phpBB idiots
photoSoc runs phpBB as the forum. I’m sort of the photoSoc webmaster now (at least the forum master ;), so I have to deal with it.
What’s phpBB known for? Well… being full of holes is my initial thought. However, after upgrading photoSoc from one version to the very latest I can conclusively say that about as much thought went into the initial design as goes into the average formula chick flick.
From what I have gathered recently phpBB does very little more than provide non-threaded topics within forums. Levels of access are provided and a “fancy” admin interface is available. There is a user registration stage and the code supports styles (although these are pretty poor, in my opinion). It does little else. All those security warnings are pretty impressive for something that does so little.
phpBB does not support plugins, but it does support MODs. Unfortunately for anybody maintaining a phpBB forum MODs are otherwise known as “patches that don’t even come as a diff”. What this means is that the average “MOD” comes with a little text file telling you which phpBB files to open and where and how to make changes.
Want to upgrade your lovely little phpBB install to the latest version? Well forget doing it quickly and easily as with almost all other software because you’ll be spending the next couple of hours either: upgrading your phpBB much the same way as applying a MOD; or overwriting all of the existing files in such a way that you’ll need to track down all of the MODs you previously had applied… to re-apply them again.
Now I’m not suggesting that everything can be achieved without making changes to a given system… but how is it that almost all of the other tools manage to provide flexible hooks into their code to make these changes easier? Drupal, for example, allows all sorts of crazy things to be applied in such a way that doesn’t require hand-editing files.
That’s my main rant but as I’m in the mood I’ll go a little further and comment on the phpBB idea of anti-spam: there isn’t one.
The photoSoc forum has recently been receiving plenty of spam account signups with links to porn, gambling and other sites. These are useful to owners because they fool Google (and other search engines) into believing that photoSoc members are genuinely interested in such things. A very quick and dirty solution would be to provide a rel=”nofollow” (or whatever it is) option in the forum admin… this way search engines don’t weight the link.
However, this isn’t an option and I haven’t yet found a MOD that does just this… they are all too broad and apply the change to all site links. Admittedly, such a change would be very easy to do, but it will create havoc for future admin. My solution was to switch on admin activation for accounts—it’s a bit of a pain but we’ve not had a single genuine user sign up in the last few months, compared to what must be close to 30 or 40 spambots. This method will allow the webmaster to vet accounts before they are displayed on the website. Unfortunately phpBB is braindead enough to allow accounts that have been registered, but not vetted by an admin, to be displayed on the website. I would argue that an account doesn’t exist until confirmed by an admin, but obviously the phpBB team think otherwise. Regardless of technicality, it doesn’t help at all with reducing spam.
Want to attach a file to your post? Well, you can’t, at least by default. You’ll need the attachment MOD. And yes, you’ll need to re-apply that with each security fix or upgrade (or at least apply updates by hand).
How about a nice RSS feed for the site? Sorry, no. phpBB doesn’t seem to have RSS support out of the box. There’s probably a nice MOD that will do it for you though…
Tags: computing
September 16th, 2007 at 2:46 pm
What about phpBB3?