Community management insight at ManagingCommunities.com

Bookmark and Share

phpBB 2.0.14 to 2.0.15 Code Changes

phpBB 2.0.14 to 2.0.15 Code Changes

Postby Thoul » May 9th 2005, 3:16 pm

HTML Version.
Text Version.

These are the code changes introduced between phpBB 2.0.14 and phpBB 2.0.15. If you have installed many hacks on a forum, but wish to update it, these may help you. It is often easier to apply code changes such as these instead of replacing and rehacking your current files.

These code changes use the following instruction labels:
filename - The name of a file to be edited. Equivalent to an OPEN action in a hack or modification.
FIND - This indicates lines of code you should locate. Changes will be made in reference to this code.
REPLACE WITH - This code should completely replace the code in the preceding FIND instruction.
AFTER, ADD - The code in this instruction should be added on a new line after the last line of code in the preceding FIND instruction.
BEFORE, ADD - The code in this instruction should be added on a new line before the first line of code in the preceding FIND instruction.
FIND AND DELETE - Locate the code in this instruction as with a FIND statement, and then delete the code.

Once you have completed the code changes, create an install/ directory in your forum's root directory, and upload the update_to_latest.php file that comes in any phpBB 2.0.15 download to the install/ directory. Run update_to_latest.php by opening it via your web browser, just as you would a normal forum page. Afterward, delete the file and the install/ directory so that your forum is accessible again.

Now, onward to the file changes!
Last edited by Thoul on May 9th 2005, 3:20 pm, edited 1 time in total.
User avatar
Thoul
Admin/Webmaster
 
Posts: 18551
Joined: July 30th 2002, 11:30 am
Location: USA

Postby Thoul » May 9th 2005, 3:17 pm

admin/admin_forums.php
FIND
Code: Select all
	if( $mode == "addforum" )
	{
		list($cat_id) = each($HTTP_POST_VARS['addforum']);


AFTER, ADD
Code: Select all
		$cat_id = intval($cat_id);




admin/admin_smilies.php
FIND
Code: Select all
			$smile_emotion = ( isset($HTTP_POST_VARS['smile_emotion']) ) ? $HTTP_POST_VARS['smile_emotion'] : $HTTP_GET_VARS['smile_emotion'];


AFTER, ADD
Code: Select all
			$smile_code = trim($smile_code);
			$smile_url = trim($smile_url);
			$smile_emotion = trim($smile_emotion);




admin/admin_ug_auth.php
FIND
Code: Select all
			if( !($result = $db->sql_query($sql)) )
			{
				message_die(GENERAL_ERROR, "Couldn't update user level", "", __LINE__, __FILE__, $sql);


AFTER, ADD
Code: Select all
			}
		}

		$sql = 'SELECT user_id FROM ' . USER_GROUP_TABLE . "
			WHERE group_id = $group_id";
		$result = $db->sql_query($sql);

		$group_user = array();
		while ($row = $db->sql_fetchrow($result))
		{
			$group_user[$row['user_id']] = $row['user_id'];
		}
		$db->sql_freeresult($result);

		$sql = "SELECT ug.user_id, COUNT(auth_mod) AS is_auth_mod 
			FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug 
			WHERE ug.user_id IN (" . implode(', ', $group_user) . ") 
				AND aa.group_id = ug.group_id 
				AND aa.auth_mod = 1
			GROUP BY ug.user_id";
		if ( !($result = $db->sql_query($sql)) )
		{
			message_die(GENERAL_ERROR, 'Could not obtain moderator status', '', __LINE__, __FILE__, $sql);
		}

		while ($row = $db->sql_fetchrow($result))
		{
			if ($row['is_auth_mod'])
			{
				unset($group_user[$row['user_id']]);
			}
		}
		$db->sql_freeresult($result);

		if (sizeof($group_user))
		{
			$sql = "UPDATE " . USERS_TABLE . " 
				SET user_level = " . USER . " 
				WHERE user_id IN (" . implode(', ', $group_user) . ")";
			if ( !($result = $db->sql_query($sql)) )
			{
				message_die(GENERAL_ERROR, 'Could not update user level', '', __LINE__, __FILE__, $sql);




admin/pagestart.php
FIND
Code: Select all
	$url .= ((strpos($url, '?')) ? '&' : '?') . 'sid=' . $userdata['session_id'];

	redirect("index.$phpEx?sid=" . $userdata['session_id']);


AFTER, ADD
Code: Select all
}

if (!$userdata['session_admin'])
{
	redirect(append_sid("login.$phpEx?redirect=admin/&admin=1", true));




db/postgres7.php
FIND AND DELETE
Code: Select all
			$query = preg_replace('#(.*WHERE.*)(username|user_email|ban_email) = \'(.*)\'#ise', "\"\\1LOWER(\\2) = '\" . strtolower('\\3') . \"'\"", $query);




groupcp.php
FIND
Code: Select all
			if ( !($row = $db->sql_fetchrow($result)) )


REPLACE WITH
Code: Select all
			if ( !($row = $db->sql_fetchrow($result)) || $row['is_auth_mod'] == 0 )




login.php
FIND
Code: Select all
	if( ( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) ) && !$userdata['session_logged_in'] )


REPLACE WITH
Code: Select all
	if( ( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) ) && (!$userdata['session_logged_in'] || isset($HTTP_POST_VARS['admin'])) )


FIND
Code: Select all
					$session_id = session_begin($row['user_id'], $user_ip, PAGE_INDEX, FALSE, $autologin);


REPLACE WITH
Code: Select all
					$admin = (isset($HTTP_POST_VARS['admin'])) ? 1 : 0;
					$session_id = session_begin($row['user_id'], $user_ip, PAGE_INDEX, FALSE, $autologin, $admin);


FIND
Code: Select all
	// Do a full login page dohickey if
	// user not already logged in
	//
	if( !$userdata['session_logged_in'] )


REPLACE WITH
Code: Select all
	// Do a full login page dohickey if
	// user not already logged in
	//
	if( !$userdata['session_logged_in'] || (isset($HTTP_GET_VARS['admin']) && $userdata['session_logged_in'] && $userdata['user_level'] == ADMIN))


FIND
Code: Select all
		$s_hidden_fields = '<input type="hidden" name="redirect" value="' . $forward_page . '" />';


AFTER, ADD
Code: Select all
		$s_hidden_fields .= (isset($HTTP_GET_VARS['admin'])) ? '<input type="hidden" name="admin" value="1" />' : '';


FIND
Code: Select all
			'L_ENTER_PASSWORD' => $lang['Enter_password'],


REPLACE WITH
Code: Select all
			'L_ENTER_PASSWORD' => (isset($HTTP_GET_VARS['admin'])) ? $lang['Admin_reauthenticate'] : $lang['Enter_password'],




viewtopic.php
FIND
Code: Select all
		$message = str_replace('\"', '"', substr(@preg_replace('#(\>(((?>([^><]+|(?R)))*)\<))#se', "@preg_replace('#\b(" . $highlight_match . ")\b#i', '<span style=\"color:#" . $theme['fontcolor3'] . "\"><b>\\\\1</b></span>', '\\0')", '>' . $message . '<'), 1, -1));


REPLACE WITH
Code: Select all
		$message = str_replace('\"', '"', substr(@preg_replace('#(\>(((?>([^><]+|(?R)))*)\<))#se', "@preg_replace('#\b(" . str_replace('\\', '\\\\', $highlight_match) . ")\b#i', '<span style=\"color:#" . $theme['fontcolor3'] . "\"><b>\\\\1</b></span>', '\\0')", '>' . $message . '<'), 1, -1));




includes/bbcode.php
FIND
Code: Select all
	// pad it with a space so we can distinguish between FALSE and matching the 1st char (index 0).
	// This is important; bbencode_quote(), bbencode_list(), and bbencode_code() all depend on it.


BEFORE, ADD
Code: Select all
	$text = preg_replace('#(script|about|applet|activex|chrome):#is', "\\1:", $text);


FIND
Code: Select all
	$patterns[] = "#\[img:$uid\](.*?)\[/img:$uid\]#si";


REPLACE WITH
Code: Select all
	$patterns[] = "#\[img:$uid\]([^?].*?)\[/img:$uid\]#i";


FIND
Code: Select all
	// [url=xxxx://www.phpbb.com]phpBB[/url] code..
	$patterns[] = "#\[url=([\w]+?://[^ \"\n\r\t<]*?)\](.*?)\[/url\]#is";
	$replacements[] = $bbcode_tpl['url3'];

	// [url=www.phpbb.com]phpBB[/url] code.. (no xxxx:// prefix).
	$patterns[] = "#\[url=((www|ftp)\.[^ \"\n\r\t<]*?)\](.*?)\[/url\]#is";
	$replacements[] = $bbcode_tpl['url4'];


REPLACE WITH
Code: Select all
	// [url=xxxx://www.phpbb.com]phpBB[/url] code..
	$patterns[] = "#\[url=([\w]+?://[^ \"\n\r\t<]*?)\]([^?].*?)\[/url\]#i";
	$replacements[] = $bbcode_tpl['url3'];

	// [url=www.phpbb.com]phpBB[/url] code.. (no xxxx:// prefix).
	$patterns[] = "#\[url=((www|ftp)\.[^ \"\n\r\t<]*?)\]([^?].*?)\[/url\]#i";
	$replacements[] = $bbcode_tpl['url4'];


FIND
Code: Select all
function make_clickable($text)
{


AFTER, ADD
Code: Select all
	$text = preg_replace('#(script|about|applet|activex|chrome):#is', "\\1:", $text);




includes/sessions.php
FIND
Code: Select all
function session_begin($user_id, $user_ip, $page_id, $auto_create = 0, $enable_autologin = 0)


REPLACE WITH
Code: Select all
function session_begin($user_id, $user_ip, $page_id, $auto_create = 0, $enable_autologin = 0, $admin = 0)


FIND
Code: Select all
		SET session_user_id = $user_id, session_start = $current_time, session_time = $current_time, session_page = $page_id, session_logged_in = $login


REPLACE WITH
Code: Select all
		SET session_user_id = $user_id, session_start = $current_time, session_time = $current_time, session_page = $page_id, session_logged_in = $login, session_admin = $admin


FIND
Code: Select all
		$session_id = md5(uniqid($user_ip));


REPLACE WITH
Code: Select all
		list($sec, $usec) = explode(' ', microtime());
		mt_srand((float) $sec + ((float) $usec * 100000));
		$session_id = md5(uniqid(mt_rand(), true));


FIND
Code: Select all
		$sql = "INSERT INTO " . SESSIONS_TABLE . "
			(session_id, session_user_id, session_start, session_time, session_ip, session_page, session_logged_in)
			VALUES ('$session_id', $user_id, $current_time, $current_time, '$user_ip', $page_id, $login)";


REPLACE WITH
Code: Select all
		$sql = "INSERT INTO " . SESSIONS_TABLE . "
			(session_id, session_user_id, session_start, session_time, session_ip, session_page, session_logged_in, session_admin)
			VALUES ('$session_id', $user_id, $current_time, $current_time, '$user_ip', $page_id, $login, $admin)";


FIND
Code: Select all
		$sql = "UPDATE " . USERS_TABLE . " 
			SET user_session_time = $current_time, user_session_page = $page_id, user_lastvisit = $last_visit
			WHERE user_id = $user_id";
		if ( !$db->sql_query($sql) )
		{
			message_die(CRITICAL_ERROR, 'Error updating last visit time', '', __LINE__, __FILE__, $sql);


REPLACE WITH
Code: Select all
		if (!$admin)
		{
			$sql = "UPDATE " . USERS_TABLE . " 
				SET user_session_time = $current_time, user_session_page = $page_id, user_lastvisit = $last_visit
				WHERE user_id = $user_id";
			if ( !$db->sql_query($sql) )
			{
				message_die(CRITICAL_ERROR, 'Error updating last visit time', '', __LINE__, __FILE__, $sql);
			}


FIND
Code: Select all
		$sessiondata['autologinid'] = ( $enable_autologin && $sessionmethod == SESSION_METHOD_COOKIE ) ? $auto_login_key : '';


REPLACE WITH
Code: Select all
		$sessiondata['autologinid'] = (!$admin) ? (( $enable_autologin && $sessionmethod == SESSION_METHOD_COOKIE ) ? $auto_login_key : '') : $sessiondata['autologinid'];


FIND
Code: Select all
	$userdata['session_time'] = $current_time;


AFTER, ADD
Code: Select all
	$userdata['session_admin'] = $admin;


FIND
Code: Select all
					$sql = "UPDATE " . SESSIONS_TABLE . " 
						SET session_time = $current_time, session_page = $thispage_id 


REPLACE WITH
Code: Select all
					// A little trick to reset session_admin on session re-usage
					$update_admin = (!defined('IN_ADMIN') && $current_time - $userdata['session_time'] > ($board_config['session_length']+60)) ? ', session_admin = 0' : '';

					$sql = "UPDATE " . SESSIONS_TABLE . " 
						SET session_time = $current_time, session_page = $thispage_id$update_admin


FIND
Code: Select all
						$sql = "UPDATE " . USERS_TABLE . " 
							SET user_session_time = $current_time, user_session_page = $thispage_id 


REPLACE WITH
Code: Select all
						$sql = "UPDATE " . USERS_TABLE . " 
							SET user_session_time = $current_time, user_session_page = $thispage_id


FIND
Code: Select all
					$expiry_time = $current_time - $board_config['session_length'];
					$sql = "DELETE FROM " . SESSIONS_TABLE . " 


REPLACE WITH
Code: Select all
					$expiry_time = $current_time - $board_config['session_length'];

					$sql = "DELETE FROM " . SESSIONS_TABLE . " 




includes/smtp.php
FIND
Code: Select all
	if( !$socket = fsockopen($board_config['smtp_host'], 25, $errno, $errstr, 20) )


REPLACE WITH
Code: Select all
	if( !$socket = @fsockopen($board_config['smtp_host'], 25, $errno, $errstr, 20) )




includes/usercp_register.php
FIND
Code: Select all
		else if ( $username != $userdata['username'] || $mode == 'register' )
		{
			if (strtolower($username) != strtolower($userdata['username']))


REPLACE WITH
Code: Select all
		else if ( $username != $userdata['username'] || $mode == 'register')
		{
			if (strtolower($username) != strtolower($userdata['username']) || $mode == 'register')




includes/usercp_viewprofile.php
FIND
Code: Select all
$profiledata = get_userdata($HTTP_GET_VARS[POST_USERS_URL]);


AFTER, ADD
Code: Select all
if (!$profiledata)
{
	message_die(GENERAL_MESSAGE, $lang['No_user_id_specified']);
}




language/lang_english/lang_main.php

FIND
Code: Select all
$lang['A_critical_error'] = 'A Critical Error Occurred';


AFTER, ADD
Code: Select all
$lang['Admin_reauthenticate'] = 'To administer the board you must re-authenticate yourself.';
User avatar
Thoul
Admin/Webmaster
 
Posts: 18551
Joined: July 30th 2002, 11:30 am
Location: USA

Postby Thoul » May 9th 2005, 3:18 pm

In addition to the changes described above, extra spaces following the ?> line
were removed from the end of these files:
  • admin/admin_forums.php
  • admin/admin_smilies.php
  • includes/functions_selects.php
  • includes/template.php
  • includes/topic_review.php
  • posting.php
  • privmsg.php
  • viewonline.php
  • viewtopic.php
User avatar
Thoul
Admin/Webmaster
 
Posts: 18551
Joined: July 30th 2002, 11:30 am
Location: USA

Postby Thoul » May 17th 2005, 5:06 pm

The following change is a bugfix announced after phpBB 2.0.15's original release. Copies of phpBB 2.0.15 downloaded before May 14, 2005 may not include this change and should also be updated.

admin/admin_ug_auth.php
FIND
Code: Select all
				WHERE user_id IN (" . implode(', ', $group_user) . ")";


REPLACE WITH
Code: Select all
				WHERE user_id IN (" . implode(', ', $group_user) . ") AND user_level = " . MOD;
User avatar
Thoul
Admin/Webmaster
 
Posts: 18551
Joined: July 30th 2002, 11:30 am
Location: USA


Return to phpBB 2: Fixes and Code Changes

Who is online

Users browsing this forum: No registered users and 0 guests