The forum is now open-source. No coding knowledge required to run it.
Judge my garbage code here! https://github.com/2JJ1/Pow-Forum
As a forum builder, this software is currently in very early alpha stage. It's massively incomplete and many bugs definitely exist.
Assuming you complete the entirety of the configuration, you should have most features that this website offers. Be sure to read the README.md file. I still need to make a UI available for some features. Such as to add additional navbar links, footer links, forum support links, add moderators, etc.
Feel free to make your contributions through pull-requests. White hack hackers, I'd love it if you explored for vulnerabilities. Black hat hackers, alt+f4 for free robux. Feel free to redeploy the forum and modify it as you wish; Considering the GNU license.
I'm still refactoring the code. I've been rushing the past few days to make it redeployable. The forum used to be mostly static and built into the exploits portion of the site. It wasn't built from the ground up to be dynamic, so much of the code will look funny. A lot of the forum is especially very old code from when I was still learning. In many areas, I've continued with my poor old conventions to keep things uniform and easier to read.
As a result of making the forum redeployable, I had to change a few things. One being the URL pattern for subcategory thread lists. It used to use the category name, but I had to change it to use an ID so subcategory names can be reused.
I also noticed my implementation of invisible captcha was useless. I've temporarily(maybe) reverted to captcha v2, where you will have to complete captcha challenges to plainly create a thread or reply.
Joined: Mar, 2022
i can smell the cyber crime fourms coming
@atariXD, Use it however you like. It's totally open to the public. This forum has always been more of a project than a product, so I'm not concerned about competition
@atariXD, Maybe when it enters beta stage. There's still a lot to do. Feels wrong to collect mons when I could push a breaking change at any time. Though I will try my best to avoid that. If ever, I'd try adding a migration script to the CLI.
Joined: Jul, 2021
I thought it was an april fools joke, then I realised it is april second
This is exactly why I stopped being so active.
Joined: May, 2022
Never expexted this to happen tbh
Exploits i own:
Script-Ware (Down rn) Electron (UWP) Shadow (UWP)
i dont use verm that much so dont contact me there
Developer @ Novaline
Joined: Apr, 2021
This actually shocked me. Jon, please be aware of the serious black hat hackers, cause they might cause trouble, especially since the forum is now open source. Good luck, however, on maintaining this project.
Developer @ Novaline
I develop authentication systems & key systems in Python for a low price.
Joined: Mar, 2023
@atariXD, How is this better than MyBB? I'm not trying to put it down, as it seems like a valuable addition that many people will use, but I'm interested in understanding what sets it apart from MyBB.
stop take my rice
Joined: Mar, 2022
Let's just take a moment to acknowledge how our "competitor" forum (V3RM) is still using MyBB, meanwhile Jon is over here dominating and creating his own forum software.
Seriously though, this action introduces a wide variety of things you must be careful of, for instance, I'm sure that there are some vulnerabilities internally that can be found and exploited now. Security must be one of your top priorities now, as the more people using the software the less you can afford some big vulnerabilities to be found. I'm very sure you already know this though.
I might create some YouTube video to demonstrate the installation of this forum, not just so there is visual instruction but also to possibly give you a little head start in users. Though YouTubes algorithm is very odd so I doubt it'll get much anywhere besides people searching it themselves.
I hope this goes well, I can see this becoming very great, but I do worry about the security of this forum now. Tbh there aren't many people equipped to deal with attacks on this forum, ig we'll see what happens.
I also worry about this forum becoming filled with people looking for support about the software, this community is great but needs to be kept that way. Of course, that sorry is very dependent that the software goes big, but I (and I believe I speak for everyone else on this forum too) have great confidence in this (and ofc, you).
test_bot2 is back
please stop taking my rice i need it to breathe
Didn't expect this coming. Now I can apply bugfixes and optimizations and new features *cough* a better api.
@VoidableMethod, Absolutely. I take every measure I can recall to prevent security issues. Query injection is unlikely thanks to using Mongo through an ODM. Even if an XSS point existed, cookie logging is impossible due to being HTTP only. The only identifying and private(depends on who you're talking to) piece of info the site collects is an email address. Everything else is already public.
My only job is pretty much to remember to escape every user input and be careful of data leaks where data is output. Security wise at least. Resource attacks... Hmm
Honestly, I'm kind of hopeful that someone will find an issue. I always learn so much with each new attack.
@reversed_coffee, Now people can stop asking about adding their bot. Can just make a pull request!
@Xero I love how that's the first thought that came off the top of your head when replying.
@reversed_coffee, God damnit I love this push notification update lmao
@Xero Wait this site has push notifications now?
Users viewing this thread:
( Members: 0, Guests: 1, Total: 1 )