- added confirmation to removing bbcodes

- added optional MX and DNSBL checks - added backtrace (triggering sql error) on error within sql_in_set as well as making sure it is handling an array - let users having f_list access to a forum actually see the forum without a topic list and not displaying an error message - this allows for giving people access to subforums but not the parent forum without the need to add the (sub-)forum to the index. - some additional bugfixes git-svn-id: file:///svn/phpbb/trunk@6414 89ea8834-ac86-4346-8a33-228a782c2dd0
2025-06-28 14:18:52 +00:00 · 2006-09-28 15:04:59 +00:00 · 2006-09-28 15:04:59 +00:00 · 26befa0941
commit 26befa0941
parent 67accdb072
20 changed files with 415 additions and 177 deletions
--- a/phpBB/includes/acp/acp_bbcodes.php
+++ b/phpBB/includes/acp/acp_bbcodes.php
@ -207,10 +207,22 @@ class acp_bbcodes
 				$db->sql_freeresult($result);
 				if ($row)
 				{
 					if (confirm_box(true))
 					{
 						$db->sql_query('DELETE FROM ' . BBCODES_TABLE . " WHERE bbcode_id = $bbcode_id");
 						add_log('admin', 'LOG_BBCODE_DELETE', $row['bbcode_tag']);
 					}
 					else
 					{
 						confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
 							'bbcode'	=> $bbcode_id,
 							'i'			=> $id,
 							'mode'		=> $mode,
 							'action'	=> $action))
 						);
 					}
 				}
 			break;
 		}
--- a/phpBB/includes/acp/acp_board.php
+++ b/phpBB/includes/acp/acp_board.php
@ -300,6 +300,8 @@ class acp_board
 						'max_autologin_time'	=> array('lang' => 'AUTOLOGIN_LENGTH',		'validate' => 'int',	'type' => 'text:5:5', 'explain' => true),
 						'ip_check'				=> array('lang' => 'IP_VALID',				'validate' => 'int',	'type' => 'custom', 'method' => 'select_ip_check', 'explain' => true),
 						'browser_check'			=> array('lang' => 'BROWSER_VALID',			'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => true),
 						'check_dnsbl'			=> array('lang' => 'CHECK_DNSBL',			'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => true),
 						'email_check_mx'		=> array('lang' => 'EMAIL_CHECK_MX',		'validate' => 'bool',	'type' => 'radio:yes_no', 'explain' => true),
 						'pass_complex'			=> array('lang' => 'PASSWORD_TYPE',			'validate' => 'string',	'type' => 'select', 'method' => 'select_password_chars', 'explain' => true),
 						'chg_passforce'			=> array('lang' => 'FORCE_PASS_CHANGE',		'validate' => 'int',	'type' => 'text:3:3', 'explain' => true),
 						'max_login_attempts'	=> array('lang' => 'MAX_LOGIN_ATTEMPTS',	'validate' => 'int',	'type' => 'text:3:3', 'explain' => true),
--- a/phpBB/includes/db/dbal.php
+++ b/phpBB/includes/db/dbal.php
@ -238,7 +238,13 @@ class dbal
 	{
 		if (!sizeof($array))
 		{
-			trigger_error('No values specified for SQL IN comparison', E_USER_ERROR);
+			// Not optimal, but at least the backtrace should help in identifying where the problem lies.
 			$this->sql_error('No values specified for SQL IN comparison');
 		}
 		if (!is_array($array))
 		{
 			$array = array($array);
 		}
 		$values = array();
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@ -2705,6 +2705,52 @@ function truncate_string($string, $max_length = 60)
 	return implode('', array_slice($chars, 0, $max_length));
 }
 /**
 * Wrapper for php's checkdnsrr function
 * The windows failover is from this page: http://www.zend.com/codex.php?id=370&single=1
 * Please make sure to check the return value for === true and === false, since NULL could
 * be returned too.
 * 
 * @return true if entry found, false if not, NULL if this function is not supported by this environment
 */
 function phpbb_checkdnsrr($host, $type = '')
 {
 	$type = (!$type) ? 'MX' : $type;
 	if (strpos(PHP_OS, 'WIN') !== false)
 	{
 		if (!function_exists('exec'))
 		{
 			return NULL;
 		}
 		@exec('nslookup -type=' . escapeshellarg($type) . ' ' . escapeshellarg($host), $output);
 		foreach ($output as $line)
 		{
 			if (!trim($line))
 			{
 				continue;
 			}
 			// Valid records begin with host name:
 			if (strpos($line, $host) === 0)
 			{
 				return true;
 			}
 		}
 		return false;
 	}
 	else if (function_exists('checkdnsrr'))
 	{
 		return (checkdnsrr($domain, $type)) ? true : false;
 	}
 	return NULL;
 }
 // Handler, header and footer
 /**
--- a/phpBB/includes/functions_posting.php
+++ b/phpBB/includes/functions_posting.php
@ -1414,7 +1414,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u
 				'post_subject'		=> $subject,
 				'post_text'			=> $data['message'],
 				'post_checksum'		=> $data['message_md5'],
-				'post_attachment'	=> (sizeof($data['attachment_data'])) ? 1 : 0,
+				'post_attachment'	=> (!empty($data['attachment_data'])) ? 1 : 0,
 				'bbcode_bitfield'	=> $data['bbcode_bitfield'],
 				'bbcode_uid'		=> $data['bbcode_uid'],
 				'post_postcount'	=> ($auth->acl_get('f_postcount', $data['forum_id'])) ? 1 : 0,
@ -1467,7 +1467,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u
 				'post_edit_reason'	=> $data['post_edit_reason'],
 				'post_edit_user'	=> (int) $data['post_edit_user'],
 				'post_checksum'		=> $data['message_md5'],
-				'post_attachment'	=> (sizeof($data['attachment_data'])) ? 1 : 0,
+				'post_attachment'	=> (!empty($data['attachment_data'])) ? 1 : 0,
 				'bbcode_bitfield'	=> $data['bbcode_bitfield'],
 				'bbcode_uid'		=> $data['bbcode_uid'],
 				'post_edit_locked'	=> $data['post_edit_locked'])
@ -1496,7 +1496,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u
 				'topic_first_poster_colour'	=> (($user->data['user_id'] != ANONYMOUS) ? $user->data['user_colour'] : ''),
 				'topic_type'				=> $topic_type,
 				'topic_time_limit'			=> ($topic_type == POST_STICKY || $topic_type == POST_ANNOUNCE) ? ($data['topic_time_limit'] * 86400) : 0,
-				'topic_attachment'			=> (sizeof($data['attachment_data'])) ? 1 : 0,
+				'topic_attachment'			=> (!empty($data['attachment_data'])) ? 1 : 0,
 			);
 			if (isset($poll['poll_options']) && !empty($poll['poll_options']))
@ -1549,7 +1549,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u
 				'poll_length'				=> (isset($poll['poll_options'])) ? ($poll['poll_length'] * 86400) : 0,
 				'poll_vote_change'			=> (isset($poll['poll_vote_change'])) ? $poll['poll_vote_change'] : 0,
-				'topic_attachment'			=> (sizeof($data['attachment_data'])) ? 1 : (isset($data['topic_attachment']) ? $data['topic_attachment'] : 0),
+				'topic_attachment'			=> (!empty($data['attachment_data'])) ? 1 : (isset($data['topic_attachment']) ? $data['topic_attachment'] : 0),
 			);
 		break;
 	}
@ -1737,7 +1737,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u
 	}
 	// Submit Attachments
-	if (sizeof($data['attachment_data']) && $data['post_id'] && in_array($mode, array('post', 'reply', 'quote', 'edit')))
+	if (!empty($data['attachment_data']) && $data['post_id'] && in_array($mode, array('post', 'reply', 'quote', 'edit')))
 	{
 		$space_taken = $files_added = 0;
 		$orphan_rows = array();
--- a/phpBB/includes/functions_privmsgs.php
+++ b/phpBB/includes/functions_privmsgs.php
@ -1322,7 +1322,7 @@ function submit_pm($mode, $subject, &$data, $update_message, $put_in_outbox = tr
 				'enable_sig'		=> $data['enable_sig'],
 				'message_subject'	=> $subject,
 				'message_text'		=> $data['message'],
-				'message_attachment'=> (sizeof($data['attachment_data'])) ? 1 : 0,
+				'message_attachment'=> (!empty($data['attachment_data'])) ? 1 : 0,
 				'bbcode_bitfield'	=> $data['bbcode_bitfield'],
 				'bbcode_uid'		=> $data['bbcode_uid'],
 				'to_address'		=> implode(':', $to),
@ -1340,7 +1340,7 @@ function submit_pm($mode, $subject, &$data, $update_message, $put_in_outbox = tr
 				'enable_sig'		=> $data['enable_sig'],
 				'message_subject'	=> $subject,
 				'message_text'		=> $data['message'],
-				'message_attachment'=> (sizeof($data['attachment_data'])) ? 1 : 0,
+				'message_attachment'=> (!empty($data['attachment_data'])) ? 1 : 0,
 				'bbcode_bitfield'	=> $data['bbcode_bitfield'],
 				'bbcode_uid'		=> $data['bbcode_uid']
 			);
--- a/phpBB/includes/functions_template.php
+++ b/phpBB/includes/functions_template.php
@ -468,8 +468,10 @@ class template_compile
 					}
 					else if (preg_match('#^\.(([a-z0-9\-_]+\.?)+)$#s', $token, $varrefs))
 					{
 						// Allow checking if loops are set with .loopname
 						// It is also possible to check the loop count by doing <!-- IF .loopname > 1 --> for example
 						$_tok = $this->generate_block_data_ref($varrefs[1], false);
-						$token = "(isset($_tok) && sizeof($_tok))";
+						$token = "sizeof($_tok)";
 					}
 				break;
--- a/phpBB/includes/functions_upload.php
+++ b/phpBB/includes/functions_upload.php
@ -138,7 +138,7 @@ class filespec
 	/**
 	* Check if the file got correctly uploaded
 	*
-	* @return true if it is a valid upload and the file exist, false if not
+	* @return true if it is a valid upload, false if not
 	*/
 	function is_uploaded()
 	{
@ -147,7 +147,12 @@ class filespec
 			return false;
 		}
-		return (file_exists($this->filename)) ? true : false;
+		if ($this->local && !file_exists($this->filename))
 		{
 			return false;
 		}
 		return true;
 	}
 	/**
--- a/phpBB/includes/functions_user.php
+++ b/phpBB/includes/functions_user.php
@ -1216,6 +1216,18 @@ function validate_email($email)
 		return 'EMAIL_INVALID';
 	}
 	// Check MX record.
 	// The idea for this is from reading the UseBB blog/announcement. :)
 	if ($config['email_check_mx'])
 	{
 		list(, $domain) = explode('@', $email);
 		if (phpbb_checkdnsrr($domain, 'MX') === false)
 		{
 			return 'DOMAIN_NO_MX_RECORD';
 		}
 	}
 	if ($user->check_ban(false, false, $email, true) == true)
 	{
 		return 'EMAIL_BANNED';
--- a/phpBB/includes/session.php
+++ b/phpBB/includes/session.php
@ -846,6 +846,45 @@ class session
 		return ($banned) ? true : false;
 	}
 	/**
 	* Check if ip is blacklisted
 	* This should be called only where absolutly necessary
 	*
 	* Only IPv4 (rbldns does not support AAAA records/IPv6 lookups)
 	*
 	* @author satmd (from the php manual)
 	* @return false if ip is not blacklisted, else an array([checked server], [lookup])
 	*/
 	function check_dnsbl($ip = false)
 	{
 		if ($ip === false)
 		{
 			$ip = $this->ip;
 		}
 		$dnsbl_check = array(
 			'bl.spamcop.net'		=> 'http://spamcop.net/bl.shtml?',
 			'list.dsbl.org'			=> 'http://dsbl.org/listing?',
 			'sbl-xbl.spamhaus.org'	=> 'http://www.spamhaus.org/query/bl?ip=',
 		);
 		if ($ip)
 		{
 			$quads = explode('.', $ip);
 			$reverse_ip = $quads[3] . '.' . $quads[2] . '.' . $quads[1] . '.' . $quads[0];
 			foreach ($dnsbl_check as $dnsbl => $lookup)
 			{
 				if (phpbb_checkdnsrr($reverse_ip . '.' . $dnsbl . '.', 'A') === true)
 				{
 					return array($dnsbl, $lookup . $ip);
 				}
 			}
 		}
 		return false;
 	}
 	/**
 	* Set/Update a persistent login key
 	*
--- a/phpBB/includes/ucp/ucp_register.php
+++ b/phpBB/includes/ucp/ucp_register.php
@ -146,6 +146,15 @@ class ucp_register
 			// Replace "error" strings with their real, localised form
 			$error = preg_replace('#^([A-Z_]+)$#e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : '\\1'", $error);
 			// DNSBL check
 			if ($config['check_dnsbl'])
 			{
 				if (($dnsbl = $user->check_dnsbl()) !== false)
 				{
 					$error[] = sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1]);
 				}
 			}
 			// validate custom profile fields
 			$cp->submit_cp_field('register', $user->get_iso_lang_id(), $cp_data, $error);
--- a/phpBB/includes/utf/utf_tools.php
+++ b/phpBB/includes/utf/utf_tools.php
@ -3,11 +3,18 @@
 *
 * @package phpBB3
 * @version $Id$
-* @copyright (c) 2005 phpBB Group 
+* @copyright (c) 2006 phpBB Group 
 * @license http://opensource.org/licenses/gpl-license.php GNU Public License 
 *
 */
 /**
 */
 if (!defined('IN_PHPBB'))
 {
 	exit;
 }
 /**
 * UTF-8 tools
 *
@ -62,6 +69,7 @@ if (!extension_loaded('xml'))
 		$newcharstring = '';
 		$offset = 0;
 		$stringlength = strlen($string);
 		while ($offset < $stringlength)
 		{
 			$ord = ord($string{$offset});
@ -101,11 +109,13 @@ if (!extension_loaded('xml'))
 				$charval = false;
 				$offset += 1;
 			}
 			if ($charval !== false)
 			{
 				$newcharstring .= (($charval < 256) ? chr($charval) : '?');
 			}
 		}
 		return $newcharstring;
 	}
 }
@ -134,6 +144,7 @@ if (extension_loaded('mbstring'))
 			{
 				return false;
 			}
 			return mb_strrpos($str, $search);
 		}
 		else
@ -262,11 +273,12 @@ else
 		{
 			$ar	= explode($needle, $str);
-			if (count($ar) > 1)
+			if (sizeof($ar) > 1)
 			{
 				// Pop off the end of the string where the last	match was made
 				array_pop($ar);
 				$str = join($needle, $ar);
 				return utf8_strlen($str);
 			}
 			return false;
@ -306,7 +318,7 @@ else
 		if (is_null($offset))
 		{
 			$ar = explode($needle, $str);
-			if (count($ar) > 1)
+			if (sizeof($ar) > 1)
 			{
 				return utf8_strlen($ar[0]);
 			}
@ -438,14 +450,15 @@ $UTF8_LOWER_TO_UPPER = array(
 	function utf8_strtolower($string)
 	{
 		global $UTF8_UPPER_TO_LOWER;
 		$uni = utf8_to_unicode($string);
 		if (!$uni)
 		{
 			return false;
 		}
-		$cnt = count($uni);
+		for ($i = 0, $cnt = sizeof($uni); $i < $cnt; $i++)
 		for ($i = 0; $i < $cnt; $i++)
 		{
 			if (isset($UTF8_UPPER_TO_LOWER[$uni[$i]]))
 			{
@ -471,14 +484,15 @@ $UTF8_LOWER_TO_UPPER = array(
 	function utf8_strtoupper($str)
 	{
 		global $UTF8_LOWER_TO_UPPER;
 		$uni = utf8_to_unicode($string);
 		if (!$uni)
 		{
 			return false;
 		}
-		$cnt = count($uni);
+		for ($i = 0, $cnt = sizeof($uni); $i < $cnt; $i++)
 		for ($i = 0; $i < $cnt; $i++)
 		{
 			if (isset($UTF8_LOWER_TO_UPPER[$uni[$i]]))
 			{
@ -553,6 +567,7 @@ $UTF8_LOWER_TO_UPPER = array(
 			// Handle negatives using different, slower technique
 			// From: http://www.php.net/manual/en/function.substr.php#44838
 			preg_match_all('/./u', $str, $ar);
 			if ($length !== null)
 			{
 				return join('', array_slice($ar[0], $offset, $length));
@ -575,7 +590,6 @@ $UTF8_LOWER_TO_UPPER = array(
 		// Since utf8_decode is replacing multibyte characters to ? strlen works fine
 		return strlen(utf8_decode($text));
 	}
 }
 /**
@ -664,7 +678,7 @@ function utf8_ucfirst($str)
 * If the encoding is not supported, the string is returned as-is
 *
 * @param	string	$string		Original string
-* @param	string	$encoding	Original encoding
+* @param	string	$encoding	Original encoding (lowered)
 * @return	string				The string, encoded in UTF-8
 */
 function utf8_recode($string, $encoding)
@ -676,7 +690,6 @@ function utf8_recode($string, $encoding)
 		return $string;
 	}
 	// start with something simple
 	if ($encoding == 'iso-8859-1')
 	{
@ -858,6 +871,7 @@ function utf8_to_unicode($string)
 	$unicode = array();
 	$offset = 0;
 	$stringlength = strlen($string);
 	while ($offset < $stringlength)
 	{
 		$ord = ord($string{$offset});
--- a/phpBB/install/index.php
+++ b/phpBB/install/index.php
@ -344,7 +344,7 @@ class module
 		$template->display('body');
 		// Close our DB connection.
-		if (isset($db))
+		if (!empty($db) && is_object($db))
 		{
 			$db->sql_close();
 		}
@ -533,7 +533,7 @@ class module
 		echo '</body>';
 		echo '</html>';
-		if (isset($db))
+		if (!empty($db) && is_object($db))
 		{
 			$db->sql_close();
 		}
--- a/phpBB/install/schemas/schema_data.sql
+++ b/phpBB/install/schemas/schema_data.sql
@ -59,6 +59,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('browser_check', '1
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('bump_interval', '10');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('bump_type', 'd');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('cache_gc', '7200');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('check_dnsbl', '0');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('chg_passforce', '0');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('cookie_domain', '');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('cookie_name', 'phpbb3');
@ -73,6 +74,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('default_style', '1
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('display_last_edited', '1');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('display_order', '0');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('edit_time', '0');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('email_check_mx', '1');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('email_enable', '1');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('email_function_name', 'mail');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('email_package_size', '50');
--- a/phpBB/language/en/acp/board.php
+++ b/phpBB/language/en/acp/board.php
@ -346,8 +346,12 @@ $lang = array_merge($lang, array(
 	'AUTOLOGIN_LENGTH_EXPLAIN'		=> 'Number of days after which persistent login keys are removed or zero to disable.', 
 	'BROWSER_VALID'					=> 'Validate browser',
 	'BROWSER_VALID_EXPLAIN'			=> 'Enables browser validation for each session improving security.',
 	'CHECK_DNSBL'					=> 'Check IP against DNS Blackhole List',
 	'CHECK_DNSBL_EXPLAIN'			=> 'If enabled the IP is checked against the following DNSBL services on registration and posting: <a href="http://spamcop.net">spamcop.net</a>, <a href="http://dsbl.org">dsbl.org</a> and <a href="http://spamhaus.org">spamhaus.org</a>. This lookup may take a bit, depending on the servers configuration. If slowdowns are experienced or too much false positives reported it is recommended to disable this check.',
 	'CLASS_B'						=> 'A.B',
 	'CLASS_C'						=> 'A.B.C',
 	'EMAIL_CHECK_MX'				=> 'Check email domain for valid MX Record',
 	'EMAIL_CHECK_MX_EXPLAIN'		=> 'If enabled, the email domain provided on registration and profile changes is checked for a valid MX record.',
 	'FORCE_PASS_CHANGE'				=> 'Force password change',
 	'FORCE_PASS_CHANGE_EXPLAIN'		=> 'Require user to change their password after a set number of days or zero to disable.',
 	'IP_VALID'						=> 'Session IP validation',
--- a/phpBB/language/en/common.php
+++ b/phpBB/language/en/common.php
@ -244,6 +244,7 @@ $lang = array_merge($lang, array(
 	'INVALID_DIGEST_CHALLENGE'	=> 'Invalid digest challenge',
 	'INVALID_EMAIL_LOG'			=> '<strong>%s</strong> possibly an invalid email address?',
 	'IP'						=> 'IP',
 	'IP_BLACKLISTED'			=> 'Your IP %1$s has been blocked because it is blacklisted. For details please see <a href="%2$s">%2$s</a>.',
 	'JABBER'				=> 'Jabber',
 	'JOINED'				=> 'Joined',
@ -328,6 +329,7 @@ $lang = array_merge($lang, array(
 	'NO_IPS_DEFINED'			=> 'No IPs or Hostnames defined',
 	'NO_MEMBERS'				=> 'No members found for this search criteria',
 	'NO_MESSAGES'				=> 'No messages',
 	'NO_MODE'					=> 'No mode specified',
 	'NO_MODERATORS'				=> 'No moderators assigned at this board.',
 	'NO_NEW_MESSAGES'			=> 'No new messages',
 	'NO_NEW_PM'					=> '<strong>0</strong> new messages',
--- a/phpBB/language/en/ucp.php
+++ b/phpBB/language/en/ucp.php
@ -164,6 +164,7 @@ $lang = array_merge($lang, array(
 	'DEMOTE_SELECTED'			=> 'Demote selected',
 	'DISABLE_CENSORS'			=> 'Enable word censoring',
 	'DISPLAY_GALLERY'			=> 'Display gallery',
 	'DOMAIN_NO_MX_RECORD_EMAIL'	=> 'The entered email domain has no valid MX record.',
 	'DOWNLOADS'					=> 'Downloads',
 	'DRAFTS_DELETED'			=> 'All selected drafts were successfully deleted.',
 	'DRAFTS_EXPLAIN'			=> 'Here you can view, edit and delete your saved drafts.',
--- a/phpBB/posting.php
+++ b/phpBB/posting.php
@ -640,7 +640,19 @@ if ($submit || $preview || $refresh)
 	// Parse message
 	if ($update_message)
 	{
 		if (sizeof($message_parser->warn_msg))
 		{
 			$error[] = implode('<br />', $message_parser->warn_msg);
 			$message_parser->warn_msg = array();
 		}
 		$message_parser->parse($post_data['enable_bbcode'], ($config['allow_post_links']) ? $post_data['enable_urls'] : false, $post_data['enable_smilies'], $img_status, $flash_status, $quote_status, $config['allow_post_links']);
 		// On a refresh we do not care about message parsing errors
 		if (sizeof($message_parser->warn_msg) && $refresh)
 		{
 			$message_parser->warn_msg = array();
 		}
 	}
 	else
 	{
@ -708,7 +720,7 @@ if ($submit || $preview || $refresh)
 	}
 	// Parse subject
-	if (!$post_data['post_subject'] && ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_id)))
+	if (!$refresh && !$post_data['post_subject'] && ($mode == 'post' || ($mode == 'edit' && $post_data['topic_first_post_id'] == $post_id)))
 	{
 		$error[] = $user->lang['EMPTY_SUBJECT'];
 	}
@ -773,11 +785,20 @@ if ($submit || $preview || $refresh)
 		}
 	}
-	if (sizeof($message_parser->warn_msg) && !$refresh)
+	if (sizeof($message_parser->warn_msg))
 	{
 		$error[] = implode('<br />', $message_parser->warn_msg);
 	}
 	// DNSBL check
 	if ($config['check_dnsbl'] && !$refresh)
 	{
 		if (($dnsbl = $user->check_dnsbl()) !== false)
 		{
 			$error[] = sprintf($user->lang['IP_BLACKLISTED'], $user->ip, $dnsbl[1]);
 		}
 	}
 	// Store message, sync counters
 	if (!sizeof($error) && $submit)
 	{
--- a/phpBB/styles/subSilver/template/posting_smilies.html
+++ b/phpBB/styles/subSilver/template/posting_smilies.html
@ -4,11 +4,63 @@
 <!--
 var form_name = 'post';
-var text_name = 'message';
+
 /**
 * Apply clicked smiley to message body
 */
 function smiley(text) 
 {
 	text = ' ' + text + ' ';
 	if (opener.document.forms[form_name].message.createTextRange && opener.document.forms[form_name].message.caretPos)
 	{
 		var caretPos = opener.document.forms[form_name].message.caretPos;
 		caretPos.text = caretPos.text.charAt(caretPos.text.length - 1) == ' ' ? caretPos.text + text + ' ' : caretPos.text + text;
 		opener.document.forms[form_name].message.focus();
 	}
 	else
 	{
 		var selStart = opener.document.forms[form_name].message.selectionStart;
 		var selEnd = opener.document.forms[form_name].message.selectionEnd;
 		mozWrap(opener.document.forms[form_name].message, text, '')
 		opener.document.forms[form_name].message.focus();
 		opener.document.forms[form_name].message.selectionStart = selStart + text.length;
 		opener.document.forms[form_name].message.selectionEnd = selEnd + text.length;
 	}
 }
 /**
 * From http://www.massless.org/mozedit/
 */
 function mozWrap(txtarea, open, close)
 {
 	var selLength = txtarea.textLength;
 	var selStart = txtarea.selectionStart;
 	var selEnd = txtarea.selectionEnd;
 	var scrollTop = txtarea.scrollTop;
 	if (selEnd == 1 || selEnd == 2) 
 	{
 		selEnd = selLength;
 	}
 	var s1 = (txtarea.value).substring(0,selStart);
 	var s2 = (txtarea.value).substring(selStart, selEnd)
 	var s3 = (txtarea.value).substring(selEnd, selLength);
 	txtarea.value = s1 + open + s2 + close + s3;
 	txtarea.selectionStart = selEnd + open.length + close.length;
 	txtarea.selectionEnd = txtarea.selectionStart;
 	txtarea.focus();
 	txtarea.scrollTop = scrollTop;
 	return;
 }
 //-->
 </script>
 <script language="javascript" type="text/javascript" src="{T_TEMPLATE_PATH}/editor.js"></script>
 <table width="100%" cellspacing="1" cellpadding="4" border="0">
 <tr>
--- a/phpBB/viewforum.php
+++ b/phpBB/viewforum.php
@ -77,7 +77,7 @@ if (isset($_GET['e']) && !$user->data['is_registered'])
 }
 // Permissions check
-if (!$auth->acl_get('f_read', $forum_id))
+if (!$auth->acl_gets('f_list', 'f_read', $forum_id))
 {
 	if ($user->data['user_id'] != ANONYMOUS)
 	{
@ -114,7 +114,10 @@ if ($forum_data['forum_password'])
 generate_forum_nav($forum_data);
 // Forum Rules
 if ($auth->acl_get('f_read', $forum_id))
 {
 	generate_forum_rules($forum_data);
 }
 // Do we have subforums?
 $active_forum_ary = $moderators = array();
@ -144,6 +147,12 @@ if (!($forum_data['forum_type'] == FORUM_POST || (($forum_data['forum_flags'] &
 	page_footer();
 }
 // Ok, if someone has only list-access, we only display the forum list
 if (!$auth->acl_get('f_read', $forum_id))
 {
 	page_footer();
 }
 // Handle marking posts
 if ($mark_read == 'topics')
 {