When I log in as a Master Administration and go to Settings -> Manage Extensions, the Whispers extension shows up 11 times. When I look at the extensions directory, there are indeed 11 extensions, but only one of them (the last one, alphabetically) is Whispers.php.
I opened up controls/settings.php where the output for that listing is generated. On each iteration of the while loop that begins at line 753, I can do a print_r($Extension) just after line 802, and I see the details of all 11 extensions just as it should be. However, if I do a print_r($this->Extensions) just after line 802, I see that, on each iteration, $this->Extensions gains a new item, but every single previously added item in $this->Extensions is somehow overwritten with the new data from $Extension. So, by the time the while loop is finished, there are 11 items in $this->Extensions, but each of them are for the same extension (Whispers, in this case, because it's the last extension to be processed).
I've tried playing around with the code a bit, but this has me baffled. Perhaps you'll have better luck finding out where it's overwriting the previous array items in $this->Extensions.
Ah... I see what happened. The code relies on the broken referencing of objects in PHP 4 that was fixed in PHP 5. In PHP 4, objects are cloned by default and not properly referenced, which is why you see a lot of code in PHP 4 applications that uses the assignment by reference operator when dealing with objects:
$object =& new Object();
PHP 5 fixed this issue so that all objects are created by reference by default and you no longer need to use the =& operator.
You may want to investigate whether PHP 4.4 breaks this functionality in Vanilla, since it backports to the 4 series of the language the code from PHP 5 that fixes these object reference issues.
I did the investigation myself... installed a separate instance of Apache, set it to run on port 81, and then compiled PHP 4.4.0 for that instance of Apache. When I browse to the extension settings on port 81 (using PHP 4.4 instead of PHP 5), everything works as it should, so you can rest assured knowing that the code running on PHP 4.4 doesn't have the same referencing problem as it does when running on PHP 5. :-)
Took me all of ten minutes to set all that up. Not a big deal. :-)
I wasn't trying to figure out the problem as much as I was trying to see if the problem existed in the new PHP 4.4 branch. It doesn't, so that's one less thing Mark has to worry about. :-)
No problem. I like the simplicity of your forum, and I'd like to use it.
Before I do use it in a public setting, though, I'm working on getting some security scans (XSS, SQL injection, etc.) performed on an installation of it. I'll send the output of those scans to your e-mail address, though, so that they aren't posted in a public forum.