Development Discussion Board

Hi there,
I thought to suggest an auto-update system which will auto update every time a new version is released.
The system will be one of the tasks in the schedule system.
To avoid a hostile mega-attack against every phpbb board that exists,every patch will be signed electronically(There are ...

only as reminder, that a genius solution already exists :roll:
http://area51.phpbb.com/phpBB/viewtopic.php?f=108&t=35703&start=320#p275451
Meaning, it was proven that no harm will be made if it will be the default.
Because most of the users support it, now we need to let it be part of the phpbb ...

Shall I bring the context?
Actually, is it relevant if it belongs to the notifications feature or the extensions feature?
Sure is relevant. One is part of the core (notifications) while the other one isn't (extensions) and even for the latter it was only a possible issue for a small fraction of ...

DavidIQ wrote:That has nothing to do with notifications...it's actually related to a possible security issue with extensions.

Shall I bring the context?
Actually, is it relevant if it belongs to the notifications feature or the extensions feature?

1)The notifications were proven as a great vulnerability for DDOS attacks. And yet, they were implemented.
Really? What vulnerability exactly?
Through specifically crafted requests with an XMLHttpRequest header it was possible to trigger an infinite loop in a phpBB routine which may end up ...

I try to understand, would anyone of you use Word, if you had to use coding to use it. I wouldn't.
Before I get all hormonal below, I'd like to point out that I don't have a problem with a WYSIWYG, Rich Text Editor, or whatever we are calling it this week - as long as there is an option to turn it ...

I believe that the security issues are solvable.

1.After people suffering from them, right?
2.Think what happened with OpenSSL when they found an error in how memory is handled. It was fixed but until it actually got fixed, lots of potential private data had been stolen.

If IPB and VB have ...

The most secured computer, is the one which is turned off.
You can uninstall phbb, and then you'll get no vulnerabilities.
Let's say it clearly, the teams are led by conservatism, and are used to BBcode, and this is the only reason why, W... was not introduced.

1.First, what is a "comet"?

Second, you'll need to provide better use cases if you want to call this an RFC; otherwise it's just discussion. Consider these cases and tell us what happens:


2. I'm looking at the list of topics in a forum. Just as I go to click the topmost topic, somebody posts to ...

I believe that the security issues are solvable.
If IPB and VB have added this feature, it is a standard, which phpbb doesn't follow.
1.They don't set any standards on the Internet. 2.Also they "solved" their security issues and other drawbacks by simply winging it.3. You failed to mention that ...