Some initial prep and listing what's changed so far.

There's still more to come before we actually make it into a release though ;-) git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@5810 89ea8834-ac86-4346-8a33-228a782c2dd0
2025-07-31 05:50:42 +02:00 · 2006-04-20 17:54:00 +00:00
parent 9fdca54c7f
commit 72e95bd7be
6 changed files with 41 additions and 31 deletions
--- a/phpBB/docs/CHANGELOG.html
+++ b/phpBB/docs/CHANGELOG.html
@@ -32,6 +32,7 @@ p,ul,td {font-size:10pt;}
 <ol>
 <li><a href="#changelog">Changelog</a></li>
 <ol type="i">
+	<li><a href="#2020">Changes since 2.0.20</a></li>
 	<li><a href="#2019">Changes since 2.0.19</a></li>
 	<li><a href="#2018">Changes since 2.0.18</a></li>
 	<li><a href="#2017">Changes since 2.0.17</a></li>
@@ -65,7 +66,16 @@ p,ul,td {font-size:10pt;}

 <p>This is a non-exhaustive (but still near complete) changelog for phpBB 2.0.x including beta and release candidate versions. Our thanks to all those people who've contributed bug reports and code fixes.</p>

-<a name="2019"></a><h3 class="h3">l.i. Changes since 2.0.19</h3>
+<a name="2020"></a><h3 class="h3">l.i. Changes since 2.0.20</h3>
+
+<ul>
+<li>[Fix] Changes to random number generator code to explicitly truncate the length of the string</li>
+<li>[Fix] Quoting on boards with HTML enabled</li>
+<li>[Fix] Redirect to list if cancelling deletion of ranks, smilies or word censors</li>
+</ul>
+
+
+<a name="2019"></a><h3 class="h3">l.ii. Changes since 2.0.19</h3>

 <ul>
 <li>[Fix] Prevent login attempts from incrementing for inactive users</li>
@@ -98,7 +108,7 @@ p,ul,td {font-size:10pt;}
 </ul>


-<a name="2018"></a><h3 class="h3">l.ii. Changes since 2.0.18</h3>
+<a name="2018"></a><h3 class="h3">l.iii. Changes since 2.0.18</h3>

 <ul>
 <li>[Fix] corrected index on session keys table under MS SQL</li>
@@ -117,7 +127,7 @@ p,ul,td {font-size:10pt;}
 </ul>


-<a name="2017"></a><h3 class="h3">l.iii. Changes since 2.0.17</h3>
+<a name="2017"></a><h3 class="h3">l.iv. Changes since 2.0.17</h3>

 <ul>
 <li>[Fix] incorrect handling of password resets if admin activation is enabled (Bug #88)</li>
@@ -165,7 +175,7 @@ p,ul,td {font-size:10pt;}
 <li>[Sec] compare imagetype on avatar uploading to match the file extension from uploaded file</li>
 </ul>

-<a name="2016"></a><h3 class="h3">l.iv. Changes since 2.0.16</h3>
+<a name="2016"></a><h3 class="h3">l.v. Changes since 2.0.16</h3>

 <ul>
 <li>Added extra checks to the deletion code in privmsg.php - reported by party_fan</li>
@@ -181,7 +191,7 @@ p,ul,td {font-size:10pt;}
 <li>Correctly set username on posts when deleting a user from the admin panel</li>
 </ul>

-<a name="2015"></a><h3 class="h3">l.v. Changes since 2.0.15</h3>
+<a name="2015"></a><h3 class="h3">l.vi. Changes since 2.0.15</h3>

 <ul>
 <li>Fixed critical issue with highlighting - <b>Discovered and fix provided by Ron van Daal</b></li>
@@ -193,7 +203,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed bug in admin re-authentication redirect for servers not having index.php as one of their default files set</li>
 </ul>

-<a name="2014"></a><h3 class="h3">l.vi. Changes since 2.0.14</h3>
+<a name="2014"></a><h3 class="h3">l.vii. Changes since 2.0.14</h3>

 <ul>
 <li>Fixed moderator status removal in groupcp.php</li>
@@ -215,7 +225,7 @@ p,ul,td {font-size:10pt;}
 <li>Empty url/img bbcodes no longer get parsed</li>
 </ul>

-<a name="2013"></a><h3 class="h3">l.vii. Changes since 2.0.13</h3>
+<a name="2013"></a><h3 class="h3">l.viii. Changes since 2.0.13</h3>

 <ul>
 <li>Hardened author and keyword search a bit to not allow very server intensive searches</li>
@@ -232,7 +242,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed case-sensitivity issues in postgres7.php - <b>R45</b></li>
 </ul>

-<a name="2012"></a><h3 class="h3">l.viii. Changes since 2.0.12</h3>
+<a name="2012"></a><h3 class="h3">l.ix. Changes since 2.0.12</h3>

 <ul>
 <li>Ommitted preg_replace warning in viewtopic due to improper working of preg_quote in PHP - originally reported by matrix_killer, fix submitted by another party</li>
@@ -240,7 +250,7 @@ p,ul,td {font-size:10pt;}
 <li>Minimum requirements raised to PHP 4.0.3 or above due to fixing vulnerability issues breaking PHP3 compatibility.</li>
 </ul>

-<a name="2011"></a><h3 class="h3">l.ix. Changes since 2.0.11</h3>
+<a name="2011"></a><h3 class="h3">l.x. Changes since 2.0.11</h3>

 <ul>
 <li>Added confirm table to admin_db_utilities.php</li>
@@ -255,7 +265,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed path disclosure bug in viewtopic.php caused by a PHP 4.3.10 bug - <b>matrix_killer</b></li>
 </ul>

-<a name="2010"></a><h3 class="h3">l.x. Changes since 2.0.10</h3>
+<a name="2010"></a><h3 class="h3">l.xi. Changes since 2.0.10</h3>

 <ul>
 <li>Fixed vulnerability in highlighting code (<b>very high severity, please update your installation as soon as possible</b>)</li>
@@ -266,7 +276,7 @@ p,ul,td {font-size:10pt;}
 <li>Added visual confirmation mod to code base</li>
 </ul>

-<a name="209"></a><h3 class="h3">l.xi. Changes since 2.0.9</h3>
+<a name="209"></a><h3 class="h3">l.xii. Changes since 2.0.9</h3>

 <ul>
 <li>Fixed deleting of styles in admin_styles.php</li>
@@ -279,7 +289,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed visual confirmation code. The image was not created due to a wrong regular expression.</li>
 </ul>

-<a name="208"></a><h3 class="h3">l.xii. Changes since 2.0.8</h3>
+<a name="208"></a><h3 class="h3">l.xiii. Changes since 2.0.8</h3>

 <ul>
 <li>Fixed one vulnerability in admin_board.php - <b>Xore</b></li>
@@ -298,7 +308,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed problem with SID not delivered to next page in groupcp.php</li>
 </ul>

-<a name="207"></a><h3 class="h3">l.xiii. Changes since 2.0.7</h3>
+<a name="207"></a><h3 class="h3">l.xiv. Changes since 2.0.7</h3>

 <ul>
 <li>Fixed several vulnerabilities in admin pages</li>
@@ -310,7 +320,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed sql injection vulnerability in privmsg - 2.0.8a</li>
 </ul>

-<a name="206"></a><h3 class="h3">1.xiv. Changes since 2.0.6</h3>
+<a name="206"></a><h3 class="h3">1.xv. Changes since 2.0.6</h3>

 <ul>
 <li>Fixed several vulnerabilities in modcp - <b>Robert Lavierck</b></li>
@@ -324,7 +334,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed potential vulnerability in avatar gallery</li>
 </ul>

-<a name="205"></a><h3 class="h3">1.xv. Changes since 2.0.5</h3>
+<a name="205"></a><h3 class="h3">1.xvi. Changes since 2.0.5</h3>

 <ul>
 <li>Fixed various email issues</li>
@@ -340,7 +350,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed sql injection with reset date format field in profile - <b>tendor</b></li>
 </ul>

-<a name="204"></a><h3 class="h3">1.xvi. Changes since 2.0.4</h3>
+<a name="204"></a><h3 class="h3">1.xvii. Changes since 2.0.4</h3>

 <ul>
 <li>Removed user facing session_id checks</li>
@@ -412,7 +422,7 @@ p,ul,td {font-size:10pt;}
 <li>Default English support for visual confirmation - translators are encouraged to support this</li>
 </ul>

-<a name="203"></a><h3 class="h3">1.xvii. Changes since 2.0.3</h3>
+<a name="203"></a><h3 class="h3">1.xviii. Changes since 2.0.3</h3>

 <ul>
 <li>Fixed cross-browser scripting issue with highlight param</li>
@@ -539,7 +549,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed potential SQL vulnerability with marking of private messages - <b>Ulf Harnhammar</b></li>
 </ul>

-<a name="202"></a><h3 class="h3">1.xviii. Changes since 2.0.2</h3>
+<a name="202"></a><h3 class="h3">1.xix. Changes since 2.0.2</h3>

 <ul>
 <li>Fixed potential cross-site scripting vulnerability with avatars - <b>Showscout</b></li>
@@ -548,7 +558,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed (hopefully) issue with MS Access and multiple pages</li>
 </ul>

-<a name="201"></a><h3 class="h3">1.xix. Changes since 2.0.1</h3>
+<a name="201"></a><h3 class="h3">1.xx. Changes since 2.0.1</h3>

 <ul>
 <li>Fixed missing "username" lang variable in user admin template</li>
@@ -583,7 +593,7 @@ p,ul,td {font-size:10pt;}
 <li>Fix emailer to allow sending emails with language-specific character sets</li>
 </ul>

-<a name="200"></a><h3 class="h3">1.xx. Changes since 2.0.0</h3>
+<a name="200"></a><h3 class="h3">1.xxi. Changes since 2.0.0</h3>

 <ul>
 <li>Fixed delete image bug for normal users</li>
@@ -640,7 +650,7 @@ p,ul,td {font-size:10pt;}
 <li>Added database closure to admin frameset page</li>
 </ul>

-<a name="final"></a><h3 class="h3">1.xxi. Changes since RC-4</h3>
+<a name="final"></a><h3 class="h3">1.xxii. Changes since RC-4</h3>

 <ul>
 <li>Fixed improper report of general error when posting messages containing errors</li>
@@ -670,7 +680,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed various remaining usergroup display issues</li>
 </ul>

-<a name="rc4"></a><h3 class="h3">1.xxii. Changes since RC-3</h3>
+<a name="rc4"></a><h3 class="h3">1.xxiii. Changes since RC-3</h3>

 <ul>
 <li>Addressed serious security issue with included files</li>
@@ -701,7 +711,7 @@ p,ul,td {font-size:10pt;}
 <li>Fix (hopefully) remaining ICQ overlay issue with view profile in subSilver</li>
 </ul>

-<a name="rc3"></a><h3 class="h3">1.xxiii. Changes since RC-2</h3>
+<a name="rc3"></a><h3 class="h3">1.xxiv. Changes since RC-2</h3>

 <ul>
 <li>Fixed infamous install parse error</li>
@@ -734,7 +744,7 @@ p,ul,td {font-size:10pt;}
 <li>Hidden usergroups are now completely hidden from view</li>
 </ul>

-<a name="rc2"></a><h3 class="h3">1.xxiv. Changes since RC-1</h3>
+<a name="rc2"></a><h3 class="h3">1.xxv. Changes since RC-1</h3>

 <ul>
 <li>Fixed numerous PostgreSQL related issues</li>
@@ -754,7 +764,7 @@ p,ul,td {font-size:10pt;}
 <li>Various other fixes and updates</li>
 </ul>

-<a name="rc1"></a><h3 class="h3">1.xxv. Changes since RC-1 (pre)</h3>
+<a name="rc1"></a><h3 class="h3">1.xxvi. Changes since RC-1 (pre)</h3>

 <ul>
 <li>Upgrade script completed for initial fully functional release</li>
--- a/phpBB/docs/INSTALL.html
+++ b/phpBB/docs/INSTALL.html
@@ -194,7 +194,7 @@ p,ul,td {font-size:10pt;}

 <a name="upgradeSTABLE_files"></a><h3 class="h3">7.ii. Changed files only</h3>

-<p>This package contains a number of archives, each contains the files changed from a given release to the latest version. You should select the appropriate archive for your current version, e.g. if you currently have 2.0.19 you should select the phpBB-2.0.19_to_2.0.20.zip/tar.gz file.</p>
+<p>This package contains a number of archives, each contains the files changed from a given release to the latest version. You should select the appropriate archive for your current version, e.g. if you currently have 2.0.20 you should select the phpBB-2.0.20_to_2.0.21.zip/tar.gz file.</p>

 <p>The directory structure has been preserved enabling you (if you wish) to simply upload the contents of the archive to the appropriate location on your server, i.e. simply overwrite the existing files with the new versions. Do not forget that if you have installed any Mods these files will overwrite the originals possibly destroying them in the process. You will need to re-add Mods to any affected file before uploading.</p>

@@ -204,7 +204,7 @@ p,ul,td {font-size:10pt;}

 <p>The patch file is probably the best solution for those with many Mods or other changes who do not want to re-add them back to all the changed files. To use this you will need command line access to a standard UNIX type <b>patch</b> application.</p>

-<p>A number of patch files are provided to allow you to upgrade from previous stable releases. Select the correct patch, e.g. if your current version is 2.0.19 you need the phpBB-2.0.19_to_2.0.20.patch. Place the correct patch in the parent directory containing the phpBB 2 core files (i.e. index.php, viewforum.php, etc.). With this done you should run the following command: <b>patch -cl -d [PHPBB DIRECTORY] -p1 &lt; [PATCH NAME]</b> (where PHPBB DIRECTORY is the directory name your phpBB Installation resides in, for example phpBB2, and where PATCH NAME is the relevant filename of the selected patch file). This should complete quickly, hopefully without any HUNK FAILED comments.</p>
+<p>A number of patch files are provided to allow you to upgrade from previous stable releases. Select the correct patch, e.g. if your current version is 2.0.20 you need the phpBB-2.0.20_to_2.0.21.patch. Place the correct patch in the parent directory containing the phpBB 2 core files (i.e. index.php, viewforum.php, etc.). With this done you should run the following command: <b>patch -cl -d [PHPBB DIRECTORY] -p1 &lt; [PATCH NAME]</b> (where PHPBB DIRECTORY is the directory name your phpBB Installation resides in, for example phpBB2, and where PATCH NAME is the relevant filename of the selected patch file). This should complete quickly, hopefully without any HUNK FAILED comments.</p>

 <p>If you do get failures you should look at using the <a href="#upgradeSTABLE_files">Changed files only</a> package to replace the files which failed to patch, please note that you will need to manually re-add any Mods to these particular files. Alternatively if you know how you can examine the .rej files to determine what failed where and make manual adjustments to the relevant source.</p>

--- a/phpBB/install/schemas/mssql_basic.sql
+++ b/phpBB/install/schemas/mssql_basic.sql
@@ -74,7 +74,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('record_online_date
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('server_name', 'www.yourdomain.tld');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('server_port', '80');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('script_path', '/phpBB2/');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '.0.20');
+INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '.0.21');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('rand_seed', '0');

 /*
--- a/phpBB/install/schemas/mysql_basic.sql
+++ b/phpBB/install/schemas/mysql_basic.sql
@@ -67,7 +67,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('record_online_date
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('server_name', 'www.myserver.tld');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('server_port', '80');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('script_path', '/phpBB2/');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '.0.20');
+INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '.0.21');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('rand_seed', '0');


--- a/phpBB/install/schemas/postgres_basic.sql
+++ b/phpBB/install/schemas/postgres_basic.sql
@@ -68,7 +68,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('record_online_date
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('server_name', 'www.yourdomain.tld');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('server_port', '80');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('script_path', '/phpBB2/');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '.0.20');
+INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '.0.21');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('rand_seed', '0');

 -- Categories
--- a/phpBB/install/update_to_latest.php
+++ b/phpBB/install/update_to_latest.php
@@ -59,7 +59,7 @@ include($phpbb_root_path . 'includes/db.'.$phpEx);
 //
 //
 //
-$updates_to_version = '.0.20';
+$updates_to_version = '.0.21';
 //
 //
 //