MyBB
A screenshot of a default MyBB installation | |
Original author(s) | Chris Boulton |
---|---|
Developer(s) | MyBB Group |
Initial release | 2002 |
Stable release | |
Repository |
github |
Development status | Active |
Written in | PHP / MySQL (PostgreSQL and SQLite are also supported[1]) |
Operating system | Cross-platform |
Size | 2.20 MB zipped; 13.93 installed |
Available in | Multilingual – Official support is given in English, but language packs are available for German, Spanish, Vietnamese, Portuguese, and many others[2] |
Type |
Forum software Mailing list management software |
License | LGPL[3] |
Website |
www |
MyBB, formerly MyBBoard and originally MyBulletinBoard, is a free and open source forum software developed by the MyBB Group. It is written in PHP, supports MySQL, PostgreSQL and SQLite as database systems and, in addition, has database failover support.[1] It is available in multiple languages[2] and is licensed under the LGPL.[3]
History and development
MyBB 1.0 and 1.1
Founded as DevBB in 2002 by Chris Boulton from a fork of XMB, the first public release (RC1) of MyBB was published on 10 December 2003. It wasn't until 2 years later, on 9 December 2005, that MyBB 1.0 was released.
On 9 March 2006, version 1.1 was released. The last version of this series was 1.1.8, a security update released on 20 August 2006.
MyBB 1.2
On 2 September 2006, with a revised and rewritten code base and over 40 new features, MyBB 1.2 was released. Support for the 1.2 series officially ended on 1 June 2009, although security updates were available until 31 December 2009.[4]
The final version of the 1.2 series, 1.2.14, was a security and maintenance update published on 17 July 2008.[5] Several security patches were available in consequent security updates for users still using the 1.2 series.
MyBB 1.4
After a long beta phase MyBB 1.4 was released on 2 August 2008 complete with over 70 new features, including a completely revised and redesigned Administration Control Panel (ACP).
On 12 October 2008, MyBB 1.4.2 was released. This version changed MyBB's license from proprietary to GNU GPL v3.[6] The change in license was driven from a request from KDE who, in a related announcement, launched their first web-based community using MyBB as an alternative to a mailinglist.
On 2 May 2009, due to time constraints, founder Chris Boulton left the day-to-day responsibilities to Dennis Tsang (previously the Support Team Manager) who took over as Product Manager of MyBB. Matt Rogowski would later take over Dennis' responsibilities as Support Team Manager.[7]
So far, much of MyBB's development happened internally on a closed cycle. After switching to an open source license, on 19 August 2009, the MyBB Group opened development access so that users had access to the official bugtracker and read access to the subversion repository.[8]
The final version in the 1.4 series was 1.4.16, released as a security update on 17 April 2011.[9] Support for the series ended on 1 July 2011 for both maintenance and security releases.[10]
MyBB 1.6
On 3 August 2010, on the 2 year anniversary of MyBB 1.4's release, MyBB 1.6 was released with over 40 new features and included many tweaks, fixes and performance optimizations. The 1.6 series is distributed under the GNU LGPL v3[3] and requires at least PHP 5.1.[11]
During the 1.6 series, several senior members of the MyBB Group changed positions. On 3 October 2010, Tim Bell was promoted to Product Manager with responsibilities of running the day-to-day operations of MyBB as well as the marketing aspect of the MyBB product. Dennis Tsang took a position as Technical Advisor, helping with software design and development of MyBB.
On 5 December 2010 Ryan Gordon, the lead developer of MyBB for the past 5 years, resigned to pursue new challenges. As a result, Tom Moore took over Ryan's responsibilities for development and Dylan M took over management of the MyBB Merge System.
MyBB 1.6.4, released 26 July 2011, was one of the largest MyBB updates and the first release in MyBB's history that required all core files to be replaced due to errors in previous releases of 1.6. It was also the first release to include feature changes which are normally reserved for major point (feature) releases, but was marred upon discovery that the release had been contaminated during a MyBB server breach with dangerous code that could be used to exploit forum installations running 1.6.4.[12] The step to include new feature updates was taken to extend the life of the 1.6 series while MyBB's next series, MyBB 2.0, was being developed.
On 25 November 2011, MyBB 1.6.5 was released. This version included over 10 new feature updates, including reCAPTCHA support and advancements to prevent spam users.[13]
On 10 February 2012, MyBB 1.6.6 was released as a security update. It fixed 14 low-risk vulnerabilities and fixed an issue allowing for the import of a non-CSS stylesheet. MyBB also fixed a bug in 1.6.5 where announcements would disappear.[14] On 14 February 2012, the MyBB Group announced that MyBB 1.6.6 was originally released with development code unintentionally included.[15]
On March 31, 2012, MyBB 1.6.7 was released, fixing over 70 issues, and introducing 5 feature updates. It fixed 4 SQL Injection vulnerabilities (low risk), an XSS vulnerability, and a path disclosure issue. The feature updates included wider display of Forum Rules, Custom Moderator Tool permissions, an override permission for sending an email to a user who has ignored you, and the ability for a user to log in with their email address.[16]
On May 27, 2012, MyBB 1.6.8 was released. It was a general maintenance release and fixes over 40 reported issues. To provide support for EU users cookies tracking forums or threads that have been read by guests are now session cookies. The information held within these cookies will be destroyed when the user's browser is closed.[17]
On December 15, 2012, MyBB 1.6.9 was released. It was a security release for the 1.6 series. In this version was fixed a high risk SQL vulnerability when editing a post and another medium vulnerability about CAPTCHA systems. Also was fixed a bug related to the editor that not working in Firefox 16 (and above).[18]
On April 22, 2013, MyBB 1.6.10 was released. It was a security & maintenance release. It saw the fixation of seven minor vulnerabilities and over 95 reported bugs causing the incorrect utilization. A considerable amount of effort has been put into MyBB 1.6.10 to fix a myriad of issues with PHP 5.4.[19]
On October 8, 2013, MyBB 1.6.11 was released. It was a security & maintenance release. In this release, 5 vulnerabilities and over 65 reported issues causing incorrect functionality of MyBB were fixed, including a vulnerability that affected users using a MySQL Database.[20]
On December 30, 2013, MyBB 1.6.12 was released. It was a security & maintenance release. In this release, 4 vulnerabilities and 10 reported issues causing incorrect functionality of MyBB were fixed, adding a new feature: support for 4-Byte UTF-8 Unicode Encoding for a MySQL Database.[21]
On April 26, 2014, MyBB 1.6.13 was released. It was a security & maintenance release. In this release, 4 vulnerabilities and 38 reported issues causing incorrect functionality of MyBB were fixed, solving two medium risk reported vulnerabilities.[22]
On June 30, 2014, MyBB 1.6.14 was released. It was a security & maintenance release. In this release, 5 vulnerabilities and 50 reported issues causing incorrect functionality of MyBB were fixed, solving two medium risk reported vulnerabilities.[23]
On August 4, 2014, MyBB 1.6.15 was released. It was a security & maintenance release. In this release, 1 vulnerability and 26 reported issues were fixed, solving one medium risk vulnerability.[24]
On November 20, 2014, MyBB 1.6.16 was released. It was a security release. In this release, 5 low risk vulnerabilities were fixed, in addition to sanitizing all data obtained from the MyBB server.[25]
MyBB 1.8
The MyBB Team said many times that MyBB would be jumping directly from MyBB 1.6 to 2.0. However, on 1 April 2012, the MyBB group announced that there would in fact be a MyBB 1.8.[16] Many considered this to be an April Fool's joke. Then, on 3 April 2012, another blog post was released saying that "it was no April Fool".[26] MyBB 1.8 will feature a new default theme based on MyBB lead designer Justin S.'s Apart theme series. A brand new feature to do with themes was announced:
[Attachable base colors] allow you to create colours to which you can attach stylesheets (just like you can attach stylesheets to pages). You can also set a display order for all your stylesheets so that they can override styles. Together, the changes mean you can add a theme with as many custom colours as you want. Using the parent/child theme structure that already exists in 1.x you can restrict or allow certain usergroups to use these colours and, as they inherit the main stylesheets, they’re very easy to manage. So, there is no longer the need to install a dozen different themes just for a different colour header.
Tom Moore, MyBB lead developer[26]
The post went on to say that MyBB's default JavaScript library would be changed to the more popular jQuery from the current Prototype JavaScript Framework. A new "trash can" soft delete feature was also announced that allows deleted posts to be recovered in the Moderator Control Panel. It was also mentioned that instead of releasing an official anti-spam plugin as planned called Spam Ninja, the MyBB Team would be added many new anti-spam features directly to the MyBB core.
The MyBB Team also announced that the development SVN repository would be moving from their own dev site at dev.mybb.com to GitHub. The GitHub repository was opened to the public on January 23, 2013.[27] All open issues on the development site were moved to GitHub on March 3, 2014.[28]
On June 1, 2014, MyBB 1.8 Beta 1 was released for the public to test and report bugs and issues.[29]
On July 1, 2014, MyBB 1.8 Beta 2 was released for the public to test and report bugs and issues. It included 5 new features and several enhancements since the first beta.[30]
On July 21, 2014, MyBB 1.8 Beta 3 was released for the public to test and report bugs and issues. It was the last beta release before MyBB 1.8 went 'gold'. It included 8 new features and several enhancements since the second beta.[31]
On September 1, 2014, MyBB 1.8 was released with over 24 new features and many enhancements. These changes include: a new theme (for both the front-end forum and back-end Admin CP), IPv6 features, soft delete and the much anticipated change of JavaScript library from Prototype to the more popular jQuery. The release also saw an updated website design and the implementation of the new logo and brand.[32]
On September 17, 2014, MyBB Merge System 1.8 was released, dropping support for 5 other forum software versions, but also adding support for 9 more.[33]
On October 23, 2014, MyBB 1.8.1 was released along with MyBB Merge System 1.8.1. It was a maintenance release. 74 reported issues were fixed and 7 in the Merge System.[34]
On November 13, 2014, MyBB 1.8.2 was released. It was a security release. 5 vulnerabilities were fixed, including one high risk SQL injection vulnerability.[35]
On November 20, 2014, MyBB 1.8.3 was released. It was a security release. 6 vulnerabilities were fixed, including one high risk SQL injection vulnerability, in addition to sanitizing all data obtained from the MyBB server.[25]
On February 15, 2015, MyBB 1.8.4 was released. It was a feature update, security and maintenance release. 7 vulnerabilities, including 2 medium risk XSS vulnerabilities, and 118 reported issues were fixed.[36]
On May 27, 2015, MyBB 1.8.5 was released. It was a security and maintenance release. This release fixed 6 security vulnerabilities and 58 reported issues.[37]
Branding changes
On April 22, 2011, the MyBB Group announced that they were looking for a "creative doodler"[38] to create a mascot for MyBB. Mike Creuzer, of Audentio Design, was chosen for the job. The new MyBB mascot and logo were officially announced on January 12, 2012.[39] A forum discussion was created to propose names for the mascot. The top ten names were placed into a poll, and the community voted and decided upon the name "Bolt",[16] representing MyBB founder Chris Boulton and the speediness and ease of use MyBB has.
MyBB 2.0
The next major release of MyBB will be 2.0, targeted for a release within MyBB's typical release cycle. Currently in early development, it is being rewritten from scratch in a MVC method, using the Laravel PHP web application framework. The GitHub development repository will be opened to the public for contributions and an alpha download released once the new code-base becomes "working software with all the basics".[40]
Donation drive
On 27 April 2010, the MyBB Group started a donation drive in an effort to purchase the mybb.com domain name. The Group needed to raise $5,000 from community donations for the transfer, and with founder Chris Boulton and community member Jesse Labrocca personally providing $1,000, that left $3,000 from the community.[41]
Just a month later, on 27 May 2010, MyBB.com was transferred and in use across the site.[42]
Features
Database support
MyBB supports multiple database engines. It currently supports MySQL, PgSQL, and SQLite v2 and v3.[43] MyBB also supports database failover support so that if one database fails, MyBB will load the next database on the list. Master and slave databases are also configurable.
Plugins and themes
MyBB plugins are written in PHP and use hooking techniques. Unlike other software like WordPress, plugins need to be uploaded via FTP as uploading from the admin panel is not supported without a plugin.[44] However, this is a considerable advantage over the old extension method used by phpBB where all modifications are core file edits.
MyBB Themes are written inside the Admin Control Panel, and exported to an XML file. The XML file includes all modified MyBB templates and CSS stylesheets, which is redistributed alongside any extra resources (such as images) in a Zip file.
There are over 2,400 plugins and themes on the MyBB mods website. Many other MyBB resource sites, such as MyBBCentral or MyBB-Plugins also offer exclusive, and sometimes paid, plugins and themes.[45]
Security
MyBB has a relatively low-risk security record. In August 2008, MyBB performed a security audit (provided by GulfTech) which led to the release of MyBB 1.4.2 on 17 September 2008.[46]
The MyBB Group put security first, giving it the highest priority, to the extent that the MyBB website has a "Security Hall of Fame" to recognise those who responsibly disclose vulnerabilities in the software.[47]
In October 2011, MyBB found 3rd party code had contaminated the 1.6.4 release files.[48] This code could be exploited to open a security vulnerability on a forum running the affected version. It was later found that a security flaw in the custom CMS mybb.com uses to power its website allowed a malicious user to alter the download files to include their own code.[12]
As a result of the intrusion, the MyBB Group now hosts downloads via GitHub to ensure the security of a release.[49] A Forum Security section on the MyBB Community Forums opened in 2011 to provide support for users who have been a victim of an exploit.
Throughout 2011, automated registrations caused forum spam in many MyBB powered forums. In MyBB 1.6.5, released on 25 November 2011, additional methods were added to help administrators locate spam users and manage them effectively as well as providing standard reCAPTCHA support.
In May 2012, hacktivist group UGNazi gained unauthorized control over the MyBB.com domain name using a social engineering technique. The attack appears to have been motivated by the use of the MyBB software by a third-party website, HackForums.[50][51]
Merge System
The MyBB Merge System was first developed in early 2007. MyBB Merge System 1.6 allows conversions from Invision Power Board, phpBB, Simple Machines Forum, PunBB, bbPress, or vBulletin to MyBB, or merge MyBB installations together.[52] MyBB Merge System 1.8 allows conversions from bbPress version 2.5, FluxBB, Invision Power Board versions 3 and 4 (Pre Release Version), MyBB version 1.8 (merge), phpBB version 3, SMF versions 1.1 and 2.0, PunBB version 1.2, Vanilla, vBulletin versions 3 and 4, WoltLab Burning Board versions 3, 4 and Lite 2, XenForo.[53]
Reviews
MyBB has a 9.6 out of ten review at forum-software.org[54] and was named the best free forum software of 2008,[55] 2010,[56] 2011[57] and 2012[58] by the same site. It has been featured in magazines such as The H[59] and runs several sizeable forums on the web, including HackForums, CSNbbs, and several EA Sports boards.[60][61]
See also
References
- 1 2 "DBMS Support". mybb.com. Archived from the original on 10 March 2016.
- 1 2 "List of translations". Archived from the original on 4 April 2015. Retrieved 4 April 2015.
- 1 2 3 "License Agreement - MyBB". Archived from the original on 2015-03-24. Retrieved 2011-12-12.
- ↑ "EOL announcement concerning MyBB 1.2". MyBB Blog. Archived from the original on 10 March 2016.
- ↑ "MyBB 1.2.14 Released - Security & Maintenance Release". MyBB Community Forums. Archived from the original on 10 March 2016.
- ↑ "MyBB Goes Open Source, Now GNU GPL v3 Licensed". MyBB Community Forums. Archived from the original on 10 March 2016.
- ↑ "All things MyBB". MyBB Blog. Archived from the original on 10 March 2016.
- ↑ "Getting Involved: Development site opens". MyBB Blog. Archived from the original on 10 March 2016.
- ↑ "MyBB 1.6.3 and 1.4.16 Security Update". MyBB Blog. Archived from the original on 10 March 2016.
- ↑ "MyBB 1.4 end of life announcement.". MyBB Blog. Archived from the original on 10 March 2016.
- ↑ "Requirements". MyBB Documentation. Archived from the original on 2014-07-22.
- 1 2 Boulton, Chris. "Some closure on the 1.6.4 Security Vulnerability". MyBB Blog. Archived from the original on 10 March 2016. Retrieved 16 March 2013.
- ↑ ""MyBB 1.6.5"". MyBB Documentation. Archived from the original on August 3, 2012. Retrieved July 31, 2012.
- ↑ "MyBB 1.6.6 Security Release". Archived from the original on 10 March 2016. Retrieved 10 March 2016.
- ↑ "Problems with the 1.6.6 release package". MyBB Blog. Archived from the original on 10 March 2016. Retrieved 10 March 2016.
- 1 2 3 "MyBB 1.6.7 Release, Merge 1.6.7 & MyBB 1.8 Development". MyBB Blog. Archived from the original on 10 March 2016.
- ↑ "MyBB 1.6.8 Released – Maintenance Release". MyBB Blog. Archived from the original on 10 March 2016. Retrieved 10 March 2016.
- ↑ "MyBB 1.6.9 Security Release". MyBB Blog. Archived from the original on 10 March 2016.
- ↑ "MyBB 1.6.10 Released – Security & Maintenance Release". MyBB Blog. Archived from the original on 10 March 2016.
- ↑ "MyBB 1.6.11 Released – Security & Maintenance Release". MyBB Blog. Archived from the original on 10 March 2016.
- ↑ "MyBB 1.6.12 Released – Security & Maintenance Release". MyBB Blog. Archived from the original on 10 March 2016.
- ↑ "MyBB 1.6.13 Released – Security & Maintenance Release". MyBB Blog. Archived from the original on 10 March 2016.
- ↑ "MyBB 1.6.14 Released – Security & Maintenance Release". MyBB Blog. Archived from the original on 10 March 2016.
- ↑ "MyBB 1.6.15 Released – Security & Maintenance Release". Archived from the original on 1 April 2015. Retrieved 1 April 2015.
- 1 2 "MyBB 1.8.3 & 1.6.16 Released – Security Releases". Archived from the original on 1 April 2015. Retrieved 1 April 2015.
- 1 2 Boulton, Chris (2012-04-03). "MyBB 1.8 Tour: Introduction". MyBB Blog. Archived from the original on 10 March 2016. Retrieved 2012-06-03.
- ↑ "Getting Involved: MyBB GitHub Now Available". MyBB Blog. Archived from the original on 10 March 2016.
- ↑ "/me thread". MyBB Community Forums. Archived from the original on 10 March 2016. Retrieved 10 March 2016. The actual transfer of issues occurred just before midnight the day before.
- ↑ "MyBB 1.8 Beta 1 Released". MyBB Blog. Archived from the original on 1 April 2015. Retrieved 1 April 2015.
- ↑ "MyBB 1.8 Beta 2 Released". MyBB Blog. Archived from the original on 1 April 2015. Retrieved 1 April 2015.
- ↑ "MyBB 1.8 Beta 3 Released". MyBB Blog. Archived from the original on 1 April 2015. Retrieved 1 April 2015.
- ↑ "MyBB 1.8 Released". MyBB Blog. Archived from the original on 1 April 2015. Retrieved 1 April 2015.
- ↑ "MyBB Merge System 1.8". MyBB Blog. Archived from the original on 1 April 2015. Retrieved 1 April 2015.
- ↑ "MyBB 1.8.1 & Merge System 1.8.1 Release". MyBB Blog. Archived from the original on 1 April 2015. Retrieved 1 April 2015.
- ↑ "MyBB 1.8.2 Released – Security Release". MyBB Blog. Archived from the original on 1 April 2015. Retrieved 1 April 2015.
- ↑ "MyBB 1.8.4 Released – Feature Update, Security & Maintenance Release". MyBB Blog. Archived from the original on 1 April 2015. Retrieved 1 April 2015.
- ↑ "MyBB 1.8.5, 1.6.17 & Merge System 1.8.5 Release". MyBB Blog. MyBB Group. Archived from the original on 10 March 2016. Retrieved 31 May 2015.
- ↑ "Recruiting Creative Doodler". MyBB Blog. Archived from the original on 10 March 2016.
- ↑ "MyBB Rebranding: New Logo and Mascot". MyBB Blog. Archived from the original on 10 March 2016.
- ↑ "2.0 dev post #1". 9 March 2015. Archived from the original on 4 April 2015. Retrieved 4 April 2015.
- ↑ "Donation drive for a domain: MyBB.com". MyBB Blog. Archived from the original on 10 March 2016.
- ↑ "MyBB.com Thanks You". MyBB Blog. Archived from the original on 10 March 2016.
- ↑ "MyBB". Softaculous. Retrieved 2011-12-12.
- ↑ http://mods.mybb.com/view/plugin-uploader
- ↑ "Resource Sites". Archived from the original on December 1, 2011. Retrieved 14 December 2011.
- ↑ Gordon, Ryan. "MyBB 1.4.2 Released - Maintenance and Security Update". MyBB Community Forums. Retrieved 8 October 2013.
- ↑ "Security Research". MyBB. Archived from the original on 20 June 2015. Retrieved 20 June 2015.
- ↑ Boulton, Chris. "Some closure on the 1.6.4 Security Vulnerability". MyBB Blog. Retrieved 16 March 2013.
- ↑ "Some closure on the 1.6.4 Security Vulnerability". MyBB Blog.
- ↑ Twitter / UG: HF Uses Mybb, We're tired. Twitter.com. Retrieved on 2012-06-03.
- ↑ Statement for MyBB.com – UGNazi. Pastebin.com (2012-05-30). Retrieved on 2012-06-03.
- ↑ "MyBB Merge System". Retrieved 2011-12-12.
- ↑ "Merge System". Archived from the original on 1 April 2015. Retrieved 1 April 2015.
- ↑ "MyBB Review". Retrieved 2011-12-12.
- ↑ "Best Free Forum Software of 2008".
- ↑ "Best Free Forum Software of 2010".
- ↑ "Best Free Forum Software of 2011".
- ↑ "Best Free Forum Software of 2012".
- ↑ "MyBB update adds features, closes holes". Retrieved 2011-12-12.
- ↑ "Battlefield Heroes Forums". Retrieved 2011-12-12.
- ↑ "Lord of Ultima Forums". Retrieved 2011-12-12.
External links
- Official website
- MyBB at DMOZ
- MyBB on GitHub