[_ck_]

In theory yes.

If wordpress sets the cookies, the part where bbpress reads them is not stored in those two files.

[jonkristian]

Awesome work guys, this is really great!

[Marcomail]

How can i add custom function on folder template ?

[bb-gian]

Hi, I waited for so long for this version to be released!

I got a running WP site and a bbBress integrated forumin it.

WP is 2.7.1

bbPress is 1.0-alpha-6

In WP I use the bbPress Integration (1.0-rc-2) plugin

Did the necessary integration routine (with AUTH_KEY, SECURE_AUTH_KEY, LOGGED_IN_KEY, etc.)

Now, I want to upgrade WP to 2.8 and bbPress to 1.0, what’s the best procedure?

(Of course, I will backup files and database of both installation).

Should I upgrade WP to 2.8 first or bbPress to 1.0? (About bbPress, don’t even seem to know HOW upgrading, since I guess there isn’t an upgrading button, right?).

And what about integration? Now that those 2 version support seamlessly integration, should I delete the AUTH_KEY, SECURE_AUTH_KEY, LOGGED_IN_KEY in bb-admin.php?

And should I also delete the bbPress Integration plugin, or is it still necessary?

Well, I thought I’d ask before adventuring in the process.

Thanks to anyone who will answer…

[_ck_]

Doing that will also disable the ability to receive ping-backs.

99% of all pingbacks are spam and eat resources. It’s also an easy way to ddos a forum on a shared host because it makes the forum do a non-trivial amount of work to process the data received.

I know pingbacks on forums were a pet dream of Matt’s for forums to have since 0.7 was first released to the public, but IMHO the entire concept of a pingback on a forum defeats the whole purpose of local, active membership.

At least it’s one option that can be removed almost like a plugin by deleting it.

That said, I don’t mean to trivialize the amount of work it took you to make the feature happen, it’s impressive in itself.

[oakad]

I tried both the tarball from the download page (v1.0, I assume) and SVN trunk. Behavior is exactly the same.

I have no .htaccess nor permalinks, just a clean install of the tarball.

I played around with apache options and mod_rewrite but they had no effect on the issue.

It seems like PHP bug to me.

[Ryan Hellyer]

I can see why Automattic would want the gravatar service integrated directly into the software, it ensures people actually use the service.

Can’t you edit the template files to put the Gravatar instructions in there for your installation?

I think grassrootsspa is suggesting something for the core download, I don’t think this is a request for their own site as that would obviously just be a simple addition to the template files.

I think this is something which should probably be added to the default theme. Many users don’t find it obvious what a gravatar is and so go hunting for an avatar uploader, if there isn’t one then they’re bound to get confused. Adding some default text in the profile along with a link back to gravatar.com would make a lot of sense to me. It would also ensure that themers remembered to include the text in their own themes.

[Göran]

Thank you! Is it with bbPress 1.0 possible to register users with Swedish names like Göran?

[Sam Bauers]

I’d like to put this out to the community as that is where the real support for bbPress comes from in the end. How long should we maintain support for bbPress 0.9?

As long as bbPress 0.9 is maintained some time will have to be spent maintaining the 0.9 branch, mostly with regards to security fixes. I don’t see this as particularly burdensome, but I don’t want to be doing it forever.

Given that plugins and themes will take some time to transition to 1.0 as well I think that support should extend for a reasonable amount of time.

I’m thinking somewhere between 12 and 18 months would be sufficient. People helping out here can inevitably decide for themselves whether they deal with 0.9 issues, but it would be good to set a cutoff date.

[polldaddy poll=”1759316″]

[Sam Bauers]

For those not using the XML-RPC functionality (95% of you) I strongly recommend you delete xmlrpc.php immediately after install. Several of WordPress’s security issues over the years have been through that API.

Doing that will also disable the ability to receive ping-backs.

[johnhiler]

Ah, some other users have reported similar issues getting that plugin to work with the alphas… this tweak seems to have done the trick:

https://bbpress.org/plugins/topic/avatar-upload/page/6/#post-2145

Are you on 1.0? Maybe the tweak will work on 1.0 as well…

[berder]

I’ve installed the Bavatars and it’s works perfectly!

[clarklab]

I just wussed out on a real fix and started using _ck_’s plugin, ‘Post Count Plus’ ( https://bbpress.org/plugins/topic/post-count-plus/ )

One of its options is lets you select where the username link points to. Aside from that its got a handful of other useful options. Good stuff.

[berder]

avatar-upload.0.8.3

[johnhiler]

I think there are a few different avatar plugins… which one are you using?

[berder]

Hi,

I have installed all the files (I thing correctly), but when I click the “Avatar” tab in the user profile page, it getting me to the forum homepage?

Do you know what is the problem?

Thank’s!

[johnhiler]

Regarding bbPM… which version of the plugin are you using? There’s a mention of a “development version” of the plugin in the comments of the plugin page…

Also, there was some mention of similar issues from other users using bbPM with the 1.0 release:

https://bbpress.org/plugins/topic/bbpm/page/6/#post-3781

Have you experimented with htaccess edits?

https://bbpress.org/plugins/topic/bbpm/page/4/#post-3549

[OKTeaRoom]

Hi,

I just recently installed bbpress 1.0 rc3 and today upgraded to 1.0.

I believe I have either set something up wrong or there is something wrong with my database and I’m hoping someone help point me to a solution.

First, the forum is at http://www.oktearoom.com/forum

Ok…problems:

1. bbPM – When I hit send on a PM I get:

Forbidden

You don’t have permission to access /forum/my-plugins/bbpm/pm.php on this server.

2. BBcode Buttons Toolbar

Not showing up at all and and there is no change if this plugin is activated or deactivated.

3. bbPress Smilies

All of the smilies appear as ?’s even though I believe i installed this plugin correctly.

I just thought I’d give you all the details of the problems I’m having since they are all plugin related and thank you in advance if there is any advice you can give me.

Happy 4th of July to the American and to everyone else I hope you’re having a great weekend!

Thanks for taking the time to read my newb post.

[Dreamcolor]

bbPress 1.0 Simplified Chinese Translation.

You can download it in URL below.

http://wpcn.googlecode.com/files/bbPress.1.0.Simp.Chinese.pack.only.v1-wpcng.zip

There maybe still have some translation bugs. So please let me know and I will fix it.

[Jason Giedymin]

Here is the latest integration rundown. I first lay out some helpful hints to those out there looking for them, and toward the bottom I point out something which the integration plug-in does not properly handle. That is the HTTPS secure cookie upon logging out. Depending on your setup this may cause issues. Most of the time you’ll be ok. If your like us and have added a proprietary layer of security for internal use only, you like to make sure when your secure cookies expire they expire asap and are completely gone.

I recommend maybe, just a suggestion as I’m not privy to the dev’s stream of intentions to query if ‘BB_FORCE_SSL_xxx…’ is set. This is probably a much better indication of scheme than relying on the database option only. I know your busy Sam and that wpmu integration is like the last thing on your list. However, some of the code base is already merging.

Noteables: Step #6, Step #7

But before you continue:

1.) Disable Your Cache Server (Varnish/Squid). Go straight to your webserver (Eliminate other causes.)

2.) Get Integration working on plain http first. DO NOT define any force SSL/Admin anywhere on either wpmu/wp/bbpress.

3.) Go back and integrate if you can’t get #2 done. Some helpful hints that work:

3a.) Install wp/wpmu

3b.) Install bbpress

3c.) Install integration plugin for wp. In the option where it says complete URL, that means “http://mysite.com” and not “mysite.com”. If your _only_ (meaning 100% of the time) ever going to use HTTPS then go ahead and define HTTPS.

3d.) I made sure all key/salts were setup in wp first, and then mirrored them into bb-config prepending BB_ in front of each Define. I defined manually: AUTH_KEY, SECURE_AUTH_KEY, LOGGED_IN_KEY, NONCE_KEY, AUTH_SALT, LOGGED_IN_SALT, AND SECURE_AUTH_SALT (7 in total defines).

Once you have HTTP squared away Proceed with SSL:

4.) The integration plugin will try do some things for you in the backend, it will actually try to do all the cookie work for you. However it works off values you set via the integration option page and your wpmu site options.

To take control of a few options, go ahead and define MANUALLY the following: (just as the plug-in suggests and more sometimes):

COOKIEHASH, COOKIE_DOMAIN, SITECOOKIEPATH, and COOKIEPATH.

5.) Add to wp-config.php:

define(‘FORCE_SSL_LOGIN’, true);

define(‘FORCE_SSL_ADMIN’, true);

6.) Add to bb-config.php:

define(‘BB_FORCE_SSL_USER_FORMS’, true);

define(‘BB_FORCE_SSL_ADMIN’, true);

7.) The kicker for me since I’m using MU Subdomains, i HAD to put into my bb-config:

$bb->cookiedomain=’.mydomain.com’ //Yes, with the dot before the domain.

(This is literally the only direct access object config I set in my PHP file. All the rest is handled by ‘DEFINE’ )

Up to this point you should have integration with HTTP and HTTPS. Back and forth, forth and back, every which way. You should have it done without any manual speed up accessors. If it works, go ahead and add them but make sure you set them correctly. If your fanatical about security then cross the line, otherwise go get a beer, woman or pillow whatever.

---

The Line

---

8.) Log into BBpress. Goto your main blog, and wp will see you have a ‘logged_in’ cookie. Will display the site_admin link. Just go ahead and click log out.

9.) Logging out will log you out, except a few cookies are left over. This is because the integration plug-in never inspects the HTTPS scheme properly. It will always look for HTTP. Test this by editing line 182 in the plugin file to read:

$secure = true; //Don’t forget to change me back to false (default).

10.) Repeat, and you’ll notice your cookies (the ones which matter) get blown away.

Notes:

– If you install WPMU 2.8 Alpha/Beta/Etc… you must _NOT_ enable

define( ‘WP_AUTH_COOKIE_VERSION’, 1 )

as the plugin suggests.

– I DID NOT use any of the “speed up” manual configs which the bbpress integration tool points out. If you can’t get it working without these settings, adding them may not help at all and masks your real issue which is some other settings are screwed.

– you NEED to make sure your URLs are correct. That means every single URL defined in your database in any meta table, options etc… Especially the case with the integration plugin.

[bradsucks]

Congratulations on the release!

[dzver2]

I’ve just upgraded to 1.0. I have bbpress integrated with custom website, not WP.

1. pluggable.php is changed to functions.bb-pluggable.php.

2. some functions are renamed from wp_ to bb_, others aren’t.

3. bb_auth() is used sometimes. And sometimes is not.

4. localization directory is changed.

As a result, my forum needed second full integration. I had to add bb_auth() at the bottom of my bb-custom-pluggable.php to maintain user login, with $wp_auth_object->set_current_user($id) inside.

[Marcomail]

i’ve installed a fresh version of bbpress 1.0 on wordpress wp 2.8 and seems work good, but it’s the first time i use bbpress, i’ve integrated users and cookie

[Marcomail]

i’d use only registration and login page of wordpress, so i can delete this two bbpress pages ?

[Jason Giedymin]

Just started debugging but looks like the plugin reads the scheme from the URL stored option of the integration plugin. If your using secure it will never flag secure if using force ssl.