phpBB Academy

SEO Problems and Solutions to improve optimisation within phpBB3

2008-08-19T22:57:00.000-07:00

Many people think that SEO is basically using or implementing Human Readable URLs. However, this is not encompassing of “SEO” at all, it is one small part of SEO, and is generally grossly misunderstood. Many people believe that Human Readable URLs are the only way that Search Engines can correctly index a site, or that it is the best method for spiders to index the site. Or that Dynamic URLs somehow hurt your Search Engine Ranking or performance within Search Engines. But this is not the case. Human Readable URLs mainly benefit Search Engines as added Keywords within the page, this only reinforces the keywords already set by the page and topic title, which Search Engines already use for the index.
Search Engines have just as easy of a time indexing dynamic URLs as they will with Human Readable static URLs. The benefit is minimal.

SEO is Dead! Long Live SEO!
The other side of the coin is the people who think that you really don’t need to do any Optimisation (SEO) at all. These are people who don’t think that any form of Optimisation can have any sort of positive impact on your site. They have usually never been in the SEO industry, and instead just hear all the hype from people talking about SEO. They believe that SEO no longer applies to today’s world of the internet. But these people do not truly understand what SEO means or what it is meant to do, and they are talking out of inexperience or ignorance.

This post is meant to address both sides of the argument by giving people a better understanding of what SEO is and it’s place within phpBB3. It also includes problems identified within phpBB3 itself with regards to Search Engine performance and solutions to address these issues.

What is SEO?
SEO (Search Engine Optimisation) is defined as any action or adjustment, also known as Optimisation that you perform on your site for the purpose of improving the volume and quality of traffic to your site or board from search engines by utilising search results for targeted keywords, and can include one or many possible methods. From implementing Human Readable URLs and Keyword targeting, to Marketing, to adding a no-index page or directory to your robots.txt file.
All of this is Search Engine Optimisation (SEO).

How does phpBB3 Handle SEO?
phpBB3, out of the box, has good Search Engine Optimisation (SEO) capabilities. It handles BOT sessions appropriately, and it hides completely useless content such as forms, links to profiles, or links that spiders should not or could not access, also known as “dead links”, among a few other things. Some of these are just meant to improve the performance of spiders indexing the site, from not displaying useless content, which can cut down on the HTTP requests and bandwidth, to showing useless items such as forms. But that’s about the extent of it. There is so much more that one can do to optimise phpBB3 for best Search Engine capability. Many methods that people I believe are not aware of yet.

What is the main issue of SEO within phpBB3?
Within phpBB3, the main issue with Optimisation is duplicate content. No, not the kind of duplicate content that will get you penalised or banned from Google (that’s a whole other post), but the kind of duplicate content that distorts search results and causes slightly higher bandwidth because the spider is indexing and re-indexing the same exact content as separate pages within it’s index. Then the search results for this single page instead display as multiple results of the exact same page, which defeats the purpose of good search results and degrades the effectiveness of those results.

How can this be improved? First the problem must be completely understood. When a spider crawls your board, from the index page, it looks at all the links: There are links to the Categories, Forums, Subforums, and also the last post of that particular forum. Upon entering a forum, it sees a list of links to topics, up to four pages within a single topic, and again the last post within that topic. Upon entering the topic, it will see a whole other page through the print option.

The idea is that we want the spider to index the topic in pages, and to do this, the spider has to see the exact same URL, dynamic or static of the pages for that topic. If it sees different URLs (such as those containing the p -post- variable), it considers the page a completely new page and it indexes it as such. But the last post URL on the index, and category views, as well as the last post within a specific topic shows the spider that there are far more pages to your forum than there really are. Thus causing multiple indexing of the same content.

Secondly, users will post links directly to a post within a topic, this URL may contain parameters other than the forum id, topic id and the start variable, which the spider should only recognising. It may see multiple parameters including: sort key, sort direction, order, session id, post id, print view, and highlighting.

Each new variable thrown in that is different from the last time it indexed this topic and page will mean a completely new page and thus another indexing pass by the spider. Further diluting search results for keywords or content for this page and again repeatedly consuming bandwidth over the same content.

The Solution for Duplicate Content within phpBB3
Now that we understand the problem, what is the solution?
There are two methods that can be used to improve the optimisation with the duplicate content issue within phpBB3.
First, by removing (hiding) the links to the last post within the topics and forums.
Second, by filtering out all parameters except for the topic_id and the start variable for bots only -- and perhaps enforcing the forum_id, but it has to be consistent, one way or another. Remember that every variable added means a new page to the Search Engines including Google. -- This type of change means basically redirecting the page on viewtopic for spiders if the parameters are not those strictly allowed, this kind of change is something that can increase the number of HTTP Requests if overused, but may be necessary to improve the optimisation, and due to the decreased repeated indexing, may result in fewer HTTP Requests, so it may even itself out in the end. But this change should only be performed for spiders and bots, as it would be a detriment to the user attempting to navigate your board if they experience this effect.

These changes will be far more beneficial for Search Engines than any Human Readable URLs change will have. Implementing Human Readable URLs can have a negative impact on this issue if Bots are still allowed to index the dynamic URLs, thus throwing in additional pages to what the Search Engines already see.

Performance difference using mysql_real_escape_string versus intval

2008-05-14T20:07:00.000-07:00

Someone asked me today what the performance difference would be if they used mysql_real_escape_string() on all of their variable inputs into a database instead of casting to variable type integers for the int inputs.
I created the below bechmark test to demonstrate what performance differences there would be in using each of the possible functions in such a situation.

It’s important to note that all user input variables that are intended to be strings go through the mysql_real_escape_string() function to ensure proper sanitisation for those strings.
But for integers, what about those? should we use the mysql_real_escape_string() function on them, or should we cast the variable type int?
Lets find out what the performance differences are:

PHP Code:


   
<?php



$link = mysql_connect('localhost', 'username', 'password');

if (!$link)

{

    die('Could not connect: ' . mysql_error());

}

echo "Connected successfully<br />\n";



$string = "12345'?;/FOO/FUM\';Example String =";

$num = 500000;

echo "benchmark: Begin<br />\n";



$start_time = microtime(true);



for ($i = 0; $i < $num; $i++)

{

    $escaped = mysql_real_escape_string($string);

}



$escape_benchmark = microtime(true) - $start_time;



$start_time = microtime(true);



for ($i = 0; $i < $num; $i++)

{

    $intval = intval($string);

}



$intval_benchmark = microtime(true) - $start_time;



$start_time = microtime(true);



for ($i = 0; $i < $num; $i++)

{

    $int = (int) $string;

}



$int_benchmark = microtime(true) - $start_time;



echo "escape_string time: $escape_benchmark <br />\n";

echo "intval time: $intval_benchmark <br />\n";

echo "int time: $int_benchmark <br />\n";



echo 'intval vs escape_string difference: ' . ($escape_benchmark - $intval_benchmark) . "<br />\n";

echo 'int vs escape_string difference: ' . ($escape_benchmark - $int_benchmark) . "<br />\n";

echo 'int vs intval difference: ' . ($intval_benchmark - $int_benchmark) . "<br />\n";



echo 'Percent faster intval is than escape: ' . round((1 - ($intval_benchmark / $escape_benchmark)) * 100) . "%<br />\n";

echo 'Percent faster int is than escape: ' . round((1 - ($int_benchmark / $escape_benchmark)) * 100) . "%<br />\n";

echo 'Percent faster int is than intval: ' . round((1 - ($int_benchmark / $intval_benchmark)) * 100) . "%<br />\n";

echo "<br />\nThe result of the sanitisation:<br />\n";

echo "escape_string: $escaped <br />\n";

echo "intval func: $intval <br />\n";

echo 'cast int: ' . $int;

mysql_close($link);



?>

Result:

Connected successfully
benchmark: Begin

escape_string time: 0.697912931442
intval time:  0.349272966385
int time:   0.16778588295

intval vs escape_string difference: 0.348639965057
int vs escape_string difference: 0.530127048492
int vs intval difference:   0.181487083435

Percent faster intval is than escape: 50%
Percent faster int is than escape:  76%
Percent faster int is than intval:  52%

The result of the sanitisation:

escape_string: 12345\'?;/FOO/FUM\\\';Example String = 
intval func: 12345
cast int:  12345

From the benchmark, we can deduce that (int) produces a 70% to 75% performance advantage over using mysql_real_escape_string(); and a 50% performance advantage over using the intval() function.
In addition, if you are using an UPDATE or INSERT SQL query, forcing var type int on integer variables will mean that your query will produce a valid result, whereas an intended int variable that contains a string which goes through the mysql_real_escape_string() function is going to throw an SQL Error if the SQL database is expecting a float or integer value of some sort.

Of course, don’t take my word for it... the above script is provided for you to test yourselves as well. :)
If you want to test the benchmark without making a database connect, substitute the mysql_real_escape_string() with the older mysql_escape_string() function, which does not require a database link to process.
Enjoy!
- Highway of Life

Why Sanitisation and Type Casting is Important in PHP

2008-05-02T22:17:00.000-07:00

PHP is a language that is very open to different types of coding.
Many good, many bad. There are always multiple ways of doing something in PHP, that’s one reason it is such a great language.
Everyone has their own way of doing something. The most common problem, however, is lack of proper knowledge of the language. Take someone who has worked on Java or C for 20 years and put them in front of PHP, they will learn the language quickly, but they will not necessarily pick up the true and correct methods and concepts of the language. Amazingly, few do.

In working with many PHP programmers as an instructor, I’ve seen coders from every level, starting from novice to advanced.
From inexperienced beginners to 20-30 years of experience programming C-based languages.
It is an easy language to learn, but a difficult language to master -- properly.
But even as easy as the language is, as popular as the language is, as many people program in it, few code correctly and securely as the language was intended to be programmed in. -- As an instructor, I regularly see code that is vulnerable in one way or another, about 1 in every 3 scripts has a severe vulnerability of some kind (75% of the time, it is an SQL Injection and usually due to poor or no sanitisation methods).
These are mostly due to not understanding typecasting properly, not using it, or not understanding the concepts behind proper coding in PHP, including coding PHP securely and the way it was intended to be used.

The reason that there were 20,000 sites hacked between January and April of 2008 was due to SQL Injections in web applications that hackers exploited to insert code that would inject iframes into every web-based dynamic (ASP or PHP) file on the website.
Some 200,000 plus webpages contained these iframes.
So how do people address this? How do you, as a site owner and coder, secure your site or ensure that the applications or scripts that you use or code are going to be secure and free from exploits?
You code in the way that PHP was intended, and the way that PHP was intended to work with databases.
Sure, you can program PHP in the way that you want to, you can use shortcuts, or do things your way because you feel like it, or you can program in a way that is correct and secure.

One of the most important concepts that I’ve had to drill into the heads of my students has been proper sanitisation of variables AND type casting.
Type casting is equally as important as sanitisation of strings.
PHP is built to be a dynamic language where you can dynamically assign an assortment of type definitions to a variable, it does not require or support explicit type definitions, this means that it is set by the content that is assigned to the variable.

If your Database field is intended to contain a float, you, the programmer must ensure that the data you are placing into that field is a float. If the field is an integer, you must ensure that the variable is an integer. If it is meant to contain a string, you must ensure that the variable type is going to be a string.
User data can be entered as a string, integer, float, or an array.
You cannot insert an array into a string field, a string field into an integer field, or float into an integer field (for example).

When you create a database, you define the fields to be exact database types, exact numeric data types such as Integer, decimal and numeric, approximate numeric data types such as float, real or double, a bit data type (as of MySQL 5), date and time data types, string data types such as char, varchar, text, binary (similar to char, but stores binary byte strings), blob and enum.

When creating a database, you do not create each field to be a string, you create the field with the data type of the information it will be storing -- I hope I don’t have to go into examples about *why* you must do this with databases --.
You then assign data to these database tables through your database interface, most commonly the built-in mysql functions in PHP.
When inserting data, they are meant to contain the data type that you have assigned to the field. If you created an numeric data type field, you need to ensure that the variable is an integer or float (float, double or real) as necessary.
If you do not, you introduce many potential and guaranteed problems into both your code and your database, database errors notwithstanding.

If you insert string data types, you need to ensure that the data that you are inputting is not a resource or array. -- Integer data types are allowed in string data type fields.
That means that even when pulling data, such as $_POST['my_variable'], you cannot just input this straight into your database, obviously, you need to sanitise the variable.
Your method of sanitisation does depend on what data type the field is that you will be inserting it into.
If it is int, force var-type int, if it is a float, you need to force it to be a float or double. Remember, PHP is a dynamic language, so it will change the var-type easily.
The variable may be an array, which you will need to deal with if you are attempting to insert the data into a string data type field.

All these must be must be considered if one is to create a script that is completely secure from Injection. -- If you want to ensure you are secure, create your code the way PHP intended for it to be created. Use proper type-casting.
It will save you many headaches down the road, it is well worth the research anyone would bother to spend on data types and type casting in PHP and your database.

People take database manipulation and interaction much too lightly, and it shows... 20,000 sites hacked in 4 months is too many. Certainly unnecessary and could have been avoided if the programmers had bothered to become familiar with correct sanitisation methods and typecasting.

If you are a user who is unsure about your script, you are unsure if you are using proper sanitisation and type casting methods, talk to programmers who you know are experienced in the language you are working with.
Do some research, on type casting and proper usage of the mysql_real_escape_string() function. If you are not using MySQL, check your DBMS type to see what function it uses to properly sanitise strings.
And last but not least, read Type Casting in PHP on how to properly use typecasting in PHP.
And use Google to research the topic in question, a little bit of research will go a long way to providing you with the necessary knowledge to build secure and stable scripts for your site or your clients.

- Highway of Life

phpBB3 Gold Released!

2007-12-13T15:21:00.000-08:00

London, UK (PRWEB) December 13, 2007 -- phpBB™, the leading open source forum and online collaboration system, announced today the availability of phpBB Version 3.0. This release includes enhanced collaboration features, better security and delegated administration features, extended support for open source and commercial database management systems, and optimisation for mobile devices and search engines. phpBB is available at no cost, released under the GNU General Public License.

Online discussion forums and user-generated content represent the largest source of new information on the Internet. phpBB is used throughout the world by commercial and non-commercial companies to share documents, collaborate and encourage peer-to-peer resolution of issues to reduce the cost of product and/or technical support.

"phpBB is a highly scalable, feature rich environment that can be easily deployed and integrated into any Web site or online application," says Bob Norton of HREnhancement. "phpBB version 3 represents a huge milestone and we continue to be amazed by this project and its community."

phpBB is easy-to-use with an intuitive administration system and extensive customisation capabilities. It is capable of supporting hundreds of millions of discussions in any language and boasts some of the largest forum communities on the Internet. phpBB is developed by six core developers, more than forty team members and is supported by a community of almost 300,000 users and developers. Among the new features announced today, phpBB has been specifically optimised for the mobile market.

"With the enhanced search engine optimisation of phpBB, we see a huge opportunity for companies to deploy more customer self-service and collaboration features for their customers," says William Leake, Chief Executive Officer of Apogee Search. "The mobile Web is a key component for every 2008 Web strategy and phpBB is a perfect fit for the growing mobile collaboration market."

The phpBB community, comprised of users, Web developers and designers, have produced more than 5,000 add-ons and 400 styles for phpBB2 making it easy for Website owners to customise the system to their needs. The phpBB community has already made nearly 500 enhancements, modifications and extensions for phpBB version 3.0, even before final release.

Organisations can quickly build advanced social and peer networking communities using phpBB and it can be deployed with "one-click" through cPanel, Plesk, Ensim, DirectAdmin and Fantastico. Hosting providers such as GoDaddy, The Planet, and 1and1 provide phpBB with many standard hosting packages.

"phpBB version 3 represents over five years of development from some of the most talented developers in the world. As the project continues to grow, we hope to serve our community better and deliver innovative software that is released under the GPL. Our sincere thanks go to our users, developers, team members and partners." Says Meik Sievertsen, Lead Developer of the phpBB project. With phpBB version 3, detailed source code analysis and penetration testing has also been performed to proactively make steps toward improved enterprise security.

For developers who want to quickly and inexpensively integrate collaboration and forum capabilities into their own Web applications, phpBB provides a flexible framework, documented Application Programming Interfaces (APIs), customisable themes, and extensions. phpBB can quickly integrate into almost any content management system (CMS) or static Website.

About phpBB
phpBB™ ("PHP Bulletin Board") is the world's leading Open Source forum software. Distributed under the GNU General Public License, phpBB is free software, developed by volunteers from around the world. phpBB is used on over 2.4 million commercial, non-profit, social networking and community websites in over sixty languages. For more information and to learn how you can contribute, please visit http://www.phpbb.com

Press Contact
Christopher Justice
(512) 493-2071
justice @ sparksight.com

Community Time III - Joomla! Meeting phpBB

2007-11-05T21:03:00.001-08:00

We, Chris Justice and myself, met the phpBB crew down in the lobby of our hotel for a few drinks and then headed out to a restaurant for some food and off course more drinks. Talks ranged over the release of phpBB3, press announcements, marketing, GPL and legal issues … and off-course code. What else did you expect when you put the core guys of two...

read more | digg story

Cracking WaterCap CAPTCHA In 24 Hours

2007-05-09T10:46:00.001-07:00

It didn’t take long for one of our guys at StarTrekGuide.com to break the WaterCap CAPTCHA... 24 hours to be exact.
Elbertf, our resident "hacker" (not cracker) gave Pavel Simakov some information on how he broke the CAPTCHA and tips to how it can be improved.
Although the CAPTCHA is still unique to any previous method, it can still be cracked. But the key is if each board incorporates a unique method of spambot blocking, it can defeat the spambots. So don’t discount this CAPTCHA, it is still very much a good one, and I believe with just a little improvement in the code, it can become extremely difficult for spambots to crack.

read more | digg story

MAMP and MAMP Pro 1.6 released! - Apache, PHP, MySQL Package for Mac

2007-05-07T23:23:00.000-07:00

living-e AG released a new version of their Mac OS X Apache bundle on April 27th.
This release marks only the second release of the MAMP Pro bundle, and the first with both MAMP and MAMP pro combined.

The MAMP is a free, open source utility that enables Mac OS X users to install Apache server, MySQL, PHP, eAccelerator and PHPMyAdmin with ease. Mac OS X users can download the MAMP, and with just a few clicks, install the software bundle in a folder, making it easier than ever (in typical Mac fashion) for users to host applications on their local server with MAMP, or remote server using MAMP Pro. The process takes about a minute to complete.
Requirements:

Mac OS X 10.4 or higher (Universal binary)

MAMP 1.6 is designed to run on the following operating systems:

Mac OS X 10.4 PPC
Mac OS X 10.4 Intel
Mac OS X 10.5 PPC
Mac OS X 10.5 Intel

Earlier versions of Mac OS X can still download older versions of MAMP from the Sourceforge file releases.

The new version carries some new upgrades including: Apache 2.0.59, PHP 5.2.1 (and PHP4), MySQL 5.0.37, support now for
the new XCache from lighttpd as an alternative to eAccelerator, which is still included in the default MAMP package, and APC support.

MAMP Pro is ideal for running on a OS X based server, as upgrading is simply drag-and-drop into the applications folder.
Since the databases are contained in the /Library/Application\ Support/MAMP\ Pro/db/ directory. And the preferences within MAMP Pro allow you to choose a localhost directory outside of the default /htdocs/ location within the MAMP package, making upgrades only seconds long.

You can download the latest distribution of MAMP from the official website: living-e.com or from Sourceforge

I’ll post some tutorials and tips for setting up the httpd.conf and php.ini configuration files for both localhost testing of your PHP applications, and secure use on a remote server later.

Enjoy!!

WaterCap Strong PHP CAPTCHA With Negative Spaces And Shadows

2007-05-07T22:50:00.001-07:00

Most of you are aware of the weak CAPTCHA that is used on phpBB2, and the basic version on phpBB3.
Recently, phpBB3 revamped their advanced CAPTCHA, giving the user more options with the x/y axis of noise levels.
The problem is, the CAPTCHA can be fairly un-readable.
Some users are saying nobody over the age of 55 (or under if you wear glasses) is going to be able to decipher the CAPTCHA image.
The solution, is of course to turn the x/y values up quite high, decreasing the amount of noise and making it easier to see.
But if you don’t have freetype enabled on your server, you’re stuck with the default (breakable) CAPTCHA.
Although you usually can persuade your host to enable CAPTCHA with your PHP installation, there are other methods of CAPTCHA as well... the WaterCap method uses the background color inside the letters themselves, making it extremely difficult for bots to pick out the definable boundaries of the characters. But our minds automatically make out the shapes and we "see" the letters, even though it is an optical illusion.
It’s only using shadows to give our brains a hint of what letter it is.
So the question is, will this work for phpBB3?
Perhaps, but only time will tell... if the phpBB team implements something like this by default, the spam world is going to work very hard to come up with a way to crack it... and we know it’s only a matter of time, they eventually will.
The alternative is to use it as a MOD on your board.
We (the Star Trek Guide Group) will create a MOD from this idea if it is not implemented in phpBB3 by default.
But I would like to hear your thoughts on it.

Installing and using phpBB3 on your localhost

2007-05-07T20:16:00.000-07:00

This tutorial has instructions for installing an apache package and installing and running phpBB3 on your localhost

Using phpBB on your localhost is a very simple process and a much faster way to test it then waiting for FTP to upload everything for you.

When installing a localhost, the first thing you will need is one of the following Apache packages. Although most of these packages contain both PHP4 and PHP5, only the latest version of PHP5 is shown below. All of the following packages are free except for MAMP Pro, which enables you to use it in a live (non-localhost) environment. Other packages require some adjustments (for security purposes) for use within a server (live) environment.

Download LAMP/XAMPP/WAMP/MAMP package

EasyPHP Apache 2.2.3 - PHP 5.2.0 - MySQL 5.0.27
for Windows Win9x/Me/NT/2000/XP -- should work on Vista as well
WAMP server Apache 2.2.4 - PHP 5.2.1 - MySQL 5.0.27
For Windows NT/XP and Vista
MAMP and MAMP Pro Apache 2.0.59 - PHP 5.2.1 - MySQL 5.0.37
For Mac OS X 10.3, 10.4+, PPC and Intel
XAMP for Linux Apache 2.2.4 - PHP 5.2.1 - MySQL 5.0.37
For Linux SuSE, RedHat, Mandrake and Debian (other versions untested)
XAMPP for Windows Apache 2.2.4 - PHP 5.2.1 - MySQL 5.0.37
For Windows 98, NT, 2000 and XP (should work on Vista as well)
XAMPP for Mac OS X Apache 2.2.4 - PHP 5.2.1 - MySQL 5.0.33
For Mac OS X (intel ONLY) -- version 0.6.1 (at print time) is still in development
XAMPP for Solaris Apache 2.2.0 - PHP 5.1.1 - MySQL 5.0.18
For Solaris 8 and 9 (other versions untested) -- version 0.8.1 (at print time) is still in development.

Install Apache Package

Once Downloaded, install one of the above packages, making sure to follow the instructions. Be sure to remember what directory it uses for it’s "webroot". Average time needed to install an Apache package: 15 minutes

Be sure to consult the documentation regarding your Apache Package for configuration. Each package (except for MAMP Pro) requires special configuration for use on a live server. Check to make sure the Apache/MySQL ports are set to 80/3306 -- some may be set to 8888/8889 (for example). For Mac OS X: Make sure Web Sharing is turned OFF in System Preferences. The preferences/options allow you to pick which PHP version to run. In This tutorial, we will assume you are running PHP5 Although you can test either version, you should choose the version that your server is using.

Start localhost Apache/MySQL Services/Server

Once installed, start your servers (or "services" on Windows). MAMP -- 10.4+: Use the MAMP Widget or MAMP.app to Start Servers; 10.3+: Use the MAMP.app; WAMP -- XP: Click the services icon in the lower right-hand corner, and select "start all services"
Everytime you start up your computer, you’ll have to start your localhost services/server to run "localhost" on your computer.
Some packages may contain details on how to setup startup files to start the servers/services on computer startup. -- Consult the documentation for details.

Any changes that you manually make to the php.ini or httpd.conf files will require you to restart (stop and start) your Servers/Services.
In MAMP pro, it contains it’s own server config templates located in /Applications/MAMP\ PRO.app/Contents/Resources/ Most other packages they are located within a conf/ directory or within their own php/php.ini and apache2/conf/ directories. In the php.ini file, set error_reporting to error_reporting = E_ALL and display_errors to display_errors = On Be sure to note the location of the error log files... error_log Which you’ll need for debugging any errors you find in phpBB3.

Create new Database for phpBB

Now that you have your Apache package all setup and running, test it by going to http://localhost it should Go to your Database Manager, in this tutorial, we will be using MySQL, as it is the most common database. You can use the pre-installed phpMyAdmin (an alias is located in each package, or try browsing to http://localhost/phpmyadmin or http://localhost/phpMyAdmin depending on your package), it is recommended that you grab a copy of Navicat or another GUI database administration tool. (highly recommended, as it will speed up your development/testing time by 400%-500%)

Create a new Database, in this example, we’ll name it phpBB3. -- Consult the documentation for the database admin tool on how to create a new Database. -- in Navicat, go to menu > Connection > New Database; or in phpMyAdmin just type in the name of the new database.
Now create a new user (and unique password) and give that user permission (privileges) to access all aspects of the database. (Select, Insert, Update, Delete, Create, Drop, References, Index, Alter, etc) -- use full permission as this is your localhost user, and it cannot be accessed through the internet. If you want to test multiple versions of phpBB3, such as a Beta version, an RC version, varius CVS versions, etc... you can give each one it’s own unique database name. e.g.: phpBB2_CVS (CVS), phpBB2 (patch tests), phpBB3 (Beta or RC), forum (live), area51 (MOD testing), etc. You will also be able to use several phpBB installations with just one database if you prefer.
To keep things as simple as possible, use the same user for each of your databases.

Download phpBB3

Download a fresh copy of the development package of phpBB3 by going to phpBB Downloads or go to area51 to download a daily snapshot -- We’ll be using the daily snapshot in this tutorial. If you are not comfortable with or feel frightened by manual database edits, it is recommended that you not install a CVS version -- use the more stable Beta or RC download instead.

Drag your phpBB download package to your webroot directory
Defaults:
WAMP: C:/wamp/www/;
MAMP: /Applications/MAMP/htdocs/;
XAMPP (win): C:\program files\xampp\htdocsIt’s usually www, htdocs or public_html -- If you are unsure where it is located, consult your package documentation.

Unzip/unpack your phpBB package. -- If you have a CVS download, it will be called phpBB2, don’t be alarmed, it really is phpBB3.x.x-dev.
If you download a Beta or RC package, it will be called phpBB3 Keep in mind that if you want to test multiple phpBB installations, you will want to rename them accordingly. e.g.: phpBB3 (Beta or RC), forum (live), area51 (MOD testing), phpBB2_CVS (CVS), phpBB2 (patch tests), etc... This will be important later on when we reach updating your phpBB3 installation using CVS. From here forward, we are going to assume you downloaded the CVS version, and will be calling the package "phpBB2".

Install phpBB

Open your browser (recommended to use Firefox, as it has more testing capabilities and is faster) and browse to http://localhost/phpBB2
Since the config.php file is empty, you will be redirected to the install/ directory. You will be presented with options and instructions to install phpBB3. Keep in mind that while you can test any Database schema available from your Apache package (and we encourage you to test multiple versions), you should primarily test the same version as what you will be using live on your server. Use the database connection information you specified for the user earlier. Make sure to use a simple password for your Founder/Admin login information, you’ll be typing it in a lot. -- and this is localhost, so nobody else will be using it.

Once installation is complete, rename your install directory to _install (for example) so that it does not interfere with your testing.
You have now successfully installed phpBB3 on your localhost.

AJAX powered vBulletin, phpBB2 and phpBB3 style changer

2007-05-07T19:33:00.000-07:00

This is the best thing since sliced cheese.
CyberAlien from http://phpbbstyles.com created a dynamic, AJAX powered style changer for popular vBulletin and phpBB2 styles (skins), he’s just recently added prosilver and subSilver2 from phpBB3 and will be adding more in the near future.

http://beta.colorizeit.com/index.php -- Currently in beta stage, you can choose a color that exists on the style, and choose what color you want to change it to.
Pick up to four layers, see how your phpBB3 forum prosilver could look in Green! or Red! or Pink!
Live preview of your changes, and you can even download your new style, and install it on your vBulletin, phpBB2, or phpBB3 board in minutes.
Give it a try!
CyberAlien says release is scheduled for May or June if life™ gets in the way.