 |
[MAJ] Mise à jour manuelle 2.0.8 vers 2.0.10 |
  |
 |
| Auteur |
Message |
AideInfo
Administrateur
Expert phpBB
Inscrit le: 11 Juin 2002
Messages: 3919
|
 Posté le: 13 Jan 2005 23:59
Sujet du message: [MAJ] Mise à jour manuelle 2.0.8 vers 2.0.10 |
 |
|
phpBB 2.0.8 to phpBB 2.0.10 Code Changes
These are the Changes from phpBB 2.0.8 to phpBB 2.0.10 summed up into a little Mod. This might be very helpful if you want to update your Board and have installed a bunch of Mods. Then it's normally easier to apply the Code Changes than to install all Mods again.
When you find a 'AFTER, ADD'-Statement, the Code have to be added after the last line quoted in the 'FIND'-Statement.
When you find a 'BEFORE, ADD'-Statement, the Code have to be added before the first line quoted in the 'FIND'-Statement.
When you find a 'REPLACE WITH'-Statement, the Code quoted in the 'FIND'-Statement have to be replaced completely with the quoted Code in the 'REPLACE WITH'-Statement.
When you find a 'DELETE'-Statement, the Code have to be deleted.
After you have finished this tutorial, you have to upload the update_to_210.php file, execute it and then delete it from your webspace.
Ok, lets start:
-
FIND - Line 46
| Code: |
$default_config[$config_name] = $config_value;
|
REPLACE WITH
| Code: |
$default_config[$config_name] = isset($HTTP_POST_VARS['submit']) ? str_replace("'", "\'", $config_value) : $config_value;
|
-
FIND - Line 49
| Code: |
require('./pagestart.' . $phpEx);
|
AFTER, ADD
| Code: |
$confirm = ( isset($HTTP_POST_VARS['confirm']) ) ? TRUE : FALSE;
$cancel = ( isset($HTTP_POST_VARS['cancel']) ) ? TRUE : FALSE;
|
-
FIND - Line 335
| Code: |
AND u.user_session_time >= " . ( time() - 300 ) . "
|
REPLACE WITH
| Code: |
AND s.session_time >= " . ( time() - 300 ) . "
|
-
FIND - Line 27
| Code: |
die("Hacking attempt");
}
|
AFTER, ADD
| Code: |
//
function unset_vars(&$var)
{
while (list($var_name, $null) = @each($var))
{
unset($GLOBALS[$var_name]);
}
return;
}
//
|
FIND - Line 41
| Code: |
error_reporting (E_ERROR | E_WARNING | E_PARSE); // This will NOT report uninitialized variables
set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
|
AFTER, ADD
| Code: |
$ini_val = (@phpversion() >= '4.0.0') ? 'ini_get' : 'get_cfg_var';
// Unset globally registered vars - PHP5 ... hhmmm
if (@$ini_val('register_globals') == '1' || strtolower(@$ini_val('register_globals')) == 'on')
{
$var_prefix = 'HTTP';
$var_suffix = '_VARS';
$test = array('_GET', '_POST', '_SERVER', '_COOKIE', '_ENV');
foreach ($test as $var)
{
if (is_array(${$var_prefix . $var . $var_suffix}))
{
unset_vars(${$var_prefix . $var . $var_suffix});
@reset(${$var_prefix . $var . $var_suffix});
}
if (is_array(${$var}))
{
unset_vars(${$var});
@reset(${$var});
}
}
if (is_array(${'_FILES'}))
{
unset_vars(${'_FILES'});
@reset(${'_FILES'});
}
if (is_array(${'HTTP_POST_FILES'}))
{
unset_vars(${'HTTP_POST_FILES'});
@reset(${'HTTP_POST_FILES'});
}
}
// PHP5 with register_long_arrays off?
if (!isset($HTTP_POST_VARS) && isset($_POST))
{
$HTTP_POST_VARS = $_POST;
$HTTP_GET_VARS = $_GET;
$HTTP_SERVER_VARS = $_SERVER;
$HTTP_COOKIE_VARS = $_COOKIE;
$HTTP_ENV_VARS = $_ENV;
$HTTP_POST_FILES = $_FILES;
}
|
FIND - Line 153
| Code: |
$theme = array();
$images = array();
$lang = array();
|
AFTER, ADD
| Code: |
$nav_links = array();
|
FIND - Line 174
| Code: |
if( getenv('HTTP_X_FORWARDED_FOR') != '' )
{
$client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : $REMOTE_ADDR );
$entries = explode(',', getenv('HTTP_X_FORWARDED_FOR'));
reset($entries);
while (list(, $entry) = each($entries))
{
$entry = trim($entry);
if ( preg_match("/^([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)/", $entry, $ip_list) )
{
$private_ip = array('/^0\./', '/^127\.0\.0\.1/', '/^192\.168\..*/', '/^172\.((1[6-9])|(2[0-9])|(3[0-1]))\..*/', '/^10\..*/', '/^224\..*/', '/^240\..*/');
$found_ip = preg_replace($private_ip, $client_ip, $ip_list[1]);
if ($client_ip != $found_ip)
{
$client_ip = $found_ip;
break;
}
}
}
}
else
{
$client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : $REMOTE_ADDR );
}
|
REPLACE WITH
| Code: |
// I'm removing HTTP_X_FORWARDED_FOR ... this may well cause other problems such as
// private range IP's appearing instead of the guilty routable IP, tough, don't
// even bother complaining ... go scream and shout at the idiots out there who feel
// "clever" is doing harm rather than good ... karma is a great thing ... :)
//
$client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : $REMOTE_ADDR );
|
-
FIND - Line 37
| Code: |
// End session management
//
|
AFTER, ADD
| Code: |
// Set vars to prevent naughtiness
$faq = array();
|
FIND - Line 103
| Code: |
make_jumpbox('viewforum.'.$phpEx, $forum_id);
|
REPLACE WITH
| Code: |
make_jumpbox('viewforum.'.$phpEx);
|
-
FIND - Line 428
| Code: |
AND aa.group_id = g.group_id(+)";
|
REPLACE WITH
| Code: |
AND aa.group_id (+) = g.group_id";
|
FIND - Line 1152
| Code: |
// Select all group that the user is a member of or where the user has
// a pending membership.
//
|
AFTER, ADD
| Code: |
$in_group = array();
|
FIND - Line 1248
| Code: |
$s_hidden_fields = '';
|
REPLACE WITH
| Code: |
$s_hidden_fields = '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />';
|
-
FIND - Line 284
| Code: |
$text = preg_replace("#\[img\]((ht|f)tp://)([^ \?&=\"\n\r\t<]*?(\.(jpg|jpeg|gif|png)))\[/img\]#sie", "'[img:$uid]\\1' . str_replace(' ', '%20', '\\3') . '[/img:$uid]'", $text);
|
REPLACE WITH
| Code: |
$text = preg_replace("#\[img\]((http|ftp|https|ftps)://)([^ \?&=\#\"\n\r\t<]*?(\.(jpg|jpeg|gif|png)))\[/img\]#sie", "'[img:$uid]\\1' . str_replace(' ', '%20', '\\3') . '[/img:$uid]'", $text);
|
-
FIND - Line 190
| Code: |
if ( !empty($SID) )
{
$boxstring .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />';
}
|
REPLACE WITH
| Code: |
// Let the jumpbox work again in sites having additional session id checks.
// if ( !empty($SID) )
// {
$boxstring .= '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" />';
// }
|
FIND - Line 743
| Code: |
if (!empty($db))
{
$db->sql_close();
}
|
AFTER, ADD
| Code: |
if (strstr(urldecode($url), "\n") || strstr(urldecode($url), "\r"))
{
message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.');
}
|
- includes/functions_post.php
-
FIND - Line 772
| Code: |
$page_title = $lang['Review_topic'] . " - $topic_title";
|
REPLACE WITH
| Code: |
$page_title = $lang['Emoticons'] . " - $topic_title";
|
-
FIND - Line 94
| Code: |
$logged_hidden_online = 0;
$guests_online = 0;
$online_userlist = '';
|
AFTER, ADD
| Code: |
$l_online_users = '';
|
FIND - Line 115
| Code: |
$prev_user_ip = '';
|
REPLACE WITH
| Code: |
$prev_user_ip = $prev_session_ip = '';
|
-
FIND - Line 48
| Code: |
$sessiondata = array();
$session_id = ( isset($HTTP_GET_VARS['sid']) ) ? $HTTP_GET_VARS['sid'] : '';
$sessionmethod = SESSION_METHOD_GET;
}
|
AFTER, ADD
| Code: |
//
if (!preg_match('/^[A-Za-z0-9]*$/', $session_id))
{
$session_id = '';
}
|
FIND - Line 224
| Code: |
$sessiondata = array();
$session_id = ( isset($HTTP_GET_VARS['sid']) ) ? $HTTP_GET_VARS['sid'] : '';
$sessionmethod = SESSION_METHOD_GET;
}
|
AFTER, ADD
| Code: |
if (!preg_match('/^[A-Za-z0-9]*$/', $session_id))
{
$session_id = '';
}
|
FIND - Line 360
| Code: |
$sessionmethod = SESSION_METHOD_GET;
}
|
AFTER, ADD
| Code: |
if (!preg_match('/^[A-Za-z0-9]*$/', $session_id))
{
return;
}
|
- includes/usercp_avatar.php
-
FIND - Line 86
| Code: |
if ( !preg_match('#^((http)|(ftp):\/\/[\w\-]+?\.([\w\-]+\.)+[\w]+(:[0-9]+)*\/.*?\.(gif|jpg|jpeg|png)$)#is', $avatar_filename) )
|
REPLACE WITH
| Code: |
if ( !preg_match("#^((ht|f)tp://)([^ \?&=\#\"\n\r\t<]*?(\.(jpg|jpeg|gif|png))$)#is", $avatar_filename) )
|
- includes/usercp_viewprofile.php
-
FIND - Line 44
| Code: |
message_die(GENERAL_ERROR, 'Could not obtain ranks information', '', __LINE__, __FILE__, $sql);
}
|
AFTER, ADD
| Code: |
$ranksrow = array();
|
-
FIND - Line 121
| Code: |
message_die(GENERAL_ERROR, 'Could not query categories list', '', __LINE__, __FILE__, $sql);
}
|
AFTER, ADD
| Code: |
$category_rows = array();
|
-
FIND - Line 96
| Code: |
$redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : '';
$redirect = str_replace('?', '&', $redirect);
|
AFTER, ADD
| Code: |
if (strstr(urldecode($redirect), "\n") || strstr(urldecode($redirect), "\r"))
{
message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.');
}
|
FIND - Line 116
| Code: |
$redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : "";
$redirect = str_replace("?", "&", $redirect);
|
AFTER, ADD
| Code: |
if (strstr(urldecode($redirect), "\n") || strstr(urldecode($redirect), "\r"))
{
message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.');
}
|
-
FIND - Line 238
| Code: |
'ROW_NUMBER' => $i + ( $HTTP_GET_VARS['start'] + 1 ),
|
REPLACE WITH
| Code: |
'ROW_NUMBER' => $i + ( $start + 1 ),
|
-
FIND - Line 841
| Code: |
'S_FORUM_SELECT' => make_forum_select("new_forum_id", false, $forum_id))
);
|
AFTER, ADD
| Code: |
//
// Define censored word matches
//
$orig_word = array();
$replacement_word = array();
obtain_word_list($orig_word, $replacement_word);
|
FIND - Line 847
| Code: |
$poster_id = $postrow[$i]['user_id'];
|
REPLACE WITH
| Code: |
$poster_id = $postrow[$i]['poster_id'];
|
DELETE - Line 879
| Code: |
//
// Define censored word matches
//
$orig_word = array();
$replacement_word = array();
obtain_word_list($orig_word, $replacement_word);
|
-
FIND - Line 33
| Code: |
$params = array('submit' => 'post', 'confirm' => 'confirm', 'preview' => 'preview', 'delete' => 'delete', 'poll_delete' => 'poll_delete', 'poll_add' => 'add_poll_option', 'poll_edit' => 'edit_poll_option', 'mode' => 'mode');
|
REPLACE WITH
| Code: |
$params = array('submit' => 'post', 'preview' => 'preview', 'delete' => 'delete', 'poll_delete' => 'poll_delete', 'poll_add' => 'add_poll_option', 'poll_edit' => 'edit_poll_option', 'mode' => 'mode');
|
FIND - Line 45
AFTER, ADD
| Code: |
$confirm = isset($HTTP_POST_VARS['confirm']) ? true : false;
|
-
FIND - Line 215
| Code: |
$pm_sql_user .= "AND ( ( pm.privmsgs_to_userid = " . $userdata['user_id'] . "
|
REPLACE WITH
| Code: |
$pm_sql_user = "AND ( ( pm.privmsgs_to_userid = " . $userdata['user_id'] . "
|
FIND - Line 496
| Code: |
$temp_url = append_sid("privmsg.$phpEx?mode=post&" . POST_USERS_URL . "=$poster_id");
|
REPLACE WITH
| Code: |
$temp_url = append_sid("privmsg.$phpEx?mode=post&" . POST_USERS_URL . "=$user_id_from");
|
FIND - Line 1045
| Code: |
OR privmsgs_type = " . PRIVMSGS_UNERAD_MAIL . " ) ";
|
REPLACE WITH
| Code: |
OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " ) ";
|
FIND - Line 1855
| Code: |
$post_new_mesg_url = '<a href="' . append_sid("privmsg.$phpEx?mode=post") . '"><img src="' . $images['post_new'] . '" alt="' . $lang['Post_new_message'] . '" border="0" /></a>';
|
REPLACE WITH
| Code: |
$post_new_mesg_url = '<a href="' . append_sid("privmsg.$phpEx?mode=post") . '"><img src="' . $images['post_new'] . '" alt="' . $lang['Send_a_new_message'] . '" border="0" /></a>';
|
FIND - Line 1935
| Code: |
$limit_msg_time = '';
$post_days = 0;
|
REPLACE WITH
| Code: |
$limit_msg_time = $limit_msg_time_total = '';
$msg_days = 0;
|
FIND - Line 2066
| Code: |
'U_POST_NEW_TOPIC' => $post_new_topic_url)
|
REPLACE WITH
| Code: |
'U_POST_NEW_TOPIC' => append_sid("privmsg.$phpEx?mode=post"))
|
-
FIND - Line 86
| Code: |
if ( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
{
$mode = ( isset($HTTP_GET_VARS['mode']) ) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
|
AFTER, ADD
| Code: |
$mode = htmlspecialchars($mode);
|
-
FIND - Line 62
| Code: |
$search_author = ( isset($HTTP_POST_VARS['search_author']) ) ? $HTTP_POST_VARS['search_author'] : $HTTP_GET_VARS['search_author'];
|
AFTER, ADD
| Code: |
$search_author = htmlspecialchars($search_author);
|
FIND - Line 113
| Code: |
$search_time = time() - ( ( ( !empty($HTTP_POST_VARS['search_time']) ) ? intval($HTTP_POST_VARS['search_time']) : intval($HTTP_GET_VARS['search_time']) ) * 86400 );
}
else
{
$search_time = 0;
}
|
REPLACE WITH
| Code: |
$search_time = time() - ( ( ( !empty($HTTP_POST_VARS['search_time']) ) ? intval($HTTP_POST_VARS['search_time']) : intval($HTTP_GET_VARS['search_time']) ) * 86400 );
$topic_days = (!empty($HTTP_POST_VARS['search_time'])) ? intval($HTTP_POST_VARS['search_time']) : intval($HTTP_GET_VARS['search_time']);
}
else
{
$search_time = 0;
$topic_days = 0;
}
|
-
FIND - Line 49
| Code: |
'L_WHOSONLINE' => $lang['Who_is_online'],
|
REPLACE WITH
| Code: |
'L_WHOSONLINE' => $lang['Who_is_Online'],
|
-
FIND - Line 66
| Code: |
if ( isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_sid']) || isset($HTTP_GET_VARS['sid']) )
{
$session_id = isset($HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_sid']) ? $HTTP_COOKIE_VARS[$board_config['cookie_name'] . '_sid'] : $HTTP_GET_VARS['sid'];
|
AFTER, ADD
| Code: |
if (!preg_match('/^[A-Za-z0-9]*$/', $session_id))
{
$session_id = '';
}
|
_________________
Services gratuits
phpBB-Tutoriaux, tous les tutoriaux pour débuter et utiliser phpBB |
|
|
 |
|
 |
 |
Informations |
|
| Page 1 sur 1 |
|
| Permissions: |
Vous ne pouvez pas poster de nouveaux sujets dans ce forum
Vous ne pouvez pas répondre aux sujets dans ce forum
Vous ne pouvez pas éditer vos messages dans ce forum
Vous ne pouvez pas supprimer vos messages dans ce forum
Vous ne pouvez pas voter dans les sondages de ce forum
|
|
|
|
Messagerie privée
Retour au site
