That's right, it's PHPAskIt upgrade time. Since I have some time off work (and it's been a year since the last version), I thought I'd spend some time on it... So what do you want it to do? I've already been told it needs to have HTML capabilities put back into it, extra AJAXy shinyness, and a way to make it so that it's not so finicky about WordPress with integration into WP Pages and all that - maybe make it a plugin or something. Also requested is extra spam protection, a way to move the search box and complete customisation of, well, everything.

Thoughts? Ideas? Anything?

(Sorry for the tirade of PAI-related entries of late - it'll stop at some point)

I came across a couple of websites discouraging the use of PHPAskIt because it uses a database and therefore absolutely must be insecure.

One such example states:

PHPAskIt isn't completely secure, either. It uses a database so I woulda thought that was more INsecure than the flat file of Waks Ask & Answer script.

Another says:

PHPAskit is just as insecure [as Wak's Ask&Answer] only people think it's secure because it's not flat file.

And so on, and so forth.

For the record, there is no difference in security in using one method or another, as long as they are both done properly. Wak's Ask&Answer and CuteNews (flat file scripts) aren't. PHPFanBase and SimpleDir (MySQL scripts) aren't either. Jem's Bella~ series and FlatPress however, are flat file scripts and they are fine. Similarly, WordPress and PHPAskIt are MySQL scripts and they are absolutely fine.

Yes, it's true that hackers discover more and more vulnerabilities in scripts and programming languages all the time, so those scripts may not always be secure in their current versions so it is very important to keep your scripts up to date. But to say a script is insecure because of the method of storage that they use is stupid and shows complete ignorance. If you are going to say a script is insecure, don't just back it up with "well I looked it up online and it said it was insecure". People seem to like publishing fake reports of insecurities (probably where all this is coming from, actually... PHPAskIt had a nice security hoax published about it - and in case you're still living in the dark ages it was wrong) so "looking it up online" isn't always the answer.

If in doubt, ask someone who knows what they're talking about. :)

One of the questions I am asked most is "will you write a tutorial on how to install PHPAskIt?". My answer to this is always no because people need to learn to read. Included in the PHPAskIt zip file is a file called readme.txt. Now I don't know about you, but when I'm unsure of how to install something, the first thing I do is to look at the readme file (if there is one). When a file is called "READ ME" it usually signifies that it should be read, no?

So why am I bombarded time and time again with this question when I clearly explain how to install the script in the readme file? That, I cannot tell you. But what I do know is the internet population appears to be getting stupider. People use known insecure scripts such as Wak's Ask&Answer and CuteNews because "nothing's ever happened to me" and "I like that script"; people take images they have absolutely no permission to use (and they know this) and make website layouts out of them; and as Jem regularly points out with her Pants Awards, there is no shortage of people giving out stupid advice in the form of tutorials.

I came across a site the other day which combined the aforementioned issues. The site owner had been asked "please can you write a tutorial on how to install and use PHPAskIt" and had done just that. They wrote exactly what I wrote in the readme file, just worded slightly differently. I'd link the tutorial but the site's gone on hiatus (how convenient). What was the point of that? So imagine my delight when I found yet another one of these tutorials. I kid you not, this one is even worse than the other one, and assumes the visitor can't read or something (um, redundant much?).

The tutorial basically follows this format:

1. Download the script!
2. Upload everything then go to install.php! Yay! Done!
3. It will say delete so and so files, delete these files: import directory, upgrade.php, install.php

PLEASE LINK ME IF YOU USED THIS TUT!1!!

"So and so files"?! So basically you're assuming your visitor hasn't read what's on their screen (it tells them which files to delete) or that the message is too confusing (um, you just wrote it out again, word for word. The point?) or something and that your tutorial is the answer to all that? Get over yourself.

Oh yes, and while I'm in a rant mood... I've noticed someone is commenting around the place using my URL. This person appears to go by the name of "Nancy" and uses my site (or the link to PHPAskIt) as their URL. Thanks for the extra hits and everything, "Nancy", but this site actually belongs to me and I'd appreciate it if you could stop doing that.

If you came here from one of "Nancy"'s comments, sorry to disappoint and all, but my name's Amelie and I've never heard of anyone called Nancy.

Pssst: If you have received a comment from "Nancy" using my details, please contact me as I'd love to see who on earth is doing this. :)