Technical: Maybe change forum engine ?
Moderator: Moderators
-
Forboding Angel
- Evolution RTS Developer
- Posts: 14673
- Joined: 17 Nov 2005, 02:43
-
hollowsoul
- Posts: 665
- Joined: 06 Jun 2006, 19:49
Why change to a new forum engine if no killer feature = missing / that peep want ?
http://www.phpbb.com/
http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=400283
Its not like its development = stopped
Plus they are working on a version 3 atm with the first beta released on ├óÔé¼┬ó 17 Jun 2006
(no upgrade tools attached, since they dont want to included them in a the first beta test = understandable)
New features for version3 of phpbb = http://area51.phpbb.com/docs/features.html
Personnaly if no killer feature why go through hassle of changing forum engine & tryin to keep old forum posts / accounts intacked. And end up giving peep more work todo that is better spent on coding TaSpring, modeling, texturing, maps, ai, mods.
When we could wait till version3 & upgrade tools are released or even dare say test ouf the beta release
http://www.phpbb.com/
http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=400283
Its not like its development = stopped
Plus they are working on a version 3 atm with the first beta released on ├óÔé¼┬ó 17 Jun 2006
(no upgrade tools attached, since they dont want to included them in a the first beta test = understandable)
New features for version3 of phpbb = http://area51.phpbb.com/docs/features.html
Personnaly if no killer feature why go through hassle of changing forum engine & tryin to keep old forum posts / accounts intacked. And end up giving peep more work todo that is better spent on coding TaSpring, modeling, texturing, maps, ai, mods.
When we could wait till version3 & upgrade tools are released or even dare say test ouf the beta release
-
SwiftSpear
- Classic Community Lead
- Posts: 7287
- Joined: 12 Aug 2005, 09:29
The NS forums were on a phpbb IIRC, security issues forced them to totally recode the database, it's why they are still shut down right now. That being said they had thier forums tied into alot more sensitive material then we do. I immagine a hacker breaking into our moderated forums would get bored pretty quick after reading the spambox and realizing that the only thing ever posted in the moderator forums is ban reports and sexy SJ swimsuit pictures (ok, that last one was a joke). Being open source there isn't too much development going on behind closed doors, and what is isn't posted anywhere on our forums.
What like the secret admin forum?
The AF Post count reports wherent just trivial who ahs the msot piecharts, they actually fiddled the stats in an attempt to guess how many posts where in the admin forum that we couldnt see. It also explains why they kept all their postcounts when the forums got wiped, onyl lossing a hundred or so, whereas everyone else was reset to zero.
The AF Post count reports wherent just trivial who ahs the msot piecharts, they actually fiddled the stats in an attempt to guess how many posts where in the admin forum that we couldnt see. It also explains why they kept all their postcounts when the forums got wiped, onyl lossing a hundred or so, whereas everyone else was reset to zero.
-
SwiftSpear
- Classic Community Lead
- Posts: 7287
- Joined: 12 Aug 2005, 09:29
For example:
Did You know, that this **** phpbb stores AND sends via e-mail plaintext password ? Modern boards store only MD5 hash of our passwords.
My provider CERTAINLY uses a sniffer application. So he already knows my password.
Also, if somebody breaks into the forum, he could just read admin password from database and (assume that he) not change anything. Such person can then visit forum as admin, take some hostile actions (manipulate text for example), and it will take long time b4 anybody realises, that someone hacked admin account. If there will be MD5 or similar hash instead of password, such hacker generally need to put his own pass (hash) to database, so real admin can`t acces his account (password changed).
There are plenty hacked phpbb boards over internet. So be sure, that your board is up to date. Maybe, bacause of lack of features, you are using modded version. For example: Guy, who made this mod, just said - "I`m going to school and I don`t have time to support this mod" - and... WTF?! You can`t do anything
You can`t update your board so easily, because mod caused so much changes to code. You can`t downgrade - database is not coimpilant with "vanilla" version. You can`t even switch to another board, because converter works with vanilla version only.
So lack of features or many problems - your choice with phpbb.
Did You know, that this **** phpbb stores AND sends via e-mail plaintext password ? Modern boards store only MD5 hash of our passwords.
My provider CERTAINLY uses a sniffer application. So he already knows my password.
Also, if somebody breaks into the forum, he could just read admin password from database and (assume that he) not change anything. Such person can then visit forum as admin, take some hostile actions (manipulate text for example), and it will take long time b4 anybody realises, that someone hacked admin account. If there will be MD5 or similar hash instead of password, such hacker generally need to put his own pass (hash) to database, so real admin can`t acces his account (password changed).
There are plenty hacked phpbb boards over internet. So be sure, that your board is up to date. Maybe, bacause of lack of features, you are using modded version. For example: Guy, who made this mod, just said - "I`m going to school and I don`t have time to support this mod" - and... WTF?! You can`t do anything
You can`t update your board so easily, because mod caused so much changes to code. You can`t downgrade - database is not coimpilant with "vanilla" version. You can`t even switch to another board, because converter works with vanilla version only.So lack of features or many problems - your choice with phpbb.
// Phpbb does not store passwords in plaintext.
But is sends plaintext password just after registering. Rest of problems I described are still actual.
Anyway, as we can see, at least one admin saw this thread and knows what I (and other formuers) have to say
For me that is enough. Staff will decide to change forum engine or not.
But is sends plaintext password just after registering. Rest of problems I described are still actual.
Anyway, as we can see, at least one admin saw this thread and knows what I (and other formuers) have to say
For me that is enough. Staff will decide to change forum engine or not.