################################################################################ ## ## Hack Title: phpBB 2.0.11 - 2.0.12 Code Changes ## Hack Version: 1.0.0 ## Hack Author: Complied by Thoul, code by phpBB Group ## Hack Description: All changes in phpBB made between 2.0.11 and 2.0.12. ## ## Compatibility: 2.0.11 ## Installation Level: Moderate ## Installation Time: 30 minutes ## ## Files To Edit: 13 ## admin/index.php ## language/lang_english/lang_admin.php ## templates/subSilver/admin/index_body.tpl ## admin/admin_db_utilities.php ## common.php ## viewtopic.php ## includes/functions.php ## includes/page_tail.php ## includes/template.php ## includes/usercp_avatar.php ## includes/usercp_register.php ## templates/subSilver/overall_footer.tpl ## templates/subSilver/simple_footer.tpl ## ## Support: http://www.phpbbhacks.com/forums ## ################################################################################ ## ## You downloaded this hack from phpBBHacks.com, ## the #1 source for phpBB related downloads. ## ## Please visit http://www.phpbbhacks.com/forums for support. ## ################################################################################ ## ## This hack is released under the GPL License. ## ################################################################################ ## ## BEFORE ADDING THIS HACK TO YOUR FORUM, please be sure to backup ALL ## affected files. ## ################################################################################ ## ##----------[ PLEASE NOTE ]------------------------------ ## ## Once you have completed the code changes, create an install/ directory in ## your forum's root directory, and upload the update_to_latest.php file that ## comes in any phpBB 2.0.12 download to the install/ directory. Run ## update_to_latest.php by opening it via your web browser, just as you would a ## normal forum page. Afterward, delete the file and the install/ directory so ## that your forum is accessible again. ## ##----------[ PLEASE NOTE ]------------------------------ ## ## phpBB 2.0.12 adds a version checking system as a default feature of phpBB's ## admin panel. There are some people that may not wish to install this, due ## to privacy reasons and the fact that it causes one's forum to automatically ## connect to the phpBB website each time the Admin Panel is entered. For those ## people, the changes for the version checking system can be skipped with ## other problems. They are listed first in this file. ## ##----------[ OPEN ]------------------------------------- ## admin/index.php ## ##----------[ FIND ]------------------------------------- ## "L_NO_GUESTS_BROWSING" => $lang['No_users_browsing']) ); } ## ##----------[ AFTER, ADD ]----------------------------- ## // Check for new version $current_version = explode('.', '2' . $board_config['version']); $minor_revision = (int) $current_version[2]; $errno = 0; $errstr = $version_info = ''; if ($fsock = @fsockopen('www.phpbb.com', 80, $errno, $errstr)) { @fputs($fsock, "GET /updatecheck/20x.txt HTTP/1.1\r\n"); @fputs($fsock, "HOST: www.phpbb.com\r\n"); @fputs($fsock, "Connection: close\r\n\r\n"); $get_info = false; while (!@feof($fsock)) { if ($get_info) { $version_info .= @fread($fsock, 1024); } else { if (@fgets($fsock, 1024) == "\r\n") { $get_info = true; } } } @fclose($fsock); $version_info = explode("\n", $version_info); $latest_head_revision = (int) $version_info[0]; $latest_minor_revision = (int) $version_info[2]; $latest_version = (int) $version_info[0] . '.' . (int) $version_info[1] . '.' . (int) $version_info[2]; if ($latest_head_revision == 2 && $minor_revision == $latest_minor_revision) { $version_info = '

' . $lang['Version_up_to_date'] . '

'; } else { $version_info = '

' . $lang['Version_not_up_to_date']; $version_info .= '
' . sprintf($lang['Latest_version_info'], $latest_version) . sprintf($lang['Current_version_info'], '2' . $board_config['version']) . '

'; } } else { if ($errstr) { $version_info = '

' . sprintf($lang['Connect_socket_error'], $errstr) . '

'; } else { $version_info = '

' . $lang['Socket_functions_disabled'] . '

'; } } $version_info .= '

' . $lang['Mailing_list_subscribe_reminder'] . '

'; $template->assign_vars(array( 'VERSION_INFO' => $version_info, 'L_VERSION_INFORMATION' => $lang['Version_information']) ); ## ##----------[ OPEN ]------------------------------------- ## language/lang_english/lang_admin.php ## ##----------[ FIND ]------------------------------------- ## // // That's all Folks! ## ##----------[ BEFORE, ADD ]------------------------------ ## // // Version Check // $lang['Version_up_to_date'] = 'Your installation is up to date, no updates are available for your version of phpBB.'; $lang['Version_not_up_to_date'] = 'Your installation does not seem to be up to date. Updates are available for your version of phpBB, please visit http://www.phpbb.com/downloads.php to obtain the latest version.'; $lang['Latest_version_info'] = 'The latest available version is phpBB %s.'; $lang['Current_version_info'] = 'You are running phpBB %s.'; $lang['Connect_socket_error'] = 'Unable to open connection to phpBB Server, reported error is:
%s'; $lang['Socket_functions_disabled'] = 'Unable to use socket functions.'; $lang['Mailing_list_subscribe_reminder'] = 'For the latest information on updates to phpBB, why not subscribe to our mailing list.'; $lang['Version_information'] = 'Version Information'; ## ##----------[ OPEN ]------------------------------------- ## templates/subSilver/admin/index_body.tpl ## ##----------[ FIND ]------------------------------------- ##
## ##----------[ AFTER, ADD ]------------------------------- ##

{L_VERSION_INFORMATION}

{VERSION_INFO}
## ##----------[ PLEASE NOTE ]------------------------------ ## ## This ends the code changes related to the version checking system. ## All other changes should be considered important security updates. ## ##----------[ OPEN ]------------------------------------- ## admin/admin_db_utilities.php ## ##----------[ PLEASE NOTE ]------------------------------ ## ## The line in the FIND command below may have been altered if you have install ## any modifications or hacks on your forum. If you cannot locate this line, ## try search for the first twenty or so characters of it. ## ##----------[ FIND ]------------------------------------- ## $tables = array('auth_access', 'banlist', 'categories', 'config', 'disallow', 'forums', 'forum_prune', 'groups', 'posts', 'posts_text', 'privmsgs', 'privmsgs_text', 'ranks', 'search_results', 'search_wordlist', 'search_wordmatch', 'sessions', 'smilies', 'themes', 'themes_name', 'topics', 'topics_watch', 'user_group', 'users', 'vote_desc', 'vote_results', 'vote_voters', 'words'); ## ##----------[ IN-LINE FIND ]------------------------------- ## 'words' ## ##----------[ IN-LINE AFTER, ADD ]------------------------------- ## , 'confirm' ## ##----------[ OPEN ]------------------------------------- ## common.php ## ##----------[ FIND ]------------------------------------- ## $test = array('HTTP_GET_VARS' => NULL, 'HTTP_POST_VARS' => NULL, 'HTTP_COOKIE_VARS' => NULL, 'HTTP_SERVER_VARS' => NULL, 'HTTP_ENV_VARS' => NULL, 'HTTP_POST_FILES' => NULL); ## ##----------[ REPLACE WITH ]----------------------------- ## $test = array('HTTP_GET_VARS' => NULL, 'HTTP_POST_VARS' => NULL, 'HTTP_COOKIE_VARS' => NULL, 'HTTP_SERVER_VARS' => NULL, 'HTTP_ENV_VARS' => NULL, 'HTTP_POST_FILES' => NULL, 'phpEx' => NULL, 'phpbb_root_path' => NULL); ## ##----------[ FIND ]------------------------------------- ## else if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on') { // PHP4+ path ## ##----------[ AFTER, ADD ]------------------------------- ## $not_unset = array('HTTP_GET_VARS', 'HTTP_POST_VARS', 'HTTP_COOKIE_VARS', 'HTTP_SERVER_VARS', 'HTTP_SESSION_VARS', 'HTTP_ENV_VARS', 'HTTP_POST_FILES', 'phpEx', 'phpbb_root_path'); ## ##----------[ PLEASE NOTE ]------------------------------ ## ## Please note that due to this change, phpBB 2.0.12 can only be used on PHP 4 ## or later. Previous releases operated on PHP 3, but this version will not. ## If you intend to use phpBB on servers running PHP 3, you should strongly ## consider upgrading the server's PHP installation. ## ##----------[ FIND ]------------------------------------- ## $input = array_merge($HTTP_GET_VARS, $HTTP_POST_VARS, $HTTP_COOKIE_VARS, $HTTP_SERVER_VARS, $HTTP_SESSION_VARS, $HTTP_ENV_VARS, $HTTP_POST_FILES); unset($input['input']); while (list($var,) = @each($input)) { unset($$var); } ## ##----------[ REPLACE WITH ]----------------------------- ## $input = array_merge($HTTP_GET_VARS, $HTTP_POST_VARS, $HTTP_COOKIE_VARS, $HTTP_SERVER_VARS, $HTTP_SESSION_VARS, $HTTP_ENV_VARS, $HTTP_POST_FILES); unset($input['input']); unset($input['not_unset']); while (list($var,) = @each($input)) { if (!in_array($var, $not_unset)) { unset($$var); } } ## ##----------[ FIND ]------------------------------------- ## $client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : $REMOTE_ADDR ); ## ##----------[ REPLACE WITH ]----------------------------- ## $client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : getenv('REMOTE_ADDR') ); ## ##----------[ OPEN ]------------------------------------- ## viewtopic.php ## ##----------[ FIND ]------------------------------------- ## $highlight = urlencode($HTTP_GET_VARS['highlight']); ## ##----------[ AFTER, ADD ]------------------------------- ## $highlight_match = phpbb_rtrim($highlight_match, "\\"); ## ##----------[ OPEN ]------------------------------------- ## includes/functions.php ## ##----------[ FIND ]------------------------------------- ## $username = htmlspecialchars(rtrim(trim($username), "\\")); $username = substr(str_replace("\\'", "'", $username), 0, 25); $username = str_replace("'", "\\'", $username); return $username; } ## ##----------[ REPLACE WITH ]----------------------------- ## $username = substr(htmlspecialchars(str_replace("\'", "'", trim($username))), 0, 25); $username = phpbb_rtrim($username, "\\"); $username = str_replace("'", "\'", $username); return $username; } // added at phpBB 2.0.12 to fix a bug in PHP 4.3.10 (only supporting charlist in php >= 4.1.0) function phpbb_rtrim($str, $charlist = false) { if ($charlist === false) { return rtrim($str); } $php_version = explode('.', PHP_VERSION); // php version < 4.1.0 if ((int) $php_version[0] < 4 || ((int) $php_version[0] == 4 && (int) $php_version[1] < 1)) { while ($str{strlen($str)-1} == $charlist) { $str = substr($str, 0, strlen($str)-1); } } else { $str = rtrim($str, $charlist); } return $str; } ## ##----------[ FIND ]------------------------------------- ## $debug_text .= '

Line : ' . $err_line . '
File : ' . $err_file; ## ##----------[ REPLACE WITH ]----------------------------- ## $debug_text .= '

Line : ' . $err_line . '
File : ' . basename($err_file); ## ##----------[ OPEN ]------------------------------------- ## includes/page_tail.php ## ##----------[ PLEASE NOTE ]------------------------------ ## ## The following change is different that what you might see in other "code ## changes" compilations. Those other compilations are incorrect in this area. ## This line was removed from phpBB, not altered. ## ##----------[ FIND AND DELETE ]------------------------------------- ## 'PHPBB_VERSION' => '2' . $board_config['version'], ## ##----------[ OPEN ]------------------------------------- ## includes/template.php ## ##----------[ FIND ]------------------------------------- ## $filename = phpbb_realpath($this->root . '/' . $filename); ## ##----------[ REPLACE WITH ]------------------------------- ## $filename = ($rp_filename = phpbb_realpath($this->root . '/' . $filename)) ? $rp_filename : $filename; ## ##----------[ OPEN ]------------------------------------- ## includes/usercp_avatar.php ## ##----------[ FIND ]------------------------------------- ## function user_avatar_delete($avatar_type, $avatar_file) { global $board_config, $userdata; ## ##----------[ AFTER, ADD ]----------------------------- ## $avatar_file = basename($avatar_file); ## ##----------[ FIND ]------------------------------------- ## function user_avatar_gallery($mode, &$error, &$error_msg, $avatar_filename) { global $board_config; ## ##----------[ AFTER, ADD ]------------------------------- ## $avatar_filename = str_replace(array('../', '..\\', './', '.\\'), '', $avatar_filename); if ($avatar_filename{0} == '/' || $avatar_filename{0} == "\\") { return ''; } ## ##----------[ FIND ]------------------------------------- ## $move_file($avatar_filename, './' . $board_config['avatar_path'] . "/$new_filename"); ## ##----------[ BEFORE, ADD ]------------------------------ ## if (!is_uploaded_file($avatar_filename)) { message_die(GENERAL_ERROR, 'Unable to upload file', '', __LINE__, __FILE__); } ## ##----------[ OPEN ]------------------------------------- ## includes/usercp_register.php ## ##----------[ FIND ]------------------------------------- ## $avatar_mode = ( !empty($user_avatar_name) ) ? 'local' : 'remote'; ## ##----------[ REPLACE WITH ]----------------------------- ## $avatar_mode = (empty($user_avatar_name)) ? 'remote' : 'local'; ## ##----------[ OPEN ]------------------------------------- ## templates/subSilver/overall_footer.tpl ## ##----------[ PLEASE NOTE ]------------------------------ ## ## The changes to this file are not absolutely required and may not be possible ## in non-subSilver templates. ## ##----------[ FIND ]------------------------------------- ## Powered by phpBB {PHPBB_VERSION} line, with phpBB linked to www.phpbb.com. If you refuse ## ##----------[ REPLACE WITH ]------------------------------- ## Powered by phpBB line, with phpBB linked to www.phpbb.com. If you refuse ## ##----------[ FIND ]------------------------------------- ## Powered by phpBB {PHPBB_VERSION} © 2001, 2002 phpBB Group
{TRANSLATION_INFO} ## ##----------[ REPLACE WITH ]------------------------------- ## Powered by phpBB © 2001, 2005 phpBB Group
{TRANSLATION_INFO} ## ##----------[ OPEN ]------------------------------------- ## templates/subSilver/simple_footer.tpl ## ##----------[ PLEASE NOTE ]------------------------------ ## ## The changes to this file are not absolutely required and may not be possible ## in non-subSilver templates. ## ##----------[ FIND ]------------------------------------- ## Powered by phpBB {PHPBB_VERSION} line, with phpBB linked to www.phpbb.com. If you refuse ## ##----------[ REPLACE WITH ]------------------------------- ## Powered by phpBB line, with phpBB linked to www.phpbb.com. If you refuse ## ##----------[ FIND ]------------------------------------- ## Powered by phpBB {PHPBB_VERSION} © 2001,2002 phpBB Group ## ##----------[ REPLACE WITH ]------------------------------- ## Powered by phpBB © 2001, 2005 phpBB Group ## ##----------[ SAVE AND CLOSE ALL FILES ]----------------- ## ## End ##