phpBBModders.net

Well, I always knew there was a blog here, but I have never written anything for it... So I will just do that now. In this series (of wich I do not know how long it will last), I will try out a way of MODding that is entirely new to me. The "managed" way of MODding.

In my years of phpBB MODding, I have always looked at creating MODs as a process. This is correct, you may say. But how do you interpret "process"? In my first few years of MODding I interpreted it different from how I do now. Back then, I created MODs something like this:

1. I get an idea.
2. I start editting code to get to this idea.
3. Gather changes into a file.
4. Test it once.
5. Release to public.

This might make sense for small modifications, but it is said that it works a lot worse then the following structure:

1. I get an idea.
2. I write down the idea and the exact features that I want: what does this MOD do?
3. I look at points of improvement or conflict and write the points down in a logical order.
4. Start scripting according to that order.
5. Gather changes into a file and check if something doesn't add up.
6. Test the entire thing yourself.
7. Does it do what you wrote down in step 2? If not, go back.
   Send to a select group of people for more testing.

If thumbs up from small testing group, release to public for more testing.
Why is the second structure better then the first? Downside is that it has more steps and takes more time. But what this technique has over the other is some sort of quality insurance. It makes sure that you will release a product that matches your idea. Also, it adds an extra step of testing to eliminate bugs. This is said to work well for small modifications (Simple Points System) as well as large modifications (Advanced Dungeons & Rabbits). For larger modifications it is more of a requirement. ADR is one of my best examples for this. Up untill now I have tried to do it using the first method, and as some people might know, failed miseraly. This is the reason I am prepared to try this way of MODding, and will try to keep you up to date with all my latest opinions and obersvations.

In the next post, I will show you how I wrote my project plan.

And suddenly there was a blog...
Why a blog? Apparently some team members had to get some stuff off their mind. But whats it all about then? Already three blog posts have been published with some very interesting information.

It seems that wGEric was getting a lot of complaints about the long process of mod validation. As we can see here too It is a clear statement of what needs to be done before a mod is validated, and what you should do to make it happen fast.

Also battye has posted some interesting stuff about managing your forum on not only a technical level, as webmaster and administrator, but also on a user level to ensure your users of profits from your website in a great way.
All very nice and good information.

But what really stands out is the information provided by Kellanved.
It seems that certain rumors about security problems with phpBB3 are still wandering around. He is talking about an XSS problem with the private messaging system, SQL injection and administrator powers,
and is constantly referring too a certain th0r. Who is this guy?
As Kellanved tells us, google him and you will see. So I did.

http://th0r.info/

This is the website that Kellanved, apparently, was referring to.
It is a hacker website as it seems, and is full of info about insecure websites, and other minor failures of which hackers could profit. But as Kellanved explains. There is no such thing as an XSS problem. You cannot inject SQL into phpBB3 and you can certainly not give yourself administrator powers as a guest or registered user. Though these problem have been there. When?
Well Kellanved tells us: "Fixed a loooong time ago"

So his message really is, report anything you find, even if you are not sure.
But do not listen to these stories. Find error's yourself, and report them. If none, then phpBB is going the right way. But it seems that phpBB’s reputation regarding security has not yet recovered completely.

Cheers

Just a bit more than a week ago, patrick from phpBBHacks.com announced the "phpBBHacks.com phpBB 3 Hacks and Styles Idol" competition.

What's this all about?
It's a competition for MOD and style authors. The winner will be named "Hacks Idol" or "Styles Idol". There is a ton of stuff you can win. The worth for each of the winners sums up to over $900! You can get an ipod touch and a ton of books. The winners are elected via voting in the phpBBHacks.com.

How can i participate?
All you have to do is submit a new MOD or style to the phpBBHacks.com database (one that's never been in). You may have to specify which one you want to nominate in case not all are nominated. You have to read about how the voting works to understand that part. For this, go to the announcement.

Get a move on
The submission deadline is 12:00 pm on the 12th of july, so you better get going!

I personally will probably be submitting one or two of my own . But only the best .

Update
The deadline has been extended from the 4th to the 12th of july. So we get a little more time.

The phpBB development team is a mystery to many. First we had the mysterious join of APTX, who still has a total of 7 posts. At area51 he has a few more. He didn't commit very much to the SVN, actually hardly anything else than the base for the brand new bbcode parser! His name is "Marek", according to the SVN checkins.

Then there is another mysterious face, that was added not too long ago. You do not know anything about this person. He is not in the dev team officially, if you go to the code forge, however, you will see "Manuel Pichler". Who is this person? Further research shows, that he has a blog, and seems also Zend PHP5 certification. He is developer of a project called "phpUnderControl". Maybe this is related to the not-too-old "code sniffer"?

And now we have a new development team member: ToonArmy. This name however should ring a bell. ToonArmy has been very active at phpBB.com, with 1152 posts. The addition did happen pretty fast though. I congratulate him to this addition, and i'm curious to see some contribution!

Yay.

This blog post title could possibly raise three questions.

1. Who is "Teh Slave [Bot]"?
2. Why is "Teh Slave [Bot]" a nub?
3. Why is this in the phpBBModders.net footer?

After a total rework the beer blog is back again!