[COMMENT] /* +-------------------------------------------------------------------------- | Invision Board v1.3.1 | ======================================== | > Mod_Installer | > Module written by Peter(Pit) | > Peter member at ibforen.de, Pit member at invisionize.com | > email: Peter@ibforen.de | | > Mod_Installer Version Number: 1.3.3 (2011-06-01) | > 2003 - 2011 by Peter | | > This is the CodeChange.php for Mod Security Update For IPB 1.3.1 by Peter +-------------------------------------------------------------------------- */ [COMMENT_END] [INTERFACE] 'title' => 'Security Fixes, Updates And Enhancements For IPB 1.3.1, Part A', 'sub_title' => 'Updates your Invisionboard 1.3.1, inserts all known security fixes and adds more essential features.', 'category' => 'ACP Mod', 'compatible' => 'Invision Power Board 1.3.1', 'version' => '2.7.1', 'author' => 'Peter', 'email' => 'Peter@ibforen.de', 'mod_token' => 'mod_sec_update_131', [INTERFACE_END] [HISTORY] [size=7][color=red]Important: DO NOT INSTALL MANUALLY. Use my ModInstaller and read section Customize! I have split the mod into 3 parts in order to avoid timeout problems. Remove the directory of an older version. Take care of installing all three parts.[/color][/size] [size=3][color=red]Before installing this mod: Do not forget to remove my mods [b]Customize Date[/b], [b]Load Lang Bug[/b], [b]Extension Bug[/b] and some other mod providing relative dates.[/color][/size] 2.7.0 [arrow] 2.7.1, dated on July 29th, 2011 [list][*]New menu item in ACP [arrow] System Settings [arrow] General Configuration: Service for localization of ip addresses Localization of ip addresses is available for admins at board online view and several pages in ACP. It helps to recognize and to identify spammers and attackers. [*]New menu item in ACP [arrow] System Settings [arrow] General Configuration: Board Start Date (please remove my mod start_date if installed) [*]Bugfix for multi quote system Cookie values for quoted posts were not deleted [/list] [b]Update[/b] [list][*]Copy all files from mod archive to their appropriate places Do not forget folder sources/mods/sec_update_131_A/ip2loc [*]]Replace Skin/xxx/mod_sec_update_skin_topic.php [*]Install all 3 parts with The ModInstaller [*]Select the localization service in ACP [/list] 2.6.9 [arrow] 2.7.0, dated on July 25th, 2011 [list][*]New menu item in ACP: Board as Admin This means you can browse your board as root admin with full rights but invisible. Access to all areas even if they are inactive. [*]New in ACP [arrow] Board Logs: Online Stats This is similar to the board stats in board view but you can stay in ACP. [*]ACP menue slightly beautified [/list] [b]Update[/b] [list][*]Copy the new ACP images into html/sys-img [*]Copy the language files in their folders [*]Copy the mod files in their folders in sources/mods/xxx [*]Install all 3 parts with The ModInstaller [/list] 2.6.8 [arrow] 2.6.9, dated on July 15th, 2011 [list][*]Mod split into 3 parts to avoid timeout problems and memory errors [LIST][*]Part A: sql commands admin.php and index.php All files in /sources from Boards.php to Profile.php [*]Part B: All files in /sources from Register.php to UserCP.php All files in /sources/lib and /sources/misc [*]Part C: All files in /sources/Admin[/LIST] [/list] 2.6.7 [arrow] 2.6.8, dated on June 26th, 2011 [list][*]Bugfixes concerning password protected forums [/list] 2.6.6 [arrow] 2.6.7, dated on June 14th, 2011 [list][*]Access to password protected forums is granted immediately to admins, global moderators and moderators for this forum without password login [*]Improvements in ModCP: Exchange mod_sec_update_skin_modcp (New function start_topics inherited from skin_modcp.php) [*]Improvements in AdminCP: Personal ACP settings are stored in a new sql table ibf_acp_config for each admin separately. So admins will have their preferences available independent of cookie storage. (New sql table and changes in admin.php and in sources/Admin/ad_prefs.php) [*]No lagging on index page with huge upload folders. Size of all uploads is calculated asynchronously with XAJAX. [*]Edit languages: List of language files ordered alphabetically. [*]Displaying macro images now language dependent If folder style_images// exists and the admin has chosen that language then macro images will be displayed using that folder. Chosing admin language is much easier if you have installed mod Admin Language. [*]Macros support multilanguage Example: Insert title='<{LANG_M_NEW_POST}>' as title attribut in macro definition and define $lang['MACRO_NEW_POST'] in file mod_sec_lang_macro.php. English and German version of mod_sec_lang_macro.php have been included in mod archive. [*]Bugfix in Messenger.php Deleting of tracking messages failed with unread messages. [*]Bugfix in misc\contact_member.php Reporting post to moderator disfunctional for moderator groups and super moderators. [/list] 2.6.5 [arrow] 2.6.6, dated on November 30th, 2010 Minor bugfixes for request system. Replace mod_sec_update_ad_req_func.php and mod_sec_update_ucp_func.php in sources/mods/sec_update_131_A. 2.6.1 [arrow] 2.6.5, dated on June 6th, 2010 [color=red][size=5][b]Attention[/b][/size] If you have Mod BBCode installed then you must reinstall it with version > 2.2.11. This is because a feature of Mod BBCode was moved to the new version of Mod Security&Updates (this mod). [/color] [list][*]New ModCP Nearly all moderator actions are concentrated in one place (Too much changes to list them here. Use The ModInstaller) [*]Changes for Lost Password User can enter user name or email address Changes in sources/Register.php, new lang/xx/mod_sec_lang_reg.php [*]Edit Post Permission: New in ACP => Forum Control => Manage Forums: [list][*]Use global group settings [*]Overwrite global group settings and set edit time in minutes [*]Always editable if group is allowed to edit own posts [/list][*]Profile Fields [list][*]New option in ACP to make them searchable in the memberlist [*]Custom location of custom fields in profile view Use <!--{CUSTOM.FIELD_1}-->, <!--{CUSTOM.FIELD_2}-->, etc. in skin_profile.php [/list]Changes in ad_profilefields.php, Memberlist.php, Profile.php [*]Guests Permission: Guests can see coming birthdays only if they are allowed to see member profiles Changes in Boards.php [*]Report system: New in ACP => System Settings => Security: 'Report this post' as PM (not only as email) Changes in sources/misc/contact_member.php, sources/Admin/ad_settings.php and language files [*]New in ACP => System Settings => Date & Time Formats: Set summertime for all members Changes in ad_settings.php [*]New in ACP => Board Guidelines: Board guidelines language dependent and additional fields for terms of use in registration process Changes in ad_settings.php [/list] 2.6.0 [arrow] 2.6.1, dated on December 14th, 2009 [list][*]Bugfix for inactive categories Although a category is switched off, forums and topics are reachable with direct links Changes in index.php, sources(Forums.php and sources/Topics.php [/list] 2.5.2 [arrow] 2.6.0, dated on December 1st, 2009 [b]Attention[/b]: This is a big update with a lot of code changes and sql changes. Do not install manually. [list][*]Thread view of topics Now you can reply to posts (not only to the topic). So we can have threaded topics with replies to replies [*]Thread view of PMs and answered PMs and replies to PMs Own replies to a PM and received replies are displayed in a threaded view [*]New quoting system [list][*]Multi quote: Mark several posts for quoting by clicking on the quote buttons. Selected post ids are stored in cookies. [*]Quote a part of a post by marking post text in topic view and by clicking on the quote buttons [*]Quoted posts and quoted parts of posts are transmitted into the qquick reply box. [/list] [*]New quick reply behavior [list][*]Each post has its quick reply button. The reply box appears always on the screen and not at the end of the page. [*]Quick reply box is fully draggable if javscript library scriptaculous is included. [/list] [*]New style of page links with css [*]Request system (user requests) Members have a new section in Personal CP to send requests to the administration of the board. In the current release they can send form based requests for changing their member names and text based informal requests. Administrators or moderators with ACP access can manage those requests. [*]Fix for permission to view online lists By default all groups can view the list of users online in board view, forum view and topic view, but only if the online list is active. You can withdraw permission for each group. [*]Bugfix for moderator logs Long topic titles causes sql error. Field action modified in ibf_moderator_logs [/list] [size=5][color=red]Complete Feature List[/color][/size] [i](Only new functions and modules)[/i] [size=5]User Mode[/size] [b]Common features[/b] [LIST][*]PHP5 ready [/LIST] [b]Register and Login[/b] [LIST][*]Admin anonymous login Admin anonymous login is totally unvisible except for admins (no count in stats, no count in topics nor forums nor board stats) [*]Profile fields in registration process [*]Timezone selection during registration process to avoid time problems [*]Timezone and daylight saving time (DST) calculated from ip address [*]Registration takes care of the language set for this guest (useful for multilanguage forums) [/LIST] [b]Views[/b] [LIST][*]Preview of topics [*]Thread view of topics Now you can reply to posts (not only to the topic). So we can have threaded topics with replies to replies [*]Thread view of PMs and answered PMs and replies to PMs Own replies to a PM and received replies are displayed in a threaded view [*]Guest restriction for attachments New Option in ACP Profiles for guest restriction from viewing and downloading attachments [*]New style of page links with css [*]Code added in index.php concerning language and skin selection for guests and members (useful for multilanguage forums) [*]Relative dates as in IPB2.x [*]Enables language dependant skins [*]Enables skin dependant emoticons, avatars, team icons and mime type icons [*]Enables appropriate mime type icons for attachments [*]Member online/offline status in topic view dependant on group setting [/LIST] [b]Posting[/b] [LIST][*]New quoting system [list][*]Multi quote: Mark several posts for quoting by clicking on the quote buttons. Selected post ids are stored in cookies. [*]Quote a part of a post by marking post text in topic view and by clicking on the quote buttons [*]Quoted posts and quoted parts of posts are transmitted into the qquick reply box. [/list] [*]New quick reply behavior [list][*]Each post has its quick reply button. The reply box appears always on the screen and not at the end of the page. [*]Quick reply box is fully draggable if javscript library scriptaculous is included. [/list] [*]BBCode system improved for lists Now you can use list=12 or list=a,12 or list=i,3 in order to set the start value of the ordered list. [/LIST] [b]Messaging[/b] [LIST][*]Preview of message text in message list view [*]Tracking of messages modified in order to meet data confidentiality Receipient of messages can send read receipts on his own decision [*]Request system (user requests) Members have a new section in Personal CP to send requests to the administration of the board. In the current release they can send form based requests for changing their member names and text based informal requests. Administrators or moderators with ACP access can manage those requests. [*]MSN Messenger Profile feature MSN Messenger updated to match the new service Live Messenger. Profile field should contain the Live identity like {i] (Live ID)[/i]. You can retrieve your ID with a new function in UserCP. [/LIST] [size=5]Admin Mode (Admin Control Panel ACP)[/size] [b]Common Features In Admin Control Panel[/b] [LIST][*]Improvements for ACP menu for faster access [*]Update information in ACP when an update of this mod is available [*]Update function removed (IPS does not provide any updates for IPB 1.3.x) [*]Skin&Languages [LIST][*]Filenames and function names added to sections and bits [*]Non default groups (e.g. added by modifications) show their functions in the original order [*]ACP => Skin&Templates=> Sets: List in alphabetical order [*]ACP => Skin&Templates => Macros: List in alphabetical order [/LIST] [/LIST] [b]Security Features For Admin Access[/b] [LIST][*]Access to ACP secured admin.php can be named as you like it. The link ACP in user mode does not redirect to that file. Call ACP directly by using the real script name. [*]Non-root admins cannot edit or delete root admins [*]Non-root admins do not have access to critical ACP sections (System Settings, SQL Management, Admin Logs) [*]Finetuning of ACP access for non-root admins [*]Logout button in ACP for security (e.g. in multi-user environments) [*]Removes debug information for other groups than admins, if debug is accidently activated (index.php) [/LIST] [HISTORY_END] [SQL] [QUERY] CREATE TABLE IF NOT EXISTS ibf_requests ( id bigint(20) unsigned NOT NULL auto_increment, member_id int(10), member_name varchar(32), ip_address varchar(255), request varchar(20), request_value text, request_date int(10), done tinyint(1) default 0, done_date text, done_id text, done_name text, done_remark text, PRIMARY KEY (id) ) ENGINE=MyISAM [QUERY] CREATE TABLE IF NOT EXISTS ibf_acp_config ( member_id int(10), name varchar(32), value varchar(255), PRIMARY KEY (member_id, name) ) ENGINE=MyISAM [QUERY] ALTER TABLE `ibf_groups` ADD `g_acp_perms` text [QUERY] ALTER TABLE `ibf_groups` ADD `g_can_view_online` tinyint(1) default 1 [QUERY] ALTER TABLE `ibf_groups` ADD `g_can_view_on_off` tinyint(1) default NULL [QUERY] ALTER TABLE `ibf_search_results` CHANGE `post_id` `post_id` longtext [QUERY] ALTER TABLE `ibf_members` ADD `topic_preview` tinyint(1) default 2 [QUERY] ALTER TABLE `ibf_members` ADD `topic_thread` tinyint(1) default 0 [QUERY] ALTER TABLE `ibf_moderator_logs` MODIFY `action` varchar(255) [QUERY] ALTER TABLE `ibf_messages` ADD `sent` tinyint(1) [QUERY] ALTER TABLE `ibf_messages` ADD `last` int(10) [QUERY] ALTER TABLE `ibf_messages` ADD `next` int(10) [QUERY] ALTER TABLE `ibf_messages` ADD `ref` int(10) [QUERY] ALTER TABLE `ibf_messages` ADD `my_ref` int(10) [QUERY] ALTER TABLE `ibf_messages` ADD `your_ref` int(10) [QUERY] ALTER TABLE `ibf_messages` ADD `report` varchar(40) [QUERY] ALTER TABLE `ibf_posts` ADD `ref` int(10) AFTER `topic_id` [QUERY] ALTER TABLE `ibf_forums` ADD `topic_thread` tinyint(1) default 1 [QUERY] ALTER TABLE `ibf_forums` ADD `editable` varchar(10) default 'global' [QUERY] ALTER TABLE `ibf_forums` ADD `edit_time` int(10) default 0 [QUERY] ALTER TABLE `ibf_pfields_data` ADD `fsearchable` tinyint(1) default 0 [SQL_END] [CODE] [MOD_TOKEN] mod_sec_update_131 [FNAME] admin.php [STEP] [SEARCH] /*----------------------------------------------- USER CONFIGURABLE ELEMENTS [INSERT] //-- mod_sec_update_131 begin define("ADMIN_SCRIPT_NAME", preg_replace("`^(.*?\.php).*$`", "\\1", basename(htmlentities($_SERVER['SCRIPT_NAME'])))); $HTTP_SERVER_VARS = isset($_SERVER)?$_SERVER:array(); $HTTP_GET_VARS = isset($_GET)?$_GET:array(); $HTTP_POST_VARS = isset($_POST)?$_POST:array(); $HTTP_POST_FILES = isset($_FILES)?$_FILES:array(); $HTTP_COOKIE_VARS = isset($_COOKIE)?$_COOKIE:array(); $HTTP_ENV_VARS = isset($_ENV)?$_ENV:array(); $HTTP_SESSION_VARS = isset($_SESSION)?$_SESSION:array(); //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] define ( 'USE_MODULES', 1 ); [INSERT] //-- mod_sec_update_131 begin if (file_exists(ROOT_PATH."modules/module_loader.php")) //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] require ROOT_PATH."conf_global.php"; [INSERT] //-- mod_sec_update_131 begin $_SET_PCRE = 0; if ($INFO['set_pcre']) { $limit = intval(@ini_get("pcre.backtrack_limit")); if ($limit > -1 && $limit <= 100000) { $_SET_PCRE = 1; @ini_set("pcre.backtrack_limit", "1000000"); } $limit = intval(@ini_get("pcre.recursion_limit")); if ($limit > -1 && $limit <= 100000) { $_SET_PCRE = 1; @ini_set("pcre.recursion_limit", "1000000"); } unset ($limit); } if (substr($INFO['base_dir'], -1) != "/") $INFO['base_dir'] .= "/"; //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] $this_session = $row; [INSERT] //-- mod_sec_update_131 begin if ($cookie = $std->my_getcookie('acpprefs')) { $DB->query("REPLACE INTO ibf_acp_config (member_id, name, value) VALUES ('".$MEMBER['id']."', 'acpprefs', '$cookie')"); } else { $DB->query("SELECT value FROM ibf_acp_config WHERE member_id='".$MEMBER['id']."' AND name='acpprefs'"); if ($r = $DB->fetch_row()) { list( $INFO['menu'], $INFO['tx'], $INFO['ty'], $INFO['preview'] ) = explode( ",", $r['value'] ); $std->my_setcookie( 'acpprefs', $r['value']); } } if ($cookie = $std->my_getcookie('acpmenu')) { $DB->query("REPLACE INTO ibf_acp_config (member_id, name, value) VALUES ('".$MEMBER['id']."', 'acpmenu', '$cookie')"); } else { $DB->query("SELECT value FROM ibf_acp_config WHERE member_id='".$MEMBER['id']."' AND name='acpmenu'"); if ($r = $DB->fetch_row()) { $IN['show'] = $r['value']; if ($IN['show'] == 'none') $IN['show'] = ""; else if ($IN['show'] == 'all') { $IN['show'] = ""; foreach($CATS as $cid => $name) $IN['show'] .= $cid.','; } else { $IN['show'] = preg_replace( "/(?:^|,)".$IN['out']."(?:,|$)/", ",", $IN['show'] ); $IN['show'] = preg_replace( "/,,/" , "" , $IN['show'] ); $IN['show'] = preg_replace( "/,$/" , "" , $IN['show'] ); $IN['show'] = preg_replace( "/^,/" , "" , $IN['show'] ); } $std->my_setcookie( 'acpmenu', $r['value']); } } //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] $ADMIN->html .= "( Click here if you do not wish to wait )"; else //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $IN['act'] = $IN['act'] == '' ? "idx" : $IN['act']; [INSERT] //-- mod_sec_update_131 begin if (!isset($ADMIN->lang_id)) { $ADMIN->lang_id = $MEMBER['language']?$MEMBER['language']:($INFO['default_language']!=""? $INFO['default_language']: 'en'); } $ADMIN->lang = $std->load_words($ADMIN->lang, 'mod_sec_update_ad_lang', $ADMIN->lang_id); if ($IN['act'] == 'logout') { $DB->query("DELETE FROM ibf_admin_sessions WHERE id='{$IN['adsess']}'"); if ($cookie = $std->my_getcookie('acpmenu')) { $DB->query("REPLACE INTO ibf_acp_config (member_id, name, value) VALUES ('".$MEMBER['id']."', 'acpmenu', '$cookie')"); } $std->boink_it($ADMIN->base_url); } if ($IN['act'] == "requests") { if (file_exists(ROOT_PATH."sources/mods/sec_update_131_A/mod_sec_update_ad_req_func.php")) { require_once(ROOT_PATH."sources/mods/sec_update_131_A/mod_sec_update_ad_req_func.php"); } else { die("Could not call required function from file 'sources/mods/sec_update_131_A/mod_sec_update_ad_func.php'
Does it exist?"); } } if ($IN['act'] == "online") { if (file_exists(ROOT_PATH."sources/mods/sec_update_131_A/mod_sec_update_ad_online_func.php")) { require_once(ROOT_PATH."sources/mods/sec_update_131_A/mod_sec_update_ad_online_func.php"); } else { die("Could not call required function from file 'sources/mods/sec_update_131_A/mod_sec_update_ad_online_func.php'
Does it exist?"); } } unset($choice['ips']); if ($MEMBER['mgroup'] != $INFO['admin_group']) { global $PAGES, $CATS, $DESC; unset($PAGES[2]); unset($CATS[2]); unset($DESC[2]); unset($PAGES[10]); unset($CATS[10]); unset($DESC[10]); unset($PAGES[11][2]); unset($choice['mysql']); unset($choice['adminlog']); if (file_exists(ROOT_PATH."sources/mods/sec_update_131_A/mod_sec_update_ad_func.php")) { global $mod_sec_update; require_once(ROOT_PATH."sources/mods/sec_update_131_A/mod_sec_update_ad_func.php"); $IN['act'] = $IN['act'] == '' ? "idx" : $IN['act']; if (!$mod_sec_update->test_access()) { $std->boink_it($ADMIN->base_url); } } else { die("Could not call required function from file 'sources/mods/sec_update_131_A/mod_sec_update_ad_func.php'
Does it exist?"); } } if ($IN['act'] == "sec_update") { if (file_exists(ROOT_PATH."sources/mods/sec_update_131_A/mod_sec_update_ad_func.php")) { require_once(ROOT_PATH."sources/mods/sec_update_131_A/mod_sec_update_ad_func.php"); } else { die("Could not call required function from file 'sources/mods/sec_update_131_A/mod_sec_update_ad_func.php'
Does it exist?"); } } //-- mod_sec_update_131 end [MODE] insert_above [FNAME_END] [MOD_TOKEN] mod_sec_update_131 [FNAME] index.php [STEP] [SEARCH] //----------------------------------------------- // USER CONFIGURABLE ELEMENTS [INSERT] //-- mod_sec_update_131 begin error_reporting (E_ALL); if (isset($HTTP_POST_VARS['GLOBALS']) || isset($_POST['GLOBALS']) || isset($HTTP_POST_FILES['GLOBALS']) || isset($_FILES['GLOBALS']) || isset($HTTP_GET_VARS['GLOBALS']) || isset($_GET['GLOBALS']) || isset($HTTP_COOKIE_VARS['GLOBALS']) || isset($_COOKIE['GLOBALS'])) { trigger_error('Is this a GLOBAL GPC hacking attempt?', E_USER_ERROR); } $HTTP_SERVER_VARS = isset($_SERVER)?$_SERVER:array(); $HTTP_GET_VARS = isset($_GET)?$_GET:array(); $HTTP_POST_VARS = isset($_POST)?$_POST:array(); $HTTP_POST_FILES = isset($_FILES)?$_FILES:array(); $HTTP_COOKIE_VARS = isset($_COOKIE)?$_COOKIE:array(); $HTTP_ENV_VARS = isset($_ENV)?$_ENV:array(); $HTTP_SESSION_VARS = isset($_SESSION)?$_SESSION:array(); //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] define ( 'USE_MODULES', 1 ); [INSERT] //-- mod_sec_update_131 begin if (file_exists(ROOT_PATH."modules/module_loader.php")) //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] require ROOT_PATH."conf_global.php"; [INSERT] //-- mod_sec_update_131 begin if ($INFO['set_pcre']) { $limit = intval(@ini_get("pcre.backtrack_limit")); if ($limit && $limit <= 100000) @ini_set("pcre.backtrack_limit", "1000000"); $limit = intval(@ini_get("pcre.recursion_limit")); if ($limit && $limit <= 100000) @ini_set("pcre.recursion_limit", "1000000"); unset ($limit); } if (substr($INFO['base_dir'], -1) != "/") $INFO['base_dir'] .= "/"; //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] $ibforums->input['t'] = intval($ibforums->input['showtopic']); [INSERT] //-- mod_sec_update_131 begin if (TRUE) $DB->query("SELECT f.*, f.name as forum_name, f.id as forum_id, f.posts as forum_posts, f.topics as forum_topics, t.*, c.name as cat_name, c.id as cat_id, c.state as cat_state FROM ibf_topics t, ibf_forums f , ibf_categories c WHERE t.tid=".$ibforums->input['t']." and f.id = t.forum_id and f.category=c.id"); else //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] $ibforums->member = $sess->authorise(); [INSERT] //-- mod_sec_update_131 begin if ($ibforums->member['mgroup'] != $ibforums->vars['admin_group']) { $DB->obj['debug'] = 0; $DB->obj['debuglevel'] = 0; $ibforums->debug_html = ""; $ibforums->vars['debug_level'] = min(1, $ibforums->vars['debug_level']); $INFO['debug_level'] = $ibforums->vars['debug_level']; unset($_GET['debug']); } //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] $ibforums->lang_id = $ibforums->member['language'] ? $ibforums->member['language'] : $ibforums->vars['default_language']; [INSERT] //-- mod_sec_update_131 begin if (defined("IS_ACP_SESSION")) $ibforums->base_url = $ibforums->vars['board_url'].'/index.'.$ibforums->vars['php_ext'].'?adsess='.$ibforums->session_id.'&'; if (empty($ibforums->vars['default_language'])) { if (empty($ibforums->lang_id)) { $ibforums->vars['default_language'] = "en"; $INFO['default_language'] = "en"; $ibforums->lang_id = "en"; } else { $ibforums->vars['default_language'] = $ibforums->lang_id; $INFO['default_language'] = $ibforums->lang_id; } } if($ibforums->input['lch'] == 1 && is_dir(ROOT_PATH."lang/".$ibforums->input['lang'])) { if ($ibforums->input['lang'] == "en") $DB->query("SELECT ldir FROM ibf_languages WHERE ldir='en'"); else $DB->query("SELECT ldir FROM ibf_languages WHERE ldir='".$ibforums->input['lang']."'"); if ($DB->get_num_rows()) { if($ibforums->member['id'] != 0) { $DB->query("UPDATE ibf_members SET language='".$ibforums->input['lang']."' WHERE id=".$ibforums->member['id']); } else { $std->my_setcookie('language', $ibforums->input['lang']); } $ibforums->lang_id = $ibforums->input['lang']; $ibforums->member['language'] = $ibforums->input['lang']; } } if ($ibforums->vars['allow_skins'] == 1) { if($ibforums->input['ch'] == 1) { $DB->query("SELECT sid FROM ibf_skins WHERE sid='".intval($ibforums->input['skinid'])."'"); if ($DB->get_num_rows()) { if($ibforums->member['id'] != 0) { $DB->query("UPDATE ibf_members SET skin='".intval($ibforums->input['skinid'])."' WHERE id=".$ibforums->member['id']); } else { $std->my_setcookie('skin', intval($ibforums->input['skinid'])); } $ibforums->member['skin'] = intval($ibforums->input['skinid']); } } } //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] $ibforums->lang = $std->load_words($ibforums->lang, 'lang_global', $ibforums->lang_id); [INSERT] //-- mod_sec_update_131 begin if (is_dir($ibforums->vars['img_url']."/".$ibforums->lang_id) ) { $ibforums->vars['img_url'] .= "/".$ibforums->lang_id; $ibforums->skin['img_dir'] .= "/".$ibforums->lang_id; } if (is_dir($ibforums->vars['img_url']."/team_icons") ) $ibforums->vars['TEAM_ICON_URL'] = $ibforums->vars['img_url']."/team_icons"; if (is_dir($ibforums->vars['img_url']."/avatars") ) $ibforums->vars['AVATARS_URL'] = $ibforums->vars['img_url']."/avatars"; if (is_dir($ibforums->vars['img_url']."/emoticons") ) $ibforums->vars['EMOTICONS_URL'] = $ibforums->vars['img_url']."/emoticons"; if (is_dir($ibforums->vars['img_url']."/mime_types") ) $ibforums->vars['mime_img'] = $ibforums->vars['img_url']."/mime_types"; //-- mod_sec_update_131 end [MODE] insert_below [FNAME_END] [MOD_TOKEN] mod_sec_update_131 [FNAME] sources/Boards.php [STEP] [SEARCH] if ($ibforums->vars['show_active']) [INSERT] //-- mod_sec_update_131 begin if ($ibforums->member['g_can_view_online']) //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] $DB->query("SELECT s.id, s.member_id, s.member_name, s.login_type, g.suffix, g.prefix [INSERT] //-- mod_sec_update_131 begin if ($ibforums->member['mgroup'] == $ibforums->vars['admin_group']) { $DB->query("SELECT s.id, s.member_id, s.member_name, s.login_type, g.suffix, g.prefix FROM ibf_sessions s LEFT JOIN ibf_groups g ON (g.g_id=s.member_group) WHERE running_time > $time ORDER BY s.running_time DESC"); } else { $DB->query("SELECT s.id, s.member_id, s.member_name, s.login_type, g.suffix, g.prefix FROM ibf_sessions s LEFT JOIN ibf_groups g ON (g.g_id=s.member_group) WHERE running_time > $time AND ((s.login_type IS NULL) OR s.login_type<>'1' OR (s.login_type='1' AND s.member_group<>'{$ibforums->vars['admin_group']}')) ORDER BY s.running_time DESC"); } if (FALSE) //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] if ($ibforums->vars['show_birthdays']) [INSERT] //-- mod_sec_update_131 begin if ($ibforums->member['g_mem_info']) //-- mod_sec_update_131 end [MODE] insert_below [FNAME_END] [MOD_TOKEN] mod_sec_update_131 [FNAME] sources/browsebuddy.php [STEP] [SEARCH] if ($i['password'] != "") [INSERT] //-- mod_sec_update_131 begin if ($ibforums->member['mgroup'] != $ibforums->vars['admin_group'] && !$ibforums->member['g_is_supmod'] && (!$ibforums->member['is_mod'] || !$ibforums->member['mod_forums'][$i['id']])) //-- mod_sec_update_131 end [MODE] insert_above [FNAME_END] [MOD_TOKEN] mod_sec_update_131 [FNAME] sources/Forums.php [STEP] [SEARCH] $DB->query("SELECT f.*, c.id as cat_id, c.name as cat_name [INSERT] //-- mod_sec_update_131 begin $ibforums->lang = $std->load_words($ibforums->lang, 'mod_sec_lang', $ibforums->lang_id); $ibforums->vars['pre_pinned'] = $ibforums->lang['pre_pinned']; $ibforums->vars['pre_moved'] = $ibforums->lang['pre_moved']; $ibforums->vars['pre_polls'] = $ibforums->lang['pre_polls']; $this->show_preview = $ibforums->vars['display_topic_preview'] && $ibforums->member['topic_preview'] && strpos($ibforums->skin['css_text'], "domTT") !== FALSE; $DB->query("SELECT f.*, c.id as cat_id, c.name as cat_name, c.state as cat_state FROM ibf_forums f LEFT JOIN ibf_categories c ON (c.id=f.category) WHERE f.id=".$ibforums->input['f']); if (FALSE) //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $this->forum = $DB->fetch_row(); [INSERT] //-- mod_sec_update_131 begin if ($ibforums->member['mgroup'] == $ibforums->vars['admin_group'] || $ibforums->member['g_is_supmod'] || ($ibforums->member['is_mod'] && $ibforums->member['mod_forums'][$this->forum['id']])) $this->forum['password'] = ""; //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] //---------------------------------------- // Is it a redirect forum? [INSERT] //-- mod_sec_update_131 begin if ( $this->forum['cat_state'] == 0 ) $std->Error( array( LEVEL => 1, MSG => 'is_broken_link') ); //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] if ($this->forum['password']) [INSERT] //-- mod_sec_update_131 begin if ($ibforums->member['mgroup'] == $ibforums->vars['admin_group'] || $ibforums->member['g_is_supmod'] || ($ibforums->member['is_mod'] && $ibforums->member['mod_forums'][$this->forum['id']])) return 0; //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $this->read_array = unserialize(stripslashes($read)); [INSERT] //-- mod_sec_update_131 begin if (TRUE) $this->read_array = $std->clean_int_array(unserialize(stripslashes($read))); else //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $First = $First ? $First : 0; [INSERT] //-- mod_sec_update_131 begin $First = max(0, $First); //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] if ($ibforums->vars['no_au_forum'] != 1 [INSERT] //-- mod_sec_update_131 begin && $ibforums->member['g_can_view_online'] //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] $DB->query("SELECT s.member_id, s.member_name, s.login_type, s.location, g.suffix, g.prefix, g.g_perm_id, t.forum_id, m.org_perm_id [INSERT] //-- mod_sec_update_131 begin if ($ibforums->member['mgroup'] == $ibforums->vars['admin_group']) { $DB->query("SELECT s.member_id, s.member_name, s.login_type, s.location, g.suffix, g.prefix, g.g_perm_id, t.forum_id, m.org_perm_id FROM ibf_sessions s LEFT JOIN ibf_groups g ON (g.g_id=s.member_group) LEFT JOIN ibf_topics t ON (t.tid=s.in_topic) LEFT JOIN ibf_members m on (s.member_id=m.id) WHERE (s.in_forum={$this->forum['id']} OR t.forum_id={$this->forum['id']}) AND s.running_time > $time ORDER BY s.running_time DESC"); } else { $DB->query("SELECT s.member_id, s.member_name, s.login_type, s.location, g.suffix, g.prefix, g.g_perm_id, t.forum_id, m.org_perm_id FROM ibf_sessions s LEFT JOIN ibf_groups g ON (g.g_id=s.member_group) LEFT JOIN ibf_topics t ON (t.tid=s.in_topic) LEFT JOIN ibf_members m on (s.member_id=m.id) WHERE (s.in_forum={$this->forum['id']} OR t.forum_id={$this->forum['id']}) AND s.running_time > $time AND ((s.login_type IS NULL) OR s.login_type<>'1' OR (s.login_type='1' AND s.member_group<>'{$ibforums->vars['admin_group']}')) ORDER BY s.running_time DESC"); } if (FALSE) //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] if ($pages > 1) [INSERT] //-- mod_sec_update_131 begin if (TRUE) { if ($pages > 1) { if ($pages > 4 ) $topic['PAGES'] = " vars['display_max_posts']});'> "; else $topic['PAGES'] = "  "; for ($i = 0 ; $i < $pages ; ++$i ) { $real_no = $i * $ibforums->vars['display_max_posts']; $page_no = $i + 1; if ($page_no == 4) { $topic['PAGES'] .= "»$pages "; break; } else { $topic['PAGES'] .= "$page_no"; } } } } else //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] return $p_start . $this->html->render_pinned_row( $topic ); [INSERT] //-- mod_sec_update_131 begin if ($this->show_preview) { $link = "{$ibforums->base_url}showtopic={$topic['tid']}&tooltip=1"; $tooltip = "onMouseOver=\"domTT_oneOnly = true; this.style.color = '#000000';"; $tooltip .= "return makeFalse(domTT_activate(this, event, 'caption', '', 'width', '510px', 'fade', 'both', 'fadeMax', 100, 'trail', false, 'offsetX', 20, 'offsetY', 5, 'lazy', true, 'delay', 500, 'content', '<iframe src="{LINK}" style="width:500px;height:200px;"></iframe>', 'styleClass', 'domTTlegend', 'type', 'velcro' ));\""; $return = str_replace(">{$topic['title']}", " ".str_replace("{LINK}", $link, $tooltip).">{$topic['title']}", $this->html->render_pinned_row($topic)); $link = "{$ibforums->base_url}showtopic={$topic['tid']}&view=getlastpost&tooltip=last"; $return = str_replace(">{$topic['last_text']}", " ".str_replace("{LINK}", $link, $tooltip).">{$topic['last_text']}", $return); return $p_start.$return; } //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] return $p_end . $this->html->RenderRow( $topic [INSERT] //-- mod_sec_update_131 begin if ($this->show_preview) { $link = "{$ibforums->base_url}showtopic={$topic['tid']}&tooltip=1"; $tooltip = "onMouseOver=\"domTT_oneOnly = true; this.style.color = '#000000';"; $tooltip .= "return makeFalse(domTT_activate(this, event, 'caption', '', 'width', '510px', 'fade', 'both', 'fadeMax', 100, 'trail', false, 'offsetX', 20, 'offsetY', 5, 'lazy', true, 'delay', 500, 'content', '<iframe src="{LINK}" style="width:500px;height:200px;"></iframe>', 'styleClass', 'domTTlegend', 'type', 'velcro' ));\""; $return = str_replace(">{$topic['title']}", " ".str_replace("{LINK}", $link, $tooltip).">{$topic['title']}", $this->html->RenderRow($topic)); $link = "{$ibforums->base_url}showtopic={$topic['tid']}&view=getlastpost&tooltip=last"; $return = str_replace(">{$topic['last_text']}", " ".str_replace("{LINK}", $link, $tooltip).">{$topic['last_text']}", $return); return $p_end.$return; } //-- mod_sec_update_131 end [MODE] insert_above [FNAME_END] [MOD_TOKEN] mod_sec_update_131 [FNAME] sources/functions.php [STEP] [SEARCH] $forum_perm_array = explode( ",", $forum_perm ); [INSERT] //-- mod_sec_update_131 begin if (!is_array($ibforums->perm_id_array)) return FALSE; //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $ibforums->forum_read[$id] = $stamp; [INSERT] //-- mod_sec_update_131 begin if (TRUE) $ibforums->forum_read[ intval($id) ] = intval($stamp); else //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] if ($ibforums->vars['safe_mode_skins'] == 0) [INSERT] //-- mod_sec_update_131 begin if(class_exists($name)) { return new $name(); } if (!$id) $id = $ibforums->skin_rid; //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] require ROOT_PATH."Skin/".$ibforums->skin_id."/$name.php"; [INSERT] //-- mod_sec_update_131 begin if (file_exists(ROOT_PATH."Skin/s".$id."/$name.php")) require ROOT_PATH."Skin/s".$id."/$name.php"; else fatal_error("Could not fetch the template from skin directory. Template File 'Skins/s".$id."/$name.php'"); if (FALSE) //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $DB->query("SELECT func_name, func_data, [INSERT] //-- mod_sec_update_131 begin if (TRUE) $DB->query("SELECT func_name, func_data, section_content FROM ibf_skin_templates WHERE set_id='$id' AND group_name='$name'"); else //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] function build_pagelinks($data) [INSERT] /*-- mod_sec_update_131 exclude begin [MODE] insert_above [STEP] [SEARCH] /*-------------------------------------------------------------------------*/ // Build the forum jump menu [INSERT] -- mod_sec_update_131 exclude end */ //-- mod_sec_update_131 begin function build_pagelinks($data) { global $ibforums, $skin_universal; $work = array(); $section = ($data['leave_out'] == "") ? 2 : $data['leave_out']; // Number of pages to show per section( either side of current), IE: 1 ... 4 5 [6] 7 8 ... 10 $work['pages'] = 1; if ( ($data['TOTAL_POSS'] % $data['PER_PAGE']) == 0 ) $work['pages'] = $data['TOTAL_POSS'] / $data['PER_PAGE']; else { $number = ($data['TOTAL_POSS'] / $data['PER_PAGE']); $work['pages'] = ceil( $number); } $work['total_page'] = $work['pages']; $work['current_page'] = $data['CUR_ST_VAL'] > 0 ? ($data['CUR_ST_VAL'] / $data['PER_PAGE']) + 1 : 1; if ($work['pages'] > 1) { $work['first_page'] = $skin_universal->make_page_jump($data['TOTAL_POSS'],$data['PER_PAGE'], $data['BASE_URL'], $work['pages']); for( $i = 0; $i <= $work['pages'] - 1; ++$i ) { $RealNo = $i * $data['PER_PAGE']; $PageNo = $i+1; if ($RealNo == $data['CUR_ST_VAL']) $work['page_span'] .= "{$PageNo}"; else { if ($PageNo < ($work['current_page'] - $section)) { $work['st_dots'] = "««lang['ps_page']}'><"; continue; } if ($PageNo > ($work['current_page'] + $section)) { $work['end_dots'] = "lang['ps_page']}'>>»»"; break; } $work['page_span'] .= "{$PageNo}"; } } $work['return'] = $work['first_page'].$work['st_dots'].$work['page_span'].''.$work['end_dots']; } else $work['return'] = $data['L_SINGLE']; return $work['return']; } //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] require ROOT_PATH."lang/".$lang_type."/".$area.".php"; [INSERT] //-- mod_sec_update_131 begin global $ADMIN, $ibforums; if (empty($lang_type)) $lang_type = "en"; if (!file_exists(ROOT_PATH."lang/".$lang_type."/".$area.".php") ) { $info = "Could not load ".ROOT_PATH."lang/".$lang_type."/".$area.".php. Does it exist ?"; if (isset($ADMIN) ) { $ADMIN->error($info); } else { $ibforums->lang['lang_not_found'] = $info; $this->error(array('MSG' => 'lang_not_found' ) ); } } //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] require ROOT_PATH."lang/".$lang_type."/".$area.".php"; [INSERT] //-- mod_sec_update_131 begin if (!is_array($lang)) return array(); //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] function get_date($date, $method) { [INSERT] //-- mod_sec_update_131 begin function set_time_replace($member = "") { global $ibforums; if ($member == "" || !$member['use_language']) $member = &$ibforums->member; $lang_id = $member['language']?$member['language']: ($ibforums->vars['default_language']!=""? $ibforums->vars['default_language']: 'en'); if (isset($this->Date_Replace_Array) && $this->lang_id == $lang_id) return; $this->lang_id = $lang_id; $this->lang = $this->load_words($this->lang, 'lang_date', $this->lang_id); $this->Date_Replace_Array = array( "January" => $this->lang['M1'], "February" => $this->lang['M2'], "March" => $this->lang['M3'], "April" => $this->lang['M4'], "May" => $this->lang['M5'], "June" => $this->lang['M6'], "July" => $this->lang['M7'], "August" => $this->lang['M8'], "September" => $this->lang['M9'], "October" => $this->lang['M10'], "November" => $this->lang['M11'], "December" => $this->lang['M12'], "Jan" => $this->lang['m1'], "Feb" => $this->lang['m2'], "Mar" => $this->lang['m3'], "Apr" => $this->lang['m4'], "May" => $this->lang['m5'], "Jun" => $this->lang['m6'], "Jul" => $this->lang['m7'], "Aug" => $this->lang['m8'], "Sep" => $this->lang['m9'], "Oct" => $this->lang['m10'], "Nov" => $this->lang['m11'], "Dec" => $this->lang['m12'], "Sunday" => $this->lang['D0'], "Monday" => $this->lang['D1'], "Tuesday" => $this->lang['D2'], "Wednesday" => $this->lang['D3'], "Thursday" => $this->lang['D4'], "Friday" => $this->lang['D5'], "Saturday" => $this->lang['D6'], "Sun" => $this->lang['d0'], "Mon" => $this->lang['d1'], "Tue" => $this->lang['d2'], "Wed" => $this->lang['d3'], "Thu" => $this->lang['d4'], "Fri" => $this->lang['d5'], "Sat" => $this->lang['d6'] ); } function format_date($date = "", $method = "") { global $ibforums; if (is_array($date)) { if ($date[5] < 1970) { $real_year = $date[5]; $date[5] = 1970; } $date = mktime( $date[0], $date[1], $date[2], $date[3], $date[4], $date[5]); } if (!$date) { return '--'; } if (empty($method)) { $method = 'LONG'; } $this->set_time_replace(); if ($this->time_options[$method] != "") { $return = Strtr(date((isset($this->lang["time_format_".$method])? $this->lang["time_format_".$method]: $this->time_options[$method] ), $date), $this->Date_Replace_Array); } else { $return = Strtr(date($method, $date), $this->Date_Replace_Array); } if ($real_year) $return = str_replace("1970", $real_year, $return); return $return; } function get_member_date($member, $date = "", $method = "") { global $ibforums; if (!$date) { return '--'; } if (empty($method)) { $method = 'LONG'; } $offset = $this->get_time_offset($member); $this->set_time_replace($member); if ($this->time_options[$method] != "") { $return = Strtr(gmdate((isset($this->lang["time_format_".$method])? $this->lang["time_format_".$method]: $this->time_options[$method] ), ($date + $offset) ), $this->Date_Replace_Array); } else { $return = Strtr(gmdate($method, ($date + $offset) ), $this->Date_Replace_Array); } unset($this->Date_Replace_Array); return $return; } function get_date($date = "", $method = "", $override = FALSE, $detailed = false, $noclock = false) { global $ibforums; if (!$date) { return '--'; } if (empty($method)) { $method = 'LONG'; } if ($this->offset_set == 0) { $this->offset = $this->get_time_offset(); $this->offset_set = 1; } if (!isset($this->Date_Replace_Array)) { $this->set_time_replace(); } if ($ibforums->vars['use_relative_date'] && !$override) { $now = mktime(); $today = gmdate("F j Y", $now + $this->offset); $yesterday = gmdate("F j Y", $now - 86400 + $this->offset); $tomorrow = gmdate("F j Y", $now + 86400 + $this->offset); $this_date = gmdate("F j Y", $date + $this->offset); if ($this_date == $today) { if ($noclock) { return $this->lang['rel_today_noclock']; } else if ($now == $date) { $rel_date = $this->lang['rel_now']; return str_replace("{time}", $now - $date , $rel_date); } else if ($now - $date > 0 && $now - $date < 60) { $rel_date = $this->lang['rel_seconds']; return str_replace("{time}", $now - $date , $rel_date); } else if ($date - $now > 0 && $date - $now < 60) { $rel_date = $this->lang['rel_seconds_soon']; return str_replace("{time}", $date - $now , $rel_date); } else if ($now - $date > 0 && $now - $date < 3600) { $rel_date = $this->lang['rel_minutes']; return str_replace("{time}", round(($now - $date)/60) , $rel_date); } else if ($date - $now > 0 && $date - $now < 3600) { $rel_date = $this->lang['rel_minutes_soon']; return str_replace("{time}", round(($date - $now)/60) , $rel_date); } else if ($date - $now > 0){ if ($detailed) { $hours = floor(($date - $now)/3600); $minutes = round((($date - $now) % 3600)/60); if ($hours == 1) if ($minutes == 1) $rel_date = $this->lang['rel_today_soon_h_m']; else $rel_date = $this->lang['rel_today_soon_h']; else if ($minutes == 1) $rel_date = $this->lang['rel_today_soon_m']; else $rel_date = $this->lang['rel_today_soon_hm']; $rel_date = str_replace("{hours}", $hours, $rel_date); $rel_date = str_replace("{minutes}", $minutes, $rel_date); } else { $rel_date = $this->lang['rel_today_soon']; } $method = $this->lang['time_format_rel']; $rel_date = str_replace("{time}", gmdate($method, $date + $this->offset) , $rel_date); return $rel_date; } else { if ($detailed) { $hours = floor(($now - $date)/3600); $minutes = round((($now - $date) % 3600)/60); if ($hours == 1) if ($minutes == 1) $rel_date = $this->lang['rel_today_h_m']; else $rel_date = $this->lang['rel_today_h']; else if ($minutes == 1) $rel_date = $this->lang['rel_today_m']; else $rel_date = $this->lang['rel_today_hm']; $rel_date = str_replace("{hours}", $hours, $rel_date); $rel_date = str_replace("{minutes}", $minutes, $rel_date); } else { $rel_date = $this->lang['rel_today']; } $method = $this->lang['time_format_rel']; $rel_date = str_replace("{time}", gmdate($method, $date + $this->offset) , $rel_date); return $rel_date; } } if ($this_date == $yesterday) { if ($noclock) { return $this->lang['rel_yesterday_noclock']; } $rel_date = $this->lang['rel_yesterday']; $method = $this->lang['time_format_rel']; return str_replace("{time}", gmdate($method, $date + $this->offset) , $rel_date); } if ($this_date == $tomorrow) { if ($noclock) { return $this->lang['rel_tomorrow_noclock']; } $rel_date = $this->lang['rel_tomorrow']; $method = $this->lang['time_format_rel']; return str_replace("{time}", gmdate($method, $date + $this->offset) , $rel_date); } } if ($this->time_options[$method] != "") { return Strtr(gmdate((isset($this->lang["time_format_".$method])? $this->lang["time_format_".$method]: $this->time_options[$method] ), ($date + $this->offset) ), $this->Date_Replace_Array); } else { return Strtr(gmdate($method, ($date + $this->offset) ), $this->Date_Replace_Array); } } function get_time_offset($member = "") { global $ibforums; $d = 0; if ($member == "") $member = &$ibforums->member; if (!$member['id'] || ($member['time_offset'] === "" && !$member['dst_in_use']) ) { $d = ($ibforums->vars['time_offset'] + $ibforums->vars['dst_in_use'])*3600 + ($ibforums->vars['time_adjust']) * 60; } else { $d = ($member['time_offset'] + $member['dst_in_use'])*3600 + ($ibforums->vars['time_adjust']) * 60; } return $d; } //-- mod_sec_update_131 end /*-- mod_sec_update_131 exclude begin [MODE] insert_above [STEP] [SEARCH] /*-------------------------------------------------------------------------*/ // Returns the offset needed and stuff - quite groovy. /*-------------------------------------------------------------------------*/ [INSERT] -- mod_sec_update_131 exclude end */ [MODE] insert_above [STEP] [SEARCH] /*-------------------------------------------------------------------------*/ // Returns the offset needed and stuff - quite groovy. /*-------------------------------------------------------------------------*/ [INSERT] /*-- mod_sec_update_131 exclude begin [MODE] insert_below [STEP] [SEARCH] return $r; } [INSERT] -- mod_sec_update_131 exclude end */ [MODE] insert_below [STEP] [SEARCH] return urldecode($HTTP_COOKIE_VARS[$INFO['cookie_id'].$name]); [INSERT] //-- mod_sec_update_131 begin return $this->clean_value(urldecode($HTTP_COOKIE_VARS[$INFO['cookie_id'].$name])); //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] while( list($k, $v) = each($HTTP_GET_VARS) ) { [INSERT] //-- mod_sec_update_131 begin if (strpos($k, "amp;") === 0) $k = substr($k, 4); //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] function clean_key($key) { [INSERT] //-- mod_sec_update_131 begin function clean_int_array($array=array()) { $return = array(); if (is_array($array)) foreach($array as $k => $v) $return[ intval($k) ] = intval($v); return $return; } //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] if ($ibforums->vars['gl_show'] and $ibforums->vars['gl_title']) [INSERT] //-- mod_sec_update_131 begin if (file_exists(ROOT_PATH."lang/".$ibforums->lang_id."/mod_sec_lang_macro.php")) { global $std; $ibforums->lang = $std->load_words($ibforums->lang, 'mod_sec_lang_macro', $ibforums->lang_id ); } if ($ibforums->vars['gl_show'] && file_exists(ROOT_PATH."lang/".$ibforums->lang_id."/lang_glines.php")) { global $std; $ibforums->lang = $std->load_words($ibforums->lang, 'lang_glines', $ibforums->lang_id ); if ($ibforums->lang['gl_link'] == "") $ibforums->lang['gl_link'] = $ibforums->base_url."act=boardrules"; $this_header = str_replace( "", $skin_universal->rules_link($ibforums->lang['gl_link'], $ibforums->lang['gl_title']), $this_header ); } else //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $ibforums->skin['template'] = str_replace( "<{".$row['macro_value']."}>" [INSERT] //-- mod_sec_update_131 begin $row['macro_replace'] = preg_replace("`\<\{LANG_M_(.*?)\}\>`e", "\$ibforums->lang['MACRO_\\1']", $row['macro_replace']); //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $htm = $skin_universal->Redirect($text, $url, $css); [INSERT] //-- mod_sec_update_131 begin if (file_exists(ROOT_PATH."lang/".$ibforums->lang_id."/mod_sec_lang_macro.php")) { global $std; $ibforums->lang = $std->load_words($ibforums->lang, 'mod_sec_lang_macro', $ibforums->lang_id ); } //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $htm = str_replace( "<{".$row['macro_value']."}>", $row['macro_replace'], $htm ); [INSERT] //-- mod_sec_update_131 begin $row['macro_replace'] = preg_replace("`\<\{LANG_M_(.*?)\}\>`e", "\$ibforums->lang['MACRO_\\1']", $row['macro_replace']); //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $html = $skin_universal->pop_up_window($title, $css, $text); [INSERT] //-- mod_sec_update_131 begin if (file_exists(ROOT_PATH."lang/".$ibforums->lang_id."/mod_sec_lang_macro.php")) { global $std; $ibforums->lang = $std->load_words($ibforums->lang, 'mod_sec_lang_macro', $ibforums->lang_id ); } //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $html = str_replace( "<{".$row['macro_value']."}>", $row['macro_replace'], $html ); [INSERT] //-- mod_sec_update_131 begin $row['macro_replace'] = preg_replace("`\<\{LANG_M_(.*?)\}\>`e", "\$ibforums->lang['MACRO_\\1']", $row['macro_replace']); //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] if ($ibforums->vars['load_limit'] > 0) { [INSERT] //-- mod_sec_update_131 begin if (true) { if (file_exists('/proc/loadavg')) { if ($fh = @fopen( '/proc/loadavg', 'r' )) { $data = @fread( $fh, 6 ); @fclose( $fh ); $load_avg = explode( " ", $data ); $ibforums->server_load = trim($load_avg[0]); } } // no /proc/loadavg or no permission to read it if (!$ibforums->server_load && $serverstats = @exec("uptime")) { if (preg_match( "/average.*?: ([0-9\.]+),[\s]+([0-9\.]+),[\s]+([0-9\.]+)/", $serverstats, $load )) $ibforums->server_load = $load[1]; } // are we on a windows with load average installed? if (!$ibforums->server_load && $serverstats = @exec("getloadavg")) { if (preg_match( "/average.*?: ([0-9\.]+),[\s]+([0-9\.]+),[\s]+([0-9\.]+)/", $serverstats, $load )) $ibforums->server_load = $load[1]; } if ($ibforums->server_load > $ibforums->vars['load_limit']) { $std->Error( array( 'LEVEL' => 1, 'MSG' => 'server_too_busy', 'INIT' => 1 ) ); } } else //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] if ( $ibforums->input['act'] == 'Attach' ) [INSERT] //-- mod_sec_update_131 begin if ($ibforums->vars['guests_attach']) //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $this->ip_address = $ibforums->input['IP_ADDRESS']; [INSERT] //-- mod_sec_update_131 begin $this->ip_address = $ibforums->input['IP_ADDRESS'] ? $ibforums->input['IP_ADDRESS'] : $_SERVER['REMOTE_ADDR']; //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] //------------------------------------------------- // Do we have a valid session ID? [INSERT] //-- mod_sec_update_131 begin $ibforums->input['Privacy'] = max(0, intval($ibforums->input['Privacy'])); if ($adsess = $ibforums->input['adsess']) { $DB->query("SELECT s.*, m.mgroup FROM ibf_admin_sessions s LEFT JOIN ibf_members m ON (s.MEMBER_ID=m.id) WHERE s.ID='$adsess'"); if ($r = $DB->fetch_row()) { if ($r['mgroup'] == $ibforums->vars['admin_group']) { define("IS_ACP_SESSION", "1"); require_once(ROOT_PATH."sources/mods/sec_update_131_A/mod_sec_update_acp_session.php"); $acp_session = new mod_acp_session(); $acp_session->load_vars($this, $r); } } } //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $DB->query("SELECT moderator.mid as is_mod, [INSERT] //-- mod_sec_update_131 begin if (TRUE) $DB->query("SELECT m.*, g.*, moderator.mid as is_mod, moderator.forum_id as mod_fid, moderator.allow_warn FROM ibf_members m LEFT JOIN ibf_groups g ON (g.g_id=m.mgroup) LEFT JOIN ibf_moderators moderator ON (moderator.member_id=m.id OR moderator.group_id=m.mgroup ) WHERE m.id=$member_id"); else //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $this->unload_member(); } [INSERT] //-- mod_sec_update_131 begin else if (defined("IS_ACP_SESSION")) { require_once(ROOT_PATH."sources/mods/sec_update_131_A/mod_sec_update_acp_session.php"); $acp_session = new mod_acp_session(); $acp_session->load_member($this->member); } //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] $this->create_guest_session(); return; } [INSERT] //-- mod_sec_update_131 begin if (strpos($ibforums->input['act'], "xajax") !== false) return; //-- mod_sec_update_131 end [MODE] [FNAME_END] [MOD_TOKEN] mod_sec_update_131 [FNAME] sources/Memberlist.php [STEP] [SEARCH] $this->html = $std->load_template('skin_mlist'); [INSERT] //-- mod_sec_update_131 begin $this->html = $std->load_template('mod_sec_update_skin_mlist'); $ibforums->lang = $std->load_words($ibforums->lang, 'mod_sec_lang_mlist', $ibforums->lang_id ); $DB->query("SELECT fid, ftitle from ibf_pfields_data WHERE fhide<>'1' AND fsearchable='1' ORDER BY forder"); while ($r = $DB->fetch_row() ) { $pfield_filter[$r['fid']] = $r['ftitle']; } unset($r); $DB->free_result(); //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] if ($ibforums->input['name_box'] != 'all') [INSERT] //-- mod_sec_update_131 begin if (FALSE) //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] if ($ibforums->input['photoonly'] == 1) [INSERT] //-- mod_sec_update_131 begin $this->first = max(0, $this->first); $ibforums->input['name'] = str_replace( '|', '|', $ibforums->input['name']); if ($ibforums->input['name_box'] != 'all') if ( $ibforums->input['name_box'] == 'begins' ) $q_extra .= " AND m.name LIKE '".str_replace("*", "%", $ibforums->input['name'])."%'"; else $q_extra .= " AND m.name LIKE '%".str_replace("*", "%", $ibforums->input['name'])."%'"; if ($ibforums->input['pfield_box']) { $ibforums->input['pfield'] = str_replace("*", "%", $ibforums->input['pfield']); $ibforums->input['pfield'] = str_replace(">", ">", $ibforums->input['pfield']); $ibforums->input['pfield'] = str_replace("<", "<", $ibforums->input['pfield']); if (intval($ibforums->input['pfield_box']) == $ibforums->input['pfield_box'] && intval($ibforums->input['pfield_box']) > 0) { $joined = "LEFT JOIN ibf_pfields_content p ON (m.id=p.member_id)"; $q_extra .= " AND p.field_".intval($ibforums->input['pfield_box'])." LIKE '%".$ibforums->input['pfield']."%'"; } else if (in_array($ibforums->input['pfield_box'], array("birthday","website", "icq_number", "aim_name", "yahoo", "msnname", "location", "interests"))) { if ($ibforums->input['pfield_box'] == "birthday") $q_extra .= " AND CONCAT(m.bday_year, '-', m.bday_month, '-', m.bday_day) LIKE '%".$ibforums->input['pfield']."%'"; else $q_extra .= " AND m.".$ibforums->input['pfield_box']." LIKE '%".$ibforums->input['pfield']."%'"; } } if ($ibforums->input['photoonly'] == 1) { $DB->query("SELECT COUNT(m.id) as total_members FROM ibf_members m LEFT JOIN ibf_member_extra me ON me.id=m.id $joined LEFT JOIN ibf_groups g ON m.mgroup=g.g_id WHERE me.photo_location <> '' AND m.id > 0 AND g.g_hide_from_list <> 1".$q_extra); $q_extra .= " AND me.photo_location <> ''"; } else { $DB->query("SELECT COUNT(m.id) as total_members FROM ibf_members m $joined LEFT JOIN ibf_groups g ON m.mgroup=g.g_id WHERE m.id > 0 AND g.g_hide_from_list <> 1".$q_extra); } if (FALSE) //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $links = $std->build_pagelinks( array( 'TOTAL_POSS' => $max['total_members'], [INSERT] //-- mod_sec_update_131 begin $ibforums->input['name'] = $std->txt_stripslashes(isset($_GET['name'])?$_GET['name']:$_POST['name']); $ibforums->input['pfield'] = $std->txt_stripslashes(isset($_GET['pfield'])?$_GET['pfield']:$_POST['pfield']); $links = $std->build_pagelinks( array( 'TOTAL_POSS' => $max['total_members'], 'PER_PAGE' => $this->max_results, 'CUR_ST_VAL' => $this->first, 'L_SINGLE' => "", 'L_MULTI' => $ibforums->lang['pages'], 'BASE_URL' => $this->base_url."&act=Members&photoonly={$ibforums->input['photoonly']}&name=".urlencode($ibforums->input['name'])."&name_box={$ibforums->input['name_box']}&pfield=".urlencode($ibforums->input['pfield'])."&pfield_box={$ibforums->input['pfield_box']}&max_results={$this->max_results}&filter={$this->filter}&sort_order={$this->sort_order}&sort_key={$this->sort_key}" ) ); if (FALSE) //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] // START THE LISTING //----------------------------- [INSERT] //-- mod_sec_update_131 begin if (!is_numeric($this->first)) { $this->first = "0"; } $DB->query("SELECT m.name, m.id, m.posts, m.joined, m.mgroup, m.email,m.title, m.hide_email, m.location, m.aim_name, m.icq_number, me.photo_location, me.photo_type, me.photo_dimensions FROM ibf_members m $joined LEFT JOIN ibf_member_extra me ON me.id=m.id LEFT JOIN ibf_groups g ON m.mgroup=g.g_id WHERE m.id > 0".$q_extra." AND g.g_hide_from_list <> 1 ORDER BY m.".$this->sort_key." ".$this->sort_order." LIMIT ".$this->first.",".$this->max_results); if (FALSE) //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] $this->output .= $this->html->Page_end( $checked ); [INSERT] //-- mod_sec_update_131 begin $data = array(); $data['checked'] = $checked; $selected = "selected='selected'"; if ($ibforums->input['name_box'] == "begins") $data['bsel'] = $selected; if ($ibforums->input['name_box'] == "contains") $data['csel'] = $selected; if (!empty($ibforums->vars['profile_fields'])) { $fields = explode("|", $ibforums->vars['profile_fields']); if (is_array($fields)) foreach ($fields as $k) { $item = explode(",", $k); if ($item[3]) if ($ibforums->input['pfield_box'] == $item[0]) $options .= "\n"; else $options .= "\n"; } } if (is_array($pfield_filter)) { foreach($pfield_filter as $k => $v) { if ($ibforums->input['pfield_box'] == $k) $options .= "\n"; else $options .= "\n"; } $data['pfield'] = $this->html->pfield_filter($options); } $this->output .= $this->html->Page_end($data); if (FALSE) //-- mod_sec_update_131 end [MODE] insert_above [FNAME_END] [MOD_TOKEN] mod_sec_update_131 [FNAME] sources/Messenger.php [STEP] [SEARCH] $this->html = $std->load_template('skin_msg'); [INSERT] //-- mod_sec_update_131 begin $ibforums->lang = $std->load_words($ibforums->lang, 'mod_sec_lang_ucp', $ibforums->lang_id); $ibforums->lang = $std->load_words($ibforums->lang, 'mod_sec_lang_msg', $ibforums->lang_id); $ibforums->lang = $std->load_words($ibforums->lang, 'mod_sec_lang', $ibforums->lang_id); $this->html = $std->load_template('mod_sec_update_skin_msg'); //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] $this->msg_stats['dir_data'][] = array( 'id' => $id, 'real' => $real ); [INSERT] //-- mod_sec_update_131 begin if ($id == "in") $real = $ibforums->lang['inbox']; if ($id == "sent") $real = $ibforums->lang['outbox']; //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] //-------------------------------------------- // Using Sub Manager? [INSERT] //-- mod_sec_update_131 begin if ($ibforums->vars['requests_active']) { require(ROOT_PATH."sources/mods/sec_update_131_A/mod_sec_update_ucp_func.php"); $ucp = new mod_sec_update_ucp(); $req_html = $ucp->get_menu(); if (strpos($menu_html, "") !== FALSE) { $menu_html = str_replace( "", $req_html, $menu_html); } else { $menu_html = str_replace("", $req_html."\n", $menu_html); } } //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $extra = "  ( ".$v['real']." - ".$ibforums->lang['cannot_remove']." )"; [INSERT] //-- mod_sec_update_131 begin $v['id'] .= "' readonly='readonly"; //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] $DB->query("SELECT name, id FROM ibf_members WHERE LOWER(name)='".$ibforums->input['mem_name']."'"); [INSERT] //-- mod_sec_update_131 begin $ibforums->input['mem_name'] = strtolower(str_replace( '|', '|',trim($ibforums->input['mem_name']))); //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $DB->query("DELETE FROM ibf_messages WHERE tracking=1 AND read_state=0 [INSERT] //-- mod_sec_update_131 begin if (TRUE) $DB->query("UPDATE ibf_messages SET tracking=0 WHERE tracking=1 AND from_id='".$this->member['id']."' AND msg_id IN ($id_string)"); else //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] if ($ibforums->member['new_msg'] >= 1) { [INSERT] //-- mod_sec_update_131 begin $tooltip = intval($ibforums->input['tooltip']); if ($msg['tracking'] && !$tooltip) { $time = time(); if (!$msg['read_state']) { $query = "UPDATE ibf_messages SET read_state=1, read_date='0' WHERE msg_id='".$ibforums->input['MSID']."'"; } if ($msg['read_date'] == 0) { if ($ibforums->input['read_track']) { $query = "UPDATE ibf_messages SET read_state=1, read_date='".$time."' WHERE msg_id='".$ibforums->input['MSID']."'"; $msg['read_date'] = $time; } } if ($query) { $DB->query($query); $msg['read_state'] = 1; } } if (!$tooltip) //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] if ($msg['read_state'] < 1) [INSERT] //-- mod_sec_update_131 begin if (!$tooltip) //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $DB->query("SELECT g.*, m.* ". [INSERT] //-- mod_sec_update_131 begin if ($tooltip) { global $print; $msg['message'] = $this->parser->convert( array( 'TEXT' => $msg['message'], 'SMILIES' => 1, 'CODE' => $ibforums->vars['msg_allow_code'], 'HTML' => $ibforums->vars['msg_allow_html'] ) ); $print->pop_up_window($ibforums->lang['t_welcome'], $msg['message']); die; } $can_view_onoff = $ibforums->member['g_can_view_on_off'] || $ibforums->member['mgroup'] == $ibforums->vars['admin_group'] || $ibforums->member['access_cp'] || $ibforums->member['is_sup_mod']; if ($can_view_onoff) { $ibforums->lang = $std->load_words($ibforums->lang, 'lang_date', $ibforums->lang_id); $DB->query("SELECT g.*, m.*, s.login_type, s.running_time ". "FROM ibf_groups g,ibf_members m LEFT JOIN ibf_sessions s ON (s.member_id=m.id AND s.member_id<>0 AND s.member_id IS NOT NULL) WHERE m.id='".$msg['from_id']."' AND g.g_id=m.mgroup"); } else //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] if ($this->member['view_sigs']) [INSERT] //-- mod_sec_update_131 begin if ($can_view_onoff) { $cutoff = time() - ($ibforums->vars['au_cutoff']?$ibforums->vars['au_cutoff']:15)*60; if ($ibforums->member['mgroup'] == $ibforums->vars['admin_group'] || $ibforums->member['access_cp'] || $ibforums->member['is_sup_mod']) { $online = $member['login_type'] == 1?"online_anon":($member['login_type'] === '0' || $member['login_type'] == -1?"online":"offline"); } else if ($ibforums->member['g_can_view_on_off']) { $online = $member['login_type'] == 1?"offline":($member['login_type'] === '0' || $member['login_type'] == -1?"online":"offline"); } if ($online == "online" && intval($member['running_time']) < $cutoff) { $online = "offline"; } if (method_exists($this->html, "state_online")) switch($online) { case "online" : $member['state_on_off'] = $this->html->state_online(); break; case "online_anon" : $member['state_on_off'] = $this->html->state_online_anon(); break; case "offline" : $member['state_on_off'] = $this->html->state_offline(); break; } } //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $this->output .= $this->html->Render_msg( array( [INSERT] //-- mod_sec_update_131 begin $thread = intval($ibforums->input['thread']>0); if ($msg['last'] || $msg['next']) { if ($thread) { $show_preview = $ibforums->vars['msg_preview'] && strpos($ibforums->skin['css_text'], "domTT") !== FALSE; $switch_title = $ibforums->lang['normal_view']; $switch_title_info = $ibforums->lang['normal_view_info']; $DB->query("SELECT m.member_id, m.msg_id, m.vid, m.msg_date, m.title, m.from_id, mem.name as from_name, m.recipient_id as to_id, mem2.name as to_name FROM ibf_messages m LEFT JOIN ibf_members mem ON (m.from_id = mem.id) LEFT JOIN ibf_members mem2 ON (m.recipient_id = mem2.id) WHERE ref='".$msg['ref']."' AND member_id='".$this->member['id']."' ORDER BY msg_date"); if ($DB->get_num_rows()) { $i = 0; while ($r = $DB->fetch_row()) { $r['msg_date'] = $std->get_date($r['msg_date'], "SHORT"); if ($r['to_id'] == $this->member['id']) $r['to_name'] = $ibforums->lang['to_me']; if ($r['from_id'] == $this->member['id']) $r['from_name'] = $ibforums->lang['from_me']; if ($i > 0) { $r['tab'] = $tab.""; $tab .= ""; } if ($r['msg_id'] == $msg['msg_id']) $r['class'] = "searchlite"; else $r['class'] = "row1"; if ($show_preview) { $link = "{$ibforums->base_url}act=Msg&CODE=03&tooltip=1&VID={$r['vid']}&MSID={$r['msg_id']}"; $r['tooltip'] = "onMouseOver=\"domTT_oneOnly = true; this.style.color = '#000000';"; $r['tooltip'] .= "return makeFalse(domTT_activate(this, event, 'caption', '', 'width', '410px', 'fade', 'both', 'fadeMax', 100, 'trail', false, 'offsetX', 20, 'offsetY', 5, 'lazy', true, 'delay', 500, 'content', '<iframe src="$link" class="tableborder" style="width: 400px; height: 200px;"></iframe>', 'styleClass', 'domTTlegend', 'type', 'velcro' ));\""; } else $r['tooltip'] = "title='".$ibforums->lang['show_msg']."'"; $html .= $this->html->render_thread_msg($r); $i++; } $this->output .= $this->html->wrap_thread($html, intval($ibforums->input['scroll'])); } } else { $switch_title = $ibforums->lang['thread_view']; $switch_title_info = $ibforums->lang['thread_view_info']; } $switch = "$switch_title"; } else { $switch = " "; $msg['next'] = ""; $msg['last'] = ""; } if ($msg['sent']) { if ($msg['next']) $msg['next'] = "<{B_HOT_NN_DOT}> "; if ($msg['last']) $msg['last'] = "<{B_NORM_DOT}> "; } else { if ($msg['next']) $msg['next'] = "<{B_HOT_NN_DOT}> "; if ($msg['last']) $msg['last'] = "<{B_NORM_DOT}> "; } $this->output .= $this->html->Render_msg( array( 'switch' => $switch, 'msg' => $msg, 'member' => $member, 'jump' => $this->jump_html, ) ); $this->output = str_replace("x = posleft", "X = posleft", $this->output); $this->output = str_replace("y = postop", "Y = postop", $this->output); if ($msg['tracking']) { if ($msg['read_date']) // $read_track = "
{$ibforums->lang['read_track_sent']} ".$std->format_date($msg['read_date'], "LONG")."
"; $read_track = " {$ibforums->lang['read_track_sent']} ".$std->format_date($msg['read_date'], "LONG").""; else // $read_track = "
{$ibforums->lang['read_track_title']} {$ibforums->lang['read_track_send']}
"; $read_track = " {$ibforums->lang['read_track_title']} {$ibforums->lang['read_track_send']}"; // $match = "`(".preg_quote($member['signature']).")`is"; // $this->output = preg_replace($match, "\\1".$read_track."", $this->output ); $match = "`^(.*)(output = preg_replace($match, "\\1".$read_track."\\2", $this->output ); } if (FALSE) //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $ibforums->lang['the_max_length'] = $ibforums->vars['max_post_length'] * 1024; [INSERT] //-- mod_sec_update_131 begin $ref = "input['MSID']))."' />\n"; $add = $ref."\n"; $this->output = preg_replace("`()`", "\\1\n$add", $this->output); //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $ibforums->input['from_contact'] = $ibforums->input['from_contact'] ? $ibforums->input['from_contact'] : '-'; [INSERT] //-- mod_sec_update_131 begin if ( $ibforums->input['auth_key'] != $std->return_md5_check() ) { return; } //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] $query = "id='".$ibforums->input['from_contact']."'"; [INSERT] //-- mod_sec_update_131 begin $query = "id='".intval($ibforums->input['from_contact'])."'"; //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] 'cc_users' => $ibforums->input['carbon_copy'] [INSERT] //-- mod_sec_update_131 begin 'my_ref' => intval($ibforums->input['REF']), //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $this->send_form(1); [INSERT] //-- mod_sec_update_131 begin $ibforums->input['MSID'] = intval($ibforums->input['REF']); //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] unset($to_member); [INSERT] //-- mod_sec_update_131 begin $DB->query("SELECT * FROM ibf_messages WHERE member_id='".$ibforums->member['id']."' AND msg_id='".intval($ibforums->input['REF'])."'"); $ref = array(); if ($DB->get_num_rows()) $ref = $DB->fetch_row(); $DB->query("SELECT * FROM ibf_messages WHERE member_id='".$ref['from_id']."' AND msg_id='".intval($ref['your_ref'])."'"); $your_ref = array(); if ($DB->get_num_rows()) $your_ref = $DB->fetch_row(); if ($ibforums->input['add_sent']) { $DB->query("UPDATE ibf_members SET ". "msg_total = msg_total + 1 ". "WHERE id='" . $this->member['id'] . "'"); $DB->query("UPDATE ibf_members SET msg_total = msg_total + 1 WHERE id='" . $this->member['id'] . "'"); $db_string = $std->compile_db_string( array( 'member_id' => $this->member['id'], 'msg_date' => time(), 'read_state' => 1, 'title' => $ibforums->lang['saved_sent_msg'].' '.$ibforums->input['msg_title'], 'message' => $ibforums->input['Post'], 'from_id' => $this->member['id'], 'vid' => 'sent', 'recipient_id' => $to_member['id'], 'sent' => 1, 'last' => $ref['msg_id'], 'ref' => $ref['ref'], ) ); $DB->query("INSERT INTO ibf_messages (" .$db_string['FIELD_NAMES']. ") VALUES (". $db_string['FIELD_VALUES'] .")"); unset($db_string); $sent_id = $DB->get_insert_id(); if (!$ref['ref']) { $ref_id = $sent_id; if ($ref['msg_id']) { $DB->query("UPDATE ibf_messages SET ref=msg_id WHERE msg_id='".$ref['msg_id']."'"); $ref_id = $ref['msg_id']; } $DB->query("UPDATE ibf_messages SET ref='$ref_id' WHERE msg_id='$sent_id'"); } } $DB->query("UPDATE ibf_messages SET next='$sent_id', my_ref='".$ref['my_ref']."' WHERE msg_id='".intval($ibforums->input['REF'])."'"); //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] 'tracking' => $ibforums->input['add_tracking'], [INSERT] //-- mod_sec_update_131 begin 'last' => $ref['your_ref'], 'my_ref' => $ref['your_ref'], 'your_ref' => $sent_id, 'ref' => $your_ref['ref'], //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] $new_id = $DB->get_insert_id(); [INSERT] //-- mod_sec_update_131 begin $DB->query("UPDATE ibf_messages SET next='$new_id' WHERE msg_id='".$ref['your_ref']."'"); //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] if ($ibforums->input['add_sent']) { [INSERT] //-- mod_sec_update_131 begin if (FALSE) //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $start = intval($ibforums->input['st']) > 0 ? intval($ibforums->input['st']) : 0; [INSERT] //-- mod_sec_update_131 begin $start = max(0, $start); //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] $this->output .= $this->html->inbox_table_header [INSERT] //-- mod_sec_update_131 begin $show_preview = $ibforums->vars['msg_preview'] && strpos($ibforums->skin['css_text'], "domTT") !== FALSE; //-- mod_sec_update_131 end [MODE] insert_below_eol [STEP] [SEARCH] if ($this->vid == 'sent') [INSERT] //-- mod_sec_update_131 begin if ($row['sent']) { if ($row['last']) $row['icon'] = "<{B_NORM_DOT}>"; else $row['icon'] = "<{B_NORM}>"; } else { if ($row['msg_date'] > $ibforums->member['last_visit']) $row['icon'] = $row['read_state'] == 1 ? "<{B_HOT_NN}>" : "<{B_HOT}>"; else $row['icon'] = $row['read_state'] == 1 ? "<{B_NORM}>" : "<{B_NEW}>"; if ($row['next']) $row['icon'] = "".str_replace("}>", "_DOT}>", $row['icon']).""; } if (FALSE) //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $this->output .= $this->html->inbox_row( $d_array ); [INSERT] //-- mod_sec_update_131 begin if ($show_preview) { $link = "{$ibforums->base_url}act=Msg&CODE=03&tooltip=1&VID={$d_array['stat']['current_id']}&MSID={$d_array['msg']['msg_id']}"; $tooltip = "onMouseOver=\"domTT_oneOnly = true; this.style.color = '#000000';"; $tooltip .= "return makeFalse(domTT_activate(this, event, 'caption', '', 'width', '410px', 'fade', 'both', 'fadeMax', 100, 'trail', false, 'offsetX', 20, 'offsetY', 5, 'lazy', true, 'delay', 500, 'content', '<iframe src="$link" class="tableborder" style="width: 400px; height: 200px;"></iframe>', 'styleClass', 'domTTlegend', 'type', 'velcro' ));\""; $this->output .= preg_replace("`(CODE=03.*VID.*?)>`s", "\\1 $tooltip >", $this->html->inbox_row($d_array)); } else //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $this->output .= $this->html->trackread_table_header(); [INSERT] //-- mod_sec_update_131 begin $ibforums->lang['tk_untrack_button'] = $ibforums->lang['read_track_untrack_button']; $ibforums->lang['selected_msg'] = $ibforums->lang['read_track_selected_msg']; $ibforums->lang['delete_button'] = $ibforums->lang['read_track_untrack_button']; if (TRUE) $DB->query("SELECT m.*, mp.name as to_name, mp.id as memid FROM ibf_messages m, ibf_members mp WHERE m.tracking=1 AND m.read_state=1 AND read_date<>0 AND m.from_id=".$this->member['id']." AND m.member_id=mp.id ORDER BY msg_date DESC"); else //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] $this->output .= $this->html->trackUNread_table_header(); [INSERT] //-- mod_sec_update_131 begin if (TRUE) $DB->query("SELECT m.*, mp.name as to_name, mp.id as memid FROM ibf_messages m, ibf_members mp WHERE m.tracking=1 AND (m.read_state=0 OR (m.read_state=1 AND m.read_date=0)) AND m.from_id='".$this->member['id']."' AND m.member_id=mp.id ORDER BY msg_date DESC"); else //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] $member['msn_icon'] [INSERT] //-- mod_sec_update_131 begin $member['msn_icon'] = "base_url}act=MSN&control=1&MID={$member['id']}','MSNCONTROL','455','300',0,1,1,5,50);PopUp('{$this->base_url}act=MSN&MID={$member['id']}','Pager',450,370,1,0,0,50,50);\"><{P_MSN}>"; $name = $member['msnname']; $names = explode("(", $name); if (count($names) > 1) { $names[1] = trim(str_replace(")", "", $names[1])); $lid = $names[1]."@apps.messenger.live.com"; $member['msn_icon'] .= ""; } if (FALSE) //-- mod_sec_update_131 end [MODE] insert_above_bol [FNAME_END] [MOD_TOKEN] mod_sec_update_131 [FNAME] sources/Moderate.php [STEP] [SEARCH] function do_move() { global $std, $ibforums, $DB, $print; [INSERT] //-- mod_sec_update_131 begin $ibforums->input['sf'] = intval($ibforums->input['sf']); $ibforums->input['move_id'] = intval($ibforums->input['move_id']); $ibforums->input['tid'] = intval($ibforums->input['tid']); //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] // Get this post id. [INSERT] //-- mod_sec_update_131 begin $ibforums->input['p'] = intval($ibforums->input['p']); //-- mod_sec_update_131 end [MODE] insert_below [FNAME_END] [MOD_TOKEN] mod_sec_update_131 [FNAME] sources/mod_cp.php [STEP] [SEARCH] $this->html = $std->load_template('skin_modcp'); [INSERT] //-- mod_sec_update_131 begin $this->html = $std->load_template('mod_sec_update_skin_modcp'); $ibforums->lang = $std->load_words($ibforums->lang, 'mod_sec_lang', $ibforums->lang_id); $ibforums->lang = $std->load_words($ibforums->lang, 'mod_sec_lang_modcp', $ibforums->lang_id); $ibforums->vars['pre_pinned'] = $ibforums->lang['pre_pinned']; $ibforums->vars['pre_moved'] = $ibforums->lang['pre_moved']; $ibforums->vars['pre_polls'] = $ibforums->lang['pre_polls']; require ROOT_PATH."sources/mods/sec_update_131_A/mod_sec_update_modcp_func.php"; $this->modcp = new mod_sec_update_modcp(); //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] $this->start_val = intval($ibforums->input['st']); [INSERT] //-- mod_sec_update_131 begin $this->start_val = max(0,$this->start_val); //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] $this->output = $this->html->mod_cp_start(); [INSERT] //-- mod_sec_update_131 begin $this->modcp->menu($this); if (false) //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $this->do_ip(); break; default: [INSERT] //-- mod_sec_update_131 begin $this->modcp->dispatch($this); if (FALSE) //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] $print->add_output("$this->output"); $print->do_output( array( 'TITLE' => $this->page_title, 'JS' => 1, 'NAV' => $this->nav ) ); [INSERT] //-- mod_sec_update_131 begin $this->output .= $this->html->mod_cp_end(); //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $DB->query("UPDATE ibf_topics SET title=CONCAT [INSERT] //-- mod_sec_update_131 begin if (TRUE) { $title = "'title'"; if ($pre) $title = "'$pre', ".$title; if ($end) $title .= ", '$end'"; if ($title != "'title'") $DB->query("UPDATE ibf_topics SET title=CONCAT($title) WHERE tid IN(".implode( ",", $this->tids ).")"); } else //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $this->cats[ $c_q['cat_id'] ] = array( 'id' => $r['cat_id'], [INSERT] //-- mod_sec_update_131 begin $this->cats[ $c_q['cat_id'] ] = array( 'id' => $c_q['cat_id'], 'position' => $c_q['cat_position'], 'state' => $c_q['cat_state'], 'name' => $c_q['cat_name'], ); if (FALSE) //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] if ($forum['password'] != "") [INSERT] //-- mod_sec_update_131 begin if ($ibforums->member['mgroup'] == $ibforums->vars['admin_group'] || $ibforums->member['g_is_supmod'] || ($ibforums->member['is_mod'] && $ibforums->member['mod_forums'][$forum['id']])) $forum['password'] = ""; //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] if ( $groups[ $member['mgroup'] ]['g_promotion'] != '-1&-1' ) [INSERT] //-- mod_sec_update_131 begin $mgroup = ""; //-- mod_sec_update_131 end [MODE] insert_above_bol [STEP] [SEARCH] $this->output .= $this->html->mod_postentry_checkbox($r['pid']); [INSERT] //-- mod_sec_update_131 begin $edit = "{$ibforums->lang['EDIT_TOPIC']}"; $r['post_date'] .= " [$edit]"; //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $start = $ibforums->input['st'] ? $ibforums->input['st'] : 0; [INSERT] //-- mod_sec_update_131 begin $start = max(0, $start); //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] $this->output .= $this->html->mod_topic_title($r['title'], $r['tid']); [INSERT] //-- mod_sec_update_131 begin if (TRUE) { $edit = "{$ibforums->lang['EDIT_TOPIC']}"; $this->output .= $this->html->mod_topic_title($r['title']." [$edit]", $r['tid']); } else //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] function prune_juice() { global $std, $ibforums, $DB, $print; [INSERT] //-- mod_sec_update_131 begin $button = ""; if (!isset($ibforums->input['f'])) { $button = ""; $forums = $std->build_forum_jump(0,0,1); $confirm = $this->html->prune_source($forums); } else //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] $DB->query("SELECT id, name FROM ibf_members WHERE name LIKE '".$ibforums->input['name']."%' LIMIT 0,100"); [INSERT] //-- mod_sec_update_131 begin $ibforums->input['name'] = str_replace( '|', '|',trim($ibforums->input['name'])); //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $DB->query("SELECT m.*, g.* FROM ibf_members m, ibf_groups g WHERE m.id='".$ibforums->input['memberid']."' AND m.mgroup=g.g_id"); [INSERT] //-- mod_sec_update_131 begin $DB->query("SELECT m.*, me.photo_type, me.photo_location, me.photo_dimensions, g.* FROM ibf_groups g, ibf_members m LEFT JOIN ibf_member_extra me ON (m.id=me.id) WHERE m.id='".$ibforums->input['memberid']."' AND m.mgroup=g.g_id"); if (FALSE) //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $this->output .= $this->html->edit_user_form($editable); [INSERT] //-- mod_sec_update_131 begin $editable['location'] = $parser->unconvert( $member['location'] ); $editable['interests'] = $parser->unconvert( $member['interests'] ); if (!empty($member['website']) && strtolower($member['website']) != "http://") { $url_array = parse_url($member['website']); if (!$url_array['scheme']) $url_array['scheme'] = "http"; $url .= $url_array['scheme']."://"; $url .= $url_array['host']; $url .= $url_array['port']; $url .= $url_array['path']; $url .= $url_array['query']; $url .= $url_array['fragment']; $member['website'] = "".$member['website'].""; } $member['avatar'] = $std->get_avatar( $member['avatar'], 1, $member['avatar_size'] ); if ($member['photo_type'] == 'upload' ) $member['photo'] = "vars['upload_url']."/".$member['photo_location']."\" $width $height alt='Photo' />"; else if ($member['photo_type'] == 'url') $member['photo'] = "Photo"; $required_output = ""; $optional_output = ""; $field_data = array(); $DB->query("SELECT * from ibf_pfields_content WHERE member_id='".$member['id']."'"); while ($content = $DB->fetch_row()) foreach($content as $k => $v) if ( preg_match( "/^field_(\d+)$/", $k, $match) ) $field_data[ $match[1] ] = $v; if (count($field_data)) { $DB->query("SELECT * from ibf_pfields_data WHERE fedit=1 ORDER BY forder"); while( $row = $DB->fetch_row() ) { $form_element = ""; if ( $row['freq'] == 1 ) $ftype = 'required_output'; else $ftype = 'optional_output'; $preview = $field_data[$row['fid']]; if ($row['ftype'] != "drop") $field_data[$row['fid']] = $parser->unconvert( $field_data[$row['fid']], $ibforums->vars['profile_allow_ibc'], 0 ); if ($row['ftype'] == "drop") { $carray = explode( '|', trim($row['fcontent']) ); $d_content = ""; foreach( $carray as $entry ) { $value = explode( '=', $entry ); $ov = trim($value[0]); $td = trim($value[1]); if ($ov !="" and $td !="") $d_content .= ($field_data[$row['fid']] == $ov) ? "\n" : "\n"; } if ($d_content != "") $form_element = $this->html->profile_field_dropdown( 'field_'.$row['fid'], $d_content ); } else if ( $row['ftype'] == 'area' ) $form_element = $this->html->profile_field_textarea( 'field_'.$row['fid'], $field_data[$row['fid']] ); else $form_element = $this->html->profile_field_textinput( 'field_'.$row['fid'], $field_data[$row['fid']] ); ${$ftype} .= $this->html->profile_field_entry( $row['ftitle'], $row['fdesc'], $form_element, $preview); } } $ip_access_groups = array($ibforums->vars['admin_group']); $ip_access_members = array($ibforums->member['id']); if (in_array($ibforums->member['mgroup'],$ip_access_groups) || in_array($ibforums->member['id'],$ip_access_members)) { if (isset($ibforums->input['show_ips'])) { $DB->query("SELECT DISTINCT ip_address FROM ibf_posts WHERE author_id = '".$ibforums->input['memberid']."' ORDER BY ip_address"); $num = $DB->get_num_rows(); $data['ips'] = $ibforums->lang['ip_reg'].$member['ip_address']; if ($num) { $data['ips'] .= "\n\n{$ibforums->lang['ips_used']}:\n"; while ($r = $DB->fetch_row()) $data['ips'] .= str_pad($r['ip_address'],20); } else { $data['ips'] .= "\n\n".$ibforums->lang['ips_used_noresult']; } $data['rows'] = min(15,3+round($num/4)); $editable['ips'] = $this->html->profile_form_ips($data); } } $this->output .= $this->html->profile_form($editable, $member); if ($required_output != "") $this->output = str_replace( "", $this->html->profile_required_title()."\n".$required_output, $this->output ); if ($optional_output != "") $this->output = str_replace( "", "\n".$this->html->profile_optional_title()."\n".$optional_output, $this->output ); if (FALSE) //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] function complete_user_edit() { global $std, $ibforums, $DB, $print; [INSERT] //-- mod_sec_update_131 begin if (isset($ibforums->input['show_ips'])) { $this->edit_user(); return; } //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] if ($parser->error != "") [INSERT] //-- mod_sec_update_131 begin global $HTTP_POST_VARS; $custom_fields = array(); $in = array('SMILIES' => 0, 'CODE' => 1, 'HTML' => 0, 'SIGNATURE' => 0 ); $DB->query("SELECT * from ibf_pfields_data WHERE fedit=1"); while ($row = $DB->fetch_row()) { if ($row['freq'] == 1) if ($HTTP_POST_VARS[ 'field_'.$row['fid'] ] == "") $std->Error( array( 'LEVEL' => 1, 'MSG' => 'complete_form' ) ); if ($row['fmaxinput'] > 0) if (strlen($HTTP_POST_VARS[ 'field_'.$row['fid'] ]) > $row['fmaxinput']) $std->Error( array( 'LEVEL' => 1, 'MSG' => 'cf_to_long', 'EXTRA' => $row['ftitle'] ) ); if ($ibforums->vars['profile_allow_ibc'] && $row['ftype'] != "drop") { $in['TEXT'] = $ibforums->input['field_'.$row['fid']]; $query_id = $DB->query_id; $custom_fields[ 'field_'.$row['fid'] ] = $parser->convert($in); $DB->query_id = $query_id; } else $custom_fields[ 'field_'.$row['fid'] ] = str_replace( '
', "\n", $ibforums->input[ 'field_'.$row['fid'] ] ); } if (count($custom_fields) > 0){ $DB->query("SELECT member_id FROM ibf_pfields_content WHERE member_id='".$member['id']."'"); $test = $DB->fetch_row(); if ($test['member_id']) { $db_string = $DB->compile_db_update_string($custom_fields); $DB->query("UPDATE ibf_pfields_content SET $db_string WHERE member_id='".$member['id']."'"); } else { $custom_fields['member_id'] = $member['id']; $db_string = $DB->compile_db_insert_string($custom_fields); $DB->query("INSERT INTO ibf_pfields_content (".$db_string['FIELD_NAMES'].") VALUES(".$db_string['FIELD_VALUES'].")"); } } if ($ibforums->vars['profile_allow_ibc']) { $in['TEXT'] = $ibforums->input['location']; $ibforums->input['location'] = $parser->convert($in); $in['TEXT'] = $ibforums->input['interests']; $ibforums->input['interests'] = $parser->convert($in); } //-- mod_sec_update_131 end [MODE] insert_above [FNAME_END] [MOD_TOKEN] mod_sec_update_131 [FNAME] sources/Online.php [STEP] [SEARCH] if ( $ibforums->vars['allow_online_list'] != 1 ) [INSERT] //-- mod_sec_update_131 begin if($ibforums->input['code'] == "get_ip2loc" && $ibforums->input['ip'] != "") { require_once ROOT_PATH."sources/mods/sec_update_131_A/mod_sec_update_func.php"; $lib = new mod_sec_update_lib; $lib->get_ip2loc($ibforums->input['ip']); die; } if ($ibforums->vars['allow_online_list'] != 1 || !$ibforums->member['g_can_view_online']) $std->Error( array( 'LEVEL' => 1, 'MSG' => 'no_permission') ); else //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $this->first = $ibforums->input['st']; [INSERT] //-- mod_sec_update_131 begin $this->first = max(0, $this->first); //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] if ($last_cat_id != $i['cat_id']) [INSERT] //-- mod_sec_update_131 begin if ($ibforums->member['mgroup'] == $ibforums->vars['admin_group'] || $ibforums->member['g_is_supmod'] || ($ibforums->member['is_mod'] && $ibforums->member['mod_forums'][$i['id']])) $i['password'] = ""; //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $DB->query("SELECT s.id, s.in_forum, s.in_topic, s.member_name, s.member_id, s.ip_address, s.running_time, s.location, [INSERT] //-- mod_sec_update_131 begin if ( ($ibforums->member['mgroup'] == $ibforums->vars['admin_group']) and ($ibforums->vars['disable_online_ip'] != 1) ) { $this->html2 = $std->load_template('mod_sec_update_skin_online'); $domTT = strpos($ibforums->skin['css_text'], "domTT") !== FALSE; $ibforums->lang = $std->load_words($ibforums->lang, 'mod_sec_lang_online', $ibforums->lang_id); $loc2ip = "" style="{$this->html2->get_ip2loc_iframe_style()}"></iframe>', 'caption', '{$ibforums->lang['ip2loc_title']}', 'fade', 'both', 'fadeMax', 100, 'type', 'greasy', 'closeAction', 'hide', 'styleClass', 'domTTlegend', 'trail', 'x'));\"><%IP%>"; } //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] if ($fid != "" and ($act == 'SF' or $act == 'ST' or $act == 'Post')) [INSERT] //-- mod_sec_update_131 begin if ($fid != "" && ($act == 'SF' || $act == 'ST' || $act == 'Post' || $act == 'Print')) //-- mod_sec_update_131 end /*-- mod_sec_update_131 exclude begin [MODE] insert_above [STEP] [SEARCH] if ($fid != "" and ($act == 'SF' or $act == 'ST' or $act == 'Post')) [INSERT] -- mod_sec_update_131 exclude end */ [MODE] insert_below [STEP] [SEARCH] $sess['ip_address'] = " ( ".$sess['ip_address']." )"; [INSERT] //-- mod_sec_update_131 begin if ($domTT) { $sess['ip_address'] = str_replace("<%IP%>", $sess['ip_address'], $loc2ip); } //-- mod_sec_update_131 end [MODE] insert_above [FNAME_END] [MOD_TOKEN] mod_sec_update_131 [FNAME] sources/Post.php [STEP] [SEARCH] $this->forum = $DB->fetch_row(); [INSERT] //-- mod_sec_update_131 begin if ($ibforums->member['mgroup'] == $ibforums->vars['admin_group'] || $ibforums->member['g_is_supmod'] || ($ibforums->member['is_mod'] && $ibforums->member['mod_forums'][$this->forum['id']])) $this->forum['password'] = ""; //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] 'SHORT' [INSERT] //-- mod_sec_update_131 begin , TRUE //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] $r['language'] = $r['language'] ? $r['language'] : 'en'; [INSERT] //-- mod_sec_update_131 begin $r['language'] = $r['language'] ? $r['language'] : ($ibforums->vars['default_language'] ? $ibforums->vars['default_language'] : 'en'); if (FALSE) //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] // If we had any errors, parse them back to this class [INSERT] //-- mod_sec_update_131 begin if ($ibforums->input['pid']) $post['ref'] = $ibforums->input['pid']; //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] if (preg_match( "/\.(cgi|pl|js|asp|php|html|htm|jsp|jar)/", $FILE_NAME )) [INSERT] //-- mod_sec_update_131 begin if (TRUE) { if (preg_match( "/\.(cgi|pl|js|asp|php|html|htm|jsp|jar)$/", $FILE_NAME )) $FILE_TYPE = 'text/plain'; } else //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $real_file_name .= $ext; [INSERT] //-- mod_sec_update_131 begin //------------------------------------------------- // Is this a malicious image? //------------------------------------------------- $allowed_ext = explode("|", $ibforums->vars['img_ext']); if ( is_array($allowed_ext) and count($allowed_ext)) { $ext = substr($ext,1); if (in_array($ext,$allowed_ext)) { $file = $HTTP_POST_FILES['FILE_UPLOAD']['tmp_name']; $size = @getimagesize($file); if (!is_array($size)) $size = @getimagesize($file, $info); if (!is_array($size) || !$size[0] || !$size[1] || !$size[2]) { $this->obj['post_errors'] = 'invalid_mime_type'; return $attach_data; } if (function_exists("imagecreatefromgif")) { switch($ext) { case 'gif' : $im = @imagecreatefromgif($file); break; case 'jpg': $im = @imagecreatefromjpeg($file); break; case 'png': $im = @imagecreatefrompng($file); break; } if ($im) { imagedestroy($im); } elseif ($ext == "gif" || $ext == "jpg" || $ext == "png") { $this->obj['post_errors'] = 'invalid_mime_type'; return $attach_data; } } } } //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] "\n". [INSERT] //-- mod_sec_update_131 begin "\n". //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $post_icon = $ibforums->input['iconid']; [INSERT] //-- mod_sec_update_131 begin $post_icon = intval($post_icon); } if (isset($ibforums->vars['post_icons']) && !$ibforums->vars['post_icons']) { return; //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] } ?> [INSERT] //-- mod_sec_update_131 begin function get_post_link($pid = "", $tid = "") { global $ibforums; if ($pid == "") return; return " "; } //-- mod_sec_update_131 end [MODE] insert_above [FNAME_END] [MOD_TOKEN] mod_sec_update_131 [FNAME] sources/Profile.php [STEP] [SEARCH] var $jump_html = ""; [INSERT] /*-- mod_sec_update_131 exclude begin [MODE] insert_below [STEP] [SEARCH] var $links = array(); [INSERT] -- mod_sec_update_131 exclude end */ [MODE] insert_above [STEP] [SEARCH] $info['msn_name'] = $member['msnname'] [INSERT] //-- mod_sec_update_131 begin if ($member['msnname']) { $n = explode("(", $member['msnname']); $member['msnname'] = trim($n[0]); } //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $html = $this->html->show_card_download( $member['name'], $photo, $info ); [INSERT] //-- mod_sec_update_131 begin $match = "`(^.*)lang['integ_msg'].".*?`is"; $html = preg_replace($match, "\\1", $html); //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] $html = $this->html->show_card( $member['name'], $photo, $info ); [INSERT] //-- mod_sec_update_131 begin $match = "`(^.*)lang['integ_msg'].".*?`is"; $html = preg_replace($match, "\\1", $html); //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] if ($member['dst_in_use'] == 1) [INSERT] //-- mod_sec_update_131 begin if (FALSE) //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $info['local_time'] [INSERT] //-- mod_sec_update_131 begin $info['local_time'] = $member['time_offset'] != "" ? $std->get_member_date( $member, time(), "LONG" ) : $ibforums->lang['no_info']; //-- mod_sec_update_131 end [MODE] insert_below_eol [STEP] [SEARCH] $this->output .= $this->html->show_profile( $info ); [INSERT] //-- mod_sec_update_131 begin if (TRUE) { $match = "`(^.*)lang['integ_msg'].".*?`is"; $this->output .= preg_replace($match, "\\1", $this->html->show_profile( $info )); } else //-- mod_sec_update_131 end [MODE] insert_above [STEP] [SEARCH] $custom_out .= $this->html->custom_field($row['ftitle'], $field_data[ $row['fid'] ] ); [INSERT] //-- mod_sec_update_131 begin $custom_out_array[$row['fid']] = $this->html->custom_field($row['ftitle'], $field_data[ $row['fid'] ] ); //-- mod_sec_update_131 end [MODE] insert_below [STEP] [SEARCH] $this->output = str_replace( "", $custom_out, $this->output ); [INSERT] //-- mod_sec_update_131 begin foreach ($custom_out_array as $k => $v) $this->output = str_replace( "", $v, $this->output ); //-- mod_sec_update_131 end [MODE] insert_below [FNAME_END] [CODE_END] [COPY] Copy all files of archive into the root dir of your board. Take care of the structure of this archive. [List] [*]html/sys-img/xxx [arrow] html/sys-img some ACP images [*]html/domTTxx.js [arrow] html domTT library for tooltips and preview feature [*]html/fadomatic.js [arrow] html belongs to domTT library [*]Skin/s1 [arrow] Skin/sx (copy to all skin folders) [*]sources/xajax [arrow] sources/xajax [*]sources/mods/sec_update_131_A [arrow] sources/mods/sec_update_131_A [*]sources/mods/sec_update_131_B [arrow] sources/mods/sec_update_131_B [*]sources/mods/sec_update_131_C [arrow] sources/mods/sec_update_131_C [*]lang/en [arrow] lang/en You will have there 3 new files lang_date.php, mod_sec_lang_msg.php and mod_sec_update_ad_lang.php [*]lang/de [arrow] lang/yy Where your German language resides [*]lang/xx [arrow] lang/y The other languages [*]style_images/xx [arrow] style_images/sx (copy the images to their folders) [/list] [COPY_END] [CUSTOMIZE] [color=red][size=5][b]Attention[/b][/size] If you have Mod BBCode installed then you must reinstall it with version > 2.2.11. This is because a feature of Mod BBCode was moved to the Mod Security&Updates > 2.6.1. [/color] [size=3][b]Time and calendar bugs[/b][/size] In ACP the logic of [b]Date and Time Formats[/b] has changed. You can set the time zone for guests and new users and you can finetune the time calculations if the server time is not set correctly. Normally the server time settings are out of your scope. In calendar module there are a lot of bugs which are not fixed by this update. I recommend strongly to apply my mod [b]Enhanced Calendar[/b]. [size=3][b]Language dependant skins[/b][/size] If you want language dependant buttons like [b]New Topic[/b] then create a new subdirectory in the style_images directory of the skin. Example: The English language resides in lang/en and the German language resides in lang/2. The image directory of your skin is style_images/ipb-001 Now create style_images/ipb-001/en and style_images/ipb-001/2. Copy the content of the original directory style_images/ipb-001 to the new sub directories. Finally copy the language dependant buttons like t_new.gif for "New Topic" in their assigned subdirectories. That means: t_new.gif for the English "New Topic" to style_images/ipb-001/en and t_new.gif for the German "Neues Thema" to style_images/ipb-001/2. [size=3][b]Skin dependant emoticons, avatars, team icons and mime type icons[/b][/size] This is similar to the last item. Create new subdirectories in the style_images folder of the skin. Name them [list][*]emoticons [*]avatars [*]team_icons [*]mime_types"; [/list] and copy the appropriate images into these folders. If a subdirectory does not exist then the default images will be used. [size=3][b]Load Lang Bug[/b][/size] This is not really a bug but a code design bug. In the original version every call to a missing language file results in a blank page. Now you will get an error message. [size=3][b]Mime types icons[/b][/size] For each file extension of allowed uploads create a new icon in html/mime_types like tar.gif, pdf.gif swf.gif etc. In topic view the attachments will be displayed with the new icons. [size=3][b]Online/Offline[/b][/size] If the member group is allowed to view online/offline state of other members, the state can be displayed in topic view and in message view. There are 2 new skin files of the mod [list][*]mod_sec_update_skin_msg.php [*]mod_sec_update_skin_topic.php[/LIST] The new classes inside these files replace some functions of the original skin files. By example you will find functions RenderRow and Render_msg. I have added new lines: [code]{$author['state_on_off']}

[/code] and [code]
{$data['member']['state_on_off']}[/code] If you have a customized skin then you should copy the original function RenderRow (Render_msg) to the mod skin files and insert the lines above. Then you will find 2 sets with 3 functions [LIST][*]function state_online() [*]function state_online_anon() [*]function state_offline()[/LIST] The first set is for macro based displaying the state and the second (outcommented) for text based displaying. You can customize these functions as you like it. Define new macros in ACP for STATE_ONLINE, STATE_ONLINE_ANON and STATE_OFFLINE. By the way: You will find other functions in the mod skin files replacing functions in original skin files. [size=3][b]Tooltips, message and topic preview - the domTT library[/b][/size] Some new features are based on the domTT library. Here is an installation guide: Be sure to have copied the domTT library (domTTxxx.js and fadomaticm.js) into the html folder. Next insert the following code into the boardwrapper in the HEAD section [code] [/code] And last add these css styles to your Style Sheets in ACP [code] div.domTT { border: 1px solid #333333; background-color: #333333 } div.domTT .caption { font-family: serif; font-size: 12px; font-weight: bold; padding: 1px 2px; color: #FFFFFF } div.domTT a:link { text-decoration: none; color: #FFFFFF } div.domTT a:visited { text-decoration: none; color: #FFFFFF } div.domTT a:active { text-decoration: none; color: #0000FF } div.domTT a:hover { text-decoration: none; color: #FF0000 } div.domTT .contents { font-size: 11px; font-family: sans-serif; padding: 3px 2px; background-color: #F1F1FF } div.domTT .contents a:link { text-decoration: none; color: #000000 } div.domTT .contents a:visited { text-decoration: none; color: #777777 } div.domTT .contents a:active { text-decoration: none; color: #0000FF } div.domTT .contents a:hover { text-decoration: none; color: #FF0000 } div.domTTlegend { border: 1px solid #333333; background-color: #333333 } div.domTTlegend .caption { font-family: serif; font-size: 12px; font-weight: bold; padding: 1px 2px; color: #FFFFFF } div.domTTlegend a:link { text-decoration: none; color: #000000 } div.domTTlegend a:visited { text-decoration: none; color: #000000 } div.domTTlegend a:active { text-decoration: none; color: #FF0000 } div.domTTlegend a:hover { color: #FF0000; text-decoration: none } div.domTTlegend .contents { font-size: 10px; font-family: sans-serif; padding: 3px 2px; background-color: #F1F1FF } [/code] [size=3][b]Threaded view[/b][/size] This is a very big modification of our IPB. Therefore we have some modifications of the files in /sources and of the skin files in Skin/. In order to keep the original skin files untouched I have added new skin files: [list][*]mod_sec_update_skin_msg.php [*]mod_sec_update_skin_topic.php [*]mod_sec_update_skin_ucp.php[/LIST] These files contain new classes with functions replacing original skin functions. If you have a customized skin then you should copy the appropriate functions of your original skin files to the mod skin files. Do not overwrite the mod skin code but compare the original code with the new code. Find the differences in the Javascript section and in the topic options. I have changed the topic options like report, new poll etc. in a dropdown field. At the end you can find the insert location for the threaded view [code][/code] In function TableFooter we have [code]
[/code] If you have problems to fit the mod skin files to your skin feel free to visit our support forum at ibforen.de In [b]ACP [arrow] System Settings [arrow] Topics, Posts & Polls[/b] you can enable thread view as a global option. Forums can have their own thread settings or they can inherit the options from the global settings. Users can set preferences in their User Control Panel (UserCP). When everything is ok your members can toggle the view from normal to threaded by clicking on the topic options in the upper right corner of a topic. The thread list will be displayed below of the topic. Clicking on a line in the thread list will display the thread beginning with the start post and ending with the choosen post. The specific thread is marked in the thread list. The member selection of the view mode is stored in a cookie to save the choosen mode. In the Personal CP[arrow]Board Settings members can select the preferred view mode. [size=3][b]New Macros[/b][/size] In order to use the post reply and post quick reply feature you will find new images for the buttons: p_reply.gif and p_qreply.gif. You can use these graphics if you have defined new macros in ACP. Use this: Macro key: [code]{}[/code] Macro Replacement: [code]Reply quickly to this post[/code] Macro key: [code]{}[/code] Macro Replacement: [code]Reply to this post[/code]. [size=3][b]Draggable Quick Reply Box with scriptaculous[/b][/size] If you want to let your members drag the quick reply box then I recommend to use the scriptaculous library. [list][*]Download the source [url=http://script.aculo.us/]http://script.aculo.us/[/url] [*]Save it to your web space in [b]html/scriptaculous[/b]. [*]Then include the library with 2 additional lines in the [b]Board Wrapper[/b] [code] [/code][/list] [size=3][b]Multi quote[/b][/size] You can enable this feature in [b]ACP [arrow] System Settings [arrow] Topics, Posts & Polls[/b]. When activated the behavior of the quote button changes: A click inserts the post into a quote list. A second click removes the post from quote list. Clicking on the reply button inserts the list of quoted posts into the reply textarea. The quote list is based upon the use of cookies and Javascript. The cookies have a lifetime of 15 Minutes. Submitting the reply process removes the list of cookies. [b]Attention[/b]: IE8 users will run into problems because that browser behaves a little bit strange: If you have not set the cookie domain in [b]ACP [arrow] System Settings [arrow] Cookies[/b] then IE8 will not set the cookies for multiquoting. I have tried to handle this as an exception but you should set the domain like [b].your_domain.com[/b]. Do not forget the leading point. [size=3][b]Page links[/b][/size] Modify function make_page_jump in skin_global.php. Wrap the a-tag with [code]..[/code] It will look like this: [CODE]function make_page_jump($tp="", $pp="", $ub="", $p) { global $ibforums; return <<$p {$ibforums->lang['tpl_pages']} EOF; } [/CODE] Now you can customize the page links. The topic_page_link style is used in forum view for the topic items. For the standard IPB skin add these css styles to your Style Sheets in ACP [code] .page_link {border:1px solid #8FA8C4;padding-left:5px;padding-right:5px;padding-top:2px;padding-bottom:2px;background-color: #F1F7FE;} .page_link a:link, .page_link a:visited, .page_link a:active{text-decoration: none;color:#000000;} .page_link_active {font-weight:bold;border:1px solid #345487; padding:5px;padding-top:4px;padding-bottom:4px;background-color: #FFCCCC;} .topic_page_link {border:1px solid #C2C2DF;padding-left:3px;padding-right:3px;padding-top:0px;padding-bottom:0px;background-color: #DFE6EF;} .topic_page_link a:link, .topic_page_link a:visited, .topic_page_link a:active{text-decoration: none;color:#000000;} [/code] If you want a space between the page symbols add a margin:..px; to the styles. [size=3][b]Request System[/b][/size] As described in the change log above this release implements a request system. User requests appear in ACP and the administrators can process those requests. [list][*]Successful processing requests for changing the member name will induce an email to the member to inform him about the change. Administrators cannot surpress sending the email. [*]Processing informal requests can induce sending an email. This depends on the admin decision.[/list] [size=3][b]Profile Fields[/b][/size] You will find a new option in ACP [arrow] Users and Groups [arrow] Profile Fields: Make Profile Fields searchable in member search. Now you can customize the location of profile fields: In the original version you could place the custom profile fields by inserting into skin_profile.php. In the new version you can use <--{CUSTOM.FIELDS}--> or or etc. according to the number of profile field in ACP. [size=3][b]Report System[/b][/size] In ACP [arrow] System Settings [arrow] Security & Privacy you will find a new option below of 'Disable 'Report this post to a moderator' link?': 'Report this post' as PM? If activated report messsages are sent as email [b]and[/b] as personal message in order to improve notification about reports. [size=3][b]Guidelines and Terms of Use[/b][/size] New in ACP [arrow] Board Guidelines: Board guidelines are language dependent and stored in lang_glines.php. The dialogue includes fields for editing the Terms of Use in registration process. Now you can use genuine html for board guidelines [b]and[/b] terms of use. [CUSTOMIZE_END] [COMMENT_MOD] This modification updates your Invisionboard 1.3.1 and adds all security code known after release date of 1.3.1. It adds more essential features e.g. like relative dates etc. If you want to apply this update package to IPB 1.3, you have first to update that version to IPB 1.3.1. At ibforen.de you can find instructions how to fix this. [COMMENT_MOD_END] [HISTORY_OLD] 2.5.1 [arrow] 2.5.2, dated on August 24th, 2009 [list][*]Bugfix for Online.php Multiple entries of mod code. Please take a look at the file and remove multiple instances of [code]//-- mod_sec_update_131 begin $this->first = max(0, $this->first); //-- mod_sec_update_131 begin[/code] and [code]//-- mod_sec_update_131 begin if ($fid != "" and ($act == 'SF' or $act == 'ST' or $act == 'Post' or $act='Print')) //-- mod_sec_update_131 begin[/code] Then install again with ModInstaller. [*]Bugfix for online list. Reason same as before. [*]Fix for wrong location in online list when using xajax functions Part A, Step 5 T (appears twice) [/list] 2.5.0 [arrow] 2.5.1, dated on March 29th, 2009 [list][*]Profile fields in registration process Settings in ACP [arrow] User & Groups (Part A Step 13, D, I and K (all new), Part B, Step 8 (new), Step 13) [*]Post preview can be switched on/off in User CP (Board Settings) (Part A Step 4, A, Step 16, J (new), Part B Step 25, C (new) [b][color=red]Do not forget to apply the changes for the mysql database. Use The ModInstaller![/color][/b]) [*]Bugfix for cookie problem with subdomains (Part B Step 14, B (new), D) [*]Bugfix for wrong st value, causing mysql error (not critical) (Part A Step 4, C (new), Step 6, A (new), Step 7, M (new), Step 9, B and D (new), Step 10, A (new), Step 14, C and G (new), Step 15, E (new), Part B Step 30 (new) ) [*]Bugfix for wrong character encoding in ajax functions Exchange mod_sec_update_func.php [/list] 2.4.5 [arrow] 2.5.0, dated on February 23th, 2009 [list][*]Preview of topics Preview in forum view (first and last post). Switch on in ACP. See section Customize how to enable domTT tooltips. (Part A Step 4, D and E (new), Step 15, C and D (new), Part B Step 8, B and L (new)) [*]Admin anonymous login Admin anonymous login is totally unvisible except for admins (no count in stats, no count in topics nor forums nor board stats) (Part A Step 3 (new), Step 4, C (new), Step 15, L (new)) [*]BBCode system improved for lists Now you can use list=12 or list=a,12 or list=i,3 in order to set the start value of the ordered list. (Part B, Step 22, B, C, D, E and F (all new), Step 22, L and M (changed)) [*]Guest restriction for attachments New Option in ACP Profiles for guest restriction from viewing and downloading attachments (Part A Step 5, P (new), Step 15, I (new), Part B Step 8, A and M (new), Part B Step 25, A (new)) [*]Fix for Attachment icons Best in conjunction with Mod Mimetypes (Part A Step 15, K) [*]Integrity Messenger Field Integrity Messenger removed from profile info (Part A Step 12, C and D (new), Step 15, N (new), Step 16, K (new), Part B Step 26, C (new)) [*]MSN Messenger Profile feature MSN Messenger updated to match the new service Live Messenger. Profile field should contain the Live identity like {i] (Live ID)[/i]. You can retrieve your ID with a new function in UserCP. Attention: I have added a small icon for the online/offline status to the existing msn icon. Communication between two popup messenger windows in IPB does not work yet. Perhaps a system bug of Live API. (Part A Step 7, I, R (new), Step 12, C (new), Step 15, A and M (new), Step 16, J and K (new), Part B Step 26, E (new)) [*]Fix for function load_template in functions.php Additional code for overriding skin ID. (Part A Step 5, C (changed) and D, E (new)) [*]Bugfix for function PopWindow Original Javascript function does not take care of position parameters because of a typo. (Part A Step 15, A (new)) [*]Fix for calculation of time zone using Internet Explorer (Part A Step 5, O (new)) [*]Bugfix for bad calcuation of the server load (Part A Step 5, N (new)) [*]Bugfix for acp access permission system (file sources/mods/sec_update_131_A/mod_sec_update_ad_func.php) [*]Bugfix for multi moderation (Part A Step 9, B (new)) [*]Macro images are shown language dependant (only if images in different languages exist) (Part B Step 2,A) [*]ACP [arrow] Users&Groups: Member search with wildcard * (Part B Step 6, F and H) [/list][size=3][b]Reinstall completely: Replace all mod files in sources/mods and the language files. New skin file is to be copied in all skin folders. Run my ModInstaller.[/b][/size] 2.4.4 [arrow] 2.4.5, dated on April 28th, 2008 [list][*]Bugfix for changing bad pcre ini-settings in PHP >5.2.0 (Part A Step 1, C, Step 2, C, Part B Step 4, A) [*]Changes for calculating timezone. It is now ajax based (Changes in Register.php, Usercp.php and in the mod functions in sources/mods/sec_update_131_A, Changes in the language files) [b]Attention[/b]: Replace all mod files. Do not forget the language files. New files in sources/xajax [/list] 2.4.3 [arrow] 2.4.4, dated on April 15th, 2008 [list][*]Fix for bad pcre ini-settings in PHP >5.2.0 (Part A Step 1, C, Step 2, C, Part B Step 4, A (new)) [*]Preview of message text in message list view.(Part A Step 6, M (new) and O (new), Part B Step 8, B (new) and C (new)) This feature is available, if domTT tooltip library is installed. See below in section Customize In [b]ACP [arrow] System Settings [arrow] PM Set up[/b] you can activate the preview [*]Timezone selection during registration process to avoid time problems (Part A Step 12, E (new)) [*]Timezone and daylight saving time (DST) calculated from ip address (Part A Step 15, H(new) and I (new)) [*]Topic prefix (pinned, moved, poll) in language files (Part A Step 15, A (new) and Part B Step 8, F, G, H, I (all new)) [*]Topic view follows UserCP setting "View images" for attachments (Part A Step 14, F (new)) [*]Topic view follows ACP User Profiles setting "Allow GUESTS to view posted images?" for embedded images (Part A Step 14, D (new) and F (new)) [*]Bugfix in index.php for language selection with non numerical directory names (Part A Step 2,E) [*]Bugfix for [b]list tag eats linefeeds[/b] (Part B Step 22, new G and H) [*]Bugfix for validating twice (Part A Step 12, new C,D and E, Step 15, new E) [*]Improved server information for Date&Time setting in ACP (Part B Step 8, E, modified language files lang_date.php) [*]Enabling moderator editing of pending topics and posts (Part A Step 8, new C and new D, Step 19, new C and new D) [*]Member online/offline status in message view dependant on group setting New: Part A, Step 6, G Modified Part A, Step 6, H See below how to customize the new feature in message view [/list] 2.4.2 [arrow] 2.4.3, dated on February 6th, 2008 [list][*]Bugfix in tar.php concerning tar files New: Part B, Step 23 [*]Bugfix for specific file names during upload process (names containing .php, .jar etc. in the middle) New: Part A, Step 10, B [*]Enables html bulk mails. Wrap your message with [html]<html>...</html>[/html] New: Part B, Step 15 [*]Fix for debug output in Search.php New: Part A, Step 13 C,D [*]Improved view of skin information in ACP New: Part B, Step 9, Step 10 A [/list] 2.4.1 [arrow] 2.4.2, dated on September 5th, 2007 [list][*]Registration takes care of the language set for this guest (useful for multilanguage forums) New: Part A, Step 12, E [*]Code added in index.php concerning language and skin selection for guests and members (useful for multilanguage forums) New: Part A, Step 2, E [/list] 2.4.0 [arrow] 2.4.1, dated on August 9th, 2007 [list][*]Bugfix for wrong config value [b]base_dir[/b] in some server environments (Part A, Step 1,C (new), Step 2,C (new)) [*]Bugfix for online/offline feature (Part A, Step 14,B) [*]Bugfix for Finetuning ACP Access concerning specific ACP modifications e.g. Arcade Mod (exchange mod_sec_update_ad_func.php) [/list] 2.3.4 [arrow] 2.4.0, dated on August 3rd, 2007 [list][*]Another Bugfix in Part A, Step 13, B, C (new) and D (formerly C). The bug can cause double displaying of posts in topic view [*]Bugfix in Part B, Step 4, B. The bug can cause an PHP error for a non valid stream resource [*]Bugfix for online list for printing visitors (Part A, new Step 9) [*]Fix for non existing modules folder (Part A new Step 1, B, new Step 2, B) [*]Bugfix for error message for banned users (Part A, new Step 4) [*]Bugfix in ACP for managing forums with subforums (Part B new Step 1) If the forum allows posting the bug causes lost topics and posts [*]Improved displaying of the targets in ACP delete form for forums (Part B new Step 1) [*]Fix for hardcoded language entries in User Control Panel and Messenger (Inbox, Sent Items) Entries for Inbox and Sent Items cannot get modified any longer Exchange mod_sec_lang_msg.php in all provided language folders [/list] [b]User Mode[/b] [list][*]PHP5 ready If you have installed my mod [b]IPB1.3 for PHP5[/b], you must remove that mod. [*]Relative dates as in IPB2.x If you have installed any mod that creates relative dates, you must remove that mod. [*]Time and calendar bugs fixed If you have installed my mod [b]Customize Date[/b], you must remove it. That mod is not required any longer. [*]Load Lang Bugfix (Against white pages, adds error message if language file not found) If you have installed my mod [b]Load Lang Bug[/b], you must remove it. That mod is not required any longer. [*]Extension Bugfix (Calculates the correct extension for dymanic images) If you have installed my mod [b]Extension Bug[/b], you must remove it. That mod is not required any longer. [*]Pipe Symbol Bugfix (| in usernames causes several errors) [*]Enables language dependant skins [*]Enables skin dependant emoticons, avatars, team icons and mime type icons [*]Enables appropriate mime type icons for attachments [/list] [b]Admin Mode[/b] [list][*]Update function removed (IPS does not provide any updates for IPB 1.3.x) [*]Skin&Languages [list][*]Filenames and function names added to sections and bits [*]Non default groups (e.g. added by modifications) show their functions in the original order [/list] [/list] [b]Security fixes[/b] [list][*]Includes critical security fix announced on 5th January, 2006 by IPS for IPB2.x [/list] 2.3.3 [arrow] 2.3.4, dated on June 15th, 2007 [list][*]Another Bugfix in Part A, Step 13, B. The bug can cause false online/offline status [/list] 2.3.2 [arrow] 2.3.3, dated on May 17th, 2007 [list][*]Bugfix in Part A, Step 13, B. The bug can cause multiple displaying of the same guest post [/list] 2.3.1 [arrow] 2.3.2, dated on May 16th, 2007 [list][*]Member online/offline status in topic view dependant on group setting [*]Changes for sql table ibf_search_results to enable post search for big databases [*]Fix for function load_words() in functions.php for empty lang files [*]Fix for relative dates in calendar events [*]Other fixes Update with The ModInstaller Do not forget to exchange lang/xx/lang_date.php and lang/xx/mod_sec_update_ad_lang.php [/list] 2.3.0 [arrow] 2.3.1, dated on January 8th, 2007 [list][*]Changes in sources/Admin/ad_index.php to meet environments with allow_url_fopen set off (Step 3, Part B) [*]Changes in sources/Admin/admin_functions.php to meet environments PHP 5.x with pcre.backtrack_limit != -1 (Step 9, Part F) [/list] 2.2.9 [arrow] 2.3.0, dated on December 4rd, 200 [list][*]Bugfix for IE XSS vulnerability concerning displaying images (photos, and avatars) [*]Non-root admins cannot edit or delete root admins [*]Non-root admins do not have access to critical ACP sections (System Settings, SQL Management, Admin Logs) [*]Finetuning of ACP access for non-root admins Remove mod_sec_lang_admin.php. The content is included in mod_sec_update_ad_lang.php Use my new version 1.3.1 of The ModInstaller [/list] 2.2.8 [arrow] 2.2.9 , dated on November 26th, 2006 [list][*]Bugfix for blocking error in ACP in case of ibforen downtime [*]Improvements for ACP menu for faster access [*]Logout button in ACP for security (e.g. in multi-user environments) [/list] 2.2.7 [arrow] 2.2.8 , dated on November 3rd, 2006 [list][*]Removes debug information for other groups than admins, if debug is accidently activated (index.php) [*]Update for regex_check_image function in post_parser.php to prevent XXS vulnerabilities [*]Bugfix for group prefix and suffix e.g. containing special html entities (ad_groups.php) [*]Bugfix in Admin notes for multiline comments (ad_index.php) [*]ACP [arrow] Skin&Templates [arrow] Sets: List in alphabetical order (ad_stylesets.php) [*]ACP [arrow] Skin&Templates [arrow] Macros: List in alphabetical order (ad_imagemacros.php) [/list] 2.2.6.2 [arrow] 2.2.7 , dated on September 26th, 2006 [list][*]Update information in ACP when an update of this mod is available [*]ACP left menu with new link to support site (language dependant) [*]ACP category [b]IPB Enhancements[/b] removed Changed files: sources/Admin/ad_index.php, sources/Admin/admin_functions.php and sources/Admin/admin_pages.php. That is in Part B of this mod New files: lang/xx/mod_sec_lang_admin.php This update is not critical. You can stay at version 2.2.6.2. [/list] 2.2.6.1 [arrow] 2.2.6.2 , dated on September 25th, 2006 [list][*]Enhancement of ACP Skin functionality: Return to last edit bits Changed files: sources/Admin/admin_functions.php and sources/Admin/ad_templates.php. That is in Part B of this mod [/list] 2.2.6 [arrow] 2.2.6.1 , dated on September 24th, 2006 [list][*]There was a bug in CodeChange.php for Part B concerning changes in sources/Admin/ad_index.php. Please reinstall the package, Part B or read the documentation for Part B [/list] 2.2.5 [arrow] 2.2.6 , dated on September 20th, 2006 [list][*]Fix for security hole in admin.php concerning PHP_SELF issues [*]Enhancements for function get_date() in functions.php Only Part A, Step 1, A and Step 4, C Exchange the language file lang_date.php [/list] 2.2.4 [arrow] 2.2.5 , dated on May, 26th 2006 [list][*]Fix for security hole in post_edit_post.php announced by IPS on May 22th, 2006 [/list] 2.2.3 [arrow] 2.2.4 , dated on May, 25th 2006 [list][*]Tracking of messages modified in order to meet data confidentiality Receipient of messages can send read receipts on his own decision [/list] 2.2.2 [arrow] 2.2.3 , dated on May, 10th 2006 [list][*]More bugfixes for security holes (new file is sources/Moderate.php) [*]Bugfix of this mod in sources/misc/stats.php Please use the ModInstaller [/list] 2.2.1 [arrow] 2.2.2 , dated on April, 28th 2006 [list][*]Bugfix in Profile.php for member's local time. Changes in Profile.php, Admin/admin_functions.php (get_time_offset()), functions.php (get_time_offset) [/list] 2.2 [arrow] 2.2.1 , dated on April, 27th 2006 [list][*]Includes more critical security fixes for sources/Forums.php and sources/Messenger.php (thanks to gulbida) [/list] 2.1.1 [arrow] 2.2 , dated on April, 26th 2006 [list][*]Includes critical security fix announced on 25th April, 2006 by IPS for IPB2.x (Search.php) [*]Bugfix for date functions [*]Bugfix for non alphanumeric characters in member name [/list] 2.1 [arrow] 2.1.1 , dated on March, 23th 2006 [list][*]Access to ACP secured admin.php can be named as you like it. The link [b]ACP[/b] in user mode does not redirect to that file. Call ACP directly by using the real script name. Changes in[list][*]admin.php [*]./sources/Admin/admin_functions.php [*]./sources/Admin/admin_skin.php [/list] [b]Attention[/b] Perhaps other mods, which are refering to admin.php, are affected by this changing. The ModInstaller will show errors if a mod wants to modify admin.php. In this case rename it back to admin.php, install the mod and rename it again to the secure name. [/list] 2.0.1 [arrow] 2.1 , dated on March, 5th 2006 [list][*]Mod split into 2 parts [/list] 2.0 [arrow] 2.0.1 , dated on March, 3th 2006 [list][*]Same steps 14, 18 cleaned [*]Bug in [b]Today's top 10 posters[/b] fixed (sources/mids/stats.php)[/list] 2.0 [arrow] 2.0.1 , dated on March, 3th 2006 [list][*]Same steps 14, 18 cleaned [*]Bug in [b]Today's top 10 posters[/b] fixed (sources/mids/stats.php)[/list] [b]2.0[/b] , dated on February, 29th 2006 [b]Only available for IPB 1.3.1. Make your IPB 1.3 ready for this mod[/b] 1.4.1 [arrow] 1.5 , dated on November, 23th 2005 [list][*]Bug [b]lastpost date in ibf_topics differs from post_date of lastpost in ibf_posts[/b] [/list] 1.4 [arrow] 1.4.1 , dated on October, 12th 2005 [list][*]Bug [b]clickable[/b] and [b]no_bad_words[/b] fixed in sources/lib/post_parser.php [/list] 1.3 [arrow] 1.4 , dated on September, 2th 2005 [list][*]sources/Post.php changed in function process_upload() [/list] 1.2 [arrow] 1.3 , dated on May, 10th 2005 [list][*]sources/lib/usercp_functions.php changed in function do_avatar() [/list] 1.1 [arrow] 1.2 , dated on April, 27th 2005 [list][*]sources/functions.php changed in function my_getcookie(..) [/list] 1.0 [arrow] 1.1 , dated on April, 25th 2005 [list][*]sources/Topics.php changed in function Topics() [*]sources/Search.php changed in function convert_highlite_words(..) [/list] Version 1.0 , dated on April, 19th 2005 [HISTORY_OLD_END]