phpBB 2.0.7 to 2.0.8 Code Changes

These are the code changes introduced between phpBB 2.0.7 and phpBB 2.0.8a. If you have installed many hacks on a forum, but wish to update it, these may help you. It is often easier to apply code changes such as these instead of replacing and rehacking your current files.

There was one security update made to each phpBB 2.0.7 and phpBB 2.0.8 after their initial releases, called 2.0.7a and 2.0.8a respectively. This tutorial includes all of these changes. For those of you that might be upgrading from the original releases of phpBB 2.0.7 or 2.0.8, the changes introduced in 2.0.7a and 2.0.8a for these are listed separately from others below.

These code changes use the following instruction labels:
FIND - This indicates lines of code you should locate. Changes will be made in reference to this code.
REPLACE WITH - This code should completely replace the code in the preceding FIND instruction.
AFTER, ADD - The code in this instruction should be added on a new line after last line of code in the preceding FIND instruction.
FIND AND DELETE - Locate the code in this instruction as with a FIND statement, and then delete the code.

Once you have completed the code changes, create an install/ directory in your forum's root directory, and upload the update_to_208.php file that comes in any phpBB 2.0.8 download to the install/ directory. Run update_to_208.php by opening it via your web browser, just as you would a normal forum page. Afterward, delete the file and the install/ directory so that your forum is accessible again.

Now, onward to the file changes!

The first three blocks of changes are those introduced in phpBB 2.0.7a. If you are upgrading from the original phpBB 2.0.7 release, make these changes. Otherwise, proceed to the next note.
login.php
FIND
Code:
                  $url = ( !empty($HTTP_POST_VARS['redirect']) ) ? htmlspecialchars($HTTP_POST_VARS['redirect']) : "index.$phpEx";
REPLACE WITH
Code:
                  $url = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : "index.$phpEx";
FIND
Code:
               $redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? htmlspecialchars($HTTP_POST_VARS['redirect']) : '';
REPLACE WITH
Code:
               $redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : '';
FIND
Code:
         $redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? htmlspecialchars($HTTP_POST_VARS['redirect']) : "";
REPLACE WITH
Code:
         $redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : "";
FIND
Code:
         $url = (!empty($HTTP_POST_VARS['redirect'])) ? htmlspecialchars($HTTP_POST_VARS['redirect']) : htmlspecialchars($HTTP_GET_VARS['redirect']);
AFTER, ADD
Code:
         $url = str_replace('&', '&', $url);
FIND
Code:
      $url = ( !empty($HTTP_POST_VARS['redirect']) ) ? htmlspecialchars($HTTP_POST_VARS['redirect']) : "index.$phpEx";
REPLACE WITH
Code:
      $url = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : "index.$phpEx";
search.php
FIND
Code:
$show_results = ( isset($HTTP_POST_VARS['show_results']) ) ? $HTTP_POST_VARS['show_results'] : 'posts';
AFTER, ADD
Code:
$show_results = ($show_results == 'topics') ? 'topics' : 'posts';
FIND
Code:
   $store_vars = array('search_results', 'total_match_count', 'split_search', 'sort_by', 'sort_dir', 'show_results', 'return_chars');
AFTER, ADD
Code:
   $search_results = '';
privmsg.php
FIND
Code:
if ( $row = $db->sql_fetchrow($result) )
{
   do
   {
      $privmsg_id = $row['privmsgs_id'];
REPLACE WITH
Code:
if ( $row = $db->sql_fetchrow($result) )
{
   $i = 0;
   do
   {
      $privmsg_id = $row['privmsgs_id'];
FIND
Code:
      $row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
AFTER, ADD
Code:
      $i++;
The changes below are those introduced in phpBB 2.0.8. If you are upgrading from phpBB 2.0.7 or 2.0.7a, make these changes. Otherwise, proceed to the next note.
admin/admin_forumauth.php
FIND
Code:
         $simple_ary = $simple_auth_ary[$HTTP_POST_VARS['simpleauth']];
REPLACE WITH
Code:
         $simple_ary = $simple_auth_ary[intval($HTTP_POST_VARS['simpleauth'])];
FIND
Code:
         $sql = "UPDATE " . FORUMS_TABLE . " SET $sql WHERE forum_id = $forum_id";
REPLACE WITH
Code:
         if (is_array($simple_ary))
         {
            $sql = "UPDATE " . FORUMS_TABLE . " SET $sql WHERE forum_id = $forum_id";
         }
FIND
Code:
            $value = $HTTP_POST_VARS[$forum_auth_fields[$i]];
REPLACE WITH
Code:
            $value = intval($HTTP_POST_VARS[$forum_auth_fields[$i]]);
admin/admin_forums.php
FIND
Code:
   $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
AFTER, ADD
Code:
   $mode = htmlspecialchars($mode);
admin/admin_groups.php
FIND
Code:
   $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
AFTER, ADD
Code:
   $mode = htmlspecialchars($mode);
admin/admin_ranks.php
FIND
Code:
   $mode = ($HTTP_GET_VARS['mode']) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
AFTER, ADD
Code:
   $mode = htmlspecialchars($mode);
admin/admin_smilies.php
FIND
Code:
   $mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
AFTER, ADD
Code:
   $mode = htmlspecialchars($mode);
FIND
Code:
         $smiley_id = ( !empty($HTTP_POST_VARS['id']) ) ? $HTTP_POST_VARS['id'] : $HTTP_GET_VARS['id'];
AFTER, ADD
Code:
         $smiley_id = intval($smiley_id);
FIND
Code:
         $smiley_id = ( !empty($HTTP_POST_VARS['id']) ) ? $HTTP_POST_VARS['id'] : $HTTP_GET_VARS['id'];
AFTER, ADD
Code:
         $smiley_id = intval($smiley_id);
(Yes, that is supposed to be there twice.)
admin/admin_styles.php
FIND
Code:
   $mode = ( isset($HTTP_GET_VARS['mode']) ) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
AFTER, ADD
Code:
   $mode = htmlspecialchars($mode);
FIND
Code:
            $style_id = $HTTP_GET_VARS['style_id'];
REPLACE WITH
Code:
            $style_id = intval($HTTP_GET_VARS['style_id']);
FIND
Code:
            WHERE template_name = '$template_name'";
REPLACE WITH
Code:
            WHERE template_name = '" . str_replace("\'", "''", $template_name) . "'";
admin/admin_ug_auth.php
FIND
Code:
$group_id = intval($group_id);
AFTER, ADD
Code:
$adv = intval($adv);
$mode = htmlspecialchars($mode);
admin/admin_user_ban.php
FIND
Code:
            $where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . $user_list[$i];
REPLACE WITH
Code:
            $where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . intval($user_list[$i]);
FIND
Code:
            $where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . $ip_list[$i];
REPLACE WITH
Code:
            $where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . str_replace("\'", "''", $ip_list[$i]);
FIND
Code:
            $where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . $email_list[$i];
REPLACE WITH
Code:
            $where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . str_replace("\'", "''", $email_list[$i]);
admin/admin_users.php
FIND
Code:
   $mode = ( isset( $HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
AFTER, ADD
Code:
   $mode = htmlspecialchars($mode);
FIND
Code:
            $category = $HTTP_POST_VARS['avatarcategory'];
REPLACE WITH
Code:
            $category = htmlspecialchars($HTTP_POST_VARS['avatarcategory']);
admin/admin_words.php
FIND
Code:
   $mode = ($HTTP_GET_VARS['mode']) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
AFTER, ADD
Code:
   $mode = htmlspecialchars($mode);
FIND
Code:
      $word_id = ( isset($HTTP_GET_VARS['id']) ) ? $HTTP_GET_VARS['id'] : 0;
REPLACE WITH
Code:
      $word_id = ( isset($HTTP_GET_VARS['id']) ) ? intval($HTTP_GET_VARS['id']) : 0;
FIND
Code:
      $word_id = ( isset($HTTP_POST_VARS['id']) ) ? $HTTP_POST_VARS['id'] : 0;
REPLACE WITH
Code:
      $word_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : 0;
FIND
Code:
         $word_id = ( isset($HTTP_POST_VARS['id']) ) ? $HTTP_POST_VARS['id'] : $HTTP_GET_VARS['id'];
AFTER, ADD
Code:
         $word_id = intval($word_id);
admin/pagestart.php
FIND
Code:
   redirect($url);
REPLACE WITH
Code:
   redirect("index.$phpEx?sid=" . $userdata['session_id']);
includes/bbcode.php
FIND
Code:
   $text = preg_replace("#\[img\]((ht|f)tp://)([^\r\n\t<\"]*?)\[/img\]#sie", "'[img:$uid]\\1' . str_replace(' ', '%20', '\\3') . '[/img:$uid]'", $text);
REPLACE WITH
Code:
   $text = preg_replace("#\[img\]((ht|f)tp://)([^ \?&=\"\n\r\t<]*?(\.(jpg|jpeg|gif|png)))\[/img\]#sie", "'[img:$uid]\\1' . str_replace(' ', '%20', '\\3') . '[/img:$uid]'", $text);
includes/functions_search.php
FIND
Code:
               case 'mssql':
AFTER, ADD
Code:
               case 'mssql-odbc':
FIND
Code:
            case 'mssql':
AFTER, ADD
Code:
            case 'mssql-odbc':
includes/usercp_register.php
FIND
Code:
   $user_avatar_local = ( isset($HTTP_POST_VARS['avatarselect']) && !empty($HTTP_POST_VARS['submitavatar']) && $board_config['allow_avatar_local'] ) ? $HTTP_POST_VARS['avatarselect'] : ( ( isset($HTTP_POST_VARS['avatarlocal'])  ) ? htmlspecialchars($HTTP_POST_VARS['avatarlocal']) : '' );
REPLACE WITH
Code:
   $user_avatar_local = ( isset($HTTP_POST_VARS['avatarselect']) && !empty($HTTP_POST_VARS['submitavatar']) && $board_config['allow_avatar_local'] ) ? htmlspecialchars($HTTP_POST_VARS['avatarselect']) : ( ( isset($HTTP_POST_VARS['avatarlocal'])  ) ? htmlspecialchars($HTTP_POST_VARS['avatarlocal']) : '' );
The changes in this post are those introduced in phpBB 2.0.8a. If you are upgrading from phpBB 2.0.7, 2.0.7a, or 2.0.8, make these changes.
privmsg.php
FIND
Code:
         $pm_sql_user .= "AND ( ( pm.privmsgs_to_userid = " . $userdata['user_id'] . "
REPLACE WITH
Code:
         $pm_sql_user = "AND ( ( pm.privmsgs_to_userid = " . $userdata['user_id'] . "
Code from phpBB 2.0.7 and 2.0.8 is copyright by the phpBB Group. Find these and other code changes at phpBBHacks.com and phpBB Smith.
Compiled by your friendly neighborhood Thoul from the phpBB 2.0.7 - 2.0.8a patch file.