Suggestions

[nearsou]

Hi! I just found about meanTorrent and I think you did a great work there. I love it ! However, I would like to see some features and adjustments made in futur updates :thumbsup:

Here are some suggestions:

[Nemcio]

One might add:

• When registering a new account could use security reCAPTCHA/CAPTCHA.
• Confirmation of account activation by mail.

[nearsou]

Hello there, here is some update that can be accomplished, this is only ideas, if it's possible feel free to do it or not 👍 :) Hi @taobataoma I wish a good and happy new year 2018 !

BUG report :

---

CSS :

• Improve style sheets in private message box(right receiver, left sender with bubble) the current one is little bit illegible in my opinion. img1
• Improve reply message system in torrent commentary.

General

• Show status 'pass' if you have it or not in profile
• Add filter search in torrent by existing 'group maker'
• Add double check confirmation register password
• I may be wrong but anonymous upload shouldn't appear in group maker in this logic because they want to be anonymous or allow to the founder or admin to hide member username if they want to be anonymous in group maker.
• I think the downloaded torrents need to be shown in the tab profile info "Torrents finished： 0".
• Add subtitle upload pending
• Able to set/unset Torrents Maker Group after upload torrent
• Add local rating movie, TV Serial like the music one
• Enable to edit or reupload NFO in page torrent , also able to download NFO file.
• Add more detail in search result (image or id to recognize the right one if there is duplicate name) in slide bar..., and keep the last choice selected for another time useful when you have to repeat the action.
• Add system progressbar of donations with percent % & mount of goal donation to fill it manually.
• Make special staff message to send message for support (all the admin) instead of putting email to contact them everwhere, well you can fill that just by putting link like this (/messages/send?to=admin) I guess...
• Add embed video for trailer to upload/overview torrent page in movie serial cat if it's possible and available in tmdb like this https://puu.sh/yBqCS/ea00f4630a.png

---

Forum:

Show in user post forum :

• Number of user message
• User status : admin, oper, normal user, moderator|VIP, by color red for admin etc or tooltip display.
• The reputation ('reputation' might be how many thumbs-up you got in total for example) above the avatar. like this https://puu.sh/yCTVD/c4bfc60553.png
• Add button to shortcut emoji in toolbar.
• Add spoiler function (to hide message).
• Add link embed video function.
• Hide up/down if in profile it's hidden.

  ---

  How to get score point :

• Login each 24h(not working)
• Post a message in forum/In torrent commentary(set limitation earn point per day to prevent spamming)
• By seeding torrent (depend on per seed/hour, per size, per life, total torrent, if torrent have no much seed this will give more point etc)
• By uploading torrent & subtitle and downloading(upload gives obviously more point than download).
• Someone gives you a thumbs-up...

  System Shopping :

• Buy Giga ex : 5, 12, 30, 80...
• Buy 1 invitation.
• Set one torrent in Sale [by putting its torrent ID] or [token] Sale.
• Get 1 month VIP or more.
• Buy a badge|title( or this will maybe can be get auto when user reach certain level or number of score set... (even if they spend their score) or a custom title).
• Buy "change display name" available once,
• buy a request (if request page is done).

  Chat :

  In the chat box, when you click on an avatar you should be able to see a list/box with some options such as:

• Chatlog persistent message (100+ message can be seen even if you refresh the page).
• Announce bot new torrent(can be disable by user if you want checkbox).
• Text message align left or right(not both) one above the other in chatbox for more clearness & readability(however this left right system could be useful in private message).
• System user timeout(mods&admin).
• Delete single message(mods&admin).
• Link url "go to profile".
• Overview profile (ratio/up/down/ if not hidden) by cursor flew over like in /admin/invitations/official page invitation info.
• Button to popup the chat separately from site.

Security :

• if user fail to enter input many times and no matter what username/password is, prohibit just the IP for x hours to prevent spam like this img

---

Already done:

• Make a global torrent indexer for all uploaded torrents in all categories. Instead of that is it possible to make a global search ?
• Add system notification : News notifications home page : maybe a slide bar that show you some principal information like poll, news of the time linked to forum etc...
• button 'accept' appears when you upload a request
• Anonymous upload should appear also in request
• Add classification button to list every category messages.
• Torrent reviewed or deleted by admin
• Comment&Reply on your own torrent
• Request filled
• @mentionned by username
• Forum reply, thumbs,
• H&R warning adding(remove) notice. ~~Add Request page : ~~ This needs 4 pages : - View page request - Add a request - View all request - View your request information.
• Users can make a request of torrent if it doesnt exist in the tracker.
• Users can make only 1 request by default, and later if they buy with score, one or more requests in shop(see system shopping). ~~I think there are 2 solutions to do this when you fill a request : - User can take the request by pressing "accept request" and noone can accepts it anymore until filled it or reset by timeout, only him can complete the request manually by putting the ID/URL of torrent. - Second choice, to be complete straightly and automatically, make a "upload" button that redirect you directly to the upload page /torrent/uploads|TVSerial|IDRequest for example and then when you upload the request is filled with updated infos~~
• Users can also vote for request, this doesnt impact anything just gives the interest rate of people for request.(OrderBy vote needed).
• Section comment of each request. ~~Overview of request page : img1 - img2 - img3 - img4 I take a screenshot to update of what request page could be, this is more clear and inspired by rartracker.~~
• ~~Add 'add as friend' users that way you can easily find them. I'm asking if on 'following' page, is it possible to add button shorcut to send message ? well the thing is I was expected only 'add friend list' page and user add between them with autorisation but this is also fine 😉 ;~~
• Add RSS feeds.
• I don't know if you have finished the announce, but now the downloading doesnt work anymore, I can see peer but it's not starting 🤔 .
• Does the ratio H&R work properly ? I shared the file to 3.0(1.5 settings) and it didn't remove the H&R, it seems that uploaded/ratio doesnt count, but it detects and gives you H&R.
• Translate missing or bug at VIP notice message status 2
• I wonder if seedtime is working too, I have a question, this is in Milliseconds right ? seedTime: 60 60 1000 24 7, can I change this value for testing purpose ?
• The seedtime is working.
• In User info tab it doesnt update some information https://puu.sh/yJBN8/1e2141d6e1.png
• There is something wrong with H&R notification when have a H&R, system notice you "H&R warning removed" instead of "You got a H&R warning"
• Add date/time uploaded file info in torrent page
• Does the total ratio of user count in H&R ? or count in general ? If not, it's better to put total ratio limit and force normal user to maintain above 0.75 for example ? (To force them to keep sharing the minimum required and not just unlimited download, so maybe new user got minimum 5GB+ free at the beginning)...
• Able to edit title of topic
• Set option to "review" for maker group doesnt work. It passes the torrent if "review" selected or not.
• Signature forum : Text with no space will continue until the end without line break https://puu.sh/yAHs8/20b43c63d5.png, also would be better to set limit of characters input like 100 total length for example.
• meanTorrentConfig Showed, I personally don't feel its safe to let view every config by right clicking in source code page, like the tmdb API, the port, the backup db, and other stuff if go on, if you please manage this part by hiding it, I really appreciate it if it's possible and I think im not the only one who thinks that 😄, in my mind the security of the site comes first before all the rest, thanks @taobataoma 😄
• Idle user: let user to login, but can not download anything, user can reactive account by score(maybe a lot of score number).
• Add info "view all files" in "tab title" of torrent, if I made a pack of season for example, we'll see a list with detail name.ext and size in the torrent. https://puu.sh/ysKos/ac1786cd68.png
• If you switch the Sale Type Set in panel admin, you got "undefined" name of uploader and group in the list of category https://puu.sh/ywDeI/cc71f4ff74.png
• I got a bug with reset password it sends me 3 times in a row the email, but I think it's my navigator, this remind me if you can put limit to request reset password like once every 24h for example and to prevent spamming.
• Is this https://puu.sh/ysJf9/57f929e9a1.png suppose to redirect you in search page with tags selected ? Because it doesnt do anything.
• Normal user can see VIP Torrent displayed when it is on Torrents Maker Group
• Wrong link TMDB page when you upload TV Serial one
• Option to set user limit signup 400/400 of maximum registeration users for example
• Add "go to top" in torrent commentary section as well.
• Possible to autorefresh notification message without refreshing page ?
• User can't change email.
• Follow forum topics and get notified for updates.
• Add background image for groupe and for the style /about/maker🥇
• Security : I don't know much about security but we can see in layout.server.view the server configuration "meanTorrentConfig" of the site in source page, i'm asking is there any chance someone use this part of js to exploit the code or something else ? What do you think
• use iu-notification when you are logged in and get notified like this (when you pinned a topic for example for X time) would be great notif (I found a way, just use system message to advert people there is news)
• When you invite someone (not official invitation) with score and active his account and sign in, the status didnt update '/invitations/detail' https://puu.sh/ypVu5/c352c7f3f6.png
• Header ratio shows you are minus 1 when you have infinite ratio https://puu.sh/ypYFk/b46671dcb3.png
• Weird score showed when you share torrent and got point https://puu.sh/ypYIQ/b95a11bd2d.png
• When you delete a subtitle and put another with the same name it says "File already exist". I see subtitle file in modules\torrents\client\uploads\subtitles still there.
• When you have not enough score and give score no string appears https://puu.sh/yojuO/70f6370bfc.png
• Admin can add a poll topic (choice between x and x or multi choice checkbox)
• When you delete a whole category, topic that you pinned before in 'global topics' still there and are no more accessible (not found) and it shows this link https://puu.sh/yof8D/6034ab2a28.png
• In /admin/torrents/ missing string https://puu.sh/yoO8D/b110fbb2bb.png
• Add option to admin to delete an account.(already available)
• There is a type of message that you cant delete and this always notified you even when you are already read it, its message from system(User message) https://puu.sh/yngF1/9d3a825218.png
• When you send message once from user profile page it work (link /messages/send?to=5a09a824d938c928f4ea10ae|nears) but if you retry in the same page (link /messages/send) with id user there is error Bad Request Error: Receiver user id is invalid https://puu.sh/ynfQh/40c6d2d83f.png https://puu.sh/ynfWn/d98beecca4.png
• Simple user can see category by searching
• 'Announce Editor' is just for deleting the passkey of .torrent file right ?
• Is this good idea to add in 'home' a section that shows you for example an annoucement, poll, news... maybe linked to forum?
• Add button able to "go to top of the page" useful when topic is fully charged of comments.
• I think the Avatar in forum is too small maybe need a readjustment like 100x100px for example.
• Add option to add more main category like 'affairs, discuss, business...'.
• Add button and fix emoji in forum, i tried to put :smile: in markdown but didnt work.
• Add option to category that only some user with rights like VIP/Oper/Admin can only see.
• simple user cannot edit or delete his own message in the forum
• Give the right to Admin to review torrents.
• When you're not logged in you can still see the website's headers (VIP section/Torrent...etc). You should totally hide them leaving the Sign in/Sign Up forms especially for a private tracker usage.
• I think that asking users for their full name when signing up is a bit inapproriate, making an alternative sign up form that accepts usernames instead would be appreciated.
• Add "Hide my profile" option/ set paranoia level (like Gazelle/WhatCD).
• Getting notified for the receipt of messages not only when visiting the Message Box but starting from the home page.
• The CMS is ratio based, therefore the total Uploaded/Downloaded amount, Ratio and score/level should be displayed in the header and not only on the account status page.
• Add signature for forum I made a clearest idea todo list i wish you good continuation see ya :)

[taobataoma]

@nearsou very thanks for your idea, they are very good, so i will add it to my dev plan if i feel it is compatible for meanTorrent. meanTorrent get better and better because of you and other friends.

forum main category value is configure in torrents, admin oper can add sub discuss area and manage it by admin menu 'Forums configure', This is designed to reduce the workload reasonably.

emoji issues is on MARKED module, fixed it maybe need a long time.

'announce Editor' not only delete the passkey of torrent file, it change the old announce url to your configure announce url in torrent.js, also can changed from other tracker server`s announce url, it can changed from any torrent file.

[nearsou]

@nearsou very thanks for your idea, they are very good, so i will add it to my dev plan if i feel it is compatible for meanTorrent. meanTorrent get better and better because of you and other friends.

No problem my friend !

forum main category value is configure in torrents, admin oper can add sub discuss area and manage it by admin menu 'Forums configure', This is designed to reduce the workload reasonably.

So if I want I can create another main category like 'Affairs' I need to do it manually in the code ?

emoji issues is on MARKED module, fixed it maybe need a long time.

I dont know if its right thing but I found this maybe it can help https://github.com/chjj/marked/pull/238#discussion-diff-21877341 https://github.com/chjj/marked/pull/238/files#r21877341

'announce Editor' not only delete the passkey of torrent file, it change the old announce url to your configure announce url in torrent.js, also can changed from other tracker server`s announce url, it can changed from any torrent file.

Ok thanks for the answers !

[taobataoma]

@nearsou about emoji i need more time. another, if you want create new main category, you must need to edit the config file 'torrent.js', this is a specialized config setting file for meanTorrent now, is so easy, the forum only is a simple discuss area, It's just a service to Mean, not a professional forum :)

[nearsou]

Oh I understand now, well thanks for the answer ! 😄

[taobataoma]

@nearsou

1, admin can delete user account in admin menu 'manager users' and enter user detail page, and can edit user displayname 2, in forum, readonly can set on forum and topic, when create a forum by admin and set readOnly(Users are forbidden to post new topics), then only oper/admin can post new topic, normal users only can list topic, and can post new reply if topic is not set readOnly(Users are forbidden to post new replies), if set readOnly on topic when you post new topic, then only oper/admin can post new reply, normal user only can list replies. meanTorrent separately control readOnly on forum and topic, i think this is a great idea, what do you think about it?

[nearsou]

1, admin can delete user account in admin menu 'manager users' and enter user detail page, and can edit user displayname

I'm sorry I didn't see that option haha forgive me.

2, in forum, readonly can set on forum and topic, when create a forum by admin and set readOnly(Users are forbidden to post new topics), then only oper/admin can post new topic, normal users only can list topic, and can post new reply if topic is not set readOnly(Users are forbidden to post new replies), if set readOnly on topic when you post new topic, then only oper/admin can post new reply, normal user only can list replies. meanTorrent separately control readOnly on forum and topic, i think this is a great idea, what do you think about it?

This is good idea there, but when normal user create topic he has the right to set the topic on readonly right ?

[taobataoma]

@nearsou yes, normal user also can set readonly for his topic at bottom of submit form before submit.

i already fixed 'SCORE_NOT_ENOUGH' translate string, has many string is return from server, i will put them into translate file later.

[nearsou]

@taobataoma this is what I was looking for, is this good to allow him to set topic readonly ? I mean there is no reason to do so, tell me what you think :)

[taobataoma]

@nearsou Of course, there's no scene to need normal user to set only for his topic, this is can limit to oper and admin, But this function doesn't have any special impact, what i need is in readonly forum, normal user can post new reply into not readonly topic.

[nearsou]

@taobataoma Oh yes you are right and I see now what did you mean earlier. 😄

[taobataoma]

@nearsou 'delete a whole category' issues, i need your detail of specific operation steps, thanks!

messages issues already fixed.

[nearsou]

Ok, in Forums post new topic, pin it to global status > go to Forum Configure > Delete the forum where you create the topic global status > return to the forum and see the topic is still there in global status with error and not deleted

[nearsou]

I have finished the translation you can add it if you want, tell me if I miss something, I'll try to update, translate it when I can and when something changes here in this post 👍 :) translation-file-fr.zip

[taobataoma]

@nearsou very thanks for your translation file! 👍

about 'delete forum' issues already fixed, however, it is not a professional forum, delete a forum will have a lot of complex statistical work needs to be done, but also easily lead to statistical errors, so I did not delete these themes, just hide them, so try not to do this operation so as to avoid too much garbage, of course, this is not perfect. Fortunately, this operation will not demand too much and too frequent. :smile:

[nearsou]

@nearsou very thanks for your translation file! 👍

No problem!

about 'delete forum' issues already fixed, however, it is not a professional forum, delete a forum will have a lot of complex statistical work needs to be done, but also easily lead to statistical errors, so I did not delete these themes, just hide them, so try not to do this operation so as to avoid too much garbage, of course, this is not perfect. Fortunately, this operation will not demand too much and too frequent. 😄

I got it, yes but I wasn't thinking they will stay after deleting the forum, I will not touch that anymore, anyway, I think in the forums you did the minimum requiered and this is good enough, very thanks @taobataoma !

[taobataoma]

@nearsou infinite ratio showed fine now, and I don't understand why there are so many decimals of score number, and now it's forced to display 2 decimal places.

the score system is a interesting, complex statistical systems, meanTorrent will design more and more score events to help users get more score, and now has achieved the introduction is not the same, it needs to improve it in the future

another issues, When I invite someone (not official invitation) with score and active the account, all the status is fine on localhost and demo site. please test again if you have time, thanks.

[nearsou]

the score system is a interesting, complex statistical systems, meanTorrent will design more and more score events to help users get more score, and now has achieved the introduction is not the same, it needs to improve it in the future

Thanks I appreciate it.

another issues, When I invite someone (not official invitation) with score and active the account, all the status is fine on localhost and demo site. please test again if you have time, thanks.

Yes you are right, It seems problem solved don't know how, I can't reproduce the bug anymore, thanks for the answers.

[taobataoma]

@nearsou meanTorrentConfig content just display some of the settings through the browser to the user, and there will be no security problems, because the important settings in the server side has a judgment, if you modify the browser variable value does not have practical effect. Of course, you remind me, I will carefully filter again, to avoid missing some important restrictions.

[nearsou]

@nearsou meanTorrentConfig content just display some of the settings through the browser to the user, and there will be no security problems, because the important settings in the server side has a judgment, if you modify the browser variable value does not have practical effect. Of course, you remind me, I will carefully filter again, to avoid missing some important restrictions.

@taobataoma Good to hear 👍 but is there any way to hide this part just in case ?

I flew over all the CMS and I think I did all the suggestion that meanTorrent needs, thanks to you for giving your time to continue this project, and im glad I could help ! 😃

[taobataoma]

@nearsou Add 'Contact Staff' Tab to contact the staff directly instead of @ email as '/about/black' , '/vip/donate' or 'torrents/uploads'

this need more detail explain please

Option to set user limit signup 400/400 of maximum registeration users for example

signup has setting switch, and need this maximum setting?

Disable account user when he is not logged while X time

I think about this, i do not want to disable login, i think let user to login, but can not download anything, user can reactive account by score(maybe a lot of score number). but this function need few time.

system notification

about this function, i will optimization it, add 'system notice' type into current message types, let it include forum reply notice, forum thumbs up notice, torrent thumbs up notice, torrent comment reply change notice, h&r warning adding(remove) notice...... etc. and in message list page, i will add classification button to list every category messages.

System shopping

this is a good idea, but it is very complex, let me to think about it, i can add it into my dev queue and do it after release.

for other suggestions, i have no idea now, let me check it one by one later, if i do not mention it, you can keep them in the list. Thank you for doing these things, and you'll make meanTorrent better and better.

[nearsou]

this need more detail explain please

Make a staff inbox page especially to send message for support (all the admin) instead of putting email to contact them, well you can fill that just by putting link like this (/messages/send?to=59fb42c5d2ba652e38d1cf15|nearsou) which is good too...

signup has setting switch, and need this maximum setting?

Yeah no need to do that I forget that you can disable invitation anytime in the setting, nevermind.

about this function, i will optimization it, add 'system notice' type into current message types, let it include forum reply notice, forum thumbs up notice, torrent thumbs up notice, torrent comment reply change notice, h&r warning adding(remove) notice...... etc. and in message list page, i will add classification button to list every category messages.

This is huge thing to do, thank you.

this is a good idea, but it is very complex, let me to think about it, i can add it into my dev queue and do it after release.

Yes, I know, I was thinking about how to put more thing to buy, but if you feel its complexe, just try to do the basics.

for other suggestions, i have no idea now, let me check it one by one later, if i do not mention it, you can keep them in the list. Thank you for doing these things, and you'll make meanTorrent better and better.

No problem ! I wish you good continuation.

[ObiWanTwo]

If I may suggest also, the actual SMTP code only accepts email providers such as GMail :

mailer: {
    from: process.env.MAILER_FROM || 'admin@chd.im',
    options: {
      service: process.env.MAILER_SERVICE_PROVIDER || 'Gmail',
      auth: {
        user: process.env.MAILER_EMAIL_ID || 'example@gmail.com',
        pass: process.env.MAILER_PASSWORD || 'password'
      }
    }
}

Is it possible to add support for real SMTP Servers instead of actual popular providers to help keep staff anonymity ?

[taobataoma]

@Answer-Man meanTorrent used nodemailer to send email, it is not only support GMAIL, here is the services list doc Well-known services, It has a lot of configurable options, and you see if you can meet your needs。

[tojoaijo]

Hi al, @nearsou I apologize for taking advantage of your publication to give a suggestion :) Just a suggestion: how if the admin will receive an message (or email) when someone have upload a torrent on the website (on Private torrent)? because, the admin need to "Review" the torrent before the client can seed the file and if we can have a link that list all torrents not "review" yet by admin. This is just a suggestion but feel free to do it or not @taobataoma :)

[nearsou]

Hi al, @nearsou I apologize for taking advantage of your publication to give a suggestion :)

No problem you can take a part of suggestion

Just a suggestion: how if the admin will receive an message (or email) when someone have upload a torrent on the website (on Private torrent)?

This maybe will be in th notification system as "- When your torrent was deleted or approuved (if deleted then send reason why with message notification) "

because, the admin need to "Review" the torrent before the client can seed the file and if we can have a link that list all torrents not "review" yet by admin. This is just a suggestion but feel free to do it or not @taobataoma :)

You can already see this in manage torrent in panel admin '/admin/torrents'

[tojoaijo]

You can already see this in manage torrent in panel admin '/admin/torrents'

I see it but this need to check on every categories, so if we can have 1 link regroup all files which not been reviewed by admin

This maybe will be in th notification system as "- When your torrent was deleted or approuved (if deleted then send reason why with message notification) "

Yes, and we just add a notification to admin when someone has upload a torrent

[nearsou]

I see it but this need to check on every categories, so if we can have 1 link regroup all files which not been reviewed by admin

In todo list of @taobataoma we can see that he will do :

• View all files of torrent.

So expect that you can see it later 😄

[tojoaijo]

ah ok, I haven't seen it :smile:

[taobataoma]

@tojoaijo I will add a road to list all new torrent for admin later.

[ObiWanTwo]

I've been having some issues with the inbox. I cannot clearly distinguish which message came from who or who's talking because the CSS for the received messages and the send ones is pretty much the same (light green, alined, profile icons on the same side). So I've been thinking of a way to make it more comfortable to read and Facebook's inbox came to my mind: visually simple and clean. Isn't possible to rearrange the CSS so that it looks and feels better ? Here is an example:

[taobataoma]

@nearsou

Also if user enter wrong username and password x times in a row, get access(by IP) for x times, to prevent brute forcing and more security

I carefully thought about this problem. This kind of login failure numbers limit does not have much benefit. If we only count the number of password errors and then prohibit the account, it is unfair to the users themselves, because someone malicious login causes the account to be banned. If the statistical password error number and IP address binding, then the user can login because the IP address is not the same, if the same IP address and the number of errors enough, we can prohibit the IP address of the user attempts to login. However, the workload of the forbidden program is much more than that of a normal login and return password error, so this prohibition is not really meaningful. what did you think about?

[Phogo]

I think this would be better handled serverside with fail2ban or similar.

[nearsou]

I carefully thought about this problem. This kind of login failure numbers limit does not have much benefit. If we only count the number of password errors and then prohibit the account, it is unfair to the users themselves, because someone malicious login causes the account to be banned. If the statistical password error number and IP address binding, then the user can login because the IP address is not the same, if the same IP address and the number of errors enough, we can prohibit the IP address of the user attempts to login. However, the workload of the forbidden program is much more than that of a normal login and return password error, so this prohibition is not really meaningful. what did you think about?

hmm I don't know, I've seen many popular tracker doing this like (Asiandvdclub or Apollo) Otherwise why not prohibit just the IP, if you fail to enter input x time and no matter what username/password is ? However users can still always reset their password if they forget it anyway... Thing is you can use the login connection to spam many times to try to login without repercussion.

[ObiWanTwo]

Fail2ban wouldn't give you as much flexibility as a ban on a specific page for a specific reason would do. With fail2ban/firewalls you may limit the number of requests done per ip over a specific protocol but you can't control for which request flood the target should be banned. It isn't a matter of protecting the server but a way to secure users accounts from being stolen by bruteforce. My thoughts on this are: You should probably ban an IP for multiple connection trials using the login form, whether the trials were on the same account or not.

[ObiWanTwo]

In the admin profile (in your demo website) we see: Torrents seeding：2 profile but when clicking on "detail" only one torrent appears : seeding The same problem subsists with "Uploaded torrents", you've uploaded 79 torrents but the displayed number is 65. Or maybe these are dummy numbers for testing purposes ? Can you also please add details for Forum topics/Forum replies ?

[taobataoma]

@Answer-Man

In the admin profile (in your demo website) we see: Torrents seeding：2 profile but when clicking on "detail" only one torrent appears : seeding The same problem subsists with "Uploaded torrents", you've uploaded 79 torrents but the displayed number is 65. Or maybe these are dummy numbers for testing purposes ?

I found this issues on demo site, Some data contain test data in it, so it doesn't look normal, but I will check it again. If these data are abnormal on your site, please contact me again.

[ObiWanTwo]

So as @nearsou has done, I'm going to make a list of suggestions that I'm going to update instead of spamming this thread.

Security Improvements:

• Force user's disconnection if he has been banned while still logged in. (delete his cookies to force disconnection maybe?)
• Anti RatioMaster / Anti tracker deletion in BitTorrent clients. I know this is very hard to implement as it requires some brainstorming but an anti-cheat system that blocks both ratio cheating and announce deletion after establishing connection with seeders (to prevent sending fake upload packets) would be a nice thing to do. If you wish, I can open another issue to discuss this matter as I have some thoughts myself.

Issues:

Global:

• Add a moderator rank whose only work is to moderate forum, chat and validate/delete torrents.
• Use Moment.JS to format dates in the "Life" function:moment(Life, "YYYYMMDD"). This will give us much cleaner results, for e.g instead of 150d we will see "5 months". You can change the language by using moment.locale('lang').
• Add a screenshot section or at least automatically resize them and display them in a horizontal scrollable grid because they take too much space. Problematic torrent Here is what I mean by "horizontal scrollable grib" You may combine it with the idea of embed videos of @nearsou.
• To delete a torrent the admin/oper must fill in a field that explains the reason for the deletion (perhaps even by referencing the broken rule). Thus the uploader of the torrent in question receives a system alert message with the explanation. You may also implement this for rejected pending torrents.

  Invitations:

• When a user is invited from the "official invitation" panel it's shown that the user has been Invited by：undefined instead of System.

  Chat:

• To prevent spamming, add a wait time between each sent message by a given user. (5 seconds maybe?).
• Add spam filters (filter mature language through specific rules, filter urls maybe using regex) that could be easily modified by admin/oper.
• Give oper/admin the possibility to delete messages (one by one).
• Add an announce bot that pushes in the chat each new published torrent (as an irc bot would do). Or make a log tab where all recently added torrents are stored.
• Make chat messages permanent (chatlog with a display limit of maybe the last 200 messages).
• Divide chat into sub channels (a support tab for example in which users can ask for help or discuss issues).
• Fonts/Colors apply to all of the written text in the chat box. Make them apply only for the selected text as BBCode or Markdown does for example.
• Colors should be reserved to admin/oper to pass important messages.

  Forum:

• Create an Oper Office and prevent oper from accessing Admin Office. (Admin should have access to Oper Office though). Make the same of each rank (if you're wishing to implement more ranks).

  Optional:

• Make User Rules/VIP Rules editable from the page itself. The modifications will apply for the selected language only.
• Add an Announcement/News tab in which the staff can pin/push forum topics. As Gazelle does with its homepage.
• When a torrent is made VIP it's hidden from everyone (including operatons) in both the homepage and the search engine. Make operators/administrators VIP by default.
• All of the website's time variables should be set by a Timezone setting that can be modified from the user's profile (this would be useful for summer times).

  API:

• Make uploading using API possible for authorized user's. This will result in much faster uploads and could be helpful to create uploading bots that will automatically push torrents to the website.

  Resolved :

• Hide admin IP addresses from other admin and oper in the admin manager userpage.
• Hide other sensitive information : Users passkey from oper (as they may abuse it), and admin passkey from oper/other admins.
• Same issue as the forum, VIP torrents can be accessed through their url by normal users.
• Time related variables are not coherent with the user's timezone.
• ~~Add an uploader rank that can bypass torrent pending, this rank is manually given to trusted users. By doing so, the website will continue to work even if there is no admin/oper to validate pending torrents.~~
• Add an orderBy function for "Life" and "Size".
• Add option to cancel sent (Unassigned) invitations in the "Send Official Invitation" Panel.
• Prevent adding users as moderators to the "Admin Office".
• Make a user's status modification (idle/inactive/banned) display in his profile immediately after the modification is done. At this time, we need to sign out and then sign back in for the information to display to the user himself. Press F5/Force refresh to see modifications.
• Make an option to hide the profile information (oper/admin can still see them).
• Add a tag filter for VIP content for VIP users along with "Hit and Run" and "Sale now" (as in "Manage Torrents" section).
• Add a quick access download button in the home page.

I hope this can be useful to you.

[taobataoma]

@Answer-Man

Hide admin IP addresses from everyone (even other admin/oper).

meanTorrent do not show ip of any user in userinfo page, only in admin manager user page, so any user can not view admins ip.

Force user's disconnection if he has been banned while still logged in.

can not disconnect user timely if he has been banned, but user can not download and announce when his status change to banned and idle. I think this is enough. and user can not login again when he is disconnection.

When a torrent is made VIP it's hidden from everyone (including operatons) in both the homepage and the search engine.

that is right, when a torrent become VIP resources, it do not show in everywhere, only show in vip list section, VIP has its own special download area and not everywhere, I think there is no problem in this logic.

Make a user's status modification (idle/inactive/banned) display in his profile immediately after the modification is done. At this time, we need to sign out and then sign back in for the information to display to the user himself.

this is like above, can not disconnect user timely if he has been banned, but he do not need to sign out and sign back, the status will changed when he refresh any page, Even if it is not refresh, the download and announce is forbidden and can see tooltip info with why can not to do this.

Make an option to hide the profile information (oper/admin can still see them).

this is already done, in profile setting page, you can checked 'Hide more account detail info', then your more detail info will be hidden for other normal user.

Make User Rules/VIP Rules editable from the page itself.

meanTorrent support Multilingual, maybe edit the translate file is the simplest road.

Add an Announcement/News tab in which the staff can pin/push forum topics. As Gazelle does with its homepage.

this is in my dev plan, I will add more info on homepage, and these info come from forum topics, admin notice, site sale etc.

Other not mentioned items, I can do it later.

[ObiWanTwo]

meanTorrent do not show ip of any user in userinfo page, only in admin manager user page, so any user can not view admins ip.

I'm talking about hiding it from other admins/oper, from users that have access to the admin manager user page.

can not disconnect user timely if he has been banned, but user can not download and announce when his status change to banned and idle. I think this is enough. and user can not login again when he is disconnection.

What you can do to force disconnection is to ban the user's cookies. His browser will disconnect him when it will check for valid cookies. Because the banned user can continue to see forum/chat...etc until he decides by his own will to disconnect and that's not safe.

that is right, when a torrent become VIP resources, it do not show in everywhere, only show in vip list section, VIP has its own special download area and not everywhere, I think there is no problem in this logic.

It's logic, but this also means that a VIP torrent has less visibility from VIP users than other torrents as it will not bump up in the homepage. This is a minor issue, so do as you please.

the status will changed when he refresh any page, Even if it is not refresh, the download and announce is forbidden and can see tooltip info with why can not to do this.

My bad, it did not try to refresh manually. I thought the website would do it when browsing.

meanTorrent support Multilingual, maybe edit the translate file is the simplest road.

But then only the sysadmin can edit them. There is no way for the other staff members to directly modify without waiting for a sysadmin to connect. You are loading a separate VIP Rules file for each language, you could make the user edit the rules for each languages as well (either way, they need to do it even without this feature).
Thank you for your quick response.

[tojoaijo]

Hello all friends :) This is not an issue but it's better to rectify it:

GIT_REPO: 'Power by ©meanTottent

it's on "modules\core\client\app\trans-string-en.js" and "modules\core\client\app\trans-string-zh.js", line "878" we just have to change "meanTottent" to "meanTorrent"

[taobataoma]

@nearsou

Add auto system donation : Possible to add only the minimum like the most used method Paypal API ? which I think is already included. If it's too complicated for the full auto then do it as semi-auto(without changing VIP status when donate) : User donate and fill the form through paypal url, sends the response back as text with the mount and ID in Admin panel tab. In this way users dont need to send pm to admin each time and no need to justify his donation and after that admin gives the VIP status manually to the user. What do you think ?

The best way is auto change all status after donation through the payment api, but this is hard and need more time, let me think or do it later and later

[nearsou]

The best way is auto change all status after donation through the payment api, but this is hard and need more time, let me think or do it later and later

Ok nice ! I didn't know you were still on it, thanks for the answer. 😄

[taobataoma]

@nearsou

Set option to "review" for maker group doesnt work. It passes the torrent if "review" selected or not.

issue is fixed,

• If maker or user has upload access of "pass", the uploaded new torrents do not need to review by administrators!
• maker group upload access is preceded by user upload access.

[taobataoma]

@nearsou

Does the total ratio of user count in H&R ? or count in general ? If not, it's better to put total ratio limit and force normal user to maintain above 0.75 for example ? (To force them to keep sharing the minimum required and not just unlimited download, so maybe new user got minimum 5GB+ free at the beginning)...

The total ratio include all up/download data with sale coefficient with vip coefficient and include H&R torrent up/down count, and each H&R has own up/down(with out sale&vip coefficient) count and ratio, H&R warning from as H&R ratio and seed time, if H&R warning number too more(can configure) so can not continue download any things, but can continue the warning H&R torrent and to seed to upgrade his single H&R torrent ratio.

The total ratio doesn't matter to H&R ratio, if the total ratio too less(can configure), can not download any thing but can seed. this ratio check after user signup 30 days(default 30, can configure), so new user can upgrade his total ratio in this 30 days. admin can set many torrent for sale or free, this total ratio is easy for new users. so not need default up data 5G like you said.

[taobataoma]

@nearsou

Does the ratio H&R work properly ? I shared the file to 3.0(1.5 settings) and it didn't remove the H&R, it seems that uploaded doesnt count

Let me check it.

I wonder if seedtime is working too, I have a question, this is in Milliseconds right ? seedTime: 60 60 1000 24 7, can I change this value for testing purpose ?

Yes, time is in Milliseconds, you can edit it in torrent.js, 60 60 1000 24 7 means 7 days.

[taobataoma]

@nearsou

I don't know if you have finished the announce, but now the downloading doesnt work anymore, I can see peer but it's not starting 🤔 . Does the ratio H&R work properly ? I shared the file to 3.0(1.5 settings) and it didn't remove the H&R, it seems that uploaded/ratio doesnt count, but it detects and gives you H&R.

Which client are you used to download?

The announce data to tracker is a very complicated, because some client run announce request is different, like as announce interval time, some client used value by returned from tracker, some client used custom value, this is not important, the first important different is some client do not include uploaded/downloaded value in request, I tested 'Vuze' for mac v5.7.6, it is not report the value, so tracker server can not receive data and to update user status value. did you used it?

The second trouble is some client do not announce the 'stoped' event to tracker server when user quit client directly with no normal stop all seeding/leeching torrents. like as Transmission for mac v2.92,

You should know, when a client start a up/down task and announce to tracker, server will create a 'Peer' record include user`s id, peer_id, torrent_id, uploaded, downloaded, seed status, ratio, etc. and remove this record when user announce stop event. but, when user quit client directly, server can receive the stop event, so do not to remove this record, and when user open client again and start same session, server will create a new record with these value because the 'peer_id' is not same as above, ok, now, the old record is became ghost, I can delete the ghost peer record with some rules, such as idle time? but, delete these ghost record maybe bring new error, because the cause of idle time too long maybe by server down? maybe user s network? If user has no quit client and up/down work fine, only can not announce to tracker, so the 'peer_id' is not changed, when server is ok, but the record is deleted, then server will create a new record to save user data, this will cause inaccurate data to be reported. I work hard with these problem.

now, maybe all are fine, but, the data problem with 'Vuze' is big trouble, do you have any idea?

I've been solving this problem these days. :smile:

[nearsou]

I use Deluge latest version with qBittorent, yes it depends on which client do you use, I didn't know that, now it's working fine on qBittorent with Bittorent. However in user info tab didnt display the seeder now I don't know much about client and their problems, all I know is sometimes trackers bans some client to avoid this sort of problem Thanks on your effort on that @taobataoma 😄

[taobataoma]

@nearsou because change the announce logic, so count number of user and torrent maybe Incorrect.