Press "Enter" to skip to content

phpBB updrade patch to 2.0.13

Two bugs found in the phpBB 2.0.12 code need to be patched immediately.
They are posted here on the Official Announcement page.

Just two lines of code need to be changed, but they are critical bugs! I’ll say it again, upgrade immediately. No database changes required.

Open includes/sessions.php

Find:
Code:
if( $sessiondata['autologinid'] == $auto_login_key )

Replace with:
Code:
if( $sessiondata['autologinid'] === $auto_login_key )

Open viewtopic.php

Find:


$message = str_replace(‘”‘, ‘”‘, substr(preg_replace(‘#(>(((?>([^><]+|(?R)))*)<))#se’, “preg_replace(‘#b(” . $highlight_match . “)b#i’, ‘<span style=”color:#” . $theme[‘fontcolor3′] . “”><b>1</b></span>’, ”)”, ‘>’ . $message . ‘<‘), 1, -1));

Replace with:
Code:

$message = str_replace(‘”‘, ‘”‘, substr(@preg_replace(‘#(>(((?>([^><]+|(?R)))*)<))#se’, “preg_replace(‘#b(” . $highlight_match . “)b#i’, ‘<span style=”color:#” . $theme[‘fontcolor3′] . “”><b>1</b></span>’, ”)”, ‘>’ . $message . ‘<‘), 1, -1));