This commit was manufactured by cvs2svn to create tag

'release_2_0_13'. git-svn-id: file:///svn/phpbb/tags/release_2_0_13@5098 89ea8834-ac86-4346-8a33-228a782c2dd0
2025-08-22 16:22:58 +02:00 · 2005-02-27 23:26:08 +00:00
parent 212515e02c
commit 12b8694b03
951 changed files with 10547 additions and 57144 deletions
--- a/phpBB/includes/auth.php
+++ b/phpBB/includes/auth.php
@@ -129,9 +129,9 @@ function auth($type, $forum_id, $userdata, $f_access = '')

 		if ( !($f_access = $db->$sql_fetchrow($result)) )
 		{
-			message_die(GENERAL_ERROR, 'No forum access control lists exist', '', __LINE__, __FILE__, $sql);
+			$db->sql_freeresult($result);
+			return array();
 		}
-
 		$db->sql_freeresult($result);
 	}

@@ -158,19 +158,20 @@ function auth($type, $forum_id, $userdata, $f_access = '')

 		if ( $row = $db->sql_fetchrow($result) )
 		{
-			if ( $forum_id != AUTH_LIST_ALL)
+			do
 			{
-				$u_access[] = $row;
-			}
-			else
-			{
-				do
+				if ( $forum_id != AUTH_LIST_ALL)
+				{
+					$u_access[] = $row;
+				}
+				else
 				{
 					$u_access[$row['forum_id']][] = $row;
 				}
-				while( $row = $db->sql_fetchrow($result) );
 			}
+			while( $row = $db->sql_fetchrow($result) );
 		}
+		$db->sql_freeresult($result);
 	}

 	$is_admin = ( $userdata['user_level'] == ADMIN && $userdata['session_logged_in'] ) ? TRUE : 0;
@@ -199,7 +200,7 @@ function auth($type, $forum_id, $userdata, $f_access = '')
 			{
 				case AUTH_ALL:
 					$auth_user[$key] = TRUE;
-					$auth_user[$key . '_type'] = $lang['Auth_Anonymous_users'];
+					$auth_user[$key . '_type'] = $lang['Auth_Anonymous_Users'];
 					break;

 				case AUTH_REG:
@@ -238,7 +239,7 @@ function auth($type, $forum_id, $userdata, $f_access = '')
 				{
 					case AUTH_ALL:
 						$auth_user[$f_forum_id][$key] = TRUE;
-						$auth_user[$f_forum_id][$key . '_type'] = $lang['Auth_Anonymous_users'];
+						$auth_user[$f_forum_id][$key . '_type'] = $lang['Auth_Anonymous_Users'];
 						break;

 					case AUTH_REG:
--- a/phpBB/includes/bbcode.php
+++ b/phpBB/includes/bbcode.php
@@ -26,7 +26,7 @@ if ( !defined('IN_PHPBB') )

 define("BBCODE_UID_LEN", 10);

-// global that holds loaded-and-prepared bbcode templates, so we only have to do 
+// global that holds loaded-and-prepared bbcode templates, so we only have to do
 // that stuff once.

 $bbcode_tpl = null;
@@ -45,21 +45,21 @@ function load_bbcode_template()
 	global $template;
 	$tpl_filename = $template->make_filename('bbcode.tpl');
 	$tpl = fread(fopen($tpl_filename, 'r'), filesize($tpl_filename));
-	
+
 	// replace \ with \\ and then ' with \'.
 	$tpl = str_replace('\\', '\\\\', $tpl);
 	$tpl  = str_replace('\'', '\\\'', $tpl);
-	
+
 	// strip newlines.
 	$tpl  = str_replace("\n", '', $tpl);
-	
+
 	// Turn template blocks into PHP assignment statements for the values of $bbcode_tpls..
 	$tpl = preg_replace('#<!-- BEGIN (.*?) -->(.*?)<!-- END (.*?) -->#', "\n" . '$bbcode_tpls[\'\\1\'] = \'\\2\';', $tpl);
-	
+
 	$bbcode_tpls = array();

 	eval($tpl);
-	
+
 	return $bbcode_tpls;
 }

@@ -68,7 +68,7 @@ function load_bbcode_template()
 * Prepares the loaded bbcode templates for insertion into preg_replace()
 * or str_replace() calls in the bbencode_second_pass functions. This
 * means replacing template placeholders with the appropriate preg backrefs
- * or with language vars. NOTE: If you change how the regexps work in 
+ * or with language vars. NOTE: If you change how the regexps work in
 * bbencode_second_pass(), you MUST change this function.
 *
 * Nathan Codding, Sept 26 2001
@@ -77,47 +77,47 @@ function load_bbcode_template()
 function prepare_bbcode_template($bbcode_tpl)
 {
 	global $lang;
-	
+
 	$bbcode_tpl['olist_open'] = str_replace('{LIST_TYPE}', '\\1', $bbcode_tpl['olist_open']);
-	
+
 	$bbcode_tpl['color_open'] = str_replace('{COLOR}', '\\1', $bbcode_tpl['color_open']);
-	
+
 	$bbcode_tpl['size_open'] = str_replace('{SIZE}', '\\1', $bbcode_tpl['size_open']);
-	
+
 	$bbcode_tpl['quote_open'] = str_replace('{L_QUOTE}', $lang['Quote'], $bbcode_tpl['quote_open']);
-	
+
 	$bbcode_tpl['quote_username_open'] = str_replace('{L_QUOTE}', $lang['Quote'], $bbcode_tpl['quote_username_open']);
 	$bbcode_tpl['quote_username_open'] = str_replace('{L_WROTE}', $lang['wrote'], $bbcode_tpl['quote_username_open']);
 	$bbcode_tpl['quote_username_open'] = str_replace('{USERNAME}', '\\1', $bbcode_tpl['quote_username_open']);
-	
+
 	$bbcode_tpl['code_open'] = str_replace('{L_CODE}', $lang['Code'], $bbcode_tpl['code_open']);

 	$bbcode_tpl['img'] = str_replace('{URL}', '\\1', $bbcode_tpl['img']);
-	
+
 	// We do URLs in several different ways..
-	$bbcode_tpl['url1'] = str_replace('{URL}', '\\1\\2', $bbcode_tpl['url']);
-	$bbcode_tpl['url1'] = str_replace('{DESCRIPTION}', '\\1\\2', $bbcode_tpl['url1']);
-	
+	$bbcode_tpl['url1'] = str_replace('{URL}', '\\1', $bbcode_tpl['url']);
+	$bbcode_tpl['url1'] = str_replace('{DESCRIPTION}', '\\1', $bbcode_tpl['url1']);
+
 	$bbcode_tpl['url2'] = str_replace('{URL}', 'http://\\1', $bbcode_tpl['url']);
 	$bbcode_tpl['url2'] = str_replace('{DESCRIPTION}', '\\1', $bbcode_tpl['url2']);
-	
-	$bbcode_tpl['url3'] = str_replace('{URL}', '\\1\\2', $bbcode_tpl['url']);
-	$bbcode_tpl['url3'] = str_replace('{DESCRIPTION}', '\\3', $bbcode_tpl['url3']);
-	
+
+	$bbcode_tpl['url3'] = str_replace('{URL}', '\\1', $bbcode_tpl['url']);
+	$bbcode_tpl['url3'] = str_replace('{DESCRIPTION}', '\\2', $bbcode_tpl['url3']);
+
 	$bbcode_tpl['url4'] = str_replace('{URL}', 'http://\\1', $bbcode_tpl['url']);
-	$bbcode_tpl['url4'] = str_replace('{DESCRIPTION}', '\\2', $bbcode_tpl['url4']);
+	$bbcode_tpl['url4'] = str_replace('{DESCRIPTION}', '\\3', $bbcode_tpl['url4']);

 	$bbcode_tpl['email'] = str_replace('{EMAIL}', '\\1', $bbcode_tpl['email']);
-	
+
 	define("BBCODE_TPL_READY", true);
-	
+
 	return $bbcode_tpl;
 }


 /**
 * Does second-pass bbencoding. This should be used before displaying the message in
- * a thread. Assumes the message is already first-pass encoded, and we are given the 
+ * a thread. Assumes the message is already first-pass encoded, and we are given the
 * correct UID as used in first-pass encoding.
 */
 function bbencode_second_pass($text, $uid)
@@ -135,13 +135,13 @@ function bbencode_second_pass($text, $uid)
 		$text = substr($text, 1);
 		return $text;
 	}
-	
+
 	// Only load the templates ONCE..
 	if (!defined("BBCODE_TPL_READY"))
 	{
 		// load templates from file into array.
 		$bbcode_tpl = load_bbcode_template();
-		
+
 		// prepare array for use in regexps.
 		$bbcode_tpl = prepare_bbcode_template($bbcode_tpl);
 	}
@@ -149,6 +149,14 @@ function bbencode_second_pass($text, $uid)
 	// [CODE] and [/CODE] for posting code (HTML, PHP, C etc etc) in your posts.
 	$text = bbencode_second_pass_code($text, $uid, $bbcode_tpl);

+	// [QUOTE] and [/QUOTE] for posting replies with quote, or just for quoting stuff.
+	$text = str_replace("[quote:$uid]", $bbcode_tpl['quote_open'], $text);
+	$text = str_replace("[/quote:$uid]", $bbcode_tpl['quote_close'], $text);
+
+	// New one liner to deal with opening quotes with usernames...
+	// replaces the two line version that I had here before..
+	$text = preg_replace("/\[quote:$uid=\"(.*?)\"\]/si", $bbcode_tpl['quote_username_open'], $text);
+
 	// [list] and [list=x] for (un)ordered lists.
 	// unordered lists
 	$text = str_replace("[list:$uid]", $bbcode_tpl['ulist_open'], $text);
@@ -165,17 +173,9 @@ function bbencode_second_pass($text, $uid)
 	$text = str_replace("[/color:$uid]", $bbcode_tpl['color_close'], $text);

 	// size
-	$text = preg_replace("/\[size=([\-\+]?[1-2]?[0-9]):$uid\]/si", $bbcode_tpl['size_open'], $text);
+	$text = preg_replace("/\[size=([1-2]?[0-9]):$uid\]/si", $bbcode_tpl['size_open'], $text);
 	$text = str_replace("[/size:$uid]", $bbcode_tpl['size_close'], $text);

-	// [QUOTE] and [/QUOTE] for posting replies with quote, or just for quoting stuff.
-	$text = str_replace("[quote:$uid]", $bbcode_tpl['quote_open'], $text);
-	$text = str_replace("[/quote:$uid]", $bbcode_tpl['quote_close'], $text);
-	
-	// New one liner to deal with opening quotes with usernames...
-	// replaces the two line version that I had here before..
-	$text = preg_replace("/\[quote:$uid=(?:\"?([^\"]*)\"?)\]/si", $bbcode_tpl['quote_username_open'], $text);
-
 	// [b] and [/b] for bolding text.
 	$text = str_replace("[b:$uid]", $bbcode_tpl['b_open'], $text);
 	$text = str_replace("[/b:$uid]", $bbcode_tpl['b_close'], $text);
@@ -194,28 +194,28 @@ function bbencode_second_pass($text, $uid)

 	// [img]image_url_here[/img] code..
 	// This one gets first-passed..
-	$patterns[0] = "#\[img:$uid\](.*?)\[/img:$uid\]#si";
-	$replacements[0] = $bbcode_tpl['img'];
-	
-	// [url]xxxx://www.phpbb.com[/url] code..
-	$patterns[1] = "#\[url\]([a-z]+?://){1}([a-z0-9\-\.,\?!%\*_\#:;~\\&$@\/=\+]+)\[/url\]#si";
-	$replacements[1] = $bbcode_tpl['url1'];
+	$patterns[] = "#\[img:$uid\](.*?)\[/img:$uid\]#si";
+	$replacements[] = $bbcode_tpl['img'];
+
+	// matches a [url]xxxx://www.phpbb.com[/url] code..
+	$patterns[] = "#\[url\]([\w]+?://[^ \"\n\r\t<]*?)\[/url\]#is";
+	$replacements[] = $bbcode_tpl['url1'];

 	// [url]www.phpbb.com[/url] code.. (no xxxx:// prefix).
-	$patterns[2] = "#\[url\]([a-z0-9\-\.,\?!%\*_\#:;~\\&$@\/=\+]+)\[/url\]#si";
-	$replacements[2] = $bbcode_tpl['url2'];
+	$patterns[] = "#\[url\]((www|ftp)\.[^ \"\n\r\t<]*?)\[/url\]#is";
+	$replacements[] = $bbcode_tpl['url2'];

 	// [url=xxxx://www.phpbb.com]phpBB[/url] code..
-	$patterns[3] = "#\[url=([a-z]+?://){1}([a-z0-9\-\.,\?!%\*_\#:;~\\&$@\/=\+]+)\](.*?)\[/url\]#si";
-	$replacements[3] = $bbcode_tpl['url3'];
+	$patterns[] = "#\[url=([\w]+?://[^ \"\n\r\t<]*?)\](.*?)\[/url\]#is";
+	$replacements[] = $bbcode_tpl['url3'];

 	// [url=www.phpbb.com]phpBB[/url] code.. (no xxxx:// prefix).
-	$patterns[4] = "#\[url=([a-z0-9\-\.,\?!%\*_\#:;~\\&$@\/=\+]+)\](.*?)\[/url\]#si";
-	$replacements[4] = $bbcode_tpl['url4'];
+	$patterns[] = "#\[url=((www|ftp)\.[^ \"\n\r\t<]*?)\](.*?)\[/url\]#is";
+	$replacements[] = $bbcode_tpl['url4'];

 	// [email]user@domain.tld[/email] code..
-	$patterns[5] = "#\[email\]([a-z0-9\-_.]+?@[\w\-]+\.([\w\-\.]+\.)?[\w]+)\[/email\]#si";
-	$replacements[5] = $bbcode_tpl['email'];
+	$patterns[] = "#\[email\]([a-z0-9&\-_.]+?@[\w\-]+\.([\w\-\.]+\.)?[\w]+)\[/email\]#si";
+	$replacements[] = $bbcode_tpl['email'];

 	$text = preg_replace($patterns, $replacements, $text);

@@ -250,8 +250,7 @@ function bbencode_first_pass($text, $uid)

 	// [QUOTE] and [/QUOTE] for posting replies with quote, or just for quoting stuff.
 	$text = bbencode_first_pass_pda($text, $uid, '[quote]', '[/quote]', '', false, '');
-	
-	$text = bbencode_first_pass_pda($text, $uid, '/\[quote=(\\\\".*?\\\\")\]/is', '[/quote]', '', false, '', "[quote:$uid=\\1]");
+	$text = bbencode_first_pass_pda($text, $uid, '/\[quote=(\\\".*?\\\")\]/is', '[/quote]', '', false, '', "[quote:$uid=\\1]");

 	// [list] and [list=x] for (un)ordered lists.
 	$open_tag = array();
@@ -270,7 +269,7 @@ function bbencode_first_pass($text, $uid)
 	$text = preg_replace("#\[color=(\#[0-9A-F]{6}|[a-z\-]+)\](.*?)\[/color\]#si", "[color=\\1:$uid]\\2[/color:$uid]", $text);

 	// [size] and [/size] for setting text size
-	$text = preg_replace("#\[size=([\-\+]?[1-2]?[0-9])\](.*?)\[/size\]#si", "[size=\\1:$uid]\\2[/size:$uid]", $text);
+	$text = preg_replace("#\[size=([1-2]?[0-9])\](.*?)\[/size\]#si", "[size=\\1:$uid]\\2[/size:$uid]", $text);

 	// [b] and [/b] for bolding text.
 	$text = preg_replace("#\[b\](.*?)\[/b\]#si", "[b:$uid]\\1[/b:$uid]", $text);
@@ -282,13 +281,10 @@ function bbencode_first_pass($text, $uid)
 	$text = preg_replace("#\[i\](.*?)\[/i\]#si", "[i:$uid]\\1[/i:$uid]", $text);

 	// [img]image_url_here[/img] code..
-	$text = preg_replace("#\[img\](([a-z]+?)://([^ \n\r]+?))\[/img\]#si", "[img:$uid]\\1[/img:$uid]", $text);
+	$text = preg_replace("#\[img\]((http|ftp|https|ftps)://)([^ \?&=\#\"\n\r\t<]*?(\.(jpg|jpeg|gif|png)))\[/img\]#sie", "'[img:$uid]\\1' . str_replace(' ', '%20', '\\3') . '[/img:$uid]'", $text);

 	// Remove our padding from the string..
-	$text = substr($text, 1);
-
-
-	return $text;
+	return substr($text, 1);;

 } // bbencode_first_pass()

@@ -349,9 +345,9 @@ function bbencode_first_pass_pda($text, $uid, $open_tag, $close_tag, $close_tag_
 		$open_tag[0] = $open_tag_temp;
 		$open_tag_count = 1;
 	}
-	
+
 	$open_is_regexp = false;
-	
+
 	if ($open_regexp_replace)
 	{
 		$open_is_regexp = true;
@@ -362,12 +358,11 @@ function bbencode_first_pass_pda($text, $uid, $open_tag, $close_tag, $close_tag_
 			$open_regexp_replace[0] = $open_regexp_temp;
 		}
 	}
-	
+
 	if ($mark_lowest_level && $open_is_regexp)
 	{
 		message_die(GENERAL_ERROR, "Unsupported operation for bbcode_first_pass_pda().");
 	}
-	

 	// Start at the 2nd char of the string, looking for opening tags.
 	$curr_pos = 1;
@@ -383,29 +378,32 @@ function bbencode_first_pass_pda($text, $uid, $open_tag, $close_tag, $close_tag_
 			$found_start = false;
 			$which_start_tag = "";
 			$start_tag_index = -1;
+
 			for ($i = 0; $i < $open_tag_count; $i++)
 			{
 				// Grab everything until the first "]"...
-				$possible_start = substr($text, $curr_pos, strpos($text, "]", $curr_pos + 1) - $curr_pos + 1);
+				$possible_start = substr($text, $curr_pos, strpos($text, ']', $curr_pos + 1) - $curr_pos + 1);

 				//
 				// We're going to try and catch usernames with "[' characters.
 				//
-				if( preg_match('/\[quote\=\\\\"/si', $possible_start) && !preg_match('/\[quote=\\\\"[^"]*\\\\"\]/si', $possible_start) )
+				if( preg_match('#\[quote=\\\"#si', $possible_start, $match) && !preg_match('#\[quote=\\\"(.*?)\\\"\]#si', $possible_start) )
 				{
-					//
 					// OK we are in a quote tag that probably contains a ] bracket.
 					// Grab a bit more of the string to hopefully get all of it..
-					// 
-					$possible_start = substr($text, $curr_pos, strpos($text, "\"]", $curr_pos + 1) - $curr_pos + 2);
+					if ($close_pos = strpos($text, '"]', $curr_pos + 9))
+					{
+						if (strpos(substr($text, $curr_pos + 9, $close_pos - ($curr_pos + 9)), '[quote') === false)
+						{
+							$possible_start = substr($text, $curr_pos, $close_pos - $curr_pos + 2);
+						}
+					}
 				}
-				//
+
 				// Now compare, either using regexp or not.
-				
 				if ($open_is_regexp)
 				{
 					$match_result = array();
-					// PREG regexp comparison.
 					if (preg_match($open_tag[$i], $possible_start, $match_result))
 					{
 						$found_start = true;
@@ -433,7 +431,13 @@ function bbencode_first_pass_pda($text, $uid, $open_tag, $close_tag, $close_tag_
 				// Push its position, the text we matched, and its index in the open_tag array on to the stack, and then keep going to the right.
 				$match = array("pos" => $curr_pos, "tag" => $which_start_tag, "index" => $start_tag_index);
 				bbcode_array_push($stack, $match);
-				++$curr_pos;
+				//
+				// Rather than just increment $curr_pos
+				// Set it to the ending of the tag we just found
+				// Keeps error in nested tag from breaking out
+				// of table structure..
+				//
+				$curr_pos += strlen($possible_start);
 			}
 			else
 			{
@@ -477,20 +481,34 @@ function bbencode_first_pass_pda($text, $uid, $open_tag, $close_tag, $close_tag_
 						// Mark the lowest nesting level if needed.
 						if ($mark_lowest_level && ($curr_nesting_depth == 1))
 						{
+							if ($open_tag[0] == '[code]')
+							{
+								$code_entities_match = array('#<#', '#>#', '#"#', '#:#', '#\[#', '#\]#', '#\(#', '#\)#', '#\{#', '#\}#');
+								$code_entities_replace = array('&lt;', '&gt;', '&quot;', '&#58;', '&#91;', '&#93;', '&#40;', '&#41;', '&#123;', '&#125;');
+								$between_tags = preg_replace($code_entities_match, $code_entities_replace, $between_tags);
+							}
 							$text = $before_start_tag . substr($start_tag, 0, $start_length - 1) . ":$curr_nesting_depth:$uid]";
 							$text .= $between_tags . substr($close_tag_new, 0, $close_tag_new_length - 1) . ":$curr_nesting_depth:$uid]";
 						}
 						else
 						{
-							if ($open_is_regexp)
+							if ($open_tag[0] == '[code]')
 							{
-								$text = $before_start_tag . $start_tag;
+								$text = $before_start_tag . '&#91;code&#93;';
+								$text .= $between_tags . '&#91;/code&#93;';
 							}
 							else
 							{
-								$text = $before_start_tag . substr($start_tag, 0, $start_length - 1) . ":$uid]";
+								if ($open_is_regexp)
+								{
+									$text = $before_start_tag . $start_tag;
+								}
+								else
+								{
+									$text = $before_start_tag . substr($start_tag, 0, $start_length - 1) . ":$uid]";
+								}
+								$text .= $between_tags . substr($close_tag_new, 0, $close_tag_new_length - 1) . ":$uid]";
 							}
-							$text .= $between_tags . substr($close_tag_new, 0, $close_tag_new_length - 1) . ":$uid]";
 						}

 						$text .= $after_end_tag;
@@ -502,8 +520,8 @@ function bbencode_first_pass_pda($text, $uid, $open_tag, $close_tag, $close_tag_
 						{
 							$match = bbcode_array_pop($stack);
 							$curr_pos = $match['pos'];
-							bbcode_array_push($stack, $match);
-							++$curr_pos;
+//							bbcode_array_push($stack, $match);
+//							++$curr_pos;
 						}
 						else
 						{
@@ -552,15 +570,18 @@ function bbencode_second_pass_code($text, $uid, $bbcode_tpl)
 	{
 		$before_replace = $matches[1][$i];
 		$after_replace = $matches[1][$i];
-		
+
 		// Replace 2 spaces with "&nbsp; " so non-tabbed code indents without making huge long lines.
 		$after_replace = str_replace("  ", "&nbsp; ", $after_replace);
 		// now Replace 2 spaces with " &nbsp;" to catch odd #s of spaces.
 		$after_replace = str_replace("  ", " &nbsp;", $after_replace);
-		
+
 		// Replace tabs with "&nbsp; &nbsp;" so tabbed code indents sorta right without making huge long lines.
 		$after_replace = str_replace("\t", "&nbsp; &nbsp;", $after_replace);

+		// now Replace space occurring at the beginning of a line
+		$after_replace = preg_replace("/^ {1}/m", '&nbsp;', $after_replace);
+
 		$str_to_match = "[code:1:$uid]" . $before_replace . "[/code:1:$uid]";

 		$replacement = $code_start_html;
@@ -595,24 +616,22 @@ function make_clickable($text)
 {

 	// pad it with a space so we can match things at the start of the 1st line.
-	$ret = " " . $text;
+	$ret = ' ' . $text;

 	// matches an "xxxx://yyyy" URL at the start of a line, or after a space.
 	// xxxx can only be alpha characters.
-	// yyyy is anything up to the first space, newline, or comma.
-	$ret = preg_replace("#([\n ])([a-z]+?)://([^,\t \n\r]+)#i", "\\1<a href=\"\\2://\\3\" target=\"_blank\">\\2://\\3</a>", $ret);
+	// yyyy is anything up to the first space, newline, comma, double quote or <
+	$ret = preg_replace("#(^|[\n ])([\w]+?://[^ \"\n\r\t<]*)#is", "\\1<a href=\"\\2\" target=\"_blank\">\\2</a>", $ret);

-	// matches a "www.xxxx.yyyy[/zzzz]" kinda lazy URL thing
+	// matches a "www|ftp.xxxx.yyyy[/zzzz]" kinda lazy URL thing
 	// Must contain at least 2 dots. xxxx contains either alphanum, or "-"
-	// yyyy contains either alphanum, "-", or "."
-	// zzzz is optional.. will contain everything up to the first space, newline, or comma.
-	// This is slightly restrictive - it's not going to match stuff like "forums.foo.com"
-	// This is to keep it from getting annoying and matching stuff that's not meant to be a link.
-	$ret = preg_replace("#([\n ])www\.([a-z0-9\-]+)\.([a-z0-9\-.\~]+)((?:/[^,\t \n\r]*)?)#i", "\\1<a href=\"http://www.\\2.\\3\\4\" target=\"_blank\">www.\\2.\\3\\4</a>", $ret);
+	// zzzz is optional.. will contain everything up to the first space, newline, 
+	// comma, double quote or <.
+	$ret = preg_replace("#(^|[\n ])((www|ftp)\.[^ \"\t\n\r<]*)#is", "\\1<a href=\"http://\\2\" target=\"_blank\">\\2</a>", $ret);

 	// matches an email@domain type address at the start of a line, or after a space.
 	// Note: Only the followed chars are valid; alphanums, "-", "_" and or ".".
-	$ret = preg_replace("#([\n ])([a-z0-9\-_.]+?)@([\w\-]+\.([\w\-\.]+\.)?[\w]+)#i", "\\1<a href=\"mailto:\\2@\\3\">\\2@\\3</a>", $ret);
+	$ret = preg_replace("#(^|[\n ])([a-z0-9&\-_.]+?)@([\w\-]+\.([\w\-\.]+\.)*[\w]+)#i", "\\1<a href=\"mailto:\\2@\\3\">\\2@\\3</a>", $ret);

 	// Remove our padding..
 	$ret = substr($ret, 1);
@@ -718,39 +737,38 @@ function bbcode_array_pop(&$stack)
 //
 function smilies_pass($message)
 {
-	global $db, $board_config;
-	static $smilies;
+	static $orig, $repl;

-	if( empty($smilies) )
+	if (!isset($orig))
 	{
-		$sql = "SELECT code, smile_url
-			FROM " . SMILIES_TABLE;
+		global $db, $board_config;
+		$orig = $repl = array();
+
+		$sql = 'SELECT * FROM ' . SMILIES_TABLE;
 		if( !$result = $db->sql_query($sql) )
 		{
 			message_die(GENERAL_ERROR, "Couldn't obtain smilies data", "", __LINE__, __FILE__, $sql);
 		}
+		$smilies = $db->sql_fetchrowset($result);

-		if( !$db->sql_numrows($result) )
+		if (count($smilies))
 		{
-			return $message;
+			usort($smilies, 'smiley_sort');
 		}

-		$smilies = $db->sql_fetchrowset($result);
+		for ($i = 0; $i < count($smilies); $i++)
+		{
+			$orig[] = "/(?<=.\W|\W.|^\W)" . phpbb_preg_quote($smilies[$i]['code'], "/") . "(?=.\W|\W.|\W$)/";
+			$repl[] = '<img src="'. $board_config['smilies_path'] . '/' . $smilies[$i]['smile_url'] . '" alt="' . $smilies[$i]['emoticon'] . '" border="0" />';
+		}
 	}

-	usort($smilies, 'smiley_sort');
-	for($i = 0; $i < count($smilies); $i++)
-	{
-		$orig[] = "/(?<=.\\W|\\W.|^\\W)" . phpbb_preg_quote($smilies[$i]['code'], "/") . "(?=.\\W|\\W.|\\W$)/";
-		$repl[] = '<img src="'. $board_config['smilies_path'] . '/' . $smilies[$i]['smile_url'] . '" alt="' . $smilies[$i]['smile_url'] . '" border="0" />';
-	}
-
-	if( $i > 0 )
+	if (count($orig))
 	{
 		$message = preg_replace($orig, $repl, ' ' . $message . ' ');
 		$message = substr($message, 1, -1);
 	}
-
+	
 	return $message;
 }

@@ -764,5 +782,4 @@ function smiley_sort($a, $b)
 	return ( strlen($a['code']) > strlen($b['code']) ) ? -1 : 1;
 }

-
 ?>
--- a/phpBB/includes/constants.php
+++ b/phpBB/includes/constants.php
@@ -26,8 +26,8 @@ if ( !defined('IN_PHPBB') )
 }

 // Debug Level
-define('DEBUG', 1); // Debugging on
-//define('DEBUG', 0); // Debugging off
+//define('DEBUG', 1); // Debugging on
+define('DEBUG', 1); // Debugging off


 // User Levels <- Do not change the values of USER or ADMIN
@@ -148,6 +148,7 @@ define('AUTH_ATTACH', 11);


 // Table names
+define('CONFIRM_TABLE', $table_prefix.'confirm');
 define('AUTH_ACCESS_TABLE', $table_prefix.'auth_access');
 define('BANLIST_TABLE', $table_prefix.'banlist');
 define('CATEGORIES_TABLE', $table_prefix.'categories');
@@ -178,4 +179,4 @@ define('VOTE_DESC_TABLE', $table_prefix.'vote_desc');
 define('VOTE_RESULTS_TABLE', $table_prefix.'vote_results');
 define('VOTE_USERS_TABLE', $table_prefix.'vote_voters');

-?>
+?>
--- a/phpBB/includes/emailer.php
+++ b/phpBB/includes/emailer.php
@@ -26,209 +26,255 @@
 //
 class emailer
 {
-	var $tpl_file;
+	var $msg, $subject, $extra_headers;
+	var $addresses, $reply_to, $from;
 	var $use_smtp;
-	var $msg;
-	var $mimeOut;
-	var $arrPlaceHolders = array();	// an associative array that has the key = placeHolderName and val = placeHolderValue.
-	var $subject, $extra_headers, $address;
+
+	var $tpl_msg = array();

 	function emailer($use_smtp)
 	{
+		$this->reset();
 		$this->use_smtp = $use_smtp;
-		$this->tpl_file = NULL;
-		$this->address = NULL;
- 		$this->msg = "";
-	   $this->mimeOut = "";
+		$this->reply_to = $this->from = '';
 	}

-	//
 	// Resets all the data (address, template file, etc etc to default
-	//
 	function reset()
 	{
-		$this->tpl_file = "";
-		$this->address = "";
-		$this->msg = "";
-		$this->memOut = "";
-		$this->vars = "";
+		$this->addresses = array();
+		$this->vars = $this->msg = $this->extra_headers = '';
 	}

-	//
 	// Sets an email address to send to
-	//
 	function email_address($address)
 	{
-
-		$success = true;
-
-		$this->address = '';
-		$this->address .= $address;
-
-		return $success;
+		$this->addresses['to'] = trim($address);
+	}
+
+	function cc($address)
+	{
+		$this->addresses['cc'][] = trim($address);
+	}
+
+	function bcc($address)
+	{
+		$this->addresses['bcc'][] = trim($address);
+	}
+
+	function replyto($address)
+	{
+		$this->reply_to = trim($address);
+	}
+
+	function from($address)
+	{
+		$this->from = trim($address);
 	}

-	//
 	// set up subject for mail
-	//
 	function set_subject($subject = '')
 	{
-		$this->subject = $subject;
+		$this->subject = trim(preg_replace('#[\n\r]+#s', '', $subject));
 	}

-	//
 	// set up extra mail headers
-	//
 	function extra_headers($headers)
 	{
-		$this->extra_headers = $headers;
+		$this->extra_headers .= trim($headers) . "\n";
 	}

-	function use_template($template_file, $template_lang = "")
+	function use_template($template_file, $template_lang = '')
 	{
 		global $board_config, $phpbb_root_path;

-		if( $template_lang == "" )
+		if (trim($template_file) == '')
+		{
+			message_die(GENERAL_ERROR, 'No template file set', '', __LINE__, __FILE__);
+		}
+
+		if (trim($template_lang) == '')
 		{
 			$template_lang = $board_config['default_lang'];
 		}

-		$template_file = $phpbb_root_path . "language/lang_" . $template_lang . "/email/" . $template_file . ".tpl";
-		if( !file_exists($template_file) )
+		if (empty($this->tpl_msg[$template_lang . $template_file]))
 		{
-			message_die(GENERAL_ERROR, "Couldn't find template file: $template_file", "", __LINE__, __FILE__);
-		}
-		else
-		{
-			$this->tpl_file = $template_file;
-			if( !$this->load_msg() )
+			$tpl_file = $phpbb_root_path . 'language/lang_' . $template_lang . '/email/' . $template_file . '.tpl';
+
+			if (!@file_exists(@phpbb_realpath($tpl_file)))
 			{
-				message_die(GENERAL_ERROR, "Couldn't load template file: $template_file", "", __LINE__, __FILE__);
+				$tpl_file = $phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/email/' . $template_file . '.tpl';
+
+				if (!@file_exists(@phpbb_realpath($tpl_file)))
+				{
+					message_die(GENERAL_ERROR, 'Could not find email template file :: ' . $template_file, '', __LINE__, __FILE__);
+				}
 			}
+
+			if (!($fd = @fopen($tpl_file, 'r')))
+			{
+				message_die(GENERAL_ERROR, 'Failed opening template file :: ' . $tpl_file, '', __LINE__, __FILE__);
+			}
+
+			$this->tpl_msg[$template_lang . $template_file] = fread($fd, filesize($tpl_file));
+			fclose($fd);
 		}

-		return TRUE;
-	}
-
-	//
-	// Open the template file and read in the message
-	//
-	function load_msg()
-	{
-		if ($this->tpl_file == NULL)
-		{
-			message_die(GENERAL_ERROR, "No template file set", "", __LINE__, __FILE__);
-		}
-		else
-		{
-			if(!($fd = fopen($this->tpl_file, 'r')))
-			{
-				message_die(GENERAL_ERROR, "fopen failed opening template file", "", __LINE__, __FILE__);
-			}
-			else
-			{
-				$this->msg .= fread($fd, filesize($this->tpl_file));
-				fclose($fd);
-			}
-		}
-		return TRUE;
+		$this->msg = $this->tpl_msg[$template_lang . $template_file];
+
+		return true;
 	}

+	// assign variables
 	function assign_vars($vars)
 	{
-		if(empty($this->vars))
-		{
-			$this->vars = $vars;
-		}
-		else
-		{
-			$this->vars .= $vars;
-		}
+		$this->vars = (empty($this->vars)) ? $vars : $this->vars . $vars;
 	}

-	function parse_email()
+	// Send the mail out to the recipients set previously in var $this->address
+	function send()
 	{
-		@reset($this->vars);
-		while (list($key, $val) = @each($this->vars))
-		{
-			$$key = $val;
-		}
+		global $board_config, $lang, $phpEx, $phpbb_root_path, $db;

    	// Escape all quotes, else the eval will fail.
 		$this->msg = str_replace ("'", "\'", $this->msg);
 		$this->msg = preg_replace('#\{([a-z0-9\-_]*?)\}#is', "' . $\\1 . '", $this->msg);

+		// Set vars
+		reset ($this->vars);
+		while (list($key, $val) = each($this->vars)) 
+		{
+			$$key = $val;
+		}
+
 		eval("\$this->msg = '$this->msg';");

-		//
+		// Clear vars
+		reset ($this->vars);
+		while (list($key, $val) = each($this->vars)) 
+		{
+			unset($$key);
+		}
+
 		// We now try and pull a subject from the email body ... if it exists,
 		// do this here because the subject may contain a variable
-		//
+		$drop_header = '';
 		$match = array();
-		preg_match("/^(Subject:(.*?)[\r\n]+?)?(.*?)$/is", $this->msg, $match);
-
-		$this->msg = ( isset($match[3]) ) ? trim($match[3]) : '';
-		$this->subject = ( $this->subject != '' ) ? $this->subject : trim($match[2]);
-
-		return TRUE;
-	}
-
-	//
-	// Send the mail out to the recipients set previously in var $this->address
-	//
-	function send()
-	{
-		global $phpEx, $phpbb_root_dir;
-
-		if (isset($phpbb_root_dir))
+		if (preg_match('#^(Subject:(.*?))$#m', $this->msg, $match))
 		{
-			// we must be in the admin section.
-			$phpbb_root_path = $phpbb_root_dir;
+			$this->subject = (trim($match[2]) != '') ? trim($match[2]) : (($this->subject != '') ? $this->subject : 'No Subject');
+			$drop_header .= '[\r\n]*?' . phpbb_preg_quote($match[1], '#');
 		}
 		else
 		{
-			$phpbb_root_path = "./";
+			$this->subject = (($this->subject != '') ? $this->subject : 'No Subject');
 		}

-		if ($this->address == NULL)
+		if (preg_match('#^(Charset:(.*?))$#m', $this->msg, $match))
 		{
-			message_die(GENERAL_ERROR, "No email address set", "", __LINE__, __FILE__);
+			$this->encoding = (trim($match[2]) != '') ? trim($match[2]) : trim($lang['ENCODING']);
+			$drop_header .= '[\r\n]*?' . phpbb_preg_quote($match[1], '#');
 		}
 		else
 		{
-			if(!$this->parse_email())
+			$this->encoding = trim($lang['ENCODING']);
+		}
+
+		if ($drop_header != '')
+		{
+			$this->msg = trim(preg_replace('#' . $drop_header . '#s', '', $this->msg));
+		}
+
+		$to = $this->addresses['to'];
+
+		$cc = (count($this->addresses['cc'])) ? implode(', ', $this->addresses['cc']) : '';
+		$bcc = (count($this->addresses['bcc'])) ? implode(', ', $this->addresses['bcc']) : '';
+
+		// Build header
+		$this->extra_headers = (($this->reply_to != '') ? "Reply-to: $this->reply_to\n" : '') . (($this->from != '') ? "From: $this->from\n" : "From: " . $board_config['board_email'] . "\n") . "Return-Path: " . $board_config['board_email'] . "\nMessage-ID: <" . md5(uniqid(time())) . "@" . $board_config['server_name'] . ">\nMIME-Version: 1.0\nContent-type: text/plain; charset=" . $this->encoding . "\nContent-transfer-encoding: 8bit\nDate: " . date('r', time()) . "\nX-Priority: 3\nX-MSMail-Priority: Normal\nX-Mailer: PHP\nX-MimeOLE: Produced By phpBB2\n" . $this->extra_headers . (($cc != '') ? "Cc: $cc\n" : '')  . (($bcc != '') ? "Bcc: $bcc\n" : ''); 
+
+		// Send message ... removed $this->encode() from subject for time being
+		if ( $this->use_smtp )
+		{
+			if ( !defined('SMTP_INCLUDED') ) 
 			{
-				return FALSE;
+				include($phpbb_root_path . 'includes/smtp.' . $phpEx);
 			}
-			if($this->use_smtp)
+
+			$result = smtpmail($to, $this->subject, $this->msg, $this->extra_headers);
+		}
+		else
+		{
+			$empty_to_header = ($to == '') ? TRUE : FALSE;
+			$to = ($to == '') ? (($board_config['sendmail_fix']) ? ' ' : 'Undisclosed-recipients:;') : $to;
+	
+			$result = @mail($to, $this->subject, preg_replace("#(?<!\r)\n#s", "\n", $this->msg), $this->extra_headers);
+			
+			if (!$result && !$board_config['sendmail_fix'] && $empty_to_header)
 			{
-				if(!defined('SMTP_INCLUDED')) 
+				$to = ' ';
+
+				$sql = "UPDATE " . CONFIG_TABLE . " 
+					SET config_value = '1'
+					WHERE config_name = 'sendmail_fix'";
+				if (!$db->sql_query($sql))
 				{
-					include($phpbb_root_path . "includes/smtp.".$phpEx);
+					message_die(GENERAL_ERROR, 'Unable to update config table', '', __LINE__, __FILE__, $sql);
 				}
-				if(!smtpmail($this->address, $this->subject, $this->msg, $this->extra_headers))
-				{
-					message_die(GENERAL_ERROR, "Sending via SMTP failed", "", __LINE__, __FILE__);
-				}
-			}
-			else
-			{
-				@mail($this->address, $this->subject, $this->msg, $this->extra_headers);
+
+				$board_config['sendmail_fix'] = 1;
+				$result = @mail($to, $this->subject, preg_replace("#(?<!\r)\n#s", "\n", $this->msg), $this->extra_headers);
 			}
 		}

-		return TRUE;
+		// Did it work?
+		if (!$result)
+		{
+			message_die(GENERAL_ERROR, 'Failed sending email :: ' . (($this->use_smtp) ? 'SMTP' : 'PHP') . ' :: ' . $result, '', __LINE__, __FILE__);
+		}
+
+		return true;
 	}

+	// Encodes the given string for proper display for this encoding ... nabbed 
+	// from php.net and modified. There is an alternative encoding method which 
+	// may produce lesd output but it's questionable as to its worth in this 
+	// scenario IMO
+	function encode($str)
+	{
+		if ($this->encoding == '')
+		{
+			return $str;
+		}
+
+		// define start delimimter, end delimiter and spacer
+		$end = "?=";
+		$start = "=?$this->encoding?B?";
+		$spacer = "$end\r\n $start";
+
+		// determine length of encoded text within chunks and ensure length is even
+		$length = 75 - strlen($start) - strlen($end);
+		$length = floor($length / 2) * 2;
+
+		// encode the string and split it into chunks with spacers after each chunk
+		$str = chunk_split(base64_encode($str), $length, $spacer);
+
+		// remove trailing spacer and add start and end delimiters
+		$str = preg_replace('#' . phpbb_preg_quote($spacer, '#') . '$#', '', $str);
+
+		return $start . $str . $end;
+	}

 	//
-   // Attach files via MIME.
+	// Attach files via MIME.
 	//
-	function attachFile($filename, $mimetype="application/octet-stream", $szFromAddress, $szFilenameToDisplay)
+	function attachFile($filename, $mimetype = "application/octet-stream", $szFromAddress, $szFilenameToDisplay)
 	{
+		global $lang;
 		$mime_boundary = "--==================_846811060==_";

-		$this->mailMsg = "--".$mime_boundary."\nContent-Type: text/plain;\n\tcharset=\"iso-8859-1\"\n\n".$this->mailMsg;
+		$this->msg = '--' . $mime_boundary . "\nContent-Type: text/plain;\n\tcharset=\"" . $lang['ENCODING'] . "\"\n\n" . $this->msg;

 		if ($mime_filename)
 		{
@@ -244,11 +290,11 @@ class emailer
 		$this->mimeOut .= "Content-Transfer-Encoding: quoted-printable\n";
 		$this->mimeOut .= "Content-Disposition: attachment;\n\tfilename=\"$szFilenameToDisplay\"\n\n";

-		if ($mimetype == "message/rfc822")
+		if ( $mimetype == "message/rfc822" )
 		{
 			$this->mimeOut .= "From: ".$szFromAddress."\n";
 			$this->mimeOut .= "To: ".$this->emailAddress."\n";
-			$this->mimeOut .= "Date: ".date("D, d M Y G:i:s ").$this->getTimeZoneInEmailFormat()."\n";
+			$this->mimeOut .= "Date: ".date("D, d M Y H:i:s") . " UT\n";
 			$this->mimeOut .= "Reply-To:".$szFromAddress."\n";
 			$this->mimeOut .= "Subject: ".$this->mailSubject."\n";
 			$this->mimeOut .= "X-Mailer: PHP/".phpversion()."\n";
@@ -311,7 +357,7 @@ class emailer
 	//
 	function encode_file($sourcefile)
 	{
-		if (is_readable($sourcefile))
+		if (is_readable(phpbb_realpath($sourcefile)))
 		{
 			$fd = fopen($sourcefile, "r");
 			$contents = fread($fd, filesize($sourcefile));
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@@ -74,14 +74,62 @@ function get_db_stat($mode)
 	return false;
 }

-function get_userdata($user)
+// added at phpBB 2.0.11 to properly format the username
+function phpbb_clean_username($username)
+{
+	$username = substr(htmlspecialchars(str_replace("\'", "'", trim($username))), 0, 25);
+	$username = phpbb_rtrim($username, "\\");	
+	$username = str_replace("'", "\'", $username);
+
+	return $username;
+}
+
+// added at phpBB 2.0.12 to fix a bug in PHP 4.3.10 (only supporting charlist in php >= 4.1.0)
+function phpbb_rtrim($str, $charlist = false)
+{
+	if ($charlist === false)
+	{
+		return rtrim($str);
+	}
+	
+	$php_version = explode('.', PHP_VERSION);
+
+	// php version < 4.1.0
+	if ((int) $php_version[0] < 4 || ((int) $php_version[0] == 4 && (int) $php_version[1] < 1))
+	{
+		while ($str{strlen($str)-1} == $charlist)
+		{
+			$str = substr($str, 0, strlen($str)-1);
+		}
+	}
+	else
+	{
+		$str = rtrim($str, $charlist);
+	}
+
+	return $str;
+}
+
+//
+// Get Userdata, $user can be username or user_id. If force_str is true, the username will be forced.
+//
+function get_userdata($user, $force_str = false)
 {
 	global $db;

+	if (intval($user) == 0 || $force_str)
+	{
+		$user = phpbb_clean_username($user);
+	}
+	else
+	{
+		$user = intval($user);
+	}
+
 	$sql = "SELECT *
 		FROM " . USERS_TABLE . " 
 		WHERE ";
-	$sql .= ( ( is_integer($user) ) ? "user_id = $user" : "username = '" .  str_replace("\'", "''", $user) . "'" ) . " AND user_id <> " . ANONYMOUS;
+	$sql .= ( ( is_integer($user) ) ? "user_id = $user" : "username = '" .  $user . "'" ) . " AND user_id <> " . ANONYMOUS;
 	if ( !($result = $db->sql_query($sql)) )
 	{
 		message_die(GENERAL_ERROR, 'Tried obtaining data for a non-existent user', '', __LINE__, __FILE__, $sql);
@@ -92,7 +140,9 @@ function get_userdata($user)

 function make_jumpbox($action, $match_forum_id = 0)
 {
-	global $template, $lang, $db, $SID, $nav_links, $phpEx;
+	global $template, $userdata, $lang, $db, $nav_links, $phpEx, $SID;
+
+//	$is_auth = auth(AUTH_VIEW, AUTH_LIST_ALL, $userdata);

 	$sql = "SELECT c.cat_id, c.cat_title, c.cat_order
 		FROM " . CATEGORIES_TABLE . " c, " . FORUMS_TABLE . " f
@@ -120,7 +170,7 @@ function make_jumpbox($action, $match_forum_id = 0)
 			message_die(GENERAL_ERROR, 'Could not obtain forums information', '', __LINE__, __FILE__, $sql);
 		}

-		$boxstring = '<select name="' . POST_FORUM_URL . '" onChange="if(this.options[this.selectedIndex].value != -1){ forms[\'jumpbox\'].submit() }"><option value="-1">' . $lang['Select_forum'] . '</option>';
+		$boxstring = '<select name="' . POST_FORUM_URL . '" onchange="if(this.options[this.selectedIndex].value != -1){ forms[\'jumpbox\'].submit() }"><option value="-1">' . $lang['Select_forum'] . '</option>';

 		$forum_rows = array();
 		while ( $row = $db->sql_fetchrow($result) )
@@ -137,6 +187,9 @@ function make_jumpbox($action, $match_forum_id = 0)
 				{
 					if ( $forum_rows[$j]['cat_id'] == $category_rows[$i]['cat_id'] && $forum_rows[$j]['auth_view'] <= AUTH_REG )
 					{
+
+//					if ( $forum_rows[$j]['cat_id'] == $category_rows[$i]['cat_id'] && $is_auth[$forum_rows[$j]['forum_id']]['auth_view'] )
+//					{
 						$selected = ( $forum_rows[$j]['forum_id'] == $match_forum_id ) ? 'selected="selected"' : '';
 						$boxstring_forums .=  '<option value="' . $forum_rows[$j]['forum_id'] . '"' . $selected . '>' . $forum_rows[$j]['forum_name'] . '</option>';

@@ -166,13 +219,14 @@ function make_jumpbox($action, $match_forum_id = 0)
 	}
 	else
 	{
-		$boxstring .= '<select name="' . POST_FORUM_URL . '" onChange="if(this.options[this.selectedIndex].value != -1){ forms[\'jumpbox\'].submit() }"></select>';
+		$boxstring .= '<select name="' . POST_FORUM_URL . '" onchange="if(this.options[this.selectedIndex].value != -1){ forms[\'jumpbox\'].submit() }"></select>';
 	}

-	if ( isset($SID) )
-	{
-		$boxstring .= '<input type="hidden" name="sid" value="' . $SID . '" />';
-	}
+	// Let the jumpbox work again in sites having additional session id checks.
+//	if ( !empty($SID) )
+//	{
+		$boxstring .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />';
+//	}

 	$template->set_filenames(array(
 		'jumpbox' => 'jumpbox.tpl')
@@ -196,6 +250,7 @@ function init_userprefs($userdata)
 {
 	global $board_config, $theme, $images;
 	global $template, $lang, $phpEx, $phpbb_root_path;
+	global $nav_links;

 	if ( $userdata['user_id'] != ANONYMOUS )
 	{
@@ -215,7 +270,7 @@ function init_userprefs($userdata)
 		}
 	}

-	if ( !file_exists($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_main.'.$phpEx) )
+	if ( !file_exists(@phpbb_realpath($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_main.'.$phpEx)) )
 	{
 		$board_config['default_lang'] = 'english';
 	}
@@ -224,7 +279,7 @@ function init_userprefs($userdata)

 	if ( defined('IN_ADMIN') )
 	{
-		if( !file_exists($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_admin.'.$phpEx) )
+		if( !file_exists(@phpbb_realpath($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_admin.'.$phpEx)) )
 		{
 			$board_config['default_lang'] = 'english';
 		}
@@ -248,6 +303,29 @@ function init_userprefs($userdata)

 	$theme = setup_style($board_config['default_style']);

+	//
+	// Mozilla navigation bar
+	// Default items that should be valid on all pages.
+	// Defined here to correctly assign the Language Variables
+	// and be able to change the variables within code.
+	//
+	$nav_links['top'] = array ( 
+		'url' => append_sid($phpbb_root_path . 'index.' . $phpEx),
+		'title' => sprintf($lang['Forum_Index'], $board_config['sitename'])
+	);
+	$nav_links['search'] = array ( 
+		'url' => append_sid($phpbb_root_path . 'search.' . $phpEx),
+		'title' => $lang['Search']
+	);
+	$nav_links['help'] = array ( 
+		'url' => append_sid($phpbb_root_path . 'faq.' . $phpEx),
+		'title' => $lang['FAQ']
+	);
+	$nav_links['author'] = array ( 
+		'url' => append_sid($phpbb_root_path . 'memberlist.' . $phpEx),
+		'title' => $lang['Memberlist']
+	);
+
 	return;
 }

@@ -271,7 +349,7 @@ function setup_style($style)
 	$template_path = 'templates/' ;
 	$template_name = $row['template_name'] ;

-	$template = new Template($phpbb_root_path . $template_path . $template_name, $board_config, $db);
+	$template = new Template($phpbb_root_path . $template_path . $template_name);

 	if ( $template )
 	{
@@ -283,7 +361,7 @@ function setup_style($style)
 			message_die(CRITICAL_ERROR, "Could not open $template_name template config file", '', __LINE__, __FILE__);
 		}

-		$img_lang = ( file_exists($current_template_path . '/images/lang_' . $board_config['default_lang']) ) ? $board_config['default_lang'] : 'english';
+		$img_lang = ( file_exists(@phpbb_realpath($phpbb_root_path . $current_template_path . '/images/lang_' . $board_config['default_lang'])) ) ? $board_config['default_lang'] : 'english';

 		while( list($key, $value) = @each($images) )
 		{
@@ -491,10 +569,18 @@ function obtain_word_list(&$orig_word, &$replacement_word)
 //
 function message_die($msg_code, $msg_text = '', $msg_title = '', $err_line = '', $err_file = '', $sql = '')
 {
-	global $db, $template, $board_config, $theme, $lang, $phpEx, $phpbb_root_path, $nav_links;
+	global $db, $template, $board_config, $theme, $lang, $phpEx, $phpbb_root_path, $nav_links, $gen_simple_header, $images;
 	global $userdata, $user_ip, $session_length;
 	global $starttime;

+	if(defined('HAS_DIED'))
+	{
+		die("message_die() was called multiple times. This isn't supposed to happen. Was message_die() used in page_tail.php?");
+	}
+	
+	define(HAS_DIED, 1);
+	
+
 	$sql_store = $sql;
 	
 	//
@@ -519,7 +605,7 @@ function message_die($msg_code, $msg_text = '', $msg_title = '', $err_line = '',

 		if ( $err_line != '' && $err_file != '' )
 		{
-			$debug_text .= '</br /><br />Line : ' . $err_line . '<br />File : ' . $err_file;
+			$debug_text .= '</br /><br />Line : ' . $err_line . '<br />File : ' . basename($err_file);
 		}
 	}

@@ -594,6 +680,7 @@ function message_die($msg_code, $msg_text = '', $msg_title = '', $err_line = '',
 			{
 				$msg_title = $lang['General_Error'];
 			}
+			break;

 		case CRITICAL_ERROR:
 			//
@@ -670,4 +757,51 @@ function message_die($msg_code, $msg_text = '', $msg_title = '', $err_line = '',
 	exit;
 }

+//
+// This function is for compatibility with PHP 4.x's realpath()
+// function.  In later versions of PHP, it needs to be called
+// to do checks with some functions.  Older versions of PHP don't
+// seem to need this, so we'll just return the original value.
+// dougk_ff7 <October 5, 2002>
+function phpbb_realpath($path)
+{
+	global $phpbb_root_path, $phpEx;
+
+	return (!@function_exists('realpath') || !@realpath($phpbb_root_path . 'includes/functions.'.$phpEx)) ? $path : @realpath($path);
+}
+
+function redirect($url)
+{
+	global $db, $board_config;
+
+	if (!empty($db))
+	{
+		$db->sql_close();
+	}
+
+	if (strstr(urldecode($url), "\n") || strstr(urldecode($url), "\r"))
+	{
+		message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.');
+	}
+
+	$server_protocol = ($board_config['cookie_secure']) ? 'https://' : 'http://';
+	$server_name = preg_replace('#^\/?(.*?)\/?$#', '\1', trim($board_config['server_name']));
+	$server_port = ($board_config['server_port'] <> 80) ? ':' . trim($board_config['server_port']) : '';
+	$script_name = preg_replace('#^\/?(.*?)\/?$#', '\1', trim($board_config['script_path']));
+	$script_name = ($script_name == '') ? $script_name : '/' . $script_name;
+	$url = preg_replace('#^\/?(.*?)\/?$#', '/\1', trim($url));
+
+	// Redirect via an HTML form for PITA webservers
+	if (@preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')))
+	{
+		header('Refresh: 0; URL=' . $server_protocol . $server_name . $server_port . $script_name . $url);
+		echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><meta http-equiv="refresh" content="0; url=' . $server_protocol . $server_name . $server_port . $script_name . $url . '"><title>Redirect</title></head><body><div align="center">If your browser does not support meta redirection please click <a href="' . $server_protocol . $server_name . $server_port . $script_name . $url . '">HERE</a> to be redirected</div></body></html>';
+		exit;
+	}
+
+	// Behave as per HTTP/1.1 spec for others
+	header('Location: ' . $server_protocol . $server_name . $server_port . $script_name . $url);
+	exit;
+}
+
 ?>
--- a/phpBB/includes/functions_admin.php
+++ b/phpBB/includes/functions_admin.php
@@ -24,7 +24,7 @@
 //
 // Simple version of jumpbox, just lists authed forums
 //
-function make_forum_select($box_name, $ignore_forum = false)
+function make_forum_select($box_name, $ignore_forum = false, $select_forum = '')
 {
 	global $db, $userdata;

@@ -43,7 +43,8 @@ function make_forum_select($box_name, $ignore_forum = false)
 	{
 		if ( $is_auth_ary[$row['forum_id']]['auth_read'] && $ignore_forum != $row['forum_id'] )
 		{
-			$forum_list .= '<option value="' . $row['forum_id'] . '">' . $row['forum_name'] . '</option>';
+			$selected = ( $select_forum == $row['forum_id'] ) ? ' selected="selected"' : '';
+			$forum_list .= '<option value="' . $row['forum_id'] . '"' . $selected .'>' . $row['forum_name'] . '</option>';
 		}
 	}

@@ -55,7 +56,7 @@ function make_forum_select($box_name, $ignore_forum = false)
 //
 // Synchronise functions for forums/topics
 //
-function sync($type, $id)
+function sync($type, $id = false)
 {
 	global $db;

@@ -64,7 +65,7 @@ function sync($type, $id)
 		case 'all forums':
 			$sql = "SELECT forum_id
 				FROM " . FORUMS_TABLE;
-			if ( !$result = $db->sql_query($sql) )
+			if ( !($result = $db->sql_query($sql)) )
 			{
 				message_die(GENERAL_ERROR, 'Could not get forum IDs', '', __LINE__, __FILE__, $sql);
 			}
@@ -78,7 +79,7 @@ function sync($type, $id)
 		case 'all topics':
 			$sql = "SELECT topic_id
 				FROM " . TOPICS_TABLE;
-			if ( !$result = $db->sql_query($sql) )
+			if ( !($result = $db->sql_query($sql)) )
 			{
 				message_die(GENERAL_ERROR, 'Could not get topic ID', '', __LINE__, __FILE__, $sql);
 			}
@@ -90,12 +91,10 @@ function sync($type, $id)
 			break;

 	  	case 'forum':
-			$sql = "SELECT MAX(p.post_id) AS last_post, COUNT(p.post_id) AS total 
-				FROM " . POSTS_TABLE . " p, " . TOPICS_TABLE  . " t 
-				WHERE p.forum_id = $id 
-					AND t.topic_id = p.topic_id 
-					AND t.topic_status <> " . TOPIC_MOVED;
-			if ( !$result = $db->sql_query($sql) )
+			$sql = "SELECT MAX(post_id) AS last_post, COUNT(post_id) AS total 
+				FROM " . POSTS_TABLE . "  
+				WHERE forum_id = $id";
+			if ( !($result = $db->sql_query($sql)) )
 			{
 				message_die(GENERAL_ERROR, 'Could not get post ID', '', __LINE__, __FILE__, $sql);
 			}
@@ -113,9 +112,8 @@ function sync($type, $id)

 			$sql = "SELECT COUNT(topic_id) AS total
 				FROM " . TOPICS_TABLE . "
-				WHERE forum_id = $id 
-					AND topic_status <> " . TOPIC_MOVED;
-			if ( !$result = $db->sql_query($sql) )
+				WHERE forum_id = $id";
+			if ( !($result = $db->sql_query($sql)) )
 			{
 				message_die(GENERAL_ERROR, 'Could not get topic count', '', __LINE__, __FILE__, $sql);
 			}
@@ -135,22 +133,19 @@ function sync($type, $id)
 			$sql = "SELECT MAX(post_id) AS last_post, MIN(post_id) AS first_post, COUNT(post_id) AS total_posts
 				FROM " . POSTS_TABLE . "
 				WHERE topic_id = $id";
-			if ( !$result = $db->sql_query($sql) )
+			if ( !($result = $db->sql_query($sql)) )
 			{
 				message_die(GENERAL_ERROR, 'Could not get post ID', '', __LINE__, __FILE__, $sql);
 			}

 			if ( $row = $db->sql_fetchrow($result) )
 			{
-				$sql = "UPDATE " . TOPICS_TABLE . "
-					SET topic_replies = " . ( $row['total_posts'] - 1 ) . ", topic_first_post_id = " . $row['first_post'] . ", topic_last_post_id = " . $row['last_post'] . " 
-					WHERE topic_id = $id";
+				$sql = ( $row['total_posts'] ) ? "UPDATE " . TOPICS_TABLE . " SET topic_replies = " . ( $row['total_posts'] - 1 ) . ", topic_first_post_id = " . $row['first_post'] . ", topic_last_post_id = " . $row['last_post'] . " WHERE topic_id = $id" : "DELETE FROM " . TOPICS_TABLE . " WHERE topic_id = $id";
 				if ( !$db->sql_query($sql) )
 				{
 					message_die(GENERAL_ERROR, 'Could not update topic', '', __LINE__, __FILE__, $sql);
 				}
 			}
-
 			break;
 	}
 	
--- a/phpBB/includes/functions_post.php
+++ b/phpBB/includes/functions_post.php
@@ -20,12 +20,12 @@
 *
 ***************************************************************************/

-if ( !defined('IN_PHPBB') )
+if (!defined('IN_PHPBB'))
 {
-	die("Hacking attempt");
+	die('Hacking attempt');
 }

-$html_entities_match = array('#&#', '#<#', '#>#');
+$html_entities_match = array('#&(?!(\#[0-9]+;))#', '#<#', '#>#');
 $html_entities_replace = array('&amp;', '&lt;', '&gt;');

 $unhtml_specialchars_match = array('#&gt;#', '#&lt;#', '#&quot;#', '#&amp;#');
@@ -37,16 +37,14 @@ $unhtml_specialchars_replace = array('>', '<', '"', '&');
 //
 function prepare_message($message, $html_on, $bbcode_on, $smile_on, $bbcode_uid = 0)
 {
-	global $board_config;
-	global $html_entities_match, $html_entities_replace;
-	global $code_entities_match, $code_entities_replace;
+	global $board_config, $html_entities_match, $html_entities_replace;

 	//
 	// Clean up the message
 	//
 	$message = trim($message);

-	if ( $html_on )
+	if ($html_on)
 	{
 		$allowed_html_tags = split(',', $board_config['allow_html_tags']);

@@ -55,33 +53,32 @@ function prepare_message($message, $html_on, $bbcode_on, $smile_on, $bbcode_uid
 		$tmp_message = '';
 		$message = ' ' . $message . ' ';

-		while ( $start_html = strpos($message, '<', $start_html) )
+		while ($start_html = strpos($message, '<', $start_html))
 		{
-			$tmp_message .= preg_replace($html_entities_match, $html_entities_replace, substr($message, $end_html + 1, ( $start_html - $end_html - 1 )));
+			$tmp_message .= preg_replace($html_entities_match, $html_entities_replace, substr($message, $end_html + 1, ($start_html - $end_html - 1)));

-			if ( $end_html = strpos($message, '>', $start_html) )
+			if ($end_html = strpos($message, '>', $start_html))
 			{
 				$length = $end_html - $start_html + 1;
 				$hold_string = substr($message, $start_html, $length);

-				if ( ( $unclosed_open = strrpos(' ' . $hold_string, '<') ) != 1 )
+				if (($unclosed_open = strrpos(' ' . $hold_string, '<')) != 1)
 				{
 					$tmp_message .= preg_replace($html_entities_match, $html_entities_replace, substr($hold_string, 0, $unclosed_open - 1));
 					$hold_string = substr($hold_string, $unclosed_open - 1);
 				}

 				$tagallowed = false;
-				for($i = 0; $i < sizeof($allowed_html_tags); $i++)
+				for ($i = 0; $i < sizeof($allowed_html_tags); $i++)
 				{
 					$match_tag = trim($allowed_html_tags[$i]);
-
-					if ( preg_match('/^<\/?' . $match_tag . '\b/i', $hold_string) )
+					if (preg_match('#^<\/?' . $match_tag . '[> ]#i', $hold_string))
 					{
-						$tagallowed = true;
+						$tagallowed = (preg_match('#^<\/?' . $match_tag . ' .*?(style[\t ]*?=|on[\w]+[\t ]*?=)#i', $hold_string)) ? false : true;
 					}
 				}

-				$tmp_message .= ( $length && !$tagallowed ) ? preg_replace($html_entities_match, $html_entities_replace, $hold_string) : $hold_string;
+				$tmp_message .= ($length && !$tagallowed) ? preg_replace($html_entities_match, $html_entities_replace, $hold_string) : $hold_string;

 				$start_html += $length;
 			}
@@ -94,37 +91,20 @@ function prepare_message($message, $html_on, $bbcode_on, $smile_on, $bbcode_uid
 			}
 		}

-		if ( $end_html != strlen($message) && $tmp_message != '' )
+		if (!$end_html || ($end_html != strlen($message) && $tmp_message != ''))
 		{
 			$tmp_message .= preg_replace($html_entities_match, $html_entities_replace, substr($message, $end_html + 1));
 		}

-		$message = ( $tmp_message != '' ) ? trim($tmp_message) : trim($message);
+		$message = ($tmp_message != '') ? trim($tmp_message) : trim($message);
 	}
 	else
 	{
 		$message = preg_replace($html_entities_match, $html_entities_replace, $message);
 	}

-	if( $bbcode_on && $bbcode_uid != '' )
+	if($bbcode_on && $bbcode_uid != '')
 	{
-		$tmp_message = $message;
-		if ( ($match_count = preg_match_all('#^(.*?)\[code\](.*?)\[\/code\](.*?)$#is', $tmp_message, $match)) )
-		{
-			$code_entities_match = array('#<#', '#>#', '#"#', '#:#', '#\[#', '#\]#', '#\(#', '#\)#', '#\{#', '#\}#');
-			$code_entities_replace = array('&lt;', '&gt;', '&quot;', '&#58;', '&#91;', '&#93;', '&#40;', '&#41;', '&#123;', '&#125;');
-
-			$message = '';
-			
-			for($i = 0; $i < $match_count; $i++)
-			{
-				$message .= $match[1][$i] . '[code]' . preg_replace($code_entities_match, $code_entities_replace, $match[2][$i]) . '[/code]';
-				$tmp_message = $match[3][$i];
-			}
-
-			$message .= $tmp_message;
-		}
-		
 		$message = bbencode_first_pass($message, $bbcode_uid);
 	}

@@ -146,79 +126,83 @@ function prepare_post(&$mode, &$post_data, &$bbcode_on, &$html_on, &$smilies_on,
 	global $board_config, $userdata, $lang, $phpEx, $phpbb_root_path;

 	// Check username
-	if ( !empty($username) )
+	if (!empty($username))
 	{
-		$username = htmlspecialchars(trim(strip_tags($username)));
+		$username = phpbb_clean_username($username);

-		if ( !$userdata['session_logged_in'] || ( $userdata['session_logged_in'] && $username != $userdata['username'] ) )
+		if (!$userdata['session_logged_in'] || ($userdata['session_logged_in'] && $username != $userdata['username']))
 		{
 			include($phpbb_root_path . 'includes/functions_validate.'.$phpEx);

 			$result = validate_username($username);
-			if ( $result['error'] )
+			if ($result['error'])
 			{
-				$error_msg .= ( !empty($error_msg) ) ? '<br />' . $result['error_msg'] : $result['error_msg'];
+				$error_msg .= (!empty($error_msg)) ? '<br />' . $result['error_msg'] : $result['error_msg'];
 			}
 		}
+		else
+		{
+			$username = '';
+		}
 	}

 	// Check subject
-	if ( !empty($subject) )
+	if (!empty($subject))
 	{
 		$subject = htmlspecialchars(trim($subject));
 	}
-	else if ( $mode == 'newtopic' || ( $mode == 'editpost' && $post_data['first_post'] ) )
+	else if ($mode == 'newtopic' || ($mode == 'editpost' && $post_data['first_post']))
 	{
-		$error_msg .= ( !empty($error_msg) ) ? '<br />' . $lang['Empty_subject'] : $lang['Empty_subject'];
+		$error_msg .= (!empty($error_msg)) ? '<br />' . $lang['Empty_subject'] : $lang['Empty_subject'];
 	}

 	// Check message
-	if ( !empty($message) )
+	if (!empty($message))
 	{
-		$bbcode_uid = ( $bbcode_on ) ? make_bbcode_uid() : '';
+		$bbcode_uid = ($bbcode_on) ? make_bbcode_uid() : '';
 		$message = prepare_message(trim($message), $html_on, $bbcode_on, $smilies_on, $bbcode_uid);
 	}
-	else if ( $mode != 'delete' && $mode != 'polldelete' ) 
+	else if ($mode != 'delete' && $mode != 'poll_delete') 
 	{
-		$error_msg .= ( !empty($error_msg) ) ? '<br />' . $lang['Empty_message'] : $lang['Empty_message'];
+		$error_msg .= (!empty($error_msg)) ? '<br />' . $lang['Empty_message'] : $lang['Empty_message'];
 	}

 	//
 	// Handle poll stuff
 	//
-	if ( $mode == 'newtopic' || ( $mode == 'editpost' && $post_data['first_post'] ) )
+	if ($mode == 'newtopic' || ($mode == 'editpost' && $post_data['first_post']))
 	{
-		$poll_length = ( isset($poll_length) ) ? max(0, intval($poll_length)) : 0;
+		$poll_length = (isset($poll_length)) ? max(0, intval($poll_length)) : 0;

-		if ( !empty($poll_title) )
+		if (!empty($poll_title))
 		{
 			$poll_title = htmlspecialchars(trim($poll_title));
 		}

-		if( !empty($poll_options) )
+		if(!empty($poll_options))
 		{
 			$temp_option_text = array();
-			while( list($option_id, $option_text) = @each($poll_options) )
+			while(list($option_id, $option_text) = @each($poll_options))
 			{
 				$option_text = trim($option_text);
-				if ( !empty($option_text) )
+				if (!empty($option_text))
 				{
 					$temp_option_text[$option_id] = htmlspecialchars($option_text);
 				}
 			}
 			$option_text = $temp_option_text;

-			if ( count($poll_options) < 2 )
+			if (count($poll_options) < 2)
 			{
-				$error_msg .= ( !empty($error_msg) ) ? '<br />' . $lang['To_few_poll_options'] : $lang['To_few_poll_options'];
+				$error_msg .= (!empty($error_msg)) ? '<br />' . $lang['To_few_poll_options'] : $lang['To_few_poll_options'];
 			}
-			else if ( count($poll_options) > $board_config['max_poll_options'] ) 
+			else if (count($poll_options) > $board_config['max_poll_options']) 
 			{
-				$error_msg .= ( !empty($error_msg) ) ? '<br />' . $lang['To_many_poll_options'] : $lang['To_many_poll_options'];
+				$error_msg .= (!empty($error_msg)) ? '<br />' . $lang['To_many_poll_options'] : $lang['To_many_poll_options'];
 			}
-			else if ( $poll_title == '' )
+			else if ($poll_title == '')
 			{
-				$error_msg .= ( !empty($error_msg) ) ? '<br />' . $lang['Empty_poll_title'] : $lang['Empty_poll_title'];
+				$error_msg .= (!empty($error_msg)) ? '<br />' . $lang['Empty_poll_title'] : $lang['Empty_poll_title'];
 			}
 		}
 	}
@@ -238,97 +222,99 @@ function submit_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_

 	$current_time = time();

-	if ( $mode == 'newtopic' || $mode == 'reply' ) 
+	if ($mode == 'newtopic' || $mode == 'reply' || $mode == 'editpost') 
 	{
 		//
 		// Flood control
 		//
-		$where_sql = ( $userdata['user_id'] == ANONYMOUS ) ? "poster_ip = '$user_ip'" : 'poster_id = ' . $userdata['user_id'];
+		$where_sql = ($userdata['user_id'] == ANONYMOUS) ? "poster_ip = '$user_ip'" : 'poster_id = ' . $userdata['user_id'];
 		$sql = "SELECT MAX(post_time) AS last_post_time
 			FROM " . POSTS_TABLE . "
 			WHERE $where_sql";
-		if ( $result = $db->sql_query($sql) )
+		if ($result = $db->sql_query($sql))
 		{
-			if( $row = $db->sql_fetchrow($result) )
+			if ($row = $db->sql_fetchrow($result))
 			{
-				if ( $row['last_post_time'] > 0 && ( $current_time - $row['last_post_time'] ) < $board_config['flood_interval'] )
+				if (intval($row['last_post_time']) > 0 && ($current_time - intval($row['last_post_time'])) < intval($board_config['flood_interval']))
 				{
 					message_die(GENERAL_MESSAGE, $lang['Flood_Error']);
 				}
 			}
 		}
 	}
-	else if ( $mode == 'editpost' )
+
+	if ($mode == 'editpost')
 	{
 		remove_search_post($post_id);
 	}

-	if ( $mode == 'newtopic' || ( $mode == 'editpost' && $post_data['first_post'] ) )
+	if ($mode == 'newtopic' || ($mode == 'editpost' && $post_data['first_post']))
 	{
-		$topic_vote = ( !empty($poll_title) && count($poll_options) >= 2 ) ? 1 : 0;
-		$sql  = ( $mode != "editpost" ) ? "INSERT INTO " . TOPICS_TABLE . " (topic_title, topic_poster, topic_time, forum_id, topic_status, topic_type, topic_vote) VALUES ('$post_subject', " . $userdata['user_id'] . ", $current_time, $forum_id, " . TOPIC_UNLOCKED . ", $topic_type, $topic_vote)" : "UPDATE " . TOPICS_TABLE . " SET topic_title = '$post_subject', topic_type = $topic_type, topic_vote = $topic_vote WHERE topic_id = $topic_id";
-		if ( !($result = $db->sql_query($sql)) )
+		$topic_vote = (!empty($poll_title) && count($poll_options) >= 2) ? 1 : 0;
+
+		$sql  = ($mode != "editpost") ? "INSERT INTO " . TOPICS_TABLE . " (topic_title, topic_poster, topic_time, forum_id, topic_status, topic_type, topic_vote) VALUES ('$post_subject', " . $userdata['user_id'] . ", $current_time, $forum_id, " . TOPIC_UNLOCKED . ", $topic_type, $topic_vote)" : "UPDATE " . TOPICS_TABLE . " SET topic_title = '$post_subject', topic_type = $topic_type " . (($post_data['edit_vote'] || !empty($poll_title)) ? ", topic_vote = " . $topic_vote : "") . " WHERE topic_id = $topic_id";
+		if (!$db->sql_query($sql))
 		{
 			message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql);
 		}

-		if( $mode == 'newtopic' )
+		if ($mode == 'newtopic')
 		{
 			$topic_id = $db->sql_nextid();
 		}
 	}

-	$edited_sql = ( $mode == 'editpost' && !$post_data['last_post'] && $post_data['poster_post'] ) ? ", post_edit_time = $current_time, post_edit_count = post_edit_count + 1 " : "";
-	$sql = ( $mode != "editpost" ) ? "INSERT INTO " . POSTS_TABLE . " (topic_id, forum_id, poster_id, post_username, post_time, poster_ip, enable_bbcode, enable_html, enable_smilies, enable_sig) VALUES ($topic_id, $forum_id, " . $userdata['user_id'] . ", '$post_username', $current_time, '$user_ip', $bbcode_on, $html_on, $smilies_on, $attach_sig)" : "UPDATE " . POSTS_TABLE . " SET enable_bbcode = $bbcode_on, enable_html = $html_on, enable_smilies = $smilies_on, enable_sig = $attach_sig" . $edited_sql . " WHERE post_id = $post_id";
-	if ( !($result = $db->sql_query($sql, BEGIN_TRANSACTION)) )
+	$edited_sql = ($mode == 'editpost' && !$post_data['last_post'] && $post_data['poster_post']) ? ", post_edit_time = $current_time, post_edit_count = post_edit_count + 1 " : "";
+	$sql = ($mode != "editpost") ? "INSERT INTO " . POSTS_TABLE . " (topic_id, forum_id, poster_id, post_username, post_time, poster_ip, enable_bbcode, enable_html, enable_smilies, enable_sig) VALUES ($topic_id, $forum_id, " . $userdata['user_id'] . ", '$post_username', $current_time, '$user_ip', $bbcode_on, $html_on, $smilies_on, $attach_sig)" : "UPDATE " . POSTS_TABLE . " SET post_username = '$post_username', enable_bbcode = $bbcode_on, enable_html = $html_on, enable_smilies = $smilies_on, enable_sig = $attach_sig" . $edited_sql . " WHERE post_id = $post_id";
+	if (!$db->sql_query($sql, BEGIN_TRANSACTION))
 	{
 		message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql);
 	}

-	if( $mode != 'editpost' )
+	if ($mode != 'editpost')
 	{
 		$post_id = $db->sql_nextid();
 	}

-	$sql = ( $mode != 'editpost' ) ? "INSERT INTO " . POSTS_TEXT_TABLE . " (post_id, post_subject, bbcode_uid, post_text) VALUES ($post_id, '$post_subject', '$bbcode_uid', '$post_message')" : "UPDATE " . POSTS_TEXT_TABLE . " SET post_text = '$post_message',  bbcode_uid = '$bbcode_uid', post_subject = '$post_subject' WHERE post_id = $post_id";
-	if ( !($result = $db->sql_query($sql)) )
+	$sql = ($mode != 'editpost') ? "INSERT INTO " . POSTS_TEXT_TABLE . " (post_id, post_subject, bbcode_uid, post_text) VALUES ($post_id, '$post_subject', '$bbcode_uid', '$post_message')" : "UPDATE " . POSTS_TEXT_TABLE . " SET post_text = '$post_message',  bbcode_uid = '$bbcode_uid', post_subject = '$post_subject' WHERE post_id = $post_id";
+	if (!$db->sql_query($sql))
 	{
 		message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql);
 	}

-	add_search_words($post_id, stripslashes($post_message), stripslashes($post_subject));
+	add_search_words('single', $post_id, stripslashes($post_message), stripslashes($post_subject));

 	//
 	// Add poll
 	// 
-	if ( ( $mode == 'newtopic' || $mode == 'editpost' ) && !empty($poll_title) && count($poll_options) >= 2 )
+	if (($mode == 'newtopic' || ($mode == 'editpost' && $post_data['edit_poll'])) && !empty($poll_title) && count($poll_options) >= 2)
 	{
-		$sql = ( !$post_data['has_poll'] ) ? "INSERT INTO " . VOTE_DESC_TABLE . " (topic_id, vote_text, vote_start, vote_length) VALUES ($topic_id, '$poll_title', $current_time, " . ( $poll_length * 86400 ) . ")" : "UPDATE " . VOTE_DESC_TABLE . " SET vote_text = '$poll_title', vote_length = " . ( $poll_length * 86400 ) . " WHERE topic_id = $topic_id";
-		if ( !($result = $db->sql_query($sql)) )
+		$sql = (!$post_data['has_poll']) ? "INSERT INTO " . VOTE_DESC_TABLE . " (topic_id, vote_text, vote_start, vote_length) VALUES ($topic_id, '$poll_title', $current_time, " . ($poll_length * 86400) . ")" : "UPDATE " . VOTE_DESC_TABLE . " SET vote_text = '$poll_title', vote_length = " . ($poll_length * 86400) . " WHERE topic_id = $topic_id";
+		if (!$db->sql_query($sql))
 		{
 			message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql);
 		}

 		$delete_option_sql = '';
 		$old_poll_result = array();
-		if ( $mode == 'editpost' && $post_data['has_poll'] )
+		if ($mode == 'editpost' && $post_data['has_poll'])
 		{
 			$sql = "SELECT vote_option_id, vote_result  
 				FROM " . VOTE_RESULTS_TABLE . " 
 				WHERE vote_id = $poll_id 
 				ORDER BY vote_option_id ASC";
-			if ( !($result = $db->sql_query($sql)) )
+			if (!($result = $db->sql_query($sql)))
 			{
 				message_die(GENERAL_ERROR, 'Could not obtain vote data results for this topic', '', __LINE__, __FILE__, $sql);
 			}

-			while ( $row = $db->sql_fetchrow($result) )
+			while ($row = $db->sql_fetchrow($result))
 			{
 				$old_poll_result[$row['vote_option_id']] = $row['vote_result'];

-				if( !isset($poll_options[$row['vote_option_id']]) )
+				if (!isset($poll_options[$row['vote_option_id']]))
 				{
-					$delete_option_sql .= ( $delete_option_sql != '' ) ? ', ' . $row['vote_option_id'] : $row['vote_option_id'];
+					$delete_option_sql .= ($delete_option_sql != '') ? ', ' . $row['vote_option_id'] : $row['vote_option_id'];
 				}
 			}
 		}
@@ -340,15 +326,15 @@ function submit_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_
 		@reset($poll_options);

 		$poll_option_id = 1;
-		while ( list($option_id, $option_text) = each($poll_options) )
+		while (list($option_id, $option_text) = each($poll_options))
 		{
-			if( !empty($option_text) )
+			if (!empty($option_text))
 			{
-				$option_text = str_replace("\'", "''", $option_text);
-				$poll_result = ( $mode == "editpost" && isset($old_poll_result[$option_id]) ) ? $old_poll_result[$option_id] : 0;
+				$option_text = str_replace("\'", "''", htmlspecialchars($option_text));
+				$poll_result = ($mode == "editpost" && isset($old_poll_result[$option_id])) ? $old_poll_result[$option_id] : 0;

-				$sql = ( $mode != "editpost" || !isset($old_poll_result[$option_id]) ) ? "INSERT INTO " . VOTE_RESULTS_TABLE . " (vote_id, vote_option_id, vote_option_text, vote_result) VALUES ($poll_id, $poll_option_id, '$option_text', $poll_result)" : "UPDATE " . VOTE_RESULTS_TABLE . " SET vote_option_text = '$option_text', vote_result = $poll_result WHERE vote_option_id = $option_id AND vote_id = $poll_id";
-				if ( !($result = $db->sql_query($sql)) )
+				$sql = ($mode != "editpost" || !isset($old_poll_result[$option_id])) ? "INSERT INTO " . VOTE_RESULTS_TABLE . " (vote_id, vote_option_id, vote_option_text, vote_result) VALUES ($poll_id, $poll_option_id, '$option_text', $poll_result)" : "UPDATE " . VOTE_RESULTS_TABLE . " SET vote_option_text = '$option_text', vote_result = $poll_result WHERE vote_option_id = $option_id AND vote_id = $poll_id";
+				if (!$db->sql_query($sql))
 				{
 					message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql);
 				}
@@ -356,11 +342,12 @@ function submit_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_
 			}
 		}

-		if( $delete_option_sql != '' )
+		if ($delete_option_sql != '')
 		{
 			$sql = "DELETE FROM " . VOTE_RESULTS_TABLE . " 
-				WHERE vote_option_id IN ($delete_option_sql)";
-			if ( !($result = $db->sql_query($sql)) )
+				WHERE vote_option_id IN ($delete_option_sql) 
+					AND vote_id = $poll_id";
+			if (!$db->sql_query($sql))
 			{
 				message_die(GENERAL_ERROR, 'Error deleting pruned poll options', '', __LINE__, __FILE__, $sql);
 			}
@@ -380,73 +367,77 @@ function update_post_stats(&$mode, &$post_data, &$forum_id, &$topic_id, &$post_i
 {
 	global $db;

-	$sign = ( $mode == 'delete' ) ? "- 1" : "+ 1";
+	$sign = ($mode == 'delete') ? '- 1' : '+ 1';
 	$forum_update_sql = "forum_posts = forum_posts $sign";
 	$topic_update_sql = '';

-	if ( $mode == 'delete' )
+	if ($mode == 'delete')
 	{
-		if ( $post_data['last_post'] )
+		if ($post_data['last_post'])
 		{
-			if ( $post_data['first_post'] )
+			if ($post_data['first_post'])
 			{
 				$forum_update_sql .= ', forum_topics = forum_topics - 1';
 			}
 			else
 			{

-				$topic_update_sql = "topic_replies = topic_replies - 1";
+				$topic_update_sql .= 'topic_replies = topic_replies - 1';

-				$sql = "SELECT MAX(post_id) AS post_id
+				$sql = "SELECT MAX(post_id) AS last_post_id
 					FROM " . POSTS_TABLE . " 
 					WHERE topic_id = $topic_id";
-				if ( !($db->sql_query($sql)) )
+				if (!($result = $db->sql_query($sql)))
 				{
 					message_die(GENERAL_ERROR, 'Error in deleting post', '', __LINE__, __FILE__, $sql);
 				}

-				if ( $row = $db->sql_fetchrow($result) )
+				if ($row = $db->sql_fetchrow($result))
 				{
-					$topic_update_sql .= ', topic_last_post_id = ' . $row['post_id'];
+					$topic_update_sql .= ', topic_last_post_id = ' . $row['last_post_id'];
 				}
 			}

-			if ( $post_data['last_topic'] )
+			if ($post_data['last_topic'])
 			{
-				$sql = "SELECT MAX(post_id) AS post_id
+				$sql = "SELECT MAX(post_id) AS last_post_id
 					FROM " . POSTS_TABLE . " 
 					WHERE forum_id = $forum_id"; 
-				if ( !($db->sql_query($sql)) )
+				if (!($result = $db->sql_query($sql)))
 				{
 					message_die(GENERAL_ERROR, 'Error in deleting post', '', __LINE__, __FILE__, $sql);
 				}

-				if ( $row = $db->sql_fetchrow($result) )
+				if ($row = $db->sql_fetchrow($result))
 				{
-					$forum_update_sql .= ( $row['post_id'] ) ? ', forum_last_post_id = ' . $row['post_id'] : ', forum_last_post_id = 0';
+					$forum_update_sql .= ($row['last_post_id']) ? ', forum_last_post_id = ' . $row['last_post_id'] : ', forum_last_post_id = 0';
 				}
 			}
 		}
-		else if ( $post_data['first_post'] ) 
+		else if ($post_data['first_post']) 
 		{
-			$sql = "SELECT MIN(post_id) AS post_id
+			$sql = "SELECT MIN(post_id) AS first_post_id
 				FROM " . POSTS_TABLE . " 
 				WHERE topic_id = $topic_id";
-			if ( !($db->sql_query($sql)) )
+			if (!($result = $db->sql_query($sql)))
 			{
 				message_die(GENERAL_ERROR, 'Error in deleting post', '', __LINE__, __FILE__, $sql);
 			}

-			if ( $row = $db->sql_fetchrow($result) )
+			if ($row = $db->sql_fetchrow($result))
 			{
-				$topic_update_sql = 'topic_replies = topic_replies - 1, topic_first_post_id = ' . $row['post_id'];
+				$topic_update_sql .= 'topic_replies = topic_replies - 1, topic_first_post_id = ' . $row['first_post_id'];
 			}
 		}
+		else
+		{
+			$topic_update_sql .= 'topic_replies = topic_replies - 1';
+		}
 	}
-	else if ( $mode != 'poll_delete' )
+	else if ($mode != 'poll_delete')
 	{
-		$forum_update_sql .= ", forum_last_post_id = $post_id" . ( ( $mode == 'newtopic' ) ? ", forum_topics = forum_topics $sign" : "" ); 
-		$topic_update_sql = "topic_last_post_id = $post_id" . ( ( $mode == 'reply' ) ? ", topic_replies = topic_replies $sign" : ", topic_first_post_id = $post_id" );
+		$forum_update_sql .= ", forum_last_post_id = $post_id" . (($mode == 'newtopic') ? ", forum_topics = forum_topics $sign" : ""); 
+		$topic_update_sql = "topic_last_post_id = $post_id" . (($mode == 'reply') ? ", topic_replies = topic_replies $sign" : ", topic_first_post_id = $post_id");
 	}
 	else 
 	{
@@ -456,28 +447,28 @@ function update_post_stats(&$mode, &$post_data, &$forum_id, &$topic_id, &$post_i
 	$sql = "UPDATE " . FORUMS_TABLE . " SET 
 		$forum_update_sql 
 		WHERE forum_id = $forum_id";
-	if ( !($result = $db->sql_query($sql)) )
+	if (!$db->sql_query($sql))
 	{
 		message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql);
 	}

-	if ( $topic_update_sql != '' )
+	if ($topic_update_sql != '')
 	{
 		$sql = "UPDATE " . TOPICS_TABLE . " SET 
 			$topic_update_sql 
 			WHERE topic_id = $topic_id";
-		if ( !($result = $db->sql_query($sql)) )
+		if (!$db->sql_query($sql))
 		{
 			message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql);
 		}
 	}

-	if ( $mode != 'poll_delete' )
+	if ($mode != 'poll_delete')
 	{
 		$sql = "UPDATE " . USERS_TABLE . "
 			SET user_posts = user_posts $sign 
 			WHERE user_id = $user_id";
-		if ( !($result = $db->sql_query($sql, END_TRANSACTION)) )
+		if (!$db->sql_query($sql, END_TRANSACTION))
 		{
 			message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql);
 		}
@@ -494,91 +485,82 @@ function delete_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_
 	global $board_config, $lang, $db, $phpbb_root_path, $phpEx;
 	global $userdata, $user_ip;

-	include($phpbb_root_path . 'includes/functions_search.'.$phpEx);
-
-	$topic_update_sql = '';
-	if ( $mode != 'poll_delete' )
+	if ($mode != 'poll_delete')
 	{
+		include($phpbb_root_path . 'includes/functions_search.'.$phpEx);
+
 		$sql = "DELETE FROM " . POSTS_TABLE . " 
 			WHERE post_id = $post_id";
-		if ( !($db->sql_query($sql)) )
+		if (!$db->sql_query($sql))
 		{
 			message_die(GENERAL_ERROR, 'Error in deleting post', '', __LINE__, __FILE__, $sql);
 		}

 		$sql = "DELETE FROM " . POSTS_TEXT_TABLE . " 
 			WHERE post_id = $post_id";
-		if ( !($db->sql_query($sql)) )
+		if (!$db->sql_query($sql))
 		{
 			message_die(GENERAL_ERROR, 'Error in deleting post', '', __LINE__, __FILE__, $sql);
 		}

-		$sql = "DELETE FROM " . SEARCH_MATCH_TABLE . "  
-			WHERE post_id = $post_id";
-		if ( !($db->sql_query($sql)) )
+		if ($post_data['last_post'])
 		{
-			message_die(GENERAL_ERROR, 'Error in deleting post', '', __LINE__, __FILE__, $sql);
-		}
-
-		$forum_update_sql = 'forum_posts = forum_posts - 1'; 
-		$topic_update_sql .= 'topic_replies = topic_replies - 1';
-		if ( $post_data['last_post'] )
-		{
-			if ( $post_data['first_post'] )
+			if ($post_data['first_post'])
 			{
+				$forum_update_sql .= ', forum_topics = forum_topics - 1';
 				$sql = "DELETE FROM " . TOPICS_TABLE . " 
 					WHERE topic_id = $topic_id 
 						OR topic_moved_id = $topic_id";
-				if ( !($db->sql_query($sql)) )
+				if (!$db->sql_query($sql))
 				{
 					message_die(GENERAL_ERROR, 'Error in deleting post', '', __LINE__, __FILE__, $sql);
 				}

 				$sql = "DELETE FROM " . TOPICS_WATCH_TABLE . "
 					WHERE topic_id = $topic_id";
-				if ( !($db->sql_query($sql)) )
+				if (!$db->sql_query($sql))
 				{
 					message_die(GENERAL_ERROR, 'Error in deleting post', '', __LINE__, __FILE__, $sql);
 				}
 			}
 		}
+
+		remove_search_post($post_id);
 	}

-	if( $mode == 'poll_delete' || ( $mode == 'delete' && $post_data['first_post'] && $post_data['last_post'] ) && $post_data['has_poll'] && $post_data['edit_poll'] )
+	if ($mode == 'poll_delete' || ($mode == 'delete' && $post_data['first_post'] && $post_data['last_post']) && $post_data['has_poll'] && $post_data['edit_poll'])
 	{
 		$sql = "DELETE FROM " . VOTE_DESC_TABLE . " 
-			WHERE vote_id = $poll_id";
-		if ( !($db->sql_query($sql)) )
+			WHERE topic_id = $topic_id";
+		if (!$db->sql_query($sql))
 		{
 			message_die(GENERAL_ERROR, 'Error in deleting poll', '', __LINE__, __FILE__, $sql);
 		}

 		$sql = "DELETE FROM " . VOTE_RESULTS_TABLE . " 
 			WHERE vote_id = $poll_id";
-		if ( !($db->sql_query($sql)) )
+		if (!$db->sql_query($sql))
 		{
 			message_die(GENERAL_ERROR, 'Error in deleting poll', '', __LINE__, __FILE__, $sql);
 		}

 		$sql = "DELETE FROM " . VOTE_USERS_TABLE . " 
 			WHERE vote_id = $poll_id";
-		if ( !($db->sql_query($sql)) )
+		if (!$db->sql_query($sql))
 		{
 			message_die(GENERAL_ERROR, 'Error in deleting poll', '', __LINE__, __FILE__, $sql);
 		}
 	}

-	remove_search_post($post_id);
-
-	if ( $mode == 'delete' && $post_data['first_post'] && $post_data['last_post'] )
+	if ($mode == 'delete' && $post_data['first_post'] && $post_data['last_post'])
 	{
-		$meta = '<meta http-equiv="refresh" content="3;url=' . append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=" . $forum_id) . '">';
+		$meta = '<meta http-equiv="refresh" content="3;url=' . append_sid("viewforum.$phpEx?" . POST_FORUM_URL . '=' . $forum_id) . '">';
 		$message = $lang['Deleted'];
 	}
 	else
 	{
-		$meta = '<meta http-equiv="refresh" content="3;url=' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=" . $topic_id) . '">';
-		$message = ( ( $mode == "poll_delete" ) ? $lang['Poll_delete'] : $lang['Deleted'] ) . '<br /><br />' . sprintf($lang['Click_return_topic'], '<a href="' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . '">', '</a>');
+		$meta = '<meta http-equiv="refresh" content="3;url=' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . '=' . $topic_id) . '">';
+		$message = (($mode == 'poll_delete') ? $lang['Poll_delete'] : $lang['Deleted']) . '<br /><br />' . sprintf($lang['Click_return_topic'], '<a href="' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . '">', '</a>');
 	}

 	$message .=  '<br /><br />' . sprintf($lang['Click_return_forum'], '<a href="' . append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id") . '">', '</a>');
@@ -589,86 +571,126 @@ function delete_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_
 //
 // Handle user notification on new post
 //
-function user_notification($mode, &$post_data, &$forum_id, &$topic_id, &$post_id, &$notify_user)
+function user_notification($mode, &$post_data, &$topic_title, &$forum_id, &$topic_id, &$post_id, &$notify_user)
 {
 	global $board_config, $lang, $db, $phpbb_root_path, $phpEx;
 	global $userdata, $user_ip;

 	$current_time = time();

-	if ( $mode == 'delete' )
+	if ($mode == 'delete')
 	{
-		$delete_sql = ( !$post_data['first_post'] && !$post_data['last_post'] ) ? " AND user_id = " . $userdata['user_id'] : "";
+		$delete_sql = (!$post_data['first_post'] && !$post_data['last_post']) ? " AND user_id = " . $userdata['user_id'] : '';
 		$sql = "DELETE FROM " . TOPICS_WATCH_TABLE . " WHERE topic_id = $topic_id" . $delete_sql;
-		if ( !($result = $db->sql_query($sql)) )
+		if (!$db->sql_query($sql))
 		{
 			message_die(GENERAL_ERROR, 'Could not change topic notify data', '', __LINE__, __FILE__, $sql);
 		}
 	}
 	else 
 	{
-		if ( $mode == 'reply' )
+		if ($mode == 'reply')
 		{
 			$sql = "SELECT ban_userid 
 				FROM " . BANLIST_TABLE;
-			if ( !($result = $db->sql_query($sql)) )
+			if (!($result = $db->sql_query($sql)))
 			{
 				message_die(GENERAL_ERROR, 'Could not obtain banlist', '', __LINE__, __FILE__, $sql);
 			}

 			$user_id_sql = '';
-			while ( $row = $db->sql_fetchrow($result) )
+			while ($row = $db->sql_fetchrow($result))
 			{
-				if ( isset($row['ban_userid']) )
+				if (isset($row['ban_userid']) && !empty($row['ban_userid']))
 				{
-					$user_id_sql = ', ' . $row['ban_userid'];
+					$user_id_sql .= ', ' . $row['ban_userid'];
 				}
 			}

-			$sql = "SELECT u.user_id, u.username, u.user_email, u.user_lang, t.topic_title 
-				FROM " . TOPICS_WATCH_TABLE . " tw, " . TOPICS_TABLE . " t, " . USERS_TABLE . " u 
+			$sql = "SELECT u.user_id, u.user_email, u.user_lang 
+				FROM " . TOPICS_WATCH_TABLE . " tw, " . USERS_TABLE . " u 
 				WHERE tw.topic_id = $topic_id 
-					AND tw.user_id NOT IN (" . $userdata['user_id'] . ", " . ANONYMOUS . $user_id_sql . " ) 
+					AND tw.user_id NOT IN (" . $userdata['user_id'] . ", " . ANONYMOUS . $user_id_sql . ") 
 					AND tw.notify_status = " . TOPIC_WATCH_UN_NOTIFIED . " 
-					AND t.topic_id = tw.topic_id 
 					AND u.user_id = tw.user_id";
-			if ( !($result = $db->sql_query($sql)) )
+			if (!($result = $db->sql_query($sql)))
 			{
 				message_die(GENERAL_ERROR, 'Could not obtain list of topic watchers', '', __LINE__, __FILE__, $sql);
 			}

-			$orig_word = array();
-			$replacement_word = array();
-			obtain_word_list($orig_word, $replacement_word);
-
-			include($phpbb_root_path . 'includes/emailer.'.$phpEx);
-			$emailer = new emailer($board_config['smtp_delivery']);
-
-			$script_name = preg_replace('/^\/?(.*?)\/?$/', '\1', trim($board_config['script_path']));
-			$script_name = ( $script_name != '' ) ? $script_name . '/viewtopic.'.$phpEx : 'viewtopic.'.$phpEx;
-			$server_name = trim($board_config['server_name']);
-			$server_protocol = ( $board_config['cookie_secure'] ) ? 'https://' : 'http://';
-			$server_port = ( $board_config['server_port'] <> 80 ) ? ':' . trim($board_config['server_port']) . '/' : '/';
-
-			$email_headers = "From: " . $board_config['board_email'] . "\nReturn-Path: " . $board_config['board_email'] . "\r\n";
-
 			$update_watched_sql = '';
-			if ( $row = $db->sql_fetchrow($result) )
+			$bcc_list_ary = array();
+			
+			if ($row = $db->sql_fetchrow($result))
 			{
-				$topic_title = preg_replace($orig_word, $replacement_word, unprepare_message($row['topic_title']));
+				// Sixty second limit
+				@set_time_limit(60);

 				do
 				{
-					if ( $row['user_email'] != '' )
+					if ($row['user_email'] != '')
 					{
-						$emailer->use_template('topic_notify', $row['user_lang']);
-						$emailer->email_address($row['user_email']);
-						$emailer->set_subject();//$lang['Topic_reply_notification']
-						$emailer->extra_headers($email_headers);
+						$bcc_list_ary[$row['user_lang']][] = $row['user_email'];
+					}
+					$update_watched_sql .= ($update_watched_sql != '') ? ', ' . $row['user_id'] : $row['user_id'];
+				}
+				while ($row = $db->sql_fetchrow($result));
+
+				//
+				// Let's do some checking to make sure that mass mail functions
+				// are working in win32 versions of php.
+				//
+				if (preg_match('/[c-z]:\\\.*/i', getenv('PATH')) && !$board_config['smtp_delivery'])
+				{
+					$ini_val = (@phpversion() >= '4.0.0') ? 'ini_get' : 'get_cfg_var';
+
+					// We are running on windows, force delivery to use our smtp functions
+					// since php's are broken by default
+					$board_config['smtp_delivery'] = 1;
+					$board_config['smtp_host'] = @$ini_val('SMTP');
+				}
+
+				if (sizeof($bcc_list_ary))
+				{
+					include($phpbb_root_path . 'includes/emailer.'.$phpEx);
+					$emailer = new emailer($board_config['smtp_delivery']);
+
+					$script_name = preg_replace('/^\/?(.*?)\/?$/', '\1', trim($board_config['script_path']));
+					$script_name = ($script_name != '') ? $script_name . '/viewtopic.'.$phpEx : 'viewtopic.'.$phpEx;
+					$server_name = trim($board_config['server_name']);
+					$server_protocol = ($board_config['cookie_secure']) ? 'https://' : 'http://';
+					$server_port = ($board_config['server_port'] <> 80) ? ':' . trim($board_config['server_port']) . '/' : '/';
+
+					$orig_word = array();
+					$replacement_word = array();
+					obtain_word_list($orig_word, $replacement_word);
+
+					$emailer->from($board_config['board_email']);
+					$emailer->replyto($board_config['board_email']);
+
+					$topic_title = (count($orig_word)) ? preg_replace($orig_word, $replacement_word, unprepare_message($topic_title)) : unprepare_message($topic_title);
+
+					@reset($bcc_list_ary);
+					while (list($user_lang, $bcc_list) = each($bcc_list_ary))
+					{
+						$emailer->use_template('topic_notify', $user_lang);
+		
+						for ($i = 0; $i < count($bcc_list); $i++)
+						{
+							$emailer->bcc($bcc_list[$i]);
+						}
+
+						// The Topic_reply_notification lang string below will be used
+						// if for some reason the mail template subject cannot be read 
+						// ... note it will not necessarily be in the posters own language!
+						$emailer->set_subject($lang['Topic_reply_notification']); 
+						
+						// This is a nasty kludge to remove the username var ... till (if?)
+						// translators update their templates
+						$emailer->msg = preg_replace('#[ ]?{USERNAME}#', '', $emailer->msg);

 						$emailer->assign_vars(array(
-							'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),
-							'USERNAME' => $row['username'],
+							'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '',
 							'SITENAME' => $board_config['sitename'],
 							'TOPIC_TITLE' => $topic_title, 

@@ -678,14 +700,12 @@ function user_notification($mode, &$post_data, &$forum_id, &$topic_id, &$post_id

 						$emailer->send();
 						$emailer->reset();
-
-						$update_watched_sql .= ( $update_watched_sql != '' ) ? ', ' . $row['user_id'] : $row['user_id'];
 					}
 				}
-				while ( $row = $db->sql_fetchrow($result) );
 			}
+			$db->sql_freeresult($result);

-			if ( $update_watched_sql != '' )
+			if ($update_watched_sql != '')
 			{
 				$sql = "UPDATE " . TOPICS_WATCH_TABLE . "
 					SET notify_status = " . TOPIC_WATCH_NOTIFIED . "
@@ -699,28 +719,28 @@ function user_notification($mode, &$post_data, &$forum_id, &$topic_id, &$post_id
 			FROM " . TOPICS_WATCH_TABLE . "
 			WHERE topic_id = $topic_id
 				AND user_id = " . $userdata['user_id'];
-		if ( !($result = $db->sql_query($sql)) )
+		if (!($result = $db->sql_query($sql)))
 		{
 			message_die(GENERAL_ERROR, 'Could not obtain topic watch information', '', __LINE__, __FILE__, $sql);
 		}

 		$row = $db->sql_fetchrow($result);

-		if ( !$notify_user && !empty($row['topic_id']) )
+		if (!$notify_user && !empty($row['topic_id']))
 		{
 			$sql = "DELETE FROM " . TOPICS_WATCH_TABLE . "
 				WHERE topic_id = $topic_id
 					AND user_id = " . $userdata['user_id'];
-			if ( !$result = $db->sql_query($sql) )
+			if (!$db->sql_query($sql))
 			{
 				message_die(GENERAL_ERROR, 'Could not delete topic watch information', '', __LINE__, __FILE__, $sql);
 			}
 		}
-		else if ( $notify_user && empty($row['topic_id']) )
+		else if ($notify_user && empty($row['topic_id']))
 		{
 			$sql = "INSERT INTO " . TOPICS_WATCH_TABLE . " (user_id, topic_id, notify_status)
 				VALUES (" . $userdata['user_id'] . ", $topic_id, 0)";
-			if ( !($result = $db->sql_query($sql)) )
+			if (!$db->sql_query($sql))
 			{
 				message_die(GENERAL_ERROR, 'Could not insert topic watch information', '', __LINE__, __FILE__, $sql);
 			}
@@ -742,14 +762,14 @@ function generate_smilies($mode, $page_id)
 	$inline_rows = 5;
 	$window_columns = 8;

-	if ( $mode == 'window' )
+	if ($mode == 'window')
 	{
 		$userdata = session_pagestart($user_ip, $page_id);
 		init_userprefs($userdata);

 		$gen_simple_header = TRUE;

-		$page_title = $lang['Review_topic'] . " - $topic_title";
+		$page_title = $lang['Emoticons'] . " - $topic_title";
 		include($phpbb_root_path . 'includes/page_header.'.$phpEx);

 		$template->set_filenames(array(
@@ -760,32 +780,32 @@ function generate_smilies($mode, $page_id)
 	$sql = "SELECT emoticon, code, smile_url   
 		FROM " . SMILIES_TABLE . " 
 		ORDER BY smilies_id";
-	if ( $result = $db->sql_query($sql) )
+	if ($result = $db->sql_query($sql))
 	{
 		$num_smilies = 0;
 		$rowset = array();
-		while ( $row = $db->sql_fetchrow($result) )
+		while ($row = $db->sql_fetchrow($result))
 		{
-			if ( empty($rowset[$row['smile_url']]) )
+			if (empty($rowset[$row['smile_url']]))
 			{
-				$rowset[$row['smile_url']]['code'] = str_replace('\\', '\\\\', str_replace("'", "\\'", $row['code']));
+				$rowset[$row['smile_url']]['code'] = str_replace("'", "\\'", str_replace('\\', '\\\\', $row['code']));
 				$rowset[$row['smile_url']]['emoticon'] = $row['emoticon'];
 				$num_smilies++;
 			}
 		}

-		if ( $num_smilies )
+		if ($num_smilies)
 		{
-			$smilies_count = ( $mode == 'inline' ) ? min(19, $num_smilies) : $num_smilies;
-			$smilies_split_row = ( $mode == 'inline' ) ? $inline_columns - 1 : $window_columns - 1;
+			$smilies_count = ($mode == 'inline') ? min(19, $num_smilies) : $num_smilies;
+			$smilies_split_row = ($mode == 'inline') ? $inline_columns - 1 : $window_columns - 1;

 			$s_colspan = 0;
 			$row = 0;
 			$col = 0;

-			while ( list($smile_url, $data) = @each($rowset) )
+			while (list($smile_url, $data) = @each($rowset))
 			{
-				if ( !$col )
+				if (!$col)
 				{
 					$template->assign_block_vars('smilies_row', array());
 				}
@@ -798,9 +818,9 @@ function generate_smilies($mode, $page_id)

 				$s_colspan = max($s_colspan, $col + 1);

-				if ( $col == $smilies_split_row )
+				if ($col == $smilies_split_row)
 				{
-					if ( $mode == 'inline' && $row == $inline_rows - 1 )
+					if ($mode == 'inline' && $row == $inline_rows - 1)
 					{
 						break;
 					}
@@ -813,7 +833,7 @@ function generate_smilies($mode, $page_id)
 				}
 			}

-			if ( $mode == 'inline' && $num_smilies > $inline_rows * $inline_columns )
+			if ($mode == 'inline' && $num_smilies > $inline_rows * $inline_columns)
 			{
 				$template->assign_block_vars('switch_smilies_extra', array());

@@ -831,7 +851,7 @@ function generate_smilies($mode, $page_id)
 		}
 	}

-	if ( $mode == 'window' )
+	if ($mode == 'window')
 	{
 		$template->pparse('smiliesbody');

@@ -839,4 +859,4 @@ function generate_smilies($mode, $page_id)
 	}
 }

-?>
+?>
--- a/phpBB/includes/functions_search.php
+++ b/phpBB/includes/functions_search.php
@@ -3,7 +3,7 @@
 *                              functions_search.php
 *                              -------------------
 *     begin                : Wed Sep 05 2001
-*     copyright            : (C) 2001 The phpBB Group
+*     copyright            : (C) 2002 The phpBB Group
 *     email                : support@phpbb.com
 *
 *     $Id$
@@ -21,9 +21,8 @@

 function clean_words($mode, &$entry, &$stopword_list, &$synonym_list)
 {
-	// Weird, $init_match doesn't work with static when double quotes (") are used...
 	static $drop_char_match =   array('^', '$', '&', '(', ')', '<', '>', '`', '\'', '"', '|', ',', '@', '_', '?', '%', '-', '~', '+', '.', '[', ']', '{', '}', ':', '\\', '/', '=', '#', '\'', ';', '!');
-	static $drop_char_replace = array(' ', ' ', ' ', ' ', ' ', ' ', ' ', '',  '',   ' ', ' ', ' ', ' ', '',  ' ', ' ', '',  ' ',   ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ' , ' ', ' ', ' ', ' ',  ' ', ' ');
+	static $drop_char_replace = array(' ', ' ', ' ', ' ', ' ', ' ', ' ', '',  '',   ' ', ' ', ' ', ' ', '',  ' ', ' ', '',  ' ',  ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ' , ' ', ' ', ' ', ' ',  ' ', ' ');

 	$entry = ' ' . strip_tags(strtolower($entry)) . ' ';

@@ -42,13 +41,10 @@ function clean_words($mode, &$entry, &$stopword_list, &$synonym_list)
 	}
 	else if ( $mode == 'search' ) 
 	{
-		$entry = str_replace('+', ' and ', $entry);
-		$entry = str_replace('-', ' not ', $entry);
+		$entry = str_replace(' +', ' and ', $entry);
+		$entry = str_replace(' -', ' not ', $entry);
 	}

-	// Replace numbers on their own
-	$entry = preg_replace('/\b[0-9]+\b/', ' ', $entry); 
-
 	//
 	// Filter out strange characters like ^, $, &, change "it's" to "its"
 	//
@@ -61,8 +57,8 @@ function clean_words($mode, &$entry, &$stopword_list, &$synonym_list)
 	{
 		$entry = str_replace('*', ' ', $entry);

-		// 'words' that consist of <=3 or >=25 characters are removed.
-		$entry = preg_replace('/\b([a-z0-9]{1,3}|[a-z0-9]{20,})\b/',' ', $entry); 
+		// 'words' that consist of <3 or >20 characters are removed.
+		$entry = preg_replace('/[ ]([\S]{1,2}|[\S]{21,})[ ]/',' ', $entry);
 	}

 	if ( !empty($stopword_list) )
@@ -73,7 +69,7 @@ function clean_words($mode, &$entry, &$stopword_list, &$synonym_list)

 			if ( $mode == 'post' || ( $stopword != 'not' && $stopword != 'and' && $stopword != 'or' ) )
 			{
-				$entry =  preg_replace('#\b' . preg_quote($stopword) . '\b#', ' ', $entry);
+				$entry = str_replace(' ' . trim($stopword) . ' ', ' ', $entry);
 			}
 		}
 	}
@@ -85,7 +81,7 @@ function clean_words($mode, &$entry, &$stopword_list, &$synonym_list)
 			list($replace_synonym, $match_synonym) = split(' ', trim(strtolower($synonym_list[$j])));
 			if ( $mode == 'post' || ( $match_synonym != 'not' && $match_synonym != 'and' && $match_synonym != 'or' ) )
 			{
-				$entry =  preg_replace('#\b' . trim($match_synonym) . '\b#', ' ' . trim($replace_synonym) . ' ', $entry);
+				$entry =  str_replace(' ' . trim($match_synonym) . ' ', ' ' . trim($replace_synonym) . ' ', $entry);
 			}
 		}
 	}
@@ -95,29 +91,30 @@ function clean_words($mode, &$entry, &$stopword_list, &$synonym_list)

 function split_words(&$entry, $mode = 'post')
 {
-	if ( $mode == 'post' )
-	{
-		preg_match_all("/\b(\w[\w']*\w+|\w+?)\b/", $entry, $split_entries);
-	}
-	else
-	{
-		preg_match_all('/(\*?[a-z0-9]+\*?)|\b([a-z0-9]+)\b/', $entry, $split_entries);
-	}
+	// If you experience problems with the new method, uncomment this block.
+/*	
+	$rex = ( $mode == 'post' ) ? "/\b([\w<><77>-<2D>][\w<><77>-<2D>']*[\w<><77>-<2D>]+|[\w<><77>-<2D>]+?)\b/" : '/(\*?[a-z0-9<><39>-<2D>]+\*?)|\b([a-z0-9<><39>-<2D>]+)\b/';
+	preg_match_all($rex, $entry, $split_entries);

 	return $split_entries[1];
+*/
+	// Trim 1+ spaces to one space and split this trimmed string into words.
+	return explode(' ', trim(preg_replace('#\s+#', ' ', $entry)));
 }

-function add_search_words($post_id, $post_text, $post_title = '')
+function add_search_words($mode, $post_id, $post_text, $post_title = '')
 {
 	global $db, $phpbb_root_path, $board_config, $lang;

-	$stopwords_array = @file($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . "/search_stopwords.txt"); 
+	$stopword_array = @file($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . "/search_stopwords.txt"); 
 	$synonym_array = @file($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . "/search_synonyms.txt"); 

 	$search_raw_words = array();
 	$search_raw_words['text'] = split_words(clean_words('post', $post_text, $stopword_array, $synonym_array));
 	$search_raw_words['title'] = split_words(clean_words('post', $post_title, $stopword_array, $synonym_array));

+	@set_time_limit(0);
+
 	$word = array();
 	$word_insert_sql = array();
 	while ( list($word_in, $search_matches) = @each($search_raw_words) )
@@ -198,14 +195,15 @@ function add_search_words($post_id, $post_text, $post_title = '')
 				{
 					case 'mysql':
 					case 'mysql4':
-						$value_sql .= ( ( $value_sql != '' ) ? ', ' : '' ) . '(\'' . $word[$i] . '\')';
+						$value_sql .= ( ( $value_sql != '' ) ? ', ' : '' ) . '(\'' . $word[$i] . '\', 0)';
 						break;
 					case 'mssql':
-						$value_sql .= ( ( $value_sql != '' ) ? ' UNION ALL ' : '' ) . "SELECT '" . $word[$i] . "'";
+					case 'mssql-odbc':
+						$value_sql .= ( ( $value_sql != '' ) ? ' UNION ALL ' : '' ) . "SELECT '" . $word[$i] . "', 0";
 						break;
 					default:
-						$sql = "INSERT INTO " . SEARCH_WORD_TABLE . " (word_text) 
-							VALUES ('" . $word[$i] . "')"; 
+						$sql = "INSERT INTO " . SEARCH_WORD_TABLE . " (word_text, word_common) 
+							VALUES ('" . $word[$i] . "', 0)"; 
 						if( !$db->sql_query($sql) )
 						{
 							message_die(GENERAL_ERROR, 'Could not insert new word', '', __LINE__, __FILE__, $sql);
@@ -221,11 +219,12 @@ function add_search_words($post_id, $post_text, $post_title = '')
 			{
 				case 'mysql':
 				case 'mysql4':
-					$sql = "INSERT IGNORE INTO " . SEARCH_WORD_TABLE . " (word_text) 
+					$sql = "INSERT IGNORE INTO " . SEARCH_WORD_TABLE . " (word_text, word_common) 
 						VALUES $value_sql"; 
 					break;
 				case 'mssql':
-					$sql = "INSERT INTO " . SEARCH_WORD_TABLE . " (word_text) 
+				case 'mssql-odbc':
+					$sql = "INSERT INTO " . SEARCH_WORD_TABLE . " (word_text, word_common) 
 						$value_sql"; 
 					break;
 			}
@@ -254,9 +253,9 @@ function add_search_words($post_id, $post_text, $post_title = '')
 		}
 	}

-	if ( $mode == 'single' )
+	if ($mode == 'single')
 	{
-		remove_common('single', 0.4, $word);
+		remove_common('single', 4/10, $word);
 	}

 	return;
@@ -269,7 +268,8 @@ function remove_common($mode, $fraction, $word_id_list = array())
 {
 	global $db;

-	$sql = ( $mode == 'global' ) ? "SELECT COUNT(post_id) AS total_posts FROM " . SEARCH_MATCH_TABLE . " GROUP BY post_id" : "SELECT SUM(forum_posts) AS total_posts FROM " . FORUMS_TABLE;
+	$sql = "SELECT COUNT(post_id) AS total_posts 
+		FROM " . POSTS_TABLE;
 	if ( !($result = $db->sql_query($sql)) )
 	{
 		message_die(GENERAL_ERROR, 'Could not obtain post count', '', __LINE__, __FILE__, $sql);
@@ -335,7 +335,7 @@ function remove_common($mode, $fraction, $word_id_list = array())
 		}
 	}

-	return $word_count;
+	return;
 }

 function remove_search_post($post_id_sql)
@@ -428,16 +428,18 @@ function remove_search_post($post_id_sql)
 function username_search($search_match)
 {
 	global $db, $board_config, $template, $lang, $images, $theme, $phpEx, $phpbb_root_path;
-	global $starttime;
+	global $starttime, $gen_simple_header;
+	
+	$gen_simple_header = TRUE;

 	$username_list = '';
 	if ( !empty($search_match) )
 	{
-		$username_search = preg_replace('/\*/', '%', trim(strip_tags($search_match)));
+		$username_search = preg_replace('/\*/', '%', phpbb_clean_username($search_match));

 		$sql = "SELECT username 
 			FROM " . USERS_TABLE . " 
-			WHERE username LIKE '" . str_replace("\'", "''", $username_search) . "' 
+			WHERE username LIKE '" . str_replace("\'", "''", $username_search) . "' AND user_id <> " . ANONYMOUS . "
 			ORDER BY username";
 		if ( !($result = $db->sql_query($sql)) )
 		{
@@ -459,7 +461,6 @@ function username_search($search_match)
 		$db->sql_freeresult($result);
 	}

-	$gen_simple_header = TRUE;
 	$page_title = $lang['Search'];
 	include($phpbb_root_path . 'includes/page_header.'.$phpEx);

@@ -468,7 +469,7 @@ function username_search($search_match)
 	);

 	$template->assign_vars(array(
-		'USERNAME' => ( !empty($search_match) ) ? $search_match : '', 
+		'USERNAME' => (!empty($search_match)) ? phpbb_clean_username($search_match) : '', 

 		'L_CLOSE_WINDOW' => $lang['Close_window'], 
 		'L_SEARCH_USERNAME' => $lang['Find_username'], 
--- a/phpBB/includes/functions_selects.php
+++ b/phpBB/includes/functions_selects.php
@@ -26,14 +26,14 @@
 //
 function language_select($default, $select_name = "language", $dirname="language")
 {
-	global $phpEx;
+	global $phpEx, $phpbb_root_path;

-	$dir = opendir($dirname);
+	$dir = opendir($phpbb_root_path . $dirname);

 	$lang = array();
 	while ( $file = readdir($dir) )
 	{
-		if ( ereg("^lang_", $file) && !is_file($dirname . "/" . $file) && !is_link($dirname . "/" . $file) )
+		if (preg_match('#^lang_#i', $file) && !is_file(@phpbb_realpath($phpbb_root_path . $dirname . '/' . $file)) && !is_link(@phpbb_realpath($phpbb_root_path . $dirname . '/' . $file)))
 		{
 			$filename = trim(str_replace("lang_", "", $file));
 			$displayname = preg_replace("/^(.*?)_(.*)$/", "\\1 [ \\2 ]", $filename);
@@ -108,4 +108,4 @@ function tz_select($default, $select_name = 'timezone')
 	return $tz_select;
 }

-?>
+?>
--- a/phpBB/includes/functions_validate.php
+++ b/phpBB/includes/functions_validate.php
@@ -18,7 +18,6 @@
 *   the Free Software Foundation; either version 2 of the License, or
 *   (at your option) any later version.
 *
- *
 ***************************************************************************/

 //
@@ -30,61 +29,81 @@ function validate_username($username)
 {
 	global $db, $lang, $userdata;

-	$username = str_replace("\'", "''", $username);
+	// Remove doubled up spaces
+	$username = preg_replace('#\s+#', ' ', $username); 
+	// Limit username length
+	$username = substr(str_replace("\'", "'", $username), 0, 25);
+	$username = str_replace("'", "''", $username);

 	$sql = "SELECT username 
 		FROM " . USERS_TABLE . " 
 		WHERE LOWER(username) = '" . strtolower($username) . "'";
-	if ( $result = $db->sql_query($sql) )
+	if ($result = $db->sql_query($sql))
 	{
-		if ( $row = $db->sql_fetchrow($result) )
+		if ($row = $db->sql_fetchrow($result))
 		{
-			if ( ( $userdata['session_logged_in'] && $row['username'] != $userdata['username'] ) || !$userdata['session_logged_in'] )
+			if (($userdata['session_logged_in'] && $row['username'] != $userdata['username']) || !$userdata['session_logged_in'])
 			{
+				$db->sql_freeresult($result);
 				return array('error' => true, 'error_msg' => $lang['Username_taken']);
 			}
 		}
 	}
+	$db->sql_freeresult($result);

 	$sql = "SELECT group_name
 		FROM " . GROUPS_TABLE . " 
 		WHERE LOWER(group_name) = '" . strtolower($username) . "'";
-	if ( $result = $db->sql_query($sql) )
+	if ($result = $db->sql_query($sql))
 	{
-		if ( $row = $db->sql_fetchrow($result) )
+		if ($row = $db->sql_fetchrow($result))
 		{
+			$db->sql_freeresult($result);
 			return array('error' => true, 'error_msg' => $lang['Username_taken']);
 		}
 	}
+	$db->sql_freeresult($result);

 	$sql = "SELECT disallow_username
 		FROM " . DISALLOW_TABLE;
-	if ( $result = $db->sql_query($sql) )
+	if ($result = $db->sql_query($sql))
 	{
-		while( $row = $db->sql_fetchrow($result) )
+		if ($row = $db->sql_fetchrow($result))
 		{
-			if ( preg_match("#\b(" . str_replace("\*", "\w*?", preg_quote($row['disallow_username'])) . ")\b#i", $username) )
+			do
 			{
-				return array('error' => true, 'error_msg' => $lang['Username_disallowed']);
+				if (preg_match("#\b(" . str_replace("\*", ".*?", phpbb_preg_quote($row['disallow_username'], '#')) . ")\b#i", $username))
+				{
+					$db->sql_freeresult($result);
+					return array('error' => true, 'error_msg' => $lang['Username_disallowed']);
+				}
 			}
+			while($row = $db->sql_fetchrow($result));
 		}
 	}
+	$db->sql_freeresult($result);

 	$sql = "SELECT word 
 		FROM  " . WORDS_TABLE;
-	if ( $result = $db->sql_query($sql) )
+	if ($result = $db->sql_query($sql))
 	{
-		while( $row = $db->sql_fetchrow($result) )
+		if ($row = $db->sql_fetchrow($result))
 		{
-			if ( preg_match("#\b(" . str_replace("\*", "\w*?", preg_quote($row['word'])) . ")\b#i", $username) )
+			do
 			{
-				return array('error' => true, 'error_msg' => $lang['Username_disallowed']);
+				if (preg_match("#\b(" . str_replace("\*", ".*?", phpbb_preg_quote($row['word'], '#')) . ")\b#i", $username))
+				{
+					$db->sql_freeresult($result);
+					return array('error' => true, 'error_msg' => $lang['Username_disallowed']);
+				}
 			}
+			while ($row = $db->sql_fetchrow($result));
 		}
 	}
+	$db->sql_freeresult($result);

-	// Don't allow " in username.
-	if ( strstr($username, '"') )
+	// Don't allow " and ALT-255 in username.
+	if (strstr($username, '"') || strstr($username, '&quot;') || strstr($username, chr(160)))
 	{
 		return array('error' => true, 'error_msg' => $lang['Username_invalid']);
 	}
@@ -100,36 +119,43 @@ function validate_email($email)
 {
 	global $db, $lang;

-	if ( $email != '' )
+	if ($email != '')
 	{
-		if ( preg_match('/^[a-z0-9\.\-_]+@[a-z0-9\-_]+\.([a-z0-9\-_]+\.)*?[a-z]+$/is', $email) )
+		if (preg_match('/^[a-z0-9&\'\.\-_\+]+@[a-z0-9\-]+\.([a-z0-9\-]+\.)*?[a-z]+$/is', $email))
 		{
 			$sql = "SELECT ban_email
 				FROM " . BANLIST_TABLE;
-			if ( $result = $db->sql_query($sql) )
+			if ($result = $db->sql_query($sql))
 			{
-				while( $row = $db->sql_fetchrow($result) )
+				if ($row = $db->sql_fetchrow($result))
 				{
-					$match_email = str_replace('*', '.*', $row['ban_email']);
-					if ( preg_match('/^' . $match_email . '$/is', $email) )
+					do
 					{
-						return array('error' => true, 'error_msg' => $lang['Email_banned']);
+						$match_email = str_replace('*', '.*?', $row['ban_email']);
+						if (preg_match('/^' . $match_email . '$/is', $email))
+						{
+							$db->sql_freeresult($result);
+							return array('error' => true, 'error_msg' => $lang['Email_banned']);
+						}
 					}
+					while($row = $db->sql_fetchrow($result));
 				}
 			}
+			$db->sql_freeresult($result);

 			$sql = "SELECT user_email
 				FROM " . USERS_TABLE . "
 				WHERE user_email = '" . str_replace("\'", "''", $email) . "'";
-			if ( !($result = $db->sql_query($sql)) )
+			if (!($result = $db->sql_query($sql)))
 			{
 				message_die(GENERAL_ERROR, "Couldn't obtain user email information.", "", __LINE__, __FILE__, $sql);
 			}
-
-			if ( $row = $db->sql_fetchrow($result) )
+		
+			if ($row = $db->sql_fetchrow($result))
 			{
 				return array('error' => true, 'error_msg' => $lang['Email_taken']);
 			}
+			$db->sql_freeresult($result);

 			return array('error' => false, 'error_msg' => '');
 		}
@@ -148,28 +174,28 @@ function validate_optional_fields(&$icq, &$aim, &$msnm, &$yim, &$website, &$loca

 	for($i = 0; $i < count($check_var_length); $i++)
 	{
-		if ( strlen($$check_var_length[$i]) < 2 )
+		if (strlen($$check_var_length[$i]) < 2)
 		{
 			$$check_var_length[$i] = '';
 		}
 	}

 	// ICQ number has to be only numbers.
-	if ( !preg_match('/^[0-9]+$/', $icq) )
+	if (!preg_match('/^[0-9]+$/', $icq))
 	{
 		$icq = '';
 	}
 	
 	// website has to start with http://, followed by something with length at least 3 that
 	// contains at least one dot.
-	if ( $website != "" )
+	if ($website != "")
 	{
-		if ( !preg_match('#^http:\/\/#i', $website) )
+		if (!preg_match('#^http[s]?:\/\/#i', $website))
 		{
 			$website = 'http://' . $website;
 		}

-		if ( !preg_match('#^http\\:\\/\\/[a-z0-9\-]+\.([a-z0-9\-]+\.)?[a-z]+#i', $website) )
+		if (!preg_match('#^http[s]?\\:\\/\\/[a-z0-9\-]+\.([a-z0-9\-]+\.)?[a-z]+#i', $website))
 		{
 			$website = '';
 		}
@@ -178,4 +204,4 @@ function validate_optional_fields(&$icq, &$aim, &$msnm, &$yim, &$website, &$loca
 	return;
 }

-?>
+?>
--- a/phpBB/includes/page_header.php
+++ b/phpBB/includes/page_header.php
@@ -35,7 +35,9 @@ if ( $board_config['gzip_compress'] )
 {
 	$phpver = phpversion();

-	if ( $phpver >= '4.0.4pl1' )
+	$useragent = (isset($_SERVER["HTTP_USER_AGENT"]) ) ? $_SERVER["HTTP_USER_AGENT"] : $HTTP_USER_AGENT;
+
+	if ( $phpver >= '4.0.4pl1' && ( strstr($useragent,'compatible') || strstr($useragent,'Gecko') ) )
 	{
 		if ( extension_loaded('zlib') )
 		{
@@ -70,7 +72,7 @@ $template->set_filenames(array(
 //
 if ( $userdata['session_logged_in'] )
 {
-	$u_login_logout = 'login.'.$phpEx.'?logout=true';
+	$u_login_logout = 'login.'.$phpEx.'?logout=true&amp;sid=' . $userdata['session_id'];
 	$l_login_logout = $lang['Logout'] . ' [ ' . $userdata['username'] . ' ]';
 }
 else
@@ -85,184 +87,188 @@ $s_last_visit = ( $userdata['session_logged_in'] ) ? create_date($board_config['
 // Get basic (usernames + totals) online
 // situation
 //
-$user_forum_sql = ( !empty($forum_id) ) ? "AND ( u.user_session_page = $forum_id 
-	OR s.session_page = $forum_id)" : '';
-$sql = "SELECT u.username, u.user_id, u.user_allow_viewonline, u.user_level, s.session_logged_in, s.session_ip
-	FROM ".USERS_TABLE." u, ".SESSIONS_TABLE." s
-	WHERE u.user_id = s.session_user_id
-		AND ( s.session_time >= ".( time() - 300 ) . " 
-			OR u.user_session_time >= " . ( time() - 300 ) . " )
-		$user_forum_sql 
-	ORDER BY u.username ASC, s.session_ip ASC";
-if( !($result = $db->sql_query($sql)) )
-{
-	message_die(GENERAL_ERROR, 'Could not obtain user/online information', '', __LINE__, __FILE__, $sql);
-}
-
-$userlist_ary = array();
-$userlist_visible = array();
-
 $logged_visible_online = 0;
 $logged_hidden_online = 0;
 $guests_online = 0;
 $online_userlist = '';
+$l_online_users = '';

-$prev_user_id = 0;
-$prev_user_ip = '';
-
-while( $row = $db->sql_fetchrow($result) )
+if (defined('SHOW_ONLINE'))
 {
-	// User is logged in and therefor not a guest
-	if ( $row['session_logged_in'] )
+
+	$user_forum_sql = ( !empty($forum_id) ) ? "AND s.session_page = " . intval($forum_id) : '';
+	$sql = "SELECT u.username, u.user_id, u.user_allow_viewonline, u.user_level, s.session_logged_in, s.session_ip
+		FROM ".USERS_TABLE." u, ".SESSIONS_TABLE." s
+		WHERE u.user_id = s.session_user_id
+			AND s.session_time >= ".( time() - 300 ) . "
+			$user_forum_sql
+		ORDER BY u.username ASC, s.session_ip ASC";
+	if( !($result = $db->sql_query($sql)) )
 	{
-		// Skip multiple sessions for one user
-		if ( $row['user_id'] != $prev_user_id )
+		message_die(GENERAL_ERROR, 'Could not obtain user/online information', '', __LINE__, __FILE__, $sql);
+	}
+
+	$userlist_ary = array();
+	$userlist_visible = array();
+
+	$prev_user_id = 0;
+	$prev_user_ip = $prev_session_ip = '';
+
+	while( $row = $db->sql_fetchrow($result) )
+	{
+		// User is logged in and therefor not a guest
+		if ( $row['session_logged_in'] )
 		{
-			$style_color = '';
-			if ( $row['user_level'] == ADMIN )
+			// Skip multiple sessions for one user
+			if ( $row['user_id'] != $prev_user_id )
 			{
-				$row['username'] = '<b>' . $row['username'] . '</b>';
-				$style_color = 'style="color:#' . $theme['fontcolor3'] . '"';
-			}
-			else if ( $row['user_level'] == MOD )
-			{
-				$row['username'] = '<b>' . $row['username'] . '</b>';
-				$style_color = 'style="color:#' . $theme['fontcolor2'] . '"';
+				$style_color = '';
+				if ( $row['user_level'] == ADMIN )
+				{
+					$row['username'] = '<b>' . $row['username'] . '</b>';
+					$style_color = 'style="color:#' . $theme['fontcolor3'] . '"';
+				}
+				else if ( $row['user_level'] == MOD )
+				{
+					$row['username'] = '<b>' . $row['username'] . '</b>';
+					$style_color = 'style="color:#' . $theme['fontcolor2'] . '"';
+				}
+
+				if ( $row['user_allow_viewonline'] )
+				{
+					$user_online_link = '<a href="' . append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=" . $row['user_id']) . '"' . $style_color .'>' . $row['username'] . '</a>';
+					$logged_visible_online++;
+				}
+				else
+				{
+					$user_online_link = '<a href="' . append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=" . $row['user_id']) . '"' . $style_color .'><i>' . $row['username'] . '</i></a>';
+					$logged_hidden_online++;
+				}
+
+				if ( $row['user_allow_viewonline'] || $userdata['user_level'] == ADMIN )
+				{
+					$online_userlist .= ( $online_userlist != '' ) ? ', ' . $user_online_link : $user_online_link;
+				}
 			}

-			if ( $row['user_allow_viewonline'] )
+			$prev_user_id = $row['user_id'];
+		}
+		else
+		{
+			// Skip multiple sessions for one user
+			if ( $row['session_ip'] != $prev_session_ip )
 			{
-				$user_online_link = '<a href="' . append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=" . $row['user_id']) . '"' . $style_color .'>' . $row['username'] . '</a>';
-				$logged_visible_online++;
-			}
-			else
-			{
-				$user_online_link = '<a href="' . append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=" . $row['user_id']) . '"' . $style_color .'><i>' . $row['username'] . '</i></a>';
-				$logged_hidden_online++;
-			}
-			
-			if ( $row['user_allow_viewonline'] || $userdata['user_level'] == ADMIN )
-			{
-				$online_userlist .= ( $online_userlist != '' ) ? ', ' . $user_online_link : $user_online_link;
+				$guests_online++;
 			}
 		}

-		$prev_user_id = $row['user_id'];
+		$prev_session_ip = $row['session_ip'];
+	}
+	$db->sql_freeresult($result);
+
+	if ( empty($online_userlist) )
+	{
+		$online_userlist = $lang['None'];
+	}
+	$online_userlist = ( ( isset($forum_id) ) ? $lang['Browsing_forum'] : $lang['Registered_users'] ) . ' ' . $online_userlist;
+
+	$total_online_users = $logged_visible_online + $logged_hidden_online + $guests_online;
+
+	if ( $total_online_users > $board_config['record_online_users'])
+	{
+		$board_config['record_online_users'] = $total_online_users;
+		$board_config['record_online_date'] = time();
+
+		$sql = "UPDATE " . CONFIG_TABLE . "
+			SET config_value = '$total_online_users'
+			WHERE config_name = 'record_online_users'";
+		if ( !$db->sql_query($sql) )
+		{
+			message_die(GENERAL_ERROR, 'Could not update online user record (nr of users)', '', __LINE__, __FILE__, $sql);
+		}
+
+		$sql = "UPDATE " . CONFIG_TABLE . "
+			SET config_value = '" . $board_config['record_online_date'] . "'
+			WHERE config_name = 'record_online_date'";
+		if ( !$db->sql_query($sql) )
+		{
+			message_die(GENERAL_ERROR, 'Could not update online user record (date)', '', __LINE__, __FILE__, $sql);
+		}
+	}
+
+	if ( $total_online_users == 0 )
+	{
+		$l_t_user_s = $lang['Online_users_zero_total'];
+	}
+	else if ( $total_online_users == 1 )
+	{
+		$l_t_user_s = $lang['Online_user_total'];
 	}
 	else
 	{
-		// Skip multiple sessions for one user
-		if ( $row['session_ip'] != $prev_session_ip )
-		{
-			$guests_online++;
-		}
+		$l_t_user_s = $lang['Online_users_total'];
 	}

-	$prev_session_ip = $row['session_ip'];
-}
-
-if ( empty($online_userlist) )
-{
-	$online_userlist = $lang['None'];
-}
-$online_userlist = ( ( isset($forum_id) ) ? $lang['Browsing_forum'] : $lang['Registered_users'] ) . ' ' . $online_userlist;
-
-$total_online_users = $logged_visible_online + $logged_hidden_online + $guests_online;
-
-if ( $total_online_users > $board_config['record_online_users'])
-{
-	$board_config['record_online_users'] = $total_online_users;
-	$board_config['record_online_date'] = time();
-
-	$sql = "UPDATE " . CONFIG_TABLE . "
-		SET config_value = '$total_online_users'
-		WHERE config_name = 'record_online_users'";
-	if ( !$db->sql_query($sql) )
+	if ( $logged_visible_online == 0 )
 	{
-		message_die(GENERAL_ERROR, 'Could not update online user record (nr of users)', '', __LINE__, __FILE__, $sql);
+		$l_r_user_s = $lang['Reg_users_zero_total'];
 	}
-
-	$sql = "UPDATE " . CONFIG_TABLE . "
-		SET config_value = '" . $board_config['record_online_date'] . "'
-		WHERE config_name = 'record_online_date'";
-	if ( !$db->sql_query($sql) )
+	else if ( $logged_visible_online == 1 )
 	{
-		message_die(GENERAL_ERROR, 'Could not update online user record (date)', '', __LINE__, __FILE__, $sql);
+		$l_r_user_s = $lang['Reg_user_total'];
+	}
+	else
+	{
+		$l_r_user_s = $lang['Reg_users_total'];
 	}
-}

-if ( $total_online_users == 0 )
-{
-	$l_t_user_s = $lang['Online_users_zero_total'];
-}
-else if ( $total_online_users == 1 )
-{
-	$l_t_user_s = $lang['Online_user_total'];
-}
-else
-{
-	$l_t_user_s = $lang['Online_users_total'];
-}
+	if ( $logged_hidden_online == 0 )
+	{
+		$l_h_user_s = $lang['Hidden_users_zero_total'];
+	}
+	else if ( $logged_hidden_online == 1 )
+	{
+		$l_h_user_s = $lang['Hidden_user_total'];
+	}
+	else
+	{
+		$l_h_user_s = $lang['Hidden_users_total'];
+	}

-if ( $logged_visible_online == 0 )
-{
-	$l_r_user_s = $lang['Reg_users_zero_total'];
-}
-else if ( $logged_visible_online == 1 )
-{
-	$l_r_user_s = $lang['Reg_user_total'];
-}
-else
-{
-	$l_r_user_s = $lang['Reg_users_total'];
-}
+	if ( $guests_online == 0 )
+	{
+		$l_g_user_s = $lang['Guest_users_zero_total'];
+	}
+	else if ( $guests_online == 1 )
+	{
+		$l_g_user_s = $lang['Guest_user_total'];
+	}
+	else
+	{
+		$l_g_user_s = $lang['Guest_users_total'];
+	}

-if ( $logged_hidden_online == 0 )
-{
-	$l_h_user_s = $lang['Hidden_users_zero_total'];
+	$l_online_users = sprintf($l_t_user_s, $total_online_users);
+	$l_online_users .= sprintf($l_r_user_s, $logged_visible_online);
+	$l_online_users .= sprintf($l_h_user_s, $logged_hidden_online);
+	$l_online_users .= sprintf($l_g_user_s, $guests_online);
 }
-else if ( $logged_hidden_online == 1 )
-{
-	$l_h_user_s = $lang['Hidden_user_total'];
-}
-else
-{
-	$l_h_user_s = $lang['Hidden_users_total'];
-}
-
-if ( $guests_online == 0 )
-{
-	$l_g_user_s = $lang['Guest_users_zero_total'];
-}
-else if ( $guests_online == 1 )
-{
-	$l_g_user_s = $lang['Guest_user_total'];
-}
-else
-{
-	$l_g_user_s = $lang['Guest_users_total'];
-}
-
-$l_online_users = sprintf($l_t_user_s, $total_online_users);
-$l_online_users .= sprintf($l_r_user_s, $logged_visible_online); 
-$l_online_users .= sprintf($l_h_user_s, $logged_hidden_online); 
-$l_online_users .= sprintf($l_g_user_s, $guests_online); 

 //
 // Obtain number of new private messages
 // if user is logged in
 //
-if ( $userdata['session_logged_in'] )
+if ( ($userdata['session_logged_in']) && (empty($gen_simple_header)) )
 {
 	if ( $userdata['user_new_privmsg'] )
 	{
-		$l_message_new = ( $userdata['user_new_privmsg'] == 1 ) ? $lang['New_pm'] : $lang['New_pms']; 
-		$l_privmsgs_text = sprintf($l_message_new, $userdata['user_new_privmsg']); 
+		$l_message_new = ( $userdata['user_new_privmsg'] == 1 ) ? $lang['New_pm'] : $lang['New_pms'];
+		$l_privmsgs_text = sprintf($l_message_new, $userdata['user_new_privmsg']);

 		if ( $userdata['user_last_privmsg'] > $userdata['user_lastvisit'] )
 		{
 			$sql = "UPDATE " . USERS_TABLE . "
-				SET user_last_privmsg = " . $userdata['user_lastvisit'] . " 
+				SET user_last_privmsg = " . $userdata['user_lastvisit'] . "
 				WHERE user_id = " . $userdata['user_id'];
 			if ( !$db->sql_query($sql) )
 			{
@@ -275,7 +281,7 @@ if ( $userdata['session_logged_in'] )
 		else
 		{
 			$s_privmsg_new = 0;
-			$icon_pm = $images['pm_no_new_msg'];
+			$icon_pm = $images['pm_new_msg'];
 		}
 	}
 	else
@@ -288,8 +294,8 @@ if ( $userdata['session_logged_in'] )

 	if ( $userdata['user_unread_privmsg'] )
 	{
-		$l_message_unread = ( $userdata['user_unread_privmsg'] == 1 ) ? $lang['Unread_pm'] : $lang['Unread_pms']; 
-		$l_privmsgs_text_unread = sprintf($l_message_unread, $userdata['user_unread_privmsg']); 
+		$l_message_unread = ( $userdata['user_unread_privmsg'] == 1 ) ? $lang['Unread_pm'] : $lang['Unread_pms'];
+		$l_privmsgs_text_unread = sprintf($l_message_unread, $userdata['user_unread_privmsg']);
 	}
 	else
 	{
@@ -307,86 +313,93 @@ else
 //
 // Generate HTML required for Mozilla Navigation bar
 //
+if (!isset($nav_links))
+{
+	$nav_links = array();
+}
+
 $nav_links_html = '';
 $nav_link_proto = '<link rel="%s" href="%s" title="%s" />' . "\n";
 while( list($nav_item, $nav_array) = @each($nav_links) )
 {
 	if ( !empty($nav_array['url']) )
 	{
-		$nav_links_html .= sprintf($nav_link_proto, $nav_item, $nav_array['url'], $nav_array['title']);
+		$nav_links_html .= sprintf($nav_link_proto, $nav_item, append_sid($nav_array['url']), $nav_array['title']);
 	}
 	else
 	{
 		// We have a nested array, used for items like <link rel='chapter'> that can occur more than once.
 		while( list(,$nested_array) = each($nav_array) )
-		{  
+		{
 			$nav_links_html .= sprintf($nav_link_proto, $nav_item, $nested_array['url'], $nested_array['title']);
 		}
 	}
-}	
+}

+// Format Timezone. We are unable to use array_pop here, because of PHP3 compatibility
+$l_timezone = explode('.', $board_config['board_timezone']);
+$l_timezone = (count($l_timezone) > 1 && $l_timezone[count($l_timezone)-1] != 0) ? $lang[sprintf('%.1f', $board_config['board_timezone'])] : $lang[number_format($board_config['board_timezone'])];
 //
 // The following assigns all _common_ variables that may be used at any point
 // in a template.
 //
 $template->assign_vars(array(
-	'SITENAME' => $board_config['sitename'], 
-	'SITE_DESCRIPTION' => $board_config['site_desc'], 
+	'SITENAME' => $board_config['sitename'],
+	'SITE_DESCRIPTION' => $board_config['site_desc'],
 	'PAGE_TITLE' => $page_title,
-	'LAST_VISIT_DATE' => sprintf($lang['You_last_visit'], $s_last_visit), 
-	'CURRENT_TIME' => sprintf($lang['Current_time'], create_date($board_config['default_dateformat'], time(), $board_config['board_timezone'])),  
+	'LAST_VISIT_DATE' => sprintf($lang['You_last_visit'], $s_last_visit),
+	'CURRENT_TIME' => sprintf($lang['Current_time'], create_date($board_config['default_dateformat'], time(), $board_config['board_timezone'])),
 	'TOTAL_USERS_ONLINE' => $l_online_users,
-	'LOGGED_IN_USER_LIST' => $online_userlist, 
+	'LOGGED_IN_USER_LIST' => $online_userlist,
 	'RECORD_USERS' => sprintf($lang['Record_online_users'], $board_config['record_online_users'], create_date($board_config['default_dateformat'], $board_config['record_online_date'], $board_config['board_timezone'])),
 	'PRIVATE_MESSAGE_INFO' => $l_privmsgs_text,
 	'PRIVATE_MESSAGE_INFO_UNREAD' => $l_privmsgs_text_unread,
-	'PRIVATE_MESSAGE_NEW_FLAG' => $s_privmsg_new, 
+	'PRIVATE_MESSAGE_NEW_FLAG' => $s_privmsg_new,

 	'PRIVMSG_IMG' => $icon_pm,

-	'L_USERNAME' => $lang['Username'], 
-	'L_PASSWORD' => $lang['Password'], 
-	'L_LOGIN_LOGOUT' => $l_login_logout, 
-	'L_LOGIN' => $lang['Login'], 
-	'L_LOG_ME_IN' => $lang['Log_me_in'], 
-	'L_AUTO_LOGIN' => $lang['Log_me_in'], 
-	'L_INDEX' => sprintf($lang['Forum_Index'], $board_config['sitename']), 
-	'L_REGISTER' => $lang['Register'], 
-	'L_PROFILE' => $lang['Profile'], 
-	'L_SEARCH' => $lang['Search'], 
-	'L_PRIVATEMSGS' => $lang['Private_Messages'], 
-	'L_WHO_IS_ONLINE' => $lang['Who_is_Online'], 
-	'L_MEMBERLIST' => $lang['Memberlist'], 
-	'L_FAQ' => $lang['FAQ'], 
-	'L_USERGROUPS' => $lang['Usergroups'], 
-	'L_SEARCH_NEW' => $lang['Search_new'], 
-	'L_SEARCH_UNANSWERED' => $lang['Search_unanswered'], 
-	'L_SEARCH_SELF' => $lang['Search_your_posts'], 
-	'L_WHOSONLINE_ADMIN' => sprintf($lang['Admin_online_color'], '<span style="color:#' . $theme['fontcolor3'] . '">', '</span>'), 
-	'L_WHOSONLINE_MOD' => sprintf($lang['Mod_online_color'], '<span style="color:#' . $theme['fontcolor2'] . '">', '</span>'), 
+	'L_USERNAME' => $lang['Username'],
+	'L_PASSWORD' => $lang['Password'],
+	'L_LOGIN_LOGOUT' => $l_login_logout,
+	'L_LOGIN' => $lang['Login'],
+	'L_LOG_ME_IN' => $lang['Log_me_in'],
+	'L_AUTO_LOGIN' => $lang['Log_me_in'],
+	'L_INDEX' => sprintf($lang['Forum_Index'], $board_config['sitename']),
+	'L_REGISTER' => $lang['Register'],
+	'L_PROFILE' => $lang['Profile'],
+	'L_SEARCH' => $lang['Search'],
+	'L_PRIVATEMSGS' => $lang['Private_Messages'],
+	'L_WHO_IS_ONLINE' => $lang['Who_is_Online'],
+	'L_MEMBERLIST' => $lang['Memberlist'],
+	'L_FAQ' => $lang['FAQ'],
+	'L_USERGROUPS' => $lang['Usergroups'],
+	'L_SEARCH_NEW' => $lang['Search_new'],
+	'L_SEARCH_UNANSWERED' => $lang['Search_unanswered'],
+	'L_SEARCH_SELF' => $lang['Search_your_posts'],
+	'L_WHOSONLINE_ADMIN' => sprintf($lang['Admin_online_color'], '<span style="color:#' . $theme['fontcolor3'] . '">', '</span>'),
+	'L_WHOSONLINE_MOD' => sprintf($lang['Mod_online_color'], '<span style="color:#' . $theme['fontcolor2'] . '">', '</span>'),

 	'U_SEARCH_UNANSWERED' => append_sid('search.'.$phpEx.'?search_id=unanswered'),
-	'U_SEARCH_SELF' => append_sid('search.'.$phpEx.'?search_id=egosearch'), 
-	'U_SEARCH_NEW' => append_sid('search.'.$phpEx.'?search_id=newposts'), 
+	'U_SEARCH_SELF' => append_sid('search.'.$phpEx.'?search_id=egosearch'),
+	'U_SEARCH_NEW' => append_sid('search.'.$phpEx.'?search_id=newposts'),
 	'U_INDEX' => append_sid('index.'.$phpEx),
 	'U_REGISTER' => append_sid('profile.'.$phpEx.'?mode=register'),
 	'U_PROFILE' => append_sid('profile.'.$phpEx.'?mode=editprofile'),
-	'U_PRIVATEMSGS' => append_sid('privmsg.'.$phpEx.'?folder=inbox'), 
-	'U_PRIVATEMSGS_POPUP' => append_sid('privmsg.'.$phpEx.'?mode=newpm'), 
+	'U_PRIVATEMSGS' => append_sid('privmsg.'.$phpEx.'?folder=inbox'),
+	'U_PRIVATEMSGS_POPUP' => append_sid('privmsg.'.$phpEx.'?mode=newpm'),
 	'U_SEARCH' => append_sid('search.'.$phpEx),
-	'U_MEMBERLIST' => append_sid('memberlist.'.$phpEx), 
-	'U_MODCP' => append_sid('modcp.'.$phpEx), 
+	'U_MEMBERLIST' => append_sid('memberlist.'.$phpEx),
+	'U_MODCP' => append_sid('modcp.'.$phpEx),
 	'U_FAQ' => append_sid('faq.'.$phpEx),
 	'U_VIEWONLINE' => append_sid('viewonline.'.$phpEx),
 	'U_LOGIN_LOGOUT' => append_sid($u_login_logout),
-	'U_MEMBERSLIST' => append_sid('memberlist.'.$phpEx),
 	'U_GROUP_CP' => append_sid('groupcp.'.$phpEx),

-	'S_CONTENT_DIRECTION' => $lang['DIRECTION'], 
-	'S_CONTENT_ENCODING' => $lang['ENCODING'], 
-	'S_CONTENT_DIR_LEFT' => $lang['LEFT'], 
-	'S_CONTENT_DIR_RIGHT' => $lang['RIGHT'], 
-	'S_TIMEZONE' => sprintf($lang['All_times'], $lang[$board_config['board_timezone']]),
+	'S_CONTENT_DIRECTION' => $lang['DIRECTION'],
+	'S_CONTENT_ENCODING' => $lang['ENCODING'],
+	'S_CONTENT_DIR_LEFT' => $lang['LEFT'],
+	'S_CONTENT_DIR_RIGHT' => $lang['RIGHT'],
+	'S_TIMEZONE' => sprintf($lang['All_times'], $l_timezone),
 	'S_LOGIN_ACTION' => append_sid('login.'.$phpEx),

 	'T_HEAD_STYLESHEET' => $theme['head_stylesheet'],
@@ -427,7 +440,7 @@ $template->assign_vars(array(
 	'T_SPAN_CLASS1' => $theme['span_class1'],
 	'T_SPAN_CLASS2' => $theme['span_class2'],
 	'T_SPAN_CLASS3' => $theme['span_class3'],
-	
+
 	'NAV_LINKS' => $nav_links_html)
 );

@@ -448,9 +461,21 @@ else
 	}
 }

-header ('Cache-Control: private, pre-check=0, post-check=0, max-age=0');
-header ('Expires: ' . gmdate('D, d M Y H:i:s', time()) . ' GMT');
-header ('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT');
+// Add no-cache control for cookies if they are set
+//$c_no_cache = (isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_sid']) || isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_data'])) ? 'no-cache="set-cookie", ' : '';
+
+// Work around for "current" Apache 2 + PHP module which seems to not
+// cope with private cache control setting
+if (!empty($_SERVER['SERVER_SOFTWARE']) && strstr($_SERVER['SERVER_SOFTWARE'], 'Apache/2'))
+{
+	header ('Cache-Control: no-cache, pre-check=0, post-check=0');
+}
+else
+{
+	header ('Cache-Control: private, pre-check=0, post-check=0, max-age=0');
+}
+header ('Expires: 0');
+header ('Pragma: no-cache');

 $template->pparse('overall_header');

--- a/phpBB/includes/page_tail.php
+++ b/phpBB/includes/page_tail.php
@@ -22,70 +22,34 @@

 if ( !defined('IN_PHPBB') )
 {
-	die("Hacking attempt");
+	die('Hacking attempt');
 }

 //
 // Show the overall footer.
 //
-if($userdata['user_level'] == ADMIN)
-{
-	$admin_link = "<a href=\"" . append_sid("admin/index.$phpEx") . "\">" . $lang['Admin_panel'] . "</a><br /><br />";
-}
-else
-{
-	$admin_link = "";
-}
-$current_time = time();
+$admin_link = ( $userdata['user_level'] == ADMIN ) ? '<a href="admin/index.' . $phpEx . '?sid=' . $userdata['session_id'] . '">' . $lang['Admin_panel'] . '</a><br /><br />' : '';

-if( empty($gen_simple_header) )
-{
-	$template->set_filenames(array(
-		"overall_footer" => "overall_footer.tpl")
-	);
-}
-else
-{
-	$template->set_filenames(array(
-		"overall_footer" => "simple_footer.tpl")
-	);
-}
-
-$template->assign_vars(array(
-	"PHPBB_VERSION" => "2.0 " . $board_config['version'],
-	"TRANSLATION_INFO" => ( isset($lang['TRANSLATION_INFO']) ) ? $lang['TRANSLATION_INFO'] : "", 
-	"ADMIN_LINK" => $admin_link)
+$template->set_filenames(array(
+	'overall_footer' => ( empty($gen_simple_header) ) ? 'overall_footer.tpl' : 'simple_footer.tpl')
 );

-$template->pparse("overall_footer");
+$template->assign_vars(array(
+	'TRANSLATION_INFO' => ( isset($lang['TRANSLATION_INFO']) ) ? $lang['TRANSLATION_INFO'] : '',
+	'ADMIN_LINK' => $admin_link)
+);

-//
-// Output page creation time
-//
-$mtime = microtime();
-$mtime = explode(" ",$mtime);
-$mtime = $mtime[1] + $mtime[0];
-$endtime = $mtime;
-$totaltime = ($endtime - $starttime);
-
-$gzip_text = ($board_config['gzip_compress']) ? "GZIP compression enabled" : "GZIP compression disabled";
-$debug_mode = (DEBUG) ? " : Debug Mode" : "";
-
-printf("<br /><center><font size=\"-2\">phpBB Created this page in %f seconds : " . $db->num_queries . " queries executed : $gzip_text".$debug_mode."</font></center>", $totaltime);
+$template->pparse('overall_footer');

 //
 // Close our DB connection.
 //
 $db->sql_close();

-//for($i=0;$i<count($db->query_array);$i++)
-//	echo $db->query_array[$i] . "<BR>";
-
 //
-// Compress buffered output if required
-// and send to browser
+// Compress buffered output if required and send to browser
 //
-if($do_gzip_compress)
+if ( $do_gzip_compress )
 {
 	//
 	// Borrowed from php.net!
@@ -101,10 +65,10 @@ if($do_gzip_compress)

 	echo "\x1f\x8b\x08\x00\x00\x00\x00\x00";
 	echo $gzip_contents;
-	echo pack("V", $gzip_crc);
-	echo pack("V", $gzip_size);
+	echo pack('V', $gzip_crc);
+	echo pack('V', $gzip_size);
 }

 exit;

-?>
+?>
--- a/phpBB/includes/prune.php
+++ b/phpBB/includes/prune.php
@@ -27,18 +27,18 @@ if ( !defined('IN_PHPBB') )

 require($phpbb_root_path . 'includes/functions_search.'.$phpEx);

-function prune($forum_id, $prune_date)
+function prune($forum_id, $prune_date, $prune_all = false)
 {
 	global $db, $lang;

+	$prune_all = ($prune_all) ? '' : 'AND t.topic_vote = 0 AND t.topic_type <> ' . POST_ANNOUNCE;
 	//
-	// Those without polls ...
+	// Those without polls and announcements ... unless told otherwise!
 	//
 	$sql = "SELECT t.topic_id 
 		FROM " . POSTS_TABLE . " p, " . TOPICS_TABLE . " t
 		WHERE t.forum_id = $forum_id
-			AND t.topic_vote = 0 
-			AND t.topic_type <> " . POST_ANNOUNCE . " 
+			$prune_all 
 			AND ( p.post_id = t.topic_last_post_id 
 				OR t.topic_last_post_id = 0 )";
 	if ( $prune_date != '' )
@@ -56,6 +56,7 @@ function prune($forum_id, $prune_date)
 	{
 		$sql_topics .= ( ( $sql_topics != '' ) ? ', ' : '' ) . $row['topic_id'];
 	}
+	$db->sql_freeresult($result);
 		
 	if( $sql_topics != '' )
 	{
@@ -73,12 +74,20 @@ function prune($forum_id, $prune_date)
 		{
 			$sql_post .= ( ( $sql_post != '' ) ? ', ' : '' ) . $row['post_id'];
 		}
+		$db->sql_freeresult($result);

 		if ( $sql_post != '' )
 		{
-			$sql = "DELETE FROM " . TOPICS_TABLE . " 
+			$sql = "DELETE FROM " . TOPICS_WATCH_TABLE . " 
 				WHERE topic_id IN ($sql_topics)";
 			if ( !$db->sql_query($sql, BEGIN_TRANSACTION) )
+			{
+				message_die(GENERAL_ERROR, 'Could not delete watched topics during prune', '', __LINE__, __FILE__, $sql);
+			}
+
+			$sql = "DELETE FROM " . TOPICS_TABLE . " 
+				WHERE topic_id IN ($sql_topics)";
+			if ( !$db->sql_query($sql) )
 			{
 				message_die(GENERAL_ERROR, 'Could not delete topics during prune', '', __LINE__, __FILE__, $sql);
 			}
@@ -101,13 +110,6 @@ function prune($forum_id, $prune_date)
 				message_die(GENERAL_ERROR, 'Could not delete post during prune', '', __LINE__, __FILE__, $sql);
 			}

-			$sql = "DELETE FROM " . SEARCH_MATCH_TABLE . " 
-				WHERE post_id IN ($sql_post)";
-			if ( !$db->sql_query($sql) )
-			{
-				message_die(GENERAL_ERROR, 'Could not delete search matches', '', __LINE__, __FILE__, $sql);
-			}
-
 			remove_search_post($sql_post);

 			return array ('topics' => $pruned_topics, 'posts' => $pruned_posts);
--- a/phpBB/includes/sessions.php
+++ b/phpBB/includes/sessions.php
@@ -20,8 +20,6 @@
 *
 ***************************************************************************/

-//
-// session_begin()
 //
 // Adds/updates a new session to the database for the given userid.
 // Returns the new session ID on success.
@@ -39,23 +37,28 @@ function session_begin($user_id, $user_ip, $page_id, $auto_create = 0, $enable_a
 	if ( isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) || isset($HTTP_COOKIE_VARS[$cookiename . '_data']) )
 	{
 		$session_id = isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) ? $HTTP_COOKIE_VARS[$cookiename . '_sid'] : '';
-		$sessiondata = isset($HTTP_COOKIE_VARS[$cookiename . '_data']) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$cookiename . '_data'])) : '';
+		$sessiondata = isset($HTTP_COOKIE_VARS[$cookiename . '_data']) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$cookiename . '_data'])) : array();
 		$sessionmethod = SESSION_METHOD_COOKIE;
 	}
 	else
 	{
-		$sessiondata = '';
+		$sessiondata = array();
 		$session_id = ( isset($HTTP_GET_VARS['sid']) ) ? $HTTP_GET_VARS['sid'] : '';
 		$sessionmethod = SESSION_METHOD_GET;
 	}

+	//
+	if (!preg_match('/^[A-Za-z0-9]*$/', $session_id)) 
+	{
+		$session_id = '';
+	}
+
 	$last_visit = 0;
 	$current_time = time();
 	$expiry_time = $current_time - $board_config['session_length'];

 	//
-	// Try and pull the last time stored
-	// in a cookie, if it exists
+	// Try and pull the last time stored in a cookie, if it exists
 	//
 	$sql = "SELECT * 
 		FROM " . USERS_TABLE . " 
@@ -76,20 +79,18 @@ function session_begin($user_id, $user_ip, $page_id, $auto_create = 0, $enable_a
 			if ( isset($sessiondata['autologinid']) && $userdata['user_active'] )
 			{
 				// We have to login automagically
-				if( $sessiondata['autologinid'] == $auto_login_key )
+				if( $sessiondata['autologinid'] === $auto_login_key )
 				{
 					// autologinid matches password
 					$login = 1;
 					$enable_autologin = 1;
-
-					$last_visit = ( $userdata['user_session_time'] > 0 ) ? $userdata['user_session_time'] : $current_time;
 				}
 				else
 				{
 					// No match; don't login, set as anonymous user
 					$login = 0; 
 					$enable_autologin = 0; 
-					$user_id = ANONYMOUS;
+					$user_id = $userdata['user_id'] = ANONYMOUS;
 				}
 			}
 			else
@@ -97,12 +98,11 @@ function session_begin($user_id, $user_ip, $page_id, $auto_create = 0, $enable_a
 				// Autologin is not set. Don't login, set as anonymous user
 				$login = 0;
 				$enable_autologin = 0;
-				$user_id = ANONYMOUS;
+				$user_id = $userdata['user_id'] = ANONYMOUS;
 			}
 		}
 		else
 		{
-			$last_visit = ( $userdata['user_session_time'] > 0 ) ? $userdata['user_session_time'] : $current_time;
 			$login = 1;
 		}
 	}
@@ -123,8 +123,8 @@ function session_begin($user_id, $user_ip, $page_id, $auto_create = 0, $enable_a
 			OR ban_userid = $user_id";
 	if ( $user_id != ANONYMOUS )
 	{
-		$sql .= " OR ban_email LIKE '" . str_replace("\'", "''", $row['user_email']) . "' 
-			OR ban_email LIKE '" . substr(str_replace("\'", "''", $row['user_email']), strpos(str_replace("\'", "''", $row['user_email']), "@")) . "'";
+		$sql .= " OR ban_email LIKE '" . str_replace("\'", "''", $userdata['user_email']) . "' 
+			OR ban_email LIKE '" . substr(str_replace("\'", "''", $userdata['user_email']), strpos(str_replace("\'", "''", $userdata['user_email']), "@")) . "'";
 	}
 	if ( !($result = $db->sql_query($sql)) )
 	{
@@ -146,27 +146,29 @@ function session_begin($user_id, $user_ip, $page_id, $auto_create = 0, $enable_a
 		SET session_user_id = $user_id, session_start = $current_time, session_time = $current_time, session_page = $page_id, session_logged_in = $login
 		WHERE session_id = '" . $session_id . "' 
 			AND session_ip = '$user_ip'";
-	if ( !($result = $db->sql_query($sql)) || !$db->sql_affectedrows() )
+	if ( !$db->sql_query($sql) || !$db->sql_affectedrows() )
 	{
 		$session_id = md5(uniqid($user_ip));

 		$sql = "INSERT INTO " . SESSIONS_TABLE . "
 			(session_id, session_user_id, session_start, session_time, session_ip, session_page, session_logged_in)
 			VALUES ('$session_id', $user_id, $current_time, $current_time, '$user_ip', $page_id, $login)";
-		if ( !($result = $db->sql_query($sql)) )
+		if ( !$db->sql_query($sql) )
 		{
-			message_die(CRITICAL_ERROR, 'Error creating new session : session_begin', '', __LINE__, __FILE__, $sql);
+			message_die(CRITICAL_ERROR, 'Error creating new session', '', __LINE__, __FILE__, $sql);
 		}
 	}

 	if ( $user_id != ANONYMOUS )
-	{
+	{// ( $userdata['user_session_time'] > $expiry_time && $auto_create ) ? $userdata['user_lastvisit'] : ( 
+		$last_visit = ( $userdata['user_session_time'] > 0 ) ? $userdata['user_session_time'] : $current_time; 
+
 		$sql = "UPDATE " . USERS_TABLE . " 
 			SET user_session_time = $current_time, user_session_page = $page_id, user_lastvisit = $last_visit
 			WHERE user_id = $user_id";
 		if ( !$db->sql_query($sql) )
 		{
-			message_die(CRITICAL_ERROR, 'Error updating last visit time : session_begin', '', __LINE__, __FILE__, $sql);
+			message_die(CRITICAL_ERROR, 'Error updating last visit time', '', __LINE__, __FILE__, $sql);
 		}

 		$userdata['user_lastvisit'] = $last_visit;
@@ -185,17 +187,15 @@ function session_begin($user_id, $user_ip, $page_id, $auto_create = 0, $enable_a

 	setcookie($cookiename . '_data', serialize($sessiondata), $current_time + 31536000, $cookiepath, $cookiedomain, $cookiesecure);
 	setcookie($cookiename . '_sid', $session_id, 0, $cookiepath, $cookiedomain, $cookiesecure);
-//	header('Set-cookie: ' . $cookiename . '_data=' . urlencode(serialize($sessiondata)) . '; expires=' . gmdate("l, d-M-Y H:i:s", $current_time + 31536000) . ' GMT; domain=' . $cookiedomain . '; path=' . $cookiepath . $cookiesecure);
-//	header('Set-cookie: ' . $cookiename . '_sid=' . $session_id . '; domain=' . $cookiedomain . '; path=' . $cookiepath . $cookiesecure);

-	$SID = ( $sessionmethod == SESSION_METHOD_GET ) ? 'sid=' . $session_id : '';
+	$SID = 'sid=' . $session_id;

 	return $userdata;
 }

 //
-// Checks for a given user session, tidies session
-// table and updates user sessions at each page refresh
+// Checks for a given user session, tidies session table and updates user
+// sessions at each page refresh
 //
 function session_pagestart($user_ip, $thispage_id)
 {
@@ -206,24 +206,29 @@ function session_pagestart($user_ip, $thispage_id)
 	$cookiepath = $board_config['cookie_path'];
 	$cookiedomain = $board_config['cookie_domain'];
 	$cookiesecure = $board_config['cookie_secure'];
-	$cookiesecure = ( $board_config['cookie_secure'] ) ? '; secure' : '';

 	$current_time = time();
 	unset($userdata);

 	if ( isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) || isset($HTTP_COOKIE_VARS[$cookiename . '_data']) )
 	{
-		$sessiondata = isset( $HTTP_COOKIE_VARS[$cookiename . '_data'] ) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$cookiename . '_data'])) : '';
+		$sessiondata = isset( $HTTP_COOKIE_VARS[$cookiename . '_data'] ) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$cookiename . '_data'])) : array();
 		$session_id = isset( $HTTP_COOKIE_VARS[$cookiename . '_sid'] ) ? $HTTP_COOKIE_VARS[$cookiename . '_sid'] : '';
 		$sessionmethod = SESSION_METHOD_COOKIE;
 	}
 	else
 	{
-		$session_data = '';
+		$sessiondata = array();
 		$session_id = ( isset($HTTP_GET_VARS['sid']) ) ? $HTTP_GET_VARS['sid'] : '';
 		$sessionmethod = SESSION_METHOD_GET;
 	}

+	// 
+	if (!preg_match('/^[A-Za-z0-9]*$/', $session_id))
+	{
+		$session_id = '';
+	}
+
 	//
 	// Does a session exist?
 	//
@@ -236,11 +241,10 @@ function session_pagestart($user_ip, $thispage_id)
 		$sql = "SELECT u.*, s.*
 			FROM " . SESSIONS_TABLE . " s, " . USERS_TABLE . " u
 			WHERE s.session_id = '$session_id'
-				AND u.user_id = s.session_user_id 
-				AND s.session_ip = '$user_ip'";
+				AND u.user_id = s.session_user_id";
 		if ( !($result = $db->sql_query($sql)) )
 		{
-			message_die(CRITICAL_ERROR, 'Error doing DB query userdata row fetch : session_pagestart', '', __LINE__, __FILE__, $sql);
+			message_die(CRITICAL_ERROR, 'Error doing DB query userdata row fetch', '', __LINE__, __FILE__, $sql);
 		}

 		$userdata = $db->sql_fetchrow($result);
@@ -250,40 +254,60 @@ function session_pagestart($user_ip, $thispage_id)
 		//
 		if ( isset($userdata['user_id']) )
 		{
-			$SID = ( $sessionmethod == SESSION_METHOD_GET ) ? 'sid=' . $session_id : '';
-
 			//
-			// Only update session DB a minute or so after last update
+			// Do not check IP assuming equivalence, if IPv4 we'll check only first 24
+			// bits ... I've been told (by vHiker) this should alleviate problems with 
+			// load balanced et al proxies while retaining some reliance on IP security.
 			//
-			$last_update = ( $userdata['user_id'] == ANONYMOUS ) ? $userdata['session_time'] : $userdata['user_session_time'];
+			$ip_check_s = substr($userdata['session_ip'], 0, 6);
+			$ip_check_u = substr($user_ip, 0, 6);

-			if ( $current_time - $last_update > 60 )
-			{ // || $userdata['user_session_page'] != $thispage_id
-				$sql = ( $userdata['user_id'] == ANONYMOUS ) ? "UPDATE " . SESSIONS_TABLE . " SET session_time = $current_time, session_page = $thispage_id WHERE session_id = '" . $userdata['session_id'] . "' AND session_ip = '$user_ip'" : "UPDATE " . USERS_TABLE . " SET user_session_time = $current_time, user_session_page = $thispage_id WHERE user_id = " . $userdata['user_id'];
-				if ( !$db->sql_query($sql) )
-				{
-					message_die(CRITICAL_ERROR, 'Error updating sessions table : session_pagestart', '', __LINE__, __FILE__, $sql);
-				}
+			if ($ip_check_s == $ip_check_u)
+			{
+				$SID = ($sessionmethod == SESSION_METHOD_GET || defined('IN_ADMIN')) ? 'sid=' . $session_id : '';

 				//
-				// Delete expired sessions
+				// Only update session DB a minute or so after last update
 				//
-				$expiry_time = $current_time - $board_config['session_length'];
-				$sql = "DELETE FROM " . SESSIONS_TABLE . " 
-					WHERE session_time < $expiry_time 
-						AND session_id <> '$session_id'";
-				if ( !($result = $db->sql_query($sql)) )
+				if ( $current_time - $userdata['session_time'] > 60 )
 				{
-					message_die(CRITICAL_ERROR, 'Error clearing sessions table : session_pagestart', '', __LINE__, __FILE__, $sql);
+					$sql = "UPDATE " . SESSIONS_TABLE . " 
+						SET session_time = $current_time, session_page = $thispage_id 
+						WHERE session_id = '" . $userdata['session_id'] . "'";
+					if ( !$db->sql_query($sql) )
+					{
+						message_die(CRITICAL_ERROR, 'Error updating sessions table', '', __LINE__, __FILE__, $sql);
+					}
+
+					if ( $userdata['user_id'] != ANONYMOUS )
+					{
+						$sql = "UPDATE " . USERS_TABLE . " 
+							SET user_session_time = $current_time, user_session_page = $thispage_id 
+							WHERE user_id = " . $userdata['user_id'];
+						if ( !$db->sql_query($sql) )
+						{
+							message_die(CRITICAL_ERROR, 'Error updating sessions table', '', __LINE__, __FILE__, $sql);
+						}
+					}
+
+					//
+					// Delete expired sessions
+					//
+					$expiry_time = $current_time - $board_config['session_length'];
+					$sql = "DELETE FROM " . SESSIONS_TABLE . " 
+						WHERE session_time < $expiry_time 
+							AND session_id <> '$session_id'";
+					if ( !$db->sql_query($sql) )
+					{
+						message_die(CRITICAL_ERROR, 'Error clearing sessions table', '', __LINE__, __FILE__, $sql);
+					}
+
+					setcookie($cookiename . '_data', serialize($sessiondata), $current_time + 31536000, $cookiepath, $cookiedomain, $cookiesecure);
+					setcookie($cookiename . '_sid', $session_id, 0, $cookiepath, $cookiedomain, $cookiesecure);
 				}

-				setcookie($cookiename . '_data', serialize($sessiondata), $current_time + 31536000, $cookiepath, $cookiedomain, $cookiesecure);
-				setcookie($cookiename . '_sid', $session_id, 0, $cookiepath, $cookiedomain, $cookiesecure);
-//				header('Set-cookie: ' . $cookiename . '_data=' . urlencode(serialize($sessiondata)) . '; expires=' . gmdate("l, d-M-Y H:i:s", $current_time + 31536000) . ' GMT; domain=' . $cookiedomain . '; path=' . $cookiepath . $cookiesecure);
-//				header('Set-cookie: ' . $cookiename . '_sid=' . $session_id . '; domain=' . $cookiedomain . '; path=' . $cookiepath . $cookiesecure);
+				return $userdata;
 			}
-
-			return $userdata;
 		}
 	}

@@ -291,11 +315,11 @@ function session_pagestart($user_ip, $thispage_id)
 	// If we reach here then no (valid) session exists. So we'll create a new one,
 	// using the cookie user_id if available to pull basic user prefs.
 	//
-	$user_id = ( isset($sessiondata['userid']) ) ? $sessiondata['userid'] : ANONYMOUS;
+	$user_id = ( isset($sessiondata['userid']) ) ? intval($sessiondata['userid']) : ANONYMOUS;

 	if ( !($userdata = session_begin($user_id, $user_ip, $thispage_id, TRUE)) )
 	{
-		message_die(CRITICAL_ERROR, 'Error creating user session : session_pagestart', '', __LINE__, __FILE__, $sql);
+		message_die(CRITICAL_ERROR, 'Error creating user session', '', __LINE__, __FILE__, $sql);
 	}

 	return $userdata;
@@ -316,7 +340,8 @@ function session_end($session_id, $user_id)
 	$cookiepath = $board_config['cookie_path'];
 	$cookiedomain = $board_config['cookie_domain'];
 	$cookiesecure = $board_config['cookie_secure'];
-//	$cookiesecure = ( $board_config['cookie_secure'] ) ? '; secure' : '';
+
+	$current_time = time();

 	//
 	// Pull cookiedata or grab the URI propagated sid
@@ -332,26 +357,26 @@ function session_end($session_id, $user_id)
 		$sessionmethod = SESSION_METHOD_GET;
 	}

+	if (!preg_match('/^[A-Za-z0-9]*$/', $session_id))
+	{
+		return;
+	}
+	
 	//
 	// Delete existing session
 	//
 	$sql = "DELETE FROM " . SESSIONS_TABLE . " 
 		WHERE session_id = '$session_id' 
 			AND session_user_id = $user_id";
-	if ( !($result = $db->sql_query($sql)) )
+	if ( !$db->sql_query($sql) )
 	{
-		message_die(CRITICAL_ERROR, 'Error removing user session : session_end', '', __LINE__, __FILE__, $sql);
+		message_die(CRITICAL_ERROR, 'Error removing user session', '', __LINE__, __FILE__, $sql);
 	}

 	setcookie($cookiename . '_data', '', $current_time - 31536000, $cookiepath, $cookiedomain, $cookiesecure);
 	setcookie($cookiename . '_sid', '', $current_time - 31536000, $cookiepath, $cookiedomain, $cookiesecure);
-//	header('Set-cookie: ' . $cookiename . '_data=0; expires=' . gmdate("l, d-M-Y H:i:s", 0) . ' GMT; domain=' . $cookiedomain . '; path=' . $cookiepath. $cookiesecure);
-//	header('Set-cookie: ' . $cookiename . '_sid=0; expires=' . gmdate("l, d-M-Y H:i:s", 0) . ' GMT; domain=' . $cookiedomain . '; path=' . $cookiepath . $cookiesecure);
-
-	$SID = ( $sessionmethod == SESSION_METHOD_GET ) ? 'sid=' . $session_id : '';
-
-	return TRUE;

+	return true;
 }

 //
@@ -364,12 +389,12 @@ function append_sid($url, $non_html_amp = false)
 {
 	global $SID;

-	if ( !empty($SID) && !eregi('sid=', $url) )
+	if ( !empty($SID) && !preg_match('#sid=#', $url) )
 	{
 		$url .= ( ( strpos($url, '?') != false ) ?  ( ( $non_html_amp ) ? '&' : '&amp;' ) : '?' ) . $SID;
 	}

-	return($url);
+	return $url;
 }

-?>
+?>
--- a/phpBB/includes/smtp.php
+++ b/phpBB/includes/smtp.php
@@ -20,54 +20,43 @@
 ***************************************************************************/

 define('SMTP_INCLUDED', 1);
+
 //
 // This function has been modified as provided
 // by SirSir to allow multiline responses when 
 // using SMTP Extensions
 //
-function server_parse($socket, $response) 
+function server_parse($socket, $response, $line = __LINE__) 
 { 
-   while ( substr($server_response,3,1) != ' ' ) 
-   { 
-      if( !( $server_response = fgets($socket, 256) ) ) 
-      { 
-         message_die(GENERAL_ERROR, "Couldn't get mail server response codes", "", __LINE__, __FILE__); 
-      } 
-   } 
+	while (substr($server_response, 3, 1) != ' ') 
+	{
+		if (!($server_response = fgets($socket, 256))) 
+		{ 
+			message_die(GENERAL_ERROR, "Couldn't get mail server response codes", "", $line, __FILE__); 
+		} 
+	} 

-   if( !( substr($server_response, 0, 3) == $response ) ) 
-   { 
-      message_die(GENERAL_ERROR, "Ran into problems sending Mail. Response: $server_response", "", __LINE__, __FILE__); 
-   } 
-} 
+	if (!(substr($server_response, 0, 3) == $response)) 
+	{ 
+		message_die(GENERAL_ERROR, "Ran into problems sending Mail. Response: $server_response", "", $line, __FILE__); 
+	} 
+}

-/****************************************************************************
-*	Function: 		smtpmail
-*	Description: 	This is a functional replacement for php's builtin mail
-*						function, that uses smtp.
-*	Usage:			The usage for this function is identical to that of php's
-*						built in mail function.
-****************************************************************************/
-function smtpmail($mail_to, $subject, $message, $headers = "")
+// Replacement or substitute for PHP's mail command
+function smtpmail($mail_to, $subject, $message, $headers = '')
 {
-	// For now I'm using an array based $smtp_vars to hold the smtp server
-	// info, but it should probably change to $board_config...
-	// then the relevant info would be $board_config['smtp_host'] and
-	// $board_config['smtp_port'].
 	global $board_config;

-	//
 	// Fix any bare linefeeds in the message to make it RFC821 Compliant.
-	//
-	$message = preg_replace("/(?<!\r)\n/si", "\r\n", $message);
+	$message = preg_replace("#(?<!\r)\n#si", "\r\n", $message);

-	if ($headers != "")
+	if ($headers != '')
 	{
-		if(is_array($headers))
+		if (is_array($headers))
 		{
-			if(sizeof($headers) > 1)
+			if (sizeof($headers) > 1)
 			{
-				$headers = join("\r\n", $headers);
+				$headers = join("\n", $headers);
 			}
 			else
 			{
@@ -76,140 +65,129 @@ function smtpmail($mail_to, $subject, $message, $headers = "")
 		}
 		$headers = chop($headers);

-		//
 		// Make sure there are no bare linefeeds in the headers
-		//
-		$headers = preg_replace("/(?<!\r)\n/si", "\r\n", $headers);
-		//
+		$headers = preg_replace('#(?<!\r)\n#si', "\r\n", $headers);
+
 		// Ok this is rather confusing all things considered,
 		// but we have to grab bcc and cc headers and treat them differently
 		// Something we really didn't take into consideration originally
-		//
 		$header_array = explode("\r\n", $headers);
 		@reset($header_array);
-		$headers = "";
-		while( list(, $header) = each($header_array) )
+
+		$headers = '';
+		while(list(, $header) = each($header_array))
 		{
-			if( preg_match("/^cc:/si", $header) )
+			if (preg_match('#^cc:#si', $header))
 			{
-				$cc = preg_replace("/^cc:(.*)/si", "\\1", $header);
+				$cc = preg_replace('#^cc:(.*)#si', '\1', $header);
 			}
-			else if( preg_match("/^bcc:/si", $header ))
+			else if (preg_match('#^bcc:#si', $header))
 			{
-				$bcc = preg_replace("/^bcc:(.*)/si", "\\1", $header);
-				$header = "";
+				$bcc = preg_replace('#^bcc:(.*)#si', '\1', $header);
+				$header = '';
 			}
-			$headers .= $header . "\r\n";
+			$headers .= ($header != '') ? $header . "\r\n" : '';
 		}
+
 		$headers = chop($headers);
-		$cc = explode(",", $cc);
-		$bcc = explode(",", $bcc);
+		$cc = explode(', ', $cc);
+		$bcc = explode(', ', $bcc);
 	}
-	if(trim($mail_to) == "")
-	{
-		message_die(GENERAL_ERROR, "No email address specified", "", __LINE__, __FILE__);
-	}
-	if(trim($subject) == "")
+
+	if (trim($subject) == '')
 	{
 		message_die(GENERAL_ERROR, "No email Subject specified", "", __LINE__, __FILE__);
 	}
-	if(trim($message) == "")
+
+	if (trim($message) == '')
 	{
 		message_die(GENERAL_ERROR, "Email message was blank", "", __LINE__, __FILE__);
 	}
-	$mail_to_array = explode(",", $mail_to);

-	//
 	// Ok we have error checked as much as we can to this point let's get on
 	// it already.
-	//
 	if( !$socket = fsockopen($board_config['smtp_host'], 25, $errno, $errstr, 20) )
 	{
 		message_die(GENERAL_ERROR, "Could not connect to smtp host : $errno : $errstr", "", __LINE__, __FILE__);
 	}
-	server_parse($socket, "220");

+	// Wait for reply
+	server_parse($socket, "220", __LINE__);
+
+	// Do we want to use AUTH?, send RFC2554 EHLO, else send RFC821 HELO
+	// This improved as provided by SirSir to accomodate
 	if( !empty($board_config['smtp_username']) && !empty($board_config['smtp_password']) )
 	{ 
-		// Send the RFC2554 specified EHLO. 
-		// This improved as provided by SirSir to accomodate
-		// both SMTP AND ESMTP capable servers
-		fputs($socket, "EHLO " . $board_config['smtp_host'] . "\r\n"); 
-		server_parse($socket, "250"); 
+		fputs($socket, "EHLO " . $board_config['smtp_host'] . "\r\n");
+		server_parse($socket, "250", __LINE__);

-		fputs($socket, "AUTH LOGIN\r\n"); 
-		server_parse($socket, "334"); 
-		fputs($socket, base64_encode($board_config['smtp_username']) . "\r\n"); 
-		server_parse($socket, "334"); 
-		fputs($socket, base64_encode($board_config['smtp_password']) . "\r\n"); 
-		server_parse($socket, "235"); 
-	} 
-	else 
-	{ 
-		// Send the RFC821 specified HELO. 
-		fputs($socket, "HELO " . $board_config['smtp_host'] . "\r\n"); 
-		server_parse($socket, "250"); 
+		fputs($socket, "AUTH LOGIN\r\n");
+		server_parse($socket, "334", __LINE__);
+
+		fputs($socket, base64_encode($board_config['smtp_username']) . "\r\n");
+		server_parse($socket, "334", __LINE__);
+
+		fputs($socket, base64_encode($board_config['smtp_password']) . "\r\n");
+		server_parse($socket, "235", __LINE__);
+	}
+	else
+	{
+		fputs($socket, "HELO " . $board_config['smtp_host'] . "\r\n");
+		server_parse($socket, "250", __LINE__);
 	}

 	// From this point onward most server response codes should be 250
 	// Specify who the mail is from....
 	fputs($socket, "MAIL FROM: <" . $board_config['board_email'] . ">\r\n");
-	server_parse($socket, "250");
+	server_parse($socket, "250", __LINE__);

 	// Specify each user to send to and build to header.
-	$to_header = "To: ";
-	@reset( $mail_to_array );
-	while( list( , $mail_to_address ) = each( $mail_to_array ))
+	$to_header = '';
+
+	// Add an additional bit of error checking to the To field.
+	$mail_to = (trim($mail_to) == '') ? 'Undisclosed-recipients:;' : trim($mail_to);
+	if (preg_match('#[^ ]+\@[^ ]+#', $mail_to))
 	{
-		//
-		// Add an additional bit of error checking to the To field.
-		//
-		$mail_to_address = trim($mail_to_address);
-		if ( preg_match('/[^ ]+\@[^ ]+/', $mail_to_address) )
-		{
-			fputs( $socket, "RCPT TO: <$mail_to_address>\r\n" );
-			server_parse( $socket, "250" );
-		}
-		$to_header .= "<$mail_to_address>, ";
+		fputs($socket, "RCPT TO: <$mail_to>\r\n");
+		server_parse($socket, "250", __LINE__);
 	}
+
 	// Ok now do the CC and BCC fields...
-	@reset( $bcc );
-	while( list( , $bcc_address ) = each( $bcc ))
+	@reset($bcc);
+	while(list(, $bcc_address) = each($bcc))
 	{
-		//
 		// Add an additional bit of error checking to bcc header...
-		//
-		$bcc_address = trim( $bcc_address );
-		if ( preg_match('/[^ ]+\@[^ ]+/', $bcc_address) )
+		$bcc_address = trim($bcc_address);
+		if (preg_match('#[^ ]+\@[^ ]+#', $bcc_address))
 		{
-			fputs( $socket, "RCPT TO: <$bcc_address>\r\n" );
-			server_parse( $socket, "250" );
+			fputs($socket, "RCPT TO: <$bcc_address>\r\n");
+			server_parse($socket, "250", __LINE__);
 		}
 	}
-	@reset( $cc );
-	while( list( , $cc_address ) = each( $cc ))
+
+	@reset($cc);
+	while(list(, $cc_address) = each($cc))
 	{
-		//
 		// Add an additional bit of error checking to cc header
-		//
-		$cc_address = trim( $cc_address );
-		if ( preg_match('/[^ ]+\@[^ ]+/', $cc_address) )
+		$cc_address = trim($cc_address);
+		if (preg_match('#[^ ]+\@[^ ]+#', $cc_address))
 		{
 			fputs($socket, "RCPT TO: <$cc_address>\r\n");
-			server_parse($socket, "250");
+			server_parse($socket, "250", __LINE__);
 		}
 	}
+
 	// Ok now we tell the server we are ready to start sending data
 	fputs($socket, "DATA\r\n");

 	// This is the last response code we look for until the end of the message.
-	server_parse($socket, "354");
+	server_parse($socket, "354", __LINE__);

 	// Send the Subject Line...
 	fputs($socket, "Subject: $subject\r\n");

 	// Now the To Header.
-	fputs($socket, "$to_header\r\n");
+	fputs($socket, "To: $mail_to\r\n");

 	// Now any custom headers....
 	fputs($socket, "$headers\r\n\r\n");
@@ -219,7 +197,7 @@ function smtpmail($mail_to, $subject, $message, $headers = "")

 	// Ok the all the ingredients are mixed in let's cook this puppy...
 	fputs($socket, ".\r\n");
-	server_parse($socket, "250");
+	server_parse($socket, "250", __LINE__);

 	// Now tell the server we are done and close the socket...
 	fputs($socket, "QUIT\r\n");
@@ -228,4 +206,4 @@ function smtpmail($mail_to, $subject, $message, $headers = "")
 	return TRUE;
 }

-?>
+?>
--- a/phpBB/includes/template.php
+++ b/phpBB/includes/template.php
@@ -230,7 +230,7 @@ class Template {
 		// Check if it's an absolute or relative path.
 		if (substr($filename, 0, 1) != '/')
 		{
-			$filename = $this->root . '/' . $filename;
+       		$filename = ($rp_filename = phpbb_realpath($this->root . '/' . $filename)) ? $rp_filename : $filename;
 		}

 		if (!file_exists($filename))
@@ -331,7 +331,7 @@ class Template {
 					if ($block_nesting_level < 2)
 					{
 						// Block is not nested.
-						$code_lines[$i] = '$_' . $a[1] . '_count = ( isset($this->_tpldata[\'' . $n[1] . '.\']) ) ?  sizeof($this->_tpldata[\'' . $n[1] . '.\']) : 0;';
+						$code_lines[$i] = '$_' . $n[1] . '_count = ( isset($this->_tpldata[\'' . $n[1] . '.\']) ) ?  sizeof($this->_tpldata[\'' . $n[1] . '.\']) : 0;';
 						$code_lines[$i] .= "\n" . 'for ($_' . $n[1] . '_i = 0; $_' . $n[1] . '_i < $_' . $n[1] . '_count; $_' . $n[1] . '_i++)';
 						$code_lines[$i] .= "\n" . '{';
 					}
@@ -347,7 +347,7 @@ class Template {
 						// current indices of all parent blocks.
 						$varref = $this->generate_block_data_ref($namespace, false);
 						// Create the for loop code to iterate over this block.
-						$code_lines[$i] = '$_' . $a[1] . '_count = ( isset(' . $varref . ') ) ? sizeof(' . $varref . ') : 0;';
+						$code_lines[$i] = '$_' . $n[1] . '_count = ( isset(' . $varref . ') ) ? sizeof(' . $varref . ') : 0;';
 						$code_lines[$i] .= "\n" . 'for ($_' . $n[1] . '_i = 0; $_' . $n[1] . '_i < $_' . $n[1] . '_count; $_' . $n[1] . '_i++)';
 						$code_lines[$i] .= "\n" . '{';
 					}
--- a/phpBB/includes/topic_review.php
+++ b/phpBB/includes/topic_review.php
@@ -30,9 +30,9 @@ function topic_review($topic_id, $is_inline_review)

 	if ( !$is_inline_review )
 	{
-		if ( !isset($topic_id) )
+		if ( !isset($topic_id) || !$topic_id)
 		{
-			message_die(GENERAL_MESSAGE, 'Topic_not_exist');
+			message_die(GENERAL_MESSAGE, 'Topic_post_not_exist');
 		}

 		//
@@ -51,6 +51,7 @@ function topic_review($topic_id, $is_inline_review)
 		{
 			message_die(GENERAL_MESSAGE, 'Topic_post_not_exist');
 		}
+		$db->sql_freeresult($result);

 		$forum_id = $forum_row['forum_id'];
 		$topic_title = $forum_row['topic_title'];
@@ -139,6 +140,11 @@ function topic_review($topic_id, $is_inline_review)
 				$poster = $row['post_username'];
 				$poster_rank = $lang['Guest'];
 			}
+			elseif ( $poster_id == ANONYMOUS )
+			{
+				$poster = $lang['Guest'];
+				$poster_rank = '';
+			}

 			$post_subject = ( $row['post_subject'] != '' ) ? $row['post_subject'] : '';

@@ -202,6 +208,7 @@ function topic_review($topic_id, $is_inline_review)
 	{
 		message_die(GENERAL_MESSAGE, 'Topic_post_not_exist', '', __LINE__, __FILE__, $sql);
 	}
+	$db->sql_freeresult($result);

 	$template->assign_vars(array(
 		'L_AUTHOR' => $lang['Author'],
@@ -218,4 +225,4 @@ function topic_review($topic_id, $is_inline_review)
 	}
 }

-?>
+?>
--- a/phpBB/includes/usercp_activate.php
+++ b/phpBB/includes/usercp_activate.php
@@ -27,70 +27,81 @@ if ( !defined('IN_PHPBB') )
 	exit;
 }

-$sql = "SELECT user_id, user_email, user_newpasswd, user_lang  
+$sql = "SELECT user_active, user_id, username, user_email, user_newpasswd, user_lang, user_actkey 
 	FROM " . USERS_TABLE . "
-	WHERE user_actkey = '" . str_replace("\'", "''", $HTTP_GET_VARS['act_key']) . "'";
-if ( $result = $db->sql_query($sql) )
-{
-	if ( $row = $db->sql_fetchrow($result) )
-	{
-		$sql_update_pass = ( $row['user_newpasswd'] != '' ) ? ", user_password = '" . str_replace("\'", "''", $row['user_newpasswd']) . "', user_newpasswd = ''" : "";
-
-		$sql = "UPDATE " . USERS_TABLE . "
-			SET user_active = 1, user_actkey = ''" . $sql_update_pass . " 
-			WHERE user_id = " . $row['user_id'];
-		if ( $result = $db->sql_query($sql) )
-		{
-			if ( $board_config['require_activation'] == USER_ACTIVATION_ADMIN && $sql_update_pass == '' )
-			{
-				include($phpbb_root_path . 'includes/emailer.'.$phpEx);
-				$emailer = new emailer($board_config['smtp_delivery']);
-
-				$email_headers = 'From: ' . $board_config['board_email'] . "\r\nReturn-Path: " . $board_config['board_email'] . "\r\n";
-
-				$emailer->use_template('admin_welcome_activated', $row['user_lang']);
-				$emailer->email_address($row['user_email']);
-				$emailer->set_subject();//$lang['Account_activated_subject']
-				$emailer->extra_headers($email_headers);
-
-				$emailer->assign_vars(array(
-					'SITENAME' => $board_config['sitename'], 
-					'USERNAME' => $username,
-					'PASSWORD' => $password_confirm,
-					'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']))
-				);
-				$emailer->send();
-				$emailer->reset();
-
-				$template->assign_vars(array(
-					'META' => '<meta http-equiv="refresh" content="10;url=' . append_sid("index.$phpEx") . '">')
-				);
-
-				message_die(GENERAL_MESSAGE, $lang['Account_active_admin']);
-			}
-			else
-			{
-				$template->assign_vars(array(
-					'META' => '<meta http-equiv="refresh" content="10;url=' . append_sid("index.$phpEx") . '">')
-				);
-
-				$message = ( $sql_update_pass == '' ) ? $lang['Account_active'] : $lang['Password_activated']; 
-				message_die(GENERAL_MESSAGE, $message);
-			}
-		}
-		else
-		{
-			message_die(GENERAL_ERROR, 'Could not update users table', '', __LINE__, __FILE__, $sql_update);
-		}
-	}
-	else
-	{
-		message_die(GENERAL_ERROR, $lang['Wrong_activation']); //wrongactiv
-	}
-}
-else
+	WHERE user_id = " . intval($HTTP_GET_VARS[POST_USERS_URL]);
+if ( !($result = $db->sql_query($sql)) )
 {
 	message_die(GENERAL_ERROR, 'Could not obtain user information', '', __LINE__, __FILE__, $sql);
 }

-?>
+if ( $row = $db->sql_fetchrow($result) )
+{
+	if ( $row['user_active'] && trim($row['user_actkey']) == '' )
+	{
+		$template->assign_vars(array(
+			'META' => '<meta http-equiv="refresh" content="10;url=' . append_sid("index.$phpEx") . '">')
+		);
+
+		message_die(GENERAL_MESSAGE, $lang['Already_activated']);
+	}
+	else if ((trim($row['user_actkey']) == trim($HTTP_GET_VARS['act_key'])) && (trim($row['user_actkey']) != ''))
+	{
+		$sql_update_pass = ( $row['user_newpasswd'] != '' ) ? ", user_password = '" . str_replace("\'", "''", $row['user_newpasswd']) . "', user_newpasswd = ''" : '';
+
+		$sql = "UPDATE " . USERS_TABLE . "
+			SET user_active = 1, user_actkey = ''" . $sql_update_pass . " 
+			WHERE user_id = " . $row['user_id']; 
+		if ( !($result = $db->sql_query($sql)) )
+		{
+			message_die(GENERAL_ERROR, 'Could not update users table', '', __LINE__, __FILE__, $sql_update);
+		}
+
+		if ( intval($board_config['require_activation']) == USER_ACTIVATION_ADMIN && $sql_update_pass == '' )
+		{
+			include($phpbb_root_path . 'includes/emailer.'.$phpEx);
+			$emailer = new emailer($board_config['smtp_delivery']);
+
+			$emailer->from($board_config['board_email']);
+			$emailer->replyto($board_config['board_email']);
+
+			$emailer->use_template('admin_welcome_activated', $row['user_lang']);
+			$emailer->email_address($row['user_email']);
+			$emailer->set_subject($lang['Account_activated_subject']);
+
+			$emailer->assign_vars(array(
+				'SITENAME' => $board_config['sitename'], 
+				'USERNAME' => $row['username'],
+				'PASSWORD' => $password_confirm,
+				'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '')
+			);
+			$emailer->send();
+			$emailer->reset();
+
+			$template->assign_vars(array(
+				'META' => '<meta http-equiv="refresh" content="10;url=' . append_sid("index.$phpEx") . '">')
+			);
+
+			message_die(GENERAL_MESSAGE, $lang['Account_active_admin']);
+		}
+		else
+		{
+			$template->assign_vars(array(
+				'META' => '<meta http-equiv="refresh" content="10;url=' . append_sid("index.$phpEx") . '">')
+			);
+
+			$message = ( $sql_update_pass == '' ) ? $lang['Account_active'] : $lang['Password_activated']; 
+			message_die(GENERAL_MESSAGE, $message);
+		}
+	}
+	else
+	{
+		message_die(GENERAL_MESSAGE, $lang['Wrong_activation']);
+	}
+}
+else
+{
+	message_die(GENERAL_MESSAGE, $lang['No_such_user']);
+}
+
+?>
--- a/phpBB/includes/usercp_avatar.php
+++ b/phpBB/includes/usercp_avatar.php
@@ -51,9 +51,10 @@ function user_avatar_delete($avatar_type, $avatar_file)
 {
 	global $board_config, $userdata;

+	$avatar_file = basename($avatar_file);
 	if ( $avatar_type == USER_AVATAR_UPLOAD && $avatar_file != '' )
 	{
-		if ( @file_exists('./' . $board_config['avatar_path'] . '/' . $avatar_file) )
+		if ( @file_exists(@phpbb_realpath('./' . $board_config['avatar_path'] . '/' . $avatar_file)) )
 		{
 			@unlink('./' . $board_config['avatar_path'] . '/' . $avatar_file);
 		}
@@ -64,17 +65,33 @@ function user_avatar_delete($avatar_type, $avatar_file)

 function user_avatar_gallery($mode, &$error, &$error_msg, $avatar_filename)
 {
-	return ( $mode == 'editprofile' ) ? ", user_avatar = '" . str_replace("\'", "''", $avatar_filename) . "', user_avatar_type = " . USER_AVATAR_GALLERY : '';
+	global $board_config;
+
+	$avatar_filename = str_replace(array('../', '..\\', './', '.\\'), '', $avatar_filename);
+	if ($avatar_filename{0} == '/' || $avatar_filename{0} == "\\")
+	{
+		return '';
+	}
+
+	if ( file_exists(@phpbb_realpath($board_config['avatar_gallery_path'] . '/' . $avatar_filename)) && ($mode == 'editprofile') )
+	{
+		$return = ", user_avatar = '" . str_replace("\'", "''", $avatar_filename) . "', user_avatar_type = " . USER_AVATAR_GALLERY;
+	}
+	else
+	{
+		$return = '';
+	}
+	return $return;
 }

 function user_avatar_url($mode, &$error, &$error_msg, $avatar_filename)
 {
-	if ( !preg_match('#^http:\/\/#i', $avatar_filename) )
+	if ( !preg_match('#^(http)|(ftp):\/\/#i', $avatar_filename) )
 	{
 		$avatar_filename = 'http://' . $avatar_filename;
 	}

-	if ( !preg_match('#^(http:\/\/[a-z0-9\-]+?\.([a-z0-9\-]+\.)*[a-z]+(:[0-9]+)*\/.*?\.(gif|jpg|jpeg|png)$)#is', $avatar_filename) )
+	if ( !preg_match("#^((ht|f)tp://)([^ \?&=\#\"\n\r\t<]*?(\.(jpg|jpeg|gif|png))$)#is", $avatar_filename) )
 	{
 		$error = true;
 		$error_msg = ( !empty($error_msg) ) ? $error_msg . '<br />' . $lang['Wrong_remote_avatar_format'] : $lang['Wrong_remote_avatar_format'];
@@ -87,7 +104,7 @@ function user_avatar_url($mode, &$error, &$error_msg, $avatar_filename)

 function user_avatar_upload($mode, $avatar_mode, &$current_avatar, &$current_type, &$error, &$error_msg, $avatar_filename, $avatar_realname, $avatar_filesize, $avatar_filetype)
 {
-	global $board_config, $user_ip, $db, $lang;
+	global $board_config, $db, $lang;

 	$ini_val = ( @phpversion() >= '4.0.0' ) ? 'ini_get' : 'get_cfg_var';

@@ -121,7 +138,7 @@ function user_avatar_upload($mode, $avatar_mode, &$current_avatar, &$current_typ
 		}
 		@fclose($fsock);

-		if ( !preg_match('/Content-Length\: ([0-9]+)[^\/ ][\s]+/i', $avatar_data, $file_data1) || !preg_match('/Content-Type\: image\/[x\-]*([a-z]+)[\s]+/i', $avatar_data, $file_data2) )
+		if (!preg_match('#Content-Length\: ([0-9]+)[^ /][\s]+#i', $avatar_data, $file_data1) || !preg_match('#Content-Type\: image/[x\-]*([a-z]+)[\s]+#i', $avatar_data, $file_data2))
 		{
 			$error = true;
 			$error_msg = ( !empty($error_msg) ) ? $error_msg . '<br />' . $lang['File_no_data'] : $lang['File_no_data'];
@@ -136,7 +153,7 @@ function user_avatar_upload($mode, $avatar_mode, &$current_avatar, &$current_typ
 			$avatar_data = substr($avatar_data, strlen($avatar_data) - $avatar_filesize, $avatar_filesize);

 			$tmp_path = ( !@$ini_val('safe_mode') ) ? '/tmp' : './' . $board_config['avatar_path'] . '/tmp';
-			$tmp_filename = tempnam($tmp_path, uniqid($user_ip) . '-');
+			$tmp_filename = tempnam($tmp_path, uniqid(rand()) . '-');

 			$fptr = @fopen($tmp_filename, 'wb');
 			$bytes_written = @fwrite($fptr, $avatar_data, $avatar_filesize);
@@ -158,11 +175,11 @@ function user_avatar_upload($mode, $avatar_mode, &$current_avatar, &$current_typ
 			$error_msg = ( !empty($error_msg) ) ? $error_msg . '<br />' . $l_avatar_size : $l_avatar_size;
 		}
 	}
-	else if ( $avatar_mode == 'local' && file_exists($avatar_filename) && preg_match('/\.(jpg|jpeg|gif|png)$/i', $avatar_realname) )
+	else if ( ( file_exists(@phpbb_realpath($avatar_filename)) ) && preg_match('/\.(jpg|jpeg|gif|png)$/i', $avatar_realname) )
 	{
 		if ( $avatar_filesize <= $board_config['avatar_filesize'] && $avatar_filesize > 0 )
 		{
-			preg_match("'image\/[x\-]*([a-z]+)'", $avatar_filetype, $avatar_filetype);
+			preg_match('#image\/[x\-]*([a-z]+)#', $avatar_filetype, $avatar_filetype);
 			$avatar_filetype = $avatar_filetype[1];
 		}
 		else
@@ -184,11 +201,11 @@ function user_avatar_upload($mode, $avatar_mode, &$current_avatar, &$current_typ

 	if ( $width <= $board_config['avatar_max_width'] && $height <= $board_config['avatar_max_height'] )
 	{
-		$new_filename = ( $current_avatar != '' && $mode != 'register' ) ? $current_avatar : uniqid($user_ip) . $imgtype;
+		$new_filename = uniqid(rand()) . $imgtype;

 		if ( $mode == 'editprofile' && $current_type == USER_AVATAR_UPLOAD && $current_avatar != '' )
 		{
-			if ( file_exists('./' . $board_config['avatar_path'] . '/' . $current_avatar) )
+			if ( file_exists(@phpbb_realpath('./' . $board_config['avatar_path'] . '/' . $current_avatar)) )
 			{
 				@unlink('./' . $board_config['avatar_path'] . '/' . $current_avatar);
 			}
@@ -215,6 +232,10 @@ function user_avatar_upload($mode, $avatar_mode, &$current_avatar, &$current_typ
 				$move_file = 'copy';
 			}

+			if (!is_uploaded_file($avatar_filename))
+			{
+				message_die(GENERAL_ERROR, 'Unable to upload file', '', __LINE__, __FILE__);
+			}
 			$move_file($avatar_filename, './' . $board_config['avatar_path'] . "/$new_filename");
 		}

@@ -233,7 +254,7 @@ function user_avatar_upload($mode, $avatar_mode, &$current_avatar, &$current_typ
 	return $avatar_sql;
 }

-function display_avatar_gallery($mode, &$category, &$user_id, &$email, &$current_email, &$coppa, &$username, &$email, &$icq, &$aim, &$msn, &$yim, &$website, &$location, &$occupation, &$interests, &$signature, &$viewemail, &$notifypm, &$popuppm, &$notifyreply, &$attachsig, &$allowhtml, &$allowbbcode, &$allowsmilies, &$allowviewonline, &$style, &$language, &$timezone, &$dateformat)
+function display_avatar_gallery($mode, &$category, &$user_id, &$email, &$current_email, &$coppa, &$username, &$email, &$new_password, &$cur_password, &$password_confirm, &$icq, &$aim, &$msn, &$yim, &$website, &$location, &$occupation, &$interests, &$signature, &$viewemail, &$notifypm, &$popup_pm, &$notifyreply, &$attachsig, &$allowhtml, &$allowbbcode, &$allowsmilies, &$hideonline, &$style, &$language, &$timezone, &$dateformat, &$session_id)
 {
 	global $board_config, $db, $template, $lang, $images, $theme;
 	global $phpbb_root_path, $phpEx;
@@ -309,9 +330,9 @@ function display_avatar_gallery($mode, &$category, &$user_id, &$email, &$current
 		}
 	}

-	$params = array('coppa', 'user_id', 'username', 'email', 'current_email', 'icq', 'aim', 'msn', 'yim', 'website', 'location', 'occupation', 'interests', 'signature', 'viewemail', 'notifypm', 'popuppm', 'notifyreply', 'attachsig', 'allowhtml', 'allowbbcode', 'allowsmilies', 'allowviewonline', 'style', 'language', 'timezone', 'dateformat');
+	$params = array('coppa', 'user_id', 'username', 'email', 'current_email', 'cur_password', 'new_password', 'password_confirm', 'icq', 'aim', 'msn', 'yim', 'website', 'location', 'occupation', 'interests', 'signature', 'viewemail', 'notifypm', 'popup_pm', 'notifyreply', 'attachsig', 'allowhtml', 'allowbbcode', 'allowsmilies', 'hideonline', 'style', 'language', 'timezone', 'dateformat');

-	$s_hidden_vars = '<input type="hidden" name="agreed" value="true" />';
+	$s_hidden_vars = '<input type="hidden" name="sid" value="' . $session_id . '" /><input type="hidden" name="agreed" value="true" />';

 	for($i = 0; $i < count($params); $i++)
 	{
@@ -333,4 +354,4 @@ function display_avatar_gallery($mode, &$category, &$user_id, &$email, &$current
 	return;
 }

-?>
+?>
--- a/phpBB/includes/usercp_confirm.php
+++ b/phpBB/includes/usercp_confirm.php
@@ -0,0 +1,435 @@
+<?php
+/***************************************************************************
+ *                            usercp_confirm.php
+ *                            -------------------
+ *   begin                : Saturday, Jan 15, 2003
+ *   copyright            : (C) 2001 The phpBB Group
+ *   email                : support@phpbb.com
+ *
+ *   $Id$
+ *
+ ***************************************************************************/
+
+/***************************************************************************
+ *
+ *   This program is free software; you can redistribute it and/or modify
+ *   it under the terms of the GNU General Public License as published by
+ *   the Free Software Foundation; either version 2 of the License, or
+ *   (at your option) any later version.
+ *
+ ***************************************************************************/
+
+if ( !defined('IN_PHPBB') )
+{
+	die('Hacking attempt');
+	exit;
+}
+
+// Note to potential users of this code ...
+//
+// Remember this is released under the _GPL_ and is subject
+// to that licence. Do not incorporate this within software 
+// released or distributed in any way under a licence other
+// than the GPL. We will be watching ... ;)
+
+// Do we have an id? No, then just exit
+if (empty($HTTP_GET_VARS['id']))
+{
+	exit;
+}
+
+$confirm_id = htmlspecialchars($HTTP_GET_VARS['id']);
+
+// Define available charset
+$chars = array('A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J',  'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T',  'U', 'V', 'W', 'X', 'Y', 'Z', '1', '2', '3', '4', '5', '6', '7', '8', '9');
+
+if (!preg_match('/^[A-Za-z0-9]+$/', $confirm_id))
+{
+	$confirm_id = '';
+}
+
+// Try and grab code for this id and session
+$sql = 'SELECT code  
+	FROM ' . CONFIRM_TABLE . " 
+	WHERE session_id = '" . $userdata['session_id'] . "' 
+		AND confirm_id = '$confirm_id'";
+$result = $db->sql_query($sql);
+
+// If we have a row then grab data else create a new id
+if ($row = $db->sql_fetchrow($result))
+{
+	$db->sql_freeresult($result);
+	$code = $row['code'];
+}
+else
+{
+	exit;
+}
+
+// If we can we will generate a single filtered png else we will have to simply
+// output six seperate original pngs ... first way is preferable!
+if (@extension_loaded('zlib'))
+{
+	$_png = define_filtered_pngs();
+
+	$total_width = 320;
+	$total_height = 50;
+	$img_height = 40;
+	$img_width = 0;
+	$l = 0;
+
+	list($usec, $sec) = explode(' ', microtime()); 
+	mt_srand($sec * $usec); 
+
+	$char_widths = array();
+	for ($i = 0; $i < strlen($code); $i++)
+	{
+		$char = $code{$i};
+
+		$width = mt_rand(0, 4);
+		$char_widths[] = $width;
+		$img_width += $_png[$char]['width'] - $width;
+	}
+
+	$offset_x = mt_rand(0, $total_width - $img_width);
+	$offset_y = mt_rand(0, $total_height - $img_height);
+
+	$image = '';
+	$hold_chars = array();
+	for ($i = 0; $i < $total_height; $i++)
+	{
+		$image .= chr(0);
+
+		if ($i > $offset_y && $i < $offset_y + $img_height)
+		{
+			$j = 0;
+
+			for ($k = 0; $k < $offset_x; $k++)
+			{
+				$image .= chr(mt_rand(140, 255));
+			}
+
+			for ($k = 0; $k < strlen($code); $k++)
+			{
+				$char = $code{$k};
+
+				if (empty($hold_chars[$char]))
+				{
+					$hold_chars[$char] = explode("\n", chunk_split(base64_decode($_png[$char]['data']), $_png[$char]['width'] + 1, "\n"));
+				}
+				$image .= randomise(substr($hold_chars[$char][$l], 1), $char_widths[$j]);
+				$j++;
+			}
+
+			for ($k = $offset_x + $img_width; $k < $total_width; $k++)
+			{
+				$image .= chr(mt_rand(140, 255));
+			}
+
+			$l++;
+		}
+		else
+		{
+			for ($k = 0; $k < $total_width; $k++)
+			{
+				$image .= chr(mt_rand(140, 255));
+			}
+		}
+
+	}
+	unset($hold);
+
+	$image = create_png(gzcompress($image), $total_width, $total_height);
+
+	// Output image
+	header('Content-Type: image/png');
+	header('Cache-control: no-cache, no-store');
+	echo $image;
+
+	unset($image);
+	unset($_png);
+	exit;
+
+}
+else
+{
+	if (!empty($HTTP_GET_VARS['c']))
+	{
+		$_png = define_raw_pngs();
+
+		$char = substr($code, intval($HTTP_GET_VARS['c']) - 1, 1);
+		header('Content-Type: image/png');
+		header('Cache-control: no-cache, no-store');
+		echo base64_decode($_png[$char]);
+
+		unset($_png);
+		exit;
+	}
+}
+
+exit;
+
+// This is designed to randomise the pixels of the image data within
+// certain limits so as to keep it readable. It also varies the image
+// width a little
+function randomise($scanline, $width)
+{
+	$new_line = '';
+	$start = floor($width/2);
+	$end = strlen($scanline) - ceil($width/2);
+
+	for ($i = $start; $i < $end; $i++)
+	{
+		$pixel = ord($scanline{$i});
+
+		if ($pixel < 190)
+		{
+			$new_line .= chr(mt_rand(0, 205));
+		}
+		else if ($pixel > 190)
+		{
+			$new_line .= chr(mt_rand(145, 255));
+		}
+		else
+		{
+			$new_line .= $scanline{$i};
+		}
+	}
+
+	return $new_line;
+}
+
+// This creates a chunk of the given type, with the given data
+// of the given length adding the relevant crc
+function png_chunk($length, $type, $data)
+{
+	$raw = $type;
+	$raw .= $data;
+	$crc = crc32($raw);
+	$raw .= pack('C4', $crc >> 24, $crc >> 16, $crc >> 8, $crc);
+
+	return pack('C4', $length >> 24, $length >> 16, $length >> 8, $length) . $raw;
+}
+
+// Creates greyscale 8bit png - The PNG spec can be found at
+// http://www.libpng.org/pub/png/spec/PNG-Contents.html we use
+// png because it's a fully recognised open standard and supported
+// by practically all modern browsers and OSs
+function create_png($gzimage, $width, $height)
+{
+	// SIG
+	$image = pack('C8', 137, 80, 78, 71, 13, 10, 26, 10);
+	// IHDR
+	$raw = pack('C4', $width >> 24, $width >> 16, $width >> 8, $width);
+	$raw .= pack('C4', $height >> 24, $height >> 16, $height >> 8, $height);
+	$raw .= pack('C5', 8, 0, 0, 0, 0);
+	$image .= png_chunk(13, 'IHDR', $raw);
+	// IDAT
+	$image .= png_chunk(strlen($gzimage), 'IDAT', $gzimage);
+	// IEND
+	$image .= png_chunk(0, 'IEND', '');
+
+	return $image;
+}
+
+// Each 'data' element is base64_encoded uncompressed IDAT
+// png image data
+function define_filtered_pngs()
+{
+	$_png = array(
+		'0' => array(
+			'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A///////////////////olFAkBAAAGDyA4P///M31/////////////wD////////////////0dAgAAAAAAAAAAAAEcPipFGHn////////////AP//////////////6DAAAAAAAAAAAAAAAAAALSEAN+T///////////8A//////////////xAAAAAAAAAAAAAAAAAAAAAACPA/////////////wD/////////////oAAAAAAAAAAAAAAAAAAAAAAAev//////////////AP////////////8oAAAAAAAAPNj/zDAAAAAAAABD//////////////8A////////////1AAAAAAAABjw////5BAAAAAAAADo/////////////wD///////////+QAAAAAAAAbP//////QgAAAAAAAKj/////////////AP///////////1wAAAAAAACs/////8AXAAAAAAAAcP////////////8A////////////OAAAAAAAAND////dNwAAAAAAAABI/////////////wD///////////8gAAAAAAAA4P//7koACwAAAAAAACT/////////////AP///////////wgAAAAAAAD///VqAwaPAAAAAAAAEP////////////8A////////////AAAAAAAAAP/8kQYDavUAAAAAAAAA/////////////wD///////////8AAAAAAAAA/6kNAEru/wAAAAAAAAD/////////////AP///////////wAAAAAAAADAIwA33f//AAAAAAAAAP////////////8A////////////FAAAAAAAADYAI8D///8AAAAAAAAQ/////////////wD///////////8kAAAAAAAAAA2p////5AAAAAAAACD/////////////AP///////////0gAAAAAAAAFkfz////UAAAAAAAAQP////////////8A////////////cAAAAAAAAET1/////7AAAAAAAABo/////////////wD///////////+oAAAAAAAAXfX/////sAAAAAAAAGj/////////////AAAAALgAAAAAAAAwAAAAAAAAAAAAAAD////////////oAAAAAAAACOT////oEAAAAAAAAOD/////////////AP////////////8+AAAAAAAAKMz/zDQAAAAAAAA0//////////////8A////////////7jgAAAAAAAAAAAAAAAAAAAAAAKT//////////////wD///////////VqAwIAAAAAAAAAAAAAAAAAAAA8////////////////AP//////////rQcDaVEAAAAAAAAAAAAAAAAAKOj///////////////8A///////////nblnu/IAIAAAAAAAAAAAAAFzw/////////////////wD////////////79////+iITCAAAAAgSITg////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////w==', 
+			'width' => 40
+		), 
+		'1' => array(
+			'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////8BAAAAAAAP//////////////////AP////////////////////////9sAAAAAAAA//////////////////8A////////////////////////pAAAAAAAAAD//////////////////wD//////////////////////6wEAAAAAAAAAP//////////////////AP////////////////////h4AAAAAAAAAAAA//////////////////8A//////////////////ygJAAAAAAAAAAAAAD//////////////////wD//////////////9x8HAAAAAAAAAAAAAAAAP//////////////////AP//////////////AAAAAAAAAAAAAAAAAAAA//////////////////8A//////////////8AAAAAAAAAAAAAAAAAAAD//////////////////wD//////////////wAAAAAAAAR4AAAAAAAAAP//////////////////AP//////////////AAAAAAA4zP8AAAAAAAAA//////////////////8A//////////////8AAAA4sP///wAAAAAAAAD//////////////////wD//////////////yR80P//////AAAAAAAAAP//////////////////AP////////////////////////8AAAAAAAAA//////////////////8A/////////////////////////wAAAAAAAAD//////////////////wD/////////////////////////AAAAAAAAAP//////////////////AP////////////////////////8AAAAAAAAA//////////////////8A/////////////////////////wAAAAAAAAD//////////////////wD/////////////////////////AAAAAAAAAP//////////////////AP////////////////////////8AAAAAAAAA//////////////////8A/////////////////////////wAAAAAAAAD//////////////////wD/////////////////////////AAAAAAAAAP//////////////////AP////////////////////////8AAAAAAAAA//////////////////8A/////////////////////////wAAAAAAAAD//////////////////wD/////////////////////////AAAAAAAAAP//////////////////AP////////////////////////8AAAAAAAAA//////////////////8A/////////////////////////wAAAAAAAAD//////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=', 
+			'width' => 40
+		), 
+		'2' => array(
+			'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP/////////////////okFAkCAAABCBIfNT///////////////////8A///////////////8hAgAAAAAAAAAAAAAAFTo/////////////////wD//////////////1QAAAAAAAAAAAAAAAAAACjo////////////////AP////////////+MAAAAAAAAAAAAAAAAAAAAADj///////////////8A////////////9BAAAAAAAAAAAAAAAAAAAAAAALD//////////////wD///////////+gAAAAAAAAAHjs+KwMAAAAAAAAVP//////////////AP///////////1gAAAAAAABM/////6QAAAAAAAAU//////////////8A////////////KAAAAAAAALj/////+AAAAAAAAAD//////////////wD///////////+MfGBMOCAI8P/////wAAAAAAAACP//////////////AP///////////////////////////5wAAAAAAAAw//////////////8A///////////////////////////oFAAAAAAAAHz//////////////wD/////////////////////////6CgAAAAAAAAE3P//////////////AP///////////////////////9ggAAAAAAAAAHT///////////////8A//////////////////////+0DAAAAAAAAAA8+P///////////////wD/////////////////////gAAAAAAAAAAAKOj/////////////////AP//////////////////9FAAAAAAAAAAADzw//////////////////8A/////////////////+g4AAAAAAAAAABk/P///////////////////wD////////////////oKAAAAAAAAAAMqP//////////////////////AP//////////////6CgAAAAAAAAAMNz///////////////////////8A//////////////g4AAAAAAAAAFT0/////////////////////////wD/////////////bAAAAAAAAABU/P//////////////////////////AP///////////8wAAAAAAAAAAAAAAAAAAAAAAAAA//////////////8A////////////SAAAAAAAAAAAAAAAAAAAAAAAAAD//////////////wD//////////9wAAAAAAAAAAAAAAAAAAAAAAAAAAP//////////////AP//////////hAAAAAAAAAAAAAAAAAAAAAAAAAAA//////////////8A//////////9AAAAAAAAAAAAAAAAAAAAAAAAAAAD//////////////wD//////////xAAAAAAAAAAAAAAAAAAAAAAAAAAAP//////////////AP////////////////////////////////////////////////////8=', 
+			'width' => 40
+		), 
+		'3' => array(
+			'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD////////////////8sGg0FAAAACA4cLz8////////////////////AP//////////////rBgAAAAAAAAAAAAAACTA//////////////////8A/////////////3QAAAAAAAAAAAAAAAAAAASs/////////////////wD///////////+YAAAAAAAAAAAAAAAAAAAAAAjc////////////////AP//////////6AwAAAAAAAAAAAAAAAAAAAAAAGT///////////////8A//////////94AAAAAAAABJDw/8g4AAAAAAAAHP///////////////wD//////////yAAAAAAAACE/////9gAAAAAAAAA////////////////AP///////////NSwiGQ4FOT//////AAAAAAAABD///////////////8A//////////////////////////+YAAAAAAAAVP///////////////wD//////////////////////P/ggAQAAAAAAATM////////////////AP////////////////////9gAAAAAAAAAAAElP////////////////8A/////////////////////0AAAAAAAAAAHLj//////////////////wD/////////////////////OAAAAAAAAAAwkPj/////////////////AP////////////////////8gAAAAAAAAAAAAINj///////////////8A/////////////////////xAAAAAAAAAAAAAAIPD//////////////wD/////////////////////uOz/4HgEAAAAAAAAhP//////////////AP///////////////////////////3wAAAAAAAAw//////////////8A////////////////////////////6AAAAAAAAAj//////////////wD/////////////////////////////AAAAAAAAAP//////////////AP//////////tJh8YEQoDNz//////+AAAAAAAAAY//////////////8A//////////88AAAAAAAAaP//////dAAAAAAAAEz//////////////wD//////////6QAAAAAAAAAdOD/5HQAAAAAAAAApP//////////////AP///////////CgAAAAAAAAAAAAAAAAAAAAAACD4//////////////8A////////////yAQAAAAAAAAAAAAAAAAAAAAEuP///////////////wD/////////////rAQAAAAAAAAAAAAAAAAABJD/////////////////AP//////////////zDQAAAAAAAAAAAAAACTA//////////////////8A/////////////////8BwOCAAAAAUNGi0/P///////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=', 
+			'width' => 40
+		), 
+		'4' => array(
+			'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP//////////////////////////nAAAAAAAAAD///////////////8A/////////////////////////8AEAAAAAAAAAP///////////////wD////////////////////////gGAAAAAAAAAAA////////////////AP//////////////////////9DAAAAAAAAAAAAD///////////////8A//////////////////////9UAAAAAAAAAAAAAP///////////////wD/////////////////////hAAAAAAAAAAAAAAA////////////////AP///////////////////7QAAAAAAAAAAAAAAAD///////////////8A///////////////////UDAAAAAAUAAAAAAAAAP///////////////wD/////////////////7CQAAAAABMAAAAAAAAAA////////////////AP////////////////xEAAAAAACU/wAAAAAAAAD///////////////8A////////////////cAAAAAAAZP//AAAAAAAAAP///////////////wD//////////////6AAAAAAADz8//8AAAAAAAAA////////////////AP/////////////IBAAAAAAc6P///wAAAAAAAAD///////////////8A////////////5BgAAAAADMz/////AAAAAAAAAP///////////////wD///////////g0AAAAAACk//////8AAAAAAAAA////////////////AP//////////XAAAAAAAfP///////wAAAAAAAAD///////////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP///////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD///////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP///////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD///////////8A////////////////////////////AAAAAAAAAP///////////////wD///////////////////////////8AAAAAAAAA////////////////AP///////////////////////////wAAAAAAAAD///////////////8A////////////////////////////AAAAAAAAAP///////////////wD///////////////////////////8AAAAAAAAA////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=', 
+			'width' => 40
+		), 
+		'5' => array(
+			'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP//////////////8AAAAAAAAAAAAAAAAAAAAAAA//////////////8A///////////////MAAAAAAAAAAAAAAAAAAAAAAD//////////////wD//////////////6wAAAAAAAAAAAAAAAAAAAAAAP//////////////AP//////////////iAAAAAAAAAAAAAAAAAAAAAAA//////////////8A//////////////9kAAAAAAAAAAAAAAAAAAAAAAD//////////////wD//////////////0QAAAAAAAAAAAAAAAAAAAAAAP//////////////AP//////////////IAAAAAAAYP////////////////////////////8A//////////////wAAAAAAAB8/////////////////////////////wD/////////////3AAAAAAAAIj/////////////////////////////AP////////////+4AAAAAAAAoLRYHAAEKGTE//////////////////8A/////////////5QAAAAAAAAQAAAAAAAAAABY9P///////////////wD/////////////dAAAAAAAAAAAAAAAAAAAAAA89P//////////////AP////////////9QAAAAAAAAAAAAAAAAAAAAAABg//////////////8A/////////////zAAAAAAAAAAAAAAAAAAAAAAAADQ/////////////wD/////////////IAAAAAAAAGjY/+h4BAAAAAAAAGz/////////////AP//////////////9NS0lHSc//////90AAAAAAAALP////////////8A/////////////////////////////9QAAAAAAAAE/////////////wD//////////////////////////////wAAAAAAAAD/////////////AP/////////////////////////////8AAAAAAAAEP////////////8A////////////pIRwWEAgDOD//////8wAAAAAAAA8/////////////wD///////////9EAAAAAAAAaP//////ZAAAAAAAAHz/////////////AP///////////6QAAAAAAAAAaOD/4GQAAAAAAAAE4P////////////8A/////////////CQAAAAAAAAAAAAAAAAAAAAAAGD//////////////wD/////////////yAQAAAAAAAAAAAAAAAAAAAAc7P//////////////AP//////////////rAwAAAAAAAAAAAAAAAAAGNj///////////////8A////////////////0EAAAAAAAAAAAAAAAFTo/////////////////wD//////////////////8h4QCAAAAAcQHzU////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=', 
+			'width' => 40
+		), 
+		'6' => array(
+			'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD///////////////////+0ZCwMAAAUNGjI////////////////////AP/////////////////EMAAAAAAAAAAAAABM6P////////////////8A////////////////lAQAAAAAAAAAAAAAAAAo6P///////////////wD//////////////6wAAAAAAAAAAAAAAAAAAABI////////////////AP/////////////oEAAAAAAAAAAAAAAAAAAAAACw//////////////8A/////////////3AAAAAAAAAoxP/YPAAAAAAAAEj//////////////wD////////////4EAAAAAAACOD////YDCBAVGiAoP//////////////AP///////////7gAAAAAAABY//////////////////////////////8A////////////eAAAAAAAAJT//////////////////////////////wD///////////9MAAAAAAAAvP/IXBgABCx03P//////////////////AP///////////ygAAAAAAADcdAAAAAAAAAAEiP////////////////8A////////////FAAAAAAAAFAAAAAAAAAAAAAAcP///////////////wD///////////8AAAAAAAAAAAAAAAAAAAAAAAAAlP//////////////AP///////////wAAAAAAAAAAAAAAAAAAAAAAAAAQ8P////////////8A////////////AAAAAAAAAABAyP/kZAAAAAAAAACQ/////////////wD///////////8MAAAAAAAALPj/////WAAAAAAAAET/////////////AP///////////yQAAAAAAACY///////MAAAAAAAAFP////////////8A////////////SAAAAAAAAMD///////wAAAAAAAAA/////////////wD///////////9wAAAAAAAAvP///////wAAAAAAAAD/////////////AP///////////7QAAAAAAACI///////UAAAAAAAAJP////////////8A////////////+AwAAAAAACDw/////2wAAAAAAABY/////////////wD/////////////cAAAAAAAADC8/Ox4AAAAAAAAAKj/////////////AP/////////////oEAAAAAAAAAAAAAAAAAAAAAAk/P////////////8A//////////////+oAAAAAAAAAAAAAAAAAAAABLj//////////////wD///////////////+QAAAAAAAAAAAAAAAAAACQ////////////////AP////////////////+0JAAAAAAAAAAAAAAkuP////////////////8A///////////////////8sGg0FAAADCxgqPz//////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=', 
+			'width' => 40
+		), 
+		'7' => array(
+			'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD///////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP///////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAP////////////8A////////////AAAAAAAAAAAAAAAAAAAAAAAAAAAA/////////////wD///////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP///////////wAAAAAAAAAAAAAAAAAAAAAAAAAABP////////////8A////////////AAAAAAAAAAAAAAAAAAAAAAAAAAy4/////////////wD//////////////////////////+QUAAAAAAAEuP//////////////AP/////////////////////////8QAAAAAAAAKT///////////////8A/////////////////////////4wAAAAAAAB0/////////////////wD////////////////////////cCAAAAAAANPz/////////////////AP///////////////////////0QAAAAAAATY//////////////////8A//////////////////////+0AAAAAAAAeP///////////////////wD//////////////////////CQAAAAAABTw////////////////////AP////////////////////+gAAAAAAAAkP////////////////////8A/////////////////////ywAAAAAABDw/////////////////////wD///////////////////+4AAAAAAAAbP//////////////////////AP///////////////////1wAAAAAAADQ//////////////////////8A///////////////////4DAAAAAAAMP///////////////////////wD//////////////////7QAAAAAAAB8////////////////////////AP//////////////////aAAAAAAAAMj///////////////////////8A//////////////////8oAAAAAAAM/P///////////////////////wD/////////////////8AAAAAAAAET/////////////////////////AP////////////////+0AAAAAAAAcP////////////////////////8A/////////////////4wAAAAAAACY/////////////////////////wD/////////////////WAAAAAAAAMD/////////////////////////AP////////////////80AAAAAAAA4P////////////////////////8A/////////////////xAAAAAAAAD4/////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=', 
+			'width' => 40
+		), 
+		'8' => array(
+			'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD////////////////////IdDQUAAAEIEiA1P//////////////////AP/////////////////gRAAAAAAAAAAAAAAAROD///////////////8A////////////////0BgAAAAAAAAAAAAAAAAAEMj//////////////wD///////////////AcAAAAAAAAAAAAAAAAAAAAHPD/////////////AP//////////////hAAAAAAAAAAAAAAAAAAAAAAAhP////////////8A//////////////8sAAAAAAAAKMz/zCgAAAAAAAAs/////////////wD//////////////wAAAAAAAADM////zAAAAAAAAAD/////////////AP//////////////BAAAAAAAAP//////AAAAAAAABP////////////8A//////////////8sAAAAAAAAzP///9QAAAAAAAAw/////////////wD//////////////3wAAAAAAAAoyP/YNAAAAAAAAIT/////////////AP//////////////7BgAAAAAAAAAAAAAAAAAAAAc8P////////////8A////////////////xBgAAAAAAAAAAAAAAAAAGNj//////////////wD/////////////////tAQAAAAAAAAAAAAAAACo////////////////AP///////////////HAAAAAAAAAAAAAAAAAAAAB8//////////////8A//////////////9gAAAAAAAAAAAAAAAAAAAAAAB8/////////////wD/////////////wAAAAAAAAABk4P/UWAAAAAAAAATQ////////////AP////////////9UAAAAAAAAaP//////XAAAAAAAAGT///////////8A/////////////xgAAAAAAADg///////cAAAAAAAAJP///////////wD/////////////AAAAAAAAAP////////8AAAAAAAAA////////////AP////////////8AAAAAAAAA4P//////3AAAAAAAAAT///////////8A/////////////ygAAAAAAABg//////9cAAAAAAAALP///////////wD/////////////ZAAAAAAAAABY1P/cXAAAAAAAAABw////////////AP/////////////QAAAAAAAAAAAAAAAAAAAAAAAABNz///////////8A//////////////9gAAAAAAAAAAAAAAAAAAAAAAB0/////////////wD///////////////Q8AAAAAAAAAAAAAAAAAAAAUPz/////////////AP////////////////x4CAAAAAAAAAAAAAAAEIT8//////////////8A///////////////////smFQwGAAAABg0ZKT0/////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=', 
+			'width' => 40
+		), 
+		'9' => array(
+			'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD///////////////////ysYCwMAAAUNGiw/P//////////////////AP////////////////+4JAAAAAAAAAAAAAAkuP////////////////8A////////////////lAQAAAAAAAAAAAAAAAAAkP///////////////wD//////////////8AEAAAAAAAAAAAAAAAAAAAAqP//////////////AP/////////////8JAAAAAAAAAAAAAAAAAAAAAAQ7P////////////8A/////////////6wAAAAAAAAAfOz8vCwAAAAAAABw/////////////wD/////////////WAAAAAAAAHD/////7BgAAAAAAAz4////////////AP////////////8kAAAAAAAA1P//////hAAAAAAAALT///////////8A/////////////wAAAAAAAAD///////+4AAAAAAAAcP///////////wD/////////////AAAAAAAAAPz//////8AAAAAAAABI////////////AP////////////8UAAAAAAAAzP//////lAAAAAAAACT///////////8A/////////////0QAAAAAAABY//////gsAAAAAAAADP///////////wD/////////////kAAAAAAAAABw5P/IPAAAAAAAAAAA////////////AP/////////////wEAAAAAAAAAAAAAAAAAAAAAAAAAD///////////8A//////////////+UAAAAAAAAAAAAAAAAAAAAAAAAAP///////////wD///////////////9wAAAAAAAAAAAAAFAAAAAAAAAU////////////AP////////////////+IBAAAAAAAAABw3AAAAAAAACj///////////8A///////////////////cdCwEABhcxP+8AAAAAAAATP///////////wD//////////////////////////////5AAAAAAAAB4////////////AP//////////////////////////////UAAAAAAAALj///////////8A//////////////+kgGxUQCAM2P///+AIAAAAAAAQ+P///////////wD//////////////0gAAAAAAAA42P/EKAAAAAAAAHD/////////////AP//////////////sAAAAAAAAAAAAAAAAAAAAAAQ6P////////////8A////////////////TAAAAAAAAAAAAAAAAAAAAKz//////////////wD////////////////oKAAAAAAAAAAAAAAAAASU////////////////AP/////////////////sUAAAAAAAAAAAAAAwxP////////////////8A////////////////////yHA0FAAADCxktP///////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=', 
+			'width' => 40
+		), 
+		'A' => array(
+			'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD//////////////////+QAAAAAAAAAAAAAAOT/////////////////AP//////////////////kAAAAAAAAAAAAAAAkP////////////////8A//////////////////88AAAAAAAAAAAAAAA8/////////////////wD/////////////////5AAAAAAAAAAAAAAAAADk////////////////AP////////////////+QAAAAAAAAAAAAAAAAAJD///////////////8A/////////////////zwAAAAAAAAAAAAAAAAAPP///////////////wD////////////////kAAAAAAAAAAgAAAAAAAAA5P//////////////AP///////////////5AAAAAAAAAAgAAAAAAAAACQ//////////////8A////////////////PAAAAAAAAAz8HAAAAAAAADz//////////////wD//////////////+QAAAAAAAAAWP9kAAAAAAAAANz/////////////AP//////////////kAAAAAAAAACk/7wAAAAAAAAAhP////////////8A//////////////88AAAAAAAABOz//BQAAAAAAAAw/////////////wD/////////////4AAAAAAAAAA8////ZAAAAAAAAADc////////////AP////////////+EAAAAAAAAAIj///+8AAAAAAAAAIT///////////8A/////////////zAAAAAAAAAA2P////wQAAAAAAAAMP///////////wD////////////cAAAAAAAAACT//////1wAAAAAAAAA3P//////////AP///////////4QAAAAAAAAAAAAAAAAAAAAAAAAAAACE//////////8A////////////MAAAAAAAAAAAAAAAAAAAAAAAAAAAADD//////////wD//////////9wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANz/////////AP//////////hAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhP////////8A//////////8wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAw/////////wD/////////3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADc////////AP////////+EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIT///////8A/////////zAAAAAAAAAAhP///////////2QAAAAAAAAAMP///////wD////////cAAAAAAAAAADM////////////vAAAAAAAAAAA3P//////AP///////4QAAAAAAAAAHP/////////////4DAAAAAAAAACE//////8A////////MAAAAAAAAABk//////////////9cAAAAAAAAADD//////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=', 
+			'width' => 40
+		), 
+		'B' => array(
+			'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A//////////8AAAAAAAAAAAAAAAAAAAAAEDh83P///////////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAEhP//////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAeP////////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAxP///////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAABY////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAABT///////////8A//////////8AAAAAAAAAAP/////4zEwAAAAAAAAAAP///////////wD//////////wAAAAAAAAAA////////7AAAAAAAAAAQ////////////AP//////////AAAAAAAAAAD////////sAAAAAAAAAEj///////////8A//////////8AAAAAAAAAAP/////4zEQAAAAAAAAAtP///////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAFz/////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAiA/P////////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAIjPj//////////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAGKz/////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAJT///////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAABNz//////////wD//////////wAAAAAAAAAA///////sqCAAAAAAAAAAbP//////////AP//////////AAAAAAAAAAD/////////yAAAAAAAAAAs//////////8A//////////8AAAAAAAAAAP//////////AAAAAAAAAAT//////////wD//////////wAAAAAAAAAA/////////7wAAAAAAAAAAP//////////AP//////////AAAAAAAAAAD//////+ikGAAAAAAAAAAY//////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFT//////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsP//////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAADj///////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAc6P///////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAATOj/////////////AP//////////AAAAAAAAAAAAAAAAAAAEIEBkkNj///////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=', 
+			'width' => 40
+		), 
+		'C' => array(
+			'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP//////////////////5JRULBAAAAgkTIDQ//////////////////8A////////////////1FAAAAAAAAAAAAAAAABAyP///////////////wD//////////////4gEAAAAAAAAAAAAAAAAAAAElP//////////////AP////////////9wAAAAAAAAAAAAAAAAAAAAAAAAlP////////////8A////////////kAAAAAAAAAAAAAAAAAAAAAAAAAAEyP///////////wD//////////9wIAAAAAAAAAAAAAAAAAAAAAAAAAAAw////////////AP//////////WAAAAAAAAAAAWMz/8JwQAAAAAAAAAACw//////////8A/////////+wEAAAAAAAAAID//////9QMAAAAAAAAAET//////////wD/////////nAAAAAAAAAAo/P///////3wAAAAABDBspP//////////AP////////9gAAAAAAAAAIz/////////3BxQjMT0//////////////8A/////////zQAAAAAAAAAzP///////////////////////////////wD/////////GAAAAAAAAADo////////////////////////////////AP////////8AAAAAAAAAAP////////////////////////////////8A/////////wAAAAAAAAAA/////////////////////////////////wD/////////AAAAAAAAAAD/////////////////////////////////AP////////8cAAAAAAAAAOj///////////////////////////////8A/////////zgAAAAAAAAA0P/////////kIGio7P///////////////wD/////////bAAAAAAAAACg/////////5wAAAAAMHS49P//////////AP////////+oAAAAAAAAAEz/////////PAAAAAAAAAAc//////////8A//////////QIAAAAAAAAALz//////6QAAAAAAAAAAGT//////////wD//////////3AAAAAAAAAADIzo/+SEBAAAAAAAAAAAyP//////////AP//////////7BAAAAAAAAAAAAAAAAAAAAAAAAAAAED///////////8A////////////rAAAAAAAAAAAAAAAAAAAAAAAAAAE0P///////////wD/////////////fAAAAAAAAAAAAAAAAAAAAAAAAJz/////////////AP//////////////iAQAAAAAAAAAAAAAAAAAAASY//////////////8A////////////////yEAAAAAAAAAAAAAAAAA8yP///////////////wD//////////////////9yIUCwQAAAAIEB4yP//////////////////AP////////////////////////////////////////////////////8=', 
+			'width' => 40
+		), 
+		'D' => array(
+			'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD///////////8AAAAAAAAAAAAAAAAADChQkOT/////////////////AP///////////wAAAAAAAAAAAAAAAAAAAAAABGjw//////////////8A////////////AAAAAAAAAAAAAAAAAAAAAAAAACDY/////////////wD///////////8AAAAAAAAAAAAAAAAAAAAAAAAAABjk////////////AP///////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAED///////////8A////////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAKj//////////wD///////////8AAAAAAAAAAP///+isSAAAAAAAAAAANP//////////AP///////////wAAAAAAAAAA////////hAAAAAAAAAAA2P////////8A////////////AAAAAAAAAAD/////////MAAAAAAAAACQ/////////wD///////////8AAAAAAAAAAP////////+MAAAAAAAAAFj/////////AP///////////wAAAAAAAAAA/////////8gAAAAAAAAAMP////////8A////////////AAAAAAAAAAD/////////5AAAAAAAAAAY/////////wD///////////8AAAAAAAAAAP//////////AAAAAAAAAAD/////////AP///////////wAAAAAAAAAA//////////8AAAAAAAAAAP////////8A////////////AAAAAAAAAAD//////////wAAAAAAAAAA/////////wD///////////8AAAAAAAAAAP/////////wAAAAAAAAABD/////////AP///////////wAAAAAAAAAA/////////9QAAAAAAAAAJP////////8A////////////AAAAAAAAAAD/////////qAAAAAAAAABI/////////wD///////////8AAAAAAAAAAP////////9QAAAAAAAAAHj/////////AP///////////wAAAAAAAAAA////////uAAAAAAAAAAAvP////////8A////////////AAAAAAAAAAD////w0HwEAAAAAAAAACT8/////////wD///////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAoP//////////AP///////////wAAAAAAAAAAAAAAAAAAAAAAAAAAADz8//////////8A////////////AAAAAAAAAAAAAAAAAAAAAAAAAAAY6P///////////wD///////////8AAAAAAAAAAAAAAAAAAAAAAAAAKNz/////////////AP///////////wAAAAAAAAAAAAAAAAAAAAAACHT0//////////////8A////////////AAAAAAAAAAAAAAAAABg4bKj0/////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=', 
+			'width' => 40
+		), 
+		'E' => array(
+			'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAP////////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAA/////////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAP////////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAA/////////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP//////////AAAAAAAAAAD///////////////////////////////8A//////////8AAAAAAAAAAP///////////////////////////////wD//////////wAAAAAAAAAA////////////////////////////////AP//////////AAAAAAAAAAD///////////////////////////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAD//////////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAP//////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAA//////////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAD//////////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAP//////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAA//////////////8A//////////8AAAAAAAAAAP///////////////////////////////wD//////////wAAAAAAAAAA////////////////////////////////AP//////////AAAAAAAAAAD///////////////////////////////8A//////////8AAAAAAAAAAP///////////////////////////////wD//////////wAAAAAAAAAA////////////////////////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAP////////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAA/////////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAP////////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAA/////////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP////////////////////////////////////////////////////8=', 
+			'width' => 40
+		), 
+		'F' => array(
+			'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////wAAAAAAAAAAAAAAAAAAAAAAAAAA/////////////wD/////////////AAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP////////////8AAAAAAAAAAAAAAAAAAAAAAAAAAP////////////8A/////////////wAAAAAAAAAAAAAAAAAAAAAAAAAA/////////////wD/////////////AAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP////////////8AAAAAAAAAAAAAAAAAAAAAAAAAAP////////////8A/////////////wAAAAAAAAAA/////////////////////////////wD/////////////AAAAAAAAAAD/////////////////////////////AP////////////8AAAAAAAAAAP////////////////////////////8A/////////////wAAAAAAAAAA/////////////////////////////wD/////////////AAAAAAAAAAAAAAAAAAAAAAAA////////////////AP////////////8AAAAAAAAAAAAAAAAAAAAAAAD///////////////8A/////////////wAAAAAAAAAAAAAAAAAAAAAAAP///////////////wD/////////////AAAAAAAAAAAAAAAAAAAAAAAA////////////////AP////////////8AAAAAAAAAAAAAAAAAAAAAAAD///////////////8A/////////////wAAAAAAAAAAAAAAAAAAAAAAAP///////////////wD/////////////AAAAAAAAAAD/////////////////////////////AP////////////8AAAAAAAAAAP////////////////////////////8A/////////////wAAAAAAAAAA/////////////////////////////wD/////////////AAAAAAAAAAD/////////////////////////////AP////////////8AAAAAAAAAAP////////////////////////////8A/////////////wAAAAAAAAAA/////////////////////////////wD/////////////AAAAAAAAAAD/////////////////////////////AP////////////8AAAAAAAAAAP////////////////////////////8A/////////////wAAAAAAAAAA/////////////////////////////wD/////////////AAAAAAAAAAD/////////////////////////////AP////////////8AAAAAAAAAAP////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=', 
+			'width' => 40
+		), 
+		'G' => array(
+			'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD//////////////////MB8TCgQAAAACCA4YJzs////////////////AP///////////////JQcAAAAAAAAAAAAAAAAAAhw8P////////////8A/////////////9gwAAAAAAAAAAAAAAAAAAAAAAAk2P///////////wD////////////EDAAAAAAAAAAAAAAAAAAAAAAAAAAc7P//////////AP//////////2AwAAAAAAAAAAAAAAAAAAAAAAAAAAABY//////////8A//////////wwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ/////////wD/////////kAAAAAAAAAAAEHzQ/P/gmCAAAAAAAAAAAFz/////////AP////////wcAAAAAAAAACjg////////8CwAAAAAAAAgWP////////8A////////vAAAAAAAAAAI2P//////////yBRAcJjI8P///////////wD///////94AAAAAAAAAGD/////////////////////////////////AP///////0AAAAAAAAAAsP////////////////////////////////8A////////IAAAAAAAAADc/////////////////////////////////wD///////8AAAAAAAAAAP///////wAAAAAAAAAAAAAAAAD/////////AP///////wAAAAAAAAAA////////AAAAAAAAAAAAAAAAAP////////8A////////AAAAAAAAAAD///////8AAAAAAAAAAAAAAAAA/////////wD///////8gAAAAAAAAAOD//////wAAAAAAAAAAAAAAAAD/////////AP///////0AAAAAAAAAAtP//////AAAAAAAAAAAAAAAAAP////////8A////////cAAAAAAAAABw//////8AAAAAAAAAAAAAAAAA/////////wD///////+8AAAAAAAAABDs////////////AAAAAAAAAAD/////////AP////////wYAAAAAAAAADz0//////////AAAAAAAAAAAP////////8A/////////5AAAAAAAAAAACCY4P//3KhcCAAAAAAAAAAA/////////wD/////////+CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/////////AP//////////xAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIP////////8A////////////rAQAAAAAAAAAAAAAAAAAAAAAAAAAAGTw/////////wD/////////////vBQAAAAAAAAAAAAAAAAAAAAAADjI////////////AP//////////////8HAQAAAAAAAAAAAAAAAAAEiw//////////////8A//////////////////iwcEAgBAAABCA4aKDk/////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=', 
+			'width' => 40
+		), 
+		'H' => array(
+			'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////8AAAAAAAAAAP///////////wAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////AAAAAAAAAAD///////////8AAAAAAAAAAP//////////AP////////8AAAAAAAAAAP///////////wAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////AAAAAAAAAAD///////////8AAAAAAAAAAP//////////AP////////8AAAAAAAAAAP///////////wAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////AAAAAAAAAAD///////////8AAAAAAAAAAP//////////AP////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA//////////8A/////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD//////////wD/////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP//////////AP////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA//////////8A/////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD//////////wD/////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP//////////AP////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////AAAAAAAAAAD///////////8AAAAAAAAAAP//////////AP////////8AAAAAAAAAAP///////////wAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////AAAAAAAAAAD///////////8AAAAAAAAAAP//////////AP////////8AAAAAAAAAAP///////////wAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////AAAAAAAAAAD///////////8AAAAAAAAAAP//////////AP////////8AAAAAAAAAAP///////////wAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////AAAAAAAAAAD///////////8AAAAAAAAAAP//////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=', 
+			'width' => 40
+		), 
+		'I' => array(
+			'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////AAAAAAAAAAAAAAAAAAAAAAAA////////////////AP////////////8AAAAAAAAAAAAAAAAAAAAAAAD///////////////8A/////////////wAAAAAAAAAAAAAAAAAAAAAAAP///////////////wD/////////////AAAAAAAAAAAAAAAAAAAAAAAA////////////////AP////////////8AAAAAAAAAAAAAAAAAAAAAAAD///////////////8A/////////////wAAAAAAAAAAAAAAAAAAAAAAAP///////////////wD/////////////AAAAAAAAAAAAAAAAAAAAAAAA////////////////AP///////////////////wAAAAAAAAAA//////////////////////8A////////////////////AAAAAAAAAAD//////////////////////wD///////////////////8AAAAAAAAAAP//////////////////////AP///////////////////wAAAAAAAAAA//////////////////////8A////////////////////AAAAAAAAAAD//////////////////////wD///////////////////8AAAAAAAAAAP//////////////////////AP///////////////////wAAAAAAAAAA//////////////////////8A////////////////////AAAAAAAAAAD//////////////////////wD///////////////////8AAAAAAAAAAP//////////////////////AP///////////////////wAAAAAAAAAA//////////////////////8A////////////////////AAAAAAAAAAD//////////////////////wD///////////////////8AAAAAAAAAAP//////////////////////AP///////////////////wAAAAAAAAAA//////////////////////8A////////////////////AAAAAAAAAAD//////////////////////wD///////////////////8AAAAAAAAAAP//////////////////////AP////////////8AAAAAAAAAAAAAAAAAAAAAAAD///////////////8A/////////////wAAAAAAAAAAAAAAAAAAAAAAAP///////////////wD/////////////AAAAAAAAAAAAAAAAAAAAAAAA////////////////AP////////////8AAAAAAAAAAAAAAAAAAAAAAAD///////////////8A/////////////wAAAAAAAAAAAAAAAAAAAAAAAP///////////////wD/////////////AAAAAAAAAAAAAAAAAAAAAAAA////////////////AP////////////8AAAAAAAAAAAAAAAAAAAAAAAD///////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=', 
+			'width' => 40
+		), 
+		'J' => array(
+			'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP///////////////////////////wAAAAAAAAAA//////////////8A////////////////////////////AAAAAAAAAAD//////////////wD///////////////////////////8AAAAAAAAAAP//////////////AP///////////////////////////wAAAAAAAAAA//////////////8A////////////////////////////AAAAAAAAAAD//////////////wD///////////////////////////8AAAAAAAAAAP//////////////AP///////////////////////////wAAAAAAAAAA//////////////8A////////////////////////////AAAAAAAAAAD//////////////wD///////////////////////////8AAAAAAAAAAP//////////////AP///////////////////////////wAAAAAAAAAA//////////////8A////////////////////////////AAAAAAAAAAD//////////////wD///////////////////////////8AAAAAAAAAAP//////////////AP///////////////////////////wAAAAAAAAAA//////////////8A////////////////////////////AAAAAAAAAAD//////////////wD///////////////////////////8AAAAAAAAAAP//////////////AP///////////////////////////wAAAAAAAAAA//////////////8A////////////////////////////AAAAAAAAAAj//////////////wD//////////+zMrIxwUDAQ//////wAAAAAAAAAIP//////////////AP//////////DAAAAAAAAADo////2AAAAAAAAAA0//////////////8A//////////8wAAAAAAAAAKj///+YAAAAAAAAAFj//////////////wD//////////2gAAAAAAAAAIND/yBgAAAAAAAAAkP//////////////AP//////////vAAAAAAAAAAAAAAAAAAAAAAAAADc//////////////8A////////////MAAAAAAAAAAAAAAAAAAAAAAAUP///////////////wD////////////EBAAAAAAAAAAAAAAAAAAAABjk////////////////AP////////////+sBAAAAAAAAAAAAAAAAAAY2P////////////////8A///////////////EMAAAAAAAAAAAAAAAVOj//////////////////wD/////////////////vHBAIAAAABg8fNT/////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=', 
+			'width' => 40
+		), 
+		'K' => array(
+			'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD///////8AAAAAAAAAAP//////////wAQAAAAAAAAAAABw////////AP///////wAAAAAAAAAA/////////9AMAAAAAAAAAAAAcP////////8A////////AAAAAAAAAAD////////cGAAAAAAAAAAAAHD//////////wD///////8AAAAAAAAAAP//////6CgAAAAAAAAAAABs////////////AP///////wAAAAAAAAAA//////Q0AAAAAAAAAAAAVPz///////////8A////////AAAAAAAAAAD////8RAAAAAAAAAAAAFT8/////////////wD///////8AAAAAAAAAAP///1gAAAAAAAAAAABU/P//////////////AP///////wAAAAAAAAAA//9wAAAAAAAAAAAASPz///////////////8A////////AAAAAAAAAAD/jAAAAAAAAAAAADz0/////////////////wD///////8AAAAAAAAAAKQAAAAAAAAAAAA89P//////////////////AP///////wAAAAAAAAAABAAAAAAAAAAAFPT///////////////////8A////////AAAAAAAAAAAAAAAAAAAAAAAApP///////////////////wD///////8AAAAAAAAAAAAAAAAAAAAAAAAU8P//////////////////AP///////wAAAAAAAAAAAAAAAAAAAAAAAABk//////////////////8A////////AAAAAAAAAAAAAAAAAAAAAAAAAADE/////////////////wD///////8AAAAAAAAAAAAAAAAoEAAAAAAAACz8////////////////AP///////wAAAAAAAAAAAAAAGNiAAAAAAAAAAIj///////////////8A////////AAAAAAAAAAAAABjY//gYAAAAAAAACOD//////////////wD///////8AAAAAAAAAAAAY2P///5wAAAAAAAAASP//////////////AP///////wAAAAAAAAAAGNj//////CgAAAAAAAAAqP////////////8A////////AAAAAAAAAADI////////sAAAAAAAAAAc8P///////////wD///////8AAAAAAAAAAP//////////QAAAAAAAAABs////////////AP///////wAAAAAAAAAA///////////IAAAAAAAAAATI//////////8A////////AAAAAAAAAAD///////////9YAAAAAAAAADD8/////////wD///////8AAAAAAAAAAP///////////9wEAAAAAAAAAJD/////////AP///////wAAAAAAAAAA/////////////3AAAAAAAAAADOT///////8A////////AAAAAAAAAAD/////////////7BAAAAAAAAAAUP///////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=', 
+			'width' => 40
+		), 
+		'L' => array(
+			'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////8AAAAAAAAAAP////////////////////////////8A/////////////wAAAAAAAAAA/////////////////////////////wD/////////////AAAAAAAAAAD/////////////////////////////AP////////////8AAAAAAAAAAP////////////////////////////8A/////////////wAAAAAAAAAA/////////////////////////////wD/////////////AAAAAAAAAAD/////////////////////////////AP////////////8AAAAAAAAAAP////////////////////////////8A/////////////wAAAAAAAAAA/////////////////////////////wD/////////////AAAAAAAAAAD/////////////////////////////AP////////////8AAAAAAAAAAP////////////////////////////8A/////////////wAAAAAAAAAA/////////////////////////////wD/////////////AAAAAAAAAAD/////////////////////////////AP////////////8AAAAAAAAAAP////////////////////////////8A/////////////wAAAAAAAAAA/////////////////////////////wD/////////////AAAAAAAAAAD/////////////////////////////AP////////////8AAAAAAAAAAP////////////////////////////8A/////////////wAAAAAAAAAA/////////////////////////////wD/////////////AAAAAAAAAAD/////////////////////////////AP////////////8AAAAAAAAAAP////////////////////////////8A/////////////wAAAAAAAAAA/////////////////////////////wD/////////////AAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP////////////8AAAAAAAAAAAAAAAAAAAAAAAAAAP////////////8A/////////////wAAAAAAAAAAAAAAAAAAAAAAAAAA/////////////wD/////////////AAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP////////////8AAAAAAAAAAAAAAAAAAAAAAAAAAP////////////8A/////////////wAAAAAAAAAAAAAAAAAAAAAAAAAA/////////////wD/////////////AAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=', 
+			'width' => 40
+		), 
+		'M' => array(
+			'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A//////8AAAAAAAAAAAAAAHz//////3wAAAAAAAAAAAAAAP///////wD//////wAAAAAAAAAAAAAATP//////UAAAAAAAAAAAAAAA////////AP//////AAAAAAAAAAAAAAAc//////8cAAAAAAAAAAAAAAD///////8A//////8AAAAAAAAAAAAAAADw////8AAAAAAAAAAAAAAAAP///////wD//////wAAAAAAAAAAAAAAALz////AAAAAAAAAAAAAAAAA////////AP//////AAAAAAAAAAAAAAAAkP///5AAAAAAAAAAAAAAAAD///////8A//////8AAAAAAAAAAAAAAABc////ZAAAAAAAAAAAAAAAAP///////wD//////wAAAAAAAAAoAAAAADD///8wAAAAACQAAAAAAAAA////////AP//////AAAAAAAAAFwAAAAABPz//AgAAAAAXAAAAAAAAAD///////8A//////8AAAAAAAAAkAAAAAAA0P/UAAAAAACQAAAAAAAAAP///////wD//////wAAAAAAAADMAAAAAACg/6gAAAAAAMQAAAAAAAAA////////AP//////AAAAAAAAAPgEAAAAAHD/dAAAAAAE+AAAAAAAAAD///////8A//////8AAAAAAAAA/zQAAAAAQP9IAAAAADD/AAAAAAAAAP///////wD//////wAAAAAAAAD/bAAAAAAQ/xQAAAAAaP8AAAAAAAAA////////AP//////AAAAAAAAAP+gAAAAAADQAAAAAACc/wAAAAAAAAD///////8A//////8AAAAAAAAA/9QAAAAAAGgAAAAAAND/AAAAAAAAAP///////wD//////wAAAAAAAAD//wwAAAAAFAAAAAAM/P8AAAAAAAAA////////AP//////AAAAAAAAAP//RAAAAAAAAAAAADz//wAAAAAAAAD///////8A//////8AAAAAAAAA//94AAAAAAAAAAAAcP//AAAAAAAAAP///////wD//////wAAAAAAAAD//7AAAAAAAAAAAACo//8AAAAAAAAA////////AP//////AAAAAAAAAP//5AAAAAAAAAAAANz//wAAAAAAAAD///////8A//////8AAAAAAAAA////HAAAAAAAAAAQ////AAAAAAAAAP///////wD//////wAAAAAAAAD///9QAAAAAAAAAEz///8AAAAAAAAA////////AP//////AAAAAAAAAP///4gAAAAAAAAAfP///wAAAAAAAAD///////8A//////8AAAAAAAAA////vAAAAAAAAACw////AAAAAAAAAP///////wD//////wAAAAAAAAD////wAAAAAAAAAOz///8AAAAAAAAA////////AP//////AAAAAAAAAP////8sAAAAAAAc/////wAAAAAAAAD///////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=', 
+			'width' => 40
+		), 
+		'N' => array(
+			'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////AAAAAAAAALD/////////////AAAAAAAAAP//////////AP////////8AAAAAAAAAFOj///////////8AAAAAAAAA//////////8A/////////wAAAAAAAAAASP///////////wAAAAAAAAD//////////wD/////////AAAAAAAAAAAAkP//////////AAAAAAAAAP//////////AP////////8AAAAAAAAAAAAI1P////////8AAAAAAAAA//////////8A/////////wAAAAAAAAAAAAAw+P///////wAAAAAAAAD//////////wD/////////AAAAAAAAAAAAAABw////////AAAAAAAAAP//////////AP////////8AAAAAAAAAAAAAAAC8//////8AAAAAAAAA//////////8A/////////wAAAAAAAAAAAAAAABzs/////wAAAAAAAAD//////////wD/////////AAAAAAAAAAAAAAAAAFD/////AAAAAAAAAP//////////AP////////8AAAAAAAAAAAAAAAAAAJz///8AAAAAAAAA//////////8A/////////wAAAAAAAAAUAAAAAAAADNz//wAAAAAAAAD//////////wD/////////AAAAAAAAALQAAAAAAAAANPz/AAAAAAAAAP//////////AP////////8AAAAAAAAA/2wAAAAAAAAAfP8AAAAAAAAA//////////8A/////////wAAAAAAAAD/+CwAAAAAAAAExAAAAAAAAAD//////////wD/////////AAAAAAAAAP//0AQAAAAAAAAgAAAAAAAAAP//////////AP////////8AAAAAAAAA////jAAAAAAAAAAAAAAAAAAA//////////8A/////////wAAAAAAAAD/////RAAAAAAAAAAAAAAAAAD//////////wD/////////AAAAAAAAAP/////kFAAAAAAAAAAAAAAAAP//////////AP////////8AAAAAAAAA//////+sAAAAAAAAAAAAAAAA//////////8A/////////wAAAAAAAAD///////9kAAAAAAAAAAAAAAD//////////wD/////////AAAAAAAAAP////////QkAAAAAAAAAAAAAP//////////AP////////8AAAAAAAAA/////////8wEAAAAAAAAAAAA//////////8A/////////wAAAAAAAAD//////////4QAAAAAAAAAAAD//////////wD/////////AAAAAAAAAP///////////DwAAAAAAAAAAP//////////AP////////8AAAAAAAAA////////////4BAAAAAAAAAA//////////8A/////////wAAAAAAAAD/////////////qAAAAAAAAAD//////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=', 
+			'width' => 40
+		), 
+		'O' => array(
+			'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A///////////////////0qGw4HAAAABw4aKT0/////////////////wD////////////////wcAwAAAAAAAAAAAAAAAho6P//////////////AP//////////////uBQAAAAAAAAAAAAAAAAAAAAMoP////////////8A/////////////6AEAAAAAAAAAAAAAAAAAAAAAAAAkP///////////wD///////////+4BAAAAAAAAAAAAAAAAAAAAAAAAAAAoP//////////AP//////////8BQAAAAAAAAAAAAAAAAAAAAAAAAAAAAM5P////////8A//////////9wAAAAAAAAAAAsrPD/7KQsAAAAAAAAAABg/////////wD/////////+BAAAAAAAAAAUPj///////hQAAAAAAAAAAjs////////AP////////+sAAAAAAAAABDw//////////AYAAAAAAAAAKD///////8A/////////2wAAAAAAAAAdP///////////3wAAAAAAAAAYP///////wD/////////OAAAAAAAAAC4////////////xAAAAAAAAAAw////////AP////////8cAAAAAAAAAOD////////////oAAAAAAAAABT///////8A/////////wAAAAAAAAAA//////////////8AAAAAAAAAAP///////wD/////////AAAAAAAAAAD//////////////wAAAAAAAAAA////////AP////////8AAAAAAAAAAP/////////////8AAAAAAAAAAD///////8A/////////xwAAAAAAAAA5P///////////+AAAAAAAAAAHP///////wD/////////NAAAAAAAAAC8////////////uAAAAAAAAAA4////////AP////////9oAAAAAAAAAHj///////////98AAAAAAAAAGT///////8A/////////6gAAAAAAAAAGPD/////////+BgAAAAAAAAApP///////wD/////////9AwAAAAAAAAAUPz///////xcAAAAAAAAAAjs////////AP//////////cAAAAAAAAAAALKjs//CwOAAAAAAAAAAAYP////////8A///////////wFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzk/////////wD///////////+4BAAAAAAAAAAAAAAAAAAAAAAAAAAAoP//////////AP////////////+QAAAAAAAAAAAAAAAAAAAAAAAAAJD///////////8A//////////////+sEAAAAAAAAAAAAAAAAAAAAAyg/////////////wD////////////////oZAgAAAAAAAAAAAAAAARg4P//////////////AP//////////////////9KhsOCAAAAAUMFyc7P////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=', 
+			'width' => 40
+		), 
+		'P' => array(
+			'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP///////////wAAAAAAAAAAAAAAAAAACCxguP////////////////8A////////////AAAAAAAAAAAAAAAAAAAAAAAAOOD//////////////wD///////////8AAAAAAAAAAAAAAAAAAAAAAAAAGOD/////////////AP///////////wAAAAAAAAAAAAAAAAAAAAAAAAAARP////////////8A////////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAxP///////////wD///////////8AAAAAAAAAAAAAAAAAAAAAAAAAAABo////////////AP///////////wAAAAAAAAAA////6JwMAAAAAAAAADD///////////8A////////////AAAAAAAAAAD//////6AAAAAAAAAADP///////////wD///////////8AAAAAAAAAAP//////9AAAAAAAAAAA////////////AP///////////wAAAAAAAAAA///////0AAAAAAAAAAD///////////8A////////////AAAAAAAAAAD//////5gAAAAAAAAAHP///////////wD///////////8AAAAAAAAAAP///9iICAAAAAAAAABI////////////AP///////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAJD///////////8A////////////AAAAAAAAAAAAAAAAAAAAAAAAAAAI6P///////////wD///////////8AAAAAAAAAAAAAAAAAAAAAAAAAAIT/////////////AP///////////wAAAAAAAAAAAAAAAAAAAAAAAABU/P////////////8A////////////AAAAAAAAAAAAAAAAAAAAAAAIhPz//////////////wD///////////8AAAAAAAAAAAAAAAAABCRMkOz/////////////////AP///////////wAAAAAAAAAA//////////////////////////////8A////////////AAAAAAAAAAD//////////////////////////////wD///////////8AAAAAAAAAAP//////////////////////////////AP///////////wAAAAAAAAAA//////////////////////////////8A////////////AAAAAAAAAAD//////////////////////////////wD///////////8AAAAAAAAAAP//////////////////////////////AP///////////wAAAAAAAAAA//////////////////////////////8A////////////AAAAAAAAAAD//////////////////////////////wD///////////8AAAAAAAAAAP//////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=', 
+			'width' => 40
+		), 
+		'Q' => array(
+			'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////SoaDQcAAAAHDhoqPT///////////////////8A//////////////BwDAAAAAAAAAAAAAAACHDo/////////////////wD///////////+4FAAAAAAAAAAAAAAAAAAAABCo////////////////AP//////////nAQAAAAAAAAAAAAAAAAAAAAAAACQ//////////////8A/////////7gEAAAAAAAAAAAAAAAAAAAAAAAAAACg/////////////wD////////wFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzo////////////AP///////3AAAAAAAAAAACyo8P/sqCwAAAAAAAAAAGT///////////8A///////4EAAAAAAAAABM+P///////FQAAAAAAAAACPT//////////wD//////7AAAAAAAAAAFPD/////////9BgAAAAAAAAApP//////////AP//////bAAAAAAAAAB4////////////fAAAAAAAAABk//////////8A//////84AAAAAAAAALz///////////+8AAAAAAAAADT//////////wD//////xwAAAAAAAAA6P///////////+QAAAAAAAAAHP//////////AP//////AAAAAAAAAAD//////////////wAAAAAAAAAA//////////8A//////8AAAAAAAAAAP//////////////AAAAAAAAAAD//////////wD//////wAAAAAAAAAA/P////////////8AAAAAAAAAAP//////////AP//////GAAAAAAAAADg////////////4AAAAAAAAAAc//////////8A//////84AAAAAAAAALT////MJHTo//+8AAAAAAAAADT//////////wD//////2wAAAAAAAAAdP///2AAABCg/3wAAAAAAAAAZP//////////AP//////rAAAAAAAAAAY9P/sCAAAAABMGAAAAAAAAACk//////////8A///////4EAAAAAAAAABU/P+0OAAAAAAAAAAAAAAACPT//////////wD///////94AAAAAAAAAAA4sPD/gAAAAAAAAAAAAABk////////////AP////////AcAAAAAAAAAAAAAAAAAAAAAAAAAAAADOT///////////8A/////////7wEAAAAAAAAAAAAAAAAAAAAAAAAAACQ/////////////wD//////////6wEAAAAAAAAAAAAAAAAAAAAAAAAABSs////////////AP///////////7gUAAAAAAAAAAAAAAAAAAAAAAAAAABAwP////////8A//////////////BwDAAAAAAAAAAAAAAABAgAAAAAAAA8/////////wD////////////////0qGg0GAAAABgwXJjkxBgAAAAAALD/////////AP//////////////////////////////////5DQAAAAk/P////////8A////////////////////////////////////+GwAAJD//////////wD//////////////////////////////////////8A49P//////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=', 
+			'width' => 40
+		), 
+		'R' => array(
+			'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////wAAAAAAAAAAAAAAAAAAAAQgOGSk+P///////////////wD/////////AAAAAAAAAAAAAAAAAAAAAAAAAAAcuP//////////////AP////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAEsP////////////8A/////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQ6P///////////wD/////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8////////////AP////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADD///////////8A/////////wAAAAAAAAAA///////svDgAAAAAAAAACP///////////wD/////////AAAAAAAAAAD/////////7AAAAAAAAAAA////////////AP////////8AAAAAAAAAAP/////////cAAAAAAAAABD///////////8A/////////wAAAAAAAAAA//////DQoCQAAAAAAAAAQP///////////wD/////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAACU////////////AP////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAIPj///////////8A/////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAzU/////////////wD/////////AAAAAAAAAAAAAAAAAAAAAAAAAAA02P//////////////AP////////8AAAAAAAAAAAAAAAAAAAAAAAxctPz///////////////8A/////////wAAAAAAAAAAAAAAAAAAAAAAAEDY/////////////////wD/////////AAAAAAAAAAD/9LAsAAAAAAAAAAzc////////////////AP////////8AAAAAAAAAAP///+wkAAAAAAAAADD8//////////////8A/////////wAAAAAAAAAA/////8QAAAAAAAAAAJD//////////////wD/////////AAAAAAAAAAD//////1QAAAAAAAAAFPD/////////////AP////////8AAAAAAAAAAP//////3AQAAAAAAAAAgP////////////8A/////////wAAAAAAAAAA////////aAAAAAAAAAAM6P///////////wD/////////AAAAAAAAAAD////////oCAAAAAAAAABs////////////AP////////8AAAAAAAAAAP////////+AAAAAAAAAAATc//////////8A/////////wAAAAAAAAAA//////////AUAAAAAAAAAFj//////////wD/////////AAAAAAAAAAD//////////5AAAAAAAAAAAND/////////AP////////8AAAAAAAAAAP//////////+CQAAAAAAAAAQP////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=', 
+			'width' => 40
+		), 
+		'S' => array(
+			'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP/////////////////8vHBEIAgAAAQgQHC8/P////////////////8A////////////////pCQAAAAAAAAAAAAAAAAcoP///////////////wD//////////////FwAAAAAAAAAAAAAAAAAAAAAXP//////////////AP////////////9oAAAAAAAAAAAAAAAAAAAAAAAAhP////////////8A////////////zAAAAAAAAAAAAAAAAAAAAAAAAAAI6P///////////wD///////////9cAAAAAAAAAAAAAAAAAAAAAAAAAACA////////////AP///////////xgAAAAAAAAAUOD/8KwkAAAAAAAAADj///////////8A////////////AAAAAAAAAAD0/////8wABCAgICxASP///////////wD///////////8MAAAAAAAAAMz/////////////////////////////AP///////////0AAAAAAAAAACFiQxPT///////////////////////8A////////////oAAAAAAAAAAAAAAAADBwtPT//////////////////wD////////////8QAAAAAAAAAAAAAAAAAAACFTA////////////////AP/////////////oOAAAAAAAAAAAAAAAAAAAAABM6P////////////8A///////////////4fAgAAAAAAAAAAAAAAAAAAAAY2P///////////wD/////////////////7IwwAAAAAAAAAAAAAAAAAAAo+P//////////AP/////////////////////koGw0BAAAAAAAAAAAAACU//////////8A///////////////////////////4uFgAAAAAAAAAADz//////////wD//////////2BgSEA0IBwA6P///////5QAAAAAAAAADP//////////AP//////////JAAAAAAAAACc/////////AAAAAAAAAAA//////////8A//////////9YAAAAAAAAACDo///////AAAAAAAAAABT//////////wD//////////6QAAAAAAAAAACCk7P/snBQAAAAAAAAAUP//////////AP//////////+BAAAAAAAAAAAAAAAAAAAAAAAAAAAACs//////////8A////////////kAAAAAAAAAAAAAAAAAAAAAAAAAAAOP///////////wD////////////8RAAAAAAAAAAAAAAAAAAAAAAAABjc////////////AP/////////////0PAAAAAAAAAAAAAAAAAAAAAAg2P////////////8A///////////////8hBQAAAAAAAAAAAAAAAAMdPT//////////////wD/////////////////+LRwSCAMAAAAHDhoqPT/////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=', 
+			'width' => 40
+		), 
+		'T' => array(
+			'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA////////////AP////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD///////////8A/////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP///////////wD/////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA////////////AP////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD///////////8A/////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP///////////wD///////////////////8AAAAAAAAAAP//////////////////////AP///////////////////wAAAAAAAAAA//////////////////////8A////////////////////AAAAAAAAAAD//////////////////////wD///////////////////8AAAAAAAAAAP//////////////////////AP///////////////////wAAAAAAAAAA//////////////////////8A////////////////////AAAAAAAAAAD//////////////////////wD///////////////////8AAAAAAAAAAP//////////////////////AP///////////////////wAAAAAAAAAA//////////////////////8A////////////////////AAAAAAAAAAD//////////////////////wD///////////////////8AAAAAAAAAAP//////////////////////AP///////////////////wAAAAAAAAAA//////////////////////8A////////////////////AAAAAAAAAAD//////////////////////wD///////////////////8AAAAAAAAAAP//////////////////////AP///////////////////wAAAAAAAAAA//////////////////////8A////////////////////AAAAAAAAAAD//////////////////////wD///////////////////8AAAAAAAAAAP//////////////////////AP///////////////////wAAAAAAAAAA//////////////////////8A////////////////////AAAAAAAAAAD//////////////////////wD///////////////////8AAAAAAAAAAP//////////////////////AP///////////////////wAAAAAAAAAA//////////////////////8A////////////////////AAAAAAAAAAD//////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=', 
+			'width' => 40
+		), 
+		'U' => array(
+			'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////8AAAAAAAAAAP///////////wAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////AAAAAAAAAAD///////////8AAAAAAAAAAP//////////AP////////8AAAAAAAAAAP///////////wAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////AAAAAAAAAAD///////////8AAAAAAAAAAP//////////AP////////8AAAAAAAAAAP///////////wAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////AAAAAAAAAAD///////////8AAAAAAAAAAP//////////AP////////8AAAAAAAAAAP///////////wAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////AAAAAAAAAAD///////////8AAAAAAAAAAP//////////AP////////8AAAAAAAAAAP///////////wAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////AAAAAAAAAAD///////////8AAAAAAAAAAP//////////AP////////8AAAAAAAAAAP///////////wAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////JAAAAAAAAADk/////////+gAAAAAAAAAHP//////////AP////////9MAAAAAAAAAJz/////////nAAAAAAAAABE//////////8A/////////4gAAAAAAAAAHOj//////+ggAAAAAAAAAHz//////////wD/////////0AAAAAAAAAAAIJzs/+ykIAAAAAAAAAAA0P//////////AP//////////QAAAAAAAAAAAAAAAAAAAAAAAAAAAAED///////////8A///////////IBAAAAAAAAAAAAAAAAAAAAAAAAAAE0P///////////wD///////////+YAAAAAAAAAAAAAAAAAAAAAAAAAJj/////////////AP////////////+UBAAAAAAAAAAAAAAAAAAAAASU//////////////8A///////////////IPAAAAAAAAAAAAAAAAAAwyP///////////////wD/////////////////0IxYOCAIAAAEIEiAyP//////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=', 
+			'width' => 40
+		), 
+		'V' => array(
+			'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD//////zAAAAAAAAAAYP//////////////ZAAAAAAAAAAw////////AP//////kAAAAAAAAAAU/P////////////8UAAAAAAAAAJD///////8A///////oBAAAAAAAAADE////////////xAAAAAAAAAAE7P///////wD///////9MAAAAAAAAAHD///////////94AAAAAAAAAEz/////////AP///////6gAAAAAAAAAJP///////////yQAAAAAAAAArP////////8A////////+BAAAAAAAAAA1P/////////YAAAAAAAAABT4/////////wD/////////aAAAAAAAAACE/////////4QAAAAAAAAAbP//////////AP/////////EAAAAAAAAADT/////////OAAAAAAAAADM//////////8A//////////8kAAAAAAAAAOT//////+QAAAAAAAAAKP///////////wD//////////4QAAAAAAAAAmP//////nAAAAAAAAACI////////////AP//////////5AAAAAAAAABE//////9EAAAAAAAABOT///////////8A////////////QAAAAAAAAAT0////9AgAAAAAAABI/////////////wD///////////+gAAAAAAAAAKT///+kAAAAAAAAAKj/////////////AP////////////QIAAAAAAAAXP///1wAAAAAAAAM+P////////////8A/////////////1wAAAAAAAAM+P/8DAAAAAAAAGT//////////////wD/////////////vAAAAAAAAAC8/7wAAAAAAAAAxP//////////////AP//////////////HAAAAAAAAGj/aAAAAAAAACT///////////////8A//////////////94AAAAAAAAHP8cAAAAAAAAhP///////////////wD//////////////9gAAAAAAAAAkAAAAAAAAADk////////////////AP///////////////zgAAAAAAAAQAAAAAAAAQP////////////////8A////////////////lAAAAAAAAAAAAAAAAACg/////////////////wD////////////////sCAAAAAAAAAAAAAAADPT/////////////////AP////////////////9QAAAAAAAAAAAAAABg//////////////////8A/////////////////7AAAAAAAAAAAAAAAMD//////////////////wD//////////////////BQAAAAAAAAAAAAc////////////////////AP//////////////////cAAAAAAAAAAAAHz///////////////////8A///////////////////MAAAAAAAAAAAA3P///////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=', 
+			'width' => 40
+		), 
+		'W' => array(
+			'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A//8cAAAAAAAAALz/////4AAAAAAAAAAA6P////+8AAAAAAAAABz//wD//1QAAAAAAAAAjP////+gAAAAAAAAAACo/////4wAAAAAAAAAUP//AP//jAAAAAAAAABU/////2AAAAAAAAAAAGj/////VAAAAAAAAACM//8A///EAAAAAAAAACT/////IAAAAAAAAAAAKP////8kAAAAAAAAAMT//wD///gEAAAAAAAAAPD//+AAAAAAAAAAAAAA6P//8AAAAAAAAAAE9P//AP///zAAAAAAAAAAvP//oAAAAAAAAAAAAACo//+8AAAAAAAAADD///8A////bAAAAAAAAACM//9gAAAAAAAAAAAAAGT//4wAAAAAAAAAaP///wD///+kAAAAAAAAAFT//yAAAAAAAAAAAAAAIP//VAAAAAAAAACc////AP///9gAAAAAAAAAJP/gAAAAAAAAAAAAAAAA4P8kAAAAAAAAANT///8A/////xAAAAAAAAAA8KAAAAAAAAAAAAAAAACg8AAAAAAAAAAQ/////wD/////TAAAAAAAAAC8YAAAAAAAAAAAAAAAAGC8AAAAAAAAAET/////AP////+AAAAAAAAAAIwgAAAAAAAAAAAAAAAAIIwAAAAAAAAAfP////8A/////7gAAAAAAAAANAAAAAAAACwwAAAAAAAANAAAAAAAAACw/////wD/////8AAAAAAAAAAAAAAAAAAAdHgAAAAAAAAAAAAAAAAAAOz/////AP//////KAAAAAAAAAAAAAAAAAC4vAAAAAAAAAAAAAAAAAAg//////8A//////9gAAAAAAAAAAAAAAAACPj4CAAAAAAAAAAAAAAAAFj//////wD//////5QAAAAAAAAAAAAAAABE//9IAAAAAAAAAAAAAAAAkP//////AP//////0AAAAAAAAAAAAAAAAIj//4wAAAAAAAAAAAAAAADI//////8A///////8DAAAAAAAAAAAAAAAzP//1AAAAAAAAAAAAAAABPj//////wD///////88AAAAAAAAAAAAABT/////GAAAAAAAAAAAAAA0////////AP///////3QAAAAAAAAAAAAAWP////9gAAAAAAAAAAAAAHD///////8A////////sAAAAAAAAAAAAACg/////6QAAAAAAAAAAAAApP///////wD////////kAAAAAAAAAAAAAOT/////6AAAAAAAAAAAAADc////////AP////////8cAAAAAAAAAAAo////////MAAAAAAAAAAAEP////////8A/////////1QAAAAAAAAAAHD///////94AAAAAAAAAABM/////////wD/////////jAAAAAAAAAAAtP///////7wAAAAAAAAAAID/////////AP/////////EAAAAAAAAAAT0////////+AgAAAAAAAAAuP////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=', 
+			'width' => 40
+		), 
+		'X' => array(
+			'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD///////9UAAAAAAAAAKz///////////+sAAAAAAAAAFD/////////AP///////+QQAAAAAAAAFOT/////////8BwAAAAAAAAM5P////////8A/////////5gAAAAAAAAATP////////9kAAAAAAAAAJD//////////wD//////////0AAAAAAAAAAoP//////wAAAAAAAAAA0/P//////////AP//////////2AgAAAAAAAAQ4P////gkAAAAAAAABMz///////////8A////////////iAAAAAAAAABA////dAAAAAAAAABw/////////////wD////////////8MAAAAAAAAACU/9AEAAAAAAAAHPD/////////////AP/////////////IBAAAAAAAAAzYMAAAAAAAAACs//////////////8A//////////////90AAAAAAAAABAAAAAAAAAATP///////////////wD///////////////QgAAAAAAAAAAAAAAAAAAzg////////////////AP///////////////7wAAAAAAAAAAAAAAAAAjP////////////////8A/////////////////2AAAAAAAAAAAAAAADD8/////////////////wD/////////////////7BQAAAAAAAAAAAAEyP//////////////////AP/////////////////gDAAAAAAAAAAAAAjY//////////////////8A/////////////////0AAAAAAAAAAAAAAADj8/////////////////wD///////////////+UAAAAAAAAAAAAAAAAAJD/////////////////AP//////////////4AwAAAAAAAAAAAAAAAAADOD///////////////8A//////////////9AAAAAAAAAAAAAAAAAAAAAQP///////////////wD/////////////nAAAAAAAAAAAWAAAAAAAAAAAlP//////////////AP///////////+QQAAAAAAAAAGD/YAAAAAAAAAAM4P////////////8A////////////TAAAAAAAAAAs9P/0LAAAAAAAAABM/////////////wD//////////6AAAAAAAAAADNT////UDAAAAAAAAACg////////////AP/////////kEAAAAAAAAACg//////+gAAAAAAAAABDk//////////8A/////////0wAAAAAAAAAYP////////9gAAAAAAAAAEz//////////wD///////+oAAAAAAAAACz0//////////QsAAAAAAAAAKT/////////AP//////7BQAAAAAAAAM1P///////////9QMAAAAAAAAFOz///////8A//////9UAAAAAAAAAKD//////////////6AAAAAAAAAAVP///////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=', 
+			'width' => 40
+		), 
+		'Y' => array(
+			'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP///////1QAAAAAAAAAAGj//////////2gAAAAAAAAAAFT///////8A////////5BAAAAAAAAAAAMT////////EAAAAAAAAAAAQ5P///////wD/////////mAAAAAAAAAAAKPj/////+CgAAAAAAAAAAJj/////////AP//////////PAAAAAAAAAAAgP////+AAAAAAAAAAAA8//////////8A///////////YCAAAAAAAAAAE2P//2AQAAAAAAAAACNj//////////wD///////////+AAAAAAAAAAAA4//84AAAAAAAAAACA////////////AP////////////woAAAAAAAAAACUlAAAAAAAAAAAKPz///////////8A/////////////8gAAAAAAAAAABAQAAAAAAAAAADI/////////////wD//////////////2wAAAAAAAAAAAAAAAAAAAAAbP//////////////AP//////////////8BwAAAAAAAAAAAAAAAAAABzw//////////////8A////////////////tAAAAAAAAAAAAAAAAAAAtP///////////////wD/////////////////VAAAAAAAAAAAAAAAAFT/////////////////AP/////////////////oEAAAAAAAAAAAAAAQ6P////////////////8A//////////////////+cAAAAAAAAAAAAAJz//////////////////wD///////////////////9AAAAAAAAAAABA////////////////////AP///////////////////9gAAAAAAAAAANj///////////////////8A/////////////////////wAAAAAAAAAA/////////////////////wD/////////////////////AAAAAAAAAAD/////////////////////AP////////////////////8AAAAAAAAAAP////////////////////8A/////////////////////wAAAAAAAAAA/////////////////////wD/////////////////////AAAAAAAAAAD/////////////////////AP////////////////////8AAAAAAAAAAP////////////////////8A/////////////////////wAAAAAAAAAA/////////////////////wD/////////////////////AAAAAAAAAAD/////////////////////AP////////////////////8AAAAAAAAAAP////////////////////8A/////////////////////wAAAAAAAAAA/////////////////////wD/////////////////////AAAAAAAAAAD/////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=', 
+			'width' => 40
+		), 
+		'Z' => array(
+			'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAD//////////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAP//////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAA//////////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAD//////////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAP//////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAQ//////////////8A/////////////////////////1AAAAAAAAAABLz//////////////wD///////////////////////98AAAAAAAAAACY////////////////AP//////////////////////pAAAAAAAAAAAaP////////////////8A/////////////////////8QIAAAAAAAAAET8/////////////////wD////////////////////gGAAAAAAAAAAo9P//////////////////AP//////////////////9CwAAAAAAAAAFNz///////////////////8A//////////////////xMAAAAAAAAAATA/////////////////////wD/////////////////eAAAAAAAAAAAnP//////////////////////AP///////////////5wAAAAAAAAAAHT///////////////////////8A///////////////ABAAAAAAAAABM/P///////////////////////wD/////////////3BQAAAAAAAAALPT/////////////////////////AP////////////QoAAAAAAAAABjg//////////////////////////8A///////////8SAAAAAAAAAAExP///////////////////////////wD//////////2wAAAAAAAAAAKD/////////////////////////////AP////////+YAAAAAAAAAAB8//////////////////////////////8A/////////wQAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/////////////wD/////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP////////////8A/////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/////////////wD/////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=', 
+			'width' => 40
+		), 
+	);
+
+	return $_png;
+}
+
+// These define base64_encoded raw png image data used
+// when we cannot generate our own single png image
+function define_raw_pngs()
+{
+	$_png = array(
+		'0' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QKCNGXKO6AAAAB3RJTUUH0wUOEDQ6EUG1VwAAAAlwSFlzAAALEgAACxIB0t1+/AAAAXNJREFUeNpj/M9AHGAiUt2wVvhyaqAqKyOjpG3jQwaGv+e+IUn9RwJfSjjg4iwFP1aKJD6HyyErfGGAYrquIoP5E2wK/zigu0v5wH9sChdgeKDqP1aFGhBZmxv/z0Dd4IxV4RWIpMQHIPuJAITzAqEQETx7IFQIP5CQNoJwDmALxzMQCuyjg1chnBPYwtECwr8AZN41h0p6YHOjAkTuwf//77wYuCEcFWwKOWA2fM1iZuuHcASwKYQ55c9ENuasrxgRjKlwJS+D17v/hBUeUGYwv/sfn0IRiJQZJIbxuFEFagjvSlDUQNgK2GIGqpC1JRhIfoAqxBYz0DRhn8IMJO+giKEqhMaMJBeI3AHhIKdkRPqG8DlAifqFADyasKRHO6h1Z/6fMYEwTbCmx3cWGCl8CTaFwBhGz+M2/7EpXMvOnBmIok7jBVaFz/Mi3/1pQORrhpgPyOr+M8IL0j9/gKpeLjhy5QEwoDVsYuRR3cE4IktcAJNx8cJaZBeQAAAAAElFTkSuQmCC', 
+		'1' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QMi//xxVKAAAAB3RJTUUH0wUOEDYLcqnX7wAAAAlwSFlzAAALEgAACxIB0t1+/AAAAHpJREFUeNpj/M9AHGAiUh1WhR8FGUGAsMKaD9iM/I8BlmCVwVS4hoUohT8qcNiFyv2zQIWBCIV3amRwu54RKcDRAgQ1KigIcJYK7CqR3QsCFmf+Y8qgeQakbANMAz6FKjUXECbj8zWa76nm61GFw1UhI10KqVGFNFQIADdK9Zj7PsV9AAAAAElFTkSuQmCC', 
+		'2' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QMwPUBEjoAAAAB3RJTUUH0wUOEDUqFe2UcgAAAAlwSFlzAAALEgAACxIB0t1+/AAAAQxJREFUeNpj/M9AHGAiUt2owkGrkAWF93LFgStPfjCwyGiYRGijqfyPAH9aOJAkQl78RwbICkNQjdB4gUNhD7qzLLAr/CKA4YENSAoRvl7zAUJXvPmxhgfCXILVMxEQvg+IDVUhgtVqDYjkDhD7B2aQIMIx5cOTN29evLAAsaEKObBajQzmQOQMcIQjHLwQgSisIaDwBdS5LHfwK7yhAHVVyX+8CrdAA5HB5gdehQ3Yoxpd4ZcAmDqbD//xKISEIjhU//zHoxDmXQaeFRhOZ8CmzuDOf3wKf8DsDfnyH6/CHJi6P//xKjyDJethVehBpMI7DPgVwrPCCgb8AK5wDwGFcNMF8EkCASOx1QcAGUxu1untnFIAAAAASUVORK5CYII=', 
+		'3' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QMxBQugk2AAAAB3RJTUUH0wUOEDU3duv4qwAAAAlwSFlzAAALEgAACxIB0t1+/AAAATdJREFUeNpj/M9AHGAiUt0IVciCzPm7ZceZB28YGBQkLHwcmNFU/keANRJI4ioH/qMAJIUlaHatwaFwBrqrOO5gVfiCB8P9KVgVVkAtnPDh/wkLCFsGq0IFiGQLiH0D06P/GWHJ7O+NOzfuXLlzQRrEhgSawHscwYPurxAcwQMBf/4/aIAYyHIGr8IEeDhO+Y9XoQNUncwOVHGMRPEDSovc+IkzrpGDCQgUbuC1WgBhhsIHfAp3vPn/oIIFKfRxKQSDGohCA4IKX0DTD7YoRAWMUJ9iyQpbn4DBBWUQ5yFEDDnFw622gXAzwBxoYvfB5sYlUI0lD/4/gWWKJdgU/tHAcKjCD6y+PsGCpo4FJbaRgmcNqkqWCThTzxkTJHXo+Ro1HA9uOPHiATDlKJj4eKCVFIzDqWgGAK7GW/haPS+zAAAAAElFTkSuQmCC', 
+		'4' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QMyqWttCEAAAAB3RJTUUH0wUOEDUxn4hdngAAAAlwSFlzAAALEgAACxIB0t1+/AAAAKBJREFUeNpj/M9AHGAiUh2FCucyQgCK4H9McIAFixwWhQ8kGIhS+MWAgTiFIQzEKWxhIE7hFgbiFF7hASkQIajwjQpInuUAIYV/XMDyU/4TUlgAlk75T0jhArCszR9CCk+AY07mxX8CCp+AY47nzH8CCn+YgOWW/CekMAYsVfMfl0JGmCBq4kNEDp2zAn0UMmItABjRvDykPTO43DgyFQIANP6pTFLWAdoAAAAASUVORK5CYII=', 
+		'5' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QMzPy3XhEAAAAB3RJTUUH0wUOEDUk8lW5dQAAAAlwSFlzAAALEgAACxIB0t1+/AAAAQpJREFUeNpj/M9AHGAiUt2oQuIVfmREBzgU3iHWxAfEKiTaRFpZnfAfAbAr/AsxUYagiVCbeQgqhPpFYmukLCOrZupRNJUIB02BCAjAZCK+/Ed2LoJZgm6bzRfsCgMw3JWAXaEBpg8uIGSRPPMBQmXc+P+iggXCnoOQZUQK1K8PgEAjGcQs7QGL6FzG5mtkcAUiyYIQYcRRUkDTLEIWR1b4ixamQMPhrKUP3rx48eDNFXmwdyFiOthixgXqaTAnBcKpwRaOS6A6Mx78fwBVx/IAm8I/KsTGzAkWNHUyb7Ar/L8GNSlK3MCRev7/v+CApC7kBUoUoAX4yQ0nHjwAWqpiE6GNFgNDoAwHAKC2Q2lMNcCmAAAAAElFTkSuQmCC', 
+		'6' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QNAObRd4vAAAAB3RJTUUH0wUOEDUc2lcB6wAAAAlwSFlzAAALEgAACxIB0t1+/AAAATtJREFUeNpj/M9AHGAiUh2Gwq2puryMjKKmmSfRVf5HBkcMEBI+L1CkUBROYUE2QuMFLoVr0CzzwKHwhQC6szZgV1gAtfHI/xs2mEYywsPxp8QHEMVxQ56B4aaJiIKIiIRCPDZf74DwI/5jB4hwPAChbAgG+BWoExlOxkoysuqW3sUV4BoQ/p0SqARLB44AF4HIByDMKMCuEIu7phCrUOADNl/DgMOJ/09SIMwPC7B5hgfC1/kB4kRAOC7YrFaByM0Ac85AOCLYrFaBhSMIQNPlG2wBDg3HP2CSGU/MuEAoiKVXUWxB9cwPiG8UwEGSg5FCMNOjwZ4/byqgpqwgMoWr/MGeZ1agqWPZgSNz/Z+AqnDCf1wK/29B8qbKDhQpRtTE8HfLjjMP3jDwKJh4hKCGJSPNC6lRhTRWCABWpdoxd/bZ4QAAAABJRU5ErkJggg==', 
+		'7' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QNA18/fMoAAAAB3RJTUUH0wUOEDUVo4u5TwAAAAlwSFlzAAALEgAACxIB0t1+/AAAAM9JREFUeNpj/M9AHGAiUt2oQnorZIGzGLFJIyJ40HqGhUiFPFuQ/YUFPBGBmLcDSQybwj8OEDOW/CegsAeiruQ/AYV3OMDqTP4QUugCceCN/wQUQn1a8Z+Awj8qYHUiHwgpXAAxcMJ/Qgp1wOoEPhBSuANiYM5/QgpjIAovEFL4gweszgAz0NASxZ4vYMqHYDKDBiIWhWhWa0CS1x9CVn+8AaYsmAlZfQRC6RDMChADGTQIKjxDrMI7EEoBi0JGlMJe8AOY+sFOSCEeQHQBAABCZ7xyT9fJhwAAAABJRU5ErkJggg==', 
+		'8' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QNBeBnwpSAAAAB3RJTUUH0wUOEDUOKe5wowAAAAlwSFlzAAALEgAACxIB0t1+/AAAATVJREFUeNpj/M9AHGAiUt1AKmRB459cc+DBGwYWGQ2LEG1Umf/I4IELkozLA2QpFIUXJFDMEDiBQ+EHGTR3yHzArrAFwwct2BXqQGQ1zvw/owFh6mBXCDXmDJB5BsOrjEhxzfoHIgkiGCGB9xtrgEPtOwvEV6FWY4+ZAAgVc5LhZgKEGYI9wN+gBiPu4Pl/BFWlxA1cMfN/C0rUr8AVhX8K0KyuwaEwASNmarAqPACVTXnw/0oENBFewKYQGhYZYE4MVBM2hVAvQ1LhHQhHBVsUMjIgYhCdhy3PPASTd6GOxBYz0KhOQHajDjY3pkC1Rlz5fweqjqEAm8ILGK5gYLlDZICXYI+ZLzZo6gL+4EgUfyo4kJQJtCCpQ8kKQPB2zZ47L14AU5iMgUMAN7IM43AqHwdQIQAhMPz6Gz5V/wAAAABJRU5ErkJggg==', 
+		'9' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QNCQ+T2tEAAAAB3RJTUUH0wUOEDUHUDLIBwAAAAlwSFlzAAALEgAACxIB0t1+/AAAAUZJREFUeNpj/M9AHGAiUh26wr9rE3V5GRlFTTM3/kVT+R8Z7FBBSKjsQJFCUTiFBcWMCbgUHmBBs20FdoV/VNDUMQi8wapwDVS65s2fPToQZgFWhRFIkm8kwGyeH9gUQm2+Aua0QDhb4LJI4XgHQmmDSRMIZw+emIEENAeEcwObQhEIdQHiABRbUGPGBSIQAWL/gHqbB5tnJkC1Fjz5f8IGwxwkhR8EsCQarFE4hViF/wsQCgKgHsSu8H8HLFkUQL2rgUPh/zslOiwMEjFH/kND2geXQvQgqMAWhSjgAIRygAswIuXCpXfevHjz4M0ZdQaGhxo/wAnyBTuWmPnvARGxuPH/iAa+9Ph/A7r9Ai+wK/zvg6ZwzX8cCl9oICtjmfIfl8L/bwIQ6gyO/Met8P//EwUmwHTJo5OyBU2CkdaF1KhCWisEAM/sJxmZkdWnAAAAAElFTkSuQmCC', 
+		'A' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QFwy1U7TfAAAAB3RJTUUH0wUOEC0ZKCZtPQAAAAlwSFlzAAALEgAACxIB0t1+/AAAAO1JREFUeNrt1LERwiAUBuAHZ2GRwsIypQMwQEZwgBQpM4QDZBSLFI7gCA5gQWGRdA5gkTuMSh48eMTUnq96wH98B+QiDCwruTD3D76qF676ueAp0Y9lSBXeSkFWaLAje3T+kkzK4SgpBzZw8pqxJWcdOJuRsyGPbWDk0tS20zw9SXsobdfytJVXdzNsP61i6Zt3K7Ht0UeUgbPdjsrOXMd+2IS2C2qb271HVWi7YANcNXFQsUEVBTXwNdl46jYRxPl52dnwRUZbhkLSDmS8DnxFRWiULxg8UxvobefuRR8ZQYDKtffVVcQWv/RrfgJC4bd0upw4MQAAAABJRU5ErkJggg==', 
+		'B' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QGAusrz2zAAAAB3RJTUUH0wUOEC01Gv4B3gAAAAlwSFlzAAALEgAACxIB0t1+/AAAANJJREFUeNpj/M9AHGAiUh0tFTKiAUHL2rsoKv9DARZDWFr+IwA+hQwMFcQqZDhCrMIIYhWK4FYIYv8444PuV+wK//9/A+UJwBUSCHAL3OEIsdoFyttCpGdiiAtHjoY/RCnk6PlBbBRKrCE6CqcQq5DlDs5whIT3CgUI788EvOEIBCegXB2YPCNMBSNMISqf5TeUjysK90LpP/itfrFEAhZCMHkWdKMYUbk2MAah7BqD02pUYEFkgMu8IE6hD0IdpmegwSejoKLjoY7syaFU7A0HhQA2e4cJytImvAAAAABJRU5ErkJggg==', 
+		'C' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QGBbPqVFqAAAAB3RJTUUH0wUOEC4BEGemqAAAAAlwSFlzAAALEgAACxIB0t1+/AAAASlJREFUeNpj/M9AHGAiUt2owkGrkAWV+3TDgRtPPjBwyGiYBOijSv1HAlcCkGUcTiDLISvsQDOeZQp2hQWYDpuCTeEEbD44ganwDgc2vxpgKoyAyUWc+f9hjgCMtwFd4RuYRxog/ueBcl3QFc6BSmj8gfBrwE40yFmCrjABqrAH5mSZgJ4jX7AEjwlU4Zn/OAAsrp9AaRlccc0IzdeMsBilOPWQrBDmtpfEKnwBpZ8qZq58i6IS6vscKHcBcgQYlOz4gh6OK6AKfaB8G5hN6Aq/wBLPHjB3CczCFIzUA0u2PD0v/j9pgaf1ExgK3wgwYAEOWFL4GizqWC5gyzM1mArnEJkLZ2DPhf//n3BAVmeDkq8ZUZPL3TUn7gBLCgYFBYsAcxQZRmKrDwABNsv9SJSDwwAAAABJRU5ErkJggg==', 
+		'D' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QGC1+orhOAAAAB3RJTUUH0wUOEC4yr7fHvgAAAAlwSFlzAAALEgAACxIB0t1+/AAAAM9JREFUeNpj/M9AHGAiUt1AKmSBsxiRhXlkNBxCpFFU/ocBTDMyPvxHADwKGRgUbhCpkEHiCZEKGRyIVciwArdCIPPFGg8YzwSvQiBogXFvEFD43wDKnQDl44yZGCh9glAU2sCsJqRQBkq/gMUw3G2wuP6PnU/H9PgRSgsQUvgESosQUngFSqsQUrgCSsNiCFcU7oBx9+CL6w8XamB5SeUPkelxAZEJ1+YPcQolXhCXFTTuEJULOUq+IOVrFgasQELBxMaHG1mEcTiVjwOoEADAIkCnGpmJKgAAAABJRU5ErkJggg==', 
+		'E' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QGDeDwEE0AAAAB3RJTUUH0wUOEC8CkHXGUwAAAAlwSFlzAAALEgAACxIB0t1+/AAAAD5JREFUeNpj/M9AHGAiUt2owkGrkAXGYMQqjUgJQ8EzpPsa05+D140oMYTk4KEQ4MMqZqgUhcM1czESW30AABfqB1XDnLzcAAAAAElFTkSuQmCC', 
+		'F' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QGQe8AkDZAAAAB3RJTUUH0wUOEC8JB6cf2wAAAAlwSFlzAAALEgAACxIB0t1+/AAAADlJREFUeNpj/M9AHGAiUt3wUsiCYDJikUYE3lDwDDm+xvTp4HUjIoaQXTsUAnxYxcyoQryAcUSWuAAW/gZTg/yEMAAAAABJRU5ErkJggg==', 
+		'G' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QGRFI1vWIAAAAB3RJTUUH0wUOEC8QY8y3GwAAAAlwSFlzAAALEgAACxIB0t1+/AAAASZJREFUeNpj/M9AHGAiUt0IVciCwvt7ZM+FOy8+MDBwSEho2AQII8v9R4A/U2RQtHEUfEBIIim8YYBhn8oNLAqP8GBxmcwbDIU3sKljYIhAV/jHgAE7uICmcAJMQqDmwp//D2YowPgxqAr/wPyr8QAi8EEHwleIQFW4BxYicG+eEHEomHECET5QhRVQhQn/cQFoFJ6AKgwgFNcPoFwdnAoZIXmGERahKDwkIdqlR1j4PiRW4RVCCmExvQenQrSYEXiDiAoUBfC4loAK23yBSnzArhCRehRmAJPFnRUxHDgU/lDA7zZECj/Cgl2dAkaeWYNVZcoHDIX/94hgKLM4gS27/v9QIICizGMDkiQjSon7c8eBCw+e/GFgkZEwsHCRRpZiHE5FMwCa2YE+WcAOUwAAAABJRU5ErkJggg==', 
+		'H' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QGRw2Z4k1AAAAB3RJTUUH0wUOEC8agxleBQAAAAlwSFlzAAALEgAACxIB0t1+/AAAAD1JREFUeNpj/M9AHGAiUt2oQvyABUozQml4+KMLDAXPDAWFLGh8RlwKh4JnaB88GOlxELhxVCFewDgEynAAN2sFVHAvevkAAAAASUVORK5CYII=', 
+		'I' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QGSlg1E0WAAAAB3RJTUUH0wUOEC86uHd+zQAAAAlwSFlzAAALEgAACxIB0t1+/AAAAD5JREFUeNpj/M9AHGAiUt1AKmRBMBkxJJE9OhQ8Q32FjGhxDQsjjCQwFDwzqnCwKkRKZqO5EBMwDqcSl2iFAMMeB0s/kLo2AAAAAElFTkSuQmCC', 
+		'J' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QGywiiNsbAAAAB3RJTUUH0wUOEDAFw0tdbgAAAAlwSFlzAAALEgAACxIB0t1+/AAAAKdJREFUeNpj/M9AHGAiUh3xClmwijJCaSR3Ud/qUYWjCklTyIHEhifctw8ePHgCxO+B7L9QMQlsChW+QOiX4gwMd6BiItisVoHSB6AYWQwM/kNBBszkC/9PwKyc8B8B4Ar3YPHMHWwK/xtgqAv4j1XhEfScK/EEu8L/a1BVStz4j0Ph/yPItoe8QFH3nxGlkNq75cKDB0DDVBwitNEcwjhwpdmoQrwAAN6ioiFapgUdAAAAAElFTkSuQmCC', 
+		'K' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHAEoFhGpAAAAB3RJTUUH0wUOEDANzZDVXAAAAAlwSFlzAAALEgAACxIB0t1+/AAAAPZJREFUeNpj/M9AHGAiUt2owgFSyAgFMOGDrDARxkKo0H8wYEDh/b/AAzepACqEVeEdCQx1WBW+0ICry/mPR+EXE7i6kD94FP5xwaYOi8IIrOowFRbA1Xkgq8NQ2ANXZ/PlPx6FS3CpQ1fIAmOIoKn7jxbXf2CMNxvQIxvVRAQQ+YDXaiSQQqxChiOEFGoIQGidP/gVStxogLI68CqUuPH/BzSVcTzAoxCo7v//ObBIxK0QrO7/H1iCXIFT4QkIFxbaMh9wKYQJO0D5OYQUnoDF/QkCCuHJ1+APAYV3YOloAgGF8JTO84SAwjfQiGQIgPAZqV4rAACnKSarzdlc4gAAAABJRU5ErkJggg==', 
+		'L' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHA64qQw4AAAAB3RJTUUH0wUOEDAXMPIsJgAAAAlwSFlzAAALEgAACxIB0t1+/AAAADlJREFUeNpj/M9AHGAiUt2QUMiCYDJCaezhMBQ8M6pwVCEdFLJgCjEisRH5Zyh4hvoKGUdkQUq0QgARaARRV9jUFQAAAABJRU5ErkJggg==', 
+		'M' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHBhMfblpAAAAB3RJTUUH0wUOEDAqaJpgNwAAAAlwSFlzAAALEgAACxIB0t1+/AAAAPNJREFUeNrdlK0OgzAUhS8bCQYxMYmcmEAgEAgejQfZQyG2pAIxOYlATkAu691o2tvSYia2iv7lyzn3NG0jhG1tt5H7Aggom7ZuaKPhBFqKV+pFWDGjjcxStEAYXuvBkrKtoVX+gdRiK9i6sxjgeVGUMJzWwZLACaZOTqoAOAronmrlBuvPkQsIgHn8BqnE2AMmhaaYJ57jqTRFMwsDyW249XaJLhAujizm7UFM5XCUXTqiTvBLQYWRc7H3WWt+3NmlyGbOGh9q/45mjQxUb+CA6A2jSqu5MweX0ooQWLJxLYx6fz0GwmBOsww5GP3At/dX4Ayb7qpFI9y5ygAAAABJRU5ErkJggg==', 
+		'N' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHC6DxyzwAAAAB3RJTUUH0wUOEDAye/b4YQAAAAlwSFlzAAALEgAACxIB0t1+/AAAALRJREFUeNpj/M9AHGAiUt0IV8gIARsRMlAROP8/BEB5Ii/+/0cVgXNRhRk8iFXIMIFYhRxXiFTIYPCDSIUMBcQqZNhDrEKZN0QqZAggViHDHIIKRSAUzx1CCrdAaZM/BBT+z4Eyaggp/KEDYbAcIaDw/wUWCEuBkML/PagBgFvhfxdiFT4RIVLh/zXEKvyfQqzCLypEKvx/hoVIhf9biFX4x4ZIhf8fCBCp8P8KNBHG4VQ0AwDEOyeZhO5p1AAAAABJRU5ErkJggg==', 
+		'O' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHQExDSDoAAAAB3RJTUUH0wUOEDA4myMRfwAAAAlwSFlzAAALEgAACxIB0t1+/AAAATtJREFUeNpj/M9AHGAiUt3wUsiCyv265ciZJ08YGGRkDGwCuFGk/iOBDwU8SDIcGS+Q5JAV7hBBs45nAVaFC1gwXTYBi8IdWNQxMCzAUPhBBJs6Bp4n6AoLYFI6az78f7NEB8ZNQFP4QwAqEfADwg+A+f0NqsI1UHGBDzCnSKC6EhYzB6B0Cj+UwZ+CKgNTeAZKu8C94QGlL6DGjAyU+wAeXC+gIiIQLiM0KzDC9CFCBlWICsnsL3aFMDc+hcs8QZWBKYSF2g24whvYFZpA6T1whUegNCwyoYGxAmYyLGZ+wOxYghqFX2BpO+APmP8nBspHj2uk1LPizf8PGyxgXPTUQ3x6JDqF//8/AYs6bHkGmCYF0O3FnguBCSaFA0kZS8IDJDlG1IIUVFK8eABMWzI6DgHCyDKMI7LEBQCD5YgI9wbKGgAAAABJRU5ErkJggg==', 
+		'P' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHQvR2Mn2AAAAB3RJTUUH0wUOEDEDMzPJGgAAAAlwSFlzAAALEgAACxIB0t1+/AAAAKVJREFUeNpj/M9AHGAiUh05ChlRAKdu4k5Ulf9hANMQiwf/EQCfQgaJB0QqZHAhViHDEbg0AV8vwRM8QN0v5vBAOSfw+BrMWQDl8MClGeEKGGEKQcRXHmQemTGD1RMy+N14o4MDyvGAS7NgGMaIzPHAYyIy4HhBZMy0EBmFIX+IUsjRgqQOi2fAgEVBwyVGGEUEQw2O3EbLzDWSFDIOhtJsVCEWAAC/Yt2X+2PYcgAAAABJRU5ErkJggg==', 
+		'Q' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHRxSC0wxAAAAB3RJTUUH0wUOEDEKSu9xvgAAAAlwSFlzAAALEgAACxIB0t1+/AAAAW1JREFUeNpj/M9AHGAiUt2QUMiCzPm65cCZF08YGGRkDBx8uNFU/oeDDwU8SOIcBS/+IwOEwh0iaEYIrMCqcA4LprsmYFG4A4s6BoYFGAo/iGBTx8DzAl1hAUxKZ8WH/29W6MC4KWgKfwhAJXx+gPl/QmB+/4KqcANUXOQDVPiLBFRkCUwhJGb2wGzihzK4U6CMA6hReAbKc4F7wwFKX0CNGRkoB+HJJ1ARGZgAIziFM8J0IUIGXYjMZPaXkEJYYDyBiz+EuRFVoQKUdwWIz6qWvmRguAMVkUBVaIIUalPu9GgshIefAWrwrIHp//L/DQc4KjFiBi2uQ/7832KB5AX0uP5fAZOx2PDhfwNCIXrq+f9BhgEb4HmCkcL3YE3hSHkBnmfWYFMpsoaYXAgGDgcwFKLlaxYOCG2DqRCYrldkmIACUMIgZsaTI5Cg3IBNISp4AoovlT+EFf7/kYPkb3wK//8/YAGPGcYhUIYDAHBC9Yak1w7iAAAAAElFTkSuQmCC', 
+		'R' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHSkEuIgSAAAAB3RJTUUH0wUOEDEUsOBM3QAAAAlwSFlzAAALEgAACxIB0t1+/AAAAOZJREFUeNpj/M9AHGAiUh0NFLJAaUY0YRkJHYcQdmSh/xCAzRCZHf8RAJ9CBpYNRCpkEHgBV4jfMx+mEOVGIDDAaTWY82aPBZTLgV8hUCkaH6cbP8B8gxHgyODjgwstMDfiVIgWQyFE+lrhB3EBznOFuJgxuUFMXPPEbPmDpA53FH55osKMIoAe4F826MDMvPMfj9WgWFGBBeIf/Ar/H4FxJhBQ+B8WzCIfCCi8A4uvBgIK/2fA/POCgMIXHFBuDqH02ABLM3cIKPwgAuVHEFD4fwJM4AIBhT9goe4AFWAcAsXesFIIAEvJyZHTCSiTAAAAAElFTkSuQmCC', 
+		'S' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHTRnvuTLAAAAB3RJTUUH0wUOEDEbIF9RTAAAAAlwSFlzAAALEgAACxIB0t1+/AAAAVZJREFUeNpj/M9AHGAiUt2oQvyABYX398CWK3de/GBgkVEw8HFgRpH7jwSWqCDLyCxAlkNS+CcG3boY7AozMB3Wgk3hGSw+4HgBl0b4egIWhT9mYPGMBFQg4MH/D2tgvrKASzPC0yMjlP7CDSTOmrDIMDDwiHBsxzSRBypw5j9WgFDoAPNAxIQjX/ApXIDsC4OCLV9wKfzjwIACOEIO4IiZFxbooePzAqvC/z9qONBUStzAqvD//zc9BqgqNX5gVwgETxbkmCClvSk4FYLdsCMCptAGI2YSGV78+PLmz5MX4mDu1ByIMM9n9JiBxe4caGChy8MZMMsUIEFyAMoVwVC4BGaEwpI3/9/MEYGlJQyFPwQYsIE1mL7GlnCR0iNSXLtgqpO4gy1mvtigq1NAxCBKgP9pEUFWxlOCnNIYUYrmn3v23Ljx5gsw88sYOPhwI0sxDoEyHAABtSc836a1EQAAAABJRU5ErkJggg==', 
+		'T' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHgUdTbcyAAAAB3RJTUUH0wUOEDEgkVS4aAAAAAlwSFlzAAALEgAACxIB0t1+/AAAADdJREFUeNpj/M9AHGAiUt0IVcgCpRlxyMODeSh4hmiFjGipB+Z7jEQ1FDwzqnBU4WBSyDicimYAb/AFTaJpyH8AAAAASUVORK5CYII=', 
+		'U' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHhEHl2NPAAAAB3RJTUUH0wUOEDEon48wWgAAAAlwSFlzAAALEgAACxIB0t1+/AAAAKlJREFUeNpj/M9AHGAiUh3xClmgNCOUhrsEXYD6Vo8qHFVIuUIVKP0USr+E0jLoCjWg9A4ovQVNHJjUIaADZsILMPeFApRfA5X/D1N4AaZRYc6b/2+WwNQxXEBX+N8Bqxcc/mMoPMGCRR3LBUyF/2dgUTjjPxaF/6egm8ky5T9Whf9P2KCoMziBJPefEaWQurjnzIMXL34wsMhoWHiYo2hjHLjSbFQhXgAAKzejCLAOcVMAAAAASUVORK5CYII=', 
+		'V' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHh/gL05IAAAAB3RJTUUH0wUOEDEuduyVbwAAAAlwSFlzAAALEgAACxIB0t1+/AAAAVNJREFUeNpj/M9AHGAiUt2owoFRaMgIAYlIMqlQMUMo/z8ITIByRP78hwMRqNgECBei8AULVPQIXN0RqAjLGwgfYrW4B1R4DdzmLVDaQxjZ6v8roDwVuIkqMK3/ka3+/0MAKn4FKn4D5uof/5GtZmCPgEpsQHNDBDsDitVwt5tA+RZQ/pn/qFYj3PQEzHsC5WnA3QyPmQQU3+5AE0VYDTfDBcxzgQbik/8YVv93gMp9AbK/cEAD8T+m1TBb/oD8veEHhs0IE2GmxADZMRAmz4//WKxGkv3DA2Gm/MeqcA/Ujj1w1hHsCv/LQKQz/megRzyawgqIvAxMRwsuhbCEAEvGT3AphEUwNCU5IEv9R8lcUH9/wAxE5HAEgjccSBI8X3CbKOyBxAnhxm3i/w1IEgdQZFA98/+PCFydDKo6VKsZmGPQ0wgOq/+fgYvfQTORkeq1AgCIAvD7+THsDgAAAABJRU5ErkJggg==', 
+		'W' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QFhZRKnzkAAAAB3RJTUUH0wUOEDIR66frkQAAAAlwSFlzAAALEgAACxIB0t1+/AAAAXNJREFUeNrtlK1ywkAUhZdMZsJMKyIqKhAIBAKBiEBEVCDyCJV9iIo+Do9QGRERgUBEVCAqKhAIREVERURnTvfn3t27xSA6g+kOQ/ZkP/aec5NlBHXZSC7k/sE/AhUwoVkDPQ58/2RUQ2IC6B1XpN7MV8tg62/pUdjSDO7OwR2J0pbekpqZYlMG50bNSGwBDQ4pyV5YtCZ7mqZf1mO2IN2Jynba0XRx49pThjQCbEKWFfVRpIlBzlK4PuLdpxEWlTr4LHvYMEDOaTYS3HCW3DAJt8mmaSXYchZbOfEzkyYGZRbrEbX8qe7GMpLqFeyxV9F4fon1pwcxjxbqJpJTBPBJLoyHYSz1I3xq78aOMssepHZZHFjKhbX9/AZd6e9bsdABeyHTQXiE2PLO6PugCwiP/r1QVLYSlpXwKE1Wno7b7jY+hoWj0aegPyA9+jPrzgqwZJ0j8hhMVtElmDoD19FFPAvamc+sOXBm+KdYEzC63p/9D7Tr72kj/8qjAAAAAElFTkSuQmCC', 
+		'X' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHi/G9n7kAAAAB3RJTUUH0wUOEDIXAsROpAAAAAlwSFlzAAALEgAACxIB0t1+/AAAAT9JREFUeNpj/M9AHGAiUt3IVhjKCAFr4RJroSKBMIH/YPBEAMITeQLh//8gAxHggQlAFf6fAdXnA+WnQPkT/qMp/O8AlVkA5h2A8kz+YCi8wQGREngA5PxQgXBYzvzHUPi/A2qIA5BdAmUX/Mei8I8BVHbK/wssEJbMB2wK/5+ASvPcgGlZ8x+rQriFAmghgKHwiwJKXPA8wKXw/x4UhT3/cSr8n4CkzuAPHoVvRODqWE6gyPxHTT1ffiAUCjCgAhRtDkgSFnisnoJixAScCh/wEBk8DmiucsChcA5MQQSMMQWrQlgiZ0iAByey5QiFPlBZnS//v+hgxjZc4QKYKVeAnCswby3AUAi3eAGKNoEn6Ap94A5EjXUfNIUrEA6EALgzl6AohCUGsAMhAOZMkTfICkMw3I5wZgiEyzicimYAFRFkVwgDfJ0AAAAASUVORK5CYII=', 
+		'Y' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHjkyIsu1AAAAB3RJTUUH0wUOEDIkvRQvsgAAAAlwSFlzAAALEgAACxIB0t1+/AAAANJJREFUeNrt1L0NgzAQBWAcUVB6AAZgBAoKhmAICoZgCAoKxmAECkbwABSUlBRILwF8duwYhFJEihJ37+6T5T9g8K6N20X3FdDDNjKKOeTIqZLtWcKBU73bCx1lPhgQNTWieY1zRLmGCZFQp1xTSSmBDUUgW754BF+GQLxAPUkMxMb0FlzUsqpKLXhxQPRqo+oIerggCvuMC7jhFJounA4gWhO2OIL6Jp/uzglHrh0fTyAaDRucQaTkUpxDQVBYDWZ/hYze6bsv/A8/DNlP/kgvwzuer4kCMGPZDgAAAABJRU5ErkJggg==', 
+		'Z' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHwfqWOdfAAAAB3RJTUUH0wUOEDIrLasyIwAAAAlwSFlzAAALEgAACxIB0t1+/AAAAL5JREFUeNrl1C0OwkAQBWCWQIJEVPQIFT0GAlHBMRBIBKIHqahAIDlERY9R0UOs3ORh5qVLunmp5GfUZvczbzKzDqtltV7ofgtueHCp16h33xBGwn0KYqoTO/J868Csaj418e0cPujOkLDfmTsECcfcXOGhoC/NZQMUDBUDd5DwxiAtJGzprpCw48xVQcIhM1d6KOgLc/kIBcORgXtIeGGQOyRs6Oq0g7P92YbkRE7bRZhcwhh+6nLF5f7yx30B8Z7FgxzMWtEAAAAASUVORK5CYII=', 
+	);
+
+	return $_png;
+}
+
+?>
--- a/phpBB/includes/usercp_email.php
+++ b/phpBB/includes/usercp_email.php
@@ -27,21 +27,26 @@ if ( !defined('IN_PHPBB') )
 	exit;
 }

-if ( !$userdata['session_logged_in'] )
+// Is send through board enabled? No, return to index
+if (!$board_config['board_email_form'])
 {
-	header('Location: ' . append_sid("login.$phpEx?redirect=profile.$phpEx&mode=email&" . POST_USERS_URL . "=$user_id", true));
-	exit;
+	redirect(append_sid("index.$phpEx", true));
 }

 if ( !empty($HTTP_GET_VARS[POST_USERS_URL]) || !empty($HTTP_POST_VARS[POST_USERS_URL]) )
 {
-	$user_id = ( !empty($HTTP_GET_VARS[POST_USERS_URL]) ) ? $HTTP_GET_VARS[POST_USERS_URL] : $HTTP_POST_VARS[POST_USERS_URL];
+	$user_id = ( !empty($HTTP_GET_VARS[POST_USERS_URL]) ) ? intval($HTTP_GET_VARS[POST_USERS_URL]) : intval($HTTP_POST_VARS[POST_USERS_URL]);
 }
 else
 {
 	message_die(GENERAL_MESSAGE, $lang['No_user_specified']);
 }

+if ( !$userdata['session_logged_in'] )
+{
+	redirect(append_sid("login.$phpEx?redirect=profile.$phpEx&mode=email&" . POST_USERS_URL . "=$user_id", true));
+}
+
 $sql = "SELECT username, user_email, user_viewemail, user_lang  
 	FROM " . USERS_TABLE . " 
 	WHERE user_id = $user_id";
@@ -94,16 +99,13 @@ if ( $result = $db->sql_query($sql) )
 					include($phpbb_root_path . 'includes/emailer.'.$phpEx);
 					$emailer = new emailer($board_config['smtp_delivery']);

-					$email_headers = 'From: ' . $userdata['user_email'] . "\n";
-					if ( !empty($HTTP_POST_VARS['cc_email']) )
-					{
-						$email_headers .= "Cc: " . $userdata['user_email'] . "\n";
-					}
-					$email_headers .= 'Return-Path: ' . $userdata['user_email'] . "\n";
-					$email_headers .= 'X-AntiAbuse: Board servername - ' . $server_name . "\n";
+					$emailer->from($userdata['user_email']);
+					$emailer->replyto($userdata['user_email']);
+
+					$email_headers = 'X-AntiAbuse: Board servername - ' . $server_name . "\n";
 					$email_headers .= 'X-AntiAbuse: User_id - ' . $userdata['user_id'] . "\n";
 					$email_headers .= 'X-AntiAbuse: Username - ' . $userdata['username'] . "\n";
-					$email_headers .= 'X-AntiAbuse: User IP - ' . decode_ip($user_ip) . "\r\n";
+					$email_headers .= 'X-AntiAbuse: User IP - ' . decode_ip($user_ip) . "\n";

 					$emailer->use_template('profile_send_email', $user_lang);
 					$emailer->email_address($user_email);
@@ -120,6 +122,25 @@ if ( $result = $db->sql_query($sql) )
 					$emailer->send();
 					$emailer->reset();

+					if ( !empty($HTTP_POST_VARS['cc_email']) )
+					{
+						$emailer->from($userdata['user_email']);
+						$emailer->replyto($userdata['user_email']);
+						$emailer->use_template('profile_send_email');
+						$emailer->email_address($userdata['user_email']);
+						$emailer->set_subject($subject);
+
+						$emailer->assign_vars(array(
+							'SITENAME' => $board_config['sitename'], 
+							'BOARD_EMAIL' => $board_config['board_email'], 
+							'FROM_USERNAME' => $userdata['username'], 
+							'TO_USERNAME' => $username, 
+							'MESSAGE' => $message)
+						);
+						$emailer->send();
+						$emailer->reset();
+					}
+
 					$template->assign_vars(array(
 						'META' => '<meta http-equiv="refresh" content="5;url=' . append_sid("index.$phpEx") . '">')
 					);
@@ -156,7 +177,8 @@ if ( $result = $db->sql_query($sql) )
 		$template->assign_vars(array(
 			'USERNAME' => $username,

-			'S_POST_ACTION' => append_sid("profile.$phpEx?&amp;mode=email&amp;" . POST_USERS_URL . "=$user_id"), 
+			'S_HIDDEN_FIELDS' => '', 
+			'S_POST_ACTION' => append_sid("profile.$phpEx?mode=email&amp;" . POST_USERS_URL . "=$user_id"), 

 			'L_SEND_EMAIL_MSG' => $lang['Send_email_msg'], 
 			'L_RECIPIENT' => $lang['Recipient'], 
--- a/phpBB/includes/usercp_register.php
+++ b/phpBB/includes/usercp_register.php
@@ -1,6 +1,6 @@
 <?php
 /***************************************************************************
- *                            usercp_register.php 
+ *                            usercp_register.php
 *                            -------------------
 *   begin                : Saturday, Feb 13, 2001
 *   copyright            : (C) 2001 The phpBB Group
@@ -21,31 +21,46 @@
 *
 ***************************************************************************/

+/*
+
+	This code has been modified from its original form by psoTFX @ phpbb.com
+	Changes introduce the back-ported phpBB 2.2 visual confirmation code. 
+
+	NOTE: Anyone using the modified code contained within this script MUST include
+	a relevant message such as this in usercp_register.php ... failure to do so 
+	will affect a breach of Section 2a of the GPL and our copyright
+
+	png visual confirmation system : (c) phpBB Group, 2003 : All Rights Reserved
+
+*/
+
 if ( !defined('IN_PHPBB') )
 {
 	die("Hacking attempt");
 	exit;
 }

-//
+$unhtml_specialchars_match = array('#&gt;#', '#&lt;#', '#&quot;#', '#&amp;#');
+$unhtml_specialchars_replace = array('>', '<', '"', '&');
+
+// ---------------------------------------
 // Load agreement template since user has not yet
 // agreed to registration conditions/coppa
 //
-function show_coppa(&$coppa)
+function show_coppa()
 {
-	global $template, $lang, $phpbb_root_path, $phpEx;
+	global $userdata, $template, $lang, $phpbb_root_path, $phpEx;

 	$template->set_filenames(array(
 		'body' => 'agreement.tpl')
 	);

 	$template->assign_vars(array(
-		'COPPA' => $coppa,
-		'REGISTRATION' => $lang['Registration'], 
-		'AGREEMENT' => $lang['Reg_agreement'], 
-		"AGREE_OVER_13" => $lang['Agree_over_13'], 
-		"AGREE_UNDER_13" => $lang['Agree_under_13'], 
-		'DO_NOT_AGREE' => $lang['Agree_not'], 
+		'REGISTRATION' => $lang['Registration'],
+		'AGREEMENT' => $lang['Reg_agreement'],
+		"AGREE_OVER_13" => $lang['Agree_over_13'],
+		"AGREE_UNDER_13" => $lang['Agree_under_13'],
+		'DO_NOT_AGREE' => $lang['Agree_not'],

 		"U_AGREE_OVER13" => append_sid("profile.$phpEx?mode=register&amp;agreed=true"),
 		"U_AGREE_UNDER13" => append_sid("profile.$phpEx?mode=register&amp;agreed=true&amp;coppa=true"))
@@ -55,8 +70,7 @@ function show_coppa(&$coppa)

 }
 //
-//
-//
+// ---------------------------------------

 $error = FALSE;
 $page_title = ( $mode == 'editprofile' ) ? $lang['Edit_profile'] : $lang['Register'];
@@ -65,21 +79,21 @@ if ( $mode == 'register' && !isset($HTTP_POST_VARS['agreed']) && !isset($HTTP_GE
 {
 	include($phpbb_root_path . 'includes/page_header.'.$phpEx);

-	show_coppa($coppa);
+	show_coppa();

 	include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
 }

-$coppa = ( ( !$HTTP_POST_VARS['coppa'] && !$HTTP_GET_VARS['coppa'] ) || $mode == 'register' ) ? 0 : TRUE;
+$coppa = ( empty($HTTP_POST_VARS['coppa']) && empty($HTTP_GET_VARS['coppa']) ) ? 0 : TRUE;

 //
 // Check and initialize some variables if needed
 //
-if ( 
-	isset($HTTP_POST_VARS['submit']) || 
-	isset($HTTP_POST_VARS['avatargallery']) || 
-	isset($HTTP_POST_VARS['submitavatar']) || 
-	isset($HTTP_POST_VARS['cancelavatar']) || 
+if (
+	isset($HTTP_POST_VARS['submit']) ||
+	isset($HTTP_POST_VARS['avatargallery']) ||
+	isset($HTTP_POST_VARS['submitavatar']) ||
+	isset($HTTP_POST_VARS['cancelavatar']) ||
 	$mode == 'register' )
 {
 	include($phpbb_root_path . 'includes/functions_validate.'.$phpEx);
@@ -89,20 +103,24 @@ if (
 	if ( $mode == 'editprofile' )
 	{
 		$user_id = intval($HTTP_POST_VARS['user_id']);
-		$current_email = trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['current_email'])));
+		$current_email = trim(htmlspecialchars($HTTP_POST_VARS['current_email']));
 	}

 	$strip_var_list = array('username' => 'username', 'email' => 'email', 'icq' => 'icq', 'aim' => 'aim', 'msn' => 'msn', 'yim' => 'yim', 'website' => 'website', 'location' => 'location', 'occupation' => 'occupation', 'interests' => 'interests');
+	$strip_var_list['confirm_code'] = 'confirm_code';

+	// Strip all tags from data ... may p**s some people off, bah, strip_tags is
+	// doing the job but can still break HTML output ... have no choice, have
+	// to use htmlspecialchars ... be prepared to be moaned at.
 	while( list($var, $param) = @each($strip_var_list) )
 	{
 		if ( !empty($HTTP_POST_VARS[$param]) )
 		{
-			$$var = trim(strip_tags($HTTP_POST_VARS[$param]));
+			$$var = trim(htmlspecialchars($HTTP_POST_VARS[$param]));
 		}
 	}

-	$trim_var_list = array('password_current' => 'cur_password', 'password' => 'new_password', 'password_confirm' => 'password_confirm', 'signature' => 'signature');
+	$trim_var_list = array('cur_password' => 'cur_password', 'new_password' => 'new_password', 'password_confirm' => 'password_confirm', 'signature' => 'signature');

 	while( list($var, $param) = @each($trim_var_list) )
 	{
@@ -112,11 +130,9 @@ if (
 		}
 	}

-	$username = str_replace('&nbsp;', '', $username);
-	$email = htmlspecialchars($email);
 	$signature = str_replace('<br />', "\n", $signature);

-	// Run some validation on the optional fields. These are pass-by-ref, so they'll be changed to 
+	// Run some validation on the optional fields. These are pass-by-ref, so they'll be changed to
 	// empty strings if they fail.
 	validate_optional_fields($icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature);

@@ -124,7 +140,7 @@ if (
 	$allowviewonline = ( isset($HTTP_POST_VARS['hideonline']) ) ? ( ($HTTP_POST_VARS['hideonline']) ? 0 : TRUE ) : TRUE;
 	$notifyreply = ( isset($HTTP_POST_VARS['notifyreply']) ) ? ( ($HTTP_POST_VARS['notifyreply']) ? TRUE : 0 ) : 0;
 	$notifypm = ( isset($HTTP_POST_VARS['notifypm']) ) ? ( ($HTTP_POST_VARS['notifypm']) ? TRUE : 0 ) : TRUE;
-	$popuppm = ( isset($HTTP_POST_VARS['popup_pm']) ) ? ( ($HTTP_POST_VARS['popup_pm']) ? TRUE : 0 ) : TRUE;
+	$popup_pm = ( isset($HTTP_POST_VARS['popup_pm']) ) ? ( ($HTTP_POST_VARS['popup_pm']) ? TRUE : 0 ) : TRUE;

 	if ( $mode == 'register' )
 	{
@@ -140,7 +156,7 @@ if (

 		$allowhtml = ( isset($HTTP_POST_VARS['allowhtml']) ) ? ( ($HTTP_POST_VARS['allowhtml']) ? TRUE : 0 ) : $userdata['user_allowhtml'];
 		$allowbbcode = ( isset($HTTP_POST_VARS['allowbbcode']) ) ? ( ($HTTP_POST_VARS['allowbbcode']) ? TRUE : 0 ) : $userdata['user_allowbbcode'];
-		$allowsmilies = ( isset($HTTP_POST_VARS['allowsmilies']) ) ? ( ($HTTP_POST_VARS['allowsmilies']) ? TRUE : 0 ) : $userdata['user_allowsmiles'];
+		$allowsmilies = ( isset($HTTP_POST_VARS['allowsmilies']) ) ? ( ($HTTP_POST_VARS['allowsmilies']) ? TRUE : 0 ) : $userdata['user_allowsmile'];
 	}

 	$user_style = ( isset($HTTP_POST_VARS['style']) ) ? intval($HTTP_POST_VARS['style']) : $board_config['default_style'];
@@ -149,7 +165,7 @@ if (
 	{
 		if ( preg_match('/^[a-z_]+$/i', $HTTP_POST_VARS['language']) )
 		{
-			$user_lang = $HTTP_POST_VARS['language'];
+			$user_lang = htmlspecialchars($HTTP_POST_VARS['language']);
 		}
 		else
 		{
@@ -163,11 +179,21 @@ if (
 	}

 	$user_timezone = ( isset($HTTP_POST_VARS['timezone']) ) ? doubleval($HTTP_POST_VARS['timezone']) : $board_config['board_timezone'];
-	$user_dateformat = ( !empty($HTTP_POST_VARS['dateformat']) ) ? trim($HTTP_POST_VARS['dateformat']) : $board_config['default_dateformat'];

-	$user_avatar_local = ( isset($HTTP_POST_VARS['avatarselect']) && !empty($HTTP_POST_VARS['submitavatar']) && $board_config['allow_avatar_local'] ) ? $HTTP_POST_VARS['avatarselect'] : ( ( isset($HTTP_POST_VARS['avatarlocal'])  ) ? $HTTP_POST_VARS['avatarlocal'] : '' );
+	$sql = "SELECT config_value
+		FROM " . CONFIG_TABLE . "
+		WHERE config_name = 'default_dateformat'";
+	if ( !($result = $db->sql_query($sql)) )
+	{
+		message_die(GENERAL_ERROR, 'Could not select default dateformat', '', __LINE__, __FILE__, $sql);
+	}
+	$row = $db->sql_fetchrow($result);
+	$board_config['default_dateformat'] = $row['config_value'];
+	$user_dateformat = ( !empty($HTTP_POST_VARS['dateformat']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['dateformat'])) : $board_config['default_dateformat'];

-	$user_avatar_remoteurl = ( !empty($HTTP_POST_VARS['avatarremoteurl']) ) ? trim($HTTP_POST_VARS['avatarremoteurl']) : '';
+	$user_avatar_local = ( isset($HTTP_POST_VARS['avatarselect']) && !empty($HTTP_POST_VARS['submitavatar']) && $board_config['allow_avatar_local'] ) ? htmlspecialchars($HTTP_POST_VARS['avatarselect']) : ( ( isset($HTTP_POST_VARS['avatarlocal'])  ) ? htmlspecialchars($HTTP_POST_VARS['avatarlocal']) : '' );
+
+	$user_avatar_remoteurl = ( !empty($HTTP_POST_VARS['avatarremoteurl']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['avatarremoteurl'])) : '';
 	$user_avatar_upload = ( !empty($HTTP_POST_VARS['avatarurl']) ) ? trim($HTTP_POST_VARS['avatarurl']) : ( ( $HTTP_POST_FILES['avatar']['tmp_name'] != "none") ? $HTTP_POST_FILES['avatar']['tmp_name'] : '' );
 	$user_avatar_name = ( !empty($HTTP_POST_FILES['avatar']['name']) ) ? $HTTP_POST_FILES['avatar']['name'] : '';
 	$user_avatar_size = ( !empty($HTTP_POST_FILES['avatar']['size']) ) ? $HTTP_POST_FILES['avatar']['size'] : 0;
@@ -176,12 +202,13 @@ if (
 	$user_avatar = ( empty($user_avatar_loc) && $mode == 'editprofile' ) ? $userdata['user_avatar'] : '';
 	$user_avatar_type = ( empty($user_avatar_loc) && $mode == 'editprofile' ) ? $userdata['user_avatar_type'] : '';

-	if ( isset($HTTP_POST_VARS['avatargallery']) || isset($HTTP_POST_VARS['submitavatar']) || isset($HTTP_POST_VARS['cancelavatar']) )
+	if ( (isset($HTTP_POST_VARS['avatargallery']) || isset($HTTP_POST_VARS['submitavatar']) || isset($HTTP_POST_VARS['cancelavatar'])) && (!isset($HTTP_POST_VARS['submit'])) )
 	{
 		$username = stripslashes($username);
 		$email = stripslashes($email);
-		$password = '';
-		$password_confirm = '';
+		$cur_password = htmlspecialchars(stripslashes($cur_password));
+		$new_password = htmlspecialchars(stripslashes($new_password));
+		$password_confirm = htmlspecialchars(stripslashes($password_confirm));

 		$icq = stripslashes($icq);
 		$aim = stripslashes($aim);
@@ -197,7 +224,7 @@ if (
 		$user_lang = stripslashes($user_lang);
 		$user_dateformat = stripslashes($user_dateformat);

-		if ( !isset($HTTP_POST_VARS['cancelavatar'])) 
+		if ( !isset($HTTP_POST_VARS['cancelavatar']))
 		{
 			$user_avatar = $user_avatar_local;
 			$user_avatar_type = USER_AVATAR_GALLERY;
@@ -205,6 +232,16 @@ if (
 	}
 }

+//
+// Let's make sure the user isn't logged in while registering,
+// and ensure that they were trying to register a second time
+// (Prevents double registrations)
+//
+if ($mode == 'register' && ($userdata['session_logged_in'] || $username == $userdata['username']))
+{
+	message_die(GENERAL_MESSAGE, $lang['Username_taken'], '', __LINE__, __FILE__);
+}
+
 //
 // Did the user submit? In this case build a query to update the users profile in the DB
 //
@@ -223,25 +260,73 @@ if ( isset($HTTP_POST_VARS['submit']) )
 	}
 	else if ( $mode == 'register' )
 	{
-		$coppa = (!$HTTP_POST_VARS['coppa'] && !$HTTP_GET_VARS['coppa']) ? 0 : TRUE;
-
-		if ( empty($username) || empty($password) || empty($password_confirm) || empty($email) )
+		if ( empty($username) || empty($new_password) || empty($password_confirm) || empty($email) )
 		{
 			$error = TRUE;
 			$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Fields_empty'];
 		}
-		
+	}
+
+	if ($board_config['enable_confirm'] && $mode == 'register')
+	{
+		if (empty($HTTP_POST_VARS['confirm_id']))
+		{
+			$error = TRUE;
+			$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Confirm_code_wrong'];
+		}
+		else
+		{
+			$confirm_id = htmlspecialchars($HTTP_POST_VARS['confirm_id']);
+			if (!preg_match('/^[A-Za-z0-9]+$/', $confirm_id))
+			{
+				$confirm_id = '';
+			}
+			
+			$sql = 'SELECT code 
+				FROM ' . CONFIRM_TABLE . " 
+				WHERE confirm_id = '$confirm_id' 
+					AND session_id = '" . $userdata['session_id'] . "'";
+			if (!($result = $db->sql_query($sql)))
+			{
+				message_die(GENERAL_ERROR, 'Could not obtain confirmation code', __LINE__, __FILE__, $sql);
+			}
+
+			if ($row = $db->sql_fetchrow($result))
+			{
+				if ($row['code'] != $confirm_code)
+				{
+					$error = TRUE;
+					$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Confirm_code_wrong'];
+				}
+				else
+				{
+					$sql = 'DELETE FROM ' . CONFIRM_TABLE . " 
+						WHERE confirm_id = '$confirm_id' 
+							AND session_id = '" . $userdata['session_id'] . "'";
+					if (!$db->sql_query($sql))
+					{
+						message_die(GENERAL_ERROR, 'Could not delete confirmation code', __LINE__, __FILE__, $sql);
+					}
+				}
+			}
+			else
+			{		
+				$error = TRUE;
+				$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Confirm_code_wrong'];
+			}
+			$db->sql_freeresult($result);
+		}
 	}

 	$passwd_sql = '';
-	if ( !empty($password) && !empty($password_confirm) )
+	if ( !empty($new_password) && !empty($password_confirm) )
 	{
-		if ( $password != $password_confirm )
+		if ( $new_password != $password_confirm )
 		{
 			$error = TRUE;
 			$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Password_mismatch'];
 		}
-		else if ( strlen($password) > 32 )
+		else if ( strlen($new_password) > 32 )
 		{
 			$error = TRUE;
 			$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Password_long'];
@@ -250,8 +335,8 @@ if ( isset($HTTP_POST_VARS['submit']) )
 		{
 			if ( $mode == 'editprofile' )
 			{
-				$sql = "SELECT user_password 
-					FROM " . USERS_TABLE . " 
+				$sql = "SELECT user_password
+					FROM " . USERS_TABLE . "
 					WHERE user_id = $user_id";
 				if ( !($result = $db->sql_query($sql)) )
 				{
@@ -260,21 +345,21 @@ if ( isset($HTTP_POST_VARS['submit']) )

 				$row = $db->sql_fetchrow($result);

-				if ( $row['user_password'] != md5($password_current) )
+				if ( $row['user_password'] != md5($cur_password) )
 				{
 					$error = TRUE;
 					$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Current_password_mismatch'];
 				}
 			}
-			
+
 			if ( !$error )
 			{
-				$password = md5($password);
-				$passwd_sql = "user_password = '$password', ";
+				$new_password = md5($new_password);
+				$passwd_sql = "user_password = '$new_password', ";
 			}
 		}
 	}
-	else if ( ( empty($password) && !empty($password_confirm) ) || ( !empty($password) && empty($password_confirm) ) )
+	else if ( ( empty($new_password) && !empty($password_confirm) ) || ( !empty($new_password) && empty($password_confirm) ) )
 	{
 		$error = TRUE;
 		$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Password_mismatch'];
@@ -293,11 +378,11 @@ if ( isset($HTTP_POST_VARS['submit']) )
 			$error = TRUE;
 			$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $result['error_msg'];
 		}
-			
+
 		if ( $mode == 'editprofile' )
 		{
-			$sql = "SELECT user_password 
-				FROM " . USERS_TABLE . " 
+			$sql = "SELECT user_password
+				FROM " . USERS_TABLE . "
 				WHERE user_id = $user_id";
 			if ( !($result = $db->sql_query($sql)) )
 			{
@@ -306,7 +391,7 @@ if ( isset($HTTP_POST_VARS['submit']) )

 			$row = $db->sql_fetchrow($result);

-			if ( $row['user_password'] != md5($password_current) )
+			if ( $row['user_password'] != md5($cur_password) )
 			{
 				$email = $userdata['user_email'];

@@ -321,18 +406,22 @@ if ( isset($HTTP_POST_VARS['submit']) )
 	{
 		if ( empty($username) )
 		{
+			// Error is already triggered, since one field is empty.
 			$error = TRUE;
-			$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Username_disallowed'];
 		}
 		else if ( $username != $userdata['username'] || $mode == 'register' )
 		{
-			$result = validate_username($username);
-			if ( $result['error'] )
+			if (strtolower($username) != strtolower($userdata['username']))
 			{
-				$error = TRUE;
-				$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $result['error_msg'];
+				$result = validate_username($username);
+				if ( $result['error'] )
+				{
+					$error = TRUE;
+					$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $result['error_msg'];
+				}
 			}
-			else
+
+			if (!$error)
 			{
 				$username_sql = "username = '" . str_replace("\'", "''", $username) . "', ";
 			}
@@ -354,15 +443,23 @@ if ( isset($HTTP_POST_VARS['submit']) )
 		$signature = prepare_message($signature, $allowhtml, $allowbbcode, $allowsmilies, $signature_bbcode_uid);
 	}

+	if ( $website != '' )
+	{
+		rawurlencode($website);
+	}
+
+	$avatar_sql = '';
+
 	if ( isset($HTTP_POST_VARS['avatardel']) && $mode == 'editprofile' )
 	{
-		$avatar_sql = user_avatar_delete($userdata['avatar_type'], $userdata['avatar_file']);
+		$avatar_sql = user_avatar_delete($userdata['user_avatar_type'], $userdata['user_avatar']);
 	}
-	else if ( ( !empty($user_avatar_upload) || !empty($user_avatar_name) ) && $board_config['allow_avatar_upload'] )
+
+	if ( ( !empty($user_avatar_upload) || !empty($user_avatar_name) ) && $board_config['allow_avatar_upload'] )
 	{
 		if ( !empty($user_avatar_upload) )
 		{
-			$avatar_mode = ( !empty($user_avatar_name) ) ? 'local' : 'remote';
+			$avatar_mode = (empty($user_avatar_name)) ? 'remote' : 'local';
 			$avatar_sql = user_avatar_upload($mode, $avatar_mode, $userdata['user_avatar'], $userdata['user_avatar_type'], $error, $error_msg, $user_avatar_upload, $user_avatar_name, $user_avatar_size, $user_avatar_filetype);
 		}
 		else if ( !empty($user_avatar_name) )
@@ -375,10 +472,18 @@ if ( isset($HTTP_POST_VARS['submit']) )
 	}
 	else if ( $user_avatar_remoteurl != '' && $board_config['allow_avatar_remote'] )
 	{
+		if ( @file_exists(@phpbb_realpath('./' . $board_config['avatar_path'] . '/' . $userdata['user_avatar'])) )
+		{
+			@unlink(@phpbb_realpath('./' . $board_config['avatar_path'] . '/' . $userdata['user_avatar']));
+		}
 		$avatar_sql = user_avatar_url($mode, $error, $error_msg, $user_avatar_remoteurl);
 	}
 	else if ( $user_avatar_local != '' && $board_config['allow_avatar_local'] )
 	{
+		if ( @file_exists(@phpbb_realpath('./' . $board_config['avatar_path'] . '/' . $userdata['user_avatar'])) )
+		{
+			@unlink(@phpbb_realpath('./' . $board_config['avatar_path'] . '/' . $userdata['user_avatar']));
+		}
 		$avatar_sql = user_avatar_gallery($mode, $error, $error_msg, $user_avatar_local);
 	}

@@ -391,12 +496,13 @@ if ( isset($HTTP_POST_VARS['submit']) )

 		if ( $mode == 'editprofile' )
 		{
-			if ( $email != $current_email && ( $board_config['require_activation'] == USER_ACTIVATION_SELF || $board_config['require_activation'] == USER_ACTIVATION_ADMIN ) && $userdata['user_level'] != ADMIN )
+			if ( $email != $userdata['user_email'] && $board_config['require_activation'] != USER_ACTIVATION_NONE && $userdata['user_level'] != ADMIN )
 			{
 				$user_active = 0;
+
 				$user_actkey = gen_rand_string(true);
-				$key_len = 54 - (strlen($server_url));
-				$key_len = ($key_len > 6) ? $key_len : 6;
+				$key_len = 54 - ( strlen($server_url) );
+				$key_len = ( $key_len > 6 ) ? $key_len : 6;
 				$user_actkey = substr($user_actkey, 0, $key_len);

 				if ( $userdata['session_logged_in'] )
@@ -411,7 +517,7 @@ if ( isset($HTTP_POST_VARS['submit']) )
 			}

 			$sql = "UPDATE " . USERS_TABLE . "
-				SET " . $username_sql . $passwd_sql . "user_email = '" . str_replace("\'", "''", $email) ."', user_icq = '" . str_replace("\'", "''", $icq) . "', user_website = '" . str_replace("\'", "''", $website) . "', user_occ = '" . str_replace("\'", "''", $occupation) . "', user_from = '" . str_replace("\'", "''", $location) . "', user_interests = '" . str_replace("\'", "''", $interests) . "', user_sig = '" . str_replace("\'", "''", $signature) . "', user_sig_bbcode_uid = '$signature_bbcode_uid', user_viewemail = $viewemail, user_aim = '" . str_replace("\'", "''", str_replace(' ', '+', $aim)) . "', user_yim = '" . str_replace("\'", "''", $yim) . "', user_msnm = '" . str_replace("\'", "''", $msn) . "', user_attachsig = $attachsig, user_allowsmile = $allowsmilies, user_allowhtml = $allowhtml, user_allowbbcode = $allowbbcode, user_allow_viewonline = $allowviewonline, user_notify = $notifyreply, user_notify_pm = $notifypm, user_popup_pm = $popuppm, user_timezone = $user_timezone, user_dateformat = '" . str_replace("\'", "''", $user_dateformat) . "', user_lang = '" . str_replace("\'", "''", $user_lang) . "', user_style = $user_style, user_active = $user_active, user_actkey = '" . str_replace("\'", "''", $user_actkey) . "'" . $avatar_sql . "
+				SET " . $username_sql . $passwd_sql . "user_email = '" . str_replace("\'", "''", $email) ."', user_icq = '" . str_replace("\'", "''", $icq) . "', user_website = '" . str_replace("\'", "''", $website) . "', user_occ = '" . str_replace("\'", "''", $occupation) . "', user_from = '" . str_replace("\'", "''", $location) . "', user_interests = '" . str_replace("\'", "''", $interests) . "', user_sig = '" . str_replace("\'", "''", $signature) . "', user_sig_bbcode_uid = '$signature_bbcode_uid', user_viewemail = $viewemail, user_aim = '" . str_replace("\'", "''", str_replace(' ', '+', $aim)) . "', user_yim = '" . str_replace("\'", "''", $yim) . "', user_msnm = '" . str_replace("\'", "''", $msn) . "', user_attachsig = $attachsig, user_allowsmile = $allowsmilies, user_allowhtml = $allowhtml, user_allowbbcode = $allowbbcode, user_allow_viewonline = $allowviewonline, user_notify = $notifyreply, user_notify_pm = $notifypm, user_popup_pm = $popup_pm, user_timezone = $user_timezone, user_dateformat = '" . str_replace("\'", "''", $user_dateformat) . "', user_lang = '" . str_replace("\'", "''", $user_lang) . "', user_style = $user_style, user_active = $user_active, user_actkey = '" . str_replace("\'", "''", $user_actkey) . "'" . $avatar_sql . "
 				WHERE user_id = $user_id";
 			if ( !($result = $db->sql_query($sql)) )
 			{
@@ -426,19 +532,19 @@ if ( isset($HTTP_POST_VARS['submit']) )
 				include($phpbb_root_path . 'includes/emailer.'.$phpEx);
 				$emailer = new emailer($board_config['smtp_delivery']);

-				$email_headers = "From: " . $board_config['board_email'] . "\nReturn-Path: " . $board_config['board_email'] . "\r\n";
+				$emailer->from($board_config['board_email']);
+				$emailer->replyto($board_config['board_email']);

 				$emailer->use_template('user_activate', stripslashes($user_lang));
 				$emailer->email_address($email);
-				$emailer->set_subject();//$lang['Reactivate']
-				$emailer->extra_headers($email_headers);
+				$emailer->set_subject($lang['Reactivate']);

 				$emailer->assign_vars(array(
 					'SITENAME' => $board_config['sitename'],
-					'USERNAME' => $username,
-					'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']), 
+					'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $username), 0, 25)),
+					'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '',

-					'U_ACTIVATE' => $server_url . '?mode=activate&act_key=' . $user_actkey)
+					'U_ACTIVATE' => $server_url . '?mode=activate&' . POST_USERS_URL . '=' . $user_id . '&act_key=' . $user_actkey)
 				);
 				$emailer->send();
 				$emailer->reset();
@@ -471,24 +577,11 @@ if ( isset($HTTP_POST_VARS['submit']) )
 			}
 			$user_id = $row['total'] + 1;

-			$sql = "SELECT MAX(group_id) AS total
-				FROM " . GROUPS_TABLE;
-			if ( !($result = $db->sql_query($sql)) )
-			{
-				message_die(GENERAL_ERROR, 'Could not obtain next user_id information', '', __LINE__, __FILE__, $sql);
-			}
-
-			if ( !($row = $db->sql_fetchrow($result)) )
-			{
-				message_die(GENERAL_ERROR, 'Could not obtain next user_id information', '', __LINE__, __FILE__, $sql);
-			}
-			$group_id = $row['total'] + 1;
-
 			//
 			// Get current date
 			//
 			$sql = "INSERT INTO " . USERS_TABLE . "	(user_id, username, user_regdate, user_password, user_email, user_icq, user_website, user_occ, user_from, user_interests, user_sig, user_sig_bbcode_uid, user_avatar, user_avatar_type, user_viewemail, user_aim, user_yim, user_msnm, user_attachsig, user_allowsmile, user_allowhtml, user_allowbbcode, user_allow_viewonline, user_notify, user_notify_pm, user_popup_pm, user_timezone, user_dateformat, user_lang, user_style, user_level, user_allow_pm, user_active, user_actkey)
-				VALUES ($user_id, '" . str_replace("\'", "''", $username) . "', " . time() . ", '" . str_replace("\'", "''", $password) . "', '" . str_replace("\'", "''", $email) . "', '" . str_replace("\'", "''", $icq) . "', '" . str_replace("\'", "''", $website) . "', '" . str_replace("\'", "''", $occupation) . "', '" . str_replace("\'", "''", $location) . "', '" . str_replace("\'", "''", $interests) . "', '" . str_replace("\'", "''", $signature) . "', '$signature_bbcode_uid', $avatar_sql, $viewemail, '" . str_replace("\'", "''", str_replace(' ', '+', $aim)) . "', '" . str_replace("\'", "''", $yim) . "', '" . str_replace("\'", "''", $msn) . "', $attachsig, $allowsmilies, $allowhtml, $allowbbcode, $allowviewonline, $notifyreply, $notifypm, $popuppm, $user_timezone, '" . str_replace("\'", "''", $user_dateformat) . "', '" . str_replace("\'", "''", $user_lang) . "', $user_style, 0, 1, ";
+				VALUES ($user_id, '" . str_replace("\'", "''", $username) . "', " . time() . ", '" . str_replace("\'", "''", $new_password) . "', '" . str_replace("\'", "''", $email) . "', '" . str_replace("\'", "''", $icq) . "', '" . str_replace("\'", "''", $website) . "', '" . str_replace("\'", "''", $occupation) . "', '" . str_replace("\'", "''", $location) . "', '" . str_replace("\'", "''", $interests) . "', '" . str_replace("\'", "''", $signature) . "', '$signature_bbcode_uid', $avatar_sql, $viewemail, '" . str_replace("\'", "''", str_replace(' ', '+', $aim)) . "', '" . str_replace("\'", "''", $yim) . "', '" . str_replace("\'", "''", $msn) . "', $attachsig, $allowsmilies, $allowhtml, $allowbbcode, $allowviewonline, $notifyreply, $notifypm, $popup_pm, $user_timezone, '" . str_replace("\'", "''", $user_dateformat) . "', '" . str_replace("\'", "''", $user_lang) . "', $user_style, 0, 1, ";
 			if ( $board_config['require_activation'] == USER_ACTIVATION_SELF || $board_config['require_activation'] == USER_ACTIVATION_ADMIN || $coppa )
 			{
 				$user_actkey = gen_rand_string(true);
@@ -507,13 +600,15 @@ if ( isset($HTTP_POST_VARS['submit']) )
 				message_die(GENERAL_ERROR, 'Could not insert data into users table', '', __LINE__, __FILE__, $sql);
 			}

-			$sql = "INSERT INTO " . GROUPS_TABLE . " (group_id, group_name, group_description, group_single_user, group_moderator)
-				VALUES ($group_id, '', 'Personal User', 1, 0)";
+			$sql = "INSERT INTO " . GROUPS_TABLE . " (group_name, group_description, group_single_user, group_moderator)
+				VALUES ('', 'Personal User', 1, 0)";
 			if ( !($result = $db->sql_query($sql)) )
 			{
 				message_die(GENERAL_ERROR, 'Could not insert data into groups table', '', __LINE__, __FILE__, $sql);
 			}

+			$group_id = $db->sql_nextid();
+
 			$sql = "INSERT INTO " . USER_GROUP_TABLE . " (user_id, group_id, user_pending)
 				VALUES ($user_id, $group_id, 0)";
 			if( !($result = $db->sql_query($sql, END_TRANSACTION)) )
@@ -545,24 +640,22 @@ if ( isset($HTTP_POST_VARS['submit']) )
 			include($phpbb_root_path . 'includes/emailer.'.$phpEx);
 			$emailer = new emailer($board_config['smtp_delivery']);

-			$email_headers = "From: " . $board_config['board_email'] . "\nReturn-Path: " . $board_config['board_email'] . "\r\n";
+			$emailer->from($board_config['board_email']);
+			$emailer->replyto($board_config['board_email']);

 			$emailer->use_template($email_template, stripslashes($user_lang));
 			$emailer->email_address($email);
-			$emailer->set_subject();//sprintf($lang['Welcome_subject'], $board_config['sitename'])
-			$emailer->extra_headers($email_headers);
+			$emailer->set_subject(sprintf($lang['Welcome_subject'], $board_config['sitename']));

 			if( $coppa )
 			{
 				$emailer->assign_vars(array(
-					'SITENAME' => $board_config['sitename'], 
+					'SITENAME' => $board_config['sitename'],
 					'WELCOME_MSG' => sprintf($lang['Welcome_subject'], $board_config['sitename']),
-					'USERNAME' => $username,
+					'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $username), 0, 25)),
 					'PASSWORD' => $password_confirm,
 					'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),

-					'U_ACTIVATE' => $server_url . '?mode=activate&act_key=' . $user_actkey,
-
 					'FAX_INFO' => $board_config['coppa_fax'],
 					'MAIL_INFO' => $board_config['coppa_mail'],
 					'EMAIL_ADDRESS' => $email,
@@ -579,13 +672,13 @@ if ( isset($HTTP_POST_VARS['submit']) )
 			else
 			{
 				$emailer->assign_vars(array(
-					'SITENAME' => $board_config['sitename'], 
+					'SITENAME' => $board_config['sitename'],
 					'WELCOME_MSG' => sprintf($lang['Welcome_subject'], $board_config['sitename']),
-					'USERNAME' => $username,
+					'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $username), 0, 25)),
 					'PASSWORD' => $password_confirm,
 					'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),

-					'U_ACTIVATE' => $server_url . '?mode=activate&act_key=' . $user_actkey)
+					'U_ACTIVATE' => $server_url . '?mode=activate&' . POST_USERS_URL . '=' . $user_id . '&act_key=' . $user_actkey)
 				);
 			}

@@ -594,19 +687,34 @@ if ( isset($HTTP_POST_VARS['submit']) )

 			if ( $board_config['require_activation'] == USER_ACTIVATION_ADMIN )
 			{
-				$emailer->use_template("admin_activate", stripslashes($user_lang));
-				$emailer->email_address($board_config['board_email']);
-				$emailer->set_subject(); //$lang['New_account_subject']
-				$emailer->extra_headers($email_headers);
+				$sql = "SELECT user_email, user_lang 
+					FROM " . USERS_TABLE . "
+					WHERE user_level = " . ADMIN;
+				
+				if ( !($result = $db->sql_query($sql)) )
+				{
+					message_die(GENERAL_ERROR, 'Could not select Administrators', '', __LINE__, __FILE__, $sql);
+				}
+				
+				while ($row = $db->sql_fetchrow($result))
+				{
+					$emailer->from($board_config['board_email']);
+					$emailer->replyto($board_config['board_email']);
+					
+					$emailer->email_address(trim($row['user_email']));
+					$emailer->use_template("admin_activate", $row['user_lang']);
+					$emailer->set_subject($lang['New_account_subject']);

-				$emailer->assign_vars(array(
-					'USERNAME' => $username,
-					'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),
+					$emailer->assign_vars(array(
+						'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $username), 0, 25)),
+						'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),

-					'U_ACTIVATE' => $server_url . '?mode=activate&act_key=' . $user_actkey)
-				);
-				$emailer->send();
-				$emailer->reset();
+						'U_ACTIVATE' => $server_url . '?mode=activate&' . POST_USERS_URL . '=' . $user_id . '&act_key=' . $user_actkey)
+					);
+					$emailer->send();
+					$emailer->reset();
+				}
+				$db->sql_freeresult($result);
 			}

 			$message = $message . '<br /><br />' . sprintf($lang['Click_return_index'],  '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
@@ -621,22 +729,23 @@ if ( $error )
 {
 	//
 	// If an error occured we need to stripslashes on returned data
-	// 
+	//
 	$username = stripslashes($username);
 	$email = stripslashes($email);
-	$password = '';
+	$new_password = '';
 	$password_confirm = '';

 	$icq = stripslashes($icq);
-	$aim = htmlspecialchars(str_replace('+', ' ', stripslashes($aim)));
-	$msn = htmlspecialchars(stripslashes($msn));
-	$yim = htmlspecialchars(stripslashes($yim));
+	$aim = str_replace('+', ' ', stripslashes($aim));
+	$msn = stripslashes($msn);
+	$yim = stripslashes($yim);

-	$website = htmlspecialchars(stripslashes($website));
-	$location = htmlspecialchars(stripslashes($location));
-	$occupation = htmlspecialchars(stripslashes($occupation));
-	$interests = htmlspecialchars(stripslashes($interests));
+	$website = stripslashes($website);
+	$location = stripslashes($location);
+	$occupation = stripslashes($occupation);
+	$interests = stripslashes($interests);
 	$signature = stripslashes($signature);
+	$signature = ($signature_bbcode_uid != '') ? preg_replace("/:(([a-z0-9]+:)?)$signature_bbcode_uid(=|\])/si", '\\3', $signature) : $signature;

 	$user_lang = stripslashes($user_lang);
 	$user_dateformat = stripslashes($user_dateformat);
@@ -645,26 +754,26 @@ if ( $error )
 else if ( $mode == 'editprofile' && !isset($HTTP_POST_VARS['avatargallery']) && !isset($HTTP_POST_VARS['submitavatar']) && !isset($HTTP_POST_VARS['cancelavatar']) )
 {
 	$user_id = $userdata['user_id'];
-	$username = htmlspecialchars($userdata['username']);
+	$username = $userdata['username'];
 	$email = $userdata['user_email'];
-	$password = '';
+	$new_password = '';
 	$password_confirm = '';

 	$icq = $userdata['user_icq'];
-	$aim = htmlspecialchars(str_replace('+', ' ', $userdata['user_aim']));
-	$msn = htmlspecialchars($userdata['user_msnm']);
-	$yim = htmlspecialchars($userdata['user_yim']);
+	$aim = str_replace('+', ' ', $userdata['user_aim']);
+	$msn = $userdata['user_msnm'];
+	$yim = $userdata['user_yim'];

-	$website = htmlspecialchars($userdata['user_website']);
-	$location = htmlspecialchars($userdata['user_from']);
-	$occupation = htmlspecialchars($userdata['user_occ']);
-	$interests = htmlspecialchars($userdata['user_interests']);
+	$website = $userdata['user_website'];
+	$location = $userdata['user_from'];
+	$occupation = $userdata['user_occ'];
+	$interests = $userdata['user_interests'];
 	$signature_bbcode_uid = $userdata['user_sig_bbcode_uid'];
-	$signature = ( $signature_bbcode_uid != '' ) ? preg_replace("/\:(([a-z0-9]:)?)$signature_bbcode_uid/si", '', $userdata['user_sig']) : $userdata['user_sig'];
+	$signature = ($signature_bbcode_uid != '') ? preg_replace("/:(([a-z0-9]+:)?)$signature_bbcode_uid(=|\])/si", '\\3', $userdata['user_sig']) : $userdata['user_sig'];

 	$viewemail = $userdata['user_viewemail'];
 	$notifypm = $userdata['user_notify_pm'];
-	$popuppm = $userdata['user_popup_pm'];
+	$popup_pm = $userdata['user_popup_pm'];
 	$notifyreply = $userdata['user_notify'];
 	$attachsig = $userdata['user_attachsig'];
 	$allowhtml = $userdata['user_allowhtml'];
@@ -701,13 +810,15 @@ if( isset($HTTP_POST_VARS['avatargallery']) && !$error )
 {
 	include($phpbb_root_path . 'includes/usercp_avatar.'.$phpEx);

-	$avatar_category = ( !empty($HTTP_POST_VARS['avatarcategory']) ) ? $HTTP_POST_VARS['avatarcategory'] : '';
+	$avatar_category = ( !empty($HTTP_POST_VARS['avatarcategory']) ) ? htmlspecialchars($HTTP_POST_VARS['avatarcategory']) : '';

 	$template->set_filenames(array(
 		'body' => 'profile_avatar_gallery.tpl')
 	);

-	display_avatar_gallery($mode, $avatar_category, $user_id, $email, $current_email, $coppa, $username, $email, $icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature, $viewemail, $notifypm, $popuppm, $notifyreply, $attachsig, $allowhtml, $allowbbcode, $allowsmilies, $allowviewonline, $user_style, $user_lang, $user_timezone, $user_dateformat);
+	$allowviewonline = !$allowviewonline;
+
+	display_avatar_gallery($mode, $avatar_category, $user_id, $email, $current_email, $coppa, $username, $email, &$new_password, &$cur_password, $password_confirm, $icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature, $viewemail, $notifypm, $popup_pm, $notifyreply, $attachsig, $allowhtml, $allowbbcode, $allowsmilies, $allowviewonline, $user_style, $user_lang, $user_timezone, $user_dateformat, $userdata['session_id']);
 }
 else
 {
@@ -723,8 +834,6 @@ else
 		$selected_template = $board_config['system_template'];
 	}

-	$signature = preg_replace('/\:[0-9a-z\:]*?\]/si', ']', $signature);
-
 	$avatar_img = '';
 	if ( $user_avatar_type )
 	{
@@ -782,16 +891,106 @@ else
 		$template->assign_block_vars('switch_edit_profile', array());
 	}

+	if ( ($mode == 'register') || ($board_config['allow_namechange']) )
+	{
+		$template->assign_block_vars('switch_namechange_allowed', array());
+	}
+	else
+	{
+		$template->assign_block_vars('switch_namechange_disallowed', array());
+	}
+
+
+	// Visual Confirmation
+	$confirm_image = '';
+	if (!empty($board_config['enable_confirm']) && $mode == 'register')
+	{
+		$sql = 'SELECT session_id 
+			FROM ' . SESSIONS_TABLE; 
+		if (!($result = $db->sql_query($sql)))
+		{
+			message_die(GENERAL_ERROR, 'Could not select session data', '', __LINE__, __FILE__, $sql);
+		}
+
+		if ($row = $db->sql_fetchrow($result))
+		{
+			$confirm_sql = '';
+			do
+			{
+				$confirm_sql .= (($confirm_sql != '') ? ', ' : '') . "'" . $row['session_id'] . "'";
+			}
+			while ($row = $db->sql_fetchrow($result));
+		
+			$sql = 'DELETE FROM ' .  CONFIRM_TABLE . " 
+				WHERE session_id NOT IN ($confirm_sql)";
+			if (!$db->sql_query($sql))
+			{
+				message_die(GENERAL_ERROR, 'Could not delete stale confirm data', '', __LINE__, __FILE__, $sql);
+			}
+		}
+		$db->sql_freeresult($result);
+
+		$sql = 'SELECT COUNT(session_id) AS attempts 
+			FROM ' . CONFIRM_TABLE . " 
+			WHERE session_id = '" . $userdata['session_id'] . "'";
+		if (!($result = $db->sql_query($sql)))
+		{
+			message_die(GENERAL_ERROR, 'Could not obtain confirm code count', '', __LINE__, __FILE__, $sql);
+		}
+
+		if ($row = $db->sql_fetchrow($result))
+		{
+			if ($row['attempts'] > 3)
+			{
+				message_die(GENERAL_MESSAGE, $lang['Too_many_registers']);
+			}
+		}
+		$db->sql_freeresult($result);
+		
+		$confirm_chars = array('A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J',  'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T',  'U', 'V', 'W', 'X', 'Y', 'Z', '1', '2', '3', '4', '5', '6', '7', '8', '9');
+
+		list($usec, $sec) = explode(' ', microtime()); 
+		mt_srand($sec * $usec); 
+
+		$max_chars = count($confirm_chars) - 1;
+		$code = '';
+		for ($i = 0; $i < 6; $i++)
+		{
+			$code .= $confirm_chars[mt_rand(0, $max_chars)];
+		}
+
+		$confirm_id = md5(uniqid($user_ip));
+
+		$sql = 'INSERT INTO ' . CONFIRM_TABLE . " (confirm_id, session_id, code) 
+			VALUES ('$confirm_id', '". $userdata['session_id'] . "', '$code')";
+		if (!$db->sql_query($sql))
+		{
+			message_die(GENERAL_ERROR, 'Could not insert new confirm code information', '', __LINE__, __FILE__, $sql);
+		}
+
+		unset($code);
+		
+		$confirm_image = (@extension_loaded('zlib')) ? '<img src="' . append_sid("profile.$phpEx?mode=confirm&amp;id=$confirm_id") . '" alt="" title="" />' : '<img src="' . append_sid("profile.$phpEx?mode=confirm&amp;id=$confirm_id&amp;c=1") . '" alt="" title="" /><img src="' . append_sid("profile.$phpEx?mode=confirm&amp;id=$confirm_id&amp;c=2") . '" alt="" title="" /><img src="' . append_sid("profile.$phpEx?mode=confirm&amp;id=$confirm_id&amp;c=3") . '" alt="" title="" /><img src="' . append_sid("profile.$phpEx?mode=confirm&amp;id=$confirm_id&amp;c=4") . '" alt="" title="" /><img src="' . append_sid("profile.$phpEx?mode=confirm&amp;id=$confirm_id&amp;c=5") . '" alt="" title="" /><img src="' . append_sid("profile.$phpEx?mode=confirm&amp;id=$confirm_id&amp;c=6") . '" alt="" title="" />';
+		$s_hidden_fields .= '<input type="hidden" name="confirm_id" value="' . $confirm_id . '" />';
+
+		$template->assign_block_vars('switch_confirm', array());
+	}
+
+
 	//
 	// Let's do an overall check for settings/versions which would prevent
 	// us from doing file uploads....
 	//
 	$ini_val = ( phpversion() >= '4.0.0' ) ? 'ini_get' : 'get_cfg_var';
-	$form_enctype = ( !@$ini_val('file_uploads') || phpversion() == '4.0.4pl1' || !$board_config['allow_avatar_upload'] || ( phpversion() < '4.0.3' && @$ini_val('open_basedir') != '' ) ) ? '' : 'enctype="multipart/form-data"';
-	
+	$form_enctype = ( @$ini_val('file_uploads') == '0' || strtolower(@$ini_val('file_uploads') == 'off') || phpversion() == '4.0.4pl1' || !$board_config['allow_avatar_upload'] || ( phpversion() < '4.0.3' && @$ini_val('open_basedir') != '' ) ) ? '' : 'enctype="multipart/form-data"';
+
 	$template->assign_vars(array(
 		'USERNAME' => $username,
+		'CUR_PASSWORD' => $cur_password,
+		'NEW_PASSWORD' => $new_password,
+		'PASSWORD_CONFIRM' => $password_confirm,
 		'EMAIL' => $email,
+		'CONFIRM_IMG' => $confirm_image, 
 		'YIM' => $yim,
 		'ICQ' => $icq,
 		'MSN' => $msn,
@@ -807,8 +1006,8 @@ else
 		'HIDE_USER_NO' => ( $allowviewonline ) ? 'checked="checked"' : '',
 		'NOTIFY_PM_YES' => ( $notifypm ) ? 'checked="checked"' : '',
 		'NOTIFY_PM_NO' => ( !$notifypm ) ? 'checked="checked"' : '',
-		'POPUP_PM_YES' => ( $popuppm ) ? 'checked="checked"' : '',
-		'POPUP_PM_NO' => ( !$popuppm ) ? 'checked="checked"' : '',
+		'POPUP_PM_YES' => ( $popup_pm ) ? 'checked="checked"' : '',
+		'POPUP_PM_NO' => ( !$popup_pm ) ? 'checked="checked"' : '',
 		'ALWAYS_ADD_SIGNATURE_YES' => ( $attachsig ) ? 'checked="checked"' : '',
 		'ALWAYS_ADD_SIGNATURE_NO' => ( !$attachsig ) ? 'checked="checked"' : '',
 		'NOTIFY_REPLY_YES' => ( $notifyreply ) ? 'checked="checked"' : '',
@@ -827,11 +1026,11 @@ else
 		'TIMEZONE_SELECT' => tz_select($user_timezone, 'timezone'),
 		'DATE_FORMAT' => $user_dateformat,
 		'HTML_STATUS' => $html_status,
-		'BBCODE_STATUS' => sprintf($bbcode_status, '<a href="' . append_sid("faq.$phpEx?mode=bbcode") . '" target="_phpbbcode">', '</a>'), 
+		'BBCODE_STATUS' => sprintf($bbcode_status, '<a href="' . append_sid("faq.$phpEx?mode=bbcode") . '" target="_phpbbcode">', '</a>'),
 		'SMILIES_STATUS' => $smilies_status,

-		'L_CURRENT_PASSWORD' => $lang['Current_password'], 
-		'L_NEW_PASSWORD' => ( $mode == 'register' ) ? $lang['Password'] : $lang['New_password'], 
+		'L_CURRENT_PASSWORD' => $lang['Current_password'],
+		'L_NEW_PASSWORD' => ( $mode == 'register' ) ? $lang['Password'] : $lang['New_password'],
 		'L_CONFIRM_PASSWORD' => $lang['Confirm_password'],
 		'L_CONFIRM_PASSWORD_EXPLAIN' => ( $mode == 'editprofile' ) ? $lang['Confirm_password_explain'] : '',
 		'L_PASSWORD_IF_CHANGED' => ( $mode == 'editprofile' ) ? $lang['password_if_changed'] : '',
@@ -886,6 +1085,10 @@ else
 		'L_PROFILE_INFO_NOTICE' => $lang['Profile_info_warn'],
 		'L_EMAIL_ADDRESS' => $lang['Email_address'],

+		'L_CONFIRM_CODE_IMPAIRED'	=> sprintf($lang['Confirm_code_impaired'], '<a href="mailto:' . $board_config['board_email'] . '">', '</a>'), 
+		'L_CONFIRM_CODE'			=> $lang['Confirm_code'], 
+		'L_CONFIRM_CODE_EXPLAIN'	=> $lang['Confirm_code_explain'], 
+
 		'S_ALLOW_AVATAR_UPLOAD' => $board_config['allow_avatar_upload'],
 		'S_ALLOW_AVATAR_LOCAL' => $board_config['allow_avatar_local'],
 		'S_ALLOW_AVATAR_REMOTE' => $board_config['allow_avatar_remote'],
@@ -899,27 +1102,30 @@ else
 	// of the templates to 'fake' an IF...ELSE...ENDIF solution
 	// it works well :)
 	//
-	if ( $userdata['user_allowavatar'] && ( $board_config['allow_avatar_upload'] || $board_config['allow_avatar_local'] || $board_config['allow_avatar_remote'] ) )
+	if ( $mode != 'register' )
 	{
-		$template->assign_block_vars('switch_avatar_block', array() );
-
-		if ( $board_config['allow_avatar_upload'] && file_exists('./' . $board_config['avatar_path']) )
+		if ( $userdata['user_allowavatar'] && ( $board_config['allow_avatar_upload'] || $board_config['allow_avatar_local'] || $board_config['allow_avatar_remote'] ) )
 		{
-			if ( $form_enctype != '' )
+			$template->assign_block_vars('switch_avatar_block', array() );
+
+			if ( $board_config['allow_avatar_upload'] && file_exists(@phpbb_realpath('./' . $board_config['avatar_path'])) )
 			{
-				$template->assign_block_vars('switch_avatar_block.switch_avatar_local_upload', array() );
+				if ( $form_enctype != '' )
+				{
+					$template->assign_block_vars('switch_avatar_block.switch_avatar_local_upload', array() );
+				}
+				$template->assign_block_vars('switch_avatar_block.switch_avatar_remote_upload', array() );
 			}
-			$template->assign_block_vars('switch_avatar_block.switch_avatar_remote_upload', array() );
-		}

-		if ( $board_config['allow_avatar_remote'] )
-		{
-			$template->assign_block_vars('switch_avatar_block.switch_avatar_remote_link', array() );
-		}
+			if ( $board_config['allow_avatar_remote'] )
+			{
+				$template->assign_block_vars('switch_avatar_block.switch_avatar_remote_link', array() );
+			}

-		if ( $board_config['allow_avatar_local'] && file_exists('./' . $board_config['avatar_gallery_path']) )
-		{
-			$template->assign_block_vars('switch_avatar_block.switch_avatar_local_gallery', array() );
+			if ( $board_config['allow_avatar_local'] && file_exists(@phpbb_realpath('./' . $board_config['avatar_gallery_path'])) )
+			{
+				$template->assign_block_vars('switch_avatar_block.switch_avatar_local_gallery', array() );
+			}
 		}
 	}
 }
@@ -928,4 +1134,4 @@ $template->pparse('body');

 include($phpbb_root_path . 'includes/page_tail.'.$phpEx);

-?>
+?>
--- a/phpBB/includes/usercp_sendpasswd.php
+++ b/phpBB/includes/usercp_sendpasswd.php
@@ -29,7 +29,7 @@ if ( !defined('IN_PHPBB') )

 if ( isset($HTTP_POST_VARS['submit']) )
 {
-	$username = ( !empty($HTTP_POST_VARS['username']) ) ? trim(strip_tags($HTTP_POST_VARS['username'])) : '';
+	$username = ( !empty($HTTP_POST_VARS['username']) ) ? phpbb_clean_username($HTTP_POST_VARS['username']) : '';
 	$email = ( !empty($HTTP_POST_VARS['email']) ) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['email']))) : '';

 	$sql = "SELECT user_id, username, user_email, user_active, user_lang 
@@ -46,6 +46,7 @@ if ( isset($HTTP_POST_VARS['submit']) )
 			}

 			$username = $row['username'];
+			$user_id = $row['user_id'];

 			$user_actkey = gen_rand_string(true);
 			$key_len = 54 - strlen($server_url);
@@ -54,7 +55,7 @@ if ( isset($HTTP_POST_VARS['submit']) )
 			$user_password = gen_rand_string(false);
 			
 			$sql = "UPDATE " . USERS_TABLE . " 
-				SET user_newpasswd = '" .md5($user_password) . "', user_actkey = '$user_actkey' 
+				SET user_newpasswd = '" . md5($user_password) . "', user_actkey = '$user_actkey'  
 				WHERE user_id = " . $row['user_id'];
 			if ( !$db->sql_query($sql) )
 			{
@@ -64,20 +65,20 @@ if ( isset($HTTP_POST_VARS['submit']) )
 			include($phpbb_root_path . 'includes/emailer.'.$phpEx);
 			$emailer = new emailer($board_config['smtp_delivery']);

-			$email_headers = 'From: ' . $board_config['board_email'] . "\nReturn-Path: " . $board_config['board_email'] . "\r\n";
+			$emailer->from($board_config['board_email']);
+			$emailer->replyto($board_config['board_email']);

 			$emailer->use_template('user_activate_passwd', $row['user_lang']);
 			$emailer->email_address($row['user_email']);
-			$emailer->set_subject();//$lang['New_password_activation']
-			$emailer->extra_headers($email_headers);
+			$emailer->set_subject($lang['New_password_activation']);

 			$emailer->assign_vars(array(
 				'SITENAME' => $board_config['sitename'], 
 				'USERNAME' => $username,
 				'PASSWORD' => $user_password,
-				'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']), 
+				'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '', 

-				'U_ACTIVATE' => $server_url . "?mode=activate&act_key=$user_actkey")
+				'U_ACTIVATE' => $server_url . '?mode=activate&' . POST_USERS_URL . '=' . $user_id . '&act_key=' . $user_actkey)
 			);
 			$emailer->send();
 			$emailer->reset();
@@ -124,11 +125,14 @@ $template->assign_vars(array(
 	'L_ITEMS_REQUIRED' => $lang['Items_required'],
 	'L_EMAIL_ADDRESS' => $lang['Email_address'],
 	'L_SUBMIT' => $lang['Submit'],
-	'L_RESET' => $lang['Reset'])
+	'L_RESET' => $lang['Reset'],
+	
+	'S_HIDDEN_FIELDS' => '', 
+	'S_PROFILE_ACTION' => append_sid("profile.$phpEx?mode=sendpassword"))
 );

 $template->pparse('body');

 include($phpbb_root_path . 'includes/page_tail.'.$phpEx);

-?>
+?>
--- a/phpBB/includes/usercp_viewprofile.php
+++ b/phpBB/includes/usercp_viewprofile.php
@@ -31,7 +31,7 @@ if ( empty($HTTP_GET_VARS[POST_USERS_URL]) || $HTTP_GET_VARS[POST_USERS_URL] ==
 {
 	message_die(GENERAL_MESSAGE, $lang['No_user_id_specified']);
 }
-$profiledata = get_userdata(intval($HTTP_GET_VARS[POST_USERS_URL]));
+$profiledata = get_userdata($HTTP_GET_VARS[POST_USERS_URL]);

 $sql = "SELECT *
 	FROM " . RANKS_TABLE . "
@@ -41,6 +41,7 @@ if ( !($result = $db->sql_query($sql)) )
 	message_die(GENERAL_ERROR, 'Could not obtain ranks information', '', __LINE__, __FILE__, $sql);
 }

+$ranksrow = array();
 while ( $row = $db->sql_fetchrow($result) )
 {
 	$ranksrow[] = $row;
@@ -168,6 +169,15 @@ $search = '<a href="' . $temp_url . '">' . $lang['Search_user_posts'] . '</a>';
 $page_title = $lang['Viewing_profile'];
 include($phpbb_root_path . 'includes/page_header.'.$phpEx);

+if (function_exists('get_html_translation_table'))
+{
+	$u_search_author = urlencode(strtr($profiledata['username'], array_flip(get_html_translation_table(HTML_ENTITIES))));
+}
+else
+{
+	$u_search_author = urlencode(str_replace(array('&amp;', '&#039;', '&quot;', '&lt;', '&gt;'), array('&', "'", '"', '<', '>'), $profiledata['username']));
+}
+
 $template->assign_vars(array(
 	'USERNAME' => $profiledata['username'],
 	'JOINED' => create_date($lang['DATE_FORMAT'], $profiledata['user_regdate'], $board_config['board_timezone']),
@@ -222,7 +232,7 @@ $template->assign_vars(array(
 	'L_OCCUPATION' => $lang['Occupation'],
 	'L_INTERESTS' => $lang['Interests'],

-	'U_SEARCH_USER' => append_sid("search.$phpEx?search_author=" . urlencode($profiledata['username'])),
+	'U_SEARCH_USER' => append_sid("search.$phpEx?search_author=" . $u_search_author),

 	'S_PROFILE_ACTION' => append_sid("profile.$phpEx"))
 );