Change Logs

From XMBdocs

XMB 1.9.11

 * Released on 1 March 2009
 * ~MySQL Version Requirement Raised to 4.1.7.

New Features

 * 0000276: Un-Backwards the Authentication Checks.
 *  - 0000040: Move More Code from header.php into elevateUser().
 *   - 0000023: Redesign the Language System.
 *    - 0000144: Language File Import Tool.
 * 0000257: Context Sensitive Quick Jump.
 * 0000240: Apply the same regex to avatar URLs as [img] URLs.
 * 0000224: memcp.php?action=subscriptions Needs to be Multi-Paged.
 * 0000258: Show Attachments and Thumbnails in Post Preview.
 * 0000170: Add upload limit description to attachment templates.
 * 0000074: Links for Each Post.
 * 0000003: Require Authentication Before Password Change.
 * 0000054: Rennovate the Search Feature.
 *  - 0000099: Censor Search Input From Non-Staff.
 *  - 0000147: Multi-Forum Search Selections.
 *  - 0000146: Subject-Only Search Option.
 *  - 0000145: Context-Sensitive Search Links.
 * 0000055: Make Admin Icons Part of the Theme System.
 * 0000056: [Meta] Search Engine Optimization.
 *  - 0000160: Change Footer Link Text.
 *  - 0000092: Add Sample robots.txt File to Distribution.
 *  - 0000235: Third Redirect in Viewthread Should Use Status 301.
 *  - 0000123: Implement Status 503 for bbstatus Option.
 *  - 0000268: Implement rel canonical.
 *  - 0000225: Redirect Guests to Login on Access Errors.
 *  - 0000175: Action=Printable Should Link Back to Thread.
 *  - 0000014: memcp, u2u links and prevent indexing of post and search.
 * 0000171: Function Parameter Efficiency Review.
 * 0000036: Members location sort.
 * 0000077: New Tool to Fix Orphaned Posts.
 * 0000017: Reorganize Member Management Tools.
 * 0000018: Add Reg Form Description of Disallowed Chars for Usernames.
 *  - 0000062: Add Reg Form Case Sensitivity Explanation for Captcha.
 * 0000244: ~MySQL Error Reporting Improvement.
 * 0000027: [Meta] Overhaul the Attachment System.
 *  - 0000019: Enable Attachment Persistence for Post Previews.
 *  - 0000031: Thumbnails for Attached Images.
 *  - 0000028: Image Attachment Limit.
 *  - 0000030: Inline Attachment Caching.
 *  - 0000029: Multiple Attachments.
 *  - 0000198: Simultaneous Upload.
 *  - 0000032: Disk Storage Option for Attachments.
 *  - 0000116: Check for Output Corruption for Attachments.
 *  - 0000128: Thumbnails for Hotlinked Images.
 *  - 0000135: "Pretty" URLs for Attachments.
 *  - 0000137: Add New Attachment Options to Admin Panel.
 * 0000158: Email Notices Should Always Include a Link.
 * 0000004: Redesign Moderator Log System.
 * 0000169: Members Before Guests in Whos Online.
 * 0000150: Check for Output Corruption for Captcha.
 * 0000069: New setting & default: IP banning Disabled.
 * 0000100: Allow HTML in Board Rules.
 * 0000129: Implement New $full_url Checking in Installer.
 * 0000006: U2U Popup Alert.
 * 0000151: Check for Output Corruption at End of header.php.
 * 0000068: Add DEBUG logic to check if the $full_url is correct.
 * 0000084: Implement Optional Logging for ~MySQL.
 * 0000095: Add a Preview Button for Quick Replies.
 * 0000098: All NUL Bytes Should Be Filtered From User Input.

Bugs added in version 1.9.10 fixed in 1.9.11

 * 0000008: Newsletter E-Mails Are Corrupted.
 * 0000215: Uninitialized Variable in ~Memcp.php.
 * 0000109: User Access List problems.
 * 0000132: SQL File Upload May Cause Unexpected Errors.
 * 0000157: Invalid Argument Warning in cp.php.
 * 0000239: ~MySQL version mismatch during installation, while this is not true..
 * 0000105: Existing User With Restricted Address Can't Edit Profile.
 * 0000112: Off-By-One in Merge Reply Addition.
 * 0000211: goto=search Still Generates &page=1.
 * 0000075: Post error includes double header.
 * 0000087: Icons for profile, website, find and u2u in viewthread_post template should have titles in them.
 * 0000127: vtmisc.php Raises "Efficiency Notice" in Debug Mode.

Bugs added in version 1.9.9 fixed in 1.9.11

 * 0000090: Uninitialized array $sqlsrch in misc.php.
 * 0000125: $fids Not Initialized In stats.php.
 * 0000152: Registered Global $permsNew in cp.php.
 * 0000168: Uninitialized Variables in Userlist Checking.
 * 0000049: Remove DEBUG_ALL.
 * 0000119: Super Administrator Permissions Not Always Applied.
 * 0000124: forum.moderator Index Missing in Several Calls.

Bugs added in version 1.9.8 SP3 fixed in 1.9.11

 * 0000122: Installer Adds HTML to Censors Table.
 * 0000177: Smilies Don't Work With BBCode Off.
 * 0000277: New Usernames Need to be Trimmed.
 * 0000042: Literal \r\n in A.P. Template Selector.
 * 0000045: Typeo In 404 Header.
 * 0000108: Typeo in isValidFilename() Regex Pattern.
 * 0000071: $THEME variable missing from function error().

Legacy bugs fixed in 1.9.11

 * 0000011: Unable to Login on IIS Due to Cookie Problems.
 * 0000107: Undisclosed vulnerability in captcha.inc.php.
 * 0000009: socket_SMTP Injection Vulnerability.
 * 0000051: Forum Management Should Be Non-Destructive.
 * 0000096: Undisclosed vulnerability in BBCode.
 * 0000120: Function forum() is Incorrectly Parameterized..
 * 0000130: MIME Type Not DB-Safe in Attachment Inserts.
 * 0000212: Uninitialized Variable $firstpage in cp2.php.
 * 0000230: Unsanitized Input Paths in Who's Online.
 * 0000237: Uninitialized Variable $newtemplatename in cp2.php.
 * 0000254: Undisclosed vulnerability in header.php.
 * 0000010: Theme Import Broken by PHP Bug 45283.
 * 0000012: function Redirect() fails to halt script.
 * 0000013: SMTP Errors in Windows Caused by PHP Bug 45305.
 * 0000016: Add call to is_string() inside postedVar().
 * 0000024: Upgrade Utility Will Not Allow Valid TABLEPRE Config.
 * 0000025: Incomplete Validation of $tid in viewthread.php.
 * 0000052: Finish the i/o overhaul of cp.php?action=members.
 * 0000073: List BBCode insert deletes the message contents in Opera.
 * 0000076: Posts Orphaned by Incorrect WHERE Command in viewthread.
 * 0000094: Re-Write the Settings INSERT Query in cinst.php.
 * 0000118: Search Fails to Check ~Forums.Status Value.
 * 0000126: No Permissions Checking in memcp.php.
 * 0000141: Copy Thread Doesn't Increment Member Post Counts.
 * 0000142: Empty Thread Deletes all Attachments.
 * 0000149: ~I/O Failure in [size] BBCode.
 * 0000164: Email Address Validation Failure.
 * 0000194: Database tools.
 * 0000228: action=getip is supposed to be limited to admins.
 * 0000265: Moderator Permissions Escalation.
 * 0000007: Remove Extraneous GROUP BY From Queries.
 * 0000015: imghash not initialized in post.php.
 * 0000034: Long URLs Can Exceed Line Wrap Limit.
 * 0000035: $boardurl does nothing, should be removed.
 * 0000038: lastvisit not always recorded in members table.
 * 0000039: Banned Member Profile Inconsistencies.
 * 0000043: Fix Last Posts Uses Wrong Sort.
 * 0000046: U2U Subjects Have Many Spaces After Re:.
 * 0000050: viewthread should not rely on threads.replies.
 * 0000053: The URL "Double Slash Problem".
 * 0000057: Remove All page=1 Links.
 * 0000058: Malformed Location Headers.
 * 0000059: Filter out empty and dupe poll options.
 * 0000061: Cancelled BBCode Prints "null".
 * 0000067: action=printable URLs are not robot-exclusion compliant.
 * 0000072: forumdisplay should throw status 404 for bad links.
 * 0000089: Slashing is still broken in action=printable.
 * 0000093: Slashing Still Broken in Profile->Forum Most Active In.
 * 0000101: Vote Stuffing Check Isn't Working.
 * 0000114: Board Status Effect Should Be More Restrictive.
 * 0000131: Query Output is Not HTML-Safe in Debug Mode.
 * 0000138: Quick Jump Should Not Be Seen if Index Perms Denied.
 * 0000148: Orphaned Polls.
 * 0000154: Redirected tids Use Invalid URL.
 * 0000155: Report Post Doesn't Check Email Alert Settings.
 * 0000167: Captcha settings should be disabled in debug mode.
 * 0000179: action=online call to multi() is hosed.
 * 0000186: Member List Multi Page Broken.
 * 0000197: Group and Forum Views Should Include Name in Title.
 * 0000199: Annonymous Login is not sticky.
 * 0000210: Date Format Has No Default Value.
 * 0000220: Default Theme Isn't Used if User's Theme is Missing.
 * 0000226: Password Reset Should Not Be Allowed On Banned Accounts.
 * 0000242: Invalid Use of fetch_array() in member.php?action=profile.
 * 0000245: Unhandled Input: Prune all posts in topicadmin.php.
 * 0000250: Remove Destructive Theme Writes From Primary Upgrade Script.
 * 0000252: Links in reported post messages have wrong format..
 * 0000264: XMB Forum User Impersonation - 2006-04-15.
 * 0000270: ROOT Should Not Appear in forumJump().
 * 0000271: Typo with the Email BBCode button.
 * 0000282: Unable to Attach Files on IIS.
 * 0000070: Search method should be GET.
 * 0000115: Member List Uses Wrong Default Sort.
 * 0000162: E-mail Privacy Default.
 * 0000178: Align BBCode Breaks When Empty.
 * 0000191: Duplicate Who's Online Entries.
 * 0000203: Template Leading Whitespace is Inconsistent.
 * 0000227: Unused $online Array Indexes Should Be Unset in misc.php.
 * 0000232: Firefox BBcode Causes Linefeeds to Disappear.
 * 0000256: PHP Notice Thrown by Invalid Registration.
 * 0000274: Last Login Date Incorrect in Editprofile.
 * 0000280: fixUrl() eats leading '(' char.
 * 0000020: Users See Blank Notice When Board=Off.
 * 0000022: Missing Translation, $lang[addressupdate].
 * 0000079: editprofile doesn't display username.
 * 0000110: Forum Admin Link Displayed to Non-Admins.
 * 0000159: Hyperlink BBCode Nonsense.
 * 0000234: today.php lastpost column doesn't match other areas.
 * 0000033: message() calls nav() when header is false.
 * 0000047: Wrong bgcolor used for quick reply captcha.
 * 0000078: Remove "postsubject" from the post_edit template.
 * 0000080: O.O.O. in Avatar Checking.
 * 0000121: Unused globals in function postify().
 * 0000161: member.php comment grammar.
 * 0000251: Strange Params for postify() in topicadmin.php?action=split.

XMB 1.9.10

Released on 9 June 2008.

 * ~MySQL Version requirement raised to 4.0.16.
 * CVE-2004-1862 Closed.
 * New forum permissions system.
 * New flow of control in post.php mitigates lost input.
 * Added Avatars to U2U messages.
 * Added Client-side avatar dimension checking.
 * Added ~Config.php corruption checking.
 * Added Forum group name to navigation "Breadcrumbs".
 * Added More Smilies Pop-up Links.
 * Added PID links from Search to viewthread.
 * Added U2U links to the Address Book.
 * Better Forum management page.
 * Better Magic-quote handling.
 * Better Unicode support within message bodies.
 * Fixed Avatar dimension checking on servers with allow_url_fopen = false.
 * Changed the Merge Threads dialog.
 * Fixed All LIKE and REGEXP query encoding.
 * Fixed Avatar List option.
 * Fixed Banned Members Cannot Logout.
 * Fixed Broken links to profiles.
 * Fixed Captcha contrast with theme colors.
 * Fixed Delete Posts in the admin panel member search.
 * Fixed Feature - Fix Last Posts - Very Slow.
 * Fixed ~I/O problems in the settings page.
 * Fixed Many problems in topicadmin.php
 * Fixed Moods Not Parsed Correctly.
 * Fixed Octet limitation in IP Banning.
 * Fixed Prune feature in admin panel.
 * Fixed Syntax bugs in CP Search.
 * Fixed Theme Creation Bug.
 * Fixed U2U Folder bugs.
 * Fixed Upgrade failures caused by inadequate index logic.
 * Fixed Verify email address links.
 * Moved 'Report post' and 'vote' features from topicadmin to new vtmisc.php file.
 * Removed $threadSubject from header.php.
 * Removed Extra queries from updateforumcount().
 * Removed Usernames from javascript Popup() calls.
 * Restored U2U multi-recipient buddy list feature.
 * Spell Check now consumes apostrophes and rejects digits.
 * Updated and corrected the server version checks.

XMB 1.9.9

Released on 26 March 2008.
Recalled on 19 April 2008 after a staff change at XMB.

XMB 1.9.8 SP3

Released on 9 May 2008

PHP Requirement raised to 4.3.0
CVE-2005-2574 Closed.
CVE-2006-1748 Closed.
CVE-2007-0519 Closed.
Fixed Avatar URLs with "&" or "php" never saved.
Fixed BB Code parsing inside [code] tags.
Fixed Can't delete attachments using Control Panel.
Fixed Captchaimages database table grows out of control.
Fixed Censors don't work if the same word is typed repeatedly.
Fixed color captcha when no background image used.
Fixed Control Panel won't save apostrophes in website title.
Fixed Full text profile search doesn't work.
Fixed Login after password-reset.
Fixed Logout doesn't work on password-protected forums.
Fixed Passwords with leading or trailing whitespace don't always work.
Fixed Rename attachment doesn't work.
Fixed search for posts in a specific forum.
Fixed Spaces in attachment filenames change to underscores.
Fixed random password generator array subscript overflow.
Fixed Status code was 200 when transmitting "forum not found" errors.
Fixed ~Top/Untop causes SQL error if no threads are selected.
Fixed User profiles show character entities like "&"
Fixed Usernames containing "&" cause broken links and tools.

XMB 1.9.8 SP2

Released on 31 December 2007

Fixed Can't see more than 2 pages of search results.
Fixed Deleting all but one smilie in the smilies manager causes error.
Fixed Invalid EHLO command in SMTP mailer.
Fixed Page int parameter sometimes incorrect in viewthread.php.

XMB 1.9.8 SP1

Released on 16 December 2007

[Fix] Poll Options Bug
[Cosmetic] Template improvements
[Feature] Forum quick jump status control in settings
[Feature] Registration form optional fields status control in settings
[Feature] Quick reply status control in settings
[Feature] Index Stats bar status control in settings
[Feature] Hide accounts that have not yet logged in on index and member list
[Feature] Option to search for accounts that have not logged in yet via admin panel in members settings option
[Fix] Addressed insertion issues with IE6 browser - Thanks to whinpo
[Fix] Addressed sub forum privacy bug from shwoing in several areas of the software.
[Cosmetic/Feature] Added who's online today back on index and removed redundant one in misc.php

XMB 1.9.8

Released on 7 December 2007

New poll system Sub-Forums on index Forum quick jump Optimized search facility Validation routines Mass moderation CAPTCHA integration ~MySQL 5 compatibility Cosmetic Improvements New administration tools

XMB 1.9.7

This version was not released.

XMB 1.9.6

This version was not released.

XMB 1.9.5

Released on 7 March 2006

Fixed several security vulnerabilities. Improved URL-matching regular expression as per RFC's. Fixed ongoing charset bug. Fixed new birthday code selection drop downs. Made hover (mouseover) for category links consistent for IE and Mozilla. Instated 32 maximum character restriction for usernames.

XMB 1.9.4

Released on 1 March 2006

Added better security to the [size][/size] pattern Added new birthday-date format (ISO 8601 compatible) Added optional (easier) debugging Added post_edit_attachment to the template-preload-queue Added printsetting4() for textarea's and converted existing ones to use it Added SMTP-logging when DEBUG=true Added limit for usernames, making them have min. 3 chars Check for a 250 response on QUIT using socket_SMTP, according to the RFC this is required, and if missed could lead to odd behaviour Date format fixes Fixed '.' characters in URLs breaking links Fixed CSS template to be loaded in error() Fixed default time format not used during registration Fixed HTML not properly being escaped in custom-status field Fixed Moderator can still delete posts via thread-prune when allowrankedit=On Fixed newsletters showing weird chars Fixed no categories (and forums belonging to them) are shown in search to members and guests Fixed 'no subject'-error may be shown on delete-post. Fixed Read folders turning back to unread folders after 10 min Fixed slashes stripped from threadtitles too often Fixed slashes stripped from message/subject on newthread Fixed 2 typos in error() Fixed 2 uninitialized vars Fixed Anonymous poster inherits Rank avatar from previous poster Fixed banned users are still recieving subscription-emails Fixed edit attachment > replace with [new attachment] doesn't work Fixed password-protected forums showing in forums-select-lists Fixed bug where "xmb_" was used instead of $table_ Fixed bug where email-input (message and headers) was not normalized correctly Fixed bug where thread-redirect (created using Move Thread > Leave Redirect) was not removed when original thread was deleted. Fixed bug with tableheader showing at the top when there were no cat-less forums shown and 'show at top only' was not turned on. Fixed checking for text/html mimetype in attachments to be case-insensitive Fixed E_NOTICE on $attachfile Fixed flash-avatars not displaying correctly Fixed forum names containing quotes Fixed IP banning Fixed miscasting of array/string in altMail() with socket_SMTP Fixed SQL errors when no fid's are restricted. Fixed page totalling for subscriptions. Fixed password-protected forums show in `Forum most active in` Fixed possible tid injection Fixed security issue with being able to delete your current account and top level super administrator Fixed slashes in post-preview. Fixed subject-in-title showing thread-subject on template-edit Fixed U2U folder highlight Fixed XSS injection exploit by unsanitized input. Fixed date format validation during registration/profile-update Fixed theme-default set to instead of 0 Fixed To header usually missing in the mail-headers Fixed various HTML-validation errors Fixed 'send u2u to email' showing raw HTML output Altered theme code to produce a 20x speed increase Access to password-protected forums is now automatically cleared at (explicit) logout Better password-protected forum support in search Better support for password-protected forums Changed LEFT JOINs to STRAIGHT JOINs to improve query-speed Changed login to use putCookie() Cleaned up initialization of $indexBar/$indexBarTop vars Cleaned up theme-download code Decreased memory usage, thus increasing efficiency on hosts with little memory (set for mysql) Fixed various E_NOTICE level errors Enhanced Edit button Got rid of xmb_forums JOINs in most stats-queries, thus improving loadingtimes Improved viewthread validation procedures. Lowered default maximum attachment size for smaller boards. (1MB -> 250 KB) A lot of ~MySQL 5.0 compatibility fixes Switched from delete3=3 style to delete[3]=true style in ipban Updated stats to show as efficiently as possible for super admins Updated $restrict to be more efficient Updated censor() regexp to catch more words Updated smilieinsert() to correctly create a table with smileys Rewrote part of the socket_SMTP class to correctly talk with the SMTP server; thus fixing many previous issues with it Removed $lang['copyright'] (same in all languages; always) and moved it to header.php Removed duplicate (unused) code Removed noaccess() function as it's no longer in use

XMB 1.9.3

Released on 6 November 2005

(re-)fixed class="tablerow" missing in faq_misc_rankrow template Added a newline between the "no subject found" and the actual post-screen when an error is found Added better $restrict regexp (which now also allows \n and \r as a separator) Added error when given fid AND tid are incorrect (non-existent) Added fix to censor thread subjects in the Who's Online. Added footer_* templates to automatically preload (aswell) Added non-preloaded templates to preload queue Added temporary unicode-entities fix Cleaned up subforums code and fixed code so that the table header for subforums only shows when neccessary (Thanks Stu! (tid=755422)) Encoded moderator usernames for RFC member profile URLS Fixed 'no categories (and forums belonging to them) are shown in search to members and guests' Fixed various E_NOTICE notices Fixed `$self[dateformat] and $self[timecode] undefined` [tid=755518] Fixed `delete on reply does not delete message` Fixed `no quote is added when quoting` Fixed `no slashes in preview` Fixed `original U2Us being deleted despite "reply & delete" not being selected` [tid=755080] Fixed bbcode for Safari Browsers Fixed bbcode-security-hole Fixed `board logo not showing in view printable` (threads and u2us). Fixed bug where email sent had the subject as the message, and no actual message in it at all Fixed bug where setting the default timezone didn't work correctly Fixed bug with an E_WARNING being sent when using altMail() in safe_mode Fixed bug with tableheader showing at the top when there were no cat-less forums shown and 'show at top only' was not turned on. [tid=755551] Fixed bug with tableheader showing in categories [tid=755551] Fixed division-by-zero in member > profile Fixed email-bbcode button not working in normal mode Fixed error when deleting U2U's from Trash folder Fixed missing apostrophe which caused errors editing forums when debug was on. Fixed page issues when ppp was less than 5 (Missing validatePpp()) Fixed security issue that showed subjects of threads you were not authorized to view in title bar. [tid=755557] Fixed undefined variables when viewing printable U2U's by adding them to the globals line. Fixed various XHTML 1.0 non-comformational bugs [tid=755581] Fixed various minor issues Fixed warning when viewing non-existent forum changed file_exists checks to use the ROOT constant got rid of notices implemented shortenString() made various regexps quicker preloaded all templates that require it removed ?> to prevent headers-already-sent-warnings due to whitespaces; according to php.net this will still work. updated $restrict switches to work generally better updated versioning

XMB 1.9.2

Released on 20 September 2005

added checks for '.' and '..' in avatarlist options. This stops '.' and '..' from being chosen as valid avatars (they're not files!) added "prune normal posts" to thread pruning added "reply and delete" feature to u2u added "reset usesig on sig-change" added "show thread subject in title" added "threads marked as read" code added $footerads added (missing) put_cookie constants added automatic preloading of header,css,error and footer templates added Czech lang file added check for '.swf' extension in flash-avatars added check for magic_quotes_runtime, so XMB won't break when it's turn On (in most cases) added DEBUG-flag shows in page-title added dropIfExists option to `Database Backup`s create_table() function (is automatically turned On in this feature) added Serbian lang file added XHTML valid flash (X)HMTL added alternative SMTP-mail-handling added browser-sniffing code added browser-specific bbcode JS added checks for htmlentities_decode() and htmlspecialchars_decode() added default full_url based on system used to installer added default icon for threads that have none added default timezone added e-coupons ads added full_url checker to installer added ignore max avatar size on flash movies added indexBar added missing templates to preload() added (new) mozilla-specific bbcode added protection to delete user and delete posts links with JS added support for optional theme-specific theme.css file added u2u flood protection fixed "attachment isn't copied when using copy thread" fixed "avatars are mistakenly interpreted as flash due to commas in the filename" fixed "categories stacking in 'specific forum' select, in search" fixed "database not found error is not fatal" fixed "empty categories showing" fixed "fixLastposts() doesn't update xmb_threads table" fixed "installer never removes /install/ dir" fixed "invalid size for [size] bbcode causes Parse Error" fixed "language files not ordered (alphabeticaly)" fixed "max avatar size is flawed with flash movies"-bug fixed "most active forum also shows categories" fixed "no ROOT (contant) support in language-selection" fixed "poll options contain empty bar on the right" fixed "quickreply bulging out" ""fixed "regexp error in todays posts when usernames contain '*', '.' or '%'"" fixed "rename user does not rename moderators in the moderator section" fixed "threads can be moved to forums that are off" fixed "view as printable - doesn't show proper time and date" fixed "view as printable - dumps everything on one line" fixed updatethreadcount() lastposts issue fixed various `rename user`-bugs fixed various XHTML validity issues removed bbcodefns.js updated wording of $lang['disclaimer'] to reflect the fact that it's NOT fixed (yet) updated the way the disclaimer is shown (via JS popup)

XMB 1.9.1

Released in October 2004

XMB 1.8

Released in 2003 "PID" issue fixed PHP 4.2.0, 4.2.1, 4.2.2 + Issues Corrected Whos Online ,,,,, Issue Corrected U2U Subject Slashes Fixed Whos Online IP Improved Whos Online Logging Improved HTML in names vunerability corrected ~HTML/Java within signatures fixed vunerability fixed Todays Posts SQL Queries Cut From 120+ to 15 U2U Letter Icon on receipt of new message / later removed "Search" option added into editprofile template Several other account details added into members control panel Language file updates, spelling/grammar corrected Members sql table settings changed which caused registration errors for boards over 5,000 members or so. New Post icon/link added into index.php for easy/fast access for forum staff, members and visitors. Attachments Vunerability Fixed ~Bump/Delete Thread icons added for administrators/super moderators in thread index ~Top/Untop icons added for administrators/super moderators in thread index Added Yahoo Support Minor Stats-bug fixed Better support for IM-services Experimental Support for ms-sql added Removed redundant text from u2u-messenger and CP Added more text for errors in the CP "Black" box/table fault corrected in search results template URL Parsing Issue Fixed Posting without typing anything in both the message AND the subject of posts is not possible anymore Cut down on a total of 59 queries Control Panel "Tools" now blend in with the overall board theme instead of a white page. "Last 50 users online" added into index.php for large communities its set to list online 50 misc.php?action=onlinetoday will show *all* users who have been online within the past 24hr period. Administrators can now clear all u2us from the system, this includes all members, admins, mods & super mods. Administration Control Panel login gateway added, instead of "not authorized" member must login & have admin status. Smilies added into "preview post" Topic ~Admin/Admin Control - > Move "Move" is selected instead of "Leave redirect" to save forum "mess" Bump Icons REMOVED from forumdisplay - not useful enough "Hammer" added into forum display, links to admintools for that topic (forum display now has top/untop/delete/hammer) "Register" button now added into index_welcome_guest - as users reported the the link was previously hard to find. "Feature Not Available" alerts added when mem list/faq/search is turned off... 1 Query Per ~Post/Reply/Message removed from viewthread (100 posts = 100 queries less etc) Minor updates made to cp, cp2 and tools, control panel slightly modified Registration rules template has been corrected, spacing was off, and the rules now have a proper header/text Coppa template modified, button and spacing corrected. Icon added top left on forumdisplay - only visible to administrators - links directly into the cp edit forumsettings Modification to the language files "Who Can Post?" Administrators/Moderators made bold to stand out New template added for incorrect username/password login instead of white page "Password Incorrect" U2Us can be sent to multiple users, to send use "Name1, Name2, Name3, Name4, Name5" etc 4/5 Version strings added so they can be used in footers/page titles - available in long, short, basic, build, company Multiple U2Us -> Unknown User Error Corrected "Version Check" and "Agreement" added into the installation process. Super Administrators can now view users u2u inboxes. To use go into admin cp/members - after search "View Inbox" Administrators cannot send messages from users or use features such as ignore, this could lead to abuse/privacy issues. Fix Forum Themes added into tools.php, some forum themes get set to "name" and cause problems. This query will reset all forum themes named "name" to the default board them Who's Online tables on index.php now reflect category backgrounds and not just colour. Who's Online Key Text Added Whos Online Super Moderators now italic and bold, there was not enough visible difference Viewing Members Profile - Layout changed and headers now reflect category imags and not just colour Who's Online displays the forum name/what they are doing instead of a URL for more information Members List - ~Links/Button layout changed slightly at the bottom Members List - ~Status/UserID column added for more information on members Forumdisplay template modification, 2 blank tables appear when there are no posts in a forum Super Administrators added, only super admins can read users u2u messages, will be used in future Super Administrators are invisible from whos online Members Profile, If yahoo name is listed links to yahoo profile Members Profile, If msn name is listed links to msn members profile Members Profile, If icq name is listed links to icq profile News ticker added into the settings area of the control panel News ticker can be turned on/off News ticker delay added Control Panel System Updated with design/layout/features Member Registration, tables moved appart and category code added into table headers (so images in headers) Search feature added into the control panel, board staff can search for IPs, posts with censored words etc Whos online, view inbox icon added Fixed 'impossibility to login to a protected forum by using last post' and directly via URL and not category URL check added, invalid strings which are used to overload apache have been blocked Password can only be requested once every 24hrs Users can only register once every 24hrs Registration off template added When registration was off, members could still register, this has been corrected Javascript in avatar url vunerability corrected Post icon vunerability corrected Javascript poll vunterability corrected Logged in members cannot register a new name while logged in, you must be logged out Admins/Mods/Super Mods can still register wile connected Private forum vunerability corrected Spoof usernames vunterability corrected Registration is set to one per day per IP address Navigation Symbol Format Corrected Javascript URL vunerability corrected] Clear cookies ability added View poll results added - no longer have to be logged in or have voted to view Admins cannot make themselves s'admins Super admins completed, permissions etc. Upgrade in the control panel is only available to super administrators Last post feature updated Removed double queries and checks from header.php Templates updated Stats error corrected - when no posts were present it would generate a serve error this has been replaced with our error alerting the user there are no posts to generate stats. Feature Stats open brackets corrected in templates Time format changed (back) Header and footer is now displayed with every error time is displayed correctly when script is terminated early. JS-vulnerabilities fixed memberlist can now be turned on/off (again) bboff-reason will now be stored (again) ~DateFormat can now be changed (again) Cut a query in header.php Cut a query in memcp.php 2 missing templates added Processed time is now calculated using a special function.

XMB 1.6 v2c

"PID" issue fixed PHP 4.2.0+ Issues Corrected Whos Online Issue Corrected

XMB 1.6 v2b

Coppa Button replaced HTML/Smilie Function Fixed Forum password now saved Extra Spaces in search fixed Installation screen image changed On release date samspade.org which is used for traces etc is offline if the site does not come back you may wish to use another site such as network-tools.com or geektools.com simply change the url in the templates. Header/control panel security hole fixed

XMB 1.6

Index logs, log IP/xmbusername/hostname/referral/browser information added into control panel Index log clears after 300KB of data or around 2500 logs. Administrators can now choose to ban users from accessing the forum, sending U2Us, posting or all 3. Administrators can now edit users profiles, view signup IP, current IP, user ID/number/posts etc When a post is closed, if it has a poll, the poll is also closed. Whos Online - IPs are displayed in the format of "WTAL 123.123.45.6"

 W = Perform Whois
 T = Perform Tracert
 A = Perform All Tasks (whois, tracert, dns lookup, ping)
 L = Lookup
 M = Map

Multi Page Todays Posts & Forum Stats Added Language Files Updated Viewthread, shows whether the author is offline or online U2Us, you can now see which messages you have read/unread. You can also see the status of your sent messages, to see if the person has read them. ""Header.php, FAQ.php, Today.php, Config.php security holes fixed."" Javascript Alert bug fixed within bb img code fixed Viewing private forums/edit hole fixed Email Newsletter, emails are now received from "board name " instead of from email Administrators can now send newsletters to members, admins, mods, supper mods or all team members. U2U Newsletter Bug fixed New installer and full documentation in Word format (.doc) and text format (.txt). Whos online admin/mod/smod appearance changed. Restriction Manager, admins can ban user names or email addresses. Ability to choose whether users use a preset list of avatars or their own urls. Drop down time zone instead of input box Link on user profiles / only visible to admins User Moods added, users can change their mood in their member control panel Users mood from profile is added into viewthread under each post they make Admins can see how many users are using a certain theme. Turn stats, todays post off via control panel. BBCode - Marquee, Strikethrough, Blink Added MSN icon added in viewpost if the author has msn details in their profile

XMB 1.5

Released on 22 February 2002

All security bugs fixed Removed several installation bugs Added ~Icq/Aim/Yahoo support Fixed u2u problems All forum leaders are listed on member list page Custom titles on/off through cp, member can set his title through the member cp Cleaned out themes --> faster Cleaned comments and useless lines out of the php files --> faster Removed some HTML with Java (in Templates) Working BBCode Some updated lang files Better read-me Fixed problems with slashes Fixed like 20 other things, i dont remember them anymore...

XMB 1.5 Beta 1

Fixed some minor and major bugs

XMB 1.5 RC5.1

Fixed a possible problem with zip file attachments. Fixed some problems with polls. Fixed signature bugs. Fixed some tempalte bugs. Made the codebuttons.js a tempalte, and added lang file support to it. Fixed the Guest Time, problem. So it just says 'never' Fixed sub forum ordering. Fixed the calculations done for the percent of posts a member has. Dot folders can not be turnd of properly. BBCode now isnerts where your cursor last was in posts.(Smilies in final) Merging threads now removes one thread from the forums count. ""Removed [img=http://www.xmbforum.com]http://forums.xmbforum.com/xmb/images/xp/logo1.jpg[/img] … Deemed useless/caused bug."" Fixed pruning.

XMB 1.50 RC5

Anonymous Posting Fixed (Thanks to Javaman for this fix) Attachments (Thanks to Javaman for this fix) Forum Multipaging (Thanks to ~BelleAngeli for this fix) Limited Searches to last 30 results. Fixed the install script a bit. Fixed the CP problem with the templates. CP problem some would have after installing Denis' link color hack. Outbox now works properly. Report post Column Count bug fixed. Turned off auto selection of notify. (Not a bug persai, but fixed) Took care of some other template bugs. Favorites fixed in the User CP. Fixed the Move w/Redirection Column count error. Removed the 'go' button from moderator options. Fxed the bug that let moderators 'auto-top' whether they were a mod in that forum or not. Included several lang.php files. Fixed BBCode problems when multiple XMB Forum Code's were used. ""Added [img=http://www.xmbforum.com]http://forums.xmbforum.com/xmb/images/xp/logo1.jpg[/img] to allow linked images properly."" Query reductions on viewthread.php(Thanks to Aharon) Made the signature tempalte based (The division) Last post fixed on viewthread.php(Thanks to ~SurfiChris) Some redirection and other changes to u2u.php (teckel)

XMB 1.50 RC4

Theme importer/exporter Ability to turn off edited by messages Category Text colors Show threads from the past 30 days by default Better [url=] code 'dot' Folders Better attachments system, including download count Redirect to post after posting Lastpost icons on index and forumdisplay Option to view attached images inline New Code Buttons

XMB 1.50 RC3

Added code and list buttons in automatic bb code inserter Cleaned up FAQ, added some tags to the bb code section Fixed small member editing bug (wj) You can now add subjects for replies if you wish Fixed some modcheck() errors (wj) Fixed some small quote bugs Fixed private forum bug on forumdisplay Fixed bug where it let topics with just spaces as the whole subject be posted Split/Merge Topics Removed Forum Jump (boooo!) Option to turn auto bb code inserter and auto smiley inserter on/off XMB is now under the BSD license Cleaned up the auto smiley inserter table Valid e-mail address required Whos online list now alphabetized You can now make the background an image instead of a color Polls Option use drop down list of avatars (upload to /avatars)or Avatar URL Fixed security issue with cp2.php (thanks kinyo!) User CP (Thanks surfi!) Including Favorites and Subscriptions (email notification) Option to not allow the same e-mail registered more than once Small bug with deleting posts (kinyo!) Plugin System U2U is now completely secure (thanks again kinyo!) File attachments Database wrapper (no more mysql_query, its now $db->query) Template Support (thanks surfi) General Code Cleaning (surfi) Image Directory and Smilie Directories per theme (surfi for smilie directory) Moved: and Poll: prefixes applied to moved threads and threads that contain polls (surfi) Option to chose how many smilies and columns you want for the smilie inserter (surfi) Forum Passwords (surfi) New readme and config.php instructions (thanks bc!)

XMB 1.11d

Added the [edited on "date" by "username"], that i forgot to add back in 1.11c.

XMB 1.11

Huge bug fixes for the unix time stamp 1billion bug Bug fixes from 1.05 release

XMB 1.05

If announcements are off, they don't show up in forum jump Fixed multiple bugs with navigation and turning sections off Option to turn off stats on index in CP You can edit your post icon now when editing a post You can now send a newsletter via U2U. Whos online displays IPs to Admins and is now sorted by time Option to disable report post feature Fixed bug that prevented modification of post icons in CP Option to disable processing time below copyright in CP Fixed the time/date formatting on post review (when replying) Added some new things to stats Option to top topic right from post form if you are Admin, Super Mod, or Mod Fixed small bug with multiple pages on viewthread Search now searches subject too instead of just messages on topics New option in search to search topics, replies, or both If categories only on index is on, category is displayed in navigation now GMT time instead of server time Fixed small display order bug Fixed user access list bug New ~Topic/Reply links are smaller now Stats doesnt show topics from private forums that user doesnt have access to Fixed a bug with No Reg Required option and blank usernames Cleaned up forum jump, added sub forums and categories Fixed minor bug regarding posting in non existant forums Cleaned up the move topic drop down menu as well Moving topics from sub forums to forums finally work

XMB 1.0

Automatic smilie inserter is back! LOTS of small bug fixes that I was too lazy to document Delete forum in More Options... page ~Time/Date Format options in CP and profile U2U icon isnt displayed when U2Us are off on viewthread.php Stats Did a lot of tidying up around the layout, more organized make prune subtract from forum total posts/topics Preview Post is now perfect Search memberlist feature Fixed links (some links only show when you're logged in, some when your logged out) All members option in CP taken out, added Search by status Improved multipage links (coder) You can resize images via bb code Fonts, images, and font sizes can be edited via themes section in CP now Fixed up topicadmin messages Avatars per rank Changed all "blob" columns over to "text" (no binary data involved, no need for "blob") Fixed themes per forum bug Took out favorites list (to be re-written later) Forums with new posts now show it on forumdisplay (completely fixed new post image thingies) Sub forums are back baby! Email Notification! Many more small feature additions/bug fixes/code cleanings that I'm too lazy to document Took out thread ratings Unlimited moderators

XMB 1.0 Beta 3

Fixed bug with tpp and ppp for profile Started using indexes in ~MySQL Dropped category table, categories now uses forums table and is completely OPTIONAL ~UsErNaMe ~CaSe bug is all fixed no Search link below each users profile is now actually a link Change password bug fixes BB Code is now FLAWLESS thanks to mysticflash! Better Netscape compatibility Now takes out all spaces before and after a username Increased U2U security U2U outbox Multi page fix on forumdisplay Who's online record No cache page headers U2U not available to users not logged in Avatars are toggleable in cp Changed all times to 24 hour format Fixed navigation on post.php and topicadmin.php Report Post feature added Fixed smileys in numerous places Gzip Compression options Scrapped prune option, it didn't work New bb code options Turn forum/forum group on and off New bb code/smiley parsing technique Many other small bugs fixed

XMB 1.0 Beta 2

Fixed bug with U2U on thread starters in viewthread Count optimization on index and forumdisplay Text mode Fixed bug with slashes on print thread Icons are centered in forumdisplay Fixed slash bug on favorites Fixed slash bug on rules and bboffreason Fixed multiple bugs with quoting Fixed member list Cleaned up the HTML for the member list Fixed favorite threads Site Name and URL fields in settings, header has link back to site. Fixed slashes bug on topic review when replyiing Link to last post on index.php Fixed bug with reply with quote on private forums when not authorized Took out URL tags, board automatically tags URLs now Re-designed sub-forums

XMB 1.0 Beta 1

Private sub forums Color preview of what current color is in CP Link to edit profile for member in CP Folder icons for sub-forums Made online page (link is the "Who's Online" in index.php) Added the buddy list and U2U links to pages on misc.php Move topics from forum to sub-forum and vice-versa Re-formatted changelog again. You can no longer enter a blank password Fixed bug for making new themes Fixed multiple bugs in U2U and Buddy List Fixed bug with username ~CaSe Turn U2U on or off Prune posts (and delete all topics by username) Fixed bug with location in profile Username is linked in announcements Table width in themes You can now specify a list of users with access to a forum Fixed a bug with censoring Now traces IP on registration Fixed a bug involving the member list and passwords Cleaned up some HTML in header.html Stripped slashes from subject title in viewthread.php New Topic, Reply can no be either text or images. When you delete a forum, all posts and topics are now deleted too. You can toggle Search, FAQ, and Member List on and off You can toggle the board logo now Fixed a bug with "reply with quote" on closed topics Favorite threads! You can now turn post icons on or off in control panel Fixed "Last active" bug on misc.php Option to post out of sub forums Greatly optimized viewthread.php Fixed multipage bug in forumdisplay.php Fixed private forum bug in viewthread.php Fixed "The topic you have chosen..." bug Fixed bug for replying with quote to messages with ' or " Topics with multiple pages now have multi page thing in forumdisplay Shows a summary of topic below the posting form when replying Smileys now sort in rows when posting (thanks xarph) Smileys in FAQ now in a neat little box (again, thanks xarph!) Re-formatted changelog (it looks pretty now) Fixed fairly big U2U bug (won't go into specifics) Combined 5 queries into one in header.inc (should be blazing now on large sites) Fixed bug when editing profiles (postify function bug) Took out karma, you can ban people by username and its much more efficient (sorry bond). You can't post in non existant forums/sub forums anymore, nor can you reply to non existant threads Fixed forum jump so hidden private forums are now actually hidden. Many bug fixes (didn't keep track, sorry) Toggle sort options in forumdisplay.php ~Topics/Posts per page in profile Avatar URL Show categories only in index.php option Hide private forums from non-authorized users Search members in CP Cookie path no longer in effect Dropped xmb_settings, its now in a text file Newsletter option (email all members) Dropped multiple queries throughout the script Anonymous posting options Banning by username