phpBB 2.0.17 to 2.0.18 Code Changes

// The following code (unsetting globals) was contributed by Matt Kavanagh

// PHP5 with register_long_arrays off?
if (!isset($HTTP_POST_VARS) && isset($_POST))

// The following code (unsetting globals)
// Thanks to Matt Kavanagh and Stefan Esser for providing feedback as well as patch files

// PHP5 with register_long_arrays off?
if (@phpversion() >= '5.0.0' && (!@ini_get('register_long_arrays') || @ini_get('register_long_arrays') == '0' || strtolower(@ini_get('register_long_arrays')) == 'off'))

if (@phpversion() < '4.0.0')
{
   // PHP3 path; in PHP3, globals are _always_ registered
   
   // We 'flip' the array of variables to test like this so that
   // we can validate later with isset($test[$var]) (no in_array())
   $test = array('HTTP_GET_VARS' => NULL, 'HTTP_POST_VARS' => NULL, 'HTTP_COOKIE_VARS' => NULL, 'HTTP_SERVER_VARS' => NULL, 'HTTP_ENV_VARS' => NULL, 'HTTP_POST_FILES' => NULL, 'phpEx' => NULL, 'phpbb_root_path' => NULL);

   // Loop through each input array
   @reset($test);
   while (list($input,) = @each($test))
   {
      while (list($var,) = @each($$input))
      {
         // Validate the variable to be unset
         if (!isset($test[$var]) && $var != 'test' && $var != 'input')
         {
            unset($$var);
         }
      }
   }
}
else if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on')

// Protect against GLOBALS tricks
if (isset($HTTP_POST_VARS['GLOBALS']) || isset($HTTP_POST_FILES['GLOBALS']) || isset($HTTP_GET_VARS['GLOBALS']) || isset($HTTP_COOKIE_VARS['GLOBALS']))
{
   die("Hacking attempt");
}

// Protect against HTTP_SESSION_VARS tricks
if (isset($HTTP_SESSION_VARS) && !is_array($HTTP_SESSION_VARS))
{
   die("Hacking attempt");
}

if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on')

   if (!isset($HTTP_SESSION_VARS))

   if (!isset($HTTP_SESSION_VARS) || !is_array($HTTP_SESSION_VARS))

 
   unset($input);

   unset($input);

   header("Location: install/install.$phpEx");

   header('Location: ' . $phpbb_root_path . 'install/install.' . $phpEx);

include($phpbb_root_path . 'includes/db.'.$phpEx);

// We do not need this any longer, unset for safety purposes
unset($dbpasswd);

   $temp_url = append_sid("search.$phpEx?search_author=" . urlencode($username) . "&amp;showresults=posts");
   $search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . $lang['Search_user_posts'] . '" title="' . $lang['Search_user_posts'] . '" border="0" /></a>';
   $search = '<a href="' . $temp_url . '">' . $lang['Search_user_posts'] . '</a>';

   $temp_url = append_sid("search.$phpEx?search_author=" . urlencode($row['username']) . "&amp;showresults=posts");
   $search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . sprintf($lang['Search_user_posts'], $row['username']) . '" title="' . sprintf($lang['Search_user_posts'], $row['username']) . '" border="0" /></a>';
   $search = '<a href="' . $temp_url . '">' . sprintf($lang['Search_user_posts'], $row['username']) . '</a>';

      //
      // Load and process templates
      //

      $page_title = $lang['Group_Control_Panel'];

   if ( $userdata['session_logged_in'] )
   {
      $sql = "SELECT t.forum_id, t.topic_id, p.post_time

   if ($userdata['session_logged_in'])
   {
      // 60 days limit
      if ($userdata['user_lastvisit'] < (time() - 5184000))
      {
         $userdata['user_lastvisit'] = time() - 5184000;
      }

      $sql = "SELECT t.forum_id, t.topic_id, p.post_time

   else if( ( isset($HTTP_GET_VARS['logout']) || isset($HTTP_POST_VARS['logout']) ) && $userdata['session_logged_in'] )
   {

      // session id check
      if ($sid == '' || $sid != $userdata['session_id'])
      {
         message_die(GENERAL_ERROR, 'Invalid_session');
      }

      if( isset($HTTP_POST_VARS['redirect']) || isset($HTTP_GET_VARS['redirect']) )
      {
         $forward_to = $HTTP_SERVER_VARS['QUERY_STRING'];

      $forward_page = '';

               $forward_page = '';

      else
      {
         $forward_page = '';
      }

      make_jumpbox('viewforum.'.$phpEx, $forum_id);

      make_jumpbox('viewforum.'.$phpEx);

$mode_types = array('joindate', 'username', 'location', 'posts', 'email', 'website', 'topten');

$mode_types = array('joined', 'username', 'location', 'posts', 'email', 'website', 'topten');

         message_die(MESSAGE, sprintf($lang['Sorry_auth_delete'], $is_auth['auth_delete_type']));

         message_die(GENERAL_MESSAGE, sprintf($lang['Sorry_auth_delete'], $is_auth['auth_delete_type']));

               'U_SEARCHPOSTS' => append_sid("search.$phpEx?search_author=" . urlencode($username) . "&amp;showresults=topics"))

               'U_SEARCHPOSTS' => append_sid("search.$phpEx?search_author=" . (($id == ANONYMOUS) ? 'Anonymous' : urlencode($username)) . "&amp;showresults=topics"))

$refresh = $preview || $poll_add || $poll_edit || $poll_delete;

$orig_word = $replacement_word = array();

$topic_type = ( !empty($HTTP_POST_VARS['topictype']) ) ? intval($HTTP_POST_VARS['topictype']) : POST_NORMAL;

$topic_type = ( in_array($topic_type, array(POST_NORMAL, POST_STICKY, POST_ANNOUNCE)) ) ? $topic_type : POST_NORMAL;

      $sql = "SELECT f.*, t.topic_status, t.topic_title 

      $sql = "SELECT f.*, t.topic_status, t.topic_title, t.topic_type 

      $select_sql = ( !$submit ) ? ", t.topic_title, p.enable_bbcode, p.enable_html, p.enable_smilies, p.enable_sig, p.post_username, pt.post_subject, pt.post_text, pt.bbcode_uid, u.username, u.user_id, u.user_sig" : '';

      $select_sql = (!$submit) ? ', t.topic_title, p.enable_bbcode, p.enable_html, p.enable_smilies, p.enable_sig, p.post_username, pt.post_subject, pt.post_text, pt.bbcode_uid, u.username, u.user_id, u.user_sig, u.user_sig_bbcode_uid' : '';

      {
         $topic_id = $post_info['topic_id'];
      }

      if ( $mode == 'newtopic' )
      {
         $post_data['topic_type'] = POST_NORMAL;
      }

      $post_data['has_poll'] = false;
      $post_data['edit_poll'] = false;
   }

   if ( $mode == 'poll_delete' && !isset($poll_id) )
   {
      message_die(GENERAL_MESSAGE, $lang['No_such_post']);
   }

      $user_sig = ( $post_info['user_sig'] != '' && $board_config['allow_sig'] ) ? $post_info['user_sig'] : '';

      $userdata['user_sig_bbcode_uid'] = $post_info['user_sig_bbcode_uid'];

         if ( $sent_info['sent_items'] >= $board_config['max_sentbox_privmsgs'] )

         if ($board_config['max_sentbox_privmsgs'] && $sent_info['sent_items'] >= $board_config['max_sentbox_privmsgs'])

   $search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . $lang['Search_user_posts'] . '" title="' . $lang['Search_user_posts'] . '" border="0" /></a>';
   $search = '<a href="' . $temp_url . '">' . $lang['Search_user_posts'] . '</a>';

   $search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . sprintf($lang['Search_user_posts'], $username_from) . '" title="' . sprintf($lang['Search_user_posts'], $username_from) . '" border="0" /></a>';
   $search = '<a href="' . $temp_url . '">' . sprintf($lang['Search_user_posts'], $username_from) . '</a>';

         if ( $saved_info['savebox_items'] >= $board_config['max_savebox_privmsgs'] )

         if ($board_config['max_savebox_privmsgs'] && $saved_info['savebox_items'] >= $board_config['max_savebox_privmsgs'] )

   if ( $submit )
   {
      if ( !empty($HTTP_POST_VARS['username']) )

   if ($submit && $mode == 'edit')
   {
      $sql = 'SELECT privmsgs_from_userid
         FROM ' . PRIVMSGS_TABLE . '
         WHERE privmsgs_id = ' . (int) $privmsg_id . '
            AND privmsgs_from_userid = ' . $userdata['user_id'];

      if (!($result = $db->sql_query($sql)))
      {
         message_die(GENERAL_ERROR, "Could not obtain message details", "", __LINE__, __FILE__, $sql);
      }

      if (!($row = $db->sql_fetchrow($result)))
      {
         message_die(GENERAL_MESSAGE, $lang['No_such_post']);
      }
      $db->sql_freeresult($result);

      unset($row);
   }

         $to_userdata = $db->sql_fetchrow($result);

         if (!($to_userdata = $db->sql_fetchrow($result)))
         {
            $error = TRUE;
            $error_msg = $lang['No_such_user'];
         }

            if ( $inbox_info['inbox_items'] >= $board_config['max_inbox_privmsgs'] )

            if ($board_config['max_inbox_privmsgs'] && $inbox_info['inbox_items'] >= $board_config['max_inbox_privmsgs'])

               'USERNAME' => $to_username,

               'USERNAME' => stripslashes($to_username),

      if ( $mode == 'edit' )
      {
         $sql = "SELECT pm.*, pmt.privmsgs_bbcode_uid, pmt.privmsgs_text, u.username, u.user_id, u.user_sig

      else if ( $mode == 'edit' )
      {
         $sql = "SELECT pm.*, pmt.privmsgs_bbcode_uid, pmt.privmsgs_text, u.username, u.user_id, u.user_sig

         $privmsg_subject = $privmsg_message = '';

         $privmsg_subject = $privmsg_message = $to_username = '';

      'S_NAMES_SELECT' => $user_names_select,

         $split_search = ( !strstr($multibyte_charset, $lang['ENCODING']) ) ?  split_words(clean_words('search', stripslashes($search_keywords), $stopword_array, $synonym_array), 'search') : split(' ', $search_keywords);   

         $stripped_keywords = stripslashes($search_keywords);
         $split_search = ( !strstr($multibyte_charset, $lang['ENCODING']) ) ?  split_words(clean_words('search', $stripped_keywords, $stopword_array, $synonym_array), 'search') : split(' ', $search_keywords);   
         unset($stripped_keywords);

   ORDER BY c.cat_id, f.forum_order";

   ORDER BY c.cat_order, f.forum_order";

if ( !isset($topic_id) && !isset($post_id) )

if (!$topic_id && !$post_id)

         WHERE
            t2.topic_id = $topic_id
            AND t.forum_id = t2.forum_id

            AND t.topic_moved_id = 0

$join_sql_table = ( empty($post_id) ) ? '' : ", " . POSTS_TABLE . " p, " . POSTS_TABLE . " p2 ";
$join_sql = ( empty($post_id) ) ? "t.topic_id = $topic_id" : "p.post_id = $post_id AND t.topic_id = p.topic_id AND p2.topic_id = p.topic_id AND p2.post_id <= $post_id";
$count_sql = ( empty($post_id) ) ? '' : ", COUNT(p2.post_id) AS prev_posts";

$order_sql = ( empty($post_id) ) ? '' : "GROUP BY p.post_id, t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, t.topic_type, t.topic_vote, t.topic_last_post_id, f.forum_name, f.forum_status, f.forum_id, f.auth_view, f.auth_read, f.auth_post, f.auth_reply, f.auth_edit, f.auth_delete, f.auth_sticky, f.auth_announce, f.auth_pollcreate, f.auth_vote, f.auth_attachments ORDER BY p.post_id ASC";

$join_sql_table = (!$post_id) ? '' : ", " . POSTS_TABLE . " p, " . POSTS_TABLE . " p2 ";
$join_sql = (!$post_id) ? "t.topic_id = $topic_id" : "p.post_id = $post_id AND t.topic_id = p.topic_id AND p2.topic_id = p.topic_id AND p2.post_id <= $post_id";
$count_sql = (!$post_id) ? '' : ", COUNT(p2.post_id) AS prev_posts";

$order_sql = (!$post_id) ? '' : "GROUP BY p.post_id, t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, t.topic_type, t.topic_vote, t.topic_last_post_id, f.forum_name, f.forum_status, f.forum_id, f.auth_view, f.auth_read, f.auth_post, f.auth_reply, f.auth_edit, f.auth_delete, f.auth_sticky, f.auth_announce, f.auth_pollcreate, f.auth_vote, f.auth_attachments ORDER BY p.post_id ASC";

      $redirect = ( isset($post_id) ) ? POST_POST_URL . "=$post_id" : POST_TOPIC_URL . "=$topic_id";
      $redirect .= ( isset($start) ) ? "&start=$start" : '';

      $redirect = ($post_id) ? POST_POST_URL . "=$post_id" : POST_TOPIC_URL . "=$topic_id";
      $redirect .= ($start) ? "&start=$start" : '';

if ( !empty($post_id) )

if ($post_id)

         $highlight_match .= (($highlight_match != '') ? '|' : '') . str_replace('*', '\w*', phpbb_preg_quote($words[$i], '#'));

         $highlight_match .= (($highlight_match != '') ? '|' : '') . str_replace('*', '\w*', preg_quote($words[$i], '#'));

   $search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . $lang['Search_user_posts'] . '" title="' . sprintf($lang['Search_user_posts'], $postrow[$i]['username']) . '" border="0" /></a>';

   $search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . sprintf($lang['Search_user_posts'], $postrow[$i]['username']) . '" title="' . sprintf($lang['Search_user_posts'], $postrow[$i]['username']) . '" border="0" /></a>';

   if ( $board_config['allow_bbcode'] )
   {
      if ( $user_sig != '' && $user_sig_bbcode_uid != '' )
      {
         $user_sig = ( $board_config['allow_bbcode'] ) ? bbencode_second_pass($user_sig, $user_sig_bbcode_uid) : preg_replace('/\:[0-9a-z\:]+\]/si', ']', $user_sig);
      }

      if ( $bbcode_uid != '' )
      {
         $message = ( $board_config['allow_bbcode'] ) ? bbencode_second_pass($message, $bbcode_uid) : preg_replace('/\:[0-9a-z\:]+\]/si', ']', $message);
      }

   if ($user_sig != '' && $user_sig_bbcode_uid != '')
   {
      $user_sig = ($board_config['allow_bbcode']) ? bbencode_second_pass($user_sig, $user_sig_bbcode_uid) : preg_replace("/\:$user_sig_bbcode_uid/si", '', $user_sig);
   }

   if ($bbcode_uid != '')
   {
      $message = ($board_config['allow_bbcode']) ? bbencode_second_pass($message, $bbcode_uid) : preg_replace("/\:$bbcode_uid/si", '', $message);

$confirm_yes = ($new['enable_confirm']) ? 'checked="checked"' : '';
$confirm_no = (!$new['enable_confirm']) ? 'checked="checked"' : '';

$allow_autologin_yes = ($new['allow_autologin']) ? 'checked="checked"' : '';
$allow_autologin_no = (!$new['allow_autologin']) ? 'checked="checked"' : '';

   "L_ADMIN" => $lang['Acc_Admin'],
   "L_VISUAL_CONFIRM" => $lang['Visual_confirm'],
   "L_VISUAL_CONFIRM_EXPLAIN" => $lang['Visual_confirm_explain'],

   "L_ALLOW_AUTOLOGIN" => $lang['Allow_autologin'],
   "L_ALLOW_AUTOLOGIN_EXPLAIN" => $lang['Allow_autologin_explain'],
   "L_AUTOLOGIN_TIME" => $lang['Autologin_time'],
   "L_AUTOLOGIN_TIME_EXPLAIN" => $lang['Autologin_time_explain'],

   "CONFIRM_DISABLE" => $confirm_no,
   "ACTIVATION_NONE_CHECKED" => $activation_none,

   'ALLOW_AUTOLOGIN_YES' => $allow_autologin_yes,
   'ALLOW_AUTOLOGIN_NO' => $allow_autologin_no,
   'AUTOLOGIN_TIME' => (int) $new['max_autologin_time'],

      message_die(MESSAGE, $lang['Fields_empty']);

      message_die(GENERAL_MESSAGE, $lang['Fields_empty']);

         $smile_url = ( isset($HTTP_POST_VARS['smile_url']) ) ? trim($HTTP_POST_VARS['smile_url']) : trim($HTTP_GET_VARS['smile_url']);

         $smile_url = phpbb_ltrim(basename($smile_url), "'");

            message_die(MESSAGE, $lang['Fields_empty']);

            message_die(GENERAL_MESSAGE, $lang['Fields_empty']);

         $smile_url = ( isset($HTTP_POST_VARS['smile_url']) ) ? $HTTP_POST_VARS['smile_url'] : $HTTP_GET_VARS['smile_url'];

         $smile_url = phpbb_ltrim(basename($smile_url), "'");

            message_die(MESSAGE, $lang['Fields_empty']);

            message_die(GENERAL_MESSAGE, $lang['Fields_empty']);

            "L_STYLESHEET" => $lang['Stylesheet'],

            "L_STYLESHEET_EXPLAIN" => $lang['Stylesheet_explain'],

         $sql = "SELECT *
            FROM " . FORUMS_TABLE . " f
            ORDER BY forum_order";

         $sql = 'SELECT f.*
            FROM ' . FORUMS_TABLE . ' f, ' . CATEGORIES_TABLE . ' c
            WHERE f.cat_id = c.cat_id
            ORDER BY c.cat_order, f.forum_order';

   if( count($name) )
   {
      $t_usergroup_list = $t_pending_list = '';
      for($i = 0; $i < count($ug_info); $i++)

   $t_usergroup_list = $t_pending_list = '';
   if( count($name) )
   {
      for($i = 0; $i < count($ug_info); $i++)

   else
   {
      $t_usergroup_list = $lang['None'];
   }

   $s_column_span = 2; // Two columns always present

   $t_usergroup_list = ($t_usergroup_list == '') ? $lang['None'] : $t_usergroup_list;
   $t_pending_list = ($t_pending_list == '') ? $lang['None'] : $t_pending_list;

   $s_column_span = 2; // Two columns always present

         if (preg_match('#^(([a-z0-9&.-_+])|(\*))+@[a-z0-9\-]+\.([a-z0-9\-]+\.)*?[a-z]+$#is', trim($email_list_temp[$i])))

         if (preg_match('/^(([a-z0-9&\'\.\-_\+])|(\*))+@(([a-z0-9\-])|(\*))+\.([a-z0-9\-]+\.)*?[a-z]+$/is', trim($email_list_temp[$i])))

      if( $HTTP_POST_VARS['deleteuser'] )

      if( $HTTP_POST_VARS['deleteuser'] && ( $userdata['user_id'] != $user_id ) )

      $user_avatar_local = ( isset( $HTTP_POST_VARS['avatarselect'] ) && !empty($HTTP_POST_VARS['submitavatar'] ) && $board_config['allow_avatar_local'] ) ? $HTTP_POST_VARS['avatarselect'] : ( ( isset( $HTTP_POST_VARS['avatarlocal'] )  ) ? $HTTP_POST_VARS['avatarlocal'] : '' );

      $user_avatar_category = ( isset($HTTP_POST_VARS['avatarcatname']) && $board_config['allow_avatar_local'] ) ? htmlspecialchars($HTTP_POST_VARS['avatarcatname']) : '' ;

            $user_avatar = $user_avatar_local;

            $user_avatar = $user_avatar_category . '/' . $user_avatar_local;

         $avatar_sql = ", user_avatar = '" . str_replace("\'", "''", $user_avatar_local) . "', user_avatar_type = " . USER_AVATAR_GALLERY;

         $avatar_sql = ", user_avatar = '" . str_replace("\'", "''", phpbb_ltrim(basename($user_avatar_category), "'") . '/' . phpbb_ltrim(basename($user_avatar_local), "'")) . "', user_avatar_type = " . USER_AVATAR_GALLERY;

                     $avatar_images[$file][$avatar_row_count][$avatar_col_count] = $file . "/" . $sub_file;

                     $avatar_images[$file][$avatar_row_count][$avatar_col_count] = $sub_file;

                  "AVATAR_IMAGE" => "../" . $board_config['avatar_gallery_path'] . "/" . $avatar_images[$category][$i][$j])

                  "AVATAR_IMAGE" => "../" . $board_config['avatar_gallery_path'] . '/' . $category . '/' . $avatar_images[$category][$i][$j])

         $s_hidden_fields = '<input type="hidden" name="mode" value="edit" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />';

         $s_hidden_fields = '<input type="hidden" name="mode" value="edit" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" /><input type="hidden" name="avatarcatname" value="' . $category . '" />';

         $s_hidden_fields .= '<input type="hidden" name="avatarlocal" value="' . $user_avatar_local . '" />';

         $s_hidden_fields .= '<input type="hidden" name="avatarlocal" value="' . $user_avatar_local . '" /><input type="hidden" name="avatarcatname" value="' . $user_avatar_category . '" />';

   if ($fsock = @fsockopen('www.phpbb.com', 80, $errno, $errstr))

   if ($fsock = @fsockopen('www.phpbb.com', 80, $errno, $errstr, 10))

         $version_info .= '<br />' . sprintf($lang['Latest_version_info'], $latest_version) . sprintf($lang['Current_version_info'], '2' . $board_config['version']) . '</p>';

         $version_info .= '<br />' . sprintf($lang['Latest_version_info'], $latest_version) . ' ' . sprintf($lang['Current_version_info'], '2' . $board_config['version']) . '</p>';

//
// Show the overall footer.
//

global $do_gzip_compress;

   'TRANSLATION_INFO' => $lang['TRANSLATION_INFO'])

   'TRANSLATION_INFO' => (isset($lang['TRANSLATION_INFO'])) ? $lang['TRANSLATION_INFO'] : ((isset($lang['TRANSLATION'])) ? $lang['TRANSLATION'] : ''))

                  $result = $this->rowset[$query_id][$field];

                  $result = $this->rowset[$query_id][0][$field];

                  $result = $this->rowset[$query_id][$field];

                  $result = $this->rowset[$query_id][0][$field];

            bbcode_array_push($stack, $match);

            array_push($stack, $match);

                  $match = bbcode_array_pop($stack);

                  $match = array_pop($stack);

                     $match = bbcode_array_pop($stack);

                     $match = array_pop($stack);

 * This function does exactly what the PHP4 function array_push() does
 * however, to keep phpBB compatable with PHP 3 we had to come up with our own
 * method of doing it.

 * This function was deprecated in phpBB 2.0.18

 * This function does exactly what the PHP4 function array_pop() does
 * however, to keep phpBB compatable with PHP 3 we had to come up with our own
 * method of doing it.

 * This function was deprecated in phpBB 2.0.18

         $orig[] = "/(?<=.\W|\W.|^\W)" . phpbb_preg_quote($smilies[$i]['code'], "/") . "(?=.\W|\W.|\W$)/";

         $orig[] = "/(?<=.\W|\W.|^\W)" . preg_quote($smilies[$i]['code'], "/") . "(?=.\W|\W.|\W$)/";

define('SESSIONS_TABLE', $table_prefix.'sessions');

define('SESSIONS_KEYS_TABLE', $table_prefix.'sessions_keys');

   message_die(CRITICAL_ERROR, "Could not connect to the database");

   message_die(CRITICAL_ERROR, "Could not connect to the database");

         $drop_header .= '[\r\n]*?' . phpbb_preg_quote($match[1], '#');

         $drop_header .= '[\r\n]*?' . preg_quote($match[1], '#');

         $drop_header .= '[\r\n]*?' . phpbb_preg_quote($match[1], '#');

         $drop_header .= '[\r\n]*?' . preg_quote($match[1], '#');

      $str = preg_replace('#' . phpbb_preg_quote($spacer, '#') . '$#', '', $str);

      $str = preg_replace('#' . preg_quote($spacer, '#') . '$#', '', $str);

   $username = phpbb_rtrim($username, "\\");   

   $username = phpbb_rtrim($username, "\\");

   return $username;
}

/**
* This function is a wrapper for ltrim, as charlist is only supported in php >= 4.1.0
* Added in phpBB 2.0.18
*/
function phpbb_ltrim($str, $charlist = false)
{
   if ($charlist === false)
   {
      return ltrim($str);
   }
   
   $php_version = explode('.', PHP_VERSION);

   // php version < 4.1.0
   if ((int) $php_version[0] < 4 || ((int) $php_version[0] == 4 && (int) $php_version[1] < 1))
   {
      while ($str{0} == $charlist)
      {
         $str = substr($str, 1);
      }
   }
   else
   {
      $str = ltrim($str, $charlist);
   }

   return $str;
}

         $orig_word[] = '#\b(' . str_replace('\*', '\w*?', phpbb_preg_quote($row['word'], '#')) . ')\b#i';

         $orig_word[] = '#\b(' . str_replace('\*', '\w*?', preg_quote($row['word'], '#')) . ')\b#i';

   $sql = "SELECT forum_id, forum_name
      FROM " . FORUMS_TABLE . "
      ORDER BY cat_id, forum_order";

   $sql = 'SELECT f.forum_id, f.forum_name
      FROM ' . CATEGORIES_TABLE . ' c, ' . FORUMS_TABLE . ' f
      WHERE f.cat_id = c.cat_id
      ORDER BY c.cat_order, f.forum_order';

            $sql = ( $row['total_posts'] ) ? "UPDATE " . TOPICS_TABLE . " SET topic_replies = " . ( $row['total_posts'] - 1 ) . ", topic_first_post_id = " . $row['first_post'] . ", topic_last_post_id = " . $row['last_post'] . " WHERE topic_id = $id" : "DELETE FROM " . TOPICS_TABLE . " WHERE topic_id = $id";
            if ( !$db->sql_query($sql) )
            {
               message_die(GENERAL_ERROR, 'Could not update topic', '', __LINE__, __FILE__, $sql);

            if ($row['total_posts'])
            {
               // Correct the details of this topic
               $sql = 'UPDATE ' . TOPICS_TABLE . '
                  SET topic_replies = ' . ($row['total_posts'] - 1) . ', topic_first_post_id = ' . $row['first_post'] . ', topic_last_post_id = ' . $row['last_post'] . "
                  WHERE topic_id = $id";

               if (!$db->sql_query($sql))
               {
                  message_die(GENERAL_ERROR, 'Could not update topic', '', __LINE__, __FILE__, $sql);
               }
            }
            else
            {
               // There are no replies to this topic
               // Check if it is a move stub
               $sql = 'SELECT topic_moved_id
                  FROM ' . TOPICS_TABLE . "
                  WHERE topic_id = $id";

               if (!($result = $db->sql_query($sql)))
               {
                  message_die(GENERAL_ERROR, 'Could not get topic ID', '', __LINE__, __FILE__, $sql);
               }

               if ($row = $db->sql_fetchrow($result))
               {
                  if (!$row['topic_moved_id'])
                  {
                     $sql = 'DELETE FROM ' . TOPICS_TABLE . " WHERE topic_id = $id";
         
                     if (!$db->sql_query($sql))
                     {
                        message_die(GENERAL_ERROR, 'Could not remove topic', '', __LINE__, __FILE__, $sql);
                     }
                  }
               }

               $db->sql_freeresult($result);

function submit_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_id, &$post_id, &$poll_id, &$topic_type, &$bbcode_on, &$html_on, &$smilies_on, &$attach_sig, &$bbcode_uid, &$post_username, &$post_subject, &$post_message, &$poll_title, &$poll_options, &$poll_length)

function submit_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_id, &$post_id, &$poll_id, &$topic_type, &$bbcode_on, &$html_on, &$smilies_on, &$attach_sig, &$bbcode_uid, $post_username, $post_subject, $post_message, $poll_title, &$poll_options, &$poll_length)

   if ($mode == 'delete')
   {
      $delete_sql = (!$post_data['first_post'] && !$post_data['last_post']) ? " AND user_id = " . $userdata['user_id'] : '';
      $sql = "DELETE FROM " . TOPICS_WATCH_TABLE . " WHERE topic_id = $topic_id" . $delete_sql;
      if (!$db->sql_query($sql))
      {
         message_die(GENERAL_ERROR, 'Could not change topic notify data', '', __LINE__, __FILE__, $sql);
      }
   }
   else

   if ($mode != 'delete')

      $page_title = $lang['Emoticons'] . " - $topic_title";

      $page_title = $lang['Emoticons'];

function split_words(&$entry, $mode = 'post')

function split_words($entry, $mode = 'post')

   $username = phpbb_clean_username($username);
   
   $sql = "SELECT username
      FROM " . USERS_TABLE . "
      WHERE LOWER(username) = '" . strtolower($username) . "'";
   if ($result = $db->sql_query($sql))
   {
      if ($row = $db->sql_fetchrow($result))

   $username = phpbb_clean_username($username);

   $sql = "SELECT username
      FROM " . USERS_TABLE . "
      WHERE LOWER(username) = '" . strtolower($username) . "'";
   if ($result = $db->sql_query($sql))
   {
      while ($row = $db->sql_fetchrow($result))

            if (preg_match("#\b(" . str_replace("\*", ".*?", phpbb_preg_quote($row['disallow_username'], '#')) . ")\b#i", $username))

            if (preg_match("#\b(" . str_replace("\*", ".*?", preg_quote($row['disallow_username'], '#')) . ")\b#i", $username))

            if (preg_match("#\b(" . str_replace("\*", ".*?", phpbb_preg_quote($row['word'], '#')) . ")\b#i", $username))

            if (preg_match("#\b(" . str_replace("\*", ".*?", preg_quote($row['word'], '#')) . ")\b#i", $username))

   $template->assign_block_vars('switch_user_logged_out', array());

   //
   // Allow autologin?
   //
   if (!isset($board_config['allow_autologin']) || $board_config['allow_autologin'] )
   {
      $template->assign_block_vars('switch_allow_autologin', array());
      $template->assign_block_vars('switch_user_logged_out.switch_allow_autologin', array());
   }

//
// Show the overall footer.
//

global $do_gzip_compress;

   'TRANSLATION_INFO' => ( isset($lang['TRANSLATION_INFO']) ) ? $lang['TRANSLATION_INFO'] : '',

   'TRANSLATION_INFO' => (isset($lang['TRANSLATION_INFO'])) ? $lang['TRANSLATION_INFO'] : ((isset($lang['TRANSLATION'])) ? $lang['TRANSLATION'] : ''),

   $expiry_time = $current_time - $board_config['session_length'];

   // Try and pull the last time stored in a cookie, if it exists
   //
   $sql = "SELECT *
      FROM " . USERS_TABLE . "
      WHERE user_id = $user_id";
   if ( !($result = $db->sql_query($sql)) )
   {
      message_die(CRITICAL_ERROR, 'Could not obtain lastvisit data from user table', '', __LINE__, __FILE__, $sql);
   }

   $userdata = $db->sql_fetchrow($result);

   if ( $user_id != ANONYMOUS )
   {
      $auto_login_key = $userdata['user_password'];

      if ( $auto_create )
      {
         if ( isset($sessiondata['autologinid']) && $userdata['user_active'] )
         {
            // We have to login automagically
            if( $sessiondata['autologinid'] === $auto_login_key )
            {
               // autologinid matches password
               $login = 1;
               $enable_autologin = 1;
            }
            else
            {
               // No match; don't login, set as anonymous user
               $login = 0;
               $enable_autologin = 0;
               $user_id = $userdata['user_id'] = ANONYMOUS;
            
               $sql = 'SELECT * FROM ' . USERS_TABLE . ' WHERE user_id = ' . ANONYMOUS;
               $result = $db->sql_query($sql);
               $userdata = $db->sql_fetchrow($result);
               $db->sql_freeresult($result);
            }
         }
         else
         {
            // Autologin is not set. Don't login, set as anonymous user
            $login = 0;
            $enable_autologin = 0;
            $user_id = $userdata['user_id'] = ANONYMOUS;

            $sql = 'SELECT * FROM ' . USERS_TABLE . ' WHERE user_id = ' . ANONYMOUS;
            $result = $db->sql_query($sql);
            $userdata = $db->sql_fetchrow($result);
            $db->sql_freeresult($result);
         }
      }
      else
      {
         $login = 1;
      }
   }
   else
   {
      $login = 0;
      $enable_autologin = 0;

   // Are auto-logins allowed?
   // If allow_autologin is not set or is true then they are
   // (same behaviour as old 2.0.x session code)
   //
   if (isset($board_config['allow_autologin']) && !$board_config['allow_autologin'])
   {
      $enable_autologin = $sessiondata['autologinid'] = false;
   }

   //
   // First off attempt to join with the autologin value if we have one
   // If not, just use the user_id value
   //
   $userdata = array();

   if ($user_id != ANONYMOUS)
   {
      if (isset($sessiondata['autologinid']) && (string) $sessiondata['autologinid'] != '' && $user_id)
      {
         $sql = 'SELECT u.*
            FROM ' . USERS_TABLE . ' u, ' . SESSIONS_KEYS_TABLE . ' k
            WHERE u.user_id = ' . (int) $user_id . "
               AND u.user_active = 1
               AND k.user_id = u.user_id
               AND k.key_id = '" . md5($sessiondata['autologinid']) . "'";
         if (!($result = $db->sql_query($sql)))
         {
            message_die(CRITICAL_ERROR, 'Error doing DB query userdata row fetch', '', __LINE__, __FILE__, $sql);
         }

         $userdata = $db->sql_fetchrow($result);
         $db->sql_freeresult($result);
      
         $enable_autologin = $login = 1;
      }
      else if (!$auto_create)
      {
         $sessiondata['autologinid'] = '';
         $sessiondata['userid'] = $user_id;

         $sql = 'SELECT *
            FROM ' . USERS_TABLE . '
            WHERE user_id = ' . (int) $user_id . '
               AND user_active = 1';
         if (!($result = $db->sql_query($sql)))
         {
            message_die(CRITICAL_ERROR, 'Error doing DB query userdata row fetch', '', __LINE__, __FILE__, $sql);
         }

         $userdata = $db->sql_fetchrow($result);
         $db->sql_freeresult($result);

         $login = 1;
      }
   }

   //
   // At this point either $userdata should be populated or
   // one of the below is true
   // * Key didn't match one in the DB
   // * User does not exist
   // * User is inactive
   //
   if (!sizeof($userdata) || !is_array($userdata) || !$userdata)
   {
      $sessiondata['autologinid'] = '';
      $sessiondata['userid'] = $user_id = ANONYMOUS;
      $enable_autologin = $login = 0;

      $sql = 'SELECT *
         FROM ' . USERS_TABLE . '
         WHERE user_id = ' . (int) $user_id;
      if (!($result = $db->sql_query($sql)))
      {
         message_die(CRITICAL_ERROR, 'Error doing DB query userdata row fetch', '', __LINE__, __FILE__, $sql);
      }

      $userdata = $db->sql_fetchrow($result);
      $db->sql_freeresult($result);

   {// ( $userdata['user_session_time'] > $expiry_time && $auto_create ) ? $userdata['user_lastvisit'] : (

   {

      $sessiondata['autologinid'] = (!$admin) ? (( $enable_autologin && $sessionmethod == SESSION_METHOD_COOKIE ) ? $auto_login_key : '') : $sessiondata['autologinid'];

      //
      // Regenerate the auto-login key
      //
      if ($enable_autologin)
      {
         list($sec, $usec) = explode(' ', microtime());
         mt_srand(hexdec(substr($session_id, 0, 8)) + (float) $sec + ((float) $usec * 1000000));
         $auto_login_key = uniqid(mt_rand(), true);
         
         if (isset($sessiondata['autologinid']) && (string) $sessiondata['autologinid'] != '')
         {
            $sql = 'UPDATE ' . SESSIONS_KEYS_TABLE . "
               SET last_ip = '$user_ip', key_id = '" . md5($auto_login_key) . "', last_login = $current_time
               WHERE key_id = '" . md5($sessiondata['autologinid']) . "'";
         }
         else
         {
            $sql = 'INSERT INTO ' . SESSIONS_KEYS_TABLE . "(key_id, user_id, last_ip, last_login)
               VALUES ('" . md5($auto_login_key) . "', $user_id, '$user_ip', $current_time)";
         }

         if ( !$db->sql_query($sql) )
         {
            message_die(CRITICAL_ERROR, 'Error updating session key', '', __LINE__, __FILE__, $sql);
         }
         
         $sessiondata['autologinid'] = $auto_login_key;
         unset($auto_login_key);
      }
      else
      {
         $sessiondata['autologinid'] = '';
      }

//      $sessiondata['autologinid'] = (!$admin) ? (( $enable_autologin && $sessionmethod == SESSION_METHOD_COOKIE ) ? $auto_login_key : '') : $sessiondata['autologinid'];

   $userdata['session_admin'] = $admin;

   $userdata['session_key'] = $sessiondata['autologinid'];

               //
               // Delete expired sessions
               //
               $expiry_time = $current_time - $board_config['session_length'];

               $sql = "DELETE FROM " . SESSIONS_TABLE . "
                  WHERE session_time < $expiry_time
                     AND session_id <> '$session_id'";
               if ( !$db->sql_query($sql) )
               {
                  message_die(CRITICAL_ERROR, 'Error clearing sessions table', '', __LINE__, __FILE__, $sql);
               }

               session_clean($userdata['session_id']);

//
// session_end closes out a session
// deleting the corresponding entry
// in the sessions table
//
function session_end($session_id, $user_id)
{
   global $db, $lang, $board_config;

/**
* Terminates the specified session
* It will delete the entry in the sessions table for this session,
* remove the corresponding auto-login key and reset the cookies
*/
function session_end($session_id, $user_id)
{
   global $db, $lang, $board_config, $userdata;

   //
   // Pull cookiedata or grab the URI propagated sid
   //
   if ( isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) )
   {
      $session_id = isset( $HTTP_COOKIE_VARS[$cookiename . '_sid'] ) ? $HTTP_COOKIE_VARS[$cookiename . '_sid'] : '';
      $sessionmethod = SESSION_METHOD_COOKIE;
   }
   else
   {
      $session_id = ( isset($HTTP_GET_VARS['sid']) ) ? $HTTP_GET_VARS['sid'] : '';
      $sessionmethod = SESSION_METHOD_GET;
   }

   $sql = "DELETE FROM " . SESSIONS_TABLE . "

   $sql = 'DELETE FROM ' . SESSIONS_TABLE . "

      message_die(CRITICAL_ERROR, 'Error removing user session', '', __LINE__, __FILE__, $sql);
   }

   //
   // Remove this auto-login entry (if applicable)
   //
   if ( isset($userdata['session_key']) && $userdata['session_key'] != '' )
   {
      $autologin_key = md5($userdata['session_key']);
      $sql = 'DELETE FROM ' . SESSIONS_KEYS_TABLE . '
         WHERE user_id = ' . (int) $user_id . "
            AND key_id = '$autologin_key'";
      if ( !$db->sql_query($sql) )
      {
         message_die(CRITICAL_ERROR, 'Error removing auto-login key', '', __LINE__, __FILE__, $sql);
      }
   }

   //
   // We expect that message_die will be called after this function,
   // but just in case it isn't, reset $userdata to the details for a guest
   //
   $sql = 'SELECT *
      FROM ' . USERS_TABLE . '
      WHERE user_id = ' . ANONYMOUS;
   if ( !($result = $db->sql_query($sql)) )
   {
      message_die(CRITICAL_ERROR, 'Error obtaining user details', '', __LINE__, __FILE__, $sql);
   }
   if ( !($userdata = $db->sql_fetchrow($result)) )
   {
      message_die(CRITICAL_ERROR, 'Error obtaining user details', '', __LINE__, __FILE__, $sql);
   }
   $db->sql_freeresult($result);

   setcookie($cookiename . '_data', '', $current_time - 31536000, $cookiepath, $cookiedomain, $cookiesecure);
   setcookie($cookiename . '_sid', '', $current_time - 31536000, $cookiepath, $cookiedomain, $cookiesecure);

   return true;
}

/**
* Removes expired sessions and auto-login keys from the database
*/
function session_clean($session_id)
{
   global $board_config, $db;

   //
   // Delete expired sessions
   //
   $sql = 'DELETE FROM ' . SESSIONS_TABLE . '
      WHERE session_time < ' . (time() - (int) $board_config['session_length']) . "
         AND session_id <> '$session_id'";
   if ( !$db->sql_query($sql) )
   {
      message_die(CRITICAL_ERROR, 'Error clearing sessions table', '', __LINE__, __FILE__, $sql);
   }

   //
   // Delete expired auto-login keys
   // If max_autologin_time is not set then keys will never be deleted
   // (same behaviour as old 2.0.x session code)
   //
   if (!empty($board_config['max_autologin_time']) && $board_config['max_autologin_time'] > 0)
   {
      $sql = 'DELETE FROM ' . SESSIONS_KEYS_TABLE . '
         WHERE last_login < ' . (time() - (86400 * (int) $board_config['max_autologin_time']));
      $db->sql_query($sql);
   }

   return true;
}

      $url .= ( ( strpos($url, '?') != false ) ?  ( ( $non_html_amp ) ? '&' : '&amp;' ) : '?' ) . $SID;

      $url .= ( ( strpos($url, '?') !== false ) ?  ( ( $non_html_amp ) ? '&' : '&amp;' ) : '?' ) . $SID;

function server_parse($socket, $response, $line = __LINE__)
{
   while (substr($server_response, 3, 1) != ' ')

function server_parse($socket, $response, $line = __LINE__)
{
   $server_response = '';
   while (substr($server_response, 3, 1) != ' ')

      if (intval($board_config['require_activation']) == USER_ACTIVATION_ADMIN && $userdata['user_level'] != ADMIN)
      {
         message_die(GENERAL_MESSAGE, $lang['Not_Authorised']);

      if (intval($board_config['require_activation']) == USER_ACTIVATION_ADMIN && $row['user_newpasswd'] == '')
      {
         if (!$userdata['session_logged_in'])
         {
            redirect(append_sid('login.' . $phpEx . '?redirect=profile.' . $phpEx . '&mode=activate&' . POST_USERS_URL . '=' . $row['user_id'] . '&act_key=' . trim($HTTP_GET_VARS['act_key'])));
         }
         else if ($userdata['user_level'] != ADMIN)
         {
            message_die(GENERAL_MESSAGE, $lang['Not_Authorised']);
         }

function user_avatar_gallery($mode, &$error, &$error_msg, $avatar_filename)
{
   global $board_config;

   $avatar_filename = str_replace(array('../', '..\\', './', '.\\'), '', $avatar_filename);
   if ($avatar_filename{0} == '/' || $avatar_filename{0} == "\\")
   {
      return '';
   }

   if ( file_exists(@phpbb_realpath($board_config['avatar_gallery_path'] . '/' . $avatar_filename)) && ($mode == 'editprofile') )
   {
      $return = ", user_avatar = '" . str_replace("\'", "''", $avatar_filename) . "', user_avatar_type = " . USER_AVATAR_GALLERY;

function user_avatar_gallery($mode, &$error, &$error_msg, $avatar_filename, $avatar_category)
{
   global $board_config;

   $avatar_filename = phpbb_ltrim(basename($avatar_filename), "'");
   $avatar_category = phpbb_ltrim(basename($avatar_category), "'");
   
   if(!preg_match('/(\.gif$|\.png$|\.jpg|\.jpeg)$/is', $avatar_filename))
   {
      return '';
   }

   if ($avatar_filename == "" || $avatar_category == "")
   {
      return '';
   }

   if ( file_exists(@phpbb_realpath($board_config['avatar_gallery_path'] . '/' . $avatar_category . '/' . $avatar_filename)) && ($mode == 'editprofile') )
   {
      $return = ", user_avatar = '" . str_replace("\'", "''", $avatar_category . '/' . $avatar_filename) . "', user_avatar_type = " . USER_AVATAR_GALLERY;

   if ( $avatar_mode == 'remote' && preg_match('/^(http:\/\/)?([\w\-\.]+)\:?([0-9]*)\/(.*)$/', $avatar_filename, $url_ary) )

   $width = $height = 0;
   $type = '';

         list($width, $height) = @getimagesize($tmp_filename);

         list($width, $height, $type) = @getimagesize($tmp_filename);

      list($width, $height) = @getimagesize($avatar_filename);

      list($width, $height, $type) = @getimagesize($avatar_filename);

   if ( $width > 0 && $height > 0 && $width <= $board_config['avatar_max_width'] && $height <= $board_config['avatar_max_height'] )

   switch ($type)
   {
      // GIF
      case 1:
         if ($imgtype != '.gif')
         {
            @unlink($tmp_filename);
            message_die(GENERAL_ERROR, 'Unable to upload file', '', __LINE__, __FILE__);
         }
      break;

      // JPG, JPC, JP2, JPX, JB2
      case 2:
      case 9:
      case 10:
      case 11:
      case 12:
         if ($imgtype != '.jpg' && $imgtype != '.jpeg')
         {
            @unlink($tmp_filename);
            message_die(GENERAL_ERROR, 'Unable to upload file', '', __LINE__, __FILE__);
         }
      break;

      // PNG
      case 3:
         if ($imgtype != '.png')
         {
            @unlink($tmp_filename);
            message_die(GENERAL_ERROR, 'Unable to upload file', '', __LINE__, __FILE__);
         }
      break;

      default:
         @unlink($tmp_filename);
         message_die(GENERAL_ERROR, 'Unable to upload file', '', __LINE__, __FILE__);
   }

         if ( file_exists(@phpbb_realpath('./' . $board_config['avatar_path'] . '/' . $current_avatar)) )
         {
            @unlink('./' . $board_config['avatar_path'] . '/' . $current_avatar);
         }

         user_avatar_delete($current_type, $current_avatar);

               $avatar_images[$file][$avatar_row_count][$avatar_col_count] = $file . '/' . $sub_file;

               $avatar_images[$file][$avatar_row_count][$avatar_col_count] = $sub_file;

            "AVATAR_IMAGE" => $board_config['avatar_gallery_path'] . '/' . $avatar_images[$category][$i][$j],

            "AVATAR_IMAGE" => $board_config['avatar_gallery_path'] . '/' . $category . '/' . $avatar_images[$category][$i][$j],

   $s_hidden_vars = '<input type="hidden" name="sid" value="' . $session_id . '" /><input type="hidden" name="agreed" value="true" />';

   $s_hidden_vars = '<input type="hidden" name="sid" value="' . $session_id . '" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="avatarcatname" value="' . $category . '" />';

$error = FALSE;

$error_msg = '';

      $attachsig = ( isset($HTTP_POST_VARS['attachsig']) ) ? ( ($HTTP_POST_VARS['attachsig']) ? TRUE : 0 ) : 0;

      $attachsig = ( isset($HTTP_POST_VARS['attachsig']) ) ? ( ($HTTP_POST_VARS['attachsig']) ? TRUE : 0 ) : $userdata['user_attachsig'];

   $user_avatar_local = ( isset($HTTP_POST_VARS['avatarselect']) && !empty($HTTP_POST_VARS['submitavatar']) && $board_config['allow_avatar_local'] ) ? htmlspecialchars($HTTP_POST_VARS['avatarselect']) : ( ( isset($HTTP_POST_VARS['avatarlocal'])  ) ? htmlspecialchars($HTTP_POST_VARS['avatarlocal']) : '' );

   $user_avatar_category = ( isset($HTTP_POST_VARS['avatarcatname']) && $board_config['allow_avatar_local'] ) ? htmlspecialchars($HTTP_POST_VARS['avatarcatname']) : '' ;

   $user_avatar = ( empty($user_avatar_loc) && $mode == 'editprofile' ) ? $userdata['user_avatar'] : '';
   $user_avatar_type = ( empty($user_avatar_loc) && $mode == 'editprofile' ) ? $userdata['user_avatar_type'] : '';

   $user_avatar = ( empty($user_avatar_local) && $mode == 'editprofile' ) ? $userdata['user_avatar'] : '';
   $user_avatar_type = ( empty($user_avatar_local) && $mode == 'editprofile' ) ? $userdata['user_avatar_type'] : '';

      $signature = stripslashes($signature);

      $signature = htmlspecialchars(stripslashes($signature));

         $user_avatar = $user_avatar_local;

         $user_avatar = $user_avatar_category . '/' . $user_avatar_local;

      if ( $signature_bbcode_uid == '' )

      if ( !isset($signature_bbcode_uid) || $signature_bbcode_uid == '' )

      if ( @file_exists(@phpbb_realpath('./' . $board_config['avatar_path'] . '/' . $userdata['user_avatar'])) )
      {
         @unlink(@phpbb_realpath('./' . $board_config['avatar_path'] . '/' . $userdata['user_avatar']));
      }

      user_avatar_delete($userdata['user_avatar_type'], $userdata['user_avatar']);

      if ( @file_exists(@phpbb_realpath('./' . $board_config['avatar_path'] . '/' . $userdata['user_avatar'])) )
      {
         @unlink(@phpbb_realpath('./' . $board_config['avatar_path'] . '/' . $userdata['user_avatar']));
      }
      $avatar_sql = user_avatar_gallery($mode, $error, $error_msg, $user_avatar_local);

      user_avatar_delete($userdata['user_avatar_type'], $userdata['user_avatar']);
      $avatar_sql = user_avatar_gallery($mode, $error, $error_msg, $user_avatar_local, $user_avatar_category);

            $emailer->from($board_config['board_email']);
            $emailer->replyto($board_config['board_email']);

            $emailer->use_template('user_activate', stripslashes($user_lang));
            $emailer->email_address($email);
            $emailer->set_subject($lang['Reactivate']);

            $emailer->assign_vars(array(
               'SITENAME' => $board_config['sitename'],
               'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $username), 0, 25)),
               'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '',

               'U_ACTIVATE' => $server_url . '?mode=activate&' . POST_USERS_URL . '=' . $user_id . '&act_key=' . $user_actkey)
            );
            $emailer->send();
            $emailer->reset();

             if ( $board_config['require_activation'] != USER_ACTIVATION_ADMIN )
             {
                $emailer->from($board_config['board_email']);
                $emailer->replyto($board_config['board_email']);
 
                $emailer->use_template('user_activate', stripslashes($user_lang));
                $emailer->email_address($email);
                $emailer->set_subject($lang['Reactivate']);
 
                $emailer->assign_vars(array(
                   'SITENAME' => $board_config['sitename'],
                   'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $username), 0, 25)),
                   'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '',
 
                   'U_ACTIVATE' => $server_url . '?mode=activate&' . POST_USERS_URL . '=' . $user_id . '&act_key=' . $user_actkey)
                );
                $emailer->send();
                $emailer->reset();
             }
             else if ( $board_config['require_activation'] == USER_ACTIVATION_ADMIN )
             {
                $sql = 'SELECT user_email, user_lang
                   FROM ' . USERS_TABLE . '
                   WHERE user_level = ' . ADMIN;
                
                if ( !($result = $db->sql_query($sql)) )
                {
                   message_die(GENERAL_ERROR, 'Could not select Administrators', '', __LINE__, __FILE__, $sql);
                }
                
                while ($row = $db->sql_fetchrow($result))
                {
                   $emailer->from($board_config['board_email']);
                   $emailer->replyto($board_config['board_email']);
                   
                   $emailer->email_address(trim($row['user_email']));
                   $emailer->use_template("admin_activate", $row['user_lang']);
                   $emailer->set_subject($lang['Reactivate']);
 
                   $emailer->assign_vars(array(
                      'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $username), 0, 25)),
                      'EMAIL_SIG' => str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']),
 
                      'U_ACTIVATE' => $server_url . '?mode=activate&' . POST_USERS_URL . '=' . $user_id . '&act_key=' . $user_actkey)
                   );
                   $emailer->send();
                   $emailer->reset();
                }
                $db->sql_freeresult($result);
             }

   display_avatar_gallery($mode, $avatar_category, $user_id, $email, $current_email, $coppa, $username, $email, &$new_password, &$cur_password, $password_confirm, $icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature, $viewemail, $notifypm, $popup_pm, $notifyreply, $attachsig, $allowhtml, $allowbbcode, $allowsmilies, $allowviewonline, $user_style, $user_lang, $user_timezone, $user_dateformat, $userdata['session_id']);

   display_avatar_gallery($mode, $avatar_category, $user_id, $email, $current_email, $coppa, $username, $email, $new_password, $cur_password, $password_confirm, $icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature, $viewemail, $notifypm, $popup_pm, $notifyreply, $attachsig, $allowhtml, $allowbbcode, $allowsmilies, $allowviewonline, $user_style, $user_lang, $user_timezone, $user_dateformat, $userdata['session_id']);

   if ( !isset($user_template) )
   {
      $selected_template = $board_config['system_template'];

   if ( !isset($user_style) )
   {
      $user_style = $board_config['default_style'];

      $s_hidden_fields .= '<input type="hidden" name="avatarlocal" value="' . $user_avatar_local . '" />';

      $s_hidden_fields .= '<input type="hidden" name="avatarlocal" value="' . $user_avatar_local . '" /><input type="hidden" name="avatarcatname" value="' . $user_avatar_category . '" />';

         $key_len = ( $str_len > 6 ) ? $key_len : 6;

         $key_len = ($key_len > 6) ? $key_len : 6;

$search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . $lang['Search_user_posts'] . '" title="' . sprintf($lang['Search_user_posts'], $profiledata['username']) . '" border="0" /></a>';

$search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . sprintf($lang['Search_user_posts'], $profiledata['username']) . '" title="' . sprintf($lang['Search_user_posts'], $profiledata['username']) . '" border="0" /></a>';

>Hello {USERNAME},

Hello,

$lang['Visual_confirm'] = 'Enable Visual Confirmation';
$lang['Visual_confirm_explain'] = 'Requires users enter a code defined by an image when registering.';

// Autologin Keys - added 2.0.18
$lang['Allow_autologin'] = 'Allow automatic logins';
$lang['Allow_autologin_explain'] = 'Determines whether users are allowed to select to be automatically logged in when visiting the forum';
$lang['Autologin_time'] = 'Automatic login key expiry';
$lang['Autologin_time_explain'] = 'How long a autologin key is valid for in days if the user does not visit the board. Set to zero to disable expiry.';