Advertisement:
Readme
This patch will provide important security and bug fixes to your 2.0.12 forum.
Changelog
=========
index.php
- Updated version to 2.0.13
Sources/Calendar.php
- Updated version to 2.0.12
Sources/ManagePosts.php
- Updated version to 2.0.12
Sources/Display.php
- Updated version to 2.0.12
Sources/Subscriptions-PayPal.php
- Updated version to 2.0.12
Sources/Themes.php
- Updated version to 2.0.13
- Added session check.
Sources/LogInOut.php
- Updated version to 2.0.13
- Added sanitization to $_REQUEST['u']
Sources/Reminder.php
- Updated version to 2.0.13
- Check and sinitization for $_POST['user']
- Isset $_REQUEST['uid'] if ! then $_REQUEST['uid'] = 0
Sources/PackageGet.php (Special thanks to Q)
- Updated version to 2.0.13
- Added sanitization of package site
- Added session check
Sources/Subs-Post.php
- Updated version to 2.0.13
- Rollback of 2.0.12 empty BBC
Sources/Subs.php
- Updated version to 2.0.13
- Remove some limits in safe_unserialize()
Special Thanks
- Q
Changelog
=========
index.php
- Updated version to 2.0.13
Sources/Calendar.php
- Updated version to 2.0.12
Sources/ManagePosts.php
- Updated version to 2.0.12
Sources/Display.php
- Updated version to 2.0.12
Sources/Subscriptions-PayPal.php
- Updated version to 2.0.12
Sources/Themes.php
- Updated version to 2.0.13
- Added session check.
Sources/LogInOut.php
- Updated version to 2.0.13
- Added sanitization to $_REQUEST['u']
Sources/Reminder.php
- Updated version to 2.0.13
- Check and sinitization for $_POST['user']
- Isset $_REQUEST['uid'] if ! then $_REQUEST['uid'] = 0
Sources/PackageGet.php (Special thanks to Q)
- Updated version to 2.0.13
- Added sanitization of package site
- Added session check
Sources/Subs-Post.php
- Updated version to 2.0.13
- Rollback of 2.0.12 empty BBC
Sources/Subs.php
- Updated version to 2.0.13
- Remove some limits in safe_unserialize()
Special Thanks
- Q
File Edits
./index.php
./Sources/Calendar.php
./Sources/ManagePosts.php
./Sources/Display.php
./Sources/Subscriptions-PayPal.php
./Sources/Themes.php
./Sources/LogInOut.php
./Sources/Reminder.php
./Sources/PackageGet.php
./Sources/Subs-Post.php
Operation #1
Find: [Select]
@version 2.0.12
Replace With: [Select]
@version 2.0.13
This operation isn't vital to the installation of this mod.
Operation #2
Find: [Select]
$message = preg_replace_callback('~\[nobbc\](.+?)\[/nobbc\]~is', 'nobbc__preg_callback', $message);
// Remove empty bbc.
$message = preg_replace('~\[([^\]=\s]+)[^\]]*\](?' . '>\s|(?R))*?\[/\1\]\s?~i', '', $message);
Replace With: [Select]
$message = preg_replace_callback('~\[nobbc\](.+?)\[/nobbc\]~is', 'nobbc__preg_callback', $message);
./Sources/Subs.php
Operation #1
Find: [Select]
@version 2.0.12
Replace With: [Select]
@version 2.0.13
This operation isn't vital to the installation of this mod.
Operation #2
Find: [Select]
// Input exceeds 4096.
if(strlen($str) > 4096)
return false;
// Input is not a string.
Replace With: [Select]
// Input is not a string.
This operation isn't vital to the installation of this mod.
Operation #3
Find: [Select]
case 3: // In array, expecting value or another array.
if($type == 'a')
{
// Array nesting exceeds 3.
if(count($stack) >= 3)
return false;
Replace With: [Select]
case 3: // In array, expecting value or another array.
if($type == 'a')
{
This operation isn't vital to the installation of this mod.
Operation #4
Find: [Select]
case 0:
if($type == 'a')
{
// Array nesting exceeds 3.
if(count($stack) >= 3)
return false;
Replace With: [Select]
case 0:
if($type == 'a')
{
This operation isn't vital to the installation of this mod.
Operation #5
Find: [Select]
if($type == 'i' || $type == 's')
{
// Array size exceeds 256.
if(count($list) >= 256)
return false;
// Array size exceeds expected length.
Replace With: [Select]
if($type == 'i' || $type == 's')
{
// Array size exceeds expected length.