hmm, i could swear i submitted them...

git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@5190 89ea8834-ac86-4346-8a33-228a782c2dd0

phpBB/docs/CHANGELOG.html

@@ -3,7 +3,7 @@
 <head>
 <meta http-equiv="Content-Type" content="text/html">
 <meta http-equiv="Content-Style-Type" content="text/css">
-<title>phpBB 2.0.16 :: Changelog</title>
+<title>phpBB 2.0.x :: Changelog</title>
 <link rel="stylesheet" href="../templates/subSilver/subSilver.css" type="text/css" />
 <style type="text/css">
 <!--
@@ -24,7 +24,7 @@ p,ul,td {font-size:10pt;}
 <table width="100%" border="0" cellspacing="0" cellpadding="0">
 	<tr>
 		<td><img src="../templates/subSilver/images/logo_phpBB.gif" border="0" alt="phpBB 2 : Creating Communities" vspace="1" /></a></td>
-		<td align="center" width="100%" valign="middle"><span class="maintitle">phpBB 2.0.16 CHANGELOG</span></td>
+		<td align="center" width="100%" valign="middle"><span class="maintitle">phpBB 2.0.x CHANGELOG</span></td>
 	</tr>
 </table>
 
@@ -32,6 +32,7 @@ p,ul,td {font-size:10pt;}
 <ol>
 <li><a href="#changelog">Changelog</a></li>
 <ol type="i">
+	<li><a href="#2016">Changes since 2.0.16</a></li>
 	<li><a href="#2015">Changes since 2.0.15</a></li>
 	<li><a href="#2014">Changes since 2.0.14</a></li>
 	<li><a href="#2013">Changes since 2.0.13</a></li>
@@ -61,7 +62,23 @@ p,ul,td {font-size:10pt;}
 
 <p>This is a non-exhaustive (but still near complete) changelog for phpBB 2.0.x including beta and release candidate versions. Our thanks to all those people who've contributed bug reports and code fixes.</p>
 
-<a name="2015"></a><h3 class="h3">l.i. Changes since 2.0.15</h3>
+<a name="2016"></a><h3 class="h3">l.i. Changes since 2.0.16</h3>
+
+<ul>
+<li>Added extra checks to the deletion code in privmsg.php - reported by party_fan</li>
+<li>Fixed XSS issue in IE using the url BBCode</li>
+<li>Fixed admin activation so that you must have administrator rights to activate accounts in this mode - reported by ieure</li>
+<li>Fixed get_username returning wrong row for usernames beginning with numerics - reported by Ptirhiik</li>
+<li>Pass username through phpbb_clean_username within validate_username function - AnthraX101</li>
+<li>Fixed PHP error in message_die function</li>
+<li>Fixed incorrect generation of {postrow.SEARCH_IMG} tag in viewtopic.php - reported by Double_J</li>
+<li>Also fixed above issue in usercp_viewprofile.php</li>
+<li>Fixed incorrect setting of user_level on pending members if a group is granted moderator rights - reported by halochat</li>
+<li>Fixed ordering of forums on admin_ug_auth.php to be consistant with other pages</li>
+<li>Correctly set username on posts when deleting a user from the admin panel</li>
+</ul>
+
+<a name="2015"></a><h3 class="h3">l.ii. Changes since 2.0.15</h3>
 
 <ul>
 <li>Fixed critical issue with highlighting - <b>Discovered and fix provided by Ron van Daal</b></li>
@@ -73,7 +90,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed bug in admin re-authentication redirect for servers not having index.php as one of their default files set</li>
 </ul>
 
-<a name="2014"></a><h3 class="h3">l.ii. Changes since 2.0.14</h3>
+<a name="2014"></a><h3 class="h3">l.iii. Changes since 2.0.14</h3>
 
 <ul>
 <li>Fixed moderator status removal in groupcp.php</li>
@@ -95,7 +112,7 @@ p,ul,td {font-size:10pt;}
 <li>Empty url/img bbcodes no longer get parsed</li>
 </ul>
 
-<a name="2013"></a><h3 class="h3">l.iii. Changes since 2.0.13</h3>
+<a name="2013"></a><h3 class="h3">l.iv. Changes since 2.0.13</h3>
 
 <ul>
 <li>Hardened author and keyword search a bit to not allow very server intensive searches</li>
@@ -112,7 +129,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed case-sensitivity issues in postgres7.php - <b>R45</b></li>
 </ul>
 
-<a name="2012"></a><h3 class="h3">l.iv. Changes since 2.0.12</h3>
+<a name="2012"></a><h3 class="h3">l.v. Changes since 2.0.12</h3>
 
 <ul>
 <li>Ommitted preg_replace warning in viewtopic due to improper working of preg_quote in PHP - originally reported by matrix_killer, fix submitted by another party</li>
@@ -120,7 +137,7 @@ p,ul,td {font-size:10pt;}
 <li>Minimum requirements raised to PHP 4.0.3 or above due to fixing vulnerability issues breaking PHP3 compatibility.</li>
 </ul>
 
-<a name="2011"></a><h3 class="h3">l.v. Changes since 2.0.11</h3>
+<a name="2011"></a><h3 class="h3">l.vi. Changes since 2.0.11</h3>
 
 <ul>
 <li>Added confirm table to admin_db_utilities.php</li>
@@ -135,7 +152,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed path disclosure bug in viewtopic.php caused by a PHP 4.3.10 bug - <b>matrix_killer</b></li>
 </ul>
 
-<a name="2010"></a><h3 class="h3">l.vi. Changes since 2.0.10</h3>
+<a name="2010"></a><h3 class="h3">l.vii. Changes since 2.0.10</h3>
 
 <ul>
 <li>Fixed vulnerability in highlighting code (<b>very high severity, please update your installation as soon as possible</b>)</li>
@@ -146,7 +163,7 @@ p,ul,td {font-size:10pt;}
 <li>Added visual confirmation mod to code base</li>
 </ul>
 
-<a name="209"></a><h3 class="h3">l.vii. Changes since 2.0.9</h3>
+<a name="209"></a><h3 class="h3">l.viii. Changes since 2.0.9</h3>
 
 <ul>
 <li>Fixed deleting of styles in admin_styles.php</li>
@@ -159,7 +176,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed visual confirmation code. The image was not created due to a wrong regular expression.</li>
 </ul>
 
-<a name="208"></a><h3 class="h3">l.viii. Changes since 2.0.8</h3>
+<a name="208"></a><h3 class="h3">l.ix. Changes since 2.0.8</h3>
 
 <ul>
 <li>Fixed one vulnerability in admin_board.php - <b>Xore</b></li>
@@ -178,7 +195,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed problem with SID not delivered to next page in groupcp.php</li>
 </ul>
 
-<a name="207"></a><h3 class="h3">l.ix. Changes since 2.0.7</h3>
+<a name="207"></a><h3 class="h3">l.x. Changes since 2.0.7</h3>
 
 <ul>
 <li>Fixed several vulnerabilities in admin pages</li>
@@ -190,7 +207,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed sql injection vulnerability in privmsg - 2.0.8a</li>
 </ul>
 
-<a name="206"></a><h3 class="h3">1.x. Changes since 2.0.6</h3>
+<a name="206"></a><h3 class="h3">1.xi. Changes since 2.0.6</h3>
 
 <ul>
 <li>Fixed several vulnerabilities in modcp - <b>Robert Lavierck</b></li>
@@ -204,7 +221,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed potential vulnerability in avatar gallery</li>
 </ul>
 
-<a name="205"></a><h3 class="h3">1.xi. Changes since 2.0.5</h3>
+<a name="205"></a><h3 class="h3">1.xii. Changes since 2.0.5</h3>
 
 <ul>
 <li>Fixed various email issues</li>
@@ -220,7 +237,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed sql injection with reset date format field in profile - <b>tendor</b></li>
 </ul>
 
-<a name="204"></a><h3 class="h3">1.xii. Changes since 2.0.4</h3>
+<a name="204"></a><h3 class="h3">1.xiii. Changes since 2.0.4</h3>
 
 <ul>
 <li>Removed user facing session_id checks</li>
@@ -292,7 +309,7 @@ p,ul,td {font-size:10pt;}
 <li>Default English support for visual confirmation - translators are encouraged to support this</li>
 </ul>
 
-<a name="203"></a><h3 class="h3">1.xiii. Changes since 2.0.3</h3>
+<a name="203"></a><h3 class="h3">1.xiv. Changes since 2.0.3</h3>
 
 <ul>
 <li>Fixed cross-browser scripting issue with highlight param</li>
@@ -419,7 +436,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed potential SQL vulnerability with marking of private messages - <b>Ulf Harnhammar</b></li>
 </ul>
 
-<a name="202"></a><h3 class="h3">1.xiv. Changes since 2.0.2</h3>
+<a name="202"></a><h3 class="h3">1.xv. Changes since 2.0.2</h3>
 
 <ul>
 <li>Fixed potential cross-site scripting vulnerability with avatars - <b>Showscout</b></li>
@@ -428,7 +445,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed (hopefully) issue with MS Access and multiple pages</li>
 </ul>
 
-<a name="201"></a><h3 class="h3">1.xv. Changes since 2.0.1</h3>
+<a name="201"></a><h3 class="h3">1.xvi. Changes since 2.0.1</h3>
 
 <ul>
 <li>Fixed missing "username" lang variable in user admin template</li>
@@ -463,7 +480,7 @@ p,ul,td {font-size:10pt;}
 <li>Fix emailer to allow sending emails with language-specific character sets</li>
 </ul>
 
-<a name="200"></a><h3 class="h3">1.xvi. Changes since 2.0.0</h3>
+<a name="200"></a><h3 class="h3">1.xvii. Changes since 2.0.0</h3>
 
 <ul>
 <li>Fixed delete image bug for normal users</li>
@@ -520,7 +537,7 @@ p,ul,td {font-size:10pt;}
 <li>Added database closure to admin frameset page</li>
 </ul>
 
-<a name="final"></a><h3 class="h3">1.xvii. Changes since RC-4</h3>
+<a name="final"></a><h3 class="h3">1.xviii. Changes since RC-4</h3>
 
 <ul>
 <li>Fixed improper report of general error when posting messages containing errors</li>
@@ -550,7 +567,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed various remaining usergroup display issues</li>
 </ul>
 
-<a name="rc4"></a><h3 class="h3">1.xviii. Changes since RC-3</h3>
+<a name="rc4"></a><h3 class="h3">1.xix. Changes since RC-3</h3>
 
 <ul>
 <li>Addressed serious security issue with included files</li>
@@ -581,7 +598,7 @@ p,ul,td {font-size:10pt;}
 <li>Fix (hopefully) remaining ICQ overlay issue with view profile in subSilver</li>
 </ul>
 
-<a name="rc3"></a><h3 class="h3">1.xix. Changes since RC-2</h3>
+<a name="rc3"></a><h3 class="h3">1.xx. Changes since RC-2</h3>
 
 <ul>
 <li>Fixed infamous install parse error</li>
@@ -614,7 +631,7 @@ p,ul,td {font-size:10pt;}
 <li>Hidden usergroups are now completely hidden from view</li>
 </ul>
 
-<a name="rc2"></a><h3 class="h3">1.xx. Changes since RC-1</h3>
+<a name="rc2"></a><h3 class="h3">1.xxi. Changes since RC-1</h3>
 
 <ul>
 <li>Fixed numerous PostgreSQL related issues</li>
@@ -634,7 +651,7 @@ p,ul,td {font-size:10pt;}
 <li>Various other fixes and updates</li>
 </ul>
 
-<a name="rc1"></a><h3 class="h3">1.xxi. Changes since RC-1 (pre)</h3>
+<a name="rc1"></a><h3 class="h3">1.xxii. Changes since RC-1 (pre)</h3>
 
 <ul>
 <li>Upgrade script completed for initial fully functional release</li>