- streamlined reports to consist of the feature set we decided upon (Nils, your turn now)

- use getenv instead of $_ENV (with $_ENV the case could be wrong)
- permission fixes (there was a bug arising with getting permission flags - re-added them and handled roles deletion differently)
- implemented max login attempts
- changed the expected return parameters for logins/sessions
- added acp page for editing report/denial reasons
- other fixes here and there


git-svn-id: file:///svn/phpbb/trunk@5622 89ea8834-ac86-4346-8a33-228a782c2dd0

phpBB/includes/functions_upload.php

@@ -91,6 +91,12 @@ class filespec
 		switch ($mode)
 		{
 			case 'real':
+				// Remove every extension from filename (to not let the mime bug being exposed)
+				if (strpos($this->realname, '.') !== false)
+				{
+					$this->realname = substr($this->realname, 0, strpos($this->realname, '.'));
+				}
+
 				// Replace any chars which may cause us problems with _
 				$bad_chars = array("'", "\\", ' ', '/', ':', '*', '?', '"', '<', '>', '|');
 
@@ -575,7 +581,7 @@ class fileupload
 		unset($url_ary);
 
 		$tmp_path = (!@ini_get('safe_mode')) ? false : $phpbb_root_path . 'cache';
-		$filename = tempnam($tmp_path, uniqid(rand()) . '-');
+		$filename = tempnam($tmp_path, unique_id() . '-');
 
 		if (!($fp = @fopen($filename, 'wb')))
 		{