diff -urN punbb-1.2.7/upload/include/email.php punbb-1.2.8/upload/include/email.php --- punbb-1.2.7/upload/include/email.php Thu Apr 7 21:41:16 2005 +++ punbb-1.2.8/upload/include/email.php Thu Sep 22 00:35:04 2005 @@ -75,15 +75,7 @@ $subject = trim(preg_replace('#[\n\r]+#s', '', $subject)); $from = trim(preg_replace('#[\n\r:]+#s', '', $from)); - // Detect what linebreak we should use for the headers - if (strtoupper(substr(PHP_OS, 0, 3) == 'WIN')) - $eol = "\r\n"; - else if (strtoupper(substr(PHP_OS, 0, 3) == 'MAC')) - $eol = "\r"; - else - $eol = "\n"; - - $headers = 'From: '.$from.$eol.'Date: '.date('r').$eol.'MIME-Version: 1.0'.$eol.'Content-transfer-encoding: 8bit'.$eol.'Content-type: text/plain; charset='.$lang_common['lang_encoding'].$eol.'X-Mailer: PunBB Mailer'; + $headers = 'From: '.$from."\r\n".'Date: '.date('r')."\r\n".'MIME-Version: 1.0'."\r\n".'Content-transfer-encoding: 8bit'."\r\n".'Content-type: text/plain; charset='.$lang_common['lang_encoding']."\r\n".'X-Mailer: PunBB Mailer'; // Make sure all linebreaks are CRLF in message $message = str_replace("\n", "\r\n", pun_linebreaks($message)); @@ -91,7 +83,15 @@ if ($pun_config['o_smtp_host'] != '') smtp_mail($to, $subject, $message, $headers); else + { + // Change the linebreaks used in the headers according to OS + if (strtoupper(substr(PHP_OS, 0, 3)) == 'MAC') + $headers = str_replace("\r\n", "\r", $headers); + else if (strtoupper(substr(PHP_OS, 0, 3)) != 'WIN') + $headers = str_replace("\r\n", "\n", $headers); + mail($to, $subject, $message, $headers); + } } diff -urN punbb-1.2.7/upload/include/functions.php punbb-1.2.8/upload/include/functions.php --- punbb-1.2.7/upload/include/functions.php Fri Sep 2 01:17:54 2005 +++ punbb-1.2.8/upload/include/functions.php Thu Sep 22 00:35:32 2005 @@ -209,7 +209,7 @@ $now = time(); // Fetch all online list entries that are older than "o_timeout_online" - $result = $db->query('SELECT * FROM '.$db->prefix.'online WHERE logged<'.($now-$pun_config['o_timeout_online'])) or error('Unable to delete from online list', __FILE__, __LINE__, $db->error()); + $result = $db->query('SELECT * FROM '.$db->prefix.'online WHERE logged<'.($now-$pun_config['o_timeout_online'])) or error('Unable to fetch old entries from online list', __FILE__, __LINE__, $db->error()); while ($cur_user = $db->fetch_assoc($result)) { // If the entry is a guest, delete it diff -urN punbb-1.2.7/upload/install.php punbb-1.2.8/upload/install.php --- punbb-1.2.7/upload/install.php Fri Sep 2 16:12:18 2005 +++ punbb-1.2.8/upload/install.php Thu Sep 22 00:42:32 2005 @@ -24,7 +24,7 @@ // The PunBB version this script installs -$punbb_version = '1.2.7'; +$punbb_version = '1.2.8'; define('PUN_ROOT', './'); diff -urN punbb-1.2.7/upload/login.php punbb-1.2.8/upload/login.php --- punbb-1.2.7/upload/login.php Thu Jul 7 19:35:30 2005 +++ punbb-1.2.8/upload/login.php Thu Sep 22 00:36:08 2005 @@ -153,7 +153,7 @@ message($lang_login['Forget mail'].' '.$pun_config['o_admin_email'].'.'); } else - message($lang_login['No e-mail match'].' '.$email.'.'); + message($lang_login['No e-mail match'].' '.htmlspecialchars($email).'.'); } diff -urN punbb-1.2.7/upload/profile.php punbb-1.2.8/upload/profile.php --- punbb-1.2.7/upload/profile.php Thu Jul 7 22:37:30 2005 +++ punbb-1.2.8/upload/profile.php Thu Sep 22 07:50:40 2005 @@ -710,6 +710,14 @@ message($lang_common['Invalid e-mail']); } + // Make sure we got a valid language string + if (isset($form['language'])) + { + $form['language'] = preg_replace('#[\.\\\/]#', '', $form['language']); + if (!file_exists(PUN_ROOT.'lang/'.$form['language'].'/common.php')) + message($lang_common['Bad request']); + } + break; } diff -urN punbb-1.2.7/upload/search.php punbb-1.2.8/upload/search.php --- punbb-1.2.7/upload/search.php Fri Sep 2 15:51:24 2005 +++ punbb-1.2.8/upload/search.php Thu Sep 22 00:36:42 2005 @@ -51,9 +51,10 @@ $action = (isset($_GET['action'])) ? $_GET['action'] : null; $forum = (isset($_GET['forum'])) ? intval($_GET['forum']) : -1; $sort_dir = (isset($_GET['sort_dir'])) ? (($_GET['sort_dir'] == 'DESC') ? 'DESC' : 'ASC') : 'DESC'; + if (isset($search_id)) unset($search_id); // If a search_id was supplied - if (isset($_REQUEST['search_id'])) + if (isset($_GET['search_id'])) { $search_id = intval($_GET['search_id']); if ($search_id < 1) diff -urN punbb-1.2.7/upload/viewforum.php punbb-1.2.8/upload/viewforum.php --- punbb-1.2.7/upload/viewforum.php Tue Feb 1 17:16:46 2005 +++ punbb-1.2.8/upload/viewforum.php Thu Sep 22 00:39:30 2005 @@ -242,7 +242,7 @@