Welcome to WebmasterWorld Guest from 18.104.22.168
Forum Moderators: rogerd
Les than a month in, then, I find myself making major alterations to the forum software. The basic package just doesn't correspond to my needs. Improving security, disabling unwanted features, speed-tweaks, SEO mods, all with 11 different themes (it's that kind of forum - the members live there rather than just visit, so you need the personalisation).
So, does anyone have any good tips and suggestions on how to manage all the modifications? I've tried to note everything, but it's not organized. I'm worried that if I need to do a board upgrade for security reasons, I'm not going to remember to carry over all the changes, as well as the fact that such an upgrade would take days of work if I have to redo everything. How do you guys do it?
My "ChangeLog" file is listed by file name first. Then by what hack(s) I used. Then by section/line number. Then I have anything germane to hacking that file which I might (read that as "would") forget.
And btw, all this won't be worth the powder to blow it to hades once 2.2 comes out....
Oh. Make sure you keep "version specific" copies of files: in other words, if you use one hack on a file, copy the currently-working version somewhere "safe" before you mod it again.... then when you're sure it's working after the second hack, copy THAT version somewhere....
all this won't be worth the powder to blow it to hades once 2.2 comes out
I wouldn't touch 2.2 with a bargepole for at least 12 to 18 months after release anyway - the number of serious security problems found in the 2.0 code puts me off any idea of an early adoption of the new version.
2.0 is going to be maintained even after the 2.2 version comes out, and now that 2.0 is finally a stable, well-tested and heavily-scrutinized package with a lot of bug fixes, it's going to remain a very good choice for a while yet.
The biggest issue I've had to deal with in phpBB is it's featureitis and it's lack of data security in its default state. An example that covers both problems is the member list - which by default is available for everyone and anyone to view, whether a member or not. On my board, nobody except the admins can view the member list. Also, the "SEO mods" which I have applied are not for SEO (it's a members-only board which is not spidered at all): they are purely for usability reasons. The SEO mods simplify the user interface, reducing the number of redundant links and removing extraneous information - putting the emphasis back on the real content. I would have preferred to use something like MiniBB instead of phpBB, but the former doesn't have profiles or the possibility to add 500 smilies, both of which were crucial in my case (especially the smilies!) ;)
Back to the original point, I'm going to have to build a spreadsheet detailing all the changes, big and small, then use the patch files if a new version is released, rather than trying to recreate all the modifications from scratch. Hopefully, any future patches will be able to be applied manually without too much effort.
When adding the mods, I try and make comments of "blah blah mod code change start here" and then do a second comment to close the end of the change. Some mods come with this already, those are wonderful :)
You can also upgrade using the patch file - this will keep all your mods intact, however there could always be issues with mods having a conflict with the new upgrade.
Could you tell me WHICH seo mods you're using? I never thought about your reason for using them, sensible though it seems when I was just now reading about it!
Like you, I'm NOT migrating to 2.2 anytime soon. The custom stuff I've got now is one factor, and as you so cogently state, the security situation is the other....
Of course, the patch is really just another modification in the same way as any other. I would like to think that I could recreate the forum with the assembled mod and patch files plus my documentation, but once you have hacked the original install so much, it's probably more important to make 3 dozen backups of the code and store them in multiple off-site locations!
I haven't had any problems doing that, though someone on one of the phpBB fora once said that it could cause trouble in some of the files.