Merge branch 'prep-release-3.0.13'

* prep-release-3.0.13: (242 commits)
  [prep-release-3.0.13] Bump version numbers for 3.0.13 release
  [prep-release-3.0.13] Highlight security relevant changes
  [develop-olympus] Add changelog for 3.0.13 release.
  [develop-olympus] Bump version numbers for 3.0.13-RC1 release.
  [develop-olympus] Bumping version numbers to final for 3.0.13 releases.
  [ticket/13531] Send 404 Not Found.
  [ticket/13531] Explicitly disallow trailing paths (e.g. PATH_INFO).
  [ticket/13527] Apply htmlspecialchars() to data from version server.
  [ticket/13527] Remove two unused variables.
  [ticket/13526] Correctly validate the ucp_pm_options form key.
  [ticket/13523] Install PHPUnit manually instead of from PEAR.
  [ticket/13519] Correctly validate imagick path as path and not string
  [ticket/11613] Allow cookies to work on netbios domains
  [ticket/13376] Revert unnecessary change for cookies called GLOBALS 92f554e3
  [ticket/10442] Adds <dd>&nbsp;</dd> to <dl> for xhtml correctness
  [ticket/13341] Change coverage to whitelist to prevent errors with temp files.
  [ticket/13331] Use docs target for this branch, add docs-all for dev branches.
  [ticket/13324] Update sami/sami and fabpot/goutte for new zipball location.
  [ticket/13234] Fix conditions and CS
  [ticket/13234] Never allow autologin/remember me to modify the userid
  ...

.gitignore

@@ -2,11 +2,9 @@
 /phpunit.xml
 /phpBB/cache/*.html
 /phpBB/cache/*.php
-/phpBB/cache/queue.php.lock
+/phpBB/cache/*.lock
 /phpBB/composer.phar
-/phpBB/config.php
-/phpBB/config_dev.php
-/phpBB/config_test.php
+/phpBB/config*.php
 /phpBB/ext/*
 /phpBB/files/*
 /phpBB/images/avatars/gallery/*
@@ -14,5 +12,5 @@
 /phpBB/store/*
 /phpBB/vendor
 /tests/phpbb_unit_tests.sqlite2
-/tests/test_config.php
+/tests/test_config*.php
 /tests/tmp/*

.travis.yml

@@ -4,24 +4,37 @@ php:
   - 5.3.3
   - 5.3
   - 5.4
+  - 5.5
+  - 5.6
+  - hhvm
 
 env:
   - DB=mysql
-  - DB=postgres
 
 before_script:
-  - sh -c "if [ '$DB' = 'pgsql' ]; then psql -c 'DROP DATABASE IF EXISTS phpbb_tests;' -U postgres; fi"
-  - sh -c "if [ '$DB' = 'pgsql' ]; then psql -c 'create database phpbb_tests;' -U postgres; fi"
-  - sh -c "if [ '$DB' = 'mysql' ]; then mysql -e 'create database IF NOT EXISTS phpbb_tests;'; fi"
-  - sh -c "if [ '$TRAVIS_PHP_VERSION' = '5.2' ]; then pear install --force phpunit/DbUnit; else pyrus install --force phpunit/DbUnit; fi"
-  - phpenv rehash
+  - sh -c "if [ '$DB' = 'postgres' ]; then psql -c 'DROP DATABASE IF EXISTS phpbb_tests;' -U postgres; fi"
+  - sh -c "if [ '$DB' = 'postgres' ]; then psql -c 'create database phpbb_tests;' -U postgres; fi"
+  - sh -c "if [ '$DB' = 'mariadb' ]; then travis/setup-mariadb.sh; fi"
+  - sh -c "if [ '$TRAVIS_PHP_VERSION' = '5.3' -a '$DB' = 'mysql' ]; then mysql -e 'SET GLOBAL storage_engine=MyISAM;'; fi"
+  - sh -c "if [ '$DB' = 'mysql' -o '$DB' = 'mariadb' ]; then mysql -e 'create database IF NOT EXISTS phpbb_tests;'; fi"
+  - sh -c "if [ '$TRAVIS_PHP_VERSION' = '5.2' ]; then travis/install-phpunit-5-2.sh; fi"
+  - cd phpBB
+  - sh -c "if [ '$TRAVIS_PHP_VERSION' != '5.2' ]; then php ../composer.phar install --dev --no-interaction --prefer-source; fi"
+  - cd ..
+  - sh -c "if [ `php -r "echo (int) version_compare(PHP_VERSION, '5.3.19', '>=');"` = "1" ]; then travis/setup-webserver.sh; fi"
+  - sh -c "if [ '$TRAVIS_PHP_VERSION' = '5.3.3' -a '$DB' = 'mysql' ]; then sudo apt-get update; sudo apt-get install -y parallel libimage-exiftool-perl; fi"
 
 script:
-  - phpunit --configuration travis/phpunit-$DB-travis.xml
+  - sh -c "if [ '$TRAVIS_PHP_VERSION' = '5.2' ]; then php -d include_path='.:phpunit' phpunit/phpunit.php --configuration travis/phpunit-$DB-5-2-travis.xml; else phpBB/vendor/bin/phpunit --configuration travis/phpunit-$DB-travis.xml; fi"
+  - sh -c "if [ '$TRAVIS_PHP_VERSION' = '5.3.3' -a '$DB' = 'mysql' -a '$TRAVIS_PULL_REQUEST' != 'false' ]; then git-tools/commit-msg-hook-range.sh origin/$TRAVIS_BRANCH..FETCH_HEAD; fi"
+  - sh -c "if [ '$TRAVIS_PHP_VERSION' = '5.3.3' -a '$DB' = 'mysql' ]; then find . -type f -not -path './phpBB/vendor/*' -iregex '.*\.\(gif\|jpg\|jpeg\|png\)$' | parallel --gnu --keep-order 'phpBB/develop/strip_icc_profiles.sh {}' || exit 1; fi"
 
-notifications:
-  email:
-    recipients:
-      - dev-team@phpbb.com
-    on_success: change
-    on_failure: change
+matrix:
+  include:
+    - php: 5.4
+      env: DB=mariadb
+    - php: 5.4
+      env: DB=postgres
+  allow_failures:
+    - php: hhvm
+  fast_finish: true

README.md

@@ -1,4 +1,4 @@
-[![phpBB](http://www.phpbb.com/theme/images/logos/blue/160x52.png)](http://www.phpbb.com)
+[![phpBB](https://www.phpbb.com/theme/images/logos/blue/160x52.png)](http://www.phpbb.com)
 
 ## ABOUT
 
@@ -17,9 +17,11 @@ Find support and lots more on [phpBB.com](http://www.phpbb.com)! Discuss the dev
 
 ## AUTOMATED TESTING
 
-We have unit and functional tests in order to prevent regressions. You can view the bamboo continuous integration [here](http://bamboo.phpbb.com) or check our travis build below.
-develop - [![Build Status](https://secure.travis-ci.org/phpbb/phpbb3.png?branch=develop)](http://travis-ci.org/phpbb/phpbb3)
-develop-olympus - [![Build Status](https://secure.travis-ci.org/phpbb/phpbb3.png?branch=develop-olympus)](http://travis-ci.org/phpbb/phpbb3)
+We have unit and functional tests in order to prevent regressions. You can view the bamboo continuous integration [here](http://bamboo.phpbb.com) or check our travis build below:
+
+* develop [![Build Status](https://secure.travis-ci.org/phpbb/phpbb.png?branch=develop)](http://travis-ci.org/phpbb/phpbb)
+* develop-ascraeus [![Build Status](https://secure.travis-ci.org/phpbb/phpbb.png?branch=develop-ascraeus)](http://travis-ci.org/phpbb/phpbb)
+* develop-olympus [![Build Status](https://secure.travis-ci.org/phpbb/phpbb.png?branch=develop-olympus)](http://travis-ci.org/phpbb/phpbb)
 
 ## LICENSE
 

build/build.xml

@@ -2,18 +2,17 @@
 
 <project name="phpBB" description="The phpBB forum software" default="all" basedir="../">
 	<!-- a few settings for the build -->
-	<property name="newversion" value="3.0.11" />
-	<property name="prevversion" value="3.0.10" />
-	<property name="olderversions" value="3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.7-PL1, 3.0.8, 3.0.9, 3.0.11-RC1, 3.0.11-RC2" />
+	<property name="newversion" value="3.0.13" />
+	<property name="prevversion" value="3.0.13-RC1" />
+	<property name="olderversions" value="3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.7-PL1, 3.0.8, 3.0.9, 3.0.10, 3.0.11, 3.0.12" />
 	<!-- no configuration should be needed beyond this point -->
 
 	<property name="oldversions" value="${olderversions}, ${prevversion}" />
 	<property name="versions" value="${oldversions}, ${newversion}" />
 
 	<!-- These are the main targets which you will probably want to use -->
-	<target name="package" depends="clean,prepare,create-package" />
-	<target name="all" depends="clean,prepare,test,docs,create-package" />
-	<target name="build" depends="clean,prepare,test,docs" />
+	<target name="all" depends="clean,prepare,composer,test,docs,package" />
+	<target name="build" depends="clean,prepare,composer,test,docs" />
 
 	<target name="prepare">
 		<mkdir dir="build/logs" />
@@ -43,33 +42,47 @@
 		<delete dir="build/save" />
 	</target>
 
-	<target name="test" depends="clean,prepare">
+	<!--
+		This target basically just runs composer in the phpBB tree to ensure
+		all dependencies are loaded. Additional development dependencies are
+		loaded because testing framework may depend on them.
+	-->
+	<target name="composer">
+		<exec dir="phpBB"
+			command="php ../composer.phar install --dev"
+			checkreturn="true"
+			passthru="true" />
+	</target>
+
+	<target name="test" depends="clean,prepare,composer">
 		<exec dir="."
-			command="phpunit --log-junit build/logs/phpunit.xml
+			command="phpBB/vendor/bin/phpunit
+			--log-junit build/logs/phpunit.xml
 			--coverage-clover build/logs/clover.xml
 			--coverage-html build/coverage"
 			passthru="true" />
 	</target>
 
-	<target name="test-slow" depends="clean,prepare">
+	<target name="test-slow" depends="clean,prepare,composer">
 		<exec dir="."
-			command="phpunit --log-junit build/logs/phpunit.xml
-			--configuration phpunit.xml.all
+			command="phpBB/vendor/bin/phpunit
+			--log-junit build/logs/phpunit.xml
 			--group slow
 			--coverage-clover build/logs/clover-slow.xml
 			--coverage-html build/coverage-slow"
 			passthru="true" />
 	</target>
 
+	<!-- Builds docs for current branch into build/api/output/master -->
 	<target name="docs">
-		<!-- only works if you setup phpdoctor:
-                     git clone https://github.com/peej/phpdoctor.git
-                     and then create an executable phpdoctor in your path containing
-                     #!/bin/sh
-                     php -f /path/to/phpdoctor/phpdoc.php $@
-                -->
-		<exec dir="build"
-			command="phpdoctor phpdoc-phpbb.ini"
+		<exec dir="."
+			command="phpBB/vendor/bin/sami.php update build/sami-checkout.conf.php"
+			passthru="true" />
+	</target>
+	<!-- Builds docs for multiple branches/tags into build/api/output/$branch -->
+	<target name="docs-all">
+		<exec dir="."
+			command="phpBB/vendor/bin/sami.php update build/sami-all.conf.php"
 			passthru="true" />
 	</target>
 
@@ -92,7 +105,7 @@
 			<property name="dir" value="build/old_versions/release-${version}" />
 		</phingcall>
 
-		<exec dir="build/old_versions" command="diff -crNEBwd release-${version} release-${newversion} >
+		<exec dir="build/old_versions" command="LC_ALL=C diff -crNEBwd release-${version} release-${newversion} >
 			../new_version/patches/phpBB-${version}_to_${newversion}.patch" escape="false" />
 	</target>
 
@@ -116,26 +129,54 @@
 
 	</target>
 
-	<target name="create-package" depends="prepare-new-version,old-version-diffs">
+	<target name="package" depends="clean,prepare,prepare-new-version,old-version-diffs">
 		<exec dir="build" command="php -f package.php '${versions}' > logs/package.log" escape="false" />
-		<exec dir="build" command="php -f build_diff.php '${prevversion}' '${newversion}' > logs/build_diff.log" escape="false" />
-
 		<exec dir="build" escape="false"
 			command="diff -crNEBwd old_versions/release-${prevversion}/language new_version/phpBB3/language >
-				save/save_${prevversion}_to_${newversion}/language/phpbb-${prevversion}_to_${newversion}_language.patch" />
+				save/phpbb-${prevversion}_to_${newversion}_language.patch" />
 		<exec dir="build" escape="false"
 			command="diff -crNEBwd old_versions/release-${prevversion}/styles/prosilver new_version/phpBB3/styles/prosilver >
-				save/save_${prevversion}_to_${newversion}/prosilver/phpbb-${prevversion}_to_${newversion}_prosilver.patch" />
+				save/phpbb-${prevversion}_to_${newversion}_prosilver.patch" />
 		<exec dir="build" escape="false"
 			command="diff -crNEBwd old_versions/release-${prevversion}/styles/subsilver2 new_version/phpBB3/styles/subsilver2 >
-				save/save_${prevversion}_to_${newversion}/subsilver2/phpbb-${prevversion}_to_${newversion}_subsilver2.patch" />
+				save/phpbb-${prevversion}_to_${newversion}_subsilver2.patch" />
 
 		<exec dir="build" escape="false"
 			command="git shortlog --summary --numbered release-${prevversion}...HEAD >
-				save/save_${prevversion}_to_${newversion}/phpbb-${prevversion}_to_${newversion}_git_shortlog.txt" />
+				save/phpbb-${prevversion}_to_${newversion}_git_shortlog.txt" />
 		<exec dir="build" escape="false"
 			command="git diff --stat release-${prevversion}...HEAD >
-				save/save_${prevversion}_to_${newversion}/phpbb-${prevversion}_to_${newversion}_git_diffstat.txt" />
+				save/phpbb-${prevversion}_to_${newversion}_git_diffstat.txt" />
+
+		<phingcall target="checksum-dir">
+			<property name="dir" value="build/new_version/release_files" />
+		</phingcall>
+	</target>
+
+	<target name="checksum-dir">
+		<foreach param="filename" absparam="absfilename" target="checksum-file">
+			<fileset dir="${dir}">
+				<type type="file" />
+			</fileset>
+		</foreach>
+	</target>
+
+	<target name="checksum-file">
+		<echo msg="Creating checksum file for ${absfilename}" />
+		<php function="dirname" returnProperty="dir"><param value="${absfilename}"/></php>
+		<exec dir="${dir}" command="sha256sum ${filename} > ${filename}.sha256" />
+	</target>
+
+	<target name="announcement" depends="prepare">
+		<echo msg="Writing download links and checksums for email announcement to save/announcement_email_${newversion}.txt" />
+		<exec dir="build" escape="false"
+			command="php -f build_announcement.php email '${newversion}' 'new_version/release_files' sha256 >
+				save/announcement_email_${newversion}.txt"  />
+
+		<echo msg="Writing download links and checksums for bbcode announcement to save/announcement_bbcode_${newversion}.txt" />
+		<exec dir="build" escape="false"
+			command="php -f build_announcement.php bbcode '${newversion}' 'new_version/release_files' sha256 >
+				save/announcement_bbcode_${newversion}.txt"  />
 	</target>
 
 	<target name="changelog" depends="prepare">
@@ -155,6 +196,45 @@
 		<exec dir="phpBB"
 			command="git archive ${revision} | tar -xf - -C ../${dir}"
 			checkreturn="true" />
+
+		<!-- Install composer dependencies, if there are any. -->
+		<exec dir="${dir}"
+			command='php -r "\$j = json_decode(file_get_contents(\"composer.json\")); echo isset(\$j->require);"'
+			checkreturn="true"
+			outputProperty='composer-has-dependencies' />
+		<if>
+			<equals arg1="${composer-has-dependencies}" arg2="1" trim="true" />
+			<then>
+				<!-- We have non-dev composer dependencies -->
+				<exec dir="."
+					command="git ls-tree ${revision} composer.phar"
+					checkreturn="true"
+					outputProperty='composer-ls-tree-output' />
+				<if>
+					<equals arg1="${composer-ls-tree-output}" arg2="" trim="true" />
+					<then>
+						<fail message="There are composer dependencies, but composer.phar is missing." />
+					</then>
+					<else>
+						<!-- Export the phar, install dependencies, delete phar. -->
+						<exec dir="."
+							command="git archive ${revision} composer.phar | tar -xf - -C ${dir}"
+							checkreturn="true" />
+						<exec dir="${dir}"
+							command="php composer.phar install --no-dev"
+							checkreturn="true"
+							passthru="true" />
+						<delete file="${dir}/composer.phar" />
+					</else>
+				</if>
+			</then>
+			<else>
+				<!-- We do not have composer dependencies, do not ship composer files -->
+				<delete file="${dir}/composer.json" />
+				<delete file="${dir}/composer.lock" />
+			</else>
+		</if>
+
 		<delete file="${dir}/config.php" />
 		<delete dir="${dir}/develop" />
 		<delete dir="${dir}/install/data" />
@@ -176,6 +256,7 @@
 		<delete dir="${dir}/files" />
 		<delete dir="${dir}/install" />
 		<delete dir="${dir}/store" />
+		<delete dir="${dir}/vendor" />
 	</target>
 
 </project>

build/build_announcement.php

@@ -0,0 +1,98 @@
+#!/usr/bin/env php
+<?php
+/**
+*
+* @package build
+* @copyright (c) 2013 phpBB Group
+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+*
+*/
+
+if (php_sapi_name() !== 'cli' || $_SERVER['argc'] != 5)
+{
+	echo "Usage (CLI only): build_announcement.php email|bbcode new_version release_files_dir checksum_algorithm\n";
+	exit(1);
+}
+
+$mode = $_SERVER['argv'][1];
+$version = $_SERVER['argv'][2];
+$root = $_SERVER['argv'][3];
+$checksum_algorithm = $_SERVER['argv'][4];
+
+$series_version = substr($version, 0, 3);
+$base_url = "https://download.phpbb.com/pub/release/$series_version";
+
+if (strpos($version, 'RC') === false)
+{
+	// Final release
+	$install_url	= "$base_url/$version";
+	$update_url		= "$base_url/update/to_$version";
+}
+else
+{
+	$install_url	= "$base_url/release_candidates/$version";
+	$update_url		= "$base_url/release_candidates/update/other_to_$version";
+}
+
+if ($mode === 'bbcode')
+{
+	$template = "[url=%1\$s/%2\$s]%2\$s[/url]\n{$checksum_algorithm}sum: %3\$s\n";
+}
+else
+{
+	$template = "%s/%s\n{$checksum_algorithm}sum: %s\n";
+}
+
+function phpbb_rnatsort($array)
+{
+	$strrnatcmp = function($a, $b)
+	{
+		return strnatcmp($b, $a);
+	};
+	usort($array, $strrnatcmp);
+	return $array;
+}
+
+function phpbb_string_ends_with($haystack, $needle)
+{
+	return substr($haystack, -strlen($needle)) === $needle;
+}
+
+function phpbb_is_update_file($filename)
+{
+	return strpos($filename, '_to_') !== false;
+}
+
+function phpbb_get_checksum($checksum_file)
+{
+	return array_shift(explode(' ', file_get_contents($checksum_file)));
+}
+
+$install_files = $update_files = array();
+foreach (phpbb_rnatsort(array_diff(scandir($root), array('.', '..'))) as $filename)
+{
+	if (phpbb_string_ends_with($filename, $checksum_algorithm))
+	{
+		continue;
+	}
+	else if (phpbb_is_update_file($filename))
+	{
+		$update_files[] = $filename;
+	}
+	else
+	{
+		$install_files[] = $filename;
+	}
+}
+
+foreach ($install_files as $filename)
+{
+	printf($template, $install_url, $filename, phpbb_get_checksum("$root/$filename.$checksum_algorithm"));
+}
+
+echo "\n";
+
+foreach ($update_files as $filename)
+{
+	printf($template, $update_url, $filename, phpbb_get_checksum("$root/$filename.$checksum_algorithm"));
+}

build/build_diff.php

@@ -1,414 +0,0 @@
-#!/usr/bin/env php
-<?php
-/**
-*
-* @package build
-* @copyright (c) 2010 phpBB Group
-* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
-*
-*/
-
-if ($_SERVER['argc'] != 3)
-{
-	die("Please specify the previous and current version as arguments (e.g. build_diff.php '1.0.2' '1.0.3').");
-}
-
-$old_version = trim($_SERVER['argv'][1]);
-$new_version = trim($_SERVER['argv'][2]);
-
-$substitute_old = $old_version;
-$substitute_new = $new_version;
-$simple_name_old = 'release-' . $old_version;
-$simple_name_new = 'release-' . $new_version;
-$echo_changes = false;
-
-// DO NOT EVER USE THE FOLLOWING! Fix the script to generate proper changes,
-// do NOT manually create them.
-
-// Set this to true to just compress the changes and do not build them again
-// This should be used for building custom modified txt file. ;)
-$package_changed_files = false;
-
-//$debug_file = 'includes/functions_user.php'; //'styles/prosilver/style.cfg';
-$debug_file = false;
-
-if ($debug_file !== false)
-{
-	$echo_changes = false;
-}
-
-$s_name = 'save_' . $substitute_old . '_to_' . $substitute_new;
-
-$location = dirname(__FILE__);
-
-if (!$package_changed_files)
-{
-	if (!$echo_changes)
-	{
-		// Create directory...
-		run_command("mkdir $location/save/{$s_name}");
-		run_command("mkdir $location/save/{$s_name}/language");
-		run_command("mkdir $location/save/{$s_name}/prosilver");
-		run_command("mkdir $location/save/{$s_name}/subsilver2");
-	}
-}
-
-// Build code changes and place them into 'save'
-if (!$package_changed_files)
-{
-	build_code_changes('language');
-	build_code_changes('prosilver');
-	build_code_changes('subsilver2');
-}
-
-// Package code changes
-$code_changes_filename = 'phpBB-' . $substitute_old . '_to_' . $substitute_new . '-codechanges';
-
-if (!$echo_changes)
-{
-	// Now compress the files...
-	// Build Main phpBB Release
-	$compress_programs = array(
-//		'tar.gz'	=> 'tar -czf',
-		'tar.bz2'	=> 'tar -cjf',
-		'zip'		=> 'zip -r'
-	);
-
-	chdir($location . '/save/' . $s_name);
-	foreach ($compress_programs as $extension => $compress_command)
-	{
-		echo "Packaging code changes for $extension\n";
-		run_command("rm ./../../new_version/release_files/{$code_changes_filename}.{$extension}");
-		flush();
-
-		// Build Package
-		run_command("$compress_command ./../../new_version/release_files/{$code_changes_filename}.{$extension} *");
-
-		// Build MD5 Sum
-		run_command("md5sum ./../../new_version/release_files/{$code_changes_filename}.{$extension} > ./../../new_version/release_files/{$code_changes_filename}.{$extension}.md5");
-		flush();
-	}
-}
-
-/**
-* $output_format can be: language, prosilver and subsilver2
-*/
-function build_code_changes($output_format)
-{
-	global $substitute_new, $substitute_old, $simple_name_old, $simple_name_new, $echo_changes, $package_changed_files, $location, $debug_file, $s_name;
-
-	// Global array holding the data entries
-	$data = array(
-		'header'		=> array(),
-		'diff'			=> array(),
-	);
-
-	// Read diff file and prepare the output filedata...
-	//$patch_filename = '../new_version/patches/phpBB-' . $substitute_old . '_to_' . $substitute_new . '.patch';
-	$release_filename = 'phpbb-' . $substitute_old . '_to_' . $substitute_new . '_' . $output_format . '.txt';
-
-	if (!$package_changed_files)
-	{
-		if (!$echo_changes)
-		{
-			$fp = fopen('save/' . $s_name . '/' . $output_format . '/' . $release_filename, 'wb');
-
-			if (!$fp)
-			{
-				die('Unable to create ' . $release_filename);
-			}
-		}
-	}
-
-	include_once($location . '/build_helper.php');
-	$package = new build_package(array($substitute_old, $substitute_new), false);
-
-	$titles = array(
-		'language'		=> 'phpBB ' . $substitute_old . ' to phpBB ' . $substitute_new . ' Language Pack Changes',
-		'prosilver'		=> 'phpBB ' . $substitute_old . ' to phpBB ' . $substitute_new . ' prosilver Changes',
-		'subsilver2'	=> 'phpBB ' . $substitute_old . ' to phpBB ' . $substitute_new . ' subsilver2 Changes',
-	);
-
-	$data['header'] = array(
-		'title'		=> $titles[$output_format],
-		'intro'		=> '
-
-These are the ' . $titles[$output_format] . ' summed up into a little Mod. These changes are only partial and do not include any code changes, therefore not meant for updating phpBB.
-
-	',
-		'included_files'	=> array(),
-	);
-
-	// We collect the files we want to diff first (ironically we grab this from a diff file)
-	if (!$echo_changes)
-	{
-		echo "\n\nCollecting Filenames:";
-	}
-
-	// We re-create the patch file
-	foreach ($package->old_packages as $_package_name => $dest_package_filename)
-	{
-		chdir($package->locations['old_versions']);
-
-		if (!$echo_changes)
-		{
-			echo "\n\n" . 'Creating patch/diff files for phpBB-' . $dest_package_filename . $package->get('new_version_number');
-		}
-
-		$dest_package_filename = $location . '/save/' . $s_name . '/phpBB-' . $dest_package_filename . $package->get('new_version_number') . '.patch';
-		$package->run_command('diff ' . $package->diff_options . ' ' . $_package_name . ' ' . $package->get('simple_name') . ' > ' . $dest_package_filename);
-
-		// Parse this diff to determine file changes from the checked versions and save them
-		$result = $package->collect_diff_files($dest_package_filename, $_package_name);
-		$package->run_command('rm ' . $dest_package_filename);
-	}
-
-	chdir($location);
-
-	$filenames = array();
-	foreach ($result['files'] as $filename)
-	{
-		if ($debug_file !== false && $filename != $debug_file)
-		{
-			continue;
-		}
-
-		// Decide which files to compare...
-		switch ($output_format)
-		{
-			case 'language':
-				if (strpos($filename, 'language/en/') !== 0)
-				{
-					continue 2;
-				}
-			break;
-
-			case 'prosilver':
-				if (strpos($filename, 'styles/prosilver/') !== 0)
-				{
-					continue 2;
-				}
-			break;
-
-			case 'subsilver2':
-				if (strpos($filename, 'styles/subsilver2/') !== 0)
-				{
-					continue 2;
-				}
-			break;
-		}
-
-		if (!file_exists($location . '/old_versions/' . $simple_name_old . '/' . $filename))
-		{
-			// New file... include it
-			$data['header']['included_files'][] = array(
-				'old'				=> $location . '/old_versions/' . $simple_name_old . '/' . $filename,
-				'new'				=> $location . '/old_versions/' . $simple_name_new . '/' . $filename,
-				'phpbb_filename'	=> $filename,
-			);
-			continue;
-		}
-
-		$filenames[] = array(
-			'old'				=> $location . '/old_versions/' . $simple_name_old . '/' . $filename,
-			'new'				=> $location . '/old_versions/' . $simple_name_new . '/' . $filename,
-			'phpbb_filename'	=> $filename,
-		);
-	}
-
-	// Now let us go through the filenames list and create a more comprehensive diff
-	if (!$echo_changes)
-	{
-		fwrite($fp, build_header($output_format, $filenames, $data['header']));
-	}
-	else
-	{
-		//echo build_header('text', $filenames, $data['header']);
-	}
-
-	// Copy files...
-	$files_to_copy = array();
-
-	foreach ($data['header']['included_files'] as $filename)
-	{
-		$files_to_copy[] = $filename['phpbb_filename'];
-	}
-
-	// First step is to copy the new version over (clean structure)
-	if (!$echo_changes && sizeof($files_to_copy))
-	{
-		foreach ($files_to_copy as $file)
-		{
-			// Create directory?
-			$dirname = dirname($file);
-
-			if ($dirname)
-			{
-				$dirname = explode('/', $dirname);
-				$__dir = array();
-
-				foreach ($dirname as $i => $dir)
-				{
-					$__dir[] = $dir;
-					run_command("mkdir -p $location/save/" . $s_name . '/' . $output_format . '/' . implode('/', $__dir));
-				}
-			}
-
-			$source_file = $location . '/new_version/phpBB3/' . $file;
-			$dest_file = $location . '/save/' . $s_name . '/' . $output_format . '/';
-			$dest_file .= $file;
-
-			$command = "cp -p $source_file $dest_file";
-			$result = trim(`$command`);
-			echo "- Copied File: " . $source_file . " -> " . $dest_file . "\n";
-		}
-	}
-
-	include_once('diff_class.php');
-
-	if (!$echo_changes)
-	{
-		echo "\n\nDiffing Codebases:";
-	}
-
-	foreach ($filenames as $file_ary)
-	{
-		if (!file_exists($file_ary['old']))
-		{
-			$lines1 = array();
-		}
-		else
-		{
-			$lines1 = file($file_ary['old']);
-		}
-		$lines2 = file($file_ary['new']);
-
-		if (!sizeof($lines1))
-		{
-			// New File
-		}
-		else
-		{
-			$diff = new Diff($lines1, $lines2);
-			$fmt = new BBCodeDiffFormatter(false, 5, $debug_file);
-
-			if (!$echo_changes)
-			{
-				fwrite($fp, $fmt->format_open($file_ary['phpbb_filename']));
-				fwrite($fp, $fmt->format($diff, $lines1));
-				fwrite($fp, $fmt->format_close($file_ary['phpbb_filename']));
-			}
-			else
-			{
-				echo $fmt->format_open($file_ary['phpbb_filename']);
-				echo $fmt->format($diff, $lines1);
-				echo $fmt->format_close($file_ary['phpbb_filename']);
-			}
-
-			if ($debug_file !== false)
-			{
-				echo $fmt->format_open($file_ary['phpbb_filename']);
-				echo $fmt->format($diff, $lines1);
-				echo $fmt->format_close($file_ary['phpbb_filename']);
-				exit;
-			}
-		}
-	}
-
-	if (!$echo_changes)
-	{
-		fwrite($fp, build_footer($output_format));
-
-		// Close file
-		fclose($fp);
-
-		chmod('save/' . $s_name . '/' . $output_format . '/' . $release_filename, 0666);
-	}
-	else
-	{
-		echo build_footer($output_format);
-	}
-}
-
-/**
-* Build Footer
-*/
-function build_footer($mode)
-{
-	$html = '';
-
-	$html .= "# \n";
-	$html .= "#-----[ SAVE/CLOSE ALL FILES ]------------------------------------------ \n";
-	$html .= "# \n";
-	$html .= "# EoM";
-
-	return $html;
-}
-
-/**
-* Build Header
-*/
-function build_header($mode, $filenames, $header)
-{
-	global $substitute_old;
-
-	$html = '';
-
-	$html .= "############################################################## \n";
-	$html .= "## Title: " . $header['title'] . "\n";
-	$html .= "## Author: naderman < naderman@phpbb.com > (Nils Adermann) http://www.phpbb.com \n";
-	$html .= "## Description: \n";
-
-	$intr = explode("\n", $header['intro']);
-	$introduction = '';
-	foreach ($intr as $_line)
-	{
-		$introduction .= wordwrap($_line, 80) . "\n";
-	}
-	$intr = explode("\n", $introduction);
-
-	foreach ($intr as $_line)
-	{
-		$html .= "##		" . $_line . "\n";
-	}
-	$html .= "## \n";
-	$html .= "## Files To Edit: \n";
-
-	foreach ($filenames as $file_ary)
-	{
-		$html .= "##		" . $file_ary['phpbb_filename'] . "\n";
-	}
-	$html .= "##\n";
-	if (sizeof($header['included_files']))
-	{
-		$html .= "## Included Files: \n";
-		foreach ($header['included_files'] as $filename)
-		{
-			$html .= "##		{$filename['phpbb_filename']}\n";
-		}
-	}
-	$html .= "## License: http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2 \n";
-	$html .= "############################################################## \n";
-	$html .= "\n";
-
-	// COPY Statement?
-	if (sizeof($header['included_files']))
-	{
-		$html .= "#\n#-----[ COPY ]------------------------------------------\n#\n";
-		foreach ($header['included_files'] as $filename)
-		{
-			$html .= "copy {$filename['phpbb_filename']} to {$filename['phpbb_filename']}\n";
-		}
-		$html .= "\n";
-	}
-
-	return $html;
-}
-
-function run_command($command)
-{
-	$result = trim(`$command`);
-	echo "\n- Command Run: " . $command . "\n";
-}
-
-?>

build/package.php

@@ -285,9 +285,6 @@ if (sizeof($package->old_packages))
 
 		// Build Package
 		$package->run_command($compress_command . ' ../release_files/' . $package->get('release_filename') . '-patch.' . $extension . ' *');
-
-		// Build MD5 Sum
-		$package->run_command('md5sum ../release_files/' . $package->get('release_filename') . '-patch.' . $extension . ' > ../release_files/' . $package->get('release_filename') . '-patch.' . $extension . '.md5');
 	}
 
 	// Build Files Package
@@ -319,8 +316,6 @@ if (sizeof($package->old_packages))
 
 		chdir('./release');
 		$package->run_command("$compress_command ../../release_files/" . $package->get('release_filename') . '-files.' . $extension . ' *');
-		// Build MD5 Sum
-		$package->run_command('md5sum ../../release_files/' . $package->get('release_filename') . '-files.' . $extension . ' > ../../release_files/' . $package->get('release_filename') . '-files.' . $extension . '.md5');
 		chdir('..');
 
 		$package->run_command('rm -Rv ' . $package->get('files_directory') . '/release');
@@ -363,9 +358,6 @@ if (sizeof($package->old_packages))
 			// Copy last package over...
 			$package->run_command('rm -v ../release_files/phpBB-' . $last_version . ".$extension");
 			$package->run_command("$compress_command ../../release_files/phpBB-$last_version.$extension *");
-
-			// Build MD5 Sum
-			$package->run_command("md5sum ../../release_files/phpBB-$last_version.$extension > ../../release_files/phpBB-$last_version.$extension.md5");
 			chdir('..');
 		}
 
@@ -388,9 +380,6 @@ foreach ($compress_programs as $extension => $compress_command)
 
 	// Build Package
 	$package->run_command("$compress_command ./release_files/" . $package->get('release_filename') . '.' . $extension . ' ' . $package->get('package_name'));
-
-	// Build MD5 Sum
-	$package->run_command('md5sum ./release_files/' . $package->get('release_filename') . '.' . $extension . ' > ./release_files/' . $package->get('release_filename') . '.' . $extension . '.md5');
 }
 
 // Microsoft Web PI packaging
@@ -398,7 +387,6 @@ $package->begin_status('Packaging phpBB for Microsoft WebPI');
 $file = './release_files/' . $package->get('release_filename') . '.webpi.zip';
 $package->run_command('cp -p ./release_files/' . $package->get('release_filename') . ".zip $file");
 $package->run_command('cd ./../webpi && ' . $compress_programs['zip'] . " ./../new_version/$file *");
-$package->run_command("md5sum $file  > $file.md5");
 
 // verify results
 chdir($package->locations['root']);

build/phpdoc-phpbb.ini

@@ -1,145 +0,0 @@
-; Default configuration file for PHPDoctor
-
-; This config file will cause PHPDoctor to generate API documentation of
-; itself.
-
-
-; PHPDoctor settings
-; -----------------------------------------------------------------------------
-
-; Names of files to parse. This can be a single filename, or a comma separated
-; list of filenames. Wildcards are allowed.
-
-files = "*.php"
-
-; Names of files or directories to ignore. This can be a single filename, or a
-; comma separated list of filenames. Wildcards are NOT allowed.
-
-;ignore = "CVS, .svn, .git, _compiled"
-ignore = templates_c/,*HTML/default/*,spec/,*config.php*,*CVS/,test_chora.php,testupdate/,cache/,store/,*proSilver/,develop/,includes/utf/data/,includes/captcha/fonts/,install/update/,install/update.new/,files/,*phpinfo.php*,*update_script.php*,*upgrade.php*,*convert.php*,install/converter/,language/de/,script/,*swatch.php*,*test.php*,*test2.php*,*install.php*,*functions_diff.php*,*acp_update.php*,acm_xcache.php
-
-; The directory to look for files in, if not used the PHPDoctor will look in
-; the current directory (the directory it is run from).
-
-source_path = "../phpBB/"
-
-; If you do not want PHPDoctor to look in each sub directory for files
-; uncomment this line.
-
-;subdirs = off
-
-; Set how loud PHPDoctor is as it runs. Quiet mode suppresses all output other
-; than warnings and errors. Verbose mode outputs additional messages during
-; execution.
-
-quiet = on
-;verbose = on
-
-; Select the doclet to use for generating output.
-
-doclet = standard
-;doclet = debug
-
-; The directory to find the doclet in. Doclets control the HTML output of
-; phpDoctor and can be modified to suit your needs. They are expected to be 
-; in a directory named after themselves at the location given.
-
-;doclet_path = ./doclets
-
-; Select the formatter to use for generating output.
-
-;formatter = htmlStandardFormatter
-
-; The directory to find the formatter in. Formatters convert textual markup
-; for use by the doclet.
-
-;formatter_path = ./formatters
-
-; The directory to find taglets in. Taglets allow you to make PHPDoctor handle
-; new tags and to alter the behavour of existing tags and their output.
-
-;taglet_path = ./taglets
-
-; If the code you are parsing does not use package tags or not all elements
-; have package tags, use this setting to place unbound elements into a
-; particular package.
-
-default_package = "phpBB"
-
-use_class_path_as_package = off
-
-ignore_package_tags = off
-
-; Specifies the name of a HTML file containing text for the overview
-; documentation to be placed on the overview page. The path is relative to
-; "source_path" unless an absolute path is given.
-
-overview = ../README.md
-
-; Package comments will be looked for in a file named package.html in the same
-; directory as the first source file parsed in that package or in the directory
-; given below. If package comments are placed in the directory given below then
-; they should be named "<packageName>.html".
-
-package_comment_dir = ./
-
-; Parse out global variables and/or global constants?
-
-;globals = off
-;constants = off
-
-; Generate documentation for all class members
-
-;private = on
-
-; Generate documentation for public and protected class members
-
-;protected = on
-
-; Generate documentation for only public class members
-
-;public = on
-
-; Use the PEAR compatible handling of the docblock first sentence
-
-;pear_compat = on
-
-; Standard doclet settings
-; -----------------------------------------------------------------------------
-
-; The directory to place generated documentation in. If the given path is
-; relative to it will be relative to "source_path".
-
-d = "../build/api/"
-
-; Specifies the title to be placed in the HTML <title> tag.
-
-windowtitle = "phpBB3"
-
-; Specifies the title to be placed near the top of the overview summary file.
-
-doctitle = "phpBB3 Sourcecode Documentation"
-
-; Specifies the header text to be placed at the top of each output file. The
-; header will be placed to the right of the upper navigation bar. 
-
-header = "phpBB3"
-
-; Specifies the footer text to be placed at the bottom of each output file. The
-; footer will be placed to the right of the lower navigation bar.
-
-footer = "phpBB3"
-
-; Specifies the text to be placed at the bottom of each output file. The text
-; will be placed at the bottom of the page, below the lower navigation bar.
-
-;bottom = "This document was generated by <a href="http://peej.github.com/phpdoctor/">PHPDoctor: The PHP Documentation Creator</a>"
-
-; Create a class tree?
-
-;tree = off
-
-; Use GeSHi to include formatted source files in the documentation. PHPDoctor will look in the current doclet directory for a /geshi subdirectory. Unpack the GeSHi archive from http://qbnz.com/highlighter to get this directory - it will contain a php script and a subdirectory with formatting files.
-
-include_source = off
-

build/sami-all.conf.php

@@ -0,0 +1,30 @@
+<?php
+/**
+*
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
+*
+*/
+
+require __DIR__ . '/sami-checkout.conf.php';
+
+$config['versions'] = Sami\Version\GitVersionCollection::create(__DIR__ . '/../')
+	/*
+	This would be nice, but currently causes various problems that need
+	debugging.
+	->addFromTags('release-3.0.*')
+	->add('develop-olympus', '3.0-next (olympus)')
+	->addFromTags('release-3.1.*')
+	->add('develop-ascraeus', '3.1-next (ascraeus)')
+	->add('develop')
+	*/
+	->add('develop-olympus')
+	->add('develop-ascraeus')
+;
+
+return new Sami\Sami($iterator, $config);

build/sami-checkout.conf.php

@@ -0,0 +1,44 @@
+<?php
+/**
+*
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
+*
+*/
+
+// Prevent 'Class "acm" does not exist.' exception on removeClass().
+class PhpbbArrayStore extends Sami\Store\ArrayStore
+{
+	public function removeClass(Sami\Project $project, $name)
+	{
+		unset($this->classes[$name]);
+	}
+}
+
+$iterator = Symfony\Component\Finder\Finder::create()
+	->files()
+	->name('*.php')
+	->in(__DIR__ . '/../phpBB/')
+	->notPath('#^cache/#')
+	->notPath('#^develop/#')
+	->notPath('#^ext/#')
+	->notPath('#^vendor/#')
+	->notPath('data')
+;
+
+$config = array(
+	'theme'                => 'enhanced',
+	'title'                => 'phpBB API Documentation',
+	'build_dir'            => __DIR__.'/api/output/%version%',
+	'cache_dir'            => __DIR__.'/api/cache/%version%',
+	'default_opened_level' => 2,
+	// Do not use JsonStore. See https://github.com/fabpot/Sami/issues/79
+	'store'                => new PhpbbArrayStore,
+);
+
+return new Sami\Sami($iterator, $config);

git-tools/commit-msg-hook-range.sh

@@ -0,0 +1,51 @@
+#!/bin/bash
+#
+# @copyright (c) 2014 phpBB Group
+# @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+#
+# Calls the git commit-msg hook on all non-merge commits in a given commit range.
+#
+
+if [ "$#" -ne 1 ];
+then
+	echo "Expected one argument (commit range, e.g. phpbb/develop..ticket/12345)."
+	exit
+fi
+
+DIR=$(dirname "$0")
+COMMIT_RANGE="$1"
+COMMIT_MSG_HOOK_PATH="$DIR/hooks/commit-msg"
+COMMIT_MSG_HOOK_FATAL=$(git config --bool phpbb.hooks.commit-msg.fatal 2> /dev/null)
+git config phpbb.hooks.commit-msg.fatal true
+
+EXIT_STATUS=0
+for COMMIT_HASH in $(git rev-list --no-merges "$COMMIT_RANGE")
+do
+	echo "Inspecting commit message of commit $COMMIT_HASH"
+
+	# The git commit-msg hook takes a path to a file containing a commit
+	# message. So we have to extract the commit message into a file first,
+	# which then also needs to be deleted after our work is done.
+	COMMIT_MESSAGE_PATH="$DIR/commit_msg.$COMMIT_HASH"
+	git log -n 1 --pretty=format:%B "$COMMIT_HASH" > "$COMMIT_MESSAGE_PATH"
+
+	# Invoke hook on commit message file.
+	"$COMMIT_MSG_HOOK_PATH" "$COMMIT_MESSAGE_PATH"
+
+	# If any commit message hook complains with a non-zero exit status, we
+	# will send a non-zero exit status upstream.
+	if [ $? -ne 0 ]
+	then
+		EXIT_STATUS=1
+	fi
+
+	rm "$COMMIT_MESSAGE_PATH"
+done
+
+# Restore phpbb.hooks.commit-msg.fatal config
+if [ -n "$COMMIT_MSG_HOOK_FATAL" ]
+then
+	git config phpbb.hooks.commit-msg.fatal "$COMMIT_MSG_HOOK_FATAL"
+fi
+
+exit $EXIT_STATUS

git-tools/hooks/commit-msg

@@ -191,12 +191,12 @@ do
 				err=$ERR_HEADER;
 				echo "$line" | grep -Eq "^\[(ticket/[0-9]+|feature/$branch_regex|task/$branch_regex)\] .+$"
 				result=$?
-				if ! echo "$line" | grep -Eq "^\[(ticket/[0-9]+|feature/$branch_regex|task/$branch_regex)\] [A-Z].+$"
+				if ! echo "$line" | grep -Eq "^\[(ticket/[0-9]+|feature/$branch_regex|task/$branch_regex)\] [a-zA-Z].+$"
 				then
 					# Don't be too strict.
 					# Commits may be temporary, intended to be squashed later.
 					# Just issue a warning here.
-					complain "$severity: heading should be a sentence beginning with a capital letter." 1>&2
+					complain "$severity: heading should be a sentence beginning with a letter." 1>&2
 					complain "You entered:" 1>&2
 					complain "$line" 1>&2
 				fi

git-tools/hooks/pre-commit

@@ -33,9 +33,7 @@ else
 	against=4b825dc642cb6eb9a060e54bf8d69288fbee4904
 fi
 
-error=0
 errors=""
-
 if ! which "$PHP_BIN" >/dev/null 2>&1
 then
 	echo "PHP Syntax check failed:"
@@ -73,63 +71,18 @@ do
 
 	# check the staged file content for syntax errors
 	# using php -l (lint)
-	# note: if display_errors=stderr in php.ini,
-	# parse errors are printed on stderr; otherwise
-	# they are printed on stdout.
-	# we filter everything other than parse errors
-	# with a grep below, therefore it should be safe
-	# to combine stdout and stderr in all circumstances
-	result=$(git cat-file -p $sha | "$PHP_BIN" -l 2>&1)
+	result=$(git cat-file -p $sha | "$PHP_BIN" -n -l -ddisplay_errors\=1 -derror_reporting\=E_ALL -dlog_errrors\=0 2>&1)
 	if [ $? -ne 0 ]
 	then
-		error=1
 		# Swap back in correct filenames
-		errors=$(echo "$errors"; echo "$result" |sed -e "s@in - on@in $filename on@g")
+		errors=$(echo "$errors"; echo "$result" | grep ':' | sed -e "s@in - on@in $filename on@g")
 	fi
 done
 unset IFS
 
-if [ $error -eq 1 ]
+if [ -n "$errors" ]
 then
-	echo "PHP Syntax check failed:"
-	# php "display errors" (display_errors php.ini value)
-	# and "log errors" (log_errors php.ini value).
-	# these are independent settings - see main/main.c in php source.
-	# the "log errors" setting produces output which
-	# starts with "PHP Parse error:"; the "display errors"
-	# setting produces output starting with "Parse error:".
-	# if both are turned on php dumps the parse error twice.
-	# therefore here we try to grep for one version and
-	# if that yields no results grep for the other version.
-	#
-	# other fun php facts:
-	#
-	# 1. in cli, display_errors and log_errors have different
-	#    destinations by default. display_errors prints to
-	#    standard output and log_errors prints to standard error.
-	#    whether these destinations make sense is left
-	#    as an exercise for the reader.
-	# 2. as mentioned above, with all output turned on
-	#    php will print parse errors twice, one time on stdout
-	#    and one time on stderr.
-	# 3. it is possible to set both display_errors and log_errors
-	#    to off. if this is done php will print the text
-	#    "Errors parsing <file>" but will not say what
-	#    the errors are. useful behavior, this.
-	# 4. on my system display_errors defaults to on and
-	#    log_errors defaults to off, therefore providing
-	#    by default one copy of messages. your mileage may vary.
-	# 5. by setting display_errors=stderr and log_errors=on,
-	#    both sets of messages will be printed on stderr.
-	# 6. php-cgi binary, given display_errors=stderr and
-	#    log_errors=on, still prints both sets of messages
-	#    on stderr, but formats one set as an html fragment.
-	# 7. your entry here? ;)
-	$echo_e "$errors" | grep "^Parse error:"
-	if [ $? -ne 0 ]
-	then
-		# match failed
-		$echo_e "$errors" | grep "^PHP Parse error:"
-	fi
+	echo "PHP Syntax check failed: "
+	$echo_e "$errors"
 	exit 1
 fi

git-tools/merge.php

@@ -78,12 +78,12 @@ function work($pull_id, $remote)
 			add_remote($pull_user, 'phpbb3');
 			run("git fetch $pull_user");
 			run("git merge --no-ff $pull_user/$pull_branch");
-			run("phpunit");
+			run("phpBB/vendor/bin/phpunit");
 
 			run("git checkout develop");
 			run("git pull $remote develop");
 			run("git merge --no-ff develop-olympus");
-			run("phpunit");
+			run("phpBB/vendor/bin/phpunit");
 		break;
 
 		case 'develop':
@@ -93,7 +93,7 @@ function work($pull_id, $remote)
 			add_remote($pull_user, 'phpbb3');
 			run("git fetch $pull_user");
 			run("git merge --no-ff $pull_user/$pull_branch");
-			run("phpunit");
+			run("phpBB/vendor/bin/phpunit");
 		break;
 
 		default:
@@ -124,19 +124,34 @@ function get_repository_url($username, $repository, $ssh = false)
 
 function api_request($query)
 {
-	$contents = file_get_contents("http://github.com/api/v2/json/$query");
+	return api_url_request("https://api.github.com/$query?per_page=100");
+}
+
+function api_url_request($url)
+{
+	$contents = file_get_contents($url, false, stream_context_create(array(
+		'http' => array(
+			'header' => "User-Agent: phpBB/1.0\r\n",
+		),
+	)));
 
 	if ($contents === false)
 	{
 		throw new RuntimeException("Error: failed to retrieve pull request data\n", 4);
 	}
+	$contents = json_decode($contents);
 
-	return json_decode($contents);
+	if (isset($contents->message) && strpos($contents->message, 'API Rate Limit') === 0)
+	{
+		throw new RuntimeException('Reached github API Rate Limit. Please try again later' . "\n", 4);
+	}
+
+	return $contents;
 }
 
 function get_pull($username, $repository, $pull_id)
 {
-	$request = api_request("pulls/$username/$repository/$pull_id");
+	$request = api_request("repos/$username/$repository/pulls/$pull_id");
 
 	$pull = $request->pull;
 

git-tools/setup_github_network.php

@@ -15,14 +15,14 @@ function show_usage()
 	echo "$filename adds repositories of a github network as remotes to a local git repository.\n";
 	echo "\n";
 
-	echo "Usage: [php] $filename -s collaborators|organisation|contributors|network [OPTIONS]\n";
+	echo "Usage: [php] $filename -s collaborators|organisation|contributors|forks [OPTIONS]\n";
 	echo "\n";
 
 	echo "Scopes:\n";
 	echo "  collaborators                 Repositories of people who have push access to the specified repository\n";
 	echo "  contributors                  Repositories of people who have contributed to the specified repository\n";
 	echo "  organisation                  Repositories of members of the organisation at github\n";
-	echo "  network                       All repositories of the whole github network\n";
+	echo "  forks                         All repositories of the whole github network\n";
 	echo "\n";
 
 	echo "Options:\n";
@@ -55,31 +55,31 @@ exit(work($scope, $username, $repository, $developer));
 function work($scope, $username, $repository, $developer)
 {
 	// Get some basic data
-	$network		= get_network($username, $repository);
+	$forks		= get_forks($username, $repository);
 	$collaborators	= get_collaborators($username, $repository);
 
-	if ($network === false || $collaborators === false)
+	if ($forks === false || $collaborators === false)
 	{
-		echo "Error: failed to retrieve network or collaborators\n";
+		echo "Error: failed to retrieve forks or collaborators\n";
 		return 1;
 	}
 
 	switch ($scope)
 	{
 		case 'collaborators':
-			$remotes = array_intersect_key($network, $collaborators);
+			$remotes = array_intersect_key($forks, $collaborators);
 		break;
 
 		case 'organisation':
-			$remotes = array_intersect_key($network, get_organisation_members($username));
+			$remotes = array_intersect_key($forks, get_organisation_members($username));
 		break;
 
 		case 'contributors':
-			$remotes = array_intersect_key($network, get_contributors($username, $repository));
+			$remotes = array_intersect_key($forks, get_contributors($username, $repository));
 		break;
 
-		case 'network':
-			$remotes = $network;
+		case 'forks':
+			$remotes = $forks;
 		break;
 
 		default:
@@ -145,26 +145,66 @@ function get_repository_url($username, $repository, $ssh = false)
 
 function api_request($query)
 {
-	$contents = file_get_contents("http://github.com/api/v2/json/$query");
+	return api_url_request("https://api.github.com/$query?per_page=100");
+}
+
+function api_url_request($url)
+{
+	$contents = file_get_contents($url, false, stream_context_create(array(
+		'http' => array(
+			'header' => "User-Agent: phpBB/1.0\r\n",
+		),
+	)));
+
+	$sub_request_result = array();
+	// Check headers for pagination links
+	if (!empty($http_response_header))
+	{
+		foreach ($http_response_header as $header_element)
+		{
+			// Find Link Header which gives us a link to the next page
+			if (strpos($header_element, 'Link: ') === 0)
+			{
+				list($head, $header_content) = explode(': ', $header_element);
+				foreach (explode(', ', $header_content) as $links)
+				{
+					list($url, $rel) = explode('; ', $links);
+					if ($rel == 'rel="next"')
+					{
+						// Found a next link, follow it and merge the results
+						$sub_request_result = api_url_request(substr($url, 1, -1));
+					}
+				}
+			}
+		}
+	}
+
 	if ($contents === false)
 	{
 		return false;
 	}
-	return json_decode($contents);
+	$contents = json_decode($contents);
+
+	if (isset($contents->message) && strpos($contents->message, 'API Rate Limit') === 0)
+	{
+		throw new RuntimeException('Reached github API Rate Limit. Please try again later' . "\n", 4);
+	}
+
+	return ($sub_request_result) ? array_merge($sub_request_result, $contents) : $contents;
 }
 
 function get_contributors($username, $repository)
 {
-	$request = api_request("repos/show/$username/$repository/contributors");
+	$request = api_request("repos/$username/$repository/stats/contributors");
 	if ($request === false)
 	{
 		return false;
 	}
 
 	$usernames = array();
-	foreach ($request->contributors as $contributor)
+	foreach ($request as $contribution)
 	{
-		$usernames[$contributor->login] = $contributor->login;
+		$usernames[$contribution->author->login] = $contribution->author->login;
 	}
 
 	return $usernames;
@@ -172,14 +212,14 @@ function get_contributors($username, $repository)
 
 function get_organisation_members($username)
 {
-	$request = api_request("organizations/$username/public_members");
+	$request = api_request("orgs/$username/public_members");
 	if ($request === false)
 	{
 		return false;
 	}
 
 	$usernames = array();
-	foreach ($request->users as $member)
+	foreach ($request as $member)
 	{
 		$usernames[$member->login] = $member->login;
 	}
@@ -189,35 +229,35 @@ function get_organisation_members($username)
 
 function get_collaborators($username, $repository)
 {
-	$request = api_request("repos/show/$username/$repository/collaborators");
+	$request = api_request("repos/$username/$repository/collaborators");
 	if ($request === false)
 	{
 		return false;
 	}
 
 	$usernames = array();
-	foreach ($request->collaborators as $collaborator)
+	foreach ($request as $collaborator)
 	{
-		$usernames[$collaborator] = $collaborator;
+		$usernames[$collaborator->login] = $collaborator->login;
 	}
 
 	return $usernames;
 }
 
-function get_network($username, $repository)
+function get_forks($username, $repository)
 {
-	$request = api_request("repos/show/$username/$repository/network");
+	$request = api_request("repos/$username/$repository/forks");
 	if ($request === false)
 	{
 		return false;
 	}
 
 	$usernames = array();
-	foreach ($request->network as $network)
+	foreach ($request as $fork)
 	{
-		$usernames[$network->owner] = array(
-			'username'		=> $network->owner,
-			'repository'	=> $network->name,
+		$usernames[$fork->owner->login] = array(
+			'username'		=> $fork->owner->login,
+			'repository'	=> $fork->name,
 		);
 	}
 

phpBB/.htaccess

@@ -8,12 +8,50 @@
 #RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L]
 #</IfModule>
 
-<Files "config.php">
-Order Allow,Deny
-Deny from All
-</Files>
-
-<Files "common.php">
-Order Allow,Deny
-Deny from All
-</Files>
+# With Apache 2.4 the "Order, Deny" syntax has been deprecated and moved from
+# module mod_authz_host to a new module called mod_access_compat (which may be
+# disabled) and a new "Require" syntax has been introduced to mod_authz_host.
+# We could just conditionally provide both versions, but unfortunately Apache
+# does not explicitly tell us its version if the module mod_version is not
+# available. In this case, we check for the availability of module
+# mod_authz_core (which should be on 2.4 or higher only) as a best guess.
+<IfModule mod_version.c>
+	<IfVersion < 2.4>
+		<Files "config.php">
+			Order Allow,Deny
+			Deny from All
+		</Files>
+		<Files "common.php">
+			Order Allow,Deny
+			Deny from All
+		</Files>
+	</IfVersion>
+	<IfVersion >= 2.4>
+		<Files "config.php">
+			Require all denied
+		</Files>
+		<Files "common.php">
+			Require all denied
+		</Files>
+	</IfVersion>
+</IfModule>
+<IfModule !mod_version.c>
+	<IfModule !mod_authz_core.c>
+		<Files "config.php">
+			Order Allow,Deny
+			Deny from All
+		</Files>
+		<Files "common.php">
+			Order Allow,Deny
+			Deny from All
+		</Files>
+	</IfModule>
+	<IfModule mod_authz_core.c>
+		<Files "config.php">
+			Require all denied
+		</Files>
+		<Files "common.php">
+			Require all denied
+		</Files>
+	</IfModule>
+</IfModule>

phpBB/adm/index.php

@@ -199,7 +199,7 @@ function adm_page_footer($copyright_html = true)
 		'DEBUG_OUTPUT'		=> (defined('DEBUG')) ? $debug_output : '',
 		'TRANSLATION_INFO'	=> (!empty($user->lang['TRANSLATION_INFO'])) ? $user->lang['TRANSLATION_INFO'] : '',
 		'S_COPYRIGHT_HTML'	=> $copyright_html,
-		'CREDIT_LINE'		=> $user->lang('POWERED_BY', '<a href="http://www.phpbb.com/">phpBB</a>&reg; Forum Software &copy; phpBB Group'),
+		'CREDIT_LINE'		=> $user->lang('POWERED_BY', '<a href="https://www.phpbb.com/">phpBB</a>&reg; Forum Software &copy; phpBB Group'),
 		'VERSION'			=> $config['version'])
 	);
 
@@ -449,6 +449,13 @@ function validate_config_vars($config_vars, &$cfg_array, &$error)
 				}
 			break;
 
+			case 'email':
+				if (!preg_match('/^' . get_preg_expression('email') . '$/i', $cfg_array[$config_name]))
+				{
+					$error[] = $user->lang['EMAIL_INVALID_EMAIL'];
+				}
+			break;
+
 			// Absolute path
 			case 'script_path':
 				if (!$cfg_array[$config_name])

phpBB/adm/style/acp_inactive.html

@@ -53,7 +53,7 @@
 </table>
 
 <fieldset class="display-options">
-	{L_DISPLAY_LOG}: &nbsp;{S_LIMIT_DAYS}&nbsp;{L_SORT_BY}: {S_SORT_KEY} {S_SORT_DIR}<!-- IF PAGINATION -->&nbsp;Users per page: <input class="inputbox autowidth" type="text" name="users_per_page" id="users_per_page" size="3" value="{USERS_PER_PAGE}" /><!-- ENDIF -->
+	{L_DISPLAY_LOG}: &nbsp;{S_LIMIT_DAYS}&nbsp;{L_SORT_BY}: {S_SORT_KEY} {S_SORT_DIR}<!-- IF PAGINATION -->&nbsp;{L_USERS_PER_PAGE}: <input class="inputbox autowidth" type="text" name="users_per_page" id="users_per_page" size="3" value="{USERS_PER_PAGE}" /><!-- ENDIF -->
 	<input class="button2" type="submit" value="{L_GO}" name="sort" />
 </fieldset>
 

phpBB/adm/style/acp_users_overview.html

@@ -30,7 +30,7 @@
 </dl>
 <dl>
 	<dt><label>{L_POSTS}:</label></dt>
-	<dd><strong>{USER_POSTS}</strong><!-- IF POSTS_IN_QUEUE and U_MCP_QUEUE --> (<a href="{U_MCP_QUEUE}">{L_POSTS_IN_QUEUE}</a>)<!-- ELSEIF POSTS_IN_QUEUE --> ({L_POSTS_IN_QUEUE})<!-- ENDIF --></dd>
+	<dd><strong><!-- IF USER_HAS_POSTS and U_SEARCH_USER --><a href="{U_SEARCH_USER}">{USER_POSTS}</a><!-- ELSE -->{USER_POSTS}<!-- ENDIF --></strong><!-- IF POSTS_IN_QUEUE and U_MCP_QUEUE --> (<a href="{U_MCP_QUEUE}">{L_POSTS_IN_QUEUE}</a>)<!-- ELSEIF POSTS_IN_QUEUE --> ({L_POSTS_IN_QUEUE})<!-- ENDIF --></dd>
 </dl>
 <dl>
 	<dt><label>{L_WARNINGS}:</label></dt>
@@ -142,10 +142,11 @@
 					<dt><label for="delete_type">{L_DELETE_USER}:</label><br /><span>{L_DELETE_USER_EXPLAIN}</span></dt>
 					<dd>
 					<!-- IF USER_HAS_POSTS -->
-						<select id="delete_type" name="delete_type"><option class="sep" value="">{L_SELECT_OPTION}</option><option value="retain">{L_RETAIN_POSTS}</option><option value="remove">{L_DELETE_POSTS}</option></select></dd>
+						<select id="delete_type" name="delete_type"><option class="sep" value="">{L_SELECT_OPTION}</option><option value="retain">{L_RETAIN_POSTS}</option><option value="remove">{L_DELETE_POSTS}</option></select>
 					<!-- ELSE -->
 						{L_USER_NO_POSTS_TO_DELETE}<input type="hidden" id="delete_type" name="delete_type" value="retain" />
 					<!-- ENDIF -->
+					</dd>
 				</dl>
 				<p class="quick">
 					<input class="button1" type="submit" name="update" value="{L_SUBMIT}" />

phpBB/adm/style/admin.css

@@ -731,6 +731,10 @@ optgroup, select {
 	color: #000;
 }
 
+select:focus {
+	outline-style: none;
+}
+
 optgroup {
 	font-size: 1.00em;
 	font-weight: bold;
@@ -976,6 +980,7 @@ input:focus, textarea:focus {
 	border: 1px solid #BC2A4D;
 	background-color: #E9E9E2;
 	color: #BC2A4D;
+	outline-style: none;
 }
 
 /* Submit button fieldset or paragraph
@@ -1070,6 +1075,11 @@ input.disabled {
 	color: #666666;
 }
 
+/* Focus states */
+input.button1:focus, input.button2:focus, input.button3:focus {
+	outline-style: none;
+}
+
 /* Pagination
 ---------------------------------------- */
 .pagination {

phpBB/adm/style/editor.js

@@ -292,7 +292,7 @@ function mozWrap(txtarea, open, close)
 */
 function storeCaret(textEl)
 {
-	if (textEl.createTextRange)
+	if (textEl.createTextRange && document.selection)
 	{
 		textEl.caretPos = document.selection.createRange().duplicate();
 	}

phpBB/adm/style/install_footer.html

@@ -8,7 +8,7 @@
 	</div>
 
 	<div id="page-footer">
-		Powered by <a href="http://www.phpbb.com/">phpBB</a>&reg; Forum Software &copy; phpBB Group
+		Powered by <a href="https://www.phpbb.com/">phpBB</a>&reg; Forum Software &copy; phpBB Group
 	</div>
 </div>
 

phpBB/common.php

@@ -26,6 +26,8 @@ if (file_exists($phpbb_root_path . 'config.' . $phpEx))
 if (!defined('PHPBB_INSTALLED'))
 {
 	// Redirect the user to the installer
+	require($phpbb_root_path . 'includes/functions.' . $phpEx);
+
 	// We have to generate a full HTTP/1.1 header here since we can't guarantee to have any of the information
 	// available as used by the redirect function
 	$server_name = (!empty($_SERVER['HTTP_HOST'])) ? strtolower($_SERVER['HTTP_HOST']) : ((!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME'));
@@ -38,10 +40,13 @@ if (!defined('PHPBB_INSTALLED'))
 		$script_name = (!empty($_SERVER['REQUEST_URI'])) ? $_SERVER['REQUEST_URI'] : getenv('REQUEST_URI');
 	}
 
+	// $phpbb_root_path accounts for redirects from e.g. /adm
+	$script_path = trim(dirname($script_name)) . '/' . $phpbb_root_path . 'install/index.' . $phpEx;
 	// Replace any number of consecutive backslashes and/or slashes with a single slash
 	// (could happen on some proxy setups and/or Windows servers)
-	$script_path = trim(dirname($script_name)) . '/install/index.' . $phpEx;
 	$script_path = preg_replace('#[\\\\/]{2,}#', '/', $script_path);
+	// Eliminate . and .. from the path
+	$script_path = phpbb_clean_path($script_path);
 
 	$url = (($secure) ? 'https://' : 'http://') . $server_name;
 

phpBB/composer.json

@@ -0,0 +1,9 @@
+{
+	"require-dev": {
+		"fabpot/goutte": "1.0.*",
+		"phpunit/dbunit": "1.3.*",
+		"phpunit/phpunit": "4.1.*",
+		"phing/phing": "2.4.*",
+		"sami/sami": "1.*"
+	}
+}

phpBB/develop/create_schema_files.php

@@ -237,7 +237,20 @@ $supported_dbms = array('firebird', 'mssql', 'mysql_40', 'mysql_41', 'oracle', '
 
 foreach ($supported_dbms as $dbms)
 {
-	$fp = fopen($schema_path . $dbms . '_schema.sql', 'wt');
+	$schema_data = get_schema_struct();
+	if ($dbms == 'mssql')
+	{
+		foreach ($schema_data as $table_name => $table_data)
+		{
+			if (!isset($table_data['PRIMARY_KEY']))
+			{
+				$schema_data[$table_name]['COLUMNS']['mssqlindex'] = array('UINT', NULL, 'auto_increment');
+				$schema_data[$table_name]['PRIMARY_KEY'] = 'mssqlindex';
+			}
+		}
+	}
+
+	$fp = fopen($schema_path . $dbms . '_schema.sql', 'wb');
 
 	$line = '';
 
@@ -552,7 +565,7 @@ foreach ($supported_dbms as $dbms)
 
 			case 'mssql':
 				$line = substr($line, 0, -2);
-				$line .= "\n) ON [PRIMARY]" . (($textimage) ? ' TEXTIMAGE_ON [PRIMARY]' : '') . "\n";
+				$line .= "\n)";// ON [PRIMARY]" . (($textimage) ? ' TEXTIMAGE_ON [PRIMARY]' : '') . "\n";
 				$line .= "GO\n\n";
 			break;
 		}
@@ -589,7 +602,7 @@ foreach ($supported_dbms as $dbms)
 					$line .= "\tCONSTRAINT [PK_{$table_name}] PRIMARY KEY  CLUSTERED \n";
 					$line .= "\t(\n";
 					$line .= "\t\t[" . implode("],\n\t\t[", $table_data['PRIMARY_KEY']) . "]\n";
-					$line .= "\t)  ON [PRIMARY] \n";
+					$line .= "\t)\n";
 					$line .= "GO\n\n";
 				break;
 
@@ -684,7 +697,7 @@ foreach ($supported_dbms as $dbms)
 					case 'mssql':
 						$line .= ($key_data[0] == 'INDEX') ? 'CREATE  INDEX' : '';
 						$line .= ($key_data[0] == 'UNIQUE') ? 'CREATE  UNIQUE  INDEX' : '';
-						$line .= " [{$key_name}] ON [{$table_name}]([" . implode('], [', $key_data[1]) . "]) ON [PRIMARY]\n";
+						$line .= " [{$key_name}] ON [{$table_name}]([" . implode('], [', $key_data[1]) . "])\n";
 						$line .= "GO\n\n";
 					break;
 

phpBB/develop/generate_utf_casefold.php

@@ -111,7 +111,7 @@ function my_var_export($var)
 * Download a file to the develop/ dir
 *
 * @param	string	$url		URL of the file to download
-* @return	void
+* @return	null
 */
 function download($url)
 {

phpBB/develop/generate_utf_confusables.php

@@ -199,7 +199,7 @@ function my_var_export($var)
 * Download a file to the develop/ dir
 *
 * @param	string	$url		URL of the file to download
-* @return	void
+* @return	null
 */
 function download($url)
 {

phpBB/develop/generate_utf_tables.php

@@ -481,7 +481,7 @@ function my_var_export($var)
 * Download a file to the develop/ dir
 *
 * @param	string	$url		URL of the file to download
-* @return	void
+* @return	null
 */
 function download($url)
 {

phpBB/develop/mysql_upgrader.php

@@ -149,7 +149,8 @@ foreach ($schema_data as $table_name => $table_data)
 			list($orig_column_type, $column_length) = explode(':', $column_data[0]);
 			$column_type = sprintf($dbms_type_map['mysql_41'][$orig_column_type . ':'], $column_length);
 
-			if (isset($dbms_type_map['mysql_40'][$orig_column_type . ':']['limit'][0]))
+			if (isset($dbms_type_map['mysql_40'][$orig_column_type . ':']['limit']) &&
+				isset($dbms_type_map['mysql_40'][$orig_column_type . ':']['limit'][0]))
 			{
 				switch ($dbms_type_map['mysql_40'][$orig_column_type . ':']['limit'][0])
 				{
@@ -694,6 +695,24 @@ function get_schema_struct()
 		),
 	);
 
+	$schema_data['phpbb_login_attempts'] = array(
+		'COLUMNS'		=> array(
+			'attempt_ip'			=> array('VCHAR:40', ''),
+			'attempt_browser'		=> array('VCHAR:150', ''),
+			'attempt_forwarded_for'	=> array('VCHAR:255', ''),
+			'attempt_time'			=> array('TIMESTAMP', 0),
+			'user_id'				=> array('UINT', 0),
+			'username'				=> array('VCHAR_UNI:255', 0),
+			'username_clean'		=> array('VCHAR_CI', 0),
+		),
+		'KEYS'			=> array(
+			'att_ip'				=> array('INDEX', array('attempt_ip', 'attempt_time')),
+			'att_for'		=> array('INDEX', array('attempt_forwarded_for', 'attempt_time')),
+			'att_time'				=> array('INDEX', array('attempt_time')),
+			'user_id'					=> array('INDEX', 'user_id'),
+		),
+	);
+
 	$schema_data['phpbb_moderator_cache'] = array(
 		'COLUMNS'		=> array(
 			'forum_id'				=> array('UINT', 0),
@@ -897,6 +916,7 @@ function get_schema_struct()
 			'field_default_value'	=> array('VCHAR_UNI', ''),
 			'field_validation'		=> array('VCHAR_UNI:20', ''),
 			'field_required'		=> array('BOOL', 0),
+			'field_show_novalue'	=> array('BOOL', 0),
 			'field_show_on_reg'		=> array('BOOL', 0),
 			'field_show_on_vt'		=> array('BOOL', 0),
 			'field_show_profile'	=> array('BOOL', 0),
@@ -1396,5 +1416,3 @@ function get_schema_struct()
 
 	return $schema_data;
 }
-
-?>

phpBB/develop/strip_icc_profiles.sh

@@ -0,0 +1,26 @@
+#!/bin/sh
+#
+# @copyright (c) 2014 phpBB Group
+# @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+#
+
+if [ "$#" -ne 1 ]
+then
+	SCRIPT=$(basename "$0")
+	echo "Description: Finds and strips ICC Profiles from given image file." >&2
+	echo "Usage: $SCRIPT /path/to/image/file" >&2
+	echo "Exit Status: 0 if no ICC profiles have been stripped, otherwise 1." >&2
+	echo "Requires: exiftool" >&2
+	exit 1
+fi
+
+FILE=$1
+HASH_OLD=$(md5sum "$FILE")
+exiftool -icc_profile"-<=" -overwrite_original_in_place "$FILE" > /dev/null 2>&1
+HASH_NEW=$(md5sum "$FILE")
+
+if [ "$HASH_OLD" != "$HASH_NEW" ]
+then
+	echo "Stripped ICC Profile from $FILE."
+	exit 1
+fi

phpBB/develop/utf_normalizer_test.php

@@ -222,7 +222,7 @@ die("\n\nALL TESTS PASSED SUCCESSFULLY\n");
 * Download a file to the develop/ dir
 *
 * @param	string	$url		URL of the file to download
-* @return	void
+* @return	null
 */
 function download($url)
 {

phpBB/docs/AUTHORS

@@ -22,15 +22,12 @@ involved in phpBB.
 
 phpBB Lead Developer:  naderman (Nils Adermann)
 
-phpBB Developers:      Acyd Burn (Meik Sievertsen) [Lead 09/2005 - 01/2010]
-                       Arty (Vjacheslav Trushkin)
-                       bantu (Andreas Fischer)
-                       imkingdavid (David King)
-                       igorw (Igor Wiedler)
+phpBB Developers:      bantu (Andreas Fischer)
+                       dhruv.goel92 (Dhruv Goel)
+                       marc1706 (Marc Alexander)
                        nickvergessen (Joas Schilling)
-                       Oleg (Oleg Pudeyev)
-                       rxu (Ruslan Uzdenov)
-                       ToonArmy (Chris Smith)
+                       nicofuma (Tristan Darricau)
+                       prototech (Cesar Gallegos)
 
 Contributions by:      leviatan21 (Gabriel Vazquez)
                        Raimon (Raimon Meuldijk)
@@ -39,21 +36,30 @@ Contributions by:      leviatan21 (Gabriel Vazquez)
 
 -- Former Contributors --
 
-phpBB Project Manager: theFinn (James Atkinson) [Founder - 04/2007]
+phpBB Project Manager: theFinn (James Atkinson)      [Founder - 04/2007]
                        SHS` (Jonathan Stanley)
 
-phpBB Lead Developer:  psoTFX (Paul S. Owen) [2001 - 09/2005]
+phpBB Lead Developer:  Acyd Burn (Meik Sievertsen)   [09/2005 - 01/2010]
+                       psoTFX (Paul S. Owen)         [2001 - 09/2005]
 
 phpBB Developers:      A_Jelly_Doughnut (Josh Woody) [01/2010 - 11/2010]
+                       Acyd Burn (Meik Sievertsen)   [02/2003 - 09/2005]
                        APTX (Marek A. Ruszczyński)   [12/2007 - 04/2011]
+                       Arty (Vjacheslav Trushkin)    [02/2012 - 07/2012]
                        Ashe (Ludovic Arnaud)         [10/2002 - 11/2003, 06/2006 - 10/2006]
                        BartVB (Bart van Bragt)       [11/2000 - 03/2006]
                        ckwalsh (Cullen Walsh)        [01/2010 - 07/2011]
                        DavidMJ (David M.)            [12/2005 - 08/2009]
                        dhn (Dominik Dröscher)        [05/2007 - 01/2011]
+                       EXreaction (Nathan Guse)      [07/2012 - 05/2014]
                        GrahamJE (Graham Eames)       [09/2005 - 11/2006]
+                       igorw (Igor Wiedler)          [08/2010 - 02/2013]
+                       imkingdavid (David King)      [11/2012 - 06/2014]
                        kellanved (Henry Sudhof)      [04/2007 - 03/2011]
+                       Oleg (Oleg Pudeyev)           [01/2011 - 05/2013]
+                       rxu (Ruslan Uzdenov)          [04/2010 - 12/2012]
                        TerraFrost (Jim Wigginton)    [04/2009 - 01/2011]
+                       ToonArmy (Chris Smith)        [06/2008 - 11/2011]
                        Vic D'Elfant (Vic D'Elfant)   [04/2007 - 04/2009]
 
 -- Copyrights --

phpBB/docs/CHANGELOG.html

@@ -53,6 +53,8 @@
 <ol>
 	<li><a href="#changelog">Changelog</a>
 	<ol style="list-style-type: lower-roman;">
+		<li><a href="#v3012">Changes since 3.0.12</a></li>
+		<li><a href="#v3011">Changes since 3.0.11</a></li>
 		<li><a href="#v3010">Changes since 3.0.10</a></li>
 		<li><a href="#v309">Changes since 3.0.9</a></li>
 		<li><a href="#v308">Changes since 3.0.8</a></li>
@@ -92,7 +94,298 @@
 
 		<div class="content">
 
-	<a name="v3010"></a><h3>1.i. Changes since 3.0.10</h3>
+	<a name="v3012"></a><h3>1.i. Changes since 3.0.12</h3>
+
+<h4>Security</h4>
+<ul>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13531">PHPBB3-13531</a>] - Disallow trailing paths (e.g. using the PATH_INFO feature) to prevent path-relative CSS injection</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13526">PHPBB3-13526</a>] - Correctly validate ucp_pm_options form key</li>
+</ul>
+<h4>Bug</h4>
+<ul>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-6703">PHPBB3-6703</a>] - Problem with russian letter while converting from 2.0.x</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-8960">PHPBB3-8960</a>] - Allow changing allow_avatar_remote when images/avatars/upload is not writable</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-9420">PHPBB3-9420</a>] - BBCode - Unable to use a proper URI token</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-9724">PHPBB3-9724</a>] - Wrong return &quot;Return to ACP&quot;</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-9725">PHPBB3-9725</a>] - MSSQL Schema is not azure compatible</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10023">PHPBB3-10023</a>] - Password change requirement notification in UCP is not noticable</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10423">PHPBB3-10423</a>] - Searching for the term &quot;test *&quot; will highlight nearly every word and displays htmlspecialchars as htmlentities.</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10442">PHPBB3-10442</a>] - XHTML is invalid when a forum link without redirect counter is present</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10687">PHPBB3-10687</a>] - UNABLE_GET_IMAGE_SIZE text misleading for remote avatars</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10729">PHPBB3-10729</a>] - Post editor information is not updated when user being deleted with posts</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10776">PHPBB3-10776</a>] - Grammar errors in docs/README.html</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10796">PHPBB3-10796</a>] - SQL Azure does not allow SELECT FROM sysfiles</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10851">PHPBB3-10851</a>] - HTML files containing certain tags being rejected as possible attack vectors with &quot;Check attachment file&quot; set to &quot;No&quot;</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10863">PHPBB3-10863</a>] - Permission mask does not accurately show some forum permissions if user has MOD parmissions</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10917">PHPBB3-10917</a>] - Updater notice &quot;Update files are out of date...&quot; when updating to unreleased version</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10985">PHPBB3-10985</a>] - Error bbcode.html not found when updating with custom style inheriting from prosilver</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11062">PHPBB3-11062</a>] - In Automatic Update, new language strings from install.php are only loaded from English</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11224">PHPBB3-11224</a>] - SQL cache destroy does not destroy queries to tables joined</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11288">PHPBB3-11288</a>] - &quot;Fulltext native&quot; search fooled by hyphens</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11480">PHPBB3-11480</a>] - Prevent Private Message system from returning &quot;Unknown folder&quot; when inbox folder is full</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11613">PHPBB3-11613</a>] - Cookies do not work for netbios domain</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11686">PHPBB3-11686</a>] - Not checking for phpBB Debug errors on functional tests</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11699">PHPBB3-11699</a>] - PHP Lint Test should exclude selected subdirectories of the build directory.</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11726">PHPBB3-11726</a>] - Don't run lint tests on Travis on postgres</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11762">PHPBB3-11762</a>] - generate_text_for_display() treats &quot;0&quot; as an empty string</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11789">PHPBB3-11789</a>] - Inline css with color value in subsilver2</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11794">PHPBB3-11794</a>] - Coding Guidelines document says to place a comma after every array element, but fails to do so itself</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11799">PHPBB3-11799</a>] - Anti Abuse Headers missing for sendpassword</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11811">PHPBB3-11811</a>] - Chrome 30 adds outline to focused elements</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11821">PHPBB3-11821</a>] - Wrong comma usage &quot;You are receiving this notification&quot;</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11823">PHPBB3-11823</a>] - Travis-CI webserver not matching PHP files with anything after the .php</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11829">PHPBB3-11829</a>] - Closed reports may seem open in detailed view</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11860">PHPBB3-11860</a>] - .htaccess not working for Apache 2.4</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11864">PHPBB3-11864</a>] - Do not call exit after display_progress_bar in acp_forums</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11879">PHPBB3-11879</a>] - Compatibility error in forum_fn.js: .live should be replaced with .on</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11968">PHPBB3-11968</a>] - Travis Image are broken due to repository rename</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12037">PHPBB3-12037</a>] - acp_inactive.html has hard-coded text</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12048">PHPBB3-12048</a>] - Custom BBCodes Fail to Render Language Strings with a Number</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12061">PHPBB3-12061</a>] - Keyboard shortcut alt+h doesn't work properly in firefox</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12072">PHPBB3-12072</a>] - Missing word &quot;send&quot; in comment in schema_data.sql</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12093">PHPBB3-12093</a>] - IE 11 javascript selection is no longer supported</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12118">PHPBB3-12118</a>] - Add noindex meta tag to subsilver2 pm/topic view-print template</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12119">PHPBB3-12119</a>] - Remove keywords and description meta tags from prosilver view-print templates</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12120">PHPBB3-12120</a>] - Update docs/AUTHORS for 3.0.13-RC1</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12140">PHPBB3-12140</a>] - Avoid endless loop in build script</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12161">PHPBB3-12161</a>] - build/save directories are no longer created</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12162">PHPBB3-12162</a>] - Binary files missing from update packages</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12176">PHPBB3-12176</a>] - No error shown when attempting to delete a founder</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12186">PHPBB3-12186</a>] - MCP should open &quot;Reported posts&quot; instead of PM Reports</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12188">PHPBB3-12188</a>] - Add php 5.6 to travis tests</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12202">PHPBB3-12202</a>] - Variables read from style.cfg etc. should be htmlspecialchared</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12205">PHPBB3-12205</a>] - Custom Profile Field display bug</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12210">PHPBB3-12210</a>] - dbtools::sql_create_table incorrectly throws error related to auto-increment length on non auto-increment fields</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12310">PHPBB3-12310</a>] - SMTP username and password should not autocomplete during install</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12316">PHPBB3-12316</a>] - develop-ascraeus build status missing from &quot;Automated Testing&quot; section in README.md</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12353">PHPBB3-12353</a>] - User attachments in ACP are not displaying every attachment</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12359">PHPBB3-12359</a>] - Day and Month of Birthday Misaligned When Editing</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12381">PHPBB3-12381</a>] - Broken error message when selecting invalid DB driver</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12397">PHPBB3-12397</a>] - db_tools::sql_unique_index_exists() has wrong doc block</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12429">PHPBB3-12429</a>] - Update phpunit to 3.8+</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12467">PHPBB3-12467</a>] - Add config_*.php  and tests_config_*.php to .gitignore</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12472">PHPBB3-12472</a>] - Set fast finish for .travis.yml</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12485">PHPBB3-12485</a>] - Broken tests due to absolute exclude</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12492">PHPBB3-12492</a>] - DB_TEST: Special chars are not supported.</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12540">PHPBB3-12540</a>] - WRONG_FILESIZE contains broken placeholders</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12660">PHPBB3-12660</a>] - Undefined offset error when phpinfo() disabled and debug enabled</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12695">PHPBB3-12695</a>] - Undefined index: MISSING_INLINE_ATTACHMENT notice given when viewing post details</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12720">PHPBB3-12720</a>] - Git commit hook should not require commit message to start with a capital letter</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12741">PHPBB3-12741</a>] - Functional tests on Travis fail since php update last night</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12755">PHPBB3-12755</a>] - Remote upload stuck in infinite loop if server sends keep-alive</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13086">PHPBB3-13086</a>] - Update ACP_MASS_EMAIL_EXPLAIN language key</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13096">PHPBB3-13096</a>] - ldap_escape() added to PHP 5.6.0</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13138">PHPBB3-13138</a>] - Banned users cause infinite recursion</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13168">PHPBB3-13168</a>] - Warning displayed in PHP 5.6 for mbstring.http_input</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13234">PHPBB3-13234</a>] - Remember me cookie gets unset by admin reauthentication</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13341">PHPBB3-13341</a>] - Tests fail when generating coverage report</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13376">PHPBB3-13376</a>] - deregister_globals() does not work correctly when $_COOKIE['GLOBALS'] - is specified</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13519">PHPBB3-13519</a>] - Correctly validate imagick path as path and not string</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13523">PHPBB3-13523</a>] - PHP 5.2 Unit Tests no longer work due to deprecated PHPUnit PEAR channel</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13527">PHPBB3-13527</a>] - Escape information received from version server</li>
+</ul>
+<h4>Improvement</h4>
+<ul>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10037">PHPBB3-10037</a>] - Add Smiley Buttons in Signature Editor</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10174">PHPBB3-10174</a>] - Rename &quot;Ban usernames&quot; to &quot;Ban users&quot; in ACP</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10549">PHPBB3-10549</a>] - Languages variables should be used, not hardcoded</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10555">PHPBB3-10555</a>] - Copyright notice in overall_header.html is not translatable</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10945">PHPBB3-10945</a>] - Show entered search query in the search box when no results are found.</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11254">PHPBB3-11254</a>] - Check CRLF line endings in the test suite</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11295">PHPBB3-11295</a>] - Drop tables for postgres in the test suite</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11297">PHPBB3-11297</a>] - Running tests doc should mention dbunit dependency</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11704">PHPBB3-11704</a>] - phing build script does not include vendor folder, even if there are dependencies</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11766">PHPBB3-11766</a>] - Remove Quote and Edit button when topic is lock</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11801">PHPBB3-11801</a>] - missing semi colons in css</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11814">PHPBB3-11814</a>] - Topic reply notification email text change</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12035">PHPBB3-12035</a>] - Add a link to user's posts in the ACP user overview page</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12106">PHPBB3-12106</a>] - Document exceptions to &quot;Disable Board&quot; in ACP.</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12146">PHPBB3-12146</a>] - Add color demo when editing a group from the UCP</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12247">PHPBB3-12247</a>] - include poster's username in email notifications of posts that get approved by moderators</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12259">PHPBB3-12259</a>] - Too many redundant tests are run on Travis</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12468">PHPBB3-12468</a>] - Allow mbstring.http_input='' besides 'pass' for PHP 5.6 compatibility</li>
+</ul>
+<h4>Task</h4>
+<ul>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10839">PHPBB3-10839</a>] - Remove phpunit.xml.functional and always include functional tests</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11509">PHPBB3-11509</a>] - Travis should check commit message format</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11876">PHPBB3-11876</a>] - Upgrade package checksums from MD5 to SHA256</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11877">PHPBB3-11877</a>] - Create package download links and checksums for announcement via script</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11920">PHPBB3-11920</a>] - Add MariaDB tests to Travis-CI</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11951">PHPBB3-11951</a>] - Add MariaDB to supported RDBMS list</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11970">PHPBB3-11970</a>] - Use 'set -x' in Travis CI setup scripts</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12046">PHPBB3-12046</a>] - Use PHP_BINARY environment variable in lint unit test</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12056">PHPBB3-12056</a>] - Make sure each unit test runs on its own</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12147">PHPBB3-12147</a>] - Remove Travis CI notification configuration</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12302">PHPBB3-12302</a>] - Upgrade composer.phar to 1.0.0-alpha8</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12318">PHPBB3-12318</a>] - Correctly setup HHVM functional tests on Travis CI</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12319">PHPBB3-12319</a>] - Backport Travis CI HHVM environment enabling to develop-olympus.</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12320">PHPBB3-12320</a>] - No longer allow Travis CI HHVM environment to fail</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12341">PHPBB3-12341</a>] - Add tests for get_username_string()</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12384">PHPBB3-12384</a>] - Run Travis CI HHVM tests against MySQLi instead of MySQL</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12417">PHPBB3-12417</a>] - hhvm-nightly 2014.04.16~precise breaks tests</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12495">PHPBB3-12495</a>] - Add Sami to composer dependencies and build script</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12582">PHPBB3-12582</a>] - Strip away copyrighted ICC profile from images</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-12917">PHPBB3-12917</a>] - Move commit check and file executable checks to 5.3.3 build on travis</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-13324">PHPBB3-13324</a>] - Composer no longer downloads sami/sami and fabpot/goutte</li>
+</ul>
+
+	<a name="v3011"></a><h3>1.ii. Changes since 3.0.11</h3>
+
+<h4>Bug</h4>
+<ul>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-6723">PHPBB3-6723</a>] - Empty message in deleted messages in PM history</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-7262">PHPBB3-7262</a>] - Clarify docs about is_dynamic not being updated by set_config()</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-8319">PHPBB3-8319</a>] - LOCAL_URL not enforced in bbcodes</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-9551">PHPBB3-9551</a>] - Mysql fulltext index creation fails due to partial collation change</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-9975">PHPBB3-9975</a>] - Hard coded language in sessions.php</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10184">PHPBB3-10184</a>] - Bots can be sent private messages</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10491">PHPBB3-10491</a>] - Fatal error in functional tests when server returns 404</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10568">PHPBB3-10568</a>] - Modify the trigger language when you edit a PM</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10602">PHPBB3-10602</a>] - A bug in mail queue processing</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10661">PHPBB3-10661</a>] - UCP &gt; PM &gt; Compose &gt; enumerated recipients &gt; BCC group misses a &amp;nbsp; (prosilver)</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10678">PHPBB3-10678</a>] - Provide Firebird, Oracle, and increased MSSQL support in unit tests</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10772">PHPBB3-10772</a>] - trigger_error is using the default style</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10789">PHPBB3-10789</a>] - PM print template (prosilver) with unnecessary variables</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10820">PHPBB3-10820</a>] - Display images directly in IE9 and 10 instead of download</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10828">PHPBB3-10828</a>] - PostgreSQL dbal tests try to connect to the database named as user specified in configuration</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10838">PHPBB3-10838</a>] - Functional tests are not mentioned in RUNNING_TESTS.txt</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10840">PHPBB3-10840</a>] - If you add a member to a group, the form_token can be set to 0 if the creation_time is 0 too. Maybe even if creation_time is unchanged.</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10848">PHPBB3-10848</a>] - Wrong redirect to installer from acp</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10850">PHPBB3-10850</a>] - create_schema_files.php is not creating the oracle or postgres' schema file properly</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10879">PHPBB3-10879</a>] - prosilver: attachment-link will be displayed wrong, when filename is too long </li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10880">PHPBB3-10880</a>] - m_approve should not imply f_noapprove</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10896">PHPBB3-10896</a>] - board_email &amp; board_contact are not validated as email addresses in ACP</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10897">PHPBB3-10897</a>] - Bot Definitions are outdated</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10918">PHPBB3-10918</a>] - docs/INSTALL.html claims there are tar.gz packages</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10943">PHPBB3-10943</a>] - Search Box should display keywords entered by the user</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10967">PHPBB3-10967</a>] - PHPBB_USE_BOARD_URL_PATH not implemented in posting_gen_topic_icons</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10986">PHPBB3-10986</a>] - Invalid email message ids because config variable server_name is used even when force server URL settings is disabled</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10995">PHPBB3-10995</a>] - Return value of $db-&gt;sql_fetchrow() on empty tables is not consistent on mssqlnative</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10996">PHPBB3-10996</a>] - Travis tests fail on Postgres because database does not exist</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11034">PHPBB3-11034</a>] - The functional test case framework does not install a full board each time</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11066">PHPBB3-11066</a>] - MSSQLnative driver contains debug code error_reporting(E_ALL)</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11069">PHPBB3-11069</a>] - missing closing span in subsilver2 simple_footer.html</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11081">PHPBB3-11081</a>] - Duplicated /TD in styles/subsilver2/template/catpcha_qa.html</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11093">PHPBB3-11093</a>] - acp_users_overview.html has a wrongly placed &lt;/dd&gt;</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11094">PHPBB3-11094</a>] - prosilver: searching for users: no textbox for Jabber</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11105">PHPBB3-11105</a>] - Missing mandatory space in meta http-equiv=refresh</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11112">PHPBB3-11112</a>] - phpBB Footer Link should be SSL</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11122">PHPBB3-11122</a>] - Update docs/AUTHORS for 3.0.12-RC1</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11144">PHPBB3-11144</a>] - {FORUM_NAME} is not filled in login mask when logging into a password protected forum</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11145">PHPBB3-11145</a>] - ATTACHED_IMAGE_NOT_IMAGE thrown because of file limit in php.ini</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11158">PHPBB3-11158</a>] - modules table lacks acl_u_sig for signature module</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11159">PHPBB3-11159</a>] - Coding guidelines: static public</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11164">PHPBB3-11164</a>] - Composer not finding symfony/config in PHP 5.3.3</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11178">PHPBB3-11178</a>] - database_update.php should not set error_reporting to E_ALL</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11186">PHPBB3-11186</a>] - Database unit tests fail on windows using sqlite2</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11190">PHPBB3-11190</a>] - Functional tests do not clear the cache between each test</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11196">PHPBB3-11196</a>] - /includes/session.php sends 401 HTTP status with &quot;Not authorized&quot; instead of &quot;Unauthorized&quot;</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11219">PHPBB3-11219</a>] - Database sequences are not updated for tests using fixtures with auto_incremented columns</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11227">PHPBB3-11227</a>] - @return void -&gt; @return null</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11233">PHPBB3-11233</a>] - Anonymous can be selected as a PM recipient</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11248">PHPBB3-11248</a>] - CRLF line endings</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11262">PHPBB3-11262</a>] - .lock files are not in .gitignore</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11265">PHPBB3-11265</a>] - Functional tests do not assert that board installation succeeded</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11269">PHPBB3-11269</a>] - Travis functional test case errors</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11278">PHPBB3-11278</a>] - Firebird tables are not removed correctly on 3.0.9-rc1 update</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11291">PHPBB3-11291</a>] - &quot;Could not open input file: ../composer.phar&quot; error during phing's create-package</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11292">PHPBB3-11292</a>] - Newlines removed in display of PM reports, no clickable links in PM reports</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11301">PHPBB3-11301</a>] - &quot;String offset cast occured&quot; error on PHP 5.4</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11304">PHPBB3-11304</a>] - check_form_key breaks in tests when form is submitted in the same second it is retrieved</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11343">PHPBB3-11343</a>] - Loose string comparison during new password activation</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11355">PHPBB3-11355</a>] - Incorrect error message when no user selected for action on group membership management page</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11358">PHPBB3-11358</a>] - Success message even withot selecting a user and performing a group operation</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11361">PHPBB3-11361</a>] - &quot;Array to string conversion&quot; error in $user-&gt;format_date()</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11493">PHPBB3-11493</a>] - Functional tests should fail if any debug output is made</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11517">PHPBB3-11517</a>] - Numbering is wrong in coding guidelines</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11536">PHPBB3-11536</a>] - Installer incorrectly removes /install from script_path</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11537">PHPBB3-11537</a>] - UCP group manage page's error box differs heavily from the rest of the UCP</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11538">PHPBB3-11538</a>] - SQL error on UCP groups manage page caused by setting color to 7 characters long string</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11544">PHPBB3-11544</a>] - Add admin_login() to 3.0 functional test case</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11545">PHPBB3-11545</a>] - is_absolute() should not depend on DIRECTORY_SEPARATOR</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11546">PHPBB3-11546</a>] - is_absolute() throws E_NOTICE for empty string</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11547">PHPBB3-11547</a>] - Test fixtures do not support utf8 characters</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11548">PHPBB3-11548</a>] - Untranslated TOO_SHORT in UCP &quot;Manage Groups&quot;</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11566">PHPBB3-11566</a>] - Reporting a post should require a captcha to be solved by guests</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11568">PHPBB3-11568</a>] - Functional tests fail with retrieving install pages using file_get_contents</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11575">PHPBB3-11575</a>] - phpbb_dbal_order_lower_test::test_cross_join should be called test_order_lower</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11578">PHPBB3-11578</a>] - Missing underscore after function prefix in validate_data()</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11579">PHPBB3-11579</a>] - Add unit tests for validate_data()</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11580">PHPBB3-11580</a>] - Avoid API Limit from composer downloads on github</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11588">PHPBB3-11588</a>] - install/install_update.php should use version.phpbb.com instead of www</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11590">PHPBB3-11590</a>] - Close database connections from tests whenever possible</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11601">PHPBB3-11601</a>] - Allow manual resync of database columns in unit tests not only on fixture load</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11603">PHPBB3-11603</a>] - git-tools use invalid api urls</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11604">PHPBB3-11604</a>] - Functional tests fail when phpBB can not create the config file</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11617">PHPBB3-11617</a>] - Missing U_ACTION in acp_captcha.php</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11618">PHPBB3-11618</a>] - Template tests fail on some systems due to a PHP error in glob()</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11619">PHPBB3-11619</a>] - get_remote_file() should use HTTP 1.0</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11630">PHPBB3-11630</a>] - Improvements to the PHP lint pre-commit hook</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11644">PHPBB3-11644</a>] - Skip phpbb_dbal_order_lower_test on MySQL 5.6</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11662">PHPBB3-11662</a>] - &quot;occured&quot; should be &quot;occurred&quot;</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11670">PHPBB3-11670</a>] - Replace trademark ™ with ® on &quot;Welcome to phpBB&quot; install page</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11674">PHPBB3-11674</a>] - Do not include vendor folder if there are no dependencies.</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11524">PHPBB3-11524</a>] - MySQL Upgrader throws warnings on PHP 5.4</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11720">PHPBB3-11720</a>] - Reporting posts leads to white page error</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11769">PHPBB3-11769</a>] - Wrong poster in subscription email when poster is using the Quote button</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11775">PHPBB3-11775</a>] - Error while moving posts to a new topic</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11802">PHPBB3-11802</a>] - Undefined variable $browser in /download/file.php</li>
+</ul>
+<h4>Improvement</h4>
+<ul>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-8743">PHPBB3-8743</a>] - New topic / reply notifications do not contain author's name.</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10050">PHPBB3-10050</a>] - subsilver2: Do not show &quot;Mark topics as read&quot; when there are no topics</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10205">PHPBB3-10205</a>] - More informative reporting of errors when database connection fails (MySQL and others)</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10716">PHPBB3-10716</a>] - PHP-parse all php files as part of the test suite</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10841">PHPBB3-10841</a>] - Disable style and language selectors if there's only one installed.</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10854">PHPBB3-10854</a>] - sql server drop default constraint when dropping column </li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10865">PHPBB3-10865</a>] - Updated and Added to docs/INSTALL.html</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10873">PHPBB3-10873</a>] - Change language entry for deleted PMs</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10981">PHPBB3-10981</a>] - Upgrade Goutte and use Composer for Installation</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11131">PHPBB3-11131</a>] - Phrasing &amp; semantics of Board settings</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11162">PHPBB3-11162</a>] - Get rid of $db-&gt;sql_return_on_error(true) trickery when splitting/merging topics</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11192">PHPBB3-11192</a>] - Add Tebibyte to get_formatted_filesize()</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11202">PHPBB3-11202</a>] - Add response status checks to functional tests</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11220">PHPBB3-11220</a>] - Improve tooltip explaining the [list=] - BBcode</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11238">PHPBB3-11238</a>] - Specify goutte version</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11285">PHPBB3-11285</a>] - Use more granularity in dependency checks in compress test</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11293">PHPBB3-11293</a>] - Prefer mysqli over mysql due to php 5.5 alpha 2 deprecating mysql</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11294">PHPBB3-11294</a>] - Update extension list in running tests doc</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11368">PHPBB3-11368</a>] - Latest pm reports row count</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11583">PHPBB3-11583</a>] - InnoDB supports FULLTEXT index since MySQL 5.6.4.</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11740">PHPBB3-11740</a>] - Update link in FAQ to Ideas Centre</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11873">PHPBB3-11873</a>] - Prevent expensive hash computation in phpbb_check_hash() by rejecting very long passwords</li>
+</ul>
+<h4>Sub-task</h4>
+<ul>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10974">PHPBB3-10974</a>] - Move tests/mock_user.php to tests/mock/user.php</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11009">PHPBB3-11009</a>] - Backport phing build.xml from develop to develop-olympus so it uses composer.</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11540">PHPBB3-11540</a>] - Add unit tests for (phpbb_)is_absolute()</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11541">PHPBB3-11541</a>] - Add unit tests for style_select() in functions.php</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11542">PHPBB3-11542</a>] - Add unit tests for language_select() in functions.php</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11543">PHPBB3-11543</a>] - Add unit tests for obtain online functions in functions.php</li>
+</ul>
+<h4>Task</h4>
+<ul>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10877">PHPBB3-10877</a>] - Have bamboo generate and publish a phpBB package for every build.</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11045">PHPBB3-11045</a>] - Add unit tests for the compress class</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11059">PHPBB3-11059</a>] - Fix README logo</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11060">PHPBB3-11060</a>] - Fix travis.yml pyrus config</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11240">PHPBB3-11240</a>] - Turn on PHPUnit's verbose mode on Travis</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11324">PHPBB3-11324</a>] - Add PHP 5.5 environment on Travis-CI</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11337">PHPBB3-11337</a>] - Run functional tests on Travis CI</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11513">PHPBB3-11513</a>] - Install PHPUnit via Composer's require-dev to simplify test running (no need for pear)</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11526">PHPBB3-11526</a>] - Increase composer minimum-stability from beta to stable</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11527">PHPBB3-11527</a>] - Upgrade composer.phar to 1.0.0-alpha7</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11529">PHPBB3-11529</a>] - Rename RUNNING_TESTS file to .md file to render it on GitHub</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11576">PHPBB3-11576</a>] - Make phpBB Test Suite MySQL behave at least as strict as phpBB MySQL driver</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11671">PHPBB3-11671</a>] - Add phing/phing to composer.json</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11752">PHPBB3-11752</a>] - Update phpBB.com URLs to https in email templates</li>
+<li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-11753">PHPBB3-11753</a>] - Upgrade mysql_upgrader.php schema data.</li>
+</ul>
+
+	<a name="v3010"></a><h3>1.iii. Changes since 3.0.10</h3>
 
 <h4>Bug</h4>
 <ul>
@@ -217,7 +510,7 @@
 <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10909">PHPBB3-10909</a>] - Update Travis Test Configuration: Travis no longer supports PHP 5.3.2</li>
 </ul>
 
-	<a name="v309"></a><h3>1.ii. Changes since 3.0.9</h3>
+	<a name="v309"></a><h3>1.iv. Changes since 3.0.9</h3>
 
 <h4>Bug</h4>
 <ul>
@@ -353,7 +646,7 @@
 <li>[<a href="http://tracker.phpbb.com/browse/PHPBB3-10480">PHPBB3-10480</a>] - Automate changelog building</li>
 </ul>
 
-	<a name="v308"></a><h3>1.iii. Changes since 3.0.8</h3>
+	<a name="v308"></a><h3>1.v. Changes since 3.0.8</h3>
 
 <h4>        Bug
 </h4>
@@ -418,7 +711,7 @@
 </li>
 <li>[<a href='http://tracker.phpbb.com/browse/PHPBB3-9924'>PHPBB3-9924</a>] -         $template-&gt;display hook does not pass $template instance
 </li>
-<li>[<a href='http://tracker.phpbb.com/browse/PHPBB3-9925'>PHPBB3-9925</a>] -         prosilver logo margin bug in IE 6-7-8 
+<li>[<a href='http://tracker.phpbb.com/browse/PHPBB3-9925'>PHPBB3-9925</a>] -         prosilver logo margin bug in IE 6-7-8
 </li>
 <li>[<a href='http://tracker.phpbb.com/browse/PHPBB3-9928'>PHPBB3-9928</a>] -         Do not link &quot;login to your board&quot; to the &quot;send statistics&quot; page after completed update.
 </li>
@@ -426,7 +719,7 @@
 </li>
 <li>[<a href='http://tracker.phpbb.com/browse/PHPBB3-9932'>PHPBB3-9932</a>] -         The Bing bot is not added when converting.
 </li>
-<li>[<a href='http://tracker.phpbb.com/browse/PHPBB3-9933'>PHPBB3-9933</a>] -         Wrong handling of consecutive multiple asterisks in word censor 
+<li>[<a href='http://tracker.phpbb.com/browse/PHPBB3-9933'>PHPBB3-9933</a>] -         Wrong handling of consecutive multiple asterisks in word censor
 </li>
 <li>[<a href='http://tracker.phpbb.com/browse/PHPBB3-9934'>PHPBB3-9934</a>] -         Mass Mail missing under the system tab on a fresh install
 </li>
@@ -438,7 +731,7 @@
 </li>
 <li>[<a href='http://tracker.phpbb.com/browse/PHPBB3-9948'>PHPBB3-9948</a>] -         Inline quicktime files won&#39;t display
 </li>
-<li>[<a href='http://tracker.phpbb.com/browse/PHPBB3-9949'>PHPBB3-9949</a>] -         $user-&gt;lang() is not handling arguments as per documentation 
+<li>[<a href='http://tracker.phpbb.com/browse/PHPBB3-9949'>PHPBB3-9949</a>] -         $user-&gt;lang() is not handling arguments as per documentation
 </li>
 <li>[<a href='http://tracker.phpbb.com/browse/PHPBB3-9950'>PHPBB3-9950</a>] -         Problem with localized button images after uprading from 3.0.7-PL1 to 3.0.8
 </li>
@@ -601,7 +894,7 @@
 <li>[<a href='http://tracker.phpbb.com/browse/PHPBB3-10250'>PHPBB3-10250</a>] -         phpBB Logo needs the Registered Trademark Symbol
 </li>
 </ul>
-    
+
 <h4>        Improvement
 </h4>
 <ul>
@@ -658,7 +951,7 @@
 <li>[<a href='http://tracker.phpbb.com/browse/PHPBB3-10186'>PHPBB3-10186</a>] -         UCP signature panel displays when not authed for signatures
 </li>
 </ul>
-    
+
 <h4>        New Feature
 </h4>
 <ul>
@@ -669,7 +962,7 @@
 <li>[<a href='http://tracker.phpbb.com/browse/PHPBB3-10110'>PHPBB3-10110</a>] -         Redis caching module
 </li>
 </ul>
-    
+
 <h4>        Task
 </h4>
 <ul>
@@ -708,7 +1001,7 @@
 <li>[<a href='http://tracker.phpbb.com/browse/PHPBB3-10107'>PHPBB3-10107</a>] -         Improve docs for non-apache webserver configuration
 </li>
 </ul>
-    
+
 <h4>        Sub-task
 </h4>
 <ul>
@@ -721,7 +1014,7 @@
 </ul>
 
 
-	<a name="v307-PL1"></a><h3>1.iv. Changes since 3.0.7-PL1</h3>
+	<a name="v307-PL1"></a><h3>1.vi. Changes since 3.0.7-PL1</h3>
 <h4>        Security
 </h4>
 <ul>
@@ -1179,13 +1472,13 @@
 </ul>
 
 
-	<a name="v307"></a><h3>1.iv. Changes since 3.0.7</h3>
+	<a name="v307"></a><h3>1.vii. Changes since 3.0.7</h3>
 
 	<ul>
 		<li>[Sec] Do not expose forum content of forums with ACL entries but no actual permission in ATOM Feeds. (Bug #58595)</li>
 	</ul>
 
-	<a name="v306"></a><h3>1.vi. Changes since 3.0.6</h3>
+	<a name="v306"></a><h3>1.viii. Changes since 3.0.6</h3>
 
 	<ul>
 		<li>[Fix] Allow ban reason and length to be selected and copied in ACP and subsilver2 MCP. (Bug #51095)</li>
@@ -1289,7 +1582,7 @@
 
 	</ul>
 
-	<a name="v305"></a><h3>1.vii. Changes since 3.0.5</h3>
+	<a name="v305"></a><h3>1.ix. Changes since 3.0.5</h3>
 
 	<ul>
 		<li>[Fix] Allow whitespaces in avatar gallery names. (Bug #44955)</li>
@@ -1511,7 +1804,7 @@
 		<li>[Feature] Send anonymous statistical information to phpBB on installation and update (optional).</li>
 	</ul>
 
-	<a name="v304"></a><h3>1.viii. Changes since 3.0.4</h3>
+	<a name="v304"></a><h3>1.x. Changes since 3.0.4</h3>
 
 	<ul>
 		<li>[Fix] Delete user entry from ban list table upon user deletion (Bug #40015 - Patch by TerraFrost)</li>
@@ -1600,7 +1893,7 @@
 		<li>[Sec] Only use forum id supplied for posting if global announcement detected. (Reported by nickvergessen)</li>
 	</ul>
 
-	<a name="v303"></a><h3>1.ix. Changes since 3.0.3</h3>
+	<a name="v303"></a><h3>1.xi. Changes since 3.0.3</h3>
 
 	<ul>
 		<li>[Fix] Allow mixed-case template directories to be inherited (Bug #36725)</li>
@@ -1632,7 +1925,7 @@
 		<li>[Sec] Ask for forum password if post within passworded forum quoted in private message. (Reported by nickvergessen)</li>
 	</ul>
 
-	<a name="v302"></a><h3>1.x. Changes since 3.0.2</h3>
+	<a name="v302"></a><h3>1.xii. Changes since 3.0.2</h3>
 
 	<ul>
 		<li>[Fix] Correctly set topic starter if first post in topic removed (Bug #30575 - Patch by blueray2048)</li>
@@ -1731,7 +2024,7 @@
 		<li>[Sec Precaution] Stricter validation of the HTTP_HOST header (Thanks to Techie-Micheal et al for pointing out possible issues in derived code)</li>
 	</ul>
 
-	<a name="v301"></a><h3>1.xi. Changes since 3.0.1</h3>
+	<a name="v301"></a><h3>1.xiii. Changes since 3.0.1</h3>
 
 	<ul>
 		<li>[Fix] Ability to set permissions on non-mysql dbms (Bug #24955)</li>
@@ -1779,7 +2072,7 @@
 		<li>[Sec] Only allow urls gone through redirect() being used within login_box(). (thanks nookieman)</li>
 	</ul>
 
-	<a name="v300"></a><h3>1.xii Changes since 3.0.0</h3>
+	<a name="v300"></a><h3>1.xiv Changes since 3.0.0</h3>
 
 	<ul>
 		<li>[Change] Validate birthdays (Bug #15004)</li>
@@ -1850,7 +2143,7 @@
 		<li>[Fix] Find and display colliding usernames correctly when converting from one database to another (Bug #23925)</li>
 	</ul>
 
-	<a name="v30rc8"></a><h3>1.xiii. Changes since 3.0.RC8</h3>
+	<a name="v30rc8"></a><h3>1.xv. Changes since 3.0.RC8</h3>
 
 	<ul>
 		<li>[Fix] Cleaned usernames contain only single spaces, so &quot;a_name&quot; and &quot;a__name&quot; are treated as the same name (Bug #15634)</li>
@@ -1859,7 +2152,7 @@
 		<li>[Fix] Call garbage_collection() within database updater to correctly close connections (affects Oracle for example)</li>
 	</ul>
 
-	<a name="v30rc7"></a><h3>1.xiv. Changes since 3.0.RC7</h3>
+	<a name="v30rc7"></a><h3>1.xvi. Changes since 3.0.RC7</h3>
 
 	<ul>
 		<li>[Fix] Fixed MSSQL related bug in the update system</li>
@@ -1894,7 +2187,7 @@
 		<li>[Fix] No duplication of active topics (Bug #15474)</li>
 	</ul>
 
-	<a name="v30rc6"></a><h3>1.xv. Changes since 3.0.RC6</h3>
+	<a name="v30rc6"></a><h3>1.xvii. Changes since 3.0.RC6</h3>
 
 	<ul>
 		<li>[Fix] Submitting language changes using acp_language (Bug #14736)</li>
@@ -1904,7 +2197,7 @@
 		<li>[Fix] Able to request new password (Bug #14743)</li>
 	</ul>
 
-	<a name="v30rc5"></a><h3>1.xvi. Changes since 3.0.RC5</h3>
+	<a name="v30rc5"></a><h3>1.xviii. Changes since 3.0.RC5</h3>
 
 	<ul>
 		<li>[Feature] Removing constant PHPBB_EMBEDDED in favor of using an exit_handler(); the constant was meant to achive this more or less.</li>
@@ -1967,7 +2260,7 @@
 		<li>[Sec] New password hashing mechanism for storing passwords (#i42)</li>
 	</ul>
 
-	<a name="v30rc4"></a><h3>1.xvii. Changes since 3.0.RC4</h3>
+	<a name="v30rc4"></a><h3>1.xix. Changes since 3.0.RC4</h3>
 
 	<ul>
 		<li>[Fix] MySQL, PostgreSQL and SQLite related database fixes (Bug #13862)</li>
@@ -2018,7 +2311,7 @@
 		<li>[Fix] odbc_autocommit causing existing result sets to be dropped (Bug #14182)</li>
 	</ul>
 
-	<a name="v30rc3"></a><h3>1.xviii. Changes since 3.0.RC3</h3>
+	<a name="v30rc3"></a><h3>1.xx. Changes since 3.0.RC3</h3>
 
 	<ul>
 		<li>[Fix] Fixing some subsilver2 and prosilver style issues</li>
@@ -2127,7 +2420,7 @@
 
 	</ul>
 
-	<a name="v30rc2"></a><h3>1.xviv. Changes since 3.0.RC2</h3>
+	<a name="v30rc2"></a><h3>1.xxi. Changes since 3.0.RC2</h3>
 
 	<ul>
 		<li>[Fix] Re-allow searching within the memberlist</li>
@@ -2173,7 +2466,7 @@
 
 	</ul>
 
-	<a name="v30rc1"></a><h3>1.xx. Changes since 3.0.RC1</h3>
+	<a name="v30rc1"></a><h3>1.xxii. Changes since 3.0.RC1</h3>
 
 	<ul>
 		<li>[Fix] (X)HTML issues within the templates (Bug #11255, #11255)</li>
@@ -2308,7 +2601,7 @@
 
 		<div class="content">
 
-	<p>This application is opensource software released under the <a href="http://opensource.org/licenses/gpl-2.0.php">GNU General Public License v2</a>. Please see source code and the docs directory for more details. This package and its contents are Copyright (c) <a href="http://www.phpbb.com/">phpBB Group</a>, All Rights Reserved.</p>
+	<p>This application is opensource software released under the <a href="http://opensource.org/licenses/gpl-2.0.php">GNU General Public License v2</a>. Please see source code and the docs directory for more details. This package and its contents are Copyright (c) <a href="https://www.phpbb.com/">phpBB Group</a>, All Rights Reserved.</p>
 
 		</div>
 

phpBB/docs/FAQ.html

@@ -89,7 +89,7 @@
 
 <p>There are people, companies (unrelated to your hosting provider), etc. that will install your forum, either for free or for a payment. We do not recommend you make use of these offers. Unless the service is provided by your hosting company you will have to divulge passwords and other sensitive details. If you did not know how to use an ATM would you give a passer-by your bank card and PIN and ask them to show you what to do? No, probably not! The same applies to your hosting account details!</p>
 
-<p>We think a better solution is for you to carefully read the enclosed documentation, read through our knowledge base at <a href="http://www.phpbb.com/">www.phpbb.com</a> and if necessary ask for help on any thing you get stuck on. However, the decision is yours but please note we may not offer support if we believe you have had the board installed by a third party. In such cases you should direct your questions to that company or person/s.</p>
+<p>We think a better solution is for you to carefully read the enclosed documentation, read through our knowledge base at <a href="https://www.phpbb.com/">www.phpbb.com</a> and if necessary ask for help on any thing you get stuck on. However, the decision is yours but please note we may not offer support if we believe you have had the board installed by a third party. In such cases you should direct your questions to that company or person/s.</p>
 
 		</div>
 
@@ -150,7 +150,7 @@ I want to sue you because i think you host an illegal board!</h2>
 
 		<div class="content">
 
-<p>This error will occur if phpBB cannot send mail. phpBB can send email two ways; using the PHP <code>mail()</code> function or directly via SMTP. Some hosting providers limit the <code>mail()</code> function to prevent its use in spamming, others may rename it or limit its functionality. If the <code>mail()</code> function got renamed, you are able to enter the correct name within the administration control panel. In either case you may need to make use of SMTP. This requires that you have access to such a facility, e.g. your hosting provider may provide one (perhaps requiring specific written authorisation), etc. Please see <a href="http://www.phpbb.com/">www.phpbb.com</a> for additional help on this matter.</p>
+<p>This error will occur if phpBB cannot send mail. phpBB can send email two ways; using the PHP <code>mail()</code> function or directly via SMTP. Some hosting providers limit the <code>mail()</code> function to prevent its use in spamming, others may rename it or limit its functionality. If the <code>mail()</code> function got renamed, you are able to enter the correct name within the administration control panel. In either case you may need to make use of SMTP. This requires that you have access to such a facility, e.g. your hosting provider may provide one (perhaps requiring specific written authorisation), etc. Please see <a href="https://www.phpbb.com/">www.phpbb.com</a> for additional help on this matter.</p>
 
 <p>If you do require SMTP services please do not ask (on our forums or elsewhere) for someone to provide you with one. Open relays are now things of the past thanks to the unthinking spammers out there. Therefore you are unlikely to find someone willing to offer you (free) services.</p>
 
@@ -250,7 +250,7 @@ I want to sue you because i think you host an illegal board!</h2>
 
 		<div class="content">
 
-<p>Please read the paragraph about permissions in our extensive <a href="http://www.phpbb.com/support/documentation/3.0/">online documentation</a>.</p>
+<p>Please read the paragraph about permissions in our extensive <a href="https://www.phpbb.com/support/documentation/3.0/">online documentation</a>.</p>
 
 		</div>
 
@@ -306,11 +306,11 @@ I want to sue you because i think you host an illegal board!</h2>
 
 		<div class="content">
 
-<p>Please read our <a href="http://www.phpbb.com/support/documentation/3.0/">extensive user documentation</a> first, it may just explain what you want to know.</p>
+<p>Please read our <a href="https://www.phpbb.com/support/documentation/3.0/">extensive user documentation</a> first, it may just explain what you want to know.</p>
 
 <p>Feel free to search our community forum for the information you require. <strong>PLEASE DO NOT</strong> post your question without having first used search, chances are someone has already asked and answered your question. You can find our board here:</p>
 
-<p><a href="http://www.phpbb.com">www.phpbb.com</a></p>
+<p><a href="https://www.phpbb.com">www.phpbb.com</a></p>
 
 		</div>
 
@@ -328,7 +328,7 @@ I want to sue you because i think you host an illegal board!</h2>
 
 		<div class="content">
 
-	<p>This application is opensource software released under the <a href="http://opensource.org/licenses/gpl-2.0.php">GNU General Public License v2</a>. Please see source code and the docs directory for more details. This package and its contents are Copyright (c) <a href="http://www.phpbb.com/">phpBB Group</a>, All Rights Reserved.</p>
+	<p>This application is opensource software released under the <a href="http://opensource.org/licenses/gpl-2.0.php">GNU General Public License v2</a>. Please see source code and the docs directory for more details. This package and its contents are Copyright (c) <a href="https://www.phpbb.com/">phpBB Group</a>, All Rights Reserved.</p>
 
 		</div>
 

phpBB/docs/INSTALL.html

@@ -46,7 +46,7 @@
 
 <p>This document will walk you through the basics on installing, updating and converting the forum software.</p>
 
-<p>A basic overview of running phpBB3 can be found in the accompanying <a href="README.html">README</a> file. Please ensure you read that document in addition to this! For more detailed information on using, installing, updating and converting phpBB3 you should read <a href="http://www.phpbb.com/support/documentation/3.0/">the documentation</a> available online.</p>
+<p>A basic overview of running phpBB3 can be found in the accompanying <a href="README.html">README</a> file. Please ensure you read that document in addition to this! For more detailed information on using, installing, updating and converting phpBB3 you should read <a href="https://www.phpbb.com/support/documentation/3.0/">the documentation</a> available online.</p>
 
 <h1>Install</h1>
 
@@ -62,7 +62,7 @@
 	<li><a href="#update">Updating from stable releases of phpBB 3.0.x</a>
 	<ol style="list-style-type: lower-roman;">
 		<li><a href="#update_full">Full package</a></li>
-		<li><a href="#update_files">Changed files only</a></li>
+		<li><a href="#update_files">Changed files</a></li>
 		<li><a href="#update_patch">Patch file</a></li>
 		<li><a href="#update_auto">Automatic update package</a></li>
 		<li><a href="#update_all">All package types</a></li>
@@ -82,6 +82,7 @@
 		<li><a href="#webserver_configuration">Webserver configuration</a></li>
 	</ol>
 	</li>
+	<li><a href="#anti_spam">Anti-Spam Measures</a></li>
 	<li><a href="#disclaimer">Copyright and disclaimer</a></li>
 </ol>
 
@@ -107,10 +108,10 @@
 		<li>Change the permissions on config.php to be writable by all (666 or -rw-rw-rw- within your FTP Client)</li>
 		<li>Change the permissions on the following directories to be writable by all (777 or -rwxrwxrwx within your FTP Client):<br />
 			<code>store/</code>, <code>cache/</code>, <code>files/</code> and <code>images/avatars/upload/</code>.</li>
-		<li>Using your web browser visit the location you placed phpBB3 with the addition of install/index.php or pointing directly to install/, e.g. http://www.mydomain.com/phpBB3/install/, http://www.mydomain.com/forum/install/ etc.</li>
-		<li>Click the <em>INSTALL</em> tab, follow the steps and fill out all the requested information.</li>
+		<li>Point your web browser to the location where you uploaded the phpBB3 files with the addition of <code>install/index.php</code> or simply <code>install/</code>, e.g. <code>http://www.example.com/phpBB3/install/index.php</code>, <code>http://www.example.com/forum/install/</code>.</li>
+		<li>Click the <strong><em>INSTALL</em></strong> tab, follow the steps and fill out all the requested information.</li>
 		<li>Change the permissions on config.php to be writable only by yourself (644 or -rw-r--r-- within your FTP Client)</li>
-		<li>phpBB3 should now be available, please <strong>MAKE SURE</strong> you read at least <a href="#postinstall">Section 6</a> below for important, security related post-installation instructions.</li>
+		<li>phpBB3 should now be available, please <strong>MAKE SURE</strong> you read at least <a href="#postinstall">Section 6</a> below for important, security related post-installation instructions, and also take note of <a href="#anti_spam">Section 7</a> regarding anti-spam measures.</li>
 	</ol>
 
 	<p>If you experienced problems or do not know how to proceed with any of the steps above please read the rest of this document.</p>
@@ -131,13 +132,14 @@
 
 		<div class="content">
 
-	<p>phpBB3 has a few requirements which must be met before you are able to install and use it.</p>
+	<p>phpBB 3.0.x has a few requirements which must be met before you are able to install and use it.</p>
 
 	<ul>
 		<li>A webserver or web hosting account running on any major Operating System with support for PHP</li>
 		<li>A SQL database system, <strong>one of</strong>:
 		<ul>
 			<li>MySQL 3.23 or above (MySQLi supported)</li>
+			<li>MariaDB 5.1 or above</li>
 			<li>PostgreSQL 7.3+</li>
 			<li>SQLite 2.8.2+ (SQLite 3 is not supported)</li>
 			<li>Firebird 2.1+</li>
@@ -145,8 +147,8 @@
 			<li>Oracle</li>
 		</ul>
 		</li>
-		<li><strong>PHP 4.3.3+ (>=4.3.3, >=4.4.x, >=5.x.x, >=5.4.x)</strong> with support for the database you intend to use.</li>
-		<li>getimagesize() function need to be enabled.</li>
+		<li><strong>PHP (>=4.3.3, >=4.4.0, >=5.0.0)</strong> with support for the database you intend to use.</li>
+		<li>getimagesize() function must be enabled.</li>
 		<li>Presence of the following modules within PHP will provide access to additional features, but they are not required:
 		<ul>
 			<li>zlib Compression support</li>
@@ -158,7 +160,7 @@
 		</li>
 	</ul>
 
-	<p>If your server or hosting account does not meet the requirements above we are afraid phpBB3 is not for you.</p>
+	<p>If your server or hosting account does not meet the requirements above then you will be unable to install phpBB 3.0.x.</p>
 
 		</div>
 
@@ -178,21 +180,21 @@
 
 	<p>Installation of phpBB3 will vary according to your server and database. If you have <em>shell access</em> to your account (via telnet or ssh for example) you may want to upload the entire phpBB3 archive (in binary mode!) to a directory on your host and unarchive it there.</p>
 
-	<p>If you do not have shell access or do not wish to use it you will need to decompress the phpBB3 archive to a local directory on your system using your favourite compression program, e.g. winzip, rar, zip, etc. From there you must FTP <strong>ALL</strong> the files it contains (being sure to retain the directory structure and filenames) to your host. Please ensure that the cases of filenames are retained, do <strong>NOT</strong> force filenames to all lower or upper case doing so will cause errors later.</p>
+	<p>If you do not have shell access or do not wish to use it, you will need to decompress the phpBB3 archive to a local directory on your system using your favourite compression program, e.g. winzip, rar, zip, etc. From there you must FTP <strong>ALL</strong> the files it contains (being sure to retain the directory structure and filenames) to your host. Please ensure that the cases of filenames are retained, do <strong>NOT</strong> force filenames to all lower or upper case as doing so will cause errors later.</p>
 
-	<p>All .php, .inc, .sql, .cfg, .html and .txt files should be uploaded in <strong>ASCII</strong> mode, while all graphics should be uploaded in <strong>BINARY</strong> mode. If you are unfamiliar with what this means please refer to your FTP client documentation. In most cases this is all handled transparantly by your ftp client but if you encounter problems later you should be sure the files where uploaded correctly as described here.</p>
+	<p>All .php, .sql, .cfg, .css, .js, .html, .htaccess and .txt files should be uploaded in <strong>ASCII</strong> mode, while all graphics should be uploaded in <strong>BINARY</strong> mode. If you are unfamiliar with what this means please refer to your FTP client documentation. In most cases this is all handled transparantly by your ftp client, but if you encounter problems later you should be sure the files were uploaded correctly as described here.</p>
 
-	<p>phpBB3 comes supplied with British English as its standard language. However a number of separate packs for different languages are available. If you are not a native English speaker you may wish to install one or more of these packages before continuing. The installation process below will allow you to select a default language from those available (you can of course change this default at a later stage). For more details of language packs, where to obtain them and how to install them please see the <a href="README.html#i18n">README</a>.</p>
+	<p>phpBB3 comes supplied with British English as its standard language. However, a number of separate packs for different languages are available. If you are not a native English speaker you may wish to install one or more of these packages before continuing. The installation process below will allow you to select a default language from those available (you can, of course, change this default at a later stage). For more details on language packs, where to obtain them and how to install them please see the <a href="README.html#i18n">README</a>.</p>
 
-	<p>Once all the files have been uploaded to your site you should point your browser at this location with the addition of <code>install/</code>. For example if your domain name is <em>www.mydomain.tld</em> and you placed phpBB3 in a directory /phpBB3 off your web root you would enter <em>http://www.mydomain.tld/phpBB3/install/</em> or (alternatively) <em>http://www.mydomain.tld/phpBB3/install/index.php</em> into your browser. When you have done this you should see the phpBB3 Installation screen appear.</p>
+	<p>Once all the files have been uploaded to your site, you should point your browser at this location with the addition of <code>/install/</code>. For example, if your domain name is <code>www.example.com</code> and you placed the phpBB3 files in the directory <code>/phpBB3</code> off your web root you would enter <code>http://www.example.com/phpBB3/install/</code> or (alternatively) <code>http://www.example.com/phpBB3/install/index.php</code> into your browser. When you have done this, you should see the <strong><em>phpBB3 Introduction</em></strong> screen appear.</p>
 
 	<h4>Introduction:</h4>
 
-	<p>The installation screen gives you a short introduction into phpBB. It allows you to read the license phpBB3 is released under (General Public License) and provides information about how you can receive support. To start the installation, use the <em>Install</em> button.</p>
+	<p>The initial screen gives you a short introduction into phpBB. It allows you to read the license phpBB3 is released under (General Public License v2) and provides information about how you can receive support. To start the installation, use the <strong><em>INSTALL</em></strong> tab.</p>
 
 	<h4>Requirements</h4>
 
-	<p>The first page you will see after starting the installation is the Requirements list. phpBB3 checks automatically whether everything that it needs to run properly is installed on your server. You need to have at least the minimum PHP version installed, and at least one database available to continue the installation. Also important, is that all shown folders are available and do have the correct permissions. Please see the description of each section to find out whether they are optional or required for phpBB3 to run. If everything is in order, you can continue the installation with <em>Start Install</em>.</p>
+	<p>The first page you will see after starting the installation is the Requirements list. phpBB3 automatically checks whether everything that it needs to run properly is installed on your server. You need to have at least the minimum PHP version installed, and at least one database available to continue the installation. Also important, is that all shown folders are available and have the correct permissions. Please see the description of each section to find out whether they are optional or required for phpBB3 to run. If everything is in order, you can continue the installation with <em>Start Install</em>.</p>
 
 	<h4>Database settings</h4>
 
@@ -210,33 +212,33 @@
 		<p><strong>Note:</strong> if you are installing using SQLite, you should enter the full path to your database file in the DSN field and leave the username and password fields blank. For security reasons, you should make sure that the database file is not stored in a location accessible from the web.</p>
 	</div>
 
-	<p>You don't need to change the Prefix for tables in database setting, unless you plan on using multipe phpBB installations on one database. In this case you can use a different prefix for each installation to make it work.</p>
+	<p>You don't need to change the Prefix for tables in database setting, unless you plan on using multipe phpBB installations on one database. In this case, you can use a different prefix for each installation to make it work.</p>
 
-	<p>After you entered your details, you can continue with the Proceed to next step button. Now phpBB3 will check whether the data you entered will lead to a successful database connection and whether tables with the same prefix already exist.</p>
+	<p>After you entered your details, you can continue with the <em>Proceed to next step</em> button. Now phpBB3 will check whether the data you entered will lead to a successful database connection and whether tables with the same prefix already exist.</p>
 
 	<p>A <em>Could not connect to the database</em> error means that you didn't enter the database data correctly and it is not possible for phpBB to connect. Make sure that everything you entered is in order and try again. Again, if you are unsure about your database settings, please contact your host.</p>
 
 	<p>If you installed another version of phpBB before on the same database with the same prefix, phpBB will inform you and you just need to enter a different database prefix.</p>
 
-	<p>If you see the Successful Connection message, you can continue to the next step.</p>
+	<p>If you see the <em>Successful Connection</em> message, you can continue to the next step.</p>
 
 	<h4>Administrator details</h4>
 
-	<p>Now you have to create your administration user. This user will have full administration access and he/she will be the first user on your forum. All fields on this page are required. You can also set the default language of your forum on this page. In a vanilla phpBB3 installation we only include English. You can download further languages from <a href="http://www.phpbb.com/">www.phpbb.com</a>, and add them before installing or later.</p>
+	<p>Now you have to create your administration user. This user will have full administration access and he/she will be the first user on your forum. All fields on this page are required. You can also set the default language of your forum on this page. In a vanilla phpBB3 installation, we only include British English. You can download further languages from <a href="https://www.phpbb.com/">www.phpbb.com</a>, and add them before installing or later.</p>
 
 	<h4>Configuration file</h4>
 
-	<p>In this step, phpBB will try to write the configuration file automatically. The forum needs the configuration to run properly. It contains all database settings, so without it, phpBB will not be able to access the database.</p>
+	<p>In this step, phpBB will try to write the configuration file automatically. The forum needs the configuration file in order to operate. It contains all the database settings, so without it, phpBB will not be able to access the database.</p>
 
-	<p>Usually writing the configuration file automatically works fine. But in some cases it can fail due to wrong file permissions, for instance. In this case, you need to upload the file manually. phpBB asks you to download the config.php file and tells you what to do with it. Please read the instructions carefully. After you have uploaded the file, use <em>Done</em> to get to the last step. If <em>Done</em> returns you to the same page as before, and does not return a success message, you did not upload the file correctly.</p>
+	<p>Usually, writing the configuration file automatically works fine. If the file permissions are not set correctly, this process can fail. In this case, you need to upload the file manually. phpBB asks you to download the <code>config.php</code> file and tells you what to do with it. Please read the instructions carefully. After you have uploaded the file, use <em>Done</em> to get to the last step. If <em>Done</em> returns you to the same page as before, and does not return a success message, you did not upload the file correctly.</p>
 
 	<h4>Advanced settings</h4>
 
-	<p>The Advanced settings allow you to set some parameters of the board configuration. They are optional, and you can always change them later. So if you are not sure what these settings mean, proceed to the final step and finish the installation.</p>
+	<p>The Advanced settings allow you to set additional parameters of the board configuration. They are optional and you can always change them later. So, even if you are not sure what these settings mean, you can still proceed to the final step and finish the installation.</p>
 
-	<p>If the installation was successful, you can now use the Login button to visit the Administration Control Panel. Congratulations, you have installed phpBB3 successfully. But there is still work ahead!</p>
+	<p>If the installation was successful, you can now use the <em>Login</em> button to visit the Administration Control Panel. Congratulations, you have installed phpBB successfully. But there is still work ahead!</p>
 
-	<p>If you are unable to get phpBB3 installed even after reading this guide, please look at the support section to find out where you can ask for further assistance.</p>
+	<p>If you are unable to get phpBB3 installed even after reading this guide, please look at the support section of the installer's introduction page to find out where you can ask for further assistance.</p>
 
 	<p>At this point if you are converting from phpBB 2.0.x, you should refer to the <a href="#convert">conversion steps</a> for further information. If not, you should remove the install directory from your server as you will only be able to access the Administration Control Panel whilst it is present.</p>
 
@@ -256,55 +258,55 @@
 
 		<div class="content">
 
-<p>If you are currently using a stable release of phpBB3 updating to this version is straightforward. You would have downloaded one of four packages and your choice determines what you need to do. <strong>Please Note</strong>: That before updating we heavily recommend you do a <em>full backup of your database and existing phpBB3 files</em>! If you are unsure how to achieve this please ask your hosting provider for advice.</p>
+<p>If you are currently using a stable release of phpBB3, updating to this version is straightforward. You would have downloaded one of four packages and your choice determines what you need to do. <strong>Note</strong>: Before updating, we heavily recommend you do a <em>full backup of your database and existing phpBB3 files</em>! If you are unsure how to achieve this please ask your hosting provider for advice.</p>
 
 <p><strong>Please make sure you update your phpBB3 source files too, even if you run the <code>database_update.php</code> file.</strong></p>
 
 <a name="update_full"></a><h3>4.i. Full package</h3>
 
-	<p>The full package is normally meant for new installations only, but if you want to replace all source files this package comes in handy.</p>
+	<p>The full package is normally meant for new installations only, but if you want to replace all source files, this package comes in handy.</p>
 
-	<p>First you should make a copy of your existing <em>config.php</em> file, keep it in a safe place! Next delete all the existing phpBB3 files, you may want to leave your <code>files/</code> and <code>images/</code> directory in place. You can leave alternative styles in-place too. With this complete you can upload the new phpBB3 files (see <a href="#install">New installation</a> for details if necessary). Once complete copy back your saved <em>config.php</em>, replacing the new one. Another method is to just <strong>replace</strong> the existing files with the files from the full package - though make sure you do <strong>not</strong> overwrite your config.php file.</p>
+	<p>First, you should make a copy of your existing <code>config.php</code> file; keep it in a safe place! Next, delete all the existing phpBB3 files, you may want to leave your <code>files/</code> and <code>images/</code> directorie in place. You can leave alternative styles in place too. With this complete, you can upload the new phpBB files (see <a href="#install">New installation</a> for details if necessary). Once complete, copy back your saved <code>config.php</code>, replacing the new one. Another method is to just <strong>replace</strong> the existing files with the files from the full package - though make sure you do <strong>not</strong> overwrite your config.php file.</p>
 
-	<p>You should now run <code>install/database_update.php</code> which, depending on your previous version, will make a number of database changes. You may receive <em>FAILURES</em> during this procedure, they should not be a cause for concern unless you see an actual <em>ERROR</em>, in which case the script will stop (in this case you should seek help via our forums or bug tracker).</p>
+	<p>You should now run <code>install/database_update.php</code> which, depending on your previous version, will make a number of database changes. You may receive <em>FAILURES</em> during this procedure. They should not be a cause for concern unless you see an actual <em>ERROR</em>, in which case the script will stop (in this case you should seek help via our forums or bug tracker).</p>
 
-	<p>Once the install/database_update.php has completed you may proceed to the Administration Control Panel and check remove the install directory as advised.</p>
+	<p>Once <code>install/database_update.php</code> has completed, you may proceed to the Administration Control Panel and then remove the install directory as advised.</p>
 
-<a name="update_files"></a><h3>4.ii. Changed files only</h3>
+<a name="update_files"></a><h3>4.ii. Changed files</h3>
 
-	<p>This package is meant for those wanting to only replace changed files from a previous version to the latest version. This package normally contains the changed files from up to five previous versions.</p>
+	<p>This package is meant for those wanting to only replace the files that were changed between a previous version and the latest version.</p>
 
-	<p>This package contains a number of archives, each contains the files changed from a given release to the latest version. You should select the appropriate archive for your current version, e.g. if you currently have <samp>3.0.10</samp> you should select the phpBB-3.0.10_to_3.0.11.zip/tar.gz file.</p>
+	<p>This package contains a number of archives, each contains the files changed from a given release to the latest version. You should select the appropriate archive for your current version, e.g. if you currently have <strong>3.0.12</strong> you should select the appropriate <code>phpBB-3.0.13-files.zip/tar.bz2</code> file.</p>
 
-	<p>The directory structure has been preserved enabling you (if you wish) to simply upload the contents of the archive to the appropriate location on your server, i.e. simply overwrite the existing files with the new versions. Do not forget that if you have installed any MODs these files will overwrite the originals possibly destroying them in the process. You will need to re-add MODs to any affected file before uploading.</p>
+	<p>The directory structure has been preserved, enabling you (if you wish) to simply upload the uncompressed contents of the archive to the appropriate location on your server, i.e. simply overwrite the existing files with the new versions. Do not forget that if you have installed any modifications (MODs) these files will overwrite the originals, possibly destroying them in the process. You will need to re-add MODs to any affected file before uploading.</p>
 
-	<p>As for the other update procedures you should run <b>install/database_update.php</b> after you have finished updating the files. This will update your database schema and increment the version number.</p>
+	<p>As for the other update procedures, you should run <code>install/database_update.php</code> after you have finished updating the files. This will update your database schema and increment the version number.</p>
 
 <a name="update_patch"></a><h3>4.iii. Patch file</h3>
 
-	<p>The patch file package is for those wanting to update through the patch application, and being comfortable with it.</p>
+	<p>The patch file package is for those wanting to update through the patch application, and should only be used by those who are comfortable with it.</p>
 
-	<p>The patch file is one solution for those with many Modifications (MODs) or other changes who do not want to re-add them back to all the changed files if they use the method explained above. To use this you will need command line access to a standard UNIX type <strong>patch</strong> application. If you do not have access to such an application but still want to use this update approach, we strongly recommend the <a href="#update_auto">Automatic update package</a> explained below. It is also the recommended update method.</p>
+	<p>The patch file is one solution for those with many Modifications (MODs) or other changes and do not want to re-add them back to all the changed files. To use this you will need command line access to a standard UNIX type <strong>patch</strong> application. If you do not have access to such an application, but still want to use this update approach, we strongly recommend the <a href="#update_auto">Automatic update package</a> explained below. It is also the recommended update method.</p>
 
-	<p>A number of patch files are provided to allow you to update from previous stable releases. Select the correct patch, e.g. if your current version is <samp>3.0.10</samp> you need the phpBB-3.0.10_to_3.0.11.patch file. Place the correct patch in the parent directory containing the phpBB3 core files (i.e. index.php, viewforum.php, etc.). With this done you should run the following command: <strong>patch -cl -d [PHPBB DIRECTORY] -p1 &lt; [PATCH NAME]</strong> (where PHPBB DIRECTORY is the directory name your phpBB Installation resides in, for example phpBB3, and where PATCH NAME is the relevant filename of the selected patch file). This should complete quickly, hopefully without any HUNK FAILED comments.</p>
+	<p>A number of patch files are provided to allow you to update from previous stable releases. Select the correct patch, e.g. if your current version is <strong>3.0.12</strong>, you need the <code>phpBB-3.0.13-patch.zip/tar.bz2</code> file. Place the correct patch in the parent directory containing the phpBB core files (i.e. index.php, viewforum.php, etc.). With this done you should run the following command: <code>patch -cl -d [PHPBB DIRECTORY] -p1 &lt; [PATCH NAME]</code> (where PHPBB DIRECTORY is the directory name your phpBB Installation resides in, for example phpBB, and where PATCH NAME is the relevant filename of the selected patch file). This should complete quickly, hopefully without any HUNK FAILED comments.</p>
 
-	<p>If you do get failures you should look at using the <a href="#update_files">Changed files only</a> package to replace the files which failed to patch, please note that you will need to manually re-add any Modifications (MODs) to these particular files. Alternatively if you know how you can examine the .rej files to determine what failed where and make manual adjustments to the relevant source.</p>
+	<p>If you do get failures, you should look at using the <a href="#update_files">Changed Files</a> package to replace the files which failed to patch. Please note that you will need to manually re-add any MODs to these particular files. Alternatively, if you know how, you can examine the .rej files to determine what failed where and make manual adjustments to the relevant source.</p>
 
-	<p>You should of course delete the patch file (or files) after use. As for the other update procedures you should run <code>install/database_update.php</code> after you have finished updating the files. This will update your database schema and data (if appropriate) and increment the version number.</p>
+	<p>You should, of course, delete the patch file (or files) after use. As for the other update procedures, you should run <code>install/database_update.php</code> after you have finished updating the files. This will update your database schema and data (if appropriate) and increment the version number.</p>
 
 <a name="update_auto"></a><h3>4.iv. Automatic update package</h3>
 
-	<p>This update method is the recommended method for updating. This package allows detecting changed files automatically and merges changes if needed.</p>
+	<p>This update method is the recommended method for updating. This package detects changed files automatically and merges in changes if needed.</p>
 
-	<p>The automatic update package contains - contrary to the others - only the information required to update the previous release version to the latest available version. These packages are meant for use with the automatic update tool.</p>
+	<p>The automatic update package will update the board from a given version to the latest version. A number of automatic update files are available, and you should choose the one that corresponds to the version of the board that you are currently running. For example, if your current version is <strong>3.0.12</strong>, you need the <code>phpBB-3.0.12_to_3.0.13.zip/tar.bz2</code> file.</p>
 
-	<p>To perform the update, either follow the instructions from the <code>Administration Control Panel-&gt;System</code> Tab - this should point out that you are running an outdated version and will guide you through the update - or follow the instructions listed below.</p>
+	<p>To perform the update, either follow the instructions from the <strong>Administration Control Panel-&gt;System</strong> Tab - this should point out that you are running an outdated version and will guide you through the update - or follow the instructions listed below.</p>
 
 	<ul>
-		<li>Go to the <a href="http://www.phpbb.com/downloads/">downloads page</a> and download the latest update package listed there, matching your current version.</li>
-		<li>Upload the archives contents to your phpBB installation - only the install folder is required. Upload the whole install folder, retaining the file structure.</li>
+		<li>Go to the <a href="https://www.phpbb.com/downloads/">downloads page</a> and download the latest update package listed there, matching your current version.</li>
+		<li>Upload the uncompressed archive contents to your phpBB installation - only the install folder is required. Upload the whole install folder, retaining the file structure.</li>
 		<li>After the install folder is present, phpBB3 will go offline automatically.</li>
-		<li>Point your browser to the install directory, for example <samp>http://www.example.com/phpBB3/install/</samp></li>
+		<li>Point your browser to the install directory, for example <code>http://www.example.com/phpBB3/install/</code></li>
 		<li>Choose the "Update" Tab and follow the instructions</li>
 	</ul>
 
@@ -312,7 +314,9 @@
 
 <a name="update_all"></a><h3>4.v. All package types</h3>
 
-	<p>If you have non-English language packs installed you may want to see if a new version has been made available. A number of missing strings may have been added which, though not essential, may be beneficial to users. Please note that at this time not all language packs have been updated so you should be prepared to periodically check for updates.</p>
+	<p>If you have non-English language packs installed, you may want to see if a new version has been made available. A number of missing strings may have been added which, though not essential, may be beneficial to users. Please note that at this time not all language packs have been updated so you should be prepared to periodically check for updates.</p>
+
+	<p>These update methods will only update the standard styles, <code>prosilver</code> and <code>subsilver2</code>, any other styles you have installed for your board will usually also need to be updated.</p>
 
 		</div>
 
@@ -334,47 +338,47 @@
 
 <a name="prereq"></a><h3>5.i. Requirements before converting</h3>
 
-	<p>Before converting we heavily recommend you do a <em>full backup of your database and files</em>! If you are unsure how to achieve this please ask your hosting provider for advice. You basically need to follow the basic instructions given for <a href="#install">New installations</a>. Please <strong>do not</strong> overwrite any old files - install phpBB3 at a different location.</p>
+	<p>Before converting, we heavily recommend you do a <em>full backup of your database and files</em>! If you are unsure how to achieve this, please ask your hosting provider for advice. You basically need to follow the instructions given for <a href="#install">New installations</a>. Please <strong>do not</strong> overwrite any old files - install phpBB3 at a different location.</p>
 
 	<p>Once you made a backup of everything and also have a brand new phpBB3 installation, you can now begin the conversion.</p>
 
-	<p>Note that the conversion requires CREATE and DROP privileges for the phpBB3's database user account.</p>
+	<p>Note that the conversion requires <code>CREATE</code> and <code>DROP</code> privileges for the phpBB3 database user account.</p>
 
 <a name="conversion"></a><h3>5.ii. Converting</h3>
 
-	<p>To begin the conversion visit the install folder of your phpBB3 installation (the same as you have done for installing). Now you will see a new tab <em>Convert</em>. Click this tab.</p>
+	<p>To begin the conversion, visit the <code>install/</code> folder of your phpBB3 installation (the same as you have done for installing). Now you will see a new tab <em>Convert</em>. Click this tab.</p>
 
-	<p>As with install the conversion is automated. Your previous 2.0.x database tables will not be changed as well as the original 2.0.x files remaining unaltered. The conversion is actually only filling your phpBB3 database tables and copying additional data over to your phpBB3 installation. This has the benefit that if something goes wrong you are able to either re-run the conversion or continue a conversion, while your old board is still accessible. We really recommend you disable your old installation while converting, else you may have inconsistent data after the conversion.</p>
+	<p>As with install, the conversion is automated. Your previous 2.0.x database tables will not be changed and the original 2.0.x files will remain unaltered. The conversion is actually only filling your phpBB3 database tables and copying additional data over to your phpBB3 installation. This has the benefit that if something goes wrong, you are able to either re-run the conversion or continue a conversion, while your old board is still accessible. We really recommend that you disable your old installation while converting, else you may have inconsistent data after the conversion.</p>
 
-	<p>Please note that this conversion process may take quite some time and depending on your hosting provider this may result in it failing (due to web server or other timeout issues). If this is the case you should ask your provider if they are willing to allow the convert script to temporarily exceed their limits (be nice and they will probably be quite helpful).</p>
+	<p>Please note that this conversion process may take quite some time and depending on your hosting provider this may result in it failing (due to web server resource limits or other timeout issues). If this is the case, you should ask your provider if they are willing to allow the convert script to temporarily exceed their limits (be nice and they will probably be quite helpful). If your host is unwilling to increase the limits to run the convertor, please see this article for performing the conversion on your local machine: <a href="https://www.phpbb.com/kb/article/offline-conversions/">Knowledge Base - Offline Conversions</a></p>
 
-	<p>Once completed your board should be immediately available. If you encountered errors you should report the problems to our bug tracker or seek help via our forums (see <a href="README.html">README</a> for details).</p>
+	<p>Once completed, your board should be immediately available. If you encountered errors, you should report the problems to our bug tracker or seek help via our forums (see <a href="README.html">README</a> for details).</p>
 
 <a name="postreq"></a><h3>5.iii. Things to do after conversion</h3>
 
-	<p>After successful conversion there may be a few items you need to do - apart from checking if the installation is accessible and everything displayed correctly.</p>
+	<p>After a successful conversion, there may be a few items you need to do - apart from checking if the installation is accessible and everything displayed correctly.</p>
 
-	<p>The first thing you may want to do is going to the administration control panel and checking every configuration item within the general tab. Thereafter you may want to adjust the forum descriptions/names if you entered HTML there. You also may want to access the other administrative sections, e.g. adjusting permissions, smilies, icons, ranks, etc.</p>
+	<p>The first thing you may want to do is to go to the administration control panel and check every configuration item within the general tab. Thereafter, you may want to adjust the forum descriptions/names if you entered HTML there. You also may want to access the other administrative sections, e.g. adjusting permissions, smilies, icons, ranks, etc.</p>
 
-	<p>Within the conversion the search index has not been created or transferred. This means after conversion you are not able to find any matches if you want to search for something. We recommend you rebuild your search index within <code>Admin -&gt; Maintenance -&gt; Database -&gt; Search Index</code>.</p>
+	<p>During the conversion, the search index is not created or transferred. This means after conversion you are not able to find any matches if you want to search for something. We recommend you rebuild your search index within <strong>Administration Control Panel -&gt; Maintenance -&gt; Database -&gt; Search Index</strong>.</p>
 
 	<p>After verifying the settings in the ACP, you can delete the install directory to enable the board. The board will stay disabled until you do so.</p>
 
-	<p>Once you are pleased with your new installation you may want to give it the name of your old installation, changing the directory name. With phpBB3 this is possible without any problems - but you may still want to check your cookie settings within the administration panel, if the cookie path need to be adjusted prior to renaming.</p>
+	<p>Once you are pleased with your new installation, you may want to give it the name of your old installation, changing the directory name. With phpBB3 this is possible without any problems, but you may still want to check your cookie settings within the administration panel; in case your cookie path needs to be adjusted prior to renaming.</p>
 
 <a name="convprob"></a><h3>5.iv. Common conversion problems</h3>
 
 	<p><strong>Broken non-latin characters</strong> The conversion script assumes that the database encoding in the source phpBB2 matches the encoding defined in the <code>lang_main.php</code> file of the default language pack of the source installation. Edit that file to match the database's encoding and re-start the conversion procedure.</p>
 
-	<p><strong>http 500 / white pages</strong> The conversion is a load-heavy procedure. Restrictions imposed by some server hosting providers can cause problems. The most common causes are: too low values for the php settings <code>memory_limit</code> and <code>max_execution_time</code>. Limits on the allowed CPU time are also a frequent cause for such errors, as are caps on the number of database queries allowed. If you cannot change such settings, then contact your hosting provider or run the conversion procedure on a different computer. The phpBB.com forums are also an excellent location to ask for support.</p>
+	<p><strong>http 500 / white pages</strong> The conversion is a load-heavy procedure. Restrictions imposed by some server hosting providers can cause problems. The most common causes are: values too low for the PHP settings <code>memory_limit</code> and <code>max_execution_time</code>. Limits on the allowed CPU time are also a frequent cause for such errors, as are limits on the number of database queries allowed. If you cannot change such settings, then contact your hosting provider or run the conversion procedure on a different computer. The phpBB.com forums are also an excellent location to ask for support.</p>
 
-	<p><strong>Password conversion</strong> Due to the utf-8 based handling of passwords in phpBB3, it is not always possible to transfer all passwords. For passwords "lost in translation" the easiest workaround is to use the "forgotten password" function.</p>
+	<p><strong>Password conversion</strong> Due to the utf-8 based handling of passwords in phpBB3, it is not always possible to transfer all passwords. For passwords "lost in translation" the easiest workaround is to use the <em>I forgot my password</em> link on the login page.</p>
 
-	<p><strong>Path to your former board</strong> The converter expects the relative path to your old board's files. So, - for instance - if the old board is located at <code>http://www.yourdomain.com/forum</code> and the phpBB3 installation is located at <code>http://www.yourdomain.com/phpBB3</code>, then the correct value would be <code>../forum</code>. Note that the webserver user must be able to access the source installation's files.</p>
+	<p><strong>Path to your former board</strong> The convertor expects the relative path to your old board's files. So, for instance, if the old board is located at <code>http://www.yourdomain.com/forum</code> and the phpBB3 installation is located at <code>http://www.yourdomain.com/phpBB3</code>, then the correct value would be <code>../forum</code>. Note that the webserver user must be able to access the source installation's files.</p>
 
 	<p><strong>Missing images</strong> If your default board language's language pack does not include all images, then some images might be missing in your installation. Always use a complete language pack as default language.</p>
 
-	<p><strong>Smilies</strong> During the conversion you might see warnings about image files where the copying failed. That can happen if the old board's smilies have the same file names as those on the new board. Copy those files manually after the conversion, if you want to continue using the old smilies.</p>
+	<p><strong>Smilies</strong> During the conversion you might see warnings about image files where the copying failed. This can happen if the old board's smilies have the same file names as those on the new board. Copy those files manually after the conversion, if you want to continue using the old smilies.</p>
 
 
 		</div>
@@ -393,27 +397,27 @@
 
 		<div class="content">
 
-	<p>Once you have successfully installed phpBB3 you <strong>MUST</strong> ensure you remove the entire install/ directory. Leaving the install directory in place is a <em>very serious potential security issue</em> which may lead to deletion or alteration of files, etc. Please note that until this directory is removed, phpBB3 will not operate and a warning message will be displayed. Beyond this <strong>essential</strong> deletion, you may also wish to delete the docs/ directories if you wish.</p>
+	<p>Once you have successfully installed phpBB3 you <strong>MUST</strong> ensure you remove the entire <code>install/</code> directory. Leaving the install directory in place is a <em>very serious potential security issue</em> which may lead to deletion or alteration of files, etc. Please note that until this directory is removed, phpBB will not operate and a warning message will be displayed. Beyond this <strong>essential</strong> deletion, you may also wish to delete the docs/ directory if you wish.</p>
 
-	<p>With these directories deleted you should proceed to the administration panel. Depending on how the installation completed you may have been directed there automatically. If not, login as the administrator you specified during install/conversion and click the <strong>Administration Panel</strong> link at the bottom of any page. Ensure that details specified in <code>Admin -&gt; General</code> are correct!</p>
+	<p>With these directories deleted, you should proceed to the administration panel. Depending on how the installation completed, you may have been directed there automatically. If not, login as the administrator you specified during install/conversion and click the <strong>Administration Control Panel</strong> link at the bottom of any page. Ensure that details specified on the <strong>General</strong> tab are correct!</p>
 
 <a name="avatars"></a><h3>6.i. Uploadable avatars</h3>
 
 	<p>phpBB3 supports several methods for allowing users to select their own <em>avatar</em> (an avatar is a small image generally unique to a user and displayed just below their username in posts).</p>
 
-	<p>Two of these options allow users to upload an avatar from their machine or a remote location (via a URL). If you wish to enable this function you should first ensure the correct paths for uploadeable avatars is set in <code>Admin -&gt; General -&gt; Board Configuration -&gt; Avatar settings</code>. By default this is <em>images/avatars/uploads</em> but you can set it to whatever you like, just ensure the configuration setting is updated. You must also ensure this directory can be written to by the webserver. Usually this means you have to alter its permissions to allow anyone to read and write to. Exactly how you should do this depends on your ftp client or server operating system.</p>
+	<p>Two of these options allow users to upload an avatar from their machine or a remote location (via a URL). If you wish to enable this function you should first ensure the correct path for uploadable avatars is set in <strong>Administration Control Panel -&gt; General -&gt; Board Configuration -&gt; Avatar settings</strong>. By default this is <code>images/avatars/uploads</code>, but you can set it to whatever you like, just ensure the configuration setting is updated. You must also ensure this directory can be written to by the webserver. Usually this means you have to alter its permissions to allow anyone to read and write to it. Exactly how you should do this depends on your FTP client or server operating system.</p>
 
-	<p>On UNIX systems for example you set the directory to a+rwx (or ugo+rwx or even 777). This can be done from a command line on your server using chmod or via your FTP client (using the Change Permissions, chmod or other Permissions dialoge box, see your FTP clients documentation for help). Most FTP clients list permissions in the form of User (Read, Write, Execute), Group (Read, Write, Execute) and Other (Read, Write, Execute). You need to tick all of these boxes to set correct permissions.</p>
+	<p>On UNIX systems, for example, you set the directory to a+rwx (or ugo+rwx or even 777). This can be done from a command line on your server using chmod or via your FTP client (using the Change Permissions, chmod or other Permissions dialog box, see your FTP client's documentation for help). Most FTP clients list permissions in the form of User (Read, Write, Execute), Group (Read, Write, Execute) and Other (Read, Write, Execute). You need to tick all of these boxes to set correct permissions.</p>
 
-	<p>On Windows system you need to ensure the directory is not write-protected and that it has global write permissions (see your servers documentation or contact your hosting provider if you are unsure on how to achieve this).</p>
+	<p>On Windows systems, you need to ensure the directory is not write-protected and that it has global write permissions (see your server's documentation or contact your hosting provider if you are unsure on how to achieve this).</p>
 
-	<p>Please be aware that setting a directories permissions to global write access is a potential security issue. While it is unlikely that anything nasty will occur (such as all the avatars being deleted) there are always people out there to cause trouble. Therefore you should monitor this directory and if possible make regular backups.</p>
+	<p>Please be aware that setting a directory's permissions to global write access is a potential security issue. While it is unlikely that anything nasty will occur (such as all the avatars being deleted) there are always people out there to cause trouble. Therefore you should monitor this directory and if possible make regular backups.</p>
 
 <a name="webserver_configuration"></a><h3>6.ii. Webserver configuration</h3>
 
-	<p>Depending on your web server you may have to configure your server to deny web access to the <code>cache/</code>, <code>files/</code>, <code>store/</code> and other directories. This is to prevent users from accessing sensitive files.</p>
+	<p>Depending on your web server, you may have to configure your server to deny web access to the <code>cache/</code>, <code>files/</code>, <code>store/</code> and other directories. This is to prevent users from accessing sensitive files.</p>
 
-	<p>For <strong>apache</strong> there are <code>.htaccess</code> files already in place to do this for you. For other webservers you will have to adjust the configuration yourself. Sample files for <strong>nginx</strong> and <strong>lighttpd</strong> to help you get started may be found in docs directory.</p>
+	<p>For <strong>Apache</strong> there are <code>.htaccess</code> files already in place to do this for you. Similarly, for <strong>Windows</strong> based servers using <strong>IIS</strong> there are <code>web.config</code> files already in place to do this for you. For other webservers, you will have to adjust the configuration yourself. Sample files for <strong>nginx</strong> and <strong>lighttpd</strong> to help you get started may be found in <code>docs/</code> directory.</p>
 
 		</div>
 
@@ -424,14 +428,30 @@
 
 	<hr />
 
-<a name="disclaimer"></a><h2>7. Copyright and disclaimer</h2>
+<a name="anti_spam"></a><h2>7. Anti-Spam Measures</h2>
+		
+		<div class="paragraph">
+		<div class="inner"><span class="corners-top"><span></span></span>
+
+		<div class="content">
+	<p>Like any online site that allows user input, your board could be subject to unwanted posts; often referred to as <a href="http://en.wikipedia.org/wiki/Forum_spam">forum spam</a>. The vast majority of these attacks will be from automated computer programs known as <a href="http://en.wikipedia.org/wiki/Spambot">spambots</a>. The attacks, generally, are not personal as the spammers are just trying to find accessible targets. phpBB has a number of anti-spam measures built in, including a range of CAPTCHAs. However, administrators are strongly urged to read and follow the advice for <a href="https://www.phpbb.com/support/spam/">Preventing Spam in phpBB</a> as soon as possible after completing the installation of your board.</p>
+		</div>
+
+		<div class="back2top"><a href="#wrap" class="top">Back to Top</a></div>
+
+		<span class="corners-bottom"><span></span></span></div>
+	</div>
+
+	<hr />
+
+<a name="disclaimer"></a><h2>8. Copyright and disclaimer</h2>
 
 	<div class="paragraph">
 		<div class="inner"><span class="corners-top"><span></span></span>
 
 		<div class="content">
 
-	<p>This application is opensource software released under the <a href="http://opensource.org/licenses/gpl-2.0.php">GNU General Public License v2</a>. Please see source code and the docs directory for more details. This package and its contents are Copyright (c) <a href="http://www.phpbb.com/">phpBB Group</a>, All Rights Reserved.</p>
+	<p>This application is opensource software released under the <a href="http://opensource.org/licenses/gpl-2.0.php">GNU General Public License v2</a>. Please see the source code and <code>docs/</code> directory for more details. This package and its contents are Copyright &copy; <a href="https://www.phpbb.com/">phpBB Group</a>, All Rights Reserved.</p>
 
 		</div>
 

phpBB/docs/README.html

@@ -41,7 +41,7 @@
 
 <!-- BEGIN DOCUMENT -->
 
-	<p>Thank you for downloading phpBB3. This README will guide through the basics of installation and operation of phpBB3. Please ensure you read this and the accompanying documentation fully <strong>before</strong> proceeding with the installation.</p>
+	<p>Thank you for downloading phpBB3. This README will guide you through the basics of installation and operation of phpBB3. Please ensure you read this and the accompanying documentation fully <strong>before</strong> proceeding with the installation.</p>
 
 	<h1>Readme</h1>
 
@@ -68,7 +68,7 @@
 				</ol>
 				</li>
 				<li><a href="#status">Status of this version</a></li>
-				<li><a href="#bugs">Reporting Bugs</a>
+				<li><a href="#bugs">Reporting bugs</a>
 				<ol style="list-style-type: lower-roman;">
 					<li><a href="#securitybugs">Security related bugs</a></li>
 				</ol>
@@ -92,11 +92,11 @@
 
 		<div class="content">
 
-	<p>Installation, update and conversion instructions can be found in the <a href="INSTALL.html">INSTALL</a> document contained in this distribution. If you are intending to convert from a previous phpBB 2.0.x installation we highly recommend you backup any existing data before proceeding!</p>
+	<p>Installation, update and conversion instructions can be found in the <a href="INSTALL.html">INSTALL</a> document in this directory. If you are intending on converting from a phpBB 2.0.x installation we highly recommend that you backup any existing data before proceeding!</p>
 
 	<p>Users of phpBB3 Beta versions cannot directly update.</p>
 
-	<p>Please note that we won't support the following installation types:</p>
+	<p>Please note that we don't support the following installation types:</p>
 	<ul>
 		<li>Updates from phpBB3 Beta versions to phpBB3 RC1 and higher</li>
 		<li>Conversions from phpBB 2.0.x to phpBB3 Beta versions</li>
@@ -109,7 +109,7 @@
 		<li>Updates from phpBB3 RC1 to the latest version</li>
 		<li>Note: if using the <em>Automatic Update Package</em>, updates are supported from phpBB 3.0.2 onward. To update a pre-3.0.2 installation, first update to 3.0.2 and then update to the current version.</li>
 		<li>Conversions from phpBB 2.0.x to the latest version</li>
-		<li>New installations of phpBB3 - always only the latest released version</li>
+		<li>New installations of phpBB3 - only the latest released version</li>
 	</ul>
 
 		</div>
@@ -132,21 +132,21 @@
 
 	<a name="i18n"></a><h3>2.i. Languages (Internationalisation - i18n)</h3>
 
-	<p>A number of language packs with included style localisations are available. You can find them listed in the <a href="http://www.phpbb.com/languages/">Language Packs</a> pages of our downloads section or from the <a href="http://www.phpbb.com/customise/db/language_packs-25/">Language Packs</a> section of the <a href="http://www.phpbb.com/customise/db/">Customisation Database</a>.</p>
+	<p>A number of language packs with included style localisations are available. You can find them listed in the <a href="https://www.phpbb.com/languages/">Language Packs</a> pages of our downloads section or from the <a href="https://www.phpbb.com/customise/db/language_packs-25/">Language Packs</a> section of the <a href="https://www.phpbb.com/customise/db/">Customisation Database</a>.</p>
 
-	<p>For more information about language packs, please see: <a href="http://www.phpbb.com/languages/">http://www.phpbb.com/languages/</a></p>
+	<p>For more information about language packs, please see: <a href="https://www.phpbb.com/languages/">https://www.phpbb.com/languages/</a></p>
 
-	<p>This is the <em>official</em> location for all supported language sets. If you download a package from a 3rd party site you do so with the understanding that we cannot offer support. So please, do not ask for help in these cases!</p>
+	<p>This is the <em>official</em> location for all supported language sets. If you download a package from a 3rd party site you do so with the understanding that we cannot offer support. Please do not ask for support if you download a language pack from a 3rd party site.</p>
 
-	<p>Installation of these packages is straightforward: simply download the required language pack, uncompress (unzip) it and via FTP transfer the included <code>language</code> and <code>styles</code> folders to the root of your board installation. The language can then be installed via the Administration Control Panel of your board: <code>System tab -&gt; General Tasks -&gt; Language packs</code>. A more detailed description of the process is in the Knowledge Base article, <a href="http://www.phpbb.com/kb/article/how-to-install-a-language-pack/">How to Install a Language Pack</a>.</p>
+	<p>Installation of these packages is straightforward: simply download the required language pack, uncompress (unzip) it and via FTP transfer the included <code>language</code> and <code>styles</code> folders to the root of your board installation. The language can then be installed via the Administration Control Panel of your board: <code>System tab -&gt; General Tasks -&gt; Language packs</code>. A more detailed description of the process is in the Knowledge Base article, <a href="https://www.phpbb.com/kb/article/how-to-install-a-language-pack/">How to Install a Language Pack</a>.</p>
 
-	<p>If your language is not available, please visit our <a href="http://www.phpbb.com/community/viewforum.php?f=66">[3.0.x] Translations</a> forum where you will find topics on translations in progress. Should you wish to volunteer to translate a language not currently available or assist in maintaining an existing language pack, you can <a href="http://www.phpbb.com/languages/apply.php">Apply to become a translator</a>.</p>
+	<p>If your language is not available, please visit our <a href="https://www.phpbb.com/community/viewforum.php?f=66">[3.0.x] Translations</a> forum where you will find topics on translations in progress. Should you wish to volunteer to translate a language not currently available or assist in maintaining an existing language pack, you can <a href="https://www.phpbb.com/languages/apply.php">Apply to become a translator</a>.</p>
 
 	<a name="styles"></a><h3>2.ii. Styles</h3>
 
-	<p>Although the phpBB Group is rather proud of the included styles, we realise that they may not be to everyone's taste. Therefore, phpBB3 allows styles to be switched with relative ease. First, you need to locate and download a style you like. You can find them listed in the <a href="http://www.phpbb.com/customise/db/styles-2/">Styles</a> section of our <a href="http://www.phpbb.com/customise/db/">Customisation Database</a>.</p>
+	<p>Although the phpBB Group is rather proud of the included styles, we realise that they may not be to everyone's taste. Therefore, phpBB3 allows styles to be switched with relative ease. First, you need to locate and download a style you like. You can find them listed in the <a href="https://www.phpbb.com/customise/db/styles-2/">Styles</a> section of our <a href="https://www.phpbb.com/customise/db/">Customisation Database</a>.</p>
 
-	<p>For more information about styles, please see: <a href="http://www.phpbb.com/styles/">http://www.phpbb.com/styles/</a></p>
+	<p>For more information about styles, please see: <a href="https://www.phpbb.com/styles/">https://www.phpbb.com/styles/</a></p>
 
 	<p><strong>Please note</strong> that 3rd party styles downloaded for versions of phpBB2 will <strong>not</strong> work in phpBB3. It is also important to ensure that the style is updated to match the current version of the phpBB software you are using.</p>
 
@@ -156,9 +156,9 @@
 
 	<a name="mods"></a><h3>2.iii. Modifications</h3>
 
-	<p>Although not officially supported by the phpBB Group, phpBB has a thriving modification scene. These third party modifications to the standard phpBB software, known as <strong>MODs</strong>, extend its capabilities still further. You can browse through many of the MODs in the <a href="http://www.phpbb.com/customise/db/modifications-1/">Modifications</a> section of our <a href="http://www.phpbb.com/customise/db/">Customisation Database</a>.</p>
+	<p>Although not officially supported by the phpBB Group, phpBB has a thriving modification scene. These third party modifications to the standard phpBB software, known as <strong>MODs</strong>, extend its capabilities still further. You can browse through many of the MODs in the <a href="https://www.phpbb.com/customise/db/modifications-1/">Modifications</a> section of our <a href="https://www.phpbb.com/customise/db/">Customisation Database</a>.</p>
 
-	<p>For more information about MODs, please see: <a href="http://www.phpbb.com/mods/">http://www.phpbb.com/mods/</a></p>
+	<p>For more information about MODs, please see: <a href="https://www.phpbb.com/mods/">https://www.phpbb.com/mods/</a></p>
 
 	<p><strong>Please remember</strong> that any bugs or other issues that occur after you have added any modification should <strong>NOT</strong> be reported to the bug tracker (see below). First remove the MOD and see if the problem is resolved. Any support for a MOD should only be sought in the &quot;Discussion/Support&quot; forum for that MOD.</p>
 
@@ -180,35 +180,35 @@
 
 		<div class="content">
 
-	<p>phpBB3 can seem a little daunting to new users in places, particularly with regard the permission system. The first thing you should do is check the <a href="FAQ.html">FAQ</a> which covers a few basic getting started questions. If you need additional help there are several places you should look.</p>
+	<p>phpBB3 can sometimes seem a little daunting to new users, particularly with regards to the permission system. The first thing you should do is check the <a href="FAQ.html">FAQ</a>, which covers a few basic getting started questions. If you need additional help there are several places you can find it.</p>
 
 	<a name="docs"></a><h3>3.i. phpBB3 Documentation</h3>
 
-	<p>A comprehensive documentation is now available online and can be accessed from the following location:</p>
+	<p>Comprehensive documentation is now available on the phpBB website:</p>
 
-	<p><a href="http://www.phpbb.com/support/documentation/3.0/">http://www.phpbb.com/support/documentation/3.0/</a></p>
+	<p><a href="https://www.phpbb.com/support/documentation/3.0/">https://www.phpbb.com/support/documentation/3.0/</a></p>
 
-	<p>This covers everything from installation through setting permissions and managing users.</p>
+	<p>This covers everything from installation to setting permissions and managing users.</p>
 
 	<a name="kb"></a><h3>3.ii. Knowledge Base</h3>
 
 	<p>The Knowledge Base consists of a number of detailed articles on some common issues phpBB users may encounter while using the product. The Knowledge Base can be found at:</p>
 
-	<p><a href="http://www.phpbb.com/kb/">http://www.phpbb.com/kb/</a></p>
+	<p><a href="https://www.phpbb.com/kb/">https://www.phpbb.com/kb/</a></p>
 
 	<a name="website"></a><h3>3.iii. Community Forums</h3>
 
 	<p>The phpBB Group maintains a thriving community where a number of people have generously decided to donate their time to help support users. This site can be found at:</p>
 
-	<p><a href="http://www.phpbb.com/community/">http://www.phpbb.com/community/</a></p>
+	<p><a href="https://www.phpbb.com/community/">https://www.phpbb.com/community/</a></p>
 
-	<p>If you do seek help via our forums please be sure to do a Search before posting. This may well save both you and us time and allow the developer, moderator and support groups to spend more time responding to people with unknown issues and problems. Please also remember that phpBB is an entirely volunteer effort, no one receives any compensation for the time they give, this includes moderators as well as developers. So please be respectful and mindful when awaiting responses.</p>
+	<p>If you do seek help via our forums please be sure to do a search before posting; if someone has experienced the issue before, then you may find that your question has already been answered. Please remember that phpBB is entirely staffed by volunteers, no one receives any compensation for the time they give, including moderators as well as developers; please be respectful and mindful when awaiting responses and receiving support.</p>
 
 	<a name="irc"></a><h3>3.iv Internet Relay Chat</h3>
 
 	<p>Another place you may find help is our IRC channel. This operates on the Freenode IRC network, <a href="irc://irc.freenode.net">irc.freenode.net</a> and the channel is <em>#phpbb</em> and can be accessed by any decent IRC client such as mIRC, XChat, etc. Again, please do not abuse this service and be respectful of other users.</p>
 
-	<p>There are other IRC channels available, please see <a href="http://www.phpbb.com/support/irc/">http://www.phpbb.com/support/irc/</a> for the complete list.</p>
+	<p>There are other IRC channels available, please see <a href="https://www.phpbb.com/support/irc/">https://www.phpbb.com/support/irc/</a> for the complete list.</p>
 
 		</div>
 
@@ -273,7 +273,7 @@
 
 	<p>The relevant database type/version is listed within the administration control panel.</p>
 
-	<p>Please also be as detailed as you can in your report, if possible list the steps required to duplicate the problem. If you have a patch that fixes the issue, please attach it to the ticket or submit a pull request <a href="https://github.com/phpbb/phpbb3">on GitHub</a>.</p>
+	<p>Please be as detailed as you can in your report, and if possible, list the steps required to duplicate the problem. If you have a patch that fixes the issue, please attach it to the ticket or submit a pull request to our repository <a href="https://github.com/phpbb/phpbb3">on GitHub</a>.</p>
 
 	<p>If you create a patch, it is very much appreciated (but not required) if you follow the phpBB coding guidelines. Please note that the coding guidelines are somewhat different between different versions of phpBB. For phpBB 3.0.x the coding guidelines may be found here: <a href="http://area51.phpbb.com/docs/30x/coding-guidelines.html">http://area51.phpbb.com/docs/30x/coding-guidelines.html</a></p>
 
@@ -283,7 +283,7 @@
 
 	<p>If you find a potential security related vulnerability in phpBB please <strong>DO NOT</strong> post it to the bug tracker, public forums, etc.! Doing so may allow unscrupulous users to take advantage of it before we have time to put a fix in place. All security related bugs should be sent to our security tracker:</p>
 
-	<p><a href="http://www.phpbb.com/security/">http://www.phpbb.com/security/</a></p>
+	<p><a href="https://www.phpbb.com/security/">https://www.phpbb.com/security/</a></p>
 
 		</div>
 
@@ -304,8 +304,8 @@
 	<p>This list is not complete but does represent those bugs which may affect users on a wider scale. Other bugs listed in the tracker have typically been shown to be limited to certain setups or methods of installation, updating and/or conversions.</p>
 
 	<ul>
-		<li>Conversions may fail to complete on large boards under some hosts</li>
-		<li>Updates may fail to complete on large update sets under some hosts</li>
+		<li>Conversions may fail to complete on large boards under some hosts.</li>
+		<li>Updates may fail to complete on large update sets under some hosts.</li>
 		<li>Smilies placed directly after bbcode tags will not get parsed. Smilies always need to be separated by spaces.</li>
 	</ul>
 
@@ -325,11 +325,11 @@
 
 		<div class="content">
 
-	<p>phpBB is no longer supported on PHP3 due to several compatibility issues and we recommend that you upgrade to the latest stable release of PHP5 to run phpBB. The minimum version required is PHP 4.3.3.</p>
+	<p>phpBB is no longer supported on PHP3 due to several compatibility issues and we recommend that you upgrade to the latest stable release of PHP5 to run phpBB. The minimum version required is PHP 4.3.3. The minimum version that will be required for phpBB 3.1 is PHP 5.3.3.</p>
 
-	<p>Please remember that running any application on a developmental version of PHP can lead to strange/unexpected results which may appear to be bugs in the application (which may not be true). Therefore we recommend you upgrade to the newest stable version of PHP before running phpBB3. If you are running a developmental version of PHP please check any bugs you find on a system running a stable release before submitting.</p>
+	<p>Please remember that running any application on a development (unstable, e.g. a beta release) version of PHP can lead to strange/unexpected results which may appear to be bugs in the application. Therefore, we recommend you upgrade to the newest stable version of PHP before running phpBB3. If you are running a development version of PHP please check any bugs you find on a system running a stable release before submitting.</p>
 
-	<p>This board has been developed and tested under Linux and Windows (amongst others) running Apache using MySQL 3.23, 4.x, 5.x, MSSQL Server 2000, PostgreSQL 7.x, Oracle 8, SQLite 2 and Firebird. Versions of PHP used range from 4.3.3 to 5.4.x without problem. </p>
+	<p>This board has been developed and tested under Linux and Windows (amongst others) running Apache using MySQL 3.23, 4.x, 5.x, MariaDB 5.x, MSSQL Server 2000, PostgreSQL 7.x, Oracle 8, SQLite 2 and Firebird. Versions of PHP used range from 4.3.3 to 5.4.x without problem. </p>
 
 <a name="phpsec"></a><h3>7.i. Notice on PHP security issues</h3>
 
@@ -351,7 +351,7 @@
 
 		<div class="content">
 
-	<p>This application is opensource software released under the <a href="http://opensource.org/licenses/gpl-2.0.php">GNU General Public License v2</a>. Please see source code and the docs directory for more details. This package and its contents are Copyright &copy; <a href="http://www.phpbb.com/">phpBB Group</a>, All Rights Reserved.</p>
+	<p>This application is opensource software released under the <a href="http://opensource.org/licenses/gpl-2.0.php">GNU General Public License v2</a>. Please see source code and the docs directory for more details. This package and its contents are Copyright &copy; <a href="https://www.phpbb.com/">phpBB Group</a>, All Rights Reserved.</p>
 
 		</div>
 

phpBB/docs/auth_api.html

@@ -200,7 +200,7 @@ $user_id = 2;
 $auth->acl_clear_prefetch($user_id);
 </pre></div>
 
-	<p>This method returns void.</p>
+	<p>This method returns null.</p>
 
 	<a name="acl_get_list"></a><h3>2.viii. acl_get_list</h3>
 
@@ -275,7 +275,7 @@ $auth_admin = new auth_admin();
 
 		<div class="content">
 
-	<p>This application is opensource software released under the <a href="http://opensource.org/licenses/gpl-2.0.php">GNU General Public License v2</a>. Please see source code and the docs directory for more details. This package and its contents are Copyright (c) <a href="http://www.phpbb.com/">phpBB Group</a>, All Rights Reserved.</p>
+	<p>This application is opensource software released under the <a href="http://opensource.org/licenses/gpl-2.0.php">GNU General Public License v2</a>. Please see source code and the docs directory for more details. This package and its contents are Copyright (c) <a href="https://www.phpbb.com/">phpBB Group</a>, All Rights Reserved.</p>
 
 		</div>
 

phpBB/docs/coding-guidelines.html

@@ -728,7 +728,7 @@ $sql = 'SELECT *
 $sql_ary = array(
 	'somedata'		=> $my_string,
 	'otherdata'		=> $an_int,
-	'moredata'		=> $another_int
+	'moredata'		=> $another_int,
 );
 
 $db->sql_query('INSERT INTO ' . SOME_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
@@ -740,7 +740,7 @@ $db->sql_query('INSERT INTO ' . SOME_TABLE . ' ' . $db->sql_build_array('I
 $sql_ary = array(
 	'somedata'		=> $my_string,
 	'otherdata'		=> $an_int,
-	'moredata'		=> $another_int
+	'moredata'		=> $another_int,
 );
 
 $sql = 'UPDATE ' . SOME_TABLE . '
@@ -833,20 +833,20 @@ $sql_array = array(
 
 	'FROM'		=> array(
 		FORUMS_WATCH_TABLE	=> 'fw',
-		FORUMS_TABLE		=> 'f'
+		FORUMS_TABLE		=> 'f',
 	),
 
 	'LEFT_JOIN'	=> array(
 		array(
 			'FROM'	=> array(FORUMS_TRACK_TABLE => 'ft'),
-			'ON'	=> 'ft.user_id = ' . $user->data['user_id'] . ' AND ft.forum_id = f.forum_id'
-		)
+			'ON'	=> 'ft.user_id = ' . $user->data['user_id'] . ' AND ft.forum_id = f.forum_id',
+		),
 	),
 
 	'WHERE'		=> 'fw.user_id = ' . $user->data['user_id'] . '
 		AND f.forum_id = fw.forum_id',
 
-	'ORDER_BY'	=> 'left_id'
+	'ORDER_BY'	=> 'left_id',
 );
 
 $sql = $db->sql_build_query('SELECT', $sql_array);
@@ -860,13 +860,13 @@ $sql_array = array(
 
 	'FROM'		=> array(
 		FORUMS_WATCH_TABLE	=> 'fw',
-		FORUMS_TABLE		=> 'f'
+		FORUMS_TABLE		=> 'f',
 	),
 
 	'WHERE'		=> 'fw.user_id = ' . $user->data['user_id'] . '
 		AND f.forum_id = fw.forum_id',
 
-	'ORDER_BY'	=> 'left_id'
+	'ORDER_BY'	=> 'left_id',
 );
 
 if ($config['load_db_lastread'])
@@ -874,8 +874,8 @@ if ($config['load_db_lastread'])
 	$sql_array['LEFT_JOIN'] = array(
 		array(
 			'FROM'	=> array(FORUMS_TRACK_TABLE => 'ft'),
-			'ON'	=> 'ft.user_id = ' . $user->data['user_id'] . ' AND ft.forum_id = f.forum_id'
-		)
+			'ON'	=> 'ft.user_id = ' . $user->data['user_id'] . ' AND ft.forum_id = f.forum_id',
+		),
 	);
 
 	$sql_array['SELECT'] .= ', ft.mark_time ';
@@ -956,6 +956,8 @@ $action_ary = request_var('action', array('' => 0));
 	<h4>Login checks/redirection: </h4>
 	<p>To show a forum login box use <code>login_forum_box($forum_data)</code>, else use the <code>login_box()</code> function.</p>
 
+	<p><code>$forum_data</code> should contain at least the <code>forum_id</code> and <code>forum_password</code> fields. If the field <code>forum_name</code> is available, then it is displayed on the forum login page.</p>
+
 	<p>The <code>login_box()</code> function can have a redirect as the first parameter. As a thumb of rule, specify an empty string if you want to redirect to the users current location, else do not add the <code>$SID</code> to the redirect string (for example within the ucp/login we redirect to the board index because else the user would be redirected to the login screen).</p>
 
 	<h4>Sensitive Operations: </h4>
@@ -1189,7 +1191,7 @@ append_sid(&quot;{$phpbb_root_path}memberlist.$phpEx&quot;, 'mode=group&amp;amp;
 <span class="comment">&lt;!-- INCLUDEPHP somefile&#46;php --&gt;</span>
 </pre></div>
 
-<p>it will be included and executed inline.<br /><br />A note, it is very much encouraged that template designers do not include PHP. The ability to include raw PHP was introduced primarily to allow end users to include banner code, etc. without modifying multiple files (as with 2.0.x). It was not intended for general use ... hence <!-- w --><a href="http://www.phpbb.com">www.phpbb.com</a><!-- w --> will <strong>not</strong> make available template sets which include PHP. And by default templates will have PHP disabled (the admin will need to specifically activate PHP for a template).</p>
+<p>it will be included and executed inline.<br /><br />A note, it is very much encouraged that template designers do not include PHP. The ability to include raw PHP was introduced primarily to allow end users to include banner code, etc. without modifying multiple files (as with 2.0.x). It was not intended for general use ... hence <!-- w --><a href="https://www.phpbb.com">www.phpbb.com</a><!-- w --> will <strong>not</strong> make available template sets which include PHP. And by default templates will have PHP disabled (the admin will need to specifically activate PHP for a template).</p>
 
 <h4>Conditionals/Control structures</h4>
 <p>The most significant addition to 3.0.x are conditions or control structures, &quot;if something then do this else do that&quot;. The system deployed is very similar to Smarty. This may confuse some people at first but it offers great potential and great flexibility with a little imagination. In their most simple form these constructs take the form:</p>
@@ -2314,14 +2316,14 @@ if (utf8_case_fold_nfc($string1) == utf8_case_fold_nfc($string2))
 
 	<hr />
 
-<a name="disclaimer"></a><h2>8. Copyright and disclaimer</h2>
+<a name="disclaimer"></a><h2>7. Copyright and disclaimer</h2>
 
 	<div class="paragraph">
 		<div class="inner"><span class="corners-top"><span></span></span>
 
 		<div class="content">
 
-	<p>This application is opensource software released under the <a href="http://opensource.org/licenses/gpl-2.0.php">GNU General Public License v2</a>. Please see source code and the docs directory for more details. This package and its contents are Copyright (c) <a href="http://www.phpbb.com/">phpBB Group</a>, All Rights Reserved.</p>
+	<p>This application is opensource software released under the <a href="http://opensource.org/licenses/gpl-2.0.php">GNU General Public License v2</a>. Please see source code and the docs directory for more details. This package and its contents are Copyright (c) <a href="https://www.phpbb.com/">phpBB Group</a>, All Rights Reserved.</p>
 
 		</div>
 

phpBB/docs/hook_system.html

@@ -867,7 +867,7 @@ function phpbb_hook_register(&$hook)
 
 		<div class="content">
 
-	<p>This application is opensource software released under the <a href="http://opensource.org/licenses/gpl-2.0.php">GNU General Public License v2</a>. Please see source code and the docs directory for more details. This package and its contents are Copyright (c) <a href="http://www.phpbb.com/">phpBB Group</a>, All Rights Reserved.</p>
+	<p>This application is opensource software released under the <a href="http://opensource.org/licenses/gpl-2.0.php">GNU General Public License v2</a>. Please see source code and the docs directory for more details. This package and its contents are Copyright (c) <a href="https://www.phpbb.com/">phpBB Group</a>, All Rights Reserved.</p>
 
 		</div>
 

phpBB/download/file.php

@@ -170,7 +170,7 @@ else
 	if (!$attachment['in_message'])
 	{
 		//
-		$sql = 'SELECT p.forum_id, f.forum_password, f.parent_id
+		$sql = 'SELECT p.forum_id, f.forum_name, f.forum_password, f.parent_id
 			FROM ' . POSTS_TABLE . ' p, ' . FORUMS_TABLE . ' f
 			WHERE p.post_id = ' . $attachment['post_msg_id'] . '
 				AND p.forum_id = f.forum_id';
@@ -285,7 +285,7 @@ else if (($display_cat == ATTACHMENT_CATEGORY_NONE/* || $display_cat == ATTACHME
 	$db->sql_query($sql);
 }
 
-if ($display_cat == ATTACHMENT_CATEGORY_IMAGE && $mode === 'view' && (strpos($attachment['mimetype'], 'image') === 0) && ((strpos(strtolower($user->browser), 'msie') !== false) && (strpos(strtolower($user->browser), 'msie 8.0') === false)))
+if ($display_cat == ATTACHMENT_CATEGORY_IMAGE && $mode === 'view' && (strpos($attachment['mimetype'], 'image') === 0) && (strpos(strtolower($user->browser), 'msie') !== false) && !phpbb_is_greater_ie_version($user->browser, 7))
 {
 	wrap_img_in_html(append_sid($phpbb_root_path . 'download/file.' . $phpEx, 'id=' . $attachment['attach_id']), $attachment['real_filename']);
 	file_gc();
@@ -343,8 +343,8 @@ function send_avatar_to_browser($file, $browser)
 
 		$image_data = @getimagesize($file_path);
 		header('Content-Type: ' . image_type_to_mime_type($image_data[2]));
-
-		if (strpos(strtolower($browser), 'msie') !== false && strpos(strtolower($browser), 'msie 8.0') === false)
+			
+		if ((strpos(strtolower($browser), 'msie') !== false) && !phpbb_is_greater_ie_version($browser, 7))
 		{
 			header('Content-Disposition: attachment; ' . header_filename($file));
 
@@ -477,10 +477,9 @@ function send_file_to_browser($attachment, $upload_dir, $category)
 	*/
 
 	// Send out the Headers. Do not set Content-Disposition to inline please, it is a security measure for users using the Internet Explorer.
-	$is_ie8 = (strpos(strtolower($user->browser), 'msie 8.0') !== false);
 	header('Content-Type: ' . $attachment['mimetype']);
-
-	if ($is_ie8)
+		
+	if (phpbb_is_greater_ie_version($user->browser, 7))
 	{
 		header('X-Content-Type-Options: nosniff');
 	}
@@ -492,7 +491,7 @@ function send_file_to_browser($attachment, $upload_dir, $category)
 	}
 	else
 	{
-		if (empty($user->browser) || (!$is_ie8 && (strpos(strtolower($user->browser), 'msie') !== false)))
+		if (empty($user->browser) || ((strpos(strtolower($user->browser), 'msie') !== false) && !phpbb_is_greater_ie_version($user->browser, 7)))
 		{
 			header('Content-Disposition: attachment; ' . header_filename(htmlspecialchars_decode($attachment['real_filename'])));
 			if (empty($user->browser) || (strpos(strtolower($user->browser), 'msie 6.0') !== false))
@@ -503,7 +502,7 @@ function send_file_to_browser($attachment, $upload_dir, $category)
 		else
 		{
 			header('Content-Disposition: ' . ((strpos($attachment['mimetype'], 'image') === 0) ? 'inline' : 'attachment') . '; ' . header_filename(htmlspecialchars_decode($attachment['real_filename'])));
-			if ($is_ie8 && (strpos($attachment['mimetype'], 'image') !== 0))
+			if (phpbb_is_greater_ie_version($user->browser, 7) && (strpos($attachment['mimetype'], 'image') !== 0))
 			{
 				header('X-Download-Options: noopen');
 			}
@@ -680,7 +679,8 @@ function set_modified_headers($stamp, $browser)
 {
 	// let's see if we have to send the file at all
 	$last_load 	=  isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) ? strtotime(trim($_SERVER['HTTP_IF_MODIFIED_SINCE'])) : false;
-	if ((strpos(strtolower($browser), 'msie 6.0') === false) && (strpos(strtolower($browser), 'msie 8.0') === false))
+		
+	if (strpos(strtolower($browser), 'msie 6.0') === false && !phpbb_is_greater_ie_version($browser, 7))
 	{
 		if ($last_load !== false && $last_load >= $stamp)
 		{
@@ -709,4 +709,25 @@ function file_gc()
 	exit;
 }
 
+/**
+* Check if the browser is internet explorer version 7+
+*
+* @param string $user_agent	User agent HTTP header
+* @param int $version IE version to check against
+*
+* @return bool true if internet explorer version is greater than $version
+*/
+function phpbb_is_greater_ie_version($user_agent, $version)
+{
+	if (preg_match('/msie (\d+)/', strtolower($user_agent), $matches))
+	{
+		$ie_version = (int) $matches[1];
+		return ($ie_version > $version);
+	}
+	else
+	{
+		return false;
+	}
+}
+
 ?>

phpBB/includes/acm/acm_apc.php

@@ -33,7 +33,7 @@ class acm extends acm_memory
 	/**
 	* Purge cache data
 	*
-	* @return void
+	* @return null
 	*/
 	function purge()
 	{

phpBB/includes/acm/acm_eaccelerator.php

@@ -37,7 +37,7 @@ class acm extends acm_memory
 	/**
 	* Purge cache data
 	*
-	* @return void
+	* @return null
 	*/
 	function purge()
 	{
@@ -54,7 +54,7 @@ class acm extends acm_memory
 	/**
 	 * Perform cache garbage collection
 	 *
-	 * @return void
+	 * @return null
 	 */
 	function tidy()
 	{

phpBB/includes/acm/acm_memcache.php

@@ -71,7 +71,7 @@ class acm extends acm_memory
 	/**
 	* Unload the cache resources
 	*
-	* @return void
+	* @return null
 	*/
 	function unload()
 	{
@@ -83,7 +83,7 @@ class acm extends acm_memory
 	/**
 	* Purge cache data
 	*
-	* @return void
+	* @return null
 	*/
 	function purge()
 	{

phpBB/includes/acm/acm_memory.php

@@ -292,12 +292,24 @@ class acm_memory
 		// determine which tables this query belongs to
 		// Some queries use backticks, namely the get_database_size() query
 		// don't check for conformity, the SQL would error and not reach here.
-		if (!preg_match('/FROM \\(?(`?\\w+`?(?: \\w+)?(?:, ?`?\\w+`?(?: \\w+)?)*)\\)?/', $query, $regs))
+		if (!preg_match_all('/(?:FROM \\(?(`?\\w+`?(?: \\w+)?(?:, ?`?\\w+`?(?: \\w+)?)*)\\)?)|(?:JOIN (`?\\w+`?(?: \\w+)?))/', $query, $regs, PREG_SET_ORDER))
 		{
 			// Bail out if the match fails.
 			return;
 		}
-		$tables = array_map('trim', explode(',', $regs[1]));
+
+		$tables = array();
+		foreach ($regs as $match)
+		{
+			if ($match[0][0] == 'F')
+			{
+				$tables = array_merge($tables, array_map('trim', explode(',', $match[1])));
+			}
+			else
+			{
+				$tables[] = $match[2];
+			}
+		}
 
 		foreach ($tables as $table_name)
 		{

phpBB/includes/acm/acm_redis.php

@@ -80,7 +80,7 @@ class acm extends acm_memory
 	/**
 	* Unload the cache resources
 	*
-	* @return void
+	* @return null
 	*/
 	function unload()
 	{
@@ -92,7 +92,7 @@ class acm extends acm_memory
 	/**
 	* Purge cache data
 	*
-	* @return void
+	* @return null
 	*/
 	function purge()
 	{

phpBB/includes/acm/acm_wincache.php

@@ -32,7 +32,7 @@ class acm extends acm_memory
 	/**
 	* Purge cache data
 	*
-	* @return void
+	* @return null
 	*/
 	function purge()
 	{

phpBB/includes/acm/acm_xcache.php

@@ -48,7 +48,7 @@ class acm extends acm_memory
 	/**
 	* Purge cache data
 	*
-	* @return void
+	* @return null
 	*/
 	function purge()
 	{

phpBB/includes/acp/acp_attachments.php

@@ -127,7 +127,7 @@ class acp_attachments
 						'img_create_thumbnail'		=> array('lang' => 'CREATE_THUMBNAIL',		'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => true),
 						'img_max_thumb_width'		=> array('lang' => 'MAX_THUMB_WIDTH',		'validate' => 'int',	'type' => 'text:7:15', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),
 						'img_min_thumb_filesize'	=> array('lang' => 'MIN_THUMB_FILESIZE',	'validate' => 'int',	'type' => 'text:7:15', 'explain' => true, 'append' => ' ' . $user->lang['BYTES']),
-						'img_imagick'				=> array('lang' => 'IMAGICK_PATH',			'validate' => 'string',	'type' => 'text:20:200', 'explain' => true, 'append' => '&nbsp;&nbsp;<span>[ <a href="' . $this->u_action . '&amp;action=imgmagick">' . $user->lang['SEARCH_IMAGICK'] . '</a> ]</span>'),
+						'img_imagick'				=> array('lang' => 'IMAGICK_PATH',			'validate' => 'path',	'type' => 'text:20:200', 'explain' => true, 'append' => '&nbsp;&nbsp;<span>[ <a href="' . $this->u_action . '&amp;action=imgmagick">' . $user->lang['SEARCH_IMAGICK'] . '</a> ]</span>'),
 						'img_max'					=> array('lang' => 'MAX_IMAGE_SIZE',		'validate' => 'int',	'type' => 'dimension:3:4', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),
 						'img_link'					=> array('lang' => 'IMAGE_LINK_SIZE',		'validate' => 'int',	'type' => 'dimension:3:4', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),
 					)

phpBB/includes/acp/acp_bbcodes.php

@@ -113,8 +113,8 @@ class acp_bbcodes
 				{
 					$template->assign_block_vars('token', array(
 						'TOKEN'		=> '{' . $token . '}',
-						'EXPLAIN'	=> $token_explain)
-					);
+						'EXPLAIN'	=> ($token === 'LOCAL_URL') ? sprintf($token_explain, generate_board_url() . '/') : $token_explain,
+					));
 				}
 
 				return;
@@ -345,6 +345,9 @@ class acp_bbcodes
 			'LOCAL_URL'	 => array(
 				'!(' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('relative_url')) . ')!e'	=>	"\$this->bbcode_specialchars('$1')"
 			),
+			'RELATIVE_URL'	=> array(
+				'!(' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('relative_url')) . ')!e'	=>	"\$this->bbcode_specialchars('$1')"
+			),
 			'EMAIL' => array(
 				'!(' . get_preg_expression('email') . ')!ie'	=>	"\$this->bbcode_specialchars('$1')"
 			),
@@ -371,6 +374,7 @@ class acp_bbcodes
 		$sp_tokens = array(
 			'URL'	 => '(?i)((?:' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('url')) . ')|(?:' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('www_url')) . '))(?-i)',
 			'LOCAL_URL'	 => '(?i)(' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('relative_url')) . ')(?-i)',
+			'RELATIVE_URL'	 => '(?i)(' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('relative_url')) . ')(?-i)',
 			'EMAIL' => '(' . get_preg_expression('email') . ')',
 			'TEXT' => '(.*?)',
 			'SIMPLETEXT' => '([a-zA-Z0-9-+.,_ ]+)',
@@ -427,7 +431,11 @@ class acp_bbcodes
 				$fp_replace = str_replace($token, $replace, $fp_replace);
 
 				$sp_match = str_replace(preg_quote($token, '!'), $sp_tokens[$token_type], $sp_match);
-				$sp_replace = str_replace($token, '${' . ($n + 1) . '}', $sp_replace);
+
+				// Prepend the board url to local relative links
+				$replace_prepend = ($token_type === 'LOCAL_URL') ? generate_board_url() . '/' : '';
+
+				$sp_replace = str_replace($token, $replace_prepend . '${' . ($n + 1) . '}', $sp_replace);
 			}
 
 			$fp_match = '!' . $fp_match . '!' . $modifiers;

phpBB/includes/acp/acp_board.php

@@ -123,7 +123,7 @@ class acp_board
 						'avatar_filesize'		=> array('lang' => 'MAX_FILESIZE',			'validate' => 'int:0',	'type' => 'text:4:10', 'explain' => true, 'append' => ' ' . $user->lang['BYTES']),
 						'avatar_min'			=> array('lang' => 'MIN_AVATAR_SIZE',		'validate' => 'int:0',	'type' => 'dimension:3:4', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),
 						'avatar_max'			=> array('lang' => 'MAX_AVATAR_SIZE',		'validate' => 'int:0',	'type' => 'dimension:3:4', 'explain' => true, 'append' => ' ' . $user->lang['PIXEL']),
-						'avatar_path'			=> array('lang' => 'AVATAR_STORAGE_PATH',	'validate' => 'rwpath',	'type' => 'text:20:255', 'explain' => true),
+						'avatar_path'			=> array('lang' => 'AVATAR_STORAGE_PATH',	'validate' => 'rpath',	'type' => 'text:20:255', 'explain' => true),
 						'avatar_gallery_path'	=> array('lang' => 'AVATAR_GALLERY_PATH',	'validate' => 'rpath',	'type' => 'text:20:255', 'explain' => true)
 					)
 				);
@@ -408,8 +408,8 @@ class acp_board
 						'board_email_form'		=> array('lang' => 'BOARD_EMAIL_FORM',		'validate' => 'bool',	'type' => 'radio:enabled_disabled', 'explain' => true),
 						'email_function_name'	=> array('lang' => 'EMAIL_FUNCTION_NAME',	'validate' => 'string',	'type' => 'text:20:50', 'explain' => true),
 						'email_package_size'	=> array('lang' => 'EMAIL_PACKAGE_SIZE',	'validate' => 'int:0',	'type' => 'text:5:5', 'explain' => true),
-						'board_contact'			=> array('lang' => 'CONTACT_EMAIL',			'validate' => 'string',	'type' => 'text:25:100', 'explain' => true),
-						'board_email'			=> array('lang' => 'ADMIN_EMAIL',			'validate' => 'string',	'type' => 'text:25:100', 'explain' => true),
+						'board_contact'			=> array('lang' => 'CONTACT_EMAIL',			'validate' => 'email',	'type' => 'text:25:100', 'explain' => true),
+						'board_email'			=> array('lang' => 'ADMIN_EMAIL',			'validate' => 'email',	'type' => 'text:25:100', 'explain' => true),
 						'board_email_sig'		=> array('lang' => 'EMAIL_SIG',				'validate' => 'string',	'type' => 'textarea:5:30', 'explain' => true),
 						'board_hide_emails'		=> array('lang' => 'BOARD_HIDE_EMAILS',		'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => true),
 

phpBB/includes/acp/acp_captcha.php

@@ -124,6 +124,8 @@ class acp_captcha
 					'CAPTCHA_PREVIEW_TPL'	=> $demo_captcha->get_demo_template($id),
 					'S_CAPTCHA_HAS_CONFIG'	=> $demo_captcha->has_config(),
 					'CAPTCHA_SELECT'		=> $captcha_select,
+
+					'U_ACTION'				=> $this->u_action,
 				));
 			}
 		}

phpBB/includes/acp/acp_forums.php

@@ -56,7 +56,6 @@ class acp_forums
 				$total = request_var('total', 0);
 
 				$this->display_progress_bar($start, $total);
-				exit;
 			break;
 
 			case 'delete':

phpBB/includes/acp/acp_groups.php

@@ -80,6 +80,11 @@ class acp_groups
 			case 'approve':
 			case 'demote':
 			case 'promote':
+				if (!check_form_key($form_key))
+				{
+					trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
+				}
+
 				if (!$group_id)
 				{
 					trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
@@ -120,48 +125,64 @@ class acp_groups
 				{
 					trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
 				}
+				else if (empty($mark_ary))
+				{
+					trigger_error($user->lang['NO_USERS'] . adm_back_link($this->u_action . '&action=list&g=' . $group_id), E_USER_WARNING);
+				}
 
 				if (confirm_box(true))
 				{
 					$group_name = ($group_row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name'];
+					group_user_attributes('default', $group_id, $mark_ary, false, $group_name, $group_row);	
+					trigger_error($user->lang['GROUP_DEFS_UPDATED'] . adm_back_link($this->u_action . '&action=list&g=' . $group_id));
+				}
+				else
+				{
+					confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
+						'mark'		=> $mark_ary,
+						'g'			=> $group_id,
+						'i'			=> $id,
+						'mode'		=> $mode,
+						'action'	=> $action))
+					);
+				}
+			break;
 
-					if (!sizeof($mark_ary))
+			case 'set_default_on_all':
+				if (confirm_box(true))
+				{
+					$group_name = ($group_row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name'];
+
+					$start = 0;
+
+					do
 					{
-						$start = 0;
+						$sql = 'SELECT user_id
+							FROM ' . USER_GROUP_TABLE . "
+							WHERE group_id = $group_id
+							ORDER BY user_id";
+						$result = $db->sql_query_limit($sql, 200, $start);
 
-						do
+						$mark_ary = array();
+						if ($row = $db->sql_fetchrow($result))
 						{
-							$sql = 'SELECT user_id
-								FROM ' . USER_GROUP_TABLE . "
-								WHERE group_id = $group_id
-								ORDER BY user_id";
-							$result = $db->sql_query_limit($sql, 200, $start);
-
-							$mark_ary = array();
-							if ($row = $db->sql_fetchrow($result))
+							do
 							{
-								do
-								{
-									$mark_ary[] = $row['user_id'];
-								}
-								while ($row = $db->sql_fetchrow($result));
-
-								group_user_attributes('default', $group_id, $mark_ary, false, $group_name, $group_row);
-
-								$start = (sizeof($mark_ary) < 200) ? 0 : $start + 200;
+								$mark_ary[] = $row['user_id'];
 							}
-							else
-							{
-								$start = 0;
-							}
-							$db->sql_freeresult($result);
+							while ($row = $db->sql_fetchrow($result));
+
+							group_user_attributes('default', $group_id, $mark_ary, false, $group_name, $group_row);
+
+							$start = (sizeof($mark_ary) < 200) ? 0 : $start + 200;
 						}
-						while ($start);
-					}
-					else
-					{
-						group_user_attributes('default', $group_id, $mark_ary, false, $group_name, $group_row);
+						else
+						{
+							$start = 0;
+						}
+						$db->sql_freeresult($result);
 					}
+					while ($start);
 
 					trigger_error($user->lang['GROUP_DEFS_UPDATED'] . adm_back_link($this->u_action . '&amp;action=list&amp;g=' . $group_id));
 				}
@@ -175,10 +196,13 @@ class acp_groups
 						'action'	=> $action))
 					);
 				}
-
 			break;
 
 			case 'deleteusers':
+				if (empty($mark_ary))
+				{
+					trigger_error($user->lang['NO_USERS'] . adm_back_link($this->u_action . '&amp;action=list&amp;g=' . $group_id), E_USER_WARNING);
+				}
 			case 'delete':
 				if (!$group_id)
 				{
@@ -233,6 +257,11 @@ class acp_groups
 			break;
 
 			case 'addusers':
+				if (!check_form_key($form_key))
+				{
+					trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
+				}
+
 				if (!$group_id)
 				{
 					trigger_error($user->lang['NO_GROUP'] . adm_back_link($this->u_action), E_USER_WARNING);
@@ -394,13 +423,21 @@ class acp_groups
 						}
 					}
 
-					// Validate the length of "Maximum number of allowed recipients per private message" setting.
-					// We use 16777215 as a maximum because it matches MySQL unsigned mediumint maximum value
-					// which is the lowest amongst DBMSes supported by phpBB3
-					if ($max_recipients_error = validate_data($submit_ary, array('max_recipients' => array('num', false, 0, 16777215))))
+					/*
+					* Validate the length of "Maximum number of allowed recipients per
+					* private message" setting. We use 16777215 as a maximum because it matches
+					* MySQL unsigned mediumint maximum value which is the lowest amongst DBMSes
+					* supported by phpBB3. Also validate the submitted colour value.
+					*/
+					$validation_checks = array(
+						'max_recipients' => array('num', false, 0, 16777215),
+						'colour'	=> array('hex_colour', true),
+					);
+
+					if ($validation_error = validate_data($submit_ary, $validation_checks))
 					{
 						// Replace "error" string with its real, localised form
-						$error = array_merge($error, array_map(array(&$user, 'lang'), $max_recipients_error));
+						$error = array_merge($error, $validation_error);
 					}
 
 					if (!sizeof($error))
@@ -493,6 +530,7 @@ class acp_groups
 
 					if (sizeof($error))
 					{
+						$error = array_map(array(&$user, 'lang'), $error);
 						$group_rank = $submit_ary['rank'];
 
 						$group_desc_data = array(
@@ -683,7 +721,7 @@ class acp_groups
 					'U_ACTION'			=> $this->u_action . "&amp;g=$group_id",
 					'U_BACK'			=> $this->u_action,
 					'U_FIND_USERNAME'	=> append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&amp;form=list&amp;field=usernames'),
-					'U_DEFAULT_ALL'		=> "{$this->u_action}&amp;action=default&amp;g=$group_id",
+					'U_DEFAULT_ALL'		=> "{$this->u_action}&amp;action=set_default_on_all&amp;g=$group_id",
 				));
 
 				// Grab the members
@@ -795,4 +833,4 @@ class acp_groups
 	}
 }
 
-?>
+?>

phpBB/includes/acp/acp_main.php

@@ -398,11 +398,11 @@ class acp_main
 		// Version check
 		$user->add_lang('install');
 
-		if ($auth->acl_get('a_server') && version_compare(PHP_VERSION, '5.3.2', '<'))
+		if ($auth->acl_get('a_server') && version_compare(PHP_VERSION, '5.3.3', '<'))
 		{
 			$template->assign_vars(array(
 				'S_PHP_VERSION_OLD'	=> true,
-				'L_PHP_VERSION_OLD'	=> sprintf($user->lang['PHP_VERSION_OLD'], '<a href="http://www.phpbb.com/community/viewtopic.php?f=14&amp;t=2152375">', '</a>'),
+				'L_PHP_VERSION_OLD'	=> sprintf($user->lang['PHP_VERSION_OLD'], '<a href="https://www.phpbb.com/community/viewtopic.php?f=14&amp;t=2152375">', '</a>'),
 			));
 		}
 
@@ -606,8 +606,8 @@ class acp_main
 				'S_MBSTRING_LOADED'						=> true,
 				'S_MBSTRING_FUNC_OVERLOAD_FAIL'			=> (intval(@ini_get('mbstring.func_overload')) & (MB_OVERLOAD_MAIL | MB_OVERLOAD_STRING)),
 				'S_MBSTRING_ENCODING_TRANSLATION_FAIL'	=> (@ini_get('mbstring.encoding_translation') != 0),
-				'S_MBSTRING_HTTP_INPUT_FAIL'			=> (@ini_get('mbstring.http_input') != 'pass'),
-				'S_MBSTRING_HTTP_OUTPUT_FAIL'			=> (@ini_get('mbstring.http_output') != 'pass'),
+				'S_MBSTRING_HTTP_INPUT_FAIL'			=> !in_array(@ini_get('mbstring.http_input'), array('pass', '')),
+				'S_MBSTRING_HTTP_OUTPUT_FAIL'			=> !in_array(@ini_get('mbstring.http_output'), array('pass', '')),
 			));
 		}
 

phpBB/includes/acp/acp_php_info.php

@@ -47,7 +47,7 @@ class acp_php_info
 		// for this was nabbed from the PHP annotated manual
 		preg_match_all('#<body[^>]*>(.*)</body>#si', $phpinfo, $output);
 
-		if (empty($phpinfo) || empty($output))
+		if (empty($phpinfo) || empty($output[1][0]))
 		{
 			trigger_error('NO_PHPINFO_AVAILABLE', E_USER_WARNING);
 		}

phpBB/includes/acp/acp_send_statistics.php

@@ -29,7 +29,7 @@ class acp_send_statistics
 	{
 		global $config, $template, $phpbb_admin_path, $phpEx;
 
-		$collect_url = "http://www.phpbb.com/stats/receive_stats.php";
+		$collect_url = "https://www.phpbb.com/stats/receive_stats.php";
 
 		$this->tpl_name = 'acp_send_statistics';
 		$this->page_title = 'ACP_SEND_STATISTICS';

phpBB/includes/acp/acp_update.php

@@ -34,12 +34,9 @@ class acp_update
 		$this->page_title = 'ACP_VERSION_CHECK';
 
 		// Get current and latest version
-		$errstr = '';
-		$errno = 0;
+		$info = htmlspecialchars(obtain_latest_version_info(request_var('versioncheck_force', false)));
 
-		$info = obtain_latest_version_info(request_var('versioncheck_force', false));
-
-		if ($info === false)
+		if (empty($info))
 		{
 			trigger_error('VERSIONCHECK_FAIL', E_USER_WARNING);
 		}

phpBB/includes/acp/acp_users.php

@@ -172,8 +172,7 @@ class acp_users
 
 				if ($submit)
 				{
-					// You can't delete the founder
-					if ($delete && $user_row['user_type'] != USER_FOUNDER)
+					if ($delete)
 					{
 						if (!$auth->acl_get('a_userdel'))
 						{
@@ -186,6 +185,12 @@ class acp_users
 							trigger_error($user->lang['CANNOT_REMOVE_ANONYMOUS'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
 						}
 
+						// Founders can not be deleted.
+						if ($user_row['user_type'] == USER_FOUNDER)
+						{
+							trigger_error($user->lang['CANNOT_REMOVE_FOUNDER'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
+						}
+
 						if ($user_id == $user->data['user_id'])
 						{
 							trigger_error($user->lang['CANNOT_REMOVE_YOURSELF'] . adm_back_link($this->u_action . '&u=' . $user_id), E_USER_WARNING);
@@ -1032,6 +1037,7 @@ class acp_users
 					'U_SHOW_IP'		=> $this->u_action . "&u=$user_id&ip=" . (($ip == 'ip') ? 'hostname' : 'ip'),
 					'U_WHOIS'		=> $this->u_action . "&action=whois&user_ip={$user_row['user_ip']}",
 					'U_MCP_QUEUE'	=> ($auth->acl_getf_global('m_approve')) ? append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=queue', true, $user->session_id) : '',
+					'U_SEARCH_USER'	=> ($config['load_search'] && $auth->acl_get('u_search')) ? append_sid("{$phpbb_root_path}search.$phpEx", "author_id={$user_row['user_id']}&sr=posts") : '',
 
 					'U_SWITCH_PERMISSIONS'	=> ($auth->acl_get('a_switchperm') && $user->data['user_id'] != $user_row['user_id']) ? append_sid("{$phpbb_root_path}ucp.$phpEx", "mode=switch_perm&u={$user_row['user_id']}&hash=" . generate_link_hash('switchperm')) : '',
 
@@ -2009,7 +2015,7 @@ class acp_users
 					WHERE a.poster_id = ' . $user_id . "
 						AND a.is_orphan = 0
 					ORDER BY $order_by";
-				$result = $db->sql_query_limit($sql, $config['posts_per_page'], $start);
+				$result = $db->sql_query_limit($sql, $config['topics_per_page'], $start);
 
 				while ($row = $db->sql_fetchrow($result))
 				{

phpBB/includes/auth/auth_ldap.php

@@ -282,7 +282,7 @@ function ldap_user_filter($username)
 {
 	global $config;
 
-	$filter = '(' . $config['ldap_uid'] . '=' . ldap_escape(htmlspecialchars_decode($username)) . ')';
+	$filter = '(' . $config['ldap_uid'] . '=' . phpbb_ldap_escape(htmlspecialchars_decode($username)) . ')';
 	if ($config['ldap_user_filter'])
 	{
 		$_filter = ($config['ldap_user_filter'][0] == '(' && substr($config['ldap_user_filter'], -1) == ')') ? $config['ldap_user_filter'] : "({$config['ldap_user_filter']})";
@@ -294,7 +294,7 @@ function ldap_user_filter($username)
 /**
 * Escapes an LDAP AttributeValue
 */
-function ldap_escape($string)
+function phpbb_ldap_escape($string)
 {
 	return str_replace(array('*', '\\', '(', ')'), array('\\*', '\\\\', '\\(', '\\)'), $string);
 }

phpBB/includes/bbcode.php

@@ -135,6 +135,11 @@ class bbcode
 			$this->template_bitfield = new bitfield($user->theme['bbcode_bitfield']);
 			$this->template_filename = $phpbb_root_path . 'styles/' . $user->theme['template_path'] . '/template/bbcode.html';
 
+			if (empty($user->theme['template_inherits_id']) && !empty($template->orig_tpl_inherits_id))
+			{
+				$user->theme['template_inherits_id'] = $template->orig_tpl_inherits_id;
+			}
+
 			if (!@file_exists($this->template_filename))
 			{
 				if (isset($user->theme['template_inherits_id']) && $user->theme['template_inherits_id'])
@@ -376,7 +381,7 @@ class bbcode
 						}
 
 						// Replace {L_*} lang strings
-						$bbcode_tpl = preg_replace('/{L_([A-Z_]+)}/e', "(!empty(\$user->lang['\$1'])) ? \$user->lang['\$1'] : ucwords(strtolower(str_replace('_', ' ', '\$1')))", $bbcode_tpl);
+						$bbcode_tpl = preg_replace('/{L_([A-Z0-9_]+)}/e', "(!empty(\$user->lang['\$1'])) ? \$user->lang['\$1'] : ucwords(strtolower(str_replace('_', ' ', '\$1')))", $bbcode_tpl);
 
 						if (!empty($rowset[$bbcode_id]['second_pass_replace']))
 						{
@@ -480,7 +485,7 @@ class bbcode
 			'email'					=> array('{EMAIL}'		=> '$1', '{DESCRIPTION}'	=> '$2')
 		);
 
-		$tpl = preg_replace('/{L_([A-Z_]+)}/e', "(!empty(\$user->lang['\$1'])) ? \$user->lang['\$1'] : ucwords(strtolower(str_replace('_', ' ', '\$1')))", $tpl);
+		$tpl = preg_replace('/{L_([A-Z0-9_]+)}/e', "(!empty(\$user->lang['\$1'])) ? \$user->lang['\$1'] : ucwords(strtolower(str_replace('_', ' ', '\$1')))", $tpl);
 
 		if (!empty($replacements[$tpl_name]))
 		{

phpBB/includes/captcha/captcha_non_gd.php

@@ -119,7 +119,7 @@ class captcha
 		$new_line = '';
 
 		$end = strlen($scanline) - ceil($width/2);
-		for ($i = floor($width/2); $i < $end; $i++)
+		for ($i = (int) floor($width / 2); $i < $end; $i++)
 		{
 			$pixel = ord($scanline{$i});
 

phpBB/includes/constants.php

@@ -25,7 +25,7 @@ if (!defined('IN_PHPBB'))
 */
 
 // phpBB Version
-define('PHPBB_VERSION', '3.0.11');
+define('PHPBB_VERSION', '3.0.13');
 
 // QA-related
 // define('PHPBB_QA', 1);
@@ -157,6 +157,7 @@ define('PHYSICAL_LINK', 2);
 define('CONFIRM_REG', 1);
 define('CONFIRM_LOGIN', 2);
 define('CONFIRM_POST', 3);
+define('CONFIRM_REPORT', 4);
 
 // Categories - Attachments
 define('ATTACHMENT_CATEGORY_NONE', 0);

phpBB/includes/db/db_tools.php

@@ -452,9 +452,6 @@ class phpbb_db_tools
 		// Determine if we have created a PRIMARY KEY in the earliest
 		$primary_key_gen = false;
 
-		// Determine if the table must be created with TEXTIMAGE
-		$create_textimage = false;
-
 		// Determine if the table requires a sequence
 		$create_sequence = false;
 
@@ -471,13 +468,22 @@ class phpbb_db_tools
 			break;
 		}
 
+		if ($this->sql_layer == 'mssql' || $this->sql_layer == 'mssqlnative')
+		{
+			if (!isset($table_data['PRIMARY_KEY']))
+			{
+				$table_data['COLUMNS']['mssqlindex'] = array('UINT', null, 'auto_increment');
+				$table_data['PRIMARY_KEY'] = 'mssqlindex';
+			}
+		}
+
 		// Iterate through the columns to create a table
 		foreach ($table_data['COLUMNS'] as $column_name => $column_data)
 		{
 			// here lies an array, filled with information compiled on the column's data
 			$prepared_column = $this->sql_prepare_column_data($table_name, $column_name, $column_data);
 
-			if (isset($prepared_column['auto_increment']) && strlen($column_name) > 26) // "${column_name}_gen"
+			if (isset($prepared_column['auto_increment']) && $prepared_column['auto_increment'] && strlen($column_name) > 26) // "${column_name}_gen"
 			{
 				trigger_error("Index name '${column_name}_gen' on table '$table_name' is too long. The maximum auto increment column length is 26 characters.", E_USER_ERROR);
 			}
@@ -501,12 +507,6 @@ class phpbb_db_tools
 				$primary_key_gen = isset($prepared_column['primary_key_set']) && $prepared_column['primary_key_set'];
 			}
 
-			// create textimage DDL based off of the existance of certain column types
-			if (!$create_textimage)
-			{
-				$create_textimage = isset($prepared_column['textimage']) && $prepared_column['textimage'];
-			}
-
 			// create sequence DDL based off of the existance of auto incrementing columns
 			if (!$create_sequence && isset($prepared_column['auto_increment']) && $prepared_column['auto_increment'])
 			{
@@ -521,13 +521,9 @@ class phpbb_db_tools
 		switch ($this->sql_layer)
 		{
 			case 'firebird':
-				$table_sql .= "\n);";
-				$statements[] = $table_sql;
-			break;
-
 			case 'mssql':
 			case 'mssqlnative':
-				$table_sql .= "\n) ON [PRIMARY]" . (($create_textimage) ? ' TEXTIMAGE_ON [PRIMARY]' : '');
+				$table_sql .= "\n);";
 				$statements[] = $table_sql;
 			break;
 		}
@@ -879,7 +875,7 @@ class phpbb_db_tools
 			}
 		}
 
-		// Add unqiue indexes?
+		// Add unique indexes?
 		if (!empty($schema_changes['add_unique_index']))
 		{
 			foreach ($schema_changes['add_unique_index'] as $table => $index_array)
@@ -1290,7 +1286,7 @@ class phpbb_db_tools
 	}
 
 	/**
-	* Check if a specified index exists in table. Does not return PRIMARY KEY and UNIQUE indexes.
+	* Check if a specified index exists in table. Does not return PRIMARY KEY indexes.
 	*
 	* @param string	$table_name		Table to check the index at
 	* @param string	$index_name		The index name to check
@@ -1819,6 +1815,49 @@ class phpbb_db_tools
 
 			case 'mssql':
 			case 'mssqlnative':
+				$sql = "SELECT CAST(SERVERPROPERTY('productversion') AS VARCHAR(25)) AS mssql_version";
+				$result = $this->db->sql_query($sql);
+				$row = $this->db->sql_fetchrow($result);
+				$this->db->sql_freeresult($result);
+
+				// Remove default constraints
+				if ($row['mssql_version'][0] == '8')	// SQL Server 2000
+				{
+					// http://msdn.microsoft.com/en-us/library/aa175912%28v=sql.80%29.aspx
+					// Deprecated in SQL Server 2005
+					$statements[] = "DECLARE @drop_default_name VARCHAR(100), @cmd VARCHAR(1000)
+						SET @drop_default_name =
+							(SELECT so.name FROM sysobjects so
+							JOIN sysconstraints sc ON so.id = sc.constid
+							WHERE object_name(so.parent_obj) = '{$table_name}'
+								AND so.xtype = 'D'
+								AND sc.colid = (SELECT colid FROM syscolumns
+									WHERE id = object_id('{$table_name}')
+										AND name = '{$column_name}'))
+						IF @drop_default_name <> ''
+						BEGIN
+							SET @cmd = 'ALTER TABLE [{$table_name}] DROP CONSTRAINT [' + @drop_default_name + ']'
+							EXEC(@cmd)
+						END";
+				}
+				else
+				{
+					$sql = "SELECT dobj.name AS def_name
+					FROM sys.columns col 
+						LEFT OUTER JOIN sys.objects dobj ON (dobj.object_id = col.default_object_id AND dobj.type = 'D')
+					WHERE col.object_id = object_id('{$table_name}') 
+					AND col.name = '{$column_name}'
+					AND dobj.name IS NOT NULL";
+					$result = $this->db->sql_query($sql);
+					$row = $this->db->sql_fetchrow($result);
+					$this->db->sql_freeresult($result);
+
+					if ($row)
+					{
+						$statements[] = 'ALTER TABLE [' . $table_name . '] DROP CONSTRAINT [' . $row['def_name'] . ']';
+					}
+				}
+
 				$statements[] = 'ALTER TABLE [' . $table_name . '] DROP COLUMN [' . $column_name . ']';
 			break;
 
@@ -2022,7 +2061,7 @@ class phpbb_db_tools
 				$sql = "ALTER TABLE [{$table_name}] WITH NOCHECK ADD ";
 				$sql .= "CONSTRAINT [PK_{$table_name}] PRIMARY KEY  CLUSTERED (";
 				$sql .= '[' . implode("],\n\t\t[", $column) . ']';
-				$sql .= ') ON [PRIMARY]';
+				$sql .= ')';
 
 				$statements[] = $sql;
 			break;
@@ -2120,7 +2159,7 @@ class phpbb_db_tools
 
 			case 'mssql':
 			case 'mssqlnative':
-				$statements[] = 'CREATE UNIQUE INDEX ' . $index_name . ' ON ' . $table_name . '(' . implode(', ', $column) . ') ON [PRIMARY]';
+				$statements[] = 'CREATE UNIQUE INDEX ' . $index_name . ' ON ' . $table_name . '(' . implode(', ', $column) . ')';
 			break;
 		}
 
@@ -2173,7 +2212,7 @@ class phpbb_db_tools
 
 			case 'mssql':
 			case 'mssqlnative':
-				$statements[] = 'CREATE INDEX ' . $index_name . ' ON ' . $table_name . '(' . implode(', ', $column) . ') ON [PRIMARY]';
+				$statements[] = 'CREATE INDEX ' . $index_name . ' ON ' . $table_name . '(' . implode(', ', $column) . ')';
 			break;
 		}
 
@@ -2305,23 +2344,48 @@ class phpbb_db_tools
 
 				if (!empty($column_data['default']))
 				{
+					$sql = "SELECT CAST(SERVERPROPERTY('productversion') AS VARCHAR(25)) AS mssql_version";
+					$result = $this->db->sql_query($sql);
+					$row = $this->db->sql_fetchrow($result);
+					$this->db->sql_freeresult($result);
+
 					// Using TRANSACT-SQL for this statement because we do not want to have colliding data if statements are executed at a later stage
-					$statements[] = "DECLARE @drop_default_name VARCHAR(100), @cmd VARCHAR(1000)
-						SET @drop_default_name =
-							(SELECT so.name FROM sysobjects so
-							JOIN sysconstraints sc ON so.id = sc.constid
-							WHERE object_name(so.parent_obj) = '{$table_name}'
-								AND so.xtype = 'D'
-								AND sc.colid = (SELECT colid FROM syscolumns
-									WHERE id = object_id('{$table_name}')
-										AND name = '{$column_name}'))
-						IF @drop_default_name <> ''
-						BEGIN
-							SET @cmd = 'ALTER TABLE [{$table_name}] DROP CONSTRAINT [' + @drop_default_name + ']'
-							EXEC(@cmd)
-						END
-						SET @cmd = 'ALTER TABLE [{$table_name}] ADD CONSTRAINT [DF_{$table_name}_{$column_name}_1] {$column_data['default']} FOR [{$column_name}]'
-						EXEC(@cmd)";
+					if ($row['mssql_version'][0] == '8')	// SQL Server 2000
+					{
+						$statements[] = "DECLARE @drop_default_name VARCHAR(100), @cmd VARCHAR(1000)
+							SET @drop_default_name =
+								(SELECT so.name FROM sysobjects so
+								JOIN sysconstraints sc ON so.id = sc.constid
+								WHERE object_name(so.parent_obj) = '{$table_name}'
+									AND so.xtype = 'D'
+									AND sc.colid = (SELECT colid FROM syscolumns
+										WHERE id = object_id('{$table_name}')
+											AND name = '{$column_name}'))
+							IF @drop_default_name <> ''
+							BEGIN
+								SET @cmd = 'ALTER TABLE [{$table_name}] DROP CONSTRAINT [' + @drop_default_name + ']'
+								EXEC(@cmd)
+							END
+							SET @cmd = 'ALTER TABLE [{$table_name}] ADD CONSTRAINT [DF_{$table_name}_{$column_name}_1] {$column_data['default']} FOR [{$column_name}]'
+							EXEC(@cmd)";
+					}
+					else
+					{
+						$statements[] = "DECLARE @drop_default_name VARCHAR(100), @cmd VARCHAR(1000)
+							SET @drop_default_name =
+								(SELECT dobj.name FROM sys.columns col 
+									LEFT OUTER JOIN sys.objects dobj ON (dobj.object_id = col.default_object_id AND dobj.type = 'D')
+								WHERE col.object_id = object_id('{$table_name}') 
+								AND col.name = '{$column_name}'
+								AND dobj.name IS NOT NULL)
+							IF @drop_default_name <> ''
+							BEGIN
+								SET @cmd = 'ALTER TABLE [{$table_name}] DROP CONSTRAINT [' + @drop_default_name + ']'
+								EXEC(@cmd)
+							END
+							SET @cmd = 'ALTER TABLE [{$table_name}] ADD CONSTRAINT [DF_{$table_name}_{$column_name}_1] {$column_data['default']} FOR [{$column_name}]'
+							EXEC(@cmd)";
+					}
 				}
 			break;
 

phpBB/includes/db/dbal.php

@@ -827,7 +827,7 @@ class dbal
 							</div>
 						</div>
 						<div id="page-footer">
-							Powered by <a href="http://www.phpbb.com/">phpBB</a>&reg; Forum Software &copy; phpBB Group
+							Powered by <a href="https://www.phpbb.com/">phpBB</a>&reg; Forum Software &copy; phpBB Group
 						</div>
 					</div>
 					</body>

phpBB/includes/db/mssql.php

@@ -25,11 +25,19 @@ include_once($phpbb_root_path . 'includes/db/dbal.' . $phpEx);
 */
 class dbal_mssql extends dbal
 {
+	var $connect_error = '';
+
 	/**
 	* Connect to server
 	*/
 	function sql_connect($sqlserver, $sqluser, $sqlpassword, $database, $port = false, $persistency = false, $new_link = false)
 	{
+		if (!function_exists('mssql_connect'))
+		{
+			$this->connect_error = 'mssql_connect function does not exist, is mssql extension installed?';
+			return $this->sql_error('');
+		}
+
 		$this->persistency = $persistency;
 		$this->user = $sqluser;
 		$this->dbname = $database;
@@ -355,34 +363,44 @@ class dbal_mssql extends dbal
 	*/
 	function _sql_error()
 	{
-		$error = array(
-			'message'	=> @mssql_get_last_message(),
-			'code'		=> ''
-		);
-
-		// Get error code number
-		$result_id = @mssql_query('SELECT @@ERROR as code', $this->db_connect_id);
-		if ($result_id)
+		if (function_exists('mssql_get_last_message'))
 		{
-			$row = @mssql_fetch_assoc($result_id);
-			$error['code'] = $row['code'];
-			@mssql_free_result($result_id);
-		}
+			$error = array(
+				'message'	=> @mssql_get_last_message(),
+				'code'		=> '',
+			);
 
-		// Get full error message if possible
-		$sql = 'SELECT CAST(description as varchar(255)) as message
-			FROM master.dbo.sysmessages
-			WHERE error = ' . $error['code'];
-		$result_id = @mssql_query($sql);
-		
-		if ($result_id)
-		{
-			$row = @mssql_fetch_assoc($result_id);
-			if (!empty($row['message']))
+			// Get error code number
+			$result_id = @mssql_query('SELECT @@ERROR as code', $this->db_connect_id);
+			if ($result_id)
 			{
-				$error['message'] .= '<br />' . $row['message'];
+				$row = @mssql_fetch_assoc($result_id);
+				$error['code'] = $row['code'];
+				@mssql_free_result($result_id);
 			}
-			@mssql_free_result($result_id);
+
+			// Get full error message if possible
+			$sql = 'SELECT CAST(description as varchar(255)) as message
+				FROM master.dbo.sysmessages
+				WHERE error = ' . $error['code'];
+			$result_id = @mssql_query($sql);
+
+			if ($result_id)
+			{
+				$row = @mssql_fetch_assoc($result_id);
+				if (!empty($row['message']))
+				{
+					$error['message'] .= '<br />' . $row['message'];
+				}
+				@mssql_free_result($result_id);
+			}
+		}
+		else
+		{
+			$error = array(
+				'message'	=> $this->connect_error,
+				'code'		=> '',
+			);
 		}
 
 		return $error;

phpBB/includes/db/mssql_odbc.php

@@ -32,6 +32,7 @@ include_once($phpbb_root_path . 'includes/db/dbal.' . $phpEx);
 class dbal_mssql_odbc extends dbal
 {
 	var $last_query_text = '';
+	var $connect_error = '';
 
 	/**
 	* Connect to server
@@ -68,7 +69,24 @@ class dbal_mssql_odbc extends dbal
 			@ini_set('odbc.defaultlrl', $max_size);
 		}
 
-		$this->db_connect_id = ($this->persistency) ? @odbc_pconnect($this->server, $this->user, $sqlpassword) : @odbc_connect($this->server, $this->user, $sqlpassword);
+		if ($this->persistency)
+		{
+			if (!function_exists('odbc_pconnect'))
+			{
+				$this->connect_error = 'odbc_pconnect function does not exist, is odbc extension installed?';
+				return $this->sql_error('');
+			}
+			$this->db_connect_id = @odbc_pconnect($this->server, $this->user, $sqlpassword);
+		}
+		else
+		{
+			if (!function_exists('odbc_connect'))
+			{
+				$this->connect_error = 'odbc_connect function does not exist, is odbc extension installed?';
+				return $this->sql_error('');
+			}
+			$this->db_connect_id = @odbc_connect($this->server, $this->user, $sqlpassword);
+		}
 
 		return ($this->db_connect_id) ? $this->db_connect_id : $this->sql_error('');
 	}
@@ -342,10 +360,22 @@ class dbal_mssql_odbc extends dbal
 	*/
 	function _sql_error()
 	{
-		return array(
-			'message'	=> @odbc_errormsg(),
-			'code'		=> @odbc_error()
-		);
+		if (function_exists('odbc_errormsg'))
+		{
+			$error = array(
+				'message'	=> @odbc_errormsg(),
+				'code'		=> @odbc_error(),
+			);
+		}
+		else
+		{
+			$error = array(
+				'message'	=> $this->connect_error,
+				'code'		=> '',
+			);
+		}
+
+		return $error;
 	}
 
 	/**

phpBB/includes/db/mssqlnative.php

@@ -199,16 +199,18 @@ class dbal_mssqlnative extends dbal
 	var $m_insert_id = NULL;
 	var $last_query_text = '';
 	var $query_options = array();
+	var $connect_error = '';
 
 	/**
 	* Connect to server
 	*/
 	function sql_connect($sqlserver, $sqluser, $sqlpassword, $database, $port = false, $persistency = false, $new_link = false)
 	{
-		# Test for driver support, to avoid suppressed fatal error
+		// Test for driver support, to avoid suppressed fatal error
 		if (!function_exists('sqlsrv_connect'))
 		{
-			trigger_error('Native MS SQL Server driver for PHP is missing or needs to be updated. Version 1.1 or later is required to install phpBB3. You can download the driver from: http://www.microsoft.com/sqlserver/2005/en/us/PHP-Driver.aspx\n', E_USER_ERROR);
+			$this->connect_error = 'Native MS SQL Server driver for PHP is missing or needs to be updated. Version 1.1 or later is required to install phpBB3. You can download the driver from: http://www.microsoft.com/sqlserver/2005/en/us/PHP-Driver.aspx';
+			return $this->sql_error('');
 		}
 
 		//set up connection variables
@@ -219,7 +221,6 @@ class dbal_mssqlnative extends dbal
 		$this->server = $sqlserver . (($port) ? $port_delimiter . $port : '');
 
 		//connect to database
-		error_reporting(E_ALL);
 		$this->db_connect_id = sqlsrv_connect($this->server, array(
 			'Database' => $this->dbname,
 			'UID' => $this->user,
@@ -436,7 +437,7 @@ class dbal_mssqlnative extends dbal
 				unset($row['line2'], $row['line3']);
 			}
 		}
-		return $row;
+		return (sizeof($row)) ? $row : false;
 	}
 
 	/**
@@ -515,31 +516,43 @@ class dbal_mssqlnative extends dbal
 	*/
 	function _sql_error()
 	{
-		$errors = @sqlsrv_errors(SQLSRV_ERR_ERRORS);
-		$error_message = '';
-		$code = 0;
-
-		if ($errors != null)
+		if (function_exists('sqlsrv_errors'))
 		{
-			foreach ($errors as $error)
+			$errors = @sqlsrv_errors(SQLSRV_ERR_ERRORS);
+			$error_message = '';
+			$code = 0;
+
+			if ($errors != null)
 			{
-				$error_message .= "SQLSTATE: ".$error[ 'SQLSTATE']."\n";
-				$error_message .= "code: ".$error[ 'code']."\n";
-				$code = $error['code'];
-				$error_message .= "message: ".$error[ 'message']."\n";
+				foreach ($errors as $error)
+				{
+					$error_message .= "SQLSTATE: " . $error[ 'SQLSTATE'] . "\n";
+					$error_message .= "code: " . $error[ 'code'] . "\n";
+					$code = $error['code'];
+					$error_message .= "message: " . $error[ 'message'] . "\n";
+				}
+				$this->last_error_result = $error_message;
+				$error = $this->last_error_result;
 			}
-			$this->last_error_result = $error_message;
-			$error = $this->last_error_result;
+			else
+			{
+				$error = (isset($this->last_error_result) && $this->last_error_result) ? $this->last_error_result : array();
+			}
+
+			$error = array(
+				'message'	=> $error,
+				'code'		=> $code,
+			);
 		}
 		else
 		{
-			$error = (isset($this->last_error_result) && $this->last_error_result) ? $this->last_error_result : array();
+			$error = array(
+				'message'	=> $this->connect_error,
+				'code'		=> '',
+			);
 		}
 
-		return array(
-			'message'	=> $error,
-			'code'		=> $code,
-		);
+		return $error;
 	}
 
 	/**

phpBB/includes/db/mysql.php

@@ -30,6 +30,7 @@ include_once($phpbb_root_path . 'includes/db/dbal.' . $phpEx);
 class dbal_mysql extends dbal
 {
 	var $multi_insert = true;
+	var $connect_error = '';
 
 	/**
 	* Connect to server
@@ -44,7 +45,24 @@ class dbal_mysql extends dbal
 
 		$this->sql_layer = 'mysql4';
 
-		$this->db_connect_id = ($this->persistency) ? @mysql_pconnect($this->server, $this->user, $sqlpassword) : @mysql_connect($this->server, $this->user, $sqlpassword, $new_link);
+		if ($this->persistency)
+		{
+			if (!function_exists('mysql_pconnect'))
+			{
+				$this->connect_error = 'mysql_pconnect function does not exist, is mysql extension installed?';
+				return $this->sql_error('');
+			}
+			$this->db_connect_id = @mysql_pconnect($this->server, $this->user, $sqlpassword);
+		}
+		else
+		{
+			if (!function_exists('mysql_connect'))
+			{
+				$this->connect_error = 'mysql_connect function does not exist, is mysql extension installed?';
+				return $this->sql_error('');
+			}
+			$this->db_connect_id = @mysql_connect($this->server, $this->user, $sqlpassword, $new_link);
+		}
 
 		if ($this->db_connect_id && $this->dbname != '')
 		{
@@ -419,18 +437,29 @@ class dbal_mysql extends dbal
 	*/
 	function _sql_error()
 	{
-		if (!$this->db_connect_id)
+		if ($this->db_connect_id)
 		{
-			return array(
+			$error = array(
+				'message'	=> @mysql_error($this->db_connect_id),
+				'code'		=> @mysql_errno($this->db_connect_id),
+			);
+		}
+		else if (function_exists('mysql_error'))
+		{
+			$error = array(
 				'message'	=> @mysql_error(),
-				'code'		=> @mysql_errno()
+				'code'		=> @mysql_errno(),
+			);
+		}
+		else
+		{
+			$error = array(
+				'message'	=> $this->connect_error,
+				'code'		=> '',
 			);
 		}
 
-		return array(
-			'message'	=> @mysql_error($this->db_connect_id),
-			'code'		=> @mysql_errno($this->db_connect_id)
-		);
+		return $error;
 	}
 
 	/**

phpBB/includes/db/mysqli.php

@@ -27,12 +27,19 @@ include_once($phpbb_root_path . 'includes/db/dbal.' . $phpEx);
 class dbal_mysqli extends dbal
 {
 	var $multi_insert = true;
+	var $connect_error = '';
 
 	/**
 	* Connect to server
 	*/
 	function sql_connect($sqlserver, $sqluser, $sqlpassword, $database, $port = false, $persistency = false , $new_link = false)
 	{
+		if (!function_exists('mysqli_connect'))
+		{
+			$this->connect_error = 'mysqli_connect function does not exist, is mysqli extension installed?';
+			return $this->sql_error('');
+		}
+
 		// Mysqli extension supports persistent connection since PHP 5.3.0
 		$this->persistency = (version_compare(PHP_VERSION, '5.3.0', '>=')) ? $persistency : false;
 		$this->user = $sqluser;
@@ -416,18 +423,29 @@ class dbal_mysqli extends dbal
 	*/
 	function _sql_error()
 	{
-		if (!$this->db_connect_id)
+		if ($this->db_connect_id)
 		{
-			return array(
+			$error = array(
+				'message'	=> @mysqli_error($this->db_connect_id),
+				'code'		=> @mysqli_errno($this->db_connect_id)
+			);
+		}
+		else if (function_exists('mysqli_connect_error'))
+		{
+			$error = array(
 				'message'	=> @mysqli_connect_error(),
-				'code'		=> @mysqli_connect_errno()
+				'code'		=> @mysqli_connect_errno(),
+			);
+		}
+		else
+		{
+			$error = array(
+				'message'	=> $this->connect_error,
+				'code'		=> '',
 			);
 		}
 
-		return array(
-			'message'	=> @mysqli_error($this->db_connect_id),
-			'code'		=> @mysqli_errno($this->db_connect_id)
-		);
+		return $error;
 	}
 
 	/**

phpBB/includes/db/oracle.php

@@ -25,6 +25,7 @@ include_once($phpbb_root_path . 'includes/db/dbal.' . $phpEx);
 class dbal_oracle extends dbal
 {
 	var $last_query_text = '';
+	var $connect_error = '';
 
 	/**
 	* Connect to server
@@ -48,7 +49,33 @@ class dbal_oracle extends dbal
 			$connect = $sqlserver . (($port) ? ':' . $port : '') . '/' . $database;
 		}
 
-		$this->db_connect_id = ($new_link) ? @ocinlogon($this->user, $sqlpassword, $connect, 'UTF8') : (($this->persistency) ? @ociplogon($this->user, $sqlpassword, $connect, 'UTF8') : @ocilogon($this->user, $sqlpassword, $connect, 'UTF8'));
+		if ($new_link)
+		{
+			if (!function_exists('ocinlogon'))
+			{
+				$this->connect_error = 'ocinlogon function does not exist, is oci extension installed?';
+				return $this->sql_error('');
+			}
+			$this->db_connect_id = @ocinlogon($this->user, $sqlpassword, $connect, 'UTF8');
+		}
+		else if ($this->persistency)
+		{
+			if (!function_exists('ociplogon'))
+			{
+				$this->connect_error = 'ociplogon function does not exist, is oci extension installed?';
+				return $this->sql_error('');
+			}
+			$this->db_connect_id = @ociplogon($this->user, $sqlpassword, $connect, 'UTF8');
+		}
+		else
+		{
+			if (!function_exists('ocilogon'))
+			{
+				$this->connect_error = 'ocilogon function does not exist, is oci extension installed?';
+				return $this->sql_error('');
+			}
+			$this->db_connect_id = @ocilogon($this->user, $sqlpassword, $connect, 'UTF8');
+		}
 
 		return ($this->db_connect_id) ? $this->db_connect_id : $this->sql_error('');
 	}
@@ -647,17 +674,27 @@ class dbal_oracle extends dbal
 	*/
 	function _sql_error()
 	{
-		$error = @ocierror();
-		$error = (!$error) ? @ocierror($this->query_result) : $error;
-		$error = (!$error) ? @ocierror($this->db_connect_id) : $error;
-
-		if ($error)
+		if (function_exists('ocierror'))
 		{
-			$this->last_error_result = $error;
+			$error = @ocierror();
+			$error = (!$error) ? @ocierror($this->query_result) : $error;
+			$error = (!$error) ? @ocierror($this->db_connect_id) : $error;
+
+			if ($error)
+			{
+				$this->last_error_result = $error;
+			}
+			else
+			{
+				$error = (isset($this->last_error_result) && $this->last_error_result) ? $this->last_error_result : array();
+			}
 		}
 		else
 		{
-			$error = (isset($this->last_error_result) && $this->last_error_result) ? $this->last_error_result : array();
+			$error = array(
+				'message'	=> $this->connect_error,
+				'code'		=> '',
+			);
 		}
 
 		return $error;

phpBB/includes/db/sqlite.php

@@ -25,6 +25,8 @@ include_once($phpbb_root_path . 'includes/db/dbal.' . $phpEx);
 */
 class dbal_sqlite extends dbal
 {
+	var $connect_error = '';
+
 	/**
 	* Connect to server
 	*/
@@ -36,7 +38,24 @@ class dbal_sqlite extends dbal
 		$this->dbname = $database;
 
 		$error = '';
-		$this->db_connect_id = ($this->persistency) ? @sqlite_popen($this->server, 0666, $error) : @sqlite_open($this->server, 0666, $error);
+		if ($this->persistency)
+		{
+			if (!function_exists('sqlite_popen'))
+			{
+				$this->connect_error = 'sqlite_popen function does not exist, is sqlite extension installed?';
+				return $this->sql_error('');
+			}
+			$this->db_connect_id = @sqlite_popen($this->server, 0666, $error);
+		}
+		else
+		{
+			if (!function_exists('sqlite_open'))
+			{
+				$this->connect_error = 'sqlite_open function does not exist, is sqlite extension installed?';
+				return $this->sql_error('');
+			}
+			$this->db_connect_id = @sqlite_open($this->server, 0666, $error);
+		}
 
 		if ($this->db_connect_id)
 		{
@@ -281,10 +300,22 @@ class dbal_sqlite extends dbal
 	*/
 	function _sql_error()
 	{
-		return array(
-			'message'	=> @sqlite_error_string(@sqlite_last_error($this->db_connect_id)),
-			'code'		=> @sqlite_last_error($this->db_connect_id)
-		);
+		if (function_exists('sqlite_error_string'))
+		{
+			$error = array(
+				'message'	=> @sqlite_error_string(@sqlite_last_error($this->db_connect_id)),
+				'code'		=> @sqlite_last_error($this->db_connect_id),
+			);
+		}
+		else
+		{
+			$error = array(
+				'message'	=> $this->connect_error,
+				'code'		=> '',
+			);
+		}
+
+		return $error;
 	}
 
 	/**

phpBB/includes/functions.php

@@ -137,7 +137,18 @@ function request_var($var_name, $default, $multibyte = false, $cookie = false)
 }
 
 /**
-* Set config value. Creates missing config entry.
+* Sets a configuration option's value.
+*
+* Please note that this function does not update the is_dynamic value for
+* an already existing config option.
+*
+* @param string $config_name   The configuration option's name
+* @param string $config_value  New configuration value
+* @param bool   $is_dynamic    Whether this variable should be cached (false) or
+*                              if it changes too frequently (true) to be
+*                              efficiently cached.
+*
+* @return null
 */
 function set_config($config_name, $config_value, $is_dynamic = false)
 {
@@ -166,7 +177,15 @@ function set_config($config_name, $config_value, $is_dynamic = false)
 }
 
 /**
-* Set dynamic config value with arithmetic operation.
+* Increments an integer config value directly in the database.
+*
+* @param string $config_name   The configuration option's name
+* @param int    $increment     Amount to increment by
+* @param bool   $is_dynamic    Whether this variable should be cached (false) or
+*                              if it changes too frequently (true) to be
+*                              efficiently cached.
+*
+* @return null
 */
 function set_config_count($config_name, $increment, $is_dynamic = false)
 {
@@ -289,7 +308,8 @@ function phpbb_gmgetdate($time = false)
 /**
 * Return formatted string for filesizes
 *
-* @param int	$value			filesize in bytes
+* @param mixed	$value			filesize in bytes
+*								(non-negative number; int, float or string)
 * @param bool	$string_only	true if language string should be returned
 * @param array	$allowed_units	only allow these units (data array indexes)
 *
@@ -301,6 +321,12 @@ function get_formatted_filesize($value, $string_only = true, $allowed_units = fa
 	global $user;
 
 	$available_units = array(
+		'tb' => array(
+			'min' 		=> 1099511627776, // pow(2, 40)
+			'index'		=> 4,
+			'si_unit'	=> 'TB',
+			'iec_unit'	=> 'TIB',
+		),
 		'gb' => array(
 			'min' 		=> 1073741824, // pow(2, 30)
 			'index'		=> 3,
@@ -476,6 +502,13 @@ function phpbb_hash($password)
 */
 function phpbb_check_hash($password, $hash)
 {
+	if (strlen($password) > 4096)
+	{
+		// If the password is too huge, we will simply reject it
+		// and not let the server try to hash it.
+		return false;
+	}
+
 	$itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
 	if (strlen($hash) == 34)
 	{
@@ -979,7 +1012,7 @@ if (!function_exists('stripos'))
 */
 function is_absolute($path)
 {
-	return ($path[0] == '/' || (DIRECTORY_SEPARATOR == '\\' && preg_match('#^[a-z]:[/\\\]#i', $path))) ? true : false;
+	return (isset($path[0]) && $path[0] == '/' || preg_match('#^[a-z]:[/\\\]#i', $path)) ? true : false;
 }
 
 /**
@@ -1176,6 +1209,36 @@ else
 	}
 }
 
+/**
+* Eliminates useless . and .. components from specified path.
+*
+* @param string $path Path to clean
+* @return string Cleaned path
+*/
+function phpbb_clean_path($path)
+{
+	$exploded = explode('/', $path);
+	$filtered = array();
+	foreach ($exploded as $part)
+	{
+		if ($part === '.' && !empty($filtered))
+		{
+			continue;
+		}
+
+		if ($part === '..' && !empty($filtered) && $filtered[sizeof($filtered) - 1] !== '..')
+		{
+			array_pop($filtered);
+		}
+		else
+		{
+			$filtered[] = $part;
+		}
+	}
+	$path = implode('/', $filtered);
+	return $path;
+}
+
 if (!function_exists('htmlspecialchars_decode'))
 {
 	/**
@@ -2684,7 +2747,7 @@ function meta_refresh($time, $url, $disable_cd_check = false)
 
 	// For XHTML compatibility we change back & to &
 	$template->assign_vars(array(
-		'META' => '<meta http-equiv="refresh" content="' . $time . ';url=' . $url . '" />')
+		'META' => '<meta http-equiv="refresh" content="' . $time . '; url=' . $url . '" />')
 	);
 
 	return $url;
@@ -2708,7 +2771,7 @@ function meta_refresh($time, $url, $disable_cd_check = false)
 *
 * @param int $code HTTP status code
 * @param string $message Message for the status code
-* @return void
+* @return null
 */
 function send_status_line($code, $message)
 {
@@ -2811,7 +2874,7 @@ function check_form_key($form_name, $timespan = false, $return_page = '', $trigg
 		$diff = time() - $creation_time;
 
 		// If creation_time and the time() now is zero we can assume it was not a human doing this (the check for if ($diff)...
-		if ($diff && ($diff <= $timespan || $timespan === -1))
+		if (defined('DEBUG_TEST') || $diff && ($diff <= $timespan || $timespan === -1))
 		{
 			$token_sid = ($user->data['user_id'] == ANONYMOUS && !empty($config['form_token_sid_guests'])) ? $user->session_id : '';
 			$key = sha1($creation_time . $user->data['user_form_salt'] . $form_name . $token_sid);
@@ -3216,6 +3279,7 @@ function login_forum_box($forum_data)
 	page_header($user->lang['LOGIN'], false);
 
 	$template->assign_vars(array(
+		'FORUM_NAME'			=> isset($forum_data['forum_name']) ? $forum_data['forum_name'] : '',
 		'S_LOGIN_ACTION'		=> build_url(array('f')),
 		'S_HIDDEN_FIELDS'		=> build_hidden_fields(array('f' => $forum_data['forum_id'])))
 	);
@@ -3303,7 +3367,7 @@ function parse_cfg_file($filename, $lines = false)
 		}
 
 		// Determine first occurrence, since in values the equal sign is allowed
-		$key = strtolower(trim(substr($line, 0, $delim_pos)));
+		$key = htmlspecialchars(strtolower(trim(substr($line, 0, $delim_pos))));
 		$value = trim(substr($line, $delim_pos + 1));
 
 		if (in_array($value, array('off', 'false', '0')))
@@ -3320,7 +3384,11 @@ function parse_cfg_file($filename, $lines = false)
 		}
 		else if (($value[0] == "'" && $value[sizeof($value) - 1] == "'") || ($value[0] == '"' && $value[sizeof($value) - 1] == '"'))
 		{
-			$value = substr($value, 1, sizeof($value)-2);
+			$value = htmlspecialchars(substr($value, 1, sizeof($value)-2));
+		}
+		else
+		{
+			$value = htmlspecialchars($value);
 		}
 
 		$parsed_items[$key] = $value;
@@ -3921,7 +3989,7 @@ function msg_handler($errno, $msg_text, $errfile, $errline)
 			echo '	</div>';
 			echo '	</div>';
 			echo '	<div id="page-footer">';
-			echo '		Powered by <a href="http://www.phpbb.com/">phpBB</a>&reg; Forum Software &copy; phpBB Group';
+			echo '		Powered by <a href="https://www.phpbb.com/">phpBB</a>&reg; Forum Software &copy; phpBB Group';
 			echo '	</div>';
 			echo '</div>';
 			echo '</body>';
@@ -4295,7 +4363,7 @@ function phpbb_optionset($bit, $set, $data)
 *
 * @param array	$param		Parameter array, see $param_defaults array.
 *
-* @return void
+* @return null
 */
 function phpbb_http_login($param)
 {
@@ -4741,7 +4809,7 @@ function page_footer($run_cron = true)
 	$template->assign_vars(array(
 		'DEBUG_OUTPUT'			=> (defined('DEBUG')) ? $debug_output : '',
 		'TRANSLATION_INFO'		=> (!empty($user->lang['TRANSLATION_INFO'])) ? $user->lang['TRANSLATION_INFO'] : '',
-		'CREDIT_LINE'			=> $user->lang('POWERED_BY', '<a href="http://www.phpbb.com/">phpBB</a>&reg; Forum Software &copy; phpBB Group'),
+		'CREDIT_LINE'			=> $user->lang('POWERED_BY', '<a href="https://www.phpbb.com/">phpBB</a>&reg; Forum Software &copy; phpBB Group'),
 
 		'U_ACP' => ($auth->acl_get('a_') && !empty($user->data['is_registered'])) ? append_sid("{$phpbb_root_path}adm/index.$phpEx", false, true, $user->session_id) : '')
 	);

phpBB/includes/functions_admin.php

@@ -3057,8 +3057,24 @@ function get_database_size()
 		case 'mssql':
 		case 'mssql_odbc':
 		case 'mssqlnative':
+			$sql = 'SELECT @@VERSION AS mssql_version';
+			$result = $db->sql_query($sql);
+			$row = $db->sql_fetchrow($result);
+			$db->sql_freeresult($result);
+			
 			$sql = 'SELECT ((SUM(size) * 8.0) * 1024.0) as dbsize
 				FROM sysfiles';
+
+			if ($row)
+			{
+				// Azure stats are stored elsewhere
+				if (strpos($row['mssql_version'], 'SQL Azure') !== false)
+				{
+					$sql = 'SELECT ((SUM(reserved_page_count) * 8.0) * 1024.0) as dbsize 
+					FROM sys.dm_db_partition_stats';
+				}
+			}
+
 			$result = $db->sql_query($sql, 7200);
 			$database_size = ($row = $db->sql_fetchrow($result)) ? $row['dbsize'] : false;
 			$db->sql_freeresult($result);
@@ -3121,7 +3137,7 @@ function get_remote_file($host, $directory, $filename, &$errstr, &$errno, $port
 
 	if ($fsock = @fsockopen($host, $port, $errno, $errstr, $timeout))
 	{
-		@fputs($fsock, "GET $directory/$filename HTTP/1.1\r\n");
+		@fputs($fsock, "GET $directory/$filename HTTP/1.0\r\n");
 		@fputs($fsock, "HOST: $host\r\n");
 		@fputs($fsock, "Connection: close\r\n\r\n");
 
@@ -3319,7 +3335,7 @@ function obtain_latest_version_info($force_update = false, $warn_fail = false, $
 		$info = get_remote_file('version.phpbb.com', '/phpbb',
 				((defined('PHPBB_QA')) ? '30x_qa.txt' : '30x.txt'), $errstr, $errno);
 
-		if ($info === false)
+		if (empty($info))
 		{
 			$cache->destroy('versioncheck');
 			if ($warn_fail)
@@ -3343,7 +3359,7 @@ function obtain_latest_version_info($force_update = false, $warn_fail = false, $
  * @param int		$flag			The binary flag which is OR-ed with the current column value
  * @param string	$sql_more		This string is attached to the sql query generated to update the table.
  *
- * @return void
+ * @return null
  */
 function enable_bitfield_column_flag($table_name, $column_name, $flag, $sql_more = '')
 {

phpBB/includes/functions_content.php

@@ -21,6 +21,7 @@ if (!defined('IN_PHPBB'))
 * make_jumpbox()
 * bump_topic_allowed()
 * get_context()
+* phpbb_clean_search_string()
 * decode_message()
 * strip_bbcode()
 * generate_text_for_display()
@@ -360,6 +361,23 @@ function get_context($text, $words, $length = 400)
 	}
 }
 
+/**
+* Cleans a search string by removing single wildcards from it and replacing multiple spaces with a single one.
+*
+* @param string $search_string The full search string which should be cleaned.
+*
+* @return string The cleaned search string without any wildcards and multiple spaces.
+*/
+function phpbb_clean_search_string($search_string)
+{
+	// This regular expressions matches every single wildcard.
+	// That means one after a whitespace or the beginning of the string or one before a whitespace or the end of the string.
+	$search_string = preg_replace('#(?<=^|\s)\*+(?=\s|$)#', '', $search_string);
+	$search_string = trim($search_string);
+	$search_string = preg_replace(array('#\s+#u', '#\*+#u'), array(' ', '*'), $search_string);
+	return $search_string;
+}
+
 /**
 * Decode text whereby text is coming from the db and expected to be pre-parsed content
 * We are placing this outside of the message parser because we are often in need of it...
@@ -413,7 +431,7 @@ function generate_text_for_display($text, $uid, $bitfield, $flags)
 {
 	static $bbcode;
 
-	if (!$text)
+	if ($text === '')
 	{
 		return '';
 	}
@@ -459,7 +477,7 @@ function generate_text_for_storage(&$text, &$uid, &$bitfield, &$flags, $allow_bb
 	$uid = $bitfield = '';
 	$flags = (($allow_bbcode) ? OPTION_FLAG_BBCODE : 0) + (($allow_smilies) ? OPTION_FLAG_SMILIES : 0) + (($allow_urls) ? OPTION_FLAG_LINKS : 0);
 
-	if (!$text)
+	if ($text === '')
 	{
 		return;
 	}

phpBB/includes/functions_database_helper.php

@@ -0,0 +1,206 @@
+<?php
+/**
+*
+* @package phpBB3
+* @copyright (c) 2012 phpBB Group
+* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
+*
+*/
+
+/**
+* @ignore
+*/
+if (!defined('IN_PHPBB'))
+{
+	exit;
+}
+
+/**
+* Updates rows in given table from a set of values to a new value.
+* If this results in rows violating uniqueness constraints, the duplicate
+* rows are eliminated.
+*
+* The only supported table is bookmarks.
+*
+* @param dbal $db Database object
+* @param string $table Table on which to perform the update
+* @param string $column Column whose values to change
+* @param array $from_values An array of values that should be changed
+* @param int $to_value The new value
+* @return null
+*/
+function phpbb_update_rows_avoiding_duplicates($db, $table, $column, $from_values, $to_value)
+{
+	$sql = "SELECT $column, user_id
+		FROM $table
+		WHERE " . $db->sql_in_set($column, $from_values);
+	$result = $db->sql_query($sql);
+
+	$old_user_ids = array();
+	while ($row = $db->sql_fetchrow($result))
+	{
+		$old_user_ids[$row[$column]][] = (int) $row['user_id'];
+	}
+	$db->sql_freeresult($result);
+
+	$sql = "SELECT $column, user_id
+		FROM $table
+		WHERE $column = " . (int) $to_value;
+	$result = $db->sql_query($sql);
+
+	$new_user_ids = array();
+	while ($row = $db->sql_fetchrow($result))
+	{
+		$new_user_ids[$row[$column]][] = (int) $row['user_id'];
+	}
+	$db->sql_freeresult($result);
+
+	$queries = array();
+	foreach ($from_values as $from_value)
+	{
+		if (!isset($old_user_ids[$from_value]))
+		{
+			continue;
+		}
+		if (empty($new_user_ids))
+		{
+			$sql = "UPDATE $table
+				SET $column = " . (int) $to_value . "
+				WHERE $column = '" . $db->sql_escape($from_value) . "'";
+			$queries[] = $sql;
+		}
+		else
+		{
+			$different_user_ids = array_diff($old_user_ids[$from_value], $new_user_ids[$to_value]);
+			if (!empty($different_user_ids))
+			{
+				$sql = "UPDATE $table
+					SET $column = " . (int) $to_value . "
+					WHERE $column = '" . $db->sql_escape($from_value) . "'
+					AND " . $db->sql_in_set('user_id', $different_user_ids);
+				$queries[] = $sql;
+			}
+		}
+	}
+
+	if (!empty($queries))
+	{
+		$db->sql_transaction('begin');
+
+		foreach ($queries as $sql)
+		{
+			$db->sql_query($sql);
+		}
+
+		$sql = "DELETE FROM $table
+			WHERE " . $db->sql_in_set($column, $from_values);
+		$db->sql_query($sql);
+
+		$db->sql_transaction('commit');
+	}
+}
+
+/**
+* Updates rows in given table from a set of values to a new value.
+* If this results in rows violating uniqueness constraints, the duplicate
+* rows are merged respecting notify_status (0 takes precedence over 1).
+*
+* The only supported table is topics_watch.
+*
+* @param dbal $db Database object
+* @param string $table Table on which to perform the update
+* @param string $column Column whose values to change
+* @param array $from_values An array of values that should be changed
+* @param int $to_value The new value
+* @return null
+*/
+function phpbb_update_rows_avoiding_duplicates_notify_status($db, $table, $column, $from_values, $to_value)
+{
+	$sql = "SELECT $column, user_id, notify_status
+		FROM $table
+		WHERE " . $db->sql_in_set($column, $from_values);
+	$result = $db->sql_query($sql);
+
+	$old_user_ids = array();
+	while ($row = $db->sql_fetchrow($result))
+	{
+		$old_user_ids[(int) $row['notify_status']][$row[$column]][] = (int) $row['user_id'];
+	}
+	$db->sql_freeresult($result);
+
+	$sql = "SELECT $column, user_id
+		FROM $table
+		WHERE $column = " . (int) $to_value;
+	$result = $db->sql_query($sql);
+
+	$new_user_ids = array();
+	while ($row = $db->sql_fetchrow($result))
+	{
+		$new_user_ids[$row[$column]][] = (int) $row['user_id'];
+	}
+	$db->sql_freeresult($result);
+
+	$queries = array();
+	$extra_updates = array(
+		0 => 'notify_status = 0',
+		1 => '',
+	);
+	foreach ($from_values as $from_value)
+	{
+		foreach ($extra_updates as $notify_status => $extra_update)
+		{
+			if (!isset($old_user_ids[$notify_status][$from_value]))
+			{
+				continue;
+			}
+			if (empty($new_user_ids))
+			{
+				$sql = "UPDATE $table
+					SET $column = " . (int) $to_value . "
+					WHERE $column = '" . $db->sql_escape($from_value) . "'";
+				$queries[] = $sql;
+			}
+			else
+			{
+				$different_user_ids = array_diff($old_user_ids[$notify_status][$from_value], $new_user_ids[$to_value]);
+				if (!empty($different_user_ids))
+				{
+					$sql = "UPDATE $table
+						SET $column = " . (int) $to_value . "
+						WHERE $column = '" . $db->sql_escape($from_value) . "'
+						AND " . $db->sql_in_set('user_id', $different_user_ids);
+					$queries[] = $sql;
+				}
+
+				if ($extra_update)
+				{
+					$same_user_ids = array_diff($old_user_ids[$notify_status][$from_value], $different_user_ids);
+					if (!empty($same_user_ids))
+					{
+						$sql = "UPDATE $table
+							SET $extra_update
+							WHERE $column = '" . (int) $to_value . "'
+							AND " . $db->sql_in_set('user_id', $same_user_ids);
+						$queries[] = $sql;
+					}
+				}
+			}
+		}
+	}
+
+	if (!empty($queries))
+	{
+		$db->sql_transaction('begin');
+
+		foreach ($queries as $sql)
+		{
+			$db->sql_query($sql);
+		}
+
+		$sql = "DELETE FROM $table
+			WHERE " . $db->sql_in_set($column, $from_values);
+		$db->sql_query($sql);
+
+		$db->sql_transaction('commit');
+	}
+}

phpBB/includes/functions_install.php

@@ -55,6 +55,8 @@ function get_available_dbms($dbms = false, $return_unavailable = false, $only_20
 			'AVAILABLE'		=> true,
 			'2.0.x'			=> false,
 		),
+		// Note: php 5.5 alpha 2 deprecated mysql.
+		// Keep mysqli before mysql in this list.
 		'mysqli'	=> array(
 			'LABEL'			=> 'MySQL with MySQLi Extension',
 			'SCHEMA'		=> 'mysql_41',
@@ -307,7 +309,7 @@ function connect_check_db($error_connect, &$error, $dbms_details, $table_prefix,
 	if (is_array($db->sql_connect($dbhost, $dbuser, $dbpasswd, $dbname, $dbport, false, true)))
 	{
 		$db_error = $db->sql_error();
-		$error[] = $lang['INST_ERR_DB_CONNECT'] . '<br />' . (($db_error['message']) ? $db_error['message'] : $lang['INST_ERR_DB_NO_ERROR']);
+		$error[] = $lang['INST_ERR_DB_CONNECT'] . '<br />' . (($db_error['message']) ? utf8_convert_message($db_error['message']) : $lang['INST_ERR_DB_NO_ERROR']);
 	}
 	else
 	{
@@ -551,10 +553,12 @@ function adjust_language_keys_callback($matches)
 * @param	string	$dbms The name of the DBAL class to use
 * @param	array	$load_extensions Array of additional extensions that should be loaded
 * @param	bool	$debug If the debug constants should be enabled by default or not
+* @param	bool	$debug_test If the DEBUG_TEST constant should be added
+*					NOTE: Only for use within the testing framework
 *
 * @return	string	The output to write to the file
 */
-function phpbb_create_config_file_data($data, $dbms, $load_extensions, $debug = false)
+function phpbb_create_config_file_data($data, $dbms, $load_extensions, $debug = false, $debug_test = false)
 {
 	$load_extensions = implode(',', $load_extensions);
 
@@ -591,6 +595,11 @@ function phpbb_create_config_file_data($data, $dbms, $load_extensions, $debug =
 		$config_data .= "// @define('DEBUG_EXTRA', true);\n";
 	}
 
+	if ($debug_test)
+	{
+		$config_data .= "@define('DEBUG_TEST', true);\n";
+	}
+
 	return $config_data;
 }
 

phpBB/includes/functions_jabber.php

@@ -250,7 +250,7 @@ class jabber
 			return true;
 		}
 
-		// Apparently an error occured...
+		// Apparently an error occurred...
 		$this->add_to_log('Error: open_socket() - ' . $errorstr);
 		return false;
 	}

phpBB/includes/functions_messenger.php

@@ -389,6 +389,28 @@ class messenger
 		}
 	}
 
+	/**
+	* Generates a valid message id to be used in emails
+	*
+	* @return string message id
+	*/
+	function generate_message_id()
+	{
+		global $config;
+
+		$domain = 'phpbb.generated';
+		if ($config['server_name'])
+		{
+			$domain = $config['server_name'];
+		}
+		else if (!empty($_SERVER['SERVER_NAME']))
+		{
+			$domain = $_SERVER['SERVER_NAME'];
+		}
+
+		return md5(unique_id(time())) . '@' . $domain;
+	}
+
 	/**
 	* Return email header
 	*/
@@ -415,7 +437,7 @@ class messenger
 		$headers[] = 'Return-Path: <' . $config['board_email'] . '>';
 		$headers[] = 'Sender: <' . $config['board_email'] . '>';
 		$headers[] = 'MIME-Version: 1.0';
-		$headers[] = 'Message-ID: <' . md5(unique_id(time())) . '@' . $config['server_name'] . '>';
+		$headers[] = 'Message-ID: <' . $this->generate_message_id() . '>';
 		$headers[] = 'Date: ' . date('r', time());
 		$headers[] = 'Content-Type: text/plain; charset=UTF-8'; // format=flowed
 		$headers[] = 'Content-Transfer-Encoding: 8bit'; // 7bit
@@ -715,14 +737,21 @@ class queue
 
 		$lock_fp = $this->lock();
 
-		set_config('last_queue_run', time(), true);
-
-		if (!file_exists($this->cache_file) || filemtime($this->cache_file) > time() - $config['queue_interval'])
+		// avoid races, check file existence once
+		$have_cache_file = file_exists($this->cache_file);
+		if (!$have_cache_file || $config['last_queue_run'] > time() - $config['queue_interval'])
 		{
+			if (!$have_cache_file)
+			{
+				set_config('last_queue_run', time(), true);
+			}
+
 			$this->unlock($lock_fp);
 			return;
 		}
 
+		set_config('last_queue_run', time(), true);
+
 		include($this->cache_file);
 
 		foreach ($this->queue_data as $object => $data_ary)

phpBB/includes/functions_module.php

@@ -436,21 +436,21 @@ class p_master
 
 		if ($this->active_module === false)
 		{
-			trigger_error('Module not accessible', E_USER_ERROR);
+			trigger_error('MODULE_NOT_ACCESS', E_USER_ERROR);
 		}
 
 		if (!class_exists("{$this->p_class}_$this->p_name"))
 		{
 			if (!file_exists("$module_path/{$this->p_class}_$this->p_name.$phpEx"))
 			{
-				trigger_error("Cannot find module $module_path/{$this->p_class}_$this->p_name.$phpEx", E_USER_ERROR);
+				trigger_error($user->lang('MODULE_NOT_FIND', "$module_path/{$this->p_class}_$this->p_name.$phpEx"), E_USER_ERROR);
 			}
 
 			include("$module_path/{$this->p_class}_$this->p_name.$phpEx");
 
 			if (!class_exists("{$this->p_class}_$this->p_name"))
 			{
-				trigger_error("Module file $module_path/{$this->p_class}_$this->p_name.$phpEx does not contain correct class [{$this->p_class}_$this->p_name]", E_USER_ERROR);
+				trigger_error($user->lang('MODULE_FILE_INCORRECT_CLASS', "$module_path/{$this->p_class}_$this->p_name.$phpEx", "{$this->p_class}_$this->p_name"), E_USER_ERROR);
 			}
 
 			if (!empty($mode))

phpBB/includes/functions_posting.php

@@ -288,13 +288,15 @@ function posting_gen_topic_icons($mode, $icon_id)
 
 	if (sizeof($icons))
 	{
+		$root_path = (defined('PHPBB_USE_BOARD_URL_PATH') && PHPBB_USE_BOARD_URL_PATH) ? generate_board_url() . '/' : $phpbb_root_path;
+
 		foreach ($icons as $id => $data)
 		{
 			if ($data['display'])
 			{
 				$template->assign_block_vars('topic_icon', array(
 					'ICON_ID'		=> $id,
-					'ICON_IMG'		=> $phpbb_root_path . $config['icons_path'] . '/' . $data['img'],
+					'ICON_IMG'		=> $root_path . $config['icons_path'] . '/' . $data['img'],
 					'ICON_WIDTH'	=> $data['width'],
 					'ICON_HEIGHT'	=> $data['height'],
 
@@ -392,6 +394,10 @@ function upload_attachment($form_name, $forum_id, $local = false, $local_storage
 	{
 		$upload->set_disallowed_content(explode('|', $config['mime_triggers']));
 	}
+	else if (!$config['check_attachment_content'])
+	{
+		$upload->set_disallowed_content(array());
+	}
 
 	if (!$local)
 	{
@@ -421,16 +427,6 @@ function upload_attachment($form_name, $forum_id, $local = false, $local_storage
 
 	$cat_id = (isset($extensions[$file->get('extension')]['display_cat'])) ? $extensions[$file->get('extension')]['display_cat'] : ATTACHMENT_CATEGORY_NONE;
 
-	// Make sure the image category only holds valid images...
-	if ($cat_id == ATTACHMENT_CATEGORY_IMAGE && !$file->is_image())
-	{
-		$file->remove();
-
-		// If this error occurs a user tried to exploit an IE Bug by renaming extensions
-		// Since the image category is displaying content inline we need to catch this.
-		trigger_error($user->lang['ATTACHED_IMAGE_NOT_IMAGE']);
-	}
-
 	// Do we have to create a thumbnail?
 	$filedata['thumbnail'] = ($cat_id == ATTACHMENT_CATEGORY_IMAGE && $config['img_create_thumbnail']) ? 1 : 0;
 
@@ -471,6 +467,16 @@ function upload_attachment($form_name, $forum_id, $local = false, $local_storage
 		return $filedata;
 	}
 
+	// Make sure the image category only holds valid images...
+	if ($cat_id == ATTACHMENT_CATEGORY_IMAGE && !$file->is_image())
+	{
+		$file->remove();
+
+		// If this error occurs a user tried to exploit an IE Bug by renaming extensions
+		// Since the image category is displaying content inline we need to catch this.
+		trigger_error($user->lang['ATTACHED_IMAGE_NOT_IMAGE']);
+	}
+
 	$filedata['filesize'] = $file->get('filesize');
 	$filedata['mimetype'] = $file->get('mimetype');
 	$filedata['extension'] = $file->get('extension');
@@ -1167,7 +1173,7 @@ function topic_review($topic_id, $forum_id, $mode = 'topic_review', $cur_post_id
 /**
 * User Notification
 */
-function user_notification($mode, $subject, $topic_title, $forum_name, $forum_id, $topic_id, $post_id)
+function user_notification($mode, $subject, $topic_title, $forum_name, $forum_id, $topic_id, $post_id, $author_name = '')
 {
 	global $db, $user, $config, $phpbb_root_path, $phpEx, $auth;
 
@@ -1338,6 +1344,7 @@ function user_notification($mode, $subject, $topic_title, $forum_name, $forum_id
 					'USERNAME'		=> htmlspecialchars_decode($addr['name']),
 					'TOPIC_TITLE'	=> htmlspecialchars_decode($topic_title),
 					'FORUM_NAME'	=> htmlspecialchars_decode($forum_name),
+					'AUTHOR_NAME'	=> htmlspecialchars_decode($author_name),
 
 					'U_FORUM'				=> generate_board_url() . "/viewforum.$phpEx?f=$forum_id",
 					'U_TOPIC'				=> generate_board_url() . "/viewtopic.$phpEx?f=$forum_id&t=$topic_id",
@@ -1695,8 +1702,9 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u
 	// The variable name should be $post_approved, because it indicates if the post is approved or not
 	$post_approval = 1;
 
-	// Check the permissions for post approval. Moderators are not affected.
-	if (!$auth->acl_get('f_noapprove', $data['forum_id']) && !$auth->acl_get('m_approve', $data['forum_id']))
+	// Check the permissions for post approval.
+	// Moderators must go through post approval like ordinary users.
+	if (!$auth->acl_get('f_noapprove', $data['forum_id']))
 	{
 		// Post not approved, but in queue
 		$post_approval = 0;
@@ -2600,7 +2608,11 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u
 	// Send Notifications
 	if (($mode == 'reply' || $mode == 'quote' || $mode == 'post') && $post_approval)
 	{
-		user_notification($mode, $subject, $data['topic_title'], $data['forum_name'], $data['forum_id'], $data['topic_id'], $data['post_id']);
+		// If a username was supplied or the poster is a guest, we will use the supplied username.
+		// Doing it this way we can use "...post by guest-username..." in notifications when
+		// "guest-username" is supplied or ommit the username if it is not.
+		$username = ($username !== '' || !$user->data['is_registered']) ? $username : $user->data['username'];
+		user_notification($mode, $subject, $data['topic_title'], $data['forum_name'], $data['forum_id'], $data['topic_id'], $data['post_id'], $username);
 	}
 
 	$params = $add_anchor = '';
@@ -2637,7 +2649,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u
 *				- 'topic_last_post_subject'
 *				- 'topic_last_poster_name'
 *				- 'topic_last_poster_colour'
-* @param int $bump_time The time at which topic was bumped, usually it is a current time as obtained via time(). 
+* @param int $bump_time The time at which topic was bumped, usually it is a current time as obtained via time().
 * @return string An URL to the bumped topic, example: ./viewtopic.php?forum_id=1&amptopic_id=2&ampp=3#p3
 */
 function phpbb_bump_topic($forum_id, $topic_id, $post_data, $bump_time = false)

phpBB/includes/functions_privmsgs.php

@@ -208,7 +208,7 @@ function get_folder($user_id, $folder_id = false)
 		);
 	}
 
-	if ($folder_id !== false && !isset($folder[$folder_id]))
+	if ($folder_id !== false && $folder_id !== PRIVMSGS_HOLD_BOX && !isset($folder[$folder_id]))
 	{
 		trigger_error('UNKNOWN_FOLDER');
 	}

phpBB/includes/functions_profile_fields.php

@@ -532,7 +532,7 @@ class custom_profile
 		switch ($this->profile_types[$field_type])
 		{
 			case 'int':
-				if ($value === '' && !$ident_ary['data']['field_show_novalue'])
+				if (($value === '' || $value === null) && !$ident_ary['data']['field_show_novalue'])
 				{
 					return NULL;
 				}

phpBB/includes/functions_upload.php

@@ -466,6 +466,9 @@ class fileupload
 	var $max_height = 0;
 	var $error_prefix = '';
 
+	/** @var int Timeout for remote upload */
+	var $upload_timeout = 6;
+
 	/**
 	* Init file upload class.
 	*
@@ -795,13 +798,28 @@ class fileupload
 		fputs($fsock, "HOST: " . $host . "\r\n");
 		fputs($fsock, "Connection: close\r\n\r\n");
 
+		// Set a proper timeout for the socket
+		socket_set_timeout($fsock, $this->upload_timeout);
+
 		$get_info = false;
 		$data = '';
-		while (!@feof($fsock))
+		$length = false;
+		$timer_stop = time() + $this->upload_timeout;
+
+		while ((!$length || $filesize < $length) && !@feof($fsock))
 		{
 			if ($get_info)
 			{
-				$block = @fread($fsock, 1024);
+				if ($length)
+				{
+					// Don't attempt to read past end of file if server indicated length
+					$block = @fread($fsock, min($length - $filesize, 1024));
+				}
+				else
+				{
+					$block = @fread($fsock, 1024);
+				}
+
 				$filesize += strlen($block);
 
 				if ($remote_max_filesize && $filesize > $remote_max_filesize)
@@ -847,6 +865,15 @@ class fileupload
 					}
 				}
 			}
+
+			$stream_meta_data = stream_get_meta_data($fsock);
+
+			// Cancel upload if we exceed timeout
+			if (!empty($stream_meta_data['timed_out']) || time() >= $timer_stop)
+			{
+				$file = new fileerror($user->lang[$this->error_prefix . 'REMOTE_UPLOAD_TIMEOUT']);
+				return $file;
+			}
 		}
 		@fclose($fsock);
 

phpBB/includes/functions_user.php

@@ -329,11 +329,16 @@ function user_add($user_row, $cp_data = false)
 }
 
 /**
-* Remove User
-*/
+ * Remove User
+ *
+ * @param string	$mode		'retain' or 'remove'
+ * @param int		$user_id
+ * @param mixed		$post_username
+ * @return bool
+ */
 function user_delete($mode, $user_id, $post_username = false)
 {
-	global $cache, $config, $db, $user, $auth;
+	global $cache, $config, $db, $user;
 	global $phpbb_root_path, $phpEx;
 
 	$sql = 'SELECT *
@@ -439,11 +444,6 @@ function user_delete($mode, $user_id, $post_username = false)
 					WHERE poster_id = $user_id";
 				$db->sql_query($sql);
 
-				$sql = 'UPDATE ' . POSTS_TABLE . '
-					SET post_edit_user = ' . ANONYMOUS . "
-					WHERE post_edit_user = $user_id";
-				$db->sql_query($sql);
-
 				$sql = 'UPDATE ' . TOPICS_TABLE . '
 					SET topic_poster = ' . ANONYMOUS . ", topic_first_poster_name = '" . $db->sql_escape($post_username) . "', topic_first_poster_colour = ''
 					WHERE topic_poster = $user_id";
@@ -501,6 +501,18 @@ function user_delete($mode, $user_id, $post_username = false)
 
 	$cache->destroy('sql', MODERATOR_CACHE_TABLE);
 
+	// Change user_id to anonymous for posts edited by this user
+	$sql = 'UPDATE ' . POSTS_TABLE . '
+		SET post_edit_user = ' . ANONYMOUS . '
+		WHERE post_edit_user = ' . $user_id;
+	$db->sql_query($sql);
+
+	// Change user_id to anonymous for pms edited by this user
+	$sql = 'UPDATE ' . PRIVMSGS_TABLE . '
+		SET message_edit_user = ' . ANONYMOUS . '
+		WHERE message_edit_user = ' . $user_id;
+	$db->sql_query($sql);
+
 	// Delete user log entries about this user
 	$sql = 'DELETE FROM ' . LOG_TABLE . '
 		WHERE reportee_id = ' . $user_id;
@@ -1247,8 +1259,9 @@ function validate_data($data, $val_ary)
 		{
 			$function = array_shift($validate);
 			array_unshift($validate, $data[$var]);
+			$function_prefix = (function_exists('phpbb_validate_' . $function)) ? 'phpbb_validate_' : 'validate_';
 
-			if ($result = call_user_func_array('validate_' . $function, $validate))
+			if ($result = call_user_func_array($function_prefix . $function, $validate))
 			{
 				// Since errors are checked later for their language file existence, we need to make sure custom errors are not adjusted.
 				$error[] = (empty($user->lang[$result . '_' . strtoupper($var)])) ? $result : $result . '_' . strtoupper($var);
@@ -1553,7 +1566,7 @@ function validate_username($username, $allowed_username = false)
 */
 function validate_password($password)
 {
-	global $config, $db, $user;
+	global $config;
 
 	if ($password === '' || $config['pass_complex'] === 'PASS_TYPE_ANY')
 	{
@@ -1898,6 +1911,30 @@ function validate_jabber($jid)
 	return false;
 }
 
+/**
+* Validate hex colour value
+*
+* @param string $colour The hex colour value
+* @param bool $optional Whether the colour value is optional. True if an empty
+*			string will be accepted as correct input, false if not.
+* @return bool|string Error message if colour value is incorrect, false if it
+*			fits the hex colour code
+*/
+function phpbb_validate_hex_colour($colour, $optional = false)
+{
+	if ($colour === '')
+	{
+		return (($optional) ? false : 'WRONG_DATA');
+	}
+
+	if (!preg_match('/^([0-9a-fA-F]{6}|[0-9a-fA-F]{3})$/', $colour))
+	{
+		return 'WRONG_DATA';
+	}
+
+	return false;
+}
+
 /**
 * Verifies whether a style ID corresponds to an active style.
 *

phpBB/includes/mcp/info/mcp_pm_reports.php

@@ -20,7 +20,7 @@ class mcp_pm_reports_info
 			'title'		=> 'MCP_PM_REPORTS',
 			'version'	=> '1.0.0',
 			'modes'		=> array(
-				'pm_reports'			=> array('title' => 'MCP_PM_REPORTS_OPEN', 'auth' => 'aclf_m_report', 'cat' => array('MCP_REPORTS')),
+				'pm_reports'		=> array('title' => 'MCP_PM_REPORTS_OPEN', 'auth' => 'aclf_m_report', 'cat' => array('MCP_REPORTS')),
 				'pm_reports_closed'	=> array('title' => 'MCP_PM_REPORTS_CLOSED', 'auth' => 'aclf_m_report', 'cat' => array('MCP_REPORTS')),
 				'pm_report_details'	=> array('title' => 'MCP_PM_REPORT_DETAILS', 'auth' => 'aclf_m_report', 'cat' => array('MCP_REPORTS')),
 			),

phpBB/includes/mcp/mcp_forum.php

@@ -414,13 +414,16 @@ function merge_topics($forum_id, $topic_ids, $to_topic_id)
 		// Message and return links
 		$success_msg = 'POSTS_MERGED_SUCCESS';
 
-		// If the topic no longer exist, we will update the topic watch table.
-		// To not let it error out on users watching both topics, we just return on an error...
-		$db->sql_return_on_error(true);
-		$db->sql_query('UPDATE ' . TOPICS_WATCH_TABLE . ' SET topic_id = ' . (int) $to_topic_id . ' WHERE ' . $db->sql_in_set('topic_id', $topic_ids));
-		$db->sql_return_on_error(false);
+		if (!function_exists('phpbb_update_rows_avoiding_duplicates_notify_status'))
+		{
+			include($phpbb_root_path . 'includes/functions_database_helper.' . $phpEx);
+		}
 
-		$db->sql_query('DELETE FROM ' . TOPICS_WATCH_TABLE . ' WHERE ' . $db->sql_in_set('topic_id', $topic_ids));
+		// Update the topic watch table.
+		phpbb_update_rows_avoiding_duplicates_notify_status($db, TOPICS_WATCH_TABLE, 'topic_id', $topic_ids, $to_topic_id);
+
+		// Update the bookmarks table.
+		phpbb_update_rows_avoiding_duplicates($db, BOOKMARKS_TABLE, 'topic_id', $topic_ids, $to_topic_id);
 
 		// Link to the new topic
 		$return_link .= (($return_link) ? '<br /><br />' : '') . sprintf($user->lang['RETURN_NEW_TOPIC'], '<a href="' . append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $to_forum_id . '&amp;t=' . $to_topic_id) . '">', '</a>');

phpBB/includes/mcp/mcp_main.php

@@ -1231,6 +1231,7 @@ function mcp_fork_topic($topic_ids)
 				}
 			}
 
+			// Copy topic subscriptions to new topic
 			$sql = 'SELECT user_id, notify_status
 				FROM ' . TOPICS_WATCH_TABLE . '
 				WHERE topic_id = ' . $topic_id;
@@ -1251,6 +1252,27 @@ function mcp_fork_topic($topic_ids)
 			{
 				$db->sql_multi_insert(TOPICS_WATCH_TABLE, $sql_ary);
 			}
+
+			// Copy bookmarks to new topic
+			$sql = 'SELECT user_id
+				FROM ' . BOOKMARKS_TABLE . '
+				WHERE topic_id = ' . $topic_id;
+			$result = $db->sql_query($sql);
+
+			$sql_ary = array();
+			while ($row = $db->sql_fetchrow($result))
+			{
+				$sql_ary[] = array(
+					'topic_id'		=> (int) $new_topic_id,
+					'user_id'		=> (int) $row['user_id'],
+				);
+			}
+			$db->sql_freeresult($result);
+
+			if (sizeof($sql_ary))
+			{
+				$db->sql_multi_insert(BOOKMARKS_TABLE, $sql_ary);
+			}
 		}
 
 		// Sync new topics, parent forums and board stats

phpBB/includes/mcp/mcp_pm_reports.php

@@ -123,6 +123,7 @@ class mcp_pm_reports
 
 				$message = bbcode_nl2br($message);
 				$message = smiley_text($message);
+				$report['report_text'] = make_clickable(bbcode_nl2br($report['report_text']));
 
 				if ($pm_info['message_attachment'] && $auth->acl_get('u_pm_download'))
 				{
@@ -165,6 +166,7 @@ class mcp_pm_reports
 					'S_CLOSE_ACTION'		=> append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=pm_reports&mode=pm_report_details&r=' . $report_id),
 					'S_CAN_VIEWIP'			=> $auth->acl_getf_global('m_info'),
 					'S_POST_REPORTED'		=> $pm_info['message_reported'],
+					'S_REPORT_CLOSED'		=> $report['report_closed'],
 					'S_USER_NOTES'			=> true,
 
 					'U_MCP_REPORT'				=> append_sid("{$phpbb_root_path}mcp.$phpEx", 'i=pm_reports&mode=pm_report_details&r=' . $report_id),

phpBB/includes/mcp/mcp_post.php

@@ -157,6 +157,7 @@ function mcp_post_details($id, $mode, $action)
 
 		if (sizeof($attachments))
 		{
+			$user->add_lang('viewtopic');
 			$update_count = array();
 			parse_attachments($post_info['forum_id'], $message, $attachments, $update_count);
 		}

phpBB/includes/mcp/mcp_queue.php

@@ -660,15 +660,17 @@ function approve_post($post_id_list, $id, $mode)
 
 		foreach ($post_info as $post_id => $post_data)
 		{
+			$username = ($post_data['post_username']) ? $post_data['post_username'] : $post_data['username'];
+
 			if ($post_id == $post_data['topic_first_post_id'] && $post_id == $post_data['topic_last_post_id'])
 			{
 				// Forum Notifications
-				user_notification('post', $post_data['topic_title'], $post_data['topic_title'], $post_data['forum_name'], $post_data['forum_id'], $post_data['topic_id'], $post_id);
+				user_notification('post', $post_data['topic_title'], $post_data['topic_title'], $post_data['forum_name'], $post_data['forum_id'], $post_data['topic_id'], $post_id, $username);
 			}
 			else
 			{
 				// Topic Notifications
-				user_notification('reply', $post_data['post_subject'], $post_data['topic_title'], $post_data['forum_name'], $post_data['forum_id'], $post_data['topic_id'], $post_id);
+				user_notification('reply', $post_data['post_subject'], $post_data['topic_title'], $post_data['forum_name'], $post_data['forum_id'], $post_data['topic_id'], $post_id, $username);
 			}
 		}
 

phpBB/includes/mcp/mcp_reports.php

@@ -192,6 +192,7 @@ class mcp_reports
 					'S_POST_REPORTED'		=> $post_info['post_reported'],
 					'S_POST_UNAPPROVED'		=> !$post_info['post_approved'],
 					'S_POST_LOCKED'			=> $post_info['post_edit_locked'],
+					'S_REPORT_CLOSED'		=> $report['report_closed'],
 					'S_USER_NOTES'			=> true,
 
 					'U_EDIT'					=> ($auth->acl_get('m_edit', $post_info['forum_id'])) ? append_sid("{$phpbb_root_path}posting.$phpEx", "mode=edit&f={$post_info['forum_id']}&p={$post_info['post_id']}") : '',

phpBB/includes/mcp/mcp_topic.php

@@ -517,6 +517,49 @@ function split_topic($action, $topic_id, $to_forum_id, $subject)
 			WHERE post_id = {$post_id_list[0]}";
 		$db->sql_query($sql);
 
+		// Copy topic subscriptions to new topic
+		$sql = 'SELECT user_id, notify_status
+			FROM ' . TOPICS_WATCH_TABLE . '
+			WHERE topic_id = ' . $topic_id;
+		$result = $db->sql_query($sql);
+
+		$sql_ary = array();
+		while ($row = $db->sql_fetchrow($result))
+		{
+			$sql_ary[] = array(
+				'topic_id'		=> (int) $to_topic_id,
+				'user_id'		=> (int) $row['user_id'],
+				'notify_status'	=> (int) $row['notify_status'],
+			);
+		}
+		$db->sql_freeresult($result);
+
+		if (sizeof($sql_ary))
+		{
+			$db->sql_multi_insert(TOPICS_WATCH_TABLE, $sql_ary);
+		}
+
+		// Copy bookmarks to new topic
+		$sql = 'SELECT user_id
+			FROM ' . BOOKMARKS_TABLE . '
+			WHERE topic_id = ' . $topic_id;
+		$result = $db->sql_query($sql);
+
+		$sql_ary = array();
+		while ($row = $db->sql_fetchrow($result))
+		{
+			$sql_ary[] = array(
+				'topic_id'		=> (int) $to_topic_id,
+				'user_id'		=> (int) $row['user_id'],
+			);
+		}
+		$db->sql_freeresult($result);
+
+		if (sizeof($sql_ary))
+		{
+			$db->sql_multi_insert(BOOKMARKS_TABLE, $sql_ary);
+		}
+
 		$success_msg = 'TOPIC_SPLIT_SUCCESS';
 
 		// Update forum statistics
@@ -619,13 +662,16 @@ function merge_posts($topic_id, $to_topic_id)
 		}
 		else
 		{
-			// If the topic no longer exist, we will update the topic watch table.
-			// To not let it error out on users watching both topics, we just return on an error...
-			$db->sql_return_on_error(true);
-			$db->sql_query('UPDATE ' . TOPICS_WATCH_TABLE . ' SET topic_id = ' . (int) $to_topic_id . ' WHERE topic_id = ' . (int) $topic_id);
-			$db->sql_return_on_error(false);
+			if (!function_exists('phpbb_update_rows_avoiding_duplicates_notify_status'))
+			{
+				include($phpbb_root_path . 'includes/functions_database_helper.' . $phpEx);
+			}
 
-			$db->sql_query('DELETE FROM ' . TOPICS_WATCH_TABLE . ' WHERE topic_id = ' . (int) $topic_id);
+			// If the topic no longer exist, we will update the topic watch table.
+			phpbb_update_rows_avoiding_duplicates_notify_status($db, TOPICS_WATCH_TABLE, 'topic_id', array($topic_id), $to_topic_id);
+
+			// If the topic no longer exist, we will update the bookmarks table.
+			phpbb_update_rows_avoiding_duplicates($db, BOOKMARKS_TABLE, 'topic_id', array($topic_id), $to_topic_id);
 		}
 
 		// Link to the new topic

phpBB/includes/questionnaire/questionnaire.php

@@ -71,7 +71,7 @@ class phpbb_questionnaire_data_collector
 	/**
 	* Collect info into the data property.
 	*
-	* @return	void
+	* @return	null
 	*/
 	function collect()
 	{

phpBB/includes/search/fulltext_mysql.php

@@ -86,9 +86,16 @@ class fulltext_mysql extends search_backend
 			$engine = $info['Type'];
 		}
 
-		if ($engine != 'MyISAM')
+		$fulltext_supported =
+			$engine === 'MyISAM' ||
+			// FULLTEXT is supported on InnoDB since MySQL 5.6.4 according to
+			// http://dev.mysql.com/doc/refman/5.6/en/innodb-storage-engine.html
+			$engine === 'InnoDB' &&
+			phpbb_version_compare($db->sql_server_info(true), '5.6.4', '>=');
+
+		if (!$fulltext_supported)
 		{
-			return $user->lang['FULLTEXT_MYSQL_NOT_MYISAM'];
+			return $user->lang['FULLTEXT_MYSQL_NOT_SUPPORTED'];
 		}
 
 		$sql = 'SHOW VARIABLES
@@ -747,7 +754,7 @@ class fulltext_mysql extends search_backend
 		{
 			if ($db->sql_layer == 'mysqli' || version_compare($db->sql_server_info(true), '4.1.3', '>='))
 			{
-				//$alter[] = 'MODIFY post_subject varchar(100) COLLATE utf8_unicode_ci DEFAULT \'\' NOT NULL';
+				$alter[] = 'MODIFY post_subject varchar(255) COLLATE utf8_unicode_ci DEFAULT \'\' NOT NULL';
 			}
 			else
 			{

phpBB/includes/search/fulltext_native.php

@@ -231,7 +231,12 @@ class fulltext_native extends search_backend
 			}
 			$db->sql_freeresult($result);
 		}
-		unset($exact_words);
+
+		// Handle +, - without preceeding whitespace character
+		$match		= array('#(\S)\+#', '#(\S)-#');
+		$replace	= array('$1 +', '$1 +');
+
+		$keywords = preg_replace($match, $replace, $keywords);
 
 		// now analyse the search query, first split it using the spaces
 		$query = explode(' ', $keywords);
@@ -357,39 +362,21 @@ class fulltext_native extends search_backend
 					$this->{$mode . '_ids'}[] = $words[$word];
 				}
 			}
-			// throw an error if we shall not ignore unexistant words
-			else if (!$ignore_no_id)
+			else
 			{
 				if (!isset($common_ids[$word]))
 				{
 					$len = utf8_strlen($word);
-					if ($len >= $this->word_length['min'] && $len <= $this->word_length['max'])
-					{
-						trigger_error(sprintf($user->lang['WORD_IN_NO_POST'], $word));
-					}
-					else
+					if ($len < $this->word_length['min'] || $len > $this->word_length['max'])
 					{
 						$this->common_words[] = $word;
 					}
 				}
 			}
-			else
-			{
-				$len = utf8_strlen($word);
-				if ($len < $this->word_length['min'] || $len > $this->word_length['max'])
-				{
-					$this->common_words[] = $word;
-				}
-			}
 		}
 
-		// we can't search for negatives only
-		if (!sizeof($this->must_contain_ids))
-		{
-			return false;
-		}
-
-		if (!empty($this->search_query))
+		// Return true if all words are not common words
+		if (sizeof($exact_words) - sizeof($this->common_words) > 0)
 		{
 			return true;
 		}
@@ -428,6 +415,12 @@ class fulltext_native extends search_backend
 			return false;
 		}
 
+		// we can't search for negatives only
+		if (empty($this->must_contain_ids))
+		{
+			return false;
+		}
+
 		$must_contain_ids = $this->must_contain_ids;
 		$must_not_contain_ids = $this->must_not_contain_ids;
 		$must_exclude_one_ids = $this->must_exclude_one_ids;

phpBB/includes/session.php

@@ -325,7 +325,7 @@ class session
 		// if no session id is set, redirect to index.php
 		if (defined('NEED_SID') && (!isset($_GET['sid']) || $this->session_id !== $_GET['sid']))
 		{
-			send_status_line(401, 'Not authorized');
+			send_status_line(401, 'Unauthorized');
 			redirect(append_sid("{$phpbb_root_path}index.$phpEx"));
 		}
 
@@ -556,7 +556,12 @@ class session
 		$method = 'autologin_' . $method;
 		if (function_exists($method))
 		{
-			$this->data = $method();
+			$user_data = $method();
+
+			if ($user_id === false || (isset($user_data['user_id']) && $user_id == $user_data['user_id']))
+			{
+				$this->data = $user_data;
+			}
 
 			if (sizeof($this->data))
 			{
@@ -576,11 +581,18 @@ class session
 					AND k.user_id = u.user_id
 					AND k.key_id = '" . $db->sql_escape(md5($this->cookie_data['k'])) . "'";
 			$result = $db->sql_query($sql);
-			$this->data = $db->sql_fetchrow($result);
+			$user_data = $db->sql_fetchrow($result);
+
+			if ($user_id === false || (isset($user_data['user_id']) && $user_id == $user_data['user_id']))
+			{
+				$this->data = $user_data;
+				$bot = false;
+			}
+
 			$db->sql_freeresult($result);
-			$bot = false;
 		}
-		else if ($user_id !== false && !sizeof($this->data))
+
+		if ($user_id !== false && !sizeof($this->data))
 		{
 			$this->cookie_data['k'] = '';
 			$this->cookie_data['u'] = $user_id;
@@ -1037,7 +1049,7 @@ class session
 
 		$name_data = rawurlencode($config['cookie_name'] . '_' . $name) . '=' . rawurlencode($cookiedata);
 		$expire = gmdate('D, d-M-Y H:i:s \\G\\M\\T', $cookietime);
-		$domain = (!$config['cookie_domain'] || $config['cookie_domain'] == 'localhost' || $config['cookie_domain'] == '127.0.0.1') ? '' : '; domain=' . $config['cookie_domain'];
+		$domain = (!$config['cookie_domain'] || $config['cookie_domain'] == '127.0.0.1' || strpos($config['cookie_domain'], '.') === false) ? '' : '; domain=' . $config['cookie_domain'];
 
 		header('Set-Cookie: ' . $name_data . (($cookietime) ? '; expires=' . $expire : '') . '; path=' . $config['cookie_path'] . $domain . ((!$config['cookie_secure']) ? '' : '; secure') . '; HttpOnly', false);
 	}
@@ -1661,7 +1673,7 @@ class user extends session
 
 		if (!$this->theme)
 		{
-			trigger_error('Could not get style data', E_USER_ERROR);
+			trigger_error('NO_STYLE_DATA', E_USER_ERROR);
 		}
 
 		// Now parse the cfg file and cache it
@@ -2156,7 +2168,8 @@ class user extends session
 				'is_short'		=> strpos($format, '|'),
 				'format_short'	=> substr($format, 0, strpos($format, '|')) . '||' . substr(strrchr($format, '|'), 1),
 				'format_long'	=> str_replace('|', '', $format),
-				'lang'			=> $this->lang['datetime'],
+				// Filter out values that are not strings (e.g. arrays) for strtr().
+				'lang'			=> array_filter($this->lang['datetime'], 'is_string'),
 			);
 
 			// Short representation of month in format? Some languages use different terms for the long and short format of May