[2005/10/31] phpBB 2.0.18 安全性修正版本

Announcement
竹貓星球所有重要公告,會不定時公佈。請隨時注意,以及新人必看!
版面規則
(請使用接收正常的郵件帳號申請註冊,此區僅供瀏覽,本區進站必看。)
(請會員盡量不要使用免費郵件註冊。)
主題已鎖定
小竹子
竹貓星球大統領
竹貓星球大統領
文章: 4596
註冊時間: 2001-10-29 22:13
來自: 竹貓星球
聯繫:

[2005/10/31] phpBB 2.0.18 安全性修正版本

文章 小竹子 »

註:如果您是全新安裝的使用者請下載上述全新安裝之版本,而您是 2.0.17 之前的版本,請下載第三個檔案 2.0.18 BIG-5 語系檔下載點,直接覆蓋您的語系檔即可。


在語系檔的更動部分,請按照下列方式修改新增

打開檔案
\language\lang_chinese_traditional_taiwan\lang_admin.php

找到\r
// Visual Confirmation
$lang['Visual_confirm'] = '開啟識別確認';
$lang['Visual_confirm_explain'] = '會員需要輸入正確的確認代碼完成註冊動作.';


在下一行貼上
// Autologin Keys - added 2.0.18
$lang['Allow_autologin'] = '允許自動登入';
$lang['Allow_autologin_explain'] = '您可以選擇是否讓會員在登入討論版時選擇自動登入.';
$lang['Autologin_time'] = '設定自動登入的有效時限';
$lang['Autologin_time_explain'] = '這個功能可以讓您設定使用者自動登入的有效日期,如果超過這段時間內都沒有登入的話,系統將取消使用者自動登入的功能. 設為 0 可以關閉此功能.';


找到\r
$lang['Stylesheet'] = 'CSS 樣式表';

之後,加上
$lang['Stylesheet_explain'] = '這個風格的 CSS 樣式表檔名';


------儲存並檔案後上傳------

打開檔案
language/lang_english/email/topic_notify.tpl

找到\r

代碼: 選擇全部

您好 {USERNAME},


修改為\r

代碼: 選擇全部

您好, 
------儲存並檔案後上傳------




本次更新內容如下:
What has changed in this release?

The changelog (contained within this release) is as follows:

  • [Fix] incorrect handling of password resets if admin activation is enabled (Bug #88)
  • [Fix] retrieving category rows in index.php (Bug #90)
  • [Fix] improved index performance by determining the permissions before iterating through all forums (Bug #91)
  • [Fix] wrong topic redirection after login redirect (Bug #94)
  • [Fix] improved handling of username lists in admin_ug_auth.php (Bug #98)
  • [Fix] incorrect removal of bbcode_uid values if bbcode has been turned off (Bug #100)
  • [Fix] correctly preview signature if editing other users posts (Bug #101)
  • [Fix] incorrect alt tag on generated search images in groupcp.php, viewtopic.php and usercp_viewprofile.php (Bug #102)
  • [Fix] consistent forum ordering in all dropdown boxes (Bug #106)
  • [Fix] correctly get compression status in page_tail.php and page_footer_admin.php (Bug #117)
  • [Fix] set page title on summary page of groupcp.php (bug #125)
  • [Fix] correctly test style and avatar in usercp_register.php (bug #129 and #317)
  • [Fix] handling of reactivation notifications if admin activation is enabled (Bug #145)
  • [Fix] handling of both forms of translation information used in language packs (Bug #159)
  • [Fix] key length for activation keys fixed in usercp_sendpassword.php (Bug #171)
  • [Fix] use GENERAL_MESSAGE constant in message_die instead of MESSAGE (Bug #176)
  • [Fix] incorrect handling of move stubs (Bug #179)
  • [Fix] wrong mode_type in memberlist (Bug #187)
  • [Fix] SQL errors when setting maximum PMs to 0 (Bug #188)
  • [Fix] removed unused variable from topic_notify email template (Bug #210)
  • [Fix] removed unset variable from smilies popup window title (Bug #224)
  • [Fix] removed duplicate template assignment from admin_board.php (Bug #226)
  • [Fix] incorrect search link for guest posts in modcp.php (Bug #254)
  • [Fix] all users removed from topics watch table on special occassions (Bug #271)
  • [Fix] correctly check returned value from strpos in append_sid function (Bug #275)
  • [Fix] correctly display username in private message notification (Bug #278)
  • [Fix] fixed "var-by-ref" errors (Bug #322)
  • [Fix] changed redirection to installation (Bug #325)
  • [Fix] added timout of 10 seconds to version check (Bug #348)
  • [Fix] fixed user_level default in postgresql schema file (Bug #444)
  • [Fix] multiple minor HTML issues with subSilver
  • [Change] deprecated the use of some PHP 3 compatability functions in favour of the native equivalents
  • [Change] added 60 days limit for grabbing unread topics in index.php
  • [Sec] backport of session keys system from olympus
  • [Sec] fixed email bans to use the same pattern as email validation and allow wildcard domain bans
  • [Sec] fixed validation of topic type when posting
  • [Sec] unset database password once it is no longer needed
  • [Sec] fixed potential to select images outside the specified path as avatars or smilies
  • [Sec] fix globals de-registration code for PHP5 - (Stefan Esser/Matt Kavanagh)
  • [Sec] changed avatar gallery code sections to prevent possible injection points (AnthraX101)
  • [Sec] signature field is not properly sanitised for user input when an error occurs while accessing the avatar gallery (AnthraX101)
  • [Sec] check to_username and ownership when editing a PM (AnthraX101)
  • [Sec] fixed ability to edit PM's you did not send (depablo84)
  • [Sec] compare imagetype on avatar uploading to match the file extension from uploaded file
注意事項:
●phpBB 架設相關問題請到 + phpBB 3.0.x 討論區發表!
●都沒有你要的答案嗎??>>點這裡<<搜尋一下吧!
●請使用>>標準的發文格式<<發表問題!
●竹貓星球並非政治團體代言人,請不要在竹貓討論政治議題,也不要認為竹貓是偏向任何一方政治團體,竹貓愛的是台灣這片生長的土地,過於泛政治化文章請來信告知移除!
●關於 phpBB 使用問題請在版面發問,私人訊息提供其他不相干或是隱私的事情聯絡之用。
●所有市面上的免費空間皆非竹貓管轄,請勿來信詢問,請直接與該免費空間連絡。
主題已鎖定

回到「系統公告區」