AllAstronauts

I've looked over the upcoming release notes for the next version of this gen of software and checked the support forums and there is nothing on this reported or noted anywhere. So that leaves two options. New hitch specific to the latest iPhone software in which case it will start to be reported and then dealt with in a patch or new version (in which case there's nothing I can do) or... maybe you've got some bad JavaScript hanging around on the phone in which case wipe the caches however you like and try try again. I'd test locally but the newest iPhone here is a 7 Plus so... I do have a newer iPad but not sure if that's the same for browser stuff.

This will be a bit buried but this should lay it out maybe slightly better. Now: You can login with <your username OR your email address> AND <your password> When the next version of the software hits: You will login with <your email address> AND <your password> Your password is not being changed or required to change but what can/is happening to many users is this: Forgot what email they used to register on this site with. Know the email address but the email account is lost/deleted by <workplace, university, ???> Forgot the password to this site completely and are just using the browser saved password or password manager to deal with it. So imagine when this change over happens and the above three points come into play and you did not have warning ahead of time. Forgot email used to register here? How do you login at all? Know the email address? Great. But if you also forgot your password good luck getting a password reset as that will be sent to... Will the password manager apply the right password when you login with an email address and not your username? TLDR; Make sure you know your email address and password before we update the site. That's it. This is at least, MINIMUS, three weeks away. Likely longer. Especially since nothing has been done yet to prep for the change over other than turn the dev site on more or less. BTW, the Google linked accounts should be fine, not sure about the Twitter linked accounts post-Musking. <for those that registered on this site those ways>

Nothing changes. Your username remains unchanged. Just how you login - that's it.

Chiming in here. Staff know there are going to be edge cases where people have not only forgotten emails but have actually lost email accounts and have been just logging in with usernames for eons. You'll be able to ping staff to get stuff resolved (some of you have already begun so...) . No one will need to create new accounts and lose the old ones. Yes, the change is basic net security these days. People can see your usernames and spam login tries with common passwords using your username - not only can they maybe guess your crappy password he says looking at the people needing to be seen but they can also lock you out of your account for x-minutes with bad login tries. This applies to just about most sites these days so if you have not encountered similar email-to-login requirements elsewhere expect to along with mandatory two-factor logins and all that. This site ain't that far into security yet but I could turn two-factor on and just not make it mandatory...hmmm.... No, no one than than staff can see your email addresses so no problemo there. People are just returning from holiday breaks so these changes are not any time in the immediate future. I just turned on the new dev site the other day so that should give you a pointer to where things are. It's no great shakes to convert the old app to the new standards, and minimal work really to do the look and feel stuff. But, as mentioned in other threads, major software version means it's a great time to clear the decks, look at the landscape, clean the kitchen, and look at upgrades and new features for you guys. I'm 99.999% sure some fun API stuff (think: show data and media) I was hesitant to bring over to the front-end due to cost might actually be financially viable and I've got notes from staff and my own notes on changes/maybes and I've actually started puttering with <gestures broadly> the last two days. Mobile users will be pleased as the software more mobile friendly. You'll want to create a home screen link to the website on your mobile device and just treat it as an app that way. No previews yet, just started all this yesterday. Yes, some of you will get an early gander to dogfood this stuff and yell at me and the usual. Dark mode is a native feature, there is a new post editor, and so on, but it's still the same forums you know.

This is all on the server end; dealing with it. Mayhaps there is a wild conflict with the S3 (not AMZ) storage so I moved all the theme/css/js stuff back to the server for hosting. All blessings to Krampus, may this bring merriment to the holidays.

Incredibly frustrating as things are rebuilt fine, then a task that runs 3 hours later throws some cached JS files out of sync and then the file names do not match so they don't get loaded. Hoping this is it.

I just ran a system upgrade to the latest version. There *might* have been a tiny bug that when a routine task to clear out old files ran, it caught a signal from the clear caches thing and unsynced some javascript files. That might be why things work for awhile and then buttons stop working and images stop loading. Anyways, give it a bit then yell if there are problems.

If y'all need an after-action for this stuff: <I'm, hand-waiving away a lot here, just go with it> There was HTTP and everyone said this web stuff is fun. Then someone came along and said "you realize all our comms over the wire are more or less in plain text that anyone can listen in on" so they added an S to the end and came up with HTTPS. When you connect to secure sites your comms are encrypted both ways and no one can snoop <for values of 99.999% excluding NSA and other three-letter and/or international agencies>. They could record all the traffic between you and here, but not much they can do about it. It took ages for people to get religion and for use to ramp up but then someone said "great, the comms are encrypted, but how the hell do I know you and this site are who you say you are. You could be lying?" so we got security certificates. We can create these certificates ourselves directly on the server but these are the equivalent of you making your own drivers license as an 18 year old to try to get into a bar. So instead, you contract out with other organizations that "verify" you are you and that you control the actual server and control the actual domain and the domain name is kosher and etc. etc. Then you the site owner receive two bits of cryptology which you add to your site's web server so when you, yes you the user, connect to a website that purports to be secure, your browser checks that these bits of cryptology check out and match x, y, z and so on, so forth. All good, connect away. You can trust all this. Certificates do expire. Sites move servers, things change, etc., so its built into the system to have these time-limited. When a cert expires, you get you a new one, upload the bits, things carry on as normal. Note the site and your comms between you and here REMAIN SECURE even when the certificate is self-signed or expired. Always secure. But can you "trust" that nothing bad has happened? So... When the browser detects that a certificate has expired or is self-signed it now tells you something is up! And for about the last five years or so they really try to stop you from visiting the site at all to "protect you" from yourself. So, what happened here? The certificate expired a few days ago. The certificate was renewed at the external org that does this stuff. Note this is a paid-for certificate and needs to be manually applied to the server. Nobody told me this was going on. Your browsers cache tons of stuff, so as your browsers collectively started to detect the expired certificate, and the underlying services (image hosting, etc.) did the same, stuff started to "break". And then at 1230am my time I got pinged :) Short story short, the site owner got texted and I poked around the server to see where the certs were. No txt back but I noticed a free solution was set up but was never configured or used, and just used that to generate the new certificates, then went to bed :) The free solution, for those that need closure, is that about 10 years ago some people realized that paying for another org to verify you are who you are and so on was just an un-needed tax on the entire web. All that is needed for kosher certificates is for the person controlling the domain (site name) records and the actual server itself to match up <hand-waiving here again>. So something called LetsEncrypt was born, a free service, that automatically renews everything, hands-off excellence. Verifies domain and server and so on are all correctly, truthfully linked together and issues the certificates directly on the server. As for the janky site-width and font-size stuff chalk that up to a bad site-cache clear internally sometime over the last 24 hours or more and some javascript was skipped and not cached correctly. These probs go away with the new tech stack in version 5x of this software which the dev site for the new version of this site goes live... uhhh... whenever the site owner makes a tiny change in an account file so the dev site can go live. You should be nice to @CM-BlueButterfly, some users will get to play early for test purposes. Everything is working, verified, width-font buttons too. All down to caching and time on your end now.

Certificate is valid again, if you accepted the not-secure stuff to browse it will take a bit before your browser validates (whatever) the new cert but if you open the site in another browser or an incognito mode it will be secure. You can check the cert status by clicking that little box next to the start of the site url up top. It will say secure now and if you click that to view the details you'll see a LetsEncrypt cert that will "expire" in March and subsequently be automatically renewed at that date and we'll never speak of this again.

There is a bad advertising provider in the mix. Report this in the bad ad thread. Note: Any place can get caught out on this. ESPN still lets through ad that will swap the page I'm viewing for some random Comcast offer thing.

As far as I know there have been no updates to the site in ages (a few months at least) Check your Account Settings and Content View Behavior to be sure nothing has changed there:

This came up before when I tossed this feature in for kicks. Yes, easy to do. Was not done at the time for the above reason. Could be done with a cookie toggle like screen width and light/dark and so on. Again, easy. This is just an info dump, should not be taken as will-happen, might-happen, etc.

hmmm Now?

CSS files stalled when built for cache. All better.

Just gonna pop-in and say that what you (all) are starting to do is shape what will be the next version of the Shows app. The show header image was just a derpy throw-in while I was doing <redacted> for mods a few months back. The external API stuff is all there with episode counts and previews and summaries and etc, etc, and is available in the backend already. Just throwing these things in willy/nilly into what is here right now is not ideal (albeit easy though). I'd actually automate the whole thing. Adding a show sets up all the automatic data pulls and presentation with mods allowed to over-ride as needed/wanted. As this is a business, there are generally costs for APIs when there is a profit to be had so there is that consideration as well when backend things spill into public things. Given the closure of the main PT site I imagine changes of the overhaul/wholesale variety will be measured and planned so as to anchor things going forward with the next version of the software AND to last a fair number of years going forward. Do not take anything I said as to mean "there will be a new shows app", "this site is going to upgrade the software soon", "this thing I want is going to be added". None of that in any way, shape, or form is true as it simply has not been discussed yet. Right now, only possibilities; until they are not.