TVs. Consoles. Projectors and accessories. Technologies. Digital TV

You will go profile invision power board. Hack competition: an easy way to cause DoS in IPB. Congratulations to the competition participant

Invision Power Board (also abbreviated as IPB, IP.Board) is one of the world's most popular solutions for creating forums. This software is developed by Invision Power Services, Inc.

The system was created using HTML, PHP, JS, AJAX technologies, uses MySQL as a database server (in addition, there is support for other database servers, such as Microsoft SQL Server and Oracle). IPB is a paid software.

Despite the fact that Invision Power Board is a paid product, there are a large number of communities dedicated to its support and modification. Most of the modifications and design styles developed by these communities are free and free to download. The largest Russian community is IBResource.ru.

The IPB forums version 1.3 is the latest freely distributed version of the engine and is still allowed by IPS for use, although it is no longer supported by the developers and access to downloading on the official resource has already been discontinued. Despite the outdated nature of this version of the forum and the presence of known security holes in it, many people still use it and do not express any desire to update. IPS continued to release security updates until version 2.1 was announced for development in 2005, after which it stopped supporting this version of the forum. On some sites, you can even now see links to security updates they release, as well as updates that allow the forum script to work in PHP5. These updates are not supported by IPS. Version 1.3.1 was shareware for a testing period, which could last as long as desired. After this version, Invision Power Services began to release their products under a commercial license.

Advantages

  • Installation in just 3 minutes. Automatic installation components enable almost any user to install a forum in just a few minutes. The process does not require special knowledge: the system itself will perform all operations, asking you only for the necessary data. Yes, why unnecessary talk - an IPB license gives each owner the right to order free installation of their forum.
  • Technical support in Russian. IP.Board license holders have access to technical support in Russian. Moreover, the service specialists not only speak your native language, they are also the “native” developers of the forum. This means you don’t have to explain to them the symptoms of problems, as well as possible solutions. Perfect mastery of the subject allows you to carry out all work with the forum without wasting the client’s time and effort.
  • Social orientation. Make the forum a full-fledged communication environment, give users additional features for meeting people and establishing connections - this is facilitated by attributes social interaction forum participants. IP.Board users can easily exchange various content among themselves, create personal profiles, make friends by adding them to their circle.
  • User-friendly Web 2.0 interface. There can never be too much of a good thing. For even greater convenience, the IPB system uses modern technologies Web 2.0. Thanks to this, using the necessary basic functions of the forum is easy and intuitive. And since it’s simple, it means that the participants are spared the boring technical “prelude” to communication.
  • Flexibility. IPB has a lot of options for personalizing your community and customizing options. The flexibility of the system allows you to integrate the forum with third-party solutions without much effort, as well as change any element of the interface (design, adding new functions).
  • Brand loyalty.“The consumer is not a fool, he is your wife.” An interesting forum, a well-thought-out organization of the community - all this works for the company’s image and increases customer loyalty to the brand. Users will definitely appreciate the comfort of the created environment for communication: the opportunity to discuss the brand with other people, exchange opinions, respond and interact with the management of the company itself.
  • Reduced costs. The forum community acts as an online consultation 24 hours a day, significantly reducing the number of calls to your technical support service. It is psychologically much simpler and easier for the user to seek help on the forum: friendly participation, opinions and advice from independent specialists - as a result of communication, not only all problems are solved, but also negative emotions due to the difficulties encountered are removed.
  • Marketing research. The IP.Board system allows you to use the forum as a tool for marketing research. Studying the ratings and opinions of your customers, conducting surveys, testing - broad technical capabilities forums allow the use of various research designs.
  • Multitasking. The flexibility of system configuration allows you to use IP.Board to achieve various goals. In addition to the traditional communication tool, some companies have organized a project management system based on the forum. IP.Board serves as both an internal and external customer service system. Due to the ability to deeply and individually configure access rights, you can adapt the work of the forum to even the most complex and specific tasks.
  • Adequacy of pricing. Terms of purchase software product IP.Board and the developed tariff plan allow you to find the best option for solving the tasks assigned to the forum. You pay for what you actually use, what you really need.
  • Additional modules. You can expand the functionality of the IP.Board system using additional official applications (gallery, blog, file archive module). Ready-made solutions save you from independent development and modification of functionality. Additional modules are fully compatible with the system and use a single community space, which allows them to be installed in one click, without requiring special knowledge and skills. Applications also support the release of new versions, and their maintenance is included in the general package of technical support services for the forum.
  • Thoughtful forum management. The effectiveness of any community is facilitated by competent “conducting”. The management tools built into IP.Board allow you to create a flexible administration and moderation system with the necessary differentiation of rights. Managing the forum includes a wide range of capabilities: from monitoring content to creating a diagnostic center that allows you to maintain the forum, monitor statistics and check the system for possible errors.

Possibilities

  • Simple, intuitive and fast installation
  • Availability of drivers for various types of databases: MSSQL, Oracle, PostgreSQL
  • Full readiness for work immediately after installation
  • Groups and Multi-groups for users
  • Modern user profile
  • Friends


act. So here it is act action", which means "action". (hereinafter in the text instead of act will be said action) action act=Online or act=UserCP

act=idx
First find this code:
if (! isset($choice[ $ibforums->input["act"] ])) ( $ibforums-> idx idx on portal OR on home


$choice = array("idx" => "Boards", "SC" => "Boards", "SF" => "Forums", "SR" => "Forums", "ST" => "Topics", "Login" => "Login", "Post" => "Post", "Poll" => "lib/add_poll", "Reg" => "Register", "Online" => "Online", "Members" => "Memberlist", "Help" => "Help", "Search" => "Search", "Mod" => "Moderate", "Print" => "misc/print_page", "Forward" => " misc/forward_page", "Mail" => "misc/contact_member", "Invite" => "misc/contact_member", "ICQ" => "misc/contact_member", "AOL" => "misc/contact_member", " YAHOO" => "misc/contact_member", "MSN" => "misc/contact_member", "report" => "misc/contact_member", "chat" => "misc/contact_member", "integ" => "misc /contact_member", "Msg" => "Messenger", "UserCP" => "Usercp", "Profile" => "Profile", "Track" => "misc/tracker", "Stats" => "misc/ stats", "Attach" => "misc/attach", "ib3" => "misc/ib3", "legends" => "misc/legends", "modcp" => "mod_cp", "calendar" => "calendar", "buddy" => "browsebuddy", "boardrules" => "misc/contact_member", "mmod" => "misc/multi_moderate", "warn" => "misc/warn", "home" = > "dynamiclite/csite", "module" => action "warn" => "misc/warn",, then this means for act=warn
sources sources

lang And skin. We find accordingly:
$ibforums->lang = $std->load_words($ibforums->lang, "lang_post" , $ibforums->lang_id); $ibforums->lang = $std->load_words($ibforums->lang, "lang_ucp" , $ibforums->lang_id); And
$this->html = $std-> lang_post.php And lang_ucp.php skin_ucp.php

Here's what's connected with it:

"idx" =>
"SC" =>
"SF" =>
"SR" =>
"ST" =>
"Login" =>
"Post" =>
"Poll" =>
"Reg" =>
"Online" =>
"Members" =>
"Help" =>
"Search" =>
"Mod" =>
"Print" =>
"Forward" =>
"Mail" =>
"Invite" =>
"ICQ" => Sending a message to ICQ
"AOL" => Sending a message to AOL
"YAHOO" => Sending a message to YAHOO
"MSN" => Send message to MSN
"report" =>
"chat" =>
"integer" =>
"Msg" =>
"UserCP" =>
"Profile" =>
"Track" => Subscribe to topic/forum
"Stats" =>
"Attach" =>
"ib3" =>
"legends" => Smilies, bbcode help
"modcp" =>
"calendar" =>
"buddy" =>
"boardrules" =>
"mmod" =>
"warn" =>
"home" =>
"module" =>


act

You may have a question, what is: "idx" => "Boards", "SC" => "Boards", "SF" => "Forums", "SR" => "Forums", "ST" => "Topics",








if ($ibforums->input["showforum"] != "") ( $ibforums->input["act"] = "SF"; $ibforums->input["f"] = intval($ibforums-> input["showforum"]); ) else if ($ibforums->input["showtopic"] != "") ( $ibforums->input["act"] = "ST"; $ibforums->input[" t"] = intval($ibforums->input["showtopic"]); // Grab and cache the topic now as we need the "f" attr for // the skins... $DB->query("SELECT t.*, f.topic_mm_id, f.name as forum_name, f.quick_reply, f.id as forum_id, f.read_perms, f.reply_perms, f.parent_id, f.use_html, f.start_perms, f.allow_poll, f. password, f.posts as forum_posts, f.topics as forum_topics, f.upload_perms, f.show_rules, f.rules_text, f.rules_title, c.name as cat_name, c.id as cat_id FROM ibf_topics t, ibf_forums f , ibf_categories c WHERE t.tid=".$ibforums->input["t"]." and f.id = t.forum_id and f.category=c.id"); $ibforums->topic_cache = $DB->fetch_row( ); $ibforums->input["f"] = $ibforums->topic_cache["forum_id"]; ) else if ($ibforums->input["showuser"] != "") ( $ibforums->input[ "act"] = "Profile"; $ibforums->input["MID"] = intval($ibforums->input["showuser"]); )

Structure and paths in IPB

IBResource Forums


There are no answers in this thread

IBResource

  • City: 99|rus

Many people probably have a question:
"Why are there so many files in IPB? After all, the paths always go to one index.php file, and only the parameters change."

So this short article on IPB files should help you understand IPB better. What to look for where. Where to change what.

Almost all pages in IPB have a parameter in the address act. So here it is act is an abbreviation for the English word " action", which means "action". (hereinafter in the text instead of act will be said action) So this is the main component of dividing by files. Almost every action value has its own file with functions + its own file with templates + its own language file. Why almost? Because there are small actions, naturally different meanings action, but they are all combined into one file with functions + also a combined language file + also a combined file with templates. For example, there are large act=Online or act=UserCP. They each have their own service files with functions, etc.
So how do you understand which action applies to which files?

To do this, go to index.php. Everything is written out there. Let me tell you right away that index.php? act=idx is the address of the main page of the forum where all categories and forums are presented.
First find this code:
if (! isset($choice[ $ibforums->input["act"] ])) ( $ibforums->input["act"] = "idx"; ) This entry means that if action parameter is not specified, it defaults to idx. So that's why when you start a forum, the main page of the forum with a list of forums opens simply at the address. By changing the value here idx on portal(for a forum where IBF Portal 3.2 or 4.0 is installed) OR on home(if you have 1.2 and the IPDynamic Lite portal is installed), then you will get that by default it will not be the forum that will load, but the portal.

Now go a little higher and find something like this:
$choice = array("idx" => "Boards", "SC" => "Boards", "SF" => "Forums", "SR" => "Forums", "ST" => "Topics", "Login" => "Login", "Post" => "Post", "Poll" => "lib/add_poll", "Reg" => "Register", "Online" => "Online", "Members" => "Memberlist", "Help" => "Help", "Search" => "Search", "Mod" => "Moderate", "Print" => "misc/print_page", "Forward" => " misc/forward_page", "Mail" => "misc/contact_member", "Invite" => "misc/contact_member", "ICQ" => "misc/contact_member", "AOL" => "misc/contact_member", " YAHOO" => "misc/contact_member", "MSN" => "misc/contact_member", "report" => "misc/contact_member", "chat" => "misc/contact_member", "integ" => "misc /contact_member", "Msg" => "Messenger", "UserCP" => "Usercp", "Profile" => "Profile", "Track" => "misc/tracker", "Stats" => "misc/ stats", "Attach" => "misc/attach", "ib3" => "misc/ib3", "legends" => "misc/legends", "modcp" => "mod_cp", "calendar" => "calendar", "buddy" => "browsebuddy", "boardrules" => "misc/contact_member", "mmod" => "misc/multi_moderate", "warn" => "misc/warn", "home" = > "dynamiclite/csite", "module" => "modules",); And here is a list of all values action(left) and a list of file names (without the php extension) what they refer to (right). If the line is like this - "warn" => "misc/warn",, then this means for act=warn service file is located at
Why is the directory not specified in the line? sources, and I indicated it? Because all service files (almost) are located in the folder sources(translated from English - source codes).
How can I find out where the language files and templates for a given file are located?
Just. We go into the file, for example we selected UserCP.php. There we are looking for words lang And skin. We find accordingly:
$ibforums->lang = $std->load_words($ibforums->lang, "lang_post" , $ibforums->lang_id); $ibforums->lang = $std->load_words($ibforums->lang, "lang_ucp" , $ibforums->lang_id); And
$this->html = $std->load_template("skin_ucp"); From which it is not difficult to understand that 2 language files are used lang_post.php And lang_ucp.php. And only one template file is used skin_ucp.php

Here's what's connected with it:

"idx" => index - Forum main page
"SC" => Show Category - Displays a list of forums of the selected category
"SF" => Show Forum - Shows a list of topics for the selected forum!
"SR" => Show Rules - Shows the rules of the selected forum (you can create your own for each forum)
"ST" => Show Topic - Shows the selected topic (list of all messages in the selected topic)
"Login" => Serves authorization (login to the forum using your account)
"Post" => Serves publishing messages, creating topics, polls
"Poll" => Serves adding votes to a poll
"Reg" => Registration, password recovery...
"Online" => List of active users (those who are online)
"Members" => List of all users, different sorting...
"Help" => Maintenance of help files (FAQ, viewing, sorting)
"Search" => Search the forum. Advanced search. View new messages since last visit, active topics.
"Mod" => Moderation. Moderator actions. Transfer topics. Division, etc.
"Print" => View of the theme for printing, saving the theme in HTML, Ms Word...
"Forward" => Sending a link to a topic to a friend by e-mail.
"Mail" => Writing and sending a letter to the user by e-mail.
"Invite" => There is no such function yet. But the developers are already making preparations for themselves in advance
"ICQ" => Sending a message to ICQ
"AOL" => Sending a message to AOL
"YAHOO" => Sending a message to YAHOO
"MSN" => Send message to MSN
"report" => Report to moderator (serving a link to the report to the moderator by e-mail about the message)
"chat" => Chat module. Invision Power Chat paid chat. That's why it's not in the set
"integ" => Sending a message to Integrity Messenger
"Msg" => Personal Mailbox Maintenance. Reception of sending and other actions with PMs (messages in Privat)
"UserCP" => Large script for working with "Profile". This includes managing subscriptions and forum settings, etc...
"Profile" => View user profile...
"Track" => Subscribe to topic/forum
"Stats" => 10 best authors, 10 best authors today and a link to the Administration
"Attach" => Downloading an attached file to a message (attachment)
"ib3" => Forum login module for Ikonboard 3. Related to conversion from IkonBoard3
"legends" => Smilies, bbcode help
"modcp" => Moderator control panel. And everything connected with it
"calendar" => Calendar. publishing, changing calendar events...
"buddy" => User contact list. Adding a user to contacts, etc.
"boardrules" => General rules for the entire forum. From viewing.
"mmod" => Multimoderation. Creation general rules to moderate forums
"warn" => Rating/warning system
"home" => View the IPDynamic Lite portal. This link makes it clear why act=home is a portal
"module" => Additional synchronization modules. Appeared only in 1.2


So if you want to change something, look in the address bar of your browser and see what the parameter is equal to act, and you will immediately know where to look. And the place that you are looking for can be found by some text that is not dynamic (does not change). And since the text is static, it means it is probably in the language files. This means that having found it through a search in the language files, you can see which variable corresponds to a given entry and already look for the right place by the variable name, which will usually lead you to templates with an already familiar HTML language There, having basic English skills (usually variables are called in simple understandable words in English) you can find what you need there and understand without language translations what is what.

You may have a question, what is: "idx" => "Boards", "SC" => "Boards", "SF" => "Forums", "SR" => "Forums", "ST" => "Topics",
idx - index - forum main page
SC - Show Category - view the selected category (list of forums of the selected category)
SF - Show Forum - View the forum (list of topics for the selected forum)
SR - Show Rules - View forum rules (you can add your own to each forum via AdminCP)
ST - Show Topic - View topic (list of messages of the selected topic)

Also in the latest version 1.2, several more abbreviated types of links were introduced that simulate these regular ones. This
index.php?showforum=3 - this entry is identical to index.php?act=SF&f=3
index.php?showtopic=33234 - this entry is identical to index.php?act=ST&f=forum_number&t=33234
index.php?showuser=343 - this entry is identical to index.php?act=Profile&CODE=03&MID=343

These three shortcuts are implemented by the code that is written in index.php:
if ($ibforums->input["showforum"] != "") ( $ibforums->input["act"] = "SF"; $ibforums->input["f"] = intval($ibforums-> input["showforum"]); ) else if ($ibforums->input["showtopic"] != "") ( $ibforums->input["act"] = "ST"; $ibforums->input[" t"] = intval($ibforums->input["showtopic"]); // Grab and cache the topic now as we need the "f" attr for // the skins... $DB->query("SELECT t.*, f.topic_mm_id, f.name as forum_name, f.quick_reply, f.id as forum_id, f.read_perms, f.reply_perms, f.parent_id, f.use_html, f.start_perms, f.allow_poll, f. password, f.posts as forum_posts, f.topics as forum_topics, f.upload_perms, f.show_rules, f.rules_text, f.rules_title, c.name as cat_name, c.id as cat_id FROM ibf_topics t, ibf_forums f , ibf_categories c WHERE t.tid=".$ibforums->input["t"]." and f.id = t.forum_id and f.category=c.id"); $ibforums->topic_cache = $DB->fetch_row( ); $ibforums->input["f"] = $ibforums->topic_cache["forum_id"]; ) else if ($ibforums->input["showuser"] != "") ( $ibforums->input[ "act"] = "Profile"; $ibforums->input["MID"] = intval($ibforums->input["showuser"]); )

In general, everything you want to change can be found by searching in the forum files. Therefore, always keep a copy of all forum files on your hard drive. After all, searching files on the server via ftp is simply impossible. But this is a topic for another article. So The End. Good luck

All comments and questions about the article please! If there are changes or any important questions and answers, I will add them here to the topic!

In my opinion, as a site admin, that"s not personal information. Plus that information lives in many places besides your profile. It shows in forum topics, in your user popup, it defines what permissions you have, etc. So hiding it on your profile is a false sense of privacy.

To me it just does not make sense to introduce a false sense of security by "hiding things in my profile" when everything you put in your profile on a community forum is by its nature public to all those in said community.

Put another way: on Facebook your profile is all about you. On a community your profile is about what you have done in that community. It's the opposite viewpoint.

I think your opinion of forum profiles is dated. It might apply to quite a few forums, but you claim to be an enterprise solution, so that is what I am addressing this as. My site might be small potatoes, but it is becoming one of the most popular in its niche.

Profiles on my site have a lot of potential. But because my members are a mixture of professionals within my industry niche and consumers/DIYers who aren't, the power of my member profiles as a whole can be seriously diluted with miscellaneous information that has nothing at all to do with my industry. Take , for instance, the 2 members whose profile pages I use to illustrate my point.

This user, MarmoMan, is a pro in his field. The information he provides is relevant to the industry and can be used as a kind of business listing. Anyone who visits the site can view his profile and see his industry status, work history and achievements and contact him in various manners that can be very beneficial to him. This kind of profile is an asset to my site.

This user, arrowpawn, is a consumer who came to us about flooring issues he/she was having, got answers and hasn't returned since. But the member made sure to leave a lasting impression I only discovered tonight. In addition to all the non-industry related information on the About Me tab, there is contact information, including a link to a website, on the Contact Info tab. This is not good for my site and is considered spam - even though they are a legitimate company. have taken advantage of the disability I have to make certain profile information and certain user groups hidden from search spiders and non-members.

IPS4.x has great potential to turn profile pages into an asset for many forums. It could have the ability to add fields relevant to the site"s focus, turn privacy on and off for certain of those fields, make some/all fields admin controllable and add SEO to the profile, among other options. The user popup in other areas of the site should include only information the admin deems important on a user category basis and also allow some user configuration.

The point I want to make to you is that everything put in a profile does NOT have to be public, especially if you want to have more control over the relevant content of your website. And I am not one that will compare this feature to facebook. My hope is that it will be incomparable to any other forum product available. You have the resources, the skill and the potential to develop IPS profiles into more than just a miscellaneous forum feature.

There is a small vulnerability in the IPB forum engine. You can troll the admin and at the same time kill his forum for several days (checked personally on two forums).

Congratulations to the competition participant

This text was submitted to an author competition that we launched in the spring. We sorted through a large number of submitted materials, summed up the results and awarded the winners. The author of this note received a prize - a three-month subscription to Hacker. Congratulations!

Let's figure out step by step how it works.

  1. First you need to register on the forum to be able to post.
  2. After registration, create a “garbage” topic where moderators hardly look, or leave a post in one of these topics. The content of a post or topic should be huge. Some admins make mistakes when configuring the server, allowing users to send posts with an unlimited text length. Personally, I hashed the word DDoS in SHA-512 and copied the hash into the post submission form until the browser hung for several seconds from the amount of text being inserted onto the page.
  3. Submitting a new topic or post. The engine is implemented in a careless manner, and long posts are not shortened with the ability to expand them by clicking on a button. And the output of such posts is handled by PHP, not client-side JS. As a result, we get a huge page with several million characters that are loaded synchronously from the server.
  4. We are launching a DDoS attack on a topic with a huge post. Since all requests go directly to PHP, and from it to the database, the site will very quickly fail with the 500 Internal Server Error error, and then with the 504 Gateway Timeout (since the database, even on a VPS, will not be able to serve such a huge post so quickly, so talk about Shared hosting) and will not be able to get up soon, because queries to the database will hang and wait for a response from the server and database.
  5. You can hide the attack from particularly stupid moderators by using a trick with your ears. IPB has an “Activity” module (Discover in the English version of the engine). This is a feed that stores the history of recent posts. So, in order to divert the attention of moderators (who can detect a topic, delete it and ban the account), you need to immediately start flooding the activity page after sending a garbage post. Having seen the logs, the system administrator will think that the attack is on the message feed and will not be able to detect the root of the problem - the topic we created, which, by the way, will also hang entirely uncollapsed on the page. The only thing he can do is close the feed from unregistered users. And even then this is a dubious decision, from which usability suffers.
  6. A few hours of intense DDoS attack on a junk page, and literally in a couple of days (weeks at most) the forum database will crash forever. No, it won’t just fall, it will be broken beyond repair. Not sure what this is about or why it happens, but it happens. Thus, you can not only easily put a forum on a Dedicated server in a couple of clicks, but also destroy its database, which will be extremely difficult to restore without a backup.

You can also fill up your disk space with logs. Usually they rent a VPS with a 10–20 GB SSD disk, and they are allowed to upload pictures to the forum only from third-party resources. So, it’s very easy to log the logs - you need to use the same long hash in the topic name. You can also slightly increase the effect using referrers, inserting the same hash into them.

This is an interesting way to make the owner of the IPB forum think about moving to another engine.

The competition continues

We decided to extend the competition and turn it into a permanent promotion. By sending us a description of the hack, useful advice or a description of a cool unknown program, you can still get a subscription for a month, three months or, if you try, for a year.

Versions

  • 1.x.x, latest version - 1.3.1 , support has been discontinued.
  • 2.0.x, latest version - 2.0.4: May 4
  • 2.1.x, latest version - 2.1.7: July 13
  • 2.2.x, latest version - 2.2.2: February 22
  • 2.3.x, latest version - 2.3.6: October 2
  • 3.0.x, latest version - 3.0.5: December 8
  • 3.1.x, latest version - 3.1.4: November 18
  • 3.2.x, latest version - 3.2.3: September 9
  • 3.3.x, latest version - 3.3.4: July 11

History of development

Invision Power Services (IPS) was founded by two programmers, Matt Mecham and Charles Warner, in 2002, shortly after they left Jarvis Entertainment Group (the company behind the Ikonboard forums). Their very first product was IPB, which attracted the attention of many Ikonboard users.

Although the developers of Invision Power Services initially chose to distribute the forum source code freely, IPB was discontinued in 2004 free versions. It was decided to leave the trial version of Invision Power Board 2.0.0 for free download, but on September 27, 2004 this opportunity was also closed due to the introduction of a free demo version, which had restrictions on 5000 messages, 1000 topics and 200 users. With this, Invision Power Services puts an end to the claims that IPB will always be free. On July 1, 2005, IPS introduced a new limit to the demo version - no more than 15 days of use (in some cases, up to 5 days) and a few months later, this period was limited to 24 hours.

Version IPB 2.0.4 became the first version that began to be officially sold in Russia and the CIS countries. The Russian-speaking community has received official permission from IPS to sell a localized version of IP.Board in the Russian-language segment.

Version 1.3

The IPB forums version 1.3 is the latest freely distributed version of the engine and is still allowed by IPS for use, although it is no longer supported by the developers and access to downloading on the official resource has already been stopped. Despite the outdated nature of this version of the forum and the presence of known security holes in it, many people still use it and do not express any desire to update. IPS continued to release security updates until version 2.1 was announced for development in 2005, after which it stopped supporting this version of the forum. Some sites continue to release security updates and updates to run this version of the forum in PHP5, but these updates are not supported by IPS. Using these versions is illegal if you did not download it from the official website.

Version 2.0

IPB 2.0 forums are very similar to 2.1. This version is latest version, which can be downloaded for free from the official IPS website. Just like with version 1.3, many users still continue to use it, using unlimited trial versions of 2.0 PDR (Under Development Version), PF (English. Pre-Final; version, which is in the testing and development stage, is released before the final release) and Final, which also have their own security holes and are no longer supported by the developers. Final version 2.0 could be downloaded for free in the first hours after its official release from the developer’s official website.

Version 2.1

IPB 2.1 has significant advantages over its predecessors, such as: the latest security updates, Rich Text Editor as a user message editor and many moderation tools, including using AJAX technology. The administrative part in IPB 2.1 has been completely redesigned. All versions of IPB 2.1 are commercial software; there is no possibility to download a demo version on the official website.

Version 2.2.7

Invision Power Board 2.2 was tested for security by a third-party company, which made it possible to find dangerous vulnerabilities in the forum script even before the release of the final version. Immediately after the release of version 2.2, version 2.2.1 was released, which fixed many bugs.

Version 2.3

This version includes multiple code changes that improve system performance on large forums. From version 2.3 the forum comes complete with two styles (classic blue and Pro style). The latter is positioned by the developer as lightweight and can be easily used as a basis for developing their own styles, or, for example, as a style for forums with high traffic. In this version, IPS has expanded the capabilities of the forum admin panel by adding an intelligent help system and providing a dashboard as a home page administrative center Among the new features of the forum, it is worth noting the appearance of style reassignment (URL Mapping). Thanks to this setting, it is possible to assign custom styles to specific URLs: for example, make a different style than the forums style for the profile view page.

Version 3.0

This version features extensive changes, including a new template engine, a new design, improved ease of editing templates, improvements to BB codes, own system reputation and much more... Also, version 3 requires PHP5. Oracle databases are no longer supported. The main innovation was the appearance of hooks, with which you can change and/or add new functionality without changing the source code of the forum. To install hooks, the administrator just needs to download xml file hook in the admin center. Unfortunately, creating any hooks is only possible in development mode and requires a huge amount of manual work (much of this work can be automated using the IPB3 Toolkit).

All hooks are divided into the following types (the names of the hooks are taken from the Russian version from IBR, the original name is indicated in brackets):

  • Action overloader - allows you to extend the specified controller class with your own class;
  • Skin overloader - allows you to extend the specified template class with your own class (applies to all skins);
  • Template modification (Template hook) - allows you to add arbitrary code (mostly HTML) to the desired place in the template.

Version 3.1

The hook system also received further development - new types of hooks were added:

  • Template hook (previously - Template modification, Template hook) - expanded, you can replace blocks and get the values ​​of variables passed to the template;
  • Data hook - allows you to process data before inserting (receiving) it into (from) the database;
  • Library hook - allows you to override many system classes.

Version 3.2

Notes

See also

  • Ikonboard - A forum script originally developed by Matt Mecham.

Links

Official

  • Invision Power Board Documentation - official English documentation for Invision Power Board
Web forums


Share with friends:
Related publications