PunBB 1.2.7 to 1.2.10 changes

PunBB 1.2.7 to 1.2.10 changes	Legend
	Lines removed
	Lines changed
		Lines added

punbb-1.2.7/upload/include/common.php	punbb-1.2.10/upload/include/common.php
32: if (!defined('PUN_ROOT'))	32: if (!defined('PUN_ROOT'))
33: exit('The constant PUN_ROOT must be defined and point to a valid PunBB installation root directory.');	33: exit('The constant PUN_ROOT must be defined and point to a valid PunBB installation root directory.');
34:	34:
	35:
	36: // Load the functions script
	37: require PUN_ROOT.'include/functions.php';
	38:
	39: // Reverse the effect of register_globals
	40: if (@ini_get('register_globals'))
	41: unregister_globals();
	42:
	43:
35: @include PUN_ROOT.'config.php';	44: @include PUN_ROOT.'config.php';
36:	45:
37: // If PUN isn't defined, config.php is missing or corrupt	46: // If PUN isn't defined, config.php is missing or corrupt
76: define('PUN_GUEST', 3);	85: define('PUN_GUEST', 3);
77: define('PUN_MEMBER', 4);	86: define('PUN_MEMBER', 4);
78:	87:
79:
80: // Load the functions script
81: require PUN_ROOT.'include/functions.php';
82:	88:
83: // Load DB abstraction layer and connect	89: // Load DB abstraction layer and connect
84: require PUN_ROOT.'include/dblayer/common_db.php';	90: require PUN_ROOT.'include/dblayer/common_db.php';

punbb-1.2.7/upload/include/email.php	punbb-1.2.10/upload/include/email.php
75: $subject = trim(preg_replace('#[\n\r]+#s', '', $subject));	75: $subject = trim(preg_replace('#[\n\r]+#s', '', $subject));
76: $from = trim(preg_replace('#[\n\r:]+#s', '', $from));	76: $from = trim(preg_replace('#[\n\r:]+#s', '', $from));
77:	77:
78: // Detect what linebreak we should use for the headers	78: $headers = 'From: '.$from."\r\n".'Date: '.date('r')."\r\n".'MIME-Version: 1.0'."\r\n".'Content-transfer-encoding: 8bit'."\r\n".'Content-type: text/plain; charset='.$lang_common['lang_encoding']."\r\n".'X-Mailer: PunBB Mailer';
79: if (strtoupper(substr(PHP_OS, 0, 3) == 'WIN'))
80: $eol = "\r\n";
81: else if (strtoupper(substr(PHP_OS, 0, 3) == 'MAC'))
82: $eol = "\r";
83: else
84: $eol = "\n";
85:
86: $headers = 'From: '.$from.$eol.'Date: '.date('r').$eol.'MIME-Version: 1.0'.$eol.'Content-transfer-encoding: 8bit'.$eol.'Content-type: text/plain; charset='.$lang_common['lang_encoding'].$eol.'X-Mailer: PunBB Mailer';
87:	79:
88: // Make sure all linebreaks are CRLF in message	80: // Make sure all linebreaks are CRLF in message
89: $message = str_replace("\n", "\r\n", pun_linebreaks($message));	81: $message = str_replace("\n", "\r\n", pun_linebreaks($message));
91: if ($pun_config['o_smtp_host'] != '')	83: if ($pun_config['o_smtp_host'] != '')
92: smtp_mail($to, $subject, $message, $headers);	84: smtp_mail($to, $subject, $message, $headers);
93: else	85: else
	86: {
	87: // Change the linebreaks used in the headers according to OS
	88: if (strtoupper(substr(PHP_OS, 0, 3)) == 'MAC')
	89: $headers = str_replace("\r\n", "\r", $headers);
	90: else if (strtoupper(substr(PHP_OS, 0, 3)) != 'WIN')
	91: $headers = str_replace("\r\n", "\n", $headers);
	92:
94: mail($to, $subject, $message, $headers);	93: mail($to, $subject, $message, $headers);
	94: }
95: }	95: }
96:	96:
97:	97:

punbb-1.2.7/upload/include/functions.php	punbb-1.2.10/upload/include/functions.php
209: $now = time();	209: $now = time();
210:	210:
211: // Fetch all online list entries that are older than "o_timeout_online"	211: // Fetch all online list entries that are older than "o_timeout_online"
212: $result = $db->query('SELECT * FROM '.$db->prefix.'online WHERE logged<'.($now-$pun_config['o_timeout_online'])) or error('Unable to delete from online list', __FILE__, __LINE__, $db->error());	212: $result = $db->query('SELECT * FROM '.$db->prefix.'online WHERE logged<'.($now-$pun_config['o_timeout_online'])) or error('Unable to fetch old entries from online list', __FILE__, __LINE__, $db->error());
213: while ($cur_user = $db->fetch_assoc($result))	213: while ($cur_user = $db->fetch_assoc($result))
214: {	214: {
215: // If the entry is a guest, delete it	215: // If the entry is a guest, delete it
681: //	681: //
682: function get_remote_address()	682: function get_remote_address()
683: {	683: {
684: $remote_address = $_SERVER['REMOTE_ADDR'];	684: return $_SERVER['REMOTE_ADDR'];
685:
686: // If HTTP_X_FORWARDED_FOR is set, we try to grab the first non-LAN IP
687: if (!empty($_SERVER['HTTP_X_FORWARDED_FOR']))
688: {
689: if (preg_match_all('/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/', $_SERVER['HTTP_X_FORWARDED_FOR'], $address_list))
690: {
691: $lan_ips = array('/^0\./', '/^127\.0\.0\.1/', '/^192\.168\../', '/^172\.((1[6-9])\|(2[0-9])\|(3[0-1]))\../', '/^10\../', '/^224\../', '/^240\..*/');
692: $address_list = preg_replace($lan_ips, null, $address_list[0]);
693:
694: while (list(, $cur_address) = each($address_list))
695: {
696: if ($cur_address)
697: {
698: $remote_address = $cur_address;
699: break;
700: }
701: }
702: }
703: }
704:
705: return $remote_address;
706: }	685: }
707:	686:
708:	687:
1046: </div>	1025: </div>
1047: <?php	1026: <?php
1048:	1027:
	1028: }
	1029:
	1030:
	1031: //
	1032: // Unset any variables instantiated as a result of register_globals being enabled
	1033: //
	1034: function unregister_globals()
	1035: {
	1036: // Prevent script.php?GLOBALS[foo]=bar
	1037: if (isset($_REQUEST['GLOBALS']) \|\| isset($_FILES['GLOBALS']))
	1038: exit('I\'ll have a steak sandwich and... a steak sandwich.');
	1039:
	1040: // Variables that shouldn't be unset
	1041: $no_unset = array('GLOBALS', '_GET', '_POST', '_COOKIE', '_REQUEST', '_SERVER', '_ENV', '_FILES');
	1042:
	1043: // Remove elements in $GLOBALS that are present in any of the superglobals
	1044: $input = array_merge($_GET, $_POST, $_COOKIE, $_SERVER, $_ENV, $_FILES, isset($_SESSION) && is_array($_SESSION) ? $_SESSION : array());
	1045: foreach ($input as $k => $v)
	1046: {
	1047: if (!in_array($k, $no_unset) && isset($GLOBALS[$k]))
	1048: unset($GLOBALS[$k]);
	1049: }
1049: }	1050: }
1050:	1051:
1051:	1052:

punbb-1.2.7/upload/include/search_idx.php	punbb-1.2.10/upload/include/search_idx.php
69: {	69: {
70: while (list($i, $word) = @each($words))	70: while (list($i, $word) = @each($words))
71: {	71: {
	72: $words[$i] = trim($word, '.');
72: $num_chars = pun_strlen($word);	73: $num_chars = pun_strlen($word);
73:
74: if (strrpos($word, '.') == ($num_chars-1))
75: $words[$i] = substr($word, 0, -1);
76:	74:
77: if ($num_chars < 3 \|\| $num_chars > 20 \|\| in_array($word, $stopwords))	75: if ($num_chars < 3 \|\| $num_chars > 20 \|\| in_array($word, $stopwords))
78: unset($words[$i]);	76: unset($words[$i]);

punbb-1.2.7/upload/install.php	punbb-1.2.10/upload/install.php
24:	24:
25:	25:
26: // The PunBB version this script installs	26: // The PunBB version this script installs
27: $punbb_version = '1.2.7';	27: $punbb_version = '1.2.10';
28:	28:
29:	29:
30: define('PUN_ROOT', './');	30: define('PUN_ROOT', './');

punbb-1.2.7/upload/login.php	punbb-1.2.10/upload/login.php
153: message($lang_login['Forget mail'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.');	153: message($lang_login['Forget mail'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.');
154: }	154: }
155: else	155: else
156: message($lang_login['No e-mail match'].' '.$email.'.');	156: message($lang_login['No e-mail match'].' '.htmlspecialchars($email).'.');
157: }	157: }
158:	158:
159:	159:

punbb-1.2.7/upload/post.php	punbb-1.2.10/upload/post.php
338: if ($qid < 1)	338: if ($qid < 1)
339: message($lang_common['Bad request']);	339: message($lang_common['Bad request']);
340:	340:
341: $result = $db->query('SELECT poster, message FROM '.$db->prefix.'posts WHERE id='.$qid) or error('Unable to fetch quote info', __FILE__, __LINE__, $db->error());	341: $result = $db->query('SELECT poster, message FROM '.$db->prefix.'posts WHERE id='.$qid.' AND topic_id='.$tid) or error('Unable to fetch quote info', __FILE__, __LINE__, $db->error());
342: if (!$db->num_rows($result))	342: if (!$db->num_rows($result))
343: message($lang_common['Bad request']);	343: message($lang_common['Bad request']);
344:	344:

punbb-1.2.7/upload/profile.php	punbb-1.2.10/upload/profile.php
201: }	201: }
202: else if (isset($_POST['form_sent']))	202: else if (isset($_POST['form_sent']))
203: {	203: {
	204: if (pun_hash($_POST['req_password']) !== $pun_user['password'])
	205: message($lang_profile['Wrong pass']);
	206:
204: require PUN_ROOT.'include/email.php';	207: require PUN_ROOT.'include/email.php';
205:	208:
206: // Validate the email-address	209: // Validate the email-address
264: }	267: }
265:	268:
266: $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Profile'];	269: $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_common['Profile'];
267: $required_fields = array('req_new_email' => $lang_profile['New e-mail']);	270: $required_fields = array('req_new_email' => $lang_profile['New e-mail'], 'req_password' => $lang_common['Password']);
268: $focus_element = array('change_email', 'req_new_email');	271: $focus_element = array('change_email', 'req_new_email');
269: require PUN_ROOT.'header.php';	272: require PUN_ROOT.'header.php';
270:	273:
279: <div class="infldset">	282: <div class="infldset">
280: <input type="hidden" name="form_sent" value="1" />	283: <input type="hidden" name="form_sent" value="1" />
281: <label><strong><?php echo $lang_profile['New e-mail'] ?></strong><br /><input type="text" name="req_new_email" size="50" maxlength="50" /><br /></label>	284: <label><strong><?php echo $lang_profile['New e-mail'] ?></strong><br /><input type="text" name="req_new_email" size="50" maxlength="50" /><br /></label>
	285: <label><strong><?php echo $lang_common['Password'] ?></strong><br /><input type="password" name="req_password" size="16" maxlength="16" /><br /></label>
282: <p><?php echo $lang_profile['E-mail instructions'] ?></p>	286: <p><?php echo $lang_profile['E-mail instructions'] ?></p>
283: </div>	287: </div>
284: </fieldset>	288: </fieldset>
362: message($lang_profile['Move failed'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.');	366: message($lang_profile['Move failed'].' <a href="mailto:'.$pun_config['o_admin_email'].'">'.$pun_config['o_admin_email'].'</a>.');
363:	367:
364: // Now check the width/height	368: // Now check the width/height
365: list($width, $height, ,) = getimagesize($pun_config['o_avatars_dir'].'/'.$id.'.tmp');	369: list($width, $height, $type,) = getimagesize($pun_config['o_avatars_dir'].'/'.$id.'.tmp');
366: if (empty($width) \|\| empty($height) \|\| $width > $pun_config['o_avatars_width'] \|\| $height > $pun_config['o_avatars_height'])	370: if (empty($width) \|\| empty($height) \|\| $width > $pun_config['o_avatars_width'] \|\| $height > $pun_config['o_avatars_height'])
367: {	371: {
368: @unlink($pun_config['o_avatars_dir'].'/'.$id.'.tmp');	372: @unlink($pun_config['o_avatars_dir'].'/'.$id.'.tmp');
369: message($lang_profile['Too wide or high'].' '.$pun_config['o_avatars_width'].'x'.$pun_config['o_avatars_height'].' '.$lang_profile['pixels'].'.');	373: message($lang_profile['Too wide or high'].' '.$pun_config['o_avatars_width'].'x'.$pun_config['o_avatars_height'].' '.$lang_profile['pixels'].'.');
370: }	374: }
	375: else if ($type == 1 && $uploaded_file['type'] != 'image/gif') // Prevent dodgy uploads
	376: {
	377: @unlink($pun_config['o_avatars_dir'].'/'.$id.'.tmp');
	378: message($lang_profile['Bad type']);
	379: }
371:	380:
372: // Delete any old avatars and put the new one in place	381: // Delete any old avatars and put the new one in place
373: @unlink($pun_config['o_avatars_dir'].'/'.$id.$extensions[0]);	382: @unlink($pun_config['o_avatars_dir'].'/'.$id.$extensions[0]);
708: $form['email'] = strtolower(trim($_POST['req_email']));	717: $form['email'] = strtolower(trim($_POST['req_email']));
709: if (!is_valid_email($form['email']))	718: if (!is_valid_email($form['email']))
710: message($lang_common['Invalid e-mail']);	719: message($lang_common['Invalid e-mail']);
	720: }
	721:
	722: // Make sure we got a valid language string
	723: if (isset($form['language']))
	724: {
	725: $form['language'] = preg_replace('#[\.\\\/]#', '', $form['language']);
	726: if (!file_exists(PUN_ROOT.'lang/'.$form['language'].'/common.php'))
	727: message($lang_common['Bad request']);
711: }	728: }
712:	729:
713: break;	730: break;

punbb-1.2.7/upload/search.php	punbb-1.2.10/upload/search.php
51: $action = (isset($_GET['action'])) ? $_GET['action'] : null;	51: $action = (isset($_GET['action'])) ? $_GET['action'] : null;
52: $forum = (isset($_GET['forum'])) ? intval($_GET['forum']) : -1;	52: $forum = (isset($_GET['forum'])) ? intval($_GET['forum']) : -1;
53: $sort_dir = (isset($_GET['sort_dir'])) ? (($_GET['sort_dir'] == 'DESC') ? 'DESC' : 'ASC') : 'DESC';	53: $sort_dir = (isset($_GET['sort_dir'])) ? (($_GET['sort_dir'] == 'DESC') ? 'DESC' : 'ASC') : 'DESC';
	54: if (isset($search_id)) unset($search_id);
54:	55:
55: // If a search_id was supplied	56: // If a search_id was supplied
56: if (isset($_REQUEST['search_id']))	57: if (isset($_GET['search_id']))
57: {	58: {
58: $search_id = intval($_GET['search_id']);	59: $search_id = intval($_GET['search_id']);
59: if ($search_id < 1)	60: if ($search_id < 1)
386:	387:
387:	388:
388: // Prune "old" search results	389: // Prune "old" search results
	390: $old_searches = array();
389: $result = $db->query('SELECT ident FROM '.$db->prefix.'online') or error('Unable to fetch online list', __FILE__, __LINE__, $db->error());	391: $result = $db->query('SELECT ident FROM '.$db->prefix.'online') or error('Unable to fetch online list', __FILE__, __LINE__, $db->error());
390:	392:
391: if ($db->num_rows($result))	393: if ($db->num_rows($result))

punbb-1.2.7/upload/viewforum.php	punbb-1.2.10/upload/viewforum.php
242:	242:
243: <div class="linksb">	243: <div class="linksb">
244: <div class="inbox">	244: <div class="inbox">
245: <p class="pagelink conl"><?php echo $lang_common['Pages'].': '.paginate($num_pages, $p, 'viewforum.php?id='.$id) ?></p>	245: <p class="pagelink conl"><?php echo $paging_links ?></p>
246: <?php echo $post_link ?>	246: <?php echo $post_link ?>
247: <ul><li><a href="index.php"><?php echo $lang_common['Index'] ?></a> </li><li>» <?php echo pun_htmlspecialchars($cur_forum['forum_name']) ?></li></ul>	247: <ul><li><a href="index.php"><?php echo $lang_common['Index'] ?></a> </li><li>» <?php echo pun_htmlspecialchars($cur_forum['forum_name']) ?></li></ul>
248: <div class="clearer"></div>	248: <div class="clearer"></div>

hdiff - version: 2.1.0 (modified)