Search found 370 matches

by JoshyPHP
Thu Aug 15, 2019 8:08 pm
Forum: [3.x] Discussion
Topic: Use modern PHP syntax and features in all new code
Replies: 2
Views: 3591

Re: Use modern PHP syntax and features in all new code

phpBB already uses autoloading, just not for everything. There's a couple dozen of old files that need to be loaded manually, most of them are in common.php anyway.
by JoshyPHP
Sun Jun 16, 2019 3:38 am
Forum: [3.x] Discussion
Topic: Use modern PHP syntax and features in all new code
Replies: 2
Views: 3591

Use modern PHP syntax and features in all new code

Now that phpBB requires a contemporary version of PHP, I suggest that the coding guidelines be updated to take advantage of it. For instance, if that's not already the case, all new code should use the short array syntax. All new code should use scalar typing where available and return typing too. P...
by JoshyPHP
Mon May 27, 2019 12:58 am
Forum: [3.x] Discussion
Topic: [Solved]Install the dependencies (4.0.0-a1-dev)
Replies: 8
Views: 5708

Re: Install the dependencies (4.0.0-a1-dev)

You're probably not using PHP 7, somehow. Try php -v.

Although it's weird Composer didn't warn about it. Might be a weird edge case.
by JoshyPHP
Mon Nov 05, 2018 3:29 pm
Forum: [3.x] Discussion
Topic: Future support for Sphinx Search
Replies: 6
Views: 6472

Re: Future support for Sphinx Search

SphinxQL has been around since 0.9.9-rc2 so it should cover any version of Sphinx released this decade.
by JoshyPHP
Sat Oct 13, 2018 8:20 pm
Forum: [3.x] Discussion
Topic: PhpBB server load management
Replies: 6
Views: 7195

Re: PhpBB server load management

A quick test on my local 3.2.x install shows that it takes between 200-300 files and 1-6 queries to get past session_begin() , the smaller number being for a hot cache. I don't think the exact number of queries really matters, it's more about having to create a connection. It takes about ~60ms to ge...
by JoshyPHP
Sat Oct 13, 2018 12:16 pm
Forum: [3.x] Discussion
Topic: PhpBB server load management
Replies: 6
Views: 7195

Re: PhpBB server load management

If you push load management to the application, by the time it starts checking whether the request should be served, a hundred different PHP files have already been loaded, a connection to the database has been established, a dozen different tables have already been queried and ~40% of the work requ...
by JoshyPHP
Fri Sep 28, 2018 9:52 am
Forum: [3.x] Tickets Discussion
Topic: Support for Emojis
Replies: 66
Views: 98002

Re: Support for Emojis

For future reference, starting with 1.3 the Emoji plugin provides an easier way to use Twemoji assets from their CDN using the @tseq attributes. phpBB currently ships with the 0.13.1 version and there's been a few backward-incompatible changes between 0.x and 1.x but only one of them directly affect...
by JoshyPHP
Sat Aug 18, 2018 9:51 pm
Forum: [3.x] Discussion
Topic: .svg as user uploaded attachments or [img] links
Replies: 10
Views: 12365

Re: .svg as user uploaded attachments or [img] links

If you let someone upload a SVG, it becomes possible for someone to link to it and then it becomes possible to execute scripts. Same as letting users upload a HTML file.
by JoshyPHP
Sat Aug 18, 2018 4:15 pm
Forum: [3.x] Discussion
Topic: .svg as user uploaded attachments or [img] links
Replies: 10
Views: 12365

Re: .svg as user uploaded attachments or [img] links

I am not an expert on .svg format, but some quick searching has taught me that .svg files may contain scripts and are thus a potential security hole. Scripts are not executed by the browser if the resource is fetched as an image. In order to execute scripts you need to link to the SVG image and for...
by JoshyPHP
Sat May 12, 2018 9:28 pm
Forum: [3.x] Discussion
Topic: usage of Eval
Replies: 2
Views: 3221

Re: usage of Eval

eval usage should be avoided, no ? In practice it goes like this: A: eval() should be avoided() B: Why? A: Because it's bad. B: Why? A: It's not safe. B: Why? A: It can be used to <whatever> B: How? A: I don't know. If you're interested, here's what you should do: find out how eval() is being used,...