3
I Use This!
Inactive

News

Analyzed 1 day ago. based on code collected 2 months ago.
Posted almost 7 years ago by Dietrich
The UseBB Project releases UseBB 1.0.16, a maintenance release of the UseBB 1 light PHP 4 and MySQL based forum package.Changes since 1.0.15Only a small set of bug fixes and a small style change distinguishes this release from the previous. See the ... [More] Changelog for the detailed list.UpgradingUseBB 1.0.16 can be considered a stable version of UseBB 1. However, numerous forums are still using an older 1.0.x or beta 0.x version. Keeping into account all the issues and bugs fixed over time, we encourage all of these websites to upgrade to 1.0.16 as soon as possible.Any version less than 1.0.16 is now out of official support. Visit http://www.usebb.net/downloads/ for downloads. Information about upgrading is available in the docs/index.html document.UseBB Projecthttp://www.usebb.net [Less]
Posted about 7 years ago by Dietrich
Years after the initial plans for a grown up successor to UseBB 1, the largely inactive UseBB 2 project is now cancelled. Studies, professional work and other personal things have been and currently still are in the way of dedicating enough time to ... [More] its development. Also, I see less value in continuing the current v2 project since in the mean time many other (forum) systems have met or surpassed the concepts and features that were to make UseBB 2.In the future, chances exist I will start a new successor project ("UseBB 3" or using a different name), taking into account the expectations and methodologies for today's web applications and offering migration options for existing UseBB users. For this, a lot of brainstorming and planning has to take place first, which will not happen in the near future.What concerns UseBB 1, it can not meet all of today's requirements for modern forum software, especially in the field of extensibility and spam protection. Which is not a surprise, given the code base reaching the age of 9 years, and v1's development stopped quite some time ago in favour of v2. However, for the time being I will continue releasing small bug fix and security releases until people have had the opportunity to migrate to another package or an eventual successor. The support forum will also remain open as long as possible and required.I have to thank the people who supported v2's development in several ways, offered help and gave comments and helpful critiques. In case a new project will be started, this will be announced at UseBB.net and elsewhere.Dietrich MoermanUseBB founder and developer [Less]
Posted over 7 years ago by Dietrich
The UseBB Project releases UseBB 1.0.15, a maintenance release of the UseBB 1 light PHP 4 and MySQL based forum package.Changes since 1.0.14 - Fixed a few bugs in ACP and Your Panel - Fixed a bug with sorting search results - CSS changes to use CSS3 ... [More] based drop shadows and moreSee the Changelog for the complete list.UpgradingUseBB 1.0.15 can be considered a mature and stable version of UseBB 1, suitable for all websites. However, numerous forums are still using an older 1.0.x version, or even a beta 0.x one. Keeping into account all the issues and bugs fixed over time, we encourage all of these websites to upgrade to 1.0.15 as soon as possible.Any version less than 1.0.15 is now out of official support. Visit the downloads page for downloads. Information about upgrading is available in the docs/index.html document.Future plans and ongoing supportBecause of the limitations in the old UseBB 1 code base and its already reduced development activity, as of now only bug fix releases will be made. Future functionality improvements are very unlikely. But we do still provide support for UseBB 1. The current version was verified to work with PHP 4.4, 5.2, 5.3 and the latest 5.4. Should there be any problems, please contact us at the forums or GitHub.UseBB Project [Less]
Posted about 8 years ago by Dietrich
The UseBB Project releases UseBB 1.0.14, a general improvement and maintenance release for the UseBB 1 light PHP 4 and MySQL forum package.Changes since 1.0.13 - Added Google Analytics support - Added re-sync statistics ACP module - Added Stop Forum ... [More] Spam API request ACP module - Potential spammer restrictions can be applied to guests - Automatically close other sessions for same user - Subsets of breadcrumbs can now be used in templatesMore changes and bug fixes were made. See the Changelog for a complete list.UpgradingUseBB 1.0.14 can be considered a mature and stable version of UseBB 1, suitable for all websites. However, numerous forums are still using an older 1.0.x version, or even a beta 0.x one. Keeping into account all the issues and bugs fixed over time, we encourage all of these websites to upgrade to 1.0.14 as soon as possible.Any version less than 1.0.14 is now out of official support. Visit http://www.usebb.net/downloads/ for downloads. Information about upgrading is available in the docs/index.html document. UseBB Projecthttp://www.usebb.net [Less]
Posted over 8 years ago by Dietrich
A couple of days ago, the UseBB project started using GitHub for its development activities.In practice, the Subversion repository as well as the Trac instance at SourceForge.net have been replaced by a GitHub account and Git repository, including an ... [More] issue (ticket) tracker and wiki. The old SVN repo has become inactive and the Trac instance removed, so please update your bookmarks and/or tools to fetch the development source code. Downloads, UseBB 1 resource trackers and mailing lists remain at SF.net.All information can be found at https://github.com/usebb/UseBB (you can switch the branch in the menu - 'master' is UseBB 2 and 'v1.0' is 1.0.x), and additional Git or GitHub help can be found at http://help.github.com/.As always, your ideas and help are appreciated, so feel free to add issues, make comments or even fork the code to make your improvements (http://help.github.com/fork-a-repo/).ThanksThe UseBB ProjectPS: the master is branch is currently empty, but v2 source code will be added soon. [Less]
Posted over 8 years ago by Dietrich
The UseBB Project releases UseBB 1.0.13, a general improvement and maintenance release for the UseBB 1 light PHP 4 and MySQL forum package.Changes since 1.0.12 - Anti-spam measures, including: --> Potential spammer statuses --> Stop ... [More] Forum Spam API integration --> Mass cleaning up profile spam accounts in ACP - Persistent database connections - Email form or custom URL usage for "Contact admin" - Searching users by email address in ACPMore changes and bug fixes were made. See the Changelog for a complete list.Anti-spam measuresThe rise of spam attacks have made us adding more measures against forum spam. Most notably are the introduction of the potential spammer status and the integration of Stop Forum Spam for checking and submitting spammer data.For more information on anti-spam measures, please read the new document "Spam Protection" (docs/anti-spam.html). It contains some recommended settings for public forums.UpgradingUseBB 1.0.13 can be considered a mature and stable version of UseBB 1, suitable for all websites. However, numerous forums are still using an older 1.0.x version, or even a beta 0.x one. Keeping into account all the issues and bugs fixed over time, we encourage all of these websites to upgrade to 1.0.13 as soon as possible.Any version equal or less than 1.0.12 is now out of official support. Visit http://www.usebb.net/downloads/ for downloads. Information about upgrading is available in the docs/index.html document. UseBB Projecthttp://www.usebb.net [Less]
Posted over 8 years ago by Dietrich
The UseBB Project releases UseBB 1.0.12, a general improvement and maintenance release for the UseBB 1 light PHP 4 and MySQL forum package.Changes since 1.0.11 - Fixed two security issues - Enhanced security all over the system - New topic/post ... [More] reply links can now be shown to guests - Added members/staff/guests filter on online user list - New max topic age setting for active topics - Removed usage of deprecated PHP functionalityMuch more changes and bug fixes were made. See the Changelog for a complete list.Vulnerability "HTB22914: Local File Inclusion in UseBB"Recently, High-Tech Bridge SA discovered a possible issue in UseBB 1.0.11 and earlier. The issue exists in the fact that admin.php may possibly include PHP files not used for the UseBB admin control panel (ACP).The faulty code in question is only executed for logged in administrator accounts, and can only include non-relevant PHP files if a directory "sources/admin_" exists, which is not the case in UseBB 1. Therefore, the issue does not pose a direct threat to an existing UseBB set-up, but is classified a security issue anyway and has been fixed in UseBB 1.0.12.Vulnerability "HTB22913: Multiple CSRF (Cross-Site Request Forgery) in UseBB"High-Tech Bridge SA also discovered possibilities of executing CSRF attacks in UseBB 1.0.11 and earlier. This way, when a user is given a malicious URL or visits a web page containing such URL or JavaScript, requests may be executed that add, edit or delete data on the forum, including topics, posts, account information and settings in the ACP (if the user has logged in into the ACP).As a solution, UseBB 1.0.12 has implemented URL and form tokens for sensitive actions. Accessing or executing above URLs or scripts now doesn't have an effect on the data.(If you developed mods, please read UseBB1CSRF on wiki on how to apply this yourself.)More security enhancementsPasswords can now be composed of more characters, including symbols. The system itself will also generate these stronger passwords itself. A combination of at least letters and numbers is now required for new passwords.Non-fatal PHP notices are now hidden on production environments, but can still be logged if desired.It is no longer possible to use "debug mode" in level 2 on production environments. In other words, database errors will always have the usernames filtered, and the list of SQL queries is never shown.The Admin Control Panel has added a manual and automatic logout feature, and sessions are now immediately destroyed (regardless of cleanup) when the "max session lifetime" inactivity time was reached.Removal of deprecated PHP functionalityPHP 5.3 has made a number of PHP functionalities deprecated. This includes the magic_quotes_runtime behaviour which UseBB 1 has used since the beginning. As of UseBB 1.0.12, magic quotes are no longer used and more old code for PHP < 4.3 is removed.In order to run 1.0.12 it is now necessary to have PHP 4.3 or later, or PHP 5. (Please note PHP 4 is officially out of support by the PHP Group, and UseBB 2 will completely abandon PHP 4 support.)UpgradingUseBB 1.0.12 can be considered a mature and stable version of UseBB 1, suitable for all websites. However, numerous forums are still using an older 1.0.x version, or even a beta 0.x one. Keeping into account all the issues and bugs fixed over time, we encourage all of these websites to upgrade to 1.0.12 as soon as possible.Any version equal or less than 1.0.11 is now out of official support. See here for downloads. Information about upgrading is available in the docs/index.html document. UseBB Projecthttp://www.usebb.net [Less]
Posted over 9 years ago by Dietrich
The UseBB Project releases UseBB 1.0.11, a new bugfix and maintenance release for the UseBB 1 light PHP 4 and MySQL bulletin board system.Changes since 1.0.10 - Fixed security issue with forum/topic RSS feeds with "read" forum permission; - ... [More] increased possibilities when deleting users, i.e. removing all posts and banning email address/domain; - preview feature and bugs fixed for member pruning.Much more changes and bug fixes were made. See the Changelog for a complete list.RSS feeds security issueA security issue has been discovered in UseBB 1.0.10 with per forum and topic RSS feeds in combination with restricted forum access permissions, giving users access to post contents that should remain hidden. Anyone having a restricted "read" permission set but NOT an equal or more restricted "view" one is prone to this issue.A full disclosure and patch was released earlier at http://www.usebb.net/community/topic-2495.html. There is no need to apply the patch before upgrading to 1.0.11.Support for PHP 5.3Although UseBB 1 is written in PHP 4 and upto now still uses some PHP features that will be removed in future major releases (and thus are currently deprecated), UseBB 1.0.11 remains working and supported under the recent PHP 5.3. Code rewriting to avoid using deprecated functions will take place for future 1.0.x releases.UpgradingUpgrading to UseBB 1.0.11 is STRONGLY encouraged. Any version equal or less than 1.0.10 is now out of official support. Visit http://www.usebb.net/downloads/ for downloads. Information about upgrading is available in the docs/index.html document. Upgrading usually is as easy as overwriting a set of files.UseBB Projecthttp://www.usebb.net [Less]
Posted over 9 years ago by Dietrich
Very recently, a security issue has been discovered in UseBB 1.0.10 with per forum and topic RSS feeds in combination with restricted forum access permissions.UseBB 1.0.10 uses the "view" forum permission to enable or disable per forum and topic ... [More] feeds. This way, if a forum has e.g. "view" set to guests but "read" to members, a guest gets access to the contents of the first posts through the forum feed and all the posts of a topic through its topic feed. With expected behaviour, UseBB should instead use the "read" permission setting to show or hide first posts' contents in the forum feeds and the topic feeds in their entirety.Anyone having a restricted "read" permission set but NOT an equal or more restricted "view" one is prone to this issue and should either disable per forum/topic feeds, adjust the "view" permission to be equal to the "read" one or fix their UseBB setup.Fixing UseBB 1.0.10 is done through uploading (overwriting) a new rss.php or applying the patch. rss.php can be found in the top directory of your UseBB setup.* New rss.php: http://usebb.cvs.sourceforge.net/viewvc/usebb/UseBB/rss.php?revision=1.20* Patch file: http://usebb.cvs.sourceforge.net/viewvc/usebb/UseBB/rss.php?r1=1.18&r2=1.20&view=patchUseBB 1.0.11, including more changes and bug fixes to be released after testing, will have this issue fixed as well.For questions and support, please ask at http://www.usebb.net/community/.Apologies for any inconvenience and thank you for your understanding.UseBB Projecthttp://www.usebb.netPS: If you encounter PHP (5.3) errors concerning deprecated functions, this is a different (and harmless) issue that can be fixed easily too: http://www.usebb.net/community/topic-post9792.html#post9792. [Less]
Posted over 9 years ago by Dietrich
Due to scheduled maintenance on SourceForge.net's infrastructure, a temporary location to download UseBB 1.0.10 from has been made available.The scheduled maintenance will be active on 17 April and eventually 18 April 2010, both from 05:00 until ... [More] 13:00 UTC. During this time, SF.net and the usual download system may be unavailable. UseBB 1.0.10 will be available for download at www.usebb.net/downloads/files/. [Less]