phpBB 2.0.18 Rilasciato!

Php, PHP-Nuke, phpBB, Html, CSS, Javascript e tutto ciò che concerne la gestione siti web.
Avatar utente
AleSSaNDRo
WebMaster
WebMaster
Messaggi: 2363
Iscritto il: 24/04/2003, 1:11
Località: Milano

phpBB 2.0.18 Rilasciato!

Messaggio da AleSSaNDRo »

Lo staff di phpBB.com ha rilasciato in data odierna una nuova versione di phpBB: 2.0.18
Si consiglia l'aggiornamento immediato in quanto sono stati risolti davvero moltissimi bug!
Ecco la lista dei cambiamenti:
  • [Fix] incorrect handling of password resets if admin activation is enabled (Bug #88)
  • [Fix] retrieving category rows in index.php (Bug #90)
  • [Fix] improved index performance by determining the permissions before iterating through all forums (Bug #91)
  • [Fix] wrong topic redirection after login redirect (Bug #94)
  • [Fix] improved handling of username lists in admin_ug_auth.php (Bug #98)
  • [Fix] incorrect removal of bbcode_uid values if bbcode has been turned off (Bug #100)
  • [Fix] correctly preview signature if editing other users posts (Bug #101)
  • [Fix] incorrect alt tag on generated search images in groupcp.php, viewtopic.php and usercp_viewprofile.php (Bug #102)
  • [Fix] consistent forum ordering in all dropdown boxes (Bug #106)
  • [Fix] correctly get compression status in page_tail.php and page_footer_admin.php (Bug #117)
  • [Fix] set page title on summary page of groupcp.php (bug #125)
  • [Fix] correctly test style and avatar in usercp_register.php (bug #129 and #317)
  • [Fix] handling of reactivation notifications if admin activation is enabled (Bug #145)
  • [Fix] handling of both forms of translation information used in language packs (Bug #159)
  • [Fix] key length for activation keys fixed in usercp_sendpassword.php (Bug #171)
  • [Fix] use GENERAL_MESSAGE constant in message_die instead of MESSAGE (Bug #176)
  • [Fix] incorrect handling of move stubs (Bug #179)
  • [Fix] wrong mode_type in memberlist (Bug #187)
  • [Fix] SQL errors when setting maximum PMs to 0 (Bug #188)
  • [Fix] removed unused variable from topic_notify email template (Bug #210)
  • [Fix] removed unset variable from smilies popup window title (Bug #224)
  • [Fix] removed duplicate template assignment from admin_board.php (Bug #226)
  • [Fix] incorrect search link for guest posts in modcp.php (Bug #254)
  • [Fix] all users removed from topics watch table on special occassions (Bug #271)
  • [Fix] correctly check returned value from strpos in append_sid function (Bug #275)
  • [Fix] correctly display username in private message notification (Bug #278)
  • [Fix] fixed "var-by-ref" errors (Bug #322)
  • [Fix] changed redirection to installation (Bug #325)
  • [Fix] added timout of 10 seconds to version check (Bug #348)
  • [Fix] fixed user_level default in postgresql schema file (Bug #444)
  • [Fix] multiple minor HTML issues with subSilver
  • [Change] deprecated the use of some PHP 3 compatability functions in favour of the native equivalents
  • [Change] added 60 days limit for grabbing unread topics in index.php
  • [Sec] backport of session keys system from olympus
  • [Sec] fixed email bans to use the same pattern as email validation and allow wildcard domain bans
  • [Sec] fixed validation of topic type when posting
  • [Sec] unset database password once it is no longer needed
  • [Sec] fixed potential to select images outside the specified path as avatars or smilies
  • [Sec] fix globals de-registration code for PHP5 - (Stefan Esser/Matt Kavanagh)
  • [Sec] changed avatar gallery code sections to prevent possible injection points (AnthraX101)
  • [Sec] signature field is not properly sanitised for user input when an error occurs while accessing the avatar gallery (AnthraX101)
  • [Sec] check to_username and ownership when editing a PM (AnthraX101)
  • [Sec] fixed ability to edit PM's you did not send (depablo84)
  • [Sec] compare imagetype on avatar uploading to match the file extension from uploaded file
Avatar utente
AleSSaNDRo
WebMaster
WebMaster
Messaggi: 2363
Iscritto il: 24/04/2003, 1:11
Località: Milano

Messaggio da AleSSaNDRo »

A distanza di qualche ora, sono state pubblicate alcune modifiche da apportare SOLO se si ha già aggiornato il proprio forum alla versione 2.0.18. Le modifiche riguardano 2 file:
common.php (giusto una piccola modifica) e includes/usercp_register.php
Eccole:

APRI common.php

CERCA:

Codice: Seleziona tutto


if (@phpversion() >= '5.0.0' && (!ini_get('register_long_arrays') || @ini_get('register_long_arrays') == '0' || strtolower(@ini_get('register_long_arrays')) == 'off'))

SOSTITUISCI CON:

Codice: Seleziona tutto


if (@phpversion() >= '5.0.0' && (!@ini_get('register_long_arrays') || @ini_get('register_long_arrays') == '0' || strtolower(@ini_get('register_long_arrays')) == 'off'))


APRI includes/usercp_register.php

CERCA (Line 75):

Codice: Seleziona tutto


$error = FALSE;

DOPO, AGGIUNGI:

Codice: Seleziona tutto


$error_msg = '';

CERCA (Riga 195):

Codice: Seleziona tutto


   $user_avatar_local = ( isset($HTTP_POST_VARS['avatarselect']) && !empty($HTTP_POST_VARS['submitavatar']) && $board_config['allow_avatar_local'] ) ? htmlspecialchars($HTTP_POST_VARS['avatarselect']) : ( ( isset($HTTP_POST_VARS['avatarlocal'])  ) ? htmlspecialchars($HTTP_POST_VARS['avatarlocal']) : '' );

DOPO, AGGIUNGI:

Codice: Seleziona tutto


   $user_avatar_category = ( isset($HTTP_POST_VARS['avatarcatname']) && $board_config['allow_avatar_local'] ) ? htmlspecialchars($HTTP_POST_VARS['avatarcatname']) : '' ;

CERCA (Riga 224):

Codice: Seleziona tutto


      $signature = stripslashes($signature);

SOSTITUISCI CON:

Codice: Seleziona tutto


      $signature = htmlspecialchars(stripslashes($signature));

CERCA (Riga 231):

Codice: Seleziona tutto


         $user_avatar = $user_avatar_local;

SOSTITUISCI CON:

Codice: Seleziona tutto


         $user_avatar = $user_avatar_category . '/' . $user_avatar_local;

CERCA (Riga 441):

Codice: Seleziona tutto


      if ( $signature_bbcode_uid == '' )

SOSTITUISCI CON:

Codice: Seleziona tutto


      if ( !isset($signature_bbcode_uid) || $signature_bbcode_uid == '' )

CERCA (Riga 477):

Codice: Seleziona tutto


      if ( @file_exists(@phpbb_realpath('./' . $board_config['avatar_path'] . '/' . $userdata['user_avatar'])) )
      {
         @unlink(@phpbb_realpath('./' . $board_config['avatar_path'] . '/' . $userdata['user_avatar']));
      }
      $avatar_sql = user_avatar_url($mode, $error, $error_msg, $user_avatar_remoteurl);
   }
   else if ( $user_avatar_local != '' && $board_config['allow_avatar_local'] )
   {
      if ( @file_exists(@phpbb_realpath('./' . $board_config['avatar_path'] . '/' . $userdata['user_avatar'])) )
      {
         @unlink(@phpbb_realpath('./' . $board_config['avatar_path'] . '/' . $userdata['user_avatar']));
      }
      $avatar_sql = user_avatar_gallery($mode, $error, $error_msg, $user_avatar_local);

SOSTITUISCI CON:

Codice: Seleziona tutto


      user_avatar_delete($userdata['user_avatar_type'], $userdata['user_avatar']);
      $avatar_sql = user_avatar_url($mode, $error, $error_msg, $user_avatar_remoteurl);
   }
   else if ( $user_avatar_local != '' && $board_config['allow_avatar_local'] )
   {
      user_avatar_delete($userdata['user_avatar_type'], $userdata['user_avatar']);
      $avatar_sql = user_avatar_gallery($mode, $error, $error_msg, $user_avatar_local, $user_avatar_category);

CERCA (Riga 897):

Codice: Seleziona tutto


      $s_hidden_fields .= '<input type="hidden" name="avatarlocal" value="' . $user_avatar_local . '" />';

SOSTITUISCI CON:

Codice: Seleziona tutto


      $s_hidden_fields .= '<input type="hidden" name="avatarlocal" value="' . $user_avatar_local . '" /><input type="hidden" name="avatarcatname" value="' . $user_avatar_category . '" />'; 

Chi c’è in linea

Visitano il forum: Claude [Bot] e 0 ospiti