Fundamentally Fundamentals

Hey all, hope you’re doing well. I’ve been busy since the last time I wrote up one of these. Both the second half of January and first half of February saw me do a lot of necessary work on the site. I took a little break around mid month but have since gotten back in the saddle and I wanted to keep you abreast of what’s been going on and what to expect soon.

Simplicity is elegance

If there’s something I’ve been whinging on about for years is how messy Kusaba X, the board software is from a code perspective. There’s some attempt at order in places and partial attempts to normalize structure but it’s always been somewhat haphazard. A lot of the work this last month and a half has been dedicated to dealing with some of the biggest offenders.  

For one, I’ve refactored code relevant to generating threads whenever a post is made. This essential but unsurprisingly unreadable piece of code was split into several cases on whether only a single thread was being changed, if a post was build build by an asynchronous request (eg hovering over a quote) or something else. It’s now been mostly unified and made legible, cutting off several hundred lines of excess code. This means that if I want to tweak any feature there it’ll be easier to do so going forward and a lot of related systems like generating the title for the page and archiving have also benefited from less hacky code.  

In the same spirit, code in the management section has been simplified. Things like the front page news/faq/rules were consolidated into a single modular structure, bans made solely universal (per board bans are really unnecessary in our use case), moderators likewise made global in all cases and several useless options removed entirely. All in all relevant sections are about a thousand lines of code shorter! Not to mention somewhat more modular, meaning that I could add a privacy tab without having to write a new module.  

I know, all this stuff is kind of boring, but just one more bit about refactoring.  

There are many AJAX requests available on THP. Like whenever a thread is expanded, a quote hovered and post generated or a post previewed. For the most part those have been consolidated into fewer backend files, making the code more compact and easier to tweak. This necessitated modification of our page generation templates, adding to complexity but the end result feels well worth it. There is at least one new feature that I plan to implement in the nearish future that will benefit from having an easy-to-understand request API.

Security and sessions

When the board software was first written up, PHP was less-than-decent when it came to security. Over the years I’ve taken several steps to make the site more secure for users and moderators. I’ve talked about some of this in the past.  

This time around I finally got around to overhauling how staff is identified. The main thing was updating how passwords are stored. The original designers of Kusaba X opted for a salt+hash scheme that was akin to a simple lock instead of cryptographically secure. Now I’ve updated the site to use proper ciphers that keep passwords secure in both the database and in any hypothetical attack scenario.  

As an added bonus, I’ve also tweaked some of the secure session bits of code. Yeah, I know, probably Greek to you. But the exciting part of my getting a handle on that business is that I’m now somewhat confident I can handle secure data during different types of requests. Meaning that if I were to add certain user features that might optionally require some sort of login I’m halfway there.  

Gotta go fast

While I was at it with all these changes I also optimized a lot of how pages are loaded. How and what is cached, the order things are loaded and so forth. My own tests from home and on my phone show that pages are loading noticeably faster than before; initial loads are about twice as fast and subsequent browsing being somewhere like 5-10% quicker.  

I have a few more ideas on how to optimize things further but they’ll have to wait until I add a few other features as it’d be pointless to do the same work twice.  

Misc (aka easier to just list)

• Reported posts now get directly emailed to me.  
• A few column in our database have been pruned altogether as they’re no longer needed.
• There’s been a few subtle CSS changes, particularly on the front page
• Redirects (eg error pages) now always point to same domain
• cupcakes tweaks
• Text decoration system (bold, italics spoilers) overhauled and made to work consistently under all sorts of scenarios
• A lot of editing of archived threads to account for all these other changes so that they looks and work the same was as the rest of the site

Coming up

Time permitting, I hope to have the next batch of changes done within the first ten days of March. I’m still not sure I’ll be accomplish everything I want so I won’t get too specific about what they are. Most of it has to do with the site UI and how certain features are accessed. I want to provide a more coherent and simple experience that’s the same on both desktop and mobile views.  

I also hope to add a lot of customization options which will allow me to then apply some of those aforementioned optimizations. I’ve got my design document more or less figured out but there’s still a few things I’m not sure are technically feasible without adding too much complexity. I plan to do as much as I can and simply scrap what doesn’t work and if necessary come back to it down the line. If there’s any extra time after that, I want to add few small things like the ability to post directly from cupcakes.  

Once all is done, I plan to work on a big overhaul that’s long been on the roadmap. Exciting stuff that I think you’ll agree is overdue. But I’ll spill the beans next month, after I finish with these upcoming changes.  

Until next time, take it easy!