Acyd Burn
Consultant
Joined: 19 Apr 2002
Posts: 650
Location: Germany (Oldb)
|
 Posted: December 7th 2002, 6:36 am Post subject: phpBB 2.0.1 to 2.0.2 Code Changes |
 |
|
These are the code changes from phpBB 2.0.1 to phpBB 2.0.2. This might be very helpful if you want to update your forum and have installed a bunch of hacks. In cases like this, it is normally easier to apply the code changes directly to the scripts rather than installing all of the hacks again.
Here are some tips relating to statements to help you through this tutorial:
When you find an 'AFTER, ADD' statement, the code has to be added after the last line quoted in the 'FIND' statement.
When you find a 'REPLACE WITH' statement, the code quoted in the 'FIND' statement has to be replaced completely with the quoted code in the 'REPLACE WITH' statement.
When you find a 'DELETE' statement, the code has to be deleted.
Ok, lets start:
These changes are only relevant to you if you don't want to delete this file, which you should after installation. However, we will list it here for the sake of completeness.
-
The security fix we have waited for... change phpbb_root_dir to phpbb_root_path.
FIND
| Code:
|
include($phpbb_root_dir . 'includes/functions_selects.'.$phpEx);
|
REPLACE WITH
| Code:
|
include($phpbb_root_path . 'includes/functions_selects.'.$phpEx);
|
This change is for the Sessions Table generated:
FIND - Line 879
REPLACE WITH
| Code:
|
TYPE=HEAP MAX_ROWS=500";
|
A change to have the config data in single quotes.
FIND - Line 909-914
| Code:
|
$config_data .= '$dbms = "' . $dbms . '";' . "\n\n";
$config_data .= '$dbhost = "' . $dbhost . '";' . "\n";
$config_data .= '$dbname = "' . $dbname . '";' . "\n";
$config_data .= '$dbuser = "' . $dbuser . '";' . "\n";
$config_data .= '$dbpasswd = "' . $dbpasswd . '";' . "\n\n";
$config_data .= '$table_prefix = "' . $table_prefix . '";' . "\n\n";
|
REPLACE WITH
| Code:
|
$config_data .= '$dbms = \'' . $dbms . '\';' . "\n\n";
$config_data .= '$dbhost = \'' . $dbhost . '\';' . "\n";
$config_data .= '$dbname = \'' . $dbname . '\';' . "\n";
$config_data .= '$dbuser = \'' . $dbuser . '\';' . "\n";
$config_data .= '$dbpasswd = \'' . $dbpasswd . '\';' . "\n\n";
$config_data .= '$table_prefix = \'' . $table_prefix . '\';' . "\n\n";
|
The changes made to login.php are mainly intended for fixing some redirection errors.
-
First redirect fix
FIND - Line 100
| Code:
|
message_die(CRITICAL_ERROR, "Couldn't start session : login", "", __LINE__, __FILE__);
}
}
else
{
$redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? $HTTP_POST_VARS['redirect'] : '';
|
AFTER, ADD
| Code:
|
$redirect = str_replace("?", "&", $redirect);
|
Second redirect fix
FIND - Line 114
| Code:
|
message_die(GENERAL_MESSAGE, $message);
}
}
}
else
{
$redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? $HTTP_POST_VARS['redirect'] : "";
|
AFTER, ADD
| Code:
|
$redirect = str_replace("?", "&", $redirect);
|
The change made to the memberlist is a fix for a little typo.
-
This is a bugfix where the Memberlist could not sorted by Joined Date.
FIND - Line 113
REPLACE WITH
Changes to this file are bugfixes.
-
This is for reducing the users post count when deleting topics.
FIND - Line 211
| Code:
|
$topic_id_sql .= ( ( $topic_id_sql != '' ) ? ', ' : '' ) . $topics[$i];
}
|
AFTER, ADD
| Code:
|
$sql = "SELECT poster_id, COUNT(post_id) AS posts
FROM " . POSTS_TABLE . "
WHERE topic_id IN ($topic_id_sql)
GROUP BY poster_id";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, 'Could not get poster id information', '', __LINE__, __FILE__, $sql);
}
$count_sql = array();
while ( $row = $db->sql_fetchrow($result) )
{
$count_sql[] = "UPDATE " . USERS_TABLE . "
SET user_posts = user_posts - " . $row['posts'] . "
WHERE user_id = " . $row['poster_id'];
}
$db->sql_freeresult($result);
if ( sizeof($count_sql) )
{
for($i = 0; $i < sizeof($count_sql); $i++)
{
if ( !$db->sql_query($count_sql[$i]) )
{
message_die(GENERAL_ERROR, 'Could not update user post count information', '', __LINE__, __FILE__, $sql);
}
}
}
|
Generate a default value for the Forum Select Box.
FIND - Line 769
| Code:
|
'S_FORUM_SELECT' => make_forum_select("new_forum_id"))
|
REPLACE WITH
| Code:
|
'S_FORUM_SELECT' => make_forum_select("new_forum_id", false, $forum_id))
|
Changes to this file are bugfixes.
-
Missing variable definition was added.
FIND - Line 51
| Code:
|
$delete_all = ( isset($HTTP_POST_VARS['deleteall']) ) ? TRUE : 0;
|
AFTER, ADD
| Code:
|
$save = ( isset($HTTP_POST_VARS['save']) ) ? TRUE : 0;
|
Here missing word replacements were added.
FIND - Line 572
| Code:
|
$private_message .= '<br /><br />_________________<br />' . make_clickable($user_sig);
}
|
AFTER, ADD
| Code:
|
$orig_word = array();
$replacement_word = array();
obtain_word_list($orig_word, $replacement_word);
|
More missing word replacements.
FIND - Line 1689
| Code:
|
make_jumpbox('viewforum.'.$phpEx);
|
AFTER, ADD
| Code:
|
$orig_word = array();
$replacement_word = array();
obtain_word_list($orig_word, $replacement_word);
|
This file was added after phpBB 2.0.1, so no changes here, just a new file. And you have to run it after (or before) changing all phpBB 2 Files. Again, this is listed just for completeness.
This file was changed, but since no hacks change this file it is safe to overwrite it with the new version.
Only one little change in this file, a language variable issue.
-
No new posts instead of new posts.
FIND - Line 569
| Code:
|
$folder_alt = ( $topic_rowset[$i]['topic_status'] == TOPIC_LOCKED ) ? $lang['Topic_locked'] : $lang['No_new_posts'];
|
REPLACE WITH
| Code:
|
$folder_alt = ( $topic_rowset[$i]['topic_status'] == TOPIC_LOCKED ) ? $lang['Topic_locked'] : $lang['New_posts'];
|
Also only one change, topic_mod has been made empty by default.
-
Set the variable topic_mod. This is a little security fix.
FIND - Line 556
| Code:
|
$s_auth_can .= ( ( $is_auth['auth_vote'] ) ? $lang['Rules_vote_can'] : $lang['Rules_vote_cannot'] ) . '<br />';
|
AFTER, ADD
Instead of assigning the variable new, append the string. Changed '=' into '.='.
FIND - Line 564
| Code:
|
$topic_mod = '<a href="' . append_sid("modcp.$phpEx?" . POST_TOPIC_URL . "=$topic_id&mode=delete") . '"><img src="' . $images['topic_mod_delete'] . '" alt="' . $lang['Delete_topic'] . '" title="' . $lang['Delete_topic'] . '" border="0" /></a> ';
|
REPLACE WITH
| Code:
|
$topic_mod .= '<a href="' . append_sid("modcp.$phpEx?" . POST_TOPIC_URL . "=$topic_id&mode=delete") . '"><img src="' . $images['topic_mod_delete'] . '" alt="' . $lang['Delete_topic'] . '" title="' . $lang['Delete_topic'] . '" border="0" /></a> ';
|
This file is very important, fixes for BBcodes URL, IMG and of course the new smilies_pass function which results in a dramatic speed increase on long topics.
-
This is the fix for the url-bbcode tag.
FIND - Line 200
| Code:
|
// [url]xxxx://www.phpbb.com[/url] code..
$patterns[1] = "#\[url\]([a-z]+?://){1}([a-z0-9\-\.,\?!%\*_\#:;~\\&$@\/=\+]+)\[/url\]#si";
$replacements[1] = $bbcode_tpl['url1'];
// [url]www.phpbb.com[/url] code.. (no xxxx:// prefix).
$patterns[2] = "#\[url\]([a-z0-9\-\.,\?!%\*_\#:;~\\&$@\/=\+]+)\[/url\]#si";
$replacements[2] = $bbcode_tpl['url2'];
// [url=xxxx://www.phpbb.com]phpBB[/url] code..
$patterns[3] = "#\[url=([a-z]+?://){1}([a-z0-9\-\.,\?!%\*_\#:;~\\&$@\/=\+]+)\](.*?)\[/url\]#si";
$replacements[3] = $bbcode_tpl['url3'];
// [url=www.phpbb.com]phpBB[/url] code.. (no xxxx:// prefix).
$patterns[4] = "#\[url=([a-z0-9\-\.,\?!%\*_\#:;~\\&$@\/=\+]+)\](.*?)\[/url\]#si";
$replacements[4] = $bbcode_tpl['url4'];
|
REPLACE WITH
| Code:
|
// [url]xxxx://www.phpbb.com[/url] code..
$patterns[1] = "#\[url\]([a-z]+?://){1}([a-z0-9\-\.,\?!%\*_\#:;~\\&$@\/=\+\(\)]+)\[/url\]#si";
$replacements[1] = $bbcode_tpl['url1'];
// [url]www.phpbb.com[/url] code.. (no xxxx:// prefix).
$patterns[2] = "#\[url\]([a-z0-9\-\.,\?!%\*_\#:;~\\&$@\/=\+\(\)]+)\[/url\]#si";
$replacements[2] = $bbcode_tpl['url2'];
// [url=xxxx://www.phpbb.com]phpBB[/url] code..
$patterns[3] = "#\[url=([a-z]+?://){1}([a-z0-9\-\.,\?!%\*_\#:;~\\&$@\/=\+\(\)]+)\](.*?)\[/url\]#si";
$replacements[3] = $bbcode_tpl['url3'];
// [url=www.phpbb.com]phpBB[/url] code.. (no xxxx:// prefix).
$patterns[4] = "#\[url=([a-z0-9\-\.,\?!%\*_\#:;~\\&$@\/=\+\(\)]+)\](.*?)\[/url\]#si";
$replacements[4] = $bbcode_tpl['url4'];
|
This is a fix for the img-bbcode tag.
FIND - Line 285
| Code:
|
$text = preg_replace("#\[img\](([a-z]+?)://([^ \"\n\r]+?))\[/img\]#si", "[img:$uid]\\1[/img:$uid]", $text);
|
REPLACE WITH
| Code:
|
$text = preg_replace("#\[img\](http(s)?://)([a-z0-9\-\.,\?!%\*_\#:;~\\&$@\/=\+]+)\[/img\]#si", "[img:$uid]\\1\\3[/img:$uid]", $text);
|
This is a fix for the make_clickable function that makes posted URLs clickable.
FIND - Line 623
| Code:
|
$ret = preg_replace("#([\n ])([a-z]+?)://([^\t <\n\r]+)#i", "\\1<a href=\"\\2://\\3\" target=\"_blank\">\\2://\\3</a>", $ret);
|
REPLACE WITH
| Code:
|
$ret = preg_replace("#([\n ])([a-z]+?)://([a-z0-9\-\.,\?!%\*_\#:;~\\&$@\/=\+]+)#i", "\\1<a href=\"\\2://\\3\" target=\"_blank\">\\2://\\3</a>", $ret);
|
This is a fix for the make_clickable function for macking posted URLs clickable.
FIND - Line 631
| Code:
|
$ret = preg_replace("#([\n ])www\.([a-z0-9\-]+)\.([a-z0-9\-.\~]+)((?:/[^\t <\n\r]*)?)#i", "\\1<a href=\"http://www.\\2.\\3\\4\" target=\"_blank\">www.\\2.\\3\\4</a>", $ret);
|
REPLACE WITH
| Code:
|
$ret = preg_replace("#([\n ])www\.([a-z0-9\-]+)\.([a-z0-9\-.\~]+)((?:/[a-z0-9\-\.,\?!%\*_\#:;~\\&$@\/=\+]*)?)#i", "\\1<a href=\"http://www.\\2.\\3\\4\" target=\"_blank\">www.\\2.\\3\\4</a>", $ret);
|
This is a replacement for the smilies_pass function, resulting in a great speed improvement on viewing topics.
FIND - Line 739
| Code:
|
function smilies_pass($message)
{
global $db, $board_config;
static $smilies;
if( empty($smilies) )
{
$sql = "SELECT code, smile_url
FROM " . SMILIES_TABLE;
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't obtain smilies data", "", __LINE__, __FILE__, $sql);
}
if( !$db->sql_numrows($result) )
{
return $message;
}
$smilies = $db->sql_fetchrowset($result);
}
usort($smilies, 'smiley_sort');
for($i = 0; $i < count($smilies); $i++)
{
$orig[] = "/(?<=.\\W|\\W.|^\\W)" . phpbb_preg_quote($smilies[$i]['code'], "/") . "(?=.\\W|\\W.|\\W$)/";
$repl[] = '<img src="'. $board_config['smilies_path'] . '/' . $smilies[$i]['smile_url'] . '" alt="' . $smilies[$i]['smile_url'] . '" border="0" />';
}
if( $i > 0 )
{
$message = preg_replace($orig, $repl, ' ' . $message . ' ');
$message = substr($message, 1, -1);
}
return $message;
}
|
REPLACE WITH
| Code:
|
function smilies_pass($message)
{
static $orig, $repl;
if (!isset($orig))
{
global $db, $board_config;
$orig = $repl = array();
$sql = 'SELECT code, smile_url FROM ' . SMILIES_TABLE;
if( !$result = $db->sql_query($sql) )
{
message_die(GENERAL_ERROR, "Couldn't obtain smilies data", "", __LINE__, __FILE__, $sql);
}
$smilies = $db->sql_fetchrowset($result);
usort($smilies, 'smiley_sort');
for($i = 0; $i < count($smilies); $i++)
{
$orig[] = "/(?<=.\W|\W.|^\W)" . phpbb_preg_quote($smilies[$i]['code'], "/") . "(?=.\W|\W.|\W$)/";
$repl[] = '<img src="'. $board_config['smilies_path'] . '/' . $smilies[$i]['smile_url'] . '" alt="' . $smilies[$i]['smile_url'] . '" border="0" />';
}
}
if (count($orig))
{
$message = preg_replace($orig, $repl, ' ' . $message . ' ');
$message = substr($message, 1, -1);
}
return $message;
}
|
These are all fixes to replace the iso-line with the correct one from the language files. Therefore, no explanation for every change is given.
-
FIND - Line 131
| Code:
|
function parse_email()
{
|
AFTER, ADD
FIND - Line 155
| Code:
|
$this->encoding = ( trim($match[4]) != '' ) ? trim($match[4]) : 'iso-8859-1';
|
REPLACE WITH
| Code:
|
$this->encoding = ( trim($match[4]) != '' ) ? trim($match[4]) : $lang['ENCODING'];
|
FIND - Line 209
| Code:
|
function attachFile($filename, $mimetype = "application/octet-stream", $szFromAddress, $szFilenameToDisplay)
{
|
AFTER, ADD
FIND - Line 214
| Code:
|
$this->mailMsg = '--' . $mime_boundary . "\nContent-Type: text/plain;\n\tcharset=\"iso-8859-1\"\n\n" . $this->mailMsg;
|
REPLACE WITH
| Code:
|
$this->mailMsg = '--' . $mime_boundary . "\nContent-Type: text/plain;\n\tcharset=\"" . $lang['ENCODING'] . "\"\n\n" . $this->mailMsg;
|
There was a change in functions.php through development, but was reverted, because it produces one more query.
- includes/functions_admin.php
The changes to this file allow the forum select field to have a default value.
-
Rewrite the function call to allow an extra parameter (the default selected value).
FIND - Line 27
| Code:
|
function make_forum_select($box_name, $ignore_forum = false)
|
REPLACE WITH
| Code:
|
function make_forum_select($box_name, $ignore_forum = false, $select_forum = '')
|
The code for default selecting a value.
FIND - Line 46
| Code:
|
$forum_list .= '<option value="' . $row['forum_id'] . '">' . $row['forum_name'] . '</option>';
|
REPLACE WITH
| Code:
|
$selected = ( $select_forum == $row['forum_id'] ) ? ' selected="selected"' : '';
$forum_list .= '<option value="' . $row['forum_id'] . '"' . $selected .'>' . $row['forum_name'] . '</option>';
|
- includes/functions_post.php
One security fix (I think) and an attempt to increase the time limit on sending notifications.
-
The security fix, rewrite of html-tags.
FIND - Line 78
| Code:
|
if ( preg_match('/^<\/?' . $match_tag . '\b/i', $hold_string) )
|
REPLACE WITH
| Code:
|
if ( preg_match('/^<\/?' . $match_tag . '(?!(\s*)style(\s*)\\=)/i', $hold_string) )
|
Try to increase time limit, will not work on some php-installations.
FIND - Line 635
| Code:
|
$update_watched_sql = '';
if ( $row = $db->sql_fetchrow($result) )
{
|
AFTER, ADD
| Code:
|
@set_time_limit(120);
|
- includes/functions_validate.php
These two changes are quote number corrections (in the regular expression) for validating usernames, use phpbb_preg_quote
instead of preg_quote.
-
First one: forbidden usernames.
FIND - Line 66
| Code:
|
if ( preg_match("#\b(" . str_replace("\*", ".*?", preg_quote($row['disallow_username'])) . ")\b#i", $username) )
|
REPLACE WITH
| Code:
|
if ( preg_match("#\b(" . str_replace("\*", ".*?", phpbb_preg_quote($row['disallow_username'], '#')) . ")\b#i", $username) )
|
Second one: forbidden words.
FIND - Line 79
| Code:
|
if ( preg_match("#\b(" . str_replace("\*", ".*?", preg_quote($row['word'])) . ")\b#i", $username) )
|
REPLACE WITH
| Code:
|
if ( preg_match("#\b(" . str_replace("\*", ".*?", phpbb_preg_quote($row['word'], '#')) . ")\b#i", $username) )
|
Not really a change to this file, but please check if you have no newlines after ?>
sitting around, this can cause header problems. The best is to press the delete
key after ?> so that no lines are displayed after the ?> anymore.
In this file there are many changes, changes you should not miss, because of a security fix and some adjustments to the sessions code.
-
Bugfix for banned email addresses.
FIND - Line 120
| Code:
|
$sql .= " OR ban_email LIKE '" . str_replace("\'", "''", $row['user_email']) . "'
OR ban_email LIKE '" . substr(str_replace("\'", "''", $row['user_email']), strpos(str_replace("\'", "''", $row['user_email']), "@")) . "'";
|
REPLACE WITH
| Code:
|
$sql .= " OR ban_email LIKE '" . str_replace("\'", "''", $userdata['user_email']) . "'
OR ban_email LIKE '" . substr(str_replace("\'", "''", $userdata['user_email']), strpos(str_replace("\'", "''", $userdata['user_email']), "@")) . "'";
|
Fix for wrong spelled sessiondata variable.
FIND - Line 215
| Code:
|
$session_data = '';
|
REPLACE WITH
A workaround for rotating IP's.
FIND - Line 232
| Code:
|
AND u.user_id = s.session_user_id
AND s.session_ip = '$user_ip'";
|
REPLACE WITH
| Code:
|
AND u.user_id = s.session_user_id";
|
A workaround for rotating IP's.
FIND - Line 245-289
| Code:
|
$SID = ( $sessionmethod == SESSION_METHOD_GET ) ? 'sid=' . $session_id : '';
//
// Only update session DB a minute or so after last update
//
if ( $current_time - $userdata['session_time'] > 60 )
{
// || $userdata['user_session_page'] != $thispage_id
$sql = "UPDATE " . SESSIONS_TABLE . "
SET session_time = $current_time, session_page = $thispage_id
WHERE session_id = '" . $userdata['session_id'] . "'
AND session_ip = '$user_ip'";
if ( !$db->sql_query($sql) )
{
message_die(CRITICAL_ERROR, 'Error updating sessions table', '', __LINE__, __FILE__, $sql);
}
if ( $userdata['user_id'] != ANONYMOUS )
{
$sql = "UPDATE " . USERS_TABLE . "
SET user_session_time = $current_time, user_session_page = $thispage_id
WHERE user_id = " . $userdata['user_id'];
if ( !$db->sql_query($sql) )
{
message_die(CRITICAL_ERROR, 'Error updating sessions table', '', __LINE__, __FILE__, $sql);
}
}
//
// Delete expired sessions
//
$expiry_time = $current_time - $board_config['session_length'];
$sql = "DELETE FROM " . SESSIONS_TABLE . "
WHERE session_time < $expiry_time
AND session_id <> '$session_id'";
if ( !$db->sql_query($sql) )
{
message_die(CRITICAL_ERROR, 'Error clearing sessions table', '', __LINE__, __FILE__, $sql);
}
setcookie($cookiename . '_data', serialize($sessiondata), $current_time + 31536000, $cookiepath, $cookiedomain, $cookiesecure);
setcookie($cookiename . '_sid', $session_id, 0, $cookiepath, $cookiedomain, $cookiesecure);
}
return $userdata;
|
REPLACE WITH
| Code:
|
//
// Do not check IP assuming equivalence, if IPv4 we'll check only first 24
// bits ... I've been told (by vHiker) this should alleviate problems with
// load balanced et al proxies while retaining some reliance on IP security.
//
$ip_check_s = substr($userdata['session_ip'], 0, 6);
$ip_check_u = substr($user_ip, 0, 6);
if ( $ip_check_s == $ip_check_u )
{
$SID = ( $sessionmethod == SESSION_METHOD_GET ) ? 'sid=' . $session_id : '';
//
// Only update session DB a minute or so after last update
//
if ( $current_time - $userdata['session_time'] > 60 )
{
$sql = "UPDATE " . SESSIONS_TABLE . "
SET session_time = $current_time, session_page = $thispage_id
WHERE session_id = '" . $userdata['session_id'] . "'";
if ( !$db->sql_query($sql) )
{
message_die(CRITICAL_ERROR, 'Error updating sessions table', '', __LINE__, __FILE__, $sql);
}
if ( $userdata['user_id'] != ANONYMOUS )
{
$sql = "UPDATE " . USERS_TABLE . "
SET user_session_time = $current_time, user_session_page = $thispage_id
WHERE user_id = " . $userdata['user_id'];
if ( !$db->sql_query($sql) )
{
message_die(CRITICAL_ERROR, 'Error updating sessions table', '', __LINE__, __FILE__, $sql);
}
}
//
// Delete expired sessions
//
$expiry_time = $current_time - $board_config['session_length'];
$sql = "DELETE FROM " . SESSIONS_TABLE . "
WHERE session_time < $expiry_time
AND session_id <> '$session_id'";
if ( !$db->sql_query($sql) )
{
message_die(CRITICAL_ERROR, 'Error clearing sessions table', '', __LINE__, __FILE__, $sql);
}
setcookie($cookiename . '_data', serialize($sessiondata), $current_time + 31536000, $cookiepath, $cookiedomain, $cookiesecure);
setcookie($cookiename . '_sid', $session_id, 0, $cookiepath, $cookiedomain, $cookiesecure);
}
return $userdata;
}
|
intval the user id (security fix).
FIND - Line 306
| Code:
|
$user_id = ( isset($sessiondata['userid']) ) ? $sessiondata['userid'] : ANONYMOUS;
|
REPLACE WITH
| Code:
|
$user_id = ( isset($sessiondata['userid']) ) ? intval($sessiondata['userid']) : ANONYMOUS;
|
Only a fix for trailing, on email addresses.
-
FIND - Line 173
| Code:
|
$to_header .= "<$mail_to_address>, ";
|
REPLACE WITH
| Code:
|
$to_header .= ( ( $mail_to_address != '' ) ? ', ' : '' ) . "<$mail_to_address>";
|
- includes/usercp_avatar.php
rawurlencode removed (have broken things before) and bugfix for avatar gallery.
-
FIND - Line 65
| Code:
|
function user_avatar_gallery($mode, &$error, &$error_msg, $avatar_filename)
{
return ( $mode == 'editprofile' ) ? ", user_avatar = '" . str_replace("\'", "''", $avatar_filename) . "', user_avatar_type = " . USER_AVATAR_GALLERY : '';
}
function user_avatar_url($mode, &$error, &$error_msg, $avatar_filename)
{
if ( !preg_match('#^http:\/\/#i', $avatar_filename) )
{
$avatar_filename = 'http://' . $avatar_filename;
}
if ( !preg_match('#^(http:\/\/[a-z0-9\-]+?\.([a-z0-9\-]+\.)*[a-z]+(:[0-9]+)*\/[^\"]*?\.(gif|jpg|jpeg|png)$)#is', $avatar_filename) )
{
$error = true;
$error_msg = ( !empty($error_msg) ) ? $error_msg . '<br />' . $lang['Wrong_remote_avatar_format'] : $lang['Wrong_remote_avatar_format'];
return;
}
return ( $mode == 'editprofile' ) ? ", user_avatar = '" . str_replace("\'", "''", $avatar_filename) . "', user_avatar_type = " . USER_AVATAR_REMOTE : '';
}
|
REPLACE WITH
| Code:
|
function user_avatar_gallery($mode, &$error, &$error_msg, $avatar_filename)
{
global $board_config;
if ( file_exists($board_config['avatar_gallery_path'] . '/' . $avatar_filename) && ($mode == 'editprofile') )
{
$return = ", user_avatar = '" . str_replace("\'", "''", $avatar_filename) . "', user_avatar_type = " . USER_AVATAR_GALLERY;
}
else
{
$return = '';
}
return $return;
}
function user_avatar_url($mode, &$error, &$error_msg, $avatar_filename)
{
if ( !preg_match('#^(http)|(ftp):\/\/#i', $avatar_filename) )
{
$avatar_filename = 'http://' . $avatar_filename;
}
if ( !preg_match('#^((http)|(ftp):\/\/[a-z0-9\-]+?\.([a-z0-9\-]+\.)+[a-z]+(:[0-9]+)*\/.*?\.(gif|jpg|jpeg|png)$)#is', $avatar_filename) )
{
$error = true;
$error_msg = ( !empty($error_msg) ) ? $error_msg . '<br />' . $lang['Wrong_remote_avatar_format'] : $lang['Wrong_remote_avatar_format'];
return;
}
return ( $mode == 'editprofile' ) ? ", user_avatar = '" . str_replace("\'", "''", $avatar_filename) . "', user_avatar_type = " . USER_AVATAR_REMOTE : '';
}
|
- includes/usercp_email.php
Another security fix.
-
Intval the HTTP-Headers user id.
FIND - Line 32
| Code:
|
$user_id = ( !empty($HTTP_GET_VARS[POST_USERS_URL]) ) ? $HTTP_GET_VARS[POST_USERS_URL] : $HTTP_POST_VARS[POST_USERS_URL];
|
REPLACE WITH
| |
Forums
Home
Register
Profile
Log in to check your private messages
Log in
FAQ
Search
Contact
Us 
