Posted by Kellanved in Development, Moderating, Modifications, Styles, Support with the tags 3.0.6, CAPTCHAs, MODs, Styles on June 27th, 2009
You probably have already heard about it: the next release will include a host of new features. This post will present one of them in detail, showing the idea and the impact on users, style and MOD authors.
Most admins are experiencing problems with spam, which is taking away lots of energy that would be better spent on the enjoyable parts of administrating a community. We tried our best in the arms race against spambot programmers, but have to admit failure with our previous approach. Since 3.0.x became as popular as it is, any default visual confirmation gets broken almost instantly. After long discussion in and outside the teams, we came to the conclusion that diversity is the answer: every board admin should be able to use a non-default anti-bot measure without it being a pain. Read the rest of this entry »
No Comments »
Posted by naderman in Development with the tags Community, Contributing, Development, Junior Developers, phpBB, SVN on June 17th, 2009
phpBB is continuing its process of opening up the development process. After an internal trial phase we have now opened up the Junior Developer Team to regular members of our community. An increasing amount of people involved in phpBB development should both speed up the development and improve quality.
Read the rest of this entry »
4 Comments
Posted by Acyd Burn in Development, Modifications, Styles with the tags Community, Development, Features, phpBB on June 10th, 2009
Here we are. phpBB 3.0.5 got released and work on phpBB 3.0.6 began. Previously, we concentrated on fixing bugs and only introduced tiny new features. This time, phpBB 3.0.6 will be a “feature” release, packed with numerous new, cool, stunning, breath-taking… err, just new features. 
We will now tell you which new features are planned for 3.0.6 and what style authors and modders need to take care of.
Read the rest of this entry »
No Comments »
Posted by battye in Development, Moderating, Modifications, Styles, Support with the tags phpbb blog on April 14th, 2009
I touched on this in an article at my own site last month, but it is worth mentioning here as well.
This blog currently covers a wide range of topics relating to how to run your forum (How many forums should I create?, How Many Moderators Do You Really Need?, etc), to technical aspects about phpBB and MODs (Injection Vulnerabilities, Templating just got easier, etc) and even general posts about the phpBB project itself (Talkin bout Area51, Londonvasion Re-Cap – phpBB Ascraeus, etc). We would like some feedback from the community to get an idea about the sort of things you would like to read in the blog posts.
Our questions to you is: are there any topics in particular you would like to see posted in the blog? Are there other categories of articles (besides the ones mentioned above) which we need to focus on more?
Please give us your feedback by replying in the comments box below.
Thanks!
34 Comments
Posted by battye in Development with the tags area51, history, phpBB, SVN, Website on February 25th, 2009
No! I’m not talking about military bases or U.S. conspiracy theories, but rather phpBB’s very own Area51 – http://area51.phpbb.com
Area51 is phpBB’s official testing ground, and as stated on the site it is the home of “bleeding edge developmental code”. The site was established in 2001 – the brainchild of psoTFX, the former leader of the development team, in order to have a local installation of phpBB that they could test in a real life situation. With the main phpBB.com forum obviously out of the question, Area51.phpbb.com can be used so that the developers can see how the latest code is holding up with many concurrent users online, without fear of users becoming annoyed if certain features aren’t working (which I will touch on in a minute).
Area51 boasts the unique feat of hardly changing at all and always changing at the same time.
Read the rest of this entry »
9 Comments
Posted by TerraFrost in Development, Modifications with the tags Development, phpBB, Security on February 12th, 2009
Notice
Some websites have claimed this article discloses an “injection vulnerability” in phpBB. It does not. What this post actually does is provide an overview of vulnerabilities commonly introduced by third-party modifications to phpBB and discusses what the authors of said modifications need to do to protect their code against attack.
Despite being among the easiest of vulnerabilities to understand, injection vulnerabilities are also among the most common. For most users, they will simply manifest themselves as an error when select characters are used, but a sufficiently adept user may be able to take that error and exploit it to their advantage.
To prevent this from happening, one needs to properly sanitize all user definable variables. Unfortunately, the way one properly sanitizes a variable depends on where it’s being used. In this post, we’ll discuss how to sanitize variables for use in SQL queries and in HTML, in general and in phpBB3, and we’ll discuss what can happen if proper sanitization isn’t used.
Read the rest of this entry »
21 Comments
Posted by Kellanved in Development, Modifications with the tags Development, MODs, Security on January 14th, 2009
Cross-Site-Request-Forgery, short CSRF, is a type of vulnerabilities that gets more and more attention. The concept can be translated as “tricking the browser into automatically performing some action using the user’s privileges”. Let’s see what phpBB does about it.
Read the rest of this entry »
22 Comments
Posted by Kellanved in Development, Modifications, Styles, Support with the tags Internet Explorer, Security, Uploads on October 25th, 2008
Recently we got many bug reports about problems with the IE8 beta browsers. The problem is that we cannot accommodate beta browsers in our software – the next beta will break our adjustments. But why have we chosen to include some other IE8 features? The answer is simple: security
This post will give you insights into one of the more obscure security implications of file uploads.
Read the rest of this entry »
38 Comments
Posted by Acyd Burn in Development with the tags ascraeus, Development, Londonvasion, milestone listing on September 19th, 2008
Hi,
I think it is time to write about the presentations we (the developers) gave at Londonvasion revealing the planned features in the upcoming version of phpBB – codenamed Ascraeus.
Please do not take anything mentioned within this blog post as guaranteed. There may be changes, some things may not evolve at all, some may be changed completely. But yeah, this is the current state of planning.
Read the rest of this entry »
31 Comments
Posted by Highway of Life in Development, Modifications, Styles with the tags Contributing, Documentation, wiki on September 9th, 2008
If you have not yet read the phpBB Wiki Announcement or have not followed the discussion topic. I would encourage you to do so and take a look at the new development wiki:
http://wiki.phpbb.com
What is a Wiki and what can I do with it?
A Wiki is a type of website that allows the users and visitors to add, remove, and edit the available content. — Anyone who is interested in working with the phpBB Codebase, from website administrators who want to integrate phpBB into their site, or create a quick-script, to bridge or application developers to bridge phpBB with their application, to MOD Authors. The wiki is for those who want to learn more about the phpBB Codebase or simply have a question about how to do something or how something works within phpBB.
The wiki is also a great way to learn about how to begin programming in PHP/phpBB and developing a MOD.
Read the rest of this entry »
5 Comments