Posted by battye in Modifications with the tags MODs on November 9th, 2009
A very common question about phpBB is how to display recents posts or topics on a separate page, such as a website homepage. It can be very handy to do this, as it allows visitors to your website a chance to quickly see recent activity.
This blog post details how displaying a list of recent posts and topics externally can be done. There are a couple of different formats that are covered:
- The latest topics (including only from specified forums)
- The first post of the latest topics (including from specified forums)
- The latest posts from specified topics
- The latest posts from the entire forum
Everything displayed is subject to the users forum read permissions.
Read the rest of this entry »
9 Comments
Posted by evil3 in Modifications with the tags MOD Database, MODs, queue, Validation on October 5th, 2009
As the title already says, this blog post will describe how the MOD Team validates modifications and what happens to them before they come out at the other end of the queue.
Read the rest of this entry »
No Comments »
Posted by evil3 in Modifications with the tags MODs, Security on September 10th, 2009
Note: This post is targeted at MOD authors and contains many technical details.
Introduction
Amongst the great security features that phpBB 3.0 provides is the function used for processing user input, request_var. This function was designed to make it easy to securely retrieve user inputted data. It is one of the most important security functions in a system that retrieves external data as it can (with caveats that will be elaborated upon) single-handedly stop XSS and SQL injection attacks dead in their tracks
The reason we have created this blog post is to give more information to modification developers on how to properly explain how this works and why you should use it.
Read the rest of this entry »
13 Comments
Posted by Kellanved in Development, Moderating, Modifications, Styles, Support with the tags 3.0.6, CAPTCHAs, MODs, Styles on June 27th, 2009
You probably have already heard about it: the next release will include a host of new features. This post will present one of them in detail, showing the idea and the impact on users, style and MOD authors.
Most admins are experiencing problems with spam, which is taking away lots of energy that would be better spent on the enjoyable parts of administrating a community. We tried our best in the arms race against spambot programmers, but have to admit failure with our previous approach. Since 3.0.x became as popular as it is, any default visual confirmation gets broken almost instantly. After long discussion in and outside the teams, we came to the conclusion that diversity is the answer: every board admin should be able to use a non-default anti-bot measure without it being a pain. Read the rest of this entry »
1 Comment »
Posted by wGEric in Modifications with the tags MODs, phpbb3, resources on April 21st, 2009
MOD requests are common with each version of phpBB. Every user wants something different to make their board unique. The problem, however, is that there are more users than MOD Authors. However, with an understanding of PHP and phpBB, you can create your own!
Read the rest of this entry »
10 Comments
Posted by Kellanved in Development, Modifications with the tags Development, MODs, Security on January 14th, 2009
Cross-Site-Request-Forgery, short CSRF, is a type of vulnerabilities that gets more and more attention. The concept can be translated as “tricking the browser into automatically performing some action using the user’s privileges”. Let’s see what phpBB does about it.
Read the rest of this entry »
23 Comments
Posted by Kellanved in Development, Modifications with the tags Bots, CAPTCHA, MODs, Project History, SPAM, Visual Confirmation on August 28th, 2008
This post no longer reflects the state of the art. See here .
CAPTCHAs – “Completely Automated Public Turing test to tell Computers and Humans Apart”s – are known as the foremost means to stop registrations by SPAM programs, so-called “Bots”. In phpBB, a visual confirmation CAPTCHA is used.
The key here is the “Completely Automated” part, meaning that the software – phpBB – creates the question and the correct answer without interaction by a user. This has the drawback that computers are usually able to find the answer as well, given time to adjust. This is an active field in research. In the end it is an arms race. A new CAPTCHA will usually buy a few months of peace, before the major Bot vendors adjust their products.
This article is about presenting some reasons behind our CAPTCHAs; it is not intended to be a case for or against CAPTCHAs in general or particular. It is not about other means to combat SPAM, but only about CAPTCHAs.
Read the rest of this entry »
33 Comments
Posted by Paul in Modifications with the tags feedback, MOD Database, MODs on July 19th, 2008
The MOD team always gets a lot of questions, feedback and more from MOD authors. This is mostly after a persons MOD was denied for a certain reason, we change something, or just about one of the policies we have.
We get a lot of questions from them if we do anything with the feedback, or if we actually listen to it, I want to explain here how we handle this kind of feedback.
Read the rest of this entry »
10 Comments