diff --git a/phpBB/admin/pagestart.php b/phpBB/admin/pagestart.php index acc1b85494..2590bf88ff 100644 --- a/phpBB/admin/pagestart.php +++ b/phpBB/admin/pagestart.php @@ -55,6 +55,7 @@ if ($HTTP_GET_VARS['sid'] != $userdata['session_id']) $url = preg_replace('/sid=([^&]*)(&?)/i', '', $url); $url = preg_replace('/\?$/', '', $url); $url .= ((strpos($url, '?')) ? '&' : '?') . 'sid=' . $userdata['session_id']; + redirect($url); } diff --git a/phpBB/includes/usercp_register.php b/phpBB/includes/usercp_register.php index 8de79e956d..74933c2f42 100644 --- a/phpBB/includes/usercp_register.php +++ b/phpBB/includes/usercp_register.php @@ -330,8 +330,8 @@ if ( isset($HTTP_POST_VARS['submit']) ) { if ( empty($username) ) { + // Error is already triggered, since one field is empty. $error = TRUE; - $error_msg .= ( ( isset($error_msg) ) ? '
' : '' ) . $lang['Username_disallowed']; } else if ( $username != $userdata['username'] || $mode == 'register' ) { @@ -367,7 +367,6 @@ if ( isset($HTTP_POST_VARS['submit']) ) $signature = prepare_message($signature, $allowhtml, $allowbbcode, $allowsmilies, $signature_bbcode_uid); } - //?? if ( $website != '' ) { rawurlencode($website); diff --git a/phpBB/language/lang_english/lang_admin.php b/phpBB/language/lang_english/lang_admin.php index 6385cfe3ca..31b516d5b3 100644 --- a/phpBB/language/lang_english/lang_admin.php +++ b/phpBB/language/lang_english/lang_admin.php @@ -251,7 +251,7 @@ $lang['Server_port_explain'] = 'The port your server is running on, usually 80. $lang['Site_name'] = 'Site name'; $lang['Site_desc'] = 'Site description'; $lang['Board_disable'] = 'Disable board'; -$lang['Board_disable_explain'] = 'This will make the board unavailable to users. Do not log out when you disable the board because you will not be able to log back in!'; +$lang['Board_disable_explain'] = 'This will make the board unavailable to users. Administrators are able to access the Administration Panel while the board is disabled.'; $lang['Acct_activation'] = 'Enable account activation'; $lang['Acc_None'] = 'None'; // These three entries are the type of activation $lang['Acc_User'] = 'User'; diff --git a/phpBB/login.php b/phpBB/login.php index 11090f2327..7bf6941909 100644 --- a/phpBB/login.php +++ b/phpBB/login.php @@ -55,6 +55,7 @@ if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($ if( ( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) ) && !$userdata['session_logged_in'] ) { $username = isset($HTTP_POST_VARS['username']) ? trim(htmlspecialchars($HTTP_POST_VARS['username'])) : ''; + $username = substr(str_replace("\'", "'", $username), 0, 25); $password = isset($HTTP_POST_VARS['password']) ? $HTTP_POST_VARS['password'] : ''; $sql = "SELECT user_id, username, user_password, user_active, user_level