again... some more fixes.

git-svn-id: file:///svn/phpbb/trunk@7150 89ea8834-ac86-4346-8a33-228a782c2dd0
2025-07-25 19:38:53 +00:00 · 2007-03-08 15:49:13 +00:00 · 2007-03-08 15:49:13 +00:00 · fcec5b61da
commit fcec5b61da
parent 738d26f92c
18 changed files with 154 additions and 48 deletions
--- a/phpBB/adm/style/permission_mask.html
+++ b/phpBB/adm/style/permission_mask.html
@ -18,7 +18,7 @@

 <!-- BEGIN p_mask -->
 <div class="clearfix"></div>
-<h3>{p_mask.NAME}<!-- IF p_mask.S_LOCAL --> <span class="small"> [{p_mask.L_ACL_TYPE}]</span><!-- ENDIF --></h3>
+<h3>{p_mask.PADDING}{p_mask.NAME}<!-- IF p_mask.S_LOCAL --> <span class="small"> [{p_mask.L_ACL_TYPE}]</span><!-- ENDIF --></h3>

 <!-- BEGIN f_mask -->
 <div class="clearfix"></div>
--- a/phpBB/includes/acp/acp_groups.php
+++ b/phpBB/includes/acp/acp_groups.php
@ -104,6 +104,7 @@ class acp_groups
 				if (confirm_box(true))
 				{
 					$group_name = ($group_row['group_type'] == GROUP_SPECIAL) ? $user->lang['G_' . $group_row['group_name']] : $group_row['group_name'];
+
 					if (!sizeof($mark_ary))
 					{
 						$start = 0;
--- a/phpBB/includes/acp/acp_permissions.php
+++ b/phpBB/includes/acp/acp_permissions.php
@ -422,7 +422,7 @@ class acp_permissions
 				$sql = 'SELECT forum_name
 					FROM ' . FORUMS_TABLE . '
 					WHERE ' . $db->sql_in_set('forum_id', $forum_id) . '
-					ORDER BY forum_name ASC';
+					ORDER BY left_id ASC';
 				$result = $db->sql_query($sql);

 				$forum_names = array();
--- a/phpBB/includes/acp/auth.php
+++ b/phpBB/includes/acp/auth.php
@ -437,9 +437,12 @@ class auth_admin extends auth
 			$hold_ary = array();
 			foreach ($hold_ary_temp as $ug_id => $row)
 			{
-				foreach ($row as $forum_id => $auth_row)
+				foreach ($forum_names_ary as $forum_id => $forum_row)
 				{
-					$hold_ary[$forum_id][$ug_id] = $auth_row;
+					if (isset($row[$forum_id]))
+					{
+						$hold_ary[$forum_id][$ug_id] = $row[$forum_id];
+					}
 				}
 			}
 			unset($hold_ary_temp);
@ -451,6 +454,8 @@ class auth_admin extends auth

 				$template->assign_block_vars($tpl_pmask, array(
 					'NAME'			=> ($forum_id == 0) ? $forum_names_ary[0] : $forum_names_ary[$forum_id]['forum_name'],
+					'PADDING'		=> ($forum_id == 0) ? '' : $forum_names_ary[$forum_id]['padding'],
+
 					'CATEGORIES'	=> implode('</th><th>', $categories),

 					'L_ACL_TYPE'	=> $l_acl_type,
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@ -2013,7 +2013,7 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa
 		$username	= request_var('username', '', true);
 		$password	= request_var('password', '', true);
 		$autologin	= (!empty($_POST['autologin'])) ? true : false;
-		$viewonline = (!empty($_POST['viewonline'])) ? 0 : 1;
+		$viewonline = (!empty($_POST['viewonline']) && $auth->acl_get('u_hideonline')) ? 0 : 1;
 		$admin 		= ($admin) ? 1 : 0;
 		$viewonline = ($admin) ? $user->data['session_viewonline'] : $viewonline;

@ -2169,6 +2169,7 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa

 		'S_DISPLAY_FULL_LOGIN'	=> ($s_display) ? true : false,
 		'S_AUTOLOGIN_ENABLED'	=> ($config['allow_autologin']) ? true : false,
+		'S_ALLOW_HIDE_ONLINE'	=> ($auth->acl_get('u_hideonline')) ? true : false,
 		'S_LOGIN_ACTION'		=> (!$admin) ? append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=login') : append_sid("index.$phpEx", false, true, $user->session_id), // Needs to stay index.$phpEx because we are within the admin directory
 		'S_HIDDEN_FIELDS' 		=> $s_hidden_fields,

@ -2794,9 +2795,17 @@ function parse_attachments($forum_id, &$message, &$attachments, &$update_count,
 					{
 						if ($config['img_link_width'] || $config['img_link_height'])
 						{
-							list($width, $height) = getimagesize($filename);
+							$dimension = getimagesize($filename);

-							$display_cat = (!$width && !$height) ? ATTACHMENT_CATEGORY_IMAGE : (($width <= $config['img_link_width'] && $height <= $config['img_link_height']) ? ATTACHMENT_CATEGORY_IMAGE : ATTACHMENT_CATEGORY_NONE);
+							// If the dimensions could not be determined or the image being too small we display it as a link for safety purposes
+							if ($dimension === false || $dimension[0] < 2 || $dimension[1] < 2)
+							{
+								$display_cat = ATTACHMENT_CATEGORY_NONE;
+							}
+							else
+							{
+								$display_cat = ($dimension[0] <= $config['img_link_width'] && $dimension[1] <= $config['img_link_height']) ? ATTACHMENT_CATEGORY_IMAGE : ATTACHMENT_CATEGORY_NONE;
+							}
 						}
 					}
 					else
--- a/phpBB/includes/functions_posting.php
+++ b/phpBB/includes/functions_posting.php
@ -552,9 +552,16 @@ function create_thumbnail($source, $destination, $mimetype)
 		return false;
 	}

-	list($width, $height, $type, ) = getimagesize($source);
+	$dimension = getimagesize($source);

-	if (!$width || !$height)
+	if ($dimension === false)
+	{
+		return false;
+	}
+
+	list($width, $height, $type, ) = $dimension;
+
+	if ($width < 2 || $height < 2)
 	{
 		return false;
 	}
@ -1578,6 +1585,19 @@ function submit_post($mode, $subject, $username, $topic_type, &$poll, &$data, $u

 				'topic_attachment'			=> (!empty($data['attachment_data'])) ? 1 : (isset($data['topic_attachment']) ? $data['topic_attachment'] : 0),
 			);
+
+		// no break;
+
+		case 'edit':
+		case 'edit_last_post':
+
+			// Correctly set back the topic replies and forum posts...
+			if (!$auth->acl_get('f_noapprove', $data['forum_id']) && !$auth->acl_get('m_approve', $data['forum_id']))
+			{
+				$sql_data[TOPICS_TABLE]['stat'][] = 'topic_replies = topic_replies - 1';
+				$sql_data[FORUMS_TABLE]['stat'][] = 'forum_posts = forum_posts - 1';
+			}
+
 		break;
 	}

--- a/phpBB/includes/functions_upload.php
+++ b/phpBB/includes/functions_upload.php
@ -337,6 +337,12 @@ class filespec
 						$this->error[] = sprintf($user->lang['IMAGE_FILETYPE_MISMATCH'], $types[$this->image_info[2]][0], $this->extension);
 					}
 				}
+
+				// Make sure the dimensions match a valid image
+				if ($this->width < 2 || $this->height < 2)
+				{
+					$this->error[] = $user->lang['ATTACHED_IMAGE_NOT_IMAGE'];
+				}
 			}
 			else
 			{
--- a/phpBB/includes/functions_user.php
+++ b/phpBB/includes/functions_user.php
@ -11,8 +11,12 @@
 /**
 * Obtain user_ids from usernames or vice versa. Returns false on
 * success else the error string
+*
+* @param array &$user_id_ary The user ids to check or empty if usernames used
+* @param array &$username_ary The usernames to check or empty if user ids used
+* @param mixed $user_type Array of user types to check, false if not restricting by user type
 */
-function user_get_id_name(&$user_id_ary, &$username_ary, $only_active = false)
+function user_get_id_name(&$user_id_ary, &$username_ary, $user_type = false)
 {
 	global $db;

@ -45,9 +49,9 @@ function user_get_id_name(&$user_id_ary, &$username_ary, $only_active = false)
 		FROM ' . USERS_TABLE . '
 		WHERE ' . $db->sql_in_set($sql_where, $sql_in);

-	if ($only_active)
+	if ($user_type !== false && !empty($user_type))
 	{
-		$sql .= ' AND user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')';
+		$sql .= ' AND ' . $db->sql_in_set('user_type', $user_type);
 	}

 	$result = $db->sql_query($sql);
@ -1410,10 +1414,16 @@ function avatar_remote($data, &$error)
 		return false;
 	}

+	if ($image_data[0] < 2 || $image_data[1] < 2)
+	{
+		$error[] = $user->lang['AVATAR_NO_SIZE'];
+		return false;
+	}
+
 	$width = ($data['width'] && $data['height']) ? $data['width'] : $image_data[0];
 	$height = ($data['width'] && $data['height']) ? $data['height'] : $image_data[1];

-	if (!$width || !$height)
+	if ($width < 2 || $height < 2)
 	{
 		$error[] = $user->lang['AVATAR_NO_SIZE'];
 		return false;
@ -1630,7 +1640,17 @@ function avatar_process_user(&$error, $custom_userdata = false)
 	}

 	$sql_ary = array();
-	$data['user_id'] = ($custom_userdata === false) ? $user->data['user_id'] : $custom_userdata['user_id'];
+
+	if ($custom_userdata === false)
+	{
+		$userdata = &$user->data;
+	}
+	else
+	{
+		$userdata = &$custom_userdata;
+	}
+
+	$data['user_id'] = $userdata['user_id'];
 	$change_avatar = ($custom_userdata === false) ? $auth->acl_get('u_chgavatar') : true;
 	$avatar_select = basename(request_var('avatar_select', ''));

@ -1669,7 +1689,7 @@ function avatar_process_user(&$error, $custom_userdata = false)
 		$sql_ary['user_avatar'] = '';
 		$sql_ary['user_avatar_type'] = $sql_ary['user_avatar_width'] = $sql_ary['user_avatar_height'] = 0;
 	}
-	else if ($data['width'] && $data['height'])
+	else if ($data['width'] && $data['height'] && ($userdata['user_avatar_type'] != AVATAR_GALLERY))
 	{
 		// Only update the dimensions?
 		if ($config['avatar_max_width'] || $config['avatar_max_height'])
--- a/phpBB/includes/session.php
+++ b/phpBB/includes/session.php
@ -915,6 +915,12 @@ class session

 		if ($banned && !$return)
 		{
+			// If the session is empty we need to create a valid one...
+			if (empty($this->session_id))
+			{
+				$this->session_create(ANONYMOUS);
+			}
+
 			// Initiate environment ... since it won't be set at this stage
 			$this->setup();

@ -941,6 +947,13 @@ class session
 				$this->session_kill(false);
 			}

+			// Ok, we catch the case of an empty session id for the anonymous user...
+			// This can happen if the user is logging in, banned by username and the login_box() being called "again".
+			if (empty($this->session_id))
+			{
+				$this->session_create(ANONYMOUS);
+			}
+
 			// Determine which message to output
 			$till_date = ($ban_row['ban_end']) ? $this->format_date($ban_row['ban_end']) : '';
 			$message = ($ban_row['ban_end']) ? 'BOARD_BAN_TIME' : 'BOARD_BAN_PERM';
--- a/phpBB/includes/ucp/ucp_pm_compose.php
+++ b/phpBB/includes/ucp/ucp_pm_compose.php
@ -326,7 +326,7 @@ function compose_pm($id, $mode, $action)
 	}

 	// Handle User/Group adding/removing
-	handle_message_list_actions($address_list, $remove_u, $remove_g, $add_to, $add_bcc);
+	handle_message_list_actions($address_list, $error, $remove_u, $remove_g, $add_to, $add_bcc);

 	// Check for too many recipients
 	if ((!$config['allow_mass_pm'] || !$auth->acl_get('u_masspm')) && num_recipients($address_list) > 1)
@ -907,9 +907,9 @@ function compose_pm($id, $mode, $action)
 /**
 * For composing messages, handle list actions
 */
-function handle_message_list_actions(&$address_list, $remove_u, $remove_g, $add_to, $add_bcc)
+function handle_message_list_actions(&$address_list, &$error, $remove_u, $remove_g, $add_to, $add_bcc)
 {
-	global $auth, $db;
+	global $auth, $db, $user;

 	// Delete User [TO/BCC]
 	if ($remove_u)
@ -956,7 +956,13 @@ function handle_message_list_actions(&$address_list, $remove_u, $remove_g, $add_
 		if (sizeof($usernames))
 		{
 			$user_id_ary = array();
-			user_get_id_name($user_id_ary, $usernames);
+			user_get_id_name($user_id_ary, $usernames, array(USER_NORMAL, USER_FOUNDER, USER_INACTIVE));
+
+			// If there are users not existing, we will at least print a notice...
+			if (!sizeof($user_id_ary))
+			{
+				$error[] = $user->lang['PM_NO_USERS'];
+			}
 		}

 		// Add Friends if specified
@ -987,11 +993,19 @@ function handle_message_list_actions(&$address_list, $remove_u, $remove_g, $add_
 					AND user_allow_pm = 0';
 			$result = $db->sql_query($sql);

+			$removed = false;
 			while ($row = $db->sql_fetchrow($result))
 			{
+				$removed = true;
 				unset($address_list['u'][$row['user_id']]);
 			}
 			$db->sql_freeresult($result);
+
+			// print a notice about users not being added who do not want to receive pms
+			if ($removed)
+			{
+				$error[] = $user->lang['PM_USERS_REMOVED_NO_PM'];
+			}
 		}
 	}
 }
--- a/phpBB/install/convertors/convert_phpbb20.php
+++ b/phpBB/install/convertors/convert_phpbb20.php
@ -780,6 +780,7 @@ if (!$get_info)
 				array('group_id',				'groups.group_id',					''),
 				array('group_type',				'groups.group_type',				'phpbb_convert_group_type'),
 				array('group_display',			0,									''),
+				array('group_legend',			0,									''),
 				array('group_name',				'groups.group_name',				'phpbb_convert_group_name'), // phpbb_set_encoding called in phpbb_convert_group_name
 				array('group_desc',				'groups.group_description',			'phpbb_set_encoding'),

--- a/phpBB/language/en/acp/common.php
+++ b/phpBB/language/en/acp/common.php
@ -205,9 +205,9 @@ $lang = array_merge($lang, array(

 	'DEACTIVATE'				=> 'Deactivate',
 	'DIMENSIONS'				=> 'Dimensions',
-	'DIRECTORY_DOES_NOT_EXIST'	=> 'The entered path "%s" does not exist.',
-	'DIRECTORY_NOT_DIR'			=> 'The entered path "%s" is not a directory.',
-	'DIRECTORY_NOT_WRITEABLE'	=> 'The entered path "%s" is not writeable.',
+	'DIRECTORY_DOES_NOT_EXIST'	=> 'The entered path “%s” does not exist.',
+	'DIRECTORY_NOT_DIR'			=> 'The entered path “%s” is not a directory.',
+	'DIRECTORY_NOT_WRITEABLE'	=> 'The entered path “%s” is not writeable.',
 	'DISABLE'					=> 'Disable',
 	'DOWNLOAD'					=> 'Download',
 	'DOWNLOAD_AS'				=> 'Download as',
@ -411,12 +411,12 @@ $lang = array_merge($lang, array(
 	'LOG_ATTACH_FILEUPLOAD'		=> '<strong>Orphan File uploaded to Post</strong><br />» ID %1$d - %2$s',
 	'LOG_ATTACH_ORPHAN_DEL'		=> '<strong>Orphan Files deleted</strong><br />» %s',

-	'LOG_BAN_EXCLUDE_USER'	=> '<strong>Excluded user from ban</strong> for reason "<em>%1$s</em>"<br />» %2$s ',
-	'LOG_BAN_EXCLUDE_IP'	=> '<strong>Excluded IP from ban</strong> for reason "<em>%1$s</em>"<br />» %2$s ',
-	'LOG_BAN_EXCLUDE_EMAIL' => '<strong>Excluded email from ban</strong> for reason "<em>%1$s</em>"<br />» %2$s ',
-	'LOG_BAN_USER'			=> '<strong>Banned user</strong> for reason "<em>%1$s</em>"<br />» %2$s ',
-	'LOG_BAN_IP'			=> '<strong>Banned IP</strong> for reason "<em>%1$s</em>"<br />» %2$s',
-	'LOG_BAN_EMAIL'			=> '<strong>Banned email</strong> for reason "<em>%1$s</em>"<br />» %2$s',
+	'LOG_BAN_EXCLUDE_USER'	=> '<strong>Excluded user from ban</strong> for reason “<em>%1$s</em>”<br />» %2$s ',
+	'LOG_BAN_EXCLUDE_IP'	=> '<strong>Excluded IP from ban</strong> for reason “<em>%1$s</em>”<br />» %2$s ',
+	'LOG_BAN_EXCLUDE_EMAIL' => '<strong>Excluded email from ban</strong> for reason “<em>%1$s</em>”<br />» %2$s ',
+	'LOG_BAN_USER'			=> '<strong>Banned user</strong> for reason “<em>%1$s</em>”<br />» %2$s ',
+	'LOG_BAN_IP'			=> '<strong>Banned IP</strong> for reason “<em>%1$s</em>”<br />» %2$s',
+	'LOG_BAN_EMAIL'			=> '<strong>Banned email</strong> for reason “<em>%1$s</em>”<br />» %2$s',
 	'LOG_UNBAN_USER'		=> '<strong>Unbanned user</strong><br />» %s',
 	'LOG_UNBAN_IP'			=> '<strong>Unbanned IP</strong><br />» %s',
 	'LOG_UNBAN_EMAIL'		=> '<strong>Unbanned email</strong><br />» %s',
@ -499,7 +499,7 @@ $lang = array_merge($lang, array(
 	'LOG_FORUM_SYNC'						=> '<strong>Re-synchronised forum</strong><br />» %s',

 	'LOG_GROUP_CREATED'		=> '<strong>New usergroup created</strong><br />» %s',
-	'LOG_GROUP_DEFAULTS'	=> '<strong>Group made default for members</strong><br />» %s',
+	'LOG_GROUP_DEFAULTS'	=> '<strong>Group “%1$s” made default for members</strong><br />» %2$s',
 	'LOG_GROUP_DELETE'		=> '<strong>Usergroup deleted</strong><br />» %s',
 	'LOG_GROUP_DEMOTED'		=> '<strong>Leaders demoted in usergroup</strong> %1$s<br />» %2$s',
 	'LOG_GROUP_PROMOTED'	=> '<strong>Members promoted to leader in usergroup</strong> %1$s<br />» %2$s',
@ -523,7 +523,7 @@ $lang = array_merge($lang, array(
 	'LOG_INSTALL_CONVERTED'	=> '<strong>Converted from %1$s to phpBB %2$s</strong>',
 	'LOG_INSTALL_INSTALLED'	=> '<strong>Installed phpBB %s</strong>',

-	'LOG_IP_BROWSER_FORWARDED_CHECK'	=> '<strong>Session IP/browser/X_FORWARDED_FOR check failed</strong><br />»User IP "<em>%1$s</em>" checked against session IP "<em>%2$s</em>", user browser string "<em>%3$s</em>" checked against session browser string "<em>%4$s</em>" and user X_FORWARDED_FOR string "<em>%5$s</em>" checked against session X_FORWARDED_FOR string "<em>%6$s</em>".',
+	'LOG_IP_BROWSER_FORWARDED_CHECK'	=> '<strong>Session IP/browser/X_FORWARDED_FOR check failed</strong><br />»User IP “<em>%1$s</em>” checked against session IP “<em>%2$s</em>”, user browser string “<em>%3$s</em>” checked against session browser string “<em>%4$s</em>” and user X_FORWARDED_FOR string “<em>%5$s</em>” checked against session X_FORWARDED_FOR string “<em>%6$s</em>”.',

 	'LOG_JAB_CHANGED'			=> '<strong>Jabber account changed</strong>',
 	'LOG_JAB_PASSCHG'			=> '<strong>Jabber password changed</strong>',
@ -538,7 +538,7 @@ $lang = array_merge($lang, array(

 	'LOG_MASS_EMAIL'		=> '<strong>Sent mass email</strong><br />» %s',

-	'LOG_MCP_CHANGE_POSTER'	=> '<strong>Changed poster in topic "%1$s"</strong><br />» from %2$s to %3$s',
+	'LOG_MCP_CHANGE_POSTER'	=> '<strong>Changed poster in topic “%1$s”</strong><br />» from %2$s to %3$s',

 	'LOG_MODULE_DISABLE'	=> '<strong>Module disabled</strong>',
 	'LOG_MODULE_ENABLE'		=> '<strong>Module enabled</strong>',
@ -616,20 +616,20 @@ $lang = array_merge($lang, array(
 	'LOG_UPDATE_PHPBB'		=> '<strong>Updated phpBB from version %1$s to version %2$s</strong>',

 	'LOG_USER_ACTIVE'		=> '<strong>User activated</strong><br />» %s',
-	'LOG_USER_BAN_USER'		=> '<strong>Banned User via user management</strong> for reason "<em>%1$s</em>"<br />» %2$s',
-	'LOG_USER_BAN_IP'		=> '<strong>Banned IP via user management</strong> for reason "<em>%1$s</em>"<br />» %2$s',
-	'LOG_USER_BAN_EMAIL'	=> '<strong>Banned email via user management</strong> for reason "<em>%1$s</em>"<br />» %2$s',
+	'LOG_USER_BAN_USER'		=> '<strong>Banned User via user management</strong> for reason “<em>%1$s</em>”<br />» %2$s',
+	'LOG_USER_BAN_IP'		=> '<strong>Banned IP via user management</strong> for reason “<em>%1$s</em>”<br />» %2$s',
+	'LOG_USER_BAN_EMAIL'	=> '<strong>Banned email via user management</strong> for reason “<em>%1$s</em>”<br />» %2$s',
 	'LOG_USER_DELETED'		=> '<strong>Deleted user</strong><br />» %s',
 	'LOG_USER_DEL_ATTACH'	=> '<strong>Removed all attachments made by the user</strong><br />» %s',
 	'LOG_USER_DEL_AVATAR'	=> '<strong>Removed user avatar</strong><br />» %s',
 	'LOG_USER_DEL_POSTS'	=> '<strong>Removed all posts made by the user</strong><br />» %s',
 	'LOG_USER_DEL_SIG'		=> '<strong>Removed user signature</strong><br />» %s',
 	'LOG_USER_INACTIVE'		=> '<strong>User deactivated</strong><br />» %s',
-	'LOG_USER_MOVE_POSTS'	=> '<strong>Moved user posts</strong><br />» posts by "%1$s" to forum "%2$s"',
+	'LOG_USER_MOVE_POSTS'	=> '<strong>Moved user posts</strong><br />» posts by “%1$s” to forum “%2$s”',
 	'LOG_USER_NEW_PASSWORD'	=> '<strong>Changed user password</strong><br />» %s',
 	'LOG_USER_REACTIVATE'	=> '<strong>Forced user account re-activation</strong><br />» %s',
-	'LOG_USER_UPDATE_EMAIL'	=> '<strong>User "%1$s" changed email</strong><br />» from "%2$s" to "%3$s"',
-	'LOG_USER_UPDATE_NAME'	=> '<strong>Changed username</strong><br />» from "%1$s" to "%2$s"',
+	'LOG_USER_UPDATE_EMAIL'	=> '<strong>User “%1$s” changed email</strong><br />» from “%2$s” to “%3$s”',
+	'LOG_USER_UPDATE_NAME'	=> '<strong>Changed username</strong><br />» from “%1$s” to “%2$s”',
 	'LOG_USER_USER_UPDATE'	=> '<strong>Updated user details</strong><br />» %s',

 	'LOG_USER_ACTIVE_USER'		=> '<strong>User account activated</strong>',
@ -639,7 +639,7 @@ $lang = array_merge($lang, array(
 	'LOG_USER_GENERAL'			=> '%s',
 	'LOG_USER_INACTIVE_USER'	=> '<strong>User account de-activated</strong>',
 	'LOG_USER_LOCK'				=> '<strong>User locked own topic</strong><br />» %s',
-	'LOG_USER_MOVE_POSTS_USER'	=> '<strong>Moved all posts to forum "%s"</strong>',
+	'LOG_USER_MOVE_POSTS_USER'	=> '<strong>Moved all posts to forum</strong>» %s',
 	'LOG_USER_REACTIVATE_USER'	=> '<strong>Forced user account re-activation</strong>',
 	'LOG_USER_UNLOCK'			=> '<strong>User unlocked own topic</strong><br />» %s',
 	'LOG_USER_WARNING'			=> '<strong>Added user warning</strong><br />» %s',
--- a/phpBB/language/en/ucp.php
+++ b/phpBB/language/en/ucp.php
@ -315,10 +315,12 @@ $lang = array_merge($lang, array(
 	'PM_FROM_REMOVED_AUTHOR'	=> 'This message was sent by a user no longer registered.',
 	'PM_ICON'					=> 'PM icon',
 	'PM_INBOX'					=> 'Inbox',
+	'PM_NO_USERS'				=> 'The requested users to be added do not exist.',
 	'PM_OUTBOX'					=> 'Outbox',
 	'PM_SENTBOX'				=> 'Sent messages',
 	'PM_SUBJECT'				=> 'Message subject',
 	'PM_TO'						=> 'Send to',
+	'PM_USERS_REMOVED_NO_PM'	=> 'Some users couldn’t be added as they have disabled private message receipt.',
 	'POPUP_ON_PM'				=> 'Pop up window on new private message',
 	'POST_EDIT_PM'				=> 'Edit message',
 	'POST_FORWARD_PM'			=> 'Forward message',
--- a/phpBB/memberlist.php
+++ b/phpBB/memberlist.php
@ -359,14 +359,6 @@ switch ($mode)
 		$sql = 'SELECT *
 			FROM ' . USERS_TABLE . '
 			WHERE ' . (($username) ? "username_clean = '" . $db->sql_escape(utf8_clean_string($username)) . "'" : "user_id = $user_id");
-
-		// a_user admins and founder are able to view inactive users and bots to be able to
-		// manage them more easily
-		if (!$auth->acl_get('a_user') && $user->data['user_type'] != USER_FOUNDER)
-		{
-			$sql .= ' AND user_type IN (' . USER_NORMAL . ', ' . USER_FOUNDER . ')';
-		}
-
 		$result = $db->sql_query($sql);
 		$member = $db->sql_fetchrow($result);
 		$db->sql_freeresult($result);
@ -376,6 +368,20 @@ switch ($mode)
 			trigger_error('NO_USER');
 		}

+		// a_user admins and founder are able to view inactive users and bots to be able to manage them more easily
+		// Normal users are able to see at least users having only changed their profile settings but not yet re-activated.
+		if (!$auth->acl_get('a_user') && $user->data['user_type'] != USER_FOUNDER)
+		{
+			if ($row['user_type'] == USER_IGNORE)
+			{
+				trigger_error('NO_USER');
+			}
+			else if ($row['user_type'] == USER_INACTIVE && $row['user_inactive_reason'] != INACTIVE_PROFILE)
+			{
+				trigger_error('NO_USER');
+			}
+		}
+
 		$user_id = (int) $member['user_id'];

 		// Do the SQL thang
--- a/phpBB/posting.php
+++ b/phpBB/posting.php
@ -850,7 +850,7 @@ if ($submit || $preview || $refresh)
 					include_once($phpbb_root_path . 'includes/functions_admin.' . $phpEx);

 					$template->assign_vars(array(
-						'S_FORUM_SELECT'	=> make_forum_select(false, false, false, true, true),
+						'S_FORUM_SELECT'	=> make_forum_select(false, false, false, true, true, true),
 						'S_UNGLOBALISE'		=> true)
 					);

@ -859,6 +859,12 @@ if ($submit || $preview || $refresh)
 				}
 				else
 				{
+					if (!$auth->acl_get('f_post', $to_forum_id))
+					{
+						// This will only be triggered if the user tried to trick the forum.
+						trigger_error('NOT_AUTHORIZED');
+					}
+
 					$forum_id = $to_forum_id;
 				}
 			}
--- a/phpBB/styles/subSilver/template/login_body.html
+++ b/phpBB/styles/subSilver/template/login_body.html
@ -56,10 +56,12 @@
 				<td><input type="checkbox" class="radio" name="autologin" tabindex="3" /> <span class="gensmall">{L_LOG_ME_IN}</span></td>
 			</tr>
 			<!-- ENDIF -->
+			<!-- IF S_ALLOW_HIDE_ONLINE -->
 			<tr>
 				<td>&nbsp;</td>
 				<td><input type="checkbox" class="radio" name="viewonline" tabindex="4" /> <span class="gensmall">{L_HIDE_ME}</span></td>
 			</tr>
+			<!-- ENDIF -->
 		<!-- ENDIF -->
 		</table>
 	</td>
--- a/phpBB/styles/subSilver/template/viewforum_body.html
+++ b/phpBB/styles/subSilver/template/viewforum_body.html
@ -122,7 +122,7 @@
 			<td class="cat"><h4><a href="{U_LOGIN_LOGOUT}">{L_LOGIN_LOGOUT}</a></h4></td>
 		</tr>
 		<tr>
-			<td class="row1" align="center"><span class="genmed">{L_USERNAME}:</span> <input class="post" type="text" name="username" size="10" />&nbsp; <span class="genmed">{L_PASSWORD}:</span> <input class="post" type="password" name="password" size="10" />&nbsp; <span class="gensmall">{L_LOG_ME_IN}</span> <input type="checkbox" class="radio" name="autologin" />&nbsp; <input type="submit" class="btnmain" name="login" value="{L_LOGIN}" /></td>
+			<td class="row1" align="center"><span class="genmed">{L_USERNAME}:</span> <input class="post" type="text" name="username" size="10" />&nbsp; <span class="genmed">{L_PASSWORD}:</span> <input class="post" type="password" name="password" size="10" /><!-- IF S_AUTOLOGIN_ENABLED -->&nbsp; <span class="gensmall">{L_LOG_ME_IN}</span> <input type="checkbox" class="radio" name="autologin" /><!-- ENDIF -->&nbsp; <input type="submit" class="btnmain" name="login" value="{L_LOGIN}" /></td>
 		</tr>
 		</table>
 		
--- a/phpBB/viewforum.php
+++ b/phpBB/viewforum.php
@ -156,6 +156,7 @@ if (!$auth->acl_get('f_read', $forum_id))

 		'S_NO_READ_ACCESS'		=> true,
 		'S_AUTOLOGIN_ENABLED'	=> ($config['allow_autologin']) ? true : false,
+		'S_ALLOW_HIDE_ONLINE'	=> ($auth->acl_get('u_hideonline')) ? true : false,
 		'S_LOGIN_ACTION'		=> append_sid("{$phpbb_root_path}ucp.$phpEx", 'mode=login') . '&amp;redirect=' . urlencode(str_replace('&amp;', '&', build_url(array('_f_')))),
 	));