Thank you. I've read the user notes there and the information looked very promising. But unfortunately it could not fix my problem. Maybe I have done something stupid, I'm still confident and will try to find a solution.

Note: Besides the reported small bugs I am highly pleased with your PunBB board software.
Meanwhile I also tried the PhBB board, but I was really shocked to see how that bad software performed: Two different fatal errors during installation with SQLite forced me to re-start at the beginning and finally the board turned out to be totally overloaded with unnecessary stuff, making any configuration attempts a real nightmare - not to mention the lame plugin support and even more drawbacks.

So thanks again for that nice piece of PunBB software!     wink

Parpalak wrote:

I wonder how forum can functioning at all with cookies disabled. A user can't login if cookies are disabled.

Why should a user want to login? All my users are guests. Forum registration is disabled and it is not needed because the guests have all necessary rights. For example in my bug-report-forum they are allowed to post topics which I try to answer. However,  guests are required to solve a captcha on every post.

I know that many users consider the register procedure as a burden, especially if email is required, some won't even try to post. I hope my answer gives you new insights in the usage of your software, but I wonder that you did not consider it could be used that way.



Parpalak wrote:

What kind of professional help do you heed?

What I was trying to do is to provide an alternate way of captcha verification, a way without using cookies, using an URL parameter to transmit the session-ID (in order to recreate the session variable after submit). I know there are general security concerns regarding URL-session-ID's but in this case it does not apply since it is used for guest status only.

I changed PHP INI to support trans_sid. Recreating a session variable after being submitted from another PHP file worked fine in my test environment. However, there were problems using the same procedure in PunBB/pun_antispam.

For a first test I modified form-action in post.php to:
action="<?php echo 'post.php?fid=3' ?>&<?php echo strip_tags(SID); ?>"
... to use a relative path (needed for URL-SID) and to add the SID as parameter (in forms PHP does not add it automatically).

In the the po_end_validation hook (manifest.xml of pun_antispam) the session variable $_SESSION['pun_antispam_text'] should have been recreated directly after the session_start() instruction.
This unfortunately did not happen (SID was transferred successfully via URL), it was still empty, although the same procedure worked properly in my test with two simple PHP files. Any help appreciated.

If you disable browser cookies completely, AntiSpam will deny even correct captcha code input.

No hint is given on the problem, at least it should say something like:
"Cannot verify code, please enable cookies." -  instead of the misleading "Invalid code" message.

I have quite a lot fairly paranoid users on my site, with generally cookies and script disabled. They could not post. Now I quickly fixed the error message and I also tried to debug the issue myself but I might need some professional help(?)

This is not really a bug, but when I test the board (without making extra test topics) the view counters usually increase notedly.

I suggest the following patch in viewtoic.php (introduced variable $viewsincrement)

    $viewsincrement = ($forum_user['g_id'] == FORUM_ADMIN || $_SERVER['REMOTE_ADDR'] == $_SERVER['SERVER_ADDR']) ? 'num_views' : 'num_views+1'; //netticat

    $query = array(
        'UPDATE'    => 'topics',
        'SET'        => 'num_views='.$viewsincrement, //netticat
        'WHERE'        => 'id='.$id,
    );

Thank you for reading.

Parpalak wrote:

This issue has already been reported. It's because sqlite doesn't fully support subqueries.

If it's possible to avoid the subquery without a performance decrease, we'll do it.


I think at least there should be a distinct warning note associated with the option.
Unknowingly I enabled it after installation.
I needed a whole day to find that the problems are related to this option!
Other users might not be that patient and may decide to uninstall PunBB if the problem cannot be solved in a reasonable time.

If the  feature 'User has posted' is enabled and a logged-in (!) user tries to enter/view one of the configured forums, the PunBB will stop with an error (you cannot view the forum list as registered user). Enabling debug mode via config.php shows the following details:

The error occurred on line 116 in D:\Programme\Apache\htdocs\forum\viewforum.php
Database reported: SQL logic error or missing database (Errno: 1)

Unchecking the 'User has posted'  feature will fix the issue again.
I also verified the problem with a fresh installation and database, however the problem might be related to the sqlite database only!

This has already been reported several times here, but still no fix could be found - and I unfortunately did not find the appropriate bug reports.

My environment:
Windows XP,
PHP version 5.3.0
SQLite version 2.8.17
PunBB version 1.3

***A bug report is great, a patch is divine.***

I have the same problem as pcoxygen:
The Quick reply still doesn't show up to guests.
I enabled '  Allow users to post replies in topics. ' in '» Administration  » Users  » Groups  » Edit existing group' and the reply button now shows for guests, however not the QUICK reply.