SoftwareSecurity2013/Group 2/Intro

Uit Werkplaats
Ga naar: navigatie, zoeken

BuddyPress is an open source social networking software package owned by Automattic since 2008. It is a plugin that can be installed on WordPress to transform it into a social network platform. BuddyPress is designed to allow schools, companies, sports teams, or any other niche community to start their own social network or communication tool.
BuddyPress inherits and extends upon the integral functional elements of the WordPress engine including themes, plugins, and widgets. As it is built on WordPress it is written using the same primary technologies, PHP and MySQL.

BuddyPress has a range of features that will allow the creation of a social network application. However, based on your interest you can start with a couple of features and simply turn off features that you don't want by the click of a button. The basic installed system offers:

  • Activity Streams
  • User Profiles
    • Options to add user profile fields and sections
    • Avatar uploads
  • Group Creation
    • Group discussion forums
    • Group logo and Wire
  • Friend system
    • Messaging
  • Custom themes
  • Blogs per user (via the WordPress engine)

Group discussion forums are provided by the integration of the popular GPL forum software bbPress. With 1.1 versions and above, bbPress is seamlessly integrated within BuddyPress allowing for single sign-on and one click forum integration.

For our security revies, we examine version 1.7.2., downloaded at the 23th of April 2013. BuddyPress has been downloaded 1,573,493 times, so it is a widely used plug-in, appearing in a lot of Top-10 WordPress plugin lists.

"Messaging" section of the BuddyPress User Interface.

"Messaging" section of the BuddyPress User Interface.