Wanted: Web Discussion Board Software That Doesn't Suck (and groks RSS)

I believe Invision Power Board (http://www.invisionpower.com) has everything you need.

- It's Open Source (but not GPL, it has its own license)
- PHP
- Uses as few tables as possible
- Avatars
- Built-in registration
- Now outputs in RSS (and if you don't like the way it does it, I wrote a hack that outputs the RSS a bit differently, in full, separate posts)
- MySQL
- Avatars (again?)
- I believe you can set up charges for registration using PayPal and other systems (http://forums.invisionpower.com/index.php?showtopic=90087)
- E-mail integration

Ditto Rob. I use Invision Board and it's pretty slick. If you've ever been to the MovableType forums, that's what they use.

I am not a fan of the templates due to the fact that they are broken up into a million pieces, but I haven't messed with them that much. There may be an easier way. Otherwise it's great.

> Uses MySQL as the back-end database

LOL, well you just completely shot yourself in the foot there!

Jeremy, FudForum is probably what you want. It is the only one I would trust in any way. Most of the other ones out there are really badly written. See http://fud.prohost.org

You would have known this if you had checked my toys page! ;) (http://toys.lerdorf.com)

Processing payments with paypal's IPN is pretty easy. It could definitely be more straight-forward and better (how about xml-rpc, soap, or ...?). But no, use POST. Their example code completely sucks ass too.

FUD forum is pretty impressive, until you look at the markup. Sure, it does a great job of letting you control the colour scheme with CSS but it's littered with font tags and doesn't even come close to validating. The font tags are weird because they're only used to apply CSS classes. It's completely template driven so it should be possible to fix the markup up to be pleasant, but there are a ton of templates to fix first.

I am a lot less worried about whether it validates than I am about how easy it is to hack. Every other forum I have ever tried I was able to hack with either SQL injection or direct execution of arbitrary shell commands through them in less than an hour. Not to mention XSS holes. FudForum is still the only one I have found I couldn't do that to out of the box.

Paypal sucks. They locked my money. And even a non-locked user of paypal cannot get his money back.

I'd add one more to the list:

*) Avatar system respects robots.txt

An artist friend of mine has her website hosted on my home box (ObPlug: http://www.vogelein.com) and lots of folks like to grab the thumbnails and use them. They don't ask or attribute, though, which rather annoys her as you might expect :)

if you want a lightweight, easy to configure bulletin board without all the bells and whistles, try punBB.

http://www.punbb.org/about.php

Not sure why people haven’t mention phpbb. Is it too obvious to suggest phpbb?

It has pretty much all the things you’ve mentioned and an impressive user base. Here is an example community (out of the many thousands) that uses it. Smarty support forums: http://www.phpinsider.com/smarty-forum/

There is plenty of MOD, this one spits out rss feeds: http://www.phpbb.com/phpBB/viewtopic.php?t=120081 .

Now, the good (not perfect) part I think is that customization is done via templates and css. The templates are reasonably organized and clean, the best part is that language packs are independent of templates.

Two weeks ago I moved a forum to phpbb in 2 days: http://foro.loquo.com (3 languages, spanish, english and catalan). My only complaint is full text searching, instead of relying of mysql fultext index (albeit its limitations), it build its own bloated tables.

Dunno if phbb's any good, but I do know there's an outstanding security warning about it. (And I've bene seeing failed probes to exploit it in my web logs the past few days) If you use it, I'd say make sure you're up to date with the patches for it...

phpMyBBB works quite well for me. And the RSS output is, well, good enough for Feedster. It doesn't have everything you need but its about as close as you'll fine. I think the css / validation is something that every product will fail on.

There's enough of us php hackers out here that really respect you Jeremy that I think if you took the position "These are the phpBB changes I need made and I'll give you a free copy of my book if you make them" that someone will do it". Just a thought.

Scott

phpBB was one of the ones that fell into the "easily hacked" category last I looked.

vBulletin (http://www.vbulletin.com) might be what you want. It'll cost ya though; $85 yearly, or $160 one time fee (+$30 optional support).

Their newest version, currently still in beta, almost RC, has everything and more what you want, though.

If you want free, I'd definately go with IPB, as it's the best free board around.

Ok, I had a quick look at IPB and security-wise I wasn't overly impressed. And that was without even looking at the source code. One of the first things I tried worked. I was able to register a new user without agreeing to the terms agreement thing they put up. The validation of whether you checked the checkbox or not is only done in client-side Javascript. They never check it on the server. There is also no bread crumbing happening so I was able to save the registration form on my own web server, modify it as much as I wanted and post from it directly to their site and the user was created. Not that this in itself means the whole thing is insecure, but it certainly doesn't fill me with confidence.

Rasmus: If you want to report them, I'm sure they'd fix them.

The discussion board software I really like is QuickTopic, but it isn't Open Source.
It has a user experience thta is just right though

I really like TikiWiki but it may be overkill, requires feeding, and the forums look only OK, BUT I still think its worth looking at if you havent yet. I am using it for 8 different sites now. Now if I could just figure out how to tweak more performance out of MySql, sigh. (my problem, not MySql's problem )

http://www.phpbb.com/ is mentioned here and is nice.

And of course http://www.vbulletin.com/

I really like TikiWiki http://www.tikiwiki.org but it may be overkill, requires feeding, and the forums look only OK, BUT I still think its worth looking at if you havent yet. I am using it for 8 different sites now. Now if I could just figure out how to tweak more performance out of MySql, sigh. (my problem, not MySql's problem )

http://www.phpbb.com/ is mentioned here and is nice.

And of course http://www.vbulletin.com/

This guy seems smart, maybe he could do something for you:
http://www.pluggedout.com/blog/

I've hacked MiniBB for the WordPress support forums to basically where you want it, and I'd be happy to tar up my copy and send it to you. Right now if you add "/rss/" to the main forum display or any topic it'll give you an RSS representation of that thread or the latest posts in the forum. I need to add the functionality for that to work on a per-forum level, and the RSS itself should really be cleaned up as it's messy. But that's little stuff. The big thing is I've spent hours going through correcting invalid markup and changing threads to display without any tables. It still needs a little work, but it's easy to hack.

Hack the trackback RSS representation thread

a hot free forum software that is about to be released is www.i2forums.com

I2Forums is a hunk of junk that had been abandoned by Ikonboard, but an immature FORMER, BANNED staff member stole it and decided to run it.

IB stopped developing it for a reason, but since he stole it, they have sufficient grounds to sue this thief and plagarizer.

i checked out i2forums it has nothen to do with ikonboard i got to look at the i2forums code and they dont even match the stuff for ikonboard. were do you get this fake information from.

the man

Ya, it's not easy finding a good forum software. Have been looking for a while and am reluctant to try anything.

I ran a successful phpbb site for about 4 years but I wouldn't suggest it to anyone else.

Yesterday I broke down and tried FUDforum and I can't suggest it either! After hours of tracking down an SQLerror in their non-standard error reporting (and with lousy error tracking messages) I finally gave up. After looking at their support forum and seeing 7000 other install issues I certainly wasn't confident.

I have to say though, after peeking through the code and finding function names like 'q' and 'qu' I was pretty horrified. That usually indicates they didn't sit down with a whiteboard or anything in the development stages and probably just started coding until it worked. The fact that Rasmus couldn't "easily" crack it doesn't really matter. Once you look under the hood at the quality you'll proabably be left with the same questions. That is, if you can get it installed and running.