################################################################# 
## MOD Title: phpBB 2.0.18 to phpBB 2.0.19 Code Changes
## MOD Author: Acyd Burn < N/A > (Meik Sievertsen) N/A 
## MOD Description: 
##		
##		
##		These are the Changes from phpBB 2.0.18 to phpBB 2.0.19 summed up into a little
##		Mod. This might be very helpful if you want to update your Board and have
##		installed a bunch of Mods. Then it's normally easier to apply the Code Changes
##		than to install all Mods again.
##		
##		When you find a 'AFTER, ADD'-Statement, the Code have to be added after the last
##		line quoted in the 'FIND'-Statement.
##		When you find a 'BEFORE, ADD'-Statement, the Code have to be added before the
##		first line quoted in the 'FIND'-Statement.
##		When you find a 'REPLACE WITH'-Statement, the Code quoted in the
##		'FIND'-Statement have to be replaced completely with the quoted Code in the
##		'REPLACE WITH'-Statement.
##		
##		After you have finished this tutorial, you have to upload the
##		install/update_to_latest.php file, execute it and then delete it from your
##		webspace.
##		
##		
##		
## MOD Version: 1.0.0 
## 
## Installation Level: Easy
## Installation Time: 5-10 Minutes 
## Files To Edit: 
##		admin/admin_board.php
##		admin/admin_db_utilities.php
##		admin/admin_disallow.php
##		admin/admin_ranks.php
##		admin/admin_styles.php
##		admin/admin_users.php
##		admin/admin_words.php
##		admin/index.php
##		includes/bbcode.php
##		common.php
##		includes/functions.php
##		includes/functions_post.php
##		includes/usercp_confirm.php
##		includes/usercp_register.php
##		language/lang_english/lang_admin.php
##		language/lang_english/lang_main.php
##		login.php
##		privmsg.php
##		templates/subSilver/admin/board_config_body.tpl
##		templates/subSilver/admin/index_body.tpl
##
## Included Files: install/update_to_latest.php
############################################################## 
## For Security Purposes, Please Check: http://www.phpbb.com/mods/ for the 
## latest version of this MOD. Downloading this MOD from other sites could cause malicious code 
## to enter into your phpBB Forum. As such, phpBB will not offer support for MOD's not offered 
## in our MOD-Database, located at: http://www.phpbb.com/mods/ 
############################################################## 
## Author Notes: 
## 
##	
############################################################## 
## MOD History: 
## 
##   2005-12-30 - Version 1.0.0 
##      - first release 
## 
############################################################## 
## Before Adding This MOD To Your Forum, You Should Back Up All Files Related To This MOD 
##############################################################


# 
#-----[ OPEN ]--------------------------------------------- 
# 
admin/admin_board.php

#
#-----[ FIND ]---------------------------------------------
# Line 19
	$module['General']['Configuration'] = "$file";

#
#-----[ REPLACE WITH ]---------------------------------------------
# 
	$module['General']['Configuration'] = $file;

#
#-----[ FIND ]---------------------------------------------
# Line 194
	"L_MAX_POLL_OPTIONS" => $lang['Max_poll_options'],
	"L_FLOOD_INTERVAL" => $lang['Flood_Interval'],
	"L_FLOOD_INTERVAL_EXPLAIN" => $lang['Flood_Interval_explain'], 

#
#-----[ AFTER, ADD ]---------------------------------------------
# 

	'L_MAX_LOGIN_ATTEMPTS'			=> $lang['Max_login_attempts'],
	'L_MAX_LOGIN_ATTEMPTS_EXPLAIN'	=> $lang['Max_login_attempts_explain'],
	'L_LOGIN_RESET_TIME'			=> $lang['Login_reset_time'],
	'L_LOGIN_RESET_TIME_EXPLAIN'	=> $lang['Login_reset_time_explain'],
	'MAX_LOGIN_ATTEMPTS'			=> $new['max_login_attempts'],
	'LOGIN_RESET_TIME'				=> $new['login_reset_time'],



# 
#-----[ OPEN ]--------------------------------------------- 
# 
admin/admin_db_utilities.php

#
#-----[ FIND ]---------------------------------------------
# Line 696
			$tables = array('auth_access', 'banlist', 'categories', 'config', 'disallow', 'forums', 'forum_prune', 'groups', 'posts', 'posts_text', 'privmsgs', 'privmsgs_text', 'ranks', 'search_results', 'search_wordlist', 'search_wordmatch', 'sessions', 'smilies', 'themes', 'themes_name', 'topics', 'topics_watch', 'user_group', 'users', 'vote_desc', 'vote_results', 'vote_voters', 'words', 'confirm');

#
#-----[ REPLACE WITH ]---------------------------------------------
# 
			$tables = array('auth_access', 'banlist', 'categories', 'config', 'disallow', 'forums', 'forum_prune', 'groups', 'posts', 'posts_text', 'privmsgs', 'privmsgs_text', 'ranks', 'search_results', 'search_wordlist', 'search_wordmatch', 'sessions', 'smilies', 'themes', 'themes_name', 'topics', 'topics_watch', 'user_group', 'users', 'vote_desc', 'vote_results', 'vote_voters', 'words', 'confirm', 'sessions_keys');


# 
#-----[ OPEN ]--------------------------------------------- 
# 
admin/admin_disallow.php

#
#-----[ FIND ]---------------------------------------------
# Line 28
	$module['Users']['Disallow'] = append_sid($filename);

#
#-----[ REPLACE WITH ]---------------------------------------------
# 
	$module['Users']['Disallow'] = $filename;


# 
#-----[ OPEN ]--------------------------------------------- 
# 
admin/admin_ranks.php

#
#-----[ FIND ]---------------------------------------------
# Line 27
	$module['Users']['Ranks'] = "$file";

#
#-----[ REPLACE WITH ]---------------------------------------------
# 
	$module['Users']['Ranks'] = $file;


# 
#-----[ OPEN ]--------------------------------------------- 
# 
admin/admin_styles.php

#
#-----[ FIND ]---------------------------------------------
# Line 30
	$module['Styles']['Manage'] = "$file";

#
#-----[ REPLACE WITH ]---------------------------------------------
# 
	$module['Styles']['Manage'] = $file;


# 
#-----[ OPEN ]--------------------------------------------- 
# 
admin/admin_users.php

#
#-----[ FIND ]---------------------------------------------
# Line 180
				message_die(GENERAL_ERROR, 'Could not delete user from banlist table', '', __LINE__, __FILE__, $sql);
			}


#
#-----[ AFTER, ADD ]---------------------------------------------
# 
			$sql = "DELETE FROM " . SESSIONS_TABLE . "
				WHERE session_user_id = $user_id";
			if ( !$db->sql_query($sql) )
			{
				message_die(GENERAL_ERROR, 'Could not delete sessions for this user', '', __LINE__, __FILE__, $sql);
			}
			
			$sql = "DELETE FROM " . SESSIONS_KEYS_TABLE . "
				WHERE user_id = $user_id";
			if ( !$db->sql_query($sql) )
			{
				message_die(GENERAL_ERROR, 'Could not delete auto-login keys for this user', '', __LINE__, __FILE__, $sql);
			}


#
#-----[ FIND ]---------------------------------------------
# Line 234
		$username = ( !empty($HTTP_POST_VARS['username']) ) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['username']))) : '';

#
#-----[ REPLACE WITH ]---------------------------------------------
# 
		$username = ( !empty($HTTP_POST_VARS['username']) ) ? phpbb_clean_username($HTTP_POST_VARS['username']) : '';

#
#-----[ FIND ]---------------------------------------------
# Line 407
				if( @file_exists(@phpbb_realpath("./" . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar'])) )
				{
					@unlink("./" . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar']);

#
#-----[ REPLACE WITH ]---------------------------------------------
# 
				if( @file_exists(@phpbb_realpath('./../' . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar'])) )
				{
					@unlink('./../' . $board_config['avatar_path'] . "/" . $this_userdata['user_avatar']);


# 
#-----[ OPEN ]--------------------------------------------- 
# 
admin/admin_words.php

#
#-----[ FIND ]---------------------------------------------
# Line 28
	$module['General']['Word_Censor'] = "$file";

#
#-----[ REPLACE WITH ]---------------------------------------------
# 
	$module['General']['Word_Censor'] = $file;


# 
#-----[ OPEN ]--------------------------------------------- 
# 
admin/index.php

#
#-----[ FIND ]---------------------------------------------
# Line 63
			include($file);

#
#-----[ REPLACE WITH ]---------------------------------------------
# 
			include('./' . $file);

#
#-----[ FIND ]---------------------------------------------
# Line 237
			if( preg_match("/^(3\.23|4\.)/", $version) )
			{
				$db_name = ( preg_match("/^(3\.23\.[6-9])|(3\.23\.[1-9][1-9])|(4\.)/", $version) ) ? "`$dbname`" : $dbname;

#
#-----[ REPLACE WITH ]---------------------------------------------
# 
			if( preg_match("/^(3\.23|4\.|5\.)/", $version) )
			{
				$db_name = ( preg_match("/^(3\.23\.[6-9])|(3\.23\.[1-9][1-9])|(4\.)|(5\.)/", $version) ) ? "`$dbname`" : $dbname;


# 
#-----[ OPEN ]--------------------------------------------- 
# 
includes/bbcode.php

#
#-----[ FIND ]---------------------------------------------
# Line 203
	$patterns[] = "#\[url\]([\w]+?://[\w\#$%&~/.\-;:=,?@\[\]+]*?)\[/url\]#is";
	$replacements[] = $bbcode_tpl['url1'];

	// [url]www.phpbb.com[/url] code.. (no xxxx:// prefix).
	$patterns[] = "#\[url\]((www|ftp)\.[\w\#$%&~/.\-;:=,?@\[\]+]*?)\[/url\]#is";

#
#-----[ REPLACE WITH ]---------------------------------------------
# 
	$patterns[] = "#\[url\]([\w]+?://([\w\#$%&~/.\-;:=,?@\]+]|\[(?!url=))*?)\[/url\]#is";
	$replacements[] = $bbcode_tpl['url1'];

	// [url]www.phpbb.com[/url] code.. (no xxxx:// prefix).
	$patterns[] = "#\[url\]((www|ftp)\.([\w\#$%&~/.\-;:=,?@\]+]|\[(?!url=))*?)\[/url\]#is";

#
#-----[ FIND ]---------------------------------------------
# Line 255
	$text = bbencode_first_pass_pda($text, $uid, '/\[quote=(\\\".*?\\\")\]/is', '[/quote]', '', false, '', "[quote:$uid=\\1]");

#
#-----[ REPLACE WITH ]---------------------------------------------
# 
	$text = bbencode_first_pass_pda($text, $uid, '/\[quote=\\\\&quot;(.*?)\\\\&quot;\]/is', '[/quote]', '', false, '', "[quote:$uid=\\\"\\1\\\"]");

#
#-----[ FIND ]---------------------------------------------
# Line 392
				if( preg_match('#\[quote=\\\"#si', $possible_start, $match) && !preg_match('#\[quote=\\\"(.*?)\\\"\]#si', $possible_start) )
				{
					// OK we are in a quote tag that probably contains a ] bracket.
					// Grab a bit more of the string to hopefully get all of it..
					if ($close_pos = strpos($text, '"]', $curr_pos + 9))
					{
						if (strpos(substr($text, $curr_pos + 9, $close_pos - ($curr_pos + 9)), '[quote') === false)
						{
							$possible_start = substr($text, $curr_pos, $close_pos - $curr_pos + 2);

#
#-----[ REPLACE WITH ]---------------------------------------------
# 
				if( preg_match('#\[quote=\\\&quot;#si', $possible_start, $match) && !preg_match('#\[quote=\\\&quot;(.*?)\\\&quot;\]#si', $possible_start) )
				{
					// OK we are in a quote tag that probably contains a ] bracket.
					// Grab a bit more of the string to hopefully get all of it..
					if ($close_pos = strpos($text, '&quot;]', $curr_pos + 14))
					{
						if (strpos(substr($text, $curr_pos + 14, $close_pos - ($curr_pos + 14)), '[quote') === false)
						{
							$possible_start = substr($text, $curr_pos, $close_pos - $curr_pos + 7);


# 
#-----[ OPEN ]--------------------------------------------- 
# 
common.php

#
#-----[ FIND ]---------------------------------------------
# Line 223
	message_die(GENERAL_MESSAGE, 'Please ensure both the install/ and contrib/ directories are deleted');

#
#-----[ REPLACE WITH ]---------------------------------------------
# 
	message_die(GENERAL_MESSAGE, 'Please_remove_install_contrib');


# 
#-----[ OPEN ]--------------------------------------------- 
# 
includes/functions.php

#
#-----[ FIND ]---------------------------------------------
# Line 161
	$sql .= ( ( is_integer($user) ) ? "user_id = $user" : "username = '" .  $user . "'" ) . " AND user_id <> " . ANONYMOUS;

#
#-----[ REPLACE WITH ]---------------------------------------------
# 
	$sql .= ( ( is_integer($user) ) ? "user_id = $user" : "username = '" .  str_replace("\'", "''", $user) . "'" ) . " AND user_id <> " . ANONYMOUS;


# 
#-----[ OPEN ]--------------------------------------------- 
# 
includes/functions_post.php

#
#-----[ FIND ]---------------------------------------------
# Line 28
$html_entities_match = array('#&(?!(\#[0-9]+;))#', '#<#', '#>#');
$html_entities_replace = array('&amp;', '&lt;', '&gt;');

#
#-----[ REPLACE WITH ]---------------------------------------------
# 
$html_entities_match = array('#&(?!(\#[0-9]+;))#', '#<#', '#>#', '#"#');
$html_entities_replace = array('&amp;', '&lt;', '&gt;', '&quot;');


# 
#-----[ OPEN ]--------------------------------------------- 
# 
includes/usercp_confirm.php

#
#-----[ FIND ]---------------------------------------------
# Line 156
	if (!empty($HTTP_GET_VARS['c']))
	{
		$_png = define_raw_pngs();

		$char = substr($code, intval($HTTP_GET_VARS['c']) - 1, 1);
		header('Content-Type: image/png');
		header('Cache-control: no-cache, no-store');
		echo base64_decode($_png[$char]);

		unset($_png);
		exit;
	}

#
#-----[ REPLACE WITH ]---------------------------------------------
# 
	$_png = define_raw_pngs();

	$char = substr($code, -1);
	header('Content-Type: image/png');
	header('Cache-control: no-cache, no-store');
	echo base64_decode($_png[$char]);

	unset($_png);
	exit;


# 
#-----[ OPEN ]--------------------------------------------- 
# 
includes/usercp_register.php

#
#-----[ FIND ]---------------------------------------------
# Line 110
	$strip_var_list = array('username' => 'username', 'email' => 'email', 'icq' => 'icq', 'aim' => 'aim', 'msn' => 'msn', 'yim' => 'yim', 'website' => 'website', 'location' => 'location', 'occupation' => 'occupation', 'interests' => 'interests');
	$strip_var_list['confirm_code'] = 'confirm_code';

#
#-----[ REPLACE WITH ]---------------------------------------------
# 
	$strip_var_list = array('email' => 'email', 'icq' => 'icq', 'aim' => 'aim', 'msn' => 'msn', 'yim' => 'yim', 'website' => 'website', 'location' => 'location', 'occupation' => 'occupation', 'interests' => 'interests', 'confirm_code' => 'confirm_code');

#
#-----[ FIND ]---------------------------------------------
# Line 126
	$trim_var_list = array('cur_password' => 'cur_password', 'new_password' => 'new_password', 'password_confirm' => 'password_confirm', 'signature' => 'signature');

#
#-----[ BEFORE, ADD ]---------------------------------------------
# 
	$username = ( !empty($HTTP_POST_VARS['username']) ) ? phpbb_clean_username($HTTP_POST_VARS['username']) : '';


#
#-----[ FIND ]---------------------------------------------
# Line 301
				if ($row['code'] != $confirm_code)

#
#-----[ BEFORE, ADD ]---------------------------------------------
# 
				// Only compare one char if the zlib-extension is not loaded
				if (!@extension_loaded('zlib'))
				{
					$row['code'] = substr($row['code'], -1);
				}



# 
#-----[ OPEN ]--------------------------------------------- 
# 
language/lang_english/lang_admin.php

#
#-----[ FIND ]---------------------------------------------
# Line 749
//
// That's all Folks!

#
#-----[ BEFORE, ADD ]---------------------------------------------
# 
//
// Login attempts configuration
//
$lang['Max_login_attempts'] = 'Allowed login attempts';
$lang['Max_login_attempts_explain'] = 'The number of allowed board login attempts.';
$lang['Login_reset_time'] = 'Login lock time';
$lang['Login_reset_time_explain'] = 'Time in minutes the user have to wait until he is allowed to login again after exceeding the number of allowed login attempts.';



# 
#-----[ OPEN ]--------------------------------------------- 
# 
language/lang_english/lang_main.php

#
#-----[ FIND ]---------------------------------------------
# Line 1021
//
// That's all, Folks!

#
#-----[ BEFORE, ADD ]---------------------------------------------
# 
$lang['Login_attempts_exceeded'] = 'The maximum number of %s login attempts has been exceeded. You are not allowed to login for the next %s minutes.';
$lang['Please_remove_install_contrib'] = 'Please ensure both the install/ and contrib/ directories are deleted';



# 
#-----[ OPEN ]--------------------------------------------- 
# 
login.php

#
#-----[ FIND ]---------------------------------------------
# Line 60
		$sql = "SELECT user_id, username, user_password, user_active, user_level

#
#-----[ REPLACE WITH ]---------------------------------------------
# 
		$sql = "SELECT user_id, username, user_password, user_active, user_level, user_login_tries, user_last_login_try

#
#-----[ FIND ]---------------------------------------------
# Line 79
				if( md5($password) == $row['user_password'] && $row['user_active'] )

#
#-----[ BEFORE, ADD ]---------------------------------------------
# 
				// If the last login is more than x minutes ago, then reset the login tries/time
				if ($row['user_last_login_try'] && $board_config['login_reset_time'] && $row['user_last_login_try'] < (time() - ($board_config['login_reset_time'] * 60)))
				{
					$db->sql_query('UPDATE ' . USERS_TABLE . ' SET user_login_tries = 0, user_last_login_try = 0 WHERE user_id = ' . $row['user_id']);
					$row['user_last_login_try'] = $row['user_login_tries'] = 0;
				}
				
				// Check to see if user is allowed to login again... if his tries are exceeded
				if ($row['user_last_login_try'] && $board_config['login_reset_time'] && $board_config['max_login_attempts'] && 
					$row['user_last_login_try'] >= (time() - ($board_config['login_reset_time'] * 60)) && $row['user_login_tries'] >= $board_config['max_login_attempts'])
				{
					message_die(GENERAL_MESSAGE, sprintf($lang['Login_attempts_exceeded'], $board_config['max_login_attempts'], $board_config['login_reset_time']));
				}


#
#-----[ FIND ]---------------------------------------------
# Line 97
					$admin = (isset($HTTP_POST_VARS['admin'])) ? 1 : 0;
					$session_id = session_begin($row['user_id'], $user_ip, PAGE_INDEX, FALSE, $autologin, $admin);


#
#-----[ AFTER, ADD ]---------------------------------------------
# 
					// Reset login tries
					$db->sql_query('UPDATE ' . USERS_TABLE . ' SET user_login_tries = 0, user_last_login_try = 0 WHERE user_id = ' . $row['user_id']);


#
#-----[ FIND ]---------------------------------------------
# Line 115
					$redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&amp;', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : '';
					$redirect = str_replace('?', '&', $redirect);

#
#-----[ BEFORE, ADD ]---------------------------------------------
# 
					// Save login tries and last login
					if ($row['user_id'] != ANONYMOUS)
					{
						$sql = 'UPDATE ' . USERS_TABLE . '
							SET user_login_tries = user_login_tries + 1, user_last_login_try = ' . time() . '
							WHERE user_id = ' . $row['user_id'];
						$db->sql_query($sql);
					}
					


# 
#-----[ OPEN ]--------------------------------------------- 
# 
privmsg.php

#
#-----[ FIND ]---------------------------------------------
# Line 38
$html_entities_match = array('#&(?!(\#[0-9]+;))#', '#<#', '#>#');
$html_entities_replace = array('&amp;', '&lt;', '&gt;');

#
#-----[ REPLACE WITH ]---------------------------------------------
# 
$html_entities_match = array('#&(?!(\#[0-9]+;))#', '#<#', '#>#', '#"#');
$html_entities_replace = array('&amp;', '&lt;', '&gt;', '&quot;');


# 
#-----[ OPEN ]--------------------------------------------- 
# 
templates/subSilver/admin/board_config_body.tpl

#
#-----[ FIND ]---------------------------------------------
# Line 59
		<td class="row2"><input class="post" type="text" size="3" maxlength="4" name="flood_interval" value="{FLOOD_INTERVAL}" /></td>
	</tr>

#
#-----[ AFTER, ADD ]---------------------------------------------
# 
	<tr>
		<td class="row1">{L_MAX_LOGIN_ATTEMPTS}<br /><span class="gensmall">{L_MAX_LOGIN_ATTEMPTS_EXPLAIN}</span></td>
		<td class="row2"><input class="post" type="text" size="3" maxlength="4" name="max_login_attempts" value="{MAX_LOGIN_ATTEMPTS}" /></td>
	</tr>
	<tr>
		<td class="row1">{L_LOGIN_RESET_TIME}<br /><span class="gensmall">{L_LOGIN_RESET_TIME_EXPLAIN}</span></td>
		<td class="row2"><input class="post" type="text" size="3" maxlength="4" name="login_reset_time" value="{LOGIN_RESET_TIME}" /></td>
	</tr>


# 
#-----[ OPEN ]--------------------------------------------- 
# 
templates/subSilver/admin/index_body.tpl

#
#-----[ FIND ]---------------------------------------------
# Line 46
	<td class="row2"><b>{GZIP_COMPRESSION}</b></td>
  </tr>
</table>

#
#-----[ AFTER, ADD ]---------------------------------------------
# 

<h1>{L_VERSION_INFORMATION}</h1>

{VERSION_INFO}

<br />


#
#-----[ FIND ]---------------------------------------------
# Line 87

<h1>{L_VERSION_INFORMATION}</h1>

{VERSION_INFO}

<br />

#
#-----[ REPLACE WITH ]---------------------------------------------
# (just remove the lines)


# 
#-----[ SAVE/CLOSE ALL FILES ]------------------------------------------ 
# 

# EoM