SMF 1.1 RC 2 Is Out!

I just made a comment in a previous post about phpBB vs. SMF where a user mentioned the pains that we all go through when upgrading phpBB. I commneted that I cannot actually compare upgrade procedures between the two packages because from the first install of SMF a new version hasn’t come out. And here comes the irony: SMF 1.1 RC 2 is out today. After scanning through the upgrade procedures, it doesn’t look like anywhere near the horrors of upgrading phpBB.

phpBB 2.0.19 released

After all the security issues with phpBB 2.0.18, version 2.0.19 is finally out.

phpBB Group announces the release of phpBB 2.0.19, the “we wish you all a happy new year” release. This release addresses several bugfixes and some security issues only affecting Internet Explorer. Additionally we introduced a new feature to limit the number of logins. The admin is able to configure this feature on two ways, defining the number of maximum allowed logins and setting a time period after the user is allowed to login again. With this feature we hope to address the recent dictionary attacks happening on some forums to crack user passwords.

As with all new releases we urge you to update as soon as possible. You can of course find this download available on our downloads page. As per usual four packages are available to simplify your update.

  • Full Package

    Contains entire phpBB2 source and English language package

  • Changed Files Only

    Contains only those files changed from previous versions of phpBB. Please note this archive contains changed files for each previous release

  • Patch Files

    Contains patch compatible patches from the previous versions of phpBB.

  • Code Changes

    Contains step-by-step instructions in MOD format for updating heavily MODified installs

phpBB “Allow HTML” Script Insertion Security Issue

We have a new exploit for phpBB. Just when you thought you were safe: Description: Maksymilian Arciemowicz has discovered a security issue in phpBB, which can be exploited by malicious people to conduct script insertion attacks. Input passed in the message body when posting isn’t properly sanitised before being used. This can be exploited to inject arbitrary JavaScript code, which will be executed in a user’s browser session in context of an affected site when the malicious post is viewed.

Google Blocks phpBB Searches

We all know that phpBB is prone to a number of security risks. People used to use Google (among other search engines) and search for “phpbb” to find a list of phpBB sites and try their exploits on them. The phpBB development team addressed this problem a couple versions before. They stopped displaying the version number in the footer of the forum. Right now, Google has out right blocked the entire search.

phpBB Skins from

Here is an addition to my previous post on phpBB skins. claim to be offering phpBB skins but I’ve searched for some on their website and haven’t been able to find them yet. I’m wondering what took everyone so long to start offering templates from phpBB. This is another score for Open Source in my book.

phpBB Skins from TemplateMonster

Guess who’s doing phpBB templates now. Yep, our friends over at are now doing phpBB 2 templates. These templates include the actual templates files, PSD files with the graphics, fonts and icons. From Web Hosting News: “We are always glad to support Open Source projects, especially those of them which are of great popularity thus adding additional value to them??? says Gary Nichols, head of marketing at template Monster.

phpBB vs. SMF

A blog entry at Ask MetaFilter stirs up an interesting comparison, one which I should have covered a long time ago since it directly affects the way I work.

I’m not trying to stir up a Windows vs. Unix type debate but am interested in your thoughts and experiences, either as an administrator or user.

Personally, I feel that both of these are very powerful forum packages, but let me just mention that vBulletin is and always will be the best and preferred forum software. However, we’re doing the whole free thing, so let’s not even go into the costs of vBulletin. Let’s focus on the two free packages, phpBB and Simple Machines SMF. I have

I have been doing a lot of advanced work on a phpBB forum for over a year now, but I recently stumbled upon SMF. I was setting up a new website in the Joomla CMS for which I needed to have a forum integrated. It was easy enough to integrate the template so that it looks seamless, but I was also looking for a way to integrate the user database of both phpBB and Joomla. At the time their were no components around to do so, but there was a component to integrate SMF with Joomla, therefore I decided to give SMF a try. These are my observations after using both and doing a little bit of research:

phpBB 2.0.18 released

A Halloween special edition of phpBB has been released today. The changelog includes, but is not limited to:

[Fix] incorrect handling of password resets if admin activation is enabled (Bug #88)

[Fix] retrieving category rows in index.php (Bug #90)

[Fix] improved index performance by determining the permissions before iterating through all forums (Bug #91)

[Fix] wrong topic redirection after login redirect (Bug #94)

[Fix] improved handling of username lists in admin_ug_auth.php (Bug #98)

[Fix] incorrect removal of bbcode_uid values if bbcode has been turned off (Bug #100)

[Fix] correctly preview signature if editing other users posts (Bug #101)

[Fix] incorrect alt tag on generated search images in groupcp.php, viewtopic.php and usercp_viewprofile.php (Bug #102)

[Fix] consistent forum ordering in all dropdown boxes (Bug #106)