phpBBHacks.com - phpBB 2.0.17 to 2.0.18 Code Changes
Get Photoshop help and share your work at PhotoshopForums.com
StatsForums Home   RegisterRegister   ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in
FAQFAQ   SearchSearch   MemberlistMemberlist   TutorialsTutorials   ContactContact Us
Add Us:     MySpace     Facebook     StumbleUpon
Username:    Password:
Remember Me?    
phpBB 2.0.17 to 2.0.18 Code Changes
BlinkList
del.icio.us
Furl
linkaGoGo
reddit
Simpy
Mister Wong
Yahoo! My Web

Post new topic   Reply to topic    phpBBHacks.com Support Forums Forum Index -> phpBB 2: Fixes and Code Changes
 See a User Guidelines violation? Please contact us.
Author Message

Thoul
VIP

Joined: 30 Jul 2002
Posts: 17676
Location: USA
PostPosted: October 30th 2005, 11:05 pm    Post subject: phpBB 2.0.17 to 2.0.18 Code Changes Reply with quote
Text Version.
HTML Version.

These are the code changes introduced between phpBB 2.0.17 and phpBB 2.0.18. If you have installed many hacks on a forum, but wish to update it, these may help you. It is often easier to apply code changes such as these instead of replacing and rehacking your current files.

These code changes use the following instruction labels:
filename - The name of a file to be edited. Equivalent to an OPEN action in a hack or modification.
FIND - This indicates lines of code you should locate. Changes will be made in reference to this code.
REPLACE WITH - This code should completely replace the code in the preceding FIND instruction.
AFTER, ADD - The code in this instruction should be added on a new line after the last line of code in the preceding FIND instruction.
BEFORE, ADD - The code in this instruction should be added on a new line before the first line of code in the preceding FIND instruction.
FIND AND DELETE - Locate the code in this instruction as with a FIND statement, and then delete the code.

Once you have completed the code changes, create an install/ directory in your forum's root directory, and upload the update_to_latest.php file that comes in any phpBB 2.0.18 download to the install/ directory. Run update_to_latest.php by opening it via your web browser, just as you would a normal forum page. Afterward, delete the file and the install/ directory so that your forum is accessible again. This step updates your database to the current version and is very important. Failing to follow these instructions will cause errors to appear on your forum.

Now, onward to the file changes!

Last edited by Thoul on October 31st 2005, 5:05 pm; edited 2 times in total
Back to top
View user's profile Send private message Visit poster's website

Thoul
VIP

Joined: 30 Jul 2002
Posts: 17676
Location: USA
PostPosted: October 30th 2005, 11:19 pm    Post subject: Reply with quote
common.php

FIND
Code:
// The following code (unsetting globals) was contributed by Matt Kavanagh

// PHP5 with register_long_arrays off?
if (!isset($HTTP_POST_VARS) && isset($_POST))



REPLACE WITH
Code:
// The following code (unsetting globals)
// Thanks to Matt Kavanagh and Stefan Esser for providing feedback as well as patch files

// PHP5 with register_long_arrays off?
if (@phpversion() >= '5.0.0' && (!@ini_get('register_long_arrays') || @ini_get('register_long_arrays') == '0' || strtolower(@ini_get('register_long_arrays')) == 'off'))



FIND
Code:
if (@phpversion() < '4.0.0')
{
   // PHP3 path; in PHP3, globals are _always_ registered
   
   // We 'flip' the array of variables to test like this so that
   // we can validate later with isset($test[$var]) (no in_array())
   $test = array('HTTP_GET_VARS' => NULL, 'HTTP_POST_VARS' => NULL, 'HTTP_COOKIE_VARS' => NULL, 'HTTP_SERVER_VARS' => NULL, 'HTTP_ENV_VARS' => NULL, 'HTTP_POST_FILES' => NULL, 'phpEx' => NULL, 'phpbb_root_path' => NULL);

   // Loop through each input array
   @reset($test);
   while (list($input,) = @each($test))
   {
      while (list($var,) = @each($$input))
      {
         // Validate the variable to be unset
         if (!isset($test[$var]) && $var != 'test' && $var != 'input')
         {
            unset($$var);
         }
      }
   }
}
else if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on')



REPLACE WITH
Code:
// Protect against GLOBALS tricks
if (isset($HTTP_POST_VARS['GLOBALS']) || isset($HTTP_POST_FILES['GLOBALS']) || isset($HTTP_GET_VARS['GLOBALS']) || isset($HTTP_COOKIE_VARS['GLOBALS']))
{
   die("Hacking attempt");
}

// Protect against HTTP_SESSION_VARS tricks
if (isset($HTTP_SESSION_VARS) && !is_array($HTTP_SESSION_VARS))
{
   die("Hacking attempt");
}

if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on')



FIND
Code:
   if (!isset($HTTP_SESSION_VARS))



REPLACE WITH
Code:
   if (!isset($HTTP_SESSION_VARS) || !is_array($HTTP_SESSION_VARS))



The line before unset($input); contains two spaces. The objective here is to delete these.
FIND
Code:
 
   unset($input);



REPLACE WITH
Code:

   unset($input);



FIND
Code:
   header("Location: install/install.$phpEx");



REPLACE WITH
Code:
   header('Location: ' . $phpbb_root_path . 'install/install.' . $phpEx);



FIND
Code:
include($phpbb_root_path . 'includes/db.'.$phpEx);



AFTER, ADD
Code:

// We do not need this any longer, unset for safety purposes
unset($dbpasswd);





groupcp.php


FIND
Code:
   $temp_url = append_sid("search.$phpEx?search_author=" . urlencode($username) . "&amp;showresults=posts");
   $search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . $lang['Search_user_posts'] . '" title="' . $lang['Search_user_posts'] . '" border="0" /></a>';
   $search = '<a href="' . $temp_url . '">' . $lang['Search_user_posts'] . '</a>';



REPLACE WITH
Code:
   $temp_url = append_sid("search.$phpEx?search_author=" . urlencode($row['username']) . "&amp;showresults=posts");
   $search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . sprintf($lang['Search_user_posts'], $row['username']) . '" title="' . sprintf($lang['Search_user_posts'], $row['username']) . '" border="0" /></a>';
   $search = '<a href="' . $temp_url . '">' . sprintf($lang['Search_user_posts'], $row['username']) . '</a>';



FIND
Code:
      //
      // Load and process templates
      //



AFTER, ADD
Code:
      $page_title = $lang['Group_Control_Panel'];





index.php

FIND
Code:
   if ( $userdata['session_logged_in'] )
   {
      $sql = "SELECT t.forum_id, t.topic_id, p.post_time



REPLACE WITH
Code:
   if ($userdata['session_logged_in'])
   {
      // 60 days limit
      if ($userdata['user_lastvisit'] < (time() - 5184000))
      {
         $userdata['user_lastvisit'] = time() - 5184000;
      }

      $sql = "SELECT t.forum_id, t.topic_id, p.post_time





login.php

FIND
Code:
   else if( ( isset($HTTP_GET_VARS['logout']) || isset($HTTP_POST_VARS['logout']) ) && $userdata['session_logged_in'] )
   {



AFTER, ADD
Code:
      // session id check
      if ($sid == '' || $sid != $userdata['session_id'])
      {
         message_die(GENERAL_ERROR, 'Invalid_session');
      }



FIND
Code:
      if( isset($HTTP_POST_VARS['redirect']) || isset($HTTP_GET_VARS['redirect']) )
      {
         $forward_to = $HTTP_SERVER_VARS['QUERY_STRING'];



BEFORE, ADD
Code:
      $forward_page = '';



FIND AND DELETE
Code:
               $forward_page = '';



FIND AND DELETE
Code:
      else
      {
         $forward_page = '';
      }



FIND
Code:
      make_jumpbox('viewforum.'.$phpEx, $forum_id);



REPLACE WITH
Code:
      make_jumpbox('viewforum.'.$phpEx);




memberlist.php

FIND
Code:
$mode_types = array('joindate', 'username', 'location', 'posts', 'email', 'website', 'topten');



REPLACE WITH
Code:
$mode_types = array('joined', 'username', 'location', 'posts', 'email', 'website', 'topten');




modcp.php

FIND
Code:
         message_die(MESSAGE, sprintf($lang['Sorry_auth_delete'], $is_auth['auth_delete_type']));



REPLACE WITH
Code:
         message_die(GENERAL_MESSAGE, sprintf($lang['Sorry_auth_delete'], $is_auth['auth_delete_type']));



FIND
Code:
               'U_SEARCHPOSTS' => append_sid("search.$phpEx?search_author=" . urlencode($username) . "&amp;showresults=topics"))



REPLACE WITH
Code:
               'U_SEARCHPOSTS' => append_sid("search.$phpEx?search_author=" . (($id == ANONYMOUS) ? 'Anonymous' : urlencode($username)) . "&amp;showresults=topics"))





posting.php

FIND
Code:
$refresh = $preview || $poll_add || $poll_edit || $poll_delete;



AFTER, ADD
Code:
$orig_word = $replacement_word = array();



FIND
Code:
$topic_type = ( !empty($HTTP_POST_VARS['topictype']) ) ? intval($HTTP_POST_VARS['topictype']) : POST_NORMAL;



AFTER, ADD
Code:
$topic_type = ( in_array($topic_type, array(POST_NORMAL, POST_STICKY, POST_ANNOUNCE)) ) ? $topic_type : POST_NORMAL;



FIND
Code:
      $sql = "SELECT f.*, t.topic_status, t.topic_title 



REPLACE WITH
Code:
      $sql = "SELECT f.*, t.topic_status, t.topic_title, t.topic_type 



FIND
Code:
      $select_sql = ( !$submit ) ? ", t.topic_title, p.enable_bbcode, p.enable_html, p.enable_smilies, p.enable_sig, p.post_username, pt.post_subject, pt.post_text, pt.bbcode_uid, u.username, u.user_id, u.user_sig" : '';



REPLACE WITH
Code:
      $select_sql = (!$submit) ? ', t.topic_title, p.enable_bbcode, p.enable_html, p.enable_smilies, p.enable_sig, p.post_username, pt.post_subject, pt.post_text, pt.bbcode_uid, u.username, u.user_id, u.user_sig, u.user_sig_bbcode_uid' : '';



FIND
Code:
      {
         $topic_id = $post_info['topic_id'];
      }



AFTER, ADD
Code:
      if ( $mode == 'newtopic' )
      {
         $post_data['topic_type'] = POST_NORMAL;
      }



FIND
Code:
      $post_data['has_poll'] = false;
      $post_data['edit_poll'] = false;
   }



AFTER, ADD
Code:
   if ( $mode == 'poll_delete' && !isset($poll_id) )
   {
      message_die(GENERAL_MESSAGE, $lang['No_such_post']);
   }



FIND
Code:
      $user_sig = ( $post_info['user_sig'] != '' && $board_config['allow_sig'] ) ? $post_info['user_sig'] : '';



AFTER, ADD
Code:
      $userdata['user_sig_bbcode_uid'] = $post_info['user_sig_bbcode_uid'];




privmsg.php


FIND
Code:
         if ( $sent_info['sent_items'] >= $board_config['max_sentbox_privmsgs'] )



REPLACE WITH
Code:
         if ($board_config['max_sentbox_privmsgs'] && $sent_info['sent_items'] >= $board_config['max_sentbox_privmsgs'])



FIND
Code:
   $search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . $lang['Search_user_posts'] . '" title="' . $lang['Search_user_posts'] . '" border="0" /></a>';
   $search = '<a href="' . $temp_url . '">' . $lang['Search_user_posts'] . '</a>';



REPLACE WITH
Code:
   $search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . sprintf($lang['Search_user_posts'], $username_from) . '" title="' . sprintf($lang['Search_user_posts'], $username_from) . '" border="0" /></a>';
   $search = '<a href="' . $temp_url . '">' . sprintf($lang['Search_user_posts'], $username_from) . '</a>';



FIND
Code:
         if ( $saved_info['savebox_items'] >= $board_config['max_savebox_privmsgs'] )



REPLACE WITH
Code:
         if ($board_config['max_savebox_privmsgs'] && $saved_info['savebox_items'] >= $board_config['max_savebox_privmsgs'] )



FIND
Code:
   if ( $submit )
   {
      if ( !empty($HTTP_POST_VARS['username']) )



BEFORE, ADD
Code:
   if ($submit && $mode == 'edit')
   {
      $sql = 'SELECT privmsgs_from_userid
         FROM ' . PRIVMSGS_TABLE . '
         WHERE privmsgs_id = ' . (int) $privmsg_id . '
            AND privmsgs_from_userid = ' . $userdata['user_id'];

      if (!($result = $db->sql_query($sql)))
      {
         message_die(GENERAL_ERROR, "Could not obtain message details", "", __LINE__, __FILE__, $sql);
      }

      if (!($row = $db->sql_fetchrow($result)))
      {
         message_die(GENERAL_MESSAGE, $lang['No_such_post']);
      }
      $db->sql_freeresult($result);

      unset($row);
   }



FIND
Code:
         $to_userdata = $db->sql_fetchrow($result);



REPLACE WITH
Code:
         if (!($to_userdata = $db->sql_fetchrow($result)))
         {
            $error = TRUE;
            $error_msg = $lang['No_such_user'];
         }



FIND
Code:
            if ( $inbox_info['inbox_items'] >= $board_config['max_inbox_privmsgs'] )



REPLACE WITH
Code:
            if ($board_config['max_inbox_privmsgs'] && $inbox_info['inbox_items'] >= $board_config['max_inbox_privmsgs'])



FIND
Code:
               'USERNAME' => $to_username,



REPLACE WITH
Code:
               'USERNAME' => stripslashes($to_username),



FIND
Code:

      if ( $mode == 'edit' )
      {
         $sql = "SELECT pm.*, pmt.privmsgs_bbcode_uid, pmt.privmsgs_text, u.username, u.user_id, u.user_sig



REPLACE WITH
Code:
      else if ( $mode == 'edit' )
      {
         $sql = "SELECT pm.*, pmt.privmsgs_bbcode_uid, pmt.privmsgs_text, u.username, u.user_id, u.user_sig



FIND
Code:
         $privmsg_subject = $privmsg_message = '';



REPLACE WITH
Code:
         $privmsg_subject = $privmsg_message = $to_username = '';



FIND AND DELETE
Code:
      'S_NAMES_SELECT' => $user_names_select,




search.php

FIND
Code:
         $split_search = ( !strstr($multibyte_charset, $lang['ENCODING']) ) ?  split_words(clean_words('search', stripslashes($search_keywords), $stopword_array, $synonym_array), 'search') : split(' ', $search_keywords);   



REPLACE WITH
Code:
         $stripped_keywords = stripslashes($search_keywords);
         $split_search = ( !strstr($multibyte_charset, $lang['ENCODING']) ) ?  split_words(clean_words('search', $stripped_keywords, $stopword_array, $synonym_array), 'search') : split(' ', $search_keywords);   
         unset($stripped_keywords);



FIND
Code:
   ORDER BY c.cat_id, f.forum_order";



REPLACE WITH
Code:
   ORDER BY c.cat_order, f.forum_order";




viewtopic.php


FIND
Code:
if ( !isset($topic_id) && !isset($post_id) )



REPLACE WITH
Code:
if (!$topic_id && !$post_id)



FIND
Code:
         WHERE
            t2.topic_id = $topic_id
            AND t.forum_id = t2.forum_id



AFTER, ADD
Code:
            AND t.topic_moved_id = 0



FIND
Code:
$join_sql_table = ( empty($post_id) ) ? '' : ", " . POSTS_TABLE . " p, " . POSTS_TABLE . " p2 ";
$join_sql = ( empty($post_id) ) ? "t.topic_id = $topic_id" : "p.post_id = $post_id AND t.topic_id = p.topic_id AND p2.topic_id = p.topic_id AND p2.post_id <= $post_id";
$count_sql = ( empty($post_id) ) ? '' : ", COUNT(p2.post_id) AS prev_posts";

$order_sql = ( empty($post_id) ) ? '' : "GROUP BY p.post_id, t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, t.topic_type, t.topic_vote, t.topic_last_post_id, f.forum_name, f.forum_status, f.forum_id, f.auth_view, f.auth_read, f.auth_post, f.auth_reply, f.auth_edit, f.auth_delete, f.auth_sticky, f.auth_announce, f.auth_pollcreate, f.auth_vote, f.auth_attachments ORDER BY p.post_id ASC";



REPLACE WITH
Code:
$join_sql_table = (!$post_id) ? '' : ", " . POSTS_TABLE . " p, " . POSTS_TABLE . " p2 ";
$join_sql = (!$post_id) ? "t.topic_id = $topic_id" : "p.post_id = $post_id AND t.topic_id = p.topic_id AND p2.topic_id = p.topic_id AND p2.post_id <= $post_id";
$count_sql = (!$post_id) ? '' : ", COUNT(p2.post_id) AS prev_posts";

$order_sql = (!$post_id) ? '' : "GROUP BY p.post_id, t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, t.topic_type, t.topic_vote, t.topic_last_post_id, f.forum_name, f.forum_status, f.forum_id, f.auth_view, f.auth_read, f.auth_post, f.auth_reply, f.auth_edit, f.auth_delete, f.auth_sticky, f.auth_announce, f.auth_pollcreate, f.auth_vote, f.auth_attachments ORDER BY p.post_id ASC";



FIND
Code:
      $redirect = ( isset($post_id) ) ? POST_POST_URL . "=$post_id" : POST_TOPIC_URL . "=$topic_id";
      $redirect .= ( isset($start) ) ? "&start=$start" : '';



REPLACE WITH
Code:
      $redirect = ($post_id) ? POST_POST_URL . "=$post_id" : POST_TOPIC_URL . "=$topic_id";
      $redirect .= ($start) ? "&start=$start" : '';



FIND
Code:
if ( !empty($post_id) )



REPLACE WITH
Code:
if ($post_id)



FIND
Code:
         $highlight_match .= (($highlight_match != '') ? '|' : '') . str_replace('*', '\w*', phpbb_preg_quote($words[$i], '#'));



REPLACE WITH
Code:
         $highlight_match .= (($highlight_match != '') ? '|' : '') . str_replace('*', '\w*', preg_quote($words[$i], '#'));



FIND
Code:
   $search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . $lang['Search_user_posts'] . '" title="' . sprintf($lang['Search_user_posts'], $postrow[$i]['username']) . '" border="0" /></a>';



REPLACE WITH
Code:
   $search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . sprintf($lang['Search_user_posts'], $postrow[$i]['username']) . '" title="' . sprintf($lang['Search_user_posts'], $postrow[$i]['username']) . '" border="0" /></a>';



FIND
Code:
   if ( $board_config['allow_bbcode'] )
   {