- fixed some bugs

- changed attachment handling a bit
- tried to remove target tags out of the code
- do not add session ids to urls for bots as well as not creating a new session on each page view for them

I bet i introduced some bugs too. ;)


git-svn-id: file:///svn/phpbb/trunk@6364 89ea8834-ac86-4346-8a33-228a782c2dd0

phpBB/adm/style/acp_attachments.html

@@ -295,10 +295,9 @@
 		</tr>
 		<!-- ENDIF -->
 		<tr> 
-			<input type="hidden" name="extension_change_list[]" value="{extensions.EXTENSION_ID}" />
 			<td><b>{extensions.EXTENSION}</b></td>
 			<td>{extensions.GROUP_OPTIONS}</td>
-			<td><input type="checkbox" class="radio" name="extension_id_list[]" value="{extensions.EXTENSION_ID}" /></td>
+			<td><input type="checkbox" class="radio" name="extension_id_list[]" value="{extensions.EXTENSION_ID}" /><input type="hidden" name="extension_change_list[]" value="{extensions.EXTENSION_ID}" /></td>
 		</tr>
 	<!-- END extensions -->
 	</tbody>
@@ -319,6 +318,7 @@
 	<thead>
 	<tr>
 		<th>{L_FILENAME}</th>
+		<th>{L_FILEDATE}</th>
 		<th>{L_FILESIZE}</th>
 		<th>{L_ATTACH_POST_ID}</th>
 		<th>{L_ATTACH_TO_POST}</th>
@@ -328,21 +328,24 @@
 	<tbody>
 	<!-- BEGIN orphan -->
 		<!-- IF orphan.S_ROW_COUNT is even --><tr class="row1"><!-- ELSE --><tr class="row2"><!-- ENDIF -->
-			<td><a href="{orphan.U_FILE}" rel="file">{orphan.FILE}</a></td>
+			<td><a href="{orphan.U_FILE}">{orphan.REAL_FILENAME}</a></td>
+			<td>{orphan.FILETIME}</td>
 			<td>{orphan.FILESIZE}</td>
-			<td><b>ID: </b><input type="text" name="post_id[{orphan.FILE}]" size="7" maxlength="10" value="{orphan.POST_IDS}" /></td>
+			<td><b>ID: </b><input type="text" name="post_id[{orphan.ATTACH_ID}]" size="7" maxlength="10" value="{orphan.POST_ID}" /></td>
-			<td><input type="checkbox" class="radio" name="add[{orphan.FILE}]" /></td>
+			<td><input type="checkbox" class="radio" name="add[{orphan.ATTACH_ID}]" /></td>
-			<td><input type="checkbox" class="radio" name="delete[{orphan.FILE}]" /></td>
+			<td><input type="checkbox" class="radio" name="delete[{orphan.ATTACH_ID}]" /></td>
 		</tr>
 	<!-- END orphan -->
-	<tr>
+	<tr class="row4">
-		<td colspan="3">&nbsp;</td>
+		<td colspan="4">&nbsp;</td>
-		<td class="small"><a href="javascript:marklist('orphan', 'add', true);">{L_MARK_ALL}</a> :: <a href="javascript:marklist('orphan', 'add', false);">{L_UNMARK_ALL}</a></td>
+		<td class="small"><a href="#" onclick="marklist('orphan', 'add', true); return false;">{L_MARK_ALL}</a> :: <a href="#" onclick="marklist('orphan', 'add', false); return false;">{L_UNMARK_ALL}</a></td>
-		<td class="small"><a href="javascript:marklist('orphan', 'delete', true);">{L_MARK_ALL}</a> :: <a href="javascript:marklist('orphan', 'delete', false);">{L_UNMARK_ALL}</a></td>
+		<td class="small"><a href="#" onclick="marklist('orphan', 'delete', true); return false;">{L_MARK_ALL}</a> :: <a href="#" onclick="marklist('orphan', 'delete', false); return false;">{L_UNMARK_ALL}</a></td>
 	</tr>
 	</tbody>
 	</table>
 
+	<br />
+
 	<fieldset class="submit-buttons">
 		<input class="button1" type="submit" id="submit" name="submit" value="{L_SUBMIT}" />&nbsp;
 		<input class="button2" type="reset" id="reset" name="reset" value="{L_RESET}" />

phpBB/adm/style/acp_email.html

@@ -24,7 +24,7 @@
 <dl>
 	<dt><label for="usernames">{L_SEND_TO_USERS}:</label><br /><span>{L_SEND_TO_USERS_EXPLAIN}</span></dt>
 	<dd><textarea name="usernames" id="usernames" rows="5" cols="40">{USERNAMES}</textarea></dd>
-	<dd>[ <a href="#" onclick="window.open('{U_FIND_USERNAME}', '_phpbbsearch', 'height=500, resizable=yes, scrollbars=yes, width=740'); return false;">{L_FIND_USERNAME}</a> ]</dd>
+	<dd>[ <a href="{U_FIND_USERNAME}" onclick="window.open('{UA_FIND_USERNAME}', '_usersearch', 'height=500, resizable=yes, scrollbars=yes, width=740'); return false;">{L_FIND_USERNAME}</a> ]</dd>
 </dl>
 <dl>
 	<dt><label for="subject">{L_SUBJECT}:</label></dt>

phpBB/adm/style/acp_groups.html

@@ -217,14 +217,14 @@
 
 	<div class="pagination" style="float: left;">
 		<!-- IF PAGINATION -->
-			<a href="javascript:jumpto();" title="{L_JUMP_TO_PAGE}">{S_ON_PAGE}</a> &bull; <span>{PAGINATION}</span>
+			<a href="#" onclick="jumpto(); return false;" title="{L_JUMP_TO_PAGE}">{S_ON_PAGE}</a> &bull; <span>{PAGINATION}</span>
 		<!-- ELSE -->
 			{S_ON_PAGE}
 		<!-- ENDIF -->
 	</div>
 
 	<fieldset class="quick">
-		<span class="small"><a href="javascript:marklist('list', 'mark', true);">{L_MARK_ALL}</a> :: <a href="javascript:marklist('list', 'mark', false);">{L_UNMARK_ALL}</a></span><br />
+		<span class="small"><a href="#" onclick="marklist('list', 'mark', true); return false;">{L_MARK_ALL}</a> :: <a href="#" onclick="marklist('list', 'mark', false); return false;">{L_UNMARK_ALL}</a></span><br />
 
 		<select name="action"><option class="sep" value="">{L_SELECT_OPTION}</option>{S_ACTION_OPTIONS}</select>
 		<input class="button2" type="submit" name="update" value="{L_SUBMIT}" />
@@ -247,7 +247,7 @@
 	<dl>
 		<dt><label for="usernames">{L_USERNAME}:</label><br /><span>{L_USERNAMES_EXPLAIN}</span></dt>
 		<dd><textarea id="usernames" name="usernames" cols="40" rows="5"></textarea></dd>
-		<dd>[ <a href="{U_FIND_USERNAME}" target="usersearch">{L_FIND_USERNAME}</a> ]</dd>
+		<dd>[ <a href="{U_FIND_USERNAME}" onclick="window.open('{UA_FIND_USERNAME}', '_usersearch', 'height=500, resizable=yes, scrollbars=yes, width=740'); return false;">{L_FIND_USERNAME}</a> ]</dd>
 	</dl>
 	</fieldset>
 

phpBB/adm/style/acp_logs.html

@@ -17,7 +17,7 @@
 
 <div class="pagination">
 	<!-- IF PAGINATION -->
-		<a href="javascript:jumpto();" title="{L_JUMP_TO_PAGE}">{S_ON_PAGE}</a> &bull; <span>{PAGINATION}</span>
+		<a href="#" onclick="jumpto(); return false;" title="{L_JUMP_TO_PAGE}">{S_ON_PAGE}</a> &bull; <span>{PAGINATION}</span>
 	<!-- ELSE -->
 		{S_ON_PAGE}
 	<!-- ENDIF -->
@@ -70,7 +70,7 @@
 
 <!-- IF S_CLEARLOGS -->
 	<fieldset class="quick">
-		<b class="small"><a href="javascript: marklist('list', 'mark', true);">{L_MARK_ALL}</a> :: <a href="javascript:marklist('list', 'mark', false);">{L_UNMARK_ALL}</a></b><br />
+		<b class="small"><a href="#" onclick="marklist('list', 'mark', true); return false;">{L_MARK_ALL}</a> :: <a href="#" onclick="marklist('list', 'mark', false); return false;">{L_UNMARK_ALL}</a></b><br />
 		<input class="button2" type="submit" name="delmarked" value="{L_DELETE_MARKED}" />&nbsp;
 		<input class="button2" type="submit" name="delall" value="{L_DELETE_ALL}" />&nbsp;
 	</fieldset>
@@ -78,7 +78,7 @@
 
 <div class="pagination">
 	<!-- IF PAGINATION -->
-		<a href="javascript:jumpto();" title="{L_JUMP_TO_PAGE}">{S_ON_PAGE}</a> &bull; <span>{PAGINATION}</span>
+		<a href="#" onclick="jumpto(); return false;" title="{L_JUMP_TO_PAGE}">{S_ON_PAGE}</a> &bull; <span>{PAGINATION}</span>
 	<!-- ELSE -->
 		{S_ON_PAGE}
 	<!-- ENDIF -->

phpBB/adm/style/acp_main.html

@@ -64,6 +64,8 @@
 		<td>{L_FILES_PER_DAY}: </td>
 		<td><b>{FILES_PER_DAY}</b></td>
 	</tr>
+
+
 	<tr>
 		<td>{L_BOARD_STARTED}: </td>
 		<td><b>{START_DATE}</b></td>
@@ -82,6 +84,12 @@
 		<td>{L_GZIP_COMPRESSION}: </td>
 		<td><b>{GZIP_COMPRESSION}</b></td>
 	</tr>
+	<tr>
+		<td>&nbsp;</td>
+		<td>&nbsp;</td>
+		<td>{L_NUMBER_ORPHAN}: </td>
+		<td><b>{TOTAL_ORPHAN}</b></td>
+	</tr>
 	</tbody>
 	</table>
 
@@ -162,7 +170,7 @@
 
 		<!-- IF .inactive -->
 			<fieldset class="quick">
-				<p><a href="javascript:marklist('inactive', 'mark', true);">{L_MARK_ALL}</a> &bull; <a href="javascript:marklist('inactive', 'mark', false);">{L_UNMARK_ALL}</a></p>
+				<p><a href="#" onclick="marklist('inactive', 'mark', true); return false;">{L_MARK_ALL}</a> &bull; <a href="#" onclick="marklist('inactive', 'mark', false); return false;">{L_UNMARK_ALL}</a></p>
 				<select name="action">{S_INACTIVE_OPTIONS}</select>
 
 				<input class="button2" type="submit" name="submit" value="{L_SUBMIT}" />

phpBB/adm/style/acp_permission_roles.html

@@ -96,7 +96,7 @@
 	<h1>{L_ACL_TYPE}</h1>
 
 	<fieldset class="quick">
-		<a href="javascript: mark_options('a_options', 'y');">{L_ALL_YES}</a> &bull; <a href="javascript: mark_options('a_options', 'n');">{L_ALL_NEVER}</a> &bull; <a href="javascript: mark_options('a_options', 'u');">{L_ALL_NO}</a>
+		<a href="#" onclick="mark_options('a_options', 'y'); return false;">{L_ALL_YES}</a> &bull; <a href="#" onclick="mark_options('a_options', 'n'); return false;">{L_ALL_NEVER}</a> &bull; <a href="#" onclick="mark_options('a_options', 'u'); return false;">{L_ALL_NO}</a>
 	</fieldset>
 
 	<fieldset class="permissions">
@@ -121,7 +121,7 @@
 			<!-- ELSE -->
 				<td class="preset preset_custom">
 			<!-- ENDIF -->
-				<a href="javascript:swap_options('options{auth.S_ROW_COUNT}');"><span></span></a></td>
+				<a href="#" onclick="swap_options('options{auth.S_ROW_COUNT}'); return false;"><span></span></a></td>
 		<!-- END auth -->
 		</tr>
 		<tr class="row3">
@@ -131,9 +131,9 @@
 				<thead>
 				<tr>
 					<th scope="col" style="text-align: left; padding-left: 0;"><strong>{L_ACL_SETTING} [{auth.CAT_NAME}]</strong></th>
-					<th scope="col"><a href="javascript: mark_options('options{auth.S_ROW_COUNT}', 'y');">{L_ACL_YES}</a></th>
+					<th scope="col"><a href="#" onclick="mark_options('options{auth.S_ROW_COUNT}', 'y'); return false;">{L_ACL_YES}</a></th>
-					<th scope="col"><a href="javascript: mark_options('options{auth.S_ROW_COUNT}', 'u');">{L_ACL_NO}</a></th>
+					<th scope="col"><a href="#" onclick="mark_options('options{auth.S_ROW_COUNT}', 'u'); return false;">{L_ACL_NO}</a></th>
-					<th scope="col"><a href="javascript: mark_options('options{auth.S_ROW_COUNT}', 'n');">{L_ACL_NEVER}</a></th>
+					<th scope="col"><a href="#" onclick="mark_options('options{auth.S_ROW_COUNT}', 'n'); return false;">{L_ACL_NEVER}</a></th>
 				</tr>
 				</thead>
 				<tbody>

phpBB/adm/style/acp_permissions.html

@@ -89,7 +89,7 @@
 		<dl>
 			<dt><label for="username">{L_FIND_USERNAME}:</label></dt>
 			<dd><input class="medium" type="text" id="username" name="username[]" /></dd>
-			<dd>[ <a href="#" onclick="window.open('{U_FIND_USERNAME}', '_phpbbsearch', 'height=500, resizable=yes, scrollbars=yes, width=740'); return false;">{L_FIND_USERNAME}</a> ]</dd>
+			<dd>[ <a href="{U_FIND_USERNAME}" onclick="window.open('{UA_FIND_USERNAME}', '_usersearch', 'height=500, resizable=yes, scrollbars=yes, width=740'); return false;">{L_FIND_USERNAME}</a> ]</dd>
 			<dd class="full" style="text-align: left;"><input type="checkbox" class="radio" id="anonymous" name="user_id[]" value="{ANONYMOUS_USER_ID}" /> &nbsp;{L_SELECT_ANONYMOUS}</dd>
 		</dl>
 		</fieldset>
@@ -134,7 +134,7 @@
 				<legend>{L_MANAGE_USERS}</legend>
 			<dl>
 				<dd class="full"><select style="width: 100%;" name="user_id[]" multiple="multiple" size="5">{S_DEFINED_USER_OPTIONS}</select></dd>
-				<dd class="full" style="text-align: right;"><input type="checkbox" class="radio" name="all_users" value="1" />&nbsp; {L_ALL_USERS}</dd>
+				<!-- IF S_ALLOW_ALL_SELECT --><dd class="full" style="text-align: right;"><input type="checkbox" class="radio" name="all_users" value="1" />&nbsp; {L_ALL_USERS}</dd><!-- ENDIF -->
 			</dl>
 			</fieldset>
 			
@@ -152,7 +152,7 @@
 				<p>{L_USERNAMES_EXPLAIN}</p>
 			<dl>
 				<dd class="full"><textarea id="username" name="usernames" rows="5" cols="5" style="width: 100%; height: 60px;"></textarea></dd>
-				<dd class="full" style="text-align: left;"><div style="float: right;">[ <a href="#" onclick="window.open('{U_FIND_USERNAME}', '_phpbbsearch', 'height=500, resizable=yes, scrollbars=yes, width=740'); return false;">{L_FIND_USERNAME}</a> ]</div><input type="checkbox" class="radio" id="anonymous" name="user_id[]" value="{ANONYMOUS_USER_ID}" /> &nbsp;{L_SELECT_ANONYMOUS}</dd>
+				<dd class="full" style="text-align: left;"><div style="float: right;">[ <a href="{U_FIND_USERNAME}" onclick="window.open('{UA_FIND_USERNAME}', '_usersearch', 'height=500, resizable=yes, scrollbars=yes, width=740'); return false;">{L_FIND_USERNAME}</a> ]</div><input type="checkbox" class="radio" id="anonymous" name="user_id[]" value="{ANONYMOUS_USER_ID}" /> &nbsp;{L_SELECT_ANONYMOUS}</dd>
 			</dl>
 			</fieldset>
 
@@ -179,7 +179,7 @@
 				<legend>{L_MANAGE_GROUPS}</legend>
 			<dl>
 				<dd class="full"><select style="width: 100%;" name="group_id[]" multiple="multiple" size="5">{S_DEFINED_GROUP_OPTIONS}</select></dd>
-				<dd class="full" style="text-align: right;"><input type="checkbox" class="radio" name="all_groups" value="1" />&nbsp; {L_ALL_GROUPS}</dd>
+				<!-- IF S_ALLOW_ALL_SELECT --><dd class="full" style="text-align: right;"><input type="checkbox" class="radio" name="all_groups" value="1" />&nbsp; {L_ALL_GROUPS}</dd><!-- ENDIF -->
 			</dl>
 			</fieldset>
 			
@@ -239,7 +239,7 @@
 			<dl>
 				<dt><label for="username">{L_FIND_USERNAME}:</label></dt>
 				<dd><input type="text" id="username" name="username[]" /></dd>
-				<dd>[ <a href="#" onclick="window.open('{U_FIND_USERNAME}', '_phpbbsearch', 'height=500, resizable=yes, scrollbars=yes, width=740'); return false;">{L_FIND_USERNAME}</a> ]</dd>
+				<dd>[ <a href="{U_FIND_USERNAME}" onclick="window.open('{UA_FIND_USERNAME}', '_usersearch', 'height=500, resizable=yes, scrollbars=yes, width=740'); return false;">{L_FIND_USERNAME}</a> ]</dd>
 				<dd class="full" style="text-align: left;"><input type="checkbox" class="radio" id="anonymous" name="user_id[]" value="{ANONYMOUS_USER_ID}" /> &nbsp;{L_SELECT_ANONYMOUS}</dd>
 			</dl>
 			</fieldset>
@@ -356,7 +356,7 @@
 
 	<fieldset class="quick" style="float: left; text-align: left;">
 		{L_PERMISSION_APPLIED_TO_ALL}<br />
-		<a href="javascript:marklist('set_permissions', 'inherit', true);">{L_MARK_ALL}</a> &bull; <a href="javascript:marklist('set_permissions', 'inherit', false);">{L_UNMARK_ALL}</a>
+		<a href="#" onclick="marklist('set_permissions', 'inherit', true); return false;">{L_MARK_ALL}</a> &bull; <a href="#" onclick="marklist('set_permissions', 'inherit', false); return false;">{L_UNMARK_ALL}</a>
 	</fieldset>
 
 	<fieldset class="quick" style="float: right;">

phpBB/adm/style/acp_search.html

@@ -82,7 +82,7 @@
 	<p>{L_ACP_SEARCH_INDEX_EXPLAIN}</p>
 
 	<!-- IF S_CONTINUE_INDEXING -->
-		<a href="{U_CONTINUE_INDEXING}" onclick="javascript:popup_progress_bar('{S_CONTINUE_INDEXING}');">{L_CONTINUE}</a>
+		<a href="{U_CONTINUE_INDEXING}" onclick="popup_progress_bar('{S_CONTINUE_INDEXING}'); return false;">{L_CONTINUE}</a>
 
 		<p>{L_CONTINUE_EXPLAIN}</p>
 	<!-- ELSE -->
@@ -121,9 +121,9 @@
 		
 			<fieldset class="quick">
 			<!-- IF backend.S_INDEXED -->
-				<input class="button2" type="submit" name="action[delete]" value="{L_DELETE_INDEX}" onclick="javascript:popup_progress_bar('delete')" />
+				<input class="button2" type="submit" name="action[delete]" value="{L_DELETE_INDEX}" onclick="popup_progress_bar('delete'); return false;" />
 			<!-- ELSE -->
-				<input class="button2" type="submit" name="action[create]" value="{L_CREATE_INDEX}" onclick="javascript:popup_progress_bar('create')" />
+				<input class="button2" type="submit" name="action[create]" value="{L_CREATE_INDEX}" onclick="popup_progress_bar('create'); return false;" />
 			<!-- ENDIF -->
 			</fieldset>
 			

phpBB/adm/style/acp_styles.html

@@ -440,7 +440,7 @@
 	</table>
 
 	<fieldset class="quick">
-		<span class="small"><a href="javascript:marklist('acp_styles', 'delete', true);">{L_MARK_ALL}</a> :: <a href="javascript:marklist('acp_styles', 'delete', false);">{L_UNMARK_ALL}</a></span><br />
+		<span class="small"><a href="#" onclick="marklist('acp_styles', 'delete', true); return false;">{L_MARK_ALL}</a> :: <a href="#" onclick="marklist('acp_styles', 'delete', false); return false;">{L_UNMARK_ALL}</a></span><br />
 
 		<input class="button1" type="submit" id="submit" name="submit" value="{L_DELETE_MARKED}" />
 	</fieldset>
@@ -537,7 +537,7 @@
 			<!-- ENDIF -->
 			{installed.S_ACTIONS}
 			<!-- IF S_STYLE -->
-				| <a href="{installed.U_PREVIEW}" onclick="this.target='_preview';">{L_PREVIEW}</a>
+				| <a href="{installed.U_PREVIEW}">{L_PREVIEW}</a>
 			<!-- ENDIF -->
 		</td>
 	<!-- END installed -->

phpBB/adm/style/acp_users.html

@@ -15,7 +15,7 @@
 	<dl>
 		<dt><label for="username">{L_FIND_USERNAME}:</label></dt>
 		<dd><input class="medium" type="text" id="username" name="username" /></dd>
-		<dd>[ <a href="#" onclick="window.open('{U_FIND_USERNAME}', '_phpbbsearch', 'height=500, resizable=yes, scrollbars=yes, width=740'); return false;">{L_FIND_USERNAME}</a> ]</dd>
+		<dd>[ <a href="{U_FIND_USERNAME}" onclick="window.open('{UA_FIND_USERNAME}', '_usersearch', 'height=500, resizable=yes, scrollbars=yes, width=740'); return false;">{L_FIND_USERNAME}</a> ]</dd>
 		<dd class="full" style="text-align: left;"><input type="checkbox" class="radio" id="anonymous" name="u" value="{ANONYMOUS_USER_ID}" /> &nbsp;{L_SELECT_ANONYMOUS}</dd>
 	</dl>
 	</fieldset>
@@ -168,7 +168,7 @@
 	<!-- IF PAGINATION -->
 	<div class="pagination">
 		<!-- IF PAGINATION -->
-			<a href="javascript:jumpto();" title="{L_JUMP_TO_PAGE}">{S_ON_PAGE}</a> &bull; <span>{PAGINATION}</span>
+			<a href="#" onclick="jumpto(); return false;" title="{L_JUMP_TO_PAGE}">{S_ON_PAGE}</a> &bull; <span>{PAGINATION}</span>
 		<!-- ELSE -->
 			{S_ON_PAGE}
 		<!-- ENDIF -->
@@ -587,9 +587,15 @@
 			<input type="button" class="button2" accesskey="c" name="addbbcode8" value="Code" style="width: 40px" onclick="bbstyle(8)" onmouseover="helpline('c')" />
 			<input type="button" class="button2" accesskey="l" name="addbbcode10" value="List" style="width: 40px" onclick="bbstyle(10)" onmouseover="helpline('l')" />
 			<input type="button" class="button2" accesskey="o" name="addbbcode12" value="List=" style="width: 40px" onclick="bbstyle(12)" onmouseover="helpline('o')" />
-			<!-- IF S_BBCODE_IMG --><input type="button" class="button2" accesskey="p" name="addbbcode14" value="Img" style="width: 40px"  onclick="bbstyle(14)" onmouseover="helpline('p')" /><!-- ENDIF -->
+			<!-- IF S_BBCODE_IMG -->
+				<input type="button" class="button2" accesskey="p" name="addbbcode14" value="Img" style="width: 40px"  onclick="bbstyle(14)" onmouseover="helpline('p')" />
+			<!-- ENDIF -->
+			<!-- IF S_LINKS_ALLOWED -->
 				<input type="button" class="button2" accesskey="w" name="addbbcode16" value="URL" style="text-decoration: underline; width: 40px" onclick="bbstyle(16)" onmouseover="helpline('w')" onmouseover="helpline('d')" />
-			<!-- IF S_BBCODE_FLASH --><input type="button" class="button2" accesskey="d" name="addbbcode18" value="Flash" onclick="bbstyle(18)" onmouseover="helpline('d')" /><!-- ENDIF -->
+			<!-- ENDIF -->
+			<!-- IF S_BBCODE_FLASH -->
+				<input type="button" class="button2" accesskey="d" name="addbbcode18" value="Flash" onclick="bbstyle(18)" onmouseover="helpline('d')" />
+			<!-- ENDIF -->
 
 			{L_FONT_SIZE}: <select name="addbbcode20" onchange="bbfontstyle('[size=' + this.form.addbbcode20.options[this.form.addbbcode20.selectedIndex].value + ']', '[/size]');this.form.addbbcode20.selectedIndex = 2;" onmouseover="helpline('f')">
 				<option value="7">{L_FONT_TINY}</option>
@@ -598,7 +604,7 @@
 				<option value="18">{L_FONT_LARGE}</option>
 				<option  value="24">{L_FONT_HUGE}</option>
 			</select>
-			<a href="javascript:bbstyle(-1)" onmouseover="helpline('a')">{L_CLOSE_TAGS}</a>
+			<a href="#" onclick="bbstyle(-1); return false;" onmouseover="helpline('a')">{L_CLOSE_TAGS}</a>
 		<!-- IF .custom_tags -->
 			<br /><br />
 			<!-- BEGIN custom_tags -->
@@ -615,10 +621,16 @@
 		</dt>
 		<dd style="text-align: left; margin-left: 95px;"><textarea name="signature" rows="10" cols="60" style="width: 80%;" onselect="storeCaret(this);" onclick="storeCaret(this);" onkeyup="storeCaret(this);">{SIGNATURE}</textarea></dd>
 		<dd style="text-align: left; margin-left: 95px;">
-			<!-- IF S_BBCODE_ALLOWED --><input type="checkbox" class="radio" name="disable_bbcode"{S_BBCODE_CHECKED} />&nbsp; {L_DISABLE_BBCODE} &nbsp;<!-- ENDIF -->
+			<!-- IF S_BBCODE_ALLOWED -->
-			<!-- IF S_SMILIES_ALLOWED --><input type="checkbox" class="radio" name="disable_smilies"{S_SMILIES_CHECKED} />&nbsp; {L_DISABLE_SMILIES} &nbsp;<!-- ENDIF -->
+				<input type="checkbox" class="radio" name="disable_bbcode"{S_BBCODE_CHECKED} />&nbsp; {L_DISABLE_BBCODE} &nbsp;
+			<!-- ENDIF -->
+			<!-- IF S_SMILIES_ALLOWED -->
+				<input type="checkbox" class="radio" name="disable_smilies"{S_SMILIES_CHECKED} />&nbsp; {L_DISABLE_SMILIES} &nbsp;
+			<!-- ENDIF -->
+			<!-- IF S_LINKS_ALLOWED -->
 				<input type="checkbox" class="radio" name="disable_magic_url"{S_MAGIC_URL_CHECKED} />&nbsp; {L_DISABLE_MAGIC_URL} &nbsp;
-			<br /><br /><strong>{L_OPTIONS}: </strong>{BBCODE_STATUS} :: {IMG_STATUS} :: {FLASH_STATUS} :: {SMILIES_STATUS}
+			<!-- ENDIF -->
+			<br /><br /><strong>{L_OPTIONS}: </strong>{BBCODE_STATUS} :: {IMG_STATUS} :: {FLASH_STATUS} :: {URL_STATUS} :: {SMILIES_STATUS}
 		</dd>
 	</dl>
 	</fieldset>
@@ -669,7 +681,7 @@
 
 	<div class="pagination" style="float: right;">
 		<!-- IF PAGINATION -->
-			<a href="javascript:jumpto();" title="{L_JUMP_TO_PAGE}">{S_ON_PAGE}</a> &bull; <span>{PAGINATION}</span>
+			<a href="#" onclick="jumpto(); return false;" title="{L_JUMP_TO_PAGE}">{S_ON_PAGE}</a> &bull; <span>{PAGINATION}</span>
 		<!-- ELSE -->
 			{S_ON_PAGE}
 		<!-- ENDIF -->

phpBB/adm/style/colour_swatch.html

@@ -57,7 +57,7 @@
 			{
 				color = String(numberList[r]) + String(numberList[g]) + String(numberList[b]);
 				document.write('<td style="background-color: #' + color + ';" onmouseover="this.className=\'over\'" onmouseout="this.className=\'out\'">');
-				document.write('<a href="javascript:cell(\'' + color + '\');"><img src="{T_IMAGES_PATH}spacer.gif" width="15" height="12" alt="#' + color + '" title="#' + color + '" \/><\/a>');
+				document.write('<a href="#" onclick="cell(\'' + color + '\'); return false;"><img src="{T_IMAGES_PATH}spacer.gif" width="15" height="12" alt="#' + color + '" title="#' + color + '" \/><\/a>');
 				document.writeln('<\/td>');
 			}
 		}

phpBB/adm/style/editor.js

@@ -485,7 +485,7 @@ function colorPalette(dir, width, height)
 			{
 				color = String(numberList[r]) + String(numberList[g]) + String(numberList[b]);
 				document.write('<td style="line-height: ' + height + 'px; background-color:#' + color + '; width: ' + width + 'px; height: ' + height + 'px;">');
-				document.write('<a href="javascript:bbfontstyle(\'[color=#' + color + ']\', \'[/color]\');" onmouseover="helpline(\'s\');"><img src="images/spacer.gif" width="' + width + '" height="' + height + '" alt="#' + color + '" title="#' + color + '" /></a>');
+				document.write('<a href="#" onclick="bbfontstyle(\'[color=#' + color + ']\', \'[/color]\'); return false;" onmouseover="helpline(\'s\');"><img src="images/spacer.gif" width="' + width + '" height="' + height + '" alt="#' + color + '" title="#' + color + '" /></a>');
 				document.writeln('</td>');
 			}
 

phpBB/adm/style/install_update.html

@@ -129,7 +129,7 @@
 							<br /><span>{L_NUM_CONFLICTS}: {files.NUM_CONFLICTS}</span>
 							<!-- ENDIF -->
 						</dt>
-						<dd>[ <a href="{files.U_SHOW_DIFF}" target="diff">{files.L_SHOW_DIFF}</a> ]</dd>
+						<dd>[ <a href="{files.U_SHOW_DIFF}" onclick="popup({files.UA_SHOW_DIFF}, 700, 500);">{files.L_SHOW_DIFF}</a> ]</dd>
 						<!-- IF files.S_CUSTOM -->
 							<dd><input type="checkbox" name="no_update[]" value="{files.FILENAME}" class="radio" />&nbsp; {L_DO_NOT_UPDATE}</dd>
 						<!-- ENDIF -->

phpBB/adm/style/permission_mask.html

@@ -160,7 +160,7 @@
 						<!-- IF not p_mask.S_VIEW --><input type="checkbox" class="radio" name="inherit[{p_mask.f_mask.UG_ID}][{p_mask.f_mask.FORUM_ID}]" value="1" /><!-- ELSE -->&nbsp;<!-- ENDIF -->
 					</span>
 				</td>
-				<td>{p_mask.f_mask.PADDING}<!-- IF p_mask.f_mask.FOLDER_IMAGE --> {p_mask.f_mask.FOLDER_IMAGE} <!-- ENDIF --><a href="javascript:swap_options('{p_mask.S_ROW_COUNT}', '{p_mask.f_mask.S_ROW_COUNT}', '0');">{p_mask.f_mask.NAME}</a></span></td>
+				<td>{p_mask.f_mask.PADDING}<!-- IF p_mask.f_mask.FOLDER_IMAGE --> {p_mask.f_mask.FOLDER_IMAGE} <!-- ENDIF --><a href="#" onclick="swap_options('{p_mask.S_ROW_COUNT}', '{p_mask.f_mask.S_ROW_COUNT}', '0'); return false;">{p_mask.f_mask.NAME}</a></span></td>
 				<td style="text-align: right;">
 				<!-- IF p_mask.S_VIEW -->
 					&nbsp;
@@ -186,7 +186,7 @@
 			<!-- ELSE -->
 				<td class="preset preset_custom">
 			<!-- ENDIF -->
-				<a href="javascript:swap_options('{p_mask.S_ROW_COUNT}', '{p_mask.f_mask.S_ROW_COUNT}', '{p_mask.f_mask.category.S_ROW_COUNT}');"><span></span></a></td>
+				<a href="#" onclick="swap_options('{p_mask.S_ROW_COUNT}', '{p_mask.f_mask.S_ROW_COUNT}', '{p_mask.f_mask.category.S_ROW_COUNT}'); return false;"><span></span></a></td>
 		<!-- END category -->
 	</tr>
 	<tr class="row3">
@@ -199,9 +199,9 @@
 				</div>
 				<div style="float: right; text-align: right; width: 35%;">
 					<p class="small">
-						[<a href="javascript: mark_options('a_options{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}', 'y'); reset_role('role{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}');">{L_ALL_YES}</a>]<br />
+						[<a href="#" onclick="mark_options('a_options{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}', 'y'); reset_role('role{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}'); return false;">{L_ALL_YES}</a>]<br />
-						[<a href="javascript: mark_options('a_options{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}', 'n'); reset_role('role{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}');">{L_ALL_NEVER}</a>]<br />
+						[<a href="#" onclick="mark_options('a_options{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}', 'n'); reset_role('role{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}'); return false;">{L_ALL_NEVER}</a>]<br />
-						[<a href="javascript: mark_options('a_options{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}', 'u'); reset_role('role{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}');">{L_ALL_NO}</a>]
+						[<a href="#" onclick="mark_options('a_options{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}', 'u'); reset_role('role{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}'); return false;">{L_ALL_NO}</a>]
 					</p>
 				</div>
 			<!-- ELSE -->
@@ -220,16 +220,16 @@
 					<th scope="col">{L_ACL_YES}</th>
 					<th scope="col">{L_ACL_NEVER}</th>
 				<!-- ELSE -->
-					<th scope="col"><a href="javascript: mark_options('options{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}{p_mask.f_mask.category.S_ROW_COUNT}', 'y'); reset_role('role{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}');">{L_ACL_YES}</a></th>
+					<th scope="col"><a href="#" onclick="mark_options('options{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}{p_mask.f_mask.category.S_ROW_COUNT}', 'y'); reset_role('role{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}'); return false;">{L_ACL_YES}</a></th>
-					<th scope="col"><a href="javascript: mark_options('options{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}{p_mask.f_mask.category.S_ROW_COUNT}', 'u'); reset_role('role{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}');">{L_ACL_NO}</a></th>
+					<th scope="col"><a href="#" onclick="mark_options('options{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}{p_mask.f_mask.category.S_ROW_COUNT}', 'u'); reset_role('role{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}'); return false;">{L_ACL_NO}</a></th>
-					<th scope="col"><a href="javascript: mark_options('options{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}{p_mask.f_mask.category.S_ROW_COUNT}', 'n'); reset_role('role{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}');">{L_ACL_NEVER}</a></th>
+					<th scope="col"><a href="#" onclick="mark_options('options{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}{p_mask.f_mask.category.S_ROW_COUNT}', 'n'); reset_role('role{p_mask.S_ROW_COUNT}{p_mask.f_mask.S_ROW_COUNT}'); return false;">{L_ACL_NEVER}</a></th>
 				<!-- ENDIF -->
 				</tr>
 				</thead>
 				<tbody>
 				<!-- BEGIN mask -->
 					<!-- IF p_mask.f_mask.category.mask.S_ROW_COUNT is even --><tr class="row4"><!-- ELSE --><tr class="row3"><!-- ENDIF -->
-					<th><!-- IF p_mask.f_mask.category.mask.U_TRACE --><a href="#" onclick="javascript:trace('{p_mask.f_mask.category.mask.U_TRACE}')" title="{L_TRACE_SETTING}"><img src="images/icon_trace.gif" alt="{L_TRACE_SETTING}" /></a> <!-- ENDIF -->{p_mask.f_mask.category.mask.PERMISSION}</th>
+					<th><!-- IF p_mask.f_mask.category.mask.U_TRACE --><a href="#" onclick="trace('{p_mask.f_mask.category.mask.U_TRACE}'); return false;" title="{L_TRACE_SETTING}"><img src="images/icon_trace.gif" alt="{L_TRACE_SETTING}" /></a> <!-- ENDIF -->{p_mask.f_mask.category.mask.PERMISSION}</th>
 					<!-- IF p_mask.S_VIEW -->
 						<td<!-- IF p_mask.f_mask.category.mask.S_YES --> class="yes"<!-- ELSE --> class="no"<!-- ENDIF -->>&nbsp;</td>
 						<td<!-- IF p_mask.f_mask.category.mask.S_NEVER --> class="never"<!-- ELSE --> class="no"<!-- ENDIF -->>&nbsp;</td>

phpBB/adm/style/simple_footer.html

@@ -1,4 +1,4 @@
-		<div style="text-align: right;"><a href="#" onclick="javascript: self.close();">{L_CLOSE_WINDOW}</a></div>
+		<div style="text-align: right;"><a href="#" onclick="self.close(); return false;">{L_CLOSE_WINDOW}</a></div>
 	<br /><br />
 </div>
 

phpBB/develop/create_schema_files.php

@@ -646,6 +646,7 @@ function get_schema_struct()
 			'topic_id'			=> array('UINT', 0),
 			'in_message'		=> array('BOOL', 0),
 			'poster_id'			=> array('UINT', 0),
+			'is_orphan'			=> array('BOOL', 1),
 			'physical_filename'	=> array('VCHAR', ''),
 			'real_filename'		=> array('VCHAR', ''),
 			'download_count'	=> array('UINT', 0),
@@ -662,7 +663,7 @@ function get_schema_struct()
 			'post_msg_id'		=> array('INDEX', 'post_msg_id'),
 			'topic_id'			=> array('INDEX', 'topic_id'),
 			'poster_id'			=> array('INDEX', 'poster_id'),
-			'filesize'			=> array('INDEX', 'filesize'),
+			'is_orphan'			=> array('INDEX', 'is_orphan'),
 		),
 	);
 
@@ -1398,8 +1399,8 @@ function get_schema_struct()
 			'code'				=> array('VCHAR:50', ''),
 			'emotion'			=> array('VCHAR:50', ''),
 			'smiley_url'		=> array('VCHAR:50', ''),
-			'smiley_width'		=> array('TINT:4', 0),
+			'smiley_width'		=> array('USINT', 0),
-			'smiley_height'		=> array('TINT:4', 0),
+			'smiley_height'		=> array('USINT', 0),
 			'smiley_order'		=> array('UINT', 0),
 			'display_on_posting'=> array('BOOL', 1),
 		),

phpBB/download.php

@@ -34,7 +34,7 @@ if (!$config['allow_attachments'] && !$config['allow_pm_attach'])
 	trigger_error('ATTACHMENT_FUNCTIONALITY_DISABLED');
 }
 
-$sql = 'SELECT attach_id, in_message, post_msg_id, extension
+$sql = 'SELECT attach_id, in_message, post_msg_id, extension, is_orphan, poster_id
 	FROM ' . ATTACHMENTS_TABLE . "
 	WHERE attach_id = $download_id";
 $result = $db->sql_query_limit($sql, 1);
@@ -52,8 +52,24 @@ if ((!$attachment['in_message'] && !$config['allow_attachments']) || ($attachmen
 }
 
 $row = array();
-if (!$attachment['in_message'])
+
+if ($attachment['is_orphan'])
 {
+	// We allow admins having attachment permissions to see orphan attachments...
+	$own_attachment = ($auth->acl_get('a_attach') || $attachment['poster_id'] == $user->data['user_id']) ? true : false;
+
+	if (!$own_attachment || ($attachment['in_message'] && !$auth->acl_get('u_pm_download')) || (!$attachment['in_message'] && !$auth->acl_get('u_download')))
+	{
+		trigger_error('ERROR_NO_ATTACHMENT');
+	}
+
+	$extensions = array();
+	$cache->obtain_attach_extensions($extensions);
+}
+else
+{
+	if (!$attachment['in_message'])
+	{
 		// 
 		$sql = 'SELECT p.forum_id, f.forum_password, f.parent_id
 			FROM ' . POSTS_TABLE . ' p, ' . FORUMS_TABLE . ' f
@@ -88,21 +104,22 @@ if (!$attachment['in_message'])
 		{
 			trigger_error('SORRY_AUTH_VIEW_ATTACH');
 		}
-}
+	}
-else
+	else
-{
+	{
 		$row['forum_id'] = 0;
 		if (!$auth->acl_get('u_pm_download'))
 		{
 			trigger_error('SORRY_AUTH_VIEW_ATTACH');
 		}
-}
+	}
 
-// disallowed ?
+	// disallowed ?
-$extensions = array();
+	$extensions = array();
-if (!extension_allowed($row['forum_id'], $attachment['extension'], $extensions))
+	if (!extension_allowed($row['forum_id'], $attachment['extension'], $extensions))
-{
+	{
 		trigger_error(sprintf($user->lang['EXTENSION_DISABLED_AFTER_POSTING'], $attachment['extension']));
+	}
 }
 
 if (!download_allowed())
@@ -113,7 +130,7 @@ if (!download_allowed())
 $download_mode = (int) $extensions[$attachment['extension']]['download_mode'];
 
 // Fetching filename here to prevent sniffing of filename
-$sql = 'SELECT attach_id, in_message, post_msg_id, extension, physical_filename, real_filename, mimetype
+$sql = 'SELECT attach_id, is_orphan, in_message, post_msg_id, extension, physical_filename, real_filename, mimetype
 	FROM ' . ATTACHMENTS_TABLE . "
 	WHERE attach_id = $download_id";
 $result = $db->sql_query_limit($sql, 1);
@@ -125,7 +142,6 @@ if (!$attachment)
 	trigger_error('ERROR_NO_ATTACHMENT');
 }
 
-
 $attachment['physical_filename'] = basename($attachment['physical_filename']);
 $display_cat = $extensions[$attachment['extension']]['display_cat'];
 
@@ -133,7 +149,7 @@ if ($thumbnail)
 {
 	$attachment['physical_filename'] = 'thumb_' . $attachment['physical_filename'];
 }
-else if ($display_cat == ATTACHMENT_CATEGORY_NONE || $display_cat == ATTACHMENT_CATEGORY_IMAGE)
+else if (($display_cat == ATTACHMENT_CATEGORY_NONE || $display_cat == ATTACHMENT_CATEGORY_IMAGE) && !$attachment['is_orphan'])
 {
 	// Update download count
 	$sql = 'UPDATE ' . ATTACHMENTS_TABLE . ' 
@@ -176,7 +192,7 @@ function send_file_to_browser($attachment, $upload_dir, $category)
 
 	// Correct the mime type - we force application/octetstream for all files, except images
 	// Please do not change this, it is a security precaution
-	if ($category == ATTACHMENT_CATEGORY_NONE && strpos($attachment['mimetype'], 'image') === false)
+	if (strpos($attachment['mimetype'], 'image') !== 0)
 	{
 		$attachment['mimetype'] = (strpos(strtolower($user->browser), 'msie') !== false || strpos(strtolower($user->browser), 'opera') !== false) ? 'application/octetstream' : 'application/octet-stream';
 	}
@@ -206,13 +222,18 @@ function send_file_to_browser($attachment, $upload_dir, $category)
 	// Now the tricky part... let's dance
 	header('Pragma: public');
 
-	// Try X-Sendfile since it is much more server friendly.
+	// Try X-Sendfile since it is much more server friendly - only works if the path is *not* outside of the root path...
 	// lighttpd has core support for it. An apache2 module is available at http://celebnamer.celebworld.ws/stuff/mod_xsendfile/
+
+	// Not really ideal, but should work fine...
+	if (strpos($upload_dir, '/') !== 0 && strpos($upload_dir, '../') === false)
+	{
 		header('X-Sendfile: ' . $filename);
+	}
 
 	// Send out the Headers. Do not set Content-Disposition to inline please, it is a security measure for users using the Internet Explorer.
 	header('Content-Type: ' . $attachment['mimetype'] . '; name="' . $attachment['real_filename'] . '"');
-	header('Content-Disposition: attachment; filename="' . $attachment['real_filename'] . '"');
+	header('Content-Disposition: ' . ((strpos($attachment['mimetype'], 'image') === 0) ? 'inline' : 'attachment') . '; filename="' . $attachment['real_filename'] . '"');
 
 	if ($size)
 	{
@@ -221,7 +242,6 @@ function send_file_to_browser($attachment, $upload_dir, $category)
 
 	// Might not be ideal to store the contents, but file_get_contents is binary-safe as well as the recommended method
 	echo @file_get_contents($filename);
-	unset($contents);
 
 	flush();
 	exit;

phpBB/includes/acp/acp_attachments.php

@@ -825,24 +825,45 @@ class acp_attachments
 					$add_files = (isset($_POST['add'])) ? array_keys(request_var('add', array('' => 0))) : array();
 					$post_ids = request_var('post_id', array('' => 0));
 
-					foreach ($delete_files as $delete)
+					if (sizeof($delete_files))
 					{
-						phpbb_unlink($delete);
+						$sql = 'SELECT *
-						phpbb_unlink($delete, 'thumbnail');
+							FROM ' . ATTACHMENTS_TABLE . '
+							WHERE ' . $db->sql_in_set('attach_id', $delete_files) . '
+								AND is_orphan = 1';
+						$result = $db->sql_query($sql);
+
+						$delete_files = array();
+						while ($row = $db->sql_fetchrow($result))
+						{
+							phpbb_unlink($row['physical_filename']);
+
+							if ($row['thumbnail'])
+							{
+								phpbb_unlink($row['physical_filename'], 'thumbnail');
+							}
+
+							$delete_files[$row['attach_id']] = $row['real_filename'];
+						}
+						$db->sql_freeresult($result);
 					}
 
 					if (sizeof($delete_files))
 					{
+						$sql = 'DELETE FROM ' . ATTACHMENTS_TABLE . '
+							WHERE ' . $db->sql_in_set('attach_id', array_keys($delete_files));
+						$db->sql_query($sql);
+
 						add_log('admin', 'LOG_ATTACH_ORPHAN_DEL', implode(', ', $delete_files));
 						$notify[] = sprintf($user->lang['LOG_ATTACH_ORPHAN_DEL'], implode(', ', $delete_files));
 					}
 
 					$upload_list = array();
-					foreach ($add_files as $file)
+					foreach ($add_files as $attach_id)
 					{
-						if (!in_array($file, $delete_files) && $post_ids[$file])
+						if (!in_array($attach_id, array_keys($delete_files)) && !empty($post_ids[$attach_id]))
 						{
-							$upload_list[$post_ids[$file]] = $file;
+							$upload_list[$attach_id] = $post_ids[$attach_id];
 						}
 					}
 					unset($add_files);
@@ -851,9 +872,6 @@ class acp_attachments
 					{
 						$template->assign_var('S_UPLOADING_FILES', true);
 
-						include_once($phpbb_root_path . 'includes/message_parser.' . $phpEx);
-						$message_parser = new parse_message();
-
 						$sql = 'SELECT forum_id, forum_name
 							FROM ' . FORUMS_TABLE;
 						$result = $db->sql_query($sql);
@@ -865,30 +883,67 @@ class acp_attachments
 						}
 						$db->sql_freeresult($result);
 
-						$sql = 'SELECT forum_id, topic_id, post_id 
+						$sql = 'SELECT forum_id, topic_id, post_id, poster_id
 							FROM ' . POSTS_TABLE . '
-							WHERE ' . $db->sql_in_set('post_id', array_keys($upload_list));
+							WHERE ' . $db->sql_in_set('post_id', $upload_list);
+						$result = $db->sql_query($sql);
+
+						$post_info = array();
+						while ($row = $db->sql_fetchrow($result))
+						{
+							$post_info[$row['post_id']] = $row;
+						}
+						$db->sql_freeresult($result);
+
+						// Select those attachments we want to change...
+						$sql = 'SELECT *
+							FROM ' . ATTACHMENTS_TABLE . '
+							WHERE ' . $db->sql_in_set('attach_id', array_keys($upload_list)) . '
+								AND is_orphan = 1';
 						$result = $db->sql_query($sql);
 
 						while ($row = $db->sql_fetchrow($result))
 						{
-							$return = true;
+							$post_row = $post_info[$upload_list[$row['attach_id']]];
-
-							if ($auth->acl_get('f_attach', $row['forum_id']))
-							{
-								$return = $this->upload_file($row['post_id'], $row['topic_id'], $row['forum_id'], $config['upload_path'], $upload_list[$row['post_id']]);
-							}
 
 							$template->assign_block_vars('upload', array(
-								'FILE_INFO'		=> sprintf($user->lang['UPLOADING_FILE_TO'], $upload_list[$row['post_id']], $row['post_id']),
+								'FILE_INFO'		=> sprintf($user->lang['UPLOADING_FILE_TO'], $row['real_filename'], $post_row['post_id']),
-								'S_DENIED'		=> (!$auth->acl_get('f_attach', $row['forum_id'])) ? true : false,
+								'S_DENIED'		=> (!$auth->acl_get('f_attach', $post_row['forum_id'])) ? true : false,
-								'L_DENIED'		=> (!$auth->acl_get('f_attach', $row['forum_id'])) ? sprintf($user->lang['UPLOAD_DENIED_FORUM'], $forum_names[$row['forum_id']]) : '',
+								'L_DENIED'		=> (!$auth->acl_get('f_attach', $post_row['forum_id'])) ? sprintf($user->lang['UPLOAD_DENIED_FORUM'], $forum_names[$row['forum_id']]) : '')
-								'ERROR_MSG'		=> ($return === true) ? false : $return)
 							);
+
+							if (!$auth->acl_get('f_attach', $post_row['forum_id']))
+							{
+								continue;
+							}
+
+							// Adjust attachment entry
+							$sql_ary = array(
+								'in_message'	=> 0,
+								'is_orphan'		=> 0,
+								'poster_id'		=> $post_row['poster_id'],
+								'post_msg_id'	=> $post_row['post_id'],
+								'topic_id'		=> $post_row['topic_id'],
+							);
+
+							$sql = 'UPDATE ' . ATTACHMENTS_TABLE . '
+								SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
+								WHERE attach_id = ' . $row['attach_id'];
+							$db->sql_query($sql);
+
+							$sql = 'UPDATE ' . POSTS_TABLE . '
+								SET post_attachment = 1
+								WHERE post_id = ' . $post_row['post_id'];
+							$db->sql_query($sql);
+
+							$sql = 'UPDATE ' . TOPICS_TABLE . '
+								SET topic_attachment = 1
+								WHERE topic_id = ' . $post_row['topic_id'];
+							$db->sql_query($sql);
+
+							add_log('admin', 'LOG_ATTACH_FILEUPLOAD', $post_row['post_id'], $row['real_filename']);
 						}
 						$db->sql_freeresult($result);
-
-						unset($message_parser);
 					}
 				}
 
@@ -896,42 +951,30 @@ class acp_attachments
 					'S_ORPHAN'		=> true)
 				);
 
-				$attach_filelist = array();
+				// Just get the files with is_orphan set and older than 3 hours
-
+				$sql = 'SELECT *
-				$dir = @opendir($phpbb_root_path . $config['upload_path']);
+					FROM ' . ATTACHMENTS_TABLE . '
-				while (($file = @readdir($dir)) !== false)
+					WHERE is_orphan = 1
-				{
+						AND filetime < ' . (time() - 3*60*60) . '
-					if (is_file($phpbb_root_path . $config['upload_path'] . '/' . $file) && filesize($phpbb_root_path . $config['upload_path'] . '/' . $file) && $file{0} != '.' && $file != 'index.htm' && !preg_match('#^thumb\_#', $file))
+					ORDER BY filetime DESC';
-					{
-						$attach_filelist[$file] = $file;
-					}
-				}
-				@closedir($dir);
-
-				$sql = 'SELECT physical_filename 
-					FROM ' . ATTACHMENTS_TABLE;
 				$result = $db->sql_query($sql);
 
 				while ($row = $db->sql_fetchrow($result))
 				{
-					unset($attach_filelist[$row['physical_filename']]);
+					$size_lang = ($row['filesize'] >= 1048576) ? $user->lang['MB'] : (($row['filesize'] >= 1024) ? $user->lang['KB'] : $user->lang['BYTES']);
-				}
+					$row['filesize'] = ($row['filesize'] >= 1048576) ? round((round($row['filesize'] / 1048576 * 100) / 100), 2) : (($row['filesize'] >= 1024) ? round((round($row['filesize'] / 1024 * 100) / 100), 2) : $row['filesize']);
-				$db->sql_freeresult($result);
-
-				$i = 0;
-				foreach ($attach_filelist as $file)
-				{
-					$filesize = @filesize($phpbb_root_path . $config['upload_path'] . '/' . $file);
-					$size_lang = ($filesize >= 1048576) ? $user->lang['MB'] : ( ($filesize >= 1024) ? $user->lang['KB'] : $user->lang['BYTES'] );
-					$filesize = ($filesize >= 1048576) ? round((round($filesize / 1048576 * 100) / 100), 2) : (($filesize >= 1024) ? round((round($filesize / 1024 * 100) / 100), 2) : $filesize);
 
 					$template->assign_block_vars('orphan', array(
-						'FILESIZE'		=> $filesize . ' ' . $size_lang,
+						'FILESIZE'			=> $row['filesize'] . ' ' . $size_lang,
-						'U_FILE'		=> $phpbb_root_path . $config['upload_path'] . '/' . $file,
+						'FILETIME'			=> $user->format_date($row['filetime']),
-						'FILE'			=> $file,
+						'REAL_FILENAME'		=> basename($row['real_filename']),
-						'POST_IDS'		=> (!empty($post_ids[$file])) ? $post_ids[$file] : '')
+						'PHYSICAL_FILENAME'	=> basename($row['physical_filename']),
+						'ATTACH_ID'			=> $row['attach_id'],
+						'POST_IDS'			=> (!empty($post_ids[$row['attach_id']])) ? $post_ids[$row['attach_id']] : '',
+						'U_FILE'			=> append_sid($phpbb_root_path . 'download.' . $phpEx, 'id=' . $row['attach_id']))
 					);
 				}
+				$db->sql_freeresult($result);
 
 			break;
 		}
@@ -1083,15 +1126,12 @@ class acp_attachments
 
 	/** 
 	* Upload already uploaded file... huh? are you kidding?
-	*/
 	function upload_file($post_id, $topic_id, $forum_id, $upload_dir, $filename)
 	{
 		global $message_parser, $db, $user, $phpbb_root_path;
 
 		$message_parser->attachment_data = array();
-
 		$message_parser->filename_data['filecomment'] = '';
-		$message_parser->filename_data['filename'] = $phpbb_root_path . $upload_dir . '/' . basename($filename);
 
 		$filedata = upload_attachment('local', $forum_id, true, $phpbb_root_path . $upload_dir . '/' . basename($filename));
 
@@ -1144,6 +1184,7 @@ class acp_attachments
 			return sprintf($user->lang['ADMIN_UPLOAD_ERROR'], implode('<br />', $filedata['error']));
 		}
 	}
+		*/
 
 	/**
 	* Search Imagick

phpBB/includes/acp/acp_board.php

@@ -65,10 +65,6 @@ class acp_board
 						'allow_bbcode'			=> array('lang' => 'ALLOW_BBCODE',			'type' => 'radio:yes_no', 'explain' => false),
 						'allow_smilies'			=> array('lang' => 'ALLOW_SMILIES',			'type' => 'radio:yes_no', 'explain' => false),
 						'allow_sig'				=> array('lang' => 'ALLOW_SIG',				'type' => 'radio:yes_no', 'explain' => false),
-						'allow_sig_bbcode'		=> array('lang' => 'ALLOW_SIG_BBCODE',		'type' => 'radio:yes_no', 'explain' => false),
-						'allow_sig_img'			=> array('lang' => 'ALLOW_SIG_IMG',			'type' => 'radio:yes_no', 'explain' => false),
-						'allow_sig_flash'		=> array('lang' => 'ALLOW_SIG_FLASH',		'type' => 'radio:yes_no', 'explain' => false),
-						'allow_sig_smilies'		=> array('lang' => 'ALLOW_SIG_SMILIES',		'type' => 'radio:yes_no', 'explain' => false),
 						'allow_nocensors'		=> array('lang' => 'ALLOW_NO_CENSORS',		'type' => 'radio:yes_no', 'explain' => true),
 						'allow_bookmarks'		=> array('lang' => 'ALLOW_BOOKMARKS',		'type' => 'radio:yes_no', 'explain' => true),
 
@@ -138,6 +134,7 @@ class acp_board
 						'allow_forum_notify'	=> array('lang' => 'ALLOW_FORUM_NOTIFY',	'type' => 'radio:yes_no', 'explain' => false),
 						'allow_bbcode'			=> array('lang' => 'ALLOW_BBCODE',			'type' => 'radio:yes_no', 'explain' => false),
 						'allow_smilies'			=> array('lang' => 'ALLOW_SMILIES',			'type' => 'radio:yes_no', 'explain' => false),
+						'allow_post_links'		=> array('lang' => 'ALLOW_POST_LINKS',		'type' => 'radio:yes_no', 'explain' => true),
 						'allow_nocensors'		=> array('lang' => 'ALLOW_NO_CENSORS',		'type' => 'radio:yes_no', 'explain' => true),
 						'allow_bookmarks'		=> array('lang' => 'ALLOW_BOOKMARKS',		'type' => 'radio:yes_no', 'explain' => true),
 						'enable_post_confirm'	=> array('lang' => 'VISUAL_CONFIRM_POST',	'type' => 'radio:yes_no', 'explain' => true),
@@ -173,6 +170,7 @@ class acp_board
 						'allow_sig_img'			=> array('lang' => 'ALLOW_SIG_IMG',			'type' => 'radio:yes_no', 'explain' => false),
 						'allow_sig_flash'		=> array('lang' => 'ALLOW_SIG_FLASH',		'type' => 'radio:yes_no', 'explain' => false),
 						'allow_sig_smilies'		=> array('lang' => 'ALLOW_SIG_SMILIES',		'type' => 'radio:yes_no', 'explain' => false),
+						'allow_sig_links'		=> array('lang' => 'ALLOW_SIG_LINKS',		'type' => 'radio:yes_no', 'explain' => true),
 
 						'legend2'				=> 'GENERAL_SETTINGS',
 						'max_sig_chars'			=> array('lang' => 'MAX_SIG_LENGTH',		'type' => 'text:5:4', 'explain' => true),

phpBB/includes/acp/acp_bots.php

@@ -142,6 +142,12 @@ class acp_bots
 					}
 					$bot_row['bot_ip'] = str_replace(' ', '', $bot_row['bot_ip']);
 
+					// Make sure the admin is not adding a bot with an user agent similar to his one
+					if ($bot_row['bot_agent'] && substr($user->data['session_browser'], 0, 149) === substr($bot_row['bot_agent'])
+					{
+						$error[] = $user->lang['ERR_BOT_AGENT_MATCHES_UA'];
+					}
+
 					if (!sizeof($error))
 					{
 						$db->sql_transaction('begin');

phpBB/includes/acp/acp_captcha.php

@@ -71,7 +71,7 @@ class acp_captcha
 						$template->assign_var('GD', true);
 						foreach ($policy_modules as $module_name)
 						{
-							$template->assign_var('U_' . strtoupper($module_name), sprintf($user->lang['CAPTCHA_EXPLAIN'], '<a href="' . append_sid("{$phpbb_root_path}adm/index.$phpEx", 'i=captcha&amp;mode=img&amp;policy=' . $module_name) . '" target="_blank">', '</a>'));
+							$template->assign_var('U_' . strtoupper($module_name), sprintf($user->lang['CAPTCHA_EXPLAIN'], '<a href="' . append_sid("{$phpbb_root_path}adm/index.$phpEx", 'i=captcha&amp;mode=img&amp;policy=' . $module_name) . '">', '</a>'));
 						}
 						if (function_exists('imagettfbbox') && function_exists('imagettftext'))
 						{

phpBB/includes/acp/acp_email.php

@@ -217,6 +217,7 @@ class acp_email
 			'S_GROUP_OPTIONS'		=> $select_list,
 			'USERNAMES'				=> $usernames,
 			'U_FIND_USERNAME'		=> append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=acp_email&field=usernames'),
+			'UA_FIND_USERNAME'		=> append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=acp_email&field=usernames', false),
 			'SUBJECT'				=> $subject,
 			'MESSAGE'				=> $message,
 			'S_PRIORITY_OPTIONS'	=> $s_priority_options)

phpBB/includes/acp/acp_forums.php

@@ -543,12 +543,12 @@ class acp_forums
 					'S_TOPIC_ICONS'				=> ($forum_data['enable_icons']) ? true : false,
 					'S_DISPLAY_ON_INDEX'		=> ($forum_data['display_on_index']) ? true : false,
 					'S_PRUNE_ENABLE'			=> ($forum_data['enable_prune']) ? true : false,
-					'S_FORUM_LINK_TRACK'		=> ($forum_data['forum_flags'] & 1) ? true : false,
+					'S_FORUM_LINK_TRACK'		=> ($forum_data['forum_flags'] & FORUM_FLAG_LINK_TRACK) ? true : false,
-					'S_PRUNE_OLD_POLLS'			=> ($forum_data['forum_flags'] & 2) ? true : false,
+					'S_PRUNE_OLD_POLLS'			=> ($forum_data['forum_flags'] & FORUM_FLAG_PRUNE_POLL) ? true : false,
-					'S_PRUNE_ANNOUNCE'			=> ($forum_data['forum_flags'] & 4) ? true : false,
+					'S_PRUNE_ANNOUNCE'			=> ($forum_data['forum_flags'] & FORUM_FLAG_PRUNE_ANNOUNCE) ? true : false,
-					'S_PRUNE_STICKY'			=> ($forum_data['forum_flags'] & 8) ? true : false,
+					'S_PRUNE_STICKY'			=> ($forum_data['forum_flags'] & FORUM_FLAG_PRUNE_STICKY) ? true : false,
-					'S_DISPLAY_ACTIVE_TOPICS'	=> ($forum_data['forum_flags'] & 16) ? true : false,
+					'S_DISPLAY_ACTIVE_TOPICS'	=> ($forum_data['forum_flags'] & FORUM_FLAG_ACTIVE_TOPICS) ? true : false,
-					'S_ENABLE_POST_REVIEW'		=> ($forum_data['forum_flags'] & 32) ? true : false,
+					'S_ENABLE_POST_REVIEW'		=> ($forum_data['forum_flags'] & FORUM_FLAG_POST_REVIEW) ? true : false,
 					)
 				);
 

phpBB/includes/acp/acp_groups.php

@@ -614,6 +614,7 @@ class acp_groups
 					'U_ACTION'			=> $this->u_action . "&g=$group_id",
 					'U_BACK'			=> $this->u_action,
 					'U_FIND_USERNAME'	=> append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=list&field=usernames'),
+					'UA_FIND_USERNAME'	=> append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=list&field=usernames', false),
 					'U_DEFAULT_ALL'		=> "{$this->u_action}&action=default&g=$group_id")
 				);
 

phpBB/includes/acp/acp_main.php

@@ -215,14 +215,16 @@ class acp_main
 				set_config('num_users', (int) $row['stat'], true);
 
 				$sql = 'SELECT COUNT(attach_id) as stat
-					FROM ' . ATTACHMENTS_TABLE;
+					FROM ' . ATTACHMENTS_TABLE . '
+					WHERE is_orphan = 0';
 				$result = $db->sql_query($sql);
 
 				set_config('num_files', (int) $db->sql_fetchfield('stat'), true);
 				$db->sql_freeresult($result);
 
 				$sql = 'SELECT SUM(filesize) as stat
-					FROM ' . ATTACHMENTS_TABLE;
+					FROM ' . ATTACHMENTS_TABLE . '
+					WHERE is_orphan = 0';
 				$result = $db->sql_query($sql);
 
 				set_config('upload_dir_size', (int) $db->sql_fetchfield('stat'), true);
@@ -404,6 +406,13 @@ class acp_main
 			$files_per_day = $total_files;
 		}
 
+		$sql = 'SELECT COUNT(attach_id) total_orphan
+			FROM ' . ATTACHMENTS_TABLE . '
+			WHERE is_orphan = 1';
+		$result = $db->sql_query($sql);
+		$total_orphan = (int) $db->sql_fetchfield('total_orphan');
+		$db->sql_freeresult($result);
+
 		$dbsize = get_database_size();
 		$s_action_options = build_select(array('online' => 'RESET_ONLINE', 'date' => 'RESET_DATE', 'stats' => 'RESYNC_STATS', 'user' => 'RESYNC_POSTCOUNTS', 'db_track' => 'RESYNC_POST_MARKING'));
 
@@ -420,6 +429,7 @@ class acp_main
 			'AVATAR_DIR_SIZE'	=> $avatar_dir_size,
 			'DBSIZE'			=> $dbsize,
 			'UPLOAD_DIR_SIZE'	=> $upload_dir_size,
+			'TOTAL_ORPHAN'		=> $total_orphan,
 			'GZIP_COMPRESSION'	=> ($config['gzip_compress']) ? $user->lang['ON'] : $user->lang['OFF'],
 			'DATABASE_INFO'		=> $db->sql_server_info(),
 

phpBB/includes/acp/acp_permissions.php

@@ -331,7 +331,8 @@ class acp_permissions
 
 					$template->assign_vars(array(
 						'S_SELECT_USER'			=> true,
-						'U_FIND_USERNAME'		=> append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=select_victim&field=username'))
+						'U_FIND_USERNAME'		=> append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=select_victim&field=username'),
+						'UA_FIND_USERNAME'		=> append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=select_victim&field=username', false))
 					);
 
 				break;
@@ -393,17 +394,23 @@ class acp_permissions
 						'S_DEFINED_USER_OPTIONS'	=> $items['user_ids_options'],
 						'S_DEFINED_GROUP_OPTIONS'	=> $items['group_ids_options'],
 						'S_ADD_GROUP_OPTIONS'		=> group_select_options(false, $items['group_ids']),
-						'U_FIND_USERNAME'			=> append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=add_user&field=username'))
+						'U_FIND_USERNAME'			=> append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=add_user&field=username'),
+						'UA_FIND_USERNAME'			=> append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=add_user&field=username', false))
 					);
 
 				break;
 			}
 
+			// The S_ALLOW_SELECT parameter below is a measure to lower memory usage.
+			// If there are more than 5 forums selected the admin is not able to select all users/groups too.
+			// We need to see if the number of forums can be increased or need to be decreased.
+
 			$template->assign_vars(array(
 				'U_ACTION'				=> $this->u_action,
 				'ANONYMOUS_USER_ID'		=> ANONYMOUS,
 
 				'S_SELECT_VICTIM'		=> true,
+				'S_ALLOW_ALL_SELECT'	=> (sizeof($forum_id) > 5) ? false : true,
 				'S_CAN_SELECT_USER'		=> ($auth->acl_get('a_authusers')) ? true : false,
 				'S_CAN_SELECT_GROUP'	=> ($auth->acl_get('a_authgroups')) ? true : false,
 				'S_HIDDEN_FIELDS'		=> $s_hidden_fields)

phpBB/includes/acp/acp_users.php

@@ -53,7 +53,7 @@ class acp_users
 			if ($ipwhois = user_ipwhois($user_ip))
 			{
 				$ipwhois = preg_replace('#(\s)([\w\-\._\+]+@[\w\-\.]+)(\s)#', '\1<a href="mailto:\2">\2</a>\3', $ipwhois);
-				$ipwhois = preg_replace('#(\s)(http:/{2}[^\s]*)(\s)#', '\1<a href="\2" target="_blank">\2</a>\3', $ipwhois);
+				$ipwhois = preg_replace('#(\s)(http:/{2}[^\s]*)(\s)#', '\1<a href="\2">\2</a>\3', $ipwhois);
 			}
 
 			$template->assign_vars(array(
@@ -75,6 +75,7 @@ class acp_users
 
 				'S_SELECT_USER'		=> true,
 				'U_FIND_USERNAME'	=> append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&amp;form=select_user&amp;field=username'),
+				'UA_FIND_USERNAME'	=> append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=select_user&field=username', false),
 				)
 			);
 
@@ -241,8 +242,8 @@ class acp_users
 
 							user_ban(substr($action, 3), $ban, 0, 0, 0, $user->lang[$reason]);
 
-							add_log('admin', $log, $user->lang[$reason]);
+							add_log('admin', $log, $user->lang[$reason], implode(', ', $ban));
-							add_log('user', $user_id, $log, $user->lang[$reason]);
+							add_log('user', $user_id, $log, $user->lang[$reason], implode(', ', $ban));
 
 							trigger_error($user->lang['BAN_SUCCESSFUL'] . adm_back_link($this->u_action . '&amp;u=' . $user_id));
 
@@ -1558,7 +1559,7 @@ class acp_users
 					$message_parser = new parse_message($signature);
 
 					// Allowing Quote BBCode
-					$message_parser->parse($enable_bbcode, $enable_urls, $enable_smilies, $config['allow_sig_img'], $config['allow_sig_flash'], true, true, 'sig');
+					$message_parser->parse($enable_bbcode, ($config['allow_sig_links']) ? $enable_urls : false, $enable_smilies, $config['allow_sig_img'], $config['allow_sig_flash'], true, $config['allow_sig_links'], true, 'sig');
 						
 					if (sizeof($message_parser->warn_msg))
 					{
@@ -1606,17 +1607,19 @@ class acp_users
 					'S_SMILIES_CHECKED'		=> (!$enable_smilies) ? 'checked="checked"' : '',
 					'S_MAGIC_URL_CHECKED'	=> (!$enable_urls) ? 'checked="checked"' : '',
 
-					'BBCODE_STATUS'			=> ($config['allow_sig_bbcode']) ? sprintf($user->lang['BBCODE_IS_ON'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '" onclick="target=\'_phpbbcode\';">', '</a>') : sprintf($user->lang['BBCODE_IS_OFF'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '" onclick="target=\'_phpbbcode\';">', '</a>'),
+					'BBCODE_STATUS'			=> ($config['allow_sig_bbcode']) ? sprintf($user->lang['BBCODE_IS_ON'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>') : sprintf($user->lang['BBCODE_IS_OFF'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>'),
 					'SMILIES_STATUS'		=> ($config['allow_sig_smilies']) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'],
 					'IMG_STATUS'			=> ($config['allow_sig_img']) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'],
 					'FLASH_STATUS'			=> ($config['allow_sig_flash']) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'],
+					'URL_STATUS'			=> ($config['allow_sig_links']) ? $user->lang['URL_IS_ON'] : $user->lang['URL_IS_OFF'],
 
 					'L_SIGNATURE_EXPLAIN'	=> sprintf($user->lang['SIGNATURE_EXPLAIN'], $config['max_sig_chars']),
 
 					'S_BBCODE_ALLOWED'		=> $config['allow_sig_bbcode'], 
 					'S_SMILIES_ALLOWED'		=> $config['allow_sig_smilies'],
 					'S_BBCODE_IMG'			=> ($config['allow_sig_img']) ? true : false,
-					'S_BBCODE_FLASH'		=> ($config['allow_sig_flash']) ? true : false)
+					'S_BBCODE_FLASH'		=> ($config['allow_sig_flash']) ? true : false,
+					'S_LINKS_ALLOWED'		=> ($config['allow_sig_links']) ? true : false)
 				);
 
 				// Assigning custom bbcodes

phpBB/includes/constants.php

@@ -61,6 +61,19 @@ define('ITEM_UNLOCKED', 0);
 define('ITEM_LOCKED', 1);
 define('ITEM_MOVED', 2);
 
+// Forum Flags
+define('FORUM_FLAG_LINK_TRACK', 1);
+define('FORUM_FLAG_PRUNE_POLL', 2);
+define('FORUM_FLAG_PRUNE_ANNOUNCE', 4);
+define('FORUM_FLAG_PRUNE_STICKY', 8);
+define('FORUM_FLAG_ACTIVE_TOPICS', 16);
+define('FORUM_FLAG_POST_REVIEW', 32);
+
+// Optional text flags
+define('OPTION_FLAG_BBCODE', 1);
+define('OPTION_FLAG_SMILIES', 2);
+define('OPTION_FLAG_LINKS', 4);
+
 // Topic types
 define('POST_NORMAL', 0);
 define('POST_STICKY', 1);

phpBB/includes/functions.php

@@ -2146,21 +2146,10 @@ function decode_message(&$message, $bbcode_uid = '')
 
 	$message = str_replace($match, $replace, $message);
 
-	$match = array(
+	$match = get_preg_expression('bbcode_htm');
-		'#<!\-\- e \-\-><a href="mailto:(.*?)">.*?</a><!\-\- e \-\->#',
+	$replace = array('\1', '\2', '\1', '', '');
-		'#<!\-\- m \-\-><a href="(.*?)" target="_blank">.*?</a><!\-\- m \-\->#',
-		'#<!\-\- w \-\-><a href="http:\/\/(.*?)" target="_blank">.*?</a><!\-\- w \-\->#',
-		'#<!\-\- l \-\-><a href="(.*?)">.*?</a><!\-\- l \-\->#',
-		'#<!\-\- s(.*?) \-\-><img src="\{SMILIES_PATH\}\/.*? \/><!\-\- s\1 \-\->#',
-		'#<!\-\- .*? \-\->#s',
-		'#<.*?>#s'
-	);
-	
-	$replace = array('\1', '\1', '\1', '\1', '\1', '', '');
 
 	$message = preg_replace($match, $replace, $message);
-
-	return;
 }
 
 /**
@@ -2175,17 +2164,8 @@ function strip_bbcode(&$text, $uid = '')
 
 	$text = preg_replace("#\[\/?[a-z0-9\*\+\-]+(?:=.*?)?(?::[a-z])?(\:?$uid)\]#", ' ', $text);
 
-	$match = array(
+	$match = get_preg_expression('bbcode_htm');
-		'#<!\-\- e \-\-><a href="mailto:(.*?)">.*?</a><!\-\- e \-\->#',
+	$replace = array('\1', '\2', '\1', '', '');
-		'#<!\-\- m \-\-><a href="(.*?)" target="_blank">.*?</a><!\-\- m \-\->#',
-		'#<!\-\- w \-\-><a href="http:\/\/(.*?)" target="_blank">.*?</a><!\-\- w \-\->#',
-		'#<!\-\- l \-\-><a href="(.*?)">.*?</a><!\-\- l \-\->#',
-		'#<!\-\- s(.*?) \-\-><img src="\{SMILIES_PATH\}\/.*? \/><!\-\- s\1 \-\->#',
-		'#<!\-\- .*? \-\->#s',
-		'#<.*?>#s'
-	);
-	
-	$replace = array('\1', '\1', '\1', '\1', '\1', '', '');
 	
 	$text = preg_replace($match, $replace, $text);
 }
@@ -2206,7 +2186,7 @@ function generate_text_for_display($text, $uid, $bitfield, $flags)
 	$text = str_replace("\n", '<br />', censor_text($text));
 
 	// Parse bbcode if bbcode uid stored and bbcode enabled
-	if ($uid && ($flags & 1))
+	if ($uid && ($flags & OPTION_FLAG_BBCODE))
 	{
 		if (!class_exists('bbcode'))
 		{
@@ -2226,7 +2206,7 @@ function generate_text_for_display($text, $uid, $bitfield, $flags)
 		$bbcode->bbcode_second_pass($text, $uid);
 	}
 
-	$text = smiley_text($text, !($flags & 2));
+	$text = smiley_text($text, !($flags & OPTION_FLAG_SMILIES));
 
 	return $text;
 }
@@ -2282,9 +2262,9 @@ function generate_text_for_edit($text, $uid, $flags)
 	decode_message($text, $uid);
 
 	return array(
-		'allow_bbcode'	=> ($flags & 1) ? 1 : 0,
+		'allow_bbcode'	=> ($flags & OPTION_FLAG_BBCODE) ? 1 : 0,
-		'allow_smilies'	=> ($flags & 2) ? 1 : 0,
+		'allow_smilies'	=> ($flags & OPTION_FLAG_SMILIES) ? 1 : 0,
-		'allow_urls'	=> ($flags & 4) ? 1 : 0,
+		'allow_urls'	=> ($flags & OPTION_FLAG_LINKS) ? 1 : 0,
 		'text'			=> $text
 	);
 }
@@ -2317,11 +2297,11 @@ function make_clickable($text, $server_url = false)
 
 		// matches a xxxx://aaaaa.bbb.cccc. ...
 		$magic_url_match[] = '#(^|[\n ]|\()([\w]+:/{2}.*?([^[ \t\n\r<"\'\)&]+|&(?!lt;|quot;))*)#ie';
-		$magic_url_replace[] = "'\$1<!-- m --><a href=\"\$2\" target=\"_blank\">' . ((strlen('\$2') > 55) ? substr(str_replace('&amp;', '&', '\$2'), 0, 39) . ' ... ' . substr(str_replace('&amp;', '&', '\$2'), -10) : '\$2') . '</a><!-- m -->'";
+		$magic_url_replace[] = "'\$1<!-- m --><a href=\"\$2\">' . ((strlen('\$2') > 55) ? substr(str_replace('&amp;', '&', '\$2'), 0, 39) . ' ... ' . substr(str_replace('&amp;', '&', '\$2'), -10) : '\$2') . '</a><!-- m -->'";
 
 		// matches a "www.xxxx.yyyy[/zzzz]" kinda lazy URL thing
 		$magic_url_match[] = '#(^|[\n ]|\()(w{3}\.[\w\-]+\.[\w\-.\~]+(?:[^[ \t\n\r<"\'\)&]+|&(?!lt;|quot;))*)#ie';
-		$magic_url_replace[] = "'\$1<!-- w --><a href=\"http://\$2\" target=\"_blank\">' . ((strlen('\$2') > 55) ? substr(str_replace('&amp;', '&', '\$2'), 0, 39) . ' ... ' . substr(str_replace('&amp;', '&', '\$2'), -10) : '\$2') . '</a><!-- w -->'";
+		$magic_url_replace[] = "'\$1<!-- w --><a href=\"http://\$2\">' . ((strlen('\$2') > 55) ? substr(str_replace('&amp;', '&', '\$2'), 0, 39) . ' ... ' . substr(str_replace('&amp;', '&', '\$2'), -10) : '\$2') . '</a><!-- w -->'";
 
 		// matches an email@domain type address at the start of a line, or after a space or after what might be a BBCode.
 		$magic_url_match[] = '/(^|[\n ]|\()(' . get_preg_expression('email') . ')/ie';
@@ -2336,19 +2316,18 @@ function make_clickable($text, $server_url = false)
 */
 function censor_text($text)
 {
-	global $censors, $user, $cache;
+	static $censors;
+	global $cache;
 
-	if (!isset($censors))
+	if (!isset($censors) || !is_array($censors))
 	{
 		$censors = array();
 
-		if ($user->optionget('viewcensors'))
+		// obtain_word_list is taking care of the users censor option and the board-wide option
-		{
 		$cache->obtain_word_list($censors);
 	}
-	}
 
-	if (sizeof($censors) && $user->optionget('viewcensors'))
+	if (sizeof($censors))
 	{
 		return preg_replace($censors['match'], $censors['replace'], $text);
 	}
@@ -2645,8 +2624,8 @@ function get_backtrace()
 
 /**
 * This function returns a regular expression pattern for commonly used expressions
-* Use with / as delimiter
+* Use with / as delimiter for email mode
-* mode can be: email|
+* mode can be: email|bbcode_htm
 */
 function get_preg_expression($mode)
 {
@@ -2655,6 +2634,16 @@ function get_preg_expression($mode)
 		case 'email':
 			return '[a-z0-9&\'\.\-_\+]+@[a-z0-9\-]+\.([a-z0-9\-]+\.)*[a-z]+';
 		break;
+
+		case 'bbcode_htm':
+			return array(
+				'#<!\-\- e \-\-><a href="mailto:(.*?)">.*?</a><!\-\- e \-\->#',
+				'#<!\-\- (l|m|w) \-\-><a href="(.*?)">.*?</a><!\-\- \1 \-\->#',
+				'#<!\-\- s(.*?) \-\-><img src="\{SMILIES_PATH\}\/.*? \/><!\-\- s\1 \-\->#',
+				'#<!\-\- .*? \-\->#s',
+				'#<.*?>#s',
+			);
+		break;
 	}
 
 	return '';
@@ -3154,7 +3143,7 @@ function page_header($page_title = '', $display_online_list = true)
 		'S_CONTENT_DIR_LEFT'	=> $user->lang['LEFT'],
 		'S_CONTENT_DIR_RIGHT'	=> $user->lang['RIGHT'],
 		'S_TIMEZONE'			=> ($user->data['user_dst'] || ($user->data['user_id'] == ANONYMOUS && $config['board_dst'])) ? sprintf($user->lang['ALL_TIMES'], $user->lang['tz'][$tz], $user->lang['tz']['dst']) : sprintf($user->lang['ALL_TIMES'], $user->lang['tz'][$tz], ''),
-		'S_DISPLAY_ONLINE_LIST'	=> ($config['load_online']) ? 1 : 0,
+		'S_DISPLAY_ONLINE_LIST'	=> ($l_online_time) ? 1 : 0,
 		'S_DISPLAY_SEARCH'		=> (!$config['load_search']) ? 0 : (isset($auth) ? ($auth->acl_get('u_search') && $auth->acl_getf_global('f_search')) : 1),
 		'S_DISPLAY_PM'			=> ($config['allow_privmsg'] && $user->data['is_registered']) ? 1 : 0,
 		'S_DISPLAY_MEMBERLIST'	=> (isset($auth)) ? $auth->acl_get('u_viewprofile') : 0,

phpBB/includes/functions_admin.php

@@ -1782,12 +1782,12 @@ function prune($forum_id, $prune_mode, $prune_date, $prune_flags = 0, $auto_sync
 
 	$sql_and = '';
 
-	if (!($prune_flags & 4))
+	if (!($prune_flags & FORUM_FLAG_PRUNE_ANNOUNCE))
 	{
 		$sql_and .= ' AND topic_type <> ' . POST_ANNOUNCE;
 	}
 
-	if (!($prune_flags & 8))
+	if (!($prune_flags & FORUM_FLAG_PRUNE_STICKY))
 	{
 		$sql_and .= ' AND topic_type <> ' . POST_STICKY;
 	}
@@ -1816,7 +1816,7 @@ function prune($forum_id, $prune_mode, $prune_date, $prune_flags = 0, $auto_sync
 	}
 	$db->sql_freeresult($result);
 
-	if ($prune_flags & 2)
+	if ($prune_flags & FORUM_FLAG_PRUNE_POLL)
 	{
 		$sql = 'SELECT topic_id
 			FROM ' . TOPICS_TABLE . '

phpBB/includes/functions_display.php

@@ -44,7 +44,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod
 	}
 
 	// Display list of active topics for this category?
-	$show_active = (isset($root_data['forum_flags']) && $root_data['forum_flags'] & 16) ? true : false;
+	$show_active = (isset($root_data['forum_flags']) && ($root_data['forum_flags'] & FORUM_FLAG_ACTIVE_TOPICS)) ? true : false;
 
 	$sql_from = FORUMS_TABLE . ' f ';
 	$lastread_select = $sql_lastread = '';
@@ -126,7 +126,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod
 		}
 
 		// Display active topics from this forum?
-		if ($show_active && $row['forum_type'] == FORUM_POST && $auth->acl_get('f_read', $forum_id) && ($row['forum_flags'] & 16))
+		if ($show_active && $row['forum_type'] == FORUM_POST && $auth->acl_get('f_read', $forum_id) && ($row['forum_flags'] & FORUM_FLAG_ACTIVE_TOPICS))
 		{
 			if (!isset($active_forum_ary['forum_topics']))
 			{
@@ -328,7 +328,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod
 		}
 
 		$l_post_click_count = ($row['forum_type'] == FORUM_LINK) ? 'CLICKS' : 'POSTS';
-		$post_click_count = ($row['forum_type'] != FORUM_LINK || $row['forum_flags'] & 1) ? $row['forum_posts'] : '';
+		$post_click_count = ($row['forum_type'] != FORUM_LINK || $row['forum_flags'] & FORUM_FLAG_LINK_TRACK) ? $row['forum_posts'] : '';
 
 		$template->assign_block_vars('forumrow', array(
 			'S_IS_CAT'			=> false,
@@ -354,7 +354,7 @@ function display_forums($root_data = '', $display_moderators = true, $return_mod
 			'L_FORUM_FOLDER_ALT'	=> $folder_alt,
 			'L_MODERATOR_STR'		=> $l_moderator,
 
-			'U_VIEWFORUM'		=> ($row['forum_type'] != FORUM_LINK || $row['forum_flags'] & 1) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']) : $row['forum_link'],
+			'U_VIEWFORUM'		=> ($row['forum_type'] != FORUM_LINK || ($row['forum_flags'] & FORUM_FLAG_LINK_TRACK)) ? append_sid("{$phpbb_root_path}viewforum.$phpEx", 'f=' . $row['forum_id']) : $row['forum_link'],
 			'U_LAST_POSTER'		=> $last_poster_url,
 			'U_LAST_POST'		=> $last_post_url)
 		);
@@ -698,14 +698,60 @@ function display_attachments($forum_id, $blockname, &$attachment_data, &$update_
 		'attachment_tpl'	=> 'attachment.html')
 	);
 
+	if (!sizeof($attachment_data))
+	{
+		return array();
+	}
+
 	if (empty($extensions) || !is_array($extensions))
 	{
 		$extensions = array();
 		$cache->obtain_attach_extensions($extensions);
 	}
 
+	// Look for missing attachment informations...
+	$attach_ids = array();
+	foreach ($attachment_data as $pos => $attachment)
+	{
+		// If is_orphan is set, we need to retrieve the attachments again...
+		if (!isset($attachment['extension']) && !isset($attachment['physical_filename']))
+		{
+			$attach_ids[(int) $attachment['attach_id']] = $pos;
+		}
+	}
+
+	if (sizeof($attach_ids))
+	{
+		global $db;
+
+		$attachment_data = array();
+
+		$sql = 'SELECT *
+			FROM ' . ATTACHMENTS_TABLE . '
+			WHERE ' . $db->sql_in_set('attach_id', array_keys($attach_ids));
+		$result = $db->sql_query($sql);
+
+		while ($row = $db->sql_fetchrow($result))
+		{
+			if (!isset($attach_ids[$row['attach_id']]))
+			{
+				continue;
+			}
+
+			$attachment_data[$attach_ids[$row['attach_id']]] = $row;
+		}
+		$db->sql_freeresult($result);
+
+		ksort($attachment_data);
+	}
+
 	foreach ($attachment_data as $attachment)
 	{
+		if (!sizeof($attachment))
+		{
+			continue;
+		}
+
 		// We need to reset/empty the _file block var, because this function might be called more than once
 		$template->destroy_block_vars('_file');
 

phpBB/includes/functions_posting.php

@@ -113,16 +113,31 @@ function update_post_information($type, $ids, $return_update_sql = false)
 
 	$update_sql = $empty_forums = array();
 
+	if (sizeof($ids) == 1)
+	{
+		$sql = 'SELECT MAX(post_id) as last_post_id
+			FROM ' . POSTS_TABLE . '
+			WHERE post_approved = 1
+				AND ' . $db->sql_in_set($type . '_id', $ids);
+	}
+	else
+	{
 		$sql = 'SELECT ' . $type . '_id, MAX(post_id) as last_post_id
 			FROM ' . POSTS_TABLE . '
 			WHERE post_approved = 1
 				AND ' . $db->sql_in_set($type . '_id', $ids) . "
 			GROUP BY {$type}_id";
+	}
 	$result = $db->sql_query($sql);
 
 	$last_post_ids = array();
 	while ($row = $db->sql_fetchrow($result))
 	{
+		if (sizeof($ids) == 1)
+		{
+			$row[$type . '_id'] = $ids[0];
+		}
+
 		if ($type == 'forum')
 		{
 			$empty_forums[] = $row['forum_id'];
@@ -315,7 +330,7 @@ function upload_attachment($form_name, $forum_id, $local = false, $local_storage
 
 	if (!$filedata['post_attach'])
 	{
-		$filedata['error'][] = 'No filedata found';
+		$filedata['error'][] = $user->lang['NO_UPLOAD_FORM_FOUND'];
 		return $filedata;
 	}
 
@@ -334,6 +349,16 @@ function upload_attachment($form_name, $forum_id, $local = false, $local_storage
 
 	$cat_id = (isset($extensions[$file->get('extension')]['display_cat'])) ? $extensions[$file->get('extension')]['display_cat'] : ATTACHMENT_CATEGORY_NONE;
 
+	// Make sure the image category only holds valid images...
+	if ($cat_id == ATTACHMENT_CATEGORY_IMAGE && !$file->is_image())
+	{
+		$file->remove();
+
+		// If this error occurs a user tried to exploit an IE Bug by renaming extensions
+		// Since the image category is displaying content inline we need to catch this.
+		trigger_error($user->lang['UNABLE_GET_IMAGE_SIZE']);
+	}
+
 	// Do we have to create a thumbnail?
 	$filedata['thumbnail'] = ($cat_id == ATTACHMENT_CATEGORY_IMAGE && $config['img_create_thumbnail']) ? 1 : 0;
 
@@ -645,7 +670,7 @@ function posting_gen_inline_attachments(&$attachment_data)
 
 		foreach ($attachment_data as $i => $attachment)
 		{
-			$s_inline_attachment_options .= '<option value="' . $i . '">' . $attachment['real_filename'] . '</option>';
+			$s_inline_attachment_options .= '<option value="' . $i . '">' . basename($attachment['real_filename']) . '</option>';
 		}
 
 		$template->assign_var('S_INLINE_ATTACHMENT_OPTIONS', $s_inline_attachment_options);
@@ -661,7 +686,7 @@ function posting_gen_inline_attachments(&$attachment_data)
 */
 function posting_gen_attachment_entry(&$attachment_data, &$filename_data)
 {
-	global $template, $config, $phpbb_root_path, $phpEx;
+	global $template, $config, $phpbb_root_path, $phpEx, $user;
 
 	$template->assign_vars(array(
 		'S_SHOW_ATTACH_BOX'	=> true)
@@ -684,13 +709,13 @@ function posting_gen_attachment_entry(&$attachment_data, &$filename_data)
 				$hidden .= '<input type="hidden" name="attachment_data[' . $count . '][' . $key . ']" value="' . $value . '" />';
 			}
 
-			$download_link = (!$attach_row['attach_id']) ? $phpbb_root_path . $config['upload_path'] . '/' . basename($attach_row['physical_filename']) : append_sid("{$phpbb_root_path}download.$phpEx", 'id=' . (int) $attach_row['attach_id']);
+			$download_link = append_sid("{$phpbb_root_path}download.$phpEx", 'id=' . (int) $attach_row['attach_id'], false, ($attach_row['is_orphan']) ? $user->session_id : false);
 
 			$template->assign_block_vars('attach_row', array(
 				'FILENAME'			=> basename($attach_row['real_filename']),
-				'ATTACH_FILENAME'	=> basename($attach_row['physical_filename']),
 				'FILE_COMMENT'		=> $attach_row['attach_comment'],
 				'ATTACH_ID'			=> $attach_row['attach_id'],
+				'S_IS_ORPHAN'		=> $attach_row['is_orphan'],
 				'ASSOC_INDEX'		=> $count,
 
 				'U_VIEW_ATTACHMENT'	=> $download_link,
@@ -928,8 +953,8 @@ function user_notification($mode, $subject, $topic_title, $forum_name, $forum_id
 {
 	global $db, $user, $config, $phpbb_root_path, $phpEx, $auth;
 
-	$topic_notification = ($mode == 'reply' || $mode == 'quote');
+	$topic_notification = ($mode == 'reply' || $mode == 'quote') ? true : false;
-	$forum_notification = ($mode == 'post');
+	$forum_notification = ($mode == 'post') ? true : false;
 
 	if (!$topic_notification && !$forum_notification)
 	{
@@ -1390,7 +1415,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u
 				'post_text'			=> $data['message'],
 				'post_checksum'		=> $data['message_md5'],
 				'post_encoding'		=> $user->lang['ENCODING'],
-				'post_attachment'	=> (isset($data['filename_data']['physical_filename']) && sizeof($data['filename_data'])) ? 1 : 0,
+				'post_attachment'	=> (sizeof($data['attachment_data'])) ? 1 : 0,
 				'bbcode_bitfield'	=> $data['bbcode_bitfield'],
 				'bbcode_uid'		=> $data['bbcode_uid'],
 				'post_postcount'	=> ($auth->acl_get('f_postcount', $data['forum_id'])) ? 1 : 0,
@@ -1444,7 +1469,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u
 				'post_edit_user'	=> (int) $data['post_edit_user'],
 				'post_checksum'		=> $data['message_md5'],
 				'post_encoding'		=> $user->lang['ENCODING'],
-				'post_attachment'	=> (isset($data['filename_data']['physical_filename']) && sizeof($data['filename_data'])) ? 1 : 0,
+				'post_attachment'	=> (sizeof($data['attachment_data'])) ? 1 : 0,
 				'bbcode_bitfield'	=> $data['bbcode_bitfield'],
 				'bbcode_uid'		=> $data['bbcode_uid'],
 				'post_edit_locked'	=> $data['post_edit_locked'])
@@ -1473,7 +1498,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u
 				'topic_first_poster_colour'	=> (($user->data['user_id'] != ANONYMOUS) ? $user->data['user_colour'] : ''),
 				'topic_type'				=> $topic_type,
 				'topic_time_limit'			=> ($topic_type == POST_STICKY || $topic_type == POST_ANNOUNCE) ? ($data['topic_time_limit'] * 86400) : 0,
-				'topic_attachment'			=> (isset($data['filename_data']['physical_filename']) && sizeof($data['filename_data'])) ? 1 : 0
+				'topic_attachment'			=> (sizeof($data['attachment_data'])) ? 1 : 0,
 			);
 
 			if (isset($poll['poll_options']) && !empty($poll['poll_options']))
@@ -1526,7 +1551,7 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u
 				'poll_length'				=> (isset($poll['poll_options'])) ? ($poll['poll_length'] * 86400) : 0,
 				'poll_vote_change'			=> (isset($poll['poll_vote_change'])) ? $poll['poll_vote_change'] : 0,
 
-				'topic_attachment'			=> ($post_mode == 'edit_topic') ? ((isset($data['filename_data']['physical_filename']) && sizeof($data['filename_data'])) ? 1 : 0) : (isset($data['topic_attachment']) ? $data['topic_attachment'] : 0)
+				'topic_attachment'			=> (sizeof($data['attachment_data'])) ? 1 : (isset($data['topic_attachment']) ? $data['topic_attachment'] : 0),
 			);
 		break;
 	}
@@ -1717,65 +1742,79 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u
 	if (sizeof($data['attachment_data']) && $data['post_id'] && in_array($mode, array('post', 'reply', 'quote', 'edit')))
 	{
 		$space_taken = $files_added = 0;
+		$orphan_rows = array();
 
 		foreach ($data['attachment_data'] as $pos => $attach_row)
 		{
-			if ($attach_row['attach_id'])
+			$orphan_rows[(int) $attach_row['attach_id']] = array();
+		}
+
+		if (sizeof($orphan_rows))
+		{
+			$sql = 'SELECT attach_id, filesize, physical_filename
+				FROM ' . ATTACHMENTS_TABLE . '
+				WHERE ' . $db->sql_in_set('attach_id', array_keys($orphan_rows)) . '
+					AND is_orphan = 1
+					AND poster_id = ' . $user->data['user_id'];
+			$result = $db->sql_query($sql);
+
+			$orphan_rows = array();
+			while ($row = $db->sql_fetchrow($result))
+			{
+				$orphan_rows[$row['attach_id']] = $row;
+			}
+			$db->sql_freeresult($result);
+		}
+
+		foreach ($data['attachment_data'] as $pos => $attach_row)
+		{
+			if ($attach_row['is_orphan'] && !in_array($attach_row['attach_id'], array_keys($orphan_rows)))
+			{
+				continue;
+			}
+
+			if (!$attach_row['is_orphan'])
 			{
 				// update entry in db if attachment already stored in db and filespace
 				$sql = 'UPDATE ' . ATTACHMENTS_TABLE . "
 					SET attach_comment = '" . $db->sql_escape($attach_row['attach_comment']) . "'
-					WHERE attach_id = " . (int) $attach_row['attach_id'];
+					WHERE attach_id = " . (int) $attach_row['attach_id'] . '
+						AND is_orphan = 0';
 				$db->sql_query($sql);
 			}
 			else
 			{
 				// insert attachment into db
-				if (!@file_exists($phpbb_root_path . $config['upload_path'] . '/' . basename($attach_row['physical_filename'])))
+				if (!@file_exists($phpbb_root_path . $config['upload_path'] . '/' . basename($orphan_rows[$attach_row['attach_id']]['physical_filename'])))
 				{
 					continue;
 				}
 
+				$space_taken += $orphan_rows[$attach_row['attach_id']]['filesize'];
+				$files_added++;
+
 				$attach_sql = array(
 					'post_msg_id'		=> $data['post_id'],
 					'topic_id'			=> $data['topic_id'],
-					'in_message'		=> 0,
+					'is_orphan'			=> 0,
 					'poster_id'			=> $poster_id,
-					'physical_filename'	=> basename($attach_row['physical_filename']),
-					'real_filename'		=> basename($attach_row['real_filename']),
 					'attach_comment'	=> $attach_row['attach_comment'],
-					'extension'			=> $attach_row['extension'],
-					'mimetype'			=> $attach_row['mimetype'],
-					'filesize'			=> $attach_row['filesize'],
-					'filetime'			=> $attach_row['filetime'],
-					'thumbnail'			=> $attach_row['thumbnail']
 				);
 
-				$sql = 'INSERT INTO ' . ATTACHMENTS_TABLE . ' ' .
+				$sql = 'UPDATE ' . ATTACHMENTS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $attach_sql) . '
-					$db->sql_build_array('INSERT', $attach_sql);
+					WHERE attach_id = ' . $attach_row['attach_id'] . '
+						AND is_orphan = 1
+						AND poster_id = ' . $user->data['user_id'];
 				$db->sql_query($sql);
-
-				$space_taken += $attach_row['filesize'];
-				$files_added++;
 			}
 		}
 
-		if (sizeof($data['attachment_data']))
+		if ($space_taken && $files_added)
 		{
-			$sql = 'UPDATE ' . POSTS_TABLE . '
-				SET post_attachment = 1
-				WHERE post_id = ' . $data['post_id'];
-			$db->sql_query($sql);
-
-			$sql = 'UPDATE ' . TOPICS_TABLE . '
-				SET topic_attachment = 1
-				WHERE topic_id = ' . $data['topic_id'];
-			$db->sql_query($sql);
-		}
-
 			set_config('upload_dir_size', $config['upload_dir_size'] + $space_taken, true);
 			set_config('num_files', $config['num_files'] + $files_added, true);
 		}
+	}
 
 	$db->sql_transaction('commit');
 

phpBB/includes/functions_privmsgs.php

@@ -1324,7 +1324,7 @@ function submit_pm($mode, $subject, &$data, $update_message, $put_in_outbox = tr
 				'message_subject'	=> $subject,
 				'message_text'		=> $data['message'],
 				'message_encoding'	=> $user->lang['ENCODING'],
-				'message_attachment'=> (isset($data['filename_data']['physical_filename']) && sizeof($data['filename_data'])) ? 1 : 0,
+				'message_attachment'=> (sizeof($data['attachment_data'])) ? 1 : 0,
 				'bbcode_bitfield'	=> $data['bbcode_bitfield'],
 				'bbcode_uid'		=> $data['bbcode_uid'],
 				'to_address'		=> implode(':', $to),
@@ -1343,7 +1343,7 @@ function submit_pm($mode, $subject, &$data, $update_message, $put_in_outbox = tr
 				'message_subject'	=> $subject,
 				'message_text'		=> $data['message'],
 				'message_encoding'	=> $user->lang['ENCODING'],
-				'message_attachment'=> (isset($data['filename_data']['physical_filename']) && sizeof($data['filename_data'])) ? 1 : 0,
+				'message_attachment'=> (sizeof($data['attachment_data'])) ? 1 : 0,
 				'bbcode_bitfield'	=> $data['bbcode_bitfield'],
 				'bbcode_uid'		=> $data['bbcode_uid']
 			);
@@ -1448,52 +1448,74 @@ function submit_pm($mode, $subject, &$data, $update_message, $put_in_outbox = tr
 	if (!empty($data['attachment_data']) && $data['msg_id'] && in_array($mode, array('post', 'reply', 'quote', 'quotepost', 'edit', 'forward')))
 	{
 		$space_taken = $files_added = 0;
+		$orphan_rows = array();
 
 		foreach ($data['attachment_data'] as $pos => $attach_row)
 		{
-			if ($attach_row['attach_id'])
+			$orphan_rows[(int) $attach_row['attach_id']] = array();
+		}
+
+		if (sizeof($orphan_rows))
+		{
+			$sql = 'SELECT attach_id, filesize, physical_filename
+				FROM ' . ATTACHMENTS_TABLE . '
+				WHERE ' . $db->sql_in_set('attach_id', array_keys($orphan_rows)) . '
+					AND in_message = 1
+					AND is_orphan = 1
+					AND poster_id = ' . $user->data['user_id'];
+			$result = $db->sql_query($sql);
+
+			$orphan_rows = array();
+			while ($row = $db->sql_fetchrow($result))
+			{
+				$orphan_rows[$row['attach_id']] = $row;
+			}
+			$db->sql_freeresult($result);
+		}
+
+		foreach ($data['attachment_data'] as $pos => $attach_row)
+		{
+			if ($attach_row['is_orphan'] && !in_array($attach_row['attach_id'], array_keys($orphan_rows)))
+			{
+				continue;
+			}
+
+			if (!$attach_row['is_orphan'])
 			{
 				// update entry in db if attachment already stored in db and filespace
 				$sql = 'UPDATE ' . ATTACHMENTS_TABLE . "
 					SET attach_comment = '" . $db->sql_escape($attach_row['attach_comment']) . "'
-					WHERE attach_id = " . (int) $attach_row['attach_id'];
+					WHERE attach_id = " . (int) $attach_row['attach_id'] . '
+						AND is_orphan = 0';
 				$db->sql_query($sql);
 			}
 			else
 			{
 				// insert attachment into db
+				if (!@file_exists($phpbb_root_path . $config['upload_path'] . '/' . basename($orphan_rows[$attach_row['attach_id']]['physical_filename'])))
+				{
+					continue;
+				}
+
+				$space_taken += $orphan_rows[$attach_row['attach_id']]['filesize'];
+				$files_added++;
+
 				$attach_sql = array(
 					'post_msg_id'		=> $data['msg_id'],
 					'topic_id'			=> 0,
-					'in_message'		=> 1,
+					'is_orphan'			=> 0,
 					'poster_id'			=> $data['from_user_id'],
-					'physical_filename'	=> basename($attach_row['physical_filename']),
-					'real_filename'		=> basename($attach_row['real_filename']),
 					'attach_comment'	=> $attach_row['attach_comment'],
-					'extension'			=> $attach_row['extension'],
-					'mimetype'			=> $attach_row['mimetype'],
-					'filesize'			=> $attach_row['filesize'],
-					'filetime'			=> $attach_row['filetime'],
-					'thumbnail'			=> $attach_row['thumbnail']
 				);
 
-				$sql = 'INSERT INTO ' . ATTACHMENTS_TABLE . ' ' . 
+				$sql = 'UPDATE ' . ATTACHMENTS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $attach_sql) . '
-					$db->sql_build_array('INSERT', $attach_sql);
+					WHERE attach_id = ' . $attach_row['attach_id'] . '
+						AND is_orphan = 1
+						AND poster_id = ' . $user->data['user_id'];
 				$db->sql_query($sql);
-
-				$space_taken += $attach_row['filesize'];
-				$files_added++;
 			}
 		}
 
-		if (sizeof($data['attachment_data']))
-		{
-			$sql = 'UPDATE ' . PRIVMSGS_TABLE . '
-				SET message_attachment = 1
-				WHERE msg_id = ' . $data['msg_id'];
-			$db->sql_query($sql);
-		}
-
 		if ($space_taken && $files_added)
 		{
 			set_config('upload_dir_size', $config['upload_dir_size'] + $space_taken, true);

phpBB/includes/functions_upload.php

@@ -221,6 +221,8 @@ class filespec
 			return false;
 		}
 
+
+/*
 		// Adjust destination path (no trailing slash)
 		if ($destination{(sizeof($destination)-1)} == '/' || $destination{(sizeof($destination)-1)} == '\\')
 		{
@@ -232,13 +234,29 @@ class filespec
 		{
 			$destination = '';
 		}
+*/
 
+		// We need to trust the admin in specifying valid upload directories and an attacker not being able to overwrite it...
 		$this->destination_path = $phpbb_root_path . $destination;
 
+		// Check if the destination path exist...
+		if (!file_exists($this->destination_path))
+		{
+			@unlink($this->filename);
+			return false;
+		}
+
 		$upload_mode = (@ini_get('open_basedir') || @ini_get('safe_mode')) ? 'move' : 'copy';
 		$upload_mode = ($this->local) ? 'local' : $upload_mode;
 		$this->destination_file = $this->destination_path . '/' . basename($this->realname);
 
+		// Check if the file already exist, else there is something wrong...
+		if (file_exists($this->destination_file))
+		{
+			@unlink($this->filename);
+			return false;
+		}
+
 		switch ($upload_mode)
 		{
 			case 'copy':

phpBB/includes/functions_user.php

@@ -469,11 +469,6 @@ function user_active_flip($user_id, $user_type, $user_actkey = false, $username
 		'user_type'		=> ($user_type == USER_NORMAL) ? USER_INACTIVE : USER_NORMAL
 	);
 
-	if ($new_group_id == $group_id_ary[$group_name])
-	{
-		$sql_ary['group_id'] = $new_group_id;
-	}
-
 	if ($user_actkey !== false)
 	{
 		$sql_ary['user_actkey'] = $user_actkey;
@@ -483,6 +478,10 @@ function user_active_flip($user_id, $user_type, $user_actkey = false, $username
 		WHERE user_id = $user_id";
 	$db->sql_query($sql);
 
+	// Set the users default group from inactive to registered or registered to inactive
+	// only if the group id changed...
+	group_set_user_default($new_group_id, array($user_id));
+
 	$auth->acl_clear_prefetch($user_id);
 
 	if (!$no_log)
@@ -1344,7 +1343,21 @@ function avatar_upload($data, &$error)
 	}
 
 	$file->clean_filename('real', $data['user_id'] . '_');
-	$file->move_file($config['avatar_path']);
+
+	$destination = $config['avatar_path'];
+
+	if ($destination{(sizeof($destination)-1)} == '/' || $destination{(sizeof($destination)-1)} == '\\')
+	{
+		$destination = substr($destination, 0, sizeof($destination)-2);
+	}
+
+	$destination = str_replace(array('../', '..\\', './', '.\\'), '', $destination);
+	if ($destination && ($destination{0} == '/' || $destination{0} == "\\"))
+	{
+		$destination = '';
+	}
+
+	$file->move_file($destination);
 
 	if (sizeof($file->error))
 	{

phpBB/includes/mcp/mcp_post.php

@@ -42,7 +42,7 @@ function mcp_post_details($id, $mode, $action)
 			$whois = user_ipwhois($ip);
 			
 			$whois = preg_replace('#(\s)([\w\-\._\+]+@[\w\-\.]+)(\s)#', '\1<a href="mailto:\2">\2</a>\3', $whois);
-			$whois = preg_replace('#(\s)(http:/{2}[^\s]*)(\s)#', '\1<a href="\2" target="_blank">\2</a>\3', $whois);
+			$whois = preg_replace('#(\s)(http:/{2}[^\s]*)(\s)#', '\1<a href="\2">\2</a>\3', $whois);
 			
 			$template->assign_vars(array(
 				'RETURN_POST'	=> sprintf($user->lang['RETURN_POST'], '<a href="' . append_sid("{$phpbb_root_path}mcp.$phpEx", "i=$id&amp;mode=$mode&amp;p=$post_id") . '">', '</a>'),

phpBB/includes/mcp/mcp_topic.php

@@ -180,7 +180,7 @@ function mcp_topic_view($id, $mode, $action)
 		'U_VIEWTOPIC'		=> append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $topic_info['forum_id'] . '&t=' . $topic_info['topic_id']),
 
 		'TO_TOPIC_ID'		=> $to_topic_id,
-		'TO_TOPIC_INFO'		=> ($to_topic_id) ? sprintf($user->lang['YOU_SELECTED_TOPIC'], $to_topic_id, '<a href="' . append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $to_topic_info['forum_id'] . '&amp;t=' . $to_topic_id) . '" target="_new">' . $to_topic_info['topic_title'] . '</a>') : '',
+		'TO_TOPIC_INFO'		=> ($to_topic_id) ? sprintf($user->lang['YOU_SELECTED_TOPIC'], $to_topic_id, '<a href="' . append_sid("{$phpbb_root_path}viewtopic.$phpEx", 'f=' . $to_topic_info['forum_id'] . '&amp;t=' . $to_topic_id) . '">' . $to_topic_info['topic_title'] . '</a>') : '',
 
 		'SPLIT_SUBJECT'		=> $subject,
 		'POSTS_PER_PAGE'	=> $posts_per_page,

phpBB/includes/mcp/mcp_warn.php

@@ -403,7 +403,7 @@ function add_warning($userrow, $warning, $send_pm = true, $post_id = 0)
 		$message_parser = new parse_message();
 
 		$message_parser->message = sprintf($lang['WARNING_PM_BODY'], $warning);
-		$message_parser->parse(true, true, true, false, false, true);
+		$message_parser->parse(true, true, true, false, false, true, true);
 
 		$pm_data = array(
 			'from_user_id'			=> $user->data['user_id'],

phpBB/includes/message_parser.php

@@ -364,15 +364,11 @@ class bbcode_firstpass extends bbcode
 		// We remove the hardcoded elements from the code block here because it is not used in code blocks
 		// Having it here saves us one preg_replace per message containing [code] blocks
 		// Additionally, magic url parsing should go after parsing bbcodes, but for safety those are stripped out too...
-		$htm_match = array(
+		$htm_match = get_preg_expression('bbcode_htm');
-			'#<!\-\- e \-\-><a href="mailto:(.*?)">.*?</a><!\-\- e \-\->#',
+		$htm_match[3] = '#&\#([0-9]+);#';
-			'#<!\-\- m \-\-><a href="(.*?)" target="_blank">.*?</a><!\-\- m \-\->#',
+		unset($htm_match[4]);
-			'#<!\-\- w \-\-><a href="http:\/\/(.*?)" target="_blank">.*?</a><!\-\- w \-\->#',
+
-			'#<!\-\- l \-\-><a href="(.*?)">.*?</a><!\-\- l \-\->#',
+		$htm_replace = array('\1', '\2', '\1', '&amp;#\1;');
-			'#<!\-\- s(.*?) \-\-><img src="\{SMILIES_PATH\}\/.*? \/><!\-\- s\1 \-\->#',
-			'#&\#([0-9]+);#',
-		);
-		$htm_replace = array('\1', '\1', '\1', '\1', '\1', '&amp;#\1;');
 
 		$out = '';
 
@@ -853,6 +849,7 @@ class parse_message extends bbcode_firstpass
 	var $allow_img_bbcode = true;
 	var $allow_flash_bbcode = true;
 	var $allow_quote_bbcode = true;
+	var $allow_url_bbcode = true;
 
 	var $mode;
 
@@ -873,7 +870,7 @@ class parse_message extends bbcode_firstpass
 	/**
 	* Parse Message
 	*/
-	function parse($allow_bbcode, $allow_magic_url, $allow_smilies, $allow_img_bbcode = true, $allow_flash_bbcode = true, $allow_quote_bbcode = true, $update_this_message = true, $mode = 'post')
+	function parse($allow_bbcode, $allow_magic_url, $allow_smilies, $allow_img_bbcode = true, $allow_flash_bbcode = true, $allow_quote_bbcode = true, $allow_url_bbcode = true, $update_this_message = true, $mode = 'post')
 	{
 		global $config, $db, $user;
 
@@ -884,6 +881,7 @@ class parse_message extends bbcode_firstpass
 		$this->allow_img_bbcode = $allow_img_bbcode;
 		$this->allow_flash_bbcode = $allow_flash_bbcode;
 		$this->allow_quote_bbcode = $allow_quote_bbcode;
+		$this->allow_url_bbcode = $allow_url_bbcode;
 
 		// If false, then $this->message won't be altered, the text will be returned instead.
 		if (!$update_this_message)
@@ -920,7 +918,7 @@ class parse_message extends bbcode_firstpass
 		if ($allow_bbcode && strpos($this->message, '[') !== false)
 		{
 			$this->bbcode_init();
-			$disallow = array('img', 'flash', 'quote');
+			$disallow = array('img', 'flash', 'quote', 'url');
 			foreach ($disallow as $bool)
 			{
 				if (!${'allow_' . $bool . '_bbcode'})
@@ -991,7 +989,7 @@ class parse_message extends bbcode_firstpass
 		if ($this->message_status == 'plain')
 		{
 			// Force updating message - of course.
-			$this->parse($allow_bbcode, $allow_magic_url, $allow_smilies, $this->allow_img_bbcode, $this->allow_flash_bbcode, $this->allow_quote_bbcode, true);
+			$this->parse($allow_bbcode, $allow_magic_url, $allow_smilies, $this->allow_img_bbcode, $this->allow_flash_bbcode, $this->allow_quote_bbcode, $this->allow_url_bbcode, true);
 		}
 
 		// Parse BBcode
@@ -1100,7 +1098,7 @@ class parse_message extends bbcode_firstpass
 			{
 				// (assertion)
 				$match[] = '#(?<=^|[\n ]|\.)' . preg_quote($row['code'], '#') . '#';
-				$replace[] = '<!-- s' . $row['code'] . ' --><img src="{SMILIES_PATH}/' . $row['smiley_url'] . '" border="0" alt="' . $row['emotion'] . '" title="' . $row['emotion'] . '" /><!-- s' . $row['code'] . ' -->';
+				$replace[] = '<!-- s' . $row['code'] . ' --><img src="{SMILIES_PATH}/' . $row['smiley_url'] . '" alt="' . $row['emotion'] . '" title="' . $row['emotion'] . '" /><!-- s' . $row['code'] . ' -->';
 			}
 			$db->sql_freeresult($result);
 		}
@@ -1127,7 +1125,7 @@ class parse_message extends bbcode_firstpass
 	*/
 	function parse_attachments($form_name, $mode, $forum_id, $submit, $preview, $refresh, $is_message = false)
 	{
-		global $config, $auth, $user, $phpbb_root_path, $phpEx;
+		global $config, $auth, $user, $phpbb_root_path, $phpEx, $db;
 
 		$error = array();
 
@@ -1152,7 +1150,7 @@ class parse_message extends bbcode_firstpass
 
 				if ($filedata['post_attach'] && !sizeof($error))
 				{
-					$new_entry = array(
+					$sql_ary = array(
 						'physical_filename'	=> $filedata['physical_filename'],
 						'attach_comment'	=> $this->filename_data['filecomment'],
 						'real_filename'		=> $filedata['real_filename'],
@@ -1160,8 +1158,19 @@ class parse_message extends bbcode_firstpass
 						'mimetype'			=> $filedata['mimetype'],
 						'filesize'			=> $filedata['filesize'],
 						'filetime'			=> $filedata['filetime'],
-						'attach_id'			=> 0,
+						'thumbnail'			=> $filedata['thumbnail'],
-						'thumbnail'			=> $filedata['thumbnail']
+						'is_orphan'			=> 1,
+						'in_message'		=> ($is_message) ? 1 : 0,
+						'poster_id'			=> $user->data['user_id'],
+					);
+
+					$db->sql_query('INSERT INTO ' . ATTACHMENTS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
+
+					$new_entry = array(
+						'attach_id'		=> $db->sql_nextid(),
+						'is_orphan'		=> 1,
+						'real_filename'	=> $filedata['real_filename'],
+						'attach_comment'=> $this->filename_data['filecomment'],
 					);
 
 					$this->attachment_data = array_merge(array(0 => $new_entry), $this->attachment_data);
@@ -1195,14 +1204,31 @@ class parse_message extends bbcode_firstpass
 
 				$index = (int) key($_POST['delete_file']);
 
-				// delete selected attachment
+				if (!empty($this->attachment_data[$index]))
-				if (!$this->attachment_data[$index]['attach_id'])
 				{
-					phpbb_unlink($this->attachment_data[$index]['physical_filename'], 'file');
 
-					if ($this->attachment_data[$index]['thumbnail'])
+					// delete selected attachment
+					if ($this->attachment_data[$index]['is_orphan'])
 					{
-						phpbb_unlink($this->attachment_data[$index]['physical_filename'], 'thumbnail');
+						$sql = 'SELECT attach_id, physical_filename, thumbnail
+							FROM ' . ATTACHMENTS_TABLE . '
+							WHERE attach_id = ' . (int) $this->attachment_data[$index]['attach_id'] . '
+								AND is_orphan = 1
+								AND poster_id = ' . $user->data['user_id'];
+						$result = $db->sql_query($sql);
+						$row = $db->sql_fetchrow($result);
+						$db->sql_freeresult($result);
+
+						if ($row)
+						{
+							phpbb_unlink($row['physical_filename'], 'file');
+
+							if ($row['thumbnail'])
+							{
+								phpbb_unlink($row['physical_filename'], 'thumbnail');
+							}
+
+							$db->sql_query('DELETE FROM ' . ATTACHMENTS_TABLE . ' WHERE attach_id = ' . (int) $this->attachment_data[$index]['attach_id']);
 						}
 					}
 					else
@@ -1216,6 +1242,7 @@ class parse_message extends bbcode_firstpass
 					// Reindex Array
 					$this->attachment_data = array_values($this->attachment_data);
 				}
+			}
 			else if ($edit_comment || $add_file || $preview)
 			{
 				if ($edit_comment)
@@ -1236,7 +1263,7 @@ class parse_message extends bbcode_firstpass
 
 						if (!sizeof($error))
 						{
-							$new_entry = array(
+							$sql_ary = array(
 								'physical_filename'	=> $filedata['physical_filename'],
 								'attach_comment'	=> $this->filename_data['filecomment'],
 								'real_filename'		=> $filedata['real_filename'],
@@ -1244,8 +1271,19 @@ class parse_message extends bbcode_firstpass
 								'mimetype'			=> $filedata['mimetype'],
 								'filesize'			=> $filedata['filesize'],
 								'filetime'			=> $filedata['filetime'],
-								'attach_id'			=> 0,
+								'thumbnail'			=> $filedata['thumbnail'],
-								'thumbnail'			=> $filedata['thumbnail']
+								'is_orphan'			=> 1,
+								'in_message'		=> ($is_message) ? 1 : 0,
+								'poster_id'			=> $user->data['user_id'],
+							);
+
+							$db->sql_query('INSERT INTO ' . ATTACHMENTS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
+
+							$new_entry = array(
+								'attach_id'		=> $db->sql_nextid(),
+								'is_orphan'		=> 1,
+								'real_filename'	=> $filedata['real_filename'],
+								'attach_comment'=> $this->filename_data['filecomment'],
 							);
 
 							$this->attachment_data = array_merge(array(0 => $new_entry), $this->attachment_data);
@@ -1275,99 +1313,83 @@ class parse_message extends bbcode_firstpass
 		global $user, $db, $phpbb_root_path, $phpEx, $config;
 
 		$this->filename_data['filecomment'] = request_var('filecomment', '', true);
-		$this->attachment_data = (isset($_POST['attachment_data'])) ? $_POST['attachment_data'] : array();
+		$attachment_data = (isset($_POST['attachment_data'])) ? $_POST['attachment_data'] : array();
+		$this->attachment_data = array();
 
 		$check_user_id = ($check_user_id === false) ? $user->data['user_id'] : $check_user_id;
 
-		// Regenerate data array...
+		if (!sizeof($attachment_data))
-		$attach_ids = $filenames = array();
+		{
+			return;
+		}
 
-		foreach ($this->attachment_data as $pos => $var_ary)
+		$not_orphan = $orphan = array();
+
+		foreach ($attachment_data as $pos => $var_ary)
 		{
-			if ($var_ary['attach_id'])
+			if ($var_ary['is_orphan'])
 			{
-				$attach_ids[(int) $this->attachment_data[$pos]['attach_id']] = $pos;
+				$orphan[(int) $var_ary['attach_id']] = $pos;
 			}
 			else
 			{
-				$filenames[$pos] = '';
+				$not_orphan[(int) $var_ary['attach_id']] = $pos;
-				set_var($filenames[$pos], $this->attachment_data[$pos]['physical_filename'], 'string');
-				$filenames[$pos] = basename($filenames[$pos]);
 			}
 		}
 
-		$this->attachment_data = array();
+		// Regenerate already posted attachments
-
+		if (sizeof($not_orphan))
-		// Regenerate already posted attachments...
-		if (sizeof($attach_ids))
 		{
-			// Get the data from the attachments
+			// Get the attachment data, based on the poster id...
-			$sql = 'SELECT attach_id, physical_filename, real_filename, extension, mimetype, filesize, filetime, thumbnail
+			$sql = 'SELECT attach_id, is_orphan, real_filename, attach_comment
 				FROM ' . ATTACHMENTS_TABLE . '
-				WHERE ' . $db->sql_in_set('attach_id', array_keys($attach_ids)) . '
+				WHERE ' . $db->sql_in_set('attach_id', array_keys($not_orphan)) . '
 					AND poster_id = ' . $check_user_id;
 			$result = $db->sql_query($sql);
 
 			while ($row = $db->sql_fetchrow($result))
 			{
-				if (isset($attach_ids[$row['attach_id']]))
+				$pos = $not_orphan[$row['attach_id']];
-				{
-					$pos = $attach_ids[$row['attach_id']];
 				$this->attachment_data[$pos] = $row;
 				set_var($this->attachment_data[$pos]['attach_comment'], $_POST['attachment_data'][$pos]['attach_comment'], 'string', true);
 
-					unset($attach_ids[$row['attach_id']]);
+				unset($not_orphan[$row['attach_id']]);
-				}
 			}
 			$db->sql_freeresult($result);
+		}
 
-			if (sizeof($attach_ids))
+		if (sizeof($not_orphan))
 		{
 			trigger_error($user->lang['NO_ACCESS_ATTACHMENT'], E_USER_ERROR);
 		}
-		}
 
 		// Regenerate newly uploaded attachments
-		if (sizeof($filenames))
+		if (sizeof($orphan))
 		{
-			include_once($phpbb_root_path . 'includes/functions_upload.' . $phpEx);
+			$sql = 'SELECT attach_id, is_orphan, real_filename, attach_comment
-
-			$sql = 'SELECT attach_id
 				FROM ' . ATTACHMENTS_TABLE . '
-				WHERE ' . $db->sql_in_set('LOWER(physical_filename)', array_map('strtolower', $filenames));
+				WHERE ' . $db->sql_in_set('attach_id', array_keys($orphan)) . '
-			$result = $db->sql_query_limit($sql, 1);
+					AND poster_id = ' . $user->data['user_id'] . '
-			$row = $db->sql_fetchrow($result);
+					AND is_orphan = 1';
-			$db->sql_freeresult($result);
+			$result = $db->sql_query($sql);
 
-			if ($row)
+			while ($row = $db->sql_fetchrow($result))
+			{
+				$pos = $orphan[$row['attach_id']];
+				$this->attachment_data[$pos] = $row;
+				set_var($this->attachment_data[$pos]['attach_comment'], $_POST['attachment_data'][$pos]['attach_comment'], 'string', true);
+
+				unset($orphan[$row['attach_id']]);
+			}
+			$db->sql_freeresult($result);
+		}
+
+		if (sizeof($orphan))
 		{
 			trigger_error($user->lang['NO_ACCESS_ATTACHMENT'], E_USER_ERROR);
 		}
 
-			foreach ($filenames as $pos => $physical_filename)
+		ksort($this->attachment_data);
-			{
-				$this->attachment_data[$pos] = array(
-					'physical_filename'	=> $physical_filename,
-					'extension'			=> strtolower(filespec::get_extension($phpbb_root_path . $config['upload_path'] . '/' . $physical_filename)),
-					'filesize'			=> filespec::get_filesize($phpbb_root_path . $config['upload_path'] . '/' . $physical_filename),
-					'attach_id'			=> 0,
-					'thumbnail'			=> (file_exists($phpbb_root_path . $config['upload_path'] . '/thumb_' . $physical_filename)) ? 1 : 0,
-				);
-
-				set_var($this->attachment_data[$pos]['attach_comment'], $_POST['attachment_data'][$pos]['attach_comment'], 'string', true);
-				set_var($this->attachment_data[$pos]['real_filename'], $_POST['attachment_data'][$pos]['real_filename'], 'string', true);
-				set_var($this->attachment_data[$pos]['filetime'], $_POST['attachment_data'][$pos]['filetime'], 'int');
-
-				if (strpos($_POST['attachment_data'][$pos]['mimetype'], 'image/') !== false)
-				{
-					set_var($this->attachment_data[$pos]['mimetype'], $_POST['attachment_data'][$pos]['mimetype'], 'string');
-				}
-				else
-				{
-					$this->attachment_data[$pos]['mimetype'] = filespec::get_mimetype($phpbb_root_path . $config['upload_path'] . '/' . $physical_filename);
-				}
-			}
-		}
 	}
 
 	/**
@@ -1384,8 +1406,7 @@ class parse_message extends bbcode_firstpass
 		$this->message = $poll['poll_option_text'];
 
 
-		$poll['poll_option_text'] = $this->parse($poll['enable_bbcode'], $poll['enable_urls'], $poll['enable_smilies'], $poll['img_status'], false, false, false);
+		$poll['poll_option_text'] = $this->parse($poll['enable_bbcode'], ($config['allow_post_links']) ? $poll['enable_urls'] : false, $poll['enable_smilies'], $poll['img_status'], false, false, $config['allow_post_links'], false);
-
 
 		$this->message = $tmp_message;
 
@@ -1394,8 +1415,7 @@ class parse_message extends bbcode_firstpass
 		$this->message = $poll['poll_title'];
 
 
-		$poll['poll_title'] = $this->parse($poll['enable_bbcode'], $poll['enable_urls'], $poll['enable_smilies'], $poll['img_status'], false, false, false);
+		$poll['poll_title'] = $this->parse($poll['enable_bbcode'], ($config['allow_post_links']) ? $poll['enable_urls'] : false, $poll['enable_smilies'], $poll['img_status'], false, false, $config['allow_post_links'], false);
-
 
 		$this->message = $tmp_message;
 

phpBB/includes/session.php

@@ -405,9 +405,21 @@ class session
 			$this->cookie_data['k'] = '';
 			$this->cookie_data['u'] = ($bot) ? $bot : ANONYMOUS;
 
+			if (!$bot)
+			{
 				$sql = 'SELECT *
 					FROM ' . USERS_TABLE . '
 					WHERE user_id = ' . (int) $this->cookie_data['u'];
+			}
+			else
+			{
+				// We give bots always the same session if it is not yet expired.
+				$sql = 'SELECT u.*, s.*
+					FROM ' . USERS_TABLE . ' u
+					LEFT JOIN ' . SESSIONS_TABLE . ' s ON (s.session_user_id = u.user_id)
+					WHERE u.user_id = ' . (int) $bot;
+			}
+
 			$result = $db->sql_query($sql);
 			$this->data = $db->sql_fetchrow($result);
 			$db->sql_freeresult($result);
@@ -440,6 +452,47 @@ class session
 		//
 		//
 
+		// If our friend is a bot, we re-assign a previously assigned session
+		if ($this->data['is_bot'] && $bot === $this->data['user_id'] && $this->data['session_id'])
+		{
+			// Only assign the current session if the ip and browser match...
+			$s_ip = implode('.', array_slice(explode('.', $this->data['session_ip']), 0, $config['ip_check']));
+			$u_ip = implode('.', array_slice(explode('.', $this->ip), 0, $config['ip_check']));
+
+			$s_browser = ($config['browser_check']) ? strtolower(substr($this->data['session_browser'], 0, 149)) : '';
+			$u_browser = ($config['browser_check']) ? strtolower(substr($this->browser, 0, 149)) : '';
+
+			if ($u_ip === $s_ip && $s_browser === $u_browser)
+			{
+				$this->session_id = $this->data['session_id'];
+
+				// Only update session DB a minute or so after last update or if page changes
+				if ($this->time_now - $this->data['session_time'] > 60 || ($this->update_session_page && $this->data['session_page'] != $this->page['page']))
+				{
+					$sql_ary = array('session_time' => $this->time_now, 'session_last_visit' => $this->time_now, 'session_admin' => 0);
+
+					if ($this->update_session_page)
+					{
+						$sql_ary['session_page'] = substr($this->page['page'], 0, 199);
+					}
+
+					$sql = 'UPDATE ' . SESSIONS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "
+						WHERE session_id = '" . $db->sql_escape($this->session_id) . "'";
+					$db->sql_query($sql);
+				}
+
+				$SID = '?sid=';
+				$_SID = '';
+
+				return true;
+			}
+			else
+			{
+				// If the ip and browser does not match make sure we only have one bot assigned to one session
+				$db->sql_query('DELETE FROM ' . SESSIONS_TABLE . ' WHERE session_user_id = ' . $this->data['user_id']);
+			}
+		}
+
 		// @todo Change this ... check for "... && user_type & USER_NORMAL" ?
 		$session_autologin = (($this->cookie_data['k'] || $persist_login) && $this->data['is_registered']) ? true : false;
 
@@ -516,6 +569,11 @@ class session
 
 			unset($cookie_expire);
 		}
+		else
+		{
+			$SID = '?sid=';
+			$_SID = '';
+		}
 
 		return true;
 	}

phpBB/includes/ucp/ucp_groups.php

@@ -723,7 +723,8 @@ class ucp_groups
 							'PAGINATION'		=> generate_pagination($this->u_action . "&action=$action&g=$group_id", $total_members, $config['topics_per_page'], $start, true),
 
 							'U_ACTION'			=> $this->u_action . "&g=$group_id",
-							'U_FIND_USERNAME'	=> append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=ucp&field=usernames'))
+							'U_FIND_USERNAME'	=> append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=ucp&field=usernames'),
+							'UA_FIND_USERNAME'	=> append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=ucp&field=usernames', false))
 						);
 
 					break;

phpBB/includes/ucp/ucp_pm.php

@@ -96,7 +96,7 @@ class ucp_pm
 				$template->assign_vars(array(
 					'MESSAGE'			=> $l_new_message,
 					'S_NOT_LOGGED_IN'	=> ($user->data['user_id'] == ANONYMOUS) ? true : false,
-					'CLICK_TO_VIEW'		=> sprintf($user->lang['CLICK_VIEW_PRIVMSG'], '<a href="' . append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&amp;folder=inbox') . '" onclick="jump_to_inbox();return false;" target="_new">', '</a>'),
+					'CLICK_TO_VIEW'		=> sprintf($user->lang['CLICK_VIEW_PRIVMSG'], '<a href="' . append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&amp;folder=inbox') . '" onclick="jump_to_inbox(); return false;">', '</a>'),
 					'U_INBOX'			=> append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&amp;folder=inbox'),
 					'UA_INBOX'			=> append_sid("{$phpbb_root_path}ucp.$phpEx", 'i=pm&folder=inbox', false))
 				);

phpBB/includes/ucp/ucp_pm_compose.php

@@ -307,19 +307,21 @@ function compose_pm($id, $mode, $action)
 		$error[] = $user->lang['TOO_MANY_RECIPIENTS'];
 	}
 
+	// Always check if the submitted attachment data is valid and belongs to the user.
+	// Further down (especially in submit_post()) we do not check this again.
 	$message_parser->get_submitted_attachment_data();
 
 	if ($message_attachment && !$submit && !$refresh && !$preview && $action == 'edit')
 	{
-		$sql = 'SELECT attach_id, physical_filename, attach_comment, real_filename, extension, mimetype, filesize, filetime, thumbnail
+		// Do not change to SELECT *
+		$sql = 'SELECT attach_id, is_orphan, attach_comment, real_filename
 			FROM ' . ATTACHMENTS_TABLE . "
 			WHERE post_msg_id = $msg_id
 				AND in_message = 1
+				AND is_orphan = 0
 			ORDER BY filetime " . ((!$config['display_order']) ? 'DESC' : 'ASC');
 		$result = $db->sql_query($sql);
-
 		$message_parser->attachment_data = array_merge($message_parser->attachment_data, $db->sql_fetchrowset($result));
-
 		$db->sql_freeresult($result);
 	}
 
@@ -361,6 +363,7 @@ function compose_pm($id, $mode, $action)
 	$smilies_status	= ($config['allow_smilies'] && $config['auth_smilies_pm'] && $auth->acl_get('u_pm_smilies')) ? true : false;
 	$img_status		= ($config['auth_img_pm'] && $auth->acl_get('u_pm_img')) ? true : false;
 	$flash_status	= ($config['auth_flash_pm'] && $auth->acl_get('u_pm_flash')) ? true : false;
+	$url_status		= ($config['allow_post_links']) ? true : false;
 
 	// Save Draft
 	if ($save && $auth->acl_get('u_savedrafts'))
@@ -473,7 +476,7 @@ function compose_pm($id, $mode, $action)
 		$message_parser->parse_attachments('fileupload', $action, 0, $submit, $preview, $refresh, true);
 
 		// Parse message
-		$message_parser->parse($enable_bbcode, $enable_urls, $enable_smilies, $img_status, $flash_status, true);
+		$message_parser->parse($enable_bbcode, ($config['allow_post_links']) ? $enable_urls : false, $enable_smilies, $img_status, $flash_status, true, $config['allow_sig_links']);
 
 		if ($action != 'edit' && !$preview && !$refresh && $config['flood_interval'] && !$auth->acl_get('u_ignoreflood'))
 		{
@@ -604,7 +607,14 @@ function compose_pm($id, $mode, $action)
 		if ($action == 'quotepost')
 		{
 			$post_id = request_var('p', 0);
-			$message_link = "[url=" . generate_board_url() . "/viewtopic.$phpEx?p={$post_id}#p{$post_id}]{$message_subject}[/url]\n";
+			if ($config['allow_post_links'])
+			{
+				$message_link = "[url=" . generate_board_url() . "/viewtopic.$phpEx?p={$post_id}#p{$post_id}]{$message_subject}[/url]\n\n";
+			}
+			else
+			{
+				$message_link = $user->lang['SUBJECT'] . ': ' . $message_subject . " (" . generate_board_url() . "/viewtopic.$phpEx?p={$post_id}#p{$post_id})\n\n";
+			}
 		}
 		else 
 		{
@@ -622,14 +632,23 @@ function compose_pm($id, $mode, $action)
 	{
 		$fwd_to_field = write_pm_addresses(array('to' => $post['to_address']), 0, true);
 
+		if ($config['allow_post_links'])
+		{
+			$quote_username_text = '[url=' . generate_board_url() . "/memberlist.$phpEx?mode=viewprofile&u={$post['author_id']}]{$quote_username}[/url]";
+		}
+		else
+		{
+			$quote_username_text = $quote_username . ' (' . generate_board_url() . "/memberlist.$phpEx?mode=viewprofile&u={$post['author_id']})";
+		}
+
 		$forward_text = array();
 		$forward_text[] = $user->lang['FWD_ORIGINAL_MESSAGE'];
 		$forward_text[] = sprintf($user->lang['FWD_SUBJECT'], censor_text($message_subject));
 		$forward_text[] = sprintf($user->lang['FWD_DATE'], $user->format_date($message_time));
-		$forward_text[] = sprintf($user->lang['FWD_FROM'], $quote_username);
+		$forward_text[] = sprintf($user->lang['FWD_FROM'], $quote_username_text);
 		$forward_text[] = sprintf($user->lang['FWD_TO'], implode(', ', $fwd_to_field['to']));
 
-		$message_parser->message = implode("\n", $forward_text) . "\n\n[quote=\"[url=" . generate_board_url() . "/memberlist.$phpEx?mode=viewprofile&u={$post['author_id']}]{$quote_username}[/url]\"]\n" . censor_text(trim($message_parser->message)) . "\n[/quote]";
+		$message_parser->message = implode("\n", $forward_text) . "\n\n[quote=\"{$quote_username}\"]\n" . censor_text(trim($message_parser->message)) . "\n[/quote]";
 		$message_subject = ((!preg_match('/^Fwd:/', $message_subject)) ? 'Fwd: ' : '') . censor_text($message_subject);
 	}
 
@@ -783,10 +802,11 @@ function compose_pm($id, $mode, $action)
 
 		'SUBJECT'				=> (isset($message_subject)) ? $message_subject : '',
 		'MESSAGE'				=> $message_text,
-		'BBCODE_STATUS'			=> ($bbcode_status) ? sprintf($user->lang['BBCODE_IS_ON'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '" onclick="target=\'_phpbbcode\';">', '</a>') : sprintf($user->lang['BBCODE_IS_OFF'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '" onclick="target=\'_phpbbcode\';">', '</a>'),
+		'BBCODE_STATUS'			=> ($bbcode_status) ? sprintf($user->lang['BBCODE_IS_ON'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>') : sprintf($user->lang['BBCODE_IS_OFF'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>'),
 		'IMG_STATUS'			=> ($img_status) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'],
 		'FLASH_STATUS'			=> ($flash_status) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'],
 		'SMILIES_STATUS'		=> ($smilies_status) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'],
+		'URL_STATUS'			=> ($url_status) ? $user->lang['URL_IS_ON'] : $user->lang['URL_IS_OFF'],
 		'MINI_POST_IMG'			=> $user->img('icon_post_target', $user->lang['PM']),
 		'ERROR'					=> (sizeof($error)) ? implode('<br />', $error) : '',
 
@@ -798,6 +818,7 @@ function compose_pm($id, $mode, $action)
 		'S_SMILIES_CHECKED'		=> ($smilies_checked) ? ' checked="checked"' : '',
 		'S_SIG_ALLOWED'			=> ($config['allow_sig'] && $auth->acl_get('u_sig')),
 		'S_SIGNATURE_CHECKED'	=> ($sig_checked) ? ' checked="checked"' : '',
+		'S_LINKS_ALLOWED'		=> $url_status,
 		'S_MAGIC_URL_CHECKED'	=> ($urls_checked) ? ' checked="checked"' : '',
 		'S_SAVE_ALLOWED'		=> $auth->acl_get('u_savedrafts'),
 		'S_HAS_DRAFTS'			=> ($auth->acl_get('u_savedrafts') && $drafts),
@@ -806,6 +827,7 @@ function compose_pm($id, $mode, $action)
 		'S_BBCODE_IMG'			=> $img_status,
 		'S_BBCODE_FLASH'		=> $flash_status,
 		'S_BBCODE_QUOTE'		=> true,
+		'S_BBCODE_URL'			=> $url_status,
 
 		'S_POST_ACTION'				=> $s_action,
 		'S_HIDDEN_ADDRESS_FIELD'	=> $s_hidden_address_field,

phpBB/includes/ucp/ucp_pm_options.php

@@ -433,7 +433,8 @@ function message_options($id, $mode, $global_privmsgs_rules, $global_rule_condit
 
 		'DEFAULT_ACTION'		=> ($config['full_folder_action'] == 1) ? $user->lang['DELETE_OLDEST_MESSAGES'] : $user->lang['HOLD_NEW_MESSAGES'],
 
-		'U_FIND_USERNAME'		=> append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=ucp&field=rule_string'))
+		'U_FIND_USERNAME'		=> append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=ucp&field=rule_string'),
+		'UA_FIND_USERNAME'		=> append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=searchuser&form=ucp&field=rule_string', true))
 	);
 
 	$rule_lang = $action_lang = $check_lang = array();

phpBB/includes/ucp/ucp_pm_viewmessage.php

@@ -435,7 +435,7 @@ function get_user_informations($user_id, $user_row)
 		}
 		$avatar_img .= $user_row['user_avatar'];
 
-		$user_row['avatar'] = '<img src="' . $avatar_img . '" width="' . $user_row['user_avatar_width'] . '" height="' . $user_row['user_avatar_height'] . '" border="0" alt="" />';
+		$user_row['avatar'] = '<img src="' . $avatar_img . '" width="' . $user_row['user_avatar_width'] . '" height="' . $user_row['user_avatar_height'] . '" alt="' . $user->lang['USER_AVATAR'] . '" />';
 	}
 
 	$user_row['rank_title'] = $user_row['rank_image'] = '';
@@ -443,7 +443,7 @@ function get_user_informations($user_id, $user_row)
 	if (!empty($user_row['user_rank']))
 	{
 		$user_row['rank_title'] = (isset($ranks['special'][$user_row['user_rank']])) ? $ranks['special'][$user_row['user_rank']]['rank_title'] : '';
-		$user_row['rank_image'] = (!empty($ranks['special'][$user_row['user_rank']]['rank_image'])) ? '<img src="' . $config['ranks_path'] . '/' . $ranks['special'][$user_row['user_rank']]['rank_image'] . '" border="0" alt="' . $ranks['special'][$user_row['user_rank']]['rank_title'] . '" title="' . $ranks['special'][$user_row['user_rank']]['rank_title'] . '" /><br />' : '';
+		$user_row['rank_image'] = (!empty($ranks['special'][$user_row['user_rank']]['rank_image'])) ? '<img src="' . $config['ranks_path'] . '/' . $ranks['special'][$user_row['user_rank']]['rank_image'] . '" alt="' . $ranks['special'][$user_row['user_rank']]['rank_title'] . '" title="' . $ranks['special'][$user_row['user_rank']]['rank_title'] . '" /><br />' : '';
 	}
 	else
 	{
@@ -454,7 +454,7 @@ function get_user_informations($user_id, $user_row)
 				if ($user_row['user_posts'] >= $rank['rank_min'])
 				{
 					$user_row['rank_title'] = $rank['rank_title'];
-					$user_row['rank_image'] = (!empty($rank['rank_image'])) ? '<img src="' . $config['ranks_path'] . '/' . $rank['rank_image'] . '" border="0" alt="' . $rank['rank_title'] . '" title="' . $rank['rank_title'] . '" /><br />' : '';
+					$user_row['rank_image'] = (!empty($rank['rank_image'])) ? '<img src="' . $config['ranks_path'] . '/' . $rank['rank_image'] . '" alt="' . $rank['rank_title'] . '" title="' . $rank['rank_title'] . '" /><br />' : '';
 					break;
 				}
 			}

phpBB/includes/ucp/ucp_profile.php

@@ -428,7 +428,7 @@ class ucp_profile
 						$message_parser = new parse_message($signature);
 
 						// Allowing Quote BBCode
-						$message_parser->parse($enable_bbcode, $enable_urls, $enable_smilies, $config['allow_sig_img'], $config['allow_sig_flash'], true, true, 'sig');
+						$message_parser->parse($enable_bbcode, ($config['allow_sig_links']) ? $enable_urls : false, $enable_smilies, $config['allow_sig_img'], $config['allow_sig_flash'], true, $config['allow_sig_links'], true, 'sig');
 						
 						if (sizeof($message_parser->warn_msg))
 						{
@@ -476,17 +476,19 @@ class ucp_profile
 					'S_SMILIES_CHECKED' 	=> (!$enable_smilies) ? 'checked="checked"' : '',
 					'S_MAGIC_URL_CHECKED' 	=> (!$enable_urls) ? 'checked="checked"' : '',
 
-					'BBCODE_STATUS'			=> ($config['allow_sig_bbcode']) ? sprintf($user->lang['BBCODE_IS_ON'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '" onclick="target=\'_phpbbcode\';">', '</a>') : sprintf($user->lang['BBCODE_IS_OFF'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '" onclick="target=\'_phpbbcode\';">', '</a>'),
+					'BBCODE_STATUS'			=> ($config['allow_sig_bbcode']) ? sprintf($user->lang['BBCODE_IS_ON'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>') : sprintf($user->lang['BBCODE_IS_OFF'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>'),
 					'SMILIES_STATUS'		=> ($config['allow_sig_smilies']) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'],
 					'IMG_STATUS'			=> ($config['allow_sig_img']) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'],
 					'FLASH_STATUS'			=> ($config['allow_sig_flash']) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'],
+					'URL_STATUS'			=> ($config['allow_sig_links']) ? $user->lang['URL_IS_ON'] : $user->lang['URL_IS_OFF'],
 
 					'L_SIGNATURE_EXPLAIN'	=> sprintf($user->lang['SIGNATURE_EXPLAIN'], $config['max_sig_chars']),
 
 					'S_BBCODE_ALLOWED'		=> $config['allow_sig_bbcode'], 
 					'S_SMILIES_ALLOWED'		=> $config['allow_sig_smilies'],
 					'S_BBCODE_IMG'			=> ($config['allow_sig_img']) ? true : false,
-					'S_BBCODE_FLASH'		=> ($config['allow_sig_flash']) ? true : false)
+					'S_BBCODE_FLASH'		=> ($config['allow_sig_flash']) ? true : false,
+					'S_LINKS_ALLOWED'		=> ($config['allow_sig_links']) ? true : false)
 				);
 			
 				// Build custom bbcodes array

phpBB/install/install_install.php

@@ -1616,7 +1616,7 @@ class install_install extends module
 
 		$template->assign_vars(array(
 			'TITLE'		=> $lang['INSTALL_CONGRATS'],
-			'BODY'		=> sprintf($lang['INSTALL_CONGRATS_EXPLAIN'], '<a href="../docs/README.html" target="_blank">', '</a>'),
+			'BODY'		=> sprintf($lang['INSTALL_CONGRATS_EXPLAIN'], '<a href="../docs/README.html">', '</a>'),
 			'L_SUBMIT'	=> $lang['INSTALL_LOGIN'],
 			'U_ACTION'	=> append_sid($phpbb_root_path . 'adm/index.' . $phpEx),
 		));

phpBB/install/install_update.php

@@ -276,6 +276,7 @@ class install_update extends module
 							'CUSTOM_ORIGINAL'	=> ($file_struct['custom']) ? $file_struct['original'] : '',
 
 							'U_SHOW_DIFF'		=> append_sid($this->p_master->module_url, "mode=$mode&sub=file_check&action=diff&status=$status&file=" . urlencode($file_struct['filename'])),
+							'UA_SHOW_DIFF'		=> append_sid($this->p_master->module_url, "mode=$mode&sub=file_check&action=diff&status=$status&file=" . urlencode($file_struct['filename']), false),
 							'L_SHOW_DIFF'		=> ($status != 'up_to_date') ? $user->lang['SHOW_DIFF_' . strtoupper($status)] : '',
 						));
 					}

phpBB/install/schemas/firebird_schema.sql

@@ -27,6 +27,7 @@ CREATE TABLE phpbb_attachments (
 	topic_id INTEGER DEFAULT 0 NOT NULL,
 	in_message INTEGER DEFAULT 0 NOT NULL,
 	poster_id INTEGER DEFAULT 0 NOT NULL,
+	is_orphan INTEGER DEFAULT 1 NOT NULL,
 	physical_filename VARCHAR(255) DEFAULT '' NOT NULL,
 	real_filename VARCHAR(255) DEFAULT '' NOT NULL,
 	download_count INTEGER DEFAULT 0 NOT NULL,
@@ -44,7 +45,7 @@ CREATE INDEX phpbb_attachments_filetime ON phpbb_attachments(filetime);;
 CREATE INDEX phpbb_attachments_post_msg_id ON phpbb_attachments(post_msg_id);;
 CREATE INDEX phpbb_attachments_topic_id ON phpbb_attachments(topic_id);;
 CREATE INDEX phpbb_attachments_poster_id ON phpbb_attachments(poster_id);;
-CREATE INDEX phpbb_attachments_filesize ON phpbb_attachments(filesize);;
+CREATE INDEX phpbb_attachments_is_orphan ON phpbb_attachments(is_orphan);;
 
 CREATE GENERATOR phpbb_attachments_gen;;
 SET GENERATOR phpbb_attachments_gen TO 0;;

phpBB/install/schemas/mssql_schema.sql

@@ -17,6 +17,7 @@ CREATE TABLE [phpbb_attachments] (
 	[topic_id] [int] DEFAULT (0) NOT NULL ,
 	[in_message] [int] DEFAULT (0) NOT NULL ,
 	[poster_id] [int] DEFAULT (0) NOT NULL ,
+	[is_orphan] [int] DEFAULT (1) NOT NULL ,
 	[physical_filename] [varchar] (255) DEFAULT ('') NOT NULL ,
 	[real_filename] [varchar] (255) DEFAULT ('') NOT NULL ,
 	[download_count] [int] DEFAULT (0) NOT NULL ,
@@ -48,7 +49,7 @@ GO
 CREATE  INDEX [poster_id] ON [phpbb_attachments]([poster_id]) ON [PRIMARY]
 GO
 
-CREATE  INDEX [filesize] ON [phpbb_attachments]([filesize]) ON [PRIMARY]
+CREATE  INDEX [is_orphan] ON [phpbb_attachments]([is_orphan]) ON [PRIMARY]
 GO
 
 

phpBB/install/schemas/mysql_schema.sql

@@ -11,6 +11,7 @@ CREATE TABLE phpbb_attachments (
 	topic_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL,
 	in_message tinyint(1) UNSIGNED DEFAULT '0' NOT NULL,
 	poster_id mediumint(8) UNSIGNED DEFAULT '0' NOT NULL,
+	is_orphan tinyint(1) UNSIGNED DEFAULT '1' NOT NULL,
 	physical_filename varchar(255) DEFAULT '' NOT NULL,
 	real_filename varchar(255) DEFAULT '' NOT NULL,
 	download_count mediumint(8) UNSIGNED DEFAULT '0' NOT NULL,
@@ -25,7 +26,7 @@ CREATE TABLE phpbb_attachments (
 	KEY post_msg_id (post_msg_id),
 	KEY topic_id (topic_id),
 	KEY poster_id (poster_id),
-	KEY filesize (filesize)
+	KEY is_orphan (is_orphan)
 );
 
 
@@ -699,8 +700,8 @@ CREATE TABLE phpbb_smilies (
 	code varchar(50) DEFAULT '' NOT NULL,
 	emotion varchar(50) DEFAULT '' NOT NULL,
 	smiley_url varchar(50) DEFAULT '' NOT NULL,
-	smiley_width tinyint(4) DEFAULT '0' NOT NULL,
+	smiley_width smallint(4) UNSIGNED DEFAULT '0' NOT NULL,
-	smiley_height tinyint(4) DEFAULT '0' NOT NULL,
+	smiley_height smallint(4) UNSIGNED DEFAULT '0' NOT NULL,
 	smiley_order mediumint(8) UNSIGNED DEFAULT '0' NOT NULL,
 	display_on_posting tinyint(1) UNSIGNED DEFAULT '1' NOT NULL,
 	PRIMARY KEY (smiley_id),

phpBB/install/schemas/oracle_schema.sql

@@ -51,6 +51,7 @@ CREATE TABLE phpbb_attachments (
 	topic_id number(8) DEFAULT '0' NOT NULL,
 	in_message number(1) DEFAULT '0' NOT NULL,
 	poster_id number(8) DEFAULT '0' NOT NULL,
+	is_orphan number(1) DEFAULT '1' NOT NULL,
 	physical_filename varchar2(255) DEFAULT '' ,
 	real_filename varchar2(255) DEFAULT '' ,
 	download_count number(8) DEFAULT '0' NOT NULL,
@@ -72,7 +73,7 @@ CREATE INDEX phpbb_attachments_topic_id ON phpbb_attachments (topic_id)
 /
 CREATE INDEX phpbb_attachments_poster_id ON phpbb_attachments (poster_id)
 /
-CREATE INDEX phpbb_attachments_filesize ON phpbb_attachments (filesize)
+CREATE INDEX phpbb_attachments_is_orphan ON phpbb_attachments (is_orphan)
 /
 
 CREATE SEQUENCE phpbb_attachments_seq

phpBB/install/schemas/postgres_schema.sql

@@ -93,6 +93,7 @@ CREATE TABLE phpbb_attachments (
 	topic_id INT4 DEFAULT '0' NOT NULL CHECK (topic_id >= 0),
 	in_message INT2 DEFAULT '0' NOT NULL CHECK (in_message >= 0),
 	poster_id INT4 DEFAULT '0' NOT NULL CHECK (poster_id >= 0),
+	is_orphan INT2 DEFAULT '1' NOT NULL CHECK (is_orphan >= 0),
 	physical_filename varchar(255) DEFAULT '' NOT NULL,
 	real_filename varchar(255) DEFAULT '' NOT NULL,
 	download_count INT4 DEFAULT '0' NOT NULL CHECK (download_count >= 0),
@@ -109,7 +110,7 @@ CREATE INDEX phpbb_attachments_filetime ON phpbb_attachments (filetime);
 CREATE INDEX phpbb_attachments_post_msg_id ON phpbb_attachments (post_msg_id);
 CREATE INDEX phpbb_attachments_topic_id ON phpbb_attachments (topic_id);
 CREATE INDEX phpbb_attachments_poster_id ON phpbb_attachments (poster_id);
-CREATE INDEX phpbb_attachments_filesize ON phpbb_attachments (filesize);
+CREATE INDEX phpbb_attachments_is_orphan ON phpbb_attachments (is_orphan);
 
 /*
 	Table: 'phpbb_acl_groups'
@@ -923,8 +924,8 @@ CREATE TABLE phpbb_smilies (
 	code varchar(50) DEFAULT '' NOT NULL,
 	emotion varchar(50) DEFAULT '' NOT NULL,
 	smiley_url varchar(50) DEFAULT '' NOT NULL,
-	smiley_width INT2 DEFAULT '0' NOT NULL,
+	smiley_width INT2 DEFAULT '0' NOT NULL CHECK (smiley_width >= 0),
-	smiley_height INT2 DEFAULT '0' NOT NULL,
+	smiley_height INT2 DEFAULT '0' NOT NULL CHECK (smiley_height >= 0),
 	smiley_order INT4 DEFAULT '0' NOT NULL CHECK (smiley_order >= 0),
 	display_on_posting INT2 DEFAULT '1' NOT NULL CHECK (display_on_posting >= 0),
 	PRIMARY KEY (smiley_id)

phpBB/install/schemas/schema_data.sql

@@ -22,11 +22,13 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('allow_name_chars',
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('allow_namechange', '0');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('allow_nocensors', '0');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('allow_pm_attach', '0');
+INSERT INTO phpbb_config (config_name, config_value) VALUES ('allow_post_links', '1');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('allow_privmsg', '1');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('allow_sig', '1');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('allow_sig_bbcode', '1');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('allow_sig_flash', '0');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('allow_sig_img', '1');
+INSERT INTO phpbb_config (config_name, config_value) VALUES ('allow_sig_links', '1');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('allow_sig_pm', '1');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('allow_sig_smilies', '1');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('allow_smilies', '1');

phpBB/install/schemas/sqlite_schema.sql

@@ -13,6 +13,7 @@ CREATE TABLE phpbb_attachments (
 	topic_id INTEGER UNSIGNED NOT NULL DEFAULT '0',
 	in_message INTEGER UNSIGNED NOT NULL DEFAULT '0',
 	poster_id INTEGER UNSIGNED NOT NULL DEFAULT '0',
+	is_orphan INTEGER UNSIGNED NOT NULL DEFAULT '1',
 	physical_filename varchar(255) NOT NULL DEFAULT '',
 	real_filename varchar(255) NOT NULL DEFAULT '',
 	download_count INTEGER UNSIGNED NOT NULL DEFAULT '0',
@@ -28,7 +29,7 @@ CREATE INDEX phpbb_attachments_filetime ON phpbb_attachments (filetime);
 CREATE INDEX phpbb_attachments_post_msg_id ON phpbb_attachments (post_msg_id);
 CREATE INDEX phpbb_attachments_topic_id ON phpbb_attachments (topic_id);
 CREATE INDEX phpbb_attachments_poster_id ON phpbb_attachments (poster_id);
-CREATE INDEX phpbb_attachments_filesize ON phpbb_attachments (filesize);
+CREATE INDEX phpbb_attachments_is_orphan ON phpbb_attachments (is_orphan);
 
 # Table: 'phpbb_acl_groups'
 CREATE TABLE phpbb_acl_groups (
@@ -676,8 +677,8 @@ CREATE TABLE phpbb_smilies (
 	code varchar(50) NOT NULL DEFAULT '',
 	emotion varchar(50) NOT NULL DEFAULT '',
 	smiley_url varchar(50) NOT NULL DEFAULT '',
-	smiley_width tinyint(4) NOT NULL DEFAULT '0',
+	smiley_width INTEGER UNSIGNED NOT NULL DEFAULT '0',
-	smiley_height tinyint(4) NOT NULL DEFAULT '0',
+	smiley_height INTEGER UNSIGNED NOT NULL DEFAULT '0',
 	smiley_order INTEGER UNSIGNED NOT NULL DEFAULT '0',
 	display_on_posting INTEGER UNSIGNED NOT NULL DEFAULT '1'
 );

phpBB/language/en/acp/board.php

@@ -67,6 +67,8 @@ $lang = array_merge($lang, array(
 	'ALLOW_SIG_BBCODE'			=> 'Allow BBCode in user signatures',
 	'ALLOW_SIG_FLASH'			=> 'Allow use of FLASH BBCode Tag in user signatures',
 	'ALLOW_SIG_IMG'				=> 'Allow use of IMG BBCode Tag in user signatures',
+	'ALLOW_SIG_LINKS'			=> 'Allow use of links in user signatures',
+	'ALLOW_SIG_LINKS_EXPLAIN'	=> 'If disallowed the URL bbcode tag and automatic/magic urls are disabled.',
 	'ALLOW_SIG_SMILIES'			=> 'Allow use of smilies in user signatures',
 	'ALLOW_SMILIES'				=> 'Allow Smilies',
 	'ALLOW_TOPIC_NOTIFY'		=> 'Allow Topic Watching',
@@ -122,6 +124,8 @@ $lang = array_merge($lang, array(
 // Post Settings
 $lang = array_merge($lang, array(
 	'ACP_POST_SETTINGS_EXPLAIN'			=> 'Here you can set all default settings for posting',
+	'ALLOW_POST_LINKS'					=> 'Allow links in posts/private messages',
+	'ALLOW_POST_LINKS_EXPLAIN'			=> 'If disallowed the URL bbcode tag and automatic/magic urls are disabled.',
 
 	'BUMP_INTERVAL'					=> 'Bump Interval',
 	'BUMP_INTERVAL_EXPLAIN'			=> 'Number of minutes, hours or days between the last post to a topic and the ability to bump this topic.',

phpBB/language/en/acp/bots.php

@@ -56,6 +56,7 @@ $lang = array_merge($lang, array(
 	'BOT_VIS'			=> 'Bot visible',
 	'BOT_VIS_EXPLAIN'	=> 'Allow bot to be seen by all users in online lists.',
 
+	'ERR_BOT_AGENT_MATCHES_UA'	=> 'The bot agent you supplied is similar to the one you are currently using. Please adjust the agent for this bot.',
 	'ERR_BOT_NO_IP'				=> 'The IP addresses you supplied were invalid or the hostname could not be resolved.',
 	'ERR_BOT_NO_MATCHES'		=> 'You must supply at least one of an agent or IP for this bot match.',
 

phpBB/language/en/acp/common.php

@@ -308,10 +308,11 @@ $lang = array_merge($lang, array(
 
 	'NO_INACTIVE_USERS'	=> 'No inactive users',
 	'NOT_AVAILABLE'		=> 'Not available',
-	'NUMBER_FILES'		=> 'Number of Attachments',
+	'NUMBER_FILES'		=> 'Number of attachments',
 	'NUMBER_POSTS'		=> 'Number of posts',
 	'NUMBER_TOPICS'		=> 'Number of topics',
 	'NUMBER_USERS'		=> 'Number of users',
+	'NUMBER_ORPHAN'		=> 'Orphan attachments',
 
 	'POSTS_PER_DAY'		=> 'Posts per day',
 
@@ -325,7 +326,7 @@ $lang = array_merge($lang, array(
 
 	'TOPICS_PER_DAY'	=> 'Topics per day',
 
-	'UPLOAD_DIR_SIZE'	=> 'Upload directory size',
+	'UPLOAD_DIR_SIZE'	=> 'Size of posted attachments',
 	'USERS_PER_DAY'		=> 'Users per day',
 
 	'VALUE'				=> 'Value',

phpBB/language/en/common.php

@@ -97,6 +97,7 @@ $lang = array_merge($lang, array(
 
 	'CANCEL'				=> 'Cancel',
 	'CHANGE'				=> 'Change',
+	'CHANGE_FONT_SIZE'		=> 'Change font size',
 	'CLICK_VIEW_PRIVMSG'	=> '%sGo to your inbox%s',
 	'CLOSE_WINDOW'			=> 'Close window',
 	'COLOUR_SWATCH'			=> 'Colour swatch',
@@ -150,6 +151,7 @@ $lang = array_merge($lang, array(
 	'FAQ_EXPLAIN'			=> 'Frequently Asked Questions',
 	'FILENAME'				=> 'Filename',
 	'FILESIZE'				=> 'Filesize',
+	'FILEDATE'				=> 'Filedate',
 	'FILE_COMMENT'			=> 'File comment',
 	'FILE_NOT_FOUND'		=> 'The requested file could not be found',
 	'FIND_USERNAME'			=> 'Find a member',
@@ -338,6 +340,7 @@ $lang = array_merge($lang, array(
 	'NO_TOPICS'					=> 'There are no topics or posts in this forum.',
 	'NO_TOPICS_TIME_FRAME'		=> 'No topics exist inside this forum for the selected time frame.',
 	'NO_UNREAD_PM'				=> '<strong>0</strong> unread messages',
+	'NO_UPLOAD_FORM_FOUND'		=> 'Upload initiated but no valid file upload form found.',
 	'NO_USER'					=> 'The requested user does not exist.',
 	'NO_USERS'					=> 'The requested users do not exist',
 	'NO_USER_SPECIFIED'			=> 'No username was specified',
@@ -553,6 +556,7 @@ $lang = array_merge($lang, array(
 	'USERGROUPS'			=> 'Groups',
 	'USERNAME'				=> 'Username',
 	'USERNAMES'				=> 'Usernames',
+	'USER_AVATAR'			=> 'User avatar',
 	'USER_CANNOT_READ'		=> 'You cannot read posts in this forum',
 	'USER_POST'				=> '%d Post',
 	'USER_POSTS'			=> '%d Posts',
@@ -581,6 +585,7 @@ $lang = array_merge($lang, array(
 	'VIEW_TOPIC_MOVED'			=> 'Moved: ',
 	'VIEW_TOPIC_POLL'			=> 'Poll: ',
 	'VIEW_TOPIC_STICKY'			=> 'Sticky: ',
+	'VISIT_WEBSITE'				=> 'Visit website',
 
 	'WARNINGS'			=> 'Warnings',
 	'WARN_USER'			=> 'Warn user',

phpBB/language/en/help_bbcode.php

@@ -86,7 +86,7 @@ $help = array(
 	),
 	array(
 		0 => 'Adding an image to a post',
-		1 => 'phpBB BBCode incorporates a tag for including images in your posts. Two very important things to remember when using this tag are; many users do not appreciate lots of images being shown in posts and secondly the image you display must already be available on the internet (it cannot exist only on your computer for example, unless you run a webserver!). There is currently no way of storing images locally with phpBB (all these issues are expected to  be addressed in the next release of phpBB). To display an image you must surround the URL pointing to the image with <strong>[img][/img]</strong> tags. For example:<br /><br /><strong>[img]</strong>http://www.phpbb.com/images/phplogo.gif<strong>[/img]</strong><br /><br />As noted in the URL section above you can wrap an image in a <strong>[url][/url]</strong> tag if you wish, eg.<br /><br /><strong>[url=http://www.phpbb.com/][img]</strong>http://www.phpbb.com/images/phplogo.gif<strong>[/img][/url]</strong><br /><br />would generate:<br /><br /><a href="http://www.phpbb.com/" target="_blank"><img src="http://www.phpbb.com/images/phplogo.gif" border="0" alt="" /></a><br />'
+		1 => 'phpBB BBCode incorporates a tag for including images in your posts. Two very important things to remember when using this tag are; many users do not appreciate lots of images being shown in posts and secondly the image you display must already be available on the internet (it cannot exist only on your computer for example, unless you run a webserver!). There is currently no way of storing images locally with phpBB (all these issues are expected to  be addressed in the next release of phpBB). To display an image you must surround the URL pointing to the image with <strong>[img][/img]</strong> tags. For example:<br /><br /><strong>[img]</strong>http://www.phpbb.com/images/phplogo.gif<strong>[/img]</strong><br /><br />As noted in the URL section above you can wrap an image in a <strong>[url][/url]</strong> tag if you wish, eg.<br /><br /><strong>[url=http://www.phpbb.com/][img]</strong>http://www.phpbb.com/images/phplogo.gif<strong>[/img][/url]</strong><br /><br />would generate:<br /><br /><a href="http://www.phpbb.com/" target="_blank"><img src="http://www.phpbb.com/images/phplogo.gif" alt="" /></a><br />'
 	),
 	array(
 		0 => '--',

phpBB/language/en/install.php

@@ -235,7 +235,7 @@ $lang = array_merge($lang, array(
 	'SUB_SUPPORT'				=> 'Support',
 	'SUCCESSFUL_CONNECT'		=> 'Successful Connection',
 // TODO: Write some text on obtaining support
-	'SUPPORT_BODY'				=> 'During the beta phase a minimal level of support will be given at <a href="http://www.phpbb.com/phpBB/viewforum.php?f=46">the phpBB 3.0 Beta support forum</a>. We will provide answers to general setup questions, configuration problems and support for determining common problems mostly related to bugs. We will not support modifications, custom code/style additions or any users using the beta packages within a live environment.</p><p>For additional assistance, please refer to our <a href="http://www.phpbb.com/support/documentation/3.0/quickstart/">Quick Start Guide</a>.</p><p>To ensure you stay up to date with the latest news and releases, why not <a href="http://www.phpbb.com/support/" target="_new">subscribe to our mailing list</a>',
+	'SUPPORT_BODY'				=> 'During the beta phase a minimal level of support will be given at <a href="http://www.phpbb.com/phpBB/viewforum.php?f=46">the phpBB 3.0 Beta support forum</a>. We will provide answers to general setup questions, configuration problems and support for determining common problems mostly related to bugs. We will not support modifications, custom code/style additions or any users using the beta packages within a live environment.</p><p>For additional assistance, please refer to our <a href="http://www.phpbb.com/support/documentation/3.0/quickstart/">Quick Start Guide</a>.</p><p>To ensure you stay up to date with the latest news and releases, why not <a href="http://www.phpbb.com/support/">subscribe to our mailing list</a>',
 	'SYNC_FORUMS'				=> 'Starting to sync forums',
 	'SYNC_TOPICS'				=> 'Starting to sync topics',
 	'SYNC_TOPIC_ID'				=> 'Synchronising topics from topic_id $1%s to $2%s',
@@ -379,7 +379,7 @@ $lang = array_merge($lang, array(
 
 		<h1>Release announcement</h1>
 
-		<p>Please read <a href="%1$s" title="%1$s" target="_blank">the release announcement for the latest version</a> before you continue your update process, it may contain useful information. It also contains full download links as well as the change log.</p>
+		<p>Please read <a href="%1$s" title="%1$s">the release announcement for the latest version</a> before you continue your update process, it may contain useful information. It also contains full download links as well as the change log.</p>
 
 		<br />
 
@@ -388,7 +388,7 @@ $lang = array_merge($lang, array(
 		<p>The recommended way of updating your installation only takes the following steps:</p>
 
 		<ul style="margin-left: 20px; font-size: 1.1em;">
-			<li>Go to the <a href="http://www.phpbb.com/downloads.php" title="http://www.phpbb.com/downloads.php" target="_blank">phpBB.com downloads page</a> and download the correct archive. If you are unsure you can <a href="%2$s" title="%2$s">download the correct archive directly</a> as a zip file.<br /><br /></li>
+			<li>Go to the <a href="http://www.phpbb.com/downloads.php" title="http://www.phpbb.com/downloads.php">phpBB.com downloads page</a> and download the correct archive. If you are unsure you can <a href="%2$s" title="%2$s">download the correct archive directly</a> as a zip file.<br /><br /></li>
 			<li>Unpack the archive<br /><br /></li>
 			<li>Upload the complete uncompressed install folder to your phpBB root directory (where your config.php file is).<br /><br /></li>
 		</ul>

phpBB/language/en/memberlist.php

@@ -94,6 +94,7 @@ $lang = array_merge($lang, array(
 	'NO_VIEW_USERS'			=> 'You are not authorised to view the member list or profiles.',
 
 	'ORDER'					=> 'Order',
+	'OTHER'					=> 'Other',
 
 	'POST_IP'				=> 'Posted from IP/domain',
 

phpBB/language/en/posting.php

@@ -187,6 +187,8 @@ $lang = array_merge($lang, array(
 	'UPDATE_COMMENT'			=> 'Update comment',
 	'URL_INVALID'				=> 'The URL you specified is invalid.',
 	'URL_NOT_FOUND'				=> 'The file specified could not be found.',
+	'URL_IS_OFF'				=> '[url] is <em>OFF</em>',
+	'URL_IS_ON'					=> '[url] is <em>ON</em>',
 	'USER_CANNOT_BUMP'			=> 'You cannot bump topics in this forum',
 	'USER_CANNOT_DELETE'		=> 'You cannot delete posts in this forum',
 	'USER_CANNOT_EDIT'			=> 'You cannot edit posts in this forum',

phpBB/language/en/ucp.php

@@ -104,7 +104,7 @@ $lang = array_merge($lang, array(
 	'BIRTHDAY'					=> 'Birthday',
 	'BIRTHDAY_EXPLAIN'			=> 'Setting a year will list your age when it is your birthday.',
 	'BOARD_DATE_FORMAT'			=> 'My date format',
-	'BOARD_DATE_FORMAT_EXPLAIN'	=> 'The syntax used is identical to the PHP <a href="http://www.php.net/date" onclick="this.target=\'_blank\';" title="Opens in a new window">date()</a> function',
+	'BOARD_DATE_FORMAT_EXPLAIN'	=> 'The syntax used is identical to the PHP <a href="http://www.php.net/date">date()</a> function',
 	'BOARD_DST'					=> 'Daylight Saving Time is in effect',
 	'BOARD_LANGUAGE'			=> 'My language',
 	'BOARD_STYLE'				=> 'My board style',

phpBB/memberlist.php

@@ -1003,7 +1003,7 @@ switch ($mode)
 				{
 					$rank_title = $ranks['special'][$group_row['group_rank']]['rank_title'];
 				}
-				$rank_img = (!empty($ranks['special'][$group_row['group_rank']]['rank_image'])) ? '<img src="' . $config['ranks_path'] . '/' . $ranks['special'][$group_row['group_rank']]['rank_image'] . '" border="0" alt="' . $ranks['special'][$group_row['group_rank']]['rank_title'] . '" title="' . $ranks['special'][$group_row['group_rank']]['rank_title'] . '" /><br />' : '';
+				$rank_img = (!empty($ranks['special'][$group_row['group_rank']]['rank_image'])) ? '<img src="' . $config['ranks_path'] . '/' . $ranks['special'][$group_row['group_rank']]['rank_image'] . '" alt="' . $ranks['special'][$group_row['group_rank']]['rank_title'] . '" title="' . $ranks['special'][$group_row['group_rank']]['rank_title'] . '" /><br />' : '';
 				$rank_img_src = (!empty($ranks['special'][$group_row['group_rank']]['rank_image'])) ? $config['ranks_path'] . '/' . $ranks['special'][$group_row['group_rank']]['rank_image'] : '';
 			}
 			else
@@ -1058,7 +1058,7 @@ switch ($mode)
 		{
 			$s_char_options .= '<option value="' . chr($i) . '"' . (($first_char == chr($i)) ? ' selected="selected"' : '') . '>' . chr($i) . '</option>';
 		}
-		$s_char_options .= '<option value="other"' . (($first_char == 'other') ? ' selected="selected"' : '') . '>Other</option>';
+		$s_char_options .= '<option value="other"' . (($first_char == 'other') ? ' selected="selected"' : '') . '>' . $user->lang['OTHER'] . '</option>';
 
 		// Build a relevant pagination_url
 		$params = array();

phpBB/posting.php

@@ -353,15 +353,18 @@ foreach ($uninit as $var_name => $default_value)
 }
 unset($uninit);
 
+// Always check if the submitted attachment data is valid and belongs to the user.
+// Further down (especially in submit_post()) we do not check this again.
 $message_parser->get_submitted_attachment_data($post_data['poster_id']);
 
 if ($post_data['post_attachment'] && !$submit && !$refresh && !$preview && $mode == 'edit')
 {
 	// Do not change to SELECT *
-	$sql = 'SELECT attach_id, physical_filename, attach_comment, real_filename, extension, mimetype, filesize, filetime, thumbnail
+	$sql = 'SELECT attach_id, is_orphan, attach_comment, real_filename
 		FROM ' . ATTACHMENTS_TABLE . "
 		WHERE post_msg_id = $post_id
 			AND in_message = 0
+			AND is_orphan = 0
 		ORDER BY filetime " . ((!$config['display_order']) ? 'DESC' : 'ASC');
 	$result = $db->sql_query($sql);
 	$message_parser->attachment_data = array_merge($message_parser->attachment_data, $db->sql_fetchrowset($result));
@@ -436,6 +439,7 @@ if ($mode == 'edit' && $post_data['bbcode_uid'])
 $bbcode_status	= ($config['allow_bbcode'] && $auth->acl_get('f_bbcode', $forum_id)) ? true : false;
 $smilies_status	= ($config['allow_smilies'] && $auth->acl_get('f_smilies', $forum_id)) ? true : false;
 $img_status		= ($auth->acl_get('f_img', $forum_id)) ? true : false;
+$url_status		= ($config['allow_post_links']) ? true : false;
 $flash_status	= ($auth->acl_get('f_flash', $forum_id)) ? true : false;
 $quote_status	= ($auth->acl_get('f_reply', $forum_id)) ? true : false;
 
@@ -612,7 +616,7 @@ if ($submit || $preview || $refresh)
 	if (($mode == 'reply' || $mode == 'quote') && $post_data['topic_cur_post_id'] && $post_data['topic_cur_post_id'] != $post_data['topic_last_post_id'])
 	{
 		// Only do so if it is allowed forum-wide
-		if ($post_data['forum_flags'] & 32)
+		if ($post_data['forum_flags'] & FORUM_FLAG_POST_REVIEW)
 		{
 			if (topic_review($topic_id, $forum_id, 'post_review', $post_data['topic_cur_post_id']))
 			{
@@ -636,7 +640,7 @@ if ($submit || $preview || $refresh)
 	// Parse message
 	if ($update_message)
 	{
-		$message_parser->parse($post_data['enable_bbcode'], $post_data['enable_urls'], $post_data['enable_smilies'], $img_status, $flash_status, $quote_status);
+		$message_parser->parse($post_data['enable_bbcode'], ($config['allow_post_links']) ? $post_data['enable_urls'] : false, $post_data['enable_smilies'], $img_status, $flash_status, $quote_status, $config['allow_post_links']);
 	}
 	else
 	{
@@ -769,7 +773,7 @@ if ($submit || $preview || $refresh)
 		}
 	}
 
-	if (sizeof($message_parser->warn_msg))
+	if (sizeof($message_parser->warn_msg) && !$refresh)
 	{
 		$error[] = implode('<br />', $message_parser->warn_msg);
 	}
@@ -1137,10 +1141,11 @@ $template->assign_vars(array(
 	'USERNAME'				=> ((!$preview && $mode != 'quote') || $preview) ? $post_data['username'] : '',
 	'SUBJECT'				=> $post_data['post_subject'],
 	'MESSAGE'				=> $post_data['post_text'],
-	'BBCODE_STATUS'			=> ($bbcode_status) ? sprintf($user->lang['BBCODE_IS_ON'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '" onclick="target=\'_phpbbcode\';">', '</a>') : sprintf($user->lang['BBCODE_IS_OFF'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '" onclick="target=\'_phpbbcode\';">', '</a>'),
+	'BBCODE_STATUS'			=> ($bbcode_status) ? sprintf($user->lang['BBCODE_IS_ON'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>') : sprintf($user->lang['BBCODE_IS_OFF'], '<a href="' . append_sid("{$phpbb_root_path}faq.$phpEx", 'mode=bbcode') . '">', '</a>'),
 	'IMG_STATUS'			=> ($img_status) ? $user->lang['IMAGES_ARE_ON'] : $user->lang['IMAGES_ARE_OFF'],
 	'FLASH_STATUS'			=> ($flash_status) ? $user->lang['FLASH_IS_ON'] : $user->lang['FLASH_IS_OFF'],
 	'SMILIES_STATUS'		=> ($smilies_status) ? $user->lang['SMILIES_ARE_ON'] : $user->lang['SMILIES_ARE_OFF'],
+	'URL_STATUS'			=> ($url_status) ? $user->lang['URL_IS_ON'] : $user->lang['URL_IS_OFF'],
 	'MINI_POST_IMG'			=> $user->img('icon_post_target', $user->lang['POST']),
 	'POST_DATE'				=> ($post_data['post_time']) ? $user->format_date($post_data['post_time']) : '',
 	'ERROR'					=> (sizeof($error)) ? implode('<br />', $error) : '',
@@ -1170,6 +1175,7 @@ $template->assign_vars(array(
 	'S_LOCK_TOPIC_CHECKED'		=> ($lock_topic_checked) ? ' checked="checked"' : '',
 	'S_LOCK_POST_ALLOWED'		=> ($mode == 'edit' && $auth->acl_get('m_edit', $forum_id)) ? true : false,
 	'S_LOCK_POST_CHECKED'		=> ($lock_post_checked) ? ' checked="checked"' : '',
+	'S_LINKS_ALLOWED'			=> $url_status,
 	'S_MAGIC_URL_CHECKED'		=> ($urls_checked) ? ' checked="checked"' : '',
 	'S_TYPE_TOGGLE'				=> $topic_type_toggle,
 	'S_SAVE_ALLOWED'			=> ($auth->acl_get('u_savedrafts') && $user->data['is_registered']) ? true : false,
@@ -1177,6 +1183,7 @@ $template->assign_vars(array(
 	'S_FORM_ENCTYPE'			=> $form_enctype,
 
 	'S_BBCODE_IMG'			=> $img_status,
+	'S_BBCODE_URL'			=> $url_status,
 	'S_BBCODE_FLASH'		=> $flash_status,
 	'S_BBCODE_QUOTE'		=> $quote_status,
 

phpBB/styles/subSilver/template/editor.js

@@ -490,7 +490,7 @@ function colorPalette(dir, width, height)
 			{
 				color = String(numberList[r]) + String(numberList[g]) + String(numberList[b]);
 				document.write('<td bgcolor="#' + color + '">');
-				document.write('<a href="javascript:bbfontstyle(\'[color=#' + color + ']\', \'[/color]\');" onmouseover="helpline(\'s\');"><img src="images/spacer.gif" width="' + width + '" height="' + height + '" border="0" alt="#' + color + '" title="#' + color + '" /></a>');
+				document.write('<a href="#" onclick="bbfontstyle(\'[color=#' + color + ']\', \'[/color]\'); return false;" onmouseover="helpline(\'s\');"><img src="images/spacer.gif" width="' + width + '" height="' + height + '" alt="#' + color + '" title="#' + color + '" /></a>');
 				document.writeln('</td>');
 			}
 

phpBB/styles/subSilver/template/index.htm

@@ -8,7 +8,7 @@
 
 <table width="100%" height="100%" cellspacing="0" cellpadding="0" border="0">
 	<tr>
-		<td align="center" valign="middle"><a href="http://www.subblue.com/" target="_new"><img src="images/created_by.jpg" width="400" height="300" border="0" alt="Created by subBlue Design" /></a></td>
+		<td align="center" valign="middle"><a href="http://www.subblue.com/" target="_new"><img src="images/created_by.jpg" width="400" height="300" alt="Created by subBlue Design" /></a></td>
 	</tr>
 </table>
 

phpBB/styles/subSilver/template/mcp_footer.html

@@ -8,7 +8,7 @@
 		<tr>
 			<td class="nav" valign="middle" nowrap="nowrap">&nbsp;{PAGE_NUMBER}<br /></td>
 			<td class="gensmall" nowrap="nowrap">&nbsp;[ {TOTAL} ]&nbsp;</td>
-			<td class="gensmall" width="100%" align="right" nowrap="nowrap"><!-- IF PAGINATION --><b><a href="javascript:jumpto();">{L_GOTO_PAGE}</a> <!-- IF PREVIOUS_PAGE --><a href="{PREVIOUS_PAGE}">{L_PREVIOUS}</a>&nbsp;&nbsp;<!-- ENDIF -->{PAGINATION}<!-- IF NEXT_PAGE -->&nbsp;&nbsp;<a href="{NEXT_PAGE}">{L_NEXT}</a><!-- ENDIF --></b><!-- ENDIF --></td>
+			<td class="gensmall" width="100%" align="right" nowrap="nowrap"><!-- IF PAGINATION --><b><a href="#" onclick="jumpto(); return false;" title="{L_JUMP_TO_PAGE}">{L_GOTO_PAGE}</a> <!-- IF PREVIOUS_PAGE --><a href="{PREVIOUS_PAGE}">{L_PREVIOUS}</a>&nbsp;&nbsp;<!-- ENDIF -->{PAGINATION}<!-- IF NEXT_PAGE -->&nbsp;&nbsp;<a href="{NEXT_PAGE}">{L_NEXT}</a><!-- ENDIF --></b><!-- ENDIF --></td>
 		</tr>
 		</table>
 		<br />

phpBB/styles/subSilver/template/mcp_forum.html

@@ -61,7 +61,7 @@
 
 <table width="100%" cellspacing="2" cellpadding="2" border="0" align="center">
 <tr>
-	<td align="right" valign="top" nowrap="nowrap"><b class="gensmall"><a href="javascript:marklist('mcp', 'topic_id_list', true);">{L_MARK_ALL}</a> :: <a href="javascript:marklist('mcp', 'topic_id_list', false);">{L_UNMARK_ALL}</a></b></td>
+	<td align="right" valign="top" nowrap="nowrap"><b class="gensmall"><a href="#" onclick="marklist('mcp', 'topic_id_list', true); return false;">{L_MARK_ALL}</a> :: <a href="#" onclick="marklist('mcp', 'topic_id_list', false); return false;">{L_UNMARK_ALL}</a></b></td>
 </tr>
 </table>
 

phpBB/styles/subSilver/template/mcp_notes_user.html

@@ -110,7 +110,7 @@
 <table width="100%" cellspacing="0" cellpadding="0">
 <tr>
 	<td class="pagination">{PAGE_NUMBER} [ {TOTAL_REPORTS} ]</td>
-	<td align="right"><span class="pagination"><!-- IF PAGINATION --><a href="javascript:jumpto();">{L_GOTO_PAGE}</a> <!-- IF PREVIOUS_PAGE --><a href="{PREVIOUS_PAGE}">{L_PREVIOUS}</a>&nbsp;&nbsp;<!-- ENDIF -->{PAGINATION}<!-- IF NEXT_PAGE -->&nbsp;&nbsp;<a href="{NEXT_PAGE}">{L_NEXT}</a><!-- ENDIF --><!-- ENDIF --></span></td>
+	<td align="right"><span class="pagination"><!-- IF PAGINATION --><a href="#" onclick="jumpto(); return false;" title="{L_JUMP_TO_PAGE}">{L_GOTO_PAGE}</a> <!-- IF PREVIOUS_PAGE --><a href="{PREVIOUS_PAGE}">{L_PREVIOUS}</a>&nbsp;&nbsp;<!-- ENDIF -->{PAGINATION}<!-- IF NEXT_PAGE -->&nbsp;&nbsp;<a href="{NEXT_PAGE}">{L_NEXT}</a><!-- ENDIF --><!-- ENDIF --></span></td>
 </tr>
 </table>
 

phpBB/styles/subSilver/template/mcp_queue.html

@@ -39,7 +39,7 @@
 
 <table width="100%" cellspacing="2" cellpadding="2" border="0" align="center">
 <tr>
-	<td align="right" valign="top" nowrap="nowrap"><b class="gensmall"><a href="javascript:marklist('mcp', '', true);">{L_MARK_ALL}</a> :: <a href="javascript:marklist('mcp', '', false);">{L_UNMARK_ALL}</a></b></td>
+	<td align="right" valign="top" nowrap="nowrap"><b class="gensmall"><a href="#" onclick="marklist('mcp', '', true); return false;">{L_MARK_ALL}</a> :: <a href="#" onclick="marklist('mcp', '', false); return false;">{L_UNMARK_ALL}</a></b></td>
 </tr>
 </table>
 

phpBB/styles/subSilver/template/mcp_reports.html

@@ -48,7 +48,7 @@
 
 <table width="100%" cellspacing="2" cellpadding="2" border="0" align="center">
 <tr>
-	<td align="right" valign="top" nowrap="nowrap"><b class="gensmall"><a href="javascript:marklist('mcp', '', true);">{L_MARK_ALL}</a> :: <a href="javascript:marklist('mcp', '', false);">{L_UNMARK_ALL}</a></b></td>
+	<td align="right" valign="top" nowrap="nowrap"><b class="gensmall"><a href="#" onclick="marklist('mcp', '', true); return false;">{L_MARK_ALL}</a> :: <a href="#" onclick="marklist('mcp', '', false); return false;">{L_UNMARK_ALL}</a></b></td>
 </tr>
 </table>
 

phpBB/styles/subSilver/template/mcp_topic.html

@@ -133,7 +133,7 @@
 
 <table width="100%" cellspacing="2" cellpadding="2" border="0" align="center">
 <tr>
-	<td align="right" valign="top" nowrap="nowrap"><b class="gensmall"><a href="javascript:marklist('mcp', '', true);">{L_MARK_ALL}</a> :: <a href="javascript:marklist('mcp', '', false);">{L_UNMARK_ALL}</a></b></td>
+	<td align="right" valign="top" nowrap="nowrap"><b class="gensmall"><a href="#" onclick="marklist('mcp', '', true); return false;">{L_MARK_ALL}</a> :: <a href="#" onclick="marklist('mcp', '', false); return false;">{L_UNMARK_ALL}</a></b></td>
 </tr>
 </table>
 

phpBB/styles/subSilver/template/mcp_viewlogs.html

@@ -45,7 +45,7 @@
 <table width="100%" cellspacing="2" cellpadding="2" border="0" align="center">
 <tr>
 	<td class="nav" align="left" valign="middle">{PAGE_NUMBER}</td>
-	<td align="right" valign="top" nowrap="nowrap"><!-- IF PAGINATION --><b><a href="javascript:jumpto();">{L_GOTO_PAGE}</a> <!-- IF PREVIOUS_PAGE --><a href="{PREVIOUS_PAGE}">{L_PREVIOUS}</a>&nbsp;&nbsp;<!-- ENDIF -->{PAGINATION}<!-- IF NEXT_PAGE -->&nbsp;&nbsp;<a href="{NEXT_PAGE}">{L_NEXT}</a><!-- ENDIF --></b><!-- ENDIF --></td>
+	<td align="right" valign="top" nowrap="nowrap"><!-- IF PAGINATION --><b><a href="#" onclick="jumpto(); return false;" title="{L_JUMP_TO_PAGE}">{L_GOTO_PAGE}</a> <!-- IF PREVIOUS_PAGE --><a href="{PREVIOUS_PAGE}">{L_PREVIOUS}</a>&nbsp;&nbsp;<!-- ENDIF -->{PAGINATION}<!-- IF NEXT_PAGE -->&nbsp;&nbsp;<a href="{NEXT_PAGE}">{L_NEXT}</a><!-- ENDIF --></b><!-- ENDIF --></td>
 </tr>
 </table>
 

phpBB/styles/subSilver/template/mcp_warn_list.html

@@ -32,7 +32,7 @@
 <table width="100%" cellspacing="0" cellpadding="0">
 <tr>
 	<td class="pagination">{PAGE_NUMBER} [ {TOTAL_USERS} ]</td>
-	<td align="right"><span class="pagination"><!-- IF PAGINATION --><a href="javascript:jumpto();">{L_GOTO_PAGE}</a> <!-- IF PREVIOUS_PAGE --><a href="{PREVIOUS_PAGE}">{L_PREVIOUS}</a>&nbsp;&nbsp;<!-- ENDIF -->{PAGINATION}<!-- IF NEXT_PAGE -->&nbsp;&nbsp;<a href="{NEXT_PAGE}">{L_NEXT}</a><!-- ENDIF --><!-- ENDIF --></span></td>
+	<td align="right"><span class="pagination"><!-- IF PAGINATION --><a href="#" onclick="jumpto(); return false;" title="{L_JUMP_TO_PAGE}">{L_GOTO_PAGE}</a> <!-- IF PREVIOUS_PAGE --><a href="{PREVIOUS_PAGE}">{L_PREVIOUS}</a>&nbsp;&nbsp;<!-- ENDIF -->{PAGINATION}<!-- IF NEXT_PAGE -->&nbsp;&nbsp;<a href="{NEXT_PAGE}">{L_NEXT}</a><!-- ENDIF --><!-- ENDIF --></span></td>
 </tr>
 </table>
 

phpBB/styles/subSilver/template/memberlist_body.html

@@ -89,7 +89,7 @@
 <table width="100%" cellspacing="0" cellpadding="0">
 <tr>
 	<td class="pagination">{PAGE_NUMBER} [ {TOTAL_USERS} ]</td>
-	<td align="right"><!-- IF S_SEARCH_USER and S_FORM_NAME --><b class="nav"><a href="javascript:marklist('results', 'user', true);">{L_MARK_ALL}</a> :: <a  href="javascript:marklist('results', 'user', false);">{L_UNMARK_ALL}</a></b><br /><!-- ENDIF --><span class="pagination"><!-- IF PAGINATION --><a href="javascript:jumpto();">{L_GOTO_PAGE}</a> <!-- IF PREVIOUS_PAGE --><a href="{PREVIOUS_PAGE}">{L_PREVIOUS}</a>&nbsp;&nbsp;<!-- ENDIF -->{PAGINATION}<!-- IF NEXT_PAGE -->&nbsp;&nbsp;<a href="{NEXT_PAGE}">{L_NEXT}</a><!-- ENDIF --><!-- ENDIF --></span></td>
+	<td align="right"><!-- IF S_SEARCH_USER and S_FORM_NAME --><b class="nav"><a href="#" onclick="marklist('results', 'user', true); return false;">{L_MARK_ALL}</a> :: <a href="#" onclick="marklist('results', 'user', false); return false;">{L_UNMARK_ALL}</a></b><br /><!-- ENDIF --><span class="pagination"><!-- IF PAGINATION --><a href="#" onclick="jumpto(); return false;" title="{L_JUMP_TO_PAGE}">{L_GOTO_PAGE}</a> <!-- IF PREVIOUS_PAGE --><a href="{PREVIOUS_PAGE}">{L_PREVIOUS}</a>&nbsp;&nbsp;<!-- ENDIF -->{PAGINATION}<!-- IF NEXT_PAGE -->&nbsp;&nbsp;<a href="{NEXT_PAGE}">{L_NEXT}</a><!-- ENDIF --><!-- ENDIF --></span></td>
 </tr>
 </table>
 

phpBB/styles/subSilver/template/memberlist_im.html

@@ -28,7 +28,7 @@
 
 	<!-- IF S_SEND_MSNM -->
 		<tr>
-			<td class="row1" colspan="2" align="center"><object classid="clsid:FB7199AB-79BF-11d2-8D94-0000F875C541" codetype="application/x-oleobject" id="objMessengerApp" width="0" height="0"></object><br /><a class="gen" href="javascript:objMessengerApp.LaunchAddContactUI('{IM_CONTACT}')">{L_IM_ADD_CONTACT}</a><br /><a class="gen" href="javascript:objMessengerApp.LaunchIMUI('{IM_CONTACT}')">{L_IM_SEND_MESSAGE}</a></td>
+			<td class="row1" colspan="2" align="center"><object classid="clsid:FB7199AB-79BF-11d2-8D94-0000F875C541" codetype="application/x-oleobject" id="objMessengerApp" width="0" height="0"></object><br /><a class="gen" href="#" onclick="objMessengerApp.LaunchAddContactUI('{IM_CONTACT}'); return false;">{L_IM_ADD_CONTACT}</a><br /><a class="gen" href="#" onclick="objMessengerApp.LaunchIMUI('{IM_CONTACT}'); return false;">{L_IM_SEND_MESSAGE}</a></td>
 		</tr>
 		<tr>
 			<td class="cat" colspan="2" align="center">&nbsp;</td>

phpBB/styles/subSilver/template/overall_footer.html

@@ -10,7 +10,7 @@
 	forums may be affected.
 
 	The phpBB Group : 2006
-// -->
+//-->
 
 <div id="wrapfooter">
 	<!-- IF U_ACP --><span class="gensmall">[ <a href="{U_ACP}">{L_ACP}</a> ]</span><br /><br /><!-- ENDIF -->

phpBB/styles/subSilver/template/overall_header.html

@@ -97,15 +97,15 @@ function marklist(id, name, state)
 		<table width="100%" cellspacing="0">
 		<tr>
 			<td class="genmed">
-				<!-- IF not S_IS_BOT --><a href="{U_LOGIN_LOGOUT}"><img src="{T_THEME_PATH}/images/icon_mini_login.gif" width="12" height="13" border="0" alt="{L_LOGIN_LOGOUT}" /> {L_LOGIN_LOGOUT}</a>&nbsp;<!-- ENDIF -->
+				<!-- IF not S_IS_BOT --><a href="{U_LOGIN_LOGOUT}"><img src="{T_THEME_PATH}/images/icon_mini_login.gif" width="12" height="13" alt="{L_LOGIN_LOGOUT}" /> {L_LOGIN_LOGOUT}</a>&nbsp;<!-- ENDIF -->
-				<!-- IF U_RESTORE_PERMISSIONS --> &nbsp;<a href="{U_RESTORE_PERMISSIONS}"><img src="{T_THEME_PATH}/images/icon_mini_login.gif" width="12" height="13" border="0" alt="{L_RESTORE_PERMISSIONS}" /> {L_RESTORE_PERMISSIONS}</a><!-- ENDIF -->
+				<!-- IF U_RESTORE_PERMISSIONS --> &nbsp;<a href="{U_RESTORE_PERMISSIONS}"><img src="{T_THEME_PATH}/images/icon_mini_login.gif" width="12" height="13" alt="{L_RESTORE_PERMISSIONS}" /> {L_RESTORE_PERMISSIONS}</a><!-- ENDIF -->
 				<!-- IF S_BOARD_DISABLED --> &nbsp;<span style="color: red;">{L_BOARD_DISABLED}</span><!-- ENDIF -->
 				<!-- IF S_USER_LOGGED_IN -->
-					<!-- IF S_DISPLAY_PM --> &nbsp;<a href="{U_PRIVATEMSGS}"><img src="{T_THEME_PATH}/images/icon_mini_message.gif" width="12" height="13" border="0" alt="{L_PRIVATE_MESSAGES}" /> {PRIVATE_MESSAGE_INFO}<!-- IF PRIVATE_MESSAGE_INFO_UNREAD -->, {PRIVATE_MESSAGE_INFO_UNREAD}<!-- ENDIF --></a><!-- ENDIF -->
+					<!-- IF S_DISPLAY_PM --> &nbsp;<a href="{U_PRIVATEMSGS}"><img src="{T_THEME_PATH}/images/icon_mini_message.gif" width="12" height="13" alt="{L_PRIVATE_MESSAGES}" /> {PRIVATE_MESSAGE_INFO}<!-- IF PRIVATE_MESSAGE_INFO_UNREAD -->, {PRIVATE_MESSAGE_INFO_UNREAD}<!-- ENDIF --></a><!-- ENDIF -->
-				<!-- ELSE --> &nbsp;<a href="{U_REGISTER}"><img src="{T_THEME_PATH}/images/icon_mini_register.gif" width="12" height="13" border="0" alt="{L_REGISTER}" /> {L_REGISTER}</a>
+				<!-- ELSE --> &nbsp;<a href="{U_REGISTER}"><img src="{T_THEME_PATH}/images/icon_mini_register.gif" width="12" height="13" alt="{L_REGISTER}" /> {L_REGISTER}</a>
 				<!-- ENDIF -->
 			</td>
-			<td class="genmed" align="right"><a href="{U_FAQ}"><img src="{T_THEME_PATH}/images/icon_mini_faq.gif" width="12" height="13" border="0" alt="{L_FAQ}" /> {L_FAQ}</a><!-- IF S_DISPLAY_SEARCH -->&nbsp; &nbsp;<a href="{U_SEARCH}"><img src="{T_THEME_PATH}/images/icon_mini_search.gif" width="12" height="13" border="0" alt="{L_SEARCH}" /> {L_SEARCH}</a><!-- ENDIF --><!-- IF S_DISPLAY_MEMBERLIST -->&nbsp; &nbsp;<a href="{U_MEMBERLIST}"><img src="{T_THEME_PATH}/images/icon_mini_members.gif" width="12" height="13" border="0" alt="{L_MEMBERLIST}" /> {L_MEMBERLIST}</a><!-- ENDIF --><!-- IF S_USER_LOGGED_IN -->&nbsp; &nbsp;<a href="{U_PROFILE}"><img src="{T_THEME_PATH}/images/icon_mini_profile.gif" width="12" height="13" border="0" alt="{L_PROFILE}" /> {L_PROFILE}</a><!-- ENDIF --></td>
+			<td class="genmed" align="right"><a href="{U_FAQ}"><img src="{T_THEME_PATH}/images/icon_mini_faq.gif" width="12" height="13" alt="{L_FAQ}" /> {L_FAQ}</a><!-- IF S_DISPLAY_SEARCH -->&nbsp; &nbsp;<a href="{U_SEARCH}"><img src="{T_THEME_PATH}/images/icon_mini_search.gif" width="12" height="13" alt="{L_SEARCH}" /> {L_SEARCH}</a><!-- ENDIF --><!-- IF S_DISPLAY_MEMBERLIST -->&nbsp; &nbsp;<a href="{U_MEMBERLIST}"><img src="{T_THEME_PATH}/images/icon_mini_members.gif" width="12" height="13" alt="{L_MEMBERLIST}" /> {L_MEMBERLIST}</a><!-- ENDIF --><!-- IF S_USER_LOGGED_IN -->&nbsp; &nbsp;<a href="{U_PROFILE}"><img src="{T_THEME_PATH}/images/icon_mini_profile.gif" width="12" height="13" alt="{L_PROFILE}" /> {L_PROFILE}</a><!-- ENDIF --></td>
 		</tr>
 		</table>
 	</div>

phpBB/styles/subSilver/template/posting_attach_body.html

@@ -39,7 +39,7 @@
 			<td valign="top">
 				<table border="0" cellspacing="4" cellpadding="0">
 				<tr>
-					<td><input class="btnlite" type="submit" style="width:150px" name="add_file" value="{L_ADD_FILE}" onclick="javascript:popup_progress_bar();" /></td>
+					<td><input class="btnlite" type="submit" style="width:150px" name="add_file" value="{L_ADD_FILE}" onclick="popup_progress_bar();" /></td>
 				</tr>
 				</table>
 			</td>
@@ -60,7 +60,7 @@
 		</tr>
 		<tr> 
 			<td class="row1"><b class="genmed">{L_FILE_COMMENT}</b></td> 
-			<td class="row2">
+			<td class="row2">{attach_row.S_HIDDEN}
 				<table border="0" cellspacing="0" cellpadding="2">
 				<tr>
 					<td><textarea class="post" name="comment_list[{attach_row.ASSOC_INDEX}]" rows="3" cols="35" wrap="virtual" size="40">{attach_row.FILE_COMMENT}</textarea>&nbsp;</td>
@@ -78,7 +78,6 @@
 				</table>
 			</td>
 		</tr>
-		{attach_row.S_HIDDEN}	
 	<!-- END attach_row -->
 
 <!-- ENDIF -->

phpBB/styles/subSilver/template/posting_body.html

@@ -219,14 +219,14 @@ function checkForm()
 	<td class="row2" width="78%"><input class="post" style="width:450px" type="text" name="subject" size="45" maxlength="60" tabindex="2" value="{SUBJECT}" /></td>
 </tr>
 <tr>
-	<td class="row1" valign="top"><b class="genmed">{L_MESSAGE_BODY}:</b><br /><span class="gensmall">{L_MESSAGE_BODY_EXPLAIN}</span><br /><br />
+	<td class="row1" valign="top"><b class="genmed">{L_MESSAGE_BODY}:</b><br /><span class="gensmall">{L_MESSAGE_BODY_EXPLAIN}&nbsp;</span><br /><br />
 	<!-- IF S_SMILIES_ALLOWED -->
 		<table width="100%" cellspacing="5" cellpadding="0" border="0" align="center">
 		<tr>
 			<td class="gensmall" align="center"><b>{L_SMILIES}</b></td>
 		</tr>
 		<tr>
-			<td align="center"><!-- BEGIN smiley --><a href="javascript:smiley('{smiley.A_SMILEY_CODE}')" style="line-height: 20px;"><img src="{smiley.SMILEY_IMG}" width="{smiley.SMILEY_WIDTH}" height="{smiley.SMILEY_HEIGHT}" border="0" alt="{smiley.SMILEY_DESC}" title="{smiley.SMILEY_DESC}" onclick="smiley('{smiley.A_SMILEY_CODE}');return false" hspace="2" vspace="2" /></a> <!-- END smiley --></td>
+			<td align="center"><!-- BEGIN smiley --><a href="#" onclick="smiley('{smiley.A_SMILEY_CODE}'); return false;" style="line-height: 20px;"><img src="{smiley.SMILEY_IMG}" width="{smiley.SMILEY_WIDTH}" height="{smiley.SMILEY_HEIGHT}" alt="{smiley.SMILEY_DESC}" title="{smiley.SMILEY_DESC}" onclick="smiley('{smiley.A_SMILEY_CODE}'); return false" hspace="2" vspace="2" /></a> <!-- END smiley --></td>
 		</tr>
 
 		<!-- IF S_SHOW_SMILEY_LINK -->
@@ -246,20 +246,28 @@ function checkForm()
 				<input type="button" class="btnbbcode" accesskey="b" name="addbbcode0" value=" B " style="font-weight:bold; width: 30px;" onclick="bbstyle(0)" onmouseover="helpline('b')" />
 				<input type="button" class="btnbbcode" accesskey="i" name="addbbcode2" value=" i " style="font-style:italic; width: 30px;" onclick="bbstyle(2)" onmouseover="helpline('i')" />
 				<input type="button" class="btnbbcode" accesskey="u" name="addbbcode4" value=" u " style="text-decoration: underline; width: 30px;" onclick="bbstyle(4)" onmouseover="helpline('u')" />
-				<!-- IF S_BBCODE_QUOTE --><input type="button" class="btnbbcode" accesskey="q" name="addbbcode6" value="Quote" style="width: 50px" onclick="bbstyle(6)" onmouseover="helpline('q')" /><!-- ENDIF -->
+				<!-- IF S_BBCODE_QUOTE -->
+					<input type="button" class="btnbbcode" accesskey="q" name="addbbcode6" value="Quote" style="width: 50px" onclick="bbstyle(6)" onmouseover="helpline('q')" />
+				<!-- ENDIF -->
 				<input type="button" class="btnbbcode" accesskey="c" name="addbbcode8" value="Code" style="width: 40px" onclick="bbstyle(8)" onmouseover="helpline('c')" />
 				<input type="button" class="btnbbcode" accesskey="l" name="addbbcode10" value="List" style="width: 40px" onclick="bbstyle(10)" onmouseover="helpline('l')" />
 				<input type="button" class="btnbbcode" accesskey="o" name="addbbcode12" value="List=" style="width: 40px" onclick="bbstyle(12)" onmouseover="helpline('o')" />
-				<!-- IF S_BBCODE_IMG --><input type="button" class="btnbbcode" accesskey="p" name="addbbcode14" value="Img" style="width: 40px"  onclick="bbstyle(14)" onmouseover="helpline('p')" /><!-- ENDIF -->
+				<!-- IF S_BBCODE_IMG -->
+					<input type="button" class="btnbbcode" accesskey="p" name="addbbcode14" value="Img" style="width: 40px"  onclick="bbstyle(14)" onmouseover="helpline('p')" />
+				<!-- ENDIF -->
+				<!-- IF S_LINKS_ALLOWED -->
 					<input type="button" class="btnbbcode" accesskey="w" name="addbbcode16" value="URL" style="text-decoration: underline; width: 40px" onclick="bbstyle(16)" onmouseover="helpline('w')" />
-				<!-- IF S_BBCODE_FLASH --><input type="button" class="btnbbcode" accesskey="d" name="addbbcode18" value="Flash" onclick="bbstyle(18)" onmouseover="helpline('d')" /><!-- ENDIF -->
+				<!-- ENDIF -->
+				<!-- IF S_BBCODE_FLASH -->
+					<input type="button" class="btnbbcode" accesskey="d" name="addbbcode18" value="Flash" onclick="bbstyle(18)" onmouseover="helpline('d')" />
+				<!-- ENDIF -->
 				<span class="genmed" style="white-space: nowrap;">{L_FONT_SIZE}: <select class="gensmall" name="addbbcode20" onchange="bbfontstyle('[size=' + this.form.addbbcode20.options[this.form.addbbcode20.selectedIndex].value + ']', '[/size]');this.form.addbbcode20.selectedIndex = 2;" onmouseover="helpline('f')">
 					<option value="7">{L_FONT_TINY}</option>
 					<option value="9">{L_FONT_SMALL}</option>
 					<option value="12" selected="selected">{L_FONT_NORMAL}</option>
 					<option value="18">{L_FONT_LARGE}</option>
 					<option  value="24">{L_FONT_HUGE}</option>
-				</select> | <a href="javascript:bbstyle(-1)" onmouseover="helpline('a')">{L_CLOSE_TAGS}</a></span>
+				</select> | <a href="#" onclick="bbstyle(-1); return false;" onmouseover="helpline('a')">{L_CLOSE_TAGS}</a></span>
 			</td>
 		</tr>
 		<!-- IF .custom_tags -->
@@ -309,6 +317,9 @@ function checkForm()
 		<tr>
 			<td class="gensmall">{FLASH_STATUS}</td>
 		</tr>
+		<tr>
+			<td class="gensmall">{URL_STATUS}</td>
+		</tr>
 		<tr>
 			<td class="gensmall">{SMILIES_STATUS}</td>
 		</tr>
@@ -330,10 +341,12 @@ function checkForm()
 			</tr>
 		<!-- ENDIF -->
 
+		<!-- IF S_LINKS_ALLOWED -->
 		<tr>
 			<td><input type="checkbox" class="radio" name="disable_magic_url"{S_MAGIC_URL_CHECKED} /></td>
 			<td class="gen">{L_DISABLE_MAGIC_URL}</td>
 		</tr>
+		<!-- ENDIF -->
 
 		<!-- IF S_SIG_ALLOWED -->
 			<tr>

phpBB/styles/subSilver/template/posting_progress_bar.html

@@ -30,7 +30,7 @@
 	<td>
 		<table width="100%" border="0" cellspacing="1" cellpadding="4">
 		<tr> 
-			<td valign="top" class="row1" align="center"><br /><span class="genmed">{L_UPLOAD_IN_PROGRESS}</span><br /><br /><div style="align:center">{PROGRESS_BAR}</div><br /><br /><span class="genmed"><a href="javascript:window.close();">{L_CLOSE_WINDOW}</a></span><br /><br /></td>
+			<td valign="top" class="row1" align="center"><br /><span class="genmed">{L_UPLOAD_IN_PROGRESS}</span><br /><br /><div style="align:center">{PROGRESS_BAR}</div><br /><br /><span class="genmed"><a href="#" onclick="window.close(); return false;">{L_CLOSE_WINDOW}</a></span><br /><br /></td>
 		</tr>
 		</table>
 	</td>

phpBB/styles/subSilver/template/posting_smilies.html

@@ -31,7 +31,7 @@ function smiley(text) {
 			<th>{L_SMILIES}</th>
 		</tr>
 		<tr>
-			<td class="row1" align="center" valign="middle"><!-- BEGIN smiley --> <a href="javascript:smiley('{smiley.A_SMILEY_CODE}')"><img src="{smiley.SMILEY_IMG}" width="{smiley.SMILEY_WIDTH}" height="{smiley.SMILEY_HEIGHT}" border="0" alt="{smiley.SMILEY_DESC}" title="{smiley.SMILEY_DESC}" hspace="2" vspace="2" onclick="smiley('{smiley.A_SMILEY_CODE}');return false" /></a> <!-- END smiley --><br /><a class="nav" href="javascript:window.close();">{L_CLOSE_WINDOW}</a></td>
+			<td class="row1" align="center" valign="middle"><!-- BEGIN smiley --> <a href="#" onclick="smiley('{smiley.A_SMILEY_CODE}'); return false;"><img src="{smiley.SMILEY_IMG}" width="{smiley.SMILEY_WIDTH}" height="{smiley.SMILEY_HEIGHT}" alt="{smiley.SMILEY_DESC}" title="{smiley.SMILEY_DESC}" hspace="2" vspace="2" onclick="smiley('{smiley.A_SMILEY_CODE}');return false" /></a> <!-- END smiley --><br /><a class="nav" href="#" onclick="window.close(); return false;">{L_CLOSE_WINDOW}</a></td>
 		</tr>
 		</table>
 	</td>

phpBB/styles/subSilver/template/search_results.html

@@ -123,7 +123,7 @@
 
 </form>
 
-<div class="nav" style="float:left"><!-- IF PAGINATION -->{PAGE_NUMBER}&nbsp;[ {TOTAL_MATCHES} ]<!-- ENDIF -->&nbsp;</div><div class="nav" style="float:right"><!-- IF PAGINATION --><b><a href="javascript:jumpto();">{L_GOTO_PAGE}</a> <!-- IF PREVIOUS_PAGE --><a href="{PREVIOUS_PAGE}">{L_PREVIOUS}</a>&nbsp;&nbsp;<!-- ENDIF -->{PAGINATION}<!-- IF NEXT_PAGE -->&nbsp;&nbsp;<a href="{NEXT_PAGE}">{L_NEXT}</a><!-- ENDIF --></b><!-- ENDIF --></div>
+<div class="nav" style="float:left"><!-- IF PAGINATION -->{PAGE_NUMBER}&nbsp;[ {TOTAL_MATCHES} ]<!-- ENDIF -->&nbsp;</div><div class="nav" style="float:right"><!-- IF PAGINATION --><b><a href="#" onclick="jumpto(); return false;" title="{L_JUMP_TO_PAGE}">{L_GOTO_PAGE}</a> <!-- IF PREVIOUS_PAGE --><a href="{PREVIOUS_PAGE}">{L_PREVIOUS}</a>&nbsp;&nbsp;<!-- ENDIF -->{PAGINATION}<!-- IF NEXT_PAGE -->&nbsp;&nbsp;<a href="{NEXT_PAGE}">{L_NEXT}</a><!-- ENDIF --></b><!-- ENDIF --></div>
 
 <br clear="all" /><br />
 

phpBB/styles/subSilver/template/ucp_attachments.html

@@ -18,7 +18,7 @@
 				<tr>
 					<td class="nav" valign="middle" nowrap="nowrap">&nbsp;{PAGE_NUMBER}<br /></td>
 					<td class="gensmall" nowrap="nowrap">&nbsp;[ {TOTAL_ATTACHMENTS} ]&nbsp;</td>
-					<td class="gensmall" width="100%" align="right" nowrap="nowrap"><!-- IF PAGINATION --><b><a href="javascript:jumpto();">{L_GOTO_PAGE}</a> <!-- IF PREVIOUS_PAGE --><a href="{PREVIOUS_PAGE}">{L_PREVIOUS}</a>&nbsp;&nbsp;<!-- ENDIF -->{PAGINATION}<!-- IF NEXT_PAGE -->&nbsp;&nbsp;<a href="{NEXT_PAGE}">{L_NEXT}</a><!-- ENDIF --></b><!-- ENDIF --></td>
+					<td class="gensmall" width="100%" align="right" nowrap="nowrap"><!-- IF PAGINATION --><b><a href="#" onclick="jumpto(); return false;" title="{L_JUMP_TO_PAGE}">{L_GOTO_PAGE}</a> <!-- IF PREVIOUS_PAGE --><a href="{PREVIOUS_PAGE}">{L_PREVIOUS}</a>&nbsp;&nbsp;<!-- ENDIF -->{PAGINATION}<!-- IF NEXT_PAGE -->&nbsp;&nbsp;<a href="{NEXT_PAGE}">{L_NEXT}</a><!-- ENDIF --></b><!-- ENDIF --></td>
 				</tr>
 				</table>
 			</td>
@@ -40,7 +40,7 @@
 	</tr>
 	</table>
 
-	<div style="float:right"><b class="gensmall"><a href="javascript:marklist('ucp', 'attachment', true);">{L_MARK_ALL}</a> :: <a  href="javascript:marklist('ucp', 'attachment', false);">{L_UNMARK_ALL}</a></b></div>
+	<div style="float:right"><b class="gensmall"><a href="#" onclick="marklist('ucp', 'attachment', true); return false;">{L_MARK_ALL}</a> :: <a  href="#" onclick="marklist('ucp', 'attachment', false); return false;">{L_UNMARK_ALL}</a></b></div>
 
 <!-- ELSE -->
 

phpBB/styles/subSilver/template/ucp_groups_manage.html

@@ -187,13 +187,13 @@
 		</tr>
 	<!-- END member -->
 	<tr>
-		<td class="cat" colspan="5" align="center"><div style="float: right;"><span class="small"><a href="javascript:marklist('ucp', 'mark', true);">{L_MARK_ALL}</a> :: <a href="javascript:marklist('ucp', 'mark', false);">{L_UNMARK_ALL}</a></span></div><div style="float: left"><select name="action"><option class="sep" value="">{L_SELECT_OPTION}</option>{S_ACTION_OPTIONS}</select> <input class="button2" type="submit" name="update" value="{L_SUBMIT}" /></div></td>
+		<td class="cat" colspan="5" align="center"><div style="float: right;"><span class="small"><a href="#" onclick="marklist('ucp', 'mark', true); return false;">{L_MARK_ALL}</a> :: <a href="#" onclick="marklist('ucp', 'mark', false); return false;">{L_UNMARK_ALL}</a></span></div><div style="float: left"><select name="action"><option class="sep" value="">{L_SELECT_OPTION}</option>{S_ACTION_OPTIONS}</select> <input class="button2" type="submit" name="update" value="{L_SUBMIT}" /></div></td>
 	</tr>
 	</table>
 
 	<div class="pagination" style="float: left;">
 		<!-- IF PAGINATION -->
-			<a href="javascript:jumpto();" title="{L_JUMP_TO_PAGE}">{S_ON_PAGE}</a> &bull; <span>{PAGINATION}</span>
+			<a href="#" onclick="jumpto(); return false;" title="{L_JUMP_TO_PAGE}">{S_ON_PAGE}</a> &bull; <span>{PAGINATION}</span>
 		<!-- ELSE -->
 			{S_ON_PAGE}
 		<!-- ENDIF -->
@@ -216,7 +216,7 @@
 	</tr>
 	<tr>
 		<td class="row1"><label for="usernames">{L_USERNAME}:</label><br /><span>{L_USERNAMES_EXPLAIN}</span></td>
-		<td class="row2"><textarea id="usernames" name="usernames" cols="40" rows="5"></textarea><br />[ <a href="{U_FIND_USERNAME}" target="usersearch">{L_FIND_USERNAME}</a> ]</td>
+		<td class="row2"><textarea id="usernames" name="usernames" cols="40" rows="5"></textarea><br />[ <a href="{U_FIND_USERNAME}" onclick="window.open('{UA_FIND_USERNAME}', '_usersearch', 'height=500, resizable=yes, scrollbars=yes, width=740'); return false;">{L_FIND_USERNAME}</a> ]</td>
 	</tr>
 	<tr>
 		<td class="cat" colspan="2" align="center"><input class="button2" type="submit" name="addusers" value="{L_SUBMIT}" /></td>

phpBB/styles/subSilver/template/ucp_header.html

@@ -101,7 +101,7 @@
 	<!-- BEGIN pm_colour_info -->
 		<tr>
 			<!-- IF not pm_colour_info.IMG -->
-				<td class="row1 {pm_colour_info.CLASS}" width="5"><img src="images/spacer.gif" width="5" alt="{pm_colour_info.LANG}" border="0" /></td>
+				<td class="row1 {pm_colour_info.CLASS}" width="5"><img src="images/spacer.gif" width="5" alt="{pm_colour_info.LANG}" /></td>
 			<!-- ELSE -->
 				<td class="row1" width="25" align="center">{pm_colour_info.IMG}</td>
 			<!-- ENDIF -->

phpBB/styles/subSilver/template/ucp_main_bookmarks.html

@@ -55,7 +55,7 @@
 </table>
 
 <!-- IF not S_NO_DISPLAY_BOOKMARKS -->
-	<div class="gensmall" style="float: right; padding-top: 2px;"><b><a href="javascript:marklist('ucp', 't', true);">{L_MARK_ALL}</a> :: <a  href="javascript:marklist('ucp', 't', false);">{L_UNMARK_ALL}</a></b></div>
+	<div class="gensmall" style="float: right; padding-top: 2px;"><b><a href="#" onclick="marklist('ucp', 't', true); return false;">{L_MARK_ALL}</a> :: <a href="#" onclick="marklist('ucp', 't', false); return false;">{L_UNMARK_ALL}</a></b></div>
 <!-- ENDIF -->
 
 <!-- INCLUDE ucp_footer.html -->

phpBB/styles/subSilver/template/ucp_main_drafts.html

@@ -83,7 +83,7 @@
 							<option value="18">{L_FONT_LARGE}</option>
 							<option  value="24">{L_FONT_HUGE}</option>
 						</select></td>
-						<td class="gensmall" nowrap="nowrap" align="right"><a href="javascript:bbstyle(-1)" onmouseover="helpline('a')">{L_CLOSE_TAGS}</a></td>
+						<td class="gensmall" nowrap="nowrap" align="right"><a href="#" onclick="bbstyle(-1); return false;" onmouseover="helpline('a')">{L_CLOSE_TAGS}</a></td>
 					</tr>
 					</table>
 				</td>

phpBB/styles/subSilver/template/ucp_main_subscribed.html

@@ -36,7 +36,7 @@
 			<tr>
 				<td class="nav" valign="middle" nowrap="nowrap">&nbsp;{PAGE_NUMBER}<br /></td>
 				<td class="gensmall" nowrap="nowrap">&nbsp;[ {TOTAL_TOPICS} ]&nbsp;</td>
-				<td class="gensmall" width="100%" align="right" nowrap="nowrap"><!-- IF PAGINATION --><b><a href="javascript:jumpto();">{L_GOTO_PAGE}</a> <!-- IF PREVIOUS_PAGE --><a href="{PREVIOUS_PAGE}">{L_PREVIOUS}</a>&nbsp;&nbsp;<!-- ENDIF -->{PAGINATION}<!-- IF NEXT_PAGE -->&nbsp;&nbsp;<a href="{NEXT_PAGE}">{L_NEXT}</a><!-- ENDIF --></b><!-- ENDIF --></td>
+				<td class="gensmall" width="100%" align="right" nowrap="nowrap"><!-- IF PAGINATION --><b><a href="#" onclick="jumpto(); return false;" title="{L_JUMP_TO_PAGE}">{L_GOTO_PAGE}</a> <!-- IF PREVIOUS_PAGE --><a href="{PREVIOUS_PAGE}">{L_PREVIOUS}</a>&nbsp;&nbsp;<!-- ENDIF -->{PAGINATION}<!-- IF NEXT_PAGE -->&nbsp;&nbsp;<a href="{NEXT_PAGE}">{L_NEXT}</a><!-- ENDIF --></b><!-- ENDIF --></td>
 			</tr>
 			</table>
 		</td>
@@ -72,6 +72,6 @@
 </tr>
 </table>
 
-<div class="gensmall" style="float: right; padding-top: 2px;"><b><a href="javascript:marklist('ucp', 't', true);">{L_MARK_ALL}</a> :: <a href="javascript:marklist('ucp', 't', false);">{L_UNMARK_ALL}</a></b></div>
+<div class="gensmall" style="float: right; padding-top: 2px;"><b><a href="#" onclick="marklist('ucp', 't', true); return false;">{L_MARK_ALL}</a> :: <a href="#" onclick="marklist('ucp', 't', false); return false;">{L_UNMARK_ALL}</a></b></div>
 
 <!-- INCLUDE ucp_footer.html -->

phpBB/styles/subSilver/template/ucp_pm_message_footer.html

@@ -7,7 +7,7 @@
 		<table border="0" cellspacing="0" cellpadding="0" width="100%">
 		<tr>
 			<td align="left">
-				<!-- IF PAGINATION --><b><a href="javascript:jumpto();">{L_GOTO_PAGE}</a> <!-- IF PREVIOUS_PAGE --><a href="{PREVIOUS_PAGE}">{L_PREVIOUS}</a>&nbsp;&nbsp;<!-- ENDIF -->{PAGINATION}<!-- IF NEXT_PAGE -->&nbsp;&nbsp;<a href="{NEXT_PAGE}">{L_NEXT}</a><!-- ENDIF --></b><!-- ENDIF -->
+				<!-- IF PAGINATION --><b><a href="#" onclick="jumpto(); return false;" title="{L_JUMP_TO_PAGE}">{L_GOTO_PAGE}</a> <!-- IF PREVIOUS_PAGE --><a href="{PREVIOUS_PAGE}">{L_PREVIOUS}</a>&nbsp;&nbsp;<!-- ENDIF -->{PAGINATION}<!-- IF NEXT_PAGE -->&nbsp;&nbsp;<a href="{NEXT_PAGE}">{L_NEXT}</a><!-- ENDIF --></b><!-- ENDIF -->
 				<!-- IF S_VIEW_MESSAGE -->
 					<span class="gensmall">
 						<!-- IF U_PRINT_PM --><a href="{U_PRINT_PM}" title="{L_PRINT_PM}">{L_PRINT_PM}</a><!-- IF U_FORWARD_PM --> | <!-- ENDIF --><!-- ENDIF -->
@@ -36,5 +36,5 @@
 </table>
 
 <!-- IF not S_VIEW_MESSAGE -->
-	<div style="float:right"><b class="gensmall"><a href="javascript:marklist('viewfolder', 'marked_msg_id', true);">{L_MARK_ALL}</a> :: <a  href="javascript:marklist('viewfolder', 'marked_msg_id', false);">{L_UNMARK_ALL}</a></b></div>
+	<div style="float:right"><b class="gensmall"><a href="#" onclick="marklist('viewfolder', 'marked_msg_id', true); return false;">{L_MARK_ALL}</a> :: <a  href="#" onclick="marklist('viewfolder', 'marked_msg_id', false); return false;">{L_UNMARK_ALL}</a></b></div>
 <!-- ENDIF -->

phpBB/styles/subSilver/template/ucp_pm_message_header.html

@@ -22,7 +22,7 @@
 				</span>
 			<!-- ENDIF -->
 			</td>
-			<td align="right"><!-- IF PAGINATION --><b><a href="javascript:jumpto();">{L_GOTO_PAGE}</a> <!-- IF PREVIOUS_PAGE --><a href="{PREVIOUS_PAGE}">{L_PREVIOUS}</a>&nbsp;&nbsp;<!-- ENDIF -->{PAGINATION}<!-- IF NEXT_PAGE -->&nbsp;&nbsp;<a href="{NEXT_PAGE}">{L_NEXT}</a><!-- ENDIF --></b><!-- ENDIF --></td>
+			<td align="right"><!-- IF PAGINATION --><b><a href="#" onclick="jumpto(); return false;" title="{L_JUMP_TO_PAGE}">{L_GOTO_PAGE}</a> <!-- IF PREVIOUS_PAGE --><a href="{PREVIOUS_PAGE}">{L_PREVIOUS}</a>&nbsp;&nbsp;<!-- ENDIF -->{PAGINATION}<!-- IF NEXT_PAGE -->&nbsp;&nbsp;<a href="{NEXT_PAGE}">{L_NEXT}</a><!-- ENDIF --></b><!-- ENDIF --></td>
 		</tr>
 		</table>
 	</td>

phpBB/styles/subSilver/template/ucp_pm_options.html

@@ -42,7 +42,7 @@
 					<!-- IF S_TEXT_CONDITION -->
 						<input type="text" name="rule_string" value="{CURRENT_STRING}" size="30" maxlength="250" class="post" />
 					<!-- ELSEIF S_USER_CONDITION -->
-						<input type="text" class="post" name="rule_string" value="{CURRENT_STRING}" maxlength="50" size="20" />&nbsp;<span class="gensmall">[ <a href="{U_FIND_USERNAME}" onclick="window.open('{U_FIND_USERNAME}', '_phpbbsearch', 'HEIGHT=500,resizable=yes,scrollbars=yes,WIDTH=740');return false;">{L_FIND_USERNAME}</a> ]</span>
+						<input type="text" class="post" name="rule_string" value="{CURRENT_STRING}" maxlength="50" size="20" />&nbsp;<span class="gensmall">[ <a href="{U_FIND_USERNAME}" onclick="window.open('{UA_FIND_USERNAME}', '_usersearch', 'height=500, resizable=yes, scrollbars=yes, width=740'); return false;">{L_FIND_USERNAME}</a> ]</span>
 					<!-- ELSEIF S_GROUP_CONDITION -->
 						<input type="hidden" name="rule_string" value="{CURRENT_STRING}" /><!-- IF S_GROUP_OPTIONS --><select name="rule_group_id">{S_GROUP_OPTIONS}</select><!-- ELSE -->{L_NO_GROUPS}<!-- ENDIF -->
 					<!-- ENDIF -->

phpBB/styles/subSilver/template/ucp_pm_popup.html

@@ -26,7 +26,7 @@ function jump_to_inbox()
 					{MESSAGE}<br /><br />{CLICK_TO_VIEW}
 				<!-- ENDIF -->
 				</span>
-				<br /><br /><span class="genmed"><a href="javascript:window.close();">{L_CLOSE_WINDOW}</a></span><br /><br />
+				<br /><br /><span class="genmed"><a href="#" onclick="window.close(); return false;">{L_CLOSE_WINDOW}</a></span><br /><br />
 			</td>
 		</tr>
 		</table>

phpBB/styles/subSilver/template/ucp_profile_signature.html

@@ -56,9 +56,15 @@ d_help = "{LA_BBCODE_D_HELP}";
 				<input type="button" class="btnbbcode" accesskey="c" name="addbbcode8" value="Code" style="width: 40px" onclick="bbstyle(8)" onmouseover="helpline('c')" />
 				<input type="button" class="btnbbcode" accesskey="l" name="addbbcode10" value="List" style="width: 40px" onclick="bbstyle(10)" onmouseover="helpline('l')" />
 				<input type="button" class="btnbbcode" accesskey="o" name="addbbcode12" value="List=" style="width: 40px" onclick="bbstyle(12)" onmouseover="helpline('o')" />
-				<!-- IF S_BBCODE_IMG --><input type="button" class="btnbbcode" accesskey="p" name="addbbcode14" value="Img" style="width: 40px"  onclick="bbstyle(14)" onmouseover="helpline('p')" /><!-- ENDIF -->
+				<!-- IF S_BBCODE_IMG -->
+					<input type="button" class="btnbbcode" accesskey="p" name="addbbcode14" value="Img" style="width: 40px"  onclick="bbstyle(14)" onmouseover="helpline('p')" />
+				<!-- ENDIF -->
+				<!-- IF S_LINKS_ALLOWED -->
 					<input type="button" class="btnbbcode" accesskey="w" name="addbbcode16" value="URL" style="text-decoration: underline; width: 40px" onclick="bbstyle(16)" onmouseover="helpline('w')" />
-				<!-- IF S_BBCODE_FLASH --><input type="button" class="btnbbcode" accesskey="d" name="addbbcode18" value="Flash" onclick="bbstyle(18)" onmouseover="helpline('d')" /><!-- ENDIF -->
+				<!-- ENDIF -->
+				<!-- IF S_BBCODE_FLASH -->
+					<input type="button" class="btnbbcode" accesskey="d" name="addbbcode18" value="Flash" onclick="bbstyle(18)" onmouseover="helpline('d')" />
+				<!-- ENDIF -->
 			</td>
 		</tr>
 		<tr>
@@ -69,7 +75,7 @@ d_help = "{LA_BBCODE_D_HELP}";
 					<option value="12" selected="selected">{L_FONT_NORMAL}</option>
 					<option value="18">{L_FONT_LARGE}</option>
 					<option  value="24">{L_FONT_HUGE}</option>
-				</select> | <a href="javascript:bbstyle(-1)" onmouseover="helpline('a')">{L_CLOSE_TAGS}</a></span>
+				</select> | <a href="#" onclick="bbstyle(-1); return false;" onmouseover="helpline('a')">{L_CLOSE_TAGS}</a></span>
 			</td>
 		</tr>
 		<!-- IF .custom_tags -->
@@ -117,6 +123,9 @@ d_help = "{LA_BBCODE_D_HELP}";
 		<tr>
 			<td class="gensmall">{FLASH_STATUS}</td>
 		</tr>
+		<tr>
+			<td class="gensmall">{URL_STATUS}</td>
+		</tr>
 		<tr>
 			<td class="gensmall">{SMILIES_STATUS}</td>
 		</tr>
@@ -136,10 +145,12 @@ d_help = "{LA_BBCODE_D_HELP}";
 				<td class="gen">{L_DISABLE_SMILIES}</td>
 			</tr>
 		<!-- ENDIF -->
+		<!-- IF S_LINKS_ALLOWED -->
 			<tr>
 				<td><input type="checkbox" class="radio" name="disable_magic_url"{S_MAGIC_URL_CHECKED} /></td>
 				<td class="gen">{L_DISABLE_MAGIC_URL}</td>
 			</tr>
+		<!-- ENDIF -->
 		</table>
 	</td>
 </tr>

phpBB/styles/subSilver/template/ucp_register.html

@@ -59,7 +59,7 @@
 </tr>
 <tr>
 	<td class="row1"><b class="genmed">{L_LANGUAGE}: </b></td>
-	<td class="row2"><select name="lang" onchange="javascript:change_language(this.value);">{S_LANG_OPTIONS}</select></td>
+	<td class="row2"><select name="lang" onchange="change_language(this.value); return false;">{S_LANG_OPTIONS}</select></td>
 </tr>
 <tr>
 	<td class="row1"><b class="genmed">{L_TIMEZONE}: </b></td>

phpBB/styles/subSilver/template/viewforum_body.html

@@ -112,7 +112,7 @@
 			<!-- IF TOTAL_TOPICS -->
 				<td class="nav" valign="middle" nowrap="nowrap">&nbsp;{PAGE_NUMBER}<br /></td>
 				<td class="gensmall" nowrap="nowrap">&nbsp;[ {TOTAL_TOPICS} ]&nbsp;</td>
-				<td class="gensmall" width="100%" align="right" nowrap="nowrap"><!-- IF PAGINATION --><b><a href="javascript:jumpto();">{L_GOTO_PAGE}</a> <!-- IF PREVIOUS_PAGE --><a href="{PREVIOUS_PAGE}">{L_PREVIOUS}</a>&nbsp;&nbsp;<!-- ENDIF -->{PAGINATION}<!-- IF NEXT_PAGE -->&nbsp;&nbsp;<a href="{NEXT_PAGE}">{L_NEXT}</a><!-- ENDIF --></b><!-- ENDIF --></td>
+				<td class="gensmall" width="100%" align="right" nowrap="nowrap"><!-- IF PAGINATION --><b><a href="#" onclick="jumpto(); return false;" title="{L_JUMP_TO_PAGE}">{L_GOTO_PAGE}</a> <!-- IF PREVIOUS_PAGE --><a href="{PREVIOUS_PAGE}">{L_PREVIOUS}</a>&nbsp;&nbsp;<!-- ENDIF -->{PAGINATION}<!-- IF NEXT_PAGE -->&nbsp;&nbsp;<a href="{NEXT_PAGE}">{L_NEXT}</a><!-- ENDIF --></b><!-- ENDIF --></td>
 			<!-- ENDIF -->
 		</tr>
 		</table>
@@ -211,7 +211,7 @@
 			<td align="left" valign="middle"><a href="{U_POST_NEW_TOPIC}">{POST_IMG}</a></td>
 			<td class="nav" nowrap="nowrap">&nbsp;{PAGE_NUMBER}</td>
 			<td class="gensmall" nowrap="nowrap">&nbsp;[ {TOTAL_TOPICS} ]</td>
-			<td class="nav" width="100%" align="right" nowrap="nowrap"><!-- IF PAGINATION --><b><a href="javascript:jumpto();">{L_GOTO_PAGE}</a> <!-- IF PREVIOUS_PAGE --><a href="{PREVIOUS_PAGE}">{L_PREVIOUS}</a>&nbsp;&nbsp;<!-- ENDIF -->{PAGINATION}<!-- IF NEXT_PAGE -->&nbsp;&nbsp;<a href="{NEXT_PAGE}">{L_NEXT}</a><!-- ENDIF --></b><!-- ENDIF --></td>
+			<td class="nav" width="100%" align="right" nowrap="nowrap"><!-- IF PAGINATION --><b><a href="#" onclick="jumpto(); return false;" title="{L_JUMP_TO_PAGE}">{L_GOTO_PAGE}</a> <!-- IF PREVIOUS_PAGE --><a href="{PREVIOUS_PAGE}">{L_PREVIOUS}</a>&nbsp;&nbsp;<!-- ENDIF -->{PAGINATION}<!-- IF NEXT_PAGE -->&nbsp;&nbsp;<a href="{NEXT_PAGE}">{L_NEXT}</a><!-- ENDIF --></b><!-- ENDIF --></td>
 		</tr>
 		</table>
 

phpBB/styles/subSilver/template/viewonline_body.html

@@ -8,7 +8,7 @@
 	<table width="100%" cellspacing="1">
 	<tr>
 		<td class="nav" valign="middle" nowrap="nowrap">&nbsp;{PAGE_NUMBER}<br /></td>
-		<td class="gensmall" width="100%" align="right" nowrap="nowrap"><b><a href="javascript:jumpto();">{L_GOTO_PAGE}</a> <!-- IF PREVIOUS_PAGE --><a href="{PREVIOUS_PAGE}">{L_PREVIOUS}</a>&nbsp;&nbsp;<!-- ENDIF -->{PAGINATION}<!-- IF NEXT_PAGE -->&nbsp;&nbsp;<a href="{NEXT_PAGE}">{L_NEXT}</a><!-- ENDIF --></b></td>
+		<td class="gensmall" width="100%" align="right" nowrap="nowrap"><b><a href="#" onclick="jumpto(); return false;" title="{L_JUMP_TO_PAGE}">{L_GOTO_PAGE}</a> <!-- IF PREVIOUS_PAGE --><a href="{PREVIOUS_PAGE}">{L_PREVIOUS}</a>&nbsp;&nbsp;<!-- ENDIF -->{PAGINATION}<!-- IF NEXT_PAGE -->&nbsp;&nbsp;<a href="{NEXT_PAGE}">{L_NEXT}</a><!-- ENDIF --></b></td>
 	</tr>
 	</table>
 <!-- ENDIF -->
@@ -38,7 +38,7 @@
 	<table width="100%" cellspacing="1">
 	<tr>
 		<td class="nav" valign="middle" nowrap="nowrap">&nbsp;{PAGE_NUMBER}<br /></td>
-		<td class="gensmall" width="100%" align="right" nowrap="nowrap"><b><a href="javascript:jumpto();">{L_GOTO_PAGE}</a> <!-- IF PREVIOUS_PAGE --><a href="{PREVIOUS_PAGE}">{L_PREVIOUS}</a>&nbsp;&nbsp;<!-- ENDIF -->{PAGINATION}<!-- IF NEXT_PAGE -->&nbsp;&nbsp;<a href="{NEXT_PAGE}">{L_NEXT}</a><!-- ENDIF --></b></td>
+		<td class="gensmall" width="100%" align="right" nowrap="nowrap"><b><a href="#" onclick="jumpto(); return false;" title="{L_JUMP_TO_PAGE}">{L_GOTO_PAGE}</a> <!-- IF PREVIOUS_PAGE --><a href="{PREVIOUS_PAGE}">{L_PREVIOUS}</a>&nbsp;&nbsp;<!-- ENDIF -->{PAGINATION}<!-- IF NEXT_PAGE -->&nbsp;&nbsp;<a href="{NEXT_PAGE}">{L_NEXT}</a><!-- ENDIF --></b></td>
 	</tr>
 	</table>
 <!-- ENDIF -->

phpBB/styles/subSilver/template/viewtopic_body.html

@@ -35,7 +35,7 @@
 		<!-- IF TOTAL_POSTS -->
 			<td class="nav" valign="middle" nowrap="nowrap">&nbsp;{PAGE_NUMBER}<br /></td>
 			<td class="gensmall" nowrap="nowrap">&nbsp;[ {TOTAL_POSTS} ]&nbsp;</td>
-			<td class="gensmall" width="100%" align="right" nowrap="nowrap"><!-- IF PAGINATION --><b><a href="javascript:jumpto();">{L_GOTO_PAGE}</a> <!-- IF PREVIOUS_PAGE --><a href="{PREVIOUS_PAGE}">{L_PREVIOUS}</a>&nbsp;&nbsp;<!-- ENDIF -->{PAGINATION}<!-- IF NEXT_PAGE -->&nbsp;&nbsp;<a href="{NEXT_PAGE}">{L_NEXT}</a><!-- ENDIF --></b><!-- ENDIF --></td>
+			<td class="gensmall" width="100%" align="right" nowrap="nowrap"><!-- IF PAGINATION --><b><a href="#" onclick="jumpto(); return false;" title="{L_JUMP_TO_PAGE}">{L_GOTO_PAGE}</a> <!-- IF PREVIOUS_PAGE --><a href="{PREVIOUS_PAGE}">{L_PREVIOUS}</a>&nbsp;&nbsp;<!-- ENDIF -->{PAGINATION}<!-- IF NEXT_PAGE -->&nbsp;&nbsp;<a href="{NEXT_PAGE}">{L_NEXT}</a><!-- ENDIF --></b><!-- ENDIF --></td>
 		<!-- ENDIF -->
 	</tr>
 	</table>
@@ -297,7 +297,7 @@
 		<!-- IF TOTAL_POSTS -->
 			<td class="nav" valign="middle" nowrap="nowrap">&nbsp;{PAGE_NUMBER}<br /></td>
 			<td class="gensmall" nowrap="nowrap">&nbsp;[ {TOTAL_POSTS} ]&nbsp;</td>
-			<td class="gensmall" width="100%" align="right" nowrap="nowrap"><!-- IF PAGINATION --><b><a href="javascript:jumpto();">{L_GOTO_PAGE}</a> <!-- IF PREVIOUS_PAGE --><a href="{PREVIOUS_PAGE}">{L_PREVIOUS}</a>&nbsp;&nbsp;<!-- ENDIF -->{PAGINATION}<!-- IF NEXT_PAGE -->&nbsp;&nbsp;<a href="{NEXT_PAGE}">{L_NEXT}</a><!-- ENDIF --></b><!-- ENDIF --></td>
+			<td class="gensmall" width="100%" align="right" nowrap="nowrap"><!-- IF PAGINATION --><b><a href="#" onclick="jumpto(); return false;" title="{L_JUMP_TO_PAGE}">{L_GOTO_PAGE}</a> <!-- IF PREVIOUS_PAGE --><a href="{PREVIOUS_PAGE}">{L_PREVIOUS}</a>&nbsp;&nbsp;<!-- ENDIF -->{PAGINATION}<!-- IF NEXT_PAGE -->&nbsp;&nbsp;<a href="{NEXT_PAGE}">{L_NEXT}</a><!-- ENDIF --></b><!-- ENDIF --></td>
 		<!-- ENDIF -->
 	</tr>
 	</table>