This commit was manufactured by cvs2svn to create tag

'release_2_0_16'.

git-svn-id: file:///svn/phpbb/tags/release_2_0_16@5167 89ea8834-ac86-4346-8a33-228a782c2dd0

phpBB/admin/admin_board.php

@@ -16,7 +16,7 @@ define('IN_PHPBB', 1);
 if( !empty($setmodules) )
 {
 	$file = basename(__FILE__);
-	$module['General']['Configuration'] = $file;
+	$module['General']['Configuration'] = "$file";
 	return;
 }
 
@@ -49,24 +49,7 @@ else
 
 		if ($config_name == 'cookie_name')
 		{
-			$new['cookie_name'] = str_replace('.', '_', $new['cookie_name']);
-		}
-
-		// Attempt to prevent a common mistake with this value,
-		// http:// is the protocol and not part of the server name
-		if ($config_name == 'server_name')
-		{
-			$new['server_name'] = str_replace('http://', '', $new['server_name']);
-		}
-
-		// Attempt to prevent a mistake with this value.
-		if ($config_name == 'avatar_path')
-		{
-			$new['avatar_path'] = trim($new['avatar_path']);
-			if (strstr($new['avatar_path'], "\0") || !is_dir($phpbb_root_path . $new['avatar_path']) || !is_writable($phpbb_root_path . $new['avatar_path']))
-			{
-				$new['avatar_path'] = $default_config['avatar_path'];
-			}
+			$cookie_name = str_replace('.', '_', $new['cookie_name']);
 		}
 
 		if( isset($HTTP_POST_VARS['submit']) )
@@ -117,9 +100,6 @@ $activation_admin = ( $new['require_activation'] == USER_ACTIVATION_ADMIN ) ? "c
 $confirm_yes = ($new['enable_confirm']) ? 'checked="checked"' : '';
 $confirm_no = (!$new['enable_confirm']) ? 'checked="checked"' : '';
 
-$allow_autologin_yes = ($new['allow_autologin']) ? 'checked="checked"' : '';
-$allow_autologin_no = (!$new['allow_autologin']) ? 'checked="checked"' : '';
-
 $board_email_form_yes = ( $new['board_email_form'] ) ? "checked=\"checked\"" : "";
 $board_email_form_no = ( !$new['board_email_form'] ) ? "checked=\"checked\"" : "";
 
@@ -185,10 +165,6 @@ $template->assign_vars(array(
 	"L_ADMIN" => $lang['Acc_Admin'], 
 	"L_VISUAL_CONFIRM" => $lang['Visual_confirm'], 
 	"L_VISUAL_CONFIRM_EXPLAIN" => $lang['Visual_confirm_explain'], 
-	"L_ALLOW_AUTOLOGIN" => $lang['Allow_autologin'],
-	"L_ALLOW_AUTOLOGIN_EXPLAIN" => $lang['Allow_autologin_explain'],
-	"L_AUTOLOGIN_TIME" => $lang['Autologin_time'],
-	"L_AUTOLOGIN_TIME_EXPLAIN" => $lang['Autologin_time_explain'],
 	"L_COOKIE_SETTINGS" => $lang['Cookie_settings'], 
 	"L_COOKIE_SETTINGS_EXPLAIN" => $lang['Cookie_settings_explain'], 
 	"L_COOKIE_DOMAIN" => $lang['Cookie_domain'],
@@ -208,16 +184,6 @@ $template->assign_vars(array(
 	"L_MAX_POLL_OPTIONS" => $lang['Max_poll_options'],
 	"L_FLOOD_INTERVAL" => $lang['Flood_Interval'],
 	"L_FLOOD_INTERVAL_EXPLAIN" => $lang['Flood_Interval_explain'], 
-	"L_SEARCH_FLOOD_INTERVAL" => $lang['Search_Flood_Interval'],
-	"L_SEARCH_FLOOD_INTERVAL_EXPLAIN" => $lang['Search_Flood_Interval_explain'], 
-
-	'L_MAX_LOGIN_ATTEMPTS'			=> $lang['Max_login_attempts'],
-	'L_MAX_LOGIN_ATTEMPTS_EXPLAIN'	=> $lang['Max_login_attempts_explain'],
-	'L_LOGIN_RESET_TIME'			=> $lang['Login_reset_time'],
-	'L_LOGIN_RESET_TIME_EXPLAIN'	=> $lang['Login_reset_time_explain'],
-	'MAX_LOGIN_ATTEMPTS'			=> $new['max_login_attempts'],
-	'LOGIN_RESET_TIME'				=> $new['login_reset_time'],
-
 	"L_BOARD_EMAIL_FORM" => $lang['Board_email_form'], 
 	"L_BOARD_EMAIL_FORM_EXPLAIN" => $lang['Board_email_form_explain'], 
 	"L_TOPICS_PER_PAGE" => $lang['Topics_per_page'],
@@ -288,14 +254,11 @@ $template->assign_vars(array(
 	"ACTIVATION_ADMIN_CHECKED" => $activation_admin, 
 	"CONFIRM_ENABLE" => $confirm_yes,
 	"CONFIRM_DISABLE" => $confirm_no,
-	'ALLOW_AUTOLOGIN_YES' => $allow_autologin_yes,
-	'ALLOW_AUTOLOGIN_NO' => $allow_autologin_no,
-	'AUTOLOGIN_TIME' => (int) $new['max_autologin_time'],
+	"ACTIVATION_NONE_CHECKED" => $activation_none,
 	"BOARD_EMAIL_FORM_ENABLE" => $board_email_form_yes, 
 	"BOARD_EMAIL_FORM_DISABLE" => $board_email_form_no, 
 	"MAX_POLL_OPTIONS" => $new['max_poll_options'], 
 	"FLOOD_INTERVAL" => $new['flood_interval'],
-	"SEARCH_FLOOD_INTERVAL" => $new['search_flood_interval'],
 	"TOPICS_PER_PAGE" => $new['topics_per_page'],
 	"POSTS_PER_PAGE" => $new['posts_per_page'],
 	"HOT_TOPIC" => $new['hot_threshold'],

phpBB/admin/admin_db_utilities.php

@@ -499,9 +499,9 @@ function get_table_content_postgresql($table, $handler)
 
 	while($row = $db->sql_fetchrow($result))
 	{
-		$schema_vals = '';
-		$schema_fields = '';
-		$schema_insert = '';
+		unset($schema_vals);
+		unset($schema_fields);
+		unset($schema_insert);
 		//
 		// Build the SQL statement to recreate the data.
 		//
@@ -516,7 +516,7 @@ function get_table_content_postgresql($table, $handler)
 			}
 			elseif (eregi("date|timestamp", $aryType[$i]))
 			{
-				if (empty($strVal))
+				if ($empty($strVal))
 				{
 					$strQuote = "";
 				}
@@ -693,7 +693,7 @@ if( isset($HTTP_GET_VARS['perform']) || isset($HTTP_POST_VARS['perform']) )
 				include('./page_footer_admin.'.$phpEx);
 			}
 
-			$tables = array('auth_access', 'banlist', 'categories', 'config', 'disallow', 'forums', 'forum_prune', 'groups', 'posts', 'posts_text', 'privmsgs', 'privmsgs_text', 'ranks', 'search_results', 'search_wordlist', 'search_wordmatch', 'sessions', 'smilies', 'themes', 'themes_name', 'topics', 'topics_watch', 'user_group', 'users', 'vote_desc', 'vote_results', 'vote_voters', 'words', 'confirm', 'sessions_keys');
+			$tables = array('auth_access', 'banlist', 'categories', 'config', 'disallow', 'forums', 'forum_prune', 'groups', 'posts', 'posts_text', 'privmsgs', 'privmsgs_text', 'ranks', 'search_results', 'search_wordlist', 'search_wordmatch', 'sessions', 'smilies', 'themes', 'themes_name', 'topics', 'topics_watch', 'user_group', 'users', 'vote_desc', 'vote_results', 'vote_voters', 'words', 'confirm');
 
 			$additional_tables = (isset($HTTP_POST_VARS['additional_tables'])) ? $HTTP_POST_VARS['additional_tables'] : ( (isset($HTTP_GET_VARS['additional_tables'])) ? $HTTP_GET_VARS['additional_tables'] : "" );
 

phpBB/admin/admin_disallow.php

@@ -25,7 +25,7 @@ define('IN_PHPBB', 1);
 if( !empty($setmodules) )
 {
 	$filename = basename(__FILE__);
-	$module['Users']['Disallow'] = $filename;
+	$module['Users']['Disallow'] = append_sid($filename);
 
 	return;
 }
@@ -45,7 +45,7 @@ if( isset($HTTP_POST_VARS['add_name']) )
 
 	if ($disallowed_user == '')
 	{
-		message_die(GENERAL_MESSAGE, $lang['Fields_empty']);
+		message_die(MESSAGE, $lang['Fields_empty']);
 	}
 	if( !validate_username($disallowed_user) )
 	{

phpBB/admin/admin_forums.php

@@ -39,8 +39,8 @@ include($phpbb_root_path . 'includes/functions_admin.'.$phpEx);
 $forum_auth_ary = array(
 	"auth_view" => AUTH_ALL, 
 	"auth_read" => AUTH_ALL, 
-	"auth_post" => AUTH_REG, 
-	"auth_reply" => AUTH_REG, 
+	"auth_post" => AUTH_ALL, 
+	"auth_reply" => AUTH_ALL, 
 	"auth_edit" => AUTH_REG, 
 	"auth_delete" => AUTH_REG, 
 	"auth_sticky" => AUTH_MOD, 
@@ -626,7 +626,7 @@ if( !empty($mode) )
 					$vote_ids = '';
 					do
 					{
-						$vote_ids .= (($vote_ids != '') ? ', ' : '') . $row['vote_id'];
+						$vote_ids = (($vote_ids != '') ? ', ' : '') . $row['vote_id'];
 					}
 					while ($row = $db->sql_fetchrow($result));
 

phpBB/admin/admin_groups.php

@@ -104,26 +104,21 @@ if ( isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new']) )
 	//
 	// Ok, now we know everything about them, let's show the page.
 	//
-	if ($group_info['group_moderator'] != '')
+	$sql = "SELECT user_id, username
+		FROM " . USERS_TABLE . "
+		WHERE user_id <> " . ANONYMOUS . "
+		ORDER BY username";
+	if ( !($result = $db->sql_query($sql)) )
 	{
-		$sql = "SELECT user_id, username
-			FROM " . USERS_TABLE . "
-			WHERE user_id = " . $group_info['group_moderator'];
-		if ( !($result = $db->sql_query($sql)) )
-		{
-			message_die(GENERAL_ERROR, 'Could not obtain user info for moderator list', '', __LINE__, __FILE__, $sql);
-		}
-
-		if ( !($row = $db->sql_fetchrow($result)) )
-		{
-			message_die(GENERAL_ERROR, 'Could not obtain user info for moderator list', '', __LINE__, __FILE__, $sql);
-		}
-
-		$group_moderator = $row['username'];
+		message_die(GENERAL_ERROR, 'Could not obtain user info for moderator list', '', __LINE__, __FILE__, $sql);
 	}
-	else
+
+	while ( $row = $db->sql_fetchrow($result) )
 	{
-		$group_moderator = '';
+		if ( $row['user_id'] == $group_info['group_moderator'] ) 
+		{
+			$group_moderator = $row['username'];
+		}
 	}
 
 	$group_open = ( $group_info['group_type'] == GROUP_OPEN ) ? ' checked="checked"' : '';
@@ -255,7 +250,7 @@ else if ( isset($HTTP_POST_VARS['group_update']) )
 	else
 	{
 		$group_type = isset($HTTP_POST_VARS['group_type']) ? intval($HTTP_POST_VARS['group_type']) : GROUP_OPEN;
-		$group_name = isset($HTTP_POST_VARS['group_name']) ? htmlspecialchars(trim($HTTP_POST_VARS['group_name'])) : '';
+		$group_name = isset($HTTP_POST_VARS['group_name']) ? trim($HTTP_POST_VARS['group_name']) : '';
 		$group_description = isset($HTTP_POST_VARS['group_description']) ? trim($HTTP_POST_VARS['group_description']) : '';
 		$group_moderator = isset($HTTP_POST_VARS['username']) ? $HTTP_POST_VARS['username'] : '';
 		$delete_old_moderator = isset($HTTP_POST_VARS['delete_old_moderator']) ? true : false;

phpBB/admin/admin_ranks.php

@@ -19,34 +19,25 @@
  *
  ***************************************************************************/
 
+define('IN_PHPBB', 1);
+
 if( !empty($setmodules) )
 {
 	$file = basename(__FILE__);
-	$module['Users']['Ranks'] = $file;
+	$module['Users']['Ranks'] = "$file";
 	return;
 }
 
-define('IN_PHPBB', 1);
-
 //
 // Let's set the root dir for phpBB
 //
 $phpbb_root_path = "./../";
 require($phpbb_root_path . 'extension.inc');
-
-$cancel = ( isset($HTTP_POST_VARS['cancel']) || isset($_POST['cancel']) ) ? true : false;
-$no_page_header = $cancel;
-
 require('./pagestart.' . $phpEx);
 
-if ($cancel)
-{
-	redirect('admin/' . append_sid("admin_ranks.$phpEx", true));
-}
-
 if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
 {
-	$mode = (isset($HTTP_GET_VARS['mode'])) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
+	$mode = ($HTTP_GET_VARS['mode']) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
 	$mode = htmlspecialchars($mode);
 }
 else 
@@ -68,8 +59,6 @@ else
 	}
 }
 
-// Restrict mode input to valid options
-$mode = ( in_array($mode, array('add', 'edit', 'save', 'delete')) ) ? $mode : '';
 
 if( $mode != "" )
 {
@@ -224,10 +213,8 @@ if( $mode != "" )
 		{
 			$rank_id = 0;
 		}
-
-		$confirm = isset($HTTP_POST_VARS['confirm']);
 		
-		if( $rank_id && $confirm )
+		if( $rank_id )
 		{
 			$sql = "DELETE FROM " . RANKS_TABLE . "
 				WHERE rank_id = $rank_id";
@@ -251,95 +238,135 @@ if( $mode != "" )
 			message_die(GENERAL_MESSAGE, $message);
 
 		}
-		elseif( $rank_id && !$confirm)
-		{
-			// Present the confirmation screen to the user
-			$template->set_filenames(array(
-				'body' => 'admin/confirm_body.tpl')
-			);
-
-			$hidden_fields = '<input type="hidden" name="mode" value="delete" /><input type="hidden" name="id" value="' . $rank_id . '" />';
-
-			$template->assign_vars(array(
-				'MESSAGE_TITLE' => $lang['Confirm'],
-				'MESSAGE_TEXT' => $lang['Confirm_delete_rank'],
-
-				'L_YES' => $lang['Yes'],
-				'L_NO' => $lang['No'],
-
-				'S_CONFIRM_ACTION' => append_sid("admin_ranks.$phpEx"),
-				'S_HIDDEN_FIELDS' => $hidden_fields)
-			);
-		}
 		else
 		{
 			message_die(GENERAL_MESSAGE, $lang['Must_select_rank']);
 		}
 	}
-
-	$template->pparse("body");
-
-	include('./page_footer_admin.'.$phpEx);
-}
-
-//
-// Show the default page
-//
-$template->set_filenames(array(
-	"body" => "admin/ranks_list_body.tpl")
-);
-
-$sql = "SELECT * FROM " . RANKS_TABLE . "
-	ORDER BY rank_min ASC, rank_special ASC";
-if( !$result = $db->sql_query($sql) )
-{
-	message_die(GENERAL_ERROR, "Couldn't obtain ranks data", "", __LINE__, __FILE__, $sql);
-}
-$rank_count = $db->sql_numrows($result);
-
-$rank_rows = $db->sql_fetchrowset($result);
-
-$template->assign_vars(array(
-	"L_RANKS_TITLE" => $lang['Ranks_title'],
-	"L_RANKS_TEXT" => $lang['Ranks_explain'],
-	"L_RANK" => $lang['Rank_title'],
-	"L_RANK_MINIMUM" => $lang['Rank_minimum'],
-	"L_SPECIAL_RANK" => $lang['Rank_special'],
-	"L_EDIT" => $lang['Edit'],
-	"L_DELETE" => $lang['Delete'],
-	"L_ADD_RANK" => $lang['Add_new_rank'],
-	"L_ACTION" => $lang['Action'],
-	
-	"S_RANKS_ACTION" => append_sid("admin_ranks.$phpEx"))
-);
-
-for($i = 0; $i < $rank_count; $i++)
-{
-	$rank = $rank_rows[$i]['rank_title'];
-	$special_rank = $rank_rows[$i]['rank_special'];
-	$rank_id = $rank_rows[$i]['rank_id'];
-	$rank_min = $rank_rows[$i]['rank_min'];
-	
-	if( $special_rank == 1 )
+	else
 	{
-		$rank_min = $rank_max = "-";
-	}
+		//
+		// They didn't feel like giving us any information. Oh, too bad, we'll just display the
+		// list then...
+		//
+		$template->set_filenames(array(
+			"body" => "admin/ranks_list_body.tpl")
+		);
+		
+		$sql = "SELECT * FROM " . RANKS_TABLE . "
+			ORDER BY rank_min, rank_title";
+		if( !$result = $db->sql_query($sql) )
+		{
+			message_die(GENERAL_ERROR, "Couldn't obtain ranks data", "", __LINE__, __FILE__, $sql);
+		}
+		
+		$rank_rows = $db->sql_fetchrowset($result);
+		$rank_count = count($rank_rows);
+		
+		$template->assign_vars(array(
+			"L_RANKS_TITLE" => $lang['Ranks_title'],
+			"L_RANKS_TEXT" => $lang['Ranks_explain'],
+			"L_RANK" => $lang['Rank_title'],
+			"L_RANK_MINIMUM" => $lang['Rank_minimum'],
+			"L_SPECIAL_RANK" => $lang['Special_rank'],
+			"L_EDIT" => $lang['Edit'],
+			"L_DELETE" => $lang['Delete'],
+			"L_ADD_RANK" => $lang['Add_new_rank'],
+			"L_ACTION" => $lang['Action'],
+			
+			"S_RANKS_ACTION" => append_sid("admin_ranks.$phpEx"))
+		);
+		
+		for( $i = 0; $i < $rank_count; $i++)
+		{
+			$rank = $rank_rows[$i]['rank_title'];
+			$special_rank = $rank_rows[$i]['rank_special'];
+			$rank_id = $rank_rows[$i]['rank_id'];
+			$rank_min = $rank_rows[$i]['rank_min'];
 
-	$row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
-	$row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
-
-	$rank_is_special = ( $special_rank ) ? $lang['Yes'] : $lang['No'];
+			if($special_rank)
+			{
+				$rank_min = $rank_max = "-";
+			}
+			
+			$row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
+			$row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
 	
-	$template->assign_block_vars("ranks", array(
-		"ROW_COLOR" => "#" . $row_color,
-		"ROW_CLASS" => $row_class,
-		"RANK" => $rank,
-		"SPECIAL_RANK" => $rank_is_special,
-		"RANK_MIN" => $rank_min,
+			$template->assign_block_vars("ranks", array(
+				"ROW_COLOR" => "#" . $row_color,
+				"ROW_CLASS" => $row_class,
+				"RANK" => $rank,
+				"RANK_MIN" => $rank_min,
 
-		"U_RANK_EDIT" => append_sid("admin_ranks.$phpEx?mode=edit&amp;id=$rank_id"),
-		"U_RANK_DELETE" => append_sid("admin_ranks.$phpEx?mode=delete&amp;id=$rank_id"))
+				"SPECIAL_RANK" => ( $special_rank == 1 ) ? $lang['Yes'] : $lang['No'],
+
+				"U_RANK_EDIT" => append_sid("admin_ranks.$phpEx?mode=edit&amp;id=$rank_id"),
+				"U_RANK_DELETE" => append_sid("admin_ranks.$phpEx?mode=delete&amp;id=$rank_id"))
+			);
+		}
+	}
+}
+else
+{
+	//
+	// Show the default page
+	//
+	$template->set_filenames(array(
+		"body" => "admin/ranks_list_body.tpl")
 	);
+	
+	$sql = "SELECT * FROM " . RANKS_TABLE . "
+		ORDER BY rank_min ASC, rank_special ASC";
+	if( !$result = $db->sql_query($sql) )
+	{
+		message_die(GENERAL_ERROR, "Couldn't obtain ranks data", "", __LINE__, __FILE__, $sql);
+	}
+	$rank_count = $db->sql_numrows($result);
+
+	$rank_rows = $db->sql_fetchrowset($result);
+	
+	$template->assign_vars(array(
+		"L_RANKS_TITLE" => $lang['Ranks_title'],
+		"L_RANKS_TEXT" => $lang['Ranks_explain'],
+		"L_RANK" => $lang['Rank_title'],
+		"L_RANK_MINIMUM" => $lang['Rank_minimum'],
+		"L_SPECIAL_RANK" => $lang['Rank_special'],
+		"L_EDIT" => $lang['Edit'],
+		"L_DELETE" => $lang['Delete'],
+		"L_ADD_RANK" => $lang['Add_new_rank'],
+		"L_ACTION" => $lang['Action'],
+		
+		"S_RANKS_ACTION" => append_sid("admin_ranks.$phpEx"))
+	);
+	
+	for($i = 0; $i < $rank_count; $i++)
+	{
+		$rank = $rank_rows[$i]['rank_title'];
+		$special_rank = $rank_rows[$i]['rank_special'];
+		$rank_id = $rank_rows[$i]['rank_id'];
+		$rank_min = $rank_rows[$i]['rank_min'];
+		
+		if( $special_rank == 1 )
+		{
+			$rank_min = $rank_max = "-";
+		}
+
+		$row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
+		$row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
+
+		$rank_is_special = ( $special_rank ) ? $lang['Yes'] : $lang['No'];
+		
+		$template->assign_block_vars("ranks", array(
+			"ROW_COLOR" => "#" . $row_color,
+			"ROW_CLASS" => $row_class,
+			"RANK" => $rank,
+			"SPECIAL_RANK" => $rank_is_special,
+			"RANK_MIN" => $rank_min,
+
+			"U_RANK_EDIT" => append_sid("admin_ranks.$phpEx?mode=edit&amp;id=$rank_id"),
+			"U_RANK_DELETE" => append_sid("admin_ranks.$phpEx?mode=delete&amp;id=$rank_id"))
+		);
+	}
 }
 
 $template->pparse("body");

phpBB/admin/admin_smilies.php

@@ -36,27 +36,21 @@ if( !empty($setmodules) )
 	return;
 }
 
-$phpbb_root_path = "./../";
-require($phpbb_root_path . 'extension.inc');
-
-$cancel = ( isset($HTTP_POST_VARS['cancel']) || isset($_POST['cancel']) ) ? true : false;
-$no_page_header = $cancel;
-
 //
 // Load default header
 //
-if ((!empty($HTTP_GET_VARS['export_pack']) && $HTTP_GET_VARS['export_pack'] == 'send') || (!empty($_GET['export_pack']) && $_GET['export_pack'] == 'send'))
+if( isset($HTTP_GET_VARS['export_pack']) )
 {
-	$no_page_header = true;
+	if ( $HTTP_GET_VARS['export_pack'] == "send" )
+	{	
+		$no_page_header = true;
+	}
 }
 
+$phpbb_root_path = "./../";
+require($phpbb_root_path . 'extension.inc');
 require('./pagestart.' . $phpEx);
 
-if ($cancel)
-{
-	redirect('admin/' . append_sid("admin_smilies.$phpEx", true));
-}
-
 //
 // Check to see what mode we should operate in.
 //
@@ -322,43 +316,17 @@ else if ( $mode != "" )
 			$smiley_id = ( !empty($HTTP_POST_VARS['id']) ) ? $HTTP_POST_VARS['id'] : $HTTP_GET_VARS['id'];
 			$smiley_id = intval($smiley_id);
 
-			$confirm = isset($HTTP_POST_VARS['confirm']);
-
-			if( $confirm )
+			$sql = "DELETE FROM " . SMILIES_TABLE . "
+				WHERE smilies_id = " . $smiley_id;
+			$result = $db->sql_query($sql);
+			if( !$result )
 			{
-				$sql = "DELETE FROM " . SMILIES_TABLE . "
-					WHERE smilies_id = " . $smiley_id;
-				$result = $db->sql_query($sql);
-				if( !$result )
-				{
-					message_die(GENERAL_ERROR, "Couldn't delete smiley", "", __LINE__, __FILE__, $sql);
-				}
-
-				$message = $lang['smiley_del_success'] . "<br /><br />" . sprintf($lang['Click_return_smileadmin'], "<a href=\"" . append_sid("admin_smilies.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
-
-				message_die(GENERAL_MESSAGE, $message);
+				message_die(GENERAL_ERROR, "Couldn't delete smiley", "", __LINE__, __FILE__, $sql);
 			}
-			else
-			{
-				// Present the confirmation screen to the user
-				$template->set_filenames(array(
-					'body' => 'admin/confirm_body.tpl')
-				);
 
-				$hidden_fields = '<input type="hidden" name="mode" value="delete" /><input type="hidden" name="id" value="' . $smiley_id . '" />';
+			$message = $lang['smiley_del_success'] . "<br /><br />" . sprintf($lang['Click_return_smileadmin'], "<a href=\"" . append_sid("admin_smilies.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
 
-				$template->assign_vars(array(
-					'MESSAGE_TITLE' => $lang['Confirm'],
-					'MESSAGE_TEXT' => $lang['Confirm_delete_smiley'],
-
-					'L_YES' => $lang['Yes'],
-					'L_NO' => $lang['No'],
-
-					'S_CONFIRM_ACTION' => append_sid("admin_smilies.$phpEx"),
-					'S_HIDDEN_FIELDS' => $hidden_fields)
-				);
-				$template->pparse('body');
-			}
+			message_die(GENERAL_MESSAGE, $message);
 			break;
 
 		case 'edit':
@@ -434,18 +402,15 @@ else if ( $mode != "" )
 			// Get the submitted data, being careful to ensure that we only
 			// accept the data we are looking for.
 			//
-			$smile_code = ( isset($HTTP_POST_VARS['smile_code']) ) ? trim($HTTP_POST_VARS['smile_code']) : '';
-			$smile_url = ( isset($HTTP_POST_VARS['smile_url']) ) ? trim($HTTP_POST_VARS['smile_url']) : '';
-			$smile_url = phpbb_ltrim(basename($smile_url), "'");
-			$smile_emotion = ( isset($HTTP_POST_VARS['smile_emotion']) ) ? htmlspecialchars(trim($HTTP_POST_VARS['smile_emotion'])) : '';
-			$smile_id = ( isset($HTTP_POST_VARS['smile_id']) ) ? intval($HTTP_POST_VARS['smile_id']) : 0;
-			$smile_code = trim($smile_code);
-			$smile_url = trim($smile_url);
+			$smile_code = ( isset($HTTP_POST_VARS['smile_code']) ) ? trim($HTTP_POST_VARS['smile_code']) : trim($HTTP_GET_VARS['smile_code']);
+			$smile_url = ( isset($HTTP_POST_VARS['smile_url']) ) ? trim($HTTP_POST_VARS['smile_url']) : trim($HTTP_GET_VARS['smile_url']);
+			$smile_emotion = ( isset($HTTP_POST_VARS['smile_emotion']) ) ? trim($HTTP_POST_VARS['smile_emotion']) : trim($HTTP_GET_VARS['smile_emotion']);
+			$smile_id = ( isset($HTTP_POST_VARS['smile_id']) ) ? intval($HTTP_POST_VARS['smile_id']) : intval($HTTP_GET_VARS['smile_id']);
 
 			// If no code was entered complain ...
 			if ($smile_code == '' || $smile_url == '')
 			{
-				message_die(GENERAL_MESSAGE, $lang['Fields_empty']);
+				message_die(MESSAGE, $lang['Fields_empty']);
 			}
 
 			//
@@ -479,17 +444,17 @@ else if ( $mode != "" )
 			// Get the submitted data being careful to ensure the the data
 			// we recieve and process is only the data we are looking for.
 			//
-			$smile_code = ( isset($HTTP_POST_VARS['smile_code']) ) ? $HTTP_POST_VARS['smile_code'] : '';
-			$smile_url = ( isset($HTTP_POST_VARS['smile_url']) ) ? $HTTP_POST_VARS['smile_url'] : '';
-			$smile_url = phpbb_ltrim(basename($smile_url), "'");
-			$smile_emotion = ( isset($HTTP_POST_VARS['smile_emotion']) ) ? htmlspecialchars(trim($HTTP_POST_VARS['smile_emotion'])) : '';
+			$smile_code = ( isset($HTTP_POST_VARS['smile_code']) ) ? $HTTP_POST_VARS['smile_code'] : $HTTP_GET_VARS['smile_code'];
+			$smile_url = ( isset($HTTP_POST_VARS['smile_url']) ) ? $HTTP_POST_VARS['smile_url'] : $HTTP_GET_VARS['smile_url'];
+			$smile_emotion = ( isset($HTTP_POST_VARS['smile_emotion']) ) ? $HTTP_POST_VARS['smile_emotion'] : $HTTP_GET_VARS['smile_emotion'];
 			$smile_code = trim($smile_code);
 			$smile_url = trim($smile_url);
+			$smile_emotion = trim($smile_emotion);
 
 			// If no code was entered complain ...
 			if ($smile_code == '' || $smile_url == '')
 			{
-				message_die(GENERAL_MESSAGE, $lang['Fields_empty']);
+				message_die(MESSAGE, $lang['Fields_empty']);
 			}
 
 			//

phpBB/admin/admin_styles.php

@@ -27,7 +27,7 @@ if( !empty($setmodules) )
 	$file = basename(__FILE__);
 	$module['Styles']['Add_new'] = "$file?mode=addnew";
 	$module['Styles']['Create_new'] = "$file?mode=create";
-	$module['Styles']['Manage'] = $file;
+	$module['Styles']['Manage'] = "$file";
 	$module['Styles']['Export'] = "$file?mode=export";
 	return;
 }
@@ -41,10 +41,10 @@ if( !empty($setmodules) )
 $phpbb_root_path = "./../";
 require($phpbb_root_path . 'extension.inc');
 
-$confirm = (isset($HTTP_POST_VARS['confirm']) || isset($_POST['confirm'])) ? TRUE : FALSE;
-$cancel = (isset($HTTP_POST_VARS['cancel']) || isset($_POST['cancel'])) ? TRUE : FALSE;
+$confirm = ( isset($HTTP_POST_VARS['confirm']) ) ? TRUE : FALSE;
+$cancel = ( isset($HTTP_POST_VARS['cancel']) ) ? TRUE : FALSE;
 
-$no_page_header = (!empty($HTTP_POST_VARS['send_file']) || !empty($_POST['send_file']) || $cancel) ? TRUE : FALSE;
+$no_page_header = (!empty($HTTP_POST_VARS['send_file']) || $cancel) ? TRUE : FALSE;
 
 require('./pagestart.' . $phpEx);
 
@@ -582,7 +582,6 @@ switch( $mode )
 				"L_SIMPLE_NAME" => $lang['Simple_name'],
 				"L_VALUE" => $lang['Value'],
 				"L_STYLESHEET" => $lang['Stylesheet'],
-				"L_STYLESHEET_EXPLAIN" => $lang['Stylesheet_explain'],
 				"L_BACKGROUND_IMAGE" => $lang['Background_image'],
 				"L_BACKGROUND_COLOR" => $lang['Background_color'],
 				"L_BODY_TEXT_COLOR" => $lang['Text_color'],
@@ -836,7 +835,7 @@ switch( $mode )
 			// Set template files
 			//
 			$template->set_filenames(array(
-				"confirm" => "admin/confirm_body.tpl")
+				"confirm" => "confirm_body.tpl")
 			);
 
 			$template->assign_vars(array(

phpBB/admin/admin_ug_auth.php

@@ -231,46 +231,11 @@ if ( isset($HTTP_POST_VARS['submit']) && ( ( $mode == 'user' && $user_id ) || (
 		else
 		{
 	
-			$change_mod_list = ( isset($HTTP_POST_VARS['moderator']) ) ? $HTTP_POST_VARS['moderator'] : array();
+			$change_mod_list = ( isset($HTTP_POST_VARS['moderator']) ) ? $HTTP_POST_VARS['moderator'] : false;
 
 			if ( empty($adv) )
 			{
-				$sql = "SELECT f.* 
-					FROM " . FORUMS_TABLE . " f, " . CATEGORIES_TABLE . " c
-					WHERE f.cat_id = c.cat_id
-					ORDER BY c.cat_order, f.forum_order ASC";
-				if ( !($result = $db->sql_query($sql)) )
-				{
-					message_die(GENERAL_ERROR, "Couldn't obtain forum information", "", __LINE__, __FILE__, $sql);
-				}
-
-				$forum_access = $forum_auth_level_fields = array();
-				while( $row = $db->sql_fetchrow($result) )
-				{
-					$forum_access[] = $row;
-				}
-				$db->sql_freeresult($result);
-
-				for($i = 0; $i < count($forum_access); $i++)
-				{
-					$forum_id = $forum_access[$i]['forum_id'];
-
-					for($j = 0; $j < count($forum_auth_fields); $j++)
-					{
-						$forum_auth_level_fields[$forum_id][$forum_auth_fields[$j]] = $forum_access[$i][$forum_auth_fields[$j]] == AUTH_ACL;
-					}
-				}
-
-				while( list($forum_id, $value) = @each($HTTP_POST_VARS['private']) )
-				{
-					while( list($auth_field, $exists) = @each($forum_auth_level_fields[$forum_id]) )
-					{
-						if ($exists)
-						{
-							$change_acl_list[$forum_id][$auth_field] = $value;
-						}
-					}
-				}
+				$change_acl_list = ( isset($HTTP_POST_VARS['private']) ) ? $HTTP_POST_VARS['private'] : false;
 			}
 			else
 			{
@@ -286,10 +251,9 @@ if ( isset($HTTP_POST_VARS['submit']) && ( ( $mode == 'user' && $user_id ) || (
 				}
 			}
 
-			$sql = 'SELECT f.* 
-				FROM ' . FORUMS_TABLE . ' f, ' . CATEGORIES_TABLE . ' c
-				WHERE f.cat_id = c.cat_id
-				ORDER BY c.cat_order, f.forum_order';
+			$sql = "SELECT * 
+				FROM " . FORUMS_TABLE . " f
+				ORDER BY forum_order";
 			if ( !($result = $db->sql_query($sql)) )
 			{
 				message_die(GENERAL_ERROR, "Couldn't obtain forum information", "", __LINE__, __FILE__, $sql);
@@ -324,11 +288,11 @@ if ( isset($HTTP_POST_VARS['submit']) && ( ( $mode == 'user' && $user_id ) || (
 				$forum_id = $forum_access[$i]['forum_id'];
 
 				if ( 
-					( isset($auth_access[$forum_id]['auth_mod']) && $change_mod_list[$forum_id] != $auth_access[$forum_id]['auth_mod'] ) || 
-					( !isset($auth_access[$forum_id]['auth_mod']) && !empty($change_mod_list[$forum_id]) ) 
+					( isset($auth_access[$forum_id]['auth_mod']) && $change_mod_list[$forum_id]['auth_mod'] != $auth_access[$forum_id]['auth_mod'] ) || 
+					( !isset($auth_access[$forum_id]['auth_mod']) && !empty($change_mod_list[$forum_id]['auth_mod']) ) 
 				)
 				{
-					$update_mod_status[$forum_id] = $change_mod_list[$forum_id];
+					$update_mod_status[$forum_id] = $change_mod_list[$forum_id]['auth_mod'];
 
 					if ( !$update_mod_status[$forum_id] )
 					{
@@ -450,7 +414,6 @@ if ( isset($HTTP_POST_VARS['submit']) && ( ( $mode == 'user' && $user_id ) || (
 			FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug, " . USERS_TABLE . " u  
 			WHERE ug.group_id = aa.group_id 
 				AND u.user_id = ug.user_id 
-				AND ug.user_pending = 0
 				AND u.user_level NOT IN (" . MOD . ", " . ADMIN . ") 
 			GROUP BY u.user_id 
 			HAVING SUM(aa.auth_mod) > 0";
@@ -605,10 +568,9 @@ else if ( ( $mode == 'user' && ( isset($HTTP_POST_VARS['username']) || $user_id
 	//
 	// Front end
 	//
-	$sql = "SELECT f.* 
-		FROM " . FORUMS_TABLE . " f, " . CATEGORIES_TABLE . " c
-		WHERE f.cat_id = c.cat_id
-		ORDER BY c.cat_order, f.forum_order ASC";
+	$sql = "SELECT * 
+		FROM " . FORUMS_TABLE . " f
+		ORDER BY forum_order";
 	if ( !($result = $db->sql_query($sql)) )
 	{
 		message_die(GENERAL_ERROR, "Couldn't obtain forum information", "", __LINE__, __FILE__, $sql);
@@ -641,7 +603,7 @@ else if ( ( $mode == 'user' && ( isset($HTTP_POST_VARS['username']) || $user_id
 		}
 	}
 
-	$sql = "SELECT u.user_id, u.username, u.user_level, g.group_id, g.group_name, g.group_single_user, ug.user_pending FROM " . USERS_TABLE . " u, " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug WHERE ";
+	$sql = "SELECT u.user_id, u.username, u.user_level, g.group_id, g.group_name, g.group_single_user FROM " . USERS_TABLE . " u, " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug WHERE ";
 	$sql .= ( $mode == 'user' ) ? "u.user_id = $user_id AND ug.user_id = u.user_id AND g.group_id = ug.group_id" : "g.group_id = $group_id AND ug.group_id = g.group_id AND u.user_id = ug.user_id";
 	if ( !($result = $db->sql_query($sql)) )
 	{
@@ -867,26 +829,20 @@ else if ( ( $mode == 'user' && ( isset($HTTP_POST_VARS['username']) || $user_id
 		}
 	}
 
-	$t_usergroup_list = $t_pending_list = '';
 	if( count($name) )
 	{
+		$t_usergroup_list = '';
 		for($i = 0; $i < count($ug_info); $i++)
 		{
 			$ug = ( $mode == 'user' ) ? 'group&amp;' . POST_GROUPS_URL : 'user&amp;' . POST_USERS_URL;
 
-			if (!$ug_info[$i]['user_pending'])
-			{
-				$t_usergroup_list .= ( ( $t_usergroup_list != '' ) ? ', ' : '' ) . '<a href="' . append_sid("admin_ug_auth.$phpEx?mode=$ug=" . $id[$i]) . '">' . $name[$i] . '</a>';
-			}
-			else
-			{
-				$t_pending_list .= ( ( $t_pending_list != '' ) ? ', ' : '' ) . '<a href="' . append_sid("admin_ug_auth.$phpEx?mode=$ug=" . $id[$i]) . '">' . $name[$i] . '</a>';
-			}
+			$t_usergroup_list .= ( ( $t_usergroup_list != '' ) ? ', ' : '' ) . '<a href="' . append_sid("admin_ug_auth.$phpEx?mode=$ug=" . $id[$i]) . '">' . $name[$i] . '</a>';
 		}
 	}
-
-	$t_usergroup_list = ($t_usergroup_list == '') ? $lang['None'] : $t_usergroup_list;
-	$t_pending_list = ($t_pending_list == '') ? $lang['None'] : $t_pending_list;
+	else
+	{
+		$t_usergroup_list = $lang['None'];
+	}
 
 	$s_column_span = 2; // Two columns always present
 	if( !$adv )
@@ -943,7 +899,7 @@ else if ( ( $mode == 'user' && ( isset($HTTP_POST_VARS['username']) || $user_id
 
 		$template->assign_vars(array(
 			'USERNAME' => $t_groupname,
-			'GROUP_MEMBERSHIP' => $lang['Usergroup_members'] . ' : ' . $t_usergroup_list . '<br />' . $lang['Pending_members'] . ' : ' . $t_pending_list)
+			'GROUP_MEMBERSHIP' => $lang['Usergroup_members'] . ' : ' . $t_usergroup_list)
 		);
 	}
 

phpBB/admin/admin_user_ban.php

@@ -155,7 +155,7 @@ if ( isset($HTTP_POST_VARS['submit']) )
 			// contained in the annotated php manual at php.com (ereg
 			// section)
 			//
-			if (preg_match('/^(([a-z0-9&\'\.\-_\+])|(\*))+@(([a-z0-9\-])|(\*))+\.([a-z0-9\-]+\.)*?[a-z]+$/is', trim($email_list_temp[$i])))
+			if (preg_match('#^(([a-z0-9&.-_+])|(\*))+@[a-z0-9\-]+\.([a-z0-9\-]+\.)*?[a-z]+$#is', trim($email_list_temp[$i])))
 			{
 				$email_list[] = trim($email_list_temp[$i]);
 			}

phpBB/admin/admin_users.php

@@ -71,7 +71,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
 			message_die(GENERAL_MESSAGE, $lang['No_user_id_specified'] );
 		}
 
-		if( $HTTP_POST_VARS['deleteuser'] && ( $userdata['user_id'] != $user_id ) )
+		if( $HTTP_POST_VARS['deleteuser'] )
 		{
 			$sql = "SELECT g.group_id 
 				FROM " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g  
@@ -86,7 +86,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
 			$row = $db->sql_fetchrow($result);
 			
 			$sql = "UPDATE " . POSTS_TABLE . "
-				SET poster_id = " . DELETED . ", post_username = '" . str_replace("\\'", "''", addslashes($this_userdata['username'])) . "' 
+				SET poster_id = " . DELETED . ", post_username = '$username' 
 				WHERE poster_id = $user_id";
 			if( !$db->sql_query($sql) )
 			{
@@ -109,12 +109,30 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
 				message_die(GENERAL_ERROR, 'Could not update votes for this user', '', __LINE__, __FILE__, $sql);
 			}
 			
-			$sql = "UPDATE " . GROUPS_TABLE . "
-				SET group_moderator = " . $userdata['user_id'] . "
+			$sql = "SELECT group_id
+				FROM " . GROUPS_TABLE . "
 				WHERE group_moderator = $user_id";
-			if( !$db->sql_query($sql) )
+			if( !($result = $db->sql_query($sql)) )
 			{
-				message_die(GENERAL_ERROR, 'Could not update group moderators', '', __LINE__, __FILE__, $sql);
+				message_die(GENERAL_ERROR, 'Could not select groups where user was moderator', '', __LINE__, __FILE__, $sql);
+			}
+			
+			while ( $row_group = $db->sql_fetchrow($result) )
+			{
+				$group_moderator[] = $row_group['group_id'];
+			}
+			
+			if ( count($group_moderator) )
+			{
+				$update_moderator_id = implode(', ', $group_moderator);
+				
+				$sql = "UPDATE " . GROUPS_TABLE . "
+					SET group_moderator = " . $userdata['user_id'] . "
+					WHERE group_moderator IN ($update_moderator_id)";
+				if( !$db->sql_query($sql) )
+				{
+					message_die(GENERAL_ERROR, 'Could not update group moderators', '', __LINE__, __FILE__, $sql);
+				}
 			}
 
 			$sql = "DELETE FROM " . USERS_TABLE . "
@@ -159,20 +177,6 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
 				message_die(GENERAL_ERROR, 'Could not delete user from banlist table', '', __LINE__, __FILE__, $sql);
 			}
 
-			$sql = "DELETE FROM " . SESSIONS_TABLE . "
-				WHERE session_user_id = $user_id";
-			if ( !$db->sql_query($sql) )
-			{
-				message_die(GENERAL_ERROR, 'Could not delete sessions for this user', '', __LINE__, __FILE__, $sql);
-			}
-			
-			$sql = "DELETE FROM " . SESSIONS_KEYS_TABLE . "
-				WHERE user_id = $user_id";
-			if ( !$db->sql_query($sql) )
-			{
-				message_die(GENERAL_ERROR, 'Could not delete auto-login keys for this user', '', __LINE__, __FILE__, $sql);
-			}
-
 			$sql = "SELECT privmsgs_id
 				FROM " . PRIVMSGS_TABLE . "
 				WHERE privmsgs_from_userid = $user_id 
@@ -213,7 +217,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
 			message_die(GENERAL_MESSAGE, $message);
 		}
 
-		$username = ( !empty($HTTP_POST_VARS['username']) ) ? phpbb_clean_username($HTTP_POST_VARS['username']) : '';
+		$username = ( !empty($HTTP_POST_VARS['username']) ) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['username']))) : '';
 		$email = ( !empty($HTTP_POST_VARS['email']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['email'] ) )) : '';
 
 		$password = ( !empty($HTTP_POST_VARS['password']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['password'] ) )) : '';
@@ -243,13 +247,13 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
 		$allowbbcode = ( isset( $HTTP_POST_VARS['allowbbcode']) ) ? intval( $HTTP_POST_VARS['allowbbcode'] ) : $board_config['allow_bbcode'];
 		$allowsmilies = ( isset( $HTTP_POST_VARS['allowsmilies']) ) ? intval( $HTTP_POST_VARS['allowsmilies'] ) : $board_config['allow_smilies'];
 
-		$user_style = ( isset( $HTTP_POST_VARS['style'] ) ) ? intval( $HTTP_POST_VARS['style'] ) : $board_config['default_style'];
+		$user_style = ( $HTTP_POST_VARS['style'] ) ? intval( $HTTP_POST_VARS['style'] ) : $board_config['default_style'];
 		$user_lang = ( $HTTP_POST_VARS['language'] ) ? $HTTP_POST_VARS['language'] : $board_config['default_lang'];
 		$user_timezone = ( isset( $HTTP_POST_VARS['timezone']) ) ? doubleval( $HTTP_POST_VARS['timezone'] ) : $board_config['board_timezone'];
+		$user_template = ( $HTTP_POST_VARS['template'] ) ? $HTTP_POST_VARS['template'] : $board_config['board_template'];
 		$user_dateformat = ( $HTTP_POST_VARS['dateformat'] ) ? trim( $HTTP_POST_VARS['dateformat'] ) : $board_config['default_dateformat'];
 
 		$user_avatar_local = ( isset( $HTTP_POST_VARS['avatarselect'] ) && !empty($HTTP_POST_VARS['submitavatar'] ) && $board_config['allow_avatar_local'] ) ? $HTTP_POST_VARS['avatarselect'] : ( ( isset( $HTTP_POST_VARS['avatarlocal'] )  ) ? $HTTP_POST_VARS['avatarlocal'] : '' );
-		$user_avatar_category = ( isset($HTTP_POST_VARS['avatarcatname']) && $board_config['allow_avatar_local'] ) ? htmlspecialchars($HTTP_POST_VARS['avatarcatname']) : '' ;
 
 		$user_avatar_remoteurl = ( !empty($HTTP_POST_VARS['avatarremoteurl']) ) ? trim( $HTTP_POST_VARS['avatarremoteurl'] ) : '';
 		$user_avatar_url = ( !empty($HTTP_POST_VARS['avatarurl']) ) ? trim( $HTTP_POST_VARS['avatarurl'] ) : '';
@@ -289,7 +293,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
 
 			if ( !isset($HTTP_POST_VARS['cancelavatar'])) 
 			{
-				$user_avatar = $user_avatar_category . '/' . $user_avatar_local;
+				$user_avatar = $user_avatar_local;
 				$user_avatar_type = USER_AVATAR_GALLERY;
 			}
 		}
@@ -385,9 +389,9 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
 		{
 			if( $this_userdata['user_avatar_type'] == USER_AVATAR_UPLOAD && $this_userdata['user_avatar'] != "" )
 			{
-				if( @file_exists(@phpbb_realpath('./../' . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar'])) )
+				if( @file_exists(@phpbb_realpath("./" . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar'])) )
 				{
-					@unlink('./../' . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar']);
+					@unlink("./" . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar']);
 				}
 			}
 			$avatar_sql = ", user_avatar = '', user_avatar_type = " . USER_AVATAR_NONE;
@@ -641,7 +645,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
 		}
 		else if( $user_avatar_local != "" && $avatar_sql == "" && !$error )
 		{
-			$avatar_sql = ", user_avatar = '" . str_replace("\'", "''", phpbb_ltrim(basename($user_avatar_category), "'") . '/' . phpbb_ltrim(basename($user_avatar_local), "'")) . "', user_avatar_type = " . USER_AVATAR_GALLERY;
+			$avatar_sql = ", user_avatar = '" . str_replace("\'", "''", $user_avatar_local) . "', user_avatar_type = " . USER_AVATAR_GALLERY;
 		}
 	
 		//
@@ -677,19 +681,13 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
 						message_die(GENERAL_ERROR, 'Error removing user session', '', __LINE__, __FILE__, $sql);
 					}
 				}
-
-				// We remove all stored login keys since the password has been updated
-				// and change the current one (if applicable)
-				if ( !empty($passwd_sql) )
-				{
-					session_reset_keys($user_id, $user_ip);
-				}
 				
 				$message .= $lang['Admin_user_updated'];
 			}
 			else
 			{
-				message_die(GENERAL_ERROR, 'Admin_user_fail', '', __LINE__, __FILE__, $sql);
+				$error = TRUE;
+				$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Admin_user_fail'];
 			}
 
 			$message .= '<br /><br />' . sprintf($lang['Click_return_useradmin'], '<a href="' . append_sid("admin_users.$phpEx") . '">', '</a>') . '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="' . append_sid("index.$phpEx?pane=right") . '">', '</a>');
@@ -824,7 +822,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
 					{
 						if( preg_match("/(\.gif$|\.png$|\.jpg)$/is", $sub_file) )
 						{
-							$avatar_images[$file][$avatar_row_count][$avatar_col_count] = $sub_file;
+							$avatar_images[$file][$avatar_row_count][$avatar_col_count] = $file . "/" . $sub_file;
 
 							$avatar_col_count++;
 							if( $avatar_col_count == 5 )
@@ -869,7 +867,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
 				for($j = 0; $j < count($avatar_images[$category][$i]); $j++)
 				{
 					$template->assign_block_vars("avatar_row.avatar_column", array(
-						"AVATAR_IMAGE" => "../" . $board_config['avatar_gallery_path'] . '/' . $category . '/' . $avatar_images[$category][$i][$j])
+						"AVATAR_IMAGE" => "../" . $board_config['avatar_gallery_path'] . "/" . $avatar_images[$category][$i][$j])
 					);
 
 					$template->assign_block_vars("avatar_row.avatar_option_column", array(
@@ -880,7 +878,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
 
 			$coppa = ( ( !$HTTP_POST_VARS['coppa'] && !$HTTP_GET_VARS['coppa'] ) || $mode == "register") ? 0 : TRUE;
 
-			$s_hidden_fields = '<input type="hidden" name="mode" value="edit" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" /><input type="hidden" name="avatarcatname" value="' . $category . '" />';
+			$s_hidden_fields = '<input type="hidden" name="mode" value="edit" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />';
 			$s_hidden_fields .= '<input type="hidden" name="id" value="' . $user_id . '" />';
 
 			$s_hidden_fields .= '<input type="hidden" name="username" value="' . str_replace("\"", "&quot;", $username) . '" />';
@@ -936,7 +934,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
 
 		if( !empty($user_avatar_local) )
 		{
-			$s_hidden_fields .= '<input type="hidden" name="avatarlocal" value="' . $user_avatar_local . '" /><input type="hidden" name="avatarcatname" value="' . $user_avatar_category . '" />';
+			$s_hidden_fields .= '<input type="hidden" name="avatarlocal" value="' . $user_avatar_local . '" />';
 		}
 
 		if( $user_avatar_type )

phpBB/admin/admin_words.php

@@ -20,34 +20,25 @@
  *
  ***************************************************************************/
 
+define('IN_PHPBB', 1);
+
 if( !empty($setmodules) )
 {
 	$file = basename(__FILE__);
-	$module['General']['Word_Censor'] = $file;
+	$module['General']['Word_Censor'] = "$file";
 	return;
 }
 
-define('IN_PHPBB', 1);
-
 //
 // Load default header
 //
 $phpbb_root_path = "./../";
 require($phpbb_root_path . 'extension.inc');
-
-$cancel = (isset($HTTP_POST_VARS['cancel']) || isset($_POST['cancel'])) ? true : false;
-$no_page_header = $cancel;
-
 require('./pagestart.' . $phpEx);
 
-if ($cancel)
-{
-	redirect('admin/' . append_sid("admin_words.$phpEx", true));
-}
-
 if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
 {
-	$mode = (isset($HTTP_GET_VARS['mode'])) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
+	$mode = ($HTTP_GET_VARS['mode']) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
 	$mode = htmlspecialchars($mode);
 }
 else 
@@ -69,9 +60,6 @@ else
 	}
 }
 
-// Restrict mode input to valid options
-$mode = ( in_array($mode, array('add', 'edit', 'save', 'delete')) ) ? $mode : '';
-
 if( $mode != "" )
 {
 	if( $mode == "edit" || $mode == "add" )
@@ -82,7 +70,6 @@ if( $mode != "" )
 			"body" => "admin/words_edit_body.tpl")
 		);
 
-		$word_info = array('word' => '', 'replacement' => '');
 		$s_hidden_fields = '';
 
 		if( $mode == "edit" )
@@ -107,8 +94,8 @@ if( $mode != "" )
 		}
 
 		$template->assign_vars(array(
-			"WORD" => htmlspecialchars($word_info['word']),
-			"REPLACEMENT" => htmlspecialchars($word_info['replacement']),
+			"WORD" => $word_info['word'],
+			"REPLACEMENT" => $word_info['replacement'],
 
 			"L_WORDS_TITLE" => $lang['Words_title'],
 			"L_WORDS_TEXT" => $lang['Words_explain'],
@@ -171,9 +158,7 @@ if( $mode != "" )
 			$word_id = 0;
 		}
 
-		$confirm = isset($HTTP_POST_VARS['confirm']);
-
-		if( $word_id && $confirm )
+		if( $word_id )
 		{
 			$sql = "DELETE FROM " . WORDS_TABLE . " 
 				WHERE word_id = $word_id";
@@ -187,26 +172,6 @@ if( $mode != "" )
 
 			message_die(GENERAL_MESSAGE, $message);
 		}
-		elseif( $word_id && !$confirm)
-		{
-			// Present the confirmation screen to the user
-			$template->set_filenames(array(
-				'body' => 'admin/confirm_body.tpl')
-			);
-
-			$hidden_fields = '<input type="hidden" name="mode" value="delete" /><input type="hidden" name="id" value="' . $word_id . '" />';
-
-			$template->assign_vars(array(
-				'MESSAGE_TITLE' => $lang['Confirm'],
-				'MESSAGE_TEXT' => $lang['Confirm_delete_word'],
-
-				'L_YES' => $lang['Yes'],
-				'L_NO' => $lang['No'],
-
-				'S_CONFIRM_ACTION' => append_sid("admin_words.$phpEx"),
-				'S_HIDDEN_FIELDS' => $hidden_fields)
-			);
-		}
 		else
 		{
 			message_die(GENERAL_MESSAGE, $lang['No_word_selected']);
@@ -228,7 +193,6 @@ else
 	}
 
 	$word_rows = $db->sql_fetchrowset($result);
-	$db->sql_freeresult($result);
 	$word_count = count($word_rows);
 
 	$template->assign_vars(array(
@@ -257,8 +221,8 @@ else
 		$template->assign_block_vars("words", array(
 			"ROW_COLOR" => "#" . $row_color,
 			"ROW_CLASS" => $row_class,
-			"WORD" => htmlspecialchars($word),
-			"REPLACEMENT" => htmlspecialchars($replacement),
+			"WORD" => $word,
+			"REPLACEMENT" => $replacement,
 
 			"U_WORD_EDIT" => append_sid("admin_words.$phpEx?mode=edit&amp;id=$word_id"),
 			"U_WORD_DELETE" => append_sid("admin_words.$phpEx?mode=delete&amp;id=$word_id"))

phpBB/admin/index.php

@@ -60,7 +60,7 @@ if( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'left' )
 	{
 		if( preg_match("/^admin_.*?\." . $phpEx . "$/", $file) )
 		{
-			include('./' . $file);
+			include($file);
 		}
 	}
 
@@ -234,9 +234,9 @@ elseif( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'right' )
 			$row = $db->sql_fetchrow($result);
 			$version = $row['mysql_version'];
 
-			if( preg_match("/^(3\.23|4\.|5\.)/", $version) )
+			if( preg_match("/^(3\.23|4\.)/", $version) )
 			{
-				$db_name = ( preg_match("/^(3\.23\.[6-9])|(3\.23\.[1-9][1-9])|(4\.)|(5\.)/", $version) ) ? "`$dbname`" : $dbname;
+				$db_name = ( preg_match("/^(3\.23\.[6-9])|(3\.23\.[1-9][1-9])|(4\.)/", $version) ) ? "`$dbname`" : $dbname;
 
 				$sql = "SHOW TABLE STATUS 
 					FROM " . $db_name;
@@ -567,7 +567,7 @@ elseif( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'right' )
 	$errno = 0;
 	$errstr = $version_info = '';
 
-	if ($fsock = @fsockopen('www.phpbb.com', 80, $errno, $errstr, 10))
+	if ($fsock = @fsockopen('www.phpbb.com', 80, $errno, $errstr))
 	{
 		@fputs($fsock, "GET /updatecheck/20x.txt HTTP/1.1\r\n");
 		@fputs($fsock, "HOST: www.phpbb.com\r\n");
@@ -602,7 +602,7 @@ elseif( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'right' )
 		else
 		{
 			$version_info = '<p style="color:red">' . $lang['Version_not_up_to_date'];
-			$version_info .= '<br />' . sprintf($lang['Latest_version_info'], $latest_version) . ' ' . sprintf($lang['Current_version_info'], '2' . $board_config['version']) . '</p>';
+			$version_info .= '<br />' . sprintf($lang['Latest_version_info'], $latest_version) . sprintf($lang['Current_version_info'], '2' . $board_config['version']) . '</p>';
 		}
 	}
 	else

phpBB/admin/page_footer_admin.php

@@ -25,8 +25,6 @@ if ( !defined('IN_PHPBB') )
 	die("Hacking attempt");
 }
 
-global $do_gzip_compress;
-
 //
 // Show the overall footer.
 //
@@ -36,7 +34,7 @@ $template->set_filenames(array(
 
 $template->assign_vars(array(
 	'PHPBB_VERSION' => ($userdata['user_level'] == ADMIN && $userdata['user_id'] != ANONYMOUS) ? '2' . $board_config['version'] : '', 
-	'TRANSLATION_INFO' => (isset($lang['TRANSLATION_INFO'])) ? $lang['TRANSLATION_INFO'] : ((isset($lang['TRANSLATION'])) ? $lang['TRANSLATION'] : ''))
+	'TRANSLATION_INFO' => $lang['TRANSLATION_INFO'])
 );
 
 $template->pparse('page_footer');

phpBB/admin/page_header_admin.php

@@ -132,18 +132,6 @@ $template->assign_vars(array(
 	'T_SPAN_CLASS3' => $theme['span_class3'])
 );
 
-// Work around for "current" Apache 2 + PHP module which seems to not
-// cope with private cache control setting
-if (!empty($HTTP_SERVER_VARS['SERVER_SOFTWARE']) && strstr($HTTP_SERVER_VARS['SERVER_SOFTWARE'], 'Apache/2'))
-{
-	header ('Cache-Control: no-cache, pre-check=0, post-check=0');
-}
-else
-{
-	header ('Cache-Control: private, pre-check=0, post-check=0, max-age=0');
-}
-header ('Expires: 0');
-header ('Pragma: no-cache');
 
 $template->pparse('header');
 

phpBB/admin/pagestart.php

@@ -49,6 +49,13 @@ else if ($userdata['user_level'] != ADMIN)
 
 if ($HTTP_GET_VARS['sid'] != $userdata['session_id'])
 {
+	$url = str_replace(preg_replace('#^\/?(.*?)\/?$#', '\1', trim($board_config['server_name'])), '', $HTTP_SERVER_VARS['REQUEST_URI']);
+	$url = str_replace(preg_replace('#^\/?(.*?)\/?$#', '\1', trim($board_config['script_path'])), '', $url);
+	$url = str_replace('//', '/', $url);
+	$url = preg_replace('/sid=([^&]*)(&?)/i', '', $url);
+	$url = preg_replace('/\?$/', '', $url);
+	$url .= ((strpos($url, '?')) ? '&' : '?') . 'sid=' . $userdata['session_id'];
+
 	redirect("index.$phpEx?sid=" . $userdata['session_id']);
 }
 

phpBB/common.php

@@ -28,11 +28,10 @@ if ( !defined('IN_PHPBB') )
 error_reporting  (E_ERROR | E_WARNING | E_PARSE); // This will NOT report uninitialized variables
 set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
 
-// The following code (unsetting globals)
-// Thanks to Matt Kavanagh and Stefan Esser for providing feedback as well as patch files
+// The following code (unsetting globals) was contributed by Matt Kavanagh
 
 // PHP5 with register_long_arrays off?
-if (@phpversion() >= '5.0.0' && (!@ini_get('register_long_arrays') || @ini_get('register_long_arrays') == '0' || strtolower(@ini_get('register_long_arrays')) == 'off'))
+if (!isset($HTTP_POST_VARS) && isset($_POST))
 {
 	$HTTP_POST_VARS = $_POST;
 	$HTTP_GET_VARS = $_GET;
@@ -48,19 +47,29 @@ if (@phpversion() >= '5.0.0' && (!@ini_get('register_long_arrays') || @ini_get('
 	}
 }
 
-// Protect against GLOBALS tricks
-if (isset($HTTP_POST_VARS['GLOBALS']) || isset($HTTP_POST_FILES['GLOBALS']) || isset($HTTP_GET_VARS['GLOBALS']) || isset($HTTP_COOKIE_VARS['GLOBALS']))
+if (@phpversion() < '4.0.0')
 {
-	die("Hacking attempt");
-}
+	// PHP3 path; in PHP3, globals are _always_ registered
+	
+	// We 'flip' the array of variables to test like this so that
+	// we can validate later with isset($test[$var]) (no in_array())
+	$test = array('HTTP_GET_VARS' => NULL, 'HTTP_POST_VARS' => NULL, 'HTTP_COOKIE_VARS' => NULL, 'HTTP_SERVER_VARS' => NULL, 'HTTP_ENV_VARS' => NULL, 'HTTP_POST_FILES' => NULL, 'phpEx' => NULL, 'phpbb_root_path' => NULL);
 
-// Protect against HTTP_SESSION_VARS tricks
-if (isset($HTTP_SESSION_VARS) && !is_array($HTTP_SESSION_VARS))
-{
-	die("Hacking attempt");
+	// Loop through each input array
+	@reset($test);
+	while (list($input,) = @each($test))
+	{
+		while (list($var,) = @each($$input))
+		{
+			// Validate the variable to be unset
+			if (!isset($test[$var]) && $var != 'test' && $var != 'input')
+			{
+				unset($$var);
+			}
+		}
+	}
 }
-
-if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on')
+else if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on')
 {
 	// PHP4+ path
 	$not_unset = array('HTTP_GET_VARS', 'HTTP_POST_VARS', 'HTTP_COOKIE_VARS', 'HTTP_SERVER_VARS', 'HTTP_SESSION_VARS', 'HTTP_ENV_VARS', 'HTTP_POST_FILES', 'phpEx', 'phpbb_root_path');
@@ -68,7 +77,7 @@ if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals
 	// Not only will array_merge give a warning if a parameter
 	// is not an array, it will actually fail. So we check if
 	// HTTP_SESSION_VARS has been initialised.
-	if (!isset($HTTP_SESSION_VARS) || !is_array($HTTP_SESSION_VARS))
+	if (!isset($HTTP_SESSION_VARS))
 	{
 		$HTTP_SESSION_VARS = array();
 	}
@@ -82,13 +91,12 @@ if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals
 
 	while (list($var,) = @each($input))
 	{
-		if (in_array($var, $not_unset))
+		if (!in_array($var, $not_unset))
 		{
-			die('Hacking attempt!');
+			unset($$var);
 		}
-		unset($$var);
 	}
-
+   
 	unset($input);
 }
 
@@ -171,14 +179,13 @@ $theme = array();
 $images = array();
 $lang = array();
 $nav_links = array();
-$dss_seeded = false;
 $gen_simple_header = FALSE;
 
 include($phpbb_root_path . 'config.'.$phpEx);
 
 if( !defined("PHPBB_INSTALLED") )
 {
-	header('Location: ' . $phpbb_root_path . 'install/install.' . $phpEx);
+	header("Location: install/install.$phpEx");
 	exit;
 }
 
@@ -189,9 +196,6 @@ include($phpbb_root_path . 'includes/auth.'.$phpEx);
 include($phpbb_root_path . 'includes/functions.'.$phpEx);
 include($phpbb_root_path . 'includes/db.'.$phpEx);
 
-// We do not need this any longer, unset for safety purposes
-unset($dbpasswd);
-
 //
 // Obtain and encode users IP
 //
@@ -222,7 +226,7 @@ while ( $row = $db->sql_fetchrow($result) )
 
 if (file_exists('install') || file_exists('contrib'))
 {
-	message_die(GENERAL_MESSAGE, 'Please_remove_install_contrib');
+	message_die(GENERAL_MESSAGE, 'Please ensure both the install/ and contrib/ directories are deleted');
 }
 
 //

phpBB/db/mssql.php

@@ -289,7 +289,7 @@ class sql_db
 
 			while( list($key, $value) = @each($row) )
 			{
-				$row[$key] = ($value === ' ') ? '' : stripslashes($value);
+				$row[$key] = stripslashes($value);
 			}
 			@reset($row);
 
@@ -317,7 +317,7 @@ class sql_db
 			{
 				while( list($key, $value) = @each($row) )
 				{
-					$rowset[$i][$key] = ($value === ' ') ? '' : stripslashes($value);
+					$rowset[$i][$key] = stripslashes($value);
 				}
 				$i++;
 			}
@@ -356,7 +356,7 @@ class sql_db
 				if( empty($this->row[$query_id]) )
 				{
 					$this->row[$query_id] = @mssql_fetch_array($query_id);
-					$result = ($this->row[$query_id][$field] === ' ') ? '' : stripslashes($this->row[$query_id][$field]);
+					$result = stripslashes($this->row[$query_id][$field]);
 				}
 			}
 

phpBB/db/mysql.php

@@ -259,7 +259,7 @@ class sql_db
 				{
 					if($this->rowset[$query_id])
 					{
-						$result = $this->rowset[$query_id][0][$field];
+						$result = $this->rowset[$query_id][$field];
 					}
 					else if($this->row[$query_id])
 					{

phpBB/db/mysql4.php

@@ -271,7 +271,7 @@ class sql_db
 				{
 					if( $this->rowset[$query_id] )
 					{
-						$result = $this->rowset[$query_id][0][$field];
+						$result = $this->rowset[$query_id][$field];
 					}
 					else if( $this->row[$query_id] )
 					{

phpBB/docs/AUTHORS

@@ -1,6 +1 @@
 Please see: http://www.phpbb.com/about.php for a list of all the people involved in phpBB.
-Please see: http://www.phpbb.com/about.php for a list of people involved within the security audit of phpBB (since phpBB 2.0.17).
-
-[September 2005]
-Our special thanks goes to our former developer and manager psoTFX (Paul S. Owen) for being a wonderful teammate and talented programer.
-He was a driving force in the project for over 3 years and helped a lot in making phpBB what it is now.

phpBB/docs/CHANGELOG.html

@@ -3,7 +3,7 @@
 <head>
 <meta http-equiv="Content-Type" content="text/html">
 <meta http-equiv="Content-Style-Type" content="text/css">
-<title>phpBB 2.0.x :: Changelog</title>
+<title>phpBB 2.0.16 :: Changelog</title>
 <link rel="stylesheet" href="../templates/subSilver/subSilver.css" type="text/css" />
 <style type="text/css">
 <!--
@@ -24,7 +24,7 @@ p,ul,td {font-size:10pt;}
 <table width="100%" border="0" cellspacing="0" cellpadding="0">
 	<tr>
 		<td><img src="../templates/subSilver/images/logo_phpBB.gif" border="0" alt="phpBB 2 : Creating Communities" vspace="1" /></a></td>
-		<td align="center" width="100%" valign="middle"><span class="maintitle">phpBB 2.0.x CHANGELOG</span></td>
+		<td align="center" width="100%" valign="middle"><span class="maintitle">phpBB 2.0.16 CHANGELOG</span></td>
 	</tr>
 </table>
 
@@ -32,13 +32,6 @@ p,ul,td {font-size:10pt;}
 <ol>
 <li><a href="#changelog">Changelog</a></li>
 <ol type="i">
-	<li><a href="#2022">Changes since 2.0.22</a></li>
-	<li><a href="#2021">Changes since 2.0.21</a></li>
-	<li><a href="#2020">Changes since 2.0.20</a></li>
-	<li><a href="#2019">Changes since 2.0.19</a></li>
-	<li><a href="#2018">Changes since 2.0.18</a></li>
-	<li><a href="#2017">Changes since 2.0.17</a></li>
-	<li><a href="#2016">Changes since 2.0.16</a></li>
 	<li><a href="#2015">Changes since 2.0.15</a></li>
 	<li><a href="#2014">Changes since 2.0.14</a></li>
 	<li><a href="#2013">Changes since 2.0.13</a></li>
@@ -68,175 +61,7 @@ p,ul,td {font-size:10pt;}
 
 <p>This is a non-exhaustive (but still near complete) changelog for phpBB 2.0.x including beta and release candidate versions. Our thanks to all those people who've contributed bug reports and code fixes.</p>
 
-<a name="2022"></a><h3 class="h3">l.i. Changes since 2.0.22</h3>
-
-<ul>
-<li>[Fix] Correctly re-assign group moderator on user deletion (Bug #280)</li>
-<li>[Fix] Deleting a forum with multiple polls included (Bug #6740)</li>
-<li>[Fix] Fixed postgresql query for obtaining group moderator in groupcp.php (Bug #6550)</li>
-<li>[Fix] Selected field on first entry by default for font size within posting_body.tpl (Bug #7124)</li>
-<li>[Fix] Adjusted maxlength parameters in admin/styles_edit_body.tpl (Bug #81)</li>
-<li>[Fix] Fixed html output in make_forum_select if no forums present (Bug #436)</li>
-<li>[Fix] Fixed spelling error(s) in lang_admin.php (Bug #7172, #6978)</li>
-<li>[Fix] Correctly display censored words in admin panel (Bug #12271)</li>
-<li>[Fix] Do not allow soft hyphen \xAD in usernames (reported by Bander00)</li>
-<li>[Fix] Fixed the group permission system's use of array access</li>
-<li>[Fix] Simple group permissions now work properly</li>
-<li>[Sec] Fix possible XSRF Vulnerability in private messaging and groups handling</li>
-<li>[Fix] Fix inability to export smilies (Bug #2265)</li>
-<li>[Fix] Fixing some problems with PHP5 and register_long_arrays off</li>
-</ul>
-
-<a name="2021"></a><h3 class="h3">l.ii. Changes since 2.0.21</h3>
-
-<ul>
-<li>[Fix] Check for user's existence prior to showing email form</li>
-<li>[Fix] New members of moderator groups should always become moderators (Bug #382)</li>
-<li>[Fix] Proper message when replying to non-existant topics (Bug #459)</li>
-<li>[Fix] Changed column type of search_array to store more ids (Bug #4058)</li>
-<li>[Fix] Fixed annoyance with font-size selector (Bug #4612)</li>
-<li>[Fix] Fix optimize line in database updater (Bug #6186)</li>
-<li>[Sec] Check for the avatar upload directory reinforced</li>
-<li>[Sec] Changes to the criteria for "bad" redirection targets - kellanved</li>
-<li>[Sec] Fixed a non-persistent XSS issue in private messaging</li>
-<li>[Sec] Fixing possible negative start parameter - SpiderZ.</li>
-<li>[Sec] Added session checks to various forms - kellanved</li>
-</ul>
-
-<a name="2020"></a><h3 class="h3">l.iii. Changes since 2.0.20</h3>
-
-<ul>
-<li>[Fix] Changes to random number generator code to explicitly truncate the length of the string</li>
-<li>[Fix] Quoting on boards with HTML enabled</li>
-<li>[Fix] Special characters on boards with HTML enabled</li>
-<li>[Fix] Redirect to list if cancelling deletion of ranks, smilies or word censors</li>
-<li>[Fix] Missing error message if an inactive user tried to login (Bug #1598)</li>
-<li>[Fix] Do not alter post counts when just removing a poll (Bug #1602)</li>
-<li>[Fix] Correct error in removal of old session keys</li>
-<li>[Fix] Changed filtering of short search terms</li>
-<li>[Sec] Improved filtering on language selection (also addresses a number of bug reports related to missing languages)</li>
-<li>[Change] Backported more efficient highlighting code from Olympus</li>
-<li>[Change] Backported zlib emulation code so that there is only a single confirmation image even if zlib is not available</li>
-</ul>
-
-
-<a name="2019"></a><h3 class="h3">l.iv. Changes since 2.0.19</h3>
-
-<ul>
-<li>[Fix] Prevent login attempts from incrementing for inactive users</li>
-<li>[Fix] Do not check maximum login attempts on re-authentication to the admin panel - tomknight</li>
-<li>[Fix] Regenerate session keys on password change</li>
-<li>[Fix] retrieving category rows in index.php (Bug #90)</li>
-<li>[Fix] improved index performance by determining the permissions before iterating through all forums (Bug #91)</li>
-<li>[Fix] Better handling of short usernames within the search (bug #105)</li>
-<li>[Fix] Send a no-cache header on admin pages as well as normal board pages (Bug #149)</li>
-<li>[Fix] Apply word censors to the message when quoting it (Bug #405)</li>
-<li>[Fix] Improved performance of query in admin_groups (Bug #753)</li>
-<li>[Fix] Workaround for an issue in either PHP or MSSQL resulting in a space being returned instead of an empty string (bug #830)</li>
-<li>[Fix] Correct use of default_style config value (Bug #861)</li>
-<li>[Fix] Replace unneeded unset calls in admin_db_utilities.php - vanderaj</li>
-<li>[Fix] Improved error handling in modcp.php</li>
-<li>[Fix] Improved handling of forums to which the user does not have any explicit permissions - vanderaj</li>
-<li>[Fix] Assorted fixes and cleanup of admin_ranks.php, now requires confirmation of deletions</li>
-<li>[Fix] Assorted fixes and cleanup of admin_words.php, now requires confirmation of deletions</li>
-<li>[Fix] Addition and editing of smilies can no longer be performed via GET, now requires confirmation of deletions</li>
-<li>[Fix] Escape group names in admin_groups.php</li>
-<li>[Sec] Replace strip_tags with htmlspecialchars in private message subject</li>
-<li>[Sec] Some changes to HTML handling if enabled</li>
-<li>[Sec] Escape any special characters in reverse dns - Anthrax101</li>
-<li>[Sec] Typecast poll id values - Anthrax101</li>
-<li>[Sec] Added configurable search flood control to reduce the effect of DoS style attacks</li>
-<li>[Sec] Changed the way we create "random" values for use as keys - chinchilla/Anthrax101</li>
-<li>[Change] Changed handling of the case where a selected style doesn't exist in the database</li>
-<li>[Change] Changed handling of topic pruning to improve performance</li>
-<li>[Change] Changed default forum permissions to only allow registered users to post in new forums</li>
-</ul>
-
-
-<a name="2018"></a><h3 class="h3">l.v. Changes since 2.0.18</h3>
-
-<ul>
-<li>[Fix] corrected index on session keys table under MS SQL</li>
-<li>[Fix] added session keys table to backup</li>
-<li>[Fix] delete session keys entries when deleting user</li>
-<li>[Fix] changes to support MySQL 5.0</li>
-<li>[Fix] changes to some of the admin files to improve efficiency and remove a potential error condition when building the menu</li>
-<li>[Fix] change truncation of username length in usercp_register.php - BFUK</li>
-<li>[Fix] incorrect path to avatars in admin_users.php (Bug #667)</li>
-<li>[Fix] fixed get_userdata to support correct sql escaping (non-mysql dbs) - jarnaez</li>
-<li>[Fix] fixed captcha for those not having the zlib extension enabled</li>
-<li>[Change] Placed version information above who is online in admin panel for better visual presence</li>
-<li>[Sec] fixed XSS issue (only valid for Internet Explorer) within the url bbcode</li>
-<li>[Sec] fixed XSS issue if html tags are allowed and enabled</li>
-<li>[Sec] added configurable maximum login attempts to prevent dictionary attacks</li>
-</ul>
-
-
-<a name="2017"></a><h3 class="h3">l.vi. Changes since 2.0.17</h3>
-
-<ul>
-<li>[Fix] incorrect handling of password resets if admin activation is enabled (Bug #88)</li>
-<li>[Fix] wrong topic redirection after login redirect (Bug #94)</li>
-<li>[Fix] improved handling of username lists in admin_ug_auth.php (Bug #98)</li>
-<li>[Fix] incorrect removal of bbcode_uid values if bbcode has been turned off (Bug #100)</li>
-<li>[Fix] correctly preview signature if editing other users posts (Bug #101)</li>
-<li>[Fix] incorrect alt tag on generated search images in groupcp.php, viewtopic.php and usercp_viewprofile.php (Bug #102)</li>
-<li>[Fix] consistent forum ordering in all dropdown boxes (Bug #106)</li>
-<li>[Fix] correctly get compression status in page_tail.php and page_footer_admin.php (Bug #117)</li>
-<li>[Fix] set page title on summary page of groupcp.php (bug #125)</li>
-<li>[Fix] correctly test style and avatar in usercp_register.php (bug #129 and #317)</li>
-<li>[Fix] handling of reactivation notifications if admin activation is enabled (Bug #145)</li>
-<li>[Fix] handling of both forms of translation information used in language packs (Bug #159)</li>
-<li>[Fix] key length for activation keys fixed in usercp_sendpassword.php (Bug #171)</li>
-<li>[Fix] use GENERAL_MESSAGE constant in message_die instead of MESSAGE (Bug #176)</li>
-<li>[Fix] incorrect handling of move stubs (Bug #179)</li>
-<li>[Fix] wrong mode_type in memberlist (Bug #187)</li>
-<li>[Fix] SQL errors when setting maximum PMs to 0 (Bug #188)</li>
-<li>[Fix] removed unused variable from topic_notify email template (Bug #210)</li>
-<li>[Fix] removed unset variable from smilies popup window title (Bug #224)</li>
-<li>[Fix] removed duplicate template assignment from admin_board.php (Bug #226)</li>
-<li>[Fix] incorrect search link for guest posts in modcp.php (Bug #254)</li>
-<li>[Fix] all users removed from topics watch table on special occassions (Bug #271)</li>
-<li>[Fix] correctly check returned value from strpos in append_sid function (Bug #275)</li>
-<li>[Fix] correctly display username in private message notification (Bug #278)</li>
-<li>[Fix] fixed "var-by-ref" errors (Bug #322)</li>
-<li>[Fix] changed redirection to installation (Bug #325)</li>
-<li>[Fix] added timout of 10 seconds to version check (Bug #348)</li>
-<li>[Fix] fixed user_level default in postgresql schema file (Bug #444)</li>
-<li>[Fix] multiple minor HTML issues with subSilver</li>
-<li>[Change] deprecated the use of some PHP 3 compatability functions in favour of the native equivalents</li>
-<li>[Change] added 60 days limit for grabbing unread topics in index.php</li>
-
-<li>[Sec] backport of session keys system from olympus</li>
-<li>[Sec] fixed email bans to use the same pattern as email validation and allow wildcard domain bans</li>
-<li>[Sec] fixed validation of topic type when posting</li>
-<li>[Sec] unset database password once it is no longer needed</li>
-<li>[Sec] fixed potential to select images outside the specified path as avatars or smilies</li>
-<li>[Sec] fix globals de-registration code for PHP5 - (Stefan Esser/Matt Kavanagh)</li>
-<li>[Sec] changed avatar gallery code sections to prevent possible injection points (AnthraX101)</li>
-<li>[Sec] signature field is not properly sanitised for user input when an error occurs while accessing the avatar gallery (AnthraX101)</li>
-<li>[Sec] check to_username and ownership when editing a PM (AnthraX101)</li>
-<li>[Sec] fixed ability to edit PM's you did not send (depablo84)</li>
-<li>[Sec] compare imagetype on avatar uploading to match the file extension from uploaded file</li>
-</ul>
-
-<a name="2016"></a><h3 class="h3">l.vii. Changes since 2.0.16</h3>
-
-<ul>
-<li>Added extra checks to the deletion code in privmsg.php - reported by party_fan</li>
-<li>Fixed XSS issue in IE using the url BBCode</li>
-<li>Fixed admin activation so that you must have administrator rights to activate accounts in this mode - reported by ieure</li>
-<li>Fixed get_username returning wrong row for usernames beginning with numerics - reported by Ptirhiik</li>
-<li>Pass username through phpbb_clean_username within validate_username function - AnthraX101</li>
-<li>Fixed PHP error in message_die function</li>
-<li>Fixed incorrect generation of {postrow.SEARCH_IMG} tag in viewtopic.php - reported by Double_J</li>
-<li>Also fixed above issue in usercp_viewprofile.php</li>
-<li>Fixed incorrect setting of user_level on pending members if a group is granted moderator rights - reported by halochat</li>
-<li>Fixed ordering of forums on admin_ug_auth.php to be consistant with other pages</li>
-<li>Correctly set username on posts when deleting a user from the admin panel</li>
-</ul>
-
-<a name="2015"></a><h3 class="h3">l.viii. Changes since 2.0.15</h3>
+<a name="2015"></a><h3 class="h3">l.i. Changes since 2.0.15</h3>
 
 <ul>
 <li>Fixed critical issue with highlighting - <b>Discovered and fix provided by Ron van Daal</b></li>
@@ -248,7 +73,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed bug in admin re-authentication redirect for servers not having index.php as one of their default files set</li>
 </ul>
 
-<a name="2014"></a><h3 class="h3">l.ix. Changes since 2.0.14</h3>
+<a name="2014"></a><h3 class="h3">l.ii. Changes since 2.0.14</h3>
 
 <ul>
 <li>Fixed moderator status removal in groupcp.php</li>
@@ -270,7 +95,7 @@ p,ul,td {font-size:10pt;}
 <li>Empty url/img bbcodes no longer get parsed</li>
 </ul>
 
-<a name="2013"></a><h3 class="h3">l.x. Changes since 2.0.13</h3>
+<a name="2013"></a><h3 class="h3">l.iii. Changes since 2.0.13</h3>
 
 <ul>
 <li>Hardened author and keyword search a bit to not allow very server intensive searches</li>
@@ -287,7 +112,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed case-sensitivity issues in postgres7.php - <b>R45</b></li>
 </ul>
 
-<a name="2012"></a><h3 class="h3">l.xi. Changes since 2.0.12</h3>
+<a name="2012"></a><h3 class="h3">l.iv. Changes since 2.0.12</h3>
 
 <ul>
 <li>Ommitted preg_replace warning in viewtopic due to improper working of preg_quote in PHP - originally reported by matrix_killer, fix submitted by another party</li>
@@ -295,7 +120,7 @@ p,ul,td {font-size:10pt;}
 <li>Minimum requirements raised to PHP 4.0.3 or above due to fixing vulnerability issues breaking PHP3 compatibility.</li>
 </ul>
 
-<a name="2011"></a><h3 class="h3">l.xii. Changes since 2.0.11</h3>
+<a name="2011"></a><h3 class="h3">l.v. Changes since 2.0.11</h3>
 
 <ul>
 <li>Added confirm table to admin_db_utilities.php</li>
@@ -310,7 +135,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed path disclosure bug in viewtopic.php caused by a PHP 4.3.10 bug - <b>matrix_killer</b></li>
 </ul>
 
-<a name="2010"></a><h3 class="h3">l.xiii. Changes since 2.0.10</h3>
+<a name="2010"></a><h3 class="h3">l.vi. Changes since 2.0.10</h3>
 
 <ul>
 <li>Fixed vulnerability in highlighting code (<b>very high severity, please update your installation as soon as possible</b>)</li>
@@ -321,7 +146,7 @@ p,ul,td {font-size:10pt;}
 <li>Added visual confirmation mod to code base</li>
 </ul>
 
-<a name="209"></a><h3 class="h3">l.xiv. Changes since 2.0.9</h3>
+<a name="209"></a><h3 class="h3">l.vii. Changes since 2.0.9</h3>
 
 <ul>
 <li>Fixed deleting of styles in admin_styles.php</li>
@@ -334,7 +159,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed visual confirmation code. The image was not created due to a wrong regular expression.</li>
 </ul>
 
-<a name="208"></a><h3 class="h3">l.xv. Changes since 2.0.8</h3>
+<a name="208"></a><h3 class="h3">l.viii. Changes since 2.0.8</h3>
 
 <ul>
 <li>Fixed one vulnerability in admin_board.php - <b>Xore</b></li>
@@ -353,7 +178,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed problem with SID not delivered to next page in groupcp.php</li>
 </ul>
 
-<a name="207"></a><h3 class="h3">l.xvi. Changes since 2.0.7</h3>
+<a name="207"></a><h3 class="h3">l.ix. Changes since 2.0.7</h3>
 
 <ul>
 <li>Fixed several vulnerabilities in admin pages</li>
@@ -365,7 +190,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed sql injection vulnerability in privmsg - 2.0.8a</li>
 </ul>
 
-<a name="206"></a><h3 class="h3">1.xvii. Changes since 2.0.6</h3>
+<a name="206"></a><h3 class="h3">1.x. Changes since 2.0.6</h3>
 
 <ul>
 <li>Fixed several vulnerabilities in modcp - <b>Robert Lavierck</b></li>
@@ -379,7 +204,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed potential vulnerability in avatar gallery</li>
 </ul>
 
-<a name="205"></a><h3 class="h3">1.xviii. Changes since 2.0.5</h3>
+<a name="205"></a><h3 class="h3">1.xi. Changes since 2.0.5</h3>
 
 <ul>
 <li>Fixed various email issues</li>
@@ -395,7 +220,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed sql injection with reset date format field in profile - <b>tendor</b></li>
 </ul>
 
-<a name="204"></a><h3 class="h3">1.xix. Changes since 2.0.4</h3>
+<a name="204"></a><h3 class="h3">1.xii. Changes since 2.0.4</h3>
 
 <ul>
 <li>Removed user facing session_id checks</li>
@@ -467,7 +292,7 @@ p,ul,td {font-size:10pt;}
 <li>Default English support for visual confirmation - translators are encouraged to support this</li>
 </ul>
 
-<a name="203"></a><h3 class="h3">1.xx. Changes since 2.0.3</h3>
+<a name="203"></a><h3 class="h3">1.xiii. Changes since 2.0.3</h3>
 
 <ul>
 <li>Fixed cross-browser scripting issue with highlight param</li>
@@ -594,7 +419,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed potential SQL vulnerability with marking of private messages - <b>Ulf Harnhammar</b></li>
 </ul>
 
-<a name="202"></a><h3 class="h3">1.xxi. Changes since 2.0.2</h3>
+<a name="202"></a><h3 class="h3">1.xiv. Changes since 2.0.2</h3>
 
 <ul>
 <li>Fixed potential cross-site scripting vulnerability with avatars - <b>Showscout</b></li>
@@ -603,7 +428,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed (hopefully) issue with MS Access and multiple pages</li>
 </ul>
 
-<a name="201"></a><h3 class="h3">1.xxii. Changes since 2.0.1</h3>
+<a name="201"></a><h3 class="h3">1.xv. Changes since 2.0.1</h3>
 
 <ul>
 <li>Fixed missing "username" lang variable in user admin template</li>
@@ -638,7 +463,7 @@ p,ul,td {font-size:10pt;}
 <li>Fix emailer to allow sending emails with language-specific character sets</li>
 </ul>
 
-<a name="200"></a><h3 class="h3">1.xxiii. Changes since 2.0.0</h3>
+<a name="200"></a><h3 class="h3">1.xvi. Changes since 2.0.0</h3>
 
 <ul>
 <li>Fixed delete image bug for normal users</li>
@@ -695,7 +520,7 @@ p,ul,td {font-size:10pt;}
 <li>Added database closure to admin frameset page</li>
 </ul>
 
-<a name="final"></a><h3 class="h3">1.xxiv. Changes since RC-4</h3>
+<a name="final"></a><h3 class="h3">1.xvii. Changes since RC-4</h3>
 
 <ul>
 <li>Fixed improper report of general error when posting messages containing errors</li>
@@ -725,7 +550,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed various remaining usergroup display issues</li>
 </ul>
 
-<a name="rc4"></a><h3 class="h3">1.xxv. Changes since RC-3</h3>
+<a name="rc4"></a><h3 class="h3">1.xviii. Changes since RC-3</h3>
 
 <ul>
 <li>Addressed serious security issue with included files</li>
@@ -756,7 +581,7 @@ p,ul,td {font-size:10pt;}
 <li>Fix (hopefully) remaining ICQ overlay issue with view profile in subSilver</li>
 </ul>
 
-<a name="rc3"></a><h3 class="h3">1.xxvi. Changes since RC-2</h3>
+<a name="rc3"></a><h3 class="h3">1.xix. Changes since RC-2</h3>
 
 <ul>
 <li>Fixed infamous install parse error</li>
@@ -789,7 +614,7 @@ p,ul,td {font-size:10pt;}
 <li>Hidden usergroups are now completely hidden from view</li>
 </ul>
 
-<a name="rc2"></a><h3 class="h3">1.xxvii. Changes since RC-1</h3>
+<a name="rc2"></a><h3 class="h3">1.xx. Changes since RC-1</h3>
 
 <ul>
 <li>Fixed numerous PostgreSQL related issues</li>
@@ -809,7 +634,7 @@ p,ul,td {font-size:10pt;}
 <li>Various other fixes and updates</li>
 </ul>
 
-<a name="rc1"></a><h3 class="h3">1.xxviii. Changes since RC-1 (pre)</h3>
+<a name="rc1"></a><h3 class="h3">1.xxi. Changes since RC-1 (pre)</h3>
 
 <ul>
 <li>Upgrade script completed for initial fully functional release</li>

phpBB/docs/FAQ.html

@@ -162,23 +162,21 @@ h3 {font-size:12pt;}
 
 <p>If you want to allow your users to make use of HTML in posts you need to do two things. Firstly enable HTML in Admin -> General -> Configuration. Secondly to need to make sure that the tags your users will post are in the Allowed HTML Tags field (again Admin -> General -> Configuration). If users post using tags not on this list they won't be displayed as HTML! eg. to enable someone to post Flash you could add the embed tag to this field. Be careful which tags you allow, it is very easy to break the boards own output if the wrong tags are used in posts. </p></p></li>
 
-<li><b>Can I suggest a feature for phpBB 3.0?</b>
+<li><b>Can I suggest a feature for phpBB 2.2?</b>
 
-<p>No, the feature list for phpBB 3.0 is now frozen and no new features will be added to that list. At the moment we do not accept new feature requests.</p>
-<!--
-You may however add requests for the next release after that, 3.2, in our feature tracker:</p>
+<p>Yes you most certainly can, phpBB 2.0.0 is now feature frozen and only bug fix releases will be made from this line. However, work has already started on the next release of phpBB, phpBB 2.2. We already have a number of features in mind and these are listed on our task manager:</p>
 
-<p><a href="http://sourceforge.net/tracker/?atid=580201&group_id=7885&func=browse" target="_new">http://sourceforge.net/tracker/?atid=580201&group_id=7885&func=browse</a></p>
+<p><a href="http://sourceforge.net/pm/task.php?group_project_id=13524&group_id=7885&func=browse" target="_tasks">http://sourceforge.net/pm/task.php?group_project_id=13524&group_id=7885&func=browse</a>.</p>
 
-<p>Before submitting your idea please <b>ensure</b> you have read through the entries in that list. If your idea is similar to an existing one please feel free to add a comment to it. Please <b>do not</b> submit duplicate suggestions!</p>
+<p>Some of these features will also be discussed on forums at <a href="http://www.phpbb.com/phpBB/">http://www.phpbb.com/phpBB/</a>.</p>
+
+<p>To suggest a feature first consult the task list mentioned above, if your idea is already listed then the chances are good that it will appear in 2.2. If your suggestion is not listed please submit it to our feature request tracker:</p>
+
+<p><a href="http://sourceforge.net/tracker/index.php?group_id=7885&atid=357885" target="_features">http://sourceforge.net/tracker/index.php?group_id=7885&atid=357885</a>.</p>
+
+<p>Before submitting please read through the already present suggestions, if one matches or is similar to yours please add to it rather than creating a new entry.</p>
 
 <p>We make no promises to the inclusion of features but we will endeavour to introduce the most requested or most interesting ones.</p></li>
-//-->
-<p>If you wish to follow the progress of phpBB 3.0 you may like to visit our development forum to see how things are progressing:</p>
-
-<p><a href="http://area51.phpbb.com/phpBB/" target="_new">http://area51.phpbb.com/phpBB/</a></p>
-
-<p>Please note that this forum should <b>NOT</b> be used to obtain support for or ask questions about phpBB 2.0.x, the main community forums are the place for this. Any such posts will be locked and go unanswered.</p>
 
 <li><b>Why is phpBB 1.x faster than phpBB 2.0?</b>
 

phpBB/docs/INSTALL.html

@@ -3,7 +3,7 @@
 <head>
 <meta http-equiv="Content-Type" content="text/html">
 <meta http-equiv="Content-Style-Type" content="text/css">
-<title>phpBB 2.0.x :: Install</title>
+<title>phpBB 2.0.16 :: Install</title>
 <link rel="stylesheet" href="../templates/subSilver/subSilver.css" type="text/css">
 <style type="text/css">
 <!--
@@ -24,7 +24,7 @@ p,ul,td {font-size:10pt;}
 <table width="100%" border="0" cellspacing="0" cellpadding="0">
 	<tr>
 		<td><img src="../templates/subSilver/images/logo_phpBB.gif" border="0" alt="phpBB 2 : Creating Communities" vspace="1" /></a></td>
-		<td align="center" width="100%" valign="middle"><span class="maintitle">phpBB 2.0.x INSTALL</span></td>
+		<td align="center" width="100%" valign="middle"><span class="maintitle">phpBB 2.0.16 INSTALL</span></td>
 	</tr>
 </table>
 
@@ -33,7 +33,7 @@ p,ul,td {font-size:10pt;}
 
 <p>Please note these instructions are not fully comprehensive, a more thorough userguide will be available on the phpBB website in the near future. However, this document will walk you through the basics on installing the forum software.</p>
 
-<p>A basic overview of running phpBB 2.0.x can be found in the accompanying <a href="README.html">README</a> documentation. Please ensure you read that document in addition to this! For more detailed information on using phpBB 2 you should read <a href="http://www.phpbb.com/support/guide/" target="_new">Userguide</a> now available online.</p>
+<p>A basic overview of running phpBB 2.0.16 can be found in the accompanying <a href="README.html">README</a> documentation. Please ensure you read that document in addition to this! For more detailed information on using phpBB 2 you should read <a href="http://www.phpbb.com/support/guide/" target="_new">Userguide</a> now available online.</p>
 
 <ol>
 <li><a href="#quickinstall">Quick Install</a></li>
@@ -188,29 +188,29 @@ p,ul,td {font-size:10pt;}
 
 <p><b>Please make sure you update your phpBB2 source files too, even if you run the update_to_latest.php file.</b></p>
 
-<a name="upgradeSTABLE_full"></a><h3 class="h3">7.i. Full package</h3>
+<a name="#upgradeSTABLE_full"></a><h3 class="h3">7.i. Full package</h3>
 
 <p>If you have downloaded the full package you should follow the same general upgrade path as for "<a href="#upgradeRC">Upgrade from previous Release Candidate versions of phpBB 2</a>". The exception to this being the need to switch or update styles. In addition there is generally little need to visit the admin panel (though it is adviseable).</p>
 
-<a name="upgradeSTABLE_files"></a><h3 class="h3">7.ii. Changed files only</h3>
+<a name="#upgradeSTABLE_files"></a><h3 class="h3">7.ii. Changed files only</h3>
 
-<p>This package contains a number of archives, each contains the files changed from a given release to the latest version. You should select the appropriate archive for your current version, e.g. if you currently have 2.0.22 you should select the phpBB-2.0.22_to_2.0.23.zip/tar.gz file.</p>
+<p>This package contains a number of archives, each contains the files changed from a given release to the latest version. You should select the appropriate archive for your current version, e.g. if you currently have 2.0.15 you should select the phpBB-2.0.15_to_2.0.16.zip/tar.gz file.</p>
 
 <p>The directory structure has been preserved enabling you (if you wish) to simply upload the contents of the archive to the appropriate location on your server, i.e. simply overwrite the existing files with the new versions. Do not forget that if you have installed any Mods these files will overwrite the originals possibly destroying them in the process. You will need to re-add Mods to any affected file before uploading.</p>
 
 <p>As for the other upgrade procedures you should run <b>install/update_to_latest.php</b> after you have finished updating the files. This will update your database schema and increment the version number.</p>
 
-<a name="upgradeSTABLE_patch"></a><h3 class="h3">7.iii. Patch file</h3>
+<a name="#upgradeSTABLE_patch"></a><h3 class="h3">7.iii. Patch file</h3>
 
 <p>The patch file is probably the best solution for those with many Mods or other changes who do not want to re-add them back to all the changed files. To use this you will need command line access to a standard UNIX type <b>patch</b> application.</p>
 
-<p>A number of patch files are provided to allow you to upgrade from previous stable releases. Select the correct patch, e.g. if your current version is 2.0.22 you need the phpBB-2.0.22_to_2.0.23.patch. Place the correct patch in the parent directory containing the phpBB 2 core files (i.e. index.php, viewforum.php, etc.). With this done you should run the following command: <b>patch -cl -d [PHPBB DIRECTORY] -p1 &lt; [PATCH NAME]</b> (where PHPBB DIRECTORY is the directory name your phpBB Installation resides in, for example phpBB2, and where PATCH NAME is the relevant filename of the selected patch file). This should complete quickly, hopefully without any HUNK FAILED comments.</p>
+<p>A number of patch files are provided to allow you to upgrade from previous stable releases. Select the correct patch, e.g. if your current version is 2.0.15 you need the phpBB-2.0.15_to_2.0.16.patch. Place the correct patch in the parent directory containing the phpBB 2 core files (i.e. index.php, viewforum.php, etc.). With this done you should run the following command: <b>patch -cl -d [PHPBB DIRECTORY] -p1 &lt; [PATCH NAME]</b> (where PHPBB DIRECTORY is the directory name your phpBB Installation resides in, for example phpBB2, and where PATCH NAME is the relevant filename of the selected patch file). This should complete quickly, hopefully without any HUNK FAILED comments.</p>
 
 <p>If you do get failures you should look at using the <a href="#upgradeSTABLE_files">Changed files only</a> package to replace the files which failed to patch, please note that you will need to manually re-add any Mods to these particular files. Alternatively if you know how you can examine the .rej files to determine what failed where and make manual adjustments to the relevant source.</p>
 
 <p>You should of course delete the patch file (or files) after use. As for the other upgrade procedures you should run <b>install/update_to_latest.php</b> after you have finished updating the files. This will update your database schema and data (if appropriate) and increment the version number.</p>
 
-<a name="upgradeSTABLE_all"></a><h3 class="h3">7.iv. All package types</h3>
+<a name="#upgradeSTABLE_all"></a><h3 class="h3">7.iv. All package types</h3>
 
 <p>If you have non-English language packs installed you may want to see if a new version has been made available. A number of missing strings have been added which, though not essential, may be beneficial to users. Please note that at this time not all language packs have been updated so you should be prepared to periodically check for updates.</p>
 

phpBB/docs/README.html

@@ -3,7 +3,7 @@
 <head>
 <meta http-equiv="Content-Type" content="text/html">
 <meta http-equiv="Content-Style-Type" content="text/css">
-<title>phpBB 2.0.x :: Readme</title>
+<title>phpBB 2.0.16 :: Readme</title>
 <link rel="stylesheet" href="../templates/subSilver/subSilver.css" type="text/css" />
 <style type="text/css">
 <!--
@@ -24,7 +24,7 @@ p,ul,td {font-size:10pt;}
 <table width="100%" border="0" cellspacing="0" cellpadding="0">
 	<tr>
 		<td><img src="../templates/subSilver/images/logo_phpBB.gif" border="0" alt="phpBB 2 : Creating Communities" vspace="1" /></a></td>
-		<td align="center" width="100%" valign="middle"><span class="maintitle">phpBB 2.0.x README</span></td>
+		<td align="center" width="100%" valign="middle"><span class="maintitle">phpBB 2.0.16 README</span></td>
 	</tr>
 </table>
 

phpBB/groupcp.php

@@ -99,9 +99,9 @@ function generate_user_info(&$row, $date_format, $group_mod, &$from, &$posts, &$
 	$yim_img = ( $row['user_yim'] ) ? '<a href="http://edit.yahoo.com/config/send_webmesg?.target=' . $row['user_yim'] . '&amp;.src=pg"><img src="' . $images['icon_yim'] . '" alt="' . $lang['YIM'] . '" title="' . $lang['YIM'] . '" border="0" /></a>' : '';
 	$yim = ( $row['user_yim'] ) ? '<a href="http://edit.yahoo.com/config/send_webmesg?.target=' . $row['user_yim'] . '&amp;.src=pg">' . $lang['YIM'] . '</a>' : '';
 
-	$temp_url = append_sid("search.$phpEx?search_author=" . urlencode($row['username']) . "&amp;showresults=posts");
-	$search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . sprintf($lang['Search_user_posts'], $row['username']) . '" title="' . sprintf($lang['Search_user_posts'], $row['username']) . '" border="0" /></a>';
-	$search = '<a href="' . $temp_url . '">' . sprintf($lang['Search_user_posts'], $row['username']) . '</a>';
+	$temp_url = append_sid("search.$phpEx?search_author=" . urlencode($username) . "&amp;showresults=posts");
+	$search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . $lang['Search_user_posts'] . '" title="' . $lang['Search_user_posts'] . '" border="0" /></a>';
+	$search = '<a href="' . $temp_url . '">' . $lang['Search_user_posts'] . '</a>';
 
 	return;
 }
@@ -146,9 +146,8 @@ else
 
 $confirm = ( isset($HTTP_POST_VARS['confirm']) ) ? TRUE : 0;
 $cancel = ( isset($HTTP_POST_VARS['cancel']) ) ? TRUE : 0;
-$sid = ( isset($HTTP_POST_VARS['sid']) ) ? $HTTP_POST_VARS['sid'] : '';
+
 $start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0;
-$start = ($start < 0) ? 0 : $start;
 
 //
 // Default var values
@@ -210,10 +209,6 @@ else if ( isset($HTTP_POST_VARS['joingroup']) && $group_id )
 	{
 		redirect(append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true));
 	}
-	else if ( $sid !== $userdata['session_id'] )
-	{
-		message_die(GENERAL_ERROR, $lang['Session_invalid']);
-	}
 
 	$sql = "SELECT ug.user_id, g.group_type
 		FROM " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g 
@@ -225,7 +220,7 @@ else if ( isset($HTTP_POST_VARS['joingroup']) && $group_id )
 		message_die(GENERAL_ERROR, 'Could not obtain user and group information', '', __LINE__, __FILE__, $sql);
 	}
 
-	if ( $row = $db->sql_fetchrow($result))
+	if (	$row = $db->sql_fetchrow($result) )
 	{
 		if ( $row['group_type'] == GROUP_OPEN )
 		{
@@ -315,15 +310,10 @@ else if ( isset($HTTP_POST_VARS['unsub']) || isset($HTTP_POST_VARS['unsubpending
 	{
 		redirect(append_sid("groupcp.$phpEx", true));
 	}
-	else if ( !$userdata['session_logged_in'] )
+	elseif ( !$userdata['session_logged_in'] )
 	{
 		redirect(append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true));
 	}
-	else if ( $sid !== $userdata['session_id'] )
-	{
-		message_die(GENERAL_ERROR, $lang['Session_invalid']);
-	}
-
 
 	if ( $confirm )
 	{
@@ -372,7 +362,6 @@ else if ( isset($HTTP_POST_VARS['unsub']) || isset($HTTP_POST_VARS['unsubpending
 		$unsub_msg = ( isset($HTTP_POST_VARS['unsub']) ) ? $lang['Confirm_unsub'] : $lang['Confirm_unsub_pending'];
 
 		$s_hidden_fields = '<input type="hidden" name="' . POST_GROUPS_URL . '" value="' . $group_id . '" /><input type="hidden" name="unsub" value="1" />';
-		$s_hidden_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />';
 
 		$page_title = $lang['Group_Control_Panel'];
 		include($phpbb_root_path . 'includes/page_header.'.$phpEx);
@@ -429,24 +418,21 @@ else if ( $group_id )
 							FROM " . AUTH_ACCESS_TABLE . " aa 
 							WHERE aa.group_id = g.group_id  
 						)
-					)
-				ORDER BY auth_mod DESC";
+					)";
 			break;
 
 		case 'oracle':
 			$sql = "SELECT g.group_moderator, g.group_type, aa.auth_mod 
 				FROM " . GROUPS_TABLE . " g, " . AUTH_ACCESS_TABLE . " aa 
 				WHERE g.group_id = $group_id
-					AND aa.group_id (+) = g.group_id
-				ORDER BY aa.auth_mod DESC";
+					AND aa.group_id (+) = g.group_id";
 			break;
 
 		default:
 			$sql = "SELECT g.group_moderator, g.group_type, aa.auth_mod 
 				FROM ( " . GROUPS_TABLE . " g 
 				LEFT JOIN " . AUTH_ACCESS_TABLE . " aa ON aa.group_id = g.group_id )
-				WHERE g.group_id = $group_id
-				ORDER BY aa.auth_mod DESC";
+				WHERE g.group_id = $group_id";
 			break;
 	}
 	if ( !($result = $db->sql_query($sql)) )
@@ -471,10 +457,6 @@ else if ( $group_id )
 			if ( !$userdata['session_logged_in'] )
 			{
 				redirect(append_sid("login.$phpEx?redirect=groupcp.$phpEx&" . POST_GROUPS_URL . "=$group_id", true));
-			} 
-			else if ( $sid !== $userdata['session_id'] )
-			{
-				message_die(GENERAL_ERROR, $lang['Session_invalid']);
 			}
 
 			if ( !$is_moderator )
@@ -915,7 +897,7 @@ else if ( $group_id )
 
 	generate_user_info($group_moderator, $board_config['default_dateformat'], $is_moderator, $from, $posts, $joined, $poster_avatar, $profile_img, $profile, $search_img, $search, $pm_img, $pm, $email_img, $email, $www_img, $www, $icq_status_img, $icq_img, $icq, $aim_img, $aim, $msn_img, $msn, $yim_img, $yim);
 
-	$s_hidden_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />';
+	$s_hidden_fields .= '';
 
 	$template->assign_vars(array(
 		'L_GROUP_INFORMATION' => $lang['Group_Information'],
@@ -1236,7 +1218,6 @@ else
 		//
 		// Load and process templates
 		//
-		$page_title = $lang['Group_Control_Panel'];
 		include($phpbb_root_path . 'includes/page_header.'.$phpEx);
 
 		$template->set_filenames(array(

phpBB/includes/auth.php

@@ -234,7 +234,6 @@ function auth($type, $forum_id, $userdata, $f_access = '')
 			{
 				$value = $f_access[$k][$key];
 				$f_forum_id = $f_access[$k]['forum_id'];
-				$u_access[$f_forum_id] = isset($u_access[$f_forum_id]) ? $u_access[$f_forum_id] : array();
 
 				switch( $value )
 				{
@@ -283,7 +282,6 @@ function auth($type, $forum_id, $userdata, $f_access = '')
 		for($k = 0; $k < count($f_access); $k++)
 		{
 			$f_forum_id = $f_access[$k]['forum_id'];
-			$u_access[$f_forum_id] = isset($u_access[$f_forum_id]) ? $u_access[$f_forum_id] : array();
 
 			$auth_user[$f_forum_id]['auth_mod'] = ( $userdata['session_logged_in'] ) ? auth_check_user(AUTH_MOD, 'auth_mod', $u_access[$f_forum_id], $is_admin) : 0;
 		}

phpBB/includes/bbcode.php

@@ -196,23 +196,23 @@ function bbencode_second_pass($text, $uid)
 
 	// [img]image_url_here[/img] code..
 	// This one gets first-passed..
-	$patterns[] = "#\[img:$uid\]([^?](?:[^\[]+|\[(?!url))*?)\[/img:$uid\]#i";
+	$patterns[] = "#\[img:$uid\]([^?].*?)\[/img:$uid\]#i";
 	$replacements[] = $bbcode_tpl['img'];
 
 	// matches a [url]xxxx://www.phpbb.com[/url] code..
-	$patterns[] = "#\[url\]([\w]+?://([\w\#$%&~/.\-;:=,?@\]+]+|\[(?!url=))*?)\[/url\]#is";
+	$patterns[] = "#\[url\]([\w]+?://[^ \"\n\r\t<]*?)\[/url\]#is";
 	$replacements[] = $bbcode_tpl['url1'];
 
 	// [url]www.phpbb.com[/url] code.. (no xxxx:// prefix).
-	$patterns[] = "#\[url\]((www|ftp)\.([\w\#$%&~/.\-;:=,?@\]+]+|\[(?!url=))*?)\[/url\]#is";
+	$patterns[] = "#\[url\]((www|ftp)\.[^ \"\n\r\t<]*?)\[/url\]#is";
 	$replacements[] = $bbcode_tpl['url2'];
 
 	// [url=xxxx://www.phpbb.com]phpBB[/url] code..
-	$patterns[] = "#\[url=([\w]+?://[\w\#$%&~/.\-;:=,?@\[\]+]*?)\]([^?\n\r\t].*?)\[/url\]#is";
+	$patterns[] = "#\[url=([\w]+?://[^ \"\n\r\t<]*?)\]([^?\n\r\t].*?)\[/url\]#is";
 	$replacements[] = $bbcode_tpl['url3'];
 
 	// [url=www.phpbb.com]phpBB[/url] code.. (no xxxx:// prefix).
-	$patterns[] = "#\[url=((www|ftp)\.[\w\#$%&~/.\-;:=,?@\[\]+]*?)\]([^?\n\r\t].*?)\[/url\]#is";
+	$patterns[] = "#\[url=((www|ftp)\.[^ \"\n\r\t<]*?)\]([^?\n\r\t].*?)\[/url\]#is";
 	$replacements[] = $bbcode_tpl['url4'];
 
 	// [email]user@domain.tld[/email] code..
@@ -235,7 +235,7 @@ function make_bbcode_uid()
 {
 	// Unique ID for this message..
 
-	$uid = dss_rand();
+	$uid = md5(mt_rand());
 	$uid = substr($uid, 0, BBCODE_UID_LEN);
 
 	return $uid;
@@ -252,7 +252,7 @@ function bbencode_first_pass($text, $uid)
 
 	// [QUOTE] and [/QUOTE] for posting replies with quote, or just for quoting stuff.
 	$text = bbencode_first_pass_pda($text, $uid, '[quote]', '[/quote]', '', false, '');
-	$text = bbencode_first_pass_pda($text, $uid, '/\[quote=\\\\&quot;(.*?)\\\\&quot;\]/is', '[/quote]', '', false, '', "[quote:$uid=\\\"\\1\\\"]");
+	$text = bbencode_first_pass_pda($text, $uid, '/\[quote=(\\\".*?\\\")\]/is', '[/quote]', '', false, '', "[quote:$uid=\\1]");
 
 	// [list] and [list=x] for (un)ordered lists.
 	$open_tag = array();
@@ -389,15 +389,15 @@ function bbencode_first_pass_pda($text, $uid, $open_tag, $close_tag, $close_tag_
 				//
 				// We're going to try and catch usernames with "[' characters.
 				//
-				if( preg_match('#\[quote=\\\&quot;#si', $possible_start, $match) && !preg_match('#\[quote=\\\&quot;(.*?)\\\&quot;\]#si', $possible_start) )
+				if( preg_match('#\[quote=\\\"#si', $possible_start, $match) && !preg_match('#\[quote=\\\"(.*?)\\\"\]#si', $possible_start) )
 				{
 					// OK we are in a quote tag that probably contains a ] bracket.
 					// Grab a bit more of the string to hopefully get all of it..
-					if ($close_pos = strpos($text, '&quot;]', $curr_pos + 14))
+					if ($close_pos = strpos($text, '"]', $curr_pos + 9))
 					{
-						if (strpos(substr($text, $curr_pos + 14, $close_pos - ($curr_pos + 14)), '[quote') === false)
+						if (strpos(substr($text, $curr_pos + 9, $close_pos - ($curr_pos + 9)), '[quote') === false)
 						{
-							$possible_start = substr($text, $curr_pos, $close_pos - $curr_pos + 7);
+							$possible_start = substr($text, $curr_pos, $close_pos - $curr_pos + 2);
 						}
 					}
 				}
@@ -432,7 +432,7 @@ function bbencode_first_pass_pda($text, $uid, $open_tag, $close_tag, $close_tag_
 				// We have an opening tag.
 				// Push its position, the text we matched, and its index in the open_tag array on to the stack, and then keep going to the right.
 				$match = array("pos" => $curr_pos, "tag" => $which_start_tag, "index" => $start_tag_index);
-				array_push($stack, $match);
+				bbcode_array_push($stack, $match);
 				//
 				// Rather than just increment $curr_pos
 				// Set it to the ending of the tag we just found
@@ -454,7 +454,7 @@ function bbencode_first_pass_pda($text, $uid, $open_tag, $close_tag, $close_tag_
 						// There exists a starting tag.
 						$curr_nesting_depth = sizeof($stack);
 						// We need to do 2 replacements now.
-						$match = array_pop($stack);
+						$match = bbcode_array_pop($stack);
 						$start_index = $match['pos'];
 						$start_tag = $match['tag'];
 						$start_length = strlen($start_tag);
@@ -520,7 +520,7 @@ function bbencode_first_pass_pda($text, $uid, $open_tag, $close_tag, $close_tag_
 						// otherwise, we go back to the start.
 						if (sizeof($stack) > 0)
 						{
-							$match = array_pop($stack);
+							$match = bbcode_array_pop($stack);
 							$curr_pos = $match['pos'];
 //							bbcode_array_push($stack, $match);
 //							++$curr_pos;
@@ -624,13 +624,13 @@ function make_clickable($text)
 	// matches an "xxxx://yyyy" URL at the start of a line, or after a space.
 	// xxxx can only be alpha characters.
 	// yyyy is anything up to the first space, newline, comma, double quote or <
-	$ret = preg_replace("#(^|[\n ])([\w]+?://[\w\#$%&~/.\-;:=,?@\[\]+]*)#is", "\\1<a href=\"\\2\" target=\"_blank\">\\2</a>", $ret);
+	$ret = preg_replace("#(^|[\n ])([\w]+?://[^ \"\n\r\t<]*)#is", "\\1<a href=\"\\2\" target=\"_blank\">\\2</a>", $ret);
 
 	// matches a "www|ftp.xxxx.yyyy[/zzzz]" kinda lazy URL thing
 	// Must contain at least 2 dots. xxxx contains either alphanum, or "-"
 	// zzzz is optional.. will contain everything up to the first space, newline, 
 	// comma, double quote or <.
-	$ret = preg_replace("#(^|[\n ])((www|ftp)\.[\w\#$%&~/.\-;:=,?@\[\]+]*)#is", "\\1<a href=\"http://\\2\" target=\"_blank\">\\2</a>", $ret);
+	$ret = preg_replace("#(^|[\n ])((www|ftp)\.[^ \"\t\n\r<]*)#is", "\\1<a href=\"http://\\2\" target=\"_blank\">\\2</a>", $ret);
 
 	// matches an email@domain type address at the start of a line, or after a space.
 	// Note: Only the followed chars are valid; alphanums, "-", "_" and or ".".
@@ -700,7 +700,6 @@ function escape_slashes($input)
  * This function does exactly what the PHP4 function array_push() does
  * however, to keep phpBB compatable with PHP 3 we had to come up with our own
  * method of doing it.
- * This function was deprecated in phpBB 2.0.18
  */
 function bbcode_array_push(&$stack, $value)
 {
@@ -712,7 +711,6 @@ function bbcode_array_push(&$stack, $value)
  * This function does exactly what the PHP4 function array_pop() does
  * however, to keep phpBB compatable with PHP 3 we had to come up with our own
  * method of doing it.
- * This function was deprecated in phpBB 2.0.18
  */
 function bbcode_array_pop(&$stack)
 {
@@ -763,7 +761,7 @@ function smilies_pass($message)
 
 		for ($i = 0; $i < count($smilies); $i++)
 		{
-			$orig[] = "/(?<=.\W|\W.|^\W)" . preg_quote($smilies[$i]['code'], "/") . "(?=.\W|\W.|\W$)/";
+			$orig[] = "/(?<=.\W|\W.|^\W)" . phpbb_preg_quote($smilies[$i]['code'], "/") . "(?=.\W|\W.|\W$)/";
 			$repl[] = '<img src="'. $board_config['smilies_path'] . '/' . $smilies[$i]['smile_url'] . '" alt="' . $smilies[$i]['emoticon'] . '" border="0" />';
 		}
 	}

phpBB/includes/constants.php

@@ -167,7 +167,6 @@ define('SEARCH_TABLE', $table_prefix.'search_results');
 define('SEARCH_WORD_TABLE', $table_prefix.'search_wordlist');
 define('SEARCH_MATCH_TABLE', $table_prefix.'search_wordmatch');
 define('SESSIONS_TABLE', $table_prefix.'sessions');
-define('SESSIONS_KEYS_TABLE', $table_prefix.'sessions_keys');
 define('SMILIES_TABLE', $table_prefix.'smilies');
 define('THEMES_TABLE', $table_prefix.'themes');
 define('THEMES_NAME_TABLE', $table_prefix.'themes_name');

phpBB/includes/db.php

@@ -60,7 +60,7 @@ switch($dbms)
 $db = new sql_db($dbhost, $dbuser, $dbpasswd, $dbname, false);
 if(!$db->db_connect_id)
 {
-	message_die(CRITICAL_ERROR, "Could not connect to the database");
+   message_die(CRITICAL_ERROR, "Could not connect to the database");
 }
 
 ?>

phpBB/includes/emailer.php

@@ -164,7 +164,7 @@ class emailer
 		if (preg_match('#^(Subject:(.*?))$#m', $this->msg, $match))
 		{
 			$this->subject = (trim($match[2]) != '') ? trim($match[2]) : (($this->subject != '') ? $this->subject : 'No Subject');
-			$drop_header .= '[\r\n]*?' . preg_quote($match[1], '#');
+			$drop_header .= '[\r\n]*?' . phpbb_preg_quote($match[1], '#');
 		}
 		else
 		{
@@ -174,7 +174,7 @@ class emailer
 		if (preg_match('#^(Charset:(.*?))$#m', $this->msg, $match))
 		{
 			$this->encoding = (trim($match[2]) != '') ? trim($match[2]) : trim($lang['ENCODING']);
-			$drop_header .= '[\r\n]*?' . preg_quote($match[1], '#');
+			$drop_header .= '[\r\n]*?' . phpbb_preg_quote($match[1], '#');
 		}
 		else
 		{
@@ -261,7 +261,7 @@ class emailer
 		$str = chunk_split(base64_encode($str), $length, $spacer);
 
 		// remove trailing spacer and add start and end delimiters
-		$str = preg_replace('#' . preg_quote($spacer, '#') . '$#', '', $str);
+		$str = preg_replace('#' . phpbb_preg_quote($spacer, '#') . '$#', '', $str);
 
 		return $start . $str . $end;
 	}

phpBB/includes/functions.php

@@ -78,41 +78,12 @@ function get_db_stat($mode)
 function phpbb_clean_username($username)
 {
 	$username = substr(htmlspecialchars(str_replace("\'", "'", trim($username))), 0, 25);
-	$username = phpbb_rtrim($username, "\\");
+	$username = phpbb_rtrim($username, "\\");	
 	$username = str_replace("'", "\'", $username);
 
 	return $username;
 }
 
-/**
-* This function is a wrapper for ltrim, as charlist is only supported in php >= 4.1.0
-* Added in phpBB 2.0.18
-*/
-function phpbb_ltrim($str, $charlist = false)
-{
-	if ($charlist === false)
-	{
-		return ltrim($str);
-	}
-	
-	$php_version = explode('.', PHP_VERSION);
-
-	// php version < 4.1.0
-	if ((int) $php_version[0] < 4 || ((int) $php_version[0] == 4 && (int) $php_version[1] < 1))
-	{
-		while ($str{0} == $charlist)
-		{
-			$str = substr($str, 1);
-		}
-	}
-	else
-	{
-		$str = ltrim($str, $charlist);
-	}
-
-	return $str;
-}
-
 // added at phpBB 2.0.12 to fix a bug in PHP 4.3.10 (only supporting charlist in php >= 4.1.0)
 function phpbb_rtrim($str, $charlist = false)
 {
@@ -139,37 +110,6 @@ function phpbb_rtrim($str, $charlist = false)
 	return $str;
 }
 
-/**
-* Our own generator of random values
-* This uses a constantly changing value as the base for generating the values
-* The board wide setting is updated once per page if this code is called
-* With thanks to Anthrax101 for the inspiration on this one
-* Added in phpBB 2.0.20
-*/
-function dss_rand()
-{
-	global $db, $board_config, $dss_seeded;
-
-	$val = $board_config['rand_seed'] . microtime();
-	$val = md5($val);
-	$board_config['rand_seed'] = md5($board_config['rand_seed'] . $val . 'a');
-   
-	if($dss_seeded !== true)
-	{
-		$sql = "UPDATE " . CONFIG_TABLE . " SET
-			config_value = '" . $board_config['rand_seed'] . "'
-			WHERE config_name = 'rand_seed'";
-		
-		if( !$db->sql_query($sql) )
-		{
-			message_die(GENERAL_ERROR, "Unable to reseed PRNG", "", __LINE__, __FILE__, $sql);
-		}
-
-		$dss_seeded = true;
-	}
-
-	return substr($val, 4, 16);
-}
 //
 // Get Userdata, $user can be username or user_id. If force_str is true, the username will be forced.
 //
@@ -177,7 +117,7 @@ function get_userdata($user, $force_str = false)
 {
 	global $db;
 
-	if (!is_numeric($user) || $force_str)
+	if (intval($user) == 0 || $force_str)
 	{
 		$user = phpbb_clean_username($user);
 	}
@@ -189,7 +129,7 @@ function get_userdata($user, $force_str = false)
 	$sql = "SELECT *
 		FROM " . USERS_TABLE . " 
 		WHERE ";
-	$sql .= ( ( is_integer($user) ) ? "user_id = $user" : "username = '" .  str_replace("\'", "''", $user) . "'" ) . " AND user_id <> " . ANONYMOUS;
+	$sql .= ( ( is_integer($user) ) ? "user_id = $user" : "username = '" .  $user . "'" ) . " AND user_id <> " . ANONYMOUS;
 	if ( !($result = $db->sql_query($sql)) )
 	{
 		message_die(GENERAL_ERROR, 'Tried obtaining data for a non-existent user', '', __LINE__, __FILE__, $sql);
@@ -309,14 +249,14 @@ function make_jumpbox($action, $match_forum_id = 0)
 function init_userprefs($userdata)
 {
 	global $board_config, $theme, $images;
-	global $template, $lang, $phpEx, $phpbb_root_path, $db;
+	global $template, $lang, $phpEx, $phpbb_root_path;
 	global $nav_links;
 
 	if ( $userdata['user_id'] != ANONYMOUS )
 	{
 		if ( !empty($userdata['user_lang']))
 		{
-			$default_lang = phpbb_ltrim(basename(phpbb_rtrim($userdata['user_lang'])), "'");
+			$board_config['default_lang'] = $userdata['user_lang'];
 		}
 
 		if ( !empty($userdata['user_dateformat']) )
@@ -329,61 +269,12 @@ function init_userprefs($userdata)
 			$board_config['board_timezone'] = $userdata['user_timezone'];
 		}
 	}
-	else
+
+	if ( !file_exists(@phpbb_realpath($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_main.'.$phpEx)) )
 	{
-		$default_lang = phpbb_ltrim(basename(phpbb_rtrim($board_config['default_lang'])), "'");
+		$board_config['default_lang'] = 'english';
 	}
 
-	if ( !file_exists(@phpbb_realpath($phpbb_root_path . 'language/lang_' . $default_lang . '/lang_main.'.$phpEx)) )
-	{
-		if ( $userdata['user_id'] != ANONYMOUS )
-		{
-			// For logged in users, try the board default language next
-			$default_lang = phpbb_ltrim(basename(phpbb_rtrim($board_config['default_lang'])), "'");
-		}
-		else
-		{
-			// For guests it means the default language is not present, try english
-			// This is a long shot since it means serious errors in the setup to reach here,
-			// but english is part of a new install so it's worth us trying
-			$default_lang = 'english';
-		}
-
-		if ( !file_exists(@phpbb_realpath($phpbb_root_path . 'language/lang_' . $default_lang . '/lang_main.'.$phpEx)) )
-		{
-			message_die(CRITICAL_ERROR, 'Could not locate valid language pack');
-		}
-	}
-
-	// If we've had to change the value in any way then let's write it back to the database
-	// before we go any further since it means there is something wrong with it
-	if ( $userdata['user_id'] != ANONYMOUS && $userdata['user_lang'] !== $default_lang )
-	{
-		$sql = 'UPDATE ' . USERS_TABLE . "
-			SET user_lang = '" . $default_lang . "'
-			WHERE user_lang = '" . $userdata['user_lang'] . "'";
-
-		if ( !($result = $db->sql_query($sql)) )
-		{
-			message_die(CRITICAL_ERROR, 'Could not update user language info');
-		}
-
-		$userdata['user_lang'] = $default_lang;
-	}
-	elseif ( $userdata['user_id'] == ANONYMOUS && $board_config['default_lang'] !== $default_lang )
-	{
-		$sql = 'UPDATE ' . CONFIG_TABLE . "
-			SET config_value = '" . $default_lang . "'
-			WHERE config_name = 'default_lang'";
-
-		if ( !($result = $db->sql_query($sql)) )
-		{
-			message_die(CRITICAL_ERROR, 'Could not update user language info');
-		}
-	}
-
-	$board_config['default_lang'] = $default_lang;
-
 	include($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_main.' . $phpEx);
 
 	if ( defined('IN_ADMIN') )
@@ -442,9 +333,9 @@ function setup_style($style)
 {
 	global $db, $board_config, $template, $images, $phpbb_root_path;
 
-	$sql = 'SELECT *
-		FROM ' . THEMES_TABLE . '
-		WHERE themes_id = ' . (int) $style;
+	$sql = "SELECT *
+		FROM " . THEMES_TABLE . "
+		WHERE themes_id = $style";
 	if ( !($result = $db->sql_query($sql)) )
 	{
 		message_die(CRITICAL_ERROR, 'Could not query database for theme info');
@@ -452,40 +343,7 @@ function setup_style($style)
 
 	if ( !($row = $db->sql_fetchrow($result)) )
 	{
-		// We are trying to setup a style which does not exist in the database
-		// Try to fallback to the board default (if the user had a custom style)
-		// and then any users using this style to the default if it succeeds
-		if ( $style != $board_config['default_style'])
-		{
-			$sql = 'SELECT *
-				FROM ' . THEMES_TABLE . '
-				WHERE themes_id = ' . (int) $board_config['default_style'];
-			if ( !($result = $db->sql_query($sql)) )
-			{
-				message_die(CRITICAL_ERROR, 'Could not query database for theme info');
-			}
-
-			if ( $row = $db->sql_fetchrow($result) )
-			{
-				$db->sql_freeresult($result);
-
-				$sql = 'UPDATE ' . USERS_TABLE . '
-					SET user_style = ' . (int) $board_config['default_style'] . "
-					WHERE user_style = $style";
-				if ( !($result = $db->sql_query($sql)) )
-				{
-					message_die(CRITICAL_ERROR, 'Could not update user theme info');
-				}
-			}
-			else
-			{
-				message_die(CRITICAL_ERROR, "Could not get theme data for themes_id [$style]");
-			}
-		}
-		else
-		{
-			message_die(CRITICAL_ERROR, "Could not get theme data for themes_id [$style]");
-		}
+		message_die(CRITICAL_ERROR, "Could not get theme data for themes_id [$style]");
 	}
 
 	$template_path = 'templates/' ;
@@ -681,7 +539,7 @@ function obtain_word_list(&$orig_word, &$replacement_word)
 	{
 		do 
 		{
-			$orig_word[] = '#\b(' . str_replace('\*', '\w*?', preg_quote($row['word'], '#')) . ')\b#i';
+			$orig_word[] = '#\b(' . str_replace('\*', '\w*?', phpbb_preg_quote($row['word'], '#')) . ')\b#i';
 			$replacement_word[] = $row['replacement'];
 		}
 		while ( $row = $db->sql_fetchrow($result) );
@@ -720,7 +578,7 @@ function message_die($msg_code, $msg_text = '', $msg_title = '', $err_line = '',
 		die("message_die() was called multiple times. This isn't supposed to happen. Was message_die() used in page_tail.php?");
 	}
 	
-	define('HAS_DIED', 1);
+	define(HAS_DIED, 1);
 	
 
 	$sql_store = $sql;
@@ -747,7 +605,7 @@ function message_die($msg_code, $msg_text = '', $msg_title = '', $err_line = '',
 
 		if ( $err_line != '' && $err_file != '' )
 		{
-			$debug_text .= '<br /><br />Line : ' . $err_line . '<br />File : ' . basename($err_file);
+			$debug_text .= '</br /><br />Line : ' . $err_line . '<br />File : ' . basename($err_file);
 		}
 	}
 
@@ -774,7 +632,11 @@ function message_die($msg_code, $msg_text = '', $msg_title = '', $err_line = '',
 			}
 		}
 
-		if ( empty($template) || empty($theme) )
+		if ( empty($template) )
+		{
+			$template = new Template($phpbb_root_path . 'templates/' . $board_config['board_template']);
+		}
+		if ( empty($theme) )
 		{
 			$theme = setup_style($board_config['default_style']);
 		}
@@ -917,7 +779,7 @@ function redirect($url)
 		$db->sql_close();
 	}
 
-	if (strstr(urldecode($url), "\n") || strstr(urldecode($url), "\r") || strstr(urldecode($url), ';url'))
+	if (strstr(urldecode($url), "\n") || strstr(urldecode($url), "\r"))
 	{
 		message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.');
 	}

phpBB/includes/functions_admin.php

@@ -26,14 +26,13 @@
 //
 function make_forum_select($box_name, $ignore_forum = false, $select_forum = '')
 {
-	global $db, $userdata, $lang;
+	global $db, $userdata;
 
 	$is_auth_ary = auth(AUTH_READ, AUTH_LIST_ALL, $userdata);
 
-	$sql = 'SELECT f.forum_id, f.forum_name
-		FROM ' . CATEGORIES_TABLE . ' c, ' . FORUMS_TABLE . ' f
-		WHERE f.cat_id = c.cat_id 
-		ORDER BY c.cat_order, f.forum_order';
+	$sql = "SELECT forum_id, forum_name
+		FROM " . FORUMS_TABLE . " 
+		ORDER BY cat_id, forum_order";
 	if ( !($result = $db->sql_query($sql)) )
 	{
 		message_die(GENERAL_ERROR, 'Couldn not obtain forums information', '', __LINE__, __FILE__, $sql);
@@ -49,7 +48,7 @@ function make_forum_select($box_name, $ignore_forum = false, $select_forum = '')
 		}
 	}
 
-	$forum_list = ( $forum_list == '' ) ? $lang['No_forums'] : '<select name="' . $box_name . '">' . $forum_list . '</select>';
+	$forum_list = ( $forum_list == '' ) ? '<option value="-1">-- ! No Forums ! --</option>' : '<select name="' . $box_name . '">' . $forum_list . '</select>';
 
 	return $forum_list;
 }
@@ -141,45 +140,10 @@ function sync($type, $id = false)
 
 			if ( $row = $db->sql_fetchrow($result) )
 			{
-				if ($row['total_posts'])
+				$sql = ( $row['total_posts'] ) ? "UPDATE " . TOPICS_TABLE . " SET topic_replies = " . ( $row['total_posts'] - 1 ) . ", topic_first_post_id = " . $row['first_post'] . ", topic_last_post_id = " . $row['last_post'] . " WHERE topic_id = $id" : "DELETE FROM " . TOPICS_TABLE . " WHERE topic_id = $id";
+				if ( !$db->sql_query($sql) )
 				{
-					// Correct the details of this topic
-					$sql = 'UPDATE ' . TOPICS_TABLE . ' 
-						SET topic_replies = ' . ($row['total_posts'] - 1) . ', topic_first_post_id = ' . $row['first_post'] . ', topic_last_post_id = ' . $row['last_post'] . "
-						WHERE topic_id = $id";
-
-					if (!$db->sql_query($sql))
-					{
-						message_die(GENERAL_ERROR, 'Could not update topic', '', __LINE__, __FILE__, $sql);
-					}
-				}
-				else
-				{
-					// There are no replies to this topic
-					// Check if it is a move stub
-					$sql = 'SELECT topic_moved_id 
-						FROM ' . TOPICS_TABLE . " 
-						WHERE topic_id = $id";
-
-					if (!($result = $db->sql_query($sql)))
-					{
-						message_die(GENERAL_ERROR, 'Could not get topic ID', '', __LINE__, __FILE__, $sql);
-					}
-
-					if ($row = $db->sql_fetchrow($result))
-					{
-						if (!$row['topic_moved_id'])
-						{
-							$sql = 'DELETE FROM ' . TOPICS_TABLE . " WHERE topic_id = $id";
-			
-							if (!$db->sql_query($sql))
-							{
-								message_die(GENERAL_ERROR, 'Could not remove topic', '', __LINE__, __FILE__, $sql);
-							}
-						}
-					}
-
-					$db->sql_freeresult($result);
+					message_die(GENERAL_ERROR, 'Could not update topic', '', __LINE__, __FILE__, $sql);
 				}
 			}
 			break;

phpBB/includes/functions_post.php

@@ -25,8 +25,8 @@ if (!defined('IN_PHPBB'))
 	die('Hacking attempt');
 }
 
-$html_entities_match = array('#&(?!(\#[0-9]+;))#', '#<#', '#>#', '#"#');
-$html_entities_replace = array('&amp;', '&lt;', '&gt;', '&quot;');
+$html_entities_match = array('#&(?!(\#[0-9]+;))#', '#<#', '#>#');
+$html_entities_replace = array('&amp;', '&lt;', '&gt;');
 
 $unhtml_specialchars_match = array('#&gt;#', '#&lt;#', '#&quot;#', '#&amp;#');
 $unhtml_specialchars_replace = array('>', '<', '"', '&');
@@ -46,26 +46,57 @@ function prepare_message($message, $html_on, $bbcode_on, $smile_on, $bbcode_uid
 
 	if ($html_on)
 	{
-		// If HTML is on, we try to make it safe
-		// This approach is quite agressive and anything that does not look like a valid tag
-		// is going to get converted to HTML entities
-		$message = stripslashes($message);
-		$html_match = '#<[^\w<]*(\w+)((?:"[^"]*"|\'[^\']*\'|[^<>\'"])+)?>#';
-		$matches = array();
+		$allowed_html_tags = split(',', $board_config['allow_html_tags']);
 
-		$message_split = preg_split($html_match, $message);
-		preg_match_all($html_match, $message, $matches);
+		$end_html = 0;
+		$start_html = 1;
+		$tmp_message = '';
+		$message = ' ' . $message . ' ';
 
-		$message = '';
-
-		foreach ($message_split as $part)
+		while ($start_html = strpos($message, '<', $start_html))
 		{
-			$tag = array(array_shift($matches[0]), array_shift($matches[1]), array_shift($matches[2]));
-			$message .= preg_replace($html_entities_match, $html_entities_replace, $part) . clean_html($tag);
+			$tmp_message .= preg_replace($html_entities_match, $html_entities_replace, substr($message, $end_html + 1, ($start_html - $end_html - 1)));
+
+			if ($end_html = strpos($message, '>', $start_html))
+			{
+				$length = $end_html - $start_html + 1;
+				$hold_string = substr($message, $start_html, $length);
+
+				if (($unclosed_open = strrpos(' ' . $hold_string, '<')) != 1)
+				{
+					$tmp_message .= preg_replace($html_entities_match, $html_entities_replace, substr($hold_string, 0, $unclosed_open - 1));
+					$hold_string = substr($hold_string, $unclosed_open - 1);
+				}
+
+				$tagallowed = false;
+				for ($i = 0; $i < sizeof($allowed_html_tags); $i++)
+				{
+					$match_tag = trim($allowed_html_tags[$i]);
+					if (preg_match('#^<\/?' . $match_tag . '[> ]#i', $hold_string))
+					{
+						$tagallowed = (preg_match('#^<\/?' . $match_tag . ' .*?(style[\t ]*?=|on[\w]+[\t ]*?=)#i', $hold_string)) ? false : true;
+					}
+				}
+
+				$tmp_message .= ($length && !$tagallowed) ? preg_replace($html_entities_match, $html_entities_replace, $hold_string) : $hold_string;
+
+				$start_html += $length;
+			}
+			else
+			{
+				$tmp_message .= preg_replace($html_entities_match, $html_entities_replace, substr($message, $start_html, strlen($message)));
+
+				$start_html = strlen($message);
+				$end_html = $start_html;
+			}
 		}
 
-		$message = addslashes($message);
-		$message = str_replace('&quot;', '\&quot;', $message);
+		if (!$end_html || ($end_html != strlen($message) && $tmp_message != ''))
+		{
+			$tmp_message .= preg_replace($html_entities_match, $html_entities_replace, substr($message, $end_html + 1));
+		}
+
+		$message = ($tmp_message != '') ? trim($tmp_message) : trim($message);
 	}
 	else
 	{
@@ -156,7 +187,7 @@ function prepare_post(&$mode, &$post_data, &$bbcode_on, &$html_on, &$smilies_on,
 				$option_text = trim($option_text);
 				if (!empty($option_text))
 				{
-					$temp_option_text[intval($option_id)] = htmlspecialchars($option_text);
+					$temp_option_text[$option_id] = htmlspecialchars($option_text);
 				}
 			}
 			$option_text = $temp_option_text;
@@ -182,7 +213,7 @@ function prepare_post(&$mode, &$post_data, &$bbcode_on, &$html_on, &$smilies_on,
 //
 // Post a new topic/reply/poll or edit existing post/poll
 //
-function submit_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_id, &$post_id, &$poll_id, &$topic_type, &$bbcode_on, &$html_on, &$smilies_on, &$attach_sig, &$bbcode_uid, $post_username, $post_subject, $post_message, $poll_title, &$poll_options, &$poll_length)
+function submit_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_id, &$post_id, &$poll_id, &$topic_type, &$bbcode_on, &$html_on, &$smilies_on, &$attach_sig, &$bbcode_uid, &$post_username, &$post_subject, &$post_message, &$poll_title, &$poll_options, &$poll_length)
 {
 	global $board_config, $lang, $db, $phpbb_root_path, $phpEx;
 	global $userdata, $user_ip;
@@ -413,15 +444,12 @@ function update_post_stats(&$mode, &$post_data, &$forum_id, &$topic_id, &$post_i
 		$topic_update_sql .= 'topic_vote = 0';
 	}
 
-	if ($mode != 'poll_delete')
+	$sql = "UPDATE " . FORUMS_TABLE . " SET 
+		$forum_update_sql 
+		WHERE forum_id = $forum_id";
+	if (!$db->sql_query($sql))
 	{
-		$sql = "UPDATE " . FORUMS_TABLE . " SET 
-			$forum_update_sql 
-			WHERE forum_id = $forum_id";
-		if (!$db->sql_query($sql))
-		{
-			message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql);
-		}
+		message_die(GENERAL_ERROR, 'Error in posting', '', __LINE__, __FILE__, $sql);
 	}
 
 	if ($topic_update_sql != '')
@@ -550,7 +578,16 @@ function user_notification($mode, &$post_data, &$topic_title, &$forum_id, &$topi
 
 	$current_time = time();
 
-	if ($mode != 'delete')
+	if ($mode == 'delete')
+	{
+		$delete_sql = (!$post_data['first_post'] && !$post_data['last_post']) ? " AND user_id = " . $userdata['user_id'] : '';
+		$sql = "DELETE FROM " . TOPICS_WATCH_TABLE . " WHERE topic_id = $topic_id" . $delete_sql;
+		if (!$db->sql_query($sql))
+		{
+			message_die(GENERAL_ERROR, 'Could not change topic notify data', '', __LINE__, __FILE__, $sql);
+		}
+	}
+	else 
 	{
 		if ($mode == 'reply')
 		{
@@ -732,7 +769,7 @@ function generate_smilies($mode, $page_id)
 
 		$gen_simple_header = TRUE;
 
-		$page_title = $lang['Emoticons'];
+		$page_title = $lang['Emoticons'] . " - $topic_title";
 		include($phpbb_root_path . 'includes/page_header.'.$phpEx);
 
 		$template->set_filenames(array(
@@ -822,66 +859,4 @@ function generate_smilies($mode, $page_id)
 	}
 }
 
-/**
-* Called from within prepare_message to clean included HTML tags if HTML is
-* turned on for that post
-* @param array $tag Matching text from the message to parse
-*/
-function clean_html($tag)
-{
-	global $board_config;
-
-	if (empty($tag[0]))
-	{
-		return '';
-	}
-
-	$allowed_html_tags = preg_split('/, */', strtolower($board_config['allow_html_tags']));
-	$disallowed_attributes = '/^(?:style|on)/i';
-
-	// Check if this is an end tag
-	preg_match('/<[^\w\/]*\/[\W]*(\w+)/', $tag[0], $matches);
-	if (sizeof($matches))
-	{
-		if (in_array(strtolower($matches[1]), $allowed_html_tags))
-		{
-			return  '</' . $matches[1] . '>';
-		}
-		else
-		{
-			return  htmlspecialchars('</' . $matches[1] . '>');
-		}
-	}
-
-	// Check if this is an allowed tag
-	if (in_array(strtolower($tag[1]), $allowed_html_tags))
-	{
-		$attributes = '';
-		if (!empty($tag[2]))
-		{
-			preg_match_all('/[\W]*?(\w+)[\W]*?=[\W]*?(["\'])((?:(?!\2).)*)\2/', $tag[2], $test);
-			for ($i = 0; $i < sizeof($test[0]); $i++)
-			{
-				if (preg_match($disallowed_attributes, $test[1][$i]))
-				{
-					continue;
-				}
-				$attributes .= ' ' . $test[1][$i] . '=' . $test[2][$i] . str_replace(array('[', ']'), array('&#91;', '&#93;'), htmlspecialchars($test[3][$i])) . $test[2][$i];
-			}
-		}
-		if (in_array(strtolower($tag[1]), $allowed_html_tags))
-		{
-			return '<' . $tag[1] . $attributes . '>';
-		}
-		else
-		{
-			return htmlspecialchars('<' . $tag[1] . $attributes . '>');
-		}
-	}
-	// Finally, this is not an allowed tag so strip all the attibutes and escape it
-	else
-	{
-		return htmlspecialchars('<' .   $tag[1] . '>');
-	}
-}
 ?>

phpBB/includes/functions_search.php

@@ -89,7 +89,7 @@ function clean_words($mode, &$entry, &$stopword_list, &$synonym_list)
 	return $entry;
 }
 
-function split_words($entry, $mode = 'post')
+function split_words(&$entry, $mode = 'post')
 {
 	// If you experience problems with the new method, uncomment this block.
 /*	

phpBB/includes/functions_validate.php

@@ -30,15 +30,17 @@ function validate_username($username)
 	global $db, $lang, $userdata;
 
 	// Remove doubled up spaces
-	$username = preg_replace('#\s+#', ' ', trim($username)); 
-	$username = phpbb_clean_username($username);
+	$username = preg_replace('#\s+#', ' ', $username); 
+	// Limit username length
+	$username = substr(str_replace("\'", "'", $username), 0, 25);
+	$username = str_replace("'", "''", $username);
 
 	$sql = "SELECT username 
-		FROM " . USERS_TABLE . "
+		FROM " . USERS_TABLE . " 
 		WHERE LOWER(username) = '" . strtolower($username) . "'";
 	if ($result = $db->sql_query($sql))
 	{
-		while ($row = $db->sql_fetchrow($result))
+		if ($row = $db->sql_fetchrow($result))
 		{
 			if (($userdata['session_logged_in'] && $row['username'] != $userdata['username']) || !$userdata['session_logged_in'])
 			{
@@ -70,7 +72,7 @@ function validate_username($username)
 		{
 			do
 			{
-				if (preg_match("#\b(" . str_replace("\*", ".*?", preg_quote($row['disallow_username'], '#')) . ")\b#i", $username))
+				if (preg_match("#\b(" . str_replace("\*", ".*?", phpbb_preg_quote($row['disallow_username'], '#')) . ")\b#i", $username))
 				{
 					$db->sql_freeresult($result);
 					return array('error' => true, 'error_msg' => $lang['Username_disallowed']);
@@ -89,7 +91,7 @@ function validate_username($username)
 		{
 			do
 			{
-				if (preg_match("#\b(" . str_replace("\*", ".*?", preg_quote($row['word'], '#')) . ")\b#i", $username))
+				if (preg_match("#\b(" . str_replace("\*", ".*?", phpbb_preg_quote($row['word'], '#')) . ")\b#i", $username))
 				{
 					$db->sql_freeresult($result);
 					return array('error' => true, 'error_msg' => $lang['Username_disallowed']);
@@ -101,7 +103,7 @@ function validate_username($username)
 	$db->sql_freeresult($result);
 
 	// Don't allow " and ALT-255 in username.
-	if (strstr($username, '"') || strstr($username, '"') || strstr($username, chr(160)) || strstr($username, chr(173)))
+	if (strstr($username, '"') || strstr($username, '"') || strstr($username, chr(160)))
 	{
 		return array('error' => true, 'error_msg' => $lang['Username_invalid']);
 	}

phpBB/includes/page_header.php

@@ -450,14 +450,6 @@ $template->assign_vars(array(
 if ( !$userdata['session_logged_in'] )
 {
 	$template->assign_block_vars('switch_user_logged_out', array());
-	//
-	// Allow autologin?
-	//
-	if (!isset($board_config['allow_autologin']) || $board_config['allow_autologin'] )
-	{
-		$template->assign_block_vars('switch_allow_autologin', array());
-		$template->assign_block_vars('switch_user_logged_out.switch_allow_autologin', array());
-	}
 }
 else
 {

phpBB/includes/page_tail.php

@@ -25,8 +25,6 @@ if ( !defined('IN_PHPBB') )
 	die('Hacking attempt');
 }
 
-global $do_gzip_compress;
-
 //
 // Show the overall footer.
 //
@@ -37,7 +35,7 @@ $template->set_filenames(array(
 );
 
 $template->assign_vars(array(
-	'TRANSLATION_INFO' => (isset($lang['TRANSLATION_INFO'])) ? $lang['TRANSLATION_INFO'] : ((isset($lang['TRANSLATION'])) ? $lang['TRANSLATION'] : ''),
+	'TRANSLATION_INFO' => ( isset($lang['TRANSLATION_INFO']) ) ? $lang['TRANSLATION_INFO'] : '',
 	'ADMIN_LINK' => $admin_link)
 );
 

phpBB/includes/prune.php

@@ -31,21 +31,6 @@ function prune($forum_id, $prune_date, $prune_all = false)
 {
 	global $db, $lang;
 
-	// Before pruning, lets try to clean up the invalid topic entries
-	$sql = 'SELECT topic_id FROM ' . TOPICS_TABLE . '
-		WHERE topic_last_post_id = 0';
-	if ( !($result = $db->sql_query($sql)) )
-	{
-		message_die(GENERAL_ERROR, 'Could not obtain lists of topics to sync', '', __LINE__, __FILE__, $sql);
-	}
-
-	while( $row = $db->sql_fetchrow($result) )
-	{
-		sync('topic', $row['topic_id']);
-	}
-
-	$db->sql_freeresult($result);
-
 	$prune_all = ($prune_all) ? '' : 'AND t.topic_vote = 0 AND t.topic_type <> ' . POST_ANNOUNCE;
 	//
 	// Those without polls and announcements ... unless told otherwise!
@@ -54,7 +39,8 @@ function prune($forum_id, $prune_date, $prune_all = false)
 		FROM " . POSTS_TABLE . " p, " . TOPICS_TABLE . " t
 		WHERE t.forum_id = $forum_id
 			$prune_all 
-			AND p.post_id = t.topic_last_post_id";
+			AND ( p.post_id = t.topic_last_post_id 
+				OR t.topic_last_post_id = 0 )";
 	if ( $prune_date != '' )
 	{
 		$sql .= " AND p.post_time < $prune_date";

phpBB/includes/sessions.php

@@ -57,90 +57,73 @@ function session_begin($user_id, $user_ip, $page_id, $auto_create = 0, $enable_a
 
 	$last_visit = 0;
 	$current_time = time();
+	$expiry_time = $current_time - $board_config['session_length'];
 
 	//
-	// Are auto-logins allowed?
-	// If allow_autologin is not set or is true then they are
-	// (same behaviour as old 2.0.x session code)
+	// Try and pull the last time stored in a cookie, if it exists
 	//
-	if (isset($board_config['allow_autologin']) && !$board_config['allow_autologin'])
+	$sql = "SELECT * 
+		FROM " . USERS_TABLE . " 
+		WHERE user_id = $user_id";
+	if ( !($result = $db->sql_query($sql)) )
 	{
-		$enable_autologin = $sessiondata['autologinid'] = false;
+		message_die(CRITICAL_ERROR, 'Could not obtain lastvisit data from user table', '', __LINE__, __FILE__, $sql);
 	}
 
-	// 
-	// First off attempt to join with the autologin value if we have one
-	// If not, just use the user_id value
-	//
-	$userdata = array();
+	$userdata = $db->sql_fetchrow($result);
 
-	if ($user_id != ANONYMOUS)
+	if ( $user_id != ANONYMOUS )
 	{
-		if (isset($sessiondata['autologinid']) && (string) $sessiondata['autologinid'] != '' && $user_id)
-		{
-			$sql = 'SELECT u.* 
-				FROM ' . USERS_TABLE . ' u, ' . SESSIONS_KEYS_TABLE . ' k
-				WHERE u.user_id = ' . (int) $user_id . "
-					AND u.user_active = 1
-					AND k.user_id = u.user_id
-					AND k.key_id = '" . md5($sessiondata['autologinid']) . "'";
-			if (!($result = $db->sql_query($sql)))
-			{
-				message_die(CRITICAL_ERROR, 'Error doing DB query userdata row fetch', '', __LINE__, __FILE__, $sql);
-			}
+		$auto_login_key = $userdata['user_password'];
 
-			$userdata = $db->sql_fetchrow($result);
-			$db->sql_freeresult($result);
-		
-			$enable_autologin = $login = 1;
+		if ( $auto_create )
+		{
+			if ( isset($sessiondata['autologinid']) && $userdata['user_active'] )
+			{
+				// We have to login automagically
+				if( $sessiondata['autologinid'] === $auto_login_key )
+				{
+					// autologinid matches password
+					$login = 1;
+					$enable_autologin = 1;
+				}
+				else
+				{
+					// No match; don't login, set as anonymous user
+					$login = 0; 
+					$enable_autologin = 0; 
+					$user_id = $userdata['user_id'] = ANONYMOUS;
+				
+					$sql = 'SELECT * FROM ' . USERS_TABLE . ' WHERE user_id = ' . ANONYMOUS;
+					$result = $db->sql_query($sql);
+					$userdata = $db->sql_fetchrow($result);
+					$db->sql_freeresult($result);
+				}
+			}
+			else
+			{
+				// Autologin is not set. Don't login, set as anonymous user
+				$login = 0;
+				$enable_autologin = 0;
+				$user_id = $userdata['user_id'] = ANONYMOUS;
+
+				$sql = 'SELECT * FROM ' . USERS_TABLE . ' WHERE user_id = ' . ANONYMOUS;
+				$result = $db->sql_query($sql);
+				$userdata = $db->sql_fetchrow($result);
+				$db->sql_freeresult($result);
+			}
 		}
-		else if (!$auto_create)
+		else
 		{
-			$sessiondata['autologinid'] = '';
-			$sessiondata['userid'] = $user_id;
-
-			$sql = 'SELECT *
-				FROM ' . USERS_TABLE . '
-				WHERE user_id = ' . (int) $user_id . '
-					AND user_active = 1';
-			if (!($result = $db->sql_query($sql)))
-			{
-				message_die(CRITICAL_ERROR, 'Error doing DB query userdata row fetch', '', __LINE__, __FILE__, $sql);
-			}
-
-			$userdata = $db->sql_fetchrow($result);
-			$db->sql_freeresult($result);
-
 			$login = 1;
 		}
 	}
-
-	//
-	// At this point either $userdata should be populated or
-	// one of the below is true
-	// * Key didn't match one in the DB
-	// * User does not exist
-	// * User is inactive
-	//
-	if (!sizeof($userdata) || !is_array($userdata) || !$userdata)
+	else
 	{
-		$sessiondata['autologinid'] = '';
-		$sessiondata['userid'] = $user_id = ANONYMOUS;
-		$enable_autologin = $login = 0;
-
-		$sql = 'SELECT *
-			FROM ' . USERS_TABLE . '
-			WHERE user_id = ' . (int) $user_id;
-		if (!($result = $db->sql_query($sql)))
-		{
-			message_die(CRITICAL_ERROR, 'Error doing DB query userdata row fetch', '', __LINE__, __FILE__, $sql);
-		}
-
-		$userdata = $db->sql_fetchrow($result);
-		$db->sql_freeresult($result);
+		$login = 0;
+		$enable_autologin = 0;
 	}
 
-
 	//
 	// Initial ban check against user id, IP and email address
 	//
@@ -177,7 +160,9 @@ function session_begin($user_id, $user_ip, $page_id, $auto_create = 0, $enable_a
 			AND session_ip = '$user_ip'";
 	if ( !$db->sql_query($sql) || !$db->sql_affectedrows() )
 	{
-		$session_id = md5(dss_rand());
+		list($sec, $usec) = explode(' ', microtime());
+		mt_srand((float) $sec + ((float) $usec * 100000));
+		$session_id = md5(uniqid(mt_rand(), true));
 
 		$sql = "INSERT INTO " . SESSIONS_TABLE . "
 			(session_id, session_user_id, session_start, session_time, session_ip, session_page, session_logged_in, session_admin)
@@ -189,7 +174,7 @@ function session_begin($user_id, $user_ip, $page_id, $auto_create = 0, $enable_a
 	}
 
 	if ( $user_id != ANONYMOUS )
-	{
+	{// ( $userdata['user_session_time'] > $expiry_time && $auto_create ) ? $userdata['user_lastvisit'] : ( 
 		$last_visit = ( $userdata['user_session_time'] > 0 ) ? $userdata['user_session_time'] : $current_time; 
 
 		if (!$admin)
@@ -205,39 +190,7 @@ function session_begin($user_id, $user_ip, $page_id, $auto_create = 0, $enable_a
 
 		$userdata['user_lastvisit'] = $last_visit;
 
-		//
-		// Regenerate the auto-login key
-		//
-		if ($enable_autologin)
-		{
-			$auto_login_key = dss_rand() . dss_rand();
-			
-			if (isset($sessiondata['autologinid']) && (string) $sessiondata['autologinid'] != '')
-			{
-				$sql = 'UPDATE ' . SESSIONS_KEYS_TABLE . "
-					SET last_ip = '$user_ip', key_id = '" . md5($auto_login_key) . "', last_login = $current_time
-					WHERE key_id = '" . md5($sessiondata['autologinid']) . "'";
-			}
-			else
-			{
-				$sql = 'INSERT INTO ' . SESSIONS_KEYS_TABLE . "(key_id, user_id, last_ip, last_login)
-					VALUES ('" . md5($auto_login_key) . "', $user_id, '$user_ip', $current_time)";
-			}
-
-			if ( !$db->sql_query($sql) )
-			{
-				message_die(CRITICAL_ERROR, 'Error updating session key', '', __LINE__, __FILE__, $sql);
-			}
-			
-			$sessiondata['autologinid'] = $auto_login_key;
-			unset($auto_login_key);
-		}
-		else
-		{
-			$sessiondata['autologinid'] = '';
-		}
-
-//		$sessiondata['autologinid'] = (!$admin) ? (( $enable_autologin && $sessionmethod == SESSION_METHOD_COOKIE ) ? $auto_login_key : '') : $sessiondata['autologinid'];
+		$sessiondata['autologinid'] = (!$admin) ? (( $enable_autologin && $sessionmethod == SESSION_METHOD_COOKIE ) ? $auto_login_key : '') : $sessiondata['autologinid'];
 		$sessiondata['userid'] = $user_id;
 	}
 
@@ -249,7 +202,6 @@ function session_begin($user_id, $user_ip, $page_id, $auto_create = 0, $enable_a
 	$userdata['session_start'] = $current_time;
 	$userdata['session_time'] = $current_time;
 	$userdata['session_admin'] = $admin;
-	$userdata['session_key'] = $sessiondata['autologinid'];
 
 	setcookie($cookiename . '_data', serialize($sessiondata), $current_time + 31536000, $cookiepath, $cookiedomain, $cookiesecure);
 	setcookie($cookiename . '_sid', $session_id, 0, $cookiepath, $cookiedomain, $cookiesecure);
@@ -361,18 +313,23 @@ function session_pagestart($user_ip, $thispage_id)
 						}
 					}
 
-					session_clean($userdata['session_id']);
+					//
+					// Delete expired sessions
+					//
+					$expiry_time = $current_time - $board_config['session_length'];
+
+					$sql = "DELETE FROM " . SESSIONS_TABLE . " 
+						WHERE session_time < $expiry_time 
+							AND session_id <> '$session_id'";
+					if ( !$db->sql_query($sql) )
+					{
+						message_die(CRITICAL_ERROR, 'Error clearing sessions table', '', __LINE__, __FILE__, $sql);
+					}
 
 					setcookie($cookiename . '_data', serialize($sessiondata), $current_time + 31536000, $cookiepath, $cookiedomain, $cookiesecure);
 					setcookie($cookiename . '_sid', $session_id, 0, $cookiepath, $cookiedomain, $cookiesecure);
 				}
 
-				// Add the session_key to the userdata array if it is set
-				if ( isset($sessiondata['autologinid']) && $sessiondata['autologinid'] != '' )
-				{
-					$userdata['session_key'] = $sessiondata['autologinid'];
-				}
-
 				return $userdata;
 			}
 		}
@@ -393,14 +350,14 @@ function session_pagestart($user_ip, $thispage_id)
 
 }
 
-/**
-* Terminates the specified session
-* It will delete the entry in the sessions table for this session,
-* remove the corresponding auto-login key and reset the cookies
-*/
+//
+// session_end closes out a session
+// deleting the corresponding entry
+// in the sessions table
+//
 function session_end($session_id, $user_id)
 {
-	global $db, $lang, $board_config, $userdata;
+	global $db, $lang, $board_config;
 	global $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $SID;
 
 	$cookiename = $board_config['cookie_name'];
@@ -410,6 +367,20 @@ function session_end($session_id, $user_id)
 
 	$current_time = time();
 
+	//
+	// Pull cookiedata or grab the URI propagated sid
+	//
+	if ( isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) )
+	{
+		$session_id = isset( $HTTP_COOKIE_VARS[$cookiename . '_sid'] ) ? $HTTP_COOKIE_VARS[$cookiename . '_sid'] : '';
+		$sessionmethod = SESSION_METHOD_COOKIE;
+	}
+	else
+	{
+		$session_id = ( isset($HTTP_GET_VARS['sid']) ) ? $HTTP_GET_VARS['sid'] : '';
+		$sessionmethod = SESSION_METHOD_GET;
+	}
+
 	if (!preg_match('/^[A-Za-z0-9]*$/', $session_id))
 	{
 		return;
@@ -418,7 +389,7 @@ function session_end($session_id, $user_id)
 	//
 	// Delete existing session
 	//
-	$sql = 'DELETE FROM ' . SESSIONS_TABLE . " 
+	$sql = "DELETE FROM " . SESSIONS_TABLE . " 
 		WHERE session_id = '$session_id' 
 			AND session_user_id = $user_id";
 	if ( !$db->sql_query($sql) )
@@ -426,137 +397,12 @@ function session_end($session_id, $user_id)
 		message_die(CRITICAL_ERROR, 'Error removing user session', '', __LINE__, __FILE__, $sql);
 	}
 
-	//
-	// Remove this auto-login entry (if applicable)
-	//
-	if ( isset($userdata['session_key']) && $userdata['session_key'] != '' )
-	{
-		$autologin_key = md5($userdata['session_key']);
-		$sql = 'DELETE FROM ' . SESSIONS_KEYS_TABLE . '
-			WHERE user_id = ' . (int) $user_id . "
-				AND key_id = '$autologin_key'";
-		if ( !$db->sql_query($sql) )
-		{
-			message_die(CRITICAL_ERROR, 'Error removing auto-login key', '', __LINE__, __FILE__, $sql);
-		}
-	}
-
-	//
-	// We expect that message_die will be called after this function,
-	// but just in case it isn't, reset $userdata to the details for a guest
-	//
-	$sql = 'SELECT *
-		FROM ' . USERS_TABLE . '
-		WHERE user_id = ' . ANONYMOUS;
-	if ( !($result = $db->sql_query($sql)) )
-	{
-		message_die(CRITICAL_ERROR, 'Error obtaining user details', '', __LINE__, __FILE__, $sql);
-	}
-	if ( !($userdata = $db->sql_fetchrow($result)) )
-	{
-		message_die(CRITICAL_ERROR, 'Error obtaining user details', '', __LINE__, __FILE__, $sql);
-	}
-	$db->sql_freeresult($result);
-
-
 	setcookie($cookiename . '_data', '', $current_time - 31536000, $cookiepath, $cookiedomain, $cookiesecure);
 	setcookie($cookiename . '_sid', '', $current_time - 31536000, $cookiepath, $cookiedomain, $cookiesecure);
 
 	return true;
 }
 
-/**
-* Removes expired sessions and auto-login keys from the database
-*/
-function session_clean($session_id)
-{
-	global $board_config, $db;
-
-	//
-	// Delete expired sessions
-	//
-	$sql = 'DELETE FROM ' . SESSIONS_TABLE . ' 
-		WHERE session_time < ' . (time() - (int) $board_config['session_length']) . " 
-			AND session_id <> '$session_id'";
-	if ( !$db->sql_query($sql) )
-	{
-		message_die(CRITICAL_ERROR, 'Error clearing sessions table', '', __LINE__, __FILE__, $sql);
-	}
-
-	//
-	// Delete expired auto-login keys
-	// If max_autologin_time is not set then keys will never be deleted
-	// (same behaviour as old 2.0.x session code)
-	//
-	if (!empty($board_config['max_autologin_time']) && $board_config['max_autologin_time'] > 0)
-	{
-		$sql = 'DELETE FROM ' . SESSIONS_KEYS_TABLE . '
-			WHERE last_login < ' . (time() - (86400 * (int) $board_config['max_autologin_time']));
-		$db->sql_query($sql);
-	}
-
-	return true;
-}
-
-/**
-* Reset all login keys for the specified user
-* Called on password changes
-*/
-function session_reset_keys($user_id, $user_ip)
-{
-	global $db, $userdata, $board_config;
-
-	$key_sql = ($user_id == $userdata['user_id'] && !empty($userdata['session_key'])) ? "AND key_id != '" . md5($userdata['session_key']) . "'" : '';
-
-	$sql = 'DELETE FROM ' . SESSIONS_KEYS_TABLE . '
-		WHERE user_id = ' . (int) $user_id . "
-			$key_sql";
-
-	if ( !$db->sql_query($sql) )
-	{
-		message_die(CRITICAL_ERROR, 'Error removing auto-login keys', '', __LINE__, __FILE__, $sql);
-	}
-
-	$where_sql = 'session_user_id = ' . (int) $user_id;
-	$where_sql .= ($user_id == $userdata['user_id']) ? " AND session_id <> '" . $userdata['session_id'] . "'" : '';
-	$sql = 'DELETE FROM ' . SESSIONS_TABLE . "
-		WHERE $where_sql";
-	if ( !$db->sql_query($sql) )
-	{
-		message_die(CRITICAL_ERROR, 'Error removing user session(s)', '', __LINE__, __FILE__, $sql);
-	}
-
-	if ( !empty($key_sql) )
-	{
-		$auto_login_key = dss_rand() . dss_rand();
-
-		$current_time = time();
-		
-		$sql = 'UPDATE ' . SESSIONS_KEYS_TABLE . "
-			SET last_ip = '$user_ip', key_id = '" . md5($auto_login_key) . "', last_login = $current_time
-			WHERE key_id = '" . md5($userdata['session_key']) . "'";
-		
-		if ( !$db->sql_query($sql) )
-		{
-			message_die(CRITICAL_ERROR, 'Error updating session key', '', __LINE__, __FILE__, $sql);
-		}
-
-		// And now rebuild the cookie
-		$sessiondata['userid'] = $user_id;
-		$sessiondata['autologinid'] = $auto_login_key;
-		$cookiename = $board_config['cookie_name'];
-		$cookiepath = $board_config['cookie_path'];
-		$cookiedomain = $board_config['cookie_domain'];
-		$cookiesecure = $board_config['cookie_secure'];
-
-		setcookie($cookiename . '_data', serialize($sessiondata), $current_time + 31536000, $cookiepath, $cookiedomain, $cookiesecure);
-		
-		$userdata['session_key'] = $auto_login_key;
-		unset($sessiondata);
-		unset($auto_login_key);
-	}
-}
-
 //
 // Append $SID to a url. Borrowed from phplib and modified. This is an
 // extra routine utilised by the session code above and acts as a wrapper
@@ -569,7 +415,7 @@ function append_sid($url, $non_html_amp = false)
 
 	if ( !empty($SID) && !preg_match('#sid=#', $url) )
 	{
-		$url .= ( ( strpos($url, '?') !== false ) ?  ( ( $non_html_amp ) ? '&' : '&amp;' ) : '?' ) . $SID;
+		$url .= ( ( strpos($url, '?') != false ) ?  ( ( $non_html_amp ) ? '&' : '&amp;' ) : '?' ) . $SID;
 	}
 
 	return $url;

phpBB/includes/smtp.php

@@ -27,8 +27,7 @@ define('SMTP_INCLUDED', 1);
 // using SMTP Extensions
 //
 function server_parse($socket, $response, $line = __LINE__) 
-{
-	$server_response = '';
+{ 
 	while (substr($server_response, 3, 1) != ' ') 
 	{
 		if (!($server_response = fgets($socket, 256))) 

phpBB/includes/usercp_activate.php

@@ -47,18 +47,6 @@ if ( $row = $db->sql_fetchrow($result) )
 	}
 	else if ((trim($row['user_actkey']) == trim($HTTP_GET_VARS['act_key'])) && (trim($row['user_actkey']) != ''))
 	{
-		if (intval($board_config['require_activation']) == USER_ACTIVATION_ADMIN && $row['user_newpasswd'] == '')
-		{
-			if (!$userdata['session_logged_in'])
-			{
-				redirect(append_sid('login.' . $phpEx . '?redirect=profile.' . $phpEx . '&mode=activate&' . POST_USERS_URL . '=' . $row['user_id'] . '&act_key=' . trim($HTTP_GET_VARS['act_key'])));
-			}
-			else if ($userdata['user_level'] != ADMIN)
-			{
-				message_die(GENERAL_MESSAGE, $lang['Not_Authorised']);
-			}
-		}
-
 		$sql_update_pass = ( $row['user_newpasswd'] != '' ) ? ", user_password = '" . str_replace("\'", "''", $row['user_newpasswd']) . "', user_newpasswd = ''" : '';
 
 		$sql = "UPDATE " . USERS_TABLE . "

phpBB/includes/usercp_avatar.php

@@ -63,26 +63,19 @@ function user_avatar_delete($avatar_type, $avatar_file)
 	return ", user_avatar = '', user_avatar_type = " . USER_AVATAR_NONE;
 }
 
-function user_avatar_gallery($mode, &$error, &$error_msg, $avatar_filename, $avatar_category)
+function user_avatar_gallery($mode, &$error, &$error_msg, $avatar_filename)
 {
 	global $board_config;
 
-	$avatar_filename = phpbb_ltrim(basename($avatar_filename), "'");
-	$avatar_category = phpbb_ltrim(basename($avatar_category), "'");
-	
-	if(!preg_match('/(\.gif$|\.png$|\.jpg|\.jpeg)$/is', $avatar_filename))
+	$avatar_filename = str_replace(array('../', '..\\', './', '.\\'), '', $avatar_filename);
+	if ($avatar_filename{0} == '/' || $avatar_filename{0} == "\\")
 	{
 		return '';
 	}
 
-	if ($avatar_filename == "" || $avatar_category == "")
+	if ( file_exists(@phpbb_realpath($board_config['avatar_gallery_path'] . '/' . $avatar_filename)) && ($mode == 'editprofile') )
 	{
-		return '';
-	} 
-
-	if ( file_exists(@phpbb_realpath($board_config['avatar_gallery_path'] . '/' . $avatar_category . '/' . $avatar_filename)) && ($mode == 'editprofile') )
-	{
-		$return = ", user_avatar = '" . str_replace("\'", "''", $avatar_category . '/' . $avatar_filename) . "', user_avatar_type = " . USER_AVATAR_GALLERY;
+		$return = ", user_avatar = '" . str_replace("\'", "''", $avatar_filename) . "', user_avatar_type = " . USER_AVATAR_GALLERY;
 	}
 	else
 	{
@@ -93,15 +86,11 @@ function user_avatar_gallery($mode, &$error, &$error_msg, $avatar_filename, $ava
 
 function user_avatar_url($mode, &$error, &$error_msg, $avatar_filename)
 {
-	global $lang;
-
 	if ( !preg_match('#^(http)|(ftp):\/\/#i', $avatar_filename) )
 	{
 		$avatar_filename = 'http://' . $avatar_filename;
 	}
 
-	$avatar_filename = substr($avatar_filename, 0, 100);
-
 	if ( !preg_match("#^((ht|f)tp://)([^ \?&=\#\"\n\r\t<]*?(\.(jpg|jpeg|gif|png))$)#is", $avatar_filename) )
 	{
 		$error = true;
@@ -119,10 +108,7 @@ function user_avatar_upload($mode, $avatar_mode, &$current_avatar, &$current_typ
 
 	$ini_val = ( @phpversion() >= '4.0.0' ) ? 'ini_get' : 'get_cfg_var';
 
-	$width = $height = 0;
-	$type = '';
-
-	if ( $avatar_mode == 'remote' && preg_match('/^(http:\/\/)?([\w\-\.]+)\:?([0-9]*)\/([^ \?&=\#\"\n\r\t<]*?(\.(jpg|jpeg|gif|png)))$/', $avatar_filename, $url_ary) )
+	if ( $avatar_mode == 'remote' && preg_match('/^(http:\/\/)?([\w\-\.]+)\:?([0-9]*)\/(.*)$/', $avatar_filename, $url_ary) )
 	{
 		if ( empty($url_ary[4]) )
 		{
@@ -179,7 +165,7 @@ function user_avatar_upload($mode, $avatar_mode, &$current_avatar, &$current_typ
 				message_die(GENERAL_ERROR, 'Could not write avatar file to local storage. Please contact the board administrator with this message', '', __LINE__, __FILE__);
 			}
 
-			list($width, $height, $type) = @getimagesize($tmp_filename);
+			list($width, $height) = @getimagesize($tmp_filename);
 		}
 		else
 		{
@@ -205,7 +191,7 @@ function user_avatar_upload($mode, $avatar_mode, &$current_avatar, &$current_typ
 			return;
 		}
 
-		list($width, $height, $type) = @getimagesize($avatar_filename);
+		list($width, $height) = @getimagesize($avatar_filename);
 	}
 
 	if ( !($imgtype = check_image_type($avatar_filetype, $error, $error_msg)) )
@@ -213,51 +199,16 @@ function user_avatar_upload($mode, $avatar_mode, &$current_avatar, &$current_typ
 		return;
 	}
 
-	switch ($type)
-	{
-		// GIF
-		case 1:
-			if ($imgtype != '.gif')
-			{
-				@unlink($tmp_filename);
-				message_die(GENERAL_ERROR, 'Unable to upload file', '', __LINE__, __FILE__);
-			}
-		break;
-
-		// JPG, JPC, JP2, JPX, JB2
-		case 2:
-		case 9:
-		case 10:
-		case 11:
-		case 12:
-			if ($imgtype != '.jpg' && $imgtype != '.jpeg')
-			{
-				@unlink($tmp_filename);
-				message_die(GENERAL_ERROR, 'Unable to upload file', '', __LINE__, __FILE__);
-			}
-		break;
-
-		// PNG
-		case 3:
-			if ($imgtype != '.png')
-			{
-				@unlink($tmp_filename);
-				message_die(GENERAL_ERROR, 'Unable to upload file', '', __LINE__, __FILE__);
-			}
-		break;
-
-		default:
-			@unlink($tmp_filename);
-			message_die(GENERAL_ERROR, 'Unable to upload file', '', __LINE__, __FILE__);
-	}
-
 	if ( $width > 0 && $height > 0 && $width <= $board_config['avatar_max_width'] && $height <= $board_config['avatar_max_height'] )
 	{
 		$new_filename = uniqid(rand()) . $imgtype;
 
 		if ( $mode == 'editprofile' && $current_type == USER_AVATAR_UPLOAD && $current_avatar != '' )
 		{
-			user_avatar_delete($current_type, $current_avatar);
+			if ( file_exists(@phpbb_realpath('./' . $board_config['avatar_path'] . '/' . $current_avatar)) )
+			{
+				@unlink('./' . $board_config['avatar_path'] . '/' . $current_avatar);
+			}
 		}
 
 		if( $avatar_mode == 'remote' )
@@ -323,7 +274,7 @@ function display_avatar_gallery($mode, &$category, &$user_id, &$email, &$current
 			{
 				if( preg_match('/(\.gif$|\.png$|\.jpg|\.jpeg)$/is', $sub_file) )
 				{
-					$avatar_images[$file][$avatar_row_count][$avatar_col_count] = $sub_file; 
+					$avatar_images[$file][$avatar_row_count][$avatar_col_count] = $file . '/' . $sub_file; 
 					$avatar_name[$file][$avatar_row_count][$avatar_col_count] = ucfirst(str_replace("_", " ", preg_replace('/^(.*)\..*$/', '\1', $sub_file)));
 
 					$avatar_col_count++;
@@ -369,7 +320,7 @@ function display_avatar_gallery($mode, &$category, &$user_id, &$email, &$current
 		for($j = 0; $j < count($avatar_images[$category][$i]); $j++)
 		{
 			$template->assign_block_vars('avatar_row.avatar_column', array(
-				"AVATAR_IMAGE" => $board_config['avatar_gallery_path'] . '/' . $category . '/' . $avatar_images[$category][$i][$j], 
+				"AVATAR_IMAGE" => $board_config['avatar_gallery_path'] . '/' . $avatar_images[$category][$i][$j], 
 				"AVATAR_NAME" => $avatar_name[$category][$i][$j])
 			);
 
@@ -381,7 +332,7 @@ function display_avatar_gallery($mode, &$category, &$user_id, &$email, &$current
 
 	$params = array('coppa', 'user_id', 'username', 'email', 'current_email', 'cur_password', 'new_password', 'password_confirm', 'icq', 'aim', 'msn', 'yim', 'website', 'location', 'occupation', 'interests', 'signature', 'viewemail', 'notifypm', 'popup_pm', 'notifyreply', 'attachsig', 'allowhtml', 'allowbbcode', 'allowsmilies', 'hideonline', 'style', 'language', 'timezone', 'dateformat');
 
-	$s_hidden_vars = '<input type="hidden" name="sid" value="' . $session_id . '" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="avatarcatname" value="' . $category . '" />';
+	$s_hidden_vars = '<input type="hidden" name="sid" value="' . $session_id . '" /><input type="hidden" name="agreed" value="true" />';
 
 	for($i = 0; $i < count($params); $i++)
 	{

phpBB/includes/usercp_confirm.php

@@ -66,89 +66,109 @@ else
 	exit;
 }
 
-// We can we will generate a single filtered png 
-// Thanks to DavidMJ for emulating zlib within the code :)
-$_png = define_filtered_pngs();
-
-$total_width = 320;
-$total_height = 50;
-$img_height = 40;
-$img_width = 0;
-$l = 0;
-
-list($usec, $sec) = explode(' ', microtime()); 
-mt_srand($sec * $usec); 
-
-$char_widths = array();
-for ($i = 0; $i < strlen($code); $i++)
+// If we can we will generate a single filtered png else we will have to simply
+// output six seperate original pngs ... first way is preferable!
+if (@extension_loaded('zlib'))
 {
-	$char = $code{$i};
+	$_png = define_filtered_pngs();
 
-	$width = mt_rand(0, 4);
-	$char_widths[] = $width;
-	$img_width += $_png[$char]['width'] - $width;
-}
+	$total_width = 320;
+	$total_height = 50;
+	$img_height = 40;
+	$img_width = 0;
+	$l = 0;
 
-$offset_x = mt_rand(0, $total_width - $img_width);
-$offset_y = mt_rand(0, $total_height - $img_height);
+	list($usec, $sec) = explode(' ', microtime()); 
+	mt_srand($sec * $usec); 
 
-$image = '';
-$hold_chars = array();
-for ($i = 0; $i < $total_height; $i++)
-{
-	$image .= chr(0);
-
-	if ($i > $offset_y && $i < $offset_y + $img_height)
+	$char_widths = array();
+	for ($i = 0; $i < strlen($code); $i++)
 	{
-		$j = 0;
+		$char = $code{$i};
 
-		for ($k = 0; $k < $offset_x; $k++)
+		$width = mt_rand(0, 4);
+		$char_widths[] = $width;
+		$img_width += $_png[$char]['width'] - $width;
+	}
+
+	$offset_x = mt_rand(0, $total_width - $img_width);
+	$offset_y = mt_rand(0, $total_height - $img_height);
+
+	$image = '';
+	$hold_chars = array();
+	for ($i = 0; $i < $total_height; $i++)
+	{
+		$image .= chr(0);
+
+		if ($i > $offset_y && $i < $offset_y + $img_height)
 		{
-			$image .= chr(mt_rand(140, 255));
-		}
+			$j = 0;
 
-		for ($k = 0; $k < strlen($code); $k++)
-		{
-			$char = $code{$k};
-
-			if (empty($hold_chars[$char]))
+			for ($k = 0; $k < $offset_x; $k++)
 			{
-				$hold_chars[$char] = explode("\n", chunk_split(base64_decode($_png[$char]['data']), $_png[$char]['width'] + 1, "\n"));
+				$image .= chr(mt_rand(140, 255));
+			}
+
+			for ($k = 0; $k < strlen($code); $k++)
+			{
+				$char = $code{$k};
+
+				if (empty($hold_chars[$char]))
+				{
+					$hold_chars[$char] = explode("\n", chunk_split(base64_decode($_png[$char]['data']), $_png[$char]['width'] + 1, "\n"));
+				}
+				$image .= randomise(substr($hold_chars[$char][$l], 1), $char_widths[$j]);
+				$j++;
+			}
+
+			for ($k = $offset_x + $img_width; $k < $total_width; $k++)
+			{
+				$image .= chr(mt_rand(140, 255));
+			}
+
+			$l++;
+		}
+		else
+		{
+			for ($k = 0; $k < $total_width; $k++)
+			{
+				$image .= chr(mt_rand(140, 255));
 			}
-			$image .= randomise(substr($hold_chars[$char][$l], 1), $char_widths[$j]);
-			$j++;
 		}
 
-		for ($k = $offset_x + $img_width; $k < $total_width; $k++)
-		{
-			$image .= chr(mt_rand(140, 255));
-		}
+	}
+	unset($hold);
 
-		$l++;
-	}
-	else
-	{
-		for ($k = 0; $k < $total_width; $k++)
-		{
-			$image .= chr(mt_rand(140, 255));
-		}
-	}
+	$image = create_png(gzcompress($image), $total_width, $total_height);
+
+	// Output image
+	header('Content-Type: image/png');
+	header('Cache-control: no-cache, no-store');
+	echo $image;
+
+	unset($image);
+	unset($_png);
+	exit;
 
 }
-unset($hold);
+else
+{
+	if (!empty($HTTP_GET_VARS['c']))
+	{
+		$_png = define_raw_pngs();
 
-$image = create_png($image, $total_width, $total_height);
+		$char = substr($code, intval($HTTP_GET_VARS['c']) - 1, 1);
+		header('Content-Type: image/png');
+		header('Cache-control: no-cache, no-store');
+		echo base64_decode($_png[$char]);
 
-// Output image
-header('Content-Type: image/png');
-header('Cache-control: no-cache, no-store');
-echo $image;
+		unset($_png);
+		exit;
+	}
+}
 
-unset($image);
-unset($_png);
 exit;
 
-
 // This is designed to randomise the pixels of the image data within
 // certain limits so as to keep it readable. It also varies the image
 // width a little
@@ -195,7 +215,7 @@ function png_chunk($length, $type, $data)
 // http://www.libpng.org/pub/png/spec/PNG-Contents.html we use
 // png because it's a fully recognised open standard and supported
 // by practically all modern browsers and OSs
-function create_png($raw_image, $width, $height)
+function create_png($gzimage, $width, $height)
 {
 	// SIG
 	$image = pack('C8', 137, 80, 78, 71, 13, 10, 26, 10);
@@ -204,53 +224,8 @@ function create_png($raw_image, $width, $height)
 	$raw .= pack('C4', $height >> 24, $height >> 16, $height >> 8, $height);
 	$raw .= pack('C5', 8, 0, 0, 0, 0);
 	$image .= png_chunk(13, 'IHDR', $raw);
-
-	if (@extension_loaded('zlib'))
-	{
-		$raw_image = gzcompress($raw_image);
-		$length = strlen($raw_image);
-	}
-	else
-	{
-		// The total length of this image, uncompressed, is just a calculation of pixels
-		$length = ($width + 1) * $height;
-
-		// Adler-32 hash generation
-		// Optimized Adler-32 loop ported from the GNU Classpath project
-		$temp_length = $length;
-		$s1 = 1;
-		$s2 = $index = 0;
-
-		while ($temp_length > 0)
-		{
-			// We can defer the modulo operation:
-			// s1 maximally grows from 65521 to 65521 + 255 * 3800
-			// s2 maximally grows by 3800 * median(s1) = 2090079800 < 2^31
-			$substract_value = ($temp_length < 3800) ? $temp_length : 3800;
-			$temp_length -= $substract_value;
-
-			while (--$substract_value >= 0)
-			{
-				$s1 += ord($raw_image[$index]);
-				$s2 += $s1;
-
-				$index++;
-			}
-
-			$s1 %= 65521;
-			$s2 %= 65521;
-		}
-		$adler_hash = pack('N', ($s2 << 16) | $s1);
-
-		// This is the same thing as gzcompress($raw_image, 0) but does not need zlib
-		$raw_image = pack('C3v2', 0x78, 0x01, 0x01, $length, ~$length) . $raw_image . $adler_hash;
-
-		// The Zlib header + Adler hash make us add on 11
-		$length += 11;
-	}
-
 	// IDAT
-	$image .= png_chunk($length, 'IDAT', $raw_image);
+	$image .= png_chunk(strlen($gzimage), 'IDAT', $gzimage);
 	// IEND
 	$image .= png_chunk(0, 'IEND', '');
 

phpBB/includes/usercp_email.php

@@ -52,67 +52,84 @@ $sql = "SELECT username, user_email, user_viewemail, user_lang
 	WHERE user_id = $user_id";
 if ( $result = $db->sql_query($sql) )
 {
-	if ( $row = $db->sql_fetchrow($result) )
-	{
+	$row = $db->sql_fetchrow($result);
 
-		$username = $row['username'];
-		$user_email = $row['user_email']; 
-		$user_lang = $row['user_lang'];
-	
-		if ( $row['user_viewemail'] || $userdata['user_level'] == ADMIN )
+	$username = $row['username'];
+	$user_email = $row['user_email']; 
+	$user_lang = $row['user_lang'];
+
+	if ( $row['user_viewemail'] || $userdata['user_level'] == ADMIN )
+	{
+		if ( time() - $userdata['user_emailtime'] < $board_config['flood_interval'] )
 		{
-			if ( time() - $userdata['user_emailtime'] < $board_config['flood_interval'] )
+			message_die(GENERAL_MESSAGE, $lang['Flood_email_limit']);
+		}
+
+		if ( isset($HTTP_POST_VARS['submit']) )
+		{
+			$error = FALSE;
+
+			if ( !empty($HTTP_POST_VARS['subject']) )
 			{
-				message_die(GENERAL_MESSAGE, $lang['Flood_email_limit']);
+				$subject = trim(stripslashes($HTTP_POST_VARS['subject']));
 			}
-	
-			if ( isset($HTTP_POST_VARS['submit']) )
+			else
 			{
-				$error = FALSE;
-	
-				if ( !empty($HTTP_POST_VARS['subject']) )
+				$error = TRUE;
+				$error_msg = ( !empty($error_msg) ) ? $error_msg . '<br />' . $lang['Empty_subject_email'] : $lang['Empty_subject_email'];
+			}
+
+			if ( !empty($HTTP_POST_VARS['message']) )
+			{
+				$message = trim(stripslashes($HTTP_POST_VARS['message']));
+			}
+			else
+			{
+				$error = TRUE;
+				$error_msg = ( !empty($error_msg) ) ? $error_msg . '<br />' . $lang['Empty_message_email'] : $lang['Empty_message_email'];
+			}
+
+			if ( !$error )
+			{
+				$sql = "UPDATE " . USERS_TABLE . " 
+					SET user_emailtime = " . time() . " 
+					WHERE user_id = " . $userdata['user_id'];
+				if ( $result = $db->sql_query($sql) )
 				{
-					$subject = trim(stripslashes($HTTP_POST_VARS['subject']));
-				}
-				else
-				{
-					$error = TRUE;
-					$error_msg = ( !empty($error_msg) ) ? $error_msg . '<br />' . $lang['Empty_subject_email'] : $lang['Empty_subject_email'];
-				}
-	
-				if ( !empty($HTTP_POST_VARS['message']) )
-				{
-					$message = trim(stripslashes($HTTP_POST_VARS['message']));
-				}
-				else
-				{
-					$error = TRUE;
-					$error_msg = ( !empty($error_msg) ) ? $error_msg . '<br />' . $lang['Empty_message_email'] : $lang['Empty_message_email'];
-				}
-	
-				if ( !$error )
-				{
-					$sql = "UPDATE " . USERS_TABLE . " 
-						SET user_emailtime = " . time() . " 
-						WHERE user_id = " . $userdata['user_id'];
-					if ( $result = $db->sql_query($sql) )
+					include($phpbb_root_path . 'includes/emailer.'.$phpEx);
+					$emailer = new emailer($board_config['smtp_delivery']);
+
+					$emailer->from($userdata['user_email']);
+					$emailer->replyto($userdata['user_email']);
+
+					$email_headers = 'X-AntiAbuse: Board servername - ' . $server_name . "\n";
+					$email_headers .= 'X-AntiAbuse: User_id - ' . $userdata['user_id'] . "\n";
+					$email_headers .= 'X-AntiAbuse: Username - ' . $userdata['username'] . "\n";
+					$email_headers .= 'X-AntiAbuse: User IP - ' . decode_ip($user_ip) . "\n";
+
+					$emailer->use_template('profile_send_email', $user_lang);
+					$emailer->email_address($user_email);
+					$emailer->set_subject($subject);
+					$emailer->extra_headers($email_headers);
+
+					$emailer->assign_vars(array(
+						'SITENAME' => $board_config['sitename'], 
+						'BOARD_EMAIL' => $board_config['board_email'], 
+						'FROM_USERNAME' => $userdata['username'], 
+						'TO_USERNAME' => $username, 
+						'MESSAGE' => $message)
+					);
+					$emailer->send();
+					$emailer->reset();
+
+					if ( !empty($HTTP_POST_VARS['cc_email']) )
 					{
-						include($phpbb_root_path . 'includes/emailer.'.$phpEx);
-						$emailer = new emailer($board_config['smtp_delivery']);
-	
 						$emailer->from($userdata['user_email']);
 						$emailer->replyto($userdata['user_email']);
-	
-						$email_headers = 'X-AntiAbuse: Board servername - ' . $server_name . "\n";
-						$email_headers .= 'X-AntiAbuse: User_id - ' . $userdata['user_id'] . "\n";
-						$email_headers .= 'X-AntiAbuse: Username - ' . $userdata['username'] . "\n";
-						$email_headers .= 'X-AntiAbuse: User IP - ' . decode_ip($user_ip) . "\n";
-	
-						$emailer->use_template('profile_send_email', $user_lang);
-						$emailer->email_address($user_email);
+						$emailer->use_template('profile_send_email');
+						$emailer->email_address($userdata['user_email']);
 						$emailer->set_subject($subject);
-						$emailer->extra_headers($email_headers);
-	
+
 						$emailer->assign_vars(array(
 							'SITENAME' => $board_config['sitename'], 
 							'BOARD_EMAIL' => $board_config['board_email'], 
@@ -122,95 +139,72 @@ if ( $result = $db->sql_query($sql) )
 						);
 						$emailer->send();
 						$emailer->reset();
-	
-						if ( !empty($HTTP_POST_VARS['cc_email']) )
-						{
-							$emailer->from($userdata['user_email']);
-							$emailer->replyto($userdata['user_email']);
-							$emailer->use_template('profile_send_email');
-							$emailer->email_address($userdata['user_email']);
-							$emailer->set_subject($subject);
-	
-							$emailer->assign_vars(array(
-								'SITENAME' => $board_config['sitename'], 
-								'BOARD_EMAIL' => $board_config['board_email'], 
-								'FROM_USERNAME' => $userdata['username'], 
-								'TO_USERNAME' => $username, 
-								'MESSAGE' => $message)
-							);
-							$emailer->send();
-							$emailer->reset();
-						}
-	
-						$template->assign_vars(array(
-							'META' => '<meta http-equiv="refresh" content="5;url=' . append_sid("index.$phpEx") . '">')
-						);
-	
-						$message = $lang['Email_sent'] . '<br /><br />' . sprintf($lang['Click_return_index'],  '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
-	
-						message_die(GENERAL_MESSAGE, $message);
-					}
-					else
-					{
-						message_die(GENERAL_ERROR, 'Could not update last email time', '', __LINE__, __FILE__, $sql);
 					}
+
+					$template->assign_vars(array(
+						'META' => '<meta http-equiv="refresh" content="5;url=' . append_sid("index.$phpEx") . '">')
+					);
+
+					$message = $lang['Email_sent'] . '<br /><br />' . sprintf($lang['Click_return_index'],  '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
+
+					message_die(GENERAL_MESSAGE, $message);
+				}
+				else
+				{
+					message_die(GENERAL_ERROR, 'Could not update last email time', '', __LINE__, __FILE__, $sql);
 				}
 			}
-	
-			include($phpbb_root_path . 'includes/page_header.'.$phpEx);
-	
-			$template->set_filenames(array(
-				'body' => 'profile_send_email.tpl')
-			);
-			make_jumpbox('viewforum.'.$phpEx);
-	
-			if ( $error )
-			{
-				$template->set_filenames(array(
-					'reg_header' => 'error_body.tpl')
-				);
-				$template->assign_vars(array(
-					'ERROR_MESSAGE' => $error_msg)
-				);
-				$template->assign_var_from_handle('ERROR_BOX', 'reg_header');
-			}
-	
-			$template->assign_vars(array(
-				'USERNAME' => $username,
-	
-				'S_HIDDEN_FIELDS' => '', 
-				'S_POST_ACTION' => append_sid("profile.$phpEx?mode=email&amp;" . POST_USERS_URL . "=$user_id"), 
-	
-				'L_SEND_EMAIL_MSG' => $lang['Send_email_msg'], 
-				'L_RECIPIENT' => $lang['Recipient'], 
-				'L_SUBJECT' => $lang['Subject'],
-				'L_MESSAGE_BODY' => $lang['Message_body'], 
-				'L_MESSAGE_BODY_DESC' => $lang['Email_message_desc'], 
-				'L_EMPTY_SUBJECT_EMAIL' => $lang['Empty_subject_email'],
-				'L_EMPTY_MESSAGE_EMAIL' => $lang['Empty_message_email'],
-				'L_OPTIONS' => $lang['Options'],
-				'L_CC_EMAIL' => $lang['CC_email'], 
-				'L_SPELLCHECK' => $lang['Spellcheck'],
-				'L_SEND_EMAIL' => $lang['Send_email'])
-			);
-	
-			$template->pparse('body');
-	
-			include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
 		}
-		else
+
+		include($phpbb_root_path . 'includes/page_header.'.$phpEx);
+
+		$template->set_filenames(array(
+			'body' => 'profile_send_email.tpl')
+		);
+		make_jumpbox('viewforum.'.$phpEx);
+
+		if ( $error )
 		{
-			message_die(GENERAL_MESSAGE, $lang['User_prevent_email']);
+			$template->set_filenames(array(
+				'reg_header' => 'error_body.tpl')
+			);
+			$template->assign_vars(array(
+				'ERROR_MESSAGE' => $error_msg)
+			);
+			$template->assign_var_from_handle('ERROR_BOX', 'reg_header');
 		}
+
+		$template->assign_vars(array(
+			'USERNAME' => $username,
+
+			'S_HIDDEN_FIELDS' => '', 
+			'S_POST_ACTION' => append_sid("profile.$phpEx?mode=email&amp;" . POST_USERS_URL . "=$user_id"), 
+
+			'L_SEND_EMAIL_MSG' => $lang['Send_email_msg'], 
+			'L_RECIPIENT' => $lang['Recipient'], 
+			'L_SUBJECT' => $lang['Subject'],
+			'L_MESSAGE_BODY' => $lang['Message_body'], 
+			'L_MESSAGE_BODY_DESC' => $lang['Email_message_desc'], 
+			'L_EMPTY_SUBJECT_EMAIL' => $lang['Empty_subject_email'],
+			'L_EMPTY_MESSAGE_EMAIL' => $lang['Empty_message_email'],
+			'L_OPTIONS' => $lang['Options'],
+			'L_CC_EMAIL' => $lang['CC_email'], 
+			'L_SPELLCHECK' => $lang['Spellcheck'],
+			'L_SEND_EMAIL' => $lang['Send_email'])
+		);
+
+		$template->pparse('body');
+
+		include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
 	}
 	else
 	{
-		message_die(GENERAL_MESSAGE, $lang['User_not_exist']);
+		message_die(GENERAL_MESSAGE, $lang['User_prevent_email']);
 	}
 }
 else
 {
-	message_die(GENERAL_ERROR, 'Could not select user data', '', __LINE__, __FILE__, $sql);
+	message_die(GENERAL_MESSAGE, $lang['User_not_exist']);
 }
 
 ?>

phpBB/includes/usercp_register.php

@@ -73,7 +73,6 @@ function show_coppa()
 // ---------------------------------------
 
 $error = FALSE;
-$error_msg = '';
 $page_title = ( $mode == 'editprofile' ) ? $lang['Edit_profile'] : $lang['Register'];
 
 if ( $mode == 'register' && !isset($HTTP_POST_VARS['agreed']) && !isset($HTTP_GET_VARS['agreed']) )
@@ -107,7 +106,8 @@ if (
 		$current_email = trim(htmlspecialchars($HTTP_POST_VARS['current_email']));
 	}
 
-	$strip_var_list = array('email' => 'email', 'icq' => 'icq', 'aim' => 'aim', 'msn' => 'msn', 'yim' => 'yim', 'website' => 'website', 'location' => 'location', 'occupation' => 'occupation', 'interests' => 'interests', 'confirm_code' => 'confirm_code');
+	$strip_var_list = array('username' => 'username', 'email' => 'email', 'icq' => 'icq', 'aim' => 'aim', 'msn' => 'msn', 'yim' => 'yim', 'website' => 'website', 'location' => 'location', 'occupation' => 'occupation', 'interests' => 'interests');
+	$strip_var_list['confirm_code'] = 'confirm_code';
 
 	// Strip all tags from data ... may p**s some people off, bah, strip_tags is
 	// doing the job but can still break HTML output ... have no choice, have
@@ -120,8 +120,6 @@ if (
 		}
 	}
 
-	$username = ( !empty($HTTP_POST_VARS['username']) ) ? phpbb_clean_username($HTTP_POST_VARS['username']) : '';
-
 	$trim_var_list = array('cur_password' => 'cur_password', 'new_password' => 'new_password', 'password_confirm' => 'password_confirm', 'signature' => 'signature');
 
 	while( list($var, $param) = @each($trim_var_list) )
@@ -132,8 +130,7 @@ if (
 		}
 	}
 
-	$signature = (isset($signature)) ? str_replace('<br />', "\n", $signature) : '';
-	$signature_bbcode_uid = '';
+	$signature = str_replace('<br />', "\n", $signature);
 
 	// Run some validation on the optional fields. These are pass-by-ref, so they'll be changed to
 	// empty strings if they fail.
@@ -144,7 +141,6 @@ if (
 	$notifyreply = ( isset($HTTP_POST_VARS['notifyreply']) ) ? ( ($HTTP_POST_VARS['notifyreply']) ? TRUE : 0 ) : 0;
 	$notifypm = ( isset($HTTP_POST_VARS['notifypm']) ) ? ( ($HTTP_POST_VARS['notifypm']) ? TRUE : 0 ) : TRUE;
 	$popup_pm = ( isset($HTTP_POST_VARS['popup_pm']) ) ? ( ($HTTP_POST_VARS['popup_pm']) ? TRUE : 0 ) : TRUE;
-	$sid = (isset($HTTP_POST_VARS['sid'])) ? $HTTP_POST_VARS['sid'] : 0;
 
 	if ( $mode == 'register' )
 	{
@@ -156,7 +152,7 @@ if (
 	}
 	else
 	{
-		$attachsig = ( isset($HTTP_POST_VARS['attachsig']) ) ? ( ($HTTP_POST_VARS['attachsig']) ? TRUE : 0 ) : $userdata['user_attachsig'];
+		$attachsig = ( isset($HTTP_POST_VARS['attachsig']) ) ? ( ($HTTP_POST_VARS['attachsig']) ? TRUE : 0 ) : 0;
 
 		$allowhtml = ( isset($HTTP_POST_VARS['allowhtml']) ) ? ( ($HTTP_POST_VARS['allowhtml']) ? TRUE : 0 ) : $userdata['user_allowhtml'];
 		$allowbbcode = ( isset($HTTP_POST_VARS['allowbbcode']) ) ? ( ($HTTP_POST_VARS['allowbbcode']) ? TRUE : 0 ) : $userdata['user_allowbbcode'];
@@ -196,7 +192,6 @@ if (
 	$user_dateformat = ( !empty($HTTP_POST_VARS['dateformat']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['dateformat'])) : $board_config['default_dateformat'];
 
 	$user_avatar_local = ( isset($HTTP_POST_VARS['avatarselect']) && !empty($HTTP_POST_VARS['submitavatar']) && $board_config['allow_avatar_local'] ) ? htmlspecialchars($HTTP_POST_VARS['avatarselect']) : ( ( isset($HTTP_POST_VARS['avatarlocal'])  ) ? htmlspecialchars($HTTP_POST_VARS['avatarlocal']) : '' );
-	$user_avatar_category = ( isset($HTTP_POST_VARS['avatarcatname']) && $board_config['allow_avatar_local'] ) ? htmlspecialchars($HTTP_POST_VARS['avatarcatname']) : '' ;
 
 	$user_avatar_remoteurl = ( !empty($HTTP_POST_VARS['avatarremoteurl']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['avatarremoteurl'])) : '';
 	$user_avatar_upload = ( !empty($HTTP_POST_VARS['avatarurl']) ) ? trim($HTTP_POST_VARS['avatarurl']) : ( ( $HTTP_POST_FILES['avatar']['tmp_name'] != "none") ? $HTTP_POST_FILES['avatar']['tmp_name'] : '' );
@@ -204,8 +199,8 @@ if (
 	$user_avatar_size = ( !empty($HTTP_POST_FILES['avatar']['size']) ) ? $HTTP_POST_FILES['avatar']['size'] : 0;
 	$user_avatar_filetype = ( !empty($HTTP_POST_FILES['avatar']['type']) ) ? $HTTP_POST_FILES['avatar']['type'] : '';
 
-	$user_avatar = ( empty($user_avatar_local) && $mode == 'editprofile' ) ? $userdata['user_avatar'] : '';
-	$user_avatar_type = ( empty($user_avatar_local) && $mode == 'editprofile' ) ? $userdata['user_avatar_type'] : '';
+	$user_avatar = ( empty($user_avatar_loc) && $mode == 'editprofile' ) ? $userdata['user_avatar'] : '';
+	$user_avatar_type = ( empty($user_avatar_loc) && $mode == 'editprofile' ) ? $userdata['user_avatar_type'] : '';
 
 	if ( (isset($HTTP_POST_VARS['avatargallery']) || isset($HTTP_POST_VARS['submitavatar']) || isset($HTTP_POST_VARS['cancelavatar'])) && (!isset($HTTP_POST_VARS['submit'])) )
 	{
@@ -224,14 +219,14 @@ if (
 		$location = stripslashes($location);
 		$occupation = stripslashes($occupation);
 		$interests = stripslashes($interests);
-		$signature = htmlspecialchars(stripslashes($signature));
+		$signature = stripslashes($signature);
 
 		$user_lang = stripslashes($user_lang);
 		$user_dateformat = stripslashes($user_dateformat);
 
 		if ( !isset($HTTP_POST_VARS['cancelavatar']))
 		{
-			$user_avatar = $user_avatar_category . '/' . $user_avatar_local;
+			$user_avatar = $user_avatar_local;
 			$user_avatar_type = USER_AVATAR_GALLERY;
 		}
 	}
@@ -254,13 +249,6 @@ if ( isset($HTTP_POST_VARS['submit']) )
 {
 	include($phpbb_root_path . 'includes/usercp_avatar.'.$phpEx);
 
-	// session id check
-	if ($sid == '' || $sid != $userdata['session_id'])
-	{
-		$error = true;
-		$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Session_invalid'];
-	}
-
 	$passwd_sql = '';
 	if ( $mode == 'editprofile' )
 	{
@@ -300,7 +288,7 @@ if ( isset($HTTP_POST_VARS['submit']) )
 					AND session_id = '" . $userdata['session_id'] . "'";
 			if (!($result = $db->sql_query($sql)))
 			{
-				message_die(GENERAL_ERROR, 'Could not obtain confirmation code', '', __LINE__, __FILE__, $sql);
+				message_die(GENERAL_ERROR, 'Could not obtain confirmation code', __LINE__, __FILE__, $sql);
 			}
 
 			if ($row = $db->sql_fetchrow($result))
@@ -317,7 +305,7 @@ if ( isset($HTTP_POST_VARS['submit']) )
 							AND session_id = '" . $userdata['session_id'] . "'";
 					if (!$db->sql_query($sql))
 					{
-						message_die(GENERAL_ERROR, 'Could not delete confirmation code', '', __LINE__, __FILE__, $sql);
+						message_die(GENERAL_ERROR, 'Could not delete confirmation code', __LINE__, __FILE__, $sql);
 					}
 				}
 			}
@@ -448,7 +436,7 @@ if ( isset($HTTP_POST_VARS['submit']) )
 			$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Signature_too_long'];
 		}
 
-		if ( !isset($signature_bbcode_uid) || $signature_bbcode_uid == '' )
+		if ( $signature_bbcode_uid == '' )
 		{
 			$signature_bbcode_uid = ( $allowbbcode ) ? make_bbcode_uid() : '';
 		}
@@ -484,13 +472,19 @@ if ( isset($HTTP_POST_VARS['submit']) )
 	}
 	else if ( $user_avatar_remoteurl != '' && $board_config['allow_avatar_remote'] )
 	{
-		user_avatar_delete($userdata['user_avatar_type'], $userdata['user_avatar']);
+		if ( @file_exists(@phpbb_realpath('./' . $board_config['avatar_path'] . '/' . $userdata['user_avatar'])) )
+		{
+			@unlink(@phpbb_realpath('./' . $board_config['avatar_path'] . '/' . $userdata['user_avatar']));
+		}
 		$avatar_sql = user_avatar_url($mode, $error, $error_msg, $user_avatar_remoteurl);
 	}
 	else if ( $user_avatar_local != '' && $board_config['allow_avatar_local'] )
 	{
-		user_avatar_delete($userdata['user_avatar_type'], $userdata['user_avatar']);
-		$avatar_sql = user_avatar_gallery($mode, $error, $error_msg, $user_avatar_local, $user_avatar_category);
+		if ( @file_exists(@phpbb_realpath('./' . $board_config['avatar_path'] . '/' . $userdata['user_avatar'])) )
+		{
+			@unlink(@phpbb_realpath('./' . $board_config['avatar_path'] . '/' . $userdata['user_avatar']));
+		}
+		$avatar_sql = user_avatar_gallery($mode, $error, $error_msg, $user_avatar_local);
 	}
 
 	if ( !$error )
@@ -530,13 +524,6 @@ if ( isset($HTTP_POST_VARS['submit']) )
 				message_die(GENERAL_ERROR, 'Could not update users table', '', __LINE__, __FILE__, $sql);
 			}
 
-			// We remove all stored login keys since the password has been updated
-			// and change the current one (if applicable)
-			if ( !empty($passwd_sql) )
-			{
-				session_reset_keys($user_id, $user_ip);
-			}
-
 			if ( !$user_active )
 			{
 				//
@@ -545,56 +532,22 @@ if ( isset($HTTP_POST_VARS['submit']) )
 				include($phpbb_root_path . 'includes/emailer.'.$phpEx);
 				$emailer = new emailer($board_config['smtp_delivery']);
 
- 				if ( $board_config['require_activation'] != USER_ACTIVATION_ADMIN )
- 				{
- 					$emailer->from($board_config['board_email']);
- 					$emailer->replyto($board_config['board_email']);
- 
- 					$emailer->use_template('user_activate', stripslashes($user_lang));
- 					$emailer->email_address($email);
- 					$emailer->set_subject($lang['Reactivate']);
-  
- 					$emailer->assign_vars(array(
- 						'SITENAME' => $board_config['sitename'],
- 						'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $username), 0, 25)),
- 						'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '',
-  
- 						'U_ACTIVATE' => $server_url . '?mode=activate&' . POST_USERS_URL . '=' . $user_id . '&act_key=' . $user_actkey)
- 					);
- 					$emailer->send();
- 					$emailer->reset();
- 				}
- 				else if ( $board_config['require_activation'] == USER_ACTIVATION_ADMIN )
- 				{
- 					$sql = 'SELECT user_email, user_lang 
- 						FROM ' . USERS_TABLE . '
- 						WHERE user_level = ' . ADMIN;
- 					
- 					if ( !($result = $db->sql_query($sql)) )
- 					{
- 						message_die(GENERAL_ERROR, 'Could not select Administrators', '', __LINE__, __FILE__, $sql);
- 					}
- 					
- 					while ($row = $db->sql_fetchrow($result))
- 					{
- 						$emailer->from($board_config['board_email']);
- 						$emailer->replyto($board_config['board_email']);
- 						
- 						$emailer->email_address(trim($row['user_email']));
- 						$emailer->use_template("admin_activate", $row['user_lang']);
- 						$emailer->set_subject($lang['Reactivate']);
- 
- 						$emailer->assign_vars(array(
- 							'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $username), 0, 25)),
- 							'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),
- 
- 							'U_ACTIVATE' => $server_url . '?mode=activate&' . POST_USERS_URL . '=' . $user_id . '&act_key=' . $user_actkey)
- 						);
- 						$emailer->send();
- 						$emailer->reset();
- 					}
- 					$db->sql_freeresult($result);
- 				}
+				$emailer->from($board_config['board_email']);
+				$emailer->replyto($board_config['board_email']);
+
+				$emailer->use_template('user_activate', stripslashes($user_lang));
+				$emailer->email_address($email);
+				$emailer->set_subject($lang['Reactivate']);
+
+				$emailer->assign_vars(array(
+					'SITENAME' => $board_config['sitename'],
+					'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $username), 0, 25)),
+					'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '',
+
+					'U_ACTIVATE' => $server_url . '?mode=activate&' . POST_USERS_URL . '=' . $user_id . '&act_key=' . $user_actkey)
+				);
+				$emailer->send();
+				$emailer->reset();
 
 				$message = $lang['Profile_updated_inactive'] . '<br /><br />' . sprintf($lang['Click_return_index'],  '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
 			}
@@ -779,7 +732,6 @@ if ( $error )
 	//
 	$username = stripslashes($username);
 	$email = stripslashes($email);
-	$cur_password = '';
 	$new_password = '';
 	$password_confirm = '';
 
@@ -804,7 +756,6 @@ else if ( $mode == 'editprofile' && !isset($HTTP_POST_VARS['avatargallery']) &&
 	$user_id = $userdata['user_id'];
 	$username = $userdata['username'];
 	$email = $userdata['user_email'];
-	$cur_password = '';
 	$new_password = '';
 	$password_confirm = '';
 
@@ -867,7 +818,7 @@ if( isset($HTTP_POST_VARS['avatargallery']) && !$error )
 
 	$allowviewonline = !$allowviewonline;
 
-	display_avatar_gallery($mode, $avatar_category, $user_id, $email, $current_email, $coppa, $username, $email, $new_password, $cur_password, $password_confirm, $icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature, $viewemail, $notifypm, $popup_pm, $notifyreply, $attachsig, $allowhtml, $allowbbcode, $allowsmilies, $allowviewonline, $user_style, $user_lang, $user_timezone, $user_dateformat, $userdata['session_id']);
+	display_avatar_gallery($mode, $avatar_category, $user_id, $email, $current_email, $coppa, $username, $email, &$new_password, &$cur_password, $password_confirm, $icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature, $viewemail, $notifypm, $popup_pm, $notifyreply, $attachsig, $allowhtml, $allowbbcode, $allowsmilies, $allowviewonline, $user_style, $user_lang, $user_timezone, $user_dateformat, $userdata['session_id']);
 }
 else
 {
@@ -878,9 +829,9 @@ else
 		$coppa = FALSE;
 	}
 
-	if ( !isset($user_style) )
+	if ( !isset($user_template) )
 	{
-		$user_style = $board_config['default_style'];
+		$selected_template = $board_config['system_template'];
 	}
 
 	$avatar_img = '';
@@ -901,7 +852,6 @@ else
 	}
 
 	$s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />';
-	$s_hidden_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />';
 	if( $mode == 'editprofile' )
 	{
 		$s_hidden_fields .= '<input type="hidden" name="user_id" value="' . $userdata['user_id'] . '" />';
@@ -914,7 +864,7 @@ else
 
 	if ( !empty($user_avatar_local) )
 	{
-		$s_hidden_fields .= '<input type="hidden" name="avatarlocal" value="' . $user_avatar_local . '" /><input type="hidden" name="avatarcatname" value="' . $user_avatar_category . '" />';
+		$s_hidden_fields .= '<input type="hidden" name="avatarlocal" value="' . $user_avatar_local . '" />';
 	}
 
 	$html_status =  ( $userdata['user_allowhtml'] && $board_config['allow_html'] ) ? $lang['HTML_is_ON'] : $lang['HTML_is_OFF'];
@@ -997,10 +947,17 @@ else
 		}
 		$db->sql_freeresult($result);
 		
-		// Generate the required confirmation code
-		// NB 0 (zero) could get confused with O (the letter) so we make change it
-		$code = dss_rand();
-		$code = substr(str_replace('0', 'Z', strtoupper(base_convert($code, 16, 35))), 2, 6);
+		$confirm_chars = array('A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J',  'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T',  'U', 'V', 'W', 'X', 'Y', 'Z', '1', '2', '3', '4', '5', '6', '7', '8', '9');
+
+		list($usec, $sec) = explode(' ', microtime()); 
+		mt_srand($sec * $usec); 
+
+		$max_chars = count($confirm_chars) - 1;
+		$code = '';
+		for ($i = 0; $i < 6; $i++)
+		{
+			$code .= $confirm_chars[mt_rand(0, $max_chars)];
+		}
 
 		$confirm_id = md5(uniqid($user_ip));
 
@@ -1013,7 +970,7 @@ else
 
 		unset($code);
 		
-		$confirm_image = '<img src="' . append_sid("profile.$phpEx?mode=confirm&amp;id=$confirm_id") . '" alt="" title="" />';
+		$confirm_image = (@extension_loaded('zlib')) ? '<img src="' . append_sid("profile.$phpEx?mode=confirm&amp;id=$confirm_id") . '" alt="" title="" />' : '<img src="' . append_sid("profile.$phpEx?mode=confirm&amp;id=$confirm_id&amp;c=1") . '" alt="" title="" /><img src="' . append_sid("profile.$phpEx?mode=confirm&amp;id=$confirm_id&amp;c=2") . '" alt="" title="" /><img src="' . append_sid("profile.$phpEx?mode=confirm&amp;id=$confirm_id&amp;c=3") . '" alt="" title="" /><img src="' . append_sid("profile.$phpEx?mode=confirm&amp;id=$confirm_id&amp;c=4") . '" alt="" title="" /><img src="' . append_sid("profile.$phpEx?mode=confirm&amp;id=$confirm_id&amp;c=5") . '" alt="" title="" /><img src="' . append_sid("profile.$phpEx?mode=confirm&amp;id=$confirm_id&amp;c=6") . '" alt="" title="" />';
 		$s_hidden_fields .= '<input type="hidden" name="confirm_id" value="' . $confirm_id . '" />';
 
 		$template->assign_block_vars('switch_confirm', array());
@@ -1028,11 +985,11 @@ else
 	$form_enctype = ( @$ini_val('file_uploads') == '0' || strtolower(@$ini_val('file_uploads') == 'off') || phpversion() == '4.0.4pl1' || !$board_config['allow_avatar_upload'] || ( phpversion() < '4.0.3' && @$ini_val('open_basedir') != '' ) ) ? '' : 'enctype="multipart/form-data"';
 
 	$template->assign_vars(array(
-		'USERNAME' => isset($username) ? $username : '',
-		'CUR_PASSWORD' => isset($cur_password) ? $cur_password : '',
-		'NEW_PASSWORD' => isset($new_password) ? $new_password : '',
-		'PASSWORD_CONFIRM' => isset($password_confirm) ? $password_confirm : '',
-		'EMAIL' => isset($email) ? $email : '',
+		'USERNAME' => $username,
+		'CUR_PASSWORD' => $cur_password,
+		'NEW_PASSWORD' => $new_password,
+		'PASSWORD_CONFIRM' => $password_confirm,
+		'EMAIL' => $email,
 		'CONFIRM_IMG' => $confirm_image, 
 		'YIM' => $yim,
 		'ICQ' => $icq,

phpBB/includes/usercp_sendpasswd.php

@@ -50,7 +50,7 @@ if ( isset($HTTP_POST_VARS['submit']) )
 
 			$user_actkey = gen_rand_string(true);
 			$key_len = 54 - strlen($server_url);
-			$key_len = ($key_len > 6) ? $key_len : 6;
+			$key_len = ( $str_len > 6 ) ? $key_len : 6;
 			$user_actkey = substr($user_actkey, 0, $key_len);
 			$user_password = gen_rand_string(false);
 			

phpBB/includes/usercp_viewprofile.php

@@ -165,8 +165,8 @@ $yim_img = ( $profiledata['user_yim'] ) ? '<a href="http://edit.yahoo.com/config
 $yim = ( $profiledata['user_yim'] ) ? '<a href="http://edit.yahoo.com/config/send_webmesg?.target=' . $profiledata['user_yim'] . '&amp;.src=pg">' . $lang['YIM'] . '</a>' : '';
 
 $temp_url = append_sid("search.$phpEx?search_author=" . urlencode($profiledata['username']) . "&amp;showresults=posts");
-$search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . sprintf($lang['Search_user_posts'], $profiledata['username']) . '" title="' . sprintf($lang['Search_user_posts'], $profiledata['username']) . '" border="0" /></a>';
-$search = '<a href="' . $temp_url . '">' . sprintf($lang['Search_user_posts'], $profiledata['username']) . '</a>';
+$search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . $lang['Search_user_posts'] . '" title="' . $lang['Search_user_posts'] . '" border="0" /></a>';
+$search = '<a href="' . $temp_url . '">' . $lang['Search_user_posts'] . '</a>';
 
 //
 // Generate page

phpBB/index.php

@@ -119,10 +119,7 @@ if( !($result = $db->sql_query($sql)) )
 }
 
 $category_rows = array();
-while ($row = $db->sql_fetchrow($result))
-{
-	$category_rows[] = $row;
-}
+while( $category_rows[] = $db->sql_fetchrow($result) );
 $db->sql_freeresult($result);
 
 if( ( $total_categories = count($category_rows) ) )
@@ -186,14 +183,8 @@ if( ( $total_categories = count($category_rows) ) )
 	// Obtain a list of topic ids which contain
 	// posts made since user last visited
 	//
-	if ($userdata['session_logged_in'])
+	if ( $userdata['session_logged_in'] )
 	{
-		// 60 days limit
-		if ($userdata['user_lastvisit'] < (time() - 5184000))
-		{
-			$userdata['user_lastvisit'] = time() - 5184000;
-		}
-
 		$sql = "SELECT t.forum_id, t.topic_id, p.post_time 
 			FROM " . TOPICS_TABLE . " t, " . POSTS_TABLE . " p 
 			WHERE p.post_id = t.topic_last_post_id 
@@ -302,19 +293,6 @@ if( ( $total_categories = count($category_rows) ) )
 		'U_MARK_READ' => append_sid("index.$phpEx?mark=forums"))
 	);
 
-	//
-	// Let's decide which categories we should display
-	//
-	$display_categories = array();
-
-	for ($i = 0; $i < $total_forums; $i++ )
-	{
-		if ($is_auth_ary[$forum_data[$i]['forum_id']]['auth_view'])
-		{
-			$display_categories[$forum_data[$i]['cat_id']] = true;
-		}
-	}
-
 	//
 	// Okay, let's build the index
 	//
@@ -322,11 +300,23 @@ if( ( $total_categories = count($category_rows) ) )
 	{
 		$cat_id = $category_rows[$i]['cat_id'];
 
+		//
+		// Should we display this category/forum set?
+		//
+		$display_forums = false;
+		for($j = 0; $j < $total_forums; $j++)
+		{
+			if ( $is_auth_ary[$forum_data[$j]['forum_id']]['auth_view'] && $forum_data[$j]['cat_id'] == $cat_id )
+			{
+				$display_forums = true;
+			}
+		}
+
 		//
 		// Yes, we should, so first dump out the category
 		// title, then, if appropriate the forum list
 		//
-		if (isset($display_categories[$cat_id]) && $display_categories[$cat_id])
+		if ( $display_forums )
 		{
 			$template->assign_block_vars('catrow', array(
 				'CAT_ID' => $cat_id,

phpBB/install/install.php

@@ -333,7 +333,7 @@ $available_dbms = array(
 		'COMMENTS'		=> 'remove_remarks'
 	), 
 	'mysql4' => array(
-		'LABEL'			=> 'MySQL 4.x/5.x',
+		'LABEL'			=> 'MySQL 4.x',
 		'SCHEMA'		=> 'mysql', 
 		'DELIM'			=> ';', 
 		'DELIM_BASIC'	=> ';',

phpBB/install/schemas/mssql_basic.sql

@@ -41,9 +41,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('max_sentbox_privms
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('max_savebox_privmsgs','50');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('board_email_sig','Thanks, The Management');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('board_email','youraddress@yourdomain.com');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('enable_confirm', '1');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('allow_autologin','1');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('max_autologin_time','0');
+INSERT INTO phpbb_config (config_name, config_value) VALUES ('enable_confirm', '0');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('smtp_delivery','0');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('smtp_host','');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('smtp_username','');
@@ -51,10 +49,6 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('smtp_password','')
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('sendmail_fix','0');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('require_activation','0');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('flood_interval','15');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('search_flood_interval','15');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('search_min_chars','3');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('max_login_attempts', '5');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('login_reset_time', '30');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('board_email_form','0');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('avatar_filesize','6144');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('avatar_max_width','80');
@@ -75,8 +69,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('record_online_date
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('server_name', 'www.yourdomain.tld');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('server_port', '80');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('script_path', '/phpBB2/');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '.0.23');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('rand_seed', '0');
+INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '.0.16');
 
 /*
   -- Categories
@@ -91,7 +84,7 @@ SET IDENTITY_INSERT phpbb_categories OFF;
 /*
   -- Forums
 */
-INSERT INTO phpbb_forums (forum_id, cat_id, forum_name, forum_desc, forum_status, forum_order, forum_posts, forum_topics, forum_last_post_id, prune_next, prune_enable, auth_view, auth_read, auth_post, auth_reply, auth_edit, auth_delete, auth_announce, auth_sticky, auth_pollcreate, auth_vote, auth_attachments) VALUES (1, 1, 'Test Forum 1', 'This is just a test forum, nothing special here.', '', 1, 1, 1, 1, '', 1, '', '', 1, 1, 1, 1, 3, 3, 1, 1, 3);
+INSERT INTO phpbb_forums (forum_id, cat_id, forum_name, forum_desc, forum_status, forum_order, forum_posts, forum_topics, forum_last_post_id, prune_next, prune_enable, auth_view, auth_read, auth_post, auth_reply, auth_edit, auth_delete, auth_announce, auth_sticky, auth_pollcreate, auth_vote, auth_attachments) VALUES (1, 1, 'Test Forum 1', 'This is just a test forum, nothing special here.', '', 1, 1, 1, 1, '', 1, '', '', '', '', 1, 1, 3, 3, 1, 1, 3);
 
 /*
   -- Users

phpBB/install/schemas/mssql_schema.sql

@@ -165,7 +165,6 @@ GO
 CREATE TABLE [phpbb_search_results] (
 	[search_id] [int] NOT NULL ,
 	[session_id] [char] (32) NOT NULL ,
-	[search_time] [int] NOT NULL ,
 	[search_array] [text] NOT NULL
 ) ON [PRIMARY] TEXTIMAGE_ON [PRIMARY]
 GO
@@ -196,14 +195,6 @@ CREATE TABLE [phpbb_sessions] (
 ) ON [PRIMARY]
 GO
 
-CREATE TABLE [phpbb_sessions_keys] (
-  [key_id] [char] (32) NOT NULL ,
-  [user_id] [int] NOT NULL ,
-  [last_ip] [char] (8) NOT NULL ,
-  [last_login] [int] NOT NULL
-) ON [PRIMARY]
-GO
-
 CREATE TABLE [phpbb_smilies] (
 	[smilies_id] [int] IDENTITY (1, 1) NOT NULL ,
 	[code] [varchar] (10) NOT NULL ,
@@ -343,8 +334,6 @@ CREATE TABLE [phpbb_users] (
 	[user_new_privmsg] [smallint] NOT NULL ,
 	[user_unread_privmsg] [smallint] NOT NULL ,
 	[user_last_privmsg] [int] NOT NULL ,
-	[user_login_tries] [smallint] NOT NULL ,
-	[user_last_login_try] [int] NOT NULL ,
 	[user_emailtime] [int] NOT NULL ,
 	[user_viewemail] [smallint] NULL ,
 	[user_attachsig] [smallint] NULL ,
@@ -594,10 +583,6 @@ ALTER TABLE [phpbb_posts] WITH NOCHECK ADD
 	CONSTRAINT [DF_phpbb_posts_post_edit_count] DEFAULT (0) FOR [post_edit_count]
 GO
 
-ALTER TABLE [phpbb_search_results] WITH NOCHECK ADD
-	CONSTRAINT [DF_phpbb_search_results_search_time] DEFAULT (0) FOR [search_time]
-GO
-
 ALTER TABLE [phpbb_search_wordlist] WITH NOCHECK ADD
 	CONSTRAINT [DF_phpbb_search_wordlist_word_common] DEFAULT (0) FOR [word_common]
 GO
@@ -620,8 +605,6 @@ ALTER TABLE [phpbb_users] WITH NOCHECK ADD
 	CONSTRAINT [DF_phpbb_users_user_new_privmsg] DEFAULT (0) FOR [user_new_privmsg],
 	CONSTRAINT [DF_phpbb_users_user_unread_privmsg] DEFAULT (0) FOR [user_unread_privmsg],
 	CONSTRAINT [DF_phpbb_users_user_last_privmsg] DEFAULT (0) FOR [user_last_privmsg],
-	CONSTRAINT [DF_phpbb_users_user_login_tries] DEFAULT (0) FOR [user_login_tries],
-	CONSTRAINT [DF_phpbb_users_user_last_login_try] DEFAULT (0) FOR [user_last_login_try],
 	CONSTRAINT [DF_phpbb_users_user_emailtime] DEFAULT (0) FOR [user_emailtime],
 	CONSTRAINT [DF_phpbb_users_user_viewemail] DEFAULT (1) FOR [user_viewemail],
 	CONSTRAINT [DF_phpbb_users_user_attachsig] DEFAULT (1) FOR [user_attachsig],
@@ -633,7 +616,6 @@ ALTER TABLE [phpbb_users] WITH NOCHECK ADD
 	CONSTRAINT [DF_phpbb_users_user_allow_viewonline] DEFAULT (1) FOR [user_allow_viewonline],
 	CONSTRAINT [DF_phpbb_users_user_notify_pm] DEFAULT (0) FOR [user_notify_pm],
 	CONSTRAINT [DF_phpbb_users_user_popup_pm] DEFAULT (1) FOR [user_popup_pm],
-	CONSTRAINT [DF_phpbb_users_user_dateformat] DEFAULT('d M Y H:i') FOR [user_dateformat],
 	CONSTRAINT [DF_phpbb_users_user_avatar_type] DEFAULT (0) FOR [user_avatar_type]
 GO
 
@@ -685,12 +667,6 @@ GO
  CREATE  INDEX [IX_phpbb_sessions] ON [phpbb_sessions]([session_id], [session_user_id], [session_ip], [session_logged_in]) ON [PRIMARY]
 GO
 
- CREATE  INDEX [IX_phpbb_sessions_keys] ON [phpbb_sessions_keys]([key_id], [user_id]) ON [PRIMARY]
-GO
-
- CREATE  INDEX [IX_phpbb_sessions_keys_1] ON [phpbb_sessions_keys]([last_login]) ON [PRIMARY]
-GO
-
  CREATE  INDEX [IX_phpbb_topics] ON [phpbb_topics]([forum_id], [topic_type], [topic_first_post_id], [topic_last_post_id]) ON [PRIMARY]
 GO
 

phpBB/install/schemas/mysql_basic.sql

@@ -23,9 +23,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('allow_theme_create
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('allow_avatar_local','0');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('allow_avatar_remote','0');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('allow_avatar_upload','0');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('enable_confirm', '1');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('allow_autologin','1');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('max_autologin_time','0');
+INSERT INTO phpbb_config (config_name, config_value) VALUES ('enable_confirm', '0');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('override_user_style','0');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('posts_per_page','15');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('topics_per_page','50');
@@ -44,10 +42,6 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('smtp_password','')
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('sendmail_fix','0');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('require_activation','0');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('flood_interval','15');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('search_flood_interval','15');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('search_min_chars','3');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('max_login_attempts', '5');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('login_reset_time', '30');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('board_email_form','0');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('avatar_filesize','6144');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('avatar_max_width','80');
@@ -68,8 +62,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('record_online_date
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('server_name', 'www.myserver.tld');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('server_port', '80');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('script_path', '/phpBB2/');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '.0.23');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('rand_seed', '0');
+INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '.0.16');
 
 
 # -- Categories
@@ -77,7 +70,7 @@ INSERT INTO phpbb_categories (cat_id, cat_title, cat_order) VALUES (1, 'Test cat
 
 
 # -- Forums
-INSERT INTO phpbb_forums (forum_id, forum_name, forum_desc, cat_id, forum_order, forum_posts, forum_topics, forum_last_post_id, auth_view, auth_read, auth_post, auth_reply, auth_edit, auth_delete, auth_announce, auth_sticky, auth_pollcreate, auth_vote, auth_attachments) VALUES (1, 'Test Forum 1', 'This is just a test forum.', 1, 10, 1, 1, 1, 0, 0, 1, 1, 1, 1, 3, 3, 1, 1, 3);
+INSERT INTO phpbb_forums (forum_id, forum_name, forum_desc, cat_id, forum_order, forum_posts, forum_topics, forum_last_post_id, auth_view, auth_read, auth_post, auth_reply, auth_edit, auth_delete, auth_announce, auth_sticky, auth_pollcreate, auth_vote, auth_attachments) VALUES (1, 'Test Forum 1', 'This is just a test forum.', 1, 10, 1, 1, 1, 0, 0, 0, 0, 1, 1, 3, 3, 1, 1, 3);
 
 
 # -- Users
@@ -111,7 +104,7 @@ INSERT INTO phpbb_posts_text (post_id, post_subject, post_text) VALUES (1, NULL,
 
 
 # -- Themes
-INSERT INTO phpbb_themes (themes_id, template_name, style_name, head_stylesheet, body_background, body_bgcolor, body_text, body_link, body_vlink, body_alink, body_hlink, tr_color1, tr_color2, tr_color3, tr_class1, tr_class2, tr_class3, th_color1, th_color2, th_color3, th_class1, th_class2, th_class3, td_color1, td_color2, td_color3, td_class1, td_class2, td_class3, fontface1, fontface2, fontface3, fontsize1, fontsize2, fontsize3, fontcolor1, fontcolor2, fontcolor3, span_class1, span_class2, span_class3) VALUES (1, 'subSilver', 'subSilver', 'subSilver.css', '', 'E5E5E5', '000000', '006699', '5493B4', '', 'DD6900', 'EFEFEF', 'DEE3E7', 'D1D7DC', '', '', '', '98AAB1', '006699', 'FFFFFF', 'cellpic1.gif', 'cellpic3.gif', 'cellpic2.jpg', 'FAFAFA', 'FFFFFF', '', 'row1', 'row2', '', 'Verdana, Arial, Helvetica, sans-serif', 'Trebuchet MS', 'Courier, ''Courier New'', sans-serif', 10, 11, 12, '444444', '006600', 'FFA34F', '', '', '');
+INSERT INTO phpbb_themes (themes_id, template_name, style_name, head_stylesheet, body_background, body_bgcolor, body_text, body_link, body_vlink, body_alink, body_hlink, tr_color1, tr_color2, tr_color3, tr_class1, tr_class2, tr_class3, th_color1, th_color2, th_color3, th_class1, th_class2, th_class3, td_color1, td_color2, td_color3, td_class1, td_class2, td_class3, fontface1, fontface2, fontface3, fontsize1, fontsize2, fontsize3, fontcolor1, fontcolor2, fontcolor3, span_class1, span_class2, span_class3) VALUES (1, 'subSilver', 'subSilver', 'subSilver.css', '', 'E5E5E5', '000000', '006699', '5493B4', '', 'DD6900', 'EFEFEF', 'DEE3E7', 'D1D7DC', '', '', '', '98AAB1', '006699', 'FFFFFF', 'cellpic1.gif', 'cellpic3.gif', 'cellpic2.jpg', 'FAFAFA', 'FFFFFF', '', 'row1', 'row2', '', 'Verdana, Arial, Helvetica, sans-serif', 'Trebuchet MS', 'Courier, \'Courier New\', sans-serif', 10, 11, 12, '444444', '006600', 'FFA34F', '', '', '');
 
 INSERT INTO phpbb_themes_name (themes_id, tr_color1_name, tr_color2_name, tr_color3_name, tr_class1_name, tr_class2_name, tr_class3_name, th_color1_name, th_color2_name, th_color3_name, th_class1_name, th_class2_name, th_class3_name, td_color1_name, td_color2_name, td_color3_name, td_class1_name, td_class2_name, td_class3_name, fontface1_name, fontface2_name, fontface3_name, fontsize1_name, fontsize2_name, fontsize3_name, fontcolor1_name, fontcolor2_name, fontcolor3_name, span_class1_name, span_class2_name, span_class3_name) VALUES (1, 'The lightest row colour', 'The medium row color', 'The darkest row colour', '', '', '', 'Border round the whole page', 'Outer table border', 'Inner table border', 'Silver gradient picture', 'Blue gradient picture', 'Fade-out gradient on index', 'Background for quote boxes', 'All white areas', '', 'Background for topic posts', '2nd background for topic posts', '', 'Main fonts', 'Additional topic title font', 'Form fonts', 'Smallest font size', 'Medium font size', 'Normal font size (post body etc)', 'Quote & copyright text', 'Code text colour', 'Main table header text colour', '', '', '');
 

phpBB/install/schemas/mysql_schema.sql

@@ -194,7 +194,7 @@ CREATE TABLE phpbb_posts (
 #
 CREATE TABLE phpbb_posts_text (
    post_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL,
-   bbcode_uid char(10) DEFAULT '' NOT NULL,
+   bbcode_uid char(10) NOT NULL,
    post_subject char(60),
    post_text text,
    PRIMARY KEY (post_id)
@@ -256,8 +256,7 @@ CREATE TABLE phpbb_ranks (
 CREATE TABLE phpbb_search_results (
   search_id int(11) UNSIGNED NOT NULL default '0',
   session_id char(32) NOT NULL default '',
-  search_time int(11) DEFAULT '0' NOT NULL,
-  search_array mediumtext NOT NULL,
+  search_array text NOT NULL,
   PRIMARY KEY  (search_id),
   KEY session_id (session_id)
 );
@@ -312,19 +311,6 @@ CREATE TABLE phpbb_sessions (
    KEY session_id_ip_user_id (session_id, session_ip, session_user_id)
 );
 
-# --------------------------------------------------------
-#
-# Table structure for table `phpbb_sessions_keys`
-#
-CREATE TABLE phpbb_sessions_keys (
-  key_id varchar(32) DEFAULT '0' NOT NULL,
-  user_id mediumint(8) DEFAULT '0' NOT NULL,
-  last_ip varchar(8) DEFAULT '0' NOT NULL,
-  last_login int(11) DEFAULT '0' NOT NULL,
-  PRIMARY KEY (key_id, user_id),
-  KEY last_login (last_login)
-);
-
 
 # --------------------------------------------------------
 #
@@ -493,8 +479,6 @@ CREATE TABLE phpbb_users (
    user_new_privmsg smallint(5) UNSIGNED DEFAULT '0' NOT NULL,
    user_unread_privmsg smallint(5) UNSIGNED DEFAULT '0' NOT NULL,
    user_last_privmsg int(11) DEFAULT '0' NOT NULL,
-   user_login_tries smallint(5) UNSIGNED DEFAULT '0' NOT NULL,
-   user_last_login_try int(11) DEFAULT '0' NOT NULL,
    user_emailtime int(11),
    user_viewemail tinyint(1),
    user_attachsig tinyint(1),

phpBB/install/schemas/postgres_basic.sql

@@ -24,9 +24,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('allow_theme_create
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('allow_avatar_local','0');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('allow_avatar_remote','0');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('allow_avatar_upload','0');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('enable_confirm', '1');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('allow_autologin','1');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('max_autologin_time','0');
+INSERT INTO phpbb_config (config_name, config_value) VALUES ('enable_confirm', '0');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('override_user_style','0');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('posts_per_page','15');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('topics_per_page','50');
@@ -45,10 +43,6 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('smtp_password','')
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('sendmail_fix','0');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('require_activation','0');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('flood_interval','15');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('search_flood_interval','15');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('search_min_chars','3');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('max_login_attempts', '5');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('login_reset_time', '30');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('board_email_form','0');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('avatar_filesize','6144');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('avatar_max_width','80');
@@ -69,15 +63,14 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('record_online_date
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('server_name', 'www.yourdomain.tld');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('server_port', '80');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('script_path', '/phpBB2/');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '.0.23');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('rand_seed', '0');
+INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '.0.16');
 
 -- Categories
 INSERT INTO phpbb_categories (cat_id, cat_title, cat_order) VALUES (1, 'Test category 1', 10);
 
 
 -- Forums
-INSERT INTO phpbb_forums (forum_id, forum_name, forum_desc, cat_id, forum_order, forum_posts, forum_topics, forum_last_post_id, auth_view, auth_read, auth_post, auth_reply, auth_edit, auth_delete, auth_announce, auth_sticky, auth_pollcreate, auth_vote, auth_attachments) VALUES (1, 'Test Forum 1', 'This is just a test forum.', 1, 10, 1, 1, 1, 0, 0, 1, 1, 1, 1, 3, 3, 1, 1, 3);
+INSERT INTO phpbb_forums (forum_id, forum_name, forum_desc, cat_id, forum_order, forum_posts, forum_topics, forum_last_post_id, auth_view, auth_read, auth_post, auth_reply, auth_edit, auth_delete, auth_announce, auth_sticky, auth_pollcreate, auth_vote, auth_attachments) VALUES (1, 'Test Forum 1', 'This is just a test forum.', 1, 10, 1, 1, 1, 0, 0, 0, 0, 1, 1, 3, 3, 1, 1, 3);
 
 -- Users
 INSERT INTO phpbb_users (user_id, username, user_level, user_regdate, user_password, user_email, user_icq, user_website, user_occ, user_from, user_interests, user_sig, user_viewemail, user_style, user_aim, user_yim, user_msnm, user_posts, user_attachsig, user_allowsmile, user_allowhtml, user_allowbbcode, user_allow_pm, user_notify_pm, user_allow_viewonline, user_rank, user_avatar, user_lang, user_timezone, user_dateformat, user_actkey, user_newpasswd, user_notify, user_active) VALUES ( -1, 'Anonymous', 0, 0, '', '', '', '', '', '', '', '', 0, NULL, '', '', '', 0, 0, 1, 1, 1, 0, 1, 1, NULL, '', '', 0, '', '', '', 0, 0);

phpBB/install/schemas/postgres_schema.sql

@@ -248,7 +248,6 @@ CREATE TABLE phpbb_ranks (
 CREATE TABLE phpbb_search_results (
   search_id int4 NOT NULL default '0',
   session_id char(32) NOT NULL default '',
-  search_time int4 DEFAULT '0' NOT NULL,
   search_array text NOT NULL,
   CONSTRAINT phpbb_search_results_pkey PRIMARY KEY (search_id)
 );
@@ -296,17 +295,6 @@ CREATE TABLE phpbb_sessions (
 CREATE INDEX session_user_id_phpbb_sessions_index ON phpbb_sessions (session_user_id);
 CREATE INDEX session_id_ip_user_id_phpbb_sessions_index ON phpbb_sessions (session_id, session_ip, session_user_id);
 
-/* --------------------------------------------------------
-  Table structure for table phpbb_sessions_keys
--------------------------------------------------------- */
-CREATE TABLE phpbb_sessions_keys (
-  key_id char(32) DEFAULT '0' NOT NULL,
-  user_id int4 DEFAULT '0' NOT NULL,
-  last_ip char(8) DEFAULT '0' NOT NULL,
-  last_login int4 DEFAULT '0' NOT NULL,
-  CONSTRAINT phpbb_sessions_keys_pkey PRIMARY KEY (key_id, user_id)
-);
-CREATE INDEX last_login_phpbb_sessions_keys_index ON phpbb_sessions_keys (last_login);
 
 /* --------------------------------------------------------
   Table structure for table phpbb_smilies
@@ -489,8 +477,6 @@ CREATE TABLE phpbb_users (
    user_new_privmsg int2 DEFAULT '0' NOT NULL,
    user_unread_privmsg int2 DEFAULT '0' NOT NULL,
    user_last_privmsg int4 DEFAULT '0' NOT NULL,
-   user_login_tries int2 DEFAULT '0' NOT NULL,
-   user_last_login_try int4 DEFAULT '0' NOT NULL,
    user_emailtime int4,
    user_viewemail int2,
    user_attachsig int2,
@@ -503,10 +489,10 @@ CREATE TABLE phpbb_users (
    user_rank int4 DEFAULT '0',
    user_avatar varchar(100),
    user_avatar_type int2 DEFAULT '0' NOT NULL,
-   user_level int4 DEFAULT '0',
+   user_level int4 DEFAULT '1',
    user_lang varchar(255),
-   user_timezone decimal(5,2) DEFAULT '0.0' NOT NULL,
-   user_dateformat varchar(14) DEFAULT 'd M Y H:i' NOT NULL,
+   user_timezone decimal(5) DEFAULT '0' NOT NULL,
+   user_dateformat varchar(14) DEFAULT 'd M Y H:m' NOT NULL,
    user_notify_pm int2 DEFAULT '0' NOT NULL,
    user_popup_pm int2 DEFAULT '0' NOT NULL,
    user_notify int2,

phpBB/install/update_to_latest.php

@@ -59,7 +59,7 @@ include($phpbb_root_path . 'includes/db.'.$phpEx);
 //
 //
 //
-$updates_to_version = '.0.23';
+$updates_to_version = '.0.16';
 //
 //
 //
@@ -465,7 +465,7 @@ switch ($row['config_value'])
 					AS SELECT group_id, group_name, group_type, group_description, group_moderator, group_single_user 
 						FROM " . GROUPS_TABLE;
 				$sql[] = "DROP TABLE " . GROUPS_TABLE;
-				$sql[] = "CREATE TABLE {$table_prefix}groups (group_id int DEFAULT nextval('" . GROUPS_TABLE . "_id_seq'::text) NOT NULL, group_name varchar(40) NOT NULL, group_type int2 DEFAULT '1' NOT NULL, group_description varchar(255) NOT NULL, group_moderator int4 DEFAULT '0' NOT NULL, group_single_user int2 DEFAULT '0' NOT NULL, CONSTRAINT {$table_prefix}groups_pkey PRIMARY KEY (group_id))";
+				$sql[] = "CREATE TABLE phpbb_groups (group_id int DEFAULT nextval('" . GROUPS_TABLE . "_id_seq'::text) NOT NULL, group_name varchar(40) NOT NULL, group_type int2 DEFAULT '1' NOT NULL, group_description varchar(255) NOT NULL, group_moderator int4 DEFAULT '0' NOT NULL, group_single_user int2 DEFAULT '0' NOT NULL, CONSTRAINT phpbb_groups_pkey PRIMARY KEY (group_id))";
 				$sql[] = "INSERT INTO " . GROUPS_TABLE . " (group_id, group_name, group_type, group_description, group_moderator, group_single_user) 
 					SELECT group_id, group_name, group_type, group_description, group_moderator, group_single_user 
 						FROM tmp_" . GROUPS_TABLE;
@@ -511,7 +511,7 @@ switch ($row['config_value'])
 				break;
 
 			case 'postgresql':
-				$sql[] = 'CREATE TABLE ' . $table_prefix . 'confirm (confirm_id char(32) DEFAULT \'\' NOT NULL,  session_id char(32) DEFAULT \'\' NOT NULL, code char(6) DEFAULT \'\' NOT NULL, CONSTRAINT {$table_prefix}confirm_pkey PRIMARY KEY (session_id, confirm_id))';
+				$sql[] = 'CREATE TABLE ' . $table_prefix . 'confirm (confirm_id char(32) DEFAULT \'\' NOT NULL,  session_id char(32) DEFAULT \'\' NOT NULL, code char(6) DEFAULT \'\' NOT NULL, CONSTRAINT phpbb_confirm_pkey PRIMARY KEY (session_id, confirm_id))';
 				break;
 		}
 
@@ -554,122 +554,6 @@ switch ($row['config_value'])
 				break;
 		}
 
-	case '.0.15':
-	case '.0.16':
-	case '.0.17':
-		// Add tables for session keys
-		switch (SQL_LAYER)
-		{
-			case 'mysql':
-			case 'mysql4':
-				$sql[] = 'CREATE TABLE ' . $table_prefix . 'sessions_keys (key_id varchar(32) DEFAULT \'0\' NOT NULL, user_id mediumint(8) DEFAULT \'0\' NOT NULL, last_ip varchar(8) DEFAULT \'0\' NOT NULL, last_login int(11) DEFAULT \'0\' NOT NULL, PRIMARY KEY (key_id, user_id), KEY last_login (last_login))';
-				break;
-
-			case 'mssql':
-			case 'mssql-odbc':
-				$sql[] = 'CREATE TABLE [' . $table_prefix . 'sessions_keys] ([key_id] [char] (32) NOT NULL , [user_id] [int] NOT NULL , [last_ip] [char] (8) NOT NULL , [last_login] [int] NOT NULL) ON [PRIMARY]';
-
-				$sql[] = 'CREATE INDEX [IX_' . $table_prefix . 'sessions_keys] ON [' . $table_prefix . 'sessions_keys]([key_id], [user_id]) ON [PRIMARY]';
-				$sql[] = 'CREATE  INDEX [IX_' . $table_prefix . 'sessions_keys_1] ON [' . $table_prefix . 'sessions_keys]([last_login]) ON [PRIMARY]';
-				break;
-
-			case 'msaccess':
-				$sql[] = 'CREATE TABLE ' . $table_prefix . 'sessions_keys (key_id char(32) NOT NULL, user_id int NOT NULL, last_ip char(8) NOT NULL, last_login int NOT NULL)';
-				$sql[] = 'ALTER TABLE ' . $table_prefix . 'sessions_keys ADD PRIMARY KEY (key_id, user_id)';
-				break;
-
-			case 'postgresql':
-				$sql[] = 'CREATE TABLE ' . $table_prefix . 'sessions_keys (key_id char(32) DEFAULT \'0\' NOT NULL, user_id int4 DEFAULT \'0\' NOT NULL, last_ip char(8) DEFAULT \'0\' NOT NULL, last_login int4 DEFAULT \'0\' NOT NULL, CONSTRAINT ' . $table_prefix . 'sessions_keys_pkey PRIMARY KEY (key_id, user_id))';
-				$sql[] = 'CREATE INDEX last_login_' . $table_prefix . 'sessions_keys_index ON ' . $table_prefix . 'sessions_keys (last_login)';
-				break;
-		}
-
-	case '.0.18':
-
-		// Add login columns to user table
-		switch (SQL_LAYER)
-		{
-			case 'mysql':
-			case 'mysql4':
-				$sql[] = "ALTER TABLE " . USERS_TABLE . "
-					ADD COLUMN user_login_tries smallint(5) UNSIGNED DEFAULT '0' NOT NULL";
-				$sql[] = "ALTER TABLE " . USERS_TABLE . "
-					ADD COLUMN user_last_login_try int(11) DEFAULT '0' NOT NULL";
-				break;
-
-			case 'postgresql':
-				$sql[] = "ALTER TABLE " . USERS_TABLE . "
-					ADD COLUMN user_login_tries int2";
-				$sql[] = "ALTER TABLE " . USERS_TABLE . "
-					ALTER COLUMN user_login_tries SET DEFAULT '0'";
-				$sql[] = "ALTER TABLE " . USERS_TABLE . "
-					ADD COLUMN user_last_login_try int4";
-				$sql[] = "ALTER TABLE " . USERS_TABLE . "
-					ALTER COLUMN user_last_login_try SET DEFAULT '0'";
-				break;
-
-			case 'mssql-odbc':
-			case 'mssql':
-				$sql[] = "ALTER TABLE " . USERS_TABLE . " ADD
-					user_login_tries smallint NOT NULL,
-					CONSTRAINT [DF_" . $table_prefix . "users_user_login_tries] DEFAULT (0) FOR [user_login_tries]";
-				$sql[] = "ALTER TABLE " . USERS_TABLE . " ADD
-					user_last_login_try int NOT NULL,
-					CONSTRAINT [DF_" . $table_prefix . "users_user_last_login_try] DEFAULT (0) FOR [user_last_login_try]";
-				break;
-
-			case 'msaccess':
-				$sql[] = "ALTER TABLE " . USERS_TABLE . " ADD
-					user_login_tries smallint NOT NULL";
-				$sql[] = "ALTER TABLE " . USERS_TABLE . " ADD
-					user_last_login_try int NOT NULL";
-				break;
-		}
-
-	case '.0.19':
-
-		// Add search time to the search table
-		switch (SQL_LAYER)
-		{
-			case 'mysql':
-			case 'mysql4':
-				$sql[] = "ALTER TABLE " . SEARCH_TABLE . "
-					ADD COLUMN search_time int(11) DEFAULT '0' NOT NULL";
-				break;
-
-			case 'postgresql':
-				$sql[] = "ALTER TABLE " . SEARCH_TABLE . "
-					ADD COLUMN search_time int4";
-				$sql[] = "ALTER TABLE " . SEARCH_TABLE . "
-					ALTER COLUMN search_time SET DEFAULT '0'";
-				break;
-
-			case 'mssql-odbc':
-			case 'mssql':
-				$sql[] = "ALTER TABLE " . SEARCH_TABLE . " ADD
-					search_time int NOT NULL,
-					CONSTRAINT [DF_" . $table_prefix . "search_results_search_time] DEFAULT (0) FOR [search_time]";
-				break;
-
-			case 'msaccess':
-				$sql[] = "ALTER TABLE " . SEARCH_TABLE . " ADD
-					search_time int NOT NULL";
-				break;
-		}
-
-		break;
-
-	case '.0.21':
-
-		// MySQL only change
-		switch (SQL_LAYER)
-		{
-			case 'mysql':
-			case 'mysql4':
-				$sql[] = 'ALTER TABLE ' . SEARCH_TABLE . '
-					MODIFY COLUMN search_array MEDIUMTEXT NOT NULL';
-		}
-
 		break;
 }
 
@@ -873,7 +757,7 @@ switch ($row['config_value'])
 			if (preg_match("#^lang_#i", $file) && !is_file($phpbb_root_path . $dirname . "/" . $file) && !is_link($phpbb_root_path . $dirname . "/" . $file) && file_exists($phpbb_root_path . $dirname . "/" . $file . '/search_stopwords.txt'))
 			{
 
-				$stopword_list = trim(preg_replace('#([\w\.\-_\+\'-\\\]+?)[ \n\r]*?(,|$)#', '\'\1\'\2', str_replace("'", "\'", implode(', ', file($phpbb_root_path . $dirname . "/" . $file . '/search_stopwords.txt')))));
+				$stopword_list = trim(preg_replace('#([\w\.\-_\+\'<EFBFBD><EFBFBD>-<2D>\\\]+?)[ \n\r]*?(,|$)#', '\'\1\'\2', str_replace("'", "\'", implode(', ', file($phpbb_root_path . $dirname . "/" . $file . '/search_stopwords.txt')))));
 
 				$sql = "SELECT word_id 
 					FROM " . SEARCH_WORD_TABLE . " 
@@ -1070,59 +954,14 @@ switch ($row['config_value'])
 		$sql = 'UPDATE ' . USERS_TABLE . ' SET user_allowhtml = 1 WHERE user_id = ' . ANONYMOUS;
 		_sql($sql, $errored, $error_ary);
 
-	case '.0.15':
-	case '.0.16':
-	case '.0.17':
-
-		$sql = 'UPDATE ' . USERS_TABLE . ' SET user_active = 0 WHERE user_id = ' . ANONYMOUS;
-		_sql($sql, $errored, $error_ary);
-
-		$sql = 'INSERT INTO ' . CONFIG_TABLE . " (config_name, config_value)
-			VALUES ('allow_autologin', '1')";
-		_sql($sql, $errored, $error_ary);
-
-		$sql = 'INSERT INTO ' . CONFIG_TABLE . " (config_name, config_value)
-			VALUES ('max_autologin_time', '0')";
-		_sql($sql, $errored, $error_ary);
-		
-	case '.0.18':
-
-		$sql = 'INSERT INTO ' . CONFIG_TABLE . " (config_name, config_value)
-			VALUES ('max_login_attempts', '5')";
-		_sql($sql, $errored, $error_ary);
-
-		$sql = 'INSERT INTO ' . CONFIG_TABLE . " (config_name, config_value)
-			VALUES ('login_reset_time', '30')";
-		_sql($sql, $errored, $error_ary);
-
-	case '.0.19':
-
-		$sql = 'INSERT INTO ' . CONFIG_TABLE . " (config_name, config_value)
-			VALUES ('search_flood_interval', '15')";
-		_sql($sql, $errored, $error_ary);
-
-		$sql = 'INSERT INTO ' . CONFIG_TABLE . " (config_name, config_value)
-			VALUES ('rand_seed', '0')";
-		_sql($sql, $errored, $error_ary);
-
-	case '.0.20':
-
-		$sql = 'INSERT INTO ' . CONFIG_TABLE . " (config_name, config_value)
-			VALUES ('search_min_chars', '3')";
-		_sql($sql, $errored, $error_ary);
-
 		// We reset those having autologin enabled and forcing the re-assignment of a session id
-		// since there have been changes to the way these are handled from previous versions
 		$sql = 'DELETE FROM ' . SESSIONS_TABLE;
 		_sql($sql, $errored, $error_ary);
 
-		$sql = 'DELETE FROM ' . SESSIONS_KEYS_TABLE;
-		_sql($sql, $errored, $error_ary);
-
 		break;
 
 	default:
-		echo " No updates were required</b></p>\n";
+		echo " No updates where required</b></p>\n";
 		break;
 }
 
@@ -1143,7 +982,7 @@ switch (SQL_LAYER)
 {
 	case 'mysql':
 	case 'mysql4':
-		$sql = 'OPTIMIZE TABLE ' . $table_prefix . 'auth_access, ' . $table_prefix . 'banlist, ' . $table_prefix . 'categories, ' . $table_prefix . 'config, ' . $table_prefix . 'disallow, ' . $table_prefix . 'forum_prune, ' . $table_prefix . 'forums, ' . $table_prefix . 'groups, ' . $table_prefix . 'posts, ' . $table_prefix . 'posts_text, ' . $table_prefix . 'privmsgs, ' . $table_prefix . 'privmsgs_text, ' . $table_prefix . 'ranks, ' . $table_prefix . 'search_results, ' . $table_prefix . 'search_wordlist, ' . $table_prefix . 'search_wordmatch, ' . $table_prefix . 'sessions_keys, ' . $table_prefix . 'smilies, ' . $table_prefix . 'themes, ' . $table_prefix . 'themes_name, ' . $table_prefix . 'topics, ' . $table_prefix . 'topics_watch, ' . $table_prefix . 'user_group, ' . $table_prefix . 'users, ' . $table_prefix . 'vote_desc, ' . $table_prefix . 'vote_results, ' . $table_prefix . 'vote_voters, ' . $table_prefix . 'words';
+		$sql = 'OPTIMIZE TABLE ' . $table_prefix . 'auth_access, ' . $table_prefix . 'banlist, ' . $table_prefix . 'categories, ' . $table_prefix . 'config, ' . $table_prefix . 'disallow, ' . $table_prefix . 'forum_prune, ' . $table_prefix . 'forums, ' . $table_prefix . 'groups, ' . $table_prefix . 'posts, ' . $table_prefix . 'posts_text, ' . $table_prefix . 'privmsgs, ' . $table_prefix . 'privmsgs_text, ' . $table_prefix . 'ranks, ' . $table_prefix . 'search_results, ' . $table_prefix . 'search_wordlist, ' . $table_prefix . 'search_wordmatch, ' . $table_prefix . 'smilies, ' . $table_prefix . 'themes, ' . $table_prefix . 'themes_name, ' . $table_prefix . 'topics, ' . $table_prefix . 'topics_watch, ' . $table_prefix . 'user_group, ' . $table_prefix . 'users, ' . $table_prefix . 'vote_desc, ' . $table_prefix . 'vote_results, ' . $table_prefix . 'vote_voters, ' . $table_prefix . 'words';
 		_sql($sql, $errored, $error_ary);
 		break;
 

phpBB/language/lang_english/email/group_request.tpl

@@ -3,7 +3,7 @@ Charset: iso-8859-1
 
 Dear {GROUP_MODERATOR},
 
-A user has requested to join a group you moderate on {SITENAME}.
+A user has requested to join a group you moderator on {SITENAME}.
 To approve or deny this request for group membership please visit the following link:
 
 {U_GROUPCP}

phpBB/language/lang_english/email/topic_notify.tpl

@@ -1,7 +1,7 @@
 Subject: Topic Reply Notification - {TOPIC_TITLE}
 Charset: iso-8859-1
 
-Hello,
+Hello {USERNAME},
 
 You are receiving this email because you are watching the topic, "{TOPIC_TITLE}" at {SITENAME}. This topic has received a reply since your last visit. You can use the following link to view the replies made, no more notifications will be sent until you visit the topic.
 

phpBB/language/lang_english/email/user_activate_passwd.tpl

@@ -9,7 +9,7 @@ To use the new password you need to activate it. To do this click the link provi
 
 {U_ACTIVATE}
 
-If successful you will be able to login using the following password:
+If sucessful you will be able to login using the following password:
 
 Password: {PASSWORD}
 

phpBB/language/lang_english/lang_admin.php

@@ -216,7 +216,7 @@ $lang['Ban_IP_explain'] = 'To specify several different IP addresses or hostname
 $lang['Ban_email'] = 'Ban one or more email addresses';
 $lang['Ban_email_explain'] = 'To specify more than one email address, separate them with commas. To specify a wildcard username, use * like *@hotmail.com';
 
-$lang['Unban_username'] = 'Un-ban one or more specific users';
+$lang['Unban_username'] = 'Un-ban one more specific users';
 $lang['Unban_username_explain'] = 'You can unban multiple users in one go using the appropriate combination of mouse and keyboard for your computer and browser';
 
 $lang['Unban_IP'] = 'Un-ban one or more IP addresses';
@@ -335,16 +335,6 @@ $lang['Session_length'] = 'Session length [ seconds ]';
 $lang['Visual_confirm'] = 'Enable Visual Confirmation';
 $lang['Visual_confirm_explain'] = 'Requires users enter a code defined by an image when registering.';
 
-// Autologin Keys - added 2.0.18
-$lang['Allow_autologin'] = 'Allow automatic logins';
-$lang['Allow_autologin_explain'] = 'Determines whether users are allowed to select to be automatically logged in when visiting the forum';
-$lang['Autologin_time'] = 'Automatic login key expiry';
-$lang['Autologin_time_explain'] = 'How long a autologin key is valid for in days if the user does not visit the board. Set to zero to disable expiry.';
-
-// Search Flood Control - added 2.0.20
-$lang['Search_Flood_Interval'] = 'Search Flood Interval';
-$lang['Search_Flood_Interval_explain'] = 'Number of seconds a user must wait between search requests'; 
-
 //
 // Forum Management
 //
@@ -429,7 +419,6 @@ $lang['smiley_import_success'] = 'The Smiley Pack was imported successfully!';
 $lang['smiley_del_success'] = 'The Smiley was successfully removed';
 $lang['Click_return_smileadmin'] = 'Click %sHere%s to return to Smiley Administration';
 
-$lang['Confirm_delete_smiley'] = 'Are you sure you want to delete this Smiley?';
 
 //
 // User Management
@@ -523,8 +512,6 @@ $lang['Word_removed'] = 'The selected word censor has been successfully removed'
 
 $lang['Click_return_wordadmin'] = 'Click %sHere%s to return to Word Censor Administration';
 
-$lang['Confirm_delete_word'] = 'Are you sure you want to delete this word censor?';
-
 
 //
 // Mass Email
@@ -564,7 +551,6 @@ $lang['No_update_ranks'] = 'The rank was successfully deleted. However, user acc
 
 $lang['Click_return_rankadmin'] = 'Click %sHere%s to return to Rank Administration';
 
-$lang['Confirm_delete_rank'] = 'Are you sure you want to delete this rank?';
 
 //
 // Disallow Username Admin
@@ -574,7 +560,7 @@ $lang['Disallow_explain'] = 'Here you can control usernames which will not be al
 
 $lang['Delete_disallow'] = 'Delete';
 $lang['Delete_disallow_title'] = 'Remove a Disallowed Username';
-$lang['Delete_disallow_explain'] = 'You can remove a disallowed username by selecting the username from this list and clicking delete';
+$lang['Delete_disallow_explain'] = 'You can remove a disallowed username by selecting the username from this list and clicking submit';
 
 $lang['Add_disallow'] = 'Add';
 $lang['Add_disallow_title'] = 'Add a disallowed username';
@@ -635,7 +621,6 @@ $lang['Value'] = 'Value';
 $lang['Save_Settings'] = 'Save Settings';
 
 $lang['Stylesheet'] = 'CSS Stylesheet';
-$lang['Stylesheet_explain'] = 'Filename for CSS stylesheet to use for this theme.';
 $lang['Background_image'] = 'Background Image';
 $lang['Background_color'] = 'Background Colour';
 $lang['Theme_name'] = 'Theme Name';
@@ -751,14 +736,6 @@ $lang['Socket_functions_disabled'] = 'Unable to use socket functions.';
 $lang['Mailing_list_subscribe_reminder'] = 'For the latest information on updates to phpBB, why not <a href="http://www.phpbb.com/support/" target="_new">subscribe to our mailing list</a>.';
 $lang['Version_information'] = 'Version Information';
 
-//
-// Login attempts configuration
-//
-$lang['Max_login_attempts'] = 'Allowed login attempts';
-$lang['Max_login_attempts_explain'] = 'The number of allowed board login attempts.';
-$lang['Login_reset_time'] = 'Login lock time';
-$lang['Login_reset_time_explain'] = 'Time in minutes the user have to wait until he is allowed to login again after exceeding the number of allowed login attempts.';
-
 //
 // That's all Folks!
 // -------------------------------------------------

phpBB/language/lang_english/lang_main.php

@@ -274,6 +274,7 @@ $lang['Oldest_First'] = 'Oldest First';
 $lang['Back_to_top'] = 'Back to top';
 
 $lang['Read_profile'] = 'View user\'s profile'; 
+$lang['Send_email'] = 'Send e-mail to user';
 $lang['Visit_website'] = 'Visit poster\'s website';
 $lang['ICQ_status'] = 'ICQ Status';
 $lang['Edit_delete_post'] = 'Edit/Delete this post';
@@ -366,6 +367,7 @@ $lang['Smilies_are_OFF'] = 'Smilies are <u>OFF</u>';
 
 $lang['Attach_signature'] = 'Attach signature (signatures can be changed in profile)';
 $lang['Notify'] = 'Notify me when a reply is posted';
+$lang['Delete_post'] = 'Delete this post';
 
 $lang['Stored'] = 'Your message has been entered successfully.';
 $lang['Deleted'] = 'Your message has been deleted successfully.';
@@ -525,8 +527,10 @@ $lang['Website'] = 'Website';
 $lang['Location'] = 'Location';
 $lang['Contact'] = 'Contact';
 $lang['Email_address'] = 'E-mail address';
+$lang['Email'] = 'E-mail';
 $lang['Send_private_message'] = 'Send private message';
 $lang['Hidden_email'] = '[ Hidden ]';
+$lang['Search_user_posts'] = 'Search for posts by this user';
 $lang['Interests'] = 'Interests';
 $lang['Occupation'] = 'Occupation'; 
 $lang['Poster_rank'] = 'Poster rank';
@@ -600,6 +604,7 @@ $lang['Profile_updated_inactive'] = 'Your profile has been updated. However, you
 $lang['Password_mismatch'] = 'The passwords you entered did not match.';
 $lang['Current_password_mismatch'] = 'The current password you supplied does not match that stored in the database.';
 $lang['Password_long'] = 'Your password must be no more than 32 characters.';
+$lang['Too_many_registers'] = 'You have made too many registration attempts. Please try again later.';
 $lang['Username_taken'] = 'Sorry, but this username has already been taken.';
 $lang['Username_invalid'] = 'Sorry, but this username contains an invalid character such as \'.';
 $lang['Username_disallowed'] = 'Sorry, but this username has been disallowed.';
@@ -784,7 +789,6 @@ $lang['No_searchable_forums'] = 'You do not have permissions to search any forum
 $lang['No_search_match'] = 'No topics or posts met your search criteria';
 $lang['Found_search_match'] = 'Search found %d match'; // eg. Search found 1 match
 $lang['Found_search_matches'] = 'Search found %d matches'; // eg. Search found 24 matches
-$lang['Search_Flood_Error'] = 'You cannot make another search so soon after your last; please try again in a short while.';
 
 $lang['Close_window'] = 'Close Window';
 
@@ -1015,10 +1019,6 @@ $lang['An_error_occured'] = 'An Error Occurred';
 $lang['A_critical_error'] = 'A Critical Error Occurred';
 
 $lang['Admin_reauthenticate'] = 'To administer the board you must re-authenticate yourself.';
-$lang['Login_attempts_exceeded'] = 'The maximum number of %s login attempts has been exceeded. You are not allowed to login for the next %s minutes.';
-$lang['Please_remove_install_contrib'] = 'Please ensure both the install/ and contrib/ directories are deleted';
-
-$lang['Session_invalid'] = 'Invalid Session. Please resubmit the form.';
 
 //
 // That's all, Folks!

phpBB/login.php

@@ -57,7 +57,7 @@ if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($
 		$username = isset($HTTP_POST_VARS['username']) ? phpbb_clean_username($HTTP_POST_VARS['username']) : '';
 		$password = isset($HTTP_POST_VARS['password']) ? $HTTP_POST_VARS['password'] : '';
 
-		$sql = "SELECT user_id, username, user_password, user_active, user_level, user_login_tries, user_last_login_try
+		$sql = "SELECT user_id, username, user_password, user_active, user_level
 			FROM " . USERS_TABLE . "
 			WHERE username = '" . str_replace("\\'", "''", $username) . "'";
 		if ( !($result = $db->sql_query($sql)) )
@@ -73,20 +73,6 @@ if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($
 			}
 			else
 			{
-				// If the last login is more than x minutes ago, then reset the login tries/time
-				if ($row['user_last_login_try'] && $board_config['login_reset_time'] && $row['user_last_login_try'] < (time() - ($board_config['login_reset_time'] * 60)))
-				{
-					$db->sql_query('UPDATE ' . USERS_TABLE . ' SET user_login_tries = 0, user_last_login_try = 0 WHERE user_id = ' . $row['user_id']);
-					$row['user_last_login_try'] = $row['user_login_tries'] = 0;
-				}
-				
-				// Check to see if user is allowed to login again... if his tries are exceeded
-				if ($row['user_last_login_try'] && $board_config['login_reset_time'] && $board_config['max_login_attempts'] && 
-					$row['user_last_login_try'] >= (time() - ($board_config['login_reset_time'] * 60)) && $row['user_login_tries'] >= $board_config['max_login_attempts'] && $userdata['user_level'] != ADMIN)
-				{
-					message_die(GENERAL_MESSAGE, sprintf($lang['Login_attempts_exceeded'], $board_config['max_login_attempts'], $board_config['login_reset_time']));
-				}
-
 				if( md5($password) == $row['user_password'] && $row['user_active'] )
 				{
 					$autologin = ( isset($HTTP_POST_VARS['autologin']) ) ? TRUE : 0;
@@ -94,9 +80,6 @@ if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($
 					$admin = (isset($HTTP_POST_VARS['admin'])) ? 1 : 0;
 					$session_id = session_begin($row['user_id'], $user_ip, PAGE_INDEX, FALSE, $autologin, $admin);
 
-					// Reset login tries
-					$db->sql_query('UPDATE ' . USERS_TABLE . ' SET user_login_tries = 0, user_last_login_try = 0 WHERE user_id = ' . $row['user_id']);
-
 					if( $session_id )
 					{
 						$url = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&amp;', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : "index.$phpEx";
@@ -107,34 +90,24 @@ if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($
 						message_die(CRITICAL_ERROR, "Couldn't start session : login", "", __LINE__, __FILE__);
 					}
 				}
-				// Only store a failed login attempt for an active user - inactive users can't login even with a correct password
-				elseif( $row['user_active'] )
+				else
 				{
-					// Save login tries and last login
-					if ($row['user_id'] != ANONYMOUS)
+					$redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&amp;', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : '';
+					$redirect = str_replace('?', '&', $redirect);
+
+					if (strstr(urldecode($redirect), "\n") || strstr(urldecode($redirect), "\r"))
 					{
-						$sql = 'UPDATE ' . USERS_TABLE . '
-							SET user_login_tries = user_login_tries + 1, user_last_login_try = ' . time() . '
-							WHERE user_id = ' . $row['user_id'];
-						$db->sql_query($sql);
+						message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.');
 					}
+
+					$template->assign_vars(array(
+						'META' => "<meta http-equiv=\"refresh\" content=\"3;url=login.$phpEx?redirect=$redirect\">")
+					);
+
+					$message = $lang['Error_login'] . '<br /><br />' . sprintf($lang['Click_return_login'], "<a href=\"login.$phpEx?redirect=$redirect\">", '</a>') . '<br /><br />' .  sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
+
+					message_die(GENERAL_MESSAGE, $message);
 				}
-
-				$redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&amp;', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : '';
-				$redirect = str_replace('?', '&', $redirect);
-
-				if (strstr(urldecode($redirect), "\n") || strstr(urldecode($redirect), "\r") || strstr(urldecode($redirect), ';url'))
-				{
-					message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.');
-				}
-
-				$template->assign_vars(array(
-					'META' => "<meta http-equiv=\"refresh\" content=\"3;url=login.$phpEx?redirect=$redirect\">")
-				);
-
-				$message = $lang['Error_login'] . '<br /><br />' . sprintf($lang['Click_return_login'], "<a href=\"login.$phpEx?redirect=$redirect\">", '</a>') . '<br /><br />' .  sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
-
-				message_die(GENERAL_MESSAGE, $message);
 			}
 		}
 		else
@@ -142,7 +115,7 @@ if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($
 			$redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&amp;', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : "";
 			$redirect = str_replace("?", "&", $redirect);
 
-			if (strstr(urldecode($redirect), "\n") || strstr(urldecode($redirect), "\r") || strstr(urldecode($redirect), ';url'))
+			if (strstr(urldecode($redirect), "\n") || strstr(urldecode($redirect), "\r"))
 			{
 				message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.');
 			}
@@ -158,12 +131,6 @@ if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($
 	}
 	else if( ( isset($HTTP_GET_VARS['logout']) || isset($HTTP_POST_VARS['logout']) ) && $userdata['session_logged_in'] )
 	{
-		// session id check
-		if ($sid == '' || $sid != $userdata['session_id'])
-		{
-			message_die(GENERAL_ERROR, 'Invalid_session');
-		}
-
 		if( $userdata['session_logged_in'] )
 		{
 			session_end($userdata['session_id'], $userdata['user_id']);
@@ -201,8 +168,6 @@ else
 			'body' => 'login_body.tpl')
 		);
 
-		$forward_page = '';
-
 		if( isset($HTTP_POST_VARS['redirect']) || isset($HTTP_GET_VARS['redirect']) )
 		{
 			$forward_to = $HTTP_SERVER_VARS['QUERY_STRING'];
@@ -214,6 +179,8 @@ else
 
 				if(count($forward_match) > 1)
 				{
+					$forward_page = '';
+
 					for($i = 1; $i < count($forward_match); $i++)
 					{
 						if( !ereg("sid=", $forward_match[$i]) )
@@ -233,13 +200,17 @@ else
 				}
 			}
 		}
+		else
+		{
+			$forward_page = '';
+		}
 
 		$username = ( $userdata['user_id'] != ANONYMOUS ) ? $userdata['username'] : '';
 
 		$s_hidden_fields = '<input type="hidden" name="redirect" value="' . $forward_page . '" />';
 		$s_hidden_fields .= (isset($HTTP_GET_VARS['admin'])) ? '<input type="hidden" name="admin" value="1" />' : '';
 
-		make_jumpbox('viewforum.'.$phpEx);
+		make_jumpbox('viewforum.'.$phpEx, $forum_id);
 		$template->assign_vars(array(
 			'USERNAME' => $username,
 

phpBB/memberlist.php

@@ -34,7 +34,6 @@ init_userprefs($userdata);
 //
 
 $start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0;
-$start = ($start < 0) ? 0 : $start;
 
 if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
 {
@@ -62,7 +61,7 @@ else
 // Memberlist sorting
 //
 $mode_types_text = array($lang['Sort_Joined'], $lang['Sort_Username'], $lang['Sort_Location'], $lang['Sort_Posts'], $lang['Sort_Email'],  $lang['Sort_Website'], $lang['Sort_Top_Ten']);
-$mode_types = array('joined', 'username', 'location', 'posts', 'email', 'website', 'topten');
+$mode_types = array('joindate', 'username', 'location', 'posts', 'email', 'website', 'topten');
 
 $select_sort_mode = '<select name="mode">';
 for($i = 0; $i < count($mode_types_text); $i++)
@@ -229,8 +228,8 @@ if ( $row = $db->sql_fetchrow($result) )
 		$yim = ( $row['user_yim'] ) ? '<a href="http://edit.yahoo.com/config/send_webmesg?.target=' . $row['user_yim'] . '&amp;.src=pg">' . $lang['YIM'] . '</a>' : '';
 
 		$temp_url = append_sid("search.$phpEx?search_author=" . urlencode($username) . "&amp;showresults=posts");
-		$search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . sprintf($lang['Search_user_posts'], $username) . '" title="' . sprintf($lang['Search_user_posts'], $username) . '" border="0" /></a>';
-		$search = '<a href="' . $temp_url . '">' . sprintf($lang['Search_user_posts'], $username) . '</a>';
+		$search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . $lang['Search_user_posts'] . '" title="' . $lang['Search_user_posts'] . '" border="0" /></a>';
+		$search = '<a href="' . $temp_url . '">' . $lang['Search_user_posts'] . '</a>';
 
 		$row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
 		$row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];

phpBB/modcp.php

@@ -71,7 +71,6 @@ $confirm = ( $HTTP_POST_VARS['confirm'] ) ? TRUE : 0;
 // Continue var definitions
 //
 $start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0;
-$start = ($start < 0) ? 0 : $start;
 
 $delete = ( isset($HTTP_POST_VARS['delete']) ) ? TRUE : FALSE;
 $move = ( isset($HTTP_POST_VARS['move']) ) ? TRUE : FALSE;
@@ -223,7 +222,7 @@ switch( $mode )
 	case 'delete':
 		if (!$is_auth['auth_delete'])
 		{
-			message_die(GENERAL_MESSAGE, sprintf($lang['Sorry_auth_delete'], $is_auth['auth_delete_type']));
+			message_die(MESSAGE, sprintf($lang['Sorry_auth_delete'], $is_auth['auth_delete_type']));
 		}
 
 		$page_title = $lang['Mod_CP'];
@@ -231,11 +230,6 @@ switch( $mode )
 
 		if ( $confirm )
 		{
-  			if ( empty($HTTP_POST_VARS['topic_id_list']) && empty($topic_id) )
-			{
-				message_die(GENERAL_MESSAGE, $lang['None_selected']);
-			}
-
 			include($phpbb_root_path . 'includes/functions_search.'.$phpEx);
 
 			$topics = ( isset($HTTP_POST_VARS['topic_id_list']) ) ? $HTTP_POST_VARS['topic_id_list'] : array($topic_id);
@@ -262,11 +256,6 @@ switch( $mode )
 			}
 			$db->sql_freeresult($result);
 
-			if ( $topic_id_sql == '')
-			{
-				message_die(GENERAL_MESSAGE, $lang['None_selected']);
-			}
-
 			$sql = "SELECT poster_id, COUNT(post_id) AS posts 
 				FROM " . POSTS_TABLE . " 
 				WHERE topic_id IN ($topic_id_sql) 
@@ -748,11 +737,6 @@ switch( $mode )
 			}
 			$db->sql_freeresult($result);
 
-			if ($post_id_sql == '')
-			{
-				message_die(GENERAL_MESSAGE, $lang['None_selected']);
-			}
-
 			$sql = "SELECT post_id, poster_id, topic_id, post_time
 				FROM " . POSTS_TABLE . "
 				WHERE post_id IN ($post_id_sql) 
@@ -1003,7 +987,7 @@ switch( $mode )
 		}
 
 		$ip_this_post = decode_ip($post_row['poster_ip']);
-		$ip_this_post = ( $rdns_ip_num == $ip_this_post ) ? htmlspecialchars(gethostbyaddr($ip_this_post)) : $ip_this_post;
+		$ip_this_post = ( $rdns_ip_num == $ip_this_post ) ? gethostbyaddr($ip_this_post) : $ip_this_post;
 
 		$poster_id = $post_row['poster_id'];
 
@@ -1049,7 +1033,7 @@ switch( $mode )
 				}
 
 				$ip = decode_ip($row['poster_ip']);
-				$ip = ( $rdns_ip_num == $row['poster_ip'] || $rdns_ip_num == 'all') ? htmlspecialchars(gethostbyaddr($ip)) : $ip;
+				$ip = ( $rdns_ip_num == $row['poster_ip'] || $rdns_ip_num == 'all') ? gethostbyaddr($ip) : $ip;
 
 				$row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
 				$row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
@@ -1101,7 +1085,7 @@ switch( $mode )
 					'L_SEARCH_POSTS' => sprintf($lang['Search_user_posts'], $username), 
 
 					'U_PROFILE' => ($id == ANONYMOUS) ? "modcp.$phpEx?mode=ip&amp;" . POST_POST_URL . "=" . $post_id . "&amp;" . POST_TOPIC_URL . "=" . $topic_id . "&amp;sid=" . $userdata['session_id'] : append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=$id"),
-					'U_SEARCHPOSTS' => append_sid("search.$phpEx?search_author=" . (($id == ANONYMOUS) ? 'Anonymous' : urlencode($username)) . "&amp;showresults=topics"))
+					'U_SEARCHPOSTS' => append_sid("search.$phpEx?search_author=" . urlencode($username) . "&amp;showresults=topics"))
 				);
 
 				$i++; 

phpBB/posting.php

@@ -44,7 +44,6 @@ while( list($var, $param) = @each($params) )
 }
 
 $confirm = isset($HTTP_POST_VARS['confirm']) ? true : false;
-$sid = (isset($HTTP_POST_VARS['sid'])) ? $HTTP_POST_VARS['sid'] : 0;
 
 $params = array('forum_id' => POST_FORUM_URL, 'topic_id' => POST_TOPIC_URL, 'post_id' => POST_POST_URL);
 while( list($var, $param) = @each($params) )
@@ -60,13 +59,11 @@ while( list($var, $param) = @each($params) )
 }
 
 $refresh = $preview || $poll_add || $poll_edit || $poll_delete;
-$orig_word = $replacement_word = array();
 
 //
 // Set topic type
 //
 $topic_type = ( !empty($HTTP_POST_VARS['topictype']) ) ? intval($HTTP_POST_VARS['topictype']) : POST_NORMAL;
-$topic_type = ( in_array($topic_type, array(POST_NORMAL, POST_STICKY, POST_ANNOUNCE)) ) ? $topic_type : POST_NORMAL;
 
 //
 // If the mode is set to topic review then output
@@ -192,7 +189,7 @@ switch ( $mode )
 			message_die(GENERAL_MESSAGE, $lang['No_topic_id']);
 		}
 
-		$sql = "SELECT f.*, t.topic_status, t.topic_title, t.topic_type  
+		$sql = "SELECT f.*, t.topic_status, t.topic_title  
 			FROM " . FORUMS_TABLE . " f, " . TOPICS_TABLE . " t
 			WHERE t.topic_id = $topic_id
 				AND f.forum_id = t.forum_id";
@@ -207,7 +204,7 @@ switch ( $mode )
 			message_die(GENERAL_MESSAGE, $lang['No_post_id']);
 		}
 
-		$select_sql = (!$submit) ? ', t.topic_title, p.enable_bbcode, p.enable_html, p.enable_smilies, p.enable_sig, p.post_username, pt.post_subject, pt.post_text, pt.bbcode_uid, u.username, u.user_id, u.user_sig, u.user_sig_bbcode_uid' : '';
+		$select_sql = ( !$submit ) ? ", t.topic_title, p.enable_bbcode, p.enable_html, p.enable_smilies, p.enable_sig, p.post_username, pt.post_subject, pt.post_text, pt.bbcode_uid, u.username, u.user_id, u.user_sig" : '';
 		$from_sql = ( !$submit ) ? ", " . POSTS_TEXT_TABLE . " pt, " . USERS_TABLE . " u" : '';
 		$where_sql = ( !$submit ) ? "AND pt.post_id = p.post_id AND u.user_id = p.poster_id" : '';
 
@@ -223,8 +220,9 @@ switch ( $mode )
 		message_die(GENERAL_MESSAGE, $lang['No_valid_mode']);
 }
 
-if ( ($result = $db->sql_query($sql)) && ($post_info = $db->sql_fetchrow($result)) )
+if ( $result = $db->sql_query($sql) )
 {
+	$post_info = $db->sql_fetchrow($result);
 	$db->sql_freeresult($result);
 
 	$forum_id = $post_info['forum_id'];
@@ -314,20 +312,12 @@ if ( ($result = $db->sql_query($sql)) && ($post_info = $db->sql_fetchrow($result
 		{
 			$topic_id = $post_info['topic_id'];
 		}
-		if ( $mode == 'newtopic' )
-		{
-			$post_data['topic_type'] = POST_NORMAL;
-		}
 
 		$post_data['first_post'] = ( $mode == 'newtopic' ) ? true : 0;
 		$post_data['last_post'] = false;
 		$post_data['has_poll'] = false;
 		$post_data['edit_poll'] = false;
 	}
-	if ( $mode == 'poll_delete' && !isset($poll_id) )
-	{
-		message_die(GENERAL_MESSAGE, $lang['No_such_post']);
-	}
 }
 else
 {
@@ -431,7 +421,6 @@ if ( ( $delete || $poll_delete || $mode == 'delete' ) && !$confirm )
 	//
 	$s_hidden_fields = '<input type="hidden" name="' . POST_POST_URL . '" value="' . $post_id . '" />';
 	$s_hidden_fields .= ( $delete || $mode == "delete" ) ? '<input type="hidden" name="mode" value="delete" />' : '<input type="hidden" name="mode" value="poll_delete" />';
-	$s_hidden_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />';
 
 	$l_confirm = ( $delete || $mode == 'delete' ) ? $lang['Confirm_delete'] : $lang['Confirm_delete_poll'];
 
@@ -543,12 +532,6 @@ else if ( $submit || $confirm )
 	$return_message = '';
 	$return_meta = '';
 
-	// session id check
-	if ($sid == '' || $sid != $userdata['session_id'])
-	{
-		$error_msg .= (!empty($error_msg)) ? '<br />' . $lang['Session_invalid'] : $lang['Session_invalid'];
-	}
-
 	switch ( $mode )
 	{
 		case 'editpost':
@@ -574,11 +557,6 @@ else if ( $submit || $confirm )
 
 		case 'delete':
 		case 'poll_delete':
-			if ($error_msg != '')
-			{
-				message_die(GENERAL_MESSAGE, $error_msg);
-			}
-
 			delete_post($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id, $poll_id);
 			break;
 	}
@@ -639,7 +617,7 @@ if( $refresh || isset($HTTP_POST_VARS['del_poll_option']) || $error_msg != '' )
 			}
 			else if ( !empty($option_text) ) 
 			{
-				$poll_options[intval($option_id)] = htmlspecialchars(trim(stripslashes($option_text)));
+				$poll_options[$option_id] = htmlspecialchars(trim(stripslashes($option_text)));
 			}
 		}
 	}
@@ -656,7 +634,6 @@ if( $refresh || isset($HTTP_POST_VARS['del_poll_option']) || $error_msg != '' )
 	else if ( $mode == 'editpost' )
 	{
 		$user_sig = ( $post_info['user_sig'] != '' && $board_config['allow_sig'] ) ? $post_info['user_sig'] : '';
-		$userdata['user_sig_bbcode_uid'] = $post_info['user_sig_bbcode_uid'];
 	}
 	
 	if( $preview )
@@ -941,7 +918,6 @@ if ( $mode == 'newtopic' || ( $mode == 'editpost' && $post_data['first_post'] )
 }
 
 $hidden_form_fields = '<input type="hidden" name="mode" value="' . $mode . '" />';
-$hidden_form_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />';
 
 switch( $mode )
 {

phpBB/privmsg.php

@@ -35,8 +35,8 @@ if ( !empty($board_config['privmsg_disable']) )
 	message_die(GENERAL_MESSAGE, 'PM_disabled');
 }
 
-$html_entities_match = array('#&(?!(\#[0-9]+;))#', '#<#', '#>#', '#"#');
-$html_entities_replace = array('&amp;', '&lt;', '&gt;', '&quot;');
+$html_entities_match = array('#&(?!(\#[0-9]+;))#', '#<#', '#>#');
+$html_entities_replace = array('&amp;', '&lt;', '&gt;');
 
 //
 // Parameters
@@ -50,7 +50,6 @@ $confirm = ( isset($HTTP_POST_VARS['confirm']) ) ? TRUE : 0;
 $delete = ( isset($HTTP_POST_VARS['delete']) ) ? TRUE : 0;
 $delete_all = ( isset($HTTP_POST_VARS['deleteall']) ) ? TRUE : 0;
 $save = ( isset($HTTP_POST_VARS['save']) ) ? TRUE : 0;
-$sid = (isset($HTTP_POST_VARS['sid'])) ? $HTTP_POST_VARS['sid'] : 0;
 
 $refresh = $preview || $submit_search;
 
@@ -102,7 +101,6 @@ else
 }
 
 $start = ( !empty($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0;
-$start = ($start < 0) ? 0 : $start;
 
 if ( isset($HTTP_POST_VARS[POST_POST_URL]) || isset($HTTP_GET_VARS[POST_POST_URL]) )
 {
@@ -297,7 +295,7 @@ else if ( $mode == 'read' )
 
 		if ( $sent_info = $db->sql_fetchrow($result) )
 		{
-			if ($board_config['max_sentbox_privmsgs'] && $sent_info['sent_items'] >= $board_config['max_sentbox_privmsgs'])
+			if ( $sent_info['sent_items'] >= $board_config['max_sentbox_privmsgs'] )
 			{
 				$sql = "SELECT privmsgs_id FROM " . PRIVMSGS_TABLE . " 
 					WHERE privmsgs_type = " . PRIVMSGS_SENT_MAIL . " 
@@ -539,8 +537,8 @@ else if ( $mode == 'read' )
 	$yim = ( $privmsg['user_yim'] ) ? '<a href="http://edit.yahoo.com/config/send_webmesg?.target=' . $privmsg['user_yim'] . '&amp;.src=pg">' . $lang['YIM'] . '</a>' : '';
 
 	$temp_url = append_sid("search.$phpEx?search_author=" . urlencode($username_from) . "&amp;showresults=posts");
-	$search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . sprintf($lang['Search_user_posts'], $username_from) . '" title="' . sprintf($lang['Search_user_posts'], $username_from) . '" border="0" /></a>';
-	$search = '<a href="' . $temp_url . '">' . sprintf($lang['Search_user_posts'], $username_from) . '</a>';
+	$search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . $lang['Search_user_posts'] . '" title="' . $lang['Search_user_posts'] . '" border="0" /></a>';
+	$search = '<a href="' . $temp_url . '">' . $lang['Search_user_posts'] . '</a>';
 
 	//
 	// Processing of post
@@ -668,7 +666,6 @@ else if ( ( $delete && $mark_list ) || $delete_all )
 	{
 		$s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" />';
 		$s_hidden_fields .= ( isset($HTTP_POST_VARS['delete']) ) ? '<input type="hidden" name="delete" value="true" />' : '<input type="hidden" name="deleteall" value="true" />';
-		$s_hidden_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />';
 
 		for($i = 0; $i < count($mark_list); $i++)
 		{
@@ -699,59 +696,49 @@ else if ( ( $delete && $mark_list ) || $delete_all )
 		include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
 
 	}
-	else if ($confirm && $sid === $userdata['session_id'])
+	else if ( $confirm )
 	{
-		$delete_sql_id = '';
-
-		if (!$delete_all)
+		if ( $delete_all )
 		{
-			for ($i = 0; $i < count($mark_list); $i++)
+			switch($folder)
 			{
-				$delete_sql_id .= (($delete_sql_id != '') ? ', ' : '') . intval($mark_list[$i]);
+				case 'inbox':
+					$delete_type = "privmsgs_to_userid = " . $userdata['user_id'] . " AND (
+					privmsgs_type = " . PRIVMSGS_READ_MAIL . " OR privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
+					break;
+
+				case 'outbox':
+					$delete_type = "privmsgs_from_userid = " . $userdata['user_id'] . " AND ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
+					break;
+
+				case 'sentbox':
+					$delete_type = "privmsgs_from_userid = " . $userdata['user_id'] . " AND privmsgs_type = " . PRIVMSGS_SENT_MAIL;
+					break;
+
+				case 'savebox':
+					$delete_type = "( ( privmsgs_from_userid = " . $userdata['user_id'] . " 
+						AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " ) 
+					OR ( privmsgs_to_userid = " . $userdata['user_id'] . " 
+						AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " ) )";
+					break;
 			}
-			$delete_sql_id = "AND privmsgs_id IN ($delete_sql_id)";
+
+			$sql = "SELECT privmsgs_id
+				FROM " . PRIVMSGS_TABLE . "
+				WHERE $delete_type";
+			if ( !($result = $db->sql_query($sql)) )
+			{
+				message_die(GENERAL_ERROR, 'Could not obtain id list to delete all messages', '', __LINE__, __FILE__, $sql);
+			}
+
+			while ( $row = $db->sql_fetchrow($result) )
+			{
+				$mark_list[] = $row['privmsgs_id'];
+			}
+
+			unset($delete_type);
 		}
 
-		switch($folder)
-		{
-			case 'inbox':
-				$delete_type = "privmsgs_to_userid = " . $userdata['user_id'] . " AND (
-				privmsgs_type = " . PRIVMSGS_READ_MAIL . " OR privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
-				break;
-
-			case 'outbox':
-				$delete_type = "privmsgs_from_userid = " . $userdata['user_id'] . " AND ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
-				break;
-
-			case 'sentbox':
-				$delete_type = "privmsgs_from_userid = " . $userdata['user_id'] . " AND privmsgs_type = " . PRIVMSGS_SENT_MAIL;
-				break;
-
-			case 'savebox':
-				$delete_type = "( ( privmsgs_from_userid = " . $userdata['user_id'] . " 
-					AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " ) 
-				OR ( privmsgs_to_userid = " . $userdata['user_id'] . " 
-					AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " ) )";
-				break;
-		}
-
-		$sql = "SELECT privmsgs_id
-			FROM " . PRIVMSGS_TABLE . "
-			WHERE $delete_type $delete_sql_id";
-
-		if ( !($result = $db->sql_query($sql)) )
-		{
-			message_die(GENERAL_ERROR, 'Could not obtain id list to delete messages', '', __LINE__, __FILE__, $sql);
-		}
-
-		$mark_list = array();
-		while ( $row = $db->sql_fetchrow($result) )
-		{
-			$mark_list[] = $row['privmsgs_id'];
-		}
-
-		unset($delete_type);
-
 		if ( count($mark_list) )
 		{
 			$delete_sql_id = '';
@@ -914,7 +901,7 @@ else if ( $save && $mark_list && $folder != 'savebox' && $folder != 'outbox' )
 
 		if ( $saved_info = $db->sql_fetchrow($result) )
 		{
-			if ($board_config['max_savebox_privmsgs'] && $saved_info['savebox_items'] >= $board_config['max_savebox_privmsgs'] )
+			if ( $saved_info['savebox_items'] >= $board_config['max_savebox_privmsgs'] )
 			{
 				$sql = "SELECT privmsgs_id FROM " . PRIVMSGS_TABLE . " 
 					WHERE ( ( privmsgs_to_userid = " . $userdata['user_id'] . " 
@@ -1141,36 +1128,8 @@ else if ( $submit || $refresh || $mode != '' )
 		//
 	}
 
-	if ($submit && $mode == 'edit')
-	{
-		$sql = 'SELECT privmsgs_from_userid
-			FROM ' . PRIVMSGS_TABLE . '
-			WHERE privmsgs_id = ' . (int) $privmsg_id . '
-				AND privmsgs_from_userid = ' . $userdata['user_id'];
-
-		if (!($result = $db->sql_query($sql)))
-		{
-			message_die(GENERAL_ERROR, "Could not obtain message details", "", __LINE__, __FILE__, $sql);
-		}
-
-		if (!($row = $db->sql_fetchrow($result)))
-		{
-			message_die(GENERAL_MESSAGE, $lang['No_such_post']);
-		}
-		$db->sql_freeresult($result);
-
-		unset($row);
-	}
-
 	if ( $submit )
 	{
-		// session id check
-		if ($sid == '' || $sid != $userdata['session_id'])
-		{
-			$error = true;
-			$error_msg .= ( ( !empty($error_msg) ) ? '<br />' : '' ) . $lang['Session_invalid'];
-		}
-
 		if ( !empty($HTTP_POST_VARS['username']) )
 		{
 			$to_username = phpbb_clean_username($HTTP_POST_VARS['username']);
@@ -1185,11 +1144,7 @@ else if ( $submit || $refresh || $mode != '' )
 				$error_msg = $lang['No_such_user'];
 			}
 
-			if (!($to_userdata = $db->sql_fetchrow($result)))
-			{
-				$error = TRUE;
-				$error_msg = $lang['No_such_user'];
-			}
+			$to_userdata = $db->sql_fetchrow($result);
 		}
 		else
 		{
@@ -1197,7 +1152,7 @@ else if ( $submit || $refresh || $mode != '' )
 			$error_msg .= ( ( !empty($error_msg) ) ? '<br />' : '' ) . $lang['No_to_user'];
 		}
 
-		$privmsg_subject = trim(htmlspecialchars($HTTP_POST_VARS['subject']));
+		$privmsg_subject = trim(strip_tags($HTTP_POST_VARS['subject']));
 		if ( empty($privmsg_subject) )
 		{
 			$error = TRUE;
@@ -1257,7 +1212,7 @@ else if ( $submit || $refresh || $mode != '' )
 
 			if ( $inbox_info = $db->sql_fetchrow($result) )
 			{
-				if ($board_config['max_inbox_privmsgs'] && $inbox_info['inbox_items'] >= $board_config['max_inbox_privmsgs'])
+				if ( $inbox_info['inbox_items'] >= $board_config['max_inbox_privmsgs'] )
 				{
 					$sql = "SELECT privmsgs_id FROM " . PRIVMSGS_TABLE . " 
 						WHERE ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . " 
@@ -1319,7 +1274,7 @@ else if ( $submit || $refresh || $mode != '' )
 
 		if ( !$db->sql_query($sql, END_TRANSACTION) )
 		{
-			message_die(GENERAL_ERROR, "Could not insert/update private message sent text.", "", __LINE__, __FILE__, $sql);
+			message_die(GENERAL_ERROR, "Could not insert/update private message sent text.", "", __LINE__, __FILE__, $sql_info);
 		}
 
 		if ( $mode != 'edit' )
@@ -1354,7 +1309,7 @@ else if ( $submit || $refresh || $mode != '' )
 				$emailer->set_subject($lang['Notification_subject']);
 					
 				$emailer->assign_vars(array(
-					'USERNAME' => stripslashes($to_username), 
+					'USERNAME' => $to_username, 
 					'SITENAME' => $board_config['sitename'],
 					'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '', 
 
@@ -1384,9 +1339,9 @@ else if ( $submit || $refresh || $mode != '' )
 		//
 		$to_username = (isset($HTTP_POST_VARS['username']) ) ? trim(htmlspecialchars(stripslashes($HTTP_POST_VARS['username']))) : '';
 
-		$privmsg_subject = ( isset($HTTP_POST_VARS['subject']) ) ? trim(htmlspecialchars(stripslashes($HTTP_POST_VARS['subject']))) : '';
+		$privmsg_subject = ( isset($HTTP_POST_VARS['subject']) ) ? trim(strip_tags(stripslashes($HTTP_POST_VARS['subject']))) : '';
 		$privmsg_message = ( isset($HTTP_POST_VARS['message']) ) ? trim($HTTP_POST_VARS['message']) : '';
-		// $privmsg_message = preg_replace('#<textarea>#si', '&lt;textarea&gt;', $privmsg_message);
+		$privmsg_message = preg_replace('#<textarea>#si', '&lt;textarea&gt;', $privmsg_message);
 		if ( !$preview )
 		{
 			$privmsg_message = stripslashes($privmsg_message);
@@ -1459,7 +1414,8 @@ else if ( $submit || $refresh || $mode != '' )
 				$to_username = $row['username'];
 			}
 		}
-		else if ( $mode == 'edit' )
+
+		if ( $mode == 'edit' )
 		{
 			$sql = "SELECT pm.*, pmt.privmsgs_bbcode_uid, pmt.privmsgs_text, u.username, u.user_id, u.user_sig 
 				FROM " . PRIVMSGS_TABLE . " pm, " . PRIVMSGS_TEXT_TABLE . " pmt, " . USERS_TABLE . " u
@@ -1490,7 +1446,7 @@ else if ( $submit || $refresh || $mode != '' )
 			}
 			
 			$privmsg_message = str_replace('<br />', "\n", $privmsg_message);
-			// $privmsg_message = preg_replace('#</textarea>#si', '&lt;/textarea&gt;', $privmsg_message);
+			$privmsg_message = preg_replace('#</textarea>#si', '&lt;/textarea&gt;', $privmsg_message);
 
 			$user_sig = ( $board_config['allow_sig'] ) ? (($privmsg['privmsgs_type'] == PRIVMSGS_NEW_MAIL) ? $user_sig : $privmsg['user_sig']) : '';
 
@@ -1517,11 +1473,7 @@ else if ( $submit || $refresh || $mode != '' )
 				redirect(append_sid("privmsg.$phpEx?folder=$folder", true));
 			}
 
-			$orig_word = $replacement_word = array();
-			obtain_word_list($orig_word, $replacement_word);
-
 			$privmsg_subject = ( ( !preg_match('/^Re:/', $privmsg['privmsgs_subject']) ) ? 'Re: ' : '' ) . $privmsg['privmsgs_subject'];
-			$privmsg_subject = preg_replace($orig_word, $replacement_word, $privmsg_subject);
 
 			$to_username = $privmsg['username'];
 			$to_userid = $privmsg['user_id'];
@@ -1533,8 +1485,7 @@ else if ( $submit || $refresh || $mode != '' )
 
 				$privmsg_message = preg_replace("/\:(([a-z0-9]:)?)$privmsg_bbcode_uid/si", '', $privmsg_message);
 				$privmsg_message = str_replace('<br />', "\n", $privmsg_message);
-				// $privmsg_message = preg_replace('#</textarea>#si', '&lt;/textarea&gt;', $privmsg_message);
-				$privmsg_message = preg_replace($orig_word, $replacement_word, $privmsg_message);
+				$privmsg_message = preg_replace('#</textarea>#si', '&lt;/textarea&gt;', $privmsg_message);
 				
 				$msg_date =  create_date($board_config['default_dateformat'], $privmsg['privmsgs_date'], $board_config['board_timezone']); 
 
@@ -1543,10 +1494,6 @@ else if ( $submit || $refresh || $mode != '' )
 				$mode = 'reply';
 			}
 		}
-		else
-		{
-			$privmsg_subject = $privmsg_message = $to_username = '';
-		}
 	}
 
 	//
@@ -1660,7 +1607,6 @@ else if ( $submit || $refresh || $mode != '' )
 	//
 	if ($error)
 	{
-		$privmsg_message = htmlspecialchars($privmsg_message);
 		$template->set_filenames(array(
 			'reg_header' => 'error_body.tpl')
 		);
@@ -1747,7 +1693,6 @@ else if ( $submit || $refresh || $mode != '' )
 
 	$s_hidden_fields = '<input type="hidden" name="folder" value="' . $folder . '" />';
 	$s_hidden_fields .= '<input type="hidden" name="mode" value="' . $mode . '" />';
-	$s_hidden_fields .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />';
 	if ( $mode == 'edit' )
 	{
 		$s_hidden_fields .= '<input type="hidden" name="' . POST_POST_URL . '" value="' . $privmsg_id . '" />';
@@ -1758,6 +1703,9 @@ else if ( $submit || $refresh || $mode != '' )
 	//
 	generate_smilies('inline', PAGE_PRIVMSGS);
 
+	$privmsg_subject = preg_replace($html_entities_match, $html_entities_replace, $privmsg_subject);
+	$privmsg_subject = str_replace('"', '&quot;', $privmsg_subject);
+
 	$template->assign_vars(array(
 		'SUBJECT' => $privmsg_subject, 
 		'USERNAME' => $to_username,
@@ -1837,6 +1785,7 @@ else if ( $submit || $refresh || $mode != '' )
 		'S_BBCODE_CHECKED' => ( !$bbcode_on ) ? ' checked="checked"' : '', 
 		'S_SMILIES_CHECKED' => ( !$smilies_on ) ? ' checked="checked"' : '', 
 		'S_SIGNATURE_CHECKED' => ( $attach_sig ) ? ' checked="checked"' : '', 
+		'S_NAMES_SELECT' => $user_names_select,
 		'S_HIDDEN_FORM_FIELDS' => $s_hidden_fields,
 		'S_POST_ACTION' => append_sid("privmsg.$phpEx"),
 			
@@ -2071,10 +2020,6 @@ if ( $folder != 'outbox' )
 			break;
 	}
 }
-else
-{
-	$inbox_limit_img_length = $inbox_limit_pct = $l_box_size_status = '';
-}
 
 //
 // Dump vars to template

phpBB/profile.php

@@ -60,9 +60,18 @@ $server_url = $server_protocol . $server_name . $server_port . $script_name;
 //
 function gen_rand_string($hash)
 {
-	$rand_str = dss_rand();
+	$chars = array( 'a', 'A', 'b', 'B', 'c', 'C', 'd', 'D', 'e', 'E', 'f', 'F', 'g', 'G', 'h', 'H', 'i', 'I', 'j', 'J',  'k', 'K', 'l', 'L', 'm', 'M', 'n', 'N', 'o', 'O', 'p', 'P', 'q', 'Q', 'r', 'R', 's', 'S', 't', 'T',  'u', 'U', 'v', 'V', 'w', 'W', 'x', 'X', 'y', 'Y', 'z', 'Z', '1', '2', '3', '4', '5', '6', '7', '8', '9', '0');
+	
+	$max_chars = count($chars) - 1;
+	srand( (double) microtime()*1000000);
+	
+	$rand_str = '';
+	for($i = 0; $i < 8; $i++)
+	{
+		$rand_str = ( $i == 0 ) ? $chars[rand(0, $max_chars)] : $rand_str . $chars[rand(0, $max_chars)];
+	}
 
-	return ( $hash ) ? md5($rand_str) : substr($rand_str, 0, 8);
+	return ( $hash ) ? md5($rand_str) : $rand_str;
 }
 //
 // End page specific functions

phpBB/search.php

@@ -118,7 +118,6 @@ else
 }
 
 $start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0;
-$start = ($start < 0) ? 0 : $start;
 
 $sort_by_types = array($lang['Sort_Time'], $lang['Sort_Post_Subject'], $lang['Sort_Topic_Title'], $lang['Sort_Author'], $lang['Sort_Forum']);
 
@@ -154,31 +153,12 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
 	//
 	// Search ID Limiter, decrease this value if you experience further timeout problems with searching forums
 	$limiter = 5000;
-	$current_time = time();
 
 	//
 	// Cycle through options ...
 	//
 	if ( $search_id == 'newposts' || $search_id == 'egosearch' || $search_id == 'unanswered' || $search_keywords != '' || $search_author != '' )
 	{
-		//
-		// Flood control
-		//
-		$where_sql = ($userdata['user_id'] == ANONYMOUS) ? "se.session_ip = '$user_ip'" : 'se.session_user_id = ' . $userdata['user_id'];
-		$sql = 'SELECT MAX(sr.search_time) AS last_search_time
-			FROM ' . SEARCH_TABLE . ' sr, ' . SESSIONS_TABLE . " se
-			WHERE sr.session_id = se.session_id
-				AND $where_sql";
-		if ($result = $db->sql_query($sql))
-		{
-			if ($row = $db->sql_fetchrow($result))
-			{
-				if (intval($row['last_search_time']) > 0 && ($current_time - intval($row['last_search_time'])) < intval($board_config['search_flood_interval']))
-				{
-					message_die(GENERAL_MESSAGE, $lang['Search_Flood_Error']);
-				}
-			}
-		}
 		if ( $search_id == 'newposts' || $search_id == 'egosearch' || ( $search_author != '' && $search_keywords == '' )  )
 		{
 			if ( $search_id == 'newposts' )
@@ -217,13 +197,13 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
 			}
 			else
 			{
-				$search_author = str_replace('*', '%', trim($search_author));
-
-				if( ( strpos($search_author, '%') !== false ) && ( strlen(str_replace('%', '', $search_author)) < $board_config['search_min_chars'] ) )
+				if (preg_match('#^[\*%]+$#', trim($search_author)) || preg_match('#^[^\*]{1,2}$#', str_replace(array('*', '%'), '', trim($search_author))))
 				{
 					$search_author = '';
 				}
 
+				$search_author = str_replace('*', '%', trim($search_author));
+				
 				$sql = "SELECT user_id
 					FROM " . USERS_TABLE . "
 					WHERE username LIKE '" . str_replace("\'", "''", $search_author) . "'";
@@ -277,9 +257,7 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
 			$synonym_array = @file($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/search_synonyms.txt'); 
 
 			$split_search = array();
-			$stripped_keywords = stripslashes($search_keywords);
-			$split_search = ( !strstr($multibyte_charset, $lang['ENCODING']) ) ?  split_words(clean_words('search', $stripped_keywords, $stopword_array, $synonym_array), 'search') : split(' ', $search_keywords);	
-			unset($stripped_keywords);
+			$split_search = ( !strstr($multibyte_charset, $lang['ENCODING']) ) ?  split_words(clean_words('search', stripslashes($search_keywords), $stopword_array, $synonym_array), 'search') : split(' ', $search_keywords);	
 
 			$search_msg_only = ( !$search_fields ) ? "AND m.title_match = 0" : ( ( strstr($multibyte_charset, $lang['ENCODING']) ) ? '' : '' );
 
@@ -291,7 +269,7 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
 
 			for($i = 0; $i < count($split_search); $i++)
 			{
-				if ( strlen(str_replace(array('*', '%'), '', trim($split_search[$i]))) < $board_config['search_min_chars'] )
+				if (preg_match('#^[\*%]+$#', trim($split_search[$i])) || preg_match('#^[^\*]{1,2}$#', str_replace(array('*', '%'), '', trim($split_search[$i]))))
 				{
 					$split_search[$i] = '';
 					continue;
@@ -440,12 +418,12 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
 		//
 		if ( $search_author != '' )
 		{
-			$search_author = str_replace('*', '%', trim($search_author));
-
-			if( ( strpos($search_author, '%') !== false ) && ( strlen(str_replace('%', '', $search_author)) < $board_config['search_min_chars'] ) )
+			if (preg_match('#^[\*%]+$#', trim($search_author)) || preg_match('#^[^\*]{1,2}$#', str_replace(array('*', '%'), '', trim($search_author))))
 			{
 				$search_author = '';
 			}
+
+			$search_author = str_replace('*', '%', trim(str_replace("\'", "''", $search_author)));
 		}
 
 		if ( $total_match_count )
@@ -649,13 +627,28 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
 		}
 
 		//
-		// Delete old data from the search result table
+		// Finish building query (for all combinations)
+		// and run it ...
 		//
-		$sql = 'DELETE FROM ' . SEARCH_TABLE . '
-			WHERE search_time < ' . ($current_time - (int) $board_config['session_length']);
-		if ( !$result = $db->sql_query($sql) )
+		$sql = "SELECT session_id 
+			FROM " . SESSIONS_TABLE;
+		if ( $result = $db->sql_query($sql) )
 		{
-			message_die(GENERAL_ERROR, 'Could not delete old search id sessions', '', __LINE__, __FILE__, $sql);
+			$delete_search_ids = array();
+			while( $row = $db->sql_fetchrow($result) )
+			{
+				$delete_search_ids[] = "'" . $row['session_id'] . "'";
+			}
+
+			if ( count($delete_search_ids) )
+			{
+				$sql = "DELETE FROM " . SEARCH_TABLE . " 
+					WHERE session_id NOT IN (" . implode(", ", $delete_search_ids) . ")";
+				if ( !$result = $db->sql_query($sql) )
+				{
+					message_die(GENERAL_ERROR, 'Could not delete old search id sessions', '', __LINE__, __FILE__, $sql);
+				}
+			}
 		}
 
 		//
@@ -696,12 +689,12 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
 		$search_id = mt_rand();
 
 		$sql = "UPDATE " . SEARCH_TABLE . " 
-			SET search_id = $search_id, search_time = $current_time, search_array = '" . str_replace("\'", "''", $result_array) . "'
+			SET search_id = $search_id, search_array = '" . str_replace("\'", "''", $result_array) . "'
 			WHERE session_id = '" . $userdata['session_id'] . "'";
 		if ( !($result = $db->sql_query($sql)) || !$db->sql_affectedrows() )
 		{
-			$sql = "INSERT INTO " . SEARCH_TABLE . " (search_id, session_id, search_time, search_array) 
-				VALUES($search_id, '" . $userdata['session_id'] . "', $current_time, '" . str_replace("\'", "''", $result_array) . "')";
+			$sql = "INSERT INTO " . SEARCH_TABLE . " (search_id, session_id, search_array) 
+				VALUES($search_id, '" . $userdata['session_id'] . "', '" . str_replace("\'", "''", $result_array) . "')";
 			if ( !($result = $db->sql_query($sql)) )
 			{
 				message_die(GENERAL_ERROR, 'Could not insert search results', '', __LINE__, __FILE__, $sql);
@@ -1308,7 +1301,7 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
 $sql = "SELECT c.cat_title, c.cat_id, f.forum_name, f.forum_id  
 	FROM " . CATEGORIES_TABLE . " c, " . FORUMS_TABLE . " f
 	WHERE f.cat_id = c.cat_id 
-	ORDER BY c.cat_order, f.forum_order";
+	ORDER BY c.cat_id, f.forum_order";
 $result = $db->sql_query($sql);
 if ( !$result )
 {

phpBB/templates/subSilver/admin/board_config_body.tpl

@@ -39,14 +39,6 @@
 		<td class="row1">{L_VISUAL_CONFIRM}<br /><span class="gensmall">{L_VISUAL_CONFIRM_EXPLAIN}</span></td>
 		<td class="row2"><input type="radio" name="enable_confirm" value="1" {CONFIRM_ENABLE} />{L_YES}&nbsp; &nbsp;<input type="radio" name="enable_confirm" value="0" {CONFIRM_DISABLE} />{L_NO}</td>
 	</tr>
-	<tr>
-		<td class="row1">{L_ALLOW_AUTOLOGIN}<br /><span class="gensmall">{L_ALLOW_AUTOLOGIN_EXPLAIN}</span></td>
-		<td class="row2"><input type="radio" name="allow_autologin" value="1" {ALLOW_AUTOLOGIN_YES} />{L_YES}&nbsp; &nbsp;<input type="radio" name="allow_autologin" value="0" {ALLOW_AUTOLOGIN_NO} />{L_NO}</td>
-	</tr>
-	<tr>
-		<td class="row1">{L_AUTOLOGIN_TIME} <br /><span class="gensmall">{L_AUTOLOGIN_TIME_EXPLAIN}</span></td>
-		<td class="row2"><input class="post" type="text" size="3" maxlength="4" name="max_autologin_time" value="{AUTOLOGIN_TIME}" /></td>
-	</tr>
 	<tr>
 		<td class="row1">{L_BOARD_EMAIL_FORM}<br /><span class="gensmall">{L_BOARD_EMAIL_FORM_EXPLAIN}</span></td>
 		<td class="row2"><input type="radio" name="board_email_form" value="1" {BOARD_EMAIL_FORM_ENABLE} /> {L_ENABLED}&nbsp;&nbsp;<input type="radio" name="board_email_form" value="0" {BOARD_EMAIL_FORM_DISABLE} /> {L_DISABLED}</td>
@@ -55,18 +47,6 @@
 		<td class="row1">{L_FLOOD_INTERVAL} <br /><span class="gensmall">{L_FLOOD_INTERVAL_EXPLAIN}</span></td>
 		<td class="row2"><input class="post" type="text" size="3" maxlength="4" name="flood_interval" value="{FLOOD_INTERVAL}" /></td>
 	</tr>
-	<tr>
-		<td class="row1">{L_SEARCH_FLOOD_INTERVAL} <br /><span class="gensmall">{L_SEARCH_FLOOD_INTERVAL_EXPLAIN}</span></td>
-		<td class="row2"><input class="post" type="text" size="3" maxlength="4" name="search_flood_interval" value="{SEARCH_FLOOD_INTERVAL}" /></td>
-	</tr>
-	<tr>
-		<td class="row1">{L_MAX_LOGIN_ATTEMPTS}<br /><span class="gensmall">{L_MAX_LOGIN_ATTEMPTS_EXPLAIN}</span></td>
-		<td class="row2"><input class="post" type="text" size="3" maxlength="4" name="max_login_attempts" value="{MAX_LOGIN_ATTEMPTS}" /></td>
-	</tr>
-	<tr>
-		<td class="row1">{L_LOGIN_RESET_TIME}<br /><span class="gensmall">{L_LOGIN_RESET_TIME_EXPLAIN}</span></td>
-		<td class="row2"><input class="post" type="text" size="3" maxlength="4" name="login_reset_time" value="{LOGIN_RESET_TIME}" /></td>
-	</tr>
 	<tr>
 		<td class="row1">{L_TOPICS_PER_PAGE}</td>
 		<td class="row2"><input class="post" type="text" name="topics_per_page" size="3" maxlength="4" value="{TOPICS_PER_PAGE}" /></td>

phpBB/templates/subSilver/admin/confirm_body.tpl

@@ -1,11 +0,0 @@
- 
-<table class="forumline" width="100%" cellspacing="1" cellpadding="4" border="0">
-	<tr>
-		<th class="thHead" height="25" valign="middle">{MESSAGE_TITLE}</th>
-	</tr>
-	<tr>
-		<td class="row1" align="center"><form action="{S_CONFIRM_ACTION}" method="post"><span class="gen"><br />{MESSAGE_TEXT}<br /><br />{S_HIDDEN_FIELDS}<input type="submit" name="confirm" value="{L_YES}" class="mainoption" />&nbsp;&nbsp;<input type="submit" name="cancel" value="{L_NO}" class="liteoption" /></span></form></td>
-	</tr>
-</table>
-
-<br clear="all" />

phpBB/templates/subSilver/admin/forum_admin_body.tpl

@@ -13,7 +13,7 @@
 		<td class="cat" align="center" valign="middle"><span class="gen"><a href="{catrow.U_CAT_EDIT}">{L_EDIT}</a></span></td>
 		<td class="cat" align="center" valign="middle"><span class="gen"><a href="{catrow.U_CAT_DELETE}">{L_DELETE}</a></span></td>
 		<td class="cat" align="center" valign="middle" nowrap="nowrap"><span class="gen"><a href="{catrow.U_CAT_MOVE_UP}">{L_MOVE_UP}</a> <a href="{catrow.U_CAT_MOVE_DOWN}">{L_MOVE_DOWN}</a></span></td>
-		<td class="catRight" align="center" valign="middle"><span class="gen">&nbsp;</span></td>
+		<td class="catRight" align="center" valign="middle"><span class="gen">&nbsp</span></td>
 	</tr>
 	<!-- BEGIN forumrow -->
 	<tr> 

phpBB/templates/subSilver/admin/index_body.tpl

@@ -43,13 +43,6 @@
 	<td class="row2"><b>{GZIP_COMPRESSION}</b></td>
   </tr>
 </table>
-
-<h1>{L_VERSION_INFORMATION}</h1>
-
-{VERSION_INFO}
-
-<br />
-
 <h1>{L_WHO_IS_ONLINE}</h1>
 
 <table width="100%" cellpadding="4" cellspacing="1" border="0" class="forumline">
@@ -84,3 +77,9 @@
 </table>
 
 <br />
+
+<h1>{L_VERSION_INFORMATION}</h1>
+
+{VERSION_INFO}
+
+<br />

phpBB/templates/subSilver/admin/index_frameset.tpl

@@ -1,4 +1,4 @@
-<html dir="{S_CONTENT_DIRECTION}">
+<html>
 <head>
 <title>phpBB Administration</title>
 <meta http-equiv="Content-Type" content="text/html;">

phpBB/templates/subSilver/admin/page_header.tpl

@@ -1,5 +1,5 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
-<html dir="{S_CONTENT_DIRECTION}">
+<html>
 <head>
 {META}
 <meta http-equiv="Content-Type" content="text/html; charset={S_CONTENT_ENCODING}"  />

phpBB/templates/subSilver/admin/styles_addnew_body.tpl

@@ -1,7 +1,7 @@
 
 <h1>{L_STYLES_TITLE}</h1>
 
-<p>{L_STYLES_ADD_TEXT}</p>
+<P>{L_STYLES_ADD_TEXT}</p>
 
 <table cellspacing="1" cellpadding="4" border="0" align="center" class="forumline">
 	<tr>
@@ -16,4 +16,4 @@
 		<td class="{styles.ROW_CLASS}"><a href="{styles.U_STYLES_INSTALL}">{L_INSTALL}</a></td>
 	</tr>
 	<!-- END styles -->
-</table>
+</table></form>

phpBB/templates/subSilver/admin/styles_edit_body.tpl

@@ -9,7 +9,7 @@
 	</tr>
 	<tr>
 		<td class="row1">{L_THEME_NAME}:</td>
-		<td class="row2" colspan="2"><input class="post" type="text" size="25" maxlength="30" name="style_name" value="{THEME_NAME}"></td>
+		<td class="row2" colspan="2"><input class="post" type="text" size="25" maxlength="100" name="style_name" value="{THEME_NAME}"></td>
 	</tr>
 	<tr>
 		<td class="row1">{L_TEMPLATE}:</td>
@@ -21,7 +21,7 @@
 		<th>{L_SIMPLE_NAME}</th>
 	</tr>
 	<tr>
-		<td class="row1">{L_STYLESHEET}:<br /><span class="gensmall">{L_STYLESHEET_EXPLAIN}</span></td>
+		<td class="row1">{L_STYLESHEET}:<br /><span class="gensmall">Filename for CSS stylesheet to use for this theme.</span></td>
 		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="head_stylesheet" value="{HEAD_STYLESHEET}"></td>
 		<td class="row2">&nbsp;</td>		
 	</tr>
@@ -64,176 +64,176 @@
 	<tr>
 		<td class="row1">{L_TR_COLOR1}:</td>
 		<td class="row2"><input class="post" type="text" size="6" maxlength="6" name="tr_color1" value="{TR_COLOR1}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="tr_color1_name" value="{TR_COLOR1_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="tr_color1_name" value="{TR_COLOR1_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_TR_COLOR2}:</td>
 		<td class="row2"><input class="post" type="text" size="6" maxlength="6" name="tr_color2" value="{TR_COLOR2}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="tr_color2_name" value="{TR_COLOR2_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="tr_color2_name" value="{TR_COLOR2_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_TR_COLOR3}:</td>
 		<td class="row2"><input class="post" type="text" size="6" maxlength="6" name="tr_color3" value="{TR_COLOR3}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="tr_color3_name" value="{TR_COLOR3_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="tr_color3_name" value="{TR_COLOR3_NAME}">
 	</tr>
 	<tr>
 		<td class="row1">{L_TR_CLASS1}:</td>
 		<td class="row2"><input class="post" type="text" size="25" maxlength="25" name="tr_class1" value="{TR_CLASS1}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="tr_class1_name" value="{TR_CLASS1_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="tr_class1_name" value="{TR_CLASS1_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_TR_CLASS2}:</td>
 		<td class="row2"><input class="post" type="text" size="25" maxlength="25" name="tr_class2" value="{TR_CLASS2}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="tr_class2_name" value="{TR_CLASS2_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="tr_class2_name" value="{TR_CLASS2_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_TR_CLASS3}:</td>
 		<td class="row2"><input class="post" type="text" size="25" maxlength="25" name="tr_class3" value="{TR_CLASS3}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="tr_class3_name" value="{TR_CLASS3_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="tr_class3_name" value="{TR_CLASS3_NAME}">
 	</tr>
 	<tr>
 		<td class="row1">{L_TH_COLOR1}:</td>
 		<td class="row2"><input class="post" type="text" size="6" maxlength="6" name="th_color1" value="{TH_COLOR1}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="th_color1_name" value="{TH_COLOR1_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="th_color1_name" value="{TH_COLOR1_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_TH_COLOR2}:</td>
 		<td class="row2"><input class="post" type="text" size="6" maxlength="6" name="th_color2" value="{TH_COLOR2}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="th_color2_name" value="{TH_COLOR2_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="th_color2_name" value="{TH_COLOR2_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_TH_COLOR3}:</td>
 		<td class="row2"><input class="post" type="text" size="6" maxlength="6" name="th_color3" value="{TH_COLOR3}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="th_color3_name" value="{TH_COLOR3_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="th_color3_name" value="{TH_COLOR3_NAME}">
 	</tr>
 	<tr>
 		<td class="row1">{L_TH_CLASS1}:</td>
 		<td class="row2"><input class="post" type="text" size="25" maxlength="25" name="th_class1" value="{TH_CLASS1}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="th_class1_name" value="{TH_CLASS1_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="th_class1_name" value="{TH_CLASS1_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_TH_CLASS2}:</td>
 		<td class="row2"><input class="post" type="text" size="25" maxlength="25" name="th_class2" value="{TH_CLASS2}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="th_class2_name" value="{TH_CLASS2_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="th_class2_name" value="{TH_CLASS2_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_TH_CLASS3}:</td>
 		<td class="row2"><input class="post" type="text" size="25" maxlength="25" name="th_class3" value="{TH_CLASS3}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="th_class3_name" value="{TH_CLASS3_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="th_class3_name" value="{TH_CLASS3_NAME}">
 	</tr>
 	<tr>
 		<td class="row1">{L_TD_COLOR1}:</td>
 		<td class="row2"><input class="post" type="text" size="6" maxlength="6" name="td_color1" value="{TD_COLOR1}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="td_color1_name" value="{TD_COLOR1_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="td_color1_name" value="{TD_COLOR1_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_TD_COLOR2}:</td>
 		<td class="row2"><input class="post" type="text" size="6" maxlength="6" name="td_color2" value="{TD_COLOR2}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="td_color2_name" value="{TD_COLOR2_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="td_color2_name" value="{TD_COLOR2_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_TD_COLOR3}:</td>
 		<td class="row2"><input class="post" type="text" size="6" maxlength="6" name="td_color3" value="{TD_COLOR3}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="td_color3_name" value="{TD_COLOR3_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="td_color3_name" value="{TD_COLOR3_NAME}">
 	</tr>
 	<tr>
 		<td class="row1">{L_TD_CLASS1}:</td>
 		<td class="row2"><input class="post" type="text" size="25" maxlength="25" name="td_class1" value="{TD_CLASS1}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="td_class1_name" value="{TD_CLASS1_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="td_class1_name" value="{TD_CLASS1_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_TD_CLASS2}:</td>
 		<td class="row2"><input class="post" type="text" size="25" maxlength="25" name="td_class2" value="{TD_CLASS2}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="td_class2_name" value="{TD_CLASS2_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="td_class2_name" value="{TD_CLASS2_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_TD_CLASS3}:</td>
 		<td class="row2"><input class="post" type="text" size="25" maxlength="25" name="td_class3" value="{TD_CLASS3}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="td_class3_name" value="{TD_CLASS3_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="td_class3_name" value="{TD_CLASS3_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_FONTFACE_1}:</td>
 		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="fontface1" value="{FONTFACE1}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="fontface1_name" value="{FONTFACE1_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="fontface1_name" value="{FONTFACE1_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_FONTFACE_2}:</td>
 		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="fontface2" value="{FONTFACE2}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="fontface2_name" value="{FONTFACE2_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="fontface2_name" value="{FONTFACE2_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_FONTFACE_3}:</td>
 		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="fontface3" value="{FONTFACE3}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="fontface3_name" value="{FONTFACE3_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="fontface3_name" value="{FONTFACE3_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_FONTSIZE_1}:</td>
 		<td class="row2"><input class="post" type="text" size="4" maxlength="4" name="fontsize1" value="{FONTSIZE1}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="fontsize1_name" value="{FONTSIZE1_NAME}">	
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="fontsize1_name" value="{FONTSIZE1_NAME}">	
 	</tr>
 
 	<tr>
 		<td class="row1">{L_FONTSIZE_2}:</td>
 		<td class="row2"><input class="post" type="text" size="4" maxlength="4" name="fontsize2" value="{FONTSIZE2}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="fontsize2_name" value="{FONTSIZE2_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="fontsize2_name" value="{FONTSIZE2_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_FONTSIZE_3}:</td>
 		<td class="row2"><input class="post" type="text" size="4" maxlength="4" name="fontsize3" value="{FONTSIZE3}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="fontsize3_name" value="{FONTSIZE3_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="fontsize3_name" value="{FONTSIZE3_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_FONTCOLOR_1}:</td>
 		<td class="row2"><input class="post" type="text" size="6" maxlength="6" name="fontcolor1" value="{FONTCOLOR1}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="fontcolor1_name" value="{FONTCOLOR1_NAME}">	
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="fontcolor1_name" value="{FONTCOLOR1_NAME}">	
 	</tr>
 
 	<tr>
 		<td class="row1">{L_FONTCOLOR_2}:</td>
 		<td class="row2"><input class="post" type="text" size="6" maxlength="6" name="fontcolor2" value="{FONTCOLOR2}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="fontcolor2_name" value="{FONTCOLOR2_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="fontcolor2_name" value="{FONTCOLOR2_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_FONTCOLOR_3}:</td>
 		<td class="row2"><input class="post" type="text" size="6" maxlength="6" name="fontcolor3" value="{FONTCOLOR3}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="fontcolor3_name" value="{FONTCOLOR3_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="fontcolor3_name" value="{FONTCOLOR3_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_SPAN_CLASS_1}:</td>
 		<td class="row2"><input class="post" type="text" size="25" maxlength="25" name="span_class1" value="{SPAN_CLASS1}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="span_class1_name" value="{SPAN_CLASS1_NAME}">	
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="span_class1_name" value="{SPAN_CLASS1_NAME}">	
 	</tr>
 
 	<tr>
 		<td class="row1">{L_SPAN_CLASS_2}:</td>
 		<td class="row2"><input class="post" type="text" size="25" maxlength="25" name="span_class2" value="{SPAN_CLASS2}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="span_class2_name" value="{SPAN_CLASS2_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="span_class2_name" value="{SPAN_CLASS2_NAME}">
 	</tr>
 
 	<tr>
 		<td class="row1">{L_SPAN_CLASS_3}:</td>
 		<td class="row2"><input class="post" type="text" size="25" maxlength="25" name="span_class3" value="{SPAN_CLASS3}"></td>
-		<td class="row2"><input class="post" type="text" size="25" maxlength="50" name="span_class3_name" value="{SPAN_CLASS3_NAME}">
+		<td class="row2"><input class="post" type="text" size="25" maxlength="100" name="span_class3_name" value="{SPAN_CLASS3_NAME}">
 	</tr>
 
 

phpBB/templates/subSilver/admin/styles_list_body.tpl

@@ -1,7 +1,7 @@
 
 <h1>{L_STYLES_TITLE}</h1>
 
-<p>{L_STYLES_TEXT}</p>
+<P>{L_STYLES_TEXT}</p>
 
 <table cellspacing="1" cellpadding="4" border="0" align="center" class="forumline">
 	<tr>
@@ -18,4 +18,4 @@
 		<td class="{styles.ROW_CLASS}"><a href="{styles.U_STYLES_DELETE}">{L_DELETE}</a></td>
 	</tr>
 	<!-- END styles -->
-</table>
+</table></form>

phpBB/templates/subSilver/admin/user_edit_body.tpl

@@ -236,7 +236,7 @@
 	<tr> 
 	  <td class="row1"><span class="gen">{L_UPLOAD_AVATAR_URL}</span></td>
 	  <td class="row2"> 
-		<input class="post" type="text" name="avatarurl" size="40" style="width: 200px"  />
+		<input class="post" type="text" name="avatarurl" size="40" class="post" style="width: 200px"  />
 	  </td>
 	</tr>
 	<!-- END avatar_remote_upload -->
@@ -244,7 +244,7 @@
 	<tr> 
 	  <td class="row1"><span class="gen">{L_LINK_REMOTE_AVATAR}</span></td>
 	  <td class="row2"> 
-		<input class="post" type="text" name="avatarremoteurl" size="40" style="width: 200px"  />
+		<input class="post" type="text" name="avatarremoteurl" size="40" class="post" style="width: 200px"  />
 	  </td>
 	</tr>
 	<!-- END avatar_remote_link -->

phpBB/templates/subSilver/bbcode.tpl

@@ -57,4 +57,4 @@
 
 <!-- BEGIN url --><a href="{URL}" target="_blank" class="postlink">{DESCRIPTION}</a><!-- END url -->
 
-<!-- BEGIN email --><a href="mailto:{EMAIL}">{EMAIL}</a><!-- END email -->
+<!-- BEGIN email --><a href="mailto:{EMAIL}">{EMAIL}</A><!-- END email -->

phpBB/templates/subSilver/confirm_body.tpl

@@ -7,7 +7,7 @@
 
 <table class="forumline" width="100%" cellspacing="1" cellpadding="3" border="0">
 	<tr>
-		<th class="thHead" height="25" valign="middle">{MESSAGE_TITLE}</th>
+		<th class="thHead" height="25" valign="middle"><span class="tableTitle">{MESSAGE_TITLE}</span></th>
 	</tr>
 	<tr>
 		<td class="row1" align="center"><form action="{S_CONFIRM_ACTION}" method="post"><span class="gen"><br />{MESSAGE_TEXT}<br /><br />{S_HIDDEN_FIELDS}<input type="submit" name="confirm" value="{L_YES}" class="mainoption" />&nbsp;&nbsp;<input type="submit" name="cancel" value="{L_NO}" class="liteoption" /></span></form></td>

phpBB/templates/subSilver/faq_body.tpl

@@ -34,7 +34,7 @@
 	</tr>
 	<!-- BEGIN faq_row -->  
 	<tr> 
-		<td class="{faq_block.faq_row.ROW_CLASS}" align="left" valign="top"><span class="postbody"><a name="{faq_block.faq_row.U_FAQ_ID}"></a><b>{faq_block.faq_row.FAQ_QUESTION}</b></span><br /><span class="postbody">{faq_block.faq_row.FAQ_ANSWER}<br /><a class="postlink" href="#top">{L_BACK_TO_TOP}</a></span></td>
+		<td class="{faq_block.faq_row.ROW_CLASS}" align="left" valign="top"><span class="postbody"><a name="{faq_block.faq_row.U_FAQ_ID}"></a><b>{faq_block.faq_row.FAQ_QUESTION}</b></span><br /><span class="postbody">{faq_block.faq_row.FAQ_ANSWER}<br /><a class="postlink" href="#Top">{L_BACK_TO_TOP}</a></span></td>
 	</tr>
 	<tr>
 		<td class="spaceRow" height="1"><img src="templates/subSilver/images/spacer.gif" alt="" width="1" height="1" /></td>

phpBB/templates/subSilver/groupcp_info_body.tpl

@@ -33,7 +33,7 @@
 	<!-- BEGIN switch_mod_option -->
 	<tr> 
 		<td class="row1" width="20%"><span class="gen">{L_GROUP_TYPE}:</span></td>
-		<td class="row2"><span class="gen"><input type="radio" name="group_type" value="{S_GROUP_OPEN_TYPE}" {S_GROUP_OPEN_CHECKED} /> {L_GROUP_OPEN} &nbsp;&nbsp;<input type="radio" name="group_type" value="{S_GROUP_CLOSED_TYPE}" {S_GROUP_CLOSED_CHECKED} />	{L_GROUP_CLOSED} &nbsp;&nbsp;<input type="radio" name="group_type" value="{S_GROUP_HIDDEN_TYPE}" {S_GROUP_HIDDEN_CHECKED} />	{L_GROUP_HIDDEN} &nbsp;&nbsp; <input class="mainoption" type="submit" name="groupstatus" value="{L_UPDATE}" /></span></td>
+		<td class="row2"><span class="gen"><span class="gen"><input type="radio" name="group_type" value="{S_GROUP_OPEN_TYPE}" {S_GROUP_OPEN_CHECKED} /> {L_GROUP_OPEN} &nbsp;&nbsp;<input type="radio" name="group_type" value="{S_GROUP_CLOSED_TYPE}" {S_GROUP_CLOSED_CHECKED} />	{L_GROUP_CLOSED} &nbsp;&nbsp;<input type="radio" name="group_type" value="{S_GROUP_HIDDEN_TYPE}" {S_GROUP_HIDDEN_CHECKED} />	{L_GROUP_HIDDEN} &nbsp;&nbsp; <input class="mainoption" type="submit" name="groupstatus" value="{L_UPDATE}" /></span></td>
 	</tr>
 	<!-- END switch_mod_option -->
 </table>
@@ -99,8 +99,8 @@
 
 	<!-- BEGIN switch_mod_option -->
 	<tr>
-		<td class="catBottom" colspan="8" align="right">
-			<span class="cattitle"><input type="submit" name="remove" value="{L_REMOVE_SELECTED}" class="mainoption" /></span>
+		<td class="catBottom" colspan="8" align="right"><span class="cattitle">
+			<input type="submit" name="remove" value="{L_REMOVE_SELECTED}" class="mainoption" />
 		</td>
 	</tr>
 	<!-- END switch_mod_option -->

phpBB/templates/subSilver/index_body.tpl

@@ -41,11 +41,7 @@
 
 <table width="100%" cellspacing="0" border="0" align="center" cellpadding="2">
   <tr> 
- 	<td align="left">
- 	<!-- BEGIN switch_user_logged_in -->
- 		<span class="gensmall"><a href="{U_MARK_READ}" class="gensmall">{L_MARK_FORUMS_READ}</a></span>
- 	<!-- END switch_user_logged_in -->
- 	</td>
+	<td align="left"><span class="gensmall"><a href="{U_MARK_READ}" class="gensmall">{L_MARK_FORUMS_READ}</a></span></td>
 	<td align="right"><span class="gensmall">{S_TIMEZONE}</span></td>
   </tr>
 </table>
@@ -81,10 +77,8 @@
 		<input class="post" type="text" name="username" size="10" />
 		&nbsp;&nbsp;&nbsp;{L_PASSWORD}: 
 		<input class="post" type="password" name="password" size="10" maxlength="32" />
-		<!-- BEGIN switch_allow_autologin -->
 		&nbsp;&nbsp; &nbsp;&nbsp;{L_AUTO_LOGIN} 
 		<input class="text" type="checkbox" name="autologin" />
-		<!-- END switch_allow_autologin -->
 		&nbsp;&nbsp;&nbsp; 
 		<input type="submit" class="mainoption" name="login" value="{L_LOGIN}" />
 		</span> </td>

phpBB/templates/subSilver/login_body.tpl

@@ -28,11 +28,9 @@
 			  <input type="password" class="post" name="password" size="25" maxlength="32" />
 			</td>
 		  </tr>
-		  <!-- BEGIN switch_allow_autologin -->
 		  <tr align="center"> 
 			<td colspan="2"><span class="gen">{L_AUTO_LOGIN}: <input type="checkbox" name="autologin" /></span></td>
 		  </tr>
-		  <!-- END switch_allow_autologin -->
 		  <tr align="center"> 
 			<td colspan="2">{S_HIDDEN_FIELDS}<input type="submit" name="login" class="mainoption" value="{L_LOGIN}" /></td>
 		  </tr>

phpBB/templates/subSilver/overall_header.tpl

@@ -232,11 +232,11 @@ input.liteoption {
 				<td align="center" width="100%" valign="middle"><span class="maintitle">{SITENAME}</span><br /><span class="gen">{SITE_DESCRIPTION}<br />&nbsp; </span> 
 				<table cellspacing="0" cellpadding="2" border="0">
 					<tr> 
-						<td align="center" valign="top" nowrap="nowrap"><span class="mainmenu">&nbsp;<a href="{U_FAQ}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_faq.gif" width="12" height="13" border="0" alt="{L_FAQ}" hspace="3" />{L_FAQ}</a>&nbsp; &nbsp;<a href="{U_SEARCH}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_search.gif" width="12" height="13" border="0" alt="{L_SEARCH}" hspace="3" />{L_SEARCH}</a>&nbsp; &nbsp;<a href="{U_MEMBERLIST}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_members.gif" width="12" height="13" border="0" alt="{L_MEMBERLIST}" hspace="3" />{L_MEMBERLIST}</a>&nbsp; &nbsp;<a href="{U_GROUP_CP}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_groups.gif" width="12" height="13" border="0" alt="{L_USERGROUPS}" hspace="3" />{L_USERGROUPS}</a>&nbsp; 
+						<td align="center" valign="top" nowrap="nowrap"><span class="mainmenu">&nbsp;<a href="{U_FAQ}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_faq.gif" width="12" height="13" border="0" alt="{L_FAQ}" hspace="3" />{L_FAQ}</a></span><span class="mainmenu">&nbsp; &nbsp;<a href="{U_SEARCH}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_search.gif" width="12" height="13" border="0" alt="{L_SEARCH}" hspace="3" />{L_SEARCH}</a>&nbsp; &nbsp;<a href="{U_MEMBERLIST}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_members.gif" width="12" height="13" border="0" alt="{L_MEMBERLIST}" hspace="3" />{L_MEMBERLIST}</a>&nbsp; &nbsp;<a href="{U_GROUP_CP}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_groups.gif" width="12" height="13" border="0" alt="{L_USERGROUPS}" hspace="3" />{L_USERGROUPS}</a>&nbsp; 
 						<!-- BEGIN switch_user_logged_out -->
-						&nbsp;<a href="{U_REGISTER}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_register.gif" width="12" height="13" border="0" alt="{L_REGISTER}" hspace="3" />{L_REGISTER}</a>&nbsp;
+						&nbsp;<a href="{U_REGISTER}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_register.gif" width="12" height="13" border="0" alt="{L_REGISTER}" hspace="3" />{L_REGISTER}</a></span>&nbsp;
 						<!-- END switch_user_logged_out -->
-						</span></td>
+						</td>
 					</tr>
 					<tr>
 						<td height="25" align="center" valign="top" nowrap="nowrap"><span class="mainmenu">&nbsp;<a href="{U_PROFILE}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_profile.gif" width="12" height="13" border="0" alt="{L_PROFILE}" hspace="3" />{L_PROFILE}</a>&nbsp; &nbsp;<a href="{U_PRIVATEMSGS}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_message.gif" width="12" height="13" border="0" alt="{PRIVATE_MESSAGE_INFO}" hspace="3" />{PRIVATE_MESSAGE_INFO}</a>&nbsp; &nbsp;<a href="{U_LOGIN_LOGOUT}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_login.gif" width="12" height="13" border="0" alt="{L_LOGIN_LOGOUT}" hspace="3" />{L_LOGIN_LOGOUT}</a>&nbsp;</span></td>

phpBB/templates/subSilver/posting_body.tpl

@@ -372,11 +372,10 @@ function storeCaret(textEl) {
 					  <option style="color:violet; background-color: {T_TD_COLOR1}" value="violet" class="genmed">{L_COLOR_VIOLET}</option>
 					  <option style="color:white; background-color: {T_TD_COLOR1}" value="white" class="genmed">{L_COLOR_WHITE}</option>
 					  <option style="color:black; background-color: {T_TD_COLOR1}" value="black" class="genmed">{L_COLOR_BLACK}</option>
-					</select> &nbsp;{L_FONT_SIZE}:<select name="addbbcode20" selected onChange="bbfontstyle('[size=' + this.form.addbbcode20.options[this.form.addbbcode20.selectedIndex].value + ']', '[/size]');this.selectedIndex=0;" onMouseOver="helpline('f')">
-					  <option value="0" class="genmed">{L_FONT_SIZE}</option>
+					</select> &nbsp;{L_FONT_SIZE}:<select name="addbbcode20" onChange="bbfontstyle('[size=' + this.form.addbbcode20.options[this.form.addbbcode20.selectedIndex].value + ']', '[/size]')" onMouseOver="helpline('f')">
 					  <option value="7" class="genmed">{L_FONT_TINY}</option>
 					  <option value="9" class="genmed">{L_FONT_SMALL}</option>
-					  <option value="12" class="genmed">{L_FONT_NORMAL}</option>
+					  <option value="12" selected class="genmed">{L_FONT_NORMAL}</option>
 					  <option value="18" class="genmed">{L_FONT_LARGE}</option>
 					  <option  value="24" class="genmed">{L_FONT_HUGE}</option>
 					</select>

phpBB/templates/subSilver/profile_add_body.tpl

@@ -77,55 +77,55 @@
 	<tr> 
 	  <td class="row1"><span class="gen">{L_ICQ_NUMBER}:</span></td>
 	  <td class="row2"> 
-		<input type="text" name="icq" class="post" style="width: 100px"  size="10" maxlength="15" value="{ICQ}" />
+		<input type="text" name="icq" class="post"style="width: 100px"  size="10" maxlength="15" value="{ICQ}" />
 	  </td>
 	</tr>
 	<tr> 
 	  <td class="row1"><span class="gen">{L_AIM}:</span></td>
 	  <td class="row2"> 
-		<input type="text" class="post" style="width: 150px"  name="aim" size="20" maxlength="255" value="{AIM}" />
+		<input type="text" class="post"style="width: 150px"  name="aim" size="20" maxlength="255" value="{AIM}" />
 	  </td>
 	</tr>
 	<tr> 
 	  <td class="row1"><span class="gen">{L_MESSENGER}:</span></td>
 	  <td class="row2"> 
-		<input type="text" class="post" style="width: 150px"  name="msn" size="20" maxlength="255" value="{MSN}" />
+		<input type="text" class="post"style="width: 150px"  name="msn" size="20" maxlength="255" value="{MSN}" />
 	  </td>
 	</tr>
 	<tr> 
 	  <td class="row1"><span class="gen">{L_YAHOO}:</span></td>
 	  <td class="row2"> 
-		<input type="text" class="post" style="width: 150px"  name="yim" size="20" maxlength="255" value="{YIM}" />
+		<input type="text" class="post"style="width: 150px"  name="yim" size="20" maxlength="255" value="{YIM}" />
 	  </td>
 	</tr>
 	<tr> 
 	  <td class="row1"><span class="gen">{L_WEBSITE}:</span></td>
 	  <td class="row2"> 
-		<input type="text" class="post" style="width: 200px"  name="website" size="25" maxlength="255" value="{WEBSITE}" />
+		<input type="text" class="post"style="width: 200px"  name="website" size="25" maxlength="255" value="{WEBSITE}" />
 	  </td>
 	</tr>
 	<tr> 
 	  <td class="row1"><span class="gen">{L_LOCATION}:</span></td>
 	  <td class="row2"> 
-		<input type="text" class="post" style="width: 200px"  name="location" size="25" maxlength="100" value="{LOCATION}" />
+		<input type="text" class="post"style="width: 200px"  name="location" size="25" maxlength="100" value="{LOCATION}" />
 	  </td>
 	</tr>
 	<tr> 
 	  <td class="row1"><span class="gen">{L_OCCUPATION}:</span></td>
 	  <td class="row2"> 
-		<input type="text" class="post" style="width: 200px"  name="occupation" size="25" maxlength="100" value="{OCCUPATION}" />
+		<input type="text" class="post"style="width: 200px"  name="occupation" size="25" maxlength="100" value="{OCCUPATION}" />
 	  </td>
 	</tr>
 	<tr> 
 	  <td class="row1"><span class="gen">{L_INTERESTS}:</span></td>
 	  <td class="row2"> 
-		<input type="text" class="post" style="width: 200px"  name="interests" size="35" maxlength="150" value="{INTERESTS}" />
+		<input type="text" class="post"style="width: 200px"  name="interests" size="35" maxlength="150" value="{INTERESTS}" />
 	  </td>
 	</tr>
 	<tr> 
 	  <td class="row1"><span class="gen">{L_SIGNATURE}:</span><br /><span class="gensmall">{L_SIGNATURE_EXPLAIN}<br /><br />{HTML_STATUS}<br />{BBCODE_STATUS}<br />{SMILIES_STATUS}</span></td>
 	  <td class="row2"> 
-		<textarea name="signature" style="width: 300px" rows="6" cols="30" class="post">{SIGNATURE}</textarea>
+		<textarea name="signature"style="width: 300px"  rows="6" cols="30" class="post">{SIGNATURE}</textarea>
 	  </td>
 	</tr>
 	<tr> 

phpBB/templates/subSilver/search_body.tpl

@@ -31,7 +31,7 @@
 		<td class="row2"><span class="genmed"><select class="post" name="search_cat">{S_CATEGORY_OPTIONS}
 		</select></span></td>
 		<td class="row1" align="right"><span class="gen">{L_SORT_BY}:&nbsp;</span></td>
-		<td class="row2" valign="middle" nowrap="nowrap"><span class="genmed"><select class="post" name="sort_by">{S_SORT_OPTIONS}</select><br /><input type="radio" name="sort_dir" value="ASC" /> {L_SORT_ASCENDING}<br /><input type="radio" name="sort_dir" value="DESC" checked="checked" /> {L_SORT_DESCENDING}</span>&nbsp;</td>
+		<td class="row2" valign="middle" nowrap="nowrap"><span class="genmed"><select class="post" name="sort_by">{S_SORT_OPTIONS}</select><br /><input type="radio" name="sort_dir" value="ASC" /> {L_SORT_ASCENDING}<br /><input type="radio" name="sort_dir" value="DESC" checked /> {L_SORT_DESCENDING}</span>&nbsp;</td>
 	</tr>
 	<tr> 
 		<td class="row1" align="right" nowrap="nowrap"><span class="gen">{L_DISPLAY_RESULTS}:&nbsp;</span></td>

phpBB/templates/subSilver/search_results_posts.tpl

@@ -18,7 +18,7 @@
   </tr>
   <!-- BEGIN searchresults -->
   <tr> 
-	<td class="catHead" colspan="2" height="28"><span class="topictitle"><img src="templates/subSilver/images/folder.gif" align="absmiddle" />&nbsp; {L_TOPIC}:&nbsp;<a href="{searchresults.U_TOPIC}" class="topictitle">{searchresults.TOPIC_TITLE}</a></span></td>
+	<td class="catHead" colspan="2" height="28"><span class="topictitle"><img src="templates/subSilver/images/folder.gif" align="absmiddle">&nbsp; {L_TOPIC}:&nbsp;<a href="{searchresults.U_TOPIC}" class="topictitle">{searchresults.TOPIC_TITLE}</a></span></td>
   </tr>
   <tr> 
 	<td width="150" align="left" valign="top" class="row1" rowspan="2"><span class="name"><b>{searchresults.POSTER_NAME}</b></span><br />

phpBB/templates/subSilver/subSilver.cfg

@@ -77,7 +77,7 @@ $images['pm_editmsg'] = "$current_template_images/{LANG}/icon_edit.gif";
 $images['pm_new_msg'] = "";
 $images['pm_no_new_msg'] = "";
 
-$images['Topic_watch'] = "";
+$images['topic_watch'] = "";
 $images['topic_un_watch'] = "";
 $images['topic_mod_lock'] = "$current_template_images/topic_lock.gif";
 $images['topic_mod_unlock'] = "$current_template_images/topic_unlock.gif";

phpBB/viewforum.php

@@ -42,7 +42,6 @@ else
 }
 
 $start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0;
-$start = ($start < 0) ? 0 : $start;
 
 if ( isset($HTTP_GET_VARS['mark']) || isset($HTTP_POST_VARS['mark']) )
 {

phpBB/viewtopic.php

@@ -46,9 +46,8 @@ if ( isset($HTTP_GET_VARS[POST_POST_URL]))
 
 
 $start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0;
-$start = ($start < 0) ? 0 : $start;
 
-if (!$topic_id && !$post_id)
+if ( !isset($topic_id) && !isset($post_id) )
 {
 	message_die(GENERAL_MESSAGE, 'Topic_post_not_exist');
 }
@@ -115,7 +114,6 @@ if ( isset($HTTP_GET_VARS['view']) && empty($HTTP_GET_VARS[POST_POST_URL]) )
 			WHERE
 				t2.topic_id = $topic_id
 				AND t.forum_id = t2.forum_id
-				AND t.topic_moved_id = 0
 				AND t.topic_last_post_id $sql_condition t2.topic_last_post_id
 			ORDER BY t.topic_last_post_id $sql_ordering
 			LIMIT 1";
@@ -141,11 +139,11 @@ if ( isset($HTTP_GET_VARS['view']) && empty($HTTP_GET_VARS[POST_POST_URL]) )
 // also allows for direct linking to a post (and the calculation of which
 // page the post is on and the correct display of viewtopic)
 //
-$join_sql_table = (!$post_id) ? '' : ", " . POSTS_TABLE . " p, " . POSTS_TABLE . " p2 ";
-$join_sql = (!$post_id) ? "t.topic_id = $topic_id" : "p.post_id = $post_id AND t.topic_id = p.topic_id AND p2.topic_id = p.topic_id AND p2.post_id <= $post_id";
-$count_sql = (!$post_id) ? '' : ", COUNT(p2.post_id) AS prev_posts";
+$join_sql_table = ( empty($post_id) ) ? '' : ", " . POSTS_TABLE . " p, " . POSTS_TABLE . " p2 ";
+$join_sql = ( empty($post_id) ) ? "t.topic_id = $topic_id" : "p.post_id = $post_id AND t.topic_id = p.topic_id AND p2.topic_id = p.topic_id AND p2.post_id <= $post_id";
+$count_sql = ( empty($post_id) ) ? '' : ", COUNT(p2.post_id) AS prev_posts";
 
-$order_sql = (!$post_id) ? '' : "GROUP BY p.post_id, t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, t.topic_type, t.topic_vote, t.topic_last_post_id, f.forum_name, f.forum_status, f.forum_id, f.auth_view, f.auth_read, f.auth_post, f.auth_reply, f.auth_edit, f.auth_delete, f.auth_sticky, f.auth_announce, f.auth_pollcreate, f.auth_vote, f.auth_attachments ORDER BY p.post_id ASC";
+$order_sql = ( empty($post_id) ) ? '' : "GROUP BY p.post_id, t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, t.topic_type, t.topic_vote, t.topic_last_post_id, f.forum_name, f.forum_status, f.forum_id, f.auth_view, f.auth_read, f.auth_post, f.auth_reply, f.auth_edit, f.auth_delete, f.auth_sticky, f.auth_announce, f.auth_pollcreate, f.auth_vote, f.auth_attachments ORDER BY p.post_id ASC";
 
 $sql = "SELECT t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, t.topic_type, t.topic_vote, t.topic_last_post_id, f.forum_name, f.forum_status, f.forum_id, f.auth_view, f.auth_read, f.auth_post, f.auth_reply, f.auth_edit, f.auth_delete, f.auth_sticky, f.auth_announce, f.auth_pollcreate, f.auth_vote, f.auth_attachments" . $count_sql . "
 	FROM " . TOPICS_TABLE . " t, " . FORUMS_TABLE . " f" . $join_sql_table . "
@@ -183,8 +181,8 @@ if( !$is_auth['auth_view'] || !$is_auth['auth_read'] )
 {
 	if ( !$userdata['session_logged_in'] )
 	{
-		$redirect = ($post_id) ? POST_POST_URL . "=$post_id" : POST_TOPIC_URL . "=$topic_id";
-		$redirect .= ($start) ? "&start=$start" : '';
+		$redirect = ( isset($post_id) ) ? POST_POST_URL . "=$post_id" : POST_TOPIC_URL . "=$topic_id";
+		$redirect .= ( isset($start) ) ? "&start=$start" : '';
 		redirect(append_sid("login.$phpEx?redirect=viewtopic.$phpEx&$redirect", true));
 	}
 
@@ -201,7 +199,7 @@ $topic_title = $forum_topic_data['topic_title'];
 $topic_id = intval($forum_topic_data['topic_id']);
 $topic_time = $forum_topic_data['topic_time'];
 
-if ($post_id)
+if ( !empty($post_id) )
 {
 	$start = floor(($forum_topic_data['prev_posts'] - 1) / intval($board_config['posts_per_page'])) * intval($board_config['posts_per_page']);
 }
@@ -491,7 +489,7 @@ if (isset($HTTP_GET_VARS['highlight']))
 	{
 		if (trim($words[$i]) != '')
 		{
-			$highlight_match .= (($highlight_match != '') ? '|' : '') . str_replace('*', '\w*', preg_quote($words[$i], '#'));
+			$highlight_match .= (($highlight_match != '') ? '|' : '') . str_replace('*', '\w*', phpbb_preg_quote($words[$i], '#'));
 		}
 	}
 	unset($words);
@@ -991,8 +989,8 @@ for($i = 0; $i < $total_posts; $i++)
 	$quote = '<a href="' . $temp_url . '">' . $lang['Reply_with_quote'] . '</a>';
 
 	$temp_url = append_sid("search.$phpEx?search_author=" . urlencode($postrow[$i]['username']) . "&amp;showresults=posts");
-	$search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . sprintf($lang['Search_user_posts'], $postrow[$i]['username']) . '" title="' . sprintf($lang['Search_user_posts'], $postrow[$i]['username']) . '" border="0" /></a>';
-	$search = '<a href="' . $temp_url . '">' . sprintf($lang['Search_user_posts'], $postrow[$i]['username']) . '</a>';
+	$search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . $lang['Search_user_posts'] . '" title="' . $lang['Search_user_posts'] . '" border="0" /></a>';
+	$search = '<a href="' . $temp_url . '">' . $lang['Search_user_posts'] . '</a>';
 
 	if ( ( $userdata['user_id'] == $poster_id && $is_auth['auth_edit'] ) || $is_auth['auth_mod'] )
 	{
@@ -1067,14 +1065,17 @@ for($i = 0; $i < $total_posts; $i++)
 	//
 	// Parse message and/or sig for BBCode if reqd
 	//
-	if ($user_sig != '' && $user_sig_bbcode_uid != '')
+	if ( $board_config['allow_bbcode'] )
 	{
-		$user_sig = ($board_config['allow_bbcode']) ? bbencode_second_pass($user_sig, $user_sig_bbcode_uid) : preg_replace("/\:$user_sig_bbcode_uid/si", '', $user_sig);
-	}
+		if ( $user_sig != '' && $user_sig_bbcode_uid != '' )
+		{
+			$user_sig = ( $board_config['allow_bbcode'] ) ? bbencode_second_pass($user_sig, $user_sig_bbcode_uid) : preg_replace('/\:[0-9a-z\:]+\]/si', ']', $user_sig);
+		}
 
-	if ($bbcode_uid != '')
-	{
-		$message = ($board_config['allow_bbcode']) ? bbencode_second_pass($message, $bbcode_uid) : preg_replace("/\:$bbcode_uid/si", '', $message);
+		if ( $bbcode_uid != '' )
+		{
+			$message = ( $board_config['allow_bbcode'] ) ? bbencode_second_pass($message, $bbcode_uid) : preg_replace('/\:[0-9a-z\:]+\]/si', ']', $message);
+		}
 	}
 
 	if ( $user_sig != '' )
@@ -1104,8 +1105,9 @@ for($i = 0; $i < $total_posts; $i++)
 	//
 	if ($highlight_match)
 	{
-		// This has been back-ported from 3.0 CVS
-		$message = preg_replace('#(?!<.*)(?<!\w)(' . $highlight_match . ')(?!\w|[^<>]*>)#i', '<b style="color:#'.$theme['fontcolor3'].'">\1</b>', $message);
+		// This was shamelessly 'borrowed' from volker at multiartstudio dot de
+		// via php.net's annotated manual
+		$message = str_replace('\"', '"', substr(@preg_replace('#(\>(((?>([^><]+|(?R)))*)\<))#se', "@preg_replace('#\b(" . str_replace('\\', '\\\\', addslashes($highlight_match)) . ")\b#i', '<span style=\"color:#" . $theme['fontcolor3'] . "\"><b>\\\\1</b></span>', '\\0')", '>' . $message . '<'), 1, -1));
 	}
 
 	//