Hi!

Well, after having the lousy EasyForum on our website, we decided to migrate to PunBB, but unfortunately, we needed to keep the current users and posts but no migration tool was available. So, we quicky hacked two perl scripts which parse the username database and the thread directory and spit out SQL code. Obviosly it was tailored for our needs and if someone needs to use it, it will need some minor modifying.

But hey, at least they'll have something to start with, which we didn't.

Anyways, here's the code...

Users Migration

#!/usr/bin/perl

open(DATAFILE,"/path/to/-members.php");
$id=9;
while (defined ($line = <DATAFILE>))
{
    chomp $line;
    @parts = split(/:/,$line);
    # $parts[0]; # Username
    # $parts[2]; # Hashed Password
    # $parts[4]; # Email
    # $parts[6]; # Description
    $parts[6]="" if ($parts[6] eq "-");
    $id++;
    $parts[6] =~ s/(['"])/\\$1/g;
    print "INSERT INTO users VALUES($id,4,'$parts[0]','$parts[2]','$parts[4]',NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,0,NULL,NULL,NULL,1,0,0,1,1,1,1,1,1,'Catalan','Oxygen',0,NULL,1189078770,'1.2.3.4',0,NULL,NULL,NULL);\n";
}

Posts Migration

#!/usr/bin/perl

sub get_id
{
    open(USERSFILE,"/path/to/-members.php");
    while (defined ($line2 = <USERSFILE>))
    {
    chomp $line2;
    @parts2 = split(/:/,$line2);
    push @users,$parts2[0];
    }

    $id=9;
    foreach $user (@users)
    {
    chomp $user;
    $id++;
    return $id if (lc($_[0]) eq lc($user));
    }

    return 0;
}

sub thread
{
open(DATAFILE,"/path/to/threads/$_[0]");

$first=1;
$topicid=$_[1];
$num=0;

while (defined ($line = <DATAFILE>))
{
    chomp $line;
    @parts = split(/\:\|\:/,$line);
    $posts_thread++;

    $parts[2] = substr($parts[2],36);
    $parts[2] =~ s/([^\']*).*/$1/g;

    $parts[1] =~ s/'/''/g;
    $parts[3] =~ s/'/''/g;
    $parts[3] =~ s/\<br \/\>/\n/g;
    $parts[3] =~ s/\<i class\=\"s\"\>Modificat.*GMT\<\/i\>//gi;
    $parts[3] =~ s/\<img src.*\/\>//g;
    $parts[3] =~ s/target=\"_blank\"//g;
    $parts[3] =~ s/<i>([^\>]*)<\/i>/\[i\]$1\[\/i\]/gi;
    $parts[3] =~ s/<b>([^\>]*)<\/b>/\[i\]$1\[\/i\]/gi;
    $parts[3] =~ s/<a href="([^\"]*)"\s?>(.*?)<\/a>/\[url=$1]$2\[\/url\]/gi;
    $parts[3] =~ s/\n{3,}/\n/g;

    if ($first)
    {
    $creator = $parts[2];
    $topictitle = $parts[1];
    $creationtime = $parts[0];
    $first=0;
    $creatorid = get_id($creator);
    }
#  $parts[0]; # Time
#  $parts[1]; # Topic Title
#  $parts[2]; # User
#  $parts[3]; # Text
#  $parts[5]; # IP
    
    $postid++;
    $num++;
    $userid = get_id($parts[2]);

    $posts[$userid]++;
    $lpt[$userid]=$parts[0];
    
    $maxuserid=($userid>$maxuserid)?$userid:$maxuserid;
    print "INSERT INTO posts VALUES($postid,'$parts[2]',$userid,'$parts[5]',NULL,'$parts[3]',0,$parts[0],NULL,NULL,$topicid);\n";
    $totalposts++;
}
$views=$num+int(rand($num))+5;
print "INSERT INTO topics VALUES($topicid,'$creator','$topictitle',$creationtime,$parts[0],$postid,'$parts[2]',$views,$num,0,0,NULL,1);\n";
}

$thread=3;
$postid=10;

$dirname="/path/to/threads/";

opendir(DIR, $dirname) or die "can't opendir $dirname: $!";
while (defined($file = readdir(DIR)))
{
    push @filesu,$file;

}
closedir(DIR);
@files = sort { $a <=> $b } @filesu;

foreach $file (@files)
{
    if ($file =~ /^2007/)
    {
    thread($file,$thread,$post);
    $thread++;
    $numthreads++;
    }
}

for ($i=0; $i<$maxuserid; $i++)
{
    print "UPDATE users set num_posts = $posts[$i] where id = $i;\n" if ($posts[$i]>0);
    print "UPDATE users set last_post = $lpt[$i] where id = $i;\n" if ($lpt[$i]>0);
}

print "UPDATE forums set num_topics = $numthreads where id = 1;";
print "UPDATE forums set num_posts = $totalposts where id = 1;";

Yes, it worked smile

Thanks Smartys, e-axe.

I see that in register.php, the SQL query performed to check against exactly this behaviour is converting to uppercase before comparing, but not in the equivalent post.php section.

I wrote that waay too late last night without checking enough.

I thought PunBB wasn't case-sensitive, but, as it turns out, it is. At least on my 1.2.15 installation with an SQLite Database.

So, all users are affected by this. Guests can post with a registered username if they use another caps combination on the name.

What's wrong here?

In my PunBB setup, the Administrator account is named "Admin". I recently discovered that users can post guest messages using "admin" as their name, although using similar names to any other registered user will result in the usual "user too similar" error.

Is this behaviour normal? How can I prevent it?

Thanks!