General => Gena01 Blog => Topic started by: Gena01 on October 17, 2007, 01:28:17 pm

Title: phpBB2 and Flyspray
Post by: Gena01 on October 17, 2007, 01:28:17 pm
These two packages are available in debian. They are also pre-packages in a rather nice way that they will configure and setup all the necessary mysql database(s), table(s) and user(s). I was feeling a lil lazy and curious to see what these are about so I went and took them for a spin. A side note is that I've been an SMF user for some time and I run SMF here. It was also something that was recommended by some friends of mine over other board software. I've also been using Mantis for a while at work and for Miranda, so my view is a bit biased. I'll try to be as objective as I can in this review.

Before I proceed I also wanted to note that SMF has a license ( that's not quite OSI compliant. Some people do not like or accept this license.

Anyway I took phpbb2 for a spin. I also started listening to their Official phpBB podcast ( Some people have also cautioned me about using phpbb2 since they had some security issues reported in the past. Hearing the podcast it seems like they are taking security rather seriously now and trying to make sure that this is something that stays in the past. After setting it up and going to the Administrator Control Panel it seemed a bit different from what I've seen before. After setting up a couple of boards and looking at the permissions and other things I can just say that the interface seems a bit restrictive and clumsy in places. It lacks quite a few things and adding 3rd party plugins doesn't seem straight forward. I have been hearing great things about phpBB3 which is supposed to be a great step up. I might take that for a spin and do a quick comparison to see how far forward phpBB3 is compared to phpBB2. I am a bit spoiled with the functionality of SMF and ease of updates, plugins and other things. I do hope that phpBB3 is a great contender. It does look like phpBB has a great community and support groups that are very active. It's also open source. There are also quite a lot of 3rd party addons and modifications. Things to keep in mind are that 3rd party plugins are something to be careful with. It seems that phpBB website got bitten by a security issue in some 3rd party plugin and was taken down until the problem was identified and addressed. I do have to applaud them for taking the site down and taking proper measures to address the problem. The issue was related to somebody posting an iframe to some website that would install spyware/trojans onto a users computer.

Flyspray is a bug tracking application that's open source and actively developed. It's also something that comes with debian. Setting it up was rather straight forward using debian tools and reading a quick documentation on getting started. Setup interface was rather nice in that it checked and verified the necessary things. Some things to take note of is a check for "magic_quotes_gpc" which they recommend being turned ON? After setting it up and looking through options some things didn't seem obvious to me. I guess I can't make bug reports private and only available to registered users like I can with Mantis. There was also some weird php error showing up which was covered by content on the main page. I am not sure if these things are the same since debian is a version or two behind the latest releases.

I do wish these two projects success and I am sure I'll be keeping an eye for nice improvements. Personally I know that making sure that you have a working, effective and secure web interface is quite a challenge. During recent years there's been quite a few talks on security on the web and it seems that there are a lot of web sites out there that are vulnerable to various attacks.