This is a non-exhaustive (but still near complete) changelog for phpBB 3.0.x including release candidate versions. Our thanks to all those people who've contributed bug reports and code fixes.

Changelog


1. Changelog

1.i. Changes since 3.0.1

  • [Fix] Ability to set permissions on non-mysql dbms (Bug #24955)
  • [Fix] Fixed blank style on setups having no username defined within config.php (Bug #25065)
  • [Fix] Made the compress_tar class tolerate archives that do not properly have their archived contents listed (Bug #14429 / thanks to JRSweets for his patch)
  • [Fix] Moved topics should not count towards the number of topics in a forum (Bug #14648 / thanks to Schumi for his patch)
  • [Fix] Properly check for invalid characters in MySQL DB prefixes during install (Bug #18775)
  • [Fix] Bring the PostgreSQL backup system back to working order (Bug #22385)
  • [Fix] Update correct theme for cached styles in style.php (Bug #25805)
  • [Fix] Also add PHPBB_INSTALLED check to download/file.php for inline avatar delivery
  • [Fix] Unable to login to some jabber server, reverted previous change (Bug #25095)
  • [Fix] Do not return BMP as valid image type for GD image manipulation (Bug #25925)
  • [Fix] Correctly determine safe mode for temp file creation in functions_upload.php (Bug #23525)
  • [Fix] Correctly sort by rank in memberlist (Bug #24435)
  • [Fix] Purge cache after database restore (Bug #24245)
  • [Fix] Correctly display subforum read/unread icons from RTL in FF3, Konqueror and Safari3+. (thanks arod-1 for the fix, related to Bug #14830)
  • [Fix] Added missing form token in acp (thanks NBBN).
  • [Fix] Do not remove whitespace in front of url containing the boards url and no relative path appended (Bug #27355)
  • [Fix] reset forum notifications in viewtopic (Bug #28025)
  • [Fix] corrected link for searching post author's other posts (Bug #26455)
  • [Fix] HTTP Authentication supports UTF-8 usernames now (Bug #21135)
  • [Fix] Topic searches by author no longer return invalid results (Bug #11777)
  • [Fix] Delete drafts and bookmarks when deleting an user. (#27585, thanks Schumi for the fix)
  • [Fix] Set last_post_subject for new topics. (#23945)
  • [Fix] Allow moving posts to invisible forums. (#27325)
  • [Fix] Don't allow promoting unapproved group members (#16124)
  • [Fix] Correctly fetch server name if using non-standard port (#27395)
  • [Fix] Regular expression for email matching in posts will no longer die on long words.
  • [Fix] Do not display ban message if direct call to cron. (thanks Dog Cow for reporting)
  • [Fix] Correctly display double-colon on special conditions within highlighted php source (Bug #26795)
  • [Fix] Increase storage capacity of titles/subjects due to specialchared content (Bug #25235)
  • [Fix] Catch invalid username wildcard ban (we do not support these) (Bug #29305)
  • [Fix] Fix (email)-domain checks for those having DNS prefixes set (Bug #29635)
  • [Change] Adjust truncate_string() to be able to adjust the maximum storage length.
  • [Change] Generalize load check (Bug #21255 / thanks to Xipher)
  • [Change] Make utf8_htmlspecialchars not pass its argument by reference (Bug #21885)
  • [Change] Sort the tables at the database table backup screen
  • [Change] For determining the maximum number of private messages in one box, use the biggest value from all groups the user is a member of (Bug #24665)
  • [Change] Show email ban reason on registration. Additionally allow custom errors properly returned if using validate_data(). (Bug #26885)
  • [Change] Don't allow redirects to different domains. (thanks nookieman)
  • [Feature] Added optional referer validation of POST requests as additional CSRF protection.
  • [Feature] Added optional stricter upload validation to avoid mime sniffing in addition to the safeguards provided by file.php. (thanks to Nicolas Grekas for compiling the list).
  • [Feature] Streamlined banning via the MCP by adding a ban link to the user profile. Also pre-fills ban fields as far as possible.
  • [Feature] Added ACP logout to reset an admin session.
  • [Sec] Only allow urls gone through redirect() being used within login_box(). (thanks nookieman)

1.ii. Changes since 3.0.0

  • [Change] Validate birthdays (Bug #15004)
  • [Fix] Allow correct avatar caching for CGI installations. (thanks wildbill)
  • [Fix] Fix disabling of word censor, now possible again
  • [Fix] Allow single quotes in db password to be stored within config.php in installer
  • [Fix] Correctly quote db password for re-display in installer (Bug #16695 / thanks to m313 for reporting too - #s17235)
  • [Fix] Correctly handle empty imageset entries (Bug #16865)
  • [Fix] Correctly check empty subjects/messages (Bug #17915)
  • [Change] Do not check usernames against word censor list. Disallowed usernames is already checked and word censor belong to posts. (Bug #17745)
  • [Fix] Additionally include non-postable forums for moderators forums shown within the teams list. (Bug #17265)
  • [Change] Sped up viewforum considerably (also goes towards mcp_forum)
  • [Fix] Do not split topic list for topics being promoted to announcements after been moved to another forum (Bug #18635)
  • [Fix] Allow editing usernames within database_update on username cleanup (Bug #18415)
  • [Fix] Fixing wrong sync() calls if moving all posts by a member in ACP (Bug #18385)
  • [Fix] Check entered imagemagick path for trailing slash (Bug #18205)
  • [Fix] Use proper title on index for new/unread posts (Bug #13101) - patch provided by Pyramide
  • [Fix] Allow calls to $user->set_cookie() define no cookie time for setting session cookies (Bug #18025)
  • [Fix] Stricter checks on smilie packs (Bug #19675)
  • [Fix] Gracefully return from cancelling pm drafts (Bug #19675)
  • [Fix] Possible login problems with IE7 if browser check is activated (Bug #20135)
  • [Fix] Fix possible database transaction errors if code returns on error and rollback happened (Bug #17025)
  • [Change] Allow numbers in permission names for modifications, as well as uppercase letters for the request_ part (Bug #20125)
  • [Fix] Use HTTP_HOST in favor of SERVER_NAME for determining server url for redirection and installation (Bug #19955)
  • [Fix] Removing s_watching_img from watch_topic_forum() function (Bug #20445)
  • [Fix] Changing order for post review if more than one post affected (Bug #15249)
  • [Fix] Language typos/fixes (Bug #20425, #15719, #15429, #14669, #13479, #20795, #21095, #21405, #21715, #21725, #21755, #21865, #15689)
  • [Fix] Style/Template fixes (Bug #20065, #19405, #19205, #15028, #14934, #14821, #14752, #14497, #13707, #14738, #19725)
  • [Fix] Tiny code fixes (Bug #20165, #20025, #19795, #14804)
  • [Fix] Prepend phpbb_root_path to ranks path for displaying ranks (Bug #19075)
  • [Fix] Allow forum notifications if topic notifications are disabled but forum notifications enabled (Bug #14765)
  • [Fix] Fixing realpath issues for provider returning the passed value instead of disabling it. This fixes issues with confirm boxes for those hosted on Network Solutions for example. (Bug #20435)
  • [Fix] Try to sort last active date on memberlist correctly at least on current page (Bug #18665)
  • [Fix] Handle generation of form tokens when maximum time is set to -1
  • [Fix] Correctly delete unapproved posts without deleting the topic (Bug #15120)
  • [Fix] Respect signature permissions in posting (Bug #16029)
  • [Fix] Users allowed to resign only from open and freely open groups (Bug #19355)
  • [Fix] Assign a last viewed date to converted topics (Bug #16565)
  • [Fix] Many minor and/or cosmetic fixes (Including, but not limited to: #21315, #18575, #18435, #21215)
  • [Feature] New option to hide the entire list of subforums on listforums
  • [Fix] Custom BBCode {EMAIL}-Token usage (Bug #21155)
  • [Fix] Do not rely on parameter returned by unlink() for verifying cache directory write permission (Bug #19565)
  • [Change] Use correct string for filesize (MiB instead of MB for example)
  • [Change] Remove left join for query used to retrieve already assigned users and groups within permission panel (Bug #20235)
  • [Fix] Correctly return sole whitespaces if used with BBCodes (Bug #19535)
  • [Fix] Quote bbcode parsing adding too much closing tags on special conditions (Bug #20735)
  • [Change] Added sanity checks to various ACP settings
  • [Change] Removed minimum form times
  • [Fix] Check topics_per_page value in acp_forums (Bug #15539)
  • [Fix] Custom profile fields with date type should be timezone independend (Bug #15003)
  • [Fix] Fixing some XHTML errors/warnings within the ACP (Bug #22875)
  • [Fix] Warnings if poll title/options exceed maximum characters per post (Bug #22865)
  • [Fix] Do not allow selecting non-authorized groups within memberlist by adjusting URL (Bug #22805 - patch provided by ToonArmy)
  • [Fix] Correctly specify "close report action" (Bug #22685)
  • [Fix] Display "empty password error" within the login box instead of issuing a general error (Bug #22525)
  • [Fix] Clean up who is online code in page_header (Bug #22715, thanks HighwayofLife)
  • [Fix] Pertain select single link on memberlist (Bug #23235 - patch provided by Schumi)
  • [Fix] Allow & and | in local part of email addresses (Bug #22995)
  • [Fix] Do not error out if php_uname function disabled / Authenticating on SMTP Server (Bug #22235 - patch by HoL)
  • [Fix] Correctly obtain to be ignored users within topic/forum notification (Bug #21795 - patch provided by dr.death)
  • [Fix] Correctly update board statistics for attaching orphaned files to existing posts (Bug #20185)
  • [Fix] Do not detect the board URL as a link twice in posts (Bug #19215)
  • [Fix] Set correct error reporting in style.php to avoid blank pages after CSS changes (Bug #23885)
  • [Fix] If pruning users based on last activity, do not include users never logged in before (Bug #18105)
  • [Sec] Only allow searching by email address in memberlist for users having the a_user permission (reported by evil<3)
  • [Sec] Limit private message attachments to be viewable only by the recipient(s)/sender (Report #s23535) - reported by AlleyKat
  • [Sec] Check for non-empty config.php within style.php (Report #s24575) - reported by bantu
  • [Fix] Find and display colliding usernames correctly when converting from one database to another (Bug #23925)

1.iii. Changes since 3.0.RC8

  • [Fix] Cleaned usernames contain only single spaces, so "a_name" and "a__name" are treated as the same name (Bug #15634)
  • [Fix] Check "able to disable word censor" option while applying word censor on text (Bug #15974)
  • [Fix] Rollback changes on failed transaction if returning on sql error is set
  • [Fix] Call garbage_collection() within database updater to correctly close connections (affects Oracle for example)

1.iv. Changes since 3.0.RC7

  • [Fix] Fixed MSSQL related bug in the update system
  • [Fix] Display "Return to" links on unwritable forums (Bug #14824)
  • [Fix] Mitigating different realpath() handling between PHP versions (fixing confirm box redirects)
  • [Fix] Fix signature editing - ability to remove signature (Bug #14820)
  • [Fix] Send correct activation key by forcing reactivation for inactive user (Bug #14819)
  • [Fix] Adding correct IP for private messages sent by issuing warnings (Bug #14781)
  • [Fix] Open private message notification (Bug #14773)
  • [Fix] Fixing false new private message indicator (Bug #14627)
  • [Fix] Let newly activated passwords work if users were converted (Bug #14787)
  • [Fix] Quote bbcode fixes. Letting parse quote="[" and re-allowing whitelisted bbcodes within username portion (Bug #14770)
  • [Fix] Allow alternative text for styled buttons if images turned off, but CSS staying on
  • [Sec] Fix bbcode helpline display for custom bbcodes - this requires style changes for any custom style (Bug #14850)
  • [Fix] Correctly count announcements when filtering forums by date (Bug #14877)
  • [Fix] Allow charset names containing underscores or spaces
  • [Fix] Don't allow previous/next links for non-existing topics (Bug #15039)
  • [Change] Do not assign converted votes to the first option in a vote.
  • [Fix] Use correct RFC 2822 date format in emails (Bug #15042)
  • [Fix] Require founder status for some actions on founder-only groups (Bug #15119)
  • [Fix] Allow changing the "now" option of date CPFs (Bug #15111)
  • [Change] Some improvements to the caching of avatars
  • [Change] Set template recompilation to be disabled by default. All mod and style authors and all those who want to modify their styles should enabled it after installation.
  • [Change] Disable debug mode. All mod and style authors should enable DEBUG and DEBUG_EXTRA.
  • [Fix] Check error reporting level for all error level. This fixes a problem for hosts having manipulated the error handler. (Bug #14831)
  • [Feature] Constant PHPBB_DB_NEW_LINK introduced which can be used to force phpBB to create a new database connection instead of reusing an existing one if the dbms supports it (Bug #14927)
  • [Fix] Automatic URL parsing no longer allows dots in the schema but can parse URLs starting after a dot (Bug #15110)
  • [Fix] Dynamic width for birthday select boxes (Bug #15149)
  • [Fix] Recache Moderators when copying permissions. (Bug #15384)
  • [Fix] Propagate sort options in mcp_forums (Bug #15464)
  • [Change] Do not allow [size=0] bbcodes (font-size of 0)
  • [Fix] No duplication of active topics (Bug #15474)

1.v. Changes since 3.0.RC6

  • [Fix] Submitting language changes using acp_language (Bug #14736)
  • [Fix] Fixed wrong bbcode handling for forum rules, forum descriptions and group descriptions
  • [Fix] Fixed faulty form tokens (Bug #14725, #14762 and #14755)
  • [Fix] Fixed bbcode uid generation in the phpBB2 converter (Bug #14722)
  • [Fix] Able to request new password (Bug #14743)

1.vi. Changes since 3.0.RC5

  • [Feature] Removing constant PHPBB_EMBEDDED in favor of using an exit_handler(); the constant was meant to achive this more or less.
  • [Feature] Constant PHPBB_ADMIN_PATH introduced, having the same purpose as PHPBB_ROOT_PATH, but for the ACP.
  • [Fix] Further fixing user profile view (please do not forget to update/refresh your template and style) (Bug #14230)
  • [Fix] Adjust google adsense bot information (Bug #14296)
  • [Fix] Fix horizontal scrollbar problem in IE6 (Bug #14228) - fix provided by Danny-dev
  • [Fix] Use correct size values in ACP user signature screen (Bug #13367)
  • [Fix] Attachment Place inline won't work with single quotes (Bug #14291)
  • [Fix] Unable to save email templates through ACP language page (Bug #14266)
  • [Fix] Correctly set user style for guest user (able to be changed within user management)
  • [Change] Moved note about dns_get_record function for using GTalk (Jabber) from Jabber log to Jabber ACP panel
  • [Fix] Do not use register_shutdown_function within cron.php if handling the queue and the mail function being used (Bug #14321)
  • [Fix] Fixing private message on-hold code if moving messages into folder based on rules (Bug #14309)
  • [Fix] Allow the merge selection screen to work (Bug #14363)
  • [Change] Require additional permissions for copying permission when editing forums
  • [Fix] Local magic URLs no longer get an additional trailing slash (Bug #14362)
  • [Fix] Do not let the cron script stale for one hour if register_shutdown_function is not able to be called (Bug #14436)
  • [Feature] Added /includes/db/db_tools.php file, which includes tools for handling cross-db actions such as altering columns, etc.
  • [Change] Reset the start parameter when the timeframe is changed in the mcp topic page (Ticket #14438)
  • [Change] Added Code for cleaning the confirm table to the session garbage collection
  • [Fix] Fixed token handling in jabber class for extremely spec-compliant XMPP server (Bug #14445)
  • [Fix] Disallowed galleries from using special characters (Bug #14466)
  • [Change] Listing the board url within the email text instead of appending it to the subject (Bug #14378)
  • [Fix] Always display the quote button as the most accessible one (this means edit is before quote in prosilver due to the way we lay out profiles)
  • [Fix] Use correct dimension (width x height) in ACP (Bug #14452)
  • [Fix] Only display PM history links if there are PM's to be displayed (Bug #14484)
  • [Feature] Added completely new hook system to allow better application/mod integration - see docs/hook_system.html
  • [Fix] Correctly delete excess poll options (Bug #14566)
  • [Fix] Allow names evaluating to false for poll options
  • [Change] use in-build functions for user online list (Bug #14596) - provided by rxu
  • [Fix] Fixing google cache display problems with Firefox (Bug #14472) - patch provided by Raimon
  • [Fix] Prevent topic unlocking if locked by someone else while posting (Bug #10307)
  • [Change] Allow years in future be selected for date custom profile field (Bug #14519)
  • [Fix] Don't display "Avatars Disabled" message on edit groups in UCP (Bug #14636)
  • [Change] Require confirm for deleting inactive users. (Bug #14641)
  • [Fix] Match custom BBCodes in the same way during first and second pass - patch provided by IBBoard (Bug #14268)
  • [Fix] Correct quote parsing if opening bracket before opening quote (Bug #14667)
  • [Fix] Clean post message for checking length to prevent posting empty messages
  • [Fix] Display jumpbox if needed for functionality (Bug #14702)
  • [Feature] Added an option to enforce that users spend a configurable amount of time on the terms page during registration
  • [Fix] Fixed copy permissions box in the ACP
  • [Fix] Enforce types for the user table during conversions
  • [Sec] Fixing possible XSS through compromised WHOIS server (#i63, #i64)
  • [Sec] Missing access control on whois in viewonline.php (#i51)
  • [Sec] Encoding some variables within user::page array correctly (to cope with browser not doing it correctly) to prevent XSS through functions re-using them (#i61)
  • [Sec] Fixed XSS through memberlist search feature (#i62)
  • [Sec] Fixed XSS through colour swatch (#i65)
  • [Sec] Fixed insecure attachment deletion (#i53)
  • [Sec] Only allow whitelisted protocols in meta_redirect/redirect (#i66)
  • [Sec] Check file names to be written in language management panel (#i52)
  • [Sec] Deregister globals if ini_get has been disabled (#i112)
  • [Sec] Added form tokens to most forms to enforce a lighter variant of CSRF protection (#i91 - #i96)
  • [Sec] Use new password hash method for forum passwords (#i43)
  • [Sec] Changed download file location to prevent flash crossdomain policies taking effect (#i8)
  • [Sec] Do not allow autocompletion for password on admin re-authentication (#i41)
  • [Sec] Made sure users are not completely locked out if they have a GLOBALS cookie (#i101)
  • [Sec] Use the secure hash to generate BBCODE_UIDs (#i71)
  • [Sec] Increase the length of BBCODE_UIDs (#i72)
  • [Sec] New password hashing mechanism for storing passwords (#i42)

1.vii. Changes since 3.0.RC4

  • [Fix] MySQL, PostgreSQL and SQLite related database fixes (Bug #13862)
  • [Fix] Allow MS SQL to properly connect when using the mssql driver and PHP is less than either 4.4.1 or 5.1 (Bug #13874)
  • [Fix] Ignore files containing HTML special chars in the filenames as gallery avatars (Bug #13906)
  • [Fix] Multiple PM recipients not separated (Bug #13876)
  • [Change] Split the select list for the smilie order to clarify which are feasible and which are not (Bug #13911)
  • [Fix] Convert empty homepage fields (Bug #13917)
  • [Fix] Use board default DST setting on creating new profiles (Bug #11563)
  • [Feature] New constant PHPBB_EMBEDDED can be used to let phpBB not call exit; if wrapped/embedded (We may re-check this constant on other code locations later too)
  • [Feature] append_sid() having a check for the function append_sid_phpbb_hook(). This function is called in favour of append_sid() with the exact same parameters if present.
  • [Fix] Only list enabled modes within the dropdown at user administration (Bug #13883) - patch provided by damnian
  • [Fix] Properly display ban reason if selecting banned entries within the ACP (Bug #13896)
  • [Fix] Properly parse SQL expressions for Oracle (Bug #13916)
  • [Fix] Added label bindings to the custom profile fields in the ACP (Bug #13936) - patch provided by damnian
  • [Change] Made group avatar/rank changes more intuitive
  • [Fix] Give more feedback in icon/smilie management (Bug #13295)
  • [Fix] Correctly set user::lang_id (Bug #14010)
  • [Fix] Properly display the smiley export screen (Bug #13968)
  • [Feature] Add "DECIMAL:", "PDECIMAL", and "PDECIMAL:" to the schema creation code (Bug #13999) - patch provided by poyntesm
  • [Fix] Don't show the notify checkbox in the approval queue if the only posts are written by ANONYMOUS (Bug #13973)
  • [Fix] Redirect to bots management page on edit/add (Bug #14073)
  • [Fix] Display locked icon in viewforum/prosilver if forum locked (Bug #14009)
  • [Feature] Display message history in compose PM screen
  • [Change] Do not force login on visiting topic/forum from notification emails (Bug #13818)
  • [Fix] Fixed cron_lock value for cron execution. This bug led to users having problems with the email queue and other cron related issues.
  • [Fix] Prevent white pages on php notices with gzip compression enabled (Bug #14096)
  • [Fix] Propagate the cleaned identifier for CFPs (Bug #14072)
  • [Fix] Do not display NO_TOPICS message if viewing non-postable category (Bug #13489)
  • [Fix] Let the theme immediately expire if changed from ACP for at least 30 minutes after change
  • [Fix] Do not append hilit= in search if highlighting term is empty (Bug #13910)
  • [Fix] Return to last page after voting in viewtopic instead of first page in topic (Bug #13976)
  • [Fix] If sending PM's to groups only include activated member (Bug #14040)
  • [Fix] Correctly wrap words in emails containing utf8 characters (Bug #14109)
  • [Change] For new posts or editing the first post topic titles have a maxlength of 60 characters. For any subsequent posts the length is extended to 64 to make room for the Re: part, but cutting at 60 characters. The maxlength need to be 64, else users using opera are unable to post (opera does not allow pre-filling a field with more characters than specified within the maxlength attribute)
  • [Fix] Disable gzip compression for cached stylesheet for Internet Explorer 6 or empty browser (IE6 is not able to properly display the compressed stylesheet) (Bug #14054)
  • [Fix] Header icons fixed in FF for RTL languages (Bug #14084)
  • [Change] Words in topic titles and post subjects are highlighted on the search results page and viewtopic too now (Bug #13383)
  • [Fix] Made sure strip_bbcode cannot get the idea that a smiley is a BBCode (Bug #14030)
  • [Change] Added a filter for user objects to LDAP configuration and improved explanations (Bug #12627)
  • [Fix] Display searchable subforums of invisible parents in advanced search forum selection (Bug #11395)
  • [Fix] Allow line breaks in custom BBCodes (Bug #10758)
  • [Fix] Ordered BBcode parsing functions in the same way everywhere where they are used
  • [Fix] Prevent {URL} token in custom BBCodes from make_clickable messing (Bug #14151)
  • [Sec] Added alternative tokens to custom BBCodes which are safe for CSS/Javascript and changed TEXT token to entitise opening and closing parantheses.
  • [Fix] Convert 2.0 moderator posting permissions (Bug #14105)
  • [Fix] Correctly apply PM box limit of 0 to custom folder (Bug #14154)
  • [Fix] odbc_autocommit causing existing result sets to be dropped (Bug #14182)

1.viii. Changes since 3.0.RC3

  • [Fix] Fixing some subsilver2 and prosilver style issues
  • [Fix] Parse error in MCP ban (Bug #13109)
  • [Fix] Correctly hide online status in the profile (Bug #13059)
  • [Feature] Let the user choose how to update modified files (merging, using new file or using old file) within automatic updater
  • [Fix] An extra \ in an Oracle SQL regex was corrected (Bug #13151)
  • [Fix] Added a missing global to get_file() (Bug #13149)
  • [Fix] Hide autologin box when autologin is disabled (Bug #13093)
  • [Fix] Account for the forum id not being part of the request uri in prosilver (Bug #13121)
  • [Fix] Properly alter PostgreSQL tables
  • [Fix] Properly cache template files that were stored in the database (Bug #12675)
  • [Fix] Do not count the deletion of an unapproved topic as a decrease in normally viewable posts (Bug #13167)
  • [Fix] Allow column_exists() to return true if the column exists but no data is in the table
  • [Fix] Allow setting the smiley order via the select. Also allow to add smileys at the top. (Bug #13199)
  • [Fix] Fix php notice on sending jabber messages (Bug #13201)
  • [Fix] Make the window showing file differences a little wider (Bug #13157)
  • [Fix] Preserve preview style on search form (Bug #13205)
  • [Fix] Place attachment filename in new line in posting editor (Bug #9726)
  • [Fix] Don't allow caching to occur in the update sequence (Bug #13207)
  • [Fix] Enforce the max password length for automatically generated password created by the password sender (Bug #13181)
  • [Fix] Handle phpinfo() when expose_php is false (Bug #12777)
  • [Fix] Allow managing of forum roles without global users (Bug #13249)
  • [Change] Do not run cron script if board is disabled
  • [Fix] Correctly destroy sql cache for some query combinations (Bug #13237)
  • [Fix] Allow link forums being password protected (Bug #12967)
  • [Fix] Allow wrapping topic/post icons in posting editor (Bug #12843)
  • [Fix] Display L_RANK only once in template if rank title and image defined (Bug #13231)
  • [Fix] Make sure selected transfer method exists before calling (Bug #13265)
  • [Fix] Correctly escape language keys in language editor (Bug #13279)
  • [Fix] Correctly hide post/reply buttons if permissions are not given (related to Bug #12809)
  • [Fix] Remove orphan/wrong permission entries for non-existent forums - self-repairing permissions if conversions went "crazy"
  • [Feature] Allow "older" updates applied with the automatic updater. This allows people using it for updating, say, from 3.0.0 to 3.0.1 (with the correct package of course) and then from 3.0.1 to 3.0.2 if the latest version at this time is 3.0.2. These changes take effect beginning with RC4 or people replacing install/install_update.php manually prior doing the updates.
  • [Fix] Present correct error message if user tries to edit already read private message (Bug #13271)
  • [Fix] Also display board disabled notice for admins/mods if board got disabled due to exceeding the load limit (Bug #13267)
  • [Fix] Correctly deliver avatar if readfile function has been disabled (Bug #13309)
  • [Fix] Display php information page with the correct direction (Bug #12557)
  • [Fix] Increased the number of style objects (styles, templates, themes and imagesets) possible from 127 to 65535 for MySQL (Bug #13179)
  • [Fix] Although theoretically impossible in our code, removed the chance of trying to open a file that does not exist (Bug #13327)
  • [Fix] Although theoretically impossible in our code, changed the handling of non-existent language files (Bug #13329, #13331)
  • [Fix] Removed extra ampersand from ACP link (Bug #13315)
  • [Fix] used cleaned up version of given field identification for pre-filling a new custom profile field (Bug #13319)
  • [Fix] Correctly convert 2.0 website profile fields. (Bug #13379)
  • [Fix] Fixed the "Alphanumeric" and "Alphanumeric and spacers" username selection limitations (Bug #13391)
  • [Fix] Make sure filelist() is only returning array types (Bug #13385)
  • [Fix] Correctly mark forums read if using cookie based topic tracking (Bug #13245)
  • [Change] Put custom profile fields into top box and signature into separate box in members profile view (Bug #13357)
  • [Fix] Only show moderator log entries for forums the user is having moderation rights in (Bug #12481)
  • [Feature] Show resulting permission alone in trace window (Bug #10952) - thanks to dark/rain for the proposal
  • [Fix] Fixed bug in realpath replacement letting it actually work again
  • [Change] Try to be a bit more specific regarding global/local permission trace (Bug #11032)
  • [Fix] Fixed some strangeness in password validation due to mb_ereg()
  • [Fix] Subforums of a forum would overwrite the latest post information even if they did not contain the latest post (Bug #11931)
  • [Fix] Use global username display function on several places (Bug #11080, #11098) - patch by HoL
  • [Fix] Several viewonline fixes and feature changes. Also displaying the users browser in viewonline list to let the admin easier spot additional search bots, connected to a_user permission (Bug #11088) - patch and suggestions provided by HoL
  • [Change] u_viewprofile permission also affecting viewonline list now
  • [Fix] Do not display return to search link in prosilver if search is not allowed (Bug #11393)
  • [Fix] Use global url validation for img bbcode tag (Bug #11935)
  • [Fix] Added proper unicode support to style names (Bug #12165)
  • [Fix] Search result extract should not end in the middle of a multibyte character (Bug #11863)
  • [Fix] Missing localisation for an imageset no longer triggers a lot of "imageset refreshed" log messages (Bug #12027)
  • [Fix] Explain that themes which need parsing cannot be stored on the filesystem (Bug #11134)
  • [Fix] Normalize usernames
  • [Change] Improved utf8_clean_string with a more complete list of homographs and NFKC normalization
  • [Fix] Fixed error messages that ACP Database can give (Bug #13463)
  • [Fix] Fixed potential issues with databases that use tables names is uppercase
  • [Fix] Handle forum links/redirects within viewforum if no read permission given (to display login box or error message) (Bug #13467)
  • [Fix] Prevent changing postable forum having subforums to link forum without moving subforums out first
  • [Fix] Do not display version in admin template (Bug #13495)
  • [Fix] Allow manual specification of remote avatar dimensions if getimagesize is disabled (Bug #13531)
  • [Fix] Make viewonline use the session page's added forum parameter (Bug #13597)
  • [Fix] Correcting BBCode FAQ (Bug #11180)
  • [Fix] Make to/bcc line in view private message display consistent with other username displays in prosilver (Bug #11989)
  • [Fix] Send out activation email if admin activation is enabled and user activated through inactive users panel upon registration (Bug #12065)
  • [Change] Re-implemented All Yes/No/Never links in permission panels for easier changing all categories at once
  • [Change] Advanced permission link now "marked" if no role is assigned and custom permissions set. With this an admin can instantly see if the object is not set at all or having custom permissions, something you only saw if advanced permissions were viewed before.
  • [Fix] Change misleading custom BBCodes explanation, regarding tokens and useable template variables (Bug #12403, #5660)
  • [Feature] Ability to disable birthdays completely with new board features setting
  • [Fix] Fix disallowed username check (Bug #13511)
  • [Fix] Allow for unicode usernames to be pruned (Bug #13643)
  • [Fix] Do not copy forum permissions from self (Bug #13663)
  • [Fix] Allow for polls to work during preview (Bug #13657) - thanks to Thatbitextra
  • [Fix] Finer error conditions for sending IM messages (Bugs #13681, #13683)
  • [Fix] Add a confirmation for log deletion in the MCP (Bug #13693)
  • [Fix] Do not erase ranks and avatars when changing default groups (Bugs #13701, #13697)
  • [Fix] Limit author searches to firstpost, if selected (Bug #13579)
  • [Fix] Properly resync user post counts for users that have no posts (Bug #13581)
  • [Fix] Do not require space after , in smiley pak files (Bug #13647)
  • [Fix] Properly display the subscribe link in topic and forum display for Oracle (Bug #13583)
  • [Change] Add version number to ACP index (Bug #13703)
  • [Fix] Several fixes for custom profile fields on multi-lingual boards (Bugs #13763, #13527, #13525, #11515)
  • [Fix] Return to the mode previously selected after disaproving a post (Bug #13796)
  • [Fix] Cron now uses a locking variable to make sure it does not spawn too many webserver processes (Bug #12741)
  • [Fix] Cached stylesheet now supporting gzip compression
  • [Fix] Added link to inbox for deleted PMs (Bug #13813)
  • [Fix] Re-syncing the board stats also refreshes the newest user (Bug #13831)
  • [Feature] Ability to externally set $phpbb_root_path if wrapping phpBB3 by defining constant PHPBB_ROOT_PATH
  • [Fix] Implemented correct left/right floating within ACP in regard to RTL languages (Bug #13777)
  • [Fix] Fixing session problems when using MySQL strict mode in conjunction with very long browser agent string (Bug #13827)
  • [Fix] Disallow post/pm subjects entirely made up from non-printable chars and whitespaces (Bug #13800)
  • [Fix] Allow moving private messages from the sentbox (Bug #13791)
  • [Fix] Properly export localized imagesets
  • [Feature] Show the size of Firebird databases
  • [Fix] Show error when moving topic into a category via quickmod (Bug #11611)
  • [Fix] Allow Oracle to install on a database without specify the database name

1.ix. Changes since 3.0.RC2

  • [Fix] Re-allow searching within the memberlist
  • [Fix] Force prune related values to integers during conversions
  • [Fix] Updater now detects successfully merged files having conflicts and user chose to merge with modifications (Bug #12685)
  • [Fix] Updater is no longer listing missing language entries and styles if these had been removed (Bug #12655)
  • [Fix] Correct approval of posts in global announcements (Bug #12699)
  • [Sec] Do not allow setup spiders/robots to post, even if permissions are given. We see no reason why this should be possible. (Thanks to Frank Rizzo for convincing us regarding this)
  • [Sec] Do not display the last active column within the memberlist if u_viewonline permission is not given (Bug #12797)
  • [Fix] Display custom profile field "date" based on users language (Bug #12787)
  • [Fix] Allow adding of help language files within subdirectories (Bug #12783)
  • [Fix] Correctly apply smileys on posting having # within their emotion code
  • [Fix] Correctly convert smileys having double quotes within their emotion code (Bug #12731)
  • [Fix] The converter now adds the protocol to user website profile fields missing it (Bug #12819)
  • [Fix] Correctly escape banned ip/email using wildcard for ban check (Bug #12815)
  • [Fix] Fixed some very nasty opera bugs (dropdown list bug, cpu spike bug) (Bug #12763, #11609)
  • [Fix] Font colour list having the correct height in IE (Bug #9571)
  • [Feature] Added mark/unmark all links to the bots page (Bug #12461)
  • [Fix] Introduced check on duplicate usernames during bot creation/edit (Bug #12461)
  • [Fix] Allow multibyte letters for smilie codes(Bug #12321)
  • [Fix] Correctly chmod created cache files (Bug #12859)
  • [Fix] Use our global expression for checking email syntax in memberlist (Bug #12827)
  • [Fix] Correctly retrieve/refresh templates stored in database if using subdirectories within template directory (Bug #12839)
  • [Fix] Correctly translate special group names in ucp_groups.php (Bug #12597)
  • [Fix] Search boxes not loosing session id (changing method from get to post) (Bug #12643)
  • [Fix] Make sure the automatic update is also working for those having fsockopen disabled
  • [Fix] Simulate recache of theme data on automatic update finished page - recaching it if css data changed
  • [Feature] Allow dropping in custom "info_[module class]_*.php" files to language/*/mods directory for inclusion into the menu structure without the need to modify phpBB language files for menu placements
  • [Fix] Added login box to egosearch (Bug #12941)
  • [Fix] Deal with slashed quotes during quote bbcode conversion (Bug #12607)
  • [Fix] Minor language and style fixes (Bugs #12235, #12493, #11949)
  • [Feature] Added backlinks to mcp_report (Bug #12905)
  • [Fix] Only check usernames in guest posts upon edit (Bug #11349)
  • [Fix] Consider viewonline permission when viewing friends/foes (Bug #12955)
  • [Fix] Added proper unicode support to ban reasons (Bug #12947)
  • [Fix] The forum/topic sync code now recognizes other ways that the latest post in a topic can be expressed (Bug #12947) - patch provided by APTX
  • [Fix] Topic deletion via the user post deletion mechanism did not take into account statistics for forums that hold shadow topics (Bug #12981)
  • [Fix] Allow for negative and decimal numbers to be in transposed queries in the Oracle and Firebird DBAL (Bug #13033)
  • [Fix] Some jabber related bugs (Bug #12989, #11805, #11809)
  • [Fix] Added UTF-8 support for banning via the MCP (Bug #13013)
  • [Fix] Properly detect the script name in session::extract_current_page() if PHP_SELF is not defined (Bug #12705) - patch provided by ToonArmy
  • [Fix] Show role mask for global permission class under Permissions->Permission Roles (Bug #13057)

1.x. Changes since 3.0.RC1

  • [Fix] (X)HTML issues within the templates (Bug #11255, #11255)
  • [Fix] Tiny language and grammar changes
  • [Fix] Several style related fixes, mainly fixing cross-browser issues
  • [Fix] Several RTL fixes within prosilver
  • [Fix] MCP looses forum_id in some panels (Bug #11255)
  • [Fix] Moderation queue used unfriendly notification of no posts/topics (Bug #11291)
  • [Fix] Array in Oracle DBAL not always set (Bug #11475)
  • [Fix] Improper continue; in acp_styles.php (Bug #11523)
  • [Fix] Imageset editor more friendly (Bug #11511)
  • [Fix] Made Custom BBCode validation more strict (Bug #11335)
  • [Fix] Proper sync of data on topic copy (Bug #11335)
  • [Fix] Introduced ORDER BY clauses to converter queries (Bug #10697)
  • [Fix] Stopped bots from getting added to the registered users group during conversion (Bug #11283)
  • [Fix] Filled "SMILIEYS_DISABLED" template variable (Bug #11257)
  • [Fix] Properly escaped the delimiter in disallowed username comparisons (Bug #11339)
  • [Fix] Check global purge setting (Bug #11555)
  • [Fix] Improper magic url parsing applied to already parsed [url=] bbcode tag (Bug #11429)
  • [Fix] Renamed two indicies for Oracle support (Bug #11457)
  • [Fix] Added support for ISO-8859-8(-i) in the character set convertor (Bug #11265, #12039)
  • [Fix] Added support for Oracle's "easy connect naming"
  • [Fix] Let Mark/Unmark All work in Manage Drafts (Bug #11679)
  • [Fix] Display correct message if no attachments found in user administration (Bug #11629)
  • [Fix] Let the "Delete all board cookies" being displayed for guests too (only prosilver) (Bug #11603)
  • [Fix] Do not display view topic link in MCP while there is no link present (Bug #11573)
  • [Fix] MySQL now properly sorts by post_subject (Bug #11637)
  • [Fix] Introduced checks to stop negative postcounts (Bug #11561, #11421)
  • [Fix] Allow IP v4/v6 urls for remote avatars (Bug #11633)
  • [Fix] Delete avatar files automatically (Bug #11631)
  • [Fix] Automatically add selected columns to group by statements in the converter (Bug #11465)
  • [Fix] Allow posts without subjects to be clicked in the MCP (Bug #11483)
  • [Fix] Sync the forums that shadow topics reside in when the topic that they point to is deleted
  • [Fix] Do not use the gen_random_string function to create cookie names during install (Bug #11431)
  • [Fix] Send stylesheet in style.php even without a valid session id (Bug #11531)
  • [Fix] request_var should strictly return the requested number of dimensions
  • [Fix] Correct assignment of custom width to $user->img(); / Correctly display poll bars in subsilver2 (Bug #11301)
  • [Fix] Allow removing polls in prosilver
  • [Fix] Correct link to post in managing users attachments (Bug #11765)
  • [Fix] Reload confirm screen for selecting new forum for global topic type change if not postable forum is chosen (Bug #11711)
  • [Fix] Correctly show system default color for disabled options in Internet Explorer which does not support disabled option fields
  • [Fix] Update query for custom profiles in user management used wrong order for left/right delimiter (affecting mssql) (Bug #11781)
  • [Fix] Inconsistent display of more smileys link fixed (Bug #11801)
  • [Fix] Outbox messages are no always neither new nor unread post-conversion (Bug #11461)
  • [Feature] Replaced outdated jabber class with the one from the flyspray project
  • [Feature] The converter no longer relies on the smiley ID to decide if it should be displayed on the posting page
  • [Change] Limit maximum number of allowed characters in messages to 60.000 by default. Admins should increase their PHP time limits if they want to raise this tremedously.
  • [Change] Some changes to the conversion documentation
  • [Fix] Only use permissions from existing forums during the conversion (Bug #11417)
  • [Fix] Do not permit the decimal as a valid prefix character (Bug #11967)
  • [Fix] Account for the fact that the IM fields might hold non-IM information
  • [Fix] Make the queue function on post details
  • [Fix] Check if there are active styles left before deleting a style
  • [Fix] Correctly update styles after the deletion of an imageset.
  • [Fix] Replaced jabber validation to use the method used by the new jabber class (Bug #9822)
  • [Sec] Adding confirm boxes to UCP group actions (ToonArmy)
  • [Feature] Added the option to disable the flash bbcode globally (DelvarWorld)
  • [Sec] Changed the embedding of Flash (NeoThermic, DelvarWorld)
  • [Fix] Use the signature setting for PMs (Bug #12001)
  • [Fix] Made the DBMS selection use language variables (Bug #11969)
  • [Fix] Make sure that a folder is used when viewing messages to oneself (Bug #12105)
  • [Fix] Account for the fact that a board might have no visible Admins (Bug #12185)
  • [Fix] Change group ranks even if empty (Bug #12231)
  • [Fix] Correctly propagate variables across the custom profile field wizard (Bug #12237)
  • [Fix] Correctly move pm's into folders if more than one is received (Bug #12135)
  • [Fix] Corrected various bugs with CPF on multi-language boards (Bug #11803)
  • [Fix] Disable notify checkbox in posting editor when board email is disabled (Bug #12263)
  • [Fix] Removed maxlength from password/username fields (Bugs #12215, #11797)
  • [Fix] Use icon-unsubscribe in prosilver (Bug #12211)
  • [Fix] Seperated PREVIOUS/NEXT language vars for pagination and next/previous step (Bug #12197)
  • [Feature] append_sid() supporting anchor (Bug #11535) - patch provided by Schumi and ToonArmy
  • [Fix] Remember selected language while registering after submit (Bug #11435)
  • [Fix] UTF-8 support in theme and template editors (Bug #12251)
  • [Fix] Allow for posts per page in the MCP to change during topic selection (Bug #12067)
  • [Fix] Remove group avatars upon deletion from all profiles, not just the people having the group as default (Bug #12275, #12267)
  • [Fix] Allow for conversions to SQLite (Bug #12279) - patch provided by ToonArmy
  • [Fix] Apply colours to guests (Bug #12219)
  • [Fix] Set the Admin group as founder_manage during conversion (Bug #12287)
  • [Fix] Fixed a special quote BBCode case (Bug #12189)
  • [Fix] Correctly parse BBCodes in a post when a poll is being used (Bug #11833)
  • [Fix] Remember attached files on PM edit (Bug #12019)
  • [Fix] Correctly display poll ending on preview (Bug #12303)
  • [Feature] Display the success message on posting longer for posts awaiting approval (Bug #12053)
  • [Fix] Display maximum and entered number of characters for the "maximum number of characters exceeded" error messages (Bug #11981)
  • [Fix] Wrongly applied setting for allowing links in private messages (used the signature setting instead of the post setting) (Bug #11945)
  • [Fix] Unread flag for multipage topic wrongly set under some conditions (Bug #12127) - fix provided by asinshesq
  • [Fix] Able to delete posts within user prune panel (Bug #11849)
  • [Feature] Allow to specify dimensions of images manually on imageset config (Bug #11675)
  • [Fix] Correctly re-assign query result id after seeking rows (MSSQL/Firebird) (Bug #12369)
  • [Feature] Make effect of a changed hideonline permission instantaneous
  • [Fix] Do not overwrite larger memory values in the installer (Bug #12195)
  • [Fix] Order forums on role permission mask (Bug #12337)
  • [Fix] Show "no image" image when a non-selectable item was selected in the acp imageset editor - IE (Bug #12423)
  • [Fix] Update session information without new pageload (Bug #12393, Bug #12441)
  • [Fix] Let polls be edited correctly (Bug #12433)
  • [Fix] Overcome Oracle's inability to handle IN() clauses with over one thousand elements (Bug #12449)
  • [Fix] Simulate Firebird's affected rows mechanism for older versions of PHP
  • [Fix] Custom BBCodes properly handle lowercasing of parameterized tags (Bug #12377)
  • [Fix] Update the forum_id sequence for PostgreSQL during conversion (Bug #11927)
  • [Fix] Allow for multiple tags containing URL and LOCAL_URL tokens (Bug #12473)
  • [Fix] Properly display forum list in the MCP Queue (Bug #11313)
  • [Fix] Use the localised guest name for quotes (Bug #12483)
  • [Fix] Added post anchor to links in default warning message (Bug #12489)
  • [Fix] Allow 5 digits in editing time fields (Bug #12489)
  • [Fix] MS SQL DBAL drivers now write over extension limitations, they are too low for most installations (Bug #12415)
  • [Fix] Fix sorting by author on "unanswered posts" (Bug #12545)
  • [Fix] Allow searching for multibyte authors (Bug #11793)
  • [Fix] Writing directories/files with correct permissions using FTP for transfers on PHP4
  • [Fix] Oracle sequences during conversions are now corrected (Bug #12555)
  • [Fix] Allow users to continue after selecting "No" in the merge quickmod confirmation (Bug #12577)
  • [Fix] Correctly check permissions on the UCP subscription/bookmark pages (Bug #12595)
  • [Fix] Only convert non-orphaned PMs
  • [Fix] Fixed a few Postgres related errors (Bug #12587)
  • [Feature] New DBAL wrapper for LIKE expressions / sql_like_expression()
  • [Sec] Stricter validation of language entries.

2. Copyright and disclaimer

This application is opensource software released under the GPL. Please see source code and the docs directory for more details. This package and its contents are Copyright (c) 2000, 2002, 2005, 2007 phpBB Group, All Rights Reserved.