diff --git a/extras/12_to_1222_update.php b/extras/12_to_1222_update.php deleted file mode 100644 index 4c03bda..0000000 --- a/extras/12_to_1222_update.php +++ /dev/null @@ -1,189 +0,0 @@ -query('SELECT cur_version FROM '.$db->prefix.'options'); -$result2 = $db->query('SELECT conf_value FROM '.$db->prefix.'config WHERE conf_name=\'o_cur_version\''); -$cur_version = ($result1) ? $db->result($result1) : (($result2 && $db->num_rows($result2)) ? $db->result($result2) : 'beta'); - -if (!in_array($cur_version, $update_from)) - error('Version mismatch. This script updates version '.implode(', ', $update_from).' to version '.$update_to.'. The database \''.$db_name.'\' doesn\'t seem to be running a supported version.', __FILE__, __LINE__); - - -// Get the forum config -$result = $db->query('SELECT * FROM '.$db->prefix.'config'); -while ($cur_config_item = $db->fetch_row($result)) - $pun_config[$cur_config_item[0]] = $cur_config_item[1]; - - -if (!isset($_POST['form_sent'])) -{ - -?> - - - - - -FluxBB Update - - - - -
-
- -
-

FluxBB Update

-
-
-
-
-

This script will update your current PunBB/FluxBB forum database to FluxBB . The update procedure might take anything from a second to a few minutes depending on the speed of the server and the size of the forum database. Don't forget to make a backup of the database before continuing.

-

Did you read the update instructions in the documentation? If not, start there.

-
-

-
-
-
- -
-
- - - -query('INSERT INTO '.$db->prefix.'config (conf_name, conf_value) VALUES(\'o_additional_navlinks\', NULL)') or error('Unable to alter DB structure.', __FILE__, __LINE__, $db->error()); - } - - // We need to add a unique index to avoid users having multiple rows in the online table - if ($db_type == 'mysql' || $db_type == 'mysqli') - { - $result = $db->query('SHOW INDEX FROM '.$db->prefix.'online') or error('Unable to check DB structure.', __FILE__, __LINE__, $db->error()); - - if ($db->num_rows($result) == 1) - $db->query('ALTER TABLE '.$db->prefix.'online ADD UNIQUE INDEX '.$db->prefix.'online_user_id_ident_idx(user_id,ident)') or error('Unable to alter DB structure.', __FILE__, __LINE__, $db->error()); - } - - // This feels like a good time to synchronize the forums - $result = $db->query('SELECT id FROM '.$db->prefix.'forums') or error('Unable to fetch forum info.', __FILE__, __LINE__, $db->error()); - - while ($row = $db->fetch_row($result)) - update_forum($row[0]); - - - // We'll empty the search cache table as well (using DELETE FROM since SQLite does not support TRUNCATE TABLE) - $db->query('DELETE FROM '.$db->prefix.'search_cache') or error('Unable to flush search results.', __FILE__, __LINE__, $db->error()); - - - // Finally, we update the version number - $db->query('UPDATE '.$db->prefix.'config SET conf_value=\''.$update_to.'\' WHERE conf_name=\'o_cur_version\'') or error('Unable to update version.', __FILE__, __LINE__, $db->error()); - - - // Delete all .php files in the cache (someone might have visited the forums while we were updating and thus, generated incorrect cache files) - $d = dir(PUN_ROOT.'cache'); - while (($entry = $d->read()) !== false) - { - if (substr($entry, strlen($entry)-4) == '.php') - @unlink(PUN_ROOT.'cache/'.$entry); - } - $d->close(); - -?> - - - - - -FluxBB Update - - - - -
-
- -
-

Update completed

-
-
-

Update successful! Your forum database has now been updated to version . You should now remove this script from the forum root directory and follow the rest of the instructions in the documentation.

-
-
-
- -
-
- - - -query('SELECT cur_version FROM '.$db->prefix.'options'); +$result2 = $db->query('SELECT conf_value FROM '.$db->prefix.'config WHERE conf_name=\'o_cur_version\''); +$cur_version = ($result1) ? $db->result($result1) : (($result2 && $db->num_rows($result2)) ? $db->result($result2) : 'beta'); + +if (!in_array($cur_version, $update_from)) + error('Version mismatch. This script updates version '.implode(', ', $update_from).' to version '.$update_to.'. The database \''.$db_name.'\' doesn\'t seem to be running a supported version.', __FILE__, __LINE__); + + +// Get the forum config +$result = $db->query('SELECT * FROM '.$db->prefix.'config'); +while ($cur_config_item = $db->fetch_row($result)) + $pun_config[$cur_config_item[0]] = $cur_config_item[1]; + + +if (!isset($_POST['form_sent'])) +{ + +?> + + + + + +FluxBB Update + + + + +
+
+ +
+

FluxBB Update

+
+
+
+
+

This script will update your current PunBB/FluxBB forum database to FluxBB . The update procedure might take anything from a second to a few minutes depending on the speed of the server and the size of the forum database. Don't forget to make a backup of the database before continuing.

+

Did you read the update instructions in the documentation? If not, start there.

+
+

+
+
+
+ +
+
+ + + +query('INSERT INTO '.$db->prefix.'config (conf_name, conf_value) VALUES(\'o_additional_navlinks\', NULL)') or error('Unable to alter DB structure.', __FILE__, __LINE__, $db->error()); + } + + // We need to add a unique index to avoid users having multiple rows in the online table + if ($db_type == 'mysql' || $db_type == 'mysqli') + { + $result = $db->query('SHOW INDEX FROM '.$db->prefix.'online') or error('Unable to check DB structure.', __FILE__, __LINE__, $db->error()); + + if ($db->num_rows($result) == 1) + $db->query('ALTER TABLE '.$db->prefix.'online ADD UNIQUE INDEX '.$db->prefix.'online_user_id_ident_idx(user_id,ident)') or error('Unable to alter DB structure.', __FILE__, __LINE__, $db->error()); + } + + // This feels like a good time to synchronize the forums + $result = $db->query('SELECT id FROM '.$db->prefix.'forums') or error('Unable to fetch forum info.', __FILE__, __LINE__, $db->error()); + + while ($row = $db->fetch_row($result)) + update_forum($row[0]); + + + // We'll empty the search cache table as well (using DELETE FROM since SQLite does not support TRUNCATE TABLE) + $db->query('DELETE FROM '.$db->prefix.'search_cache') or error('Unable to flush search results.', __FILE__, __LINE__, $db->error()); + + + // Finally, we update the version number + $db->query('UPDATE '.$db->prefix.'config SET conf_value=\''.$update_to.'\' WHERE conf_name=\'o_cur_version\'') or error('Unable to update version.', __FILE__, __LINE__, $db->error()); + + + // Delete all .php files in the cache (someone might have visited the forums while we were updating and thus, generated incorrect cache files) + $d = dir(PUN_ROOT.'cache'); + while (($entry = $d->read()) !== false) + { + if (substr($entry, strlen($entry)-4) == '.php') + @unlink(PUN_ROOT.'cache/'.$entry); + } + $d->close(); + +?> + + + + + +FluxBB Update + + + + +
+
+ +
+

Update completed

+
+
+

Update successful! Your forum database has now been updated to version . You should now remove this script from the forum root directory and follow the rest of the instructions in the documentation.

+
+
+
+ +
+
+ + + + 1, 'password_hash' => 'Guest'); // If a cookie is set, we get the user_id and password hash from it - if (isset($_COOKIE[$cookie_name])) - list($cookie['user_id'], $cookie['password_hash']) = @unserialize($_COOKIE[$cookie_name]); + if (isset($_COOKIE[$cookie_name]) && preg_match('/a:2:{i:0;s:\d+:"(\d+)";i:1;s:\d+:"([0-9a-f]+)";}/', $_COOKIE[$cookie_name], $matches)) + list(, $cookie['user_id'], $cookie['password_hash']) = $matches; if ($cookie['user_id'] > 1) { diff --git a/upload/install.php b/upload/install.php index ce1a36b..2ce3f50 100644 --- a/upload/install.php +++ b/upload/install.php @@ -24,7 +24,7 @@ // The FluxBB version this script installs -$fluxbb_version = '1.2.22'; +$fluxbb_version = '1.2.23'; define('PUN_ROOT', './'); @@ -1433,7 +1433,7 @@ else
-

To finalize the installation all you need to do is to copy and paste the text in the text box below into a file called config.php and then upload this file to the root directory of your FluxBB installation. Make sure there are no linebreaks or spaces before <?php. You can later edit config.php if you reconfigure your setup (e.g. change the database password or ).

+

To finalize the installation all you need to do is to copy and paste the text in the text box below into a file called config.php and then upload this file to the root directory of your FluxBB installation. Make sure there are no linebreaks or spaces before <?php. You can later edit config.php if you reconfigure your setup (e.g. change the database password).

diff --git a/upload/register.php b/upload/register.php index 24c0bca..2015191 100644 --- a/upload/register.php +++ b/upload/register.php @@ -163,7 +163,7 @@ else if (isset($_POST['form_sent'])) // Check if someone else already has registered with that e-mail address $dupe_list = array(); - $result = $db->query('SELECT username FROM '.$db->prefix.'users WHERE email=\''.$email1.'\'') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); + $result = $db->query('SELECT username FROM '.$db->prefix.'users WHERE email=\''.$db->escape($email1).'\'') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error()); if ($db->num_rows($result)) { if ($pun_config['p_allow_dupe_email'] == '0') @@ -196,7 +196,7 @@ else if (isset($_POST['form_sent'])) $password_hash = pun_hash($password1); // Add the user - $db->query('INSERT INTO '.$db->prefix.'users (username, group_id, password, email, email_setting, save_pass, timezone, language, style, registered, registration_ip, last_visit) VALUES(\''.$db->escape($username).'\', '.$intial_group_id.', \''.$password_hash.'\', \''.$email1.'\', '.$email_setting.', '.$save_pass.', '.$timezone.' , \''.$db->escape($language).'\', \''.$pun_config['o_default_style'].'\', '.$now.', \''.get_remote_address().'\', '.$now.')') or error('Unable to create user', __FILE__, __LINE__, $db->error()); + $db->query('INSERT INTO '.$db->prefix.'users (username, group_id, password, email, email_setting, save_pass, timezone, language, style, registered, registration_ip, last_visit) VALUES(\''.$db->escape($username).'\', '.$intial_group_id.', \''.$password_hash.'\', \''.$db->escape($email1).'\', '.$email_setting.', '.$save_pass.', '.$timezone.' , \''.$db->escape($language).'\', \''.$pun_config['o_default_style'].'\', '.$now.', \''.get_remote_address().'\', '.$now.')') or error('Unable to create user', __FILE__, __LINE__, $db->error()); $new_uid = $db->insert_id();