Let's break lots of things

git-svn-id: file:///svn/phpbb/trunk@4578 89ea8834-ac86-4346-8a33-228a782c2dd0
2025-06-28 14:18:52 +00:00 · 2003-10-12 11:59:23 +00:00 · 2003-10-12 11:59:23 +00:00 · eeb4907112
commit eeb4907112
parent 3bd4218780
21 changed files with 353 additions and 334 deletions
--- a/phpBB/common.php
+++ b/phpBB/common.php
@ -33,13 +33,13 @@ if (@ini_get('register_globals'))
 }
 // If magic quotes is off, addslashes
-if (!get_magic_quotes_gpc())
+/*if (!get_magic_quotes_gpc())
 {
 	$_GET = slash_input_data($_GET);
 	$_POST = slash_input_data($_POST);
 	$_REQUEST = slash_input_data($_REQUEST);
 	$_COOKIE = slash_input_data($_COOKIE);
-}
+}*/
 require($phpbb_root_path . 'config.'.$phpEx);
@ -110,6 +110,11 @@ define('POST_GLOBAL', 3);
 define('TRACK_NORMAL', 0); // not used at the moment
 define('TRACK_POSTED', 1);
 // Notify methods
 define('NOTIFY_EMAIL', 0);
 define('NOTIFY_IM', 1);
 define('NOTIFY_BOTH', 2);
 // Log types
 define('LOG_ADMIN', 0);
 define('LOG_MOD', 1);
@ -191,6 +196,8 @@ define('POLL_OPTIONS_TABLE', $table_prefix.'poll_results');
 define('POLL_VOTES_TABLE', $table_prefix.'poll_voters');
 define('ZEBRA_TABLE', $table_prefix.'zebra');
 define('STRIP', get_magic_quotes_gpc() ? true : false);
 // Set PHP error handler to ours
 set_error_handler('msg_handler');
@ -247,17 +254,6 @@ if (time() - $config['cache_interval'] >= $config['cache_last_gc'])
 }
 */
 // Handle email/cron queue.
 if (time() - $config['queue_interval'] >= $config['last_queue_run'] && !defined('IN_ADMIN'))
 {
 	if (file_exists($phpbb_root_path . 'cache/queue.' . $phpEx))
 	{
 		include($phpbb_root_path . 'includes/emailer.'.$phpEx);
 		$queue = new queue();
 		$queue->process();
 	}
 }
 // Warn about install/ directory
 if (file_exists('install'))
 {
--- a/phpBB/includes/bbcode.php
+++ b/phpBB/includes/bbcode.php
@ -184,7 +184,7 @@ class bbcode
 					));
 				break;
 				case 4:
-					if ($user->data['user_viewimg'])
+					if ($user->optionget('viewimg'))
 					{
 						$this->bbcode_cache[$bbcode_id] = array('preg' => array(
 							'#\[img:$uid\](.*?)\[/img:$uid\]#s'		=>	$this->bbcode_tpl('img', $bbcode_id)
@ -240,7 +240,7 @@ class bbcode
 					));
 				break;
 				case 11:
-					if ($user->data['user_viewflash'])
+					if ($user->optionget('viewflash'))
 					{
 						$this->bbcode_cache[$bbcode_id] = array('preg' => array(
 							'#\[flash=([0-9]+),([0-9]+):$uid\](.*?)\[/flash:$uid\]#'	=>	$this->bbcode_tpl('flash', $bbcode_id)
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@ -32,7 +32,11 @@ function request_var($var_name, $default)
 				if ($type == 'string')
 				{
-					$var[$k] = htmlspecialchars(trim(stripslashes(preg_replace(array("#[ \xFF]{2,}#s", "#[\r\n]{2,}#s"), array(' ', "\n"), $var[$k]))));
+					$var[$k] = htmlspecialchars(trim(preg_replace(array("#[ \xFF]{2,}#s", "#[\r\n]{2,}#s"), array(' ', "\n"), $var[$k])));
 					if (STRIP)
 					{
 						$var[$k] = stripslashes($var[$k]);
 					}
 				}
 			}
 		}
@ -44,7 +48,11 @@ function request_var($var_name, $default)
 			// not generally applicable elsewhere
 			if ($type == 'string')
 			{
-				$var = htmlspecialchars(trim(stripslashes(preg_replace(array("#[ \xFF]{2,}#s", "#[\r\n]{2,}#s"), array(' ', "\n"), $var))));
+				$var = htmlspecialchars(trim(preg_replace(array("#[ \xFF]{2,}#s", "#[\r\n]{2,}#s"), array(' ', "\n"), $var)));
 				if (STRIP)
 				{
 					$var = stripslashes($var);
 				}
 			}
 		}
@ -205,7 +213,7 @@ function discover_auth($user_id_ary, $opts = false, $forum_id = false)
 		$user_id_ary = array($user_id_ary);
 	}
-	$sql_forum = ($forum_id) ? ((!is_array($forum_id)) ? "AND a.forum_id = $forum_id" : implode(', ', $forum_id)) : '';
+	$sql_forum = ($forum_id) ? ((!is_array($forum_id)) ? "AND a.forum_id = $forum_id" : 'AND a.forum_id IN (' . implode(', ', $forum_id) . ')') : '';
 	$sql_opts = ($opts) ? ((!is_array($opts)) ? "AND ao.auth_option = '$opts'" : 'AND ao.auth_option IN (' . implode(', ', preg_replace('#^[\s]*?(.*?)[\s]*?$#e', "\"'\" . $db->sql_escape('\\1') . \"'\"", $opts)) . ')') : '';
 	$hold_ary = array();
@ -241,7 +249,7 @@ function discover_auth($user_id_ary, $opts = false, $forum_id = false)
 	while ($row = $db->sql_fetchrow($result))
 	{
-		if (!isset($hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']]) || (isset($hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']]) && $hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']] !== ACL_NO))
+		if (!isset($hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']]) || (isset($hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']]) && $hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']] != ACL_NO))
 		{
 			$hold_ary[$row['user_id']][$row['forum_id']][$row['auth_option']] = $row['min_setting']; 
 		}
@ -256,7 +264,7 @@ function gen_forum_rules($mode, &$forum_id)
 {
 	global $SID, $template, $auth, $user;
-	$rules = array('post', 'reply', 'lock', 'edit', 'delete', 'attach', 'download');
+	$rules = array('post', 'reply', 'edit', 'delete', 'attach');
 	foreach ($rules as $rule)
 	{
@ -448,7 +456,7 @@ function watch_topic_forum($mode, &$s_watching, &$s_watching_img, $user_id, $mat
 	$u_url = ($mode == 'forum') ? 'f' : 't';
 	// Is user watching this thread?
-	if ($user_id)
+	if ($user_id != ANONYMOUS)
 	{
 		$can_watch = TRUE;
@ -818,7 +826,7 @@ function obtain_word_list(&$censors)
 {
 	global $db, $cache, $user;
-	if (!$user->optionget('viewcensors') && !$user->data['coppa'] && $config['allow_nocensors'])
+	if (!$user->optionget('viewcensors') && $config['allow_nocensors'])
 	{
 		return;
 	}
@ -1022,6 +1030,10 @@ function login_box($s_action, $s_hidden_fields = '', $login_explain = '')
 		if (($result = $auth->login($_POST['username'], $_POST['password'], $autologin, $viewonline)) === true)
 		{
 			// TODO
 			// Force change password ... plugin for EVENT_LOGIN in future
 			// but for now we'll do it here
 			return true;
 		}
@ -1369,18 +1381,18 @@ function page_header($page_title = '')
 		}
 		else
 		{
-			$l_privmsgs_text = $user->lang['No_new_pm'];
+			$l_privmsgs_text = $user->lang['NO_NEW_PM'];
 			$s_privmsg_new = 0;
 		}
 		if ($user->data['user_unread_privmsg'])
 		{
-			$l_message_unread = ($user->data['user_unread_privmsg'] == 1) ? $user->lang['Unread_pm'] : $user->lang['Unread_pms'];
+			$l_message_unread = ($user->data['user_unread_privmsg'] == 1) ? $user->lang['UNREAD_PM'] : $user->lang['UNREAD_PMS'];
 			$l_privmsgs_text_unread = sprintf($l_message_unread, $user->data['user_unread_privmsg']);
 		}
 		else
 		{
-			$l_privmsgs_text_unread = $user->lang['No_unread_pm'];
+			$l_privmsgs_text_unread = $user->lang['NO_UNREAD_PM'];
 		}
 	}
@ -1423,7 +1435,7 @@ function page_header($page_title = '')
 		'U_SEARCH_UNANSWERED'	=> 'search.'.$phpEx.$SID.'&amp;search_id=unanswered',
 		'S_USER_LOGGED_IN' 		=> ($user->data['user_id'] != ANONYMOUS) ? true : false,
-		'S_USER_PM_POPUP' 		=> ($user->optionget('popuppm')) ? true : false,
+		'S_USER_PM_POPUP' 		=> $user->optionget('popuppm'),
 		'S_USER_BROWSER' 		=> $user->data['session_browser'],
 		'S_CONTENT_DIRECTION' 	=> $user->lang['DIRECTION'],
 		'S_CONTENT_ENCODING' 	=> $user->lang['ENCODING'],
@ -1455,7 +1467,7 @@ function page_header($page_title = '')
 function page_footer()
 {
-	global $db, $config, $template, $SID, $user, $auth, $cache, $starttime, $phpEx;
+	global $db, $config, $template, $SID, $user, $auth, $cache, $messenger, $starttime, $phpbb_root_path, $phpEx;
 	// Output page creation time
 	if (defined('DEBUG'))
@ -1472,7 +1484,7 @@ function page_footer()
 		if ($auth->acl_get('a_'))
 		{
-			$debug_output .= ' | <a href="' . htmlspecialchars($_SERVER['REQUEST_URI']) . '&amp;explain=1">Explain</a>';
+			$debug_output .= ' | <a href="' . request_var($_SERVER['REQUEST_URI'], "index.$phpEx$SID") . '&amp;explain=1">Explain</a>';
 		}
 		$debug_output .= ' ]';
 	}
@ -1485,6 +1497,17 @@ function page_footer()
 	$template->display('body');
 	// Handle email/cron queue.
 	if (time() - $config['queue_interval'] >= $config['last_queue_run'] && !defined('IN_ADMIN'))
 	{
 		if (file_exists($phpbb_root_path . 'cache/queue.' . $phpEx))
 		{
 			include_once($phpbb_root_path . 'includes/functions_messenger.'.$phpEx);
 			$queue = new queue();
 			$queue->process();
 		}
 	}
 	// Unload cache, must be done before the DB connection if closed
 	if (!empty($cache))
 	{
--- a/phpBB/includes/functions_admin.php
+++ b/phpBB/includes/functions_admin.php
@ -1707,18 +1707,18 @@ function add_log()
 	switch ($mode)
 	{
 		case 'admin':
-			$sql = "INSERT INTO " . LOG_TABLE . " (log_type, user_id, log_ip, log_time, log_operation, log_data)
+			$sql = 'INSERT INTO ' . LOG_TABLE . ' (log_type, user_id, log_ip, log_time, log_operation, log_data)
-				VALUES (" . LOG_ADMIN . ", " . $user->data['user_id'] . ", '$user->ip', " . time() . ", '$action', '$data')";
+				VALUES (' . LOG_ADMIN . ', ' . $user->data['user_id'] . ", '$user->ip', " . time() . ", '$action', '$data')";
 			break;
 		case 'mod':
-			$sql = "INSERT INTO " . LOG_TABLE . " (log_type, user_id, forum_id, topic_id, log_ip, log_time, log_operation, log_data)
+			$sql = 'INSERT INTO ' . LOG_TABLE . ' (log_type, user_id, forum_id, topic_id, log_ip, log_time, log_operation, log_data)
-				VALUES (" . LOG_MOD . ", " . $user->data['user_id'] . ", $forum_id, $topic_id, '$user->ip', " . time() . ", '$action', '$data')";
+				VALUES (' . LOG_MOD . ', ' . $user->data['user_id'] . ", $forum_id, $topic_id, '$user->ip', " . time() . ", '$action', '$data')";
 			break;
 		case 'critical':
-			$sql = "INSERT INTO " . LOG_TABLE . " (log_type, user_id, log_ip, log_time, log_operation, log_data)
+			$sql = 'INSERT INTO ' . LOG_TABLE . ' (log_type, user_id, log_ip, log_time, log_operation, log_data)
-				VALUES (" . LOG_CRITICAL . ", " . $user->data['user_id'] . ", '$user->ip', " . time() . ", '$action', '$data')";
+				VALUES (' . LOG_CRITICAL . ', ' . $user->data['user_id'] . ", '$user->ip', " . time() . ", '$action', '$data')";
 			break;
 		default:
--- a/phpBB/includes/functions_messenger.php
+++ b/phpBB/includes/functions_messenger.php
@ -821,6 +821,35 @@ function server_parse($socket, $response)
 	return 0;
 }
 // Encodes the given string for proper display for this encoding ... nabbed 
 // from php.net and modified. There is an alternative encoding method which 
 // may produce less output but it's questionable as to its worth in this 
 // scenario IMO
 function mail_encode($str)
 {
 	if ($this->encoding == '')
 	{
 		return $str;
 	}
 	// define start delimimter, end delimiter and spacer
 	$end = "?=";
 	$start = "=?$this->encoding?B?";
 	$spacer = "$end\r\n $start";
 	// determine length of encoded text within chunks and ensure length is even
 	$length = 75 - strlen($start) - strlen($end);
 	$length = floor($length / 2) * 2;
 	// encode the string and split it into chunks with spacers after each chunk
 	$str = chunk_split(base64_encode($str), $length, $spacer);
 	// remove trailing spacer and add start and end delimiters
 	$str = preg_replace('#' . preg_quote($spacer) . '$#', '', $str);
 	return $start . $str . $end;
 }
 function md5_digest()
 {
 }
--- a/phpBB/includes/functions_posting.php
+++ b/phpBB/includes/functions_posting.php
@ -29,6 +29,7 @@ function generate_smilies($mode, $forum_id)
 			WHERE forum_id = $forum_id";
 		$result = $db->sql_query_limit($sql, 1);
 		$row = $db->sql_fetchrow($result);
 		$db->sql_freeresult($result);
 		$user->setup(FALSE, (int) $row['forum_style']);
@ -46,10 +47,13 @@ function generate_smilies($mode, $forum_id)
 			FROM ' . SMILIES_TABLE . '
 			WHERE display_on_posting = 0';
 		$result = $db->sql_query_limit($sql, 1, 0, 3600);
 		$row = $db->sql_fetchrow($result);
 		if ($row = $db->sql_fetchrow($result))
 		{
 			$display_link = TRUE;
 		}
 		$db->sql_freeresult($result);
 	}
 	$sql = 'SELECT *
--- a/phpBB/includes/message_parser.php
+++ b/phpBB/includes/message_parser.php
@ -957,9 +957,6 @@ class fulltext_search
 			return;
 		}
 //		$mtime = explode(' ', microtime());
 //		$starttime = $mtime[1] + $mtime[0];
 		// Split old and new post/subject to obtain array of 'words'
 		$stopped_words = array();
 		$split_text = $this->split_words('post', $message, $stopped_words);
@ -1089,9 +1086,6 @@ class fulltext_search
 		unset($words);
 //		$mtime = explode(' ', microtime());
 //		echo "Search parser time taken >> " . ($mtime[1] + $mtime[0] - $starttime);
 		// Run the cleanup infrequently, once per session cleanup
 		if ($config['search_last_gc'] < time() - $config['search_gc'])
 		{
--- a/phpBB/includes/session.php
+++ b/phpBB/includes/session.php
@ -33,14 +33,14 @@ class session
 		if (isset($_COOKIE[$config['cookie_name'] . '_sid']) || isset($_COOKIE[$config['cookie_name'] . '_data']))
 		{
-			$sessiondata = (isset($_COOKIE[$config['cookie_name'] . '_data'])) ? unserialize(stripslashes($_COOKIE[$config['cookie_name'] . '_data'])) : '';
+			$sessiondata = unserialize(request_var($config['cookie_name'] . '_data', ''));
-			$this->session_id = (isset($_COOKIE[$config['cookie_name'] . '_sid'])) ? $_COOKIE[$config['cookie_name'] . '_sid'] : '';
+			$this->session_id = request_var($config['cookie_name'] . '_sid', '');
 			$SID = (defined('NEED_SID')) ? '?sid=' . $this->session_id : '?sid=';
 		}
 		else
 		{
 			$sessiondata = '';
-			$this->session_id = (isset($_GET['sid'])) ? $_GET['sid'] : '';
+			$this->session_id = request_var('sid', '');
 			$SID = '?sid=' . $this->session_id;
 		}
@ -65,11 +65,11 @@ class session
 		// Load limit check (if applicable)
 		if (@file_exists('/proc/loadavg'))
 		{
-			if ($config['limit_load'] && $load = @file('/proc/loadavg'))
+			if ($load = @file('/proc/loadavg'))
 			{
 				list($this->load) = explode(' ', $load[0]);
-				if ($this->load > doubleval($config['limit_load']))
+				if ($config['limit_load'] && $this->load > doubleval($config['limit_load']))
 				{
 					trigger_error('BOARD_UNAVAILABLE');
 				}
@ -138,7 +138,7 @@ class session
 		$sessiondata = array();
 		$current_time = time();
-		if (intval($config['active_sessions']))
+		if ($config['active_sessions'])
 		{
 			// Limit sessions in 1 minute period
 			$sql = 'SELECT COUNT(*) AS sessions
@ -302,7 +302,7 @@ class session
 		if ($this->data['user_id'] != ANONYMOUS)
 		{
-			// Trigger EVT_END_SESSION
+			// Trigger EVENT_END_SESSION
 		}
 		return true;
@ -721,7 +721,7 @@ class auth
 		while ($row = $db->sql_fetchrow($result))
 		{
-			if (!isset($hold_ary[$row['forum_id']][$row['auth_option']]) || (isset($hold_ary[$row['forum_id']][$row['auth_option']]) && $hold_ary[$row['forum_id']][$row['auth_option']] !== ACL_NO))
+			if (!isset($hold_ary[$row['forum_id']][$row['auth_option']]) || (isset($hold_ary[$row['forum_id']][$row['auth_option']]) && $hold_ary[$row['forum_id']][$row['auth_option']] != ACL_NO))
 			{
 				$hold_ary[$row['forum_id']][$row['auth_option']] = $row['min_setting']; 
 			}
--- a/phpBB/includes/ucp/ucp_activate.php
+++ b/phpBB/includes/ucp/ucp_activate.php
@ -35,7 +35,7 @@ class ucp_activate extends module
 			{
 				$sql_update_pass = ($row['user_newpasswd'] != '') ? ", user_password = '" . $db->sql_escape($row['user_newpasswd']) . "', user_newpasswd = ''" : '';
-				$sql = "UPDATE " . USERS_TABLE . "
+				$sql = 'UPDATE ' . USERS_TABLE . "
 					SET user_active = 1, user_actkey = ''" . $sql_update_pass . "
 					WHERE user_id = " . $row['user_id'];
 				$result = $db->sql_query($sql);
@ -63,7 +63,7 @@ class ucp_activate extends module
 				else
 				{
 					meta_refresh(3, "index.$phpEx$SID");
-					$message = ($sql_update_pass == '') ? $user->lang['Account_active'] : $user->lang['Password_activated'];
+					$message = (!$sql_update_pass) ? $user->lang['ACCOUNT_ACTIVE'] : $user->lang['PASSWORD_ACTIVATED'];
 					trigger_error($message);
 				}
--- a/phpBB/includes/ucp/ucp_prefs.php
+++ b/phpBB/includes/ucp/ucp_prefs.php
@ -35,8 +35,10 @@ class ucp_prefs extends module
 						'viewemail'		=> false, 
 						'massemail'		=> true, 
 						'hideonline'	=> false, 
 						'notifymethod'	=> 0, 
 						'notifypm'		=> true, 
 						'popuppm'		=> false, 
 						'allowpm'		=> true, 
 					);
 					foreach ($var_ary as $var => $default)
@ -54,14 +56,19 @@ class ucp_prefs extends module
 					extract($data);
 					unset($data);
 					// Set the popuppm option
 					$user->optionset('popuppm', $popuppm);
 					if (!sizeof($error))
 					{
 						$sql_ary = array(
 							'user_allow_pm'			=> $allowpm, 
 							'user_allow_viewemail'	=> $viewemail, 
 							'user_allow_massemail'	=> $massemail, 
 							'user_allow_viewonline'	=> ($auth->acl_get('u_hideonline')) ? !$hideonline : $user->data['user_allow_viewonline'], 
 							'user_notify_type'		=> $notifymethod, 
 							'user_notify_pm'		=> $notifypm,
-							'user_popup_pm'			=> $popuppm,
+							'user_options'			=> $user->data['user_options'], 
 							'user_dst'				=> $dst,
 							'user_dateformat'		=> $dateformat,
@ -87,20 +94,24 @@ class ucp_prefs extends module
 				$massemail = (isset($massemail)) ? $massemail : $user->data['user_allow_massemail'];
 				$mass_email_yes = ($massemail) ? ' checked="checked"' : '';
 				$mass_email_no = (!$massemail) ? ' checked="checked"' : '';
 				$allowpm = (isset($allowpm)) ? $allowpm : $user->data['user_allow_pm'];
 				$allow_pm_yes = ($allowpm) ? ' checked="checked"' : '';
 				$allow_pm_no = (!$allowpm) ? ' checked="checked"' : '';
 				$hideonline = (isset($hideonline)) ? $hideonline : !$user->data['user_allow_viewonline'];
 				$hide_online_yes = ($hideonline) ? ' checked="checked"' : '';
 				$hide_online_no = (!$hideonline) ? ' checked="checked"' : '';
 				$notifypm = (isset($notifypm)) ? $notifypm : $user->data['user_notify_pm'];
 				$notify_pm_yes = ($notifypm) ? ' checked="checked"' : '';
 				$notify_pm_no = (!$notifypm) ? ' checked="checked"' : '';
-				$popuppm = (isset($popuppm)) ? $popuppm : $user->data['user_popup_pm'];
+				$popuppm = (isset($popuppm)) ? $popuppm : $user->optionget('popuppm');
 				$popup_pm_yes = ($popuppm) ? ' checked="checked"' : '';
 				$popup_pm_no = (!$popuppm) ? ' checked="checked"' : '';
 				$dst = (isset($dst)) ? $dst : $user->data['user_dst'];
 				$dst_yes = ($dst) ? ' checked="checked"' : '';
 				$dst_no = (!$dst) ? ' checked="checked"' : '';
 				$dateformat = (isset($dateformat)) ? $dateformat : $user->data['user_dateformat'];
 				$notifymethod = (isset($notifymethod)) ? $notifymethod : $user->data['user_notify_type'];
 				$dateformat = (isset($dateformat)) ? $dateformat : $user->data['user_dateformat'];
 				$lang = (isset($lang)) ? $lang : $user->data['user_lang'];
 				$style = (isset($style)) ? $style : $user->data['user_style'];
 				$tz = (isset($tz)) ? $tz : $user->data['user_timezone'];
@ -114,12 +125,17 @@ class ucp_prefs extends module
 					'ADMIN_EMAIL_NO'	=> $mass_email_no, 
 					'HIDE_ONLINE_YES'	=> $hide_online_yes, 
 					'HIDE_ONLINE_NO'	=> $hide_online_no, 
 					'ALLOW_PM_YES'		=> $allow_pm_yes, 
 					'ALLOW_PM_NO'		=> $allow_pm_no, 
 					'NOTIFY_PM_YES'		=> $notify_pm_yes, 
 					'NOTIFY_PM_NO'		=> $notify_pm_no, 
 					'POPUP_PM_YES'		=> $popup_pm_yes, 
 					'POPUP_PM_NO'		=> $popup_pm_no, 
 					'DST_YES'			=> $dst_yes, 
 					'DST_NO'			=> $dst_no, 
 					'NOTIFY_EMAIL'		=> ($notifymethod == NOTIFY_EMAIL) ? 'checked="checked"' : '', 
 					'NOTIFY_IM'			=> ($notifymethod == NOTIFY_IM) ? 'checked="checked"' : '', 
 					'NOTIFY_BOTH'		=> ($notifymethod == NOTIFY_BOTH) ? 'checked="checked"' : '', 
 					'DATE_FORMAT'		=> $dateformat, 
@ -127,6 +143,7 @@ class ucp_prefs extends module
 					'S_STYLE_OPTIONS'	=> style_select($style),
 					'S_TZ_OPTIONS'		=> tz_select($tz),
 					'S_CAN_HIDE_ONLINE'	=> true, 
 					'S_SELECT_NOTIFY'	=> ($config['jab_enable'] && $user->data['user_jabber'] && @extension_loaded('xml')) ? true : false, 
 					)
 				);
 				break;
@ -140,6 +157,7 @@ class ucp_prefs extends module
 						'sd'		=> (string) 'd', 
 						'st'		=> 0,
 						'minkarma'	=> (int) -5, 
 						'images'	=> true, 
 						'flash'		=> false, 
 						'smilies'	=> true, 
@ -164,13 +182,18 @@ class ucp_prefs extends module
 					if (!sizeof($error))
 					{
 						$user->optionset('viewimg', $images);
 						$user->optionset('viewflash', $flash);
 						$user->optionset('viewsmilies', $smilies);
 						$user->optionset('viewsigs', $sigs);
 						$user->optionset('viewavatars', $avatars);
 						if ($auth->acl_get('u_chgcensors'))
 						{
 							$user->optionset('viewcensors', $wordcensor);
 						}
 						$sql_ary = array(
-							'user_viewimg'		=> $images,
+							'user_options'		=> $user->data['user_options'], 
 							'user_viewflash'	=> $flash,
 							'user_viewsmilies'	=> $smilies,
 							'user_viewsigs'		=> $sigs,
 							'user_viewavatars'	=> $avatars,
 							'user_viewcensors'	=> ($auth->acl_get('u_chgcensors')) ? $wordcensor : $user->data['user_viewcensors'],
 							'user_sortby_type'	=> $sk,
 							'user_sortby_dir'	=> $sd,
 							'user_show_days'	=> $st, 
@ -209,22 +232,22 @@ class ucp_prefs extends module
 					$s_min_karma_options .= "<option value=\"$i\"$selected>$i</option>";
 				}
-				$images = (isset($images)) ? $images : $user->data['user_viewimg'];
+				$images = (isset($images)) ? $images : $user->optionget('viewimg');
 				$images_yes = ($images) ? ' checked="checked"' : '';
 				$images_no = (!$images) ? ' checked="checked"' : '';
-				$flash = (isset($flash)) ? $flash : $user->data['user_viewflash'];
+				$flash = (isset($flash)) ? $flash : $user->optionget('viewflash');
 				$flash_yes = ($flash) ? ' checked="checked"' : '';
 				$flash_no = (!$flash) ? ' checked="checked"' : '';
-				$smilies = (isset($smilies)) ? $smilies : $user->data['user_viewsmilies'];
+				$smilies = (isset($smilies)) ? $smilies : $user->optionget('viewsmilies');
 				$smilies_yes = ($smilies) ? ' checked="checked"' : '';
 				$smilies_no = (!$smilies) ? ' checked="checked"' : '';
-				$sigs = (isset($sigs)) ? $sigs : $user->data['user_viewsigs'];
+				$sigs = (isset($sigs)) ? $sigs : $user->optionget('viewsigs');
 				$sigs_yes = ($sigs) ? ' checked="checked"' : '';
 				$sigs_no = (!$sigs) ? ' checked="checked"' : '';
-				$avatars = (isset($avatars)) ? $avatars : $user->data['user_viewavatars'];
+				$avatars = (isset($avatars)) ? $avatars : $user->optionget('viewavatars');
 				$avatars_yes = ($avatars) ? ' checked="checked"' : '';
 				$avatars_no = (!$avatars) ? ' checked="checked"' : '';
-				$wordcensor = (isset($wordcensor)) ? $wordcensor : $user->data['user_viewcensors'];
+				$wordcensor = (isset($wordcensor)) ? $wordcensor : $user->optionget('viewcensors');
 				$wordcensor_yes = ($wordcensor) ? ' checked="checked"' : '';
 				$wordcensor_no = (!$wordcensor) ? ' checked="checked"' : '';
@ -270,14 +293,16 @@ class ucp_prefs extends module
 						$$var = request_var($var, $default);
 					}
 					$user->optionset('bbcode', $bbcode);
 					$user->optionset('html', $html);
 					$user->optionset('smile', $smilies);
 					$user->optionset('attachsig', $sig);
 					if (!sizeof($error))
 					{
 						$sql_ary = array(
-							'user_allowbbcode'	=> $bbcode,
+							'user_options'	=> $user->data['user_options'],
-							'user_allowhtml'	=> $html,
+							'user_notify'	=> $notify,
 							'user_allowsmile'	=> $smilies,
 							'user_attachsig'	=> $sig,
 							'user_notify'		=> $notify,
 						);
 						$sql = 'UPDATE ' . USERS_TABLE . ' 
@ -291,16 +316,16 @@ class ucp_prefs extends module
 					}
 				}
-				$bbcode = (isset($bbcode)) ? $bbcode : $user->data['user_allowbbcode'];
+				$bbcode = (isset($bbcode)) ? $bbcode : $user->optionget('bbcode');
 				$bbcode_yes = ($bbcode) ? ' checked="checked"' : '';
 				$bbcode_no = (!$bbcode) ? ' checked="checked"' : '';
-				$html = (isset($html)) ? $html : $user->data['user_allowhtml'];
+				$html = (isset($html)) ? $html : $user->optionget('html');
 				$html_yes = ($html) ? ' checked="checked"' : '';
 				$html_no = (!$html) ? ' checked="checked"' : '';
-				$smilies = (isset($smilies)) ? $smilies : $user->data['user_allowsmile'];
+				$smilies = (isset($smilies)) ? $smilies : $user->optionget('smile');
 				$smilies_yes = ($smilies) ? ' checked="checked"' : '';
 				$smilies_no = (!$smilies) ? ' checked="checked"' : '';
-				$sig = (isset($sig)) ? $sig : $user->data['user_attachsig'];
+				$sig = (isset($sig)) ? $sig : $user->optionget('attachsig');
 				$sig_yes = ($sig) ? ' checked="checked"' : '';
 				$sig_no = (!$sig) ? ' checked="checked"' : '';
 				$notify = (isset($notify)) ? $notify : $user->data['user_notify'];
@ -325,14 +350,13 @@ class ucp_prefs extends module
 		}
 		$template->assign_vars(array( 
-			'L_TITLE'	=> $user->lang['UCP_' . strtoupper($mode)],
+			'L_TITLE'			=> $user->lang['UCP_' . strtoupper($mode)],
-			'S_DISPLAY_' . strtoupper($mode)	=> true, 
+			'S_HIDDEN_FIELDS'	=> $s_hidden_fields,
-			'S_HIDDEN_FIELDS'					=> $s_hidden_fields,
+			'S_UCP_ACTION'		=> "ucp.$phpEx$SID&amp;i=$id&amp;mode=$mode")
 			'S_UCP_ACTION'						=> "ucp.$phpEx$SID&amp;i=$id&amp;mode=$mode")
 		);
-		$this->display($user->lang['UCP_PROFILE'], 'ucp_prefs.html');
+		$this->display($user->lang['UCP_PROFILE'], 'ucp_prefs_' . $mode . '.html');
 	}
 }
--- a/phpBB/includes/ucp/ucp_register.php
+++ b/phpBB/includes/ucp/ucp_register.php
@ -321,7 +321,7 @@ class ucp_register extends module
 			{
 				if ($row['attempts'] > 3)
 				{
-//					trigger_error($user->lang['TOO_MANY_REGISTERS']);
+					trigger_error($user->lang['TOO_MANY_REGISTERS']);
 				}
 			}
 			$db->sql_freeresult($result);
--- a/phpBB/includes/ucp/ucp_remind.php
+++ b/phpBB/includes/ucp/ucp_remind.php
@ -17,7 +17,9 @@ class ucp_remind extends module
 	{
 		global $censors, $config, $db, $user, $auth, $SID, $template, $phpbb_root_path, $phpEx;
-		if (isset($_POST['submit']))
+		$submit = (isset($_POST['submit'])) ? true : false;
 		if ($submit)
 		{
 			$username = (!empty($_POST['username'])) ? trim($_POST['username']) : '';
 			$email = (!empty($_POST['email'])) ? trim($_POST['email']) : '';
@ -38,11 +40,11 @@ class ucp_remind extends module
 					$server_url = generate_board_url();
 					$username = $row['username'];
-					$user_actkey = $this->gen_rand_string(10);
+					$user_actkey = gen_rand_string(10);
 					$key_len = 54 - strlen($server_url);
 					$key_len = ($str_len > 6) ? $key_len : 6;
 					$user_actkey = substr($user_actkey, 0, $key_len);
-					$user_password = $this->gen_rand_string(false);
+					$user_password = gen_rand_string(false);
 					$sql = 'UPDATE ' . USERS_TABLE . "
 						SET user_newpasswd = '" . md5($user_password) . "', user_actkey = '$user_actkey'
@ -84,8 +86,7 @@ class ucp_remind extends module
 		}
 		else
 		{
-			$username = '';
+			$username = $email = '';
 			$email = '';
 		}
 		$template->assign_vars(array(
--- a/phpBB/includes/ucp/ucp_zebra.php
+++ b/phpBB/includes/ucp/ucp_zebra.php
@ -97,7 +97,7 @@ class ucp_zebra extends module
 							{
 								foreach ($forum_ary as $forum_id => $option_ary)
 								{
-									if (array_sum(array_values($forum_ary)))
+									if (array_sum(array_values($option_ary)))
 									{
 										$perms[] = $user_id;
 										break;
--- a/phpBB/install/schemas/mysql_schema.sql
+++ b/phpBB/install/schemas/mysql_schema.sql
@ -239,6 +239,7 @@ CREATE TABLE phpbb_groups (
   group_avatar_type tinyint(4),
   group_rank int(11) DEFAULT '0',
   group_colour varchar(6) DEFAULT '' NOT NULL,
   group_chgpass smallint(6) DEFAULT '0' NOT NULL, 
   group_description varchar(255) NOT NULL,
   PRIMARY KEY (group_id)
 );
@ -690,6 +691,7 @@ CREATE TABLE phpbb_users (
   user_regdate int(11) DEFAULT '0' NOT NULL,
   username varchar(30) DEFAULT '' NOT NULL,
   user_password varchar(32) DEFAULT '' NOT NULL,
   user_passchg int(11) DEFAULT '0' NOT NULL, 
   user_email varchar(60) DEFAULT '' NOT NULL,
   user_birthday varchar(10) DEFAULT '' NOT NULL,
   user_lastvisit int(11) DEFAULT '0' NOT NULL,
@ -697,6 +699,7 @@ CREATE TABLE phpbb_users (
   user_lastpage varchar(100) DEFAULT '' NOT NULL,
   user_karma tinyint(1) DEFAULT '0' NOT NULL,
   user_min_karma tinyint(1) DEFAULT '-5' NOT NULL,
   user_warnings tinyint(4) DEFAULT '0' NOT NULL, 
   user_colour varchar(6) DEFAULT '' NOT NULL,
   user_posts mediumint(8) UNSIGNED DEFAULT '0' NOT NULL,
   user_lang varchar(30) DEFAULT '' NOT NULL,
@ -712,26 +715,14 @@ CREATE TABLE phpbb_users (
   user_sortby_type varchar(1) DEFAULT '' NOT NULL,
   user_sortby_dir varchar(1) DEFAULT '' NOT NULL,
   user_show_days tinyint(1) DEFAULT '' NOT NULL,
   user_viewimg tinyint(1) DEFAULT '1' NOT NULL, 
   user_notify tinyint(1) DEFAULT '0' NOT NULL,
   user_notify_pm tinyint(1) DEFAULT '1' NOT NULL, 
-   user_popup_pm tinyint(1) DEFAULT '0' NOT NULL,
+   user_notify_type tinyint(4) DEFAULT '0' NOT NULL, 
   user_viewflash tinyint(1) DEFAULT '1' NOT NULL,
   user_viewsmilies tinyint(1) DEFAULT '1' NOT NULL,
   user_viewsigs tinyint(1) DEFAULT '1' NOT NULL,
   user_viewavatars tinyint(1) DEFAULT '1' NOT NULL,
   user_viewcensors tinyint(1) DEFAULT '1' NOT NULL,
   user_attachsig tinyint(1) DEFAULT '1' NOT NULL,
   user_allowhtml tinyint(1) DEFAULT '1' NOT NULL,
   user_allowbbcode tinyint(1) DEFAULT '1' NOT NULL,
   user_allowsmile tinyint(1) DEFAULT '1' NOT NULL,
   user_allowavatar tinyint(1) DEFAULT '1' NOT NULL,
   user_allow_pm tinyint(1) DEFAULT '1' NOT NULL,
   user_allow_email tinyint(1) DEFAULT '1' NOT NULL,
   user_allow_viewonline tinyint(1) DEFAULT '1' NOT NULL,
   user_allow_viewemail tinyint(1) DEFAULT '1' NOT NULL,
   user_allow_massemail tinyint(1) DEFAULT '1' NOT NULL,
-   user_options int(11) DEFAULT '1048565' NOT NULL, 
+   user_options int(11) DEFAULT '893' NOT NULL, 
   user_avatar varchar(100) DEFAULT '' NOT NULL,
   user_avatar_type tinyint(2) DEFAULT '0' NOT NULL,
   user_avatar_width tinyint(4) UNSIGNED DEFAULT '0' NOT NULL,
--- a/phpBB/language/en/lang_main.php
+++ b/phpBB/language/en/lang_main.php
@ -922,7 +922,7 @@ $lang += array(
 	'DEFAULT_ADD_SIG'	=> 'Attach my signature by default',
 	'DEFAULT_NOTIFY'	=> 'Notify me upon replies by default',
-	'PREFS_UPDATED'	=> 'Your preferences have been updated.', 
+	'PREFERENCES_UPDATED'	=> 'Your preferences have been updated.', 
 );
 // ucp_zebra
--- a/phpBB/memberlist.php
+++ b/phpBB/memberlist.php
@ -27,10 +27,10 @@ $auth->acl($user->data);
 $user->setup();
 // Grab data
-$mode		= (isset($_REQUEST['mode'])) ? htmlspecialchars($_REQUEST['mode']) : '';
+$mode		= request_var('mode', '');
-$action		= (isset($_REQUEST['action'])) ? htmlspecialchars($_REQUEST['action']) : '';
+$action		= request_var('action', '');
-$user_id	= (isset($_GET['u'])) ? intval($_GET['u']) : ANONYMOUS;
+$user_id	= request_var('u', ANONYMOUS);
-$topic_id	= (isset($_GET['t'])) ? intval($_GET['t']) : 0;
+$topic_id	= request_var('t', 0);
 switch ($mode)
 {
@ -52,27 +52,11 @@ switch ($mode)
 }
-$start	= (isset($_GET['start'])) ? intval($_GET['start']) : ((isset($_GET['page'])) ? (intval($_GET['page']) - 1) * $config['topics_per_page'] : 0);
+$start	= request_var('start', 0);
-$form	= (!empty($_GET['form'])) ? htmlspecialchars($_GET['form']) : 0;
+$submit = (isset($_POST['submit'])) ? true : false;
 $field	= (isset($_GET['field'])) ? htmlspecialchars($_GET['field']) : 'username';
-$sort_key = (!empty($_REQUEST['sk'])) ? htmlspecialchars($_REQUEST['sk']) : 'c';
+$sort_key = request_var('sk', 'c');
-$sort_dir = (!empty($_REQUEST['sd'])) ? htmlspecialchars($_REQUEST['sd']) : 'a';
+$sort_dir = request_var('sd', 'a');
 $username	= (!empty($_REQUEST['username'])) ? trim(htmlspecialchars($_REQUEST['username'])) : '';
 $email		= (!empty($_REQUEST['email'])) ? trim(htmlspecialchars($_REQUEST['email'])) : '';
 $icq		= (!empty($_REQUEST['icq'])) ? intval(htmlspecialchars($_REQUEST['icq'])) : '';
 $aim		= (!empty($_REQUEST['aim'])) ? trim(htmlspecialchars($_REQUEST['aim'])) : '';
 $yahoo		= (!empty($_REQUEST['yahoo'])) ? trim(htmlspecialchars($_REQUEST['yahoo'])) : '';
 $msn		= (!empty($_REQUEST['msn'])) ? trim(htmlspecialchars($_REQUEST['msn'])) : '';
 $joined_select	= (!empty($_REQUEST['joined_select'])) ? htmlspecialchars($_REQUEST['joined_select']) : 'lt';
 $active_select	= (!empty($_REQUEST['active_select'])) ? htmlspecialchars($_REQUEST['active_select']) : 'lt';
 $count_select	= (!empty($_REQUEST['count_select'])) ? htmlspecialchars($_REQUEST['count_select']) : 'eq';
 $joined			= (!empty($_REQUEST['joined'])) ? explode('-', trim(htmlspecialchars($_REQUEST['joined']))) : array();
 $active			= (!empty($_REQUEST['active'])) ? explode('-', trim(htmlspecialchars($_REQUEST['active']))) : array();
 $count			= (!empty($_REQUEST['count'])) ? intval($_REQUEST['count']) : '';
 $ipdomain		= (!empty($_REQUEST['ip'])) ? trim(htmlspecialchars($_REQUEST['ip'])) : '';
 // Grab rank information for later
@ -143,67 +127,31 @@ switch ($mode)
 				break;
 			case 'jabber':
-				if (isset($_POST['submit']) && @extension_loaded('xml'))
+				if ($submit && @extension_loaded('xml'))
 				{
-					require($phpbb_root_path . 'includes/functions_jabber.'.$phpEx);
+					include_once($phpbb_root_path . 'includes/functions_messenger.'.$phpEx);
 					$jabber = new Jabber;
 					$jabber->server	= (!empty($config['jab_host'])) ? $config['jab_host'] : 'jabber.org';
 					if (!$jabber->Connect())
 					{
 						trigger_error('Could not connect to Jabber server', E_USER_ERROR);
 					}
 					$jabber->username = (!empty($config['jab_username'])) ? $config['jab_username'] : '';
 					$jabber->password = (!empty($config['jab_password'])) ? $config['jab_password'] : '';
 					$jabber->resource = 'phpBB';
 					// If a username/password are set we will try and authorise. If they don't we will
 					// try and create a new user, username will be the basic domain name with _phpbb
 					// appended + a numeric
 					if ($jabber->username && $jabber->password)
 					{
 						if (!$jabber->SendAuth())
 						{
 							trigger_error('Could not authorise on Jabber server', E_USER_ERROR);
 						}
 					}
 					else
 					{
 						$jabber->username = implode('_', array_slice(explode('.', $config['server_name']), -2)) . '_phpbb';
 						for ($i = 0; $i < 10; $i++)
 						{
 							$jabber->password .= chr(rand(65, 122));
 						}
 						for ($i = 0; $i < 10; $i++)
 						{
 							$jabber->username .= $i;
 							if ($result = $jabber->AccountRegistration($config['contact_email'], str_replace('.', '_', $config['server_name'])))
 							{
 								break;
 							}
 						}
 						if (!$result)
 						{
 							trigger_error('Could not create new user on Jabber server', E_USER_ERROR);
 						}
 						set_config('jab_username', $jabber->username);
 						set_config('jab_password', $jabber->password);
 					}
 					$jabber->SendPresence(NULL, NULL, 'online');
 					// This _really_ needs to be an "email" template I think ... indeed the whole system is probably
 					// best suited "merged" with email in some way. Would enable notifications, etc. to be sent via
 					// Jabber more easily too I think
 					$subject = sprintf($user->lang['IM_JABBER_SUBJECT'], $user->data['username'], $config['server_name']);
-					$message = stripslashes(htmlspecialchars($_POST['message']));
+					$message = $_POST['message'];
-					$jabber->SendMessage($row[$sql_field], 'normal', NULL, array('subject' => $subject, 'body' => $message), '');
+					$messenger = new messenger();
-					$jabber->Disconnect();
+
 					$messenger->template('profile_send_email', $row['user_lang']);
 					$messenger->subject($subject);
 					$messenger->replyto($user->data['user_email']);
 					$messenger->to($row['user_jabber'], $row['username']);
 					$messenger->assign_vars(array(
 						'SITENAME'		=> $config['sitename'],
 						'BOARD_EMAIL'	=> $config['board_contact'],
 						'FROM_USERNAME' => $user->data['username'],
 						'TO_USERNAME'	=> $row['username'],
 						'MESSAGE'		=> $message)
 					);
 					$messenger->send(NOTIFY_IM);
 					$messenger->queue->save();
 					$s_select = 'S_SENT_JABBER';
 				}
@ -240,8 +188,8 @@ switch ($mode)
 		}
 		// Do the SQL thang
-		$sql = "SELECT g.group_id, g.group_name, g.group_type 
+		$sql = 'SELECT g.group_id, g.group_name, g.group_type 
-			FROM " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug 
+			FROM ' . GROUPS_TABLE . ' g, ' . USER_GROUP_TABLE . " ug 
 			WHERE ug.user_id = $user_id 
 				AND g.group_id = ug.group_id" . (($auth->acl_get('a_groups'))? ' AND g.group_type <> ' . GROUP_HIDDEN : '') . '  
 			ORDER BY group_type, group_name';
@ -254,7 +202,7 @@ switch ($mode)
 		}
 		// We left join on the session table to see if the user is currently online
-		$sql = 'SELECT username, user_id, user_colour, user_permissions, user_karma, user_sig, user_sig_bbcode_uid, user_sig_bbcode_bitfield, user_allow_viewemail, user_posts, user_regdate, user_rank, user_from, user_occ, user_interests, user_website, user_email, user_icq, user_aim, user_yim, user_msnm, user_jabber, user_avatar, user_avatar_width, user_avatar_height, user_avatar_type, user_allowavatar, user_lastvisit   
+		$sql = 'SELECT username, user_id, user_colour, user_permissions, user_karma, user_sig, user_sig_bbcode_uid, user_sig_bbcode_bitfield, user_allow_viewemail, user_posts, user_regdate, user_rank, user_from, user_occ, user_interests, user_website, user_email, user_icq, user_aim, user_yim, user_msnm, user_jabber, user_avatar, user_avatar_width, user_avatar_height, user_avatar_type, user_lastvisit   
 			FROM ' . USERS_TABLE . " 
 			WHERE user_id = $user_id";
 		$result = $db->sql_query($sql);
@ -447,18 +395,19 @@ switch ($mode)
 			trigger_error($lang['FLOOD_EMAIL_LIMIT']);
 		}
-		$email_lang = (!empty($_POST['lang'])) ? htmlspecialchars($_POST['lang']) : '';
+		$name		= strip_tags(request_var('name', ''));
-		$name		= (!empty($_POST['name'])) ? trim(strip_tags($_POST['name'])) : '';
+		$email		= strip_tags(request_var('email', ''));
-		$email		= (!empty($_POST['email'])) ? trim(strip_tags($_POST['email'])) : '';
+		$email_lang = request_var('lang', '');
-		$subject	= (!empty($_POST['subject'])) ? trim(stripslashes($_POST['subject'])) : '';
+		$subject	= request_var('subject', '');
-		$message	= (!empty($_POST['message'])) ? trim(stripslashes($_POST['message'])) : '';
+		$message	= request_var('message', '');
 		$cc			= (!empty($_POST['cc_email'])) ? true : false;
 		// Are we sending an email to a user on this board? Or are we sending a
 		// topic heads-up message?
 		if (!$topic_id)
 		{
 			// Get the appropriate username, etc.
-			$sql = 'SELECT username, user_email, user_allow_viewemail, user_lang
+			$sql = 'SELECT username, user_email, user_allow_viewemail, user_lang, user_jabber 
 				FROM ' . USERS_TABLE . "
 				WHERE user_id = $user_id
 					AND user_active = 1";
@ -502,16 +451,16 @@ switch ($mode)
 		// User has submitted a message, handle it
 		$error = array();
-		if (isset($_POST['submit']))
+		if ($submit)
 		{
 			if (!$topic_id)
 			{
-				if ($subject == '') 
+				if (!$subject) 
 				{
 					$error[] = $user->lang['EMPTY_SUBJECT_EMAIL'];
 				}
-				if ($message == '') 
+				if (!$message) 
 				{
 					$error[] = $user->lang['EMPTY_MESSAGE_EMAIL'];
 				}
@ -536,35 +485,31 @@ switch ($mode)
 					WHERE user_id = ' . $user->data['user_id'];
 				$result = $db->sql_query($sql);
-				include($phpbb_root_path . 'includes/emailer.'.$phpEx);
+				include_once($phpbb_root_path . 'includes/functions_messenger.'.$phpEx);
 				$emailer = new emailer();
 				$email_tpl = (!$topic_id) ? 'profile_send_email' : 'email_notify';
 				$email_lang = (!$topic_id) ? $row['user_lang'] : $email_lang;
-				$emailer->template($email_tpl, $email_lang);
+				$email = (!$topic_id) ? $row['user_email'] : $email;
 				$emailer->subject($subject);
-				$emailer->replyto($user->data['user_email']);
+				$messenger = new messenger();
-				if (!$topic_id)
+
 				$messenger->template($email_tpl, $email_lang);
 				$messenger->subject($subject);
 				$messenger->replyto($user->data['user_email']);
 				$messenger->to($email, $row['username']);
 				if ($cc)
 				{
-					$emailer->to($row['user_email'], $row['username']);
+					$messenger->cc($user->data['user_email'], $user->data['username']);
 				}
 				else
 				{
 					$emailer->to($email, $name);
 				}
-				if (!empty($_POST['cc_email']))
+				$messenger->headers('X-AntiAbuse: Board servername - ' . $config['server_name']);
-				{
+				$messenger->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']);
-					$emailer->cc($user->data['user_email'], $user->data['username']);
+				$messenger->headers('X-AntiAbuse: Username - ' . $user->data['username']);
-				}
+				$messenger->headers('X-AntiAbuse: User IP - ' . $user->ip);
-				$emailer->headers('X-AntiAbuse: Board servername - ' . $config['server_name']);
+				$messenger->assign_vars(array(
 				$emailer->headers('X-AntiAbuse: User_id - ' . $user->data['user_id']);
 				$emailer->headers('X-AntiAbuse: Username - ' . $user->data['username']);
 				$emailer->headers('X-AntiAbuse: User IP - ' . $user->ip);
 				$emailer->assign_vars(array(
 					'SITENAME'		=> $config['sitename'],
 					'BOARD_EMAIL'	=> $config['board_contact'],
 					'FROM_USERNAME' => $user->data['username'],
@ -572,11 +517,11 @@ switch ($mode)
 					'MESSAGE'		=> $message, 
 					'TOPIC_NAME'	=> ($topic_id) ? strtr($row['topic_title'], array_flip(get_html_translation_table(HTML_ENTITIES))) : '', 
-					'U_TOPIC'	=> ($topic_id) ? generate_board_url() . "/viewtopic.$phpEx?f=" . $row['forum_id'] . "&t=topic_id" : '')
+					'U_TOPIC'	=> ($topic_id) ? generate_board_url() . "/viewtopic.$phpEx?f=" . $row['forum_id'] . "&t=$topic_id" : '')
 				);
-				$emailer->send();
+				$messenger->send(NOTIFY_EMAIL);
-				$emailer->reset();
+				$messenger->queue->save();
 				meta_refresh(3, "index.$phpEx$SID");
 				$message = (!$topic_id) ? sprintf($user->lang['RETURN_INDEX'],  '<a href="' . "index.$phpEx$SID" . '">', '</a>') : sprintf($user->lang['RETURN_TOPIC'],  "<a href=\"viewtopic.$phpEx$SID&amp;f=$forum_id&amp;t=" . $row['topic_id'] . '">', '</a>'); 
@ -635,8 +580,26 @@ switch ($mode)
 		// Additional sorting options for user search ... if search is enabled, if not
 		// then only admins can make use of this (for ACP functionality)
 		$where_sql = '';
-		if ($mode == 'searchuser' && (!empty($config['load_search']) || $auth->acl_get('a_')))
+		if ($mode == 'searchuser' && ($config['load_search'] || $auth->acl_get('a_')))
 		{
 			$form	= request_var('form', '');
 			$field	= request_var('field', 'username');
 			$username	= request_var('username', '');
 			$email		= request_var('email', '');
 			$icq		= request_var('icq', '');
 			$aim		= request_var('aim', '');
 			$yahoo		= request_var('yahoo', '');
 			$msn		= request_var('msn', '');
 			$joined_select	= request_var('joined_select', 'lt');
 			$active_select	= request_var('active_select', 'lt');
 			$count_select	= request_var('count_select', 'eq');
 			$joined			= explode('-', request_var('joined', ''));
 			$active			= explode('-', request_var('active', ''));
 			$count			= request_var('count', 0);
 			$ipdomain		= request_var('ip', '');
 			$find_key_match = array('lt' => '<', 'gt' => '>', 'eq' => '=');
 			$find_count = array('lt' => $user->lang['LESS_THAN'], 'eq' => $user->lang['EQUAL_TO'], 'gt' => $user->lang['MORE_THAN']);
@ -668,11 +631,11 @@ switch ($mode)
 			$where_sql .= ($aim) ? " AND user_aim LIKE '" . str_replace('*', '%', $db->sql_escape($aim)) ."' " : '';
 			$where_sql .= ($yahoo) ? " AND user_yim LIKE '" . str_replace('*', '%', $db->sql_escape($yahoo)) ."' " : '';
 			$where_sql .= ($msn) ? " AND user_msnm LIKE '" . str_replace('*', '%', $db->sql_escape($msn)) ."' " : '';
 			$where_sql .= ($joined) ? " AND user_regdate " . $find_key_match[$joined_select] . " " . gmmktime(0, 0, 0, intval($joined[1]), intval($joined[2]), intval($joined[0])) : '';
 			$where_sql .= ($count) ? " AND user_posts " . $find_key_match[$count_select] . " $count " : '';
-			$where_sql .= ($active) ? " AND user_lastvisit " . $find_key_match[$active_select] . " " . gmmktime(0, 0, 0, $active[1], intval($active[2]), intval($active[0])) : '';
+			$where_sql .= (sizeof($joined) > 1) ? " AND user_regdate " . $find_key_match[$joined_select] . ' ' . gmmktime(0, 0, 0, intval($joined[1]), intval($joined[2]), intval($joined[0])) : '';
 			$where_sql .= (sizeof($active) > 1) ? " AND user_lastvisit " . $find_key_match[$active_select] . ' ' . gmmktime(0, 0, 0, $active[1], intval($active[2]), intval($active[0])) : '';
-			if (!empty($ipdomain))
+			if ($ipdomain)
 			{
 				$ips = (preg_match('#[a-z]#', $ipdomain)) ? implode(', ', preg_replace('#([0-9]{1,3}\.[0-9]{1,3}[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})#', "'\\1'", gethostbynamel($ipdomain))) : "'" . str_replace('*', '%', $ipdomain) . "'";
@ -683,14 +646,14 @@ switch ($mode)
 				if ($row = $db->sql_fetchrow($result))
 				{
-					$ip_sql = '';
+					$ip_sql = array();
 					do
 					{
-						$ip_sql .= (($ip_sql != '') ? ', ' : '') . $row['poster_id'];
+						$ip_sql[] = $row['poster_id'];
 					}
 					while ($row = $db->sql_fetchrow($result));
-					$where_sql .= " AND user_id IN ($ip_sql)";
+					$where_sql .= ' AND user_id IN (' . implode(', ', $ip_sql) . ')';
 				}
 				else
 				{
@ -704,11 +667,11 @@ switch ($mode)
 		$order_by = $sort_key_sql[$sort_key] . '  ' . (($sort_dir == 'a') ? 'ASC' : 'DESC');
 		// Count the users ...
-		if ($where_sql != '')
+		if ($where_sql)
 		{
-			$sql = "SELECT COUNT(user_id) AS total_users
+			$sql = 'SELECT COUNT(user_id) AS total_users
-				FROM " . USERS_TABLE . "
+				FROM ' . USERS_TABLE . '
-				WHERE user_id <> " . ANONYMOUS . "
+				WHERE user_id <> ' . ANONYMOUS . "
 				$where_sql";
 			$result = $db->sql_query($sql);
@ -723,18 +686,18 @@ switch ($mode)
 		$pagination_url = "memberlist.$phpEx$SID&amp;mode=$mode";
 		// Build a relevant pagination_url
-		$global_var = (isset($_POST['submit'])) ? '_POST' : '_GET';
+		$global_var = ($submit) ? '_POST' : '_GET';
 		foreach ($$global_var as $key => $var)
 		{
-			if (in_array($key, array('submit', 'start', 'mode')) || $var == '')
+			if (in_array($key, array('submit', 'start', 'mode')) || !$var)
 			{
 				continue;
 			}
-			$pagination_url .= '&amp;' . $key . '=' . urlencode($var);
+			$pagination_url .= '&amp;' . $key . '=' . urlencode(htmlspecialchars($var));
 		}
 		// Some search user specific data
-		if ($mode == 'searchuser' && (!empty($config['load_search']) || $auth->acl_get('a_')))
+		if ($mode == 'searchuser' && ($config['load_search'] || $auth->acl_get('a_')))
 		{
 			$template->assign_vars(array(
 				'USERNAME'	=> $username,
@ -775,7 +738,7 @@ switch ($mode)
 		$db->sql_freeresult($result);
 		// Do the SQL thang
-		$sql = 'SELECT username, user_id, user_colour, user_allow_viewemail, user_posts, user_regdate, user_rank, user_from, user_website, user_email, user_icq, user_aim, user_yim, user_msnm, user_avatar, user_avatar_type, user_allowavatar, user_lastvisit
+		$sql = 'SELECT username, user_id, user_colour, user_allow_viewemail, user_posts, user_regdate, user_rank, user_from, user_website, user_email, user_icq, user_aim, user_yim, user_msnm, user_avatar, user_avatar_type, user_lastvisit
 			FROM ' . USERS_TABLE . ' 
 			WHERE user_id <> ' . ANONYMOUS . " 
 				$where_sql 
--- a/phpBB/posting.php
+++ b/phpBB/posting.php
@ -175,6 +175,7 @@ if ($sql != '')
 		prepare_data($message_parser->attachment_data[$pos]['real_filename'], TRUE);
 		prepare_data($message_parser->attachment_data[$pos]['extension'], TRUE);
 		prepare_data($message_parser->attachment_data[$pos]['mimetype'], TRUE);
 		$message_parser->attachment_data[$pos]['filesize'] = (int) $message_parser->attachment_data[$pos]['filesize'];
 		$message_parser->attachment_data[$pos]['filetime'] = (int) $message_parser->attachment_data[$pos]['filetime'];
 		$message_parser->attachment_data[$pos]['attach_id'] = (int) $message_parser->attachment_data[$pos]['attach_id'];
@ -211,8 +212,8 @@ if ($sql != '')
 	if (!in_array($mode, array('quote', 'edit', 'delete')))
 	{
 		$enable_sig		= ($config['allow_sig'] && $user->optionget('attachsig')) ? TRUE : FALSE;
-		$enable_smilies	= ($config['allow_smilies'] && $user->optionget('allowsmile')) ? TRUE : FALSE;
+		$enable_smilies	= ($config['allow_smilies'] && $user->optionget('smile')) ? TRUE : FALSE;
-		$enable_bbcode	= ($config['allow_bbcode'] && $user->optionget('allowbbcode')) ? TRUE : FALSE;
+		$enable_bbcode	= ($config['allow_bbcode'] && $user->optionget('bbcode')) ? TRUE : FALSE;
 		$enable_urls	= TRUE;
 	}
@ -1134,7 +1135,7 @@ function user_notification($mode, $subject, $topic_title, $forum_name, $forum_id
 	$notify_rows = array();
 	// -- get forum_userids	|| topic_userids
-	$sql = 'SELECT u.user_id, u.username, u.user_email, u.user_lang
+	$sql = 'SELECT u.user_id, u.username, u.user_email, u.user_lang, u.user_notify_type, u.user_jabber 
 		FROM ' . (($topic_notification) ? TOPICS_WATCH_TABLE : FORUMS_WATCH_TABLE) . ' w, ' . USERS_TABLE . ' u
 		WHERE w.' . (($topic_notification) ? 'topic_id' : 'forum_id') . ' = ' . (($topic_notification) ? $topic_id : $forum_id) . "
 			AND w.user_id NOT IN ($sql_ignore_users)
@ -1148,9 +1149,11 @@ function user_notification($mode, $subject, $topic_title, $forum_name, $forum_id
 			'user_id'		=> $row['user_id'],
 			'username'		=> $row['username'],
 			'user_email'	=> $row['user_email'],
 			'user_jabber'	=> $row['user_jabber'], 
 			'user_lang'		=> $row['user_lang'], 
 			'notify_type'	=> ($topic_notification) ? 'topic' : 'forum',
 			'template'		=> ($topic_notification) ? 'topic_notify' : 'newtopic_notify',
 			'method'		=> $row['user_notify_type'], 
 			'allowed'		=> false
 		);
 	}
@ -1164,7 +1167,7 @@ function user_notification($mode, $subject, $topic_title, $forum_name, $forum_id
 			$sql_ignore_users .= ', ' . implode(', ', array_keys($notify_rows));
 		}
-		$sql = 'SELECT u.user_id, u.username, u.user_email, u.user_lang
+		$sql = 'SELECT u.user_id, u.username, u.user_email, u.user_lang, u.user_notify_type, u.user_jabber 
 			FROM ' . FORUMS_WATCH_TABLE . ' fw, ' . USERS_TABLE . " u
 			WHERE fw.forum_id = $forum_id
 				AND fw.user_id NOT IN ($sql_ignore_users)
@ -1178,9 +1181,11 @@ function user_notification($mode, $subject, $topic_title, $forum_name, $forum_id
 				'user_id'		=> $row['user_id'],
 				'username'		=> $row['username'],
 				'user_email'	=> $row['user_email'],
 				'user_jabber'	=> $row['user_jabber'], 
 				'user_lang'		=> $row['user_lang'],
 				'notify_type'	=> 'forum',
 				'template'		=> 'forum_notify',
 				'method'		=> $row['user_notify_type'], 
 				'allowed'		=> false
 			);
 		}
@ -1192,112 +1197,101 @@ function user_notification($mode, $subject, $topic_title, $forum_name, $forum_id
 		return;
 	}
 	// We have all users informations we want, now check if they are actually permitted to receive a notification
 	$sql = 'SELECT a.user_id
 		FROM ' . ACL_OPTIONS_TABLE . ' ao, ' . ACL_USERS_TABLE . ' a 
 		WHERE a.user_id IN (' . implode(', ', array_keys($notify_rows)) . ")
 			AND ao.auth_option_id = a.auth_option_id
 			AND ao.auth_option = 'f_read'
 			AND a.forum_id = $forum_id";
 	$result = $db->sql_query($sql);
-	while ($row = $db->sql_fetchrow($result))
+	$perms = array();
 /*	foreach (discover_auth(array_keys($notify_rows), array('f_read'), $forum_id) as $user_id => $forum_ary)
 	{
-		$notify_rows[$row['user_id']]['allowed'] = true;
+		foreach ($forum_ary as $forum_id => $option_ary)
 	}
 	$db->sql_freeresult($result);
 	// Now grab group settings... 
 	$sql = 'SELECT ug.user_id, MIN(a.auth_setting) as min_setting
 		FROM ' . USER_GROUP_TABLE . ' ug, ' . ACL_OPTIONS_TABLE . ' ao, ' . ACL_GROUPS_TABLE . ' a 
 		WHERE ug.user_id IN (' . implode(', ', array_keys($notify_rows)) . ")
 			AND a.group_id = ug.group_id
 			AND ao.auth_option_id = a.auth_option_id 
 			AND ao.auth_option = 'f_read'
 			AND a.forum_id = $forum_id
 		GROUP BY ug.user_id";
 	$result = $db->sql_query($sql);
 	while ($row = $db->sql_fetchrow($result))
 	{
 		if ($row['min_setting'] == 1)
 		{
-			$notify_rows[$row['user_id']]['allowed'] = true;
+			if (array_sum(array_values($option_ary)))
 			{
 				echo array_sum(array_values($option_ary));
 				echo " >> ";
 //				$perms[] = $user_id;
 //				break;
 			}
 		}
 		print_r($forum_ary);
 	}
-	$db->sql_freeresult($result);
+*/
 	// Now, we have to do a little step before really sending, we need to distinguish our users a little bit. ;)
 	$email_users = $delete_ids = $update_notification = array();
 	foreach ($notify_rows as $user_id => $row)
 	{
-		if (!$row['allowed'] || trim($row['user_email']) == '')
+		if (!$row['allowed'] || !trim($row['user_email']))
 		{
 			$delete_ids[$row['notify_type']][] = $row['user_id'];
 		}
 		else
 		{
-			$email_users[] = $row;
+			$msg_users[] = $row;
 			$update_notification[$row['notify_type']][] = $row['user_id'];
 		}
 	}
 	unset($notify_rows);
 	// Now, we are able to really send out notifications
-	if (sizeof($email_users) && $config['email_enable'])
+	if (sizeof($msg_users))
 	{
-		@set_time_limit(60);
+		include_once($phpbb_root_path . 'includes/functions_messenger.'.$phpEx);
 		$messenger = new messenger();
-		include($phpbb_root_path . 'includes/emailer.'.$phpEx);
+		$email_sig = str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']);
 		$emailer = new emailer(TRUE); // use queue
-		$email_list_ary = array();
+		$msg_list_ary = array();
-		foreach ($email_users as $row)
+		foreach ($msg_users as $row)
 		{ 
-			$pos = sizeof($email_list_ary[$row['template']]);
+			$pos = sizeof($msg_list_ary[$row['template']]);
-			$email_list_ary[$row['template']][$pos]['email'] = $row['user_email'];
+
-			$email_list_ary[$row['template']][$pos]['name'] = $row['username'];
+			$msg_list_ary[$row['template']][$pos]['method'] = $row['method'];
-			$email_list_ary[$row['template']][$pos]['lang'] = $row['user_lang'];
+			$msg_list_ary[$row['template']][$pos]['email'] = $row['user_email'];
 			$msg_list_ary[$row['template']][$pos]['user_jabber'] = $row['user_jabber'];
 			$msg_list_ary[$row['template']][$pos]['name'] = $row['username'];
 			$msg_list_ary[$row['template']][$pos]['lang'] = $row['user_lang'];
 		}
 		unset($email_users);
-		foreach ($email_list_ary as $email_template => $email_list)
+		foreach ($msg_list_ary as $email_template => $email_list)
 		{
 			foreach ($email_list as $addr)
 			{
-				$emailer->template($email_template, $addr['lang']);
+				$messenger->template($email_template, $addr['lang']);
-				$emailer->replyto($config['board_email']);
+				$messenger->replyto($config['board_email']);
-				$emailer->to($addr['email'], $addr['name']);
+				$messenger->to($addr['email'], $addr['name']);
-				$emailer->assign_vars(array(
+				$messenger->assign_vars(array(
-					'EMAIL_SIG'		=> str_replace('<br />', "\n", "-- \n" . $config['board_email_sig']),
+					'EMAIL_SIG'		=> $email_sig,
 					'SITENAME'		=> $config['sitename'],
-					'TOPIC_TITLE'	=> trim($topic_title),  
+					'TOPIC_TITLE'	=> $topic_title,  
-					'FORUM_NAME'	=> trim($forum_name), 
+					'FORUM_NAME'	=> $forum_name,
-					'U_NEWEST_POST'			=> generate_board_url() . '/viewtopic.'.$phpEx . '?e=1&t=' . $topic_id . '&p=' . $post_id . '#' . $post_id,
+					'U_FORUM'				=> generate_board_url() . "/viewforum.$phpEx?f=$forum_id&e=1",
-					'U_TOPIC'				=> generate_board_url() . '/viewtopic.'.$phpEx . '?e=1&t=' . $topic_id,
+					'U_TOPIC'				=> generate_board_url() . "/viewtopic.$phpEx?f=$forum_id&t=$topic_id&e=1",
-					'U_FORUM'				=> generate_board_url() . '/viewforum.'.$phpEx . '?e=1&f=' . $forum_id,
+					'U_NEWEST_POST'			=> generate_board_url() . "/viewtopic.$phpEx?f=$forum_id&t=$topic_id&p=$post_id&e=1#$post_id",
-					'U_STOP_WATCHING_TOPIC' => generate_board_url() . '/viewtopic.'.$phpEx . '?t=' . $topic_id . '&unwatch=topic',
+					'U_STOP_WATCHING_TOPIC' => generate_board_url() . "/viewtopic.$phpEx?f=$forum_id&t=$topic_id&unwatch=topic",
-					'U_STOP_WATCHING_FORUM' => generate_board_url() . '/viewforum.'.$phpEx . '?f=' . $forum_id . '&unwatch=forum')
+					'U_STOP_WATCHING_FORUM' => generate_board_url() . "/viewforum.$phpEx?f=$forum_id&unwatch=forum", 
-				);
+				));
-				$emailer->send();
+				$messenger->send($addr['method']);
-				$emailer->reset();
+				$messenger->reset();
 			}
 		}
 		unset($email_list_ary);
 		$emailer->mail_queue->save();
 	}
 	$messenger->queue->save();
 	// Handle the DB updates
 	$db->sql_transaction();
 	// Now update the notification status
 	if (sizeof($update_notification['topic']))
 	{
-		$sql = "UPDATE " . TOPICS_WATCH_TABLE . "
+		$sql = 'UPDATE ' . TOPICS_WATCH_TABLE . "
 			SET notify_status = 1
 			WHERE topic_id = $topic_id
 				AND user_id IN (" . implode(', ', $update_notification['topic']) . ")";
@ -1306,7 +1300,7 @@ function user_notification($mode, $subject, $topic_title, $forum_name, $forum_id
 	if (sizeof($update_notification['forum']))
 	{
-		$sql = "UPDATE " . FORUMS_WATCH_TABLE . "
+		$sql = 'UPDATE ' . FORUMS_WATCH_TABLE . "
 			SET notify_status = 1
 			WHERE forum_id = $forum_id
 				AND user_id IN (" . implode(', ', $update_notification['forum']) . ")";
@ -1316,7 +1310,7 @@ function user_notification($mode, $subject, $topic_title, $forum_name, $forum_id
 	// Now delete the user_ids not authorized to receive notifications on this topic/forum
 	if (sizeof($delete_ids['topic']))
 	{
-		$sql = "DELETE FROM " . TOPICS_WATCH_TABLE . "
+		$sql = 'DELETE FROM ' . TOPICS_WATCH_TABLE . "
 			WHERE topic_id = $topic_id
 				AND user_id IN (" . implode(', ', $delete_ids['topic']) . ")";
 		$db->sql_query($sql);
@ -1324,7 +1318,7 @@ function user_notification($mode, $subject, $topic_title, $forum_name, $forum_id
 	if (sizeof($delete_ids['forum']))
 	{
-		$sql = "DELETE FROM " . FORUMS_WATCH_TABLE . "
+		$sql = 'DELETE FROM ' . FORUMS_WATCH_TABLE . "
 			WHERE forum_id = $forum_id
 				AND user_id IN (" . implode(', ', $delete_ids['forum']) . ")";
 		$db->sql_query($sql);
--- a/phpBB/styles/subSilver/template/ucp_header.html
+++ b/phpBB/styles/subSilver/template/ucp_header.html
@ -70,7 +70,7 @@ function marklist(form_name, status)
 						<!-- END ucp_subsection -->
 						</table>
 					<!-- ELSE -->
-					<td class="row2" height="25" nowrap="nowrap" onmouseover="this.className='row1'" onmouseout="this.className='row2'"><a class="nav" href="{ucp_section.U_TITLE}">{ucp_section.L_TITLE}</a>
+					<td class="row2" height="25" nowrap="nowrap" onmouseover="this.className='row1'" onmouseout="this.className='row2'" onclick="location.href='{ucp_section.U_TITLE}'"><a class="nav" href="{ucp_section.U_TITLE}">{ucp_section.L_TITLE}</a>
 					<!-- ENDIF -->
 					</td>
 				</tr>
--- a/phpBB/styles/subSilver/template/viewtopic_body.html
+++ b/phpBB/styles/subSilver/template/viewtopic_body.html
@ -28,11 +28,11 @@
 		<td class="cat" colspan="2" height="28"><table width="100%" cellspacing="0" cellpadding="0" border="0">
 			<tr>
 				<td class="nav" nowrap="nowrap">&nbsp;
-				<!-- IF S_WATCH_TOPIC -->{S_WATCH_TOPIC} &bull; <!-- ENDIF -->
+				<!-- IF S_WATCH_TOPIC -->{S_WATCH_TOPIC} | <!-- ENDIF -->
-				<!-- IF U_PRINT_TOPIC --><a href="{U_PRINT_TOPIC}" title="{L_PRINT_TOPIC}">{L_PRINT_TOPIC}</a> &bull; <!-- ENDIF -->
+				<!-- IF U_PRINT_TOPIC --><a href="{U_PRINT_TOPIC}" title="{L_PRINT_TOPIC}">{L_PRINT_TOPIC}</a> | <!-- ENDIF -->
 				<!-- IF U_EMAIL_TOPIC --><a href="{U_EMAIL_TOPIC}" title="{L_EMAIL_TOPIC}">{L_EMAIL_TOPIC}</a><!-- ENDIF -->
 				</td>
-				<td class="nav" align="right" nowrap="nowrap"><a href="{U_VIEW_OLDER_TOPIC}">{L_VIEW_PREVIOUS_TOPIC}</a> &bull; <a href="{U_VIEW_UNREAD_POST}">{L_VIEW_UNREAD_POST}</a> &bull; <a href="{U_VIEW_NEWER_TOPIC}">{L_VIEW_NEXT_TOPIC}</a>&nbsp;</td>
+				<td class="nav" align="right" nowrap="nowrap"><a href="{U_VIEW_OLDER_TOPIC}">{L_VIEW_PREVIOUS_TOPIC}</a> | <a href="{U_VIEW_UNREAD_POST}">{L_VIEW_UNREAD_POST}</a> | <a href="{U_VIEW_NEWER_TOPIC}">{L_VIEW_NEXT_TOPIC}</a>&nbsp;</td>
 			</tr>
 		</table></td>
 	</tr>
--- a/phpBB/viewforum.php
+++ b/phpBB/viewforum.php
@ -112,7 +112,7 @@ if ($forum_data['forum_password'])
 }
 // Redirect to login upon emailed notification links
-if (isset($_GET['e']) && (int) $_GET['e'] && $user->data['user_id'] == ANONYMOUS)
+if (!empty($_GET['e']) && $user->data['user_id'] == ANONYMOUS)
 {
 	login_box(preg_replace('#.*?([a-z]+?\.' . $phpEx . '.*?)$#i', '\1', htmlspecialchars($_SERVER['REQUEST_URI'])), '', $user->lang['LOGIN_NOTIFY_FORUM']);
 }
--- a/phpBB/viewtopic.php
+++ b/phpBB/viewtopic.php
@ -21,21 +21,21 @@ $user->start();
 $auth->acl($user->data);
 // Initial var setup
-$forum_id	= (isset($_GET['f'])) ? max(intval($_GET['f']), 0) : 0;
+$forum_id	= request_var('f', 0);
-$topic_id	= (isset($_GET['t'])) ? max(intval($_GET['t']), 0) : 0;
+$topic_id	= request_var('t', 0);
-$post_id	= (isset($_GET['p'])) ? max(intval($_GET['p']), 0) : 0;
+$post_id	= request_var('p', 0);
-$voted_id	= (isset($_POST['vote_id'])) ? array_map('intval', $_POST['vote_id']) : 0;
+$voted_id	= request_var('vote_id', 0);;
-$start		= (isset($_GET['start'])) ? max(intval($_GET['start']), 0) : 0;
+$start		= request_var('start', 0);
-$view		= (isset($_GET['view'])) ? htmlspecialchars($_GET['view']) : false;
+$view		= request_var('view', '');
-$rate		= (isset($_GET['rate'])) ? intval($_GET['rate']) : false;
+$rate		= request_var('rate', 0);
-$sort_days	= (!empty($_REQUEST['st'])) ? max(intval($_REQUEST['st']), 0) : 0;
+$sort_days	= request_var('st', 0);
-$sort_key	= (!empty($_REQUEST['sk'])) ? htmlspecialchars($_REQUEST['sk']) : 't';
+$sort_key	= request_var('sk', 't');
-$sort_dir	= (!empty($_REQUEST['sd'])) ? htmlspecialchars($_REQUEST['sd']) : 'a';
+$sort_dir	= request_var('sd', 'a');
-$update		= (isset($_POST['update'])) ? true : false;
+$update		= request_var('update', false);
-$hilit_words = (isset($_GET['hilit'])) ? urldecode($_GET['hilit']) : false;
+$hilit_words		= urldecode(request_var('hilit', ''));
-$tracking_topics = (isset($_COOKIE[$config['cookie_name'] . '_track'])) ? unserialize(stripslashes($_COOKIE[$config['cookie_name'] . '_track'])) : array();
+$tracking_topics	= unserialize(request_var($config['cookie_name'] . '_track', array()));
 // Do we have a topic or post id?
 if (!$topic_id && !$post_id)
@ -217,7 +217,7 @@ if ($forum_password)
 }
 // Redirect to login upon emailed notification links
-if (isset($_GET['e']) && (int) $_GET['e'] && $user->data['user_id'] == ANONYMOUS)
+if (!empty($_GET['e']) && $user->data['user_id'] == ANONYMOUS)
 {
 	login_box(preg_replace('#.*?([a-z]+?\.' . $phpEx . '.*?)$#i', '\1', htmlspecialchars($_SERVER['REQUEST_URI'])), '', $user->lang['LOGIN_NOTIFY_TOPIC']);
 }
@ -846,7 +846,8 @@ do
 		else
 		{
 			$user_sig = '';
-			if ($row['user_sig'] && $config['allow_sig'] && $user->optionget('viewsigs'))
+
 			if ($row['enable_sig'] && $row['user_sig'] && $config['allow_sig'] && $user->optionget('viewsigs'))
 			{
 				$user_sig = $row['user_sig'];
 			}
@ -856,8 +857,8 @@ do
 				'joined'		=> $user->format_date($row['user_regdate'], $user->lang['DATE_FORMAT']),
 				'posts'			=> (!empty($row['user_posts'])) ? $row['user_posts'] : '',
 				'from'			=> (!empty($row['user_from'])) ? $row['user_from'] : '',
-				'karma'			=> (!empty($row['user_karma'])) ? $row['user_karma'] : 0, 
+				'karma'			=> ($config['enable_karma'] && $row['user_karma']) ? $row['user_karma'] : 0, 
-				'karma_img'		=> '<img src="images/karma' . $row['user_karma'] . '.gif" alt="' . $user->lang['KARMA_LEVEL'] . ': ' . $user->lang['KARMA'][$row['user_karma']] . '" title="' . $user->lang['KARMA_LEVEL'] . ': ' .  $user->lang['KARMA'][$row['user_karma']] . '" />',
+				'karma_img'		=> ($config['enable_karma']) ? '<img src="images/karma' . $row['user_karma'] . '.gif" alt="' . $user->lang['KARMA_LEVEL'] . ': ' . $user->lang['KARMA'][$row['user_karma']] . '" title="' . $user->lang['KARMA_LEVEL'] . ': ' .  $user->lang['KARMA'][$row['user_karma']] . '" />' : '',
 				'sig'					=> $user_sig,
 				'sig_bbcode_uid'		=> (!empty($row['user_sig_bbcode_uid'])) ? $row['user_sig_bbcode_uid']  : '',
@ -868,14 +869,13 @@ do
 				'avatar'		=> '',
 				'profile'		=> "memberlist.$phpEx$SID&amp;mode=viewprofile&amp;u=$poster_id",
-				'pm'			=> "ucp.$phpEx$SID&amp;mode=message&amp;action=send&amp;u=$poster_id",
+				'pm'			=> "ucp.$phpEx$SID&amp;i=pm&amp;action=send&amp;u=$poster_id",
 				'www'			=> $row['user_website'],
 				'aim'			=> ($row['user_aim']) ? "memberlist.$phpEx$SID&amp;mode=contact&amp;action=aim&amp;u=$poster_id" : '',
 				'msn'			=> ($row['user_msnm']) ? "memberlist.$phpEx$SID&amp;mode=contact&amp;action=msnm&amp;u=$poster_id" : '',
 				'yim'			=> ($row['user_yim']) ? 'http://edit.yahoo.com/config/send_webmesg?.target=' . $row['user_yim'] . '&.src=pg' : '',
 				'jabber'		=> ($row['user_jabber']) ? "memberlist.$phpEx$SID&amp;mode=contact&amp;action=jabber&amp;u=$poster_id" : '',
 				'search'		=> ($auth->acl_get('u_search')) ? "search.$phpEx$SID&amp;search_author=" . urlencode($row['username']) .'&amp;showresults=posts' : ''
 			);
 			if ($row['user_avatar'] && $user->optionget('viewavatars'))
@ -1086,7 +1086,7 @@ foreach ($rowset as $i => $row)
 	}
 	// End signature parsing, only if needed
-	if ($row['enable_sig'] && $user_cache[$poster_id]['sig'] && empty($user_cache[$poster_id]['sig_parsed']))
+	if ($user_cache[$poster_id]['sig'] && empty($user_cache[$poster_id]['sig_parsed']))
 	{
 		$user_cache[$poster_id]['sig'] = ($config['enable_smilies']) ? preg_replace('#<!\-\- s(.*?) \-\-><img src="\{SMILE_PATH\}\/.*? \/><!\-\- s\1 \-\->#', '\1', $user_cache[$poster_id]['sig']) : str_replace('<img src="{SMILE_PATH}', '<img src="' . $config['smilies_path'], $user_cache[$poster_id]['sig']);
@ -1206,7 +1206,7 @@ foreach ($rowset as $i => $row)
 		'U_PREV_POST_ID'	=> $prev_post_id, 
 		'S_ROW_COUNT'		=> $i,
-		'S_CAN_RATE'		=> ($auth->acl_get('f_rate', $forum_id) && $row['post_approved'] && !$row['post_reported'] && $poster_id != $user->data['user_id'] && $poster_id != ANONYMOUS) ? true : false, 
+		'S_CAN_RATE'		=> ($auth->acl_get('f_rate', $forum_id) && $row['post_approved'] && !$row['post_reported'] && $poster_id != $user->data['user_id'] && $poster_id != ANONYMOUS && $config['enable_karma']) ? true : false, 
 		'S_HAS_ATTACHMENTS' => (!empty($attachments[$row['post_id']])) ? TRUE : FALSE,
 		'S_POST_UNAPPROVED'	=> ($row['post_approved']) ? FALSE : TRUE,
 		'S_POST_REPORTED'	=> ($row['post_reported'] && $auth->acl_get('m_', $forum_id)) ? TRUE : FALSE,