Managing Online Forums, a manual for the community admin

Bookmark and Share

phpBB 2.0.11 to 2.0.12 Code Changes

phpBB 2.0.11 to 2.0.12 Code Changes

Postby Thoul » February 28th 2005, 2:09 pm

HTML Version.
Text Version.

These are the code changes introduced between phpBB 2.0.11 and phpBB 2.0.12. If you have installed many hacks on a forum, but wish to update it, these may help you. It is often easier to apply code changes such as these instead of replacing and rehacking your current files.

These code changes use the following instruction labels:
filename - The name of a file to be edited. Equivalent to an OPEN action in a hack or modification.
FIND - This indicates lines of code you should locate. Changes will be made in reference to this code.
REPLACE WITH - This code should completely replace the code in the preceding FIND instruction.
AFTER, ADD - The code in this instruction should be added on a new line after the last line of code in the preceding FIND instruction.
BEFORE, ADD - The code in this instruction should be added on a new line before the first line of code in the preceding FIND instruction.
FIND AND DELETE - Locate the code in this instruction as with a FIND statement, and then delete the code.
INLINE - This will always precede one of the other labels. An example would be INLINE FIND. INLINE labels work in the same way as the normal labels, with the exception that they operate on a smaller portion of a specific line referenced in the previous FIND instruction. Any new code added in an INLINE instruction should be placed on the same line, instead of on a new line.

Once you have completed the code changes, create an install/ directory in your forum's root directory, and upload the update_to_latest.php file that comes in any phpBB 2.0.12 download to the install/ directory. Run update_to_latest.php by opening it via your web browser, just as you would a normal forum page. Afterward, delete the file and the install/ directory so that your forum is accessible again.

Now, onward to the file changes!
User avatar
Thoul
Admin/Webmaster
 
Posts: 18551
Joined: July 30th 2002, 11:30 am
Location: USA

Postby Thoul » February 28th 2005, 2:11 pm

phpBB 2.0.12 adds a version checking system as a default feature of phpBB's admin panel. There are some people that may not wish to install this, due to privacy reasons and the fact that it causes one's forum to automatically connect to the phpBB website each time the Admin Panel is entered. For those people, the changes for the version checking system can be skipped with other problems. They are listed first in this tutorial.



admin/index.php
FIND
Code: Select all
			"L_NO_GUESTS_BROWSING" => $lang['No_users_browsing'])
		);
	}


AFTER, ADD
Code: Select all
	// Check for new version
	$current_version = explode('.', '2' . $board_config['version']);
	$minor_revision = (int) $current_version[2];

	$errno = 0;
	$errstr = $version_info = '';

	if ($fsock = @fsockopen('www.phpbb.com', 80, $errno, $errstr))
	{
		@fputs($fsock, "GET /updatecheck/20x.txt HTTP/1.1\r\n");
		@fputs($fsock, "HOST: www.phpbb.com\r\n");
		@fputs($fsock, "Connection: close\r\n\r\n");

		$get_info = false;
		while (!@feof($fsock))
		{
			if ($get_info)
			{
				$version_info .= @fread($fsock, 1024);
			}
			else
			{
				if (@fgets($fsock, 1024) == "\r\n")
				{
					$get_info = true;
				}
			}
		}
		@fclose($fsock);

		$version_info = explode("\n", $version_info);
		$latest_head_revision = (int) $version_info[0];
		$latest_minor_revision = (int) $version_info[2];
		$latest_version = (int) $version_info[0] . '.' . (int) $version_info[1] . '.' . (int) $version_info[2];

		if ($latest_head_revision == 2 && $minor_revision == $latest_minor_revision)
		{
			$version_info = '<p style="color:green">' . $lang['Version_up_to_date'] . '</p>';
		}
		else
		{
			$version_info = '<p style="color:red">' . $lang['Version_not_up_to_date'];
			$version_info .= '<br />' . sprintf($lang['Latest_version_info'], $latest_version) . sprintf($lang['Current_version_info'], '2' . $board_config['version']) . '</p>';
		}
	}
	else
	{
		if ($errstr)
		{
			$version_info = '<p style="color:red">' . sprintf($lang['Connect_socket_error'], $errstr) . '</p>';
		}
		else
		{
			$version_info = '<p>' . $lang['Socket_functions_disabled'] . '</p>';
		}
	}
	
	$version_info .= '<p>' . $lang['Mailing_list_subscribe_reminder'] . '</p>';
	

	$template->assign_vars(array(
		'VERSION_INFO'	=> $version_info,
		'L_VERSION_INFORMATION'	=> $lang['Version_information'])
	);




language/lang_english/lang_admin.php
FIND
Code: Select all
//
// That's all Folks!


BEFORE, ADD
Code: Select all
//
// Version Check
//
$lang['Version_up_to_date'] = 'Your installation is up to date, no updates are available for your version of phpBB.';
$lang['Version_not_up_to_date'] = 'Your installation does <b>not</b> seem to be up to date. Updates are available for your version of phpBB, please visit <a href="http://www.phpbb.com/downloads.php" target="_new">http://www.phpbb.com/downloads.php</a> to obtain the latest version.';
$lang['Latest_version_info'] = 'The latest available version is <b>phpBB %s</b>.';
$lang['Current_version_info'] = 'You are running <b>phpBB %s</b>.';
$lang['Connect_socket_error'] = 'Unable to open connection to phpBB Server, reported error is:<br />%s';
$lang['Socket_functions_disabled'] = 'Unable to use socket functions.';
$lang['Mailing_list_subscribe_reminder'] = 'For the latest information on updates to phpBB, why not <a href="http://www.phpbb.com/support/" target="_new">subscribe to our mailing list</a>.';
$lang['Version_information'] = 'Version Information';




templates/subSilver/admin/index_body.tpl
FIND
Code: Select all
</table>

<br />


AFTER, ADD
Code: Select all
<h1>{L_VERSION_INFORMATION}</h1>

{VERSION_INFO}

<br />




This ends the code changes related to the version checking system. All other changes should be considered important security updates.
User avatar
Thoul
Admin/Webmaster
 
Posts: 18551
Joined: July 30th 2002, 11:30 am
Location: USA

Postby Thoul » February 28th 2005, 2:12 pm

admin/admin_db_utilities.php

The line in the FIND command below may have been altered if you have install any modifications or hacks on your forum. If you cannot locate this line, try search for the first twenty or so characters of it.

FIND
Code: Select all
			$tables = array('auth_access', 'banlist', 'categories', 'config', 'disallow', 'forums', 'forum_prune', 'groups', 'posts', 'posts_text', 'privmsgs', 'privmsgs_text', 'ranks', 'search_results', 'search_wordlist', 'search_wordmatch', 'sessions', 'smilies', 'themes', 'themes_name', 'topics', 'topics_watch', 'user_group', 'users', 'vote_desc', 'vote_results', 'vote_voters', 'words');


INLINE FIND
Code: Select all
'words'


INLINE AFTER, ADD
Code: Select all
, 'confirm'




common.php
FIND
Code: Select all
	$test = array('HTTP_GET_VARS' => NULL, 'HTTP_POST_VARS' => NULL, 'HTTP_COOKIE_VARS' => NULL, 'HTTP_SERVER_VARS' => NULL, 'HTTP_ENV_VARS' => NULL, 'HTTP_POST_FILES' => NULL);


REPLACE WITH
Code: Select all
	$test = array('HTTP_GET_VARS' => NULL, 'HTTP_POST_VARS' => NULL, 'HTTP_COOKIE_VARS' => NULL, 'HTTP_SERVER_VARS' => NULL, 'HTTP_ENV_VARS' => NULL, 'HTTP_POST_FILES' => NULL, 'phpEx' => NULL, 'phpbb_root_path' => NULL);


FIND
Code: Select all
else if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on')
{
	// PHP4+ path


AFTER, ADD
Code: Select all
	$not_unset = array('HTTP_GET_VARS', 'HTTP_POST_VARS', 'HTTP_COOKIE_VARS', 'HTTP_SERVER_VARS', 'HTTP_SESSION_VARS', 'HTTP_ENV_VARS', 'HTTP_POST_FILES', 'phpEx', 'phpbb_root_path');



Please note that due to this change, phpBB 2.0.12 can only be used on PHP 4 or later. Previous releases operated on PHP 3, but this version will not. If you intend to use phpBB on servers running PHP 3, you should strongly consider upgrading the server's PHP installation.



FIND
Code: Select all
	$input = array_merge($HTTP_GET_VARS, $HTTP_POST_VARS, $HTTP_COOKIE_VARS, $HTTP_SERVER_VARS, $HTTP_SESSION_VARS, $HTTP_ENV_VARS, $HTTP_POST_FILES);

	unset($input['input']);

	while (list($var,) = @each($input))
	{
		unset($$var);
	}


REPLACE WITH
Code: Select all
	$input = array_merge($HTTP_GET_VARS, $HTTP_POST_VARS, $HTTP_COOKIE_VARS, $HTTP_SERVER_VARS, $HTTP_SESSION_VARS, $HTTP_ENV_VARS, $HTTP_POST_FILES);

	unset($input['input']);
	unset($input['not_unset']);

	while (list($var,) = @each($input))
	{
		if (!in_array($var, $not_unset))
		{
			unset($$var);
		}
	}


FIND
Code: Select all
$client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : $REMOTE_ADDR );


REPLACE WITH
Code: Select all
$client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : getenv('REMOTE_ADDR') );




viewtopic.php
FIND
Code: Select all
	$highlight = urlencode($HTTP_GET_VARS['highlight']);


AFTER, ADD
Code: Select all
	$highlight_match = phpbb_rtrim($highlight_match, "\\");




includes/functions.php
FIND
Code: Select all
	$username = htmlspecialchars(rtrim(trim($username), "\\"));
	$username = substr(str_replace("\\'", "'", $username), 0, 25);
	$username = str_replace("'", "\\'", $username);

	return $username;
}


REPLACE WITH
Code: Select all
	$username = substr(htmlspecialchars(str_replace("\'", "'", trim($username))), 0, 25);
	$username = phpbb_rtrim($username, "\\");	
	$username = str_replace("'", "\'", $username);

	return $username;
}

// added at phpBB 2.0.12 to fix a bug in PHP 4.3.10 (only supporting charlist in php >= 4.1.0)
function phpbb_rtrim($str, $charlist = false)
{
	if ($charlist === false)
	{
		return rtrim($str);
	}
	
	$php_version = explode('.', PHP_VERSION);

	// php version < 4.1.0
	if ((int) $php_version[0] < 4 || ((int) $php_version[0] == 4 && (int) $php_version[1] < 1))
	{
		while ($str{strlen($str)-1} == $charlist)
		{
			$str = substr($str, 0, strlen($str)-1);
		}
	}
	else
	{
		$str = rtrim($str, $charlist);
	}

	return $str;
}


FIND
Code: Select all
			$debug_text .= '</br /><br />Line : ' . $err_line . '<br />File : ' . $err_file;


REPLACE WITH
Code: Select all
			$debug_text .= '</br /><br />Line : ' . $err_line . '<br />File : ' . basename($err_file);




includes/page_tail.php

The following change is different that what you might see in other "code changes" compilations. Those other compilations are incorrect in this area. This line was removed from phpBB, not altered.

FIND AND DELETE
Code: Select all
	'PHPBB_VERSION' => '2' . $board_config['version'],




includes/template.php
FIND
Code: Select all
       		$filename = phpbb_realpath($this->root . '/' . $filename);


REPLACE WITH
Code: Select all
       		$filename = ($rp_filename = phpbb_realpath($this->root . '/' . $filename)) ? $rp_filename : $filename;




includes/usercp_avatar.php
FIND
Code: Select all
function user_avatar_delete($avatar_type, $avatar_file)
{
	global $board_config, $userdata;


AFTER, ADD
Code: Select all
	$avatar_file = basename($avatar_file);


FIND
Code: Select all
function user_avatar_gallery($mode, &$error, &$error_msg, $avatar_filename)
{
	global $board_config;


AFTER, ADD
Code: Select all
	$avatar_filename = str_replace(array('../', '..\\', './', '.\\'), '', $avatar_filename);
	if ($avatar_filename{0} == '/' || $avatar_filename{0} == "\\")
	{
		return '';
	}


FIND
Code: Select all
			$move_file($avatar_filename, './' . $board_config['avatar_path'] . "/$new_filename");


BEFORE, ADD
Code: Select all
			if (!is_uploaded_file($avatar_filename))
			{
				message_die(GENERAL_ERROR, 'Unable to upload file', '', __LINE__, __FILE__);
			}




includes/usercp_register.php
FIND
Code: Select all
			$avatar_mode = ( !empty($user_avatar_name) ) ? 'local' : 'remote';


REPLACE WITH
Code: Select all
			$avatar_mode = (empty($user_avatar_name)) ? 'remote' : 'local';




templates/subSilver/overall_footer.tpl

The changes to this file are not absolutely required and may not be possible in non-subSilver templates.

FIND
Code: Select all
	Powered by phpBB {PHPBB_VERSION} line, with phpBB linked to www.phpbb.com. If you refuse


REPLACE WITH
Code: Select all
	Powered by phpBB line, with phpBB linked to www.phpbb.com. If you refuse


FIND
Code: Select all
Powered by <a href="http://www.phpbb.com/" target="_phpbb" class="copyright">phpBB</a> {PHPBB_VERSION} &copy; 2001, 2002 phpBB Group<br />{TRANSLATION_INFO}</span></div>


REPLACE WITH
Code: Select all
Powered by <a href="http://www.phpbb.com/" target="_phpbb" class="copyright">phpBB</a> &copy; 2001, 2005 phpBB Group<br />{TRANSLATION_INFO}</span></div>




templates/subSilver/simple_footer.tpl

The changes to this file are not absolutely required and may not be possible in non-subSilver templates.

FIND
Code: Select all
	Powered by phpBB {PHPBB_VERSION} line, with phpBB linked to www.phpbb.com. If you refuse


REPLACE WITH
Code: Select all
	Powered by phpBB line, with phpBB linked to www.phpbb.com. If you refuse


FIND
Code: Select all
Powered by <a href="http://www.phpbb.com/" target="_phpbb" class="copyright">phpBB</a> {PHPBB_VERSION} &copy; 2001,2002 phpBB Group</span></div>


REPLACE WITH
Code: Select all
Powered by <a href="http://www.phpbb.com/" target="_phpbb" class="copyright">phpBB</a> &copy; 2001, 2005 phpBB Group</span></div>
User avatar
Thoul
Admin/Webmaster
 
Posts: 18551
Joined: July 30th 2002, 11:30 am
Location: USA


Return to phpBB 2: Fixes and Code Changes

Who is online

Users browsing this forum: No registered users and 5 guests