phpBB Smith » phpBB 2.0 » Code Changes » phpBB 2.0.14 to phpBB 2.0.15 Code Cha...

phpBB 2.0.14 to phpBB 2.0.15 Code Changes

These are the code changes introduced between phpBB 2.0.14 and phpBB 2.0.15. If you have installed many hacks on a forum, but wish to update it, these may help you. It is often easier to apply code changes such as these instead of replacing and rehacking your current files.

These code changes use the following instruction labels:
filename - The name of a file to be edited. Equivalent to an OPEN action in a hack or modification.
FIND - This indicates lines of code you should locate. Changes will be made in reference to this code.
REPLACE WITH - This code should completely replace the code in the preceding FIND instruction.
AFTER, ADD - The code in this instruction should be added on a new line after the last line of code in the preceding FIND instruction.
BEFORE, ADD - The code in this instruction should be added on a new line before the first line of code in the preceding FIND instruction.
FIND AND DELETE - Locate the code in this instruction as with a FIND statement, and then delete the code.

Once you have completed the code changes, create an install/ directory in your forum's root directory, and upload the update_to_latest.php file that comes in any phpBB 2.0.15 download to the install/ directory. Run update_to_latest.php by opening it via your web browser, just as you would a normal forum page. Afterward, delete the file and the install/ directory so that your forum is accessible again.

Now, onward to the file changes!

admin/admin_forums.php
FIND
Code:
   if( $mode == "addforum" )
   {
      list($cat_id) = each($HTTP_POST_VARS['addforum']);
AFTER, ADD
Code:
      $cat_id = intval($cat_id);

admin/admin_smilies.php
FIND
Code:
>         $smile_emotion = ( isset($HTTP_POST_VARS['smile_emotion']) ) ? $HTTP_POST_VARS['smile_emotion'] : $HTTP_GET_VARS['smile_emotion'];
AFTER, ADD
Code:
         $smile_code = trim($smile_code);
         $smile_url = trim($smile_url);
         $smile_emotion = trim($smile_emotion);

admin/admin_ug_auth.php
FIND
Code:
         if( !($result = $db->sql_query($sql)) )
         {
            message_die(GENERAL_ERROR, "Couldn't update user level", "", __LINE__, __FILE__, $sql);
AFTER, ADD
Code:
         }


      }

      $sql = 'SELECT user_id FROM ' . USER_GROUP_TABLE . "
         WHERE group_id = $group_id";
      $result = $db->sql_query($sql);

      $group_user = array();


      while ($row = $db->sql_fetchrow($result))
      {
         $group_user[$row['user_id']] = $row['user_id'];
      }
      $db->sql_freeresult($result);



      $sql = "SELECT ug.user_id, COUNT(auth_mod) AS is_auth_mod
         FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug
         WHERE ug.user_id IN (" . implode(', ', $group_user) . ")
            AND aa.group_id = ug.group_id


            AND aa.auth_mod = 1
         GROUP BY ug.user_id";
      if ( !($result = $db->sql_query($sql)) )
      {
         message_die(GENERAL_ERROR, 'Could not obtain moderator status', '', __LINE__, __FILE__, $sql);


      }

      while ($row = $db->sql_fetchrow($result))
      {
         if ($row['is_auth_mod'])
         {


            unset($group_user[$row['user_id']]);
         }
      }
      $db->sql_freeresult($result);


      if (sizeof($group_user))
      {
         $sql = "UPDATE " . USERS_TABLE . "
            SET user_level = " . USER . "
            WHERE user_id IN (" . implode(', ', $group_user) . ")";


         if ( !($result = $db->sql_query($sql)) )
         {
            message_die(GENERAL_ERROR, 'Could not update user level', '', __LINE__, __FILE__, $sql);

admin/pagestart.php
FIND
Code:
   $url .= ((strpos($url, '?')) ? '&' : '?') . 'sid=' . $userdata['session_id'];

   redirect("index.$phpEx?sid=" . $userdata['session_id']);
AFTER, ADD
Code:
}

if (!$userdata['session_admin'])
{
   redirect(append_sid("login.$phpEx?redirect=admin/&admin=1", true));

db/postgres7.php
FIND AND DELETE
Code:
         $query = preg_replace('#(.*WHERE.*)(username|user_email|ban_email) = \'(.*)\'#ise', "\"\\1LOWER(\\2) = '\" . strtolower('\\3') . \"'\"", $query);

groupcp.php
FIND
Code:
         if ( !($row = $db->sql_fetchrow($result)) )
REPLACE WITH
Code:
         if ( !($row = $db->sql_fetchrow($result)) || $row['is_auth_mod'] == 0 )

login.php
FIND
Code:
   if( ( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) ) && !$userdata['session_logged_in'] )
REPLACE WITH
Code:
   if( ( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) ) && (!$userdata['session_logged_in'] || isset($HTTP_POST_VARS['admin'])) )
FIND
Code:
               $session_id = session_begin($row['user_id'], $user_ip, PAGE_INDEX, FALSE, $autologin);
REPLACE WITH
Code:
               $admin = (isset($HTTP_POST_VARS['admin'])) ? 1 : 0;


               $session_id = session_begin($row['user_id'], $user_ip, PAGE_INDEX, FALSE, $autologin, $admin);

FIND
Code:
   // Do a full login page dohickey if
   // user not already logged in
   //
   if( !$userdata['session_logged_in'] )
REPLACE WITH
Code:
   // Do a full login page dohickey if
   // user not already logged in


   //
   if( !$userdata['session_logged_in'] || (isset($HTTP_GET_VARS['admin']) && $userdata['session_logged_in'] && $userdata['user_level'] == ADMIN))

FIND
Code:
      $s_hidden_fields = '<input type="hidden" name="redirect" value="' . $forward_page . '" />';
AFTER, ADD
Code:
      $s_hidden_fields .= (isset($HTTP_GET_VARS['admin'])) ? '<input type="hidden" name="admin" value="1" />' : '';
FIND
Code:
         'L_ENTER_PASSWORD' => $lang['Enter_password'],
REPLACE WITH
Code:
 

       'L_ENTER_PASSWORD' => (isset($HTTP_GET_VARS['admin'])) ? $lang['Admin_reauthenticate'] : $lang['Enter_password'],

viewtopic.php
FIND
Code:
      $message = str_replace('\"', '"', substr(@preg_replace('#(\>(((?>([^><]+|(?R)))*)\<))#se', "@preg_replace('#\b(" . $highlight_match . ")\b#i', '<span style=\"color:#" . $theme['fontcolor3'] . "\"><b>\\\\1</b></span>', '\\0')", '>' . $message . '<'), 1, -1));
REPLACE WITH
Code:
 

    $message = str_replace('\"', '"', substr(@preg_replace('#(\>(((?>([^><]+|(?R)))*)\<))#se', "@preg_replace('#\b(" . str_replace('\\', '\\\\', $highlight_match) . ")\b#i', '<span style=\"color:#" . $theme['fontcolor3'] . "\"><b>\\\\1</b></span>', '\\0')", '>' . $message . '<'), 1, -1));

includes/bbcode.php
FIND
Code:
   // pad it with a space so we can distinguish between FALSE and matching the 1st char (index 0).
   // This is important; bbencode_quote(), bbencode_list(), and bbencode_code() all depend on it.
BEFORE, ADD
Code:
   $text = preg_replace('#(script|about|applet|activex|chrome):#is', "\\1:", $text);
FIND
Code:
   $patterns[] = "#\[img:$uid\](.*?)\[/img:$uid\]#si";
REPLACE WITH
Code:
   $patterns[] = "#\[img:$uid\]([^?].*?)\[/img:$uid\]#i";
FIND
Code:
   // [url=xxxx://www.phpbb.com]phpBB[/url] code..
   $patterns[] = "#\[url=([\w]+?://[^ \"\n\r\t<]*?)\](.*?)\[/url\]#is";


   $replacements[] = $bbcode_tpl['url3'];

   // [url=www.phpbb.com]phpBB[/url] code.. (no xxxx:// prefix).
   $patterns[] = "#\[url=((www|ftp)\.[^ \"\n\r\t<]*?)\](.*?)\[/url\]#is";
   $replacements[] = $bbcode_tpl['url4'];

REPLACE WITH
Code:
   // [url=xxxx://www.phpbb.com]phpBB[/url] code..
   $patterns[] = "#\[url=([\w]+?://[^ \"\n\r\t<]*?)\]([^?].*?)\[/url\]#i";
   $replacements[] = $bbcode_tpl['url3'];



   // [url=www.phpbb.com]phpBB[/url] code.. (no xxxx:// prefix).
   $patterns[] = "#\[url=((www|ftp)\.[^ \"\n\r\t<]*?)\]([^?].*?)\[/url\]#i";
   $replacements[] = $bbcode_tpl['url4'];

FIND
Code:
function make_clickable($text)
{
AFTER, ADD
Code:
   $text = preg_replace('#(script|about|applet|activex|chrome):#is', "\\1:", $text);

includes/sessions.php
FIND
Code:
function session_begin($user_id, $user_ip, $page_id, $auto_create = 0, $enable_autologin = 0)
REPLACE WITH
Code:
function session_begin($user_id, $user_ip, $page_id, $auto_create = 0, $enable_autologin = 0, $admin = 0)
FIND
Code:
      SET session_user_id = $user_id, session_start = $current_time, session_time = $current_time, session_page = $page_id, session_logged_in = $login
REPLACE WITH
Code:
      SET session_user_id = $user_id, session_start = $current_time, session_time = $current_time, session_page = $page_id, session_logged_in = $login, session_admin = $admin
FIND
Code:
      $session_id = md5(uniqid($user_ip));
REPLACE WITH
Code:
      list($sec, $usec) = explode(' ', microtime());


      mt_srand((float) $sec + ((float) $usec * 100000));
      $session_id = md5(uniqid(mt_rand(), true));

FIND
Code:
      $sql = "INSERT INTO " . SESSIONS_TABLE . "
         (session_id, session_user_id, session_start, session_time, session_ip, session_page, session_logged_in)
         VALUES ('$session_id', $user_id, $current_time, $current_time, '$user_ip', $page_id, $login)";
REPLACE WITH
Code:
      $sql = "INSERT INTO " . SESSIONS_TABLE . "


         (session_id, session_user_id, session_start, session_time, session_ip, session_page, session_logged_in, session_admin)
         VALUES ('$session_id', $user_id, $current_time, $current_time, '$user_ip', $page_id, $login, $admin)";

FIND
Code:
      $sql = "UPDATE " . USERS_TABLE . "
         SET user_session_time = $current_time, user_session_page = $page_id, user_lastvisit = $last_visit
         WHERE user_id = $user_id";


      if ( !$db->sql_query($sql) )
      {
         message_die(CRITICAL_ERROR, 'Error updating last visit time', '', __LINE__, __FILE__, $sql);

REPLACE WITH
Code:
      if (!$admin)
      {


         $sql = "UPDATE " . USERS_TABLE . "
            SET user_session_time = $current_time, user_session_page = $page_id, user_lastvisit = $last_visit
            WHERE user_id = $user_id";
         if ( !$db->sql_query($sql) )


         {
            message_die(CRITICAL_ERROR, 'Error updating last visit time', '', __LINE__, __FILE__, $sql);
         }

FIND
Code:
      $sessiondata['autologinid'] = ( $enable_autologin

&& $sessionmethod == SESSION_METHOD_COOKIE ) ? $auto_login_key : '';

REPLACE WITH
Code:
      $sessiondata['autologinid'] = (!$admin) ? (( $enable_autologin && $sessionmethod == SESSION_METHOD_COOKIE ) ? $auto_login_key : '') : $sessiondata['autologinid'];
FIND
Code:
   $userdata['session_time'] = $current_time;
AFTER, ADD
Code:
   $userdata['session_admin'] = $admin;
FIND
Code:
               $sql = "UPDATE " . SESSIONS_TABLE . "
 

                SET session_time = $current_time, session_page = $thispage_id

REPLACE WITH
Code:
               // A little trick to reset session_admin on session re-usage
               $update_admin = (!defined('IN_ADMIN') && $current_time - $userdata['session_time'] > ($board_config['session_length']+60)) ? ', session_admin = 0' : '';



               $sql = "UPDATE " . SESSIONS_TABLE . "
                  SET session_time = $current_time, session_page = $thispage_id$update_admin

FIND
Code:
                  $sql = "UPDATE " . USERS_TABLE . "
 

                   SET user_session_time = $current_time, user_session_page = $thispage_id

REPLACE WITH
Code:
                  $sql = "UPDATE " . USERS_TABLE . "
                

    SET user_session_time = $current_time, user_session_page = $thispage_id

FIND
Code:
               $expiry_time = $current_time - $board_config['session_length'];
               $sql = "DELETE FROM " . SESSIONS_TABLE . "
REPLACE WITH
Code:
               $expiry_time = $current_time - $board_config['session_length'];



               $sql = "DELETE FROM " . SESSIONS_TABLE . "

includes/smtp.php
FIND
Code:
   if( !$socket = fsockopen($board_config['smtp_host'], 25, $errno, $errstr, 20) )
REPLACE WITH
Code:
   if( !$socket = @fsockopen($board_config['smtp_host'], 25, $errno, $errstr, 20) )

includes/usercp_register.php
FIND
Code:
      else if ( $username != $userdata['username'] || $mode == 'register' )
      {
         if (strtolower($username) != strtolower($userdata['username']))
REPLACE WITH
Code:
      else if ( $username != $userdata['username'] || $mode == 'register')


      {
         if (strtolower($username) != strtolower($userdata['username']) || $mode == 'register')

includes/usercp_viewprofile.php
FIND
Code:
$profiledata = get_userdata($HTTP_GET_VARS[POST_USERS_URL]);
AFTER, ADD
Code:

if (!$profiledata)
{


   message_die(GENERAL_MESSAGE, $lang['No_user_id_specified']);
}

language/lang_english/lang_main.php
FIND
Code:
$lang['A_critical_error'] = 'A Critical Error Occurred';
AFTER, ADD
Code:

$lang['Admin_reauthenticate'] = 'To administer the board you must re-authenticate yourself.';

In addition to the changes described above, extra spaces following the ?> line were removed from the end of these files:
  • admin/admin_forums.php
  • admin/admin_smilies.php
  • includes/functions_selects.php
  • includes/template.php
  • includes/topic_review.php
  • posting.php
  • privmsg.php
  • viewonline.php
  • viewtopic.php

admin/admin_ug_auth.php
FIND
Code:
            WHERE user_id IN (" . implode(', ', $group_user) . ")";
REPLACE WITH
Code:
            WHERE user_id IN (" . implode(', ', $group_user) . ") AND user_level = " . MOD;

Code from phpBB 2.0.14 and 2.0.15 is copyright by the phpBB Group. Find these and other code changes at phpBBHacks.com and phpBB Smith.
Compiled by your friendly neighborhood Thoul from the phpBB 2.0.14 - 2.0.15 files.

phpBB Smith » phpBB 2.0 » Code Changes » phpBB 2.0.14 to phpBB 2.0.15 Code Cha...