Archive for the ‘PunBB’ Category

PunBB rolled out an update awhile back and so if you did any of my hacks you might have updated the files then re-added the hacks. However, the easiest way to deal with hacks and mods or any other code changes you do for PunBB is to look at the hdiff file (here is an example of a recent hdiff 1.2.15 to 1.2.16. This tells you all the changes made and to what files, so you can make the adjustments. If there are not too many its easier to just to copy the code changes and paste them into the files and then run the update file that comes with the Changed files only download option.

Another thing I usually like to do is put in my comments near my hacks something like this:

/*modification - mod_or_hack_name */


Then I can search for a specific hack I made or all modifications.

phpBB recently released 3.0, so you might be wondering about PunBB 1.3. It’s been in development for a long time, but from what I can tell it still won’t support polls, private messaging or subforums. I can understand them not adding private messaging, but subforums and polls would be nice in the core. But if you are feeling a little envious of phpBB 3.0 you might look at some screenshots of PunBB 1.3 that were posted about a year ago. The nice thing about not having many updates, is that you don’t have to reapply your hacks too often.

PunBB’s dev site shows the planned features for 1.3

• New markup and CSS.
• Unicode (UTF-8) support.
• Improved accessibility for both Public and Administration pages.
• Administration interface gets language file support.
• Search engine optimized “Fancy URLs” via mod rewrite.
• Proper extension support - Extend the functionality without touching a line of PunBB’s PHP code.
• New topic read marking system.
• Improved syndication - Feeds extended to include individual topics. Also feeds in the form of Atom and XML format.
• Support for Microformats - hCard and MicroID.
• Post moderation queue.
• Multiple moderator groups.
• Board search improved with MySQL Full-Text Search.
• Per-style templates - It will be possible to have one set of templates per style.

Logicfury - Lightweight CMS
Mega Pun - PunBB with lots of mods and plugins setup for you already
Link Directory - PunBB modified into a Link Directory
Easy BBCode - Add BBcode to your forums easily, the only mod the creator of PunBB has made (all the others are made by users or other developers) I recommend to modify it so that there are spaces around the smilies so they appear properly
BB Spam Fighter - nice mod, if you don’t feel like using the hacks I’ve shown on this site

Since the last time I’ve noticed a few little things spammers have been doing and some things I forgot to mention. So here is Part 3 on Spam Prevention for PunBB.

Prevent Guests from Seeing Profiles
Before the following line

// Load the profile.php/register.php language file


Add this

if ($pun_user['is_guest'])
message($lang_common['No permission']);


I’ve also gotten some people that register and put their spammy sites in their signature, but its easy to disable signatures. Just put multiple line comments around the following lines in viewtopic.php

// Do signature parsing/caching
if ($cur_post['signature'] != '' && $pun_user['show_sig'] != '0')
{
if (isset($signature_cache[$cur_post['poster_id']]))
$signature = $signature_cache[$cur_post['poster_id']];
else
{
$signature = parse_signature($cur_post['signature']);
$signature_cache[$cur_post['poster_id']] = $signature;
}
}


Now it should look like this. They can still enter links in their signature from their profile page but it won’t show up on any posts.

/*
// Do signature parsing/caching
if ($cur_post['signature'] != '' && $pun_user['show_sig'] != '0')
{
if (isset($signature_cache[$cur_post['poster_id']]))
$signature = $signature_cache[$cur_post['poster_id']];
else
{
$signature = parse_signature($cur_post['signature']);
$signature_cache[$cur_post['poster_id']] = $signature;
}
}
*/


There is another field in a person’s profile for them to put in a value for their web site, so you might prevent that from showing up as well. I just turn it off in Administration -> Options and under Display and User info in posts.

Show information about the poster under the username in topic view. The information affected is location, register date, post count and the contact links (e-mail and URL).

Want to use rel="nofollow" for links? Open up include\parser.php and modify the return line of the function handle_url_tag to look like this.

return '<a href="'.$full_url.'" rel="nofollow">'.$link.'</a>';//MODIFIED


I now prevent members from registering with URLs or @ in their member name. The only way PunBB could prevent this otherwise is to use the censor feature but that isn’t a good idea since the members that prove they are real will need to be allowed to post links later on.

Open lang\English\prof_reg.php and add the following near the top

'Username spam' => 'Usernames may not look like a URL or email address. Please choose another username.',/*MODIFIED*/


Now open up register.php and after the following lines

else if ((strpos($username, '[') !== false || strpos($username, ']') !== false) && strpos($username, '\'') !== false && strpos($username, '"') !== false)
message($lang_prof_reg['Username reserved chars']);


add

else if (strpos($username, 'http://') !== false || strpos($username, 'https://') !== false || strpos($username, 'www.') !== false || strpos($username, '.com') !== false || strpos($username, '@') !== false)/*MODIFIED*/
message($lang_prof_reg['Username spam']);


That should prevent anyone from registering a spammy username.

Since my last post I’ve now started filtering for “.com” in the message field on some forums I run (its an easy addition to the code I posted last time). However I’ve noticed that a few bots/people were typing these into the Name (if you have guests enabled) and Subject fields. Even though PunBB won’t render that as a link, it still could promote someone’s spammy site. So I wrote some more hacks to prevent this from happening.

This assumes you added some variables to lang/English/post.php but I’ll post the code again. Feel Free to skip this part if you already did it.

Open up \lang\English\post.php and after

'Edit redirect' => 'Post updated. Redirecting . . .'


Add a comma at the end of that line and then add

'New Member spam protection' => 'New Members can not post links, images or email addresses until they become more active.',
'Guest spam protection' => 'Guests can not post links, images or email addresses.'


Ok, now for the new stuff… We are going to filter out the subject for guests and members that have less than 6 posts

Now open up post.php (the one at the root of your forums) and after this line

else if ($pun_config['p_subject_all_caps'] == '0' && strtoupper($subject) == $subject && $pun_user['g_id'] > PUN_MOD)
$subject = ucwords(strtolower($subject));


add the following:

if (($pun_user['is_guest']) || ($pun_user['num_posts'] <= 5))
{
$temp_subject = strtolower($subject);//lowercase it so we can be case insensitive, stripos is php5 only
if ((strpos($temp_subject, 'http://') !== false) || (strpos($temp_subject, 'https://') !== false) || (strpos($temp_subject, 'www.') !== false) || (strpos($temp_subject, '@') !== false) || (strpos($temp_subject, '.com') !== false))
{
if ($pun_user['is_guest'])
$errors[] = $lang_post['Guest spam protection'];
else if ($pun_user['num_posts'] <= 5)
$errors[] = $lang_post['New Member spam protection'];
else
$errors[] = $lang_post['Post errors'];//this message already exists
}
}


Now we need to prevent guests from using a spam-ilicious name, so again in post.php look for:

if (preg_match('#\[b\]|\[/b\]|\[u\]|\[/u\]|\[i\]|\[/i\]|\[color|\[/color\]|\[quote\]|\[quote=|\[/quote\]|\[code\]|\[/code\]|\[img\]|\[/img\]|\[url|\[/url\]|\[email|\[/email\]#i', $username))
$errors[] = $lang_prof_reg['Username BBCode'];


Now after that add:

$temp_username = strtolower($username);//lowercase it so we can be case insensitive, stripos is php5 only
if ((strpos($temp_username, 'http://') !== false) || (strpos($temp_username, 'https://') !== false) || (strpos($temp_username, 'www.') !== false) || (strpos($temp_username, '@') !== false) || (strpos($temp_username, '.com') !== false))
$errors[] = $lang_post['Guest spam protection'];


Now we need to protect edit.php from spam-otrocious subjects by members with less than 6 posts (guests can’t edit pages so no need to worry about them). So look for:


else if ($pun_config['p_subject_all_caps'] == '0' && strtoupper($subject) == $subject && $pun_user['g_id'] > PUN_MOD)
$subject = ucwords(strtolower($subject));


And add this afterwards

if ($pun_user['num_posts'] < = 5)
{
$temp_subject = strtolower($subject);//lowercase it so we can be case insensitive, stripos is php5 only
if ((strpos($temp_subject, 'http://') !== false) || (strpos($temp_subject, 'https://') !== false) || (strpos($temp_subject, 'www.') !== false) || (strpos($temp_subject, '@') !== false) || (strpos($temp_subject, '.com') !== false))
{
if ($pun_user['num_posts'] <= 5)
$errors[] = $lang_post['New Member spam protection'];
else
$errors[] = $lang_post['Post errors'];//this message already exists
}
}


The war on spam continues. So far my hacks have been made it so I get no spam, even with allowing guests to post. I’ve noticed in my logs that they are trying though, some of my top ranked pages are register.php and post.php.

However if you are using any kind of these hacks, you will notice that you will get tons of registrations still. I recommend you set the option to require validation.

When enabled, users are e-mailed a random password when they register. They can then log in and change the password in their profile if they see fit. This feature also requires users to verify new e-mail addresses if they choose to change from the one they registered with. This is an effective way of avoiding registration abuse and making sure that all users have “correct” e-mail addresses in their profiles.

The best way to deal with too many registered users from bots is to use one of the following Captcha plugins/hacks for PunBB.

• Image Verification
• Captcha Box
• RegKey Plugin to work with 1.2.15
• Math Registration Check (code near bottom of page 1)

Lets face it PunBB’s default themes are very minimalistic, however the fact everything is done in CSS, makes it easy to restyle the whole forum (unlike having to edit 20+ templates for phpBB). But you can tweak the look and get away from the text heavy and boring look.

Personally I hate how the forums go 100%, so why not make them 800×600 friendly but still scale up for people with 1024×768. Here is some CSS that will do that for you. Keep in mind you mind need to put this in the final CSS file that gets loaded like Oxygen.css.

body {text-align:center}
#punwrap {width:auto !important; width:750px;/*ie6*/ margin:12px auto; text-align:left; max-width:960px;}


Want that RSS feed to show up in the address bar in Firefox/Opera/Safari/IE7? Use this code in the HEAD area of header.php and be sure to put in your domain name and path to your extern.php

<link rel="alternate" type="application/rss+xml" title="<?php echo pun_htmlspecialchars($pun_config['o_board_title']); ?>" href="http://EXAMPLE.COM/extern.php?action=active&type=RSS" />

You can pretty much make a nice little front page with different options from extern.php, it offers newest topics, recent posts, forums statistics, users online, top 10 posters and rss feeds. You can add these onto another part of your site or modify the main.tpl to add more custom stuff to your forums.

Want a Advertisement after the first post? After this bit of code:

<div class="clearer"></div>
<div class="postfootleft"><?php if ($cur_post['poster_id'] > 1) echo '<p>'.$is_online.'</p>'; ?></div>
<div class="postfootright"><?php echo (count($post_actions)) ? '<ul>'.implode($lang_topic['Link separator'].'', $post_actions).'</div>'."\n" : '<div>&nbsp;</div>'."\n" ?>


add


<?php
if ($post_count == 1)
{
echo 'ENTER YOUR AD CODE HERE';
}
?>

Be sure not to mess up that closing curly brace that should come after it, that closes the while loop above.

Now for some much needed icons, you can get graphics from anywhere, I like to use the ones by Mark James (lots of sites use these but they usually don’t give him a link back to his site like they are supposed to). Here is another site with tons of icon graphics. But here is the CSS, you’ll need for PunBB (Note: I put my images in the img folder):

.pun span.byuser {
background-position:0% 50%;
background-repeat:no-repeat;
background-image:url(../../img/byuser.gif);
padding:0 20px;
font-size:8pt;
height:16px;
}
div.icon {
background-image:url(../../img/folder.gif);
}
tr.inew div.icon {
background-image:url(../../img/new.gif);
}
tr.iclosed div.icon {
background-image:url(../../img/locked.gif);
}
tr.isticky div.icon {
background-image:url(../../img/sticky.gif);
}
#brdstats div.box {
background:url(../../img/stats.gif) no-repeat 15px 50%;
padding:0 0 0 30px;
}
div.icon {
float:left;
display:block;
width:28px;
height:25px;
background-repeat:no-repeat;
background-position:center center;
border:0 !important;
}


Some of the CSS tips I got from the phpBB skin for PunBB. Its also worth using SpinkBB to help figure out what colors might look good, then add your icons afterwards. I’ll add some more tips later on.

I fixed a bug that only showed the advertisement after the first post on page 1 only. Now it will work on all pages.