Update to SMF 1.0.19 - Installation Instructions for 1.0.18

Update to SMF 1.0.19
This patch file will update your forum to SMF 1.0.19.

File Edits ALT + Click to collapse all the operations

./index.php

Find: Select
* Software Version: SMF 1.0.18 *
Replace With: Select
* Software Version: SMF 1.0.19 *
Find: Select
$forum_version = 'SMF 1.0.18';
Replace With: Select
$forum_version = 'SMF 1.0.19';

./Sources/BoardIndex.php

Find: Select
* Software Version: SMF 1.0.10 *
Replace With: Select
* Software Version: SMF 1.0.19 *
Find: Select
* Copyright 2006 by: Simple Machines LLC (http://www.simplemachines.org) *
Replace With: Select
* Copyright 2006-2009 by: Simple Machines LLC (http://www.simplemachines.org) *
Find: Select
'can_collapse' => isset($row_board['canCollapse']) && $row_board['canCollapse'] == 1,
'collapse_href' => isset($row_board['canCollapse']) ? $scripturl . '?action=collapse;c=' . $row_board['ID_CAT'] . ';sa=' . ($row_board['isCollapsed'] > 0 ? 'expand' : 'collapse;') . '#' . $row_board['ID_CAT'] : '',
Replace With: Select
'can_collapse' => isset($row_board['canCollapse']) && $row_board['canCollapse'] == 1,
'collapse_href' => isset($row_board['canCollapse']) ? $scripturl . '?action=collapse;c=' . $row_board['ID_CAT'] . ';sa=' . ($row_board['isCollapsed'] > 0 ? 'expand' : 'collapse') . ';sesc=' . $context['session_id'] . '#' . $row_board['ID_CAT'] : '',

./Sources/Display.php

Find: Select
* Software Version: SMF 1.0.17 *
Replace With: Select
* Software Version: SMF 1.0.19 *
Find: Select
function Download()
{
global $txt, $modSettings, $db_prefix, $user_info, $scripturl, $context;
Replace With: Select
function Download()
{
global $txt, $modSettings, $db_prefix, $user_info, $scripturl, $context, $topic;
Find: Select
isAllowedTo('view_attachments');

// Make sure this attachment is on this board.
// NOTE: We must verify that $topic is the attachment's topic, or else the permission check above is broken.
$request = db_query("
SELECT a.filename, a.ID_ATTACH, a.file_hash
FROM {$db_prefix}boards AS b, {$db_prefix}messages AS m, {$db_prefix}attachments AS a
WHERE b.ID_BOARD = m.ID_BOARD
AND $user_info[query_see_board]
AND m.ID_MSG = a.ID_MSG
AND a.ID_ATTACH = $_REQUEST[id]
LIMIT 1", __FILE__, __LINE__);
}
Replace With: Select
// This checks only the current board for $board/$topic's permissions.
isAllowedTo('view_attachments');

// Make sure this attachment is on this board.
// NOTE: We must verify that $topic is the attachment's topic, or else the permission check above is broken.
$request = db_query("
SELECT a.filename, a.ID_ATTACH, a.file_hash
FROM ({$db_prefix}boards AS b, {$db_prefix}messages AS m, {$db_prefix}attachments AS a)
WHERE b.ID_BOARD = m.ID_BOARD
AND $user_info[query_see_board]
AND m.ID_MSG = a.ID_MSG
AND m.ID_TOPIC = $topic
AND a.ID_ATTACH = $_REQUEST[id]
LIMIT 1", __FILE__, __LINE__);
}

./Sources/Load.php

Find: Select
* Software Version: SMF 1.0.17 *
Replace With: Select
* Software Version: SMF 1.0.19 *
Find: Select
$modSettings[$row[0]] = $row[1];
mysql_free_result($request);
Replace With: Select
$modSettings[$row[0]] = $row[1];
mysql_free_result($request);

// Setting the timezone is a requirement for some functions in PHP >= 5.1.
if (isset($modSettings['default_timezone']) && function_exists('date_default_timezone_set'))
date_default_timezone_set($modSettings['default_timezone']);

./Sources/ManageMembers.php

Find: Select
* Software Version: SMF 1.0.18 *
Replace With: Select
* Software Version: SMF 1.0.19 *
Find: Select
// Check input after a member search has been submitted.
if ($context['sub_action'] == 'query' && empty($_REQUEST['params']))
Replace With: Select
// Build a search for a specific group or post group.
if ($context['sub_action'] === 'query')
{
if (isset($_GET['group']))
$_POST['membergroups'] = array(
array((int) $_GET['group']),
array((int) $_GET['group']),
);
elseif (isset($_GET['pgroup']))
$_POST['postgroups'] = array((int) $_GET['pgroup']);
}

if ($context['sub_action'] == 'query' && !empty($_REQUEST['params']) && empty($_POST))
{
$search_params = base64_decode(stripslashes($_REQUEST['params']));
$_POST += addslashes__recursive(@unserialize($search_params));
}

// Check input after a member search has been submitted.
if ($context['sub_action'] == 'query')
Find: Select
elseif ($context['sub_action'] == 'query')
$where = base64_decode($_REQUEST['params']);
Replace With: Select
else
$search_params = null;
Find: Select
// Construct the additional URL part with the query info in it.
$context['params_url'] = $context['sub_action'] == 'query' ? ';sa=query;params=' . base64_encode($where) : '';
Replace With: Select
// Construct the additional URL part with the query info in it.
$context['params_url'] = $context['sub_action'] == 'query' ? ';sa=query;params=' . $search_params : '';

./Sources/ManagePermissions.php

Find: Select
* Software Version: SMF 1.0.10 *
Replace With: Select
* Software Version: SMF 1.0.19 *
Find: Select
* Copyright 2006 by: Simple Machines LLC (http://www.simplemachines.org) *
Replace With: Select
* Copyright 2006-2009 by: Simple Machines LLC (http://www.simplemachines.org) *
Find: Select
'href' => $scripturl . '?action=viewmembers;sa=query;params=' . base64_encode('ID_GROUP = 0'),
'link' => '<a href="' . $scripturl . '?action=viewmembers;sa=query;params=' . base64_encode('ID_GROUP = 0') . '">' . $num_members . '</a>',
Replace With: Select
'href' => $scripturl . '?action=viewmembers;sa=query;group=0',
'link' => '<a href="' . $scripturl . '?action=viewmembers;sa=query;group=0">' . $num_members . '</a>',
Find: Select
'href' => $scripturl . '?action=viewmembers;sa=query;params=' . base64_encode($row['minPosts'] == -1 ? "ID_GROUP = $row[ID_GROUP] OR FIND_IN_SET($row[ID_GROUP], additionalGroups)" : "ID_POST_GROUP = $row[ID_GROUP]"),
'link' => '<a href="' . $scripturl . '?action=viewmembers;sa=query;params=' . base64_encode($row['minPosts'] == -1 ? "ID_GROUP = $row[ID_GROUP] OR FIND_IN_SET($row[ID_GROUP], additionalGroups)" : "ID_POST_GROUP = $row[ID_GROUP]") . '">' . $row['num_members'] . '</a>',
Replace With: Select
'href' => $scripturl . '?action=viewmembers;sa=query' . ($row['minPosts'] == -1 ? ';group = ' . (int) $row['ID_GROUP'] : 'pgroup=' . $row['ID_GROUP']),
'link' => '<a href="' . $scripturl . '?action=viewmembers;sa=query' . ($row['minPosts'] == -1 ? ';group = ' . (int) $row['ID_GROUP'] : 'pgroup=' . $row['ID_GROUP']) . '">' . $row['num_members'] . '</a>',

./Sources/ManageSmileys.php

Find: Select
* Software Version: SMF 1.0.10 *
Replace With: Select
* Software Version: SMF 1.0.19 *
Find: Select
* Copyright 2006 by: Simple Machines LLC (http://www.simplemachines.org) *
Replace With: Select
* Copyright 2006-2009 by: Simple Machines LLC (http://www.simplemachines.org) *
Find: Select
'path' => $set,
'name' => $set_names[$i],
'selected' => $set == $modSettings['smiley_sets_default']
);
}
Replace With: Select
'path' => htmlspecialchars($set),
'name' => htmlspecialchars($set_names[$i]),
'selected' => $set == $modSettings['smiley_sets_default']
);
}
Find: Select
'path' => $set,
'name' => $set_names[$i],
'selected' => $set == $modSettings['smiley_sets_default']
);

// Importing any smileys from an existing set?
Replace With: Select
'path' => htmlspecialchars($set),
'name' => htmlspecialchars($set_names[$i]),
'selected' => $set == $modSettings['smiley_sets_default']
);

// Importing any smileys from an existing set?
Find: Select
if (isset($context['smiley_sets'][$_GET['id']]))
ImportSmileys($context['smiley_sets'][$_GET['id']]['path']);
Replace With: Select
if (isset($context['smiley_sets'][$_GET['id']]))
ImportSmileys(un_htmlspecialchars($context['smiley_sets'][$_GET['id']]['path']));
Find: Select
'path' => $set,
'name' => $set_names[$i],
'selected' => $set == $modSettings['smiley_sets_default']
);

// Submitting a form?
Replace With: Select
'path' => htmlspecialchars($set),
'name' => htmlspecialchars($set_names[$i]),
'selected' => $set == $modSettings['smiley_sets_default']
);

// Submitting a form?
Find: Select
foreach ($context['smiley_sets'] as $set)
{
if (!is_writable($context['smileys_dir'] . '/' . $set['path']))
Replace With: Select
foreach ($context['smiley_sets'] as $set)
{
if (!is_writable($context['smileys_dir'] . '/' . un_htmlspecialchars($set['path'])))
Find: Select
// Keep going until we find a set the file doesn't exist in. (or maybe it exists in all of them?)
while (isset($context['smiley_sets'][$i]) && file_exists($context['smileys_dir'] . '/' . $context['smiley_sets'][$i]['path'] . '/' . $destName))
Replace With: Select
// Keep going until we find a set the file doesn't exist in. (or maybe it exists in all of them?)
while (isset($context['smiley_sets'][$i]) && file_exists($context['smileys_dir'] . '/' . un_htmlspecialchars($context['smiley_sets'][$i]['path']) . '/' . $destName))
Find: Select
if (isset($context['smiley_sets'][$i]['path']))
{
$smileyLocation = $context['smileys_dir'] . '/' . $context['smiley_sets'][$i]['path'] . '/' . $destName;
Replace With: Select
if (isset($context['smiley_sets'][$i]['path']))
{
$smileyLocation = $context['smileys_dir'] . '/' . un_htmlspecialchars($context['smiley_sets'][$i]['path']) . '/' . $destName;
Find: Select
for ($n = count($context['smiley_sets']); $i < $n; $i++)
{
$currentPath = $context['smileys_dir'] . '/' . $context['smiley_sets'][$i]['path'] . '/' . $destName;
Replace With: Select
for ($n = count($context['smiley_sets']); $i < $n; $i++)
{
$currentPath = $context['smileys_dir'] . '/' . un_htmlspecialchars($context['smiley_sets'][$i]['path']) . '/' . $destName;
Find: Select
if (!isset($_FILES['individual_' . $set['name']]['name']) || $_FILES['individual_' . $set['name']]['name'] == '')
continue;
Replace With: Select
$set['name'] = un_htmlspecialchars($set['name']);
$set['path'] = un_htmlspecialchars($set['path']);

if (!isset($_FILES['individual_' . $set['name']]['name']) || $_FILES['individual_' . $set['name']]['name'] == '')
continue;
Find: Select
foreach ($context['smiley_sets'] as $smiley_set)
{
if (!file_exists($context['smileys_dir'] . '/' . $smiley_set['path']))
Replace With: Select
foreach ($context['smiley_sets'] as $smiley_set)
{
if (!file_exists($context['smileys_dir'] . '/' . un_htmlspecialchars($smiley_set['path'])))
Find: Select
$dir = dir($context['smileys_dir'] . '/' . $smiley_set['path']);
while ($entry = $dir->read())
{
if (!in_array($entry, $context['filenames']) && in_array(strrchr($entry, '.'), array('.jpg', '.gif', '.jpeg', '.png')))
$context['filenames'][strtolower($entry)] = array(
'id' => htmlspecialchars($entry),
'selected' => false,
);
}
$dir->close();
}
ksort($context['filenames']);
}

// Create a new smiley from scratch.
Replace With: Select
$dir = dir($context['smileys_dir'] . '/' . un_htmlspecialchars($smiley_set['path']));
while ($entry = $dir->read())
{
if (!in_array($entry, $context['filenames']) && in_array(strrchr($entry, '.'), array('.jpg', '.gif', '.jpeg', '.png')))
$context['filenames'][strtolower($entry)] = array(
'id' => htmlspecialchars($entry),
'selected' => false,
);
}
$dir->close();
}
ksort($context['filenames']);
}

// Create a new smiley from scratch.
Find: Select
'path' => $set,
'name' => $set_names[$i],
'selected' => $set == $modSettings['smiley_sets_default']
);

// Prepare overview of all (custom) smileys.
Replace With: Select
'path' => htmlspecialchars($set),
'name' => htmlspecialchars($set_names[$i]),
'selected' => $set == $modSettings['smiley_sets_default']
);

// Prepare overview of all (custom) smileys.
Find: Select
foreach ($context['smileys'] as $smiley_id => $smiley)
if (!file_exists($modSettings['smileys_dir'] . '/' . $smiley_set['path'] . '/' . $smiley['filename']))
Replace With: Select
foreach ($context['smileys'] as $smiley_id => $smiley)
if (!file_exists($modSettings['smileys_dir'] . '/' . un_htmlspecialchars($smiley_set['path']) . '/' . $smiley['filename']))
Find: Select
'path' => $set,
'name' => $set_names[$i],
'selected' => $set == $modSettings['smiley_sets_default']
);

$context['selected_set'] = $modSettings['smiley_sets_default'];
Replace With: Select
'path' => htmlspecialchars($set),
'name' => htmlspecialchars($set_names[$i]),
'selected' => $set == $modSettings['smiley_sets_default']
);

$context['selected_set'] = $modSettings['smiley_sets_default'];
Find: Select
foreach ($context['smiley_sets'] as $smiley_set)
{
if (!file_exists($context['smileys_dir'] . '/' . $smiley_set['path']))
Replace With: Select
foreach ($context['smiley_sets'] as $smiley_set)
{
if (!file_exists($context['smileys_dir'] . '/' . un_htmlspecialchars($smiley_set['path'])))
Find: Select
$dir = dir($context['smileys_dir'] . '/' . $smiley_set['path']);
while ($entry = $dir->read())
{
if (!in_array($entry, $context['filenames']) && in_array(strrchr($entry, '.'), array('.jpg', '.gif', '.jpeg', '.png')))
$context['filenames'][strtolower($entry)] = array(
'id' => htmlspecialchars($entry),
'selected' => false,
);
}
$dir->close();
}
ksort($context['filenames']);
}

$request = db_query("
Replace With: Select
$dir = dir($context['smileys_dir'] . '/' . un_htmlspecialchars($smiley_set['path']));
while ($entry = $dir->read())
{
if (!in_array($entry, $context['filenames']) && in_array(strrchr($entry, '.'), array('.jpg', '.gif', '.jpeg', '.png')))
$context['filenames'][strtolower($entry)] = array(
'id' => htmlspecialchars($entry),
'selected' => false,
);
}
$dir->close();
}
ksort($context['filenames']);
}

$request = db_query("

./Sources/PackageGet.php

Find: Select
* Software Version: SMF 1.0.17 *
Replace With: Select
* Software Version: SMF 1.0.19 *
Find: Select
$fp = fopen($boarddir . '/Packages/server.list', 'a');
fputs($fp, $_POST['servername'] . '|^|' . $_POST['serverurl'] . "\n");
Replace With: Select
$fp = fopen($boarddir . '/Packages/server.list', 'a');
fputs($fp, htmlspecialchars($_POST['servername']) . '|^|' . htmlspecialchars($_POST['serverurl']) . "\n");
Find: Select
// Get the current server list.
if (!file_exists($boarddir . '/Packages/server.list'))
Replace With: Select
checkSession('get');

// Get the current server list.
if (!file_exists($boarddir . '/Packages/server.list'))

./Sources/Packages.php

Find: Select
* Software Version: SMF 1.0.18 *
Replace With: Select
* Software Version: SMF 1.0.19 *
Find: Select
// Can't delete what's not there.
if (file_exists($boarddir . '/Packages/' . $_GET['package']))
Replace With: Select
// Can't delete what's not there.
if (file_exists($boarddir . '/Packages/' . $_GET['package']) && (substr($_GET['package'], -4) == '.zip' || substr($_GET['package'], -4) == '.tgz' || substr($_GET['package'], -7) == '.tar.gz') && substr($_GET['package'], 0, 1) != '.')
Find: Select
updateSettings(array(
'package_server' => $_POST['pack_server'],
'package_port' => $_POST['pack_port'],
Replace With: Select
checkSession('post');

updateSettings(array(
'package_server' => $_POST['pack_server'],
'package_port' => $_POST['pack_port'],

./Sources/Poll.php

Find: Select
* Software Version: SMF 1.0.10 *
Replace With: Select
* Software Version: SMF 1.0.19 *
Find: Select
* Copyright 2006 by: Simple Machines LLC (http://www.simplemachines.org) *
Replace With: Select
* Copyright 2006-2009 by: Simple Machines LLC (http://www.simplemachines.org) *
Find: Select
$pollOptions = array();

// Find out what they voted for before.
Replace With: Select
checkSession('request')
$pollOptions = array();

// Find out what they voted for before.
Find: Select
// Check permissions.
Replace With: Select
checkSession('get');

// Check permissions.

./Sources/Post.php

Find: Select
* Software Version: SMF 1.0.17 *
Replace With: Select
* Software Version: SMF 1.0.19 *
Find: Select
$context['current_attachments'][] = array(
'name' => $row['filename'],
Replace With: Select
$context['current_attachments'][] = array(
'name' => htmlspecialchars($row['filename']),
Find: Select
$context['current_attachments'][] = array(
'name' => $attachment['filename'],
Replace With: Select
$context['current_attachments'][] = array(
'name' => htmlspecialchars($attachment['filename']),
Find: Select
// Editing a message...
elseif (isset($_REQUEST['msg']))
{
checkSession('get');
Replace With: Select
// Editing a message...
elseif (isset($_REQUEST['msg']))
{
Find: Select
// Posting a quoted reply?
if (!empty($topic) && !empty($_REQUEST['quote']))
{
checkSession('get');
Replace With: Select
// Posting a quoted reply?
if (!empty($topic) && !empty($_REQUEST['quote']))
{

./Sources/Profile.php

Find: Select
* Software Version: SMF 1.0.17 *
Replace With: Select
* Software Version: SMF 1.0.19 *
Find: Select
$_POST['websiteUrl'] = 'http://' . $_POST['websiteUrl'];
if (strlen($_POST['websiteUrl']) < 8)
Replace With: Select
$_POST['websiteUrl'] = 'http://' . $_POST['websiteUrl'];
if (strlen($_POST['websiteUrl']) < 8 || (substr($_POST['websiteUrl'], 0, 7) !== 'http://' && substr($_POST['websiteUrl'], 0, 8) !== 'https://'))
Find: Select
'id' => $set,
'name' => $set_names[$i],
Replace With: Select
'id' => htmlspecialchars($set),
'name' => htmlspecialchars($set_names[$i]),
Find: Select
if ($context['smiley_sets'][$i]['selected'])
$context['member']['smiley_set']['name'] = $set_names[$i];
Replace With: Select
if ($context['smiley_sets'][$i]['selected'])
$context['member']['smiley_set']['name'] = htmlspecialchars($set_names[$i]);

./Sources/SplitTopics.php

Find: Select
* Software Version: SMF 1.0.10 *
Replace With: Select
* Software Version: SMF 1.0.19 *
Find: Select
* Copyright 2006 by: Simple Machines LLC (http://www.simplemachines.org) *
Replace With: Select
* Copyright 2006-2009 by: Simple Machines LLC (http://www.simplemachines.org) *
Find: Select
// Handle URLs from MergeTopics1.
if (!empty($_GET['from']) && !empty($_GET['to']))
Replace With: Select
checkSession('request');

// Handle URLs from MergeTopics1.
if (!empty($_GET['from']) && !empty($_GET['to']))

./Sources/Subs.php

Find: Select
* Software Version: SMF 1.0.17 *
Replace With: Select
* Software Version: SMF 1.0.19 *
Find: Select
if (setlocale(LC_TIME, @$txt['lang_locale']))
{
$str = ereg_replace('%a', ucwords(strftime('%a', $time)), $str);
$str = ereg_replace('%A', ucwords(strftime('%A', $time)), $str);
$str = ereg_replace('%b', ucwords(strftime('%b', $time)), $str);
$str = ereg_replace('%B', ucwords(strftime('%B', $time)), $str);
}
else
{
// Do-it-yourself time localization. Fun.
$str = ereg_replace('%a', @$days_short[(int) strftime('%w', $time)], $str);
$str = ereg_replace('%A', @$days[(int) strftime('%w', $time)], $str);
$str = ereg_replace('%b', @$months_short[(int) strftime('%m', $time)], $str);
$str = ereg_replace('%B', @$months[(int) strftime('%m', $time)], $str);
$str = ereg_replace('%p', (strftime('%H', $time) < 12 ? 'am' : 'pm'), $str);
}
Replace With: Select
if (setlocale(LC_TIME, $txt['lang_locale']))
{
foreach (array('%a', '%A', '%b', '%B') as $token)
if (strpos($str, $token) !== false)
$str = str_replace($token, !empty($txt['lang_capitalize_dates']) ? $smcFunc['ucwords'](strftime($token, $time)) : strftime($token, $time), $str);
}
else
{
// Do-it-yourself time localization. Fun.
foreach (array('%a' => 'days_short', '%A' => 'days', '%b' => 'months_short', '%B' => 'months') as $token => $text_label)
if (strpos($str, $token) !== false)
$str = str_replace($token, ${$text_label}[(int) strftime($token === '%a' || $token === '%A' ? '%w' : '%m', $time)], $str);
if (strpos($str, '%p'))
$str = str_replace('%p', (strftime('%H', $time) < 12 ? 'am' : 'pm'), $str);
}
Find: Select
$php_parts[$php_i] = preg_replace(array('~(?<=[\s>\.(;\'"])((?:http|https|ftp|ftps)://[\w\-_@:|]+(?:\.[\w\-_]+)*(?::\d+)?(?:/[\w\-_\~%\.@,\?&;=#+:\']*|\([\w\-_\~%\.@,\?&;=#()+:\']*)*[/\w\-_\~%@\?;=#])~i', '~(?<=[\s>(\'])(www(?:\.[\w\-_]+)+(?::\d+)?(?:/[\w\-_\~%\.@,\?&;=#+:\']*|\([\w\-_\~%\.@,\?&;=#()+:\']*)*[/\w\-_\~%@\?;=#])~i'), array('[url]$1[/url]', '[url=http://$1]$1[/url]'), $php_parts[$php_i]);
Replace With: Select

// Only do this if the preg survives.
if (is_string($result = preg_replace(array(
'~(?<=[\s>\.(;\'"]|^)((?:http|https|ftp|ftps)://[\w\-_%@:|]+(?:\.[\w\-_%]+)*(?::\d+)?(?:/[\w\-_\~%\.@,\?&;=#(){}+:\'\\\\]*)*[/\w\-_\~%@\?;=#}\\\\])~i',
'~(?<=[\s>(\'<]|^)(www(?:\.[\w\-_]+)+(?::\d+)?(?:/[\w\-_\~%\.@,\?&;=#(){}+:\'\\\\]*)*[/\w\-_\~%@\?;=#}\\\\])~i'
), array(
'[url]$1[/url]',
'[url=http://$1]$1[/url]'
), $php_parts[$php_i])))
$php_parts[$php_i] = $result;
Find: Select
$message = preg_replace('~&lt;a\s+href=(?:&quot;)?(?:\[url\])?((?:http://|ftp:/\|https://|ftps://|mailto:).+?)(?:\[/url\])?(?:&quot;)?&gt;(.+?)&lt;/a&gt;~ie', '\'<a href="$1">\' . preg_replace(\'~(\[url.*?\]|\[/url\])~\', \'\', \'$2\') . \'</a>\'', $message);

// Do <img ... /> - with security... action= -> action-.
preg_match_all('~&lt;img\s+src=(?:&quot;)?(?:\[url\])?((?:http://|ftp://|https://|ftps://).+?)(?:\[/url\])?(?:&quot;)?(?:\s+alt=(?:&quot;)?(.*?)(?:&quot;)?)?(?:\s?/)?&gt;~i', $message, $matches, PREG_PATTERN_ORDER);
Replace With: Select
$message = preg_replace('~&lt;a\s+href=(?:&quot;)?(?:\[url\])?((?:http://|ftp:/\|https://|ftps://|mailto:)\S+?)(?:\[/url\])?(?:&quot;)?&gt;(.+?)&lt;/a&gt;~ie', '\'<a href="$1">\' . preg_replace(\'~(\[url.*?\]|\[/url\])~\', \'\', \'$2\') . \'</a>\'', $message);

// Do <img ... /> - with security... action= -> action-.
preg_match_all('~&lt;img\s+src=(?:&quot;)?(?:\[url\])?((?:http://|ftp://|https://|ftps://)\S+?)(?:\[/url\])?(?:&quot;)?(?:\s+alt=&quot.*?&quot;)?(?:\s?/)?&gt;~i', $message, $matches, PREG_PATTERN_ORDER);

./Sources/Subs-Auth.php

Find: Select
* Software Version: SMF 1.0.18 *
Replace With: Select
* Software Version: SMF 1.0.19 *
Find: Select
foreach ($_GET as $k => $v)
$context['get_data'] .= $k . '=' . $v . ';';
Replace With: Select
foreach ($_GET as $k => $v)
$context['get_data'] .= urlencode($k) . '=' . urlencode($v) . ';';
Find: Select
return '
<input type="hidden" name="' . $k . '" value="' . htmlspecialchars(stripslashes($v)) . '" />';
Replace With: Select
return '
<input type="hidden" name="' . htmlspecialchars($k) . '" value="' . htmlspecialchars(stripslashes($v)) . '" />';

./Sources/Subs-Boards.php

Find: Select
* Software Version: SMF 1.0.10 *
Replace With: Select
* Software Version: SMF 1.0.19 *
Find: Select
$_REQUEST['c'] = (int) $_REQUEST['c'];
Replace With: Select
checkSession('request');

$_REQUEST['c'] = (int) $_REQUEST['c'];

./Sources/Themes.php

Find: Select
* Software Version: SMF 1.0.15 *
Replace With: Select
* Software Version: SMF 1.0.19 *
Find: Select
* Copyright 2006 by: Simple Machines LLC (http://www.simplemachines.org) *
Replace With: Select
* Copyright 2006-2009 by: Simple Machines LLC (http://www.simplemachines.org) *
Find: Select
foreach ($sets as $i => $set)
$context['smiley_sets'][$set] = $set_names[$i];
Replace With: Select
foreach ($sets as $i => $set)
$context['smiley_sets'][$set] = htmlspecialchars($set_names[$i]);

./Themes/default/Display.template.php

Find: Select
// Version: 1.0.3; Display
Replace With: Select
// Version: 1.0.19; Display
Find: Select
echo '
<a href="', $scripturl, '?action=post;quote=', $message['id'], ';topic=', $context['current_topic'], '.', $context['start'], ';num_replies=', $context['num_replies'], ';sesc=', $context['session_id'], '" onclick="if (!currentSwap) doQuote(', $message['id'], '); else window.location.href = this.href; return false;">', ($settings['use_image_buttons'] ? '<img src="' . $settings['images_url'] . '/' . $context['user']['language'] . '/quote.gif" alt="' . $txt[145] . '" border="0" />' : $txt[145]), '</a>';
Replace With: Select
echo '
<a href="', $scripturl, '?action=post;quote=', $message['id'], ';topic=', $context['current_topic'], '.', $context['start'], ';num_replies=', $context['num_replies'], '" onclick="if (!currentSwap) doQuote(', $message['id'], '); else window.location.href = this.href; return false;">', ($settings['use_image_buttons'] ? '<img src="' . $settings['images_url'] . '/' . $context['user']['language'] . '/quote.gif" alt="' . $txt[145] . '" border="0" />' : $txt[145]), '</a>';
Find: Select
echo '
<a href="', $scripturl, '?action=post;quote=', $message['id'], ';topic=', $context['current_topic'], '.', $context['start'], ';num_replies=', $context['num_replies'], ';sesc=', $context['session_id'], '">', ($settings['use_image_buttons'] ? '<img src="' . $settings['images_url'] . '/' . $context['user']['language'] . '/quote.gif" alt="' . $txt[145] . '" border="0" />' : $txt[145]), '</a>';
Replace With: Select
echo '
<a href="', $scripturl, '?action=post;quote=', $message['id'], ';topic=', $context['current_topic'], '.', $context['start'], ';num_replies=', $context['num_replies'], '">', ($settings['use_image_buttons'] ? '<img src="' . $settings['images_url'] . '/' . $context['user']['language'] . '/quote.gif" alt="' . $txt[145] . '" border="0" />' : $txt[145]), '</a>';

./Themes/default/Packages.template.php

Find: Select
// Version: 1.0.16; Packages
Replace With: Select
// Version: 1.0.19; Packages
Find: Select
<td>
<a href="' . $scripturl . '?action=pgremove;server=' . $server['id'] . '">[ ' . $txt['smf138'] . ' ]</a>
Replace With: Select
<td>
<a href="' . $scripturl . '?action=pgremove;server=' . $server['id'] . ';sesc=', $context['session_id'], '">[ ' . $txt['smf138'] . ' ]</a>

./Themes/default/SplitTopics.template.php

Find: Select
// Version: 1.0; SplitTopics
Replace With: Select
// Version: 1.0.19; SplitTopics
Find: Select
</td>
</tr>
</table>
Replace With: Select
<input type="hidden" name="sc" value="', $context['session_id'], '" />
</td>
</tr>
</table>
Advertisement: