phpBB Smith » phpBB 2.0 » Code Changes » phpBB 2.0.11 to phpBB 2.0.12 Code Cha...

phpBB 2.0.11 to phpBB 2.0.12 Code Changes

These are the code changes introduced between phpBB 2.0.11 and phpBB 2.0.12. If you have installed many hacks on a forum, but wish to update it, these may help you. It is often easier to apply code changes such as these instead of replacing and rehacking your current files.

These code changes use the following instruction labels:
filename - The name of a file to be edited. Equivalent to an OPEN action in a hack or modification. FIND - This indicates lines of code you should locate. Changes will be made in reference to this code.
REPLACE WITH - This code should completely replace the code in the preceding FIND instruction.
AFTER, ADD - The code in this instruction should be added on a new line after the last line of code in the preceding FIND instruction.
BEFORE, ADD - The code in this instruction should be added on a new line before the first line of code in the preceding FIND instruction.
FIND AND DELETE - Locate the code in this instruction as with a FIND statement, and then delete the code.
INLINE - This will always precede one of the other labels. An example would be INLINE FIND. INLINE labels work in the same way as the normal labels, with the exception that they operate on a smaller portion of a specific line referenced in the previous FIND instruction. Any new code added in an INLINE instruction should be placed on the same line, instead of on a new line.

Once you have completed the code changes, create an install/ directory in your forum's root directory, and upload the update_to_latest.php file that comes in any phpBB 2.0.12 download to the install/ directory. Run update_to_latest.php by opening it via your web browser, just as you would a normal forum page. Afterward, delete the file and the install/ directory so that your forum is accessible again.

Now, onward to the file changes!

phpBB 2.0.12 adds a version checking system as a default feature of phpBB's admin panel. There are some people that may not wish to install this, due to privacy reasons and the fact that it causes one's forum to automatically connect to the phpBB website each time the Admin Panel is entered. For those people, the changes for the version checking system can be skipped with other problems. They are listed first in this file.

admin/index.php
FIND
Code:
         "L_NO_GUESTS_BROWSING" => $lang['No_users_browsing'])
      );
   }
AFTER, ADD
Code:
>   // Check for new version
   $current_version = explode('.', '2' . $board_config['version']);
   $minor_revision = (int) $current_version[2];



   $errno = 0;
   $errstr = $version_info = '';


   if ($fsock = @fsockopen('www.phpbb.com', 80, $errno, $errstr))

   {
      @fputs($fsock, "GET /updatecheck/20x.txt HTTP/1.1\r\n");
      @fputs($fsock, "HOST: www.phpbb.com\r\n");


      @fputs($fsock, "Connection: close\r\n\r\n");


      $get_info = false;
      while (!@feof($fsock))


      {
         if ($get_info)
         {

            $version_info .= @fread($fsock, 1024);
         }
         else


         {
            if (@fgets($fsock, 1024) == "\r\n")


            {
               $get_info = true;
            }


         }
      }
      @fclose($fsock);


      $version_info = explode("\n", $version_info);
      $latest_head_revision = (int) $version_info[0];

      $latest_minor_revision = (int) $version_info[2];
      $latest_version = (int) $version_info[0] . '.' . (int) $version_info[1] . '.' . (int) $version_info[2];



      if ($latest_head_revision == 2 && $minor_revision == $latest_minor_revision)
      {
         $version_info = '<p style="color:green">' . $lang['Version_up_to_date'] . '</p>';


      }
      else
      {
         $version_info = '<p style="color:red">' . $lang['Version_not_up_to_date'];


         $version_info .= '<br />' . sprintf($lang['Latest_version_info'], $latest_version) . sprintf($lang['Current_version_info'], '2' . $board_config['version']) . '</p>';


      }
   }
   else
   {
      if ($errstr)


      {
         $version_info = '<p style="color:red">' . sprintf($lang['Connect_socket_error'], $errstr) . '</p>';


      }
      else
      {
         $version_info = '<p>' . $lang['Socket_functions_disabled'] . '</p>';


      }
   }
   
   $version_info .= '<p>' . $lang['Mailing_list_subscribe_reminder'] . '</p>';


   


   $template->assign_vars(array(
      'VERSION_INFO'   => $version_info,


      'L_VERSION_INFORMATION'   => $lang['Version_information'])
   );

language/lang_english/lang_admin.php
FIND
Code:
//
// That's all Folks!
BEFORE, ADD
Code:
//
// Version Check
//

$lang['Version_up_to_date'] = 'Your installation is up to date, no updates are available for your version of phpBB.';
$lang['Version_not_up_to_date'] = 'Your installation does <b>not</b> seem to be up to date. Updates are available for your version of phpBB, please visit <a href="http://www.phpbb.com/downloads.php" target="_new">http://www.phpbb.com/downloads.php</a> to obtain the latest version.';


$lang['Latest_version_info'] = 'The latest available version is <b>phpBB %s</b>.';
$lang['Current_version_info'] = 'You are running <b>phpBB %s</b>.';


$lang['Connect_socket_error'] = 'Unable to open connection to phpBB Server, reported error is:<br />%s';
$lang['Socket_functions_disabled'] = 'Unable to use socket functions.';
$lang['Mailing_list_subscribe_reminder'] = 'For the latest information on updates to phpBB, why not <a href="http://www.phpbb.com/support/" target="_new">subscribe to our mailing list</a>.';


$lang['Version_information'] = 'Version Information';

templates/subSilver/admin/index_body.tpl
FIND
Code:
</table>



<br />

AFTER, ADD
Code:
<h1>{L_VERSION_INFORMATION}</h1>


{VERSION_INFO}



<br />

This ends the code changes related to the version checking system. All other changes should be considered important security updates.

admin/admin_db_utilities.php

The line in the FIND command below may have been altered if you have install any modifications or hacks on your forum. If you cannot locate this line, try search for the first twenty or so characters of it.

FIND
Code:
         $tables = array('auth_access', 'banlist', 'categories', 'config', 'disallow', 'forums', 'forum_prune', 'groups', 'posts', 'posts_text', 'privmsgs', 'privmsgs_text', 'ranks', 'search_results', 'search_wordlist', 'search_wordmatch', 'sessions', 'smilies', 'themes', 'themes_name', 'topics', 'topics_watch', 'user_group', 'users', 'vote_desc', 'vote_results', 'vote_voters', 'words');

INLINE FIND

Code:
'words'

INLINE AFTER, ADD

Code:
, 'confirm'

common.php
FIND
Code:
   $test = array('HTTP_GET_VARS' => NULL, 'HTTP_POST_VARS' => NULL, 'HTTP_COOKIE_VARS' => NULL, 'HTTP_SERVER_VARS' => NULL, 'HTTP_ENV_VARS' => NULL, 'HTTP_POST_FILES' => NULL);
REPLACE WITH
Code:
   $test = array('HTTP_GET_VARS' => NULL, 'HTTP_POST_VARS' => NULL, 'HTTP_COOKIE_VARS' => NULL, 'HTTP_SERVER_VARS' => NULL, 'HTTP_ENV_VARS' => NULL, 'HTTP_POST_FILES' => NULL, 'phpEx' => NULL, 'phpbb_root_path' => NULL);
FIND
Code:
else if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on')
{
   // PHP4+ path
AFTER, ADD
Code:
   $not_unset = array('HTTP_GET_VARS', 'HTTP_POST_VARS', 'HTTP_COOKIE_VARS', 'HTTP_SERVER_VARS', 'HTTP_SESSION_VARS', 'HTTP_ENV_VARS', 'HTTP_POST_FILES', 'phpEx', 'phpbb_root_path');

Please note that due to this change, phpBB 2.0.12 can only be used on PHP 4 or later. Previous releases operated on PHP 3, but this version will not. If you intend to use phpBB on servers running PHP 3, you should strongly consider upgrading the server's PHP installation.

FIND

Code:
   $input = array_merge($HTTP_GET_VARS, $HTTP_POST_VARS, $HTTP_COOKIE_VARS, $HTTP_SERVER_VARS, $HTTP_SESSION_VARS, $HTTP_ENV_VARS, $HTTP_POST_FILES);


   unset($input['input']);


   while (list($var,) = @each($input))
   {
      unset($$var);


   }

REPLACE WITH
Code:
   $input = array_merge($HTTP_GET_VARS, $HTTP_POST_VARS, $HTTP_COOKIE_VARS, $HTTP_SERVER_VARS, $HTTP_SESSION_VARS, $HTTP_ENV_VARS, $HTTP_POST_FILES);


   unset($input['input']);


   unset($input['not_unset']);


   while (list($var,) = @each($input))


   {
      if (!in_array($var, $not_unset))
      {
         unset($$var);


      }
   }

FIND
Code:
$client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : $REMOTE_ADDR );
REPLACE WITH
Code:
$client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : getenv('REMOTE_ADDR') );

viewtopic.php
FIND
Code:
   $highlight = urlencode($HTTP_GET_VARS['highlight']);
AFTER, ADD
Code:
   $highlight_match = phpbb_rtrim($highlight_match, "\\");

includes/functions.php
FIND
Code:
   $username = htmlspecialchars(rtrim(trim($username), "\\"));


   $username = substr(str_replace("\\'", "'", $username), 0, 25);
   $username = str_replace("'", "\\'", $username);



   return $username;
}

REPLACE WITH
Code:
   $username = substr(htmlspecialchars(str_replace("\'", "'", trim($username))), 0, 25);


   $username = phpbb_rtrim($username, "\\");   
   $username = str_replace("'", "\'", $username);


   return $username;
}


// added at phpBB 2.0.12 to fix a bug in PHP 4.3.10 (only supporting charlist in php >= 4.1.0)
function phpbb_rtrim($str, $charlist = false)


{
   if ($charlist === false)
   {
      return rtrim($str);

   }
   
   $php_version = explode('.', PHP_VERSION);


   // php version < 4.1.0


   if ((int) $php_version[0] < 4 || ((int) $php_version[0] == 4 && (int) $php_version[1] < 1))


   {
      while ($str{strlen($str)-1} == $charlist)
      {


         $str = substr($str, 0, strlen($str)-1);
      }
   }

   else
   {
      $str = rtrim($str, $charlist);
   }


   return $str;
}

FIND
Code:
         $debug_text .= '</br /><br />Line : ' . $err_line . '<br />File : ' . $err_file;
REPLACE WITH
Code:
         $debug_text .= '</br /><br />Line : ' . $err_line . '<br />File : ' . basename($err_file);

includes/page_tail.php

The following change is different that what you might see in other "code changes" compilations. Those other compilations are incorrect in this area. This line was removed from phpBB, not altered.

FIND AND DELETE

Code:
   'PHPBB_VERSION' => '2' . $board_config['version'],

includes/template.php
FIND
Code:
             $filename = phpbb_realpath($this->root . '/' . $filename);
REPLACE WITH
Code:
             $filename = ($rp_filename = phpbb_realpath($this->root . '/' . $filename)) ? $rp_filename : $filename;

includes/usercp_avatar.php
FIND
Code:
function user_avatar_delete($avatar_type, $avatar_file)
{
   global $board_config, $userdata;
AFTER, ADD
Code:
   $avatar_file = basename($avatar_file);
FIND
Code:
function user_avatar_gallery($mode, &$error, &$error_msg, $avatar_filename)

{
   global $board_config;

AFTER, ADD
Code:
   $avatar_filename = str_replace(array('../', '..\\', './', '.\\'), '', $avatar_filename);
   if ($avatar_filename{0} == '/' || $avatar_filename{0} == "\\")


   {
      return '';
   }

FIND
Code:
         $move_file($avatar_filename, './' . $board_config['avatar_path'] . "/$new_filename");
BEFORE, ADD
Code:
         if (!is_uploaded_file($avatar_filename))
         {
            message_die(GENERAL_ERROR, 'Unable to upload file', '', __LINE__, __FILE__);


         }

includes/usercp_register.php
FIND
Code:
         $avatar_mode = ( !empty($user_avatar_name) ) ? 'local' : 'remote';
REPLACE WITH
Code:
         $avatar_mode = (empty($user_avatar_name)) ? 'remote' : 'local';

templates/subSilver/overall_footer.tpl

The changes to this file are not absolutely required and may not be possible in non-subSilver templates.

FIND
Code:
   Powered by phpBB {PHPBB_VERSION} line, with phpBB linked to www.phpbb.com. If you refuse
REPLACE WITH
Code:
   Powered by phpBB line, with phpBB linked to www.phpbb.com. If you refuse
FIND
Code:
Powered by <a href="http://www.phpbb.com/" target="_phpbb" class="copyright">phpBB</a> {PHPBB_VERSION} &copy; 2001, 2002 phpBB Group<br />{TRANSLATION_INFO}</span></div>
REPLACE WITH
Code:
Powered by <a href="http://www.phpbb.com/" target="_phpbb" class="copyright">phpBB</a> &copy; 2001, 2005 phpBB Group<br />{TRANSLATION_INFO}</span></div>

templates/subSilver/simple_footer.tpl

The changes to this file are not absolutely required and may not be possible in non-subSilver templates.

FIND
Code:
   Powered by phpBB {PHPBB_VERSION} line, with phpBB linked to www.phpbb.com. If you refuse
REPLACE WITH
Code:
   Powered by phpBB line, with phpBB linked to www.phpbb.com. If you refuse
FIND
Code:
Powered by <a href="http://www.phpbb.com/" target="_phpbb" class="copyright">phpBB</a> {PHPBB_VERSION} &copy; 2001,2002 phpBB Group</span></div>


REPLACE WITH
Code:
Powered by <a href="http://www.phpbb.com/" target="_phpbb" class="copyright">phpBB</a> &copy; 2001, 2005 phpBB Group</span></div>

Code from phpBB 2.0.11 and 2.0.12 is copyright by the phpBB Group. Find these and other code changes at phpBBHacks.com and phpBB Smith.
Compiled by your friendly neighborhood Thoul from the phpBB 2.0.11 - 2.0.12 files.

phpBB Smith » phpBB 2.0 » Code Changes » phpBB 2.0.11 to phpBB 2.0.12 Code Cha...