2.0.12 Update

All updates to the site will be posted here.

Moderator: CricketMX Forum Moderators

Post Reply
User avatar
battye
Site Admin
Site Admin
Posts: 14391
Joined: Sun Jan 11, 2004 8:26 am
Location: Australia
Contact:

Bugs and potential security vulnerabilities have been fixed in phpBB 2.0.12. As usual, if you find any errors when using the forum, report them in this topic.

If you own a forum, and use 2.0.11 or below, follow the instructions below to update to 2.0.12. Remember you will need to download the upgrade package for the update_to_latest.php file. You upload this to your forum root / install directory (eg forums.com/install) and run. Make sure you apply the code changes too, as this script only updates the database.

phpBB 2.0.11 to phpBB 2.0.12 Code Changes



These are the Changes from phpBB 2.0.11 to phpBB 2.0.12 summed up into a little Mod. This might be very helpful if you want to update your Board and have installed a bunch of Mods. Then it's normally easier to apply the Code Changes than to install all Mods again.

When you find a 'AFTER, ADD'-Statement, the Code have to be added after the last line quoted in the 'FIND'-Statement.
When you find a 'BEFORE, ADD'-Statement, the Code have to be added before the first line quoted in the 'FIND'-Statement.
When you find a 'REPLACE WITH'-Statement, the Code quoted in the 'FIND'-Statement have to be replaced completely with the quoted Code in the 'REPLACE WITH'-Statement.
When you find a 'DELETE'-Statement, the Code have to be deleted.

After you have finished this tutorial, you have to upload the update_to_latest.php file, execute it and then delete it from your webspace.

Ok, lets start:


  • admin/admin_db_utilities.php
  1. FIND - Line 696

    Code: Select all

    
    			$tables = array('auth_access', 'banlist', 'categories', 'config', 'disallow', 'forums', 'forum_prune', 'groups', 'posts', 'posts_text', 'privmsgs', 'privmsgs_text', 'ranks', 'search_results', 'search_wordlist', 'search_wordmatch', 'sessions', 'smilies', 'themes', 'themes_name', 'topics', 'topics_watch', 'user_group', 'users', 'vote_desc', 'vote_results', 'vote_voters', 'words');
    
    REPLACE WITH

    Code: Select all

    
    			$tables = array('auth_access', 'banlist', 'categories', 'config', 'disallow', 'forums', 'forum_prune', 'groups', 'posts', 'posts_text', 'privmsgs', 'privmsgs_text', 'ranks', 'search_results', 'search_wordlist', 'search_wordmatch', 'sessions', 'smilies', 'themes', 'themes_name', 'topics', 'topics_watch', 'user_group', 'users', 'vote_desc', 'vote_results', 'vote_voters', 'words', 'confirm');
    
  • admin/index.php
  1. FIND - Line 562

    Code: Select all

    
    			"L_NO_GUESTS_BROWSING" => $lang['No_users_browsing'])
    		);
    	}
    
    AFTER, ADD

    Code: Select all

    
    
    	// Check for new version
    	$current_version = explode('.', '2' . $board_config['version']);
    	$minor_revision = (int) $current_version[2];
    
    	$errno = 0;
    	$errstr = $version_info = '';
    
    	if ($fsock = @fsockopen('www.phpbb.com', 80, $errno, $errstr))
    	{
    		@fputs($fsock, "GET /updatecheck/20x.txt HTTP/1.1\r\n");
    		@fputs($fsock, "HOST: www.phpbb.com\r\n");
    		@fputs($fsock, "Connection: close\r\n\r\n");
    
    		$get_info = false;
    		while (!@feof($fsock))
    		{
    			if ($get_info)
    			{
    				$version_info .= @fread($fsock, 1024);
    			}
    			else
    			{
    				if (@fgets($fsock, 1024) == "\r\n")
    				{
    					$get_info = true;
    				}
    			}
    		}
    		@fclose($fsock);
    
    		$version_info = explode("\n", $version_info);
    		$latest_head_revision = (int) $version_info[0];
    		$latest_minor_revision = (int) $version_info[2];
    		$latest_version = (int) $version_info[0] . '.' . (int) $version_info[1] . '.' . (int) $version_info[2];
    
    		if ($latest_head_revision == 2 && $minor_revision == $latest_minor_revision)
    		{
    			$version_info = '<p style="color:green">' . $lang['Version_up_to_date'] . '</p>';
    		}
    		else
    		{
    			$version_info = '<p style="color:red">' . $lang['Version_not_up_to_date'];
    			$version_info .= '<br />' . sprintf($lang['Latest_version_info'], $latest_version) . sprintf($lang['Current_version_info'], '2' . $board_config['version']) . '</p>';
    		}
    	}
    	else
    	{
    		if ($errstr)
    		{
    			$version_info = '<p style="color:red">' . sprintf($lang['Connect_socket_error'], $errstr) . '</p>';
    		}
    		else
    		{
    			$version_info = '<p>' . $lang['Socket_functions_disabled'] . '</p>';
    		}
    	}
    	
    	$version_info .= '<p>' . $lang['Mailing_list_subscribe_reminder'] . '</p>';
    	
    
    	$template->assign_vars(array(
    		'VERSION_INFO'	=> $version_info,
    		'L_VERSION_INFORMATION'	=> $lang['Version_information'])
    	);
    
  • common.php
  1. FIND - Line 56

    Code: Select all

    
    	$test = array('HTTP_GET_VARS' => NULL, 'HTTP_POST_VARS' => NULL, 'HTTP_COOKIE_VARS' => NULL, 'HTTP_SERVER_VARS' => NULL, 'HTTP_ENV_VARS' => NULL, 'HTTP_POST_FILES' => NULL);
    
    REPLACE WITH

    Code: Select all

    
    	$test = array('HTTP_GET_VARS' => NULL, 'HTTP_POST_VARS' => NULL, 'HTTP_COOKIE_VARS' => NULL, 'HTTP_SERVER_VARS' => NULL, 'HTTP_ENV_VARS' => NULL, 'HTTP_POST_FILES' => NULL, 'phpEx' => NULL, 'phpbb_root_path' => NULL);
    
  2. FIND - Line 75

    Code: Select all

    
    else if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on')
    {
    	// PHP4+ path
    
    AFTER, ADD

    Code: Select all

    
    	$not_unset = array('HTTP_GET_VARS', 'HTTP_POST_VARS', 'HTTP_COOKIE_VARS', 'HTTP_SERVER_VARS', 'HTTP_SESSION_VARS', 'HTTP_ENV_VARS', 'HTTP_POST_FILES', 'phpEx', 'phpbb_root_path');
    
  3. FIND - Line 92

    Code: Select all

    
    	unset($input['input']);
    	
    	while (list($var,) = @each($input))
    	{
    		unset($$var);
    	}
    
    REPLACE WITH

    Code: Select all

    
    	unset($input['input']);
    	unset($input['not_unset']);
    
    	while (list($var,) = @each($input))
    	{
    		if (!in_array($var, $not_unset))
    		{
    			unset($$var);
    		}
    	}
    
  4. FIND - Line 207

    Code: Select all

    
    $client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : $REMOTE_ADDR );
    
    REPLACE WITH

    Code: Select all

    
    $client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : getenv('REMOTE_ADDR') );
    
  • includes/functions.php
  1. FIND - Line 80

    Code: Select all

    
    	$username = htmlspecialchars(rtrim(trim($username), "\\"));
    	$username = substr(str_replace("\\'", "'", $username), 0, 25);
    	$username = str_replace("'", "\\'", $username);
    
    REPLACE WITH

    Code: Select all

    
    	$username = substr(htmlspecialchars(str_replace("\'", "'", trim($username))), 0, 25);
    	$username = phpbb_rtrim($username, "\\");	
    	$username = str_replace("'", "\'", $username);
    
  2. FIND - Line 83

    Code: Select all

    
    
    	return $username;
    }
    
    AFTER, ADD

    Code: Select all

    
    
    // added at phpBB 2.0.12 to fix a bug in PHP 4.3.10 (only supporting charlist in php >= 4.1.0)
    function phpbb_rtrim($str, $charlist = false)
    {
    	if ($charlist === false)
    	{
    		return rtrim($str);
    	}
    	
    	$php_version = explode('.', PHP_VERSION);
    
    	// php version < 4.1.0
    	if ((int) $php_version[0] < 4 || ((int) $php_version[0] == 4 && (int) $php_version[1] < 1))
    	{
    		while ($str{strlen($str)-1} == $charlist)
    		{
    			$str = substr($str, 0, strlen($str)-1);
    		}
    	}
    	else
    	{
    		$str = rtrim($str, $charlist);
    	}
    
    	return $str;
    }
    
    
  3. FIND - Line 608

    Code: Select all

    
    			$debug_text .= '</br /><br />Line : ' . $err_line . '<br />File : ' . $err_file;
    
    REPLACE WITH

    Code: Select all

    
    			$debug_text .= '</br /><br />Line : ' . $err_line . '<br />File : ' . basename($err_file);
    
  • includes/page_tail.php
  1. FIND - Line 38

    Code: Select all

    
    	'PHPBB_VERSION' => '2' . $board_config['version'],
    
    REPLACE WITH

    Code: Select all

    
    //	'PHPBB_VERSION' => '2' . $board_config['version'],
    
  • includes/template.php
  1. FIND - Line 233

    Code: Select all

    
           		$filename = phpbb_realpath($this->root . '/' . $filename);
    
    REPLACE WITH

    Code: Select all

    
           		$filename = ($rp_filename = phpbb_realpath($this->root . '/' . $filename)) ? $rp_filename : $filename;
    
  • includes/usercp_avatar.php
  1. FIND - Line 54

    Code: Select all

    
    {
    	global $board_config, $userdata;
    
    
    AFTER, ADD

    Code: Select all

    
    	$avatar_file = basename($avatar_file);
    
  2. FIND - Line 69

    Code: Select all

    
    function user_avatar_gallery($mode, &$error, &$error_msg, $avatar_filename)
    {
    	global $board_config;
    
    AFTER, ADD

    Code: Select all

    
    
    	$avatar_filename = str_replace(array('../', '..\\', './', '.\\'), '', $avatar_filename);
    	if ($avatar_filename{0} == '/' || $avatar_filename{0} == "\\")
    	{
    		return '';
    	}
    
    
  3. FIND - Line 235

    Code: Select all

    
    				$move_file = 'copy';
    			}
    
    
    AFTER, ADD

    Code: Select all

    
    			if (!is_uploaded_file($avatar_filename))
    			{
    				message_die(GENERAL_ERROR, 'Unable to upload file', '', __LINE__, __FILE__);
    			}
    
  • includes/usercp_register.php
  1. FIND - Line 462

    Code: Select all

    
    			$avatar_mode = ( !empty($user_avatar_name) ) ? 'local' : 'remote';
    
    REPLACE WITH

    Code: Select all

    
    			$avatar_mode = (empty($user_avatar_name)) ? 'remote' : 'local';
    
  • language/lang_english/lang_admin.php
  1. FIND

    Code: Select all

    
    //
    // That's all Folks!
    // -------------------------------------------------
    
    BEFORE, ADD

    Code: Select all

    
    //
    // Version Check
    //
    $lang['Version_up_to_date'] = 'Your installation is up to date, no updates are available for your version of phpBB.';
    $lang['Version_not_up_to_date'] = 'Your installation does <b>not</b> seem to be up to date. Updates are available for your version of phpBB, please visit <a href="http://www.phpbb.com/downloads.php" target="_new">http://www.phpbb.com/downloads.php</a> to obtain the latest version.';
    $lang['Latest_version_info'] = 'The latest available version is <b>phpBB %s</b>.';
    $lang['Current_version_info'] = 'You are running <b>phpBB %s</b>.';
    $lang['Connect_socket_error'] = 'Unable to open connection to phpBB Server, reported error is:<br />%s';
    $lang['Socket_functions_disabled'] = 'Unable to use socket functions.';
    $lang['Mailing_list_subscribe_reminder'] = 'For the latest information on updates to phpBB, why not <a href="http://www.phpbb.com/support/" target="_new">subscribe to our mailing list</a>.';
    $lang['Version_information'] = 'Version Information';
    
  • templates/subSilver/admin/index_body.tpl
  1. FIND - Line 80

    Code: Select all

    
    </table>
    
    <br />
    
    AFTER, ADD

    Code: Select all

    
    
    <h1>{L_VERSION_INFORMATION}</h1>
    
    {VERSION_INFO}
    
    <br />
    
  • templates/subSilver/overall_footer.tpl
  1. FIND - Line 8

    Code: Select all

    
    	Powered by phpBB {PHPBB_VERSION} line, with phpBB linked to www.phpbb.com. If you refuse
    	to include even this then support on our forums may be affected. 
    
    	The phpBB Group : 2002
    // -->
    Powered by <a href="http://www.phpbb.com/" target="_phpbb" class="copyright">phpBB</a> {PHPBB_VERSION} &copy; 2001, 2002 phpBB Group<br />{TRANSLATION_INFO}</span></div>
    
    REPLACE WITH

    Code: Select all

    
    	Powered by phpBB line, with phpBB linked to www.phpbb.com. If you refuse
    	to include even this then support on our forums may be affected.
    
    	The phpBB Group : 2002
    // -->
    Powered by <a href="http://www.phpbb.com/" target="_phpbb" class="copyright">phpBB</a> &copy; 2001, 2005 phpBB Group<br />{TRANSLATION_INFO}</span></div>
    
  • templates/subSilver/simple_footer.tpl
  1. FIND - Line 8

    Code: Select all

    
    	Powered by phpBB {PHPBB_VERSION} line, with phpBB linked to www.phpbb.com. If you refuse
    	to include even this then support on our forums may be affected. 
    
    	The phpBB Group : 2002
    // -->
    Powered by <a href="http://www.phpbb.com/" target="_phpbb" class="copyright">phpBB</a> {PHPBB_VERSION} &copy; 2001,2002 phpBB Group</span></div>
    
    REPLACE WITH

    Code: Select all

    
    	Powered by phpBB line, with phpBB linked to www.phpbb.com. If you refuse
    	to include even this then support on our forums may be affected. 
    
    	The phpBB Group : 2002
    // -->
    Powered by <a href="http://www.phpbb.com/" target="_phpbb" class="copyright">phpBB</a> &copy; 2001, 2005 phpBB Group</span></div>
    
  • viewtopic.php
  1. FIND - Line 498

    Code: Select all

    
    	unset($words);
    
    	$highlight = urlencode($HTTP_GET_VARS['highlight']);
    
    AFTER, ADD

    Code: Select all

    
    	$highlight_match = phpbb_rtrim($highlight_match, "\\");
    
Thanks
CricketMX.com in 2022: Still the home of bat's, rat's and other farmyard animals!

"OK, life [as you chose to define it] repeats until there are no more lessons to be learned." - nrnoble (June 12, 2005)
"the new forum looks awesome, it's getting bigger & better" - p2p-sharing-rules (11 Jan, 2008)
"Looks like CMX is not only getting bigger...but, also getting better!!" - moongirl (14 Dec, 2007)
User avatar
Rat
Drain Brain
Drain Brain
Posts: 4475
Joined: Mon Jun 14, 2004 9:38 am
Location: in the dark

Oh man, I hate upgrading. I'll get to this later I think.
Post Reply