mobieus — Profile

mobieus profile picture

Patrick Bass

@mobieus 🚀
Super Admin 0
Message
Trade feedback Collections RSS feed
1 friends 0 followers 1 following joined May 2026

I built Mobius.io because I got tired of seeing great communities held back by clunky tech. Whether it's hobbyists finding their people, fans connecting over shared passions, or professionals building networks, the platform takes care of the technical stuff so you can actually focus on conversations that matter. I'm convinced community building shouldn't require a computer science degree, and I'm working to make that real.

Fort Smith, Arkansas, United States
Reply on "Stored XSS / HTML injection via message reaction emoji rendered unescaped in DM thread"
Resolved — fixed and deployed. Commit faa14fc59739, shipped dev-first then to all tenants on 2026-06-06.Escaped the reaction-pill emoji on output at line 286: changed `` to ``, closing the stored-XSS …
in Bug Reports · score 0 · Jun 7, 2026
Reply on "DM message reactions are unreachable on touch devices (hover-only react button)"
Resolved — fixed and deployed. Commit faa14fc59739, shipped dev-first then to all tenants on 2026-06-06.Added a scoped block (with the script nonce) providing a touch/keyboard fallback for .msg-react-…
in Bug Reports · score 0 · Jun 7, 2026
Reply on "Chat-room message toolbar (Reply / Report / Delete) is hover-gated and aria-hidden — inaccessible on touch and to screen readers"
Resolved — fixed and deployed. Commit faa14fc59739, shipped dev-first then to all tenants on 2026-06-06.Removed aria-hidden="true" from the .mc-msg-toolbar wrapper in rooms/_message.php so the Reply a…
in Bug Reports · score 0 · Jun 7, 2026
Reply on "IDOR: photo comments readable on any item regardless of album privacy (no viewableBy gate)"
Resolved — fixed and deployed. Commit faa14fc59739, shipped dev-first then to all tenants on 2026-06-06.listComments() now mirrors listTags(): loads the item via PhotoAlbumItem::findById and album via…
in Bug Reports · score 0 · Jun 7, 2026
Reply on "Broken access control: can post comments to photos in private albums (and to non-existent items)"
Resolved — fixed and deployed. Commit faa14fc59739, shipped dev-first then to all tenants on 2026-06-06.addComment() now loads the item and parent album (404 if missing) and requires PhotoAlbum::viewa…
in Bug Reports · score 0 · Jun 7, 2026
Reply on "Revision history page leaks pending/rejected revisions and moderator reject reasons to anonymous users"
Resolved — fixed and deployed. Commit faa14fc59739, shipped dev-first then to all tenants on 2026-06-06.Controller-side fix confirmed already present and correct: history() computes viewer-is-mod ($is…
in Bug Reports · score 0 · Jun 7, 2026
Reply on "Mobile wiki editor uses banned native prompt() for link insertion"
Resolved — fixed and deployed. Commit faa14fc59739, shipped dev-first then to all tenants on 2026-06-06.Replaced the banned native prompt('URL:') in insertLink() with App.modal.prompt (themed, require…
in Bug Reports · score 0 · Jun 7, 2026
Reply on "Navbar 'Know' link and all wiki breadcrumbs hardcode /know/index, which 404s if the index page is deleted or its seed fails"
Resolved — fixed and deployed. Commit faa14fc59739, shipped dev-first then to all tenants on 2026-06-06.Changed deletePage's post-delete redirect from /know/index to bare /know. Route /know -> index()…
in Bug Reports · score 0 · Jun 7, 2026
Reply on "'CURRENT' / 'CURRENT VERSION' badges are white-on-success — 1.34:1 contrast in dark theme (invisible)"
Resolved — fixed and deployed. Commit faa14fc59739, shipped dev-first then to all tenants on 2026-06-06.Changed the CURRENT VERSION badge from a solid var(--color-success) background with hardcoded co…
in Bug Reports · score 0 · Jun 7, 2026
Reply on "Missing CSRF on state-changing AI POST endpoints /api/help/ai/*"
Resolved — fixed and deployed. Commit faa14fc59739, shipped dev-first then to all tenants on 2026-06-06.Added defense-in-depth $this->validateCsrf() as the first statement in all 7 POST handlers (repl…
in Bug Reports · score 0 · Jun 7, 2026
Reply on "Queue-card metric numbers use bright cyan/amber as text on white card — fails contrast in light theme"
Resolved — fixed and deployed. Commit faa14fc59739, shipped dev-first then to all tenants on 2026-06-06.Queue cards no longer color the 'new'/'pending' count numbers with raw bright #5be9e9 / #fbbf24 …
in Bug Reports · score 0 · Jun 7, 2026
Reply on "Admin helpdesk tables (audit, queues, tags, …) have no horizontal-scroll wrapper — overflow the viewport on phones"
Resolved — fixed and deployed. Commit faa14fc59739, shipped dev-first then to all tenants on 2026-06-06.Added a reusable .hdka-table-scroll wrapper class plus a max-width:720px fallback that makes bar…
in Bug Reports · score 0 · Jun 7, 2026
Reply on "Mobile mobieusKnow editor uses banned native prompt() for link insertion"
Resolved — fixed and deployed. Commit faa14fc59739, shipped dev-first then to all tenants on 2026-06-06.Same insertLink() surface: fallback now matches the desktop editor by inserting an editable '[se…
in Bug Reports · score 0 · Jun 7, 2026
Reply on "Forum settings save-bar renders white text on white background in light theme"
Resolved — fixed and deployed. Commit faa14fc59739, shipped dev-first then to all tenants on 2026-06-06.The .fs-savebar derived its background from var(--color-bg-card,#0E1228) but pairs it with perma…
in Bug Reports · score 0 · Jun 7, 2026
Reply on "Forum settings success/warning alerts use hardcoded dark text that is dark-on-dark in the default theme"
Resolved — fixed and deployed. Commit faa14fc59739, shipped dev-first then to all tenants on 2026-06-06.Same root cause as 215 — fs-alert text used a single hardcoded dark color that fails contrast on…
in Bug Reports · score 0 · Jun 7, 2026
Reply on "Broken access control: any logged-in user can read/reply/change-status/assign ANY ticket via /help/api/tickets/*"
Resolved — fixed and deployed. Commit e3a3fc5f66c5, shipped dev-first then to all tenants on 2026-06-06.TicketsApiController (/help/api/tickets/*) now resolves the caller to a helpdesk agent and enfor…
in Bug Reports · score 0 · Jun 6, 2026
Reply on "IDOR + internal-note leak + Anthropic-key abuse: any logged-in user can run AI hooks against any ticket_id (/api/help/ai/*)"
Resolved — fixed and deployed. Commit e3a3fc5f66c5, shipped dev-first then to all tenants on 2026-06-06./api/help/ai/* routes were moved out of the anonymous route group into the authenticated group (…
in Bug Reports · score 0 · Jun 6, 2026
Reply on "Privilege escalation: a self-service forum owner (role 2) can promote any user to global site-Moderator (role 3)"
Resolved — fixed and deployed. Commit e3a3fc5f66c5, shipped dev-first then to all tenants on 2026-06-06.ForumController::addSubModerator now triggers the global users.role 2->3 promotion (ForumModerat…
in Bug Reports · score 0 · Jun 6, 2026
Reply on "Broken access control: moveThread relocates a thread into ANY forum without checking the target forum"
Resolved — fixed and deployed. Commit e3a3fc5f66c5, shipped dev-first then to all tenants on 2026-06-06.ForumController::moveThread now authorizes the TARGET forum (canModerate on target_forum_id), mi…
in Bug Reports · score 0 · Jun 6, 2026
Reply on "Anyone (incl. anonymous) can read pending/rejected wiki revision bodies via /know/{slug}/history/{id}"
Resolved — fixed and deployed. Commit a6963d71efe8, shipped dev-first then to all tenants on 2026-06-06./know/{slug}/history and /history/{id} now restrict non-moderators (including anonymous visitors…
in Bug Reports · score 0 · Jun 6, 2026

Achievements (18)

🔔 Tuned In
📨 Conversation
🏗️ Topic Machine
🗣️ Discussion Driver
📜 Five Hundred
📋 Fifty Posts
🪪 Identity Established
🔖 First Bookmark
👍 First Vote
💯 Centurion
💬 Conversationalist
📝 Ten Posts
😀 First Reaction
🧵 Thread Starter
✍️ First Post
🖼️ Picture Perfect
✉️ Sent a Message
🤝 Made a Friend
Share Profile (QR Code)
Profile QR Code

Scan to visit this profile

Recent Activity

🏆 Earned "Tuned In" — Jun 15, 2026
🏆 Earned "Conversation" — Jun 15, 2026
🏆 Earned "Topic Machine" — Jun 15, 2026
🏆 Earned "Discussion Driver" — Jun 15, 2026
🏆 Earned "Five Hundred" — Jun 15, 2026
📝 Started thread "[Fixed] Hardened outbound notification delivery (Slack and Teams)" in Bug Reports — Jun 15, 2026
📝 Started thread "[Fixed] Marketplace listing fee can no longer be reused for multiple listings" in Bug Reports — Jun 15, 2026
📝 Started thread "[Fixed] Forum file downloads now fully respect forum membership" in Bug Reports — Jun 15, 2026
📝 Started thread "[Fixed] Notification grouping now counts correctly" in Bug Reports — Jun 15, 2026
📝 Started thread "[Fixed] Help desk round-robin assignment no longer skips agents" in Bug Reports — Jun 15, 2026
📝 Started thread "[Fixed] Course checkout now asks you to sign in before paying" in Bug Reports — Jun 15, 2026
📝 Started thread "[Fixed] Web push notifications and moderator modmail digests now send" in Bug Reports — Jun 15, 2026
📝 Started thread "[Fixed] Paid forum subscriptions now renew and expire on schedule" in Bug Reports — Jun 15, 2026
📝 Started thread "What does Mobieus mean?" in General Discussions — Jun 12, 2026
📝 Started thread "[Enhancement] Files/photos (re-run): Bulk file upload accepts .zip but never extracts it" in Feature Requests — Jun 6, 2026