Just released phpBB 2.0.13 - Critical Update
http://www.phpbb.com/phpBB/viewtopic.php?t=267563
Download page: http://www.phpbb.com/downloads.php
Greg
Full Version: Phpbb 2.0.13 Released - Critical Updatebb
TotalChoice Hosting Family Forums > TotalChoice Hosting General Support > Security Discussions > Software/Scripts/Other Alerts
Thanks Greg 
there is a Changed Files Only download,
but make backups of your database and mods first just in case.
there is a Changed Files Only download,
but make backups of your database and mods first just in case.
Patched my forum, thanks for the heads-up
Thanks for the heads-up 
This is a critical update, so everyone should upgrade their boards as soon as possible.
Also, don't forget to run the update script from the "install" directory. It is not enough to replace the old files with the updated ones.
This is a critical update, so everyone should upgrade their boards as soon as possible.
Also, don't forget to run the update script from the "install" directory. It is not enough to replace the old files with the updated ones.
Are there any plans to add 2.0.13 to CPanel so that I can do the 'one-click' install?
Part of the reason I ask is laziness and the other part is because I don't want to do a custom install of the software and then not be able to use one-click install in the future.
Part of the reason I ask is laziness
and the other part is because I don't want to do a custom install of the software and then not be able to use one-click install in the future.
Hi and welcome to the forums TMA
Everything about what cpanel should include and updates etc are handled by http://cpanel.net, so you would need to suggest it to them.
Everything about what cpanel should include and updates etc are handled by http://cpanel.net, so you would need to suggest it to them.
Welcome to the forums, TMA!
As Thomas states, the program scripts included with cPanel are under their control.
As Thomas states, the program scripts included with cPanel are under their control.
Man! I'm late to this party!
But I just started working (again) on a phpBB that I originally updated in Dec. to the 2.0.11 version. I'm glad I was checking the phpBB.com boards for help with another issue.
I'm green at using phpBB and had a WHALE of a time changing my style originally (before the 2.0.11 update was done), from subsilver to genElectro. The 2.0.11 update from the cpanel converted my board back to the default subsilver, so I was not happy having to figure out how I changed it originally. But I now have it back to the genElectro design.
Is it possible to update to 2.0.13 without it changing everything back to the subsilver default? And do I need to do 2.0.12 before doing 2.0.13? And how do I backup my "database and mods" as suggested by TCH-Don? I don't think I have any "mods" -- I just read what they are at phpBB.com and I haven't done anything other than change the style.
Thanks a mil.
Mission
But I just started working (again) on a phpBB that I originally updated in Dec. to the 2.0.11 version. I'm glad I was checking the phpBB.com boards for help with another issue.
I'm green at using phpBB and had a WHALE of a time changing my style originally (before the 2.0.11 update was done), from subsilver to genElectro. The 2.0.11 update from the cpanel converted my board back to the default subsilver, so I was not happy having to figure out how I changed it originally. But I now have it back to the genElectro design.
Is it possible to update to 2.0.13 without it changing everything back to the subsilver default? And do I need to do 2.0.12 before doing 2.0.13? And how do I backup my "database and mods" as suggested by TCH-Don? I don't think I have any "mods" -- I just read what they are at phpBB.com and I haven't done anything other than change the style.
Thanks a mil.
Mission
Mission,
Go to the downloads page listed above and get the changed files only archive.
Follow the directions included with it and you should be good to go.
The update includes a migration path from 2.0.11 to 2.0.13
Go to the downloads page listed above and get the changed files only archive.
Follow the directions included with it and you should be good to go.
The update includes a migration path from 2.0.11 to 2.0.13
You can actually download a file that tells you how to manually update the forum script. it's time sonsuming but if, like me, you have heavily modded your forum it's the only way to go. the login as admin exploit of phpBB pre 2.0.13 is to damn easy and http://proxy2.de/forum is an example of what can happen.
Thanks, Bruce!
Mission
Mission
For those of us who have it installed, but don't know that much about it, what should we do? Is there an auto update function available to us somewhere?
if yu have no modifications you can simply download the changed files and replace your current ones with them.
Quick question: For the templates file, the 2.0.13 update includes a subsilver folder. I'm not using subsilver, but I updated the files anyhow.
However, for the style I'm using, do I need to update the index_body.tpl, overall_footer.tpl & simple_footer.tpl for genElectro with the same files the upgrade includes for the subsilver style?
Thx!
Mission
However, for the style I'm using, do I need to update the index_body.tpl, overall_footer.tpl & simple_footer.tpl for genElectro with the same files the upgrade includes for the subsilver style?
Thx!
Mission
Hey, carbonize - is that link for me or for abinidi?
I used the link at the top and downloaded the zip, changes only, for 2.0.11 to 2.0.13.
I'm wondering now if I need to replace those 3 genElectro .tpl files with the subsilver .tpl files? I don't want to replace those files and then wind up with subsilver as my style again, like I did when I updated to 2.0.11 before. If the subsilver .tpl files are something general that won't change how my board looks, then wonderful. If not, I will be a sad camper spending hours trying to figure out how to change the style back to genElectro. Thanks.
Mission
I used the link at the top and downloaded the zip, changes only, for 2.0.11 to 2.0.13.
I'm wondering now if I need to replace those 3 genElectro .tpl files with the subsilver .tpl files? I don't want to replace those files and then wind up with subsilver as my style again, like I did when I updated to 2.0.11 before. If the subsilver .tpl files are something general that won't change how my board looks, then wonderful. If not, I will be a sad camper spending hours trying to figure out how to change the style back to genElectro. Thanks.
Mission
Hi Mission,
Since you do not use the subsilver skin, you do not need to do any updating of the files for it.
For you 'genElectro' skin, you need to manually edit the files that need updating, you cannot just overwrite them with the complete updated files. Doing so will 'wreck' your skin.
It can be downloaded here http://www.phpbb.com/phpBB/viewtopic.php?t...4295dad5db09c0c, below here is the manual upgrade that you need to do.
You also need to upload the file "update_to_latest.php" and run it to update the database as needed.
Holler back if you need more help, Tom
Since you do not use the subsilver skin, you do not need to do any updating of the files for it.
For you 'genElectro' skin, you need to manually edit the files that need updating, you cannot just overwrite them with the complete updated files. Doing so will 'wreck' your skin.
It can be downloaded here http://www.phpbb.com/phpBB/viewtopic.php?t...4295dad5db09c0c, below here is the manual upgrade that you need to do.
You also need to upload the file "update_to_latest.php" and run it to update the database as needed.
Holler back if you need more help, Tom
CODE
#################################################################
## MOD Title: phpBB 2.0.11 to phpBB 2.0.13 Code Changes
## MOD Author: Acyd Burn < N/A > (Meik Sievertsen) N/A
## MOD Description: These are the Changes from phpBB 2.0.11 to phpBB 2.0.13 summed up into a little Mod.
## This might be very helpful if you want to update your Board and have installed a
## bunch of Mods. Then it's normally easier to apply the Code Changes than to install
## all Mods again.
## MOD Version: 1.0.0
##
## Installation Level: Intermediate
## Installation Time: 10-20 Minutes
## Files To Edit:
## admin/admin_db_utilities.php
## admin/index.php
## common.php
## includes/functions.php
## includes/page_tail.php
## includes/template.php
## includes/sessions.php
## includes/usercp_avatar.php
## includes/usercp_register.php
## language/lang_english/lang_admin.php
## templates/subSilver/admin/index_body.tpl
## templates/subSilver/overall_footer.tpl
## templates/subSilver/simple_footer.tpl
## viewtopic.php
##
## Included Files: update_to_latest.php
##############################################################
## For Security Purposes, Please Check: [url=http://www.phpbb.com/mods/]http://www.phpbb.com/mods/[/url] for the
## latest version of this MOD. Downloading this MOD from other sites could cause malicious code
## to enter into your phpBB Forum. As such, phpBB will not offer support for MOD's not offered
## in our MOD-Database, located at: [url=http://www.phpbb.com/mods/]http://www.phpbb.com/mods/[/url]
##############################################################
## Author Notes:
##
## When you find a 'AFTER, ADD'-Statement, the Code have to be added after the last line quoted in the 'FIND'-Statement.
## When you find a 'BEFORE, ADD'-Statement, the Code have to be added before the first line quoted in the 'FIND'-Statement.
## When you find a 'REPLACE WITH'-Statement, the Code quoted in the 'FIND'-Statement have to be replaced completely with the quoted Code in the 'REPLACE WITH'-Statement.
## When you find a 'DELETE'-Statement, the Code have to be deleted.
##
## After you have finished this tutorial, you have to upload the install/update_to_latest.php file (found within every phpBB Package), execute it and then delete it from your webspace.
## Please make sure you have uploaded the file with the install folder, else the update file will error out (please create the install folder if it does not exist and after updating remove it)
##
## From phpBB 2.0.11 to 2.0.13 there were no database changes, except the version number increment.
##
##############################################################
## MOD History:
##
## 2005-02-28 - Version 1.0.0
## - first release
##
##############################################################
## Before Adding This MOD To Your Forum, You Should Back Up All Files Related To This MOD
##############################################################
#
#-----[ OPEN ]---------------------------------------------
#
admin/admin_db_utilities.php
#
#-----[ FIND ]---------------------------------------------
# Line 696
$tables = array('auth_access', 'banlist', 'categories', 'config', 'disallow', 'forums', 'forum_prune', 'groups', 'posts', 'posts_text', 'privmsgs', 'privmsgs_text', 'ranks', 'search_results', 'search_wordlist', 'search_wordmatch', 'sessions', 'smilies', 'themes', 'themes_name', 'topics', 'topics_watch', 'user_group', 'users', 'vote_desc', 'vote_results', 'vote_voters', 'words');
#
#-----[ REPLACE WITH ]---------------------------------------------
#
$tables = array('auth_access', 'banlist', 'categories', 'config', 'disallow', 'forums', 'forum_prune', 'groups', 'posts', 'posts_text', 'privmsgs', 'privmsgs_text', 'ranks', 'search_results', 'search_wordlist', 'search_wordmatch', 'sessions', 'smilies', 'themes', 'themes_name', 'topics', 'topics_watch', 'user_group', 'users', 'vote_desc', 'vote_results', 'vote_voters', 'words', 'confirm');
#
#-----[ OPEN ]---------------------------------------------
#
admin/index.php
#
#-----[ FIND ]---------------------------------------------
# Line 562
"L_NO_GUESTS_BROWSING" => $lang['No_users_browsing'])
);
}
#
#-----[ AFTER, ADD ]---------------------------------------------
#
// Check for new version
$current_version = explode('.', '2' . $board_config['version']);
$minor_revision = (int) $current_version[2];
$errno = 0;
$errstr = $version_info = '';
if ($fsock = @fsockopen('www.phpbb.com', 80, $errno, $errstr))
{
@fputs($fsock, "GET /updatecheck/20x.txt HTTP/1.1\r\n");
@fputs($fsock, "HOST: www.phpbb.com\r\n");
@fputs($fsock, "Connection: close\r\n\r\n");
$get_info = false;
while (!@feof($fsock))
{
if ($get_info)
{
$version_info .= @fread($fsock, 1024);
}
else
{
if (@fgets($fsock, 1024) == "\r\n")
{
$get_info = true;
}
}
}
@fclose($fsock);
$version_info = explode("\n", $version_info);
$latest_head_revision = (int) $version_info[0];
$latest_minor_revision = (int) $version_info[2];
$latest_version = (int) $version_info[0] . '.' . (int) $version_info[1] . '.' . (int) $version_info[2];
if ($latest_head_revision == 2 && $minor_revision == $latest_minor_revision)
{
$version_info = '<p style="color:green">' . $lang['Version_up_to_date'] . '</p>';
}
else
{
$version_info = '<p style="color:red">' . $lang['Version_not_up_to_date'];
$version_info .= '<br />' . sprintf($lang['Latest_version_info'], $latest_version) . sprintf($lang['Current_version_info'], '2' . $board_config['version']) . '</p>';
}
}
else
{
if ($errstr)
{
$version_info = '<p style="color:red">' . sprintf($lang['Connect_socket_error'], $errstr) . '</p>';
}
else
{
$version_info = '<p>' . $lang['Socket_functions_disabled'] . '</p>';
}
}
$version_info .= '<p>' . $lang['Mailing_list_subscribe_reminder'] . '</p>';
$template->assign_vars(array(
'VERSION_INFO' => $version_info,
'L_VERSION_INFORMATION' => $lang['Version_information'])
);
#
#-----[ OPEN ]---------------------------------------------
#
common.php
#
#-----[ FIND ]---------------------------------------------
# Line 56
$test = array('HTTP_GET_VARS' => NULL, 'HTTP_POST_VARS' => NULL, 'HTTP_COOKIE_VARS' => NULL, 'HTTP_SERVER_VARS' => NULL, 'HTTP_ENV_VARS' => NULL, 'HTTP_POST_FILES' => NULL);
#
#-----[ REPLACE WITH ]---------------------------------------------
#
$test = array('HTTP_GET_VARS' => NULL, 'HTTP_POST_VARS' => NULL, 'HTTP_COOKIE_VARS' => NULL, 'HTTP_SERVER_VARS' => NULL, 'HTTP_ENV_VARS' => NULL, 'HTTP_POST_FILES' => NULL, 'phpEx' => NULL, 'phpbb_root_path' => NULL);
#
#-----[ FIND ]---------------------------------------------
# Line 75
else if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on')
{
// PHP4+ path
#
#-----[ AFTER, ADD ]---------------------------------------------
#
$not_unset = array('HTTP_GET_VARS', 'HTTP_POST_VARS', 'HTTP_COOKIE_VARS', 'HTTP_SERVER_VARS', 'HTTP_SESSION_VARS', 'HTTP_ENV_VARS', 'HTTP_POST_FILES', 'phpEx', 'phpbb_root_path');
#
#-----[ FIND ]---------------------------------------------
# Line 92
unset($input['input']);
while (list($var,) = @each($input))
{
unset($$var);
}
#
#-----[ REPLACE WITH ]---------------------------------------------
#
unset($input['input']);
unset($input['not_unset']);
while (list($var,) = @each($input))
{
if (!in_array($var, $not_unset))
{
unset($$var);
}
}
#
#-----[ FIND ]---------------------------------------------
# Line 207
$client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : $REMOTE_ADDR );
#
#-----[ REPLACE WITH ]---------------------------------------------
#
$client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : getenv('REMOTE_ADDR') );
#
#-----[ OPEN ]---------------------------------------------
#
includes/functions.php
#
#-----[ FIND ]---------------------------------------------
# Line 80
$username = htmlspecialchars(rtrim(trim($username), "\\"));
$username = substr(str_replace("\\'", "'", $username), 0, 25);
$username = str_replace("'", "\\'", $username);
#
#-----[ REPLACE WITH ]---------------------------------------------
#
$username = substr(htmlspecialchars(str_replace("\'", "'", trim($username))), 0, 25);
$username = phpbb_rtrim($username, "\\");
$username = str_replace("'", "\'", $username);
#
#-----[ FIND ]---------------------------------------------
# Line 83
return $username;
}
#
#-----[ AFTER, ADD ]---------------------------------------------
#
// added at phpBB 2.0.12 to fix a bug in PHP 4.3.10 (only supporting charlist in php >= 4.1.0)
function phpbb_rtrim($str, $charlist = false)
{
if ($charlist === false)
{
return rtrim($str);
}
$php_version = explode('.', PHP_VERSION);
// php version < 4.1.0
if ((int) $php_version[0] < 4 || ((int) $php_version[0] == 4 && (int) $php_version[1] < 1))
{
while ($str{strlen($str)-1} == $charlist)
{
$str = substr($str, 0, strlen($str)-1);
}
}
else
{
$str = rtrim($str, $charlist);
}
return $str;
}
#
#-----[ FIND ]---------------------------------------------
# Line 608
$debug_text .= '</br /><br />Line : ' . $err_line . '<br />File : ' . $err_file;
#
#-----[ REPLACE WITH ]---------------------------------------------
#
$debug_text .= '</br /><br />Line : ' . $err_line . '<br />File : ' . basename($err_file);
#
#-----[ OPEN ]---------------------------------------------
# * (Change from 2.0.12 to 2.0.13)
includes/sessions.php
#
#-----[ FIND ]---------------------------------------------
# Line 82
if( $sessiondata['autologinid'] == $auto_login_key )
#
#-----[ REPLACE WITH ]---------------------------------------------
#
if( $sessiondata['autologinid'] === $auto_login_key )
#
#-----[ OPEN ]---------------------------------------------
#
includes/page_tail.php
#
#-----[ FIND ]---------------------------------------------
# Line 38
'PHPBB_VERSION' => '2' . $board_config['version'],
#
#-----[ REPLACE WITH ]---------------------------------------------
#
// 'PHPBB_VERSION' => '2' . $board_config['version'],
#
#-----[ OPEN ]---------------------------------------------
#
includes/template.php
#
#-----[ FIND ]---------------------------------------------
# Line 233
$filename = phpbb_realpath($this->root . '/' . $filename);
#
#-----[ REPLACE WITH ]---------------------------------------------
#
$filename = ($rp_filename = phpbb_realpath($this->root . '/' . $filename)) ? $rp_filename : $filename;
#
#-----[ OPEN ]---------------------------------------------
#
includes/usercp_avatar.php
#
#-----[ FIND ]---------------------------------------------
# Line 54
{
global $board_config, $userdata;
#
#-----[ AFTER, ADD ]---------------------------------------------
#
$avatar_file = basename($avatar_file);
#
#-----[ FIND ]---------------------------------------------
# Line 69
function user_avatar_gallery($mode, &$error, &$error_msg, $avatar_filename)
{
global $board_config;
#
#-----[ AFTER, ADD ]---------------------------------------------
#
$avatar_filename = str_replace(array('../', '..\\', './', '.\\'), '', $avatar_filename);
if ($avatar_filename{0} == '/' || $avatar_filename{0} == "\\")
{
return '';
}
#
#-----[ FIND ]---------------------------------------------
# Line 235
$move_file = 'copy';
}
#
#-----[ AFTER, ADD ]---------------------------------------------
#
if (!is_uploaded_file($avatar_filename))
{
message_die(GENERAL_ERROR, 'Unable to upload file', '', __LINE__, __FILE__);
}
#
#-----[ OPEN ]---------------------------------------------
#
includes/usercp_register.php
#
#-----[ FIND ]---------------------------------------------
# Line 462
$avatar_mode = ( !empty($user_avatar_name) ) ? 'local' : 'remote';
#
#-----[ REPLACE WITH ]---------------------------------------------
#
$avatar_mode = (empty($user_avatar_name)) ? 'remote' : 'local';
#
#-----[ OPEN ]---------------------------------------------
#
language/lang_english/lang_admin.php
#
#-----[ FIND ]---------------------------------------------
#
//
// That's all Folks!
// -------------------------------------------------
#
#-----[ BEFORE, ADD ]---------------------------------------------
#
//
// Version Check
//
$lang['Version_up_to_date'] = 'Your installation is up to date, no updates are available for your version of phpBB.';
$lang['Version_not_up_to_date'] = 'Your installation does <b>not</b> seem to be up to date. Updates are available for your version of phpBB, please visit <a href="http://www.phpbb.com/downloads.php" target="_new">http://www.phpbb.com/downloads.php</a> to obtain the latest version.';
$lang['Latest_version_info'] = 'The latest available version is <b>phpBB %s</b>.';
$lang['Current_version_info'] = 'You are running <b>phpBB %s</b>.';
$lang['Connect_socket_error'] = 'Unable to open connection to phpBB Server, reported error is:<br />%s';
$lang['Socket_functions_disabled'] = 'Unable to use socket functions.';
$lang['Mailing_list_subscribe_reminder'] = 'For the latest information on updates to phpBB, why not <a href="http://www.phpbb.com/support/" target="_new">subscribe to our mailing list</a>.';
$lang['Version_information'] = 'Version Information';
#
#-----[ OPEN ]---------------------------------------------
#
templates/subSilver/admin/index_body.tpl
#
#-----[ FIND ]---------------------------------------------
# Line 80
</table>
<br />
#
#-----[ AFTER, ADD ]---------------------------------------------
#
<h1>{L_VERSION_INFORMATION}</h1>
{VERSION_INFO}
<br />
#
#-----[ OPEN ]---------------------------------------------
#
templates/subSilver/overall_footer.tpl
#
#-----[ FIND ]---------------------------------------------
# Line 8
Powered by phpBB {PHPBB_VERSION} line, with phpBB linked to www.phpbb.com. If you refuse
to include even this then support on our forums may be affected.
The phpBB Group : 2002
// -->
Powered by <a href="http://www.phpbb.com/" target="_phpbb" class="copyright">phpBB</a> {PHPBB_VERSION} © 2001, 2002 phpBB Group<br />{TRANSLATION_INFO}</span></div>
#
#-----[ REPLACE WITH ]---------------------------------------------
#
Powered by phpBB line, with phpBB linked to www.phpbb.com. If you refuse
to include even this then support on our forums may be affected.
The phpBB Group : 2002
// -->
Powered by <a href="http://www.phpbb.com/" target="_phpbb" class="copyright">phpBB</a> © 2001, 2005 phpBB Group<br />{TRANSLATION_INFO}</span></div>
#
#-----[ OPEN ]---------------------------------------------
#
templates/subSilver/simple_footer.tpl
#
#-----[ FIND ]---------------------------------------------
# Line 8
Powered by phpBB {PHPBB_VERSION} line, with phpBB linked to www.phpbb.com. If you refuse
to include even this then support on our forums may be affected.
The phpBB Group : 2002
// -->
Powered by <a href="http://www.phpbb.com/" target="_phpbb" class="copyright">phpBB</a> {PHPBB_VERSION} © 2001,2002 phpBB Group</span></div>
#
#-----[ REPLACE WITH ]---------------------------------------------
#
Powered by phpBB line, with phpBB linked to www.phpbb.com. If you refuse
to include even this then support on our forums may be affected.
The phpBB Group : 2002
// -->
Powered by <a href="http://www.phpbb.com/" target="_phpbb" class="copyright">phpBB</a> © 2001, 2005 phpBB Group</span></div>
#
#-----[ OPEN ]---------------------------------------------
#
viewtopic.php
#
#-----[ FIND ]---------------------------------------------
# Line 498
unset($words);
$highlight = urlencode($HTTP_GET_VARS['highlight']);
#
#-----[ AFTER, ADD ]---------------------------------------------
#
$highlight_match = phpbb_rtrim($highlight_match, "\\");
#
#-----[ FIND ]---------------------------------------------
# Line 1110 (* Change from 2.0.12 to 2.0.13) - only the two @ has been added in front of preg_replace
$message = str_replace('\"', '"', substr(preg_replace('#(\>(((?>([^><]+|(?R)))*)\<))#se', "preg_replace('#\b(" . $highlight_match . ")\b#i', '<span style=\"color:#" . $theme['fontcolor3'] . "\"><b>\\\\1</b></span>', '\\0')", '>' . $message . '<'), 1, -1));
#
#-----[ REPLACE WITH ]---------------------------------------------
#
$message = str_replace('\"', '"', substr(@preg_replace('#(\>(((?>([^><]+|(?R)))*)\<))#se', "@preg_replace('#\b(" . $highlight_match . ")\b#i', '<span style=\"color:#" . $theme['fontcolor3'] . "\"><b>\\\\1</b></span>', '\\0')", '>' . $message . '<'), 1, -1));
#
#-----[ SAVE/CLOSE ALL FILES ]------------------------------------------
#
# EoM
## MOD Title: phpBB 2.0.11 to phpBB 2.0.13 Code Changes
## MOD Author: Acyd Burn < N/A > (Meik Sievertsen) N/A
## MOD Description: These are the Changes from phpBB 2.0.11 to phpBB 2.0.13 summed up into a little Mod.
## This might be very helpful if you want to update your Board and have installed a
## bunch of Mods. Then it's normally easier to apply the Code Changes than to install
## all Mods again.
## MOD Version: 1.0.0
##
## Installation Level: Intermediate
## Installation Time: 10-20 Minutes
## Files To Edit:
## admin/admin_db_utilities.php
## admin/index.php
## common.php
## includes/functions.php
## includes/page_tail.php
## includes/template.php
## includes/sessions.php
## includes/usercp_avatar.php
## includes/usercp_register.php
## language/lang_english/lang_admin.php
## templates/subSilver/admin/index_body.tpl
## templates/subSilver/overall_footer.tpl
## templates/subSilver/simple_footer.tpl
## viewtopic.php
##
## Included Files: update_to_latest.php
##############################################################
## For Security Purposes, Please Check: [url=http://www.phpbb.com/mods/]http://www.phpbb.com/mods/[/url] for the
## latest version of this MOD. Downloading this MOD from other sites could cause malicious code
## to enter into your phpBB Forum. As such, phpBB will not offer support for MOD's not offered
## in our MOD-Database, located at: [url=http://www.phpbb.com/mods/]http://www.phpbb.com/mods/[/url]
##############################################################
## Author Notes:
##
## When you find a 'AFTER, ADD'-Statement, the Code have to be added after the last line quoted in the 'FIND'-Statement.
## When you find a 'BEFORE, ADD'-Statement, the Code have to be added before the first line quoted in the 'FIND'-Statement.
## When you find a 'REPLACE WITH'-Statement, the Code quoted in the 'FIND'-Statement have to be replaced completely with the quoted Code in the 'REPLACE WITH'-Statement.
## When you find a 'DELETE'-Statement, the Code have to be deleted.
##
## After you have finished this tutorial, you have to upload the install/update_to_latest.php file (found within every phpBB Package), execute it and then delete it from your webspace.
## Please make sure you have uploaded the file with the install folder, else the update file will error out (please create the install folder if it does not exist and after updating remove it)
##
## From phpBB 2.0.11 to 2.0.13 there were no database changes, except the version number increment.
##
##############################################################
## MOD History:
##
## 2005-02-28 - Version 1.0.0
## - first release
##
##############################################################
## Before Adding This MOD To Your Forum, You Should Back Up All Files Related To This MOD
##############################################################
#
#-----[ OPEN ]---------------------------------------------
#
admin/admin_db_utilities.php
#
#-----[ FIND ]---------------------------------------------
# Line 696
$tables = array('auth_access', 'banlist', 'categories', 'config', 'disallow', 'forums', 'forum_prune', 'groups', 'posts', 'posts_text', 'privmsgs', 'privmsgs_text', 'ranks', 'search_results', 'search_wordlist', 'search_wordmatch', 'sessions', 'smilies', 'themes', 'themes_name', 'topics', 'topics_watch', 'user_group', 'users', 'vote_desc', 'vote_results', 'vote_voters', 'words');
#
#-----[ REPLACE WITH ]---------------------------------------------
#
$tables = array('auth_access', 'banlist', 'categories', 'config', 'disallow', 'forums', 'forum_prune', 'groups', 'posts', 'posts_text', 'privmsgs', 'privmsgs_text', 'ranks', 'search_results', 'search_wordlist', 'search_wordmatch', 'sessions', 'smilies', 'themes', 'themes_name', 'topics', 'topics_watch', 'user_group', 'users', 'vote_desc', 'vote_results', 'vote_voters', 'words', 'confirm');
#
#-----[ OPEN ]---------------------------------------------
#
admin/index.php
#
#-----[ FIND ]---------------------------------------------
# Line 562
"L_NO_GUESTS_BROWSING" => $lang['No_users_browsing'])
);
}
#
#-----[ AFTER, ADD ]---------------------------------------------
#
// Check for new version
$current_version = explode('.', '2' . $board_config['version']);
$minor_revision = (int) $current_version[2];
$errno = 0;
$errstr = $version_info = '';
if ($fsock = @fsockopen('www.phpbb.com', 80, $errno, $errstr))
{
@fputs($fsock, "GET /updatecheck/20x.txt HTTP/1.1\r\n");
@fputs($fsock, "HOST: www.phpbb.com\r\n");
@fputs($fsock, "Connection: close\r\n\r\n");
$get_info = false;
while (!@feof($fsock))
{
if ($get_info)
{
$version_info .= @fread($fsock, 1024);
}
else
{
if (@fgets($fsock, 1024) == "\r\n")
{
$get_info = true;
}
}
}
@fclose($fsock);
$version_info = explode("\n", $version_info);
$latest_head_revision = (int) $version_info[0];
$latest_minor_revision = (int) $version_info[2];
$latest_version = (int) $version_info[0] . '.' . (int) $version_info[1] . '.' . (int) $version_info[2];
if ($latest_head_revision == 2 && $minor_revision == $latest_minor_revision)
{
$version_info = '<p style="color:green">' . $lang['Version_up_to_date'] . '</p>';
}
else
{
$version_info = '<p style="color:red">' . $lang['Version_not_up_to_date'];
$version_info .= '<br />' . sprintf($lang['Latest_version_info'], $latest_version) . sprintf($lang['Current_version_info'], '2' . $board_config['version']) . '</p>';
}
}
else
{
if ($errstr)
{
$version_info = '<p style="color:red">' . sprintf($lang['Connect_socket_error'], $errstr) . '</p>';
}
else
{
$version_info = '<p>' . $lang['Socket_functions_disabled'] . '</p>';
}
}
$version_info .= '<p>' . $lang['Mailing_list_subscribe_reminder'] . '</p>';
$template->assign_vars(array(
'VERSION_INFO' => $version_info,
'L_VERSION_INFORMATION' => $lang['Version_information'])
);
#
#-----[ OPEN ]---------------------------------------------
#
common.php
#
#-----[ FIND ]---------------------------------------------
# Line 56
$test = array('HTTP_GET_VARS' => NULL, 'HTTP_POST_VARS' => NULL, 'HTTP_COOKIE_VARS' => NULL, 'HTTP_SERVER_VARS' => NULL, 'HTTP_ENV_VARS' => NULL, 'HTTP_POST_FILES' => NULL);
#
#-----[ REPLACE WITH ]---------------------------------------------
#
$test = array('HTTP_GET_VARS' => NULL, 'HTTP_POST_VARS' => NULL, 'HTTP_COOKIE_VARS' => NULL, 'HTTP_SERVER_VARS' => NULL, 'HTTP_ENV_VARS' => NULL, 'HTTP_POST_FILES' => NULL, 'phpEx' => NULL, 'phpbb_root_path' => NULL);
#
#-----[ FIND ]---------------------------------------------
# Line 75
else if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on')
{
// PHP4+ path
#
#-----[ AFTER, ADD ]---------------------------------------------
#
$not_unset = array('HTTP_GET_VARS', 'HTTP_POST_VARS', 'HTTP_COOKIE_VARS', 'HTTP_SERVER_VARS', 'HTTP_SESSION_VARS', 'HTTP_ENV_VARS', 'HTTP_POST_FILES', 'phpEx', 'phpbb_root_path');
#
#-----[ FIND ]---------------------------------------------
# Line 92
unset($input['input']);
while (list($var,) = @each($input))
{
unset($$var);
}
#
#-----[ REPLACE WITH ]---------------------------------------------
#
unset($input['input']);
unset($input['not_unset']);
while (list($var,) = @each($input))
{
if (!in_array($var, $not_unset))
{
unset($$var);
}
}
#
#-----[ FIND ]---------------------------------------------
# Line 207
$client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : $REMOTE_ADDR );
#
#-----[ REPLACE WITH ]---------------------------------------------
#
$client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : getenv('REMOTE_ADDR') );
#
#-----[ OPEN ]---------------------------------------------
#
includes/functions.php
#
#-----[ FIND ]---------------------------------------------
# Line 80
$username = htmlspecialchars(rtrim(trim($username), "\\"));
$username = substr(str_replace("\\'", "'", $username), 0, 25);
$username = str_replace("'", "\\'", $username);
#
#-----[ REPLACE WITH ]---------------------------------------------
#
$username = substr(htmlspecialchars(str_replace("\'", "'", trim($username))), 0, 25);
$username = phpbb_rtrim($username, "\\");
$username = str_replace("'", "\'", $username);
#
#-----[ FIND ]---------------------------------------------
# Line 83
return $username;
}
#
#-----[ AFTER, ADD ]---------------------------------------------
#
// added at phpBB 2.0.12 to fix a bug in PHP 4.3.10 (only supporting charlist in php >= 4.1.0)
function phpbb_rtrim($str, $charlist = false)
{
if ($charlist === false)
{
return rtrim($str);
}
$php_version = explode('.', PHP_VERSION);
// php version < 4.1.0
if ((int) $php_version[0] < 4 || ((int) $php_version[0] == 4 && (int) $php_version[1] < 1))
{
while ($str{strlen($str)-1} == $charlist)
{
$str = substr($str, 0, strlen($str)-1);
}
}
else
{
$str = rtrim($str, $charlist);
}
return $str;
}
#
#-----[ FIND ]---------------------------------------------
# Line 608
$debug_text .= '</br /><br />Line : ' . $err_line . '<br />File : ' . $err_file;
#
#-----[ REPLACE WITH ]---------------------------------------------
#
$debug_text .= '</br /><br />Line : ' . $err_line . '<br />File : ' . basename($err_file);
#
#-----[ OPEN ]---------------------------------------------
# * (Change from 2.0.12 to 2.0.13)
includes/sessions.php
#
#-----[ FIND ]---------------------------------------------
# Line 82
if( $sessiondata['autologinid'] == $auto_login_key )
#
#-----[ REPLACE WITH ]---------------------------------------------
#
if( $sessiondata['autologinid'] === $auto_login_key )
#
#-----[ OPEN ]---------------------------------------------
#
includes/page_tail.php
#
#-----[ FIND ]---------------------------------------------
# Line 38
'PHPBB_VERSION' => '2' . $board_config['version'],
#
#-----[ REPLACE WITH ]---------------------------------------------
#
// 'PHPBB_VERSION' => '2' . $board_config['version'],
#
#-----[ OPEN ]---------------------------------------------
#
includes/template.php
#
#-----[ FIND ]---------------------------------------------
# Line 233
$filename = phpbb_realpath($this->root . '/' . $filename);
#
#-----[ REPLACE WITH ]---------------------------------------------
#
$filename = ($rp_filename = phpbb_realpath($this->root . '/' . $filename)) ? $rp_filename : $filename;
#
#-----[ OPEN ]---------------------------------------------
#
includes/usercp_avatar.php
#
#-----[ FIND ]---------------------------------------------
# Line 54
{
global $board_config, $userdata;
#
#-----[ AFTER, ADD ]---------------------------------------------
#
$avatar_file = basename($avatar_file);
#
#-----[ FIND ]---------------------------------------------
# Line 69
function user_avatar_gallery($mode, &$error, &$error_msg, $avatar_filename)
{
global $board_config;
#
#-----[ AFTER, ADD ]---------------------------------------------
#
$avatar_filename = str_replace(array('../', '..\\', './', '.\\'), '', $avatar_filename);
if ($avatar_filename{0} == '/' || $avatar_filename{0} == "\\")
{
return '';
}
#
#-----[ FIND ]---------------------------------------------
# Line 235
$move_file = 'copy';
}
#
#-----[ AFTER, ADD ]---------------------------------------------
#
if (!is_uploaded_file($avatar_filename))
{
message_die(GENERAL_ERROR, 'Unable to upload file', '', __LINE__, __FILE__);
}
#
#-----[ OPEN ]---------------------------------------------
#
includes/usercp_register.php
#
#-----[ FIND ]---------------------------------------------
# Line 462
$avatar_mode = ( !empty($user_avatar_name) ) ? 'local' : 'remote';
#
#-----[ REPLACE WITH ]---------------------------------------------
#
$avatar_mode = (empty($user_avatar_name)) ? 'remote' : 'local';
#
#-----[ OPEN ]---------------------------------------------
#
language/lang_english/lang_admin.php
#
#-----[ FIND ]---------------------------------------------
#
//
// That's all Folks!
// -------------------------------------------------
#
#-----[ BEFORE, ADD ]---------------------------------------------
#
//
// Version Check
//
$lang['Version_up_to_date'] = 'Your installation is up to date, no updates are available for your version of phpBB.';
$lang['Version_not_up_to_date'] = 'Your installation does <b>not</b> seem to be up to date. Updates are available for your version of phpBB, please visit <a href="http://www.phpbb.com/downloads.php" target="_new">http://www.phpbb.com/downloads.php</a> to obtain the latest version.';
$lang['Latest_version_info'] = 'The latest available version is <b>phpBB %s</b>.';
$lang['Current_version_info'] = 'You are running <b>phpBB %s</b>.';
$lang['Connect_socket_error'] = 'Unable to open connection to phpBB Server, reported error is:<br />%s';
$lang['Socket_functions_disabled'] = 'Unable to use socket functions.';
$lang['Mailing_list_subscribe_reminder'] = 'For the latest information on updates to phpBB, why not <a href="http://www.phpbb.com/support/" target="_new">subscribe to our mailing list</a>.';
$lang['Version_information'] = 'Version Information';
#
#-----[ OPEN ]---------------------------------------------
#
templates/subSilver/admin/index_body.tpl
#
#-----[ FIND ]---------------------------------------------
# Line 80
</table>
<br />
#
#-----[ AFTER, ADD ]---------------------------------------------
#
<h1>{L_VERSION_INFORMATION}</h1>
{VERSION_INFO}
<br />
#
#-----[ OPEN ]---------------------------------------------
#
templates/subSilver/overall_footer.tpl
#
#-----[ FIND ]---------------------------------------------
# Line 8
Powered by phpBB {PHPBB_VERSION} line, with phpBB linked to www.phpbb.com. If you refuse
to include even this then support on our forums may be affected.
The phpBB Group : 2002
// -->
Powered by <a href="http://www.phpbb.com/" target="_phpbb" class="copyright">phpBB</a> {PHPBB_VERSION} © 2001, 2002 phpBB Group<br />{TRANSLATION_INFO}</span></div>
#
#-----[ REPLACE WITH ]---------------------------------------------
#
Powered by phpBB line, with phpBB linked to www.phpbb.com. If you refuse
to include even this then support on our forums may be affected.
The phpBB Group : 2002
// -->
Powered by <a href="http://www.phpbb.com/" target="_phpbb" class="copyright">phpBB</a> © 2001, 2005 phpBB Group<br />{TRANSLATION_INFO}</span></div>
#
#-----[ OPEN ]---------------------------------------------
#
templates/subSilver/simple_footer.tpl
#
#-----[ FIND ]---------------------------------------------
# Line 8
Powered by phpBB {PHPBB_VERSION} line, with phpBB linked to www.phpbb.com. If you refuse
to include even this then support on our forums may be affected.
The phpBB Group : 2002
// -->
Powered by <a href="http://www.phpbb.com/" target="_phpbb" class="copyright">phpBB</a> {PHPBB_VERSION} © 2001,2002 phpBB Group</span></div>
#
#-----[ REPLACE WITH ]---------------------------------------------
#
Powered by phpBB line, with phpBB linked to www.phpbb.com. If you refuse
to include even this then support on our forums may be affected.
The phpBB Group : 2002
// -->
Powered by <a href="http://www.phpbb.com/" target="_phpbb" class="copyright">phpBB</a> © 2001, 2005 phpBB Group</span></div>
#
#-----[ OPEN ]---------------------------------------------
#
viewtopic.php
#
#-----[ FIND ]---------------------------------------------
# Line 498
unset($words);
$highlight = urlencode($HTTP_GET_VARS['highlight']);
#
#-----[ AFTER, ADD ]---------------------------------------------
#
$highlight_match = phpbb_rtrim($highlight_match, "\\");
#
#-----[ FIND ]---------------------------------------------
# Line 1110 (* Change from 2.0.12 to 2.0.13) - only the two @ has been added in front of preg_replace
$message = str_replace('\"', '"', substr(preg_replace('#(\>(((?>([^><]+|(?R)))*)\<))#se', "preg_replace('#\b(" . $highlight_match . ")\b#i', '<span style=\"color:#" . $theme['fontcolor3'] . "\"><b>\\\\1</b></span>', '\\0')", '>' . $message . '<'), 1, -1));
#
#-----[ REPLACE WITH ]---------------------------------------------
#
$message = str_replace('\"', '"', substr(@preg_replace('#(\>(((?>([^><]+|(?R)))*)\<))#se', "@preg_replace('#\b(" . $highlight_match . ")\b#i', '<span style=\"color:#" . $theme['fontcolor3'] . "\"><b>\\\\1</b></span>', '\\0')", '>' . $message . '<'), 1, -1));
#
#-----[ SAVE/CLOSE ALL FILES ]------------------------------------------
#
# EoM
Thanks, Tom.
Ok, I made manual changes to the template files after overwriting the other files.
I read at phpBB.com about running the update_to_latest.php. I first put the install folder (containing the update_to_latest.php file) in my "forums" folder. It gave me a Page Not Found error when I put the full path in my browser to go to it. So I moved the install folder to my public_html directory. When I put it in the browser, I got a "Please read install.html before attempting to install" message.
On my Forum's administration home page, it says in red letters:
Your installation does not seem to be up to date. Updates are available for your version of phpBB, please visit http://www.phpbb.com/downloads.php to obtain the latest version.
The latest available version is phpBB 2.0.13.You are running phpBB 2.0.11
Can someone share what I need to do now? Thanks.
Mission
I read at phpBB.com about running the update_to_latest.php. I first put the install folder (containing the update_to_latest.php file) in my "forums" folder. It gave me a Page Not Found error when I put the full path in my browser to go to it. So I moved the install folder to my public_html directory. When I put it in the browser, I got a "Please read install.html before attempting to install" message.
On my Forum's administration home page, it says in red letters:
Your installation does not seem to be up to date. Updates are available for your version of phpBB, please visit http://www.phpbb.com/downloads.php to obtain the latest version.
The latest available version is phpBB 2.0.13.You are running phpBB 2.0.11
Can someone share what I need to do now? Thanks.
Mission
As it says in the read me that comes with the update you need to update the version number stored in your database. Oh and the file in question, update_to_latest.php, needs top go in the install folder of the forum if I remember right which is stupid as the board wont run until you have deleted the install directory lol.
Thanks, Carbonize. I'll poke around with it again.
Yayyyyyyyyyyyy!!!! 
Thanks for your help everyone!
Mission
Thanks for your help everyone!Mission
Glad you got it mission 
, I know it is sure a good feeling to get something finally working that has been a challenge.
A bit off topic now, but Carbonize, I know I have run across you before, and I thought it was on a phpbb help forum somewhere, but then I got to looking, and I see I use the access stats script you put together http://proxy2.de/scripts.php.
I do put it to good use, thanks for it!
Good Evening, Tom
, I know it is sure a good feeling to get something finally working that has been a challenge.A bit off topic now, but Carbonize, I know I have run across you before, and I thought it was on a phpbb help forum somewhere, but then I got to looking, and I see I use the access stats script you put together http://proxy2.de/scripts.php.
I do put it to good use, thanks for it!
Good Evening, Tom
Whilst I am a mod on the proxy2 forums and helper in chief I am not the sites owner nor the maker of the scripts. The person who actually owns Proxy2 doesn't seem to interested in it nor his scripts these days. His forum has been defaced for 3 days now and I emailed him as soon as it happened.
I'm sorry I thought it was you , well I give you credit for helping then.
Yes, I just noticed that, about his forum
Guess I better d/l all the scripts there, before the whole site goes down...
, well I give you credit for helping then.Yes, I just noticed that, about his forum
QUOTE
Powered by phpBB 2.0.6
That what he gets, for being a year behind in his update's to his phpbb Guess I better d/l all the scripts there, before the whole site goes down...
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.