Advertisement:

Navigation

Readme

This patch file will provide security and bug fixes to your SMF 2.0.4 forum.

File Edits

./index.php

Operation #1
Find: [Select]

* @copyright 2011 Simple Machines
* @license http://www.simplemachines.org/about/smf/license.php BSD
*
* @version 2.0.4
Replace With: [Select]

* @copyright 2011 Simple Machines
* @license http://www.simplemachines.org/about/smf/license.php BSD
*
* @version 2.0.5

Operation #2
Find: [Select]

$forum_version = 'SMF 2.0.4';
Replace With: [Select]

$forum_version = 'SMF 2.0.5';

./Sources/ManageServer.php

Operation #1
Find: [Select]

* @copyright 2011 Simple Machines
* @license http://www.simplemachines.org/about/smf/license.php BSD
*
* @version 2.0.4
Replace With: [Select]

* @copyright 2011 Simple Machines
* @license http://www.simplemachines.org/about/smf/license.php BSD
*
* @version 2.0.5

Operation #2
Find: [Select]

'~\$txt\[\'lang_character_set\'\]\s=\s(\'|")[^\r\n]+~' => '$txt[\'lang_character_set\'] = \'' . addslashes($_POST['character_set']) . '\';',
'~\$txt\[\'lang_locale\'\]\s=\s(\'|")[^\r\n]+~' => '$txt[\'lang_locale\'] = \'' . addslashes($_POST['locale']) . '\';',
'~\$txt\[\'lang_dictionary\'\]\s=\s(\'|")[^\r\n]+~' => '$txt[\'lang_dictionary\'] = \'' . addslashes($_POST['dictionary']) . '\';',
'~\$txt\[\'lang_spelling\'\]\s=\s(\'|")[^\r\n]+~' => '$txt[\'lang_spelling\'] = \'' . addslashes($_POST['spelling']) . '\';',
Replace With: [Select]

'~\$txt\[\'lang_character_set\'\]\s=\s(\'|")[^\r\n]+~' => '$txt[\'lang_character_set\'] = \'' . preg_replace('~[^\w-]~i', '', $_POST['character_set']) . '\';',
'~\$txt\[\'lang_locale\'\]\s=\s(\'|")[^\r\n]+~' => '$txt[\'lang_locale\'] = \'' . preg_replace('~[^\w-]~i', '', $_POST['locale']) . '\';',
'~\$txt\[\'lang_dictionary\'\]\s=\s(\'|")[^\r\n]+~' => '$txt[\'lang_dictionary\'] = \'' . preg_replace('~[^\w-]~i', '', $_POST['dictionary']) . '\';',
'~\$txt\[\'lang_spelling\'\]\s=\s(\'|")[^\r\n]+~' => '$txt[\'lang_spelling\'] = \'' . preg_replace('~[^\w-]~i', '', $_POST['spelling']) . '\';',

./Sources/ManageNews.php

Operation #1
Find: [Select]

* @copyright 2011 Simple Machines
* @license http://www.simplemachines.org/about/smf/license.php BSD
*
* @version 2.0
Replace With: [Select]

* @copyright 2011 Simple Machines
* @license http://www.simplemachines.org/about/smf/license.php BSD
*
* @version 2.0.5

Operation #2
Find: [Select]

if ($curmem != '')
Replace With: [Select]

if ($curmem != '' && preg_match('~^[0-9A-Za-z=_\'+\-/\.]*@[\w\-]+(\.[\w\-]+)*(\.[\w]{2,6})$~', $curmem) !== 0)

./Sources/PersonalMessage.php

Operation #1
Find: [Select]

* @copyright 2011 Simple Machines
* @license http://www.simplemachines.org/about/smf/license.php BSD
*
* @version 2.0
Replace With: [Select]

* @copyright 2011 Simple Machines
* @license http://www.simplemachines.org/about/smf/license.php BSD
*
* @version 2.0.5

Operation #2
Find: [Select]

if (!isset($_REQUEST['sa']) || !isset($subActions[$_REQUEST['sa']]))
MessageFolder();
Replace With: [Select]

if (!isset($_REQUEST['sa']) || !isset($subActions[$_REQUEST['sa']]))
{
$_REQUEST['sa'] = '';
MessageFolder();
}

./Sources/Profile-View.php

Operation #1
Find: [Select]

* @copyright 2011 Simple Machines
* @license http://www.simplemachines.org/about/smf/license.php BSD
*
* @version 2.0
Replace With: [Select]

* @copyright 2011 Simple Machines
* @license http://www.simplemachines.org/about/smf/license.php BSD
*
* @version 2.0.5

Operation #2
Find: [Select]

'url' => 'http://www.db.ripe.net/whois?searchtext=' . $context['ip'],
Replace With: [Select]

'url' => 'https://apps.db.ripe.net/search/query.html?searchtext=' . $context['ip'],