Advertisement:

Navigation

Readme

This patch file will update your forum to SMF 1.0.19.

File Edits

./index.php

Operation #1
Find: [Select]
* Software Version: SMF 1.0.18 *
Replace With: [Select]
* Software Version: SMF 1.0.19 *
Operation #2
Find: [Select]
$forum_version = 'SMF 1.0.18';
Replace With: [Select]
$forum_version = 'SMF 1.0.19';

./Sources/BoardIndex.php

Operation #1
Find: [Select]
* Software Version: SMF 1.0.10 *
Replace With: [Select]
* Software Version: SMF 1.0.19 *
Operation #2
Find: [Select]
* Copyright 2006 by: Simple Machines LLC (http://www.simplemachines.org) *
Replace With: [Select]
* Copyright 2006-2009 by: Simple Machines LLC (http://www.simplemachines.org) *
Operation #3
Find: [Select]
            'can_collapse' => isset($row_board['canCollapse']) && $row_board['canCollapse'] == 1,
            'collapse_href' => isset($row_board['canCollapse']) ? $scripturl . '?action=collapse;c=' . $row_board['ID_CAT'] . ';sa=' . ($row_board['isCollapsed'] > 0 ? 'expand' : 'collapse;') . '#' . $row_board['ID_CAT'] : '',
Replace With: [Select]
            'can_collapse' => isset($row_board['canCollapse']) && $row_board['canCollapse'] == 1,
            'collapse_href' => isset($row_board['canCollapse']) ? $scripturl . '?action=collapse;c=' . $row_board['ID_CAT'] . ';sa=' . ($row_board['isCollapsed'] > 0 ? 'expand' : 'collapse') . ';sesc=' . $context['session_id'] . '#' . $row_board['ID_CAT'] : '',

./Sources/Display.php

Operation #1
Find: [Select]
* Software Version: SMF 1.0.17 *
Replace With: [Select]
* Software Version: SMF 1.0.19 *
Operation #2
Find: [Select]
function Download()
{
   global $txt, $modSettings, $db_prefix, $user_info, $scripturl, $context;
Replace With: [Select]
function Download()
{
   global $txt, $modSettings, $db_prefix, $user_info, $scripturl, $context, $topic;

Operation #3
Find: [Select]
      isAllowedTo('view_attachments');

      // Make sure this attachment is on this board.
      // NOTE: We must verify that $topic is the attachment's topic, or else the permission check above is broken.
      $request = db_query("
         SELECT a.filename, a.ID_ATTACH, a.file_hash
         FROM {$db_prefix}boards AS b, {$db_prefix}messages AS m, {$db_prefix}attachments AS a
         WHERE b.ID_BOARD = m.ID_BOARD
            AND $user_info[query_see_board]
            AND m.ID_MSG = a.ID_MSG
            AND a.ID_ATTACH = $_REQUEST[id]
         LIMIT 1", __FILE__, __LINE__);
   }
Replace With: [Select]
      // This checks only the current board for $board/$topic's permissions.
      isAllowedTo('view_attachments');

      // Make sure this attachment is on this board.
      // NOTE: We must verify that $topic is the attachment's topic, or else the permission check above is broken.
      $request = db_query("
         SELECT a.filename, a.ID_ATTACH, a.file_hash
         FROM ({$db_prefix}boards AS b, {$db_prefix}messages AS m, {$db_prefix}attachments AS a)
         WHERE b.ID_BOARD = m.ID_BOARD
            AND $user_info[query_see_board]
            AND m.ID_MSG = a.ID_MSG
            AND m.ID_TOPIC = $topic
            AND a.ID_ATTACH = $_REQUEST[id]
         LIMIT 1", __FILE__, __LINE__);
   }

./Sources/Load.php

Operation #1
Find: [Select]
* Software Version: SMF 1.0.17 *
Replace With: [Select]
* Software Version: SMF 1.0.19 *
Operation #2
Find: [Select]
      $modSettings[$row[0]] = $row[1];
   mysql_free_result($request);
Replace With: [Select]
      $modSettings[$row[0]] = $row[1];
   mysql_free_result($request);

   // Setting the timezone is a requirement for some functions in PHP >= 5.1.
   if (isset($modSettings['default_timezone']) && function_exists('date_default_timezone_set'))
      date_default_timezone_set($modSettings['default_timezone']);

./Sources/ManageMembers.php

Operation #1
Find: [Select]
* Software Version: SMF 1.0.18 *
Replace With: [Select]
* Software Version: SMF 1.0.19 *
Operation #2
Find: [Select]
   // Check input after a member search has been submitted.
   if ($context['sub_action'] == 'query' && empty($_REQUEST['params']))
Replace With: [Select]
   // Build a search for a specific group or post group.
   if ($context['sub_action'] === 'query')
   {
      if (isset($_GET['group']))
         $_POST['membergroups'] = array(
            array((int) $_GET['group']),
            array((int) $_GET['group']),
         );
      elseif (isset($_GET['pgroup']))
         $_POST['postgroups'] = array((int) $_GET['pgroup']);
   }

   if ($context['sub_action'] == 'query' && !empty($_REQUEST['params']) && empty($_POST))
   {
      $search_params = base64_decode(stripslashes($_REQUEST['params']));
      $_POST += addslashes__recursive(@unserialize($search_params));
   }

   // Check input after a member search has been submitted.
   if ($context['sub_action'] == 'query')

Operation #3
Find: [Select]
   elseif ($context['sub_action'] == 'query')
      $where = base64_decode($_REQUEST['params']);
Replace With: [Select]
   else
      $search_params = null;

Operation #4
Find: [Select]
   // Construct the additional URL part with the query info in it.
   $context['params_url'] = $context['sub_action'] == 'query' ? ';sa=query;params=' . base64_encode($where) : '';
Replace With: [Select]
   // Construct the additional URL part with the query info in it.
   $context['params_url'] = $context['sub_action'] == 'query' ? ';sa=query;params=' . $search_params : '';

./Sources/ManagePermissions.php

Operation #1
Find: [Select]
* Software Version: SMF 1.0.10 *
Replace With: [Select]
* Software Version: SMF 1.0.19 *
Operation #2
Find: [Select]
* Copyright 2006 by: Simple Machines LLC (http://www.simplemachines.org) *
Replace With: [Select]
* Copyright 2006-2009 by: Simple Machines LLC (http://www.simplemachines.org) *
Operation #3
Find: [Select]
         'href' => $scripturl . '?action=viewmembers;sa=query;params=' . base64_encode('ID_GROUP = 0'),
         'link' => '<a href="' . $scripturl . '?action=viewmembers;sa=query;params=' . base64_encode('ID_GROUP = 0') . '">' . $num_members . '</a>',
Replace With: [Select]
         'href' => $scripturl . '?action=viewmembers;sa=query;group=0',
         'link' => '<a href="' . $scripturl . '?action=viewmembers;sa=query;group=0">' . $num_members . '</a>',

Operation #4
Find: [Select]
         'href' => $scripturl . '?action=viewmembers;sa=query;params=' . base64_encode($row['minPosts'] == -1 ? "ID_GROUP = $row[ID_GROUP] OR FIND_IN_SET($row[ID_GROUP], additionalGroups)" : "ID_POST_GROUP = $row[ID_GROUP]"),
         'link' => '<a href="' . $scripturl . '?action=viewmembers;sa=query;params=' . base64_encode($row['minPosts'] == -1 ? "ID_GROUP = $row[ID_GROUP] OR FIND_IN_SET($row[ID_GROUP], additionalGroups)" : "ID_POST_GROUP = $row[ID_GROUP]") . '">' . $row['num_members'] . '</a>',
Replace With: [Select]
         'href' => $scripturl . '?action=viewmembers;sa=query' . ($row['minPosts'] == -1 ? ';group = ' . (int) $row['ID_GROUP'] : 'pgroup=' . $row['ID_GROUP']),
         'link' => '<a href="' . $scripturl . '?action=viewmembers;sa=query' . ($row['minPosts'] == -1 ? ';group = ' . (int) $row['ID_GROUP'] : 'pgroup=' . $row['ID_GROUP']) . '">' . $row['num_members'] . '</a>',

./Sources/ManageSmileys.php

Operation #1
Find: [Select]
* Software Version: SMF 1.0.10 *
Replace With: [Select]
* Software Version: SMF 1.0.19 *
Operation #2
Find: [Select]
* Copyright 2006 by: Simple Machines LLC (http://www.simplemachines.org) *
Replace With: [Select]
* Copyright 2006-2009 by: Simple Machines LLC (http://www.simplemachines.org) *
Operation #3
Find: [Select]
         'path' => $set,
         'name' => $set_names[$i],
         'selected' => $set == $modSettings['smiley_sets_default']
      );
}
Replace With: [Select]
         'path' => htmlspecialchars($set),
         'name' => htmlspecialchars($set_names[$i]),
         'selected' => $set == $modSettings['smiley_sets_default']
      );
}

Operation #4
Find: [Select]
         'path' => $set,
         'name' => $set_names[$i],
         'selected' => $set == $modSettings['smiley_sets_default']
      );

   // Importing any smileys from an existing set?
Replace With: [Select]
         'path' => htmlspecialchars($set),
         'name' => htmlspecialchars($set_names[$i]),
         'selected' => $set == $modSettings['smiley_sets_default']
      );

   // Importing any smileys from an existing set?

Operation #5
Find: [Select]
      if (isset($context['smiley_sets'][$_GET['id']]))
         ImportSmileys($context['smiley_sets'][$_GET['id']]['path']);
Replace With: [Select]
      if (isset($context['smiley_sets'][$_GET['id']]))
         ImportSmileys(un_htmlspecialchars($context['smiley_sets'][$_GET['id']]['path']));

Operation #6
Find: [Select]
         'path' => $set,
         'name' => $set_names[$i],
         'selected' => $set == $modSettings['smiley_sets_default']
      );

   // Submitting a form?
Replace With: [Select]
         'path' => htmlspecialchars($set),
         'name' => htmlspecialchars($set_names[$i]),
         'selected' => $set == $modSettings['smiley_sets_default']
      );

   // Submitting a form?

Operation #7
Find: [Select]
         foreach ($context['smiley_sets'] as $set)
         {
            if (!is_writable($context['smileys_dir'] . '/' . $set['path']))
Replace With: [Select]
         foreach ($context['smiley_sets'] as $set)
         {
            if (!is_writable($context['smileys_dir'] . '/' . un_htmlspecialchars($set['path'])))

Operation #8
Find: [Select]
         // Keep going until we find a set the file doesn't exist in. (or maybe it exists in all of them?)
         while (isset($context['smiley_sets'][$i]) && file_exists($context['smileys_dir'] . '/' . $context['smiley_sets'][$i]['path'] . '/' . $destName))
Replace With: [Select]
         // Keep going until we find a set the file doesn't exist in. (or maybe it exists in all of them?)
         while (isset($context['smiley_sets'][$i]) && file_exists($context['smileys_dir'] . '/' . un_htmlspecialchars($context['smiley_sets'][$i]['path']) . '/' . $destName))

Operation #9
Find: [Select]
         if (isset($context['smiley_sets'][$i]['path']))
         {
            $smileyLocation = $context['smileys_dir'] . '/' . $context['smiley_sets'][$i]['path'] . '/' . $destName;
Replace With: [Select]
         if (isset($context['smiley_sets'][$i]['path']))
         {
            $smileyLocation = $context['smileys_dir'] . '/' . un_htmlspecialchars($context['smiley_sets'][$i]['path']) . '/' . $destName;

Operation #10
Find: [Select]
            for ($n = count($context['smiley_sets']); $i < $n; $i++)
            {
               $currentPath = $context['smileys_dir'] . '/' . $context['smiley_sets'][$i]['path'] . '/' . $destName;
Replace With: [Select]
            for ($n = count($context['smiley_sets']); $i < $n; $i++)
            {
               $currentPath = $context['smileys_dir'] . '/' . un_htmlspecialchars($context['smiley_sets'][$i]['path']) . '/' . $destName;

Operation #11
Find: [Select]
            if (!isset($_FILES['individual_' . $set['name']]['name']) || $_FILES['individual_' . $set['name']]['name'] == '')
               continue;
Replace With: [Select]
            $set['name'] = un_htmlspecialchars($set['name']);
            $set['path'] = un_htmlspecialchars($set['path']);

            if (!isset($_FILES['individual_' . $set['name']]['name']) || $_FILES['individual_' . $set['name']]['name'] == '')
               continue;

Operation #12
Find: [Select]
      foreach ($context['smiley_sets'] as $smiley_set)
      {
         if (!file_exists($context['smileys_dir'] . '/' . $smiley_set['path']))
Replace With: [Select]
      foreach ($context['smiley_sets'] as $smiley_set)
      {
         if (!file_exists($context['smileys_dir'] . '/' . un_htmlspecialchars($smiley_set['path'])))

Operation #13
Find: [Select]
         $dir = dir($context['smileys_dir'] . '/' . $smiley_set['path']);
         while ($entry = $dir->read())
         {
            if (!in_array($entry, $context['filenames']) && in_array(strrchr($entry, '.'), array('.jpg', '.gif', '.jpeg', '.png')))
               $context['filenames'][strtolower($entry)] = array(
                  'id' => htmlspecialchars($entry),
                  'selected' => false,
               );
         }
         $dir->close();
      }
      ksort($context['filenames']);
   }

   // Create a new smiley from scratch.
Replace With: [Select]
         $dir = dir($context['smileys_dir'] . '/' . un_htmlspecialchars($smiley_set['path']));
         while ($entry = $dir->read())
         {
            if (!in_array($entry, $context['filenames']) && in_array(strrchr($entry, '.'), array('.jpg', '.gif', '.jpeg', '.png')))
               $context['filenames'][strtolower($entry)] = array(
                  'id' => htmlspecialchars($entry),
                  'selected' => false,
               );
         }
         $dir->close();
      }
      ksort($context['filenames']);
   }

   // Create a new smiley from scratch.

Operation #14
Find: [Select]
         'path' => $set,
         'name' => $set_names[$i],
         'selected' => $set == $modSettings['smiley_sets_default']
      );

   // Prepare overview of all (custom) smileys.
Replace With: [Select]
         'path' => htmlspecialchars($set),
         'name' => htmlspecialchars($set_names[$i]),
         'selected' => $set == $modSettings['smiley_sets_default']
      );

   // Prepare overview of all (custom) smileys.

Operation #15
Find: [Select]
            foreach ($context['smileys'] as $smiley_id => $smiley)
               if (!file_exists($modSettings['smileys_dir'] . '/' . $smiley_set['path'] . '/' . $smiley['filename']))
Replace With: [Select]
            foreach ($context['smileys'] as $smiley_id => $smiley)
               if (!file_exists($modSettings['smileys_dir'] . '/' . un_htmlspecialchars($smiley_set['path']) . '/' . $smiley['filename']))

Operation #16
Find: [Select]
            'path' => $set,
            'name' => $set_names[$i],
            'selected' => $set == $modSettings['smiley_sets_default']
         );

      $context['selected_set'] = $modSettings['smiley_sets_default'];
Replace With: [Select]
            'path' => htmlspecialchars($set),
            'name' => htmlspecialchars($set_names[$i]),
            'selected' => $set == $modSettings['smiley_sets_default']
         );

      $context['selected_set'] = $modSettings['smiley_sets_default'];

Operation #17
Find: [Select]
         foreach ($context['smiley_sets'] as $smiley_set)
         {
            if (!file_exists($context['smileys_dir'] . '/' . $smiley_set['path']))
Replace With: [Select]
         foreach ($context['smiley_sets'] as $smiley_set)
         {
            if (!file_exists($context['smileys_dir'] . '/' . un_htmlspecialchars($smiley_set['path'])))

Operation #18
Find: [Select]
            $dir = dir($context['smileys_dir'] . '/' . $smiley_set['path']);
            while ($entry = $dir->read())
            {
               if (!in_array($entry, $context['filenames']) && in_array(strrchr($entry, '.'), array('.jpg', '.gif', '.jpeg', '.png')))
                  $context['filenames'][strtolower($entry)] = array(
                     'id' => htmlspecialchars($entry),
                     'selected' => false,
                  );
            }
            $dir->close();
         }
         ksort($context['filenames']);
      }

      $request = db_query("
Replace With: [Select]
            $dir = dir($context['smileys_dir'] . '/' . un_htmlspecialchars($smiley_set['path']));
            while ($entry = $dir->read())
            {
               if (!in_array($entry, $context['filenames']) && in_array(strrchr($entry, '.'), array('.jpg', '.gif', '.jpeg', '.png')))
                  $context['filenames'][strtolower($entry)] = array(
                     'id' => htmlspecialchars($entry),
                     'selected' => false,
                  );
            }
            $dir->close();
         }
         ksort($context['filenames']);
      }

      $request = db_query("

./Sources/PackageGet.php

Operation #1
Find: [Select]
* Software Version: SMF 1.0.17 *
Replace With: [Select]
* Software Version: SMF 1.0.19 *
Operation #2
Find: [Select]
   $fp = fopen($boarddir . '/Packages/server.list', 'a');
   fputs($fp, $_POST['servername'] . '|^|' . $_POST['serverurl'] . "\n");
Replace With: [Select]
   $fp = fopen($boarddir . '/Packages/server.list', 'a');
   fputs($fp, htmlspecialchars($_POST['servername']) . '|^|' . htmlspecialchars($_POST['serverurl']) . "\n");

Operation #3
Find: [Select]
   // Get the current server list.
   if (!file_exists($boarddir . '/Packages/server.list'))
Replace With: [Select]
   checkSession('get');

   // Get the current server list.
   if (!file_exists($boarddir . '/Packages/server.list'))

./Sources/Packages.php

Operation #1
Find: [Select]
* Software Version: SMF 1.0.18 *
Replace With: [Select]
* Software Version: SMF 1.0.19 *
Operation #2
Find: [Select]
   // Can't delete what's not there.
   if (file_exists($boarddir . '/Packages/' . $_GET['package']))
Replace With: [Select]
   // Can't delete what's not there.
   if (file_exists($boarddir . '/Packages/' . $_GET['package']) && (substr($_GET['package'], -4) == '.zip' || substr($_GET['package'], -4) == '.tgz' || substr($_GET['package'], -7) == '.tar.gz') && substr($_GET['package'], 0, 1) != '.')

Operation #3
Find: [Select]
      updateSettings(array(
         'package_server' => $_POST['pack_server'],
         'package_port' => $_POST['pack_port'],
Replace With: [Select]
      checkSession('post');

      updateSettings(array(
         'package_server' => $_POST['pack_server'],
         'package_port' => $_POST['pack_port'],

./Sources/Poll.php

Operation #1
Find: [Select]
* Software Version: SMF 1.0.10 *
Replace With: [Select]
* Software Version: SMF 1.0.19 *
Operation #2
Find: [Select]
* Copyright 2006 by: Simple Machines LLC (http://www.simplemachines.org) *
Replace With: [Select]
* Copyright 2006-2009 by: Simple Machines LLC (http://www.simplemachines.org) *
Operation #3
Find: [Select]
      $pollOptions = array();

      // Find out what they voted for before.
Replace With: [Select]
      checkSession('request')
      $pollOptions = array();

      // Find out what they voted for before.

Operation #4
Find: [Select]
   // Check permissions.
Replace With: [Select]
   checkSession('get');

   // Check permissions.

./Sources/Post.php

Operation #1
Find: [Select]
* Software Version: SMF 1.0.17 *
Replace With: [Select]
* Software Version: SMF 1.0.19 *
Operation #2
Find: [Select]
               $context['current_attachments'][] = array(
                  'name' => $row['filename'],
Replace With: [Select]
               $context['current_attachments'][] = array(
                  'name' => htmlspecialchars($row['filename']),

Operation #3
Find: [Select]
            $context['current_attachments'][] = array(
               'name' => $attachment['filename'],
Replace With: [Select]
            $context['current_attachments'][] = array(
               'name' => htmlspecialchars($attachment['filename']),

Operation #4
Find: [Select]
   // Editing a message...
   elseif (isset($_REQUEST['msg']))
   {
      checkSession('get');
Replace With: [Select]
   // Editing a message...
   elseif (isset($_REQUEST['msg']))
   {

Operation #5
Find: [Select]
      // Posting a quoted reply?
      if (!empty($topic) && !empty($_REQUEST['quote']))
      {
         checkSession('get');
Replace With: [Select]
      // Posting a quoted reply?
      if (!empty($topic) && !empty($_REQUEST['quote']))
      {

./Sources/Profile.php

Operation #1
Find: [Select]
* Software Version: SMF 1.0.17 *
Replace With: [Select]
* Software Version: SMF 1.0.19 *
Operation #2
Find: [Select]
         $_POST['websiteUrl'] = 'http://' . $_POST['websiteUrl'];
      if (strlen($_POST['websiteUrl']) < 8)
Replace With: [Select]
         $_POST['websiteUrl'] = 'http://' . $_POST['websiteUrl'];
      if (strlen($_POST['websiteUrl']) < 8 || (substr($_POST['websiteUrl'], 0, 7) !== 'http://' && substr($_POST['websiteUrl'], 0, 8) !== 'https://'))

Operation #3
Find: [Select]
         'id' => $set,
         'name' => $set_names[$i],
Replace With: [Select]
         'id' => htmlspecialchars($set),
         'name' => htmlspecialchars($set_names[$i]),

Operation #4
Find: [Select]
      if ($context['smiley_sets'][$i]['selected'])
         $context['member']['smiley_set']['name'] = $set_names[$i];
Replace With: [Select]
      if ($context['smiley_sets'][$i]['selected'])
         $context['member']['smiley_set']['name'] = htmlspecialchars($set_names[$i]);

./Sources/SplitTopics.php

Operation #1
Find: [Select]
* Software Version: SMF 1.0.10 *
Replace With: [Select]
* Software Version: SMF 1.0.19 *
Operation #2
Find: [Select]
* Copyright 2006 by: Simple Machines LLC (http://www.simplemachines.org) *
Replace With: [Select]
* Copyright 2006-2009 by: Simple Machines LLC (http://www.simplemachines.org) *
Operation #3
Find: [Select]
   // Handle URLs from MergeTopics1.
   if (!empty($_GET['from']) && !empty($_GET['to']))
Replace With: [Select]
   checkSession('request');

   // Handle URLs from MergeTopics1.
   if (!empty($_GET['from']) && !empty($_GET['to']))

./Sources/Subs.php

Operation #1
Find: [Select]
* Software Version: SMF 1.0.17 *
Replace With: [Select]
* Software Version: SMF 1.0.19 *
Operation #2
Find: [Select]
   if (setlocale(LC_TIME, @$txt['lang_locale']))
   {
      $str = ereg_replace('%a', ucwords(strftime('%a', $time)), $str);
      $str = ereg_replace('%A', ucwords(strftime('%A', $time)), $str);
      $str = ereg_replace('%b', ucwords(strftime('%b', $time)), $str);
      $str = ereg_replace('%B', ucwords(strftime('%B', $time)), $str);
   }
   else
   {
      // Do-it-yourself time localization. Fun.
      $str = ereg_replace('%a', @$days_short[(int) strftime('%w', $time)], $str);
      $str = ereg_replace('%A', @$days[(int) strftime('%w', $time)], $str);
      $str = ereg_replace('%b', @$months_short[(int) strftime('%m', $time)], $str);
      $str = ereg_replace('%B', @$months[(int) strftime('%m', $time)], $str);
      $str = ereg_replace('%p', (strftime('%H', $time) < 12 ? 'am' : 'pm'), $str);
   }
Replace With: [Select]
   if (setlocale(LC_TIME, $txt['lang_locale']))
   {
      foreach (array('%a', '%A', '%b', '%B') as $token)
         if (strpos($str, $token) !== false)
            $str = str_replace($token, !empty($txt['lang_capitalize_dates']) ? $smcFunc['ucwords'](strftime($token, $time)) : strftime($token, $time), $str);
   }
   else
   {
      // Do-it-yourself time localization. Fun.
      foreach (array('%a' => 'days_short', '%A' => 'days', '%b' => 'months_short', '%B' => 'months') as $token => $text_label)
         if (strpos($str, $token) !== false)
            $str = str_replace($token, ${$text_label}[(int) strftime($token === '%a' || $token === '%A' ? '%w' : '%m', $time)], $str);
      if (strpos($str, '%p'))
         $str = str_replace('%p', (strftime('%H', $time) < 12 ? 'am' : 'pm'), $str);
   }

Operation #3
Find: [Select]
               $php_parts[$php_i] = preg_replace(array('~(?<=[\s>\.(;\'"])((?:http|https|ftp|ftps)://[\w\-_@:|]+(?:\.[\w\-_]+)*(?::\d+)?(?:/[\w\-_\~%\.@,\?&;=#+:\']*|\([\w\-_\~%\.@,\?&;=#()+:\']*)*[/\w\-_\~%@\?;=#])~i', '~(?<=[\s>(\'])(www(?:\.[\w\-_]+)+(?::\d+)?(?:/[\w\-_\~%\.@,\?&;=#+:\']*|\([\w\-_\~%\.@,\?&;=#()+:\']*)*[/\w\-_\~%@\?;=#])~i'), array('[url]$1[/url]', '[url=http://$1]$1[/url]'), $php_parts[$php_i]);
Replace With: [Select]

               // Only do this if the preg survives.
               if (is_string($result = preg_replace(array(
                  '~(?<=[\s>\.(;\'"]|^)((?:http|https|ftp|ftps)://[\w\-_%@:|]+(?:\.[\w\-_%]+)*(?::\d+)?(?:/[\w\-_\~%\.@,\?&;=#(){}+:\'\\\\]*)*[/\w\-_\~%@\?;=#}\\\\])~i',
                  '~(?<=[\s>(\'<]|^)(www(?:\.[\w\-_]+)+(?::\d+)?(?:/[\w\-_\~%\.@,\?&;=#(){}+:\'\\\\]*)*[/\w\-_\~%@\?;=#}\\\\])~i'
               ), array(
                  '[url]$1[/url]',
                  '[url=http://$1]$1[/url]'
               ), $php_parts[$php_i])))
                  $php_parts[$php_i] = $result;

Operation #4
Find: [Select]
      $message = preg_replace('~&lt;a\s+href=(?:&quot;)?(?:\[url\])?((?:http://|ftp:/\|https://|ftps://|mailto:).+?)(?:\[/url\])?(?:&quot;)?&gt;(.+?)&lt;/a&gt;~ie', '\'<a href="$1">\' . preg_replace(\'~(\[url.*?\]|\[/url\])~\', \'\', \'$2\') . \'</a>\'', $message);

      // Do <img ... /> - with security... action= -> action-.
      preg_match_all('~&lt;img\s+src=(?:&quot;)?(?:\[url\])?((?:http://|ftp://|https://|ftps://).+?)(?:\[/url\])?(?:&quot;)?(?:\s+alt=(?:&quot;)?(.*?)(?:&quot;)?)?(?:\s?/)?&gt;~i', $message, $matches, PREG_PATTERN_ORDER);
Replace With: [Select]
      $message = preg_replace('~&lt;a\s+href=(?:&quot;)?(?:\[url\])?((?:http://|ftp:/\|https://|ftps://|mailto:)\S+?)(?:\[/url\])?(?:&quot;)?&gt;(.+?)&lt;/a&gt;~ie', '\'<a href="$1">\' . preg_replace(\'~(\[url.*?\]|\[/url\])~\', \'\', \'$2\') . \'</a>\'', $message);

      // Do <img ... /> - with security... action= -> action-.
      preg_match_all('~&lt;img\s+src=(?:&quot;)?(?:\[url\])?((?:http://|ftp://|https://|ftps://)\S+?)(?:\[/url\])?(?:&quot;)?(?:\s+alt=&quot.*?&quot;)?(?:\s?/)?&gt;~i', $message, $matches, PREG_PATTERN_ORDER);

./Sources/Subs-Auth.php

Operation #1
Find: [Select]
* Software Version: SMF 1.0.18 *
Replace With: [Select]
* Software Version: SMF 1.0.19 *
Operation #2
Find: [Select]
   foreach ($_GET as $k => $v)
      $context['get_data'] .= $k . '=' . $v . ';';
Replace With: [Select]
   foreach ($_GET as $k => $v)
      $context['get_data'] .= urlencode($k) . '=' . urlencode($v) . ';';

Operation #3
Find: [Select]
      return '
<input type="hidden" name="' . $k . '" value="' . htmlspecialchars(stripslashes($v)) . '" />';
Replace With: [Select]
      return '
<input type="hidden" name="' . htmlspecialchars($k) . '" value="' . htmlspecialchars(stripslashes($v)) . '" />';

./Sources/Subs-Boards.php

Operation #1
Find: [Select]
* Software Version: SMF 1.0.10 *
Replace With: [Select]
* Software Version: SMF 1.0.19 *
Operation #2
Find: [Select]
   $_REQUEST['c'] = (int) $_REQUEST['c'];
Replace With: [Select]
   checkSession('request');

   $_REQUEST['c'] = (int) $_REQUEST['c'];

./Sources/Themes.php

Operation #1
Find: [Select]
* Software Version: SMF 1.0.15 *
Replace With: [Select]
* Software Version: SMF 1.0.19 *
Operation #2
Find: [Select]
* Copyright 2006 by: Simple Machines LLC (http://www.simplemachines.org) *
Replace With: [Select]
* Copyright 2006-2009 by: Simple Machines LLC (http://www.simplemachines.org) *
Operation #3
Find: [Select]
   foreach ($sets as $i => $set)
      $context['smiley_sets'][$set] = $set_names[$i];
Replace With: [Select]
   foreach ($sets as $i => $set)
      $context['smiley_sets'][$set] = htmlspecialchars($set_names[$i]);

./Themes/default/Display.template.php

Operation #1
Find: [Select]
// Version: 1.0.3; Display
Replace With: [Select]
// Version: 1.0.19; Display
Operation #2
Find: [Select]
         echo '
                           <a href="', $scripturl, '?action=post;quote=', $message['id'], ';topic=', $context['current_topic'], '.', $context['start'], ';num_replies=', $context['num_replies'], ';sesc=', $context['session_id'], '" onclick="if (!currentSwap) doQuote(', $message['id'], '); else window.location.href = this.href; return false;">', ($settings['use_image_buttons'] ? '<img src="' . $settings['images_url'] . '/' . $context['user']['language'] . '/quote.gif" alt="' . $txt[145] . '" border="0" />' : $txt[145]), '</a>';
Replace With: [Select]
         echo '
                           <a href="', $scripturl, '?action=post;quote=', $message['id'], ';topic=', $context['current_topic'], '.', $context['start'], ';num_replies=', $context['num_replies'], '" onclick="if (!currentSwap) doQuote(', $message['id'], '); else window.location.href = this.href; return false;">', ($settings['use_image_buttons'] ? '<img src="' . $settings['images_url'] . '/' . $context['user']['language'] . '/quote.gif" alt="' . $txt[145] . '" border="0" />' : $txt[145]), '</a>';

Operation #3
Find: [Select]
         echo '
                           <a href="', $scripturl, '?action=post;quote=', $message['id'], ';topic=', $context['current_topic'], '.', $context['start'], ';num_replies=', $context['num_replies'], ';sesc=', $context['session_id'], '">', ($settings['use_image_buttons'] ? '<img src="' . $settings['images_url'] . '/' . $context['user']['language'] . '/quote.gif" alt="' . $txt[145] . '" border="0" />' : $txt[145]), '</a>';
Replace With: [Select]
         echo '
                           <a href="', $scripturl, '?action=post;quote=', $message['id'], ';topic=', $context['current_topic'], '.', $context['start'], ';num_replies=', $context['num_replies'], '">', ($settings['use_image_buttons'] ? '<img src="' . $settings['images_url'] . '/' . $context['user']['language'] . '/quote.gif" alt="' . $txt[145] . '" border="0" />' : $txt[145]), '</a>';

./Themes/default/Packages.template.php

Operation #1
Find: [Select]
// Version: 1.0.16; Packages
Replace With: [Select]
// Version: 1.0.19; Packages
Operation #2
Find: [Select]
                     <td>
                        <a href="' . $scripturl . '?action=pgremove;server=' . $server['id'] . '">[ ' . $txt['smf138'] . ' ]</a>
Replace With: [Select]
                     <td>
                        <a href="' . $scripturl . '?action=pgremove;server=' . $server['id'] . ';sesc=', $context['session_id'], '">[ ' . $txt['smf138'] . ' ]</a>

./Themes/default/SplitTopics.template.php

Operation #1
Find: [Select]
// Version: 1.0; SplitTopics
Replace With: [Select]
// Version: 1.0.19; SplitTopics
Operation #2
Find: [Select]
               </td>
            </tr>
         </table>
Replace With: [Select]
                  <input type="hidden" name="sc" value="', $context['session_id'], '" />
               </td>
            </tr>
         </table>