Quote:ben says: we want a money system on the forum Narcoleptic by day, Insomniac by night says: tell me about this money system ben says: we're not sure how customizable the forum can be but we need a good scripter ben says: well ben says: people make posts to earn money ben says: with the money ben says: (or forum currency) ben says: they could buy upgrades for their acc, equipment, pets, etc.So there you go. Main point is this: - need virtual money system - need to be able to 'buy' virtual upgrades
[web] Forum engine?
Author
Me and some friends need a forum engine. PHPBB is okay, but it doesn't have the extra features we need.
Normally, I could code something like this, but that would take a lot of time and energy for something that might end up inferior.
So here's a snip from our conversation about the forum... I'd appreciate if you tell us if you know of a forum engine like this. Thanks in advance.
Use phpBB with the Cash Mod. I don't see any mods that add ways to spend the cash, but phpBB is very easy to modify. The code is quite clean and easy to follow. You can quite easily build something like that yourself.
There are many mods to PHPBB.
The problem is, PHPBB isn't modular at all. Its code is an unholy mess, typically written as one huge piece of code in the body of each PHP file (rather than using subroutines).
Moreover, it's written to use register_globals on (I know it works with it off, but it simply does a hack to effectively turn them back on), so everything is a global and anything could have come from a cookie, post, get etc. This makes it error-prone to do anything to anything.
A lot of the mods available are of very low quality, and will typically break other functions of the forum, particularly if you apply more than one.
Finally, most of the mods available are not in the form of machine-readable "patch" files, but rather human-readable "manual patch" files. These are extremely tedious to apply and it's easy for either the authors or the person applying them to have made a mistake, resulting in a broken forum.
PHPBB has a very bad security record, but compared to its mods, it's very good. Almost every mod contains numerous sql injection vulnerabilities, but because the mods aren't used very much, they aren't publicised.
Mark
The problem is, PHPBB isn't modular at all. Its code is an unholy mess, typically written as one huge piece of code in the body of each PHP file (rather than using subroutines).
Moreover, it's written to use register_globals on (I know it works with it off, but it simply does a hack to effectively turn them back on), so everything is a global and anything could have come from a cookie, post, get etc. This makes it error-prone to do anything to anything.
A lot of the mods available are of very low quality, and will typically break other functions of the forum, particularly if you apply more than one.
Finally, most of the mods available are not in the form of machine-readable "patch" files, but rather human-readable "manual patch" files. These are extremely tedious to apply and it's easy for either the authors or the person applying them to have made a mistake, resulting in a broken forum.
PHPBB has a very bad security record, but compared to its mods, it's very good. Almost every mod contains numerous sql injection vulnerabilities, but because the mods aren't used very much, they aren't publicised.
Mark
Quote:Original post by markr
The problem is, PHPBB isn't modular at all. Its code is an unholy mess, typically written as one huge piece of code in the body of each PHP file (rather than using subroutines).
It's just a style of coding. I happen to like it.
Quote:Moreover, it's written to use register_globals on (I know it works with it off, but it simply does a hack to effectively turn them back on)
Wrong. It's the other way around. There's code in place that kills all global variables in register_globals is on. Check common.php.
Quote:A lot of the mods available are of very low quality, and will typically break other functions of the forum, particularly if you apply more than one.
That depends. If you stick to the mods in the phpBB mods database then you're relatively safe (unless you intend to install many of them).
Quote:Finally, most of the mods available are not in the form of machine-readable "patch" files, but rather human-readable "manual patch" files.
Check out EasyMod. It's an installer for mods. All mods in the phpBB mods database should work with EasyMod unless stated otherwise.
Quote:PHPBB has a very bad security record
As with any piece of software, you have to update it if there's a patch out. I really can't feel sorry for people who've lost their boards and blame phpBB's "bad" security while they were still running 2.0.6 when 2.0.10 and up were out.
phpBB isn't bad. It's just abused and misused a lot.
Quote:Original post by Sander
phpBB isn't bad. It's just abused and misused a lot.
This is why some hosts have started banning it (see phpbb.com news section). I think this stems from the fact that it is open-source; if you have the source code, what can you not make something do?
The hosts are banning it because of its poor security record. Being open source does not imply that it is necessarily good or bad.
The main problem is that the code is such an unholy mess, it actively resists attempts to audit it.
Moreover, the authors didn't really think ahead much and use a proper templating or database query system, it's all just done ad-hoc.
Mark
The main problem is that the code is such an unholy mess, it actively resists attempts to audit it.
Moreover, the authors didn't really think ahead much and use a proper templating or database query system, it's all just done ad-hoc.
Mark
that is why I use invision power board
[Edited by - evil_republican on November 12, 2005 5:10:52 PM]
[Edited by - evil_republican on November 12, 2005 5:10:52 PM]
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement
