You seem to mean GDPR.
Except of being able to import user data: yes.
Yes: by design phpBB will show PMs only to its senders and recipients, never to unrelated users.
If by that you mean HTTPS: no, never - securing the network transport is unbound to securing a software.
phpBB has this option already, as well as having the option to erase all posts related to an account. See the manual 220.127.116.11: Prune users.
phpBB never did this to guests, but members can always see other member's posts, their post count and their last activity time - like yours.
GDPR is aimed at helping consumers or named people, whereas bulletin boards like phpBB nowhere store names, only pseudonyms. Those few installations which aggregate all the data for further purposes can only do this based on IP addresses and e-mail addresses. Effectively encrypting posts would result in not being able to search the board anymore. Exporting your own data is easy - just search your own posts.
Yes, I known it, but can I keep these posts in data base or have to erase it thogether with user account? What is GPDR compatible?tojag wrote: ↑
Sat Apr 22, 2017 9:20 pm
Will it be able to keep posts after user opt out of the forum?
AmigoJack wrote:phpBB has this option already, as well as having the option to erase all posts related to an account. See the manual 18.104.22.168: Prune users.
GPDR requires that you do not use the nickname/pseudonym of the user who closed the account. I would like to change the authors of such posts to "Anonymous". I think I have thousands of posts from closed accounts (my forum has over 500 000 posts), where the user name has remained unchanged. Do I have to use SQL commands directly in the database? How do I find out there posts unrelated to any active account?AmigoJack wrote:GDPR is aimed at helping consumers or named people, whereas bulletin boards like phpBB nowhere store names, only pseudonyms.
Yes. No. Read again: those are options, both is possible.
Both, as the user can choose.
That's not yet possible - you could delete an account and retain the posts, which means the posts will only have a textual username and no author ID anymore - afterwards you'd have to do i.e. this:
Code: Select all
UPDATE phpbb_posts SET post_username= '' WHERE post_username='name of deleted account';
If by that you mean to find all posts that are not associated to any account (anymore), then run:
Code: Select all
SELECT post_id, poster_id, post_username FROM phpbb_posts WHERE poster_id= 1 OR post_username<> '';
You can change the username to "JamesBond006" and then delete the account. The next one would be 007, of course. And so on.
I’m not sure that’s true but you can certainly find information via Windows command line, does that mean all the OS’s will need re-writing? How about components (hardware) that have IP addresses?
I don't really see how this sentence require anyone to do anything. It mentions encryption as one of the possible solutions, at least that is my understanding.silenus wrote: ↑Tue Mar 06, 2018 9:50 amGDPR requires to encrypt personnal data. Actually phpBB encrypt only passwords.
"(83) In order to maintain security and to prevent processing in infringement of this Regulation, the controller or processor should evaluate the risks inherent in the processing and implement measures to mitigate those risks, such as encryption."
GDPR wrote:Natural persons may be associated with online identifiers provided by their devices, applications, tools and protocols, such as internet protocol addresses, cookie identifiers or other identifiers such as radio frequency identification tags. This may leave traces which, in particular when combined with unique identifiers and other information received by the servers, may be used to create profiles of the natural persons and identify them.