This commit was manufactured by cvs2svn to create tag

'release_3_0_0'.

git-svn-id: file:///svn/phpbb/tags/release_3_0_0@8279 89ea8834-ac86-4346-8a33-228a782c2dd0

phpBB/adm/index.php

@@ -1,10 +1,10 @@
 <?php
-/** 
+/**
 *
 * @package acp
 * @version $Id$
-* @copyright (c) 2005 phpBB Group 
-* @license http://opensource.org/licenses/gpl-license.php GNU Public License 
+* @copyright (c) 2005 phpBB Group
+* @license http://opensource.org/licenses/gpl-license.php GNU Public License
 *
 */
 
@@ -15,7 +15,7 @@ define('ADMIN_START', true);
 define('NEED_SID', true);
 
 // Include files
-$phpbb_root_path = './../';
+$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './../';
 $phpEx = substr(strrchr(__FILE__, '.'), 1);
 require($phpbb_root_path . 'common.' . $phpEx);
 require($phpbb_root_path . 'includes/functions_admin.' . $phpEx);
@@ -27,12 +27,6 @@ $auth->acl($user->data);
 $user->setup('acp/common');
 // End session management
 
-// Did user forget to login? Give 'em a chance to here ...
-if ($user->data['user_id'] == ANONYMOUS)
-{
-	login_box('', $user->lang['LOGIN_ADMIN'], $user->lang['LOGIN_ADMIN_SUCCESS'], true);
-}
-
 // Have they authenticated (again) as an admin for this session?
 if (!isset($user->data['session_admin']) || !$user->data['session_admin'])
 {
@@ -43,12 +37,12 @@ if (!isset($user->data['session_admin']) || !$user->data['session_admin'])
 // check specific permissions but this is a catchall
 if (!$auth->acl_get('a_'))
 {
-	trigger_error($user->lang['NO_ADMIN']);
+	trigger_error('NO_ADMIN');
 }
 
 // We define the admin variables now, because the user is now able to use the admin related features...
 define('IN_ADMIN', true);
-$phpbb_admin_path = './';
+$phpbb_admin_path = (defined('PHPBB_ADMIN_PATH')) ? PHPBB_ADMIN_PATH : './';
 
 // Some oft used variables
 $safe_mode		= (@ini_get('safe_mode') || @strtolower(ini_get('safe_mode')) == 'on') ? true : false;
@@ -83,8 +77,8 @@ $module->load_active();
 adm_page_header($module->get_page_title());
 
 $template->set_filenames(array(
-	'body' => $module->get_tpl_name())
-);
+	'body' => $module->get_tpl_name(),
+));
 
 adm_page_footer();
 
@@ -147,6 +141,8 @@ function adm_page_header($page_title)
 		'S_USER_LANG'			=> $user->lang['USER_LANG'],
 		'S_CONTENT_DIRECTION'	=> $user->lang['DIRECTION'],
 		'S_CONTENT_ENCODING'	=> 'UTF-8',
+		'S_CONTENT_FLOW_BEGIN'	=> ($user->lang['DIRECTION'] == 'ltr') ? 'left' : 'right',
+		'S_CONTENT_FLOW_END'	=> ($user->lang['DIRECTION'] == 'ltr') ? 'right' : 'left',
 	));
 
 	// application/xhtml+xml not used because of IE
@@ -208,8 +204,7 @@ function adm_page_footer($copyright_html = true)
 	$template->display('body');
 
 	garbage_collection();
-
-	exit;
+	exit_handler();
 }
 
 /**
@@ -281,7 +276,7 @@ function build_cfg_template($tpl_type, $key, &$new, $config_key, $vars)
 			$size = (int) $tpl_type[1];
 			$maxlength = (int) $tpl_type[2];
 
-			$tpl = '<input id="' . $key . '" type="text"' . (($size) ? ' size="' . $size . '"' : '') . ' maxlength="' . (($maxlength) ? $maxlength : 255) . '" name="config[' . $config_key . '_height]" value="' . $new[$config_key . '_height'] . '" /> x <input type="text"' . (($size) ? ' size="' . $size . '"' : '') . ' maxlength="' . (($maxlength) ? $maxlength : 255) . '" name="config[' . $config_key . '_width]" value="' . $new[$config_key . '_width'] . '" />';
+			$tpl = '<input id="' . $key . '" type="text"' . (($size) ? ' size="' . $size . '"' : '') . ' maxlength="' . (($maxlength) ? $maxlength : 255) . '" name="config[' . $config_key . '_width]" value="' . $new[$config_key . '_width'] . '" /> x <input type="text"' . (($size) ? ' size="' . $size . '"' : '') . ' maxlength="' . (($maxlength) ? $maxlength : 255) . '" name="config[' . $config_key . '_height]" value="' . $new[$config_key . '_height'] . '" />';
 		break;
 
 		case 'textarea':
@@ -481,7 +476,7 @@ function validate_config_vars($config_vars, &$cfg_array, &$error)
 				$cfg_array[$config_name] = trim($cfg_array[$config_name]);
 
 				// Make sure no NUL byte is present...
-				if (strpos($cfg_array[$config_name], '\0') !== false || strpos($cfg_array[$config_name], '%00') !== false)
+				if (strpos($cfg_array[$config_name], "\0") !== false || strpos($cfg_array[$config_name], '%00') !== false)
 				{
 					$cfg_array[$config_name] = '';
 					break;

phpBB/adm/style/acp_attachments.html

@@ -3,7 +3,7 @@
 <a name="maincontent"></a>
 
 <!-- IF U_BACK -->
-	<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
+	<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
 <!-- ENDIF -->
 
 <h1>{L_TITLE}</h1>
@@ -16,7 +16,7 @@
 		<p>{WARNING_MSG}</p>
 	</div>
 <!-- ENDIF -->
-	
+
 <!-- IF S_NOTIFY -->
 	<div class="successbox">
 		<h3>{L_NOTIFY}</h3>
@@ -109,16 +109,15 @@
 	<!-- ELSE -->
 		<p>{L_NO_IPS_DEFINED}</p>
 	<!-- ENDIF -->
+	{S_FORM_TOKEN}
 	</fieldset>
-
 	</form>
 
 <!-- ELSEIF S_EXTENSION_GROUPS -->
 
 	<!-- IF S_EDIT_GROUP -->
 		<script type="text/javascript" defer="defer">
-		<!--
-
+		// <![CDATA[
 			function update_image(newimage)
 			{
 				if (newimage == 'no_image')
@@ -163,7 +162,7 @@
 				}
 			}
 
-		//-->
+		// ]]>
 		</script>
 
 		<form id="extgroups" method="post" action="{U_ACTION}">
@@ -215,7 +214,7 @@
 			<input class="button1" type="submit" id="submit" name="submit" value="{L_SUBMIT}" />&nbsp;
 			<input class="button2" type="reset" id="reset" name="reset" value="{L_RESET}" />
 		</p>
-
+		{S_FORM_TOKEN}
 		</fieldset>
 
 		</form>
@@ -255,9 +254,10 @@
 		</tbody>
 		</table>
 		<p class="quick">
-				{L_CREATE_GROUP}: <input type="text" name="group_name" maxlength="30" /> 
+				{L_CREATE_GROUP}: <input type="text" name="group_name" maxlength="30" />
 				<input class="button2" name="add" type="submit" value="{L_SUBMIT}" />
 		</p>
+		{S_FORM_TOKEN}
 		</fieldset>
 		</form>
 
@@ -280,10 +280,10 @@
 	<p class="quick">
 		<input type="submit" id="add_extension_check" name="add_extension_check" class="button2" value="{L_SUBMIT}" />
 	</p>
+	{S_FORM_TOKEN}
 	</fieldset>
-
 	</form>
-	
+
 	<br />
 
 	<form id="change_ext" method="post" action="{U_ACTION}">
@@ -307,7 +307,7 @@
 			<td class="spacer" colspan="3">&nbsp;</td>
 		</tr>
 		<!-- ENDIF -->
-		<tr> 
+		<tr>
 			<td><strong>{extensions.EXTENSION}</strong></td>
 			<td>{extensions.GROUP_OPTIONS}</td>
 			<td><input type="checkbox" class="radio" name="extension_id_list[]" value="{extensions.EXTENSION_ID}" /><input type="hidden" name="extension_change_list[]" value="{extensions.EXTENSION_ID}" /></td>
@@ -320,8 +320,8 @@
 		<input class="button1" type="submit" id="submit" name="submit" value="{L_SUBMIT}" />&nbsp;
 		<input class="button2" type="reset" id="reset" name="reset" value="{L_RESET}" />
 	</p>
+	{S_FORM_TOKEN}
 	</fieldset>
-	
 	</form>
 
 <!-- ELSEIF S_ORPHAN -->
@@ -367,11 +367,10 @@
 		<input class="button1" type="submit" id="submit" name="submit" value="{L_SUBMIT}" />&nbsp;
 		<input class="button2" type="reset" id="reset" name="reset" value="{L_RESET}" />
 	</p>
-
+	{S_FORM_TOKEN}
 	</fieldset>
-
 	</form>
 
 <!-- ENDIF -->
 
-<!-- INCLUDE overall_footer.html -->
+<!-- INCLUDE overall_footer.html -->

phpBB/adm/style/acp_ban.html

@@ -9,34 +9,34 @@
 <p>{L_EXPLAIN}</p>
 
 <script type="text/javascript">
-<!--
+// <![CDATA[
 
 	var ban_length = new Array();
 		ban_length[-1] = '';
 	<!-- BEGIN ban_length -->
-		ban_length['{ban_length.BAN_ID}'] = "{ban_length.A_LENGTH}";
+		ban_length['{ban_length.BAN_ID}'] = '{ban_length.A_LENGTH}';
 	<!-- END ban_length -->
 
 	var ban_reason = new Array();
 		ban_reason[-1] = '';
 	<!-- BEGIN ban_reason -->
-		ban_reason['{ban_reason.BAN_ID}'] = "{ban_reason.A_REASON}";
+		ban_reason['{ban_reason.BAN_ID}'] = '{ban_reason.A_REASON}';
 	<!-- END ban_reason -->
 
 	var ban_give_reason = new Array();
 		ban_give_reason[-1] = '';
 	<!-- BEGIN ban_give_reason -->
-		ban_give_reason['{ban_give_reason.BAN_ID}'] = "{ban_give_reason.A_REASON}";
+		ban_give_reason['{ban_give_reason.BAN_ID}'] = '{ban_give_reason.A_REASON}';
 	<!-- END ban_give_reason -->
 
 	function display_details(option)
 	{
-		document.getElementById('acp_ban').unbangivereason.value = ban_give_reason[option];
-		document.getElementById('acp_ban').unbanreason.value = ban_reason[option];
-		document.getElementById('acp_ban').unbanlength.value = ban_length[option];
+		document.getElementById('acp_unban').unbangivereason.value = ban_give_reason[option];
+		document.getElementById('acp_unban').unbanreason.value = ban_reason[option];
+		document.getElementById('acp_unban').unbanlength.value = ban_length[option];
 	}
 
-//-->
+// ]]>
 </script>
 
 <form id="acp_ban" method="post" action="{U_ACTION}">
@@ -46,7 +46,7 @@
 <dl>
 	<dt><label for="ban">{L_BAN_CELL}:</label></dt>
 	<dd><textarea name="ban" cols="40" rows="3" id="ban"></textarea></dd>
-	<!-- IF S_USERNAME_BAN --><dd>[ <a href="#" onclick="window.open('{U_FIND_USER}', '_phpbbsearch', 'height=500, resizable=yes, scrollbars=yes, width=740'); return false;">{L_FIND_USERNAME}</a> ]</dd><!-- ENDIF -->
+	<!-- IF S_USERNAME_BAN --><dd>[ <a href="{U_FIND_USERNAME}" onclick="find_username(this.href); return false;">{L_FIND_USERNAME}</a> ]</dd><!-- ENDIF -->
 </dl>
 <dl>
 	<dt><label for="banlength">{L_BAN_LENGTH}:</label></dt>
@@ -71,7 +71,9 @@
 	<input class="button1" type="submit" id="bansubmit" name="bansubmit" value="{L_SUBMIT}" />&nbsp;
 	<input class="button2" type="reset" id="banreset" name="banreset" value="{L_RESET}" />
 </p>
+{S_FORM_TOKEN}
 </fieldset>
+</form>
 
 <br /><br />
 
@@ -79,6 +81,8 @@
 
 <p>{L_UNBAN_EXPLAIN}</p>
 
+<form id="acp_unban" method="post" action="{U_ACTION}">
+
 <fieldset>
 	<legend>{L_UNBAN_TITLE}</legend>
 
@@ -104,15 +108,17 @@
 		<input class="button1" type="submit" id="unbansubmit" name="unbansubmit" value="{L_SUBMIT}" />&nbsp;
 		<input class="button2" type="reset" id="unbanreset" name="unbanreset" value="{L_RESET}" />
 	</p>
+	{S_FORM_TOKEN}
 	</fieldset>
 
 <!-- ELSE -->
 
 	<p>{L_NO_BAN_CELL}</p>
+	{S_FORM_TOKEN}
 </fieldset>
 
 <!-- ENDIF -->
 
 </form>
 
-<!-- INCLUDE overall_footer.html -->
+<!-- INCLUDE overall_footer.html -->

phpBB/adm/style/acp_bbcodes.html

@@ -4,7 +4,7 @@
 
 <!-- IF S_EDIT_BBCODE -->
 
-	<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
+	<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
 
 	<h1>{L_ACP_BBCODES}</h1>
 
@@ -51,6 +51,7 @@
 		<legend>{L_SUBMIT}</legend>
 		<input class="button1" type="submit" id="submit" name="submit" value="{L_SUBMIT}" />&nbsp;
 		<input class="button2" type="reset" id="reset" name="reset" value="{L_RESET}" />
+		{S_FORM_TOKEN}
 	</fieldset>
 	
 	<br />
@@ -77,7 +78,6 @@
 	<!-- END token -->
 	</tbody>
 	</table>
-
 	</form>
 
 <!-- ELSE -->
@@ -110,6 +110,7 @@
 	<p class="quick">
 		<input class="button2" name="submit" type="submit" value="{L_ADD_BBCODE}" />
 	</p>
+	{S_FORM_TOKEN}
 	</fieldset>
 
 	</form>

phpBB/adm/style/acp_board.html

@@ -37,14 +37,13 @@
 		{auth_tpl.TPL}
 	<!-- END auth_tpl -->
 <!-- ENDIF -->
-</fieldset>
 
-<fieldset class="submit-buttons">
-	<legend>{L_SUBMIT}</legend>
-	<input class="button1" type="submit" id="submit" name="submit" value="{L_SUBMIT}" />&nbsp;
-	<input class="button2" type="reset" id="reset" name="reset" value="{L_RESET}" />
+	<p class="submit-buttons">
+		<input class="button1" type="submit" id="submit" name="submit" value="{L_SUBMIT}" />&nbsp;
+		<input class="button2" type="reset" id="reset" name="reset" value="{L_RESET}" />
+	</p>
+	{S_FORM_TOKEN}
 </fieldset>
-
 </form>
 
 <!-- INCLUDE overall_footer.html -->

phpBB/adm/style/acp_bots.html

@@ -4,7 +4,7 @@
 
 <!-- IF S_EDIT_BOT -->
 
-	<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
+	<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
 
 	<h1>{L_TITLE}</h1>
 
@@ -49,9 +49,9 @@
 	<p class="submit-buttons">
 		<input class="button1" type="submit" id="submit" name="submit" value="{L_SUBMIT}" />&nbsp;
 		<input class="button2" type="reset" id="reset" name="reset" value="{L_RESET}" />
+		{S_FORM_TOKEN}
 	</p>
 	</fieldset>
-
 	</form>
 
 <!-- ELSE -->
@@ -85,16 +85,16 @@
 	</tbody>
 	</table>
 
-	<fieldset class="quick" style="float: left;">
+	<fieldset class="quick" style="float: {S_CONTENT_FLOW_BEGIN};">
 		<input class="button2" name="add" type="submit" value="{L_BOT_ADD}" />
 	</fieldset>
 
-	<fieldset class="quick" style="float: right;">
+	<fieldset class="quick" style="float: {S_CONTENT_FLOW_END};">
 		<select name="action">{S_BOT_OPTIONS}</select>
 		<input class="button2" name="submit" type="submit" value="{L_SUBMIT}" />
 		<p class="small"><a href="#" onclick="marklist('acp_bots', 'mark', true);">{L_MARK_ALL}</a> &bull; <a href="#" onclick="marklist('acp_bots', 'mark', false);">{L_UNMARK_ALL}</a></p>
+		{S_FORM_TOKEN}
 	</fieldset>
-
 	</form>
 
 <!-- ENDIF -->

phpBB/adm/style/acp_captcha.html

@@ -63,8 +63,8 @@
 	<input class="button1" type="submit" id="submit" name="submit" value="{L_SUBMIT}" />&nbsp;
 	<input class="button2" type="reset" id="reset" name="reset" value="{L_RESET}" />&nbsp;
 	<input class="button2" type="submit" id="preview" name="preview" value="{L_PREVIEW}" />
+	{S_FORM_TOKEN}
 </fieldset>
-
 </form>
 
 <!-- INCLUDE overall_footer.html -->

phpBB/adm/style/acp_database.html

@@ -23,7 +23,7 @@
 			<input class="button2" type="submit" id="download" name="download" value="{L_DOWNLOAD_BACKUP}" />
 		</p>
 	<!-- ENDIF -->
-
+		{S_FORM_TOKEN}
 	</fieldset>
 	</form>
 
@@ -33,7 +33,7 @@
 	<p>{L_ACP_BACKUP_EXPLAIN}</p>
 
 	<script type="text/javascript">
-	<!--
+	// <![CDATA[
 
 		function selector(bool)
 		{
@@ -45,7 +45,7 @@
 			}
 		}
 
-	//-->
+	// ]]>
 	</script>
 
 	<form id="acp_backup" method="post" action="{U_ACTION}">
@@ -84,8 +84,8 @@
 		<input class="button1" type="submit" id="submit" name="submit" value="{L_SUBMIT}" />&nbsp;
 		<input class="button2" type="reset" id="reset" name="reset" value="{L_RESET}" />
 	</p>
+	{S_FORM_TOKEN}
 	</fieldset>
-
 	</form>
 
 <!-- ENDIF -->

phpBB/adm/style/acp_disallow.html

@@ -4,7 +4,7 @@
 
 <h1>{L_ACP_DISALLOW_USERNAMES}</h1>
 
-<p>{L_ADD_DISALLOW_EXPLAIN}</p>
+<p>{L_ACP_DISALLOW_EXPLAIN}</p>
 
 <form id="acp_disallow" method="post" action="{U_ACTION}">
 
@@ -38,8 +38,8 @@
 <!-- ELSE -->
 	<p>{L_NO_DISALLOWED}</p>
 <!-- ENDIF -->
+	{S_FORM_TOKEN}
 </fieldset>
-
 </form>
 
 <!-- INCLUDE overall_footer.html -->

phpBB/adm/style/acp_email.html

@@ -24,7 +24,7 @@
 <dl>
 	<dt><label for="usernames">{L_SEND_TO_USERS}:</label><br /><span>{L_SEND_TO_USERS_EXPLAIN}</span></dt>
 	<dd><textarea name="usernames" id="usernames" rows="5" cols="40">{USERNAMES}</textarea></dd>
-	<dd>[ <a href="{U_FIND_USERNAME}" onclick="find_username(); return false;">{L_FIND_USERNAME}</a> ]</dd>
+	<dd>[ <a href="{U_FIND_USERNAME}" onclick="find_username(this.href); return false;">{L_FIND_USERNAME}</a> ]</dd>
 </dl>
 <dl>
 	<dt><label for="subject">{L_SUBJECT}:</label></dt>
@@ -47,8 +47,8 @@
 	<input class="button1" type="submit" id="submit" name="submit" value="{L_EMAIL}" />&nbsp;
 	<input class="button2" type="reset" id="reset" name="reset" value="{L_RESET}" />
 </p>
+{S_FORM_TOKEN}
 </fieldset>
-
 </form>
 
 <!-- INCLUDE overall_footer.html -->

phpBB/adm/style/acp_forums.html

@@ -5,8 +5,7 @@
 <!-- IF S_EDIT_FORUM -->
 
 	<script type="text/javascript">
-	<!--
-
+	// <![CDATA[
 		/**
 		* Handle displaying/hiding several options based on the forum type
 		*/
@@ -92,10 +91,10 @@
 			<!-- ENDIF -->
 		}
 
-	//-->
+	// ]]>
 	</script>
 
-	<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
+	<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
 
 	<h1>{L_TITLE} :: {FORUM_NAME}</h1>
 
@@ -120,8 +119,8 @@
 	<div id="type_actions">
 		<dl>
 			<dt><label for="type_action">{L_DECIDE_MOVE_DELETE_CONTENT}:</label></dt>
-			<dd><label><input type="radio" class="radio" id="type_action" name="type_action" value="delete" checked="checked" /> {L_DELETE_ALL_POSTS}</label></dd>
-			<!-- IF S_MOVE_FORUM_OPTIONS --><dd><label><input type="radio" class="radio" name="type_action" value="move" /> {L_MOVE_POSTS_TO}</label> <select name="to_forum_id">{S_MOVE_FORUM_OPTIONS}</select></dd><!-- ENDIF -->
+			<dd><label><input type="radio" class="radio" name="type_action" value="delete"<!-- IF not S_MOVE_FORUM_OPTIONS --> checked="checked" id="type_action"<!-- ENDIF --> /> {L_DELETE_ALL_POSTS}</label></dd>
+			<!-- IF S_MOVE_FORUM_OPTIONS --><dd><label><input type="radio" class="radio" name="type_action" id="type_action" value="move" checked="checked" /> {L_MOVE_POSTS_TO}</label> <select name="to_forum_id">{S_MOVE_FORUM_OPTIONS}</select></dd><!-- ENDIF -->
 		</dl>
 	</div>
 	<!-- ENDIF -->
@@ -161,20 +160,28 @@
 	</dl>
 	<dl>
 		<dt><label for="forum_password">{L_FORUM_PASSWORD}:</label><br /><span>{L_FORUM_PASSWORD_EXPLAIN}</span></dt>
-		<dd><input type="password" id="forum_password" name="forum_password" value="{FORUM_PASSWORD}" /></dd>
+		<dd><input type="password" id="forum_password" name="forum_password" value="<!-- IF S_FORUM_PASSWORD_SET -->&#x20;&#x20;&#x20;&#x20;&#x20;&#x20;<!-- ENDIF -->" /></dd>
 	</dl>
 	<dl>
 		<dt><label for="forum_password_confirm">{L_FORUM_PASSWORD_CONFIRM}:</label><br /><span>{L_FORUM_PASSWORD_CONFIRM_EXPLAIN}</span></dt>
-		<dd><input type="password" id="forum_password_confirm" name="forum_password_confirm" value="{FORUM_PASSWORD_CONFIRM}" /></dd>
+		<dd><input type="password" id="forum_password_confirm" name="forum_password_confirm" value="<!-- IF S_FORUM_PASSWORD_SET -->&#x20;&#x20;&#x20;&#x20;&#x20;&#x20;<!-- ENDIF -->" /></dd>
 	</dl>
+	<!-- IF S_FORUM_PASSWORD_SET -->
+	<dl>
+		<dt><label for="forum_password_unset">{L_FORUM_PASSWORD_UNSET}:</label><br /><span>{L_FORUM_PASSWORD_UNSET_EXPLAIN}</span></dt>
+		<dd><input id="forum_password_unset" name="forum_password_unset" type="checkbox" /></dd>
+	</dl>
+	<!-- ENDIF -->
 	<dl>
 		<dt><label for="forum_style">{L_FORUM_STYLE}:</label></dt>
 		<dd><select id="forum_style" name="forum_style"><option value="0">{L_DEFAULT_STYLE}</option>{S_STYLES_OPTIONS}</select></dd>
 	</dl>
-	<dl>
-		<dt><label for="forum_perm_from">{L_COPY_PERMISSIONS}:</label><br /><span>{L_COPY_PERMISSIONS_EXPLAIN}</span></dt>
-		<dd><select id="forum_perm_from" name="forum_perm_from"><option value="0">{L_NO_PERMISSIONS}</option>{S_FORUM_OPTIONS}</select></dd>
-	</dl>
+	<!-- IF S_CAN_COPY_PERMISSIONS -->
+		<dl>
+			<dt><label for="forum_perm_from">{L_COPY_PERMISSIONS}:</label><br /><span>{L_COPY_PERMISSIONS_EXPLAIN}</span></dt>
+			<dd><select id="forum_perm_from" name="forum_perm_from"><option value="0">{L_NO_PERMISSIONS}</option>{S_FORUM_OPTIONS}</select></dd>
+		</dl>
+	<!-- ENDIF -->
 	</fieldset>
 
 	<div id="forum_cat_options">
@@ -310,13 +317,13 @@
 		<legend>{L_SUBMIT}</legend>
 		<input class="button1" type="submit" id="submit" name="update" value="{L_SUBMIT}" />&nbsp;
 		<input class="button2" type="reset" id="reset" name="reset" value="{L_RESET}" />
+		{S_FORM_TOKEN}
 	</fieldset>
-
 	</form>
 
 <!-- ELSEIF S_DELETE_FORUM -->
 
-	<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
+	<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
 
 	<h1>{L_FORUM_DELETE}</h1>
 
@@ -359,19 +366,18 @@
 	<p class="quick">
 		<input class="button1" type="submit" name="update" value="{L_SUBMIT}" />
 	</p>
+	{S_FORM_TOKEN}
 	</fieldset>
-
 	</form>
 
 <!-- ELSEIF S_CONTINUE_SYNC -->
 
 	<script type="text/javascript">
-	<!--
-
+	// <![CDATA[
 		var close_waitscreen = 0;
-		window.open('{UA_PROGRESS_BAR}', '_sync', 'height=240, resizable=yes, scrollbars=no, width=400');
-
-	//-->
+		// no scrollbars...
+		popup('{UA_PROGRESS_BAR}', 400, 240, '_sync');
+	// ]]>
 	</script>
 
 	<h1>{L_FORUM_ADMIN}</h1>
@@ -383,18 +389,17 @@
 <!-- ELSE -->
 
 	<script type="text/javascript">
-	<!--
-
+	// <![CDATA[
 		/**
 		* Popup search progress bar
 		*/
 		function popup_progress_bar()
 		{
 			var close_waitscreen = 0;
-			window.open('{UA_PROGRESS_BAR}', '_sync', 'height=240, resizable=yes, scrollbars=no, width=400');
+			// no scrollbars...
+			popup('{UA_PROGRESS_BAR}', 400, 240, '_sync');
 		}
-
-	//-->
+	// ]]>
 	</script>
 
 	<h1>{L_FORUM_ADMIN}</h1>
@@ -410,9 +415,9 @@
 
 	<!-- IF S_RESYNCED -->
 		<script type="text/javascript">
-		<!--
+		// <![CDATA[
 			var close_waitscreen = 1;
-		//-->
+		// ]]>
 		</script>
 
 		<div class="successbox">
@@ -431,7 +436,7 @@
 			<tr>
 				<td style="width: 5%; text-align: center;">{forums.FOLDER_IMAGE}</td>
 				<td>
-					<!-- IF forums.FORUM_IMAGE --><div style="float: left; margin-right: 5px;">{forums.FORUM_IMAGE}</div><!-- ENDIF -->
+					<!-- IF forums.FORUM_IMAGE --><div style="float: {S_CONTENT_FLOW_BEGIN}; margin-right: 5px;">{forums.FORUM_IMAGE}</div><!-- ENDIF -->
 					<strong><!-- IF forums.S_FORUM_LINK -->{forums.FORUM_NAME}<!-- ELSE --><a href="{forums.U_FORUM}">{forums.FORUM_NAME}</a><!-- ENDIF --></strong>
 					<!-- IF forums.FORUM_DESCRIPTION --><br /><span>{forums.FORUM_DESCRIPTION}</span><!-- ENDIF -->
 					<!-- IF forums.S_FORUM_POST --><br /><br /><span>{L_TOPICS}: <strong>{forums.FORUM_TOPICS}</strong> / {L_POSTS}: <b>{forums.FORUM_POSTS}</b></span><!-- ENDIF -->
@@ -470,8 +475,8 @@
 		{L_SELECT_FORUM}: <select name="parent_id" onchange="if(this.options[this.selectedIndex].value != -1){ this.form.submit(); }">{FORUM_BOX}</select>
 
 		<input class="button2" type="submit" value="{L_GO}" />
+		{S_FORM_TOKEN}
 	</fieldset>
-
 	</form>
 
 	<form id="forums" method="post" action="{U_ACTION}">
@@ -481,8 +486,8 @@
 
 		<input type="text" name="forum_name" value="" maxlength="255" />
 		<input class="button2" name="addforum" type="submit" value="{L_CREATE_FORUM}" />
+		{S_FORM_TOKEN}
 	</fieldset>
-
 	</form>
 
 <!-- ENDIF -->

phpBB/adm/style/acp_groups.html

@@ -4,7 +4,7 @@
 
 <!-- IF S_EDIT -->
 
-	<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
+	<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
 
 	<h1>{L_ACP_GROUPS_MANAGE}</h1>
 
@@ -76,7 +76,7 @@
 	</dl>
 	<dl>
 		<dt><label for="group_colour">{L_GROUP_COLOR}:</label><br /><span>{L_GROUP_COLOR_EXPLAIN}</span></dt>
-		<dd><input name="group_colour" type="text" id="group_colour" value="{GROUP_COLOUR}" size="6" maxlength="6" />&nbsp;&nbsp;<span>[ <a href="#" onclick="swatch(); return false">{L_COLOUR_SWATCH}</a> ]</span></dd>
+		<dd><input name="group_colour" type="text" id="group_colour" value="{GROUP_COLOUR}" size="6" maxlength="6" />&nbsp;&nbsp;<span>[ <a href="{U_SWATCH}" onclick="popup(this.href, 636, 150, '_swatch'); return false">{L_COLOUR_SWATCH}</a> ]</span></dd>
 	</dl>
 	<dl>
 		<dt><label for="group_rank">{L_GROUP_RANK}:</label></dt>
@@ -154,13 +154,13 @@
 		<legend>{L_SUBMIT}</legend>
 		<input class="button1" type="submit" id="submit" name="update" value="{L_SUBMIT}" />&nbsp;
 		<input class="button2" type="reset" id="reset" name="reset" value="{L_RESET}" />
+		{S_FORM_TOKEN}
 	</fieldset>
-
 	</form>
 
 <!-- ELSEIF S_LIST -->
 
-	<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
+	<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
 
 	<h1>{L_GROUP_MEMBERS} :: {GROUP_NAME}</h1>
 
@@ -254,14 +254,14 @@
 	<dl>
 		<dt><label for="usernames">{L_USERNAME}:</label><br /><span>{L_USERNAMES_EXPLAIN}</span></dt>
 		<dd><textarea id="usernames" name="usernames" cols="40" rows="5"></textarea></dd>
-		<dd>[ <a href="{U_FIND_USERNAME}" onclick="find_username(); return false;">{L_FIND_USERNAME}</a> ]</dd>
+		<dd>[ <a href="{U_FIND_USERNAME}" onclick="find_username(this.href); return false;">{L_FIND_USERNAME}</a> ]</dd>
 	</dl>
 
 	<p class="quick">
 		<input class="button2" type="submit" name="addusers" value="{L_SUBMIT}" />
 	</p>
+	{S_FORM_TOKEN}
 	</fieldset>
-
 	</form>
 
 <!-- ELSE -->
@@ -309,8 +309,8 @@
 			{L_CREATE_GROUP}: <input type="text" name="group_name" value="" /> <input class="button2" type="submit" name="submit" value="{L_SUBMIT}" />
 			<input type="hidden" name="add" value="1" />
 		<!-- ENDIF -->
+		{S_FORM_TOKEN}
 	</fieldset>
-
 	</form>
 
 	<h1>{L_SPECIAL_GROUPS}</h1>

phpBB/adm/style/acp_icons.html

@@ -4,10 +4,10 @@
 
 <!-- IF S_EDIT -->
 
+	<script type="text/javascript" defer="defer">
+	// <![CDATA[
 	<!-- IF S_ADD_CODE -->
-		<script type="text/javascript" defer="defer">
-		<!--
-
+	
 			var smiley = Array();
 			<!-- BEGIN smile -->
 				smiley['{smile.SMILEY_URL}'] = Array();
@@ -22,7 +22,7 @@
 			{
 				var use_element = smiley[newimage];
 
-				document.getElementById('add_image_src').src = '{PHPBB_ROOT_PATH}{IMG_PATH}/' + newimage;
+				document.getElementById('add_image_src').src = '{PHPBB_ROOT_PATH}{IMG_PATH}/' + encodeURI(newimage);
 				document.getElementById('add_code').value = use_element['code'];
 				document.getElementById('add_emotion').value = use_element['emotion'];
 				document.getElementById('add_width').value = use_element['width'];
@@ -37,11 +37,33 @@
 					}
 				}
 			}
-		//-->
-		</script>
+		
 	<!-- ENDIF -->
 
-	<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
+	
+	function toggle_select(icon, display, select)
+	{
+		var disp = document.getElementById('order_disp[' + icon + ']');
+		var nodisp = document.getElementById('order_no_disp[' + icon + ']');
+		disp.disabled = !display;
+		nodisp.disabled = display;
+		if (display)
+		{
+			document.getElementById(select).selectedIndex = 0;
+			nodisp.className = 'disabled-options';
+			disp.className = '';
+		}
+		else
+		{
+			document.getElementById(select).selectedIndex = {S_ORDER_LIST_DISPLAY_COUNT};
+			disp.className = 'disabled-options';
+			nodisp.className = '';
+		}
+	}
+	// ]]>
+	</script>
+
+	<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
 
 	<h1>{L_TITLE}</h1>
 
@@ -89,13 +111,16 @@
 		<td><input class="text post" type="text" size="3" name="width[{items.IMG}]" value="{items.WIDTH}" /></td>
 		<td><input class="text post" type="text" size="3" name="height[{items.IMG}]" value="{items.HEIGHT}" /></td>
 		<td>
-			<input type="checkbox" class="radio" name="display_on_posting[{items.IMG}]"{items.POSTING_CHECKED} />
+			<input type="checkbox" class="radio" name="display_on_posting[{items.IMG}]"{items.POSTING_CHECKED} onclick="toggle_select('{items.A_IMG}', this.checked, 'order[{items.A_IMG}]');"/>
 			<!-- IF items.S_ID -->
 				<input type="hidden" name="id[{items.IMG}]" value="{items.ID}" />
 			<!-- ENDIF -->
 		</td>
 		<!-- IF ID or S_ADD -->
-			<td><select name="order[{items.IMG}]">{S_ORDER_LIST}</select></td>
+			<td><select id="order[{items.IMG}]" name="order[{items.IMG}]">
+				<optgroup id="order_disp[{items.IMG}]" label="{L_DISPLAY_POSTING}" <!-- IF not items.POSTING_CHECKED -->disabled="disabled" class="disabled-options" <!-- ENDIF -->>{S_ORDER_LIST_DISPLAY}</optgroup>
+				<optgroup id="order_no_disp[{items.IMG}]" label="{L_DISPLAY_POSTING_NO}" <!-- IF  items.POSTING_CHECKED -->disabled="disabled" class="disabled-options" <!-- ENDIF -->>{S_ORDER_LIST_UNDISPLAY}</optgroup>
+			</select></td>
 		<!-- ENDIF -->	
 		<!-- IF S_ADD -->
 			<td><input type="checkbox" class="radio" name="add_img[{items.IMG}]" value="1" /></td>
@@ -113,8 +138,11 @@
 		<td><input class="text post" type="text" name="add_emotion" id="add_emotion" value="{EMOTION}" size="10" maxlength="50" /></td>
 		<td><input class="text post" type="text" size="3" name="add_width" id="add_width" value="{WIDTH}" /></td>
 		<td><input class="text post" type="text" size="3" name="add_height" id="add_height" value="{HEIGHT}" /></td>
-		<td><input type="checkbox" class="radio" name="add_display_on_posting" checked="checked" /></td>
-		<td><select name="add_order" id="add_order">{S_ADD_ORDER_LIST}</select></td>
+		<td><input type="checkbox" class="radio" name="add_display_on_posting" checked="checked" onclick="toggle_select('add', this.checked, 'add_order');"/></td>
+ 		<td><select id="add_order" name="add_order">
+				<optgroup id="order_disp[add]" label="{L_DISPLAY_POSTING}">{S_ADD_ORDER_LIST_DISPLAY}</optgroup>
+				<optgroup id="order_no_disp[add]" label="{L_DISPLAY_POSTING_NO}" disabled="disabled" class="disabled-options" >{S_ADD_ORDER_LIST_UNDISPLAY}</optgroup>
+		</select></td>
 		<td><input type="checkbox" class="radio" name="add_additional_code" value="1" /></td>
 	</tr>
 	<!-- ENDIF -->
@@ -130,14 +158,13 @@
 		<input class="button1" type="submit" id="submit" name="submit" value="{L_SUBMIT}" />&nbsp;
 		<input class="button2" type="reset" id="reset" name="reset" value="{L_RESET}" />
 	</p>
-
+	{S_FORM_TOKEN}
 	</fieldset>
-
 	</form>
 
 <!-- ELSEIF S_CHOOSE_PAK -->
 
-	<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
+	<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
 
 	<h1>{L_TITLE}</h1>
 
@@ -166,8 +193,8 @@
 		<input class="button1" type="submit" id="import" name="import" value="{L_IMPORT_SUBMIT}" />
 	</p>
 	<!-- ENDIF -->
+	{S_FORM_TOKEN}
 	</fieldset>
-
 	</form>
 
 <!-- ELSE -->
@@ -228,8 +255,8 @@
 	<p class="quick">
 		<input class="button2" name="add" type="submit" value="{L_ICON_ADD}" />&nbsp; &nbsp;<input class="button2" type="submit" name="edit" value="{L_ICON_EDIT}" />
 	</p>
+	{S_FORM_TOKEN}
 	</fieldset>
-
 	</form>
 
 <!-- ENDIF -->

phpBB/adm/style/acp_inactive.html

@@ -60,12 +60,12 @@
 	<fieldset class="quick">
 		<select name="action">{S_INACTIVE_OPTIONS}</select>
 		<input class="button2" type="submit" name="submit" value="{L_SUBMIT}" />
-<p class="small"><a href="#" onclick="marklist('inactive', 'mark', true); return false;">{L_MARK_ALL}</a> &bull; <a href="#" onclick="marklist('inactive', 'mark', false); return false;">{L_UNMARK_ALL}</a></p>		
+		<p class="small"><a href="#" onclick="marklist('inactive', 'mark', true); return false;">{L_MARK_ALL}</a> &bull; <a href="#" onclick="marklist('inactive', 'mark', false); return false;">{L_UNMARK_ALL}</a></p>		
+		{S_FORM_TOKEN}
 	</fieldset>
 
 
 
-
 </form>
 
 <!-- INCLUDE overall_footer.html -->

phpBB/adm/style/acp_jabber.html

@@ -17,6 +17,9 @@
 
 <fieldset>
 	<legend>{L_ACP_JABBER_SETTINGS}</legend>
+<!-- IF S_GTALK_NOTE -->
+	<p>{L_JAB_GTALK_NOTE}</p>
+<!-- ENDIF -->
 <dl>
 	<dt><label for="jab_enable">{L_JAB_ENABLE}:</label><br /><span>{L_JAB_ENABLE_EXPLAIN}</span></dt>
 	<dd><label><input type="radio" class="radio" id="jab_enable" name="jab_enable" value="1"<!-- IF JAB_ENABLE --> checked="checked"<!-- ENDIF --> /> {L_ENABLED}</label>
@@ -55,8 +58,8 @@
 <fieldset class="submit-buttons">
 	<input class="button1" type="submit" id="submit" name="submit" value="{L_SUBMIT}" />&nbsp;
 	<input class="button2" type="reset" id="reset" name="reset" value="{L_RESET}" />
+	{S_FORM_TOKEN}
 </fieldset>
-
 </form>
 
 <!-- INCLUDE overall_footer.html -->

phpBB/adm/style/acp_language.html

@@ -4,7 +4,7 @@
 
 <!-- IF S_SELECT_METHOD -->
 
-	<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
+	<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
 
 	<h1>{L_SELECT_DOWNLOAD_FORMAT}</h1>
 
@@ -26,7 +26,7 @@
 
 <!-- ELSEIF S_DETAILS -->
 
-	<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
+	<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
 
 	<h1>{L_LANGUAGE_PACK_DETAILS}</h1>
 
@@ -54,8 +54,8 @@
 	<p class="quick" style="margin-top: -15px;">
 		<input type="submit" name="update_details" class="button2" value="{L_SUBMIT}" />
 	</p>
+	{S_FORM_TOKEN}
 	</fieldset>
-	
 	</form>
 
 	<br /><br />
@@ -92,7 +92,7 @@
 		<!-- END missing -->
 		</tbody>
 		</table>
-
+		<div>{S_FORM_TOKEN}</div>
 		</form>
 
 		<br /><br />
@@ -107,12 +107,12 @@
 	<form id="lang_entries" method="post" action="{U_ENTRY_ACTION}">
 
 	<!-- IF S_FROM_STORE -->
-		<fieldset class="quick" style="float: left;">
+		<fieldset class="quick" style="float: {S_CONTENT_FLOW_BEGIN};">
 			<input type="submit" name="remove_store" value="{L_REMOVE_FROM_STORAGE_FOLDER}" class="button2" /> 
 		</fieldset>
 	<!-- ENDIF -->
 
-	<fieldset class="quick" style="float: right;">
+	<fieldset class="quick" style="float: {S_CONTENT_FLOW_END};">
 		<select name="language_file">{S_LANG_OPTIONS}</select>&nbsp;<input type="submit" class="button2" name="change" value="{L_SELECT}" />
 	</fieldset>
 
@@ -157,16 +157,15 @@
 		{TPL}
 	<!-- ENDIF -->
 	<tr>
-		<td class="row3" colspan="3" style="text-align: right;"><input type="submit" name="download_file" class="button2" value="{L_SUBMIT_AND_DOWNLOAD}" />&nbsp;&nbsp;<input type="submit" name="submit_file" class="button2" value="{L_SUBMIT}" /></td>
+		<td class="row3" colspan="3" style="text-align: right;">{S_FORM_TOKEN}<input type="submit" name="download_file" class="button2" value="{L_SUBMIT_AND_DOWNLOAD}" />&nbsp;&nbsp;<input type="submit" name="submit_file" class="button2" value="{L_SUBMIT}" /></td>
 	</tr>
 	</tbody>
 	</table>
-
 	</form>
 
 <!-- ELSEIF S_UPLOAD -->
 
-	<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
+	<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
 
 	<h1>{L_UPLOAD_SETTINGS}</h1>
 
@@ -198,10 +197,10 @@
 	
 	<fieldset class="quick">
 		{HIDDEN}
+		{S_FORM_TOKEN}
 		<input class="button1" type="submit" name="update" value="{L_SUBMIT}" />
 		<input class="button1" type="submit" name="test_connection" value="{L_TEST_CONNECTION}" />
 	</fieldset>
-
 	</form>
 
 <!-- ELSE -->

phpBB/adm/style/acp_logs.html

@@ -56,6 +56,7 @@
 <fieldset class="display-options">
 	{L_DISPLAY_LOG}: &nbsp;{S_LIMIT_DAYS}&nbsp;{L_SORT_BY}: {S_SORT_KEY} {S_SORT_DIR}
 	<input class="button2" type="submit" value="{L_GO}" name="sort" />
+	{S_FORM_TOKEN}
 </fieldset>
 <hr />
 <!-- IF PAGINATION -->
@@ -72,14 +73,13 @@
 
 <!-- IF S_CLEARLOGS -->
 	<fieldset class="quick">
-		<input class="button2" type="submit" name="delmarked" value="{L_DELETE_MARKED}" />&nbsp;
-		<input class="button2" type="submit" name="delall" value="{L_DELETE_ALL}" /><br />
+		<input class="button2" type="submit" name="delall" value="{L_DELETE_ALL}" />&nbsp;
+		<input class="button2" type="submit" name="delmarked" value="{L_DELETE_MARKED}" /><br />
 		<p class="small"><a href="#" onclick="marklist('list', 'mark', true); return false;">{L_MARK_ALL}</a> &bull; <a href="#" onclick="marklist('list', 'mark', false); return false;">{L_UNMARK_ALL}</a></p>
 	</fieldset>
 <!-- ENDIF -->
 
 
-
 </form>
 
 <!-- INCLUDE overall_footer.html -->

phpBB/adm/style/acp_main.html

@@ -77,14 +77,17 @@
 		<td>{L_GZIP_COMPRESSION}: </td>
 		<td><strong>{GZIP_COMPRESSION}</strong></td>
 	</tr>
-	<!-- IF S_TOTAL_ORPHAN -->
 	<tr>
-		<td>&nbsp;</td>
-		<td>&nbsp;</td>
+		<td>{L_BOARD_VERSION}: </td>
+		<td><strong>{BOARD_VERSION}</strong></td>
+	<!-- IF S_TOTAL_ORPHAN -->
 		<td>{L_NUMBER_ORPHAN}: </td>
 		<td><strong>{TOTAL_ORPHAN}</strong></td>
-	</tr>
+	<!-- ELSE -->
+		<td>&nbsp;</td>
+		<td>&nbsp;</td>
 	<!-- ENDIF -->
+	</tr>
 	</tbody>
 	</table>
 

phpBB/adm/style/acp_modules.html

@@ -5,8 +5,7 @@
 <!-- IF S_EDIT_MODULE -->
 
 	<script type="text/javascript">
-	<!--
-
+	// <![CDATA[
 		function display_options(value)
 		{
 			if (value == 'category')
@@ -38,7 +37,7 @@
 			var j = 0;
 <!-- BEGIN m_names -->
 		
-			if (value == '{m_names.NAME}')
+			if (value == '{m_names.A_NAME}')
 			{
 	<!-- BEGIN modes -->
 				item.options[j] = new Option('{m_names.modes.A_VALUE}');
@@ -52,10 +51,10 @@
 			item.options[0].selected = true;
 		}
 
-	//-->
+	// ]]>
 	</script>
 
-	<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
+	<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
 
 	<h1>{L_TITLE} :: {MODULENAME}</h1>
 
@@ -116,8 +115,8 @@
 		<input class="button1" type="submit" id="submit" name="submit" value="{L_SUBMIT}" />&nbsp;
 		<input class="button2" type="reset" id="reset" name="reset" value="{L_RESET}" />
 	</p>
+	{S_FORM_TOKEN}
 	</fieldset>
-
 	</form>
 
 <!-- ELSE -->
@@ -177,7 +176,7 @@
 
 	<form id="quick" method="post" action="{U_ACTION}">
 
-	<fieldset class="quick" style="float: right;">
+	<fieldset class="quick" style="float: {S_CONTENT_FLOW_END};">
 		<input type="hidden" name="action" value="quickadd" />
 
 		<select name="quick_install">{S_INSTALL_OPTIONS}</select>
@@ -188,7 +187,7 @@
 
 	<form id="module" method="post" action="{U_ACTION}">
 
-	<fieldset class="quick" style="float: left;">
+	<fieldset class="quick" style="float: {S_CONTENT_FLOW_BEGIN};">
 		<input type="hidden" name="action" value="add" />
 		<input type="hidden" name="module_parent_id" value="{PARENT_ID}" />
 
@@ -198,7 +197,7 @@
 
 	</form>
 
-	<div class="clearfix">&nbsp;</div>
+	<div class="clearfix">&nbsp;</div><br style="clear: both;" />
 	
 	<form id="mselect" method="post" action="{U_SEL_ACTION}">
 	<fieldset class="quick">

phpBB/adm/style/acp_permission_roles.html

@@ -5,7 +5,7 @@
 <!-- IF S_EDIT -->
 
 	<script type="text/javascript">
-	<!--
+	// <![CDATA[
 		var active_pmask = '0';
 		var active_fmask = '0';
 		var active_cat = '0';
@@ -17,12 +17,12 @@
 		<!-- IF S_ROLE_JS_ARRAY -->
 			{S_ROLE_JS_ARRAY}
 		<!-- ENDIF -->
-	//-->
+	// ]]>
 	</script>
 
 	<script type="text/javascript" src="style/permissions.js"></script>
 
-	<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
+	<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
 
 	<h1>{L_TITLE}</h1>
 
@@ -124,8 +124,8 @@
 
 	<fieldset class="quick">
 		<input type="submit" class="button1" name="submit" value="{L_SUBMIT}" />
+		{S_FORM_TOKEN}
 	</fieldset>
-
 	</form>
 
 	<a href="#maincontent">&raquo; {L_BACK_TO_TOP}</a><br />
@@ -178,8 +178,8 @@
 
 	<fieldset class="quick">
 		{L_CREATE_ROLE}: <input type="text" name="role_name" value="" maxlength="255" /><!-- IF S_ROLE_OPTIONS --> <select name="options_from"><option value="0" selected="selected">{L_CREATE_ROLE_FROM}</option>{S_ROLE_OPTIONS}</select><!-- ENDIF --> <input class="button2" type="submit" name="add" value="{L_SUBMIT}" /><br />
+		{S_FORM_TOKEN}
 	</fieldset>
-
 	</form>
 
 	<!-- IF S_DISPLAY_ROLE_MASK -->

phpBB/adm/style/acp_permissions.html

@@ -35,11 +35,11 @@
 
 		<p class="quick">
 			{S_HIDDEN_FIELDS}
+			{S_FORM_TOKEN}
 			<input type="submit" name="submit" value="{L_SUBMIT}" class="button1" />
 		</p>
 
 		</fieldset>
-
 		</form>
 
 		<!-- IF S_FORUM_MULTIPLE -->
@@ -56,11 +56,11 @@
 
 			<p class="quick">
 				{S_HIDDEN_FIELDS}
+				{S_FORM_TOKEN}
 				<input type="submit" name="submit" value="{L_SUBMIT}" class="button1" />
 			</p>
 
 			</fieldset>
-
 			</form>
 			
 		<!-- ENDIF -->
@@ -74,16 +74,16 @@
 		<dl>
 			<dt><label for="username">{L_FIND_USERNAME}:</label></dt>
 			<dd><input class="text medium" type="text" id="username" name="username[]" /></dd>
-			<dd>[ <a href="{U_FIND_USERNAME}" onclick="find_username(); return false;">{L_FIND_USERNAME}</a> ]</dd>
+			<dd>[ <a href="{U_FIND_USERNAME}" onclick="find_username(this.href); return false;">{L_FIND_USERNAME}</a> ]</dd>
 			<dd class="full" style="text-align: left;"><label><input type="checkbox" class="radio" id="anonymous" name="user_id[]" value="{ANONYMOUS_USER_ID}" /> {L_SELECT_ANONYMOUS}</label></dd>
 		</dl>
 
 		<p class="quick">
 			{S_HIDDEN_FIELDS}
+			{S_FORM_TOKEN}
 			<input type="submit" name="submit" value="{L_SUBMIT}" class="button1" />
 		</p>
 		</fieldset>
-
 		</form>
 
 	<!-- ELSEIF S_SELECT_GROUP and S_CAN_SELECT_GROUP -->
@@ -99,16 +99,16 @@
 
 		<p class="quick">
 			{S_HIDDEN_FIELDS}
+			{S_FORM_TOKEN}
 			<input type="submit" name="submit" value="{L_SUBMIT}" class="button1" />
 		</p>
 
 		</fieldset>
-
 		</form>
 
 		<!-- ELSEIF S_SELECT_USERGROUP -->
 
-		<div style="float: left; width: 48%;">
+		<div style="float: {S_CONTENT_FLOW_BEGIN}; width: 48%;">
 
 		<!-- IF S_CAN_SELECT_USER -->
 
@@ -126,9 +126,9 @@
 			
 			<fieldset class="quick">
 				{S_HIDDEN_FIELDS}
+				{S_FORM_TOKEN}
 				<input type="submit" class="button2" name="action[delete]" value="{L_REMOVE_PERMISSIONS}" style="width: 46% !important;" /> &nbsp; <input class="button1" type="submit" name="submit_edit_options" value="{L_EDIT_PERMISSIONS}" style="width: 46% !important;" />
 			</fieldset>
-			
 			</form>
 
 			<form id="add_user" method="post" action="{U_ACTION}">
@@ -138,22 +138,22 @@
 				<p>{L_USERNAMES_EXPLAIN}</p>
 			<dl>
 				<dd class="full"><textarea id="username" name="usernames" rows="5" cols="5" style="width: 100%; height: 60px;"></textarea></dd>
-				<dd class="full" style="text-align: left;"><div style="float: right;">[ <a href="{U_FIND_USERNAME}" onclick="find_username(); return false;">{L_FIND_USERNAME}</a> ]</div><label><input type="checkbox" class="radio" id="anonymous" name="user_id[]" value="{ANONYMOUS_USER_ID}" /> {L_SELECT_ANONYMOUS}</label></dd>
+				<dd class="full" style="text-align: left;"><div style="float: {S_CONTENT_FLOW_END};">[ <a href="{U_FIND_USERNAME}" onclick="find_username(this.href); return false;">{L_FIND_USERNAME}</a> ]</div><label><input type="checkbox" class="radio" id="anonymous" name="user_id[]" value="{ANONYMOUS_USER_ID}" /> {L_SELECT_ANONYMOUS}</label></dd>
 			</dl>
 			</fieldset>
 
 			<fieldset class="quick">
 				{S_HIDDEN_FIELDS}
+				{S_FORM_TOKEN}
 				<input class="button1" type="submit" name="submit_add_options" value="{L_ADD_PERMISSIONS}" />
 			</fieldset>
-			
 			</form>
 
 		<!-- ENDIF -->
 
 		</div>
 
-		<div style="float: right; width: 48%">
+		<div style="float: {S_CONTENT_FLOW_END}; width: 48%">
 			
 		<!-- IF S_CAN_SELECT_GROUP -->
 
@@ -171,9 +171,9 @@
 			
 			<fieldset class="quick">
 				{S_HIDDEN_FIELDS}
+				{S_FORM_TOKEN}
 				<input class="button2" type="submit" name="action[delete]" value="{L_REMOVE_PERMISSIONS}" style="width: 46% !important;" /> &nbsp; <input class="button1" type="submit" name="submit_edit_options" value="{L_EDIT_PERMISSIONS}" style="width: 46% !important;" />
 			</fieldset>
-			
 			</form>
 
 			<form id="add_groups" method="post" action="{U_ACTION}">
@@ -187,9 +187,9 @@
 
 			<fieldset class="quick">
 				{S_HIDDEN_FIELDS}
+				{S_FORM_TOKEN}
 				<input type="submit" class="button1" name="submit_add_options" value="{L_ADD_PERMISSIONS}" />
 			</fieldset>
-			
 			</form>
 
 		<!-- ENDIF -->
@@ -198,7 +198,7 @@
 
 	<!-- ELSEIF S_SELECT_USERGROUP_VIEW -->
 
-		<div style="float: left; width: 48%;">
+		<div style="float: {S_CONTENT_FLOW_BEGIN}; width: 48%;">
 		
 			<h1>{L_USERS}</h1>
 
@@ -213,9 +213,9 @@
 			
 			<fieldset class="quick">
 				{S_HIDDEN_FIELDS}
+				{S_FORM_TOKEN}
 				<input class="button1" type="submit" name="submit" value="{L_VIEW_PERMISSIONS}" />
 			</fieldset>
-			
 			</form>
 
 			<form id="add_user" method="post" action="{U_ACTION}">
@@ -225,21 +225,21 @@
 			<dl>
 				<dt><label for="username">{L_FIND_USERNAME}:</label></dt>
 				<dd><input type="text" id="username" name="username[]" /></dd>
-				<dd>[ <a href="{U_FIND_USERNAME}" onclick="find_username(); return false;">{L_FIND_USERNAME}</a> ]</dd>
+				<dd>[ <a href="{U_FIND_USERNAME}" onclick="find_username(this.href); return false;">{L_FIND_USERNAME}</a> ]</dd>
 				<dd class="full" style="text-align: left;"><label><input type="checkbox" class="radio" id="anonymous" name="user_id[]" value="{ANONYMOUS_USER_ID}" /> {L_SELECT_ANONYMOUS}</label></dd>
 			</dl>
 			</fieldset>
 
 			<fieldset class="quick">
 				{S_HIDDEN_FIELDS}
+				{S_FORM_TOKEN}
 				<input type="submit" name="submit" value="{L_VIEW_PERMISSIONS}" class="button1" />
 			</fieldset>
-
 			</form>
 
 		</div>
 
-		<div style="float: right; width: 48%">
+		<div style="float: {S_CONTENT_FLOW_END}; width: 48%">
 			
 			<h1>{L_USERGROUPS}</h1>
 
@@ -254,9 +254,9 @@
 			
 			<fieldset class="quick">
 				{S_HIDDEN_FIELDS}
+				{S_FORM_TOKEN}
 				<input class="button1" type="submit" name="submit" value="{L_VIEW_PERMISSIONS}" />
 			</fieldset>
-			
 			</form>
 
 			<form id="group" method="post" action="{U_ACTION}">
@@ -272,9 +272,9 @@
 
 			<fieldset class="quick">
 				{S_HIDDEN_FIELDS}
+				{S_FORM_TOKEN}
 				<input type="submit" name="submit" value="{L_VIEW_PERMISSIONS}" class="button1" />
 			</fieldset>
-
 			</form>
 
 		</div>
@@ -305,20 +305,20 @@
 
 	<br />
 
-	<fieldset class="quick" style="float: right;">
+	<fieldset class="quick" style="float: {S_CONTENT_FLOW_END};">
 		<strong>&raquo; {L_PERMISSION_TYPE}</strong>
 	</fieldset>
 
 	<!-- IF S_PERMISSION_DROPDOWN -->
 		<form id="pselect" method="post" action="{U_ACTION}">
 	
-		<fieldset class="quick" style="float: left;">
+		<fieldset class="quick" style="float: {S_CONTENT_FLOW_BEGIN};">
 			{S_HIDDEN_FIELDS}
+			{S_FORM_TOKEN}
 			{L_SELECT_TYPE}: <select name="type">{S_PERMISSION_DROPDOWN}</select> 
 
 			<input class="button2" type="submit" name="submit" value="{L_GO}" />
 		</fieldset>
-	
 		</form>
 	<!-- ENDIF -->
 
@@ -327,9 +327,9 @@
 	<!-- include tooltip file -->
 	<script type="text/javascript" src="style/tooltip.js"></script>
 	<script type="text/javascript">
-	<!--
+	// <![CDATA[
 		window.onload = function(){enable_tooltips_select('set-permissions', '{LA_ROLE_DESCRIPTION}', 'role')};
-	//-->
+	// ]]>
 	</script>
 
 	<form id="set-permissions" method="post" action="{U_ACTION}">
@@ -340,13 +340,14 @@
 
 	<br /><br />
 
-	<fieldset class="quick" style="float: right;">
+	<fieldset class="quick" style="float: {S_CONTENT_FLOW_END};">
 		<input class="button1" type="submit" name="action[apply_all_permissions]" value="{L_APPLY_ALL_PERMISSIONS}" />
 		<input class="button2" type="button" name="cancel" value="{L_RESET}" onclick="document.forms['set-permissions'].reset(); init_colours(active_pmask + active_fmask);" />
+		{S_FORM_TOKEN}
 	</fieldset>
 
 	<br /><br />
-
+	
 	</form>
 
 <!-- ENDIF -->

phpBB/adm/style/acp_php_info.html

@@ -6,7 +6,7 @@
 
 <p>{L_ACP_PHP_INFO_EXPLAIN}</p>
 
-<div style="overflow: auto; width: 99%;">
+<div class="phpinfo">
 	{PHPINFO}
 </div>
 

phpBB/adm/style/acp_profile.html

@@ -4,7 +4,7 @@
 
 <!-- IF S_EDIT -->
 
-	<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
+	<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
 
 	<h1>{L_TITLE}</h1>
 
@@ -108,6 +108,7 @@
 
 		<fieldset class="quick">
 			{S_HIDDEN_FIELDS}
+			{S_FORM_TOKEN}
 			<input class="button1" type="submit" name="next" value="{L_PROFILE_TYPE_OPTIONS}" />
 		</fieldset>
 
@@ -123,12 +124,13 @@
 		<!-- END option -->
 		</fieldset>
 
-		<fieldset class="quick" style="float: left;">
+		<fieldset class="quick" style="float: {S_CONTENT_FLOW_BEGIN};">
 			<input class="button1" type="submit" name="prev" value="{L_PROFILE_BASIC_OPTIONS}" />
 		</fieldset>
 		
-		<fieldset class="quick" style="float: right">
+		<fieldset class="quick" style="float: {S_CONTENT_FLOW_END};">
 			{S_HIDDEN_FIELDS}
+			{S_FORM_TOKEN}
 			<input class="button1" type="submit" name="next" value="{L_NEXT_STEP}" />
 		</fieldset>
 
@@ -146,17 +148,18 @@
 			</fieldset>
 		<!-- END options -->
 
-		<fieldset class="quick" style="float: left;">
+		<fieldset class="quick" style="float: {S_CONTENT_FLOW_BEGIN};">
 			<input class="button1" type="submit" name="prev" value="{L_PROFILE_TYPE_OPTIONS}" />
 		</fieldset>
 		
-		<fieldset class="quick" style="float: right;">
+		<fieldset class="quick" style="float: {S_CONTENT_FLOW_END};">
 			{S_HIDDEN_FIELDS}
 			<input class="button1" type="submit" name="save" value="{L_SAVE}" />
+			{S_FORM_TOKEN}
 		</fieldset>
 	
 	<!-- ENDIF -->
-
+	
 	</form>
 
 <!-- ELSE -->
@@ -216,8 +219,8 @@
 		<input class="text small" type="text" name="field_ident" /> <select name="field_type">{S_TYPE_OPTIONS}</select>
 		<input class="button1" type="submit" name="submit" value="{L_CREATE_NEW_FIELD}" />
 		<input type="hidden" name="create" value="1" />
+		{S_FORM_TOKEN}
 	</fieldset>
-
 	</form>
 
 <!-- ENDIF -->

phpBB/adm/style/acp_prune_forums.html

@@ -44,7 +44,7 @@
 		<p>{L_LOOK_UP_FORUMS_EXPLAIN}</p>
 	<dl>
 		<dt><label for="forum">{L_LOOK_UP_FORUM}:</label></dt>
-		<dd><select name="f[]" multiple="multiple" size="5">{S_FORUM_OPTIONS}</select></dd>
+		<dd><select name="f[]" multiple="multiple" size="10">{S_FORUM_OPTIONS}</select></dd>
 		<dd><label><input type="checkbox" class="radio" name="all_forums" value="1" /> {L_ALL_FORUMS}</label></dd>
 	</dl>
 	
@@ -57,7 +57,7 @@
 
 <!-- ELSE -->
 
-	<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
+	<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
 
 	<h1>{L_ACP_PRUNE_FORUMS}</h1>
 
@@ -97,11 +97,10 @@
 	
 	<p class="quick">
 		{S_HIDDEN_FIELDS}
-
+		{S_FORM_TOKEN}
 		<input class="button1" type="submit" id="submit" name="submit" value="{L_SUBMIT}" />
 	</p>
 	</fieldset>
-
 	</form>
 
 <!-- ENDIF -->

phpBB/adm/style/acp_prune_users.html

@@ -33,7 +33,7 @@
 <dl>
 	<dt><label for="users">{L_ACP_PRUNE_USERS}:</label><br /><span>{L_SELECT_USERS_EXPLAIN}</span></dt>
 	<dd><textarea id="users" name="users" cols="40" rows="5"></textarea></dd>
-	<dd>[ <a href="#" onclick="window.open('{U_FIND_USER}', '_phpbbsearch', 'height=500, resizable=yes, scrollbars=yes, width=740'); return false;">{L_FIND_USERNAME}</a> ]</dd>
+	<dd>[ <a href="{U_FIND_USERNAME}" onclick="find_username(this.href); return false;">{L_FIND_USERNAME}</a> ]</dd>
 </dl>
 <dl>
 	<dt><label for="deleteposts">{L_DELETE_USER_POSTS}:</label><br /><span>{L_DELETE_USER_POSTS_EXPLAIN}</span></dt>
@@ -51,9 +51,9 @@
 
 	<input class="button1" type="submit" id="update" name="update" value="{L_SUBMIT}" />&nbsp;
 	<input class="button2" type="reset" id="reset" name="reset" value="{L_RESET}" />
+	{S_FORM_TOKEN}
 </p>
 </fieldset>
-
 </form>
 
 <!-- INCLUDE overall_footer.html -->

phpBB/adm/style/acp_ranks.html

@@ -4,16 +4,16 @@
 
 <!-- IF S_EDIT -->
 
-	<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
+	<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
 
 	<script type="text/javascript">
-	<!--
+	// <![CDATA[
 		function update_image(newimage)
 		{
-			document.getElementById('image').src = (newimage) ? "{RANKS_PATH}/" + newimage : "./images/spacer.gif";
+			document.getElementById('image').src = (newimage) ? "{RANKS_PATH}/" + encodeURI(newimage) : "./images/spacer.gif";
 		}
 
-	//-->
+	// ]]>
 	</script>
 
 	<h1>{L_ACP_MANAGE_RANKS}</h1>
@@ -50,9 +50,9 @@
 
 		<input class="button1" type="submit" id="submit" name="submit" value="{L_SUBMIT}" />&nbsp;
 		<input class="button2" type="reset" id="reset" name="reset" value="{L_RESET}" />
+		{S_FORM_TOKEN}
 	</p>
 	</fieldset>
-
 	</form>
 
 <!-- ELSE -->
@@ -88,9 +88,9 @@
 
 	<p class="quick">
 		<input class="button2" name="add" type="submit" value="{L_ADD_RANK}" />
+		{S_FORM_TOKEN}
 	</p>
 	</fieldset>
-
 	</form>
 
 <!-- ENDIF -->

phpBB/adm/style/acp_reasons.html

@@ -4,7 +4,7 @@
 
 <!-- IF S_EDIT_REASON -->
 
-	<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
+	<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
 
 	<h1>{L_TITLE}</h1>
 
@@ -40,7 +40,7 @@
 	<!-- ENDIF -->
 	<dl>
 		<dt><label for="reason_description">{L_REASON_DESCRIPTION}:</label></dt>
-		<dd><textarea name="reason_description" id="reason_description" rows="8">{REASON_DESCRIPTION}</textarea></dd>
+		<dd><textarea name="reason_description" id="reason_description" rows="8" cols="80">{REASON_DESCRIPTION}</textarea></dd>
 	</dl>
 	<!-- IF S_TRANSLATED -->
 	<dl>
@@ -52,9 +52,9 @@
 	<p class="submit-buttons">
 		<input class="button1" type="submit" id="submit" name="submit" value="{L_SUBMIT}" />&nbsp;
 		<input class="button2" type="reset" id="reset" name="reset" value="{L_RESET}" />
+		{S_FORM_TOKEN}
 	</p>
 	</fieldset>
-
 	</form>
 
 <!-- ELSE -->
@@ -81,7 +81,7 @@
 		<!-- BEGIN reasons -->
 			<tr>
 				<td>
-					<i style="float: right; font-size: .9em;"><!-- IF reasons.S_TRANSLATED -->{L_IS_TRANSLATED}<!-- ELSE -->{L_IS_NOT_TRANSLATED}<!-- ENDIF --></i>
+					<i style="float: {S_CONTENT_FLOW_END}; font-size: .9em;"><!-- IF reasons.S_TRANSLATED -->{L_IS_TRANSLATED}<!-- ELSE -->{L_IS_NOT_TRANSLATED}<!-- ENDIF --></i>
 					<strong>{reasons.REASON_TITLE}<!-- IF reasons.S_OTHER_REASON --> *<!-- ENDIF --></strong>
 					<br /><span>{reasons.REASON_DESCRIPTION}</span>
 				</td>
@@ -116,9 +116,10 @@
 
 		<input type="text" name="reason_title" /> 
 		<input class="button2" name="addreason" type="submit" value="{L_ADD_NEW_REASON}" />
+		{S_FORM_TOKEN}
 	</p>
 	</fieldset>
-
+	
 	</form>
 
 <!-- ENDIF -->

phpBB/adm/style/acp_search.html

@@ -59,24 +59,24 @@
 		<legend>{L_SUBMIT}</legend>
 		<input class="button1" type="submit" id="submit" name="submit" value="{L_SUBMIT}" />&nbsp;
 		<input class="button2" type="reset" id="reset" name="reset" value="{L_RESET}" />
+		{S_FORM_TOKEN}
 	</fieldset>
-
 	</form>
 
 <!-- ELSEIF S_INDEX -->
 
 	<script type="text/javascript">
-	<!--
-
+	// <![CDATA[
 		/**
 		* Popup search progress bar
 		*/
 		function popup_progress_bar(progress_type)
 		{
 			close_waitscreen = 0;
-			window.open('{UA_PROGRESS_BAR}&type=' + progress_type, '_index', 'HEIGHT=240,resizable=yes,scrollbars=no,WIDTH=400');
+			// no scrollbars
+			popup('{UA_PROGRESS_BAR}&amp;type=' + progress_type, 400, 240, '_index');
 		}
-	//-->
+	// ]]>
 	</script>
 
 	<h1>{L_ACP_SEARCH_INDEX}</h1>
@@ -89,6 +89,7 @@
 				<legend>{L_SUBMIT}</legend>
 				<input class="button1" type="submit" id="continue" name="continue" value="{L_CONTINUE}" onclick="popup_progress_bar('{S_CONTINUE_INDEXING}');" />&nbsp;
 				<input class="button2" type="submit" id="cancel" name="cancel" value="{L_CANCEL}" />
+				{S_FORM_TOKEN}
 			</fieldset>
 		</form>
 	<!-- ELSE -->
@@ -139,8 +140,9 @@
 				<input class="button2" type="submit" name="action[create]" value="{L_CREATE_INDEX}" onclick="popup_progress_bar('create');" />
 			<!-- ENDIF -->
 			</p>
+			{S_FORM_TOKEN}
 			</fieldset>
-
+			
 			</form>
 		<!-- END backend -->
 

phpBB/adm/style/acp_styles.html

@@ -4,7 +4,7 @@
 
 <!-- IF S_DELETE -->
 
-	<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
+	<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
 
 	<h1>{L_TITLE}</h1>
 
@@ -25,14 +25,14 @@
 
 	<p class="quick">
 		<input class="button1" type="submit" name="update" value="{L_DELETE}" />
+		{S_FORM_TOKEN}
 	</p>
 	</fieldset>
-
 	</form>
 
 <!-- ELSEIF S_EDIT_IMAGESET -->
 
-	<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
+	<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
 
 	<h1>{L_TITLE}</h1>
 
@@ -51,15 +51,15 @@
 	<!-- ENDIF -->
 
 	<script type="text/javascript" defer="defer">
-	<!--
+	// <![CDATA[
 		function update_image(newimage)
 		{
-			document.getElementById('newimg').src = (newimage) ? "../styles/{NAME}/imageset/" + newimage : "images/no_image.png";
+			document.getElementById('newimg').src = (newimage) ? '../styles/{A_NAME}/imageset/' + encodeURI(newimage) : 'images/no_image.png';
 		}
-	//-->
+	// ]]>
 	</script>
 	<script type="text/javascript">
-	<!--
+	// <![CDATA[
 		/**
 		* Handle displaying/hiding the dimension fields
 		*/
@@ -85,7 +85,7 @@
 				dE('img_dimensions', -1);
 			<!-- ENDIF -->
 		}
-	//-->
+	// ]]>
 	</script>
 
 	<form method="post" action="{U_ACTION}">
@@ -147,40 +147,13 @@
 	<fieldset class="submit-buttons">
 		<legend>{L_SUBMIT}</legend>
 		<input class="button1" type="submit" name="update" value="{L_SUBMIT}" />&nbsp;&nbsp;<input class="button2" type="reset" value="{L_RESET}" />
+		{S_FORM_TOKEN}
 	</fieldset>
-
 	</form>
 
 <!-- ELSEIF S_EDIT_TEMPLATE or S_EDIT_THEME -->
 
-	<script type="text/javascript" defer="defer">
-	<!--
-		function append_text_rows(form_name, value)
-		{
-			url = document.getElementById(form_name).action;
-			var_start = url.indexOf('&text_rows=');
-			if (var_start == -1)
-			{
-				document.getElementById(form_name).action = url + "&text_rows=" + value;
-			}
-			else
-			{
-				url_start = url.substring(0, var_start + 1);
-				var_end = url.substring(var_start + 1).indexOf('&');
-				if (var_end == -1)
-				{
-					document.getElementById(form_name).action = url_start + "text_rows=" + value;
-				}
-				else
-				{
-					document.getElementById(form_name).action = url_start + url.substring(var_end + var_start + 2) + "&text_rows=" + value;
-				}
-			}
-		}
-	//-->
-	</script>
-
-	<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
+	<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
 
 	<h1>{L_EDIT}</h1>
 
@@ -197,17 +170,24 @@
 		<dt><label for="template_file">{L_FILE}:</label></dt>
 		<dd><select id="template_file" name="template_file" onchange="if (this.options[this.selectedIndex].value != '') this.form.submit();">{S_TEMPLATES}</select> <input class="button2" type="submit" value="{L_SELECT}" /></dd>
 	</dl>
+	{S_FORM_TOKEN}
 	</fieldset>
 	<!-- ENDIF -->
-
 	</form>
 
 	<!-- IF TEMPLATE_FILE or (S_EDIT_THEME and S_THEME_IN_DB) -->
 		<script type="text/javascript" defer="defer">
-		<!--
+		// <![CDATA[
 
 			function change_editor_height(height)
 			{
+				height = Number(height);
+
+				if (isNaN(height))
+				{
+					return;
+				}
+
 				editor = document.getElementById('template_data');
 				editor.rows = Math.max(5, Math.min(height, 999));
 
@@ -217,7 +197,18 @@
 
 			function append_text_rows(form_name, value)
 			{
+				value = Number(value);
+
+				if (isNaN(value))
+				{
+					return;
+				}
+
 				url = document.getElementById(form_name).action;
+
+				// Make sure &amp; is actually... &
+				url = url.replace(/&amp;/g, '&');
+
 				var_start = url.indexOf('&text_rows=');
 				if (var_start == -1)
 				{
@@ -237,7 +228,8 @@
 					}
 				}
 			}
-		//-->
+
+		// ]]>
 		</script>
 
 		<form id="acp_template" method="post" action="{U_ACTION}">
@@ -260,27 +252,15 @@
 		<fieldset class="submit-buttons">
 			<legend>{L_SUBMIT}</legend>
 			{S_HIDDEN_FIELDS}
+			{S_FORM_TOKEN}
 			<input class="button1" id="save" type="submit" name="save" value="{L_SUBMIT}" />
 		</fieldset>
-
 		</form>
 	<!-- ENDIF -->
 
 <!-- ELSEIF S_CACHE -->
 
-	<script type="text/javascript">
-	<!--
-
-		function viewsource(url)
-		{
-			window.open(url, '_source', 'HEIGHT=550,resizable=yes,scrollbars=yes,WIDTH=750');
-			return false;
-		}
-	
-	//-->
-	</script>
-
-	<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
+	<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
 	
 	<h1>{L_TEMPLATE_CACHE}</h1>
 	
@@ -303,7 +283,7 @@
 	<tbody>
 	<!-- BEGIN file -->
 		<!-- IF file.S_ROW_COUNT is even --><tr class="row1"><!-- ELSE --><tr class="row2"><!-- ENDIF -->
-			<td><a href="{file.U_VIEWSOURCE}" onclick="viewsource('{file.UA_VIEWSOURCE}');return false">{file.FILENAME}</a></td>
+			<td><a href="{file.U_VIEWSOURCE}" onclick="popup(this.href, 750, 550, '_source'); return false;">{file.FILENAME}</a></td>
 			<td>{file.FILESIZE}</td>
 			<td>{file.CACHED}</td>
 			<td>{file.MODIFIED}</td>
@@ -319,16 +299,15 @@
 
 	<p class="quick">
 		<span class="small"><a href="#" onclick="marklist('acp_styles', 'delete', true); return false;">{L_MARK_ALL}</a> :: <a href="#" onclick="marklist('acp_styles', 'delete', false); return false;">{L_UNMARK_ALL}</a></span><br />
-
+		{S_FORM_TOKEN}
 		<input class="button1" type="submit" id="submit" name="submit" value="{L_DELETE_MARKED}" />
 	</p>
 	</fieldset>
-
 	</form>
 
 <!-- ELSEIF S_EXPORT -->
 
-	<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
+	<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
 
 	<h1>{L_TITLE}</h1>
 
@@ -377,10 +356,12 @@
 	</dl>
 
 	<p class="quick">
+		{S_FORM_TOKEN}
 		<input class="button1" type="submit" name="update" value="{L_SUBMIT}" />
 	</p>
 	</fieldset>
 
+	
 	</form>
 
 <!-- ELSEIF S_FRONTEND -->
@@ -455,7 +436,7 @@
 
 <!-- ELSEIF S_DETAILS -->
 
-	<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
+	<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
 
 	<h1>{L_TITLE}</h1>
 
@@ -524,8 +505,9 @@
 	<fieldset class="submit-buttons">
 		<legend>{L_SUBMIT}</legend>
 		<input class="button1" type="submit" name="update" value="{L_SUBMIT}" />
+		{S_FORM_TOKEN}
 	</fieldset>
-
+	
 	</form>
 
 <!-- ENDIF -->

phpBB/adm/style/acp_users.html

@@ -15,7 +15,7 @@
 	<dl>
 		<dt><label for="username">{L_FIND_USERNAME}:</label></dt>
 		<dd><input class="text medium" type="text" id="username" name="username" /></dd>
-		<dd>[ <a href="{U_FIND_USERNAME}" onclick="find_username(); return false;">{L_FIND_USERNAME}</a> ]</dd>
+		<dd>[ <a href="{U_FIND_USERNAME}" onclick="find_username(this.href); return false;">{L_FIND_USERNAME}</a> ]</dd>
 		<dd class="full" style="text-align: left;"><label><input type="checkbox" class="radio" id="anonymous" name="u" value="{ANONYMOUS_USER_ID}" /> {L_SELECT_ANONYMOUS}</label></dd>
 	</dl>
 
@@ -28,7 +28,7 @@
 
 <!-- ELSEIF S_SELECT_FORUM -->
 
-	<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
+	<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
 
 	<h1>{L_USER_ADMIN}</h1>
 
@@ -46,13 +46,13 @@
 
 	<fieldset class="quick">
 		<input type="submit" name="update" value="{L_SUBMIT}" class="button1" />
+		{S_FORM_TOKEN}
 	</fieldset>
-
 	</form>
 
 <!-- ELSE -->
 
-	<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
+	<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
 
 	<h1>{L_USER_ADMIN} :: {MANAGED_USERNAME}</h1>
 
@@ -69,8 +69,8 @@
 
 	<fieldset class="quick">
 		{L_SELECT_FORM}: <select name="mode" onchange="if (this.options[this.selectedIndex].value != '') this.form.submit();">{S_FORM_OPTIONS}</select> <input class="button2" type="submit" value="{L_GO}" />
+		{S_FORM_TOKEN}
 	</fieldset>
-
 	</form>
 
 <!-- ENDIF -->
@@ -109,8 +109,8 @@
 
 	<fieldset class="quick">
 		<input class="button1" type="submit" name="update" value="{L_SUBMIT}" />
+		{S_FORM_TOKEN}
 	</fieldset>
-
 	</form>
 
 <!-- ELSEIF S_SIGNATURE -->
@@ -143,9 +143,9 @@
 	<!-- IF S_GROUP_OPTIONS -->
 		<fieldset class="quick">
 			{L_USER_GROUP_ADD}: <select name="g">{S_GROUP_OPTIONS}</select> <input class="button1" type="submit" name="update" value="{L_SUBMIT}" />
+			{S_FORM_TOKEN}
 		</fieldset>
 	<!-- ENDIF -->
-
 	</form>
 
 <!-- ELSEIF S_ATTACHMENTS -->
@@ -201,13 +201,13 @@
 	<fieldset class="quick">
 		<input class="button2" type="submit" name="delmarked" value="{L_DELETE_MARKED}" />
 		<p class="small"><a href="#" onclick="marklist('user_attachments', 'mark', true);">{L_MARK_ALL}</a> &bull; <a href="#" onclick="marklist('user_attachments', 'mark', false);">{L_UNMARK_ALL}</a></p>
+		{S_FORM_TOKEN}
 	</fieldset>
-
 	</form>
 
 <!-- ELSEIF S_PERMISSIONS -->
 
-	<div style="float: right;">
+	<div style="float: {S_CONTENT_FLOW_END};">
 		<a href="{U_USER_PERMISSIONS}">&raquo; {L_SET_USERS_PERMISSIONS}</a><br />
 		<a href="{U_USER_FORUM_PERMISSIONS}">&raquo; {L_SET_USERS_FORUM_PERMISSIONS}</a>
 	</div>
@@ -217,8 +217,8 @@
 		<fieldset class="quick" style="text-align: left;">
 			{L_SELECT_FORUM}: <select name="f">{S_FORUM_OPTIONS}</select> 
 			<input class="button2" type="submit" value="{L_GO}" name="select" />
+			{S_FORM_TOKEN}
 		</fieldset>
-
 	</form>
 
 	<div class="clearfix">&nbsp;</div>

phpBB/adm/style/acp_users_avatar.html

@@ -70,6 +70,7 @@
 
 	<fieldset class="quick">
 		<input class="button1" type="submit" name="update" value="{L_SUBMIT}" />
+		{S_FORM_TOKEN}
 	</fieldset>
-
+	
 	</form>

phpBB/adm/style/acp_users_feedback.html

@@ -52,8 +52,8 @@
 
 	<!-- IF S_CLEARLOGS -->
 		<fieldset class="quick">
-			<input class="button2" type="submit" name="delmarked" value="{L_DELETE_MARKED}" />&nbsp;
-			<input class="button2" type="submit" name="delall" value="{L_DELETE_ALL}" />
+			<input class="button2" type="submit" name="delall" value="{L_DELETE_ALL}" />&nbsp;
+			<input class="button2" type="submit" name="delmarked" value="{L_DELETE_MARKED}" />
 			<p class="small"><a href="#" onclick="marklist('list', 'mark', true);">{L_MARK_ALL}</a> &bull; <a href="#" onclick="marklist('list', 'mark', false);">{L_UNMARK_ALL}</a></p>
 		</fieldset>
 	<!-- ENDIF -->
@@ -72,5 +72,5 @@
 	<fieldset class="quick">
 		<input class="button1" type="submit" name="update" value="{L_SUBMIT}" />
 	</fieldset>
-
+	{S_FORM_TOKEN}
 	</form>

phpBB/adm/style/acp_users_overview.html

@@ -21,7 +21,7 @@
 <dl>
 	<dt><label>{L_REGISTERED_IP}:</label></dt>
 	<dd><a href="{U_SHOW_IP}">{REGISTERED_IP}</a></dd>
-	<dd>[ <a href="#" onclick="window.open('{U_WHOIS}', '_whois', 'height=500, resizable=yes, scrollbars=yes, width=700'); return false;">{L_WHOIS}</a> ]</dd>
+	<dd>[ <a href="{U_WHOIS}" onclick="popup(this.href, 700, 500, '_whois'); return false;">{L_WHOIS}</a> ]</dd>
 </dl>
 <!-- ENDIF -->
 <dl>
@@ -61,16 +61,16 @@
 <p class="quick">
 	<input class="button1" type="submit" name="update" value="{L_SUBMIT}" />
 	<input type="hidden" name="action" value="" />
+	{S_FORM_TOKEN}
 </p>
 
 </fieldset>
-
 </form>
 
 <!-- IF not S_USER_FOUNDER or S_FOUNDER -->
 
 	<script type="text/javascript">
-	<!--
+	// <![CDATA[
 
 		function display_reason(option)
 		{
@@ -103,7 +103,7 @@
 			}
 		}
 
-	//-->
+	// ]]>
 	</script>
 
 	<form id="user_quick_tools" method="post" action="{U_ACTION}">
@@ -134,10 +134,11 @@
 
 	<p class="quick">
 		<input class="button1" type="submit" name="update" value="{L_SUBMIT}" />
+		{S_FORM_TOKEN}
 	</p>
 
 	</fieldset>
-
+	
 	</form>
 
 <!-- ENDIF -->

phpBB/adm/style/acp_users_prefs.html

@@ -1,3 +1,9 @@
+<script type="text/javascript">
+// <![CDATA[
+	var default_dateformat = '{A_DEFAULT_DATEFORMAT}';
+// ]]>
+</script>
+
 	<form id="user_prefs" method="post" action="{U_ACTION}">
 
 	<fieldset>
@@ -57,7 +63,7 @@
 	</dl>
 	<dl> 
 		<dt><label for="dateoptions">{L_BOARD_DATE_FORMAT}:</label><br /><span>{L_BOARD_DATE_FORMAT_EXPLAIN}</span></dt>
-		<dd><select name="dateoptions" id="dateoptions" onchange="if(this.value=='custom'){dE('custom_date',1);}else{dE('custom_date',-1);} if (this.value == 'custom') { document.getElementById('dateformat').value = '{A_DEFAULT_DATEFORMAT}'; } else { document.getElementById('dateformat').value = this.value; }">{S_DATEFORMAT_OPTIONS}</select></dd>
+		<dd><select name="dateoptions" id="dateoptions" onchange="if(this.value=='custom'){dE('custom_date',1);}else{dE('custom_date',-1);} if (this.value == 'custom') { document.getElementById('dateformat').value = default_dateformat; } else { document.getElementById('dateformat').value = this.value; }">{S_DATEFORMAT_OPTIONS}</select></dd>
 		<dd><div id="custom_date"<!-- IF not S_CUSTOM_DATEFORMAT --> style="display:none;"<!-- ENDIF -->><input type="text" name="dateformat" id="dateformat" value="{DATE_FORMAT}" maxlength="30" /></div></dd>
 	</dl>
 	</fieldset>
@@ -146,6 +152,7 @@
 
 	<fieldset class="quick">
 		<input class="button1" type="submit" name="update" value="{L_SUBMIT}" />
+		{S_FORM_TOKEN}
 	</fieldset>
 
 	</form>

phpBB/adm/style/acp_users_profile.html

@@ -49,7 +49,7 @@
 			<legend>{L_USER_CUSTOM_PROFILE_FIELDS}</legend>
 		<!-- BEGIN profile_fields -->
 		<dl> 
-			<dt><label>{profile_fields.LANG_NAME}:</label><!-- IF profile_fields.LANG_EXPLAIN --><br /><span>{profile_fields.LANG_EXPLAIN}</span><!-- ENDIF --></dt>
+			<dt><label<!-- IF profile_fields.FIELD_ID --> for="{profile_fields.FIELD_ID}"<!-- ENDIF -->>{profile_fields.LANG_NAME}:</label><!-- IF profile_fields.LANG_EXPLAIN --><br /><span>{profile_fields.LANG_EXPLAIN}</span><!-- ENDIF --></dt>
 			<dd>{profile_fields.FIELD}</dd>
 			<!-- IF profile_fields.ERROR -->
 				<dd><span class="small" style="color: red;">{profile_fields.ERROR}</span></dd>
@@ -61,6 +61,6 @@
 
 	<fieldset class="quick">
 		<input class="button1" type="submit" name="update" value="{L_SUBMIT}" />
+		{S_FORM_TOKEN}
 	</fieldset>
-
 	</form>

phpBB/adm/style/acp_users_signature.html

@@ -1,5 +1,5 @@
-	<script type="text/javascript">
-	<!--
+<script type="text/javascript">
+// <![CDATA[
 
 	var form_name = 'user_signature';
 	var text_name = 'signature';
@@ -27,15 +27,15 @@
 		t: '{LA_BBCODE_T_HELP}',
 		tip: '{L_STYLES_TIP}'
 		<!-- BEGIN custom_tags -->
-			,cb_{custom_tags.BBCODE_ID}: '{custom_tags.BBCODE_HELPLINE}'
+			,cb_{custom_tags.BBCODE_ID}: '{custom_tags.A_BBCODE_HELPLINE}'
 		<!-- END custom_tags -->
 	}
 
-	//-->
-	</script>
-	<script type="text/javascript" src="{T_TEMPLATE_PATH}/editor.js"></script>
+// ]]>
+</script>
+<script type="text/javascript" src="{T_TEMPLATE_PATH}/editor.js"></script>
 
-	<form id="user_signature" method="post" action="{U_ACTION}">
+<form id="user_signature" method="post" action="{U_ACTION}">
 
 	<!-- IF SIGNATURE_PREVIEW -->
 		<fieldset>
@@ -67,17 +67,17 @@
 				<input type="button" class="button2" accesskey="d" name="addbbcode18" value="Flash" onclick="bbstyle(18)" onmouseover="helpline('d')" onmouseout="helpline('tip')" />
 			<!-- ENDIF -->
 
-			{L_FONT_SIZE}: <select name="addbbcode20" onchange="bbfontstyle('[size=' + this.form.addbbcode20.options[this.form.addbbcode20.selectedIndex].value + ']', '[/size]');this.form.addbbcode20.selectedIndex = 2;" onmouseover="helpline('f')" onmouseout="helpline('tip')">
-				<option value="7">{L_FONT_TINY}</option>
-				<option value="9">{L_FONT_SMALL}</option>
-				<option value="12" selected="selected">{L_FONT_NORMAL}</option>
-				<option value="18">{L_FONT_LARGE}</option>
-				<option value="24">{L_FONT_HUGE}</option>
+			{L_FONT_SIZE}: <select name="addbbcode20" onchange="bbfontstyle('[size=' + this.form.addbbcode20.options[this.form.addbbcode20.selectedIndex].value + ']', '[/size]');this.form.addbbcode20.selectedIndex = 2;" title="{L_FONT_SIZE}" onmouseover="helpline('f')" onmouseout="helpline('tip')">
+				<option value="50">{L_FONT_TINY}</option>
+				<option value="85">{L_FONT_SMALL}</option>
+				<option value="100" selected="selected">{L_FONT_NORMAL}</option>
+				<option value="150">{L_FONT_LARGE}</option>
+				<option value="200">{L_FONT_HUGE}</option>
 			</select>
 		<!-- IF .custom_tags -->
 			<br /><br />
 			<!-- BEGIN custom_tags -->
-				<input type="button" class="button2" name="addbbcode{custom_tags.BBCODE_ID}" value="{custom_tags.BBCODE_TAG}" onclick="bbstyle({custom_tags.BBCODE_ID})"<!-- IF custom_tags.BBCODE_HELPLINE !== '' --> onmouseover="helpline('cb_{custom_tags.BBCODE_ID}')"<!-- ENDIF --> />
+				<input type="button" class="button2" name="addbbcode{custom_tags.BBCODE_ID}" value="{custom_tags.BBCODE_TAG}" onclick="bbstyle({custom_tags.BBCODE_ID})"<!-- IF custom_tags.BBCODE_HELPLINE !== '' --> onmouseover="helpline('cb_{custom_tags.BBCODE_ID}')" onmouseout="helpline('tip')"<!-- ENDIF --> />
 			<!-- END custom_tags -->
 		<!-- ENDIF -->
 
@@ -86,9 +86,12 @@
 		<p><input type="text" class="text full" style="border: 0; background: none;" name="helpbox" value="{L_STYLES_TIP}" /></p>
 
 		<dl>
-			<dt style="width: 90px;"><script type="text/javascript"><!--
-				colorPalette('v', 12, 10);
-				//--></script>
+			<dt style="width: 90px;">
+				<script type="text/javascript">
+				// <![CDATA[
+					colorPalette('v', 12, 10);
+				// ]]>
+				</script>
 			</dt>
 			<dd style="margin-left: 90px;"><textarea name="signature" rows="10" cols="60" style="width: 95%;" onselect="storeCaret(this);" onclick="storeCaret(this);" onkeyup="storeCaret(this);">{SIGNATURE}</textarea></dd>
 			<dd style="margin-left: 90px; margin-top: 5px;">
@@ -109,6 +112,6 @@
 	<fieldset class="submit-buttons">
 		<input class="button1" type="submit" name="update" value="{L_SUBMIT}" />&nbsp;
 		<input class="button2" type="submit" name="preview" value="{L_PREVIEW}" />
+		{S_FORM_TOKEN}
 	</fieldset>
-
-	</form>
+</form>

phpBB/adm/style/acp_words.html

@@ -4,7 +4,7 @@
 
 <!-- IF S_EDIT_WORD -->
 
-	<a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a>
+	<a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a>
 
 	<h1>{L_ACP_WORDS}</h1>
 
@@ -27,9 +27,9 @@
 	<p class="submit-buttons">
 		<input class="button1" type="submit" id="submit" name="save" value="{L_SUBMIT}" />&nbsp;
 		<input class="button2" type="reset" id="reset" name="reset" value="{L_RESET}" />
+		{S_FORM_TOKEN}
 	</p>
 	</fieldset>
-
 	</form>
 
 <!-- ELSE -->
@@ -65,9 +65,8 @@
 	<!-- END words -->
 	</tbody>
 	</table>
-
+	{S_FORM_TOKEN}
 	</fieldset>
-
 	</form>
 <!-- ENDIF -->
 

phpBB/adm/style/admin.css

@@ -117,6 +117,10 @@ a:active {
 	text-decoration: none;
 }
 
+.install-body p a {
+	font-weight: bold;
+}
+
 /* Main blocks
 ---------------------------------------- */
 #wrap {
@@ -421,7 +425,6 @@ span.corners-bottom span {
 #menu li a:hover, #menu li a:hover span {
 	text-decoration: none;
 	background-color: #FFFFFF;
-	
 	color: #BC2A4D;
 }
 
@@ -703,7 +706,7 @@ input:hover, textarea:hover {
 	border-top: 1px solid #AFAEAA;
 	border-right: 1px solid #AFAEAA;
 	border-bottom: 1px solid #AFAEAA;
-	background-color: #E9E9E2; 
+	background-color: #E9E9E2;
 }
 
 input.langvalue, textarea.langvalue {
@@ -726,6 +729,11 @@ optgroup {
 	font-weight: bold;
 }
 
+optgroup.disabled-options {
+	display: none;
+	background-color: gray;
+}
+
 option {
 	padding: 0 1em 0 0;
 	color: #000;
@@ -1322,11 +1330,23 @@ fieldset.permissions .permissions-switch {
 	float: left;
 }
 
+fieldset.permissions .padding {
+}
+
 .permissions-switch a {
 	text-decoration: underline;
 	font-size: 0.90em;
 }
 
+.permissions-reset {
+	margin-top: -6px;
+	padding-bottom: 10px;
+}
+
+.permissions-reset a {
+	font-size: .8em;
+}
+
 /* Tabbed menu */
 .permissions-category {
 	line-height: normal;
@@ -1602,3 +1622,16 @@ fieldset.permissions .permissions-switch {
 	margin: 0;
 	padding: 0;
 }
+
+/* Classes for additional tasks
+---------------------------------------- */
+
+.phpinfo {
+	overflow: auto;
+	width: 99%;
+	direction: ltr;
+}
+
+.phpinfo td, .phpinfo th, .phpinfo h2, .phpinfo h1 {
+	text-align: left;
+}

phpBB/adm/style/colour_swatch.html

@@ -36,7 +36,7 @@
 <body>
 
 <script type="text/javascript">
-<!--
+// <![CDATA[
 	var r = 0, g = 0, b = 0;
 
 	var numberList = new Array(6);
@@ -71,7 +71,7 @@
 	{
 		opener.document.forms["{OPENER}"].{NAME}.value = color;
 	}
-//-->
+// ]]>
 </script>
 
 </body>

phpBB/adm/style/custom_profile_fields.html

@@ -1,32 +1,32 @@
 
 <!-- BEGIN dropdown -->
-	<select name="{dropdown.FIELD_IDENT}">
+	<select name="{dropdown.FIELD_IDENT}" id="{dropdown.FIELD_IDENT}">
 		<!-- BEGIN options --><option value="{dropdown.options.OPTION_ID}"{dropdown.options.SELECTED}>{dropdown.options.VALUE}</option><!-- END options -->
 	</select>
 <!-- END dropdown -->
 
 <!-- BEGIN text -->
-	<textarea name="{text.FIELD_IDENT}" rows="{text.FIELD_ROWS}" cols="{text.FIELD_COLS}">{text.FIELD_VALUE}</textarea>
+	<textarea name="{text.FIELD_IDENT}" id="{text.FIELD_IDENT}" rows="{text.FIELD_ROWS}" cols="{text.FIELD_COLS}">{text.FIELD_VALUE}</textarea>
 <!-- END text -->
 
 <!-- BEGIN string -->
-	<input type="text" name="{string.FIELD_IDENT}" size="{string.FIELD_LENGTH}" maxlength="{string.FIELD_MAXLEN}" value="{string.FIELD_VALUE}" />
+	<input type="text" name="{string.FIELD_IDENT}" id="{string.FIELD_IDENT}" size="{string.FIELD_LENGTH}" maxlength="{string.FIELD_MAXLEN}" value="{string.FIELD_VALUE}" />
 <!-- END string -->
 
 <!-- BEGIN bool -->
 	<!-- IF bool.FIELD_LENGTH eq 1 -->
-		<!-- BEGIN options --><label><input type="radio" class="radio" name="{bool.FIELD_IDENT}" value="{bool.options.OPTION_ID}"{bool.options.CHECKED} /> {bool.options.VALUE}</label><!-- END options -->
+		<!-- BEGIN options --><label for="{bool.FIELD_IDENT}_{bool.options.OPTION_ID}"><input type="radio" class="radio" name="{bool.FIELD_IDENT}" id="{bool.FIELD_IDENT}_{bool.options.OPTION_ID}" value="{bool.options.OPTION_ID}"{bool.options.CHECKED} /> {bool.options.VALUE}</label> <!-- END options -->
 	<!-- ELSE -->
-		<input type="checkbox" class="radio" name="{bool.FIELD_IDENT}" value="1"<!-- IF bool.FIELD_VALUE --> checked="checked"<!-- ENDIF --> />
+		<input type="checkbox" class="radio" name="{bool.FIELD_IDENT}" id="{bool.FIELD_IDENT}" value="1"<!-- IF bool.FIELD_VALUE --> checked="checked"<!-- ENDIF --> />
 	<!-- ENDIF -->
 <!-- END bool -->
 
 <!-- BEGIN int -->
-	<input type="text" name="{int.FIELD_IDENT}" size="{int.FIELD_LENGTH}" value="{int.FIELD_VALUE}" />
+	<input type="text" name="{int.FIELD_IDENT}" id="{int.FIELD_IDENT}" size="{int.FIELD_LENGTH}" value="{int.FIELD_VALUE}" />
 <!-- END int -->
 
 <!-- BEGIN date -->
-	<span>{L_DAY}:</span> <select name="{date.FIELD_IDENT}_day">{date.S_DAY_OPTIONS}</select>
-	<span>{L_MONTH}:</span> <select name="{date.FIELD_IDENT}_month">{date.S_MONTH_OPTIONS}</select>
-	<span>{L_YEAR}:</span> <select name="{date.FIELD_IDENT}_year">{date.S_YEAR_OPTIONS}</select>
+	<span>{L_DAY}:</span> <select name="{date.FIELD_IDENT}_day" id="{date.FIELD_IDENT}_day">{date.S_DAY_OPTIONS}</select>
+	<span>{L_MONTH}:</span> <select name="{date.FIELD_IDENT}_month" id="{date.FIELD_IDENT}_month">{date.S_MONTH_OPTIONS}</select>
+	<span>{L_YEAR}:</span> <select name="{date.FIELD_IDENT}_year" id="{date.FIELD_IDENT}_year">{date.S_YEAR_OPTIONS}</select>
 <!-- END date -->

phpBB/adm/style/install_convert.html

@@ -120,8 +120,9 @@
 	<!-- ENDIF -->
 
 	<!-- IF L_SUBMIT -->
+		<!-- IF L_MESSAGE --><p>{L_MESSAGE}</p><!-- ENDIF -->
+
 		<fieldset class="submit-buttons">
-			<!-- IF L_MESSAGE --><p>{L_MESSAGE}</p><!-- ENDIF -->
 			{S_HIDDEN}
 			<!-- IF L_SUBMIT --><input class="button1<!-- IF S_REFRESH --> disabled<!-- ENDIF -->" type="submit" id="submit" <!-- IF S_REFRESH -->disabled="disabled" <!-- ELSE --> onclick="this.className = 'button1 disabled';" onsubmit="this.disabled = 'disabled';" <!-- ENDIF -->name="submit" value="{L_SUBMIT}" /><!-- ENDIF -->
 		</fieldset>

phpBB/adm/style/install_footer.html

@@ -18,7 +18,7 @@
 	// -->
 	
 	<div id="page-footer">
-		Powered by phpBB {VERSION} &copy; 2000, 2002, 2005, 2007 <a href="http://www.phpbb.com/">phpBB Group</a>
+		Powered by phpBB &copy; 2000, 2002, 2005, 2007 <a href="http://www.phpbb.com/">phpBB Group</a>
 	</div>
 </div>
 

phpBB/adm/style/install_header.html

@@ -11,6 +11,31 @@
 
 <link href="../adm/style/admin.css" rel="stylesheet" type="text/css" media="screen" />
 
+<script type="text/javascript">
+// <![CDATA[
+
+/**
+* Set display of page element
+* s[-1,0,1] = hide,toggle display,show
+*/
+function dE(n, s, type)
+{
+	if (!type)
+	{
+		type = 'block';
+	}
+
+	var e = document.getElementById(n);
+	if (!s)
+	{
+		s = (e.style.display == '' || e.style.display == 'block') ? -1 : 1;
+	}
+	e.style.display = (s == 1) ? type : 'none';
+}
+
+// ]]>
+</script>
+
 </head>
 
 <body class="{S_CONTENT_DIRECTION}">
@@ -53,4 +78,4 @@
 						</ul>
 					</div>
 	
-					<div id="main">
+					<div id="main" class="install-body">

phpBB/adm/style/install_update.html

@@ -1,21 +1,49 @@
 <!-- INCLUDE install_header.html -->
 
 <script type="text/javascript">
-<!--
-	function popup(url, width, height)
+// <![CDATA[
+	function popup(url, width, height, name)
 	{
-		window.open(url.replace(/&amp;/g, '&'), 'diff', 'height=' + height + ',resizable=yes,scrollbars=yes,width=' + width);
+		if (!name)
+		{
+			name = '_popup';
+		}
+
+		window.open(url.replace(/&amp;/g, '&'), name, 'height=' + height + ',resizable=yes,scrollbars=yes, width=' + width);
 		return false;
 	}
-//-->
+
+	function diff_popup(url)
+	{
+		popup(url, 950, 600, '_diff');
+		return false;
+	}
+// ]]>
 </script>
 
 <!-- IF S_ERROR -->
-	<h1>{L_NOTICE}</h1>
-	<p style="color: red;">{ERROR_MSG}</p>
+	<div class="errorbox" style="margin-top: 0;">
+		<h3>{L_NOTICE}</h3>
+		<p>{ERROR_MSG}</p>
+	</div>
 <!-- ENDIF -->
 
-<!-- IF S_INTRO -->
+<!-- IF S_IN_PROGRESS -->
+
+	<div class="successbox" style="margin-top: 0;">
+		<h3>{L_IN_PROGRESS}</h3>
+		<p>{L_IN_PROGRESS_EXPLAIN}</p>
+	</div>
+
+<!-- ELSEIF S_INTRO -->
+
+	<!-- IF S_WARNING -->
+	<div class="successbox" style="margin-top: 0;">
+		<h3>{L_NOTICE}</h3>
+		<p>{WARNING_MSG}</p>
+	</div>
+	<!-- ENDIF -->
+
 	<form id="install_update" method="post" action="{U_ACTION}">
 
 	<h1>{L_UPDATE_INSTALLATION}</h1>
@@ -35,7 +63,7 @@
 	<p>{L_UPDATE_SUCCESS_EXPLAIN}</p>
 
 	<fieldset class="submit-buttons">
-		<input class="button1" type="submit" name="submit" value="{L_CHECK_FILES_AGAIN}" />
+		<input class="button1" type="submit" name="check_again" value="{L_CHECK_FILES_AGAIN}" />
 	</fieldset>
 
 	</form>
@@ -68,6 +96,12 @@
 		<dt><label>{L_LATEST_VERSION}</label></dt>
 		<dd><strong>{LATEST_VERSION}</strong></dd>
 	</dl>
+	<!-- IF PACKAGE_VERSION and not S_UP_TO_DATE -->
+	<dl>
+		<dt><label>{L_PACKAGE_UPDATES_TO}</label></dt>
+		<dd><strong>{PACKAGE_VERSION}</strong></dd>
+	</dl>
+	<!-- ENDIF -->
 	</fieldset>
 
 	<!-- IF not S_UP_TO_DATE -->
@@ -162,13 +196,16 @@
 			<!-- BEGIN files -->
 				<!-- IF files.S_STATUS -->
 					<!-- IF not files.S_FIRST_ROW -->
-						</fieldset>
+						</fieldset></div>
 					<!-- ENDIF -->
 
 					<h2>{files.TITLE}</h2>
 
+					<!-- IF files.STATUS eq 'not_modified' --><div style="float: {S_CONTENT_FLOW_END};">&raquo; <a href="#" onclick="dE('not_modified', 0); return false;">{L_TOGGLE_DISPLAY}</a></div><!-- ENDIF -->
 					<p>{files.EXPLAIN}</p>
 
+					<div style="display: <!-- IF files.STATUS neq 'not_modified' -->block<!-- ELSE -->none<!-- ENDIF -->;" id="{files.STATUS}">
+
 					<fieldset>
 						<legend><img src="{T_IMAGE_PATH}file_{files.STATUS}.gif" alt="{files.L_STATUS}" /></legend>
 				<!-- ELSE -->
@@ -185,28 +222,48 @@
 								<br /><span>{L_NUM_CONFLICTS}: {files.NUM_CONFLICTS}</span>
 								<!-- ENDIF -->
 							</dt>
-							<dd style="margin-left: 60%;"><!-- IF not files.S_BINARY -->[ <a href="{files.U_SHOW_DIFF}" onclick="popup('{files.U_SHOW_DIFF}', 700, 500); return false;">{files.L_SHOW_DIFF}</a> ]<!-- ELSE -->{L_BINARY_FILE}<!-- ENDIF --></dd>
+							<dd style="margin-left: 60%;"><!-- IF files.STATUS eq 'modified' -->&nbsp;<!-- ELSE --><!-- IF not files.S_BINARY -->[ <a href="{files.U_SHOW_DIFF}" onclick="diff_popup(this.href); return false;">{files.L_SHOW_DIFF}</a> ]<!-- ELSE -->{L_BINARY_FILE}<!-- ENDIF --><!-- ENDIF --></dd>
 							<!-- IF files.S_CUSTOM -->
 								<dd style="margin-left: 60%;"><label><input type="checkbox" name="no_update[]" value="{files.FILENAME}" class="radio" /> {L_DO_NOT_UPDATE}</label></dd>
 							<!-- ENDIF -->
+							
+							<!-- IF files.STATUS eq 'modified' -->
+							</dl>
+							<dl>
+								<dt style="width: 60%"><label><input type="radio" class="radio" name="modified[{files.FILENAME}]" value="0" checked="checked" /> {L_MERGE_MODIFICATIONS_OPTION}</label></dt>
+								<dd style="margin-left: 60%;"><!-- IF not files.S_BINARY -->[ <a href="{files.U_SHOW_DIFF}" onclick="diff_popup(this.href); return false;">{files.L_SHOW_DIFF}</a> ]<!-- ELSE -->{L_BINARY_FILE}<!-- ENDIF --></dd>
+							</dl>
+							<dl>
+								<dt style="width: 60%"><label><input type="radio" class="radio" name="modified[{files.FILENAME}]" value="1" /> {L_MERGE_NO_MERGE_NEW_OPTION}</label></dt>
+								<dd style="margin-left: 60%;"><!-- IF not files.S_BINARY -->[<a href="{files.U_VIEW_NO_MERGE_NEW}" onclick="diff_popup(this.href); return false;">{L_SHOW_DIFF_FINAL}</a>]<!-- ELSE -->&nbsp;<!-- ENDIF --></dd>
+							</dl>
+							<dl>
+								<dt style="width: 60%"><label><input type="radio" class="radio" name="modified[{files.FILENAME}]" value="2" /> {L_MERGE_NO_MERGE_MOD_OPTION}</label></dt>
+								<dd style="margin-left: 60%;"><!-- IF not files.S_BINARY -->[<a href="{files.U_VIEW_NO_MERGE_MOD}" onclick="diff_popup(this.href); return false;">{L_SHOW_DIFF_FINAL}</a>]<!-- ELSE -->&nbsp;<!-- ENDIF --></dd>
+							</dl>
+							<!-- IF not files.S_LAST_ROW -->
+							</fieldset>
+
+							<fieldset>
+								<legend><img src="{T_IMAGE_PATH}file_{files.STATUS}.gif" alt="{files.L_STATUS}" /></legend>
+							<!-- ENDIF -->
+
+							<!-- ENDIF -->
+
 							<!-- IF files.STATUS eq 'conflict' -->
 							</dl>
 							<dl>
 								<dt style="width: 60%"><label><input type="radio" class="radio" name="conflict[{files.FILENAME}]" value="1" checked="checked" /> {L_MERGE_NO_MERGE_NEW_OPTION}</label></dt>
-								<dd style="margin-left: 60%;"><!-- IF not files.S_BINARY -->[<a href="{files.U_VIEW_NO_MERGE_NEW}" onclick="popup('{files.U_VIEW_NO_MERGE_NEW}', 700, 500); return false;">{L_SHOW_DIFF_FINAL}</a>]<!-- ELSE -->&nbsp;<!-- ENDIF --></dd>
-							</dl>
-							<dl>
-								<dt style="width: 60%"><label><input type="radio" class="radio" name="conflict[{files.FILENAME}]" value="2" /> {L_MERGE_NO_MERGE_MOD_OPTION}</label></dt>
-								<dd style="margin-left: 60%;"><!-- IF not files.S_BINARY -->[<a href="{files.U_VIEW_NO_MERGE_MOD}" onclick="popup('{files.U_VIEW_NO_MERGE_MOD}', 700, 500); return false;">{L_SHOW_DIFF_FINAL}</a>]<!-- ELSE -->&nbsp;<!-- ENDIF --></dd>
+								<dd style="margin-left: 60%;"><!-- IF not files.S_BINARY -->[<a href="{files.U_VIEW_NO_MERGE_NEW}" onclick="diff_popup(this.href); return false;">{L_SHOW_DIFF_FINAL}</a>]<!-- ELSE -->&nbsp;<!-- ENDIF --></dd>
 							</dl>
 								<!-- IF not files.S_BINARY -->
 									<dl>
 										<dt style="width: 60%"><label><input type="radio" class="radio" name="conflict[{files.FILENAME}]" value="3" /> {L_MERGE_NEW_FILE_OPTION}</label></dt>
-										<dd style="margin-left: 60%;">[<a href="{files.U_VIEW_NEW_FILE}" onclick="popup('{files.U_VIEW_NEW_FILE}', 700, 500); return false;">{L_SHOW_DIFF_FINAL}</a>]</dd>
+										<dd style="margin-left: 60%;">[<a href="{files.U_VIEW_NEW_FILE}" onclick="diff_popup(this.href); return false;">{L_SHOW_DIFF_FINAL}</a>]</dd>
 									</dl>
 									<dl>
 										<dt style="width: 60%"><label><input type="radio" class="radio" name="conflict[{files.FILENAME}]" value="4" /> {L_MERGE_MOD_FILE_OPTION}</label></dt>
-										<dd style="margin-left: 60%;">[<a href="{files.U_VIEW_MOD_FILE}" onclick="popup('{files.U_VIEW_MOD_FILE}', 700, 500); return false;">{L_SHOW_DIFF_FINAL}</a>]</dd>
+										<dd style="margin-left: 60%;">[<a href="{files.U_VIEW_MOD_FILE}" onclick="diff_popup(this.href); return false;">{L_SHOW_DIFF_FINAL}</a>]</dd>
 									</dl>
 								<!-- ENDIF -->
 							<!-- IF not files.S_LAST_ROW -->
@@ -218,11 +275,11 @@
 
 							<!-- ENDIF -->
 						<!-- ENDIF -->
-					<!-- IF files.STATUS neq 'conflict' --></dl><!-- ENDIF -->
+					<!-- IF files.STATUS neq 'conflict' and files.STATUS neq 'modified' --></dl><!-- ENDIF -->
 				<!-- ENDIF -->
 			<!-- END files -->
 
-			</fieldset>
+			</fieldset></div>
 		<!-- ENDIF -->
 
 		<br />
@@ -247,14 +304,14 @@
 
 <!-- ELSEIF S_DOWNLOAD_FILES -->
 
-	<h1>{L_SELECT_DOWNLOAD_FORMAT}</h1>
+	<h1>{L_DOWNLOAD_UPDATE_METHOD}</h1>
 
 	<p>{L_DOWNLOAD_UPDATE_METHOD_EXPLAIN}</p>
 
 	<form id="install_update" method="post" action="{U_ACTION}">
 
 	<fieldset>
-		<legend>{L_DOWNLOAD_AS}</legend>
+		<legend>{L_SELECT_DOWNLOAD_FORMAT}</legend>
 	<dl>
 		<dt><label for="use_method">{L_DOWNLOAD_AS}:</label></dt>
 		<dd>{RADIO_BUTTONS}</dd>

phpBB/adm/style/install_update_diff.html

@@ -12,7 +12,7 @@
 <link href="../adm/style/admin.css" rel="stylesheet" type="text/css" media="screen" />
 
 <script type="text/javascript">
-<!--
+// <![CDATA[
 function resize_panel()
 {
 	var block = document.getElementById('codepanel');	
@@ -28,7 +28,7 @@ function resize_panel()
 		//whatever IE needs to do this
 	}	
 }
--->
+// ]]>
 </script>
 
 <style type="text/css">
@@ -42,11 +42,16 @@ function resize_panel()
 	width: 99%;
 }
 
+#diff_content {
+	padding: 30px 10px 10px;
+}
+
 <!-- IF DIFF_MODE neq 'side_by_side' and DIFF_MODE neq 'raw' -->
 div#codepanel {
 	overflow: auto;
 	width: 100%;
 	height: 350px;
+	display: inline-block;
 }
 <!-- ELSE -->
 div#codepanel {	
@@ -230,11 +235,11 @@ table.hrdiff caption span {
 		<div id="acp">
 		<div class="panel" id="codepanel">
 			<span class="corners-top"><span></span></span>
-				<div id="content">
+				<div id="diff_content">
 					<div id="main">
 
 <!-- IF S_DIFF_CONFLICT_FILE -->
-		<div style="float: right;"><strong>{L_NUM_CONFLICTS}: {NUM_CONFLICTS}</strong></div>
+		<div style="float: {S_CONTENT_FLOW_END};"><strong>{L_NUM_CONFLICTS}: {NUM_CONFLICTS}</strong></div>
 <!-- ENDIF -->
 						{DIFF_CONTENT}
 					</div>

phpBB/adm/style/overall_footer.html

@@ -19,7 +19,7 @@
 	
 	<div id="page-footer">
 		<!-- IF S_COPYRIGHT_HTML -->
-			Powered by phpBB {VERSION} &copy; 2000, 2002, 2005, 2007 <a href="http://www.phpbb.com/">phpBB Group</a>
+			Powered by phpBB &copy; 2000, 2002, 2005, 2007 <a href="http://www.phpbb.com/">phpBB Group</a>
 			<!-- IF TRANSLATION_INFO --><br />{TRANSLATION_INFO}<!-- ENDIF -->
 		<!-- ENDIF -->
 

phpBB/adm/style/overall_header.html

@@ -12,11 +12,11 @@
 <link href="style/admin.css" rel="stylesheet" type="text/css" media="screen" />
 
 <script type="text/javascript">
-<!--
+// <![CDATA[
 var jump_page = '{LA_JUMP_PAGE}:';
 var on_page = '{ON_PAGE}';
 var per_page = '{PER_PAGE}';
-var base_url = '{BASE_URL}';
+var base_url = '{A_BASE_URL}';
 
 var menu_state = 'shown';
 
@@ -81,34 +81,26 @@ function marklist(id, name, state)
 	}
 }
 
-/**
-* Open trace popup
-*/
-function trace(link)
-{
-	window.open(link.replace(/&amp;/g, '&'), '_trace', 'height=515, resizable=yes, scrollbars=yes, width=750');
-	return false;
-}
-
 /**
 * Find a member
 */
-function find_username()
+function find_username(url)
 {
-	<!-- IF UA_FIND_USERNAME -->
-	window.open('{UA_FIND_USERNAME}', '_usersearch', 'height=570, resizable=yes, scrollbars=yes, width=760');
-	<!-- ENDIF -->
+	popup(url, 760, 570, '_usersearch');
 	return false;
 }
 
 /**
-* Color swatch
+* Window popup
 */
-function swatch(field)
+function popup(url, width, height, name)
 {
-	<!-- IF UA_SWATCH -->
-	window.open('{UA_SWATCH}' + field, '_swatch', 'height=150, resizable=yes, scrollbars=no, width=636');
-	<!-- ENDIF -->
+	if (!name)
+	{
+		name = '_popup';
+	}
+
+	window.open(url.replace(/&amp;/g, '&'), name, 'height=' + height + ',resizable=yes,scrollbars=yes, width=' + width);
 	return false;
 }
 
@@ -162,7 +154,7 @@ function switch_menu()
 	}
 }
 
-//-->
+// ]]>
 </script>
 </head>
 
@@ -193,7 +185,7 @@ function switch_menu()
 						<a id="toggle-handle" accesskey="m" title="{L_MENU_TOGGLE}" onclick="switch_menu(); return false;" href="#"></a></div>
 					<!-- ENDIF -->
 					<div id="menu">
-						<p>{L_LOGGED_IN_AS}<br /><strong>{USERNAME}</strong> [&nbsp;<a href="{U_LOGOUT}">{L_LOGOUT}</a>&nbsp;]</p>						
+						<p>{L_LOGGED_IN_AS}<br /><strong>{USERNAME}</strong> [&nbsp;<a href="{U_LOGOUT}">{L_LOGOUT}</a>&nbsp;]</p>
 						<ul>
 						<!-- BEGIN l_block1 -->
 							<!-- IF l_block1.S_SELECTED -->

phpBB/adm/style/permission_mask.html

@@ -1,6 +1,6 @@
 
 <script type="text/javascript">
-<!--
+// <![CDATA[
 	var active_pmask = '0';
 	var active_fmask = '0';
 	var active_cat = '0';
@@ -12,13 +12,13 @@
 	<!-- IF S_ROLE_JS_ARRAY -->
 		{S_ROLE_JS_ARRAY}
 	<!-- ENDIF -->
-//-->
+// ]]>
 </script>
 <script type="text/javascript" src="style/permissions.js"></script>
 
 <!-- BEGIN p_mask -->
 <div class="clearfix"></div>
-<h3>{p_mask.PADDING}{p_mask.NAME}<!-- IF p_mask.S_LOCAL --> <span class="small"> [{p_mask.L_ACL_TYPE}]</span><!-- ENDIF --></h3>
+<h3>{p_mask.NAME}<!-- IF p_mask.S_LOCAL --> <span class="small"> [{p_mask.L_ACL_TYPE}]</span><!-- ENDIF --></h3>
 
 <!-- BEGIN f_mask -->
 <div class="clearfix"></div>
@@ -28,11 +28,14 @@
 			<input type="checkbox" style="display: none;" class="permissions-checkbox" name="inherit[{p_mask.f_mask.UG_ID}][{p_mask.f_mask.FORUM_ID}]" id="checkbox{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}" value="1" onclick="toggle_opacity('{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}')" /> 
 		<!-- ELSE -->
 		<!-- ENDIF -->
-		<!-- {p_mask.f_mask.PADDING} -->{p_mask.f_mask.NAME}
+		<!-- IF p_mask.f_mask.PADDING --><span class="padding">{p_mask.f_mask.PADDING}{p_mask.f_mask.PADDING}</span><!-- ENDIF -->{p_mask.f_mask.NAME}
 	</legend>
 	<!-- IF not p_mask.S_VIEW -->
 		<div class="permissions-switch">
-			<a href="#" onclick="swap_options('{p_mask.S_ROW_COUNT}', '{p_mask.f_mask.S_ROW_COUNT}', '0', true); return false;">{L_ADVANCED_PERMISSIONS}</a>
+			<div class="permissions-reset">
+				<a href="#" onclick="mark_options('perm{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}', 'y'); reset_role('role{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}'); init_colours('{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}'); return false;">{L_ALL_YES}</a> &middot; <a href="#" onclick="mark_options('perm{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}', 'u'); reset_role('role{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}'); init_colours('{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}'); return false;">{L_ALL_NO}</a> &middot; <a href="#" onclick="mark_options('perm{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}', 'n'); reset_role('role{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}'); init_colours('{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}'); return false;">{L_ALL_NEVER}</a>
+			</div>
+			<a href="#" onclick="swap_options('{p_mask.S_ROW_COUNT}', '{p_mask.f_mask.S_ROW_COUNT}', '0', true); return false;">{L_ADVANCED_PERMISSIONS}</a><!-- IF not p_mask.S_VIEW and p_mask.f_mask.S_CUSTOM --> *<!-- ENDIF -->
 		</div>
 		<dl class="permissions-simple">
 			<dt style="width: 20%"><label for="role{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}">{L_ROLE}:</label></dt>
@@ -46,7 +49,11 @@
 
 	<!-- BEGIN category -->
 		<!-- IF p_mask.f_mask.category.S_FIRST_ROW -->
-			<div class="permissions-advanced" id="advanced{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}"<!-- IF not p_mask.S_VIEW --> style="display: none;"<!-- ENDIF -->>
+			<!-- IF not p_mask.S_VIEW -->
+				<div class="permissions-advanced" id="advanced{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}" style="display: none;">
+			<!-- ELSE -->
+				<div class="permissions-advanced" id="advanced{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}">
+			<!-- ENDIF -->
 
 			<div class="permissions-category">
 				<ul>
@@ -95,7 +102,7 @@
 				<tbody>
 				<!-- BEGIN mask -->
 					<!-- IF p_mask.f_mask.category.mask.S_ROW_COUNT is even --><tr class="row4"><!-- ELSE --><tr class="row3"><!-- ENDIF -->
-					<th class="permissions-name<!-- IF p_mask.f_mask.category.mask.S_ROW_COUNT is even --> row4<!-- ELSE --> row3<!-- ENDIF -->"><!-- IF p_mask.f_mask.category.mask.U_TRACE --><a href="#" class="trace" onclick="trace('{p_mask.f_mask.category.mask.U_TRACE}'); return false;" title="{L_TRACE_SETTING}"><img src="images/icon_trace.gif" alt="{L_TRACE_SETTING}" /></a> <!-- ENDIF -->{p_mask.f_mask.category.mask.PERMISSION}</th>
+					<th class="permissions-name<!-- IF p_mask.f_mask.category.mask.S_ROW_COUNT is even --> row4<!-- ELSE --> row3<!-- ENDIF -->"><!-- IF p_mask.f_mask.category.mask.U_TRACE --><a href="{p_mask.f_mask.category.mask.U_TRACE}" class="trace" onclick="popup(this.href, 750, 515, '_trace'); return false;" title="{L_TRACE_SETTING}"><img src="images/icon_trace.gif" alt="{L_TRACE_SETTING}" /></a> <!-- ENDIF -->{p_mask.f_mask.category.mask.PERMISSION}</th>
 					<!-- IF p_mask.S_VIEW -->
 						<td<!-- IF p_mask.f_mask.category.mask.S_YES --> class="yes"<!-- ENDIF -->>&nbsp;</td>
 						<td<!-- IF p_mask.f_mask.category.mask.S_NEVER --> class="never"<!-- ENDIF -->></td>

phpBB/adm/style/permission_trace.html

@@ -2,7 +2,7 @@
 
 <div style="background-color: #fff; padding: 10px; margin-top: 10px;" class="permissions">
 
-	<!-- IF U_BACK --><a href="{U_BACK}" style="float: right">&laquo; {L_BACK}</a><!-- ENDIF -->
+	<!-- IF U_BACK --><a href="{U_BACK}" style="float: {S_CONTENT_FLOW_END};">&laquo; {L_BACK}</a><!-- ENDIF -->
 
 	<h3>{L_TRACE_FOR}: {PERMISSION_USERNAME} / <!-- IF FORUM_NAME -->{FORUM_NAME} / <!-- ENDIF -->{PERMISSION} </h3>
 
@@ -41,6 +41,13 @@
 		<td>{trace.INFORMATION}</td>
 	</tr>
 	<!-- END trace -->
+	<tr class="row2">
+		<td style="white-space: nowrap;"><strong>{L_TRACE_RESULT}</strong></td>
+		<td colspan="2" style="text-align: center;" class="<!-- IF S_RESULT_NEVER -->never<!-- ELSEIF S_RESULT_YES -->yes<!-- ELSE -->no<!-- ENDIF -->">
+		<!-- IF S_RESULT_NEVER -->{L_ACL_NEVER}<!-- ELSEIF S_RESULT_YES -->{L_ACL_YES}<!-- ELSE -->{L_ACL_NO}<!-- ENDIF -->
+		</td>
+		<td>{L_RESULTING_PERMISSION}</td>
+	</tr>
 	</tbody>
 	</table>
 

phpBB/adm/style/progress_bar.html

@@ -1,7 +1,7 @@
 <!-- INCLUDE simple_header.html -->
 
 <script type="text/javascript">
-<!--
+// <![CDATA[
 	/**
 	* Close previously opened popup
 	*/
@@ -22,7 +22,7 @@
 		setTimeout("close_popup()", 1000);
 		return 0;
 	}
-//-->
+// ]]>
 </script>
 
 <div class="successbox">
@@ -32,9 +32,9 @@
 </div>
 
 <script type="text/javascript">
-<!--
+// <![CDATA[
 	close_popup();
-//-->
+// ]]>
 </script>
 
 <!-- INCLUDE simple_footer.html -->

phpBB/adm/style/simple_footer.html

@@ -1,4 +1,4 @@
-		<div style="text-align: right;"><a href="#" onclick="self.close(); return false;">{L_CLOSE_WINDOW}</a></div>
+		<div style="text-align: {S_CONTENT_FLOW_END};"><a href="#" onclick="self.close(); return false;">{L_CLOSE_WINDOW}</a></div>
 	<br /><br />
 </div>
 
@@ -16,7 +16,7 @@
 <div id="page-footer">
 
 	<!-- IF S_COPYRIGHT_HTML -->
-		<br />Powered by phpBB {VERSION} &copy; 2000, 2002, 2005, 2007 <a href="http://www.phpbb.com/">phpBB Group</a>
+		<br />Powered by phpBB &copy; 2000, 2002, 2005, 2007 <a href="http://www.phpbb.com/">phpBB Group</a>
 		<!-- IF TRANSLATION_INFO --><br />{TRANSLATION_INFO}<!-- ENDIF -->
 	<!-- ENDIF -->
 

phpBB/adm/style/simple_header.html

@@ -12,11 +12,25 @@
 <link href="style/admin.css" rel="stylesheet" type="text/css" media="screen" />
 
 <script type="text/javascript">
-<!--
+// <![CDATA[
 var jump_page = '{LA_JUMP_PAGE}:';
 var on_page = '{ON_PAGE}';
 var per_page = '{PER_PAGE}';
-var base_url = '{BASE_URL}';
+var base_url = '{A_BASE_URL}';
+
+/**
+* Window popup
+*/
+function popup(url, width, height, name)
+{
+	if (!name)
+	{
+		name = '_popup';
+	}
+
+	window.open(url.replace(/&amp;/g, '&'), name, 'height=' + height + ',resizable=yes,scrollbars=yes, width=' + width);
+	return false;
+}
 
 /**
 * Jump to page
@@ -76,26 +90,13 @@ function marklist(id, name, state)
 /**
 * Find a member
 */
-function find_username()
+function find_username(url)
 {
-	<!-- IF UA_FIND_USERNAME -->
-	window.open('{UA_FIND_USERNAME}', '_usersearch', 'height=570, resizable=yes, scrollbars=yes, width=760');
-	<!-- ENDIF -->
+	popup(url, 760, 570, '_usersearch');
 	return false;
 }
 
-/**
-* Color swatch
-*/
-function swatch(field)
-{
-	<!-- IF UA_SWATCH -->
-	window.open('{UA_SWATCH}' + field, '_swatch', 'height=150, resizable=yes, scrollbars=no, width=636');
-	<!-- ENDIF -->
-	return false;
-}
-
-//-->
+// ]]>
 </script>
 </head>
 

phpBB/adm/swatch.php

@@ -1,10 +1,10 @@
 <?php
-/** 
+/**
 *
 * @package phpBB3
 * @version $Id$
-* @copyright (c) 2005 phpBB Group 
-* @license http://opensource.org/licenses/gpl-license.php GNU Public License 
+* @copyright (c) 2005 phpBB Group
+* @license http://opensource.org/licenses/gpl-license.php GNU Public License
 *
 */
 
@@ -12,7 +12,8 @@
 * @ignore
 */
 define('IN_PHPBB', true);
-$phpbb_root_path = './../';
+define('ADMIN_START', true);
+$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './../';
 $phpEx = substr(strrchr(__FILE__, '.'), 1);
 include($phpbb_root_path . 'common.' . $phpEx);
 
@@ -28,9 +29,16 @@ $template->set_filenames(array(
 	'body' => 'colour_swatch.html')
 );
 
+$form = request_var('form', '');
+$name = request_var('name', '');
+
+// We validate form and name here, only id/class allowed
+$form = (!preg_match('/^[a-z0-9_-]+$/i', $form)) ? '' : $form;
+$name = (!preg_match('/^[a-z0-9_-]+$/i', $name)) ? '' : $name;
+
 $template->assign_vars(array(
-	'OPENER'		=> addslashes(request_var('form', '')),
-	'NAME'			=> request_var('name', ''),
+	'OPENER'		=> $form,
+	'NAME'			=> $name,
 	'T_IMAGES_PATH'	=> "{$phpbb_root_path}images/",
 
 	'S_USER_LANG'			=> $user->lang['USER_LANG'],

phpBB/common.php

@@ -1,10 +1,10 @@
 <?php
-/** 
+/**
 *
 * @package phpBB3
 * @version $Id$
-* @copyright (c) 2005 phpBB Group 
-* @license http://opensource.org/licenses/gpl-license.php GNU Public License 
+* @copyright (c) 2005 phpBB Group
+* @license http://opensource.org/licenses/gpl-license.php GNU Public License
 *
 * Minimum Requirement: PHP 4.3.3
 */
@@ -65,8 +65,26 @@ function deregister_globals()
 	{
 		if (isset($not_unset[$varname]))
 		{
-			// Hacking attempt. No point in continuing.
-			exit;
+			// Hacking attempt. No point in continuing unless it's a COOKIE
+			if ($varname !== 'GLOBALS' || isset($_GET['GLOBALS']) || isset($_POST['GLOBALS']) || isset($_SERVER['GLOBALS']) || isset($_SESSION['GLOBALS']) || isset($_ENV['GLOBALS']) || isset($_FILES['GLOBALS']))
+			{
+				exit;
+			}
+			else
+			{
+				$cookie = &$_COOKIE;
+				while (isset($cookie['GLOBALS']))
+				{
+					foreach ($cookie['GLOBALS'] as $registered_var => $value)
+					{
+						if (!isset($not_unset[$registered_var]))
+						{
+							unset($GLOBALS[$registered_var]);
+						}
+					}
+					$cookie = &$cookie['GLOBALS'];
+				}
+			}
 		}
 
 		unset($GLOBALS[$varname]);
@@ -88,7 +106,7 @@ else
 	set_magic_quotes_runtime(0);
 
 	// Be paranoid with passed vars
-	if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on')
+	if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on' || !function_exists('ini_get'))
 	{
 		deregister_globals();
 	}
@@ -98,16 +116,7 @@ else
 
 if (defined('IN_CRON'))
 {
-	chdir($phpbb_root_path);
-	if (@function_exists('getcwd'))
-	{
-		$phpbb_root_path = getcwd() . '/';
-	}
-	else
-	{
-		// This is a best guess
-		$phpbb_root_path = pathinfo($_SERVER['SCRIPT_FILENAME'], PATHINFO_DIRNAME) . '/';
-	}
+	$phpbb_root_path = dirname(__FILE__) . DIRECTORY_SEPARATOR;
 }
 
 if (!file_exists($phpbb_root_path . 'config.' . $phpEx))
@@ -175,13 +184,16 @@ require($phpbb_root_path . 'includes/cache.' . $phpEx);
 require($phpbb_root_path . 'includes/template.' . $phpEx);
 require($phpbb_root_path . 'includes/session.' . $phpEx);
 require($phpbb_root_path . 'includes/auth.' . $phpEx);
+
 require($phpbb_root_path . 'includes/functions.' . $phpEx);
+require($phpbb_root_path . 'includes/functions_content.' . $phpEx);
+
 require($phpbb_root_path . 'includes/constants.' . $phpEx);
 require($phpbb_root_path . 'includes/db/' . $dbms . '.' . $phpEx);
 require($phpbb_root_path . 'includes/utf/utf_tools.' . $phpEx);
 
 // Set PHP error handler to ours
-set_error_handler('msg_handler');
+set_error_handler(defined('PHPBB_MSG_HANDLER') ? PHPBB_MSG_HANDLER : 'msg_handler');
 
 // Instantiate some basic classes
 $user		= new user();
@@ -191,7 +203,7 @@ $cache		= new cache();
 $db			= new $sql_db();
 
 // Connect to DB
-$db->sql_connect($dbhost, $dbuser, $dbpasswd, $dbname, $dbport, false, false);
+$db->sql_connect($dbhost, $dbuser, $dbpasswd, $dbname, $dbport, false, defined('PHPBB_DB_NEW_LINK') ? PHPBB_DB_NEW_LINK : false);
 
 // We do not need this any longer, unset for safety purposes
 unset($dbpasswd);
@@ -199,4 +211,13 @@ unset($dbpasswd);
 // Grab global variables, re-cache if necessary
 $config = $cache->obtain_config();
 
+// Add own hook handler
+require($phpbb_root_path . 'includes/hooks/index.' . $phpEx);
+$phpbb_hook = new phpbb_hook(array('exit_handler', 'phpbb_user_session_handler', 'append_sid', array('template', 'display')));
+
+foreach ($cache->obtain_hooks() as $hook)
+{
+	@include($phpbb_root_path . 'includes/hooks/' . $hook . '.' . $phpEx);
+}
+
 ?>

phpBB/cron.php

@@ -1,10 +1,10 @@
 <?php
-/** 
+/**
 *
 * @package phpBB3
 * @version $Id$
-* @copyright (c) 2005 phpBB Group 
-* @license http://opensource.org/licenses/gpl-license.php GNU Public License 
+* @copyright (c) 2005 phpBB Group
+* @license http://opensource.org/licenses/gpl-license.php GNU Public License
 *
 */
 
@@ -12,7 +12,7 @@
 */
 define('IN_PHPBB', true);
 define('IN_CRON', true);
-$phpbb_root_path = './';
+$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './';
 $phpEx = substr(strrchr(__FILE__, '.'), 1);
 include($phpbb_root_path . 'common.' . $phpEx);
 
@@ -30,7 +30,41 @@ header('Content-length: 43');
 
 echo base64_decode('R0lGODlhAQABAIAAAP///wAAACH5BAEAAAAALAAAAAABAAEAAAICRAEAOw==');
 
-flush();
+// test without flush ;)
+// flush();
+
+//
+if (!isset($config['cron_lock']))
+{
+	set_config('cron_lock', '0', true);
+}
+
+// make sure cron doesn't run multiple times in parallel
+if ($config['cron_lock'])
+{
+	// if the other process is running more than an hour already we have to assume it
+	// aborted without cleaning the lock
+	$time = explode(' ', $config['cron_lock']);
+	$time = $time[0];
+
+	if ($time + 3600 >= time())
+	{
+		exit;
+	}
+}
+
+define('CRON_ID', time() . ' ' . unique_id());
+
+$sql = 'UPDATE ' . CONFIG_TABLE . "
+	SET config_value = '" . $db->sql_escape(CRON_ID) . "'
+	WHERE config_name = 'cron_lock' AND config_value = '" . $db->sql_escape($config['cron_lock']) . "'";
+$db->sql_query($sql);
+
+// another cron process altered the table between script start and UPDATE query so exit
+if ($db->sql_affectedrows() != 1)
+{
+	exit;
+}
 
 /**
 * Run cron-like action
@@ -45,6 +79,12 @@ switch ($cron_type)
 			break;
 		}
 
+		// A user reported using the mail() function while using shutdown does not work. We do not want to risk that.
+		if ($use_shutdown_function && !$config['smtp_delivery'])
+		{
+			$use_shutdown_function = false;
+		}
+
 		include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
 		$queue = new queue();
 
@@ -219,13 +259,29 @@ switch ($cron_type)
 // Unloading cache and closing db after having done the dirty work.
 if ($use_shutdown_function)
 {
+	register_shutdown_function('unlock_cron');
 	register_shutdown_function('garbage_collection');
 }
 else
 {
+	unlock_cron();
 	garbage_collection();
 }
 
 exit;
 
+
+/**
+* Unlock cron script
+*/
+function unlock_cron()
+{
+	global $db;
+
+	$sql = 'UPDATE ' . CONFIG_TABLE . "
+		SET config_value = '0'
+		WHERE config_name = 'cron_lock' AND config_value = '" . $db->sql_escape(CRON_ID) . "'";
+	$db->sql_query($sql);
+}
+
 ?>

phpBB/develop/adjust_uids.php

@@ -0,0 +1,129 @@
+<?php
+/**
+* Repair bbcodes converted with RC6
+*
+* You should make a backup from your users, posts and privmsgs table in case something goes wrong
+* Forum descriptions and rules need to be re-submitted manually
+*
+*/
+die("Please read the first lines of this script for instructions on how to enable it");
+
+set_time_limit(0);
+@ini_set('memory_limit', '512M');
+
+define('IN_PHPBB', true);
+$phpbb_root_path = './../';
+$phpEx = substr(strrchr(__FILE__, '.'), 1);
+include($phpbb_root_path . 'common.'.$phpEx);
+
+// Start session management
+$user->session_begin();
+$auth->acl($user->data);
+$user->setup();
+
+$echos = 0;
+
+
+// Adjust user signatures
+$sql = 'SELECT user_id, user_sig, user_sig_bbcode_uid
+	FROM ' . USERS_TABLE . '
+	ORDER BY user_id ASC';
+$result = $db->sql_query($sql);
+
+while ($row = $db->sql_fetchrow($result))
+{
+	$bbcode_uid = $row['user_sig_bbcode_uid'];
+
+	// Only if a bbcode uid is present, the signature present and a size tag used...
+	if (!empty($bbcode_uid) && strpos($row['user_sig'], $bbcode_uid) === false)
+	{
+		$row['user_sig'] = preg_replace('/\:[0-9a-z]{8}\]/', ":$bbcode_uid]", $row['user_sig']);
+
+		$sql = 'UPDATE ' . USERS_TABLE . " SET user_sig = '" . $db->sql_escape($row['user_sig']) . "'
+			WHERE user_id = " . $row['user_id'];
+		$db->sql_query($sql);
+
+		if ($echos > 200)
+		{
+			echo '<br />User: ' . "{$row['user_id']}\n";
+			$echos = 0;
+		}
+
+		echo '.';
+		$echos++;
+
+		flush();
+	}
+}
+$db->sql_freeresult($result);
+
+
+// Now adjust posts
+$sql = 'SELECT post_id, post_text, bbcode_uid, enable_bbcode
+	FROM ' . POSTS_TABLE . '
+	ORDER BY post_id ASC';
+$result = $db->sql_query($sql);
+
+while ($row = $db->sql_fetchrow($result))
+{
+	$bbcode_uid = $row['bbcode_uid'];
+
+	// Only if a bbcode uid is present, bbcode enabled and a size tag used...
+	if ($row['enable_bbcode'] && !empty($bbcode_uid) && strpos($row['post_text'], $bbcode_uid) === false)
+	{
+		$row['post_text'] = preg_replace('/\:[0-9a-z]{8}\]/', ":$bbcode_uid]", $row['post_text']);
+		
+		$sql = 'UPDATE ' . POSTS_TABLE . " SET post_text = '" . $db->sql_escape($row['post_text']) . "'
+			WHERE post_id = " . $row['post_id'];
+		$db->sql_query($sql);
+
+		if ($echos > 200)
+		{
+			echo '<br />Post: ' . "{$row['post_id']} \n";
+			$echos = 0;
+		}
+
+		echo '.';
+		$echos++;
+
+		flush();
+	}
+}
+$db->sql_freeresult($result);
+
+// Now to the private messages
+$sql = 'SELECT msg_id, message_text, bbcode_uid, enable_bbcode
+	FROM ' . PRIVMSGS_TABLE;
+$result = $db->sql_query($sql);
+
+while ($row = $db->sql_fetchrow($result))
+{
+	$bbcode_uid = $row['bbcode_uid'];
+
+	// Only if a bbcode uid is present, bbcode enabled and a size tag used...
+	if ($row['enable_bbcode'] && !empty($bbcode_uid) && strpos($row['message_text'], $bbcode_uid) === false)
+	{
+		$row['message_text'] = preg_replace('/\:[0-9a-z]{8}\]/', ":$bbcode_uid]", $row['message_text']);
+		
+		$sql = 'UPDATE ' . PRIVMSGS_TABLE . " SET message_text = '" . $db->sql_escape($row['message_text']) . "'
+			WHERE msg_id = " . $row['msg_id'];
+		$db->sql_query($sql);
+
+		if ($echos > 200)
+		{
+			echo '<br />' . "\n";
+			$echos = 0;
+		}
+
+		echo '.';
+		$echos++;
+
+		flush();
+	}
+}
+$db->sql_freeresult($result);
+
+// Done
+$db->sql_close();
+echo 'done';
+?>

phpBB/develop/create_schema_files.php

@@ -1,10 +1,10 @@
 <?php
-/** 
+/**
 *
 * @package phpBB3
 * @version $Id$
-* @copyright (c) 2006 phpBB Group 
-* @license http://opensource.org/licenses/gpl-license.php GNU Public License 
+* @copyright (c) 2006 phpBB Group
+* @license http://opensource.org/licenses/gpl-license.php GNU Public License
 *
 * This file creates new schema files for every database.
 * The filenames will be prefixed with an underscore to not overwrite the current schema files.
@@ -14,7 +14,7 @@
 
 die("Please read the first lines of this script for instructions on how to enable it");
 
-set_time_limit(0);
+@set_time_limit(0);
 
 $schema_path = './../install/schemas/';
 
@@ -46,6 +46,9 @@ $dbms_type_map = array(
 		'MTEXT_UNI'	=> 'mediumtext',
 		'TIMESTAMP'	=> 'int(11) UNSIGNED',
 		'DECIMAL'	=> 'decimal(5,2)',
+		'DECIMAL:'	=> 'decimal(%d,2)',
+		'PDECIMAL'	=> 'decimal(6,3)',
+		'PDECIMAL:'	=> 'decimal(%d,3)',
 		'VCHAR_UNI'	=> 'varchar(255)',
 		'VCHAR_UNI:'=> 'varchar(%d)',
 		'VCHAR_CI'	=> 'varchar(255)',
@@ -73,6 +76,9 @@ $dbms_type_map = array(
 		'MTEXT_UNI'	=> 'mediumblob',
 		'TIMESTAMP'	=> 'int(11) UNSIGNED',
 		'DECIMAL'	=> 'decimal(5,2)',
+		'DECIMAL:'	=> 'decimal(%d,2)',
+		'PDECIMAL'	=> 'decimal(6,3)',
+		'PDECIMAL:'	=> 'decimal(%d,3)',
 		'VCHAR_UNI'	=> 'blob',
 		'VCHAR_UNI:'=> array('varbinary(%d)', 'limit' => array('mult', 3, 255, 'blob')),
 		'VCHAR_CI'	=> 'blob',
@@ -100,6 +106,9 @@ $dbms_type_map = array(
 		'MTEXT_UNI'	=> 'BLOB SUB_TYPE TEXT CHARACTER SET UTF8',
 		'TIMESTAMP'	=> 'INTEGER',
 		'DECIMAL'	=> 'DOUBLE PRECISION',
+		'DECIMAL:'	=> 'DOUBLE PRECISION',
+		'PDECIMAL'	=> 'DOUBLE PRECISION',
+		'PDECIMAL:'	=> 'DOUBLE PRECISION',
 		'VCHAR_UNI'	=> 'VARCHAR(255) CHARACTER SET UTF8',
 		'VCHAR_UNI:'=> 'VARCHAR(%d) CHARACTER SET UTF8',
 		'VCHAR_CI'	=> 'VARCHAR(255) CHARACTER SET UTF8',
@@ -127,6 +136,9 @@ $dbms_type_map = array(
 		'MTEXT_UNI'	=> '[text]',
 		'TIMESTAMP'	=> '[int]',
 		'DECIMAL'	=> '[float]',
+		'DECIMAL:'	=> '[float]',
+		'PDECIMAL'	=> '[float]',
+		'PDECIMAL:'	=> '[float]',
 		'VCHAR_UNI'	=> '[varchar] (255)',
 		'VCHAR_UNI:'=> '[varchar] (%d)',
 		'VCHAR_CI'	=> '[varchar] (255)',
@@ -154,6 +166,9 @@ $dbms_type_map = array(
 		'MTEXT_UNI'	=> 'clob',
 		'TIMESTAMP'	=> 'number(11)',
 		'DECIMAL'	=> 'number(5, 2)',
+		'DECIMAL:'	=> 'number(%d, 2)',
+		'PDECIMAL'	=> 'number(6, 3)',
+		'PDECIMAL:'	=> 'number(%d, 3)',
 		'VCHAR_UNI'	=> 'varchar2(765)',
 		'VCHAR_UNI:'=> array('varchar2(%d)', 'limit' => array('mult', 3, 765, 'clob')),
 		'VCHAR_CI'	=> 'varchar2(255)',
@@ -181,6 +196,9 @@ $dbms_type_map = array(
 		'MTEXT_UNI'	=> 'mediumtext(16777215)',
 		'TIMESTAMP'	=> 'INTEGER UNSIGNED', //'int(11) UNSIGNED',
 		'DECIMAL'	=> 'decimal(5,2)',
+		'DECIMAL:'	=> 'decimal(%d,2)',
+		'PDECIMAL'	=> 'decimal(6,3)',
+		'PDECIMAL:'	=> 'decimal(%d,3)',
 		'VCHAR_UNI'	=> 'varchar(255)',
 		'VCHAR_UNI:'=> 'varchar(%d)',
 		'VCHAR_CI'	=> 'varchar(255)',
@@ -208,6 +226,9 @@ $dbms_type_map = array(
 		'MTEXT_UNI'	=> 'TEXT',
 		'TIMESTAMP'	=> 'INT4', // unsigned
 		'DECIMAL'	=> 'decimal(5,2)',
+		'DECIMAL:'	=> 'decimal(%d,2)',
+		'PDECIMAL'	=> 'decimal(6,3)',
+		'PDECIMAL:'	=> 'decimal(%d,3)',
 		'VCHAR_UNI'	=> 'varchar(255)',
 		'VCHAR_UNI:'=> 'varchar(%d)',
 		'VCHAR_CI'	=> 'varchar_ci',
@@ -302,7 +323,7 @@ foreach ($supported_dbms as $dbms)
 		}
 
 		// Table specific so we don't get overlap
-		$modded_array = array(); 
+		$modded_array = array();
 
 		// Write columns one by one...
 		foreach ($table_data['COLUMNS'] as $column_name => $column_data)
@@ -771,6 +792,9 @@ foreach ($supported_dbms as $dbms)
 *	VCHAR:x		=> varchar(x)
 *	TIMESTAMP	=> int(11) UNSIGNED
 *	DECIMAL		=> decimal number (5,2)
+*	DECIMAL:	=> decimal number (x,2)
+*	PDECIMAL	=> precision decimal number (6,3)
+*	PDECIMAL:	=> precision decimal number (x,3)
 *	VCHAR_UNI	=> varchar(255) BINARY
 *	VCHAR_CI	=> varchar_ci for postgresql, others VCHAR
 */
@@ -1025,16 +1049,16 @@ function get_schema_struct()
 			'forum_desc'			=> array('TEXT_UNI', ''),
 			'forum_desc_bitfield'	=> array('VCHAR:255', ''),
 			'forum_desc_options'	=> array('UINT:11', 7),
-			'forum_desc_uid'		=> array('VCHAR:5', ''),
+			'forum_desc_uid'		=> array('VCHAR:8', ''),
 			'forum_link'			=> array('VCHAR_UNI', ''),
 			'forum_password'		=> array('VCHAR_UNI:40', ''),
-			'forum_style'			=> array('TINT:4', 0),
+			'forum_style'			=> array('USINT', 0),
 			'forum_image'			=> array('VCHAR', ''),
 			'forum_rules'			=> array('TEXT_UNI', ''),
 			'forum_rules_link'		=> array('VCHAR_UNI', ''),
 			'forum_rules_bitfield'	=> array('VCHAR:255', ''),
 			'forum_rules_options'	=> array('UINT:11', 7),
-			'forum_rules_uid'		=> array('VCHAR:5', ''),
+			'forum_rules_uid'		=> array('VCHAR:8', ''),
 			'forum_topics_per_page'	=> array('TINT:4', 0),
 			'forum_type'			=> array('TINT:4', 0),
 			'forum_status'			=> array('TINT:4', 0),
@@ -1104,12 +1128,12 @@ function get_schema_struct()
 			'group_desc'			=> array('TEXT_UNI', ''),
 			'group_desc_bitfield'	=> array('VCHAR:255', ''),
 			'group_desc_options'	=> array('UINT:11', 7),
-			'group_desc_uid'		=> array('VCHAR:5', ''),
+			'group_desc_uid'		=> array('VCHAR:8', ''),
 			'group_display'			=> array('BOOL', 0),
 			'group_avatar'			=> array('VCHAR', ''),
-			'group_avatar_type'		=> array('TINT:4', 0),
-			'group_avatar_width'	=> array('TINT:4', 0),
-			'group_avatar_height'	=> array('TINT:4', 0),
+			'group_avatar_type'		=> array('TINT:2', 0),
+			'group_avatar_width'	=> array('USINT', 0),
+			'group_avatar_height'	=> array('USINT', 0),
 			'group_rank'			=> array('UINT', 0),
 			'group_colour'			=> array('VCHAR:6', ''),
 			'group_sig_chars'		=> array('UINT', 0),
@@ -1261,7 +1285,7 @@ function get_schema_struct()
 			'post_checksum'			=> array('VCHAR:32', ''),
 			'post_attachment'		=> array('BOOL', 0),
 			'bbcode_bitfield'		=> array('VCHAR:255', ''),
-			'bbcode_uid'			=> array('VCHAR:5', ''),
+			'bbcode_uid'			=> array('VCHAR:8', ''),
 			'post_postcount'		=> array('BOOL', 1),
 			'post_edit_time'		=> array('TIMESTAMP', 0),
 			'post_edit_reason'		=> array('STEXT_UNI', ''),
@@ -1298,7 +1322,7 @@ function get_schema_struct()
 			'message_edit_user'		=> array('UINT', 0),
 			'message_attachment'	=> array('BOOL', 0),
 			'bbcode_bitfield'		=> array('VCHAR:255', ''),
-			'bbcode_uid'			=> array('VCHAR:5', ''),
+			'bbcode_uid'			=> array('VCHAR:8', ''),
 			'message_edit_time'		=> array('TIMESTAMP', 0),
 			'message_edit_count'	=> array('USINT', 0),
 			'to_address'			=> array('TEXT_UNI', ''),
@@ -1556,13 +1580,13 @@ function get_schema_struct()
 
 	$schema_data['phpbb_styles'] = array(
 		'COLUMNS'		=> array(
-			'style_id'				=> array('TINT:4', NULL, 'auto_increment'),
+			'style_id'				=> array('USINT', NULL, 'auto_increment'),
 			'style_name'			=> array('VCHAR_UNI:255', ''),
 			'style_copyright'		=> array('VCHAR_UNI', ''),
 			'style_active'			=> array('BOOL', 1),
-			'template_id'			=> array('TINT:4', 0),
-			'theme_id'				=> array('TINT:4', 0),
-			'imageset_id'			=> array('TINT:4', 0),
+			'template_id'			=> array('USINT', 0),
+			'theme_id'				=> array('USINT', 0),
+			'imageset_id'			=> array('USINT', 0),
 		),
 		'PRIMARY_KEY'	=> 'style_id',
 		'KEYS'			=> array(
@@ -1575,7 +1599,7 @@ function get_schema_struct()
 
 	$schema_data['phpbb_styles_template'] = array(
 		'COLUMNS'		=> array(
-			'template_id'			=> array('TINT:4', NULL, 'auto_increment'),
+			'template_id'			=> array('USINT', NULL, 'auto_increment'),
 			'template_name'			=> array('VCHAR_UNI:255', ''),
 			'template_copyright'	=> array('VCHAR_UNI', ''),
 			'template_path'			=> array('VCHAR:100', ''),
@@ -1590,7 +1614,7 @@ function get_schema_struct()
 
 	$schema_data['phpbb_styles_template_data'] = array(
 		'COLUMNS'		=> array(
-			'template_id'			=> array('TINT:4', NULL, 'auto_increment'),
+			'template_id'			=> array('USINT', 0),
 			'template_filename'		=> array('VCHAR:100', ''),
 			'template_included'		=> array('TEXT', ''),
 			'template_mtime'		=> array('TIMESTAMP', 0),
@@ -1604,7 +1628,7 @@ function get_schema_struct()
 
 	$schema_data['phpbb_styles_theme'] = array(
 		'COLUMNS'		=> array(
-			'theme_id'				=> array('TINT:4', NULL, 'auto_increment'),
+			'theme_id'				=> array('USINT', NULL, 'auto_increment'),
 			'theme_name'			=> array('VCHAR_UNI:255', ''),
 			'theme_copyright'		=> array('VCHAR_UNI', ''),
 			'theme_path'			=> array('VCHAR:100', ''),
@@ -1620,7 +1644,7 @@ function get_schema_struct()
 
 	$schema_data['phpbb_styles_imageset'] = array(
 		'COLUMNS'		=> array(
-			'imageset_id'				=> array('TINT:4', NULL, 'auto_increment'),
+			'imageset_id'				=> array('USINT', NULL, 'auto_increment'),
 			'imageset_name'				=> array('VCHAR_UNI:255', ''),
 			'imageset_copyright'		=> array('VCHAR_UNI', ''),
 			'imageset_path'				=> array('VCHAR:100', ''),
@@ -1639,7 +1663,7 @@ function get_schema_struct()
 			'image_lang'			=> array('VCHAR:30', ''),
 			'image_height'			=> array('USINT', 0),
 			'image_width'			=> array('USINT', 0),
-			'imageset_id'			=> array('TINT:4', 0),
+			'imageset_id'			=> array('USINT', 0),
 		),
 		'PRIMARY_KEY'		=> 'image_id',
 		'KEYS'				=> array(
@@ -1777,11 +1801,11 @@ function get_schema_struct()
 			'user_timezone'				=> array('DECIMAL', 0),
 			'user_dst'					=> array('BOOL', 0),
 			'user_dateformat'			=> array('VCHAR_UNI:30', 'd M Y H:i'),
-			'user_style'				=> array('TINT:4', 0),
+			'user_style'				=> array('USINT', 0),
 			'user_rank'					=> array('UINT', 0),
 			'user_colour'				=> array('VCHAR:6', ''),
-			'user_new_privmsg'			=> array('TINT:4', 0),
-			'user_unread_privmsg'		=> array('TINT:4', 0),
+			'user_new_privmsg'			=> array('INT:4', 0),
+			'user_unread_privmsg'		=> array('INT:4', 0),
 			'user_last_privmsg'			=> array('TIMESTAMP', 0),
 			'user_message_rules'		=> array('BOOL', 0),
 			'user_full_folder'			=> array('INT:11', -3),
@@ -1805,7 +1829,7 @@ function get_schema_struct()
 			'user_avatar_width'			=> array('USINT', 0),
 			'user_avatar_height'		=> array('USINT', 0),
 			'user_sig'					=> array('MTEXT_UNI', ''),
-			'user_sig_bbcode_uid'		=> array('VCHAR:5', ''),
+			'user_sig_bbcode_uid'		=> array('VCHAR:8', ''),
 			'user_sig_bbcode_bitfield'	=> array('VCHAR:255', ''),
 			'user_from'					=> array('VCHAR_UNI:100', ''),
 			'user_icq'					=> array('VCHAR:15', ''),
@@ -1817,7 +1841,9 @@ function get_schema_struct()
 			'user_occ'					=> array('TEXT_UNI', ''),
 			'user_interests'			=> array('TEXT_UNI', ''),
 			'user_actkey'				=> array('VCHAR:32', ''),
-			'user_newpasswd'			=> array('VCHAR_UNI:32', ''),
+			'user_newpasswd'			=> array('VCHAR_UNI:40', ''),
+			'user_form_salt'			=> array('VCHAR_UNI:32', ''),
+
 		),
 		'PRIMARY_KEY'	=> 'user_id',
 		'KEYS'			=> array(
@@ -1882,17 +1908,17 @@ function custom_data($dbms)
 
 /*
 CREATE TABLESPACE "PHPBB"
-	LOGGING 
-	DATAFILE 'E:\ORACLE\ORADATA\LOCAL\PHPBB.ora' 
+	LOGGING
+	DATAFILE 'E:\ORACLE\ORADATA\LOCAL\PHPBB.ora'
 	SIZE 10M
 	AUTOEXTEND ON NEXT 10M
 	MAXSIZE 100M;
 
-CREATE USER "PHPBB" 
-	PROFILE "DEFAULT" 
-	IDENTIFIED BY "phpbb_password" 
-	DEFAULT TABLESPACE "PHPBB" 
-	QUOTA UNLIMITED ON "PHPBB" 
+CREATE USER "PHPBB"
+	PROFILE "DEFAULT"
+	IDENTIFIED BY "phpbb_password"
+	DEFAULT TABLESPACE "PHPBB"
+	QUOTA UNLIMITED ON "PHPBB"
 	ACCOUNT UNLOCK;
 
 GRANT ANALYZE ANY TO "PHPBB";
@@ -1996,4 +2022,6 @@ EOF;
 	return '';
 }
 
+echo 'done';
+
 ?>

phpBB/develop/generate_utf_casefold.php

@@ -1,10 +1,10 @@
 <?php
-/** 
+/**
 *
 * @package phpBB3
 * @version $Id$
-* @copyright (c) 2005 phpBB Group 
-* @license http://opensource.org/licenses/gpl-license.php GNU Public License 
+* @copyright (c) 2005 phpBB Group
+* @license http://opensource.org/licenses/gpl-license.php GNU Public License
 *
 */
 

phpBB/develop/generate_utf_confusables.php

@@ -0,0 +1,240 @@
+<?php
+/**
+*
+* @package phpBB3
+* @version $Id$
+* @copyright (c) 2005 phpBB Group
+* @license http://opensource.org/licenses/gpl-license.php GNU Public License
+*
+*/
+
+if (php_sapi_name() != 'cli')
+{
+	die("This program must be run from the command line.\n");
+}
+
+//
+// Security message:
+//
+// This script is potentially dangerous.
+// Remove or comment the next line (die(".... ) to enable this script.
+// Do NOT FORGET to either remove this script or disable it after you have used it.
+//
+die("Please read the first lines of this script for instructions on how to enable it");
+
+set_time_limit(0);
+
+define('IN_PHPBB', true);
+$phpbb_root_path = '../';
+$phpEx = substr(strrchr(__FILE__, '.'), 1);
+
+echo "Checking for required files\n";
+download('http://unicode.org/reports/tr39/data/confusables.txt');
+download('http://unicode.org/Public/UNIDATA/CaseFolding.txt');
+echo "\n";
+
+
+/**
+* Load the confusables table
+*/
+echo "Loading confusables\n";
+$unidata = file_get_contents('confusables.txt');
+
+/**
+* Load the CaseFolding table
+*/
+echo "Loading CaseFolding\n";
+$casefolds = file_get_contents('CaseFolding.txt');
+
+
+function utf8_chr($cp)
+{
+    if ($cp > 0xFFFF)
+    {
+        return chr(0xF0 | ($cp >> 18)) . chr(0x80 | (($cp >> 12) & 0x3F)) . chr(0x80 | (($cp >> 6) & 0x3F)) . chr(0x80 | ($cp & 0x3F));
+    }
+    else if ($cp > 0x7FF)
+    {
+        return chr(0xE0 | ($cp >> 12)) . chr(0x80 | (($cp >> 6) & 0x3F)) . chr(0x80 | ($cp & 0x3F));
+    }
+    else if ($cp > 0x7F)
+    {
+        return chr(0xC0 | ($cp >> 6)) . chr(0x80 | ($cp & 0x3F));
+    }
+    else
+    {
+        return chr($cp);
+    }
+}
+
+preg_match_all('/^([0-9A-F]+) ;\s((?:[0-9A-F]+ )*);.*?$/im', $unidata, $array, PREG_SET_ORDER);
+preg_match_all('/^([0-9A-F]+); ([CFS]); ([0-9A-F]+(?: [0-9A-F]+)*);/im', $casefolds, $casefold_array);
+
+// some that we defined ourselves
+$uniarray = array(
+		"\xC2\xA1"			=>	"\x69",	// EXCLAMATION MARK, INVERTED => LATIN SMALL LETTER I
+		"\xC7\x83"			=>	"\x21",	// LATIN LETTER RETROFLEX CLICK => EXCLAMATION MARK
+		"\xCE\xB1"			=>	"\x61",	// GREEK SMALL LETTER ALPHA => LATIN SMALL LETTER A
+		"\xE1\x9A\x80"		=>	"\x20",	// OGHAM SPACE MARK
+
+		"\xC2\xAD"			=>	'',		// HYPHEN, SOFT => empty string
+		"\xDB\x9D"			=>	'',		// ARABIC END OF AYAH
+		"\xDC\x8F"			=>	'',		// SYRIAC ABBREVIATION MARK
+		"\xE1\xA0\x86"		=>	'',		// MONGOLIAN TODO SOFT HYPHEN
+		"\xE1\xA0\x8E"		=>	'',		// MONGOLIAN VOWEL SEPARATOR
+		"\xE2\x80\x8B"		=>	'',		// ZERO WIDTH SPACE
+		"\xE2\x80\x8C"		=>	'',		// ZERO WIDTH NON-JOINER
+		"\xE2\x80\x8D"		=>	'',		// ZERO WIDTH JOINER
+		"\xE2\x80\xA8"		=>	'',		// LINE SEPARATOR
+		"\xE2\x80\xA9"		=>	'',		// PARAGRAPH SEPARATOR
+		"\xE2\x81\xA0"		=>	'',		// WORD JOINER
+		"\xE2\x81\xA1"		=>	'',		// FUNCTION APPLICATION
+		"\xE2\x81\xA2"		=>	'',		// INVISIBLE TIMES
+		"\xE2\x81\xA3"		=>	'',		// INVISIBLE SEPARATOR
+		"\xE2\x81\xAA"		=>	'',		// [CONTROL CHARACTERS]
+		"\xE2\x81\xAB"		=>	'',		// [CONTROL CHARACTERS]
+		"\xE2\x81\xAC"		=>	'',		// [CONTROL CHARACTERS]
+		"\xE2\x81\xAD"		=>	'',		// [CONTROL CHARACTERS]
+		"\xE2\x81\xAE"		=>	'',		// [CONTROL CHARACTERS]
+		"\xE2\x81\xAF"		=>	'',		// [CONTROL CHARACTERS]
+		"\xEF\xBB\xBF"		=>	'',		// ZERO WIDTH NO-BREAK SPACE
+		"\xEF\xBF\xB9"		=>	'',		// [CONTROL CHARACTERS]
+		"\xEF\xBF\xBA"		=>	'',		// [CONTROL CHARACTERS]
+		"\xEF\xBF\xBB"		=>	'',		// [CONTROL CHARACTERS]
+		"\xEF\xBF\xBC"		=>	'',		// [CONTROL CHARACTERS]
+		"\xF0\x9D\x85\xB3"	=>	'',		// [MUSICAL CONTROL CHARACTERS]
+		"\xF0\x9D\x85\xB4"	=>	'',		// [MUSICAL CONTROL CHARACTERS]
+		"\xF0\x9D\x85\xB5"	=>	'',		// [MUSICAL CONTROL CHARACTERS]
+		"\xF0\x9D\x85\xB6"	=>	'',		// [MUSICAL CONTROL CHARACTERS]
+		"\xF0\x9D\x85\xB7"	=>	'',		// [MUSICAL CONTROL CHARACTERS]
+		"\xF0\x9D\x85\xB8"	=>	'',		// [MUSICAL CONTROL CHARACTERS]
+		"\xF0\x9D\x85\xB9"	=>	'',		// [MUSICAL CONTROL CHARACTERS]
+		"\xF0\x9D\x85\xBA"	=>	'',		// [MUSICAL CONTROL CHARACTERS]
+);
+
+$copy = $uniarray;
+
+foreach ($array as $value)
+{
+	$temp_hold = implode(array_map('utf8_chr', array_map('hexdec', explode(' ', trim($value[2])))));
+	
+	if (isset($copy[utf8_chr(hexdec((string)$value[1]))]))
+	{
+		$num = '';
+		$string = utf8_chr(hexdec((string)$value[1]));
+		for ($i = 0; $i < strlen($string); $i++)
+		{
+			$num .= '\x' . str_pad(base_convert(ord($string[$i]), 10, 16), 2, '0', STR_PAD_LEFT);
+		}
+		echo $num . "\n";
+		if ($uniarray[$string] != $temp_hold)
+		{
+			echo "  --> $string\n";
+			echo "  --> " . $temp_hold . "\n";
+		}
+	}
+
+	// do some tests for things that transform into something with the number one
+	if (strpos($temp_hold, utf8_chr(0x0031)) !== false)
+	{
+		// any kind of letter L?
+		if (strpos($value[0], 'LETTER L') !== false || strpos($value[0], 'IOTA') !== false || strpos($value[0], 'SMALL L ') !== false || preg_match('/SMALL LIGATURE [^L]*L /', $value[0]))
+		{
+			// replace all of the mappings that transform some sort of letter l to number one instead to some sort of letter l to latin small letter l
+			$temp_hold = str_replace(utf8_chr(0x0031), utf8_chr(0x006C), $temp_hold);
+		}
+	}
+
+	// uppercased chars that were folded do not exist in this universe,
+	// no amount of normalization could ever "trick" this into not working
+	if (in_array($value[1], $casefold_array[1]))
+	{
+		continue;
+	}
+
+	$uniarray[utf8_chr(hexdec((string)$value[1]))] = $temp_hold;
+}
+
+echo "Writing to confusables.$phpEx\n";
+
+$fp = fopen($phpbb_root_path . 'includes/utf/data/confusables.' . $phpEx, 'wb');
+fwrite($fp, '<?php return ' . my_var_export($uniarray) . ';');
+fclose($fp);
+
+/**
+* Return a parsable string representation of a variable
+*
+* This is function is limited to array/strings/integers
+*
+* @param	mixed	$var		Variable
+* @return	string				PHP code representing the variable
+*/
+function my_var_export($var)
+{
+	if (is_array($var))
+	{
+		$lines = array();
+
+		foreach ($var as $k => $v)
+		{
+			$lines[] = my_var_export($k) . '=>' . my_var_export($v);
+		}
+
+		return 'array(' . implode(',', $lines) . ')';
+	}
+	else if (is_string($var))
+	{
+		return "'" . str_replace(array('\\', "'"), array('\\\\', "\\'"), $var) . "'";
+	}
+	else
+	{
+		return $var;
+	}
+}
+
+/**
+* Download a file to the develop/ dir
+*
+* @param	string	$url		URL of the file to download
+* @return	void
+*/
+function download($url)
+{
+	global $phpbb_root_path;
+
+	if (file_exists($phpbb_root_path . 'develop/' . basename($url)))
+	{
+		return;
+	}
+
+	echo 'Downloading from ', $url, ' ';
+
+	if (!$fpr = fopen($url, 'rb'))
+	{
+		die("Can't download from $url\nPlease download it yourself and put it in the develop/ dir, kthxbai");
+	}
+
+	if (!$fpw = fopen($phpbb_root_path . 'develop/' . basename($url), 'wb'))
+	{
+		die("Can't open develop/" . basename($url) . " for output... please check your permissions or something");
+	}
+
+	$i = 0;
+	$chunk = 32768;
+	$done = '';
+
+	while (!feof($fpr))
+	{
+		$i += fwrite($fpw, fread($fpr, $chunk));
+		echo str_repeat("\x08", strlen($done));
+
+		$done = ($i >> 10) . ' KiB';
+		echo $done;
+	}
+	fclose($fpr);
+	fclose($fpw);
+
+	echo "\n";
+}
+
+?>

phpBB/develop/generate_utf_tables.php

@@ -1,10 +1,10 @@
 <?php
-/** 
+/**
 *
 * @package phpBB3
 * @version $Id$
-* @copyright (c) 2005 phpBB Group 
-* @license http://opensource.org/licenses/gpl-license.php GNU Public License 
+* @copyright (c) 2005 phpBB Group
+* @license http://opensource.org/licenses/gpl-license.php GNU Public License
 *
 */
 

phpBB/develop/repair_bots.php

@@ -0,0 +1,151 @@
+<?php
+/**
+* Rebuild BOTS
+*
+* You should make a backup from your whole database. Things can and will go wrong. 
+* This will only work if no BOTs were added.
+*
+*/
+die("Please read the first lines of this script for instructions on how to enable it");
+
+set_time_limit(0);
+
+define('IN_PHPBB', true);
+$phpbb_root_path = './../';
+$phpEx = substr(strrchr(__FILE__, '.'), 1);
+include($phpbb_root_path . 'common.'.$phpEx);
+include($phpbb_root_path . '/includes/functions_user.'.$phpEx);
+
+
+// Start session management
+$user->session_begin();
+$auth->acl($user->data);
+$user->setup();
+
+$bots = array(
+	'AdsBot [Google]'			=> array('AdsBot-Google', ''),
+	'Alexa [Bot]'				=> array('ia_archiver', ''),
+	'Alta Vista [Bot]'			=> array('Scooter/', ''),
+	'Ask Jeeves [Bot]'			=> array('Ask Jeeves', ''),
+	'Baidu [Spider]'			=> array('Baiduspider+(', ''),
+	'Exabot [Bot]'				=> array('Exabot/', ''),
+	'FAST Enterprise [Crawler]'	=> array('FAST Enterprise Crawler', ''),
+	'FAST WebCrawler [Crawler]'	=> array('FAST-WebCrawler/', ''),
+	'Francis [Bot]'				=> array('http://www.neomo.de/', ''),
+	'Gigabot [Bot]'				=> array('Gigabot/', ''),
+	'Google Adsense [Bot]'		=> array('Mediapartners-Google', ''),
+	'Google Desktop'			=> array('Google Desktop', ''),
+	'Google Feedfetcher'		=> array('Feedfetcher-Google', ''),
+	'Google [Bot]'				=> array('Googlebot', ''),
+	'Heise IT-Markt [Crawler]'	=> array('heise-IT-Markt-Crawler', ''),
+	'Heritrix [Crawler]'		=> array('heritrix/1.', ''),
+	'IBM Research [Bot]'		=> array('ibm.com/cs/crawler', ''),
+	'ICCrawler - ICjobs'		=> array('ICCrawler - ICjobs', ''),
+	'ichiro [Crawler]'			=> array('ichiro/2', ''),
+	'Majestic-12 [Bot]'			=> array('MJ12bot/', ''),
+	'Metager [Bot]'				=> array('MetagerBot/', ''),
+	'MSN NewsBlogs'				=> array('msnbot-NewsBlogs/', ''),
+	'MSN [Bot]'					=> array('msnbot/', ''),
+	'MSNbot Media'				=> array('msnbot-media/', ''),
+	'NG-Search [Bot]'			=> array('NG-Search/', ''),
+	'Nutch [Bot]'				=> array('http://lucene.apache.org/nutch/', ''),
+	'Nutch/CVS [Bot]'			=> array('NutchCVS/', ''),
+	'OmniExplorer [Bot]'		=> array('OmniExplorer_Bot/', ''),
+	'Online link [Validator]'	=> array('online link validator', ''),
+	'psbot [Picsearch]'			=> array('psbot/0', ''),
+	'Seekport [Bot]'			=> array('Seekbot/', ''),
+	'Sensis [Crawler]'			=> array('Sensis Web Crawler', ''),
+	'SEO Crawler'				=> array('SEO search Crawler/', ''),
+	'Seoma [Crawler]'			=> array('Seoma [SEO Crawler]', ''),
+	'SEOSearch [Crawler]'		=> array('SEOsearch/', ''),
+	'Snappy [Bot]'				=> array('Snappy/1.1 ( http://www.urltrends.com/ )', ''),
+	'Steeler [Crawler]'			=> array('http://www.tkl.iis.u-tokyo.ac.jp/~crawler/', ''),
+	'Synoo [Bot]'				=> array('SynooBot/', ''),
+	'Telekom [Bot]'				=> array('crawleradmin.t-info@telekom.de', ''),
+	'TurnitinBot [Bot]'			=> array('TurnitinBot/', ''),
+	'Voyager [Bot]'				=> array('voyager/1.0', ''),
+	'W3 [Sitesearch]'			=> array('W3 SiteSearch Crawler', ''),
+	'W3C [Linkcheck]'			=> array('W3C-checklink/', ''),
+	'W3C [Validator]'			=> array('W3C_*Validator', ''),
+	'WiseNut [Bot]'				=> array('http://www.WISEnutbot.com', ''),
+	'YaCy [Bot]'				=> array('yacybot', ''),
+	'Yahoo MMCrawler [Bot]'		=> array('Yahoo-MMCrawler/', ''),
+	'Yahoo Slurp [Bot]'			=> array('Yahoo! DE Slurp', ''),
+	'Yahoo [Bot]'				=> array('Yahoo! Slurp', ''),
+	'YahooSeeker [Bot]'			=> array('YahooSeeker/', ''),
+);
+	
+$bot_ids = array();
+user_get_id_name($bot_ids, array_keys($bots), USER_IGNORE);
+foreach($bot_ids as $bot)
+{
+	user_delete('remove', $bot);
+}
+// Done
+add_bots($bots);
+echo 'done';
+
+
+/**
+* Add the search bots into the database
+* This code should be used in execute_last if the source database did not have bots
+* If you are converting bots this function should not be called
+* @todo We might want to look at sharing the bot list between the install code and this code for consistency
+*/
+function add_bots($bots)
+{
+	global $db, $config;
+
+	$sql = 'SELECT group_id FROM ' . GROUPS_TABLE . " WHERE group_name = 'BOTS'";
+	$result = $db->sql_query($sql);
+	$group_id = (int) $db->sql_fetchfield('group_id', false, $result);
+	$db->sql_freeresult($result);
+	$db->sql_query('TRUNCATE TABLE ' . BOTS_TABLE);
+
+	if (!$group_id)
+	{
+		add_default_groups();
+
+		$sql = 'SELECT group_id FROM ' . GROUPS_TABLE . " WHERE group_name = 'BOTS'";
+		$result = $db->sql_query($sql);
+		$group_id = (int) $db->sql_fetchfield('group_id', false, $result);
+		$db->sql_freeresult($result);
+
+	}
+
+
+
+
+	foreach ($bots as $bot_name => $bot_ary)
+	{
+		$user_row = array(
+			'user_type'				=> USER_IGNORE,
+			'group_id'				=> $group_id,
+			'username'				=> $bot_name,
+			'user_regdate'			=> time(),
+			'user_password'			=> '',
+			'user_colour'			=> '9E8DA7',
+			'user_email'			=> '',
+			'user_lang'				=> $config['default_lang'],
+			'user_style'			=> 1,
+			'user_timezone'			=> 0,
+			'user_allow_massemail'	=> 0,
+		);
+
+		$user_id = user_add($user_row);
+
+		if ($user_id)
+		{
+			$sql = 'INSERT INTO ' . BOTS_TABLE . ' ' . $db->sql_build_array('INSERT', array(
+				'bot_active'	=> 1,
+				'bot_name'		=> $bot_name,
+				'user_id'		=> $user_id,
+				'bot_agent'		=> $bot_ary[0],
+				'bot_ip'		=> $bot_ary[1])
+			);
+			$db->sql_query($sql);
+		}
+	}
+}
+
+?>

phpBB/develop/search_fill.php

@@ -1,4 +1,4 @@
-<?php 
+<?php
 
 //
 // Security message:
@@ -54,9 +54,9 @@ print "<html>\n<body>\n";
 //
 // Fetch a batch of posts_text entries
 //
-$sql = "SELECT COUNT(*) as total, MAX(post_id) as max_post_id 
+$sql = "SELECT COUNT(*) as total, MAX(post_id) as max_post_id
 	FROM ". POSTS_TABLE;
-if ( !($result = $db->sql_query($sql)) ) 
+if ( !($result = $db->sql_query($sql)) )
 {
 	$error = $db->sql_error();
 	die("Couldn't get maximum post ID :: " . $sql . " :: " . $error['message']);
@@ -77,10 +77,10 @@ for(;$postcounter <= $max_post_id; $postcounter += $batchsize)
 	$batchend = $postcounter + $batchsize;
 	$batchcount++;
 	
-	$sql = "SELECT * 
-		FROM " . POSTS_TABLE . " 
-		WHERE post_id 
-			BETWEEN $batchstart 
+	$sql = "SELECT *
+		FROM " . POSTS_TABLE . "
+		WHERE post_id
+			BETWEEN $batchstart
 				AND $batchend";
 	if( !($result = $db->sql_query($sql)) )
 	{
@@ -97,16 +97,16 @@ for(;$postcounter <= $max_post_id; $postcounter += $batchsize)
 	{
 
 	// $sql = "LOCK TABLES ".POST_TEXT_TABLE." WRITE";
-	// $result = $db->sql_query($sql); 
+	// $result = $db->sql_query($sql);
 		print "\n<p>\n<a href='{$_SERVER['PHP_SELF']}?batchstart=$batchstart'>Restart from posting $batchstart</a><br>\n";
 
 		// For every post in the batch:
 		for($post_nr = 0; $post_nr < $post_rows; $post_nr++ )
-		{ 
+		{
 			print ".";
 			flush();
 
-			$post_id = $rowset[$post_nr]['post_id']; 
+			$post_id = $rowset[$post_nr]['post_id'];
 
 			$search->index('post', $rowset[$post_nr]['post_id'], $rowset[$post_nr]['post_text'], $rowset[$post_nr]['post_subject'], $rowset[$post_nr]['poster_id']);
 		}

phpBB/develop/unicode_testing.php

@@ -0,0 +1,120 @@
+<?php
+//
+// This file provides some useful functions for debugging the unicode/UTF-8 library
+// It requires utf_tools.php to be loaded
+//
+die("Please read the first lines of this script for instructions on how to enable it");
+
+if (!headers_sent())
+{
+	header('Content-type: text/html; charset=UTF-8');
+}
+
+/**
+ * Converts unicode escape sequences (\u0123) into UTF-8 characters
+ *
+ * @param	string	A unicode sequence
+ * @return	string	UTF-8 representation of the given unicode sequence
+ */
+function unicode_to_utf8($string)
+{
+	$utf8 = '';
+	$chars = array();
+	for ($i = 0; $i < strlen($string); $i++)
+	{
+		if (isset($string[$i + 5]) && substr($string, $i, 2) == '\\u' && ctype_xdigit(substr($string, $i + 2, 4)))
+		{
+			$utf8 .= utf8_from_unicode(array(base_convert(substr($string, $i + 2, 4), 16, 10)));
+			$i += 5;
+		}
+		else
+		{
+			$utf8 .= $string[$i];
+		}
+	}
+	return $utf8;
+}
+
+/**
+ * Takes an array of ints representing the Unicode characters and returns
+ * a UTF-8 string.
+ *
+ * @param array $array array of unicode code points representing a string
+ * @return string UTF-8 character string
+ */
+function utf8_from_unicode($array)
+{
+	$str = '';
+	foreach ($array as $value)
+	{
+		$str .= utf8_chr($value);
+	}
+	return $str;
+}
+
+/**
+* Converts a UTF-8 string to unicode code points
+*
+* @param	string	$text		UTF-8 string
+* @return	string				Unicode code points
+*/
+function utf8_to_unicode($text)
+{
+	return preg_replace_callback(
+		'#[\\xC2-\\xF4][\\x80-\\xBF]?[\\x80-\\xBF]?[\\x80-\\xBF]#',
+		'utf8_to_unicode_callback',
+		preg_replace_callback(
+			'#[\\x00-\\x7f]#',
+			'utf8_to_unicode_callback',
+			$text
+		)
+	);
+}
+
+/**
+* Takes a UTF-8 char and replaces it with its unicode escape sequence. Attention, $m is an array
+*
+* @param	array	$m			0-based numerically indexed array passed by preg_replace_callback()
+* @return	string				A unicode escape sequence
+*/
+function utf8_to_unicode_callback($m)
+{
+	return '\u' . str_pad(base_convert(utf8_ord($m[0]), 10, 16), 4, '0', STR_PAD_LEFT) . '';
+}
+
+/**
+* A wrapper function for the normalizer which takes care of including the class if required and modifies the passed strings
+* to be in NFKC
+*
+* @param	mixed	$strings	a string or an array of strings to normalize
+* @return	mixed				the normalized content, preserving array keys if array given.
+*/
+function utf8_normalize_nfkc($strings)
+{
+	if (empty($strings))
+	{
+		return $strings;
+	}
+
+	if (!class_exists('utf_normalizer'))
+	{
+		global $phpbb_root_path, $phpEx;
+		include($phpbb_root_path . 'includes/utf/utf_normalizer.' . $phpEx);
+	}
+
+	if (!is_array($strings))
+	{
+		utf_normalizer::nfkc($strings);
+	}
+	else if (is_array($strings))
+	{
+		foreach ($strings as $key => $string)
+		{
+			utf_normalizer::nfkc($strings[$key]);
+		}
+	}
+
+	return $strings;
+}
+
+?>

phpBB/develop/utf_normalizer_test.php

@@ -1,10 +1,10 @@
 <?php
-/** 
+/**
 *
 * @package phpBB3
 * @version $Id$
-* @copyright (c) 2005 phpBB Group 
-* @license http://opensource.org/licenses/gpl-license.php GNU Public License 
+* @copyright (c) 2005 phpBB Group
+* @license http://opensource.org/licenses/gpl-license.php GNU Public License
 *
 */
 
@@ -132,7 +132,8 @@ while (!feof($fp))
 
 			foreach ($tests as $test)
 			{
-				$utf_result = call_user_func(array('utf_normalizer', $form), $utf_expected);
+				$utf_result = $utf_expected;
+				call_user_func(array('utf_normalizer', $form), $utf_result);
 
 				if (strcmp($utf_expected, $utf_result))
 				{
@@ -196,7 +197,8 @@ while (!feof($fp))
 
 	foreach (array('nfc', 'nfkc', 'nfd', 'nfkd') as $form)
 	{
-		$utf_result = utf_normalizer::$form($utf_expected);
+		$utf_result = $utf_expected;
+		utf_normalizer::$form($utf_result);
 		$hex_result = utf_to_hexseq($utf_result);
 //		echo "$form($utf_expected) == $utf_result\n";
 

phpBB/docs/AUTHORS

@@ -1,4 +1,4 @@
-/** 
+/**
 *
 * phpBB3 <20> Copyright 2000, 2002, 2005, 2007 phpBB Group
 * http://www.phpbb.com

phpBB/docs/CHANGELOG.html

@@ -1,164 +1,43 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
-    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en" xml:lang="en">
 <head>
-<title>phpBB 3.0.x Changelog</title>
-<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
-<meta http-equiv="Content-Style-Type" content="text/css" />
+
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<meta http-equiv="content-style-type" content="text/css" />
+<meta http-equiv="content-language" content="en" />
+<meta http-equiv="imagetoolbar" content="no" />
 <meta name="resource-type" content="document" />
-<meta name="description" lang="en" content="phpBB 3.0.x Changelog" />
-<meta name="keywords" lang="en" content="" />
-<meta name="author" content="phpBB Group" />
-<meta name="copyright" content="phpBB Group" />
-<meta name="MSSmartTagsPreventParsing" content="true" />
+<meta name="distribution" content="global" />
+<meta name="copyright" content="2007 phpBB Group" />
+<meta name="keywords" content="" />
+<meta name="description" content="phpBB 3.0.x Changelog" />
+<title>phpBB3 &bull; Changelog</title>
 
-<style type="text/css">
-<!--
-
-/* The original "subSilver" theme for phpBB2 Created by subBlue design :: http://www.subBlue.com */
-body {
-	background-color: white;
-	font-family: Verdana, Arial, Helvetica, sans-serif;
-	margin: 0;
-	border: 0;
-	padding: 0;
-}
-
-img {
-	border: 0;
-}
-
-p {
-	font-size: 8pt;
-}
-
-hr {
-	height: 0;
-	border: solid #D1D7DC 0;
-	border-top-width: 1px;
-}
-
-#title, h1 {
-	font: bold 18pt 'Trebuchet MS', Verdana, sans-serif;
-	text-decoration: none;
-	line-height: 120%;
-}
-
-h2 {
-	font: bold 12pt Arial, Helvetica, sans-serif;
-	text-decoration: none;
-	line-height: 120%;
-}
-
-h3 {
-	font: bold 10pt Arial, Helvetica, sans-serif;
-	text-decoration: none;
-	line-height: 120%;
-}
-
-.paragraph {
-	margin-left: 20px;
-}
-
-/* Structure */
-#logo {
-	background: #fff url(header_bg.jpg) repeat-x top right;
-	height: 60px;
-}
-
-#title {
-	color: #12749b;
-	float: right;
-	margin: 10px 10px 0;
-}
-
-#main {
-	margin-left: 25px;
-	margin-right: 25px;
-}
-
-.good {
-	color: green;
-}
-
-.bad {
-	color: red;
-}
-
-#footer {
-	margin-left: 75px;
-	font-size: 70%;
-	color: #006600;
-}
-
-code {
-	color: #006600;
-	font-weight: normal;
-	font-family: 'Courier New', monospace;
-	border-color: #D1D7DC;
-	border-width: 1px;
-	border-style: solid;
-	background-color: #FAFAFA;
-}
-
-.indent p {
-	padding-left: 20px;
-	font-size: 90%;
-}
-
-/* Anchors */
-a {
-	font-size: 70%;
-}
-
-a:link, a:active, a:visited {
-	color:	#006699;
-	text-decoration: none;
-}
-
-a:hover {
-	color: #DD6900;
-	text-decoration: underline;
-}
-
-a.nav {
-	color: #006699;
-	text-decoration: none;
-}
-
-a.nav:hover {
-	text-decoration: underline;
-}
-
-p a {
-	font-size: 100%;
-}
-
-.menu {
-	font-size: 80%;
-}
-
-.menu li a {
-	font-size: 100%;
-}
-
-.comment {
-	color: green;
-}
-
-//-->
-</style>
+<link href="stylesheet.css" rel="stylesheet" type="text/css" media="screen, projection" />
 
 </head>
 
-<body>
+<body id="phpbb" class="section-docs">
 
-<div id="logo">
-	<div id="title">phpBB 3.0.x Changelog</div>
-	<img src="header_left.jpg" alt="phpBB Logo" />
-</div>
+<div id="wrap">
+	<a id="top" name="top" accesskey="t"></a>
+	<div id="page-header">
+		<div class="headerbar">
+			<div class="inner"><span class="corners-top"><span></span></span>
 
-<a name="top"></a><div id="main">
+			<div id="doc-description">
+				<a href="../index.php" id="logo"><img src="site_logo.gif" alt="" /></a>
+				<h1>phpBB 3.0.x Changelog</h1>
+				<p style="display: none;"><a href="#start_here">Skip</a></p>
+			</div>
+
+			<span class="corners-bottom"><span></span></span></div>
+		</div>
+	</div>
+
+	<a name="start_here"></a>
+
+	<div id="page-body">
 
 <!-- BEGIN DOCUMENT -->
 
@@ -166,9 +45,20 @@ p a {
 
 <h1>Changelog</h1>
 
-<ol class="menu">
+	<div class="paragraph menu">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
+
+<ol>
 	<li><a href="#changelog">Changelog</a>
-	<ol type="i">
+	<ol style="list-style-type: lower-roman;">
+		<li><a href="#v30rc8">Changes since RC-8</a></li>
+		<li><a href="#v30rc7">Changes since RC-7</a></li>
+		<li><a href="#v30rc6">Changes since RC-6</a></li>
+		<li><a href="#v30rc5">Changes since RC-5</a></li>
+		<li><a href="#v30rc4">Changes since RC-4</a></li>
+		<li><a href="#v30rc3">Changes since RC-3</a></li>
 		<li><a href="#v30rc2">Changes since RC-2</a></li>
 		<li><a href="#v30rc1">Changes since RC-1</a></li>
 	</ol>
@@ -176,15 +66,300 @@ p a {
 	<li><a href="#disclaimer">Copyright and disclaimer</a></li>
 </ol>
 
-<hr />
+		</div>
 
-<a name="changelog"></a><h1>1. Changelog</h1>
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
+
+	<hr />
+
+	<a name="changelog"></a><h2>1. Changelog</h2>
 
-	<a name="v30rc2"></a><b>1.i. Changes since 3.0.RC2</b>
-	<br /><br />
 	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
 
-	<ul class="menu">
+		<div class="content">
+
+	<a name="v30rc8"></a><h3>1.i. Changes since 3.0.RC8</h3>
+
+	<ul>
+		<li>[Fix] Cleaned usernames contain only single spaces, so &quot;a_name&quot; and &quot;a__name&quot; are treated as the same name (Bug #15634)</li>
+		<li>[Fix] Check &quot;able to disable word censor&quot; option while applying word censor on text (Bug #15974)</li>
+		<li>[Fix] Rollback changes on failed transaction if returning on sql error is set</li>
+		<li>[Fix] Call garbage_collection() within database updater to correctly close connections (affects Oracle for example)</li>
+	</ul>
+
+	<a name="v30rc7"></a><h3>1.ii. Changes since 3.0.RC7</h3>
+
+	<ul>
+		<li>[Fix] Fixed MSSQL related bug in the update system</li>
+		<li>[Fix] Display &quot;Return to&quot; links on unwritable forums (Bug #14824)</li>
+		<li>[Fix] Mitigating different realpath() handling between PHP versions (fixing confirm box redirects)</li>
+		<li>[Fix] Fix signature editing - ability to remove signature (Bug #14820)</li>
+		<li>[Fix] Send correct activation key by forcing reactivation for inactive user (Bug #14819)</li>
+		<li>[Fix] Adding correct IP for private messages sent by issuing warnings (Bug #14781)</li>
+		<li>[Fix] Open private message notification (Bug #14773)</li>
+		<li>[Fix] Fixing false new private message indicator (Bug #14627)</li>
+		<li>[Fix] Let newly activated passwords work if users were converted (Bug #14787)</li>
+		<li>[Fix] Quote bbcode fixes. Letting parse quote=&quot;[&quot; and re-allowing whitelisted bbcodes within username portion (Bug #14770)</li>
+		<li>[Fix] Allow alternative text for styled buttons if images turned off, but CSS staying on</li>
+		<li>[Sec] Fix bbcode helpline display for custom bbcodes - this requires style changes for any custom style (Bug #14850)</li>
+		<li>[Fix] Correctly count announcements when filtering forums by date (Bug #14877)</li>
+		<li>[Fix] Allow charset names containing underscores or spaces</li>
+		<li>[Fix] Don't allow previous/next links for non-existing topics (Bug #15039)</li>
+		<li>[Change] Do not assign converted votes to the first option in a vote.</li>
+		<li>[Fix] Use correct RFC 2822 date format in emails (Bug #15042)</li>
+		<li>[Fix] Require founder status for some actions on founder-only groups (Bug #15119)</li>
+		<li>[Fix] Allow changing the &quot;now&quot; option of date CPFs (Bug #15111)</li>
+		<li>[Change] Some improvements to the caching of avatars</li>
+		<li>[Change] Set template recompilation to be disabled by default. All mod and style authors and all those who want to modify their styles should enabled it after installation.</li>
+		<li>[Change] Disable debug mode. All mod and style authors should enable DEBUG and DEBUG_EXTRA.</li>
+		<li>[Fix] Check error reporting level for all error level. This fixes a problem for hosts having manipulated the error handler. (Bug #14831)</li>
+		<li>[Feature] Constant PHPBB_DB_NEW_LINK introduced which can be used to force phpBB to create a new database connection instead of reusing an existing one if the dbms supports it (Bug #14927)</li>
+		<li>[Fix] Automatic URL parsing no longer allows dots in the schema but can parse URLs starting after a dot (Bug #15110)</li>
+		<li>[Fix] Dynamic width for birthday select boxes (Bug #15149)</li>
+		<li>[Fix] Recache Moderators when copying permissions. (Bug #15384)</li>
+		<li>[Fix] Propagate sort options in mcp_forums (Bug #15464)</li>
+		<li>[Change] Do not allow [size=0] bbcodes (font-size of 0)</li>
+		<li>[Fix] No duplication of active topics (Bug #15474)</li>
+	</ul>
+
+	<a name="v30rc6"></a><h3>1.iii. Changes since 3.0.RC6</h3>
+
+	<ul>
+		<li>[Fix] Submitting language changes using acp_language (Bug #14736)</li>
+		<li>[Fix] Fixed wrong bbcode handling for forum rules, forum descriptions and group descriptions</li>
+		<li>[Fix] Fixed faulty form tokens (Bug #14725, #14762 and #14755)</li>
+		<li>[Fix] Fixed bbcode uid generation in the phpBB2 converter (Bug #14722)</li>
+		<li>[Fix] Able to request new password (Bug #14743)</li>
+	</ul>
+
+	<a name="v30rc5"></a><h3>1.iv. Changes since 3.0.RC5</h3>
+
+	<ul>
+		<li>[Feature] Removing constant PHPBB_EMBEDDED in favor of using an exit_handler(); the constant was meant to achive this more or less.</li>
+		<li>[Feature] Constant PHPBB_ADMIN_PATH introduced, having the same purpose as PHPBB_ROOT_PATH, but for the ACP.</li>
+		<li>[Fix] Further fixing user profile view (please do not forget to update/refresh your template and style) (Bug #14230)</li>
+		<li>[Fix] Adjust google adsense bot information (Bug #14296)</li>
+		<li>[Fix] Fix horizontal scrollbar problem in IE6 (Bug #14228) - fix provided by Danny-dev</li>
+		<li>[Fix] Use correct size values in ACP user signature screen (Bug #13367)</li>
+		<li>[Fix] Attachment Place inline won't work with single quotes (Bug #14291)</li>
+		<li>[Fix] Unable to save email templates through ACP language page (Bug #14266)</li>
+		<li>[Fix] Correctly set user style for guest user (able to be changed within user management)</li>
+		<li>[Change] Moved note about dns_get_record function for using GTalk (Jabber) from Jabber log to Jabber ACP panel</li>
+		<li>[Fix] Do not use register_shutdown_function within cron.php if handling the queue and the mail function being used (Bug #14321)</li>
+		<li>[Fix] Fixing private message on-hold code if moving messages into folder based on rules (Bug #14309)</li>
+		<li>[Fix] Allow the merge selection screen to work (Bug #14363)</li>
+		<li>[Change] Require additional permissions for copying permission when editing forums </li>
+		<li>[Fix] Local magic URLs no longer get an additional trailing slash (Bug #14362)</li>
+		<li>[Fix] Do not let the cron script stale for one hour if register_shutdown_function is not able to be called (Bug #14436)</li>
+		<li>[Feature] Added /includes/db/db_tools.php file, which includes tools for handling cross-db actions such as altering columns, etc.</li>
+		<li>[Change] Reset the start parameter when the timeframe is changed in the mcp topic page (Ticket #14438)</li>
+		<li>[Change] Added Code for cleaning the confirm table to the session garbage collection</li>
+		<li>[Fix] Fixed token handling in jabber class for extremely spec-compliant XMPP server (Bug #14445)</li>
+		<li>[Fix] Disallowed galleries from using special characters (Bug #14466)</li>
+		<li>[Change] Listing the board url within the email text instead of appending it to the subject (Bug #14378)</li>
+		<li>[Fix] Always display the quote button as the most accessible one (this means edit is before quote in prosilver due to the way we lay out profiles)</li>
+		<li>[Fix] Use correct dimension (width x height) in ACP (Bug #14452)</li>
+		<li>[Fix] Only display PM history links if there are PM's to be displayed (Bug #14484)</li>
+		<li>[Feature] Added completely new hook system to allow better application/mod integration - see docs/hook_system.html</li>
+		<li>[Fix] Correctly delete excess poll options (Bug #14566)</li>
+		<li>[Fix] Allow names evaluating to false for poll options</li>
+		<li>[Change] use in-build functions for user online list (Bug #14596) - provided by rxu</li>
+		<li>[Fix] Fixing google cache display problems with Firefox (Bug #14472) - patch provided by Raimon</li>
+		<li>[Fix] Prevent topic unlocking if locked by someone else while posting (Bug #10307)</li>
+		<li>[Change] Allow years in future be selected for date custom profile field (Bug #14519)</li>
+		<li>[Fix] Don't display &quot;Avatars Disabled&quot; message on edit groups in UCP (Bug #14636)</li>
+		<li>[Change] Require confirm for deleting inactive users. (Bug #14641)</li>
+		<li>[Fix] Match custom BBCodes in the same way during first and second pass - patch provided by IBBoard (Bug #14268)</li>
+		<li>[Fix] Correct quote parsing if opening bracket before opening quote (Bug #14667)</li>
+		<li>[Fix] Clean post message for checking length to prevent posting empty messages</li>
+		<li>[Fix] Display jumpbox if needed for functionality (Bug #14702)</li>
+		<li>[Feature] Added an option to enforce that users spend a configurable amount of time on the terms page during registration</li>
+		<li>[Fix] Fixed copy permissions box in the ACP</li>
+		<li>[Fix] Enforce types for the user table during conversions</li>
+		<li>[Sec] Fixing possible XSS through compromised WHOIS server (#i63, #i64)</li>
+		<li>[Sec] Missing access control on whois in viewonline.php (#i51)</li>
+		<li>[Sec] Encoding some variables within user::page array correctly (to cope with browser not doing it correctly) to prevent XSS through functions re-using them (#i61)</li>
+		<li>[Sec] Fixed XSS through memberlist search feature (#i62)</li>
+		<li>[Sec] Fixed XSS through colour swatch (#i65)</li>
+		<li>[Sec] Fixed insecure attachment deletion (#i53)</li>
+		<li>[Sec] Only allow whitelisted protocols in meta_redirect/redirect (#i66)</li>
+		<li>[Sec] Check file names to be written in language management panel (#i52)</li>
+		<li>[Sec] Deregister globals if ini_get has been disabled (#i112)</li>
+		<li>[Sec] Added form tokens to most forms to enforce a lighter variant of CSRF protection (#i91 - #i96)</li>
+		<li>[Sec] Use new password hash method for forum passwords (#i43)</li>
+		<li>[Sec] Changed download file location to prevent flash crossdomain policies taking effect (#i8)</li>
+		<li>[Sec] Do not allow autocompletion for password on admin re-authentication (#i41)</li>
+		<li>[Sec] Made sure users are not completely locked out if they have a GLOBALS cookie (#i101)</li>
+		<li>[Sec] Use the secure hash to generate BBCODE_UIDs (#i71)</li>
+		<li>[Sec] Increase the length of BBCODE_UIDs (#i72)</li>
+		<li>[Sec] New password hashing mechanism for storing passwords (#i42)</li>
+	</ul>
+
+	<a name="v30rc4"></a><h3>1.v. Changes since 3.0.RC4</h3>
+
+	<ul>
+		<li>[Fix] MySQL, PostgreSQL and SQLite related database fixes (Bug #13862)</li>
+		<li>[Fix] Allow MS SQL to properly connect when using the mssql driver and PHP is less than either 4.4.1 or 5.1 (Bug #13874)</li>
+		<li>[Fix] Ignore files containing HTML special chars in the filenames as gallery avatars (Bug #13906)</li>
+		<li>[Fix] Multiple PM recipients not separated (Bug #13876)</li>
+		<li>[Change] Split the select list for the smilie order to clarify which are feasible and which are not (Bug #13911)</li>
+		<li>[Fix] Convert empty homepage fields (Bug #13917)</li>
+		<li>[Fix] Use board default DST setting on creating new profiles (Bug #11563)</li>
+		<li>[Feature] New constant PHPBB_EMBEDDED can be used to let phpBB not call exit; if wrapped/embedded (We may re-check this constant on other code locations later too)</li>
+		<li>[Feature] append_sid() having a check for the function append_sid_phpbb_hook(). This function is called in favour of append_sid() with the exact same parameters if present.</li>
+		<li>[Fix] Only list enabled modes within the dropdown at user administration (Bug #13883) - patch provided by damnian</li>
+		<li>[Fix] Properly display ban reason if selecting banned entries within the ACP (Bug #13896)</li>
+		<li>[Fix] Properly parse SQL expressions for Oracle (Bug #13916)</li>
+		<li>[Fix] Added label bindings to the custom profile fields in the ACP (Bug #13936) - patch provided by damnian</li>
+		<li>[Change] Made group avatar/rank changes more intuitive</li>
+		<li>[Fix] Give more feedback in icon/smilie management (Bug #13295)</li>
+		<li>[Fix] Correctly set user::lang_id (Bug #14010)</li>
+		<li>[Fix] Properly display the smiley export screen (Bug #13968)</li>
+		<li>[Feature] Add "DECIMAL:", "PDECIMAL", and "PDECIMAL:" to the schema creation code (Bug #13999) - patch provided by poyntesm</li>
+		<li>[Fix] Don't show the notify checkbox in the approval queue if the only posts are written by ANONYMOUS (Bug #13973)</li>
+		<li>[Fix] Redirect to bots management page on edit/add (Bug #14073)</li>
+		<li>[Fix] Display locked icon in viewforum/prosilver if forum locked (Bug #14009)</li>
+		<li>[Feature] Display message history in compose PM screen</li>
+		<li>[Change] Do not force login on visiting topic/forum from notification emails (Bug #13818)</li>
+		<li>[Fix] Fixed cron_lock value for cron execution. This bug led to users having problems with the email queue and other cron related issues.</li>
+		<li>[Fix] Prevent white pages on php notices with gzip compression enabled (Bug #14096)</li>
+		<li>[Fix] Propagate the cleaned identifier for CFPs (Bug #14072)</li>
+		<li>[Fix] Do not display NO_TOPICS message if viewing non-postable category (Bug #13489)</li>
+		<li>[Fix] Let the theme immediately expire if changed from ACP for at least 30 minutes after change</li>
+		<li>[Fix] Do not append hilit= in search if highlighting term is empty (Bug #13910)</li>
+		<li>[Fix] Return to last page after voting in viewtopic instead of first page in topic (Bug #13976)</li>
+		<li>[Fix] If sending PM's to groups only include activated member (Bug #14040)</li>
+		<li>[Fix] Correctly wrap words in emails containing utf8 characters (Bug #14109)</li>
+		<li>[Change] For new posts or editing the first post topic titles have a maxlength of 60 characters. For any subsequent posts the length is extended to 64 to make room for the Re: part, but cutting at 60 characters. The maxlength need to be 64, else users using opera are unable to post (opera does not allow pre-filling a field with more characters than specified within the maxlength attribute)</li>
+		<li>[Fix] Disable gzip compression for cached stylesheet for Internet Explorer 6 or empty browser (IE6 is not able to properly display the compressed stylesheet) (Bug #14054)</li>
+		<li>[Fix] Header icons fixed in FF for RTL languages (Bug #14084)</li>
+		<li>[Change] Words in topic titles and post subjects are highlighted on the search results page and viewtopic too now (Bug #13383)</li>
+		<li>[Fix] Made sure strip_bbcode cannot get the idea that a smiley is a BBCode (Bug #14030)</li>
+		<li>[Change] Added a filter for user objects to LDAP configuration and improved explanations (Bug #12627)</li>
+		<li>[Fix] Display searchable subforums of invisible parents in advanced search forum selection (Bug #11395)</li>
+		<li>[Fix] Allow line breaks in custom BBCodes (Bug #10758)</li>
+		<li>[Fix] Ordered BBcode parsing functions in the same way everywhere where they are used</li>
+		<li>[Fix] Prevent {URL} token in custom BBCodes from make_clickable messing (Bug #14151)</li>
+		<li>[Sec] Added alternative tokens to custom BBCodes which are safe for CSS/Javascript and changed TEXT token to entitise opening and closing parantheses.</li>
+		<li>[Fix] Convert 2.0 moderator posting permissions (Bug #14105)</li>
+		<li>[Fix] Correctly apply PM box limit of 0 to custom folder (Bug #14154)</li>
+		<li>[Fix] odbc_autocommit causing existing result sets to be dropped (Bug #14182)</li>
+	</ul>
+
+	<a name="v30rc3"></a><h3>1.vi. Changes since 3.0.RC3</h3>
+
+	<ul>
+		<li>[Fix] Fixing some subsilver2 and prosilver style issues</li>
+		<li>[Fix] Parse error in MCP ban (Bug #13109)</li>
+		<li>[Fix] Correctly hide online status in the profile (Bug #13059)</li>
+		<li>[Feature] Let the user choose how to update modified files (merging, using new file or using old file) within automatic updater</li>
+		<li>[Fix] An extra \ in an Oracle SQL regex was corrected (Bug #13151)</li>
+		<li>[Fix] Added a missing global to get_file() (Bug #13149)</li>
+		<li>[Fix] Hide autologin box when autologin is disabled (Bug #13093)</li>
+		<li>[Fix] Account for the forum id not being part of the request uri in prosilver (Bug #13121)</li>
+		<li>[Fix] Properly alter PostgreSQL tables</li>
+		<li>[Fix] Properly cache template files that were stored in the database (Bug #12675)</li>
+		<li>[Fix] Do not count the deletion of an unapproved topic as a decrease in normally viewable posts (Bug #13167)</li>
+		<li>[Fix] Allow column_exists() to return true if the column exists but no data is in the table</li>
+		<li>[Fix] Allow setting the smiley order via the select. Also allow to add smileys at the top. (Bug #13199)</li>
+		<li>[Fix] Fix php notice on sending jabber messages (Bug #13201)</li>
+		<li>[Fix] Make the window showing file differences a little wider (Bug #13157)</li>
+		<li>[Fix] Preserve preview style on search form (Bug #13205)</li>
+		<li>[Fix] Place attachment filename in new line in posting editor (Bug #9726)</li>
+		<li>[Fix] Don't allow caching to occur in the update sequence (Bug #13207)</li>
+		<li>[Fix] Enforce the max password length for automatically generated password created by the password sender (Bug #13181)</li>
+		<li>[Fix] Handle phpinfo() when expose_php is false (Bug #12777)</li>
+		<li>[Fix] Allow managing of forum roles without global users (Bug #13249)</li>
+		<li>[Change] Do not run cron script if board is disabled</li>
+		<li>[Fix] Correctly destroy sql cache for some query combinations (Bug #13237)</li>
+		<li>[Fix] Allow link forums being password protected (Bug #12967)</li>
+		<li>[Fix] Allow wrapping topic/post icons in posting editor (Bug #12843)</li>
+		<li>[Fix] Display L_RANK only once in template if rank title and image defined (Bug #13231)</li>
+		<li>[Fix] Make sure selected transfer method exists before calling (Bug #13265)</li>
+		<li>[Fix] Correctly escape language keys in language editor (Bug #13279)</li>
+		<li>[Fix] Correctly hide post/reply buttons if permissions are not given (related to Bug #12809)</li>
+		<li>[Fix] Remove orphan/wrong permission entries for non-existent forums - self-repairing permissions if conversions went &quot;crazy&quot;</li>
+		<li>[Feature] Allow &quot;older&quot; updates applied with the automatic updater. This allows people using it for updating, say, from 3.0.0 to 3.0.1 (with the correct package of course) and then from 3.0.1 to 3.0.2 if the latest version at this time is 3.0.2. These changes take effect beginning with RC4 or people replacing install/install_update.php manually prior doing the updates.</li>
+		<li>[Fix] Present correct error message if user tries to edit already read private message (Bug #13271)</li>
+		<li>[Fix] Also display board disabled notice for admins/mods if board got disabled due to exceeding the load limit (Bug #13267)</li>
+		<li>[Fix] Correctly deliver avatar if readfile function has been disabled (Bug #13309)</li>
+		<li>[Fix] Display php information page with the correct direction (Bug #12557)</li>
+		<li>[Fix] Increased the number of style objects (styles, templates, themes and imagesets) possible from 127 to 65535 for MySQL (Bug #13179)</li>
+		<li>[Fix] Although theoretically impossible in our code, removed the chance of trying to open a file that does not exist (Bug #13327)</li>
+		<li>[Fix] Although theoretically impossible in our code, changed the handling of non-existent language files (Bug #13329, #13331)</li>
+		<li>[Fix] Removed extra ampersand from ACP link (Bug #13315)</li>
+		<li>[Fix] used cleaned up version of given field identification for pre-filling a new custom profile field (Bug #13319)</li>
+		<li>[Fix] Correctly convert 2.0 website profile fields. (Bug #13379)</li>
+		<li>[Fix] Fixed the "Alphanumeric" and "Alphanumeric and spacers" username selection limitations (Bug #13391)</li>
+		<li>[Fix] Make sure filelist() is only returning array types (Bug #13385)</li>
+		<li>[Fix] Correctly mark forums read if using cookie based topic tracking (Bug #13245)</li>
+		<li>[Change] Put custom profile fields into top box and signature into separate box in members profile view (Bug #13357)</li>
+		<li>[Fix] Only show moderator log entries for forums the user is having moderation rights in (Bug #12481)</li>
+		<li>[Feature] Show resulting permission alone in trace window (Bug #10952) - thanks to dark/rain for the proposal</li>
+		<li>[Fix] Fixed bug in realpath replacement letting it actually work again</li>
+		<li>[Change] Try to be a bit more specific regarding global/local permission trace (Bug #11032)</li>
+		<li>[Fix] Fixed some strangeness in password validation due to mb_ereg()</li>
+		<li>[Fix] Subforums of a forum would overwrite the latest post information even if they did not contain the latest post (Bug #11931)</li>
+		<li>[Fix] Use global username display function on several places (Bug #11080, #11098) - patch by HoL</li>
+		<li>[Fix] Several viewonline fixes and feature changes. Also displaying the users browser in viewonline list to let the admin easier spot additional search bots, connected to a_user permission (Bug #11088) - patch and suggestions provided by HoL</li>
+		<li>[Change] u_viewprofile permission also affecting viewonline list now</li>
+		<li>[Fix] Do not display return to search link in prosilver if search is not allowed (Bug #11393)</li>
+		<li>[Fix] Use global url validation for img bbcode tag (Bug #11935)</li>
+		<li>[Fix] Added proper unicode support to style names (Bug #12165)</li>
+		<li>[Fix] Search result extract should not end in the middle of a multibyte character (Bug #11863)</li>
+		<li>[Fix] Missing localisation for an imageset no longer triggers a lot of &quot;imageset refreshed&quot; log messages (Bug #12027)</li>
+		<li>[Fix] Explain that themes which need parsing cannot be stored on the filesystem (Bug #11134)</li>
+		<li>[Fix] Normalize usernames</li>
+		<li>[Change] Improved utf8_clean_string with a more complete list of homographs and NFKC normalization</li>
+		<li>[Fix] Fixed error messages that ACP Database can give (Bug #13463)</li>
+		<li>[Fix] Fixed potential issues with databases that use tables names is uppercase</li>
+		<li>[Fix] Handle forum links/redirects within viewforum if no read permission given (to display login box or error message) (Bug #13467)</li>
+		<li>[Fix] Prevent changing postable forum having subforums to link forum without moving subforums out first</li>
+		<li>[Fix] Do not display version in admin template (Bug #13495)</li>
+		<li>[Fix] Allow manual specification of remote avatar dimensions if getimagesize is disabled (Bug #13531)</li>
+		<li>[Fix] Make viewonline use the session page's added forum parameter (Bug #13597)</li>
+		<li>[Fix] Correcting BBCode FAQ (Bug #11180)</li>
+		<li>[Fix] Make to/bcc line in view private message display consistent with other username displays in prosilver (Bug #11989)</li>
+		<li>[Fix] Send out activation email if admin activation is enabled and user activated through inactive users panel upon registration (Bug #12065)</li>
+		<li>[Change] Re-implemented All Yes/No/Never links in permission panels for easier changing all categories at once</li>
+		<li>[Change] Advanced permission link now &quot;marked&quot; if no role is assigned and custom permissions set. With this an admin can instantly see if the object is not set at all or having custom permissions, something you only saw if advanced permissions were viewed before.</li>
+		<li>[Fix] Change misleading custom BBCodes explanation, regarding tokens and useable template variables (Bug #12403, #5660)</li>
+		<li>[Feature] Ability to disable birthdays completely with new board features setting</li>
+		<li>[Fix] Fix disallowed username check (Bug #13511)</li>
+		<li>[Fix] Allow for unicode usernames to be pruned (Bug #13643)</li>
+		<li>[Fix] Do not copy forum permissions from self (Bug #13663)</li>
+		<li>[Fix] Allow for polls to work during preview (Bug #13657) - thanks to Thatbitextra</li>
+		<li>[Fix] Finer error conditions for sending IM messages (Bugs #13681, #13683)</li>
+		<li>[Fix] Add a confirmation for log deletion in the MCP (Bug #13693)</li>
+		<li>[Fix] Do not erase ranks and avatars when changing default groups (Bugs #13701, #13697)</li>
+		<li>[Fix] Limit author searches to firstpost, if selected (Bug #13579)</li>
+		<li>[Fix] Properly resync user post counts for users that have no posts (Bug #13581)</li>
+		<li>[Fix] Do not require space after , in smiley pak files (Bug #13647)</li>
+		<li>[Fix] Properly display the subscribe link in topic and forum display for Oracle (Bug #13583)</li>
+		<li>[Change] Add version number to ACP index (Bug #13703)</li>
+		<li>[Fix] Several fixes for custom profile fields on multi-lingual boards (Bugs #13763, #13527, #13525, #11515)</li>
+		<li>[Fix] Return to the mode previously selected after disaproving a post (Bug #13796)</li>
+		<li>[Fix] Cron now uses a locking variable to make sure it does not spawn too many webserver processes (Bug #12741)</li>
+		<li>[Fix] Cached stylesheet now supporting gzip compression</li>
+		<li>[Fix] Added link to inbox for deleted PMs (Bug #13813)</li>
+		<li>[Fix] Re-syncing the board stats also refreshes the newest user (Bug #13831)</li>
+		<li>[Feature] Ability to externally set $phpbb_root_path if wrapping phpBB3 by defining constant PHPBB_ROOT_PATH</li>
+		<li>[Fix] Implemented correct left/right floating within ACP in regard to RTL languages (Bug #13777)</li>
+		<li>[Fix] Fixing session problems when using MySQL strict mode in conjunction with very long browser agent string (Bug #13827)</li>
+		<li>[Fix] Disallow post/pm subjects entirely made up from non-printable chars and whitespaces (Bug #13800)</li>
+		<li>[Fix] Allow moving private messages from the sentbox (Bug #13791)</li>
+		<li>[Fix] Properly export localized imagesets</li>
+		<li>[Feature] Show the size of Firebird databases</li>
+		<li>[Fix] Show error when moving topic into a category via quickmod (Bug #11611)</li>
+		<li>[Fix] Allow Oracle to install on a database without specify the database name</li>
+
+	</ul>
+
+	<a name="v30rc2"></a><h3>1.vii. Changes since 3.0.RC2</h3>
+
+	<ul>
 		<li>[Fix] Re-allow searching within the memberlist</li>
 		<li>[Fix] Force prune related values to integers during conversions</li>
 		<li>[Fix] Updater now detects successfully merged files having conflicts and user chose to merge with modifications (Bug #12685)</li>
@@ -192,7 +367,7 @@ p a {
 		<li>[Fix] Correct approval of posts in global announcements (Bug #12699)</li>
 		<li>[Sec] Do not allow setup spiders/robots to post, even if permissions are given. We see no reason why this should be possible. (Thanks to Frank Rizzo for convincing us regarding this)</li>
 		<li>[Sec] Do not display the last active column within the memberlist if u_viewonline permission is not given (Bug #12797)</li>
-		<li>[Fix] Display custom profile field &quotdate&quot; based on users language (Bug #12787)</li>
+		<li>[Fix] Display custom profile field &quot;date&quot; based on users language (Bug #12787)</li>
 		<li>[Fix] Allow adding of help language files within subdirectories (Bug #12783)</li>
 		<li>[Fix] Correctly apply smileys on posting having # within their emotion code</li>
 		<li>[Fix] Correctly convert smileys having double quotes within their emotion code (Bug #12731)</li>
@@ -228,17 +403,9 @@ p a {
 
 	</ul>
 
-	</div>
-	<a href="#top">Top</a>
-	<br /><br />
+	<a name="v30rc1"></a><h3>1.viii. Changes since 3.0.RC1</h3>
 
-	<hr />
-
-	<a name="v30rc1"></a><b>1.ii. Changes since 3.0.RC1</b>
-	<br /><br />
-	<div class="paragraph">
-
-	<ul class="menu">
+	<ul>
 		<li>[Fix] (X)HTML issues within the templates (Bug #11255, #11255)</li>
 		<li>[Fix] Tiny language and grammar changes</li>
 		<li>[Fix] Several style related fixes, mainly fixing cross-browser issues</li>
@@ -355,28 +522,41 @@ p a {
 
 	</ul>
 
+		</div>
+
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
+
+		<span class="corners-bottom"><span></span></span></div>
 	</div>
-	<a href="#top">Top</a>
-	<br /><br />
 
 	<hr />
 
-<a name="disclaimer"></a><h1>2. Copyright and disclaimer</h1>
+<a name="disclaimer"></a><h2>2. Copyright and disclaimer</h2>
 
 	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
 
-	<p>This application is opensource software released under the <a href="http://www.gnu.org/licenses/gpl.html">GPL</a>. Please see source code and the docs directory for more details. This package and its contents are Copyright (c) 2007 <a href="http://www.phpbb.com/">phpBB Group</a>, All Rights Reserved.</p>
+		<div class="content">
 
-</div>
-<a href="#top">Top</a>
+	<p>This application is opensource software released under the <a href="http://opensource.org/licenses/gpl-license.php">GPL</a>. Please see source code and the docs directory for more details. This package and its contents are Copyright (c) 2000, 2002, 2005, 2007 <a href="http://www.phpbb.com/">phpBB Group</a>, All Rights Reserved.</p>
+
+		</div>
+
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
+
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
 
 <!-- END DOCUMENT -->
 
+	<div id="page-footer">
+		<div class="version">Note that a full list of fixed bugs can be found at the bug tracker (<a href="README.html#bugs">see section on bug reporting</a>)</div>
+	</div>
+</div></div>
+
+<div>
+	<a id="bottom" name="bottom" accesskey="z"></a>
 </div>
 
-<br /><br />
-
-<div id="footer">Note that a full list of fixed bugs can be found at the bug tracker (<a href="README.html#bugs">see section on bug reporting</a>)<br /><br /></div>
-
 </body>
-</html>
+</html>

phpBB/docs/FAQ.html

@@ -1,173 +1,58 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
-    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en" xml:lang="en">
 <head>
-<title>phpBB 3.0.x FAQ</title>
-<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
-<meta http-equiv="Content-Style-Type" content="text/css" />
+
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<meta http-equiv="content-style-type" content="text/css" />
+<meta http-equiv="content-language" content="en" />
+<meta http-equiv="imagetoolbar" content="no" />
 <meta name="resource-type" content="document" />
-<meta name="description" lang="en" content="phpBB 3.0.x frequently asked questions" />
-<meta name="keywords" lang="en" content="" />
-<meta name="author" content="phpBB Group" />
-<meta name="copyright" content="phpBB Group" />
-<meta name="MSSmartTagsPreventParsing" content="true" />
+<meta name="distribution" content="global" />
+<meta name="copyright" content="2007 phpBB Group" />
+<meta name="keywords" content="" />
+<meta name="description" content="phpBB 3.0.x frequently asked questions" />
+<title>phpBB3 &bull; FAQ</title>
 
-<style type="text/css">
-<!--
-
-/* The original "subSilver" theme for phpBB2 Created by subBlue design :: http://www.subBlue.com */
-body {
-	background-color: white;
-	font-family: Verdana, Arial, Helvetica, sans-serif;
-	margin: 0;
-	border: 0;
-	padding: 0;
-}
-
-img {
-	border: 0;
-}
-
-p {
-	font-size: 8pt;
-}
-
-hr { 
-	height: 0; 
-	border: solid #D1D7DC 0;
-	border-top-width: 1px;
-}
-
-#title, h1 {
-	font: bold 18pt 'Trebuchet MS', Verdana, sans-serif;
-	text-decoration: none;
-	line-height: 120%;
-}
-
-h2 {
-	font: bold 12pt Arial, Helvetica, sans-serif;
-	text-decoration: none;
-	line-height: 120%;
-}
-
-h3 {
-	font: bold 10pt Arial, Helvetica, sans-serif;
-	text-decoration: none;
-	line-height: 120%;
-}
-
-.paragraph {
-	margin-left: 20px;
-}
-
-/* Structure */
-#logo {
-	background: #fff url(header_bg.jpg) repeat-x top right;
-	height: 60px;
-}
-
-#title {
-	color: #12749b;
-	float: right;
-	margin: 10px 10px 0;
-}
-
-#main {
-	margin-left: 25px;
-	margin-right: 25px;
-}
-
-.good {
-	color: green;
-}
-
-.bad {
-	color: red;
-}
-
-#footer {
-	margin-left: 75px;
-	font-size: 70%;
-	color: #006600;
-}
-
-code {
-	color: #006600; 
-	font-weight: normal;
-	font-family: 'Courier New', monospace;
-	border-color: #D1D7DC;
-	border-width: 1px;
-	border-style: solid;
-	background-color: #FAFAFA;
-}
-
-.indent p {
-	padding-left: 20px;
-	font-size: 90%;
-}
-
-/* Anchors */
-a {
-	font-size: 70%;
-}
-
-a:link, a:active, a:visited {
-	color:	#006699;
-	text-decoration: none;
-}
-
-a:hover {
-	color: #DD6900;
-	text-decoration: underline;
-}
-
-a.nav {
-	color: #006699;
-	text-decoration: none;
-}
-
-a.nav:hover {
-	text-decoration: underline;
-}
-
-p a {
-	font-size: 100%;
-}
-
-.menu {
-	font-size: 80%;
-}
-
-.menu li a {
-	font-size: 100%;
-}
-
-.comment {
-	color: green;
-}
-
-//-->
-</style>
+<link href="stylesheet.css" rel="stylesheet" type="text/css" media="screen, projection" />
 
 </head>
 
-<body>
+<body id="phpbb" class="section-docs">
 
-<div id="logo">
-	<div id="title">phpBB 3.0.x FAQ</div>
-	<img src="header_left.jpg" alt="phpBB Logo" />
-</div>
+<div id="wrap">
+	<a id="top" name="top" accesskey="t"></a>
+	<div id="page-header">
+		<div class="headerbar">
+			<div class="inner"><span class="corners-top"><span></span></span>
 
-<a name="top"></a><div id="main">
+			<div id="doc-description">
+				<a href="../index.php" id="logo"><img src="site_logo.gif" alt="" /></a>
+				<h1>phpBB 3.0.x FAQ</h1>
+				<p>phpBB 3.0.x frequently asked questions</p>
+				<p style="display: none;"><a href="#start_here">Skip</a></p>
+			</div>
+
+			<span class="corners-bottom"><span></span></span></div>
+		</div>
+	</div>
+
+	<a name="start_here"></a>
+
+	<div id="page-body">
 
 <!-- BEGIN DOCUMENT -->
 
-<p>This is a very basic Frequently Asked Questions (FAQ) page which attempts to answer some of the more commonly asked questions. It is by no means exhaustive and should be used in combination with the 'built-in' User FAQ within phpBB3, the community forums and our IRC channel (see <a href="README.html">README</a> for details).</p>
+	<p>This is a very basic Frequently Asked Questions (FAQ) page which attempts to answer some of the more commonly asked questions. It is by no means exhaustive and should be used in combination with the 'built-in' User FAQ within phpBB3, the community forums and our IRC channel (see <a href="README.html">README</a> for details).</p>
 
-<h1>FAQ</h1>
+	<h1>FAQ</h1>
+
+	<div class="paragraph menu">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
 
 <!-- add entry about common UTF8 problems (for example wrong uploading, editing) -->
-<ul class="menu">
+<ul>
 	<li><a href="#install">I cannot install this it is too difficult! Will you do it?</a></li>
 	<li><a href="#legal">I am having problems with the admin at a certain board, help!</a></li>
 	<li><a href="#legal">A board has ripped off my graphics/software/etc., stop them!</a></li>
@@ -186,11 +71,19 @@ p a {
 	<li><a href="#disclaimer">Copyright and disclaimer</a></li>
 </ul>
 
-<hr />
+		</div>
 
-<a name="install"></a><h3>I cannot install this it is too difficult! Will you do it?</h3>
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
 
-<div class="paragraph">
+	<hr />
+
+	<a name="install"></a><h2>I cannot install this it is too difficult! Will you do it?</h2>
+
+	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
 
 <p>Simple answer, no we will not. We are not being difficult when we say this we are actually trying to help you. phpBB has a reputation for being easy to install, that reputation is we believe well deserved. It is a simple process of unarchiving a single file, uploading the resulting directory/files to their intended location and entering some data in a web based form. The sequence of events, what to type where, etc. is covered in detail in the accompanying <a href="INSTALL.html">INSTALL.html</a> documentation. If you cannot install phpBB3 the chances are you will be unable to administer or update it.</p>
 
@@ -198,75 +91,104 @@ p a {
 
 <p>We think a better solution is for you to carefully read the enclosed documentation, read through our knowledge base at <a href="http://www.phpbb.com/">www.phpbb.com</a> and if necessary ask for help on any thing you get stuck on. However, the decision is yours but please note we may not offer support if we believe you have had the board installed by a third party. In such cases you should direct your questions to that company or person/s.</p>
 
-</div>
-<a href="#top">Top</a>
-<br /><br />
+		</div>
 
-<hr />
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-<a name="legal"></a>
-<h3>I am having problems with the admin at a certain board, help!</h3>
-<h3>A board has ripped off my graphics/software/etc., stop them!</h3>
-<h3>A board is dealing in warez/porn/etc., you need to prevent them doing this!</h3>
-<h3>I want to sue you because i think you host an illegal board!</h3>
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
 
-<div class="paragraph">
+	<hr />
+
+<a name="legal"></a><h2>I am having problems with the admin at a certain board, help!<br />
+A board has ripped off my graphics/software/etc., stop them!<br />
+A board is dealing in warez/porn/etc., you need to prevent them doing this!<br />
+I want to sue you because i think you host an illegal board!</h2>
+
+	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
 
 <p>We provide the software, we have absolutely nothing to do with any board that runs it (beyond phpbb.com of course!) and we also do not host any site. The GPL grants the user an unlimited right of use subject to their adherence of that licence. Therefore we cannot prevent, dictate, control or otherwise limit the use of phpBB software. So please do not contact us for such matters.</p>
 
 <p>If you have a problem with a given board please take it up with them, not us. We are not and cannot be held legally responsible for any third party use of this software (much like Microsoft et al cannot be held responsible for the use of Windows in illegal activities, etc.). Additionally we do <strong>not</strong> track the use of phpBB software in any way. So please do not ask us for details on a &quot;given&quot; board we will not be able to help you. If any law firms or lawyers out there send us writs, cease and desist orders, etc. for third party website use of this software we reserve the right to charge for time wasted dealing with such issues...</p>
 
-</div>
-<a href="#top">Top</a>
-<br /><br />
+		</div>
 
-<hr />
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-<a name="viewonline"></a><h3>According to viewonline a user is doing/reading something they should not be able to!</h3>
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
 
-<div class="paragraph">
+	<hr />
+
+<a name="viewonline"></a><h2>According to viewonline a user is doing/reading something they should not be able to!</h2>
+
+	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
 
 <p>No, they probably are not. phpBB uses sessions to keep track of users as they move between pages. The session information tells us who this user is. Therefore in order to determine what a user can do on a page we first need the session details. Once this data is available we can check whether the user is permitted to do whatever it is they are trying to do. This can result in it appearing as if a user is reading a topic in a forum they should not be able to access. Or perhaps viewing private messages when they are only guests, etc. In practice the user is not doing these things, they are viewing a &quot;You are not permitted to do this&quot; type message. The session data has simply been updated before we were able to determine what the user could or could not do.</p>
 
 <p>Of course this only applies where permissions have been set correctly!</p>
 
-</div>
-<a href="#top">Top</a>
-<br /><br />
+		</div>
 
-<hr />
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-<a name="mail"></a><h3>I keep getting Mail sending errors when I (or my users) post/send PM's/etc.!</h3>
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
 
-<div class="paragraph">
+	<hr />
+
+<a name="mail"></a><h2>I keep getting Mail sending errors when I (or my users) post/send PM's/etc.!</h2>
+
+	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
 
 <p>This error will occur if phpBB cannot send mail. phpBB can send email two ways; using the PHP <code>mail()</code> function or directly via SMTP. Some hosting providers limit the <code>mail()</code> function to prevent its use in spamming, others may rename it or limit its functionality. If the <code>mail()</code> function got renamed, you are able to enter the correct name within the administration control panel. In either case you may need to make use of SMTP. This requires that you have access to such a facility, e.g. your hosting provider may provide one (perhaps requiring specific written authorisation), etc. Please see <a href="http://www.phpbb.com/">www.phpbb.com</a> for additional help on this matter.</p>
 
 <p>If you do require SMTP services please do not ask (on our forums or elsewhere) for someone to provide you with one. Open relays are now things of the past thanks to the unthinking spammers out there. Therefore you are unlikely to find someone willing to offer you (free) services.</p>
 
-</div>
-<a href="#top">Top</a>
-<br /><br />
+		</div>
 
-<hr />
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-<a name="mail_language"></a><h3>My users are complaining that emails are not in their selected language!</h3>
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
 
-<div class="paragraph">
+	<hr />
+
+<a name="mail_language"></a><h2>My users are complaining that emails are not in their selected language!</h2>
+
+	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
 
 <p>You must have deleted a language pack or the language pack is incomplete. phpBB will try to send emails in the users selected language. If it cannot find a suitable email template it will switch to the boards default language.</p>
 
 <!-- additional entry about encoded emails -->
 
-</div>
-<a href="#top">Top</a>
-<br /><br />
+		</div>
 
-<hr />
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-<a name="aol_browser"></a><h3>My AOL based users keep getting logged out!</h3>
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
 
-<div class="paragraph">
+	<hr />
+
+<a name="aol_browser"></a><h2>My AOL based users keep getting logged out!</h2>
+
+	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
 
 <p>phpBB uses sessions to keep track of users as they browse the board. These sessions use a combination of a unique session id, the users IP and if specified the users browser and/or the users x-forwarded-for header to identify each user. We make use of all of this as an extra safe-guard to help prevent sessions being hijacked (by discovering the unique session id).</p>
 
@@ -274,106 +196,157 @@ p a {
 
 <p>If you are experiencing problems related to this you can set the Session IP validation parameter found in <code>Admin-&gt;General-&gt;Server Configuration-&gt;Security Settings</code> to <samp>A.B</samp>. Please note that reducing the IP validation length does potentially increase the risk of sessions being hijacked (this is something for you to consider, phpBB Group takes no responsibility should anything happen!). We suggest to at least additionally enable the browser validation.</p>
 
-</div>
-<a href="#top">Top</a>
-<br /><br />
+		</div>
 
-<hr />
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-<a name="avatars"></a><h3>No matter what I set the uploadable avatars to I cannot upload one from my computer!</h3>
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
 
-<div class="paragraph">
+	<hr />
+
+<a name="avatars"></a><h2>No matter what I set the uploadable avatars to I cannot upload one from my computer!</h2>
+
+	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
 
 <p>There are two possibilities here, the first is you have not created the directory you specified as the storage location for avatars, ie. as specified in the <code>Admin -&gt; General -&gt; Board Configuration -&gt; Avatar settings</code> section. If the directory does not exist uploadeable avatars are automatically disabled. You should create the required directory (ensuring it has global write access or other appropriate permissions to allow the webserver to write files to it).</p>
 
 <p>The second possibility is that your provider has disabled file_upload support. You should contact your provider and ask them if this is the case. There is not a lot you can do, there are still three other avatar settings left to choose from including uploading via an URL which will work fine.</p>
 
-</div>
-<a href="#top">Top</a>
-<br /><br />
+		</div>
 
-<hr />
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-<a name="gallery_avatars"></a><h3>I just cannot get gallery avatars to appear!</h3>
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
 
-<div class="paragraph">
+	<hr />
 
-<p>phpBB categorises gallery avatars and it does this by reading through folders contained in the location you specified as being the gallery path. For example, if you set the gallery path to <samp>images/avatars/gallery</samp> phpBB will expect to find a series of folders within that path, eg. <samp>images/avatars/gallery/moviestars</samp>, <samp>images/avatars/gallery/cartoons</samp>, <samp>images/avatars/gallery/misc</samp>, etc. Placing images directly in <samp>images/avatars/gallery/</samp> will result in nothing being listed in your gallery.</p>
+<a name="gallery_avatars"></a><h2>I just cannot get gallery avatars to appear!</h2>
 
-</div>
-<a href="#top">Top</a>
-<br /><br />
+	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
 
-<hr />
+		<div class="content">
 
-<a name="permissions"></a><h3>How do I use/set permissions?</h3>
+<p>phpBB categorises gallery avatars and it does this by reading through folders contained in the location you specified as being the gallery path. For example, if you set the gallery path to <samp>images/avatars/gallery</samp> phpBB will expect to find a series of folders within that path, e.g. <samp>images/avatars/gallery/moviestars</samp>, <samp>images/avatars/gallery/cartoons</samp>, <samp>images/avatars/gallery/misc</samp>, etc. Placing images directly in <samp>images/avatars/gallery/</samp> will result in nothing being listed in your gallery.</p>
 
-<div class="paragraph">
+		</div>
 
-<p>Please read our documentation about <a href="#">permissions</a>.</p>
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-</div>
-<a href="#top">Top</a>
-<br /><br />
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
 
-<hr />
+	<hr />
 
-<a name="login_issues"></a><h3>I (or my users) cannot stay logged in to the forum!</h3>
+<a name="permissions"></a><h2>How do I use/set permissions?</h2>
 
-<div class="paragraph">
+	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
+
+<p>Please read the paragraph about permissions in our extensive <a href="http://www.phpbb.com/support/documentation/3.0/">online documentation</a>.</p>
+
+		</div>
+
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
+
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
+
+	<hr />
+
+<a name="login_issues"></a><h2>I (or my users) cannot stay logged in to the forum!</h2>
+
+	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
 
 <p>If you (or your users) are, after attempting a login, being returned to the index (or other page) without appearing to be logged in the most likely problem is incorrect cookie settings. phpBB uses cookies to store a session id and a small amount of user data. For this data to be stored correctly the cookie domain, name, path and secure settings must be correct. You can check this in <code>Admin-&gt;General-&gt;Server Configuration-&gt;Cookie Settings</code>. Typically the cookie domain can be left blank and the cookie path set to <samp>/</samp> (a single forward slash). Do <strong>not</strong> set the cookie as being secure unless your board is running over a secure sockets layer connection, ie. https://</p>
 
-<p>If you still have problems try setting the cookie domain to your full domain name, eg. <samp>www.mysystem.tld</samp>, <samp>www.something.mydomain.tld</samp>. You <strong>must</strong> ensure the domain name contains at least two dots or browsers will be unlikely to recognise the cookie, eg. <samp>.mydomain.com</samp>, <samp>mydomain.com</samp>. Do <strong>not</strong> add http:// or anything else to the domain name!</p>
+<p>If you still have problems try setting the cookie domain to your full domain name, e.g. <samp>www.mysystem.tld</samp>, <samp>www.something.mydomain.tld</samp>. You <strong>must</strong> ensure the domain name contains at least two dots or browsers will be unlikely to recognise the cookie, e.g. <samp>.mydomain.com</samp>, <samp>mydomain.com</samp>. Do <strong>not</strong> add http:// or anything else to the domain name!</p>
 
-</div>
-<a href="#top">Top</a>
-<br /><br />
+		</div>
 
-<hr />
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-<a name="logout_issues"></a><h3>My users are complaining about being logged out too quickly!</h3>
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
 
-<div class="paragraph">
+	<hr />
+
+<a name="logout_issues"></a><h2>My users are complaining about being logged out too quickly!</h2>
+
+	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
 
 <p>You can increase the default length of sessions (ie. how long before a users session is considered 'dead') in <code>Admin-&gt;General-&gt;Server Configuration-&gt;Load Settings</code>. Set it to whatever value your users feel comfortable with, remember that security issues may affect your decision (ie. having too long a session may allow non-users to abuse your board should a user forget to logout or otherwise leave a current session on a public workstation).</p>
 
-</div>
-<a href="#top">Top</a>
-<br /><br />
+		</div>
 
-<hr />
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-<a name="not_answered"></a><h3>My question isn't answered here!</h3>
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
 
-<div class="paragraph">
+	<hr />
 
-<p>Please read our <a href="#">extensive user documentation</a> first, it may just explain what you want to know.</p>
+<a name="not_answered"></a><h2>My question isn't answered here!</h2>
+
+	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
+
+<p>Please read our <a href="http://www.phpbb.com/support/documentation/3.0/">extensive user documentation</a> first, it may just explain what you want to know.</p>
 
 <p>Feel free to search our community forum for the information you require. <strong>PLEASE DO NOT</strong> post your question without having first used search, chances are someone has already asked and answered your question. You can find our board here:</p>
 
 <p><a href="http://www.phpbb.com">www.phpbb.com</a></p>
 
-</div>
-<a href="#top">Top</a>
-<br /><br />
+		</div>
 
-<hr />
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-<a name="disclaimer"></a><h3>Copyright and disclaimer</h3>
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
 
-<div class="paragraph">
+	<hr />
 
-	<p>This application is opensource software released under the <a href="http://www.gnu.org/licenses/gpl.html">GPL</a>. Please see source code and the docs directory for more details. This package and its contents are Copyright (c) 2007 <a href="http://www.phpbb.com/">phpBB Group</a>, All Rights Reserved.</p>
+<a name="disclaimer"></a><h2>Copyright and disclaimer</h2>
 
-</div>
-<a href="#top">Top</a>
+	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
+
+	<p>This application is opensource software released under the <a href="http://opensource.org/licenses/gpl-license.php">GPL</a>. Please see source code and the docs directory for more details. This package and its contents are Copyright (c) 2000, 2002, 2005, 2007 <a href="http://www.phpbb.com/">phpBB Group</a>, All Rights Reserved.</p>
+
+		</div>
+
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
+
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
 
 <!-- END DOCUMENT -->
 
-</div>
+	<div id="page-footer">
+		<div class="version">&nbsp;</div>
+	</div>
+</div></div>
 
-<div id="footer">&nbsp; <br /><br /></div>
+<div>
+	<a id="bottom" name="bottom" accesskey="z"></a>
+</div>
 
 </body>
 </html>

phpBB/docs/INSTALL.html

@@ -1,164 +1,44 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
-    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en" xml:lang="en">
 <head>
-<title>phpBB 3.0.x Install</title>
-<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
-<meta http-equiv="Content-Style-Type" content="text/css" />
+
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<meta http-equiv="content-style-type" content="text/css" />
+<meta http-equiv="content-language" content="en" />
+<meta http-equiv="imagetoolbar" content="no" />
 <meta name="resource-type" content="document" />
-<meta name="description" lang="en" content="phpBB 3.0.x Installation, updating and conversion informations" />
-<meta name="keywords" lang="en" content="" />
-<meta name="author" content="phpBB Group" />
-<meta name="copyright" content="phpBB Group" />
-<meta name="MSSmartTagsPreventParsing" content="true" />
+<meta name="distribution" content="global" />
+<meta name="copyright" content="2007 phpBB Group" />
+<meta name="keywords" content="" />
+<meta name="description" content="phpBB 3.0.x Installation, updating and conversion informations" />
+<title>phpBB3 &bull; Install</title>
 
-<style type="text/css">
-<!--
-
-/* The original "subSilver" theme for phpBB2 Created by subBlue design :: http://www.subBlue.com */
-body {
-	background-color: white;
-	font-family: Verdana, Arial, Helvetica, sans-serif;
-	margin: 0;
-	border: 0;
-	padding: 0;
-}
-
-img {
-	border: 0;
-}
-
-p {
-	font-size: 8pt;
-}
-
-hr {
-	height: 0;
-	border: solid #D1D7DC 0;
-	border-top-width: 1px;
-}
-
-#title, h1 {
-	font: bold 18pt 'Trebuchet MS', Verdana, sans-serif;
-	text-decoration: none;
-	line-height: 120%;
-}
-
-h2 {
-	font: bold 12pt Arial, Helvetica, sans-serif;
-	text-decoration: none;
-	line-height: 120%;
-}
-
-h3 {
-	font: bold 10pt Arial, Helvetica, sans-serif;
-	text-decoration: none;
-	line-height: 120%;
-}
-
-.paragraph {
-	margin-left: 20px;
-}
-
-/* Structure */
-#logo {
-	background: #fff url(header_bg.jpg) repeat-x top right;
-	height: 60px;
-}
-
-#title {
-	color: #12749b;
-	float: right;
-	margin: 10px 10px 0;
-}
-
-#main {
-	margin-left: 25px;
-	margin-right: 25px;
-}
-
-.good {
-	color: green;
-}
-
-.bad {
-	color: red;
-}
-
-#footer {
-	margin-left: 75px;
-	font-size: 70%;
-	color: #006600;
-}
-
-code {
-	color: #006600;
-	font-weight: normal;
-	font-family: 'Courier New', monospace;
-	border-color: #D1D7DC;
-	border-width: 1px;
-	border-style: solid;
-	background-color: #FAFAFA;
-}
-
-.indent p {
-	padding-left: 20px;
-	font-size: 90%;
-}
-
-/* Anchors */
-a {
-	font-size: 70%;
-}
-
-a:link, a:active, a:visited {
-	color:	#006699;
-	text-decoration: none;
-}
-
-a:hover {
-	color: #DD6900;
-	text-decoration: underline;
-}
-
-a.nav {
-	color: #006699;
-	text-decoration: none;
-}
-
-a.nav:hover {
-	text-decoration: underline;
-}
-
-p a {
-	font-size: 100%;
-}
-
-.menu {
-	font-size: 80%;
-}
-
-.menu li a {
-	font-size: 100%;
-}
-
-.comment {
-	color: green;
-}
-
-//-->
-</style>
+<link href="stylesheet.css" rel="stylesheet" type="text/css" media="screen, projection" />
 
 </head>
 
-<body>
+<body id="phpbb" class="section-docs">
 
-<div id="logo">
-	<div id="title">phpBB 3.0.x Install</div>
-	<img src="header_left.jpg" alt="phpBB Logo" />
-</div>
+<div id="wrap">
+	<a id="top" name="top" accesskey="t"></a>
+	<div id="page-header">
+		<div class="headerbar">
+			<div class="inner"><span class="corners-top"><span></span></span>
 
-<a name="top"></a><div id="main">
+			<div id="doc-description">
+				<a href="../index.php" id="logo"><img src="site_logo.gif" alt="" /></a>
+				<h1>phpBB 3.0.x Install</h1>
+				<p>phpBB 3.0.x Installation, updating and conversion informations</p>
+				<p style="display: none;"><a href="#start_here">Skip</a></p>
+			</div>
+
+			<span class="corners-bottom"><span></span></span></div>
+		</div>
+	</div>
+
+	<a name="start_here"></a>
+
+	<div id="page-body">
 
 <!-- BEGIN DOCUMENT -->
 
@@ -170,12 +50,17 @@ p a {
 
 <h1>Install</h1>
 
-<ol class="menu">
+	<div class="paragraph menu">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
+
+<ol>
 	<li><a href="#quickinstall">Quick install</a></li>
 	<li><a href="#require">Requirements</a></li>
 	<li><a href="#install">New installation</a></li>
 	<li><a href="#update">Updating from stable releases of phpBB 3.0.x</a>
-	<ol type="i">
+	<ol style="list-style-type: lower-roman;">
 		<li><a href="#update_full">Full package</a></li>
 		<li><a href="#update_files">Changed files only</a></li>
 		<li><a href="#update_patch">Patch file</a></li>
@@ -184,7 +69,7 @@ p a {
 	</ol>
 	</li>
 	<li><a href="#convert">Conversion from phpBB 2.0.x to phpBB 3.0.x</a>
-	<ol type="i">
+	<ol style="list-style-type: lower-roman;">
 		<li><a href="#prereq">Requirements before converting</a></li>
 		<li><a href="#conversion">Converting</a></li>
 		<li><a href="#postreq">Things to do after conversion</a></li>
@@ -192,21 +77,30 @@ p a {
 	</ol>
 	</li>
 	<li><a href="#postinstall">Important (security related) post-Install tasks for all installation methods</a>
-	<ol type="i">
+	<ol style="list-style-type: lower-roman;">
 		<li><a href="#avatars">Uploadable avatars</a></li>
 	</ol>
 	</li>
 	<li><a href="#disclaimer">Disclaimer</a></li>
 </ol>
 
-<hr />
+		</div>
 
-<a name="quickinstall"></a><h1>1. Quick install</h1>
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
+
+	<hr />
+
+	<a name="quickinstall"></a><h2>1. Quick install</h2>
+
+	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
 
-<div class="paragraph">
 	<p>If you have basic knowledge of using FTP and are sure your hosting service or server will run phpBB3 you can use these steps to quickly get started. For a more detailed explanation you should skip this and go to <a href="#require">section 2</a> below.</p>
 
-	<ol class="menu">
+	<ol>
 		<li>Decompress the phpBB3 archive to a local directory on your system.</li>
 		<li>Upload all the files contained in this archive (retaining the directory structure) to a web accessible directory on your server or hosting account.</li>
 		<li>Change the permissions on config.php to be writable by all (666 or -rw-rw-rw- within your FTP Client)</li>
@@ -219,18 +113,26 @@ p a {
 	</ol>
 
 	<p>If you experienced problems or do not know how to proceed with any of the steps above please read the rest of this document.</p>
-</div>
-<a href="#top">Top</a>
-<br /><br />
 
-<hr />
+		</div>
 
-<a name="require"></a><h1>2. Requirements</h1>
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
+
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
+
+	<hr />
+
+	<a name="require"></a><h2>2. Requirements</h2>
+
+	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
 
-<div class="paragraph">
 	<p>phpBB3 has a few requirements which must be met before you are able to install and use it.</p>
 
-	<ul class="menu">
+	<ul>
 		<li>A webserver or web hosting account running on any major Operating System with support for PHP</li>
 		<li>A SQL database system, <strong>one of</strong>:
 		<ul>
@@ -242,7 +144,8 @@ p a {
 			<li>Oracle</li>
 		</ul>
 		</li>
-		<li><strong>PHP 4.3.3</strong> or above with support for the database you intend to use.</li>
+		<li><strong>PHP 4.3.3+ (>=4.3.3, >4.4.x, >5.x.x, >6.0-dev (compatible))</strong> with support for the database you intend to use.</li>
+		<li>getimagesize() function need to be enabled.</li>
 		<li>These optional presence of the following modules within PHP will provide access to additional features, but they are not required.
 		<ul>
 			<li>zlib Compression support</li>
@@ -255,15 +158,22 @@ p a {
 	</ul>
 
 	<p>If your server or hosting account does not meet the requirements above we are afraid phpBB3 is not for you.</p>
-</div>
-<a href="#top">Top</a>
-<br /><br />
 
-<hr />
+		</div>
 
-<a name="install"></a><h1>3. New installation</h1>
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-<div class="paragraph">
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
+
+	<hr />
+
+	<a name="install"></a><h2>3. New installation</h2>
+
+	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
 
 	<p>Installation of phpBB3 will vary according to your server and database. If you have <em>shell access</em> to your account (via telnet or ssh for example) you may want to upload the entire phpBB3 archive (in binary mode!) to a directory on your host and unarchive it there.</p>
 
@@ -275,19 +185,19 @@ p a {
 
 	<p>Once all the files have been uploaded to your site you should point your browser at this location with the addition of <code>install/</code>. For example if your domain name is <em>www.mydomain.tld</em> and you placed phpBB3 in a directory /phpBB3 off your web root you would enter <em>http://www.mydomain.tld/phpBB3/install/</em> or (alternatively) <em>http://www.mydomain.tld/phpBB3/install/index.php</em> into your browser. When you have done this you should see the phpBB3 Installation screen appear.</p>
 
-	<h3>Introduction:</h3>
+	<h4>Introduction:</h4>
 
 	<p>The installation screen gives you a short introduction into phpBB. It allows you to read the license phpBB3 is released under (General Public License) and provides information about how you can receive support. To start the installation, use the <em>Install</em> button.</p>
 
-	<h3>Requirements</h3>
+	<h4>Requirements</h4>
 
 	<p>The first page you will see after starting the installation is the Requirements list. phpBB3 checks automatically whether everything that it needs to run properly is installed on your server. You need to have at least the minimum PHP version installed, and at least one database available to continue the installation. Also important, is that all shown folders are available and do have the correct permissions. Please see the description of each section to find out whether they are optional or required for phpBB3 to run. If everything is in order, you can continue the installation with <em>Start Install</em>.</p>
 
-	<h3>Database settings</h3>
+	<h4>Database settings</h4>
 
 	<p>You now have to decide which database to use. See the <a href="#require">Requirements section</a> for information on which databases are supported. If you do not know your database settings, please contact your host and ask for them. You will not be able to continue without them. You need:</p>
 
-	<ul class="menu">
+	<ul>
 		<li>The Database Type - the database you will be using.</li>
 		<li>The Database server hostname or DSN - the address of the database server.</li>
 		<li>The Database server port - the port of the database server (most of the time this is not needed).</li>
@@ -309,17 +219,17 @@ p a {
 
 	<p>If you see the Successful Connection message, you can continue to the next step.</p>
 
-	<h3>Administrator details</h3>
+	<h4>Administrator details</h4>
 
 	<p>Now you have to create your administration user. This user will have full administration access and he/she will be the first user on your forum. All fields on this page are required. You can also set the default language of your forum on this page. In a vanilla phpBB3 installation we only include English. You can download further languages from <a href="http://www.phpbb.com/">www.phpbb.com</a>, and add them before installing or later.</p>
 
-	<h3>Configuration file</h3>
+	<h4>Configuration file</h4>
 
 	<p>In this step, phpBB will try to write the configuration file automatically. The forum needs the configuration to run properly. It contains all database settings, so without it, phpBB will not be able to access the database.</p>
 
 	<p>Usually writing the configuration file automatically works fine. But in some cases it can fail due to wrong file permissions, for instance. In this case, you need to upload the file manually. phpBB asks you to download the config.php file and tells you what to do with it. Please read the instructions carefully. After you have uploaded the file, use <em>Done</em> to get to the last step. If <em>Done</em> returns you to the same page as before, and does not return a success message, you did not upload the file correctly.</p>
 
-	<h3>Advanced settings</h3>
+	<h4>Advanced settings</h4>
 
 	<p>The Advanced settings allow you to set some parameters of the board configuration. They are optional, and you can always change them later. So if you are not sure what these settings mean, proceed to the final step and finish the installation.</p>
 
@@ -329,117 +239,107 @@ p a {
 
 	<p>At this point if you are converting from phpBB 2.0.x, you should refer to the <a href="#convert">conversion steps</a> for further information. If not, you should remove the install directory from your server as you will only be able to access the Administration Control Panel whilst it is present.</p>
 
-</div>
-<a href="#top">Top</a>
-<br /><br />
+		</div>
 
-<hr />
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-<a name="update"></a><h1>4. Updating from stable releases of phpBB 3.0.x</h1>
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
+
+	<hr />
+
+	<a name="update"></a><h2>4. Updating from stable releases of phpBB 3.0.x</h2>
+
+	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
 
 <p>If you are currently using a stable release of phpBB3 updating to this version is straightforward. You would have downloaded one of four packages and your choice determines what you need to do. <strong>Please Note</strong>: That before updating we heavily recommend you do a <em>full backup of your database and existing phpBB3 files</em>! If you are unsure how to achieve this please ask your hosting provider for advice.</p>
 
 <p><strong>Please make sure you update your phpBB3 source files too, even if you run the <code>database_update.php</code> file.</strong></p>
 
-<a name="update_full"></a><b>4.i. Full package</b>
-<br /><br />
-<div class="paragraph">
+<a name="update_full"></a><h3>4.i. Full package</h3>
 
-	<p>The full package is normally meant for new installations, but if you want to replace all source files this package comes in handy.</p>
+	<p>The full package is normally meant for new installations only, but if you want to replace all source files this package comes in handy.</p>
 
 	<p>First you should make a copy of your existing <em>config.php</em> file, keep it in a safe place! Next delete all the existing phpBB3 files, you may want to leave your <code>files/</code> and <code>images/</code> directory in place. You can leave alternative styles in-place too. With this complete you can upload the new phpBB3 files (see <a href="#install">New installation</a> for details if necessary). Once complete copy back your saved <em>config.php</em>, replacing the new one. Another method is to just <strong>replace</strong> the existing files with the files from the full package - though make sure you do <strong>not</strong> overwrite your config.php file.</p>
 
 	<p>You should now run <code>install/database_update.php</code> which, depending on your previous version, will make a number of database changes. You may receive <em>FAILURES</em> during this procedure, they should not be a cause for concern unless you see an actual <em>ERROR</em>, in which case the script will stop (in this case you should seek help via our forums or bug tracker).</p>
 
 	<p>Once the install/database_update.php has completed you may proceed to the Administration Control Panel and check remove the install directory as advised.</p>
-</div>
-<a href="#top">Top</a>
-<br /><br />
 
-<a name="update_files"></a><b>4.ii. Changed files only</b>
-<br /><br />
-<div class="paragraph">
+<a name="update_files"></a><h3>4.ii. Changed files only</h3>
+
+	<p>This package is meant for those wanting to only replace changed files from a previous version to the latest version. This package normally contains the changed files from up to five previous versions.</p>
 
 	<p>This package contains a number of archives, each contains the files changed from a given release to the latest version. You should select the appropriate archive for your current version, e.g. if you currently have <samp>3.0.0</samp> you should select the phpBB-3.0.0_to_3.0.1.zip/tar.gz file.</p>
 
 	<p>The directory structure has been preserved enabling you (if you wish) to simply upload the contents of the archive to the appropriate location on your server, i.e. simply overwrite the existing files with the new versions. Do not forget that if you have installed any MODs these files will overwrite the originals possibly destroying them in the process. You will need to re-add MODs to any affected file before uploading.</p>
 
 	<p>As for the other update procedures you should run <b>install/database_update.php</b> after you have finished updating the files. This will update your database schema and increment the version number.</p>
-</div>
-<a href="#top">Top</a>
-<br /><br />
 
-<a name="update_patch"></a><b>4.iii. Patch file</b>
-<br /><br />
+<a name="update_patch"></a><h3>4.iii. Patch file</h3>
 
-<div class="paragraph">
+	<p>The patch file package is for those wanting to update through the patch application, and being compfortable with it.</p>
 
-	<p>The patch file is probably the best solution for those with many Modifications (MODs) or other changes who do not want to re-add them back to all the changed files. To use this you will need command line access to a standard UNIX type <strong>patch</strong> application. If you do not have access to such an application but still want to use this update approach we recommend the <a href="update_auto">Automatic update package</a> explained below.</p>
+	<p>The patch file is one solution for those with many Modifications (MODs) or other changes who do not want to re-add them back to all the changed files if they use the method explained above. To use this you will need command line access to a standard UNIX type <strong>patch</strong> application. If you do not have access to such an application but still want to use this update approach, we strongly recommend the <a href="update_auto">Automatic update package</a> explained below. It is also the preferred update method.</p>
 
 	<p>A number of patch files are provided to allow you to update from previous stable releases. Select the correct patch, e.g. if your current version is 3.0.0 you need the phpBB-3.0.0_to_3.0.1.patch file. Place the correct patch in the parent directory containing the phpBB3 core files (i.e. index.php, viewforum.php, etc.). With this done you should run the following command: <strong>patch -cl -d [PHPBB DIRECTORY] -p1 &lt; [PATCH NAME]</strong> (where PHPBB DIRECTORY is the directory name your phpBB Installation resides in, for example phpBB3, and where PATCH NAME is the relevant filename of the selected patch file). This should complete quickly, hopefully without any HUNK FAILED comments.</p>
 
 	<p>If you do get failures you should look at using the <a href="#update_files">Changed files only</a> package to replace the files which failed to patch, please note that you will need to manually re-add any Modifications (MODs) to these particular files. Alternatively if you know how you can examine the .rej files to determine what failed where and make manual adjustments to the relevant source.</p>
 
 	<p>You should of course delete the patch file (or files) after use. As for the other update procedures you should run <code>install/database_update.php</code> after you have finished updating the files. This will update your database schema and data (if appropriate) and increment the version number.</p>
-</div>
-<a href="#top">Top</a>
-<br /><br />
 
-<a name="update_auto"></a><b>4.iv. Automatic update package</b>
-<br /><br />
+<a name="update_auto"></a><h3>4.iv. Automatic update package</h3>
 
-<div class="paragraph">
+	<p>This update method is the preferred method for updating. This package allows detecting changed files automatically and merges changes if needed.</p>
 
 	<p>The automatic update package is holding - contrary to the others - only the update informations for updating the last released version to the latest available version. These package is meant for use with the automatic update tool.</p>
 
-	<p>To perform the update, either follow the instructions from the <code>Administration Control Panel -&gt; System</code> Tab - this should point out that you are running an outdated version and will guide you through the update - or following the instructions listed below.</p>
+	<p>To perform the update, either follow the instructions from the <code>Administration Control Panel-&gt;System</code> Tab - this should point out that you are running an outdated version and will guide you through the update - or follow the instructions listed below.</p>
 
-	<ul class="menu">
-		<li>Go to the <a href="http://www.phpbb.com/downloads/">downloads page</a> and download the latest update package listed there.</li>
+	<ul>
+		<li>Go to the <a href="http://www.phpbb.com/downloads/">downloads page</a> and download the latest update package listed there, matching your current version.</li>
 		<li>Upload the archives contents to your phpBB installation - only the install folder is required. Upload the whole install folder, retaining the file structure.</li>
 		<li>After the install folder is present, phpBB3 will go offline automatically.</li>
 		<li>Point your browser to the install directory, for example <samp>http://www.example.com/phpBB3/install/</samp></li>
 		<li>Choose the "Update" Tab and follow the instructions</li>
 	</ul>
 
-</div>
-<a href="#top">Top</a>
-<br /><br />
+	<p>&nbsp;</p>
 
-<a name="update_all"></a><b>4.v. All package types</b>
-<br /><br />
-
-<div class="paragraph">
+<a name="update_all"></a><h3>4.v. All package types</h3>
 
 	<p>If you have non-English language packs installed you may want to see if a new version has been made available. A number of missing strings may have been added which, though not essential, may be beneficial to users. Please note that at this time not all language packs have been updated so you should be prepared to periodically check for updates.</p>
 
-</div>
-<a href="#top">Top</a>
-<br /><br />
+		</div>
 
-<hr />
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-<a name="convert"></a><h1>5. Conversion from phpBB 2.0.x to phpBB 3.0.x</h1>
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
+
+	<hr />
+
+	<a name="convert"></a><h2>5. Conversion from phpBB 2.0.x to phpBB 3.0.x</h2>
+
+	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
 
 <p>This paragraph explains the steps necessary to convert your existing phpBB2 installation to phpBB3.</p>
 
-<a name="prereq"></a><b>5.i. Requirements before converting</b>
-<br /><br />
+<a name="prereq"></a><h3>5.i. Requirements before converting</h3>
 
-<div class="paragraph">
 	<p>Before converting we heavily recommend you do a <em>full backup of your database and files</em>! If you are unsure how to achieve this please ask your hosting provider for advice. You basically need to follow the basic instructions given for <a href="#install">New installations</a>. Please <strong>do not</strong> overwrite any old files - install phpBB3 at a different location.</p>
 
 	<p>Once you made a backup of everything and also have a brand new phpBB3 installation, you can now begin the conversion.</p>
 
 	<p>Note that the conversion requires CREATE and DROP privileges for the phpBB3's database user account.</p>
-</div>
-<a href="#top">Top</a>
-<br /><br />
 
-<a name="conversion"></a><b>5.ii. Converting</b>
-<br /><br />
-
-<div class="paragraph">
+<a name="conversion"></a><h3>5.ii. Converting</h3>
 
 	<p>To begin the conversion visit the install folder of your phpBB3 installation (the same as you have done for installing). Now you will see a new tab <em>Convert</em>. Click this tab.</p>
 
@@ -448,14 +348,8 @@ p a {
 	<p>Please note that this conversion process may take quite some time and depending on your hosting provider this may result in it failing (due to web server or other timeout issues). If this is the case you should ask your provider if they are willing to allow the convert script to temporarily exceed their limits (be nice and they will probably be quite helpful).</p>
 
 	<p>Once completed your board should be immediately available. If you encountered errors you should report the problems to our bug tracker or seek help via our forums (see <a href="README.html">README</a> for details).</p>
-</div>
-<a href="#top">Top</a>
-<br /><br />
 
-<a name="postreq"></a><b>5.iii. Things to do after conversion</b>
-<br /><br />
-
-<div class="paragraph">
+<a name="postreq"></a><h3>5.iii. Things to do after conversion</h3>
 
 	<p>After successful conversion there may be a few items you need to do - apart from checking if the installation is accessible and everything displayed correctly.</p>
 
@@ -467,14 +361,7 @@ p a {
 
 	<p>Once you are pleased with your new installation you may want to give it the name of your old installation, changing the directory name. With phpBB3 this is possible without any problems - but you may still want to check your cookie settings within the administration panel, if the cookie path need to be adjusted prior to renaming.</p>
 
-</div>
-<a href="#top">Top</a>
-<br /><br />
-
-<a name="convprob"></a><b>5.iv. Common conversion problems</b>
-<br /><br />
-
-<div class="paragraph">
+<a name="convprob"></a><h3>5.iv. Common conversion problems</h3>
 
 	<p><strong>Broken non-latin characters</strong> The conversion script assumes that the database encoding in the source phpBB2 matches the encoding defined in the <code>lang_main.php</code> file of the default language pack of the source installation. Edit that file to match the database's encoding and re-start the conversion procedure.</p>
 
@@ -488,28 +375,28 @@ p a {
 
 	<p><strong>Smilies</strong> During the conversion you might see warnings about image files where the copying failed. That can happen if the old board's smilies have the same file names as those on the new board. Copy those files manually after the conversion, if you want to continue using the old smilies.</p> 
 
-</div>
-<a href="#top">Top</a>
-<br /><br />
 
+		</div>
 
-<hr />
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-<a name="postinstall"></a><h1>6. Important (security related) post-Install tasks for all installation methods</h1>
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
 
-<div class="paragraph">
+	<hr />
 
-	<p>Once you have succssfully installed phpBB3 you <strong>MUST</strong> ensure you remove the entire install/ directory. Leaving the install directory in place is a <em>very serious potential security issue</em> which may lead to deletion or alteration of files, etc. Please note that until this directory is not removed phpBB3 will not operate and a warning message will be displayed. Beyond this <strong>essential</strong> deletion you may also wish to delete the docs/ directories if you wish.</p>
+	<a name="postinstall"></a><h2>6. Important (security related) post-Install tasks for all installation methods</h2>
+
+	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
+
+	<p>Once you have successfully installed phpBB3 you <strong>MUST</strong> ensure you remove the entire install/ directory. Leaving the install directory in place is a <em>very serious potential security issue</em> which may lead to deletion or alteration of files, etc. Please note that until this directory is removed, phpBB3 will not operate and a warning message will be displayed. Beyond this <strong>essential</strong> deletion, you may also wish to delete the docs/ directories if you wish.</p>
 
 	<p>With these directories deleted you should proceed to the administration panel. Depending on how the installation completed you may have been directed there automatically. If not, login as the administrator you specified during install/conversion and click the <strong>Administration Panel</strong> link at the bottom of any page. Ensure that details specified in <code>Admin -&gt; General</code> are correct!</p>
 
-</div>
-<a href="#top">Top</a>
-<br /><br />
-
-<a name="avatars"></a><b>6.i. Uploadable avatars</b>
-<br /><br />
-<div class="paragraph">
+<a name="avatars"></a><h3>6.i. Uploadable avatars</h3>
 
 	<p>phpBB3 supports several methods for allowing users to select their own <em>avatar</em> (an avatar is a small image generally unique to a user and displayed just below their username in posts).</p>
 
@@ -520,27 +407,42 @@ p a {
 	<p>On Windows system you need to ensure the directory is not write-protected and that it has global write permissions (see your servers documentation or contact your hosting provider if you are unsure on how to achieve this).</p>
 
 	<p>Please be aware that setting a directories permissions to global write access is a potential security issue. While it is unlikely that anything nasty will occur (such as all the avatars being deleted) there are always people out there to cause trouble. Therefore you should monitor this directory and if possible make regular backups.</p>
-</div>
 
-<a href="#top">Top</a>
-<br /><br />
+		</div>
 
-<hr />
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-<a name="disclaimer"></a><h1>7. Copyright and disclaimer</h1>
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
+
+	<hr />
+
+<a name="disclaimer"></a><h2>7. Copyright and disclaimer</h2>
 
 	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
 
-	<p>This application is opensource software released under the <a href="http://www.gnu.org/licenses/gpl.html">GPL</a>. Please see source code and the docs directory for more details. This package and its contents are Copyright (c) 2007 <a href="http://www.phpbb.com/">phpBB Group</a>, All Rights Reserved.</p>
+		<div class="content">
 
-</div>
-<a href="#top">Top</a>
+	<p>This application is opensource software released under the <a href="http://opensource.org/licenses/gpl-license.php">GPL</a>. Please see source code and the docs directory for more details. This package and its contents are Copyright (c) 2000, 2002, 2005, 2007 <a href="http://www.phpbb.com/">phpBB Group</a>, All Rights Reserved.</p>
+
+		</div>
+
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
+
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
 
 <!-- END DOCUMENT -->
 
-</div>
+	<div id="page-footer">
+		<div class="version">&nbsp;</div>
+	</div>
+</div></div>
 
-<div id="footer">&nbsp;<br /><br /></div>
+<div>
+	<a id="bottom" name="bottom" accesskey="z"></a>
+</div>
 
 </body>
 </html>

phpBB/docs/README.html

@@ -1,210 +1,102 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
-    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en" xml:lang="en">
 <head>
-<title>phpBB 3.0.x Readme</title>
-<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
-<meta http-equiv="Content-Style-Type" content="text/css" />
+
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<meta http-equiv="content-style-type" content="text/css" />
+<meta http-equiv="content-language" content="en" />
+<meta http-equiv="imagetoolbar" content="no" />
 <meta name="resource-type" content="document" />
-<meta name="description" lang="en" content="phpBB 3.0.x Readme" />
-<meta name="keywords" lang="en" content="" />
-<meta name="author" content="phpBB Group" />
-<meta name="copyright" content="phpBB Group" />
-<meta name="MSSmartTagsPreventParsing" content="true" />
+<meta name="distribution" content="global" />
+<meta name="copyright" content="2007 phpBB Group" />
+<meta name="keywords" content="" />
+<meta name="description" content="phpBB 3.0.x Readme" />
+<title>phpBB3 &bull; Readme</title>
 
-<style type="text/css">
-<!--
-
-/* The original "subSilver" theme for phpBB2 Created by subBlue design :: http://www.subBlue.com */
-body {
-	background-color: white;
-	font-family: Verdana, Arial, Helvetica, sans-serif;
-	margin: 0;
-	border: 0;
-	padding: 0;
-}
-
-img {
-	border: 0;
-}
-
-p {
-	font-size: 8pt;
-}
-
-hr { 
-	height: 0; 
-	border: solid #D1D7DC 0;
-	border-top-width: 1px;
-}
-
-#title, h1 {
-	font: bold 18pt 'Trebuchet MS', Verdana, sans-serif;
-	text-decoration: none;
-	line-height: 120%;
-}
-
-h2 {
-	font: bold 12pt Arial, Helvetica, sans-serif;
-	text-decoration: none;
-	line-height: 120%;
-}
-
-h3 {
-	font: bold 10pt Arial, Helvetica, sans-serif;
-	text-decoration: none;
-	line-height: 120%;
-}
-
-.paragraph {
-	margin-left: 20px;
-}
-
-/* Structure */
-#logo {
-	background: #fff url(header_bg.jpg) repeat-x top right;
-	height: 60px;
-}
-
-#title {
-	color: #12749b;
-	float: right;
-	margin: 10px 10px 0;
-}
-
-#main {
-	margin-left: 25px;
-	margin-right: 25px;
-}
-
-.good {
-	color: green;
-}
-
-.bad {
-	color: red;
-}
-
-#footer {
-	margin-left: 75px;
-	font-size: 70%;
-	color: #006600;
-}
-
-code {
-	color: #006600; 
-	font-weight: normal;
-	font-family: 'Courier New', monospace;
-	border-color: #D1D7DC;
-	border-width: 1px;
-	border-style: solid;
-	background-color: #FAFAFA;
-}
-
-.indent p {
-	padding-left: 20px;
-	font-size: 90%;
-}
-
-/* Anchors */
-a {
-	font-size: 70%;
-}
-
-a:link, a:active, a:visited {
-	color:	#006699;
-	text-decoration: none;
-}
-
-a:hover {
-	color: #DD6900;
-	text-decoration: underline;
-}
-
-a.nav {
-	color: #006699;
-	text-decoration: none;
-}
-
-a.nav:hover {
-	text-decoration: underline;
-}
-
-p a {
-	font-size: 100%;
-}
-
-.menu {
-	font-size: 80%;
-}
-
-.menu li a {
-	font-size: 100%;
-}
-
-.comment {
-	color: green;
-}
-
-//-->
-</style>
+<link href="stylesheet.css" rel="stylesheet" type="text/css" media="screen, projection" />
 
 </head>
 
-<body>
+<body id="phpbb" class="section-docs">
 
-<div id="logo">
-	<div id="title">phpBB 3.0.x Readme</div>
-	<img src="header_left.jpg" alt="phpBB Logo" />
-</div>
+<div id="wrap">
+	<a id="top" name="top" accesskey="t"></a>
+	<div id="page-header">
+		<div class="headerbar">
+			<div class="inner"><span class="corners-top"><span></span></span>
 
-<a name="top"></a><div id="main">
+			<div id="doc-description">
+				<a href="../index.php" id="logo"><img src="site_logo.gif" alt="" /></a>
+				<h1>phpBB 3.0.x Readme</h1>
+				<p style="display: none;"><a href="#start_here">Skip</a></p>
+			</div>
+
+			<span class="corners-bottom"><span></span></span></div>
+		</div>
+	</div>
+
+	<a name="start_here"></a>
+
+	<div id="page-body">
 
 <!-- BEGIN DOCUMENT -->
 
-<p>Thank you for downloading phpBB3. This README will guide through the basics of installation and operation of phpBB3. Please ensure you read this and the accompanying documentation fully <strong>before</strong> proceeding with the installation.</p>
+	<p>Thank you for downloading phpBB3. This README will guide through the basics of installation and operation of phpBB3. Please ensure you read this and the accompanying documentation fully <strong>before</strong> proceeding with the installation.</p>
 
-<h1>Readme</h1>
+	<h1>Readme</h1>
 
-<ol class="menu">
-	<li><a href="#install">Installing phpBB3</a></li>
-	<li><a href="#run">Running phpBB3</a>
-	<ol type="i">
-		<li><a href="#i18n">Internationalisation (i18n)</a></li>
-		<li><a href="#styles">Styles</a></li>
-		<li><a href="#mods">Modifications</a></li>
-	</ol>
-	</li>
-	<li><a href="#help">Getting help with phpBB3</a>
-	<ol type="i">
-		<li><a href="#docs">Documentation</a></li>
-		<li><a href="#website">Community Forums</a></li>
-		<li><a href="#irc">Internet Relay Chat</a></li>
-	</ol>
-	</li>
-	<li><a href="#status">Status of this version</a></li>
-	<li><a href="#bugs">Reporting Bugs</a>
-	<ol type="i">
-		<li><a href="#securitybugs">Security related bugs</a></li>
-	</ol>
-	</li>
-	<li><a href="#curbugs">Overview of current bug list</a></li>
-	<li><a href="#php">PHP compatibility issues</a></li>
-	<li><a href="#disclaimer">Disclaimer</a></li>
-</ol>
+	<div class="paragraph menu">
+		<div class="inner"><span class="corners-top"><span></span></span>
 
-<hr />
+		<div class="content">
 
-<a name="install"></a><h1>1. Installing phpBB3</h1>
+			<ol>
+				<li><a href="#install">Installing phpBB3</a></li>
+				<li><a href="#run">Running phpBB3</a>
+				<ol style="list-style-type: lower-roman;">
+					<li><a href="#i18n">Internationalisation (i18n)</a></li>
+					<li><a href="#styles">Styles</a></li>
+					<li><a href="#mods">Modifications</a></li>
+				</ol>
+				</li>
+				<li><a href="#help">Getting help with phpBB3</a>
+				<ol style="list-style-type: lower-roman;">
+					<li><a href="#docs">Documentation</a></li>
+					<li><a href="#website">Community Forums</a></li>
+					<li><a href="#irc">Internet Relay Chat</a></li>
+				</ol>
+				</li>
+				<li><a href="#status">Status of this version</a></li>
+				<li><a href="#bugs">Reporting Bugs</a>
+				<ol style="list-style-type: lower-roman;">
+					<li><a href="#securitybugs">Security related bugs</a></li>
+				</ol>
+				</li>
+				<li><a href="#curbugs">Overview of current bug list</a></li>
+				<li><a href="#php">PHP compatibility issues</a></li>
+				<li><a href="#disclaimer">Disclaimer</a></li>
+			</ol>
 
-<div class="paragraph">
+		</div>
+
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
+
+	<hr />
+
+	<a name="install"></a><h2>1. Installing phpBB3</h2>
+
+	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
 
 	<p>Installation, update and conversion instructions can be found in the <a href="INSTALL.html">INSTALL</a> document contained in this distribution. If you are intending to convert from a previous phpBB 2.0.x installation we highly recommend you backup any existing data before proceeding!</p>
 
 	<p>Users of phpBB3 Beta versions cannot directly update.</p>
 
 	<p>Please note that we won't support the following installation types:</p>
-	<ul class="menu">
+	<ul>
 		<li>Updates from phpBB3 Beta versions to phpBB3 RC1 and higher</li>
 		<li>Conversions from phpBB 2.0.x to phpBB3 Beta versions</li>
 		<li>phpBB3 Beta installations</li>
@@ -212,25 +104,31 @@ p a {
 
 	<p>We give support for the following installation types:</p>
 
-	<ul class="menu">
-		<li>Updates from phpBB3 RC1 to any higher version</li>
-		<li>Conversions from phpBB 2.0.x to phpBB3 RC1 and higher</li>
-		<li>New installations of phpBB3 RC1 and higher</li>
+	<ul>
+		<li>Updates from phpBB3 RC1 to the latest version</li>
+		<li>Conversions from phpBB 2.0.x to the latest version</li>
+		<li>New installations of phpBB3 - always only the latest released version</li>
 	</ul>
 
-</div>
-<a href="#top">Top</a>
-<br /><br />
+		</div>
 
-<hr />
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-<a name="run"></a><h1>2. Running phpBB3</h1>
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
+
+	<hr />
+
+	<a name="run"></a><h2>2. Running phpBB3</h2>
+
+	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
 
 	<p>Once installed phpBB is easily managed by both admin and moderator control panels. If you need help or advice with phpBB please see <a href="#help">Section 3</a> below.</p>
 
-	<a name="i18n"></a><b>2.i. Internationalisation (i18n)</b>
-	<br /><br />
-	<div class="paragraph">
+	<a name="i18n"></a><h3>2.i. Internationalisation (i18n)</h3>
 
 	<p>A number of language packs and style localisations are available. You can find them on our official download page:</p>
 
@@ -238,17 +136,11 @@ p a {
 
 	<p>This is the <em>official</em> location for all supported language sets. If you download a package from a 3rd party site you do so with the understanding that we cannot offer support. So please, do not ask for help in these cases!</p>
 
-	<p>Installation of these packages is straightforward, simply download the required language pack and unarchive it into the <samp>languages/</samp> folder. Please ensure you retain the directory structure when doing this! Once uploaded go to the <code>Admin-&gt;System-&gt;Language Packs</code> and install the now appeared new language pack. To install the style image packs you should unarchive the file/s into the styles/subsilver2/imageset directory, again you must retain the directory structure. Once installed the languages will become immediately available.</p>
+	<p>Installation of these packages is straightforward, simply download the required language pack and unarchive it into the <samp>languages/</samp> folder. Please ensure you retain the directory structure when doing this! Once uploaded go to the <code>Admin-&gt;System-&gt;Language Packs</code> and install the now appeared new language pack. To install the style imageset you should download the imageset for your language and unarchive the file/s into the relevant imageset directory (styles/prosilver/imageset or styles/subsilver2/imageset), again you must retain the directory structure. Once installed the imageset will become immediately available.</p>
 
-	<p>If your language is not available please visit our forums where you will find a topic listing translations currently available or in preparation. This topic also gives you information should you wish to volunteer to translate a language not currently listed</p>
+	<p>If your language is not available please visit our forums where you will find a topic listing translations currently available or in preparation. This topic also gives you information should you wish to volunteer to translate a language not currently listed.</p>
 
-	</div>
-	<a href="#top">Top</a>
-	<br /><br />
-
-	<a name="styles"></a><b>2.ii. Styles</b>
-	<br /><br />
-	<div class="paragraph">
+	<a name="styles"></a><h3>2.ii. Styles</h3>
 
 	<p>Although phpBB Group are rather proud of the included styles we realise that it may not be to everyones tastes. Therefore phpBB3 allows styles to be switched with relative ease. Firstly you need to locate and download a style you like. We maintain such a site at</p>
 
@@ -258,13 +150,9 @@ p a {
 
 	<p>Once you have downloaded a style the usual next step is to unarchive (or upload the unarchived contents of) the package into your <samp>styles/</samp> directory. You then need to visit <code>Administration -&gt; Styles</code>, you should see the new style available, click install and it will become available for all your users.</p>
 
-	</div>
-	<a href="#top">Top</a>
-	<br /><br />
+	<p><strong>Please note</strong> that if you create your own style or modify existing ones, please remember to enable the &quot;Recompile stale style components&quot; setting within the <code>Admin-&gt;General-&gt;Load Settings</code> screen. This setting allows the cache to detect changes made to the style and automatically refresh it. If this setting is disabled, you will not see your changes taking effect.</p>
 
-	<a name="mods"></a><b>2.iii. Modifications</b>
-	<br /><br />
-	<div class="paragraph">
+	<a name="mods"></a><h3>2.iii. Modifications</h3>
 
 	<p>Although not officially supported by phpBB Group, phpBB has a thriving modification scene. These third party modifications to the standard phpBB extend its capabilities still further and can be found at:</p>
 
@@ -274,19 +162,25 @@ p a {
 
 	<p>Also remember that any modifications which modify the database in any way may render upgrading your forum to future versions more difficult unless we state otherwise. With all this said many users have and continue to utilise many of the mods already available with great success.</p>
 
+		</div>
+
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
+
+		<span class="corners-bottom"><span></span></span></div>
 	</div>
-	<a href="#top">Top</a>
-	<br /><br />
 
-<hr />
+	<hr />
 
-<a name="help"></a><h1>3. Getting help with phpBB3</h1>
+<a name="help"></a><h2>3. Getting help with phpBB3</h2>
+
+	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
 
 	<p>phpBB3 can seem a little daunting to new users in places, particularly with regard the permission system. The first thing you should do is check the <a href="FAQ.html">FAQ</a> which covers a few basic getting started questions. If you need additional help there are several places you should look.</p>
 
-	<a name="docs"></a><b>3.i. phpBB3 Documentation</b>
-	<br /><br />
-	<div class="paragraph">
+	<a name="docs"></a><h3>3.i. phpBB3 Documentation</h3>
 
 	<p>A comprehensive documentation is now available online and can be accessed from the following location:</p>
 
@@ -294,14 +188,7 @@ p a {
 
 	<p>This covers everything from installation through setting permissions and managing users.</p>
 
-	</div>
-	<a href="#top">Top</a>
-	<br /><br />
-
-	<a name="website"></a><b>3.ii. Community Forums</b>
-	<br /><br />
-
-	<div class="paragraph">
+	<a name="website"></a><h3>3.ii. Community Forums</h3>
 
 	<p>phpBB Group maintains a thriving community where a number of people have generously decided to donate their time to help support users. This site can be found at:</p>
 
@@ -309,48 +196,57 @@ p a {
 
 	<p>If you do seek help via our forums please be sure to do a Search before posting. This may well save both you and us time and allow the developer, moderator and support groups to spend more time responding to people with unknown issues and problems. Please also remember that phpBB is an entirely volunteer effort, no one receives any compensation for the time they give, this includes moderators as well as developers. So please be respectful and mindful when awaiting responses.</p>
 
-	</div>
-	<a href="#top">Top</a>
-	<br /><br />
-
-	<a name="irc"></a><b>3.iii Internet Relay Chat</b>
-	<br /><br />
-	<div class="paragraph">
+	<a name="irc"></a><h3>3.iii Internet Relay Chat</h3>
 
 	<p>Another place you may find help is our IRC channel. This operates on the Freenode IRC network, <em>irc.freenode.net</em> and the channel is <em>#phpbb</em> and can be accessed by any good IRC client such as mIRC, XChat, etc. Again, please do not abuse this service and be respectful of other users.</p>
 
+		</div>
+
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
+
+		<span class="corners-bottom"><span></span></span></div>
 	</div>
-	<a href="#top">Top</a>
-	<br /><br />
 
-<hr />
+	<hr />
 
-<a name="status"></a><h1>4. Status of this version</h1>
+<a name="status"></a><h2>4. Status of this version</h2>
+
+	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
 
-<div class="paragraph">
 	<p>This is the third stable release of phpBB. The 3.0.x line is essentially feature frozen, with only point releases seeing fixes for bugs and security issues, though feature alterations and minor feature additions may be done if deemed absolutely required. Our next major release will be phpBB 3.2 and the planning phase has begun (the unstable development version is 3.1). Please do not post questions asking when 3.2 will be available, no release date has been set.</p>
 
 	<p>For those interested in the development of phpBB should keep an eye on the community forums to see how things are progressing:</p>
 
-	<p><a href="http://area51.phpbb.com/">http://area51.phpbb.com/phpBB/</a></p>
+	<p><a href="http://area51.phpbb.com/phpBB/">http://area51.phpbb.com/phpBB/</a></p>
 
 	<p>Please note that this forum should <strong>NOT</strong> be used to obtain support for or ask questions about phpBB 2.0.x or phpBB 3.0.x, the main community forums are the place for this. Any such posts will be locked and go unanswered.</p>
-</div>
-<a href="#top">Top</a>
-<br /><br />
 
-<hr />
+		</div>
 
-<a name="bugs"></a><h1>5. Reporting Bugs</h1>
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
+
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
+
+	<hr />
+
+<a name="bugs"></a><h2>5. Reporting Bugs</h2>
+
+	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
 
-<div class="paragraph">
 	<p>The phpBB Group uses a bug tracking system to store, list and manage all reported bugs, it can be found at the location listed below. Please <strong>DO NOT</strong> post bug reports to our forums, they will be locked. In addition please <strong>DO NOT</strong> use the bug tracker for support requests. Posting such a request will only see you directed to the support forums (while taking time away from working on real bugs).</p>
 
 	<p><a href="http://www.phpbb.com/bugs/">http://www.phpbb.com/bugs/</a></p>
 
 	<p>While we very much appreciate receiving bug reports (the more reports the more stable phpBB will be) we ask you carry out a few steps before adding new entries:</p>
 
-	<ul class="menu">
+	<ul>
 		<li>Firstly determine if your bug is reproduceable, how to determine this depends on the bug in question. Only if the bug is reproduceable it is likely to be a problem with phpBB3 (or in some way connected). If something cannot be reproduced it may turn out to have been your hosting provider working on something, a user doing something silly, etc. Bug reports for non-reproduceable events can slow down our attempts to fix real, reproduceable issues<br /><br /></li>
 		<li>Next please read or search through the existing bug reports to see if <em>your</em> bug (or one very similar to it) is already listed. If it is please add to that existing bug rather than creating a new duplicate entry (all this does is slow us down).<br /><br /></li>
 		<li>Check the forums (use search!) to see if people have discussed anything that sounds similar to what you are seeing. However, as noted above please <strong>DO NOT</strong> post your particular bug to the forum unless it's non-reproduceable or you are sure it's related to something you have done rather phpBB3<br /><br /></li>
@@ -359,10 +255,10 @@ p a {
 
 	<p>If you do post a new bug (i.e. one that isn't already listed in the bug tracker) firstly make sure you have logged in (your username and password are the same as for the community forums) then please include the following details:</p>
 
-	<ul class="menu">
-		<li>Your server type/version, eg. Apache 1.3.28, IIS 4, Sambar, etc.</li>
-		<li>PHP version and mode of operation, eg. PHP 5.1.1 as a module, PHP 4.4.4 running as CGI, etc.</li>
-		<li>DB type/version, eg. MySQL 4.0.1, PostgreSQL 7.3.2, MSSQL Server 2000 SP1, etc.</li>
+	<ul>
+		<li>Your server type/version, e.g. Apache 1.3.28, IIS 4, Sambar, etc.</li>
+		<li>PHP version and mode of operation, e.g. PHP 5.1.1 as a module, PHP 4.4.4 running as CGI, etc.</li>
+		<li>DB type/version, e.g. MySQL 4.0.1, PostgreSQL 7.3.2, MSSQL Server 2000 SP1, etc.</li>
 	</ul>
 
 	<p>The relevant database type/version is listed within the administration control panel</p>
@@ -371,76 +267,97 @@ p a {
 
 	<p>Once a bug has been submitted you will be emailed any follow up comments added to it. <strong>Please</strong> if you are requested to supply additional information, do so! It is frustrating for us to receive bug reports, ask for additional information but get nothing. In these cases we have a policy of closing the bug, which may leave a very real problem in place. Obviously we would rather not have this situation arise.</p>
 
-</div>
-<a href="#top">Top</a>
-<br /><br />
+<a name="securitybugs"></a><h3>5.i. Security related bugs</h3>
 
-<a name="securitybugs"></a><b>5.i. Security related bugs</b>
-<br /><br />
-<div class="paragraph">
 	<p>If you find a potential security related vulnerability in phpBB please <strong>DO NOT</strong> post it to the bug tracker, public forums, etc.! Doing so may allow unscrupulous users to take advantage of it before we have time to put a fix in place. All security related bugs should be sent to our security tracker:</p>
 
 	<p><a href="http://www.phpbb.com/security/">http://www.phpbb.com/security/</a></p>
 
-</div>
-<a href="#top">Top</a>
-<br /><br />
+		</div>
 
-<hr />
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-<a name="curbugs"></a><h1>6. Overview of current bug list</h1>
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
+
+	<hr />
+
+<a name="curbugs"></a><h2>6. Overview of current bug list</h2>
+
+	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
 
-<div class="paragraph">
 	<p>This list is not complete but does represent those bugs which may effect users on a wider scale. Other bugs listed in the tracker have typically been shown to be limited to certain setups or methods of installation, updating and/or conversions.</p>
 
-	<ul class="menu">
-		<li>By default cannot post very large messages with MSSQL (this can be configured within MSSQL)</li>
+	<ul>
 		<li>Conversions may fail to complete on large boards under some hosts</li>
+		<li>Updates may fail to complete on large update sets under some hosts</li>
+		<li>Smilies placed directly after bbcode tags will not get parsed. Smilies always need to be separated by spaces.</li>
 	</ul>
 
-</div>
-<a href="#top">Top</a>
-<br /><br />
+		</div>
 
-<hr />
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
 
-<a name="php"></a><h1>7. PHP compatibility issues</h1>
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
+
+	<hr />
+
+<a name="php"></a><h2>7. PHP compatibility issues</h2>
+
+	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
 
-<div class="paragraph">
 	<p>phpBB is no longer supported on PHP3 due to several compatibility issues and we recommend that you upgrade to the latest stable release of PHP5 to run phpBB. The minimum version required is PHP 4.3.3.</p>
 
 	<p>Please remember that running any application on a developmental version of PHP can lead to strange/unexpected results which may appear to be bugs in the application (which may not be true). Therefore we recommend you upgrade to the newest stable version of PHP before running phpBB3. If you are running a developmental version of PHP please check any bugs you find on a system running a stable release before submitting.</p>
 
 	<p>This board has been developed and tested under Linux and Windows (amongst others) running Apache using MySQL 3.23, 4.x, 5.x, MSSQL Server 2000, PostgreSQL 7.x, Oracle 8, SQLite and Firebird. Versions of PHP used range from 4.3.3 to 6.0.0-dev without problem. </p>
-</div>
-<a href="#top">Top</a>
-<br /><br />
 
-<a name="phpsec"></a><b>7.i. Notice on PHP security issues</b>
+<a name="phpsec"></a><h3>7.i. Notice on PHP security issues</h3>
 
-<br /><br />
-<div class="paragraph">
 <p>Currently there are no known issues regarding PHP security.</p>
-</div>
-<a href="#top">Top</a>
-<br /><br />
 
-<hr />
+		</div>
 
-<a name="disclaimer"></a><h1>8. Copyright and disclaimer</h1>
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
+
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
+
+	<hr />
+
+<a name="disclaimer"></a><h2>8. Copyright and disclaimer</h2>
 
 	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
 
-	<p>This application is opensource software released under the <a href="http://www.gnu.org/licenses/gpl.html">GPL</a>. Please see source code and the docs directory for more details. This package and its contents are Copyright (c) 2007 <a href="http://www.phpbb.com/">phpBB Group</a>, All Rights Reserved.</p>
+		<div class="content">
 
-</div>
-<a href="#top">Top</a>
+	<p>This application is opensource software released under the <a href="http://opensource.org/licenses/gpl-license.php">GPL</a>. Please see source code and the docs directory for more details. This package and its contents are Copyright (c) 2000, 2002, 2005, 2007 <a href="http://www.phpbb.com/">phpBB Group</a>, All Rights Reserved.</p>
+
+		</div>
+
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
+
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
 
 <!-- END DOCUMENT -->
 
-</div>
+	<div id="page-footer">
+		<div class="version">&nbsp;</div>
+	</div>
+</div></div>
 
-<div id="footer">&nbsp;<br /><br /></div>
+<div>
+	<a id="bottom" name="bottom" accesskey="z"></a>
+</div>
 
 </body>
 </html>

phpBB/docs/auth_api.html

@@ -1,191 +1,60 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
-    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en" xml:lang="en">
 <head>
-<title>Auth API</title>
-<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
-<meta http-equiv="Content-Style-Type" content="text/css" />
+
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<meta http-equiv="content-style-type" content="text/css" />
+<meta http-equiv="content-language" content="en" />
+<meta http-equiv="imagetoolbar" content="no" />
 <meta name="resource-type" content="document" />
-<meta name="description" lang="en" content="Olympus coding guidelines document" />
-<meta name="keywords" lang="en" content="" />
-<meta name="author" content="phpBB Group" />
-<meta name="copyright" content="phpBB Group" />
-<meta name="MSSmartTagsPreventParsing" content="true" />
-<link rel="shortcut icon" href="" />
+<meta name="distribution" content="global" />
+<meta name="copyright" content="2007 phpBB Group" />
+<meta name="keywords" content="" />
+<meta name="description" content="This is an explanation of how to use the phpBB auth/acl API" />
+<title>phpBB3 &bull; Auth API</title>
 
-<style type="text/css">
-<!--
-
-/*
-	    The original "subSilver" theme for phpBB2
-	Created by subBlue design :: http://www.subBlue.com
-*/
-
-body {
-	background-color:	white;
-	font-family:		Verdana, Arial, Helvetica, sans-serif;
-	margin:				0px;
-	border:				0px;
-	padding:			0px;
-}
-
-img {
-	border: 0;
-}
-
-p {
-	font-size:	8pt;
-}
-
-hr { 
-	height: 0px; 
-	border: solid #D1D7DC 0px; 
-	border-top-width: 1px;
-}
-
-#title, h1 {
-	font: bold 18pt 'Trebuchet MS', Verdana, sans-serif;
-	text-decoration: none; 
-	line-height: 120%; 
-}
-
-h2 {
-	font: bold 12pt Arial, Helvetica, sans-serif;
-	text-decoration: none; 
-	line-height: 120%; 
-}
-
-h3 {
-	font: bold 10pt Arial, Helvetica, sans-serif;
-	text-decoration: none; 
-	line-height: 120%; 
-}
-
-.paragraph {
-	margin-left: 20px;
-}
-
-/* 
-	Structure 
-*/
-#logo {
-	background: #fff url(header_bg.jpg) repeat-x top right;
-	height: 60px;
-}
-
-#title {
-	color: #12749b;
-	float: right;
-	margin: 10px 10px 0;
-}
-
-#main {
-	margin-left: 25px;
-	margin-right: 25px;
-}
-
-.good {
-	color: green;
-}
-
-.bad {
-	color: red;
-}
-
-#footer {
-	margin-left: 75px;
-	font-size: 70%;
-	color: #006600;
-}
-
-code { 
-	color: #006600; 
-	font-weight: normal; 
-	font-family: 'Courier New', monospace; 
-	border-color: #D1D7DC; 
-	border-width: 1px; 
-	border-style: solid; 
-	background-color: #FAFAFA; 
-}
-
-.indent p {
-	padding-left: 20px;
-	font-size: 90%;
-}
-
-/*
-	Anchors
-*/
-a {
-	font-size: 70%;
-}
-
-a:link, a:active, a:visited {
-	color:	#006699;
-	text-decoration:	none;
-}
-
-a:hover {
-	color:				#DD6900;
-	text-decoration:	underline;
-}
-
-a.nav {
-	color:				#006699;
-	text-decoration:	none;
-}
-
-a.nav:hover {
-	text-decoration:	underline;
-}
-
-p a {
-	font-size: 100%;
-}
-
-.menu {
-	font-size: 80%;
-}
-
-.menu li a {
-	font-size: 100%;
-}
-//-->
-</style>
-
-<!--[if IE]>
-<style type="text/css">
-body {
-	scrollbar-face-color:		#DEE3E7;
-	scrollbar-highlight-color:	white;
-	scrollbar-shadow-color:		#DEE3E7;
-	scrollbar-3dlight-color:	#D1D7DC;
-	scrollbar-arrow-color:		#006699;
-	scrollbar-track-color:		#EFEFEF;
-	scrollbar-darkshadow-color: #98AAB1;
-}
-</style>
-<![endif]-->
+<link href="stylesheet.css" rel="stylesheet" type="text/css" media="screen, projection" />
 
 </head>
 
-<body>
+<body id="phpbb" class="section-docs">
 
-<div id="logo">
-	<div id="title">Auth API</div>
-	<a href="index.php"><img src="header_left.jpg" alt="phpBB Logo" /></a>
-</div>
+<div id="wrap">
+	<a id="top" name="top" accesskey="t"></a>
+	<div id="page-header">
+		<div class="headerbar">
+			<div class="inner"><span class="corners-top"><span></span></span>
 
-<a name="top"></a><div id="main">
+			<div id="doc-description">
+				<a href="../index.php" id="logo"><img src="site_logo.gif" alt="" /></a>
+				<h1>Auth API</h1>
+				<p>This is an explanation of how to use the phpBB auth/acl API</p>
+				<p style="display: none;"><a href="#start_here">Skip</a></p>
+			</div>
 
-<p>This is an explanation of how to use the phpBB auth/acl API. This document is (c) 2006 phpBB Group, copying or redistribution is not allowed without permission.</p>
+			<span class="corners-bottom"><span></span></span></div>
+		</div>
+	</div>
 
-<h1>Auth API</h1>
+	<a name="start_here"></a>
 
-<ol class="menu">
+	<div id="page-body">
+
+<!-- BEGIN DOCUMENT -->
+
+	<p>This is an explanation of how to use the phpBB auth/acl API.</p>
+
+	<h1>Auth API</h1>
+
+	<div class="paragraph menu">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
+
+<ol>
 	<li><a href="#intro">Introduction</a></li>
 	<li><a href="#methods">Methods</a>
-	<ol type="i">
+	<ol style="list-style-type: lower-roman;">
 		<li><a href="#acl">acl</a></li>
 		<li><a href="#acl_get">acl_get</a></li>
 		<li><a href="#acl_gets">acl_gets</a></li>
@@ -195,64 +64,72 @@ body {
 	</ol>
 	</li>
 	<li><a href="#admin_related">Admin related functions</a></li>
+	<li><a href="#disclaimer">Copyright and disclaimer</a></li>
 </ol>
 
-<hr />
+		</div>
 
-<a name="intro"></a><h1>1. Introduction</h1>
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
+
+	<hr />
+
+<a name="intro"></a><h2>1. Introduction</h2>
 
 	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
 
-	<h3>What is it?</h3>
+		<div class="content">
+
+	<h4>What is it?</h4>
 
 	<p>The <code>auth</code> class contains methods related to authorisation users to access various board functions, e.g. posting, viewing, replying, logging in (and out), etc. If you need to check whether a user can carry out a task or handle user login/logouts this class is required.</p>
 
-	<h3>Initialisation</h3>
+	<h4>Initialisation</h4>
 
 	<p>To use any methods contained with the <code>auth</code> class it first needs to be instantiated. This is best achieved early in the execution of the script in the following manner:</p>
 
-	<blockquote><pre>
+	<div class="codebox"><pre>
 $auth = new auth();
-	</pre></blockquote>
+	</pre></div>
 
 	<p>Once an instance of the class has been created you are free to call the various methods it contains. Please note that should you wish to use the <code>auth_admin</code> methods you will need to instantiate this separately but in the same way.</p>
 
+		</div>
+
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
+
+		<span class="corners-bottom"><span></span></span></div>
 	</div>
-	<a href="#top">Top</a>
-	<br /><br />
 
-<hr />
+	<hr />
 
-<a name="methods"></a><h1>2. Methods</h1>
+<a name="methods"></a><h2>2. Methods</h2>
+
+	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
 
 	<p>Following are the methods you are able to use.</p>
 
-	<a name="acl"></a><b>2.i. acl</b>
-	<br /><br />
-	<div class="paragraph">
+	<a name="acl"></a><h3>2.i. acl</h3>
 	
 	<p>The <code>acl</code> method is the initialisation routine for all the acl functions. If you intend calling any acl method you must first call this. The method takes as its one and only required parameter an associative array containing user information as stored in the database. This array must contain at least the following information; user_id, user_permissions and user_type. It is called in the following way:</p>
 
-	<blockquote><pre>
+	<div class="codebox"><pre>
 $auth-&gt;acl(<code>userdata</code>);
-	</pre></blockquote>
+	</pre></div>
 
 	<p>Where userdata is the array containing the aforementioned data.</p>
 
-	</div>
-	<a href="#top">Top</a>
-	<br /><br />
-
-
-	<a name="acl_get"></a><b>2.ii. acl_get</b>
-	<br /><br />
-	<div class="paragraph">
+	<a name="acl_get"></a><h3>2.ii. acl_get</h3>
 
 	<p>This method is the primary way of determining what a user can and cannot do for a given option globally or in a given forum. The method should be called in the following way:</p>
 
-	<blockquote><pre>
+	<div class="codebox"><pre>
 $result = $auth-&gt;acl_get(<code>option</code>[, <code>forum</code>]);
-	</pre></blockquote>
+	</pre></div>
 
 	<p>Where option is a string representing the required option, e.g. 'f_list', 'm_edit', 'a_adduser', etc. By adding a ! in front of the option, e.g. '!f_list' the result of this method will be negated. The optional forum term is the integer forum_id.</p>
 
@@ -262,109 +139,114 @@ $result = $auth-&gt;acl_get(<code>option</code>[, <code>forum</code>]);
 
 	<p>There are some special options or <em>flags</em> which are used as prefixes for other options, e.g. 'f_' or 'm_'. These flags will automatically be set to a positive integer if the user has one or more permissions with the given prefix. A local setting will result in the flag being set only locally (so it will require a forum id to retrieve). If a user has one or more global permissions with the prefix acl_get will return a positive integer regardless of the forum id.</p>
 
-	</div>
-	<a href="#top">Top</a>
-	<br /><br />
-
-
-	<a name="acl_gets"></a><b>2.iii. acl_gets</b>
-	<br /><br />
-	<div class="paragraph">
+	<a name="acl_gets"></a><h3>2.iii. acl_gets</h3>
 
 	<p>This method is funtionally similar to <code>acl_get</code> in that it returns information on whether a user can or cannot carry out a given task. The difference here is the ability to test several different options in one go. This may be useful for testing whether a user is a moderator or an admin in one call. Rather than having to call and check <code>acl_get</code> twice.</p>
 
 	<p>The method should be called thus:</p>
 
-	<blockquote><pre>
+	<div class="codebox"><pre>
 $result = $auth-&gt;acl_gets(<code>option1</code>[, <code>option2</code>, ..., <code>optionN</code>, <code>forum</code>]);
-	</pre></blockquote>
+	</pre></div>
 
 	<p>As with the <code>acl_get</code> method the options are strings representing the required permissions to check. The forum again is an integer representing a given forum_id.</p>
 
 	<p>The method will return a positive integer if <code>acl_get</code> for one of the options evaluates to a positive integer (combines permissions with OR).</p>
 
-	</div>
-	<a href="#top">Top</a>
-	<br /><br />
-
-
-	<a name="acl_getf"></a><b>2.iv. acl_getf</b>
-	<br /><br />
-	<div class="paragraph">
+	<a name="acl_getf"></a><h3>2.iv. acl_getf</h3>
 
 	<p>This method is used to find out in which forums a user is allowed to carry out an operation or to find out in which forums he is not allowed to carry out an operation. The method should be called in the following way:</p>
 
-	<blockquote><pre>
+	<div class="codebox"><pre>
 $result = $auth-&gt;acl_getf(<code>option</code>[, <code>clean</code>]);
-	</pre></blockquote>
+	</pre></div>
 
 	<p>Just like in the <code>acl_get</code> method the option is a string specifying the permission which has to be checked (negation using ! is allowed). The second parameter is a boolean. If it is set to false this method returns all forums with either zero or a positive integer. If it is set to true only those forums with a positive integer as the result will be returned.</p>
 
 	<p>The method returns an associative array of the form:</p>
 
-	<blockquote><pre>
+	<div class="codebox"><pre>
 array(<em>forum_id1</em> =&gt; array(<em>option</em> =&gt; <em>integer</em>), <em>forum_id2</em> =&gt; ...)
-	</pre></blockquote>
+	</pre></div>
 
 	<p>Where option is the option passed to the method and integer is either zero or a positive integer and the same <code>acl_get(option, forum_id)</code> would return.</p>
 
-	</div>
-	<a href="#top">Top</a>
-	<br /><br />
-
-
-	<a name="acl_getf_global"></a><b>2.v. acl_getf_global</b>
-	<br /><br />
-	<div class="paragraph">
+	<a name="acl_getf_global"></a><h3>2.v. acl_getf_global</h3>
 
 	<p>This method is used to find out whether a user has a permission in at least one forum or globally. This method is similar to checking whether <code>acl_getf(option, true)</code> returned one or more forums but it's faster. It should be called in the following way:</p>
 
-	<blockquote><pre>
+	<div class="codebox"><pre>
 $result = acl_getf_global(<code>option</code>)
-	</pre></blockquote>
+	</pre></div>
 
 	<p>As with the previous methods option is a string specifying the permission which has to be checked.</p>
 
 	<p>This method returns either zero or a positive integer.</p>
 
-	</div>
-	<a href="#top">Top</a>
-	<br /><br />
-
-
-	<a name="acl_cache"></a><b>2.vi. acl_cache</b>
-	<br /><br />
-	<div class="paragraph">
+	<a name="acl_cache"></a><h3>2.vi. acl_cache</h3>
 
 	<p>This should be considered a private method and not be called externally. It handles the generation of the user_permissions data from the basic user and group authorisation data. When necessary this method is called automatically by <code>acl</code>.</p>
 
+		</div>
+
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
+
+		<span class="corners-bottom"><span></span></span></div>
 	</div>
-	<a href="#top">Top</a>
-	<br /><br />
 
-<hr />
+	<hr />
 
-<a name="admin_related"></a><h1>3. Admin related functions</h1>
+<a name="admin_related"></a><h2>3. Admin related functions</h2>
 
 	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
 
 	<p>A number of additional methods are available related to <code>auth</code>. These handle more basic functions such as adding user and group permissions, new options and clearing the user cache. These methods are contained within a separate class, <code>auth_admin</code>. This can be found in <code>includes/acp/auth.php</code>.</p>
 
 	<p>To use any methods this class contains it first needs to be instantiated separately from <code>auth</code>. This is achieved in the same way as <code>auth</code>:</p>
 
-	<blockquote><pre>
+	<div class="codebox"><pre>
 $auth_admin = new auth_admin();
-	</pre></blockquote>
+	</pre></div>
 
 	<p>This instance gives you access to both the methods of this specific class and that of <code>auth</code>.</p>
 
+		</div>
+
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
+
+		<span class="corners-bottom"><span></span></span></div>
 	</div>
-	<a href="#top">Top</a>
 
-</div>
+	<hr />
 
-<div id="footer"> $Id$ 
-<br /><br />
+<a name="disclaimer"></a><h2>4. Copyright and disclaimer</h2>
+
+	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
+
+	<p>This application is opensource software released under the <a href="http://opensource.org/licenses/gpl-license.php">GPL</a>. Please see source code and the docs directory for more details. This package and its contents are Copyright (c) 2000, 2002, 2005, 2007 <a href="http://www.phpbb.com/">phpBB Group</a>, All Rights Reserved.</p>
+
+		</div>
+
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
+
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
+
+<!-- END DOCUMENT -->
+
+	<div id="page-footer">
+		<div class="version"> $Id$ </div>
+	</div>
+</div></div>
+
+<div>
+	<a id="bottom" name="bottom" accesskey="z"></a>
 </div>
 
 </body>

phpBB/docs/hook_system.html

@@ -0,0 +1,859 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en" xml:lang="en">
+<head>
+
+<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+<meta http-equiv="content-style-type" content="text/css" />
+<meta http-equiv="content-language" content="en" />
+<meta http-equiv="imagetoolbar" content="no" />
+<meta name="resource-type" content="document" />
+<meta name="distribution" content="global" />
+<meta name="copyright" content="2007 phpBB Group" />
+<meta name="keywords" content="" />
+<meta name="description" content="Hook System explanation" />
+<title>phpBB3 &bull; Hook System</title>
+
+<style type="text/css">
+<!--
+
+/*
+	The original "prosilver" theme for phpBB3
+	Created by subBlue design :: http://www.subBlue.com
+*/
+
+* { margin: 0; padding: 0; }
+
+html { font-size: 100%; height: 100%; margin-bottom: 1px; }
+
+body {
+	font-family: Verdana, Helvetica, Arial, sans-serif;
+	color: #828282;
+	background-color: #FFFFFF;
+	font-size: 12px;
+	margin: 0;
+	padding: 12px 0;
+}
+
+img { border-width: 0; }
+
+p {
+	line-height: 1.3em;
+	font-size: 1.1em;
+	margin-bottom: 1.5em;
+}
+
+hr {
+	border: 0 none #FFFFFF;
+	border-top: 1px solid #CCCCCC;
+	height: 1px;
+	margin: 5px 0;
+	display: block;
+	clear: both;
+}
+
+html, body {
+	color: #536482;
+	background-color: #FFFFFF;
+}
+
+#doc-description h1 {
+	font-family: "Trebuchet MS", Arial, Helvetica, sans-serif;
+	margin-right: 200px;
+	color: #FFFFFF;
+	margin-top: 15px;
+	font-weight: bold;
+	font-size: 2em;
+	color: #fff;
+}
+
+h1 {
+	font-family: "Trebuchet MS", Arial, Helvetica, sans-serif;
+	font-weight: normal;
+	color: #000;
+	font-size: 2em;
+	margin: 0.8em 0 0.2em 0;
+}
+
+h2 {
+	font-family: "Trebuchet MS", Arial, Helvetica, sans-serif;
+	font-weight: normal;
+	color: #28313F;
+	font-size: 1.5em;
+	margin: 0.8em 0 0.2em 0;
+}
+
+h3 {
+	font-family: Arial, Helvetica, sans-serif;
+	font-weight: bold;
+	border-bottom: 1px solid #CCCCCC;
+	margin-bottom: 3px;
+	padding-bottom: 2px;
+	font-size: 1.05em;
+	color: #115098;
+	margin-top: 20px;
+}
+
+.good { color: green; }
+.bad { color: red; }
+
+.version {
+	margin-top: 20px;
+	text-align: left;
+	font-size: 70%;
+	color: #006600;
+	border-top: 1px solid #ccc;
+}
+
+code { 
+	color: #006600; 
+	font-weight: normal; 
+	font-family: 'Courier New', monospace; 
+	border-color: #D1D7DC; 
+	border-width: 1px; 
+	border-style: solid; 
+	background-color: #FAFAFA; 
+}
+
+#wrap {
+	padding: 0 20px;
+	min-width: 650px;
+}
+
+#simple-wrap {
+	padding: 6px 10px;
+}
+
+#page-body {
+	margin: 4px 0;
+	clear: both;
+}
+
+#page-footer {
+	clear: both;
+}
+
+#logo {
+	float: left;
+	width: auto;
+	padding: 10px 13px 0 10px;
+}
+
+a#logo:hover {
+	text-decoration: none;
+}
+
+#doc-description {
+	float: left;
+	width: 70%;
+}
+
+#doc-description h1 {
+	margin-right: 0;
+}
+
+.headerbar {
+	background: #ebebeb none repeat-x 0 0;
+	color: #FFFFFF;
+	margin-bottom: 4px;
+	padding: 0 5px;
+}
+
+span.corners-top, span.corners-bottom, span.corners-top span, span.corners-bottom span {
+	font-size: 1px;
+	line-height: 1px;
+	display: block;
+	height: 5px;
+	background-repeat: no-repeat;
+}
+
+span.corners-top {
+	background-image: none;
+	background-position: 0 0;
+	margin: 0 -5px;
+}
+
+span.corners-top span {
+	background-image: none;
+	background-position: 100% 0;
+}
+
+span.corners-bottom {
+	background-image: none;
+	background-position: 0 100%;
+	margin: 0 -5px;
+	clear: both;
+}
+
+span.corners-bottom span {
+	background-image: none;
+	background-position: 100% 100%;
+}
+
+.paragraph {
+	padding: 0 10px;
+	margin-bottom: 4px;
+	background-repeat: no-repeat;
+	background-position: 100% 0;
+	background-color: #ECF3F7;
+}
+
+.paragraph:target .content {
+	color: #000000;
+}
+
+.paragraph:target h3 a {
+	color: #000000;
+}
+
+.content {
+	color: #333333;
+}
+
+.content h2, .panel h2 {
+	color: #115098;
+	border-bottom-color:  #CCCCCC;
+}
+
+a:link	{ color: #898989; text-decoration: none; }
+a:visited	{ color: #898989; text-decoration: none; }
+a:hover	{ color: #d3d3d3; text-decoration: underline; }
+a:active	{ color: #d2d2d2; text-decoration: none; }
+
+hr {
+	border-color: #FFFFFF;
+	border-top-color: #CCCCCC;
+}
+
+.menu {
+	background-color: #cadceb;
+}
+
+.headerbar {
+	background-color: #12A3EB;
+	background-image: url("bg_header.gif");
+	color: #FFFFFF;
+}
+
+.panel {
+	background-color: #ECF1F3;
+	color: #28313F;
+}
+
+
+span.corners-top {
+	background-image: url("corners_left.png");
+}
+
+span.corners-top span {
+	background-image: url("corners_right.png");
+}
+
+span.corners-bottom {
+	background-image: url("corners_left.png");
+}
+
+span.corners-bottom span {
+	background-image: url("corners_right.png");
+}
+
+.error {
+	color: #BC2A4D;
+}
+
+a:link	{ color: #105289; }
+a:visited	{ color: #105289; }
+a:hover	{ color: #D31141; }
+a:active	{ color: #368AD2; }
+
+.paragraph span.corners-top, .paragraph span.corners-bottom {
+	margin: 0 -10px;
+}
+
+.content {
+	padding: 0;
+	line-height: 1.48em;
+	color: #333333;
+}
+
+.content h2, .panel h2 {
+	color: #115098;
+	border-bottom-color:  #CCCCCC;
+}
+
+.notice {
+	border-top-color:  #CCCCCC;
+}
+
+.codebox {
+	padding: 3px;
+	background-color: #FFFFFF;
+	border: 1px solid #C9D2D8;
+	font-size: 1em;
+	margin-bottom: 10px;
+	display: block;
+	font: 0.9em Monaco, "Andale Mono","Courier New", Courier, mono;
+	line-height: 1.3em;
+}
+
+* html hr { margin: 0; }
+* html span.corners-top, * html span.corners-bottom { background-image: url("corners_left.gif"); }
+* html span.corners-top span, * html span.corners-bottom span { background-image: url("corners_right.gif"); }
+
+.back2top {
+	clear: both;
+	height: 11px;
+	text-align: right;
+}
+
+.content ol {
+	margin-left: 25px;
+}
+
+//-->
+</style>
+
+</head>
+
+<body id="phpbb" class="section-docs">
+
+<div id="wrap">
+	<a id="top" name="top" accesskey="t"></a>
+	<div id="page-header">
+		<div class="headerbar">
+			<div class="inner"><span class="corners-top"><span></span></span>
+
+			<div id="doc-description">
+				<a href="../index.php" id="logo"><img src="site_logo.gif" alt="" /></a>
+				<h1>Hook System</h1>
+				<p>This is an explanation of how to use the phpBB3 hook system.</p>
+				<p style="display: none;"><a href="#start_here">Skip</a></p>
+			</div>
+
+			<span class="corners-bottom"><span></span></span></div>
+		</div>
+	</div>
+
+	<a name="start_here"></a>
+
+	<div id="page-body">
+
+	<h1>Hook System</h1>
+
+	<div class="paragraph menu">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
+
+			<ol>
+				<li><a href="#intro">Introduction</a></li>
+				<li><a href="#use">Allow hooks in functions/methods</a></li>
+				<li><a href="#register">Registering hooks</a></li>
+				<li><a href="#return">Result returning</a></li>
+				<li><a href="#embed">Embedding your hook files/classes/methods</a></li>
+				<li><a href="#disclaimer">Copyright and disclaimer</a></li>
+			</ol>
+
+		</div>
+
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
+
+	<hr />
+
+	<a name="intro"></a><h2>1. Introduction</h2>
+
+	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
+
+<h3>What is it?</h3>
+
+<p>The hook system allows applicaton and mod developers to hook into phpBB's or their own functions.</p>
+
+<h3>Pre-defined hookable phpBB3 functions</h3>
+
+<p>In phpBB3 there are four functions you are able to hook into with your custom functions:</p>
+
+<p><code>phpbb_user_session_handler();</code> which is called within user::setup after the session and the user object is correctly initialized.<br />
+<code>append_sid($url, $params = false, $is_amp = true, $session_id = false);</code> which is called for building urls (appending the session id)<br />
+<code>$template-&gt;display($handle, $include_once = true);</code> which is called directly before outputting the (not-yet-compiled) template.<br />
+<code>exit_handler();</code> which is called at the very end of phpBB3's execution.</p>
+
+<p>There are also valid external constants you may want to use if you embed phpBB3 into your application:</p>
+
+<div class="codebox"><pre>
+PHPBB_MSG_HANDLER (overwrite message handler)
+PHPBB_DB_NEW_LINK (overwrite new_link parameter for sql_connect)
+PHPBB_ROOT_PATH   (overwrite $phpbb_root_path)
+PHPBB_ADMIN_PATH  (overwrite $phpbb_admin_path)
+</pre></div>
+
+		</div>
+
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
+
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
+
+	<a name="use"></a><h2>2. Allow hooks in functions/methods</h2>
+
+	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
+
+<p>The following examples explain how phpBB3 utilize the in-build hook system. You will be more interested in registering your hooks, but showing you this may help you understand the system better along the way.</p>
+
+<p>First of all, this is how a function need to be layed out if you want to allow it to be hookable...</p>
+
+<div class="codebox"><pre>
+function my_own_function($my_first_parameter, $my_second_parameter)
+{
+	global $phpbb_hook;
+
+	if ($phpbb_hook-&gt;call_hook(__FUNCTION__, $my_first_parameter, $my_second_parameter))
+	{
+		if ($phpbb_hook-&gt;hook_return(__FUNCTION__))
+		{
+			return $phpbb_hook-&gt;hook_return_result(__FUNCTION__);
+		}
+	}
+
+	[YOUR CODE HERE]
+}
+</pre></div>
+
+<p>Above, the call_hook function should always be mapping your function call... in regard to the number of parameters passed.</p>
+
+<p>This is how you could make a method being hookable...</p>
+
+<div class="codebox"><pre>
+class my_hookable_object
+{
+	function hook_me($my_first_parameter, $my_second_parameter)
+	{
+		global $phpbb_hook;
+
+		if ($phpbb_hook-&gt;call_hook(array(__CLASS__, __FUNCTION__), $my_first_parameter, $my_second_parameter))
+		{
+			if ($phpbb_hook-&gt;hook_return(array(__CLASS__, __FUNCTION__)))
+			{
+				return $phpbb_hook-&gt;hook_return_result(array(__CLASS__, __FUNCTION__));
+			}
+		}
+
+		[YOUR CODE HERE]
+	}
+}
+</pre></div>
+
+<p>The only difference about calling it is the way you define the first parameter. For a function it is only <code>__FUNCTION__</code>, for a method it is <code>array(__CLASS__, __FUNCTION__)</code>. In PHP4 __CLASS__ is always returning the class in lowercase.</p>
+
+<p>Now, in phpBB there are some pre-defined hooks available, but how do you make your own hookable function available (and therefore allowing others to hook into it)? For this, there is the add_hook() method:</p>
+
+<div class="codebox"><pre>
+// Adding your own hookable function:
+$phpbb_hook-&gt;add_hook('my_own_function');
+
+// Adding your own hookable method:
+$phpbb_hook-&gt;add_hook(array('my_hookable_object', 'hook_me'));
+</pre></div>
+
+<p>You are also able to remove the possibility of hooking a function/method by calling <code>$phpbb_hook-&gt;remove_hook()</code> with the same parameters as add_hook().<br />
+This comes in handy if you want to force some hooks not to be called - at all.</p>
+
+		</div>
+
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
+
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
+
+	<a name="register"></a><h2>3. Registering hooks</h2>
+
+	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
+
+		<h3>Registering hooks</h3>
+
+<p>Now to actually defining your functions which should be called. For this we take the append_sid() function as an example (this function is able to be hooked by default). We create two classes, one being static and a function:</p>
+
+<div class="codebox"><pre>
+class my_append_sid_class
+{
+	// Our functions
+	function my_append_sid(&amp;$hook, $url, $params = false, $is_amp = true, $session_id = false)
+	{
+		// Get possible previous results
+		$result = $hook-&gt;previous_hook_result('append_sid');
+
+		return $result['result'] . '&lt;br /&gt;And i was the second one.';
+	}
+}
+
+// Yet another class :o
+class my_second_append_sid_class
+{
+	function my_append_sid(&amp;$hook, $url, $params = false, $is_amp = true, $session_id = false)
+	{
+		// Get possible previous results
+		$result = $hook-&gt;previous_hook_result('append_sid');
+
+		echo $result['result'] . '&lt;br /&gt;I was called as the third one.';
+	}
+}
+
+// And a normal function
+function my_append_sid(&amp;$hook, $url, $params = false, $is_amp = true, $session_id = false)
+{
+	// Get possible previous results
+	$result = $hook-&gt;previous_hook_result('append_sid');
+
+	return 'I was called as the first one';
+}
+
+// Initializing the second class
+$my_second_append_sid_class = new my_second_append_sid_class();
+</pre></div>
+
+<p>Make sure you add the same parameters to your function as is defined for the hookable function with one exception: The first variable is always <code>&amp;$hook</code>... this is the hook object itself you are able to operate on.</p>
+
+<p>Now we register the hooks one by one with the <code>$phpbb_hook-&gt;register()</code> method:</p>
+
+<div class="codebox"><pre>
+// Now, we register our append_sid &quot;replacements&quot; in a stacked way...
+// Registering the function (this is called first)
+$phpbb_hook-&gt;register('append_sid', 'my_append_sid');
+
+// Registering the first class
+$phpbb_hook-&gt;register('append_sid', array('my_append_sid_class', 'my_append_sid'));
+$phpbb_hook-&gt;register('append_sid', array(&amp;$my_second_append_sid_class, 'my_append_sid'));
+</pre></div>
+
+<p>With this you are even able to make your own functions that are already hooked itself being hooked again...</p>
+
+<div class="codebox"><pre>
+// Registering hook, which will be called
+$phpbb_hook-&gt;register('append_sid', 'my_own_append_sid');
+
+// Add hook to our called hook function
+$phpbb_hook-&gt;add_hook('my_own_append_sid');
+
+// Register added hook
+$phpbb_hook-&gt;register('my_own_append_sid', 'also_my_own_append_sid');
+</pre></div>
+
+		<h3>Special treatment/chains</h3>
+
+		<p>The <code>register</code> method is able to take a third argument to specify a special 'chain' mode. The valid modes are <code>first</code>, <code>last</code> and <code>standalone</code></p>
+
+		<p><code>$phpbb_hook-&gt;register('append_sid', 'my_own_append_sid', 'first')</code> would make sure that the function is called in the beginning of the chain. It is possible that more than one function is called within the first block - here the FIFO principle is used.</p>
+
+		<p><code>$phpbb_hook-&gt;register('append_sid', 'my_own_append_sid', 'last')</code> would make sure that the function is called at the very end of the chain. It is possible that more than one function is called within the last block - here the FIFO principle is used.</p>
+
+		<p><code>$phpbb_hook-&gt;register('append_sid', 'my_own_append_sid', 'standalone')</code> makes sure only the defined function is called. All other functions are removed from the chain and no other functions are added to it later on. If two applications try to trigger the standalone mode a PHP notice will be printed and the second function being discarded.</p>
+
+		<h3>Only allowing hooks for some objects</h3>
+
+		<p>Because the hook system is not able to differate between initialized objects and only operate on the class, you need to solve this on the code level.</p>
+
+		<p>One possibility would be to use a property:</p>
+
+		<div class="codebox"><pre>
+class my_hookable_object
+{
+	function blabla()
+	{
+	}
+}
+
+class my_hookable_object2 extends my_hookable_object
+{
+	var $call_hook = true;
+
+	function hook_me($my_first_parameter, $my_second_parameter)
+	{
+		if ($this-&gt;call_hook)
+		{
+			global $phpbb_hook;
+
+			if ($phpbb_hook-&gt;call_hook(array(__CLASS__, __FUNCTION__), $my_first_parameter, $my_second_parameter))
+			{
+				if ($phpbb_hook-&gt;hook_return(array(__CLASS__, __FUNCTION__)))
+				{
+					return $phpbb_hook-&gt;hook_return_result(array(__CLASS__, __FUNCTION__));
+				}
+			}
+		}
+
+		return 'not hooked';
+	}
+}
+
+function hooking(&amp;$hook, $first, $second)
+{
+	return 'hooked';
+}
+
+$first_object = new my_hookable_object2();
+$second_object = new my_hookable_object2();
+
+$phpbb_hook-&gt;add_hook(array('my_hookable_object2', 'hook_me'));
+
+$phpbb_hook-&gt;register(array('my_hookable_object2', 'hook_me'), 'hooking');
+
+// Do not call the hook for $first_object
+$first_object-&gt;call_hook = false;
+
+echo $first_object-&gt;hook_me('first', 'second') . '&lt;br /&gt;';
+echo $second_object-&gt;hook_me('first', 'second') . '&lt;br /&gt;';
+</pre></div>
+
+<p>OUTPUT:</p>
+
+<div class="codebox"><pre>
+not hooked
+hooked 
+</pre></div>
+
+		<p>A different possibility would be using a function variable (which could be left out on passing the function variables to the hook):</p>
+
+		<div class="codebox"><pre>
+class my_hookable_object
+{
+	function blabla()
+	{
+	}
+}
+
+class my_hookable_object2 extends my_hookable_object
+{
+	function hook_me($my_first_parameter, $my_second_parameter, $hook_me = true)
+	{
+		if ($hook_me)
+		{
+			global $phpbb_hook;
+
+			if ($phpbb_hook-&gt;call_hook(array(__CLASS__, __FUNCTION__), $my_first_parameter, $my_second_parameter))
+			{
+				if ($phpbb_hook-&gt;hook_return(array(__CLASS__, __FUNCTION__)))
+				{
+					return $phpbb_hook-&gt;hook_return_result(array(__CLASS__, __FUNCTION__));
+				}
+			}
+		}
+
+		return 'not hooked';
+	}
+}
+
+function hooking(&amp;$hook, $first, $second)
+{
+	return 'hooked';
+}
+
+$first_object = new my_hookable_object2();
+$second_object = new my_hookable_object2();
+
+$phpbb_hook-&gt;add_hook(array('my_hookable_object2', 'hook_me'));
+
+$phpbb_hook-&gt;register(array('my_hookable_object2', 'hook_me'), 'hooking');
+
+echo $first_object-&gt;hook_me('first', 'second', false) . '&lt;br /&gt;';
+echo $second_object-&gt;hook_me('first', 'second') . '&lt;br /&gt;';
+		</pre></div>
+
+		<p>OUTPUT:</p>
+
+		<div class="codebox"><pre>
+not hooked
+hooked 
+		</pre></div>
+
+		</div>
+
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
+
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
+
+	<a name="return"></a><h2>4. Result returning</h2>
+
+	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
+
+<p>Generally, the distinction has to be made if a function returns the result obtained from the called function or continue the execution. Based on the needs of the application this may differ. Therefore, the function returns the results only if the called hook function is returning a result.</p>
+
+<h3>Case 1 - Returning the result</h3>
+
+<p>Imagine the following function supporting hooks:</p>
+
+<div class="codebox"><pre>
+function append_sid($url, $params = false, $is_amp = true, $session_id = false)
+{
+	global $_SID, $_EXTRA_URL, $phpbb_hook;
+
+	// Developers using the hook function need to globalise the $_SID and $_EXTRA_URL on their own and also handle it appropiatly.
+	// They could mimick most of what is within this function
+	if ($phpbb_hook-&gt;call_hook(__FUNCTION__, $url, $params, $is_amp, $session_id))
+	{
+		if ($phpbb_hook-&gt;hook_return(__FUNCTION__))
+		{
+			return $phpbb_hook-&gt;hook_return_result(__FUNCTION__);
+		}
+	}
+
+	[...]
+}
+</pre></div>
+
+<p>Now, the following function is yours. Since you return a value, the append_sid() function itself is returning it as is:</p>
+
+<div class="codebox"><pre>
+// The function called
+function my_append_sid(&amp;$hook, $url, $params = false, $is_amp = true, $session_id = false)
+{
+	// Get possible previous results
+	$result = $hook-&gt;previous_hook_result('append_sid');
+
+	return 'Since i return something the append_sid() function will return my result.';
+}
+</pre></div>
+
+<p>To be able to get the results returned from functions higher in the change the <code>previous_hook_result()</code> method should always be used, it returns an <code>array('result' => [your result])</code> construct.</p>
+
+<h3>Case 2 - Not Returning any result</h3>
+
+<p>Sometimes applications want to return nothing and therefore force the underlying function to continue it's execution:</p>
+
+<div class="codebox"><pre>
+function append_sid($url, $params = false, $is_amp = true, $session_id = false)
+{
+	global $_SID, $_EXTRA_URL, $phpbb_hook;
+
+	// Developers using the hook function need to globalise the $_SID and $_EXTRA_URL on their own and also handle it appropiatly.
+	// They could mimick most of what is within this function
+	if ($phpbb_hook-&gt;call_hook(__FUNCTION__, $url, $params, $is_amp, $session_id))
+	{
+		if ($phpbb_hook-&gt;hook_return(__FUNCTION__))
+		{
+			return $phpbb_hook-&gt;hook_return_result(__FUNCTION__);
+		}
+	}
+
+	[...]
+}
+
+// The function called
+function my_append_sid(&amp;$hook, $url, $params = false, $is_amp = true, $session_id = false)
+{
+	// Get possible previous results
+	$result = $hook-&gt;previous_hook_result('append_sid');
+
+	[...]
+
+	// I only rewrite some variables, but return nothing. Therefore, the append_sid() function will not return my (non)result.
+}
+</pre></div>
+
+<p>Please Note: The decision to return or not return is solely made of the very last function call within the hook chain. An example:</p>
+
+<div class="codebox"><pre>
+// The function called
+function my_append_sid(&amp;$hook, $url, $params = false, $is_amp = true, $session_id = false)
+{
+	// Get possible previous results
+	$result = $hook-&gt;previous_hook_result('append_sid');
+
+	// $result is not filled
+
+	return 'FILLED';
+}
+
+// This function is registered too and gets executed after my_append_sid()
+function my_own_append_sid(&amp;$hook, $url, $params = false, $is_amp = true, $session_id = false)
+{
+	$result = $hook->previous_hook_result('append_sid');
+
+	// $result is actually filled with $result['result'] = 'FILLED'
+	// But i return nothing, therefore append_sid() continues it's execution.
+}
+
+// The way both functions are registered.
+$phpbb_hook->register('append_sid', 'my_append_sid');
+$phpbb_hook->register('append_sid', 'my_own_append_sid');
+</pre></div>
+
+		</div>
+
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
+
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
+
+	<a name="embed"></a><h2>5. Embedding your hook files/classes/methods</h2>
+
+	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
+
+<p>There are basically two methods you are able to choose from:</p>
+
+<p>1) Add a file to includes/hooks/. The file need to be prefixed by <code>hook_</code>. This file is included within common.php, you are able to register your hooks, include other files or functions, etc. It is advised to only include other files if needed (within a function call for example).</p>
+
+<p>Please be aware that you need to purge your cache within the ACP to make your newly placed file available to phpBB3.</p>
+
+<p>2) The second method is meant for those wanting to wrap phpBB3 without placing a custom file to the hooks directory. This is mostly done by including phpBB's files within the application file. To be able to register your hooks you need to create a function within your application:</p>
+
+<div class="codebox"><pre>
+// My function which gets executed within the hooks constuctor
+function phpbb_hook_register(&amp;$hook)
+{
+	$hook-&gt;register('append_sid', 'my_append_sid');
+}
+
+[...]
+</pre></div>
+
+<p>You should get the idea. ;)</p>
+
+		</div>
+
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
+
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
+
+	<a name="disclaimer"></a><h2>6. Copyright and disclaimer</h2>
+
+	<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
+
+	<p>This application is opensource software released under the <a href="http://opensource.org/licenses/gpl-license.php">GPL</a>. Please see source code and the docs directory for more details. This package and its contents are Copyright (c) 2000, 2002, 2005, 2007 <a href="http://www.phpbb.com/">phpBB Group</a>, All Rights Reserved.</p>
+
+		</div>
+
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
+
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
+
+	<div id="page-footer">
+		<div class="version">$Id$</div>
+	</div>
+</div></div>
+
+<div>
+	<a id="bottom" name="bottom" accesskey="z"></a>
+</div>
+
+</body>
+</html>

phpBB/docs/stylesheet.css

@@ -0,0 +1,352 @@
+/*
+	The original "prosilver" theme for phpBB3
+	Created by subBlue design :: http://www.subBlue.com
+*/
+
+* { margin: 0; padding: 0; }
+
+html { font-size: 100%; height: 100%; margin-bottom: 1px; }
+
+body {
+	font-family: Verdana, Helvetica, Arial, sans-serif;
+	color: #828282;
+	background-color: #FFFFFF;
+	font-size: 12px;
+	margin: 0;
+	padding: 12px 0;
+}
+
+img { border-width: 0; }
+
+p {
+	line-height: 1.3em;
+	font-size: 1.1em;
+	margin-bottom: 1.5em;
+}
+
+hr {
+	border: 0 none #FFFFFF;
+	border-top: 1px solid #CCCCCC;
+	height: 1px;
+	margin: 5px 0;
+	display: block;
+	clear: both;
+}
+
+html, body {
+	color: #536482;
+	background-color: #FFFFFF;
+}
+
+#doc-description h1 {
+	font-family: "Trebuchet MS", Arial, Helvetica, sans-serif;
+	margin-right: 200px;
+	color: #FFFFFF;
+	margin-top: 15px;
+	font-weight: bold;
+	font-size: 2em;
+	color: #fff;
+}
+
+h1 {
+	font-family: "Trebuchet MS", Arial, Helvetica, sans-serif;
+	font-weight: normal;
+	color: #000;
+	font-size: 2em;
+	margin: 0.8em 0 0.2em 0;
+}
+
+h2 {
+	font-family: "Trebuchet MS", Arial, Helvetica, sans-serif;
+	font-weight: normal;
+	color: #28313F;
+	font-size: 1.5em;
+	margin: 0.8em 0 0.2em 0;
+}
+
+h3 {
+	font-family: Arial, Helvetica, sans-serif;
+	font-weight: bold;
+	border-bottom: 1px solid #CCCCCC;
+	margin-bottom: 3px;
+	padding-bottom: 2px;
+	font-size: 1.05em;
+	color: #115098;
+	margin-top: 20px;
+}
+
+h4 {
+	font-family: Arial, Helvetica, sans-serif;
+	font-weight: bold;
+	margin-bottom: 3px;
+	padding-bottom: 2px;
+	font-size: 1.05em;
+	color: #115098;
+	margin-top: 20px;
+}
+
+.good { color: green; }
+.bad { color: red; }
+
+.version {
+	margin-top: 20px;
+	text-align: left;
+	font-size: 70%;
+	color: #006600;
+	border-top: 1px solid #ccc;
+}
+
+code { 
+	color: #006600; 
+	font-weight: normal; 
+	font-family: 'Courier New', monospace; 
+	border-color: #D1D7DC; 
+	border-width: 1px; 
+	border-style: solid; 
+	background-color: #FAFAFA; 
+}
+
+#wrap {
+	padding: 0 20px;
+	min-width: 650px;
+}
+
+#simple-wrap {
+	padding: 6px 10px;
+}
+
+#page-body {
+	margin: 4px 0;
+	clear: both;
+}
+
+#page-footer {
+	clear: both;
+}
+
+#logo {
+	float: left;
+	width: auto;
+	padding: 10px 13px 0 10px;
+}
+
+a#logo:hover {
+	text-decoration: none;
+}
+
+#doc-description {
+	float: left;
+	width: 70%;
+}
+
+#doc-description h1 {
+	margin-right: 0;
+}
+
+.headerbar {
+	background: #ebebeb none repeat-x 0 0;
+	color: #FFFFFF;
+	margin-bottom: 4px;
+	padding: 0 5px;
+}
+
+span.corners-top, span.corners-bottom, span.corners-top span, span.corners-bottom span {
+	font-size: 1px;
+	line-height: 1px;
+	display: block;
+	height: 5px;
+	background-repeat: no-repeat;
+}
+
+span.corners-top {
+	background-image: none;
+	background-position: 0 0;
+	margin: 0 -5px;
+}
+
+span.corners-top span {
+	background-image: none;
+	background-position: 100% 0;
+}
+
+span.corners-bottom {
+	background-image: none;
+	background-position: 0 100%;
+	margin: 0 -5px;
+	clear: both;
+}
+
+span.corners-bottom span {
+	background-image: none;
+	background-position: 100% 100%;
+}
+
+.paragraph {
+	padding: 0 10px;
+	margin-bottom: 4px;
+	background-repeat: no-repeat;
+	background-position: 100% 0;
+	background-color: #ECF3F7;
+}
+
+.paragraph:target .content {
+	color: #000000;
+}
+
+.paragraph:target h3 a {
+	color: #000000;
+}
+
+.content {
+	color: #333333;
+}
+
+.content h2, .panel h2 {
+	color: #115098;
+	border-bottom-color:  #CCCCCC;
+}
+
+a:link	{ color: #898989; text-decoration: none; }
+a:visited	{ color: #898989; text-decoration: none; }
+a:hover	{ color: #d3d3d3; text-decoration: underline; }
+a:active	{ color: #d2d2d2; text-decoration: none; }
+
+hr {
+	border-color: #FFFFFF;
+	border-top-color: #CCCCCC;
+}
+
+.menu {
+	background-color: #cadceb;
+}
+
+.headerbar {
+	background-color: #12A3EB;
+	background-image: url("bg_header.gif");
+	color: #FFFFFF;
+}
+
+.panel {
+	background-color: #ECF1F3;
+	color: #28313F;
+}
+
+
+span.corners-top {
+	background-image: url("corners_left.png");
+}
+
+span.corners-top span {
+	background-image: url("corners_right.png");
+}
+
+span.corners-bottom {
+	background-image: url("corners_left.png");
+}
+
+span.corners-bottom span {
+	background-image: url("corners_right.png");
+}
+
+.error {
+	color: #BC2A4D;
+}
+
+a:link	{ color: #105289; }
+a:visited	{ color: #105289; }
+a:hover	{ color: #D31141; }
+a:active	{ color: #368AD2; }
+
+.paragraph span.corners-top, .paragraph span.corners-bottom {
+	margin: 0 -10px;
+}
+
+.content {
+	padding: 0;
+	line-height: 1.48em;
+	color: #333333;
+}
+
+.content h2, .panel h2 {
+	color: #115098;
+	border-bottom-color:  #CCCCCC;
+}
+
+.notice {
+	border-top-color:  #CCCCCC;
+}
+
+.codebox {
+	padding: 3px;
+	background-color: #FFFFFF;
+	border: 1px solid #C9D2D8;
+	font-size: 1em;
+	margin-bottom: 10px;
+	display: block;
+	font: 0.9em Monaco, "Andale Mono","Courier New", Courier, mono;
+	line-height: 1.3em;
+}
+
+* html hr { margin: 0; }
+* html span.corners-top, * html span.corners-bottom { background-image: url("corners_left.gif"); }
+* html span.corners-top span, * html span.corners-bottom span { background-image: url("corners_right.gif"); }
+
+.back2top {
+	clear: both;
+	height: 11px;
+	text-align: right;
+}
+
+.content ol, .content ul {
+	margin-left: 25px;
+	margin-top: 0;
+}
+
+.content ul + p, .content ul + div {
+	margin-top: 20px;
+}
+
+.comment {
+	color: green;
+}
+
+.indent {
+	margin-left: 20px;
+}
+
+.paragraph table  {
+	font-size:	8pt;
+	border-collapse: collapse;
+	border: 1px solid #cfcfcf;
+	margin-bottom: 20px;
+}
+
+.paragraph table caption  {
+	display: none;
+}
+
+.paragraph table thead  {
+	background-color: #cadceb;
+	color: #000;
+}
+
+.paragraph table td, .paragraph table th {
+	border: 1px solid #006699;
+	padding: 0.5em;
+	background-color: #e1ebf2;
+}
+
+.paragraph table th {
+	background-color: #cadceb;
+}
+
+.paragraph table td dl {
+	margin: 0;
+	padding: 0;
+}
+
+.paragraph table td dl dt {
+	float: left;
+	clear: both;
+	margin-right: 1em;
+}

phpBB/download/file.php

@@ -1,10 +1,10 @@
 <?php
-/** 
+/**
 *
 * @package phpBB3
 * @version $Id$
-* @copyright (c) 2005 phpBB Group 
-* @license http://opensource.org/licenses/gpl-license.php GNU Public License 
+* @copyright (c) 2005 phpBB Group
+* @license http://opensource.org/licenses/gpl-license.php GNU Public License
 *
 */
 
@@ -12,7 +12,7 @@
 * @ignore
 */
 define('IN_PHPBB', true);
-$phpbb_root_path = './';
+$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './../';
 $phpEx = substr(strrchr(__FILE__, '.'), 1);
 
 if (isset($_GET['avatar']))
@@ -32,6 +32,9 @@ if (isset($_GET['avatar']))
 		exit;
 	}
 	unset($dbpasswd);
+	
+	// worst-case default
+	$browser = (!empty($_SERVER['HTTP_USER_AGENT'])) ? htmlspecialchars((string) $_SERVER['HTTP_USER_AGENT']) : 'msie 6.0';
 
 	$config = $cache->obtain_config();
 	$filename = $_GET['avatar'];
@@ -53,9 +56,28 @@ if (isset($_GET['avatar']))
 		$db->sql_close();
 		exit;
 	}
-
+	
 	$ext		= substr(strrchr($filename, '.'), 1);
-	$filename	= intval($filename);
+	$stamp		= (int) substr(stristr($filename, '_'), 1);
+	$filename	= (int) $filename;
+	
+	// let's see if we have to send the file at all
+	$last_load 	=  isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) ? strtotime(trim($_SERVER['HTTP_IF_MODIFIED_SINCE'])) : false;
+	if (strpos(strtolower($browser), 'msie 6.0') === false)
+	{
+		if ($last_load !== false && $last_load <= $stamp)
+		{
+			header('Not Modified', true, 304);
+			// seems that we need those too ... browsers
+			header('Pragma: public');
+			header('Expires: ' . gmdate('D, d M Y H:i:s \G\M\T', time() + 31536000));
+			exit();
+		} 
+		else
+		{
+			header('Last-Modified: ' . gmdate('D, d M Y H:i:s', $stamp) . ' GMT');
+		}
+	}
 	
 	if (!in_array($ext, array('png', 'gif', 'jpg', 'jpeg')))
 	{
@@ -68,7 +90,7 @@ if (isset($_GET['avatar']))
 		$db->sql_close();
 		exit;
 	}
-
+	
 	if (!$filename)
 	{
 		// no way such an avatar could exist. They are not following the rules, stop the show.
@@ -80,9 +102,9 @@ if (isset($_GET['avatar']))
 		$db->sql_close();
 		exit;
 	}
- 
-	send_avatar_to_browser(($avatar_group ? 'g' : '') . $filename . '.' . $ext);
- 
+
+	send_avatar_to_browser(($avatar_group ? 'g' : '') . $filename . '.' . $ext, $browser);
+
 	if (!empty($cache))
 	{
 		$cache->unload();
@@ -149,7 +171,7 @@ else
 {
 	if (!$attachment['in_message'])
 	{
-		// 
+		//
 		$sql = 'SELECT p.forum_id, f.forum_password, f.parent_id
 			FROM ' . POSTS_TABLE . ' p, ' . FORUMS_TABLE . ' f
 			WHERE p.post_id = ' . $attachment['post_msg_id'] . '
@@ -231,15 +253,15 @@ if ($thumbnail)
 else if (($display_cat == ATTACHMENT_CATEGORY_NONE || $display_cat == ATTACHMENT_CATEGORY_IMAGE) && !$attachment['is_orphan'])
 {
 	// Update download count
-	$sql = 'UPDATE ' . ATTACHMENTS_TABLE . ' 
-		SET download_count = download_count + 1 
+	$sql = 'UPDATE ' . ATTACHMENTS_TABLE . '
+		SET download_count = download_count + 1
 		WHERE attach_id = ' . $attachment['attach_id'];
 	$db->sql_query($sql);
 }
 
 if ($display_cat == ATTACHMENT_CATEGORY_IMAGE && $mode === 'view' && (strpos($attachment['mimetype'], 'image') === 0) && strpos(strtolower($user->browser), 'msie') !== false)
 {
-	wrap_img_in_html(append_sid('./download.' . $phpEx, 'id=' . $attachment['attach_id']), $attachment['real_filename']);
+	wrap_img_in_html(append_sid($phpbb_root_path . 'download/file.' . $phpEx, 'id=' . $attachment['attach_id']), $attachment['real_filename']);
 }
 else
 {
@@ -267,16 +289,13 @@ else
 * A simplified function to deliver avatars
 * The argument needs to be checked before calling this function.
 */
-function send_avatar_to_browser($file)
+function send_avatar_to_browser($file, $browser)
 {
 	global $config, $phpbb_root_path;
 
-	$prefix = $config['avatar_salt'] . '_'; 
+	$prefix = $config['avatar_salt'] . '_';
 	$image_dir = $config['avatar_path'];
 
-	// worst-case default
-	$browser = (!empty($_SERVER['HTTP_USER_AGENT'])) ? htmlspecialchars((string) $_SERVER['HTTP_USER_AGENT']) : 'msie 6.0';
-
 	// Adjust image_dir path (no trailing slash)
 	if (substr($image_dir, -1, 1) == '/' || substr($image_dir, -1, 1) == '\\')
 	{
@@ -290,7 +309,7 @@ function send_avatar_to_browser($file)
 	}
 	$file_path = $phpbb_root_path . $image_dir . '/' . $prefix . $file;
 
-	if ((@file_exists($file_path) && @is_readable($file_path)) || headers_sent())
+	if ((@file_exists($file_path) && @is_readable($file_path)) && !headers_sent())
 	{
 		header('Pragma: public');
 
@@ -322,7 +341,20 @@ function send_avatar_to_browser($file)
 			header("Content-Length: $size");
 		}
 
-		readfile($file_path);
+		if (@readfile($file_path) === false)
+		{
+			$fp = @fopen($file_path, 'rb');
+
+			if ($fp !== false)
+			{
+				while (!feof($fp))
+				{
+					echo fread($fp, 8192);
+				}
+				fclose($fp);
+			}
+		}
+
 		flush();
 	}
 	else
@@ -415,7 +447,7 @@ function send_file_to_browser($attachment, $upload_dir, $category)
 
 	// Send out the Headers. Do not set Content-Disposition to inline please, it is a security measure for users using the Internet Explorer.
 	header('Content-Type: ' . $attachment['mimetype']);
- 
+
 	if (empty($user->browser) || (strpos(strtolower($user->browser), 'msie') !== false))
 	{
 		header('Content-Disposition: attachment; ' . header_filename(htmlspecialchars_decode($attachment['real_filename'])));
@@ -447,6 +479,10 @@ function send_file_to_browser($attachment, $upload_dir, $category)
 		}
 		fclose($fp);
 	}
+	else
+	{
+		@readfile($filename);
+	}
 
 	flush();
 	exit;

phpBB/download/index.htm

@@ -0,0 +1,10 @@
+<html>
+<head>
+<title></title>
+<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
+</head>
+
+<body bgcolor="#FFFFFF" text="#000000">
+
+</body>
+</html>

phpBB/faq.php

@@ -1,10 +1,10 @@
 <?php
-/** 
+/**
 *
 * @package phpBB3
 * @version $Id$
-* @copyright (c) 2005 phpBB Group 
-* @license http://opensource.org/licenses/gpl-license.php GNU Public License 
+* @copyright (c) 2005 phpBB Group
+* @license http://opensource.org/licenses/gpl-license.php GNU Public License
 *
 */
 
@@ -12,7 +12,7 @@
 * @ignore
 */
 define('IN_PHPBB', true);
-$phpbb_root_path = './';
+$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH : './';
 $phpEx = substr(strrchr(__FILE__, '.'), 1);
 include($phpbb_root_path . 'common.' . $phpEx);
 

phpBB/includes/acm/acm_file.php

@@ -1,13 +1,21 @@
 <?php
-/** 
+/**
 *
 * @package acm
 * @version $Id$
-* @copyright (c) 2005 phpBB Group 
-* @license http://opensource.org/licenses/gpl-license.php GNU Public License 
+* @copyright (c) 2005 phpBB Group
+* @license http://opensource.org/licenses/gpl-license.php GNU Public License
 *
 */
 
+/**
+* @ignore
+*/
+if (!defined('IN_PHPBB'))
+{
+	exit;
+}
+
 /**
 * ACM File Based Caching
 * @package acm
@@ -39,7 +47,7 @@ class acm
 		global $phpEx;
 		if (file_exists($this->cache_dir . 'data_global.' . $phpEx))
 		{
-			include($this->cache_dir . 'data_global.' . $phpEx);
+			@include($this->cache_dir . 'data_global.' . $phpEx);
 		}
 		else
 		{
@@ -59,12 +67,17 @@ class acm
 		unset($this->var_expires);
 		unset($this->sql_rowset);
 		unset($this->sql_row_pointer);
+
+		$this->vars = array();
+		$this->var_expires = array();
+		$this->sql_rowset = array();
+		$this->sql_row_pointer = array();
 	}
 
 	/**
 	* Save modified objects
 	*/
-	function save() 
+	function save()
 	{
 		if (!$this->is_modified)
 		{
@@ -159,7 +172,7 @@ class acm
 				return false;
 			}
 
-			include($this->cache_dir . "data{$var_name}.$phpEx");
+			@include($this->cache_dir . "data{$var_name}.$phpEx");
 			return (isset($data)) ? $data : false;
 		}
 		else
@@ -224,6 +237,11 @@ class acm
 		unset($this->sql_rowset);
 		unset($this->sql_row_pointer);
 
+		$this->vars = array();
+		$this->var_expires = array();
+		$this->sql_rowset = array();
+		$this->sql_row_pointer = array();
+
 		$this->is_modified = false;
 	}
 
@@ -256,7 +274,12 @@ class acm
 				}
 
 				// The following method is more failproof than simply assuming the query is on line 3 (which it should be)
-				$check_line = file_get_contents($this->cache_dir . $entry);
+				$check_line = @file_get_contents($this->cache_dir . $entry);
+
+				if (empty($check_line))
+				{
+					continue;
+				}
 
 				// Now get the contents between /* and */
 				$check_line = substr($check_line, strpos($check_line, '/* ') + 3, strpos($check_line, ' */') - strpos($check_line, '/* ') - 3);
@@ -264,7 +287,8 @@ class acm
 				$found = false;
 				foreach ($table as $check_table)
 				{
-					if (strpos($check_line, $check_table . ' ') !== false)
+					// Better catch partial table names than no table names. ;)
+					if (strpos($check_line, $check_table) !== false)
 					{
 						$found = true;
 						break;

phpBB/includes/acp/acp_attachments.php

@@ -1,13 +1,21 @@
 <?php
-/** 
+/**
 *
 * @package acp
 * @version $Id$
-* @copyright (c) 2005 phpBB Group 
-* @license http://opensource.org/licenses/gpl-license.php GNU Public License 
+* @copyright (c) 2005 phpBB Group
+* @license http://opensource.org/licenses/gpl-license.php GNU Public License
 *
 */
 
+/**
+* @ignore
+*/
+if (!defined('IN_PHPBB'))
+{
+	exit;
+}
+
 /**
 * @package acp
 */
@@ -27,6 +35,14 @@ class acp_attachments
 		$submit = (isset($_POST['submit'])) ? true : false;
 		$action = request_var('action', '');
 
+		$form_key = 'acp_attach';
+		add_form_key($form_key);
+
+		if ($submit && !check_form_key($form_key))
+		{
+			trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
+		}
+
 		switch ($mode)
 		{
 			case 'attach':
@@ -288,7 +304,7 @@ class acp_attachments
 						{
 							if ($row['group_id'] != $extensions[$row['extension_id']]['group_id'])
 							{
-								$sql = 'UPDATE ' . EXTENSIONS_TABLE . ' 
+								$sql = 'UPDATE ' . EXTENSIONS_TABLE . '
 									SET group_id = ' . (int) $extensions[$row['extension_id']]['group_id'] . '
 									WHERE extension_id = ' . $row['extension_id'];
 								$db->sql_query($sql);
@@ -303,7 +319,7 @@ class acp_attachments
 
 						if (sizeof($extension_id_list))
 						{
-							$sql = 'SELECT extension 
+							$sql = 'SELECT extension
 								FROM ' . EXTENSIONS_TABLE . '
 								WHERE ' . $db->sql_in_set('extension_id', $extension_id_list);
 							$result = $db->sql_query($sql);
@@ -315,7 +331,7 @@ class acp_attachments
 							}
 							$db->sql_freeresult($result);
 
-							$sql = 'DELETE 
+							$sql = 'DELETE
 								FROM ' . EXTENSIONS_TABLE . '
 								WHERE ' . $db->sql_in_set('extension_id', $extension_id_list);
 							$db->sql_query($sql);
@@ -371,8 +387,8 @@ class acp_attachments
 					'GROUP_SELECT_OPTIONS'	=> (isset($_POST['add_extension_check'])) ? $this->group_select('add_group_select', $add_extension_group, 'extension_group') : $this->group_select('add_group_select', false, 'extension_group'))
 				);
 
-				$sql = 'SELECT * 
-					FROM ' . EXTENSIONS_TABLE . ' 
+				$sql = 'SELECT *
+					FROM ' . EXTENSIONS_TABLE . '
 					ORDER BY group_id, extension';
 				$result = $db->sql_query($sql);
 
@@ -441,7 +457,7 @@ class acp_attachments
 						$ext_row = array();
 					}
 
-					$group_name = request_var('group_name', '', true);
+					$group_name = utf8_normalize_nfc(request_var('group_name', '', true));
 					$new_group_name = ($action == 'add') ? $group_name : (($ext_row['group_name'] != $group_name) ? $group_name : '');
 
 					if (!$group_name)
@@ -452,7 +468,7 @@ class acp_attachments
 					// Check New Group Name
 					if ($new_group_name)
 					{
-						$sql = 'SELECT group_id 
+						$sql = 'SELECT group_id
 							FROM ' . EXTENSION_GROUPS_TABLE . "
 							WHERE LOWER(group_name) = '" . $db->sql_escape(utf8_strtolower($new_group_name)) . "'";
 						$result = $db->sql_query($sql);
@@ -527,7 +543,7 @@ class acp_attachments
 
 					if (sizeof($extension_list))
 					{
-						$sql = 'UPDATE ' . EXTENSIONS_TABLE . " 
+						$sql = 'UPDATE ' . EXTENSIONS_TABLE . "
 							SET group_id = $group_id
 							WHERE " . $db->sql_in_set('extension_id', $extension_list);
 						$db->sql_query($sql);
@@ -559,15 +575,15 @@ class acp_attachments
 
 						if (confirm_box(true))
 						{
-							$sql = 'SELECT group_name 
+							$sql = 'SELECT group_name
 								FROM ' . EXTENSION_GROUPS_TABLE . "
 								WHERE group_id = $group_id";
 							$result = $db->sql_query($sql);
 							$group_name = (string) $db->sql_fetchfield('group_name');
 							$db->sql_freeresult($result);
 
-							$sql = 'DELETE 
-								FROM ' . EXTENSION_GROUPS_TABLE . " 
+							$sql = 'DELETE
+								FROM ' . EXTENSION_GROUPS_TABLE . "
 								WHERE group_id = $group_id";
 							$db->sql_query($sql);
 
@@ -618,7 +634,7 @@ class acp_attachments
 						if ($action == 'add')
 						{
 							$ext_group_row = array(
-								'group_name'	=> request_var('group_name', '', true),
+								'group_name'	=> utf8_normalize_nfc(request_var('group_name', '', true)),
 								'cat_id'		=> 0,
 								'allow_group'	=> 1,
 								'allow_in_pm'	=> 1,
@@ -983,7 +999,7 @@ class acp_attachments
 						'PHYSICAL_FILENAME'	=> basename($row['physical_filename']),
 						'ATTACH_ID'			=> $row['attach_id'],
 						'POST_IDS'			=> (!empty($post_ids[$row['attach_id']])) ? $post_ids[$row['attach_id']] : '',
-						'U_FILE'			=> append_sid($phpbb_root_path . 'download.' . $phpEx, 'mode=view&amp;id=' . $row['attach_id']))
+						'U_FILE'			=> append_sid($phpbb_root_path . 'download/file.' . $phpEx, 'mode=view&amp;id=' . $row['attach_id']))
 					);
 				}
 				$db->sql_freeresult($result);

phpBB/includes/acp/acp_ban.php

@@ -1,13 +1,21 @@
 <?php
-/** 
+/**
 *
 * @package acp
 * @version $Id$
-* @copyright (c) 2005 phpBB Group 
-* @license http://opensource.org/licenses/gpl-license.php GNU Public License 
+* @copyright (c) 2005 phpBB Group
+* @license http://opensource.org/licenses/gpl-license.php GNU Public License
 *
 */
 
+/**
+* @ignore
+*/
+if (!defined('IN_PHPBB'))
+{
+	exit;
+}
+
 /**
 * @package acp
 */
@@ -23,22 +31,29 @@ class acp_ban
 		include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
 
 		$bansubmit	= (isset($_POST['bansubmit'])) ? true : false;
-		$unbansubmit= (isset($_POST['unbansubmit'])) ? true : false;
+		$unbansubmit = (isset($_POST['unbansubmit'])) ? true : false;
 		$current_time = time();
 
 		$user->add_lang(array('acp/ban', 'acp/users'));
 		$this->tpl_name = 'acp_ban';
+		$form_key = 'acp_ban';
+		add_form_key($form_key);
+
+		if (($bansubmit || $unbansubmit) && !check_form_key($form_key))
+		{
+			trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
+		}
 
 		// Ban submitted?
 		if ($bansubmit)
 		{
 			// Grab the list of entries
-			$ban				= request_var('ban', '', true);
+			$ban				= utf8_normalize_nfc(request_var('ban', '', true));
 			$ban_len			= request_var('banlength', 0);
 			$ban_len_other		= request_var('banlengthother', '');
 			$ban_exclude		= request_var('banexclude', 0);
-			$ban_reason			= request_var('banreason', '', true);
-			$ban_give_reason	= request_var('bangivereason', '', true);
+			$ban_reason			= utf8_normalize_nfc(request_var('banreason', '', true));
+			$ban_give_reason	= utf8_normalize_nfc(request_var('bangivereason', '', true));
 
 			if ($ban)
 			{
@@ -97,9 +112,8 @@ class acp_ban
 			'S_USERNAME_BAN'	=> ($mode == 'user') ? true : false,
 			
 			'U_ACTION'			=> $this->u_action,
-			'U_FIND_USER'		=> append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&amp;form=acp_ban&amp;field=ban'),
-			)
-		);
+			'U_FIND_USERNAME'	=> append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&amp;form=acp_ban&amp;field=ban'),
+		));
 	}
 
 	/**
@@ -179,10 +193,10 @@ class acp_ban
 			foreach ($ban_length as $ban_id => $length)
 			{
 				$template->assign_block_vars('ban_length', array(
-					'BAN_ID'	=> $ban_id,
+					'BAN_ID'	=> (int) $ban_id,
 					'LENGTH'	=> $length,
-					'A_LENGTH'	=> addslashes($length))
-				);
+					'A_LENGTH'	=> addslashes($length),
+				));
 			}
 		}
 
@@ -193,8 +207,8 @@ class acp_ban
 				$template->assign_block_vars('ban_reason', array(
 					'BAN_ID'	=> $ban_id,
 					'REASON'	=> $reason,
-					'A_REASON'	=> addslashes(htmlspecialchars_decode($reason)))
-				);
+					'A_REASON'	=> addslashes(htmlspecialchars_decode($reason)),
+				));
 			}
 		}
 
@@ -205,8 +219,8 @@ class acp_ban
 				$template->assign_block_vars('ban_give_reason', array(
 					'BAN_ID'	=> $ban_id,
 					'REASON'	=> $reason,
-					'A_REASON'	=> addslashes(htmlspecialchars_decode($reason)))
-				);
+					'A_REASON'	=> addslashes(htmlspecialchars_decode($reason)),
+				));
 			}
 		}
 

phpBB/includes/acp/acp_bbcodes.php

@@ -8,6 +8,14 @@
 *
 */
 
+/**
+* @ignore
+*/
+if (!defined('IN_PHPBB'))
+{
+	exit;
+}
+
 /**
 * @package acp
 */
@@ -28,6 +36,9 @@ class acp_bbcodes
 
 		$this->tpl_name = 'acp_bbcodes';
 		$this->page_title = 'ACP_BBCODES';
+		$form_key = 'acp_bbcodes';
+
+		add_form_key($form_key);
 
 		// Set up mode-specific vars
 		switch ($action)
@@ -75,8 +86,8 @@ class acp_bbcodes
 				$display_on_posting = request_var('display_on_posting', 0);
 
 				$bbcode_match = request_var('bbcode_match', '');
-				$bbcode_tpl = htmlspecialchars_decode(request_var('bbcode_tpl', '', true));
-				$bbcode_helpline = request_var('bbcode_helpline', '', true);
+				$bbcode_tpl = htmlspecialchars_decode(utf8_normalize_nfc(request_var('bbcode_tpl', '', true)));
+				$bbcode_helpline = utf8_normalize_nfc(request_var('bbcode_helpline', '', true));
 			break;
 		}
 
@@ -295,16 +306,22 @@ class acp_bbcodes
 		// @todo Make sure to change this too if something changed in message parsing
 		$tokens = array(
 			'URL'	 => array(
-				'!([a-z0-9]+://)?([^< "\r\n\t\]]*?)!ie'	=>	"(('\$1') ? '\$1\$2' : 'http://\$2')"
+				'!(?:(' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('url')) . ')|(' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('www_url')) . '))!ie'	=>	"\$this->bbcode_specialchars(('\$1') ? '\$1' : 'http://\$2')"
 			),
 			'LOCAL_URL'	 => array(
-				'!([^:]+/[^< "\r\n\t\]]*?)!'	=>	'$1'
+				'!(' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('relative_url')) . ')!e'	=>	"\$this->bbcode_specialchars('$1')"
 			),
 			'EMAIL' => array(
-				'!([a-z0-9]+[a-z0-9\-\._]*@(?:(?:[0-9]{1,3}\.){3,5}[0-9]{1,3}|[a-z0-9]+[a-z0-9\-\._]*\.[a-z]+))!i'	=>	'$1'
+				'!([a-z0-9]+[a-z0-9\-\._]*@(?:(?:[0-9]{1,3}\.){3,5}[0-9]{1,3}|[a-z0-9]+[a-z0-9\-\._]*\.[a-z]+))!i'	=>	"\$this->bbcode_specialchars('$1')"
 			),
 			'TEXT' => array(
-				'!(.*?)!es'	 =>	"str_replace(\"\\r\\n\",\"\\n\", str_replace('\\\"', '\"', str_replace('\\'', '&#39;', trim('\$1'))))"
+				'!(.*?)!es'	 =>	"str_replace(array(\"\\r\\n\", '\\\"', '\\'', '(', ')'), array(\"\\n\", '\"', '&#39;', '&#40;', '&#41;'), trim('\$1'))"
+			),
+			'SIMPLETEXT' => array(
+				'!([a-zA-Z0-9-+.,_ ]+)!'	 =>	"$1"
+			),
+			'IDENTIFIER' => array(
+				'!([a-zA-Z0-9-_]+)!'	 =>	"$1"
 			),
 			'COLOR' => array(
 				'!([a-z]+|#[0-9abcdef]+)!i'	=>	'$1'
@@ -314,6 +331,17 @@ class acp_bbcodes
 			)
 		);
 
+		$sp_tokens = array(
+			'URL'	 => '(?i)((?:' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('url')) . ')|(?:' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('www_url')) . '))(?-i)',
+			'LOCAL_URL'	 => '(?i)(' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('relative_url')) . ')(?-i)',
+			'EMAIL' => '([a-zA-Z0-9]+[a-zA-Z0-9\-\._]*@(?:(?:[0-9]{1,3}\.){3,5}[0-9]{1,3}|[a-zA-Z0-9]+[a-zA-Z0-9\-\._]*\.[a-zA-Z]+))',
+			'TEXT' => '(.*?)',
+			'SIMPLETEXT' => '([a-zA-Z0-9-+.,_ ]+)',
+			'IDENTIFIER' => '([a-zA-Z0-9-_]+)',
+			'COLOR' => '([a-zA-Z]+|#[0-9abcdefABCDEF]+)',
+			'NUMBER' => '([0-9]+)',
+		);
+
 		$pad = 0;
 		$modifiers = 'i';
 
@@ -359,7 +387,7 @@ class acp_bbcodes
 				$fp_match = str_replace(preg_quote($token, '!'), $regex, $fp_match);
 				$fp_replace = str_replace($token, $replace, $fp_replace);
 
-				$sp_match = str_replace(preg_quote($token, '!'), '(.*?)', $sp_match);
+				$sp_match = str_replace(preg_quote($token, '!'), $sp_tokens[$token_type], $sp_match);
 				$sp_replace = str_replace($token, '${' . ($n + 1) . '}', $sp_replace);
 			}
 

phpBB/includes/acp/acp_board.php

@@ -9,6 +9,14 @@
 * @todo add cron intervals to server settings? (database_gc, queue_interval, session_gc, search_gc, cache_gc, warnings_gc)
 */
 
+/**
+* @ignore
+*/
+if (!defined('IN_PHPBB'))
+{
+	exit;
+}
+
 /**
 * @package acp
 */
@@ -27,6 +35,9 @@ class acp_board
 		$action	= request_var('action', '');
 		$submit = (isset($_POST['submit'])) ? true : false;
 
+		$form_key = 'acp_board';
+		add_form_key($form_key);
+
 		/**
 		*	Validation types are:
 		*		string, int, bool,
@@ -73,9 +84,10 @@ class acp_board
 						'allow_sig'				=> array('lang' => 'ALLOW_SIG',				'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => false),
 						'allow_nocensors'		=> array('lang' => 'ALLOW_NO_CENSORS',		'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => true),
 						'allow_bookmarks'		=> array('lang' => 'ALLOW_BOOKMARKS',		'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => true),
+						'allow_birthdays'		=> array('lang' => 'ALLOW_BIRTHDAYS',		'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => true),
 
 						'legend2'				=> 'ACP_LOAD_SETTINGS',
-						'load_birthdays'		=> array('lang' => 'YES_BIRTHDAYS',			'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => false),
+						'load_birthdays'		=> array('lang' => 'YES_BIRTHDAYS',			'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => true),
 						'load_moderators'		=> array('lang' => 'YES_MODERATORS',		'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => false),
 						'load_jumpbox'			=> array('lang' => 'YES_JUMPBOX',			'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => false),
 						'load_cpf_memberlist'	=> array('lang' => 'LOAD_CPF_MEMBERLIST',	'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => false),
@@ -211,6 +223,8 @@ class acp_board
 						'enable_confirm'		=> array('lang' => 'VISUAL_CONFIRM_REG',	'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => true),
 						'max_login_attempts'	=> array('lang' => 'MAX_LOGIN_ATTEMPTS',	'validate' => 'int',	'type' => 'text:3:3', 'explain' => true),
 						'max_reg_attempts'		=> array('lang' => 'REG_LIMIT',				'validate' => 'int',	'type' => 'text:4:4', 'explain' => true),
+						'min_time_reg'			=> array('lang' => 'MIN_TIME_REG',			'validate' => 'int',	'type' => 'text:3:3', 'explain' => true, 'append' => ' ' . $user->lang['SECONDS']),
+						'min_time_terms'		=> array('lang' => 'MIN_TIME_TERMS',		'validate' => 'int',	'type' => 'text:3:3', 'explain' => true, 'append' => ' ' . $user->lang['SECONDS']),
 
 						'legend3'			=> 'COPPA',
 						'coppa_enable'		=> array('lang' => 'ENABLE_COPPA',		'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => true),
@@ -250,7 +264,7 @@ class acp_board
 						'load_online'			=> array('lang' => 'YES_ONLINE',			'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => true),
 						'load_online_guests'	=> array('lang' => 'YES_ONLINE_GUESTS',		'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => true),
 						'load_onlinetrack'		=> array('lang' => 'YES_ONLINE_TRACK',		'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => true),
-						'load_birthdays'		=> array('lang' => 'YES_BIRTHDAYS',			'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => false),
+						'load_birthdays'		=> array('lang' => 'YES_BIRTHDAYS',			'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => true),
 						'load_moderators'		=> array('lang' => 'YES_MODERATORS',		'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => false),
 						'load_jumpbox'			=> array('lang' => 'YES_JUMPBOX',			'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => false),
 						'load_user_activity'	=> array('lang' => 'LOAD_USER_ACTIVITY',	'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => true),
@@ -313,6 +327,10 @@ class acp_board
 						'chg_passforce'			=> array('lang' => 'FORCE_PASS_CHANGE',		'validate' => 'int',	'type' => 'text:3:3', 'explain' => true, 'append' => ' ' . $user->lang['DAYS']),
 						'max_login_attempts'	=> array('lang' => 'MAX_LOGIN_ATTEMPTS',	'validate' => 'int',	'type' => 'text:3:3', 'explain' => true),
 						'tpl_allow_php'			=> array('lang' => 'TPL_ALLOW_PHP',			'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => true),
+						'form_token_lifetime'	=> array('lang' => 'FORM_TIME_MAX',			'validate' => 'int',	'type' => 'text:5:5', 'explain' => true, 'append' => ' ' . $user->lang['SECONDS']),
+						'form_token_mintime'	=> array('lang' => 'FORM_TIME_MIN',			'validate' => 'int',	'type' => 'text:5:5', 'explain' => true, 'append' => ' ' . $user->lang['SECONDS']),
+						'form_token_sid_guests'	=> array('lang' => 'FORM_SID_GUESTS',		'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => true),
+
 					)
 				);
 			break;
@@ -359,6 +377,10 @@ class acp_board
 		// We validate the complete config if whished
 		validate_config_vars($display_vars['vars'], $cfg_array, $error);
 
+		if ($submit && !check_form_key($form_key))
+		{
+			$error[] = $user->lang['FORM_INVALID'];
+		}
 		// Do not write values if there is an error
 		if (sizeof($error))
 		{
@@ -406,7 +428,7 @@ class acp_board
 				{
 					if (preg_match('#^auth_(.*?)\.' . $phpEx . '$#', $file))
 					{
-						$auth_plugins[] = preg_replace('#^auth_(.*?)\.' . $phpEx . '$#', '\1', $file);
+						$auth_plugins[] = basename(preg_replace('#^auth_(.*?)\.' . $phpEx . '$#', '\1', $file));
 					}
 				}
 				closedir($dp);
@@ -458,7 +480,7 @@ class acp_board
 
 			if ($submit && (($cfg_array['auth_method'] != $this->new_config['auth_method']) || $updated_auth_settings))
 			{
-				$method = $cfg_array['auth_method'];
+				$method = basename($cfg_array['auth_method']);
 				if ($method && in_array($method, $auth_plugins))
 				{
 					include_once($phpbb_root_path . 'includes/auth/auth_' . $method . '.' . $phpEx);
@@ -475,7 +497,7 @@ class acp_board
 							trigger_error($error . adm_back_link($this->u_action), E_USER_WARNING);
 						}
 					}
-					set_config('auth_method', $cfg_array['auth_method']);
+					set_config('auth_method', basename($cfg_array['auth_method']));
 				}
 				else
 				{
@@ -783,7 +805,7 @@ class acp_board
 		$user->timezone = $old_tz;
 		$user->dst = $old_dst;
 
-		return "<select name=\"dateoptions\" id=\"dateoptions\" onchange=\"if (this.value == 'custom') { document.getElementById('$key').value = '$value'; } else { document.getElementById('$key').value = this.value; }\">$dateformat_options</select>
+		return "<select name=\"dateoptions\" id=\"dateoptions\" onchange=\"if (this.value == 'custom') { document.getElementById('" . addslashes($key) . "').value = '" . addslashes($value) . "'; } else { document.getElementById('" . addslashes($key) . "').value = this.value; }\">$dateformat_options</select>
 		<input type=\"text\" name=\"config[$key]\" id=\"$key\" value=\"$value\" maxlength=\"30\" />";
 	}
 }

phpBB/includes/acp/acp_bots.php

@@ -1,13 +1,21 @@
 <?php
-/** 
+/**
 *
 * @package acp
 * @version $Id$
-* @copyright (c) 2005 phpBB Group 
-* @license http://opensource.org/licenses/gpl-license.php GNU Public License 
+* @copyright (c) 2005 phpBB Group
+* @license http://opensource.org/licenses/gpl-license.php GNU Public License
 *
 */
 
+/**
+* @ignore
+*/
+if (!defined('IN_PHPBB'))
+{
+	exit;
+}
+
 /**
 * @package acp
 */
@@ -35,6 +43,13 @@ class acp_bots
 		$user->add_lang('acp/bots');
 		$this->tpl_name = 'acp_bots';
 		$this->page_title = 'ACP_BOTS';
+		$form_key = 'acp_bots';
+		add_form_key($form_key);
+
+		if ($submit && !check_form_key($form_key))
+		{
+			$error[] = $user->lang['FORM_INVALID'];
+		}
 
 		// User wants to do something, how inconsiderate of them!
 		switch ($action)
@@ -44,7 +59,7 @@ class acp_bots
 				{
 					$sql_id = ($bot_id) ? " = $bot_id" : ' IN (' . implode(', ', $mark) . ')';
 
-					$sql = 'UPDATE ' . BOTS_TABLE . " 
+					$sql = 'UPDATE ' . BOTS_TABLE . "
 						SET bot_active = 1
 						WHERE bot_id $sql_id";
 					$db->sql_query($sql);
@@ -58,7 +73,7 @@ class acp_bots
 				{
 					$sql_id = ($bot_id) ? " = $bot_id" : ' IN (' . implode(', ', $mark) . ')';
 
-					$sql = 'UPDATE ' . BOTS_TABLE . " 
+					$sql = 'UPDATE ' . BOTS_TABLE . "
 						SET bot_active = 0
 						WHERE bot_id $sql_id";
 					$db->sql_query($sql);
@@ -75,8 +90,8 @@ class acp_bots
 						// We need to delete the relevant user, usergroup and bot entries ...
 						$sql_id = ($bot_id) ? " = $bot_id" : ' IN (' . implode(', ', $mark) . ')';
 
-						$sql = 'SELECT bot_name, user_id 
-							FROM ' . BOTS_TABLE . " 
+						$sql = 'SELECT bot_name, user_id
+							FROM ' . BOTS_TABLE . "
 							WHERE bot_id $sql_id";
 						$result = $db->sql_query($sql);
 
@@ -90,7 +105,7 @@ class acp_bots
 
 						$db->sql_transaction('begin');
 
-						$sql = 'DELETE FROM ' . BOTS_TABLE . " 
+						$sql = 'DELETE FROM ' . BOTS_TABLE . "
 							WHERE bot_id $sql_id";
 						$db->sql_query($sql);
 
@@ -129,7 +144,7 @@ class acp_bots
 				include_once($phpbb_root_path . 'includes/functions_user.' . $phpEx);
 
 				$bot_row = array(
-					'bot_name'		=> request_var('bot_name', '', true),
+					'bot_name'		=> utf8_normalize_nfc(request_var('bot_name', '', true)),
 					'bot_agent'		=> request_var('bot_agent', ''),
 					'bot_ip'		=> request_var('bot_ip', ''),
 					'bot_active'	=> request_var('bot_active', true),
@@ -193,9 +208,9 @@ class acp_bots
 						// New bot? Create a new user and group entry
 						if ($action == 'add')
 						{
-							$sql = 'SELECT group_id, group_colour 
-								FROM ' . GROUPS_TABLE . " 
-								WHERE group_name = 'BOTS' 
+							$sql = 'SELECT group_id, group_colour
+								FROM ' . GROUPS_TABLE . "
+								WHERE group_name = 'BOTS'
 									AND group_type = " . GROUP_SPECIAL;
 							$result = $db->sql_query($sql);
 							$group_row = $db->sql_fetchrow($result);
@@ -208,22 +223,22 @@ class acp_bots
 						
 
 							$user_id = user_add(array(
-								'user_type'				=> (int) USER_IGNORE, 
-								'group_id'				=> (int) $group_row['group_id'], 
-								'username'				=> (string) $bot_row['bot_name'], 
+								'user_type'				=> (int) USER_IGNORE,
+								'group_id'				=> (int) $group_row['group_id'],
+								'username'				=> (string) $bot_row['bot_name'],
 								'user_regdate'			=> time(),
 								'user_password'			=> '',
 								'user_colour'			=> (string) $group_row['group_colour'],
 								'user_email'			=> '',
-								'user_lang'				=> (string) $bot_row['bot_lang'], 
+								'user_lang'				=> (string) $bot_row['bot_lang'],
 								'user_style'			=> (int) $bot_row['bot_style'],
 								'user_allow_massemail'	=> 0,
 							));
 	
 							$sql = 'INSERT INTO ' . BOTS_TABLE . ' ' . $db->sql_build_array('INSERT', array(
 								'user_id'		=> (int) $user_id,
-								'bot_name'		=> (string) $bot_row['bot_name'], 
-								'bot_active'	=> (int) $bot_row['bot_active'], 
+								'bot_name'		=> (string) $bot_row['bot_name'],
+								'bot_active'	=> (int) $bot_row['bot_active'],
 								'bot_agent'		=> (string) $bot_row['bot_agent'],
 								'bot_ip'		=> (string) $bot_row['bot_ip'])
 							);
@@ -233,8 +248,8 @@ class acp_bots
 						}
 						else if ($bot_id)
 						{
-							$sql = 'SELECT user_id, bot_name 
-								FROM ' . BOTS_TABLE . " 
+							$sql = 'SELECT user_id, bot_name
+								FROM ' . BOTS_TABLE . "
 								WHERE bot_id = $bot_id";
 							$result = $db->sql_query($sql);
 							$row = $db->sql_fetchrow($result);
@@ -260,8 +275,8 @@ class acp_bots
 							$db->sql_query($sql);
 
 							$sql = 'UPDATE ' . BOTS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', array(
-								'bot_name'		=> (string) $bot_row['bot_name'], 
-								'bot_active'	=> (int) $bot_row['bot_active'], 
+								'bot_name'		=> (string) $bot_row['bot_name'],
+								'bot_active'	=> (int) $bot_row['bot_active'],
 								'bot_agent'		=> (string) $bot_row['bot_agent'],
 								'bot_ip'		=> (string) $bot_row['bot_ip'])
 							) . " WHERE bot_id = $bot_id";
@@ -279,13 +294,13 @@ class acp_bots
 						$cache->destroy('_bots');
 						
 						add_log('admin', 'LOG_BOT_' . $log, $bot_row['bot_name']);
-						trigger_error($user->lang['BOT_' . $log] . adm_back_link($this->u_action . "&amp;id=$bot_id&amp;action=$action"));
+						trigger_error($user->lang['BOT_' . $log] . adm_back_link($this->u_action));
 					
 					}
 				}
 				else if ($bot_id)
 				{
-					$sql = 'SELECT b.*, u.user_lang, u.user_style 
+					$sql = 'SELECT b.*, u.user_lang, u.user_style
 						FROM ' . BOTS_TABLE . ' b, ' . USERS_TABLE . " u
 						WHERE b.bot_id = $bot_id
 							AND u.user_id = b.user_id";
@@ -351,7 +366,7 @@ class acp_bots
 			'S_BOT_OPTIONS'	=> $s_options)
 		);
 
-		$sql = 'SELECT b.bot_id, b.bot_name, b.bot_active, u.user_lastvisit 
+		$sql = 'SELECT b.bot_id, b.bot_name, b.bot_active, u.user_lastvisit
 			FROM ' . BOTS_TABLE . ' b, ' . USERS_TABLE . ' u
 			WHERE u.user_id = b.user_id
 			ORDER BY u.user_lastvisit DESC, b.bot_name ASC';
@@ -376,14 +391,19 @@ class acp_bots
 		$db->sql_freeresult($result);
 	}
 	
+	/**
+	* Validate bot name against username table
+	*/
 	function validate_botname($newname, $oldname = false)
 	{
 		global $db;
+
 		if ($oldname && utf8_clean_string($newname) === $oldname)
 		{
 			return true;
 		}
-		 // Admins might want to use names otherwise forbidden, thus we only check for duplicates.
+
+		// Admins might want to use names otherwise forbidden, thus we only check for duplicates.
 		$sql = 'SELECT username
 			FROM ' . USERS_TABLE . "
 			WHERE username_clean = '" . $db->sql_escape(utf8_clean_string($newname)) . "'";
@@ -391,14 +411,7 @@ class acp_bots
 		$row = $db->sql_fetchrow($result);
 		$db->sql_freeresult($result);
 		
-		if ($row)
-		{
-			return false;
-		}
-		else
-		{
-			return true;
-		}
+		return ($row) ? false : true;
 	}
 }
 

phpBB/includes/acp/acp_captcha.php

@@ -1,12 +1,20 @@
 <?php
-/** 
+/**
 *
 * @package acp
 * @version $Id$
-* @copyright (c) 2005 phpBB Group 
-* @license http://opensource.org/licenses/gpl-license.php GNU Public License 
+* @copyright (c) 2005 phpBB Group
+* @license http://opensource.org/licenses/gpl-license.php GNU Public License
 */
 
+/**
+* @ignore
+*/
+if (!defined('IN_PHPBB'))
+{
+	exit;
+}
+
 /**
 * @package acp
 */
@@ -46,7 +54,7 @@ class acp_captcha
 			}
 			$captcha = new captcha();
 			$captcha->execute(gen_rand_string(mt_rand(5, 8)), time());
-			exit;
+			exit_handler();
 		}
 
 		$config_vars = array(
@@ -57,9 +65,12 @@ class acp_captcha
 
 		$this->tpl_name = 'acp_captcha';
 		$this->page_title = 'ACP_VC_SETTINGS';
+		$form_key = 'acp_captcha';
+		add_form_key($form_key);
+
 		$submit = request_var('submit', '');
-		
-		if ($submit)
+
+		if ($submit && check_form_key($form_key))
 		{
 			$config_vars = array_keys($config_vars);
 			foreach ($config_vars as $config_var)
@@ -73,6 +84,10 @@ class acp_captcha
 			}
 			trigger_error($user->lang['CONFIG_UPDATED'] . adm_back_link($this->u_action));
 		}
+		else if ($submit)
+		{
+				trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action));
+		}
 		else
 		{
 			

phpBB/includes/acp/acp_database.php

@@ -1,13 +1,21 @@
 <?php
-/** 
+/**
 *
 * @package acp
 * @version $Id$
-* @copyright (c) 2005 phpBB Group 
-* @license http://opensource.org/licenses/gpl-license.php GNU Public License 
+* @copyright (c) 2005 phpBB Group
+* @license http://opensource.org/licenses/gpl-license.php GNU Public License
 *
 */
 
+/**
+* @ignore
+*/
+if (!defined('IN_PHPBB'))
+{
+	exit;
+}
+
 /**
 * @package acp
 */
@@ -48,7 +56,7 @@ class acp_database
 
 						if (!sizeof($table))
 						{
-							trigger_error($user->lang['TABLE_SELECT_ERROR'] . adm_back_link($this->u_action));
+							trigger_error($user->lang['TABLE_SELECT_ERROR'] . adm_back_link($this->u_action), E_USER_WARNING);
 						}
 
 						$store = $download = $structure = $schema_data = false;
@@ -165,7 +173,7 @@ class acp_database
 						$tables = get_tables($db);
 						foreach ($tables as $table_name)
 						{
-							if (strlen($table_prefix) === 0 || strpos($table_name, $table_prefix) === 0)
+							if (strlen($table_prefix) === 0 || stripos($table_name, $table_prefix) === 0)
 							{
 								$template->assign_block_vars('tables', array(
 									'TABLE'	=> $table_name
@@ -343,7 +351,7 @@ class acp_database
 											{
 												if ($sub === false)
 												{
-													trigger_error($user->lang['RESTORE_FAILURE'] . adm_back_link($this->u_action));
+													trigger_error($user->lang['RESTORE_FAILURE'] . adm_back_link($this->u_action), E_USER_WARNING);
 												}
 												pg_put_line($db->db_connect_id, $sub . "\n");
 											}
@@ -713,7 +721,7 @@ class mysql_extractor extends base_extractor
 
 			// Get field information
 			$field = array();
-			for ($i = 0; $i < $fields_cnt; $i++) 
+			for ($i = 0; $i < $fields_cnt; $i++)
 			{
 				$field[] = mysql_fetch_field($result, $i);
 			}
@@ -915,8 +923,8 @@ class sqlite_extractor extends base_extractor
 		$sql_data .= "DROP TABLE $table_name;\n";
 
 		$sql = "SELECT sql
-			FROM sqlite_master 
-			WHERE type = 'table' 
+			FROM sqlite_master
+			WHERE type = 'table'
 				AND name = '" . $db->sql_escape($table_name) . "'
 			ORDER BY type DESC, name;";
 		$result = $db->sql_query($sql);
@@ -974,8 +982,8 @@ class sqlite_extractor extends base_extractor
 		else
 		{
 			$sql = "SELECT sql
-				FROM sqlite_master 
-				WHERE type = 'table' 
+				FROM sqlite_master
+				WHERE type = 'table'
 					AND name = '" . $table_name . "'";
 			$table_data = sqlite_single_query($db->db_connect_id, $sql);
 			$table_data = preg_replace('#CREATE\s+TABLE\s+"?' . $table_name . '"?#i', '', $table_data);

phpBB/includes/acp/acp_disallow.php

@@ -1,13 +1,21 @@
 <?php
-/** 
+/**
 *
 * @package acp
 * @version $Id$
-* @copyright (c) 2005 phpBB Group 
-* @license http://opensource.org/licenses/gpl-license.php GNU Public License 
+* @copyright (c) 2005 phpBB Group
+* @license http://opensource.org/licenses/gpl-license.php GNU Public License
 *
 */
 
+/**
+* @ignore
+*/
+if (!defined('IN_PHPBB'))
+{
+	exit;
+}
+
 /**
 * @package acp
 */
@@ -28,12 +36,20 @@ class acp_disallow
 		$this->tpl_name = 'acp_disallow';
 		$this->page_title = 'ACP_DISALLOW_USERNAMES';
 
+		$form_key = 'acp_disallow';
+		add_form_key($form_key);
+
 		$disallow = (isset($_POST['disallow'])) ? true : false;
 		$allow = (isset($_POST['allow'])) ? true : false;
 
+		if (($allow || $disallow) && !check_form_key($form_key))
+		{
+			trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
+		}
+
 		if ($disallow)
 		{
-			$disallowed_user = str_replace('*', '%', request_var('disallowed_user', '', true));
+			$disallowed_user = str_replace('*', '%', utf8_normalize_nfc(request_var('disallowed_user', '', true)));
 
 			if (!$disallowed_user)
 			{

phpBB/includes/acp/acp_email.php

@@ -1,13 +1,21 @@
 <?php
-/** 
+/**
 *
 * @package acp
 * @version $Id$
-* @copyright (c) 2005 phpBB Group 
-* @license http://opensource.org/licenses/gpl-license.php GNU Public License 
+* @copyright (c) 2005 phpBB Group
+* @license http://opensource.org/licenses/gpl-license.php GNU Public License
 *
 */
 
+/**
+* @ignore
+*/
+if (!defined('IN_PHPBB'))
+{
+	exit;
+}
+
 /**
 * @package acp
 */
@@ -24,23 +32,31 @@ class acp_email
 		$this->tpl_name = 'acp_email';
 		$this->page_title = 'ACP_MASS_EMAIL';
 
+		$form_key = 'acp_email';
+		add_form_key($form_key);
+
 		// Set some vars
 		$submit = (isset($_POST['submit'])) ? true : false;
 		$error = array();
 
 		$usernames	= request_var('usernames', '', true);
 		$group_id	= request_var('g', 0);
-		$subject	= request_var('subject', '', true);
-		$message	= request_var('message', '', true);
+		$subject	= utf8_normalize_nfc(request_var('subject', '', true));
+		$message	= utf8_normalize_nfc(request_var('message', '', true));
 
 		// Do the job ...
 		if ($submit)
 		{
-			// Error checking needs to go here ... if no subject and/or no message then skip 
+			// Error checking needs to go here ... if no subject and/or no message then skip
 			// over the send and return to the form
 			$use_queue		= (isset($_POST['send_immediately'])) ? false : true;
 			$priority		= request_var('mail_priority_flag', MAIL_NORMAL_PRIORITY);
 
+			if (!check_form_key($form_key))
+			{
+				$error[] = $user->lang['FORM_INVALID'];
+			}
+
 			if (!$subject)
 			{
 				$error[] = $user->lang['NO_EMAIL_SUBJECT'];
@@ -56,7 +72,7 @@ class acp_email
 				if ($usernames)
 				{
 					// If giving usernames the admin is able to email inactive users too...
-					$sql = 'SELECT username, user_email, user_jabber, user_notify_type, user_lang 
+					$sql = 'SELECT username, user_email, user_jabber, user_notify_type, user_lang
 						FROM ' . USERS_TABLE . '
 						WHERE ' . $db->sql_in_set('username_clean', array_map('utf8_clean_string', explode("\n", $usernames))) . '
 							AND user_allow_massemail = 1
@@ -66,18 +82,18 @@ class acp_email
 				{
 					if ($group_id)
 					{
-						$sql = 'SELECT u.user_email, u.username, u.username_clean, u.user_lang, u.user_jabber, u.user_notify_type 
-							FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . ' ug 
+						$sql = 'SELECT u.user_email, u.username, u.username_clean, u.user_lang, u.user_jabber, u.user_notify_type
+							FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . ' ug
 							WHERE ug.group_id = ' . $group_id . '
 								AND ug.user_pending = 0
-								AND u.user_id = ug.user_id 
+								AND u.user_id = ug.user_id
 								AND u.user_allow_massemail = 1
 								AND u.user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')
 							ORDER BY u.user_lang, u.user_notify_type';
 					}
 					else
 					{
-						$sql = 'SELECT username, username_clean, user_email, user_jabber, user_notify_type, user_lang 
+						$sql = 'SELECT username, username_clean, user_email, user_jabber, user_notify_type, user_lang
 							FROM ' . USERS_TABLE . '
 							WHERE user_allow_massemail = 1
 								AND user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')
@@ -178,7 +194,7 @@ class acp_email
 				if ($usernames)
 				{
 					$usernames = explode("\n", $usernames);
-					add_log('admin', 'LOG_MASS_EMAIL', implode(', ', $usernames));
+					add_log('admin', 'LOG_MASS_EMAIL', implode(', ', utf8_normalize_nfc($usernames)));
 				}
 				else
 				{
@@ -235,7 +251,6 @@ class acp_email
 			'S_GROUP_OPTIONS'		=> $select_list,
 			'USERNAMES'				=> $usernames,
 			'U_FIND_USERNAME'		=> append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&amp;form=acp_email&amp;field=usernames'),
-			'UA_FIND_USERNAME'		=> append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=acp_email&field=usernames', false),
 			'SUBJECT'				=> $subject,
 			'MESSAGE'				=> $message,
 			'S_PRIORITY_OPTIONS'	=> $s_priority_options)

phpBB/includes/acp/acp_forums.php

@@ -8,6 +8,14 @@
 *
 */
 
+/**
+* @ignore
+*/
+if (!defined('IN_PHPBB'))
+{
+	exit;
+}
+
 /**
 * @package acp
 */
@@ -25,13 +33,20 @@ class acp_forums
 		$this->tpl_name = 'acp_forums';
 		$this->page_title = 'ACP_MANAGE_FORUMS';
 
+		$form_key = 'acp_forums';
+		add_form_key($form_key);
+
 		$action		= request_var('action', '');
 		$update		= (isset($_POST['update'])) ? true : false;
 		$forum_id	= request_var('f', 0);
 
 		$this->parent_id	= request_var('parent_id', 0);
-
 		$forum_data = $errors = array();
+		if ($update && !check_form_key($form_key))
+		{
+			$update = false;
+			$errors[] = $user->lang['FORM_INVALID'];
+		}
 
 		// Check additional permissions
 		switch ($action)
@@ -41,7 +56,7 @@ class acp_forums
 				$total = request_var('total', 0);
 
 				$this->display_progress_bar($start, $total);
-				exit;
+				exit_handler();
 			break;
 
 			case 'delete':
@@ -103,14 +118,14 @@ class acp_forums
 						'type_action'			=> request_var('type_action', ''),
 						'forum_status'			=> request_var('forum_status', ITEM_UNLOCKED),
 						'forum_parents'			=> '',
-						'forum_name'			=> request_var('forum_name', '', true),
+						'forum_name'			=> utf8_normalize_nfc(request_var('forum_name', '', true)),
 						'forum_link'			=> request_var('forum_link', ''),
 						'forum_link_track'		=> request_var('forum_link_track', false),
-						'forum_desc'			=> request_var('forum_desc', '', true),
+						'forum_desc'			=> utf8_normalize_nfc(request_var('forum_desc', '', true)),
 						'forum_desc_uid'		=> '',
 						'forum_desc_options'	=> 7,
 						'forum_desc_bitfield'	=> '',
-						'forum_rules'			=> request_var('forum_rules', '', true),
+						'forum_rules'			=> utf8_normalize_nfc(request_var('forum_rules', '', true)),
 						'forum_rules_uid'		=> '',
 						'forum_rules_options'	=> 7,
 						'forum_rules_bitfield'	=> '',
@@ -118,8 +133,8 @@ class acp_forums
 						'forum_image'			=> request_var('forum_image', ''),
 						'forum_style'			=> request_var('forum_style', 0),
 						'display_on_index'		=> request_var('display_on_index', false),
-						'forum_topics_per_page'	=> request_var('topics_per_page', 0), 
-						'enable_indexing'		=> request_var('enable_indexing', true), 
+						'forum_topics_per_page'	=> request_var('topics_per_page', 0),
+						'enable_indexing'		=> request_var('enable_indexing', true),
 						'enable_icons'			=> request_var('enable_icons', false),
 						'enable_prune'			=> request_var('enable_prune', false),
 						'enable_post_review'	=> request_var('enable_post_review', true),
@@ -131,6 +146,7 @@ class acp_forums
 						'prune_sticky'			=> request_var('prune_sticky', false),
 						'forum_password'		=> request_var('forum_password', '', true),
 						'forum_password_confirm'=> request_var('forum_password_confirm', '', true),
+						'forum_password_unset'	=> request_var('forum_password_unset', false),
 					);
 
 					// Use link_display_on_index setting if forum type is link
@@ -163,7 +179,8 @@ class acp_forums
 						$forum_perm_from = request_var('forum_perm_from', 0);
 
 						// Copy permissions?
-						if ($forum_perm_from)
+						if ($forum_perm_from && !empty($forum_perm_from) && $forum_perm_from != $forum_data['forum_id'] &&
+							(($action != 'edit') || empty($forum_id) || ($auth->acl_get('a_fauth') && $auth->acl_get('a_authusers') && $auth->acl_get('a_authgroups') && $auth->acl_get('a_mauth'))))
 						{
 							// if we edit a forum delete current permissions first
 							if ($action == 'edit')
@@ -222,6 +239,7 @@ class acp_forums
 							// Now insert the data
 							$db->sql_multi_insert(ACL_USERS_TABLE, $users_sql_ary);
 							$db->sql_multi_insert(ACL_GROUPS_TABLE, $groups_sql_ary);
+							cache_moderators();
 						}
 
 						$auth->acl_clear_prefetch();
@@ -343,7 +361,7 @@ class acp_forums
 
 						$template->assign_vars(array(
 							'U_PROGRESS_BAR'		=> $this->u_action . "&action=progress_bar&start=$topics_done&total={$row['forum_topics_real']}",
-							'UA_PROGRESS_BAR'		=> str_replace('&', '&', $this->u_action) . "&action=progress_bar&start=$topics_done&total={$row['forum_topics_real']}",
+							'UA_PROGRESS_BAR'		=> addslashes($this->u_action . "&action=progress_bar&start=$topics_done&total={$row['forum_topics_real']}"),
 							'S_CONTINUE_SYNC'		=> true,
 							'L_PROGRESS_EXPLAIN'	=> sprintf($user->lang['SYNC_IN_PROGRESS_EXPLAIN'], $topics_done, $row['forum_topics_real']))
 						);
@@ -357,7 +375,7 @@ class acp_forums
 
 				$template->assign_vars(array(
 					'U_PROGRESS_BAR'		=> $this->u_action . '&action=progress_bar',
-					'UA_PROGRESS_BAR'		=> str_replace('&', '&', $this->u_action) . '&action=progress_bar',
+					'UA_PROGRESS_BAR'		=> addslashes($this->u_action . '&action=progress_bar'),
 					'S_CONTINUE_SYNC'		=> true,
 					'L_PROGRESS_EXPLAIN'	=> sprintf($user->lang['SYNC_IN_PROGRESS_EXPLAIN'], 0, $row['forum_topics_real']))
 				);
@@ -445,7 +463,7 @@ class acp_forums
 							'parent_id'				=> $this->parent_id,
 							'forum_type'			=> FORUM_POST,
 							'forum_status'			=> ITEM_UNLOCKED,
-							'forum_name'			=> request_var('forum_name', '', true),
+							'forum_name'			=> utf8_normalize_nfc(request_var('forum_name', '', true)),
 							'forum_link'			=> '',
 							'forum_link_track'		=> false,
 							'forum_desc'			=> '',
@@ -454,8 +472,8 @@ class acp_forums
 							'forum_image'			=> '',
 							'forum_style'			=> 0,
 							'display_on_index'		=> false,
-							'forum_topics_per_page'	=> 0, 
-							'enable_indexing'		=> true, 
+							'forum_topics_per_page'	=> 0,
+							'enable_indexing'		=> true,
 							'enable_icons'			=> false,
 							'enable_prune'			=> false,
 							'prune_days'			=> 7,
@@ -593,6 +611,11 @@ class acp_forums
 						}
 					}
 				}
+				
+				if (strlen($forum_data['forum_password']) == 32)
+				{
+					$errors[] = $user->lang['FORUM_PASSWORD_OLD'];
+				}
 
 				$template->assign_vars(array(
 					'S_EDIT_FORUM'		=> true,
@@ -619,8 +642,6 @@ class acp_forums
 					'PRUNE_DAYS'				=> $forum_data['prune_days'],
 					'PRUNE_VIEWED'				=> $forum_data['prune_viewed'],
 					'TOPICS_PER_PAGE'			=> $forum_data['forum_topics_per_page'],
-					'FORUM_PASSWORD'			=> $forum_data['forum_password'],
-					'FORUM_PASSWORD_CONFIRM'	=> $forum_data['forum_password_confirm'],
 					'FORUM_RULES_LINK'			=> $forum_data['forum_rules_link'],
 					'FORUM_RULES'				=> $forum_data['forum_rules'],
 					'FORUM_RULES_PREVIEW'		=> $forum_rules_preview,
@@ -628,6 +649,7 @@ class acp_forums
 					'S_BBCODE_CHECKED'			=> ($forum_rules_data['allow_bbcode']) ? true : false,
 					'S_SMILIES_CHECKED'			=> ($forum_rules_data['allow_smilies']) ? true : false,
 					'S_URLS_CHECKED'			=> ($forum_rules_data['allow_urls']) ? true : false,
+					'S_FORUM_PASSWORD_SET'		=> (empty($forum_data['forum_password'])) ? false : true,
 
 					'FORUM_DESC'				=> $forum_desc_data['text'],
 					'S_DESC_BBCODE_CHECKED'		=> ($forum_desc_data['allow_bbcode']) ? true : false,
@@ -638,7 +660,7 @@ class acp_forums
 					'S_STATUS_OPTIONS'			=> $statuslist,
 					'S_PARENT_OPTIONS'			=> $parents_list,
 					'S_STYLES_OPTIONS'			=> $styles_list,
-					'S_FORUM_OPTIONS'			=> make_forum_select(($action == 'add') ? $forum_data['parent_id'] : false, false, false, false, false),
+					'S_FORUM_OPTIONS'			=> make_forum_select(($action == 'add') ? $forum_data['parent_id'] : false, ($action == 'edit') ? $forum_data['forum_id'] : false, false, false, false),
 					'S_SHOW_DISPLAY_ON_INDEX'	=> $s_show_display_on_index,
 					'S_FORUM_POST'				=> ($forum_data['forum_type'] == FORUM_POST) ? true : false,
 					'S_FORUM_ORIG_POST'			=> (isset($old_forum_type) && $old_forum_type == FORUM_POST) ? true : false,
@@ -656,8 +678,8 @@ class acp_forums
 					'S_PRUNE_STICKY'			=> ($forum_data['forum_flags'] & FORUM_FLAG_PRUNE_STICKY) ? true : false,
 					'S_DISPLAY_ACTIVE_TOPICS'	=> ($forum_data['forum_flags'] & FORUM_FLAG_ACTIVE_TOPICS) ? true : false,
 					'S_ENABLE_POST_REVIEW'		=> ($forum_data['forum_flags'] & FORUM_FLAG_POST_REVIEW) ? true : false,
-					)
-				);
+					'S_CAN_COPY_PERMISSIONS'	=> ($action != 'edit' || empty($forum_id) || ($auth->acl_get('a_fauth') && $auth->acl_get('a_authusers') && $auth->acl_get('a_authgroups') && $auth->acl_get('a_mauth'))) ? true : false,
+				));
 
 				return;
 
@@ -829,8 +851,8 @@ class acp_forums
 			'U_ACTION'		=> $this->u_action . '&parent_id=' . $this->parent_id,
 
 			'U_PROGRESS_BAR'	=> $this->u_action . '&action=progress_bar',
-			'UA_PROGRESS_BAR'	=> str_replace('&', '&', $this->u_action) . '&action=progress_bar')
-		);
+			'UA_PROGRESS_BAR'	=> addslashes($this->u_action . '&action=progress_bar'),
+		));
 	}
 
 	/**
@@ -928,6 +950,21 @@ class acp_forums
 			return $errors;
 		}
 
+		// As we don't know the old password, it's kinda tricky to detect changes
+		if ($forum_data_sql['forum_password_unset'])
+		{
+			$forum_data_sql['forum_password'] = '';
+		}
+		else if (empty($forum_data_sql['forum_password']))
+		{
+			unset($forum_data_sql['forum_password']);
+		}
+		else
+		{
+			$forum_data_sql['forum_password'] = phpbb_hash($forum_data_sql['forum_password']);
+		}
+		unset($forum_data_sql['forum_password_unset']);
+		
 		if (!isset($forum_data_sql['forum_id']))
 		{
 			// no forum_id means we're creating a new forum
@@ -991,6 +1028,13 @@ class acp_forums
 
 			if ($row['forum_type'] == FORUM_POST && $row['forum_type'] != $forum_data_sql['forum_type'])
 			{
+				// Has subforums and want to change into a link?
+				if ($row['right_id'] - $row['left_id'] > 1 && $forum_data_sql['forum_type'] == FORUM_LINK)
+				{
+					$errors[] = $user->lang['FORUM_WITH_SUBFORUMS_NOT_TO_LINK'];
+					return $errors;
+				}
+
 				// we're turning a postable forum into a non-postable forum
 				if ($forum_data_sql['type_action'] == 'move')
 				{
@@ -1062,7 +1106,7 @@ class acp_forums
 							$db->sql_query($sql);
 
 							// Delete forum ids from extension groups table
-							$sql = 'SELECT group_id, allowed_forums 
+							$sql = 'SELECT group_id, allowed_forums
 								FROM ' . EXTENSION_GROUPS_TABLE;
 							$result = $db->sql_query($sql);
 
@@ -1076,7 +1120,7 @@ class acp_forums
 								$allowed_forums = unserialize(trim($_row['allowed_forums']));
 								$allowed_forums = array_diff($allowed_forums, $forum_ids);
 
-								$sql = 'UPDATE ' . EXTENSION_GROUPS_TABLE . " 
+								$sql = 'UPDATE ' . EXTENSION_GROUPS_TABLE . "
 									SET allowed_forums = '" . ((sizeof($allowed_forums)) ? serialize($allowed_forums) : '') . "'
 									WHERE group_id = {$_row['group_id']}";
 								$db->sql_query($sql);
@@ -1093,7 +1137,7 @@ class acp_forums
 							return array($user->lang['NO_DESTINATION_FORUM']);
 						}
 
-						$sql = 'SELECT forum_name 
+						$sql = 'SELECT forum_name
 							FROM ' . FORUMS_TABLE . '
 							WHERE forum_id = ' . $subforums_to_id;
 						$result = $db->sql_query($sql);
@@ -1348,7 +1392,7 @@ class acp_forums
 			{
 				$log_action_posts = 'MOVE_POSTS';
 
-				$sql = 'SELECT forum_name 
+				$sql = 'SELECT forum_name
 					FROM ' . FORUMS_TABLE . '
 					WHERE forum_id = ' . $posts_to_id;
 				$result = $db->sql_query($sql);
@@ -1412,7 +1456,7 @@ class acp_forums
 			{
 				$log_action_forums = 'MOVE_FORUMS';
 
-				$sql = 'SELECT forum_name 
+				$sql = 'SELECT forum_name
 					FROM ' . FORUMS_TABLE . '
 					WHERE forum_id = ' . $subforums_to_id;
 				$result = $db->sql_query($sql);
@@ -1494,7 +1538,7 @@ class acp_forums
 		$db->sql_query($sql);
 
 		// Delete forum ids from extension groups table
-		$sql = 'SELECT group_id, allowed_forums 
+		$sql = 'SELECT group_id, allowed_forums
 			FROM ' . EXTENSION_GROUPS_TABLE;
 		$result = $db->sql_query($sql);
 
@@ -1508,7 +1552,7 @@ class acp_forums
 			$allowed_forums = unserialize(trim($row['allowed_forums']));
 			$allowed_forums = array_diff($allowed_forums, $forum_ids);
 
-			$sql = 'UPDATE ' . EXTENSION_GROUPS_TABLE . " 
+			$sql = 'UPDATE ' . EXTENSION_GROUPS_TABLE . "
 				SET allowed_forums = '" . ((sizeof($allowed_forums)) ? serialize($allowed_forums) : '') . "'
 				WHERE group_id = {$row['group_id']}";
 			$db->sql_query($sql);
@@ -1711,12 +1755,12 @@ class acp_forums
 			{
 				$sql = 'UPDATE ' . USERS_TABLE . '
 					SET user_posts = 0
-					WHERE user_id = ' . $poster_id . ' 
+					WHERE user_id = ' . $poster_id . '
 					AND user_posts < ' . $substract;
 				$db->sql_query($sql);
 				$sql = 'UPDATE ' . USERS_TABLE . '
 					SET user_posts = user_posts - ' . $substract . '
-					WHERE user_id = ' . $poster_id . ' 
+					WHERE user_id = ' . $poster_id . '
 					AND user_posts >= ' . $substract;
 				$db->sql_query($sql);
 			}
@@ -1725,7 +1769,7 @@ class acp_forums
 		$db->sql_transaction('commit');
 
 		// Make sure the overall post/topic count is correct...
-		$sql = 'SELECT COUNT(post_id) AS stat 
+		$sql = 'SELECT COUNT(post_id) AS stat
 			FROM ' . POSTS_TABLE . '
 			WHERE post_approved = 1';
 		$result = $db->sql_query($sql);
@@ -1835,7 +1879,7 @@ class acp_forums
 				ELSE {$diff_down}
 			END,
 			forum_parents = ''
-			WHERE 
+			WHERE
 				left_id BETWEEN {$left_id} AND {$right_id}
 				AND right_id BETWEEN {$left_id} AND {$right_id}";
 		$db->sql_query($sql);

phpBB/includes/acp/acp_groups.php

@@ -1,13 +1,21 @@
 <?php
-/** 
+/**
 *
 * @package acp
 * @version $Id$
-* @copyright (c) 2005 phpBB Group 
-* @license http://opensource.org/licenses/gpl-license.php GNU Public License 
+* @copyright (c) 2005 phpBB Group
+* @license http://opensource.org/licenses/gpl-license.php GNU Public License
 *
 */
 
+/**
+* @ignore
+*/
+if (!defined('IN_PHPBB'))
+{
+	exit;
+}
+
 /**
 * @package acp
 */
@@ -24,6 +32,9 @@ class acp_groups
 		$this->tpl_name = 'acp_groups';
 		$this->page_title = 'ACP_GROUPS_MANAGE';
 
+		$form_key = 'acp_groups';
+		add_form_key($form_key);
+
 		include($phpbb_root_path . 'includes/functions_user.' . $phpEx);
 
 		// Check and set some common vars
@@ -36,6 +47,7 @@ class acp_groups
 		$start		= request_var('start', 0);
 		$update		= (isset($_POST['update'])) ? true : false;
 
+
 		// Clear some vars
 		$can_upload = (file_exists($phpbb_root_path . $config['avatar_path']) && @is_writable($phpbb_root_path . $config['avatar_path']) && $file_uploads) ? true : false;
 		$group_row = array();
@@ -43,8 +55,8 @@ class acp_groups
 		// Grab basic data for group, if group_id is set and exists
 		if ($group_id)
 		{
-			$sql = 'SELECT * 
-				FROM ' . GROUPS_TABLE . " 
+			$sql = 'SELECT *
+				FROM ' . GROUPS_TABLE . "
 				WHERE group_id = $group_id";
 			$result = $db->sql_query($sql);
 			$group_row = $db->sql_fetchrow($result);
@@ -111,9 +123,9 @@ class acp_groups
 
 						do
 						{
-							$sql = 'SELECT user_id 
+							$sql = 'SELECT user_id
 								FROM ' . USER_GROUP_TABLE . "
-								WHERE group_id = $group_id 
+								WHERE group_id = $group_id
 								ORDER BY user_id";
 							$result = $db->sql_query_limit($sql, 200, $start);
 
@@ -251,15 +263,20 @@ class acp_groups
 
 				$error = array();
 				$user->add_lang('ucp');
-			
+
 				$avatar_select = basename(request_var('avatar_select', ''));
 				$category = basename(request_var('category', ''));
 
 				// Did we submit?
 				if ($update)
 				{
-					$group_name	= request_var('group_name', '', true);
-					$group_desc = request_var('group_desc', '', true);
+					if (!check_form_key($form_key))
+					{
+						trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
+					}
+
+					$group_name	= utf8_normalize_nfc(request_var('group_name', '', true));
+					$group_desc = utf8_normalize_nfc(request_var('group_desc', '', true));
 					$group_type	= request_var('group_type', GROUP_FREE);
 
 					$allow_desc_bbcode	= request_var('desc_parse_bbcode', false);
@@ -290,10 +307,10 @@ class acp_groups
 					{
 						// Avatar stuff
 						$var_ary = array(
-							'uploadurl'		=> array('string', true, 5, 255), 
-							'remotelink'	=> array('string', true, 5, 255), 
-							'width'			=> array('string', true, 1, 3), 
-							'height'		=> array('string', true, 1, 3), 
+							'uploadurl'		=> array('string', true, 5, 255),
+							'remotelink'	=> array('string', true, 5, 255),
+							'width'			=> array('string', true, 1, 3),
+							'height'		=> array('string', true, 1, 3),
 						);
 
 						if (!($error = validate_data($data, $var_ary)))
@@ -366,7 +383,7 @@ class acp_groups
 					if (!sizeof($error))
 					{
 						// Only set the rank, colour, etc. if it's changed or if we're adding a new
-						// group. This prevents existing group members being updated if no changes 
+						// group. This prevents existing group members being updated if no changes
 						// were made.
 
 						$group_attributes = array();
@@ -450,7 +467,7 @@ class acp_groups
 				}
 				else if (!$group_id)
 				{
-					$group_name = request_var('group_name', '', true);
+					$group_name = utf8_normalize_nfc(request_var('group_name', '', true));
 					$group_desc_data = array(
 						'text'			=> '',
 						'allow_bbcode'	=> true,
@@ -468,7 +485,7 @@ class acp_groups
 					$group_rank = $group_row['group_rank'];
 				}
 
-				$sql = 'SELECT * 
+				$sql = 'SELECT *
 					FROM ' . RANKS_TABLE . '
 					WHERE rank_special = 1
 					ORDER BY rank_title';
@@ -558,7 +575,6 @@ class acp_groups
 
 					'U_BACK'			=> $u_back,
 					'U_SWATCH'			=> append_sid("{$phpbb_admin_path}swatch.$phpEx", 'form=settings&amp;name=group_colour'),
-					'UA_SWATCH'			=> append_sid("{$phpbb_admin_path}swatch.$phpEx", 'form=settings&name=group_colour', false),
 					'U_ACTION'			=> "{$this->u_action}&amp;action=$action&amp;g=$group_id",
 					'L_AVATAR_EXPLAIN'	=> sprintf($user->lang['AVATAR_EXPLAIN'], $config['avatar_max_width'], $config['avatar_max_height'], round($config['avatar_filesize'] / 1024)),
 					)
@@ -577,9 +593,9 @@ class acp_groups
 				$this->page_title = 'GROUP_MEMBERS';
 
 				// Grab the leaders - always, on every page...
-				$sql = 'SELECT u.user_id, u.username, u.username_clean, u.user_regdate, u.user_posts, u.group_id, ug.group_leader, ug.user_pending 
-					FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug 
-					WHERE ug.group_id = $group_id 
+				$sql = 'SELECT u.user_id, u.username, u.username_clean, u.user_regdate, u.user_posts, u.group_id, ug.group_leader, ug.user_pending
+					FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug
+					WHERE ug.group_id = $group_id
 						AND u.user_id = ug.user_id
 						AND ug.group_leader = 1
 					ORDER BY ug.group_leader DESC, ug.user_pending ASC, u.username_clean";
@@ -600,9 +616,9 @@ class acp_groups
 				$db->sql_freeresult($result);
 
 				// Total number of group members (non-leaders)
-				$sql = 'SELECT COUNT(user_id) AS total_members 
-					FROM ' . USER_GROUP_TABLE . " 
-					WHERE group_id = $group_id 
+				$sql = 'SELECT COUNT(user_id) AS total_members
+					FROM ' . USER_GROUP_TABLE . "
+					WHERE group_id = $group_id
 						AND group_leader = 0";
 				$result = $db->sql_query($sql);
 				$total_members = (int) $db->sql_fetchfield('total_members');
@@ -628,14 +644,13 @@ class acp_groups
 					'U_ACTION'			=> $this->u_action . "&amp;g=$group_id",
 					'U_BACK'			=> $this->u_action,
 					'U_FIND_USERNAME'	=> append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&amp;form=list&amp;field=usernames'),
-					'UA_FIND_USERNAME'	=> append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=list&field=usernames', false),
-					'U_DEFAULT_ALL'		=> "{$this->u_action}&amp;action=default&amp;g=$group_id")
-				);
+					'U_DEFAULT_ALL'		=> "{$this->u_action}&amp;action=default&amp;g=$group_id",
+				));
 
 				// Grab the members
-				$sql = 'SELECT u.user_id, u.username, u.username_clean, u.user_regdate, u.user_posts, u.group_id, ug.group_leader, ug.user_pending 
-					FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug 
-					WHERE ug.group_id = $group_id 
+				$sql = 'SELECT u.user_id, u.username, u.username_clean, u.user_regdate, u.user_posts, u.group_id, ug.group_leader, ug.user_pending
+					FROM ' . USERS_TABLE . ' u, ' . USER_GROUP_TABLE . " ug
+					WHERE ug.group_id = $group_id
 						AND u.user_id = ug.user_id
 						AND ug.group_leader = 0
 					ORDER BY ug.group_leader DESC, ug.user_pending ASC, u.username_clean";

phpBB/includes/acp/acp_icons.php

@@ -1,13 +1,21 @@
 <?php
-/** 
+/**
 *
 * @package acp
 * @version $Id$
-* @copyright (c) 2005 phpBB Group 
-* @license http://opensource.org/licenses/gpl-license.php GNU Public License 
+* @copyright (c) 2005 phpBB Group
+* @license http://opensource.org/licenses/gpl-license.php GNU Public License
 *
 */
 
+/**
+* @ignore
+*/
+if (!defined('IN_PHPBB'))
+{
+	exit;
+}
+
 /**
 * @todo [smilies] check regular expressions for special char replacements (stored specialchared in db)
 * @package acp
@@ -30,6 +38,8 @@ class acp_icons
 		$action = (isset($_POST['import'])) ? 'import' : $action;
 		$icon_id = request_var('id', 0);
 
+		$mode = ($mode == 'smilies') ? 'smilies' : 'icons';
+
 		$this->tpl_name = 'acp_icons';
 
 		// What are we working on?
@@ -79,15 +89,17 @@ class acp_icons
 			}
 			unset($imglist);
 
-			$dir = @opendir($phpbb_root_path . $img_path);
-			while (($file = @readdir($dir)) !== false)
+			if ($dir = @opendir($phpbb_root_path . $img_path))
 			{
-				if (is_file($phpbb_root_path . $img_path . '/' . $file) && preg_match('#\.pak$#i', $file))
+				while (($file = readdir($dir)) !== false)
 				{
-					$_paks[] = $file;
+					if (is_file($phpbb_root_path . $img_path . '/' . $file) && preg_match('#\.pak$#i', $file))
+					{
+						$_paks[] = $file;
+					}
 				}
+				closedir($dir);
 			}
-			@closedir($dir);
 		}
 
 		// What shall we do today? Oops, I believe that's trademarked ...
@@ -106,7 +118,7 @@ class acp_icons
 
 				if ($action == 'add' && $mode == 'smilies')
 				{
-					$sql = 'SELECT * 
+					$sql = 'SELECT *
 						FROM ' . SMILIES_TABLE . '
 						ORDER BY smiley_order';
 					$result = $db->sql_query($sql);
@@ -144,13 +156,19 @@ class acp_icons
 						}
 					}
 				}
-
-				$sql = "SELECT * 
-					FROM $table 
+				
+				$sql = "SELECT *
+					FROM $table
 					ORDER BY {$fields}_order " . (($icon_id || $action == 'add') ? 'DESC' : 'ASC');
 				$result = $db->sql_query($sql);
-
+				
 				$data = array();
+				$after = false;
+				$display = 0;
+				$order_lists = array('', '');
+				$add_order_lists = array('', '');
+				$display_count = 0;
+				
 				while ($row = $db->sql_fetchrow($result))
 				{
 					if ($action == 'add')
@@ -158,9 +176,11 @@ class acp_icons
 						unset($_images[$row[$fields . '_url']]);
 					}
 
+
 					if ($row[$fields . '_id'] == $icon_id)
 					{
 						$after = true;
+						$display = $row['display_on_posting'];
 						$data[$row[$fields . '_url']] = $row;
 					}
 					else
@@ -176,19 +196,23 @@ class acp_icons
 							$selected = ' selected="selected"';
 							$after = false;
 						}
-
+						if ($row['display_on_posting'])
+						{
+							$display_count++;
+						}
 						$after_txt = ($mode == 'smilies') ? $row['code'] : $row['icons_url'];
-						$order_list = '<option value="' . ($row[$fields . '_order'] + 1) . '"' . $selected . '>' . sprintf($user->lang['AFTER_' . $lang], ' -&gt; ' . $after_txt) . '</option>' . $order_list;
+						$order_lists[$row['display_on_posting']] = '<option value="' . ($row[$fields . '_order'] + 1) . '"' . $selected . '>' . sprintf($user->lang['AFTER_' . $lang], ' -&gt; ' . $after_txt) . '</option>' . $order_lists[$row['display_on_posting']];
 
 						if (!empty($default_row))
 						{
-							$add_order_list = '<option value="' . ($row[$fields . '_order'] + 1) . '"' . (($row[$fields . '_id'] == $default_row['smiley_id']) ? ' selected="selected"' : '') . '>' . sprintf($user->lang['AFTER_' . $lang], ' -&gt; ' . $after_txt) . '</option>' . $add_order_list;
+							$add_order_lists[$row['display_on_posting']] = '<option value="' . ($row[$fields . '_order'] + 1) . '"' . (($row[$fields . '_id'] == $default_row['smiley_id']) ? ' selected="selected"' : '') . '>' . sprintf($user->lang['AFTER_' . $lang], ' -&gt; ' . $after_txt) . '</option>' . $add_order_lists[$row['display_on_posting']];
 						}
 					}
 				}
 				$db->sql_freeresult($result);
 
-				$order_list = '<option value="1"' . ((!isset($after)) ? ' selected="selected"' : '') . '>' . $user->lang['FIRST'] . '</option>' . $order_list;
+				$order_list = '<option value="1"' . ((!isset($after)) ? ' selected="selected"' : '') . '>' . $user->lang['FIRST'] . '</option>';
+				$add_order_list = '<option value="1">' . $user->lang['FIRST'] . '</option>';
 
 				if ($action == 'add')
 				{
@@ -198,12 +222,15 @@ class acp_icons
 				$colspan = (($mode == 'smilies') ? '7' : '5');
 				$colspan += ($icon_id) ? 1 : 0;
 				$colspan += ($action == 'add') ? 2 : 0;
-
+				
 				$template->assign_vars(array(
 					'S_EDIT'		=> true,
 					'S_SMILIES'		=> ($mode == 'smilies') ? true : false,
 					'S_ADD'			=> ($action == 'add') ? true : false,
-					'S_ORDER_LIST'	=> $order_list,
+					
+					'S_ORDER_LIST_DISPLAY'		=> $order_list . $order_lists[1],
+					'S_ORDER_LIST_UNDISPLAY'	=> $order_list . $order_lists[0],
+					'S_ORDER_LIST_DISPLAY_COUNT'	=> $display_count + 1,
 
 					'L_TITLE'		=> $user->lang['ACP_' . $lang],
 					'L_EXPLAIN'		=> $user->lang['ACP_' . $lang . '_EXPLAIN'],
@@ -226,6 +253,7 @@ class acp_icons
 				{
 					$template->assign_block_vars('items', array(
 						'IMG'		=> $img,
+						'A_IMG'		=> addslashes($img),
 						'IMG_SRC'	=> $phpbb_root_path . $img_path . '/' . $img,
 
 						'CODE'		=> ($mode == 'smilies' && isset($img_row['code'])) ? $img_row['code'] : '',
@@ -246,7 +274,10 @@ class acp_icons
 						'S_ADD_CODE'		=> true,
 
 						'S_IMG_OPTIONS'		=> $smiley_options,
-						'S_ADD_ORDER_LIST'	=> $add_order_list,
+						
+						'S_ADD_ORDER_LIST_DISPLAY'		=> $add_order_list . $add_order_lists[1],
+						'S_ADD_ORDER_LIST_UNDISPLAY'	=> $add_order_list . $add_order_lists[0],
+						
 						'IMG_SRC'			=> $phpbb_root_path . $img_path . '/' . $default_row['smiley_url'],
 						'IMG_PATH'			=> $img_path,
 						'PHPBB_ROOT_PATH'	=> $phpbb_root_path,
@@ -275,16 +306,16 @@ class acp_icons
 				$image_width	= (isset($_POST['width'])) ? request_var('width', array('' => 0)) : array();
 				$image_height	= (isset($_POST['height'])) ? request_var('height', array('' => 0)) : array();
 				$image_add		= (isset($_POST['add_img'])) ? request_var('add_img', array('' => 0)) : array();
-				$image_emotion	= request_var('emotion', array('' => ''), true);
-				$image_code		= request_var('code', array('' => ''), true);
+				$image_emotion	= utf8_normalize_nfc(request_var('emotion', array('' => ''), true));
+				$image_code		= utf8_normalize_nfc(request_var('code', array('' => ''), true));
 				$image_display_on_posting = (isset($_POST['display_on_posting'])) ? request_var('display_on_posting', array('' => 0)) : array();
 
 				// Ok, add the relevant bits if we are adding new codes to existing emoticons...
 				if (!empty($_POST['add_additional_code']))
 				{
 					$add_image			= request_var('add_image', '');
-					$add_code			= request_var('add_code', '', true);
-					$add_emotion		= request_var('add_emotion', '', true);
+					$add_code			= utf8_normalize_nfc(request_var('add_code', '', true));
+					$add_emotion		= utf8_normalize_nfc(request_var('add_emotion', '', true));
 
 					if ($add_image && $add_emotion && $add_code)
 					{
@@ -305,6 +336,7 @@ class acp_icons
 					}
 				}
 
+				$icons_updated = 0;
 				foreach ($images as $image)
 				{
 					if (($mode == 'smilies' && ($image_emotion[$image] == '' || $image_code[$image] == '')) ||
@@ -336,7 +368,7 @@ class acp_icons
 						}
 
 						// Image_order holds the 'new' order value
-						if (!empty($image_order[$image]) && !empty($$image_id[$image]))
+						if (!empty($image_order[$image]))
 						{
 							$img_sql = array_merge($img_sql, array(
 								$fields . '_order'	=>	$image_order[$image])
@@ -363,31 +395,49 @@ class acp_icons
 							}
 						}
 
-						if ($action == 'modify')
+						if ($action == 'modify'  && !empty($image_id[$image]))
 						{
 							$sql = "UPDATE $table
-								SET " . $db->sql_build_array('UPDATE', $img_sql) . " 
+								SET " . $db->sql_build_array('UPDATE', $img_sql) . "
 								WHERE {$fields}_id = " . $image_id[$image];
 							$db->sql_query($sql);
+							$icons_updated++;
 						}
-						else
+						else if ($action !== 'modify')
 						{
 							$sql = "INSERT INTO $table " . $db->sql_build_array('INSERT', $img_sql);
 							$db->sql_query($sql);
+							$icons_updated++;
 						}
-					}
+						
+ 					}
 				}
 				
 				$cache->destroy('_icons');
 				$cache->destroy('sql', $table);
-
+				
+				$level = E_USER_NOTICE;
+				switch ($icons_updated)
+				{
+					case 0:
+						$suc_lang = "{$lang}_NONE";
+						$level = E_USER_WARNING;
+						break;
+						
+					case 1:
+						$suc_lang = "{$lang}_ONE";
+						break;
+						
+					default:
+						$suc_lang = $lang;
+				}
 				if ($action == 'modify')
 				{
-					trigger_error($user->lang[$lang . '_EDITED'] . adm_back_link($this->u_action));
+					trigger_error($user->lang[$suc_lang . '_EDITED'] . adm_back_link($this->u_action), $level);
 				}
 				else
 				{
-					trigger_error($user->lang[$lang . '_ADDED'] . adm_back_link($this->u_action));
+					trigger_error($user->lang[$suc_lang . '_ADDED'] . adm_back_link($this->u_action), $level);
 				}
 
 			break;
@@ -409,9 +459,9 @@ class acp_icons
 					// Make sure the pak_ary is valid
 					foreach ($pak_ary as $pak_entry)
 					{
-						if (preg_match_all("#'(.*?)', #", $pak_entry, $data))
+						if (preg_match_all("#'(.*?)', ?#", $pak_entry, $data))
 						{
-							if ((sizeof($data[1]) != 4 && $mode == 'icons') || 
+							if ((sizeof($data[1]) != 4 && $mode == 'icons') ||
 								(sizeof($data[1]) != 6 && $mode == 'smilies'))
 							{
 								trigger_error($user->lang['WRONG_PAK_TYPE'] . adm_back_link($this->u_action), E_USER_WARNING);
@@ -451,7 +501,7 @@ class acp_icons
 							break;
 						}
 					}
-					else 
+					else
 					{
 						$cur_img = array();
 
@@ -472,9 +522,9 @@ class acp_icons
 					foreach ($pak_ary as $pak_entry)
 					{
 						$data = array();
-						if (preg_match_all("#'(.*?)', #", $pak_entry, $data))
+						if (preg_match_all("#'(.*?)', ?#", $pak_entry, $data))
 						{
-							if ((sizeof($data[1]) != 4 && $mode == 'icons') || 
+							if ((sizeof($data[1]) != 4 && $mode == 'icons') ||
 								(sizeof($data[1]) != 6 && $mode == 'smilies'))
 							{
 								trigger_error($user->lang['WRONG_PAK_TYPE'] . adm_back_link($this->u_action), E_USER_WARNING);
@@ -492,8 +542,8 @@ class acp_icons
 								$code = stripslashes($data[1][5]);
 							}
 
-							if ($current == 'replace' && 
-								(($mode == 'smilies' && !empty($cur_img[$code])) || 
+							if ($current == 'replace' &&
+								(($mode == 'smilies' && !empty($cur_img[$code])) ||
 								($mode == 'icons' && !empty($cur_img[$img]))))
 							{
 								$replace_sql = ($mode == 'smilies') ? $code : $img;
@@ -511,7 +561,7 @@ class acp_icons
 									));
 								}
 
-								$sql = "UPDATE $table SET " . $db->sql_build_array('UPDATE', $sql) . " 
+								$sql = "UPDATE $table SET " . $db->sql_build_array('UPDATE', $sql) . "
 									WHERE $field_sql = '" . $db->sql_escape($replace_sql) . "'";
 								$db->sql_query($sql);
 							}
@@ -578,7 +628,10 @@ class acp_icons
 
 				$template->assign_vars(array(
 					'MESSAGE_TITLE'		=> $user->lang['EXPORT_' . $lang],
-					'MESSAGE_TEXT'		=> sprintf($user->lang['EXPORT_' . $lang . '_EXPLAIN'], '<a href="' . $this->u_action . '&amp;action=send">', '</a>'))
+					'MESSAGE_TEXT'		=> sprintf($user->lang['EXPORT_' . $lang . '_EXPLAIN'], '<a href="' . $this->u_action . '&amp;action=send">', '</a>'),
+
+					'S_USER_NOTICE'		=> true,
+					)
 				);
 
 				return;
@@ -587,7 +640,7 @@ class acp_icons
 
 			case 'send':
 
-				$sql = "SELECT * 
+				$sql = "SELECT *
 					FROM $table
 					ORDER BY {$fields}_order";
 				$result = $db->sql_query($sql);
@@ -617,8 +670,8 @@ class acp_icons
 					header('Pragma: public');
 
 					// Send out the Headers
-					header('Content-Type: text/x-delimtext; name="' . $fields . '.pak"');
-					header('Content-Disposition: inline; filename="' . $fields . '.pak"');
+					header('Content-Type: text/x-delimtext; name="' . $mode . '.pak"');
+					header('Content-Disposition: inline; filename="' . $mode . '.pak"');
 					echo $pak;
 
 					flush();
@@ -646,12 +699,12 @@ class acp_icons
 
 						case 'icons':
 							// Reset appropriate icon_ids
-							$db->sql_query('UPDATE ' . TOPICS_TABLE . " 
-								SET icon_id = 0 
+							$db->sql_query('UPDATE ' . TOPICS_TABLE . "
+								SET icon_id = 0
 								WHERE icon_id = $icon_id");
 
-							$db->sql_query('UPDATE ' . POSTS_TABLE . " 
-								SET icon_id = 0 
+							$db->sql_query('UPDATE ' . POSTS_TABLE . "
+								SET icon_id = 0
 								WHERE icon_id = $icon_id");
 						break;
 					}
@@ -693,7 +746,7 @@ class acp_icons
 				// on move_up, switch position with previous order_id...
 				$switch_order_id = ($action == 'move_down') ? $current_order + 1 : $current_order - 1;
 
-				// 
+				//
 				$sql = "UPDATE $table
 					SET {$fields}_order = $current_order
 					WHERE {$fields}_order = $switch_order_id
@@ -761,7 +814,7 @@ class acp_icons
 
 		$spacer = false;
 
-		$sql = "SELECT * 
+		$sql = "SELECT *
 			FROM $table
 			ORDER BY {$fields}_order ASC";
 		$result = $db->sql_query($sql);

phpBB/includes/acp/acp_inactive.php

@@ -1,13 +1,21 @@
 <?php
-/** 
+/**
 *
 * @package acp
 * @version $Id$
-* @copyright (c) 2006 phpBB Group 
-* @license http://opensource.org/licenses/gpl-license.php GNU Public License 
+* @copyright (c) 2006 phpBB Group
+* @license http://opensource.org/licenses/gpl-license.php GNU Public License
 *
 */
 
+/**
+* @ignore
+*/
+if (!defined('IN_PHPBB'))
+{
+	exit;
+}
+
 /**
 * @package acp
 */
@@ -33,20 +41,29 @@ class acp_inactive
 		$action = request_var('action', '');
 		$mark	= (isset($_REQUEST['mark'])) ? request_var('mark', array(0)) : array();
 		$start	= request_var('start', 0);
+		$submit = isset($_POST['submit']);
 
 		// Sort keys
 		$sort_days	= request_var('st', 0);
 		$sort_key	= request_var('sk', 'i');
 		$sort_dir	= request_var('sd', 'd');
 
-		if (sizeof($mark))
+		$form_key = 'acp_inactive';
+		add_form_key($form_key);
+
+		if ($submit && sizeof($mark))
 		{
+			if ($action !== 'delete' && !check_form_key($form_key))
+			{
+				trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
+			}
+
 			switch ($action)
 			{
 				case 'activate':
 				case 'delete':
 
-					$sql = 'SELECT user_id, username 
+					$sql = 'SELECT user_id, username
 						FROM ' . USERS_TABLE . '
 						WHERE ' . $db->sql_in_set('user_id', $mark);
 					$result = $db->sql_query($sql);
@@ -60,23 +77,80 @@ class acp_inactive
 
 					if ($action == 'activate')
 					{
+						if ($config['require_activation'] == USER_ACTIVATION_ADMIN)
+						{
+							// Get those 'being activated'...
+							$sql = 'SELECT user_id, username, user_email, user_lang
+								FROM ' . USERS_TABLE . '
+								WHERE ' . $db->sql_in_set('user_id', $mark) . '
+									AND user_type = ' . USER_INACTIVE;
+							$result = $db->sql_query($sql);
+
+							$inactive_users = array();
+							while ($row = $db->sql_fetchrow($result))
+							{
+								$inactive_users[] = $row;
+							}
+							$db->sql_freeresult($result);
+						}
+
 						user_active_flip('activate', $mark);
+
+						if ($config['require_activation'] == USER_ACTIVATION_ADMIN && !empty($inactive_users))
+						{
+							include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
+
+							$messenger = new messenger();
+
+							foreach ($inactive_users as $row)
+							{
+								$messenger->template('admin_welcome_activated', $row['user_lang']);
+
+								$messenger->to($row['user_email'], $row['username']);
+
+								$messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']);
+								$messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']);
+								$messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']);
+
+								$messenger->assign_vars(array(
+									'USERNAME'	=> htmlspecialchars_decode($row['username']))
+								);
+
+								$messenger->send(NOTIFY_EMAIL);
+							}
+
+							$messenger->save_queue();
+						}
 					}
 					else if ($action == 'delete')
 					{
-						if (!$auth->acl_get('a_userdel'))
+						if (confirm_box(true))
 						{
-							trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING);
-						}
+							if (!$auth->acl_get('a_userdel'))
+							{
+								trigger_error($user->lang['NO_AUTH_OPERATION'] . adm_back_link($this->u_action), E_USER_WARNING);
+							}
 
-						foreach ($mark as $user_id)
+							foreach ($mark as $user_id)
+							{
+								user_delete('retain', $user_id, $user_affected[$user_id]);
+							}
+
+							add_log('admin', 'LOG_INACTIVE_' . strtoupper($action), implode(', ', $user_affected));
+						}
+						else
 						{
-							user_delete('retain', $user_id, $user_affected[$user_id]);
+							$s_hidden_fields = array(
+								'mode'			=> $mode,
+								'action'		=> $action,
+								'mark'			=> $mark,
+								'submit'		=> 1,
+								'start'			=> $start,
+							);
+							confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields($s_hidden_fields));
 						}
 					}
 
-					add_log('admin', 'LOG_INACTIVE_' . strtoupper($action), implode(', ', $user_affected));
-
 				break;
 
 				case 'remind':
@@ -85,15 +159,15 @@ class acp_inactive
 						trigger_error($user->lang['EMAIL_DISABLED'] . adm_back_link($this->u_action), E_USER_WARNING);
 					}
 
-					$sql = 'SELECT user_id, username, user_email, user_lang, user_jabber, user_notify_type, user_regdate, user_actkey 
-						FROM ' . USERS_TABLE . ' 
+					$sql = 'SELECT user_id, username, user_email, user_lang, user_jabber, user_notify_type, user_regdate, user_actkey
+						FROM ' . USERS_TABLE . '
 						WHERE ' . $db->sql_in_set('user_id', $mark);
 					$result = $db->sql_query($sql);
 
 					if ($row = $db->sql_fetchrow($result))
 					{
 						// Send the messages
-						include_once($phpbb_root_path . 'includes/functions_messenger.'.$phpEx);
+						include_once($phpbb_root_path . 'includes/functions_messenger.' . $phpEx);
 
 						$messenger = new messenger();
 						$usernames = array();
@@ -107,7 +181,7 @@ class acp_inactive
 
 							$messenger->assign_vars(array(
 								'USERNAME'		=> htmlspecialchars_decode($row['username']),
-								'REGISTER_DATE'	=> $user->format_date($row['user_regdate']), 
+								'REGISTER_DATE'	=> $user->format_date($row['user_regdate']),
 								'U_ACTIVATE'	=> generate_board_url() . "/ucp.$phpEx?mode=activate&u=" . $row['user_id'] . '&k=' . $row['user_actkey'])
 							);
 
@@ -143,7 +217,7 @@ class acp_inactive
 		$inactive = array();
 		$inactive_count = 0;
 
-		view_inactive_users($inactive, $inactive_count, $config['topics_per_page'], $start, $sql_where, $sql_sort);
+		$start = view_inactive_users($inactive, $inactive_count, $config['topics_per_page'], $start, $sql_where, $sql_sort);
 
 		foreach ($inactive as $row)
 		{
@@ -173,6 +247,8 @@ class acp_inactive
 			'S_SORT_DIR'	=> $s_sort_dir,
 			'S_ON_PAGE'		=> on_page($inactive_count, $config['topics_per_page'], $start),
 			'PAGINATION'	=> generate_pagination($this->u_action . "&amp;$u_sort_param", $inactive_count, $config['topics_per_page'], $start, true),
+			
+			'U_ACTION'		=> $this->u_action . '&amp;start=' . $start,
 		));
 
 		$this->tpl_name = 'acp_inactive';

phpBB/includes/acp/acp_jabber.php

@@ -9,6 +9,14 @@
 * @todo Check/enter/update transport info
 */
 
+/**
+* @ignore
+*/
+if (!defined('IN_PHPBB'))
+{
+	exit;
+}
+
 /**
 * @package acp
 */
@@ -44,8 +52,16 @@ class acp_jabber
 		$jab_package_size	= request_var('jab_package_size', $config['jab_package_size']);
 		$jab_use_ssl		= request_var('jab_use_ssl', $config['jab_use_ssl']);
 
+		$form_name = 'acp_jabber';
+		add_form_key($form_name);
+
 		if ($submit)
 		{
+			if (!check_form_key($form_name))
+			{
+				trigger_error($user->lang['FORM_INVALID']. adm_back_link($this->u_action), E_USER_WARNING);
+			}
+
 			$error = array();
 
 			$message = $user->lang['JAB_SETTINGS_CHANGED'];
@@ -93,6 +109,7 @@ class acp_jabber
 			'JAB_PACKAGE_SIZE'		=> $jab_package_size,
 			'JAB_USE_SSL'			=> $jab_use_ssl,
 			'S_CAN_USE_SSL'			=> jabber::can_use_ssl(),
+			'S_GTALK_NOTE'			=> (!@function_exists('dns_get_record')) ? true : false,
 		));
 	}
 }