Wild Ideas Weblog

Forums are down again. I put them back up yesterday after upgrading to the newest version of phpBB, which is supposed to contain all kinds of security upgrade. And just now, I checked my e-mail and discovered that someone was sending out spam under the guise of an admin message from the forums. I checked the headers to see if it had actually come from the board, and it looked like it did — and from under my username at that.

I checked the board itself, and someone had completely deleted the Calyx and Commons forums, lumped all the others into the Et Cetera category, and created four new forums of their own.

So, admin password is changed (again), and the board is disabled until I can do some more investigating.

I am also seriously considering just switching to a different forum program entirely… I am getting really sick of dealing with non-stop security headaches with phpBB.

I restored the forum database from one of the numerous backups my host keeps (another reason to love them — it turns out they keep multiple backups going back as far as 10 months, and you can actually restore them yourself from the web panel!), and all appears well now.

However, I’m keeping the forums disabled for the next few days just because I still need to install the phpBB security upgrade, and I know that’s going to take a little while, and I don’t want an instant replay in the meantime.

Hopefully I’ll have the forums upgraded and back up by Monday.

Some kind and thoughtful individual hacked the forums, so they are temporarily disabled while I see if my host has a recent backup of the database they run on, or if I have to go through it with fine-toothed comb and repair all the damage from scratch.

Note to self: Next time phpBB puts out a security upgrade, install the damn thing right away. Even though phpBB’s lack of a module/plug-in system like WordPress and, well, nearly everything else has means that every feature you want to add has to be done by modifying the actual code, thus making upgrades a tremendous pain in the ass.

Note to self the second: There is a command called “Backup Database” in the admin. Use it once in a while, damn it.

Note to self the third: Maybe I should find a different forum script, which has a better way of allowing modifications than requiring endless PHP code editing…. Oh well. Trying to convert the entire site over to Drupal anyway, so I guess that will take care of itself.

Well, it took a while (mainly due to a very busy work schedule), but the forums are fully working now. Or, to be more precise, I have a totally new, and this time working, set of forums.

The full geeky details, for those who want them:

(more…)

Well, apparently among the little glitches in the wake of the new design is one big glitch: people who try to register on the forums are being told they haven’t agreed to the terms of service, but they aren’t being given any opportunity to agree to them! So basically no one can register on the forums right now.

I’ve tried without success to sort this out, and now have a post in the Quicksilver support forums asking if anyone else there has run into this. Hopefully I’ll have it fixed soon — stay tuned. In the meantime, my apologies to anyone who’s tried to register and run into this.

The new design is up! And I’ve customized the design of this blog, the forums and the
FAQ to match (well, OK, the blog only sort of matches, but I like this theme a lot and it looks good with my title graphic, so what the hell…).

The web reviews are being really ornery — the script I’m using there works with something called “smarty templates” (I think they’re also used in Xoops), which choke and die if you attempt to embed any PHP in them. And yes, contrary to appearances — I know the pages all still say .html at the end outside of the areas like this one that use third-party scripts — the new design is heavily PHP based. I used an htaccess file to allow HTML files to interpret PHP so I wouldn’t have to break every incoming link into my site by changing the ending of the files to .php. So that part still looks really blah.

(more…)

The Wild Ideas Weblog, in which I (and potentially other contributors) will be posting news items, action alerts, interesting web sites, changes to Wild Ideas, and other relevant material. This replaces both the Action Alerts and What’s New? sections of the old design.

It’s powered by WordPress, an open source blogging program recommended by our web host, and so far I’m pretty fond of it. Hopefully this will also lead to the site being updated a little more often.

The look is pretty plain right now, but I’ll gradually be customizing it to match the new site design.