Modern Forum - Feature Description (Version 1.2.4)

Hier eine Zusammenfassung der behobenen Probleme:

Sicherheitsfixes:

• Die Danke/Like-Funktion war nicht gegen CSRF-Angriffe geschuetzt - jetzt wird ein Token geprueft
• Beim Datei-Download konnten manipulierte Dateinamen zu Header-Injection fuehren - jetzt werden die Header bereinigt
• Beim Loeschen von Avataren war ein Path-Traversal-Angriff moeglich - jetzt wird der Pfad validiert
• Die Avatar-Vorschau im Profil nutzte unsicheres innerHTML - jetzt werden sichere DOM-Methoden verwendet

Bugfixes:

• Die Seitennavigation bei Beitraegen konnte negative Werte erzeugen - jetzt werden Page und Limit validiert
• Spaltennamen in Datenbank-Abfragen fuer Anhaenge und Profile waren nicht korrekt gequotet

Complete Joomla 5/6 forum component with hierarchical forum structure, user management, file attachment system, thanks/like functionality, subscriptions, email notifications, search, profile management, and comprehensive administration tools.

Author: Mertsch-Web.de

License: GNU General Public License v2 or later

System Requirements: PHP 8.1+, Joomla 5.0+ / 6.0+ (compatible)

Database: MySQL / MariaDB

PHP Extension: GD Library (for avatar processing) 

1. Forum Structure

1.1 Categories

• Creation and management of categories for thematic organization of the forum
• Individual color assignment per category (colored border on the left side of the category card)
• Sorting via an ordering field
• Publication status (active/inactive)
• Custom description per category
• URL alias (slug) for search-engine-friendly URLs, auto-generated or manually configurable

1.2 Subforums

• Unlimited subforums per category
• Custom description per subforum
• Automatically maintained statistics:
• Number of topics
• Number of posts
• Last post (date, user)
• Sorting via ordering field
• Publication status (active/inactive)
• URL alias (slug) for search-engine-friendly URLs

1.3 Topics

• Creation of new topics within subforums
• WYSIWYG editor integration (Joomla editor) for content creation
• Pinning important topics (sticky) -- always displayed at the top
• Locking topics -- no new replies allowed, with visual indicator
• Editing own topics (title and content)
• Deleting own topics (with confirmation dialog)
• Administrators can edit and delete all topics
• Automatic view counting on each page load
• Display of modification date for edited topics
• Automatic URL alias generation from the title
• Pagination for topic listings

1.4 Replies (Posts)

• Replying to topics with WYSIWYG editor (new replies) or textarea (editing)
• Editing own replies
• Deleting own replies (with confirmation dialog)
• Administrators and moderators can edit and delete all replies
• Display of modification date for edited replies ("edited" indicator)
• Sequential reply numbering (#1, #2, #3, ...)
• Topic starter badge for the original author
• Display of total post count per author
• Pagination for reply listings
• Automatic reply counter maintenance (increment on creation, safe decrement on deletion)

2. Thanks/Like System

• Thanks functionality for individual topics and individual replies
• Toggle behavior: clicking "Thanks" adds a thank, clicking again removes it
• AJAX-based execution without page reload (JSON response)
• Display of current thanks count next to the button
• List of all users who have thanked (usernames visible)
• One user can only thank once per content item (duplicate protection via database constraint)
• Only available to authenticated users
• Visual feedback: thumbs-up icon with active/inactive state

3. Subscriptions and Email Notifications

3.1 Subscription System

• Subscribe to subforums and categories
• Subscribe/unsubscribe buttons in the subforum view
• Subscription management in user profile

3.2 Email Notifications

• Email notification for new topics in subscribed subforums/categories
• Reply notifications for topic participants and subscribers
• Sent via the Joomla mail system
• HTML-formatted emails
• Notification log to prevent duplicates

4. File Attachment System

4.1 Topic Attachments

• Upload one or multiple files when creating a topic
• Upload additional files when editing a topic
• Delete existing attachments (checkbox selection with strikethrough preview)
• Display of attachments with filename, file size, and file type icon

 

4.2 Reply Attachments

• Upload one or multiple files when creating a reply
• Upload additional files when editing
• Delete existing attachments

 

4.3 Supported File Formats

• Documents: PDF, DOC, DOCX, XLS, XLSX, TXT
• Archives: ZIP
• Images: JPG, JPEG, PNG, GIF
• Maximum file size: 10 MB per file

 

4.4 Security

• Server-side file type validation against whitelist
• Secure filename generation (MD5 hash of filename + timestamp)
• Dedicated download endpoint with proper HTTP headers (Content-Type, Content-Disposition)
• Preview of selected files (name and size) before upload (JavaScript)

5. Search Functionality

• Search for topics by title (LIKE-based with wildcard matching)
• Search field on the forum homepage and on the "All Topics" page
• Dedicated search results page with:
• Display of result count ("X results for 'search term'")
• Result list with topic title, author, creation date, subforum, reply count, view count
• Pinned and locked topics marked with badges
• Pagination of search results (Previous/Next with page indicator)
• Search term preserved across pagination navigation
• Secure search string handling (database escaping)

 

6. All Topics View

• Overview of all topics across all subforums in chronological order
• Pinned topics displayed first
• Per-topic display: title, pinned/locked badges, author, creation date, subforum name, reply count, view count
• Pagination (20 topics per page)
• Search field with redirect to search page
• "New Topic" button (only for authenticated users)

7. User Management

7.1 Authentication

• Standalone login form integrated directly into the forum component
• Standalone registration form with math captcha and Joomla user creation
• Auto-creation of forum user profile on first login
• Remember-me option for persistent login sessions
• Login and registration no longer redirect to Joomla com_users
• Custom logout function with success message
• Welcome message with username for authenticated users
• Session management via Joomla session system

7.2 User Profiles

• Public profile page for each user with:
• Profile picture (avatar) or initial letter fallback (colored circle with first letter)
• Username and display name
• Member since date (with calendar icon)
• Number of topics created
• Number of replies written
• Location (with map pin icon)
• Website (with globe icon, as clickable link)
• Signature
• Recent topics by the user (as activity list with links)
• Recent replies by the user (with anchor links to the specific post)

7.3 Profile Editing (own profile only)

• Change location
• Change website URL
• Change signature (maximum 500 characters)
• Upload profile picture (avatar):
• Supported formats: JPG, JPEG, PNG, GIF, WebP
• Maximum size: 2 MB
• Automatic center-cropping to square format
• Automatic resizing to 200x200 pixels
• Transparency support for PNG, GIF, and WebP
• Image processing via GD library (fallback to raw upload)
• Delete profile picture
• Avatar preview dialog with file selection and preview (FileReader API)
• Old avatar image is automatically deleted when uploading a new one

7.4 User Roles

• User: Default role, can create, edit, and delete own content
• Moderator: Can edit and delete all posts
• Administrator (admin/super_admin): Full access to all content and administration areas

8. Spam Protection 

8.1 Math CAPTCHA

• Security question on:
• Registration
• Topic creation
• Topic editing
• Reply creation
• Three problem types: addition, subtraction, multiplication
• Random number ranges (no negative results)
• Visual feedback: green/red border for correct/incorrect input
• Refresh button for a new problem
• Server-side validation against session-stored value (single use)

 

8.2 CSRF Protection

• Joomla form token on all POST forms and delete actions
• Server-side token verification in all controllers (Session::checkToken())

9. Access Levels

• Configurable access level for forum visibility
• Options: Public or Registered (registered users only)
• Configurable via component parameters

10. Administration (Backend)

10.1 Dashboard

• Statistics overview with cards for:
• Number of categories
• Number of subforums
• Number of topics
• Number of posts
• Number of users
• Recent topics (last 5 with author, subforum badge, and date)
• Recent posts (last 5 with author, topic title, and date)
• Quick access links to all management areas
• Premium section (collapsible):
• Premium code activation
• Settings: hide info page, hide powered-by branding, enable EasyDiscuss import

 

10.2 Category Management

• Create new categories
• Edit existing categories (title, description, alias, color, ordering)
• Delete categories
• Publish/unpublish
• List view with search and filter functionality

 

10.3 Subforum Management

• Create new subforums with category assignment
• Edit title, description, alias, ordering
• Delete subforums
• Display of parent category
• Display of topic count and publication status

 

10.4 Topic Management

• Overview of all topics with pagination
• Display of: title, subforum, author, post count, creation date, sticky status, lock status
• Edit topics (including attachment management)
• Delete topics
• Pin/unpin (sticky)
• Lock/unlock
• Highlighting of pinned topics in the list
• Link to posts view per topic

10.5 Post Management

• Overview of all posts with pagination
• Display of: content preview (first 100 characters), topic title, author, creation date, status
• Edit posts
• Delete posts

10.6 User Management

• Overview of all Joomla users with forum activity
• Display of: username, display name, email, topic count, post count, status (active/blocked), registration date
• Direct link to Joomla user management per user
• Pagination

10.7 Info Page

• Developer contact information (phone, email, website)
• PayPal donation link
• Can be hidden via premium setting

10.8 Data Import

10.8.1 EasyDiscuss Import (Premium Feature)

Two-step migration wizard:

• Step 1: Table prefix configuration and validation
• Check for existence of EasyDiscuss tables
• Display of source data statistics (categories, subcategories, topics, replies)
• Display of existing ModernForum data
• Step 2a: Category import
• Import of EasyDiscuss categories as ModernForum categories
• Import of EasyDiscuss subcategories as subforums
• Creation of default subforums for main categories
• Overwrite mode (update existing entries by alias)
• German umlaut handling in alias generation (ae, oe, ue, ss)
• Step 2b: Topic/post import
• Year-based selection (checkboxes)
• AJAX preview of the number of topics and replies to import
• Import of topics with content, views, sticky status, lock status
• Import of replies with topic assignment
• Automatic creation of an "Imported" fallback category
• Recalculation of all counters after import

 

10.8.2 phpBB3 Import

• Import of categories/forums, topics, posts, and user associations

11. Configuration Options

11.1 Display Settings

| Setting | Default | Range |

|---|---|---|

| Posts per page | 20 | 5-100 |

| Topics per page | 25 | 5-100 |

| Show statistics | Yes | Yes/No |

| Access level | Public | Public/Registered |

11.2 Color Customization (9 Color Fields)

| Setting | Default |

|---|---|

| Primary color | #2563eb |

| Secondary color | #1e40af |

| Accent color | #0ea5e9 |

| Background color | #f8fafc |

| Card color | #ffffff |

| Text color | #1e293b |

| Muted text color | #64748b |

| Border color | #e2e8f0 |

| Subscription button color | #ffffff |

Colors are injected as CSS custom properties (variables) inline and affect the entire forum design.

11.3 Typography Settings

| Setting | Default | Options |

|---|---|---|

| Category title font family | inherit | inherit, Arial, Helvetica, Georgia, Times New Roman, Verdana, Trebuchet MS, Tahoma, System UI, Segoe UI, Roboto, Open Sans, Lato, Montserrat, Poppins, Raleway |

| Category title font size | 1.25rem | Small (1rem), Medium (1.125rem), Default (1.25rem), Large (1.5rem), X-Large (1.75rem) |

| Topic title font family | inherit | Same as category |

| Topic title font size | 1rem | Small (0.875rem), Default (1rem), Medium (1.125rem), Large (1.25rem), X-Large (1.5rem) |

11.4 Premium Settings

| Setting | Default |

|---|---|

| Premium activated | No |

| Hide info page | No |

| Hide powered-by | No |

| Enable EasyDiscuss import | No |

| Enable subscription feature | No |

11.5 Permissions

• Standard Joomla ACL rules for component-wide access rights

12. Security 

12.1 Access Rights and Permissions

• Only authenticated users can:
• Create topics
• Write replies
• Edit profiles
• Give thanks
• Only own content can be edited and deleted (ownership check)
• Moderators can edit and delete all posts
• Administrators have full access to all content and administration areas
• Admin area only accessible to users with admin or super admin role

12.2 Data Security

• CSRF token protection on all forms and actions
• XSS protection through consistent use of htmlspecialchars() on all user output
• Secure password storage (via Joomla system)
• SQL injection protection through parameterized queries and database escaping
• Secure file upload validation (whitelist of allowed file types and size restriction)
• Secure filename generation for uploads (MD5 hash)
• html security files in upload directories
• Configurable access level (Public/Registered)

13. Multi-Language Support

13.1 Supported Languages

• German (de-DE) -- complete
• English (en-GB) -- complete

13.2 Translation Scope

• Backend/Administration: 163 language strings (dashboard, CRUD operations, import wizard, premium section, configuration labels, error messages)
• Frontend/Website: 174 language strings (forum navigation, authentication, topic/post management, file attachments, user profiles, search, CAPTCHA, thanks system, subscriptions, notifications)
• Total: approx. 375+ translatable language strings
• All interface texts, error messages, success messages, and form labels are translatable

14. Technical Features

14.1 Joomla Integration

• Fully MVC-based architecture (Model-View-Controller)
• Namespace support (JoomlaComponentModernForum)
• Compatible with Joomla 5 and 6
• Native Joomla user management and authentication
• Joomla menu integration for all views
• Joomla editor integration (WYSIWYG) for content
• Joomla ACL permission system
• Joomla update server integration for automatic updates
• Joomla mail system for email notifications
• Installation script with system requirements check (PHP 8.1+, Joomla 5.0+)

14.2 Responsive Design

• Optimized for all screen sizes (desktop, tablet, mobile)
• CSS breakpoint at 768px for mobile adjustments:
• Vertical post layout (author above content instead of side by side)
• Stacked form actions
• Centered profile layout
• Adjusted search field widths
• Mobile-friendly navigation with hamburger menu

14.3 Design and Presentation

• CSS custom properties for consistent theming
• System font stack (-apple-system, BlinkMacSystemFont, Segoe UI, Roboto, etc.)
• Max-width container (1200px) with centered layout
• Category cards with colored left border and gradient header
• Hover effects on interactive elements
• Color-coded badges for roles (admin=red, moderator=blue, user=gray)
• Color-coded status badges (active=green, blocked=red, pinned=yellow, locked=gray)
• File-type-specific icon colors (PDF=red, DOC=blue, image=green)

14.4 Performance

• Efficient database queries with JOINs instead of individual queries
• Cached counters on subforums (topic/post count, last post) and topics (reply count, last reply)
• Pagination on all list views
• Parallel database queries where possible
• View count tracking without additional page load

14.5 Database

9 tables:

1. #__modernforum_categories -- Categories with title, description, color, alias, ordering, status
2. #__modernforum_subforums -- Subforums with category assignment, cached counter values
3. #__modernforum_topics -- Topics with subforum assignment, sticky/lock status, view counter, reply counter
4. #__modernforum_posts -- Posts/replies with topic assignment, modification tracking
5. #__modernforum_user_profiles -- Extended user profiles (avatar, signature, location, website, counters)
6. #__modernforum_attachments -- File attachments for topics or posts
7. #__modernforum_thanks -- Thanks/like entries with content type, content ID, and user ID (unique constraint)
8. #__modernforum_subscriptions -- Subscriptions for subforums and categories
9. #__modernforum_notification_log -- Notification log to prevent duplicates

15. Frontend Views

| View | Description |

|---|---|

| Forum Overview | All categories with subforums and statistics |

| All Topics | All topics sorted chronologically with pagination |

| Subforum | Topics of a subforum with pinned/locked badges |

| Topic View | Topic with all replies, thanks system, attachments |

| User Profile | Profile page with activities and subscriptions |

| Search | Search page with result count and pagination |

| New Topic | Creation form with editor and file attachment |

16. Administration Menu

| Menu Item | Description |

|---|---|

| Dashboard | Statistics, recent activity, quick access, premium section |

| Categories | Management of all forum categories |

| Subforums | Management of all subforums |

| Topics | Management of all topics |

| Users | Overview of users with forum activity |

| Info | Developer contact and donation option

17. Version History

 | Version | Changes | Database |

|---|---|---|

| 1.2.2 | Fixed missing language keys on Joomla configuration page - Typography, Premium and Font settings were displayed as raw placeholders. All configuration field labels and descriptions now correctly translated in both German and English | |

| 1.2.1 | Typography settings: configurable font family and font size for category and topic titles. Fixed routing issue where internal links generated /component/ URLs instead of using the forum menu item. All internal links now preserve the Itemid parameter for correct Joomla SEF routing | |

| 1.2.0 | Standalone login form integrated directly into the forum component. Standalone registration form with math captcha and Joomla user creation. Auto-creation of forum user profile on first login. Remember-me option for persistent login sessions. Login and registration no longer redirect to Joomla com_users | |

| 1.1.9 | Fixed missing language keys for Profile and Search menu item types. Menu item type selection now shows translated names instead of placeholder keys | |

| 1.1.8 | Access level configuration for forum visibility (Public/Registered), configurable access level via component parameters | |

| 1.1.7 | Email notifications via Joomla mail system, reply notifications for topic participants and subscribers | |

| 1.1.6 | Category and subforum subscription system, email notifications for new topics, subscription management in user profile, subscribe/unsubscribe buttons in subforum view | 2 new tables: subscriptions, notification_log |

| 1.1.5 | Fix for content plugin rendering when editing. Shortcodes and raw content are correctly preserved in edit mode | |

| 1.1.4 | Thanks/like system for topics and posts (toggle, AJAX, counter, user list) | 1 new table: thanks |

| 1.1.3 | Premium section with code activation (hide branding, enable import, hide info page) | |

| 1.1.2 | Info page in admin backend with developer contact information and donation link | |

| 1.1.1 | Performance and stability improvements, code optimization and bugfixes | |

| 1.1.0 | Math CAPTCHA for registration, extended spam protection | |

| 1.0.9 | Math CAPTCHA for topic creation and replies, refresh button for new problems | |

| 1.0.8 | User profile page with avatar upload, profile picture display in topics and posts, clickable usernames | |

| 1.0.7 | Attachment management in backend topic editor | |

| 1.0.6 | Improved post/reply styling | |

| 1.0.5 | Improved file upload processing | |

| 1.0.4 | Attachment folder creation during installation | |

| 1.0.3 | File attachment system (upload, download, management). Formats: PDF, DOC, DOCX, XLS, XLSX, TXT, ZIP, JPG, PNG, GIF. Max. 10 MB per file | 1 new table: attachments |

| 1.0.2 | Topic editing for topic starters, Joomla update server integration | |

| 1.0.1 | Kunena import functionality, content fields changed to MEDIUMTEXT | |

| 1.0.0 | Initial release: categories, subforums, topics, posts, user management, multi-language support (DE/EN) | Initial tables: categories, subforums, topics, posts, user_profiles  

Developed by: Mertsch-Web.de (info@mertsch-web.de)

License: GNU General Public License v2+