PHP message board

PLEASE NOTE: I cannot provide free installation support for this free script! Please use the above e-mail address to contact me ONLY about possible bug reports, suggestions or comments! Thank you!



Copyright 2004-2006 Klemen Stirn. All Rights Reserved.

The MBoard may be used and modified free of charge by anyone so long as this copyright notice and the comments above remain intact. By using this code you agree to indemnify Klemen Stirn from any liability that might arise from it's use.

Selling the code for this program without prior written consent is expressly forbidden. In other words, please ask first before you try and make money off this program.

Obtain permission before redistributing this software over the Internet or in any other medium. In all cases copyright and header must remain intact. This Copyright is in full effect in any country that has International Trade Agreements with the United States of America or with the European Union.

Removing copyright notice ("Powered by" statement)
Removing any of the copyright notices without purchasing a license is illegal! To remove PHPJunkyard copyright notice you must purchase a license for this script. For more information on how to obtain a license please visit the site below:


A simple message board where your visitors can post messages and replies. Comes with anti-SPAM protection.


  • UNIX or Windows server (it *might* work on others too)
  • PHP4 support
  • FTP access and a FTP program


I would like to thank the following people for their help (in no particular order):

  • Henrie from the Netherlands (Web site) for his continuing dedication to help MBoard users on the support forum

  • Mauricio (Web site) for the nice format of this readme file

  • guys from Mayhemic Labs (Web site) for helping make this script secure

» Installation

  1. Open file settings.php in your favorite PLAIN TEXT editor (like Notepad or Wordpad on Windows systems, DO NOT use MS Word or similar editor) and set these variables:
    Variable Description/Setup
    $settings['apass'] This will be your password for deleting posts. Change it from the default password admin. Use only letters a-Z, A-Z and numbers 0-9
    $settings['website_title'] A short title of your website, eg "My lovely website"
    $settings['website_url'] URL of your website.
    $settings['mboard_title'] Title of your message board, for example "My lovely forum"
    $settings['mboard_url'] URL to folder where message board is installed. Do NOT add a trailing "/" Examples:
    http://www.yourdomain.com/mboard   - OK
    http://www.yourdomain.com/mboard/   - Wrong, dont add a / at the end!
    http://www.yourdomain.com/mboard/mboard.php   - Wrong, don't add /mboard.php at the end!
    Updated in 1.3
    Setting this to 1 or 2 will require entering a "security number" in order to successfully submit a new post or reply to the message board. I have added this to prevent SPAM. Set to 0 if you want to disable the security number check.

    Setting to 1 will display the security number in a generated image. For this to work your server must have GD library installed. You can test if your server supports all the required functions by uploading the gd_test.php file to your server and open it in your browser. If you get a red image with text WORKS your server shouldn't have problems with it. If you get an error (or blank page) when opening gd_test.php try using the text version as explained below or ask your hosting company to install the GD library for PHP.

    Setting to 2 will display the security number in text format. While this is not as effective as an image it will still block the majority of known spam robots.

    RECOMMENDED SETTING: $settings['autosubmit']=1;
    OR if the above doesn't work try
    RECOMMENDED SETTING: $settings['autosubmit']=2;
    $settings['filter_sum'] This variable is used in the preventing automated submissions and is just a little trick that should make it all even more reliable. The idea is to set this to some random sequence of chars and numbers, for example dhjx72js. It doesn't really matter how long it is, but you should use only chars (a-zA-Z) and digits (0-9). Don't leave the default value (as it would loose the whole point), set it to something of your own. Examples would be g3oyf98, p9ak85i, h398dgf and similar. Again, DO NOT USE these examples, just type some chars of your own!
    New in 1.3
    Version 1.3 introduces new mechanism for fighting spam called JunkMarkTM, developed by Klemen Stirn (the author). It is designed to catch spammers who actually visit your MBoard and get past the security number check. Setting this variable to 1 will enable JunkMarkTM, setting it to 0 will disable it. JunkMarkTM calculates probability of a message being SPAM and gives it a score between 0 (not SPAM) and 100 (SPAM). The higher the score the more likely the message is SPAM

    RECOMMENDED SETTING: $settings['junkmark_use']=1;
    New in 1.3
    Set to the score after which messages are rejected as SPAM. Messages which are given a JunkMarkTM score same or higher to this limit will not be allowed to post. Possible values are between 0 and 100. I don't recommend setting it below 50! The optimal value is around 60 to 70.

    RECOMMENDED SETTING: $settings['junkmark_limit']=60;
    $settings['smileys'] If set to 1 text like :), ;) etc will be replaced by smileys (image icons). Individual visitors will still be able to disable smileys for their entry. If you don't want to allow smileys set to 0.
    $settings['notify'] If set to 1 you will receive an e-mail notification at your admin e-mail address every time a new message is posted. Set to 0 if you don't want to be notified.
    $settings['admin_email'] Your e-mail address where new entry notifications will be sent. Only required if $settings['notify'] is set to 1.
    $settings['display_ip'] If set to 1 messages will also display IP number of the author. Set to 0 to disable.
    $settings['maxposts'] The maximum number of posts allowed to be displayed on the MBoard.
    $settings['keepoldmsg'] If set to 0 old messages (when you come to maxposts limit) will be deleted from the server. Set to 1 if you want to keep old messages on the server.
    $settings['extension'] The file extension of the HTML files with posts (advanced users only). For example if set to "htm" messages will be stored as "msg/message.htm". You may leave this as it is.
    $settings['filter'] If set to 1 all new posts will be filtered for bad words and replaced by ****.
    $settings['filter_lang'] The language of bad words file. For now only English language is supported so you can only use "en" (CaSe SeNSiTiVe). Please read section "Adding / Translating bad words list" further down for info on how to add/translate bad words.
  2. Save and close the settings.php file.

  3. Go to your FTP client and FTP to the public directory on your server (where the rest of your website is; usually "public_html", "www" or "site") and create a folder where you will install MBoard.
    Example: /public_html/mboard Corresponding URL: http://www.yourdomain.com/mboard

  4. Upload all MBoard files to this folder. The "images" folder (all files in this folder) must be transferred in BINARY mode, other files in ASCII mode (refer to your FTP client instructions for details on how to set transfer mode properly).

  5. Within the MBoard directory create a folder called "msg". It must be named EXACTLY "msg", CaSe SeNSiTiVE! Names like "Msg" or "MSG" will result in an error! Make sure this folder is world-writable - on UNIX (Linux) servers you must CHMOD (set permissions for) this folder to 777 (rwx-rwx-rwx). Corresponding URL: http://www.yourdomain.com/mboard/msg

  6. Make sure that the PHP scripts have permission to write to files threads.txt and counts.txt - on UNIX (Linux) servers you must CHMOD (set permissions for) these two files to 666 (rw-rw-rw).

If you have done all this your message board should work now. In your browser open your MBoard, for example:
http://www.yourdomain.com/mboard/mboard.php and test it. You can delete messages by clicking the red [X] icon and entering your admin password.

You may edit header.txt and footer.txt files to add your own header and footer to the links page. You will have to use full image URLs in the code. For example instead of <IMG SRC="images/image.jpg" ... > use <IMG SRC="http://www.yourdomain.com/images/image.jpg" ... >! Same goes for any Javascripts or CSS files if you are calling them from within the header or footer.

Upgrading from version 1.2, 1.21 or 1.22

To upgrade from version 1.2x to version 1.3 follow these steps:

  1. BACKUP your old MBoard
  2. Edit the new settings.php file (more info under "Installation") as new variables has been added
  3. Upload these files to your server in ASCII mode: javascript.js, mboard.php, print_sec_img.php, secimg.inc.php, settings.php
  4. Test everything. All your current posts should stay intact.

Good luck with the script!

» Troubleshooting

PLEASE READ BEFORE ASKING Since this script is free no support is guaranteed. You will find solutions for some common problems below. If you can't get the script to work please go through this readme file again carefully and repeat the installation step-by-step (also delete old files and folders from the server). Also please feel free to FIRST SEARCH for solutions and then post any questions or problems you might have to PHPJunkyard forum!

1. What is CHMOD and FTP?

I have prepared a simple FTP and CHMOD tutorial which will help you FTP files to your server and set correct CHMOD settings.

2. My message board doesn't work, HELP!

Here are a few things to check:

  1. did you upload the images folder in BINARY mode and all other files ASCII mode?
  2. did you create the "msg" folder? Remember the name is CaSe SeNSiTiVE! Did you CHMOD it to 777 (rwx-rwx-rwx)? You should be able to open this folder for example by typing http://www.yourdomain.com/mboard/msg in your browser.
  3. are threads.txt and count.txt files world writable? CHMOD them to 666 (rw-rw-rw) if you are on a Linux server
  4. if images don't display correctly check if you uploaded them (the entire "images" folder) correctly. The images folder must be placed within the mboard folder, for example http://www.yourdomain.com/mboard/images
  5. go through the entire setup process again carefully

3. The security number image/text doesn't work (show up)?

For the image to work your server must have GD library installed. You can test if your server supports all the required functions by uploading the gd_test.php file to your server and open it in your browser. If you get an error (or an empty page) when opening gd_test.php you should either ask your hosting company to install the GD library for PHP or try with $settings['autosubmit'] set to 2. This will display the security number in text format which is not as effective but better than nothing.

If you get the red WORKS image when opening gd_test.php but the security image still doesn't work you probably have problems with sessions. Ask your hosting company to check PHP sessions configuration. Same thing if $settings['autosubmit'] set to 2 doesn't work.

4. I installed MBoard but I still get many SPAM messages?

Make sure you have the latest version of MBoard and that you have variables $settings['autosubmit'] set to 1 or 2 and $settings['junkmark_use'] set to 1. Also make sure the variable $settings['junkmark_limit'] is not set too high or too low (recommended value is 60).

5. May I use JunkMarkTM SPAM filter in my other scripts?

No, you are not allowed to use JunkMarkTM SPAM filter in any other script (commercial or open source) without my express written permission. It may only be used in MBoard and scripts that are direct derivates of MBoard (customized/modified versions).

» Adding / Translating bad words list

As of version 1.1 MBoard can search for bad words in the comments and replace them with ****. Files with bad words list are stored in folder "badwords" and have two letter names. For now only English version is available (named "en.php").

Before adding new words please install MBoard and test it so you are sure it works properly!

To add new bad words open the en.php file in your favorite PLAIN TEXT editor (like Notepad or Wordpad on Windows systems, DO NOT use MS Word or similar editor), find the comment saying INSERT NEW BAD WORDS BELOW THIS LINE and add new bad words in this format:


For example if "asfhkjhfasf" is a bad word you would add this line to the file:

"asfhkjhfasf" => "a**********",

Don't forget to add a comma ( , ) after the line!

If you are translating the bad words file I suggest you leave the English words and add new ones in your language as explained above. Then save the file as two letter country code php file. For example, if you are translating the file in French, you should save the file as fr.php (CaSe SeNSiTiVe!). Upload fr.php to your "badwords" folder, go to settings.php again and set $settings['filter_lang'] to "fr" (file name without .php).

Now test the MBoard again. If you get an Error or Warning when you try to post a new message this means something is wrong with your language file. It either can't be found (check the name of the file, on most servers names are CaSe SeNsiTiVe!) or something is wrong with PHP syntax in it (make sure all the words are added in
"BADWORD" => "REPLACEMENT", syntax).

Please send me the translated file. If you translate the bad words file to your language please send it to info AT phpjunkyard DOT com (or contact me through PHPJunkard.com contact form) and I will make it available to others for download. You may include your name, website URL and e-mail address and I will give you proper credit (translated by John Doe. Visit www.yourwebsite.com).

» Copyright removal

You may NOT edit or remove any copyright or Powered by statements in MBoard code without purchasing a license! For more information please visit http://www.phpjunkyard.com/copyright-removal.php

» Stay updated!

Join my FREE newsletter and you will be notified about new scripts, new versions of the existing scripts and other important news from PHPJunkYard.
Click here for more info

» Please rate this script

If you like this script please rate it or even write a review at:

Rate this Script @ Hot Scripts

Rate this Script @ Hot Scripts

» What else?

That's it! If you use PHPJunkYard free scripts or any portion of their code please place a link to PHPJunkYard.com on your website. I won't sue you if you don't, but I believe it is a fair trade for a free script/code. Think about it. You can find link suggestions here.

Best regards,

Klemen Stirn
PHP JunkYard