Search options (Page 1 of 2)

the repository is meant to be a central place to store resources for open source software. Like punBB.
Resource are in this case. plugins , mods , hacks , styles and such.  ANd yes punres does the same but on a different way.

And the repository will support other software later on to.

With the repository you can browse in the different resource categories.
Find information about them.

Currently only a download link. But working on a option to store the files. And working on a option to view the different files.
Preview of the resource -> working on it.
Users Ratings
There will be a compatabilty list. So you can see which versions of punbb are supported.

Authors can add and edit resources with ease.

I hope this will make things a litte bit more clear

do you have persitent mysql connections enabled ????.

If so turn it off. Non persitent connections will be terminated much earlier.  persitent connection do not really work with php. And cost more resources then the save.

Thanx for the warning. I applied a fix . But it seems i don't experience the problem with the version of ieplorer I got. Could you confirm if the problem is corrected?

Maybe there could be an option added or a hack. Where the users gives an url to offsite avater. Then punBB could download (cache ) the image. This will fix the broken image problem and the possibilty to verify that the image is according to forum rules.

Offcourse you will not save bandwidth with this option.  And you could encouter problems with copyrights.

use the same sql query as used in register.php of punBB and you will be fine.

For the features you should take a look at extern.php of punBB. with the correct call you can get the forum stats.
These stats will show total members and the newest member.

Normally you would check your code for errors. By reviewing the code. Simply but ( walk trough your code step by step to find out what it exactly does. And compare that to what it really should do.

Finding bugs like xss hacks and sql injections is some what difficult. Your first stop is to learn what xss hacks and sql injections are. You will find may resources on both of them. As soon as you understand what those bugs mean you also should know how to avoid them.

A good rule for developing php is.

never ever trust user input. Allways check the data you receive. Is it what you expected ?? Did it arrive from the location you expected. Make use of htmlspecialchars to filter our any html related code etc.

This is in no way complete for more info read as much as you can. If you read an article on php make sure you read the comments to. This will help you unterstand if the article is any good or not. Doesn't make sense to learn stuff the wrong way.

ssl doesn't make your cookie more secure or your login for that matter.
The only thing SSL does. Is encrypt your data. It is still possible to hijack your cookie with ssl enabled.

The banks simply use ssl to make sure when your banking that somebody who is listing on your line can't read the data without the keys.
But is doesn't mean that somebody can't login under your name. or use some kind of xss hack.

A good auth would involve a handshake . Something like what the ssh and ssl protocol do.  But what ever you choose there is allways the need for the cookie.

What ever you cookie may contain. a session id or an encrypted password.
So you can make your auth as strong as you like. But when somebody can make an XSS hack that steals your cookie it's useless.

PS ssl and ssh are as strong as the encypted methods used. For example if your using blowfish or some other older encryption method. Your begging for trouble.

Your right when you say that sessions would be stronger overall. The password(in md5) will then no longer be present in your cookies.  But still its vulnerable.

Still some could steal your cookie by an XSS attack. And use your session for the remaining time.

A some what more of an security issue. Is the way you can change your password in profile.php.

Last week I logged into my forum as admin at my brothers pc. After a short break a came back online at a different pc. Noticed that I no longer could log in as admin. And that my password was changed. Just before I wanted to change it directly in MySQL . My brother said he had changed the pass for the fun.

So really nothing to worry about.

The moral of this story is. That punbb should ask for your old password when changing to a new password.

I?m sorry if this is already done . Because at that time I was running punbb 1.2 .

Whoops just noticed it that it allready has been fixed.

Well the whole last box will probarly be removed and so will the upper box to.

That's right

The FAQ says its okay. The reason that I removed it for this site is quite simple. We have a fixed couple of visitors   No more than 15 or so. And none of those visitors will ever start his own forum.

The end goal is supreme intergration if i find the time. When done everything should look as one.
Im using punBB on a different location to. Don't worry everything is out of the box. Not even modifications.