1.i. Changes since 2.0.3
Fixed cross-browser scripting issue with highlight param
Back-ported highlighting code from phpBB 2.2
Add session id validation to posting, profile, email, voting - Edwin van Vliet
Added {S_HIDDEN_FIELDS} template var to profile_send_email.tpl
Added "intval" fix for flood check, may resolve some issues
Added missing index to post_id for search_wordmatch
Fixed spelling error in search add words preventing use of stopword list
Fixed issue with search common words not being run
Introduce viewtopic resync patch by Ashe
Replace a for n in templating code
Fixed ordering in memberslist
Fixed group_id sequence issues with pgsql and msaccess
Fixed assumption of word censors in user notification
Fixed incorrect display of quotes in user management fields
Fixed entry of special chars in all profile fields - note this may cause temporary issues
Fixed incorrect display of quotes when using avatar gallery
Fixed missing username in email sent to users when admin activated
Added check for non-empty smiley code and url in smiley admin
Prevent display of -- sig seperator in emails when no board sig exists
Fixed URL propagated sid issues with jumpbox
Fixed wrong mode name check (polldelete) in functions_post
Added missing root path to l10n image path check
Remove validation of fields when deleting a user
Fixed sort mode select box in memberslist to default to current mode
Deny inline topic review listing to users without auth_read permissions
Prevent display of topic notification checkbox if user cannot read forum
Remove incorrect pre-pending of IP to uploaded avatars
Fixed deletion of uploaded avatars when changing to remote/gallery
Added check for non-blank line during install schema/basic sql ops
Added sort ordering to Top Ten poster listing by request
Fixed incorrect error report when altering case of username
Added jumpbox output to modcp {JUMPBOX} will now work
Fixed non-updating of users with MOD levels when deleting a forum
Remove email to group moderator when approving new members
Fixed non-handling of HTML in poll options
Fixed non-deletion of polls when deleting forum and its posts
Fixed moved shadow topic from being bumped upon reply
Changed field size of timezone to decimal(5,2) where applicable
Fixed missing sid append to URL when redirecting to newest reply
Fixed missing slashes in private IP preg check
Fixed session not setting userdata['user_id'] to ANON as appropriate
Added check for non-empty name in disallow admin
Fixed validation of SSL website addresses in profile
Fixed inability of admins to upload avatars via user admin panel
Fixed non-deletion of private message text upon full box overwrite
Fixed incorrect error message in smiley admin
Fixed incorrect alt-text for "Stop Watching Topic" image
Temporary fix for missing lang strings in forum admin - translators should update their packages if not done already
Use selected localisation during later stages of installation
Fixed non-check of permissions when deleting a topic via Moderator Control Panel
Fixed non-update of banlist upon user deletion
Check approved users boxes by default in usergroup approve form
Fixed non-appending of sid to backup meta refresh
Fixed non-notification of no support for certain databases in backup/restore
Added $images var to message die global declaration
Fixed wrong string, Private_message in Private Messaging
Add mail send result to error output
Fixed non-appending of sid to Mozilla nav bar menu items
Fixed incorrect profile linking from MSNM url in private messaging
Grammatical errors in English lang_main fixed - Cluster
Allow deletion of avatar and simultaneous upload/linking/gallery selection
Fixed non-updating of user rank when changing from special to normal rank in rank admin
Changed user topic notification default in schemas to 0 (off)
Fixed non-XHTML compliant img tags in privmsg.php
Fixed non-deletion of announcements and polls when removing forum contents in forum admin
Fixed non-pruning of watched topics table when pruning related topics
Enable GET redirect on logout
Added check for IE6.x to viewtopic ICQ indicator javascript
Fixed empty username quoting with MS-SQL
Fixed BBCode url, magic url and img tags to allow most chars beyond domain names
Prevent parsing of -ve size values in BBCode size tag
Back ported HTML handler from 2.2, this may impact some boards which allow complex HTML - existing parser remains but commented out
Fixed parsing of word censors to not censor words within < and > tag delimiters
Fixed database utilities failing to backup data with MySQL
Fixed signature parsing in User Admin
Fixed missing class="post" tags in subSilver Admin templates
Fixes for paths under Apache2
Added wrap text with tag support for posting in Mozilla 1.1+
Fixed use of missing CSS classes in modcp_split, group_info_body, error_body and agreement
Fixed ability of users to edit polls even after they have received votes
Fixed header Location to be absolute URL as per HTTP 1.1 spec - noted by PhilippK
Added additional session_id checks to MCP, topic subscription, PM and similar items
Fixed colour select box in posting_body to reset to Default colour after selection
Altered PM icon to show new image until messages have been read
Fixed incomplete deletion of PMs when removing the associated user
Fixed unread and new PM user counters to decrement appropriately in all situations
Fixed possible cross-site scripting issue with username search
Fixed some problems with gzip in combination with newer PHP versions and Mozilla
Fixed wrong maxlength in modcp_split.tpl subject field
Fixed inability to edit username of guest poster - vHiker
Fixed ability for guests to post with certain registered usernames
Fixed various HTML issues to improve XHTML compliance - Daz
Fixed missing template var {L_PM} for memberslist - Daz
Fixed wrong key name for $images['Topic_un_watch'] - Daz
Fixed missing template var {S_WATCH_TOPIC_IMG} for viewtopic - Daz
Fixed missing default constraints for post table under MSSQL
Fixed incorrect field size for forum pruning - preventing days > 256
Fixed continuing redirect issues for broken web servers, e.g. IIS+CGI PHP
Fixed inability to use ftp as a protocol for the [img] tag
Fixed incorrect handling of [img] tags containing %20 encoded spaces
Added check for . within cookie_name, change to _ if present
Added SHOW_ONLINE constant to limit "users online" code operation to index and viewforum
Added "temporary" workaround for Apache2 + PHP module ignoring "private" cache header
Added workaround for modcp IP lookup and links to Anonymous user profile
Fixed broken bbcode parsing of quotes containing bbcode in the "username"
Fixed excess slashes in
first pass encoding
Fixed rendering issue with quote button under Mozilla - Daz
Grammatical errors in remaining core lang files fixed - Cluster
Fixed bbcode quote breaking when username contained ] before [
Fixed duplicate group_id error during upgrade of users from phpBB 1.x
Fixed stripslashes() problem with the conversion of the config table from phpBB 1.x
Rejiggled validation code, may eliminate "Username disallowed" issues
Fixed differing initial "public" setting of forum permissions between different files
Added check for invalid (non-compliant) email addresses to upgrade script
Further redirect workarounds for broken servers, please direct further issues to the vendors
Added GMT + 13 to English lang_main, all translators are encouraged to do likewise
Added switch to default_lang email template if user lang template no longer exists
Fixed javascript error when selecting smiley containing a single quote
Update users watched topic if a post they made is split into a new topic
Fixed situations where email templates contain incorrect or missing subject lines
Fixed error when searching for posts and no forums exist
1.ii. Changes since 2.0.2
Fixed potential cross-site scripting vulnerability with avatars - Showscout
Fixed potential SQL rewrite issue in page header - missing contrib
Fixed potential CSS/HTML rewrite on viewing in login - Marc Rees
Fixed (hopefully) issue with MS Access and multiple pages
1.iii. Changes since 2.0.1
Fixed missing "username" lang variable in user admin template
Session work around for users behind rotating IPs - vHiker
Fixed potential session user_id re-write - Ashe
Fixed potential cross-browser scripting issue with BBCode URLs
Fixed potential gallery avatar exploit - Ashe
Fix sorting of smileys on each function call - Ashe/psoTFX
Clear topic_mod text output in viewtopic - Lars
Fix regex for avatar remote urls
Fix non-updating of user post counts when deleting whole topics
Increase time limit when sending topic reply notifications
Set default forum when splitting topics
Fix non-deletion of uploaded avatars when switching to gallery
Removed various closing newlines from included files
Add MAX_ROWS to HEAP table alter in install/upgrade - Ashe
Update username maxlength for subSilver templates
Allow ( and ) in BBCode [url] tags
Fix non-quoting of # in username validation regexs
Fix overlooked global var in private messaging
Possible fix for \r\n email templates issues
Fix missing str_replace for category title forum admin SQL
Fix trailing , when sending emails via smtp
Fix avatar issues in user admin
Fix improper checking of email address ban in sessions
Fix use of hard coded language strings in forum admin
Fix missing closing ) in smilies admin
Fix missing Username label in user admin
Fix upgrade.php bug where conversion would not complete (and updated other scripts to match the changes)
Fix problem with redirect and login.php
Fix typo that could cause problems with sorting in the memberlist
Fix emailer to allow sending emails with language-specific character sets
