just made a change to emailed login links. Before, the link would expire after the first time it was clicked, or 30 minutes, whichever came first. But there are anti-spam systems that automatically click on every link in an email, and there's no way to distinguish those clicks from real clicks. People protected by these systems cannot use the email me a login link functionality (and get frustrated when they try). So I've changed it so that the links are active for 30 minutes regardless of how many times they're clicked.

I don't think this creates much more of a security issue. Please let me know if you disagree of have other suggestions.
I just lost a group member. This is most frustrating for me because he made the transition to the new group fine and was getting messages by email. Unfortunately, he was never able to get logged in to the web page and finally gave up in frustration and quit. I had worked with him quite a bit and provided him with the detailed procedure that follows this message.

In exchanges with him he indicated that all his attempts at clicking on the link in the email took him to "the page with elephants", which suggests to me that the messages were timing out for him. This happened repeatedly for him. Is there a way that half hour could be extended to a "Cinderella hour" for members who have problems?

Alternately, for premium groups, could there be a way that owners could send (or have sent) a message with a temporary password directly to a member having problems, which they would then have to change upon their first login? These members would have to be fully moderated until we knew they were okay, but it might be a way around the problem that drove my member away.

Dano

--------------
Signing onto the web page for the first time
1) Go to https://groups.io
2) Click on the blue ''Log in'' box in the upper right.
3) Enter your email address in the ''Email Address'' box. *** DO NOT enter any password!! ***
4) Click on "Forget your password?" under it.
=[ The next three steps may or may not occur. If they do, just work through them. If they don't, you'll be taken to step 8). ]=
5) This will open a new window titled ''Send Log In Link''.
6) Enter your email address
7) Click on ''Email link to log in''.
8) That will give you a message that says ''An email has been sent to you with a link to log into your account.''
9) Close the window and groups.io.
10) Check your email right away. Within about five minutes or so you should get a message titled ''Link to log into Groups.io''. If you don't find it after 10 minutes, check your spam filter.
11) Open the message and click on the link. NOTE: The link is only good for a half hour. If you get the message but it's been too long and the link has expired you can just start again at 1).
12) The link will take you to your subscriptions page at groups.io. Now you are into the website and there's not a need to rush after this.
13) On the same page, near the right end of the blue bar is your username or email address. Click on the down triangle following it.
14) This will open up a menu with your email address, the option ''Account'' and the option ''Logout''.
15) Click on ''Account'', and you will be taken to your master Login page. Your email address will show in the ''Email'' box. Below it is a ''Password'' box. Enter a password of your choice. It must be at least six characters long. Try to make a good password, and WRITE IT DOWN or otherwise remember it.
16) Then click on ''Change Password''. You have now set your password, and you should remain logged in for a number of days unless you log out.
17) If you get logged out later on, you can log in by clicking the ''Log in'' box to the right on the blue bar and putting in your email address and password that you wrote down. If that doesn't work, you can follow this procedure again to log in one more time.


moderated Re: Google Docs invite phishing attack

Dave Sergeant
 

Mark

I appreciate that two factor authentication is seen as a good thing
(although some query whether it is as secure as it is claimed to be).
For those of us who don't spend all their time staring at their smart
phones it is far from convenient. My PAYG mobile is only turned on if
and when I need to use it, very rarely, so I won't be enabling two
factor here.

I don't use Google Docs either - so any email I receive about that
would be instantly known to be spam.

Dave

On 3 May 2017 at 14:14, Mark Fletcher wrote:

As a reminder, and in general, you should turn on two factor
authentication for all your accounts, including your email account and
your Groups.io account.

http://davesergeant.com


moderated Re: Capability to add PDFs or documents #suggestion

 

Dano,

I agree that the ability to add PDF files would be useful. There are
some procedures that might be better and easier shared without the
risk of corruption by passing along as a PDF. I'm ASSuming that these
documents would be somehow checked for malicious links??
It may not be just links.

I think the issue is similar, or identical, to the question of whether a PDF file uploaded to the Files section should be allowed to open within the browser window, or whether the user is forced to download it and open it on their own. Obviously the latter wouldn't be nearly as useful as a page in the wiki.

Opening a user-supplied file within a web page opens up some risks when the file might contains scripts (programs) that could interact with the web site itself. PDF is such a format, so the question is whether the browser's viewer is sufficiently protected against malicious content. In the arms race between functionality and security it is difficult to be certain.

Speaking of "as a page in the wiki", since opening in the browser is currently supported for PDFs in the Files section, I think this would be my suggestion. Make it simple to include in a wiki page a link that refers to a file in the File section. That avoids having a whole separate mechanism for uploading files into the Wiki.

Or perhaps have Link tool in the window offer both choices: browse and link to an existing file, or browse to a File folder then upload and link to a new file in that folder.

Either way, unless some magic were worked, you'd end up looking at a PDF in the browser's viewer, and not surrounded by the usual header, footer, and sidebars that one normally sees on Wiki pages.

Notably I think we're in uncharted territory here. Are there any examples of wiki's that support PDF content in a native way?

Shal
https://groups.io/g/Group_Help
https://groups.io/g/GroupManagersForum


moderated Re: Capability to add PDFs or documents #suggestion

 

I agree that the ability to add PDF files would be useful. There are some procedures that might be better and easier shared without the risk of corruption by passing along as a PDF. I'm ASSuming that these documents would be somehow checked for malicious links??
 
Dano
 
> I work on a Wordpress website and I can add documents. I use Google Document Viewer format so everyone who has access can read it. On the wiki, we can add photos but not a PDF or other document. That would be a great addition. Someday!
>
> Thanks.
> Frances


moderated Re: Google Docs invite phishing attack

 

Mark,

There's a phishing attack going on right now that's apparently fairly
widespread, involving Google Docs invites.
I got it twice today, both times in my remaining Yahoo Groups. One fortunately held pending in a fully moderated group, but the other went through on my (mostly) unmoderated alumni group.

Both with a very odd Received line. My first reaction was that both came through compromised Gmail accounts, but now I'm not sure if the Gmail accounts were actually compromised, or if this represents a kind of spoof that passes authentication tests.

X-Received: from 73997885975 named unknown by gmailapi.google.com
with HTTPREST;
The from is of an unfamiliar (to me) form, and access through an api suspicious.

Shal
https://groups.io/g/Group_Help
https://groups.io/g/GroupManagersForum


moderated Re: Premium group badge?

Bob Bellizzi
 


Why not consider adding a buck or two per month to have premium badge.

Bob Bellizzi


moderated Need beta testers for new message editor

 

Hi All,

I posted this yesterday in another thread, but only got one response. I want to switch HTML editors on the website, from summernote to TinyMCE. But I'd like to get some feedback before I throw the switch on the entire website. If you use the website to post new topics or reply to existing topics with the HTML editor, and would be willing to test the new one, please send me off-list the email address of the account to activate. I'd also especially appreciate testers who use screen readers.

Thanks,
Mark

15681 - 15700 of 29169