Various updates, cleanups and support for URI based sessions ... more to come at some point

git-svn-id: file:///svn/phpbb/trunk@1179 89ea8834-ac86-4346-8a33-228a782c2dd0
2025-06-28 06:08:52 +00:00 · 2001-10-14 15:46:53 +00:00 · 2001-10-14 15:46:53 +00:00 · 4aeb685d3c
commit 4aeb685d3c
parent e31466a42f
19 changed files with 694 additions and 731 deletions
--- a/phpBB/admin/admin_board.php
+++ b/phpBB/admin/admin_board.php
@ -22,12 +22,11 @@ if($setmodules == 1)
 // Let's set the root dir for phpBB
 //
 $phpbb_root_dir = "./../";
 //
 // Include required files, get $phpEx and check permissions
 //
 require('pagestart.inc');
 //
 //
 //
 $sql = "SELECT *
 	FROM " . CONFIG_TABLE;
 if(!$result = $db->sql_query($sql))
@ -97,7 +96,7 @@ $smtp_yes = ($new['smtp_delivery']) ? "checked=\"checked\"" : "";
 $smtp_no = (!$new['smtp_delivery']) ? "checked=\"checked\"" : "";
 $template->set_filenames(array(
-	"body" => "admin/admin_config_body.tpl")
+	"body" => "admin/board_config_body.tpl")
 );
 $template->assign_vars(array(
--- a/phpBB/admin/admin_db_utilities.php
+++ b/phpBB/admin/admin_db_utilities.php
@ -37,29 +37,13 @@ if($setmodules == 1)
 	return;
 }
 $phpbb_root_path = "./../";
 include($phpbb_root_path . 'extension.inc');
 include($phpbb_root_path . 'common.'.$phpEx);
 //
-// Start session management
+// Load default header
 //
-$userdata = session_pagestart($user_ip, PAGE_INDEX, $session_length);
+$phpbb_root_dir = "./../";
-init_userprefs($userdata);
+$no_page_header = TRUE;
-//
+require('pagestart.inc');
-// End session management
+include($phpbb_root_path . 'includes/sql_parse.'.$phpEx);
 //
 //
 // Is user logged in? If yes are they an admin?
 //
 if( !$userdata['session_logged_in'] )
 {
 	header("Location: ../login.$phpEx?forward_page=admin/");
 }
 else if( $userdata['user_level'] != ADMIN )
 {
 	message_die(GENERAL_MESSAGE, $lang['Not_admin']);
 }
 //
 // Set VERBOSE to 1  for debugging info..
@ -72,16 +56,9 @@ define("VERBOSE", 0);
 //
@set_time_limit(1200);
-//
+// -----------------------
 // Pull in the functions for splitting an sql file into individual statements
 //
 include($phpbb_root_path . 'includes/sql_parse.'.$phpEx);
 //
 // The following functions are adapted from phpMyAdmin and upgrade_20.php
 //
 //
 // This function is used for grabbing the sequences for postgres...
 //
--- a/phpBB/admin/admin_forum_prune.php
+++ b/phpBB/admin/admin_forum_prune.php
@ -41,8 +41,9 @@ if( $setmodules == 1 )
 }
 //
-// Include required files, get $phpEx and check permissions
+// Load default header
 //
 $phpbb_root_dir = "./../";
 require('pagestart.inc');
 include($phpbb_root_path . 'includes/prune.php');
--- a/phpBB/admin/admin_forumauth.php
+++ b/phpBB/admin/admin_forumauth.php
@ -20,6 +20,8 @@
 *
 ***************************************************************************/
 define("IN_ADMIN", true);
 if($setmodules == 1)
 {
 	$filename = basename(__FILE__);
@ -29,10 +31,13 @@ if($setmodules == 1)
 }
 //
-// Include required files, get $phpEx and check permissions
+// Load default header
 //
 $phpbb_root_dir = "./../";
 $no_page_header = TRUE;
 require('pagestart.inc');
 //
 // Start program - define vars
 //
@ -67,7 +72,7 @@ $forum_auth_const = array(AUTH_ALL, AUTH_REG, AUTH_ACL, AUTH_MOD, AUTH_ADMIN);
 if(isset($HTTP_GET_VARS[POST_FORUM_URL]) || isset($HTTP_POST_VARS[POST_FORUM_URL]))
 {
-	$forum_id = (isset($HTTP_POST_VARS[POST_FORUM_URL])) ? $HTTP_POST_VARS[POST_FORUM_URL] : $HTTP_GET_VARS[POST_FORUM_URL];
+	$forum_id = (isset($HTTP_POST_VARS[POST_FORUM_URL])) ? intval($HTTP_POST_VARS[POST_FORUM_URL]) : intval($HTTP_GET_VARS[POST_FORUM_URL]);
 	$forum_sql = "AND forum_id = $forum_id";
 }
 else
@ -78,7 +83,7 @@ else
 if( isset($HTTP_GET_VARS['adv']) )
 {
-	$adv = $HTTP_GET_VARS['adv'];
+	$adv = intval($HTTP_GET_VARS['adv']);
 }
 else
 {
@ -124,6 +129,15 @@ if(isset($HTTP_POST_VARS['submit']))
 						$value = $HTTP_POST_VARS['auth_view'];
 					}
 				}
 				if($forum_auth_fields[$i] == 'auth_vote')
 				{
 					if( $HTTP_POST_VARS['auth_vote'] == AUTH_ALL )
 					{
 						$value = AUTH_REG;
 					}
 				}
 				$sql .= $forum_auth_fields[$i] . " = " . $value;
 				if($i < count($forum_auth_fields) - 1)
 				{
@ -143,11 +157,16 @@ if(isset($HTTP_POST_VARS['submit']))
 			}
 		}
 		unset($forum_id);
 		$forum_sql = "";
 		$adv = 0;
 	}
 	$template->assign_vars(array(
 		"META" => '<meta http-equiv="refresh" content="3;url=' . append_sid("admin_forumauth.$phpEx?" . POST_FORUM_URL . "=$forum_id") . '">')
 	);
 	$message = $lang['Forum_auth_updated'] . "<br /><br />" . $lang['Click'] . " <a href=\"" . append_sid("admin_forumauth.$phpEx?" . POST_FORUM_URL . "=$forum_id") . "\">" . $lang['Here'] . "</a> " . $lang['return_forum_auth_admin'];
 	message_die(GENERAL_MESSAGE, $message);
 }
 //
@ -234,7 +253,7 @@ else
 	if( empty($adv) )
 	{
-		$simple_auth = "&nbsp;<select name=\"simpleauth\">";
+		$simple_auth = "<select name=\"simpleauth\">";
 		for($j = 0; $j < count($simple_auth_types); $j++)
 		{
@ -250,7 +269,7 @@ else
 			}
 		}
-		$simple_auth .= "</select>&nbsp;";
+		$simple_auth .= "</select>";
 		$template->assign_block_vars("forum_auth_titles", array(
 			"CELL_TITLE" => $lang['Simple_mode'])
@ -299,7 +318,7 @@ else
 		}
 	}
-	$switch_mode = "admin_forumauth.$phpEx?" . POST_FORUM_URL . "=" . $forum_id . "&adv=";
+	$switch_mode = append_sid("admin_forumauth.$phpEx?" . POST_FORUM_URL . "=" . $forum_id . "&adv=");
 	$switch_mode .= ( empty($adv) ) ? "1" : "0";
 	$switch_mode_text = ( empty($adv) ) ? $lang['Advanced_mode'] : $lang['Simple_mode'];
 	$u_switch_mode = '<a href="' . $switch_mode . '">' . $switch_mode_text . '</a>';
@ -323,6 +342,8 @@ else
 }
 include('page_header_admin.'.$phpEx);
 $template->pparse("body");
 include('page_footer_admin.'.$phpEx);
--- a/phpBB/admin/admin_forums.php
+++ b/phpBB/admin/admin_forums.php
@ -27,6 +27,21 @@ if($setmodules==1)
 	return;
 }
 //
 // Load default header
 //
 $phpbb_root_dir = "./../";
 require('pagestart.inc');
 if( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) )
 {
 	$mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
 }
 else
 {
 	$mode = "";
 }
 // ------------------
 // Begin function block
 //
@ -189,47 +204,49 @@ function renumber_order($mode, $cat = 0)
 // ------------------
 //
-// Include required files, get $phpEx and check permissions
+// Begin program proper
 //
-require('pagestart.inc');
+if( isset($HTTP_POST_VARS['addforum']) || isset($HTTP_POST_VARS['addcategory']) )
 {
 	$mode = ( isset($HTTP_POST_VARS['addforum']) ) ? "addforum" : "addcat";
-if (isset($HTTP_POST_VARS['mode']))
+	if( $mode == "addforum" )
 	{
-	$mode = $HTTP_POST_VARS['mode'];
+		list($cat_id) = each($HTTP_POST_VARS['addforum']);
 		$forumname = $HTTP_POST_VARS['forumname'][$cat_id];
 	}
 elseif (isset($HTTP_GET_VARS['mode']))
 {
 	$mode = $HTTP_GET_VARS['mode'];
 }
 else
 {
 	unset($mode);
 }
-if(isset($mode))  // Are we supposed to do something?
+if( !empty($mode) ) 
 {
 	switch($mode)
 	{
 		case 'addforum':
 		case 'editforum':
 			//
 			// Show form to create/modify a forum
 			//
 			if ($mode == 'editforum')
 			{
 				// $newmode determines if we are going to INSERT or UPDATE after posting?
 				$newmode = 'modforum';
 				$buttonvalue = 'Change';
-				$forum_id = $HTTP_GET_VARS['forum_id'];
+				$l_title = $lang['Edit_forum'];
 				$newmode = 'modforum';
 				$buttonvalue = $lang['Update'];
 				$forum_id = intval($HTTP_GET_VARS['forum_id']);
 				$row = get_info('forum', $forum_id);
-				$forumname = $row['forum_name'];
+
 				$cat_id = $row['cat_id'];
 				$forumname = $row['forum_name'];
 				$forumdesc = $row['forum_desc'];
 				$forumstatus = $row['forum_status'];
 				//
 				// start forum prune stuff.
 				//
-				if( $row['prune_enable'] == 1 )
+				if( $row['prune_enable'] )
 				{
 					$prune_enabled = "checked=\"checked\"";
 					$sql = "SELECT *
@ -239,56 +256,69 @@ if(isset($mode))  // Are we supposed to do something?
 					{
 						 message_die(GENERAL_ERROR, "Auto-Prune: Couldn't read auto_prune table.", __LINE__, __FILE__);
        			}
 					$pr_row = $db->sql_fetchrow($pr_result);
 				}
 				else
 				{
 					$prune_enabled = '';
 				}
 			}
 			else
 			{
 				$l_title = $lang['Create_forum'];
 				$newmode = 'createforum';
-				$buttonvalue = 'Create';
+				$buttonvalue = $lang['Create_forum'];
 				$forumname = stripslashes($HTTP_POST_VARS['forumname']);
 				$cat_id = $HTTP_POST_VARS['cat_id'];
 				$forumdesc = '';
 				$forumstatus = FORUM_UNLOCKED;
 				$forum_id = ''; 
 				$prune_enabled = '';
 			}
 			$catlist = get_list('category', $cat_id, TRUE);
-			$forumstatus == FORUM_LOCKED ? $forumlocked = "selected=\"selected\"" : $forumunlocked = "selected=\"selected\"";
+			$forumstatus == ( FORUM_LOCKED ) ? $forumlocked = "selected=\"selected\"" : $forumunlocked = "selected=\"selected\"";
 			$statuslist = "<option value=\"" . FORUM_UNLOCKED . "\" $forumunlocked>Unlocked</option>\n";
 			$statuslist .= "<option value=\"" . FORUM_LOCKED . "\" $forumlocked>Locked</option>\n";
 			$template->set_filenames(array(
 				"body" => "admin/forum_edit_body.tpl")
 			);
 			$template->assign_vars(array(
-				'FORUMNAME' => $forumname,
+				'S_FORUM_ACTION' => append_sid("admin_forums.$phpEx"),
 				'DESCRIPTION' => $forumdesc,
 				'S_FORUM_ACTION' => $PHP_SELF,
 				'S_CATLIST' => $catlist,
 				'S_STATUSLIST' => $statuslist,
 				'S_FORUMID' => $forum_id,
 				'S_NEWMODE' => $newmode,
-				'S_PRUNE_EN' => $prune_enabled,
+				'S_PRUNE_ENABLED' => $prune_enabled,
-				'S_PRUNE_DAYS' => $pr_row['prune_days'],
+				'S_PRUNE_DAYS' => ( isset($pr_row['prune_days']) ) ? $pr_row['prune_days'] : 7,
-				'S_PRUNE_FREQ' => $pr_row['prune_freq'],
+				'S_PRUNE_FREQ' => ( isset($pr_row['prune_freq']) ) ? $pr_row['prune_freq'] : 1,
 				"L_FORUM_TITLE" => $l_title, 
 				"L_FORUM_EXPLAIN" => $lang['Forum_edit_delete_explain'], 
 				'L_ENABLED' => $lang['Enabled'],
 				'L_PRUNE_DAYS' => $lang['prune_days'],
 				'L_PRUNE_FREQ' => $lang['prune_freq'],
 				'L_DAYS' => $lang['days'],
 				'FORUMNAME' => $forumname,
 				'DESCRIPTION' => $forumdesc,
 				'BUTTONVALUE' => $buttonvalue)
 			);
 			$template->pparse("body");
 			break;
 		case 'createforum':
 			//
 			// Create a forum in the DB
-			if( trim($HTTP_POST_VARS['forumname']) == '')
+			//
 			if( trim($HTTP_POST_VARS['forumname']) == "" )
 			{
 				message_die(GENERAL_ERROR, "Can't create a forum without a name");
 			}
 			$sql = "SELECT MAX(forum_order) AS max_order
 				FROM " . FORUMS_TABLE . "
 				WHERE cat_id = " . $HTTP_POST_VARS['cat_id'];
@ -302,23 +332,24 @@ if(isset($mode))  // Are we supposed to do something?
 			$next_order = $max_order + 1;
 			// There is no problem having duplicate forum names so we won't check for it.
-			$sql = "INSERT INTO " . FORUMS_TABLE . " (forum_name, cat_id, forum_desc, forum_order, forum_status)
+			$sql = "INSERT INTO " . FORUMS_TABLE . " (forum_name, cat_id, forum_desc, forum_order, forum_status, prune_enable)
-				VALUES ('" . $HTTP_POST_VARS['forumname'] . "', " . $HTTP_POST_VARS['cat_id'] . ", '" . $HTTP_POST_VARS['forumdesc'] . "', $next_order, " . $HTTP_POST_VARS['forumstatus'] . ")";
+				VALUES ('" . $HTTP_POST_VARS['forumname'] . "', " . intval($HTTP_POST_VARS['cat_id']) . ", '" . $HTTP_POST_VARS['forumdesc'] . "', $next_order, " . intval($HTTP_POST_VARS['forumstatus']) . ", " . intval($HTTP_POST_VARS['prune_enable']) . ")";
 			if( !$result = $db->sql_query($sql) )
 			{
 				message_die(GENERAL_ERROR, "Couldn't insert row in forums table", "", __LINE__, __FILE__, $sql);
 			}
-			if( $HTTP_POST_VARS['prune_enable'] == TRUE )
+			if( $HTTP_POST_VARS['prune_enable'] )
 			{
 				$new_forum_id = $db->sql_nextid();
 				if($HTTP_POST_VARS['prune_days'] == "" || $HTTP_POST_VARS['prune_freq'] == "")
 				{
-					message_die(GENERAL_ERROR, $lang['Set_prune_data'], $lang['Error']);
+					message_die(GENERAL_MESSAGE, $lang['Set_prune_data']);
 				}
 				$sql = "INSERT INTO " . PRUNE_TABLE . " (forum_id, prune_days, prune_freq)
-					VALUES($new_forum_id, " . $HTTP_POST_VARS['prune_days'] . ", " . $HTTP_POST_VARS['prune_freq'] . ")";
+					VALUES($new_forum_id, " . intval($HTTP_POST_VARS['prune_days']) . ", " . intval($HTTP_POST_VARS['prune_freq']) . ")";
 				if( !$result = $db->sql_query($sql) )
 				{
 					message_die(GENERAL_ERROR, "Couldn't insert row in prune table", "", __LINE__, __FILE__, $sql);
@ -334,6 +365,7 @@ if(isset($mode))  // Are we supposed to do something?
 			{
 				$HTTP_POST_VARS['prune_enable'] = 0;
 			}
 			$sql = "UPDATE " . FORUMS_TABLE . "
 				SET forum_name = '" . $HTTP_POST_VARS['forumname'] . "', cat_id = " . $HTTP_POST_VARS['cat_id'] . ", forum_desc = '" . $HTTP_POST_VARS['forumdesc'] . "', forum_status = " . $HTTP_POST_VARS['forumstatus'] . ", prune_enable = " . $HTTP_POST_VARS['prune_enable'] . "
 				WHERE forum_id = ".$HTTP_POST_VARS['forum_id'];
@ -346,7 +378,7 @@ if(isset($mode))  // Are we supposed to do something?
 			{
 				if($HTTP_POST_VARS['prune_days'] == "" || $HTTP_POST_VARS['prune_freq'] == "")
 				{
-					message_die(GENERAL_ERROR, $lang['Set_prune_data'], $lang['Error']);
+					message_die(GENERAL_MESSAGE, $lang['Set_prune_data']);
 				}
 				$sql = "SELECT *
@ -379,10 +411,11 @@ if(isset($mode))  // Are we supposed to do something?
 		case 'addcat':
 			// Create a category in the DB
-			if( trim($HTTP_POST_VARS['catname']) == '')
+			if( trim($HTTP_POST_VARS['categoryname']) == '')
 			{
 				message_die(GENERAL_ERROR, "Can't create a category without a name");
 			}
 			$sql = "SELECT MAX(cat_order) AS max_order
 				FROM " . CATEGORIES_TABLE;
 			if( !$result = $db->sql_query($sql) )
@ -398,7 +431,7 @@ if(isset($mode))  // Are we supposed to do something?
 			// There is no problem having duplicate forum names so we won't check for it.
 			//
 			$sql = "INSERT INTO " . CATEGORIES_TABLE . " (cat_title, cat_order)
-				VALUES ('" . $HTTP_POST_VARS['catname'] . "', $next_order)";
+				VALUES ('" . $HTTP_POST_VARS['categoryname'] . "', $next_order)";
 			if( !$result = $db->sql_query($sql) )
 			{
 				message_die(GENERAL_ERROR, "Couldn't insert row in categories table", "", __LINE__, __FILE__, $sql);
@ -467,10 +500,12 @@ if(isset($mode))  // Are we supposed to do something?
 			break;
 		case 'movedelforum':
 			//
 			// Move or delete a forum in the DB
-			$from_id = $HTTP_POST_VARS['from_id'];
+			//
-			$to_id = $HTTP_POST_VARS['to_id'];
+			$from_id = intval($HTTP_POST_VARS['from_id']);
-			$delete_old = $HTTP_POST_VARS['delete_old'];
+			$to_id = intval($HTTP_POST_VARS['to_id']);
 			$delete_old = intval($HTTP_POST_VARS['delete_old']);
 			// Either delete or move all posts in a forum
@ -517,11 +552,15 @@ if(isset($mode))  // Are we supposed to do something?
 			}
 			$show_index = TRUE;
 			break;
 		case 'deletecat':
 			//
 			// Show form to delete a category
-			$cat_id = $HTTP_GET_VARS['cat_id'];
+			//
 			$cat_id = intval($HTTP_GET_VARS['cat_id']);
 			$buttonvalue = "Move&Delete";
 			$newmode = 'movedelcat';
 			$catinfo = get_info('category', $cat_id);
@ -537,7 +576,7 @@ if(isset($mode))  // Are we supposed to do something?
 				}
 				$count = $db->sql_fetchrow($result);
 				$count = $count['total'];
-				print "count = $count";
+
 				if ($count > 0)
 				{
 					message_die(GENERAL_ERROR, "You need to delete all forums before you can delete this category");
@ -559,7 +598,7 @@ if(isset($mode))  // Are we supposed to do something?
 			);
 			$template->assign_vars(array(
 				'NAME' => $name,
-				'S_FORUM_ACTION' => $PHP_SELF,
+				'S_FORUM_ACTION' => append_sid("admin_forums.$phpEx"), 
 				'S_FROM_ID' => $cat_id,
 				'S_SELECT_TO' => $select_to,
 				'S_NEWMODE' => $newmode,
@ -569,9 +608,11 @@ if(isset($mode))  // Are we supposed to do something?
 			break;
 		case 'movedelcat':
 			//
 			// Move or delete a category in the DB
-			$from_id = $HTTP_POST_VARS['from_id'];
+			//
-			$to_id = $HTTP_POST_VARS['to_id'];
+			$from_id = intval($HTTP_POST_VARS['from_id']);
 			$to_id = intval($HTTP_POST_VARS['to_id']);
 			if (isset($to_id))
 			{
@ -604,13 +645,18 @@ if(isset($mode))  // Are we supposed to do something?
 			}
 			$show_index = TRUE;
 			break;
 		case 'forum_order':
 			//
 			// Change order of forums in the DB
-			$move = $HTTP_GET_VARS['move'];
+			//
-			$forum_id = $HTTP_GET_VARS['forum_id'];
+			$move = intval($HTTP_GET_VARS['move']);
 			$forum_id = intval($HTTP_GET_VARS['forum_id']);
 			$forum_info = get_info('forum', $forum_id);
 			$cat_id = $forum_info['cat_id'];
 			$sql = "UPDATE " . FORUMS_TABLE . "
@ -620,14 +666,18 @@ if(isset($mode))  // Are we supposed to do something?
 			{
 				message_die(GENERAL_ERROR, "Couldn't change category order", "", __LINE__, __FILE__, $sql);
 			}
 			renumber_order('forum', $forum_info['cat_id']);
 			$show_index = TRUE;
 			break;
 		case 'cat_order':
 			//
 			// Change order of categories in the DB
-			$move = $HTTP_GET_VARS['move'];
+			//
-			$cat_id = $HTTP_GET_VARS['cat_id'];
+			$move = intval($HTTP_GET_VARS['move']);
 			$cat_id = intval($HTTP_GET_VARS['cat_id']);
 			$sql = "UPDATE " . CATEGORIES_TABLE . "
 				SET cat_order = cat_order + $move
@ -636,17 +686,20 @@ if(isset($mode))  // Are we supposed to do something?
 			{
 				message_die(GENERAL_ERROR, "Couldn't change category order", "", __LINE__, __FILE__, $sql);
 			}
 			renumber_order('category');
 			$show_index = TRUE;
 			break;
 		case 'forum_sync':
-			sync('forum', $HTTP_GET_VARS['forum_id']);
+			sync('forum', intval($HTTP_GET_VARS['forum_id']));
 			$show_index = TRUE;
 			break;
 		default:
-			message_die(GENERAL_ERROR, "Oops! Wrong mode..");
+			message_die(GENERAL_MESSAGE, $lang['No_mode']);
 			break;
 	}
 	if ($show_index != TRUE)
@ -660,7 +713,19 @@ if(isset($mode))  // Are we supposed to do something?
 // Start page proper
 //
 $template->set_filenames(array(
-	"body" => "admin/forums_body.tpl")
+	"body" => "admin/forum_admin_body.tpl")
 );
 $template->assign_vars(array(
 	"L_FORUM_TITLE" => $lang['Forum_admin'], 
 	"L_FORUM_EXPLAIN" => $lang['Forum_admin_explain'], 
 	"L_CREATE_FORUM" => $lang['Create_forum'], 
 	"L_CREATE_CATEGORY" => $lang['Create_category'], 
 	"L_EDIT" => $lang['Edit'], 
 	"L_DELETE" => $lang['Delete'], 
 	"L_MOVE_UP" => $lang['Move_up'], 
 	"L_MOVE_DOWN" => $lang['Move_down'], 
 	"L_RESYNC" => $lang['Resync'])
 );
 $sql = "SELECT cat_id, cat_title, cat_order
@ -685,9 +750,12 @@ if($total_categories = $db->sql_numrows($q_categories))
 	if( !$total_forums = $db->sql_numrows($q_forums) )
 	{
-		// We don't have any forums
+		$lang['No_forums'];
 		$template->assign_block_vars("no_forums", array());
 	}
 	$forum_rows = $db->sql_fetchrowset($q_forums);
 	//
@ -695,76 +763,56 @@ if($total_categories = $db->sql_numrows($q_categories))
 	//
 	$gen_cat = array();
 	for($i = 0; $i < $total_categories; $i++)
 	{
 		$cat_id = $category_rows[$i]['cat_id'];
 		$template->assign_block_vars("catrow", array( 
 			"S_ADD_FORUM_SUBMIT" => "addforum[$cat_id]", 
 			"S_ADD_FORUM_NAME" => "forumname[$cat_id]", 
 			"CAT_ID" => $cat_id,
-					"CAT_DESC" => stripslashes($category_rows[$i]['cat_title']),
+			"CAT_DESC" => $category_rows[$i]['cat_title'],
-					"CAT_EDIT" => "<a href='".append_sid("$PHP_SELF?mode=editcat&cat_id=$cat_id")."'>Edit</a>",
+
-					"CAT_DELETE" => "<a href='".append_sid("$PHP_SELF?mode=deletecat&cat_id=$cat_id")."'>Delete</a>",
+			"U_CAT_EDIT" => append_sid("admin_forums.$phpEx?mode=editcat&amp;cat_id=$cat_id"),
-					"CAT_UP" => "<a href='".append_sid("$PHP_SELF?mode=cat_order&move=-15&cat_id=$cat_id")."'>Move up</a>",
+			"U_CAT_DELETE" => append_sid("admin_forums.$phpEx?mode=deletecat&cat_id=$cat_id"),
-					"CAT_DOWN" => "<a href='".append_sid("$PHP_SELF?mode=cat_order&move=15&cat_id=$cat_id")."'>Move down</a>",
+			"U_CAT_MOVE_UP" => append_sid("admin_forums.$phpEx?mode=cat_order&move=-15&cat_id=$cat_id"),
-					"U_VIEWCAT" => append_sid($phpbb_root_path."index.$phpEx?viewcat=$cat_id"),
+			"U_CAT_MOVE_DOWN" => append_sid("admin_forums.$phpEx?mode=cat_order&move=15&cat_id=$cat_id"),
-					"U_ADDFORUM" => append_sid("$PHP_SELF?mode=addforum&cat_id=$cat_id"),
+			"U_VIEWCAT" => append_sid($phpbb_root_path."index.$phpEx?viewcat=$cat_id"))
 					"ADDFORUM" => "Add Forum")
 		);
 		for($j = 0; $j < $total_forums; $j++)
 		{
 			$forum_id = $forum_rows[$j]['forum_id'];
 			// Don't display this forum unless it's in this category..
 			if ($forum_rows[$j]['cat_id'] == $cat_id)
 			{
 				//
 				// This should end up in the template using IF...ELSE...ENDIF
 				//
 				$row_color == "#DDDDDD" ?	$row_color = "#CCCCCC" : $row_color = "#DDDDDD";
 				$template->assign_block_vars("catrow.forumrow",	array(
-					"FORUM_NAME" => stripslashes($forum_rows[$j]['forum_name']),
+					"FORUM_NAME" => $forum_rows[$j]['forum_name'],
-					"FORUM_DESC" => stripslashes($forum_rows[$j]['forum_desc']),
+					"FORUM_DESC" => $forum_rows[$j]['forum_desc'],
 					"ROW_COLOR" => $row_color,
 					"NUM_TOPICS" => $forum_rows[$j]['forum_topics'],
 					"NUM_POSTS" => $forum_rows[$j]['forum_posts'],
-					"U_VIEWFORUM" => append_sid($phpbb_root_path."viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id&" . $forum_rows[$j]['forum_posts']),
+
-					"FORUM_EDIT" => "<a href='".append_sid("$PHP_SELF?mode=editforum&forum_id=$forum_id")."'>Edit</a>",
+					"U_VIEWFORUM" => append_sid($phpbb_root_path."viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id&amp;" . $forum_rows[$j]['forum_posts']),
-					"FORUM_DELETE" => "<a href='".append_sid("$PHP_SELF?mode=deleteforum&forum_id=$forum_id")."'>Delete</a>",
+					"U_FORUM_EDIT" => append_sid("admin_forums.$phpEx?mode=editforum&amp;forum_id=$forum_id"),
-					"FORUM_UP" => "<a href='".append_sid("$PHP_SELF?mode=forum_order&move=-15&forum_id=$forum_id")."'>Move up</a>",
+					"U_FORUM_DELETE" => append_sid("admin_forums.$phpEx?mode=deleteforum&amp;forum_id=$forum_id"),
-					"FORUM_DOWN" => "<a href='".append_sid("$PHP_SELF?mode=forum_order&move=15&forum_id=$forum_id")."'>Move down</a>",
+					"U_FORUM_MOVE_UP" => append_sid("admin_forums.$phpEx?mode=forum_order&amp;move=-15&forum_id=$forum_id"),
-					"FORUM_SYNC" => "<a href='".append_sid("$PHP_SELF?mode=forum_sync&forum_id=$forum_id")."'>Sync</a>")
+					"U_FORUM_MOVE_DOWN" => append_sid("admin_forums.$phpEx?mode=forum_order&amp;move=15&forum_id=$forum_id"),
 					"U_FORUM_RESYNC" => append_sid("admin_forums.$phpEx?mode=forum_sync&amp;forum_id=$forum_id"))
 				);
 			}// if ... forumid == catid
 		} // for ... forums
-		$template->assign_block_vars("catrow.forumrow", array(
+
 			"S_ADDFORUM" => '<FORM METHOD="POST" ACTION="'.append_sid($PHP_SELF).'">
 					<INPUT TYPE="text" NAME="forumname">
 					<INPUT TYPE="hidden" NAME="cat_id" VALUE="'.$cat_id.'">
 					<INPUT TYPE="hidden" NAME="mode" VALUE="addforum">
 					<INPUT TYPE="submit" NAME="submit" VALUE="Create new Forum">',
 			"S_ADDFORUM_ENDFORM" => "</FORM>")
 		);
 	} // for ... categories
 }// if ... total_categories
 $template->assign_block_vars("catrow", array(
 	"S_ADDCAT" => '<FORM METHOD="POST" ACTION="'.append_sid($PHP_SELF).'">
 			<INPUT TYPE="text" NAME="catname">
 			<INPUT TYPE="hidden" NAME="mode" VALUE="addcat">
 			<INPUT TYPE="submit" NAME="submit" VALUE="Create new category">',
 	"S_ADDCAT_ENDFORM" => "</FORM>")
 );
 //
 // Generate the page
 //
 $template->pparse("body");
 //
 // Page Footer
 //
 include('page_footer_admin.'.$phpEx);
 ?>
--- a/phpBB/admin/admin_groupauth.php
+++ b/phpBB/admin/admin_groupauth.php
@ -28,30 +28,12 @@ if($setmodules == 1)
 	return;
 }
 $phpbb_root_path = "./../";
 include($phpbb_root_path . 'extension.inc');
 include($phpbb_root_path . 'common.'.$phpEx);
 //
-// Start session management
+// Load default header
 //
-$userdata = session_pagestart($user_ip, PAGE_INDEX, $session_length);
+$phpbb_root_dir = "./../";
-init_userprefs($userdata);
+$no_page_header = TRUE;
-//
+require('pagestart.inc');
 // End session management
 //
 //
 // Is user logged in? If yes are they an admin?
 //
 if( !$userdata['session_logged_in'] )
 {
 	header("Location: ../login.$phpEx?forward_page=admin/");
 }
 else if( $userdata['user_level'] != ADMIN )
 {
 	message_die(GENERAL_MESSAGE, $lang['Not_admin']);
 }
 //
 // Start program - define vars
@ -126,10 +108,13 @@ function a_auth_check_user($type, $key, $u_auth, $is_admin)
 // -------------
-if(isset($HTTP_POST_VARS['submit']) && !empty($HTTP_POST_VARS[POST_GROUPS_URL]))
+if( isset($HTTP_POST_VARS['submit']) && ( !empty($HTTP_POST_VARS[POST_GROUPS_URL]) || !empty($HTTP_GET_VARS[POST_GROUPS_URL]) ) )
 {
-	$group_id = $HTTP_POST_VARS[POST_GROUPS_URL];
+	//
-	$adv = (isset($HTTP_POST_VARS['adv'])) ? TRUE : FALSE;
+	// Front end
 	//
 	$group_id = ( !empty($HTTP_POST_VARS[POST_GROUPS_URL]) ) ? intval($HTTP_POST_VARS[POST_GROUPS_URL]) : intval($HTTP_GET_VARS[POST_GROUPS_URL]);
 	$adv = ( isset($HTTP_POST_VARS['adv']) ) ? TRUE : 0;
 	//
 	// This is where things become fun ...
@ -163,11 +148,6 @@ if(isset($HTTP_POST_VARS['submit']) && !empty($HTTP_POST_VARS[POST_GROUPS_URL]))
 			AND u.user_id = ug2.user_id
 			AND g2.group_id = ug2.group_id
 			AND aa2.group_id = g2.group_id";
 /*
 	$sql = "SELECT aa.*, g.group_single_user, g.group_id, g.group_name
 		FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug, " . GROUPS_TABLE. " g
 		WHERE g.group_id = $group_id
 			AND aa.group_id = g.group_id";*/
 	$ag_result = $db->sql_query($sql);
 	if( $num_g_access = $db->sql_numrows($ag_result) )
@ -519,58 +499,13 @@ if(isset($HTTP_POST_VARS['submit']) && !empty($HTTP_POST_VARS[POST_GROUPS_URL]))
 	}
 }
-else if(empty($HTTP_GET_VARS[POST_GROUPS_URL]))
+else if( !empty($HTTP_POST_VARS[POST_GROUPS_URL]) || !empty($HTTP_GET_VARS[POST_GROUPS_URL])  )
 {
 	//
 	// Default user selection box
 	//
 	// This should be altered on the final system
 	//
 	$sql = "SELECT group_id, group_name
 		FROM " . GROUPS_TABLE . "
 		WHERE group_single_user <> " . TRUE;
 	$g_result = $db->sql_query($sql);
 	$group_list = $db->sql_fetchrowset($g_result);
 	$select_list = "<select name=\"" . POST_GROUPS_URL . "\">";
 	for($i = 0; $i < count($group_list); $i++)
 	{
 		$select_list .= "<option value=\"" . $group_list[$i]['group_id'] . "\">" . $group_list[$i]['group_name'] . "</option>";
 	}
 	$select_list .= "</select>";
 	include('page_header_admin.'.$phpEx);
 	$template->set_filenames(array(
 		"body" => "admin/auth_select_body.tpl")
 	);
 	$template->assign_vars(array(
 		"L_AUTH_TITLE" => $lang['Group'] . " " . $lang['Auth_Control'],
 		"L_AUTH_EXPLAIN" => $lang['Group_auth_explain'],
 		"L_AUTH_SELECT" => $lang['Select_a'] . " " . $lang['Group'],
 		"L_LOOK_UP" => $lang['Look_up'] . " " . $lang['Group'],
 		"S_AUTH_ACTION" => append_sid("admin_groupauth.$phpEx"),
 		"S_AUTH_SELECT" => $select_list)
 	);
 }
 else
 {
 	//
 	// Front end
 	//
-	$group_id = $HTTP_GET_VARS[POST_GROUPS_URL];
+	$group_id = ( !empty($HTTP_POST_VARS[POST_GROUPS_URL]) ) ? intval($HTTP_POST_VARS[POST_GROUPS_URL]) : intval($HTTP_GET_VARS[POST_GROUPS_URL]);
-	if( isset($HTTP_GET_VARS['adv']) )
+	$adv = ( isset($HTTP_GET_VARS['adv']) ) ? $HTTP_GET_VARS['adv'] : 0;
 	{
 		$adv = $HTTP_GET_VARS['adv'];
 	}
 	else
 	{
 		$adv = FALSE;
 	}
 	include('page_header_admin.'.$phpEx);
@ -902,7 +837,43 @@ else
 		"S_AUTH_ACTION" => append_sid("admin_groupauth.$phpEx"),
 		"S_HIDDEN_FIELDS" => $s_hidden_fields)
 	);
 }
 else
 {
 	//
 	// Default user selection box
 	//
 	// This should be altered on the final system
 	//
 	$sql = "SELECT group_id, group_name
 		FROM " . GROUPS_TABLE . "
 		WHERE group_single_user <> " . TRUE;
 	$g_result = $db->sql_query($sql);
 	$group_list = $db->sql_fetchrowset($g_result);
 	$select_list = "<select name=\"" . POST_GROUPS_URL . "\">";
 	for($i = 0; $i < count($group_list); $i++)
 	{
 		$select_list .= "<option value=\"" . $group_list[$i]['group_id'] . "\">" . $group_list[$i]['group_name'] . "</option>";
 	}
 	$select_list .= "</select>";
 	include('page_header_admin.'.$phpEx);
 	$template->set_filenames(array(
 		"body" => "admin/auth_group_select_body.tpl")
 	);
 	$template->assign_vars(array(
 		"L_AUTH_TITLE" => $lang['Group'] . " " . $lang['Auth_Control'],
 		"L_AUTH_EXPLAIN" => $lang['Group_auth_explain'],
 		"L_AUTH_SELECT" => $lang['Select_a'] . " " . $lang['Group'],
 		"L_LOOK_UP" => $lang['Look_up'] . " " . $lang['Group'],
 		"S_AUTH_ACTION" => append_sid("admin_groupauth.$phpEx"),
 		"S_AUTH_SELECT" => $select_list)
 	);
 }
 $template->pparse("body");
--- a/phpBB/admin/admin_groups.php
+++ b/phpBB/admin/admin_groups.php
@ -29,39 +29,27 @@ if($setmodules == 1)
 }
 //
-// Include required files, get $phpEx and check permissions
+// Load default header
 //
-$phpbb_root_path = "./../";
+$phpbb_root_dir = "./../";
-include($phpbb_root_path . 'extension.inc');
+require('pagestart.inc');
 include($phpbb_root_path . 'common.'.$phpEx);
-//
+if( isset($HTTP_POST_VARS[POST_GROUPS_URL]) || isset($HTTP_GET_VARS[POST_GROUPS_URL]) )
 // Start session management
 //
 $userdata = session_pagestart($user_ip, PAGE_INDEX, $session_length);
 init_userprefs($userdata);
 //
 // End session management
 //
 if( !$userdata['session_logged_in'] )
 {
-	header("Location: ../login.$phpEx?forward_page=admin/");
+	$group_id = ( isset($HTTP_POST_VARS[POST_GROUPS_URL]) ) ? $HTTP_POST_VARS[POST_GROUPS_URL] : $HTTP_GET_VARS[POST_GROUPS_URL];
 }
-else if( $userdata['user_level'] != ADMIN )
+else
 {
-	message_die(GENERAL_MESSAGE, $lang['Not_admin']);
+	$group_id = "";
 }
 $mode = isset($HTTP_POST_VARS['mode']) ? $HTTP_POST_VARS['mode'] : ((isset($HTTP_GET_VARS['mode'])) ? $HTTP_GET_VARS['mode'] : "");
-if($mode && empty($HTTP_POST_VARS['updategroup']))
+if( isset($HTTP_POST_VARS['edit']) || isset($HTTP_POST_VARS['new']) )
 {
 	//
 	// Ok they are editing a group or creating a new group
 	//
-	include("page_header_admin." . $phpEx);
+	if ( isset($HTTP_POST_VARS['edit']) )
 	if ( $mode == "editgroup" )
 	{
 		//
 		// They're editing. Grab the vars.
@ -69,7 +57,7 @@ if($mode && empty($HTTP_POST_VARS['updategroup']))
 		$sql = "SELECT *
 			FROM " . GROUPS_TABLE . "
 			WHERE group_single_user <> " . TRUE . "
-			AND group_id = " . $g;
+			AND group_id = $group_id";
 		if(!$result = $db->sql_query($sql))
 		{
 			message_die(GENERAL_ERROR, "Error getting group information", "", __LINE__, __FILE__, $sql);
@ -79,8 +67,11 @@ if($mode && empty($HTTP_POST_VARS['updategroup']))
 			message_die(GENERAL_MESSAGE, "That user group does not exist");
 		}
 		$group_info = $db->sql_fetchrow($result);
 		$mode = "editgroup";
 	}
-	else if ($mode == "newgroup")
+	else if( isset($HTTP_POST_VARS['new']) )
 	{
 		$group_info = array (
 			"group_name" => "",
@ -89,6 +80,9 @@ if($mode && empty($HTTP_POST_VARS['updategroup']))
 			"group_type" => "1"
 		);
 		$group_open = "checked=\"checked\"";
 		$mode = "newgroup";
 	}
 	//
 	// Ok, now we know everything about them, let's show the page.
@ -98,34 +92,36 @@ if($mode && empty($HTTP_POST_VARS['updategroup']))
 		WHERE user_id <> " . ANONYMOUS . "
 		ORDER BY username";
 	$u_result = $db->sql_query($sql);
 	if( !$u_result )
 	{
 		message_die(GENERAL_ERROR, "Couldn't obtain user info for moderator list", "", __LINE__, __FILE__, $sql);
 	}
 	$user_list = $db->sql_fetchrowset($u_result);
 	$select_list = "<select name=\"group_moderator\">";
 	for($i = 0; $i < count($user_list); $i++)
 	{
-		if( $user_list[$i]['user_id'] == $group_info['group_moderator'] )
+		$selected = ( $user_list[$i]['user_id'] == $group_info['group_moderator'] ) ? "selected=\"selected\"" : "";
-		{
+		$select_list .= "<option value=\"" . $user_list[$i]['user_id'] . "\"$selected>" . $user_list[$i]['username'] . "</option>";
 			$select_list .= "<option selected value=\"" . $user_list[$i]['user_id'] . "\">" . $user_list[$i]['username'] . "</option>";
 		}
 		else
 		{
 			$select_list .= "<option value=\"" . $user_list[$i]['user_id'] . "\">" . $user_list[$i]['username'] . "</option>";
 		}
 	}
 	$select_list .= "</select>";
 	$group_open = ( !empty($group_info['group_type']) ) ? "checked=\"checked\"" : "";
 	$group_closed = ( empty($group_info['group_type']) ) ? "checked=\"checked\"" : "";
 	$template->set_filenames(array(
 		"body" => "admin/group_edit_body.tpl")
 	);
-	if( !empty($group_info['group_type']) )
+
-	{
+	$s_hidden_fields = '<input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="' . POST_GROUPS_URL . '" value="' . $group_id . '" />';
-		$group_open = "checked=\"checked\"";
+
 	}
 	else
 	{
 		$group_closed = "checked=\"checked\"";
 	}
 	$template->assign_vars(array(
-		"L_GROUP_INFO" => $lang['Group_edit_explain'],
+		"GROUP_NAME" => $group_info['group_name'],
 		"GROUP_DESCRIPTION" => $group_info['group_description'],
 		"L_GROUP_TITLE" => $lang['Group'] . " " . $lang['Admin'],
 		"L_GROUP_EDIT_DELETE" => ( isset($HTTP_POST_VARS['new']) ) ? $lang['New_group'] : $lang['Edit_group'], 
 		"L_GROUP_NAME" => $lang['group_name'],
 		"L_GROUP_DESCRIPTION" => $lang['group_description'],
 		"L_GROUP_MODERATOR" => $lang['group_moderator'],
@ -137,108 +133,95 @@ if($mode && empty($HTTP_POST_VARS['updategroup']))
 		"L_SUBMIT" => $lang['submit_group_changes'],
 		"L_RESET" => $lang['reset_group_changes'],
-		"S_GROUP_NAME" => $group_info['group_name'],
+		"S_SELECT_MODERATORS" => $select_list,
 		"S_GROUP_DESCRIPTION" => $group_info['group_description'],
 		"S_GROUP_MODERATOR" => $select_list,
 		"S_GROUP_OPEN_CHECKED" => $group_open,
 		"S_GROUP_CLOSED_CHECKED" => $group_closed,
 		"S_GROUP_ACTION" => append_sid("admin_groups.$phpEx"),
-		"S_GROUP_MODE" => $mode,
+		"S_HIDDEN_FIELDS" => $s_hidden_fields)
 		"GROUP_ID" => $g)
 	);
 	$template->pparse('body');
 }
-else if($mode && $HTTP_POST_VARS['updategroup'] == "update" )
+else if( isset($HTTP_POST_VARS['group_update']) )
 {
 	//
 	// Ok, they are submitting a group, let's save the data based on if it's new or editing
 	//
-	if( isset($HTTP_POST_VARS['deletegroup']) )
+	if( isset($HTTP_POST_VARS['group_delete']) )
 	{
 		$sql = "DELETE FROM " . GROUPS_TABLE . "
 			WHERE group_id = " . $group_id;
 		if ( !$result = $db->sql_query($sql) )
 		{
 			message_die(GENERAL_ERROR, "Couldn't update group", "", __LINE__, __FILE__, $sql);
 		}
 		message_die(GENERAL_MESSAGE, $lang['Deleted_group']);
 	}
 	else
 	{
 		$group_type = isset($HTTP_POST_VARS['group_type']) ? $HTTP_POST_VARS['group_type'] : "";
 		$group_name = isset($HTTP_POST_VARS['group_name']) ? $HTTP_POST_VARS['group_name'] : "";
 		$group_description = isset($HTTP_POST_VARS['group_description']) ? $HTTP_POST_VARS['group_description'] : "";
-		$group_moderator = isset($HTTP_POST_VARS['group_moderator']) ? $HTTP_POST_VARS['group_moderator'] : "";
+		$group_moderator = isset($HTTP_POST_VARS['group_moderator']) ? intval($HTTP_POST_VARS['group_moderator']) : "";
 		$group_id = isset($HTTP_POST_VARS['group_id']) ? $HTTP_POST_VARS['group_id'] : "";
-		switch($mode)
+		if( $group_name == "" )
 		{
-			case 'editgroup':
+			message_die(GENERAL_MESSAGE, $lang['No_group_name']);
 				$sql = "UPDATE " . GROUPS_TABLE . "
 					SET group_type = '" . $group_type . "',
 					group_name = '" . $group_name . "',
 					group_description = '" . $group_description . "',
 					group_moderator = '" . $group_moderator . "'
 					WHERE group_id = '" . $group_id . "'";
 				break;
 			case 'newgroup':
 				$sql = "INSERT INTO " . GROUPS_TABLE . "
 					(
 						group_type,
 						group_name,
 						group_description,
 						group_moderator,
 						group_single_user
 					)
 					VALUES
 					(
 						'" . $group_type . "',
 						'" . $group_name . "',
 						'" . $group_description . "',
 						'" . $group_moderator . "',
 						'0'
 					)";
 			break;
 			case 'default':
 				message_die(GENERAL_ERROR, $lang['Group_mode_not_selected']);
 			break;
 		}
 		else if( $group_moderator == "" )
 		{
 			message_die(GENERAL_MESSAGE, $lang['No_group_moderator']);
 		}
 		else if( $group_type == "" )
 		{
 			message_die(GENERAL_MESSAGE, $lang['No_group_mode']);
 		}
 		if( $mode == "editgroup" )
 		{
 			echo $sql = "UPDATE " . GROUPS_TABLE . "
 				SET group_type = $group_type, group_name = '" . $group_name . "', group_description = '" . $group_description . "', group_moderator = $group_moderator 
 				WHERE group_id = $group_id";
 			if ( !$result = $db->sql_query($sql) )
 			{
-		$error = TRUE;
+				message_die(GENERAL_ERROR, "Couldn't update group", "", __LINE__, __FILE__, $sql);
 			}
-	if ( $mode == "newgroup" )
+
 			message_die(GENERAL_MESSAGE, $lang['Updated_group']);
 		}
 		else if( $mode == "newgroup" )
 		{
 			$sql = "INSERT INTO " . GROUPS_TABLE . " (group_type, group_name, group_description, group_moderator, group_single_user) 
 				VALUES ($group_type, '" . $group_name . "', '" . $group_description . "', $group_moderator,	'0')";
 			if ( !$result = $db->sql_query($sql) )
 			{
 				message_die(GENERAL_ERROR, "Couldn't insert new group", "", __LINE__, __FILE__, $sql);
 			}
 			$new_group_id = $db->sql_nextid($result);
-		$sql = "INSERT INTO " . USER_GROUP_TABLE . "
+			$sql = "INSERT INTO " . USER_GROUP_TABLE . " (group_id, user_id, user_pending)
-			(
+				VALUES ($new_group_id, $group_moderator, 0)";
 				group_id,
 				user_id,
 				user_pending
 			)
 			VALUES
 			(
 				'" . $new_group_id . "',
 				'" . $group_moderator . "',
 				'0'
 			)";
 			if ( !$result = $db->sql_query($sql) )
 			{
-			$error = TRUE;
+				message_die(GENERAL_ERROR, "Couldn't insert new user-group info", "", __LINE__, __FILE__, $sql);
 			}
 	}
 	if ( isset($error) )
 	{
 		message_die(GENERAL_ERROR, $lang['Error_updating_groups'], $lang['Error'], __LINE__, __FILE__, $sql);
 	}
 	else
 	{
 		message_die(GENERAL_MESSAGE, $lang['Success_updating_groups'], $lang['Success']);
 	}
 }
 else
 {
 	include("page_header_admin." . $phpEx);
 			message_die(GENERAL_MESSAGE, $lang['Added_new_group']);
 		}
 		else
 		{
 			message_die(GENERAL_MESSAGE, $lang['Group_mode_not_selected']);
 		}
 	}
 }
 else
 {
 	$sql = "SELECT group_id, group_name
 		FROM " . GROUPS_TABLE . "
 		WHERE group_single_user <> " . TRUE . "
@ -262,7 +245,7 @@ else
 		"L_GROUP_EXPLAIN" => $lang['Group_admin_explain'],
 		"L_GROUP_SELECT" => $lang['Select_a'] . " " . $lang['Group'],
 		"L_LOOK_UP" => $lang['Look_up'] . " " . $lang['Group'],
-		"L_GROUP_NEW" => $lang['New_group'],
+		"L_CREATE_NEW_GROUP" => $lang['New_group'],
 		"S_GROUP_ACTION" => append_sid("admin_groups.$phpEx"),
 		"S_GROUP_SELECT" => $select_list)
@ -270,6 +253,7 @@ else
 	$template->pparse('body');
 }
 include('page_footer_admin.'.$phpEx);
 ?>
--- a/phpBB/admin/admin_mass_email.php
+++ b/phpBB/admin/admin_mass_email.php
@ -32,30 +32,13 @@ if($setmodules == 1)
        return;
 }
-$phpbb_root_path = "./../";
+//
-include($phpbb_root_path . 'extension.inc');
+// Load default header
-include($phpbb_root_path . 'common.'.$phpEx);
+//
 $phpbb_root_dir = "./../";
 $no_page_header = TRUE;
 require('pagestart.inc');
 //
 // Start session management
 //
 $userdata = session_pagestart($user_ip, PAGE_INDEX, $session_length);
 init_userprefs($userdata);
 //
 // End session management
 //
 //
 // Is user logged in? If yes are they an admin?
 //
 if( !$userdata['session_logged_in'] )
 {
        header("Location: ../login.$phpEx?forward_page=admin/");
 }
 else if( $userdata['user_level'] != ADMIN )
 {
        message_die(GENERAL_MESSAGE, $lang['Not_admin']);
 }
 //
 // Set VERBOSE to 1  for debugging info..
@ -67,7 +50,10 @@ define("VERBOSE", 0);
 // allowed.
 //
@set_time_limit(600);
 //
 // Set form names
 //
 $f_title = 'e_title';
 $f_msg = 'e_msg';
--- a/phpBB/admin/admin_ranks.php
+++ b/phpBB/admin/admin_ranks.php
@ -31,12 +31,9 @@ if($setmodules == 1)
 // Let's set the root dir for phpBB
 //
 $phpbb_root_dir = "./../";
 //
 // Include required files, get $phpEx and check permissions
 //
 require('pagestart.inc');
 if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
 {
 	$mode = ($HTTP_GET_VARS['mode']) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
@ -69,56 +66,41 @@ if( $mode != "" )
 		// They want to add a new rank, show the form.
 		//
-		$rank_id = ( isset($HTTP_GET_VARS['id']) ) ? $HTTP_GET_VARS['id'] : 0;
+		$rank_id = ( isset($HTTP_GET_VARS['id']) ) ? intval($HTTP_GET_VARS['id']) : 0;
-		$template->set_filenames(array(
+		$s_hidden_fields = "";
 			"body" => "admin/ranks_edit_body.tpl")
 		);
 		$s_hidden_fields = '';
 		if( $mode == "edit" )
 		{
-			if(	$rank_id )
+			if( empty($rank_id) )
 			{
 				message_die(GENERAL_MESSAGE, $lang['Must_select_rank']);
 			}
 			$sql = "SELECT * FROM " . RANKS_TABLE . "
 				WHERE rank_id = $rank_id";
 			if(!$result = $db->sql_query($sql))
 			{
-				
+				message_die(GENERAL_ERROR, "Couldn't obtain rank data", "", __LINE__, __FILE__, $sql);
 					$template->set_filenames(array(
 						"body" => "admin/admin_message_body.tpl")
 					);
 					$template->assign_vars(array(
 						"MESSAGE_TITLE" => $lang['Error'],
 						"MESSAGE_TEXT" => "Error querying ranks table")
 					);
 			}
 			$rank_info = $db->sql_fetchrow($result);
 			$s_hidden_fields .= '<input type="hidden" name="id" value="' . $rank_id . '" />';
 			}
 			else
 			{
 				$template->set_filenames(array(
 					"body" => "admin/admin_message_body.tpl")
 				);
 				$template->assign_vars(array(
 					"MESSAGE_TITLE" => $lang['Error'],
 					"MESSAGE_TEXT" => $lang['Must_select_rank'])
 				);
 			}
 		}
 		else
 		{
 			$rank_info['rank_special'] = 0;
 		}
 		$s_hidden_fields .= '<input type="hidden" name="mode" value="save" />';
-		$rank_is_special = ( $rank_info['rank_special'] == 1 ) ? "checked=\"checked\"" : "";
+
-		$rank_is_not_special = ( !($rank_info['rank_special'] == 1) ) ? "checked=\"checked\"" : "";
+		$rank_is_special = ( $rank_info['rank_special'] ) ? "checked=\"checked\"" : "";
 		$rank_is_not_special = ( !$rank_info['rank_special'] ) ? "checked=\"checked\"" : "";
 		$template->set_filenames(array(
 			"body" => "admin/ranks_edit_body.tpl")
 		);
 		$template->assign_vars(array(
 			"RANK" => $rank_info['rank_title'],
@ -126,7 +108,7 @@ if( $mode != "" )
 			"NOT_SPECIAL_RANK" => $rank_is_not_special,
 			"MINIMUM" => $rank_info['rank_min'],
 			"MAXIMUM" => $rank_info['rank_max'],
-			"IMAGE" => ( $rank_info['rank_image'] != "" ) ? $rank_info['rank_image'] : "http://",
+			"IMAGE" => ( $rank_info['rank_image'] != "" ) ? $rank_info['rank_image'] : "",
 			"IMAGE_DISPLAY" => ( $rank_info['rank_image'] != "" ) ? '<img src="' . $rank_info['rank_image'] . '" />' : "",
 			"L_RANKS_TITLE" => $lang['Ranks_title'],
@ -153,42 +135,35 @@ if( $mode != "" )
 		// Ok, they sent us our info, let's update it.
 		//
-		$rank_id = ( isset($HTTP_POST_VARS['id']) ) ? $HTTP_POST_VARS['id'] : 0;
+		$rank_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : 0;
 		$rank_title = ( isset($HTTP_POST_VARS['title']) ) ? $HTTP_POST_VARS['title'] : "";
-		$special_rank = ( $HTTP_POST_VARS['special_rank'] == 1 ) ? 1 : 0;
+		$special_rank = ( $HTTP_POST_VARS['special_rank'] == 1 ) ? TRUE : 0;
-		$max_posts = ( isset($HTTP_POST_VARS['max_posts']) ) ? $HTTP_POST_VARS['max_posts'] : -1;
+		$max_posts = ( isset($HTTP_POST_VARS['max_posts']) ) ? intval($HTTP_POST_VARS['max_posts']) : -1;
-		$min_posts = ( isset($HTTP_POST_VARS['min_posts']) ) ? $HTTP_POST_VARS['min_posts'] : -1;
+		$min_posts = ( isset($HTTP_POST_VARS['min_posts']) ) ? intval($HTTP_POST_VARS['min_posts']) : -1;
 		$rank_image = ( (isset($HTTP_POST_VARS['rank_image'])) || $HTTP_POST_VARS['rank_image'] != "http://" ) ? $HTTP_POST_VARS['rank_image'] : "";
 		if( $rank_title == "" )
 		{
-				$template->set_filenames(array(
+			message_die(GENERAML_MESSAGE, $lang['Must_select_rank']);
 					"body" => "admin/admin_message_body.tpl")
 				);
 				$template->assign_vars(array(
 					"MESSAGE_TITLE" => $lang['Error'],
 					"MESSAGE_TEXT" => $lang['Must_select_rank'])
 				);
 		}
 		if( $special_rank == 1 )
 		{
 			$max_posts = -1;
 			$min_posts = -1;
 		}
-		// The rank image has to start with http://, followed by something with length at least 3 that
+
-		// contains at least one dot.
+		//
 		// The rank image has to be a jpg, gif or png
 		//
 		if($rank_image != "")
 		{
-			if( !ereg("^http\:\/\/", $rank_image) )
+			if ( !preg_match("/(\.gif|\.png|\.jpg)$/is", $rank_image))
 			{
 				$rank_image = "http://" . $rank_image;
 			}
 			if (!preg_match("#^http\\:\\/\\/[a-z0-9\-]+\.[a-z0-9\-]+#i", $rank_image))
 			{
 				$rank_image = "";
 			}
 		}
 		if( $rank_id )
 		{
 			$sql = "UPDATE " . RANKS_TABLE . "
@ -199,7 +174,7 @@ if( $mode != "" )
 					rank_min = '$min_posts',
 					rank_image = '$rank_image'
 				WHERE rank_id = $rank_id";
-			$message_success = $lang['Rank_updated'];
+			$message = $lang['Rank_updated'];
 		}
 		else
 		{
@ -207,31 +182,20 @@ if( $mode != "" )
 					(rank_title, rank_special, rank_max, rank_min, rank_image)
 				VALUES
 					('$rank_title', '$special_rank', '$max_posts', '$min_posts', '$rank_image')";
-			$message_success = $lang['Rank_added'];
+			$message = $lang['Rank_added'];
 		}
 		if( !$result = $db->sql_query($sql) )
 		{
-				$template->set_filenames(array(
+			message_die(GENERAL_ERROR, "Couldn't update/insert into ranks table", "", __LINE__, __FILE__, $sql);
-					"body" => "admin/admin_message_body.tpl")
+		}
 				);
 		$template->assign_vars(array(
-					"MESSAGE_TITLE" => $lang['Error'],
+			"META" => '<meta http-equiv="refresh" content="3;url=' . append_sid("admin_ranks.$phpEx") . '">')
 					"MESSAGE_TEXT" => "Couldn't update ranks table<br>SQL: ".$sql)
 				);
 		}
 		else
 		{
 				$template->set_filenames(array(
 					"body" => "admin/admin_message_body.tpl")
 		);
 		$message .= "<br /><br />" . $lang['Click'] . " <a href=\"" . append_sid("admin_ranks.$phpEx") . "\">" . $lang['Here'] . "</a> " . $lang['return_rank_admin'];
 		message_die(GENERAL_MESSAGE, $message);
 				$template->assign_vars(array(
 					"MESSAGE_TITLE" => $lang['Success'],
 					"MESSAGE_TEXT" => $message_success)
 				);
 		}
 	}
 	else if( $mode == "delete" )
 	{
@ -241,7 +205,7 @@ if( $mode != "" )
 		if( isset($HTTP_POST_VARS['id']) || isset($HTTP_GET_VARS['id']) )
 		{
-			$rank_id = ( isset($HTTP_POST_VARS['id']) ) ? $HTTP_POST_VARS['id'] : $HTTP_GET_VARS['id'];
+			$rank_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : intval($HTTP_GET_VARS['id']);
 		}
 		else
 		{
@ -255,37 +219,22 @@ if( $mode != "" )
 			if( !$result = $db->sql_query($sql))
 			{
-				$template->set_filenames(array(
+				message_die(GENERAL_ERROR, "Couldn't delete rank data", "", __LINE__, __FILE__, $sql);
-					"body" => "admin/admin_message_body.tpl")
+			}
 				);
 			$template->assign_vars(array(
-					"MESSAGE_TITLE" => $lang['Error'],
+				"META" => '<meta http-equiv="refresh" content="3;url=' . append_sid("admin_ranks.$phpEx") . '">')
 					"MESSAGE_TEXT" => "Could not remove data from ranks table.")
 			);
 			$message = $lang['Rank_removed'] . "<br /><br />" . $lang['Click'] . " <a href=\"" . append_sid("admin_ranks.$phpEx") . "\">" . $lang['Here'] . "</a> " . $lang['return_rank_admin'];
 			message_die(GENERAL_MESSAGE, $message);
 		}
 		else
 		{
 				$template->set_filenames(array(
 					"body" => "admin/admin_message_body.tpl")
 				);
 			$template->assign_vars(array(
-					"MESSAGE_TITLE" => $lang['Success'],
+				"META" => '<meta http-equiv="refresh" content="3;url=' . append_sid("admin_ranks.$phpEx") . '">')
 					"MESSAGE_TEXT" => $lang['Rank_removed'])
 				);
 			}
 		}
 		else
 		{
 			$template->set_filenames(array(
 				"body" => "admin/admin_message_body.tpl")
 			);
 			$template->assign_vars(array(
 				"MESSAGE_TITLE" => $lang['Error'],
 				"MESSAGE_TEXT" => $lang['Must_select_rank'])
 			);
 			message_die(GENERAL_MESSAGE, $lang['Must_select_rank']);
 		}
 	}
 	else
@ -302,14 +251,7 @@ if( $mode != "" )
 			ORDER BY rank_title";
 		if( !$result = $db->sql_query($sql) )
 		{
-			$template->set_filenames(array(
+			message_die(GENERAL_ERROR, "Couldn't obtain ranks data", "", __LINE__, __FILE__, $sql);
 				"body" => "admin/admin_message_body.tpl")
 			);
 			$template->assign_vars(array(
 				"MESSAGE_TITLE" => $lang['Error'],
 				"MESSAGE_TEXT" => "Could not query ranks table")
 			);
 		}
 		$rank_rows = $db->sql_fetchrowset($result);
@ -341,9 +283,10 @@ if( $mode != "" )
 				"ROW_COLOR" => "#" . $row_color,
 				"ROW_CLASS" => $row_class,
 				"RANK" => $rank,
-				"SPECIAL_RANK" => ( $special_rank == 1 ) ? "Yes" : "No",
+				"SPECIAL_RANK" => ( $special_rank == 1 ) ? $lang['Yes'] : $lang['No'],
-				"U_RANK_EDIT" => append_sid("admin_ranks.$phpEx?mode=edit&id=$rank_id"),
+
-				"U_RANK_DELETE" => append_sid("admin_ranks.$phpEx?mode=delete&id=$rank_id"))
+				"U_RANK_EDIT" => append_sid("admin_ranks.$phpEx?mode=edit&amp;id=$rank_id"),
 				"U_RANK_DELETE" => append_sid("admin_ranks.$phpEx?mode=delete&amp;id=$rank_id"))
 			);
 		}
 	}
@ -362,18 +305,11 @@ else
 		ORDER BY rank_title";
 	if( !$result = $db->sql_query($sql) )
 	{
-		$template->set_filenames(array(
+		message_die(GENERAL_ERROR, "Couldn't obtain ranks data", "", __LINE__, __FILE__, $sql);
 			"body" => "admin/admin_message_body.tpl")
 		);
 		$template->assign_vars(array(
 			"MESSAGE_TITLE" => $lang['Error'],
 			"MESSAGE_TEXT" => "Could not query ranks table.")
 		);
 	}
 	$rank_count = $db->sql_numrows($result);
 	$rank_rows = $db->sql_fetchrowset($result);
 	$rank_count = count($rank_rows);
 	$template->assign_vars(array(
 		"L_RANKS_TITLE" => $lang['Ranks_title'],
@ -396,15 +332,16 @@ else
 		$row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
 		$row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
-		$rank_is_special = ( $special_rank == 1 ) ? "Yes" : "No";
+		$rank_is_special = ( $special_rank == 1 ) ? $lang['Yes'] : $lang['No'];
 		$template->assign_block_vars("ranks", array(
 			"ROW_COLOR" => "#" . $row_color,
 			"ROW_CLASS" => $row_class,
 			"RANK" => $rank,
 			"SPECIAL_RANK" => $rank_is_special,
-			"U_RANK_EDIT" => append_sid("admin_ranks.$phpEx?mode=edit&id=$rank_id"),
+
-			"U_RANK_DELETE" => append_sid("admin_ranks.$phpEx?mode=delete&id=$rank_id"))
+			"U_RANK_EDIT" => append_sid("admin_ranks.$phpEx?mode=edit&amp;id=$rank_id"),
 			"U_RANK_DELETE" => append_sid("admin_ranks.$phpEx?mode=delete&amp;id=$rank_id"))
 		);
 	}
 }
--- a/phpBB/admin/admin_smilies.php
+++ b/phpBB/admin/admin_smilies.php
@ -35,27 +35,41 @@ if($setmodules == 1)
 }
 //
-// Include required files register $phpEx, and check permisions
+// Load default header
 //
 $phpbb_root_dir = "./../";
 require('pagestart.inc');
 //
 // Check to see what mode we should operate in.
 //
-$mode = ($HTTP_GET_VARS['mode']) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
+if( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) )
 {
 	$mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
 }
 else
 {
 	$mode = "";
 }
 //
 // Read a listing of uploaded smilies for use in the add or edit smliey code...
 //
-$dir = opendir($phpbb_root_path . $board_config['smilies_path']);
+$dir = @opendir($phpbb_root_path . $board_config['smilies_path']);
-while($file = readdir($dir))
+
 while($file = @readdir($dir))
 {
-	if(!is_dir($phpbb_root_path . $board_config['smilies_path'] . '/' . $file))
+	if( !@is_dir($phpbb_root_path . $board_config['smilies_path'] . '/' . $file) )
 	{
 		$smiley_images[] = $file;
 	}
 }
@closedir($dir);
 //
 // Select main mode
 //
 switch($mode)
 {
 	case 'delete':
@ -63,30 +77,24 @@ switch($mode)
 		// Admin has selected to delete a smiley.
 		//
-		$smiley_id = ( !empty($HTTP_GET_VARS['id']) ) ? $HTTP_GET_VARS['id'] : $HTTP_POST_VARS['id'];
+		$smiley_id = ( !empty($HTTP_POST_VARS['id']) ) ? $HTTP_POST_VARS['id'] : $HTTP_GET_VARS['id'];
 		$sql = "DELETE FROM " . SMILIES_TABLE . "
 			WHERE smilies_id = " . $smiley_id;
 		$result = $db->sql_query($sql);
 		if( !$result )
 		{
-			message_die(GENERAL_ERROR, $lang['smile_remove_err'], "", __LINE__, __FILE__, $sql);
+			message_die(GENERAL_ERROR, "Couldn't delete smiley", "", __LINE__, __FILE__, $sql);
 		}
 		$template->set_filenames(array(
-			"body" => "admin/smile_result_body.tpl")
+			"body" => "admin/admin_message_body.tpl")
 		);
 		$template->assign_vars(array(
-			"U_SMILEY_ADMIN" => append_sid("admin_smilies.$phpEx"),
+			"MESSAGE_TITLE" => $lang['smiley_title'],
-
+			"MESSAGE_TEXT" => $lang['smiley_del_success'])
 			"L_SMILEY_TITLE" => $lang['smiley_title'],
 			"L_SMILEY_TEXT" => $lang['smiley_return'],
 			"L_SMILEY_ACTION" => $lang['smiley_del_success'])
 		);
 		//
 		// Spit out some feedback to the user.
 		//
 		$template->pparse("body");
 		break;
@ -95,7 +103,7 @@ switch($mode)
 		// Admin has selected to edit a smiley.
 		//
-		$smiley_id = ( !empty($HTTP_GET_VARS['id']) ) ? $HTTP_GET_VARS['id'] : $HTTP_POST_VARS['id'];
+		$smiley_id = ( !empty($HTTP_POST_VARS['id']) ) ? $HTTP_POST_VARS['id'] : $HTTP_GET_VARS['id'];
 		$sql = "SELECT *
 			FROM " . SMILIES_TABLE . "
@ -135,7 +143,7 @@ switch($mode)
 			"L_SMILEY_TITLE" => $lang['smiley_title'],
 			"L_SMILEY_CONFIG" => $lang['smiley_config'],
-			"L_SMILEY_EXPLAIN" => $lang['smiley_instr'],
+			"L_SMILEY_EXPLAIN" => $lang['smile_desc'],
 			"L_SMILEY_CODE" => $lang['smiley_code'],
 			"L_SMILEY_URL" => $lang['smiley_url'],
 			"L_SMILEY_EMOTION" => $lang['smiley_emot'],
@ -200,10 +208,10 @@ switch($mode)
 		// Get the submitted data, being careful to ensure that we only
 		// accept the data we are looking for.
 		//
-		$smile_code = ($HTTP_POST_VARS['smile_code']) ? $HTTP_POST_VARS['smile_code'] : $HTTP_GET_VARS['smile_code'];
+		$smile_code = ( isset($HTTP_POST_VARS['smile_code']) ) ? $HTTP_POST_VARS['smile_code'] : $HTTP_GET_VARS['smile_code'];
-		$smile_url = ($HTTP_POST_VARS['smile_url']) ? $HTTP_POST_VARS['smile_url'] : $HTTP_GET_VARS['smile_url'];
+		$smile_url = ( isset($HTTP_POST_VARS['smile_url']) ) ? $HTTP_POST_VARS['smile_url'] : $HTTP_GET_VARS['smile_url'];
-		$smile_emotion = ($HTTP_POST_VARS['smile_emotion']) ? $HTTP_POST_VARS['smile_emotion'] : $HTTP_GET_VARS['smile_emotion'];
+		$smile_emotion = ( isset($HTTP_POST_VARS['smile_emotion']) ) ? $HTTP_POST_VARS['smile_emotion'] : $HTTP_GET_VARS['smile_emotion'];
-		$smile_id = intval(($HTTP_POST_VARS['smile_id']) ? $HTTP_POST_VARS['smile_id'] : $HTTP_GET_VARS['smile_id']);
+		$smile_id = ( isset($HTTP_POST_VARS['smile_id']) ) ? intval($HTTP_POST_VARS['smile_id']) : intval($HTTP_GET_VARS['smile_id']);
 		//
 		// Proceed with updating the smiley table.
@ -214,21 +222,17 @@ switch($mode)
 		$result = $db->sql_query($sql);
 		if( !$result )
 		{
-			message_die(GENERAL_ERROR, $lang['smile_edit_err'], "", __LINE__, __FILE__, $sql);
+			message_die(GENERAL_ERROR, "Couldn't update smilies info", "", __LINE__, __FILE__, $sql);
 		}
 		$template->set_filenames(array(
-			"body" => "admin/smile_result_body.tpl")
+			"body" => "admin/admin_message_body.tpl")
 		);
 		$template->assign_vars(array(
-			"U_SMILEY_ADMIN" => append_sid("admin_smilies.$phpEx"), 
+			"MESSAGE_TITLE" => $lang['smiley_title'],
-
+			"MESSAGE_TEXT" => $lang['smiley_edit_success'])
 			"L_SMILEY_TITLE" => $lang['smiley_title'],
 			"L_SMILEY_TEXT" => $lang['smiley_return'],
 			"L_SMILEY_ACTION" => $lang['smiley_edit_success'])
 		);
 		$template->pparse("body");
 		break;
@ -241,9 +245,9 @@ switch($mode)
 		// Get the submitted data being careful to ensure the the data
 		// we recieve and process is only the data we are looking for.
 		//
-		$smile_code = ($HTTP_POST_VARS['smile_code']) ? $HTTP_POST_VARS['smile_code'] : $HTTP_GET_VARS['smile_code'];
+		$smile_code = ( isset($HTTP_POST_VARS['smile_code']) ) ? $HTTP_POST_VARS['smile_code'] : $HTTP_GET_VARS['smile_code'];
-		$smile_url = ($HTTP_POST_VARS['smile_url']) ? $HTTP_POST_VARS['smile_url'] : $HTTP_GET_VARS['smile_url'];
+		$smile_url = ( isset($HTTP_POST_VARS['smile_url']) ) ? $HTTP_POST_VARS['smile_url'] : $HTTP_GET_VARS['smile_url'];
-		$smile_emotion = ($HTTP_POST_VARS['smile_emotion']) ? $HTTP_POST_VARS['smile_emotion'] : $HTTP_GET_VARS['smile_emotion'];
+		$smile_emotion = ( isset($HTTP_POST_VARS['smile_emotion']) ) ? $HTTP_POST_VARS['smile_emotion'] : $HTTP_GET_VARS['smile_emotion'];
 		//
 		// Save the data to the smiley table.
@ -253,21 +257,17 @@ switch($mode)
 		$result = $db->sql_query($sql);
 		if( !$result )
 		{
-			message_die(GENERAL_ERROR, $lang['smile_edit_err'], "", __LINE__, __FILE__, $sql);
+			message_die(GENERAL_ERROR, "Couldn't insert new smiley", "", __LINE__, __FILE__, $sql);
 		}
 		$template->set_filenames(array(
-			"body" => "admin/smile_result_body.tpl")
+			"body" => "admin/admin_message_body.tpl")
 		);
 		$template->assign_vars(array(
-			"U_SMILEY_ADMIN" => append_sid("admin_smilies.$phpEx"), 
+			"MESSAGE_TITLE" => $lang['smiley_title'],
-
+			"MESSAGE_TEXT" => $lang['smiley_add_success'])
 			"L_SMILEY_TITLE" => $lang['smiley_title'],
 			"L_SMILEY_TEXT" => $lang['smiley_return'],
 			"L_SMILEY_ACTION" => $lang['smiley_add_success'])
 		);
 		$template->pparse("body");
 		break;
@ -281,7 +281,7 @@ switch($mode)
 		$result = $db->sql_query($sql);
 		if( !$result )
 		{
-			message_die(GENERAL_ERROR, $lang['smile_load_err'], "", __LINE__, __FILE__, $sql);
+			message_die(GENERAL_ERROR, "Couldn't obtain smileys from database", "", __LINE__, __FILE__, $sql);
 		}
 		$smilies = $db->sql_fetchrowset($result);
@ -318,6 +318,7 @@ switch($mode)
 			$template->assign_block_vars("smiles", array(
 				"ROW_COLOR" => "#" . $row_color,
 				"ROW_CLASS" => $row_class,
 				"SMILEY_IMG" =>  $phpbb_root_path . '/' . $board_config['smilies_path'] . '/' . $smilies[$i]['smile_url'], 
 				"CODE" => $smilies[$i]['code'],
 				"EMOT" => $smilies[$i]['emoticon'],
@ -326,12 +327,14 @@ switch($mode)
 				"U_SMILEY_DELETE" => append_sid("admin_smilies.$phpEx?mode=delete&amp;id=" . $smilies[$i]['smilies_id']))
 			);
 		}
 		//
 		// Spit out the page.
 		//
 		$template->pparse("body");
 		break;
 }
 //
 // Page Footer
 //
--- a/phpBB/admin/admin_styles.php
+++ b/phpBB/admin/admin_styles.php
@ -0,0 +1,49 @@
 <?php
 /***************************************************************************
 *                              admin_words.php
 *                            -------------------
 *   begin                : Thursday, Jul 12, 2001
 *   copyright            : (C) 2001 The phpBB Group
 *   email                : support@phpbb.com
 *
 *   $Id$
 *
 *
 ***************************************************************************/
 /***************************************************************************
 *
 *   This program is free software; you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation; either version 2 of the License, or
 *   (at your option) any later version.
 *
 ***************************************************************************/
 if($setmodules == 1)
 {
 	$file = basename(__FILE__);
 	$module['Styles']['Add_new'] = "$file?mode=addnew";
 	$module['Styles']['Create_new'] = "$file?mode=addnew";
 	$module['Styles']['Manage'] = "$file";
 	return;
 }
 //
 // Load default header
 //
 $phpbb_root_dir = "./../";
 require('pagestart.inc');
 if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
 {
 	$mode = ($HTTP_GET_VARS['mode']) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
 }
 else 
 {
 	$mode = "";
 }
 include('page_footer_admin.'.$phpEx);
 ?>
--- a/phpBB/admin/admin_user_ban.php
+++ b/phpBB/admin/admin_user_ban.php
@ -30,16 +30,23 @@ if($setmodules == 1)
 }
 //
-// Include required files, get $phpEx and check permissions
+// Load default header
 //
 $phpbb_root_dir = "./../";
 require('pagestart.inc');
 if( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) )
 {
 	$mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
 }
 else
 {
 	$mode = "unban";
 }
 //
 // Start program
 //
 $mode = (isset($HTTP_GET_VARS['mode'])) ? $HTTP_GET_VARS['mode'] : "unban";
 if( isset($HTTP_POST_VARS['submit']) && isset($HTTP_POST_VARS['bancontrol']) )
 {
 	if($HTTP_POST_VARS['bancontrol'] == "ban")
@ -348,7 +355,7 @@ else
 		$sql = "SELECT user_id, username
 			FROM " . USERS_TABLE . "
 			WHERE user_id <> " . ANONYMOUS . "
-			ORDER BY user_id ASC";
+			ORDER BY username ASC";
 		$u_result = $db->sql_query($sql);
 		$user_list = $db->sql_fetchrowset($u_result);
--- a/phpBB/admin/admin_userauth.php
+++ b/phpBB/admin/admin_userauth.php
@ -28,31 +28,24 @@ if($setmodules == 1)
 	return;
 }
-$phpbb_root_path = "./../";
+//
-include($phpbb_root_path . 'extension.inc');
+// Load default header
-include($phpbb_root_path . 'common.'.$phpEx);
+//
 $phpbb_root_dir = "./../";
 $no_page_header = TRUE;
 require('pagestart.inc');
 //
 // Start session management
 //
 $userdata = session_pagestart($user_ip, PAGE_INDEX, $session_length);
 init_userprefs($userdata);
 //
 // End session management
 //
-//
+if( isset($HTTP_POST_VARS[POST_USERS_URL]) || isset($HTTP_GET_VARS[POST_USERS_URL]) )
 // Is user logged in? If yes are they an admin?
 //
 if( !$userdata['session_logged_in'] )
 {
-	header("Location: ../login.$phpEx?forward_page=admin/");
+	$user_id = ( isset($HTTP_POST_VARS[POST_USERS_URL]) ) ? $HTTP_POST_VARS[POST_USERS_URL] : $HTTP_GET_VARS[POST_USERS_URL];
 }
-else if( $userdata['user_level'] != ADMIN )
+else
 {
-	message_die(GENERAL_MESSAGE, $lang['Not_admin']);
+	$user_id = "";
 }
 //
 // Start program - define vars
 //
@ -130,8 +123,8 @@ function a_auth_check_user($type, $key, $u_auth, $is_admin)
 //
 if(isset($HTTP_POST_VARS['submit']) && !empty($HTTP_POST_VARS[POST_USERS_URL]))
 {
-	$user_id = $HTTP_POST_VARS[POST_USERS_URL];
+	$user_id = intval($HTTP_POST_VARS[POST_USERS_URL]);
-	$adv = (isset($HTTP_POST_VARS['adv'])) ? TRUE : FALSE;
+	$adv = (isset($HTTP_POST_VARS['adv'])) ? TRUE : 0;
 	//
 	// This is where things become fun ...
@ -223,7 +216,6 @@ if(isset($HTTP_POST_VARS['submit']) && !empty($HTTP_POST_VARS[POST_USERS_URL]))
 		}
 		header("Location: " . append_sid("admin_userauth.$phpEx?" . POST_USERS_URL . "=$user_id"));
 	}
 	else
 	{
@ -583,58 +575,19 @@ if(isset($HTTP_POST_VARS['submit']) && !empty($HTTP_POST_VARS[POST_USERS_URL]))
 		}
 	}
 }
-else if(empty($HTTP_GET_VARS[POST_USERS_URL]))
+else if( isset($HTTP_POST_VARS['username']) || $user_id)
 {
 	//
 	// Default user selection box
 	//
 	// This should be altered on the final system
 	//
-	$sql = "SELECT user_id, username
+	if( isset($HTTP_POST_VARS['username']) )
 		FROM " . USERS_TABLE . "
 		WHERE user_id <> " . ANONYMOUS;
 	$u_result = $db->sql_query($sql);
 	$user_list = $db->sql_fetchrowset($u_result);
 	$select_list = "<select name=\"" . POST_USERS_URL . "\">";
 	for($i = 0; $i < count($user_list); $i++)
 	{
-		$select_list .= "<option value=\"" . $user_list[$i]['user_id'] . "\">" . $user_list[$i]['username'] . "</option>";
+		$this_userdata = get_userdata($HTTP_POST_VARS['username']);
 		$user_id = $this_userdata['user_id'];
 	}
 	$select_list .= "</select>";
 	include('page_header_admin.'.$phpEx);
 	$template->set_filenames(array(
 		"body" => "admin/auth_select_body.tpl")
 	);
 	$template->assign_vars(array(
 		"L_AUTH_TITLE" => $lang['User'] . " " . $lang['Auth_Control'],
 		"L_AUTH_EXPLAIN" => $lang['User_auth_explain'],
 		"L_AUTH_SELECT" => $lang['Select_a'] . " " . $lang['User'],
 		"L_LOOK_UP" => $lang['Look_up'] . " " . $lang['User'],
 		"S_AUTH_ACTION" => append_sid("admin_userauth.$phpEx"),
 		"S_AUTH_SELECT" => $select_list)
 	);
 }
 else
 {
 	//
 	// Front end
 	//
-	$user_id = $HTTP_GET_VARS[POST_USERS_URL];
+	$adv = ( isset($HTTP_GET_VARS['adv']) ) ? $HTTP_GET_VARS['adv'] : 0;
 	if( isset($HTTP_GET_VARS['adv']) )
 	{
 		$adv = $HTTP_GET_VARS['adv'];
 	}
 	else
 	{
 		$adv = FALSE;
 	}
 	include('page_header_admin.'.$phpEx);
@ -948,8 +901,8 @@ else
 		}
 	}
-	$switch_mode = append_sid("admin_userauth.$phpEx?" . POST_USERS_URL . "=" . $user_id . "&adv=");
+	$adv_switch = ( empty($adv) ) ? 1 : 0;
-	$switch_mode .= ( empty($adv) ) ? "1" : "0";
+	$switch_mode = append_sid("admin_userauth.$phpEx?" . POST_USERS_URL . "=" . $user_id . "&adv=$adv_switch");
 	$switch_mode_text = ( empty($adv) ) ? $lang['Advanced_mode'] : $lang['Simple_mode'];
 	$u_switch_mode = '<a href="' . $switch_mode . '">' . $switch_mode_text . '</a>';
@ -976,6 +929,46 @@ else
 		"S_HIDDEN_FIELDS" => $s_hidden_fields)
 	);
 }
 else
 {
 	//
 	// Default user selection box
 	//
 	// This should be altered on the final system
 	//
 	$sql = "SELECT user_id, username
 		FROM " . USERS_TABLE . "
 		WHERE user_id <> " . ANONYMOUS;
 	$u_result = $db->sql_query($sql);
 	$user_list = $db->sql_fetchrowset($u_result);
 	$select_list = "<select name=\"" . POST_USERS_URL . "\">";
 	for($i = 0; $i < count($user_list); $i++)
 	{
 		$select_list .= "<option value=\"" . $user_list[$i]['user_id'] . "\">" . $user_list[$i]['username'] . "</option>";
 	}
 	$select_list .= "</select>";
 	include('page_header_admin.'.$phpEx);
 	$template->set_filenames(array(
 		"body" => "admin/user_select_body.tpl")
 	);
 	$template->assign_vars(array(
 		"L_USER_TITLE" => $lang['User'] . " " . $lang['Auth_Control'],
 		"L_USER_EXPLAIN" => $lang['User_auth_explain'],
 		"L_USER_SELECT" => $lang['Select_a'] . " " . $lang['User'],
 		"L_LOOK_UP" => $lang['Look_up'] . " " . $lang['User'],
 		"L_FIND_USERNAME" => $lang['Find_username'],
 		"U_SEARCH_USER" => append_sid("admin_users.$phpEx?mode=searchuser"), 
 		"S_USER_ACTION" => append_sid("admin_userauth.$phpEx"))
 	);
 }
 $template->pparse("body");
--- a/phpBB/admin/admin_users.php
+++ b/phpBB/admin/admin_users.php
@ -20,6 +20,8 @@
 *
 ***************************************************************************/
 define("IN_ADMIN", true);
 if($setmodules == 1)
 {
 	$filename = basename(__FILE__);
@ -29,16 +31,21 @@ if($setmodules == 1)
 }
 //
-// Include required files, get $phpEx and check permissions
+// Load default header
 //
-$phpbb_root_path = "./../";
+$phpbb_root_dir = "./../";
-include($phpbb_root_path . 'extension.inc');
+require('pagestart.inc');
 include($phpbb_root_path . 'common.'.$phpEx);
 include($phpbb_root_path . 'includes/bbcode.'.$phpEx);
 include($phpbb_root_path . 'includes/post.'.$phpEx);
 if( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) )
 {
 	$mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
 }
 else
 {
 	$mode = "";
 }
-//
+// ---------
 // Functions
 //
 function validate_optional_fields(&$icq, &$aim, &$msnm, &$yim, &$website, &$location, &$occupation, &$interests, &$sig)
@ -112,35 +119,40 @@ function validate_optional_fields(&$icq, &$aim, &$msnm, &$yim, &$website, &$loca
 // End Functions
 //
 //
 // Start session management
 //
 $userdata = session_pagestart($user_ip, PAGE_INDEX, $session_length);
 init_userprefs($userdata);
 //
 // End session management
 //
 if( !$userdata['session_logged_in'] )
 {
 	header("Location: ../login.$phpEx?forward_page=admin/");
 }
 else if( $userdata['user_level'] != ADMIN )
 {
 	message_die(GENERAL_MESSAGE, $lang['Not_admin']);
 }
 //
 // Begin program
 //
-if ( isset($HTTP_GET_VARS['submit']) ) {
+if( $mode == "searchuser" )
-	//
+{
-	// This looks familiar doesn't it? It's the user profile page! :)
+	if( isset($HTTP_POST_VARS['search']) )
-	//
+	{
 		$username_list = username_search("admin_users.$phpEx", $HTTP_POST_VARS['search_author'], 1);
 	}
 	else
 	{
 		username_search("admin_users.$phpEx", "", 1);
 	}
 	//
 	// Remove this later
 	//
 	exit;
 }
 else if ( isset($HTTP_POST_VARS['username']) || isset($HTTP_GET_VARS[POST_USERS_URL]) || isset($HTTP_POST_VARS[POST_USERS_URL]) )
 {
 	//
 	// Let's find out a little about them...
 	//
-	$this_userdata = get_userdata_from_id($HTTP_GET_VARS[POST_USERS_URL]);
+	if( isset($HTTP_GET_VARS[POST_USERS_URL]) || isset($HTTP_POST_VARS[POST_USERS_URL]) )
 	{
 		$user_id = ( isset($HTTP_POST_VARS[POST_USERS_URL]) ) ? $HTTP_POST_VARS[POST_USERS_URL] : $HTTP_GET_VARS[POST_USERS_URL];
 		$this_userdata = get_userdata_from_id($user_id);
 	}
 	else
 	{
 		$this_userdata = get_userdata($HTTP_POST_VARS['username']);
 	}
 	//
 	// Now parse and display it as a template
@ -195,13 +207,13 @@ if ( isset($HTTP_GET_VARS['submit']) ) {
 		switch( $user_avatar_type )
 		{
 			case USER_AVATAR_UPLOAD:
-				$avatar = "<img src=\"" . $board_config['avatar_path'] . "/" . $user_avatar . "\" alt=\"\" />";
+				$avatar = "<img src=\"../" . $board_config['avatar_path'] . "/" . $user_avatar . "\" alt=\"\" />";
 				break;
 			case USER_AVATAR_REMOTE:
 				$avatar = "<img src=\"$user_avatar\" alt=\"\" />";
 				break;
 			case USER_AVATAR_GALLERY:
-				$avatar = "<img src=\"" . $board_config['avatar_gallery_path'] . "/" . $user_avatar . "\" alt=\"\" />";
+				$avatar = "<img src=\"../" . $board_config['avatar_gallery_path'] . "/" . $user_avatar . "\" alt=\"\" />";
 				break;
 		}
 	}
@ -319,16 +331,15 @@ if ( isset($HTTP_GET_VARS['submit']) ) {
 		"S_PROFILE_ACTION" => append_sid("admin_users.$phpEx"))
 	);
 	include('page_header_admin.'.$phpEx);
 	$template->pparse("body");
 }
-else if($HTTP_POST_VARS[submit] && $HTTP_POST_VARS['user_id'])
+else if( isset($HTTP_POST_VARS['submit']) && isset($HTTP_POST_VARS['user_id']) )
 {
 	//
 	// Ok, the profile has been modified and submitted, let's update
 	//
 	$user_id = intval($HTTP_POST_VARS['user_id']);
 	$user_id = $HTTP_POST_VARS['user_id'];
 	$username = (!empty($HTTP_POST_VARS['username'])) ? trim(strip_tags($HTTP_POST_VARS['username'])) : "";
 	$email = (!empty($HTTP_POST_VARS['email'])) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['email']))) : "";
@ -450,8 +461,6 @@ else if($HTTP_POST_VARS[submit] && $HTTP_POST_VARS['user_id'])
 							WHERE user_id = $user_id";
 						$result = @$db->sql_query($sql);
 						include('page_header_admin.'. $phpEx);
 						$template->set_filenames(array(
 							"body" => "admin/admin_message_body.tpl")
 						);
@ -479,7 +488,6 @@ else if($HTTP_POST_VARS[submit] && $HTTP_POST_VARS['user_id'])
 			if( $error == TRUE )
 			{
 					include('page_header_admin.' . $phpEx);
 					$template->set_filenames(array(
 						"body" => "admin/admin_message_body.tpl")
 					);
@ -493,13 +501,11 @@ else if($HTTP_POST_VARS[submit] && $HTTP_POST_VARS['user_id'])
 		}
 		else
 		{
-			echo $sql = "UPDATE " . USERS_TABLE . "
+			$sql = "UPDATE " . USERS_TABLE . "
 				SET " . $username_sql . $passwd_sql . "user_email = '$email', user_icq = '$icq', user_website = '$website', user_occ = '$occupation', user_from = '$location', user_interests = '$interests', user_sig = '$signature', user_viewemail = $viewemail, user_aim = '$aim', user_yim = '$yim', user_msnm = '$msn', user_attachsig = $attachsig, user_allowsmile = $allowsmilies, user_allowhtml = $allowhtml, user_allowavatar = $user_allowavatar, user_allowbbcode = $allowbbcode, user_allow_viewonline = $allowviewonline, user_allow_pm = $user_allowpm, user_notify_pm = $notifypm, user_lang = '$user_lang', user_style = $user_style, user_timezone = $user_timezone, user_dateformat = '$user_dateformat', user_active = $user_status, user_actkey = '$user_actkey'" . $avatar_sql . "
 				WHERE user_id = $user_id";
 			if($result = $db->sql_query($sql))
 			{
 				include('page_header_admin.' . $phpEx);
 				$template->set_filenames(array(
 					"body" => "admin/admin_message_body.tpl")
 				);
@ -512,8 +518,6 @@ else if($HTTP_POST_VARS[submit] && $HTTP_POST_VARS['user_id'])
 			}
 			else
 			{
 				include('page_header_admin.' . $phpEx);
 				$template->set_filenames(array(
 					"body" => "admin/admin_message_body.tpl")
 				);
@ -528,8 +532,6 @@ else if($HTTP_POST_VARS[submit] && $HTTP_POST_VARS['user_id'])
 	}
 	else
 	{
 		include('page_header_admin.' . $phpEx);
 		$template->set_filenames(array(
 			"body" => "admin/admin_message_body.tpl")
 		);
@ -562,8 +564,6 @@ else
 	}
 	$select_list .= "</select>";
 	include('page_header_admin.'.$phpEx);
 	$template->set_filenames(array(
 		"body" => "admin/user_select_body.tpl")
 	);
@ -573,6 +573,9 @@ else
 		"L_USER_EXPLAIN" => $lang['User_admin_explain'],
 		"L_USER_SELECT" => $lang['Select_a'] . " " . $lang['User'],
 		"L_LOOK_UP" => $lang['Look_up'] . " " . $lang['User'],
 		"L_FIND_USERNAME" => $lang['Find_username'],
 		"U_SEARCH_USER" => append_sid("admin_users.$phpEx?mode=searchuser"), 
 		"S_USER_ACTION" => append_sid("admin_users.$phpEx"),
 		"S_USER_SELECT" => $select_list)
--- a/phpBB/admin/admin_words.php
+++ b/phpBB/admin/admin_words.php
@ -28,8 +28,9 @@ if($setmodules == 1)
 }
 //
-// Include required files, get $phpEx and check permissions
+// Load default header
 //
 $phpbb_root_dir = "./../";
 require('pagestart.inc');
 if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
--- a/phpBB/admin/index.php
+++ b/phpBB/admin/index.php
@ -20,47 +20,33 @@
 *
 ***************************************************************************/
 $phpbb_root_path = "./../";
 include($phpbb_root_path . 'extension.inc');
 include($phpbb_root_path . 'common.'.$phpEx);
 //
-// Start session management
+// Load default header
 //
-$userdata = session_pagestart($user_ip, PAGE_INDEX, $session_length);
+$phpbb_root_dir = "./../";
-init_userprefs($userdata);
+$no_page_header = TRUE;
-//
+require('pagestart.inc');
 // End session management
 //
 //
 // Is user logged in? If yes are they an admin?
 //
 if( !$userdata['session_logged_in'] )
 {
 	header("Location: ../login.$phpEx?forward_page=admin/");
 }
 else if( $userdata['user_level'] != ADMIN )
 {
 	message_die(GENERAL_MESSAGE, $lang['Not_admin']);
 }
 //
 // Generate relevant output
 //
 if( $HTTP_GET_VARS['pane'] == 'left' )
 {
-	$dir = opendir(".");
+	$dir = @opendir(".");
 	$setmodules = 1;
-	while($file = readdir($dir))
+	while( $file = @readdir($dir) )
 	{
-		if(preg_match("/^admin_.*/", $file))
+		if( preg_match("/^admin_.*?\.php$/", $file) )
 		{
 			include($file);
 		}
 	}
 	@closedir($dir);
 	unset($setmodules);
 	include('page_header_admin.'.$phpEx);
 	$template->set_filenames(array(
@ -68,32 +54,34 @@ if( $HTTP_GET_VARS['pane'] == 'left' )
 	);
 	$template->assign_vars(array(
-		"U_BOARD_INDEX" => append_sid("../index.$phpEx"),
+		"U_FORUM_INDEX" => append_sid("../index.$phpEx"),
 		"U_ADMIN_INDEX" => append_sid("index.$phpEx?pane=right"),
-		"L_BOARD_INDEX" => "Board Index",
+		"L_FORUM_INDEX" => $lang['Forum_Index'],
-		"L_ADMIN_INDEX" => "Admin Index")
+		"L_ADMIN_INDEX" => $lang['Admin_Index'], 
 		"L_PREVIEW_FORUM" => $lang['Preview_forum'])
 	);
 	while( list($cat, $action_array) = each($module) )
 	{
 		$template->assign_block_vars("catrow", array(
-			"CATNAME" => $cat)
+			"ADMIN_CATEGORY" => $cat)
 		);
 		$row_count = 0;
 		while( list($action, $file)	= each($action_array) )
 		{
-			$row_color = "#" . ( ( !($row_count%2) ) ? $theme['td_color1'] : $theme['td_color2']);
+			$row_color = ( !($row_count%2) ) ? $theme['td_color1'] : $theme['td_color2'];
 			$row_class = ( !($row_count%2) ) ? $theme['td_class1'] : $theme['td_class2'];
 			$action = preg_replace("'_'", " ", $action);
-			$template->assign_block_vars("catrow.actionrow", array(
+			$template->assign_block_vars("catrow.modulerow", array(
-				"ROW_COLOR" => $row_color,
+				"ROW_COLOR" => "#" . $row_color,
 				"ROW_CLASS" => $row_class, 
-				"ACTIONNAME" => $action,
+
-				"FILE" => $file)
+				"ADMIN_MODULE" => $action,
 				"U_ADMIN_MODULE" => append_sid($file))
 			);
 			$row_count++;
 		}
@ -101,8 +89,7 @@ if( $HTTP_GET_VARS['pane'] == 'left' )
 	$template->pparse("body");
-	unset($setmodules);
+	include('page_footer_admin.'.$phpEx);
 	exit;
 }
 elseif( $HTTP_GET_VARS['pane'] == 'right' )
 {
@ -131,7 +118,8 @@ elseif( $HTTP_GET_VARS['pane'] == 'right' )
 		"L_USERS_PER_DAY" => $lang['Users_per_day'],
 		"L_BOARD_STARTED" => $lang['Board_started'],
 		"L_AVATAR_DIR_SIZE" => $lang['Avatar_dir_size'],
-		"L_DB_SIZE" => $lang['Database_size'])
+		"L_DB_SIZE" => $lang['Database_size'], 
 		"L_GZIP_COMPRESSION" => $lang['Gzip_compression'])
 	);
 	//
@ -143,7 +131,7 @@ elseif( $HTTP_GET_VARS['pane'] == 'right' )
 	$start_date = create_date($board_config['default_dateformat'], $board_config['board_startdate'], $board_config['board_timezone']);
-	$boarddays = (time() - $board_config['board_startdate']) / (24*60*60);
+	$boarddays = ( time() - $board_config['board_startdate'] ) / 86400;
 	$posts_per_day = sprintf("%.2f", $total_posts / $boarddays);
 	$topics_per_day = sprintf("%.2f", $total_topics / $boarddays);
@ -153,19 +141,19 @@ elseif( $HTTP_GET_VARS['pane'] == 'right' )
 	if ($avatar_dir = @opendir($phpbb_root_path . $board_config['avatar_path']))
 	{
-		while($file = readdir($avatar_dir))
+		while( $file = @readdir($avatar_dir) )
 		{
 			if( $file != "." && $file != ".." )
 			{
-				$avatar_dir_size += filesize($phpbb_root_path . $board_config['avatar_path'] . "/" . $file);
+				$avatar_dir_size += @filesize($phpbb_root_path . $board_config['avatar_path'] . "/" . $file);
 			}
 		}
-		closedir($avatar_dir);
+		@closedir($avatar_dir);
 	}
 	else
 	{
 		// Couldn't open Avatar dir.
-		$avatar_dir_size = '?';
+		$avatar_dir_size = $lang['Not_available'];
 	}
 	//
@ -215,7 +203,8 @@ elseif( $HTTP_GET_VARS['pane'] == 'right' )
 			list($version) = $db->sql_fetchrow($result);
 			if( ereg("^3\.23", $version) )
 			{
-				$sql = "SHOW TABLE STATUS FROM " . $dbname;
+				$sql = "SHOW TABLE STATUS 
 					FROM " . $dbname;
 				if(!$result = $db->sql_query($sql))
 				{
 					message_die(GENERAL_ERROR, "Couldn't obtain table information.", "", __LINE__, __FILE__, $sql);
@ -268,7 +257,8 @@ elseif( $HTTP_GET_VARS['pane'] == 'right' )
 		"TOPICS_PER_DAY" => $topics_per_day,
 		"USERS_PER_DAY" => $users_per_day,
 		"AVATAR_DIR_SIZE" => $avatar_dir_size,
-		"DB_SIZE" => $dbsize)
+		"DB_SIZE" => $dbsize, 
 		"GZIP_COMPRESSION" => ( $board_config['gzip_compress'] ) ? $lang['ON'] : $lang['OFF'])
 	);
 	//
 	// End forum statistics
@ -378,14 +368,10 @@ elseif( $HTTP_GET_VARS['pane'] == 'right' )
 			$row_color = ( !($count % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
 			$row_class = ( !($count % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
 			$count++;
 			$ip_address = decode_ip($onlinerow[$i]['session_ip']);
 			//
 			// 	This resolves the users IP to a host name, but it REALLY slows the page down
 			//
 			//$host_name = gethostbyaddr($ip_address);
 			//$ip_address = $ip_address . " ($host_name)";
 			if( empty($username) )
 			{
@ -420,8 +406,8 @@ else
 	);
 	$template->assign_vars(array(
-		"S_FRAME_NAV" => "index.$phpEx?pane=left",
+		"S_FRAME_NAV" => append_sid("index.$phpEx?pane=left"),
-		"S_FRAME_MAIN" => "index.$phpEx?pane=right")
+		"S_FRAME_MAIN" => append_sid("index.$phpEx?pane=right"))
 	);
 	header ("Expires: " . gmdate("D, d M Y H:i:s", time()) . " GMT");
--- a/phpBB/admin/page_footer_admin.php
+++ b/phpBB/admin/page_footer_admin.php
@ -44,11 +44,6 @@ $mtime = $mtime[1] + $mtime[0];
 $endtime = $mtime;
 $totaltime = ($endtime - $starttime);
 $gzip_text = ($board_config['gzip_compress']) ? "GZIP compression enabled" : "GZIP compression disabled";
 $debug_mode = (DEBUG) ? " : Debug Mode" : "";
 printf("<center><font size=-2>phpBB Created this page in %f seconds : " . $db->num_queries . " queries executed : $gzip_text".$debug_mode."</font></center>", $totaltime);
 //
 // Close our DB connection.
 //
--- a/phpBB/admin/page_header_admin.php
+++ b/phpBB/admin/page_header_admin.php
@ -81,8 +81,8 @@ else
 $template->assign_vars(array(
 	"SITENAME" => $board_config['sitename'],
 	"PAGE_TITLE" => $page_title,
 	"META_INFO" => $meta_tags,
 	"L_ADMIN" => $lang['Admin'], 
 	"L_USERNAME" => $lang['Username'],
 	"L_PASSWORD" => $lang['Password'],
 	"L_INDEX" => $lang['Forum_Index'],
--- a/phpBB/admin/pagestart.inc
+++ b/phpBB/admin/pagestart.inc
@ -20,6 +20,8 @@
 *
 ***************************************************************************/
 define("IN_ADMIN", true);
 $phpbb_root_path = "../";
 include($phpbb_root_path . 'extension.inc');
 include($phpbb_root_path . 'common.'.$phpEx);
@ -41,7 +43,7 @@ else if( $userdata['user_level'] != ADMIN )
 	message_die(GENERAL_MESSAGE, $lang['Not_admin']);
 }
-if ($no_page_header != TRUE)
+if ( !$no_page_header )
 {
 	// Not including the pageheader can be neccesarry if META tags are
 	// needed in the calling script.