Remove guest user topic tracking via cookies, update viewtopic to re-fix highlighting of search terms, add lang capability to images, various other issues, removed remote avatar size reduction

git-svn-id: file:///svn/phpbb/trunk@1566 89ea8834-ac86-4346-8a33-228a782c2dd0
2025-06-28 22:28:51 +00:00 · 2001-12-14 02:41:33 +00:00 · 2001-12-14 02:41:33 +00:00 · 880013144e
commit 880013144e
parent bef3314e50
9 changed files with 365 additions and 360 deletions
--- a/phpBB/common.php
+++ b/phpBB/common.php
@ -144,7 +144,7 @@ $nav_links['author'] = array (
 //
 if( !empty($HTTP_X_FORWARDED_FOR) )
 {
-	$client_ip = ( preg_match("/^([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)/", $HTTP_X_FORWARDED_FOR, $ip_list) ) ? $ip_list[1] : $REMOTE_ADDR;
+	$client_ip = ( preg_match("/^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+/", $HTTP_X_FORWARDED_FOR, $ip_list) ) ? $ip_list[0] : $REMOTE_ADDR;
 }
 else
 {
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@ -280,24 +280,30 @@ function init_userprefs($userdata)
 		}
 	}
-	if( file_exists($phpbb_root_path . "language/lang_" . $board_config['default_lang'] . "/lang_main.".$phpEx) )
+	if( !file_exists($phpbb_root_path . "language/lang_" . $board_config['default_lang'] . "/lang_main.".$phpEx) )
 	{
 		$board_config['default_lang'] = "english";
 	}
 	include($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_main.' . $phpEx);
 	}
 	else
 	{
 		include($phpbb_root_path . 'language/lang_english/lang_main.' . $phpEx);
 	}
 	if( defined("IN_ADMIN") )
 	{
-		if( file_exists($phpbb_root_path . "language/lang_" . $board_config['default_lang'] . "/lang_admin.".$phpEx) )
+		if( !file_exists($phpbb_root_path . "language/lang_" . $board_config['default_lang'] . "/lang_admin.".$phpEx) )
 		{
 			$board_config['default_lang'] = "english";
 		}
 		include($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_admin.' . $phpEx);
 	}
-		else
+
 	while( list($key, $value) = @each($images) )
 	{
-			include($phpbb_root_path . 'language/lang_english/lang_admin.' . $phpEx);
+		if( strstr($value, "_lang") )
 		{
 			$new_value = str_replace("_lang", "_" . $board_config['default_lang'], $value);
 			$images[$key] = ( !file_exists($new_value) ) ? $new_value : str_replace("_lang", "_english", $value);
 		}
 	}
@ -324,11 +330,11 @@ function setup_style($style)
 	$template_path = 'templates/' ;
 	$template_name = $row['template_name'] ;
-	$template = new Template($phpbb_root_path . $template_path . $template_name);
+	$template = new Template($phpbb_root_path . $template_path . $template_name, $db);
 	if( $template )
 	{
-		$current_template_path = $template_path . $template_name . '/';
+		$current_template_path = $template_path . $template_name;
 		@include($phpbb_root_path . $template_path . $template_name . '/' . $template_name . '.cfg');
 		if( !defined("TEMPLATE_CONFIG") )
@ -1177,10 +1183,9 @@ function message_die($msg_code, $msg_text = "", $msg_title = "", $err_line = "",
 }
 //
-// this does exactly what preg_quote() does in PHP 4-ish: http://www.php.net/manual/en/function.preg-quote.php
+// this does exactly what preg_quote() does in PHP 4-ish: 
 // http://www.php.net/manual/en/function.preg-quote.php
 //
 // This function is here because the 2nd paramter to preg_quote was added in some
 // version of php 4.0.x.. So we use this in order to maintain compatibility with
@ -1196,5 +1201,4 @@ function phpbb_preg_quote($str, $delimiter)
 	return $text;
 }
 ?>
--- a/phpBB/includes/page_header.php
+++ b/phpBB/includes/page_header.php
@ -83,7 +83,7 @@ else
 	$l_login_logout = $lang['Login'];
 }
-$s_last_visit = create_date($board_config['default_dateformat'], $userdata['session_last_visit'], $board_config['board_timezone']);
+$s_last_visit = ( $userdata['session_logged_in'] ) ? create_date($board_config['default_dateformat'], $userdata['user_lastvisit'], $board_config['board_timezone']) : "";
 //
 // Get basic (usernames + totals) online
@ -92,7 +92,9 @@ $s_last_visit = create_date($board_config['default_dateformat'], $userdata['sess
 $sql = "SELECT u.username, u.user_id, u.user_allow_viewonline, s.session_logged_in, s.session_ip
 	FROM ".USERS_TABLE." u, ".SESSIONS_TABLE." s
 	WHERE u.user_id = s.session_user_id
-		AND s.session_time >= ".( time() - 300 );
+		AND ( s.session_time >= ".( time() - 300 ) . " 
 			OR u.user_session_time >= " . ( time() - 300 ) . " )  
 	ORDER BY u.user_session_time DESC";
 $result = $db->sql_query($sql);
 if(!$result)
 {
@ -245,19 +247,6 @@ $template->assign_vars(array(
 	"CURRENT_TIME" => sprintf($lang['Current_time'], create_date($board_config['default_dateformat'], time(), $board_config['board_timezone'])),  
 	"PRIVMSG_IMG" => $icon_pm,
 	"FORUM_IMG" => $images['forum'],
 	"FORUM_NEW_IMG" => $images['forum_new'],
 	"FORUM_LOCKED_IMG" => $images['forum_locked'],
 	"FOLDER_IMG" => $images['folder'],
 	"FOLDER_NEW_IMG" => $images['folder_new'],
 	"FOLDER_HOT_IMG" => $images['folder_hot'],
 	"FOLDER_HOT_NEW_IMG" => $images['folder_hot_new'],
 	"FOLDER_LOCKED_IMG" => $images['folder_locked'],
 	"FOLDER_LOCKED_NEW_IMG" => $images['folder_locked_new'],
 	"FOLDER_STICKY_IMG" => $images['folder_sticky'],
 	"FOLDER_STICKY_NEW_IMG" => $images['folder_sticky_new'],
 	"FOLDER_ANNOUNCE_IMG" => $images['folder_announce'],
 	"FOLDER_ANNOUNCE_NEW_IMG" => $images['folder_announce_new'],
 	"L_USERNAME" => $lang['Username'],
 	"L_PASSWORD" => $lang['Password'],
--- a/phpBB/includes/sessions.php
+++ b/phpBB/includes/sessions.php
@ -50,38 +50,10 @@ function session_begin($user_id, $user_ip, $page_id, $session_length, $auto_crea
 		$sessionmethod = SESSION_METHOD_GET;
 	}
 	$current_time = time();
 	$expiry_time = $current_time - $session_length;
 	//
 	// Initial ban check against IP and userid
 	//
 	ereg("(..)(..)(..)(..)", $user_ip, $user_ip_parts);
 	$sql = "SELECT ban_ip, ban_userid
 		FROM " . BANLIST_TABLE . "
 		WHERE ban_ip = '" . $user_ip_parts[1] . $user_ip_parts[2] . $user_ip_parts[3] . $user_ip_parts[4] . "'
 			OR ban_ip = '" . $user_ip_parts[1] . $user_ip_parts[2] . $user_ip_parts[3] . "ff'
 			OR ban_ip = '" . $user_ip_parts[1] . $user_ip_parts[2] . "ffff'
 			OR ban_ip = '" . $user_ip_parts[1] . "ffffff'
 			OR ban_userid = $user_id";
 	$result = $db->sql_query($sql);
 	if (!$result)
 	{
 		message_die(CRITICAL_ERROR, "Couldn't obtain ban information.", "", __LINE__, __FILE__, $sql);
 	}
 	$ban_info = $db->sql_fetchrow($result);
 	//
 	// Check for user and ip ban ...
 	//
 	if($ban_info['ban_ip'] || $ban_info['ban_userid'])
 	{
 		message_die(CRITICAL_MESSAGE, 'You_been_banned');
 	}
 	else
 	{
 	//
 	// Try and pull the last time stored
 	// in a cookie, if it exists
@ -94,7 +66,7 @@ function session_begin($user_id, $user_ip, $page_id, $session_length, $auto_crea
 		// what's needed is a session timer in the user table
 		// + the user_lastvisit ... damn damn damn damn and blast
 		//
-			$sql = "SELECT user_autologin_key, user_lastvisit 
+		$sql = "SELECT user_autologin_key, user_session_time, user_email    
 			FROM " . USERS_TABLE . " 
 			WHERE user_id = $user_id";
 		$result = $db->sql_query($sql);
@ -105,7 +77,7 @@ function session_begin($user_id, $user_ip, $page_id, $session_length, $auto_crea
 		$row = $db->sql_fetchrow($result);
-			$sessiondata['lastvisit'] = $row['user_lastvisit']; 
+		$sessiondata['lastvisit'] = ( $row['user_session_time'] > 0 ) ? $row['user_session_time'] : $current_time; 
 		if( $auto_create )
 		{
@ -147,15 +119,55 @@ function session_begin($user_id, $user_ip, $page_id, $session_length, $auto_crea
 		$sessiondata['lastvisit'] = ( !empty($sessiondata['lastvisit']) ) ? $sessiondata['lastvisit'] : $current_time;
 	}
 	//
 	// Initial ban check against user id, IP and email address
 	//
 	ereg("(..)(..)(..)(..)", $user_ip, $user_ip_parts);
 	$sql = "SELECT ban_ip, ban_userid, ban_email 
 		FROM " . BANLIST_TABLE . "
 		WHERE ban_ip = '" . $user_ip_parts[1] . $user_ip_parts[2] . $user_ip_parts[3] . $user_ip_parts[4] . "'
 			OR ban_ip = '" . $user_ip_parts[1] . $user_ip_parts[2] . $user_ip_parts[3] . "ff'
 			OR ban_ip = '" . $user_ip_parts[1] . $user_ip_parts[2] . "ffff'
 			OR ban_ip = '" . $user_ip_parts[1] . "ffffff'
 			OR ban_userid = $user_id";
 	if( $user_id != ANONYMOUS )
 	{
 		$sql .= " OR ban_email LIKE '" . $row['user_email'] . "' 
 			OR ban_email LIKE '" . substr($row['user_email'], strpos($row['user_email'], "@")) . "'";
 	}
 	$result = $db->sql_query($sql);
 	if( !$result )
 	{
 		message_die(CRITICAL_ERROR, "Couldn't obtain ban information.", "", __LINE__, __FILE__, $sql);
 	}
 	$ban_info = $db->sql_fetchrow($result);
 	if( $ban_info['ban_ip'] || $ban_info['ban_userid'] || $ban_info['ban_email'] )
 	{
 		message_die(CRITICAL_MESSAGE, 'You_been_banned');
 	}
 	//
 	// Create or update the session
 	//
 	if( !$auto_create )
 	{
 		$sql = "UPDATE " . SESSIONS_TABLE . "
 			SET session_user_id = $user_id, session_start = $current_time, session_last_visit = " . $sessiondata['lastvisit'] . ", session_time = $current_time, session_page = $page_id, session_logged_in = $login 
 			WHERE session_id = '" . $session_id . "' 
 				AND session_ip = '$user_ip'";
 		$result = $db->sql_query($sql);
-
+		if(!$result)
 		if( !$result || !$db->sql_affectedrows() )
 		{
-			$session_id = md5(uniqid($user_ip));
+			message_die(CRITICAL_ERROR, "Error updating current session : session_begin", "", __LINE__, __FILE__, $sql);
 		}
 	}
 	else
 	{
 		mt_srand( (double) microtime() * 1000000);
 		$session_id = md5(uniqid(mt_rand()));
 		$sql = "INSERT INTO " . SESSIONS_TABLE . "
 			(session_id, session_user_id, session_start, session_time, session_last_visit, session_ip, session_page, session_logged_in)
@ -170,17 +182,21 @@ function session_begin($user_id, $user_ip, $page_id, $session_length, $auto_crea
 	if( $user_id != ANONYMOUS )
 	{
 		$autologin_sql = "";
-			if( $enable_autologin && $sessionmethod = SESSION_METHOD_COOKIE )
+		if( $enable_autologin && $sessionmethod == SESSION_METHOD_COOKIE )
 		{
 			mt_srand( (double) microtime() * 1000000);
 			$autologin_key = md5(uniqid(mt_rand()));
 			$sessiondata['autologinid'] = $autologin_key;
-				$autologin_sql = ", user_autologin_key = '$autologin_key'";
+			$autologin_sql = $autologin_key;
 		}
 		else
 		{
 			$autologin_sql = "";
 		}
 		$sql_auto = "UPDATE " . USERS_TABLE . " 
-				SET user_lastvisit = " . time() . $autologin_sql . "  
+			SET user_lastvisit = " . $sessiondata['lastvisit'] . ", user_session_time = $current_time, user_session_page = $page_id, user_autologin_key ='$autologin_id'   
 			WHERE user_id = $user_id";
 		$result = $db->sql_query($sql_auto);
 		if(!$result)
@ -195,8 +211,7 @@ function session_begin($user_id, $user_ip, $page_id, $session_length, $auto_crea
 	setcookie($cookiename . '_data', $serialised_cookiedata, ($current_time + 31536000), $cookiepath, $cookiedomain, $cookiesecure);
 	setcookie($cookiename . '_sid', $session_id, 0, $cookiepath, $cookiedomain, $cookiesecure);
-		$SID = ($sessionmethod == SESSION_METHOD_GET) ? "sid=" . $session_id : "";
+	$SID = ( $sessionmethod == SESSION_METHOD_GET ) ? "sid=" . $session_id : "";
 	}
 	return $session_id;
@ -246,8 +261,8 @@ function session_pagestart($user_ip, $thispage_id, $session_length)
 		$sql = "SELECT u.*, s.*
 			FROM " . SESSIONS_TABLE . " s, " . USERS_TABLE . " u
 			WHERE s.session_id = '$session_id'
-				AND s.session_ip = '$user_ip'
+				AND u.user_id = s.session_user_id 
-				AND u.user_id = s.session_user_id";
+				AND s.session_ip = '$user_ip'";
 		$result = $db->sql_query($sql);
 		if( !$result )
 		{
@ -263,73 +278,54 @@ function session_pagestart($user_ip, $thispage_id, $session_length)
 		{
 			$SID = ( $sessionmethod == SESSION_METHOD_GET ) ? "sid=" . $session_id : "";
 			if( empty($HTTP_COOKIE_VARS[$cookiename . '_data']) )
 			{
 				if( !empty($userdata['user_autologin']) && $sessionmethod = SESSION_METHOD_COOKIE )
 				{
 					$sessiondata['autologinid'] = $autologin_key;
 				}
 				$sessiondata['userid'] = $user_id;
 				$sessiondata['lastvisit'] = $userdata['session_last_visit'];
 				$serialised_cookiedata = serialize($sessiondata);
 //				session_send_cookie("_data", $serialised_cookiedata, ($current_time + 31536000));
 				setcookie($board_config['cookie_name'] . "_data", $serialised_cookiedata, ($current_time + 31536000), $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']);
 				setcookie($board_config['cookie_name'] . "_sid", $HTTP_COOKIE_VARS[$board_config['cookie_name'] . "_sid"], 0, $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']);
 			}
 			//
 			// Only update session DB a minute or so after last update
 			//
-			if( $current_time - $userdata['session_time'] > 60 )
+			$last_update = ( $userdata['user_id'] == ANONYMOUS ) ? $userdata['session_time'] : $userdata['user_session_time'];
 			if( $current_time - $last_update > 60 )
 			{
 				if( $userdata['user_id'] == ANONYMOUS )
 				{
 					$sessiondata['lastvisit'] = $current_time;
 					$sql = "UPDATE " . SESSIONS_TABLE . " 
 						SET session_time = $current_time, session_page = $thispage_id 
 						WHERE session_id = '" . $userdata['session_id'] . "' 
-						AND session_ip = '$user_ip' 
+							AND session_user_id = " . $userdata['user_id'] . " 
-						AND session_user_id = " . $userdata['user_id'];
+							AND session_ip = '$user_ip'";
 				}
 				else
 				{
 					$sql = "UPDATE " . USERS_TABLE . " 
 						SET user_session_time = $current_time, user_session_page = $thispage_id 
 						WHERE user_id = " . $userdata['user_id'];
 				}
 				$result = $db->sql_query($sql);
 				if( !$result )
 				{
 					message_die(CRITICAL_ERROR, "Error updating sessions table : session_pagestart", "", __LINE__, __FILE__, $sql);
 				}
 				if( $user_id != ANONYMOUS ) 
 				{
 					$sql = "UPDATE " . USERS_TABLE . " 
 						SET user_lastvisit = $current_time
 						WHERE user_id = " . $userdata['user_id'];
 					$result = $db->sql_query($sql);
 					if( !$result )
 					{
 						message_die(CRITICAL_ERROR, "Error updating users table : session_pagestart (GET)", "", __LINE__, __FILE__, $sql);
 					}
 				}
 				//
 				// Delete expired sessions
 				//
 				$expiry_time = $current_time - $board_config['session_length'];
 				$sql = "DELETE FROM " . SESSIONS_TABLE . " 
-					WHERE session_time < $expiry_time";
+					WHERE session_time < $expiry_time 
 						AND session_id <> '$session_id'";
 				$result = $db->sql_query($sql);
 				if( !$result )
 				{
 					message_die(CRITICAL_ERROR, "Error clearing sessions table : session_pagestart", "", __LINE__, __FILE__, $sql);
 				}
 			}
 			setcookie($board_config['cookie_name'] . '_data', serialize($sessiondata), ($current_time + 31536000), $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']);
 			setcookie($board_config['cookie_name'] . '_sid', $session_id, 0, $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']);
 			return $userdata;
 		}
 			//
 			// We didn't need to update session
 			// so just return userdata
 			//
 			return $userdata;
 		}
 	}
 	else
 	{
 	}
 	//
 	// If we reach here then no (valid) session exists. So we'll create a new one,
@ -348,8 +344,8 @@ function session_pagestart($user_ip, $thispage_id, $session_length)
 		$sql = "SELECT u.*, s.*
 			FROM " . SESSIONS_TABLE . " s, " . USERS_TABLE . " u
 			WHERE s.session_id = '$result_id'
-				AND s.session_ip = '$user_ip'
+				AND u.user_id = s.session_user_id 
-				AND u.user_id = s.session_user_id";
+				AND s.session_ip = '$user_ip'";
 		$result = $db->sql_query($sql);
 		if ( !$result )
 		{
@ -446,34 +442,6 @@ function session_end($session_id, $user_id)
 } // session_end()
 //
 // This checks to see if we're @ the 20 cookie limit
 // if we are it re-sends the session id. This isn't a great
 // solution but it does work, although resulting in
 // more cookies being sent than necessary. Will re-evaluate
 // this in 2.2
 //
 function session_send_cookie($append_name, $set_value, $last_time)
 {
 	global $board_config;
 	global $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $SID;
 	setcookie($board_config['cookie_name'] . $append_name, $set_value, $last_time, $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']);
 	$cookie_count = 0;
 	while( list(, $value) = each($HTTP_COOKIE_VARS) )
 	{
 		$cookie_count += count($value);
 	}
 	if( $cookie_count == 20 )
 	{
 		setcookie($board_config['cookie_name'] . "_sid", stripslashes($HTTP_COOKIE_VARS[$board_config['cookie_name'] . "_sid"]), 0, $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']);
 	}
 	return;
 }
 //
 //
 // Append $SID to a url. Borrowed from phplib and modified. This is an
--- a/phpBB/index.php
+++ b/phpBB/index.php
@ -33,6 +33,12 @@ init_userprefs($userdata);
 // End session management
 //
 while( list($key, $value) = @each($images) )
 {
 }
 $viewcat = (!empty($HTTP_GET_VARS['viewcat'])) ? $HTTP_GET_VARS['viewcat'] : -1;
 if( isset($HTTP_GET_VARS['mark']) || isset($HTTP_POST_VARS['mark']) )
@ -49,6 +55,8 @@ else
 //
 if( $mark_read == "forums" )
 {
 	if( $userdata['session_logged_in'] )
 	{
 		$sql = "SELECT MAX(post_time) AS last_post 
 			FROM " . POSTS_TABLE;
 		if(!$result = $db->sql_query($sql))
@ -62,10 +70,10 @@ if( $mark_read == "forums" )
 			$last_post_time = $mark_read_list['last_post'];
-		if( $last_post_time > $userdata['session_last_visit'] ) 
+			if( $last_post_time > $userdata['user_lastvisit'] ) 
 			{
 				setcookie($board_config['cookie_name'] . "_f_all", time(), 0, $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']);
-//			session_send_cookie("_f_all", time(), 0);
+			}
 		}
 	}
@ -171,6 +179,8 @@ if($total_categories = $db->sql_numrows($q_categories))
 	}
 	$forum_rows = $db->sql_fetchrowset($q_forums);
 	if( $userdata['session_logged_in'] )
 	{
 		$sql = "SELECT f.forum_id, t.topic_id, p.post_time
 			FROM " . FORUMS_TABLE . " f, " . TOPICS_TABLE . " t, " . POSTS_TABLE . " p
 			WHERE t.forum_id = f.forum_id
@ -186,6 +196,7 @@ if($total_categories = $db->sql_numrows($q_categories))
 		{
 			$new_topic_data[$topic_data['forum_id']][$topic_data['topic_id']] = $topic_data['post_time'];
 		}
 	}
 	//
 	// Obtain list of moderators of each forum
@ -236,6 +247,10 @@ if($total_categories = $db->sql_numrows($q_categories))
 		"TOTAL_USERS" => ( $total_users == 1 ) ? sprintf($lang['Registered_user_total'], $total_users) : sprintf($lang['Registered_users_total'], $total_users),
 		"NEWEST_USER" => sprintf($lang['Newest_user'], "<a href=\"" . append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=$newest_uid") . "\">", $newest_user, "</a>"), 
 		"FORUM_IMG" => $images['forum'],
 		"FORUM_NEW_IMG" => $images['forum_new'],
 		"FORUM_LOCKED_IMG" => $images['forum_locked'],
 		"L_FORUM_LOCKED" => $lang['Forum_is_locked'],
 		"L_MARK_FORUMS_READ" => $lang['Mark_all_forums'], 
@ -276,6 +291,8 @@ if($total_categories = $db->sql_numrows($q_categories))
 				else
 				{
 					$unread_topics = false;
 					if( $userdata['session_logged_in'] )
 					{
 						if( count($new_topic_data[$forum_id]) )
 						{
 							$forum_last_post_time = 0;
@ -284,7 +301,6 @@ if($total_categories = $db->sql_numrows($q_categories))
 							{
 								if( !isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . "_t_$check_topic_id"]) )
 								{
 //								echo "NOT SET :: $forum_id  :: $check_topic_id <BR>\n";
 									$unread_topics = true;
 									$forum_last_post_time = max($check_post_time, $forum_last_post_time);
@ -293,7 +309,6 @@ if($total_categories = $db->sql_numrows($q_categories))
 								{
 									if( $HTTP_COOKIE_VARS[$board_config['cookie_name'] . "_t_$check_topic_id"] < $check_post_time )
 									{
 //									echo "SET :: $forum_id  :: $check_topic_id <BR>\n";
 										$unread_topics = true;
 										$forum_last_post_time = max($check_post_time, $forum_last_post_time);
 									}
@ -317,6 +332,7 @@ if($total_categories = $db->sql_numrows($q_categories))
 							}
 						}
 					}
 					$folder_image = ( $unread_topics ) ? "<img src=\"" . $images['forum_new'] . "\" alt=\"" . $lang['New_posts'] . "\" title=\"" . $lang['New_posts'] . "\" />" : "<img src=\"" . $images['forum'] . "\" alt=\"" . $lang['No_new_posts'] . "\" title=\"" . $lang['No_new_posts'] . "\" />";
 				}
@ -324,7 +340,7 @@ if($total_categories = $db->sql_numrows($q_categories))
 				$posts = $forum_rows[$j]['forum_posts'];
 				$topics = $forum_rows[$j]['forum_topics'];
-				if($forum_rows[$j]['username'] != "" && $forum_rows[$j]['post_time'] > 0)
+				if( $forum_rows[$j]['username'] != "" && $forum_rows[$j]['post_time'] > 0 )
 				{
 					$last_post_time = create_date($board_config['default_dateformat'], $forum_rows[$j]['post_time'], $board_config['board_timezone']);
--- a/phpBB/search.php
+++ b/phpBB/search.php
@ -264,12 +264,19 @@ else if( $query_keywords != "" || $query_author != "" || $search_id )
 	if( $search_id == "newposts" || $search_id == "egosearch" || ( $query_author != "" && $query_keywords == "" )  )
 	{
 		if( $search_id == "newposts" )
 		{
 			if( $userdata['session_logged_in'] )
 			{
 				$sql = "SELECT post_id 
 					FROM " . POSTS_TABLE . " 
-				WHERE post_time >= " . $userdata['session_last_visit'] . " 
+					WHERE post_time >= " . $userdata['user_lastvisit'] . " 
 					ORDER BY post_time DESC";
 			}
 			else
 			{
 				message_die(GENERAL_MESSAGE, $lang['No_search_match']);
 			}
 		}
 		else if( $search_id == "egosearch" )
 		{
 			$sql = "SELECT post_id 
@ -555,7 +562,7 @@ else if( $query_keywords != "" || $query_author != "" || $search_id )
 	//
 	// Define common SQL
 	//
-	$sql_fields = ( $show_results == "posts") ? "pt.post_text, pt.post_subject, p.post_id, p.post_time, p.post_username, f.forum_name, t.topic_id, t.topic_title, t.topic_poster, t.topic_time, t.topic_views, t.topic_replies, u.username, u.user_id, u.user_sig, u.user_sig_bbcode_uid" : "f.forum_id, f.forum_name, t.topic_id, t.topic_title, t.topic_poster, t.topic_time, t.topic_views, t.topic_replies, t.topic_last_post_id, u.username, u.user_id, u2.username as user2, u2.user_id as id2, p.post_time, p.post_username" ;
+	$sql_fields = ( $show_results == "posts") ? "pt.post_text, pt.bbcode_uid, pt.post_subject, p.post_id, p.post_time, p.post_username, p.enable_bbcode, p.enable_html, p.enable_smilies, p.enable_sig, f.forum_name, t.topic_id, t.topic_title, t.topic_poster, t.topic_time, t.topic_views, t.topic_replies, u.username, u.user_id, u.user_sig, u.user_sig_bbcode_uid" : "f.forum_id, f.forum_name, t.topic_id, t.topic_title, t.topic_poster, t.topic_time, t.topic_views, t.topic_replies, t.topic_last_post_id, u.username, u.user_id, u2.username as user2, u2.user_id as id2, p.post_time, p.post_username" ;
 	$sql_from = ( $show_results == "posts") ? FORUMS_TABLE . " f, " . TOPICS_TABLE . " t, " . USERS_TABLE . " u, " . POSTS_TABLE . " p, " . POSTS_TEXT_TABLE . " pt" : FORUMS_TABLE . " f, " . TOPICS_TABLE . " t, " . USERS_TABLE . " u, " . POSTS_TABLE . " p, " . USERS_TABLE . " u2";
@ -882,7 +889,7 @@ else if( $query_keywords != "" || $query_author != "" || $search_id )
 			if( $showresults == "posts" )
 			{
-				if($return_chars != 0 )
+				if( $return_chars )
 				{
 					$bbcode_uid = $searchset[$i]['bbcode_uid'];
@ -909,13 +916,6 @@ else if( $query_keywords != "" || $query_author != "" || $search_id )
 						$user_sig = $searchset[$i]['user_sig'];
 						$user_sig_bbcode_uid = $searchset[$i]['user_sig_bbcode_uid'];
 						if( count($search_string) )
 						{
 							$message = preg_replace($search_string, $replace_string, $message);
 						}
 						if( !$board_config['allow_html'] )
 						{
 							if( $user_sig != "" && $searchset[$i]['enable_sig'] && $userdata['user_allowhtml'] )
@ -945,6 +945,12 @@ else if( $query_keywords != "" || $query_author != "" || $search_id )
 						}
 						$message = make_clickable($message);
 						if( count($search_string) )
 						{
 							$message = preg_replace($search_string, $replace_string, $message);
 						}
 					}
 					if( count($orig_word) )
--- a/phpBB/viewforum.php
+++ b/phpBB/viewforum.php
@ -112,6 +112,8 @@ if( !$is_auth['auth_read'] || !$is_auth['auth_view'] )
 //
 if( $mark_read == "topics" )
 {
 	if( $userdata['session_logged_in'] )
 	{
 		$sql = "SELECT MAX(post_time) AS last_post 
 			FROM " . POSTS_TABLE . " 
 			WHERE forum_id = $forum_id";
@ -124,16 +126,16 @@ if( $mark_read == "topics" )
 		{
 			$row = $db->sql_fetchrow($result);
-		if( $row['last_post'] > $userdata['session_last_visit'] )
+			if( $row['last_post'] > $userdata['user_lastvisit'] )
 			{
 				setcookie($board_config['cookie_name'] . "_f_$forum_id", time(), 0, $board_config['cookie_path'], $board_config['cookie_domain'], $board_config['cookie_secure']);
 //			session_send_cookie("_f_$forum_id", time(), 0);
 			}
 		}
 		$template->assign_vars(array(
 			"META" => '<meta http-equiv="refresh" content="3;url=' . append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id") . '">')
 		);
 	}
 	$message = $lang['Topics_marked_read'] . "<br /><br />" . sprintf($lang['Click_return_forum'], "<a href=\"" . append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=$forum_id") . "\">", "</a> ");
 	message_die(GENERAL_MESSAGE, $message);
@ -358,6 +360,17 @@ $template->assign_vars(array(
 	"MODERATORS" => $forum_moderators,
 	"IMG_POST" => ( $forum_row['forum_status'] == FORUM_LOCKED ) ? $images['post_locked'] : $images['post_new'],
 	"FOLDER_IMG" => $images['folder'],
 	"FOLDER_NEW_IMG" => $images['folder_new'],
 	"FOLDER_HOT_IMG" => $images['folder_hot'],
 	"FOLDER_HOT_NEW_IMG" => $images['folder_hot_new'],
 	"FOLDER_LOCKED_IMG" => $images['folder_locked'],
 	"FOLDER_LOCKED_NEW_IMG" => $images['folder_locked_new'],
 	"FOLDER_STICKY_IMG" => $images['folder_sticky'],
 	"FOLDER_STICKY_NEW_IMG" => $images['folder_sticky_new'],
 	"FOLDER_ANNOUNCE_IMG" => $images['folder_announce'],
 	"FOLDER_ANNOUNCE_NEW_IMG" => $images['folder_announce_new'],
 	"L_MARK_TOPICS_READ" => $lang['Mark_all_topics'], 
 	"L_POST_NEW_TOPIC" => ( $forum_row['forum_status'] == FORUM_LOCKED ) ? $lang['Forum_locked'] : $lang['Post_new_topic'], 
@ -499,6 +512,8 @@ if( $total_topics )
 				}
 			}
 			if( $userdata['session_logged_in'] )
 			{
 				if( isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . "_t_$topic_id"]) || 
 					isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . "_f_$forum_id"]) || 
 					isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . "_f_all"]) )
@ -558,6 +573,13 @@ if( $total_topics )
 					$newest_post_img = "";
 				}
 			}
 			else
 			{
 				$folder_alt = ( $topic_rowset[$i]['topic_status'] == TOPIC_LOCKED ) ? $lang['Topic_locked'] : $lang['No_new_posts'];
 				$folder_image = "<img src=\"$folder\" alt=\"$folder_alt\" title=\"$folder_alt\" border=\"0\" />";
 				$newest_post_img = "";
 			}
 		}
 		$view_topic_url = append_sid("viewtopic.$phpEx?" . POST_TOPIC_URL . "=$topic_id");
--- a/phpBB/viewonline.php
+++ b/phpBB/viewonline.php
@ -77,12 +77,12 @@ $template->assign_var_from_handle("JUMPBOX", "jumpbox");
 // End header
 //
-$sql = "SELECT u.user_id, u.username, u.user_allow_viewonline, s.session_page, s.session_logged_in, s.session_time
+$sql = "SELECT u.user_id, u.username, u.user_session_time, u.user_session_page, u.user_allow_viewonline, s.session_logged_in 
 	FROM " . USERS_TABLE . " u, " . SESSIONS_TABLE . " s
-	WHERE u.user_id <> " . ANONYMOUS . "
+	WHERE s.session_logged_in = " . TRUE . " 
 		AND u.user_id = s.session_user_id 
-		AND s.session_time >= " . ( time() - 300 ) . "
+		AND u.user_id <> " . ANONYMOUS . " 
-		AND s.session_logged_in = " . TRUE . "
+		AND u.user_session_time >= " . ( time() - 300 ) . " 
 	ORDER BY s.session_time DESC";
 if(!$result = $db->sql_query($sql))
 {
@ -90,7 +90,7 @@ if(!$result = $db->sql_query($sql))
 }
 $onlinerow_reg = $db->sql_fetchrowset($result);
-$sql = "SELECT session_page, session_logged_in, session_time, session_ip
+$sql = "SELECT session_page, session_logged_in, session_time 
 	FROM " . SESSIONS_TABLE . "
 	WHERE session_logged_in = 0
 		AND session_time >= " . ( time() - 300 ) . "
@ -161,9 +161,9 @@ if( count($onlinerow_reg) )
 				$hidden = TRUE;
 			}
-			if( $onlinerow_reg[$i]['session_page'] < 1 || !$is_auth_ary[$onlinerow_reg[$i]['session_page']]['auth_view'] )
+			if( $onlinerow_reg[$i]['user_session_page'] < 1 || !$is_auth_ary[$onlinerow_reg[$i]['user_session_page']]['auth_view'] )
 			{
-				switch($onlinerow_reg[$i]['session_page'])
+				switch($onlinerow_reg[$i]['user_session_page'])
 				{
 					case PAGE_INDEX:
 						$location = $lang['Forum_index'];
@ -208,8 +208,8 @@ if( count($onlinerow_reg) )
 			}
 			else
 			{
-				$location_url = append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=" . $onlinerow_reg[$i]['session_page']);
+				$location_url = append_sid("viewforum.$phpEx?" . POST_FORUM_URL . "=" . $onlinerow_reg[$i]['user_session_page']);
-				$location = $forum_data[$onlinerow_reg[$i]['session_page']];
+				$location = $forum_data[$onlinerow_reg[$i]['user_session_page']];
 			}
 			if( !$hidden || $userdata['user_level'] == ADMIN )
@ -221,7 +221,7 @@ if( count($onlinerow_reg) )
 					"ROW_COLOR" => "#" . $row_color,
 					"ROW_CLASS" => $row_class,
 					"USERNAME" => $username,
-					"LASTUPDATE" => create_date($board_config['default_dateformat'], $onlinerow_reg[$i]['session_time'], $board_config['board_timezone']),
+					"LASTUPDATE" => create_date($board_config['default_dateformat'], $onlinerow_reg[$i]['user_session_time'], $board_config['board_timezone']),
 					"FORUM_LOCATION" => $location,
 					"U_USER_PROFILE" => append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=" . $onlinerow_reg[$i]['user_id']),
--- a/phpBB/viewtopic.php
+++ b/phpBB/viewtopic.php
@ -388,7 +388,7 @@ $select_post_order .= "</select>";
 //
 // Go ahead and pull all data for this topic
 //
-$sql = "SELECT u.username, u.user_id, u.user_posts, u.user_from, u.user_website, u.user_email, u.user_icq, u.user_aim, u.user_yim, u.user_regdate, u.user_msnm, u.user_viewemail, u.user_rank, u.user_sig, u.user_sig_bbcode_uid, u.user_avatar, u.user_avatar_type, p.*,  pt.post_text, pt.post_subject, pt.bbcode_uid
+$sql = "SELECT u.username, u.user_id, u.user_posts, u.user_from, u.user_website, u.user_email, u.user_icq, u.user_aim, u.user_yim, u.user_regdate, u.user_msnm, u.user_viewemail, u.user_rank, u.user_sig, u.user_sig_bbcode_uid, u.user_avatar, u.user_avatar_type, u.user_allowavatar, p.*,  pt.post_text, pt.post_subject, pt.bbcode_uid
 	FROM " . POSTS_TABLE . " p, " . USERS_TABLE . " u, " . POSTS_TEXT_TABLE . " pt
 	WHERE p.topic_id = $topic_id
 		AND p.poster_id = u.user_id
@ -740,24 +740,24 @@ for($i = 0; $i < $total_posts; $i++)
 	$post_date = create_date($board_config['default_dateformat'], $postrow[$i]['post_time'], $board_config['board_timezone']);
-	$poster_posts = ($postrow[$i]['user_id'] != ANONYMOUS) ? $lang['Posts'] . ": " . $postrow[$i]['user_posts'] : "";
+	$poster_posts = ( $postrow[$i]['user_id'] != ANONYMOUS ) ? $lang['Posts'] . ": " . $postrow[$i]['user_posts'] : "";
-	$poster_from = ($postrow[$i]['user_from'] && $postrow[$i]['user_id'] != ANONYMOUS) ? $lang['Location'] . ": " . $postrow[$i]['user_from'] : "";
+	$poster_from = ( $postrow[$i]['user_from'] && $postrow[$i]['user_id'] != ANONYMOUS ) ? $lang['Location'] . ": " . $postrow[$i]['user_from'] : "";
-	$poster_joined = ($postrow[$i]['user_id'] != ANONYMOUS) ? $lang['Joined'] . ": " . create_date($lang['DATE_FORMAT'], $postrow[$i]['user_regdate'], $board_config['board_timezone']) : "";
+	$poster_joined = ( $postrow[$i]['user_id'] != ANONYMOUS ) ? $lang['Joined'] . ": " . create_date($lang['DATE_FORMAT'], $postrow[$i]['user_regdate'], $board_config['board_timezone']) : "";
-	if( $postrow[$i]['user_avatar_type'] && $poster_id != ANONYMOUS )
+	if( $postrow[$i]['user_avatar_type'] && $poster_id != ANONYMOUS && $postrow[$i]['user_allowavatar'] )
 	{
 		switch( $postrow[$i]['user_avatar_type'] )
 		{
 			case USER_AVATAR_UPLOAD:
-				$poster_avatar = ( $board_config['avatar_upload_db'] ) ? "<img src=\"avatar.$phpEx?p=" . $postrow[$i]['post_id'] . "\" alt=\"\" />" : "<img src=\"" . $board_config['avatar_path'] . "/" . $postrow[$i]['user_avatar'] . "\" alt=\"\" border=\"\" />";
+				$poster_avatar = ( $board_config['avatar_upload_db'] ) ? "<img src=\"avatar.$phpEx?p=" . $postrow[$i]['post_id'] . "\" alt=\"\" />" : "<img src=\"" . $board_config['avatar_path'] . "/" . $postrow[$i]['user_avatar'] . "\" alt=\"\" border=\"0\" />";
 				break;
 			case USER_AVATAR_REMOTE:
-				$poster_avatar = "<img src=\"" . $postrow[$i]['user_avatar'] . "\" width=\"".$board_config['avatar_max_width']."\" height=\"".$board_config['avatar_max_height']."\" alt=\"\" border=\"\" />";
+				$poster_avatar = "<img src=\"" . $postrow[$i]['user_avatar'] . "\" alt=\"\" border=\"0\" />";
 				break;
 			case USER_AVATAR_GALLERY:
-				$poster_avatar = "<img src=\"" . $board_config['avatar_gallery_path'] . "/" . $postrow[$i]['user_avatar'] . "\" alt=\"\" border=\"\" />";
+				$poster_avatar = "<img src=\"" . $board_config['avatar_gallery_path'] . "/" . $postrow[$i]['user_avatar'] . "\" alt=\"\" border=\"0\" />";
 				break;
 		}
 	}
@ -938,14 +938,6 @@ for($i = 0; $i < $total_posts; $i++)
 	// output
 	//
 	//
 	// Highlight active words (primarily for search)
 	//
 	if( $highlight_active )
 	{
 		$message = preg_replace($highlight_match, $highlight_replace, $message);
 	}
 	//
 	// If the board has HTML off but the post has HTML
 	// on then we process it, else leave it alone
@ -989,6 +981,14 @@ for($i = 0; $i < $total_posts; $i++)
 	$message = make_clickable($message);
 	//
 	// Highlight active words (primarily for search)
 	//
 	if( $highlight_active )
 	{
 		$message = preg_replace($highlight_match, $highlight_replace, $message);
 	}
 	//
 	// Replace naughty words
 	//