Mainly updates for additional/altered admin permission options ... note, you MUST empty your current auth_options table and insert the list from the mysql_basic, you will also need to empty the auth_user/auth_group tables and re-assign permissions, and you should clear the $acl_options array in config_cache

git-svn-id: file:///svn/phpbb/trunk@3020 89ea8834-ac86-4346-8a33-228a782c2dd0
2025-06-28 06:08:52 +00:00 · 2002-11-09 00:04:18 +00:00 · 2002-11-09 00:04:18 +00:00 · 1405e47fc1
commit 1405e47fc1
parent 1c5f838a2d
18 changed files with 845 additions and 908 deletions
--- a/phpBB/admin/admin_ban.php
+++ b/phpBB/admin/admin_ban.php
@ -44,7 +44,7 @@ require('pagestart.' . $phpEx);
 // Do we have ban permissions?
 if (!$auth->acl_get('a_ban'))
 {
-	return;
+	trigger_error($user->lang['NO_ADMIN']);
 }
 // Mode setting
@ -509,7 +509,7 @@ switch ( $mode )
 		<td class="row2"><input type="text" name="banreason" maxlength="255" size="40" /></td>
 	</tr>
 	<tr>
-		<td class="cat" colspan="2" align="center"> <input type="submit" name="bansubmit" value="<?php echo $user->lang['Submit']; ?>" class="mainoption" />&nbsp; <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" />&nbsp; <?php echo $s_submit_extra; ?></td>
+		<td class="cat" colspan="2" align="center"> <input type="submit" name="bansubmit" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" />&nbsp; <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" />&nbsp; <?php echo $s_submit_extra; ?></td>
 	</tr>
 </table>
@ -545,7 +545,7 @@ switch ( $mode )
 ?>
 	</tr>
 	<tr>
-		<td class="cat" colspan="2" align="center"><input type="submit" name="unbansubmit" value="<?php echo $user->lang['Submit']; ?>" class="mainoption" /></td>
+		<td class="cat" colspan="2" align="center"><input type="submit" name="unbansubmit" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" /></td>
 	</tr>
 </table></form>
--- a/phpBB/admin/admin_board.php
+++ b/phpBB/admin/admin_board.php
@ -21,43 +21,66 @@
 if (!empty($setmodules))
 {
 	if ( !$auth->acl_get('a_general') )
 	{
 		return;
 	}
 	$file = basename(__FILE__);
-	$module['General']['Avatar_settings'] = "$file$SID&amp;mode=avatar";
+	$module['General']['Cookie_settings'] = ($auth->acl_get('a_cookies')) ? "$file$SID&amp;mode=cookie" : '';
-	$module['General']['Cookie_settings'] = "$file$SID&amp;mode=cookie";
+	$module['General']['Board_defaults'] = ($auth->acl_get('a_defaults')) ? "$file$SID&amp;mode=default" : '';
-	$module['General']['Board_defaults'] = "$file$SID&amp;mode=default";
+	$module['General']['Board_settings'] = ($auth->acl_get('a_board')) ? "$file$SID&amp;mode=setting" : '';
-	$module['General']['Board_settings'] = "$file$SID&amp;mode=setting";
+	$module['General']['Avatar_settings'] = ($auth->acl_get('a_board')) ? "$file$SID&amp;mode=avatar" : '';
-	$module['General']['Email_settings'] = "$file$SID&amp;mode=email";
+	$module['General']['Email_settings'] = ($auth->acl_get('a_server')) ? "$file$SID&amp;mode=email" : '';
-	$module['General']['Server_settings'] = "$file$SID&amp;mode=server";
+	$module['General']['Server_settings'] = ($auth->acl_get('a_server')) ? "$file$SID&amp;mode=server" : '';
-	$module['General']['Auth_settings'] = "$file$SID&amp;mode=auth";
+	$module['General']['Auth_settings'] = ($auth->acl_get('a_server')) ? "$file$SID&amp;mode=auth" : '';
 	return;
 }
 // Let's set the root dir for phpBB
 define('IN_PHPBB', 1);
 // Load default header
 $phpbb_root_path = '../';
 require($phpbb_root_path . 'extension.inc');
 require('pagestart.' . $phpEx);
 require($phpbb_root_path . 'includes/functions_admin.' . $phpEx);
-// Are we authed?
+// Get mode
-if ( !$auth->acl_get('a_general') )
+$mode = (isset($_REQUEST['mode'])) ? $_REQUEST['mode'] : '';
 // Check permissions/set title
 switch ($mode)
 {
-	trigger_error($user->lang['No_admin']);
+	case 'cookie':
 		$l_title = 'Cookie_settings';
 		$which_auth = 'a_cookies';
 		break;
 	case 'default':
 		$l_title = 'Board_defaults';
 		$which_auth = 'a_defaults';
 		break;
 	case 'avatar':
 		$l_title = 'Avatar_settings';
 		$which_auth = 'a_board';
 		break;
 	case 'setting':
 		$l_title = 'Board_settings';
 		$which_auth = 'a_board';
 		break;
 	case 'email':
 		$l_title = 'Email_settings';
 		$which_auth = 'a_server';
 		break;
 	case 'server':
 		$l_title = 'Server_settings';
 		$which_auth = 'a_server';
 		break;
 	case 'auth':
 		$l_title = 'Auth_settings';
 		$which_auth = 'a_server';
 		break;
 	default:
 		return;
 }
-// Get mod
+// Check permissions
-if ( isset($_POST['mode']) || isset($_GET['mode']) )
+if (!$auth->acl_get($which_acl))
 {
-	$mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode'];
+	trigger_error($user->lang['NO_ADMIN']);
 }
 else
 {
 	$mode = '';
 }
 // Pull all config data
@ -91,39 +114,6 @@ if ( isset($_POST['submit']) )
 	trigger_error($user->lang['Config_updated']);
 }
 //
 // Which title?
 //
 switch ( $mode )
 {
 	case 'cookie':
 		$l_title = 'Cookie_settings';
 		break;
 	case 'avatar':
 		$l_title = 'Avatar_settings';
 		break;
 	case 'default':
 		$l_title = 'Board_defaults';
 		break;
 	case 'setting':
 		$l_title = 'Board_settings';
 		break;
 	case 'email':
 		$l_title = 'Email_settings';
 		break;
 	case 'server':
 		$l_title = 'Server_settings';
 		break;
 	case 'login':
 		$l_title = 'Server_settings';
 		break;
 	case 'auth':
 		$l_title = 'Auth_settings';
 		break;
 	default:
 		return;
 }
 page_header($user->lang[$l_title]);
 ?>
@ -576,7 +566,7 @@ switch ( $mode )
 ?>
 	<tr>
-		<td class="cat" colspan="2" align="center"><input type="submit" name="submit" value="<?php echo $user->lang['Submit']; ?>" class="mainoption" />&nbsp;&nbsp;<input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" /></td>
+		<td class="cat" colspan="2" align="center"><input type="submit" name="submit" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" />&nbsp;&nbsp;<input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" /></td>
 	</tr>
 </table></form>
--- a/phpBB/admin/admin_database.php
+++ b/phpBB/admin/admin_database.php
@ -21,16 +21,11 @@
 if (!empty($setmodules))
 {
 	if ( !$auth->acl_get('a_general') )
 	{
 		return;
 	}
 	$filename = basename(__FILE__);
-	$module['DB']['DB_Backup'] = $filename . "$SID&amp;mode=backup";
+	$module['DB']['DB_Backup'] = ($auth->acl_get('a_backup')) ? $filename . "$SID&amp;mode=backup" : '';
 	$file_uploads = @ini_get('file_uploads');
-	if (!empty($file_uploads) && $file_uploads !== 0 && strtolower($file_uploads) != 'off' && @phpversion() != '4.0.4pl1' )
+	if (!empty($file_uploads) && $file_uploads !== 0 && strtolower($file_uploads) != 'off' && @phpversion() != '4.0.4pl1' && $auth->acl_get('a_restore'))
 	{
 		$module['DB']['DB_Restore'] = $filename . "$SID&amp;mode=restore";
 	}
@ -39,36 +34,26 @@ if ( !empty($setmodules) )
 }
 define('IN_PHPBB', 1);
 //
 // Load default header
 //
 $phpbb_root_path = '../';
 require($phpbb_root_path . 'extension.inc');
 require('pagestart.' . $phpEx);
 include($phpbb_root_path . 'includes/functions_admin.'.$phpEx);
 //
 // Do we have DB backup/restore permissions?
 //
 if ( !$auth->acl_get('a_general') )
 {
 	message_die(MESSAGE, $user->lang['No_admin']);
 }
 //
 // Increase maximum execution time, but don't complain about it if it isn't
 // allowed.
 //
@set_time_limit(1200);
 $mode = (isset($_GET['mode'])) ? $_GET['mode'] : '';
-//
+// Increase maximum execution time, but don't complain about it if it isn't
 // allowed.
@set_time_limit(1200);
 // Begin program proper
 //
 switch($mode)
 {
 	case 'backup':
 		if (!$auth->acl_get('a_backup'))
 		{
 			trigger_error($user->lang['NO_ADMIN']);
 		}
 		if (SQL_LAYER == 'oracle' || SQL_LAYER == 'odbc' || SQL_LAYER == 'mssql')
 		{
@ -85,7 +70,7 @@ switch( $mode )
 					break;
 			}
-			message_die(MESSAGE, $user->lang['Backups_not_supported']);
+			trigger_error($user->lang['Backups_not_supported']);
 			break;
 		}
@ -258,7 +243,7 @@ switch( $mode )
 			case 'zip':
 				$extension = 'zip';
 				$zip = new zipfile;
-				$zip->addFile(ob_get_contents(), "phpbb_db_backup.sql", time());
+				$zip->add_file(ob_get_contents(), "phpbb_db_backup.sql", time());
 				ob_end_clean();
 				$contents = $zip->file();
 				break;
@ -301,13 +286,17 @@ switch( $mode )
 			fclose($fp);
 			unset($contents);
-			message_die(MESSAGE, $user->lang['Backup_success']);
+			trigger_error($user->lang['Backup_success']);
 		}
 		exit;
 		break;
 	case 'restore':
 		if (!$auth->acl_get('a_restore'))
 		{
 			trigger_error($user->lang['No_admin']);
 		}
 		if (isset($_POST['restorestart']))
 		{
@ -328,19 +317,19 @@ switch( $mode )
 			if ($file_tmpname == '' || $filename == '' || !file_exists($file_tmpname))
 			{
-				message_die(MESSAGE, $user->lang['Restore_Error_no_file']);
+				trigger_error($user->lang['Restore_Error_no_file']);
 			}
 			$ext = substr($filename, strrpos($filename, '.') + 1);
 			if (!preg_match('/^(sql|gz|bz2)$/', $ext))
 			{
-				message_die(MESSAGE, $user->lang['Restore_Error_filename']);
+				trigger_error($user->lang['Restore_Error_filename']);
 			}
 			if ((!extension_loaded('zlib') && $ext == 'gz') || (!extension_loaded('zip') && $ext == 'zip') || ($ext == 'bz2' && !extension_loaded('bz2')))
 			{
-				message_die(MESSAGE, $user->lang['Compress_unsupported']);
+				trigger_error($user->lang['Compress_unsupported']);
 			}
 			$sql_query = '';
@ -359,6 +348,9 @@ switch( $mode )
 					$sql_query = bzdecompress(fread(fopen($file_tmpname, 'rb'), filesize($file_tmpname)));
 					break;
 				case 'zip':
 				default;
 					$sql_query = fread(fopen($file_tmpname, 'r'), filesize($file_tmpname));
 			}
@ -383,7 +375,7 @@ switch( $mode )
 			add_admin_log('log_db_restore');
-			message_die(MESSAGE, $user->lang['Restore_success']);
+			trigger_error($user->lang['Restore_success']);
 		}
 		//
@ -434,6 +426,7 @@ switch( $mode )
 		break;
 	default:
 		trigger_error($user->lang['No_admin']);
 		exit;
 }
@ -743,21 +736,13 @@ function get_table_def_mysql($table, $crlf)
 	$field_query = "SHOW FIELDS FROM $table";
 	$key_query = "SHOW KEYS FROM $table";
 	//
 	// If the user has selected to drop existing tables when doing a restore.
 	// Then we add the statement to drop the tables....
 	//
 	$schema_create .= "DROP TABLE IF EXISTS $table;$crlf";
 	$schema_create .= "CREATE TABLE $table($crlf";
 	//
 	// Ok lets grab the fields...
 	//
 	$result = $db->sql_query($field_query);
 	if(!result)
 	{
 		message_die(GENERAL_ERROR, "Failed in get_table_def (show fields)", "", __LINE__, __FILE__, $field_query);
 	}
 	while ($row = $db->sql_fetchrow($result))
 	{
@ -807,7 +792,7 @@ function get_table_def_mysql($table, $crlf)
 		$index[$kname][] = $row['Column_name'];
 	}
-	while(list($x, $columns) = @each($index))
+	foreach ($index as $x => $columns)
 	{
 		$schema_create .= ", $crlf";
@ -856,10 +841,7 @@ function get_table_content_postgresql($table, $handler)
 {
 	global $db;
 	//
 	// Grab all of the data from current table.
 	//
 	$result = $db->sql_query("SELECT * FROM $table");
 	$i_num_fields = $db->sql_numfields($result);
@ -877,19 +859,18 @@ function get_table_content_postgresql($table, $handler)
 		unset($schema_vals);
 		unset($schema_fields);
 		unset($schema_insert);
-		//
+
 		// Build the SQL statement to recreate the data.
 		//
 		for($i = 0; $i < $i_num_fields; $i++)
 		{
 			$strVal = $row[$aryName[$i]];
-			if (eregi("char|text|bool", $aryType[$i]))
+			if (preg_match('#char|text|bool#i', $aryType[$i]))
 			{
 				$strQuote = "'";
 				$strEmpty = "";
 				$strVal = addslashes($strVal);
 			}
-			elseif (eregi("date|timestamp", $aryType[$i]))
+			elseif (preg_match('#date|timestamp#i', $aryType[$i]))
 			{
 				if ($empty($strVal))
 				{
@ -913,18 +894,15 @@ function get_table_content_postgresql($table, $handler)
 			$schema_vals .= " $strQuote$strVal$strQuote,";
 			$schema_fields .= " $aryName[$i],";
 		}
-		$schema_vals = ereg_replace(",$", "", $schema_vals);
+		$schema_vals = preg_replace('#,$#', '', $schema_vals);
-		$schema_vals = ereg_replace("^ ", "", $schema_vals);
+		$schema_vals = preg_replace('#^ #', '', $schema_vals);
-		$schema_fields = ereg_replace(",$", "", $schema_fields);
+		$schema_fields = preg_replace('#,$#', '', $schema_fields);
-		$schema_fields = ereg_replace("^ ", "", $schema_fields);
+		$schema_fields = preg_replace('#^ #', '', $schema_fields);
 		//
 		// Take the ordered fields and their associated data and build it
 		// into a valid sql statement to recreate that field in the data.
 		//
 		$schema_insert = "INSERT INTO $table ($schema_fields) VALUES($schema_vals);";
 		$handler(trim($schema_insert));
@ -941,14 +919,11 @@ function get_table_content_postgresql($table, $handler)
 function get_table_content_mysql($table, $handler)
 {
 	global $db;
-	//
+
 	// Grab the data from the table.
 	//
 	$result = $db->sql_query("SELECT * FROM $table");
 	//
 	// Loop through the resulting rows and build the sql statement.
 	//
 	$schema_insert = "";
 	if ($row = $db->sql_fetchrow($result))
 	{
@ -970,7 +945,7 @@ function get_table_content_mysql($table, $handler)
 			//
 			// Get rid of the last comma
 			//
-			$table_list = ereg_replace(', $', '', $table_list);
+			$table_list = preg_replace('#, $#', '', $table_list);
 			$table_list .= ')';
 			//
 			// Start building the SQL statement.
@ -1003,7 +978,7 @@ function get_table_content_mysql($table, $handler)
 			//
 			// Get rid of the the last comma.
 			//
-			$schema_insert = ereg_replace(',$', '', $schema_insert);
+			$schema_insert = preg_replace('#,$#', '', $schema_insert);
 			$schema_insert .= ');';
 			//
 			// Go ahead and send the insert statement to the handler function.
@ -1041,7 +1016,7 @@ class zipfile
 	var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
 	var $old_offset   = 0;
-	function unix2DosTime($unixtime = 0)
+	function unix_to_dos_time($unixtime = 0)
 	{
 		$timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);
@ -1059,11 +1034,11 @@ class zipfile
 				($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);
 	}
-	function addFile($data, $name, $time = 0)
+	function add_file($data, $name, $time = 0)
 	{
 		$name     = str_replace('\\', '/', $name);
-		$dtime    = dechex($this->unix2DosTime($time));
+		$dtime    = dechex($this->unix_to_dos_time($time));
 		$hexdtime = '\x' . $dtime[6] . $dtime[7]
 				  . '\x' . $dtime[4] . $dtime[5]
 				  . '\x' . $dtime[2] . $dtime[3]
@ -1140,7 +1115,6 @@ class zipfile
 			pack('V', strlen($data)) .              // offset to start of central dir
 			"\x00\x00";                             // .zip file comment length
 	}
 }
 //
--- a/phpBB/admin/admin_disallow.php
+++ b/phpBB/admin/admin_disallow.php
@ -23,41 +23,34 @@ define('IN_PHPBB', 1);
 if(!empty($setmodules))
 {
-	if ( !$auth->acl_get('a_user') )
+	if (!$auth->acl_get('a_names'))
 	{
 		return;
 	}
-	$filename = basename(__FILE__);
+	$module['Users']['Disallow'] = basename(__FILE__) . $SID;
 	$module['Users']['Disallow'] = $filename . $SID;
 	return;
 }
 define('IN_PHPBB', 1);
 //
 // Include files
 //
 $phpbb_root_path = '../';
 require($phpbb_root_path . 'extension.inc');
 require('pagestart.' . $phpEx);
-//
+// Check permissions
-// Do we have user admin permissions?
+if (!$auth->acl_get('a_names'))
 //
 if ( !$auth->acl_get('a_user') )
 {
-	return;
+	trigger_error($user->lang['NO_ADMIN']);
 }
 if (isset($_POST['add_name']))
 {
 	include($phpbb_root_path . 'includes/functions_validate.'.$phpEx);
 	$disallowed_user = (isset($_POST['disallowed_user'])) ? $_POST['disallowed_user'] : $_GET['disallowed_user'];
 	$disallowed_user = str_replace('*', '%', $disallowed_user);
-	if ( !validate_username($disallowed_user) )
+	if (validate_username($disallowed_user))
 	{
 		$message = $user->lang['Disallowed_already'];
 	}
@ -92,9 +85,7 @@ else if( isset($_POST['delete_name']) )
 }
 //
 // Grab the current list of disallowed usernames...
 //
 $sql = "SELECT *
 	FROM " . DISALLOW_TABLE;
 $result = $db->sql_query($sql);
--- a/phpBB/admin/admin_email.php
+++ b/phpBB/admin/admin_email.php
@ -21,31 +21,26 @@
 if (!empty($setmodules))
 {
-	if ( !$auth->acl_get('a_general') )
+	if (!$auth->acl_get('a_email'))
 	{
 		return;
 	}
-	$filename = basename(__FILE__);
+	$module['General']['Mass_Email'] = basename(__FILE__) . $SID;
 	$module['General']['Mass_Email'] = $filename . $SID;
 	return;
 }
 define('IN_PHPBB', 1);
 //
 // Include files
 //
 $phpbb_root_path = '../';
 require($phpbb_root_path . 'extension.inc');
 require('pagestart.' . $phpEx);
-//
+// Check permissions
-// Do we have general admin permissions?
+if (!$auth->acl_get('a_email'))
 //
 if ( !$auth->acl_get('a_general') )
 {
-	return;
+	trigger_error($user->lang['NO_ADMIN']);
 }
 //
@ -163,7 +158,7 @@ page_header($user->lang['Mass_Email']);
 <p><?php echo $user->lang['Mass_email_explain']; ?></p>
-<form method="post" action="<?php echo "admin_mass_email.$phpEx$SID"; ?>"><table cellspacing="1" cellpadding="4" border="0" align="center" bgcolor="#98AAB1">
+<form method="post" action="admin_mass_email.<?php echo $phpEx.$SID; ?>"><table cellspacing="1" cellpadding="4" border="0" align="center" bgcolor="#98AAB1">
 	<tr>
 		<th colspan="2"><?php echo $user->lang['Compose']; ?></th>
 	</tr>
--- a/phpBB/admin/admin_forums.php
+++ b/phpBB/admin/admin_forums.php
@ -21,45 +21,47 @@
 if (!empty($setmodules))
 {
-	if (!$auth->acl_get('a_forum'))
+	if (!$auth->acl_gets('a_forum', 'a_forumadd', 'a_forumdel'))
 	{
 		return;
 	}
-	$file = basename(__FILE__);
+	$module['Forums']['Manage'] = basename(__FILE__) . $SID;
 	$module['Forums']['Manage'] = $file . $SID;
 	return;
 }
 define('IN_PHPBB', 1);
 //
 // Include files
 //
 $phpbb_root_path = '../';
 require($phpbb_root_path . 'extension.inc');
 require('pagestart.' . $phpEx);
 include($phpbb_root_path . 'includes/functions_admin.'.$phpEx);
-//
+// Get mode
-// Do we have forum admin permissions?
+$mode = (isset($_REQUEST['mode'])) ? $_REQUEST['mode'] : '';
-//
+
 // Do we have permissions?
 switch ($mode)
 {
 	case 'add':
 		if (!$auth->acl_get('a_forumadd'))
 		{
 			trigger_error($user->lang['NO_ADMIN']);
 		}
 	case 'del':
 		if (!$auth->acl_get('a_forumdel'))
 		{
 			trigger_error($user->lang['NO_ADMIN']);
 		}
 	default:
 		if (!$auth->acl_get('a_forum'))
 		{
-	message_die(MESSAGE, $user->lang['No_admin']);
+			trigger_error($user->lang['NO_ADMIN']);
-}
+		}
 //
 // Mode setting
 //
 if (isset($_POST['mode']) || isset($_GET['mode']))
 {
 	$mode = (!empty($_POST['mode'])) ? $_POST['mode'] : $_GET['mode'];
 }
 else
 {
 	$mode = '';
 }
 // Major routines
 switch ($mode)
 {
 	case 'move_up':
@ -355,15 +357,13 @@ switch ($mode)
 	break;
 	case 'forum_sync':
-		sync('forum', intval($_GET[POST_FORUM_URL]));
+		sync('forum', intval($_GET['f']));
 		$show_index = TRUE;
 	break;
 	case 'add':
 	case 'edit':
 		//
 		// Show form to create/modify a forum
 		//
 		if ($mode == 'edit')
 		{
 			$forum_id = intval($_GET['f']);
--- a/phpBB/admin/admin_permissions.php
+++ b/phpBB/admin/admin_permissions.php
@ -21,16 +21,11 @@
 if (!empty($setmodules))
 {
 	if ( !$auth->acl_get('a_auth') )
 	{
 		return;
 	}
 	$filename = basename(__FILE__);
-	$module['Forums']['Permissions']   = $filename . $SID . '&amp;mode=forums';
+	$module['Forums']['PERMISSIONS'] = ($auth->acl_get('a_auth')) ? $filename . $SID . '&amp;mode=forums' : '';
-	$module['Forums']['Moderators']   = $filename . $SID . '&amp;mode=moderators';
+	$module['Forums']['MODERATORS'] = ($auth->acl_get('a_authmods')) ? $filename . $SID . '&amp;mode=moderators' : '';
-	$module['Forums']['Super_Moderators']   = $filename . $SID . '&amp;mode=supermoderators';
+	$module['Forums']['SUPER_MODERATORS'] = ($auth->acl_get('a_authmods')) ? $filename . $SID . '&amp;mode=supermoderators' : '';
-	$module['General']['Administrators']   = $filename . $SID . '&amp;mode=administrators';
+	$module['General']['ADMINISTRATORS'] = ($auth->acl_get('a_authadmins')) ? $filename . $SID . '&amp;mode=administrators' : '';
 	return;
 }
@ -43,16 +38,10 @@ require($phpbb_root_path . 'extension.inc');
 require('pagestart.' . $phpEx);
 require($phpbb_root_path . 'includes/functions_admin.'.$phpEx);
 // Do we have forum admin permissions?
 if ( !$auth->acl_get('a_auth') )
 {
 	trigger_error($user->lang['No_admin']);
 }
 // Define some vars
-if ( isset($_GET['f']) || isset($_POST['f']) )
+if (isset($_REQUEST['f']))
 {
-	$forum_id = ( isset($_POST['f']) ) ? intval($_POST['f']) : intval($_GET['f']);
+	$forum_id = intval($_REQUEST['f']);
 	$forum_sql = " WHERE forum_id = $forum_id";
 }
 else
@ -61,43 +50,42 @@ else
 	$forum_sql = '';
 }
-if ( isset($_GET['mode']) || isset($_POST['mode']) )
+$mode = (isset($_REQUEST['mode'])) ? $_REQUEST['mode'] : '';
 {
 	$mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode'];
 }
 else
 {
 	$mode = '';
 }
 // Start program proper
 switch ($mode)
 {
 	case 'forums':
-		$l_title = $user->lang['Permissions'];
+		$l_title = $user->lang['PERMISSIONS'];
-		$l_title_explain = $user->lang['Permissions_explain'];
+		$l_title_explain = $user->lang['PERMISSIONS_EXPLAIN'];
-		$l_can = '_can';
+		$which_acl = 'a_auth';
 		break;
 	case 'moderators':
-		$l_title = $user->lang['Moderators'];
+		$l_title = $user->lang['MODERATORS'];
-		$l_title_explain = $user->lang['Moderators_explain'];
+		$l_title_explain = $user->lang['MODERATORS_EXPLAIN'];
-		$l_can = '_can';
+		$which_acl = 'a_authmods';
 		break;
 	case 'supermoderators':
-		$l_title = $user->lang['Super_Moderators'];
+		$l_title = $user->lang['SUPER_MODERATORS'];
-		$l_title_explain = $user->lang['Super_Moderators_explain'];
+		$l_title_explain = $user->lang['SUPER_MODERATORS_EXPLAIN'];
-		$l_can = '_can';
+		$which_acl = 'a_authmods';
 		break;
 	case 'administrators':
-		$l_title = $user->lang['Administrators'];
+		$l_title = $user->lang['ADMINISTRATORS'];
-		$l_title_explain = $user->lang['Administrators_explain'];
+		$l_title_explain = $user->lang['ADMINISTRATORS_EXPLAIN'];
-		$l_can = '_can_admin';
+		$which_acl = 'a_authadmins';
 		break;
 }
 // Permission check
 if (!$auth->acl_get($which_acl))
 {
 	trigger_error($user->lang['NO_ADMIN']);
 }
 // Call update or delete, both can take multiple user/group
 // ids. Additionally inheritance is handled (by the auth API)
 if (isset($_POST['update']))
@ -204,13 +192,13 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators
 	$sql = "SELECT group_id, group_name
 		FROM " . GROUPS_TABLE . "
-		ORDER BY group_name";
+		ORDER BY group_type DESC, group_name";
 	$result = $db->sql_query($sql);
 	$group_list = '';
 	while ($row = $db->sql_fetchrow($result))
 	{
-		$group_list .= '<option value="' . $row['group_id'] . '">' . ( ( !empty($user->lang[$row['group_name']]) ) ? $user->lang[$row['group_name']] : $row['group_name'] ) . '</option>';
+		$group_list .= '<option value="' . $row['group_id'] . '">' . ((!empty($user->lang['G_' . $row['group_name']])) ? '* ' . $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>';
 	}
 	$db->sql_freeresult($result);
@ -268,13 +256,13 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators
 				$forum_sql
 				AND a.auth_option_id = o.auth_option_id
 				AND g.group_id = a.group_id
-			ORDER BY g.group_name ASC";
+			ORDER BY g.group_type DESC, g.group_name ASC";
 		$result = $db->sql_query($sql);
 		$groups = '';
 		while ($row = $db->sql_fetchrow($result))
 		{
-			$groups .= '<option value="' . $row['group_id'] . '">' . ( ( !empty($user->lang[$row['group_name']]) ) ? $user->lang[$row['group_name']] : $row['group_name'] ) . '</option>';
+			$groups .= '<option value="' . $row['group_id'] . '">' . ((!empty($user->lang['G_' . $row['group_name']])) ? '* ' . $user->lang['G_' . $row['group_name']] : $row['group_name']) . '</option>';
 		}
 		$db->sql_freeresult($result);
@ -301,7 +289,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators
 				<td class="row1" align="center"><textarea cols="40" rows="4" name="entries"></textarea></td>
 			</tr>
 			<tr>
-				<td class="cat" align="center"> <input type="submit" name="add" value="<?php echo $user->lang['Submit']; ?>" class="mainoption" />&nbsp; <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" />&nbsp; <input type="submit" name="usersubmit" value="<?php echo $user->lang['Find_username']; ?>" class="liteoption" onclick="window.open('<?php echo "../search.$phpEx$SID"; ?>&amp;mode=searchuser&amp;form=2&amp;field=entries', '_phpbbsearch', 'HEIGHT=500,resizable=yes,scrollbars=yes,WIDTH=650');return false;" /><input type="hidden" name="type" value="user" /><input type="hidden" name="advanced" value="1" /><input type="hidden" name="new" value="1" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /></td>
+				<td class="cat" align="center"> <input type="submit" name="add" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" />&nbsp; <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" />&nbsp; <input type="submit" name="usersubmit" value="<?php echo $user->lang['Find_username']; ?>" class="liteoption" onclick="window.open('<?php echo "../search.$phpEx$SID"; ?>&amp;mode=searchuser&amp;form=2&amp;field=entries', '_phpbbsearch', 'HEIGHT=500,resizable=yes,scrollbars=yes,WIDTH=650');return false;" /><input type="hidden" name="type" value="user" /><input type="hidden" name="advanced" value="1" /><input type="hidden" name="new" value="1" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /></td>
 			</tr>
 		</table></form></td>
@ -313,7 +301,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators
 				<td class="row1" align="center"><select name="entries[]" multiple="multiple" size="4"><?php echo $group_list; ?></select></td>
 			</tr>
 			<tr>
-				<td class="cat" align="center"> <input type="submit" name="add" value="<?php echo $user->lang['Submit']; ?>" class="mainoption" />&nbsp; <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" /><input type="hidden" name="type" value="group" /><input type="hidden" name="advanced" value="1" /><input type="hidden" name="new" value="1" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /></td>
+				<td class="cat" align="center"> <input type="submit" name="add" value="<?php echo $user->lang['SUBMIT']; ?>" class="mainoption" />&nbsp; <input type="reset" value="<?php echo $user->lang['Reset']; ?>" class="liteoption" /><input type="hidden" name="type" value="group" /><input type="hidden" name="advanced" value="1" /><input type="hidden" name="new" value="1" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /></td>
 			</tr>
 		</table></form></td>
@ -451,7 +439,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators
 //-->
 </script>
-<p><?php echo $user->lang['ACL_explain']; ?></p>
+<p><?php echo $user->lang['ACL_EXPLAIN']; ?></p>
 <form method="post" name="acl" action="<?php echo "admin_permissions.$phpEx$SID&amp;mode=$mode"; ?>"><table cellspacing="1" cellpadding="0" border="0" align="center">
 	<tr>
@ -528,7 +516,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators
 ?>
 	<tr>
-		<td class="cat" colspan="4" align="center"><input class="mainoption" type="submit" name="update" value="<?php echo $user->lang['Update']; ?>" />&nbsp;&nbsp;<input class="liteoption" type="submit" name="cancel" value="<?php echo $user->lang['Cancel']; ?>" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /><input type="hidden" name="type" value="<?php echo $_POST['type']; ?>" /><?php echo $ug_hidden; ?></td>
+		<td class="cat" colspan="4" align="center"><input class="mainoption" type="submit" name="update" value="<?php echo $user->lang['Update']; ?>" />&nbsp;&nbsp;<input class="liteoption" type="submit" name="CANCEL" value="<?php echo $user->lang['CANCEL']; ?>" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /><input type="hidden" name="type" value="<?php echo $_POST['type']; ?>" /><?php echo $ug_hidden; ?></td>
 	</tr>
 </table></td>
 	</tr>
--- a/phpBB/admin/admin_prune.php
+++ b/phpBB/admin/admin_prune.php
@ -21,38 +21,35 @@
 if (!empty($setmodules))
 {
-	if ( !$auth->acl_get('a_forum') )
+	if (!$auth->acl_get('a_prune'))
 	{
 		return;
 	}
-	$filename = basename(__FILE__);
+	$module['Forums']['Prune']   = basename(__FILE__) . $SID . '&amp;mode=forums';
 	$module['Forums']['Prune']   = $filename . $SID . '&amp;mode=forums';
 	return;
 }
 define('IN_PHPBB', 1);
 //
 // Include files
 //
 $phpbb_root_path = '../';
 require($phpbb_root_path . 'extension.inc');
 require('pagestart.' . $phpEx);
 require($phpbb_root_path . 'includes/functions_admin.'.$phpEx);
-// Do we have forum admin permissions?
+// Do we have permission?
-if ( !$auth->acl_get('a_forum') )
+if (!$auth->acl_get('a_prune'))
 {
-	message_die(MESSAGE, $user->lang['No_admin']);
+	trigger_error($user->lang['NO_ADMIN']);
 }
 //
 // Get the forum ID for pruning
 //
-if ( isset($_GET['f']) || isset($_POST['f']) )
+if (isset($_REQUEST['f']))
 {
-	$forum_id = ( isset($_POST['f']) ) ? intval($_POST['f']) : intval($_GET['f']);
+	$forum_id = intval($_REQUEST['f']);
 	$forum_sql = ($forum_id == -1) ? '' : "AND forum_id = $forum_id";
 }
 else
--- a/phpBB/admin/admin_prune_users.php
+++ b/phpBB/admin/admin_prune_users.php
@ -21,48 +21,32 @@
 if (!empty($setmodules))
 {
-	if ( !$auth->acl_get('a_user') )
+	if (!$auth->acl_get('a_userdel'))
 	{
 		return;
 	}
-	$filename = basename(__FILE__);
+	$module['Users']['Prune_users'] = basename(__FILE__) . $SID;
 	$module['Users']['Prune_users'] = $filename . $SID;
 	return;
 }
 define('IN_PHPBB', 1);
 //
 // Include files
 //
 $phpbb_root_path = '../';
 require($phpbb_root_path . 'extension.inc');
 require('pagestart.' . $phpEx);
 //
 // Do we have forum admin permissions?
-//
+if (!$auth->acl_get('a_userdel'))
 if ( !$auth->acl_get('a_user') )
 {
-	return;
+	trigger_error($user->lang['NO_ADMIN']);
 }
 //
 // Set mode
-//
+$mode = (isset($_REQUEST['mode'])) ? $_REQUEST['mode'] : '';
 if( isset( $_POST['mode'] ) || isset( $_GET['mode'] ) )
 {
 	$mode = ( isset( $_POST['mode']) ) ? $_POST['mode'] : $_GET['mode'];
 }
 else
 {
 	$mode = '';
 }
-//
+// Do prune
 //
 //
 if (isset($_POST['prune']))
 {
 	if (empty($_POST['confirm']))
@ -237,7 +221,7 @@ page_header($user->lang['Prune_users']);
 		<th colspan="2"><?php echo $user->lang['Prune_users']; ?></th>
 	</tr>
 	<tr>
-		<td class="row1"><?php echo $user->lang['Username']; ?>: </td>
+		<td class="row1"><?php echo $user->lang['USERNAME']; ?>: </td>
 		<td class="row2"><input class="post" type="text" name="username" /></td>
 	</tr>
 	<tr>
--- a/phpBB/admin/admin_ranks.php
+++ b/phpBB/admin/admin_ranks.php
@ -19,47 +19,37 @@
 *
 ***************************************************************************/
 define('IN_PHPBB', 1);
 if (!empty($setmodules))
 {
-	if ( !$auth->acl_get('a_user') )
+	if (!$auth->acl_get('a_ranks'))
 	{
 		return;
 	}
-	$file = basename(__FILE__);
+	$module['Users']['Ranks'] = basename(__FILE__) . $SID;
 	$module['Users']['Ranks'] = "$file$SID";
 	return;
 }
-//
+define('IN_PHPBB', 1);
 // Let's set the root dir for phpBB
 //
 $phpbb_root_path = '../';
 require($phpbb_root_path . 'extension.inc');
 require('pagestart.' . $phpEx);
-//
+// Do we have permission?
-//
+if (!$auth->acl_get('a_ranks'))
 //
 if ( !$auth->acl_get('a_user') )
 {
-	return;
+	trigger_error($user->lang['NO_ADMIN']);
 }
-//
+// Check mode
-//
+if (isset($_REQUEST['mode']))
 //
 if ( isset($_GET['mode']) || isset($_POST['mode']) )
 {
-	$mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode'];
+	$mode = $_REQUEST['mode'];
 }
 else
 {
 	//
 	// These could be entered via a form button
 	//
 	if (isset($_POST['add']))
 	{
 		$mode = 'add';
@ -74,9 +64,7 @@ else
 	}
 }
-//
+// Process mode
 //
 //
 if ($mode != '')
 {
 	if ($mode == 'edit' || $mode == 'add')
--- a/phpBB/admin/admin_search.php
+++ b/phpBB/admin/admin_search.php
@ -21,37 +21,30 @@
 if (!empty($setmodules))
 {
-	if ( !$auth->acl_get('a_general') )
+	if (!$auth->acl_get('a_search'))
 	{
 		return;
 	}
-	$filename = basename(__FILE__);
+	$module['DB']['Search_indexing'] = basename(__FILE__) . $SID;
 	$module['DB']['Search_indexing'] = $filename . $SID;
 	return;
 }
 define('IN_PHPBB', 1);
 //
 // Include files
 //
 $phpbb_root_path = '../';
 require($phpbb_root_path . 'extension.inc');
 require('pagestart.' . $phpEx);
 include($phpbb_root_path . 'includes/functions_posting.'.$phpEx);
-//
+// Check permissions
-// Do we have forum admin permissions?
+if (!$auth->acl_get('a_search'))
 //
 if ( !$auth->acl_get('a_general') )
 {
-	message_die(MESSAGE, $user->lang['No_admin']);
+	trigger_error($user->lang['NO_ADMIN']);
 }
 //
 // Start indexing
 //
 if (isset($_POST['start']) || isset($_GET['batchstart']))
 {
 	$batchsize = 200; // Process this many posts per batch
@ -60,11 +53,9 @@ if ( isset($_POST['start']) || isset($_GET['batchstart']) )
 	$loopcount = 0;
 	$batchend = $batchstart + $batchsize;
 	//
 	// Search re-indexing is tough on the server ... so we'll check the load
 	// each loop and if we're on a 1min load of 3 or more we'll re-load the page
 	// and try again. No idea how well this will work in practice so we'll see ...
 	//
 	if (file_exists('/proc/loadavg'))
 	{
 		if ($load = @file('/proc/loadavg'))
@ -79,9 +70,7 @@ if ( isset($_POST['start']) || isset($_GET['batchstart']) )
 		}
 	}
 	//
 	// Try and load stopword and synonym files
 	//
 	$stopword_array = array();
 	$synonym_array = array();
--- a/phpBB/admin/admin_smilies.php
+++ b/phpBB/admin/admin_smilies.php
@ -21,7 +21,7 @@
 if (!empty($setmodules))
 {
-	if ( !$auth->acl_get('a_general') )
+	if (!$auth->acl_get('a_icons'))
 	{
 		return;
 	}
@ -34,42 +34,22 @@ if ( !empty($setmodules) )
 }
 define('IN_PHPBB', 1);
 //
 // Include files
 //
 $phpbb_root_path = '../';
 require($phpbb_root_path . 'extension.inc');
 require('pagestart.' . $phpEx);
 //
 // Do we have general permissions?
-//
+if (!$auth->acl_get('a_icons'))
 if (!$auth->acl_get('a_general'))
 {
 	message_die(MESSAGE, $user->lang['No_admin']);
 }
 //
 // Check to see what mode we should operate in.
-//
+$type = (!empty($_REQUEST['type'])) ? $_REQUEST['type'] : '';
-if (isset($_POST['type']) || isset($_GET['type']))
+$mode = (!empty($_REQUEST['mode'])) ? $_REQUEST['mode'] : '';
 {
 	$type = (!empty($_POST['type'])) ? $_POST['type'] : $_GET['type'];
 }
 else
 {
 	$type = '';
 }
 if (isset($_POST['mode']) || isset($_GET['mode']))
 {
 	$mode = (!empty($_POST['mode'])) ? $_POST['mode'] : $_GET['mode'];
 }
 else
 {
 	$mode = '';
 }
 // What are we doing?
 switch ($type)
 {
 	case 'emoticons':
--- a/phpBB/admin/admin_users.php
+++ b/phpBB/admin/admin_users.php
@ -21,52 +21,33 @@
 if (!empty($setmodules))
 {
-	if ( !$auth->acl_get('a_user') )
+	if (!$auth->acl_gets('a_user', 'a_useradd', 'a_userdel'))
 	{
 		return;
 	}
-	$filename = basename(__FILE__);
+	$module['Users']['Manage'] = basename(__FILE__) . $SID;
 	$module['Users']['Manage'] = $filename . $SID;
 	return;
 }
 define('IN_PHPBB', 1);
 // Include files
 $phpbb_root_path = '../';
 require($phpbb_root_path . 'extension.inc');
 require('pagestart.' . $phpEx);
 require($phpbb_root_path . 'includes/functions_admin.'.$phpEx);
 require($phpbb_root_path . 'includes/functions_validate.'.$phpEx);
 // Do we have forum admin permissions?
 if ( !$auth->acl_get('a_user') )
 {
 	trigger_error($user->lang['No_admin']);
 }
 echo $mode;
 // Set mode
-if( isset( $_POST['mode'] ) || isset( $_GET['mode'] ) )
+$mode = (isset($_REQUEST['mode'])) ? $_REQUEST['mode'] : 'main';
 {
 	$mode = ( isset( $_POST['mode']) ) ? $_POST['mode'] : $_GET['mode'];
 }
 else
 {
 	$mode = 'main';
 }
 // Begin program
 if (isset($_POST['username']) || isset($_GET['u']) || isset($_POST['u']))
 {
 	// Grab relevant userdata
-	if( isset( $_GET['u']) || isset( $_POST['u']) )
+	if(isset($_REQUEST['u']))
 	{
-		$user_id = ( isset( $_POST['u']) ) ? intval( $_POST['u']) : intval( $_GET['u']);
+		$user_id = intval($_REQUEST['u']);
 		if(!($userdata = get_userdata($user_id)))
 		{
@ -82,8 +63,13 @@ if (  isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) )
 	}
 	// Update entry in DB
-	if( $_POST['deleteuser'] && !$userdata['user_founder'] && $auth->acl_get('a_userdel') )
+	if ($_POST['deleteuser'] && !$userdata['user_founder'])
 	{
 		if (!$auth->acl_get('a_userdel'))
 		{
 			trigger_error($user->lang['NO_ADMIN']);
 		}
 		$db->sql_transaction();
 		$sql = "UPDATE " . POSTS_TABLE . "
@ -108,6 +94,10 @@ if (  isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) )
 			WHERE user_id = $user_id";
 		$db->sql_query($sql);
 		$sql = "DELETE FROM " . FORUMS_WATCH_TABLE . "
 			WHERE user_id = $user_id";
 		$db->sql_query($sql);
 		$sql = "DELETE FROM " . ACL_USERS_TABLE . "
 			WHERE user_id = $user_id";
 		$db->sql_query($sql);
@ -297,8 +287,12 @@ if (  isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) )
 	page_footer();
 }
-else
+
 // Do we have permission?
 if (!$auth->acl_get('a_user'))
 {
 	trigger_error($user->lang['No_admin']);
 }
 page_header($user->lang['Manage']);
@ -308,7 +302,7 @@ else
 <p><?php echo $user->lang['User_admin_explain']; ?></p>
-<form method="post" name="post" action="<?php echo "admin_users.$phpEx$SID"; ?>"><table class="bg" cellspacing="1" cellpadding="4" border="0" align="center">
+<form method="post" name="post" action="admin_users.<?php echo $phpEx.$SID; ?>"><table class="bg" cellspacing="1" cellpadding="4" border="0" align="center">
 	<tr>
 		<th align="center"><?php echo $user->lang['Select_a_User']; ?></th>
 	</tr>
@ -319,12 +313,11 @@ else
 <?php
 }
 page_footer();
-//
+// ---------
-//
+// FUNCTIONS
 function ipwhois($ip)
 {
 	$ipwhois = '';
@ -366,7 +359,7 @@ function ipwhois($ip)
 	return $ipwhois;
 }
-//
+// FUNCTIONS
-//
+// ---------
 ?>
--- a/phpBB/admin/admin_words.php
+++ b/phpBB/admin/admin_words.php
@ -21,44 +21,36 @@
 if (!empty($setmodules))
 {
-	if ( !$auth->acl_get('a_general') )
+	if (!$auth->acl_get('a_words'))
 	{
 		return;
 	}
-	$file = basename(__FILE__);
+	$module['Posts']['Word_Censor'] = basename(__FILE__) . $SID;
 	$module['Posts']['Word_Censor'] = "$file$SID";
 	return;
 }
 define('IN_PHPBB', 1);
 //
 // Include files
 //
 $phpbb_root_path = '../';
 require($phpbb_root_path . 'extension.inc');
 require('pagestart.' . $phpEx);
 require($phpbb_root_path . 'includes/functions_admin.' . $phpEx);
 //
 // Do we have forum admin permissions?
-//
+if (!$auth->acl_get('a_words'))
 if ( !$auth->acl_get('a_general') )
 {
-	return;
+	trigger_error($user->lang['NO_ADMIN']);
 }
-//
+// What do we want to do?
-//
+if (isset($_REQUEST['mode']))
 //
 if ( isset($_GET['mode']) || isset($_POST['mode']) )
 {
-	$mode = ( isset($_GET['mode']) ) ? $_GET['mode'] : $_POST['mode'];
+	$mode = $_REQUEST['mode'];
 }
 else
 {
 	//
 	// These could be entered via a form button
 	//
 	if (isset($_POST['add']))
 	{
 		$mode = 'add';
@ -86,7 +78,7 @@ if( $mode != '' )
 			{
 				if (!$word_id)
 				{
-					message_die(MESSAGE, $user->lang['No_word_selected']);
+					trigger_error($user->lang['No_word_selected']);
 				}
 				$sql = "SELECT *
@ -119,12 +111,13 @@ if( $mode != '' )
 		<td class="row2"><input type="text" name="replacement" value="<?php echo $word_info['replacement']; ?>" /></td>
 	</tr>
 	<tr>
-		<td class="cat" colspan="2" align="center"><?php echo $s_hidden_fields; ?><input class="mainoption" type="submit" name="save" value="<?php echo $user->lang['Submit']; ?>" /></td>
+		<td class="cat" colspan="2" align="center"><?php echo $s_hidden_fields; ?><input class="mainoption" type="submit" name="save" value="<?php echo $user->lang['SUBMIT']; ?>" /></td>
 	</tr>
 </table></form>
 <?php
 			page_footer();
 			break;
 		case 'save':
@ -134,17 +127,16 @@ if( $mode != '' )
 			if ($word == '' || $replacement == '')
 			{
-				message_die(MESSAGE, $user->lang['Must_enter_word']);
+				trigger_error($user->lang['Must_enter_word']);
 			}
-			$sql = ( $word_id ) ? "UPDATE " . WORDS_TABLE . " SET word = '" . str_replace("\'", "''", $word) . "', replacement = '" . str_replace("\'", "''", $replacement) . "' WHERE word_id = $word_id" : "INSERT INTO " . WORDS_TABLE . " (word, replacement) VALUES ('" . str_replace("\'", "''", $word) . "', '" . str_replace("\'", "''", $replacement) . "')";
+			$sql = ($word_id) ? "UPDATE " . WORDS_TABLE . " SET word = '" . sql_quote($word) . "', replacement = '" . sql_quote($replacement) . "' WHERE word_id = $word_id" : "INSERT INTO " . WORDS_TABLE . " (word, replacement) VALUES ('" . sql_quote($word) . "', '" . sql_quote($replacement) . "')";
 			$db->sql_query($sql);
 			$log_action = ($word_id) ? 'log_edit_word' : 'log_add_word';
 			add_admin_log($log_action, stripslashes($word));
 			$message = ($word_id) ? $user->lang['Word_updated'] : $user->lang['Word_added'];
 			message_die(MESSAGE, $message);
 			break;
 		case 'delete':
@ -155,7 +147,7 @@ if( $mode != '' )
 			}
 			else
 			{
-				message_die(MESSAGE, $user->lang['Must_specify_word']);
+				trigger_error($user->lang['Must_specify_word']);
 			}
 			$sql = "DELETE FROM " . WORDS_TABLE . "
@ -164,10 +156,34 @@ if( $mode != '' )
 			add_admin_log('log_delete_word');
-			message_die(MESSAGE, $user->lang['Word_removed']);
+			$message = $user->lang['Word_remove'];
 			break;
 	}
 	$sql = "SELECT *
 		FROM " . WORDS_TABLE . "
 		ORDER BY word";
 	$result = $db->sql_query($sql);
 	$cache_str = "\$word_censors = array(\n";
 	$cache_str_match = $cache_str_replace = '';
 	if ($row = $db->sql_fetchrow($result))
 	{
 		do
 		{
 			$cache_str_match .= "\t\t'" . addslashes('#\b' . str_replace('\*', '.*?', preg_quote($row['word'], '#')) . '\b#i') . "',\n";
 			$cache_str_replace .= "\t\t'" . addslashes($row['replacement']) . "',\n";
 		}
 		while ($row = $db->sql_fetchrow($result));
 		$cache_str .= "\t'match' => array(\n$cache_str_match\t),\n\t'replace' => array(\n$cache_str_replace\t)\n);";
 	}
 	$db->sql_freeresult($result);
 	config_cache_write('\$word_censors = array\(.*?\);', $cache_str);
 	trigger_error($message);
 }
 else
 {
@ -212,6 +228,7 @@ else
 		}
 		while ($row = $db->sql_fetchrow($result));
 	}
 	$db->sql_freeresult($result);
 ?>
 	<tr>
@ -221,8 +238,8 @@ else
 <?php
 	page_footer();
 }
 page_footer()
 ?>
--- a/phpBB/admin/index.php
+++ b/phpBB/admin/index.php
@ -33,7 +33,7 @@ require('pagestart.' . $phpEx);
 // Do we have any admin permissions at all?
 if (!$auth->acl_get('a_'))
 {
-	trigger_error('No_admin');
+	trigger_error($user->lang['NO_ADMIN']);
 }
 // Generate relevant output
@ -97,7 +97,7 @@ else if ( isset($_GET['pane']) && $_GET['pane'] == 'left' )
 		@ksort($module);
 		foreach ($module as $cat => $action_ary)
 		{
-			$cat = ( !empty($user->lang[$cat . '_cat']) ) ? $user->lang[$cat . '_cat'] : preg_replace('/_/', ' ', $cat);
+			$cat = (empty($user->lang[$cat . '_cat'])) ? $user->lang[$cat . '_cat'] : preg_replace('/_/', ' ', $cat);
 ?>
 			<tr>
@ -108,19 +108,22 @@ else if ( isset($_GET['pane']) && $_GET['pane'] == 'left' )
 			@ksort($action_ary);
 			foreach ($action_ary as $action => $file)
 			{
 				if (!empty($file))
 				{
 					$action = (!empty($user->lang[$action])) ? $user->lang[$action] : preg_replace('/_/', ' ', $action);
-				$cell_bg = ( $cell_bg == 'row1' ) ? 'row2' : 'row1';
+					$row_class = ($row_class == 'row1') ? 'row2' : 'row1';
 ?>
 			<tr>
-				<td class="<?php echo $cell_bg; ?>"><a class="genmed" href="<?php echo $file; ?>" target="main"><?php echo $action; ?></a></td>
+				<td class="<?php echo $row_class; ?>"><a class="genmed" href="<?php echo $file; ?>" target="main"><?php echo $action; ?></a></td>
 			</tr>
 <?php
 				}
 			}
 		}
 	}
 ?>
 		</table></td>
@ -138,12 +141,17 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' )
 {
 	if ((isset($_POST['activate']) || isset($_POST['delete'])) && !empty($_POST['mark']))
 	{
 		if (!$auth->acl_get('a_user'))
 		{
 			trigger_error($user->lang['NO_ADMIN']);
 		}
 		if (is_array($_POST['mark']))
 		{
 			$in_sql = '';
 			foreach ($_POST['mark'] as $user_id)
 			{
-				$in_sql .= ( ( $in_sql != '' ) ? ', ' : '' ) . $user_id;
+				$in_sql .= (($in_sql != '') ? ', ' : '') . intval($user_id);
 			}
 			if ($in_sql != '')
@ -166,6 +174,10 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' )
 	}
 	else if (isset($_POST['remind']))
 	{
 		if (!$auth->acl_get('a_user'))
 		{
 			trigger_error($user->lang['NO_ADMIN']);
 		}
 	}
 	else if (isset($_POST['resetonline']))
@ -397,6 +409,9 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' )
 	}
 	if ($auth->acl_get('a_user'))
 	{
 ?>
 </table>
@ -465,6 +480,8 @@ elseif ( isset($_GET['pane']) && $_GET['pane'] == 'right' )
 <?php
 	}
 	page_footer();
 }
--- a/phpBB/install/schemas/mysql_basic.sql
+++ b/phpBB/install/schemas/mysql_basic.sql
@ -128,10 +128,23 @@ INSERT INTO phpbb_auth_options (auth_value, is_local, is_global) VALUES ('m_unra
 INSERT INTO phpbb_auth_options (auth_value, is_local, is_global) VALUES ('m_auth', 1, 1);
 INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_', 1);
-INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_general', 1);
+INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_server', 1);
 INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_defaults', 1);
 INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_board', 1);
 INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_cookies', 1);
 INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_clearlogs', 1);
 INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_words', 1);
 INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_icons', 1);
 INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_bbcode', 1);
 INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_attach', 1);
 INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_events', 1);
 INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_email', 1);
 INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_styles', 1);
 INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_user', 1);
 INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_useradd', 1);
 INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_userdel', 1);
 INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_ranks', 1);
 INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_ban', 1);
 INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_names', 1);
 INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_group', 1);
 INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_groupadd', 1);
@ -139,17 +152,13 @@ INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_groupdel', 1);
 INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_forum', 1);
 INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_forumadd', 1);
 INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_forumdel', 1);
-INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_posts', 1);
+INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_prune', 1);
 INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_ban', 1);
 INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_auth', 1);
 INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_authmods', 1);
 INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_authadmins', 1);
 INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_email', 1);
 INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_styles', 1);
 INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_backup', 1);
 INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_restore', 1);
 INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_search', 1);
 INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('a_clearlogs', 1);
 INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('u_', 1);
 INSERT INTO phpbb_auth_options (auth_value, is_global) VALUES ('u_email', 1);
@ -186,11 +195,11 @@ INSERT INTO phpbb_ranks (rank_id, rank_title, rank_min, rank_special, rank_image
 # -- Groups
-INSERT INTO phpbb_groups (group_id, group_name, group_type) VALUES (1, 'GUESTS', 0);
+INSERT INTO phpbb_groups (group_id, group_name, group_type) VALUES (1, 'GUESTS', 3);
-INSERT INTO phpbb_groups (group_id, group_name, group_type) VALUES (2, 'REGISTERED_INACTIVE', 0);
+INSERT INTO phpbb_groups (group_id, group_name, group_type) VALUES (2, 'INACTIVE', 3);
-INSERT INTO phpbb_groups (group_id, group_name, group_type) VALUES (3, 'REGISTERED', 0);
+INSERT INTO phpbb_groups (group_id, group_name, group_type) VALUES (3, 'REGISTERED', 3);
-INSERT INTO phpbb_groups (group_id, group_name, group_type) VALUES (4, 'SUPER_MODERATORS', 0);
+INSERT INTO phpbb_groups (group_id, group_name, group_type) VALUES (4, 'SUPER_MODERATORS', 3);
-INSERT INTO phpbb_groups (group_id, group_name, group_type) VALUES (5, 'ADMINISTRATORS', 0);
+INSERT INTO phpbb_groups (group_id, group_name, group_type) VALUES (5, 'ADMINISTRATORS', 3);
 # -- User -> Group
--- a/phpBB/language/en/lang_admin.php
+++ b/phpBB/language/en/lang_admin.php
@ -21,7 +21,7 @@
 $lang = array_merge($lang, array(
 	'Admin_title' => 'Administration Panel',
-	'No_admin' => 'You are not authorised to administer this board',
+	'NO_ADMIN' => 'You are not authorised to administer this board',
 	'No_frames' => 'Sorry, your browser does not support frames',
 	'Return_to' => 'Return to ...',
 	'DB_cat' => 'Database Admin',
@ -39,7 +39,7 @@ $lang = array_merge($lang, array(
 	'Email_settings' => 'Email Settings',
 	'Server_settings' => 'Server Settings',
 	'Auth_settings' => 'Authentication',
-	'Permissions' => 'Permissions',
+	'PERMISSIONS' => 'Permissions',
 	'Manage' => 'Manage',
 	'Disallow' => 'Disallow names',
 	'Prune' => 'Pruning',
@ -57,7 +57,7 @@ $lang = array_merge($lang, array(
 	'DB_Backup' => 'DB Backup',
 	'DB_Restore' => 'DB Restore',
 	'Basic_Config' => 'Basic Configuration',
-	'Administrators' => 'Administrators',
+	'ADMINISTRATORS' => 'Administrators',
 	'Admin_logs' => 'Admin Log',
 	'Mod_logs' => 'Moderator Log',
 	'Users' => 'Users',
@ -97,6 +97,7 @@ $lang = array_merge($lang, array(
 	'log_prune_user_deac' => '<b>Users Deactivated</b> => %s',
 	'log_prune_user_del_del' => '<b>Users Pruned and Posts Deleted</b> => %s',
 	'log_prune_user_del_anon' => '<b>Users Pruned and Posts Retained</b> => %s',
 	'Admin_logs_explain' => 'This lists all the actions carried out by board administrators. You can sort by username, date, IP or action. If you have appropriate permissions you can also clear individual operations or the log as a whole.',
 	'Mod_logs_explain' => 'This lists the actions carried out by board moderators, select a forum from the drop down list. You can sort by username, date, IP or action. If you have appropriate permissions you can also clear individual operations or the log as a whole.',
 	'Display_log' => 'Display entries from previous',
@ -168,13 +169,13 @@ $lang = array_merge($lang, array(
 	'Restore_Error_filename' => 'The file you uploaded had an unsupported extension.',
 	'Compress_unsupported' => 'The version of PHP installed on this server does not support the type of compression used for your backup. Please use a compression method listed on the previous page.',
 	'Restore_Error_no_file' => 'No file was uploaded',
-	'ACL_explain' => 'Permissions are based on an ALLOW / INHERIT / DENY system with all options being denied by default. The precedent is DENY &gt; ALLOW &gt; INHERIT for any combination of user or group settings. The INHERIT setting causes permissions granted elsewhere for the option being used in place of a specific ALLOW / DENY setting here.',
+	'ACL_EXPLAIN' => 'Permissions are based on an ALLOW / INHERIT / DENY system with all options being denied by default. The precedent is DENY &gt; ALLOW &gt; INHERIT for any combination of user or group settings. The INHERIT setting causes permissions granted elsewhere for the option being used in place of a specific ALLOW / DENY setting here.',
-	'Permissions_explain' => 'Here you can alter which users and groups can access which forums. To assign moderators or define administrators please use the appropriate page (see left hand side menu).',
+	'PERMISSIONS_EXPLAIN' => 'Here you can alter which users and groups can access which forums. To assign moderators or define administrators please use the appropriate page (see left hand side menu).',
-	'Moderators' => 'Moderators',
+	'MODERATORS' => 'Moderators',
-	'Moderators_explain' => 'Here you can assign users and groups as forum moderators. To assign users access to forums, to define super moderators or administrators please use the appropriate page (see left hand side menu).',
+	'MODERATORS_EXPLAIN' => 'Here you can assign users and groups as forum moderators. To assign users access to forums, to define super moderators or administrators please use the appropriate page (see left hand side menu).',
-	'Super_Moderators' => 'Super Moderators',
+	'SUPER_MODERATORS' => 'Super Moderators',
-	'Super_Moderators_explain' => 'Here you can assign users and groups as super moderators. Super Moderators are like ordinary moderators accept they have access to every forum on your board. To assign users access to forums or define administrators please use the appropriate page (see left hand side menu).',
+	'SUPER_MODERATORS_EXPLAIN' => 'Here you can assign users and groups as super moderators. Super Moderators are like ordinary moderators accept they have access to every forum on your board. To assign users access to forums or define administrators please use the appropriate page (see left hand side menu).',
-	'Administrators_explain' => 'Here you can assign administrator rights to users or groups. All users with admin permissions can view the administration panel.',
+	'ADMINISTRATORS_EXPLAIN' => 'Here you can assign administrator rights to users or groups. All users with admin permissions can view the administration panel.',
 	'Manage_users' => 'Manage Users',
 	'Add_users' => 'Add Users',
 	'Manage_groups' => 'Manage Groups',
@ -201,26 +202,49 @@ $lang = array_merge($lang, array(
 	'All_Inherit' => 'All Inherit',
 	'Inheritance' => 'Inheritance',
 	'Inheritance_explain' => 'Select the subforums you want to inherit these permissions',
-	'acl_a_general' => 'General Settings',
+
-	'acl_a_user' => 'Users',
+	'acl_a_server' 		=> 'Alter Server/Email Settings',
-	'acl_a_group' => 'Groups',
+	'acl_a_defaults' 	=> 'Alter Board Defaults',
-	'acl_a_forum' => 'Forums',
+	'acl_a_board' 		=> 'Alter Board Settings',
-	'acl_a_post' => 'Posts',
+	'acl_a_cookies' 	=> 'Alter Cookie Settings',
-	'acl_a_ban' => 'Banning',
+	'acl_a_names' 		=> 'Alter Disallowed Names',
-	'acl_a_auth' => 'Permissions',
+	'acl_a_words' 		=> 'Alter Word Censors',
-	'acl_a_email' => 'Email',
+	'acl_a_icons' 		=> 'Alter Topic Icons/Emoticons',
-	'acl_a_styles' => 'Styles',
+	'acl_a_search' 		=> 'Re-index Search Tables',
-	'acl_a_backup' => 'Backups',
+	'acl_a_prune' 		=> 'Prune Forums',
-	'acl_a_clearlogs' => 'Clear Admin Log',
+	'acl_a_bbcode' 		=> 'Define BBCode Tags',
-	'acl_m__edit' => 'Edit posts',
+	'acl_a_attach' 		=> 'Manage Attachments',
-	'acl_m__delete' => 'Delete posts',
+	'acl_a_events' 		=> 'Manage User/Group Events',
-	'acl_m__move' => 'Move posts',
+	'acl_a_ranks'		=> 'Manage User Ranks',
-	'acl_m__lock' => 'Lock topics',
+	'acl_a_user' 		=> 'Manage Users',
-	'acl_m__split' => 'Split topics',
+	'acl_a_userdel' 	=> 'Delete/Prune Users',
-	'acl_m__merge' => 'Merge topics',
+	'acl_a_useradd' 	=> 'Add New Users',
-	'acl_m__approve' => 'Approve posts',
+	'acl_a_group' 		=> 'Manage Groups',
-	'acl_m__unrate' => 'Un-rate topics',
+	'acl_a_groupdel' 	=> 'Delete Groups',
-	'acl_m__auth' => 'Set permissions',
+	'acl_a_groupadd' 	=> 'Add New Groups',
 	'acl_a_forum' 		=> 'Manage Forums',
 	'acl_a_forumdel' 	=> 'Delete Forums',
 	'acl_a_forumadd' 	=> 'Add New Forums',
 	'acl_a_ban' 		=> 'Manage Bans',
 	'acl_a_auth' 		=> 'Alter Forum Permissions',
 	'acl_a_authmods' 	=> 'Alter Moderator Permissions',
 	'acl_a_authadmins' 	=> 'Alter Admin Permissions',
 	'acl_a_email' 		=> 'Mass Email',
 	'acl_a_styles' 		=> 'Manage Styles',
 	'acl_a_backup' 		=> 'Backup Database',
 	'acl_a_restore' 	=> 'Restore Database',
 	'acl_a_clearlogs' 	=> 'Clear Admin/Mod Logs',
 	'acl_m_edit' => 'Edit posts',
 	'acl_m_delete' => 'Delete posts',
 	'acl_m_move' => 'Move posts',
 	'acl_m_lock' => 'Lock topics',
 	'acl_m_split' => 'Split topics',
 	'acl_m_merge' => 'Merge topics',
 	'acl_m_approve' => 'Approve posts',
 	'acl_m_unrate' => 'Un-rate topics',
 	'acl_m_auth' => 'Set permissions',
 	'acl_f_list' => 'See forum',
 	'acl_f_read' => 'Read forum',
 	'acl_f_post' => 'Post in forum',
@ -245,6 +269,7 @@ $lang = array_merge($lang, array(
 	'acl_f_print' => 'Print topics',
 	'acl_f_ignoreflood' => 'Ignore flood limit',
 	'acl_f_ignorequeue' => 'Ignore mod queue',
 	'Auth_updated' => 'Permissions have been updated',
 	'Prune_users' => 'Prune Users',
 	'Prune_users_explain' => 'Here you can delete (or deactivate) users from you board. This can be done in a variety of ways; by post count, last activity, etc. Each of these criteria can be combined, i.e. you can prune users last active before 2002-01-01 with fewer than 10 posts. Alternatively you can enter a list of users directly into the text box, any criteria entered will be ignored. Take care with this facility! Once a user is deleted there is no way back.',