I migrated a PhpBB to PunBB some time ago, but I didn't use a script - I just did those INSERT ... SELECT statements by hand. It wsn't too difficult since the database structures were almost the same for both forums.


(3 replies, posted in Discussions)

My personal experience is that as long as spammers don't target you specifically, any forum can be made spam-free by somewhat modifying the default code. I don't even remember the last time I had to delete spam from one of my forums, and I have yet to delete the first spam from the other one (both forums are PunBB, but I had similar results with PhpBB).

Yes. Did it myself. If you search the forums, you will even find a post of mine where I published an extension that can be used as a basis for this task.

timwasson wrote:

I am very interested to see how other people are implementing PunBB functionality across different CMSes.

I did it the other way around - I replaced all PunBB code that queries its users table or deals with user authentication to instead use the code of our CMS. Even made an extension out of it, although that extension needs heavy modification for other CMS's. Search the forums here, I posted it somewhere.

$result_com_from = mysql_db_query($database, "SELECT * FROM forum_users WHERE id = '".$logged_in_info[0]."'") or die (mysql_error());

This is BEGGING for a hack. At least use


instead of


That's pretty much what I had in mind, yes. I would check that database to make sure the password matches, though.

Yes, it is possible.

You will need to mimic the session code from PunBB in your CMS.

Personally, I would first move the forum to the new server, then (after I've checked that the forum works fine) upgrade it.


(4 replies, posted in PunBB 1.3 extensions)

KeyDog wrote:

Best/most expensive option is to have your own server in a secure building. But I'm guessing that's out of your budget...

Not only "best" and "most expensive", but also "the only functional".


(4 replies, posted in PunBB 1.3 extensions)

You can encrypt everything, with a lot of work, but it will be useless - the webhost will always be able to access the original data. If you want to protect your data from your webhost, you need to host your website yourself, from a computer nobody else can physically access.


(24 replies, posted in News)

Merging databases is always a problem, with just about every software that uses databases.


(30 replies, posted in News)

tonyuk wrote:

How stable is PunBB.

Never had a problem with PunBB's stability.

Would it be easy to migrate from MYBB to PunBB or should I simply switch to VB?

I don't know. It depends on how similar the boards are. I know that phpBB is very easy to migrate to PunBB, provided that you know enough MySQL. I believe there is no automatic tool to migrate your board to PunBB.


(19 replies, posted in PunBB 1.3 discussion)

8k84 wrote:

I think the core problem is the extensions system itself. [...] But since there is no documentation/tutorials on writing extensions, the learning curve is steep enough to discourage most potential extention-writers.

I am not so sure. There may not be enough extension-writing documentation around, but the whole process really is very straightforward and easy to understand - anyone familiar with PHP should be able to write his own simple extensions in a few minutes if he wants to. It would be a lot more difficult for people not familiar with PHP, but - and I will be brutally honest here - would you want to use an extension by someone who doesn't know enough to be able to prevent various exploits?

If there is a real problem, it's that the extensions are very difficult to debug. At the very least, the PUN_ADMIN_MANAGE_EXTENSIONS_IMPROVED should be strongly recommended to extension authors, if not left running by default.


(2 replies, posted in Feature requests)

Why it is useless and how to do it:

Just setup forum permissions (in Admin panel) accordingly.

Because I am an idiot. Link fixed.


Regular BBcode only allows absolute links (it prepends anything not starting with scheme with http://). It works fine, as long as you never change URL of your forum or your website. This tiny extension lets users create relative links in BBcode. E.g.

[url=/index.php]Same server, absolute path[/url]
[url=./index.php]Same server, same directory, different filename[/url]

The extension doesn't access database and only modifies two hooks.


(11 replies, posted in Feature requests)

The same could be done for other files, with the right check. The principle is always the same:

1) Find the file which you want to modify
2) Find the appropriate hook
3) Modify that hook in your extension


(11 replies, posted in Feature requests)

You could add an IP-checking function to the start of every file in /admin, either by direct editing or (better) through an extension. All files that I checked have a hook right at the beginning (e.g. afo_start for /admin/forums.php). You could check if $_SERVER['REMOTE_ADDR'] satisfies your rules and if not, end with

message('Administration denied from your IP address');


(32 replies, posted in PunBB 1.3 discussion)

SuperMAG wrote:

So that extension code is complete, if i use it now, will it damage anything.

That's a rather liberal translation of "You may need to implement a few more hooks (I didn't actually check what's needed to be done to work with hashed IP addresses)"

why would devs actully not do it, even it does increase security "significantly.

Because it:
1) has some drawbacks (e.g. impossible to filter networks)
2) leads users into false sense of security

Wouldn't little more security over some thing is a good thing.


And besides, This is a PUNBB SUPPORT forum. which means i can ask support for their Open Source Forums Software.

You can ask, but that's about it - you are certainly not entitled to get an answer.

Also, consider this: you are making lots of requests without giving anything in return and without even trying to find the solution yourself. Why should anyone want to help you?


(32 replies, posted in PunBB 1.3 discussion)

SuperMAG wrote:

Is that it, do i don't need to edit anything else, do i. And what about old users ip adress, will their ip adress be changed automathecally.

I specifically wrote:

pepak wrote:

You may need to implement a few more hooks (I didn't actually check what's needed to be done to work with hashed IP addresses)

SuperMAG wrote:

And To Core Developers: This should be added to Core i think For Security Purpose.

As I said above, this doesn't increase security significantly.

SuperMAG wrote:

How do u expect me to understand the php stuff without having courses or something like that. i do understand html and css a little, but php is very hard to understand.

How about studying it? There are literally millions of tutorials on the net.

SuperMAG wrote:

If some one hacks ur database, ands gets ur ip, he can hack ur pc too.

You may want to add "computer security" to your list of subjects to study. This is pretty much a nonsense (it may happen in the right circumstances, but the chances are very low - it would be far more economical from the attacker's point of view to simply try all possible addresses than finding an address from a forum...)

SuperMAG wrote:

i cant just learn every language that i need. not the most genius guy around that.

Most computer languages are very similar. If you learn one, you can at least read most others.


(2 replies, posted in PunBB 1.3 discussion)

It might be faster, but also more difficult to maintain.


(9 replies, posted in Discussions)

Administration -> Extensions. Or whatever - I am using a translated version of PunBB.


(9 replies, posted in Discussions)

Activate the pun_bbcode extension in the administration.


(3 replies, posted in PunBB 1.3 troubleshooting)

This sounds very much like you use some kind of advertisment blocker, which identifies the smilies as advertisments (by their size, probably).