Rev Author Line No. Line
130 kaklik 1 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
2 <html>
3 <head>
4 <meta http-equiv="Content-Type" content="text/html">
5 <meta http-equiv="Content-Style-Type" content="text/css">
6 <title>phpBB 2.0.x :: Changelog</title>
7 <link rel="stylesheet" href="../templates/subSilver/subSilver.css" type="text/css" />
8 <style type="text/css">
9 <!--
10 p,ul,td {font-size:10pt;}
11 .h2 {font-size:15pt;font-weight:bold;color:red}
12 .h3 {font-size:12pt;color:blue}
13 //-->
14 </style>
15 </head>
16 <body bgcolor="#E5E5E5" text="#000000" link="#006699" vlink="#006699">
17  
18 <table width="100%" border="0" cellspacing="0" cellpadding="10" align="center">
19 <tr>
20 <td class="bodyline"><table width="100%" border="0" cellspacing="0" cellpadding="0">
21 <tr>
22 <td>
23  
24 <table width="100%" border="0" cellspacing="0" cellpadding="0">
25 <tr>
26 <td><img src="../templates/subSilver/images/logo_phpBB.gif" border="0" alt="phpBB 2 : Creating Communities" vspace="1" /></a></td>
27 <td align="center" width="100%" valign="middle"><span class="maintitle">phpBB 2.0.x CHANGELOG</span></td>
28 </tr>
29 </table>
30  
31 <!-- BEGIN DOCUMENT -->
32 <ol>
33 <li><a href="#changelog">Changelog</a></li>
34 <ol type="i">
35 <li><a href="#2020">Changes since 2.0.20</a></li>
36 <li><a href="#2019">Changes since 2.0.19</a></li>
37 <li><a href="#2018">Changes since 2.0.18</a></li>
38 <li><a href="#2017">Changes since 2.0.17</a></li>
39 <li><a href="#2016">Changes since 2.0.16</a></li>
40 <li><a href="#2015">Changes since 2.0.15</a></li>
41 <li><a href="#2014">Changes since 2.0.14</a></li>
42 <li><a href="#2013">Changes since 2.0.13</a></li>
43 <li><a href="#2012">Changes since 2.0.12</a></li>
44 <li><a href="#2011">Changes since 2.0.11</a></li>
45 <li><a href="#2010">Changes since 2.0.10</a></li>
46 <li><a href="#209">Changes since 2.0.9</a></li>
47 <li><a href="#208">Changes since 2.0.8</a></li>
48 <li><a href="#207">Changes since 2.0.7</a></li>
49 <li><a href="#206">Changes since 2.0.6</a></li>
50 <li><a href="#205">Changes since 2.0.5</a></li>
51 <li><a href="#204">Changes since 2.0.4</a></li>
52 <li><a href="#203">Changes since 2.0.3</a></li>
53 <li><a href="#202">Changes since 2.0.2</a></li>
54 <li><a href="#201">Changes since 2.0.1</a></li>
55 <li><a href="#200">Changes since 2.0.0</a></li>
56 <li><a href="#final">Changes since RC-4</a></li>
57 <li><a href="#rc4">Changes since RC-3</a></li>
58 <li><a href="#rc3">Changes since RC-2</a></li>
59 <li><a href="#rc2">Changes since RC-1</a></li>
60 <li><a href="#rc1">Changes since RC-1 (pre)</a></li>
61 </ol>
62 <li><a href="#disclaimer">Disclaimer</a></li>
63 </ol>
64  
65 <a name="changelog"></a><h2 class="h2"><u>1. Changelog</u></h2>
66  
67 <p>This is a non-exhaustive (but still near complete) changelog for phpBB 2.0.x including beta and release candidate versions. Our thanks to all those people who've contributed bug reports and code fixes.</p>
68  
69 <a name="2020"></a><h3 class="h3">l.i. Changes since 2.0.20</h3>
70  
71 <ul>
72 <li>[Fix] Changes to random number generator code to explicitly truncate the length of the string</li>
73 <li>[Fix] Quoting on boards with HTML enabled</li>
74 <li>[Fix] Special characters on boards with HTML enabled</li>
75 <li>[Fix] Redirect to list if cancelling deletion of ranks, smilies or word censors</li>
76 <li>[Fix] Missing error message if an inactive user tried to login (Bug #1598)</li>
77 <li>[Fix] Do not alter post counts when just removing a poll (Bug #1602)</li>
78 <li>[Fix] Correct error in removal of old session keys</li>
79 <li>[Fix] Changed filtering of short search terms</li>
80 <li>[Sec] Improved filtering on language selection (also addresses a number of bug reports related to missing languages)</li>
81 <li>[Change] Backported more efficient highlighting code from Olympus</li>
82 <li>[Change] Backported zlib emulation code so that there is only a single confirmation image even if zlib is not available</li>
83 </ul>
84  
85  
86 <a name="2019"></a><h3 class="h3">l.ii. Changes since 2.0.19</h3>
87  
88 <ul>
89 <li>[Fix] Prevent login attempts from incrementing for inactive users</li>
90 <li>[Fix] Do not check maximum login attempts on re-authentication to the admin panel - tomknight</li>
91 <li>[Fix] Regenerate session keys on password change</li>
92 <li>[Fix] retrieving category rows in index.php (Bug #90)</li>
93 <li>[Fix] improved index performance by determining the permissions before iterating through all forums (Bug #91)</li>
94 <li>[Fix] Better handling of short usernames within the search (bug #105)</li>
95 <li>[Fix] Send a no-cache header on admin pages as well as normal board pages (Bug #149)</li>
96 <li>[Fix] Apply word censors to the message when quoting it (Bug #405)</li>
97 <li>[Fix] Improved performance of query in admin_groups (Bug #753)</li>
98 <li>[Fix] Workaround for an issue in either PHP or MSSQL resulting in a space being returned instead of an empty string (bug #830)</li>
99 <li>[Fix] Correct use of default_style config value (Bug #861)</li>
100 <li>[Fix] Replace unneeded unset calls in admin_db_utilities.php - vanderaj</li>
101 <li>[Fix] Improved error handling in modcp.php</li>
102 <li>[Fix] Improved handling of forums to which the user does not have any explicit permissions - vanderaj</li>
103 <li>[Fix] Assorted fixes and cleanup of admin_ranks.php, now requires confirmation of deletions</li>
104 <li>[Fix] Assorted fixes and cleanup of admin_words.php, now requires confirmation of deletions</li>
105 <li>[Fix] Addition and editing of smilies can no longer be performed via GET, now requires confirmation of deletions</li>
106 <li>[Fix] Escape group names in admin_groups.php</li>
107 <li>[Sec] Replace strip_tags with htmlspecialchars in private message subject</li>
108 <li>[Sec] Some changes to HTML handling if enabled</li>
109 <li>[Sec] Escape any special characters in reverse dns - Anthrax101</li>
110 <li>[Sec] Typecast poll id values - Anthrax101</li>
111 <li>[Sec] Added configurable search flood control to reduce the effect of DoS style attacks</li>
112 <li>[Sec] Changed the way we create "random" values for use as keys - chinchilla/Anthrax101</li>
113 <li>[Change] Changed handling of the case where a selected style doesn't exist in the database</li>
114 <li>[Change] Changed handling of topic pruning to improve performance</li>
115 <li>[Change] Changed default forum permissions to only allow registered users to post in new forums</li>
116 </ul>
117  
118  
119 <a name="2018"></a><h3 class="h3">l.iii. Changes since 2.0.18</h3>
120  
121 <ul>
122 <li>[Fix] corrected index on session keys table under MS SQL</li>
123 <li>[Fix] added session keys table to backup</li>
124 <li>[Fix] delete session keys entries when deleting user</li>
125 <li>[Fix] changes to support MySQL 5.0</li>
126 <li>[Fix] changes to some of the admin files to improve efficiency and remove a potential error condition when building the menu</li>
127 <li>[Fix] change truncation of username length in usercp_register.php - BFUK</li>
128 <li>[Fix] incorrect path to avatars in admin_users.php (Bug #667)</li>
129 <li>[Fix] fixed get_userdata to support correct sql escaping (non-mysql dbs) - jarnaez</li>
130 <li>[Fix] fixed captcha for those not having the zlib extension enabled</li>
131 <li>[Change] Placed version information above who is online in admin panel for better visual presence</li>
132 <li>[Sec] fixed XSS issue (only valid for Internet Explorer) within the url bbcode</li>
133 <li>[Sec] fixed XSS issue if html tags are allowed and enabled</li>
134 <li>[Sec] added configurable maximum login attempts to prevent dictionary attacks</li>
135 </ul>
136  
137  
138 <a name="2017"></a><h3 class="h3">l.iv. Changes since 2.0.17</h3>
139  
140 <ul>
141 <li>[Fix] incorrect handling of password resets if admin activation is enabled (Bug #88)</li>
142 <li>[Fix] wrong topic redirection after login redirect (Bug #94)</li>
143 <li>[Fix] improved handling of username lists in admin_ug_auth.php (Bug #98)</li>
144 <li>[Fix] incorrect removal of bbcode_uid values if bbcode has been turned off (Bug #100)</li>
145 <li>[Fix] correctly preview signature if editing other users posts (Bug #101)</li>
146 <li>[Fix] incorrect alt tag on generated search images in groupcp.php, viewtopic.php and usercp_viewprofile.php (Bug #102)</li>
147 <li>[Fix] consistent forum ordering in all dropdown boxes (Bug #106)</li>
148 <li>[Fix] correctly get compression status in page_tail.php and page_footer_admin.php (Bug #117)</li>
149 <li>[Fix] set page title on summary page of groupcp.php (bug #125)</li>
150 <li>[Fix] correctly test style and avatar in usercp_register.php (bug #129 and #317)</li>
151 <li>[Fix] handling of reactivation notifications if admin activation is enabled (Bug #145)</li>
152 <li>[Fix] handling of both forms of translation information used in language packs (Bug #159)</li>
153 <li>[Fix] key length for activation keys fixed in usercp_sendpassword.php (Bug #171)</li>
154 <li>[Fix] use GENERAL_MESSAGE constant in message_die instead of MESSAGE (Bug #176)</li>
155 <li>[Fix] incorrect handling of move stubs (Bug #179)</li>
156 <li>[Fix] wrong mode_type in memberlist (Bug #187)</li>
157 <li>[Fix] SQL errors when setting maximum PMs to 0 (Bug #188)</li>
158 <li>[Fix] removed unused variable from topic_notify email template (Bug #210)</li>
159 <li>[Fix] removed unset variable from smilies popup window title (Bug #224)</li>
160 <li>[Fix] removed duplicate template assignment from admin_board.php (Bug #226)</li>
161 <li>[Fix] incorrect search link for guest posts in modcp.php (Bug #254)</li>
162 <li>[Fix] all users removed from topics watch table on special occassions (Bug #271)</li>
163 <li>[Fix] correctly check returned value from strpos in append_sid function (Bug #275)</li>
164 <li>[Fix] correctly display username in private message notification (Bug #278)</li>
165 <li>[Fix] fixed "var-by-ref" errors (Bug #322)</li>
166 <li>[Fix] changed redirection to installation (Bug #325)</li>
167 <li>[Fix] added timout of 10 seconds to version check (Bug #348)</li>
168 <li>[Fix] fixed user_level default in postgresql schema file (Bug #444)</li>
169 <li>[Fix] multiple minor HTML issues with subSilver</li>
170 <li>[Change] deprecated the use of some PHP 3 compatability functions in favour of the native equivalents</li>
171 <li>[Change] added 60 days limit for grabbing unread topics in index.php</li>
172  
173 <li>[Sec] backport of session keys system from olympus</li>
174 <li>[Sec] fixed email bans to use the same pattern as email validation and allow wildcard domain bans</li>
175 <li>[Sec] fixed validation of topic type when posting</li>
176 <li>[Sec] unset database password once it is no longer needed</li>
177 <li>[Sec] fixed potential to select images outside the specified path as avatars or smilies</li>
178 <li>[Sec] fix globals de-registration code for PHP5 - (Stefan Esser/Matt Kavanagh)</li>
179 <li>[Sec] changed avatar gallery code sections to prevent possible injection points (AnthraX101)</li>
180 <li>[Sec] signature field is not properly sanitised for user input when an error occurs while accessing the avatar gallery (AnthraX101)</li>
181 <li>[Sec] check to_username and ownership when editing a PM (AnthraX101)</li>
182 <li>[Sec] fixed ability to edit PM's you did not send (depablo84)</li>
183 <li>[Sec] compare imagetype on avatar uploading to match the file extension from uploaded file</li>
184 </ul>
185  
186 <a name="2016"></a><h3 class="h3">l.v. Changes since 2.0.16</h3>
187  
188 <ul>
189 <li>Added extra checks to the deletion code in privmsg.php - reported by party_fan</li>
190 <li>Fixed XSS issue in IE using the url BBCode</li>
191 <li>Fixed admin activation so that you must have administrator rights to activate accounts in this mode - reported by ieure</li>
192 <li>Fixed get_username returning wrong row for usernames beginning with numerics - reported by Ptirhiik</li>
193 <li>Pass username through phpbb_clean_username within validate_username function - AnthraX101</li>
194 <li>Fixed PHP error in message_die function</li>
195 <li>Fixed incorrect generation of {postrow.SEARCH_IMG} tag in viewtopic.php - reported by Double_J</li>
196 <li>Also fixed above issue in usercp_viewprofile.php</li>
197 <li>Fixed incorrect setting of user_level on pending members if a group is granted moderator rights - reported by halochat</li>
198 <li>Fixed ordering of forums on admin_ug_auth.php to be consistant with other pages</li>
199 <li>Correctly set username on posts when deleting a user from the admin panel</li>
200 </ul>
201  
202 <a name="2015"></a><h3 class="h3">l.vi. Changes since 2.0.15</h3>
203  
204 <ul>
205 <li>Fixed critical issue with highlighting - <b>Discovered and fix provided by Ron van Daal</b></li>
206 <li>Url descriptions able to be wrapped over more than one line again</li>
207 <li>Fixed bug with eAccelerator in admin_ug_auth.php</li>
208 <li>Check new_forum_id for existence in modcp.php - <b>alessnet</b></li>
209 <li>Prevent uploading avatars with no dimensions - <b>Xpert</b></li>
210 <li>Fixed bug in usercp_register.php, forcing avatar file removal without updating avatar informations within the database - <b>HenkPoley</b></li>
211 <li>Fixed bug in admin re-authentication redirect for servers not having index.php as one of their default files set</li>
212 </ul>
213  
214 <a name="2014"></a><h3 class="h3">l.vii. Changes since 2.0.14</h3>
215  
216 <ul>
217 <li>Fixed moderator status removal in groupcp.php</li>
218 <li>Removed newlines after ?&gt; on some files - <b>Thoul</b></li>
219 <li>Added admin re-authentication (admin needs to login seperatly to access the ACP) - backported from Olympus</li>
220 <li>Fixed vulnerability in url/bbcode handling functions - <b>PapaDos and Paul/Zhen-Xjell from CastleCops</b></li>
221 <li>Fixed issue in admin/admin_forums.php</li>
222 <li>Suppressed warning message for fsockopen in /includes/smtp.php - <b>Thoul</b></li>
223 <li>Fixed bug in admin/admin_smilies.php (admin is able to add empty smilies) - <b>Exy</b></li>
224 <li>Adjusted documents to reflect the urgent need to update the files too (not only running the database update script)</li>
225 <li>Updated the readme file</li>
226 <li>Added one new language variable</li>
227 <li>Added general error if accessing profile for a non-existent user</li>
228 <li>Changed session id generation to be more unique - <b>Henno Joosep</b></li>
229 <li>Fixed bug in highlight code to escape characters correctly</li>
230 <li>Reversed the 2.0.14 fix for postgresql because it produced more problems than it solves.</li>
231 <li>Added reference to article written by R45 about case-sensitivity in postgreSQL to the readme file</li>
232 <li>Fixed bypassing of validate_username on registration - Yen</li>
233 <li>Empty url/img bbcodes no longer get parsed</li>
234 </ul>
235  
236 <a name="2013"></a><h3 class="h3">l.viii. Changes since 2.0.13</h3>
237  
238 <ul>
239 <li>Hardened author and keyword search a bit to not allow very server intensive searches</li>
240 <li>Fixed full path disclosure in bad word parsing</li>
241 <li>Resetting complete userdata array in session code if authentication fails</li>
242 <li>Fixed bug in moderator control panel where certain parameters could lead to an "error creating new session" sql error</li>
243 <li>Fixed bug in session code where empty page ids could lead to an "error creating new session" sql error</li>
244 <li>Fixed html handling in signatures if html is turned off globally</li>
245 <li>Fixed install.php problem with PHP5 register_long_arrays option turned off</li>
246 <li>Fixed potential issues with styling system</li>
247 <li>Added correct class to login_body template file</li>
248 <li>Removed file db/oracle.php from package</li>
249 <li>Removed version number from message body page in /admin (if user is not an admin) - <b>mikelbeck</b></li>
250 <li>Fixed case-sensitivity issues in postgres7.php - <b>R45</b></li>
251 </ul>
252  
253 <a name="2012"></a><h3 class="h3">l.ix. Changes since 2.0.12</h3>
254  
255 <ul>
256 <li>Ommitted preg_replace warning in viewtopic due to improper working of preg_quote in PHP - originally reported by matrix_killer, fix submitted by another party</li>
257 <li>Fixed high severity issue in session handling allowing everyone gaining administrator rights. Please update as soon as possible.</li>
258 <li>Minimum requirements raised to PHP 4.0.3 or above due to fixing vulnerability issues breaking PHP3 compatibility.</li>
259 </ul>
260  
261 <a name="2011"></a><h3 class="h3">l.x. Changes since 2.0.11</h3>
262  
263 <ul>
264 <li>Added confirm table to admin_db_utilities.php</li>
265 <li>Prevented full path display on critical messages</li>
266 <li>Fixed full path disclosure in username handling caused by a PHP 4.3.10 bug - <b>AnthraX101</b></li>
267 <li>Added exclude list to unsetting globals (if register_globals is on) - <b>SpoofedExistence</b></li>
268 <li>Fixed arbitrary file disclosure vulnerability in avatar handling functions - <b>AnthraX101</b></li>
269 <li>Fixed arbitrary file unlink vulnerability in avatar handling functions - <b>AnthraX101</b></li>
270 <li>Removed version number from powered by line</li>
271 <li>Merged database update files to update_to_latest.php file</li>
272 <li>Fixed path disclosure bug in search.php caused by a PHP 4.3.10 bug (related to AnthraX101's discovery)</li>
273 <li>Fixed path disclosure bug in viewtopic.php caused by a PHP 4.3.10 bug - <b>matrix_killer</b></li>
274 </ul>
275  
276 <a name="2010"></a><h3 class="h3">l.xi. Changes since 2.0.10</h3>
277  
278 <ul>
279 <li>Fixed vulnerability in highlighting code (<b>very high severity, please update your installation as soon as possible</b>)</li>
280 <li>Fixed unsetting global vars - <b>Matt Kavanagh</b></li>
281 <li>Fixed XSS vulnerability in username handling - <b>AnthraX101</b></li>
282 <li>Fixed not confirmed sql injection in username handling - <b>warmth</b></li>
283 <li>Added check for empty topic id in topic_review function</li>
284 <li>Added visual confirmation mod to code base</li>
285 </ul>
286  
287 <a name="209"></a><h3 class="h3">l.xii. Changes since 2.0.9</h3>
288  
289 <ul>
290 <li>Fixed deleting of styles in admin_styles.php</li>
291 <li>Fixed wrong unsetting of variables introduced in phpBB 2.0.9, making the board non-functional for users with specific php.ini settings</li>
292 <li>Added code to let phpBB work with PHP5 for those having register_long_arrays set to off (default settings) - running phpBB 2.0.x with PHP5 is not supported at http://www.phpbb.com.</li>
293 <li>Fixed bug in admin_board.php for board settings having single quotes in it</li>
294 <li>Fixed "search by author" in search.php. Now it is possible to search for users with special chars in their name too</li>
295 <li>Fixed forum jumpbox propagating session id in moderator control pages</li>
296 <li>Added check for newlines at redirecting pages, to prevent http response splitting attacks - <b>Ory Segal and Amit Klein</b></li>
297 <li>Fixed visual confirmation code. The image was not created due to a wrong regular expression.</li>
298 </ul>
299  
300 <a name="208"></a><h3 class="h3">l.xiii. Changes since 2.0.8</h3>
301  
302 <ul>
303 <li>Fixed one vulnerability in admin_board.php - <b>Xore</b></li>
304 <li>Added checking for proper session id characters to sessions and viewtopic to prevent injections - <b>Bartlomiej Korupczynski</b></li>
305 <li>Fixed injection vulnerabilities possible with linked avatars</li>
306 <li>Implemented unsetting globalised variables</li>
307 <li>Limited confirm switch to POST variable in posting</li>
308 <li>Changed IP code in common.php to prevent IP spoofing, which might introduce some problems with private IP Ranges showing up. - <b>Wang Products</b></li>
309 <li>Updated visual confirmation mod [pre-edited files]</li>
310 <li>Moved obtaining word censors in modcp out of topic generation loop [increased performance/lower query count] - spotted by <b>R45</b></li>
311 <li>Added the ability to link to https/ftps sites using the img bbcode tag</li>
312 <li>Fixed user online information in admin/index.php</li>
313 <li>Fixed getting group moderator in groupcp.php if running oracle backend - spotted by <b>pakman</b></li>
314 <li>Fixed use of non-existing result variable in modcp (poster_id instead of user_id)</li>
315 <li>Fixed several vulnerabilities (XSS, SQL Injection and path disclosure) only possible with register_globals enabled - <b>Matthew C. Kavanagh, Janek Vind</b></li>
316 <li>Fixed problem with SID not delivered to next page in groupcp.php</li>
317 </ul>
318  
319 <a name="207"></a><h3 class="h3">l.xiv. Changes since 2.0.7</h3>
320  
321 <ul>
322 <li>Fixed several vulnerabilities in admin pages</li>
323 <li>Fixed sid checking code in admin/pagestart.php</li>
324 <li>Fixed injection vulnerabilities possible with the img bbcode tag</li>
325 <li>Limited allowed images in img bbcode tag to jpg, jpeg, gif and png</li>
326 <li>Fixed redirect problems - 2.0.7a</li>
327 <li>Fixed sql injection vulnerability in search - 2.0.7a</li>
328 <li>Fixed sql injection vulnerability in privmsg - 2.0.8a</li>
329 </ul>
330  
331 <a name="206"></a><h3 class="h3">1.xv. Changes since 2.0.6</h3>
332  
333 <ul>
334 <li>Fixed several vulnerabilities in modcp - <b>Robert Lavierck</b></li>
335 <li>Changed whois lookup address within admin index</li>
336 <li>Fixed potential vulnerability in viewtopic postorder - 2.0.6d</li>
337 <li>Updates to cope with Zend Optimizer 2.5 problems - 2.0.6d - <b>jetset</b></li>
338 <li>Force specialcharing of redirect variable in login - <b>Pit</b></li>
339 <li>Fixed potential vulnerability in viewtopic postdays - <b>GulfTech Security Research</b></li>
340 <li>Fixed potential vulnerability in viewforum topicdays - <b>GulfTech Security Research</b></li>
341 <li>Fixed potential vulnerability in modcp</li>
342 <li>Fixed potential vulnerability in avatar gallery</li>
343 </ul>
344  
345 <a name="205"></a><h3 class="h3">1.xvi. Changes since 2.0.5</h3>
346  
347 <ul>
348 <li>Fixed various email issues</li>
349 <li>Fixed registration email bug with Administrator Confirmation used</li>
350 <li>Fixed mass emailer</li>
351 <li>Fixed long post time issue</li>
352 <li>Fixed bug with usernames containing single quotes</li>
353 <li>Fixed word list bug - Word boundaries were not considered</li>
354 <li>Fixed vulnerability in style admin</li>
355 <li>Fixed sql injection vulnerability in viewtopic</li>
356 <li>Fixed vulnerability allowing server side variable access in search - <b>tendor</b></li>
357 <li>Fixed potential vulnerability in 2.0.5 login username entry - <b>throw away/eomer</b></li>
358 <li>Fixed sql injection with reset date format field in profile - <b>tendor</b></li>
359 </ul>
360  
361 <a name="204"></a><h3 class="h3">1.xvii. Changes since 2.0.4</h3>
362  
363 <ul>
364 <li>Removed user facing session_id checks</li>
365 <li>Fixed user self-activation after deactivation</li>
366 <li>Fixed incorrect functioning of phpbb_realpath</li>
367 <li>Fixed wrong path to database schema files within the upgrade script</li>
368 <li>Fixed double quote problem with username validation</li>
369 <li>Allow & within email addresses</li>
370 <li>Fixed email validation for banned email addresses</li>
371 <li>Removed underline from email domain validation</li>
372 <li>Fixed redirection for sentbox folder, installation and email</li>
373 <li>Fixed poll deletion</li>
374 <li>Fixed Mozilla navigation bar</li>
375 <li>Fixed URL bbcode parsing</li>
376 <li>Fixed database timeouts while searching the forums</li>
377 <li>Fixed wrong email return path in admin mass mailing - <b>netclectic</b></li>
378 <li>Fixed MS-SQL failures within the update script</li>
379 <li>Fixed memberlist sort order</li>
380 <li>Fixed not showing leading spaces within Code BBCode</li>
381 <li>Fixed problem with adding double quotes to subject titles</li>
382 <li>Remove username input field from profile when user cannot change name</li>
383 <li>Fixed pagination error with highlighting</li>
384 <li>Fixed errors if no smilies are installed</li>
385 <li>Fixed CSS issues with IE 5.2 on MacOS X</li>
386 <li>Fixed missing sid propagation problem within the Moderator Control Panel</li>
387 <li>Fixed language variables within Authentication error output</li>
388 <li>Removed doubled CSS class definitions within input fields</li>
389 <li>Fixed username change within the Administration Panel</li>
390 <li>Added missing &lt;tr&gt; tags to index_body.tpl</li>
391 <li>Added missing username language variable to admin index page</li>
392 <li>Fixed moderator status update if a usergroup got deleted</li>
393 <li>Fixed poll handling upon post edit</li>
394 <li>Fixed remove common words from search table if post get pruned - <b>Nuttzy99</b></li>
395 <li>Fixed behaviour on splitting topics if no checkbox is selected</li>
396 <li>Anonymous is no longer displayed within Username dropdown boxes</li>
397 <li>Fixed viewprofile redirection if an invalid mode was specified</li>
398 <li>Fixed fraction settings within determining common words - <b>Novan</b></li>
399 <li>Prevent admin change usernames to his own within the ACP</li>
400 <li>Activation email is sent to all admins</li>
401 <li>Fixed conversion of &amp; to &amp;amp; in appropriate cases</li>
402 <li>Fixed display of "greater than topics per page" announcements preventing display of normal posts</li>
403 <li>Added variable checks to database backup and restore screen</li>
404 <li>Prevented pm popup window from resetting after visiting avatar gallery</li>
405 <li>Fixed special character handling with word censor</li>
406 <li>Added SID to jumpbox</li>
407 <li>Fixed problems with usernames using html special chars</li>
408 <li>Added GMT + 13 to English lang_main, all translators are encouraged to do likewise</li>
409 <li>Deleted doubled 'U_MEMBERLIST' assignment from page_header.php</li>
410 <li>Fixed wrong display of Signature Checkbox while editing Private Message</li>
411 <li>Fixed disappearing post text if emoticon was inserted directly after pressing a BBCode button</li>
412 <li>Display correct alt-tag for smilies within postings</li>
413 <li>Prevented the ability to apply BBCode to website contents</li>
414 <li>Fixed maxlength issue with password field in login_body.tpl</li>
415 <li>Fixed possible username duplication issue with validation and username length</li>
416 <li>Fixed split words function to handle additional foreign characters</li>
417 <li>Changed empty email To Field to use a non-disclosure delimiter</li>
418 <li>Fixed wrong language var in install.php - FTP Config screen</li>
419 <li>Fixed alt tag for locked topic images in viewforum_body.tpl</li>
420 <li>Fixed typo in groupcp.php - $lang['Unsub_success'] instead of $lang['Usub_success']</li>
421 <li>Fixed timezone display</li>
422 <li>Fixed wrong display of author quote tag within profile - <b>Cl1mh4224rd</b></li>
423 <li>Added deletion of sessions of users whose account is deactivated</li>
424 <li>Added mail header X-MimeOLE to the emailer class</li>
425 <li>Prevent registration if user is logged in or user trying to register again</li>
426 <li>Prevent usage of char(255) in usernames</li>
427 <li>Added check for additional FORWARDED_FOR IP's - <b>cosmos</b></li>
428 <li>Fixed handling of non-selection of option when voting</li>
429 <li>Fixed potential xss issue with memberslist mode</li>
430 <li>Default English support for visual confirmation - translators are encouraged to support this</li>
431 </ul>
432  
433 <a name="203"></a><h3 class="h3">1.xviii. Changes since 2.0.3</h3>
434  
435 <ul>
436 <li>Fixed cross-browser scripting issue with highlight param</li>
437 <li>Back-ported highlighting code from phpBB 2.2</li>
438 <li>Add session id validation to posting, profile, email, voting - <b>Edwin van Vliet</b></li>
439 <li>Added {S_HIDDEN_FIELDS} template var to profile_send_email.tpl</li>
440 <li>Added "intval" fix for flood check, may resolve some issues</li>
441 <li>Added missing index to post_id for search_wordmatch</li>
442 <li>Fixed spelling error in search add words preventing use of stopword list</li>
443 <li>Fixed issue with search common words not being run</li>
444 <li>Introduce viewtopic resync patch by Ashe</li>
445 <li>Replace a for n in templating code</li>
446 <li>Fixed ordering in memberslist</li>
447 <li>Fixed group_id sequence issues with pgsql and msaccess</li>
448 <li>Fixed assumption of word censors in user notification</li>
449 <li>Fixed incorrect display of quotes in user management fields</li>
450 <li>Fixed entry of special chars in all profile fields - note this may cause temporary issues</li>
451 <li>Fixed incorrect display of quotes when using avatar gallery</li>
452 <li>Fixed missing username in email sent to users when admin activated</li>
453 <li>Added check for non-empty smiley code and url in smiley admin</li>
454 <li>Prevent display of -- sig seperator in emails when no board sig exists</li>
455 <li>Fixed URL propagated sid issues with jumpbox</li>
456 <li>Fixed wrong mode name check (polldelete) in functions_post</li>
457 <li>Added missing root path to l10n image path check</li>
458 <li>Remove validation of fields when deleting a user</li>
459 <li>Fixed sort mode select box in memberslist to default to current mode</li>
460 <li>Deny inline topic review listing to users without auth_read permissions</li>
461 <li>Prevent display of topic notification checkbox if user cannot read forum</li>
462 <li>Remove incorrect pre-pending of IP to uploaded avatars</li>
463 <li>Fixed deletion of uploaded avatars when changing to remote/gallery</li>
464 <li>Added check for non-blank line during install schema/basic sql ops</li>
465 <li>Added sort ordering to Top Ten poster listing by request</li>
466 <li>Fixed incorrect error report when altering case of username</li>
467 <li>Added jumpbox output to modcp {JUMPBOX} will now work</li>
468 <li>Fixed non-updating of users with MOD levels when deleting a forum</li>
469 <li>Remove email to group moderator when approving new members</li>
470 <li>Fixed non-handling of HTML in poll options</li>
471 <li>Fixed non-deletion of polls when deleting forum and its posts</li>
472 <li>Fixed moved shadow topic from being bumped upon reply</li>
473 <li>Changed field size of timezone to decimal(5,2) where applicable</li>
474 <li>Fixed missing sid append to URL when redirecting to newest reply</li>
475 <li>Fixed missing slashes in private IP preg check</li>
476 <li>Fixed session not setting userdata['user_id'] to ANON as appropriate</li>
477 <li>Added check for non-empty name in disallow admin</li>
478 <li>Fixed validation of SSL website addresses in profile</li>
479 <li>Fixed inability of admins to upload avatars via user admin panel</li>
480 <li>Fixed non-deletion of private message text upon full box overwrite</li>
481 <li>Fixed incorrect error message in smiley admin</li>
482 <li>Fixed incorrect alt-text for "Stop Watching Topic" image</li>
483 <li>Temporary fix for missing lang strings in forum admin - translators should update their packages if not done already</li>
484 <li>Use selected localisation during later stages of installation</li>
485 <li>Fixed non-check of permissions when deleting a topic via Moderator Control Panel</li>
486 <li>Fixed non-update of banlist upon user deletion</li>
487 <li>Check approved users boxes by default in usergroup approve form</li>
488 <li>Fixed non-appending of sid to backup meta refresh</li>
489 <li>Fixed non-notification of no support for certain databases in backup/restore</li>
490 <li>Added $images var to message die global declaration</li>
491 <li>Fixed wrong string, Private_message in Private Messaging</li>
492 <li>Add mail send result to error output</li>
493 <li>Fixed non-appending of sid to Mozilla nav bar menu items</li>
494 <li>Fixed incorrect profile linking from MSNM url in private messaging</li>
495 <li>Grammatical errors in English lang_main fixed - <b>Cluster</b></li>
496 <li>Allow deletion of avatar and simultaneous upload/linking/gallery selection</li>
497 <li>Fixed non-updating of user rank when changing from special to normal rank in rank admin</li>
498 <li>Changed user topic notification default in schemas to 0 (off)</li>
499 <li>Fixed non-XHTML compliant img tags in privmsg.php</li>
500 <li>Fixed non-deletion of announcements and polls when removing forum contents in forum admin</li>
501 <li>Fixed non-pruning of watched topics table when pruning related topics</li>
502 <li>Enable GET redirect on logout</li>
503 <li>Added check for IE6.x to viewtopic ICQ indicator javascript</li>
504 <li>Fixed empty username quoting with MS-SQL</li>
505 <li>Fixed BBCode url, magic url and img tags to allow most chars beyond domain names</li>
506 <li>Prevent parsing of -ve size values in BBCode size tag</li>
507 <li>Back ported HTML handler from 2.2, this may impact some boards which allow complex HTML - existing parser remains but commented out</li>
508 <li>Fixed parsing of word censors to not censor words within &lt; and &gt; tag delimiters</li>
509 <li>Fixed database utilities failing to backup data with MySQL</li>
510 <li>Fixed signature parsing in User Admin</li>
511 <li>Fixed missing class="post" tags in subSilver Admin templates</li>
512 <li>Fixes for paths under Apache2</li>
513 <li>Added wrap text with tag support for posting in Mozilla 1.1+</li>
514 <li>Fixed use of missing CSS classes in modcp_split, group_info_body, error_body and agreement</li>
515 <li>Fixed ability of users to edit polls even after they have received votes</li>
516 <li>Fixed header Location to be absolute URL as per HTTP 1.1 spec - noted by <b>PhilippK</b></li>
517 <li>Added additional session_id checks to MCP, topic subscription, PM and similar items</li>
518 <li>Fixed colour select box in posting_body to reset to Default colour after selection</li>
519 <li>Altered PM icon to show new image until messages have been read</li>
520 <li>Fixed incomplete deletion of PMs when removing the associated user</li>
521 <li>Fixed unread and new PM user counters to decrement appropriately in all situations</li>
522 <li>Fixed possible cross-site scripting issue with username search</li>
523 <li>Fixed some problems with gzip in combination with newer PHP versions and Mozilla</li>
524 <li>Fixed wrong maxlength in modcp_split.tpl subject field</li>
525 <li>Fixed inability to edit username of guest poster - <b>vHiker</b></li>
526 <li>Fixed ability for guests to post with certain registered usernames</li>
527 <li>Fixed various HTML issues to improve XHTML compliance - <b>Daz</b></li>
528 <li>Fixed missing template var {L_PM} for memberslist - <b>Daz</b></li>
529 <li>Fixed wrong key name for $images['Topic_un_watch'] - <b>Daz</b></li>
530 <li>Fixed missing template var {S_WATCH_TOPIC_IMG} for viewtopic - <b>Daz</b></li>
531 <li>Fixed missing default constraints for post table under MSSQL</li>
532 <li>Fixed incorrect field size for forum pruning - preventing days > 256</li>
533 <li>Fixed continuing redirect issues for broken web servers, e.g. IIS+CGI PHP</li>
534 <li>Fixed inability to use ftp as a protocol for the [img] tag</li>
535 <li>Fixed incorrect handling of [img] tags containing %20 encoded spaces</li>
536 <li>Added check for . within cookie_name, change to _ if present</li>
537 <li>Added SHOW_ONLINE constant to limit "users online" code operation to index and viewforum</li>
538 <li>Added "temporary" workaround for Apache2 + PHP module ignoring "private" cache header</li>
539 <li>Added workaround for modcp IP lookup and links to Anonymous user profile</li>
540 <li>Fixed broken bbcode parsing of quotes containing bbcode in the "username"</li>
541 <li>Fixed excess slashes in [quote=""] first pass encoding</li>
542 <li>Fixed rendering issue with quote button under Mozilla - <b>Daz</b></li>
543 <li>Grammatical errors in remaining core lang files fixed - <b>Cluster</b></li>
544 <li>Fixed bbcode quote breaking when username contained ] before [</li>
545 <li>Fixed duplicate group_id error during upgrade of users from phpBB 1.x</li>
546 <li>Fixed stripslashes() problem with the conversion of the config table from phpBB 1.x</li>
547 <li>Rejiggled validation code, may eliminate "Username disallowed" issues</li>
548 <li>Fixed differing initial "public" setting of forum permissions between different files</li>
549 <li>Added check for invalid (non-compliant) email addresses to upgrade script</li>
550 <li>Further redirect workarounds for broken servers, please direct further issues to the vendors</li>
551 <li>Added GMT + 13 to English lang_main, all translators are encouraged to do likewise</li>
552 <li>Added switch to default_lang email template if user lang template no longer exists</li>
553 <li>Fixed javascript error when selecting smiley containing a single quote</li>
554 <li>Update users watched topic if a post they made is split into a new topic</li>
555 <li>Fixed situations where email templates contain incorrect or missing subject lines</li>
556 <li>Fixed error when searching for posts and no forums exist</li>
557 <li>Fixed potential SQL vulnerability with marking of private messages - <b>Ulf Harnhammar</b></li>
558 </ul>
559  
560 <a name="202"></a><h3 class="h3">1.xix. Changes since 2.0.2</h3>
561  
562 <ul>
563 <li>Fixed potential cross-site scripting vulnerability with avatars - <b>Showscout</b></li>
564 <li>Fixed potential SQL rewrite issue in page header - <b>missing contrib</b></li>
565 <li>Fixed potential CSS/HTML rewrite on viewing in login - <b>Marc Rees</b></li>
566 <li>Fixed (hopefully) issue with MS Access and multiple pages</li>
567 </ul>
568  
569 <a name="201"></a><h3 class="h3">1.xx. Changes since 2.0.1</h3>
570  
571 <ul>
572 <li>Fixed missing "username" lang variable in user admin template</li>
573 <li>Session work around for users behind rotating IPs - <b>vHiker</b></li>
574 <li>Fixed potential session user_id re-write - <b>Ashe</b></li>
575 <li>Fixed potential cross-browser scripting issue with BBCode URLs</li>
576 <li>Fixed potential gallery avatar exploit - <b>Ashe</b></li>
577 <li>Fix sorting of smileys on each function call - <b>Ashe/psoTFX</b></li>
578 <li>Clear topic_mod text output in viewtopic - <b>Lars</b></li>
579 <li>Fix regex for avatar remote urls</li>
580 <li>Fix non-updating of user post counts when deleting whole topics</li>
581 <li>Increase time limit when sending topic reply notifications</li>
582 <li>Set default forum when splitting topics</li>
583 <li>Fix non-deletion of uploaded avatars when switching to gallery</li>
584 <li>Removed various closing newlines from included files</li>
585 <li>Add MAX_ROWS to HEAP table alter in install/upgrade - <b>Ashe</b></li>
586 <li>Update username maxlength for subSilver templates</li>
587 <li>Allow <b>(</b> and <b>)</b> in BBCode [url] tags</li>
588 <li>Fix non-quoting of <b>#</b> in username validation regexs</li>
589 <li>Fix overlooked global var in private messaging</li>
590 <li>Possible fix for \r\n email templates issues</li>
591 <li>Fix missing str_replace for category title forum admin SQL</li>
592 <li>Fix trailing <b>,</b> when sending emails via smtp</li>
593 <li>Fix avatar issues in user admin</li>
594 <li>Fix improper checking of email address ban in sessions</li>
595 <li>Fix use of hard coded language strings in forum admin</li>
596 <li>Fix missing closing <b>)</b> in smilies admin</li>
597 <li>Fix missing Username label in user admin</li>
598 <li>Fix upgrade.php bug where conversion would not complete (and updated other scripts to match the changes)</li>
599 <li>Fix problem with redirect and login.php</li>
600 <li>Fix typo that could cause problems with sorting in the memberlist</li>
601 <li>Fix emailer to allow sending emails with language-specific character sets</li>
602 </ul>
603  
604 <a name="200"></a><h3 class="h3">1.xxi. Changes since 2.0.0</h3>
605  
606 <ul>
607 <li>Fixed delete image bug for normal users</li>
608 <li>Fixed group control panel image links</li>
609 <li>Fixed missing L_POST variable in group control panel</li>
610 <li>Fixed missing user id when redirecting to email form after login</li>
611 <li>Fixed (a)ppend_sid function name error in group control panel</li>
612 <li>Fixed reset of post type when previewing a post</li>
613 <li>Fixed mass emailer include path error</li>
614 <li>Fixed potential SQL exploit</li>
615 <li>Fixed several minor subSilver issues</li>
616 <li>Fixed [quote] breaking HTML problem</li>
617 <li>Fixed problem with unclosed nested quotes</li>
618 <li>Fixed bad handling of automagic links at end of quotes</li>
619 <li>Fixed potential BBCode and avatar remote exploit</li>
620 <li>Altered email validation check to allow + in username as per RFC</li>
621 <li>Fixed incorrect behaviour with wildcards in disallowed usernames</li>
622 <li>Added missing append_sid for search view results as posts</li>
623 <li>Fixed incorrect clearing of current sessions for logged in users</li>
624 <li>Fixed user_timezone (cannot update user profile) problem</li>
625 <li>Added correct setting of moderator status for users during upgrade</li>
626 <li>Fixed handling of uploaded avatars if gallery avatar currently used</li>
627 <li>Fixed use of existing username for uploaded avatars</li>
628 <li>Fixed updating of topic reply stats when post is deleted</li>
629 <li>Fixed irrelevant error message when activating already active account</li>
630 <li>Fixed gzip compression problems with Netscape and some PHP versions</li>
631 <li>Fixed MS Access layer errors when using latest PHP versions</li>
632 <li>Fixed styles admin editing problems with MSSQL Server</li>
633 <li>Fixed logout issue when cancelling certain actions</li>
634 <li>Fixed missing text in certain admin links</li>
635 <li>Fixed opening of frame within frame when logging into admin</li>
636 <li>Fixed incorrect ordering of search results by time</li>
637 <li>Fixed fulltext searching failure with MS Access</li>
638 <li>Hopefully fixed fulltext search with non-latin single byte charsets</li>
639 <li>Enabled work-around support for some multi-byte charsets - <b>OOHOO</b></li>
640 <li>Re-enabled search indexing of all-numeric character sequences</li>
641 <li>Updated email banning to properly implement wildcards</li>
642 <li>Fixed missing extension in links from groupcp</li>
643 <li>Fixed lack of re-validation when changing email address</li>
644 <li>Added additional IP check when using HTTP_X_FORWARDED_FOR</li>
645 <li>Fixed non-display of delete icon when on second or greater topic page</li>
646 <li>Fixed problems with users/groups assigned multiple permissions</li>
647 <li>Fixed problem with - and + in search words - <b>Matthijs</b></li>
648 <li>Fixed improper handling for deletion of words from search table</li>
649 <li>Fixed support for <b>,</b> in automagic URLs as per RFC</li>
650 <li>Fixed circular reference SQL errors when deleting posts under MS Access</li>
651 <li>Fixed nested [code] problems</li>
652 <li>Added charset encoding headers for emails - <b>romutis</b></li>
653 <li>Fixed "Copy to self" emails to use correct language</li>
654 <li>Fixed pagination error when limiting previous days for viewforum</li>
655 <li>Decreased minimum search word size to 3 chars</li>
656 <li>Fixed deletion of one or more options from all polls when editing just one</li>
657 <li>Fixed checking of group memberships when promoting/demoting group moderators</li>
658 <li>Added database closure to admin frameset page</li>
659 </ul>
660  
661 <a name="final"></a><h3 class="h3">1.xxii. Changes since RC-4</h3>
662  
663 <ul>
664 <li>Fixed improper report of general error when posting messages containing errors</li>
665 <li>Fixed post text being doubled up if it contained one or more &lt; without closing &gt;</li>
666 <li>Fixed pruning errors due to search function name change</li>
667 <li>Hopefully fixed various issues which led to incorrect reply and excess page counts</li>
668 <li>Fixed groupcp not displaying all email buttons to group moderator or admin</li>
669 <li>Fixed failure to display error notice when uploading oversized avatars</li>
670 <li>Hopefully corrected problem with viewonline displaying too few/many users online</li>
671 <li>Partially addressed issue with activation URLs >76 chars</li>
672 <li>Fixed additional search facilities failing to work or working incorrectly</li>
673 <li>Fixed search syntax highlighting</li>
674 <li>Addressed various webservers handling of page redirects</li>
675 <li>Fixed word censor not replacing first or last words</li>
676 <li>Fixed avatar height and width check for locally uploaded images</li>
677 <li>Hopefully fixed cache control header</li>
678 <li>Added check for PM box size limit of 0 to prevent div0 error</li>
679 <li>Fixed failure to fully delete PMs in outbox</li>
680 <li>Fixed display problem with polls</li>
681 <li>Fixed problem with guest username not being displayed for topic results in search</li>
682 <li>Fixed problem with quotes in various profile fields</li>
683 <li>Fixed schema problem with user_timezone</li>
684 <li>Fixed page display issue with MS Access</li>
685 <li>Fixed user level issue when altering user from user to admin and vice versa</li>
686 <li>Fixed incorrect parseing of some email templates</li>
687 <li>Reduced size of MS Access primer</li>
688 <li>Fixed various remaining usergroup display issues</li>
689 </ul>
690  
691 <a name="rc4"></a><h3 class="h3">1.xxiii. Changes since RC-3</h3>
692  
693 <ul>
694 <li>Addressed serious security issue with included files</li>
695 <li>Fixed non-use of database table prefix name during upgrade</li>
696 <li>Split functions and profile into separate modules</li>
697 <li>Fixed (hopefully) remaining issues with colourisation of moderator usernames</li>
698 <li>Updated install to include entry of additional, required, information</li>
699 <li>Fixed (hopefully) AOL incompatibilities</li>
700 <li>Fixed non-display of moderators in index/viewforum</li>
701 <li>Fixed group control panel 'no groups exist' problems</li>
702 <li>Fix HTTP_X_FORWARDED_FOR spoofing possibility</li>
703 <li>Fix ignoring of private range IP's in HTTP_X_FORWARDED_FOR</li>
704 <li>Enable multiple wildcard email banning, eg. *name*@somewhere.tld</li>
705 <li>Fix problems with posts being truncated if containing &lt; and &gt; characters</li>
706 <li>Prevent URL, BBCode and most smiley parseing in [code][/code]</li>
707 <li>Fix problems with use of certain reserved chars in word censor list</li>
708 <li>Fix default search useage to be as described (was doing AND by default)</li>
709 <li>Fix various avatar issues with profile, gallery and viewtopic</li>
710 <li>Enable safe mode support for uploading avatars</li>
711 <li>Fix broken modcp IP view issue</li>
712 <li>Fix potential session_id re-write vulnerability</li>
713 <li>Finish localisation of days and months (AM/PM are not and will not be localised in 2.0)</li>
714 <li>Remove link to external subSilver stylesheet from default subSilver templates</li>
715 <li>Handle TRANSACTIONS correctly in MySQL 3.x (by returning correct responses)</li>
716 <li>Fix checkbox resetting problem while previewing posts</li>
717 <li>Fix a login redirect issue</li>
718 <li>Remove some additional unused fields during upgrade</li>
719 <li>Fix (hopefully) remaining ICQ overlay issue with view profile in subSilver</li>
720 </ul>
721  
722 <a name="rc3"></a><h3 class="h3">1.xxiv. Changes since RC-2</h3>
723  
724 <ul>
725 <li>Fixed infamous install parse error</li>
726 <li>Major update of posting and related search functions (fixing various issues and increasing speed)</li>
727 <li>Fixed display of author and last poster names when both are different guest users</li>
728 <li>Fixed upgrade stall issues (hopefully!) and improved output</li>
729 <li>Fixed highlighting code for viewtopic and search</li>
730 <li>Reduced size of several files and functions</li>
731 <li>Moved localised images to sub-directories</li>
732 <li>Improved user feedback of disallowed usernames</li>
733 <li>Fixed various MSSQL bugs</li>
734 <li>Fixed installation of MSSQL/MSSQL-ODBC</li>
735 <li>Fixed security issue with upgrade.php</li>
736 <li>Finished implemention of various additional features</li>
737 <li>Fixed various user, group and forum permissions problems</li>
738 <li>Fixed issues with BBCode [ and ] (hopefully!)</li>
739 <li>Fixed autologin problems with MS IIS</li>
740 <li>Hopefully fixed problems with URIs in emails on some server configs</li>
741 <li>Fixed 'blank' profile and DB utilities problems on submit</li>
742 <li>Fixed incorrect language being used in email subjects</li>
743 <li>Fixed issues with incorrect private message new/unread counts</li>
744 <li>Fixed various PostgreSQL related errors</li>
745 <li>Automatically forward users to login screen in more situations</li>
746 <li>AEnabled (coloured) online indication of moderators and admins</li>
747 <li>Enabled maximum online user count</li>
748 <li>Altered online user count to ignore duplicate IPs (will now underestimate rather than overestimate)</li>
749 <li>Enabled viewing of users browsing each forum</li>
750 <li>Fixed (hopefully) display of overlayed ICQ icon in Netscape using subSilver</li>
751 <li>Fixed display of guest usernames for last post and author</li>
752 <li>Hidden usergroups are now completely hidden from view</li>
753 </ul>
754  
755 <a name="rc2"></a><h3 class="h3">1.xxv. Changes since RC-1</h3>
756  
757 <ul>
758 <li>Fixed numerous PostgreSQL related issues</li>
759 <li>Significant updates and additions to the upgrade script</li>
760 <li>Various (missed) hard coded language strings fixed</li>
761 <li>Fixed viewforum error when no forum id specified</li>
762 <li>Fixed old constant name useage in search system</li>
763 <li>Fixed display of moved posts when viewing unanswered posts</li>
764 <li>Fixed failure of search for user and keyword when displaying as posts</li>
765 <li>Fixed PM popup notification</li>
766 <li>Fixed view more emoticon session page problem</li>
767 <li>Fixed view profile email links</li>
768 <li>Fixed display of websites in profile</li>
769 <li>Fixed backup database failure</li>
770 <li>Fixed MS Access schema error when posting topics</li>
771 <li>Fixed problem with hypenated/dotted DB names in MySQL 3.23.6+</li>
772 <li>Various other fixes and updates</li>
773 </ul>
774  
775 <a name="rc1"></a><h3 class="h3">1.xxvi. Changes since RC-1 (pre)</h3>
776  
777 <ul>
778 <li>Upgrade script completed for initial fully functional release</li>
779 <li>Sessions code updated</li>
780 <li>Mark read code updated and hopefully fixed</li>
781 <li>Significant changes to properly deal with \' for non-MySQL boards</li>
782 <li>mssql, msaccess and mssql-odbc DB classes re-written</li>
783 <li>Avatar issues addressed and fixed</li>
784 <li>Search (INSERT) bug using MySQL fixed</li>
785 <li>Search highlighting issues addressed</li>
786 <li>Search own/other users posts fixed</li>
787 <li>BBCode fixes for magic URIs and other issues</li>
788 <li>Template updates for subSilver</li>
789 <li>User and group permissions problems fixed</li>
790 <li>Forum management problems (deletion of forum causing category not to display) fixed</li>
791 <li>Pagination problem with groupcp fixed</li>
792 <li>Backslash issues with posting and profile fixed</li>
793 <li>Backslash issues with emails fixed</li>
794 <li>preg_quote problems fixed</li>
795 <li>User management updated with full avatar control and missing fields</li>
796 <li>Private messaging box limits fixed</li>
797 <li>Private messaging ?folder= strangeness fixed</li>
798 <li>Forum pruning code updated to cope with search system</li>
799 <li>Emoticon system in posting updated</li>
800 <li>BBCode FAQ link added to posting form</li>
801 <li>Language file updates to address concerns of translators</li>
802 <li>Various other bug fixes and updates</li>
803 </ul>
804  
805 <p>Note that a full list of fixed bugs can be found at the bug tracker (see section on bug reporting <a href="README.html#bugs">here</a>)</p>
806  
807 <a name="disclaimer"></a><h2 class="h2"><u>2. Copyright and disclaimer</u></h2>
808  
809 <p>This application is opensource software released under the <a href="http://www.gnu.org/licenses/gpl.html" target="_new">GPL</a>. Please see source code and the Docs directory for more details. This package and its contents are Copyright © 2002 <a href="http://www.phpbb.com/" target="_new">phpBB Group</a>, All Rights Reserved.</p>
810  
811 <!-- END DOCUMENT -->
812 </td>
813 </tr>
814 </table></td>
815 </tr>
816 </table>
817  
818 </body>
819 </html>