Want to find, or create, plugin for forum or Blog.

Sure!! But I don't know about databases

 

Thanks for the comments. This is exactly the kind of discussion I need.

My instincts are that the forum should be separate from the plugin.

One issue is that the plugin would have to open a file and then read from and write to that file (containing forum messages ). Would it be appropriate (easy, challenging, misguided, whatever?) to have a plugin do that? This data file would be on the same server hardware as the Minecraft server with the plugin.

There is appeal to keeping all the code inside the plugin rather than having two separate programs ( the plugin code and the separate forum code), but there is also the appeal of encapsulating the forum functionality in completely separate code from the Minecraft server and its plugin component. Comments?

I do not see that automatic login to the forum with the Minecraft player's name, using a whitelist/membership list on the forum, is a significant security risk. I can see that a separate password for each player would make it more secure, but I would agree to that only if those who know more than I do insist that the security risk without it would be unacceptable. I want young kids to be able to read and write messages with a minimum of hassle. I want to make this as easy as possible for them..one or two clicks and they would be ready to read and write.

The plugin connection to the forum software site (probably an HTML page) could use built in custom chosen, even encoded, passwords (or other verification methods) chosen when the plugin was installed. It would be difficult to get into this forum from any path other than being a player on a specific Minecraft server with that plugin. My thought is that the forum would be accessible to only those player names explicitly whitelisted for that forum by an administrator. We could decide whether the forum plugin system would be usable for a server that was not using a Minecraft whitelist. Insisting on working only with a Minecraft server using a whitellist would add some additional security to the "automatic" login process I want. There would then be two whitelists. I want to put as much of the security burden on the administrator and code, rather than the player, as possible.

My thought is that the main risk is that someone could hack in and read and post (perhaps inappropriate) messages. That would be a nuisance but not a real threat to the underlying server hardware and other functions it might have.

Am I missing something about security here? Does the ability to log into forum software expose the underlying host to a threat? If so, why is that threat greater than being able to log into a Minecraft server?

NOTE:A more generalized version, with forum software and data available to many Minecraft severs from one central server could be built later if there were interest. Users of the plugin would register with the central server and manage their account/relationship. This is even further out of my reach. I see it happening only if the plugin I want were to become very popular. I am not expecting that. I seem to be the only one who thinks it would be particularly valuable at this time.

I very much appreciate the feedback I am getting here.

 

I think it's better an external host, but that leaves us with the security issues (I think a custom password will do the trick). But you get the benefits of already build forum and you can access by post and get request

 

Got it. That's all clear. I'm learning. I can build a simple web based forum that the plugin could link to. I would use PHP and MySql, and Javascript. This Minecraft-plugin-forum is a long term project for me. I will be traveling most of September and will dig on the forum in October.

At that point I will start asking for help with the plugin side. The simple forum will take me a month or so. If the Minecraft-plugin-forum works, I can improve the forum side over time. I am still open to the possibility of coding the forum in the plugin... but I would have to learn quite a bit to do that. I already know the tools to build a web-base simple forum, not all that well, but well enough.