Now allow for GET based session

git-svn-id: file:///svn/phpbb/trunk@256 89ea8834-ac86-4346-8a33-228a782c2dd0
2025-06-27 21:58:52 +00:00 · 2001-05-06 16:16:22 +00:00 · 2001-05-06 16:16:22 +00:00 · 6a74951029
commit 6a74951029
parent 99edaf843c
21 changed files with 156 additions and 107 deletions
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@ -268,4 +268,23 @@ function create_date($format, $gmepoch, $tz)
 {
 	return (gmdate($format, $gmepoch + (3600 * $tz)));
 }
-?>
+
 //
 // Append $SID to a url
 // Borrowed from phplib
 //
 function append_sid($url)
 {
 	global $SID;
 	if(!empty($SID) && !eregi("^http:", $url) && !eregi("sid=", $url))
 	{
 		$url = ereg_replace("[&?]+$", "", $url);
 		$url .= ( strpos($url, "?") != false ?  "&" : "?" ) . $SID;
 	}
 	return($url);
 }
 ?>
--- a/phpBB/includes/page_header.php
+++ b/phpBB/includes/page_header.php
@ -37,7 +37,7 @@ $template->set_filenames(array(
 if($userdata['session_logged_in'])
 {
 	$logged_in_status = "You are logged in as <b>".$userdata["username"]."</b>.";
-	$logged_in_status .= " [<a href=\"login.$phpEx?submit=logout\">Logout</a>]";
+	$logged_in_status .= " [<a href=\"".append_sid("login.$phpEx?submit=logout")."\">Logout</a>]";
 	$u_login_logout = "login.$phpEx?submit=logout";
 	$l_login_logout = "$l_logout : ".$userdata["username"]."";
@ -86,7 +86,7 @@ while($row = $db->sql_fetchrow($result))
 {
 	if($row['session_logged_in'])
 	{
-		$userlist_ary[] = "<a href=\"profile." . $phpEx . "?mode=viewprofile&" . POST_USERS_URL . "=" . $row['user_id'] . "\">" . $row['username'] . "</a>";
+		$userlist_ary[] = "<a href=\"".append_sid("profile." . $phpEx . "?mode=viewprofile&" . POST_USERS_URL . "=" . $row['user_id']) . "\">" . $row['username'] . "</a>";
 		$logged_online++;
 	}
 	else
@ -114,6 +114,7 @@ $template->assign_vars(array(
 	"L_USERNAME" => $l_username,
 	"L_PASSWORD" => $l_password,
 	"L_LOGIN" => $l_login,
 	"L_LOG_ME_IN" => $l_log_me_in,
 	"L_WELCOMETO" => $l_welcometo,
 	"L_INDEX" => $l_indextitle,
@ -150,20 +151,23 @@ $template->assign_vars(array(
 	"L_LOGIN_LOGOUT" => $l_login_logout,
-	"U_INDEX" => "index.".$phpEx,
+	"U_INDEX" => append_sid("index.".$phpEx),
-	"U_REGISTER" => "profile.".$phpEx."?mode=register",
+	"U_REGISTER" => append_sid("profile.".$phpEx."?mode=register"),
-	"U_PROFILE" => "profile.".$phpEx."?mode=editprofile",
+	"U_PROFILE" => append_sid("profile.".$phpEx."?mode=editprofile"),
-	"U_PRIVATEMSGS" => "priv_msgs.".$phpEx."?mode=read",
+	"U_PRIVATEMSGS" => append_sid("priv_msgs.".$phpEx."?mode=read"),
-	"U_SEARCH" => "search.".$phpEx,
+	"U_SEARCH" => append_sid("search.".$phpEx),
-	"U_MEMBERLIST" => "memberlist.".$phpEx,
+	"U_MEMBERLIST" => append_sid("memberlist.".$phpEx),
-	"U_FAQ" => "faq.".$phpEx,
+	"U_FAQ" => append_sid("faq.".$phpEx),
-	"U_VIEWONLINE" => "viewonline.$phpEx",
+	"U_VIEWONLINE" => append_sid("viewonline.$phpEx"),
-	"U_LOGIN_LOGOUT" => $u_login_logout,
+	"U_LOGIN_LOGOUT" => append_sid($u_login_logout),
 	"S_TIMEZONE" => $s_timezone,
 	"S_FORUMS_URL" => POST_FORUM_URL,
 	"S_TOPICS_URL" => POST_TOPIC_URL,
 	"S_USERS_URL" => POST_USERS_URL,
 	"S_LOGIN_ACTION" => append_sid("login.$phpEx"),
 	"S_JUMPBOX_ACTION" => append_sid("viewforum.$phpEx"),
 	"S_PROFILE_ACTION" => append_sid("profile.$phpEx"),
 	"T_HEAD_STYLESHEET" => $theme['head_stylesheet'],
 	"T_BODY_BACKGROUND" => $theme['body_background'],
@ -217,13 +221,18 @@ switch($pagetype)
 		$template->set_filenames(array(
 			"header" => "index_header.tpl",
 			"body" => "index_body.tpl",
-			"footer" => "index_footer.tpl"));
+			"footer" => "index_footer.tpl")
 		);
 		$template->assign_vars(array(
 			"TOTAL_POSTS" => $total_posts,
 			"TOTAL_USERS" => $total_users,
 			"NEWEST_USER" => $newest_user,
 			"NEWEST_UID" => $newest_uid,
-			"USERS_BROWSING" => $users_browsing));
+			"USERS_BROWSING" => $users_browsing,
 			"U_NEWEST_USER_PROFILE" => append_sid("profile.$phpEx?mode=viewprofile&".POST_USERS_URL."=$newest_uid"))
 		);
 		$template->pparse("header");
 		break;
@ -232,18 +241,20 @@ switch($pagetype)
 			"header" => "viewforum_header.tpl",
 			"body" => "viewforum_body.tpl",
 			"jumpbox" => "jumpbox.tpl",
-			"footer" => "viewforum_footer.tpl"));
+			"footer" => "viewforum_footer.tpl")
 		);
 		$jumpbox = make_jumpbox();
 		$template->assign_vars(array(
 			"JUMPBOX_LIST" => $jumpbox,
-		    "JUMPBOX_ACTION" => "viewforum.".$phpEx,
+		    "SELECT_NAME" => POST_FORUM_URL)
-		    "SELECT_NAME" => POST_FORUM_URL));
+		);
 		$template->assign_var_from_handle("JUMPBOX", "jumpbox");
 		$template->assign_vars(array(
 			"FORUM_ID" => $forum_id,
 			"FORUM_NAME" => $forum_name,
 			"MODERATORS" => $forum_moderators,
-			"USERS_BROWSING" => $users_browsing));
+			"USERS_BROWSING" => $users_browsing)
 		);
 		$template->pparse("header");
 		break;
@ -252,12 +263,13 @@ switch($pagetype)
 			"header" => "viewtopic_header.tpl",
 			"body" => "viewtopic_body.tpl",
 			"jumpbox" => "jumpbox.tpl",
-			"footer" => "viewtopic_footer.tpl"));
+			"footer" => "viewtopic_footer.tpl")
 		);
 		$jumpbox = make_jumpbox();
 		$template->assign_vars(array(
 			"JUMPBOX_LIST" => $jumpbox,
-		    "JUMPBOX_ACTION" => "viewforum.".$phpEx,
+		    "SELECT_NAME" => POST_FORUM_URL)
-		    "SELECT_NAME" => POST_FORUM_URL));
+		);
 		$template->assign_var_from_handle("JUMPBOX", "jumpbox");
 		$template->assign_vars(array(
 			"FORUM_ID" => $forum_id,
@ -265,7 +277,8 @@ switch($pagetype)
 		    "TOPIC_ID" => $topic_id,
 		    "TOPIC_TITLE" => $topic_title,
 			"POST_FORUM_URL" => POST_FORUM_URL,
-			"USERS_BROWSING" => $users_browsing));
+			"USERS_BROWSING" => $users_browsing)
 		);
 		$template->pparse("header");
 		break;
@ -274,19 +287,23 @@ switch($pagetype)
 			"header" => "viewonline_header.tpl",
 			"body" => "viewonline_body.tpl",
 			"jumpbox" => "jumpbox.tpl",
-			"footer" => "viewonline_footer.tpl"));
+			"footer" => "viewonline_footer.tpl")
 		);
 		$jumpbox = make_jumpbox();
 		$template->assign_vars(array(
 			"JUMPBOX_LIST" => $jumpbox,
-		    "JUMPBOX_ACTION" => "viewforum.".$phpEx,
+		    "SELECT_NAME" => POST_FORUM_URL)
-		    "SELECT_NAME" => POST_FORUM_URL));
+		);
 		$template->assign_var_from_handle("JUMPBOX", "jumpbox");
 		$template->assign_vars(array(
 			"TOTAL_POSTS" => $total_posts,
 			"TOTAL_USERS" => $total_users,
 			"POST_USER_URL" => POST_USERS_URL,
 			"NEWEST_USER" => $newest_user,
-			"NEWEST_UID" => $newest_uid));
+			"NEWEST_UID" => $newest_uid,
 			"U_NEWEST_USER_PROFILE" => append_sid("profile.$phpEx?mode=viewprofile&".POST_USERS_URL."=$newest_uid"))
 		);
 		$template->pparse("header");
 		break;
@ -294,17 +311,19 @@ switch($pagetype)
 		$template->set_filenames(array(
 			"header" => "newtopic_header.tpl",
 			"jumpbox" => "jumpbox.tpl",
-			"body" => "posting_body.tpl"));
+			"body" => "posting_body.tpl")
 		);
 		$jumpbox = make_jumpbox();
 		$template->assign_vars(array(
 			"JUMPBOX_LIST" => $jumpbox,
-		    "JUMPBOX_ACTION" => "viewforum.".$phpEx,
+		    "SELECT_NAME" => POST_FORUM_URL)
-		    "SELECT_NAME" => POST_FORUM_URL));
+		);
 		$template->assign_var_from_handle("JUMPBOX", "jumpbox");
 		$template->assign_vars(array(
 			"L_POSTNEWIN" => $l_postnewin,
 			"FORUM_ID" => $forum_id,
-			"FORUM_NAME" => $forum_name));
+			"FORUM_NAME" => $forum_name)
 		);
 		$template->pparse("header");
 		break;
@ -314,20 +333,27 @@ switch($pagetype)
 			$coppa = (!isset($HTTP_POST_VARS['coppa'])) ? FALSE : TRUE;
 			$template->set_filenames(array(
-				"body" => "agreement.tpl"));
+				"body" => "agreement.tpl")
 			);
 			$template->assign_vars(array(
-				"COPPA" => $coppa));
+				"COPPA" => $coppa,
 				"U_AGREE_OVER13" => append_sid("profile.$phpEx?mode=register&agreed=true"),
 				"U_AGREE_UNDER13" => append_sid("profile.$phpEx?mode=register&agreed=true&coppa=true"))
 			);
 		}
 		else
 		{
 			$template->set_filenames(array(
-				"body" => "profile_add_body.tpl"));
+				"body" => "profile_add_body.tpl")
 			);
 		}
 		break;
 	case 'profile':
 		$template->set_filenames(array(
-			"body" => "profile_view_body.tpl"));
+			"body" => "profile_view_body.tpl")
 		);
   break;
 }
--- a/phpBB/index.php
+++ b/phpBB/index.php
@ -111,7 +111,7 @@ if($total_categories)
 			array(
 				"CAT_ID" => $category_rows[$i]["cat_id"],
 				"CAT_DESC" => stripslashes($category_rows[$i]["cat_title"]),
-				"U_VIEWCAT" => "index." . $phpEx . "?viewcat=" . $category_rows[$i]['cat_id']
+				"U_VIEWCAT" => append_sid("index." . $phpEx . "?viewcat=" . $category_rows[$i]['cat_id'])
 			)
 		);
@ -129,8 +129,8 @@ if($total_categories)
 				{
 					$last_post_time = create_date($board_config['default_dateformat'], $forum_rows[$j]["post_time"], $board_config['default_timezone']);
 					$last_post = $last_post_time."<br>by ";
-					$last_post .= "<a href=\"profile.$phpEx?mode=viewprofile&".POST_USERS_URL."=".$forum_rows[$j]["user_id"];
+					$last_post .= "<a href=\"".append_sid("profile.$phpEx?mode=viewprofile&".POST_USERS_URL."=".$forum_rows[$j]["user_id"]);
-					$last_post .= "\">".$forum_rows[$j]["username"]."</a>&nbsp;<a href=\"viewtopic.".$phpEx."?t=".$forum_rows[$j]['topic_id']."\"><img src=\"".$images['latest_reply']."\" width=\"20\" height=\"11\" border=\"0\" alt=\"View Latest Post\"></a>";
+					$last_post .= "\">".$forum_rows[$j]["username"]."</a>&nbsp;<a href=\"".append_sid("viewtopic.".$phpEx."?t=".$forum_rows[$j]['topic_id'])."\"><img src=\"".$images['latest_reply']."\" width=\"20\" height=\"11\" border=\"0\" alt=\"View Latest Post\"></a>";
 				}
 				else
 				{
@ -158,7 +158,7 @@ if($total_categories)
 					{
 						$moderators_links .= "<br>";
 					}
-					$moderators_links .= "<a href=\"profile.$phpEx?mode=viewprofile&".POST_USERS_URL."=".$forum_mods["forum_".$forum_rows[$j]["forum_id"]."_id"][$mods]."\">".$forum_mods["forum_".$forum_rows[$j]["forum_id"]."_name"][$mods]."</a>";
+					$moderators_links .= "<a href=\"".append_sid("profile.$phpEx?mode=viewprofile&".POST_USERS_URL."=".$forum_mods["forum_".$forum_rows[$j]["forum_id"]."_id"][$mods])."\">".$forum_mods["forum_".$forum_rows[$j]["forum_id"]."_name"][$mods]."</a>";
 				}
 				$template->assign_block_vars("catrow.forumrow", 
@ -172,7 +172,7 @@ if($total_categories)
 						"LAST_POST" => $last_post,
 						"MODERATORS" => $moderators_links,
-						"U_VIEWFORUM" => "viewforum." . $phpEx . "?" . POST_FORUM_URL . "=" . $forum_rows[$j]['forum_id'] . "&" . $forum_rows[$j]['forum_posts'])
+						"U_VIEWFORUM" => append_sid("viewforum." . $phpEx . "?" . POST_FORUM_URL . "=" . $forum_rows[$j]['forum_id'] . "&" . $forum_rows[$j]['forum_posts']))
 					);
 //						"LAST_POST_USER" => "$forum_rows[$j]["username"]",
 //						"U_LAST_POST_USER_PROFILE" => "profile.$phpEx?mode=viewprofile&".POST_USERS_URL."=".$forum_rows[$j]["user_id"]",
--- a/phpBB/login.php
+++ b/phpBB/login.php
@ -59,13 +59,13 @@ if(isset($HTTP_POST_VARS['submit']) || isset($HTTP_GET_VARS['submit']))
 				$session_id = session_begin($rowresult["user_id"], $user_ip, PAGE_INDEX, $session_length, TRUE, $autologin);
 				if($session_id)
 				{
-					if($forward_page)
+					if(!empty($HTTP_POST_VARS['forward_page']))
 					{
-						header("Location: $forward_page");
+						header(append_sid("Location: ".$HTTP_POST_VARS['forward_page']));
 					}
 					else
 					{
-						header("Location: index.$phpEx");
+						header(append_sid("Location: index.$phpEx"));
 					}
 				}
 				else
@ -89,24 +89,24 @@ if(isset($HTTP_POST_VARS['submit']) || isset($HTTP_GET_VARS['submit']))
 		{
 			session_end($userdata["session_id"], $userdata["user_id"]);
 		}
-		if($forward_page)
+		if(!empty($HTTP_POST_VARS['forward_page']))
 		{
-			header("Location: $forward_page");
+			header(append_sid("Location: ".$HTTP_POST_VARS['forward_page']));
 		}
 		else
 		{
-			header("Location: index.$phpEx");
+			header(append_sid("Location: index.$phpEx"));
 		}
 	}
 	else
 	{
-		if($forward_page)
+		if(!empty($HTTP_POST_VARS['forward_page']))
 		{
-			header("Location: $forward_page");
+			header(append_sid("Location: ".$HTTP_POST_VARS['forward_page']));
 		}
 		else
 		{
-			header("Location: index.$phpEx");
+			header(append_sid("Location: index.$phpEx"));
 		}
 	}
 }
@ -131,13 +131,12 @@ else
 	$username = ($userdata['user_id'] != ANONYMOUS) ? $userdata['username'] : "";
 	$template->assign_vars(array(
 		"L_USERNAME" => $l_username,
 		"L_PASSWORD" => $l_password,
 		"L_SEND_PASSWORD" => $l_resend_password,
-		"L_LOGIN" => $l_login,
+
 		"U_SEND_PASSWORD" => "sendpassword.".$phpEx,
 		"FORWARD_PAGE" => $forward_page,
-		"USERNAME" => $username
+		"USERNAME" => $username,
 		"U_SEND_PASSWORD" => append_sid("sendpassword.".$phpEx)
 		)
 	);
--- a/phpBB/templates/Default/agreement.tpl
+++ b/phpBB/templates/Default/agreement.tpl
@ -21,9 +21,9 @@
 				<br>
 				The owners of phpBB.com and the moderators of this forum have the right to remove, edit, move or close any thread for any reason.<br>
 				<br>
-				<div align="center" style="{font-weight: bold;}"><a href="profile.{PHPEX}?mode=register&agreed=true">I Agree to these terms (and am over 13 years of age)</a>&nbsp;&nbsp;
+				<div align="center" style="{font-weight: bold;}"><a href="{U_AGREE_OVER13}">I Agree to these terms (and am over 13 years of age)</a>&nbsp;&nbsp;
-				<a href="profile.{PHPEX}?mode=register&agreed=true&coppa=true">I Agree to these terms (and am <b>under</b> 13 years of age)</a>&nbsp;&nbsp;
+				<a href="{U_AGREE_UNDER13}">I Agree to these terms (and am <b>under</b> 13 years of age)</a>&nbsp;&nbsp;
-				<a href="index.{PHPEX}">I do not agree to these terms</a></div>
+				<a href="{U_INDEX}">I do not agree to these terms</a></div>
 	        	</td>
 	       </table>
 	      </td>
--- a/phpBB/templates/Default/index_header.tpl
+++ b/phpBB/templates/Default/index_header.tpl
@ -7,8 +7,8 @@
        <tr>
 	        <td align="right" style="{font-size: 8pt;}">{L_POSTEDTOTAL} -<b>{TOTAL_POSTS}</b>- {L_MESSAGES}.<br>
 	          {L_WEHAVE} <b>{TOTAL_USERS}</b> {L_REGUSERS}.<br>
-	          {L_NEWESTUSER} <b><a href="profile.{PHPEX}?mode=viewprofile&u={NEWEST_UID}">{NEWEST_USER}</a></b><br>
+	          {L_NEWESTUSER} <b><a href="{U_NEWEST_USER_PROFILE}">{NEWEST_USER}</a></b><br>
-	          {L_ARECURRENTLY} <a href="viewonline.{PHPEX}"><b>{USERS_BROWSING}</b> {L_BROWSING}</a> {L_THEFORUMS}<br>
+	          {L_ARECURRENTLY} <a href="{U_VIEWONLINE}"><b>{USERS_BROWSING}</b> {L_BROWSING}</a> {L_THEFORUMS}<br>
 	        </td>
 	      </tr>
 	    </table>
--- a/phpBB/templates/Default/jumpbox.tpl
+++ b/phpBB/templates/Default/jumpbox.tpl
@ -1,5 +1,5 @@
 <table cellspacing="0" cellpadding="0" border="0">
-	<tr><form method="GET" action="{JUMPBOX_ACTION}">
+	<tr><form method="post" action="{S_JUMPBOX_ACTION}">
 		<td nowrap>Jump To:<select name="{SELECT_NAME}"><option value="-1">Select A Forum</option>{JUMPBOX_LIST}</select><input type="submit" value="Go"></td>
 	</form></tr>
 </table>
--- a/phpBB/templates/Default/login_body.tpl
+++ b/phpBB/templates/Default/login_body.tpl
@ -2,7 +2,7 @@
 	<td><br clear="all" /><br />
 <table border="0" align="center" width="60%" bgcolor="#000000" cellpadding="0" cellspacing="1">
-    <tr><form action="{PHP_SELF}" method="post">
+    <tr><form action="{S_LOGIN_ACTION}" method="post">
 	    <td><table border="0" width="100%" cellpadding="3" cellspacing="1">
 			<tr class="tableheader">
 				<td colspan="2" align="center"><b>Please enter your username and password to login</b></td>
--- a/phpBB/templates/Default/overall_header.tpl
+++ b/phpBB/templates/Default/overall_header.tpl
@ -19,9 +19,14 @@
 .tablebody {							
 	font-size: 8pt;
 }
 .tablefooter {
 	background: #C9C9D8;
 	color:	#000000;
 	font-size:	8pt;
 }
 .catheader {							
 	font-size: 8pt;				
-	background: #CCCCCC;
+	background: #C5C9CD;
 	color: #000000;
 }
 TD {
@ -43,20 +48,20 @@ A:Hover {
 		<td bgcolor="#000000"><table width="100%" cellpadding="0" cellspacing="1" border="0">
 			<tr>
 				<td bgcolor="#CCCCCC"><table width="100%" cellspacing="1" cellpadding="3" border="0">
-					<tr class="tablebody"><form method="POST" action="login.{PHPEX}">
+					<tr class="tablebody"><form method="post" action="{S_LOGIN_ACTION}">
-						<td align="left" valign="top"><a href="index.php"><img src="images/title.jpg" height="55" width="450" border="0"></a></td>
+						<td align="left" valign="top"><a href="{U_INDEX}"><img src="images/title.jpg" height="55" width="450" border="0"></a></td>
-						<td align="right">{L_USERNAME} : <input type="text" name="username"><br>{L_PASSWORD} : <input type="password" name="password"><br>{L_LOG_ME_IN}<input type="checkbox" name="autologin">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type="submit" name="submit" value="Login"></td>
+						<td align="right">{L_USERNAME} : <input type="text" name="username"><br>{L_PASSWORD} : <input type="password" name="password"><br>{L_LOG_ME_IN}<input type="checkbox" name="autologin">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type="submit" name="submit" value="{L_LOGIN}"></td>
 					</tr></form>
 					<tr class="tablebody">
 						<td colspan="2"><table width="100%" cellspacing="0" cellpadding="0" border="0">
 							<tr>
 								<td align="left" valign="bottom">{L_WELCOMETO} {SITENAME}<br>{LOGIN_STATUS}</td>
-								<td align="right" valign="bottom">[<a href="profile.{PHPEX}?mode=register">{L_REGISTER}</a>]&nbsp;
+								<td align="right" valign="bottom">[<a href="{U_REGISTER}">{L_REGISTER}</a>]&nbsp;
-								[<a href="profile.{PHPEX}?mode=editprofile">{L_PROFILE}</a>]&nbsp;
+								[<a href="{U_PROFILE}">{L_PROFILE}</a>]&nbsp;
-								[<a href="search.{PHPEX}">{L_SEARCH}</a>]&nbsp;
+								[<a href="{U_SEARCH}">{L_SEARCH}</a>]&nbsp;
-								[<a href="priv_msg.{PHPEX}?mode=read">{L_PRIVATEMSGS}</a>]&nbsp;
+								[<a href="{U_PRIVATEMSGS}">{L_PRIVATEMSGS}</a>]&nbsp;
-								[<a href="memberlist.{PHPEX}">{L_MEMBERLIST}</a>]&nbsp;
+								[<a href="{U_MEMBERSLIST}">{L_MEMBERLIST}</a>]&nbsp;
-								[<a href="faq.{PHPEX}">{L_FAQ}</a>]</td>
+								[<a href="{U_FAQ}">{L_FAQ}</a>]</td>
 							</tr>
 						</table></td>
 					</tr>
--- a/phpBB/templates/Default/profile_add_body.tpl
+++ b/phpBB/templates/Default/profile_add_body.tpl
@ -1,5 +1,5 @@
 <tr>
-  <td><form action="{PHP_SELF}" method="POST">
+  <td><form action="{S_PROFILE_ACTION}" method="POST">
   <table border="0" align="center" width="100%" bgcolor="#000000" cellpadding="0" cellspacing="1">
    <tr>
      <td>
--- a/phpBB/templates/Default/viewonline_header.tpl
+++ b/phpBB/templates/Default/viewonline_header.tpl
@ -7,7 +7,7 @@
        <tr>
 	        <td align="right" style="{font-size: 8pt;}">{L_POSTEDTOTAL} -<b>{TOTAL_POSTS}</b>- {L_MESSAGES}.<br>
 	          {L_WEHAVE} <b>{TOTAL_USERS}</b> {L_REGUSERS}.<br>
-	          {L_NEWESTUSER} <b><a href="profile.{PHPEX}?mode=viewprofile&{POST_USER_URL}={NEWEST_UID}">{NEWEST_USER}</a></b>
+	          {L_NEWESTUSER} <b><a href="{U_NEWEST_USER_PROFILE}">{NEWEST_USER}</a></b>
 	        </td>
 	      </tr>
 	    </table>
--- a/phpBB/templates/PSO/agreement.tpl
+++ b/phpBB/templates/PSO/agreement.tpl
@ -7,7 +7,7 @@
 	        <tr>
 	        	<td width="100%" align="center" bgcolor="{T_TD_COLOR1}"><table width="80%" border="0">
 					<tr>
-						<td><font face="{T_FONTFACE1}" size="{T_FONTSIZE2}"><br />While the administrators and moderators of this forum will attempt to remove or edit any generally objectionable material as quickly as possible, it is impossible to review every message. Therefore you acknowledge that all posts made to these forums express the views and opinions of the author and not the administrators, moderators or webmaster (except for posts by these people) and hence will not be held liable.<br /><br />You agree not to post any abusive, obscene, vulgar, slanderous, hateful, threatening, sexually-orientated or any other material that may violate any applicable laws. Doing so may lead to you being immediately and permanently banned (and your service provider being informed). The IP address of all posts is recorded to aid in enforcing these conditions. You agree that the webmaster, administrator and moderators of this forum have the right to remove, edit, move or close any topic at any time should they see fit. As a user you agree to any information you have entered above being stored in a database. While this information will not be disclosed to any third party without your consent the webmaster, administrator and moderators cannot be held responsible for any hacking attempt that may lead to the data being compromised.<br /><br />This forum system uses cookies to store information on your local computer. These cookies do not contain any of the information you have entered above, they serve only to improve your viewing pleasure. The email address is used only for confirming your registration details and password (and for sending new passwords should you forget your current one).<br /><br />By clicking Register below you agree to be bound by these conditions.<br /><br /><br /><div align="center"><a href="profile.{PHPEX}?mode=register&agreed=true">I Agree to these terms (and am over 13 years of age)</a><br /><br /><a href="profile.{PHPEX}?mode=register&agreed=true&coppa=true">I Agree to these terms (and am <b>under</b> 13 years of age)</a><br /><br /><a href="index.{PHPEX}">I do not agree to these terms</a></div><br /></font></td>
+						<td><font face="{T_FONTFACE1}" size="{T_FONTSIZE2}"><br />While the administrators and moderators of this forum will attempt to remove or edit any generally objectionable material as quickly as possible, it is impossible to review every message. Therefore you acknowledge that all posts made to these forums express the views and opinions of the author and not the administrators, moderators or webmaster (except for posts by these people) and hence will not be held liable.<br /><br />You agree not to post any abusive, obscene, vulgar, slanderous, hateful, threatening, sexually-orientated or any other material that may violate any applicable laws. Doing so may lead to you being immediately and permanently banned (and your service provider being informed). The IP address of all posts is recorded to aid in enforcing these conditions. You agree that the webmaster, administrator and moderators of this forum have the right to remove, edit, move or close any topic at any time should they see fit. As a user you agree to any information you have entered above being stored in a database. While this information will not be disclosed to any third party without your consent the webmaster, administrator and moderators cannot be held responsible for any hacking attempt that may lead to the data being compromised.<br /><br />This forum system uses cookies to store information on your local computer. These cookies do not contain any of the information you have entered above, they serve only to improve your viewing pleasure. The email address is used only for confirming your registration details and password (and for sending new passwords should you forget your current one).<br /><br />By clicking Register below you agree to be bound by these conditions.<br /><br /><br /><div align="center"><a href="{U_AGREE_OVER13}">I Agree to these terms (and am over 13 years of age)</a><br /><br /><a href="{U_AGREE_UNDER13}">I Agree to these terms (and am <b>under</b> 13 years of age)</a><br /><br /><a href="{U_INDEX}">I do not agree to these terms</a></div><br /></font></td>
 					</tr>
 				</table></td>
 			</tr>
--- a/phpBB/templates/PSO/index_body.tpl
+++ b/phpBB/templates/PSO/index_body.tpl
@ -27,8 +27,8 @@
 			<tr>
 				<td colspan="6" bgcolor="{T_TH_COLOR2}" align="left"><font face="{T_FONTFACE1}" size="{T_FONTSIZE1}">{TOTAL_USERS_ONLINE}</font><br/><font face="{T_FONTFACE1}" size="{T_FONTSIZE2}">{LOGGED_IN_USER_LIST}</font></td>
 			</tr>
-			<tr><form method="post" action="login.{PHPEX}">
+			<tr><form method="post" action="{S_LOGIN_ACTION}">
-				<td colspan="6" bgcolor="{T_TH_COLOR3}" align="right"><font face="{T_FONTFACE1}" size="{T_FONTSIZE1}">{L_USERNAME}: <input type="text" name="username">&nbsp;&nbsp;&nbsp;{L_PASSWORD}: <input type="password" name="password">&nbsp;&nbsp;&nbsp;{L_AUTO_LOGIN}</font>:&nbsp;<input type="checkbox" name="autologin">&nbsp;&nbsp;&nbsp;<input type="submit" name="submit" value="Login">&nbsp;</font></td>
+				<td colspan="6" bgcolor="{T_TH_COLOR3}" align="right"><font face="{T_FONTFACE1}" size="{T_FONTSIZE1}">{L_USERNAME}: <input type="text" name="username">&nbsp;&nbsp;&nbsp;{L_PASSWORD}: <input type="password" name="password">&nbsp;&nbsp;&nbsp;{L_AUTO_LOGIN}</font>:&nbsp;<input type="checkbox" name="autologin">&nbsp;&nbsp;&nbsp;<input type="submit" name="submit" value="{L_LOGIN}">&nbsp;</font></td>
 			</form></tr>
 		</table></td>
 	</tr>
--- a/phpBB/templates/PSO/index_header.tpl
+++ b/phpBB/templates/PSO/index_header.tpl
@ -1,5 +1,5 @@
 <div align="center"><table width="98%" cellspacing="0" cellpadding="4" border="0">
 	<tr>
-		<td align="left"><font face="{T_FONTFACE1}" size="{T_FONTSIZE1}" color="{T_FONTCOLOR1}"><a href="/">{SITENAME}&nbsp;{L_INDEX}</a></font></td>
+		<td align="left"><font face="{T_FONTFACE1}" size="{T_FONTSIZE1}" color="{T_FONTCOLOR1}"><a href="{U_INDEX}">{SITENAME}&nbsp;{L_INDEX}</a></font></td>
 	</tr>
 </table></div>
--- a/phpBB/templates/PSO/jumpbox.tpl
+++ b/phpBB/templates/PSO/jumpbox.tpl
@ -1,5 +1,5 @@
 <table cellspacing="0" cellpadding="0" border="0">
-	<tr><form method="GET" action="{JUMPBOX_ACTION}">
+	<tr><form method="post" action="{S_JUMPBOX_ACTION}">
 		<td nowrap><font face="{T_FONTFACE1}" size="{T_FONTSIZE2}">Jump To:&nbsp;<select name="{SELECT_NAME}"><option value="-1">Select A Forum</option>{JUMPBOX_LIST}</select>&nbsp;<input type="submit" value="Go"></font></td>
 	</form></tr>
 </table>
--- a/phpBB/templates/PSO/login_body.tpl
+++ b/phpBB/templates/PSO/login_body.tpl
@ -1,5 +1,5 @@
 <div align="center"><table border="0" cellpadding="1" cellspacing="0" width="60%">
-	<tr><form action="{PHP_SELF}" method="post">
+	<tr><form action="{S_LOGIN_ACTION}" method="post">
 		<td bgcolor="{T_TH_COLOR1}"><table border="0" cellpadding="4" cellspacing="1" width="100%">
 			<tr>
 				<th colspan="2" bgcolor="{T_TH_COLOR3}" align="center"><font face="{T_FONTFACE1}" size="{T_FONTSIZE2}" color="{T_FONTCOLOR1}"><p><b>Please enter your username and password to login</b></p></font></th>
@ -16,7 +16,7 @@
 			<tr>
 				<td colspan="2" bgcolor="{T_TD_COLOR2}"><table width="100%" cellspacing="0" cellpadding="6" border="0">
 					<tr>
-						<td align="center"><input type="submit" name="submit" value="{L_LOGIN}"></td>
+						<td align="center"><input type="hidden" name="forward_page" value="{FORWARD_PAGE}"><input type="submit" name="submit" value="{L_LOGIN}"></td>
 					</tr>
 					<tr>
 						<td align="center"><font face="{T_FONTFACE1}" size="{T_FONTSIZE2}"><a href="{U_SEND_PASSWORD}">{L_SEND_PASSWORD}</a></font></td>
--- a/phpBB/templates/PSO/profile_add_body.tpl
+++ b/phpBB/templates/PSO/profile_add_body.tpl
@ -1,5 +1,5 @@
 <div align="center"><table width="98%" cellpadding="1" cellspacing="0" border="0">
-	<tr><form action="{PHP_SELF}" method="POST">
+	<tr><form action="{S_PROFILE_ACTION}" method="post">
 		<td bgcolor="{T_TH_COLOR1}"><table border="0" cellpadding="3" cellspacing="1" width="100%">
 			<tr>
 				<td colspan="2" bgcolor="{T_TH_COLOR3}"><font face="{T_FONTFACE1}" size="{T_FONTSIZE2}" color="{T_FONTCOLOR1}">&nbsp;<b>{L_REGISTRATION_INFO}</b></font> <font face="{T_FONTFACE1}" size="{T_FONTSIZE1}">[{L_ITEMS_REQUIRED}]</font>&nbsp;</td>
--- a/phpBB/templates/PSO/viewtopic_header.tpl
+++ b/phpBB/templates/PSO/viewtopic_header.tpl
@ -1,5 +1,5 @@
 <div align="center"><table width="98%" cellspacing="0" cellpadding="4" border="0">
 	<tr>
-		<td align="left"><font face="{T_FONTFACE1}" size="{T_FONTSIZE1}" color="{T_FONTCOLOR1}"><a href="/">{SITENAME}&nbsp;{L_INDEX}</a> -> <a href="viewforum.{PHPEX}?{S_FORUMS_URL}={FORUM_ID}">{FORUM_NAME}</a> -> {TOPIC_TITLE}</font></td>
+		<td align="left"><font face="{T_FONTFACE1}" size="{T_FONTSIZE1}" color="{T_FONTCOLOR1}"><a href="{U_INDEX}">{SITENAME}&nbsp;{L_INDEX}</a> -> <a href="{U_VIEW_FORUM}">{FORUM_NAME}</a> -> {TOPIC_TITLE}</font></td>
 	</tr>
 </table></div>
--- a/phpBB/viewforum.php
+++ b/phpBB/viewforum.php
@ -94,7 +94,7 @@ for($x = 0; $x < $db->sql_numrows($result); $x++)
 	if($x > 0)
 		$forum_moderators .= ", ";
-	$forum_moderators .= "<a href=\"profile.$phpEx?mode=viewprofile&".POST_USERS_URL."=".$forum_row[$x]["user_id"]."\">".$forum_row[$x]["username"]."</a>";
+	$forum_moderators .= "<a href=\"".append_sid("profile.$phpEx?mode=viewprofile&".POST_USERS_URL."=".$forum_row[$x]["user_id"])."\">".$forum_row[$x]["username"]."</a>";
 }
 if(!isset($start))
@ -120,7 +120,7 @@ $total_topics = $db->sql_numrows($t_result);
 // Post URL generation for 
 // templating vars
 //
-$post_new_topic_url = "posting.".$phpEx."?mode=newtopic&".POST_FORUM_URL."=$forum_id";
+$post_new_topic_url = append_sid("posting.".$phpEx."?mode=newtopic&".POST_FORUM_URL."=$forum_id");
 $template->assign_vars(array(
 	"U_POST_NEW_TOPIC" => $post_new_topic_url));
@ -150,7 +150,7 @@ if($total_topics)
 				{
 					if(($i + $board_config['posts_per_page']) >= ($replies + 1)) 
 					{
-						$goto_page.=" ... <a href=\"viewtopic.$phpEx?".POST_TOPIC_URL."=".$topic_id."&start=$i\">$times</a>";
+						$goto_page.=" ... <a href=\"".append_sid("viewtopic.$phpEx?".POST_TOPIC_URL."=".$topic_id."&start=$i")."\">$times</a>";
 					}
 				}
 				else 
@ -159,7 +159,7 @@ if($total_topics)
 					{
 						$goto_page.= ", ";
 					}
-					$goto_page.= "<a href=\"viewtopic.$phpEx?".POST_TOPIC_URL."=".$topic_id."&start=$i\">$times</a>";
+					$goto_page.= "<a href=\"".append_sid("viewtopic.$phpEx?".POST_TOPIC_URL."=".$topic_id."&start=$i")."\">$times</a>";
 				}
 				$times++;
 			}
@ -172,14 +172,14 @@ if($total_topics)
 		$folder_img = "<img src=\"".$images['folder']."\">";
-		$view_topic_url = "viewtopic.".$phpEx."?".POST_TOPIC_URL."=".$topic_id."&".$replies;
+		$view_topic_url = append_sid("viewtopic.".$phpEx."?".POST_TOPIC_URL."=".$topic_id."&".$replies);
 		$topic_poster = stripslashes($topic_rowset[$x]["username"]);
-		$topic_poster_profile_url = "profile.$phpEx?mode=viewprofile&".POST_USERS_URL."=".$topic_rowset[$x]["user_id"];
+		$topic_poster_profile_url = append_sid("profile.$phpEx?mode=viewprofile&".POST_USERS_URL."=".$topic_rowset[$x]["user_id"]);
 		$last_post_time = create_date($board_config['default_dateformat'], $topic_rowset[$x]["post_time"], $board_config['default_timezone']);
 		$last_post_user = $topic_rowset[$x]["user2"];
-		$last_post_profile_url = "profile.$phpEx?mode=viewprofile&".POST_USERS_URL."=".$topic_rowset[$x]["id2"];
+		$last_post_profile_url = append_sid("profile.$phpEx?mode=viewprofile&".POST_USERS_URL."=".$topic_rowset[$x]["id2"]);
 		$views = $topic_rowset[$x]["topic_views"];
@ -206,7 +206,7 @@ if($total_topics)
 	{
 		if($next < $topics_count)
 		{
-			$pagination = "<a href=\"viewforum.$phpEx?".POST_FORUM_URL."=$forum_id&start=$next\">$l_nextpage</a> | ";
+			$pagination = "<a href=\"".append_sid("viewforum.$phpEx?".POST_FORUM_URL."=$forum_id&start=$next")."\">$l_nextpage</a> | ";
 		}
 		for($x = 0; $x < $topics_count; $x++)
 		{
@ -218,7 +218,7 @@ if($total_topics)
 				}
 				else
 				{
-					$pagination .= " <a href=\"viewforum.$phpEx?".POST_FORUM_URL."=$forum_id&start=$x\">$count</a> ";
+					$pagination .= " <a href=\"".append_sid("viewforum.$phpEx?".POST_FORUM_URL."=$forum_id&start=$x")."\">$count</a> ";
 				}
 				$count++;
 				if(!($count % 20))
--- a/phpBB/viewonline.php
+++ b/phpBB/viewonline.php
@ -171,7 +171,7 @@ if($online_count)
 		}
 		else
 		{
-			$location_url = "viewforum.".$phpEx."?".POST_FORUM_URL."=".$onlinerow[$i]['forum_id'];
+			$location_url = append_sid("viewforum.".$phpEx."?".POST_FORUM_URL."=".$onlinerow[$i]['forum_id']);
 			$location = $onlinerow[$i]['forum_name'];
 		}
@ -192,8 +192,8 @@ if($online_count)
 					"LOGGED_ON" => $logged_on,
 					"LASTUPDATE" => create_date($board_config['default_dateformat'], $onlinerow[$i]['session_time'], $board_config['default__timezone']),
 					"LOCATION" => $location,
-					"U_USER_PROFILE" => "profile.".$phpEx."?mode=viewprofile&".POST_USERS_URL."=".$onlinerow[$i]['user_id'],
+					"U_USER_PROFILE" => append_sid("profile.".$phpEx."?mode=viewprofile&".POST_USERS_URL."=".$onlinerow[$i]['user_id']),
-					"U_FORUM_LOCATION" => $location_url
+					"U_FORUM_LOCATION" => append_sid($location_url)
 				)
 			);
 		}
--- a/phpBB/viewtopic.php
+++ b/phpBB/viewtopic.php
@ -127,11 +127,11 @@ $ranksrow = $db->sql_fetchrowset($ranksresult);
 // Post, reply and other URL generation for 
 // templating vars
 //
-$new_topic_url = "posting.".$phpEx."?mode=newtopic&".POST_FORUM_URL."=$forum_id";
+$new_topic_url = append_sid("posting.".$phpEx."?mode=newtopic&".POST_FORUM_URL."=$forum_id");
-$reply_topic_url = "posting.".$phpEx."?mode=reply&".POST_TOPIC_URL."=$topic_id";
+$reply_topic_url = append_sid("posting.".$phpEx."?mode=reply&".POST_TOPIC_URL."=$topic_id");
-$view_forum_url = "viewforum.".$phpEx."?".POST_FORUM_URL."=$forum_id";
+$view_forum_url = append_sid("viewforum.".$phpEx."?".POST_FORUM_URL."=$forum_id");
-$view_older_topic_url = "viewtopic.".$phpEx."?".POST_TOPIC_URL."=".$topic_id."&view=older";
+$view_older_topic_url = append_sid("viewtopic.".$phpEx."?".POST_TOPIC_URL."=".$topic_id."&view=older");
-$view_newer_topic_url = "viewtopic.".$phpEx."?".POST_TOPIC_URL."=".$topic_id."&view=newer";
+$view_newer_topic_url = append_sid("viewtopic.".$phpEx."?".POST_TOPIC_URL."=".$topic_id."&view=newer");
 $template->assign_vars(array(
 	"U_POST_NEW_TOPIC" => $new_topic_url,
 	"U_VIEW_FORUM" => $view_forum_url,
@ -180,7 +180,7 @@ for($x = 0; $x < $total_posts; $x++)
 		$poster_rank = "";
 	}
-	$profile_img = "<a href=\"profile.$phpEx?mode=viewprofile&user_id=$poster_id\"><img src=\"".$images['profile']."\" alt=\"$l_profileof $poster\" border=\"0\"></a>";
+	$profile_img = "<a href=\"".append_sid("profile.$phpEx?mode=viewprofile&".POST_USERS_URL."=$poster_id")."\"><img src=\"".$images['profile']."\" alt=\"$l_profileof $poster\" border=\"0\"></a>";
 	$email_img = ($postrow[$x]["user_viewemail"] == 1) ? "<a href=\"mailto:".$postrow[$x]["user_email"]."\"><img src=\"".$images['email']."\" alt=\"$l_email $poster\" border=\"0\"></a>" : "";
 	$www_img = ($postrow[$x]["user_website"]) ? "<a href=\"".$postrow[$x]["user_website"]."\"><img src=\"".$images['www']."\" alt=\"$l_viewsite\" border=\"0\"></a>" : "";
@ -199,14 +199,14 @@ for($x = 0; $x < $total_posts; $x++)
 	$msn_img = ($postrow[$x]["user_msnm"]) ? "<a href=\"profile.$phpEx?mode=viewprofile&user_id=$poster_id\"><img src=\"".$images['msn']."\" border=\"0\"></a>" : "";
 	$yim_img = ($postrow[$x]["user_yim"]) ? "<a href=\"http://edit.yahoo.com/config/send_webmesg?.target=".$postrow[$x]["user_yim"]."&.src=pg\"><img src=\"".$images['yim']."\" border=\"0\"></a>" : "";
-	$edit_img = "<a href=\"posting.$phpEx?mode=editpost&post_id=".$postrow[$x]["post_id"]."&topic_id=$topic_id&forum_id=$forum_id\"><img src=\"".$images['edit']."\" alt=\"$l_editdelete\" border=\"0\"></a>";
+	$edit_img = "<a href=\"".append_sid("posting.$phpEx?mode=editpost&post_id=".$postrow[$x]["post_id"]."&topic_id=$topic_id&forum_id=$forum_id")."\"><img src=\"".$images['edit']."\" alt=\"$l_editdelete\" border=\"0\"></a>";
-	$quote_img = "<a href=\"posting.$phpEx?mode=reply&quote=true&post_id=".$postrow[$x]["post_id"]."&topic_id=$topic_id&forum_id=$forum_id\"><img src=\"".$images['quote']."\" alt=\"$l_replyquote\" border=\"0\"></a>";
+	$quote_img = "<a href=\"".append_sid("posting.$phpEx?mode=reply&quote=true&post_id=".$postrow[$x]["post_id"]."&topic_id=$topic_id&forum_id=$forum_id")."\"><img src=\"".$images['quote']."\" alt=\"$l_replyquote\" border=\"0\"></a>";
-	$pmsg_img = "<a href=\"priv_msgs.$phpEx?mode=send\"><img src=\"".$images['pmsg']."\" alt=\"$l_sendpmsg\" border=\"0\"></a>";
+	$pmsg_img = "<a href=\"".append_sid("priv_msgs.$phpEx?mode=send")."\"><img src=\"".$images['pmsg']."\" alt=\"$l_sendpmsg\" border=\"0\"></a>";
 	if($is_moderator)
 	{
-		$ip_img = "<a href=\"topicadmin.$phpEx?mode=viewip&user_id=".$poster_id."\"><img src=\"".$images['ip']."\" alt=\"$l_viewip\" border=\"0\"></a>";
+		$ip_img = "<a href=\"".append_sid("topicadmin.$phpEx?mode=viewip&user_id=".$poster_id)."\"><img src=\"".$images['ip']."\" alt=\"$l_viewip\" border=\"0\"></a>";
-		$delpost_img = "<a href=\"topicadmin.$phpEx?mode=delpost$post_id=".$postrow[$x]["post_id"]."\"><img src=\"".$images['delpost']."\" alt=\"$l_delete\" border=\"0\"></a>";
+		$delpost_img = "<a href=\"".append_sid("topicadmin.$phpEx?mode=delpost$post_id=".$postrow[$x]["post_id"])."\"><img src=\"".$images['delpost']."\" alt=\"$l_delete\" border=\"0\"></a>";
 	}
 	$message = stripslashes($postrow[$x]["post_text"]);
@ -298,7 +298,7 @@ if($total_replies > $board_config['posts_per_page'])
 	$last_page = $start - $board_config['posts_per_page'];
 	if($start > 0)
 	{
-		$pagination .= "<a href=\"$PHP_SELF?".POST_TOPIC_URL."=$topic_id&start=$last_page\">$l_prevpage</a> ";
+		$pagination .= "<a href=\"".append_sid("$PHP_SELF?".POST_TOPIC_URL."=$topic_id&start=$last_page")."\">$l_prevpage</a> ";
 	}
 	for($x = 0; $x < $total_replies; $x += $board_config['posts_per_page'])
@ -317,7 +317,7 @@ if($total_replies > $board_config['posts_per_page'])
 		}
 		else
 		{
-			$pagination .= "<a href=\"$PHP_SELF?".POST_TOPIC_URL."=$topic_id&start=$x\">$times</a>";
+			$pagination .= "<a href=\"".append_sid("$PHP_SELF?".POST_TOPIC_URL."=$topic_id&start=$x")."\">$times</a>";
 		}
 		$times++;
 	}
@ -325,7 +325,7 @@ if($total_replies > $board_config['posts_per_page'])
 	if(($start + $board_config['posts_per_page']) < $total_replies)
 	{
 		$next_page = $start + $board_config['posts_per_page'];
-		$pagination .=  " <a href=\"$PHP_SELF?".POST_TOPIC_URL."=$topic_id&start=$next_page\">$l_nextpage</a>";
+		$pagination .=  " <a href=\"".append_sid("$PHP_SELF?".POST_TOPIC_URL."=$topic_id&start=$next_page")."\">$l_nextpage</a>";
 	}
 	$pagination .= " )";
 }