'FIND' - Bul
'AFTER, ADD' - Kodun Sonrasına Ekle
'BEFORE, ADD' - Kodun Öncesine Ekle
'REPLACE WITH' - Kodu Bununla Değiştir
Kodlar değiştikten sonra altta verdiğim güncelleme download linkinin içinden update_to_2011.php dosyasını root dizinine attıktan sonra http://www.siteadı.com/phpBB/update_to_211.php yazarak scriptin yüklemeyi tamamlamasını bekleyin.Ardından dosyayı silin.
Aynı şekilde dosyanın içindeki usercp_confirm.php dosyasını includes/ klasörüne gönderin.
Güncelleme Download Linki: http://www.opentools.de/files/phpBB-2.0 ... 2.0.11.zip
- admin/admin_board.php[/color][/size]
-
FIND - Line 100
AFTER, ADD
Kod: Tümünü seç
$activation_user = ( $new['require_activation'] == USER_ACTIVATION_SELF ) ? "checked=\"checked\"" : ""; $activation_admin = ( $new['require_activation'] == USER_ACTIVATION_ADMIN ) ? "checked=\"checked\"" : "";
Kod: Tümünü seç
$confirm_yes = ($new['enable_confirm']) ? 'checked="checked"' : ''; $confirm_no = (!$new['enable_confirm']) ? 'checked="checked"' : '';
-
FIND - Line 166
AFTER, ADD
Kod: Tümünü seç
"L_NONE" => $lang['Acc_None'], "L_USER" => $lang['Acc_User'], "L_ADMIN" => $lang['Acc_Admin'],
Kod: Tümünü seç
"L_VISUAL_CONFIRM" => $lang['Visual_confirm'], "L_VISUAL_CONFIRM_EXPLAIN" => $lang['Visual_confirm_explain'],
- common.php[/color][/size]
-
FIND - Line 28
REPLACE WITH
Kod: Tümünü seç
function unset_vars(&$var) { while (list($var_name, $null) = @each($var)) { unset($GLOBALS[$var_name]); } return; } // error_reporting (E_ERROR | E_WARNING | E_PARSE); // This will NOT report uninitialized variables set_magic_quotes_runtime(0); // Disable magic_quotes_runtime $ini_val = (@phpversion() >= '4.0.0') ? 'ini_get' : 'get_cfg_var'; // Unset globally registered vars - PHP5 ... hhmmm if (@$ini_val('register_globals') == '1' || strtolower(@$ini_val('register_globals')) == 'on') { $var_prefix = 'HTTP'; $var_suffix = '_VARS'; $test = array('_GET', '_POST', '_SERVER', '_COOKIE', '_ENV'); foreach ($test as $var) { if (is_array(${$var_prefix . $var . $var_suffix})) { unset_vars(${$var_prefix . $var . $var_suffix}); @reset(${$var_prefix . $var . $var_suffix}); } if (is_array(${$var})) { unset_vars(${$var}); @reset(${$var}); } } if (is_array(${'_FILES'})) { unset_vars(${'_FILES'}); @reset(${'_FILES'}); } if (is_array(${'HTTP_POST_FILES'})) { unset_vars(${'HTTP_POST_FILES'}); @reset(${'HTTP_POST_FILES'}); } } // PHP5 with register_long_arrays off? if (!isset($HTTP_POST_VARS) && isset($_POST)) { $HTTP_POST_VARS = $_POST; $HTTP_GET_VARS = $_GET; $HTTP_SERVER_VARS = $_SERVER; $HTTP_COOKIE_VARS = $_COOKIE; $HTTP_ENV_VARS = $_ENV; $HTTP_POST_FILES = $_FILES;
Kod: Tümünü seç
error_reporting (E_ERROR | E_WARNING | E_PARSE); // This will NOT report uninitialized variables set_magic_quotes_runtime(0); // Disable magic_quotes_runtime // The following code (unsetting globals) was contributed by Matt Kavanagh // PHP5 with register_long_arrays off? if (!isset($HTTP_POST_VARS) && isset($_POST)) { $HTTP_POST_VARS = $_POST; $HTTP_GET_VARS = $_GET; $HTTP_SERVER_VARS = $_SERVER; $HTTP_COOKIE_VARS = $_COOKIE; $HTTP_ENV_VARS = $_ENV; $HTTP_POST_FILES = $_FILES; // _SESSION is the only superglobal which is conditionally set if (isset($_SESSION)) { $HTTP_SESSION_VARS = $_SESSION; } } if (@phpversion() < '4.0.0') { // PHP3 path; in PHP3, globals are _always_ registered // We 'flip' the array of variables to test like this so that // we can validate later with isset($test[$var]) (no in_array()) $test = array('HTTP_GET_VARS' => NULL, 'HTTP_POST_VARS' => NULL, 'HTTP_COOKIE_VARS' => NULL, 'HTTP_SERVER_VARS' => NULL, 'HTTP_ENV_VARS' => NULL, 'HTTP_POST_FILES' => NULL); // Loop through each input array @reset($test); while (list($input,) = @each($test)) { while (list($var,) = @each($$input)) { // Validate the variable to be unset if (!isset($test[$var]) && $var != 'test' && $var != 'input') { unset($$var); } } } } else if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on') { // PHP4+ path // Not only will array_merge give a warning if a parameter // is not an array, it will actually fail. So we check if // HTTP_SESSION_VARS has been initialised. if (!isset($HTTP_SESSION_VARS)) { $HTTP_SESSION_VARS = array(); } // Merge all into one extremely huge array; unset // this later $input = array_merge($HTTP_GET_VARS, $HTTP_POST_VARS, $HTTP_COOKIE_VARS, $HTTP_SERVER_VARS, $HTTP_SESSION_VARS, $HTTP_ENV_VARS, $HTTP_POST_FILES); unset($input['input']); while (list($var,) = @each($input)) { unset($$var); } unset($input);
- groupcp.php[/color][/size]
-
FIND - Line 475
REPLACE WITH
Kod: Tümünü seç
$username = ( isset($HTTP_POST_VARS['username']) ) ? htmlspecialchars($HTTP_POST_VARS['username']) : '';
Kod: Tümünü seç
$username = ( isset($HTTP_POST_VARS['username']) ) ? phpbb_clean_username($HTTP_POST_VARS['username']) : '';
- includes/constants.php[/color][/size]
-
FIND - Line 151
AFTER, ADD
Kod: Tümünü seç
// Table names
Kod: Tümünü seç
define('CONFIRM_TABLE', $table_prefix.'confirm');
- includes/functions.php[/color][/size]
-
FIND - Line 80
BEFORE, ADD
Kod: Tümünü seç
// // Get Userdata, $user can be username or user_id. If force_str is true, the username will be forced. //
Kod: Tümünü seç
// added at phpBB 2.0.11 to properly format the username function phpbb_clean_username($username) { $username = htmlspecialchars(rtrim(trim($username), "\\")); $username = substr(str_replace("\\'", "'", $username), 0, 25); $username = str_replace("'", "\\'", $username); return $username; }
-
FIND - Line 96
REPLACE WITH
Kod: Tümünü seç
$user = trim(htmlspecialchars($user)); $user = substr(str_replace("\\'", "'", $user), 0, 25); $user = str_replace("'", "\\'", $user);
Kod: Tümünü seç
$user = phpbb_clean_username($user);
- includes/functions_post.php[/color][/size]
-
FIND - Line 131
REPLACE WITH
Kod: Tümünü seç
$username = trim(strip_tags($username));
Kod: Tümünü seç
$username = phpbb_clean_username($username);
- includes/functions_search.php[/color][/size]
-
FIND - Line 438
REPLACE WITH
Kod: Tümünü seç
$username_search = preg_replace('/\*/', '%', trim(strip_tags($search_match)));
Kod: Tümünü seç
$username_search = preg_replace('/\*/', '%', phpbb_clean_username($search_match));
-
FIND - Line 472
REPLACE WITH
Kod: Tümünü seç
'USERNAME' => ( !empty($search_match) ) ? strip_tags($search_match) : '',
Kod: Tümünü seç
'USERNAME' => (!empty($search_match)) ? phpbb_clean_username($search_match) : '',
- includes/topic_review.php[/color][/size]
-
FIND - Line 33
REPLACE WITH
Kod: Tümünü seç
if ( !isset($topic_id) ) { message_die(GENERAL_MESSAGE, 'Topic_not_exist'); }
Kod: Tümünü seç
if ( !isset($topic_id) || !$topic_id) { message_die(GENERAL_MESSAGE, 'Topic_post_not_exist'); }
- includes/usercp_register.php[/color][/size]
-
FIND - Line 24
AFTER, ADD
Kod: Tümünü seç
* ***************************************************************************/
Kod: Tümünü seç
/* This code has been modified from its original form by psoTFX @ phpbb.com Changes introduce the back-ported phpBB 2.2 visual confirmation code. NOTE: Anyone using the modified code contained within this script MUST include a relevant message such as this in usercp_register.php ... failure to do so will affect a breach of Section 2a of the GPL and our copyright png visual confirmation system : (c) phpBB Group, 2003 : All Rights Reserved */
-
FIND - Line 112
AFTER, ADD
Kod: Tümünü seç
$strip_var_list = array('username' => 'username', 'email' => 'email', 'icq' => 'icq', 'aim' => 'aim', 'msn' => 'msn', 'yim' => 'yim', 'website' => 'website', 'location' => 'location', 'occupation' => 'occupation', 'interests' => 'interests');
Kod: Tümünü seç
$strip_var_list['confirm_code'] = 'confirm_code';
-
FIND - Line 269
AFTER, ADD
Kod: Tümünü seç
$error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Fields_empty']; } }
Kod: Tümünü seç
if ($board_config['enable_confirm'] && $mode == 'register') { if (empty($HTTP_POST_VARS['confirm_id'])) { $error = TRUE; $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Confirm_code_wrong']; } else { $confirm_id = htmlspecialchars($HTTP_POST_VARS['confirm_id']); if (!preg_match('/^[A-Za-z0-9]+$/', $confirm_id)) { $confirm_id = ''; } $sql = 'SELECT code FROM ' . CONFIRM_TABLE . " WHERE confirm_id = '$confirm_id' AND session_id = '" . $userdata['session_id'] . "'"; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Could not obtain confirmation code', __LINE__, __FILE__, $sql); } if ($row = $db->sql_fetchrow($result)) { if ($row['code'] != $confirm_code) { $error = TRUE; $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Confirm_code_wrong']; } else { $sql = 'DELETE FROM ' . CONFIRM_TABLE . " WHERE confirm_id = '$confirm_id' AND session_id = '" . $userdata['session_id'] . "'"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Could not delete confirmation code', __LINE__, __FILE__, $sql); } } } else { $error = TRUE; $error_msg .= ( ( isset($error_msg) ) ? '<br />' : '' ) . $lang['Confirm_code_wrong']; } $db->sql_freeresult($result); } }
-
FIND - Line 903
AFTER, ADD
Kod: Tümünü seç
$template->assign_block_vars('switch_namechange_disallowed', array()); }
Kod: Tümünü seç
// Visual Confirmation $confirm_image = ''; if (!empty($board_config['enable_confirm']) && $mode == 'register') { $sql = 'SELECT session_id FROM ' . SESSIONS_TABLE; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Could not select session data', '', __LINE__, __FILE__, $sql); } if ($row = $db->sql_fetchrow($result)) { $confirm_sql = ''; do { $confirm_sql .= (($confirm_sql != '') ? ', ' : '') . "'" . $row['session_id'] . "'"; } while ($row = $db->sql_fetchrow($result)); $sql = 'DELETE FROM ' . CONFIRM_TABLE . " WHERE session_id NOT IN ($confirm_sql)"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Could not delete stale confirm data', '', __LINE__, __FILE__, $sql); } } $db->sql_freeresult($result); $sql = 'SELECT COUNT(session_id) AS attempts FROM ' . CONFIRM_TABLE . " WHERE session_id = '" . $userdata['session_id'] . "'"; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Could not obtain confirm code count', '', __LINE__, __FILE__, $sql); } if ($row = $db->sql_fetchrow($result)) { if ($row['attempts'] > 3) { message_die(GENERAL_MESSAGE, $lang['Too_many_registers']); } } $db->sql_freeresult($result); $confirm_chars = array('A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', '1', '2', '3', '4', '5', '6', '7', '8', '9'); list($usec, $sec) = explode(' ', microtime()); mt_srand($sec * $usec); $max_chars = count($confirm_chars) - 1; $code = ''; for ($i = 0; $i < 6; $i++) { $code .= $confirm_chars[mt_rand(0, $max_chars)]; } $confirm_id = md5(uniqid($user_ip)); $sql = 'INSERT INTO ' . CONFIRM_TABLE . " (confirm_id, session_id, code) VALUES ('$confirm_id', '". $userdata['session_id'] . "', '$code')"; if (!$db->sql_query($sql)) { message_die(GENERAL_ERROR, 'Could not insert new confirm code information', '', __LINE__, __FILE__, $sql); } unset($code); $confirm_image = (@extension_loaded('zlib')) ? '<img src="' . append_sid("profile.$phpEx?mode=confirm&id=$confirm_id") . '" alt="" title="" />' : '<img src="' . append_sid("profile.$phpEx?mode=confirm&id=$confirm_id&c=1") . '" alt="" title="" /><img src="' . append_sid("profile.$phpEx?mode=confirm&id=$confirm_id&c=2") . '" alt="" title="" /><img src="' . append_sid("profile.$phpEx?mode=confirm&id=$confirm_id&c=3") . '" alt="" title="" /><img src="' . append_sid("profile.$phpEx?mode=confirm&id=$confirm_id&c=4") . '" alt="" title="" /><img src="' . append_sid("profile.$phpEx?mode=confirm&id=$confirm_id&c=5") . '" alt="" title="" /><img src="' . append_sid("profile.$phpEx?mode=confirm&id=$confirm_id&c=6") . '" alt="" title="" />'; $s_hidden_fields .= '<input type="hidden" name="confirm_id" value="' . $confirm_id . '" />'; $template->assign_block_vars('switch_confirm', array()); }
-
FIND - Line 993
AFTER, ADD
Kod: Tümünü seç
'NEW_PASSWORD' => $new_password, 'PASSWORD_CONFIRM' => $password_confirm, 'EMAIL' => $email,
Kod: Tümünü seç
'CONFIRM_IMG' => $confirm_image,
-
FIND - Line 1087
AFTER, ADD
Kod: Tümünü seç
'L_PROFILE_INFO' => $lang['Profile_info'], 'L_PROFILE_INFO_NOTICE' => $lang['Profile_info_warn'], 'L_EMAIL_ADDRESS' => $lang['Email_address'],
Kod: Tümünü seç
'L_CONFIRM_CODE_IMPAIRED' => sprintf($lang['Confirm_code_impaired'], '<a href="mailto:' . $board_config['board_email'] . '">', '</a>'), 'L_CONFIRM_CODE' => $lang['Confirm_code'], 'L_CONFIRM_CODE_EXPLAIN' => $lang['Confirm_code_explain'],
- includes/usercp_sendpasswd.php[/color][/size]
-
FIND - Line 32
REPLACE WITH
Kod: Tümünü seç
$username = ( !empty($HTTP_POST_VARS['username']) ) ? trim(strip_tags($HTTP_POST_VARS['username'])) : '';
Kod: Tümünü seç
$username = ( !empty($HTTP_POST_VARS['username']) ) ? phpbb_clean_username($HTTP_POST_VARS['username']) : '';
- includes/usercp_viewprofile.php[/color][/size]
-
FIND - Line 172
AFTER, ADD
Kod: Tümünü seç
$page_title = $lang['Viewing_profile']; include($phpbb_root_path . 'includes/page_header.'.$phpEx);
Kod: Tümünü seç
if (function_exists('get_html_translation_table')) { $u_search_author = urlencode(strtr($profiledata['username'], array_flip(get_html_translation_table(HTML_ENTITIES)))); } else { $u_search_author = urlencode(str_replace(array('&', ''', '"', '<', '>'), array('&', "'", '"', '<', '>'), $profiledata['username'])); }
-
FIND - Line 235
REPLACE WITH
Kod: Tümünü seç
'U_SEARCH_USER' => append_sid("search.$phpEx?search_author=" . urlencode($profiledata['username'])),
Kod: Tümünü seç
'U_SEARCH_USER' => append_sid("search.$phpEx?search_author=" . $u_search_author),
- login.php[/color][/size]
-
FIND - Line 57
REPLACE WITH
Kod: Tümünü seç
$username = isset($HTTP_POST_VARS['username']) ? trim(htmlspecialchars($HTTP_POST_VARS['username'])) : ''; $username = substr(str_replace("\\'", "'", $username), 0, 25); $username = str_replace("'", "\\'", $username);
Kod: Tümünü seç
$username = isset($HTTP_POST_VARS['username']) ? phpbb_clean_username($HTTP_POST_VARS['username']) : '';
- privmsg.php[/color][/size]
-
FIND - Line 1135
REPLACE WITH
Kod: Tümünü seç
$to_username = $HTTP_POST_VARS['username'];
Kod: Tümünü seç
$to_username = phpbb_clean_username($HTTP_POST_VARS['username']);
-
FIND - Line 1340
REPLACE WITH
Kod: Tümünü seç
$to_username = ( isset($HTTP_POST_VARS['username']) ) ? trim(strip_tags(stripslashes($HTTP_POST_VARS['username']))) : '';
Kod: Tümünü seç
$to_username = (isset($HTTP_POST_VARS['username']) ) ? trim(htmlspecialchars(stripslashes($HTTP_POST_VARS['username']))) : '';
-
FIND - Line 1711
REPLACE WITH
Kod: Tümünü seç
'USERNAME' => preg_replace($html_entities_match, $html_entities_replace, $to_username),
Kod: Tümünü seç
'USERNAME' => $to_username,
- profile.php[/color][/size]
-
FIND - Line 103
AFTER, ADD
Kod: Tümünü seç
include($phpbb_root_path . 'includes/usercp_register.'.$phpEx); exit; }
Kod: Tümünü seç
else if ( $mode == 'confirm' ) { // Visual Confirmation if ( $userdata['session_logged_in'] ) { exit; } include($phpbb_root_path . 'includes/usercp_confirm.'.$phpEx); exit; }
- search.php[/color][/size]
-
FIND - Line 63
REPLACE WITH
Kod: Tümünü seç
$search_author = htmlspecialchars($search_author);
Kod: Tümünü seç
$search_author = phpbb_clean_username($search_author);
- templates/subSilver/admin/board_config_body.tpl[/color][/size]
-
FIND - Line 38
AFTER, ADD
Kod: Tümünü seç
<tr> <td class="row2"><input type="radio" name="require_activation" value="{ACTIVATION_NONE}" {ACTIVATION_NONE_CHECKED} />{L_NONE} <input type="radio" name="require_activation" value="{ACTIVATION_USER}" {ACTIVATION_USER_CHECKED} />{L_USER} <input type="radio" name="require_activation" value="{ACTIVATION_ADMIN}" {ACTIVATION_ADMIN_CHECKED} />{L_ADMIN}</td> </tr>
Kod: Tümünü seç
<tr> <td class="row1">{L_VISUAL_CONFIRM}<br /><span class="gensmall">{L_VISUAL_CONFIRM_EXPLAIN}</span></td> <td class="row2"><input type="radio" name="enable_confirm" value="1" {CONFIRM_ENABLE} />{L_YES} <input type="radio" name="enable_confirm" value="0" {CONFIRM_DISABLE} />{L_NO}</td> </tr>
- viewtopic.php[/color][/size]
-
FIND - Line 486
REPLACE WITH
Kod: Tümünü seç
$words = explode(' ', trim(htmlspecialchars(urldecode($HTTP_GET_VARS['highlight']))));
Kod: Tümünü seç
$words = explode(' ', trim(htmlspecialchars($HTTP_GET_VARS['highlight'])));