open source forum vs. own code forum

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

User avatar
Supremacy
Forum Newbie
Posts: 11
Joined: Fri Mar 04, 2005 12:54 pm
Location: Denmark

Post by Supremacy »

technics wrote:thinking about it, security and stability is no issue. security is only to keep users out of moderators; and visitors out of users.
Security.. a programmars worst nightmare.
No matter what you do, how long you test and debug, there will ALLWAYS be security riscs.

If not in your code, then in the browser, the server, or the code translator.

But its clear, that you dont have very much experience on that point.

Just to make a bulletproof login system, takes HOURS of coding, to get everything counted for, and tested to be the right thing.

My best advice would to be using an existing forum, and then modify it to your needs.

Coding your own forum, is a great idea... yeah... to a small business site, or your own personal homepage.

To entirely recode a new high-end forum is INSANE...

Lets say to assamble a team of 10 to build that forum, it would still take MONTHS, and would be seriously buggy.

Just my opinion. :D
User avatar
PrObLeM
Forum Contributor
Posts: 418
Joined: Sun Mar 07, 2004 2:30 pm
Location: Mesa, AZ
Contact:

Post by PrObLeM »

scrotaye wrote: I can put it inside of a page (along with menus so users can still navigate the site). You can't do that with a preexisting forum such as PHPBB.
I disagree if you know what you are doing you can most defiantly edit your phpbb to fit/work within your website with little to no problems.

But the issuess you would have to face when developing are almost not even worth the time, well unless you want to do that.

sidenote: i love phpbb
technics
Forum Newbie
Posts: 16
Joined: Sun Feb 13, 2005 6:50 pm

Post by technics »

hey guys i thank you for your reponses ... it is really helping.

You guys are absolutely correct - i am not an experienced web coder - have a background in application development (c++) ... where these things were not much of an issue.

Now let me confirm a few things...

some pitfalls of coding your own BB is:
-stability
-performance
-and security.

I have no issues with the first two .. they depend on my coding style and server performance.

Security is now starting to scare me a little bit.

Is SQL injection the only security risk? What else is there?

Thanks a lot...
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

SQL injection is kinda an umbrella of other vulnerabilities, I often feel. Sure there's SQL injection itself, which can be a major problem, no doubt. There's HTML injection, which can lead to cookie theft, which in turn can lead to account hijacking (if not on your site, on another site). Depending on the features you provide, there could be virus/hijack launching capability through an email form or file/avatar uploads.. Suffice it to say, there's a lot to consider and protect against. Now, you may just want to protect against the casual attack, or you may want to go up against the more versed attackers.. Generally, covering the casual attacker is often fairly good on the whole. But you must protect against injections most of all.
ast3r3x
Forum Commoner
Posts: 95
Joined: Thu Aug 19, 2004 8:36 pm

Post by ast3r3x »

I built my own, and it wasn't that hard but security concerns are a serious problem. I am actually most concerned about giving out and accepting cookies, because I can't control what goes on once data leaves your server.

I am actually going to build my own again because my first one was so smurfy. I hadn't really learned CSS well yet, so most of the code I was outputting with php had the CSS embedded in it.

Doing your own is great because of the control you have. You can make it as design independent as you want, so a page can easily be changed by changing the CSS.

This has actually got me started on my new forum tonight. What I am planning on is using flash for the posting page so that you don't have to do BBCode to get a bold effect, you'll just actually be able to see bolded code. If I can pull that off, it'll be great.


feyd | watch the swearing ;)
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

you can also look into things like htmlarea, or other things that you'll find if you search the board for it.. ;)
ast3r3x
Forum Commoner
Posts: 95
Joined: Thu Aug 19, 2004 8:36 pm

Post by ast3r3x »

I can guarantee everyone I didn't use the word smurfy and make it blue ;)

feyd: Thanks for fixing that, sorry about the wording.
feyd wrote:you can also look into things like htmlarea, or other things that you'll find if you search the board for it.. ;)
That is awesome! I'm a little mad though, because it doesn't seem to work with Safari. I know most users will be using IE or FireFox, but since I use Safari, I feel the pain. That did lead me to some thread about the same thing though.
technics
Forum Newbie
Posts: 16
Joined: Sun Feb 13, 2005 6:50 pm

Post by technics »

Okay guys have said it before you all have enlightened me a great deal - what a naive internet programmer i am!

So if you can be so kind to quickly give me a run-down of what i should be watchful for when making this forum?
ast3r3x
Forum Commoner
Posts: 95
Joined: Thu Aug 19, 2004 8:36 pm

Post by ast3r3x »

technics wrote:Okay guys have said it before you all have enlightened me a great deal - what a naive internet programmer i am!

So if you can be so kind to quickly give me a run-down of what i should be watchful for when making this forum?
1) Don't make it suck

Is there anything else?
User avatar
Buddha443556
Forum Regular
Posts: 873
Joined: Fri Mar 19, 2004 1:51 pm

Post by Buddha443556 »

technics wrote:So if you can be so kind to quickly give me a run-down of what i should be watchful for when making this forum?
Design first, Code second.
User avatar
Supremacy
Forum Newbie
Posts: 11
Joined: Fri Mar 04, 2005 12:54 pm
Location: Denmark

Post by Supremacy »

Think of the user, and not you coding the forum. :D

remember to double check everything, and make it user friendly, and neat to use. :D
User avatar
Weirdan
Moderator
Posts: 5978
Joined: Mon Nov 03, 2003 6:13 pm
Location: Odessa, Ukraine

Post by Weirdan »

Supremacy wrote: remember to double check everything...
And check it once again... just to be sure. Then check again :D
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

As I used to say when I did carpentry work: measure, measure, measure some more.. think about it for a while.. measure again, then cut. :)
User avatar
Ambush Commander
DevNet Master
Posts: 3698
Joined: Mon Oct 25, 2004 9:29 pm
Location: New Jersey, US

Post by Ambush Commander »

When making a big project like a forum, make sure you code neat. I have this problem: I want to code neat, but it's much easier to be sloppy. Ugh. It really gets you later.

Next, you should get a notebook and start sketching out how your logic is going to work. Using paper and pencil. Helps a lot, at least for me.
User avatar
infolock
DevNet Resident
Posts: 1708
Joined: Wed Sep 25, 2002 7:47 pm

Post by infolock »

not to mention you should probably cancel any and all pre-existing dates you have scheduled for the next year or so =) good luck man and let us know how it turns out
Post Reply