Permission related updates ... is still not final but is getting there ... faster than British Rail too

git-svn-id: file:///svn/phpbb/trunk@2943 89ea8834-ac86-4346-8a33-228a782c2dd0

phpBB/admin/admin_ban.php

@@ -23,7 +23,7 @@ define('IN_PHPBB', 1);
 
 if( !empty($setmodules) )
 {
-	if ( !$auth->get_acl_admin('ban') )
+	if ( !$auth->acl_get('a_ban') )
 	{
 		return;
 	}
@@ -36,9 +36,7 @@ if( !empty($setmodules) )
 	return;
 }
 
-//
 // Load default header
-//
 $phpbb_root_path = '../';
 require($phpbb_root_path . 'extension.inc');
 require('pagestart.' . $phpEx);
@@ -46,7 +44,7 @@ require('pagestart.' . $phpEx);
 //
 // Do we have ban permissions?
 //
-if ( !$auth->get_acl_admin('ban') )
+if ( !$auth->acl_get('a_ban') )
 {
 	return;
 }
@@ -54,9 +52,9 @@ if ( !$auth->get_acl_admin('ban') )
 //
 // Mode setting
 //
-if ( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) )
+if ( isset($_POST['mode']) || isset($_GET['mode']) )
 {
-	$mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
+	$mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode'];
 }
 else
 {
@@ -68,21 +66,21 @@ $current_time = time();
 //
 // Start program
 //
-if ( isset($HTTP_POST_VARS['bansubmit']) )
+if ( isset($_POST['bansubmit']) )
 {
-	$ban_reason = ( isset($HTTP_POST_VARS['banreason']) ) ? $HTTP_POST_VARS['banreason'] : '';
-	$ban_list = array_unique(explode("\n", $HTTP_POST_VARS['ban']));
+	$ban_reason = ( isset($_POST['banreason']) ) ? $_POST['banreason'] : '';
+	$ban_list = array_unique(explode("\n", $_POST['ban']));
 	$ban_list_log = implode(', ', $ban_list);
 
-	if ( !empty($HTTP_POST_VARS['banlength']) )
+	if ( !empty($_POST['banlength']) )
 	{
-		if ( $HTTP_POST_VARS['banlength'] != -1 || empty($HTTP_POST_VARS['banlengthother']) )
+		if ( $_POST['banlength'] != -1 || empty($_POST['banlengthother']) )
 		{
-			$ban_end = max($current_time, $current_time + ( intval($HTTP_POST_VARS['banlength']) * 60 ));
+			$ban_end = max($current_time, $current_time + ( intval($_POST['banlength']) * 60 ));
 		}
 		else
 		{
-			$ban_other = explode('-', $HTTP_POST_VARS['banlengthother']);
+			$ban_other = explode('-', $_POST['banlengthother']);
 			$ban_end = max($current_time, gmmktime(0, 0, 0, $ban_other[1], $ban_other[2], $ban_other[0]));
 		}
 	}
@@ -130,9 +128,7 @@ if ( isset($HTTP_POST_VARS['bansubmit']) )
 			{
 				if ( preg_match('/^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})[ ]*\-[ ]*([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$/', trim($ban_list[$i]), $ip_range_explode) )
 				{
-					//
 					// Don't ask about all this, just don't ask ... !
-					//
 					$ip_1_counter = $ip_range_explode[1];
 					$ip_1_end = $ip_range_explode[5];
 
@@ -312,12 +308,12 @@ if ( isset($HTTP_POST_VARS['bansubmit']) )
 	message_die(MESSAGE, $message);
 
 }
-else if ( isset($HTTP_POST_VARS['unbansubmit']) )
+else if ( isset($_POST['unbansubmit']) )
 {
 	$unban_sql = '';
-	for($i = 0; $i < count($HTTP_POST_VARS['unban']); $i++ )
+	for($i = 0; $i < count($_POST['unban']); $i++ )
 	{
-		$unban_sql .= ( ( $unban_sql != '' ) ? ', ' : '' ) . intval($HTTP_POST_VARS['unban'][$i]);
+		$unban_sql .= ( ( $unban_sql != '' ) ? ', ' : '' ) . intval($_POST['unban'][$i]);
 	}
 
 	if ( $unban_sql != '' )
@@ -326,7 +322,7 @@ else if ( isset($HTTP_POST_VARS['unbansubmit']) )
 			WHERE ban_id IN ($unban_sql)";
 		$db->sql_query($sql);
 
-		add_admin_log('log_unban_' . $mode, sizeof($HTTP_POST_VARS['unban']));
+		add_admin_log('log_unban_' . $mode, sizeof($_POST['unban']));
 	}
 
 	message_die(MESSAGE, $lang['Ban_update_sucessful']);

phpBB/admin/admin_board.php

@@ -21,7 +21,7 @@
 
 if ( !empty($setmodules) )
 {
-	if ( !$auth->get_acl_admin('general') )
+	if ( !$auth->acl_get('a_general') )
 	{
 		return;
 	}
@@ -37,31 +37,29 @@ if ( !empty($setmodules) )
 	return;
 }
 
-//
 // Let's set the root dir for phpBB
-//
 define('IN_PHPBB', 1);
 $phpbb_root_path = '../';
 require($phpbb_root_path . 'extension.inc');
 require('pagestart.' . $phpEx);
 
-if ( !$auth->get_acl_admin('general') )
+// Are we authed?
+if ( !$auth->acl_get('a_general') )
 {
 	message_die(MESSAGE, $lang['No_admin']);
 }
 
-if ( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) )
+// Get mod
+if ( isset($_POST['mode']) || isset($_GET['mode']) )
 {
-	$mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
+	$mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode'];
 }
 else
 {
 	$mode = '';
 }
 
-//
 // Pull all config data
-//
 $sql = "SELECT *
 	FROM " . CONFIG_TABLE;
 $result = $db->sql_query($sql);
@@ -72,9 +70,9 @@ while ( $row = $db->sql_fetchrow($result) )
 	$config_value = $row['config_value'];
 
 	$default_config[$config_name] = $config_value;
-	$new[$config_name] = ( isset($HTTP_POST_VARS[$config_name]) ) ? $HTTP_POST_VARS[$config_name] : $default_config[$config_name];
+	$new[$config_name] = ( isset($_POST[$config_name]) ) ? $_POST[$config_name] : $default_config[$config_name];
 
-	if ( isset($HTTP_POST_VARS['submit']) )
+	if ( isset($_POST['submit']) )
 	{
 		$sql = "UPDATE " . CONFIG_TABLE . " SET
 			config_value = '" . str_replace("\'", "''", $new[$config_name]) . "'
@@ -83,7 +81,7 @@ while ( $row = $db->sql_fetchrow($result) )
 	}
 }
 
-if ( isset($HTTP_POST_VARS['submit']) )
+if ( isset($_POST['submit']) )
 {
 	add_admin_log('log_' . $mode . '_config');
 	message_die(MESSAGE, $lang['Config_updated']);
@@ -163,10 +161,6 @@ switch ( $mode )
 		<td class="row1"><?php echo $lang['Cookie_secure']; ?>: <br /><span class="gensmall"><?php echo $lang['Cookie_secure_explain']; ?></span></td>
 		<td class="row2"><input type="radio" name="cookie_secure" value="0"<?php echo $cookie_secure_no; ?> /><?php echo $lang['Disabled']; ?>&nbsp; &nbsp;<input type="radio" name="cookie_secure" value="1"<?php echo $cookie_secure_yes; ?> /><?php echo $lang['Enabled']; ?></td>
 	</tr>
-	<tr>
-		<td class="row1"><?php echo $lang['Session_length']; ?>: </td>
-		<td class="row2"><input type="text" maxlength="5" size="5" name="session_length" value="<?php echo $new['session_length']; ?>" /></td>
-	</tr>
 <?php
 
 		break;
@@ -490,6 +484,10 @@ switch ( $mode )
 		<td class="row1"><?php echo $lang['Limit_load']; ?>: <br /><span class="gensmall"><?php echo $lang['Limit_load_explain']; ?></span></td>
 		<td class="row2"><input type="text" size="4" maxlength="4" name="limit_load" value="<?php echo $new['limit_load']; ?>" /></td>
 	</tr>
+	<tr>
+		<td class="row1"><?php echo $lang['Session_length']; ?>: </td>
+		<td class="row2"><input type="text" maxlength="5" size="5" name="session_length" value="<?php echo $new['session_length']; ?>" /></td>
+	</tr>
 	<tr>
 		<td class="row1"><?php echo $lang['Limit_sessions']; ?>: <br /><span class="gensmall"><?php echo $lang['Limit_sessions_explain']; ?></span></td>
 		<td class="row2"><input type="text" size="4" maxlength="4" name="active_sessions" value="<?php echo $new['active_sessions']; ?>" /></td>
@@ -512,18 +510,14 @@ switch ( $mode )
 
 	case 'auth':
 
-?>
-
-<?php
-
 		$auth_plugins = array();
 
 		$dp = opendir($phpbb_root_path . 'includes/auth');
 		while ( $file = readdir($dp) )
 		{
-			if ( preg_match('/^auth_(.*?)\.' . $phpEx . '$/', $file) )
+			if ( preg_match('#^auth_(.*?)\.' . $phpEx . '$#', $file) )
 			{
-				$auth_plugins[] = preg_replace('/^auth_(.*?)\.' . $phpEx . '$/', '\1', $file);
+				$auth_plugins[] = preg_replace('#^auth_(.*?)\.' . $phpEx . '$#', '\1', $file);
 			}
 		}
 

phpBB/admin/admin_database.php

@@ -21,7 +21,7 @@
 
 if ( !empty($setmodules) )
 {
-	if ( !$auth->get_acl_admin('general') )
+	if ( !$auth->acl_get('a_general') )
 	{
 		return;
 	}
@@ -50,7 +50,7 @@ include($phpbb_root_path . 'includes/functions_admin.'.$phpEx);
 //
 // Do we have DB backup/restore permissions?
 //
-if ( !$auth->get_acl_admin('general') )
+if ( !$auth->acl_get('a_general') )
 {
 	message_die(MESSAGE, $lang['No_admin']);
 }
@@ -61,7 +61,7 @@ if ( !$auth->get_acl_admin('general') )
 //
 @set_time_limit(1200);
 
-$mode = ( isset($HTTP_GET_VARS['mode']) ) ? $HTTP_GET_VARS['mode'] : '';
+$mode = ( isset($_GET['mode']) ) ? $_GET['mode'] : '';
 
 //
 // Begin program proper
@@ -89,13 +89,13 @@ switch( $mode )
 			break;
 		}
 
-		$additional_tables = ( isset($HTTP_POST_VARS['tables']) ) ? $HTTP_POST_VARS['tables'] : ( ( isset($HTTP_GET_VARS['tables']) ) ? $HTTP_GET_VARS['tables'] : '' );
-		$backup_type = ( isset($HTTP_POST_VARS['type']) ) ? $HTTP_POST_VARS['type'] : ( ( isset($HTTP_GET_VARS['type']) ) ? $HTTP_GET_VARS['type'] : '' );
-		$search = ( !empty($HTTP_POST_VARS['search']) ) ? intval($HTTP_POST_VARS['search']) : ( ( !empty($HTTP_GET_VARS['search']) ) ? intval($HTTP_GET_VARS['search']) : 0 );
-		$store_path = ( isset($HTTP_POST_VARS['store']) ) ? $HTTP_POST_VARS['store'] : ( ( isset($HTTP_GET_VARS['store']) ) ? $HTTP_GET_VARS['store'] : '' );
-		$compress = ( !empty($HTTP_POST_VARS['compress']) ) ? $HTTP_POST_VARS['compress'] : ( ( !empty($HTTP_GET_VARS['compress']) ) ? $HTTP_GET_VARS['compress'] : 'none' );
+		$additional_tables = ( isset($_POST['tables']) ) ? $_POST['tables'] : ( ( isset($_GET['tables']) ) ? $_GET['tables'] : '' );
+		$backup_type = ( isset($_POST['type']) ) ? $_POST['type'] : ( ( isset($_GET['type']) ) ? $_GET['type'] : '' );
+		$search = ( !empty($_POST['search']) ) ? intval($_POST['search']) : ( ( !empty($_GET['search']) ) ? intval($_GET['search']) : 0 );
+		$store_path = ( isset($_POST['store']) ) ? $_POST['store'] : ( ( isset($_GET['store']) ) ? $_GET['store'] : '' );
+		$compress = ( !empty($_POST['compress']) ) ? $_POST['compress'] : ( ( !empty($_GET['compress']) ) ? $_GET['compress'] : 'none' );
 
-		if ( !isset($HTTP_POST_VARS['backupstart']) && !isset($HTTP_GET_VARS['backupstart']) )
+		if ( !isset($_POST['backupstart']) && !isset($_GET['backupstart']) )
 		{
 			page_header($lang['DB_Backup']);
 
@@ -166,7 +166,7 @@ switch( $mode )
 
 			break;
 		}
-		else if ( !isset($HTTP_POST_VARS['startdownload']) && !isset($HTTP_GET_VARS['startdownload']) )
+		else if ( !isset($_POST['startdownload']) && !isset($_GET['startdownload']) )
 		{
 			$meta = "<meta http-equiv=\"refresh\" content=\"0;url=admin_database.$phpEx?mode=backup&amp;type=$backup_type&amp;tables=" . quotemeta($additional_tables) . "&amp;search=$search&amp;store=" . quotemeta($store_path) . "&amp;compress=$compress&amp;backupstart=1&amp;startdownload=1\">";
 
@@ -309,15 +309,15 @@ switch( $mode )
 
 	case 'restore':
 
-		if ( isset($HTTP_POST_VARS['restorestart']) )
+		if ( isset($_POST['restorestart']) )
 		{
 			//
 			// Handle the file upload ....
 			// If no file was uploaded report an error...
 			//
-			if ( !empty($HTTP_POST_VARS['local']) )
+			if ( !empty($_POST['local']) )
 			{
-				$file_tmpname = './../' . str_replace('\\\\', '/', $HTTP_POST_VARS['local']);
+				$file_tmpname = './../' . str_replace('\\\\', '/', $_POST['local']);
 				$filename = substr($file_tmpname, strrpos($file_tmpname, '/'));
 			}
 			else

phpBB/admin/admin_disallow.php

@@ -23,7 +23,7 @@ define('IN_PHPBB', 1);
 
 if( !empty($setmodules) )
 {
-	if ( !$auth->get_acl_admin('user') )
+	if ( !$auth->acl_get('a_user') )
 	{
 		return;
 	}
@@ -45,16 +45,16 @@ require('pagestart.' . $phpEx);
 //
 // Do we have user admin permissions?
 //
-if ( !$auth->get_acl_admin('user') )
+if ( !$auth->acl_get('a_user') )
 {
 	return;
 }
 
-if( isset($HTTP_POST_VARS['add_name']) )
+if( isset($_POST['add_name']) )
 {
 	include($phpbb_root_path . 'includes/functions_validate.'.$phpEx);
 
-	$disallowed_user = ( isset($HTTP_POST_VARS['disallowed_user']) ) ? $HTTP_POST_VARS['disallowed_user'] : $HTTP_GET_VARS['disallowed_user'];
+	$disallowed_user = ( isset($_POST['disallowed_user']) ) ? $_POST['disallowed_user'] : $_GET['disallowed_user'];
 	$disallowed_user = str_replace('*', '%', $disallowed_user);
 
 	if ( !validate_username($disallowed_user) )
@@ -76,9 +76,9 @@ if( isset($HTTP_POST_VARS['add_name']) )
 
 	message_die(MESSAGE, $message);
 }
-else if( isset($HTTP_POST_VARS['delete_name']) )
+else if( isset($_POST['delete_name']) )
 {
-	$disallowed_id = ( isset($HTTP_POST_VARS['disallowed_id']) ) ? intval( $HTTP_POST_VARS['disallowed_id'] ) : intval( $HTTP_GET_VARS['disallowed_id'] );
+	$disallowed_id = ( isset($_POST['disallowed_id']) ) ? intval( $_POST['disallowed_id'] ) : intval( $_GET['disallowed_id'] );
 
 	$sql = "DELETE FROM " . DISALLOW_TABLE . "
 		WHERE disallow_id = $disallowed_id";

phpBB/admin/admin_email.php

@@ -21,7 +21,7 @@
 
 if ( !empty($setmodules) )
 {
-	if ( !$auth->get_acl_admin('general') )
+	if ( !$auth->acl_get('a_general') )
 	{
 		return;
 	}
@@ -43,7 +43,7 @@ require('pagestart.' . $phpEx);
 //
 // Do we have general admin permissions?
 //
-if ( !$auth->get_acl_admin('general') )
+if ( !$auth->acl_get('a_general') )
 {
 	return;
 }
@@ -57,7 +57,7 @@ $subject = '';
 //
 // Do the job ...
 //
-if ( isset($HTTP_POST_VARS['submit']) )
+if ( isset($_POST['submit']) )
 {
 	//
 	// Increase maximum execution time in case of a lot of users, but don't complain about it if it isn't
@@ -65,7 +65,7 @@ if ( isset($HTTP_POST_VARS['submit']) )
 	//
 	@set_time_limit(1200);
 
-	$group_id = intval($HTTP_POST_VARS['g']);
+	$group_id = intval($_POST['g']);
 
 	$sql = ( $group_id != -1 ) ? "SELECT u.user_email FROM " . USERS_TABLE . " u, " . USER_GROUP_TABLE . " ug WHERE ug.group_id = $group_id AND ug.user_pending <> " . TRUE . " AND u.user_id = ug.user_id" : "SELECT user_email FROM " . USERS_TABLE;
 	$result = $db->sql_query($sql);
@@ -78,8 +78,8 @@ if ( isset($HTTP_POST_VARS['submit']) )
 		//
 	}
 
-	$subject = stripslashes($HTTP_POST_VARS['subject']);
-	$message = stripslashes($HTTP_POST_VARS['message']);
+	$subject = stripslashes($_POST['subject']);
+	$message = stripslashes($_POST['message']);
 
 	//
 	// Error checking needs to go here ... if no subject and/or

phpBB/admin/admin_forums.php

@@ -21,7 +21,7 @@
 
 if (!empty($setmodules))
 {
-	if (!$auth->get_acl_admin('forum'))
+	if (!$auth->acl_get('a_forum'))
 	{
 		return;
 	}
@@ -43,7 +43,7 @@ include($phpbb_root_path . 'includes/functions_admin.'.$phpEx);
 //
 // Do we have forum admin permissions?
 //
-if (!$auth->get_acl_admin('forum'))
+if (!$auth->acl_get('a_forum'))
 {
 	message_die(MESSAGE, $lang['No_admin']);
 }

phpBB/admin/admin_groups.php

@@ -21,7 +21,7 @@
 
 if( !empty($setmodules) )
 {
-	if ( !$auth->get_acl_admin('group') )
+	if ( !$auth->acl_get('a_group') )
 	{
 		return;
 	}
@@ -45,14 +45,14 @@ require('pagestart.' . $phpEx);
 //
 // Do we have general permissions?
 //
-if ( !$auth->get_acl_admin('group') )
+if ( !$auth->acl_get('a_group') )
 {
 	message_die(MESSAGE, $lang['No_admin']);
 }
 
-if( isset($HTTP_POST_VARS[POST_GROUPS_URL]) || isset($HTTP_GET_VARS[POST_GROUPS_URL]) )
+if( isset($_POST[POST_GROUPS_URL]) || isset($_GET[POST_GROUPS_URL]) )
 {
-	$group_id = ( isset($HTTP_POST_VARS[POST_GROUPS_URL]) ) ? intval($HTTP_POST_VARS[POST_GROUPS_URL]) : intval($HTTP_GET_VARS[POST_GROUPS_URL]);
+	$group_id = ( isset($_POST[POST_GROUPS_URL]) ) ? intval($_POST[POST_GROUPS_URL]) : intval($_GET[POST_GROUPS_URL]);
 }
 else
 {
@@ -62,16 +62,16 @@ else
 //
 // Mode setting
 //
-if( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) )
+if( isset($_POST['mode']) || isset($_GET['mode']) )
 {
-	$mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
+	$mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode'];
 }
 else
 {
 	$mode = "";
 }
 
-if( isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new']) )
+if( isset($_POST['edit']) || isset($_POST['new']) )
 {
 	//
 	// Ok they are editing a group or creating a new group
@@ -80,7 +80,7 @@ if( isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new']) )
 		"body" => "admin/group_edit_body.tpl")
 	);
 
-	if ( isset($HTTP_POST_VARS['edit']) )
+	if ( isset($_POST['edit']) )
 	{
 		//
 		// They're editing. Grab the vars.
@@ -105,7 +105,7 @@ if( isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new']) )
 		$template->assign_block_vars("group_edit", array());
 
 	}
-	else if( isset($HTTP_POST_VARS['new']) )
+	else if( isset($_POST['new']) )
 	{
 		$group_info = array (
 			"group_name" => "",
@@ -152,7 +152,7 @@ if( isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new']) )
 		"GROUP_MODERATOR" => $group_moderator,
 
 		"L_GROUP_TITLE" => $lang['Group_administration'],
-		"L_GROUP_EDIT_DELETE" => ( isset($HTTP_POST_VARS['new']) ) ? $lang['New_group'] : $lang['Edit_group'],
+		"L_GROUP_EDIT_DELETE" => ( isset($_POST['new']) ) ? $lang['New_group'] : $lang['Edit_group'],
 		"L_GROUP_NAME" => $lang['group_name'],
 		"L_GROUP_DESCRIPTION" => $lang['group_description'],
 		"L_GROUP_MODERATOR" => $lang['group_moderator'],
@@ -184,12 +184,12 @@ if( isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new']) )
 	$template->pparse('body');
 
 }
-else if( isset($HTTP_POST_VARS['group_update']) )
+else if( isset($_POST['group_update']) )
 {
 	//
 	// Ok, they are submitting a group, let's save the data based on if it's new or editing
 	//
-	if( isset($HTTP_POST_VARS['group_delete']) )
+	if( isset($_POST['group_delete']) )
 	{
 		$sql = "DELETE FROM " . GROUPS_TABLE . "
 			WHERE group_id = " . $group_id;
@@ -218,11 +218,11 @@ else if( isset($HTTP_POST_VARS['group_update']) )
 	}
 	else
 	{
-		$group_type = isset($HTTP_POST_VARS['group_type']) ? intval($HTTP_POST_VARS['group_type']) : GROUP_OPEN;
-		$group_name = isset($HTTP_POST_VARS['group_name']) ? trim($HTTP_POST_VARS['group_name']) : "";
-		$group_description = isset($HTTP_POST_VARS['group_description']) ? trim($HTTP_POST_VARS['group_description']) : "";
-		$group_moderator = isset($HTTP_POST_VARS['username']) ? $HTTP_POST_VARS['username'] : "";
-		$delete_old_moderator = isset($HTTP_POST_VARS['delete_old_moderator']) ? intval($HTTP_POST_VARS['delete_old_moderator']) : "";
+		$group_type = isset($_POST['group_type']) ? intval($_POST['group_type']) : GROUP_OPEN;
+		$group_name = isset($_POST['group_name']) ? trim($_POST['group_name']) : "";
+		$group_description = isset($_POST['group_description']) ? trim($_POST['group_description']) : "";
+		$group_moderator = isset($_POST['username']) ? $_POST['username'] : "";
+		$delete_old_moderator = isset($_POST['delete_old_moderator']) ? intval($_POST['delete_old_moderator']) : "";
 
 		if( $group_name == "" )
 		{

phpBB/admin/admin_permissions.php

@@ -21,7 +21,7 @@
 
 if ( !empty($setmodules) )
 {
-	if ( !$auth->get_acl_admin('auth') )
+	if ( !$auth->acl_get('a_auth') )
 	{
 		return;
 	}
@@ -42,21 +42,18 @@ define('IN_PHPBB', 1);
 $phpbb_root_path = '../';
 require($phpbb_root_path . 'extension.inc');
 require('pagestart.' . $phpEx);
+require($phpbb_root_path . 'includes/functions_admin.'.$phpEx);
 
-//
 // Do we have forum admin permissions?
-//
-if ( !$auth->get_acl_admin('auth') )
+if ( !$auth->acl_get('a_auth') )
 {
 	message_die(MESSAGE, $lang['No_admin']);
 }
 
-//
 // Define some vars
-//
-if ( isset($HTTP_GET_VARS['f']) || isset($HTTP_POST_VARS['f']) )
+if ( isset($_GET['f']) || isset($_POST['f']) )
 {
-	$forum_id = ( isset($HTTP_POST_VARS['f']) ) ? intval($HTTP_POST_VARS['f']) : intval($HTTP_GET_VARS['f']);
+	$forum_id = ( isset($_POST['f']) ) ? intval($_POST['f']) : intval($_GET['f']);
 	$forum_sql = " WHERE forum_id = $forum_id";
 }
 else
@@ -65,9 +62,9 @@ else
 	$forum_sql = '';
 }
 
-if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
+if ( isset($_GET['mode']) || isset($_POST['mode']) )
 {
-	$mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
+	$mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode'];
 }
 else
 {
@@ -108,45 +105,49 @@ switch ( $mode )
 // to all other options, e.g. Moderator and Forums across the board.
 // This is done via the acl class
 //
-if ( isset($HTTP_POST_VARS['update']) )
+if ( isset($_POST['update']) )
 {
-	switch ( $HTTP_POST_VARS['type'] )
+	$auth_admin = new auth_admin();
+
+	switch ( $_POST['type'] )
 	{
 		case 'user':
-			$set = 'set_acl_user';
+			$set = 'acl_set_user';
 			break;
 
 		case 'group':
-			$set = 'set_acl_group';
+			$set = 'acl_set_group';
 			break;
 	}
 
-	foreach ( $HTTP_POST_VARS['entries'] as $id )
+	foreach ( $_POST['entries'] as $id )
 	{
-		$auth->$set($forum_id, $id, $HTTP_POST_VARS['option']);
+		$auth_admin->$set($forum_id, $id, $_POST['option']);
 	}
 
 	message_die(MESSAGE, 'Permissions updated successfully');
 }
-else if ( isset($HTTP_POST_VARS['delete']) )
+else if ( isset($_POST['delete']) )
 {
-	switch ( $HTTP_POST_VARS['type'] )
+	$auth_admin = new auth_admin();
+
+	switch ( $_POST['type'] )
 	{
 		case 'user':
-			$set = 'delete_acl_user';
+			$set = 'acl_delete_user';
 			break;
 
 		case 'group':
-			$set = 'delete_acl_group';
+			$set = 'acl_delete_group';
 			break;
 	}
 
 	$option_ids = false;
-	if ( !empty($HTTP_POST_VARS['option']) )
+	if ( !empty($_POST['option']) )
 	{
 		$sql = "SELECT auth_option_id
 			FROM " . ACL_OPTIONS_TABLE . "
-			WHERE auth_value LIKE '" . $HTTP_POST_VARS['option'] . "_%'";
+			WHERE auth_value LIKE '" . $_POST['option'] . "_%'";
 		$result = $db->sql_query($sql);
 
 		if ( $row = $db->sql_fetchrow($result) )
@@ -161,9 +162,9 @@ else if ( isset($HTTP_POST_VARS['delete']) )
 		$db->sql_freeresult($result);
 	}
 
-	foreach ( $HTTP_POST_VARS['entries'] as $id )
+	foreach ( $_POST['entries'] as $id )
 	{
-		$auth->$set($forum_id, $id, $option_ids);
+		$auth_admin->$set($forum_id, $id, $option_ids);
 	}
 
 	message_die(MESSAGE, 'Permissions updated successfully');
@@ -209,22 +210,22 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators
 	switch ( $mode )
 	{
 		case 'forums':
-			$type_sql = 'forum';
+			$type_sql = 'f';
 			$forum_sql = "AND a.forum_id = $forum_id";
 			break;
 
 		case 'moderators':
-			$type_sql = 'mod';
+			$type_sql = 'm';
 			$forum_sql = "AND a.forum_id = $forum_id";
 			break;
 
 		case 'supermoderators':
-			$type_sql = 'mod';
+			$type_sql = 'm';
 			$forum_sql = '';
 			break;
 
 		case 'administrators':
-			$type_sql = 'admin';
+			$type_sql = 'a';
 			$forum_sql = '';
 			break;
 	}
@@ -241,7 +242,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators
 	}
 	$db->sql_freeresult($result);
 
-	if ( empty($HTTP_POST_VARS['advanced']) || empty($HTTP_POST_VARS['entries']) )
+	if ( empty($_POST['advanced']) || empty($_POST['entries']) )
 	{
 
 ?>
@@ -351,15 +352,14 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators
 	else
 	{
 
-		//
 		// Founder only operations ... these operations can
 		// only be altered by someone with founder status
-		//
 		$founder_sql = ( !$userdata['user_founder'] ) ? ' AND founder_only <> 1' : '';
 
 		$sql = "SELECT auth_option_id, auth_value
 			FROM " . ACL_OPTIONS_TABLE . "
 			WHERE auth_value LIKE '" . $type_sql . "_%'
+				AND auth_value <> '" . $type_sql . "_'
 				$founder_sql";
 		$result = $db->sql_query($sql);
 
@@ -370,29 +370,29 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators
 		}
 		$db->sql_freeresult($result);
 
-		if ( $HTTP_POST_VARS['type'] == 'user' && !empty($HTTP_POST_VARS['new']) )
+		if ( $_POST['type'] == 'user' && !empty($_POST['new']) )
 		{
-			$HTTP_POST_VARS['entries'] = explode("\n", $HTTP_POST_VARS['entries']);
+			$_POST['entries'] = explode("\n", $_POST['entries']);
 		}
 
 		$where_sql = '';
-		foreach ( $HTTP_POST_VARS['entries'] as $value )
+		foreach ( $_POST['entries'] as $value )
 		{
-			$where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . ( ( $HTTP_POST_VARS['type'] == 'user' && !empty($HTTP_POST_VARS['new']) ) ? '\'' . $value . '\'' : intval($value) );
+			$where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . ( ( $_POST['type'] == 'user' && !empty($_POST['new']) ) ? '\'' . $value . '\'' : intval($value) );
 		}
 
-		switch ( $HTTP_POST_VARS['type'] )
+		switch ( $_POST['type'] )
 		{
 			case 'group':
 				$l_type = 'Group';
 
-				$sql = ( empty($HTTP_POST_VARS['new']) ) ? "SELECT g.group_id AS id, g.group_name AS name, o.auth_value, a.auth_allow_deny FROM " . GROUPS_TABLE . " g, " . ACL_GROUPS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE o.auth_value LIKE '" . $type_sql . "_%' AND a.auth_option_id = o.auth_option_id $forum_sql AND g.group_id = a.group_id AND g.group_id IN ($where_sql) ORDER BY g.group_name ASC" : "SELECT group_id AS id, group_name AS name FROM " . GROUPS_TABLE . " WHERE group_id IN ($where_sql) ORDER BY group_name ASC";
+				$sql = ( empty($_POST['new']) ) ? "SELECT g.group_id AS id, g.group_name AS name, o.auth_value, a.auth_allow_deny FROM " . GROUPS_TABLE . " g, " . ACL_GROUPS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE o.auth_value LIKE '" . $type_sql . "_%' AND a.auth_option_id = o.auth_option_id $forum_sql AND g.group_id = a.group_id AND g.group_id IN ($where_sql) ORDER BY g.group_name ASC" : "SELECT group_id AS id, group_name AS name FROM " . GROUPS_TABLE . " WHERE group_id IN ($where_sql) ORDER BY group_name ASC";
 				break;
 
 			case 'user':
 				$l_type = 'User';
 
-				$sql = ( empty($HTTP_POST_VARS['new']) ) ? "SELECT u.user_id AS id, u.username AS name, u.user_founder, o.auth_value, a.auth_allow_deny FROM " . USERS_TABLE . " u, " . ACL_USERS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE o.auth_value LIKE '" . $type_sql . "_%' AND a.auth_option_id = o.auth_option_id $forum_sql AND u.user_id = a.user_id AND u.user_id IN ($where_sql) ORDER BY u.username, u.user_regdate ASC" : "SELECT user_id AS id, username AS name, user_founder FROM " . USERS_TABLE . " WHERE username IN ($where_sql) ORDER BY username, user_regdate ASC";
+				$sql = ( empty($_POST['new']) ) ? "SELECT u.user_id AS id, u.username AS name, u.user_founder, o.auth_value, a.auth_allow_deny FROM " . USERS_TABLE . " u, " . ACL_USERS_TABLE . " a, " . ACL_OPTIONS_TABLE . " o WHERE o.auth_value LIKE '" . $type_sql . "_%' AND a.auth_option_id = o.auth_option_id $forum_sql AND u.user_id = a.user_id AND u.user_id IN ($where_sql) ORDER BY u.username, u.user_regdate ASC" : "SELECT user_id AS id, username AS name, user_founder FROM " . USERS_TABLE . " WHERE username IN ($where_sql) ORDER BY username, user_regdate ASC";
 				break;
 		}
 
@@ -460,7 +460,7 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators
 		<td class="row1" colspan="5" align="center"><textarea cols="40" rows="3"><?php echo trim($ug); ?></textarea></td>
 	</tr>
 	<tr>
-		<td class="cat" colspan="5" align="center"><input class="mainoption" type="submit" name="update" value="<?php echo $lang['Update']; ?>" />&nbsp;&nbsp;<input class="liteoption" type="submit" name="cancel" value="<?php echo $lang['Cancel']; ?>" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /><input type="hidden" name="type" value="<?php echo $HTTP_POST_VARS['type']; ?>" /><?php echo $ug_hidden; ?></td>
+		<td class="cat" colspan="5" align="center"><input class="mainoption" type="submit" name="update" value="<?php echo $lang['Update']; ?>" />&nbsp;&nbsp;<input class="liteoption" type="submit" name="cancel" value="<?php echo $lang['Cancel']; ?>" /><input type="hidden" name="f" value="<?php echo $forum_id; ?>" /><input type="hidden" name="type" value="<?php echo $_POST['type']; ?>" /><?php echo $ug_hidden; ?></td>
 	</tr>
 </table></form>
 
@@ -471,19 +471,8 @@ if ( !empty($forum_id) || $mode == 'administrators' || $mode == 'supermoderators
 }
 else
 {
-	$sql = "SELECT left_id, right_id, forum_id, forum_name
-		FROM " . FORUMS_TABLE . "
-		ORDER BY forum_id ASC";
-	$result = $db->sql_query($sql);
 
-	$select_list = '';
-	$sub_forum = '';
-	while ( $row = $db->sql_fetchrow($result) )
-	{
-		$select_list .= '<option value="' . $row['forum_id'] . '">' . $sub_forum . $row['forum_name'] . '</option>';
-		$sub_forum .= ( $row['right_id'] - $row['left_id'] > 1 ) ? '&nbsp;&nbsp;' : '';
-	}
-	$db->sql_freeresult($result);
+	$select_list = make_forum_select('f');
 
 	page_header($l_title);
 
@@ -498,7 +487,7 @@ else
 		<th align="center"><?php echo $lang['Select_a_Forum']; ?></th>
 	</tr>
 	<tr>
-		<td class="row1" align="center">&nbsp;<select name="f"><?php echo $select_list; ?></select> &nbsp;<input type="submit" value="<?php echo $lang['Look_up_Forum']; ?>" class="mainoption" />&nbsp;</td>
+		<td class="row1" align="center">&nbsp;<?php echo $select_list; ?> &nbsp;<input type="submit" value="<?php echo $lang['Look_up_Forum']; ?>" class="mainoption" />&nbsp;</td>
 	</tr>
 </table></form>
 

phpBB/admin/admin_prune.php

@@ -21,7 +21,7 @@
 
 if ( !empty($setmodules) )
 {
-	if ( !$auth->get_acl_admin('forum') )
+	if ( !$auth->acl_get('a_forum') )
 	{
 		return;
 	}
@@ -41,10 +41,8 @@ require($phpbb_root_path . 'extension.inc');
 require('pagestart.' . $phpEx);
 require($phpbb_root_path . 'includes/functions_admin.'.$phpEx);
 
-//
 // Do we have forum admin permissions?
-//
-if ( !$auth->get_acl_admin('forum') )
+if ( !$auth->acl_get('a_forum') )
 {
 	message_die(MESSAGE, $lang['No_admin']);
 }
@@ -52,9 +50,9 @@ if ( !$auth->get_acl_admin('forum') )
 //
 // Get the forum ID for pruning
 //
-if ( isset($HTTP_GET_VARS['f']) || isset($HTTP_POST_VARS['f']) )
+if ( isset($_GET['f']) || isset($_POST['f']) )
 {
-	$forum_id = ( isset($HTTP_POST_VARS['f']) ) ? intval($HTTP_POST_VARS['f']) : intval($HTTP_GET_VARS['f']);
+	$forum_id = ( isset($_POST['f']) ) ? intval($_POST['f']) : intval($_GET['f']);
 	$forum_sql = ( $forum_id == -1 ) ? '' : "AND forum_id = $forum_id";
 }
 else
@@ -65,11 +63,9 @@ else
 //
 // Get a list of forum's or the data for the forum that we are pruning.
 //
-$sql = "SELECT f.*
-	FROM " . FORUMS_TABLE . " f, " . CATEGORIES_TABLE . " c
-	WHERE c.cat_id = f.cat_id
-	$forum_sql
-	ORDER BY c.cat_order ASC, f.forum_order ASC";
+$sql = "SELECT forum_id, forum_name, left_id, right_id
+	FROM " . FORUMS_TABLE . "
+	ORDER BY left_id ASC";
 $result = $db->sql_query($sql);
 
 $forum_rows = array();
@@ -77,13 +73,14 @@ while( $row = $db->sql_fetchrow($result) )
 {
 	$forum_rows[] = $row;
 }
+$db->sql_freeresult($result);
 
 //
 // Check for submit to be equal to Prune. If so then proceed with the pruning.
 //
-if ( isset($HTTP_POST_VARS['doprune']) )
+if ( isset($_POST['doprune']) )
 {
-	$prunedays = ( isset($HTTP_POST_VARS['prunedays']) ) ? intval($HTTP_POST_VARS['prunedays']) : 0;
+	$prunedays = ( isset($_POST['prunedays']) ) ? intval($_POST['prunedays']) : 0;
 
 	// Convert days to seconds for timestamp functions...
 	$prunedate = time() - ( $prunedays * 86400 );
@@ -133,10 +130,25 @@ else
 		//
 		// Output a selection table if no forum id has been specified.
 		//
-		$select_list .= '<option value="-1">' . $lang['All_Forums'] . '</option>';
-		for($i = 0; $i < count($forum_rows); $i++)
+		$select_list = '<option value="-1">' . $lang['All_Forums'] . '</option>';
+
+		$right = 0;
+		$subforum = '';
+		$forum_list = '';
+		foreach ( $forum_rows as $row )
 		{
-			$select_list .= '<option value="' . $forum_rows[$i]['forum_id'] . '">' . $forum_rows[$i]['forum_name'] . '</option>';
+			if ( $row['left_id'] < $right  )
+			{
+				$subforum .= '&nbsp;&nbsp;&nbsp;';
+			}
+			else if ( $row['left_id'] > $right + 1 )
+			{
+				$subforum = substr($subforum, 0, -18 * ( $row['left_id'] - $right + 1 ));
+			}
+
+			$select_list .= '<option value="' . $row['forum_id'] . '">' . $subforum . $row['forum_name'] . '</option>';
+
+			$right = $row['right_id'];
 		}
 
 ?>

phpBB/admin/admin_prune_users.php

@@ -21,7 +21,7 @@
 
 if ( !empty($setmodules) )
 {
-	if ( !$auth->get_acl_admin('user') )
+	if ( !$auth->acl_get('a_user') )
 	{
 		return;
 	}
@@ -43,7 +43,7 @@ require('pagestart.' . $phpEx);
 //
 // Do we have forum admin permissions?
 //
-if ( !$auth->get_acl_admin('user') )
+if ( !$auth->acl_get('a_user') )
 {
 	return;
 }
@@ -51,9 +51,9 @@ if ( !$auth->get_acl_admin('user') )
 //
 // Set mode
 //
-if( isset( $HTTP_POST_VARS['mode'] ) || isset( $HTTP_GET_VARS['mode'] ) )
+if( isset( $_POST['mode'] ) || isset( $_GET['mode'] ) )
 {
-	$mode = ( isset( $HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
+	$mode = ( isset( $_POST['mode']) ) ? $_POST['mode'] : $_GET['mode'];
 }
 else
 {
@@ -63,9 +63,9 @@ else
 //
 //
 //
-if ( isset($HTTP_POST_VARS['prune']) )
+if ( isset($_POST['prune']) )
 {
-	if ( empty($HTTP_POST_VARS['confirm']) )
+	if ( empty($_POST['confirm']) )
 	{
 		$values = array('prune', 'deactivate', 'delete', 'users', 'username', 'email', 'joined_select', 'active_select', 'count_select', 'joined', 'active', 'count', 'deleteposts');
 
@@ -73,7 +73,7 @@ if ( isset($HTTP_POST_VARS['prune']) )
 
 		foreach ( $values as $field )
 		{
-			$l_message .= ( !empty($HTTP_POST_VARS[$field]) ) ? '<input type="hidden" name="' . $field . '" value="' . urlencode($HTTP_POST_VARS[$field]) . '" />' : '';
+			$l_message .= ( !empty($_POST[$field]) ) ? '<input type="hidden" name="' . $field . '" value="' . urlencode($_POST[$field]) . '" />' : '';
 		}
 
 		$l_message .= '</form>';
@@ -92,11 +92,11 @@ if ( isset($HTTP_POST_VARS['prune']) )
 		page_footer();
 
 	}
-	else if ( isset($HTTP_POST_VARS['confirm']) )
+	else if ( isset($_POST['confirm']) )
 	{
-		if ( !empty($HTTP_POST_VARS['users']) )
+		if ( !empty($_POST['users']) )
 		{
-			$users = explode("\n", urldecode($HTTP_POST_VARS['users']));
+			$users = explode("\n", urldecode($_POST['users']));
 
 			$where_sql = '';
 			foreach ( $users as $username )
@@ -107,15 +107,15 @@ if ( isset($HTTP_POST_VARS['prune']) )
 		}
 		else
 		{
-			$username = ( !empty($HTTP_POST_VARS['username']) ) ? urldecode($HTTP_POST_VARS['username']) : '';
-			$email = ( !empty($HTTP_POST_VARS['email']) ) ? urldecode($HTTP_POST_VARS['email']) : '';
+			$username = ( !empty($_POST['username']) ) ? urldecode($_POST['username']) : '';
+			$email = ( !empty($_POST['email']) ) ? urldecode($_POST['email']) : '';
 
-			$joined_select = ( !empty($HTTP_POST_VARS['joined_select']) ) ? $HTTP_POST_VARS['joined_select'] : 'lt';
-			$active_select = ( !empty($HTTP_POST_VARS['active_select']) ) ? $HTTP_POST_VARS['active_select'] :'lt';
-			$count_select = ( !empty($HTTP_POST_VARS['count_select']) ) ? $HTTP_POST_VARS['count_select'] : 'eq';
-			$joined = ( !empty($HTTP_POST_VARS['joined']) ) ? explode('-', $HTTP_POST_VARS['joined']) : array();
-			$active = ( !empty($HTTP_POST_VARS['active']) ) ? explode('-', $HTTP_POST_VARS['active']) :array();
-			$count = ( !empty($HTTP_POST_VARS['count']) ) ? intval($HTTP_POST_VARS['count']) : '';
+			$joined_select = ( !empty($_POST['joined_select']) ) ? $_POST['joined_select'] : 'lt';
+			$active_select = ( !empty($_POST['active_select']) ) ? $_POST['active_select'] :'lt';
+			$count_select = ( !empty($_POST['count_select']) ) ? $_POST['count_select'] : 'eq';
+			$joined = ( !empty($_POST['joined']) ) ? explode('-', $_POST['joined']) : array();
+			$active = ( !empty($_POST['active']) ) ? explode('-', $_POST['active']) :array();
+			$count = ( !empty($_POST['count']) ) ? intval($_POST['count']) : '';
 
 			$key_match = array('lt' => '<', 'gt' => '>', 'eq' => '=');
 			$sort_by_types = array('username', 'user_email', 'user_posts', 'user_regdate', 'user_lastvisit');
@@ -153,9 +153,9 @@ if ( isset($HTTP_POST_VARS['prune']) )
 		if ( $where_sql != '' )
 		{
 			$sql = '';
-			if ( !empty($HTTP_POST_VARS['delete']) )
+			if ( !empty($_POST['delete']) )
 			{
-				if ( !empty($HTTP_POST_VARS['deleteposts']) )
+				if ( !empty($_POST['deleteposts']) )
 				{
 					$l_admin_log = 'log_prune_user_del_del';
 
@@ -178,7 +178,7 @@ if ( isset($HTTP_POST_VARS['prune']) )
 
 				$sql = "DELETE FROM " . USERS_TABLE;
 			}
-			else if ( !empty($HTTP_POST_VARS['deactivate']) )
+			else if ( !empty($_POST['deactivate']) )
 			{
 				$l_admin_log = 'log_prune_user_deac';
 

phpBB/admin/admin_ranks.php

@@ -23,7 +23,7 @@ define('IN_PHPBB', 1);
 
 if( !empty($setmodules) )
 {
-	if ( !$auth->get_acl_admin('user') )
+	if ( !$auth->acl_get('a_user') )
 	{
 		return;
 	}
@@ -43,7 +43,7 @@ require('pagestart.' . $phpEx);
 //
 //
 //
-if ( !$auth->get_acl_admin('user') )
+if ( !$auth->acl_get('a_user') )
 {
 	return;
 }
@@ -51,20 +51,20 @@ if ( !$auth->get_acl_admin('user') )
 //
 //
 //
-if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
+if ( isset($_GET['mode']) || isset($_POST['mode']) )
 {
-	$mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
+	$mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode'];
 }
 else
 {
 	//
 	// These could be entered via a form button
 	//
-	if ( isset($HTTP_POST_VARS['add']) )
+	if ( isset($_POST['add']) )
 	{
 		$mode = 'add';
 	}
-	else if ( isset($HTTP_POST_VARS['save']) )
+	else if ( isset($_POST['save']) )
 	{
 		$mode = 'save';
 	}
@@ -84,7 +84,7 @@ if ( $mode != '' )
 		//
 		// They want to add a new rank, show the form.
 		//
-		$rank_id = ( isset($HTTP_GET_VARS['id']) ) ? intval($HTTP_GET_VARS['id']) : 0;
+		$rank_id = ( isset($_GET['id']) ) ? intval($_GET['id']) : 0;
 
 		$s_hidden_fields = '<input type="hidden" name="mode" value="save" />';
 
@@ -152,11 +152,11 @@ if ( $mode != '' )
 		// Ok, they sent us our info, let's update it.
 		//
 
-		$rank_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : 0;
-		$rank_title = ( isset($HTTP_POST_VARS['title']) ) ? trim($HTTP_POST_VARS['title']) : '';
-		$special_rank = ( $HTTP_POST_VARS['special_rank'] == 1 ) ? TRUE : 0;
-		$min_posts = ( isset($HTTP_POST_VARS['min_posts']) ) ? intval($HTTP_POST_VARS['min_posts']) : -1;
-		$rank_image = ( (isset($HTTP_POST_VARS['rank_image'])) ) ? trim($HTTP_POST_VARS['rank_image']) : '';
+		$rank_id = ( isset($_POST['id']) ) ? intval($_POST['id']) : 0;
+		$rank_title = ( isset($_POST['title']) ) ? trim($_POST['title']) : '';
+		$special_rank = ( $_POST['special_rank'] == 1 ) ? TRUE : 0;
+		$min_posts = ( isset($_POST['min_posts']) ) ? intval($_POST['min_posts']) : -1;
+		$rank_image = ( (isset($_POST['rank_image'])) ) ? trim($_POST['rank_image']) : '';
 
 		if ( $rank_title == '' )
 		{
@@ -208,9 +208,9 @@ if ( $mode != '' )
 		// Ok, they want to delete their rank
 		//
 
-		if ( isset($HTTP_POST_VARS['id']) || isset($HTTP_GET_VARS['id']) )
+		if ( isset($_POST['id']) || isset($_GET['id']) )
 		{
-			$rank_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : intval($HTTP_GET_VARS['id']);
+			$rank_id = ( isset($_POST['id']) ) ? intval($_POST['id']) : intval($_GET['id']);
 		}
 		else
 		{

phpBB/admin/admin_search.php

@@ -21,7 +21,7 @@
 
 if ( !empty($setmodules) )
 {
-	if ( !$auth->get_acl_admin('general') )
+	if ( !$auth->acl_get('a_general') )
 	{
 		return;
 	}
@@ -44,7 +44,7 @@ include($phpbb_root_path . 'includes/functions_posting.'.$phpEx);
 //
 // Do we have forum admin permissions?
 //
-if ( !$auth->get_acl_admin('general') )
+if ( !$auth->acl_get('a_general') )
 {
 	message_die(MESSAGE, $lang['No_admin']);
 }
@@ -52,11 +52,11 @@ if ( !$auth->get_acl_admin('general') )
 //
 // Start indexing
 //
-if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) )
+if ( isset($_POST['start']) || isset($_GET['batchstart']) )
 {
 	$batchsize = 200; // Process this many posts per batch
-	$batchstart = ( !isset($HTTP_GET_VARS['batchstart']) ) ? $row['min_post_id'] : $HTTP_GET_VARS['batchstart'];
-	$batchcount = ( !isset($HTTP_GET_VARS['batchcount']) ) ? 1 : $HTTP_GET_VARS['batchcount'];
+	$batchstart = ( !isset($_GET['batchstart']) ) ? $row['min_post_id'] : $_GET['batchstart'];
+	$batchcount = ( !isset($_GET['batchcount']) ) ? 1 : $_GET['batchcount'];
 	$loopcount = 0;
 	$batchend = $batchstart + $batchsize;
 
@@ -108,7 +108,7 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) )
 
 	closedir($dir);
 
-	if ( !isset($HTTP_GET_VARS['batchstart']) )
+	if ( !isset($_GET['batchstart']) )
 	{
 		//
 		// Take board offline
@@ -312,7 +312,7 @@ if ( isset($HTTP_POST_VARS['start']) || isset($HTTP_GET_VARS['batchstart']) )
 	exit;
 
 }
-else if ( isset($HTTP_POST_VARS['cancel']) )
+else if ( isset($_POST['cancel']) )
 {
 	$sql = "UPDATE " . CONFIG_TABLE . "
 		SET config_value = '0'

phpBB/admin/admin_smilies.php

@@ -21,7 +21,7 @@
 
 if ( !empty($setmodules) )
 {
-	if ( !$auth->get_acl_admin('general') )
+	if ( !$auth->acl_get('a_general') )
 	{
 		return;
 	}
@@ -43,7 +43,7 @@ require('pagestart.' . $phpEx);
 //
 // Do we have general permissions?
 //
-if (!$auth->get_acl_admin('general'))
+if (!$auth->acl_get('a_general'))
 {
 	message_die(MESSAGE, $lang['No_admin']);
 }
@@ -51,9 +51,9 @@ if (!$auth->get_acl_admin('general'))
 //
 // Check to see what mode we should operate in.
 //
-if (isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']))
+if (isset($_POST['mode']) || isset($_GET['mode']))
 {
-	$mode = (!empty($HTTP_POST_VARS['mode'])) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
+	$mode = (!empty($_POST['mode'])) ? $_POST['mode'] : $_GET['mode'];
 }
 else
 {
@@ -62,10 +62,8 @@ else
 
 $delimiter  = '=+:';
 $smilies_images = $smilies_paks = array();
-$click_return = '<br /><br />' . sprintf($lang['Click_return_smileadmin'], '<a href="admin_smilies.' . $phpEx . $SID . '">', '</a>');
-$click_return .= '<br /><br />' . sprintf($lang['Click_return_admin_index'], '<a href="index.' . $phpEx . $SID . '&amp;pane=right">', '</a>');
 
-if ($mode == 'edit' || !empty($HTTP_POST_VARS['add']) || !empty($HTTP_POST_VARS['import_pak']))
+if ($mode == 'edit' || !empty($_POST['add']) || !empty($_POST['import_pak']))
 {
 	$dir = @opendir($phpbb_root_path . $board_config['smilies_path']);
 	while ($file = @readdir($dir))
@@ -90,15 +88,15 @@ if ($mode == 'edit' || !empty($HTTP_POST_VARS['add']) || !empty($HTTP_POST_VARS[
 //
 // Select main mode
 //
-if (isset($HTTP_POST_VARS['import_pak']))
+if (isset($_POST['import_pak']))
 {
-	if (!empty($HTTP_POST_VARS['smilies_pak']))
+	if (!empty($_POST['smilies_pak']))
 	{
 		$smile_order = 0;
 		//
 		// The user has already selected a smilies_pak file.. Import it.
 		//
-		if (!empty($HTTP_POST_VARS['clear_current']))
+		if (!empty($_POST['clear_current']))
 		{
 			$db->sql_query('DELETE FROM ' . SMILIES_TABLE);
 		}
@@ -118,7 +116,7 @@ if (isset($HTTP_POST_VARS['import_pak']))
 
 		if (empty($fcontents))
 		{
-			message_die(ERROR, 'Could not read smiley pak file' . $click_return);
+			message_die(ERROR, 'Could not read smiley pak file');
 		}
 
 		foreach ($fcontents as $line)
@@ -147,7 +145,7 @@ if (isset($HTTP_POST_VARS['import_pak']))
 
 			if (!empty($smilies[$code]))
 			{
-				if (!empty($HTTP_POST_VARS['replace_existing']))
+				if (!empty($_POST['replace_existing']))
 				{
 					$code_sql = str_replace("'", "''", str_replace('\\', '\\\\', $code));
 					$sql = array(
@@ -175,7 +173,7 @@ if (isset($HTTP_POST_VARS['import_pak']))
 			}
 		}
 
-		message_die(MESSAGE, $lang['Smilies_import_success'] . $click_return);
+		message_die(MESSAGE, $lang['Smilies_import_success']);
 	}
 	else
 	{
@@ -202,7 +200,7 @@ if (isset($HTTP_POST_VARS['import_pak']))
 
 <form method="post" action="admin_smilies.<?php echo $phpEx . $SID ?>"><table class="bg" cellspacing="1" cellpadding="4" border="0" align="center">
 	<tr>
-		<th class="thHead" colspan="2"><?php echo $lang['Smilies_import'] ?></th>
+		<th colspan="2"><?php echo $lang['Smilies_import'] ?></th>
 	</tr>
 	<tr>
 		<td class="row2"><?php echo $lang['Select_package'] ?></td>
@@ -228,7 +226,7 @@ if (isset($HTTP_POST_VARS['import_pak']))
 		page_footer();
 	}
 }
-elseif (isset($HTTP_GET_VARS['export_pak']))
+elseif (isset($_GET['export_pak']))
 {
 	$smilies_pak = '';
 
@@ -250,12 +248,12 @@ elseif (isset($HTTP_GET_VARS['export_pak']))
 
 	exit;
 }
-elseif (isset($HTTP_POST_VARS['export_pak']))
+elseif (isset($_POST['export_pak']))
 {
 	page_header($lang['Export_smilies']);
-	message_die(MESSAGE, sprintf($lang['Export_smilies_explain'], '<a href="admin_smilies.' . $phpEx . $SID . '&amp;export_pak=send">', '</a>') . $click_return);
+	message_die(MESSAGE, sprintf($lang['Export_smilies_explain'], '<a href="admin_smilies.' . $phpEx . $SID . '&amp;export_pak=send">', '</a>'));
 }
-elseif (isset($HTTP_POST_VARS['add']))
+elseif (isset($_POST['add']))
 {
 	$filename_list = '';
 	foreach ($smilies_images as $smile_url)
@@ -290,7 +288,7 @@ function update_smile_dimensions()
 
 <form method="post" action="admin_smilies.<?php echo $phpEx . $SID ?>&amp;mode=create"><table class="bg" cellspacing="1" cellpadding="4" border="0" align="center">
 	<tr>
-		<th class="thHead" colspan="2"><?php echo $lang['smile_config'] ?></th>
+		<th colspan="2"><?php echo $lang['smile_config'] ?></th>
 	</tr>
 	<tr>
 		<td class="row2"><?php echo $lang['Smile_code'] ?></td>
@@ -324,20 +322,13 @@ function update_smile_dimensions()
 switch ($mode)
 {
 	case 'delete':
-		$db->sql_query('DELETE FROM ' . SMILIES_TABLE . ' WHERE smilies_id = ' . intval($HTTP_GET_VARS['smile_id']));
-		message_die(MESSAGE, $lang['Smile_deleted'] . $click_return);
+		$db->sql_query('DELETE FROM ' . SMILIES_TABLE . ' WHERE smilies_id = ' . intval($_GET['smile_id']));
+		message_die(MESSAGE, $lang['Smile_deleted']);
 	break;
 
 	case 'edit':
-		$smile_id = intval($HTTP_GET_VARS['smile_id']);
+		$smile_id = intval($_GET['smile_id']);
 
-/*
-		$sql = 'SELECT *
-				FROM ' . SMILIES_TABLE . "
-				WHERE smilies_id = $smile_id";
-		$result = $db->sql_query($sql);
-		$smile_data = $db->sql_fetchrow($result);
-*/
 		$order_list = '';
 		$result = $db->sql_query('SELECT * FROM ' . SMILIES_TABLE . ' ORDER BY smile_order DESC');
 		while ($row = $db->sql_fetchrow($result))
@@ -441,26 +432,26 @@ function update_smile_dimensions()
 	case 'create':
 	case 'modify':
 
-		$smile_width = intval($HTTP_POST_VARS['smile_width']);
-		$smile_height = intval($HTTP_POST_VARS['smile_height']);
+		$smile_width = intval($_POST['smile_width']);
+		$smile_height = intval($_POST['smile_height']);
 		if ($smile_width == 0 || $smile_height == 0)
 		{
-			$img_size = @getimagesize($phpbb_root_path . $board_config['smilies_path'] . '/' . stripslashes($HTTP_POST_VARS['smile_url']));
+			$img_size = @getimagesize($phpbb_root_path . $board_config['smilies_path'] . '/' . stripslashes($_POST['smile_url']));
 			$smile_width = $img_size[0];
 			$smile_height = $img_size[1];
 		}
 		$sql = array(
-			'code'				=>	htmlspecialchars(stripslashes($HTTP_POST_VARS['smile_code'])),
-			'smile_url'			=>	stripslashes($HTTP_POST_VARS['smile_url']),
+			'code'				=>	htmlspecialchars(stripslashes($_POST['smile_code'])),
+			'smile_url'			=>	stripslashes($_POST['smile_url']),
 			'smile_width'		=>	$smile_width,
 			'smile_height'		=>	$smile_height,
 			'smile_order'		=>	$smile_order,
-			'emoticon'			=>	stripslashes($HTTP_POST_VARS['smile_emotion']),
-			'smile_on_posting'	=>	(!empty($HTTP_POST_VARS['smile_on_posting'])) ? 1 : 0
+			'emoticon'			=>	stripslashes($_POST['smile_emotion']),
+			'smile_on_posting'	=>	(!empty($_POST['smile_on_posting'])) ? 1 : 0
 		);
 
-		$smile_id = $HTTP_POST_VARS['smile_id'];
-		$smile_order = $HTTP_POST_VARS['smile_order'];
+		$smile_id = $_POST['smile_id'];
+		$smile_order = $_POST['smile_order'];
 
 		if ($mode == 'modify')
 		{
@@ -500,18 +491,18 @@ function update_smile_dimensions()
 		if ($mode == 'modify')
 		{
 			$db->sql_query_array('UPDATE ' . SMILIES_TABLE . " SET WHERE smilies_id = $smile_id", $sql);
-			message_die(MESSAGE, $lang['Smile_edited'] . $click_return);
+			message_die(MESSAGE, $lang['Smile_edited']);
 		}
 		else
 		{
 			$db->sql_query_array('INSERT INTO ' . SMILIES_TABLE, $sql);
-			message_die(MESSAGE, $lang['Smile_added'] . $click_return);
+			message_die(MESSAGE, $lang['Smile_added']);
 		}
 	break;
 
 	case 'move_up':
 	case 'move_down':
-		$smile_order = intval($HTTP_GET_VARS['smile_order']);
+		$smile_order = intval($_GET['smile_order']);
 		$order_total = $smile_order * 2 + (($mode == 'move_up') ? -1 : 1);
 
 		$sql = 'UPDATE ' . SMILIES_TABLE . "

phpBB/admin/admin_styles.php

@@ -2,7 +2,7 @@
 
 if ( !empty($setmodules) )
 {
-	if ( !$auth->get_acl_admin('styles') )
+	if ( !$auth->acl_get('a_styles') )
 	{
 		return;
 	}
@@ -27,7 +27,7 @@ require('pagestart.' . $phpEx);
 //
 // Do we have styles admin permissions?
 //
-if ( !$auth->get_acl_admin('styles') )
+if ( !$auth->acl_get('a_styles') )
 {
 	message_die(MESSAGE, $lang['No_admin']);
 }
@@ -48,26 +48,26 @@ closedir($dp);
 //
 //
 //
-$mode = ( isset($HTTP_GET_VARS['mode']) ) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
+$mode = ( isset($_GET['mode']) ) ? $_GET['mode'] : $_POST['mode'];
 
 switch ( $mode )
 {
 	case 'editimageset':
-		$imgroot = ( isset($HTTP_POST_VARS['imgroot']) ) ? $HTTP_POST_VARS['imgroot']  : 'subSilver';
+		$imgroot = ( isset($_POST['imgroot']) ) ? $_POST['imgroot']  : 'subSilver';
 
-		if ( isset($HTTP_POST_VARS['img_root']) )
+		if ( isset($_POST['img_root']) )
 		{
 			$sql = "SELECT *
 				FROM " . STYLES_IMAGE_TABLE . "
-				WHERE imageset_path LIKE '" . $HTTP_POST_VARS['imgroot'] . "'";
+				WHERE imageset_path LIKE '" . $_POST['imgroot'] . "'";
 			$result = $db->sql_query($sql);
 
 			$images = $db->sql_fetchrow($result);
 		}
-		if ( isset($HTTP_POST_VARS['img_addconfig']) )
+		if ( isset($_POST['img_addconfig']) )
 		{
 		}
-		else if ( isset($HTTP_POST_VARS['img_addlocal']) )
+		else if ( isset($_POST['img_addlocal']) )
 		{
 		}
 
@@ -142,15 +142,15 @@ switch ( $mode )
 
 	case 'edittemplate':
 
-		$tplcols = ( isset($HTTP_POST_VARS['tplcols']) ) ? max(60, intval($HTTP_POST_VARS['tplcols'])) : 90;
-		$tplrows = ( isset($HTTP_POST_VARS['tplrows']) ) ? max(4, intval($HTTP_POST_VARS['tplrows'])) : 30;
-		$tplname = ( isset($HTTP_POST_VARS['tplname']) ) ? $HTTP_POST_VARS['tplname']  : '';
-		$tplroot = ( isset($HTTP_POST_VARS['tplroot']) ) ? $HTTP_POST_VARS['tplroot']  : 'subSilver';
+		$tplcols = ( isset($_POST['tplcols']) ) ? max(60, intval($_POST['tplcols'])) : 90;
+		$tplrows = ( isset($_POST['tplrows']) ) ? max(4, intval($_POST['tplrows'])) : 30;
+		$tplname = ( isset($_POST['tplname']) ) ? $_POST['tplname']  : '';
+		$tplroot = ( isset($_POST['tplroot']) ) ? $_POST['tplroot']  : 'subSilver';
 
 		$str = '';
-		if ( isset($HTTP_POST_VARS['tpl_compile']) && !empty($HTTP_POST_VARS['decompile']) )
+		if ( isset($_POST['tpl_compile']) && !empty($_POST['decompile']) )
 		{
-			$str = "<?php\n" . $template->compile(stripslashes($HTTP_POST_VARS['decompile'])) . "\n?".">";
+			$str = "<?php\n" . $template->compile(stripslashes($_POST['decompile'])) . "\n?".">";
 
 			$fp = fopen($phpbb_root_path . 'templates/cache/' . $tplroot . '/' . $tplname . '.html.' . $phpEx, 'w+');
 			fwrite ($fp, $str);
@@ -162,7 +162,7 @@ switch ( $mode )
 
 			exit;
 		}
-		else if ( !empty($tplname) && isset($HTTP_POST_VARS['tpl_name']) )
+		else if ( !empty($tplname) && isset($_POST['tpl_name']) )
 		{
 			$fp = fopen($phpbb_root_path . 'templates/cache/' . $tplroot . '/' . $tplname . '.html.' . $phpEx, 'r');
 			while ( !feof($fp) )
@@ -175,10 +175,10 @@ switch ( $mode )
 		}
 		else
 		{
-			$str = ( !empty($HTTP_POST_VARS['decompile']) ) ? stripslashes($HTTP_POST_VARS['decompile']) : '';
+			$str = ( !empty($_POST['decompile']) ) ? stripslashes($_POST['decompile']) : '';
 		}
 
-		if ( isset($HTTP_POST_VARS['tpl_download']) )
+		if ( isset($_POST['tpl_download']) )
 		{
 			header("Content-Type: text/html; name=\"" . $tplname . ".html\"");
 			header("Content-disposition: attachment; filename=" . $tplname . ".html");
@@ -242,9 +242,9 @@ switch ( $mode )
 
 	case 'edittheme':
 
-		$theme_id = ( isset($HTTP_POST_VARS['themeroot']) ) ? $HTTP_POST_VARS['themeroot']  : '';
+		$theme_id = ( isset($_POST['themeroot']) ) ? $_POST['themeroot']  : '';
 
-		if ( isset($HTTP_POST_VARS['update']) )
+		if ( isset($_POST['update']) )
 		{
 			$sql = "SELECT theme_id, theme_name
 				FROM " . STYLES_CSS_TABLE . "
@@ -255,8 +255,8 @@ switch ( $mode )
 			{
 				$theme_name = $row['theme_name'];
 
-				$css_data = ( !empty($HTTP_POST_VARS['css_data']) ) ? htmlentities($HTTP_POST_VARS['css_data']) : '';
-				$css_external = ( !empty($HTTP_POST_VARS['css_data']) ) ? $HTTP_POST_VARS['css_data'] : '';
+				$css_data = ( !empty($_POST['css_data']) ) ? htmlentities($_POST['css_data']) : '';
+				$css_external = ( !empty($_POST['css_data']) ) ? $_POST['css_data'] : '';
 
 				$sql = "UPDATE " > STYLES_CSS_TABLE . "
 					SET css_data = '$css_data', css_external = '$css_external'

phpBB/admin/admin_users.php

@@ -21,7 +21,7 @@
 
 if ( !empty($setmodules) )
 {
-	if ( !$auth->get_acl_admin('user') )
+	if ( !$auth->acl_get('a_user') )
 	{
 		return;
 	}
@@ -46,7 +46,7 @@ require($phpbb_root_path . 'includes/functions_validate.'.$phpEx);
 //
 // Do we have forum admin permissions?
 //
-if ( !$auth->get_acl_admin('user') )
+if ( !$auth->acl_get('a_user') )
 {
 	return;
 }
@@ -54,9 +54,9 @@ if ( !$auth->get_acl_admin('user') )
 //
 // Set mode
 //
-if( isset( $HTTP_POST_VARS['mode'] ) || isset( $HTTP_GET_VARS['mode'] ) )
+if( isset( $_POST['mode'] ) || isset( $_GET['mode'] ) )
 {
-	$mode = ( isset( $HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
+	$mode = ( isset( $_POST['mode']) ) ? $_POST['mode'] : $_GET['mode'];
 }
 else
 {
@@ -66,14 +66,14 @@ else
 //
 // Begin program
 //
-if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username']) || isset($HTTP_GET_VARS['u']) || isset( $HTTP_POST_VARS['u']) ) )
+if ( $mode == 'edit' || $mode == 'save' && ( isset($_POST['username']) || isset($_GET['u']) || isset( $_POST['u']) ) )
 {
 	//
 	// Ok, the profile has been modified and submitted, let's update
 	//
-	if( ( $mode == 'save' && isset( $HTTP_POST_VARS['submit'] ) ) || isset( $HTTP_POST_VARS['avatargallery'] ) || isset( $HTTP_POST_VARS['submitavatar'] ) || isset( $HTTP_POST_VARS['cancelavatar'] ) )
+	if( ( $mode == 'save' && isset( $_POST['submit'] ) ) || isset( $_POST['avatargallery'] ) || isset( $_POST['submitavatar'] ) || isset( $_POST['cancelavatar'] ) )
 	{
-		$user_id = intval( $HTTP_POST_VARS['id'] );
+		$user_id = intval( $_POST['id'] );
 
 		$this_userdata = get_userdata($user_id);
 		if( !$this_userdata )
@@ -81,46 +81,46 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
 			message_die(MESSAGE, $lang['No_user_id_specified'] );
 		}
 
-		$username = ( !empty($HTTP_POST_VARS['username']) ) ? trim(strip_tags( $HTTP_POST_VARS['username'] ) ) : '';
-		$email = ( !empty($HTTP_POST_VARS['email']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['email'] ) )) : '';
+		$username = ( !empty($_POST['username']) ) ? trim(strip_tags( $_POST['username'] ) ) : '';
+		$email = ( !empty($_POST['email']) ) ? trim(strip_tags(htmlspecialchars( $_POST['email'] ) )) : '';
 
-		$password = ( !empty($HTTP_POST_VARS['password']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['password'] ) )) : '';
-		$password_confirm = ( !empty($HTTP_POST_VARS['password_confirm']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['password_confirm'] ) )) : '';
+		$password = ( !empty($_POST['password']) ) ? trim(strip_tags(htmlspecialchars( $_POST['password'] ) )) : '';
+		$password_confirm = ( !empty($_POST['password_confirm']) ) ? trim(strip_tags(htmlspecialchars( $_POST['password_confirm'] ) )) : '';
 
-		$icq = ( !empty($HTTP_POST_VARS['icq']) ) ? trim(strip_tags( $HTTP_POST_VARS['icq'] ) ) : '';
-		$aim = ( !empty($HTTP_POST_VARS['aim']) ) ? trim(strip_tags( $HTTP_POST_VARS['aim'] ) ) : '';
-		$msn = ( !empty($HTTP_POST_VARS['msn']) ) ? trim(strip_tags( $HTTP_POST_VARS['msn'] ) ) : '';
-		$yim = ( !empty($HTTP_POST_VARS['yim']) ) ? trim(strip_tags( $HTTP_POST_VARS['yim'] ) ) : '';
+		$icq = ( !empty($_POST['icq']) ) ? trim(strip_tags( $_POST['icq'] ) ) : '';
+		$aim = ( !empty($_POST['aim']) ) ? trim(strip_tags( $_POST['aim'] ) ) : '';
+		$msn = ( !empty($_POST['msn']) ) ? trim(strip_tags( $_POST['msn'] ) ) : '';
+		$yim = ( !empty($_POST['yim']) ) ? trim(strip_tags( $_POST['yim'] ) ) : '';
 
-		$website = ( !empty($HTTP_POST_VARS['website']) ) ? trim(strip_tags( $HTTP_POST_VARS['website'] ) ) : '';
-		$location = ( !empty($HTTP_POST_VARS['location']) ) ? trim(strip_tags( $HTTP_POST_VARS['location'] ) ) : '';
-		$occupation = ( !empty($HTTP_POST_VARS['occupation']) ) ? trim(strip_tags( $HTTP_POST_VARS['occupation'] ) ) : '';
-		$interests = ( !empty($HTTP_POST_VARS['interests']) ) ? trim(strip_tags( $HTTP_POST_VARS['interests'] ) ) : '';
-		$signature = ( !empty($HTTP_POST_VARS['signature']) ) ? trim(str_replace('<br />', "\n", $HTTP_POST_VARS['signature'] ) ) : '';
+		$website = ( !empty($_POST['website']) ) ? trim(strip_tags( $_POST['website'] ) ) : '';
+		$location = ( !empty($_POST['location']) ) ? trim(strip_tags( $_POST['location'] ) ) : '';
+		$occupation = ( !empty($_POST['occupation']) ) ? trim(strip_tags( $_POST['occupation'] ) ) : '';
+		$interests = ( !empty($_POST['interests']) ) ? trim(strip_tags( $_POST['interests'] ) ) : '';
+		$signature = ( !empty($_POST['signature']) ) ? trim(str_replace('<br />', "\n", $_POST['signature'] ) ) : '';
 
 		validate_optional_fields($icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature);
 
-		$viewemail = ( isset( $HTTP_POST_VARS['viewemail']) ) ? ( ( $HTTP_POST_VARS['viewemail'] ) ? TRUE : 0 ) : 0;
-		$allowviewonline = ( isset( $HTTP_POST_VARS['hideonline']) ) ? ( ( $HTTP_POST_VARS['hideonline'] ) ? 0 : TRUE ) : TRUE;
-		$notifyreply = ( isset( $HTTP_POST_VARS['notifyreply']) ) ? ( ( $HTTP_POST_VARS['notifyreply'] ) ? TRUE : 0 ) : 0;
-		$notifypm = ( isset( $HTTP_POST_VARS['notifypm']) ) ? ( ( $HTTP_POST_VARS['notifypm'] ) ? TRUE : 0 ) : TRUE;
-		$popuppm = ( isset( $HTTP_POST_VARS['popup_pm']) ) ? ( ( $HTTP_POST_VARS['popup_pm'] ) ? TRUE : 0 ) : TRUE;
-		$attachsig = ( isset( $HTTP_POST_VARS['attachsig']) ) ? ( ( $HTTP_POST_VARS['attachsig'] ) ? TRUE : 0 ) : 0;
+		$viewemail = ( isset( $_POST['viewemail']) ) ? ( ( $_POST['viewemail'] ) ? TRUE : 0 ) : 0;
+		$allowviewonline = ( isset( $_POST['hideonline']) ) ? ( ( $_POST['hideonline'] ) ? 0 : TRUE ) : TRUE;
+		$notifyreply = ( isset( $_POST['notifyreply']) ) ? ( ( $_POST['notifyreply'] ) ? TRUE : 0 ) : 0;
+		$notifypm = ( isset( $_POST['notifypm']) ) ? ( ( $_POST['notifypm'] ) ? TRUE : 0 ) : TRUE;
+		$popuppm = ( isset( $_POST['popup_pm']) ) ? ( ( $_POST['popup_pm'] ) ? TRUE : 0 ) : TRUE;
+		$attachsig = ( isset( $_POST['attachsig']) ) ? ( ( $_POST['attachsig'] ) ? TRUE : 0 ) : 0;
 
-		$allowhtml = ( isset( $HTTP_POST_VARS['allowhtml']) ) ? intval( $HTTP_POST_VARS['allowhtml'] ) : $board_config['allow_html'];
-		$allowbbcode = ( isset( $HTTP_POST_VARS['allowbbcode']) ) ? intval( $HTTP_POST_VARS['allowbbcode'] ) : $board_config['allow_bbcode'];
-		$allowsmilies = ( isset( $HTTP_POST_VARS['allowsmilies']) ) ? intval( $HTTP_POST_VARS['allowsmilies'] ) : $board_config['allow_smilies'];
+		$allowhtml = ( isset( $_POST['allowhtml']) ) ? intval( $_POST['allowhtml'] ) : $board_config['allow_html'];
+		$allowbbcode = ( isset( $_POST['allowbbcode']) ) ? intval( $_POST['allowbbcode'] ) : $board_config['allow_bbcode'];
+		$allowsmilies = ( isset( $_POST['allowsmilies']) ) ? intval( $_POST['allowsmilies'] ) : $board_config['allow_smilies'];
 
-		$user_style = ( $HTTP_POST_VARS['style'] ) ? intval( $HTTP_POST_VARS['style'] ) : $board_config['default_style'];
-		$user_lang = ( $HTTP_POST_VARS['language'] ) ? $HTTP_POST_VARS['language'] : $board_config['default_lang'];
-		$user_timezone = ( isset( $HTTP_POST_VARS['timezone']) ) ? doubleval( $HTTP_POST_VARS['timezone'] ) : $board_config['board_timezone'];
-		$user_template = ( $HTTP_POST_VARS['template'] ) ? $HTTP_POST_VARS['template'] : $board_config['board_template'];
-		$user_dateformat = ( $HTTP_POST_VARS['dateformat'] ) ? trim( $HTTP_POST_VARS['dateformat'] ) : $board_config['default_dateformat'];
+		$user_style = ( $_POST['style'] ) ? intval( $_POST['style'] ) : $board_config['default_style'];
+		$user_lang = ( $_POST['language'] ) ? $_POST['language'] : $board_config['default_lang'];
+		$user_timezone = ( isset( $_POST['timezone']) ) ? doubleval( $_POST['timezone'] ) : $board_config['board_timezone'];
+		$user_template = ( $_POST['template'] ) ? $_POST['template'] : $board_config['board_template'];
+		$user_dateformat = ( $_POST['dateformat'] ) ? trim( $_POST['dateformat'] ) : $board_config['default_dateformat'];
 
-		$user_avatar_local = ( isset( $HTTP_POST_VARS['avatarselect'] ) && !empty($HTTP_POST_VARS['submitavatar'] ) && $board_config['allow_avatar_local'] ) ? $HTTP_POST_VARS['avatarselect'] : ( ( isset( $HTTP_POST_VARS['avatarlocal'] )  ) ? $HTTP_POST_VARS['avatarlocal'] : '' );
+		$user_avatar_local = ( isset( $_POST['avatarselect'] ) && !empty($_POST['submitavatar'] ) && $board_config['allow_avatar_local'] ) ? $_POST['avatarselect'] : ( ( isset( $_POST['avatarlocal'] )  ) ? $_POST['avatarlocal'] : '' );
 
-		$user_avatar_remoteurl = ( !empty($HTTP_POST_VARS['avatarremoteurl']) ) ? trim( $HTTP_POST_VARS['avatarremoteurl'] ) : '';
-		$user_avatar_url = ( !empty($HTTP_POST_VARS['avatarurl']) ) ? trim( $HTTP_POST_VARS['avatarurl'] ) : '';
+		$user_avatar_remoteurl = ( !empty($_POST['avatarremoteurl']) ) ? trim( $_POST['avatarremoteurl'] ) : '';
+		$user_avatar_url = ( !empty($_POST['avatarurl']) ) ? trim( $_POST['avatarurl'] ) : '';
 		$user_avatar_loc = ( $HTTP_POST_FILES['avatar']['tmp_name'] != "none") ? $HTTP_POST_FILES['avatar']['tmp_name'] : '';
 		$user_avatar_name = ( !empty($HTTP_POST_FILES['avatar']['name']) ) ? $HTTP_POST_FILES['avatar']['name'] : '';
 		$user_avatar_size = ( !empty($HTTP_POST_FILES['avatar']['size']) ) ? $HTTP_POST_FILES['avatar']['size'] : 0;
@@ -129,12 +129,12 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
 		$user_avatar = ( empty($user_avatar_loc) ) ? $this_userdata['user_avatar'] : '';
 		$user_avatar_type = ( empty($user_avatar_loc) ) ? $this_userdata['user_avatar_type'] : '';
 
-		$user_status = ( !empty($HTTP_POST_VARS['user_status']) ) ? intval( $HTTP_POST_VARS['user_status'] ) : 0;
-		$user_allowpm = ( !empty($HTTP_POST_VARS['user_allowpm']) ) ? intval( $HTTP_POST_VARS['user_allowpm'] ) : 0;
-		$user_rank = ( !empty($HTTP_POST_VARS['user_rank']) ) ? intval( $HTTP_POST_VARS['user_rank'] ) : 0;
-		$user_allowavatar = ( !empty($HTTP_POST_VARS['user_allowavatar']) ) ? intval( $HTTP_POST_VARS['user_allowavatar'] ) : 0;
+		$user_status = ( !empty($_POST['user_status']) ) ? intval( $_POST['user_status'] ) : 0;
+		$user_allowpm = ( !empty($_POST['user_allowpm']) ) ? intval( $_POST['user_allowpm'] ) : 0;
+		$user_rank = ( !empty($_POST['user_rank']) ) ? intval( $_POST['user_rank'] ) : 0;
+		$user_allowavatar = ( !empty($_POST['user_allowavatar']) ) ? intval( $_POST['user_allowavatar'] ) : 0;
 
-		if( isset( $HTTP_POST_VARS['avatargallery'] ) || isset( $HTTP_POST_VARS['submitavatar'] ) || isset( $HTTP_POST_VARS['cancelavatar'] ) )
+		if( isset( $_POST['avatargallery'] ) || isset( $_POST['submitavatar'] ) || isset( $_POST['cancelavatar'] ) )
 		{
 			$username = stripslashes($username);
 			$email = stripslashes($email);
@@ -155,7 +155,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
 			$user_lang = stripslashes($user_lang);
 			$user_dateformat = stripslashes($user_dateformat);
 
-			if ( !isset($HTTP_POST_VARS['cancelavatar']))
+			if ( !isset($_POST['cancelavatar']))
 			{
 				$user_avatar = $user_avatar_local;
 				$user_avatar_type = USER_AVATAR_GALLERY;
@@ -163,7 +163,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
 		}
 	}
 
-	if( isset( $HTTP_POST_VARS['submit'] ) )
+	if( isset( $_POST['submit'] ) )
 	{
 		include($phpbb_root_path . 'includes/usercp_avatar.'.$phpEx);
 
@@ -250,7 +250,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
 		// Avatar stuff
 		//
 		$avatar_sql = '';
-		if( isset($HTTP_POST_VARS['avatardel']) )
+		if( isset($_POST['avatardel']) )
 		{
 			if( $this_userdata['user_avatar_type'] == USER_AVATAR_UPLOAD && $this_userdata['user_avatar'] != "" )
 			{
@@ -518,7 +518,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
 		//
 		if( !$error )
 		{
-			if( $HTTP_POST_VARS['deleteuser'] )
+			if( $_POST['deleteuser'] )
 			{
 				$sql = "SELECT g.group_id
 					FROM " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE . " g
@@ -621,11 +621,11 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
 			$user_dateformat = stripslashes($user_dateformat);
 		}
 	}
-	else if( !isset( $HTTP_POST_VARS['submit'] ) && $mode != 'save' && !isset( $HTTP_POST_VARS['avatargallery'] ) && !isset( $HTTP_POST_VARS['submitavatar'] ) && !isset( $HTTP_POST_VARS['cancelavatar'] ) )
+	else if( !isset( $_POST['submit'] ) && $mode != 'save' && !isset( $_POST['avatargallery'] ) && !isset( $_POST['submitavatar'] ) && !isset( $_POST['cancelavatar'] ) )
 	{
-		if( isset( $HTTP_GET_VARS[POST_USERS_URL]) || isset( $HTTP_POST_VARS[POST_USERS_URL]) )
+		if( isset( $_GET[POST_USERS_URL]) || isset( $_POST[POST_USERS_URL]) )
 		{
-			$user_id = ( isset( $HTTP_POST_VARS[POST_USERS_URL]) ) ? intval( $HTTP_POST_VARS[POST_USERS_URL]) : intval( $HTTP_GET_VARS[POST_USERS_URL]);
+			$user_id = ( isset( $_POST[POST_USERS_URL]) ) ? intval( $_POST[POST_USERS_URL]) : intval( $_GET[POST_USERS_URL]);
 			$this_userdata = get_userdata($user_id);
 			if( !$this_userdata )
 			{
@@ -634,7 +634,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
 		}
 		else
 		{
-			$this_userdata = get_userdata( $HTTP_POST_VARS['username'] );
+			$this_userdata = get_userdata( $_POST['username'] );
 			if( !$this_userdata )
 			{
 				message_die(MESSAGE, $lang['No_user_id_specified'] );
@@ -689,11 +689,11 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
 		$smilies_status = ($this_userdata['user_allowsmile'] ) ? $lang['Smilies_are_ON'] : $lang['Smilies_are_OFF'];
 	}
 
-	if( isset($HTTP_POST_VARS['avatargallery']) && !$error )
+	if( isset($_POST['avatargallery']) && !$error )
 	{
 		if( !$error )
 		{
-			$user_id = intval($HTTP_POST_VARS['id']);
+			$user_id = intval($_POST['id']);
 
 			$template->set_filenames(array(
 				"body" => "admin/user_avatar_gallery.tpl")
@@ -730,9 +730,9 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
 
 			@closedir($dir);
 
-			if( isset($HTTP_POST_VARS['avatarcategory']) )
+			if( isset($_POST['avatarcategory']) )
 			{
-				$category = $HTTP_POST_VARS['avatarcategory'];
+				$category = $_POST['avatarcategory'];
 			}
 			else
 			{
@@ -769,7 +769,7 @@ if ( $mode == 'edit' || $mode == 'save' && ( isset($HTTP_POST_VARS['username'])
 				}
 			}
 
-			$coppa = ( ( !$HTTP_POST_VARS['coppa'] && !$HTTP_GET_VARS['coppa'] ) || $mode == "register") ? 0 : TRUE;
+			$coppa = ( ( !$_POST['coppa'] && !$_GET['coppa'] ) || $mode == "register") ? 0 : TRUE;
 
 			$s_hidden_fields = '<input type="hidden" name="mode" value="edit" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />';
 			$s_hidden_fields .= '<input type="hidden" name="id" value="' . $user_id . '" />';

phpBB/admin/admin_viewlogs.php

@@ -21,7 +21,7 @@
 
 if ( !empty($setmodules) )
 {
-	if ( !$auth->get_acl_admin('general') )
+	if ( !$auth->acl_get('a_general') )
 	{
 		return;
 	}
@@ -44,7 +44,7 @@ require('pagestart.' . $phpEx);
 //
 // Do we have styles admin permissions?
 //
-if ( !$auth->get_acl_admin('general') )
+if ( !$auth->acl_get('a_general') )
 {
 	message_die(MESSAGE, $lang['No_admin']);
 }
@@ -52,11 +52,11 @@ if ( !$auth->get_acl_admin('general') )
 //
 // Set some variables
 //
-$start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0;
+$start = ( isset($_GET['start']) ) ? intval($_GET['start']) : 0;
 
-if ( isset($HTTP_POST_VARS['mode']) ||  isset($HTTP_GET_VARS['mode']) )
+if ( isset($_POST['mode']) ||  isset($_GET['mode']) )
 {
-	$mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
+	$mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode'];
 }
 else
 {
@@ -73,12 +73,12 @@ $l_title_explain = ( $mode == 'admin' ) ? $lang['Admin_logs_explain'] : $lang['M
 //
 // Delete entries if requested and able
 //
-if ( ( isset($HTTP_POST_VARS['delmarked']) || isset($HTTP_POST_VARS['delall']) ) && $auth->get_acl_admin('clearlogs'))
+if ( ( isset($_POST['delmarked']) || isset($_POST['delall']) ) && $auth->acl_get('a_clearlogs'))
 {
 	$where_sql = '';
-	if ( isset($HTTP_POST_VARS['delmarked']) && isset($HTTP_POST_VARS['mark']) )
+	if ( isset($_POST['delmarked']) && isset($_POST['mark']) )
 	{
-		foreach ( $HTTP_POST_VARS['mark'] as $marked )
+		foreach ( $_POST['mark'] as $marked )
 		{
 			$where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . intval($marked);
 		}
@@ -95,11 +95,11 @@ if ( ( isset($HTTP_POST_VARS['delmarked']) || isset($HTTP_POST_VARS['delall']) )
 //
 // Sorting ... this could become a function
 //
-if ( isset($HTTP_POST_VARS['sort']) || $start )
+if ( isset($_POST['sort']) || $start )
 {
-	if ( !empty($HTTP_POST_VARS['sort_days']) || !empty($HTTP_GET_VARS['sort_days']) )
+	if ( !empty($_POST['sort_days']) || !empty($_GET['sort_days']) )
 	{
-		$sort_days = ( !empty($HTTP_POST_VARS['sort_days']) ) ? intval($HTTP_POST_VARS['sort_days']) : intval($HTTP_GET_VARS['sort_days']);
+		$sort_days = ( !empty($_POST['sort_days']) ) ? intval($_POST['sort_days']) : intval($_GET['sort_days']);
 		$where_sql = time() - ( $sort_days * 86400 );
 	}
 	else
@@ -107,8 +107,8 @@ if ( isset($HTTP_POST_VARS['sort']) || $start )
 		$where_sql = 0;
 	}
 
-	$sort_key = ( isset($HTTP_POST_VARS['sort_key']) ) ? $HTTP_POST_VARS['sort_key'] : $HTTP_GET_VARS['sort_key'];
-	$sort_dir = ( isset($HTTP_POST_VARS['sort_dir']) ) ? $HTTP_POST_VARS['sort_dir'] : $HTTP_GET_VARS['sort_dir'];
+	$sort_key = ( isset($_POST['sort_key']) ) ? $_POST['sort_key'] : $_GET['sort_key'];
+	$sort_dir = ( isset($_POST['sort_dir']) ) ? $_POST['sort_dir'] : $_GET['sort_dir'];
 }
 else
 {
@@ -144,30 +144,11 @@ $sort_sql = $sort_by[$sort_key] . ' ' . ( ( $sort_dir == 'd' ) ? 'DESC' : 'ASC'
 //
 // Define forum list if we're looking @ mod logs
 //
-$forum_options = '';
+$forum_box = '';
 if ( $mode == 'mod' )
 {
-	$sql = "SELECT forum_id, forum_name
-		FROM " . FORUMS_TABLE . "
-		ORDER BY cat_id, forum_order";
-	$result = $db->sql_query($sql);
-
-	if ( $row = $db->sql_fetchrow($result) )
-	{
-		$forum_id = ( isset($HTTP_POST_VARS['f']) ) ? intval($HTTP_POST_VARS['f']) : $row['forum_id'];
-
-		do
-		{
-			$selected = ( $row['forum_id'] == $forum_id ) ? ' selected="selected"' : '';
-			$forum_options .= '<option value="' . $row['forum_id'] . '"' . $selected . '>' . $row['forum_name'] . '</option>';
-		}
-		while ( $row = $db->sql_fetchrow($result) );
-	}
-	else
-	{
-		$forum_id = 0;
-		$forum_options = '<option>' . $lang['No_forums'] . '</option>';
-	}
+	include($phpbb_root_path . '/includes/functions_admin.'.$phpEx);
+	$forum_box = make_forum_select('f');
 }
 
 //
@@ -190,7 +171,7 @@ if ( $mode == 'mod' )
 ?>
 <table width="100%" cellpadding="1" cellspacing="1" border="0">
 	<tr>
-		<td align="right"><?php echo $lang['Select_forum']; ?>: <select name="f" onchange="this.form.submit()"><?php echo $forum_options; ?></select> <input class="liteoption" type="submit" value="<?php echo $lang['Go']; ?>" /></td>
+		<td align="right"><?php echo $lang['Select_forum']; ?>: <?php echo $forum_box; ?> <input class="liteoption" type="submit" value="<?php echo $lang['Go']; ?>" /></td>
 	</tr>
 </table>
 <?php
@@ -237,7 +218,7 @@ if ( $log_count )
 
 	}
 
-	if ( $auth->get_acl_admin('clearlogs') )
+	if ( $auth->acl_get('a_clearlogs') )
 	{
 
 ?>
@@ -266,7 +247,7 @@ else
 		<td align="left" valign="top">&nbsp;<span class="nav"><?php echo on_page($log_count, $board_config['topics_per_page'], $start); ?></span></td>
 		<td align="right" valign="top" nowrap="nowrap"><?php
 
-	if ( $auth->get_acl_admin('clearlogs') )
+	if ( $auth->acl_get('a_clearlogs') )
 	{
 
 

phpBB/admin/admin_words.php

@@ -21,7 +21,7 @@
 
 if ( !empty($setmodules) )
 {
-	if ( !$auth->get_acl_admin('general') )
+	if ( !$auth->acl_get('a_general') )
 	{
 		return;
 	}
@@ -42,7 +42,7 @@ require('pagestart.' . $phpEx);
 //
 // Do we have forum admin permissions?
 //
-if ( !$auth->get_acl_admin('general') )
+if ( !$auth->acl_get('a_general') )
 {
 	return;
 }
@@ -50,20 +50,20 @@ if ( !$auth->get_acl_admin('general') )
 //
 //
 //
-if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
+if ( isset($_GET['mode']) || isset($_POST['mode']) )
 {
-	$mode = ( isset($HTTP_GET_VARS['mode']) ) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
+	$mode = ( isset($_GET['mode']) ) ? $_GET['mode'] : $_POST['mode'];
 }
 else
 {
 	//
 	// These could be entered via a form button
 	//
-	if ( isset($HTTP_POST_VARS['add']) )
+	if ( isset($_POST['add']) )
 	{
 		$mode = 'add';
 	}
-	else if ( isset($HTTP_POST_VARS['save']) )
+	else if ( isset($_POST['save']) )
 	{
 		$mode = 'save';
 	}
@@ -79,7 +79,7 @@ if( $mode != '' )
 	{
 		case 'edit':
 		case 'add':
-			$word_id = ( isset($HTTP_GET_VARS['id']) ) ? intval($HTTP_GET_VARS['id']) : 0;
+			$word_id = ( isset($_GET['id']) ) ? intval($_GET['id']) : 0;
 
 			$s_hidden_fields = '';
 			if ( $mode == 'edit' )
@@ -128,9 +128,9 @@ if( $mode != '' )
 			break;
 
 		case 'save':
-			$word_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : 0;
-			$word = ( isset($HTTP_POST_VARS['word']) ) ? trim($HTTP_POST_VARS['word']) : '';
-			$replacement = ( isset($HTTP_POST_VARS['replacement']) ) ? trim($HTTP_POST_VARS['replacement']) : '';
+			$word_id = ( isset($_POST['id']) ) ? intval($_POST['id']) : 0;
+			$word = ( isset($_POST['word']) ) ? trim($_POST['word']) : '';
+			$replacement = ( isset($_POST['replacement']) ) ? trim($_POST['replacement']) : '';
 
 			if ( $word == '' || $replacement == '' )
 			{
@@ -149,9 +149,9 @@ if( $mode != '' )
 
 		case 'delete':
 
-			if ( isset($HTTP_POST_VARS['id']) || isset($HTTP_GET_VARS['id']) )
+			if ( isset($_POST['id']) || isset($_GET['id']) )
 			{
-				$word_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : intval($HTTP_GET_VARS['id']);
+				$word_id = ( isset($_POST['id']) ) ? intval($_POST['id']) : intval($_GET['id']);
 			}
 			else
 			{

phpBB/admin/index.php

@@ -37,7 +37,7 @@ require('pagestart.' . $phpEx);
 //
 // Do we have any admin permissions at all?
 //
-if ( !$auth->get_acl_admin() )
+if ( !$auth->acl_get('a_') )
 {
 	message_die(MESSAGE, 'No_admin', '', true);
 }

phpBB/admin/pagestart.php

@@ -31,55 +31,26 @@ include($phpbb_root_path . 'common.'.$phpEx);
 // Start session management
 //
 $userdata = $session->start($update);
-$auth->acl($userdata);
+$auth->acl($userdata, false, 'a_');
 $user = new user($userdata);
 //
 // End session management
 //
 
-//
-// Configure style, language, etc.
-//
-//$session->configure($userdata);
-
 // -----------------------------
 // Functions
-//
 function page_header($sub_title, $meta = '', $table_html = true)
 {
-	global $board_config, $db, $lang, $phpEx, $gzip_compress;
-	global $HTTP_SERVER_VARS;
+	global $board_config, $db, $lang, $phpEx;
 
 	define('HEADER_INC', true);
 
-	//
 	// gzip_compression
-	//
-	$gzip_compress = false;
 	if ( $board_config['gzip_compress'] )
 	{
-		$phpver = phpversion();
-
-		if ( $phpver >= '4.0.4pl1' && strstr($HTTP_SERVER_VARS['HTTP_USER_AGENT'], 'compatible') )
+		if ( extension_loaded('zlib') && strstr($HTTP_USER_AGENT,'compatible') && !headers_sent() )
 		{
-			if ( extension_loaded('zlib') )
-			{
-				ob_start('ob_gzhandler');
-			}
-		}
-		else if ( $phpver > '4.0' )
-		{
-			if ( strstr($HTTP_SERVER_VARS['HTTP_ACCEPT_ENCODING'], 'gzip') )
-			{
-				if ( extension_loaded('zlib') )
-				{
-					$gzip_compress = true;
-					ob_start();
-					ob_implicit_flush(0);
-
-					header("Content-Encoding: gzip");
-				}
-			}
+			ob_start('ob_gzhandler');
 		}
 	}
 
@@ -133,7 +104,7 @@ td.cat	{ background-image: url('images/cellpic1.gif') }
 
 function page_footer($copyright_html = true)
 {
-	global $board_config, $db, $lang, $phpEx, $gzip_compress;
+	global $board_config, $db, $lang, $phpEx;
 
 ?>
 
@@ -157,37 +128,10 @@ function page_footer($copyright_html = true)
 
 	}
 
-	//
 	// Close our DB connection.
-	//
 	$db->sql_close();
 
-	//
-	// Compress buffered output if required
-	// and send to browser
-	//
-	if ( $gzip_compress )
-	{
-		//
-		// Borrowed from php.net!
-		//
-		$gzip_contents = ob_get_contents();
-		ob_end_clean();
-
-		$gzip_size = strlen($gzip_contents);
-		$gzip_crc = crc32($gzip_contents);
-
-		$gzip_contents = gzcompress($gzip_contents, 9);
-		$gzip_contents = substr($gzip_contents, 0, strlen($gzip_contents) - 4);
-
-		echo "\x1f\x8b\x08\x00\x00\x00\x00\x00";
-		echo $gzip_contents;
-		echo pack("V", $gzip_crc);
-		echo pack("V", $gzip_size);
-	}
-
 	exit;
-
 }
 
 function page_message($title, $message, $show_header = false)
@@ -305,7 +249,6 @@ function view_log($mode, &$log, &$log_count, $limit = 0, $offset = 0, $forum_id
 
 	return;
 }
-//
 // End Functions
 // -----------------------------
 

phpBB/faq.php

@@ -24,26 +24,16 @@ $phpbb_root_path = './';
 include($phpbb_root_path . 'extension.inc');
 include($phpbb_root_path . 'common.'.$phpEx);
 
-//
 // Start session management
-//
 $userdata = $session->start();
 $auth->acl($userdata);
-//
+$user = new user($userdata);
 // End session management
-//
 
-//
-// Configure style, language, etc.
-//
-$session->configure($userdata);
-
-//
 // Load the appropriate faq file
-//
-if ( isset($HTTP_GET_VARS['mode']) )
+if ( isset($_GET['mode']) )
 {
-	switch( $HTTP_GET_VARS['mode'] )
+	switch( $_GET['mode'] )
 	{
 		case 'bbcode':
 			$lang_file = 'lang_bbcode';
@@ -60,11 +50,10 @@ else
 	$lang_file = 'lang_faq';
 	$l_title = $lang['FAQ'];
 }
-include($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/' . $lang_file . '.' . $phpEx);
 
-//
+include($user->lang_path . $lang_file . '.' . $phpEx);
+
 // Pull the array data from the lang pack
-//
 $j = 0;
 $counter = 0;
 $counter_2 = 0;

phpBB/index.php

@@ -39,11 +39,9 @@ else
 // Start session management
 $userdata = $session->start();
 $auth->acl($userdata);
+$user = new user($userdata);
 // End session management
 
-// Configure style, language, etc.
-$session->configure($userdata);
-
 // Handle marking posts
 if ($mark_read == 'forums')
 {
@@ -116,7 +114,7 @@ else
 {
 	$is_nav = TRUE;
 
-	if (!$auth->get_acl($cat_id, 'forum', 'list'))
+	if (!$auth->acl_get('f_list', $cat_id))
 	{
 		// TODO: Deal with hidden categories
 		message_die(ERROR, $lang['Category_not_exist']);
@@ -194,7 +192,7 @@ while ($row = $db->sql_fetchrow($result))
 		elseif ($row['display_on_index'] && $row['forum_status'] != ITEM_CATEGORY)
 		{
 			// Subforum, store it for direct linking
-			if ($auth->get_acl($row['forum_id'], 'forum', 'list'))
+			if ($auth->acl_get('f_list', $row['forum_id']))
 			{
 				$subforums[$parent_id][] = $row;
 			}

phpBB/install/schemas/mysql_basic.sql

@@ -86,59 +86,63 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('ldap_base_dn', '')
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('ldap_uid', '');
 
 # -- auth options
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_list');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_read');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_post');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_reply');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_edit');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_delete');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_poll');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_vote');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_announce');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_sticky');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_attach');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_download');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_html');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_bbcode');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_smilies');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_img');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_flash');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_sigs');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_search');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_email');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_rate');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_print');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_ignoreflood');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('forum_ignorequeue');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('m_');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('a_');
 
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('mod_edit');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('mod_delete');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('mod_move');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('mod_lock');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('mod_split');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('mod_merge');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('mod_approve');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('mod_unrate');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('mod_auth');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_list');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_read');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_post');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_reply');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_edit');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_delete');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_poll');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_vote');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_announce');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_sticky');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_attach');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_download');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_html');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_bbcode');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_smilies');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_img');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_flash');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_sigs');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_search');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_email');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_rate');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_print');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_ignoreflood');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('f_ignorequeue');
 
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('admin_general');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('admin_user');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('admin_group');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('admin_forum');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('admin_post');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('admin_ban');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('admin_auth');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('admin_email');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('admin_styles');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('admin_backup');
-INSERT INTO phpbb_auth_options (auth_value) VALUES ('admin_clearlogs');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('m_edit');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('m_delete');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('m_move');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('m_lock');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('m_split');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('m_merge');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('m_approve');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('m_unrate');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('m_auth');
+
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('a_general');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('a_user');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('a_group');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('a_forum');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('a_post');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('a_ban');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('a_auth');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('a_email');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('a_styles');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('a_backup');
+INSERT INTO phpbb_auth_options (auth_value) VALUES ('a_clearlogs');
 
 
 # -- phpbb_styles
 INSERT INTO phpbb_styles (style_id, template_id, theme_id, imageset_id, style_name) VALUES (1, 1, 1, 1, 'subSilver');
 
 # -- phpbb_styles_imageset
-INSERT INTO phpbb_styles_imageset (imageset_id, imageset_name, imageset_path, post_new, post_locked, post_pm, reply_new, reply_pm, reply_locked, icon_quote, icon_edit, icon_search, icon_profile, icon_pm, icon_email, icon_www, icon_icq, icon_aim, icon_yim, icon_msnm, icon_no_email, icon_no_www, icon_no_icq, icon_no_aim, icon_no_yim, icon_no_msnm, icon_delete, icon_ip, goto_post, goto_post_new, goto_post_latest, goto_post_newest, forum, forum_new, forum_locked, folder, folder_new, folder_hot, folder_hot_new, folder_locked, folder_locked_new, folder_sticky, folder_sticky_new, folder_announce, folder_announce_new, topic_watch, topic_unwatch, poll_left, poll_center, poll_right, rating) VALUES (1, 'subSilver © phpBB Group', 'subSilver', '"imagesets/subSilver/{LANG}/post.gif" width="82" height="25" border="0"', '"imagesets/subSilver/{LANG}/reply-locked.gif" width="82" height="25" border="0"', '"imagesets/subSilver/{LANG}/post.gif" width="82" height="25" border="0"', '"imagesets/subSilver/{LANG}/reply.gif" width="88" height="27" border="0"', '"imagesets/subSilver/{LANG}/reply.gif" width="88" height="27" border="0"', '"imagesets/subSilver/{LANG}/reply-locked.gif" width="82" height="25" border="0"', '"imagesets/subSilver/{LANG}/icon_quote.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_edit.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_search.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_profile.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_pm.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_email.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_www.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_icq_add.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_aim.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_yim.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_msnm.gif" width="59" height="18" border="0"', '', '', '', '', '', '', '"imagesets/subSilver/icon_delete.gif" width="16" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_ip.gif" width="16" height="18" border="0"', '"imagesets/subSilver/icon_minipost.gif" width="12" height="9" border="0"', '"imagesets/subSilver/icon_minipost_new.gif" width="12" height="9" border="0"', '"imagesets/subSilver/icon_latest_reply.gif" width="18" height="9" border="0"', '"imagesets/subSilver/icon_newest_reply.gif" width="18" height="9" border="0"', '"imagesets/subSilver/folder_big.gif" width="46" height="25" border="0"', '"imagesets/subSilver/folder_new_big.gif" width="46" height="25" border="0"', '"imagesets/subSilver/folder_locked_big.gif" width="46" height="25" border="0"', '"imagesets/subSilver/folder.gif" width="19" height="18" border="0"', '"imagesets/subSilver/folder_new.gif" width="19" height="18" border="0"', '"imagesets/subSilver/folder_hot.gif" width="19" height="18" border="0"', '"imagesets/subSilver/folder_new_hot.gif" width="19" height="18" border="0"', '"imagesets/subSilver/folder_lock.gif" width="19" height="18" border="0"', '"imagesets/subSilver/folder_lock_new.gif" width="19" height="18" border="0"', '"imagesets/subSilver/folder_sticky.gif" width="19" height="18" border="0"', '"imagesets/subSilver/folder_sticky_new.gif" width="19" height="18" border="0"', '"imagesets/subSilver/folder_announce.gif" width="19" height="18" border="0"', '"imagesets/subSilver/folder_announce_new.gif" width="19" height="18" border="0"', '', '', '"imagesets/subSilver/voting_lcap.gif" width="4" height="12" border="0"', '"imagesets/subSilver/voting_rcap.gif" height="12" border="0"', '"imagesets/subSilver/voting_bar.gif" width="4" height="12" border="0"', '"imagesets/subSilver/ratings/{RATE}.gif" width="45" height="17" border="0"');
+INSERT INTO phpbb_styles_imageset (imageset_id, imageset_name, imageset_path, post_new, post_locked, post_pm, reply_new, reply_pm, reply_locked, icon_quote, icon_edit, icon_search, icon_profile, icon_pm, icon_email, icon_www, icon_icq, icon_aim, icon_yim, icon_msnm, icon_no_email, icon_no_www, icon_no_icq, icon_no_aim, icon_no_yim, icon_no_msnm, icon_delete, icon_ip, goto_post, goto_post_new, goto_post_latest, goto_post_newest, forum, forum_new, forum_locked, sub_forum, sub_forum_new, folder, folder_new, folder_hot, folder_hot_new, folder_locked, folder_locked_new, folder_sticky, folder_sticky_new, folder_announce, folder_announce_new, topic_watch, topic_unwatch, poll_left, poll_center, poll_right, rating) VALUES (1, 'subSilver © phpBB Group', 'subSilver', '"imagesets/subSilver/{LANG}/post.gif" width="82" height="25" border="0"', '"imagesets/subSilver/{LANG}/reply-locked.gif" width="82" height="25" border="0"', '"imagesets/subSilver/{LANG}/post.gif" width="82" height="25" border="0"', '"imagesets/subSilver/{LANG}/reply.gif" width="88" height="27" border="0"', '"imagesets/subSilver/{LANG}/reply.gif" width="88" height="27" border="0"', '"imagesets/subSilver/{LANG}/reply-locked.gif" width="82" height="25" border="0"', '"imagesets/subSilver/{LANG}/icon_quote.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_edit.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_search.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_profile.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_pm.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_email.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_www.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_icq_add.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_aim.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_yim.gif" width="59" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_msnm.gif" width="59" height="18" border="0"', '', '', '', '', '', '', '"imagesets/subSilver/icon_delete.gif" width="16" height="18" border="0"', '"imagesets/subSilver/{LANG}/icon_ip.gif" width="16" height="18" border="0"', '"imagesets/subSilver/icon_minipost.gif" width="12" height="9" border="0"', '"imagesets/subSilver/icon_minipost_new.gif" width="12" height="9" border="0"', '"imagesets/subSilver/icon_latest_reply.gif" width="18" height="9" border="0"', '"imagesets/subSilver/icon_newest_reply.gif" width="18" height="9" border="0"', '"imagesets/subSilver/folder_big.gif" width="46" height="25" border="0"', '"imagesets/subSilver/folder_new_big.gif" width="46" height="25" border="0"', '"imagesets/subSilver/folder_locked_big.gif" width="46" height="25" border="0"', '"imagesets/subSilver/subfolder_big.gif" width="46" height="25" border="0"', '"imagesets/subSilver/subfolder_new_big.gif" width="46" height="25" border="0"', '"imagesets/subSilver/folder.gif" width="19" height="18" border="0"', '"imagesets/subSilver/folder_new.gif" width="19" height="18" border="0"', '"imagesets/subSilver/folder_hot.gif" width="19" height="18" border="0"', '"imagesets/subSilver/folder_new_hot.gif" width="19" height="18" border="0"', '"imagesets/subSilver/folder_lock.gif" width="19" height="18" border="0"', '"imagesets/subSilver/folder_lock_new.gif" width="19" height="18" border="0"', '"imagesets/subSilver/folder_sticky.gif" width="19" height="18" border="0"', '"imagesets/subSilver/folder_sticky_new.gif" width="19" height="18" border="0"', '"imagesets/subSilver/folder_announce.gif" width="19" height="18" border="0"', '"imagesets/subSilver/folder_announce_new.gif" width="19" height="18" border="0"', '', '', '"imagesets/subSilver/voting_lcap.gif" width="4" height="12" border="0"', '"imagesets/subSilver/voting_rcap.gif" height="12" border="0"', '"imagesets/subSilver/voting_bar.gif" width="4" height="12" border="0"', '"imagesets/subSilver/ratings/{RATE}.gif" width="45" height="17" border="0"');
 
 # -- phpbb_styles_template
 INSERT INTO phpbb_styles_template (template_id, template_name, template_path, poll_length, pm_box_length, compile_crc) VALUES (1, 'subSilver © phpBB Group', 'subSilver', 205, 175, '');
@@ -177,16 +181,17 @@ INSERT INTO phpbb_user_group (group_id, user_id, user_pending) VALUES (5, 2, 0);
 
 
 # -- User auth
+INSERT INTO phpbb_auth_users (user_id, forum_id, auth_option_id, auth_allow_deny) SELECT 2, 1, auth_option_id, 8 FROM phpbb_auth_options WHERE auth_value LIKE 'm_%';
 
 # -- Group auth
-INSERT INTO phpbb_auth_groups (group_id, forum_id, auth_option_id, auth_allow_deny) SELECT 1, 1, auth_option_id, 4 FROM phpbb_auth_options WHERE auth_value IN ('forum_list', 'forum_read', 'forum_post', 'forum_reply');
-INSERT INTO phpbb_auth_groups (group_id, forum_id, auth_option_id, auth_allow_deny) SELECT 2, 1, auth_option_id, 8 FROM phpbb_auth_options WHERE auth_value LIKE 'forum%';
-INSERT INTO phpbb_auth_groups (group_id, forum_id, auth_option_id, auth_allow_deny) SELECT 5, 0, auth_option_id, 8 FROM phpbb_auth_options WHERE auth_value LIKE 'admin%';
+INSERT INTO phpbb_auth_groups (group_id, forum_id, auth_option_id, auth_allow_deny) SELECT 1, 1, auth_option_id, 4 FROM phpbb_auth_options WHERE auth_value IN ('f_list', 'f_read', 'f_post', 'f_reply');
+INSERT INTO phpbb_auth_groups (group_id, forum_id, auth_option_id, auth_allow_deny) SELECT 2, 1, auth_option_id, 8 FROM phpbb_auth_options WHERE auth_value LIKE 'f_%';
+INSERT INTO phpbb_auth_groups (group_id, forum_id, auth_option_id, auth_allow_deny) SELECT 5, 0, auth_option_id, 8 FROM phpbb_auth_options WHERE auth_value LIKE 'a_%';
 
 # -- Prefetch auth
-INSERT INTO phpbb_auth_prefetch (user_id, forum_id, auth_option_id, auth_allow_deny) SELECT 0, 1, auth_option_id, 1 FROM phpbb_auth_options WHERE auth_value IN ('forum_list', 'forum_read', 'forum_post', 'forum_reply');
-INSERT INTO phpbb_auth_prefetch (user_id, forum_id, auth_option_id, auth_allow_deny) SELECT 2, 0, auth_option_id, 1 FROM phpbb_auth_options WHERE auth_value LIKE 'admin%';
-INSERT INTO phpbb_auth_prefetch (user_id, forum_id, auth_option_id, auth_allow_deny) SELECT 2, 1, auth_option_id, 1 FROM phpbb_auth_options WHERE auth_value LIKE 'forum_mod%';
+INSERT INTO phpbb_auth_prefetch (user_id, forum_id, auth_option_id, auth_allow_deny) SELECT 0, 1, auth_option_id, 1 FROM phpbb_auth_options WHERE auth_value IN ('f_list', 'f_read', 'f_post', 'f_reply');
+INSERT INTO phpbb_auth_prefetch (user_id, forum_id, auth_option_id, auth_allow_deny) SELECT 2, 0, auth_option_id, 1 FROM phpbb_auth_options WHERE auth_value LIKE 'a_%';
+INSERT INTO phpbb_auth_prefetch (user_id, forum_id, auth_option_id, auth_allow_deny) SELECT 2, 1, auth_option_id, 1 FROM phpbb_auth_options WHERE auth_value LIKE 'm_%';
 
 
 # -- Demo Topic

phpBB/install/schemas/mysql_schema.sql

@@ -618,6 +618,7 @@ CREATE TABLE phpbb_users (
    user_id mediumint(8) UNSIGNED NOT NULL auto_increment,
    user_active tinyint(1) DEFAULT '1',
    user_founder tinyint(1) DEFAULT '0' NOT NULL,
+   user_permissions text NULL,
    user_ip varchar(40),
    user_regdate int(11) DEFAULT '0' NOT NULL,
    username varchar(30) NOT NULL,

phpBB/install/update_script.php

@@ -20,7 +20,7 @@ $db = new sql_db($dbhost, $dbuser, $dbpasswd, $dbname, $dbport, false);
 //
 // Updates to this version ...
 //
-$version = '2.1.0 [20020817]';
+$version = '2.1.0 [20020820]';
 
 // ----------------
 // BEGIN VARS DEFNS
@@ -506,7 +506,9 @@ switch ( $this_version )
 		$sql_ary = array(
 			"INSERT INTO " . $table_prefix . "styles (style_id, template_id, theme_id, imageset_id, style_name) VALUES (1, 1, 1, 1, 'subSilver')",
 
-			"INSERT INTO " . $table_prefix . "styles_imageset (imageset_id, imageset_name, imageset_path, post_new, post_locked, post_pm, reply_new, reply_pm, reply_locked, icon_quote, icon_edit, icon_search, icon_profile, icon_pm, icon_email, icon_www, icon_icq, icon_aim, icon_yim, icon_msnm, icon_no_email, icon_no_www, icon_no_icq, icon_no_aim, icon_no_yim, icon_no_msnm, icon_delete, icon_ip, goto_post, goto_post_new, goto_post_latest, goto_post_newest, forum, forum_new, forum_locked, folder, folder_new, folder_hot, folder_hot_new, folder_locked, folder_locked_new, folder_sticky, folder_sticky_new, folder_announce, folder_announce_new, topic_watch, topic_unwatch, poll_left, poll_center, poll_right, rating) VALUES (1, 'subSilver © phpBB Group', 'subSilver', '\"imagesets/subSilver/{LANG}/post.gif\" width=\"82\" height=\"25\" border=\"0\"', '\"imagesets/subSilver/{LANG}/reply-locked.gif\" width=\"82\" height=\"25\" border=\"0\"', '\"imagesets/subSilver/{LANG}/post.gif\" width=\"82\" height=\"25\" border=\"0\"', '\"imagesets/subSilver/{LANG}/reply.gif\" width=\"88\" height=\"27\" border=\"0\"', '\"imagesets/subSilver/{LANG}/reply.gif\" width=\"88\" height=\"27\" border=\"0\"', '\"imagesets/subSilver/{LANG}/reply-locked.gif\" width=\"82\" height=\"25\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_quote.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_edit.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_search.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_profile.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_pm.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_email.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_www.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_icq_add.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_aim.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_yim.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_msnm.gif\" width=\"59\" height=\"18\" border=\"0\"', '', '', '', '', '', '', '\"imagesets/subSilver/icon_delete.gif\" width=\"16\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_ip.gif\" width=\"16\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/icon_minipost.gif\" width=\"12\" height=\"9\" border=\"0\"', '\"imagesets/subSilver/icon_minipost_new.gif\" width=\"12\" height=\"9\" border=\"0\"', '\"imagesets/subSilver/icon_latest_reply.gif\" width=\"18\" height=\"9\" border=\"0\"', '\"imagesets/subSilver/icon_newest_reply.gif\" width=\"18\" height=\"9\" border=\"0\"', '\"imagesets/subSilver/folder_big.gif\" width=\"46\" height=\"25\" border=\"0\"', '\"imagesets/subSilver/folder_new_big.gif\" width=\"46\" height=\"25\" border=\"0\"', '\"imagesets/subSilver/folder_locked_big.gif\" width=\"46\" height=\"25\" border=\"0\"', '\"imagesets/subSilver/folder.gif\" width=\"19\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/folder_new.gif\" width=\"19\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/folder_hot.gif\" width=\"19\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/folder_new_hot.gif\" width=\"19\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/folder_lock.gif\" width=\"19\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/folder_lock_new.gif\" width=\"19\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/folder_sticky.gif\" width=\"19\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/folder_sticky_new.gif\" width=\"19\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/folder_announce.gif\" width=\"19\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/folder_announce_new.gif\" width=\"19\" height=\"18\" border=\"0\"', '', '', '\"imagesets/subSilver/voting_lcap.gif\" width=\"4\" height=\"12\" border=\"0\"', '\"imagesets/subSilver/voting_rcap.gif\" height=\"12\" border=\"0\"', '\"imagesets/subSilver/voting_bar.gif\" width=\"4\" height=\"12\" border=\"0\"', '\"imagesets/subSilver/ratings/{RATE}.gif\" width=\"45\" height=\"17\" border=\"0\"')",
+			"INSERT INTO " . $table_prefix . "styles_imageset (imageset_id, imageset_name, imageset_path, post_new, post_locked, post_pm, reply_new, reply_pm, reply_locked, icon_quote, icon_edit, icon_search, icon_profile, icon_pm, icon_email, icon_www, icon_icq, icon_aim, icon_yim, icon_msnm, icon_no_email, icon_no_www, icon_no_icq, icon_no_aim, icon_no_yim, icon_no_msnm, icon_delete, icon_ip, goto_post, goto_post_new, goto_post_latest, goto_post_newest, forum, forum_new, forum_locked, folder, folder_new, folder_hot, folder_hot_new, folder_locked, folder_locked_new, folder_sticky, folder_sticky_new, folder_announce, folder_announce_new, topic_watch, topic_unwatch, poll_left, poll_center, poll_right, rating) VALUES (1, 'subSilver © phpBB Group', 'subSilver', '\"imagesets/subSilver/{LANG}/post.gif\" width=\"82\" height=\"25\" border=\"0\"', '\"imagesets/subSilver/{LANG}/reply-locked.gif\" width=\"82\" height=\"25\" border=\"0\"', '\"imagesets/subSilver/{LANG}/post.gif\" width=\"82\" height=\"25\" border=\"0\"', '\"imagesets/subSilver/{LANG}/reply.gif\" width=\"88\" height=\"27\" border=\"0\"', '\"imagesets/subSilver/{LANG}/reply.gif\" width=\"88\" height=\"27\" border=\"0\"', '\"imagesets/subSilver/{LANG}/reply-locked.gif\" width=\"82\" height=\"25\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_quote.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_edit.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_search.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_profile.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_pm.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_email.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_www.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_icq_add.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_aim.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_yim.gif\" width=\"59\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_msnm.gif\" width=\"59\" height=\"18\" border=\"0\"', '', '', '', '', '', '', '\"imagesets/subSilver/icon_delete.gif\" width=\"16\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/{LANG}/icon_ip.gif\" width=\"16\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/icon_minipost.gif\" width=\"12\" height=\"9\" border=\"0\"', '\"imagesets/subSilver/icon_minipost_new.gif\" width=\"12\" height=\"9\" border=\"0\"', '\"imagesets/subSilver/icon_latest_reply.gif\" width=\"18\" height=\"9\" border=\"0\"', '\"imagesets/subSilver/icon_newest_reply.gif\" width=\"18\" height=\"9\" border=\"0\"', '\"imagesets/subSilver/folder_big.gif\" width=\"46\" height=\"25\" border=\"0\"', '\"imagesets/subSilver/folder_new_big.gif\" width=\"46\" height=\"25\" border=\"0\"', '\"imagesets/subSilver/folder_locked_big.gif\" width=\"46\" height=\"25\" border=\"0\"', '\"imagesets/subSilver/folder.gif\" width=\"19\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/folder_new.gif\" width=\"19\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/folder_hot.gif\" width=\"19\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/folder_new_hot.gif\" width=\"19\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/folder_lock.gif\" width=\"19\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/folder_lock_new.gif\" width=\"19\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/folder_sticky.gif\" width=\"19\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/folder_sticky_new.gif\" width=\"19\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/folder_announce.gif\" width=\"19\" height=\"18\" border=\"0\"', '\"imagesets/subSilver/folder_announce_new.gif\" width=\"19\" height=\"18\" border=\"0\"', '', '', '\"imagesets/subSilver/voting_lcap.gif\" width=\"4\" height=\"12\" border=\"0\"', '\"imagesets/subSilver/voting_rcap.gif\" height=\"12\" border=\"0\"', '\"imagesets/subSilver/voting_bar
+
+.gif\" width=\"4\" height=\"12\" border=\"0\"', '\"imagesets/subSilver/ratings/{RATE}.gif\" width=\"45\" height=\"17\" border=\"0\"')",
 
 			"INSERT INTO " . $table_prefix . "styles_template (template_id, template_name, template_path, poll_length, pm_box_length, compile_crc) VALUES (1, 'subSilver © phpBB Group', 'subSilver', 205, 175, '')",
 
@@ -937,7 +939,11 @@ switch ( $this_version )
 
 		gen_str_ok();
 
-		break;
+	case '2.1.0 [20020817]':
+
+		$sql = "INSERT INTO phpbb_config (config_name, config_value)
+			VALUES ('ip_check', '4')";
+		$db->sql_query($sql);
 
 	default;
 		print "<span class=\"updtext\">* No updates needed</span><br />\n";

phpBB/language/en/lang_admin.php

@@ -168,7 +168,7 @@ $lang = array_merge($lang, array(
 	'Restore_Error_no_file' => 'No file was uploaded',
 	'Permissions_explain' => 'Here you can alter which users and groups can access which forums. Permissions can be set for individual operations such as; reading, posting, voting, etc via the <i>Advanced</i> form. This page only applies to forum permissions. To assign moderators or define administrators please use the appropriate page (see left hand side menu).',
 	'Permissions_extra_explain' => 'Permissions are based on a; PERMIT, ALLOW, DENY, PREVENT system. By default users and groups are set to DENY access to all operations, to do anything users or groups have to be granted ALLOW access. When conflicts exist, e.g. a user having ALLOW permissions to a function belongs to a group that is set to DENY such a function the user setting takes precidence, i.e. in this case the user would be ALLOWed access to this function. Similarly a user denied access to a function will be denied even if they belong to a group that grants them access. If a user belongs to two groups one of which grants an ALLOW while another is set to DENY the user will be denied access.',
-	'Permissions_extra2_explain' => 'There may be times when you want to deny (or allow) access to a group no matter what their individual user settings are, this is what PERMIT and PREVENT are for. By setting a user (or more likely a group) to one of these will PERMIT (ALLOW) or PREVENT (DENY) access to a function no matter what their user settings are. You may find this useful for things such as \"banned\" groups, etc. doing away with any need to check for individual user permissions.',
+	'Permissions_extra2_explain' => 'There may be times when you want to deny (or allow) access to a group no matter what their individual user settings are, this is what PERMIT and PREVENT are for. By setting a user (or more likely a group) to one of these will PERMIT (ALLOW) or PREVENT (DENY) access to a function no matter what their user settings are. You may find this useful for things such as "banned" groups, etc. doing away with any need to check for individual user permissions.',
 	'Moderators' => 'Moderators',
 	'Moderators_explain' => 'Here you can assign users and groups as forum moderators. You can give users or groups individual access to certain moderator functions as you set fit via the <i>Advanced</i> form. Moderators have additional power in a given forum and by default can post and reply even when a forum or topic is locked.',
 	'Super_Moderators' => 'Super Moderators',
@@ -196,50 +196,50 @@ $lang = array_merge($lang, array(
 	'Permit' => 'Permit',
 	'Deny' => 'Deny',
 	'Prevent' => 'Prevent',
-	'acl_admin_general' => 'General Settings',
-	'acl_admin_user' => 'Users',
-	'acl_admin_group' => 'Groups',
-	'acl_admin_forum' => 'Forums',
-	'acl_admin_post' => 'Posts',
-	'acl_admin_ban' => 'Banning',
-	'acl_admin_auth' => 'Permissions',
-	'acl_admin_email' => 'Email',
-	'acl_admin_styles' => 'Styles',
-	'acl_admin_backup' => 'Backups',
-	'acl_admin_clearlogs' => 'Clear Admin Log',
-	'acl_mod_edit' => 'Edit posts',
-	'acl_mod_delete' => 'Delete posts',
-	'acl_mod_move' => 'Move posts',
-	'acl_mod_lock' => 'Lock topics',
-	'acl_mod_split' => 'Split topics',
-	'acl_mod_merge' => 'Merge topics',
-	'acl_mod_approve' => 'Approve posts',
-	'acl_mod_unrate' => 'Un-rate topics',
-	'acl_mod_auth' => 'Set permissions',
-	'acl_forum_list' => 'See forum',
-	'acl_forum_read' => 'Read forum',
-	'acl_forum_post' => 'Post in forum',
-	'acl_forum_reply' => 'Reply to posts',
-	'acl_forum_edit' => 'Edit own posts',
-	'acl_forum_delete' => 'Delete own posts',
-	'acl_forum_poll' => 'Create polls',
-	'acl_forum_vote' => 'Vote in polls',
-	'acl_forum_announce' => 'Post announcements',
-	'acl_forum_sticky' => 'Post stickies',
-	'acl_forum_attach' => 'Attach files',
-	'acl_forum_download' => 'Download files',
-	'acl_forum_html' => 'Post HTML',
-	'acl_forum_bbcode' => 'Post BBCode',
-	'acl_forum_smilies' => 'Post smilies',
-	'acl_forum_img' => 'Post images',
-	'acl_forum_flash' => 'Post Flash',
-	'acl_forum_sigs' => 'Use signatures',
-	'acl_forum_search' => 'Search the forum',
-	'acl_forum_email' => 'Email topics',
-	'acl_forum_rate' => 'Rate topics',
-	'acl_forum_print' => 'Print topics',
-	'acl_forum_ignoreflood' => 'Ignore flood limit',
-	'acl_forum_ignorequeue' => 'Ignore mod queue',
+	'acl_a_general' => 'General Settings',
+	'acl_a_user' => 'Users',
+	'acl_a_group' => 'Groups',
+	'acl_a_forum' => 'Forums',
+	'acl_a_post' => 'Posts',
+	'acl_a_ban' => 'Banning',
+	'acl_a_auth' => 'Permissions',
+	'acl_a_email' => 'Email',
+	'acl_a_styles' => 'Styles',
+	'acl_a_backup' => 'Backups',
+	'acl_a_clearlogs' => 'Clear Admin Log',
+	'acl_m__edit' => 'Edit posts',
+	'acl_m__delete' => 'Delete posts',
+	'acl_m__move' => 'Move posts',
+	'acl_m__lock' => 'Lock topics',
+	'acl_m__split' => 'Split topics',
+	'acl_m__merge' => 'Merge topics',
+	'acl_m__approve' => 'Approve posts',
+	'acl_m__unrate' => 'Un-rate topics',
+	'acl_m__auth' => 'Set permissions',
+	'acl_f_list' => 'See forum',
+	'acl_f_read' => 'Read forum',
+	'acl_f_post' => 'Post in forum',
+	'acl_f_reply' => 'Reply to posts',
+	'acl_f_edit' => 'Edit own posts',
+	'acl_f_delete' => 'Delete own posts',
+	'acl_f_poll' => 'Create polls',
+	'acl_f_vote' => 'Vote in polls',
+	'acl_f_announce' => 'Post announcements',
+	'acl_f_sticky' => 'Post stickies',
+	'acl_f_attach' => 'Attach files',
+	'acl_f_download' => 'Download files',
+	'acl_f_html' => 'Post HTML',
+	'acl_f_bbcode' => 'Post BBCode',
+	'acl_f_smilies' => 'Post smilies',
+	'acl_f_img' => 'Post images',
+	'acl_f_flash' => 'Post Flash',
+	'acl_f_sigs' => 'Use signatures',
+	'acl_f_search' => 'Search the forum',
+	'acl_f_email' => 'Email topics',
+	'acl_f_rate' => 'Rate topics',
+	'acl_f_print' => 'Print topics',
+	'acl_f_ignoreflood' => 'Ignore flood limit',
+	'acl_f_ignorequeue' => 'Ignore mod queue',
 	'Auth_updated' => 'Permissions have been updated',
 	'Prune_users' => 'Prune Users',
 	'Prune_users_explain' => 'Here you can delete (or deactivate) users from you board. This can be done in a variety of ways; by post count, last activity, etc. Each of these criteria can be combined, i.e. you can prune users last active before 2002-01-01 with fewer than 10 posts. Alternatively you can enter a list of users directly into the text box, any criteria entered will be ignored. Take care with this facility! Once a user is deleted there is no way back.',

phpBB/language/en/lang_main.php

@@ -19,7 +19,7 @@
  *
  ***************************************************************************/
 
- $lang = array_merge($lang, array(
+$lang = array_merge($lang, array(
 	'ENCODING' => 'iso-8859-15',
 	'DIRECTION' => 'ltr',
 	'LEFT' => 'left',
@@ -711,24 +711,24 @@
 	'-3' => 'GMT - 3 Hours',
 	'-2' => 'GMT - 2 Hours',
 	'-1' => 'GMT - 1 Hours',
-	0 => 'GMT',
-	1 => 'GMT + 1 Hour',
-	2 => 'GMT + 2 Hours',
-	3 => 'GMT + 3 Hours',
+	'0' => 'GMT',
+	'1' => 'GMT + 1 Hour',
+	'2' => 'GMT + 2 Hours',
+	'3' => 'GMT + 3 Hours',
 	'3.5' => 'GMT + 3.5 Hours',
-	4 => 'GMT + 4 Hours',
+	'4' => 'GMT + 4 Hours',
 	'4.5' => 'GMT + 4.5 Hours',
-	5 => 'GMT + 5 Hours',
+	'5' => 'GMT + 5 Hours',
 	'5.5' => 'GMT + 5.5 Hours',
-	6 => 'GMT + 6 Hours',
+	'6' => 'GMT + 6 Hours',
 	'6.5' => 'GMT + 6.5 Hours',
-	7 => 'GMT + 7 Hours',
-	8 => 'GMT + 8 Hours',
-	9 => 'GMT + 9 Hours',
+	'7' => 'GMT + 7 Hours',
+	'8' => 'GMT + 8 Hours',
+	'9' => 'GMT + 9 Hours',
 	'9.5' => 'GMT + 9.5 Hours',
-	10 => 'GMT + 10 Hours',
-	11 => 'GMT + 11 Hours',
-	12 => 'GMT + 12 Hours',
+	'10' => 'GMT + 10 Hours',
+	'11' => 'GMT + 11 Hours',
+	'12' => 'GMT + 12 Hours',
 	'tz' => array(
 		'-12' => 'GMT - 12 Hours',
 		'-11' => 'GMT - 11 Hours',
@@ -800,8 +800,11 @@
 		'Sep' => 'Sep',
 		'Oct' => 'Oct',
 		'Nov' => 'Nov',
-		'Dec' => 'Dec'
+		'Dec' => 'Dec',
+		'AM' => 'AM',
+		'PM' => 'PM'
 	),
+
 	'Information' => 'Information',
 	'Critical_Information' => 'Critical Information',
 	'General_Error' => 'General Error',

phpBB/login.php

@@ -26,16 +26,11 @@ $phpbb_root_path = './';
 include($phpbb_root_path . 'extension.inc');
 include($phpbb_root_path . 'common.'.$phpEx);
 
-//
 // Set page ID for session management
-//
 $userdata = $session->start();
 $auth = new auth($userdata);
-
-$session->configure($userdata);
-//
+$user = new user($userdata);
 // End session management
-//
 
 //
 // This appears to work for IIS5 CGI under Win2K. Uses getenv since this doesn't exist for
@@ -43,24 +38,22 @@ $session->configure($userdata);
 //
 $header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: ';
 
-extract($HTTP_GET_VARS);
-extract($HTTP_POST_VARS);
+extract($_GET);
+extract($_POST);
 
-$redirect = ( !empty($redirect) ) ? $HTTP_SERVER_VARS['QUERY_STRING'] : '';
+$redirect = ( !empty($redirect) ) ? $_SERVER['QUERY_STRING'] : '';
 
-//
 // Do the login/logout/form/whatever
-//
 if ( isset($login) || isset($logout)  )
 {
-	if ( isset($login) && $userdata['user_id'] == ANONYMOUS )
+	if ( isset($login) && !$userdata['user_id'] )
 	{
 		$autologin = ( !empty($autologin) ) ? true : false;
 
 		//
 		// Is the board disabled? Are we an admin? No, then back to the index we go
 		//
-		if ( $board_config['board_disable'] && !$auth->get_acl_admin() )
+		if ( $board_config['board_disable'] && !$auth->acl_get('a_') )
 		{
 			header($header_location . "index.$phpEx$SID");
 			exit;
@@ -76,7 +69,7 @@ if ( isset($login) || isset($logout)  )
 			message_die(MESSAGE, $message);
 		}
 	}
-	else if ( $userdata['user_id'] != ANONYMOUS )
+	else if ( $userdata['user_id'] )
 	{
 		$session->destroy($userdata);
 	}
@@ -89,7 +82,7 @@ if ( isset($login) || isset($logout)  )
 	exit;
 }
 
-if ( $userdata['user_id'] == ANONYMOUS )
+if ( !$userdata['user_id'] )
 {
 	$template->assign_vars(array(
 		'L_ENTER_PASSWORD' => $lang['Enter_password'],

phpBB/memberlist.php

@@ -24,49 +24,44 @@ $phpbb_root_path = './';
 include($phpbb_root_path . 'extension.inc');
 include($phpbb_root_path . 'common.'.$phpEx);
 
-//
 // Start session management
-//
 $userdata = $session->start();
 $auth->acl($userdata);
-
-$session->configure($userdata);
-//
+$user = new user($userdata);
 // End session management
-//
 
-$start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0;
-$form = ( !empty($HTTP_GET_VARS['form']) ) ? $HTTP_GET_VARS['form'] : 0;
-$field = ( isset($HTTP_GET_VARS['field']) ) ? $HTTP_GET_VARS['field'] : 'username';
+$start = ( isset($_GET['start']) ) ? intval($_GET['start']) : 0;
+$form = ( !empty($_GET['form']) ) ? $_GET['form'] : 0;
+$field = ( isset($_GET['field']) ) ? $_GET['field'] : 'username';
 
-$sort_by = ( !empty($HTTP_POST_VARS['sort_by']) ) ? intval($HTTP_POST_VARS['sort_by']) : ( ( !empty($HTTP_GET_VARS['sort_by']) ) ? $HTTP_GET_VARS['sort_by'] : '4' );
-$sort_order = ( !empty($HTTP_POST_VARS['sort_order']) ) ? $HTTP_POST_VARS['sort_order'] : ( ( !empty($HTTP_GET_VARS['sort_order']) ) ? $HTTP_GET_VARS['sort_order'] : 'd' );
+$sort_by = ( !empty($_POST['sort_by']) ) ? intval($_POST['sort_by']) : ( ( !empty($_GET['sort_by']) ) ? $_GET['sort_by'] : '4' );
+$sort_order = ( !empty($_POST['sort_order']) ) ? $_POST['sort_order'] : ( ( !empty($_GET['sort_order']) ) ? $_GET['sort_order'] : 'd' );
 
-$username = ( !empty($HTTP_POST_VARS['username']) ) ? $HTTP_POST_VARS['username'] : ( ( !empty($HTTP_GET_VARS['username']) ) ? $HTTP_GET_VARS['username'] : '' );
-$email = ( !empty($HTTP_POST_VARS['email']) ) ? $HTTP_POST_VARS['email'] : ( ( !empty($HTTP_GET_VARS['email']) ) ? $HTTP_GET_VARS['email'] : '' );
-$icq = ( !empty($HTTP_POST_VARS['icq']) ) ? intval($HTTP_POST_VARS['icq']) : ( ( !empty($HTTP_GET_VARS['icq']) ) ? $HTTP_GET_VARS['icq'] : '' );
-$aim = ( !empty($HTTP_POST_VARS['aim']) ) ? $HTTP_POST_VARS['aim'] : ( ( !empty($HTTP_GET_VARS['aim']) ) ? $HTTP_GET_VARS['aim'] : '' );
-$yahoo = ( !empty($HTTP_POST_VARS['yahoo']) ) ? $HTTP_POST_VARS['yahoo'] : ( ( !empty($HTTP_GET_VARS['yahoo']) ) ? $HTTP_GET_VARS['yahoo'] : '' );
-$msn = ( !empty($HTTP_POST_VARS['msn']) ) ? $HTTP_POST_VARS['msn'] : ( ( !empty($HTTP_GET_VARS['msn']) ) ? $HTTP_GET_VARS['msn'] : '' );
+$username = ( !empty($_POST['username']) ) ? $_POST['username'] : ( ( !empty($_GET['username']) ) ? $_GET['username'] : '' );
+$email = ( !empty($_POST['email']) ) ? $_POST['email'] : ( ( !empty($_GET['email']) ) ? $_GET['email'] : '' );
+$icq = ( !empty($_POST['icq']) ) ? intval($_POST['icq']) : ( ( !empty($_GET['icq']) ) ? $_GET['icq'] : '' );
+$aim = ( !empty($_POST['aim']) ) ? $_POST['aim'] : ( ( !empty($_GET['aim']) ) ? $_GET['aim'] : '' );
+$yahoo = ( !empty($_POST['yahoo']) ) ? $_POST['yahoo'] : ( ( !empty($_GET['yahoo']) ) ? $_GET['yahoo'] : '' );
+$msn = ( !empty($_POST['msn']) ) ? $_POST['msn'] : ( ( !empty($_GET['msn']) ) ? $_GET['msn'] : '' );
 
-$joined_select = ( !empty($HTTP_POST_VARS['joined_select']) ) ? $HTTP_POST_VARS['joined_select'] : ( ( !empty($HTTP_GET_VARS['joined_select']) ) ? $HTTP_GET_VARS['joined_select'] : 'lt' );
-$active_select = ( !empty($HTTP_POST_VARS['active_select']) ) ? $HTTP_POST_VARS['active_select'] : ( ( !empty($HTTP_GET_VARS['active_select']) ) ? $HTTP_GET_VARS['active_select'] : 'lt' );
-$count_select = ( !empty($HTTP_POST_VARS['count_select']) ) ? $HTTP_POST_VARS['count_select'] : ( ( !empty($HTTP_GET_VARS['count_select']) ) ? $HTTP_GET_VARS['count_select'] : 'eq' );
-$joined = ( !empty($HTTP_POST_VARS['joined']) ) ? explode('-', $HTTP_POST_VARS['joined']) : ( ( !empty($HTTP_GET_VARS['joined']) ) ? explode('-', $HTTP_GET_VARS['joined']) : array() );
-$active = ( !empty($HTTP_POST_VARS['active']) ) ? explode('-', $HTTP_POST_VARS['active']) : ( ( !empty($HTTP_GET_VARS['active']) ) ? explode('-', $HTTP_GET_VARS['active']) : array() );
-$count = ( !empty($HTTP_POST_VARS['count']) ) ? intval($HTTP_POST_VARS['count']) : ( ( !empty($HTTP_GET_VARS['count']) ) ? $HTTP_GET_VARS['count'] : '' );
+$joined_select = ( !empty($_POST['joined_select']) ) ? $_POST['joined_select'] : ( ( !empty($_GET['joined_select']) ) ? $_GET['joined_select'] : 'lt' );
+$active_select = ( !empty($_POST['active_select']) ) ? $_POST['active_select'] : ( ( !empty($_GET['active_select']) ) ? $_GET['active_select'] : 'lt' );
+$count_select = ( !empty($_POST['count_select']) ) ? $_POST['count_select'] : ( ( !empty($_GET['count_select']) ) ? $_GET['count_select'] : 'eq' );
+$joined = ( !empty($_POST['joined']) ) ? explode('-', $_POST['joined']) : ( ( !empty($_GET['joined']) ) ? explode('-', $_GET['joined']) : array() );
+$active = ( !empty($_POST['active']) ) ? explode('-', $_POST['active']) : ( ( !empty($_GET['active']) ) ? explode('-', $_GET['active']) : array() );
+$count = ( !empty($_POST['count']) ) ? intval($_POST['count']) : ( ( !empty($_GET['count']) ) ? $_GET['count'] : '' );
 
 
 
 
 
-if ( isset($HTTP_POST_VARS['order']) )
+if ( isset($_POST['order']) )
 {
-	$sort_order = ($HTTP_POST_VARS['order'] == 'a') ? 'ASC' : 'DESC';
+	$sort_order = ($_POST['order'] == 'a') ? 'ASC' : 'DESC';
 }
-else if ( isset($HTTP_GET_VARS['order']) )
+else if ( isset($_GET['order']) )
 {
-	$sort_order = ($HTTP_GET_VARS['order'] == 'a') ? 'ASC' : 'DESC';
+	$sort_order = ($_GET['order'] == 'a') ? 'ASC' : 'DESC';
 }
 else
 {
@@ -129,9 +124,9 @@ $template->assign_vars(array(
 	'S_MODE_ACTION' => "memberlist.$phpEx$SID")
 );
 
-if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
+if ( isset($_GET['mode']) || isset($_POST['mode']) )
 {
-	$mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
+	$mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode'];
 
 	switch( $mode )
 	{
@@ -181,11 +176,11 @@ if ( $row = $db->sql_fetchrow($result) )
 		$user_id = $row['user_id'];
 
 		$from = ( !empty($row['user_from']) ) ? $row['user_from'] : ' ';
-		$joined = create_date($lang['DATE_FORMAT'], $row['user_regdate'], $board_config['board_timezone']);
+		$joined = $user->format_date($row['user_regdate'], $lang['DATE_FORMAT']);
 		$posts = ( $row['user_posts'] ) ? $row['user_posts'] : 0;
 
 		$poster_avatar = '';
-		if ( $row['user_avatar_type'] && $user_id != ANONYMOUS && $row['user_allowavatar'] )
+		if ( $row['user_avatar_type'] && $user_id && $row['user_allowavatar'] )
 		{
 			switch( $row['user_avatar_type'] )
 			{
@@ -201,7 +196,7 @@ if ( $row = $db->sql_fetchrow($result) )
 			}
 		}
 
-		if ( $row['user_viewemail'] || $auth->get_acl_admin() )
+		if ( $row['user_viewemail'] || $auth->acl_get('a_') )
 		{
 			$email_uri = ( $board_config['board_email_form'] ) ? "profile.$phpEx$SID&mode=email&u=" . $user_id : 'mailto:' . $row['user_email'];
 
@@ -302,30 +297,30 @@ include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
 // Username search
 function username_search()
 {
-	global $SID, $HTTP_GET_VARS, $HTTP_POST_VARS, $phpEx, $phpbb_root_path;
-	global $db, $board_config, $template, $auth, $lang, $theme;
+	global $SID, $phpEx, $phpbb_root_path;
+	global $db, $board_config, $template, $auth, $lang, $theme, $user;
 	global $starttime;
 
-	$form = ( !empty($HTTP_GET_VARS['form']) ) ? $HTTP_GET_VARS['form'] : 0;
-	$field = ( isset($HTTP_GET_VARS['field']) ) ? $HTTP_GET_VARS['field'] : 'username';
-	$start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0;
+	$form = ( !empty($_GET['form']) ) ? $_GET['form'] : 0;
+	$field = ( isset($_GET['field']) ) ? $_GET['field'] : 'username';
+	$start = ( isset($_GET['start']) ) ? intval($_GET['start']) : 0;
 
-	$sort_by = ( !empty($HTTP_POST_VARS['sort_by']) ) ? intval($HTTP_POST_VARS['sort_by']) : ( ( !empty($HTTP_GET_VARS['sort_by']) ) ? $HTTP_GET_VARS['sort_by'] : '4' );
-	$sort_order = ( !empty($HTTP_POST_VARS['sort_order']) ) ? $HTTP_POST_VARS['sort_order'] : ( ( !empty($HTTP_GET_VARS['sort_order']) ) ? $HTTP_GET_VARS['sort_order'] : 'd' );
+	$sort_by = ( !empty($_POST['sort_by']) ) ? intval($_POST['sort_by']) : ( ( !empty($_GET['sort_by']) ) ? $_GET['sort_by'] : '4' );
+	$sort_order = ( !empty($_POST['sort_order']) ) ? $_POST['sort_order'] : ( ( !empty($_GET['sort_order']) ) ? $_GET['sort_order'] : 'd' );
 
-	$username = ( !empty($HTTP_POST_VARS['username']) ) ? $HTTP_POST_VARS['username'] : ( ( !empty($HTTP_GET_VARS['username']) ) ? $HTTP_GET_VARS['username'] : '' );
-	$email = ( !empty($HTTP_POST_VARS['email']) ) ? $HTTP_POST_VARS['email'] : ( ( !empty($HTTP_GET_VARS['email']) ) ? $HTTP_GET_VARS['email'] : '' );
-	$icq = ( !empty($HTTP_POST_VARS['icq']) ) ? intval($HTTP_POST_VARS['icq']) : ( ( !empty($HTTP_GET_VARS['icq']) ) ? $HTTP_GET_VARS['icq'] : '' );
-	$aim = ( !empty($HTTP_POST_VARS['aim']) ) ? $HTTP_POST_VARS['aim'] : ( ( !empty($HTTP_GET_VARS['aim']) ) ? $HTTP_GET_VARS['aim'] : '' );
-	$yahoo = ( !empty($HTTP_POST_VARS['yahoo']) ) ? $HTTP_POST_VARS['yahoo'] : ( ( !empty($HTTP_GET_VARS['yahoo']) ) ? $HTTP_GET_VARS['yahoo'] : '' );
-	$msn = ( !empty($HTTP_POST_VARS['msn']) ) ? $HTTP_POST_VARS['msn'] : ( ( !empty($HTTP_GET_VARS['msn']) ) ? $HTTP_GET_VARS['msn'] : '' );
+	$username = ( !empty($_POST['username']) ) ? $_POST['username'] : ( ( !empty($_GET['username']) ) ? $_GET['username'] : '' );
+	$email = ( !empty($_POST['email']) ) ? $_POST['email'] : ( ( !empty($_GET['email']) ) ? $_GET['email'] : '' );
+	$icq = ( !empty($_POST['icq']) ) ? intval($_POST['icq']) : ( ( !empty($_GET['icq']) ) ? $_GET['icq'] : '' );
+	$aim = ( !empty($_POST['aim']) ) ? $_POST['aim'] : ( ( !empty($_GET['aim']) ) ? $_GET['aim'] : '' );
+	$yahoo = ( !empty($_POST['yahoo']) ) ? $_POST['yahoo'] : ( ( !empty($_GET['yahoo']) ) ? $_GET['yahoo'] : '' );
+	$msn = ( !empty($_POST['msn']) ) ? $_POST['msn'] : ( ( !empty($_GET['msn']) ) ? $_GET['msn'] : '' );
 
-	$joined_select = ( !empty($HTTP_POST_VARS['joined_select']) ) ? $HTTP_POST_VARS['joined_select'] : ( ( !empty($HTTP_GET_VARS['joined_select']) ) ? $HTTP_GET_VARS['joined_select'] : 'lt' );
-	$active_select = ( !empty($HTTP_POST_VARS['active_select']) ) ? $HTTP_POST_VARS['active_select'] : ( ( !empty($HTTP_GET_VARS['active_select']) ) ? $HTTP_GET_VARS['active_select'] : 'lt' );
-	$count_select = ( !empty($HTTP_POST_VARS['count_select']) ) ? $HTTP_POST_VARS['count_select'] : ( ( !empty($HTTP_GET_VARS['count_select']) ) ? $HTTP_GET_VARS['count_select'] : 'eq' );
-	$joined = ( !empty($HTTP_POST_VARS['joined']) ) ? explode('-', $HTTP_POST_VARS['joined']) : ( ( !empty($HTTP_GET_VARS['joined']) ) ? explode('-', $HTTP_GET_VARS['joined']) : array() );
-	$active = ( !empty($HTTP_POST_VARS['active']) ) ? explode('-', $HTTP_POST_VARS['active']) : ( ( !empty($HTTP_GET_VARS['active']) ) ? explode('-', $HTTP_GET_VARS['active']) : array() );
-	$count = ( !empty($HTTP_POST_VARS['count']) ) ? intval($HTTP_POST_VARS['count']) : ( ( !empty($HTTP_GET_VARS['count']) ) ? $HTTP_GET_VARS['count'] : '' );
+	$joined_select = ( !empty($_POST['joined_select']) ) ? $_POST['joined_select'] : ( ( !empty($_GET['joined_select']) ) ? $_GET['joined_select'] : 'lt' );
+	$active_select = ( !empty($_POST['active_select']) ) ? $_POST['active_select'] : ( ( !empty($_GET['active_select']) ) ? $_GET['active_select'] : 'lt' );
+	$count_select = ( !empty($_POST['count_select']) ) ? $_POST['count_select'] : ( ( !empty($_GET['count_select']) ) ? $_GET['count_select'] : 'eq' );
+	$joined = ( !empty($_POST['joined']) ) ? explode('-', $_POST['joined']) : ( ( !empty($_GET['joined']) ) ? explode('-', $_GET['joined']) : array() );
+	$active = ( !empty($_POST['active']) ) ? explode('-', $_POST['active']) : ( ( !empty($_GET['active']) ) ? explode('-', $_GET['active']) : array() );
+	$count = ( !empty($_POST['count']) ) ? intval($_POST['count']) : ( ( !empty($_GET['count']) ) ? $_GET['count'] : '' );
 
 	//
 	//
@@ -467,9 +462,9 @@ function username_search()
 			$username = $row['username'];
 			$user_id = $row['user_id'];
 
-			$joined = create_date($lang['DATE_FORMAT'], $row['user_regdate'], $board_config['board_timezone']);
+			$joined = $user->format_date($row['user_regdate'], $lang['DATE_FORMAT']);
 			$posts = ( $row['user_posts'] ) ? $row['user_posts'] : 0;
-			$active = ( !$row['user_lastvisit'] ) ? $lang['Never'] : create_date($lang['DATE_FORMAT'], $row['user_lastvisit'], $board_config['board_timezone']);
+			$active = ( !$row['user_lastvisit'] ) ? $lang['Never'] : $user->format_date($row['user_lastvisit'], $lang['DATE_FORMAT']);
 
 			$temp_url = "profile.$phpEx$SID&mode=viewprofile&u=$user_id";
 			$profile_img = '<a href="' . $temp_url . '">' . create_img($theme['icon_profile'], $lang['Read_profile']) . '</a>';

phpBB/modcp.php

@@ -23,46 +23,45 @@ define('IN_PHPBB', true);
 $phpbb_root_path = './';
 include($phpbb_root_path . 'extension.inc');
 include($phpbb_root_path . 'common.'.$phpEx);
-include($phpbb_root_path . 'includes/bbcode.'.$phpEx);
 include($phpbb_root_path . 'includes/functions_admin.'.$phpEx);
 
 //
 // Obtain initial var settings
 //
-if ( isset($HTTP_GET_VARS['f']) || isset($HTTP_POST_VARS['f']) )
+if ( isset($_GET['f']) || isset($_POST['f']) )
 {
-	$forum_id = (isset($HTTP_POST_VARS['f'])) ? intval($HTTP_POST_VARS['f']) : intval($HTTP_GET_VARS['f']);
+	$forum_id = (isset($_POST['f'])) ? intval($_POST['f']) : intval($_GET['f']);
 }
 else
 {
 	$forum_id = '';
 }
 
-if ( isset($HTTP_GET_VARS['p']) || isset($HTTP_POST_VARS['p']) )
+if ( isset($_GET['p']) || isset($_POST['p']) )
 {
-	$post_id = (isset($HTTP_POST_VARS['p'])) ? intval($HTTP_POST_VARS['p']) : intval($HTTP_GET_VARS['p']);
+	$post_id = (isset($_POST['p'])) ? intval($_POST['p']) : intval($_GET['p']);
 }
 else
 {
 	$post_id = '';
 }
 
-if ( isset($HTTP_GET_VARS['t']) || isset($HTTP_POST_VARS['t']) )
+if ( isset($_GET['t']) || isset($_POST['t']) )
 {
-	$topic_id = (isset($HTTP_POST_VARS['t'])) ? intval($HTTP_POST_VARS['t']) : intval($HTTP_GET_VARS['t']);
+	$topic_id = (isset($_POST['t'])) ? intval($_POST['t']) : intval($_GET['t']);
 }
 else
 {
 	$topic_id = '';
 }
 
-$confirm = ( !empty($HTTP_POST_VARS['confirm']) ) ? TRUE : 0;
+$confirm = ( !empty($_POST['confirm']) ) ? TRUE : 0;
 
 //
 // Check if user did or did not confirm
 // If they did not, forward them to the last page they were on
 //
-if ( isset($HTTP_POST_VARS['cancel']) )
+if ( isset($_POST['cancel']) )
 {
 	if ( $topic_id )
 	{
@@ -82,19 +81,26 @@ if ( isset($HTTP_POST_VARS['cancel']) )
 	exit;
 }
 
+// Start session management
+$userdata = $session->start();
+$auth->acl($userdata, $forum_id);
+$user = new user($userdata);
+// End session management
+
+
 //
 // Continue var definitions
 //
-$start = ( isset($HTTP_GET_VARS['start']) ) ? $HTTP_GET_VARS['start'] : 0;
+$start = ( isset($_GET['start']) ) ? $_GET['start'] : 0;
 
-$delete = ( isset($HTTP_POST_VARS['delete']) ) ? TRUE : FALSE;
-$move = ( isset($HTTP_POST_VARS['move']) ) ? TRUE : FALSE;
-$lock = ( isset($HTTP_POST_VARS['lock']) ) ? TRUE : FALSE;
-$unlock = ( isset($HTTP_POST_VARS['unlock']) ) ? TRUE : FALSE;
+$delete = ( isset($_POST['delete']) ) ? TRUE : FALSE;
+$move = ( isset($_POST['move']) ) ? TRUE : FALSE;
+$lock = ( isset($_POST['lock']) ) ? TRUE : FALSE;
+$unlock = ( isset($_POST['unlock']) ) ? TRUE : FALSE;
 
-if ( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) )
+if ( isset($_POST['mode']) || isset($_GET['mode']) )
 {
-	$mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
+	$mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode'];
 }
 else
 {
@@ -120,16 +126,6 @@ else
 	}
 }
 
-//
-// Start session management
-//
-$userdata = $session->start();
-$auth->acl($userdata, $forum_id);
-//
-// End session management
-//
-$session->configure($userdata);
-
 //
 // Obtain relevant data
 //
@@ -167,7 +163,7 @@ else
 //
 // Auth check
 //
-if ( !$auth->get_acl($forum_id, 'mod') )
+if ( !$auth->acl_get('m_', $forum_id) && !$auth->acl_get('a_') )
 {
 	message_die(MESSAGE, $lang['Not_Moderator'], $lang['Not_Authorised']);
 }
@@ -185,7 +181,7 @@ switch( $mode )
 		{
 			include($phpbb_root_path . 'includes/functions_search.'.$phpEx);
 
-			$topics = ( isset($HTTP_POST_VARS['topic_id_list']) ) ?  $HTTP_POST_VARS['topic_id_list'] : array($topic_id);
+			$topics = ( isset($_POST['topic_id_list']) ) ?  $_POST['topic_id_list'] : array($topic_id);
 
 			$topic_id_sql = '';
 			for($i = 0; $i < count($topics); $i++)
@@ -293,16 +289,16 @@ switch( $mode )
 		{
 			// Not confirmed, show confirmation message
 
-			if ( empty($HTTP_POST_VARS['topic_id_list']) && empty($topic_id) )
+			if ( empty($_POST['topic_id_list']) && empty($topic_id) )
 			{
 				message_die(GENERAL_MESSAGE, $lang['None_selected']);
 			}
 
 			$hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="' . POST_FORUM_URL . '" value="' . $forum_id . '" />';
 
-			if ( isset($HTTP_POST_VARS['topic_id_list']) )
+			if ( isset($_POST['topic_id_list']) )
 			{
-				$topics = $HTTP_POST_VARS['topic_id_list'];
+				$topics = $_POST['topic_id_list'];
 				for($i = 0; $i < count($topics); $i++)
 				{
 					$hidden_fields .= '<input type="hidden" name="topic_id_list[]" value="' . intval($topics[$i]) . '" />';
@@ -343,12 +339,12 @@ switch( $mode )
 
 		if ( $confirm )
 		{
-			$new_forum_id = $HTTP_POST_VARS['new_forum'];
+			$new_forum_id = $_POST['new_forum'];
 			$old_forum_id = $forum_id;
 
 			if ( $new_forum_id != $old_forum_id )
 			{
-				$topics = ( isset($HTTP_POST_VARS['topic_id_list']) ) ?  $HTTP_POST_VARS['topic_id_list'] : array($topic_id);
+				$topics = ( isset($_POST['topic_id_list']) ) ?  $_POST['topic_id_list'] : array($topic_id);
 
 				$topic_list = '';
 				for($i = 0; $i < count($topics); $i++)
@@ -372,7 +368,7 @@ switch( $mode )
 				{
 					$topic_id = $row[$i]['topic_id'];
 
-					if ( isset($HTTP_POST_VARS['move_leave_shadow']) )
+					if ( isset($_POST['move_leave_shadow']) )
 					{
 						// Insert topic in the old forum that indicates that the forum has moved.
 						$sql = "INSERT INTO " . TOPICS_TABLE . " (forum_id, topic_title, topic_poster, topic_time, topic_status, topic_type, topic_vote, topic_views, topic_replies, topic_first_post_id, topic_last_post_id, topic_moved_id)
@@ -433,16 +429,16 @@ switch( $mode )
 		}
 		else
 		{
-			if ( empty($HTTP_POST_VARS['topic_id_list']) && empty($topic_id) )
+			if ( empty($_POST['topic_id_list']) && empty($topic_id) )
 			{
 				message_die(GENERAL_MESSAGE, $lang['None_selected']);
 			}
 
 			$hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="' . POST_FORUM_URL . '" value="' . $forum_id . '" />';
 
-			if ( isset($HTTP_POST_VARS['topic_id_list']) )
+			if ( isset($_POST['topic_id_list']) )
 			{
-				$topics = $HTTP_POST_VARS['topic_id_list'];
+				$topics = $_POST['topic_id_list'];
 
 				for($i = 0; $i < count($topics); $i++)
 				{
@@ -482,7 +478,7 @@ switch( $mode )
 		break;
 
 	case 'lock':
-		$topics = ( isset($HTTP_POST_VARS['topic_id_list']) ) ?  $HTTP_POST_VARS['topic_id_list'] : array($topic_id);
+		$topics = ( isset($_POST['topic_id_list']) ) ?  $_POST['topic_id_list'] : array($topic_id);
 
 		$topic_id_sql = '';
 		for($i = 0; $i < count($topics); $i++)
@@ -521,7 +517,7 @@ switch( $mode )
 		break;
 
 	case 'unlock':
-		$topics = ( isset($HTTP_POST_VARS['topic_id_list']) ) ?  $HTTP_POST_VARS['topic_id_list'] : array($topic_id);
+		$topics = ( isset($_POST['topic_id_list']) ) ?  $_POST['topic_id_list'] : array($topic_id);
 
 		$topic_id_sql = '';
 		for($i = 0; $i < count($topics); $i++)
@@ -533,29 +529,26 @@ switch( $mode )
 			SET topic_status = " . TOPIC_UNLOCKED . "
 			WHERE topic_id IN ($topic_id_sql)
 				AND topic_moved_id = 0";
-		if ( !($result = $db->sql_query($sql)) )
-		{
-			message_die(GENERAL_ERROR, 'Could not update topics table', '', __LINE__, __FILE__, $sql);
-		}
+		$db->sql_query($sql);
 
 		if ( !empty($topic_id) )
 		{
-			$redirect_page = append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id");
+			$redirect_page = "viewtopic.$phpEx$SID&amp;t=$topic_id";
 			$message = sprintf($lang['Click_return_topic'], '<a href="' . $redirect_page . '">', '</a>');
 		}
 		else
 		{
-			$redirect_page = append_sid("modcp.$phpEx?" . POST_FORUM_URL . "=$forum_id");
+			$redirect_page = "modcp.$phpEx$SID&amp;f=$forum_id";
 			$message = sprintf($lang['Click_return_modcp'], '<a href="' . $redirect_page . '">', '</a>');
 		}
 
-		$message = $message . '<br \><br \>' . sprintf($lang['Click_return_forum'], '<a href="' . append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id") . '">', '</a>');
+		$message = $message . '<br \><br \>' . sprintf($lang['Click_return_forum'], '<a href="' . "viewforum.$phpEx$SID&amp;f=$forum_id" . '">', '</a>');
 
 		$template->assign_vars(array(
 			'META' => '<meta http-equiv="refresh" content="3;url=' . $redirect_page . '">')
 		);
 
-		message_die(GENERAL_MESSAGE, $lang['Topics_Unlocked'] . '<br /><br />' . $message);
+		message_die(MESSAGE, $lang['Topics_Unlocked'] . '<br /><br />' . $message);
 
 		break;
 
@@ -563,42 +556,36 @@ switch( $mode )
 		$page_title = $lang['Mod_CP'];
 		include($phpbb_root_path . 'includes/page_header.'.$phpEx);
 
-		if ( isset($HTTP_POST_VARS['split_type_all']) || isset($HTTP_POST_VARS['split_type_beyond']) )
+		if ( isset($_POST['split_type_all']) || isset($_POST['split_type_beyond']) )
 		{
-			$posts = $HTTP_POST_VARS['post_id_list'];
+			$posts = $_POST['post_id_list'];
 
 			$sql = "SELECT poster_id, topic_id, post_time
 				FROM " . POSTS_TABLE . "
 				WHERE post_id = " . $posts[0];
-			if ( !($result = $db->sql_query($sql)) )
-			{
-				message_die(GENERAL_ERROR, 'Could not get post information', '', __LINE__, __FILE__, $sql);
-			}
+			$result = $db->sql_query($sql);
 
 			$post_rowset = $db->sql_fetchrow($result);
 			$first_poster = str_replace("\'", "''", $post_rowset['poster_id']);
 			$topic_id = $post_rowset['topic_id'];
 			$post_time = $post_rowset['post_time'];
 
-			$post_subject = trim(htmlspecialchars($HTTP_POST_VARS['subject']));
+			$post_subject = trim(htmlspecialchars($_POST['subject']));
 			if ( empty($post_subject) )
 			{
-				message_die(GENERAL_MESSAGE, $lang['Empty_subject']);
+				message_die(MESSAGE, $lang['Empty_subject']);
 			}
 
-			$new_forum_id = intval($HTTP_POST_VARS['new_forum_id']);
+			$new_forum_id = intval($_POST['new_forum_id']);
 			$topic_time = time();
 
 			$sql  = "INSERT INTO " . TOPICS_TABLE . " (topic_title, topic_poster, topic_time, forum_id, topic_status, topic_type)
 				VALUES ('" . str_replace("\'", "''", $post_subject) . "', $first_poster, " . $topic_time . ", $new_forum_id, " . TOPIC_UNLOCKED . ", " . POST_NORMAL . ")";
-			if ( !($result = $db->sql_query($sql, BEGIN_TRANSACTION)) )
-			{
-				message_die(GENERAL_ERROR, 'Could not insert new topic', '', __LINE__, __FILE__, $sql);
-			}
+			$db->sql_query($sql);
 
 			$new_topic_id = $db->sql_nextid();
 
-			if( !empty($HTTP_POST_VARS['split_type_all']) )
+			if( !empty($_POST['split_type_all']) )
 			{
 				$post_id_sql = '';
 				for($i = 0; $i < count($posts); $i++)
@@ -610,7 +597,7 @@ switch( $mode )
 					SET topic_id = $new_topic_id, forum_id = $new_forum_id
 					WHERE post_id IN ($post_id_sql)";
 			}
-			else if( !empty($HTTP_POST_VARS['split_type_beyond']) )
+			else if( !empty($_POST['split_type_beyond']) )
 			{
 				$sql = "UPDATE " . POSTS_TABLE . "
 					SET topic_id = $new_topic_id, forum_id = $new_forum_id
@@ -618,10 +605,7 @@ switch( $mode )
 						AND topic_id = $topic_id";
 			}
 
-			if( !$db->sql_query($sql, END_TRANSACTION) )
-			{
-				message_die(GENERAL_ERROR, 'Could not update posts table', '', __LINE__, __FILE__, $sql);
-			}
+			$db->sql_query($sql);
 
 			sync('topic', $new_topic_id);
 			sync('topic', $topic_id);
@@ -629,11 +613,11 @@ switch( $mode )
 			sync('forum', $forum_id);
 
 			$template->assign_vars(array(
-				'META' => '<meta http-equiv="refresh" content="3;url=' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . '">')
+				'META' => '<meta http-equiv="refresh" content="3;url=' . "viewtopic.$phpEx$SID&amp;t==$topic_id" . '">')
 			);
 
-			$message = $lang['Topic_split'] . '<br /><br />' . sprintf($lang['Click_return_topic'], '<a href="' . append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id") . '">', '</a>');
-			message_die(GENERAL_MESSAGE, $message);
+			$message = $lang['Topic_split'] . '<br /><br />' . sprintf($lang['Click_return_topic'], '<a href="' . "viewtopic.$phpEx$SID&amp;t==$topic_id" . '">', '</a>');
+			message_die(MESSAGE, $message);
 		}
 		else
 		{
@@ -650,12 +634,9 @@ switch( $mode )
 					AND p.poster_id = u.user_id
 					AND p.post_id = pt.post_id
 				ORDER BY p.post_time ASC";
-			if ( !($result = $db->sql_query($sql)) )
-			{
-				message_die(GENERAL_ERROR, 'Could not get topic/post information', '', __LINE__, __FILE__, $sql);
-			}
+			$result = $db->sql_query($sql);
 
-			$s_hidden_fields = '<input type="hidden" name="' . POST_FORUM_URL . '" value="' . $forum_id . '" /><input type="hidden" name="mode" value="split" />';
+			$s_hidden_fields = '<input type="hidden" name="f" value="' . $forum_id . '" /><input type="hidden" name="mode" value="split" />';
 
 			if( ( $total_posts = $db->sql_numrows($result) ) > 0 )
 			{
@@ -680,9 +661,9 @@ switch( $mode )
 
 					'FORUM_NAME' => $forum_name,
 
-					'U_VIEW_FORUM' => append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id"),
+					'U_VIEW_FORUM' => "viewforum.$phpEx$SID&amp;f=$forum_id",
 
-					'S_SPLIT_ACTION' => append_sid("modcp.$phpEx"),
+					'S_SPLIT_ACTION' => "modcp.$phpEx$SID",
 					'S_HIDDEN_FIELDS' => $s_hidden_fields,
 					'S_FORUM_SELECT' => make_forum_select("new_forum_id"))
 				);
@@ -693,7 +674,7 @@ switch( $mode )
 					$poster_id = $postrow[$i]['user_id'];
 					$poster = $postrow[$i]['username'];
 
-					$post_date = create_date($board_config['default_dateformat'], $postrow[$i]['post_time'], $board_config['board_timezone']);
+					$post_date = $user->format_date($postrow[$i]['post_time']);
 
 					$bbcode_uid = $postrow[$i]['bbcode_uid'];
 					$message = $postrow[$i]['post_text'];
@@ -738,14 +719,9 @@ switch( $mode )
 
 					$message = str_replace("\n", '<br />', $message);
 
-					$row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
-					$row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
-
 					$checkbox = ( $i > 0 ) ? '<input type="checkbox" name="post_id_list[]" value="' . $post_id . '" />' : '&nbsp;';
 
 					$template->assign_block_vars('postrow', array(
-						'ROW_COLOR' => '#' . $row_color,
-						'ROW_CLASS' => $row_class,
 						'POSTER_NAME' => $poster,
 						'POST_DATE' => $post_date,
 						'POST_SUBJECT' => $post_subject,
@@ -765,11 +741,11 @@ switch( $mode )
 		$page_title = $lang['Mod_CP'];
 		include($phpbb_root_path . 'includes/page_header.'.$phpEx);
 
-		$rdns_ip_num = ( isset($HTTP_GET_VARS['rdns']) ) ? $HTTP_GET_VARS['rdns'] : "";
+		$rdns_ip_num = ( isset($_GET['rdns']) ) ? $_GET['rdns'] : '';
 
 		if ( !$post_id )
 		{
-			message_die(GENERAL_MESSAGE, $lang['No_such_post']);
+			message_die(MESSAGE, $lang['No_such_post']);
 		}
 
 		//
@@ -783,14 +759,11 @@ switch( $mode )
 		$sql = "SELECT poster_ip, poster_id
 			FROM " . POSTS_TABLE . "
 			WHERE post_id = $post_id";
-		if ( !($result = $db->sql_query($sql)) )
-		{
-			message_die(GENERAL_ERROR, 'Could not get poster IP information', '', __LINE__, __FILE__, $sql);
-		}
+		$result = $db->sql_query($sql);
 
 		if ( !($post_row = $db->sql_fetchrow($result)) )
 		{
-			message_die(GENERAL_MESSAGE, $lang['No_such_post']);
+			message_die(MESSAGE, $lang['No_such_post']);
 		}
 
 		$ip_this_post = $post_row['poster_ip'];
@@ -810,7 +783,7 @@ switch( $mode )
 
 			'IP' => $ip_this_post,
 
-			'U_LOOKUP_IP' => append_sid("modcp.$phpEx?mode=ip&amp;" . POST_POST_URL . "=$post_id&amp;" . POST_TOPIC_URL . "=$topic_id&amp;rdns=" . $ip_this_post))
+			'U_LOOKUP_IP' => "modcp.$phpEx$SID&amp;mode=ip&amp;p=$post_id&amp;t=$topic_id&amp;rdns=" . $ip_this_post)
 		);
 
 		//
@@ -821,10 +794,7 @@ switch( $mode )
 			WHERE poster_id = $poster_id
 			GROUP BY poster_ip
 			ORDER BY postings DESC";
-		if ( !($result = $db->sql_query($sql)) )
-		{
-			message_die(GENERAL_ERROR, 'Could not get IP information for this user', '', __LINE__, __FILE__, $sql);
-		}
+		$result = $db->sql_query($sql);
 
 		if ( $row = $db->sql_fetchrow($result) )
 		{
@@ -842,16 +812,11 @@ switch( $mode )
 				$ip = $row['poster_ip'];
 				$ip = ( $rdns_ip_num == $row['poster_ip'] || $rdns_ip_num == 'all') ? gethostbyaddr($ip) : $ip;
 
-				$row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
-				$row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
-
 				$template->assign_block_vars('iprow', array(
-					'ROW_COLOR' => '#' . $row_color,
-					'ROW_CLASS' => $row_class,
 					'IP' => $ip,
 					'POSTS' => $row['postings'] . ' ' . ( ( $row['postings'] == 1 ) ? $lang['Post'] : $lang['Posts'] ),
 
-					'U_LOOKUP_IP' => append_sid("modcp.$phpEx?mode=ip&amp;" . POST_POST_URL . "=$post_id&amp;" . POST_TOPIC_URL . "=$topic_id&amp;rdns=" . $row['poster_ip']))
+					'U_LOOKUP_IP' => "modcp.$phpEx$SID&amp;mode=ip&amp;p=$post_id&amp;t=$topic_id&amp;rdns=" . $row['poster_ip'])
 				);
 
 				$i++;
@@ -868,10 +833,7 @@ switch( $mode )
 				AND p.poster_ip = '" . $post_row['poster_ip'] . "'
 			GROUP BY u.user_id, u.username
 			ORDER BY postings DESC";
-		if ( !($result = $db->sql_query($sql)) )
-		{
-			message_die(GENERAL_ERROR, 'Could not get posters information based on IP', '', __LINE__, __FILE__, $sql);
-		}
+		$result = $db->sql_query($sql);
 
 		if ( $row = $db->sql_fetchrow($result) )
 		{
@@ -879,20 +841,15 @@ switch( $mode )
 			do
 			{
 				$id = $row['user_id'];
-				$username = ( $id == ANONYMOUS ) ? $lang['Guest'] : $row['username'];
-
-				$row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
-				$row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
+				$username = ( !$id ) ? $lang['Guest'] : $row['username'];
 
 				$template->assign_block_vars('userrow', array(
-					'ROW_COLOR' => '#' . $row_color,
-					'ROW_CLASS' => $row_class,
 					'USERNAME' => $username,
 					'POSTS' => $row['postings'] . ' ' . ( ( $row['postings'] == 1 ) ? $lang['Post'] : $lang['Posts'] ),
 					'L_SEARCH_POSTS' => sprintf($lang['Search_user_posts'], $username),
 
-					'U_PROFILE' => append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=$id"),
-					'U_SEARCHPOSTS' => append_sid("search.$phpEx?search_author=" . urlencode($username) . "&amp;showresults=topics"))
+					'U_PROFILE' => "profile.$phpEx$SID&amp;mode=viewprofile&amp;u=$id",
+					'U_SEARCHPOSTS' => "search.$phpEx$SID&amp;search_author=" . urlencode($username) . "&amp;showresults=topics")
 				);
 
 				$i++;
@@ -1012,7 +969,7 @@ switch( $mode )
 			$u_view_topic = "modcp.$phpEx$SID&amp;mode=split&amp;t=$topic_id";
 			$topic_replies = $row['topic_replies'];
 
-			$last_post_time = create_date($board_config['default_dateformat'], $row['post_time'], $board_config['board_timezone']);
+			$last_post_time = $user->format_date($row['post_time']);
 
 			$template->assign_block_vars('topicrow', array(
 				'U_VIEW_TOPIC' => $u_view_topic,

phpBB/posting.php

@@ -26,12 +26,15 @@ include($phpbb_root_path . 'common.'.$phpEx);
 include($phpbb_root_path . 'includes/functions_posting.'.$phpEx);
 include($phpbb_root_path . 'includes/bbcode.'.$phpEx);
 
+extract($_GET);
+extract($_POST);
 
 // Check and impose var types?
 $vars = array(
 	'intval' => array(
 		'forum_id' => 'f',
-		'post_id' => 'p'
+		'post_id' => 'p',
+		'topic_id' => 't',
 	)
 );
 
@@ -43,12 +46,6 @@ foreach ( $vars as $vartype => $varcheck)
 	}
 }
 
-
-
-
-extract($_GET);
-extract($_POST);
-
 $refresh = $preview || $poll_add || $poll_edit || $poll_delete;
 
 // ------------------------------------------------
@@ -57,11 +54,10 @@ $refresh = $preview || $poll_add || $poll_edit || $poll_delete;
 
 // Start session management
 $userdata = $session->start();
-$auth->acl($userdata, $f);
-$session->configure($userdata);
-//
+$auth->acl($userdata, $f, array('f_post', 'f_edit', 'f_delete', 'f_attach', 'f_poll', 'f_img', 'f_flash', 'f_bbcode', 'f_html', 'f_smilies', 'f_vote', 'f_sticky', 'f_announce'));
+$user = new user($userdata);
 // End session management
-//
+
 
 // Was cancel pressed? If so then redirect to the appropriate
 // page, no point in continuing with any further checks
@@ -332,7 +328,7 @@ if ( $row = $db->sql_fetchrow($result) )
 $topic_type_toggle = '';
 if ( $mode == 'newtopic' || ( $mode == 'editpost' && $post_data['first_post'] ) )
 {
-	if ( $auth->get_acl($f, 'forum', 'sticky') )
+	if ( $auth->acl_get('f_sticky', $forum_id) )
 	{
 		$topic_type_toggle .= '<input type="radio" name="topictype" value="' . POST_STICKY . '"';
 		if ( $post_data['topic_type'] == POST_STICKY || $topic_type == POST_STICKY )
@@ -342,7 +338,7 @@ if ( $mode == 'newtopic' || ( $mode == 'editpost' && $post_data['first_post'] )
 		$topic_type_toggle .= ' /> ' . $lang['Post_Sticky'] . '&nbsp;&nbsp;';
 	}
 
-	if ( $auth->get_acl($f, 'forum', 'announce') )
+	if ( $auth->acl_get('f_announce', $forum_id) )
 	{
 		$topic_type_toggle .= '<input type="radio" name="topictype" value="' . POST_ANNOUNCE . '"';
 		if ( $post_data['topic_type'] == POST_ANNOUNCE || $topic_type == POST_ANNOUNCE )
@@ -359,11 +355,11 @@ if ( $mode == 'newtopic' || ( $mode == 'editpost' && $post_data['first_post'] )
 }
 
 // HTML, BBCode, Smilies, Images and Flash status
-$html_status = ( $board_config['allow_html'] && $auth->get_acl($f, 'forum', 'html') ) ? $lang['HTML_is_ON'] : $lang['HTML_is_OFF'];
-$bbcode_status = ( $board_config['allow_bbcode'] && $auth->get_acl($f, 'forum', 'bbcode') ) ? $lang['BBCode_is_ON'] : $lang['BBCode_is_OFF'];
-$smilies_status = ( $board_config['allow_smilies'] && $auth->get_acl($f, 'forum', 'smilies') ) ? $lang['Smilies_are_ON'] : $lang['Smilies_are_OFF'];
-$img_status = ( $board_config['allow_img'] && $auth->get_acl($f, 'forum', 'img') ) ? $lang['Images_are_ON'] : $lang['Images_are_OFF'];
-$flash_status = ( $board_config['allow_flash'] && $auth->get_acl($f, 'forum', 'flash') ) ? $lang['Flash_is_ON'] : $lang['Flash_is_OFF'];
+$html_status = ( $board_config['allow_html'] && $auth->acl_get('f_html', $f) ) ? true : false;
+$bbcode_status = ( $board_config['allow_bbcode'] && $auth->acl_get('f_bbcode', $f) ) ? true : false;
+$smilies_status = ( $board_config['allow_smilies'] && $auth->acl_get('f_smilies', $f) ) ? true : false;
+$img_status = ( $board_config['allow_img'] && $auth->acl_get('f_img', $f) ) ? true : false;
+$flash_status = ( $board_config['allow_flash'] && $auth->acl_get('f_flash', $f) ) ? true : false;
 
 // Page title/hidden fields
 $s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" />';
@@ -393,11 +389,11 @@ $template->assign_vars(array(
 	'USERNAME' => $username,
 	'SUBJECT' => $subject,
 	'MESSAGE' => $message,
-	'HTML_STATUS' => $html_status,
-	'BBCODE_STATUS' => sprintf($bbcode_status, '<a href="' . "faq.$phpEx$SID&amp;mode=bbcode" . '" target="_phpbbcode">', '</a>'),
-	'SMILIES_STATUS' => $smilies_status,
-	'IMG_STATUS' => $img_status,
-	'FLASH_STATUS' => $flash_status,
+	'HTML_STATUS' => ( $html_status ) ? $lang['HTML_is_ON'] : $lang['HTML_is_OFF'],
+	'BBCODE_STATUS' => ( $bbcode_status ) ? sprintf($lang['BBCode_is_ON'], '<a href="' . "faq.$phpEx$SID&amp;mode=bbcode" . '" target="_phpbbcode">', '</a>') : sprintf($lang['BBCode_is_OFF'], '<a href="' . "faq.$phpEx$SID&amp;mode=bbcode" . '" target="_phpbbcode">', '</a>'),
+	'SMILIES_STATUS' => ( $smilies_status ) ? $lang['Smilies_are_ON'] : $lang['Smilies_are_OFF'],
+	'IMG_STATUS' => ( $img_status ) ? $lang['Images_are_ON'] : $lang['Images_are_OFF'],
+	'FLASH_STATUS' => ( $flash_status ) ? $lang['Flash_is_ON'] : $lang['Flash_is_OFF'],
 
 	'L_POST_A' => $page_title,
 	'L_POST_SUBJECT' => $lang['Post_subject'],
@@ -457,13 +453,13 @@ $template->assign_vars(array(
 	'S_NOTIFY_CHECKED' => ( $notify_user ) ? 'checked="checked"' : '',
 	'S_DISPLAY_USERNAME' => ( !$userdata['user_id'] || ( $mode == 'editpost' && $post_info['post_username'] ) ) ? true : false,
 
-	'S_SAVE_ALLOWED' => ( $auth->get_acl($f, 'forum', 'save') ) ? true : false,
-	'S_HTML_ALLOWED' => ( $board_config['allow_html'] && $auth->get_acl($f, 'forum', 'html') ) ? true : false,
-	'S_BBCODE_ALLOWED' => ( $board_config['allow_bbcode'] && $auth->get_acl($f, 'forum', 'bbcode') )  ? true : false,
-	'S_SMILIES_ALLOWED' => ( $board_config['allow_smilies'] && $auth->get_acl($f, 'forum', 'smilies') )  ? true : false,
-	'S_SIG_ALLOWED' => ( $auth->get_acl($f, 'forum', 'sigs') ) ? true : false,
+	'S_SAVE_ALLOWED' => ( $auth->acl_get('f_save', $f) ) ? true : false,
+	'S_HTML_ALLOWED' => $html_status,
+	'S_BBCODE_ALLOWED' => $bbcode_status,
+	'S_SMILIES_ALLOWED' => $smilies_status,
+	'S_SIG_ALLOWED' => ( $auth->acl_get('f_sigs', $f) ) ? true : false,
 	'S_NOTIFY_ALLOWED' => ( $userdata['user_id'] ) ? true : false,
-	'S_DELETE_ALLOWED' => ( $mode == 'editpost' && ( ( $auth->get_acl($f, 'forum', 'delete') && $post_data['last_post'] && ( !$post_data['has_poll'] || $post_data['edit_poll'] ) ) || $auth->get_acl($f, 'mod') ) ) ? true : false,
+	'S_DELETE_ALLOWED' => ( $mode == 'editpost' && ( ( $auth->acl_get('f_delete', $f) && $post_data['last_post'] && ( !$post_data['has_poll'] || $post_data['edit_poll'] ) ) || $auth->acl_is_mod($f) ) ) ? true : false,
 	'S_TYPE_TOGGLE' => $topic_type_toggle,
 
 	'S_TOPIC_ID' => $t,
@@ -474,7 +470,7 @@ $template->assign_vars(array(
 //
 // Poll entry
 //
-if ( ( $mode == 'newtopic' || ( $mode == 'editpost' && $post_data['first_post'] ) ) && $auth->get_acl($f, 'forum', 'poll') )
+if ( ( $mode == 'newtopic' || ( $mode == 'editpost' && $post_data['first_post'] ) ) && $auth->acl_get('f_poll', $f) )
 {
 	$template->assign_vars(array(
 		'S_SHOW_POLL_BOX' => true,
@@ -509,10 +505,8 @@ if ( ( $mode == 'newtopic' || ( $mode == 'editpost' && $post_data['first_post']
 	}
 }
 
-//
 // Attachment entry
-//
-if ( $auth->get_acl($f, 'forum', 'attach') )
+if ( $auth->acl_get('f_attach', $f) )
 {
 	$template->assign_vars(array(
 		'S_SHOW_ATTACH_BOX' => true,
@@ -525,21 +519,16 @@ if ( $auth->get_acl($f, 'forum', 'attach') )
 	);
 }
 
-//
 // Output page ...
-//
 include($phpbb_root_path . 'includes/page_header.'.$phpEx);
 
-
 $template->set_filenames(array(
 	'body' => 'posting_body.html',
 	'reviewbody' => 'posting_topic_review.html')
 );
 make_jumpbox('viewforum.'.$phpEx);
 
-//
 // Topic review
-//
 if ( $mode == 'reply' )
 {
 	require($phpbb_root_path . 'includes/topic_review.'.$phpEx);

phpBB/privmsg.php

@@ -25,14 +25,14 @@ $phpbb_root_path = './';
 include($phpbb_root_path . 'extension.inc');
 include($phpbb_root_path . 'common.'.$phpEx);
 include($phpbb_root_path . 'includes/bbcode.'.$phpEx);
-include($phpbb_root_path . 'includes/functions_post.'.$phpEx);
+include($phpbb_root_path . 'includes/functions_posting.'.$phpEx);
 
 //
 // Is PM disabled?
 //
 if ( !empty($board_config['privmsg_disable']) )
 {
-	message_die(GENERAL_MESSAGE, 'PM_disabled');
+	message_die(MESSAGE, 'PM_disabled');
 }
 
 $html_entities_match = array('#&#', '#<#', '#>#');
@@ -41,22 +41,22 @@ $html_entities_replace = array('&amp;', '&lt;', '&gt;');
 //
 // Parameters
 //
-$submit = ( isset($HTTP_POST_VARS['post']) ) ? TRUE : 0;
-$submit_search = ( isset($HTTP_POST_VARS['usersubmit']) ) ? TRUE : 0;
-$submit_msgdays = ( isset($HTTP_POST_VARS['submit_msgdays']) ) ? TRUE : 0;
-$cancel = ( isset($HTTP_POST_VARS['cancel']) ) ? TRUE : 0;
-$preview = ( isset($HTTP_POST_VARS['preview']) ) ? TRUE : 0;
-$confirm = ( isset($HTTP_POST_VARS['confirm']) ) ? TRUE : 0;
-$delete = ( isset($HTTP_POST_VARS['delete']) ) ? TRUE : 0;
-$delete_all = ( isset($HTTP_POST_VARS['deleteall']) ) ? TRUE : 0;
+$submit = ( isset($_POST['post']) ) ? TRUE : 0;
+$submit_search = ( isset($_POST['usersubmit']) ) ? TRUE : 0;
+$submit_msgdays = ( isset($_POST['submit_msgdays']) ) ? TRUE : 0;
+$cancel = ( isset($_POST['cancel']) ) ? TRUE : 0;
+$preview = ( isset($_POST['preview']) ) ? TRUE : 0;
+$confirm = ( isset($_POST['confirm']) ) ? TRUE : 0;
+$delete = ( isset($_POST['delete']) ) ? TRUE : 0;
+$delete_all = ( isset($_POST['deleteall']) ) ? TRUE : 0;
 
 $refresh = $preview || $submit_search;
 
-$mark_list = ( !empty($HTTP_POST_VARS['mark']) ) ? $HTTP_POST_VARS['mark'] : 0;
+$mark_list = ( !empty($_POST['mark']) ) ? $_POST['mark'] : 0;
 
-if ( isset($HTTP_POST_VARS['folder']) || isset($HTTP_GET_VARS['folder']) )
+if ( isset($_POST['folder']) || isset($_GET['folder']) )
 {
-	$folder = ( isset($HTTP_POST_VARS['folder']) ) ? $HTTP_POST_VARS['folder'] : $HTTP_GET_VARS['folder'];
+	$folder = ( isset($_POST['folder']) ) ? $_POST['folder'] : $_GET['folder'];
 
 	if ( $folder != 'inbox' && $folder != 'outbox' && $folder != 'sentbox' && $folder != 'savebox' )
 	{
@@ -78,32 +78,29 @@ if ( $cancel )
 	exit;
 }
 
-//
 // Start session management
-//
 $userdata = $session->start();
 $auth->acl($userdata);
-//
+$user = new user($userdata);
 // End session management
-//
 
 //
 // Var definitions
 //
-if ( !empty($HTTP_POST_VARS['mode']) || !empty($HTTP_GET_VARS['mode']) )
+if ( !empty($_POST['mode']) || !empty($_GET['mode']) )
 {
-	$mode = ( !empty($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
+	$mode = ( !empty($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode'];
 }
 else
 {
 	$mode = '';
 }
 
-$start = ( !empty($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0;
+$start = ( !empty($_GET['start']) ) ? intval($_GET['start']) : 0;
 
-if ( isset($HTTP_POST_VARS[POST_POST_URL]) || isset($HTTP_GET_VARS[POST_POST_URL]) )
+if ( isset($_POST['p']) || isset($_GET['p']) )
 {
-	$privmsg_id = ( isset($HTTP_POST_VARS[POST_POST_URL]) ) ? intval($HTTP_POST_VARS[POST_POST_URL]) : intval($HTTP_GET_VARS[POST_POST_URL]);
+	$privmsg_id = ( isset($_POST['p']) ) ? intval($_POST['p']) : intval($_GET['p']);
 }
 else
 {
@@ -141,7 +138,7 @@ if ( $mode == 'newpm' )
 		'body' => 'privmsgs_popup.tpl')
 	);
 
-	if ( $userdata['session_logged_in'] )
+	if ( $userdata['user_id'] )
 	{
 		if ( $userdata['user_new_privmsg'] )
 		{
@@ -171,16 +168,16 @@ if ( $mode == 'newpm' )
 }
 else if ( $mode == 'read' )
 {
-	if ( !empty($HTTP_GET_VARS[POST_POST_URL]) )
+	if ( !empty($_GET['p']) )
 	{
-		$privmsgs_id = intval($HTTP_GET_VARS[POST_POST_URL]);
+		$privmsgs_id = intval($_GET['p']);
 	}
 	else
 	{
-		message_die(GENERAL_ERROR, $lang['No_post_id']);
+		message_die(MESSAGE, $lang['No_post_id']);
 	}
 
-	if ( !$userdata['session_logged_in'] )
+	if ( !$userdata['user_id'] )
 	{
 		$header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: ';
 		header($header_location . append_sid("login.$phpEx?redirect=privmsg.$phpEx&folder=$folder&mode=$mode&" . POST_POST_URL . "=$privmsgs_id", true));
@@ -219,7 +216,7 @@ else if ( $mode == 'read' )
 				)";
 			break;
 		default:
-			message_die(GENERAL_ERROR, $lang['No_such_folder']);
+			message_die(MESSAGE, $lang['No_such_folder']);
 			break;
 	}
 
@@ -233,10 +230,7 @@ else if ( $mode == 'read' )
 			$pm_sql_user
 			AND u.user_id = pm.privmsgs_from_userid
 			AND u2.user_id = pm.privmsgs_to_userid";
-	if ( !($result = $db->sql_query($sql)) )
-	{
-		message_die(GENERAL_ERROR, 'Could not query private message post information', '', __LINE__, __FILE__, $sql);
-	}
+	$result = $db->sql_query($sql);
 
 	//
 	// Did the query return any data?
@@ -258,18 +252,12 @@ else if ( $mode == 'read' )
 		$sql = "UPDATE " . PRIVMSGS_TABLE . "
 			SET privmsgs_type = " . PRIVMSGS_READ_MAIL . "
 			WHERE privmsgs_id = " . $privmsg['privmsgs_id'];
-		if ( !$db->sql_query($sql) )
-		{
-			message_die(GENERAL_ERROR, 'Could not update private message read status', '', __LINE__, __FILE__, $sql);
-		}
+		$db->sql_query($sql);
 
 		$sql = "UPDATE " . USERS_TABLE . "
 			SET user_unread_privmsg = user_unread_privmsg - 1
 			WHERE user_id = " . $userdata['user_id'];
-		if ( !$db->sql_query($sql) )
-		{
-			message_die(GENERAL_ERROR, 'Could not update private message read status for user', '', __LINE__, __FILE__, $sql);
-		}
+		$db->sql_query($sql);
 
 		//
 		// Check to see if the poster has a 'full' sent box
@@ -278,10 +266,7 @@ else if ( $mode == 'read' )
 			FROM " . PRIVMSGS_TABLE . "
 			WHERE privmsgs_type = " . PRIVMSGS_SENT_MAIL . "
 				AND privmsgs_from_userid = " . $privmsg['privmsgs_from_userid'];
-		if ( !($result = $db->sql_query($sql)) )
-		{
-			message_die(GENERAL_ERROR, 'Could not obtain sent message info for sendee', '', __LINE__, __FILE__, $sql);
-		}
+		$result = $db->sql_query($sql);
 
 		$sql_priority = ( SQL_LAYER == 'mysql' ) ? 'LOW_PRIORITY' : '';
 
@@ -293,10 +278,7 @@ else if ( $mode == 'read' )
 					WHERE privmsgs_type = " . PRIVMSGS_SENT_MAIL . "
 						AND privmsgs_date = " . $sent_info['oldest_post_time'] . "
 						AND privmsgs_from_userid = " . $privmsg['privmsgs_from_userid'];
-				if ( !$db->sql_query($sql) )
-				{
-					message_die(GENERAL_ERROR, 'Could not delete oldest privmsgs', '', __LINE__, __FILE__, $sql);
-				}
+				$db->sql_query($sql);
 			}
 		}
 
@@ -307,19 +289,13 @@ else if ( $mode == 'read' )
 		//
 		$sql = "INSERT $sql_priority INTO " . PRIVMSGS_TABLE . " (privmsgs_type, privmsgs_subject, privmsgs_from_userid, privmsgs_to_userid, privmsgs_date, privmsgs_ip, privmsgs_enable_html, privmsgs_enable_bbcode, privmsgs_enable_smilies, privmsgs_attach_sig)
 			VALUES (" . PRIVMSGS_SENT_MAIL . ", '" . str_replace("\'", "''", addslashes($privmsg['privmsgs_subject'])) . "', " . $privmsg['privmsgs_from_userid'] . ", " . $privmsg['privmsgs_to_userid'] . ", " . $privmsg['privmsgs_date'] . ", '" . $privmsg['privmsgs_ip'] . "', " . $privmsg['privmsgs_enable_html'] . ", " . $privmsg['privmsgs_enable_bbcode'] . ", " . $privmsg['privmsgs_enable_smilies'] . ", " .  $privmsg['privmsgs_attach_sig'] . ")";
-		if ( !$db->sql_query($sql) )
-		{
-			message_die(GENERAL_ERROR, 'Could not insert private message sent info', '', __LINE__, __FILE__, $sql);
-		}
+		$db->sql_query($sql);
 
 		$privmsg_sent_id = $db->sql_nextid();
 
 		$sql = "INSERT $sql_priority INTO " . PRIVMSGS_TEXT_TABLE . " (privmsgs_text_id, privmsgs_bbcode_uid, privmsgs_text)
 			VALUES ($privmsg_sent_id, '" . $privmsg['privmsgs_bbcode_uid'] . "', '" . str_replace("\'", "''", addslashes($privmsg['privmsgs_text'])) . "')";
-		if ( !$db->sql_query($sql) )
-		{
-			message_die(GENERAL_ERROR, 'Could not insert private message sent text', '', __LINE__, __FILE__, $sql);
-		}
+		$db->sql_query($sql);
 	}
 
 	//
@@ -462,19 +438,19 @@ else if ( $mode == 'read' )
 	$username_to = $privmsg['username_2'];
 	$user_id_to = $privmsg['user_id_2'];
 
-	$post_date = create_date($board_config['default_dateformat'], $privmsg['privmsgs_date'], $board_config['board_timezone']);
+	$post_date = $user->format_date($privmsg['privmsgs_date']);
 
-	$temp_url = append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . '=' . $user_id_from);
+	$temp_url = append_sid("profile.$phpEx?mode=viewprofile&amp;u=$user_id_from");
 	$profile_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_profile'] . '" alt="' . $lang['Read_profile'] . '" title="' . $lang['Read_profile'] . '" border="0" /></a>';
 	$profile = '<a href="' . $temp_url . '">' . $lang['Read_profile'] . '</a>';
 
-	$temp_url = append_sid("privmsg.$phpEx?mode=post&amp;" . POST_USERS_URL . "=$poster_id");
+	$temp_url = append_sid("privmsg.$phpEx?mode=post&amp;u=$poster_id");
 	$pm_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_pm'] . '" alt="' . $lang['Send_private_message'] . '" title="' . $lang['Send_private_message'] . '" border="0" /></a>';
 	$pm = '<a href="' . $temp_url . '">' . $lang['Send_private_message'] . '</a>';
 
-	if ( !empty($privmsg['user_viewemail']) || $userdata['user_level'] == ADMIN )
+	if ( !empty($privmsg['user_viewemail']) || $auth->acl_get('a_') )
 	{
-		$email_uri = ( $board_config['board_email_form'] ) ? append_sid("profile.$phpEx?mode=email&amp;" . POST_USERS_URL .'=' . $user_id_from) : 'mailto:' . $privmsg['user_email'];
+		$email_uri = ( $board_config['board_email_form'] ) ? append_sid("profile.$phpEx?mode=email&amp;u$user_id_from") : 'mailto:' . $privmsg['user_email'];
 
 		$email_img = '<a href="' . $email_uri . '"><img src="' . $images['icon_email'] . '" alt="' . $lang['Send_email'] . '" title="' . $lang['Send_email'] . '" border="0" /></a>';
 		$email = '<a href="' . $email_uri . '">' . $lang['Send_email'] . '</a>';
@@ -504,7 +480,7 @@ else if ( $mode == 'read' )
 	$aim_img = ( $privmsg['user_aim'] ) ? '<a href="aim:goim?screenname=' . $privmsg['user_aim'] . '&amp;message=Hello+Are+you+there?"><img src="' . $images['icon_aim'] . '" alt="' . $lang['AIM'] . '" title="' . $lang['AIM'] . '" border="0" /></a>' : '';
 	$aim = ( $privmsg['user_aim'] ) ? '<a href="aim:goim?screenname=' . $privmsg['user_aim'] . '&amp;message=Hello+Are+you+there?">' . $lang['AIM'] . '</a>' : '';
 
-	$temp_url = append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=$poster_id");
+	$temp_url = append_sid("profile.$phpEx?mode=viewprofile&amp;u=$poster_id");
 	$msn_img = ( $privmsg['user_msnm'] ) ? '<a href="' . $temp_url . '"><img src="' . $images['icon_msnm'] . '" alt="' . $lang['MSNM'] . '" title="' . $lang['MSNM'] . '" border="0" /></a>' : '';
 	$msn = ( $privmsg['user_msnm'] ) ? '<a href="' . $temp_url . '">' . $lang['MSNM'] . '</a>' : '';
 
@@ -579,7 +555,7 @@ else if ( $mode == 'read' )
 		$private_message = smilies_pass($private_message);
 	}
 
-	$private_message = str_replace("\n", '<br />', $private_message);
+	$private_message = nl2br($private_message);
 
 	//
 	// Dump it to the templating engine
@@ -622,7 +598,7 @@ else if ( $mode == 'read' )
 }
 else if ( ( $delete && $mark_list ) || $delete_all )
 {
-	if ( !$userdata['session_logged_in'] )
+	if ( !$userdata['user_id'] )
 	{
 		$header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: ';
 		header($header_location . append_sid("login.$phpEx?redirect=privmsg.$phpEx&folder=inbox", true));
@@ -636,7 +612,7 @@ else if ( ( $delete && $mark_list ) || $delete_all )
 	if ( !$confirm )
 	{
 		$s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" />';
-		$s_hidden_fields .= ( isset($HTTP_POST_VARS['delete']) ) ? '<input type="hidden" name="delete" value="true" />' : '<input type="hidden" name="deleteall" value="true" />';
+		$s_hidden_fields .= ( isset($_POST['delete']) ) ? '<input type="hidden" name="delete" value="true" />' : '<input type="hidden" name="deleteall" value="true" />';
 
 		for($i = 0; $i < count($mark_list); $i++)
 		{
@@ -697,10 +673,7 @@ else if ( ( $delete && $mark_list ) || $delete_all )
 			$sql = "SELECT privmsgs_id
 				FROM " . PRIVMSGS_TABLE . "
 				WHERE $delete_type";
-			if ( !($result = $db->sql_query($sql)) )
-			{
-				message_die(GENERAL_ERROR, 'Could not obtain id list to delete all messages', '', __LINE__, __FILE__, $sql);
-			}
+			$result = $db->sql_query($sql);
 
 			while ( $row = $db->sql_fetchrow($result) )
 			{
@@ -714,11 +687,9 @@ else if ( ( $delete && $mark_list ) || $delete_all )
 		{
 			$delete_sql_id = implode(', ', $mark_list);
 
-			//
 			// Need to decrement the new message counter of recipient
 			// problem is this doesn't affect the unread counter even
 			// though it may be the one that needs changing ... hhmmm
-			//
 			if ( $folder == 'outbox' )
 			{
 				$sql = "SELECT privmsgs_to_userid
@@ -726,10 +697,7 @@ else if ( ( $delete && $mark_list ) || $delete_all )
 					WHERE privmsgs_id IN ($delete_sql_id)
 						AND privmsgs_from_userid = " . $userdata['user_id'] . "
 						AND privmsgs_type = " . PRIVMSGS_NEW_MAIL;
-				if ( !($result = $db->sql_query($sql)) )
-				{
-					message_die(GENERAL_ERROR, 'Could not obtain user id list for outbox messages', '', __LINE__, __FILE__, $sql);
-				}
+				$result = $db->sql_query($sql);
 
 				$update_pm_sql = '';
 				while( $row = $db->sql_fetchrow($result) )
@@ -742,10 +710,7 @@ else if ( ( $delete && $mark_list ) || $delete_all )
 					$sql = "UPDATE " . USERS_TABLE . "
 						SET user_new_privmsg = user_new_privmsg - 1
 						WHERE user_id IN ($update_pm_sql)";
-					if ( !$db->sql_query($sql) )
-					{
-						message_die(GENERAL_ERROR, 'Could not update users new msg counters', '', __LINE__, __FILE__, $sql);
-					}
+					$db->sql_query($sql);
 				}
 
 				$sql = "SELECT privmsgs_to_userid
@@ -753,10 +718,7 @@ else if ( ( $delete && $mark_list ) || $delete_all )
 					WHERE privmsgs_id IN ($delete_sql_id)
 						AND privmsgs_from_userid = " . $userdata['user_id'] . "
 						AND privmsgs_type = " . PRIVMSGS_UNREAD_MAIL;
-				if ( !($result = $db->sql_query($sql)) )
-				{
-					message_die(GENERAL_ERROR, 'Could not obtain user id list for outbox messages', '', __LINE__, __FILE__, $sql);
-				}
+				$result = $db->sql_query($sql);
 
 				$update_pm_sql = '';
 				while( $row = $db->sql_fetchrow($result) )
@@ -769,10 +731,7 @@ else if ( ( $delete && $mark_list ) || $delete_all )
 					$sql = "UPDATE " . USERS_TABLE . "
 						SET user_unread_privmsg = user_unread_privmsg - 1
 						WHERE user_id IN ($update_pm_sql)";
-					if ( !$db->sql_query($sql) )
-					{
-						message_die(GENERAL_ERROR, 'Could not update users new msg counters', '', __LINE__, __FILE__, $sql);
-					}
+					$db->sql_query($sql);
 				}
 			}
 
@@ -806,21 +765,14 @@ else if ( ( $delete && $mark_list ) || $delete_all )
 					break;
 			}
 
-			if ( !$db->sql_query($delete_sql, BEGIN_TRANSACTION) )
-			{
-				message_die(GENERAL_ERROR, 'Could not delete private message info', '', __LINE__, __FILE__, $delete_sql);
-			}
-
-			if ( !$db->sql_query($delete_text_sql, END_TRANSACTION) )
-			{
-				message_die(GENERAL_ERROR, 'Could not delete private message text', '', __LINE__, __FILE__, $delete_text_sql);
-			}
+			$db->sql_query($delete_sql);
+			$db->sql_query($delete_text_sql);
 		}
 	}
 }
 else if ( $save && $mark_list && $folder != 'savebox' && $folder != 'outbox' )
 {
-	if ( !$userdata['session_logged_in'] )
+	if ( !$userdata['user_id'] )
 	{
 		$header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: ';
 		header($header_location . append_sid("login.$phpEx?redirect=privmsg.$phpEx&folder=inbox", true));
@@ -835,10 +787,7 @@ else if ( $save && $mark_list && $folder != 'savebox' && $folder != 'outbox' )
 				AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " )
 			OR ( privmsgs_from_userid = " . $userdata['user_id'] . "
 				AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . ") )";
-	if ( !($result = $db->sql_query($sql)) )
-	{
-		message_die(GENERAL_ERROR, 'Could not obtain sent message info for sendee', '', __LINE__, __FILE__, $sql);
-	}
+	$result = $db->sql_query($sql);
 
 	$sql_priority = ( SQL_LAYER == 'mysql' ) ? 'LOW_PRIORITY' : '';
 
@@ -852,10 +801,7 @@ else if ( $save && $mark_list && $folder != 'savebox' && $folder != 'outbox' )
 						OR ( privmsgs_from_userid = " . $userdata['user_id'] . "
 							AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . ") )
 					AND privmsgs_date = " . $saved_info['oldest_post_time'];
-			if ( !$db->sql_query($sql) )
-			{
-				message_die(GENERAL_ERROR, 'Could not delete oldest privmsgs', '', __LINE__, __FILE__, $sql);
-			}
+			$db->sql_query($sql);
 		}
 	}
 
@@ -898,19 +844,16 @@ else if ( $save && $mark_list && $folder != 'savebox' && $folder != 'outbox' )
 
 		$saved_sql .= " AND privmsgs_id IN ($saved_sql_id)";
 
-		if ( !$db->sql_query($saved_sql) )
-		{
-			message_die(GENERAL_ERROR, 'Could not save private messages', '', __LINE__, __FILE__, $saved_sql);
-		}
+		$db->sql_query($saved_sql);
 	}
 
 }
 else if ( $submit || $refresh || $mode != '' )
 {
 
-	if ( !$userdata['session_logged_in'] )
+	if ( !$userdata['user_id'] )
 	{
-		$user_id = ( isset($HTTP_GET_VARS[POST_USERS_URL]) ) ? '&' . POST_USERS_URL . '=' . intval($HTTP_GET_VARS[POST_USERS_URL]) : '';
+		$user_id = ( isset($_GET['u']) ) ? '&u=' . intval($_GET['u']) : '';
 		$header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: ';
 		header($header_location . append_sid("login.$phpEx?redirect=privmsg.$phpEx&folder=$folder&mode=$mode" . $user_id, true));
 	}
@@ -924,7 +867,7 @@ else if ( $submit || $refresh || $mode != '' )
 	}
 	else
 	{
-		$html_on = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['disable_html']) ) ? 0 : TRUE ) : $userdata['user_allowhtml'];
+		$html_on = ( $submit || $refresh ) ? ( ( !empty($_POST['disable_html']) ) ? 0 : TRUE ) : $userdata['user_allowhtml'];
 	}
 
 	if ( !$board_config['allow_bbcode'] )
@@ -933,7 +876,7 @@ else if ( $submit || $refresh || $mode != '' )
 	}
 	else
 	{
-		$bbcode_on = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['disable_bbcode']) ) ? 0 : TRUE ) : $userdata['user_allowbbcode'];
+		$bbcode_on = ( $submit || $refresh ) ? ( ( !empty($_POST['disable_bbcode']) ) ? 0 : TRUE ) : $userdata['user_allowbbcode'];
 	}
 
 	if ( !$board_config['allow_smilies'] )
@@ -942,42 +885,37 @@ else if ( $submit || $refresh || $mode != '' )
 	}
 	else
 	{
-		$smilies_on = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['disable_smilies']) ) ? 0 : TRUE ) : $userdata['user_allowsmile'];
+		$smilies_on = ( $submit || $refresh ) ? ( ( !empty($_POST['disable_smilies']) ) ? 0 : TRUE ) : $userdata['user_allowsmile'];
 	}
 
-	$attach_sig = ( $submit || $refresh ) ? ( ( !empty($HTTP_POST_VARS['attach_sig']) ) ? TRUE : 0 ) : $userdata['user_attachsig'];
+	$attach_sig = ( $submit || $refresh ) ? ( ( !empty($_POST['attach_sig']) ) ? TRUE : 0 ) : $userdata['user_attachsig'];
 	$user_sig = ( $userdata['user_sig'] != '' && $board_config['allow_sig'] ) ? $userdata['user_sig'] : "";
 
 	if ( $submit && $mode != 'edit' )
 	{
-		//
 		// Flood control
-		//
 		$sql = "SELECT MAX(privmsgs_date) AS last_post_time
 			FROM " . PRIVMSGS_TABLE . "
 			WHERE privmsgs_from_userid = " . $userdata['user_id'];
-		if ( $result = $db->sql_query($sql) )
+		$result = $db->sql_query($sql);
+
+		$db_row = $db->sql_fetchrow($result);
+
+		$last_post_time = $db_row['last_post_time'];
+		$current_time = time();
+
+		if ( ( $current_time - $last_post_time ) < $board_config['flood_interval'])
 		{
-			$db_row = $db->sql_fetchrow($result);
-
-			$last_post_time = $db_row['last_post_time'];
-			$current_time = time();
-
-			if ( ( $current_time - $last_post_time ) < $board_config['flood_interval'])
-			{
-				message_die(GENERAL_MESSAGE, $lang['Flood_Error']);
-			}
+			message_die(MESSAGE, $lang['Flood_Error']);
 		}
-		//
 		// End Flood control
-		//
 	}
 
 	if ( $submit )
 	{
-		if ( !empty($HTTP_POST_VARS['username']) )
+		if ( !empty($_POST['username']) )
 		{
-			$to_username = $HTTP_POST_VARS['username'];
+			$to_username = $_POST['username'];
 
 			$sql = "SELECT user_id, user_notify_pm, user_email, user_lang, user_active
 				FROM " . USERS_TABLE . "
@@ -997,14 +935,14 @@ else if ( $submit || $refresh || $mode != '' )
 			$error_msg .= ( ( !empty($error_msg) ) ? '<br />' : '' ) . $lang['No_to_user'];
 		}
 
-		$privmsg_subject = trim(strip_tags($HTTP_POST_VARS['subject']));
+		$privmsg_subject = trim(strip_tags($_POST['subject']));
 		if ( empty($privmsg_subject) )
 		{
 			$error = TRUE;
 			$error_msg .= ( ( !empty($error_msg) ) ? '<br />' : '' ) . $lang['Empty_subject'];
 		}
 
-		if ( !empty($HTTP_POST_VARS['message']) )
+		if ( !empty($_POST['message']) )
 		{
 			if ( !$error )
 			{
@@ -1013,7 +951,7 @@ else if ( $submit || $refresh || $mode != '' )
 					$bbcode_uid = make_bbcode_uid();
 				}
 
-				$privmsg_message = prepare_message($HTTP_POST_VARS['message'], $html_on, $bbcode_on, $smilies_on, $bbcode_uid);
+				$privmsg_message = prepare_message($_POST['message'], $html_on, $bbcode_on, $smilies_on, $bbcode_uid);
 
 			}
 		}
@@ -1032,7 +970,7 @@ else if ( $submit || $refresh || $mode != '' )
 		if ( !$userdata['user_allow_pm'] )
 		{
 			$message = $lang['Cannot_send_privmsg'];
-			message_die(GENERAL_MESSAGE, $message);
+			message_die(MESSAGE, $message);
 		}
 
 		$msg_time = time();
@@ -1048,10 +986,7 @@ else if ( $submit || $refresh || $mode != '' )
 						OR privmsgs_type = " . PRIVMSGS_READ_MAIL . "
 						OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )
 					AND privmsgs_to_userid = " . $to_userdata['user_id'];
-			if ( !($result = $db->sql_query($sql)) )
-			{
-				message_die(GENERAL_MESSAGE, $lang['No_such_user']);
-			}
+			$result = $db->sql_query($sql);
 
 			$sql_priority = ( SQL_LAYER == 'mysql' ) ? 'LOW_PRIORITY' : '';
 
@@ -1065,10 +1000,7 @@ else if ( $submit || $refresh || $mode != '' )
 								OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . "  )
 							AND privmsgs_date = " . $inbox_info['oldest_post_time'] . "
 							AND privmsgs_to_userid = " . $to_userdata['user_id'];
-					if ( !$db->sql_query($sql) )
-					{
-						message_die(GENERAL_ERROR, 'Could not delete oldest privmsgs', '', __LINE__, __FILE__, $sql);
-					}
+					$db->sql_query($sql);
 				}
 			}
 
@@ -1082,10 +1014,7 @@ else if ( $submit || $refresh || $mode != '' )
 				WHERE privmsgs_id = $privmsg_id";
 		}
 
-		if ( !($result = $db->sql_query($sql_info, BEGIN_TRANSACTION)) )
-		{
-			message_die(GENERAL_ERROR, "Could not insert/update private message sent info.", "", __LINE__, __FILE__, $sql_info);
-		}
+		$db->sql_query($sql_info);
 
 		if ( $mode != 'edit' )
 		{
@@ -1101,10 +1030,7 @@ else if ( $submit || $refresh || $mode != '' )
 				WHERE privmsgs_text_id = $privmsg_id";
 		}
 
-		if ( !$db->sql_query($sql, END_TRANSACTION) )
-		{
-			message_die(GENERAL_ERROR, "Could not insert/update private message sent text.", "", __LINE__, __FILE__, $sql_info);
-		}
+		$db->sql_query($sql);
 
 		if ( $mode != 'edit' )
 		{
@@ -1156,7 +1082,7 @@ else if ( $submit || $refresh || $mode != '' )
 
 		$msg = $lang['Message_sent'] . '<br /><br />' . sprintf($lang['Click_return_inbox'], '<a href="' . append_sid("privmsg.$phpEx?folder=inbox") . '">', '</a> ') . '<br /><br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
 
-		message_die(GENERAL_MESSAGE, $msg);
+		message_die(GMESSAGE, $msg);
 	}
 	else if ( $preview || $refresh || $error )
 	{
@@ -1166,9 +1092,9 @@ else if ( $submit || $refresh || $mode != '' )
 		// passed to the script, process it a little, do some checks
 		// where neccessary, etc.
 		//
-		$to_username = ( isset($HTTP_POST_VARS['username']) ) ? trim(strip_tags(stripslashes($HTTP_POST_VARS['username']))) : '';
-		$privmsg_subject = ( isset($HTTP_POST_VARS['subject']) ) ? trim(strip_tags(stripslashes($HTTP_POST_VARS['subject']))) : '';
-		$privmsg_message = ( isset($HTTP_POST_VARS['message']) ) ? trim($HTTP_POST_VARS['message']) : '';
+		$to_username = ( isset($_POST['username']) ) ? trim(strip_tags(stripslashes($_POST['username']))) : '';
+		$privmsg_subject = ( isset($_POST['subject']) ) ? trim(strip_tags(stripslashes($_POST['subject']))) : '';
+		$privmsg_message = ( isset($_POST['message']) ) ? trim($_POST['message']) : '';
 		$privmsg_message = preg_replace('#<textarea>#si', '&lt;textarea&gt;', $privmsg_message);
 		if ( !$preview )
 		{
@@ -1200,16 +1126,13 @@ else if ( $submit || $refresh || $mode != '' )
 				FROM " . PRIVMSGS_TABLE . " pm, " . USERS_TABLE . " u
 				WHERE pm.privmsgs_id = $privmsg_id
 					AND u.user_id = pm.privmsgs_from_userid";
-			if ( !($result = $db->sql_query($sql)) )
-			{
-				message_die(GENERAL_ERROR, "Could not obtain post and post text", "", __LINE__, __FILE__, $sql);
-			}
+			$result = $db->sql_query($sql);
 
 			if ( $postrow = $db->sql_fetchrow($result) )
 			{
 				if ( $userdata['user_id'] != $postrow['user_id'] )
 				{
-					message_die(GENERAL_MESSAGE, $lang['Sorry_edit_own_posts']);
+					message_die(MESSAGE, $lang['Sorry_edit_own_posts']);
 				}
 
 				$user_sig = ( $postrow['user_sig'] != '' && $board_config['allow_sig'] ) ? $postrow['user_sig'] : '';
@@ -1223,9 +1146,9 @@ else if ( $submit || $refresh || $mode != '' )
 			message_die(GENERAL_ERROR, $lang['No_post_id']);
 		}
 
-		if ( !empty($HTTP_GET_VARS[POST_USERS_URL]) )
+		if ( !empty($_GET['u']) )
 		{
-			$user_id = intval($HTTP_GET_VARS[POST_USERS_URL]);
+			$user_id = intval($_GET['u']);
 
 			$sql = "SELECT username
 				FROM " . USERS_TABLE . "
@@ -1253,10 +1176,7 @@ else if ( $submit || $refresh || $mode != '' )
 					AND ( pm.privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
 						OR pm.privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )
 					AND u.user_id = pm.privmsgs_to_userid";
-			if ( !($result = $db->sql_query($sql)) )
-			{
-				message_die(GENERAL_ERROR, 'Could not obtain private message for editing', '', __LINE__, __FILE__, $sql);
-			}
+			$result = $db->sql_query($sql);
 
 			if ( !($privmsg = $db->sql_fetchrow($result)) )
 			{
@@ -1292,10 +1212,7 @@ else if ( $submit || $refresh || $mode != '' )
 					AND pmt.privmsgs_text_id = pm.privmsgs_id
 					AND pm.privmsgs_to_userid = " . $userdata['user_id'] . "
 					AND u.user_id = pm.privmsgs_from_userid";
-			if ( !($result = $db->sql_query($sql)) )
-			{
-				message_die(GENERAL_ERROR, 'Could not obtain private message for editing', '', __LINE__, __FILE__, $sql);
-			}
+			$result = $db->sql_query($sql);
 
 			if ( !($privmsg = $db->sql_fetchrow($result)) )
 			{
@@ -1317,7 +1234,7 @@ else if ( $submit || $refresh || $mode != '' )
 				$privmsg_message = str_replace('<br />', "\n", $privmsg_message);
 				$privmsg_message = preg_replace('#</textarea>#si', '&lt;/textarea&gt;', $privmsg_message);
 
-				$msg_date =  create_date($board_config['default_dateformat'], $privmsg['privmsgs_date'], $board_config['board_timezone']);
+				$msg_date =  $user->format_date($privmsg['privmsgs_date']);
 
 				$privmsg_message = '[quote="' . $to_username . '"]' . $privmsg_message . '[/quote]';
 
@@ -1332,7 +1249,7 @@ else if ( $submit || $refresh || $mode != '' )
 	if ( !$userdata['user_allow_pm'] && $mode != 'edit' )
 	{
 		$message = $lang['Cannot_send_privmsg'];
-		message_die(GENERAL_MESSAGE, $message);
+		message_die(MESSAGE, $message);
 	}
 
 	//
@@ -1397,14 +1314,14 @@ else if ( $submit || $refresh || $mode != '' )
 		}
 
 		$preview_message = make_clickable($preview_message);
-		$preview_message = str_replace("\n", '<br />', $preview_message);
+		$preview_message = nl2br($preview_message);
 
 		$s_hidden_fields = '<input type="hidden" name="folder" value="' . $folder . '" />';
 		$s_hidden_fields .= '<input type="hidden" name="mode" value="' . $mode . '" />';
 
 		if ( isset($privmsg_id) )
 		{
-			$s_hidden_fields .= '<input type="hidden" name="' . POST_POST_URL . '" value="' . $privmsg_id . '" />';
+			$s_hidden_fields .= '<input type="hidden" name="p" value="' . $privmsg_id . '" />';
 		}
 
 		$template->set_filenames(array(
@@ -1416,7 +1333,7 @@ else if ( $submit || $refresh || $mode != '' )
 			'POST_SUBJECT' => $preview_subject,
 			'MESSAGE_TO' => $to_username,
 			'MESSAGE_FROM' => $userdata['username'],
-			'POST_DATE' => create_date($board_config['default_dateformat'], time(), $board_config['board_timezone']),
+			'POST_DATE' => $user->date_format(time()),
 			'MESSAGE' => $preview_message,
 
 			'S_HIDDEN_FIELDS' => $s_hidden_fields,
@@ -1581,23 +1498,6 @@ else if ( $submit || $refresh || $mode != '' )
 		'L_BBCODE_F_HELP' => $lang['bbcode_f_help'],
 		'L_EMPTY_MESSAGE' => $lang['Empty_message'],
 
-		'L_FONT_COLOR' => $lang['Font_color'],
-		'L_COLOR_DEFAULT' => $lang['color_default'],
-		'L_COLOR_DARK_RED' => $lang['color_dark_red'],
-		'L_COLOR_RED' => $lang['color_red'],
-		'L_COLOR_ORANGE' => $lang['color_orange'],
-		'L_COLOR_BROWN' => $lang['color_brown'],
-		'L_COLOR_YELLOW' => $lang['color_yellow'],
-		'L_COLOR_GREEN' => $lang['color_green'],
-		'L_COLOR_OLIVE' => $lang['color_olive'],
-		'L_COLOR_CYAN' => $lang['color_cyan'],
-		'L_COLOR_BLUE' => $lang['color_blue'],
-		'L_COLOR_DARK_BLUE' => $lang['color_dark_blue'],
-		'L_COLOR_INDIGO' => $lang['color_indigo'],
-		'L_COLOR_VIOLET' => $lang['color_violet'],
-		'L_COLOR_WHITE' => $lang['color_white'],
-		'L_COLOR_BLACK' => $lang['color_black'],
-
 		'L_FONT_SIZE' => $lang['Font_size'],
 		'L_FONT_TINY' => $lang['font_tiny'],
 		'L_FONT_SMALL' => $lang['font_small'],
@@ -1620,7 +1520,7 @@ else if ( $submit || $refresh || $mode != '' )
 		'U_VIEW_FORUM' => append_sid("privmsg.$phpEx"))
 	);
 
-	$template->pparse('body');
+	$template->display('body');
 
 	include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
 }
@@ -1628,47 +1528,33 @@ else if ( $submit || $refresh || $mode != '' )
 //
 // Default page
 //
-if ( !$userdata['session_logged_in'] )
+if ( !$userdata['user_id'] )
 {
 	$header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: ';
 	header($header_location . append_sid("login.$phpEx?redirect=privmsg.$phpEx&folder=inbox", true));
 }
 
-//
 // Update unread status
-//
 $sql = "UPDATE " . USERS_TABLE . "
 	SET user_unread_privmsg = user_unread_privmsg + user_new_privmsg, user_new_privmsg = 0, user_last_privmsg = " . $userdata['session_start'] . "
 	WHERE user_id = " . $userdata['user_id'];
-if ( !$db->sql_query($sql) )
-{
-	message_die(GENERAL_ERROR, 'Could not update private message new/read status for user', '', __LINE__, __FILE__, $sql);
-}
+$db->sql_query($sql);
 
 $sql = "UPDATE " . PRIVMSGS_TABLE . "
 	SET privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . "
 	WHERE privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
 		AND privmsgs_to_userid = " . $userdata['user_id'];
-if ( !$db->sql_query($sql) )
-{
-	message_die(GENERAL_ERROR, 'Could not update private message new/read status (2) for user', '', __LINE__, __FILE__, $sql);
-}
+$db->sql_query($sql);
 
-//
 // Reset PM counters
-//
 $userdata['user_new_privmsg'] = 0;
 $userdata['user_unread_privmsg'] = ( $userdata['user_new_privmsg'] + $userdata['user_unread_privmsg'] );
 
-//
 // Generate page
-//
 $page_title = $lang['Private_Messaging'];
 include($phpbb_root_path . 'includes/page_header.'.$phpEx);
 
-//
 // Load templates
-//
 $template->set_filenames(array(
 	'body' => 'privmsgs_body.tpl')
 );
@@ -1736,22 +1622,22 @@ switch( $folder )
 		break;
 
 	default:
-		message_die(GENERAL_MESSAGE, $lang['No_such_folder']);
+		message_die(MESSAGE, $lang['No_such_folder']);
 		break;
 }
 
 //
 // Show messages over previous x days/months
 //
-if ( $submit_msgdays && ( !empty($HTTP_POST_VARS['msgdays']) || !empty($HTTP_GET_VARS['msgdays']) ) )
+if ( $submit_msgdays && ( !empty($_POST['msgdays']) || !empty($_GET['msgdays']) ) )
 {
-	$msg_days = ( !empty($HTTP_POST_VARS['msgdays']) ) ? intval($HTTP_POST_VARS['msgdays']) : intval($HTTP_GET_VARS['msgdays']);
+	$msg_days = ( !empty($_POST['msgdays']) ) ? intval($_POST['msgdays']) : intval($_GET['msgdays']);
 	$min_msg_time = time() - ($msg_days * 86400);
 
 	$limit_msg_time_total = " AND privmsgs_date > $min_msg_time";
 	$limit_msg_time = " AND pm.privmsgs_date > $min_msg_time ";
 
-	if ( !empty($HTTP_POST_VARS['msgdays']) )
+	if ( !empty($_POST['msgdays']) )
 	{
 		$start = 0;
 	}
@@ -1769,18 +1655,10 @@ $sql_tot .= $limit_msg_time_total;
 //
 // Get messages
 //
-if ( !($result = $db->sql_query($sql_tot)) )
-{
-	message_die(GENERAL_ERROR, 'Could not query private message information', '', __LINE__, __FILE__, $sql_tot);
-}
-
+$result = $db->sql_query($sql_tot);
 $pm_total = ( $row = $db->sql_fetchrow($result) ) ? $row['total'] : 0;
 
-if ( !($result = $db->sql_query($sql_all_tot)) )
-{
-	message_die(GENERAL_ERROR, 'Could not query private message information', '', __LINE__, __FILE__, $sql_tot);
-}
-
+$result = $db->sql_query($sql_all_tot);
 $pm_all_total = ( $row = $db->sql_fetchrow($result) ) ? $row['total'] : 0;
 
 //
@@ -1802,8 +1680,8 @@ for($i = 0; $i < count($previous_days); $i++)
 if ( $folder == 'inbox' )
 {
 	$post_pm_img = '<a href="' . append_sid("privmsg.$phpEx?mode=post") . '"><img src="' . $images['pm_postmsg'] . '" alt="' . $lang['Post_new_pm'] . '" border="0"></a>';
-	$reply_pm_img = '<a href="' . append_sid("privmsg.$phpEx?mode=reply&amp;" . POST_POST_URL . "=$privmsg_id") . '"><img src="' . $images['pm_replymsg'] . '" alt="' . $lang['Post_reply_pm'] . '" border="0"></a>';
-	$quote_pm_img = '<a href="' . append_sid("privmsg.$phpEx?mode=quote&amp;" . POST_POST_URL . "=$privmsg_id") . '"><img src="' . $images['pm_quotemsg'] . '" alt="' . $lang['Post_quote_pm'] . '" border="0"></a>';
+	$reply_pm_img = '<a href="' . append_sid("privmsg.$phpEx?mode=reply&amp;p=$privmsg_id") . '"><img src="' . $images['pm_replymsg'] . '" alt="' . $lang['Post_reply_pm'] . '" border="0"></a>';
+	$quote_pm_img = '<a href="' . append_sid("privmsg.$phpEx?mode=quote&amp;p=$privmsg_id") . '"><img src="' . $images['pm_quotemsg'] . '" alt="' . $lang['Post_quote_pm'] . '" border="0"></a>';
 	$edit_pm_img = '';
 
 	$l_box_name = $lang['Inbox'];
@@ -1813,15 +1691,15 @@ else if ( $folder == 'outbox' )
 	$post_pm_img = '<a href="' . append_sid("privmsg.$phpEx?mode=post") . '"><img src="' . $images['pm_postmsg'] . '" alt="' . $lang['Post_new_pm'] . '" border="0"></a>';
 	$reply_pm_img = '';
 	$quote_pm_img = '';
-	$edit_pm_img = '<a href="' . append_sid("privmsg.$phpEx?mode=edit&amp;" . POST_POST_URL . "=$privmsg_id") . '"><img src="' . $images['pm_editmsg'] . '" alt="' . $lang['Edit_pm'] . '" border="0"></a>';
+	$edit_pm_img = '<a href="' . append_sid("privmsg.$phpEx?mode=edit&amp;p=$privmsg_id") . '"><img src="' . $images['pm_editmsg'] . '" alt="' . $lang['Edit_pm'] . '" border="0"></a>';
 
 	$l_box_name = $lang['Outbox'];
 }
 else if ( $folder == 'savebox' )
 {
 	$post_pm_img = '<a href="' . append_sid("privmsg.$phpEx?mode=post") . '"><img src="' . $images['pm_postmsg'] . '" alt="' . $lang['Post_new_pm'] . '" border="0"></a>';
-	$reply_pm_img = '<a href="' . append_sid("privmsg.$phpEx?mode=reply&amp;" . POST_POST_URL . "=$privmsg_id") . '"><img src="' . $images['pm_replymsg'] . '" alt="' . $lang['Post_reply_pm'] . '" border="0"></a>';
-	$quote_pm_img = '<a href="' . append_sid("privmsg.$phpEx?mode=quote&amp;" . POST_POST_URL . "=$privmsg_id") . '"><img src="' . $images['pm_quotemsg'] . '" alt="' . $lang['Post_quote_pm'] . '" border="0"></a>';
+	$reply_pm_img = '<a href="' . append_sid("privmsg.$phpEx?mode=reply&amp;p=$privmsg_id") . '"><img src="' . $images['pm_replymsg'] . '" alt="' . $lang['Post_reply_pm'] . '" border="0"></a>';
+	$quote_pm_img = '<a href="' . append_sid("privmsg.$phpEx?mode=quote&amp;p=$privmsg_id") . '"><img src="' . $images['pm_quotemsg'] . '" alt="' . $lang['Post_quote_pm'] . '" border="0"></a>';
 	$edit_pm_img = '';
 
 	$l_box_name = $lang['Savedbox'];
@@ -1830,7 +1708,7 @@ else if ( $folder == 'sentbox' )
 {
 	$post_pm_img = '<a href="' . append_sid("privmsg.$phpEx?mode=post") . '"><img src="' . $images['pm_postmsg'] . '" alt="' . $lang['Post_new_pm'] . '" border="0"></a>';
 	$reply_pm_img = '';
-	$quote_pm_img = '<a href="' . append_sid("privmsg.$phpEx?mode=quote&amp;" . POST_POST_URL . "=$privmsg_id") . '"><img src="' . $images['pm_quotemsg'] . '" alt="' . $lang['Post_quote_pm'] . '" border="0"></a>';
+	$quote_pm_img = '<a href="' . append_sid("privmsg.$phpEx?mode=quote&amp;p=$privmsg_id") . '"><img src="' . $images['pm_quotemsg'] . '" alt="' . $lang['Post_quote_pm'] . '" border="0"></a>';
 	$edit_pm_img = '';
 
 	$l_box_name = $lang['Sentbox'];
@@ -1930,13 +1808,8 @@ $template->assign_vars(array(
 	'U_POST_NEW_TOPIC' => $post_new_topic_url)
 );
 
-//
 // Okay, let's build the correct folder
-//
-if ( !($result = $db->sql_query($sql)) )
-{
-	message_die(GENERAL_ERROR, 'Could not query private messages', '', __LINE__, __FILE__, $sql);
-}
+$result = $db->sql_query($sql);
 
 if ( $row = $db->sql_fetchrow($result) )
 {
@@ -1952,7 +1825,7 @@ if ( $row = $db->sql_fetchrow($result) )
 		$msg_userid = $row['user_id'];
 		$msg_username = $row['username'];
 
-		$u_from_user_profile = append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=$msg_userid");
+		$u_from_user_profile = append_sid("profile.$phpEx?mode=viewprofile&amp;u=$msg_userid");
 
 		$msg_subject = $row['privmsgs_subject'];
 
@@ -1961,9 +1834,9 @@ if ( $row = $db->sql_fetchrow($result) )
 			$msg_subject = preg_replace($orig_word, $replacement_word, $msg_subject);
 		}
 
-		$u_subject = append_sid("privmsg.$phpEx?folder=$folder&amp;mode=read&amp;" . POST_POST_URL . "=$privmsg_id");
+		$u_subject = append_sid("privmsg.$phpEx?folder=$folder&amp;mode=read&amp;p=$privmsg_id");
 
-		$msg_date = create_date($board_config['default_dateformat'], $row['privmsgs_date'], $board_config['board_timezone']);
+		$msg_date = $user_format_date($row['privmsgs_date']);
 
 		if ( $flag == PRIVMSGS_NEW_MAIL && $folder == 'inbox' )
 		{

phpBB/profile.php

@@ -25,23 +25,13 @@ $phpbb_root_path = './';
 include($phpbb_root_path . 'extension.inc');
 include($phpbb_root_path . 'common.'.$phpEx);
 
-//
 // Start session management
-//
 $userdata = $session->start();
 $auth->acl($userdata);
-//
+$user = new user($userdata);
 // End session management
-//
 
-//
-// Configure style, language, etc.
-//
-$session->configure($userdata);
-
-//
 // Set default email variables
-//
 $script_name = preg_replace('/^\/?(.*?)\/?$/', '\1', trim($board_config['script_path']));
 $script_name = ( $script_name != '' ) ? $script_name . '/profile.'.$phpEx : 'profile.'.$phpEx;
 $server_name = trim($board_config['server_name']);
@@ -75,9 +65,9 @@ function gen_rand_string($hash)
 //
 // Start of program proper
 //
-if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
+if ( isset($_GET['mode']) || isset($_POST['mode']) )
 {
-	$mode = ( isset($HTTP_GET_VARS['mode']) ) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
+	$mode = ( isset($_GET['mode']) ) ? $_GET['mode'] : $_POST['mode'];
 
 	if ( $mode == 'viewprofile' )
 	{
@@ -86,13 +76,13 @@ if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
 	}
 	else if ( $mode == 'editprofile' || $mode == 'register' )
 	{
-		if ( $userdata['user_id'] == ANONYMOUS && $mode == 'editprofile' )
+		if ( !$userdata['user_id'] && $mode == 'editprofile' )
 		{
 			$header_location = ( @preg_match("/Microsoft|WebSTAR|Xitami/", getenv("SERVER_SOFTWARE")) ) ? "Refresh: 0; URL=" : "Location: ";
 			header($header_location . "login.$phpEx$SID&redirect=profile.$phpEx&mode=editprofile");
 			exit;
 		}
-		else if ( $userdata['user_id'] != ANONYMOUS && $mode == 'register' )
+		else if ( $userdata['user_id'] && $mode == 'register' )
 		{
 			$header_location = ( @preg_match("/Microsoft|WebSTAR|Xitami/", getenv("SERVER_SOFTWARE")) ) ? "Refresh: 0; URL=" : "Location: ";
 			header($header_location . "index.$phpEx$SID");

phpBB/search.php

@@ -26,95 +26,88 @@ include($phpbb_root_path . 'common.'.$phpEx);
 include($phpbb_root_path . 'includes/bbcode.'.$phpEx);
 include($phpbb_root_path . 'includes/functions_posting.'.$phpEx);
 
-//
 // Start session management
-//
 $userdata = $session->start();
 $auth->acl($userdata);
-//
+$user = new user($userdata);
 // End session management
-//
 
-$session->configure($userdata);
-
-//
 // Define initial vars
-//
-if ( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) )
+if ( isset($_POST['mode']) || isset($_GET['mode']) )
 {
-	$mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
+	$mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode'];
 }
 else
 {
 	$mode = '';
 }
 
-if ( isset($HTTP_POST_VARS['search_keywords']) || isset($HTTP_GET_VARS['search_keywords']) )
+if ( isset($_POST['search_keywords']) || isset($_GET['search_keywords']) )
 {
-	$search_keywords = ( isset($HTTP_POST_VARS['search_keywords']) ) ? $HTTP_POST_VARS['search_keywords'] : $HTTP_GET_VARS['search_keywords'];
+	$search_keywords = ( isset($_POST['search_keywords']) ) ? $_POST['search_keywords'] : $_GET['search_keywords'];
 }
 else
 {
 	$search_keywords = '';
 }
 
-if ( isset($HTTP_POST_VARS['search_author']) || isset($HTTP_GET_VARS['search_author']))
+if ( isset($_POST['search_author']) || isset($_GET['search_author']))
 {
-	$search_author = ( isset($HTTP_POST_VARS['search_author']) ) ? $HTTP_POST_VARS['search_author'] : $HTTP_GET_VARS['search_author'];
+	$search_author = ( isset($_POST['search_author']) ) ? $_POST['search_author'] : $_GET['search_author'];
 }
 else
 {
 	$search_author = '';
 }
 
-$search_id = ( isset($HTTP_GET_VARS['search_id']) ) ? $HTTP_GET_VARS['search_id'] : '';
+$search_id = ( isset($_GET['search_id']) ) ? $_GET['search_id'] : '';
 
-$show_results = ( isset($HTTP_POST_VARS['show_results']) ) ? $HTTP_POST_VARS['show_results'] : 'posts';
+$show_results = ( isset($_POST['show_results']) ) ? $_POST['show_results'] : 'posts';
 
-if ( isset($HTTP_POST_VARS['search_terms']) )
+if ( isset($_POST['search_terms']) )
 {
-	$search_terms = ( $HTTP_POST_VARS['search_terms'] == 'all' ) ? 1 : 0;
+	$search_terms = ( $_POST['search_terms'] == 'all' ) ? 1 : 0;
 }
 else
 {
 	$search_terms = 0;
 }
 
-if ( isset($HTTP_POST_VARS['search_fields']) )
+if ( isset($_POST['search_fields']) )
 {
-	$search_fields = ( $HTTP_POST_VARS['search_fields'] == 'all' ) ? 1 : 0;
+	$search_fields = ( $_POST['search_fields'] == 'all' ) ? 1 : 0;
 }
 else
 {
 	$search_fields = 0;
 }
 
-$return_chars = ( isset($HTTP_POST_VARS['return_chars']) ) ? intval($HTTP_POST_VARS['return_chars']) : 200;
+$return_chars = ( isset($_POST['return_chars']) ) ? intval($_POST['return_chars']) : 200;
 
-$search_cat = ( isset($HTTP_POST_VARS['search_cat']) ) ? intval($HTTP_POST_VARS['search_cat']) : -1;
-$search_forum = ( isset($HTTP_POST_VARS['search_forum']) ) ? intval($HTTP_POST_VARS['search_forum']) : -1;
+$search_cat = ( isset($_POST['search_cat']) ) ? intval($_POST['search_cat']) : -1;
+$search_forum = ( isset($_POST['search_forum']) ) ? intval($_POST['search_forum']) : -1;
 
-$sort_by = ( isset($HTTP_POST_VARS['sort_by']) ) ? intval($HTTP_POST_VARS['sort_by']) : 0;
+$sort_by = ( isset($_POST['sort_by']) ) ? intval($_POST['sort_by']) : 0;
 
-if ( isset($HTTP_POST_VARS['sort_dir']) )
+if ( isset($_POST['sort_dir']) )
 {
-	$sort_dir = ( $HTTP_POST_VARS['sort_dir'] == 'DESC' ) ? 'DESC' : 'ASC';
+	$sort_dir = ( $_POST['sort_dir'] == 'DESC' ) ? 'DESC' : 'ASC';
 }
 else
 {
 	$sort_dir =  'DESC';
 }
 
-if ( !empty($HTTP_POST_VARS['search_time']) || !empty($HTTP_GET_VARS['search_time']))
+if ( !empty($_POST['search_time']) || !empty($_GET['search_time']))
 {
-	$search_time = time() - ( ( ( !empty($HTTP_POST_VARS['search_time']) ) ? intval($HTTP_POST_VARS['search_time']) : intval($HTTP_GET_VARS['search_time']) ) * 86400 );
+	$search_time = time() - ( ( ( !empty($_POST['search_time']) ) ? intval($_POST['search_time']) : intval($_GET['search_time']) ) * 86400 );
 }
 else
 {
 	$search_time = 0;
 }
 
-$start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0;
+$start = ( isset($_GET['start']) ) ? intval($_GET['start']) : 0;
 
 $sort_by_types = array($lang['Sort_Time'], $lang['Sort_Post_Subject'], $lang['Sort_Topic_Title'], $lang['Sort_Author'], $lang['Sort_Forum']);
 
@@ -324,7 +317,7 @@ if ( $search_keywords != '' || $search_author != '' || $search_id )
 		$auth_sql = '';
 		if ( $search_forum != -1 )
 		{
-			if ( !$auth->get_acl($search_forum, 'forum', 'read') )
+			if ( !$auth->acl_get($search_forum, 'forum', 'read') )
 			{
 				message_die(MESSAGE, $lang['No_searchable_forums']);
 			}
@@ -338,7 +331,7 @@ if ( $search_keywords != '' || $search_author != '' || $search_id )
 				$auth_sql = "f.cat_id = $search_cat";
 			}
 /*
-			$auth_ary = $auth->get_acl();
+			$auth_ary = $auth->acl_get();
 			@reset($auth_ary);
 
 			$allowed_forum_sql = '';
@@ -1164,7 +1157,7 @@ $result = $db->sql_query($sql);
 $s_forums = '';
 while( $row = $db->sql_fetchrow($result) )
 {
-	if ( $auth->get_acl($row['forum_id'], 'forum', 'read') )
+	if ( $auth->acl_get($row['forum_id'], 'forum', 'read') )
 	{
 		$s_forums .= '<option value="' . $row['forum_id'] . '">' . $row['forum_name'] . '</option>';
 		if ( empty($list_cat[$row['cat_id']]) )

phpBB/templates/subSilver/jumpbox.html

@@ -1,6 +1,6 @@
 
-<form method="get" name="jumpbox" action="{S_JUMPBOX_ACTION}" onSubmit="if(document.jumpbox.f.value == -1){return false;}"><table cellspacing="0" cellpadding="0" border="0">
-	<tr> 
+<form method="post" name="jumpbox" action="{S_JUMPBOX_ACTION}" onSubmit="if(document.jumpbox.f.value == -1){return false;}"><table cellspacing="0" cellpadding="0" border="0">
+	<tr>
 		<td nowrap="nowrap"><span class="gensmall">{L_JUMP_TO}:&nbsp;{S_JUMPBOX_SELECT}&nbsp;<input type="submit" value="{L_GO}" class="liteoption" /></span></td>
 	</tr>
 </table></form>

phpBB/templates/subSilver/overall_footer.html

@@ -3,10 +3,10 @@
 <!--
 	We request you retain the full copyright notice below including the link to www.phpbb.com.
 	This not only gives respect to the large amount of time given freely by the developers
-	but also helps build interest, traffic and use of phpBB 2.0. If you cannot (for good
-	reason) retain the full copyright we request you at least leave in place the 
-	Powered by phpBB {PHPBB_VERSION} line, with phpBB linked to www.phpbb.com. If you refuse
-	to include even this then support on our forums may be affected. 
+	but also helps build interest, traffic and use of phpBB2. If you (honestly) cannot retain
+	the full copyright we ask you at least leave in place the "Powered by phpBB {PHPBB_VERSION}"
+	line, with phpBB linked to www.phpbb.com. If you refuse to include even this then support on
+	our forums may be affected.
 
 	The phpBB Group : 2002
 // -->

phpBB/templates/subSilver/overall_header.html

@@ -31,21 +31,22 @@
 	<tr> 
 		<td class="bodyline"><table width="100%" cellspacing="0" cellpadding="0" border="0">
 			<tr> 
-				<td><a href="{U_INDEX}"><img src="templates/subSilver/images/logo_phpBB.gif" border="0" alt="{L_INDEX}" vspace="1" /></a></td>
-				<td align="center" width="100%" valign="middle"><span class="maintitle">{SITENAME}</span><br /><span class="gen">{SITE_DESCRIPTION}<br />&nbsp; </span> 
-				<table cellspacing="0" cellpadding="2" border="0">
-					<tr> 
-						<td align="center" valign="top" nowrap="nowrap"><span class="mainmenu">&nbsp;<a href="{U_FAQ}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_faq.gif" width="12" height="13" border="0" alt="{L_FAQ}" hspace="3" />{L_FAQ}</a></span><span class="mainmenu">&nbsp; &nbsp;<a href="{U_SEARCH}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_search.gif" width="12" height="13" border="0" alt="{L_SEARCH}" hspace="3" />{L_SEARCH}</a>&nbsp; &nbsp;<a href="{U_MEMBERLIST}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_members.gif" width="12" height="13" border="0" alt="{L_MEMBERLIST}" hspace="3" />{L_MEMBERLIST}</a>&nbsp; &nbsp;<a href="{U_GROUP_CP}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_groups.gif" width="12" height="13" border="0" alt="{L_USERGROUPS}" hspace="3" />{L_USERGROUPS}</a>&nbsp; 
-						<!-- IF not S_USER_LOGGED_IN -->
-						&nbsp;<a href="{U_REGISTER}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_register.gif" width="12" height="13" border="0" alt="{L_REGISTER}" hspace="3" />{L_REGISTER}</a></span>&nbsp;
-						<!-- ENDIF -->
-						</td>
-					</tr>
-					<tr>
-						<td height="25" align="center" valign="top" nowrap="nowrap"><span class="mainmenu">&nbsp;<a href="{U_PROFILE}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_profile.gif" width="12" height="13" border="0" alt="{L_PROFILE}" hspace="3" />{L_PROFILE}</a>&nbsp; &nbsp;<a href="{U_PRIVATEMSGS}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_message.gif" width="12" height="13" border="0" alt="{PRIVATE_MESSAGE_INFO}" hspace="3" />{PRIVATE_MESSAGE_INFO}</a>&nbsp; &nbsp;<a href="{U_LOGIN_LOGOUT}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_login.gif" width="12" height="13" border="0" alt="{L_LOGIN_LOGOUT}" hspace="3" />{L_LOGIN_LOGOUT}</a>&nbsp;</span></td>
-					</tr>
-				</table></td>
-			</tr>
-		</table>
+				<td>
 
-		<br />
+<table width="100%" cellspacing="0" cellpadding="0" border="0">
+	<tr>
+		<td background="templates/subSilver/images/phpbb_logo_bg.jpg"><table width="100%" cellspacing="0" cellpadding="0" border="0">
+			<tr>
+				<td><a href="{U_INDEX}"><img src="templates/subSilver/images/phpbb_logo.jpg" height="100" width="205" border="0" /></a></td>
+				<td align="center"><span class="maintitle" style="color:white">{SITENAME}</span><br /><span class="gen" style="color:white">{SITE_DESCRIPTION}<br />&nbsp; </span></td>
+			</tr>
+			<tr>
+				<td height="25" valign="middle" nowrap="nowrap">&nbsp;<span class="mainmenu"><a href="{U_LOGIN_LOGOUT}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_login.gif" width="12" height="13" border="0" alt="{L_LOGIN_LOGOUT}" hspace="3" />{L_LOGIN_LOGOUT}</a>&nbsp;<!-- IF S_USER_LOGGED_IN --> &nbsp;<a href="{U_PRIVATEMSGS}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_message.gif" width="12" height="13" border="0" alt="{PRIVATE_MESSAGE_INFO}" hspace="3" />{PRIVATE_MESSAGE_INFO}</a><!-- ELSE --> &nbsp;<a href="{U_REGISTER}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_register.gif" width="12" height="13" border="0" alt="{L_REGISTER}" hspace="3" />{L_REGISTER}</a><!-- ENDIF --></span></td>
+
+				<td height="25" align="right" valign="middle" nowrap="nowrap"><span class="mainmenu">&nbsp;<a href="{U_FAQ}" class="mainmenuw"><img src="templates/subSilver/images/icon_mini_faq.gif" width="12" height="13" border="0" alt="{L_FAQ}" hspace="3" />{L_FAQ}</a>&nbsp; &nbsp;<a href="{U_SEARCH}" class="mainmenuw"><img src="templates/subSilver/images/icon_mini_search.gif" width="12" height="13" border="0" alt="{L_SEARCH}" hspace="3" />{L_SEARCH}</a>&nbsp; &nbsp;<a href="{U_MEMBERLIST}" class="mainmenuw"><img src="templates/subSilver/images/icon_mini_members.gif" width="12" height="13" border="0" alt="{L_MEMBERLIST}" hspace="3" />{L_MEMBERLIST}</a>&nbsp; &nbsp;<a href="{U_GROUP_CP}" class="mainmenuw"><img src="templates/subSilver/images/icon_mini_groups.gif" width="12" height="13" border="0" alt="{L_USERGROUPS}" hspace="3" />{L_USERGROUPS}</a><!-- IF S_USER_LOGGED_IN -->&nbsp; &nbsp;<a href="{U_PROFILE}" class="mainmenuw"><img src="templates/subSilver/images/icon_mini_profile.gif" width="12" height="13" border="0" alt="{L_PROFILE}" hspace="3" />{L_PROFILE}</a><!-- ENDIF --></span>&nbsp;</td>
+			</tr>
+		</table></td>
+	</tr>
+</table>
+
+<br clear="all" />

phpBB/templates/subSilver/posting_topic_review.html

@@ -1,12 +1,13 @@
 
-<!-- BEGIN switch_inline_mode -->
+<!-- IF S_DISPLAY_INLINE -->
 <table border="0" cellpadding="3" cellspacing="1" width="100%" class="forumline">
-	<tr> 
+	<tr>
 		<td class="catHead" height="28" align="center"><b><span class="cattitle">{L_TOPIC_REVIEW}</span></b></td>
 	</tr>
 	<tr>
-		<td class="row1"><iframe width="100%" height="300" src="{U_REVIEW_TOPIC}" >
-<!-- END switch_inline_mode -->
+		<td class="row1"><iframe width="100%" height="300" src="{U_REVIEW_TOPIC}">
+<!-- ENDIF -->
+
 <table border="0" cellpadding="3" cellspacing="1" width="100%" class="forumline">
 	<tr>
 		<th class="thCornerL" width="22%" height="26">{L_AUTHOR}</th>
@@ -16,24 +17,25 @@
 	<tr>
 		<td width="22%" align="left" valign="top" class="{postrow.ROW_CLASS}"><span class="name"><a name="{postrow.U_POST_ID}"></a><b>{postrow.POSTER_NAME}</b></span></td>
 		<td class="{postrow.ROW_CLASS}" height="28" valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="0">
-			<tr> 
+			<tr>
 				<td width="100%"><img src="{postrow.MINI_POST_IMG}" width="12" height="9" alt="{postrow.L_MINI_POST_ALT}" title="{postrow.L_MINI_POST_ALT}" border="0" /><span class="postdetails">{L_POSTED}: {postrow.POST_DATE}<span class="gen">&nbsp;</span>&nbsp;&nbsp;&nbsp;{L_POST_SUBJECT}: {postrow.POST_SUBJECT}</span></td>
 			</tr>
-			<tr> 
+			<tr>
 				<td colspan="2"><hr /></td>
 			</tr>
-			<tr> 
+			<tr>
 				<td colspan="2"><span class="postbody">{postrow.MESSAGE}</span></td>
 			</tr>
 		</table></td>
 	</tr>
-	<tr> 
+	<tr>
 		<td colspan="2" height="1" class="spaceRow"><img src="templates/subSilver/images/spacer.gif" alt="" width="1" height="1" /></td>
 	</tr>
 	 <!-- END postrow -->
 </table>
-<!-- BEGIN switch_inline_mode -->
+
+<!-- IF S_DISPLAY_INLINE -->
 		</iframe></td>
 	</tr>
 </table>
-<!-- END switch_inline_mode -->
+<!-- ENDIF -->

phpBB/viewforum.php

@@ -27,65 +27,54 @@ include($phpbb_root_path . 'common.'.$phpEx);
 //
 // Start initial var setup
 //
-if ( isset($HTTP_GET_VARS['f']) || isset($HTTP_POST_VARS['f']) )
+if ( isset($_GET['f']) || isset($_POST['f']) )
 {
-	$forum_id = ( isset($HTTP_GET_VARS['f']) ) ? intval($HTTP_GET_VARS['f']) : intval($HTTP_POST_VARS['f']);
+	$forum_id = ( isset($_GET['f']) ) ? intval($_GET['f']) : intval($_POST['f']);
 }
 else
 {
 	$forum_id = '';
 }
 
-if ( isset($HTTP_GET_VARS['mark']) || isset($HTTP_POST_VARS['mark']) )
+if ( isset($_GET['mark']) || isset($_POST['mark']) )
 {
-	$mark_read = ( isset($HTTP_POST_VARS['mark']) ) ? $HTTP_POST_VARS['mark'] : $HTTP_GET_VARS['mark'];
+	$mark_read = ( isset($_POST['mark']) ) ? $_POST['mark'] : $_GET['mark'];
 }
 else
 {
 	$mark_read = '';
 }
 
-$start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0;
+$start = ( isset($_GET['start']) ) ? intval($_GET['start']) : 0;
 //
 // End initial var setup
 //
 
-//
 // Start session management
-//
 $userdata = $session->start();
-$auth->acl($userdata, $forum_id);
-//
 // End session management
-//
 
-//
 // Check if the user has actually sent a forum ID with his/her request
 // If not give them a nice error page.
-//
 if (empty($forum_id))
 {
 	message_die(MESSAGE, 'Forum_not_exist');
 }
 
-
 if (!$forum_branch = get_forum_branch($forum_id))
 {
 	message_die(MESSAGE, 'Forum_not_exist');
 }
 
-//
 // Configure style, language, etc.
+$user = new user($userdata, false, $forum_branch['forum_style']);
+$auth->acl($userdata, $forum_id, array('m_', 'f_read', 'f_post', 'f_attach', 'f_reply', 'f_edit', 'f_delete'));
 //
-$userdata['user_style'] = ( $forum_data['forum_style'] ) ? $forum_data['forum_style'] : $userdata['user_style'];
-$session->configure($userdata);
 
-//
 // Auth check
-//
-if (!$auth->get_acl($forum_id, 'forum', 'read'))
+if (!$auth->acl_get('f_read', $forum_id))
 {
-	if ( $userdata['user_id'] )
+	if ( !$userdata['user_id'] )
 	{
 		$redirect = "f=$forum_id" . ( ( isset($start) ) ? "&start=$start" : '' );
 		$header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: ';
@@ -93,15 +82,12 @@ if (!$auth->get_acl($forum_id, 'forum', 'read'))
 		exit;
 	}
 
-	//
 	// The user is not authed to read this forum ...
-	//
 	message_die(MESSAGE, $lang['Sorry_auth_read']);
 }
-//
 // End of auth check
-//
 
+// Build subforum if applicable
 $type = 'parent';
 $forum_rows = array();
 
@@ -155,7 +141,7 @@ foreach ($forum_branch as $row)
 		}
 		elseif ($row['forum_status'] != ITEM_CATEGORY)
 		{
-			if ($auth->get_acl($row['forum_id'], 'forum', 'list'))
+			if ($auth->acl_get('f_list', $row['forum_id']))
 			{
 				$subforums[$parent_id][] = $row;
 			}
@@ -166,8 +152,8 @@ foreach ($forum_branch as $row)
 //
 // Topic read tracking cookie info
 //
-$mark_topics = ( isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_t']) ) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_t'])) : array();
-$mark_forums = ( isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f']) ) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f'])) : array();
+$mark_topics = ( isset($_COOKIE[$board_config['cookie_name'] . '_t']) ) ? unserialize(stripslashes($_COOKIE[$board_config['cookie_name'] . '_t'])) : array();
+$mark_forums = ( isset($_COOKIE[$board_config['cookie_name'] . '_f']) ) ? unserialize(stripslashes($_COOKIE[$board_config['cookie_name'] . '_f'])) : array();
 
 //
 // Handle marking posts
@@ -195,7 +181,7 @@ if ( $mark_read == 'topics' )
 //
 // Do the forum Prune
 //
-if ( $auth->get_acl($forum_id, 'mod', 'prune') && $board_config['prune_enable'] )
+if ( $auth->acl_get('m_prune', $forum_id) && $board_config['prune_enable'] )
 {
 	if ( $forum_data['prune_next'] < time() && $forum_data['prune_enable'] )
 	{
@@ -231,11 +217,11 @@ $previous_days = array(0 => $lang['All_Topics'], 1 => $lang['1_Day'], 7 => $lang
 $sort_by_text = array('a' => $lang['Author'], 't' => $lang['Post_time'], 'r' => $lang['Replies'], 's' => $lang['Subject'], 'v' => $lang['Views']);
 $sort_by = array('a' => 'u.username', 't' => 't.topic_last_post_id', 'r' => 't.topic_replies', 's' => 't.topic_title', 'v' => 't.topic_views');
 
-if ( isset($HTTP_POST_VARS['sort']) )
+if ( isset($_POST['sort']) )
 {
-	if ( !empty($HTTP_POST_VARS['sort_days']) )
+	if ( !empty($_POST['sort_days']) )
 	{
-		$sort_days = ( !empty($HTTP_POST_VARS['sort_days']) ) ? intval($HTTP_POST_VARS['sort_days']) : intval($HTTP_GET_VARS['sort_days']);
+		$sort_days = ( !empty($_POST['sort_days']) ) ? intval($_POST['sort_days']) : intval($_GET['sort_days']);
 		$min_topic_time = time() - ( $sort_days * 86400 );
 
 		//
@@ -256,8 +242,8 @@ if ( isset($HTTP_POST_VARS['sort']) )
 		$topics_count = ( $forum_data['forum_topics'] ) ? $forum_data['forum_topics'] : 1;
 	}
 
-	$sort_key = ( isset($HTTP_POST_VARS['sort_key']) ) ? $HTTP_POST_VARS['sort_key'] : $HTTP_GET_VARS['sort_key'];
-	$sort_dir = ( isset($HTTP_POST_VARS['sort_dir']) ) ? $HTTP_POST_VARS['sort_dir'] : $HTTP_GET_VARS['sort_dir'];
+	$sort_key = ( isset($_POST['sort_key']) ) ? $_POST['sort_key'] : $_GET['sort_key'];
+	$sort_dir = ( isset($_POST['sort_dir']) ) ? $_POST['sort_dir'] : $_GET['sort_dir'];
 }
 else
 {
@@ -388,9 +374,7 @@ if ( $start )
 	$db->sql_freeresult($result);
 }
 
-//
-// topic icon join requires full table scan ... not good
-//
+// topic icon join requires full table scan ... not good ... order by is a killer too
 $sql = "SELECT t.*, i.icons_url, i.icons_width, i.icons_height, u.username, u.user_id, u2.username as user2, u2.user_id as id2
 	FROM " . TOPICS_TABLE . " t, " . ICONS_TABLE . " i, " . USERS_TABLE . " u, " . USERS_TABLE . " u2
 	WHERE t.forum_id = $forum_id
@@ -467,9 +451,9 @@ if ( $total_topics )
 			if ( $userdata['user_id'] && $topic_rowset[$i]['topic_last_post_time'] > $userdata['user_lastvisit'] )
 			{
 				$unread_topic = true;
-				if ( isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f_all']) )
+				if ( isset($_COOKIE[$board_config['cookie_name'] . '_f_all']) )
 				{
-					if ( $HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_f_all'] > $topic_rowset[$i]['topic_last_post_time'] )
+					if ( $_COOKIE[$board_config['cookie_name'] . '_f_all'] > $topic_rowset[$i]['topic_last_post_time'] )
 					{
 						$unread_topic = false;
 					}
@@ -539,15 +523,15 @@ if ( $total_topics )
 		$topic_author = ( $topic_rowset[$i]['user_id'] != ANONYMOUS ) ? '<a href="profile.' . $phpEx . $SID . '&amp;mode=viewprofile&amp;u=' . $topic_rowset[$i]['user_id'] . '">' : '';
 		$topic_author .= ( $topic_rowset[$i]['user_id'] != ANONYMOUS ) ? $topic_rowset[$i]['username'] : ( ( $topic_rowset[$i]['topic_first_poster_name'] != '' ) ? $topic_rowset[$i]['topic_first_poster_name'] : $lang['Guest'] );
 
-		$topic_author .= ( $topic_rowset[$i]['user_id'] != ANONYMOUS ) ? '</a>' : '';
+		$topic_author .= ( $topic_rowset[$i]['user_id'] ) ? '</a>' : '';
 
-		$first_post_time = create_date($board_config['default_dateformat'], $topic_rowset[$i]['topic_time'], $board_config['board_timezone']);
+		$first_post_time = $user->format_date($topic_rowset[$i]['topic_time'], $board_config['board_timezone']);
 
-		$last_post_time = create_date($board_config['default_dateformat'], $topic_rowset[$i]['topic_last_post_time'], $board_config['board_timezone']);
+		$last_post_time = $user->format_date($topic_rowset[$i]['topic_last_post_time']);
 
-		$last_post_author = ( $topic_rowset[$i]['id2'] == ANONYMOUS ) ? ( ( $topic_rowset[$i]['topic_last_poster_name'] != '' ) ? $topic_rowset[$i]['topic_last_poster_name'] . ' ' : $lang['Guest'] . ' ' ) : '<a href="profile.' . $phpEx . $SID . '&amp;mode=viewprofile&amp;u='  . $topic_rowset[$i]['topic_last_poster_id'] . '">' . $topic_rowset[$i]['user2'] . '</a>';
+		$last_post_author = ( !$topic_rowset[$i]['id2'] ) ? ( ( $topic_rowset[$i]['topic_last_poster_name'] != '' ) ? $topic_rowset[$i]['topic_last_poster_name'] . ' ' : $lang['Guest'] . ' ' ) : '<a href="profile.' . $phpEx . $SID . '&amp;mode=viewprofile&amp;u='  . $topic_rowset[$i]['topic_last_poster_id'] . '">' . $topic_rowset[$i]['user2'] . '</a>';
 
-		$last_post_url = '<a href="viewtopic.' . $phpEx . $SID . '&amp;p=' . $topic_rowset[$i]['topic_last_post_id'] . '#' . $topic_rowset[$i]['topic_last_post_id'] . '">' . create_img($theme['goto_post_latest'], $lang['View_latest_post']) . '</a>';
+		$last_post_url = '<a href="viewtopic.' . $phpEx . $SID . '&amp;f=' . $forum_id . '&amp;p=' . $topic_rowset[$i]['topic_last_post_id'] . '#' . $topic_rowset[$i]['topic_last_post_id'] . '">' . create_img($theme['goto_post_latest'], $lang['View_latest_post']) . '</a>';
 
 		//
 		// Send vars to template
@@ -597,7 +581,7 @@ include($phpbb_root_path . 'includes/page_header.'.$phpEx);
 $template->set_filenames(array(
 	'body' => 'viewforum_body.html'
 ));
-make_jumpbox('viewforum.'.$phpEx);
+make_jumpbox('viewforum.'.$phpEx . $SID);
 
 include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
 

phpBB/viewonline.php

@@ -65,7 +65,7 @@ while ( $row = $db->sql_fetchrow($result) )
 {
 	$view_online = false;
 
-	if ( $row['user_id'] != ANONYMOUS )
+	if ( $row['user_id'] )
 	{
 		$user_id = $row['user_id'];
 
@@ -80,7 +80,7 @@ while ( $row = $db->sql_fetchrow($result) )
 
 			if ( !$row['user_allow_viewonline'] )
 			{
-				$view_online = ( $auth->get_acl_admin() ) ? true : false;
+				$view_online = ( $auth->acl_get('a_') ) ? true : false;
 				$hidden_users++;
 
 				$username = '<i>' . $username . '</i>';
@@ -128,7 +128,7 @@ while ( $row = $db->sql_fetchrow($result) )
 				preg_match('/f=([0-9]+)/', $row['session_page'], $forum_id);
 				$forum_id = $forum_id[1];
 
-				if ( $auth->get_acl($forum_id, 'forum' , 'list') )
+				if ( $auth->acl_get('f_list', $forum_id) )
 				{
 					$location = '';
 					switch ( $on_page[1] )
@@ -183,7 +183,7 @@ while ( $row = $db->sql_fetchrow($result) )
 				break;
 		}
 
-		$template->assign_block_vars("$which_row", array(
+		$template->assign_block_vars($which_row, array(
 			'USERNAME' => $username,
 			'LASTUPDATE' => $user->format_date($row['session_time']),
 			'FORUM_LOCATION' => $location,

phpBB/viewtopic.php

@@ -28,9 +28,9 @@ include($phpbb_root_path . 'includes/bbcode.'.$phpEx);
 //
 // Start initial var setup
 //
-$topic_id = ( isset($HTTP_GET_VARS['t']) ) ? intval($HTTP_GET_VARS['t']) : 0;
-$post_id = ( isset($HTTP_GET_VARS['p'])) ? intval($HTTP_GET_VARS['p']) : 0;
-$start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0;
+$topic_id = ( isset($_GET['t']) ) ? intval($_GET['t']) : 0;
+$post_id = ( isset($_GET['p'])) ? intval($_GET['p']) : 0;
+$start = ( isset($_GET['start']) ) ? intval($_GET['start']) : 0;
 
 if ( empty($topic_id) && empty($post_id) )
 {
@@ -41,9 +41,9 @@ if ( empty($topic_id) && empty($post_id) )
 // Find topic id if user requested a newer
 // or older topic
 //
-if ( isset($HTTP_GET_VARS['view']) && empty($post_id) )
+if ( isset($_GET['view']) && empty($post_id) )
 {
-	if ( $HTTP_GET_VARS['view'] == 'newest' )
+	if ( $_GET['view'] == 'newest' )
 	{
 		$header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ) ? 'Refresh: 0; URL=' : 'Location: ';
 
@@ -78,10 +78,10 @@ if ( isset($HTTP_GET_VARS['view']) && empty($post_id) )
 		header($header_location . 'index.' . $phpEx);
 		exit;
 	}
-	else if ( $HTTP_GET_VARS['view'] == 'next' || $HTTP_GET_VARS['view'] == 'previous' )
+	else if ( $_GET['view'] == 'next' || $_GET['view'] == 'previous' )
 	{
-		$sql_condition = ( $HTTP_GET_VARS['view'] == 'next' ) ? '>' : '<';
-		$sql_ordering = ( $HTTP_GET_VARS['view'] == 'next' ) ? 'ASC' : 'DESC';
+		$sql_condition = ( $_GET['view'] == 'next' ) ? '>' : '<';
+		$sql_ordering = ( $_GET['view'] == 'next' ) ? 'ASC' : 'DESC';
 
 		$sql = "SELECT t.topic_id
 			FROM " . TOPICS_TABLE . " t, " . TOPICS_TABLE . " t2
@@ -94,7 +94,7 @@ if ( isset($HTTP_GET_VARS['view']) && empty($post_id) )
 
 		if ( !($row = $db->sql_fetchrow($result)) )
 		{
-			$message = ( $HTTP_GET_VARS['view'] == 'next' ) ? 'No_newer_topics' : 'No_older_topics';
+			$message = ( $_GET['view'] == 'next' ) ? 'No_newer_topics' : 'No_older_topics';
 			message_die(MESSAGE, $message);
 		}
 		else
@@ -112,7 +112,7 @@ $userdata = $session->start();
 // End session management
 //
 
-if ( $userdata['user_id'] != ANONYMOUS && isset($HTTP_POST_VARS['rating']) )
+if ( $userdata['user_id'] && isset($_POST['rating']) )
 {
 	$sql = "SELECT rating
 		FROM " . TOPICS_RATINGS_TABLE . "
@@ -122,12 +122,12 @@ if ( $userdata['user_id'] != ANONYMOUS && isset($HTTP_POST_VARS['rating']) )
 
 	$rating = ( $row = $db->sql_fetchrow($result) ) ? $row['rating'] : '';
 
-	if ( empty($HTTP_POST_VARS['rating_value']) && $rating != '' )
+	if ( empty($_POST['rating_value']) && $rating != '' )
 	{
 	}
 	else
 	{
-		$new_rating = intval($HTTP_POST_VARS['rating']);
+		$new_rating = intval($_POST['rating']);
 
 		$sql = ( $rating != '' ) ? "UPDATE " . TOPICS_RATING_TABLE . " SET rating = $new_rating WHERE user_id = " . $userdata['user_id'] . " AND topic_id = $topic_id" : "INSERT INTO " . TOPICS_RATING_TABLE . " (topic_id, user_id, rating) VALUES ($topic_id, " . $userdata['user_id'] . ", $new_rating)";
 	}
@@ -155,20 +155,17 @@ if ( !(extract($db->sql_fetchrow($result))) )
 	message_die(MESSAGE, 'Topic_post_not_exist');
 }
 
-//
 // Configure style, language, etc.
-//
-$userdata['user_style'] = ( $forum_style ) ? $forum_style : $userdata['user_style'];
-$session->configure($userdata);
-
-$auth->acl($userdata, $forum_id);
+$user = new user($userdata, false, $forum_style);
+$auth->acl($userdata, $forum_id, array('f_read', 'f_post', 'f_reply', 'f_attach'));
+// End configure
 
 //
 // Start auth check
 //
-if ( !$auth->get_acl($forum_id, 'forum', 'read') )
+if ( !$auth->acl_get('f_read', $forum_id) )
 {
-	if ( $userdata['user_id'] != ANONYMOUS )
+	if ( $userdata['user_id'] )
 	{
 		$redirect = ( isset($post_id) ) ? "p=$post_id" : "t=$topic_id";
 		$redirect .= ( isset($start) ) ? "&start=$start" : '';
@@ -177,9 +174,7 @@ if ( !$auth->get_acl($forum_id, 'forum', 'read') )
 		exit;
 	}
 
-	$message = sprintf($lang['Sorry_auth_read'], $is_auth['auth_read_type']);
-
-	message_die(MESSAGE, $message);
+	message_die(MESSAGE, $lang['Sorry_auth_read']);
 }
 //
 // End auth check
@@ -201,11 +196,11 @@ $previous_days = array(0 => $lang['All_Posts'], 1 => $lang['1_Day'], 7 => $lang[
 $sort_by_text = array('a' => $lang['Author'], 't' => $lang['Post_time'], 's' => $lang['Subject']);
 $sort_by = array('a' => 'u.username', 't' => 'p.post_id', 's' => 'pt.post_subject');
 
-if ( isset($HTTP_POST_VARS['sort']) )
+if ( isset($_POST['sort']) )
 {
-	if ( !empty($HTTP_POST_VARS['sort_days']) )
+	if ( !empty($_POST['sort_days']) )
 	{
-		$sort_days = ( !empty($HTTP_POST_VARS['sort_days']) ) ? intval($HTTP_POST_VARS['sort_days']) : intval($HTTP_GET_VARS['sort_days']);
+		$sort_days = ( !empty($_POST['sort_days']) ) ? intval($_POST['sort_days']) : intval($_GET['sort_days']);
 		$min_post_time = time() - ( $sort_days * 86400 );
 
 		$sql = "SELECT COUNT(post_id) AS num_posts
@@ -224,8 +219,8 @@ if ( isset($HTTP_POST_VARS['sort']) )
 		$topic_replies++;
 	}
 
-	$sort_key = ( isset($HTTP_POST_VARS['sort_key']) ) ? $HTTP_POST_VARS['sort_key'] : $HTTP_GET_VARS['sort_key'];
-	$sort_dir = ( isset($HTTP_POST_VARS['sort_dir']) ) ? $HTTP_POST_VARS['sort_dir'] : $HTTP_GET_VARS['sort_dir'];
+	$sort_key = ( isset($_POST['sort_key']) ) ? $_POST['sort_key'] : $_GET['sort_key'];
+	$sort_dir = ( isset($_POST['sort_dir']) ) ? $_POST['sort_dir'] : $_GET['sort_dir'];
 }
 else
 {
@@ -305,14 +300,14 @@ if ( $userdata['user_id'] )
 // taken from vB but we did already have a highlighter in place
 // in search itself ... it's just been extended a bit!
 //
-if ( isset($HTTP_GET_VARS['highlight']) )
+if ( isset($_GET['highlight']) )
 {
 	$highlight_match = array();
 
 	//
 	// Split words and phrases
 	//
-	$words = explode(' ', trim(urldecode($HTTP_GET_VARS['highlight'])));
+	$words = explode(' ', trim(urldecode($_GET['highlight'])));
 
 	for($i = 0; $i < count($words); $i++)
 	{
@@ -343,16 +338,16 @@ $s_forum_rules = '';
 get_forum_rules('topic', $s_forum_rules, $forum_id);
 
 $topic_mod = '';
-$topic_mod .= ( $auth->get_acl($forum_id, 'mod', 'lock') ) ? ( ( $topic_status == TOPIC_UNLOCKED ) ? '<option value="lock">' . $lang['Lock_topic'] . '</option>' : '<option value="unlock">' . $lang['Unlock_topic'] . '</option>' ) : '';
-$topic_mod .= ( $auth->get_acl($forum_id, 'mod', 'delete') ) ? '<option value="delete">' . $lang['Delete_topic'] . '</option>' : '';
-$topic_mod .= ( $auth->get_acl($forum_id, 'mod', 'move') ) ? '<option value="move">' . $lang['Move_topic'] . '</option>' : '';
-$topic_mod .= ( $auth->get_acl($forum_id, 'mod', 'split') ) ? '<option value="split">' . $lang['Split_topic'] . '</option>' : '';
-$topic_mod .= ( $auth->get_acl($forum_id, 'mod', 'merge') ) ? '<option value="merge">' . $lang['Merge_topic'] . '</option>' : '';
+$topic_mod .= ( $auth->acl_get('m_lock', $forum_id) ) ? ( ( $topic_status == TOPIC_UNLOCKED ) ? '<option value="lock">' . $lang['Lock_topic'] . '</option>' : '<option value="unlock">' . $lang['Unlock_topic'] . '</option>' ) : '';
+$topic_mod .= ( $auth->acl_get('m_delete', $forum_id) ) ? '<option value="delete">' . $lang['Delete_topic'] . '</option>' : '';
+$topic_mod .= ( $auth->acl_get('m_move', $forum_id) ) ? '<option value="move">' . $lang['Move_topic'] . '</option>' : '';
+$topic_mod .= ( $auth->acl_get('m_split', $forum_id) ) ? '<option value="split">' . $lang['Split_topic'] . '</option>' : '';
+$topic_mod .= ( $auth->acl_get('m_merge', $forum_id) ) ? '<option value="merge">' . $lang['Merge_topic'] . '</option>' : '';
 
 //
 // If we've got a hightlight set pass it on to pagination.
 //
-$pagination = ( $highlight_active ) ? generate_pagination("viewtopic.$phpEx$SID&amp;t=$topic_id&amp;postdays=$post_days&amp;postorder=$post_order&amp;highlight=" . $HTTP_GET_VARS['highlight'], $topic_replies, $board_config['posts_per_page'], $start) : generate_pagination("viewtopic.$phpEx$SID&amp;t=$topic_id&amp;postdays=$post_days&amp;postorder=$post_order", $topic_replies, $board_config['posts_per_page'], $start);
+$pagination = ( $highlight_active ) ? generate_pagination("viewtopic.$phpEx$SID&amp;t=$topic_id&amp;postdays=$post_days&amp;postorder=$post_order&amp;highlight=" . $_GET['highlight'], $topic_replies, $board_config['posts_per_page'], $start) : generate_pagination("viewtopic.$phpEx$SID&amp;t=$topic_id&amp;postdays=$post_days&amp;postorder=$post_order", $topic_replies, $board_config['posts_per_page'], $start);
 
 //
 // Post, reply and other URL generation for
@@ -441,7 +436,7 @@ $template->assign_vars(array(
 	'S_MOD_ACTION' => "modcp.$phpEx$SID",
 	'S_WATCH_TOPIC' => $s_watching_topic,
 
-	'U_VIEW_TOPIC' => "viewtopic.$phpEx$SID&amp;t=$topic_id&amp;start=$start&amp;postdays=$post_days&amp;postorder=$post_order&amp;highlight=" . $HTTP_GET_VARS['highlight'],
+	'U_VIEW_TOPIC' => "viewtopic.$phpEx$SID&amp;t=$topic_id&amp;start=$start&amp;postdays=$post_days&amp;postorder=$post_order&amp;highlight=" . $_GET['highlight'],
 	'U_VIEW_FORUM' => $view_forum_url,
 	'U_VIEW_OLDER_TOPIC' => $view_prev_topic_url,
 	'U_VIEW_NEWER_TOPIC' => $view_next_topic_url,
@@ -494,9 +489,9 @@ if ( !empty($poll_start) )
 		$user_voted = ( $row = $db->sql_fetchrow($result) ) ? TRUE : 0;
 		$db->sql_freeresult($result);
 
-		if ( isset($HTTP_GET_VARS['vote']) || isset($HTTP_POST_VARS['vote']) )
+		if ( isset($_GET['vote']) || isset($_POST['vote']) )
 		{
-			$view_result = ( ( ( isset($HTTP_GET_VARS['vote']) ) ? $HTTP_GET_VARS['vote'] : $HTTP_POST_VARS['vote'] ) == 'viewresult' ) ? TRUE : 0;
+			$view_result = ( ( ( isset($_GET['vote']) ) ? $_GET['vote'] : $_POST['vote'] ) == 'viewresult' ) ? TRUE : 0;
 		}
 		else
 		{
@@ -505,7 +500,7 @@ if ( !empty($poll_start) )
 
 		$poll_expired = ( $vote_info[0]['vote_length'] ) ? ( ( $vote_info[0]['vote_start'] + $vote_info[0]['vote_length'] < time() ) ? TRUE : 0 ) : 0;
 
-		if ( $user_voted || $view_result || $poll_expired || !$auth->get_acl($forum_id, 'forum', 'vote') || $topic_status == TOPIC_LOCKED )
+		if ( $user_voted || $view_result || $poll_expired || !$auth->acl_get('f_vote', $forum_id) || $topic_status == TOPIC_LOCKED )
 		{
 			$vote_results_sum = 0;
 			for($i = 0; $i < $vote_options; $i++)
@@ -611,22 +606,20 @@ if ( $row = $db->sql_fetchrow($result) )
 	do
 	{
 		$poster_id = $row['user_id'];
-		$poster = ( $poster_id == ANONYMOUS ) ? $lang['Guest'] : $row['username'];
+		$poster = ( !$poster_id ) ? $lang['Guest'] : $row['username'];
 
-		$post_date = create_date($board_config['default_dateformat'], $row['post_time'], $board_config['board_timezone']);
+		$poster_posts = ( $row['user_id'] ) ? $lang['Posts'] . ': ' . $row['user_posts'] : '';
 
-		$poster_posts = ( $row['user_id'] != ANONYMOUS ) ? $lang['Posts'] . ': ' . $row['user_posts'] : '';
-
-		$poster_from = ( $row['user_from'] && $row['user_id'] != ANONYMOUS ) ? $lang['Location'] . ': ' . $row['user_from'] : '';
+		$poster_from = ( $row['user_from'] && $row['user_id'] ) ? $lang['Location'] . ': ' . $row['user_from'] : '';
 
 		if ( !isset($poster_details[$poster_id]['joined']) )
 		{
-			$poster_details[$poster_id]['joined'] = ( $row['user_id'] != ANONYMOUS ) ? $lang['Joined'] . ': ' . create_date($lang['DATE_FORMAT'], $row['user_regdate'], $board_config['board_timezone']) : '';
+			$poster_details[$poster_id]['joined'] = ( $row['user_id'] ) ? $lang['Joined'] . ': ' . $user->format_date($row['user_regdate'], $lang['DATE_FORMAT']) : '';
 		}
 
 		if ( !isset($poster_details[$poster_id]['avatar']) )
 		{
-			if ( $row['user_avatar_type'] && $poster_id != ANONYMOUS && $row['user_allowavatar'] )
+			if ( $row['user_avatar_type'] && $poster_id && $row['user_allowavatar'] )
 			{
 				switch( $row['user_avatar_type'] )
 				{
@@ -679,13 +672,13 @@ if ( $row = $db->sql_fetchrow($result) )
 		//
 		// Handle anon users posting with usernames
 		//
-		if ( $poster_id == ANONYMOUS && $row['post_username'] != '' )
+		if ( !$poster_id && $row['post_username'] != '' )
 		{
 			$poster = $row['post_username'];
 			$poster_rank = $lang['Guest'];
 		}
 
-		if ( !isset($poster_details[$poster_id]['profile']) && $poster_id != ANONYMOUS )
+		if ( !isset($poster_details[$poster_id]['profile']) && $poster_id )
 		{
 			$temp_url = "profile.$phpEx$SID&amp;mode=viewprofile&amp;u=$poster_id";
 			$poster_details[$poster_id]['profile_img'] = '<a href="' . $temp_url . '">' . create_img($theme['icon_profile'], $lang['Read_profile']) . '</a>';
@@ -695,7 +688,7 @@ if ( $row = $db->sql_fetchrow($result) )
 			$poster_details[$poster_id]['pm_img'] = '<a href="' . $temp_url . '">' . create_img($theme['icon_pm'], $lang['Send_private_message']) . '</a>';
 			$poster_details[$poster_id]['pm'] = '<a href="' . $temp_url . '">' . $lang['Send_private_message'] . '</a>';
 
-			if ( !empty($row['user_viewemail']) || $auth->get_acl($forum_id, 'mod') )
+			if ( !empty($row['user_viewemail']) || $auth->acl_get('m_', $forum_id) )
 			{
 				$email_uri = ( $board_config['board_email_form'] ) ? "profile.$phpEx$SID&amp;mode=email&amp;u=" . $poster_id : 'mailto:' . $row['user_email'];
 
@@ -734,7 +727,7 @@ if ( $row = $db->sql_fetchrow($result) )
 			$poster_details[$poster_id]['yim_img'] = ( $row['user_yim'] ) ? '<a href="http://edit.yahoo.com/config/send_webmesg?.target=' . $row['user_yim'] . '&amp;.src=pg">' . create_img($theme['icon_yim'], $lang['YIM']) . '</a>' : '';
 			$poster_details[$poster_id]['yim'] = ( $row['user_yim'] ) ? '<a href="http://edit.yahoo.com/config/send_webmesg?.target=' . $row['user_yim'] . '&amp;.src=pg">' . $lang['YIM'] . '</a>' : '';
 
-			if ( $auth->get_acl($forum_id, 'forum', 'search') )
+			if ( $auth->acl_get('f_search', $forum_id) )
 			{
 				$temp_url = 'search.' . $phpEx . $SID . '&amp;search_author=' . urlencode($row['username']) .'"&amp;showresults=posts';
 				$search_img = '<a href="' . $temp_url . '">' . create_img($theme['icon_search'], $lang['Search_user_posts']) . '</a>';
@@ -747,7 +740,7 @@ if ( $row = $db->sql_fetchrow($result) )
 			}
 
 		}
-		else if ( $poster_id == ANONYMOUS )
+		else if ( !$poster_id )
 		{
 			$poster_details[$poster_id]['profile_img'] = '';
 			$poster_details[$poster_id]['profile'] = '';
@@ -775,7 +768,7 @@ if ( $row = $db->sql_fetchrow($result) )
 		$quote_img = '<a href="' . $temp_url . '">' . create_img($theme['icon_quote'], $lang['Reply_with_quote']) . '</a>';
 		$quote = '<a href="' . $temp_url . '">' . $lang['Reply_with_quote'] . '</a>';
 
-		if ( ( $userdata['user_id'] == $poster_id && $auth->get_acl($forum_id, 'forum', 'edit') ) || $auth->get_acl($forum_id, 'mod', 'edit') )
+		if ( ( $userdata['user_id'] == $poster_id && $auth->acl_get('f_edit', $forum_id) ) || $auth->acl_get('m_edit', $forum_id) || $auth->acl_get('a_') )
 		{
 			$temp_url = "posting.$phpEx$SID&amp;mode=editpost&amp;p=" . $row['post_id'];
 			$edit_img = '<a href="' . $temp_url . '">' . create_img($theme['icon_edit'], $lang['Edit_delete_post']) . '</a>';
@@ -787,7 +780,7 @@ if ( $row = $db->sql_fetchrow($result) )
 			$edit = '';
 		}
 
-		if ( $auth->get_acl($forum_id, 'mod', 'ip') )
+		if ( $auth->acl_get('m_ip', $forum_id) )
 		{
 			$temp_url = "modcp.$phpEx$SID&amp;mode=ip&amp;p=" . $row['post_id'] . "&amp;t=" . $topic_id;
 			$ip_img = '<a href="' . $temp_url . '">' . create_img($theme['icon_ip'], $lang['View_IP']) . '</a>';
@@ -799,7 +792,7 @@ if ( $row = $db->sql_fetchrow($result) )
 			$ip = '';
 		}
 
-		if ( ( $userdata['user_id'] == $poster_id && $auth->get_acl($forum_id, 'forum', 'delete') && $forum_topic_data['topic_last_post_id'] == $row['post_id'] ) || $auth->get_acl($forum_id, 'mod', 'delete') )
+		if ( ( $userdata['user_id'] == $poster_id && $auth->acl_get('f_delete', $forum_id) && $forum_topic_data['topic_last_post_id'] == $row['post_id'] ) || $auth->acl_get('m_delete', $forum_id) )
 		{
 			$temp_url = "posting.$phpEx$SID&amp;mode=delete&amp;p=" . $row['post_id'];
 			$delpost_img = '<a href="' . $temp_url . '">' . create_img($theme['icon_delete'], $lang['Delete_post']) . '</a>';
@@ -825,9 +818,9 @@ if ( $row = $db->sql_fetchrow($result) )
 		// If the board has HTML off but the post has HTML
 		// on then we process it, else leave it alone
 		//
-		if ( !$auth->get_acl($forum_id, 'forum', 'html') )
+		if ( !$auth->acl_get('f_html', $forum_id) )
 		{
-			if ( $row['enable_html'] && $auth->get_acl($forum_id, 'forum', 'bbcode') )
+			if ( $row['enable_html'] && $auth->acl_get('f_bbcode', $forum_id) )
 			{
 				$message = preg_replace('#(<)([\/]?.*?)(>)#is', "&lt;\\2&gt;", $message);
 			}
@@ -838,12 +831,12 @@ if ( $row = $db->sql_fetchrow($result) )
 		//
 		if ( $bbcode_uid != '' )
 		{
-			$message = ( $auth->get_acl($forum_id, 'forum', 'bbcode') ) ? bbencode_second_pass($message, $bbcode_uid, $auth->get_acl($forum_id, 'forum', 'img')) : preg_replace('/\:[0-9a-z\:]+\]/si', ']', $message);
+//			$message = ( $auth->acl_get('f_bbcode', $forum_id) ) ? bbencode_second_pass($message, $bbcode_uid, $auth->acl_get('f_img', $forum_id)) : preg_replace('/\:[0-9a-z\:]+\]/si', ']', $message);
 		}
 
 		if ( $row['enable_magic_url'] )
 		{
-			$message = make_clickable($message);
+//			$message = make_clickable($message);
 		}
 
 		//
@@ -933,9 +926,9 @@ if ( $row = $db->sql_fetchrow($result) )
 			$message = preg_replace($orig_word, $replacement_word, $message);
 		}
 
-		if ( $row['enable_smilies'] && $auth->get_acl($forum_id, 'forum', 'smilies') )
+		if ( $row['enable_smilies'] && $auth->acl_get('f_smilies', $forum_id) )
 		{
-			$message = smilies_pass($message);
+//			$message = smilies_pass($message);
 		}
 
 		$message = nl2br($message);
@@ -947,7 +940,7 @@ if ( $row = $db->sql_fetchrow($result) )
 		{
 			$l_edit_time_total = ( $row['post_edit_count'] == 1 ) ? $lang['Edited_time_total'] : $lang['Edited_times_total'];
 
-			$l_edited_by = '<br /><br />' . sprintf($l_edit_time_total, $poster, create_date($board_config['default_dateformat'], $row['post_edit_time'], $board_config['board_timezone']), $row['post_edit_count']);
+			$l_edited_by = '<br /><br />' . sprintf($l_edit_time_total, $poster, $user->format_date($row['post_edit_time']), $row['post_edit_count']);
 		}
 		else
 		{
@@ -962,20 +955,20 @@ if ( $row = $db->sql_fetchrow($result) )
 			$user_sig = ( $row['enable_sig'] && $row['user_sig'] != '' && $board_config['allow_sig'] ) ? $row['user_sig'] : '';
 			$user_sig_bbcode_uid = $row['user_sig_bbcode_uid'];
 
-			if ( $user_sig != '' && $user_sig_bbcode_uid != '' && $auth->get_acl($forum_id, 'forum', 'sigs') )
+			if ( $user_sig != '' && $user_sig_bbcode_uid != '' && $auth->acl_get('f_sigs', $forum_id) )
 			{
-				if ( !$auth->get_acl($forum_id, 'forum', 'html') && $userdata['user_allowhtml'] )
+				if ( !$auth->acl_get('f_html', $forum_id) && $userdata['user_allowhtml'] )
 				{
 					$user_sig = preg_replace('#(<)([\/]?.*?)(>)#is', "&lt;\\2&gt;", $user_sig);
 				}
 
-				$poster_details[$poster_id]['sig'] = bbencode_second_pass($user_sig, $user_sig_bbcode_uid, $auth->get_acl($forum_id, 'forum', 'img'));
+//				$poster_details[$poster_id]['sig'] = bbencode_second_pass($user_sig, $user_sig_bbcode_uid, $auth->acl_get('f_img', $forum_id));
 
-				$poster_details[$poster_id]['sig'] = make_clickable($poster_details[$poster_id]['sig']);
+//				$poster_details[$poster_id]['sig'] = make_clickable($poster_details[$poster_id]['sig']);
 
 				if ( $row['user_allowsmile'] )
 				{
-					$poster_details[$poster_id]['sig'] =  smilies_pass($poster_details[$poster_id]['sig']);
+//					$poster_details[$poster_id]['sig'] =  smilies_pass($poster_details[$poster_id]['sig']);
 				}
 
 				if ( count($orig_word) )
@@ -1008,7 +1001,7 @@ if ( $row = $db->sql_fetchrow($result) )
 			'POSTER_POSTS' => $poster_posts,
 			'POSTER_FROM' => $poster_from,
 			'POSTER_AVATAR' => $poster_details[$poster_id]['avatar'],
-			'POST_DATE' => $post_date,
+			'POST_DATE' => $user->format_date($row['post_time']),
 
 			'POST_SUBJECT' => $post_subject,
 			'MESSAGE' => $message,