Blog

Guest Post: Starting your own MOD by A_O_C

Posted by wGEric in Modifications with the tags , , on April 21st, 2009

MOD requests are common with each version of phpBB. Every user wants something different to make their board unique. The problem, however, is that there are more users than MOD Authors. However, with an understanding of PHP and phpBB, you can create your own!


I started out just like everyone else; I knew nothing about PHP (I’m still learning πŸ˜€ ), and the inner workings of phpBB were a little overwhelming. However, by installing MODs written by other MOD Authors, I started gaining an understanding of PHP and phpBB. If you don’t understand PHP, it’s a fairly easy programming language to learn – I recommend a good book from your local bookstore.

Next, get a feel for how phpBB works. Looking at the root directory, you get a good idea of what associates with what (viewtopic.php with viewing a topic, viewforum.php with viewing a forum, etc). The exception is the ACP and MCP; a lot of those functions are handled through the includes/acp/ and includes/mcp/ folders. If you don’t understand, try opening a topic in the MOD Writers Discussion forum. There you will find a lot of useful information along with users willing to point you in the right direction.

Once you know what you want your MOD to do and have an understanding of both PHP and phpBB, you are ready to start writing your MOD. There is no “clear-cut” style of coding (each MOD Author has their own), just make sure it follows all MOD policies.

Below is some useful information regarding writing / submitting MODs:
phpBB Modifications Documentation
MOD Database requirements
Coding Guidelines
MODX resource centre (please note that as of this writing, all MODs submitted must be using MODX 1.2.2)
Validation Checklist(a simple checklist allowing you to ensure you MOD passes non-exhaustive checks)
MPV – MOD pre validator (allows you to pre-validate your MOD)
phpBB Wiki

Finally, please ensure your MOD works. The #1 reason a MOD is denied is it simply does not work! Have fun, and enjoy! πŸ˜‰

This blog post was written by A_O_C (website).

If you would like to have one of your own blog posts that relates to phpBB on this blog, please send me, wGEric, a private message containing the blog post.

10 Responses to “Guest Post: Starting your own MOD by A_O_C”

Posted by themanatphpbb on April 22nd, 2009 at 2:52 pm:

You forgot to talk about security, you said “The #1 reason a MOD is denied is it simply does not work! ” I find this statement to be false.. the main focus of accepting MOD’s is not just the functionality but the security and validation. Considering most security threats for opensource projects come from 3rd party plugins/mods, its crucial to be adequate at coding. Giving the idea that anyone can just through together some code and submit it as a new mod for acceptance is degrading to the phpbb project as a whole.

Posted by A_O_C on April 23rd, 2009 at 2:02 am:

you said β€œThe #1 reason a MOD is denied is it simply does not work! ” I find this statement to be false.

I can assure that it is in fact true. I welcome you to PM a MOD Team Member if you disagree.

While security is a main concern, I didnt touch on it because most of that is covered in the Validation Checklist. My main focus of this blog was to get people started. The links I provided were appropriately listed under “useful information regarding writing / submitting MODs” (keywords being “writing” and “submitting”). πŸ˜‰

Posted by themanatphpbb on April 23rd, 2009 at 2:41 pm:

fair enough, maybe someday phpbb will support plugins instead of mods. I say this because from what i understand plugins are, security wise, safer to use.

IMO I think its more important to promote community involvement and development for things in core, tickets for bugs, patches, reporting errors, graphics work.. that type of stuff. It doesn’t make sense (except for your own personal learning experience, or for a personal need) to develop mods for a project when they wont be accepted into core, or be “officially’ supported.

Posted by Jwxie on April 24th, 2009 at 5:28 pm:

Security should not be the first concern before you submit to be “validate” – at this stage your mod is somewhat beta, alpha.

instead, focus on the quality overall in the first place
when you are ready to submit your mod to be “validate” you then should have a pretty safe-running modification – it is no longer a beta version, am i correct?

Posted by Jwxie on April 24th, 2009 at 5:41 pm:

jsut let me correct myseelf a bit before anyone gets into a debate with me xDDD
I really mean if you are making a mod, and able to make a mod you want – security is at least at the minmium – and most of the functions and things you use to code mod are probably from phpBB core
so the security – for some parts are at least good
and also, alpha and beta are insecure version anyway – people have to take it at their own risks
so take a step by step, code it at a fair security level – but should really focus on the quality overall
when it comes to validation, make sure security is good enough

Posted by channels tv on April 24th, 2009 at 7:33 pm:

Modifying some scripts it is easy way to get something different, but not create something new

Posted by Tupyre on April 27th, 2009 at 6:42 am:

Regarding themanatphpbb’s comment about plugins, this is not quite true. Plugins are very similar to modifications, and are no more secure at all. The main differences are that modifications usually modify the main code, while plugins add on to or are run alongside the main code. This difference offers no security benefit whatsoever. (ie, if a plugin is insecure, it could still be exploited just like a mod)

Posted by themanatphpbb on April 28th, 2009 at 10:51 pm:

good point tupyre
IMO editing core code just seems wrong, to me plugins are more practical.

Posted by EXreaction on April 30th, 2009 at 2:47 am:

In a perfect world all mods would be completely secure from the start. Unfortunately that doesn’t usually happen because people have to start somewhere and if people do not think of security issues when building it they’ll leave openings.

The bad part about security is you can only stop the kinds of exploits you know about and know how to exploit yourself. Someone with more coding experience is going to usually have a more secure mod at any stage of development than somebody starting out, even if it is a final release.

I can also say the #1 reason mods are denied (at least through what I’ve seen) is from code that simply does not work (usually the mod install instructions are wrong).

I’d be willing to bet that 1/3 or more of the denials I’ve seen could have been prevented had the mod author simply gone through and either tried installing it on an unmodified board manually again or tried installing on an unmodified board with easymod. If they would have done that any incorrect instructions would have been immediately noticable.

Posted by kdx on May 1st, 2009 at 1:02 pm:

Modifying some scripts it is easy way to get something different, but not create something new

Commenting is disabled for this blog post