This commit was manufactured by cvs2svn to create tag

'release_2_0_21'.

git-svn-id: file:///svn/phpbb/tags/release_2_0_21@5992 89ea8834-ac86-4346-8a33-228a782c2dd0

phpBB/admin/admin_board.php

@@ -59,16 +59,6 @@ else
 			$new['server_name'] = str_replace('http://', '', $new['server_name']);
 		}
 
-		// Attempt to prevent a mistake with this value.
-		if ($config_name == 'avatar_path')
-		{
-			$new['avatar_path'] = trim($new['avatar_path']);
-			if (strstr($new['avatar_path'], "\0") || !is_dir($phpbb_root_path . $new['avatar_path']) || !is_writable($phpbb_root_path . $new['avatar_path']))
-			{
-				$new['avatar_path'] = $default_config['avatar_path'];
-			}
-		}
-
 		if( isset($HTTP_POST_VARS['submit']) )
 		{
 			$sql = "UPDATE " . CONFIG_TABLE . " SET

phpBB/admin/admin_forums.php

@@ -626,7 +626,7 @@ if( !empty($mode) )
 					$vote_ids = '';
 					do
 					{
-						$vote_ids .= (($vote_ids != '') ? ', ' : '') . $row['vote_id'];
+						$vote_ids = (($vote_ids != '') ? ', ' : '') . $row['vote_id'];
 					}
 					while ($row = $db->sql_fetchrow($result));
 

phpBB/admin/admin_ranks.php

@@ -34,7 +34,7 @@ define('IN_PHPBB', 1);
 $phpbb_root_path = "./../";
 require($phpbb_root_path . 'extension.inc');
 
-$cancel = ( isset($HTTP_POST_VARS['cancel']) || isset($_POST['cancel']) ) ? true : false;
+$cancel = ( isset($HTTP_POST_VARS['cancel']) ) ? true : false;
 $no_page_header = $cancel;
 
 require('./pagestart.' . $phpEx);

phpBB/admin/admin_smilies.php

@@ -36,20 +36,23 @@ if( !empty($setmodules) )
 	return;
 }
 
-$phpbb_root_path = "./../";
-require($phpbb_root_path . 'extension.inc');
-
-$cancel = ( isset($HTTP_POST_VARS['cancel']) || isset($_POST['cancel']) ) ? true : false;
-$no_page_header = $cancel;
-
 //
 // Load default header
 //
-if ((!empty($HTTP_GET_VARS['export_pack']) && $HTTP_GET_VARS['export_pack'] == 'send') || (!empty($_GET['export_pack']) && $_GET['export_pack'] == 'send'))
+if( isset($HTTP_GET_VARS['export_pack']) )
 {
-	$no_page_header = true;
+	if ( $HTTP_GET_VARS['export_pack'] == "send" )
+	{	
+		$no_page_header = true;
+	}
 }
 
+$phpbb_root_path = "./../";
+require($phpbb_root_path . 'extension.inc');
+
+$cancel = ( isset($HTTP_POST_VARS['cancel']) ) ? true : false;
+$no_page_header = $cancel;
+
 require('./pagestart.' . $phpEx);
 
 if ($cancel)

phpBB/admin/admin_styles.php

@@ -41,10 +41,10 @@ if( !empty($setmodules) )
 $phpbb_root_path = "./../";
 require($phpbb_root_path . 'extension.inc');
 
-$confirm = (isset($HTTP_POST_VARS['confirm']) || isset($_POST['confirm'])) ? TRUE : FALSE;
-$cancel = (isset($HTTP_POST_VARS['cancel']) || isset($_POST['cancel'])) ? TRUE : FALSE;
+$confirm = ( isset($HTTP_POST_VARS['confirm']) ) ? TRUE : FALSE;
+$cancel = ( isset($HTTP_POST_VARS['cancel']) ) ? TRUE : FALSE;
 
-$no_page_header = (!empty($HTTP_POST_VARS['send_file']) || !empty($_POST['send_file']) || $cancel) ? TRUE : FALSE;
+$no_page_header = (!empty($HTTP_POST_VARS['send_file']) || $cancel) ? TRUE : FALSE;
 
 require('./pagestart.' . $phpEx);
 

phpBB/admin/admin_ug_auth.php

@@ -231,46 +231,11 @@ if ( isset($HTTP_POST_VARS['submit']) && ( ( $mode == 'user' && $user_id ) || (
 		else
 		{
 	
-			$change_mod_list = ( isset($HTTP_POST_VARS['moderator']) ) ? $HTTP_POST_VARS['moderator'] : array();
+			$change_mod_list = ( isset($HTTP_POST_VARS['moderator']) ) ? $HTTP_POST_VARS['moderator'] : false;
 
 			if ( empty($adv) )
 			{
-				$sql = "SELECT f.* 
-					FROM " . FORUMS_TABLE . " f, " . CATEGORIES_TABLE . " c
-					WHERE f.cat_id = c.cat_id
-					ORDER BY c.cat_order, f.forum_order ASC";
-				if ( !($result = $db->sql_query($sql)) )
-				{
-					message_die(GENERAL_ERROR, "Couldn't obtain forum information", "", __LINE__, __FILE__, $sql);
-				}
-
-				$forum_access = $forum_auth_level_fields = array();
-				while( $row = $db->sql_fetchrow($result) )
-				{
-					$forum_access[] = $row;
-				}
-				$db->sql_freeresult($result);
-
-				for($i = 0; $i < count($forum_access); $i++)
-				{
-					$forum_id = $forum_access[$i]['forum_id'];
-
-					for($j = 0; $j < count($forum_auth_fields); $j++)
-					{
-						$forum_auth_level_fields[$forum_id][$forum_auth_fields[$j]] = $forum_access[$i][$forum_auth_fields[$j]] == AUTH_ACL;
-					}
-				}
-
-				while( list($forum_id, $value) = @each($HTTP_POST_VARS['private']) )
-				{
-					while( list($auth_field, $exists) = @each($forum_auth_level_fields[$forum_id]) )
-					{
-						if ($exists)
-						{
-							$change_acl_list[$forum_id][$auth_field] = $value;
-						}
-					}
-				}
+				$change_acl_list = ( isset($HTTP_POST_VARS['private']) ) ? $HTTP_POST_VARS['private'] : false;
 			}
 			else
 			{
@@ -324,11 +289,11 @@ if ( isset($HTTP_POST_VARS['submit']) && ( ( $mode == 'user' && $user_id ) || (
 				$forum_id = $forum_access[$i]['forum_id'];
 
 				if ( 
-					( isset($auth_access[$forum_id]['auth_mod']) && $change_mod_list[$forum_id] != $auth_access[$forum_id]['auth_mod'] ) || 
-					( !isset($auth_access[$forum_id]['auth_mod']) && !empty($change_mod_list[$forum_id]) ) 
+					( isset($auth_access[$forum_id]['auth_mod']) && $change_mod_list[$forum_id]['auth_mod'] != $auth_access[$forum_id]['auth_mod'] ) || 
+					( !isset($auth_access[$forum_id]['auth_mod']) && !empty($change_mod_list[$forum_id]['auth_mod']) ) 
 				)
 				{
-					$update_mod_status[$forum_id] = $change_mod_list[$forum_id];
+					$update_mod_status[$forum_id] = $change_mod_list[$forum_id]['auth_mod'];
 
 					if ( !$update_mod_status[$forum_id] )
 					{

phpBB/admin/admin_users.php

@@ -109,12 +109,30 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
 				message_die(GENERAL_ERROR, 'Could not update votes for this user', '', __LINE__, __FILE__, $sql);
 			}
 			
-			$sql = "UPDATE " . GROUPS_TABLE . "
-				SET group_moderator = " . $userdata['user_id'] . "
+			$sql = "SELECT group_id
+				FROM " . GROUPS_TABLE . "
 				WHERE group_moderator = $user_id";
-			if( !$db->sql_query($sql) )
+			if( !($result = $db->sql_query($sql)) )
 			{
-				message_die(GENERAL_ERROR, 'Could not update group moderators', '', __LINE__, __FILE__, $sql);
+				message_die(GENERAL_ERROR, 'Could not select groups where user was moderator', '', __LINE__, __FILE__, $sql);
+			}
+			
+			while ( $row_group = $db->sql_fetchrow($result) )
+			{
+				$group_moderator[] = $row_group['group_id'];
+			}
+			
+			if ( count($group_moderator) )
+			{
+				$update_moderator_id = implode(', ', $group_moderator);
+				
+				$sql = "UPDATE " . GROUPS_TABLE . "
+					SET group_moderator = " . $userdata['user_id'] . "
+					WHERE group_moderator IN ($update_moderator_id)";
+				if( !$db->sql_query($sql) )
+				{
+					message_die(GENERAL_ERROR, 'Could not update group moderators', '', __LINE__, __FILE__, $sql);
+				}
 			}
 
 			$sql = "DELETE FROM " . USERS_TABLE . "
@@ -947,7 +965,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
 					$avatar = '<img src="../' . $board_config['avatar_path'] . '/' . $user_avatar . '" alt="" />';
 					break;
 				case USER_AVATAR_REMOTE:
-					$avatar = (isset($HTTP_GET_VARS['p_sid'])) ? $lang['Priv_Img'] . " $user_avatar" : '<img src="' . $user_avatar . '" alt="" />';
+					$avatar = '<img src="' . $user_avatar . '" alt="" />';
 					break;
 				case USER_AVATAR_GALLERY:
 					$avatar = '<img src="../' . $board_config['avatar_gallery_path'] . '/' . $user_avatar . '" alt="" />';
@@ -1143,9 +1161,8 @@ else
 
 		'U_SEARCH_USER' => append_sid("./../search.$phpEx?mode=searchuser"), 
 
-		'S_USER_ACTION' => "admin_users.$phpEx?sid=" . $userdata['session_id'],
-		'S_USER_SELECT' => $select_list,
-        'S_HIDDEN_FIELDS' => '<input type="hidden" name="p_sid" value="' . $userdata['priv_session_id'] . '"/>')
+		'S_USER_ACTION' => append_sid("admin_users.$phpEx"),
+		'S_USER_SELECT' => $select_list)
 	);
 	$template->pparse('body');
 

phpBB/admin/admin_words.php

@@ -35,7 +35,7 @@ define('IN_PHPBB', 1);
 $phpbb_root_path = "./../";
 require($phpbb_root_path . 'extension.inc');
 
-$cancel = (isset($HTTP_POST_VARS['cancel']) || isset($_POST['cancel'])) ? true : false;
+$cancel = ( isset($HTTP_POST_VARS['cancel']) ) ? true : false;
 $no_page_header = $cancel;
 
 require('./pagestart.' . $phpEx);
@@ -107,8 +107,8 @@ if( $mode != "" )
 		}
 
 		$template->assign_vars(array(
-			"WORD" => htmlspecialchars($word_info['word']),
-			"REPLACEMENT" => htmlspecialchars($word_info['replacement']),
+			"WORD" => $word_info['word'],
+			"REPLACEMENT" => $word_info['replacement'],
 
 			"L_WORDS_TITLE" => $lang['Words_title'],
 			"L_WORDS_TEXT" => $lang['Words_explain'],
@@ -257,8 +257,8 @@ else
 		$template->assign_block_vars("words", array(
 			"ROW_COLOR" => "#" . $row_color,
 			"ROW_CLASS" => $row_class,
-			"WORD" => htmlspecialchars($word),
-			"REPLACEMENT" => htmlspecialchars($replacement),
+			"WORD" => $word,
+			"REPLACEMENT" => $replacement,
 
 			"U_WORD_EDIT" => append_sid("admin_words.$phpEx?mode=edit&id=$word_id"),
 			"U_WORD_DELETE" => append_sid("admin_words.$phpEx?mode=delete&id=$word_id"))

phpBB/admin/pagestart.php

@@ -52,13 +52,6 @@ if ($HTTP_GET_VARS['sid'] != $userdata['session_id'])
 	redirect("index.$phpEx?sid=" . $userdata['session_id']);
 }
 
-$p_sid = (isset($HTTP_GET_VARS['p_sid'])) ? $HTTP_GET_VARS['p_sid'] : ((isset($HTTP_POST_VARS['p_sid'])) ? $HTTP_POST_VARS['p_sid'] : '');
-
-if ($p_sid !== $userdata['priv_session_id'])
-{
-	redirect("index.$phpEx?sid=" . $userdata['session_id']);
-}
-
 if (!$userdata['session_admin'])
 {
 	redirect(append_sid("login.$phpEx?redirect=admin/index.$phpEx&admin=1", true));

phpBB/docs/CHANGELOG.html

@@ -32,9 +32,6 @@ p,ul,td {font-size:10pt;}
 <ol>
 <li><a href="#changelog">Changelog</a></li>
 <ol type="i">
-	<li><a href="#2023">Changes since 2.0.23</a></li>
-	<li><a href="#2022">Changes since 2.0.22</a></li>
-	<li><a href="#2021">Changes since 2.0.21</a></li>
 	<li><a href="#2020">Changes since 2.0.20</a></li>
 	<li><a href="#2019">Changes since 2.0.19</a></li>
 	<li><a href="#2018">Changes since 2.0.18</a></li>
@@ -69,48 +66,7 @@ p,ul,td {font-size:10pt;}
 
 <p>This is a non-exhaustive (but still near complete) changelog for phpBB 2.0.x including beta and release candidate versions. Our thanks to all those people who've contributed bug reports and code fixes.</p>
 
-<a name="2023"></a><h3 class="h3">l.i. Changes since 2.0.23</h3>
-
-<ul>
-<li>[Fix] Only insert words into search match table not being tagged as common (Bug #2591) - patch provided by tigertech</li>
-</ul>
-
-<a name="2022"></a><h3 class="h3">l.ii. Changes since 2.0.22</h3>
-
-<ul>
-<li>[Fix] Correctly re-assign group moderator on user deletion (Bug #280)</li>
-<li>[Fix] Deleting a forum with multiple polls included (Bug #6740)</li>
-<li>[Fix] Fixed postgresql query for obtaining group moderator in groupcp.php (Bug #6550)</li>
-<li>[Fix] Selected field on first entry by default for font size within posting_body.tpl (Bug #7124)</li>
-<li>[Fix] Adjusted maxlength parameters in admin/styles_edit_body.tpl (Bug #81)</li>
-<li>[Fix] Fixed html output in make_forum_select if no forums present (Bug #436)</li>
-<li>[Fix] Fixed spelling error(s) in lang_admin.php (Bug #7172, #6978)</li>
-<li>[Fix] Correctly display censored words in admin panel (Bug #12271)</li>
-<li>[Fix] Do not allow soft hyphen \xAD in usernames (reported by Bander00)</li>
-<li>[Fix] Fixed the group permission system's use of array access</li>
-<li>[Fix] Simple group permissions now work properly</li>
-<li>[Sec] Fix possible XSRF Vulnerability in private messaging and groups handling</li>
-<li>[Fix] Fix inability to export smilies (Bug #2265)</li>
-<li>[Fix] Fixing some problems with PHP5 and register_long_arrays off</li>
-</ul>
-
-<a name="2021"></a><h3 class="h3">l.iii. Changes since 2.0.21</h3>
-
-<ul>
-<li>[Fix] Check for user's existence prior to showing email form</li>
-<li>[Fix] New members of moderator groups should always become moderators (Bug #382)</li>
-<li>[Fix] Proper message when replying to non-existant topics (Bug #459)</li>
-<li>[Fix] Changed column type of search_array to store more ids (Bug #4058)</li>
-<li>[Fix] Fixed annoyance with font-size selector (Bug #4612)</li>
-<li>[Fix] Fix optimize line in database updater (Bug #6186)</li>
-<li>[Sec] Check for the avatar upload directory reinforced</li>
-<li>[Sec] Changes to the criteria for "bad" redirection targets - kellanved</li>
-<li>[Sec] Fixed a non-persistent XSS issue in private messaging</li>
-<li>[Sec] Fixing possible negative start parameter - SpiderZ.</li>
-<li>[Sec] Added session checks to various forms - kellanved</li>
-</ul>
-
-<a name="2020"></a><h3 class="h3">l.iv. Changes since 2.0.20</h3>
+<a name="2020"></a><h3 class="h3">l.i. Changes since 2.0.20</h3>
 
 <ul>
 <li>[Fix] Changes to random number generator code to explicitly truncate the length of the string</li>
@@ -127,7 +83,7 @@ p,ul,td {font-size:10pt;}
 </ul>
 
 
-<a name="2019"></a><h3 class="h3">l.v. Changes since 2.0.19</h3>
+<a name="2019"></a><h3 class="h3">l.ii. Changes since 2.0.19</h3>
 
 <ul>
 <li>[Fix] Prevent login attempts from incrementing for inactive users</li>
@@ -160,7 +116,7 @@ p,ul,td {font-size:10pt;}
 </ul>
 
 
-<a name="2018"></a><h3 class="h3">l.vi. Changes since 2.0.18</h3>
+<a name="2018"></a><h3 class="h3">l.iii. Changes since 2.0.18</h3>
 
 <ul>
 <li>[Fix] corrected index on session keys table under MS SQL</li>
@@ -179,7 +135,7 @@ p,ul,td {font-size:10pt;}
 </ul>
 
 
-<a name="2017"></a><h3 class="h3">l.vii. Changes since 2.0.17</h3>
+<a name="2017"></a><h3 class="h3">l.iv. Changes since 2.0.17</h3>
 
 <ul>
 <li>[Fix] incorrect handling of password resets if admin activation is enabled (Bug #88)</li>
@@ -227,7 +183,7 @@ p,ul,td {font-size:10pt;}
 <li>[Sec] compare imagetype on avatar uploading to match the file extension from uploaded file</li>
 </ul>
 
-<a name="2016"></a><h3 class="h3">l.viii. Changes since 2.0.16</h3>
+<a name="2016"></a><h3 class="h3">l.v. Changes since 2.0.16</h3>
 
 <ul>
 <li>Added extra checks to the deletion code in privmsg.php - reported by party_fan</li>
@@ -243,7 +199,7 @@ p,ul,td {font-size:10pt;}
 <li>Correctly set username on posts when deleting a user from the admin panel</li>
 </ul>
 
-<a name="2015"></a><h3 class="h3">l.ix. Changes since 2.0.15</h3>
+<a name="2015"></a><h3 class="h3">l.vi. Changes since 2.0.15</h3>
 
 <ul>
 <li>Fixed critical issue with highlighting - <b>Discovered and fix provided by Ron van Daal</b></li>
@@ -255,7 +211,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed bug in admin re-authentication redirect for servers not having index.php as one of their default files set</li>
 </ul>
 
-<a name="2014"></a><h3 class="h3">l.x. Changes since 2.0.14</h3>
+<a name="2014"></a><h3 class="h3">l.vii. Changes since 2.0.14</h3>
 
 <ul>
 <li>Fixed moderator status removal in groupcp.php</li>
@@ -277,7 +233,7 @@ p,ul,td {font-size:10pt;}
 <li>Empty url/img bbcodes no longer get parsed</li>
 </ul>
 
-<a name="2013"></a><h3 class="h3">l.xi. Changes since 2.0.13</h3>
+<a name="2013"></a><h3 class="h3">l.viii. Changes since 2.0.13</h3>
 
 <ul>
 <li>Hardened author and keyword search a bit to not allow very server intensive searches</li>
@@ -294,7 +250,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed case-sensitivity issues in postgres7.php - <b>R45</b></li>
 </ul>
 
-<a name="2012"></a><h3 class="h3">l.xii. Changes since 2.0.12</h3>
+<a name="2012"></a><h3 class="h3">l.ix. Changes since 2.0.12</h3>
 
 <ul>
 <li>Ommitted preg_replace warning in viewtopic due to improper working of preg_quote in PHP - originally reported by matrix_killer, fix submitted by another party</li>
@@ -302,7 +258,7 @@ p,ul,td {font-size:10pt;}
 <li>Minimum requirements raised to PHP 4.0.3 or above due to fixing vulnerability issues breaking PHP3 compatibility.</li>
 </ul>
 
-<a name="2011"></a><h3 class="h3">l.xiii. Changes since 2.0.11</h3>
+<a name="2011"></a><h3 class="h3">l.x. Changes since 2.0.11</h3>
 
 <ul>
 <li>Added confirm table to admin_db_utilities.php</li>
@@ -317,7 +273,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed path disclosure bug in viewtopic.php caused by a PHP 4.3.10 bug - <b>matrix_killer</b></li>
 </ul>
 
-<a name="2010"></a><h3 class="h3">l.xiv. Changes since 2.0.10</h3>
+<a name="2010"></a><h3 class="h3">l.xi. Changes since 2.0.10</h3>
 
 <ul>
 <li>Fixed vulnerability in highlighting code (<b>very high severity, please update your installation as soon as possible</b>)</li>
@@ -328,7 +284,7 @@ p,ul,td {font-size:10pt;}
 <li>Added visual confirmation mod to code base</li>
 </ul>
 
-<a name="209"></a><h3 class="h3">l.xv. Changes since 2.0.9</h3>
+<a name="209"></a><h3 class="h3">l.xii. Changes since 2.0.9</h3>
 
 <ul>
 <li>Fixed deleting of styles in admin_styles.php</li>
@@ -341,7 +297,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed visual confirmation code. The image was not created due to a wrong regular expression.</li>
 </ul>
 
-<a name="208"></a><h3 class="h3">l.xvi. Changes since 2.0.8</h3>
+<a name="208"></a><h3 class="h3">l.xiii. Changes since 2.0.8</h3>
 
 <ul>
 <li>Fixed one vulnerability in admin_board.php - <b>Xore</b></li>
@@ -360,7 +316,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed problem with SID not delivered to next page in groupcp.php</li>
 </ul>
 
-<a name="207"></a><h3 class="h3">l.xvii. Changes since 2.0.7</h3>
+<a name="207"></a><h3 class="h3">l.xiv. Changes since 2.0.7</h3>
 
 <ul>
 <li>Fixed several vulnerabilities in admin pages</li>
@@ -372,7 +328,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed sql injection vulnerability in privmsg - 2.0.8a</li>
 </ul>
 
-<a name="206"></a><h3 class="h3">1.xviii. Changes since 2.0.6</h3>
+<a name="206"></a><h3 class="h3">1.xv. Changes since 2.0.6</h3>
 
 <ul>
 <li>Fixed several vulnerabilities in modcp - <b>Robert Lavierck</b></li>
@@ -386,7 +342,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed potential vulnerability in avatar gallery</li>
 </ul>
 
-<a name="205"></a><h3 class="h3">1.xix. Changes since 2.0.5</h3>
+<a name="205"></a><h3 class="h3">1.xvi. Changes since 2.0.5</h3>
 
 <ul>
 <li>Fixed various email issues</li>
@@ -402,7 +358,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed sql injection with reset date format field in profile - <b>tendor</b></li>
 </ul>
 
-<a name="204"></a><h3 class="h3">1.xx. Changes since 2.0.4</h3>
+<a name="204"></a><h3 class="h3">1.xvii. Changes since 2.0.4</h3>
 
 <ul>
 <li>Removed user facing session_id checks</li>
@@ -474,7 +430,7 @@ p,ul,td {font-size:10pt;}
 <li>Default English support for visual confirmation - translators are encouraged to support this</li>
 </ul>
 
-<a name="203"></a><h3 class="h3">1.xxi. Changes since 2.0.3</h3>
+<a name="203"></a><h3 class="h3">1.xviii. Changes since 2.0.3</h3>
 
 <ul>
 <li>Fixed cross-browser scripting issue with highlight param</li>
@@ -601,7 +557,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed potential SQL vulnerability with marking of private messages - <b>Ulf Harnhammar</b></li>
 </ul>
 
-<a name="202"></a><h3 class="h3">1.xxii. Changes since 2.0.2</h3>
+<a name="202"></a><h3 class="h3">1.xix. Changes since 2.0.2</h3>
 
 <ul>
 <li>Fixed potential cross-site scripting vulnerability with avatars - <b>Showscout</b></li>
@@ -610,7 +566,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed (hopefully) issue with MS Access and multiple pages</li>
 </ul>
 
-<a name="201"></a><h3 class="h3">1.xxiii. Changes since 2.0.1</h3>
+<a name="201"></a><h3 class="h3">1.xx. Changes since 2.0.1</h3>
 
 <ul>
 <li>Fixed missing "username" lang variable in user admin template</li>
@@ -645,7 +601,7 @@ p,ul,td {font-size:10pt;}
 <li>Fix emailer to allow sending emails with language-specific character sets</li>
 </ul>
 
-<a name="200"></a><h3 class="h3">1.xxiv. Changes since 2.0.0</h3>
+<a name="200"></a><h3 class="h3">1.xxi. Changes since 2.0.0</h3>
 
 <ul>
 <li>Fixed delete image bug for normal users</li>
@@ -702,7 +658,7 @@ p,ul,td {font-size:10pt;}
 <li>Added database closure to admin frameset page</li>
 </ul>
 
-<a name="final"></a><h3 class="h3">1.xxv. Changes since RC-4</h3>
+<a name="final"></a><h3 class="h3">1.xxii. Changes since RC-4</h3>
 
 <ul>
 <li>Fixed improper report of general error when posting messages containing errors</li>
@@ -732,7 +688,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed various remaining usergroup display issues</li>
 </ul>
 
-<a name="rc4"></a><h3 class="h3">1.xxvi. Changes since RC-3</h3>
+<a name="rc4"></a><h3 class="h3">1.xxiii. Changes since RC-3</h3>
 
 <ul>
 <li>Addressed serious security issue with included files</li>
@@ -763,7 +719,7 @@ p,ul,td {font-size:10pt;}
 <li>Fix (hopefully) remaining ICQ overlay issue with view profile in subSilver</li>
 </ul>
 
-<a name="rc3"></a><h3 class="h3">1.xxvii. Changes since RC-2</h3>
+<a name="rc3"></a><h3 class="h3">1.xxiv. Changes since RC-2</h3>
 
 <ul>
 <li>Fixed infamous install parse error</li>
@@ -796,7 +752,7 @@ p,ul,td {font-size:10pt;}
 <li>Hidden usergroups are now completely hidden from view</li>
 </ul>
 
-<a name="rc2"></a><h3 class="h3">1.xxviii. Changes since RC-1</h3>
+<a name="rc2"></a><h3 class="h3">1.xxv. Changes since RC-1</h3>
 
 <ul>
 <li>Fixed numerous PostgreSQL related issues</li>
@@ -816,7 +772,7 @@ p,ul,td {font-size:10pt;}
 <li>Various other fixes and updates</li>
 </ul>
 
-<a name="rc1"></a><h3 class="h3">1.xxix. Changes since RC-1 (pre)</h3>
+<a name="rc1"></a><h3 class="h3">1.xxvi. Changes since RC-1 (pre)</h3>
 
 <ul>
 <li>Upgrade script completed for initial fully functional release</li>

phpBB/docs/INSTALL.html

@@ -194,7 +194,7 @@ p,ul,td {font-size:10pt;}
 
 <a name="upgradeSTABLE_files"></a><h3 class="h3">7.ii. Changed files only</h3>
 
-<p>This package contains a number of archives, each contains the files changed from a given release to the latest version. You should select the appropriate archive for your current version, e.g. if you currently have 2.0.22 you should select the phpBB-2.0.22_to_2.0.23.zip/tar.gz file.</p>
+<p>This package contains a number of archives, each contains the files changed from a given release to the latest version. You should select the appropriate archive for your current version, e.g. if you currently have 2.0.20 you should select the phpBB-2.0.20_to_2.0.21.zip/tar.gz file.</p>
 
 <p>The directory structure has been preserved enabling you (if you wish) to simply upload the contents of the archive to the appropriate location on your server, i.e. simply overwrite the existing files with the new versions. Do not forget that if you have installed any Mods these files will overwrite the originals possibly destroying them in the process. You will need to re-add Mods to any affected file before uploading.</p>
 
@@ -204,7 +204,7 @@ p,ul,td {font-size:10pt;}
 
 <p>The patch file is probably the best solution for those with many Mods or other changes who do not want to re-add them back to all the changed files. To use this you will need command line access to a standard UNIX type <b>patch</b> application.</p>
 
-<p>A number of patch files are provided to allow you to upgrade from previous stable releases. Select the correct patch, e.g. if your current version is 2.0.22 you need the phpBB-2.0.22_to_2.0.23.patch. Place the correct patch in the parent directory containing the phpBB 2 core files (i.e. index.php, viewforum.php, etc.). With this done you should run the following command: <b>patch -cl -d [PHPBB DIRECTORY] -p1 &lt; [PATCH NAME]</b> (where PHPBB DIRECTORY is the directory name your phpBB Installation resides in, for example phpBB2, and where PATCH NAME is the relevant filename of the selected patch file). This should complete quickly, hopefully without any HUNK FAILED comments.</p>
+<p>A number of patch files are provided to allow you to upgrade from previous stable releases. Select the correct patch, e.g. if your current version is 2.0.20 you need the phpBB-2.0.20_to_2.0.21.patch. Place the correct patch in the parent directory containing the phpBB 2 core files (i.e. index.php, viewforum.php, etc.). With this done you should run the following command: <b>patch -cl -d [PHPBB DIRECTORY] -p1 &lt; [PATCH NAME]</b> (where PHPBB DIRECTORY is the directory name your phpBB Installation resides in, for example phpBB2, and where PATCH NAME is the relevant filename of the selected patch file). This should complete quickly, hopefully without any HUNK FAILED comments.</p>
 
 <p>If you do get failures you should look at using the <a href="#upgradeSTABLE_files">Changed files only</a> package to replace the files which failed to patch, please note that you will need to manually re-add any Mods to these particular files. Alternatively if you know how you can examine the .rej files to determine what failed where and make manual adjustments to the relevant source.</p>
 

phpBB/groupcp.php

@@ -146,9 +146,8 @@ else
 
 $confirm = ( isset($HTTP_POST_VARS['confirm']) ) ? TRUE : 0;
 $cancel = ( isset($HTTP_POST_VARS['cancel']) ) ? TRUE : 0;
-$sid = ( isset($HTTP_POST_VARS['sid']) ) ? $HTTP_POST_VARS['sid'] : '';
+
 $start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0;
-$start = ($start < 0) ? 0 : $start;
 
 //
 // Default var values
@@ -210,10 +209,6 @@ else if ( isset($HTTP_POST_VARS['joingroup']) && $group_id )
 	{
 		redirect(append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true));
 	}
-	else if ( $sid !== $userdata['session_id'] )
-	{
-		message_die(GENERAL_ERROR, $lang['Session_invalid']);
-	}
 
 	$sql = "SELECT ug.user_id, g.group_type
 		FROM " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g 
@@ -225,7 +220,7 @@ else if ( isset($HTTP_POST_VARS['joingroup']) && $group_id )
 		message_die(GENERAL_ERROR, 'Could not obtain user and group information', '', __LINE__, __FILE__, $sql);
 	}
 
-	if ( $row = $db->sql_fetchrow($result))
+	if (	$row = $db->sql_fetchrow($result) )
 	{
 		if ( $row['group_type'] == GROUP_OPEN )
 		{
@@ -315,15 +310,10 @@ else if ( isset($HTTP_POST_VARS['unsub']) || isset($HTTP_POST_VARS['unsubpending
 	{
 		redirect(append_sid("groupcp.$phpEx", true));
 	}
-	else if ( !$userdata['session_logged_in'] )
+	elseif ( !$userdata['session_logged_in'] )
 	{
 		redirect(append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true));
 	}
-	else if ( $sid !== $userdata['session_id'] )
-	{
-		message_die(GENERAL_ERROR, $lang['Session_invalid']);
-	}
-
 
 	if ( $confirm )
 	{
@@ -372,7 +362,6 @@ else if ( isset($HTTP_POST_VARS['unsub']) || isset($HTTP_POST_VARS['unsubpending
 		$unsub_msg = ( isset($HTTP_POST_VARS['unsub']) ) ? $lang['Confirm_unsub'] : $lang['Confirm_unsub_pending'];
 
 		$s_hidden_fields = '<input type="hidden" name="' . POST_GROUPS_URL . '" value="' . $group_id . '" /><input type="hidden" name="unsub" value="1" />';
-		$s_hidden_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />';
 
 		$page_title = $lang['Group_Control_Panel'];
 		include($phpbb_root_path . 'includes/page_header.'.$phpEx);
@@ -429,24 +418,21 @@ else if ( $group_id )
 							FROM " . AUTH_ACCESS_TABLE . " aa 
 							WHERE aa.group_id = g.group_id  
 						)
-					)
-				ORDER BY auth_mod DESC";
+					)";
 			break;
 
 		case 'oracle':
 			$sql = "SELECT g.group_moderator, g.group_type, aa.auth_mod 
 				FROM " . GROUPS_TABLE . " g, " . AUTH_ACCESS_TABLE . " aa 
 				WHERE g.group_id = $group_id
-					AND aa.group_id (+) = g.group_id
-				ORDER BY aa.auth_mod DESC";
+					AND aa.group_id (+) = g.group_id";
 			break;
 
 		default:
 			$sql = "SELECT g.group_moderator, g.group_type, aa.auth_mod 
 				FROM ( " . GROUPS_TABLE . " g 
 				LEFT JOIN " . AUTH_ACCESS_TABLE . " aa ON aa.group_id = g.group_id )
-				WHERE g.group_id = $group_id
-				ORDER BY aa.auth_mod DESC";
+				WHERE g.group_id = $group_id";
 			break;
 	}
 	if ( !($result = $db->sql_query($sql)) )
@@ -471,10 +457,6 @@ else if ( $group_id )
 			if ( !$userdata['session_logged_in'] )
 			{
 				redirect(append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true));
-			} 
-			else if ( $sid !== $userdata['session_id'] )
-			{
-				message_die(GENERAL_ERROR, $lang['Session_invalid']);
 			}
 
 			if ( !$is_moderator )
@@ -915,7 +897,7 @@ else if ( $group_id )
 
 	generate_user_info($group_moderator, $board_config['default_dateformat'], $is_moderator, $from, $posts, $joined, $poster_avatar, $profile_img, $profile, $search_img, $search, $pm_img, $pm, $email_img, $email, $www_img, $www, $icq_status_img, $icq_img, $icq, $aim_img, $aim, $msn_img, $msn, $yim_img, $yim);
 
-	$s_hidden_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />';
+	$s_hidden_fields .= '';
 
 	$template->assign_vars(array(
 		'L_GROUP_INFORMATION' => $lang['Group_Information'],

phpBB/includes/bbcode.php

@@ -92,7 +92,7 @@ function prepare_bbcode_template($bbcode_tpl)
 
 	$bbcode_tpl['code_open'] = str_replace('{L_CODE}', $lang['Code'], $bbcode_tpl['code_open']);
 
-	$bbcode_tpl['img'] = str_replace('{URL}', '\\1', get_image_tag_replacement($bbcode_tpl));
+	$bbcode_tpl['img'] = str_replace('{URL}', '\\1', $bbcode_tpl['img']);
 
 	// We do URLs in several different ways..
 	$bbcode_tpl['url1'] = str_replace('{URL}', '\\1', $bbcode_tpl['url']);
@@ -115,31 +115,6 @@ function prepare_bbcode_template($bbcode_tpl)
 }
 
 
-/**
-* Disables the img tag for privileged pages. It also implements a compability hack for old templates.
-*/
-function get_image_tag_replacement($bbcode_tpl)
-{
-	global $lang, $HTTP_POST_VARS, $HTTP_GET_VARS;
-	$bb_tmpl = '';
-	if (isset($HTTP_POST_VARS['p_sid']))
-	{
-		if (isset($bbcode_tpl['p_img']))
-		{
-			$bb_tmpl = str_replace('{L_PRIV_IMG}', $lang['Priv_Img'], $bbcode_tpl['p_img']);
-		}
-		else
-		{
-			$bb_tmpl = $lang['Priv_Img'] . ': {URL}';
-		}
-	}
-	else
-	{
-		$bb_tmpl = $bbcode_tpl['img'];
-	}
-	return $bb_tmpl;
-}
-
 /**
  * Does second-pass bbencoding. This should be used before displaying the message in
  * a thread. Assumes the message is already first-pass encoded, and we are given the
@@ -253,6 +228,9 @@ function bbencode_second_pass($text, $uid)
 
 } // bbencode_second_pass()
 
+// Need to initialize the random numbers only ONCE
+mt_srand( (double) microtime() * 1000000);
+
 function make_bbcode_uid()
 {
 	// Unique ID for this message..

phpBB/includes/functions.php

@@ -368,9 +368,10 @@ function init_userprefs($userdata)
 			message_die(CRITICAL_ERROR, 'Could not update user language info');
 		}
 
+		$board_config['default_lang'] = $default_lang;
 		$userdata['user_lang'] = $default_lang;
 	}
-	elseif ( $userdata['user_id'] == ANONYMOUS && $board_config['default_lang'] !== $default_lang )
+	elseif ( $board_config['default_lang'] !== $default_lang )
 	{
 		$sql = 'UPDATE ' . CONFIG_TABLE . "
 			SET config_value = '" . $default_lang . "'
@@ -380,9 +381,9 @@ function init_userprefs($userdata)
 		{
 			message_die(CRITICAL_ERROR, 'Could not update user language info');
 		}
-	}
 
-	$board_config['default_lang'] = $default_lang;
+		$board_config['default_lang'] = $default_lang;
+	}
 
 	include($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_main.' . $phpEx);
 
@@ -917,7 +918,7 @@ function redirect($url)
 		$db->sql_close();
 	}
 
-	if (strstr(urldecode($url), "\n") || strstr(urldecode($url), "\r") || strstr(urldecode($url), ';url'))
+	if (strstr(urldecode($url), "\n") || strstr(urldecode($url), "\r"))
 	{
 		message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.');
 	}

phpBB/includes/functions_admin.php

@@ -26,7 +26,7 @@
 //
 function make_forum_select($box_name, $ignore_forum = false, $select_forum = '')
 {
-	global $db, $userdata, $lang;
+	global $db, $userdata;
 
 	$is_auth_ary = auth(AUTH_READ, AUTH_LIST_ALL, $userdata);
 
@@ -49,7 +49,7 @@ function make_forum_select($box_name, $ignore_forum = false, $select_forum = '')
 		}
 	}
 
-	$forum_list = ( $forum_list == '' ) ? $lang['No_forums'] : '<select name="' . $box_name . '">' . $forum_list . '</select>';
+	$forum_list = ( $forum_list == '' ) ? '<option value="-1">-- ! No Forums ! --</option>' : '<select name="' . $box_name . '">' . $forum_list . '</select>';
 
 	return $forum_list;
 }

phpBB/includes/functions_search.php

@@ -245,8 +245,7 @@ function add_search_words($mode, $post_id, $post_text, $post_title = '')
 			$sql = "INSERT INTO " . SEARCH_MATCH_TABLE . " (post_id, word_id, title_match) 
 				SELECT $post_id, word_id, $title_match  
 					FROM " . SEARCH_WORD_TABLE . " 
-					WHERE word_text IN ($match_sql)
-					AND word_common <> 1";
+					WHERE word_text IN ($match_sql)"; 
 			if ( !$db->sql_query($sql) )
 			{
 				message_die(GENERAL_ERROR, 'Could not insert new word matches', '', __LINE__, __FILE__, $sql);

phpBB/includes/functions_validate.php

@@ -101,7 +101,7 @@ function validate_username($username)
 	$db->sql_freeresult($result);
 
 	// Don't allow " and ALT-255 in username.
-	if (strstr($username, '"') || strstr($username, '"') || strstr($username, chr(160)) || strstr($username, chr(173)))
+	if (strstr($username, '"') || strstr($username, '"') || strstr($username, chr(160)))
 	{
 		return array('error' => true, 'error_msg' => $lang['Username_invalid']);
 	}

phpBB/includes/page_tail.php

@@ -30,7 +30,7 @@ global $do_gzip_compress;
 //
 // Show the overall footer.
 //
- $admin_link = ( $userdata['user_level'] == ADMIN ) ? '<a href="admin/index.' . $phpEx . '?sid=' . $userdata['session_id'] . '&amp;p_sid=' . $userdata['priv_session_id'] . '">' . $lang['Admin_panel'] . '</a><br /><br />' : '';
+$admin_link = ( $userdata['user_level'] == ADMIN ) ? '<a href="admin/index.' . $phpEx . '?sid=' . $userdata['session_id'] . '">' . $lang['Admin_panel'] . '</a><br /><br />' : '';
 
 $template->set_filenames(array(
 	'overall_footer' => ( empty($gen_simple_header) ) ? 'overall_footer.tpl' : 'simple_footer.tpl')

phpBB/includes/sessions.php

@@ -178,11 +178,10 @@ function session_begin($user_id, $user_ip, $page_id, $auto_create = 0, $enable_a
 	if ( !$db->sql_query($sql) || !$db->sql_affectedrows() )
 	{
 		$session_id = md5(dss_rand());
-        $priv_session_id = md5(dss_rand());
 
 		$sql = "INSERT INTO " . SESSIONS_TABLE . "
-			(session_id, session_user_id, session_start, session_time, session_ip, session_page, session_logged_in, session_admin, priv_session_id)
-			VALUES ('$session_id', $user_id, $current_time, $current_time, '$user_ip', $page_id, $login, $admin, '$priv_session_id')";
+			(session_id, session_user_id, session_start, session_time, session_ip, session_page, session_logged_in, session_admin)
+			VALUES ('$session_id', $user_id, $current_time, $current_time, '$user_ip', $page_id, $login, $admin)";
 		if ( !$db->sql_query($sql) )
 		{
 			message_die(CRITICAL_ERROR, 'Error creating new session', '', __LINE__, __FILE__, $sql);
@@ -243,7 +242,6 @@ function session_begin($user_id, $user_ip, $page_id, $auto_create = 0, $enable_a
 	}
 
 	$userdata['session_id'] = $session_id;
-    $userdata['priv_session_id'] = $priv_session_id;
 	$userdata['session_ip'] = $user_ip;
 	$userdata['session_user_id'] = $user_id;
 	$userdata['session_logged_in'] = $login;
@@ -268,7 +266,7 @@ function session_begin($user_id, $user_ip, $page_id, $auto_create = 0, $enable_a
 function session_pagestart($user_ip, $thispage_id)
 {
 	global $db, $lang, $board_config;
-	global $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $SID, $P_SID;
+	global $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $SID;
 
 	$cookiename = $board_config['cookie_name'];
 	$cookiepath = $board_config['cookie_path'];
@@ -335,7 +333,7 @@ function session_pagestart($user_ip, $thispage_id)
 			if ($ip_check_s == $ip_check_u)
 			{
 				$SID = ($sessionmethod == SESSION_METHOD_GET || defined('IN_ADMIN')) ? 'sid=' . $session_id : '';
- 				$P_SID = (defined('IN_ADMIN')) ? 'p_sid=' . $userdata['priv_session_id'] : '';
+
 				//
 				// Only update session DB a minute or so after last update
 				//
@@ -567,16 +565,12 @@ function session_reset_keys($user_id, $user_ip)
 //
 function append_sid($url, $non_html_amp = false)
 {
-	global $SID, $P_SID;
+	global $SID;
 
 	if ( !empty($SID) && !preg_match('#sid=#', $url) )
 	{
 		$url .= ( ( strpos($url, '?') !== false ) ?  ( ( $non_html_amp ) ? '&' : '&' ) : '?' ) . $SID;
 	}
-    if ( !empty($P_SID) && !preg_match('#p_sid=#', $url) )
-	{
-		$url .= ( ( strpos($url, '?') !== false ) ?  ( ( $non_html_amp ) ? '&' : '&' ) : '?' ) . $P_SID;
-	}
 
 	return $url;
 }

phpBB/includes/usercp_email.php

@@ -52,67 +52,84 @@ $sql = "SELECT username, user_email, user_viewemail, user_lang
 	WHERE user_id = $user_id";
 if ( $result = $db->sql_query($sql) )
 {
-	if ( $row = $db->sql_fetchrow($result) )
-	{
+	$row = $db->sql_fetchrow($result);
 
-		$username = $row['username'];
-		$user_email = $row['user_email']; 
-		$user_lang = $row['user_lang'];
-	
-		if ( $row['user_viewemail'] || $userdata['user_level'] == ADMIN )
+	$username = $row['username'];
+	$user_email = $row['user_email']; 
+	$user_lang = $row['user_lang'];
+
+	if ( $row['user_viewemail'] || $userdata['user_level'] == ADMIN )
+	{
+		if ( time() - $userdata['user_emailtime'] < $board_config['flood_interval'] )
 		{
-			if ( time() - $userdata['user_emailtime'] < $board_config['flood_interval'] )
+			message_die(GENERAL_MESSAGE, $lang['Flood_email_limit']);
+		}
+
+		if ( isset($HTTP_POST_VARS['submit']) )
+		{
+			$error = FALSE;
+
+			if ( !empty($HTTP_POST_VARS['subject']) )
 			{
-				message_die(GENERAL_MESSAGE, $lang['Flood_email_limit']);
+				$subject = trim(stripslashes($HTTP_POST_VARS['subject']));
 			}
-	
-			if ( isset($HTTP_POST_VARS['submit']) )
+			else
 			{
-				$error = FALSE;
-	
-				if ( !empty($HTTP_POST_VARS['subject']) )
+				$error = TRUE;
+				$error_msg = ( !empty($error_msg) ) ? $error_msg . '<br />' . $lang['Empty_subject_email'] : $lang['Empty_subject_email'];
+			}
+
+			if ( !empty($HTTP_POST_VARS['message']) )
+			{
+				$message = trim(stripslashes($HTTP_POST_VARS['message']));
+			}
+			else
+			{
+				$error = TRUE;
+				$error_msg = ( !empty($error_msg) ) ? $error_msg . '<br />' . $lang['Empty_message_email'] : $lang['Empty_message_email'];
+			}
+
+			if ( !$error )
+			{
+				$sql = "UPDATE " . USERS_TABLE . " 
+					SET user_emailtime = " . time() . " 
+					WHERE user_id = " . $userdata['user_id'];
+				if ( $result = $db->sql_query($sql) )
 				{
-					$subject = trim(stripslashes($HTTP_POST_VARS['subject']));
-				}
-				else
-				{
-					$error = TRUE;
-					$error_msg = ( !empty($error_msg) ) ? $error_msg . '<br />' . $lang['Empty_subject_email'] : $lang['Empty_subject_email'];
-				}
-	
-				if ( !empty($HTTP_POST_VARS['message']) )
-				{
-					$message = trim(stripslashes($HTTP_POST_VARS['message']));
-				}
-				else
-				{
-					$error = TRUE;
-					$error_msg = ( !empty($error_msg) ) ? $error_msg . '<br />' . $lang['Empty_message_email'] : $lang['Empty_message_email'];
-				}
-	
-				if ( !$error )
-				{
-					$sql = "UPDATE " . USERS_TABLE . " 
-						SET user_emailtime = " . time() . " 
-						WHERE user_id = " . $userdata['user_id'];
-					if ( $result = $db->sql_query($sql) )
+					include($phpbb_root_path . 'includes/emailer.'.$phpEx);
+					$emailer = new emailer($board_config['smtp_delivery']);
+
+					$emailer->from($userdata['user_email']);
+					$emailer->replyto($userdata['user_email']);
+
+					$email_headers = 'X-AntiAbuse: Board servername - ' . $server_name . "\n";
+					$email_headers .= 'X-AntiAbuse: User_id - ' . $userdata['user_id'] . "\n";
+					$email_headers .= 'X-AntiAbuse: Username - ' . $userdata['username'] . "\n";
+					$email_headers .= 'X-AntiAbuse: User IP - ' . decode_ip($user_ip) . "\n";
+
+					$emailer->use_template('profile_send_email', $user_lang);
+					$emailer->email_address($user_email);
+					$emailer->set_subject($subject);
+					$emailer->extra_headers($email_headers);
+
+					$emailer->assign_vars(array(
+						'SITENAME' => $board_config['sitename'], 
+						'BOARD_EMAIL' => $board_config['board_email'], 
+						'FROM_USERNAME' => $userdata['username'], 
+						'TO_USERNAME' => $username, 
+						'MESSAGE' => $message)
+					);
+					$emailer->send();
+					$emailer->reset();
+
+					if ( !empty($HTTP_POST_VARS['cc_email']) )
 					{
-						include($phpbb_root_path . 'includes/emailer.'.$phpEx);
-						$emailer = new emailer($board_config['smtp_delivery']);
-	
 						$emailer->from($userdata['user_email']);
 						$emailer->replyto($userdata['user_email']);
-	
-						$email_headers = 'X-AntiAbuse: Board servername - ' . $server_name . "\n";
-						$email_headers .= 'X-AntiAbuse: User_id - ' . $userdata['user_id'] . "\n";
-						$email_headers .= 'X-AntiAbuse: Username - ' . $userdata['username'] . "\n";
-						$email_headers .= 'X-AntiAbuse: User IP - ' . decode_ip($user_ip) . "\n";
-	
-						$emailer->use_template('profile_send_email', $user_lang);
-						$emailer->email_address($user_email);
+						$emailer->use_template('profile_send_email');
+						$emailer->email_address($userdata['user_email']);
 						$emailer->set_subject($subject);
-						$emailer->extra_headers($email_headers);
-	
+
 						$emailer->assign_vars(array(
 							'SITENAME' => $board_config['sitename'], 
 							'BOARD_EMAIL' => $board_config['board_email'], 
@@ -122,95 +139,72 @@ if ( $result = $db->sql_query($sql) )
 						);
 						$emailer->send();
 						$emailer->reset();
-	
-						if ( !empty($HTTP_POST_VARS['cc_email']) )
-						{
-							$emailer->from($userdata['user_email']);
-							$emailer->replyto($userdata['user_email']);
-							$emailer->use_template('profile_send_email');
-							$emailer->email_address($userdata['user_email']);
-							$emailer->set_subject($subject);
-	
-							$emailer->assign_vars(array(
-								'SITENAME' => $board_config['sitename'], 
-								'BOARD_EMAIL' => $board_config['board_email'], 
-								'FROM_USERNAME' => $userdata['username'], 
-								'TO_USERNAME' => $username, 
-								'MESSAGE' => $message)
-							);
-							$emailer->send();
-							$emailer->reset();
-						}
-	
-						$template->assign_vars(array(
-							'META' => '<meta http-equiv="refresh" content="5;url=' . append_sid("index.$phpEx") . '">')
-						);
-	
-						$message = $lang['Email_sent'] . '<br /><br />' . sprintf($lang['Click_return_index'],  '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
-	
-						message_die(GENERAL_MESSAGE, $message);
-					}
-					else
-					{
-						message_die(GENERAL_ERROR, 'Could not update last email time', '', __LINE__, __FILE__, $sql);
 					}
+
+					$template->assign_vars(array(
+						'META' => '<meta http-equiv="refresh" content="5;url=' . append_sid("index.$phpEx") . '">')
+					);
+
+					$message = $lang['Email_sent'] . '<br /><br />' . sprintf($lang['Click_return_index'],  '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
+
+					message_die(GENERAL_MESSAGE, $message);
+				}
+				else
+				{
+					message_die(GENERAL_ERROR, 'Could not update last email time', '', __LINE__, __FILE__, $sql);
 				}
 			}
-	
-			include($phpbb_root_path . 'includes/page_header.'.$phpEx);
-	
-			$template->set_filenames(array(
-				'body' => 'profile_send_email.tpl')
-			);
-			make_jumpbox('viewforum.'.$phpEx);
-	
-			if ( $error )
-			{
-				$template->set_filenames(array(
-					'reg_header' => 'error_body.tpl')
-				);
-				$template->assign_vars(array(
-					'ERROR_MESSAGE' => $error_msg)
-				);
-				$template->assign_var_from_handle('ERROR_BOX', 'reg_header');
-			}
-	
-			$template->assign_vars(array(
-				'USERNAME' => $username,
-	
-				'S_HIDDEN_FIELDS' => '', 
-				'S_POST_ACTION' => append_sid("profile.$phpEx?mode=email&amp;" . POST_USERS_URL . "=$user_id"), 
-	
-				'L_SEND_EMAIL_MSG' => $lang['Send_email_msg'], 
-				'L_RECIPIENT' => $lang['Recipient'], 
-				'L_SUBJECT' => $lang['Subject'],
-				'L_MESSAGE_BODY' => $lang['Message_body'], 
-				'L_MESSAGE_BODY_DESC' => $lang['Email_message_desc'], 
-				'L_EMPTY_SUBJECT_EMAIL' => $lang['Empty_subject_email'],
-				'L_EMPTY_MESSAGE_EMAIL' => $lang['Empty_message_email'],
-				'L_OPTIONS' => $lang['Options'],
-				'L_CC_EMAIL' => $lang['CC_email'], 
-				'L_SPELLCHECK' => $lang['Spellcheck'],
-				'L_SEND_EMAIL' => $lang['Send_email'])
-			);
-	
-			$template->pparse('body');
-	
-			include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
 		}
-		else
+
+		include($phpbb_root_path . 'includes/page_header.'.$phpEx);
+
+		$template->set_filenames(array(
+			'body' => 'profile_send_email.tpl')
+		);
+		make_jumpbox('viewforum.'.$phpEx);
+
+		if ( $error )
 		{
-			message_die(GENERAL_MESSAGE, $lang['User_prevent_email']);
+			$template->set_filenames(array(
+				'reg_header' => 'error_body.tpl')
+			);
+			$template->assign_vars(array(
+				'ERROR_MESSAGE' => $error_msg)
+			);
+			$template->assign_var_from_handle('ERROR_BOX', 'reg_header');
 		}
+
+		$template->assign_vars(array(
+			'USERNAME' => $username,
+
+			'S_HIDDEN_FIELDS' => '', 
+			'S_POST_ACTION' => append_sid("profile.$phpEx?mode=email&amp;" . POST_USERS_URL . "=$user_id"), 
+
+			'L_SEND_EMAIL_MSG' => $lang['Send_email_msg'], 
+			'L_RECIPIENT' => $lang['Recipient'], 
+			'L_SUBJECT' => $lang['Subject'],
+			'L_MESSAGE_BODY' => $lang['Message_body'], 
+			'L_MESSAGE_BODY_DESC' => $lang['Email_message_desc'], 
+			'L_EMPTY_SUBJECT_EMAIL' => $lang['Empty_subject_email'],
+			'L_EMPTY_MESSAGE_EMAIL' => $lang['Empty_message_email'],
+			'L_OPTIONS' => $lang['Options'],
+			'L_CC_EMAIL' => $lang['CC_email'], 
+			'L_SPELLCHECK' => $lang['Spellcheck'],
+			'L_SEND_EMAIL' => $lang['Send_email'])
+		);
+
+		$template->pparse('body');
+
+		include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
 	}
 	else
 	{
-		message_die(GENERAL_MESSAGE, $lang['User_not_exist']);
+		message_die(GENERAL_MESSAGE, $lang['User_prevent_email']);
 	}
 }
 else
 {
-	message_die(GENERAL_ERROR, 'Could not select user data', '', __LINE__, __FILE__, $sql);
+	message_die(GENERAL_MESSAGE, $lang['User_not_exist']);
 }
 
 ?>

phpBB/includes/usercp_register.php

@@ -144,7 +144,6 @@ if (
 	$notifyreply = ( isset($HTTP_POST_VARS['notifyreply']) ) ? ( ($HTTP_POST_VARS['notifyreply']) ? TRUE : 0 ) : 0;
 	$notifypm = ( isset($HTTP_POST_VARS['notifypm']) ) ? ( ($HTTP_POST_VARS['notifypm']) ? TRUE : 0 ) : TRUE;
 	$popup_pm = ( isset($HTTP_POST_VARS['popup_pm']) ) ? ( ($HTTP_POST_VARS['popup_pm']) ? TRUE : 0 ) : TRUE;
-	$sid = (isset($HTTP_POST_VARS['sid'])) ? $HTTP_POST_VARS['sid'] : 0;
 
 	if ( $mode == 'register' )
 	{
@@ -254,13 +253,6 @@ if ( isset($HTTP_POST_VARS['submit']) )
 {
 	include($phpbb_root_path . 'includes/usercp_avatar.'.$phpEx);
 
-	// session id check
-	if ($sid == '' || $sid != $userdata['session_id'])
-	{
-		$error = true;
-		$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Session_invalid'];
-	}
-
 	$passwd_sql = '';
 	if ( $mode == 'editprofile' )
 	{
@@ -300,7 +292,7 @@ if ( isset($HTTP_POST_VARS['submit']) )
 					AND session_id = '" . $userdata['session_id'] . "'";
 			if (!($result = $db->sql_query($sql)))
 			{
-				message_die(GENERAL_ERROR, 'Could not obtain confirmation code', '', __LINE__, __FILE__, $sql);
+				message_die(GENERAL_ERROR, 'Could not obtain confirmation code', __LINE__, __FILE__, $sql);
 			}
 
 			if ($row = $db->sql_fetchrow($result))
@@ -317,7 +309,7 @@ if ( isset($HTTP_POST_VARS['submit']) )
 							AND session_id = '" . $userdata['session_id'] . "'";
 					if (!$db->sql_query($sql))
 					{
-						message_die(GENERAL_ERROR, 'Could not delete confirmation code', '', __LINE__, __FILE__, $sql);
+						message_die(GENERAL_ERROR, 'Could not delete confirmation code', __LINE__, __FILE__, $sql);
 					}
 				}
 			}
@@ -818,7 +810,7 @@ else if ( $mode == 'editprofile' && !isset($HTTP_POST_VARS['avatargallery']) &&
 	$occupation = $userdata['user_occ'];
 	$interests = $userdata['user_interests'];
 	$signature_bbcode_uid = $userdata['user_sig_bbcode_uid'];
-	$signature = ($signature_bbcode_uid != '') ? preg_replace('/:(([a-z0-9]+:)?)' . preg_quote($signature_bbcode_uid, '/') . '(=|\])/si', '\\3', $userdata['user_sig']) : $userdata['user_sig'];
+	$signature = ($signature_bbcode_uid != '') ? preg_replace("/:(([a-z0-9]+:)?)$signature_bbcode_uid(=|\])/si", '\\3', $userdata['user_sig']) : $userdata['user_sig'];
 
 	$viewemail = $userdata['user_viewemail'];
 	$notifypm = $userdata['user_notify_pm'];
@@ -901,7 +893,6 @@ else
 	}
 
 	$s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />';
-	$s_hidden_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />';
 	if( $mode == 'editprofile' )
 	{
 		$s_hidden_fields .= '<input type="hidden" name="user_id" value="' . $userdata['user_id'] . '" />';

phpBB/install/schemas/mssql_basic.sql

@@ -75,7 +75,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('record_online_date
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('server_name', 'www.yourdomain.tld');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('server_port', '80');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('script_path', '/phpBB2/');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '.0.23');
+INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '.0.21');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('rand_seed', '0');
 
 /*

phpBB/install/schemas/mssql_schema.sql

@@ -193,7 +193,6 @@ CREATE TABLE [phpbb_sessions] (
 	[session_page] [int] NULL ,
 	[session_logged_in] [smallint] NULL,
 	[session_admin] [smallint] NULL
-	[priv_session_id] [char] (32) NOT NULL ,
 ) ON [PRIMARY]
 GO
 

phpBB/install/schemas/mysql_basic.sql

@@ -68,7 +68,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('record_online_date
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('server_name', 'www.myserver.tld');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('server_port', '80');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('script_path', '/phpBB2/');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '.0.23');
+INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '.0.21');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('rand_seed', '0');
 
 
@@ -111,7 +111,7 @@ INSERT INTO phpbb_posts_text (post_id, post_subject, post_text) VALUES (1, NULL,
 
 
 # -- Themes
-INSERT INTO phpbb_themes (themes_id, template_name, style_name, head_stylesheet, body_background, body_bgcolor, body_text, body_link, body_vlink, body_alink, body_hlink, tr_color1, tr_color2, tr_color3, tr_class1, tr_class2, tr_class3, th_color1, th_color2, th_color3, th_class1, th_class2, th_class3, td_color1, td_color2, td_color3, td_class1, td_class2, td_class3, fontface1, fontface2, fontface3, fontsize1, fontsize2, fontsize3, fontcolor1, fontcolor2, fontcolor3, span_class1, span_class2, span_class3) VALUES (1, 'subSilver', 'subSilver', 'subSilver.css', '', 'E5E5E5', '000000', '006699', '5493B4', '', 'DD6900', 'EFEFEF', 'DEE3E7', 'D1D7DC', '', '', '', '98AAB1', '006699', 'FFFFFF', 'cellpic1.gif', 'cellpic3.gif', 'cellpic2.jpg', 'FAFAFA', 'FFFFFF', '', 'row1', 'row2', '', 'Verdana, Arial, Helvetica, sans-serif', 'Trebuchet MS', 'Courier, ''Courier New'', sans-serif', 10, 11, 12, '444444', '006600', 'FFA34F', '', '', '');
+INSERT INTO phpbb_themes (themes_id, template_name, style_name, head_stylesheet, body_background, body_bgcolor, body_text, body_link, body_vlink, body_alink, body_hlink, tr_color1, tr_color2, tr_color3, tr_class1, tr_class2, tr_class3, th_color1, th_color2, th_color3, th_class1, th_class2, th_class3, td_color1, td_color2, td_color3, td_class1, td_class2, td_class3, fontface1, fontface2, fontface3, fontsize1, fontsize2, fontsize3, fontcolor1, fontcolor2, fontcolor3, span_class1, span_class2, span_class3) VALUES (1, 'subSilver', 'subSilver', 'subSilver.css', '', 'E5E5E5', '000000', '006699', '5493B4', '', 'DD6900', 'EFEFEF', 'DEE3E7', 'D1D7DC', '', '', '', '98AAB1', '006699', 'FFFFFF', 'cellpic1.gif', 'cellpic3.gif', 'cellpic2.jpg', 'FAFAFA', 'FFFFFF', '', 'row1', 'row2', '', 'Verdana, Arial, Helvetica, sans-serif', 'Trebuchet MS', 'Courier, \'Courier New\', sans-serif', 10, 11, 12, '444444', '006600', 'FFA34F', '', '', '');
 
 INSERT INTO phpbb_themes_name (themes_id, tr_color1_name, tr_color2_name, tr_color3_name, tr_class1_name, tr_class2_name, tr_class3_name, th_color1_name, th_color2_name, th_color3_name, th_class1_name, th_class2_name, th_class3_name, td_color1_name, td_color2_name, td_color3_name, td_class1_name, td_class2_name, td_class3_name, fontface1_name, fontface2_name, fontface3_name, fontsize1_name, fontsize2_name, fontsize3_name, fontcolor1_name, fontcolor2_name, fontcolor3_name, span_class1_name, span_class2_name, span_class3_name) VALUES (1, 'The lightest row colour', 'The medium row color', 'The darkest row colour', '', '', '', 'Border round the whole page', 'Outer table border', 'Inner table border', 'Silver gradient picture', 'Blue gradient picture', 'Fade-out gradient on index', 'Background for quote boxes', 'All white areas', '', 'Background for topic posts', '2nd background for topic posts', '', 'Main fonts', 'Additional topic title font', 'Form fonts', 'Smallest font size', 'Medium font size', 'Normal font size (post body etc)', 'Quote & copyright text', 'Code text colour', 'Main table header text colour', '', '', '');
 

phpBB/install/schemas/mysql_schema.sql

@@ -257,7 +257,7 @@ CREATE TABLE phpbb_search_results (
   search_id int(11) UNSIGNED NOT NULL default '0',
   session_id char(32) NOT NULL default '',
   search_time int(11) DEFAULT '0' NOT NULL,
-  search_array mediumtext NOT NULL,
+  search_array text NOT NULL,
   PRIMARY KEY  (search_id),
   KEY session_id (session_id)
 );
@@ -307,7 +307,6 @@ CREATE TABLE phpbb_sessions (
    session_page int(11) DEFAULT '0' NOT NULL,
    session_logged_in tinyint(1) DEFAULT '0' NOT NULL,
    session_admin tinyint(2) DEFAULT '0' NOT NULL,
-   priv_session_id char(32) DEFAULT '' NOT NULL,
    PRIMARY KEY (session_id),
    KEY session_user_id (session_user_id),
    KEY session_id_ip_user_id (session_id, session_ip, session_user_id)

phpBB/install/schemas/postgres_basic.sql

@@ -69,7 +69,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('record_online_date
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('server_name', 'www.yourdomain.tld');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('server_port', '80');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('script_path', '/phpBB2/');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '.0.23');
+INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '.0.21');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('rand_seed', '0');
 
 -- Categories

phpBB/install/schemas/postgres_schema.sql

@@ -291,7 +291,6 @@ CREATE TABLE phpbb_sessions (
    session_page int4 DEFAULT '0' NOT NULL,
    session_logged_in int2 DEFAULT '0' NOT NULL,
    session_admin int2 DEFAULT '0' NOT NULL,
-   priv_session_id char(32) DEFAULT '0' NOT NULL,
    CONSTRAINT phpbb_session_pkey PRIMARY KEY (session_id)
 );
 CREATE INDEX session_user_id_phpbb_sessions_index ON phpbb_sessions (session_user_id);

phpBB/install/update_to_latest.php

@@ -59,7 +59,7 @@ include($phpbb_root_path . 'includes/db.'.$phpEx);
 //
 //
 //
-$updates_to_version = '.0.24';
+$updates_to_version = '.0.21';
 //
 //
 //
@@ -658,50 +658,6 @@ switch ($row['config_value'])
 		}
 
 		break;
-
-	case '.0.21':
-
-		// MySQL only change
-		switch (SQL_LAYER)
-		{
-			case 'mysql':
-			case 'mysql4':
-				$sql[] = 'ALTER TABLE ' . SEARCH_TABLE . '
-					MODIFY COLUMN search_array MEDIUMTEXT NOT NULL';
-		}
-
-		break;
-
-	case '.0.22':
-	case '.0.23':
-
-		switch (SQL_LAYER)
-		{
-			case 'mysql':
-			case 'mysql4':
-				$sql[] = "ALTER TABLE " . SESSIONS_TABLE . "
-					ADD COLUMN priv_session_id char(32) DEFAULT '' NOT NULL";
-				break;
-
-			case 'postgresql':
-				$sql[] = "ALTER TABLE " . SESSIONS_TABLE . "
-					ADD COLUMN priv_session_id char(32)";
-				$sql[] = "ALTER TABLE " . SESSIONS_TABLE . "
-					ALTER COLUMN priv_session_id SET DEFAULT ''";
-				break;
-
-			case 'mssql-odbc':
-			case 'mssql':
-				$sql[] = "ALTER TABLE " . SESSIONS_TABLE . " ADD
-					priv_session_id char (32) NOT NULL";
-				break;
-
-			case 'msaccess':
-				$sql[] = "ALTER TABLE " . SESSIONS_TABLE . " ADD
-					priv_session_id char (32) NOT NULL";
-				break;
-		}
-
 }
 
 echo "<h2>Updating database schema</h2>\n";
@@ -904,7 +860,7 @@ switch ($row['config_value'])
 			if (preg_match("#^lang_#i", $file) && !is_file($phpbb_root_path . $dirname . "/" . $file) && !is_link($phpbb_root_path . $dirname . "/" . $file) && file_exists($phpbb_root_path . $dirname . "/" . $file . '/search_stopwords.txt'))
 			{
 
-				$stopword_list = trim(preg_replace('#([\w\.\-_\+\'-\\\]+?)[ \n\r]*?(,|$)#', '\'\1\'\2', str_replace("'", "\'", implode(', ', file($phpbb_root_path . $dirname . "/" . $file . '/search_stopwords.txt')))));
+				$stopword_list = trim(preg_replace('#([\w\.\-_\+\'<EFBFBD><EFBFBD>-<2D>\\\]+?)[ \n\r]*?(,|$)#', '\'\1\'\2', str_replace("'", "\'", implode(', ', file($phpbb_root_path . $dirname . "/" . $file . '/search_stopwords.txt')))));
 
 				$sql = "SELECT word_id 
 					FROM " . SEARCH_WORD_TABLE . " 
@@ -1152,13 +1108,6 @@ switch ($row['config_value'])
 
 		break;
 
-	case '.0.21':
-	case '.0.22':
-	case '.0.23':
-		$sql = 'DELETE FROM ' . SESSIONS_TABLE;
-		_sql($sql, $errored, $error_ary);
-	break;
-
 	default:
 		echo " No updates were required</b></p>\n";
 		break;
@@ -1181,7 +1130,7 @@ switch (SQL_LAYER)
 {
 	case 'mysql':
 	case 'mysql4':
-		$sql = 'OPTIMIZE TABLE ' . $table_prefix . 'auth_access, ' . $table_prefix . 'banlist, ' . $table_prefix . 'categories, ' . $table_prefix . 'config, ' . $table_prefix . 'disallow, ' . $table_prefix . 'forum_prune, ' . $table_prefix . 'forums, ' . $table_prefix . 'groups, ' . $table_prefix . 'posts, ' . $table_prefix . 'posts_text, ' . $table_prefix . 'privmsgs, ' . $table_prefix . 'privmsgs_text, ' . $table_prefix . 'ranks, ' . $table_prefix . 'search_results, ' . $table_prefix . 'search_wordlist, ' . $table_prefix . 'search_wordmatch, ' . $table_prefix . 'sessions_keys, ' . $table_prefix . 'smilies, ' . $table_prefix . 'themes, ' . $table_prefix . 'themes_name, ' . $table_prefix . 'topics, ' . $table_prefix . 'topics_watch, ' . $table_prefix . 'user_group, ' . $table_prefix . 'users, ' . $table_prefix . 'vote_desc, ' . $table_prefix . 'vote_results, ' . $table_prefix . 'vote_voters, ' . $table_prefix . 'words';
+		$sql = 'OPTIMIZE TABLE ' . $table_prefix . 'auth_access, ' . $table_prefix . 'banlist, ' . $table_prefix . 'categories, ' . $table_prefix . 'config, ' . $table_prefix . 'disallow, ' . $table_prefix . 'forum_prune, ' . $table_prefix . 'forums, ' . $table_prefix . 'groups, ' . $table_prefix . 'posts, ' . $table_prefix . 'posts_text, ' . $table_prefix . 'privmsgs, ' . $table_prefix . 'privmsgs_text, ' . $table_prefix . 'ranks, ' . $table_prefix . 'search_results, ' . $table_prefix . 'search_wordlist, ' . $table_prefix . 'search_wordmatch, ' . $table_prefix . 'sessions_keys' . $table_prefix . 'smilies, ' . $table_prefix . 'themes, ' . $table_prefix . 'themes_name, ' . $table_prefix . 'topics, ' . $table_prefix . 'topics_watch, ' . $table_prefix . 'user_group, ' . $table_prefix . 'users, ' . $table_prefix . 'vote_desc, ' . $table_prefix . 'vote_results, ' . $table_prefix . 'vote_voters, ' . $table_prefix . 'words';
 		_sql($sql, $errored, $error_ary);
 		break;
 

phpBB/language/lang_english/lang_admin.php

@@ -216,7 +216,7 @@ $lang['Ban_IP_explain'] = 'To specify several different IP addresses or hostname
 $lang['Ban_email'] = 'Ban one or more email addresses';
 $lang['Ban_email_explain'] = 'To specify more than one email address, separate them with commas. To specify a wildcard username, use * like *@hotmail.com';
 
-$lang['Unban_username'] = 'Un-ban one or more specific users';
+$lang['Unban_username'] = 'Un-ban one more specific users';
 $lang['Unban_username_explain'] = 'You can unban multiple users in one go using the appropriate combination of mouse and keyboard for your computer and browser';
 
 $lang['Unban_IP'] = 'Un-ban one or more IP addresses';
@@ -574,7 +574,7 @@ $lang['Disallow_explain'] = 'Here you can control usernames which will not be al
 
 $lang['Delete_disallow'] = 'Delete';
 $lang['Delete_disallow_title'] = 'Remove a Disallowed Username';
-$lang['Delete_disallow_explain'] = 'You can remove a disallowed username by selecting the username from this list and clicking delete';
+$lang['Delete_disallow_explain'] = 'You can remove a disallowed username by selecting the username from this list and clicking submit';
 
 $lang['Add_disallow'] = 'Add';
 $lang['Add_disallow_title'] = 'Add a disallowed username';

phpBB/language/lang_english/lang_main.php

@@ -283,7 +283,6 @@ $lang['Delete_post'] = 'Delete this post';
 $lang['wrote'] = 'wrote'; // proceeds the username and is followed by the quoted text
 $lang['Quote'] = 'Quote'; // comes before bbcode quote output.
 $lang['Code'] = 'Code'; // comes before bbcode code output.
-$lang['Priv_Img'] = 'Image display disabled'; // Explanation for missing images in the ModCP.
 
 $lang['Edited_time_total'] = 'Last edited by %s on %s; edited %d time in total'; // Last edited by me on 12 Oct 2001; edited 1 time in total
 $lang['Edited_times_total'] = 'Last edited by %s on %s; edited %d times in total'; // Last edited by me on 12 Oct 2001; edited 2 times in total
@@ -1019,8 +1018,6 @@ $lang['Admin_reauthenticate'] = 'To administer the board you must re-authenticat
 $lang['Login_attempts_exceeded'] = 'The maximum number of %s login attempts has been exceeded. You are not allowed to login for the next %s minutes.';
 $lang['Please_remove_install_contrib'] = 'Please ensure both the install/ and contrib/ directories are deleted';
 
-$lang['Session_invalid'] = 'Invalid Session. Please resubmit the form.';
-
 //
 // That's all, Folks!
 // -------------------------------------------------

phpBB/login.php

@@ -123,7 +123,7 @@ if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($
 				$redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : '';
 				$redirect = str_replace('?', '&', $redirect);
 
-				if (strstr(urldecode($redirect), "\n") || strstr(urldecode($redirect), "\r") || strstr(urldecode($redirect), ';url'))
+				if (strstr(urldecode($redirect), "\n") || strstr(urldecode($redirect), "\r"))
 				{
 					message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.');
 				}
@@ -142,7 +142,7 @@ if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($
 			$redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : "";
 			$redirect = str_replace("?", "&", $redirect);
 
-			if (strstr(urldecode($redirect), "\n") || strstr(urldecode($redirect), "\r") || strstr(urldecode($redirect), ';url'))
+			if (strstr(urldecode($redirect), "\n") || strstr(urldecode($redirect), "\r"))
 			{
 				message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.');
 			}

phpBB/memberlist.php

@@ -34,7 +34,6 @@ init_userprefs($userdata);
 //
 
 $start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0;
-$start = ($start < 0) ? 0 : $start;
 
 if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
 {

phpBB/modcp.php

@@ -71,7 +71,6 @@ $confirm = ( $HTTP_POST_VARS['confirm'] ) ? TRUE : 0;
 // Continue var definitions
 //
 $start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0;
-$start = ($start < 0) ? 0 : $start;
 
 $delete = ( isset($HTTP_POST_VARS['delete']) ) ? TRUE : FALSE;
 $move = ( isset($HTTP_POST_VARS['move']) ) ? TRUE : FALSE;
@@ -116,15 +115,6 @@ else
 {
 	$sid = '';
 }
-// privileged session id check
-if (!empty($HTTP_POST_VARS['p_sid']) || !empty($HTTP_GET_VARS['p_sid']))
-{
-	$p_sid = (!empty($HTTP_POST_VARS['p_sid'])) ? $HTTP_POST_VARS['p_sid'] : $HTTP_GET_VARS['p_sid'];
-}
-else
-{
-	$p_sid = '';
-}
 
 //
 // Obtain relevant data
@@ -184,7 +174,7 @@ init_userprefs($userdata);
 //
 
 // session id check
-if ($p_sid === '' || $p_sid !== $userdata['priv_session_id'])
+if ($sid == '' || $sid != $userdata['session_id'])
 {
 	message_die(GENERAL_ERROR, 'Invalid_session');
 }
@@ -407,12 +397,12 @@ switch( $mode )
 
 			if ( !empty($topic_id) )
 			{
-				$redirect_page = append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id");
+				$redirect_page = "viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id&amp;sid=" . $userdata['session_id'];
 				$l_redirect = sprintf($lang['Click_return_forum'], '<a href="' . $redirect_page . '">', '</a>');
 			}
 			else
 			{
-				$redirect_page = append_sid("modcp.$phpEx?" . POST_FORUM_URL . "=$forum_id&amp;p_sid=" . $userdata['priv_session_id']);
+				$redirect_page = "modcp.$phpEx?" . POST_FORUM_URL . "=$forum_id&amp;sid=" . $userdata['session_id'];
 				$l_redirect = sprintf($lang['Click_return_modcp'], '<a href="' . $redirect_page . '">', '</a>');
 			}
 
@@ -430,7 +420,7 @@ switch( $mode )
 				message_die(GENERAL_MESSAGE, $lang['None_selected']);
 			}
 
-			$hidden_fields = '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" /><input type="hidden" name="p_sid" value="' . $userdata['priv_session_id'] . '" /><input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="' . POST_FORUM_URL . '" value="' . $forum_id . '" />';
+			$hidden_fields = '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" /><input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="' . POST_FORUM_URL . '" value="' . $forum_id . '" />';
 
 			if ( isset($HTTP_POST_VARS['topic_id_list']) )
 			{
@@ -566,16 +556,16 @@ switch( $mode )
 
 			if ( !empty($topic_id) )
 			{
-				$redirect_page = append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id");
+				$redirect_page = "viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id&amp;sid=" . $userdata['session_id'];
 				$message .= sprintf($lang['Click_return_topic'], '<a href="' . $redirect_page . '">', '</a>');
 			}
 			else
 			{
-				$redirect_page = append_sid("modcp.$phpEx?" . POST_FORUM_URL . "=$forum_id&amp;p_sid=" . $userdata['priv_session_id']);
+				$redirect_page = "modcp.$phpEx?" . POST_FORUM_URL . "=$forum_id&amp;sid=" . $userdata['session_id'];
 				$message .= sprintf($lang['Click_return_modcp'], '<a href="' . $redirect_page . '">', '</a>');
 			}
 
-			$message = $message . '<br \><br \>' . sprintf($lang['Click_return_forum'], '<a href="' . append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$old_forum_id&amp;p_sid=" . $userdata['priv_session_id']) . '">', '</a>');
+			$message = $message . '<br \><br \>' . sprintf($lang['Click_return_forum'], '<a href="' . "viewforum.$phpEx?" . POST_FORUM_URL . "=$old_forum_id&amp;sid=" . $userdata['session_id'] . '">', '</a>');
 
 			$template->assign_vars(array(
 				'META' => '<meta http-equiv="refresh" content="3;url=' . $redirect_page . '">')
@@ -590,7 +580,7 @@ switch( $mode )
 				message_die(GENERAL_MESSAGE, $lang['None_selected']);
 			}
 
-			$hidden_fields = '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" /><input type="hidden" name="p_sid" value="' . $userdata['priv_session_id'] . '" /><input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="' . POST_FORUM_URL . '" value="' . $forum_id . '" />';
+			$hidden_fields = '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" /><input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="' . POST_FORUM_URL . '" value="' . $forum_id . '" />';
 
 			if ( isset($HTTP_POST_VARS['topic_id_list']) )
 			{
@@ -659,16 +649,16 @@ switch( $mode )
 
 		if ( !empty($topic_id) )
 		{
-			$redirect_page = append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id");
+			$redirect_page = "viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id&amp;sid=" . $userdata['session_id'];
 			$message = sprintf($lang['Click_return_topic'], '<a href="' . $redirect_page . '">', '</a>');
 		}
 		else
 		{
-			$redirect_page = append_sid("modcp.$phpEx?" . POST_FORUM_URL . "=$forum_id&amp;p_sid=" . $userdata['priv_session_id']);
+			$redirect_page = "modcp.$phpEx?" . POST_FORUM_URL . "=$forum_id&amp;sid=" . $userdata['session_id'];
 			$message = sprintf($lang['Click_return_modcp'], '<a href="' . $redirect_page . '">', '</a>');
 		}
 
-		$message = $message . '<br \><br \>' . sprintf($lang['Click_return_forum'], '<a href="' . append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id") . '">', '</a>');
+		$message = $message . '<br \><br \>' . sprintf($lang['Click_return_forum'], '<a href="' . "viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id&amp;sid=" . $userdata['session_id'] . '">', '</a>');
 
 		$template->assign_vars(array(
 			'META' => '<meta http-equiv="refresh" content="3;url=' . $redirect_page . '">')
@@ -704,16 +694,16 @@ switch( $mode )
 
 		if ( !empty($topic_id) )
 		{
-			$redirect_page = append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id");
+			$redirect_page = "viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id&amp;sid=" . $userdata['session_id'];
 			$message = sprintf($lang['Click_return_topic'], '<a href="' . $redirect_page . '">', '</a>');
 		}
 		else
 		{
-			$redirect_page = append_sid("modcp.$phpEx?" . POST_FORUM_URL . "=$forum_id&amp;p_sid=" . $userdata['priv_session_id']);
+			$redirect_page = "modcp.$phpEx?" . POST_FORUM_URL . "=$forum_id&amp;sid=" . $userdata['session_id'];
 			$message = sprintf($lang['Click_return_modcp'], '<a href="' . $redirect_page . '">', '</a>');
 		}
 
-		$message = $message . '<br \><br \>' . sprintf($lang['Click_return_forum'], '<a href="' . append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id") . '">', '</a>');
+		$message = $message . '<br \><br \>' . sprintf($lang['Click_return_forum'], '<a href="' . "viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id&amp;sid=" . $userdata['session_id'] . '">', '</a>');
 
 		$template->assign_vars(array(
 			'META' => '<meta http-equiv="refresh" content="3;url=' . $redirect_page . '">')
@@ -1028,7 +1018,7 @@ switch( $mode )
 
 			'IP' => $ip_this_post, 
 				
-			'U_LOOKUP_IP' => append_sid("modcp.$phpEx?mode=ip&amp;" . POST_POST_URL . "=$post_id&amp;" . POST_TOPIC_URL . "=$topic_id&amp;rdns=$ip_this_post&amp;p_sid=" . $userdata['priv_session_id']))
+			'U_LOOKUP_IP' => "modcp.$phpEx?mode=ip&amp;" . POST_POST_URL . "=$post_id&amp;" . POST_TOPIC_URL . "=$topic_id&amp;rdns=$ip_this_post&amp;sid=" . $userdata['session_id'])
 		);
 
 		//
@@ -1069,7 +1059,7 @@ switch( $mode )
 					'IP' => $ip,
 					'POSTS' => $row['postings'] . ' ' . ( ( $row['postings'] == 1 ) ? $lang['Post'] : $lang['Posts'] ),
 
-					'U_LOOKUP_IP' => append_sid("modcp.$phpEx?mode=ip&amp;" . POST_POST_URL . "=$post_id&amp;" . POST_TOPIC_URL . "=$topic_id&amp;rdns=" . $row['poster_ip'] . "&amp;p_sid=" . $userdata['priv_session_id']))
+					'U_LOOKUP_IP' => "modcp.$phpEx?mode=ip&amp;" . POST_POST_URL . "=$post_id&amp;" . POST_TOPIC_URL . "=$topic_id&amp;rdns=" . $row['poster_ip'] . "&amp;sid=" . $userdata['session_id'])
 				);
 
 				$i++; 
@@ -1109,7 +1099,7 @@ switch( $mode )
 					'POSTS' => $row['postings'] . ' ' . ( ( $row['postings'] == 1 ) ? $lang['Post'] : $lang['Posts'] ),
 					'L_SEARCH_POSTS' => sprintf($lang['Search_user_posts'], $username), 
 
-					'U_PROFILE' => ($id == ANONYMOUS) ? append_sid("modcp.$phpEx?mode=ip&amp;" . POST_POST_URL . "=" . $post_id . "&amp;" . POST_TOPIC_URL . "=" . $topic_id . "&amp;p_sid=" . $userdata['priv_session_id']) : append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=$id"),
+					'U_PROFILE' => ($id == ANONYMOUS) ? "modcp.$phpEx?mode=ip&amp;" . POST_POST_URL . "=" . $post_id . "&amp;" . POST_TOPIC_URL . "=" . $topic_id . "&amp;sid=" . $userdata['session_id'] : append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=$id"),
 					'U_SEARCHPOSTS' => append_sid("search.$phpEx?search_author=" . (($id == ANONYMOUS) ? 'Anonymous' : urlencode($username)) . "&amp;showresults=topics"))
 				);
 
@@ -1142,7 +1132,7 @@ switch( $mode )
 			'L_SELECT' => $lang['Select'], 
 
 			'U_VIEW_FORUM' => append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id"), 
-			'S_HIDDEN_FIELDS' => '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" /><input type="hidden" name="p_sid" value="' . $userdata['priv_session_id'] . '" /><input type="hidden" name="' . POST_FORUM_URL . '" value="' . $forum_id . '" />',
+			'S_HIDDEN_FIELDS' => '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" /><input type="hidden" name="' . POST_FORUM_URL . '" value="' . $forum_id . '" />',
 			'S_MODCP_ACTION' => append_sid("modcp.$phpEx"))
 		);
 
@@ -1230,7 +1220,7 @@ switch( $mode )
 				$topic_title = preg_replace($orig_word, $replacement_word, $topic_title);
 			}
 
-			$u_view_topic = append_sid("modcp.$phpEx?mode=split&amp;" . POST_TOPIC_URL . "=$topic_id&amp;p_sid=" . $userdata['priv_session_id']);
+			$u_view_topic = "modcp.$phpEx?mode=split&amp;" . POST_TOPIC_URL . "=$topic_id&amp;sid=" . $userdata['session_id'];
 			$topic_replies = $row['topic_replies'];
 
 			$last_post_time = create_date($board_config['default_dateformat'], $row['post_time'], $board_config['board_timezone']);
@@ -1250,7 +1240,7 @@ switch( $mode )
 		}
 
 		$template->assign_vars(array(
-			'PAGINATION' => generate_pagination("modcp.$phpEx?" . POST_FORUM_URL . "=$forum_id&amp;p_sid=" . $userdata['priv_session_id'], $forum_topics, $board_config['topics_per_page'], $start),
+			'PAGINATION' => generate_pagination("modcp.$phpEx?" . POST_FORUM_URL . "=$forum_id&amp;sid=" . $userdata['session_id'], $forum_topics, $board_config['topics_per_page'], $start),
 			'PAGE_NUMBER' => sprintf($lang['Page_of'], ( floor( $start / $board_config['topics_per_page'] ) + 1 ), ceil( $forum_topics / $board_config['topics_per_page'] )), 
 			'L_GOTO_PAGE' => $lang['Goto_page'])
 		);

phpBB/posting.php

@@ -44,7 +44,6 @@ while( list($var, $param) = @each($params) )
 }
 
 $confirm = isset($HTTP_POST_VARS['confirm']) ? true : false;
-$sid = (isset($HTTP_POST_VARS['sid'])) ? $HTTP_POST_VARS['sid'] : 0;
 
 $params = array('forum_id' => POST_FORUM_URL, 'topic_id' => POST_TOPIC_URL, 'post_id' => POST_POST_URL);
 while( list($var, $param) = @each($params) )
@@ -223,8 +222,9 @@ switch ( $mode )
 		message_die(GENERAL_MESSAGE, $lang['No_valid_mode']);
 }
 
-if ( ($result = $db->sql_query($sql)) && ($post_info = $db->sql_fetchrow($result)) )
+if ( $result = $db->sql_query($sql) )
 {
+	$post_info = $db->sql_fetchrow($result);
 	$db->sql_freeresult($result);
 
 	$forum_id = $post_info['forum_id'];
@@ -431,7 +431,6 @@ if ( ( $delete || $poll_delete || $mode == 'delete' ) && !$confirm )
 	//
 	$s_hidden_fields = '<input type="hidden" name="' . POST_POST_URL . '" value="' . $post_id . '" />';
 	$s_hidden_fields .= ( $delete || $mode == "delete" ) ? '<input type="hidden" name="mode" value="delete" />' : '<input type="hidden" name="mode" value="poll_delete" />';
-	$s_hidden_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />';
 
 	$l_confirm = ( $delete || $mode == 'delete' ) ? $lang['Confirm_delete'] : $lang['Confirm_delete_poll'];
 
@@ -543,12 +542,6 @@ else if ( $submit || $confirm )
 	$return_message = '';
 	$return_meta = '';
 
-	// session id check
-	if ($sid == '' || $sid != $userdata['session_id'])
-	{
-		$error_msg .= (!empty($error_msg)) ? '<br />' . $lang['Session_invalid'] : $lang['Session_invalid'];
-	}
-
 	switch ( $mode )
 	{
 		case 'editpost':
@@ -574,11 +567,6 @@ else if ( $submit || $confirm )
 
 		case 'delete':
 		case 'poll_delete':
-			if ($error_msg != '')
-			{
-				message_die(GENERAL_MESSAGE, $error_msg);
-			}
-
 			delete_post($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id, $poll_id);
 			break;
 	}
@@ -941,7 +929,6 @@ if ( $mode == 'newtopic' || ( $mode == 'editpost' && $post_data['first_post'] )
 }
 
 $hidden_form_fields = '<input type="hidden" name="mode" value="' . $mode . '" />';
-$hidden_form_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />';
 
 switch( $mode )
 {

phpBB/privmsg.php

@@ -50,7 +50,6 @@ $confirm = ( isset($HTTP_POST_VARS['confirm']) ) ? TRUE : 0;
 $delete = ( isset($HTTP_POST_VARS['delete']) ) ? TRUE : 0;
 $delete_all = ( isset($HTTP_POST_VARS['deleteall']) ) ? TRUE : 0;
 $save = ( isset($HTTP_POST_VARS['save']) ) ? TRUE : 0;
-$sid = (isset($HTTP_POST_VARS['sid'])) ? $HTTP_POST_VARS['sid'] : 0;
 
 $refresh = $preview || $submit_search;
 
@@ -102,7 +101,6 @@ else
 }
 
 $start = ( !empty($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0;
-$start = ($start < 0) ? 0 : $start;
 
 if ( isset($HTTP_POST_VARS[POST_POST_URL]) || isset($HTTP_GET_VARS[POST_POST_URL]) )
 {
@@ -668,7 +666,6 @@ else if ( ( $delete && $mark_list ) || $delete_all )
 	{
 		$s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" />';
 		$s_hidden_fields .= ( isset($HTTP_POST_VARS['delete']) ) ? '<input type="hidden" name="delete" value="true" />' : '<input type="hidden" name="deleteall" value="true" />';
-		$s_hidden_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />';
 
 		for($i = 0; $i < count($mark_list); $i++)
 		{
@@ -699,7 +696,7 @@ else if ( ( $delete && $mark_list ) || $delete_all )
 		include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
 
 	}
-	else if ($confirm && $sid === $userdata['session_id'])
+	else if ( $confirm )
 	{
 		$delete_sql_id = '';
 
@@ -1164,13 +1161,6 @@ else if ( $submit || $refresh || $mode != '' )
 
 	if ( $submit )
 	{
-		// session id check
-		if ($sid == '' || $sid != $userdata['session_id'])
-		{
-			$error = true;
-			$error_msg .= ( ( !empty($error_msg) ) ? '<br />' : '' ) . $lang['Session_invalid'];
-		}
-
 		if ( !empty($HTTP_POST_VARS['username']) )
 		{
 			$to_username = phpbb_clean_username($HTTP_POST_VARS['username']);
@@ -1386,7 +1376,7 @@ else if ( $submit || $refresh || $mode != '' )
 
 		$privmsg_subject = ( isset($HTTP_POST_VARS['subject']) ) ? trim(htmlspecialchars(stripslashes($HTTP_POST_VARS['subject']))) : '';
 		$privmsg_message = ( isset($HTTP_POST_VARS['message']) ) ? trim($HTTP_POST_VARS['message']) : '';
-		// $privmsg_message = preg_replace('#<textarea>#si', '&lt;textarea&gt;', $privmsg_message);
+		$privmsg_message = preg_replace('#<textarea>#si', '&lt;textarea&gt;', $privmsg_message);
 		if ( !$preview )
 		{
 			$privmsg_message = stripslashes($privmsg_message);
@@ -1490,7 +1480,7 @@ else if ( $submit || $refresh || $mode != '' )
 			}
 			
 			$privmsg_message = str_replace('<br />', "\n", $privmsg_message);
-			// $privmsg_message = preg_replace('#</textarea>#si', '&lt;/textarea&gt;', $privmsg_message);
+			$privmsg_message = preg_replace('#</textarea>#si', '&lt;/textarea&gt;', $privmsg_message);
 
 			$user_sig = ( $board_config['allow_sig'] ) ? (($privmsg['privmsgs_type'] == PRIVMSGS_NEW_MAIL) ? $user_sig : $privmsg['user_sig']) : '';
 
@@ -1533,7 +1523,7 @@ else if ( $submit || $refresh || $mode != '' )
 
 				$privmsg_message = preg_replace("/\:(([a-z0-9]:)?)$privmsg_bbcode_uid/si", '', $privmsg_message);
 				$privmsg_message = str_replace('<br />', "\n", $privmsg_message);
-				// $privmsg_message = preg_replace('#</textarea>#si', '&lt;/textarea&gt;', $privmsg_message);
+				$privmsg_message = preg_replace('#</textarea>#si', '&lt;/textarea&gt;', $privmsg_message);
 				$privmsg_message = preg_replace($orig_word, $replacement_word, $privmsg_message);
 				
 				$msg_date =  create_date($board_config['default_dateformat'], $privmsg['privmsgs_date'], $board_config['board_timezone']); 
@@ -1660,7 +1650,6 @@ else if ( $submit || $refresh || $mode != '' )
 	//
 	if ($error)
 	{
-		$privmsg_message = htmlspecialchars($privmsg_message);
 		$template->set_filenames(array(
 			'reg_header' => 'error_body.tpl')
 		);
@@ -1747,7 +1736,6 @@ else if ( $submit || $refresh || $mode != '' )
 
 	$s_hidden_fields = '<input type="hidden" name="folder" value="' . $folder . '" />';
 	$s_hidden_fields .= '<input type="hidden" name="mode" value="' . $mode . '" />';
-	$s_hidden_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />';
 	if ( $mode == 'edit' )
 	{
 		$s_hidden_fields .= '<input type="hidden" name="' . POST_POST_URL . '" value="' . $privmsg_id . '" />';

phpBB/search.php

@@ -118,7 +118,6 @@ else
 }
 
 $start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0;
-$start = ($start < 0) ? 0 : $start;
 
 $sort_by_types = array($lang['Sort_Time'], $lang['Sort_Post_Subject'], $lang['Sort_Topic_Title'], $lang['Sort_Author'], $lang['Sort_Forum']);
 
@@ -692,7 +691,8 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
 		$result_array = serialize($store_search_data);
 		unset($store_search_data);
 
-		$search_id = abs(crc32(dss_rand()));
+		mt_srand ((double) microtime() * 1000000);
+		$search_id = mt_rand();
 
 		$sql = "UPDATE " . SEARCH_TABLE . " 
 			SET search_id = $search_id, search_time = $current_time, search_array = '" . str_replace("\'", "''", $result_array) . "'

phpBB/templates/subSilver/admin/styles_edit_body.tpl

@@ -9,7 +9,7 @@
 	</tr>
 	<tr>
 		<td class="row1">{L_THEME_NAME}:</td>
-		<td class="row2" colspan="2"><input class="post" type="text" size="25" maxlength="30" name="style_name" value="{THEME_NAME}"></td>
+		<td class="row2" colspan="2"><input class="post" type="text" size="25" maxlength="100" name="style_name" value="{THEME_NAME}"></td>
 	</tr>
 	<tr>
 		<td class="row1">{L_TEMPLATE}:</td>
@@ -64,176 +64,176 @@
 	<tr>
 		<td class="row1">{L_TR_COLOR1}:</td>
 		<td class="row2"><input class="post" type="text" size="6" maxlength="6" name="tr_color1" value="{TR_COLOR1}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="tr_color1_name" value="{TR_COLOR1_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="tr_color1_name" value="{TR_COLOR1_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_TR_COLOR2}:</td>
 		<td class="row2"><input class="post" type="text" size="6" maxlength="6" name="tr_color2" value="{TR_COLOR2}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="tr_color2_name" value="{TR_COLOR2_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="tr_color2_name" value="{TR_COLOR2_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_TR_COLOR3}:</td>
 		<td class="row2"><input class="post" type="text" size="6" maxlength="6" name="tr_color3" value="{TR_COLOR3}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="tr_color3_name" value="{TR_COLOR3_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="tr_color3_name" value="{TR_COLOR3_NAME}">
 	</tr>
 	<tr>
 		<td class="row1">{L_TR_CLASS1}:</td>
 		<td class="row2"><input class="post" type="text" size="25" maxlength="25" name="tr_class1" value="{TR_CLASS1}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="tr_class1_name" value="{TR_CLASS1_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="tr_class1_name" value="{TR_CLASS1_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_TR_CLASS2}:</td>
 		<td class="row2"><input class="post" type="text" size="25" maxlength="25" name="tr_class2" value="{TR_CLASS2}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="tr_class2_name" value="{TR_CLASS2_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="tr_class2_name" value="{TR_CLASS2_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_TR_CLASS3}:</td>
 		<td class="row2"><input class="post" type="text" size="25" maxlength="25" name="tr_class3" value="{TR_CLASS3}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="tr_class3_name" value="{TR_CLASS3_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="tr_class3_name" value="{TR_CLASS3_NAME}">
 	</tr>
 	<tr>
 		<td class="row1">{L_TH_COLOR1}:</td>
 		<td class="row2"><input class="post" type="text" size="6" maxlength="6" name="th_color1" value="{TH_COLOR1}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="th_color1_name" value="{TH_COLOR1_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="th_color1_name" value="{TH_COLOR1_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_TH_COLOR2}:</td>
 		<td class="row2"><input class="post" type="text" size="6" maxlength="6" name="th_color2" value="{TH_COLOR2}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="th_color2_name" value="{TH_COLOR2_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="th_color2_name" value="{TH_COLOR2_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_TH_COLOR3}:</td>
 		<td class="row2"><input class="post" type="text" size="6" maxlength="6" name="th_color3" value="{TH_COLOR3}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="th_color3_name" value="{TH_COLOR3_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="th_color3_name" value="{TH_COLOR3_NAME}">
 	</tr>
 	<tr>
 		<td class="row1">{L_TH_CLASS1}:</td>
 		<td class="row2"><input class="post" type="text" size="25" maxlength="25" name="th_class1" value="{TH_CLASS1}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="th_class1_name" value="{TH_CLASS1_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="th_class1_name" value="{TH_CLASS1_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_TH_CLASS2}:</td>
 		<td class="row2"><input class="post" type="text" size="25" maxlength="25" name="th_class2" value="{TH_CLASS2}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="th_class2_name" value="{TH_CLASS2_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="th_class2_name" value="{TH_CLASS2_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_TH_CLASS3}:</td>
 		<td class="row2"><input class="post" type="text" size="25" maxlength="25" name="th_class3" value="{TH_CLASS3}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="th_class3_name" value="{TH_CLASS3_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="th_class3_name" value="{TH_CLASS3_NAME}">
 	</tr>
 	<tr>
 		<td class="row1">{L_TD_COLOR1}:</td>
 		<td class="row2"><input class="post" type="text" size="6" maxlength="6" name="td_color1" value="{TD_COLOR1}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="td_color1_name" value="{TD_COLOR1_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="td_color1_name" value="{TD_COLOR1_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_TD_COLOR2}:</td>
 		<td class="row2"><input class="post" type="text" size="6" maxlength="6" name="td_color2" value="{TD_COLOR2}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="td_color2_name" value="{TD_COLOR2_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="td_color2_name" value="{TD_COLOR2_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_TD_COLOR3}:</td>
 		<td class="row2"><input class="post" type="text" size="6" maxlength="6" name="td_color3" value="{TD_COLOR3}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="td_color3_name" value="{TD_COLOR3_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="td_color3_name" value="{TD_COLOR3_NAME}">
 	</tr>
 	<tr>
 		<td class="row1">{L_TD_CLASS1}:</td>
 		<td class="row2"><input class="post" type="text" size="25" maxlength="25" name="td_class1" value="{TD_CLASS1}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="td_class1_name" value="{TD_CLASS1_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="td_class1_name" value="{TD_CLASS1_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_TD_CLASS2}:</td>
 		<td class="row2"><input class="post" type="text" size="25" maxlength="25" name="td_class2" value="{TD_CLASS2}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="td_class2_name" value="{TD_CLASS2_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="td_class2_name" value="{TD_CLASS2_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_TD_CLASS3}:</td>
 		<td class="row2"><input class="post" type="text" size="25" maxlength="25" name="td_class3" value="{TD_CLASS3}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="td_class3_name" value="{TD_CLASS3_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="td_class3_name" value="{TD_CLASS3_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_FONTFACE_1}:</td>
 		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="fontface1" value="{FONTFACE1}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="fontface1_name" value="{FONTFACE1_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="fontface1_name" value="{FONTFACE1_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_FONTFACE_2}:</td>
 		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="fontface2" value="{FONTFACE2}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="fontface2_name" value="{FONTFACE2_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="fontface2_name" value="{FONTFACE2_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_FONTFACE_3}:</td>
 		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="fontface3" value="{FONTFACE3}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="fontface3_name" value="{FONTFACE3_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="fontface3_name" value="{FONTFACE3_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_FONTSIZE_1}:</td>
 		<td class="row2"><input class="post" type="text" size="4" maxlength="4" name="fontsize1" value="{FONTSIZE1}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="fontsize1_name" value="{FONTSIZE1_NAME}">	
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="fontsize1_name" value="{FONTSIZE1_NAME}">	
 	</tr>
 
 	<tr>
 		<td class="row1">{L_FONTSIZE_2}:</td>
 		<td class="row2"><input class="post" type="text" size="4" maxlength="4" name="fontsize2" value="{FONTSIZE2}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="fontsize2_name" value="{FONTSIZE2_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="fontsize2_name" value="{FONTSIZE2_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_FONTSIZE_3}:</td>
 		<td class="row2"><input class="post" type="text" size="4" maxlength="4" name="fontsize3" value="{FONTSIZE3}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="fontsize3_name" value="{FONTSIZE3_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="fontsize3_name" value="{FONTSIZE3_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_FONTCOLOR_1}:</td>
 		<td class="row2"><input class="post" type="text" size="6" maxlength="6" name="fontcolor1" value="{FONTCOLOR1}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="fontcolor1_name" value="{FONTCOLOR1_NAME}">	
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="fontcolor1_name" value="{FONTCOLOR1_NAME}">	
 	</tr>
 
 	<tr>
 		<td class="row1">{L_FONTCOLOR_2}:</td>
 		<td class="row2"><input class="post" type="text" size="6" maxlength="6" name="fontcolor2" value="{FONTCOLOR2}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="fontcolor2_name" value="{FONTCOLOR2_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="fontcolor2_name" value="{FONTCOLOR2_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_FONTCOLOR_3}:</td>
 		<td class="row2"><input class="post" type="text" size="6" maxlength="6" name="fontcolor3" value="{FONTCOLOR3}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="fontcolor3_name" value="{FONTCOLOR3_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="fontcolor3_name" value="{FONTCOLOR3_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_SPAN_CLASS_1}:</td>
 		<td class="row2"><input class="post" type="text" size="25" maxlength="25" name="span_class1" value="{SPAN_CLASS1}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="span_class1_name" value="{SPAN_CLASS1_NAME}">	
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="span_class1_name" value="{SPAN_CLASS1_NAME}">	
 	</tr>
 
 	<tr>
 		<td class="row1">{L_SPAN_CLASS_2}:</td>
 		<td class="row2"><input class="post" type="text" size="25" maxlength="25" name="span_class2" value="{SPAN_CLASS2}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="span_class2_name" value="{SPAN_CLASS2_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="span_class2_name" value="{SPAN_CLASS2_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_SPAN_CLASS_3}:</td>
 		<td class="row2"><input class="post" type="text" size="25" maxlength="25" name="span_class3" value="{SPAN_CLASS3}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="span_class3_name" value="{SPAN_CLASS3_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="span_class3_name" value="{SPAN_CLASS3_NAME}">
 	</tr>
 
 

phpBB/templates/subSilver/bbcode.tpl

@@ -54,7 +54,6 @@
 <!-- BEGIN size_close --></span><!-- END size_close -->
 
 <!-- BEGIN img --><img src="{URL}" border="0" /><!-- END img -->
-<!-- BEGIN p_img -->{L_PRIV_IMG}:{URL}<!-- END p_img -->
 
 <!-- BEGIN url --><a href="{URL}" target="_blank" class="postlink">{DESCRIPTION}</a><!-- END url -->
 

phpBB/templates/subSilver/posting_body.tpl

@@ -372,11 +372,10 @@ function storeCaret(textEl) {
 					  <option style="color:violet; background-color: {T_TD_COLOR1}" value="violet" class="genmed">{L_COLOR_VIOLET}</option>
 					  <option style="color:white; background-color: {T_TD_COLOR1}" value="white" class="genmed">{L_COLOR_WHITE}</option>
 					  <option style="color:black; background-color: {T_TD_COLOR1}" value="black" class="genmed">{L_COLOR_BLACK}</option>
-					</select> &nbsp;{L_FONT_SIZE}:<select name="addbbcode20" selected onChange="bbfontstyle('[size=' + this.form.addbbcode20.options[this.form.addbbcode20.selectedIndex].value + ']', '[/size]');this.selectedIndex=0;" onMouseOver="helpline('f')">
-					  <option value="0" class="genmed">{L_FONT_SIZE}</option>
+					</select> &nbsp;{L_FONT_SIZE}:<select name="addbbcode20" onChange="bbfontstyle('[size=' + this.form.addbbcode20.options[this.form.addbbcode20.selectedIndex].value + ']', '[/size]')" onMouseOver="helpline('f')">
 					  <option value="7" class="genmed">{L_FONT_TINY}</option>
 					  <option value="9" class="genmed">{L_FONT_SMALL}</option>
-					  <option value="12" class="genmed">{L_FONT_NORMAL}</option>
+					  <option value="12" selected class="genmed">{L_FONT_NORMAL}</option>
 					  <option value="18" class="genmed">{L_FONT_LARGE}</option>
 					  <option  value="24" class="genmed">{L_FONT_HUGE}</option>
 					</select>

phpBB/viewforum.php

@@ -42,7 +42,6 @@ else
 }
 
 $start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0;
-$start = ($start < 0) ? 0 : $start;
 
 if ( isset($HTTP_GET_VARS['mark']) || isset($HTTP_POST_VARS['mark']) )
 {
@@ -372,7 +371,7 @@ $s_auth_can .= ( ( $is_auth['auth_vote'] ) ? $lang['Rules_vote_can'] : $lang['Ru
 
 if ( $is_auth['auth_mod'] )
 {
-	$s_auth_can .= sprintf($lang['Rules_moderate'], '<a href="' . append_sid("modcp.$phpEx?" . POST_FORUM_URL . "=$forum_id&amp;start=" . $start . "&amp;p_sid=" . $userdata['priv_session_id']) . '">', '</a>');
+	$s_auth_can .= sprintf($lang['Rules_moderate'], "<a href=\"modcp.$phpEx?" . POST_FORUM_URL . "=$forum_id&amp;start=" . $start . "&amp;sid=" . $userdata['session_id'] . '">', '</a>');
 }
 
 //

phpBB/viewtopic.php

@@ -46,7 +46,6 @@ if ( isset($HTTP_GET_VARS[POST_POST_URL]))
 
 
 $start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0;
-$start = ($start < 0) ? 0 : $start;
 
 if (!$topic_id && !$post_id)
 {
@@ -590,15 +589,15 @@ $topic_mod = '';
 
 if ( $is_auth['auth_mod'] )
 {
-	$s_auth_can .= sprintf($lang['Rules_moderate'], '<a href="' . append_sid("modcp.$phpEx?" . POST_FORUM_URL . "=$forum_id&amp;p_sid=" . $userdata['priv_session_id']) . '">', '</a>');
+	$s_auth_can .= sprintf($lang['Rules_moderate'], "<a href=\"modcp.$phpEx?" . POST_FORUM_URL . "=$forum_id&amp;sid=" . $userdata['session_id'] . '">', '</a>');
 
-	$topic_mod .= '<a href="' . append_sid("modcp.$phpEx?" . POST_TOPIC_URL . "=$topic_id&amp;mode=delete&amp;p_sid=" . $userdata['priv_session_id']) . '"><img src="' . $images['topic_mod_delete'] . '" alt="' . $lang['Delete_topic'] . '" title="' . $lang['Delete_topic'] . '" border="0" /></a>&nbsp;';
+	$topic_mod .= "<a href=\"modcp.$phpEx?" . POST_TOPIC_URL . "=$topic_id&amp;mode=delete&amp;sid=" . $userdata['session_id'] . '"><img src="' . $images['topic_mod_delete'] . '" alt="' . $lang['Delete_topic'] . '" title="' . $lang['Delete_topic'] . '" border="0" /></a>&nbsp;';
 
-	$topic_mod .= '<a href="' . append_sid("modcp.$phpEx?" . POST_TOPIC_URL . "=$topic_id&amp;mode=move&amp;p_sid=" . $userdata['priv_session_id']) . '"><img src="' . $images['topic_mod_move'] . '" alt="' . $lang['Move_topic'] . '" title="' . $lang['Move_topic'] . '" border="0" /></a>&nbsp;';
+	$topic_mod .= "<a href=\"modcp.$phpEx?" . POST_TOPIC_URL . "=$topic_id&amp;mode=move&amp;sid=" . $userdata['session_id'] . '"><img src="' . $images['topic_mod_move'] . '" alt="' . $lang['Move_topic'] . '" title="' . $lang['Move_topic'] . '" border="0" /></a>&nbsp;';
 
-	$topic_mod .= ( $forum_topic_data['topic_status'] == TOPIC_UNLOCKED ) ? '<a href="' . append_sid("modcp.$phpEx?" . POST_TOPIC_URL . "=$topic_id&amp;mode=lock&amp;p_sid=" . $userdata['priv_session_id']) . '"><img src="' . $images['topic_mod_lock'] . '" alt="' . $lang['Lock_topic'] . '" title="' . $lang['Lock_topic'] . '" border="0" /></a>&nbsp;' : '<a href="' . append_sid("modcp.$phpEx?" . POST_TOPIC_URL . "=$topic_id&amp;mode=unlock&amp;p_sid=" . $userdata['priv_session_id']) . '"><img src="' . $images['topic_mod_unlock'] . '" alt="' . $lang['Unlock_topic'] . '" title="' . $lang['Unlock_topic'] . '" border="0" /></a>&nbsp;';
+	$topic_mod .= ( $forum_topic_data['topic_status'] == TOPIC_UNLOCKED ) ? "<a href=\"modcp.$phpEx?" . POST_TOPIC_URL . "=$topic_id&amp;mode=lock&amp;sid=" . $userdata['session_id'] . '"><img src="' . $images['topic_mod_lock'] . '" alt="' . $lang['Lock_topic'] . '" title="' . $lang['Lock_topic'] . '" border="0" /></a>&nbsp;' : "<a href=\"modcp.$phpEx?" . POST_TOPIC_URL . "=$topic_id&amp;mode=unlock&amp;sid=" . $userdata['session_id'] . '"><img src="' . $images['topic_mod_unlock'] . '" alt="' . $lang['Unlock_topic'] . '" title="' . $lang['Unlock_topic'] . '" border="0" /></a>&nbsp;';
 
-	$topic_mod .= '<a href="' . append_sid("modcp.$phpEx?" . POST_TOPIC_URL . "=$topic_id&amp;mode=split&amp;p_sid=" . $userdata['priv_session_id']) . '"><img src="' . $images['topic_mod_split'] . '" alt="' . $lang['Split_topic'] . '" title="' . $lang['Split_topic'] . '" border="0" /></a>&nbsp;';
+	$topic_mod .= "<a href=\"modcp.$phpEx?" . POST_TOPIC_URL . "=$topic_id&amp;mode=split&amp;sid=" . $userdata['session_id'] . '"><img src="' . $images['topic_mod_split'] . '" alt="' . $lang['Split_topic'] . '" title="' . $lang['Split_topic'] . '" border="0" /></a>&nbsp;';
 }
 
 //
@@ -1008,13 +1007,13 @@ for($i = 0; $i < $total_posts; $i++)
 
 	if ( $is_auth['auth_mod'] )
 	{
-		$temp_url = "modcp.$phpEx?mode=ip&amp;" . POST_POST_URL . "=" . $postrow[$i]['post_id'] . "&amp;" . POST_TOPIC_URL . "=" . $topic_id . "&amp;p_sid=" . $userdata['priv_session_id'];
+		$temp_url = "modcp.$phpEx?mode=ip&amp;" . POST_POST_URL . "=" . $postrow[$i]['post_id'] . "&amp;" . POST_TOPIC_URL . "=" . $topic_id . "&amp;sid=" . $userdata['session_id'];
 		$ip_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_ip'] . '" alt="' . $lang['View_IP'] . '" title="' . $lang['View_IP'] . '" border="0" /></a>';
 		$ip = '<a href="' . $temp_url . '">' . $lang['View_IP'] . '</a>';
 
-		$temp_url = "posting.$phpEx?mode=delete&amp;" . POST_POST_URL . "=" . $postrow[$i]['post_id'] . "&amp;p_sid=" . $userdata['priv_session_id'];
+		$temp_url = "posting.$phpEx?mode=delete&amp;" . POST_POST_URL . "=" . $postrow[$i]['post_id'] . "&amp;sid=" . $userdata['session_id'];
 		$delpost_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_delpost'] . '" alt="' . $lang['Delete_post'] . '" title="' . $lang['Delete_post'] . '" border="0" /></a>';
-		$delpost = '<a href="' . append_sid($temp_url) . '">' . $lang['Delete_post'] . '</a>';
+		$delpost = '<a href="' . $temp_url . '">' . $lang['Delete_post'] . '</a>';
 	}
 	else
 	{
@@ -1023,9 +1022,9 @@ for($i = 0; $i < $total_posts; $i++)
 
 		if ( $userdata['user_id'] == $poster_id && $is_auth['auth_delete'] && $forum_topic_data['topic_last_post_id'] == $postrow[$i]['post_id'] )
 		{
-			$temp_url = "posting.$phpEx?mode=delete&amp;" . POST_POST_URL . "=" . $postrow[$i]['post_id'] . "&amp;p_sid=" . $userdata['priv_session_id'];
+			$temp_url = "posting.$phpEx?mode=delete&amp;" . POST_POST_URL . "=" . $postrow[$i]['post_id'] . "&amp;sid=" . $userdata['session_id'];
 			$delpost_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_delpost'] . '" alt="' . $lang['Delete_post'] . '" title="' . $lang['Delete_post'] . '" border="0" /></a>';
-			$delpost = '<a href="' . append_sid($temp_url) . '">' . $lang['Delete_post'] . '</a>';
+			$delpost = '<a href="' . $temp_url . '">' . $lang['Delete_post'] . '</a>';
 		}
 		else
 		{