SMF 2.0
SMF 2.0.18 to SMF 2.0.19
SMF 2.0.17 to SMF 2.0.18
SMF 2.0.16 to SMF 2.0.17
SMF 2.0.15 to SMF 2.0.16
SMF 2.0.14 to SMF 2.0.15
SMF 2.0.13 to SMF 2.0.14
SMF 2.0.12 to SMF 2.0.13
SMF 2.0.11 to SMF 2.0.12
SMF 2.0.10 to SMF 2.0.11
SMF 2.0.9 to SMF 2.0.10
SMF 2.0.8 to SMF 2.0.9
SMF 2.0.7 to SMF 2.0.8
SMF 2.0.6 to SMF 2.0.7
SMF 2.0.5 to SMF 2.0.6
SMF 2.0.4 to SMF 2.0.5
SMF 2.0.3 to SMF 2.0.4
SMF 2.0.2 to SMF 2.0.3
SMF 2.0.1 to SMF 2.0.2
SMF 2.0 to SMF 2.0.1
SMF 2.0 RC4 to SMF 2.0 RC4 Security Patch
SMF 2.0 RC1-1 to SMF 2.0 RC1.2
SMF 2.0 RC1 to SMF 2.0 RC1-1
SMF 2.0 Beta 3 to SMF 2.0 Beta 3.1 Public

Update to SMF 2.0.3 - Installation Instructions for 2.0.2

Update to SMF 2.0.3

Readme

This patch file will provide security and bug fixes to your SMF 2.0.2 forum.

File Edits ALT + Click to collapse all the operations

./index.php

Find: Select
* @copyright 2011 Simple Machines
* @license http://www.simplemachines.org/about/smf/license.php BSD
*
* @version 2.0.2
Replace With: Select
* @copyright 2011 Simple Machines
* @license http://www.simplemachines.org/about/smf/license.php BSD
*
* @version 2.0.3
Find: Select
$forum_version = 'SMF 2.0.2';
Replace With: Select
$forum_version = 'SMF 2.0.3';

./SSI.php

Find: Select
* @copyright 2011 Simple Machines
* @license http://www.simplemachines.org/about/smf/license.php BSD
*
* @version 2.0
Replace With: Select
* @copyright 2011 Simple Machines
* @license http://www.simplemachines.org/about/smf/license.php BSD
*
* @version 2.0.3
Find: Select
SELECT id_first_msg
FROM {db_prefix}topics
WHERE id_board = {int:current_board}' . ($modSettings['postmod_active'] ? '
AND approved = {int:is_approved}' : '') . '
ORDER BY id_first_msg DESC
Replace With: Select
SELECT t.id_first_msg
FROM {db_prefix}topics as t
LEFT JOIN {db_prefix}boards as b ON (b.id_board = t.id_board)
WHERE t.id_board = {int:current_board}' . ($modSettings['postmod_active'] ? '
AND t.approved = {int:is_approved}' : '') . '
AND {query_see_board}
ORDER BY t.id_first_msg DESC
Find: Select
function ssi_queryPosts($query_where = '', $query_where_params = array(), $query_limit = '', $query_order = 'm.id_msg DESC', $output_method = 'echo', $limit_body = false)
Replace With: Select
function ssi_queryPosts($query_where = '', $query_where_params = array(), $query_limit = 10, $query_order = 'm.id_msg DESC', $output_method = 'echo', $limit_body = false, $override_permissions = false)
Find: Select
' . (empty($query_where) ? '' : 'WHERE ' . $query_where) . '
ORDER BY ' . $query_order . '
' . ($query_limit == '' ? '' : 'LIMIT ' . $query_limit),
array_merge($query_where_params, array(
'current_member' => $user_info['id'],
Replace With: Select
WHERE 1=1 ' . ($override_permissions ? '' : '
AND {query_wanna_see_board}') . ($modSettings['postmod_active'] ? '
AND m.approved = {int:is_approved}' : '') . '
' . (empty($query_where) ? '' : 'AND ' . $query_where) . '
ORDER BY ' . $query_order . '
' . ($query_limit == '' ? '' : 'LIMIT ' . $query_limit),
array_merge($query_where_params, array(
'current_member' => $user_info['id'],
'is_approved' => 1,

./Sources/Modlog.php

Find: Select
* @copyright 2011 Simple Machines
* @license http://www.simplemachines.org/about/smf/license.php BSD
*
* @version 2.0
Replace With: Select
* @copyright 2011 Simple Machines
* @license http://www.simplemachines.org/about/smf/license.php BSD
*
* @version 2.0.3
Find: Select
<input type="text" name="search" size="18" value="' . $context['search']['string'] . '" class="input_text" /> <input type="submit" name="is_search" value="' . $txt['modlog_go'] . '" class="button_submit" />
Replace With: Select
<input type="text" name="search" size="18" value="' . $smcFunc['htmlspecialchars']($context['search']['string']) . '" class="input_text" /> <input type="submit" name="is_search" value="' . $txt['modlog_go'] . '" class="button_submit" />

./Sources/Security.php

Find: Select
* @copyright 2011 Simple Machines
* @license http://www.simplemachines.org/about/smf/license.php BSD
*
* @version 2.0
Replace With: Select
* @copyright 2011 Simple Machines
* @license http://www.simplemachines.org/about/smf/license.php BSD
*
* @version 2.0.3
Find: Select
if ($good_password || $_POST['admin_hash_pass'] == sha1($user_info['passwd'] . $sc))
{
$_SESSION['admin_time'] = time();
return;
}
Replace With: Select
if ($good_password || $_POST['admin_hash_pass'] == sha1($user_info['passwd'] . $sc))
{
$_SESSION['admin_time'] = time();
unset($_SESSION['request_referer']);
return;
}
Find: Select
if ($good_password || sha1(strtolower($user_info['username']) . $_POST['admin_pass']) == $user_info['passwd'])
{
$_SESSION['admin_time'] = time();
return;
}
Replace With: Select
if ($good_password || sha1(strtolower($user_info['username']) . $_POST['admin_pass']) == $user_info['passwd'])
{
$_SESSION['admin_time'] = time();
unset($_SESSION['request_referer']);
return;
}
Find: Select
$_SESSION['admin_time'] = time();
return;
}

// Need to type in a password for that, man.
Replace With: Select
$_SESSION['admin_time'] = time();
unset($_SESSION['request_referer']);
return;
}

// Better be sure to remember the real referer
if (empty($_SESSION['request_referer']))
$_SESSION['request_referer'] = isset($_SERVER['HTTP_REFERER']) ? @parse_url($_SERVER['HTTP_REFERER']) : array();
elseif (empty($_POST))
unset($_SESSION['request_referer']);
// Need to type in a password for that, man.
Find: Select
$referrer = isset($_SERVER['HTTP_REFERER']) ? @parse_url($_SERVER['HTTP_REFERER']) : array();
Replace With: Select
if (isset($_SESSION['request_referer']))
$referrer = $_SESSION['request_referer'];
else
$referrer = isset($_SERVER['HTTP_REFERER']) ? @parse_url($_SERVER['HTTP_REFERER']) : array();

./Sources/Subscriptions-PayPal.php

Find: Select
* @copyright 2011 Simple Machines
* @license http://www.simplemachines.org/about/smf/license.php BSD
*
* @version 2.0
Replace With: Select
* @copyright 2011 Simple Machines
* @license http://www.simplemachines.org/about/smf/license.php BSD
*
* @version 2.0.3
Find: Select
if (function_exists('curl_init') && $curl = curl_init('http://www.', !empty($modSettings['paidsubs_test']) ? 'sandbox.' : '', 'paypal.com/cgi-bin/webscr'))
{
// Set the post data.
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDSIZE, 0);
curl_setopt($curl, CURLOPT_POSTFIELDS, $requestString);
Replace With: Select
if (function_exists('curl_init') && $curl = curl_init((!empty($modSettings['paidsubs_test']) ? 'https://www.sandbox.' : 'http://www.') . 'paypal.com/cgi-bin/webscr'))
{
// Set the post data.
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDSIZE, 0);
curl_setopt($curl, CURLOPT_POSTFIELDS, $requestString);

curl_setopt($curl, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($curl, CURLOPT_FORBID_REUSE, 1);
curl_setopt($curl, CURLOPT_HTTPHEADER, array(
'Host: www.' . (!empty($modSettings['paidsubs_test']) ? 'sandbox.' : '') . 'paypal.com',
'Connection: close'
));
Find: Select
// Setup the headers.
$header = 'POST /cgi-bin/webscr HTTP/1.0' . "\r\n";
$header .= 'Content-Type: application/x-www-form-urlencoded' . "\r\n";
$header .= 'Content-Length: ' . strlen ($requestString) . "\r\n\r\n";

// Open the connection.
$fp = fsockopen('www.' . (!empty($modSettings['paidsubs_test']) ? 'sandbox.' : '') . 'paypal.com', 80, $errno, $errstr, 30);
Replace With: Select
// Setup the headers.
$header = 'POST /cgi-bin/webscr HTTP/1.1' . "\r\n";
$header .= 'Content-Type: application/x-www-form-urlencoded' . "\r\n";
$header .= 'Host: www.' . (!empty($modSettings['paidsubs_test']) ? 'sandbox.' : '') . 'paypal.com' . "\r\n";
$header .= 'Content-Length: ' . strlen ($requestString) . "\r\n";
$header .= 'Connection: close' . "\r\n\r\n";

// Open the connection.
if (!empty($modSettings['paidsubs_test']))
$fp = fsockopen('ssl://www.sandbox.paypal.com', 443, $errno, $errstr, 30);
else
$fp = fsockopen('www.paypal.com', 80, $errno, $errstr, 30);
Find: Select
if (strcmp($this->return_data, 'VERIFIED') == 0)
Replace With: Select
if (strcmp(trim($this->return_data), 'VERIFIED') == 0)
Find: Select
if (strcmp($this->return_data, 'VERIFIED') != 0)
Replace With: Select
if (strcmp(trim($this->return_data), 'VERIFIED') != 0)
Find: Select
if (substr($_POST['txn_type'], 0, 14) == 'subscr_payment')
Replace With: Select
if (substr($_POST['txn_type'], 0, 14) == 'subscr_payment' && $_POST['payment_status'] == 'Completed')
Find: Select
return $_POST['tax'] + $_POST['mc_gross'];
Replace With: Select
return (isset($_POST['tax']) ? $_POST['tax'] : 0) + $_POST['mc_gross'];

./Sources/ManagePaid.php

Find: Select
* @copyright 2011 Simple Machines
* @license http://www.simplemachines.org/about/smf/license.php BSD
*
* @version 2.0.2
Replace With: Select
* @copyright 2011 Simple Machines
* @license http://www.simplemachines.org/about/smf/license.php BSD
*
* @version 2.0.3
Find: Select
if (is_file($sourcedir .'/'. $file) && preg_match('~Subscriptions-([A-Za-z\d]+)\.php~', $file, $matches))
Replace With: Select
if (is_file($sourcedir .'/'. $file) && preg_match('~^Subscriptions-([A-Za-z\d]+)\.php$~', $file, $matches))

./Sources/QueryString.php

Find: Select
* @copyright 2011 Simple Machines
* @license http://www.simplemachines.org/about/smf/license.php BSD
*
* @version 2.0
Replace With: Select
* @copyright 2011 Simple Machines
* @license http://www.simplemachines.org/about/smf/license.php BSD
*
* @version 2.0.3
Find: Select
return preg_replace('~[\x00-\x08\x0B\x0C\x0E-\x19' . ($context['utf8'] ? (@version_compare(PHP_VERSION, '4.3.3') != -1 ? '\x{D800}-\x{DFFF}\x{FFFE}\x{FFFF}' : "\xED\xA0\x80-\xED\xBF\xBF\xEF\xBF\xBE\xEF\xBF\xBF") : '') . ']~' . ($context['utf8'] ? 'u' : ''), '', $string);
Replace With: Select
return preg_replace('~[\x00-\x08\x0B\x0C\x0E-\x19' . ($context['utf8'] ? (@version_compare(PHP_VERSION, '4.3.3') != -1 ? '\x{FFFE}\x{FFFF}' : "\xED\xA0\x80-\xED\xBF\xBF\xEF\xBF\xBE\xEF\xBF\xBF") : '') . ']~' . ($context['utf8'] ? 'u' : ''), '', $string);

./Sources/Load.php

Find: Select
* @copyright 2011 Simple Machines
* @license http://www.simplemachines.org/about/smf/license.php BSD
*
* @version 2.0.2
Replace With: Select
* @copyright 2011 Simple Machines
* @license http://www.simplemachines.org/about/smf/license.php BSD
*
* @version 2.0.3
Find: Select
if (isset($_REQUEST[session_name()]) && preg_match('~^[A-Za-z0-9]{16,32}$~', $_REQUEST[session_name()]) == 0 && !isset($_COOKIE[session_name()]))
Replace With: Select
if (isset($_REQUEST[session_name()]) && preg_match('~^[A-Za-z0-9,-]{16,32}$~', $_REQUEST[session_name()]) == 0 && !isset($_COOKIE[session_name()]))
Find: Select
function sessionRead($session_id)
{
global $smcFunc;

if (preg_match('~^[A-Za-z0-9]{16,32}$~', $session_id) == 0)
Replace With: Select
function sessionRead($session_id)
{
global $smcFunc;

if (preg_match('~^[A-Za-z0-9,-]{16,32}$~', $session_id) == 0)
Find: Select
function sessionWrite($session_id, $data)
{
global $smcFunc;

if (preg_match('~^[A-Za-z0-9]{16,32}$~', $session_id) == 0)
Replace With: Select
function sessionWrite($session_id, $data)
{
global $smcFunc;

if (preg_match('~^[A-Za-z0-9,-]{16,32}$~', $session_id) == 0)
Find: Select
function sessionDestroy($session_id)
{
global $smcFunc;

if (preg_match('~^[A-Za-z0-9]{16,32}$~', $session_id) == 0)
Replace With: Select
function sessionDestroy($session_id)
{
global $smcFunc;

if (preg_match('~^[A-Za-z0-9,-]{16,32}$~', $session_id) == 0)
Advertisement: