Quick Tutorial

This quick tutorial will help any modwriter to code in such a way that all YaBB essential routines and security are used and variables are passed in the correct way.

File Handling

Most functions with YaBB will include some form of file handling, like reading, writing, appending to a file.
As a YaBB was written as a multi user BBS you can imagine that the same file can be touched or opened by several users at the same time.
To prevent file corruption on simultanious writing/opening of files, YaBB uses it's own file locking subroutine to avoid this.
So instead of using open and close you should use fopen and fclose in your mod, ivoking the file handling with the proper locking.
Also be aware that if you create new files which are linked to a user you should also add routines to delete these files if the user is deleted.
Don't forget the admin power options for user deletion !!
So there are more then one place the unlink command is used.

Check this thread for all the places files are deleted !!
(thanks Shoeb for pointing this out to me)

Calling your new subroutines/functions

If your function is just a "blind" routine not fed by any user input in urls or forms, the proper way to call it is just using &yourroutine;.
Any other function/routine where variables are passed for whatever reason should be passed using the action= command and are controlled from the YaBB main script. It's a bad thing calling these kind of routines directly as the readform security check is bypassed making it vulnerable for flooding or hacking.

Passing Variables to a script

Variables are passed to scripts which process them in two manners which both need a different approach in recalling the variables into the handling script.

1. Through url hyperlinks on the screen (GET)
normally written like <a href="$cgi;action=$someaction;variable=$variable....">action text</a>
The script called is based on the value of action= and YaBB.pl/cgi will redirect to the correct pl/subroutine.
The variables passed should be read using the $INFO variable, like my $variable = $INFO{'variable'};

2. Through form input fields on the screen (POST)
normally written like <form action="$cgi;action=$someaction;variable=$variable...." method="POST"> ... your form ...</form>
The script called is based on the value of action= and YaBB.pl/cgi will redirect to the correct pl/subroutine.
The variables passed should be read using the $FORM variable, like my $variable = $FORM{'variable'};

If you mix up these two variables and use the latest security fix the variables will NOT be passed and your code will not work !!

The use of proper html 4.01 in your code

As SP1.1 itsself already has quite a few html 4.01 incompatibilities the use of html 4.01 compliant code is a big plus !!

This means that html tags are never in caps, so it's <br>, <hr> <form... and NOT <BR>, <HR> and <FORM...

Things like <select> options should be closed like this: <option>Your option</option>.

All variables/actions inside a html tag should be inside double quotes, so it's type="input", name="username" or name="$username" if you have dynamic variables inside the html.
If you have trouble with double quotes interfering, try $yymain .=qq~<your html with "vars..">~; instead of $yymain .="<yourhtml with 'vars...'>"; as single quotes are not fully compliant with html 4.01 (allthough they do work in most browsers)
Especially the border, width, size, cellspacing, cellpadding are often abused without double quotes in table definitions.
So it's border="0", cellpadding="4", cellspacing="1", width="100%", size="1".

One last hint !
Try to use percentual widths in tables so your output will adapt to other screen resolutions more easily.

* Christer Alexander doesn't see the relation to Programming and Coding as much as to mods

moved to Tutorials.

np, Spiked city

* Christer Alexander suggests to add some more mods in this board. EX: Spikecity

I believe BoardMod understands relative path, so this might be worth a shot:

../../public_html/ubbc.js

That's the path for a standard out-of-the-box unzipped YaBB.

YaBB has a sub called readform (Subs.pl) which does the job of splitting and character checking. It's called very early, everytime YaBB.pl is called. So you don't have todo anything, simply use $FORM{'variable'} and $INFO{'variable'} as you like.

Any chance we can get an idea if anything has changed regarding this material and YaBB2?  For instance, it might help to let people know about the obvious differences in the english.lng change to the English folder / <mod>.lng files.  Plus the addition of the menu0.def - menu1.def - menu2.def files.

Display.pl has changed drastically also, and I'm trying to understand what all has changed so I can better revise a mod from 1.3 to YaBB2.  Any help I can get in this direction is very appreciated.