diff -urN punbb-1.2.9/upload/include/common.php punbb-1.2.10/upload/include/common.php --- punbb-1.2.9/upload/include/common.php Sun Oct 16 12:02:42 2005 +++ punbb-1.2.10/upload/include/common.php Tue Nov 1 00:06:54 2005 @@ -32,6 +32,15 @@ if (!defined('PUN_ROOT')) exit('The constant PUN_ROOT must be defined and point to a valid PunBB installation root directory.'); + +// Load the functions script +require PUN_ROOT.'include/functions.php'; + +// Reverse the effect of register_globals +if (@ini_get('register_globals')) + unregister_globals(); + + @include PUN_ROOT.'config.php'; // If PUN isn't defined, config.php is missing or corrupt @@ -75,14 +84,6 @@ define('PUN_MOD', 2); define('PUN_GUEST', 3); define('PUN_MEMBER', 4); - - -// Load the functions script -require PUN_ROOT.'include/functions.php'; - -// Reverse the effect of register_globals -if (@ini_get('register_globals')) - unregister_globals(); // Load DB abstraction layer and connect diff -urN punbb-1.2.9/upload/include/functions.php punbb-1.2.10/upload/include/functions.php --- punbb-1.2.9/upload/include/functions.php Sun Oct 16 12:02:42 2005 +++ punbb-1.2.10/upload/include/functions.php Tue Nov 1 00:10:48 2005 @@ -681,28 +681,7 @@ // function get_remote_address() { - $remote_address = $_SERVER['REMOTE_ADDR']; - - // If HTTP_X_FORWARDED_FOR is set, we try to grab the first non-LAN IP - if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) - { - if (preg_match_all('/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/', $_SERVER['HTTP_X_FORWARDED_FOR'], $address_list)) - { - $lan_ips = array('/^0\./', '/^127\.0\.0\.1/', '/^192\.168\..*/', '/^172\.((1[6-9])|(2[0-9])|(3[0-1]))\..*/', '/^10\..*/', '/^224\..*/', '/^240\..*/'); - $address_list = preg_replace($lan_ips, null, $address_list[0]); - - while (list(, $cur_address) = each($address_list)) - { - if ($cur_address) - { - $remote_address = $cur_address; - break; - } - } - } - } - - return $remote_address; + return $_SERVER['REMOTE_ADDR']; } diff -urN punbb-1.2.9/upload/include/search_idx.php punbb-1.2.10/upload/include/search_idx.php --- punbb-1.2.9/upload/include/search_idx.php Thu Jul 7 22:11:26 2005 +++ punbb-1.2.10/upload/include/search_idx.php Mon Oct 31 22:37:18 2005 @@ -69,10 +69,8 @@ { while (list($i, $word) = @each($words)) { + $words[$i] = trim($word, '.'); $num_chars = pun_strlen($word); - - if (strrpos($word, '.') == ($num_chars-1)) - $words[$i] = substr($word, 0, -1); if ($num_chars < 3 || $num_chars > 20 || in_array($word, $stopwords)) unset($words[$i]); diff -urN punbb-1.2.9/upload/install.php punbb-1.2.10/upload/install.php --- punbb-1.2.9/upload/install.php Sun Oct 16 11:46:40 2005 +++ punbb-1.2.10/upload/install.php Tue Nov 1 00:31:04 2005 @@ -24,7 +24,7 @@ // The PunBB version this script installs -$punbb_version = '1.2.9'; +$punbb_version = '1.2.10'; define('PUN_ROOT', './'); diff -urN punbb-1.2.9/upload/post.php punbb-1.2.10/upload/post.php --- punbb-1.2.9/upload/post.php Fri Sep 2 16:05:30 2005 +++ punbb-1.2.10/upload/post.php Mon Oct 31 22:26:12 2005 @@ -338,7 +338,7 @@ if ($qid < 1) message($lang_common['Bad request']); - $result = $db->query('SELECT poster, message FROM '.$db->prefix.'posts WHERE id='.$qid) or error('Unable to fetch quote info', __FILE__, __LINE__, $db->error()); + $result = $db->query('SELECT poster, message FROM '.$db->prefix.'posts WHERE id='.$qid.' AND topic_id='.$tid) or error('Unable to fetch quote info', __FILE__, __LINE__, $db->error()); if (!$db->num_rows($result)) message($lang_common['Bad request']); diff -urN punbb-1.2.9/upload/profile.php punbb-1.2.10/upload/profile.php --- punbb-1.2.9/upload/profile.php Thu Sep 22 09:50:40 2005 +++ punbb-1.2.10/upload/profile.php Tue Nov 1 00:27:28 2005 @@ -201,6 +201,9 @@ } else if (isset($_POST['form_sent'])) { + if (pun_hash($_POST['req_password']) !== $pun_user['password']) + message($lang_profile['Wrong pass']); + require PUN_ROOT.'include/email.php'; // Validate the email-address @@ -264,7 +267,7 @@ } $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Profile']; - $required_fields = array('req_new_email' => $lang_profile['New e-mail']); + $required_fields = array('req_new_email' => $lang_profile['New e-mail'], 'req_password' => $lang_common['Password']); $focus_element = array('change_email', 'req_new_email'); require PUN_ROOT.'header.php'; @@ -279,6 +282,7 @@