As a brief recap from the introduction post for this series… the goal for this series of posts will be to sit back and try to take an objective look at the feature comparison list posted at phpbb.com and determine the following:
- Do I have that feature already as a MOD?
- If so, does it meet or exceed what is provided by phpBB3?
- If not, do I have a compelling need for this feature, enough that I would either consider writing it as a MOD or upgrading?
I plan to go through the feature chart section by section, and at the end of each section I will assign a point value of +1, 0, or -1 based on where I think I am. By the end of the analysis I expect to have a much better idea of where I stand with my own code, or just how important the things are that I am missing.
As a disclaimer: this post is not intended to be a criticism of phpBB3 in any way. It is simply a way for me to formally review the features provided by the latest version as compared to what I am currently using, and help evaluate whether I should prioritize an upgrade or remain happy with what I have.
The first category is titled “General” and really holds no surprises.
|License Price:||Free||Free||Not offered for distribution|
|Release Date:||17 Feb, 2008||10 Jul, 2008||30 Mar, 2008|
Nothing much to talk about here so I’ll move on to the next category.
|UTF-8 Support:||No||Yes||No, but I don’t need it as my board is only English.|
|User Preferences:||Yes User PreferencesPage: Preferences, Avatar, and Signature||Yes User Preferences Complete Modularised Control Panel||I didn’t create a user control panel, but I have added many custom profile fields|
|Moderation:||Yes Moderation Simple Moderator Controls||Yes Moderation Complete Modularised Control Panel||No control panel, but I have added quite a few custom features that will be detailed later|
|Administration:||Yes Administration Frameset-style Control Panel||Yes Administration Complete Modularised Control Panel||Didn’t do much, as I’m okay with the way the panel works|
|Search Engine spider Handling:||No||Yes Search Engine spider Handling Editable Spider/Crawler/Bot List and Management||I have removed the “Who’s Online” list anyway for performance reasons, so this is a non-issue|
|Unread message tracking:||Yes Unread message tracking Session based read/unread tracking||Yes Unread message tracking Full Persistent read/unread tracking — Not limited by per-visit sessions||I have partially added this, based on a code snipped posted by Acyd Burn a while back. It does unread tracking while you’re online, but drops the information when you log out.|
|Private Message System:||Yes||Yes||I’ve removed this so it’s not an issue.|
|Statistics:||Yes||Yes||Yes, I have added extensive statistics to my board.|
I can understand why UTF-8 support is important for phpBB3 to have as they’re one of the widest used bulletin board packages on the planet. But since my board is specifically English I am not sure what else I might be missing by not having this.
Search Engine Spider Handling
I removed the queries that show who’s online for the index as well as for viewforum for performance reasons. In my opinion there is little or no value in knowing this information, and if someone really wants to see who is online they can click the “Who’s Online” page instead.
I have also had a “guest” profile that removes many of the links and other distractions for quite some time now. Google has done a good job with indexing the content of my board and ignoring the extra stuff like user profiles and the memberlist and so on. I’m quite happy with where I am from a search engine handling department.
Ah, read tracking… yes, that’s a nice feature. It’s my favorite feature, actually, and it was often requested in the early days of the board. For some reason, it’s not requested so much anymore and I’m not sure why. What I did do was fix one annoying issue based on a code segment Acyd Burn (the current developer team lead) posted a long time ago. It changes the behavior of the “Newest Post” link so that it works the way it should. Suppose there is a topic with 10 new posts since I last logged in. If I read those 10 posts, they’re marked. Then if a new post is made (number 11) while I am still logged in the “newest post” indicator is shown once again. Under a standard phpBB2 install if I clicked that icon I would be taking to the first new post since I logged in, not the first new post since I read the topic. Acyd’s code changes that behavior, and I like it. Full read tracking for my board will either have to wait until I upgrade, or until I decide how to write it for phpBB2.
After reviewing the Basic Features list I score this as a win (+1) for phpBB3 based on my lack of a full read tracking feature. I have quite a few additional features, but so does phpBB3, and the read tracking tips the scales.
|Permanent Bans:||Yes||Yes Permanent Bans Including reason shown to user and Moderator comment||See below for notes|
|Temporary Bans (Suspension):||No||Yes Temporary Bans (Suspension) Including Reason shown to user and Moderator comment||See below for notes|
|Permissions:||Yes||Yes Permissions Advanced and Customisable Permissions System||I’ve never needed anything more complicated than what phpBB2 offered|
|Paid Security Code Audit:||No||Yes||Erm, no. I have not paid anyone to audit my code.|
|Form Handling:||Yes Form Handling Session based forms||Yes Form Handling User based forms||Nothing to see here, move along|
|Type Aware Parameter Handling:||No||Yes||Partial, see below for notes|
|Type Aware Database Layer:||No||Yes||Partial, see below for notes|
|Password Hashing:||Yes Password Hashing Method: MD5||Yes Password Hashing Method: Multiple Runs, Salted, and/or MD5||I have not changed the password handling for phpBB2|
In six+ years of running this board the only bans I have ever put in place have been permanent bans for spammers and two specific users. The first user tried to register using an alias and stir up trouble during the initial stages of the Iraq situation. The second user registered with an alias (but forgot to change his IP address ) and started calling out the moderator team. In both cases the accounts were banned on a permanent basis. I have never needed temporary bans because of the type of person using this board. I can see the benefit (and have used this feature in my role as moderator at phpbb.com) but I can’t say that this would be a compelling reason for me to upgrade. Besides, if I needed it, this is a really simple MOD to write.
As I mentioned above, I have created my own version of this function and have been using it in all of my new code. As I edit existing files I am also retrofitting it back into the core phpBB2 code. So while I don’t have everything fixed yet, I am working my way through the code.
I am also very thorough at typing and any inputs used in sql queries. Again, I have written a function call to do this so that all of the work is centralized and therefore easy to manage. I call my function secure_input_string() and it takes a string and does all of the stuff to clear out nasty-bad-things from form variables or URL parameters.
So far I have covered three of the categories from the feature comparison list at phpbb.com. Next time I will cover Anti-Spam, Data Management, and Registration. At this point the primary gap is the Unread Message Tracking and phpBB3 is a clear winner in that area. For everything else I believe it’s a toss-up, or in some cases based on extra features I have added, a slight advantage to my current configuration. So after day one the scrore is 1 – 0 in favor of phpBB3.