Download Phpbb 3.0.2

Last Thursday version 3.0.2 of Phpbb was released. With this program it is possible to create a forum where visitors can discuss with each other. PHPBB is made available under the GPL license and uses PHP and a database program to store messages. In addition to Mysql, Postgresql, Oracle, Firebird and Sqlite are also supported as database software. Version 3.0.2 contains a large number of improvements that should improve stability and performance and fix several minor bugs. In addition, a security issue has also been fixed. Below is an overview of the most important changes since version 3.0.1:

Fixed:

• Ability to set permissions on non-mysql dbms (Bug #24955)
• Fixed blank style on setups having no username defined within config.php (Bug #25065)
• Made the compress_tar class tolerate archives that do not properly have their archived contents listed (Bug #14429 / thanks to JRSweets for his patch)
• Moved topics should not count towards the number of topics in a forum (Bug #14648 / thanks to Schumi for his patch)
• Properly check for invalid characters in MySQL DB prefixes during install (Bug #18775)
• Bring the PostgreSQL backup system back to working order (Bug #22385)
• Update correct theme for cached styles in style.php (Bug #25805)
• Correctly determine safe mode for temp file creation in functions_upload.php (Bug #23525)
• Correctly sort by rank in memberlist (Bug #24435)
• Purge cache after database restore (Bug #24245)
• Correctly display subforum read/unread icons from RTL in FF3, Konqueror and Safari3+. (thanks arod-1 for the fix, related to Bug #14830)
• Added missing form token in acp (thanks NBBN).
• Do not remove whitespace in front of url containing the boards url and no relative path appended (Bug #27355)
• reset forum notifications in viewtopic (Bug #28025)
• corrected link for searching post author’s other posts (Bug #26455)
• HTTP Authentication supports UTF-8 usernames now (Bug #21135)
• Topic searches by author no longer return invalid results (Bug #11777)
• Delete drafts and bookmarks when deleting an user. (#27585, thanks Schumi for the fix)
• Set last_post_subject for new topics. (#23945)
• Allow moving posts to invisible forums. (#27325)
• Don’t allow promoting unapproved group members (#16124)
• Correctly fetch server name if using non-standard port (#27395)
• Regular expression for email matching in posts will no longer die on long words.
• Do not display ban message if direct call to cron. (thanks Dog Cow for reporting)
• Correctly display double-colon on special conditions within highlighted php source (Bug #26795)
• Increase storage capacity of titles/subjects due to specialchared content (Bug #25235)
• Catch invalid username wildcard ban (we do not support these) (Bug #29305)
• Fix (email)-domain checks for those having DNS prefixes set (Bug #29635)

changed:

• Adjust truncate_string() to be able to adjust the maximum storage length.
• Sort the tables at the database table backup screen
• For determining the maximum number of private messages in one box, use the biggest value from all groups the user is a member of (Bug #24665)
• Show email ban reason on registration. Additionally allow custom errors properly returned if using validate_data(). (Bug #26885)
• Don’t allow redirects to different domains.

New features:

• Added optional referer validation of POST requests as additional CSRF protection.
• Added optional stricter upload validation to avoid mime sniffing in addition to the safeguards provided by file.php. (thanks to Nicolas Grekas for compiling the list).
• Streamlined banning via the MCP by adding a ban link to the user profile. Also pre-fills ban fields as far as possible.
• Added ACP logout to reset an admin session.

Security:

• Only allow urls gone through redirect() being used within login_box().

[break]