Bokt.nl

1.i. Changes since 2.0.3

• Fixed cross-browser scripting issue with highlight param


• Back-ported highlighting code from phpBB 2.2


• Add session id validation to posting, profile, email, voting - Edwin van Vliet <- FINISH ME!


• Added {S_HIDDEN_FIELDS} template var to profile_send_email.tpl


• Added "intval" fix for flood check, may resolve some issues


• Added missing index to post_id for search_wordmatch


• Fixed spelling error in search add words preventing use of stopword list


• Fixed issue with search common words not being run


• Introduce viewtopic resync patch by Ashe


• Replace a for n in templating code


• Fixed ordering in memberslist


• Fixed group_id sequence issues with pgsql and msaccess <- FINISH ME!


• Fixed assumption of word censors in user notification


• Fixed incorrect display of quotes in user management fields


• Fixed entry of special chars in all profile fields - note this may cause temporary issues


• Fixed incorrect display of quotes when using avatar gallery


• Fixed missing username in email sent to users when admin activated


• Added check for non-empty smiley code and url in smiley admin


• Prevent display of -- sig seperator in emails when no board sig exists


• Fixed URL propagated sid issues with jumpbox


• Fixed wrong mode name check (polldelete) in functions_post


• Added missing root path to l10n image path check


• Remove validation of fields when deleting a user


• Fixed sort mode select box in memberslist to default to current mode


• Deny inline topic review listing to users without auth_read permissions


• Prevent display of topic notification checkbox if user cannot read forum


• Remove incorrect pre-pending of IP to uploaded avatars


• Fixed deletion of uploaded avatars when changing to remote/gallery


• Added check for non-blank line during install schema/basic sql ops


• Added sort ordering to Top Ten poster listing by request


• Fixed incorrect error report when altering case of username


• Added jumpbox output to modcp {JUMPBOX} will now work


• Fixed non-updating of users with MOD levels when deleting a forum


• Remove email to group moderator when approving new members


• Fixed non-handling of HTML in poll options


• Fixed non-deletion of polls when deleting forum and its posts


• Fixed moved shadow topic from being bumped upon reply


• Changed field size of timezone to decimal(5,2) where applicable


• Fixed missing sid append to URL when redirecting to newest reply


• Fixed missing slashes in private IP preg check


• Fixed session not setting userdata['user_id'] to ANON as appropriate


• Added check for non-empty name in disallow admin


• Fixed validation of SSL website addresses in profile


• Fixed inability of admins to upload avatars via user admin panel


• Fixed non-deletion of private message text upon full box overwrite


• Fixed incorrect error message in smiley admin


• Fixed incorrect alt-text for "Stop Watching Topic" image


• Temporary fix for missing lang strings in forum admin - translators should update their packages if not done already


• Use selected localisation during later stages of installation


• Fixed non-check of permissions when deleting a topic via Moderator Control Panel


• Fixed non-update of banlist upon user deletion


• Check approved users boxes by default in usergroup approve form


• Fixed non-appending of sid to backup meta refresh


• Fixed non-notification of no support for certain databases in backup/restore


• Added $images var to message die global declaration


• Fixed wrong string, Private_message in Private Messaging


• Add mail send result to error output


• Fixed non-appending of sid to Mozilla nav bar menu items


• Fixed incorrect profile linking from MSNM url in private messaging


• Grammatical errors in English lang_main fixed - Cluster


• Allow deletion of avatar and simultaneous upload/linking/gallery selection


• Fixed non-updating of user rank when changing from special to normal rank in rank admin


• Changed user topic notification default in schemas to 0 (off)


• Fixed non-XHTML compliant img tags in privmsg.php


• Fixed non-deletion of announcements and polls when removing forum contents in forum admin


• Fixed non-pruning of watched topics table when pruning related topics


• Enable GET redirect on logout


• Added check for IE6.x to viewtopic ICQ indicator javascript


• Fixed quoting of messages with MS-SQL (Username wasn't used in quote)

1.ii. Changes since 2.0.2

• Fixed potential cross-site scripting vulnerability with avatars - Showscout


• Fixed potential SQL rewrite issue in page header - missing contrib


• Fixed potential CSS/HTML rewrite on viewing in login - Marc Rees


• Fixed (hopefully) issue with MS Access and multiple pages

1.iii. Changes since 2.0.1

• Fixed missing "username" lang variable in user admin template


• Session work around for users behind rotating IPs - vHiker


• Fixed potential session user_id re-write - Ashe


• Fixed potential cross-browser scripting issue with BBCode URLs


• Fixed potential gallery avatar exploit - Ashe


• Fix sorting of smileys on each function call - Ashe/psoTFX


• Clear topic_mod text output in viewtopic - Lars


• Fix regex for avatar remote urls


• Fix non-updating of user post counts when deleting whole topics


• Increase time limit when sending topic reply notifications


• Set default forum when splitting topics


• Fix non-deletion of uploaded avatars when switching to gallery


• Removed various closing newlines from included files


• Add MAX_ROWS to HEAP table alter in install/upgrade - Ashe


• Update username maxlength for subSilver templates


• Allow ( and ) in BBCode [url] tags


• Fix non-quoting of # in username validation regexs


• Fix overlooked global var in private messaging


• Possible fix for \r\n email templates issues


• Fix missing str_replace for category title forum admin SQL


• Fix trailing , when sending emails via smtp


• Fix avatar issues in user admin


• Fix improper checking of email address ban in sessions


• Fix use of hard coded language strings in forum admin


• Fix missing closing ) in smilies admin


• Fix missing Username label in user admin


• Fix upgrade.php bug where conversion would not complete (and updated other scripts to match the changes)


• Fix problem with redirect and login.php


• Fix typo that could cause problems with sorting in the memberlist


• Fix emailer to allow sending emails with language-specific character sets