RE: [Nms-cgi-devel] Just a suggestion...

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

> I think that wwwboard is probably the program that we should lay seige to
> next anyhow so it would be interesting if people could go out and discover
> real or perceived vulnerabilities in the the original version ...  I know
> of a few (cf. The Alaskan Electrician) but I am sure there are more -
> mostly to do with the, er, baroque storage mechanism employed in the
> original program.

The problem with using a different storage scheme is that any changes that
are made would require an accompanying conversion tool that is simple enough
for a non-programmer to use. That means that it would have to meet the
following criteria:
1.> as little shell-based interaction as possible.
2.> simple configuration of the tool
3.> It would have to be capable of taking into account all possible
scenarios for a posting. Some examples:
    o posts that refer to missing replies or missing threads.
    o posts containing ALL sorts of HTML within the post
    o posts that have fields that exceed the limits for nms fields.

That said, I like the idea of either moving to a database backend (I've been
playing around with DBD::XBase, and I should think that would work) or at a
minimum converting to XML, which would at least make parsing a lot easier. A
database would be best however, and should be pretty simple to implement (a
multiply-linked list or btree). DBD::XBase could probably be included in the
distribution (with permission), and we could just "use libs" to load it.
This would also allow migration to a full-fledged enterprise database,
should the need arise.

I would suggest PHP or HTML::Mason would be ideal, but that would require
stuff that very likely would not be universally available.

I'll be starting in again on my rewrite of my database package, so I'll try
to spend some time figuring in the possibility of WWWBoard and maybe
prototyping some functionality if that sounds reasonable.
Let me know,
Grant M.
P.S.> Just as a note, ADMIN_README is still very Matt Wright's. I'll try to
get to it tomorrow afternoon, but if anyone else can get to it sooner, that
would be great.