To fork or not to fork - that is the question

PHP-Portal Project Joined: Mar 05, 2004 Posts: 12

You can put my name next to Documentation (7).
I may also be able to assist with testing and probably MUST do so in order to even begin the documentation.

I foresee having documentation at minimum something like this:

System Requirements
Installation
--- Installation troubleshooting.

How to Use It

If teh Installation and installation troubleshooting section is larger than the How to Use It section, then I would consider the project to be a failure. Smile

Also... just for point of reference, I think if the end user can create a database and assign a user to that database, then the next step would be to run an analyzer to check system requirements. (Versions of MySQL, PhP, is Zend present, Can we connect to the database, is GD library installed, etc...) Whatever the system requirements let's check them up front to avoid problems during/after install.

Make this PRE-INSTALL package a separate download so folks can run a preliminary check to PREPARE for the install. Then automate the install based on information gathered from the analysis.

Posted: Thu Mar 11, 2004 8:43 am

You can put me down for 7 & 8, unfortunately my very limited knowledge of php precludes me from any of the others.

For a pre-install package - one might want to borrow some core code from a CMS called Typo3 (its a bit of a monster).

Posted: Thu Mar 11, 2004 9:10 am

well as a non-OO programmer, you can put me down for whatever you think best.
when you get more specific i can tell you which i'm best suited for.
currently i'd like to try Core-2 but that's up to you.
i've been programming for 19 years not including college.

i can also be your CARO, Chief Anal Retentive Officer, (i'm happily married to a lovely girl Laughing

)
but i am a stickler for spelling. maybe CSO, Chief Spelling Officer, or CGO, Chief Grammar Officer would be better Smile

Posted: Thu Mar 11, 2004 1:06 pm

I would like to add my limited experience to 7 and 8, or where ever else you think I may fit. Thank you for the opportunity. Steve Wink

Client Joined: Jan 29, 2004 Posts: 624

From what I've read it appears that FB is more interested in consolidating his control over php nuke than in improving security and useability. Once he and his coders have completed their task I think the shoe will drop, and every website that now uses 'free' nuke will be required to pay FB a monthly or yearly royalty for using nuke- or cease using it. Nothing wrong with that, in theory, since there is no such thing as a free lunch and FB does hold the patent on nuke. First he must improve the security before he and his lawyers can require royalties from users, and that brings me to Raven's thoughts on forking. Are the security issues inherent to PHP as a programming language? If so the security problems in nuke will persist no matter what FB's coders or anyone else does, as new bugs will always be found and exploited. On the other hand, if PHP is an essentially secure language or can be made so, and the security issues in nuke result from the way nuke implements PHP, then the idea of forking off and developing a true CMS or portal based on pure PHP is a good one.
Those are my meandering thoughts on it, and I'm perfectly willing to help out in any way I can.

Site Admin/Owner Joined: Aug 27, 2002 Posts: 17088

Southern,

FB owns the phpnuk.org domain. phpnuke is GPL, FB does not hold any more rights to nuke as you or I as long as credits remain in the code that he has written or in some cases 'appropriated' from the original developers of what nuke was forked from of whick he gives no credit (to my knowledge). None of the security issues that nuke is plagued with are PHP related. Most are just poorly written code that allow misuse.

Worker Joined: Aug 28, 2003 Posts: 227

I was going to make a joke that the MCP is evil and that you need Flynn to get rid of it. Smile

I need some help. I'm a user of php-nuke. I know nothing of php programming or OOP or anything like that.

I guess I don't understand what the core differences are of php-nuke, mambo, xoops and e107? is NSNNuke any different?

None of these offer what you are thinking of doing? I've never used anything but php-nuke. Maybe I would know more by trying something like xoops?

Chatserv - you said "and if any of my lame stuff helps out just one person then i have been successful." - it's not lame and I appreciate your time on this. Smile

Guardian2003 said "In my humble opinion, yes, it is time for a new fork built upon a solid foundation with security and ease of upgrade as one of the key criteria." and I agree. That is one of the things I don't like about some modules of php-nuke. They seem to be getting better on the install with people writing install scripts. But in the cases of EVENTCALENDAR or any GUI editor I still have to hack the modules. And when we get a security patch or a new versioni I have to do it all over again.

If your fork that you are thinking of addresses ease-of-use for the end-user who knows enough to install this but doesn't want to learn how to program than I'm your man.

And can anyone tell me if NSNNuke or xoops (et.al) are module where I can add stuff without hacking the hell out of it?

thanks!

Posted: Thu Mar 11, 2004 3:05 pm

Ah... in that case he can't legally require anyone to credit him in the footer of any site. Too many people are aware of his 'appropriations'. Smile

Not that I'll remove FB's credits but I want to also display credits to those other developers. So if nuke security issues are not PHP based then your thoughts on a new portal system aren't really 'forking off' but simply getting back to the known capabilities of PHP. A portal with PHP as the core might use Perl or some other language to cross check things but that's way out of my realm of knowledge... I'll help however I can, though.

Posted: Thu Mar 11, 2004 3:54 pm

It is more the approach, imo. Those CMS's/Portal's that have been named still suffer from the same ailment. When you addin/update, customizations are a major point of pain. Some more/less that the other. Do my ideas/approaches ensure that doesn't happen? I believe it will to a much higher percentage if not completely. The problem is time and effort and help. This will require a major level of committment of time and skill. I hesitate to release too much of my design methodology as I do think it would be misappropriated. I really do. But, I will try by early next week to put a basic design methodology out there to help visualize what I am proposing. If you are familiar with MVC and the PHP Phrame project, you will know what I am referring to. But, that is overkill, for what I think we need. But, conceptually, it's there. And I didn't even know that Phrame existed until last night, so I haven't plagerized Laughing

(it's not proprietary anyway). Please don't let that scare you. And don't let the OOPS thing scare you either. Those of you who know me know that I like to break it down (KIS) as in KISGB, KISSQ, etc. This has been a strength of mine that has rewarded me well over these many years. I believe it would work here too.

And Southern, the footer does not have to be there. Courtesy, yes. Legally, no. Please, let's not let the thread go down that path Smile

. If you want to start that debate, yet again, please start another thread Laughing

Posted: Thu Mar 11, 2004 4:26 pm

Raven, I said I would not remove FB's credits, but just that I'd like to also credit others. I'm a southerner, after all, and courtesy is big hereabouts. I'm not taking this thread down that rabbithole. You've asked us all whether it's worth it to develop this idea. Well, ask yourself whether it is worth it to keep patching the nuke portal as it now is, or would it use the time and energy of you, chatserv and other developers to make a portal without the security issues that need patching... I know that a lot of my time and energy on my site goes to patching nuke when I could otherwise be building the site, so to me a more secure portal is worth it.

Posted: Thu Mar 11, 2004 4:47 pm

Southern, You misunderstood what I meant because I poorly phrased it. I am so sorry! I didn't mean that towards you. I chose to answer your question but I didn't want anyone else to comment on it. And my comment about courtesy was not towards you - it was simply a matter of professional courtesy. Please accept my apology!

Posted: Thu Mar 11, 2004 4:56 pm

Of course! No offense taken. Smile

I doubt anyone else on this thread would have the discourtesy to comment on FB's credits as I did, so it is me that needs to apologize.

Posted: Thu Mar 11, 2004 5:16 pm

- Oh my goodness! Trust me - this is far from his fan club. FB does not give credit to the original code that he built from. Thatware was the beginning http://thatware.org/ - To get more history than you could ever want, check these out http://nukecops.com/modules.php?name=News&file=article and http://news.postnuke.com/modules.php?op=modload&name=News&file=article&sid=2363 . I could go on and on. Okay, enough - enjoy the reading. Now, back to business!

Posted: Thu Mar 11, 2004 6:29 pm

I look at all the options and still I come back flustered. Are those of us who are on the edge ever going to be happy without home brewed websites?

Is Raven offering up the possability to make this easier to accomplish>what he, he, and she want? I think he is.

Basically sharing up his fresh unique code that I know he considered taking into the private sector. Which is no small thing to put on the line. Good ideas return good kaching!

's these days.

So I'm in for what ever small contribution I can make should this get beyond this thread.

Put me in where ever there is a need I can do most anything at the novice level and enjoy trying to break things more then anything. 3-8 if you leave out 6 because my graphics suck. Supports always a hoot if nothing else I can be a forum troll!

Posted: Thu Mar 11, 2004 6:47 pm

I hate to think how many of us can only offer help in 8 due to our inexperience but that is where I have to place my name.

Posted: Thu Mar 11, 2004 7:05 pm

8 will get you 4 before you know it...

Posted: Thu Mar 11, 2004 7:20 pm

Quote:

8 will get you 4 before you know it...

That's what I am hoping Smile

Posted: Thu Mar 11, 2004 8:31 pm

Oh what the hey! http://sourceforge.net/projects/php-op/

Posted: Thu Mar 11, 2004 8:48 pm

Wow, great news!!!!!!!!! Thank you Raven

Posted: Thu Mar 11, 2004 9:05 pm

You mentioned MVC and phrame. So I looked it up.

Phrame is a Web development platform for PHP that is based on the design of Jakarta Struts. It provides a basic Model-View- Controller architecture, and adds standard components such as HashMap, ArrayList, and Stack."

Errrr...ah..yeah. I guess I'm only good for #8 too. Very Happy

Posted: Thu Mar 11, 2004 10:06 pm

http://www.ravenphpscripts.com/portal.vsd - To view this you will need the Visio viewer - get it here ==> http://www.ravenphpscripts.com/public/vviewer.exe (5.6meg). I don't know if there's an opensource alternative or not so possibly only Windows IE can view this. This isn't my latest incarnation. My latest incarnation allows for passing the nextAction to the actionObject. In other words, if the MCP calls the Security Object, then the Security Object will be able to directly call the Login Object rather than returning control to MCP.

Here's where the Gold mine is in this. How many times have you wanted to give Admin access to a module that is an addon to Nuke? What do you do now? You either appropriate an unused module logic like Encyclopedia and recode your addon or you have to alter the nuke_authors database and alter code. Not so with my model. The addon module will tell the security object what roles are allowed and the user object will have the admin role for that module. Every plugin can have its own config file or it can default to the system default. The possibilities are endless.

Posted: Thu Mar 11, 2004 10:20 pm

Your second paragraph describes what I had to do to get eventcalendar to work. It uses a new nuke_author type which requires manual editing of files. PAIN IN THE BEHIND! I think I'm seeing the light. Smile

Worker Joined: Feb 16, 2004 Posts: 164

Wait a minute - It was only setup at sourceforge a few days ago.........! Looks like someone read this forum and liked the idea.........

I agree Paranor, Event Calendar is a pain in the arse to install as are mods such as the newsads. Every time an update of nuke with security fixes is released they need updating.

If you can stop this from being necessary Raven you've got my vote - even if its the only big advance!

Posted: Fri Mar 12, 2004 5:43 am

Rikk03 wrote:

Wait a minute - It was only setup at sourceforge a few days ago.........! Looks like someone read this forum and liked the idea.........

That's me

(gcfmaf). I had a title in mind and saw that it was taken, but the gentleman had never progressed on the work. So, I asked him if he might transfer the project name to me and he agreed.

Posted: Fri Mar 12, 2004 5:50 am

This sounds like a great vision, and I will help where I can, tho I am only but a learner, (and just spent hours reading thru this forum!) but I think it would be much better than what I have had to do with my main site.
I could help in basic areas, and also maybe later on testing. I run several nuke sites, one with a customised db, so it could give some fun as a test.