about, aboutus, admin, administer, administor, administrater, administrator, anonymous, auther, author, blogger, contact, contactus, contributer, contributor, cpanel, delete, directer, director, editer, editor, email, emailus, guest, info, loggedin, loggedout, login, logout, moderater, moderator, mysql, nobody, operater, operator, oracle, owner, postmaster, president, registar, register, registrar, root, signout, test, user, vicepresident, webmaster

A few of them are misspelled, typos, common login names, names hackers usually try to use to break in, and other names that regular users probably shouldn’t use as they would pretend to be someone they are not. Of course you may want to add the ability to prevent any starting with or ending with admin or moderator.

This is a good list to start with, share any others if you like. I didn’t include any cusswords, but it’s a good idea to add those into another table and make sure people don’t use those for usernames or just for part of it. Also this list took into consideration that the shortest username would be 4 characters long and only allowed letters and numbers.

Author is myworkaddress@example.net

Author: 1

Posted title: Some Blog Post Title

Mission complete. Message 1 deleted.

Thus, if you are using your a email address you’d like to keep private and you are emailing wordpressposts@example.com, that email address has the possibility of showing up to people. Which is not good if you email from the same email address that checks the posts. And even worse if you email from a email address for a user in WordPress and has the rights to post contents because the email will get “publish” status rather than “pending” and will go live on the site. And if someone has the email address that is a user and has posting rights, they can easily send fake emails from that address, because all WordPress checks is the From or Reply-To line (whichever it finds first).

It’s easy to prevent it from showing email addresses by opening up wp-mail.php and looking for this line of code

echo '<p>' . sprintf(__('Author is %s'), $author) . '</p>';


And this line of code

echo "\n<p>" . sprintf(__('<strong>Author:</strong> %s'), esc_html($post_author)) . '</p>';


And then you could comment those lines out by putting // in front of both of them.

I understand WordPress outputs this information so you can see logged from any cron jobs you have setup or if you visit the page manually, as a way of just knowing whats going on. However, it could be done better to prevent the addresses from being shown to everyone. A simple solution is to setup a query string and have a secretkey (don’t make this your blog’s password however). For example, lets say your blog is installed at http://example.com/, we are going to know require the following URL to check Posts via e-mail http://example.com/wp-mail.php?secretkey=abc123. And if someone doesn’t send the right secretkey, it won’t check the email address or echo anything out.

So before this line of code

/** Make sure that the WordPress bootstrap has run before continuing. */


Let’s add

if ($_GET['secretkey'] != 'abc123')
exit();


Feel free to change the secretkey to whatever you wish. You can also change it to be called something other than secretkey. If you have a cron job, you’ll have to point to that new URL as well http://example.com/wp-mail.php?secretkey=abc123. If you use the secretkey method you can leave the lines where it echoes out the email address if you like (the 2 lines I showed you could comment out).

It’s configurable with a item_limit (number of posts to pull) and word_limit (how long the description is). However the description is just the title for the last post, so it will most often be “RE: original post title” unless the user changes it when posting. I could of done another query in a loop to the table phpbb_posts and pulled out the corresponding post_text, but didn’t want to have the overhead. Although you could easily modify that in and cache the file for say 5 or 15 minutes. Think of this as a head start to get the feeds from your forum for whatever you plan to do with them.

Create a php file at the root of your forums with this code.

<?php
//OPTIONS
$item_limit = 20;//total rss items to pull
$word_limit = 25;//word limit
//YOU SHOULDNT HAVE TO EDIT ANYTHING BELOW
require('config.php');
$db_connect = mysql_connect($dbhost, $dbuser, $dbpasswd) or die('Unable to connect to database.');
$db_select = mysql_select_db($dbname, $db_connect) or die('Could not set the database.');
header("content-type: text/xml");
//GET THE SITES DATA
$db_record_site_data = mysql_query('SELECT config_name, config_value FROM phpbb_config WHERE config_name = \'script_path\' OR config_name = \'server_name\' OR config_name = \'sitename\' OR config_name = \'site_desc\' ORDER BY config_name');
$counter = 0;
//will get the items in this order: script_path, server_name, site_desc, sitename
while ($row = mysql_fetch_array($db_record_site_data))
{
if ($counter == 0)
$script_path = $row['config_value'];
else if ($counter == 1)
$site_url = 'http://'.$row['config_value'];
else if ($counter == 2)
$site_description = $row['config_value'];
else if ($counter == 3)
$site_title = $row['config_value'];
$counter++;
}
//GET THE RECENT TOPICS, show only approved and non-reported topics
$db_record_topic_data = mysql_query('SELECT forum_id, topic_id, topic_last_post_time, topic_title, topic_last_post_subject, topic_last_poster_name, topic_first_post_id, topic_last_post_id FROM phpbb_topics WHERE topic_approved=1 AND topic_reported=0 ORDER BY topic_last_post_time DESC LIMIT ' . $item_limit);
echo '<' . '?xml version="1.0"?' . '>' . "\n";
echo '<rss version="2.0">' . "\n";
echo '<channel>' . "\n";
echo '<title>' . $site_title . '</title>' . "\n";
echo '<link>' . $site_url . $script_path . '</link>' . "\n";
echo '<description>' . $site_description . '</description>' . "\n";
while ($row = mysql_fetch_array($db_record_topic_data))
{
echo '<item>' . "\n";
echo '<title>' . htmlspecialchars(trim($row['topic_title']), ENT_QUOTES) . '</title>' . "\n";
echo '<description>';
//filter description
$post_text = htmlspecialchars(trim($row['topic_last_post_subject']), ENT_QUOTES);
//word limit
$post_text = str_replace(' ', ' ', $post_text);//get rid of multispaces
$post_word_array = explode(' ', $post_text);
$total_words = count($post_word_array);
$total_words = min($word_limit, $total_words);
for ($x = 0; $x < $total_words; $x++)
{
echo $post_word_array[$x] . ' ';
}
//ellipsis
if ($total_words > $word_limit)
echo '...';
echo '</description>' . "\n";
//echo '<description>' . substr(, 0, 128) . '</description>';//character limit
echo '<link>' . $site_url . $script_path . 'viewtopic.php?f=' . $row['forum_id'] . '&amp;t=' . $row['topic_id'] . '&amp;p=' . $row['topic_first_post_id'] . '#' . $row['topic_last_post_id'] . '</link>' . "\n";
echo '<pubdate>' . date('r', $row['topic_last_post_time']) . '</pubdate>' . "\n";//RFC822
echo '<author>' . htmlspecialchars(trim($row['topic_last_poster_name']), ENT_QUOTES) . '</author>';
echo '</item>' . "\n";
}
echo '</channel>' . "\n";
echo '</rss>' . "\n";
?>



<?php
//based on http://www.alistapart.com/articles/amoreuseful404
//just to break any email addresses or spam that might get spoofed in falsed headers, might just use a regex later
$disallowed_strings = array('@', '\t', '\r', '\n', '\v', '\f', '<', '>');
$clean_server_name = preg_replace('/[^a-zA-Z0-9\-\.]/', '', $_SERVER['SERVER_NAME']);
$clean_http_referer = str_ireplace($disallowed_strings, '', $_SERVER['HTTP_REFERER']);
$clean_request_uri = str_ireplace($disallowed_strings, '', $_SERVER['REQUEST_URI']);
$search_engine_domains = array('google.com', 'images.google.com', 'translate.google.com', 'yahoo.com', 'ask.com', 'live.com', 'aol.com', 'search.msn.com');//add more if you want
$search_message = '<p>You may want to try searching this site or using our <a href="' . get_bloginfo('url') . '/sitemap/">sitemap</a> to find what you were looking for.</p>';//if you have a sitemap
?>
<p>Sorry, but the page you were trying to get to <!--http:// ,--> does not exist.</p>
<?php
if ($_SERVER['HTTP_REFERER'] == '')
{
?>
<p>It looks like this was the result of either</p>
<ul>
<li>a mistyped address</li>
<li>or an out-of-date bookmark in your web browser.</li>
</ul>
<?php
echo $search_message;
}
else
{
//make it easier to search referer
$disallowed_url_strings = array('http://', 'https://', 'www.');//filter out https:// anyway
$referer = str_ireplace($disallowed_url_strings, '', $_SERVER['HTTP_REFERER']);
$referer_array = explode('/', $referer);
$referer = $referer_array[0];
$myblog_url = get_bloginfo('url');
$myblog_url = str_ireplace($disallowed_url_strings, '', $myblog_url);
$myblog_url_array = explode('/', $myblog_url);
$myblog_url = $myblog_url_array[0];
if ($referer == $myblog_url)
{
?>
<p>Apparently, we have a broken link on our page. An e-mail has just been sent to the person who can fix this and it should be corrected shortly. No further action is required on your part.</p>
<?php
$email_subject = 'Broken link on my site, ' . $clean_server_name;
$email_message = 'BROKEN LINK ON MY SITE' . "\r\n\r\n" . 'There appears to be a broken link on my page, ' . $clean_http_referer . " \r\n\r\n" . ' Someone was trying to get to ' . $clean_request_uri . ' from that page.';
$email_message .= "\r\n\r\n" . 'Why don\'t you take a look at it and see what\'s wrong?';
mail(get_bloginfo('admin_email'), $email_subject, $email_message, 'FROM: 404@example.com');
}
else
{
//see if it was a search engine
$domains_matched = 0;
$total_domains = count($search_engine_domains);
for ($x = 0; $x < $total_domains; $x++)
{
if ($referer == $search_engine_domains[$x])
$domains_matched++;
}
if ($domains_matched != 0)
{
?>
<p>It looks like the search engine has returned a link to an old page. These old links should eventually be removed from their indexes but since these are automatically generated there is no one to contact to try to correct the problem.</p>
<?php
echo $search_message;
}
else
{
?>
<p>Apparently, there is a broken link on the page you just came from. We have been notified and will attempt to contact the owner of that page and let them know about it.</p>
<?php
echo $search_message;
$email_subject = 'Broken link on somebody else\'s site.';
$email_message = 'BROKEN LINK ON SOMEBODY ELSE\'S SITE' . "\r\n\r\n" . 'There appears to be a broken link on the page, ' . $clean_http_referer . " \r\n\r\n" . ' Someone was trying to get to ' . $clean_request_uri . ' from that page.';
$email_message .= "\r\n\r\n" . 'Why don\'t you take a look at it and see if you can contact the page owner and let them know about it?';
mail(get_bloginfo('admin_email'), $email_subject, $email_message, 'FROM: 404@example.com');
}
}
}
?>


This hack would go in your sidebar.php

$comment_array = $wpdb->get_results("SELECT comment_date_gmt, comment_author, comment_ID, comment_post_ID FROM $wpdb->comments WHERE comment_approved = '1' ORDER BY comment_date_gmt DESC LIMIT 10");
$comment_total = count($comment_array);
echo '<ul>';
for ($x = 0; $x < $comment_total; $x++)
{
echo '<li>';
echo $comment_array[$x]->comment_author . ' on ';
echo '<a href="'. get_permalink($comment_array[$x]->comment_post_ID) . '#comment-' . $comment_array[$x]->comment_ID . '">';
echo get_the_title($comment_array[$x]->comment_post_ID);
echo '</a>';
echo '</li>';
}
echo '</ul>'


Here is a hack I put together that will output your tags as a unordered list (UL) with the total number of times the tag is used in parenthesis. You can place this code in sidebar.php

$tag_array = get_tags('orderby=count&order=DESC&number=15');
$tag_total = count($tag_array);
echo '<ul>';
for ($x = 0; $x < $tag_total; $x++)
{
echo '<li>';
echo '<a href="' . get_option('home') . '/tag/' . $tag_array[$x]->slug . '/" rel="tag">';
echo $tag_array[$x]->name;
echo '</a>';
echo ' (' . $tag_array[$x]->count . ') ';
echo '</li>';
}
echo '</ul>';


Awhile back the rights to PunBB were sold to a company.

Apart from sponsoring the project, they wanted to later down the line offer paid-for web services in relation to PunBB (for example commercial grade PunBB hosting). We decided we liked the idea and sold the rights to the project.

Then a recent switch to a new domain occurred.

Moving the PunBB website under the informer.com domain is a way for our benefactors to promote their other services to the PunBB community and to promote PunBB to users of their other services.

Today many of the active developers mentioned they were forking the project into what they call FluxBB.

Some of you may have been wondering about the future of PunBB and the current development team following Rickard’s announcement that he will not be actively involved with PunBB, at least for the time being. … Now that circumstances have changed with the inevitable shift of power within the project, we all feel that we need a degree of control over future development which is no longer possible. We all share a desire to develop software for the benefit of the community and ourselves, without commercial concerns influencing the final product. This is not a condemnation of PunBB’s current owners: we simply feel that this change is necessary so that we as developers can maintain full control over the development process.

It didn’t bother me they had sold the rights to PunBB as long as it remained GPL, but what this split means now, I’m not sure. How many people will now abandon PunBB for FluxBB? A lot depends on how active the FluxBB project becomes and if the new PunBB development takes off.


<?php
query_posts('showposts=10&orderby=modified&order=DESC');
if (have_posts())
{
echo '<h3>Last Modified Posts</h3>';
echo '<ul>' . "\n";
while (have_posts()) : the_post();
echo '<li>';
echo '<a href="' . get_permalink() . '">' . the_title('','', false) . '</a>';
echo '</li>' . "\n";
endwhile;
echo '</ul>';
}
?>


I covered how to put the main RSS feed on PunBB already.

Open up index.php and after this line

$forum_field = '<h3><a href="viewforum.php?id='.$cur_forum['fid'].'">'.pun_htmlspecialchars($cur_forum['forum_name']).'</a></h3>';


Add this

$forum_field .= '<div class="forum_rss"><a class="rss" href="extern.php?action=active&type=RSS&fid='.$cur_forum['fid'].'"><span>RSS</span></a></div>';/


Now open up viewforum.php and find this line

<h2><span><?php echo pun_htmlspecialchars($cur_forum['forum_name']) ?></span></h2>


and modify it to be

<h2><span><?php echo pun_htmlspecialchars($cur_forum['forum_name']) ?> <a class="rss" href="extern.php?action=active&type=RSS&fid=<?php echo $id /*MODIFIED - RSS*/ ?>"><span>RSS</span></a></span></h2>


And now for the CSS

.forum_rss {float:right;}
a.rss {background:url(../../img/feed.png) no-repeat left; width:16px; height:16px; padding-left:20px;}
a.rss span {display:none;}


Open up viewforum.php

Find this line

// If there are topics in this forum.
if ($db->num_rows($result))
{


And add this afterwards

$temp_counter = 0;


Then find this line

// Should we show the "New posts" and/or the multipage links?
if (!empty($subject_new_posts) || !empty($subject_multipage))
{
$subject .= '  '.(!empty($subject_new_posts) ? $subject_new_posts : '');
$subject .= !empty($subject_multipage) ? ' '.$subject_multipage : '';
}


And add this afterwards

$temp_counter++;


Then find this line

<tr<?php if ($item_status != '') echo ' class="'.trim($item_status).'"'; ?>>


And modify it to be this instead

<tr class="<?php
/*MODIFIED*/
if ($temp_counter % 2)
echo 'forum_rowodd';
else
echo 'forum_roweven';
//hoticon
$temp_status = trim($item_status);
if (($cur_topic['num_replies'] > 25) && ($temp_status == '' || $temp_status == 'inew'))
{
if ($temp_status == '')
echo ' ihot';
else
echo ' ihot_inew';
}
else if ($item_status != '')
echo ' '.trim($item_status);
/*MODIFIED END*/ ?>">


Now for CSS

/*style rows*/
tr.forum_rowodd {background-color:#eee;}
tr.forum_rowodd td.tc2, tr.forum_rowodd td.tc3 {background-color:#ddd;}
tr.forum_roweven {background-color:#ccc;}
tr.forum_roweven td.tc2, tr.forum_roweven td.tc3 {background-color:#bbb;}
/*style hot and hot new posts*/
tr.ihot div.icon {background-image:url(../../img/hot.png);}
tr.ihot_inew div.icon {background-image:url(../../img/hot_new.png);}
/*css we used for icons before*/
div.icon {
float:left;
display:block;
width:28px;
height:25px;
background-repeat:no-repeat;
background-position:center center;
border:0 !important;
}
/*if you aren't using any images you can use something like this
tr.ihot DIV.icon {BORDER-COLOR: #600 #700 #800 #900}
tr.ihot_inew DIV.inew {BORDER-COLOR: #006 #007 #008 #009}
*/


I updated code the code, since I didn’t like how it was before