PunBB Home

As you might have noticed, the PunBB website is in the process of moving under the domain informer.com. The website informer.com (and its subdomains like feed.informer.com) is owned and run by the folks who own the PunBB project. Moving the PunBB website under the informer.com domain is a way for our benefactors to promote their other services to the PunBB community and to promote PunBB to users of their other services. The move does not affect the project in any other way, including GPL terms.

The move does however mean that you will have to re-login since the old cookie isn't valid for this domain. Hopefully, this won't cause too much trouble.

PS. Personally, I have been feeling a little under the weather lately. I guess the stress of taking on too much work is finally taking its toll. Hopefully, I will be able to get back in the game soon. Meanwhile, I am told that the work on 1.3 is in its final stages (as in weeks to go). Coinciding with the release will be a bunch of new extensions.

Posted by Rickard on 2008-04-29 01:32 | Comments

Keeping true to our promise of providing security updates for the 1.2 branch even though our focus right now surely is on 1.3, it is my pleasure to announce the release of PunBB 1.2.17. This update addresses two rather serious security vulnerabilities as well as a couple of other minor fixes and annoyances. PunBB 1.2.17 is a recommended update for all 1.2 installs.

Important! One of the vulnerabilities that were dealt with in 1.2.17 have to do with something called the cookie seed. The changes in 1.2.17 should protect you from the vulnerability, but we still recommend that you make one minor change to your installation to further harden your forum from attacks. To make the change, open up config.php and look for something along the lines of:

$cookie_seed = '5b16024c';

The seemingly random characters within single quotes will differ in your install. Now, either replace the random characters entirely or add a few extra characters to the end and/or the beginning of the string. You can use any characters you like. Avoid the single quote character though. When you're done, save and upload the file to your forum installation. The change will require users to re-login, but apart from that, everything should be the same.

Thanks to all the people who reported bugs and security problems.

Posted by Rickard on 2008-02-19 17:35 | Comments

I just exported, zipped and uploaded revision 1400 of the 1.3 tree to the download folder. That's right, ladies and gentlemen, it's time for bug crunching! Download PunBB 1.3 Beta.

Here are a few notes of interest to all potential beta testers:

1. This is a beta (and not in the Google sense of the word), so don't expect everything to work perfectly. There are bugs. Don't replace your production server install with this just yet.

2. The documentation is a bit lacking at the moment (which in turn is a bit of an understatement :D). An overhauled version of the 1.2 documentation is in the pipeline. Included in this, among other things, is a short manual aimed at extension developers.

3. Speaking of extensions, please dig into and tinker with the extension system. We appreciate any comments, thoughts or ideas you have on the subject. In particular, we are interested in requests for new hooks. We are aware that, even though the code currently contains a great number of hooks, there is need for more.

4. Another area of interest is the greatly improved update script. In PunBB 1.3, we are aiming for full UTF-8 compatibility. In order to accommodate this, the update script now does character set conversion to make sure as much as possible of existing content can be transferred over into valid UTF-8. This process is quite complex and the number of variations of characters sets out there is more or less infinite. Please put the update script through its paces. In order to realize proper UTF-8 support, we had to bump the MySQL requirement to 4.1.2. Hopefully, this shouldn't affect too many of you.

5. As you might have realized, virtually every line of code and markup has been affected by the move to 1.3. What this means is that existing language packs are useless in 1.3. When the time comes for 1.3 final, it would be great to have a few additional languages available for download on the website. We would however appreciate if you could give us a few more days to tidy up some of the language files before you start. The new admin language file in particular, is a mess at the moment.

I think that about covers it for now. Please try to keep all discussions relating to the beta in the new 1.3 Beta talk.

Enjoy!

Edit: I've uploaded a zip file containing some simple example extensions for you to play with. Nothing fancy, but at least, you'll have something to base your own extensions on.

Posted by Rickard on 2008-01-29 17:41 | Comments