This will be the first of a series of development update posts regarding MyBB 2.0. Currently in pre-alpha, MyBB 2.0 is the long awaited upcoming major version of the open source MyBB forum software. We’ll be posting regular updates (we promise!) in regards to the development to keep you all updated. Continue reading
With the MyBB 1.4 release pending ever closer, we are stepping up to get your plugins ready for 1.4. There are two main things you should do:
- Update your plugins to work with MyBB 1.4 ahead of time.
MyBB 1.4 Beta has been available to download to those who request it. Requesting it is easy. Just click here, find “MyBB 1.4 Beta Testers” and click “Join Group”. For the reason, we suggest you put “Upgrade Plugins to 1.4”, which will let us know you want to upgrade your plugins to 1.4. Theme authors may also do the same thing. It’s very important to us to make sure we give the time and resources necessary, in order to make your transition to 1.4 as smooth as possible.
- Can’t upgrade your plugins in time for 1.4’s release? Here’s what we recommend:
GUID’s (Globally Unique Identifiers) are used in MyBB 1.4’s plugin system to allow users to check their plugins for updates. If you were to add your plugin’s assigned guid to your plugin, prior to the release of 1.4, the users who update to it and who download it from there on out, will be able to use the version checking functionality. There is no harm in adding a guid to any 1.2 designed plugin. Versions below MyBB 1.4 will just ignore it. We also recommend adding ‘compatibility clauses’. More information on adding GUID’s and compatibility clauses to your plugin can be found below.
What is a GUID?
Your GUID is a unique identifier that has been generated for your plugin. By including this GUID in your plugin file (see below), users of MyBB 1.4 will be able to check for new versions of your plugin on the MyBB Mods server, with a click from their Admin CP. To allow users to take full advantage of this functionality, please follow the instructions below to add your GUID to your plugin file.
What is a ‘compatibility clause’?
Your ‘compatibility’ clause is a way to tell MyBB which versions of MyBB your plugin will work on. This adds the ability to stop users from installing or running plugins that won’t work with their version of MyBB. To allow users to take full advantage of this functionality, please follow the instructions below to add your ‘compatibility clause’ to your plugin file.
Implementing your GUID & Compatibility Clause
To implement your GUID & ‘compatibility clause’ into your plugin, you need simply add it to the info function of your plugin before uploading it below.
'test', 'description' => 'test', 'website' => 'http://mods.mybboard.net/', 'version' => '1234', 'author' => '', 'authorsite' => 'http://your-site.com/', 'guid' => '1234567890abcdefghijklmopqrstuvwxyz', 'compatibility' => '14*', ); } ?>
More information on changes in 1.4 that will require changes in your plugins can be found here: http://blog.mybboard.net/2008/07/11/plugin-upgrade-guide-for-plugin-authors/
As we approach the release of MyBB 1.4 and the code is finalized I thought it would be a good idea to take some time and write an in-depth guide on how to upgrade your plugins for MyBB 1.4.
First are the required code changes in MyBB 1.4:
- TABLE_PREFIX is not used anymore except in $db->query().
- In MyBB 1.2 it would look like this: $db->simple_select(TABLE_PRFEFIX.”users”, “*”, “uid=’1′”);
- In MyBB 1.4 it now looks like this: $db->simple_select(“users”, “*”, “uid=’1′”);
- All “yes”/”no” columns have been converted to 1/0 for speed improvements. All plugins will need to change this.
- The function is_moderator() now returns true/false in MyBB 1.4 versus the old “yes”/”no” in MyBB 1.2.
- sprintf() is no longer used in MyBB. If you use sprintf() now use $lang->sprintf() instead.
- Links to forums/threads/posts now use functions to generate them because of the SEO in MyBB 1.4:
- get_thread_link(arg1 thread id, [arg2 page,] [arg3 action])
- get_forum_link(arg1 forum id, [arg2 page])
- get_post_link(arg1 post id, [arg2 thread id])
- get_profile_link(arg1 user id)
- get_announcement_link(arg1 announcement id)
- get_event_link(arg1 event id)
- get_calendar_link(arg1 calendar id, [arg2 year,] [arg3 month,] [arg4 day])
- get_calendar_week_link(arg1 calendar id, [arg2 week])
- All queries in your mods that write data to the database and use $db->query() will now have to use $db->write_query(). You won’t have to worry about queries that use simple_select or update_query as they automatically assign it to the correct function. By doing this, you can make your plugin compatible with forums that run on multiple servers. These forums are usually large, in the scale of millions of posts or more.
- rebuildsettings() has been renamed to rebuild_settings(). Plugins looking for backward-compatibility should execute a check to function_exists before defining their own rebuild_settings() function in order not to have “function already defined” errors.
- Plugins using the Moderation class should take note of a few changes to the function parameters
- tid and fid are no longer passed into Moderation::unapprove_posts and Moderation::approveposts
- Any plugins written to add / change functionality to the Administration Control Panel (ACP) will have to be completely rewritten. The changes needed to be made are too vast and too complex to be covered in this article. However, take a look at the ‘Akismet’ plugin bundled with MyBB 1.4 for examples of how to use the Admin Control Panel functionality.
Second, the suggested changes in MyBB 1.4:
- There are two new fields for the information array in your plugin:
- guid and compatibility.
- guid’s (Globally Unique Identifiers) are assigned to plugins on the MyBB Mods site and can be put in plugins to allow for “Plugin Updates” via the new ACP page in MyBB 1.4.
- compatibility can be set to “14*” so MyBB knows in the future which plugins work and don’t work with the next version of MyBB.
- The ‘website’ field should point towards the URL to your plugin on the MyBB Mods website (or the link to the plugin where it is hosted at.) We’ve noticed that it’s been a common misconception to use that field to point towards your own personal site, while it’s intention was to be used to allow the average admin to go directly to the plugin’s page and check for updates, etc.
There is of course more material not covered that is out of the scope of this article. If you have any questions feel free to ask where appropriate.
Every now and again I’ll be posting a few more screenshots of some of the things that have changed in MyBB 1.4 as well as general screenshots from the beta.
There are many things you can do to keep your MyBB Installation secure – the below list contains 5 basic ways to make sure your MyBB Forum is as secure as possible. I’ve tried to keep it as simple and concise as possible. Leave a comment if you don’t understand and we’ll clarify.
- Keep your MyBB Software Up-To-Date – Always make sure your running the latest version of MyBB. Using the Version Check tool from your Administration Control Panel you can always check for the latest version of MyBB and latest announcements.
- Sign up to the MyBB Mailing List – By signing up to the MyBB Mailing List you can receive notification of important MyBB updates and releases, allowing you to update your forum in a timely and fashionable manor.
- Rename your “admin” directory – Renaming your admin directory to something else will greatly reduce the risk of someone being able to hack their way into you Administration Control Panel.
- Using an FTP Program navigate to your forum directory.
- Find the ‘admin’ directory and rename it to something less obvious. If you want to be really secure you can use an online program to generate a name for you. For example: http://www.pctools.com/guides/password/
- Now that you’ve renamed your admin directory we need to update the configuration file so MyBB knows what it is called. Navigate to your ‘inc’ directory and open up config.php using a Text Editor such as WordPad.
- In config.php Find:
$config['admin_dir'] = 'admin';
- Replace with the new admin name (where admin-name is the name of the new admin directory you set):
$config['admin_dir'] = 'admin-name';
- In config.php Find:
- Save the file on your server.
- Backup Regulary – Backing up your forum regularly is the best defense you can have against hackers. At least once per week! MyBB Offers a Backup solution in the Administration Control Panel under Backup Database. For more information and alternative ways see our wiki: http://wiki.mybboard.net/index.php/Database_Backup. (Note: MyBB 1.4 allows for automatically backing up your database.)
- Keep MySQL, PHP, and Apache Up-To-Date – Hackings of your forum aren’t always caused by exploits in MyBB. Often hosts are running months old versions of MySQL, PHP, Apache, and even other programs and extensions riddled with security exploits. If you find your host is running an old version urge them to upgrade as soon as possible. If you own your own server you can respectively find updates at http://mysql.com, http://php.net and http://www.apache.org.
We’ll have another, more technical blog post on security for all of you IT pros (or in training, of course) later on.