ok, bugfixing phase #1 finished. There will be more bugfixes coming and those knowing CVS/php/mysql are encouraged to implement the fixes. ;)

git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@5204 89ea8834-ac86-4346-8a33-228a782c2dd0
2025-06-08 12:28:52 +00:00 · 2005-09-14 18:14:30 +00:00 · 2005-09-14 18:14:30 +00:00 · b4d5539758
commit b4d5539758
parent 08b719e8d5
24 changed files with 150 additions and 78 deletions
--- a/phpBB/admin/admin_board.php
+++ b/phpBB/admin/admin_board.php
@ -254,7 +254,6 @@ $template->assign_vars(array(
 	"ACTIVATION_ADMIN_CHECKED" => $activation_admin, 
 	"CONFIRM_ENABLE" => $confirm_yes,
 	"CONFIRM_DISABLE" => $confirm_no,
 	"ACTIVATION_NONE_CHECKED" => $activation_none,
 	"BOARD_EMAIL_FORM_ENABLE" => $board_email_form_yes, 
 	"BOARD_EMAIL_FORM_DISABLE" => $board_email_form_no, 
 	"MAX_POLL_OPTIONS" => $new['max_poll_options'], 
--- a/phpBB/admin/admin_disallow.php
+++ b/phpBB/admin/admin_disallow.php
@ -45,7 +45,7 @@ if( isset($HTTP_POST_VARS['add_name']) )
 	if ($disallowed_user == '')
 	{
-		message_die(MESSAGE, $lang['Fields_empty']);
+		message_die(GENERAL_MESSAGE, $lang['Fields_empty']);
 	}
 	if( !validate_username($disallowed_user) )
 	{
--- a/phpBB/admin/admin_smilies.php
+++ b/phpBB/admin/admin_smilies.php
@ -410,7 +410,7 @@ else if ( $mode != "" )
 			// If no code was entered complain ...
 			if ($smile_code == '' || $smile_url == '')
 			{
-				message_die(MESSAGE, $lang['Fields_empty']);
+				message_die(GENERAL_MESSAGE, $lang['Fields_empty']);
 			}
 			//
@ -454,7 +454,7 @@ else if ( $mode != "" )
 			// If no code was entered complain ...
 			if ($smile_code == '' || $smile_url == '')
 			{
-				message_die(MESSAGE, $lang['Fields_empty']);
+				message_die(GENERAL_MESSAGE, $lang['Fields_empty']);
 			}
 			//
--- a/phpBB/admin/admin_ug_auth.php
+++ b/phpBB/admin/admin_ug_auth.php
@ -251,9 +251,10 @@ if ( isset($HTTP_POST_VARS['submit']) && ( ( $mode == 'user' && $user_id ) || (
 				}
 			}
-			$sql = "SELECT * 
+			$sql = 'SELECT f.* 
-				FROM " . FORUMS_TABLE . " f
+				FROM ' . FORUMS_TABLE . ' f, ' . CATEGORIES_TABLE . ' c
-				ORDER BY forum_order";
+				WHERE f.cat_id = c.cat_id
 				ORDER BY c.cat_order, f.forum_order';
 			if ( !($result = $db->sql_query($sql)) )
 			{
 				message_die(GENERAL_ERROR, "Couldn't obtain forum information", "", __LINE__, __FILE__, $sql);
@ -831,9 +832,9 @@ else if ( ( $mode == 'user' && ( isset($HTTP_POST_VARS['username']) || $user_id
 		}
 	}
 	$t_usergroup_list = $t_pending_list = '';
 	if( count($name) )
 	{
 		$t_usergroup_list = $t_pending_list = '';
 		for($i = 0; $i < count($ug_info); $i++)
 		{
 			$ug = ( $mode == 'user' ) ? 'group&amp;' . POST_GROUPS_URL : 'user&amp;' . POST_USERS_URL;
@ -848,10 +849,9 @@ else if ( ( $mode == 'user' && ( isset($HTTP_POST_VARS['username']) || $user_id
 			}
 		}
 	}
-	else
+
-	{
+	$t_usergroup_list = ($t_usergroup_list == '') ? $lang['None'] : $t_usergroup_list;
-		$t_usergroup_list = $lang['None'];
+	$t_pending_list = ($t_pending_list == '') ? $lang['None'] : $t_pending_list;
 	}
 	$s_column_span = 2; // Two columns always present
 	if( !$adv )
--- a/phpBB/admin/page_footer_admin.php
+++ b/phpBB/admin/page_footer_admin.php
@ -25,6 +25,8 @@ if ( !defined('IN_PHPBB') )
 	die("Hacking attempt");
 }
 global $do_gzip_compress;
 //
 // Show the overall footer.
 //
--- a/phpBB/docs/CHANGELOG.html
+++ b/phpBB/docs/CHANGELOG.html
@ -62,7 +62,32 @@ p,ul,td {font-size:10pt;}
 <p>This is a non-exhaustive (but still near complete) changelog for phpBB 2.0.x including beta and release candidate versions. Our thanks to all those people who've contributed bug reports and code fixes.</p>
-<a name="2016"></a><h3 class="h3">l.i. Changes since 2.0.16</h3>
+<a name="2017"></a><h3 class="h3">l.i. Changes since 2.0.17</h3>
 <ul>
 <li>[Fix] incorrect handling of password resets if admin activation is enabled (Bug #88)</li>
 <li>[Fix] retrieving category rows in index.php (Bug #90)</li>
 <li>[Fix] wrong topic redirection after login redirect (Bug #94)</li>
 <li>[Fix] improved handling of username lists in admin_ug_auth.php (Bug #98)</li>
 <li>[Fix] incorrect removal of bbcode_uid values if bbcode has been turned off (Bug #100)</li>
 <li>[Fix] incorrect alt tag on generated search images in viewtopic.php and usercp_viewprofile.php (Bug #102)</li>
 <li>[Fix] consistent forum ordering in all dropdown boxes (Bug #106)</li>
 <li>[Fix] correctly get compression status in page_tail.php and page_footer_admin.php (Bug #117)</li>
 <li>[Fix] handling of both forms of translation information used in language packs (Bug #159)</li>
 <li>[Fix] key length for activation keys fixed in usercp_sendpassword.php (Bug #171)</li>
 <li>[Fix] use GENERAL_MESSAGE constant in message_die instead of MESSAGE (Bug #176)</li>
 <li>[Fix] incorrect handling of move stubs (Bug #179)</li>
 <li>[Fix] wrong mode_type in memberlist (Bug #187)</li>
 <li>[Fix] removed unused variable from topic_notify email template (Bug #210)</li>
 <li>[Fix] invalid HTML in overall_header.tpl when user is logged in (Bug #211)</li>
 <li>[Fix] removed unset variable from smilies popup window title (Bug #224)</li>
 <li>[Fix] removed duplicate template assignment from admin_board.php (Bug #226)</li>
 <li>[Fix] incorrect search link for guest posts in modcp.php (Bug #254)</li>
 <li>[Fix] correctly check returned value from strpos in append_sid function (Bug #275)</li>
 <li>[Fix] correctly display username in private message notification (Bug #278)</li>
 <li>[Fix] fixed "var-by-ref" errors (Bug #322)</li>
 <a name="2016"></a><h3 class="h3">l.ii. Changes since 2.0.16</h3>
 <ul>
 <li>Added extra checks to the deletion code in privmsg.php - reported by party_fan</li>
@ -78,7 +103,7 @@ p,ul,td {font-size:10pt;}
 <li>Correctly set username on posts when deleting a user from the admin panel</li>
 </ul>
-<a name="2015"></a><h3 class="h3">l.ii. Changes since 2.0.15</h3>
+<a name="2015"></a><h3 class="h3">l.iii. Changes since 2.0.15</h3>
 <ul>
 <li>Fixed critical issue with highlighting - <b>Discovered and fix provided by Ron van Daal</b></li>
@ -90,7 +115,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed bug in admin re-authentication redirect for servers not having index.php as one of their default files set</li>
 </ul>
-<a name="2014"></a><h3 class="h3">l.iii. Changes since 2.0.14</h3>
+<a name="2014"></a><h3 class="h3">l.iv. Changes since 2.0.14</h3>
 <ul>
 <li>Fixed moderator status removal in groupcp.php</li>
@ -112,7 +137,7 @@ p,ul,td {font-size:10pt;}
 <li>Empty url/img bbcodes no longer get parsed</li>
 </ul>
-<a name="2013"></a><h3 class="h3">l.iv. Changes since 2.0.13</h3>
+<a name="2013"></a><h3 class="h3">l.v. Changes since 2.0.13</h3>
 <ul>
 <li>Hardened author and keyword search a bit to not allow very server intensive searches</li>
@ -129,7 +154,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed case-sensitivity issues in postgres7.php - <b>R45</b></li>
 </ul>
-<a name="2012"></a><h3 class="h3">l.v. Changes since 2.0.12</h3>
+<a name="2012"></a><h3 class="h3">l.vi. Changes since 2.0.12</h3>
 <ul>
 <li>Ommitted preg_replace warning in viewtopic due to improper working of preg_quote in PHP - originally reported by matrix_killer, fix submitted by another party</li>
@ -137,7 +162,7 @@ p,ul,td {font-size:10pt;}
 <li>Minimum requirements raised to PHP 4.0.3 or above due to fixing vulnerability issues breaking PHP3 compatibility.</li>
 </ul>
-<a name="2011"></a><h3 class="h3">l.vi. Changes since 2.0.11</h3>
+<a name="2011"></a><h3 class="h3">l.vii. Changes since 2.0.11</h3>
 <ul>
 <li>Added confirm table to admin_db_utilities.php</li>
@ -152,7 +177,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed path disclosure bug in viewtopic.php caused by a PHP 4.3.10 bug - <b>matrix_killer</b></li>
 </ul>
-<a name="2010"></a><h3 class="h3">l.vii. Changes since 2.0.10</h3>
+<a name="2010"></a><h3 class="h3">l.viii. Changes since 2.0.10</h3>
 <ul>
 <li>Fixed vulnerability in highlighting code (<b>very high severity, please update your installation as soon as possible</b>)</li>
@ -163,7 +188,7 @@ p,ul,td {font-size:10pt;}
 <li>Added visual confirmation mod to code base</li>
 </ul>
-<a name="209"></a><h3 class="h3">l.viii. Changes since 2.0.9</h3>
+<a name="209"></a><h3 class="h3">l.ix. Changes since 2.0.9</h3>
 <ul>
 <li>Fixed deleting of styles in admin_styles.php</li>
@ -176,7 +201,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed visual confirmation code. The image was not created due to a wrong regular expression.</li>
 </ul>
-<a name="208"></a><h3 class="h3">l.ix. Changes since 2.0.8</h3>
+<a name="208"></a><h3 class="h3">l.x. Changes since 2.0.8</h3>
 <ul>
 <li>Fixed one vulnerability in admin_board.php - <b>Xore</b></li>
@ -195,7 +220,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed problem with SID not delivered to next page in groupcp.php</li>
 </ul>
-<a name="207"></a><h3 class="h3">l.x. Changes since 2.0.7</h3>
+<a name="207"></a><h3 class="h3">l.xi. Changes since 2.0.7</h3>
 <ul>
 <li>Fixed several vulnerabilities in admin pages</li>
@ -207,7 +232,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed sql injection vulnerability in privmsg - 2.0.8a</li>
 </ul>
-<a name="206"></a><h3 class="h3">1.xi. Changes since 2.0.6</h3>
+<a name="206"></a><h3 class="h3">1.xii. Changes since 2.0.6</h3>
 <ul>
 <li>Fixed several vulnerabilities in modcp - <b>Robert Lavierck</b></li>
@ -221,7 +246,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed potential vulnerability in avatar gallery</li>
 </ul>
-<a name="205"></a><h3 class="h3">1.xii. Changes since 2.0.5</h3>
+<a name="205"></a><h3 class="h3">1.xiii. Changes since 2.0.5</h3>
 <ul>
 <li>Fixed various email issues</li>
@ -237,7 +262,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed sql injection with reset date format field in profile - <b>tendor</b></li>
 </ul>
-<a name="204"></a><h3 class="h3">1.xiii. Changes since 2.0.4</h3>
+<a name="204"></a><h3 class="h3">1.xiv. Changes since 2.0.4</h3>
 <ul>
 <li>Removed user facing session_id checks</li>
@ -309,7 +334,7 @@ p,ul,td {font-size:10pt;}
 <li>Default English support for visual confirmation - translators are encouraged to support this</li>
 </ul>
-<a name="203"></a><h3 class="h3">1.xiv. Changes since 2.0.3</h3>
+<a name="203"></a><h3 class="h3">1.xv. Changes since 2.0.3</h3>
 <ul>
 <li>Fixed cross-browser scripting issue with highlight param</li>
@ -436,7 +461,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed potential SQL vulnerability with marking of private messages - <b>Ulf Harnhammar</b></li>
 </ul>
-<a name="202"></a><h3 class="h3">1.xv. Changes since 2.0.2</h3>
+<a name="202"></a><h3 class="h3">1.xvi. Changes since 2.0.2</h3>
 <ul>
 <li>Fixed potential cross-site scripting vulnerability with avatars - <b>Showscout</b></li>
@ -445,7 +470,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed (hopefully) issue with MS Access and multiple pages</li>
 </ul>
-<a name="201"></a><h3 class="h3">1.xvi. Changes since 2.0.1</h3>
+<a name="201"></a><h3 class="h3">1.xvii. Changes since 2.0.1</h3>
 <ul>
 <li>Fixed missing "username" lang variable in user admin template</li>
@ -480,7 +505,7 @@ p,ul,td {font-size:10pt;}
 <li>Fix emailer to allow sending emails with language-specific character sets</li>
 </ul>
-<a name="200"></a><h3 class="h3">1.xvii. Changes since 2.0.0</h3>
+<a name="200"></a><h3 class="h3">1.xviii. Changes since 2.0.0</h3>
 <ul>
 <li>Fixed delete image bug for normal users</li>
@ -537,7 +562,7 @@ p,ul,td {font-size:10pt;}
 <li>Added database closure to admin frameset page</li>
 </ul>
-<a name="final"></a><h3 class="h3">1.xviii. Changes since RC-4</h3>
+<a name="final"></a><h3 class="h3">1.xix. Changes since RC-4</h3>
 <ul>
 <li>Fixed improper report of general error when posting messages containing errors</li>
@ -567,7 +592,7 @@ p,ul,td {font-size:10pt;}
 <li>Fixed various remaining usergroup display issues</li>
 </ul>
-<a name="rc4"></a><h3 class="h3">1.xix. Changes since RC-3</h3>
+<a name="rc4"></a><h3 class="h3">1.xx. Changes since RC-3</h3>
 <ul>
 <li>Addressed serious security issue with included files</li>
@ -598,7 +623,7 @@ p,ul,td {font-size:10pt;}
 <li>Fix (hopefully) remaining ICQ overlay issue with view profile in subSilver</li>
 </ul>
-<a name="rc3"></a><h3 class="h3">1.xx. Changes since RC-2</h3>
+<a name="rc3"></a><h3 class="h3">1.xxi. Changes since RC-2</h3>
 <ul>
 <li>Fixed infamous install parse error</li>
@ -631,7 +656,7 @@ p,ul,td {font-size:10pt;}
 <li>Hidden usergroups are now completely hidden from view</li>
 </ul>
-<a name="rc2"></a><h3 class="h3">1.xxi. Changes since RC-1</h3>
+<a name="rc2"></a><h3 class="h3">1.xxii. Changes since RC-1</h3>
 <ul>
 <li>Fixed numerous PostgreSQL related issues</li>
@ -651,7 +676,7 @@ p,ul,td {font-size:10pt;}
 <li>Various other fixes and updates</li>
 </ul>
-<a name="rc1"></a><h3 class="h3">1.xxii. Changes since RC-1 (pre)</h3>
+<a name="rc1"></a><h3 class="h3">1.xxiii. Changes since RC-1 (pre)</h3>
 <ul>
 <li>Upgrade script completed for initial fully functional release</li>
--- a/phpBB/includes/functions_admin.php
+++ b/phpBB/includes/functions_admin.php
@ -32,7 +32,7 @@ function make_forum_select($box_name, $ignore_forum = false, $select_forum = '')
 	$sql = "SELECT forum_id, forum_name
 		FROM " . FORUMS_TABLE . " 
-		ORDER BY cat_id, forum_order";
+		ORDER BY cat_order, forum_order";
 	if ( !($result = $db->sql_query($sql)) )
 	{
 		message_die(GENERAL_ERROR, 'Couldn not obtain forums information', '', __LINE__, __FILE__, $sql);
@ -140,10 +140,45 @@ function sync($type, $id = false)
 			if ( $row = $db->sql_fetchrow($result) )
 			{
-				$sql = ( $row['total_posts'] ) ? "UPDATE " . TOPICS_TABLE . " SET topic_replies = " . ( $row['total_posts'] - 1 ) . ", topic_first_post_id = " . $row['first_post'] . ", topic_last_post_id = " . $row['last_post'] . " WHERE topic_id = $id" : "DELETE FROM " . TOPICS_TABLE . " WHERE topic_id = $id";
+				if ($row['total_posts'])
 				if ( !$db->sql_query($sql) )
 				{
-					message_die(GENERAL_ERROR, 'Could not update topic', '', __LINE__, __FILE__, $sql);
+					// Correct the details of this topic
 					$sql = 'UPDATE ' . TOPICS_TABLE . ' 
 						SET topic_replies = ' . ($row['total_posts'] - 1) . ', topic_first_post_id = ' . $row['first_post'] . ', topic_last_post_id = ' . $row['last_post'] . "
 						WHERE topic_id = $id";
 					if (!$db->sql_query($sql))
 					{
 						message_die(GENERAL_ERROR, 'Could not update topic', '', __LINE__, __FILE__, $sql);
 					}
 				}
 				else
 				{
 					// There are no replies to this topic
 					// Check if it is a move stub
 					$sql = 'SELECT topic_moved_id 
 						FROM ' . TOPICS_TABLE . " 
 						WHERE topic_id = $id";
 					if (!($result = $db->sql_query($sql)))
 					{
 						message_die(GENERAL_ERROR, 'Could not get topic ID', '', __LINE__, __FILE__, $sql);
 					}
 					if ($row = $db->sql_fetchrow($result))
 					{
 						if (!$row['topic_moved_id'])
 						{
 							$sql = 'DELETE FROM ' . TOPICS_TABLE . " WHERE topic_id = $id";
 							if (!$db->sql_query($sql))
 							{
 								message_die(GENERAL_ERROR, 'Could not remove topic', '', __LINE__, __FILE__, $sql);
 							}
 						}
 					}
 					$db->sql_freeresult($result);
 				}
 			}
 			break;
--- a/phpBB/includes/functions_post.php
+++ b/phpBB/includes/functions_post.php
@ -213,7 +213,7 @@ function prepare_post(&$mode, &$post_data, &$bbcode_on, &$html_on, &$smilies_on,
 //
 // Post a new topic/reply/poll or edit existing post/poll
 //
-function submit_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_id, &$post_id, &$poll_id, &$topic_type, &$bbcode_on, &$html_on, &$smilies_on, &$attach_sig, &$bbcode_uid, &$post_username, &$post_subject, &$post_message, &$poll_title, &$poll_options, &$poll_length)
+function submit_post($mode, &$post_data, &$message, &$meta, &$forum_id, &$topic_id, &$post_id, &$poll_id, &$topic_type, &$bbcode_on, &$html_on, &$smilies_on, &$attach_sig, &$bbcode_uid, $post_username, $post_subject, $post_message, $poll_title, &$poll_options, &$poll_length)
 {
 	global $board_config, $lang, $db, $phpbb_root_path, $phpEx;
 	global $userdata, $user_ip;
@ -769,7 +769,7 @@ function generate_smilies($mode, $page_id)
 		$gen_simple_header = TRUE;
-		$page_title = $lang['Emoticons'] . " - $topic_title";
+		$page_title = $lang['Emoticons'];
 		include($phpbb_root_path . 'includes/page_header.'.$phpEx);
 		$template->set_filenames(array(
--- a/phpBB/includes/functions_search.php
+++ b/phpBB/includes/functions_search.php
@ -89,7 +89,7 @@ function clean_words($mode, &$entry, &$stopword_list, &$synonym_list)
 	return $entry;
 }
-function split_words(&$entry, $mode = 'post')
+function split_words($entry, $mode = 'post')
 {
 	// If you experience problems with the new method, uncomment this block.
 /*	
--- a/phpBB/includes/page_tail.php
+++ b/phpBB/includes/page_tail.php
@ -25,6 +25,8 @@ if ( !defined('IN_PHPBB') )
 	die('Hacking attempt');
 }
 global $do_gzip_compress;
 //
 // Show the overall footer.
 //
@ -35,7 +37,7 @@ $template->set_filenames(array(
 );
 $template->assign_vars(array(
-	'TRANSLATION_INFO' => ( isset($lang['TRANSLATION_INFO']) ) ? $lang['TRANSLATION_INFO'] : '',
+	'TRANSLATION_INFO' => (isset($lang['TRANSLATION_INFO'])) ? $lang['TRANSLATION_INFO'] : ((isset($lang['TRANSLATION'])) ? $lang['TRANSLATION'] : ''),
 	'ADMIN_LINK' => $admin_link)
 );
--- a/phpBB/includes/sessions.php
+++ b/phpBB/includes/sessions.php
@ -415,7 +415,7 @@ function append_sid($url, $non_html_amp = false)
 	if ( !empty($SID) && !preg_match('#sid=#', $url) )
 	{
-		$url .= ( ( strpos($url, '?') != false ) ?  ( ( $non_html_amp ) ? '&' : '&amp;' ) : '?' ) . $SID;
+		$url .= ( ( strpos($url, '?') !== false ) ?  ( ( $non_html_amp ) ? '&' : '&amp;' ) : '?' ) . $SID;
 	}
 	return $url;
--- a/phpBB/includes/usercp_activate.php
+++ b/phpBB/includes/usercp_activate.php
@ -47,9 +47,16 @@ if ( $row = $db->sql_fetchrow($result) )
 	}
 	else if ((trim($row['user_actkey']) == trim($HTTP_GET_VARS['act_key'])) && (trim($row['user_actkey']) != ''))
 	{
-		if (intval($board_config['require_activation']) == USER_ACTIVATION_ADMIN && $userdata['user_level'] != ADMIN)
+		if (intval($board_config['require_activation']) == USER_ACTIVATION_ADMIN && $row['user_newpasswd'] == '')
 		{
-			message_die(GENERAL_MESSAGE, $lang['Not_Authorised']);
+			if (!$userdata['session_logged_in'])
 			{
 				redirect(append_sid('login.' . $phpEx . '?redirect=profile.' . $phpEx . '&mode=activate&' . POST_USERS_URL . '=' . $row['user_id'] . '&act_key=' . trim($HTTP_GET_VARS['act_key'])));
 			}
 			else if ($userdata['user_level'] != ADMIN)
 			{
 				message_die(GENERAL_MESSAGE, $lang['Not_Authorised']);
 			}
 		}
 		$sql_update_pass = ( $row['user_newpasswd'] != '' ) ? ", user_password = '" . str_replace("\'", "''", $row['user_newpasswd']) . "', user_newpasswd = ''" : '';
--- a/phpBB/includes/usercp_register.php
+++ b/phpBB/includes/usercp_register.php
@ -818,7 +818,7 @@ if( isset($HTTP_POST_VARS['avatargallery']) && !$error )
 	$allowviewonline = !$allowviewonline;
-	display_avatar_gallery($mode, $avatar_category, $user_id, $email, $current_email, $coppa, $username, $email, &$new_password, &$cur_password, $password_confirm, $icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature, $viewemail, $notifypm, $popup_pm, $notifyreply, $attachsig, $allowhtml, $allowbbcode, $allowsmilies, $allowviewonline, $user_style, $user_lang, $user_timezone, $user_dateformat, $userdata['session_id']);
+	display_avatar_gallery($mode, $avatar_category, $user_id, $email, $current_email, $coppa, $username, $email, $new_password, $cur_password, $password_confirm, $icq, $aim, $msn, $yim, $website, $location, $occupation, $interests, $signature, $viewemail, $notifypm, $popup_pm, $notifyreply, $attachsig, $allowhtml, $allowbbcode, $allowsmilies, $allowviewonline, $user_style, $user_lang, $user_timezone, $user_dateformat, $userdata['session_id']);
 }
 else
 {
--- a/phpBB/includes/usercp_sendpasswd.php
+++ b/phpBB/includes/usercp_sendpasswd.php
@ -50,7 +50,7 @@ if ( isset($HTTP_POST_VARS['submit']) )
 			$user_actkey = gen_rand_string(true);
 			$key_len = 54 - strlen($server_url);
-			$key_len = ( $str_len > 6 ) ? $key_len : 6;
+			$key_len = ($key_len > 6) ? $key_len : 6;
 			$user_actkey = substr($user_actkey, 0, $key_len);
 			$user_password = gen_rand_string(false);
--- a/phpBB/includes/usercp_viewprofile.php
+++ b/phpBB/includes/usercp_viewprofile.php
@ -165,7 +165,7 @@ $yim_img = ( $profiledata['user_yim'] ) ? '<a href="http://edit.yahoo.com/config
 $yim = ( $profiledata['user_yim'] ) ? '<a href="http://edit.yahoo.com/config/send_webmesg?.target=' . $profiledata['user_yim'] . '&amp;.src=pg">' . $lang['YIM'] . '</a>' : '';
 $temp_url = append_sid("search.$phpEx?search_author=" . urlencode($profiledata['username']) . "&amp;showresults=posts");
-$search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . $lang['Search_user_posts'] . '" title="' . sprintf($lang['Search_user_posts'], $profiledata['username']) . '" border="0" /></a>';
+$search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . sprintf($lang['Search_user_posts'], $profiledata['username']) . '" title="' . sprintf($lang['Search_user_posts'], $profiledata['username']) . '" border="0" /></a>';
 $search = '<a href="' . $temp_url . '">' . sprintf($lang['Search_user_posts'], $profiledata['username']) . '</a>';
 //
--- a/phpBB/index.php
+++ b/phpBB/index.php
@ -119,7 +119,10 @@ if( !($result = $db->sql_query($sql)) )
 }
 $category_rows = array();
-while( $category_rows[] = $db->sql_fetchrow($result) );
+while ($row = $db->sql_fetchrow($result))
 {
 	$category_rows[] = $row;
 }
 $db->sql_freeresult($result);
 if( ( $total_categories = count($category_rows) ) )
--- a/phpBB/language/lang_english/email/topic_notify.tpl
+++ b/phpBB/language/lang_english/email/topic_notify.tpl
@ -1,7 +1,7 @@
 Subject: Topic Reply Notification - {TOPIC_TITLE}
 Charset: iso-8859-1
-Hello {USERNAME},
+Hello,
 You are receiving this email because you are watching the topic, "{TOPIC_TITLE}" at {SITENAME}. This topic has received a reply since your last visit. You can use the following link to view the replies made, no more notifications will be sent until you visit the topic.
--- a/phpBB/language/lang_english/lang_main.php
+++ b/phpBB/language/lang_english/lang_main.php
@ -530,7 +530,6 @@ $lang['Email_address'] = 'E-mail address';
 $lang['Email'] = 'E-mail';
 $lang['Send_private_message'] = 'Send private message';
 $lang['Hidden_email'] = '[ Hidden ]';
 $lang['Search_user_posts'] = 'Search for posts by this user';
 $lang['Interests'] = 'Interests';
 $lang['Occupation'] = 'Occupation'; 
 $lang['Poster_rank'] = 'Poster rank';
--- a/phpBB/memberlist.php
+++ b/phpBB/memberlist.php
@ -61,7 +61,7 @@ else
 // Memberlist sorting
 //
 $mode_types_text = array($lang['Sort_Joined'], $lang['Sort_Username'], $lang['Sort_Location'], $lang['Sort_Posts'], $lang['Sort_Email'],  $lang['Sort_Website'], $lang['Sort_Top_Ten']);
-$mode_types = array('joindate', 'username', 'location', 'posts', 'email', 'website', 'topten');
+$mode_types = array('joined', 'username', 'location', 'posts', 'email', 'website', 'topten');
 $select_sort_mode = '<select name="mode">';
 for($i = 0; $i < count($mode_types_text); $i++)
--- a/phpBB/modcp.php
+++ b/phpBB/modcp.php
@ -222,7 +222,7 @@ switch( $mode )
 	case 'delete':
 		if (!$is_auth['auth_delete'])
 		{
-			message_die(MESSAGE, sprintf($lang['Sorry_auth_delete'], $is_auth['auth_delete_type']));
+			message_die(GENERAL_MESSAGE, sprintf($lang['Sorry_auth_delete'], $is_auth['auth_delete_type']));
 		}
 		$page_title = $lang['Mod_CP'];
@ -1085,7 +1085,7 @@ switch( $mode )
 					'L_SEARCH_POSTS' => sprintf($lang['Search_user_posts'], $username), 
 					'U_PROFILE' => ($id == ANONYMOUS) ? "modcp.$phpEx?mode=ip&amp;" . POST_POST_URL . "=" . $post_id . "&amp;" . POST_TOPIC_URL . "=" . $topic_id . "&amp;sid=" . $userdata['session_id'] : append_sid("profile.$phpEx?mode=viewprofile&amp;" . POST_USERS_URL . "=$id"),
-					'U_SEARCHPOSTS' => append_sid("search.$phpEx?search_author=" . urlencode($username) . "&amp;showresults=topics"))
+					'U_SEARCHPOSTS' => append_sid("search.$phpEx?search_author=" . (($id == ANONYMOUS) ? 'Anonymous' : urlencode($username)) . "&amp;showresults=topics"))
 				);
 				$i++; 
--- a/phpBB/privmsg.php
+++ b/phpBB/privmsg.php
@ -1319,7 +1319,7 @@ else if ( $submit || $refresh || $mode != '' )
 				$emailer->set_subject($lang['Notification_subject']);
 				$emailer->assign_vars(array(
-					'USERNAME' => $to_username, 
+					'USERNAME' => stripslashes($to_username), 
 					'SITENAME' => $board_config['sitename'],
 					'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $board_config['board_email_sig']) : '', 
--- a/phpBB/search.php
+++ b/phpBB/search.php
@ -257,7 +257,9 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
 			$synonym_array = @file($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/search_synonyms.txt'); 
 			$split_search = array();
-			$split_search = ( !strstr($multibyte_charset, $lang['ENCODING']) ) ?  split_words(clean_words('search', stripslashes($search_keywords), $stopword_array, $synonym_array), 'search') : split(' ', $search_keywords);	
+			$stripped_keywords = stripslashes($search_keywords);
 			$split_search = ( !strstr($multibyte_charset, $lang['ENCODING']) ) ?  split_words(clean_words('search', $stripped_keywords, $stopword_array, $synonym_array), 'search') : split(' ', $search_keywords);	
 			unset($stripped_keywords);
 			$search_msg_only = ( !$search_fields ) ? "AND m.title_match = 0" : ( ( strstr($multibyte_charset, $lang['ENCODING']) ) ? '' : '' );
@ -1301,7 +1303,7 @@ else if ( $search_keywords != '' || $search_author != '' || $search_id )
 $sql = "SELECT c.cat_title, c.cat_id, f.forum_name, f.forum_id  
 	FROM " . CATEGORIES_TABLE . " c, " . FORUMS_TABLE . " f
 	WHERE f.cat_id = c.cat_id 
-	ORDER BY c.cat_id, f.forum_order";
+	ORDER BY c.cat_order, f.forum_order";
 $result = $db->sql_query($sql);
 if ( !$result )
 {
--- a/phpBB/templates/subSilver/overall_header.tpl
+++ b/phpBB/templates/subSilver/overall_header.tpl
@ -232,11 +232,11 @@ input.liteoption {
 				<td align="center" width="100%" valign="middle"><span class="maintitle">{SITENAME}</span><br /><span class="gen">{SITE_DESCRIPTION}<br />&nbsp; </span> 
 				<table cellspacing="0" cellpadding="2" border="0">
 					<tr> 
-						<td align="center" valign="top" nowrap="nowrap"><span class="mainmenu">&nbsp;<a href="{U_FAQ}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_faq.gif" width="12" height="13" border="0" alt="{L_FAQ}" hspace="3" />{L_FAQ}</a></span><span class="mainmenu">&nbsp; &nbsp;<a href="{U_SEARCH}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_search.gif" width="12" height="13" border="0" alt="{L_SEARCH}" hspace="3" />{L_SEARCH}</a>&nbsp; &nbsp;<a href="{U_MEMBERLIST}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_members.gif" width="12" height="13" border="0" alt="{L_MEMBERLIST}" hspace="3" />{L_MEMBERLIST}</a>&nbsp; &nbsp;<a href="{U_GROUP_CP}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_groups.gif" width="12" height="13" border="0" alt="{L_USERGROUPS}" hspace="3" />{L_USERGROUPS}</a>&nbsp; 
+						<td align="center" valign="top" nowrap="nowrap"><span class="mainmenu">&nbsp;<a href="{U_FAQ}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_faq.gif" width="12" height="13" border="0" alt="{L_FAQ}" hspace="3" />{L_FAQ}</a>&nbsp; &nbsp;<a href="{U_SEARCH}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_search.gif" width="12" height="13" border="0" alt="{L_SEARCH}" hspace="3" />{L_SEARCH}</a>&nbsp; &nbsp;<a href="{U_MEMBERLIST}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_members.gif" width="12" height="13" border="0" alt="{L_MEMBERLIST}" hspace="3" />{L_MEMBERLIST}</a>&nbsp; &nbsp;<a href="{U_GROUP_CP}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_groups.gif" width="12" height="13" border="0" alt="{L_USERGROUPS}" hspace="3" />{L_USERGROUPS}</a>&nbsp; 
 						<!-- BEGIN switch_user_logged_out -->
-						&nbsp;<a href="{U_REGISTER}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_register.gif" width="12" height="13" border="0" alt="{L_REGISTER}" hspace="3" />{L_REGISTER}</a></span>&nbsp;
+						&nbsp;<a href="{U_REGISTER}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_register.gif" width="12" height="13" border="0" alt="{L_REGISTER}" hspace="3" />{L_REGISTER}</a>&nbsp;
 						<!-- END switch_user_logged_out -->
-						</td>
+						</span></td>
 					</tr>
 					<tr>
 						<td height="25" align="center" valign="top" nowrap="nowrap"><span class="mainmenu">&nbsp;<a href="{U_PROFILE}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_profile.gif" width="12" height="13" border="0" alt="{L_PROFILE}" hspace="3" />{L_PROFILE}</a>&nbsp; &nbsp;<a href="{U_PRIVATEMSGS}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_message.gif" width="12" height="13" border="0" alt="{PRIVATE_MESSAGE_INFO}" hspace="3" />{PRIVATE_MESSAGE_INFO}</a>&nbsp; &nbsp;<a href="{U_LOGIN_LOGOUT}" class="mainmenu"><img src="templates/subSilver/images/icon_mini_login.gif" width="12" height="13" border="0" alt="{L_LOGIN_LOGOUT}" hspace="3" />{L_LOGIN_LOGOUT}</a>&nbsp;</span></td>
--- a/phpBB/viewtopic.php
+++ b/phpBB/viewtopic.php
@ -47,7 +47,7 @@ if ( isset($HTTP_GET_VARS[POST_POST_URL]))
 $start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0;
-if ( !isset($topic_id) && !isset($post_id) )
+if (!$topic_id && !$post_id)
 {
 	message_die(GENERAL_MESSAGE, 'Topic_post_not_exist');
 }
@ -114,6 +114,7 @@ if ( isset($HTTP_GET_VARS['view']) && empty($HTTP_GET_VARS[POST_POST_URL]) )
 			WHERE
 				t2.topic_id = $topic_id
 				AND t.forum_id = t2.forum_id
 				AND t.topic_moved_id = 0
 				AND t.topic_last_post_id $sql_condition t2.topic_last_post_id
 			ORDER BY t.topic_last_post_id $sql_ordering
 			LIMIT 1";
@ -139,11 +140,11 @@ if ( isset($HTTP_GET_VARS['view']) && empty($HTTP_GET_VARS[POST_POST_URL]) )
 // also allows for direct linking to a post (and the calculation of which
 // page the post is on and the correct display of viewtopic)
 //
-$join_sql_table = ( empty($post_id) ) ? '' : ", " . POSTS_TABLE . " p, " . POSTS_TABLE . " p2 ";
+$join_sql_table = (!$post_id) ? '' : ", " . POSTS_TABLE . " p, " . POSTS_TABLE . " p2 ";
-$join_sql = ( empty($post_id) ) ? "t.topic_id = $topic_id" : "p.post_id = $post_id AND t.topic_id = p.topic_id AND p2.topic_id = p.topic_id AND p2.post_id <= $post_id";
+$join_sql = (!$post_id) ? "t.topic_id = $topic_id" : "p.post_id = $post_id AND t.topic_id = p.topic_id AND p2.topic_id = p.topic_id AND p2.post_id <= $post_id";
-$count_sql = ( empty($post_id) ) ? '' : ", COUNT(p2.post_id) AS prev_posts";
+$count_sql = (!$post_id) ? '' : ", COUNT(p2.post_id) AS prev_posts";
-$order_sql = ( empty($post_id) ) ? '' : "GROUP BY p.post_id, t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, t.topic_type, t.topic_vote, t.topic_last_post_id, f.forum_name, f.forum_status, f.forum_id, f.auth_view, f.auth_read, f.auth_post, f.auth_reply, f.auth_edit, f.auth_delete, f.auth_sticky, f.auth_announce, f.auth_pollcreate, f.auth_vote, f.auth_attachments ORDER BY p.post_id ASC";
+$order_sql = (!$post_id) ? '' : "GROUP BY p.post_id, t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, t.topic_type, t.topic_vote, t.topic_last_post_id, f.forum_name, f.forum_status, f.forum_id, f.auth_view, f.auth_read, f.auth_post, f.auth_reply, f.auth_edit, f.auth_delete, f.auth_sticky, f.auth_announce, f.auth_pollcreate, f.auth_vote, f.auth_attachments ORDER BY p.post_id ASC";
 $sql = "SELECT t.topic_id, t.topic_title, t.topic_status, t.topic_replies, t.topic_time, t.topic_type, t.topic_vote, t.topic_last_post_id, f.forum_name, f.forum_status, f.forum_id, f.auth_view, f.auth_read, f.auth_post, f.auth_reply, f.auth_edit, f.auth_delete, f.auth_sticky, f.auth_announce, f.auth_pollcreate, f.auth_vote, f.auth_attachments" . $count_sql . "
 	FROM " . TOPICS_TABLE . " t, " . FORUMS_TABLE . " f" . $join_sql_table . "
@ -181,8 +182,8 @@ if( !$is_auth['auth_view'] || !$is_auth['auth_read'] )
 {
 	if ( !$userdata['session_logged_in'] )
 	{
-		$redirect = ( isset($post_id) ) ? POST_POST_URL . "=$post_id" : POST_TOPIC_URL . "=$topic_id";
+		$redirect = ($post_id) ? POST_POST_URL . "=$post_id" : POST_TOPIC_URL . "=$topic_id";
-		$redirect .= ( isset($start) ) ? "&start=$start" : '';
+		$redirect .= ($start) ? "&start=$start" : '';
 		redirect(append_sid("login.$phpEx?redirect=viewtopic.$phpEx&$redirect", true));
 	}
@ -199,7 +200,7 @@ $topic_title = $forum_topic_data['topic_title'];
 $topic_id = intval($forum_topic_data['topic_id']);
 $topic_time = $forum_topic_data['topic_time'];
-if ( !empty($post_id) )
+if ($post_id)
 {
 	$start = floor(($forum_topic_data['prev_posts'] - 1) / intval($board_config['posts_per_page'])) * intval($board_config['posts_per_page']);
 }
@ -989,7 +990,7 @@ for($i = 0; $i < $total_posts; $i++)
 	$quote = '<a href="' . $temp_url . '">' . $lang['Reply_with_quote'] . '</a>';
 	$temp_url = append_sid("search.$phpEx?search_author=" . urlencode($postrow[$i]['username']) . "&amp;showresults=posts");
-	$search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . $lang['Search_user_posts'] . '" title="' . sprintf($lang['Search_user_posts'], $postrow[$i]['username']) . '" border="0" /></a>';
+	$search_img = '<a href="' . $temp_url . '"><img src="' . $images['icon_search'] . '" alt="' . sprintf($lang['Search_user_posts'], $postrow[$i]['username']) . '" title="' . sprintf($lang['Search_user_posts'], $postrow[$i]['username']) . '" border="0" /></a>';
 	$search = '<a href="' . $temp_url . '">' . sprintf($lang['Search_user_posts'], $postrow[$i]['username']) . '</a>';
 	if ( ( $userdata['user_id'] == $poster_id && $is_auth['auth_edit'] ) || $is_auth['auth_mod'] )
@ -1065,17 +1066,14 @@ for($i = 0; $i < $total_posts; $i++)
 	//
 	// Parse message and/or sig for BBCode if reqd
 	//
-	if ( $board_config['allow_bbcode'] )
+	if ($user_sig != '' && $user_sig_bbcode_uid != '')
 	{
-		if ( $user_sig != '' && $user_sig_bbcode_uid != '' )
+		$user_sig = ($board_config['allow_bbcode']) ? bbencode_second_pass($user_sig, $user_sig_bbcode_uid) : preg_replace("/\:$user_sig_bbcode_uid/si", '', $user_sig);
-		{
+	}
 			$user_sig = ( $board_config['allow_bbcode'] ) ? bbencode_second_pass($user_sig, $user_sig_bbcode_uid) : preg_replace('/\:[0-9a-z\:]+\]/si', ']', $user_sig);
 		}
-		if ( $bbcode_uid != '' )
+	if ($bbcode_uid != '')
-		{
+	{
-			$message = ( $board_config['allow_bbcode'] ) ? bbencode_second_pass($message, $bbcode_uid) : preg_replace('/\:[0-9a-z\:]+\]/si', ']', $message);
+		$message = ($board_config['allow_bbcode']) ? bbencode_second_pass($message, $bbcode_uid) : preg_replace("/\:$bbcode_uid/si", '', $message);
 		}
 	}
 	if ( $user_sig != '' )