Some time ago, I mentioned that I moved my domain registrar from GoDaddy to NameSilo. I came to the general realization that registry services were mostly commodities, so there was little point in paying more. GoDaddy charges fees for services that are standard on most registrars, such as privacy protection. They also add a hefty markup to fees charged by the top level domain registrar. NameSilo was a registrar that didn’t, and their markup was minimal. So I switched.
It wasn’t a huge amount of money that I was saving per year as I have only a handful of them; it was more the principle that I shouldn’t reward companies that provide overly costly services. And if you’ve been on GoDaddy, you know that’s their one true talent: marketing. They are constantly looking to nudge you into paying for extra services of dubious worth. Their site is so overwhelmed with internal marketing that doing common tasks like getting into cPanel becomes a multistep process that’s hard to find, probably because they want you to see pages of marketing material first. Obviously, GoDaddy is not subtle, and they seem to cater to web hosting newbies familiar with the brand and often with a deficiency of web administration skills.
It turns out though that by using Cloudflare’s registry service, you don’t pay any markup and popular registry services like domain protection and privacy are free. You don’t even have to sign up for one of their paying services to get the deal. It’s all explained in this blog post. They write:
For instance, Verisign, which administers the .com TLD, currently charges $7.85 per year to register a .com domain. ICANN imposes a $0.18 per year fee on top of that for every domain registered. Today, if you transfer your .com domain to Cloudflare, that’s what we’ll charge you per year: $8.03/year. No markup. All we’re doing is pinging an API, there’s no incremental cost to us, so why should you have to pay more than wholesale?
Some months back I transferred my condo association’s registrar to Cloudflare. For the moment, I’ve kept my other domains on NameSilo as the cost difference between their services and Cloudflare’s is pocket change. But likely at some point at my convenience I’ll move mine to Cloudflare’s registrar too.
Changing registrars can be a pain as it generally takes about a week and there is an exchange of EPP codes between the registrars. But if you are paying too much to your registrar, the time and cost are justified.
Most forum administrators are unaware that phpBB has a command line interface (CLI). Most popular software solutions for the web have CLIs too, for example, WordPress. A CLI allows you to do from a command prompt a lot of tasks that would otherwise have to be done with a browser.
In fact most tasks, including upgrades, can be done through the browser, which may explain why phpBB’s CLI is often unknown. Also, to use the CLI you have to be able to connect remotely to your server, usually via Secure Shell (SSH). For those not technically inclined, this is a bit of a hurdle.
Also, for the most part, phpbb.com doesn’t say much about it, other than to allude to it. Nonetheless, it has its own set of instructions, fully detailed here.
Using SSH
If you are not familiar with using SSH, there may be a substantial learning curve. SSH is a method of connecting remotely to external servers using the command line.
But you can only use phpBB’s CLI if you web host supports access via SSH. Most do, but often it takes some digging to figure out how to do this. Often you have to use a supplied username and password, or upload a set of cryptographic keys. Generally though it’s straightforward once you learn a few things. You may have to ask your host if SSH is allowed. They will usually point you to their knowledge base where you can learn more.
Your computer needs a terminal program to access SSH. With Linux or a Mac, simply use the terminal app. Since Windows 10, this has been built into Windows. You can learn how to configure your Windows machine to use SSH here. Earlier versions of Windows can use Putty, a third-party application, to run SSH.
In the most typical case, once the right terminal program is running, the following command is used to connect via SSH:
ssh username@hostname.com
The standard port for SSH is 22. If you are told to use a different port, such as 2222, the command changes to:
ssh -p 2222 username@hostname.com
hostname.com can be a domain name or sometimes a special IP address provided by your web host.
You may have to authenticate with a password. If so, type in the password and press Enter or Return when done.
Typically you get a command prompt from the server if you login successfully, generally >.
If you need to exchange cryptographic keys, you may first have to upload or download some keys. You may have to reference the key as an argument for the command.
So it can be time consuming just to connect with SSH to your web host, but usually it’s straightforward.
Once connected, you need to navigate to the root folder of your phpBB installation. Assuming it’s /var/www/mydomain.com/board the following command would work:
cd /var/www/mydomain.com/board
If you are unsure what folder you are in, type:
pwd
CLI Basics
The CLI is the program /bin/phpbbcli.php. To run it you need to preface the command with php, so the php interpreter is run. Your web server and database server should be up to avoid errors.
From your phpBB root folder, try either of these commands:
php ./bin/phpbbcli.php list
or
php ./bin/phpbbcli.php help
If a path to php is not defined, you may have to preface php with its path, e.g.:
/bin/php ./bin/phpbbcli.php help
The version of PHP that you use should be compatible with the version used by your version of phpBB, generally PHP 7.1.3 or higher.
In some cases you must change the file permissions to phpbbcli.php to make it executable for it to work, ex:
chmod 644 ./bin/phpbbcli.php
What can I do from the phpBB command line?
The functionality from the CLI is just a small subset of what can be done through the web interface. It is most useful if you need to automate installing or upgrading phpBB. This method largely avoids potential timeouts and resource limitations doing it through the web interface.
But there are other commands available. For example, you can purge the cache:
php ./bin/phpbbcli.php cache:purge
The user command allows you to activate, add, delete or re-clean the usernames.
Extensions can be enabled and disabled through the interface.
phpBB’s cron is invoked through this command:
php ./bin/phpbbcli.php cron:run
You can also ask if your version of phpBB is up to date:
php ./bin/phpbbcli.php update:check
I recommend just playing with the CLI to gain some basic familiarity with it, then consider how you can use it as an administrator to make your life easier.
Occasionally I have a client whose config.php file gets deleted. This happened most recently to a client using GoDaddy for their hosting.
It’s hard to say why GoDaddy deleted it, but it wasn’t recoverable. If I had to guess, it’s because like most web hosts GoDaddy assumes everyone is running WordPress, which means phpBB gets short shrift.
Anyhow, it was gone and needed to be re-created but she had no idea how to do it. She did figure out its purpose. The config.php file sits in your phpBB root folder and its primary purpose is to connect your phpBB board with the correct database. So it’s absolutely essential and phpBB won’t work without it.
Start with an example file
Unfortunately, the config.php file is empty when setting up phpBB and gets created when you run the installation wizard. But here’s an example of a properly configured config.php file:
You can use your web host’s file manager to copy and paste this text. Obviously it will need some editing. You can also create it on your computer and upload it when done.
Check your database management system
Most phpBB boards are installed on a mySQL or MariaDB database management system. If so, leave the $dbms line unchanged. MariaDB is virtually identical to mySQL so it will use mySQL drivers. Otherwise you need to change this line to use your database management system. Use the following values:
$dbms = 'phpbb\\db\\driver\\mysqli'; // Use for mySQL or MariaDB
$dbms = 'phpbb\\db\\driver\\postgres'; // Use for Postgres
$dbms = 'phpbb\\db\\driver\\oracle'; // Use for Oracle
$dbms = 'phpbb\\db\\driver\\sqlite3'; // Use for SQLite
$dbms = 'phpbb\\db\\driver\\mssqlnative'; // Use for Microsoft SQL Server Native Driver
$dbms = 'phpbb\\db\\driver\\mssql_odbc'; // Use for Microsoft SQL Server ODBC Driver
$dbms = 'phpbb\\db\\driver\\mssql_base'; // Use for Microsoft SQL Server Base Driver
Check your host name
Generally, you don’t need to change your $dbhost line from localhost. If your database exists on a machine separate from the webserver, you’ll have to change it. You can often get this information in your web host control panel.
If all the other information is correct and you cannot connect, you will know this line has to be changed. Ask your web host the exact machine name if necessary. On my DreamHost hosting, it’s on a different machine, mysql.phpbbservices.com in my case. Simply edit the line if needed placing the machine name between the single quotes. You should not preface the machine name with http:// or https://.
Check your database port
You generally leave the $dbport line unchanged. The default database port for the database management system is used. For example, with mySQL it’s 3306. If the null string is set, the default port will be used. You can ask your web host if necessary if a different port should be used, but this is extremely unusual.
Find your database name
Generally you can use a web host control panel program like phpMyAdmin to browse your databases and determine the database name. Be careful. You may have old phpBB databases and you want to choose the right one. You can look at the number of rows in the posts table using a utility like phpMyAdmin to help you decide. Generally the database with the most rows in this table is the correct database to use. Replace the $dbname line with the correct database name, placing it between the single quotes.
Find your database user
The database user is not (usually) the same username you use to login to your board. This is the user that has privileges to access the database name found in the last step. Usually you can get this from your web host control panel.
In the most typical case, there is a MySQL databases icon you can click on. Find your database and see the username associated with the database. Replace the $dbuser line with the correct database user name, placing it between the single quotes.
This database user must have all privileges granted to your board’s database. You can check this in the same web interface.
If you have only command line access to your database, a short SQL query will show this information. For the configuration above and a mySQL database, for example, once logged into the database this command would work:
show grants for 'phpbb'@'localhost';
Set the database user’s password
If you don’t know the database user’s password, your web host control panel usually has an interface to change the database user’s existing password. Change it in this interface and replace $dbpasswd with the correct password, placing it between the single quotes.
Check the table prefix
If you used a utility like phpMyAdmin to browse your board’s tables, the $table_prefix line is easily discerned. All phpBB tables must have the same prefix. The default is phpbb_. If yours is different, replace it with the correct prefix, placing it between the single quotes.
Save the file and test
Generally at this point you save the file. To test, simply run index.php on your board and it should come up. Any errors that come up will hopefully point to where the problem is.
Occasionally, you may need to manually purge the cache to bring up your board. Delete all files in the /cache/production folder using a tool like FTP or your web host’s file manager. If queue.php exists, deleting this will remove any emails scheduled to go out, so you may not want to delete this file. Then refresh the index.php page in your browser.
You may notice other lines at the bottom of the config.php line. Generally these are left alone. But if you moved certain folders from their default location you might have to change these lines.
Check the config.php files permissions
This file must not be publicly writeable, so minimally its permissions should be set to 644 on Linux-based systems. You can use FTP or your web host control panel file manager to change its permissions.
You can’t run a phpBB board without an administrator, but the privileges granted to administrators in phpBB and how they are assigned and handled are not obvious.
Let’s learn how to create administrators, what privileges administrators have, and how to change or remove administrators.
Easily adding new administrators
If you don’t want to be particular, simply add an existing user to the Administrator’s group. This user will be able to access the Administration Control Panel (ACP) with the Full Administrator’s role privileges, giving them broad powers to do almost anything except add, change or remove founders. ACP > Manage groups > Administrators > Members > Add users
What’s peculiar is while an administrator created this way has the Full Administrator’s role privileges, the role is not explicitly assigned. It appears that phpBB defaults to these permissions if none are explicitly granted, which is inconsistent with phpBB’s otherwise amazingly well thought out permissions system.
Founders
There is a special type of administrator called a founder. If you manage a phpBB board, you probably have this privilege already. Founders can never be banned, deleted or altered by any other administrators unless they are also founders.
This feature is basically a safety feature, ensuring founders can’t be locked out unless another founder is doing this.
An easy way to tell if you are a founder is to look up any user in the ACP using the manage users function. If when editing their settings, the founder field is enabled, you are a founder.
Hint: if you need to become a founder and can access the database outside of phpBB using a tool like phpMyAdmin, you can make yourself a founder. Find your row in the phpbb_users table and change user_type from 0 to 3. You may need to purge phpBB’s cache afterward for it to take effect.
Deleting administrators
The easiest way to remove an administrator is to remove them from the Administrators users group: ACP > Manage groups > Administrators > Members. Select the checkbox for the user, then select Remove member from group and press Submit.
You could also remove permissions explicitly. ACP > Permissions > Global permissions > Administrators > [user name]. Once selected, select their row in the text area and click on the Remove permissions button.
Changing administrator permissions
There are two approaches to changing administrator permissions: assign a role or set custom permissions.
Using a role
ACP > Permissions > Global permissions > Administrators > [user name]. After the page is refreshed, select their row in the text area and click on the Edit permissions button. Select the desired role: Standard admin, Full admin, Forum admin or User and Groups admin. Let your mouse hover over each permission type to see what privileges are assigned to the role. Click Apply all permissions when done.
Custom permissions
ACP > Permissions > Global permissions > Administrators > [user name]. After the page is refreshed, select their row in the text area and click on the Edit permissions button. Click on the Advanced permissions link, then go through each tab and assign the desired privileges. Click Apply permissions when done.
When does the ACP link appear?
If you have any ACP permissions assigned, the link to the ACP will appear. Only if you have no ACP privileges will the link disappear.
The phpBB Group made a major error in its 3.3.6 release. The error is understandable, but still surprising as this is the first release I am aware of which if you are affected by the bug cannot be fixed except by recovering two tables you are supposed to back up before upgrading to phpBB 3.3.6.
How can I tell if my board is affected?
One way is to access your board as a guest. If it says your board has no forums, but previously a guest would see your forums, you are affected.
If you can still see forums as a guest, that doesn’t mean you aren’t affected, only that if you can’t, it definitely indicates that you are affected by the bug.
The only way to know for sure would be to compare the phpbb_acl_groups and phpbb_acl_users tables from before upgrading to phpBB 3.3.6 with your current tables and if any rows are missing put them back in these tables. This is not easy. You might want to seek professional help to fix these issues.
If my board is affected, how do I fix this?
Recover your database to before your upgraded to phpBB 3.3.6, then upgrade phpBB
If you are comfortable with losing any content since you upgraded, you fully backed up your database before the upgrade, and it’s stored in your board’s /store folder you could:
Use phpBB’s restore function: ACP > Maintenance > Database > Restore. Make sure you pick the right archive to recover.
Afterward, you may have orphaned attachments. You can get rid of these: ACP > Posting > Attachments > Orphaned attachments
Next, upgrade to the latest version of phpBB using the normal process
Warning: on some servers you may experience timeouts and other issues using the process. The likelihood of this happening increases on shared hosting and if you have lots of posts and users. If you are familiar with using SQL from the command line, it is better to restore your database this way. You may need to explicitly drop all the tables in your database first.
Recover the two affected tables, then upgrade phpBB
If the other options aren’t viable, you have to fix the database directly. And it can be kind of confusing if you are not familiar with SQL or don’t know how to use programs like phpMyAdmin. But you must have a backup of your database before you upgraded or updated to phpBB 3.3.6 and the backup must contain the two tables affected.
Two tables must be emptied using a tool like phpMyAdmin
Your database backup is either in an archive or a long file with a .sql suffix. If it’s in an archive, extract it.
You will need to open the archive in a text editor. If the file is big, it may crash some text editors. BBEdit is an example of a text editor that should be able to handle large .sql files.
Search for your phpbb_acl_groups table. If your table prefix is not phpbb_, search for the correct name, like phpbb3_acl_groups. Find the INSERT INTO statement for the table. Here’s an example:
Empty this table first using a tool like phpMyAdmin (see above). This removes all rows in the table.
Afterward, using a tool like phpMyAdmin, copy and paste the INSERT INTO statement(s) from your editor. Using phpMyAdmin, you could click on the SQL tab and insert them there, and press GO at the bottom of the page to execute the statement(s). This should replace the table’s content to the way it was before you upgraded to phpBB 3.3.6.
Use the same approach for your version of the phpbb_acl_users table. Empty the table and execute the SQL in your editor to recover this table.
Now do a normal upgrade to the latest version of phpBB.
If after the upgrade to 3.3.6 you made any permission changes to users or groups, these would need to be reapplied.
There have been many prominent articles about web sites being taken down by Denial of Service (DoS) attacks. A Denial of Service attack is when a machine on the internet sends so many requests to your web server in a short period of time that the web server can’t keep up with the demand. This makes it unavailable to legitimate users and often returns cryptic error messages to users. It’s like your web server blows a fuse. Even after the attack abates, your server may not be able to recover without a reboot or some internal repairs.
In a Distributed Denial of Service (DDoS) attack, a number of machines across the Internet attack your web server at the same time. DDoS attacks tend to be more severe because more requests can be sent at the same time. These attacks become harder to block too, because the Internet Protocol (IP) addresses of attacking machines change.
In this post I’ll look at how to protect your board from both DoS and DDoS attacks using Cloudflare.
What is Cloudflare?
Cloudflare is a prominent company that specializes in implementing content delivery networks (CDNs). CDNs place copies of files on your web sites geographically close to your users, speeding up the rendering of your web pages.
Cloudflare can also protect web sites so that if a DoS or a DDoS attack occurs, the offending machines can quickly be blocked, minimally impacting your site’s availability to legitimate users.
A phpBB board is often part of a web site. Generally, Cloudflare protects domains. I’ll describe how it protects domains. If you want to use Cloudflare to protect a subdomain but not the domain itself, this is a more complex process described here.
Using Cloudflare is not necessarily free, but it often is. You can start with a free plan. If your domain is not used for commercial purposes, you can use Cloudflare for free. If your site is for professional use, the cost is $20/month. Cloudflare can be very pricey for businesses and enterprises: $200/month or more. But if you have this kind of website, you are probably using Cloudflare or a similar service already.
Cloudflare has competitors, so you can shop around if you need to pay for DoS or DDoS protection. Arguably though Cloudflare was the first to master this market and is its industry leader.
Protecting your domain with Cloudflare is generally pretty easy. Let’s look at the steps.
Step 1. Get a Cloudflare account
If you don’t already have a Cloudflare account, you can create one. It’s a simple process that should not take more than a few minutes.
Step 2. Add your domain to your Cloudflare account
Look for the Websites link on the left sidebar. After clicking on it, click on the Add a Site button and add the domain containing your phpBB board. Cloudflare will find your public domain records and show them to you.
Step 3. Change the nameservers for your domain to use Cloudflare’s nameservers
Next, login to your domain registrar and find your records for your domain. Verify your domain records match those that Cloudflare found. Then change your domain’s nameservers to the nameservers Cloudflare provided. Nameservers tell computers the Internet Protocol (IP) address where your site’s content resides. Cloudflare should provide you with two nameservers.
To make things easier, you may want to access your registrar in a separate browser tab so you can more easily copy and paste Cloudflare’s nameservers into the form provided by your registrar.
Step 4. Wait for the DNS to change
It can take up to 48 hours for your DNS changes to propagate across the Internet, but is generally quick with most ISPs getting updates in one to 2 hours. While it happens, your domain should still be accessible, but may be briefly inaccessible.
Your domain may still be affected if a DoS or DDoS attack during the nameserver propagation process. You can get a sense of whether the DNS changes are complete by using a tool like Who.Is to check your domain and the nameservers it finds for your domain. When complete, the nameservers should match those provided to you by Cloudflare.
How it works
Most attacks attack a domain. DNS resolution is the process of translating a domain name (myspecialboard.com) to an IP address, ex: 123.45.67.89. Attackers will query Cloudflare’s nameservers to get your IP address. Because Cloudflare constantly monitors the web, it generally knows the IP addresses of attacking machines. It won’t provide your server’s correct IP address to these machines, insulating your web server from most of these attacks.
Attacks may still occur, but are unlikely
Targeted DoS and DDoS attacks can still succeed if the attacker knows or randomly picks the Internet Protocol (IP) address of your web server and attacks it, rather than your domain. As your web server’s IP address won’t be generally known, these incidents should be few and far between. If they occur, it is likely due to an attack on a random IP address.
If you detect a DoS or DDoS attack after being protected by Cloudflare, Cloudflare can still help. Click on your website on the Cloudflare web page and set the Under Attack Mode slider control to On. More details are here. Cloudflare will examine the machines hitting your domain and do its best to block them.
If you use shared hosting, you may still be subject to DoS or DDoS attacks you can’t control. This is because the attack may not be happening to your domain directly, but to another domain on the same server using the same IP address as your web server. Such a scenario though is pretty unlikely.
I ran into a major bug in phpBB doing a conversion for a client to phpBB 3.3.5 recently.
A conversion is when you migrate from a different forum solution to phpBB. It’s also used for phpBB 2, which was retired in 2007, as the architecture for phpBB 3 is completely different than phpBB 2. You would think after 15 years there would be no more phpBB 2 boards left. My clients would disagree. I get probably half a dozen of these a year, almost all from phpBB 2. It is amazing that there are so many of these boards still around. phpBB 2 was very simple, but very reliable.
The conversions used to be painful but the convertor software has become much more reliable. Now most conversions have minor issues at best. So I wasn’t expecting any trouble when I did a recent phpBB 2 conversion other than a lot of waiting around: this board had 3.9 million posts, 1 million private messages and 60GB of attachments.
But there was a problem that manifested as soon as I hit the submit button after entering the old database information. I got a HTTP 500 error and the PHP error log generated some really hard to understand error messages.
I spent the better part of two days puzzling it out, eventually assuming that it was environmental on the client’s server. So I moved a 4GB database and 60GB of files to my machine to try it there, but it happened again.
To shorten a long story, the convertor failed because configuration information for the conversion was serialized and stored in the database was not serialized properly. The configuration information contained escapes (\”, mostly). When PHP was told to unserialize these it couldn’t, returning NULLs where an array would have been expected. With a lot of trial and error I found if I removed most of these escapes it would unserialize properly and I could continue the conversion. But clearly something had changed in the conversion software.
I reported it but apparently the phpBB Group already knew of the error, and it will be fixed in phpBB 3.3.6. It was not reported in their support forum, which is where serious problems to a release are usually posted. Most likely it just got overlooked, but also after 15 years the phpBB Group probably figured hardly anyone runs conversions anymore, so why bother to highlight it?
There are two workarounds if you find yourself in this situation:
Wait for phpBB 3.3.6 or higher edition as it should be fixed
Install phpBB 3.3.4 instead of 3.3.5, run the conversion software and afterward update to phpBB 3.3.5
I tested the latter approach with another client yesterday and it worked fine.
Virtual private servers (VPS) are neat inventions: they give you a guaranteed slice of resources on a real server, which means you generally have plenty of CPU, disk space and memory to run your bulletin board. Usually things run spiffy on a VPS. Limitations like outgoing email quotas generally aren’t a problem. A VPS is generally completely configurable, letting you control and install pretty much anything. It’s all this and they don’t have the cost of renting a dedicated server. The technical overhead is usually less too.
Working with a client yesterday though reinforced in my mind that a VPS is not for everyone. I’ve had a VPS for this site and my other domains over the years. I eventually discovered I didn’t need one. Shared hosting was fine for my needs (and budget), providing I could find the right shared host. Even though I am a techie at heart, doing this stuff is not where I wanted to spend my time. I could usually work around shared hosting issues and if I couldn’t, I could usually find a better shared host and move my stuff there.
VPS Pitfalls
What are some of the pitfalls of a VPS? Here are some:
Generally you don’t get much handholding. You usually get a web host control panel like Plesk to take a lot of the grunt work out of managing a VPS, but you can’t get rid of the technical behind the scenes work altogether. For example, the client I worked with yesterday abruptly ran out of virtual disk space. He likes to keep tons of images that are attached to posts on his VPS. He got no warning emails that he was about to use up his quota. This resulted in a cascading series of failures that me and his web host got to clean up. In his case, it appears that abruptly running out of space corrupted his database. phpBB was trying to write to the phpbb_moderator_cache table and it failed. It corrupted this table, showing it in the list of tables but it wasn’t actually accessible. I got to clean up that issue while he got to figure out just how many system backups he could safely store in his virtual space. With 20GB of attachments and about 80GB of space, you can’t make too many backups without triggering problems.
You may be paying too much for file space on a VPS. Prices for a VPS generally start around $50/month. If you have a lot of static files like images and videos, a lot of these static files could be moved into the cloud, you could conceivably pay a lot less money rather than buying more virtual space on your server when you need it. Putting attachments in the cloud not easy to do in phpBB although there is a dated AWS S3 extension that could be used, if you have the technical skills to set it up and migrate the files.
You really need to have some intermediate or advanced Linux skills. Do you know how to check the size of your physical and logical volumes? Do you know how to give a volume more space? If you do, great, but if you don’t you’ll have to rely on your host’s tech support and probably pay for the special support. You need to know SSH, how to navigate around your VPS from the command line and change file and directory permissions. To install some software, you might have to know how to use a package manager. It’s up to you to monitor your server’s performance and troubleshoot issues like emails getting blocked from going out.
Good shared hosting may be cheaper and meet your needs. Finding good shared hosting can be hard and the market constantly changes. Although shared hosting has many downsides, it is considerably cheaper than a VPS and someone else manages the infrastructure for you, generally speaking.
Like with shared hosting, there are lots of VPS hosts out there that aren’t great. Generally, you won’t know how good an experience you will have until you try it.
For these reasons and others don’t assume a VPS is the solution to your problems, even if you are willing to pay $50/month or more. It’s nice to get fast response time and that can be very helpful for things like search engine optimization, where fast page loading is a critical factor for high placement in a search index. It’s nice to see things run smoothly and reliably, which is generally what happens when you are on a VPS. When things go awry though, it’s likely to be a painful experience, unless you have the skillset for managing these sorts of problems.
VPS host recommendations
I am usually asked for recommendations for shared hosting. For a VPS, the best I’ve seen so far has been MediaTemple’s VPS hosting. I’ve had a client on a MediaTemple VPS for twelve years and system problems have been virtually nonexistent. I don’t recommend their Grid service, although that experience is some years old. A self managed VPS plan with two virtual CPUs and Plesk, for about $50/month, has proven very reliable for this client. MediaTemple is now owned by GoDaddy, and some say things were better before they were bought out, so certainly things can change for the worse.
I currently host my site on DreamHost. If you are considering rehosting or just want to buy some domains (or renew them) at some great prices, consider taking DreamHost up on their sale and saving some money too. You would also be doing me a favor by using my affiliate link, which would allow me to generate some income too.
Rehosting is obviously a time consuming and can be an expensive endeavor. DreamHost may not be appropriate for your particular needs either. See my review of DreamHost and make sure to contact their sales department to make sure it meets your requirements. But if you decide to use them, please use my affiliate link.
I could help you move your board to DreamHost if you need help, for a fee of course. Also please note that I will be on vacation November 30 – December 12 and won’t be providing any services during that time.
Here are some details from DreamHost on their sale:
$2.95/mo for a year plan, over 79% savings and a free domain
Pro Services:
(Applies to both New and Current Customers) 20% off all Web Design Plans 20% off 1-time Site Services: Site Optimization, Site Migrations, Site Update, Hacked Site Repair, Custom Web Development
Again, use my affiliate link if you want to take advantage of this sale.
A client recently sought me out. A board user wanted to get email notifications when receiving private messages. These are disabled by default but can be enabled. Most users though won’t dig through the User Control Panel to find the setting: UCP > Board preferences > Edit notification options > Someone sends you a private message > Email.
The client wanted all his board users to have this enabled by default. Not one to ever reinvent the wheel, I searched for an extension. I found this one, in release candidate status, which allows an administrator to tweak notifications for a user on a case by case basis. But that didn’t meet the requirement.
I wasn’t sure how this setting was stored in the database. I did some experimentation by turning it on and off and looking in the phpbb_user_notifications table using phpMyAdmin. This provided a clue on what to do.
Private message email notification setting for user in the database
Essentially if I could add rows like this to this table, I’d effect the change needed. There were two aspects to this:
Ensure existing users has this setting set
Ensure that new users had this setting applied automatically with registration
If you know Structured Query Language (SQL) pretty well, it wasn’t that hard to figure out the SQL needed to ensure existing users who didn’t have this setting applied had it applied. This amounted to adding rows to the phpbb_user_notifications table for those who didn’t have a row for this permission already. The SQL was little complex but based on what I learned from testing in phpMyAdmin, straightforward and turned out to be:
INSERT INTO phpbb_user_notifications SELECT ‘notification.type.pm’, 0, user_id, ‘notification.method.email’, 1 FROM phpbb_users WHERE user_id not in (SELECT user_id FROM phpbb_user_notifications WHERE item_type = ‘notification.type.pm’ and method = ‘notification.method.email’) AND user_type = 0;
Having it work automatically with new registrations though was more complicated. Initially I didn’t consider the idea of writing a phpBB extension to do this. Rather, I proposed writing a SQL trigger to do this instead. But then I realized writing an extension would probably not be that big a deal and would have the advantage that if the user was deleted, phpBB’s code would delete these user notifications at the same time.
Writing extensions for phpBB is complex the first few times you try, as I discovered. The phpBB Group has this Wiki you can read to see if you can get your head around it. You need to be able to program in PHP but really you also generally need related web stills in HTML, CSS and Javascript too.
The more extensions I write though, the more I realize a lot of rather simple functionality can be done with rather trivial extensions. There is a skeleton extension you can install that will generate a lot of boilerplate code that makes it relatively easy to add the specialized functionality you need. I placed this on my test board and simply filled out the fields needed. Once installed a link appears on the navigation bar. The most baffling part for new extension authors is figuring out which components to check. Much of this comes from experience, but hovering over the component with your mouse helps explain that the component will do for you.
phpBB Skeleton extension interface
In this case, all I really needed was to check the PHP event listener and service checkboxes. This was for a client so it was not for general release, so I didn’t need to worry about database migrations. I didn’t need to add any Administration Control Panel user interface. It was to happen behind the scenes. When the form is submitted it creates a nice .zip file which can be decompressed and uploaded to your development environment. I enabled the extension.
What I needed to do was to add some logic during user registration. But where? And how? phpBB is all open source, so it’s a matter of reading the code. If you read the code, you realize that at some point the function user_add in /includes/functions_user.php is called and it does the grunt work of adding new users to lots of tables.
Inspecting the user_add function I found inside it a number of events that could be hooked into by my extension. I found the core.user_add_after event at the bottom of the function that looked like it would work. Essentially, after phpBB does all the normal stuff to create a user, you can have it do extra work. The event documentation shows:
/**
* Modify the notifications data to be inserted in the database when a user is added
*
* @event core.user_add_modify_notifications_data
* @var array user_row Array of user details submitted to user_add
* @var array cp_data Array of Custom profile fields submitted to user_add
* @var array sql_ary Array of data to be inserted when a user is added
* @var array notifications_data Array of notification data to be inserted when a user is added
* @since 3.2.2-RC1
*/
$vars = array('user_row', 'cp_data', 'sql_ary', 'notifications_data');
extract($phpbb_dispatcher->trigger_event('core.user_add_modify_notifications_data', compact($vars)));
The skeleton extension I used created a main_listener.php program in the /event folder where you can hook in code for events like these. To insert a row into the phpbb_users table, I would need to know the user_id that was created. The event passes a user_row array, so it seemed likely the user_id would be inside of it.
Since I was going to access the database, I needed main_listener.php to be able to use phpBB’s database abstraction layer service. So first I went into the /config/services.yml file for the extension and added this service. This was straightforward. Since I didn’t need to use the language service, I removed the language service too. The file became:
Next, to hook the database abstraction layer service into main_listener.php. I removed any references to the language service first, then hooked in the database service. The main_listener class looked in part like this:
public static function getSubscribedEvents()
{
return [
'core.user_add_after' => 'user_add_enable_pm_email_notifications'
];
}
/* @var \phpbb\db\driver\factory */
protected $db;
/**
* Constructor
*
* @param \phpbb\language\language $language Language object
*/
public function __construct(\phpbb\db\driver\factory $db)
{
$this->db = $db;
}
The getSubscribedEvents function is where you hook in a custom function to an event, the core.user_add_after event in this case. I told phpBB to look for and execute a function in the program, user_add_enable_pm_email_notifications. Further down in main_listener.php I added a small amount of custom code to do what I wanted done inside this function:
The incoming $vars variable contains a collection of stuff that can be read by my event. It turned out that $vars[‘user_id’] contained the user_id for the next user. Then, based on what I saw in the phpbb_user_notifications table, the SQL INSERT statement became straightforward to write and execute.
I think this demonstrates pretty well how a reasonably experienced web programmer can make a small custom extension to add some missing minor functionality that the phpBB Group did not think was needed.
