PunBB+ is a slightly modified and improved version of the PunBB 1.2 branch of forum software. Since 99% of the mods here on PunRes are for the 1.2 branch, and seeing that the PunBB 1.2 branch is not being maintained by the new owners of PunBB, I saw it fit to release an unofficial update of the PunBB 1.2 branch here on PunRes. It includes a few features I considered were lacking in previous versions, and also various fixes and improvements. A repository has also been set up at GitHub to document the changes made in this update. You can find it here: https://github.com/punres/punbb-1.2
Download the latest version of PunBB+ (1.2.50)
v 1.2.50 Rev 1
Télécharger la dernière version de PunBB+ (1.2.50 fr) entièrement en français
• Is a fast and lightweight PHP-powered discussion board.
• Released under the GNU General Public License.
• Supports MySQL, PostgreSQL and SQLite databases.
• Faster, smaller and less graphically intensive as compared to other discussion boards.
• Has fewer features than many other discussion boards, but is generally faster and outputs smaller, semantically correct XHTML-compliant pages.
• Very secure and has been tested for years.
• Has a simple layout and design.
• Easy to administrate and moderate.
• Has source code you can read and understand.
• Easy to modify.
• A large number modifications, styles and plugins are available.
Installation and upgrade instructions
Installation and upgrade instructions can be found in the included documentation (or at the PunRes wiki). I have also generated a couple of patch and hdiff files to assist those upgrading from older versions. These can be found in the Download archive.
Who uses PunBB 1.2?
See PunBBig for a list of some of the largest boards on the internet using PunBB 1.2.
For spam protection, I highly recommend the Honeypot StopForumSpam Mod. It is basically invisible to normal users, and will eliminate almost all spam registrations.
Changelog (1.2.23 to 1.2.50):
• Added database based "unread topic tracking" feature. These are the same changes as made by the Mark topics as read mod, but with some improvements and bug fixes.
• Increased visit timeout to 60 minutes to accommodate "unread topic tracking" feature.
• Admin now can set board default timezone that is used for guests. When users register, this will also be the default timezone selection. There is also no need anymore to set server timezone (it is detected automatically).
• Improved performance for large topics. [info]
• Fixed a password recovery vulnerability. [info] / [info]
• Now user post counts get decremented when deleting posts/topics. The post count therefore now reflects the user's true number of posts in the forum. This also prevents spammers from artificially increasing their post counts (by continuously posting and deleting their post).
• Check whether magic_quotes_runtime is active before attempting to turn magic_quotes off in extern.php, install.php and the database update script.
• Send the Content-type header in case the web server is setup to send something else. [info]
• Remove height and width attributes of smilies in case you add smilies that are larger or smaller than 15x15px.
• Added additional checks for the existence of PHP Accelerator/Optimizers in admin_index.php. [info]
• Fixed issue that caused authentication cookie being set incorrectly in some cases. [info]
• Modified install.php to use "ENGINE" instead of deprecated "TYPE" when creating database tables in MySQL. [info]
• Removed copyright notice on admin_index.php and footer.php.
• Fixed issue in installer where install button got disabled in Firefox when going back after the display of an error message. [info]
• Made some text changes to admin_maintenance.php and install.php. [info]
• Installer now automatically creates the config.php configuration file.
• Mask characters entered in the password fields in install.php.
• In install.php, added some random bytes at the end of the cookie name to prevent collisions.
• Fixed possible exploit in install.php with unknown DB type.
• When running the installer, enable/disable avatars depending on file_uploads setting in PHP configuration.
• Replaced some text in moderate.php, register.php and search.php with their appropriate lang file entries.
• Use explicit typecast in PostgreSQL adapter. If query resources are not explicitly cast to integers, it can fill up the error log.
• When you are posting to a topic to which you are subscribed, a checked checkbox labeled "Stay subscribed to this topic" is now shown. Previously a checkbox labeled "Subscribe to this topic" was shown, and was not checked, regardless of whether you were subscribed to the topic or not.
• Added banned email check for guest posting. This is to prevent a banned user from postings as a guest using the same email address used in his/her banned account. Also prevent banned guest users (a guest with a banned email address) from receiving form emails. [info]
• Fixed undefined variable for guest posting when email address is not required. [info]
• Added forum_is_writable() function to check whether a file/folder is truly writable. Previously the function is_writable() was used. The problem with the function is_writable() is that it ignores ACLs on Windows NTFS Server, and can return true when the file/folder is actually not writable. [info]
• Cleaned up some code (removed extra tabs, converted some spaces into tabs etc.).
• Use a better method of guessing base_url in install.php.
• Improved database update script. It can now handle add_field, remove_field etc. database update operations in SQLite and PostgeSQL.
• Also strip slashes from REQUEST if magic_quotes_gpc is enabled.
• Fixed a small bug with quiet visits causing an error. [info]
• Automatically delete old zapped reports (which cannot be viewed anyway). [info]
• Added the ability to use style specific templates (tpl files). These are more or less the same changes as made by the Style Installer mod or the Dynamic Template mod. PunRes was originally designed to give you the option to include style specific templates when uploading a style, but previously one had to modify some forum files before one could make use of these templates.
• Use intval() instead of is_numeric() to fix the XSS vulnerability involving the page number variable. This vulnerability was originally fixed in 1.2.20 by using is_numeric(), but using intval() is a better method.
• Escape the email address in post.php and register.php. [info]
• Fixed an inadequate type check on uploaded avatars. [info]
• Added missing break statement to admin_maintenance.php.
• Fixed a bug with admin_maintenance.php that potentially led to reindexing not being done properly.
• Changed sha1 calls to pun_hash calls.
• Added missing > to edit.php.
• When showing search results as topics, order search results by "last post date" instead of "topic creation date". [info]
• Fixed XSS vulnerability in profile.php (only exploitable by admins). [info]
• In search.php, prefix sticky topic with "Sticky: " when displaying search results.
• Fixed minor logic error in userlist.php. [info]
• Allow search where author username in 2 characters or more. In PunBB the minimum length username is 2 characters, so one should therefore be able to search for users with a 2 character username. Previously the minimum length of author username one could search for was 3 characters.
• Fixed the version comparison function. [info]
• Fixed some links in the documentation.
• Now checks at PunRes instead of PunBB for new version when clicking the link "Check for upgrade" at admin_index.php.
• Improved registration page (register.php). Registration errors are now displayed inline. Previously, in some browsers like Firefox, one had to restart the whole form when registration errors were generated.
• Fixed typo in install.php. [info]
• Fixed typo in admin_options.php.
• Fixed typo in admin_bans.php.
• Do case insensitive alphabetical sort when displaying languages and styles in the user's profile and in admin/options (use natcasesort instead of natsort). Previously styles and languages would have been displayed a-z and then A-Z.
• Sort plugins displayed in the admin interface case insensitive alphabetically. Previously they were sorted by date created.
• Removed "&action=foo" part from the admin section in profile. This part was not required and I've seen it cause some errors in some configurations.
• Redirect to "edit ban" page when banning an already banned user. [info]