############################################################## 
## MOD Title: Fixes for phpBB 2.xx
## MOD Author: achaab & BoBmArLeY ttp://premod-shdow.servhome.org/shadow/
##
## MOD Description: Few fixes for phpBB 2 (see the notes)
##
## MOD Version: 1.0.0
## 
## Installation Level: easy
## Installation Time: 60 minutes
##
## Files To Edit: admin/admin_board.php
##				  admin/admin_db_utilities.php
##				  admin/admin_disallow.php
##				  admin/admin_forum_prune.php
##				  admin/admin_forumauth.php
##				  admin/admin_forums.php
##				  admin/admin_groups.php
##				  admin/admin_mass_email.php
##				  admin/admin_ranks.php
##				  admin/admin_smilies.php
##				  admin/admin_styles.php
##				  admin/admin_ug_auth.php
##				  admin/admin_user_ban.php
##				  admin/admin_users.php
##				  admin/admin_words.php
##				  admin/index.php
##				  admin/page_header_admin.php
##				  includes/auth.php
##				  includes/db.php
##				  includes/emailer.php
##				  includes/functions.php
##				  includes/functions_post.php
##				  includes/functions_search.php
##				  includes/page_header.php
##				  includes/page_tail.php
##				  includes/sessions.php
##				  includes/smtp.php
##				  includes/topic_review.php
##				  includes/usercp_avatar.php
##				  includes/usercp_register.php
##				  includes/usercp_sendpasswd.php
##				  common.php
##				  groupcp.php
##				  index.php
##				  login.php
##				  memberlist.php
##				  modcp.php
##				  posting.php
##				  privmsg.php
##				  profile.php
##				  search.php
##				  viewtopic.php
##
## Included Files: db/mysql4.php
##				   db/mysqli.php
##
############################################################## 
## Authors' note: 
## 
##	You have to know that we didn't make those fixes for a vanila version of phpBB 2 but 
##	for a premodded version (named "premod shadow"). That means that we put our efforts on
##	the Shadow version, and then we applied the modifications on a vanila forum which 
##	was only tested in local. So we maybe not fixed all errors but we fixed all those we have seen.
##
##	We didn't edit the mysql.php file because we think that nobody use it now (too old). 
##	The mysql4.php file is compatible from PHP 4 to PHP 5.5.
##	The mysqli.php file if compatible for any version of PHP 5.
##
##	Also we didn't edit the db2.php, msaccess.php, mssql.php, mssql-odbc.php and postgres7.php files 
##	(because our premod is based on mysql/mysql4/mysqli)
##	
##
##	Fix for PHP 5.4+ (description of the problem before the fix):
##	-------------------------------------------------------------
##
##	If a member had an accent in his name, he can not login unless he changes the accent by the 
##	same letter w/o accent. IE : Somebody's name is "Téki", he can not login himself if he write "Téki", he has
##  to write "Teki". 
##
##	If someone wants to create a new account with an accent in his name, the forum will give 
##	him this message : "You must fill in the required fields."
##
##	When someone wants to preview a message, the page is reloaded but instead to see the preview box, he 
##	only has the posting like if he didn't click on the preview button.
##
##
##	Fix for some errors :
##	--------------------
##
##	We displayed the following errors : E_ERROR, E_WARNING, E_PARSE, E_NOTICE, E_STRICT, E_DEPRECATED
##	We fixed all of them (at least all those we have seen) and then we removed the error_reporting.
##
##
##	Fix for IPv6 :
##	--------------
##
##	We extended the compatibility of phpBB 2 to IPv6.
## 
############################################################## 
## Before Adding This MOD To Your Forum, You Should Back Up All Files Related To This MOD 
############################################################## 

#
#-----[ DIY INSTRUCTIONS ]------------------------------------------------------------------
#

If you want to switch from mysql4 to mysqli, edit your config.php file
find "$dbms = 'mysql4';" replace it by $dbms = 'mysqli';


#
#-----[ COPY ]------------------------------------------------------------------
#

copy root/db/mysql4.php to db/mysql4.php
copy root/db/mysqli.php to db/mysqli.php


#
#-----[ OPEN ]------------------------------------------------------------------
#

admin/admin_board.php

#
#-----[ FIND ]------------------------------------------------------------------
#
define('IN_PHPBB', 1);
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
if (!defined('IN_PHPBB'))
{
    define('IN_PHPBB', 1);
}
#
#-----[ FIND ]------------------------------------------------------------------
#
$lang_select = language_select($new['default_lang'], 'default_lang', "language");
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
$lang_select = language_select((( isset($new['default_lang']) ) ? $new['default_lang'] : '') , 'default_lang', "language");
#
#-----[ FIND ]------------------------------------------------------------------
#
	"CONFIRM_ENABLE" => $confirm_yes,
	"CONFIRM_DISABLE" => $confirm_no,
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
	"CONFIRM_ENABLE" => ( isset($confirm_yes) ) ? $confirm_yes : '',
	"CONFIRM_DISABLE" => ( isset($confirm_no) ) ? $confirm_no : '',
#
#-----[ OPEN ]------------------------------------------------------------------
#

admin/admin_db_utilities.php

#
#-----[ FIND ]------------------------------------------------------------------
#
define('IN_PHPBB', 1);
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
if (!defined('IN_PHPBB'))
{
    define( 'IN_PHPBB', 1);
}
#
#-----[ FIND ]------------------------------------------------------------------
#
if (eregi('char', $row['type']))
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
if (preg_match('/char/i', $row['type']))
#
#-----[ FIND ]------------------------------------------------------------------
#
if (eregi('numeric', $row['type']))
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
if (preg_match('/numeric/i', $row['type']))
#
#-----[ FIND ]------------------------------------------------------------------
#
$props['column_names'] = ereg_replace(", $", "" , $props['column_names']);
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
$props['column_names'] = preg_replace("/, $/", "" , $props['column_names']);
#
#-----[ FIND ]------------------------------------------------------------------
#
	$schema_create = ereg_replace(',' . $crlf . '$', '', $schema_create);
	$index_create = ereg_replace(',' . $crlf . '$', '', $index_create);
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
	$schema_create = preg_replace('/,/' . $crlf . '$', '', $schema_create);
	$index_create = preg_replace('/,/' . $crlf . '$', '', $index_create);
#
#-----[ FIND ]------------------------------------------------------------------
#
$schema_create = ereg_replace(',' . $crlf . '$', "", $schema_create);
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
$schema_create = preg_replace('/,/' . $crlf . '$', "", $schema_create);
#
#-----[ FIND ]------------------------------------------------------------------
#
if (eregi("char|text|bool", $aryType[$i]))
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
if (preg_match("/char|text|bool/i", $aryType[$i]))
#
#-----[ FIND ]------------------------------------------------------------------
#
elseif (eregi("date|timestamp", $aryType[$i]))
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
elseif (preg_match("/date|timestamp/i", $aryType[$i]))
#
#-----[ FIND ]------------------------------------------------------------------
#
		$schema_vals = ereg_replace(",$", "", $schema_vals);
		$schema_vals = ereg_replace("^ ", "", $schema_vals);
		$schema_fields = ereg_replace(",$", "", $schema_fields);
		$schema_fields = ereg_replace("^ ", "", $schema_fields);
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
		$schema_vals = preg_replace("/,$/", "", $schema_vals);
		$schema_vals = preg_replace("/^ /", "", $schema_vals);
		$schema_fields = preg_replace("/,$/", "", $schema_fields);
		$schema_fields = preg_replace("/^ /", "", $schema_fields);
#
#-----[ FIND ]------------------------------------------------------------------
#
				if(ereg(",", $additional_tables))
				{
					$additional_tables = split(",", $additional_tables);
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
				if(preg_match("/,/", $additional_tables))
				{
					$additional_tables = explode(",", $additional_tables);
#
#-----[ FIND ]------------------------------------------------------------------
#
					case 'mysql':
					case 'mysql4':
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
					case 'mysql':
					case 'mysql4':
					case 'mysqli':
#
#-----[ FIND ]------------------------------------------------------------------
#
if(!$result && ( !(SQL_LAYER == 'postgresql' && eregi("drop table", $sql) ) ) )
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
if(!$result && ( !(SQL_LAYER == 'postgresql' && preg_match("/drop table/i", $sql) ) ) )
#
#-----[ OPEN ]------------------------------------------------------------------
#

admin/admin_disallow.php

#
#-----[ FIND ]------------------------------------------------------------------
#
define('IN_PHPBB', 1);
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
if (!defined('IN_PHPBB'))
{
    define( 'IN_PHPBB', 1);
}
#
#-----[ FIND ]------------------------------------------------------------------
#
	$sql = "DELETE FROM " . DISALLOW_TABLE . " 
		WHERE disallow_id = $disallowed_id";
	$result = $db->sql_query($sql);
	if( !$result )
	{
		message_die(GENERAL_ERROR, "Couldn't removed disallowed user.", "",__LINE__, __FILE__, $sql);
	}
#
#-----[ AFTER, ADD ]------------------------------------------------------------
#
	$message = (isset($message)) ? $message : '';
#
#-----[ FIND ]------------------------------------------------------------------
#
if( trim($disallowed) == "" )
{
	$disallow_select .= '<option value="">' . $lang['no_disallowed'] . '</option>';
}
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
if( trim(isset($disallowed)) == "" )
{
	$disallow_select = (isset($disallow_select)) ? $disallow_select : '';
	$disallow_select .= '<option value="">' . $lang['No_disallowed'] . '</option>';
}
#
#-----[ FIND ]------------------------------------------------------------------
#
"L_INFO" => $output_info,
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
"L_INFO" => (isset($output_info)) ? $output_info : '',
#
#-----[ OPEN ]------------------------------------------------------------------
#

admin/admin_forum_prune.php

#
#-----[ FIND ]------------------------------------------------------------------
#
define('IN_PHPBB', true);
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
if (!defined('IN_PHPBB'))
{
    define( 'IN_PHPBB', true);
}
#
#-----[ OPEN ]------------------------------------------------------------------
#

admin/admin_forumauth.php

#
#-----[ FIND ]------------------------------------------------------------------
#
define('IN_PHPBB', 1);
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
if (!defined('IN_PHPBB'))
{
    define( 'IN_PHPBB', 1);
}
#
#-----[ FIND ]------------------------------------------------------------------
#
$s_column_span == 0;
#
#-----[ BEFORE, ADD ]------------------------------------------------------------
#
	$s_column_span = (isset($s_column_span)) ? $s_column_span : '';
#
#-----[ OPEN ]------------------------------------------------------------------
#

admin/admin_forums.php

#
#-----[ FIND ]------------------------------------------------------------------
#
define('IN_PHPBB', 1);
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
if (!defined('IN_PHPBB'))
{
    define( 'IN_PHPBB', 1);
}
#
#-----[ FIND ]------------------------------------------------------------------
#
$mode = htmlspecialchars($mode);
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
$mode = htmlspecialchars($mode, ENT_COMPAT, 'ISO-8859-1');
#
#-----[ FIND ]------------------------------------------------------------------
#
$catlist .= "<option value=\"$row[$idfield]\"$s>" . $row[$namefield] . "</option>\n";
#
#-----[ BEFORE, ADD ]------------------------------------------------------------
#
		$catlist = ( isset($catlist) ) ? $catlist : '';
#
#-----[ FIND ]------------------------------------------------------------------
#
//
// Begin program proper
//
if( isset($HTTP_POST_VARS['addforum']) || isset($HTTP_POST_VARS['addcategory']) )
{
	$mode = ( isset($HTTP_POST_VARS['addforum']) ) ? "addforum" : "addcat";

	if( $mode == "addforum" )
	{
		list($cat_id) = each($HTTP_POST_VARS['addforum']);
		$cat_id = intval($cat_id);
		// 
		// stripslashes needs to be run on this because slashes are added when the forum name is posted
		//
		$forumname = stripslashes($HTTP_POST_VARS['forumname'][$cat_id]);
	}
}
#
#-----[ AFTER, ADD ]------------------------------------------------------------
#
$HTTP_POST_VARS['prune_enable'] = (isset($HTTP_POST_VARS['prune_enable'])) ? $HTTP_POST_VARS['prune_enable'] : '';
#
#-----[ FIND ]------------------------------------------------------------------
#
			$statuslist = "<option value=\"" . FORUM_UNLOCKED . "\" $forumunlocked>" . $lang['Status_unlocked'] . "</option>\n";
			$statuslist .= "<option value=\"" . FORUM_LOCKED . "\" $forumlocked>" . $lang['Status_locked'] . "</option>\n"; 
#
#-----[ BEFORE, ADD ]------------------------------------------------------------
#
			$forumunlocked = ( isset($forumunlocked) ) ? $forumunlocked : '';
			$forumlocked = ( isset($forumlocked) ) ? $forumlocked : '';
#
#-----[ FIND ]------------------------------------------------------------------
#
if( $HTTP_POST_VARS['prune_enable'] )
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
if( isset($HTTP_POST_VARS['prune_enable']) )
#
#-----[ FIND ]------------------------------------------------------------------
#
if( $HTTP_POST_VARS['prune_enable'] == 1 )
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
if( isset ($HTTP_POST_VARS['prune_enable']) && $HTTP_POST_VARS['prune_enable'] == 1 )
#
#-----[ FIND ]------------------------------------------------------------------
#
// Show form to delete a forum
#
#-----[ BEFORE, ADD ]------------------------------------------------------------
#
			$s = (isset($s)) ? $s : '';
#
#-----[ FIND ]------------------------------------------------------------------
#
$delete_old = intval($HTTP_POST_VARS['delete_old']);
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
$delete_old = (isset($HTTP_POST_VARS['delete_old'])) ? intval($HTTP_POST_VARS['delete_old']) : '0';
#
#-----[ FIND ]------------------------------------------------------------------
#
			$db->sql_freeresult($result2);

			$sql = "DELETE FROM " . FORUMS_TABLE . "
#
#-----[ BEFORE, ADD ]------------------------------------------------------------
#
			$result2 = (isset($result2)) ? $result2 : '';
#
#-----[ FIND ]------------------------------------------------------------------
#
	if ($show_index != TRUE)
	{
		include('./page_footer_admin.'.$phpEx);
		exit;
	}
#
#-----[ BEFORE, ADD ]------------------------------------------------------------
#
	if (!isset($show_index))
	{
		$show_index = false;
	}
#
#-----[ FIND ]------------------------------------------------------------------
#
'ROW_COLOR' => $row_color,
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
'ROW_COLOR' => (isset($row_color)) ? $row_color : '',
#
#-----[ OPEN ]------------------------------------------------------------------
#

admin/admin_groups.php

#
#-----[ FIND ]------------------------------------------------------------------
#
define('IN_PHPBB', 1);
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
if (!defined('IN_PHPBB'))
{
    define( 'IN_PHPBB', 1);
}
#
#-----[ FIND ]------------------------------------------------------------------
#
$mode = htmlspecialchars($mode);
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
$mode = htmlspecialchars($mode, ENT_COMPAT, 'ISO-8859-1');
#
#-----[ OPEN ]------------------------------------------------------------------
#

admin/admin_mass_email.php

#
#-----[ FIND ]------------------------------------------------------------------
#
define('IN_PHPBB', 1);
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
if (!defined('IN_PHPBB'))
{
    define( 'IN_PHPBB', 1);
}
#
#-----[ FIND ]------------------------------------------------------------------
#
if ( $error )
#
#-----[ BEFORE, ADD ]------------------------------------------------------------
#
$error = (isset($error)) ? $error : '';
#
#-----[ FIND ]------------------------------------------------------------------
#
'L_NOTICE' => $notice,
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
'L_NOTICE' => (isset($notice)) ? $notice : '',
#
#-----[ OPEN ]------------------------------------------------------------------
#

admin/admin_ranks.php

#
#-----[ FIND ]------------------------------------------------------------------
#
define('IN_PHPBB', 1);
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
if (!defined('IN_PHPBB'))
{
    define( 'IN_PHPBB', 1);
}
#
#-----[ FIND ]------------------------------------------------------------------
#
$mode = htmlspecialchars($mode);
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
$mode = htmlspecialchars($mode, ENT_COMPAT, 'ISO-8859-1');
#
#-----[ FIND ]------------------------------------------------------------------
#
"RANK" => $rank_info['rank_title'],
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
"RANK" => (isset($rank_info['rank_title'])) ? $rank_info['rank_title'] : '',
#
#-----[ FIND ]------------------------------------------------------------------
#
			"NOT_SPECIAL_RANK" => $rank_is_not_special,
			"MINIMUM" => ( $rank_is_special ) ? "" : $rank_info['rank_min'],
			"IMAGE" => ( $rank_info['rank_image'] != "" ) ? $rank_info['rank_image'] : "",
			"IMAGE_DISPLAY" => ( $rank_info['rank_image'] != "" ) ? '<img src="../' . $rank_info['rank_image'] . '" />' : "",
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
			"MINIMUM" => ( $rank_is_special ) ? "" : (isset($rank_info['rank_min'])) ? $rank_info['rank_min'] : '',
			"IMAGE" => ( isset($rank_info['rank_image']) && $rank_info['rank_image'] != "" ) ? $rank_info['rank_image'] : "",
			"IMAGE_DISPLAY" => ( isset($rank_info['rank_image']) && $rank_info['rank_image'] != "" ) ? '<img src="../' . $rank_info['rank_image'] . '" />' : "",
#
#-----[ OPEN ]------------------------------------------------------------------
#

admin/admin_smilies.php

#
#-----[ FIND ]------------------------------------------------------------------
#
define('IN_PHPBB', 1);
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
if (!defined('IN_PHPBB'))
{
    define( 'IN_PHPBB', 1);
}
#
#-----[ FIND ]------------------------------------------------------------------
#
$mode = htmlspecialchars($mode);
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
$mode = htmlspecialchars($mode, ENT_COMPAT, 'ISO-8859-1');
#
#-----[ FIND ]------------------------------------------------------------------
#
else if( eregi('.pak$', $file) )
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
else if( preg_match('/.pak$/i', $file) )
#
#-----[ FIND ]------------------------------------------------------------------
#
// Select main mode
//
#
#-----[ AFTER, ADD ]------------------------------------------------------------
#
$s_hidden_fields = ( isset($s_hidden_fields) ) ? $s_hidden_fields : '';
#
#-----[ FIND ]------------------------------------------------------------------
#
	// Import a list a "Smiley Pack"
	//
#
#-----[ AFTER, ADD ]------------------------------------------------------------
#
	if (!isset($HTTP_GET_VARS['smile_pak']))
    {
        $HTTP_GET_VARS['smile_pak']='';
    }
    if (!isset($HTTP_GET_VARS['clear_current']))
    {
        $HTTP_GET_VARS['clear_current']='';
    }
    if (!isset($HTTP_GET_VARS['replace']))
    {
        $HTTP_GET_VARS['replace']='';
    }
#
#-----[ FIND ]------------------------------------------------------------------
#
$k = $smile_data[$j];
#
#-----[ AFTER, ADD ]------------------------------------------------------------
#
				if (!isset($smiles["$k"]))
                {
                    $smiles[$k]=0;    
                }
#
#-----[ FIND ]------------------------------------------------------------------
#
	// Export our smiley config as a smiley pak...
	//
#
#-----[ AFTER, ADD ]------------------------------------------------------------
#
	if (isset($HTTP_GET_VARS['export_pack']))
    {
#
#-----[ FIND ]------------------------------------------------------------------
#
		echo $smile_pak;

		exit;
	}
#
#-----[ AFTER, ADD ]------------------------------------------------------------
#
	}
#
#-----[ FIND ]------------------------------------------------------------------
#
$smile_emotion = ( isset($HTTP_POST_VARS['smile_emotion']) ) ? htmlspecialchars(trim($HTTP_POST_VARS['smile_emotion'])) : '';
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
$smile_emotion = ( isset($HTTP_POST_VARS['smile_emotion']) ) ? htmlspecialchars(trim($HTTP_POST_VARS['smile_emotion']), ENT_COMPAT, 'ISO-8859-1') : '';
#
#-----[ FIND ]------------------------------------------------------------------
#
$smile_emotion = ( isset($HTTP_POST_VARS['smile_emotion']) ) ? htmlspecialchars(trim($HTTP_POST_VARS['smile_emotion'])) : '';
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
$smile_emotion = ( isset($HTTP_POST_VARS['smile_emotion']) ) ? htmlspecialchars(trim($HTTP_POST_VARS['smile_emotion']), ENT_COMPAT, 'ISO-8859-1') : '';
#
#-----[ FIND ]------------------------------------------------------------------
#
$row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
#
#-----[ BEFORE, ADD ]------------------------------------------------------------
#
        if ($smilies[$i]['code']=='')
        {
            continue;
        }
#
#-----[ OPEN ]------------------------------------------------------------
#

admin/admin_styles.php

#
#-----[ FIND ]------------------------------------------------------------------
#
define('IN_PHPBB', 1);
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
if (!defined('IN_PHPBB'))
{
    define( 'IN_PHPBB', 1);
}
#
#-----[ FIND ]------------------------------------------------------------------
#
$mode = htmlspecialchars($mode);
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
$mode = htmlspecialchars($mode, ENT_COMPAT, 'ISO-8859-1');
#
#-----[ FIND ]------------------------------------------------------------------
#
	case "addnew":
		$install_to = ( isset($HTTP_GET_VARS['install_to']) ) ? urldecode($HTTP_GET_VARS['install_to']) : $HTTP_POST_VARS['install_to'];
		$style_name = ( isset($HTTP_GET_VARS['style']) ) ? urldecode($HTTP_GET_VARS['style']) : $HTTP_POST_VARS['style'];
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
	case "addnew":
	
		if ( isset($HTTP_GET_VARS['install_to']) )
		{
			$install_to = urldecode($HTTP_GET_VARS['install_to']);
		}
		else if ( isset($HTTP_POST_VARS['install_to']) )
		{
			$install_to = $HTTP_POST_VARS['install_to'];
		}
			
		if ( isset($HTTP_GET_VARS['style']) )
		{
			$style_name = urldecode($HTTP_GET_VARS['style']);
		}
		else if ( isset($HTTP_POST_VARS['style']) )
		{
			$style_name = $HTTP_POST_VARS['style'];
		}
#
#-----[ FIND ]------------------------------------------------------------------
#
$style_id = intval($HTTP_POST_VARS['style_id']);
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
$style_id = (isset($HTTP_POST_VARS['style_id'])) ? intval($HTTP_POST_VARS['style_id']) : '';
#
#-----[ FIND ]------------------------------------------------------------------
#
if($file == $selected['template_name'])
#
#-----[ BEFORE, ADD ]------------------------------------------------------------------
#
						$selected['template_name'] = (isset($selected['template_name'])) ? $selected['template_name'] : '';
#
#-----[ FIND ]------------------------------------------------------------------
#
$s_hidden_fields .= '<input type="hidden" name="mode" value="' . $mode . '" />';
#
#-----[ BEFORE, ADD ]------------------------------------------------------------------
#
			$s_hidden_fields = (isset($s_hidden_fields)) ? $s_hidden_fields : '';
#
#-----[ FIND ]------------------------------------------------------------------
#
				"THEME_NAME" => $selected['style_name'],
				"HEAD_STYLESHEET" => $selected['head_stylesheet'],
				"BODY_BACKGROUND" => $selected['body_background'],
				"BODY_BGCOLOR" => $selected['body_bgcolor'],
				"BODY_TEXT_COLOR" => $selected['body_text'],
				"BODY_LINK_COLOR" => $selected['body_link'],
				"BODY_VLINK_COLOR" => $selected['body_vlink'],
				"BODY_ALINK_COLOR" => $selected['body_alink'],
				"BODY_HLINK_COLOR" => $selected['body_hlink'],
				"TR_COLOR1" => $selected['tr_color1'],
				"TR_COLOR2" => $selected['tr_color2'],
				"TR_COLOR3" => $selected['tr_color3'],
				"TR_CLASS1" => $selected['tr_class1'],
				"TR_CLASS2" => $selected['tr_class2'],
				"TR_CLASS3" => $selected['tr_class3'],
				"TH_COLOR1" => $selected['th_color1'],
				"TH_COLOR2" => $selected['th_color2'],
				"TH_COLOR3" => $selected['th_color3'],
				"TH_CLASS1" => $selected['th_class1'],
				"TH_CLASS2" => $selected['th_class2'],
				"TH_CLASS3" => $selected['th_class3'],
				"TD_COLOR1" => $selected['td_color1'],
				"TD_COLOR2" => $selected['td_color2'],
				"TD_COLOR3" => $selected['td_color3'],
				"TD_CLASS1" => $selected['td_class1'],
				"TD_CLASS2" => $selected['td_class2'],
				"TD_CLASS3" => $selected['td_class3'],
				"FONTFACE1" => $selected['fontface1'],
				"FONTFACE2" => $selected['fontface2'],
				"FONTFACE3" => $selected['fontface3'],
				"FONTSIZE1" => $selected['fontsize1'],
				"FONTSIZE2" => $selected['fontsize2'],
				"FONTSIZE3" => $selected['fontsize3'],
				"FONTCOLOR1" => $selected['fontcolor1'],
				"FONTCOLOR2" => $selected['fontcolor2'],
				"FONTCOLOR3" => $selected['fontcolor3'],
				"SPAN_CLASS1" => $selected['span_class1'],
				"SPAN_CLASS2" => $selected['span_class2'],
				"SPAN_CLASS3" => $selected['span_class3'],

				"TR_COLOR1_NAME" => $selected['tr_color1_name'],
				"TR_COLOR2_NAME" => $selected['tr_color2_name'],
				"TR_COLOR3_NAME" => $selected['tr_color3_name'],
				"TR_CLASS1_NAME" => $selected['tr_class1_name'],
				"TR_CLASS2_NAME" => $selected['tr_class2_name'],
				"TR_CLASS3_NAME" => $selected['tr_class3_name'],
				"TH_COLOR1_NAME" => $selected['th_color1_name'],
				"TH_COLOR2_NAME" => $selected['th_color2_name'],
				"TH_COLOR3_NAME" => $selected['th_color3_name'],
				"TH_CLASS1_NAME" => $selected['th_class1_name'],
				"TH_CLASS2_NAME" => $selected['th_class2_name'],
				"TH_CLASS3_NAME" => $selected['th_class3_name'],
				"TD_COLOR1_NAME" => $selected['td_color1_name'],
				"TD_COLOR2_NAME" => $selected['td_color2_name'],
				"TD_COLOR3_NAME" => $selected['td_color3_name'],
				"TD_CLASS1_NAME" => $selected['td_class1_name'],
				"TD_CLASS2_NAME" => $selected['td_class2_name'],
				"TD_CLASS3_NAME" => $selected['td_class3_name'],
				"FONTFACE1_NAME" => $selected['fontface1_name'],
				"FONTFACE2_NAME" => $selected['fontface2_name'],
				"FONTFACE3_NAME" => $selected['fontface3_name'],
				"FONTSIZE1_NAME" => $selected['fontsize1_name'],
				"FONTSIZE2_NAME" => $selected['fontsize2_name'],
				"FONTSIZE3_NAME" => $selected['fontsize3_name'],
				"FONTCOLOR1_NAME" => $selected['fontcolor1_name'],
				"FONTCOLOR2_NAME" => $selected['fontcolor2_name'],
				"FONTCOLOR3_NAME" => $selected['fontcolor3_name'],
				"SPAN_CLASS1_NAME" => $selected['span_class1_name'],
				"SPAN_CLASS2_NAME" => $selected['span_class2_name'],
				"SPAN_CLASS3_NAME" => $selected['span_class3_name'],
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
				"THEME_NAME" => (isset($selected['style_name'])) ? $selected['style_name'] : '',
				"HEAD_STYLESHEET" => (isset($selected['head_stylesheet'])) ? $selected['head_stylesheet'] : '',
				"BODY_BACKGROUND" => (isset($selected['body_background'])) ? $selected['body_background'] : '',
				"BODY_BGCOLOR" => (isset($selected['body_bgcolor'])) ? $selected['body_bgcolor'] : '',
				"BODY_TEXT_COLOR" => (isset($selected['body_text'])) ? $selected['body_text'] : '',
				"BODY_LINK_COLOR" => (isset($selected['body_link'])) ? $selected['body_link'] : '',
				"BODY_VLINK_COLOR" => (isset($selected['body_vlink'])) ? $selected['body_vlink'] : '',
				"BODY_ALINK_COLOR" => (isset($selected['body_alink'])) ? $selected['body_alink'] : '',
				"BODY_HLINK_COLOR" => (isset($selected['body_hlink'])) ? $selected['body_hlink'] : '',
				"TR_COLOR1" => (isset($selected['tr_color1'])) ? $selected['tr_color1'] : '',
				"TR_COLOR2" => (isset($selected['tr_color2'])) ? $selected['tr_color2'] : '',
				"TR_COLOR3" => (isset($selected['tr_color3'])) ? $selected['tr_color3'] : '',
				"TR_CLASS1" => (isset($selected['tr_class1'])) ? $selected['tr_class1'] : '',
				"TR_CLASS2" => (isset($selected['tr_class2'])) ? $selected['tr_class2'] : '',
				"TR_CLASS3" => (isset($selected['tr_class3'])) ? $selected['tr_class3'] : '',
				"TH_COLOR1" => (isset($selected['th_color1'])) ? $selected['th_color1'] : '',
				"TH_COLOR2" => (isset($selected['th_color2'])) ? $selected['th_color2'] : '',
				"TH_COLOR3" => (isset($selected['th_color3'])) ? $selected['th_color3'] : '',
				"TH_CLASS1" => (isset($selected['th_class1'])) ? $selected['th_class1'] : '',
				"TH_CLASS2" => (isset($selected['th_class2'])) ? $selected['th_class2'] : '',
				"TH_CLASS3" => (isset($selected['th_class3'])) ? $selected['th_class3'] : '',
				"TD_COLOR1" => (isset($selected['td_color1'])) ? $selected['td_color1'] : '',
				"TD_COLOR2" => (isset($selected['td_color2'])) ? $selected['td_color2'] : '',
				"TD_COLOR3" => (isset($selected['td_color3'])) ? $selected['td_color3'] : '',
				"TD_CLASS1" => (isset($selected['td_class1'])) ? $selected['td_class1'] : '',
				"TD_CLASS2" => (isset($selected['td_class2'])) ? $selected['td_class2'] : '',
				"TD_CLASS3" => (isset($selected['td_class3'])) ? $selected['td_class3'] : '',
				"FONTFACE1" => (isset($selected['fontface1'])) ? $selected['fontface1'] : '',
				"FONTFACE2" => (isset($selected['fontface2'])) ? $selected['fontface2'] : '',
				"FONTFACE3" => (isset($selected['fontface3'])) ? $selected['fontface3'] : '',
				"FONTSIZE1" => (isset($selected['fontsize1'])) ? $selected['fontsize1'] : '',
				"FONTSIZE2" => (isset($selected['fontsize2'])) ? $selected['fontsize2'] : '',
				"FONTSIZE3" => (isset($selected['fontsize3'])) ? $selected['fontsize3'] : '',
				"FONTCOLOR1" => (isset($selected['fontcolor1'])) ? $selected['fontcolor1'] : '',
				"FONTCOLOR2" => (isset($selected['fontcolor2'])) ? $selected['fontcolor2'] : '',
				"FONTCOLOR3" => (isset($selected['fontcolor3'])) ? $selected['fontcolor3'] : '',
				"SPAN_CLASS1" => (isset($selected['span_class1'])) ? $selected['span_class1'] : '',
				"SPAN_CLASS2" => (isset($selected['span_class2'])) ? $selected['span_class2'] : '',
				"SPAN_CLASS3" => (isset($selected['span_class3'])) ? $selected['span_class3'] : '',

				"TR_COLOR1_NAME" => (isset($selected['tr_color1_name'])) ? $selected['tr_color1_name'] : '',
				"TR_COLOR2_NAME" => (isset($selected['tr_color2_name'])) ? $selected['tr_color2_name'] : '',
				"TR_COLOR3_NAME" => (isset($selected['tr_color3_name'])) ? $selected['tr_color3_name'] : '',
				"TR_CLASS1_NAME" => (isset($selected['tr_class1_name'])) ? $selected['tr_class1_name'] : '',
				"TR_CLASS2_NAME" => (isset($selected['tr_class2_name'])) ? $selected['tr_class2_name'] : '',
				"TR_CLASS3_NAME" => (isset($selected['tr_class3_name'])) ? $selected['tr_class3_name'] : '',
				"TH_COLOR1_NAME" => (isset($selected['th_color1_name'])) ? $selected['th_color1_name'] : '',
				"TH_COLOR2_NAME" => (isset($selected['th_color2_name'])) ? $selected['th_color2_name'] : '',
				"TH_COLOR3_NAME" => (isset($selected['th_color3_name'])) ? $selected['th_color3_name'] : '',
				"TH_CLASS1_NAME" => (isset($selected['th_class1_name'])) ? $selected['th_class1_name'] : '',
				"TH_CLASS2_NAME" => (isset($selected['th_class2_name'])) ? $selected['th_class2_name'] : '',
				"TH_CLASS3_NAME" => (isset($selected['th_class3_name'])) ? $selected['th_class3_name'] : '',
				"TD_COLOR1_NAME" => (isset($selected['td_color1_name'])) ? $selected['td_color1_name'] : '',
				"TD_COLOR2_NAME" => (isset($selected['td_color2_name'])) ? $selected['td_color2_name'] : '',
				"TD_COLOR3_NAME" => (isset($selected['td_color3_name'])) ? $selected['td_color3_name'] : '',
				"TD_CLASS1_NAME" => (isset($selected['td_class1_name'])) ? $selected['td_class1_name'] : '',
				"TD_CLASS2_NAME" => (isset($selected['td_class2_name'])) ? $selected['td_class2_name'] : '',
				"TD_CLASS3_NAME" => (isset($selected['td_class3_name'])) ? $selected['td_class3_name'] : '',
				"FONTFACE1_NAME" => (isset($selected['fontface1_name'])) ? $selected['fontface1_name'] : '',
				"FONTFACE2_NAME" => (isset($selected['fontface2_name'])) ? $selected['fontface2_name'] : '',
				"FONTFACE3_NAME" => (isset($selected['fontface3_name'])) ? $selected['fontface3_name'] : '',
				"FONTSIZE1_NAME" => (isset($selected['fontsize1_name'])) ? $selected['fontsize1_name'] : '',
				"FONTSIZE2_NAME" => (isset($selected['fontsize2_name'])) ? $selected['fontsize2_name'] : '',
				"FONTSIZE3_NAME" => (isset($selected['fontsize3_name'])) ? $selected['fontsize3_name'] : '',
				"FONTCOLOR1_NAME" => (isset($selected['fontcolor1_name'])) ? $selected['fontcolor1_name'] : '',
				"FONTCOLOR2_NAME" => (isset($selected['fontcolor2_name'])) ? $selected['fontcolor2_name'] : '',
				"FONTCOLOR3_NAME" => (isset($selected['fontcolor3_name'])) ? $selected['fontcolor3_name'] : '',
				"SPAN_CLASS1_NAME" => (isset($selected['span_class1_name'])) ? $selected['span_class1_name'] : '',
				"SPAN_CLASS2_NAME" => (isset($selected['span_class2_name'])) ? $selected['span_class2_name'] : '',
				"SPAN_CLASS3_NAME" => (isset($selected['span_class3_name'])) ? $selected['span_class3_name'] : '',
#
#-----[ FIND ]------------------------------------------------------------------
#
	case "export";
		if($HTTP_POST_VARS['export_template'])
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
	case "export":
	
		$HTTP_POST_VARS['export_template'] = (isset($HTTP_POST_VARS['export_template'])) ? $HTTP_POST_VARS['export_template'] : '';
		$HTTP_POST_VARS['send_file'] = (isset($HTTP_POST_VARS['send_file'])) ? $HTTP_POST_VARS['send_file'] : '';

		if(isset($HTTP_POST_VARS['export_template']) && $HTTP_POST_VARS['export_template'])
#
#-----[ FIND ]------------------------------------------------------------------
#
$s_hidden_fields = '<input type="hidden" name="theme_info" value="' . htmlspecialchars($theme_data) . '" />';
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
$s_hidden_fields = '<input type="hidden" name="theme_info" value="' . htmlspecialchars($theme_data, ENT_COMPAT, 'ISO-8859-1') . '" />';
#
#-----[ FIND ]------------------------------------------------------------------
#
else if($HTTP_POST_VARS['send_file'])
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
else if(isset($HTTP_POST_VARS['send_file']) && $HTTP_POST_VARS['send_file'])
#
#-----[ OPEN ]------------------------------------------------------------
#

admin/admin_ug_auth.php

#
#-----[ FIND ]------------------------------------------------------------------
#
define('IN_PHPBB', 1);
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
if (!defined('IN_PHPBB'))
{
    define( 'IN_PHPBB', 1);
}
#
#-----[ FIND ]------------------------------------------------------------------
#
$mode = htmlspecialchars($mode);
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
$mode = htmlspecialchars($mode, ENT_COMPAT, 'ISO-8859-1');
#
#-----[ FIND ]------------------------------------------------------------------
#
					if( $forum_access[$i][$auth_field] == AUTH_ACL && isset($change_acl_list[$forum_id][$auth_field]) )
					{
#
#-----[ AFTER, ADD ]------------------------------------------------------------
#
						$forum_auth_action[$forum_id] = (isset($forum_auth_action[$forum_id])) ? $forum_auth_action[$forum_id] : '';
#
#-----[ FIND ]------------------------------------------------------------------
#
	$auth_access = array();
	$auth_access_count = array();
	while( $row = $db->sql_fetchrow($result) )
	{
		$auth_access[$row['forum_id']][] = $row; 
		$auth_access_count[$row['forum_id']]++;
	}
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
	$auth_access = array();
	$auth_access_count = array();
	while( $row = $db->sql_fetchrow($result) )
	{
		$auth_access[$row['forum_id']][] = $row; 
		if (isset($auth_access_count[$row['forum_id']]))
		{
			$auth_access_count[$row['forum_id']]++;
		}
	}
#
#-----[ FIND ]------------------------------------------------------------------
#
				$template->assign_block_vars('forums.aclvalues', array(
					'S_ACL_SELECT' => $optionlist_acl_adv[$forum_id][$j])
				);
#
#-----[ BEFORE, ADD ]------------------------------------------------------------
#
				$optionlist_acl_adv[$forum_id][$j] = (isset($optionlist_acl_adv[$forum_id][$j])) ? $optionlist_acl_adv[$forum_id][$j] : '';
#
#-----[ FIND ]------------------------------------------------------------------
#
$ug = ( $mode == 'user' ) ? 'group&amp;' . POST_GROUPS_URL : 'user&amp;' . POST_USERS_URL;
#
#-----[ AFTER, ADD ]------------------------------------------------------------
#
			$id[$i] = (isset($id[$i])) ? $id[$i] : '';
			$name[$i] = (isset($name[$i])) ? $name[$i] : '';
#
#-----[ OPEN ]------------------------------------------------------------
#

admin/admin_user_ban.php

#
#-----[ FIND ]------------------------------------------------------------------
#
define('IN_PHPBB', 1);
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
if (!defined('IN_PHPBB'))
{
    define( 'IN_PHPBB', 1);
}
#
#-----[ OPEN ]------------------------------------------------------------
#

admin/admin_users.php

#
#-----[ FIND ]------------------------------------------------------------------
#
define('IN_PHPBB', 1);
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
if (!defined('IN_PHPBB'))
{
    define( 'IN_PHPBB', 1);
}
#
#-----[ FIND ]------------------------------------------------------------------
#
$mode = htmlspecialchars($mode);
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
$mode = htmlspecialchars($mode, ENT_COMPAT, 'ISO-8859-1');
#
#-----[ FIND ]------------------------------------------------------------------
#
if( $HTTP_POST_VARS['deleteuser'] && ( $userdata['user_id'] != $user_id ) )
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
if( isset ($HTTP_POST_VARS['deleteuser']) && $HTTP_POST_VARS['deleteuser'] && ( $userdata['user_id'] != $user_id ) )
#
#-----[ FIND ]------------------------------------------------------------------
#
			// This little bit of code directly from the private messaging section.
			while ( $row_privmsgs = $db->sql_fetchrow($result) )
			{
				$mark_list[] = $row_privmsgs['privmsgs_id'];
			}
#
#-----[ AFTER, ADD ]------------------------------------------------------------
#
			$mark_list = (isset($mark_list)) ? $mark_list : '';
#
#-----[ FIND ]------------------------------------------------------------------
#
		$email = ( !empty($HTTP_POST_VARS['email']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['email'] ) )) : '';

		$password = ( !empty($HTTP_POST_VARS['password']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['password'] ) )) : '';
		$password_confirm = ( !empty($HTTP_POST_VARS['password_confirm']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['password_confirm'] ) )) : '';
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
		$email = ( !empty($HTTP_POST_VARS['email']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['email'], ENT_COMPAT, 'ISO-8859-1' ) )) : '';

		$password = ( !empty($HTTP_POST_VARS['password']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['password'], ENT_COMPAT, 'ISO-8859-1' ) )) : '';
		$password_confirm = ( !empty($HTTP_POST_VARS['password_confirm']) ) ? trim(strip_tags(htmlspecialchars( $HTTP_POST_VARS['password_confirm'], ENT_COMPAT, 'ISO-8859-1' ) )) : '';
#
#-----[ FIND ]------------------------------------------------------------------
#
$user_avatar_category = ( isset($HTTP_POST_VARS['avatarcatname']) && $board_config['allow_avatar_local'] ) ? htmlspecialchars($HTTP_POST_VARS['avatarcatname']) : '' ;
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
$user_avatar_category = ( isset($HTTP_POST_VARS['avatarcatname']) && $board_config['allow_avatar_local'] ) ? htmlspecialchars($HTTP_POST_VARS['avatarcatname'], ENT_COMPAT, 'ISO-8859-1') : '' ;
#
#-----[ FIND ]------------------------------------------------------------------
#
$user_avatar_loc = ( $HTTP_POST_FILES['avatar']['tmp_name'] != "none") ? $HTTP_POST_FILES['avatar']['tmp_name'] : '';
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
$user_avatar_loc = ( isset($HTTP_POST_FILES['avatar']['tmp_name']) && $HTTP_POST_FILES['avatar']['tmp_name'] != "none") ? $HTTP_POST_FILES['avatar']['tmp_name'] : '';
#
#-----[ FIND ]------------------------------------------------------------------
#
			$aim = htmlspecialchars(stripslashes($aim));
			$msn = htmlspecialchars(stripslashes($msn));
			$yim = htmlspecialchars(stripslashes($yim));

			$website = htmlspecialchars(stripslashes($website));
			$location = htmlspecialchars(stripslashes($location));
			$occupation = htmlspecialchars(stripslashes($occupation));
			$interests = htmlspecialchars(stripslashes($interests));
			$signature = htmlspecialchars(stripslashes($signature));

			$user_lang = stripslashes($user_lang);
			$user_dateformat = htmlspecialchars(stripslashes($user_dateformat));
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
			$aim = htmlspecialchars(stripslashes($aim), ENT_COMPAT, 'ISO-8859-1');
			$msn = htmlspecialchars(stripslashes($msn), ENT_COMPAT, 'ISO-8859-1');
			$yim = htmlspecialchars(stripslashes($yim), ENT_COMPAT, 'ISO-8859-1');

			$website = htmlspecialchars(stripslashes($website), ENT_COMPAT, 'ISO-8859-1');
			$location = htmlspecialchars(stripslashes($location), ENT_COMPAT, 'ISO-8859-1');
			$occupation = htmlspecialchars(stripslashes($occupation), ENT_COMPAT, 'ISO-8859-1');
			$interests = htmlspecialchars(stripslashes($interests), ENT_COMPAT, 'ISO-8859-1');
			$signature = htmlspecialchars(stripslashes($signature), ENT_COMPAT, 'ISO-8859-1');

			$user_lang = stripslashes($user_lang);
			$user_dateformat = htmlspecialchars(stripslashes($user_dateformat), ENT_COMPAT, 'ISO-8859-1');
#
#-----[ FIND ]------------------------------------------------------------------
#
		else if( $password && !$password_confirm )
		{
			$error = TRUE;
#
#-----[ AFTER, ADD ]------------------------------------------------------------
#
			$error_msg = (isset($error_msg)) ? $error_msg : '';
#
#-----[ FIND ]------------------------------------------------------------------
#
// Only create a new bbcode_uid when there was no uid yet.
#
#-----[ BEFORE, ADD ]------------------------------------------------------------
#
			$signature_bbcode_uid = (isset($signature_bbcode_uid)) ? $signature_bbcode_uid : '';
#
#-----[ FIND ]------------------------------------------------------------------
#
if( file_exists(@phpbb_realpath($user_avatar_loc)) && ereg(".jpg$|.gif$|.png$", $user_avatar_name) )
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
if( file_exists(@phpbb_realpath($user_avatar_loc)) && preg_match("/.jpg$|.gif$|.png$/", $user_avatar_name) )
#
#-----[ FIND ]------------------------------------------------------------------
#
		// Update entry in DB
		//
		if( !$error )
		{
#
#-----[ AFTER, ADD ]------------------------------------------------------------
#
			$username_sql = (isset($username_sql)) ? $username_sql : '';
			$signature_bbcode_uid = (isset($signature_bbcode_uid)) ? $signature_bbcode_uid : '';
#
#-----[ FIND ]------------------------------------------------------------------
#
				// We remove all stored login keys since the password has been updated
				// and change the current one (if applicable)
				if ( !empty($passwd_sql) )
				{
					session_reset_keys($user_id, $user_ip);
				}
#
#-----[ AFTER, ADD ]------------------------------------------------------------
#
				$message = (isset($message)) ? $message : '';
#
#-----[ FIND ]------------------------------------------------------------------
#
$username = htmlspecialchars(stripslashes($username));
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
$username = htmlspecialchars(stripslashes($username), ENT_COMPAT, 'ISO-8859-1');
#
#-----[ FIND ]------------------------------------------------------------------
#
			$aim = htmlspecialchars(str_replace('+', ' ', stripslashes($aim)));
			$msn = htmlspecialchars(stripslashes($msn));
			$yim = htmlspecialchars(stripslashes($yim));

			$website = htmlspecialchars(stripslashes($website));
			$location = htmlspecialchars(stripslashes($location));
			$occupation = htmlspecialchars(stripslashes($occupation));
			$interests = htmlspecialchars(stripslashes($interests));
			$signature = htmlspecialchars(stripslashes($signature));

			$user_lang = stripslashes($user_lang);
			$user_dateformat = htmlspecialchars(stripslashes($user_dateformat));
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
			$aim = htmlspecialchars(str_replace('+', ' ', stripslashes($aim)), ENT_COMPAT, 'ISO-8859-1');
			$msn = htmlspecialchars(stripslashes($msn), ENT_COMPAT, 'ISO-8859-1');
			$yim = htmlspecialchars(stripslashes($yim), ENT_COMPAT, 'ISO-8859-1');

			$website = htmlspecialchars(stripslashes($website), ENT_COMPAT, 'ISO-8859-1');
			$location = htmlspecialchars(stripslashes($location), ENT_COMPAT, 'ISO-8859-1');
			$occupation = htmlspecialchars(stripslashes($occupation), ENT_COMPAT, 'ISO-8859-1');
			$interests = htmlspecialchars(stripslashes($interests), ENT_COMPAT, 'ISO-8859-1');
			$signature = htmlspecialchars(stripslashes($signature), ENT_COMPAT, 'ISO-8859-1');

			$user_lang = stripslashes($user_lang);
			$user_dateformat = htmlspecialchars(stripslashes($user_dateformat), ENT_COMPAT, 'ISO-8859-1');
#
#-----[ FIND ]------------------------------------------------------------------
#
		$aim = htmlspecialchars(str_replace('+', ' ', $this_userdata['user_aim'] ));
		$msn = htmlspecialchars($this_userdata['user_msnm']);
		$yim = htmlspecialchars($this_userdata['user_yim']);

		$website = htmlspecialchars($this_userdata['user_website']);
		$location = htmlspecialchars($this_userdata['user_from']);
		$occupation = htmlspecialchars($this_userdata['user_occ']);
		$interests = htmlspecialchars($this_userdata['user_interests']);
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
		$aim = htmlspecialchars(str_replace('+', ' ', $this_userdata['user_aim'] ), ENT_COMPAT, 'ISO-8859-1');
		$msn = htmlspecialchars($this_userdata['user_msnm'], ENT_COMPAT, 'ISO-8859-1');
		$yim = htmlspecialchars($this_userdata['user_yim'], ENT_COMPAT, 'ISO-8859-1');

		$website = htmlspecialchars($this_userdata['user_website'], ENT_COMPAT, 'ISO-8859-1');
		$location = htmlspecialchars($this_userdata['user_from'], ENT_COMPAT, 'ISO-8859-1');
		$occupation = htmlspecialchars($this_userdata['user_occ'], ENT_COMPAT, 'ISO-8859-1');
		$interests = htmlspecialchars($this_userdata['user_interests'], ENT_COMPAT, 'ISO-8859-1');
#
#-----[ FIND ]------------------------------------------------------------------
#
$user_dateformat = htmlspecialchars($this_userdata['user_dateformat']);
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
$user_dateformat = htmlspecialchars($this_userdata['user_dateformat'], ENT_COMPAT, 'ISO-8859-1');
#
#-----[ FIND ]------------------------------------------------------------------
#
$category = htmlspecialchars($HTTP_POST_VARS['avatarcategory']);
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
$category = htmlspecialchars($HTTP_POST_VARS['avatarcategory'], ENT_COMPAT, 'ISO-8859-1');
#
#-----[ FIND ]------------------------------------------------------------------
#
		$s_hidden_fields = '<input type="hidden" name="mode" value="save" /><input type="hidden" name="agreed" value="true" /><input type="hidden" name="coppa" value="' . $coppa . '" />';
#
#-----[ BEFORE, ADD ]------------------------------------------------------------
#
		$coppa = (isset($coppa)) ? $coppa : '';
#
#-----[ FIND ]------------------------------------------------------------------
#
			'HTML_STATUS' => $html_status,
			'BBCODE_STATUS' => sprintf($bbcode_status, '<a href="../' . append_sid("faq.$phpEx?mode=bbcode") . '" target="_phpbbcode">', '</a>'), 
			'SMILIES_STATUS' => $smilies_status,
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
			'HTML_STATUS' => (isset($html_status)) ? $html_status : '',
			'BBCODE_STATUS' => sprintf((isset($bbcode_status)) ? $bbcode_status : '', '<a href="../' . append_sid("faq.$phpEx?mode=bbcode") . '" target="_phpbbcode">', '</a>'), 
			'SMILIES_STATUS' => (isset($smilies_status)) ? $smilies_status : '',
#
#-----[ FIND ]------------------------------------------------------------------
#
'S_USER_SELECT' => $select_list)
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
'S_USER_SELECT' => (isset($select_list)) ? $select_list : '')
#
#-----[ OPEN ]------------------------------------------------------------------
#

admin/admin_words.php

#
#-----[ FIND ]------------------------------------------------------------------
#
define('IN_PHPBB', 1);
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
if (!defined('IN_PHPBB'))
{
    define( 'IN_PHPBB', 1);
}
#
#-----[ FIND ]------------------------------------------------------------------
#
$mode = htmlspecialchars($mode);
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
$mode = htmlspecialchars($mode, ENT_COMPAT, 'ISO-8859-1');
#
#-----[ FIND ]------------------------------------------------------------------
#
			"WORD" => htmlspecialchars($word_info['word']),
			"REPLACEMENT" => htmlspecialchars($word_info['replacement']),
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
			"WORD" => htmlspecialchars($word_info['word'], ENT_COMPAT, 'ISO-8859-1'),
			"REPLACEMENT" => htmlspecialchars($word_info['replacement'], ENT_COMPAT, 'ISO-8859-1'),
#
#-----[ FIND ]------------------------------------------------------------------
#
$row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
#
#-----[ BEFORE, ADD ]------------------------------------------------------------
#
		if ($word_rows[$i]['word']=='')
        {
            continue;
		}
#
#-----[ FIND ]------------------------------------------------------------------
#
			"WORD" => htmlspecialchars($word),
			"REPLACEMENT" => htmlspecialchars($replacement),
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
			"WORD" => htmlspecialchars($word, ENT_COMPAT, 'ISO-8859-1'),
			"REPLACEMENT" => htmlspecialchars($replacement, ENT_COMPAT, 'ISO-8859-1'),
#
#-----[ OPEN ]------------------------------------------------------------------
#

admin/index.php

#
#-----[ FIND ]------------------------------------------------------------------
#
define('IN_PHPBB', 1);
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
if (!defined('IN_PHPBB'))
{
    define( 'IN_PHPBB', 1);
}
#
#-----[ FIND ]------------------------------------------------------------------
#
$start_date = create_date($board_config['default_dateformat'], $board_config['board_startdate'], $board_config['board_timezone']);
#
#-----[ BEFORE, ADD ]------------------------------------------------------------
#
	$board_config['board_startdate'] = (empty($board_config['board_startdate'])) ? '0' : $board_config['board_startdate'];
#
#-----[ FIND ]------------------------------------------------------------------
#
if( $tabledata_ary[$i]['Type'] != "MRG_MyISAM" )
#
#-----[ BEFORE, ADD ]------------------------------------------------------------
#
						$tabledata_ary[$i]['Type'] = (isset($tabledata_ary[$i]['Type'])) ? $tabledata_ary[$i]['Type'] : '';
#
#-----[ FIND ]------------------------------------------------------------------
#
if( $onlinerow_reg[$i]['user_allow_viewonline'] || $userdata['user_level'] == ADMIN )
#
#-----[ BEFORE, ADD ]------------------------------------------------------------
#
				$onlinerow_reg[$i]['user_allow_viewonline'] = (isset($onlinerow_reg[$i]['user_allow_viewonline'])) ? $onlinerow_reg[$i]['user_allow_viewonline'] : '';
#
#-----[ OPEN ]------------------------------------------------------------------
#

admin/page_header_admin.php

#
#-----[ FIND ]------------------------------------------------------------------
#
'PAGE_TITLE' => $page_title,
#
#-----[ REPLACE WITH ]------------------------------------------------------------
#
'PAGE_TITLE' => (isset($page_title)) ? $page_title : '',
#
#-----[ OPEN ]------------------------------------------------------------------
#

includes/auth.php

#
#-----[ FIND ]------------------------------------------------------------------
#
		// Now we compare the users access level against the forums. We assume here that a moderator
		// and admin automatically have access to an ACL forum, similarly we assume admins meet an
		// auth requirement of MOD
		//
		if ( $forum_id != AUTH_LIST_ALL )
		{
#
#-----[ AFTER, ADD ]------------------------------------------------------------
#
			if (!isset($f_access[$key]))
            {
                $f_access[$key]=0;
            }
#
#-----[ OPEN ]------------------------------------------------------------------
#

includes/db.php

#
#-----[ FIND ]------------------------------------------------------------------
#
	case 'mysql4':
		include($phpbb_root_path . 'db/mysql4.'.$phpEx);
		break;
#
#-----[ AFTER, ADD ]------------------------------------------------------------
#
	case 'mysqli':
		include($phpbb_root_path . 'db/mysqli.'.$phpEx);
		break;
#
#-----[ OPEN ]------------------------------------------------------------------
#

includes/emailer.php

#
#-----[ FIND ]------------------------------------------------------------------
#
		$to = $this->addresses['to'];

		$cc = (count($this->addresses['cc'])) ? implode(', ', $this->addresses['cc']) : '';
		$bcc = (count($this->addresses['bcc'])) ? implode(', ', $this->addresses['bcc']) : '';
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
		$to = (isset($this->addresses['to'])) ? $this->addresses['to'] : '';

		$cc = (isset($this->addresses['cc']) && count($this->addresses['cc'])) ? implode(', ', $this->addresses['cc']) : '';
		$bcc = (isset($this->addresses['bcc']) && count($this->addresses['bcc'])) ? implode(', ', $this->addresses['bcc']) : '';
#
#-----[ OPEN ]------------------------------------------------------------------
#

includes/functions.php

#
#-----[ FIND ]------------------------------------------------------------------
#
$username = substr(htmlspecialchars(str_replace("\'", "'", trim($username))), 0, 25);
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
$username = substr(htmlspecialchars(str_replace("\'", "'", trim($username)), ENT_COMPAT, 'ISO-8859-1'), 0, 25);
#
#-----[ FIND ]------------------------------------------------------------------
#
	else
	{
		$boxstring .= '<select name="' . POST_FORUM_URL . '" onchange="if(this.options[this.selectedIndex].value != -1){ forms[\'jumpbox\'].submit() }"></select>';
	}
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
	else
	{
		$boxstring = (isset($boxstring)) ? $boxstring : '';
		$boxstring .= '<select name="' . POST_FORUM_URL . '" onchange="if(this.options[this.selectedIndex].value != -1){ forms[\'jumpbox\'].submit() }"></select>';
	}
#
#-----[ FIND ]------------------------------------------------------------------
#
	else
	{
		$default_lang = phpbb_ltrim(basename(phpbb_rtrim($board_config['default_lang'])), "'");
	}
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
	else
	{
		if (isset($board_config['default_lang']))
		{
			$default_lang = phpbb_ltrim(basename(phpbb_rtrim($board_config['default_lang'])), "'");
		}
	}
#
#-----[ FIND ]------------------------------------------------------------------
#
// For logged in users, try the board default language next
#
#-----[ BEFORE, ADD ]------------------------------------------------------------------
#
			$board_config['default_lang'] = (isset($board_config['default_lang'])) ? $board_config['default_lang'] : 'english';
#
#-----[ FIND ]------------------------------------------------------------------
#
elseif ( $userdata['user_id'] == ANONYMOUS && $board_config['default_lang'] !== $default_lang )
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
elseif ( $userdata['user_id'] == ANONYMOUS && isset($board_config['default_lang']) && $board_config['default_lang'] !== $default_lang )
#
#-----[ FIND ]------------------------------------------------------------------
#
function encode_ip($dotquad_ip)
{
	$ip_sep = explode('.', $dotquad_ip);
	return sprintf('%02x%02x%02x%02x', $ip_sep[0], $ip_sep[1], $ip_sep[2], $ip_sep[3]);
}

function decode_ip($int_ip)
{
	$hexipbang = explode('.', chunk_split($int_ip, 2, '.'));
	return hexdec($hexipbang[0]). '.' . hexdec($hexipbang[1]) . '.' . hexdec($hexipbang[2]) . '.' . hexdec($hexipbang[3]);
}
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
function encode_ip($dotquad_ip)
{
	if (function_exists('filter_var'))
	{
		if (filter_var($dotquad_ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) !== false)
		{
			// ipv6 - "::1" => "0000000000000000000000000001"
			$new_ip = '';
			if(strstr($dotquad_ip,"::" ))
			{
				$ip_sep = array();
				$e = explode(":", $dotquad_ip);
				$s = 8-count($e);
				
				foreach($e as $value)
				{
					if ($value == '')
					{
						for($i = 0; $i <= $s; $i++) $ip_sep[] = 0;
					}
					else
					{
						$ip_sep[] = $value;
					}
				}
			}
			else
			{
				$ip_sep = explode(':', $dotquad_ip);
			}
			for ($i = 0; $i <= 7; $i++) $new_ip .= str_pad($ip_sep[$i], 4, '0', STR_PAD_LEFT);
			return $new_ip;
		}
		else if (filter_var($dotquad_ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) !== false)
		{
			// ipv4 - "127.0.0.1" => "7F000001"
			$ip_sep = explode('.', $dotquad_ip);
			return sprintf('%02x%02x%02x%02x', $ip_sep[0], $ip_sep[1], $ip_sep[2], $ip_sep[3]);
	   }
	}
	else
	{
		if (preg_match('/^((([0-9A-Fa-f]{1,4}:){7}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}:[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){5}:([0-9A-Fa-f]{1,4}:)?[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){4}:([0-9A-Fa-f]{1,4}:){0,2}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){3}:([0-9A-Fa-f]{1,4}:){0,3}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){2}:([0-9A-Fa-f]{1,4}:){0,4}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}((b((25[0-5])|(1d{2})|(2[0-4]d)|(d{1,2}))b).){3}(b((25[0-5])|(1d{2})|(2[0-4]d)|(d{1,2}))b))|(([0-9A-Fa-f]{1,4}:){0,5}:((b((25[0-5])|(1d{2})|(2[0-4]d)|(d{1,2}))b).){3}(b((25[0-5])|(1d{2})|(2[0-4]d)|(d{1,2}))b))|(::([0-9A-Fa-f]{1,4}:){0,5}((b((25[0-5])|(1d{2})|(2[0-4]d)|(d{1,2}))b).){3}(b((25[0-5])|(1d{2})|(2[0-4]d)|(d{1,2}))b))|([0-9A-Fa-f]{1,4}::([0-9A-Fa-f]{1,4}:){0,5}[0-9A-Fa-f]{1,4})|(::([0-9A-Fa-f]{1,4}:){0,6}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){1,7}:))$/', $dotquad_ip))
		{
			// ipv6 - "::1" => "0000000000000000000000000001"
			$new_ip = '';
			if(strstr($dotquad_ip,"::" ))
			{
				$ip_sep = array();
				$e = explode(":", $dotquad_ip);
				$s = 8-count($e);
				
				foreach($e as $value)
				{
					if ($value == '')
					{
						for($i = 0; $i <= $s; $i++) $ip_sep[] = 0;
					}
					else
					{
						$ip_sep[] = $value;
					}
				}
			}
			else
			{
				$ip_sep = explode(':', $dotquad_ip);
			}
			for ($i = 0; $i <= 7; $i++) $new_ip .= str_pad($ip_sep[$i], 4, '0', STR_PAD_LEFT);
			return $new_ip;
		}
		else if (preg_match('/^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?).(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/', $dotquad_ip))
		{
			// ipv4 - "127.0.0.1" => "7F000001"
			$ip_sep = explode('.', $dotquad_ip);
			return sprintf('%02x%02x%02x%02x', $ip_sep[0], $ip_sep[1], $ip_sep[2], $ip_sep[3]);
	   }
	
	}
}

function decode_ip($int_ip)
{
   if (strlen($int_ip) == 32)
   {
		// ipv6 - "0000000000000000000000000001" => "::1"
		$hexipbang = array();
		
		if (function_exists('str_split'))
		{
			$e = str_split($int_ip, 4);
		}
		else
		{
			$e = explode(':', chunk_split($int_ip, 4, ':'));
		}
		
		foreach($e as $key => $value)
		{
			$value = ltrim($value, '0');
			$hexipbang[] = $value ? $value : '0';
		}
		
		$new_ip = implode(':', $hexipbang);
		if (preg_match_all('/:(0:)+/s', $new_ip, $zeros, PREG_PATTERN_ORDER))
		{
			rsort($zeros[0], SORT_STRING);
			$new_ip = str_replace($zeros[0][0], '::', $new_ip);
		}
		return $new_ip;
	}
	else if (strlen($int_ip) == 8)
	{
		// ipv4 - "7F000001" => "127.0.0.1"
		$hexipbang = explode('.', chunk_split($int_ip, 2, '.'));
		return hexdec($hexipbang[0]). '.' . hexdec($hexipbang[1]) . '.' . hexdec($hexipbang[2]) . '.' . hexdec($hexipbang[3]);
	}
}
#
#-----[ OPEN ]------------------------------------------------------------------
#

includes/functions_post.php

#
#-----[ FIND ]------------------------------------------------------------------
#
$subject = htmlspecialchars(trim($subject));
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
$subject = htmlspecialchars(trim($subject), ENT_COMPAT, 'ISO-8859-1');
#
#-----[ FIND ]------------------------------------------------------------------
#
$poll_title = htmlspecialchars(trim($poll_title));
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
$poll_title = htmlspecialchars(trim($poll_title), ENT_COMPAT, 'ISO-8859-1');
#
#-----[ FIND ]------------------------------------------------------------------
#
$temp_option_text[intval($option_id)] = htmlspecialchars($option_text);
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
$temp_option_text[intval($option_id)] = htmlspecialchars($option_text, ENT_COMPAT, 'ISO-8859-1');
#
#-----[ FIND ]------------------------------------------------------------------
#
$topic_vote = (!empty($poll_title) && count($poll_options) >= 2) ? 1 : 0;
#
#-----[ AFTER, ADD ]------------------------------------------------------------------
#
		$post_data['edit_vote'] = (isset($post_data['edit_vote'])) ? $post_data['edit_vote'] : '';
#
#-----[ FIND ]------------------------------------------------------------------
#
$option_text = str_replace("\'", "''", htmlspecialchars($option_text));
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
$option_text = str_replace("\'", "''", htmlspecialchars($option_text, ENT_COMPAT, 'ISO-8859-1'));
#
#-----[ FIND ]------------------------------------------------------------------
#
$meta = '<meta http-equiv="refresh" content="3;url=' . append_sid("viewtopic.$phpEx?" . POST_POST_URL . "=" . $post_id) . '#' . $post_id . '">';
#
#-----[ BEFORE, ADD ]------------------------------------------------------------------
#
	if ($mode = 'editpost' )
    {
        $db->sql_query('', END_TRANSACTION, false);
    }
#
#-----[ FIND ]------------------------------------------------------------------
#
		if ($post_data['last_post'])
		{
			if ($post_data['first_post'])
			{
				$forum_update_sql .= ', forum_topics = forum_topics - 1';
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
		if ($post_data['last_post'])
		{
			if ($post_data['first_post'])
			{
				$forum_update_sql = (isset($forum_update_sql)) ? $forum_update_sql : '';
				
				$forum_update_sql .= ', forum_topics = forum_topics - 1';
#
#-----[ FIND ]------------------------------------------------------------------
#
return  htmlspecialchars('</' . $matches[1] . '>');
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
return  htmlspecialchars('</' . $matches[1] . '>', ENT_COMPAT, 'ISO-8859-1');
#
#-----[ FIND ]------------------------------------------------------------------
#
$attributes .= ' ' . $test[1][$i] . '=' . $test[2][$i] . str_replace(array('[', ']'), array('&#91;', '&#93;'), htmlspecialchars($test[3][$i])) . $test[2][$i];
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
$attributes .= ' ' . $test[1][$i] . '=' . $test[2][$i] . str_replace(array('[', ']'), array('&#91;', '&#93;'), htmlspecialchars($test[3][$i], ENT_COMPAT, 'ISO-8859-1')) . $test[2][$i];
#
#-----[ FIND ]------------------------------------------------------------------
#
return htmlspecialchars('<' . $tag[1] . $attributes . '>');
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
return htmlspecialchars('<' . $tag[1] . $attributes . '>', ENT_COMPAT, 'ISO-8859-1');
#
#-----[ FIND ]------------------------------------------------------------------
#
return htmlspecialchars('<' .   $tag[1] . '>');
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
return htmlspecialchars('<' .   $tag[1] . '>', ENT_COMPAT, 'ISO-8859-1');
#
#-----[ OPEN ]------------------------------------------------------------------
#

includes/functions_search.php

#
#-----[ FIND ]------------------------------------------------------------------
#
list($replace_synonym, $match_synonym) = split(' ', trim(strtolower($synonym_list[$j])));
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
list($replace_synonym, $match_synonym) = explode(' ', trim(strtolower($synonym_list[$j])));
#
#-----[ FIND ]------------------------------------------------------------------
#
					case 'mysql':
					case 'mysql4':
#
#-----[ AFTER, ADD ]------------------------------------------------------------------
#
					case 'mysqli':
#
#-----[ FIND ]------------------------------------------------------------------
#
				case 'mysql':
				case 'mysql4':
#
#-----[ AFTER, ADD ]------------------------------------------------------------------
#
				case 'mysqli':
#
#-----[ FIND ]------------------------------------------------------------------
#
		case 'mysql':
		case 'mysql4':
#
#-----[ AFTER, ADD ]------------------------------------------------------------------
#
		case 'mysqli':
#
#-----[ FIND ]------------------------------------------------------------------
#
'L_UPDATE_USERNAME' => $lang['Select_username'], 
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
'L_UPDATE_USERNAME' => isset($lang['Select_username']) ? $lang['Select_username'] : '',
#
#-----[ OPEN ]------------------------------------------------------------------
#

includes/page_header.php

#
#-----[ FIND ]------------------------------------------------------------------
#
// Generate logged in/logged out status
//
#
#-----[ AFTER, ADD ]------------------------------------------------------------------
#
$userdata['session_logged_in'] = (isset($userdata['session_logged_in'])) ? $userdata['session_logged_in'] : '';
#
#-----[ FIND ]------------------------------------------------------------------
#
// The following assigns all _common_ variables that may be used at any point
// in a template.
//
#
#-----[ AFTER, ADD ]------------------------------------------------------------------
#
$page_title = (empty($page_title)) ? '' : $page_title;
#
#-----[ OPEN ]------------------------------------------------------------------
#

includes/page_tail.php

#
#-----[ FIND ]------------------------------------------------------------------
#
// Show the overall footer.
//
#
#-----[ AFTER, ADD ]------------------------------------------------------------------
#
$userdata['user_level'] = (isset($userdata['user_level'])) ? $userdata['user_level'] : '';
#
#-----[ OPEN ]------------------------------------------------------------------
#

includes/sessions.php

#
#-----[ FIND ]------------------------------------------------------------------
#
$userdata['priv_session_id'] = $priv_session_id;
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
$userdata['priv_session_id'] = (isset($priv_session_id)) ? $priv_session_id : '';
#
#-----[ OPEN ]------------------------------------------------------------------
#

includes/smtp.php

#
#-----[ FIND ]------------------------------------------------------------------
#
		$cc = explode(', ', $cc);
		$bcc = explode(', ', $bcc);
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
		$cc = explode(', ', (( !empty($cc) ) ? $cc : ''));
		$bcc = explode(', ', (( !empty($bcc) ) ? $bcc : ''));
#
#-----[ OPEN ]------------------------------------------------------------------
#

includes/topic_review.php

#
#-----[ FIND ]------------------------------------------------------------------
#
$post_subject = ( $row['post_subject'] != '' ) ? $row['post_subject'] : '';
#
#-----[ BEFORE, ADD ]------------------------------------------------------------------
#
			if (empty($row['post_subject']))
            {
                $row['post_subject'] = '';
            }
#
#-----[ OPEN ]------------------------------------------------------------------
#

includes/usercp_avatar.php

#
#-----[ FIND ]------------------------------------------------------------------
#
$avatar_data .= @fread($fsock, $board_config['avatar_filesize']);
#
#-----[ BEFORE, ADD ]------------------------------------------------------------------
#
			$avatar_data = (isset($avatar_data)) ? $avatar_data : '';
#
#-----[ OPEN ]------------------------------------------------------------------
#

includes/usercp_register.php

#
#-----[ FIND ]------------------------------------------------------------------
#
$current_email = trim(htmlspecialchars($HTTP_POST_VARS['current_email']));
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
$current_email = trim(htmlspecialchars($HTTP_POST_VARS['current_email'], ENT_COMPAT, 'ISO-8859-1'));
#
#-----[ FIND ]------------------------------------------------------------------
#
$$var = trim(htmlspecialchars($HTTP_POST_VARS[$param]));
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
$$var = trim(htmlspecialchars($HTTP_POST_VARS[$param], ENT_COMPAT, 'ISO-8859-1'));
#
#-----[ FIND ]------------------------------------------------------------------
#
$user_lang = htmlspecialchars($HTTP_POST_VARS['language']);
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
$user_lang = htmlspecialchars($HTTP_POST_VARS['language'], ENT_COMPAT, 'ISO-8859-1');
#
#-----[ FIND ]------------------------------------------------------------------
#
	$user_dateformat = ( !empty($HTTP_POST_VARS['dateformat']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['dateformat'])) : $board_config['default_dateformat'];

	$user_avatar_local = ( isset($HTTP_POST_VARS['avatarselect']) && !empty($HTTP_POST_VARS['submitavatar']) && $board_config['allow_avatar_local'] ) ? htmlspecialchars($HTTP_POST_VARS['avatarselect']) : ( ( isset($HTTP_POST_VARS['avatarlocal'])  ) ? htmlspecialchars($HTTP_POST_VARS['avatarlocal']) : '' );
	$user_avatar_category = ( isset($HTTP_POST_VARS['avatarcatname']) && $board_config['allow_avatar_local'] ) ? htmlspecialchars($HTTP_POST_VARS['avatarcatname']) : '' ;

	$user_avatar_remoteurl = ( !empty($HTTP_POST_VARS['avatarremoteurl']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['avatarremoteurl'])) : '';
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
	$user_dateformat = ( !empty($HTTP_POST_VARS['dateformat']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['dateformat'], ENT_COMPAT, 'ISO-8859-1')) : $board_config['default_dateformat'];

	$user_avatar_local = ( isset($HTTP_POST_VARS['avatarselect']) && !empty($HTTP_POST_VARS['submitavatar']) && $board_config['allow_avatar_local'] ) ? htmlspecialchars($HTTP_POST_VARS['avatarselect'], ENT_COMPAT, 'ISO-8859-1') : ( ( isset($HTTP_POST_VARS['avatarlocal'])  ) ? htmlspecialchars($HTTP_POST_VARS['avatarlocal'], ENT_COMPAT, 'ISO-8859-1') : '' );
	$user_avatar_category = ( isset($HTTP_POST_VARS['avatarcatname']) && $board_config['allow_avatar_local'] ) ? htmlspecialchars($HTTP_POST_VARS['avatarcatname'], ENT_COMPAT, 'ISO-8859-1') : '' ;

	$HTTP_POST_VARS['avatarremoteurl'] = (isset($HTTP_POST_VARS['avatarremoteurl'])) ? $HTTP_POST_VARS['avatarremoteurl'] : '';
	$HTTP_POST_FILES['avatar']['tmp_name'] = (isset($HTTP_POST_FILES['avatar']['tmp_name'])) ? $HTTP_POST_FILES['avatar']['tmp_name'] : '';
	
	$user_avatar_remoteurl = ( !empty($HTTP_POST_VARS['avatarremoteurl']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['avatarremoteurl'], ENT_COMPAT, 'ISO-8859-1')) : '';
#
#-----[ FIND ]------------------------------------------------------------------
#
		$cur_password = htmlspecialchars(stripslashes($cur_password));
		$new_password = htmlspecialchars(stripslashes($new_password));
		$password_confirm = htmlspecialchars(stripslashes($password_confirm));
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
		$cur_password = htmlspecialchars(stripslashes($cur_password), ENT_COMPAT, 'ISO-8859-1');
		$new_password = htmlspecialchars(stripslashes($new_password), ENT_COMPAT, 'ISO-8859-1');
		$password_confirm = htmlspecialchars(stripslashes($password_confirm), ENT_COMPAT, 'ISO-8859-1');
#
#-----[ FIND ]------------------------------------------------------------------
#
$signature = htmlspecialchars(stripslashes($signature));
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
$signature = htmlspecialchars(stripslashes($signature), ENT_COMPAT, 'ISO-8859-1');
#
#-----[ FIND ]------------------------------------------------------------------
#
			else
			{
				$emailer->assign_vars(array(
					'SITENAME' => $board_config['sitename'],
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
			else
			{
				$user_actkey = (isset($user_actkey)) ? $user_actkey : '';
				$emailer->assign_vars(array(
					'SITENAME' => $board_config['sitename'],
#
#-----[ FIND ]------------------------------------------------------------------
#
$avatar_category = ( !empty($HTTP_POST_VARS['avatarcategory']) ) ? htmlspecialchars($HTTP_POST_VARS['avatarcategory']) : '';
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
$avatar_category = ( !empty($HTTP_POST_VARS['avatarcategory']) ) ? htmlspecialchars($HTTP_POST_VARS['avatarcategory'], ENT_COMPAT, 'ISO-8859-1') : '';
#
#-----[ OPEN ]------------------------------------------------------------------
#

includes/usercp_sendpasswd.php

#
#-----[ FIND ]------------------------------------------------------------------
#
$email = ( !empty($HTTP_POST_VARS['email']) ) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['email']))) : '';
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
$email = ( !empty($HTTP_POST_VARS['email']) ) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['email'], ENT_COMPAT, 'ISO-8859-1'))) : '';
#
#-----[ OPEN ]------------------------------------------------------------------
#

common.php

#
#-----[ FIND ]------------------------------------------------------------------
#
set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
if (substr(phpversion(),0,strpos(phpversion(), '-')) < '5.3.0')
{
    @set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
}
#
#-----[ OPEN ]------------------------------------------------------------------
#

groupcp.php

#
#-----[ FIND ]------------------------------------------------------------------
#
if ( $row['user_avatar_type'] && $row['user_id'] != ANONYMOUS && $row['user_allowavatar'] )
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
if ( isset($row['user_avatar_type']) && $row['user_avatar_type'] && $row['user_id'] != ANONYMOUS && $row['user_allowavatar'] )
#
#-----[ FIND ]------------------------------------------------------------------
#
$mode = htmlspecialchars($mode);
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
$mode = htmlspecialchars($mode, ENT_COMPAT, 'ISO-8859-1');
#
#-----[ FIND ]------------------------------------------------------------------
#
	$template->assign_vars(array(
		'L_GROUP_INFORMATION' => $lang['Group_Information'],
#
#-----[ BEFORE, ADD ]------------------------------------------------------------------
#
	$select_sort_order = (empty($select_sort_order)) ? '' : $select_sort_order;
	$select_sort_mode = (empty($select_sort_mode)) ? '' : $select_sort_mode;
#
#-----[ FIND ]------------------------------------------------------------------
#
	if ( $s_group_list_opt != '' || $s_pending_groups_opt != '' || $s_member_groups_opt != '' )
	{
		//
		// Load and process templates
#
#-----[ BEFORE, ADD ]------------------------------------------------------------------
#
	if (empty($s_pending_groups_opt))
    {
        $s_pending_groups_opt = '';
    }
    
    if (empty($s_member_groups_opt))
    {
        $s_member_groups_opt = '';
    }
#
#-----[ FIND ]------------------------------------------------------------------
#
			'GROUP_PENDING_SELECT' => $s_pending_groups,
			'GROUP_MEMBER_SELECT' => $s_member_groups)
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
			'GROUP_PENDING_SELECT' => (isset($s_pending_groups)) ? $s_pending_groups : '',
			'GROUP_MEMBER_SELECT' => (isset($s_member_groups)) ? $s_member_groups : '')
#
#-----[ OPEN ]------------------------------------------------------------------
#

index.php

#
#-----[ FIND ]------------------------------------------------------------------
#
if ( count($forum_moderators[$forum_id]) > 0 )
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
if ( isset($forum_moderators[$forum_id]) && count($forum_moderators[$forum_id]) > 0 )
#
#-----[ OPEN ]------------------------------------------------------------------
#

login.php

#
#-----[ FIND ]------------------------------------------------------------------
#
$url = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&amp;', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : "index.$phpEx";
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
$url = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&amp;', '&', htmlspecialchars($HTTP_POST_VARS['redirect'], ENT_COMPAT, 'ISO-8859-1')) : "index.$phpEx";
#
#-----[ FIND ]------------------------------------------------------------------
#
$redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&amp;', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : '';
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
$redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&amp;', '&', htmlspecialchars($HTTP_POST_VARS['redirect'], ENT_COMPAT, 'ISO-8859-1')) : '';
#
#-----[ FIND ]------------------------------------------------------------------
#
$redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&amp;', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : "";
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
$redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&amp;', '&', htmlspecialchars($HTTP_POST_VARS['redirect'], ENT_COMPAT, 'ISO-8859-1')) : "";
#
#-----[ FIND ]------------------------------------------------------------------
#
$url = (!empty($HTTP_POST_VARS['redirect'])) ? htmlspecialchars($HTTP_POST_VARS['redirect']) : htmlspecialchars($HTTP_GET_VARS['redirect']);
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
$url = (!empty($HTTP_POST_VARS['redirect'])) ? htmlspecialchars($HTTP_POST_VARS['redirect'], ENT_COMPAT, 'ISO-8859-1') : htmlspecialchars($HTTP_GET_VARS['redirect'], ENT_COMPAT, 'ISO-8859-1');
#
#-----[ FIND ]------------------------------------------------------------------
#
$url = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&amp;', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : "index.$phpEx";
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
$url = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&amp;', '&', htmlspecialchars($HTTP_POST_VARS['redirect'], ENT_COMPAT, 'ISO-8859-1')) : "index.$phpEx";
#
#-----[ FIND ]------------------------------------------------------------------
#
if( !ereg("sid=", $forward_match[$i]) )
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
if( !preg_match("/sid=/", $forward_match[$i]) )
#
#-----[ OPEN ]------------------------------------------------------------------
#

memberlist.php

#
#-----[ FIND ]------------------------------------------------------------------
#
$mode = ( isset($HTTP_POST_VARS['mode']) ) ? htmlspecialchars($HTTP_POST_VARS['mode']) : htmlspecialchars($HTTP_GET_VARS['mode']);
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
$mode = ( isset($HTTP_POST_VARS['mode']) ) ? htmlspecialchars($HTTP_POST_VARS['mode'], ENT_COMPAT, 'ISO-8859-1') : htmlspecialchars($HTTP_GET_VARS['mode'], ENT_COMPAT, 'ISO-8859-1');
#
#-----[ OPEN ]------------------------------------------------------------------
#

modcp.php

#
#-----[ FIND ]------------------------------------------------------------------
#
$confirm = ( $HTTP_POST_VARS['confirm'] ) ? TRUE : 0;
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
if (isset($HTTP_POST_VARS['confirm']))
{
    $confirm = ( $HTTP_POST_VARS['confirm'] ) ? TRUE : 0;
}
else
{
    $confirm = 0;
}
#
#-----[ FIND ]------------------------------------------------------------------
#
$mode = htmlspecialchars($mode);
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
$mode = htmlspecialchars($mode, ENT_COMPAT, 'ISO-8859-1');
#
#-----[ FIND ]------------------------------------------------------------------
#
$post_subject = trim(htmlspecialchars($HTTP_POST_VARS['subject']));
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
$post_subject = trim(htmlspecialchars($HTTP_POST_VARS['subject'], ENT_COMPAT, 'ISO-8859-1'));
#
#-----[ FIND ]------------------------------------------------------------------
#
				// Define censored word matches
				//
				$orig_word = array();
				$replacement_word = array();
				obtain_word_list($orig_word, $replacement_word);
#
#-----[ AFTER, ADD ]------------------------------------------------------------------
#
				
				if (empty($topic_title))
                {
                    $topic_title = '';
                }
#
#-----[ FIND ]------------------------------------------------------------------
#
					$post_subject = ( $postrow[$i]['post_subject'] != '' ) ? $postrow[$i]['post_subject'] : $topic_title;

					//
					// If the board has HTML off but the post has HTML
#
#-----[ BEFORE, ADD ]------------------------------------------------------------------
#
					if (empty($postrow[$i]['post_subject']))
                    {
                        $postrow[$i]['post_subject'] = '';
                    }
#
#-----[ FIND ]------------------------------------------------------------------
#
$ip_this_post = ( $rdns_ip_num == $ip_this_post ) ? htmlspecialchars(gethostbyaddr($ip_this_post)) : $ip_this_post;
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
$ip_this_post = ( $rdns_ip_num == $ip_this_post ) ? htmlspecialchars(gethostbyaddr($ip_this_post), ENT_COMPAT, 'ISO-8859-1') : $ip_this_post;
#
#-----[ FIND ]------------------------------------------------------------------
#
$ip = ( $rdns_ip_num == $row['poster_ip'] || $rdns_ip_num == 'all') ? htmlspecialchars(gethostbyaddr($ip)) : $ip;
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
$ip = ( $rdns_ip_num == $row['poster_ip'] || $rdns_ip_num == 'all') ? htmlspecialchars(gethostbyaddr($ip), ENT_COMPAT, 'ISO-8859-1') : $ip;
#
#-----[ OPEN ]------------------------------------------------------------------
#

posting.php

#
#-----[ FIND ]------------------------------------------------------------------
#
$$var = ( !empty($HTTP_POST_VARS[$param]) ) ? htmlspecialchars($HTTP_POST_VARS[$param]) : htmlspecialchars($HTTP_GET_VARS[$param]);
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
$$var = ( !empty($HTTP_POST_VARS[$param]) ) ? htmlspecialchars($HTTP_POST_VARS[$param], ENT_COMPAT, 'ISO-8859-1') : htmlspecialchars($HTTP_GET_VARS[$param], ENT_COMPAT, 'ISO-8859-1');
#
#-----[ FIND ]------------------------------------------------------------------
#
			if ( $error_msg == '' )
			{
				$topic_type = ( $topic_type != $post_data['topic_type'] && !$is_auth['auth_sticky'] && !$is_auth['auth_announce'] ) ? $post_data['topic_type'] : $topic_type;

				submit_post($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id, $poll_id, $topic_type, $bbcode_on, $html_on, $smilies_on, $attach_sig, $bbcode_uid, str_replace("\'", "''", $username), str_replace("\'", "''", $subject), str_replace("\'", "''", $message), str_replace("\'", "''", $poll_title), $poll_options, $poll_length);
			}
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
			if ( $error_msg == '' )
			{
				$post_data['topic_type'] = (isset($post_data['topic_type'])) ? $post_data['topic_type'] : '';
				$topic_type = ( $topic_type != $post_data['topic_type'] && !$is_auth['auth_sticky'] && !$is_auth['auth_announce'] ) ? $post_data['topic_type'] : $topic_type;

				//Strict Standards: Only variables should be passed by reference
				$mon_username = str_replace("\'", "''", $username);
				$mon_subject = str_replace("\'", "''", $subject);
				$mon_message = str_replace("\'", "''", $message);
				$mon_poll_title = str_replace("\'", "''", $poll_title);
				
				submit_post($mode, $post_data, $return_message, $return_meta, $forum_id, $topic_id, $post_id, $poll_id, $topic_type, $bbcode_on, $html_on, $smilies_on, $attach_sig, $bbcode_uid, $mon_username, $mon_subject, $mon_message, $mon_poll_title, $poll_options, $poll_length);
			}
#
#-----[ FIND ]------------------------------------------------------------------
#
	$username = ( !empty($HTTP_POST_VARS['username']) ) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['username']))) : '';
	$subject = ( !empty($HTTP_POST_VARS['subject']) ) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['subject']))) : '';
	$message = ( !empty($HTTP_POST_VARS['message']) ) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['message']))) : '';

	$poll_title = ( !empty($HTTP_POST_VARS['poll_title']) ) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['poll_title']))) : '';
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
	$username = ( !empty($HTTP_POST_VARS['username']) ) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['username'])), ENT_COMPAT, 'ISO-8859-1') : '';
	$subject = ( !empty($HTTP_POST_VARS['subject']) ) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['subject'])), ENT_COMPAT, 'ISO-8859-1') : '';
	$message = ( !empty($HTTP_POST_VARS['message']) ) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['message'])), ENT_COMPAT, 'ISO-8859-1') : '';

	$poll_title = ( !empty($HTTP_POST_VARS['poll_title']) ) ? htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['poll_title'])), ENT_COMPAT, 'ISO-8859-1') : '';
#
#-----[ FIND ]------------------------------------------------------------------
#
$poll_options[intval($option_id)] = htmlspecialchars(trim(stripslashes($option_text)));
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
$poll_options[intval($option_id)] = htmlspecialchars(trim(stripslashes($option_text)), ENT_COMPAT, 'ISO-8859-1');
#
#-----[ FIND ]------------------------------------------------------------------
#
$poll_options[] = htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['add_poll_option_text'])));
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
$poll_options[] = htmlspecialchars(trim(stripslashes($HTTP_POST_VARS['add_poll_option_text'])), ENT_COMPAT, 'ISO-8859-1');
#
#-----[ FIND ]------------------------------------------------------------------
#
$subject = ( $post_data['first_post'] ) ? $post_info['topic_title'] : $post_info['post_subject'];
#
#-----[ BEFORE, ADD ]------------------------------------------------------------------
#
$post_info['post_subject'] = (isset($post_info['post_subject'])) ? $post_info['post_subject'] : '';
#
#-----[ FIND ]------------------------------------------------------------------
#
$msg_date =  create_date($board_config['default_dateformat'], $postrow['post_time'], $board_config['board_timezone']);
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
$msg_date =  create_date($board_config['default_dateformat'], ( isset($postrow['post_time']) ) ? $postrow['post_time'] : '', $board_config['board_timezone']);
#
#-----[ FIND ]------------------------------------------------------------------
#
'USERNAME' => $username,
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
'USERNAME' => ( !empty($username) ) ? $username : '',
#
#-----[ FIND ]------------------------------------------------------------------
#
		'POLL_TITLE' => $poll_title,
		'POLL_LENGTH' => $poll_length)
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
		'POLL_TITLE' => ( !empty($poll_title) ) ? $poll_title : '',
        'POLL_LENGTH' => ( !empty($poll_length) ) ? $poll_length : '')
#
#-----[ OPEN ]------------------------------------------------------------------
#

privmsg.php

#
#-----[ FIND ]------------------------------------------------------------------
#
$folder = htmlspecialchars($folder);
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
$folder = htmlspecialchars($folder, ENT_COMPAT, 'ISO-8859-1');
#
#-----[ FIND ]------------------------------------------------------------------
#
$mode = htmlspecialchars($mode);
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
$mode = htmlspecialchars($mode, ENT_COMPAT, 'ISO-8859-1');
#
#-----[ FIND ]------------------------------------------------------------------
#
	$template->assign_vars(array(
		'MESSAGE_TO' => $username_to,
#
#-----[ BEFORE, ADD ]------------------------------------------------------------------
#
	$rank_image = (empty($rank_image)) ? '' : $rank_image;
	$poster_joined = (empty($poster_joined)) ? '' : $poster_joined;
	$poster_posts = (empty($poster_posts)) ? '' : $poster_posts;
	$poster_from = (empty($poster_from)) ? '' : $poster_from;
	$poster_avatar = (empty($poster_avatar)) ? '' : $poster_avatar;
#
#-----[ FIND ]------------------------------------------------------------------
#
		$privmsg_subject = trim(htmlspecialchars($HTTP_POST_VARS['subject']));
		if ( empty($privmsg_subject) )
		{
			$error = TRUE;
			$error_msg .= ( ( !empty($error_msg) ) ? '<br />' : '' ) . $lang['Empty_subject'];
		}
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
		$privmsg_subject = trim(htmlspecialchars($HTTP_POST_VARS['subject'], ENT_COMPAT, 'ISO-8859-1'));
		if ( empty($privmsg_subject) )
		{
			$error = TRUE;
			
			if (empty($error_msg))
            {
                $error_msg = '';
            } 
			
			$error_msg .= ( ( !empty($error_msg) ) ? '<br />' : '' ) . $lang['Empty_subject'];
		}
#
#-----[ FIND ]------------------------------------------------------------------
#
		$to_username = (isset($HTTP_POST_VARS['username']) ) ? trim(htmlspecialchars(stripslashes($HTTP_POST_VARS['username']))) : '';

		$privmsg_subject = ( isset($HTTP_POST_VARS['subject']) ) ? trim(htmlspecialchars(stripslashes($HTTP_POST_VARS['subject']))) : '';
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
		$to_username = (isset($HTTP_POST_VARS['username']) ) ? trim(htmlspecialchars(stripslashes($HTTP_POST_VARS['username']), ENT_COMPAT, 'ISO-8859-1')) : '';

		$privmsg_subject = ( isset($HTTP_POST_VARS['subject']) ) ? trim(htmlspecialchars(stripslashes($HTTP_POST_VARS['subject']), ENT_COMPAT, 'ISO-8859-1')) : '';
#
#-----[ FIND ]------------------------------------------------------------------
#
$privmsg_message = htmlspecialchars($privmsg_message);
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
$privmsg_message = htmlspecialchars($privmsg_message, ENT_COMPAT, 'ISO-8859-1');
#
#-----[ FIND ]------------------------------------------------------------------
#
	$template->assign_vars(array(
		'SUBJECT' => $privmsg_subject, 
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
	$privmsg_message = (empty($privmsg_message)) ? '' : $privmsg_message;
	$l_box_name = (empty($l_box_name)) ? '' : $l_box_name;

	$template->assign_vars(array(
		'SUBJECT' => ( !empty($privmsg_subject) ) ? $privmsg_subject : '',
#
#-----[ FIND ]------------------------------------------------------------------
#
		$template->assign_block_vars('listrow', array(
			'ROW_COLOR' => '#' . $row_color,
#
#-----[ BEFORE, ADD ]------------------------------------------------------------------
#
		$u_from_user_profile = (empty($u_from_user_profile)) ? '' : $u_from_user_profile;
#
#-----[ OPEN ]------------------------------------------------------------------
#

profile.php

#
#-----[ FIND ]------------------------------------------------------------------
#
$mode = htmlspecialchars($mode);
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
$mode = htmlspecialchars($mode, ENT_COMPAT, 'ISO-8859-1');
#
#-----[ OPEN ]------------------------------------------------------------------
#

search.php

#
#-----[ FIND ]------------------------------------------------------------------
#
$split_search = ( !strstr($multibyte_charset, $lang['ENCODING']) ) ?  split_words(clean_words('search', $stripped_keywords, $stopword_array, $synonym_array), 'search') : split(' ', $search_keywords);
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
$split_search = ( !strstr($multibyte_charset, $lang['ENCODING']) ) ?  split_words(clean_words('search', $stripped_keywords, $stopword_array, $synonym_array), 'search') : explode(' ', $search_keywords);
#
#-----[ FIND ]------------------------------------------------------------------
#
if ( $total_match_count )
#
#-----[ BEFORE, ADD ]------------------------------------------------------------------
#
		if (!isset($total_match_count))
        {
            $total_match_count = false;
        }
#
#-----[ FIND ]------------------------------------------------------------------
#
		*/

		for($i = 0; $i < count($store_vars); $i++)
		{
			$store_search_data[$store_vars[$i]] = $$store_vars[$i];
		}
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
		*/

		for($i = 0; $i < count($store_vars); $i++)
        {
            if (isset($$store_vars[$i]))
            {
                $store_search_data[$store_vars[$i]] = $$store_vars[$i];
            }
			else
			{
                $store_search_data[$store_vars[$i]] = '';
            }
        }
#
#-----[ FIND ]------------------------------------------------------------------
#
		for($j = 0; $j < count($split_search); $j++ )
#
#-----[ BEFORE, ADD ]------------------------------------------------------------------
#
		if (!empty($split_search))
		{
#
#-----[ FIND ]------------------------------------------------------------------
#
list($replace_synonym, $match_synonym) = split(' ', trim(strtolower($synonym_array[$k]))); 
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
list($replace_synonym, $match_synonym) = explode(' ', trim(strtolower($synonym_array[$k])));
#
#-----[ FIND ]------------------------------------------------------------------
#
$highlight_active = urlencode(trim($highlight_active));
#
#-----[ BEFORE, ADD ]------------------------------------------------------------------
#
		}
#
#-----[ FIND ]------------------------------------------------------------------
#
			$post_url = append_sid("viewtopic.$phpEx?" . POST_POST_URL . '=' . $searchset[$i]['post_id'] . "&amp;highlight=$highlight_active") . '#' . $searchset[$i]['post_id'];

			$post_date = create_date($board_config['default_dateformat'], $searchset[$i]['post_time'], $board_config['board_timezone']);

			$message = $searchset[$i]['post_text'];
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
			if (isset($searchset[$i]['post_id']))
			{
				$post_url = append_sid("viewtopic.$phpEx?" . POST_POST_URL . '=' . $searchset[$i]['post_id'] . "&amp;highlight=$highlight_active") . '#' . $searchset[$i]['post_id'];
			}

			$post_date = create_date($board_config['default_dateformat'], $searchset[$i]['post_time'], $board_config['board_timezone']);

			$message = (isset ($searchset[$i]['post_text'])) ? $searchset[$i]['post_text'] : '';
#
#-----[ FIND ]------------------------------------------------------------------
#
if ( $postrow[$i]['enable_html'] )
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
if ( $searchset[$i]['enable_html'] )
#
#-----[ FIND ]------------------------------------------------------------------
#
$post_subject = ( $searchset[$i]['post_subject'] != '' ) ? $searchset[$i]['post_subject'] : $topic_title;
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
$post_subject = ( isset($searchset[$i]['post_subject']) && $searchset[$i]['post_subject'] != '' ) ? $searchset[$i]['post_subject'] : $topic_title;
#
#-----[ OPEN ]------------------------------------------------------------------
#

viewtopic.php

#
#-----[ FIND ]------------------------------------------------------------------
#
$post_order = (!empty($HTTP_POST_VARS['postorder'])) ? htmlspecialchars($HTTP_POST_VARS['postorder']) : htmlspecialchars($HTTP_GET_VARS['postorder']);
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
$post_order = (!empty($HTTP_POST_VARS['postorder'])) ? htmlspecialchars($HTTP_POST_VARS['postorder'], ENT_COMPAT, 'ISO-8859-1') : htmlspecialchars($HTTP_GET_VARS['postorder'], ENT_COMPAT, 'ISO-8859-1');
#
#-----[ FIND ]------------------------------------------------------------------
#
$words = explode(' ', trim(htmlspecialchars($HTTP_GET_VARS['highlight'])));
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
$words = explode(' ', trim(htmlspecialchars($HTTP_GET_VARS['highlight'], ENT_COMPAT, 'ISO-8859-1')));
#
#-----[ FIND ]------------------------------------------------------------------
#
$post_subject = ( $postrow[$i]['post_subject'] != '' ) ? $postrow[$i]['post_subject'] : '';
#
#-----[ REPLACE WITH ]------------------------------------------------------------------
#
$post_subject = ( isset($postrow[$i]['post_subject']) && $postrow[$i]['post_subject'] != '' ) ? $postrow[$i]['post_subject'] : '';
#
#-----[ SAVE/CLOSE ALL FILES ]--------------------------------------------------
#
#
# EoM