Phpbb 2.0.17

In case you all missed it, and I cannot blame you as this would be update three or four now in the last few months…

Phpbb 2.0.17 Bug fix (Minor Security Change)

The changelog (contained within this release) is as follows:

  • Added extra checks to the deletion code in privmsg.php - reported by party_fan
  • Fixed XSS issue in IE using the url BBCode
  • Fixed admin activation so that you must have administrator rights to activate accounts in this mode - reported by ieure
  • Fixed get_username returning wrong row for usernames beginning with numerics - reported by Ptirhiik
  • Pass username through phpbb_clean_username within validate_username function - AnthraX101
  • Fixed PHP error in message_die function
  • Fixed incorrect generation of {postrow.SEARCH_IMG} tag in viewtopic.php - reported by Double_J
  • Also fixed above issue in usercp_viewprofile.php
  • Fixed incorrect setting of user_level on pending members if a group is granted moderator rights - reported by halochat
  • Fixed ordering of forums on admin_ug_auth.php to be consistant with other pages
  • Correctly set username on posts when deleting a user from the admin panel

Wordpress Gallery2 Integration Community

They just need to get 3.0 released quickly. All these expoits are done through legecy code within 2.0 branch…and most all the exploits I’ve seen have been made possible by register_globals…

3.0 is a long way off. I think we won’t even see GM until the end of this year. 3.0 will have three release candidates but the new styling/style won’t be revealed until the last RC so it doesn’t do too much good because the GDK comes with the style,

Basically none of us are going to be able to upgrade until RC3 because of that which won’t be until sometime next year. :frowning:

On a side note, I’ve been playing around with local copies and the LDAP support is great, that’s what we are all going to be asking for on DreamHost in the future but I doubt it would be feasible on a shared sever.

I know. :frowning:

This is the longest software development I’ve ever seen on the forums. phpBB just needs to go commercial or something so they can have people actually working full time on them. vB is leaving them in the dust cause of the very fact they are commercial with full time employees. phpBB’s developer turn-over rating is too great…

I think the devs are just getting above their heads as far as support ability with the code complexity and they are burning out. :frowning:

I’ve had the recent (dis)pleasure of monkeying around with a vb for the first time and I gotta say it’s a filthy ugly monster :slight_smile:

If phpBB ever get’s that convoluted I’d be looking for a different board without a doubt.


You hadn’t seen the permission system for phpBB3.0. :wink:

does maturity absolutely have to equal bloat? feh.


The permissions system for 3.0 is probably the best I have seen from any forum software. There is only one thing that is missing from permissions which is a way to automatically assign different permission based on registration options or criteria such as a age and location.

The only way to do that as of now in 3.0 is to have users manually join groups.

Anyone seen or used PunBB?

Much lighter and sleeker than PHPBB but not nearly as full featured.

I fully agree. That’s something I brought up, which sprung like 4 page post, about a year ago.

But he mentioned convoluted and phpBB3.0’s permission system is most definatly convoluted. It’s powerful and extremely configuration, but it still is convoluted. :wink:

While phpBB is having its problems, the minute it went commercial and charged like vBulletin would be when it would lose most of its customers, myself included.

Not everyone can afford vBulletin, and not everyone wants to pay an overpriced fee for a badly designed program.

To be honest with you guys, I think the worst part of phpbb is the extremely poor attitudes they have on their forum.