Good stuff, I like these updates. Much easier to apply than a whole bugfix release. Then again, I do still have standard code, so how hard can it be?
I have a question. I have checked
member.php from MyBB 1.2.3 (original TAR.GZ) and MyBB 1.2.5 (TAR.GZ).
In file from version 1.2.3 below line 1045 we have:
$lang->away_note = sprintf($lang->away_note, $memprofile['username']);
$lang->users_additional_info = sprintf($lang->users_additional_info, $memprofile['username']);
$lang->users_signature = sprintf($lang->users_signature, $memprofile['username']);
$lang->send_user_email = sprintf($lang->send_user_email, $memprofile['username']);
if(!empty($memprofile['awayreason']))
{
$awayreason = $memprofile['awayreason'];
}
else
{
$awayreason = $lang->away_no_reason;
}
In member.php from 1.2.5 we have only:
$lang->away_note = sprintf($lang->away_note, $memprofile['username']);
$lang->users_additional_info = sprintf($lang->users_additional_info, $memprofile['username']);
$lang->users_signature = sprintf($lang->users_signature, $memprofile['username']);
$lang->send_user_email = sprintf($lang->send_user_email, $memprofile['username']);
This change is not present in patch file
mybb_124_xss_fix.txt (
http://community.mybboard.net/showthread.php?tid=18301). Why? Which file is correct?
koziolek, The member.php attached has a full patch (It gets rid of duplicate code), but we used a simple and as effective manual patch.
Thanks for the update, just installed and everything works perfectly
.
You guys rock at this stuff!!