Kim Groneman escribió:
Three reasons. First PHPBB is the closest open source product available but history has shown that security and features in PHPBB is significantly lacking compared with the closed source products being used.
While I indeed agree that PHPbb security history is nothing to be happy with, Im sorry to tell you that "closed source" products dont it better,at all, do you want a simple proof eh ?
try this in the vbulletin source tree..
find . -name "*.php" | xargs grep eval
PHP's eval() is almost unsecurable, most of that matches may be a potential sources of holes, not to mention that does not scale well as eval()'ed code is NOT cached by opcode caches like APC or Xcache.. as it is evil self-modifing code.. truly scary... I wish you much luck with this ;-)
Third is pure supportability. vBulletin is fully supported by the company that owns it for updates/security/etc. which is extremely important in an environment like this where you want optimal up time.
That's a valid point.
You'll notice that the existing boards that are coming together for this project are all using closed source product for their forums.
Because probably they dont know anything better. ;-)