(1 replies, posted in General discussion)

He didn't sold punbb, punbb is GPL so it cannot be sold itself. He just sold the copyright.
I guess he believed that it would be the best strategy for punbb at the time.

There's a lot of drama (way to much) about this, check out how everything happen:


(59 replies, posted in General discussion)

We all knew this could happen. Personally i believe there's no reason for drama, and i guess the development team tried to use a sober tone in the announcement as this is more natural than most might think after a first look.

The dev team got a little money for selling the copyright and the community goes on. I think it's good that you guys got a bit of money for your great job.

This is why free licences like GPL are valuable. The community never gets ripped off.
The new punbb owner should probably be disappointed with this move, but on the other hand this is very natural as he bought only the copyright of PUNBB code at that time and not punbb itslef, which is not possible to commercialize anyway due to its license.

I will naturally move to fluxbb too.


(62 replies, posted in News)

Please read the topic linked by vovochka a few posts above.
There was no need no throw so negative comments at this point.

This is a free software project, AFAIK the current licence (GPL) licence allows you to fork a project and use even use it in a commercial product/service.
In other words, formally the contribution made by the development team to the community whenever they release a new version of punbb is still made within the exact same conditions.
Honestly, drama is absolutely unecessary.

If i should be honest, I think this deal (can i call it a deal?) is beneficial to all of us. I believe punbb's development is stronger with some corporate power boost.

Now, superMAG made a wise observation. The company owning punbb now might have made a mistake changing the domain. This change appear to be obvious but it might in fact have negative impact on their strategy.
There are literally millions of incoming links to punbb.org, ok, it's redirecting to the new domain, but google and other SE do not take redirects in account when it comes to rank a domain relevance on some keyword.
Also it's slightly more confusing to the visitors.
Either way I believe (and hope) these are minor problems.


(20 replies, posted in General discussion)

I should point that it appears that some of you might haven't realise that is quite popular

Check this thread:
http://punbb.informer.com/forums/viewto … 79#p114079

facebook developers forum, french ubuntu forums, look around a bit more carefully and you'll find punbb in a lot of websites.


(5 replies, posted in PunBB 1.2 show off)

What do you use for the rest of the site? wordpress?
I think you should go one step forward with the integrations and put the top menu on the forum template too.

Nice integration. I like it.


(4 replies, posted in PunBB 1.2 show off)

I don't like the style, but that's a matter of taste.

Lets see... that's 1.2 right?

Which captcha do you use in the registration form?

This is something i've been very curios about for very long.
A lot of other software comes with a newsletter feature, i think that should be officiall supporteb by punbb, a suported extension maybe.
Does anybody has knowledge of how this is done in other software?
If so, a couple of links to phpxref.com would come in hand. I suspect most of the scripts don't wait between emails, but i would like to look at their code anyway.


(18 replies, posted in PunBB 1.2 troubleshooting)

Not to mention the possibility of the hosting company being serious yet incompetent.
All it take to get that information is read permission to that file.
This is 99.9% sure not a punbb's security issue.


(56 replies, posted in PunBB 1.3 troubleshooting)

MattF, I think you are mixed up with the ways cookie work.
If you navigate from page to page on a website (a punbb forum for example) while being logged in, you have to have a cookie stored in your computer. That's how php sessions work. If you don't have cookies suport PHP will add a parameter to all the links in your website so the session id is passed via querystring.
In other words, punbb already uses cookies in it's authentication system. Each time you request a page and are loggind in, your browser will fetch some information on the cookie and send it allong with your http request so the server knows that it can trust the request source.

Try this experiment: deactivate your browser's cookies, login into punbb.org and notice the urls. They will have a long random alphanumeric string passed by querystring.

To be honest i never went and check how cookies reall work in detail. I take the chance to make a side general question:
How is cookie-stored information sent to the server?
thought the headers?


(7 replies, posted in PunBB 1.2 troubleshooting)

Looks like they've intrude into the server using another account and looked for a file with write permissions.
Not a punbb vulnerability, but certainly something to be aware of and careful about.


(56 replies, posted in PunBB 1.3 troubleshooting)

I wouldn't say totally wrong, but quite not in the spot.

There is no security issue as no new system would be implemented.

What i am suggesting is to extend the user authentication check to the feeds instead of simply not having feeds if they are not world readable.

If for example you receive a topic notification by email and click the link it might also be a link that requires authentication. I see no difference between both situations.

The cookies are not stored on a machine basis, they're stored in a browser's ( or other sort of http client ) runtime environment context. Like, I use a computer that is used by other people but i have my own acount. No cookies of mine are assecible to other peoples' browsing environment, therefore I usually stay logged in continuously on some sites. For example, I don't login each time i pass by punbb.org/forums... nor to the forums i run.. do you?
If you don't, there you go, you would be able to subscribe feeds of all your forums.
Only limitation is feedreaders without cookie support.


(20 replies, posted in PunBB 1.3 troubleshooting)

Well's there's a way i can think of:
do a user agent match, if it's a google bot then don't show it. I don't know how picy google is on this small changes.
This is a 'hacked' solution not a 100% propper one.

BTW, what's that link for? is it for smaller screens or non-graphical browsers or something like that?
Sorry, couldn't find the answer by searching either


(56 replies, posted in PunBB 1.3 troubleshooting)

Ok, i already now what will be my first punbb 1.3 extension.
Would it be ok to ask for you guys to make sure there hooks in extern.php in the right spot to achieve this?


(56 replies, posted in PunBB 1.3 troubleshooting)

In which line and file is that?
Is that punbb 1.3 or 1.2?

I believe that somewhere in extern.php in the sql query... right?

Any chances this be default in punbb 1.3?


(56 replies, posted in PunBB 1.3 troubleshooting)

MattF wrote:
pedrotuga wrote:

The only thing i suggested is to extend the user authentication check to the feed generator script. That should not be a lot of work and it would be very practical for some people, like me.

And it would also be the absolute worst nightmare of a Drac admin, if it was part of the core system, especially with such weak checks as those.

I don't understand what you mean, at all.
What does this have to do with Drac? BTW, i didn't even know what drac was until i googled it just now.

I am talking about the XML feeds generated by punbb. What does this have to do with email?

Dokuwiki for example has this feature. You request a feed. If you don't have the authentication cookie you just don't get it in the HTTP reply. Simple as that, I don't see how this affects other forum features nor how it adds new authentication issues.
No new system needs to be implemented.


(56 replies, posted in PunBB 1.3 troubleshooting)

SuperMAG, I think you haven't realized that you (nor anybody) are not entitled to make demands on the dev team. The closer thing you can do is suggestions.
And please, don't hijack this topic you guys hmm

Smartys, i think you got me wrong, i was probably not so clear in the details.

I suggested that the feeds would have no more authentication than any other forum page. Basically only browser based feed readers would catch those feeds.

Like, when you show a viewtopic, I guess punbb uses php's session system to check user's permission, as far as I know sessions rely on cookies.
The only thing i suggested is to extend the user authentication check to the feed generator script. That should not be a lot of work and it would be very practical for some people, like me.


(56 replies, posted in PunBB 1.3 troubleshooting)

In version 1.2 only public areas of the site have feeds.

I know most of the feed readers do not support cookies, but some do.
I use sage, which being a firefox extension, inherits  its cookies.
It would be really cool to be able to subscribe feeds of a topic i of any topic/forum/category, regardless if it's in a public area or not.

Is this a feature of punbb1.3?

There is also spinkbb where you can visually edit your forum in  guided way.
Check this forum's index. A section title is in fact a redirect to spinkbb


(8 replies, posted in PunBB 1.2 troubleshooting)

I have that issue in one of my forums and i haven't really care to fix it, though from time to time some users claim some links are broken...

does anybody has an example .htaccess that i can quicly copy to my server and forget this problem?

Not necessarily a lot, but yes... it would require xml or other data tree notation flavour parsing.

Maybe when parsing is considered a fast process :s


(42 replies, posted in PunBB 1.2 show off)

StevenBullen wrote:

Fixed a few problems with auto refresh. Should all be sorted now. smile

check out your update script. All the links are broken, I would guess your update script is not updating .htaccess.


(15 replies, posted in PunBB 1.3 extensions)

Still doesn't hide when one clicks outside the menu. I'm using firefox.
Anyway, kick ass extension. SMF comes with this feature and i use it daily. It saves a big amount of time. I was about to sugest this. I'll sure use this, but to be honest i'll hack it back to have just one simple "quick edit" link rather than the fancy menu. Personal preference.

I'm not sure if i talked about this before.

The new extension system is in my opinion the killer feature in punbb 1.3.

Personally I am very enthusiastic about it, but i thought about a limitation of it.
It only allows an extension to add code.
Removing or replacing code is not possible.

I think in the long term this might be the next limitation punbb faces. By now the extension support will kick ass and allow a lot of cool stuff that no other forum engine would support. But in the future the need to remove or replace code might show up.

A cool solution that I can think of would be wrapping every script in an xml tree and ad an extra xml file to aggregate all the scripts. Then extensions could reach all the code. Just like in firefox and other xul aplications.

What do you think of this?
Will code replacement/removal be a big feature in the feature?
Is there any other ways to approach this?
A solution like the one i pointed, would it be an alternative in a remote future release?

Punbb is already the most flexible and easily customizable forum software. With the new styles 'per template' and hook/extension system tat will come in 1.3 it will literally leave the concurrence (if we can call it tat) miles away.

This, however does not mean, that it will ship bloated with a million features from which you would use like 3 or 4 of.
Important thing in punbb 1.3 will be: it will be possible to do pretty much everything you want in a proper why. By properly i mean, without touching the source code and in a way that your database also holds your mods.
AFAIK no other forum software does this.

Some very commonly requested features will be included in the core like: xmlfeeds, fancy url personalization, and some other stuff i don't know of.
Some quite popular requests, i hope, will be supported as official extensions.

Further customization can be achieved with other extensions.

I guess this answer to all you requests as punbb's flexibility will cover all that.

Ok, i ended up bragging about punbb as I always do.

I have never really put time on coding javascript...
But I kind of need a basic bbcode editor, and since punbb is open source, why not using it's javascript?

so... we have this...

<script type="text/javascript">
                            function insert_text(open, close)
                                msgfield = (document.all) ? document.all.req_message : document.forms['post']['req_message'];

                                // IE support
                                if (document.selection && document.selection.createRange)
                                    sel = document.selection.createRange();
                                    sel.text = open + sel.text + close;

                                // Moz support
                                else if (msgfield.selectionStart || msgfield.selectionStart == '0')
                                    var startPos = msgfield.selectionStart;
                                    var endPos = msgfield.selectionEnd;

                                    msgfield.value = msgfield.value.substring(0, startPos) + open + msgfield.value.substring(startPos, endPos) + close + msgfield.value.substring(endPos, msgfield.value.length);
                                    msgfield.selectionStart = msgfield.selectionEnd = endPos + open.length + close.length;

                                // Fallback support for other browsers
                                    msgfield.value += open + close;


Now... I am not familiar with browsers DOM implementation, nor with DOM itself, but he above code looks at least tricky, I guess that's how all javascript ends up being.

Here's my questions dump:
-what's the first test for?, in which situation wouldn't  document.all.req_message be defined and what does document.forms['post']['req_message'] represent?
-do the browsers call different things to the form objects? Like... can anybody explain me in detail the browser test conditions?