* Fixed XSS vulnerability involving the get_host parameter. Reported by Dante90. * Strengthened the auto generated cookie seed in install. * Fixed a password recovery vulnerability. Reported by Stefan Esser. * Modified the redirect function so that it prefixes URLs with the base URL only when it is required. * Added a new parameter to the logout URL to prevent a CSRF annoyance. * Improved performance of the reindexing process for forums which do not have sequential post and topic IDs. * Fixed the "or" operator not working for searches (only affects non- MySQL(i) forums). Reported by fpouget. * Fixed a bug where people couldn't search by forum when they chose to see search results as topics (only affected MySQL(i) forums). * Fixed a bug where mods/admins could not search all forums even though they were given the option in the dropdown. Reported by chrizz.