phpBB 2.0.15

The 2.0.x discussion forum has been locked; this will remain read-only. The 3.0.x discussion forum has been renamed phpBB Discussion.
Ms Givings
Registered User
Posts: 17
Joined: Tue Feb 22, 2005 10:44 pm

phpBB 2.0.15

Post by Ms Givings »

Am I the only long-term user of phpBB who is getting just a little fed up of all these bloody updates?

We have now had four updates in just over four months and each time those of us who have mods must spend hours re-patching the same files over and over again and then testing functions to see if they still work properly. I shudder to think what it must be like for those who have not a few dozen mods as we do, but hundreds.

Now I'm not stupid. I do realise and appreciate that these changes are only made when necessary but I do wonder if the developers have adequately considered the impact on users of this many updates in so short a time?

I will apply the 'security fix' as detailed in the email I got as that is relatively straightforward but I won't be updating our board to 2.0.15 because I simply don't have the time to apply all our mods all over again after having gone through the same exercise less than a month ago!

If this continues, I shall simply stop using phpBB and go over to another board like Invision. Frankly it would be cheaper for me to pay for that than spend the hours I have so far this year patching our board. Which would be a real damn shame because I love phpBB and have the greatest respect for the developers. But you are not doing yourselves any favours by churning out updates like they're going out of fashion.

OK - rant over, how many other people agree with me? ;-)

I also have a question. We already protect our ACP by password-protecting the admin folder on the server (which is different to any of our admin login usernames or passwords). Do we need the admin re-authentication fix at all?
Miranda
a fool and his honey are soon parted

User avatar
MHobbit
Former Team Member
Posts: 4761
Joined: Thu Mar 18, 2004 5:32 pm
Location: There and Back Again

Post by MHobbit »

Am I the only long-term user of phpBB who is getting just a little fed up of all these bloody updates?


Er... do you want the security updates or not? You're not being forced to upgrade, unless you want to seek support here...
Former phpBB MOD Team member
No private support is offered.
"There’s too many things to get done, and I’m running out of days..."

hartshill
Registered User
Posts: 104
Joined: Fri Aug 06, 2004 5:42 pm
Location: UK
Contact:

Post by hartshill »

don't have the time to apply all our mods all over again after having gone through the same exercise less than a month ago!

Can't you just use the code changes?

DmcMan
Registered User
Posts: 48
Joined: Sat Jan 01, 2005 5:23 am

Post by DmcMan »

I agree with you but bugs need to be fixed. Lets put it this way, I'd rather be inconvenienced with the updates than have no updates at all.

Pezzoni
Registered User
Posts: 706
Joined: Sat Nov 16, 2002 8:25 pm
Contact:

Post by Pezzoni »

Would you rather that:
The phpBB team patched critical problems as soon as possible, so nobody is vulnerable to attack, as they do now.
or
They leave thousands of sites open to attack, so they can wait for a few more bugs / security problems to appear to make a patch substantial enough?

In fact, in both of those cases, you'd spend equal ammounts of time updating your forum, just all at once, instead of them being spread out.

Updating isn't a problem in any case - It took me less than 60 seconds using easymod to apply the changes to my modified forum.

oliversl
Registered User
Posts: 33
Joined: Mon Mar 21, 2005 7:36 am

Post by oliversl »

I agree with you, and I'm not flamming PHPBB.
This security issues remember me of sendmail, when it have too many security issues. Later, they solve it but a large user base was migrated
to qmail and postfix.

Maybe someone will be tired of the security issues and write a new BB in
php. This happend before ...

Meanwhile, I'm stick in 2.0.13, and everytime a new patch comes I worry to
update to it. This happend the security issue that let hackers with full DB
access and admin login in php 2.0.12(I think, maybe it was 2.0.11)

Oliver

aghastpumpkin
Registered User
Posts: 8
Joined: Sat May 07, 2005 11:33 am
Location: UK
Contact:

Post by aghastpumpkin »

How out are you?
No offence but your using a totally free php add on and your complaining because they want to help you improve it and fix bugs?:roll:

I find that kinda of funny. :D

I'm very grateful that I can get patches. I don't think I will be one of those who is constantly hunting for new ones, but when important new fixes come then I will download them. Common Sense This Way:arrow: :arrow: :arrow:
www.internationaldebateforum.com

Talk about....anything

User avatar
MHobbit
Former Team Member
Posts: 4761
Joined: Thu Mar 18, 2004 5:32 pm
Location: There and Back Again

Post by MHobbit »

oliversl wrote: I agree with you, and I'm not flamming PHPBB.
This security issues remember me of sendmail, when it have too many security issues. Later, they solve it but a large user base was migrated
to qmail and postfix.

Maybe someone will be tired of the security issues and write a new BB in
php. This happend before ...

Meanwhile, I'm stick in 2.0.13, and everytime a new patch comes I worry to
update to it. This happend the security issue that let hackers with full DB
access and admin login in php 2.0.12(I think, maybe it was 2.0.11)

Oliver


Er... why didn't you upgrade to 2.0.14 (or rather, 2.0.15 now that it's out)? How are you "stuck" with 2.0.13 when there are so many ways to upgrade? Just remember, when you get hacked, it's none of ours' fault. :wink:
Former phpBB MOD Team member
No private support is offered.
"There’s too many things to get done, and I’m running out of days..."

User avatar
bonelifer
Community Team Member
Community Team Member
Posts: 3492
Joined: Wed Oct 27, 2004 11:35 pm
Name: William
Contact:

Post by bonelifer »

Maybe Ms.Givings you should really think, would IPB actually make it exploits known. The answer is no. They are a paid software and know that people like self are ignorant enough to have exactly the mind set you have. Apparently you know nothing of programming.
Last edited by bonelifer on Sat May 07, 2005 8:16 pm, edited 1 time in total.

Graham
Former Team Member
Posts: 8462
Joined: Tue Mar 19, 2002 7:11 pm
Location: UK
Contact:

Post by Graham »

You know, I find threads such as this quite funny.

If we don't put out regular updates, we get people complaining that we don't fix bugs.
If we put out updates, we get people complaining that they have to update their board.

So you see, we can't win.

However you are mistaken if you think any other software has less updates. All the main forum software has had a similar number of (or more) releases this year compared to phpBB
"So Long, and Thanks for All the Fish"

phpBB Useful Links: Knowledge Base | Userguide | Forum Search | MOD Database | Styles Database
My Links: Blog!

aghastpumpkin
Registered User
Posts: 8
Joined: Sat May 07, 2005 11:33 am
Location: UK
Contact:

Post by aghastpumpkin »

:P You've been owned!

Do it. Or dig yourself into an even deeper hole.
www.internationaldebateforum.com

Talk about....anything

User avatar
bonelifer
Community Team Member
Community Team Member
Posts: 3492
Joined: Wed Oct 27, 2004 11:35 pm
Name: William
Contact:

Post by bonelifer »

aghastpumpkin wrote: :P You've been owned!

Do it. Or dig yourself into an even deeper hole.



Owned? Are you 10 years old? Seriously.

User avatar
stickerboy
Former Team Member
Posts: 7349
Joined: Mon Mar 29, 2004 2:27 pm
Location: Airdrie, UK (127.0.0.1)
Name: Kenny Cameron
Contact:

Post by stickerboy »

Graham wrote: You know, I find threads such as this quite funny.

If we don't put out regular updates, we get people complaining that we don't fix bugs.
If we put out updates, we get people complaining that they have to update their board.

So you see, we can't win.

However you are mistaken if you think any other software has less updates. All the main forum software has had a similar number of (or more) releases this year compared to phpBB

same here.
I don't mind updates. Never had a problem with a MOD not working afterwards. Just do it mate, you'll be glad you did in the end ;)
I'm a web-designing code-decrypting tech-support musician
|| Twitter || Flickr || phpBB Snippets ||
Formerly known as cherokee red

aghastpumpkin
Registered User
Posts: 8
Joined: Sat May 07, 2005 11:33 am
Location: UK
Contact:

Post by aghastpumpkin »

:?
www.internationaldebateforum.com

Talk about....anything

oliversl
Registered User
Posts: 33
Joined: Mon Mar 21, 2005 7:36 am

Post by oliversl »

MennoniteHobbit wrote:
oliversl wrote:I agree with you, and I'm not flamming PHPBB.
This security issues remember me of sendmail, when it have too many security issues. Later, they solve it but a large user base was migrated
to qmail and postfix.

Maybe someone will be tired of the security issues and write a new BB in
php. This happend before ...

Meanwhile, I'm stick in 2.0.13, and everytime a new patch comes I worry to
update to it. This happend the security issue that let hackers with full DB
access and admin login in php 2.0.12(I think, maybe it was 2.0.11)

Oliver


Er... why didn't you upgrade to 2.0.14 (or rather, 2.0.15 now that it's out)? How are you "stuck" with 2.0.13 when there are so many ways to upgrade? Just remember, when you get hacked, it's none of ours' fault. :wink:


I'm stuck in 2.0.13 because:
- no one hacked my 2.0.13, and there is a big chance someone will
hack 2.0.14
- I decided to wait too see if there was a problem with 2.0.14,
it happens, 2.0.15 is out
- I have my phpbb installation modified, don't want to modify the source
every 2 weeks
- I got traumatized by previous security bugs :D

But I will upgrade to 2.0.15, eventually ;) Don't worry

Cheers,
Oliver

Locked

Return to “2.0.x Discussion”