Development Discussion Board

[Lurttinen]

I'm looking for simplicity for the admin in this area. Currently the problem is you need to manually install language packs and styles. For styles there is more problems from the buttons. They are often not localized, or need to be hunt down from the internet. Both of these also needs to keep the directory tree correct for them to work.
This idea combines central database for phpBB stuff and forum fetching stuff from it. Forum takes care of FTP bits if needed.

Setting up a database in one of the phpbb.com domains which contains both styles and translations. (community managed database)
Encourage style authors to give .psd files from their buttons. (or some other convenient format) Either let translators work with them or somehow create automatic translation which is imposed on top of the image.

Styles page would have list of available languages (out of date in red) and checkboxes to check what languages the user wants to have.
Same idea for styles page. List of available styles and checbox for what you want.

What the system needs to do (+fetching system) is to keep track what styles are in use and what languages are in use.
For example, everytime user wants to have another style installed. phpBB would also fetch localized buttons for it for all the installed languages.
Or, whenever user wants another language. phpBB would need to fetch localized buttons for all the installed styles.

MODifications would probably need something, but them being plug and self destr... play! in nature it would probably be simple to have them available in all of the styles.
This same general idea could probably be used for MOD installation too.

One another idea.
Define a "repository" other than phpbb.com for styles and languages?
This is a risky idea as there is necessarily no one to validate the styles. (Malware, usability, etc)
It would create market for third party designers to offer phpBB styles.

[bantu]

I think this is definitely something that should be looked into.

An apt-like package management system where you can download and install stuff from the administration control panel etc. would be great.

[DavidIQ]

I believe with the creation of the new MODDB that is something that's in the project plan (to allow downloading of MODs and styles from phpBB installs).

[code reader]

two comments:
1) where is the repository of styles, plugins and translations?
it is natural for the people who posted here, as team members to assume that phpbb.com is the one and only repo.
i would like to promote a little wider idea:
just like in most linux distros, the user should be able to add alternative repositories where styles, plugins and translations can be searched and uploaded from.
i absolutely agree that the system should take care of the transport and installation of the new components, i just do not think it is right that therre should be one and only central repo at phpbb.com.
(however, it *does* make sense if the phpbb.com repo is hard coded and can't be removed by the user. any other central repo the user added they should be able to remove)

2) styles should not only list all the languages they currently support, but also the directions they support, or in other words: whether they support RTL or not.
currently, both subsilver and prosilver support LTR *and* RTL "out of the box".
it would be good if other styles will also support rtl in the original package, rather than force the RTL locales to "translate" styles, and this should be encouraged.

3) every style and plugin should carry both the core-version(s) it's compatible with, as well as its own version.
this way the system can check to see not only whether a new version of the core product is available, but also whether a new version of any of the currently installed plugins and styles is available.

4) some system of "signing" of styles, plugins, and maybe even translations would be good.

peace.

[DavidIQ]

two comments:
1) where is the repository of styles, plugins and translations?

As far as I'm concerned, it will be and will only be phpbb.com. We cannot allow code from elsewhere to be applied to phpBB installations. There is a rigorous MOD validation process in place on phpbb.com to ensure code validity and security. Having it hosted on other sites eliminates this protection.

This can, of course, change in the future to something where we have a centralized allowed sites list or something but, as far as I can tell, where this is implemented on other Open/Closed Source forum software they themselves host these additions. With the amount of Internet attacks on forums and sites these days, I don't really see how this can be different.

[bantu]

1) where is the repository of styles, plugins and translations?
it is natural for the people who posted here, as team members to assume that phpbb.com is the one and only repo.
i would like to promote a little wider idea:
just like in most linux distros, the user should be able to add alternative repositories where styles, plugins and translations can be searched and uploaded from.
i absolutely agree that the system should take care of the transport and installation of the new components, i just do not think it is right that therre should be one and only central repo at phpbb.com.

Yes, users should be able to add other repositories just like on Linux distributions.

It should for example be possible to use a snapshot of a translation directly from the translation's website (usually international support sites right now). It should also be possible to only use your own repository where you just put in stuff from upstream (automated updates?).

Downloaded packages have to be signed and signatures have to be validated.

[code reader]

This can, of course, change in the future to something where we have a centralized allowed sites list or something but, as far as I can tell, where this is implemented on other Open/Closed Source forum software they themselves host these additions. With the amount of Internet attacks on forums and sites these days, I don't really see how this can be different.

this is both not true and makes little sense.
most linux distros allow you to add sites where updates and new software is looked for. (e.g. "apt-get source").
firefox does not insist you upload plugins only from its site.
eclipse does not insist you install software only from its site.
i do not know who *does* insist on this.

and the mention of "internet attacks" is pure FUD.
adding a new repo to look for plugins will not enable this site to "attack" you. it will just tell your software to look for plugins and style in yet another place.
currently (and in the future), anyone can get a new style or MOD (hopefully in the future we'll put "MODs behind us and do plugins) from anywhere, and install them manually.
all i said is that as long as some good automation is built into the system, this automation should *optionally* (i.e., undr the control of the user) cover other sources for plugins and styles.

what you want is to punish anyone who wish to install a style or plugin that *you yourself* didn't approve, and force them to install the style or plugin manually.
this is typical attitude for proprietary product that feel the need to keep tight control over their users, but runs against what open source is all about: giving maximum control to the user.


peace.

[DavidIQ]

what you want is to punish anyone who wish to install a style or plugin that *you yourself* didn't approve, and force them to install the style or plugin manually.
this is typical attitude for proprietary product that feel the need to keep tight control over their users, but runs against what open source is all about: giving maximum control to the user.

Now you're just making things up as I was referring to having an automated way of installing things directly from phpbb.com's repository of MODs and Styles which is what you brought up. This doesn't mean you can't upload and install your own MODs through some included method (currently possible with AutoMOD anyways). You'd just have to download, upload, and run the installation process at your own risk.

Since you brought up FireFox then I'd like to point you in the direction of such a system in their add-ons. You search for and install an add-on through the Add-Ons menu...FROM THEIR SITE. You can, of course, still install add-ons from other sites but you won't be getting those through the interface within FireFox. If that's FUD then Mozilla sure bought into it...

[code reader]

i'm afraid you got confused.

You'd just have to download, upload, and run the installation process at your own risk.

first of all, the "at your own risk" is no different than uploading from phpbb.com. you might want to read phpbb own license some time.
second, how forcing the user to do all this manually, when it's perfectly possible (easy even) to allow automation isn't "punish"?
third, when i talked about FUD i was referring to your "internet attack" comment. where does mozilla hint that installing from elsewhere will open the doors to internet attacks?

and lastly, installing firefox extension from anywhere other than mozilla is as simple as clicking a link.
it is true that you have to *look* for the link yourself, but this is natural, because the product itself is a browser...
when the product is something like phpbb, i do not see how the "clicking a link" part can be implemented, unless you allow the user to add sources, a-la "apt-get source" (the command that adds/removes repos to be searched for the apt-get auto-installation utility in debian distros), which is what i advocate.
note that this is within the user's total control, so please do not spew claims of "internet attacks".
if anyone else suggests a different mechanism that will still keep it as simple as clicking a link, i have no emotional attachment to the solution i suggested.

peace.

[EDIT:
it seems i myself got a little confused.
in debian, apt-get source just installs the source of a package rather than (or maybe in addition to?) the binaries.
the way to control the packages sources is to manually edit /etc/sources.list , although many distros supply a nice user interface to do that, e.g. in ubuntu, the UI that hides apt-get (known as "Adept") can also add and remove entries from /etc/sources.list
[/EDIT]

[DavidIQ]

first of all, the "at your own risk" is no different than uploading from phpbb.com. you might want to read phpbb own license some time.

I'm pretty familiar with the license but have no idea what relevancy you think the license has with "at your own risk". The point was that MODs on phpbb.com have been validated. MODs outside of phpbb.com have not. So you're telling me they're the same thing and carry the same risk?

third, when i talked about FUD i was referring to your "internet attack" comment. where does mozilla hint that installing from elsewhere will open the doors to internet attacks?

They don't hint at internet attacks but they certainly give you ample warnings of security/stability problems before letting you install something not from their site which was what I was referring to:

To hopefully make what I was trying to say clearer, they give warnings when you don't install from their site and let you do it anyways...at your own risk of PC damage or security breach. So maybe "internet attack" was not the right phrase but I figured you'd know what I was talking about...

If we follow FF's example, we'd allow the searching of MODs and styles from phpbb.com and perform automatic download and installation all from an interface in the admin panel and still allow for installation of non-phpbb.com items by providing a spot for the user to maybe paste a link to the external MOD or Style instead. I don't see how that's "punishing" anyone.