Software Update: phpBB 2.019

The developers behind phpBB have just released a ‘we wish you all a happy new year’ release of their eponymous open-source forum software. The various downloads of version 2.0.19 can be downloaded this page are being found. The program uses PHP and MySQL to store, store and retrieve messages. In addition to MySQL, PostgreSQL, Microsoft SQL Server 2000 and Microsoft Access are also supported as database software. This release includes some bug fixes and also fixes some security issues that were only plaguing Internet Explorer users. In addition, it is now possible to limit the number of people who are logged in and how long it takes before a user is allowed to log in again. These two features have been added to make it impossible to crack passwords by means of so-called ‘dictionary attacks’. The complete changelog looks like this:

The changelog is as follows:

  • [Fix] corrected index on session keys table under MS SQL
  • [Fix] added session keys table to backup
  • [Fix] delete session keys entries when deleting user
  • [Fix] changes to support MySQL 5.0
  • [Fix] changes to some of the admin files to improve efficiency and remove a potential error condition when building the menu
  • [Fix] change truncation of username length in usercp_register.php – BFUK
  • [Fix] incorrect path to avatars in admin_users.php (Bug #667)
  • [Fix] fixed get_userdata to support correct sql escaping (non-mysql dbs) – jarnaez
  • [Fix] fixed captcha for those not having the zlib extension enabled
  • [Change] Placed version information above who is online in admin panel for better visual presence
  • [Sec] fixed XSS issue (only valid for Internet Explorer) within the url bbcode
  • [Sec] fixed XSS issue (only valid for Internet Explorer) if html tags are allowed and enabled
  • [Sec] added configurable maximum login attempts to prevent dictionary attacks


Version number 2.019
Website phpBB
License type GPL