diff --git a/phpBB/includes/page_header.php b/phpBB/includes/page_header.php
index 8388f28f90..2cac733b82 100644
--- a/phpBB/includes/page_header.php
+++ b/phpBB/includes/page_header.php
@@ -85,12 +85,12 @@ $s_last_visit = ( $userdata['session_logged_in'] ) ? create_date($board_config['
 // Get basic (usernames + totals) online
 // situation
 //
-$user_forum_sql = ( !empty($forum_id) ) ? "AND s.session_page = $forum_id" : '';
+$user_forum_sql = ( !empty($forum_id) ) ? "AND s.session_page = " . intval($forum_id) : '';
 $sql = "SELECT u.username, u.user_id, u.user_allow_viewonline, u.user_level, s.session_logged_in, s.session_ip
 	FROM ".USERS_TABLE." u, ".SESSIONS_TABLE." s
 	WHERE u.user_id = s.session_user_id
 		AND s.session_time >= ".( time() - 300 ) . "
-		$user_forum_sql 
+		$user_forum_sql
 	ORDER BY u.username ASC, s.session_ip ASC";
 if( !($result = $db->sql_query($sql)) )
 {
@@ -138,7 +138,7 @@ while( $row = $db->sql_fetchrow($result) )
 				$user_online_link = '<a href="' . append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=" . $row['user_id']) . '"' . $style_color .'><i>' . $row['username'] . '</i></a>';
 				$logged_hidden_online++;
 			}
-			
+
 			if ( $row['user_allow_viewonline'] || $userdata['user_level'] == ADMIN )
 			{
 				$online_userlist .= ( $online_userlist != '' ) ? ', ' . $user_online_link : $user_online_link;
@@ -242,9 +242,9 @@ else
 }
 
 $l_online_users = sprintf($l_t_user_s, $total_online_users);
-$l_online_users .= sprintf($l_r_user_s, $logged_visible_online); 
-$l_online_users .= sprintf($l_h_user_s, $logged_hidden_online); 
-$l_online_users .= sprintf($l_g_user_s, $guests_online); 
+$l_online_users .= sprintf($l_r_user_s, $logged_visible_online);
+$l_online_users .= sprintf($l_h_user_s, $logged_hidden_online);
+$l_online_users .= sprintf($l_g_user_s, $guests_online);
 
 //
 // Obtain number of new private messages
@@ -254,13 +254,13 @@ if ( $userdata['session_logged_in'] )
 {
 	if ( $userdata['user_new_privmsg'] )
 	{
-		$l_message_new = ( $userdata['user_new_privmsg'] == 1 ) ? $lang['New_pm'] : $lang['New_pms']; 
-		$l_privmsgs_text = sprintf($l_message_new, $userdata['user_new_privmsg']); 
+		$l_message_new = ( $userdata['user_new_privmsg'] == 1 ) ? $lang['New_pm'] : $lang['New_pms'];
+		$l_privmsgs_text = sprintf($l_message_new, $userdata['user_new_privmsg']);
 
 		if ( $userdata['user_last_privmsg'] > $userdata['user_lastvisit'] )
 		{
 			$sql = "UPDATE " . USERS_TABLE . "
-				SET user_last_privmsg = " . $userdata['user_lastvisit'] . " 
+				SET user_last_privmsg = " . $userdata['user_lastvisit'] . "
 				WHERE user_id = " . $userdata['user_id'];
 			if ( !$db->sql_query($sql) )
 			{
@@ -286,8 +286,8 @@ if ( $userdata['session_logged_in'] )
 
 	if ( $userdata['user_unread_privmsg'] )
 	{
-		$l_message_unread = ( $userdata['user_unread_privmsg'] == 1 ) ? $lang['Unread_pm'] : $lang['Unread_pms']; 
-		$l_privmsgs_text_unread = sprintf($l_message_unread, $userdata['user_unread_privmsg']); 
+		$l_message_unread = ( $userdata['user_unread_privmsg'] == 1 ) ? $lang['Unread_pm'] : $lang['Unread_pms'];
+		$l_privmsgs_text_unread = sprintf($l_message_unread, $userdata['user_unread_privmsg']);
 	}
 	else
 	{
@@ -317,73 +317,73 @@ while( list($nav_item, $nav_array) = @each($nav_links) )
 	{
 		// We have a nested array, used for items like <link rel='chapter'> that can occur more than once.
 		while( list(,$nested_array) = each($nav_array) )
-		{  
+		{
 			$nav_links_html .= sprintf($nav_link_proto, $nav_item, $nested_array['url'], $nested_array['title']);
 		}
 	}
-}	
+}
 
 //
 // The following assigns all _common_ variables that may be used at any point
 // in a template.
 //
 $template->assign_vars(array(
-	'SITENAME' => $board_config['sitename'], 
-	'SITE_DESCRIPTION' => $board_config['site_desc'], 
+	'SITENAME' => $board_config['sitename'],
+	'SITE_DESCRIPTION' => $board_config['site_desc'],
 	'PAGE_TITLE' => $page_title,
-	'LAST_VISIT_DATE' => sprintf($lang['You_last_visit'], $s_last_visit), 
-	'CURRENT_TIME' => sprintf($lang['Current_time'], create_date($board_config['default_dateformat'], time(), $board_config['board_timezone'])),  
+	'LAST_VISIT_DATE' => sprintf($lang['You_last_visit'], $s_last_visit),
+	'CURRENT_TIME' => sprintf($lang['Current_time'], create_date($board_config['default_dateformat'], time(), $board_config['board_timezone'])),
 	'TOTAL_USERS_ONLINE' => $l_online_users,
-	'LOGGED_IN_USER_LIST' => $online_userlist, 
+	'LOGGED_IN_USER_LIST' => $online_userlist,
 	'RECORD_USERS' => sprintf($lang['Record_online_users'], $board_config['record_online_users'], create_date($board_config['default_dateformat'], $board_config['record_online_date'], $board_config['board_timezone'])),
 	'PRIVATE_MESSAGE_INFO' => $l_privmsgs_text,
 	'PRIVATE_MESSAGE_INFO_UNREAD' => $l_privmsgs_text_unread,
-	'PRIVATE_MESSAGE_NEW_FLAG' => $s_privmsg_new, 
+	'PRIVATE_MESSAGE_NEW_FLAG' => $s_privmsg_new,
 
 	'PRIVMSG_IMG' => $icon_pm,
 
-	'L_USERNAME' => $lang['Username'], 
-	'L_PASSWORD' => $lang['Password'], 
-	'L_LOGIN_LOGOUT' => $l_login_logout, 
-	'L_LOGIN' => $lang['Login'], 
-	'L_LOG_ME_IN' => $lang['Log_me_in'], 
-	'L_AUTO_LOGIN' => $lang['Log_me_in'], 
-	'L_INDEX' => sprintf($lang['Forum_Index'], $board_config['sitename']), 
-	'L_REGISTER' => $lang['Register'], 
-	'L_PROFILE' => $lang['Profile'], 
-	'L_SEARCH' => $lang['Search'], 
-	'L_PRIVATEMSGS' => $lang['Private_Messages'], 
-	'L_WHO_IS_ONLINE' => $lang['Who_is_Online'], 
-	'L_MEMBERLIST' => $lang['Memberlist'], 
-	'L_FAQ' => $lang['FAQ'], 
-	'L_USERGROUPS' => $lang['Usergroups'], 
-	'L_SEARCH_NEW' => $lang['Search_new'], 
-	'L_SEARCH_UNANSWERED' => $lang['Search_unanswered'], 
-	'L_SEARCH_SELF' => $lang['Search_your_posts'], 
-	'L_WHOSONLINE_ADMIN' => sprintf($lang['Admin_online_color'], '<span style="color:#' . $theme['fontcolor3'] . '">', '</span>'), 
-	'L_WHOSONLINE_MOD' => sprintf($lang['Mod_online_color'], '<span style="color:#' . $theme['fontcolor2'] . '">', '</span>'), 
+	'L_USERNAME' => $lang['Username'],
+	'L_PASSWORD' => $lang['Password'],
+	'L_LOGIN_LOGOUT' => $l_login_logout,
+	'L_LOGIN' => $lang['Login'],
+	'L_LOG_ME_IN' => $lang['Log_me_in'],
+	'L_AUTO_LOGIN' => $lang['Log_me_in'],
+	'L_INDEX' => sprintf($lang['Forum_Index'], $board_config['sitename']),
+	'L_REGISTER' => $lang['Register'],
+	'L_PROFILE' => $lang['Profile'],
+	'L_SEARCH' => $lang['Search'],
+	'L_PRIVATEMSGS' => $lang['Private_Messages'],
+	'L_WHO_IS_ONLINE' => $lang['Who_is_Online'],
+	'L_MEMBERLIST' => $lang['Memberlist'],
+	'L_FAQ' => $lang['FAQ'],
+	'L_USERGROUPS' => $lang['Usergroups'],
+	'L_SEARCH_NEW' => $lang['Search_new'],
+	'L_SEARCH_UNANSWERED' => $lang['Search_unanswered'],
+	'L_SEARCH_SELF' => $lang['Search_your_posts'],
+	'L_WHOSONLINE_ADMIN' => sprintf($lang['Admin_online_color'], '<span style="color:#' . $theme['fontcolor3'] . '">', '</span>'),
+	'L_WHOSONLINE_MOD' => sprintf($lang['Mod_online_color'], '<span style="color:#' . $theme['fontcolor2'] . '">', '</span>'),
 
 	'U_SEARCH_UNANSWERED' => append_sid('search.'.$phpEx.'?search_id=unanswered'),
-	'U_SEARCH_SELF' => append_sid('search.'.$phpEx.'?search_id=egosearch'), 
-	'U_SEARCH_NEW' => append_sid('search.'.$phpEx.'?search_id=newposts'), 
+	'U_SEARCH_SELF' => append_sid('search.'.$phpEx.'?search_id=egosearch'),
+	'U_SEARCH_NEW' => append_sid('search.'.$phpEx.'?search_id=newposts'),
 	'U_INDEX' => append_sid('index.'.$phpEx),
 	'U_REGISTER' => append_sid('profile.'.$phpEx.'?mode=register'),
 	'U_PROFILE' => append_sid('profile.'.$phpEx.'?mode=editprofile'),
-	'U_PRIVATEMSGS' => append_sid('privmsg.'.$phpEx.'?folder=inbox'), 
-	'U_PRIVATEMSGS_POPUP' => append_sid('privmsg.'.$phpEx.'?mode=newpm'), 
+	'U_PRIVATEMSGS' => append_sid('privmsg.'.$phpEx.'?folder=inbox'),
+	'U_PRIVATEMSGS_POPUP' => append_sid('privmsg.'.$phpEx.'?mode=newpm'),
 	'U_SEARCH' => append_sid('search.'.$phpEx),
-	'U_MEMBERLIST' => append_sid('memberlist.'.$phpEx), 
-	'U_MODCP' => append_sid('modcp.'.$phpEx), 
+	'U_MEMBERLIST' => append_sid('memberlist.'.$phpEx),
+	'U_MODCP' => append_sid('modcp.'.$phpEx),
 	'U_FAQ' => append_sid('faq.'.$phpEx),
 	'U_VIEWONLINE' => append_sid('viewonline.'.$phpEx),
 	'U_LOGIN_LOGOUT' => append_sid($u_login_logout),
 	'U_MEMBERSLIST' => append_sid('memberlist.'.$phpEx),
 	'U_GROUP_CP' => append_sid('groupcp.'.$phpEx),
 
-	'S_CONTENT_DIRECTION' => $lang['DIRECTION'], 
-	'S_CONTENT_ENCODING' => $lang['ENCODING'], 
-	'S_CONTENT_DIR_LEFT' => $lang['LEFT'], 
-	'S_CONTENT_DIR_RIGHT' => $lang['RIGHT'], 
+	'S_CONTENT_DIRECTION' => $lang['DIRECTION'],
+	'S_CONTENT_ENCODING' => $lang['ENCODING'],
+	'S_CONTENT_DIR_LEFT' => $lang['LEFT'],
+	'S_CONTENT_DIR_RIGHT' => $lang['RIGHT'],
 	'S_TIMEZONE' => sprintf($lang['All_times'], $lang[number_format($board_config['board_timezone'])]),
 	'S_LOGIN_ACTION' => append_sid('login.'.$phpEx),
 
@@ -425,7 +425,7 @@ $template->assign_vars(array(
 	'T_SPAN_CLASS1' => $theme['span_class1'],
 	'T_SPAN_CLASS2' => $theme['span_class2'],
 	'T_SPAN_CLASS3' => $theme['span_class3'],
-	
+
 	'NAV_LINKS' => $nav_links_html)
 );