Need more clarity:
- you have a vanilla standard PunBB 1.3x install;
- you got a successful registration from a user with the above IP address
- email address of registrant had *viagra in it?


Not sure what you are trying to say.

It's attractive and works well. I only tried it in Opera 9.63 Windows however.

But IMHO it would be nicer if it was variable, rather than fixed, width  smile

In order to retain working relationships on forums like these, everyone needs to remember to be a little bit polite and diplomatic, I guess. That way everything just works better.

It's also worth remembering that in a forum environment, sometimes comments and posts can be misunderstood or appear to be more angry or hostile or arrogant than they actually were intended to be, or they would sound if they were spoken face-to-face.

Sometimes what may appear to be arrogance, for example,  may just be a misunderstanding, or a result of someone being very busy and not able to immediately give their full attention to an issue or a post.

I've often been accused of it myself when admining forums, because I sometimes give replies that are perceived as curt and dismissive to users, but I only do so not because I am a bitch but because I often have 1 million things to do and can't give the user more time. Etc. So be tolerant - everyone has flaws smile

It's great what Garciat is doing. This extension looks useful.

But I have to agree with some of the comments about security.

It is always advisable to never trust users - their input, their behaviour or their friendliness/loyalty/honesty etc, and to also never consider the online environment your code is going into to be either (a) benign or (2) stable and predictable. Any code should reflect these concerns, I think.

It's always better to address security issues at the design stage if possible, rather than later - eg after your huge and busy forum has been hacked. Then it gets messy. smile

Cool that you solved it.

I feel stupid for just remembering that there is also this info right here on this site:

Website Integration

Integrating PunBB into your website code is easy if you know a little PHP. By including PunBB's script common.php, you gain access to all PunBB global variables such as $db and $pun_user. However, in order to include this file, you need to define a constant called PUN_ROOT. This constant should be set to the relative path to your PunBB forum directory. For example, if your website front page is located in /home/user/public_html/ and your forums are located in /home/user/public_html/forums/, your PUN_ROOT should be './forums/'. The PHP code to accomplish this could look something like this:

define('PUN_ROOT', './forums/');
require PUN_ROOT.'include/common.php';

Once you've included common.php, you can access and utilize all of PunBB's global variables and functions. Typically, you will be most interested in the $pun_user array. This array holds information about the current user. Another interesting variable is the database object $db. How to use these variables in your own script is out of the scope of this document, but here's a small example showing you how to print a simple message greeting the current user on your website front page:

Hello <?php echo pun_htmlspecialchars($pun_user['username']); ?>!

In addition to defining PUN_ROOT, you can define a number of other constants to alter the behaviour of PunBB when including common.php. The two most interesting of these constants are PUN_TURN_OFF_MAINT and PUN_QUIET_VISIT. If PUN_TURN_OFF_MAINT is defined when including common.php, PunBB will not exit and display the maintenance message if the forums are placed into maintenance mode. You generally don't want this message to appear on your website front page, so defining that constant is a good idea. The other constant, PUN_QUIET_VISIT, prevents PunBB from updating the current user's last visit data in the database so that a visit to the front page doesn't count as a visit in the forums. This is also desirable behaviour in most cases. It doesn't matter what value you set these constants to, but setting them to a value of 1 is probably a good idea. Example:

define('PUN_TURN_OFF_MAINT', 1);
define('PUN_QUIET_VISIT', 1);

Please note that these constants must be defined before common.php is included.

from :

Try require_once?

I think  you would start by doing something in your along the lines of:


define('PUN_ROOT', 'forum/');
require PUN_ROOT.'include/common.php';

- then the normal PunBB code that says welcome guest cut from punbb/s index.php


Then you could call and use all the PunBB functions etc.

I am pretty sure this is the right approach.

As the downloads page where this (and other useful plugins live) says:

Administration plugins

Administration plugins are drop-in modules for the PunBB administration interface. Install them by simply decompressing the archive into the directory /plugins. Uninstall by deleting the extracted files and folders.


(5 replies, posted in PunBB 1.2 discussion)

Yes, of course. But I thought I would see if someone already had done so, or done something close enough to serve as a starting point.

AlexanderS wrote:

Why only register.php? That's where I added captcha to avoid spam, but the idea of robots.txt is to disallow files without real content so the robots don't waste time crawling them. Like the irrelevant admin files which have already been indexed by Yahoo.

So then just disallow all the admin files then. It's not a big deal, since most of them shouldn't run if directly called anyhow, I think.
Disallowing register.php is helpful even if you have a captcha in place. All captchas and registration page tricks have potential flaws or weaknesses.  Disallowing register.php means bots who mine Google etc to locate the registration pages of PunBB forums (which is how some of them work) won't show a result for your site.


(5 replies, posted in PunBB 1.2 discussion)

quaker wrote:

have you looked at in the style section??

Yes I have. Am I missing something?


(5 replies, posted in PunBB 1.2 discussion)

Anyone know of or made a simple, chan style for Punbb - eg a etc look?

That would be fun.

No. All you should really disallow is register.php.


(17 replies, posted in General discussion)

Offer porn and warez. Popularity will explode.


(7 replies, posted in PunBB 1.2 bug reports)

dg009 wrote:

I am quite new to PunBB.  I have just installed PunBB 1.3.1, when I log on as administrator I don't see the option (in Options) to add 'Additional menu items'. Can anyone help!!!!!

The item appears there in the (old) PunBB 1.2.*.  If you had installed 1.2.20, it would be there smile

But it's not in the same place in the new PunBB v1.3.*

The best way to deal with the problem would be to beef up the registration process on your forum.

A simple way to do so on 1.2.* is here: … e-mod-v08/

Another simple way to do an anti-spam registration page on 1.2* is to download this file by Jacky:

It includes a ready-made anti-spam register.php you can just drop into your site to replace the default register.php (and a few support files you'll need to place on your site too).

You will need to customize the questions the mod asks though, of course, but that really is pretty easy and doesn't involve editing any PHP code.

You can also search for 'spam' 'captcha' 'spambot' on this forum and you will find a LOT more discussion on the subject of PunBB and forum spam, and a galaxy of ways of alternative ways of dealing with the issue.


(2 replies, posted in General discussion)

FWIW. You could try to mention to your host that if he wants to move away from Apache,  there are other web servers out there that can deliver a performance boost equal to or greater than nginx whilst making the transition away from Apache easier. One I've used is Litespeed Web Server - I've used the free Standard version.

Litespeed goes neck and neck or exceeds nginx in performance benchmarks, whilst preserving Apache (and various control panel - eg cPanel) compatibility. Only problem is that the Enterprise version is not free. That may be an issue for your host, but the hassle of converting customers over from Apache can be avoided, which might count for something. It also has excellent responsive support direct from the developers, which both Apache and nginx certainly lack.

Oh the joy of poorly coded mods.


(56 replies, posted in PunBB 1.3 extensions)

mbole wrote:

Just installed 1.3 final (clear install).
Installed antispam (via PunBB Repository ext).

Same problem as before few weeks:
On registration page, there is a box for entering captcha but there is no picture
Same on post by Guest.
On change password page, there is no captcha at all
(of course I did set it in Administration, Settings, Festures...)

Verison of antispam system installed:1.2

This extension requires your PHP to have the GD image manipulation library installed. Maybe that's missing with your installation of PHP. What does your PHPinfo say on this matter? (Under Administration > Environment > Show Info, usually).

parpalak wrote:

It's a sound idea. We have to do something with the "Currently used extensions" string. I would remove this string at all smile

+100 for that. Pls make it go away.

That whole string is not useful for users or guests. Maybe only other PunBB developers, and hackers, would find it useful. They aren't worth catering for.

Removing it will also save a millisecond or two from page loads. Every bit helps smile


(27 replies, posted in News)

Oh, and congratulations on getting 1.3 finished, of course!


(27 replies, posted in News)

'Downloads page' link


in original post is flawed.


(6 replies, posted in PunBB 1.2 troubleshooting)

Ouch. I just saw this notice when I went to the OP's forum page:

This Account Has Been Suspended
Please contact the billing/support department as soon as possible.

Looks like the load issue got his account suspended.

And BTW what is the SQL code in his last post trying to do?

It seems to be doing a lot of looping or something around SELECT and also doing several very expensive wildcard SELECT u.* queries, which could be a problem on a board with several thousand members. What PunBB PHP would be generating that SQL?

Plain vanilla Oxygen style, about 5000 members. Registration page features reCAPTCHA integration.

QuickPar is a handy utility for creating Parity Volumes using the Reed Solomon algorithm. Parity Volumes may be used to verify that a set of files have not been corrupted, or to reconstruct damaged files (providing that you have a sufficient quantity of Parity Volumes to match the missing or damaged files).


(6 replies, posted in PunBB 1.2 troubleshooting)

In the Administration area there are several options you can turn off to reduce server load.

One is of course the display of Users Online, which you can find under:

Administration > Options:
'Display info on the index page about guests and registered users currently browsing the forums.'

You could also disable the 'User has posted earlier' feature. This feature displays a dot in front of topics in viewforum.php in case the currently logged in user has posted in that topic earlier. Disable if you are experiencing high server load.

Turning these features off might save you a few MySQL queries for each page load.

Are you running any mods? Sometimes they can also add considerable load. If you are, you might look into disabling some of the ones you dont really need.

You should also consider updating to PunBB v1.2.20, which has seen a bit of code tuning which may also help you out a bit.