Forum Fixing

VidE · Post by **VidE** » Sat Mar 29, 2008 7:08 pm

Mr. Lost Marble, Administrator (Mike?) person, who is minding the forum... Thank You BIG TIME for getting the forum back and happening! Not just the posting but the search functions.

Rasheed · Post by **Rasheed** » Sat Mar 29, 2008 7:12 pm

Now the server only has to be hardened against things like "SQL injection" (whatever that is). I think that is how the hackers got in the last two times.

heyvern · Post by **heyvern** » Sat Mar 29, 2008 11:52 pm

I find it unlikely that any type of publicly available forum software with wide use like phpBB is going to allow "SQL injection". Possibly this could be used to just view things but not to change the database.

If this were the case then maybe a new version phpBB is probably needed... still that seems unlikely since all forums are based on sending SQL commands.

-vern

Rhoel · Post by **Rhoel** » Sun Mar 30, 2008 5:22 am

heyvern wrote:I find it unlikely that any type of publicly available forum software with wide use like phpBB is going to allow "SQL injection". Possibly this could be used to just view things but not to change the database.

If this were the case then maybe a new version phpBB is probably needed... still that seems unlikely since all forums are based on sending SQL commands.

-vern

phpBB is now in version 3 - this board is on version 2.

3 was a top-down rebuild with specific focus on security. I have it running on another site and it does have some nice features: Some favorites are done. Not sure how Mike would do an upgrade - whether this is an auto process or not.

Rhoel