[2.0.13] phpBB 2.0.13 to 2.0.14 Code Changes

All new MODs released in our MOD Database will be announced in here. All support for released MODs needs to take place in here. No new MODs will be accepted into the MOD Database for phpBB2
Forum rules
READ: phpBB.com Board-Wide Rules and Regulations

On February 1, 2009 this forum will be set to read only as part of retiring of phpBB2.
Post Reply

Rating:

Excellent!
81
71%
Very Good
12
11%
Good
10
9%
Fair
2
2%
Poor
9
8%
 
Total votes: 114

User avatar
MatrixForum
Registered User
Posts: 37
Joined: Thu Jul 24, 2003 12:59 am
Location: Italy - Rome
Contact:

Post by MatrixForum » Sat Apr 16, 2005 4:18 pm

I have found of the modifications also in the file templates/subSilver/login_body.tpl

Line 22 - 2.0.13

Code: Select all

			  <input type="text" name="username" size="25" maxlength="40" value="{USERNAME}" />
Line 22 - 2.0.14

Code: Select all

			  <input type="text" class="post" name="username" size="25" maxlength="40" value="{USERNAME}" />
Line 28 - 2.0.13

Code: Select all

			  <input type="password" name="password" size="25" maxlength="32" />
Line 28 - 2.0.14

Code: Select all

			  <input type="password" class="post" name="password" size="25" maxlength="32" />
MBMF³
Image

Ex0dus
Registered User
Posts: 98
Joined: Mon Nov 01, 2004 1:17 am
Location: Zarasu, Lithuania
Contact:

Post by Ex0dus » Sat Apr 16, 2005 4:30 pm

Poregorn- I have tried the changes, and it doesnt seem to hurt to put that line in. I have fully tested the forum and it is working fine (in fact it seems a bit faster than before) If you have any other questions, feel free to email me at xclarion@hotmail.com

-Ex0dus

v-h
Registered User
Posts: 15
Joined: Mon Nov 22, 2004 3:49 pm

Post by v-h » Sat Apr 16, 2005 4:45 pm

update was easily done on a board with 22 mods, thanks!

User avatar
Ptirhiik
Registered User
Posts: 7411
Joined: Mon Jan 06, 2003 10:36 pm
Contact:

Post by Ptirhiik » Sat Apr 16, 2005 4:54 pm

On some boards, the ANONYMOUS users table row is missing (not normal, but the fact is) : the fix in sessions.php (adding a sql request on two places) doesn't handle this case correctly (the code makes it worst it was, as the $userdata['user_id'] is not correctly populated, although the breach targeted is correctly fixed) : better is to put the added sqls in this file "before" rather than "after" the "find" statements.

BlueRook
Registered User
Posts: 2892
Joined: Wed Mar 10, 2004 2:38 am

Post by BlueRook » Sat Apr 16, 2005 5:18 pm

skuipers, that space doesn't make one bit of difference.

Kemars
Registered User
Posts: 38
Joined: Wed Jan 07, 2004 6:57 am
Location: Helsinki, Finland
Contact:

Post by Kemars » Sat Apr 16, 2005 5:24 pm

Nice work guys!.. I got it on the first try using phpbb2 plus 1.52..

These types of code chagnes are great for the heavily modded board I am in charge of .. cheers for the detailed step by step instructions.. it does not go wasted the time it took to write them out..

=)
How much wood would a woodchuck chuck if a woodchuck could chuck wood?
http://www.iesaf.fi / http://www.kemars.com

ChaosBringer
Registered User
Posts: 412
Joined: Mon Apr 19, 2004 11:30 pm
Contact:

Post by ChaosBringer » Sat Apr 16, 2005 5:54 pm

what about that header line? i cant find it either...

oh and Ptirhiik, do you recomend using this also?

Code: Select all

//FIND-------------------------------------------------------
 // No match; don't login, set as anonymous user
 $login = 0;
 $enable_autologin = 0;
 $user_id = $userdata['user_id'] = ANONYMOUS; 
//AFTER ADD, -----------------------------------------------
$userdata['user_level'] = USER;
//FIND--------------------------------------------------------
 // Autologin is not set. Don't login, set as anonymous user
 $login = 0;
 $enable_autologin = 0;
 $user_id = $userdata['user_id'] = ANONYMOUS; 
//AFTERADD--------------------------------------------------
$userdata['user_level'] = USER;
??

01000001 01101100 01101100 00100000 01111001 01101111 01110101 01110010 00100000 01100010 01101001 01101110 01100001 01110010 01111001 00100000 01100001 01110010 01100101 00100000 01100010 01100101 01101100 01101111 01101110 01100111 00100000 01110100 01101111 00100000 01110101 01110011 00100001

User avatar
SGD
Registered User
Posts: 91
Joined: Wed Nov 19, 2003 8:41 pm
Location: Washington

Post by SGD » Sat Apr 16, 2005 6:03 pm

Ptirhiik - RPGnet-fr wrote: On some boards, the ANONYMOUS users table row is missing (not normal, but the fact is) : the fix in sessions.php (adding a sql request on two places) doesn't handle this case correctly (the code makes it worst it was, as the $userdata['user_id'] is not correctly populated, although the breach targeted is correctly fixed) : better is to put the added sqls in this file "before" rather than "after" the "find" statements.


So, you are saying to take the 2 sql requests listed in the update and add before instead of after. Correct ?

Code: Select all

$sql = 'SELECT * FROM ' . USERS_TABLE . ' WHERE user_id = ' . ANONYMOUS;
					$result = $db->sql_query($sql);
					$userdata = $db->sql_fetchrow($result);
					$db->sql_freeresult($result);
Make It Happen!

poregorn
Registered User
Posts: 138
Joined: Thu Sep 23, 2004 9:23 pm

Post by poregorn » Sat Apr 16, 2005 6:12 pm

Ex0dus wrote: Poregorn- I have tried the changes, and it doesnt seem to hurt to put that line in. I have fully tested the forum and it is working fine (in fact it seems a bit faster than before) If you have any other questions, feel free to email me at xclarion@hotmail.com

-Ex0dus
just tried your code and am going to upload now, ill post back if there are any problems

poregorn
Registered User
Posts: 138
Joined: Thu Sep 23, 2004 9:23 pm

Post by poregorn » Sat Apr 16, 2005 6:18 pm

all works well, now running 14 a.o.k.


thanks ex

poregorn
Registered User
Posts: 138
Joined: Thu Sep 23, 2004 9:23 pm

Post by poregorn » Sat Apr 16, 2005 6:19 pm

and for those who cant find the first edit in page_header.php try this

Code: Select all

---[ OPEN ]---
includes/page_header.php

---[ FIND ]---
$phpver = phpversion();

---[ AFTER, ADD ]---

$useragent = (isset($HTTP_SERVER_VARS['HTTP_USER_AGENT'])) ? $HTTP_SERVER_VARS['HTTP_USER_AGENT'] : getenv('HTTP_USER_AGENT');

deny
Registered User
Posts: 565
Joined: Wed May 14, 2003 9:14 am
Location: Find-Ip-Address.org
Contact:

Post by deny » Sat Apr 16, 2005 6:34 pm

Ptirhiik - RPGnet-fr wrote: On some boards, the ANONYMOUS users table row is missing (not normal, but the fact is) : the fix in sessions.php (adding a sql request on two places) doesn't handle this case correctly (the code makes it worst it was, as the $userdata['user_id'] is not correctly populated, although the breach targeted is correctly fixed) : better is to put the added sqls in this file "before" rather than "after" the "find" statements.


So what now to do. 8O You and Acyd Burn are 2 so far best phpBB coders and i'm confuse right now.
Follow official update or follow what you said :?

User avatar
Ptirhiik
Registered User
Posts: 7411
Joined: Mon Jan 06, 2003 10:36 pm
Contact:

Post by Ptirhiik » Sat Apr 16, 2005 6:44 pm

> ChaosBringer : I definitively do not recommand to use the lines you have quoted : they are far from being enough to fix anything. If you are not sure where to put the code, just download the phpBB 2.0.14, and check your includes/sessions.php with the one coming with phpBB 2.0.14.

> SGD : that's what I meant,

> Deny and other : it seems my post was quite comfusing, so let's try to reword it. The real problem is not the fix here : setting after or before on a correct database will do exactly the same, so the phpBB.com spot is perfectly valid. Though, I have quite often encounter a flew on many phpBB install, where the users table row ANONYMOUS (user_id = -1 in users table) was missing. Here stands the problem : prior this fix, it wasn't too harsh, as the user_id was forced. With the latest version, it is no more in this case. The real answer is to create the missing row (or to fix it), what I posted is only half-the-way (to keep the same level of data prior the 2.0.14 version). If you have the user_id = -1 users table row, nothing to worry, just apply the upgrade as is. If you miss this row, IMHO better is to set temporaly the code before rather than after, then - and this is the most important - ask in the support forum here @ phpBB.com how to fix your install for this issue. Once done, just get back to the original upgrade.
Last edited by Ptirhiik on Sat Apr 16, 2005 6:45 pm, edited 1 time in total.

User avatar
SGD
Registered User
Posts: 91
Joined: Wed Nov 19, 2003 8:41 pm
Location: Washington

Post by SGD » Sat Apr 16, 2005 6:45 pm

deny wrote:
Ptirhiik - RPGnet-fr wrote:On some boards, the ANONYMOUS users table row is missing (not normal, but the fact is) : the fix in sessions.php (adding a sql request on two places) doesn't handle this case correctly (the code makes it worst it was, as the $userdata['user_id'] is not correctly populated, although the breach targeted is correctly fixed) : better is to put the added sqls in this file "before" rather than "after" the "find" statements.


So what now to do. 8O You and Acyd Burn are 2 so far best phpBB coders and i'm confuse right now.
Follow official update or follow what you said :?


I believe what Ptirhiik is refering to is, instead of following the update refering to this part of includes/sessions.php, do this insead.

Code: Select all

#
#-----[ FIND ]---------------------------------------------
# Line 92
					// No match; don't login, set as anonymous user
					$login = 0; 
					$enable_autologin = 0; 
					$user_id = $userdata['user_id'] = ANONYMOUS;

#
#-----[ before, ADD ]---------------------------------------------
# 
				
					$sql = 'SELECT * FROM ' . USERS_TABLE . ' WHERE user_id = ' . ANONYMOUS;
					$result = $db->sql_query($sql);
					$userdata = $db->sql_fetchrow($result);
					$db->sql_freeresult($result);

#
#-----[ FIND ]---------------------------------------------
# Line 105
				// Autologin is not set. Don't login, set as anonymous user
				$login = 0;
				$enable_autologin = 0;
				$user_id = $userdata['user_id'] = ANONYMOUS;

#
#-----[ before, ADD ]---------------------------------------------
# 

				$sql = 'SELECT * FROM ' . USERS_TABLE . ' WHERE user_id = ' . ANONYMOUS;
				$result = $db->sql_query($sql);
				$userdata = $db->sql_fetchrow($result);
				$db->sql_freeresult($result);
Make It Happen!

deny
Registered User
Posts: 565
Joined: Wed May 14, 2003 9:14 am
Location: Find-Ip-Address.org
Contact:

Post by deny » Sat Apr 16, 2005 6:54 pm

SGD wrote:
deny wrote:
Ptirhiik - RPGnet-fr wrote:On some boards, the ANONYMOUS users table row is missing (not normal, but the fact is) : the fix in sessions.php (adding a sql request on two places) doesn't handle this case correctly (the code makes it worst it was, as the $userdata['user_id'] is not correctly populated, although the breach targeted is correctly fixed) : better is to put the added sqls in this file "before" rather than "after" the "find" statements.


So what now to do. 8O You and Acyd Burn are 2 so far best phpBB coders and i'm confuse right now.
Follow official update or follow what you said :?


I believe what Ptirhiik is refering to is, instead of following the update refering to this part of includes/sessions.php, do this insead.

Code: Select all

#
#-----[ FIND ]---------------------------------------------
# Line 92
					// No match; don't login, set as anonymous user
					$login = 0; 
					$enable_autologin = 0; 
					$user_id = $userdata['user_id'] = ANONYMOUS;

#
#-----[ before, ADD ]---------------------------------------------
# 
				
					$sql = 'SELECT * FROM ' . USERS_TABLE . ' WHERE user_id = ' . ANONYMOUS;
					$result = $db->sql_query($sql);
					$userdata = $db->sql_fetchrow($result);
					$db->sql_freeresult($result);

#
#-----[ FIND ]---------------------------------------------
# Line 105
				// Autologin is not set. Don't login, set as anonymous user
				$login = 0;
				$enable_autologin = 0;
				$user_id = $userdata['user_id'] = ANONYMOUS;

#
#-----[ before, ADD ]---------------------------------------------
# 

				$sql = 'SELECT * FROM ' . USERS_TABLE . ' WHERE user_id = ' . ANONYMOUS;
				$result = $db->sql_query($sql);
				$userdata = $db->sql_fetchrow($result);
				$db->sql_freeresult($result);


He just explained above.
I've just checked and see that i have user_id = -1 users table row.So Ptirhiik suggestion is only for board that does not have user_id = -1 users table row.

Post Reply

Return to “[2.0.x] MOD Database Releases”