SMF 2.0
SMF 2.0.18 to SMF 2.0.19
SMF 2.0.17 to SMF 2.0.18
SMF 2.0.16 to SMF 2.0.17
SMF 2.0.15 to SMF 2.0.16
SMF 2.0.14 to SMF 2.0.15
SMF 2.0.13 to SMF 2.0.14
SMF 2.0.12 to SMF 2.0.13
SMF 2.0.11 to SMF 2.0.12
SMF 2.0.10 to SMF 2.0.11
SMF 2.0.9 to SMF 2.0.10
SMF 2.0.8 to SMF 2.0.9
SMF 2.0.7 to SMF 2.0.8
SMF 2.0.6 to SMF 2.0.7
SMF 2.0.5 to SMF 2.0.6
SMF 2.0.4 to SMF 2.0.5
SMF 2.0.3 to SMF 2.0.4
SMF 2.0.2 to SMF 2.0.3
SMF 2.0.1 to SMF 2.0.2
SMF 2.0 to SMF 2.0.1
SMF 2.0 RC4 to SMF 2.0 RC4 Security Patch
SMF 2.0 RC1-1 to SMF 2.0 RC1.2
SMF 2.0 RC1 to SMF 2.0 RC1-1
SMF 2.0 Beta 3 to SMF 2.0 Beta 3.1 Public

Update to SMF 2.0 RC1.2 - Installation Instructions for 2.0 RC1-1

Update to SMF 2.0 RC1.2

Readme

This patch file will update your forum to SMF 2.0 RC1.2.

File Edits ALT + Click to collapse all the operations

./index.php

Find: Select
* Software Version: SMF 2.0 RC1-1 *
Replace With: Select
* Software Version: SMF 2.0 RC1.2 *
Find: Select

$forum_version = 'SMF 2.0 RC1-1';
Replace With: Select

$forum_version = 'SMF 2.0 RC1.2';

./Sources/ManageRegistration.php

Find: Select
* Software Version: SMF 2.0 RC1 *
Replace With: Select
* Software Version: SMF 2.0 RC1.2 *
Find: Select
'send_welcome_email' => isset($_POST['emailPassword']),
Replace With: Select
'send_welcome_email' => isset($_POST['emailPassword']) || empty($_POST['password']),

./Sources/Packages.php

Find: Select
* Software Version: SMF 2.0 RC1 *
Replace With: Select
* Software Version: SMF 2.0 RC1.2 *
Find: Select
'type' => $txt['execute_modification'],
'action' => strtr($action['filename'], array($boarddir => '.')),
Replace With: Select
'type' => $txt['execute_modification'],
'action' => $smcFunc['htmlspecialchars'](strtr($action['filename'], array($boarddir => '.'))),
Find: Select
$context['theme_actions'][$mod_action['is_custom']]['actions'][$actual_filename] = array(
'type' => $txt['execute_modification'],
'action' => strtr($mod_action['filename'], array($boarddir => '.')),
Replace With: Select
$context['theme_actions'][$mod_action['is_custom']]['actions'][$actual_filename] = array(
'type' => $txt['execute_modification'],
'action' => $smcFunc['htmlspecialchars'](strtr($mod_action['filename'], array($boarddir => '.'))),
Find: Select
$context['actions'][$actual_filename] = array(
'type' => $txt['execute_modification'],
'action' => strtr($mod_action['filename'], array($boarddir => '.')),
Replace With: Select
$context['actions'][$actual_filename] = array(
'type' => $txt['execute_modification'],
'action' => $smcFunc['htmlspecialchars'](strtr($mod_action['filename'], array($boarddir => '.'))),
Find: Select
'action' => strtr($mod_action['filename'], array($boarddir => '.')),
'description' => $txt['package_action_skipping']
Replace With: Select
'action' => $smcFunc['htmlspecialchars'](strtr($mod_action['filename'], array($boarddir => '.'))),
'description' => $txt['package_action_skipping']
Find: Select
'action' => strtr($mod_action['filename'], array($boarddir => '.')),
'description' => $txt['package_action_missing']
Replace With: Select
'action' => $smcFunc['htmlspecialchars'](strtr($mod_action['filename'], array($boarddir => '.'))),
'description' => $txt['package_action_missing']
Find: Select
'action' => strtr($mod_action['filename'], array($boarddir => '.')),
'description' => $txt['package_action_error']
Replace With: Select
'action' => $smcFunc['htmlspecialchars'](strtr($mod_action['filename'], array($boarddir => '.'))),
'description' => $txt['package_action_error']
Find: Select
$context['actions'][$actual_filename]['operations'][] = array(
'type' => $txt['execute_modification'],
'action' => strtr($mod_action['filename'], array($boarddir => '.')),
Replace With: Select
$context['actions'][$actual_filename]['operations'][] = array(
'type' => $txt['execute_modification'],
'action' => $smcFunc['htmlspecialchars'](strtr($mod_action['filename'], array($boarddir => '.'))),
Find: Select
$context['theme_actions'][$mod_action['is_custom']]['actions'][$actual_filename]['operations'][] = array(
'type' => $txt['execute_modification'],
'action' => strtr($mod_action['filename'], array($boarddir => '.')),
Replace With: Select
$context['theme_actions'][$mod_action['is_custom']]['actions'][$actual_filename]['operations'][] = array(
'type' => $txt['execute_modification'],
'action' => $smcFunc['htmlspecialchars'](strtr($mod_action['filename'], array($boarddir => '.'))),
Find: Select
'type' => $txt['execute_code'],
'action' => $action['filename']
Replace With: Select
'type' => $txt['execute_code'],
'action' => $smcFunc['htmlspecialchars']($action['filename'])
Find: Select
'type' => $txt['execute_database_changes'],
'action' => $action['filename']
Replace With: Select
'type' => $txt['execute_database_changes'],
'action' => $smcFunc['htmlspecialchars']($action['filename'])
Find: Select
'type' => $txt['package_create'] . ' ' . ($action['type'] == 'create-dir' ? $txt['package_tree'] : $txt['package_file']),
'action' => strtr($action['destination'], array($boarddir => '.'))
Replace With: Select
'type' => $txt['package_create'] . ' ' . ($action['type'] == 'create-dir' ? $txt['package_tree'] : $txt['package_file']),
'action' => $smcFunc['htmlspecialchars'](strtr($action['destination'], array($boarddir => '.')))
Find: Select
'type' => $txt['package_extract'] . ' ' . ($action['type'] == 'require-dir' ? $txt['package_tree'] : $txt['package_file']),
'action' => strtr($action['destination'], array($boarddir => '.'))
Replace With: Select
'type' => $txt['package_extract'] . ' ' . ($action['type'] == 'require-dir' ? $txt['package_tree'] : $txt['package_file']),
'action' => $smcFunc['htmlspecialchars'](strtr($action['destination'], array($boarddir => '.')))
Find: Select
'type' => $txt['package_move'] . ' ' . ($action['type'] == 'move-dir' ? $txt['package_tree'] : $txt['package_file']),
'action' => strtr($action['source'], array($boarddir => '.')) . ' => ' . strtr($action['destination'], array($boarddir => '.'))
Replace With: Select
'type' => $txt['package_move'] . ' ' . ($action['type'] == 'move-dir' ? $txt['package_tree'] : $txt['package_file']),
'action' => $smcFunc['htmlspecialchars'](strtr($action['source'], array($boarddir => '.'))) . ' => ' . $smcFunc['htmlspecialchars'](strtr($action['destination'], array($boarddir => '.')))
Find: Select
'type' => $txt['package_delete'] . ' ' . ($action['type'] == 'remove-dir' ? $txt['package_tree'] : $txt['package_file']),
'action' => strtr($action['filename'], array($boarddir => '.'))
Replace With: Select
'type' => $txt['package_delete'] . ' ' . ($action['type'] == 'remove-dir' ? $txt['package_tree'] : $txt['package_file']),
'action' => $smcFunc['htmlspecialchars'](strtr($action['filename'], array($boarddir => '.')))

./Sources/Post.php

Find: Select
* Software Version: SMF 2.0 RC1-1 *
Replace With: Select
* Software Version: SMF 2.0 RC1.2 *
Find: Select
// Check if it's locked. It isn't locked if no topic is specified.
if (!empty($topic))
Replace With: Select
// No message is complete without a topic.
if (empty($topic) && !empty($_REQUEST['msg']))
{
$request = $smcFunc['db_query']('', '
SELECT id_topic
FROM {db_prefix}messages
WHERE id_msg = {int:msg}',
array(
'msg' => (int) $_REQUEST['msg'],
));
if ($smcFunc['db_num_rows']($request) != 1)
unset($_REQUEST['msg'], $_POST['msg'], $_GET['msg']);
else
list($topic) = $smcFunc['db_fetch_row']($request);
$smcFunc['db_free_result']($request);
}

// Check if it's locked. It isn't locked if no topic is specified.
if (!empty($topic))
Find: Select
// Previewing an edit?
if (isset($_REQUEST['msg']))
{
Replace With: Select
// Previewing an edit?
if (isset($_REQUEST['msg']) && !empty($topic))
{
// Get the existing message.
$request = $smcFunc['db_query']('', '
SELECT
m.id_member, m.modified_time, m.smileys_enabled, m.body,
m.poster_name, m.poster_email, m.subject, m.icon, m.approved,
IFNULL(a.size, -1) AS filesize, a.filename, a.id_attach,
a.approved AS attachment_approved, t.id_member_started AS id_member_poster,
m.poster_time
FROM {db_prefix}messages AS m
INNER JOIN {db_prefix}topics AS t ON (t.id_topic = {int:current_topic})
LEFT JOIN {db_prefix}attachments AS a ON (a.id_msg = m.id_msg AND a.attachment_type = {int:attachment_type})
WHERE m.id_msg = {int:id_msg}
AND m.id_topic = {int:current_topic}',
array(
'current_topic' => $topic,
'attachment_type' => 0,
'id_msg' => $_REQUEST['msg'],
)
);
// The message they were trying to edit was most likely deleted.
// !!! Change this error message?
if ($smcFunc['db_num_rows']($request) == 0)
fatal_lang_error('no_board', false);
$row = $smcFunc['db_fetch_assoc']($request);

$attachment_stuff = array($row);
while ($row2 = $smcFunc['db_fetch_assoc']($request))
$attachment_stuff[] = $row2;
$smcFunc['db_free_result']($request);

if ($row['id_member'] == $user_info['id'] && !allowedTo('modify_any'))
{
// Give an extra five minutes over the disable time threshold, so they can type - assuming the post is public.
if ($row['approved'] && !empty($modSettings['edit_disable_time']) && $row['poster_time'] + ($modSettings['edit_disable_time'] + 5) * 60 < time())
fatal_lang_error('modify_post_time_passed', false);
elseif ($row['id_member_poster'] == $user_info['id'] && !allowedTo('modify_own'))
isAllowedTo('modify_replies');
else
isAllowedTo('modify_own');
}
elseif ($row['id_member_poster'] == $user_info['id'] && !allowedTo('modify_any'))
isAllowedTo('modify_replies');
else
isAllowedTo('modify_any');
Find: Select
// Editing a message...
elseif (isset($_REQUEST['msg']))
Replace With: Select
// Editing a message...
elseif (isset($_REQUEST['msg']) && !empty($topic))
Find: Select
// Posting a new topic.
elseif (empty($topic))
{
Replace With: Select
// Posting a new topic.
elseif (empty($topic))
{
// Now don't be silly, new topics will get their own id_msg soon enough.
unset($_REQUEST['msg'], $_POST['msg'], $_GET['msg']);

./Sources/Subs-Auth.php

Find: Select
* Software Version: SMF 2.0 RC1 *
Replace With: Select
* Software Version: SMF 2.0 RC1.2 *
Find: Select
// Version 4.3.2 didn't store the cookie of the new session.
if (version_compare(PHP_VERSION, '4.3.2') === 0)
setcookie(session_name(), session_id(), time() + $cookie_length, $cookie_url[1], '', !empty($modSettings['secureCookies']));
Replace With: Select
// Version 4.3.2 didn't store the cookie of the new session.
if (version_compare(PHP_VERSION, '4.3.2') === 0 || (isset($_COOKIE[session_name()]) && $_COOKIE[session_name()] != session_id()))
setcookie(session_name(), session_id(), time() + $cookie_length, $cookie_url[1], '', !empty($modSettings['secureCookies']));

./Themes/default/Register.template.php

Find: Select
// Version: 2.0 RC1; Register
Replace With: Select
// Version: 2.0 RC1.2; Register
Find: Select
if (document.forms.postForm.emailActivate.checked)
Replace With: Select
if (document.forms.postForm.emailActivate.checked || document.forms.postForm.password.value == \'\')
Find: Select
<input type="password" name="password" id="password_input" tabindex="', $context['tabindex']++, '" size="30" /><br />
Replace With: Select
<input type="password" name="password" id="password_input" tabindex="', $context['tabindex']++, '" size="30" onchange="onCheckChange();" /><br />
Find: Select
<input type="checkbox" name="emailPassword" id="emailPassword_check" tabindex="', $context['tabindex']++, '" checked="checked"', !empty($modSettings['registration_method']) && $modSettings['registration_method'] == 1 ? ' disabled="disabled"' : '', ' class="check" /><br />
Replace With: Select
<input type="checkbox" name="emailPassword" id="emailPassword_check" tabindex="', $context['tabindex']++, '" checked="checked" disabled="disabled" class="check" /><br />

./Sources/Subs.php

This operation isn't vital to the installation of this mod.
Find: Select

$path = $modSettings['attachmentUploadDir'][$modSettings['attachmentUploadDir']];
Replace With: Select

$path = $modSettings['attachmentUploadDir'][$dir];

./Sources/Subs-Graphics.php

This operation isn't vital to the installation of this mod.
Find: Select

$avatar_hash = empty($modSettings['custom_avatar_enabled']) ? getAttachmentFilename($destName, false, null, true) : null;
Replace With: Select

$avatar_hash = empty($modSettings['custom_avatar_enabled']) ? getAttachmentFilename($destName, false, null, true) : '';
This operation isn't vital to the installation of this mod.
Find: Select

while (!feof($fp2))
fwrite($fp, fread($fp2, 8192));
fclose($fp2);

// Though not an exhaustive list, better safe than sorry.
if (preg_match('~(iframe|\\<\\?php|\\<\\?|\\<%|html|eval|body|script)~', $destName) === 1)
{
unlink($destName);
return false;
}
Replace With: Select

$prev_chunk = '';
while (!feof($fp2))
{
$cur_chunk = fread($fp2, 8192);

// Make sure nothing odd came through.
if (preg_match('~(iframe|\\<\\?php|\\<\\?[\s=]|\\<%[\s=]|html|eval|body|script\W)~', $prev_chunk . $cur_chunk) === 1)
{
fclose($fp2);
fclose($fp);
unlink($destName);
return false;
}

fwrite($fp, $cur_chunk);
$prev_chunk = $cur_chunk;
}
fclose($fp2);
This operation isn't vital to the installation of this mod.
Find: Select

// Walk the right path. if (!empty($modSettings['currentAttachmentUploadDir']))
Replace With: Select

// Walk the right path.
if (!empty($modSettings['currentAttachmentUploadDir']))
This operation isn't vital to the installation of this mod.
Find: Select

if (rename($destName . '.tmp', $avatar_hash === null ? $destName : $path . '/' . $attachID . '_' . $avatar_hash))
{
Replace With: Select

if (rename($destName . '.tmp', empty($avatar_hash) ? $destName : $path . '/' . $attachID . '_' . $avatar_hash))
{
$destName = empty($avatar_hash) ? $destName : $path . '/' . $attachID . '_' . $avatar_hash;
This operation isn't vital to the installation of this mod.
Find: Select

'filesize' => filesize($avatar_hash === null ? $destName : $path . '/' . $attachID . '_' . $avatar_hash),
Replace With: Select

'filesize' => filesize($destName),

./Sources/Profile-Modify.php

This operation isn't vital to the installation of this mod.
Find: Select

$destinationPath = $uploadDir . '/' . ($file_hash === null ? $destName : $cur_profile['id_attach'] . '_' . $file_hash);
if (!rename($_FILES['attachment']['tmp_name'], $destinationPath))
{
removeAttachments(array('id_member' => $memID));
fatal_lang_error('attach_timeout', 'critical');
}

// Attempt to chmod it.
@chmod($uploadDir . '/avatar_tmp_' . $memID, 0644);
Replace With: Select

// Attempt to chmod it.
@chmod($uploadDir . '/avatar_tmp_' . $memID, 0644);
This operation isn't vital to the installation of this mod.
Find: Select

if (preg_match('~(iframe|\\<\\?php|\\<\\?|\\<%|html|eval|body|script)~', fgets($fp, 4096)) === 1)
Replace With: Select

if (preg_match('~(iframe|\\<\\?php|\\<\\?[\s=]|\\<%[\s=]|html|eval|body|script\W)~', fgets($fp, 4096)) === 1)
This operation isn't vital to the installation of this mod.
Find: Select

fatal_lang_error('smf124');
Replace With: Select

fatal_lang_error('attach_timeout');
This operation isn't vital to the installation of this mod.
Find: Select

$mime_type = 'image/' . ($extension == 'jpg' ? 'jpeg' : $extension);
Replace With: Select

$mime_type = 'image/' . ($extension === 'jpg' ? 'jpeg' : ($extension === 'bmp' ? 'x-ms-bmp' : $extension));
This operation isn't vital to the installation of this mod.
Find: Select

$file_hash = empty($modSettings['custom_avatar_enabled']) ? getAttachmentFilename($destName, false, null, true) : null;
Replace With: Select


$file_hash = empty($modSettings['custom_avatar_enabled']) ? getAttachmentFilename($destName, false, null, true) : '';
This operation isn't vital to the installation of this mod.
Find: Select

// Remove previous attachments this member might have had.
removeAttachments(array('id_member' => $memID));

if (!rename($_FILES['attachment']['tmp_name'], $uploadDir . '/' . $destName))
fatal_lang_error('attach_timeout', 'critical');
Replace With: Select

// Remove previous attachments this member might have had.
removeAttachments(array('id_member' => $memID));
This operation isn't vital to the installation of this mod.
Find: Select

$destinationPath = $uploadDir . '/' . ($file_hash === null ? $destName : $cur_profile['id_attach'] . '_' . $file_hash);
Replace With: Select

$destinationPath = $uploadDir . '/' . (empty($file_hash) ? $destName : $cur_profile['id_attach'] . '_' . $file_hash);
This operation isn't vital to the installation of this mod.
Find: Select

@chmod($uploadDir . '/' . $destName, 0644);
Replace With: Select

@chmod($uploadDir . '/' . $destinationPath, 0644);

./Sources/ManageAttachments.php

This operation isn't vital to the installation of this mod.
Find: Select

array('text', 'attachmentExtensions', 40),
array('check', 'attachmentEncryptFilenames'),
Replace With: Select

array('text', 'attachmentExtensions', 40),
This operation isn't vital to the installation of this mod.
Find: Select

SELECT a.id_attach, a.id_folder, a.filename, a.file_hash, a.file_hash, a.attachment_type
Replace With: Select

SELECT a.id_attach, a.id_folder, a.filename, a.file_hash, a.attachment_type

./Sources/Display.php

This operation isn't vital to the installation of this mod.
Find: Select

// Does this have a mime type?
if ($mime_type && (isset($_REQUEST['image']) || !in_array($file_ext, array('jpg', 'gif', 'jpeg', 'x-ms-bmp', 'png', 'psd', 'tiff', 'iff'))))
header('Content-Type: ' . $mime_type);
Replace With: Select

// IE 6 just doesn't play nice. As dirty as this seems, it works.
if ($context['browser']['is_ie6'] && isset($_REQUEST['image']))
unset($_REQUEST['image']);
// Does this have a mime type?
elseif ($mime_type && (isset($_REQUEST['image']) || !in_array($file_ext, array('jpg', 'gif', 'jpeg', 'x-ms-bmp', 'png', 'psd', 'tiff', 'iff'))))
header('Content-Type: ' . strtr($mime_type, array('image/bmp' => 'image/x-ms-bmp')));

Code

smf_2-0-RC1-1_validator.php
This file should be able to execute standalone.
Advertisement: