I’ll be dividing them into sections based on what they’re about for readability:

Shoutbox:

- Add new thread notices like RaidForums, the server code for the shoutbox they used before the switch is on Omni’s GitHub so it should be rather easy to plugNplay

- Consider doing a code review of the shoutbox because as I remember it there are some vulnerabilities that allow users to do bypass bans and such, possibly because of improper checks in the code for things like banning and revoking of JWT Tokens.

$ -
- Consider switching Payment Gateways, I don’t know any so don’t ask me, but I know that BTCPay is open source with the only downside being presently, and likely forever, that it only accepts one currency.

Security: 

- Utilize DVZHash’s encryption ontop of the password hashing function you already use it for. This adds another layer of security if an attacker only accesses database contents through something like SQLi (but probably not RCE), although it’s fairly unlikely, If an SQL vulnerability like this were to be found it’s most likely that this site is already on the top of a few lists for it to be used on, and you can only patch once you’ve been made aware of it (usually after you’re hit)

General: 

- Remove the weird notices that show when a user has deleted a post or thread, staff can still see it, but imo they take up unnecessary space for non staff.

- Add/Create the better draft system that RaidForums had: storing threads in Local Storage and I believe on server so they could be loaded via modal without much interaction (I’ve lost many posts on here and have been way too lazy to rewrite)

- Add Twitch Emotes, and as the community grows you can also add emojis that are relevant to its history

- Add an Online Today section under Who’s Online

- Show Admins in front of regular users on Who’s Online

- Consider adding a legend like Sinisterly so that people understand what ranks are (since most of them are just icons)

- Please stop sending private messages everytime a payment order is cancelled (I’ve gotten six)

- Add profile sections for Telegram, Signal, etc. Also consider adding a PGP Key Section (that can’t be edited by Mods or Admins through UI) and is a Text Area HTML Item so it is scrollable and doesn’t just flow on for 30 years.

- Add a user2staff section and a user2user section so that people seeking help using the forum can inquire about it. Also consider making small tutorials on how to post for those who have genuinely never used a Forum before.

Design:
- not really a suggestion per say, but the missing elements of the theme should be added: The color picking thing, and the Extras tab doesn’t work on mobile
- Make the private message bar a different color, red signifies importance, messages are important but maybe yellow or green would be better?

Specality:

- Give out a credit bonus for enabling 2FA? (Could be abused) or just add a cool 2FA award lol

Bonus:
- add music that plays as you browse (I love music)

(March 22, 2022, 03:19 PM)way2high Wrote: I’ll be dividing them into sections based on what they’re about for readability:

Shoutbox:

- Add new thread notices like RaidForums, the server code for the shoutbox they used before the switch is on Omni’s GitHub so it should be rather easy to plugNplay

- Consider doing a code review of the shoutbox because as I remember it there are some vulnerabilities that allow users to do bypass bans and such, possibly because of improper checks in the code for things like banning and revoking of JWT Tokens.

$ -
- Consider switching Payment Gateways, I don’t know any so don’t ask me, but I know that BTCPay is open source with the only downside being presently, and likely forever, that it only accepts one currency.

Security: 

- Utilize DVZHash’s encryption ontop of the password hashing function you already use it for. This adds another layer of security if an attacker only accesses database contents through something like SQLi (but probably not RCE), although it’s fairly unlikely, If an SQL vulnerability like this were to be found it’s most likely that this site is already on the top of a few lists for it to be used on, and you can only patch once you’ve been made aware of it (usually after you’re hit)

General: 

- Remove the weird notices that show when a user has deleted a post or thread, staff can still see it, but imo they take up unnecessary space for non staff.

- Add/Create the better draft system that RaidForums had: storing threads in Local Storage and I believe on server so they could be loaded via modal without much interaction (I’ve lost many posts on here and have been way too lazy to rewrite)

- Add Twitch Emotes, and as the community grows you can also add emojis that are relevant to its history

- Add an Online Today section under Who’s Online

- Show Admins in front of regular users on Who’s Online

- Consider adding a legend like Sinisterly so that people understand what ranks are (since most of them are just icons)

- Please stop sending private messages everytime a payment order is cancelled (I’ve gotten six)

- Add profile sections for Telegram, Signal, etc. Also consider adding a PGP Key Section (that can’t be edited by Mods or Admins through UI) and is a Text Area HTML Item so it is scrollable and doesn’t just flow on for 30 years.

- Add a user2staff section and a user2user section so that people seeking help using the forum can inquire about it. Also consider making small tutorials on how to post for those who have genuinely never used a Forum before.

Specality:

- Give out a credit bonus for enabling 2FA? (Could be abused) or just add a cool 2FA award lol


Bonus:
- add music that plays as you browse (I love music)

Actually a very good list of suggestions

- Consider switching Payment Gateways, I don’t know any so don’t ask me, but I know that BTCPay is open source with the only downside being presently, and likely forever, that it only accepts one currency.

Already looked into BTCPay, they're biased towards Bitcoin Cash and don't make it easy to accept, https://www.reddit.com/r/btc/comments/k3ya7k/the_people_behind_btcpay_server_are_a_bunch_of/

I'll reply to the rest of your suggestions later today, some of them are really good :)

(March 22, 2022, 03:19 PM)way2high Wrote: Bonus:
- add music that plays as you browse (I love music)

some good ol' keygen music would be wonderful

(March 22, 2022, 04:15 PM)pompompurin Wrote: - Consider switching Payment Gateways, I don’t know any so don’t ask me, but I know that BTCPay is open source with the only downside being presently, and likely forever, that it only accepts one currency.

Already looked into BTCPay, they're biased towards Bitcoin Cash and don't make it easy to accept, https://www.reddit.com/r/btc/comments/k3ya7k/the_people_behind_btcpay_server_are_a_bunch_of/

I'll reply to the rest of your suggestions later today, some of them are really good :)

Aw, that sucks, but it’s unsurprising, a lot of hardcore Bitcoin ears are fucking insane.

Please add the music in background i cant live without listening to sleepthegod while schizoposting

I wished credit per post is 2 like it was, cause 1 per post would be grinding for me

(March 22, 2022, 07:47 PM)Martinabel007 Wrote: I wished credit per post is 2 like it was, cause 1 per post would be grinding for me

It was only ever 2 in certain sections AFAIR.

(March 22, 2022, 06:00 PM)Infinite Wrote: Please add the music in background i cant live without listening to sleepthegod while schizoposting

An embedded YouTube/music player could be added.

Add new thread notices like RaidForums, the server code for the shoutbox they used before the switch is on Omni’s GitHub so it should be rather easy to plugNplay - Done

Consider doing a code review of the shoutbox because as I remember it there are some vulnerabilities that allow users to do bypass bans and such, possibly because of improper checks in the code for things like banning and revoking of JWT Tokens. - I don't believe there is any, but if a ban is ever bypassed by someone I will look into it.

Security: 

Utilize DVZHash’s encryption ontop of the password hashing function you already use it for. This adds another layer of security if an attacker only accesses database contents through something like SQLi (but probably not RCE), although it’s fairly unlikely, If an SQL vulnerability like this were to be found it’s most likely that this site is already on the top of a few lists for it to be used on, and you can only patch once you’ve been made aware of it (usually after you’re hit) -- Passwords are in argon2id Already

General: 

Remove the weird notices that show when a user has deleted a post or thread, staff can still see it, but imo they take up unnecessary space for non staff. - Removed.

Add/Create the better draft system that RaidForums had: storing threads in Local Storage and I believe on server so they could be loaded via modal without much interaction (I’ve lost many posts on here and have been way too lazy to rewrite) - Added to a list of things that I will be paying a dev to add in the future.

Add Twitch Emotes, and as the community grows you can also add emojis that are relevant to its history - If someone creates a suggestion thread with link(s) to emojis that RaidForums had I will add them.

Add an Online Today section under Who’s Online - Added to suggestions list, will do later today.

Show Admins in front of regular users on Who’s Online - Added to suggestions list, not really a priority.

Consider adding a legend like Sinisterly so that people understand what ranks are (since most of them are just icons) - It's pretty much understood by people that VIP, MVP and GOD are just bought upgrades if they spend a few minutes on the forums. We don't have a lot of ranks currently, so this isn't really an issue.

- Please stop sending private messages everytime a payment order is cancelled (I’ve gotten six)

- Add profile sections for Telegram, Signal, etc. Also consider adding a PGP Key Section (that can’t be edited by Mods or Admins through UI) and is a Text Area HTML Item so it is scrollable and doesn’t just flow on for 30 years.

- Add a user2staff section and a user2user section so that people seeking help using the forum can inquire about it. Also consider making small tutorials on how to post for those who have genuinely never used a Forum before.

Design:
not really a suggestion per say, but the missing elements of the theme should be added: The color picking thing, and the Extras tab doesn’t work on mobile - Already been mentioned by multiple users, it will be worked on.
Make the private message bar a different color, red signifies importance, messages are important but maybe yellow or green would be better? - Yellow and green would look out of place.

Specialty:
Give out a credit bonus for enabling 2FA? (Could be abused) or just add a cool 2FA award lol - Will consider this.

Bonus:
add music that plays as you browse (I love music) - youtube.com

The ones I didn't cross out yet are ones I'm still considering and thinking more about.

Warrant Canary and onion domain would be sick.