Advertisement:

Navigation

Readme

This patch file will update your forum to SMF 2.0 RC1.2.

File Edits

./index.php

Operation #1
Find: [Select]
* Software Version: SMF 2.0 RC1-1 *
Replace With: [Select]
* Software Version: SMF 2.0 RC1.2 *
Operation #2
Find: [Select]

$forum_version = 'SMF 2.0 RC1-1';
Replace With: [Select]

$forum_version = 'SMF 2.0 RC1.2';

./Sources/ManageRegistration.php

Operation #1
Find: [Select]
* Software Version: SMF 2.0 RC1 *
Replace With: [Select]
* Software Version: SMF 2.0 RC1.2 *
Operation #2
Find: [Select]
'send_welcome_email' => isset($_POST['emailPassword']),
Replace With: [Select]
'send_welcome_email' => isset($_POST['emailPassword']) || empty($_POST['password']),

./Sources/Packages.php

Operation #1
Find: [Select]
* Software Version: SMF 2.0 RC1 *
Replace With: [Select]
* Software Version: SMF 2.0 RC1.2 *
Operation #2
Find: [Select]
'type' => $txt['execute_modification'],
'action' => strtr($action['filename'], array($boarddir => '.')),
Replace With: [Select]
'type' => $txt['execute_modification'],
'action' => $smcFunc['htmlspecialchars'](strtr($action['filename'], array($boarddir => '.'))),

Operation #3
Find: [Select]
$context['theme_actions'][$mod_action['is_custom']]['actions'][$actual_filename] = array(
'type' => $txt['execute_modification'],
'action' => strtr($mod_action['filename'], array($boarddir => '.')),
Replace With: [Select]
$context['theme_actions'][$mod_action['is_custom']]['actions'][$actual_filename] = array(
'type' => $txt['execute_modification'],
'action' => $smcFunc['htmlspecialchars'](strtr($mod_action['filename'], array($boarddir => '.'))),

Operation #4
Find: [Select]
$context['actions'][$actual_filename] = array(
'type' => $txt['execute_modification'],
'action' => strtr($mod_action['filename'], array($boarddir => '.')),
Replace With: [Select]
$context['actions'][$actual_filename] = array(
'type' => $txt['execute_modification'],
'action' => $smcFunc['htmlspecialchars'](strtr($mod_action['filename'], array($boarddir => '.'))),

Operation #5
Find: [Select]
'action' => strtr($mod_action['filename'], array($boarddir => '.')),
'description' => $txt['package_action_skipping']
Replace With: [Select]
'action' => $smcFunc['htmlspecialchars'](strtr($mod_action['filename'], array($boarddir => '.'))),
'description' => $txt['package_action_skipping']

Operation #6
Find: [Select]
'action' => strtr($mod_action['filename'], array($boarddir => '.')),
'description' => $txt['package_action_missing']
Replace With: [Select]
'action' => $smcFunc['htmlspecialchars'](strtr($mod_action['filename'], array($boarddir => '.'))),
'description' => $txt['package_action_missing']

Operation #7
Find: [Select]
'action' => strtr($mod_action['filename'], array($boarddir => '.')),
'description' => $txt['package_action_error']
Replace With: [Select]
'action' => $smcFunc['htmlspecialchars'](strtr($mod_action['filename'], array($boarddir => '.'))),
'description' => $txt['package_action_error']

Operation #8
Find: [Select]
$context['actions'][$actual_filename]['operations'][] = array(
'type' => $txt['execute_modification'],
'action' => strtr($mod_action['filename'], array($boarddir => '.')),
Replace With: [Select]
$context['actions'][$actual_filename]['operations'][] = array(
'type' => $txt['execute_modification'],
'action' => $smcFunc['htmlspecialchars'](strtr($mod_action['filename'], array($boarddir => '.'))),

Operation #9
Find: [Select]
$context['theme_actions'][$mod_action['is_custom']]['actions'][$actual_filename]['operations'][] = array(
'type' => $txt['execute_modification'],
'action' => strtr($mod_action['filename'], array($boarddir => '.')),
Replace With: [Select]
$context['theme_actions'][$mod_action['is_custom']]['actions'][$actual_filename]['operations'][] = array(
'type' => $txt['execute_modification'],
'action' => $smcFunc['htmlspecialchars'](strtr($mod_action['filename'], array($boarddir => '.'))),

Operation #10
Find: [Select]
'type' => $txt['execute_code'],
'action' => $action['filename']
Replace With: [Select]
'type' => $txt['execute_code'],
'action' => $smcFunc['htmlspecialchars']($action['filename'])

Operation #11
Find: [Select]
'type' => $txt['execute_database_changes'],
'action' => $action['filename']
Replace With: [Select]
'type' => $txt['execute_database_changes'],
'action' => $smcFunc['htmlspecialchars']($action['filename'])

Operation #12
Find: [Select]
'type' => $txt['package_create'] . ' ' . ($action['type'] == 'create-dir' ? $txt['package_tree'] : $txt['package_file']),
'action' => strtr($action['destination'], array($boarddir => '.'))
Replace With: [Select]
'type' => $txt['package_create'] . ' ' . ($action['type'] == 'create-dir' ? $txt['package_tree'] : $txt['package_file']),
'action' => $smcFunc['htmlspecialchars'](strtr($action['destination'], array($boarddir => '.')))

Operation #13
Find: [Select]
'type' => $txt['package_extract'] . ' ' . ($action['type'] == 'require-dir' ? $txt['package_tree'] : $txt['package_file']),
'action' => strtr($action['destination'], array($boarddir => '.'))
Replace With: [Select]
'type' => $txt['package_extract'] . ' ' . ($action['type'] == 'require-dir' ? $txt['package_tree'] : $txt['package_file']),
'action' => $smcFunc['htmlspecialchars'](strtr($action['destination'], array($boarddir => '.')))

Operation #14
Find: [Select]
'type' => $txt['package_move'] . ' ' . ($action['type'] == 'move-dir' ? $txt['package_tree'] : $txt['package_file']),
'action' => strtr($action['source'], array($boarddir => '.')) . ' => ' . strtr($action['destination'], array($boarddir => '.'))
Replace With: [Select]
'type' => $txt['package_move'] . ' ' . ($action['type'] == 'move-dir' ? $txt['package_tree'] : $txt['package_file']),
'action' => $smcFunc['htmlspecialchars'](strtr($action['source'], array($boarddir => '.'))) . ' => ' . $smcFunc['htmlspecialchars'](strtr($action['destination'], array($boarddir => '.')))

Operation #15
Find: [Select]
'type' => $txt['package_delete'] . ' ' . ($action['type'] == 'remove-dir' ? $txt['package_tree'] : $txt['package_file']),
'action' => strtr($action['filename'], array($boarddir => '.'))
Replace With: [Select]
'type' => $txt['package_delete'] . ' ' . ($action['type'] == 'remove-dir' ? $txt['package_tree'] : $txt['package_file']),
'action' => $smcFunc['htmlspecialchars'](strtr($action['filename'], array($boarddir => '.')))

./Sources/Post.php

Operation #1
Find: [Select]
* Software Version: SMF 2.0 RC1-1 *
Replace With: [Select]
* Software Version: SMF 2.0 RC1.2 *
Operation #2
Find: [Select]
// Check if it's locked. It isn't locked if no topic is specified.
if (!empty($topic))
Replace With: [Select]
// No message is complete without a topic.
if (empty($topic) && !empty($_REQUEST['msg']))
{
$request = $smcFunc['db_query']('', '
SELECT id_topic
FROM {db_prefix}messages
WHERE id_msg = {int:msg}',
array(
'msg' => (int) $_REQUEST['msg'],
));
if ($smcFunc['db_num_rows']($request) != 1)
unset($_REQUEST['msg'], $_POST['msg'], $_GET['msg']);
else
list($topic) = $smcFunc['db_fetch_row']($request);
$smcFunc['db_free_result']($request);
}

// Check if it's locked. It isn't locked if no topic is specified.
if (!empty($topic))

Operation #3
Find: [Select]
// Previewing an edit?
if (isset($_REQUEST['msg']))
{
Replace With: [Select]
// Previewing an edit?
if (isset($_REQUEST['msg']) && !empty($topic))
{
// Get the existing message.
$request = $smcFunc['db_query']('', '
SELECT
m.id_member, m.modified_time, m.smileys_enabled, m.body,
m.poster_name, m.poster_email, m.subject, m.icon, m.approved,
IFNULL(a.size, -1) AS filesize, a.filename, a.id_attach,
a.approved AS attachment_approved, t.id_member_started AS id_member_poster,
m.poster_time
FROM {db_prefix}messages AS m
INNER JOIN {db_prefix}topics AS t ON (t.id_topic = {int:current_topic})
LEFT JOIN {db_prefix}attachments AS a ON (a.id_msg = m.id_msg AND a.attachment_type = {int:attachment_type})
WHERE m.id_msg = {int:id_msg}
AND m.id_topic = {int:current_topic}',
array(
'current_topic' => $topic,
'attachment_type' => 0,
'id_msg' => $_REQUEST['msg'],
)
);
// The message they were trying to edit was most likely deleted.
// !!! Change this error message?
if ($smcFunc['db_num_rows']($request) == 0)
fatal_lang_error('no_board', false);
$row = $smcFunc['db_fetch_assoc']($request);

$attachment_stuff = array($row);
while ($row2 = $smcFunc['db_fetch_assoc']($request))
$attachment_stuff[] = $row2;
$smcFunc['db_free_result']($request);

if ($row['id_member'] == $user_info['id'] && !allowedTo('modify_any'))
{
// Give an extra five minutes over the disable time threshold, so they can type - assuming the post is public.
if ($row['approved'] && !empty($modSettings['edit_disable_time']) && $row['poster_time'] + ($modSettings['edit_disable_time'] + 5) * 60 < time())
fatal_lang_error('modify_post_time_passed', false);
elseif ($row['id_member_poster'] == $user_info['id'] && !allowedTo('modify_own'))
isAllowedTo('modify_replies');
else
isAllowedTo('modify_own');
}
elseif ($row['id_member_poster'] == $user_info['id'] && !allowedTo('modify_any'))
isAllowedTo('modify_replies');
else
isAllowedTo('modify_any');

Operation #4
Find: [Select]
// Editing a message...
elseif (isset($_REQUEST['msg']))
Replace With: [Select]
// Editing a message...
elseif (isset($_REQUEST['msg']) && !empty($topic))

Operation #5
Find: [Select]
// Posting a new topic.
elseif (empty($topic))
{
Replace With: [Select]
// Posting a new topic.
elseif (empty($topic))
{
// Now don't be silly, new topics will get their own id_msg soon enough.
unset($_REQUEST['msg'], $_POST['msg'], $_GET['msg']);

./Sources/Subs-Auth.php

Operation #1
Find: [Select]
* Software Version: SMF 2.0 RC1 *
Replace With: [Select]
* Software Version: SMF 2.0 RC1.2 *
Operation #2
Find: [Select]
// Version 4.3.2 didn't store the cookie of the new session.
if (version_compare(PHP_VERSION, '4.3.2') === 0)
setcookie(session_name(), session_id(), time() + $cookie_length, $cookie_url[1], '', !empty($modSettings['secureCookies']));
Replace With: [Select]
// Version 4.3.2 didn't store the cookie of the new session.
if (version_compare(PHP_VERSION, '4.3.2') === 0 || (isset($_COOKIE[session_name()]) && $_COOKIE[session_name()] != session_id()))
setcookie(session_name(), session_id(), time() + $cookie_length, $cookie_url[1], '', !empty($modSettings['secureCookies']));

./Themes/default/Register.template.php

Operation #1
Find: [Select]
// Version: 2.0 RC1; Register
Replace With: [Select]
// Version: 2.0 RC1.2; Register
Operation #2
Find: [Select]
if (document.forms.postForm.emailActivate.checked)
Replace With: [Select]
if (document.forms.postForm.emailActivate.checked || document.forms.postForm.password.value == \'\')
Operation #3
Find: [Select]
<input type="password" name="password" id="password_input" tabindex="', $context['tabindex']++, '" size="30" /><br />
Replace With: [Select]
<input type="password" name="password" id="password_input" tabindex="', $context['tabindex']++, '" size="30" onchange="onCheckChange();" /><br />
Operation #4
Find: [Select]
<input type="checkbox" name="emailPassword" id="emailPassword_check" tabindex="', $context['tabindex']++, '" checked="checked"', !empty($modSettings['registration_method']) && $modSettings['registration_method'] == 1 ? ' disabled="disabled"' : '', ' class="check" /><br />
Replace With: [Select]
<input type="checkbox" name="emailPassword" id="emailPassword_check" tabindex="', $context['tabindex']++, '" checked="checked" disabled="disabled" class="check" /><br />

./Sources/Subs.php

Operation #1
Find: [Select]

$path = $modSettings['attachmentUploadDir'][$modSettings['attachmentUploadDir']];
Replace With: [Select]

$path = $modSettings['attachmentUploadDir'][$dir];
This operation isn't vital to the installation of this mod.

./Sources/Subs-Graphics.php

Operation #1
Find: [Select]

$avatar_hash = empty($modSettings['custom_avatar_enabled']) ? getAttachmentFilename($destName, false, null, true) : null;
Replace With: [Select]

$avatar_hash = empty($modSettings['custom_avatar_enabled']) ? getAttachmentFilename($destName, false, null, true) : '';
This operation isn't vital to the installation of this mod.

Operation #2
Find: [Select]

while (!feof($fp2))
fwrite($fp, fread($fp2, 8192));
fclose($fp2);

// Though not an exhaustive list, better safe than sorry.
if (preg_match('~(iframe|\\<\\?php|\\<\\?|\\<%|html|eval|body|script)~', $destName) === 1)
{
unlink($destName);
return false;
}
Replace With: [Select]

$prev_chunk = '';
while (!feof($fp2))
{
$cur_chunk = fread($fp2, 8192);

// Make sure nothing odd came through.
if (preg_match('~(iframe|\\<\\?php|\\<\\?[\s=]|\\<%[\s=]|html|eval|body|script\W)~', $prev_chunk . $cur_chunk) === 1)
{
fclose($fp2);
fclose($fp);
unlink($destName);
return false;
}

fwrite($fp, $cur_chunk);
$prev_chunk = $cur_chunk;
}
fclose($fp2);
This operation isn't vital to the installation of this mod.

Operation #3
Find: [Select]

// Walk the right path. if (!empty($modSettings['currentAttachmentUploadDir']))
Replace With: [Select]

// Walk the right path.
if (!empty($modSettings['currentAttachmentUploadDir']))
This operation isn't vital to the installation of this mod.

Operation #4
Find: [Select]

if (rename($destName . '.tmp', $avatar_hash === null ? $destName : $path . '/' . $attachID . '_' . $avatar_hash))
{
Replace With: [Select]

if (rename($destName . '.tmp', empty($avatar_hash) ? $destName : $path . '/' . $attachID . '_' . $avatar_hash))
{
$destName = empty($avatar_hash) ? $destName : $path . '/' . $attachID . '_' . $avatar_hash;
This operation isn't vital to the installation of this mod.

Operation #5
Find: [Select]

'filesize' => filesize($avatar_hash === null ? $destName : $path . '/' . $attachID . '_' . $avatar_hash),
Replace With: [Select]

'filesize' => filesize($destName),
This operation isn't vital to the installation of this mod.

./Sources/Profile-Modify.php

Operation #1
Find: [Select]

$destinationPath = $uploadDir . '/' . ($file_hash === null ? $destName : $cur_profile['id_attach'] . '_' . $file_hash);
if (!rename($_FILES['attachment']['tmp_name'], $destinationPath))
{
removeAttachments(array('id_member' => $memID));
fatal_lang_error('attach_timeout', 'critical');
}

// Attempt to chmod it.
@chmod($uploadDir . '/avatar_tmp_' . $memID, 0644);
Replace With: [Select]

// Attempt to chmod it.
@chmod($uploadDir . '/avatar_tmp_' . $memID, 0644);
This operation isn't vital to the installation of this mod.

Operation #2
Find: [Select]

if (preg_match('~(iframe|\\<\\?php|\\<\\?|\\<%|html|eval|body|script)~', fgets($fp, 4096)) === 1)
Replace With: [Select]

if (preg_match('~(iframe|\\<\\?php|\\<\\?[\s=]|\\<%[\s=]|html|eval|body|script\W)~', fgets($fp, 4096)) === 1)
This operation isn't vital to the installation of this mod.

Operation #3
Find: [Select]

fatal_lang_error('smf124');
Replace With: [Select]

fatal_lang_error('attach_timeout');
This operation isn't vital to the installation of this mod.

Operation #4
Find: [Select]

$mime_type = 'image/' . ($extension == 'jpg' ? 'jpeg' : $extension);
Replace With: [Select]

$mime_type = 'image/' . ($extension === 'jpg' ? 'jpeg' : ($extension === 'bmp' ? 'x-ms-bmp' : $extension));
This operation isn't vital to the installation of this mod.

Operation #5
Find: [Select]

$file_hash = empty($modSettings['custom_avatar_enabled']) ? getAttachmentFilename($destName, false, null, true) : null;
Replace With: [Select]


$file_hash = empty($modSettings['custom_avatar_enabled']) ? getAttachmentFilename($destName, false, null, true) : '';
This operation isn't vital to the installation of this mod.

Operation #6
Find: [Select]

// Remove previous attachments this member might have had.
removeAttachments(array('id_member' => $memID));

if (!rename($_FILES['attachment']['tmp_name'], $uploadDir . '/' . $destName))
fatal_lang_error('attach_timeout', 'critical');
Replace With: [Select]

// Remove previous attachments this member might have had.
removeAttachments(array('id_member' => $memID));
This operation isn't vital to the installation of this mod.

Operation #7
Find: [Select]

$destinationPath = $uploadDir . '/' . ($file_hash === null ? $destName : $cur_profile['id_attach'] . '_' . $file_hash);
Replace With: [Select]

$destinationPath = $uploadDir . '/' . (empty($file_hash) ? $destName : $cur_profile['id_attach'] . '_' . $file_hash);
This operation isn't vital to the installation of this mod.

Operation #8
Find: [Select]

@chmod($uploadDir . '/' . $destName, 0644);
Replace With: [Select]

@chmod($uploadDir . '/' . $destinationPath, 0644);
This operation isn't vital to the installation of this mod.

./Sources/ManageAttachments.php

Operation #1
Find: [Select]

array('text', 'attachmentExtensions', 40),
array('check', 'attachmentEncryptFilenames'),
Replace With: [Select]

array('text', 'attachmentExtensions', 40),
This operation isn't vital to the installation of this mod.

Operation #2
Find: [Select]

SELECT a.id_attach, a.id_folder, a.filename, a.file_hash, a.file_hash, a.attachment_type
Replace With: [Select]

SELECT a.id_attach, a.id_folder, a.filename, a.file_hash, a.attachment_type
This operation isn't vital to the installation of this mod.

./Sources/Display.php

Operation #1
Find: [Select]

// Does this have a mime type?
if ($mime_type && (isset($_REQUEST['image']) || !in_array($file_ext, array('jpg', 'gif', 'jpeg', 'x-ms-bmp', 'png', 'psd', 'tiff', 'iff'))))
header('Content-Type: ' . $mime_type);
Replace With: [Select]

// IE 6 just doesn't play nice. As dirty as this seems, it works.
if ($context['browser']['is_ie6'] && isset($_REQUEST['image']))
unset($_REQUEST['image']);
// Does this have a mime type?
elseif ($mime_type && (isset($_REQUEST['image']) || !in_array($file_ext, array('jpg', 'gif', 'jpeg', 'x-ms-bmp', 'png', 'psd', 'tiff', 'iff'))))
header('Content-Type: ' . strtr($mime_type, array('image/bmp' => 'image/x-ms-bmp')));
This operation isn't vital to the installation of this mod.

Code

smf_2-0-RC1-1_validator.php