Always fun to be reminded how old some parts of the code base are. I wrote this function in 2009 and added that comment in 2015. It's still in production.

But it looks like it worked.

now has integration with :

There we go, is now not only "open source", but also "open data":

monetization idea: Charge for changing username.

Muscle memory is a scary thing. I delete so much from that I accidentally also marked the API documentation as deleted.

After several failed experiments a few years ago, I'm finally playing around with Content-Security-Policy on again.

As expected, I'm getting flooded by bogus reports where I can't tell if these are caused by maliciously injected code or by useful browser plugins installed by users. :blobunsure:

Been looking into database rights a bit more, in the context of providing dumps. has a pretty good FAQ* on it, but it's still such a mess. In particular, many countires do not recognize database rights and users in those countries are free to ignore any license restrictions. That's not very encouraging.


Random fact: Kiritani Riria[1] and Aoi Miyabi[2] are tied at first place in having a shitton of traits.


users: "Please implement this huge list of features."

Also users: "Wait, you're going to change that little thing over there? This is the end of the world everything is going to be broken!"

Some time ago I had hardened 's authentication system to provide extra security checks at the database layer using column-level security and stored procedures.

Now that I'm modifying the authentication flow on the website a bit to add the dictionary check, I realized that I can't introduce a major vulnerability even if I wanted to - the database model won't let me.

The hardening was to protect against SQL injection, but turned out to be useful beyond that. :blobcataww:

The number of account deletion requests has been increasing over the past few months. I wonder what's triggered it. More awareness after the GDPR? Updated privacy policy with an account deletion procedure? (but whoever reads that?) The occassional "[deleted]" user on the forums or database history to advertise it?

Ugh. So many strong opinions on today.

Either I've gotten slower at programming or worse at time estimation. I thought I'd implement 's character editing form in a day, but I just spent a full day on a small part of it.

I don't think people are going to appreciate my sense of humor when they're too busy being annoyed by rate limits, but at least this is better than nginx's unhelpful default error page.

It sometimes surprises me how dedicated some people are to manipulate scores of their favourite visual novels. Someone created about 40 accounts spread over the last month, each with a different (non-throwaway provider) email address, each with about 30 to 40 votes each.

That's a lot of effort, and it only takes me a few minutes to find and undo all that work...

Welcome to your niu world ! We are a cute and loving international community O(≧▽≦)O !