diff -urbB punbb-1.1.2/upload/admin_bans.php punbb-1.1.5/upload/admin_bans.php --- punbb-1.1.2/upload/admin_bans.php 2004-03-21 16:29:21.000000000 +0100 +++ punbb-1.1.5/upload/admin_bans.php 2004-04-25 22:34:47.000000000 +0200 @@ -122,7 +122,7 @@ - + diff -urbB punbb-1.1.2/upload/admin_options.php punbb-1.1.5/upload/admin_options.php --- punbb-1.1.2/upload/admin_options.php 2004-03-21 16:29:22.000000000 +0100 +++ punbb-1.1.5/upload/admin_options.php 2004-03-21 16:29:24.000000000 +0100 @@ -94,13 +94,24 @@ $form['maintenance'] = '0'; } + $form['timeout_visit'] = intval($form['timeout_visit']); + $form['timeout_online'] = intval($form['timeout_online']); + $form['redirect_delay'] = intval($form['redirect_delay']); + $form['flood_interval'] = intval($form['flood_interval']); + $form['topic_review'] = intval($form['topic_review']); + $form['disp_topics_default'] = intval($form['disp_topics_default']); + $form['disp_posts_default'] = intval($form['disp_posts_default']); + $form['indent_num_spaces'] = intval($form['indent_num_spaces']); + $form['avatars_width'] = intval($form['avatars_width']); + $form['avatars_height'] = intval($form['avatars_height']); + $form['avatars_size'] = intval($form['avatars_size']); while (list($key, $input) = @each($form)) { // Only update values that have changed if ($pun_config['o_'.$key] != $input) { - if ($input != '') + if ($input != '' || is_int($input)) $value = '\''.escape($input).'\''; else $value = 'NULL'; diff -urbB punbb-1.1.2/upload/admin_permissions.php punbb-1.1.5/upload/admin_permissions.php --- punbb-1.1.2/upload/admin_permissions.php 2004-03-21 16:29:22.000000000 +0100 +++ punbb-1.1.5/upload/admin_permissions.php 2004-03-21 16:29:24.000000000 +0100 @@ -38,12 +38,15 @@ $form = array_map('trim', $_POST['form']); + $form['sig_length'] = intval($form['sig_length']); + $form['sig_lines'] = intval($form['sig_lines']); + while (list($key, $input) = @each($form)) { // Only update values that have changed if ($pun_config['p_'.$key] != $input) { - if ($input != '') + if ($input != '' || is_int($input)) $value = '\''.escape($input).'\''; else $value = 'NULL'; diff -urbB punbb-1.1.2/upload/header.php punbb-1.1.5/upload/header.php --- punbb-1.1.2/upload/header.php 2004-03-21 16:29:22.000000000 +0100 +++ punbb-1.1.5/upload/header.php 2004-07-15 21:50:55.434862572 +0200 @@ -23,8 +23,12 @@ ************************************************************************/ +// Make sure no one attempts to run this script "directly" +if (!defined('PUN')) + exit; + // Send no-cache headers -header('Cache-Control: no-store, no-cache, must-revalidate'); +//header('Cache-Control: no-store, no-cache, must-revalidate'); header('Cache-Control: post-check=0, pre-check=0', false); header('Last-Modified: '.gmdate('D, d M Y H:i:s').' GMT'); header('Expires: Thu, 21 Jul 1977 07:30:00 GMT'); // When yours truly first set eyes on this world! :) diff -urbB punbb-1.1.2/upload/include/common.php punbb-1.1.5/upload/include/common.php --- punbb-1.1.2/upload/include/common.php 2004-03-21 16:29:23.000000000 +0100 +++ punbb-1.1.5/upload/include/common.php 2004-07-15 23:39:37.370677888 +0200 @@ -31,7 +31,7 @@ //define('PUN_SHOW_QUERIES', 1); -@include $pun_root.'config.php'; +if (is_dir($pun_root)) @include $pun_root.'config.php'; // If PUN isn't defined, config.php is missing or corrupt if (!defined('PUN')) diff -urbB punbb-1.1.2/upload/include/common_admin.php punbb-1.1.5/upload/include/common_admin.php --- punbb-1.1.2/upload/include/common_admin.php 2004-03-21 16:29:23.000000000 +0100 +++ punbb-1.1.5/upload/include/common_admin.php 2004-03-21 16:29:24.000000000 +0100 @@ -82,7 +82,7 @@ // function prune($forum_id, $prune_sticky, $prune_date) { - global $db; + global $pun_root, $db; $extra_sql = ($prune_date != -1) ? ' AND last_post<'.$prune_date : ''; @@ -111,7 +111,7 @@ $db->query('DELETE FROM '.$db->prefix.'posts WHERE id IN('.$post_ids.')') or error('Unable to prune posts', __FILE__, __LINE__, $db->error()); // We removed a bunch of posts, so now we have to update the search index - require $pun_root.'include/search_idx.php'; + require_once $pun_root.'include/search_idx.php'; strip_search_index($post_ids); } } diff -urbB punbb-1.1.2/upload/include/functions.php punbb-1.1.5/upload/include/functions.php --- punbb-1.1.2/upload/include/functions.php 2004-03-21 16:29:23.000000000 +0100 +++ punbb-1.1.5/upload/include/functions.php 2004-07-15 21:52:40.864313810 +0200 @@ -328,7 +328,7 @@ if ($user['title'] != '') $user_title = pun_htmlspecialchars($user['title']); // If the user is banned - else if (in_array(strtolower($user['username']), $ban_list)) + else if (in_array(strtolower($user['username']), $ban_list, true)) $user_title = $lang_common['Banned']; else if ($user['status'] <= PUN_USER) { @@ -607,7 +607,7 @@ { global $pun_config, $lang_common; - if (!preg_match('#^'.preg_quote($pun_config['o_base_url'].'/'.$script, '#').'#i', $_SERVER['HTTP_REFERER'])) + if (!preg_match('#^'.preg_quote(str_replace('www.', '', $pun_config['o_base_url']).'/'.$script, '#').'#i', str_replace('www.', '', $_SERVER['HTTP_REFERER']))) message($lang_common['Bad referer']); } diff -urbB punbb-1.1.2/upload/include/parser.php punbb-1.1.5/upload/include/parser.php --- punbb-1.1.2/upload/include/parser.php 2004-03-21 16:29:23.000000000 +0100 +++ punbb-1.1.5/upload/include/parser.php 2004-07-15 23:04:54.560916991 +0200 @@ -173,11 +173,13 @@ { global $cur_user; - $full_url = $url; + $full_url = str_replace(' ', '%20', $url); if (strpos($url, 'www.') === 0) $full_url = 'http://'.$full_url; else if (strpos($url, 'ftp.') === 0) $full_url = 'ftp://'.$full_url; + else if (!preg_match('#^([a-z]{3,5})://#', $url)) + $full_url = 'http://'.$full_url; // Ok, not very pretty :-) $link = ($link == '' || $link == $url) ? ((strlen($url) > 55) ? substr($url, 0 , 39).' ... '.substr($url, -10) : $url) : stripslashes($link); diff -urbB punbb-1.1.2/upload/include/search_idx.php punbb-1.1.5/upload/include/search_idx.php --- punbb-1.1.2/upload/include/search_idx.php 2004-03-21 16:29:23.000000000 +0100 +++ punbb-1.1.5/upload/include/search_idx.php 2004-03-30 02:05:05.000000000 +0200 @@ -43,8 +43,8 @@ if (empty($noise_match)) { - $noise_match = array('^', '$', '&', '(', ')', '<', '>', '`', '\'', '"', '|', ',', '@', '_', '?', '%', '-', '~', '+', '.', '[', ']', '{', '}', ':', '\\', '/', '=', '#', ';', '!', '*'); - $noise_replace = array(' ', ' ', ' ', ' ', ' ', ' ', ' ', '', '', ' ', ' ', ' ', ' ', '', ' ', ' ', '', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', '' , ' ', ' ', ' ', ' ', ' ', ' '); + $noise_match = array('quote', 'code', 'url', 'img', 'email', 'color', 'colour', '^', '$', '&', '(', ')', '<', '>', '`', '\'', '"', '|', ',', '@', '_', '?', '%', '-', '~', '+', '.', '[', ']', '{', '}', ':', '\\', '/', '=', '#', ';', '!', '*'); + $noise_replace = array('', '', '', '', '', '', '', ' ', ' ', ' ', ' ', ' ', ' ', ' ', '', '', ' ', ' ', ' ', ' ', '', ' ', ' ', '', ' ', ' ', ' ', ' ', ' ', ' ', ' ', ' ', '' , ' ', ' ', ' ', ' ', ' ', ' '); $stopwords = @file('lang/'.$language.'/'.$language.'_stopwords.txt'); } diff -urbB punbb-1.1.2/upload/install.php punbb-1.1.5/upload/install.php --- punbb-1.1.2/upload/install.php 2004-03-21 16:29:22.000000000 +0100 +++ punbb-1.1.5/upload/install.php 2004-04-30 01:29:10.000000000 +0200 @@ -24,7 +24,7 @@ // The PunBB version this script installs -$punbb_version = '1.1.2'; +$punbb_version = '1.1.5'; $pun_root = './'; diff -urbB punbb-1.1.2/upload/lang/en/en_common.php punbb-1.1.5/upload/lang/en/en_common.php --- punbb-1.1.2/upload/lang/en/en_common.php 2004-03-21 16:29:23.000000000 +0100 +++ punbb-1.1.5/upload/lang/en/en_common.php 2004-03-30 00:46:36.000000000 +0200 @@ -6,6 +6,7 @@ // Text orientation and encoding 'lang_direction' => 'ltr', // ltr (Left-To-Right) or rtl (Right-To-Left) 'lang_encoding' => 'iso-8859-1', +'lang_multibyte' => false, // Notices 'Bad request' => 'Bad request. The link you followed is incorrect or outdated.', diff -urbB punbb-1.1.2/upload/lang/en/en_edit.php punbb-1.1.5/upload/lang/en/en_edit.php --- punbb-1.1.2/upload/lang/en/en_edit.php 2004-03-21 16:29:23.000000000 +0100 +++ punbb-1.1.5/upload/lang/en/en_edit.php 2004-03-30 00:09:00.000000000 +0200 @@ -12,7 +12,7 @@ 'No caps message' => 'Messages must not contain only capital letters and special characters in this forum.', // Miscellaneous -'Show smilies' => 'Show smilies', +'Show smilies' => 'Convert smilies to icons', 'Silent edit' => 'Silent edit (don\'t display "Edited by ..." in topic view)', 'Edit message' => 'Edit message', 'Edit redirect' => 'Post updated. Redirecting ...' diff -urbB punbb-1.1.2/upload/lang/en/en_post.php punbb-1.1.5/upload/lang/en/en_post.php --- punbb-1.1.2/upload/lang/en/en_post.php 2004-03-21 16:29:23.000000000 +0100 +++ punbb-1.1.5/upload/lang/en/en_post.php 2004-03-30 00:08:58.000000000 +0200 @@ -8,14 +8,14 @@ 'Too long subject' => 'Subjects cannot be longer than 70 characters.', 'No caps subject' => 'Subjects must not contain only capital letters and special characters in this forum.', 'No message' => 'You must enter a message.', -'Too long message' => 'Posts cannot be longer that 65535 characters (64 Kb).', +'Too long message' => 'Posts cannot be longer that 65535 characters (64 KB).', 'No caps message' => 'Messages must not contain only capital letters and special characters in this forum.', // Miscellaneous 'Post redirect' => 'Post entered. Redirecting ...', 'Post a reply' => 'Post a reply', 'Post new topic' => 'Post new topic', -'Show smilies' => 'Show smilies as icons', +'Show smilies' => 'Convert smilies to icons', 'Subscribe' => 'Subscribe to this topic', 'Topic review' => 'Topic review (newest first)', 'Flood start' => 'At least', diff -urbB punbb-1.1.2/upload/lang/en/en_stopwords.txt punbb-1.1.5/upload/lang/en/en_stopwords.txt --- punbb-1.1.2/upload/lang/en/en_stopwords.txt 2004-03-21 16:29:23.000000000 +0100 +++ punbb-1.1.5/upload/lang/en/en_stopwords.txt 2004-03-30 02:06:29.000000000 +0200 @@ -143,8 +143,3 @@ you your yours -lol -quote -code -img -wrote diff -urbB punbb-1.1.2/upload/moderate.php punbb-1.1.5/upload/moderate.php --- punbb-1.1.2/upload/moderate.php 2004-03-21 16:29:22.000000000 +0100 +++ punbb-1.1.5/upload/moderate.php 2004-03-21 16:29:24.000000000 +0100 @@ -316,7 +316,7 @@ $moved_to = $db->fetch_assoc($result); // Create the redirect topic - $db->query('INSERT INTO '.$db->prefix.'topics (poster, subject, posted, last_post, moved_to, forum_id) VALUES(\''.$moved_to['poster'].'\', \''.$moved_to['subject'].'\', '.$moved_to['posted'].', '.$moved_to['last_post'].', '.$cur_topic.', '.$fid.')') or error('Unable to create redirect topic', __FILE__, __LINE__, $db->error()); + $db->query('INSERT INTO '.$db->prefix.'topics (poster, subject, posted, last_post, moved_to, forum_id) VALUES(\''.addslashes($moved_to['poster']).'\', \''.addslashes($moved_to['subject']).'\', '.$moved_to['posted'].', '.$moved_to['last_post'].', '.$cur_topic.', '.$fid.')') or error('Unable to create redirect topic', __FILE__, __LINE__, $db->error()); } } diff -urbB punbb-1.1.2/upload/post.php punbb-1.1.5/upload/post.php --- punbb-1.1.2/upload/post.php 2004-03-21 16:29:22.000000000 +0100 +++ punbb-1.1.5/upload/post.php 2004-04-25 22:14:22.000000000 +0200 @@ -40,7 +40,7 @@ message($lang_post['Flood start'].' '.$pun_config['o_flood_interval'].' '.$lang_post['flood end']); // Make sure form_user is correct - if (($cookie['is_guest'] && $_POST['form_user'] != 'Guest') || (!$cookie['is_guest'] && $_POST['form_user'] != $cur_user['username'])) + if (($cookie['is_guest'] && $_POST['form_user'] != 'Guest') || (!$cookie['is_guest'] && unescape($_POST['form_user']) != $cur_user['username'])) message($lang_common['Bad request']); $smilies = $_POST['smilies']; @@ -110,7 +110,7 @@ else { $username = trim(unescape($_POST['req_username'])); - $email = trim($_POST['req_email']); + $email = strtolower(trim($_POST['req_email'])); // Load the register.php/profile.php language files require $pun_root.'lang/'.$language.'/'.$language.'_prof_reg.php'; diff -urbB punbb-1.1.2/upload/profile.php punbb-1.1.5/upload/profile.php --- punbb-1.1.2/upload/profile.php 2004-03-21 16:29:23.000000000 +0100 +++ punbb-1.1.5/upload/profile.php 2004-04-25 14:52:37.000000000 +0200 @@ -603,7 +603,15 @@ if ($cur_user['id'] != $id && $cur_user['status'] < PUN_MOD) message($lang_common['No permission']); - $form = $_POST['form']; + // Extract elements from $_POST['form'] + $wanted_elements = array('realname', 'url', 'icq', 'msn', 'aim', 'yahoo', 'location', 'use_avatar', 'disp_topics', 'disp_posts', 'timezone', 'email_setting', 'save_pass', 'notify_with_post', 'smilies', 'show_img', 'show_avatars', 'show_sig', 'link_to_new_win', 'style'); + $form = array(); + + while (list($key, $value) = @each($_POST['form'])) + { + if (in_array($key, $wanted_elements)) + $form[$key] = $value; + } if ($cur_user['status'] > PUN_USER) @@ -615,6 +623,8 @@ if (strlen($username) < 2) message($lang_prof_reg['Username too short']); + else if (pun_strlen($username) > 25) // This usually doesn't happen since the form element only accepts 25 characters + message($lang_common['Bad request']); else if (!strcasecmp($username, 'Guest') || !strcasecmp($username, $lang_common['Guest'])) message($lang_prof_reg['Username guest']); else if (preg_match('/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/', $username)) @@ -672,7 +682,7 @@ $form['url'] = 'http://'.$form['url']; // If the ICQ UIN contains anything other than digits it's invalid - if ($form['icq'] != '' && preg_match('/[^0-9]/', $form[icq])) + if ($form['icq'] != '' && preg_match('/[^0-9]/', $form['icq'])) message($lang_prof_reg['Bad ICQ']); @@ -1043,7 +1053,7 @@
Username
The username to ban.
IP-adresses
The IP or IP-ranges you wish to ban (e.g. 150.11.110.1 or 150.11.110). Separate addresses with spaces. If an IP is entered already it is the last known IP of this user in the database.here to see IP statistics for this user.' ?>
-   

+   

:   
:   
:   
diff -urbB punbb-1.1.2/upload/register.php punbb-1.1.5/upload/register.php --- punbb-1.1.2/upload/register.php 2004-03-21 16:29:23.000000000 +0100 +++ punbb-1.1.5/upload/register.php 2004-04-25 14:14:31.000000000 +0200 @@ -102,6 +102,8 @@ // Validate username and passwords if (strlen($username) < 2) message($lang_prof_reg['Username too short']); + else if (pun_strlen($username) > 25) // This usually doesn't happen since the form element only accepts 25 characters + message($lang_common['Bad request']); else if (strlen($password1) < 4) message($lang_prof_reg['Pass too short']); else if ($password1 != $password2) diff -urbB punbb-1.1.2/upload/search.php punbb-1.1.5/upload/search.php --- punbb-1.1.2/upload/search.php 2004-03-21 16:29:23.000000000 +0100 +++ punbb-1.1.5/upload/search.php 2004-06-03 02:19:33.000000000 +0200 @@ -53,7 +53,7 @@ // Detect two byte character sets -$multibyte = (in_array($lang_common['lang_encoding'], array('utf-8', 'gb2312', 'big5', 'shift_jis', 'euc-kr'))) ? true : false; +$multibyte = (isset($lang_common['lang_multibyte']) && $lang_common['lang_multibyte']) ? true : false; // Figure out what to do :-) @@ -188,7 +188,7 @@ while (list(, $word) = @each($stopwords)) { $word = trim($word); - if ($word != 'and' || $word != 'or' || $word != 'not') + if ($word != 'and' && $word != 'or' && $word != 'not') $keywords = preg_replace('#\b'.preg_quote($word).'\b#', ' ', $keywords); } } @@ -564,7 +564,7 @@ if ($search_set[$i]['poster_id'] > 1) $pposter = ''.$pposter.''; - if (pun_strlen($message) == 140) + if (pun_strlen($message) >= 140) $message .= ' ...'; ?> @@ -694,7 +694,7 @@ $extra_sql = ($cur_user['status'] < PUN_MOD) ? ' WHERE f.admmod_only=\'0\'' : ''; -$result = $db->query('SELECT c.id AS cid, c.cat_name, f.id AS fid, f.forum_name FROM '.$db->prefix.'categories AS c INNER JOIN '.$db->prefix.'forums AS f ON c.id=f.cat_id'.$extra.' ORDER BY c.disp_position, c.id, f.disp_position') or error('Unable to fetch category/forum list', __FILE__, __LINE__, $db->error()); +$result = $db->query('SELECT c.id AS cid, c.cat_name, f.id AS fid, f.forum_name FROM '.$db->prefix.'categories AS c INNER JOIN '.$db->prefix.'forums AS f ON c.id=f.cat_id'.$extra_sql.' ORDER BY c.disp_position, c.id, f.disp_position') or error('Unable to fetch category/forum list', __FILE__, __LINE__, $db->error()); $num_forums = $db->num_rows($result); while ($num_forums--)