GrimBB

GrimBB is an internet forum package (the BB stands for Bulletin Board). Its code is open source and runs on PHP 4. The framework that allows GrimBB to maintain its user uploaded content is a custom flat file database.

History
GrimBB was started by the Grim Pirate on November 4, 2006 as a way to provide a forum for his personal site, Jolly Roger's Ship.

The first operational build of GrimBB was released on January 11, 2007. This was analogous to v1.4. This build had all necessary functions that any modern bulletin board package would contain.

Features
* Coded exclusively in PHP
* Manipulation of visual style through CSS
* Unique User Registration
* Login/Logout controlled through server cookies rather than client cookies
* Database is generated by creating text files with unique names
* Error handling redirection pages
* Posts are dated
* Data entry verification for invalid/illegal data in posts (XSS attack prevention)
* Search enabled with result highlighting
* Allows input of certain native HTML tags
* Sorting of threads according to original post date and most recent reply date
* Custom hash function for storing passwords
* Favicon enabled
* Automated thread locking
* Automated nickname removal
* Denial of registration to make board privatized
* User editing of previously made posts
* Administrative functions for banning IPs, moving/locking/deleting threads/forums/categories

Technology
GrimBB requires a webhost that provides PHP 4.3.0 or greater support.

The defining goal of GrimBB was to not make use of any of the available SQL databases. Instead, its mission statement was to operate on its own generated flat file database, therefore allowing internet users with free sites the affordability of having a forum on their own site.

Security
GrimBB does not collect any personal information such as e-mails or names. Instead it uses solely usernames and passwords to identify its users. Passwords are encoded using a custom hashing function called GH1 (which stands for Grim's Hash 1). Rather than relying on file permissions to hide the content of files, GrimBB's flat file database is constructed from PHP files that have their content commented out using the /* and */ comment brackets. GrimBB also prevents XSS attacks by allowing only certain html tags to be utilized in its posts. Furthermore, GrimBB uses no javascript in its own code and rather than using sessions or cookies on the client-side, it manipulates a server-side cookie to keep track of the user. Credit to BlackNine for finding multiple security exploits.
 
< Prev   Next >