I just made a comment in a previous post about phpBB vs. SMF where a user mentioned the pains that we all go through when upgrading phpBB. I commneted that I cannot actually compare upgrade procedures between the two packages because from the first install of SMF a new version hasn't come out.

And here comes the irony: SMF 1.1 RC 2 is out today.

After scanning through the upgrade procedures, it doesn't look like anywhere near the horrors of upgrading phpBB. They say that there may be some issues with previous themes, which they gave a fix for. I haven't tried the upgrade yet, but from all reports it only invloves uploading some files, changing some permissions and then running a step by step script. The only file editing I see is to fix old themes.

Here goes another notch in the belt for SMF. Right now, phpBB is quickly fading for me.

[tags]SMF, phpBB, forum, bulletin board[/tags]

Popularity: 13%

Share This

After all the security issues with phpBB 2.0.18, version 2.0.19 is finally out.

phpBB Group announces the release of phpBB 2.0.19, the "we wish you all a happy new year" release. This release addresses several bugfixes and some security issues only affecting Internet Explorer. Additionally we introduced a new feature to limit the number of logins. The admin is able to configure this feature on two ways, defining the number of maximum allowed logins and setting a time period after the user is allowed to login again. With this feature we hope to address the recent dictionary attacks happening on some forums to crack user passwords.

As with all new releases we urge you to update as soon as possible. You can of course find this download available on our downloads page. As per usual four packages are available to simplify your update.

• Full Package
  Contains entire phpBB2 source and English language package
• Changed Files Only
  Contains only those files changed from previous versions of phpBB. Please note this archive contains changed files for each previous release
• Patch Files
  Contains patch compatible patches from the previous versions of phpBB.
• Code Changes
  Contains step-by-step instructions in MOD format for updating heavily MODified installs

Popularity: 17%

Share This

We have a new exploit for phpBB. Just when you thought you were safe:

Description:
Maksymilian Arciemowicz has discovered a security issue in phpBB, which can be exploited by malicious people to conduct script insertion attacks.

Input passed in the message body when posting isn't properly sanitised before being used. This can be exploited to inject arbitrary JavaScript code, which will be executed in a user's browser session in context of an affected site when the malicious post is viewed.

Example:
H E L O

Successful exploitation requires that "Allow HTML" is enabled (not default setting).

It is also possible to disclose the full path to "admin/admin_disallow.php" by accessing it directly with the "setmodules" parameter set to "1" (requires that "register_globals" is enabled).

The security issue has been confirmed in version 2.0.18. Other versions may also be affected.

Solution:
Set "Allow HTML" to "No".

source

Popularity: 18%

Share This

We all know that phpBB is prone to a number of security risks. People used to use Google (among other search engines) and search for "phpbb" to find a list of phpBB sites and try their exploits on them. The phpBB development team addressed this problem a couple versions before. They stopped displaying the version number in the footer of the forum.

Right now, Google has out right blocked the entire search. Take a look:

We're sorry...

... but we can't process your request right now. A computer virus or spyware application is sending us automated requests, and it appears that your computer or network has been infected.

We'll restore your access as quickly as possible, so try again soon. In the meantime, you might want to run a virus checker or spyware remover to make sure that your computer is free of viruses and other spurious software.

We apologize for the inconvenience, and hope we'll see you again on Google.

Popularity: 11%

Share This

Here is an addition to my previous post on phpBB skins.

WebsiteTemplates.com.au claim to be offering phpBB skins but I've searched for some on their website and haven't been able to find them yet. I'm wondering what took everyone so long to start offering templates from phpBB. This is another score for Open Source in my book.

Popularity: 16%

Share This

Guess who's doing phpBB templates now. Yep, our friends over at TemplateMonster.com are now doing phpBB 2 templates. These templates include the actual templates files, PSD files with the graphics, fonts and icons.

From Web Hosting News:

“We are always glad to support Open Source projects, especially those of them which are of great popularity thus adding additional value to them??? says Gary Nichols, head of marketing at template Monster. “We already have templates for the Open Source projects like PHP-Nuke and osCommerce. Now we enlarge our product database with skins for phpBB. We believe that not only our customers will benefit from this but the project itself.???

They only have four templates right now, ranging from $45 to $49, but they are planning to expand.

Popularity: 10%

Share This

A blog entry at Ask MetaFilter stirs up an interesting comparison, one which I should have covered a long time ago since it directly affects the way I work.

I'm not trying to stir up a Windows vs. Unix type debate but am interested in your thoughts and experiences, either as an administrator or user.

Personally, I feel that both of these are very powerful forum packages, but let me just mention that vBulletin is and always will be the best and preferred forum software. However, we're doing the whole free thing, so let's not even go into the costs of vBulletin. Let's focus on the two free packages, phpBB and Simple Machines SMF. I have

I have been doing a lot of advanced work on a phpBB forum for over a year now, but I recently stumbled upon SMF. I was setting up a new website in the Joomla CMS for which I needed to have a forum integrated. It was easy enough to integrate the template so that it looks seamless, but I was also looking for a way to integrate the user database of both phpBB and Joomla. At the time their were no components around to do so, but there was a component to integrate SMF with Joomla, therefore I decided to give SMF a try. These are my observations after using both and doing a little bit of research:

Popularity: 50%

Share This

A Halloween special edition of phpBB has been released today. The changelog includes, but is not limited to:

[Fix] incorrect handling of password resets if admin activation is enabled (Bug #88)

[Fix] retrieving category rows in index.php (Bug #90)

[Fix] improved index performance by determining the permissions before iterating through all forums (Bug #91)

[Fix] wrong topic redirection after login redirect (Bug #94)

[Fix] improved handling of username lists in admin_ug_auth.php (Bug #98)

[Fix] incorrect removal of bbcode_uid values if bbcode has been turned off (Bug #100)

[Fix] correctly preview signature if editing other users posts (Bug #101)

[Fix] incorrect alt tag on generated search images in groupcp.php, viewtopic.php and usercp_viewprofile.php (Bug #102)

[Fix] consistent forum ordering in all dropdown boxes (Bug #106)

Popularity: 12%

Share This