diff -urN punbb-1.2.22/upload/include/common.php punbb-1.2.23/upload/include/common.php --- punbb-1.2.22/upload/include/common.php 2008-10-23 07:49:10.000000000 +0000 +++ punbb-1.2.23/upload/include/common.php 2010-04-08 11:51:25.000000000 +0000 @@ -55,7 +55,8 @@ error_reporting(E_ALL ^ E_NOTICE); // Turn off magic_quotes_runtime -set_magic_quotes_runtime(0); +if (get_magic_quotes_runtime()) + set_magic_quotes_runtime(0); // Strip slashes from GET/POST/COOKIE (if magic_quotes_gpc is enabled) if (get_magic_quotes_gpc()) diff -urN punbb-1.2.22/upload/include/functions.php punbb-1.2.23/upload/include/functions.php --- punbb-1.2.22/upload/include/functions.php 2008-10-23 07:49:10.000000000 +0000 +++ punbb-1.2.23/upload/include/functions.php 2010-08-11 12:16:59.000000000 +0000 @@ -36,8 +36,8 @@ $cookie = array('user_id' => 1, 'password_hash' => 'Guest'); // If a cookie is set, we get the user_id and password hash from it - if (isset($_COOKIE[$cookie_name])) - list($cookie['user_id'], $cookie['password_hash']) = @unserialize($_COOKIE[$cookie_name]); + if (isset($_COOKIE[$cookie_name]) && preg_match('/a:2:{i:0;s:\d+:"(\d+)";i:1;s:\d+:"([0-9a-f]+)";}/', $_COOKIE[$cookie_name], $matches)) + list(, $cookie['user_id'], $cookie['password_hash']) = $matches; if ($cookie['user_id'] > 1) { @@ -368,7 +368,7 @@ { list($last_post, $last_post_id, $last_poster) = $db->fetch_row($result); - $db->query('UPDATE '.$db->prefix.'forums SET num_topics='.$num_topics.', num_posts='.$num_posts.', last_post='.$last_post.', last_post_id='.$last_post_id.', last_poster=\''.$db->escape($last_poster).'\' WHERE id='.$forum_id) or error('Unable to update last_post/last_post_id/last_poster', __FILE__, __LINE__, $db->error()); + $db->query('UPDATE '.$db->prefix.'forums SET num_topics='.$num_topics.', num_posts='.$num_posts.', last_post='.$last_post.', last_post_id='.$last_post_id.', last_poster=\''.$db->escape($last_poster).'\' WHERE id='.$forum_id) or error('Unable to update last_post/last_post_id/last_poster', __FILE__, __LINE__, $db->error()); } else // There are no topics $db->query('UPDATE '.$db->prefix.'forums SET num_topics='.$num_topics.', num_posts='.$num_posts.', last_post=NULL, last_post_id=NULL, last_poster=NULL WHERE id='.$forum_id) or error('Unable to update last_post/last_post_id/last_poster', __FILE__, __LINE__, $db->error()); diff -urN punbb-1.2.22/upload/install.php punbb-1.2.23/upload/install.php --- punbb-1.2.22/upload/install.php 2009-09-02 05:35:11.000000000 +0000 +++ punbb-1.2.23/upload/install.php 2010-08-11 12:25:09.000000000 +0000 @@ -24,7 +24,7 @@ // The PunBB version this script installs -$punbb_version = '1.2.22'; +$punbb_version = '1.2.23'; define('PUN_ROOT', './'); 金沙国际娱城平台