diff -urN punbb-1.2.3/upload/admin_groups.php punbb-1.2.4/upload/admin_groups.php
--- punbb-1.2.3/upload/admin_groups.php	Fri Feb 18 22:05:02 2005
+++ punbb-1.2.4/upload/admin_groups.php	Sun Mar 13 15:47:54 2005
@@ -229,8 +229,8 @@
 
 	if ($_POST['mode'] == 'add')
 	{
-		$db->query('SELECT 1 FROM '.$db->prefix.'groups WHERE g_title=\''.$db->escape($title).'\'') or error('Unable to check group title collision', __FILE__, __LINE__, $db->error());
-		if ($db->num_rows())
+		$result = $db->query('SELECT 1 FROM '.$db->prefix.'groups WHERE g_title=\''.$db->escape($title).'\'') or error('Unable to check group title collision', __FILE__, __LINE__, $db->error());
+		if ($db->num_rows($result))
 			message('There is already a group with the title \''.pun_htmlspecialchars($title).'\'.');
 
 		$db->query('INSERT INTO '.$db->prefix.'groups (g_title, g_user_title, g_read_board, g_post_replies, g_post_topics, g_edit_posts, g_delete_posts, g_delete_topics, g_set_title, g_search, g_search_users, g_edit_subjects_interval, g_post_flood, g_search_flood) VALUES(\''.$db->escape($title).'\', '.$user_title.', '.$read_board.', '.$post_replies.', '.$post_topics.', '.$edit_posts.', '.$delete_posts.', '.$delete_topics.', '.$set_title.', '.$search.', '.$search_users.', '.$edit_subjects_interval.', '.$post_flood.', '.$search_flood.')') or error('Unable to add group', __FILE__, __LINE__, $db->error());
@@ -242,7 +242,13 @@
 			$db->query('INSERT INTO '.$db->prefix.'forum_perms (group_id, forum_id, read_forum, post_replies, post_topics) VALUES('.$new_group_id.', '.$cur_forum_perm['forum_id'].', '.$cur_forum_perm['read_forum'].', '.$cur_forum_perm['post_replies'].', '.$cur_forum_perm['post_topics'].')') or error('Unable to insert group forum permissions', __FILE__, __LINE__, $db->error());
 	}
 	else
+	{
+		$result = $db->query('SELECT 1 FROM '.$db->prefix.'groups WHERE g_title=\''.$db->escape($title).'\' && g_id!='.$_POST['group_id']) or error('Unable to check group title collision', __FILE__, __LINE__, $db->error());
+		if ($db->num_rows($result))
+			message('There is already a group with the title \''.pun_htmlspecialchars($title).'\'.');
+
 		$db->query('UPDATE '.$db->prefix.'groups SET g_title=\''.$db->escape($title).'\', g_user_title='.$user_title.', g_read_board='.$read_board.', g_post_replies='.$post_replies.', g_post_topics='.$post_topics.', g_edit_posts='.$edit_posts.', g_delete_posts='.$delete_posts.', g_delete_topics='.$delete_topics.', g_set_title='.$set_title.', g_search='.$search.', g_search_users='.$search_users.', g_edit_subjects_interval='.$edit_subjects_interval.', g_post_flood='.$post_flood.', g_search_flood='.$search_flood.' WHERE g_id='.$_POST['group_id']) or error('Unable to update group', __FILE__, __LINE__, $db->error());
+	}
 
 	// Regenerate the quickjump cache
 	require_once PUN_ROOT.'include/cache.php';
diff -urN punbb-1.2.3/upload/admin_index.php punbb-1.2.4/upload/admin_index.php
--- punbb-1.2.3/upload/admin_index.php	Sun Jan 23 18:36:42 2005
+++ punbb-1.2.4/upload/admin_index.php	Sun Mar 13 00:34:06 2005
@@ -64,7 +64,7 @@
 
 
 // Show phpinfo() output
-else if ($action == 'phpinfo')
+else if ($action == 'phpinfo' && $pun_user['g_id'] == PUN_ADMIN)
 {
 	// Is phpinfo() a disabled function?
 	if (strpos(strtolower((string)@ini_get('disable_functions')), 'phpinfo') !== false)
diff -urN punbb-1.2.3/upload/help.php punbb-1.2.4/upload/help.php
--- punbb-1.2.3/upload/help.php	Wed Jan 12 21:17:34 2005
+++ punbb-1.2.4/upload/help.php	Fri Mar 18 22:20:44 2005
@@ -86,7 +86,7 @@
 		&nbsp;&nbsp;&nbsp;&nbsp;[quote]<?php echo $lang_help['Quote text'] ?>[/quote]<br /><br />
 		<?php echo $lang_help['produces quote box'] ?><br /><br />
 		<div class="postmsg">
-			<blockquote><div class="incqbox"></h4><p><?php echo $lang_help['Quote text'] ?></p></div></blockquote>
+			<blockquote><div class="incqbox"><p><?php echo $lang_help['Quote text'] ?></p></div></blockquote>
 		</div>
 	</div>
 </div>
diff -urN punbb-1.2.3/upload/include/dblayer/common_db.php punbb-1.2.4/upload/include/dblayer/common_db.php
--- punbb-1.2.3/upload/include/dblayer/common_db.php	Tue Jan 11 20:41:14 2005
+++ punbb-1.2.4/upload/include/dblayer/common_db.php	Fri Mar 18 22:07:48 2005
@@ -23,6 +23,11 @@
 ************************************************************************/
 
 
+// Make sure no one attempts to run this script "directly"
+if (!defined('PUN'))
+	exit;
+
+
 //
 // Return current timestamp (with microseconds) as a float (used in dblayer)
 //
diff -urN punbb-1.2.3/upload/include/email.php punbb-1.2.4/upload/include/email.php
--- punbb-1.2.3/upload/include/email.php	Fri Mar 11 19:15:58 2005
+++ punbb-1.2.4/upload/include/email.php	Fri Mar 18 21:57:02 2005
@@ -33,7 +33,7 @@
 //
 function is_valid_email($email)
 {
-	return preg_match('#^.{1,}@.{2,}\..{2,}$#', $email);
+	return preg_match('/^(([^<>()[\]\\.,;:\s@\"]+(\.[^<>()[\]\\.,;:\s@\"]+)*)|(\".+\"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/', $email);
 }
 
 
diff -urN punbb-1.2.3/upload/include/functions.php punbb-1.2.4/upload/include/functions.php
--- punbb-1.2.3/upload/include/functions.php	Fri Mar 11 18:57:06 2005
+++ punbb-1.2.4/upload/include/functions.php	Fri Mar 18 22:10:18 2005
@@ -739,7 +739,7 @@
 
 	if (strpos($lang_common['lang_encoding'], '8859') !== false)
 	{
-		$fishy_chars = array(chr(0x81), chr(0x8D), chr(0x8F), chr(0x90), chr(0x9D), chr(0xA0), chr(0xCA));
+		$fishy_chars = array(chr(0x81), chr(0x8D), chr(0x8F), chr(0x90), chr(0x9D), chr(0xA0));
 		return trim(str_replace($fishy_chars, ' ', $str));
 	}
 	else
diff -urN punbb-1.2.3/upload/include/parser.php punbb-1.2.4/upload/include/parser.php
--- punbb-1.2.3/upload/include/parser.php	Sun Jan 30 14:52:38 2005
+++ punbb-1.2.4/upload/include/parser.php	Fri Mar 18 23:08:32 2005
@@ -67,7 +67,7 @@
 	if (!$is_signature)
 	{
 		// For non-signatures, we have to do the quote and code tags as well
-		$a[] = '#\[quote=(&quot;|"|\'|)(.*)\\1\]\s*#i';
+		$a[] = '#\[quote=(&quot;|"|\'|)(.*?)\\1\]\s*#i';
 		$a[] = '#\[quote\]\s*#i';
 		$a[] = '#\s*\[/quote\]\s*#i';
 		$a[] = '#\[code\][\r\n]*(.*?)\s*\[/code\]\s*#is';
diff -urN punbb-1.2.3/upload/install.php punbb-1.2.4/upload/install.php
--- punbb-1.2.3/upload/install.php	Fri Mar 11 18:55:20 2005
+++ punbb-1.2.4/upload/install.php	Fri Mar 18 23:12:42 2005
@@ -24,7 +24,7 @@
 
 
 // The PunBB version this script installs
-$punbb_version = '1.2.3';
+$punbb_version = '1.2.4';
 
 
 define('PUN_ROOT', './');
diff -urN punbb-1.2.3/upload/moderate.php punbb-1.2.4/upload/moderate.php
--- punbb-1.2.3/upload/moderate.php	Thu Feb 24 22:16:34 2005
+++ punbb-1.2.4/upload/moderate.php	Fri Mar 18 22:28:34 2005
@@ -50,7 +50,7 @@
 		$ip = $db->result($result);
 	}
 
-	message('The IP address is: '.$ip.'<br />The host name is: '.gethostbyaddr($ip).'<br /><br /><a href="admin_users.php?show_users='.$ip.'">Show more users for this IP</a>');
+	message('The IP address is: '.$ip.'<br />The host name is: '.@gethostbyaddr($ip).'<br /><br /><a href="admin_users.php?show_users='.$ip.'">Show more users for this IP</a>');
 }
 
 
@@ -285,7 +285,7 @@
 			message($lang_common['Bad request']);
 
 		$topics = explode(',', $_POST['topics']);
-		$move_to_forum = intval($_POST['move_to_forum']);
+		$move_to_forum = isset($_POST['move_to_forum']) ? intval($_POST['move_to_forum']) : 0;
 		if (empty($topics) || $move_to_forum < 1)
 			message($lang_common['Bad request']);
 
@@ -351,7 +351,7 @@
 						<br /><select name="move_to_forum">
 <?php
 
-	$result = $db->query('SELECT c.id AS cid, c.cat_name, f.id AS fid, f.forum_name FROM '.$db->prefix.'categories AS c INNER JOIN '.$db->prefix.'forums AS f ON c.id=f.cat_id WHERE f.redirect_url IS NULL ORDER BY c.disp_position, c.id, f.disp_position') or error('Unable to fetch category/forum list', __FILE__, __LINE__, $db->error());
+	$result = $db->query('SELECT c.id AS cid, c.cat_name, f.id AS fid, f.forum_name FROM '.$db->prefix.'categories AS c INNER JOIN '.$db->prefix.'forums AS f ON c.id=f.cat_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['group_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND f.redirect_url IS NULL ORDER BY c.disp_position, c.id, f.disp_position', true) or error('Unable to fetch category/forum list', __FILE__, __LINE__, $db->error());
 
 	$cur_category = 0;
 	while ($cur_forum = $db->fetch_assoc($result))
diff -urN punbb-1.2.3/upload/profile.php punbb-1.2.4/upload/profile.php
--- punbb-1.2.3/upload/profile.php	Thu Feb 24 22:16:34 2005
+++ punbb-1.2.4/upload/profile.php	Fri Mar 18 23:03:38 2005
@@ -59,7 +59,7 @@
 		$result = $db->query('SELECT activate_string, activate_key FROM '.$db->prefix.'users WHERE id='.$id) or error('Unable to fetch new password', __FILE__, __LINE__, $db->error());
 		list($new_password_hash, $new_password_key) = $db->fetch_row($result);
 
-		if ($key != $new_password_key)
+		if ($key == '' || $key != $new_password_key)
 			message($lang_profile['Pass key bad'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.');
 		else
 		{
@@ -966,7 +966,7 @@
 					<div class="infldset">
 						<dl>
 							<dt><?php echo $lang_profile['Jabber'] ?>: </dt>
-							<dd><?php echo ($user['jabber'] !='') ? $user['jabber'] : $lang_profile['Unknown']; ?></dd>
+							<dd><?php echo ($user['jabber'] !='') ? pun_htmlspecialchars($user['jabber']) : $lang_profile['Unknown']; ?></dd>
 							<dt><?php echo $lang_profile['ICQ'] ?>: </dt>
 							<dd><?php echo ($user['icq'] !='') ? $user['icq'] : $lang_profile['Unknown']; ?></dd>
 							<dt><?php echo $lang_profile['MSN'] ?>: </dt>