﻿"
Note: this file provides the full miniBB history of updates, starting from the version 1.7.
It also provides the full list of files, and mentions changes, which were applied to these files for the certain version.
You will find the most recent release notes AT THE END of this file.
Pick up your version and keep your forums version up-to-date. It affects security and performance of your website!
"


Guides to update miniBB from 1.7 series to 2.0 (RC1).
(c) miniBB.com
********************************************

NEW users should follow the installation process described in README and not read below.

UPGRADING users should download convdb.php file, mentioned in upgrade process, separately:
http://www.minibb.com/download.php?file=convdb

Subject is no warranty we give with this update process.

miniBB 2.0 first draft (RC1) is created ONLY for mySQL users. If you are using not mySQL, keep your old version of forums this time.

You could follow alternative upgrade process described by our user Ivan here:

http://www.minibb.com/forums/7_1965_0.html#msg11818

if you are not familiar with back-ups themselves and have no idea where to start from.

Our update instruction is the following:

*** Backup all your old files.

*** Backup your old database.

*** Open !UPDATE_DB.sql in some text editor and check, if your miniBB database table names are THE SAME as in this file (for example, 'minibb_forums' should correspond to actual forums information table, 'minibb_users' - to users table etc.)

*** Run !UPDATE_DB.sql file in your mySQL-manager (phpMyAdmin, mysqlFront, mysql command line etc.) - this file contains changes in mysql database structure.

*** Rewrite ALL *.php files, attached in installation archive, except for setup_options.php, bb_specials.php. Do not overwrite your templates and/or graphics.

*** Edit setup_options.php and add the following new settings which are NECESSARY for running new version of miniBB:

$enableNewRegistrations=TRUE; // if you want to enable new users register themselves; FALSE in another case
$enableProfileUpdate=TRUE; // if you want user would able to update their profiles themselves; FALSE in another case

/* With default miniBB database structure, keep the array below as it is given. Experienced users may find additional information in manual. */

$dbUserSheme=array(
'username'=>array(1,'username','login'),
'user_password'=>array(3,'user_password','passwd'),
'user_email'=>array(4,'user_email','email'),
'user_icq'=>array(5,'user_icq','icq'),
'user_website'=>array(6,'user_website','website'),
'user_occ'=>array(7,'user_occ','occupation'),
'user_from'=>array(8,'user_from','from'),
'user_interest'=>array(9,'user_interest','interest'),
'user_viewemail'=>array(10,'user_viewemail','user_viewemail'),
'user_sorttopics'=>array(11,'user_sorttopics','user_sorttopics'),
'language'=>array(14,'language','language'),
'num_topics'=>array(16,'num_topics',''),
'num_posts'=>array(17,'num_posts',''),
'user_custom1'=>array(18,'user_custom1','user_custom1'),
'user_custom2'=>array(19,'user_custom2','user_custom2'),
'user_custom3'=>array(20,'user_custom3','user_custom3')
);
$dbUserId='user_id';
$dbUserDate='user_regdate'; $dbUserDateKey=2;
$dbUserAct='activity';
$dbUserNp='user_newpasswd';
$dbUserNk='user_newpwdkey';

/* With default miniBB database structure, keep the array above as it is given. Experienced users may find additional information in manual. */

$indexphp='index.php?'; // for miniBB 2.0, the name of your index file is obligate. Don't forget to keep "?" after filename.
$pathToFiles='./'; // general path to your miniBB files (RTFM for more)
//$includeHeader='header.php'; //uncomment and set alternate header, if you don't want to use miniBB's default main_header.html (useful if you use some header.php from your own site, for better integration).
//$includeFooter='footer.php'; // the same as above, for footer.
//$emptySubscribe=TRUE; // uncomment and set to TRUE if you want your users may subscribe to the topic without posting some text
$allForumsReg=TRUE; // if you want to make all forums for registered only users by one touch; else FALSE
//$registerInactiveUsers=TRUE; //if you want all registered users become inactive until you accept them. RTFM for more.

Edit the following OLD settings:

$dateFormat='j F Y H:i:s'; // now, the same as default PHP. Months are kept from language file and replaced to English month titles defined by 'F'.

$bb_admin='bb_admin.php?'; // add question sign at the end

This setting is REMOVED: $cookielang_exp

*** From a browser, run the file convdb.php - it will re-calculate all necessary new data, keeping your old data.

*** Edit the following files:

[x] templates/user_login_form.html - add new form field: <input type=hidden name=queryStr value="{$queryStr}"> 

[x] templates/main_last_discussions.html: {$l_posted} replaced to {$l_lastAuthor} in the cell.

[x] templates/main_last_discuss_cell.html: add {$topic_reverse} for displaying reversed topic icon. {$lastPoster} became "{$topicAuthor}<br><span class=txtSm>{$whenPosted}</span>", "<span class=txtSm>{$whenPosted}</span>" became "{$lastPoster}<br><span class=txtSm>{$lastPostDate}</span>". Because now we display both topic author and last poster in these cells.

[x] templates/main_topics.html: {$l_posted} becomes {$l_lastAuthor} (the same as above).

[x] templates/main_topics_cell.html: Add {$topic_reverse}, eliminate {$numViews}, {$lastAuthor} becomes "{$topicAuthor}<br><span class=txtSm>{$whenPosted}</span>", "<span class=txtSm>{$whenPosted}</span>" becomes "{$lastPoster}<br><span class=txtSm>{$lastPostDate}</span>" (the same as above).

[x] templates/admin_searchusers.html, added form name: <form.... name=searchForm ...>, added new variable: {$delCheckBox} In a form tag, it becomes checkbox when searching for users who didn't make any post. It will be more easy to delete these users without additional prompt when cleaning your "dead users" table. Put it right after <li>, for example.

In admin_searchusers.html, the following code:

<input type=radio name=searchus value=id {$ci}> ID<br>
<input type=radio name=searchus value=email {$ce}> {$l_email} / {$l_sub_name}<br>
<input type=radio name=searchus value=inactive {$ca}> {$l_inactiveUsers}<br>
<input type=radio name=searchus value=registr {$cr}> {$l_haventReg}<br>

became simple dropdown:

{$whatDropDown}

[x] templates/admin_searchusersres.html - fix {$bb_admin} ONLY, so it looks like "{$bb_admin}action=..." not like "{$bb_admin}?action=".

[x] templates/admin_login.html - fix {$bb_admin} ONLY
[x] templates/admin_panel.html - fix {$bb_admin} ONLY

[x] teplates/main_post_area.html - remove $anchor and put it as hidden field: <INPUT TYPE=HIDDEN NAME=anchor VALUE="{$anchor}">

[x] templates/main_posts.html: insert new JS function confirmDelete(id,what) (take from the the origin). Now, when deleting topic or post, instead of confirmation page, you'll get confirmation JavaScript message. If you click Ok, message will be deleted, and you'll be re-addressed to the place when you started this operation. If you want, you may also update language $l_areYouSureDeleteTopic variable (insert \n as newline), so confirmation message will not look so big.

[x] templates/main_header.html: {$l_menu[8]} removed.

[x] templates/tools_delete_msg_warning.html, templates/tools_del_topic_warning.html: you can delete these templates completely.

[x] templates/email_user_register.txt - $userData[1] became $username, $userData[2] became $passwd

[x] templates/email_admin_userregister.txt - became: $row->$insres; $userData[1]->$username; $userData[4]->$user_email, $userData[5]->$user_icq; $userData[6]=$user_website; $userData[7]->$user_occ; $userData[8]->$user_from; $userData[9]->$user_interest

[x] templates/user_dataform.html: {$showemailDown} instead of showemail fields; {$sorttopicsDown} instead of sorttopics fields. New field {$languageDown} in user_dataform - correspondly to {$l_menu[8]} (language definition now is kept for each user individually).

[x] lang/[Your language file(s)]: delete the variables: $l_deleteLang, $l_chooseLang, $l_incorrect_tpl, $l_tpl_not_found, because they are not used anymore.

[x] img/topic_reverse.gif - NEW icon used for marking topics that are sorted in DESC order. New variable {$topic_reverse} appears in main_posts.html, main_last_discuss_cell.html, main_topics_cell.html (see original templates, where you can insert this variable).

*** If you done everything correctly, you must have your NEW miniBB version up and working.

If you have questions or problems, go to minibb.com/forums and report here.

********************************************
Changes comparision: 2.0 RC1 - 2.0 RC1a
********************************************
* bb_functions.php: load_header(): now, with more efficient code used for including user's site header.
* _install.php: fixed table names replacement in SQL file.

********************************************
Changes comparision: 2.0 RC1a - 2.0 RC1b
********************************************
* index.php: minor changes regarding $action (done because of more efficient side-plugins include)
* bb_func_login.php: fixed error when anonymous user posts nothing when making new topic or post
* bb_functions.php: version change

Changes comparision: 2.0 RC1b - 2.0 RC1c
********************************************
* bb_functions.php: convert_date() fix

Changes comparision: 2.0 RC1c - 2.0 RC1d
********************************************
* Fixed templates: main_forums.html, main_last_discussions.html, main_topics.html, user_dataform.html ("images" directory was appearing incorrectly, the correct is "img").
* bb_functions.php: version change

Changes comparision: 2.0 RC1d - 2.0 RC1e
********************************************
* bb_func_usernfo.php: fixes in displaying user last posts. Added "limbb" class to <ul> tags.
* bb_default_style.css: added .limbb class for displaying lists in userinfo.
* setup_options.php: new option //$mod_rewrite=TRUE; Set if you want your main forum links displayed in "mod_rewrite" style. Only for Apache server! OBLIGATELY read our manual for more before using this option.
* bb_func_ldisc.php, bb_func_vtopic.php, bb_func_vthread.php, bb_functions.php: mod_rewrite issues.
* index.php: post-only forums issue.
* manual_eng.html: updated mod_rewrite issues

Changes comparision: 2.0 RC1e - 2.0 RC1f
********************************************
* setup_options.php: new array option $disallowNamesIndex (not obligate). Combined together with $disallowNames, allows to set list of prohibited usernames which cannot be used via user's registration. Example:

$disallowNamesIndex=array('admin');

When registering, both arrays are checked; the difference is that registration script checks $disallowNames as word fragments, and $disallowNamesIndex as full words. For example, if you have:

$disallowNames=array('admin');

users will not be able to register even under the name "badminton", because it contains the word inside $disallowNames. You need to put all exact words in $disallowNamesIndex.

Case doesn't matter in both arrays now.

* setup_options.php: new option $enableViews=TRUE; (not obligate). Because of many user requests, we put topic "Views" amount back, but you can disable it if you don't need this feature or it hangs up your database. If you are upgrading to RC1f from any of 2.x series, add new column in "topics" table, for example:

alter table minibb_topics add column topic_views int(10) default '0' not null after topic_time;

If you are upgrading from 1.x series, don't add this column. We have removed "drop" request from the !UPDATE_DB.sql file, so it will be kept in your database.

* bb_func_checkusr.php: new functions for checking $disallowNames and $disallowNamesIndex arrays in lowercase.
* bb_func_regusr.php: fixed bug with $closeRegister option.
* bb_admin.php: set_time_limit() issue
* bb_func_vthread.php: topic views issue
* bb_func_ldisc.php: topic views issue
* bb_func_vtopic.php: topic views issue
* bb_func_stats.php: topic views issue
* bb_functions.php: version change
* templates/manual_eng.html: updated
* templates/stats.html: topic views issue
* lang/eng.php: $l_stats_viewed re-added
* lang/eng.php: $l_stats_days_c changed back

* templates/main_last_discussions.html, templates/main_last_discuss_cell.html, templates/main_topics.html, templates/main_topics_cell.html: updated to have Views column again

Changes comparision: 2.0 RC1f - 2.0 RC1g
********************************************
* bb_func_vthread.php: fixes with moved topics IDs. Earlier, when you have bookmarked some topic, or received notification about that topic, if the topic was moved to another forum, you saw an error that this topic no longer exists. Now, it should work ok. Fixed also "Delete" link displaying in the first post.

* bb_func_vforum.php
* bb_func_stats.php,
* templates/stats.html (remove "Moderators" section): Moderators definition is CHANGED. Now, miniBB will have the same moderation routine as another forums - for every forum, you need to set up moderators separately. $mods array looks now as the following:

	$mods=array(
	FORUM_ID_1=>array(USER_ID_1, USER_ID_2, ...),
	FORUM_ID_2=>array(USER_ID_3, USER_ID_4, ...)
	...
	);

for example:

	$mods=array(
	1=>array(9,996),
	2=>array(9)
	);

means that user with ID = 9 is the moderator for forums with IDs 1 and 2, and user 996 is moderator for forum 1.

$modsOut variable, if existing, is not necessary anymore.

Displaying list of moderators is now available on the first forums page. In default version, it is hidden. If you want to display this list, in HTML template main_forums_cell.html add variable {$moderatorsList} (for example, directly after {$forum_desc}).

Moderators list was removed from the Stats script file and template.

* bb_admin.php: paths, URLs fix (as it was described here: http://www.minibb.com/forums/index.php?action=vthread&forum=3&topic=1974

* bb_func_editprf.php
* bb_func_inslng.php
* bb_func_login.php
* bb_func_man.php
* bb_func_ptopic.php
* bb_func_regusr.php
* bb_func_viewip.php
* bb_functions.php
* index.php
* _install.php

The following templates were updated so now they have {$main_url} variable instead of "./". It is NOT NECESSARY TO UPDATE these templates! If your previous version works Ok, and path to files is not critical for your server, ignore these files:

admin_panel.html
main_forums.html
main_forums_cell.html
main_header.html
main_lastdiscuss_cell.html (also added .views CSS style)
main_last_discussions.html (+ .views)
main_post_form.html
main_posts.html
main_topics.html (+ .views style)
main_topics_cell.html (+ .views style)
protect_forums.html
search.html
user_dataform.html

The following templates were updated as it was suggested by Ivan on 
http://www.minibb.com/forums/index.php?action=vthread&forum=1&topic=1978#4
(no need to update them if you are happy with layout!)

- admin_addforum1.html
- admin_searchusers.html
- lang/eng.php (just fixed some sentenses in English, nothing new here)

templates/manual_eng.html: manual updated.

$l_num_posts was deleted from language pack.

templates/main_forums.html : $l_num_posts changed to $l_replies

New CSS style in bb_default_style.css: .views (defines views column color in Last Discussions and Topics list)



Changes comparision: 2.0 RC1g - 2.0 RC2
********************************************

--Changed files (backup/overwrite):

bb_admin.php - united authorisation module changes; {$main_url} fix

bb_codes.php - Preventing comment spam as described on Google http://www.google.com/googleblog/2005/01/preventing-comment-spam.html ; all posted links have now ref="nofollow" attbribute

bb_cookie.php (new) - united authorisation module

bb_func_deltopic.php - "cleaning up the board" issue

bb_func_editmsg.php - changes in editing by admin; now admin or moderator could leave the message for futher editing by user; {$main_url} fix

bb_func_ldisc.php - Page splitting bugfix; {$main_url} fix; mod_rewrite issue

bb_func_locktop.php - {$main_url} fix

bb_func_login.php - united authorisation module changes

bb_func_movetpc.php - {$main_url} fix

bb_func_pthread.php - displaying user form

bb_func_ptopic.php - displaying user form

bb_func_regusr.php - fixed email notification

bb_func_search.php - {$main_url} fix

bb_func_sticky.php - {$main_url} fix

bb_func_txt.php - Preventing comment spam 

bb_func_usernfo.php - united module changes; {$main_url} fix

bb_func_vforum.php - improvement; mod_rewrite issue

bb_func_viewip.php - view IP by moderator fix

bb_func_vthread.php - moderator display fix; mod_rewrite issue; displaying user form

bb_func_vtopic.php - Page splitting bugfix (thanks Guran); fixes in displaying user form for various types of forums; {$main_url} fix; mod_rewrite issue; sort fix

bb_functions.php - united authorisation module changes; link separators fix as it was suggested on http://www.minibb.com/forums/index.php?action=vthread&forum=4&topic=1995

index.php - united authorisation module changes


--Modified files (modify/overwrite):

templates/main_header.html: {$l_sepr} before {$l_menu[0]}
templates/main_posts.html: improved getQuotation() function (now supporting Quote in Opera); URL to forums replaced to {$linkToForums} (mod_rewrite issue)
templates/main_forums_cell.html: URL to forums replaced to {$linkToForums} (mod_rewrite issue)
templates/main_last_discuss_cell.html: URL to forums replaced to {$linkToTopic} (mod_rewrite issue)
templates/main_topics_cell.html: URL to forums replaced to {$linkToTopic} (mod_rewrite issue)

Added {$main_url}/ in the following templates:

templates/admin_searchusersres.html
templates/admin_viewsubs.html
templates/main_forums_list.html
templates/main_last_discussions.html
templates/main_post_area.html
templates/main_post_form.html
templates/main_topics.html
templates/main_user_info.html
templates/main_warning.html
templates/protect_forums.html
templates/search.html
templates/stats.html
templates/tools_edit_post.html
templates/tools_move_topic.html
templates/tools_send_password.html
templates/tools_userips.html
templates/user_dataform.html
templates/user_logged_in.html
templates/user_login_form.html
templates/user_login_only_form.html

manual_eng.html: updated


Changes comparision: 2.0 RC2 - 2.0 RC2a
********************************************

--Changed files (backup/overwrite):

bb_admin.php - getForumIcons() fix

bb_func_editprf.php - database scheme fix

bb_func_vthread.php - moved $forum check; removed $regUsrForums statement on displaying form when user is not logged in

bb_func_vtopic.php - removed $regUsrForums statement on displaying form when user is not logged in

bb_functions.php: version change

index.php - moved $forum check

We also have changed ISAM tables data type to myISAM. If your database tables are ISAM type, you can update them by the following mySQL command:

ALTER TABLE minibbtable_users TYPE = MYISAM;
ALTER TABLE minibbtable_topics TYPE = MYISAM;
ALTER TABLE minibbtable_posts TYPE = MYISAM;
ALTER TABLE minibbtable_send_mails TYPE = MYISAM;
ALTER TABLE minibbtable_forums TYPE = MYISAM;
ALTER TABLE minibbtable_banned TYPE = MYISAM;

This is not critical update and mostly does not affect critically the speed of your board in any case; but it is better to have myISAM tables type.

Changes comparision: 2.0 RC2a - 2.0 RC2b
********************************************

bb_admin.php: redirect to topic's below after deleting subscription; sessions fix

bb_codes.php: w3c compliance fix on [img] tag

bb_cookie.php: added new function writeUserPwd() which converts user's password to necessary format (useful for systems with united user's database table)

bb_func_editmsg.php: sessions fix

bb_func_editprf.php: new password convertion with writeUserPwd(); improved "custom" field saving (if "custom" POST variable is not set, "custom" field will not be included in updated fields list.

bb_func_login.php: sessions fix

bb_func_regusr.php: database scheme fix, new password convertion with writeUserPwd(); improved "custom" field saving.

bb_func_vthread.php: setting new option $userInfoInPosts, you'll get defined information from user's profile in every post. Done mostly for future plugins like avatars, signatures and any other personal info available from users table and displayed in thread messages list.

bb_functions.php: version change; improved ParseTpl() function so it interprets now values like {$someArray[$someVal]}

index.php: sessions fix

--Changed files (modify):

setup_options.php: new option $userInfoInPosts which allows to get user's profile data and put it in the 'posts' template. Read manual for more on how to use this option.

--Non-critical modifications:

templates/main_footer.html: commented loading time
templates/manual_eng.html: updated

Changes comparision: 2.0 RC2b - 2.0 RC3
********************************************
RC3 version is called "concrete". We did many changes in database, option files, language packs, so make backups of your existing software before you process.

Upgrade procedure from the previous version 2.0 RС2b could be done through the following steps:

1) process in mySQL manager with the following commands (Database changes are included in !UPDATE_DB.sql so if you are upgrading from 1.x series, it is not necessary to run them again):

#
alter table minibbtable_forums add column forum_group varchar(150) not null default '';

alter table minibbtable_posts add key poster_ip (poster_ip);

alter table minibbtable_topics add column topic_last_post_time datetime not null;
alter table minibbtable_topics add key posts_count (posts_count);
alter table minibbtable_topics add key topic_time (topic_time);
alter table minibbtable_topics add key topic_last_post_time (topic_last_post_time);
alter table minibbtable_topics add key topic_views (topic_views);

alter table minibbtable_users add num_topics INT(10) UNSIGNED DEFAULT '0' NOT NULL AFTER activity;
alter table minibbtable_users add num_posts INT(10) UNSIGNED DEFAULT '0' NOT NULL AFTER num_topics;
#

2) Edit setup_options.php: 'user_custom...' indexes are increased +2 because 2 new fields introduced. In default version, 'user_custom1' is 18, 'user_custom2' - 19, 'user_custom3' - 20. Add new fields in $dbUserSheme:

'num_topics'=>array(15,'num_topics',''),
'num_posts'=>array(16,'num_posts',''),

before 'user_custom1'

3) Run convdb.php again (choose 2.0 version)

4) Update your language file by adding at the very bottom:

/* Language variables miniBB v2.0 RC3 */
$l_forumgroup='Forum supertitle (appears BEFORE forum title, emulating the category)';

Look up for $l_usrInfo array and change the following:

$l_usrInfo[10]=$l_stats_numTopics;
$l_usrInfo[11]=$l_stats_numPosts;

$l_usrInfoActivities='User Activities'; //instead of $l_usrInfo[10]

custom fields begin from index 12 now

5) Copy/Overwrite the following script files:

bb_admin.php - bb_plugins; db_calcAmount(); forums supertitles; adding, editing, re-ordering forums procedures rewritten; including vulnerability fix

bb_codes.php - align fix; rel=nofollow fix; tag [email] removed. We think nobody needs to show his linked email in spammers era.

bb_func_delmsg.php - db_calcAmount(); last post time

bb_func_deltopic.php - db_calcAmount()

bb_func_editmsg.php - fixes in editing own messages by Admin or Moderator; users are not able to edit their messages in the topic after the topic was locked

bb_func_forums.php - supertitles

bb_func_inslng.php - ability to use separated language files for different modules

bb_func_locktop.php - when $userUnlock is equal 2, users will not be able to lock their topics at all

bb_func_login.php - for anonymous users, now is prohibited to use anonymous names specified in $disallowNames or $disallowNamesIndex array

bb_func_movetpc.php - db_calcAmount()

bb_func_pthread.php - user amount; db_calcAmount(); last post time

bb_func_ptopic.php - user amount; db_calcAmount()

bb_func_search.php - date displayed in defined format

bb_func_stats.php - user posts amount

bb_func_txt.php: ref=nofollow

bb_func_usernfo.php - improvements

bb_func_vforum.php - supertitles

bb_func_vthread.php - removed $c2 statement; when $userUnlock is equal 2, users will not be able to lock their topics and the Lock topic link will not be visible; users are not able to edit their messages in the topic after the topic was locked

bb_func_vtopic.php - removed $c2 statement

bb_functions.php: version change; including vulnerability fix ($includeHeader, $includeFooter vulnerability when register_globals is ON); experimental improvement: file() instead of while(!feof) (must execute faster); load_header() fixes when $viewTopicsIfOnlyOneForum is set.

bb_plugins2.php: new file. Designed for possible plug-ins like file upload which need to be executed AFTER some action (bb_plugins.php handles everything BEFORE some action). If you are not planning any plugins, this file is not obligate to copy/create.

index.php - topicData fix, backErrorLink above the forums; including vulnerability fix

setup_mysql.php: new functions, improvements

templates/admin_addforum1.html - new interface/form field names
templates/admin_editforum2.html - new interface/form field names
templates/main_forumgroup.html - fixes

6) There are also some fixes in templates, but it is not obligate to change them if you are happy:

templates/main_last_discussions.html: <nowrap>
templates/main_post_form.html: [email] button removed
templates/main_topics.html: <nowrap>
templates/manual_eng.html: updated


7) The following files were removed from official package:
img/button_email.gif: removed



Changes comparision: 2.0 RC3 - 2.0 RC3a
********************************************
In this release, we are introducing new option for deleting messages by users themselves; using external function for encoding passwords (so encoding format may be changed easily); optimizing email notifications on desired language for multilanguage forums; building dynamic pages Description tag. Also, we have made some cosmetic changes on English language pack and CSS file, but they affect only new version, in general.

No database changes are required, and no templates changes are required.

Steps to update from the previous version:

1) Back up/update the following core files, overwriting them:

bb_admin.php - writeUserPwd() instead of md5() (allows to use any encryption function for storing passwords). Don't forge to rename administrative file.

bb_cookie.php (update ONLY if you are using default miniBB users table)

bb_func_checkusr.php - now, disallowed names are working only for new users (fix)

bb_func_confpwd.php - writeUserPwd() instead of md5();

bb_func_delmsg.php,

bb_func_deltopic.php - users may delete their own messages now, or topics, if there was no reply. Set $userDeleteMsgs=1; (if you want user deleting only replies) or $userDeleteMsgs=2; (for deleting his own topics) in setup_options.php, if you want this feature enabled. Use positive values at your own risk.

bb_func_editprf.php - united table fix

bb_func_login.php - now, if forums are for signed up users only, warning message will be displayed, when anonymous attempt to login fails; writeUserPwd() instead of md5()

bb_func_pthread.php - IP replacement; sending emails on user's language; SQL request optimization; users may delete their messages if allowed; {$forum_title} available now in email notification message; anti-spam fix.

bb_func_ptopic.php - fixes

bb_func_regusr.php - $emailusers fix; multilanguage registration; writeUserPwd() instead of md5()

bb_func_sendpwd.php - multilanguage; writeUserPwd() instead of md5()

bb_func_stats.php - minor fix (setting $l_stats_popular,$l_stats_aUsers,$l_stats_viewed in language to empty values, will allow to remove stats panels from Statistics)

bb_func_txt.php - FTP/HTTP text fixes

bb_func_usernfo.php - minor fix

bb_func_vforum.php: optimized

bb_func_vthread.php: {$forum_desc} available now in main_posts.html; dynamic text for 'Post reply'

bb_func_vtopic.php: {$forum_desc} available now in main_topics.html; changed dynamic text for 'Post topic' button

bb_functions.php - emailCheckBox(); version change; security fix

index.php - writeUserPwd() instead of md5(); fixed security bug related to closed forums and users; a lot of modification fixes and optimizations

setup_mysql.php - removed db_sendMails() function; updated core

2) Open default lang/eng.php file, go to the bottom and add "Language variables miniBB v2.0 RC3a" to the bottom of your original language pack, translating them. $l_sub_post_msg, $l_sub_post_tpc were changed back to their initial values ('Post message', 'Post topic') in this release. When user is not signed in, in topics list or messages list, he will see additional 'Sign in' message, taken from $l_enterforums value.

For example, when user is not signed in, he will see: "Sign In/Post Message". But when he is already signed in, he will see only: "Post message".

We're using now {$description} variable in <META NAME="Description" CONTENT="{$description}">. Default value will be kept in setup_options.php file, so everyone could translate it and set it to the necessary description of forums. Description appears in search results of systems like Google, helping visitors to orientate in found results more quickly. Dynamic Description will be built for topics list and replies list pages; it will take forum description for topics list, and the first 1000 symbols from the first message in replies list, removing any HTML code and quotes from it.

3) RENAME your email templates, so they have 3 letters '_LNG' postfix (you set the postfix as $lang='LNG'; for your language in setup_options.php). Example for $lang='eng':

email_admin_userregister.txt -> email_admin_userregister_eng.txt
email_reply_notify.txt -> email_reply_notify_eng.txt
email_user_password.txt -> email_user_password_eng.txt
email_user_register.txt -> email_user_register_eng.txt

Email template "email_reply_notify_eng.txt" contains now "{$forum_title_em}" which you may use for forum title definition in your emails.

4) On your wish, to the end of the setup_options.php you may add new option "$userDeleteMsgs=TRUE;" which allows to delete topics/messages not only by administrators, but also by users themselves.

Changes comparision: 2.0 RC3a - 2.0 RC3b
********************************************
bb_admin.php: vulnerability fix

Changes comparision: 2.0 RC3b - 2.0 RC4
********************************************
In this release, we are introducing completely rewritten, more optimized and fast search function, approvements for premoderation plugin, SEO issues, ability to register users by admin, and some little bugfixes and cosmetic improvements.

No database changes are required, and no templates changes are required.

Three steps to update from the previous version:

1) Back up/update the following core files, overwriting them:

* bb_codes.php: updated IMG tag; now any outside image inserted will be presented as FIXED WIDTH image (default with is 150), with the link to the original image. This should not break your pages, if posted image is too large. Old code is left in the file, so anyone is welcome to uncomment old code for using, and comment new code, if not liked. Width is set in bb_codes.php. Notice: old postings will loose their attributes, while editing the message!

* bb_func_checkusr.php - email checking fix

* bb_func_delmsg.php - premoderation issue

* bb_func_deltopic.php - premoderation issue

* bb_func_editmsg.php - If you want to override "strike through Edit" text near checkbox, when editing a message as admin or moderator, just add $l_editLock='Mark as edited and lock post'; in your language pack (if $l_editLock variable is set, it will overwrite default setting).

* bb_func_editprf.php - lowercase checking email on editing prefs; fix on custom fields (empty field needs to be updated, too)

* bb_func_ldisc.php - premoderation issue. Now, setting $textLd=1; or $textLd=2; in setup_options.php, you will get {$lastPostText} variable available in latest discussions section on the first page. If set to 2, all HTML formatting is removed from the post text, and you can use it in <acronym> tag, for example. If set to 1, post text is left as it is. {$fTitle[$forum]} variable is now available defining forum ID in templates/main_last_discuss_cell.html, so you may use it for displaying forum title, not only forum icon, in this template.

* bb_func_pthread.php - premoderation issue

* bb_func_ptopic.php - anti-spam bug fixed (as reported on http://www.minibb.com/forums/3_2735_0.html )

* bb_func_regusr.php - premod issue; lowercase checking email on sign up; it is allowed now for admin to disallow user registrations (set $enableNewRegistrations=FALSE; in setup_options.php), but at the same time, to register them, logging as admin and visiting the link under ?action=registernew. For example, paste in your templates/admin_panel.html:

<!-- Register new user --><li><a href="{$indexphp}action=registernew">New user Sign Up</a></li>

this link will drive you in registration form. Enter necessary user data, click "Submit" button - you will see regular registration message, and your new user will be created with the data you provided. A great implementation for those who want to open forums only for REALLY trusted users!

* bb_func_search.php - completely rewritten

* bb_func_sendpwd.php - now, it is possible to have {$loginName} as login name in templates/email_user_password_eng.txt as forgotten login name amongst new password

* bb_func_stats.php - premod issues; rel=nofollow on some links

* bb_func_usernfo.php - premod issues; re-directing to the latest post of user through new search module; rel="nofollow" tags in forum links for not duplicating the content

* bb_func_vforum.php - determining forum title for latest discussions.

* bb_func_vthread.php - premoderation issue; $viewReg - rel="nofollow" tag added on a link to user profile; title change

* bb_func_vtopic.php - premoderation issue; title change; $viewTopicsIfOnlyOneForum fix; code for "new topic form" solution fixed

* bb_functions.php - convertDate() optimized; version number change

* index.php - premoderation issue; $viewTopicsIfOnlyOneForum fix; non-critical fixes

* setup_mysql.php - db_searchMatchGen() removed; db_searchWithin() removed; db_searchDeSlice() removed; db_genPhrase() added; db_searchSelect() added

* templates/search.html - completely new form

2) Do not overwrite, but fix you old files editing the following:

* bb_plugins.php - add "if (!defined('INCLUDED776')) die ('Fatal error.');" at the top of file

* lang/YOUR_LANGUAGE_FILE (eng.php or whatever) - change variables for new search function:

$l_search[4]='Messages';
$l_search[5]='Topic titles only';
$l_search[8]='Period';
$l_search[7]='All fragments or words';

$l_search[10]='Search phrase length can\'t be more than 100 chars. Minimum length of any word is 3 symbols. As more search parameters you specify, as more longer by time and specific by content will be search results. Newest messages are shown first.';

At the end of file, add new variables for miniBB 2.0 RC4:

/* Language variables miniBB v2.0 RC4 */
$l_searchFailed='Search failed: no results.';
$l_from='from';

* setup_options.php: $description variable was moved here from language pack.

3) For default version, we have also done non-critical changes in the following files (you don't need to update your files):

* templates/main_header.html - We have commented <!--{$l_menu[4]}--> ("Manual" link) so it will not appear automatically anymore. Very many people are too lazy to create docs for their forums, installing miniBB, and even forget to remove this link, even if there is default miniBB administrative manual included. Not a good idea to display this manual on default forums; but for any case, you may enable it at any time.

* templates/email_user_password_eng.txt - added {$loginName}

* templates/email_reply_notify_eng.txt - in default version, unsubscribe instructions are now provided for each notification letter

* templates/stats.html - added "nofollow" tags in links

* templates/main_forumgroup.html
* templates/main_topics.html
* templates/main_post_area.html

Changes comparision: 2.0 RC4 - 2.0 RC4a
********************************************
Fixes regarding previous release. Update/overwrite the following files:

* bb_codes.php - image old code is combined now with new code [imgs]
* bb_func_ldisc.php - fixed premoderation/$textLd issue
* bb_func_pthread.php - fixed posting of empty text
* bb_func_vtopic.php - $lastPostText available now also in templates/main_topics_cell.html if $textLd is set

* templates/main_post_form.html - [img] replaced to [imgs] by default


Changes comparision: 2.0 RC4a - 2.0 RC4b
********************************************
Backup and then overwrite the following files:

* bb_codes.php - changes according new JavaScript buttons form and some improvements
* bb_cookie.php - VULNERABILITY FIX. UPDATE IMMEDIATELY!
* bb_func_usernfo.php - improvement
* bb_functions.php - version change

The following templates updated, so they now contain more flexible JavaScript BB code usage (not necessary to overwrite them, but probably you WILL want to take these features away, so update all JavaScript code):

* templates/form.js - NEW file
* templates/main_post_form.html
* templates/main_posts.html
* templates/main_topics.html
* templates/tools_edit_post.html


Changes comparision: 2.0 RC4b - 2.0 RC4c
********************************************
Backup and then overwrite index.php file: contained possible security hole


Changes comparision: 2.0 RC4c - 2.0 RC5 "X-Mas"
********************************************
In this 4-months-long release, we are introducing SEO issues, which work on avoiding duplicated content, if you use mod_rewrite mode (it seems this issue helped us to get our positions back in Google); new option for deleting many messages by one click; defining new database field for "ban reasons" in your admin panel; also as providing A LOT of minor and major fixes for making miniBB more stable, convenient, fast, content-oriented and still 'smallest' board software package on Earth!

We have now complete manual on how to upgrade miniBB:

http://www.minibb.com/forums/manual.html#upgrades

Four big, but worth of it steps to update from the previous version:

1) Update your database table, executing this query:

ALTER ignore TABLE minibbtable_banned ADD banreason varchar(255) DEFAULT '' NOT NULL;

where `minibbtable_banned` stands for the title of your "banned" table.

2) Back up and then update the following core script files, overwriting them:

* bb_admin.php - editing forums dropdown list the same as in bb_func_forums; added "ban reason" field processing; bb_plugins and bb_plugins2 including now

* bb_codes.php - completely removed email decoding tag

* bb_cookie.php - it is now possible to store admin's password directly in MD5 hash (update this file only if you are not using your own authorization code); minor security fix.

* bb_func_checkusr.php - fixed error handling when adding custom obligate fields & errors

* bb_func_delmsg.php - group deletion of messages now is possible; could help you in deleting many messages simultaneously with a click; mod_rewrite relocation issue.

* bb_func_editmsg.php - little date improvement; mod_rewrite issue

* bb_func_editprf.php - minor development fix

* bb_func_forums.php - <optgroup></optgroup>

* bb_func_ldisc.php - parseTopic() introduction; latest discussions/closed forums-excluded forums fix; XHTML issues; SQL optimizations.

* bb_func_login.php - it is now possible to store admin's password directly in MD5 hash (just set 32 symbols for it). Now displays common warning for all login errors when $loginError=1;

* bb_func_movetpc.php - changed list of forums (based now on bb_func_forums)

* bb_func_pthread.php - email sending fixes (acc. to multilanguage board); empty space symbol fixes; limitation of minimum text length defined; email notification fix (not send to the replier his own reply).

* bb_func_ptopic.php - empty space symbol fixes; limitation of minimum text length defined (10 symbols), both for topic lenght and message length. Will force your users to create really important content messages. Corresponding changes in language pack ($l_topiccannotempty, $l_emptyPost variables).

* bb_func_search.php - descending thread issues on redirecting; mod_rewrite issues; searchin now by complete fragments of words

* bb_func_stats.php - mod_rewrite issues; fixes concerning topic views disabled; fixed $dbUserSheme on most active users

* bb_func_txt.php - URL making after BB codes fix; encoding urls function swap (completely rewritten urlMaker() ); minor 'isMod' fix

if (!$bbcodes) {
$text=enCodeBB($text, $admin);
$text=str_replace('><img src=','> <img src=',$text);
}
if($urls and !$bbcodes) {
$text=urlMaker($text,$wrap);
}

* bb_func_usernfo.php - ability to use $customProfileList array and define fields to display in user's profile in necessary order; fixed topics amount - if zero, it won't be shown in profile; fixed moderators definition

* bb_func_vthread.php - more convenient method of parseMessage(); function (now it will use globals instead of adding a string, which allows to specify many globals in this function, and then put them as variables into template); fix of read-only forums quote; group deleting issues; confirmation of deleting group messages.

* bb_func_vtopic.php: parseTopic(); introduction; changes accordingly to new form solutions; it is now possible to set custom sorting of topics in special forums via $customTopicSort option. Define in setup_options.php or bb_specials.php:

$customTopicSort=array(
FORUM_ID_1=>array('SORTING ORDER 1', 'SORTING ORDER TITLE 1'),
FORUM_ID_2=>array('SORTING ORDER 2', 'SORTING ORDER TITLE 2')
);

Example:

$customTopicSort=array(
9=>array('topic_title ASC', 'Topic title'),
5=>array('ord(substring(topic_title,1,1)) ASC', 'Alphabetically')
);

provides sorting by topic_title field in ASC order (for latin alphabet) for forum with ID=9; also provides alphabetical sorting by non-latin alphabet for forum ID=5. Define {$defaultSorting} variable in templates/main_topics.html - and you will get the link for custom sorting, if user has changed it to "New topics". Custom sorting overrides any sorting user has set, except for what is specified in GET request. If mod_rewrite option is set, user's sorting will be available only on the first page of topics list; any other pages will be sorted by custom.

* bb_functions.php - mod_rewrite and main URL fixes; makeUp() optimization; fixes concerning new topic form solution; sendMail() function optimization, ability to use external PHPmailer class [http://phpmailer.sourceforge.net/] for advanced SMTP sendings. For enabling PHPMailer, copy PHPmailer files to forums root directory () and add PHPMailer SMTP settings to the setup_options.php file:

$enablePhpMailer=array(
'smtp_host'=>'mail.server.com',
/* Specify SMTP host here */

'smtp_auth'=>FALSE,
/* If yes for SMTP auth, set to TRUE, else to FALSE */

'smtp_username'=>'',
/* If yes for SMTP auth, set SMTP username */

'smtp_pass'=>''
/* If yes for SMTP auth, set SMTP password */

);

* index.php - fixed working with avatars; search bug fix on post-only forums; admin panel link fix; secured 'customProfileList' setting; secured 'correct', 'customTopicSort' settings; sortBy fix; manualIndex, startIndex, metaRobots; mod_rewrite optimizations on redirect; $l_anonTxt variable; login/logout routine changes; a lot of non-critical, but optimization fixes. Now we display common warning for all login errors.

* setup_mysql.php - search function improvements


3) Do not overwrite these files, but only add new stuff at the end of them:

* setup_options.php

  - OBLIGATORY parameters $startIndex, $manualIndex; defines full name of start forums page, which is used on many crosslinking pages and within the forum. By default, should be set as 'index.php' or the original $indexphp value without question sign at the end. So if you have {$main_url}/{$startIndex}, you go directly to forums page. This setting is used only for displaying backlinks to the main forum page. If you are using mod_rewrite mode, it's ok to set this to 'index.html', defining this rule in .htaccess like: 
  
RewriteRule ^index\.html$ ./index.php?mdrw=on
  
  - NOT OBLIGATORY option available; set $enableGroupMsgDelete=TRUE; for enabling group messages deletion (see above bb_func_delmsg.php)

* /lang/eng.php (your language pack) - small fixes; bb codes translated; new search module variable (type by complete fragments of words); new variable $l_deleteAllMsgs; for the new variables - see below the file for adding in your own language pack.


4) For default version, we have done changes in the following files (don't overwrite your files, if you have changed these templates; however, it would be good step to update them if you are updating core script files):

* templates/admin_banusr1.html - added "ban reason" field

* templates/admin_deleteban1.html - XHTML issues

* templates/admin_editforum1.html - {$listForums} instead of {$forums_to_edit}

* templates/admin_viewsubs.html - $startIndex update accordingly to the setup_options definition

* templates/form.js - updated insertAtCursor() function, so now codes like [imgs]null[/imgs] or [url=null][/url] (on propmt cancel) should not be inserted

* templates/main_footer.html (XHTML)

* templates/main_forumgroup.html (XHTML)

* templates/main_forums.html - quotation attributes (XHTML)

* templates/main_forums_cell.html (XHTML)

* templates/main_header.html - New tag: <meta name="robots" content="{$metaRobots}" /> - we recommend to add this tag to your default header file, specially if you are using mod_rewrite. Also changed lowercase of all tags, quotation marks on attributes (futured XHTML issues).

* templates/main_last_discussions.html (XHTML)

* templates/main_last_discuss_cell.html (XHTML)

* templates/main_post_form.html - eliminated encoding warning {$l_warnEncoding}; bb codes translated

* templates/main_posts.html - $startIndex update accordingly to the setup_options definition; onMouseMove instead of onMouseDown; getQuotation() update; confirmDelete() update; new form around list of messages, creates list of checkboxes for mass deleting; new variable {$deleteAllMsgs} in administration panel.

* templates/main_posts_cell.html: new variable {$deleteBox} (add after {$posterText}) - indicates checkbox for group deleting of messages

* templates/main_topics.html - $startIndex update accordingly to the setup_options definition; icon valign fix; new HTML comment tags necessary for running additional solutions; XHTML issues.

* templates/main_user_info.html - $startIndex update accordingly to the setup_options definition

* templates/main_warning.html - $startIndex update accordingly to the setup_options definition

* templates/search.html - $startIndex update accordingly to the setup_options definition; caption3 instead of caption6 in CAPTION; slight header change; HTML code updated.

* templates/stats.html - $startIndex update accordingly to the setup_options definition

* templates/tools_move_topic.html - {$listForums} instead of {$forumsList}

* templates/tools_userips.html - $startIndex update accordingly to the setup_options definition

* templates/user_dataform.html - $startIndex update accordingly to the setup_options definition; {$l_im} variable added for instant messenger

* templates/user_logged_in.html - <table> removed

* templates/user_login_form.html - XHTML issues; added {$l_anonTxt} variable

* templates/user_login_only_form.html XHTML issues; <table> removed


5) We have updated these files accordingly only to new version. Do not update these file, if you already have running version of miniBB:

* !UPDATE_DB.sql: added

ALTER ignore TABLE minibbtable_banned ADD banreason varchar(255) DEFAULT '' NOT NULL;

* _install.php - fixed

* _install_mysql.sql - added new field `minibbtable_banned`.

* new forum icons: all /img/forum_icons/topic_*.gif

* templates/manual_eng.html - default version of miniBB manual updated


Changes comparision: 2.0 RC5 - 2.0 RC5a
********************************************
This version contains some bugfixes, improvements and changes, discovered from the previous X-mas release within 2 months. No new features, but recommended for upgrade.

Steps to update:

1) Back up and then update the following core script files, overwriting them:

* bb_admin.php (administration file): editing forums update (slashes fix); $queryStr fix

* bb_func_editmsg.php: Return to topics link

* bb_func_ldisc.php: latest message date when sorting by new topics

* bb_func_login.php: $queryStr2 added; fixes of simple logging in forums list

* bb_func_pthread.php: anonymous emails fix; premoderation plugin fixes

* bb_func_search.php: mod_rewrite issues when searching by topic titles; now using common forums dropdown format with supertitles

* bb_func_txt.php: hidden option $disableLineBreaks disallows converting newlines to <BR> (useful for forums where admin is able to post clear HTML); urlMaker() fix

* bb_func_usernfo.php: custom fixes

* bb_func_vtopic.php: latest message date when sorting by new topics

* bb_functions.php: fixes on #newtopic when in $viewTopicsIfOnlyOneForum mode

* index.php: 'delmsg2' action removed; 

* setup_mysql.php: search phrase brackets eliminated

2) The following CRITICAL changes were made to the templates:

* templates/main_post_form.html - "selection" changed to "selektion" everywhere; textarea tag - added: id="postText"
* templates/main_posts.html - "selection" to "selektion" in getQuotation()
* templates/form.js - complete code changes, regarding new Mozilla and IE 7 issues (overwrite this file)
* templates/search.html - instead of {$forumDropDown} now we have 

<select class="textForm" name="forum"><option value="">&mdash;</option>{$listForums}</select>

* templates/main_warning.html: {$topicsLink} added (this change is optional)

3) Add new variable to your language pack: $l_returntotopics (or overwrite lang/eng.php if you have not changed it)


Changes comparision: 2.0 RC5a - 2.0 RC6
********************************************
We really hope this is the latest release of the version 2.0 beta series. We have worked on these series more than 1,5 years, and now see it as very well tested and stable software for creating smart online community. This release introduces such new features as case insensitive login, possible email confirmation if changed in Profile, also as many other minor fixes collected within latest months. The big step forward is that this version pretends to be XHTML Transitional compatible by W3C standarts. We have fixed all templates, and scripts' internal HTML code. This is more important for new users of miniBB; so if you will upgrade your version and don't worry about standarts too much, do not overwrite default templates, specially if you've made some changes to your current stuff. All modern browsers should display correctly even the pages which have incompatibility, so this is the step more oriented on "being smart", rather "important".

XHTML compatibility changes mostly affect the following: a) all values set in quotes; b) <p>, <br>, <li>, <input>, <meta>, <img> tags are closed if opened; c) JavaScript events like onmouseover/onclick etc. now published lowercase d) & must be converted to &amp;. Also, in many templates we've removed "<div align="center>" tags, and now position tables only using CSS.

XHTML compatibility affects currently only MAIN CORE of miniBB. We will continue to work on language packs, skins, and plugins to make them all compatible, in the near future, and not only with XHTML, but also with version 2 of miniBB.

Notice also, that if you edit the message, your old BB codes will not be available anymore, and sometimes you will need to reformat your message. We hope this is rare case.

There are also posting text routine major updates: now, in most cases, users will get JavaScript "Access denied" message when trying to post empty message or message with empty topic; also when posting anonymously on registered users only forums. Since miniBB allows to sign-in from any message or new topic form, entering login and password, error won't be displayed in that case. This will help new users to catch their errors on-the-fly without losing message information; new options _specially_ useful for those who are using file upload addon. Changes do not affect users who has browsers with JavaScript disabled - they still can submit their messages, but in that case, all errors will be handled via PHP.

Steps to update:

1) Back up and then update the following core script files, overwriting them:

* bb_admin.php - a lot of major fixes, incl. XHTML

* bb_codes.php - new code "[urlc=...]" which allows admin or moderator to add a link without "nofollow" tag; <br> changed to <br />; a lot of XHTML related fixes; new available (form hidden) tag [align(left|center|right)][/align] allows to position text in desired alignment, incl. nested image tags.

* bb_cookie.php - setMyCookie() - added new variable $encodePass (used when password is already passed encoded - for example, $admin_pwd); login case insensitive implementation

* bb_func_confpwd.php - email confirmation code added

* bb_func_editmsg.php - fixes regarding topic title posted in wrong encoding; posting routine update; XHTML fixes

* bb_func_editprf.php - database lowercase function definition fix; email confirmation on changing email in Prefs, if $closeRegister is set; disabled="disabled"

* bb_func_forums.php - selected="selected"; fixed optgroup procedure

* bb_func_ldisc.php - XHTML

* bb_func_locktop.php - mod_rewrite fix

* bb_func_login.php  - login case insensitive implementation

* bb_func_pthread.php - changed <br> to <br />; anchor fix

* bb_func_ptopic.php - fixes regarding topic title posted in wrong encoding

* bb_func_regusr.php - database lowercase function definition fix; XHTML fix

* bb_func_search.php - XHTML issues; anchor fixes

* bb_func_txt.php - fixes regarding topic title posted in wrong encoding; MS Word special symbols fix; changed <br> to <br />

* bb_func_usernfo.php - possibility to force displaying of latest topics, replies and activities

* bb_func_vforum.php - XHTML fixes

* bb_func_viewip.php - XHTML fixes

* bb_func_vthread.php - minor fixes; IMG closing tag (XHTML); onmouseover/onmouseout; anchor fix

* bb_func_vtopic.php - fixed stripping HTML tags in forum description; IMG closing tag (XHTML)

* bb_functions.php - fixes in emailCheckBox()  ($main_url), sendMail(); database lowercase function definition fix; quotes in emailCheckBox and makeValueDropDown fncs.; selected="selected"

* index.php - posting routine update; changed user blocking determining (if activity is -1, user is able to change Preferences, if he doesn't received confirmation email upon email change; if activity is 0 that means user is blocked by admin and can not access any areas); admin link fixes

2) Edit setup_options.php file - new (not mandatory) option $loginsCase. If is not set, or set to FALSE, all logins are CASE SENSITIVE (by default). For example, if you have registered username "Paul", you must type "Paul" in your login field. Not "PAUL, and not "paul" - this will not work. If this option is enabled and set to TRUE, you can type anything - "paul", "PAUL", "Paul" etc. - anything will be compared in lowercase. Notice: nobody is able to register "PAUL" or "paul" usernames, if there is already one "Paul" in database - this doesn't depend on setting this option. This option also DOES NOT affect passwords; password must be entered the same manner as via registration.

$post_text_minlength parameter in setup_options.php is now obligate! If it's not specified, set it at least to 1 ($post_text_minlength=1;)

3) The following CRITICAL changes were made to these files, so it's up to you how you upgrade them - update or overwrite, but definitely you must pay attention to:

* templates/form.js - added main functions for handling forms

* templates/main_posts_cell.html - "msg{$cols[6]}" instead of "{$anchor}" now for making anchors in the thread

* templates/main_posts.html,
* main_topics.html,
* tools_edit_post.html 

  - posting routine updates. Added "tlength" and "anonPost" javascript variables; javascript code for form.js moved BELOW this call; at the bottom of each file, added javascript code which should enable post button after form is submitted, but came with error. Submit button (also as in templates/main_post_area.html) changed to "button" type and named now "subbut"; it's displayed when JavaScript enabled via document.write function. Alternative non-javascript code is suggested for straight submit button.

* templates/main_post_area.html - submit button changes as described above.

* templates/main_topics.html - removed ENCTYPE="multipart/form-data" (not necessary by default)

* templates/tools_edit_topic_title.html - "postTopic" variable changed to "topicTitle".

* main_header.html - added closing slashes in meta tags; the document definition is now: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

* eng.php (Language pack): deleted variable $l_privateForum; added variables $l_emailChangeCode, $l_emailCodeConfirm; closing slash in meta tag for XHTML compatibility; all <br> replaced to <br />

* templates/email_user_confirm_eng.txt - NEW - template for confirming email when changing it in Profile; not mandatory if you have $closeRegister not set

* bb_default_style.css - we have added atrributes like: margin-left: auto; margin-right: auto; vertical-align: top; , also as new classes .tbTransparentCell, .tbTransparentmb, table.forumsmb, img and td

4) Optionally, execute these mySQL commands in order to fix old miniBB's HTML messages format compatible with XHTML:

update minibbtable_posts set post_text=REPLACE(post_text,'<br>','<br />') where POSITION('<br>' IN post_text)>0;
#the command replaces all <br> tags to <br />

update minibbtable_posts set post_text=REPLACE(post_text,concat(char(13),'" target="_new"'),'" target="_blank"') where POSITION('target="_new"' IN post_text)>0;

update minibbtable_posts set post_text=REPLACE(post_text,'" target="_new"','" target="_blank"') where POSITION('target="_new"' IN post_text)>0;
#the commands replaces all _new targets to _blank

update minibbtable_posts set post_text=REPLACE(post_text,' border="0"','') where POSITION(' border="0"' IN post_text)>0;
#the commands removes all image border attributes

update minibbtable_posts set post_text=REPLACE(post_text,' align=""','') where POSITION(' align=""' IN post_text)>0;
#the commands removes all image align attributes

update minibbtable_posts set post_text=REPLACE(post_text,' alt="">',' alt="" />') where POSITION(' alt="">' IN post_text)>0;
#the commands adds image closing tag

update minibbtable_posts set post_text=REPLACE(post_text,'<b>','<strong>') where POSITION('<b>' IN post_text)>0;
update minibbtable_posts set post_text=REPLACE(post_text,'</b>','</strong>') where POSITION('</b>' IN post_text)>0;
#the command replaces all <b> tags to <strong>

update minibbtable_posts set post_text=REPLACE(post_text,'<i>','<em>') where POSITION('<i>' IN post_text)>0;
update minibbtable_posts set post_text=REPLACE(post_text,'</i>','</em>') where POSITION('</i>' IN post_text)>0;
#the command replaces all <i> tags to <em>

5) ALL default miniBB templates were updated for XHTML compatibility, also as {$main_url} variable was inserted in many admin templates (they all are in the /templates/ folder). If XHTML compatibility is not important issue for you, or if you have heavily modified your board layout, you can pass this section; however, you need to make critical changes to the templates mentioned above. If your templates were not modified, you can easily rewrite all default package templates, updating them.

README.txt, _install.php, manual_eng.html were updated also, but this doesn't affect your current installation in any way.

Changes comparision: 2.0 RC6 - 2.0 RC6a
********************************************
* bb_func_forums.php - fixes regarding <optgroup> in various modes
* bb_func_vtopic.php - XHTML fix
* bb_functions.php
* index.php - issues concerning only one forum mode
templates/user_dataform.html - slight fix

Changes comparision: 2.0 RC6a - 2.0 RC6b
********************************************
* bb_codes.php - fix of [imgs] code ("px" size inserted)
* bb_func_forums.php - rare issues fixing
* bb_func_pthread.php - fixed redirecting on multiple pages after posting the thread

Changes comparision: 2.0 RC6b - 2.0 RC6c
********************************************
Possible SQL Injection fixes! Important update for all users, covers filtering of all variable input going to the scripts. Despite the possible attack, it more depends on mySQL security settings. Credit goes to the 'kevrter' who discovered this thing! Thanks.

Affected files:

* bb_admin.php
* bb_func_confpwd.php
* bb_func_delmsg.php
* bb_func_editmsg.php
* bb_func_login.php
* bb_func_movetpc.php
* bb_func_regusr.php
* bb_func_unsub.php
* bb_func_viewip.php

Also we have improved the following files:

* bb_codes.php - URL improvements (changed regexp: [^<> \n\r\[\]] )
* bb_func_stats.php - faster SQL queries now
* bb_func_txt.php - urlMaker() improvements
* bb_func_vthread.php - SQL improvement
* bb_functions.php - version change
* index.php - "Move Permanently" header on moved topics
* setup_mysql.php - removed function getByDay()

templates/tools_edit_post.html - var anonPost=0; added


Changes comparision: 2.0 RC6c - 2.0 RC6d
********************************************
Small non-critical fixes and additions only.

Affected files:

* bb_func_editprf.php - link to user's profile in Preferences
* bb_func_forums.php - syntax fix
* bb_func_pthread.php
* bb_func_ptopic.php
* bb_func_search.php - fixed multipage redirect

* templates/user_dataform.html - {$profileLink} indicates link to profile now, with latest messages posted


Changes comparision: 2.0 RC6d - 2.0 RC6e
********************************************
Non-critical bugfixes in this small release. Files to update:

* bb_func_forums.php - fix regarding no groups
* bb_func_txt.php - URLs improvement
* bb_codes.php - different decode for URLC and URL codes on decoding


Changes comparision: 2.0 RC6e - 2.0 RC6f
********************************************
Some bugfixes and improvements.

* bb_codes.php - </font> fix as described here:
http://www.minibb.com/forums/3_3825_0.html

* bb_func_forums.php - fix regarding one forum in one group

* bb_func_login.php - error reporting issues

* bb_func_pthread.php - error reporting issues

* bb_func_ptopic.php - error reporting issues

* bb_func_txt.php - backslash, bracket fixes

* bb_func_vthread.php - $anchor2 fix; titles page numbers update

* bb_func_vtopic.php - titles page numbers update

* templates/form.js - pasteSel() changed. Now should support also Safari users. Update as described here: http://www.minibb.com/forums/2_2507_1.html#msg22502

- pf.elements['CheckSendMail'] condition added.


Changes comparision: 2.0 RC6f - 2.0 FINAL
********************************************
Latest release candidates already may be called "stable", so we are happy many users are using them already. Welcome to upgrade, if you want to receive new important features in this final version:

a) More care about anonymous users, and saving posted data. There could be many reasons, when you can lose what you've typed: anti-spam protection message; topic was moved to another forum or deleted; incorrectly entered login/password; message posted anonymously under nickname which is already taken, etc. This version of miniBB introduces "post-hold" algorithm, which is allowing to not lose your posted data, it will be available on error screen, and you will be able to re-submit it, or copy and save it. In the best traditions of miniBB, one algorithm module is widely used for all errors.

b) Improved IMG tag BB code - now you are forced to type not just URL to an image, but also ALT (alternative) text, which is a good addition for spiders. "Nofollow" attribute for [URL] links now will be automatically removed from all URLs pointing to internal forum pages, which makes our software even more Google-friendly.

c) XSS fix in registration form - not really a security issue, but good manner of checking the data improved now.

Upgrading tutorial: 


1) back-up, then overwrite/add the following core files:


* bb_codes.php - new codes for images with ALT tag (old-style images with empty alt also are kept)

* bb_cookie.php - counting amount of $user_num_posts added

* bb_func_editmsg.php - removed antispam protection on editing

* bb_func_login.php - posthold algorithm

* bb_func_posthold.php - NEW module, which keeps the posted data in a case of various errors (invalid login, antispam, forums access changed while data posted etc.)

* bb_func_pthread.php - posthold algorithm; improved antispam determination

* bb_func_ptopic.php - posthold algorithm; improved antispam determination

* bb_func_regusr.php - XSS fix

* bb_func_txt.php - fixes preventing IE hack; "nofollow" attribute now will be removed for all links pointing to forum itself

* bb_func_usrdat.php - fixed blank spaces in usernames like described: http://www.minibb.com/forums/3_3928_0.html

* bb_func_vthread.php - page numbers fix

* bb_func_vtopic.php - page numbers fix

* bb_functions.php - makeValuedDropDown() function additions

* index.php - posthold algorithm; changes regarding $l_anonTxt variable

* templates/form.js - changes regarding IMGS tag (insertAtCursor() func.)

* templates/main_posthold.html - NEW warning template, contains posthold information


2) The following templates were slightly changed in the updated version:

templates/main_post_form.html - changes regarding IMGS tag (new code for IMGS button); style "padding-left:5px;" added in the cell containing {$loginLogout}

templates/main_posts.html,
templates/main_topics.html,
templates/tools_edit_post.html - $l_accessDenied in JS section changed to $l_forbidden

templates/user_login_form.html - removed starting &nbsp; before &raquo;


3) New variables were added at the end of default language pack (lang/eng.php); also as slight changes made in some old vars. Other language packs updated with English translation.


Changes comparision: 2.0 - 2.0.1
********************************************
PHP/Zend vulnerability related hot-fixes.
http://www.hardened-php.net/hphp/zend_hash_del_key_or_index_vulnerability.html
http://www.minibb.com/forums/3_4040_0.html#msg24396

Let your provider to upgrade to the latest version of PHP, or update the following files, overwriting them, or applying the solution on forums:

- index.php
- bb_admin.php (admin file)
- bb_functions.php


Changes comparision: 2.0.1 - 2.0.2
********************************************
Mostly small updates and fixes come in this release. We have also implemented a tricky JS code, which allows to submit message forms, pressing "Enter" button, despite message/login form still handles through JavaScript.

1) Backup, then overwrite the following core files:

* bb_admin.php - mySQL's now() changed to PHP time; avoiding assynchronization of mySQL time

* bb_codes.php - some little fixes

* bb_cookie.php - changes regarding handling of lowercase usernames, if $loginsCase set to TRUE

* bb_func_deltopic.php - fixes regarding mod_rewrite redirection and "cleaning" algorithm

* bb_func_editmsg.php - fix containing disabled BB codes, if checkbox is removed, but Preview addon installed; bb_codes.php inclusion

* bb_func_forums.php - fix regarding $viewTopicsIfOnlyOneForum option

* bb_func_login.php - bb_codes.php inclusion

* bb_func_posthold.php - update for magic_quotes_gpc set to ON; bb_codes.php inclusion

* bb_func_pthread.php - avoiding assynchronization of mySQL time; fix containing disabled BB codes

* bb_func_ptopic.php - avoiding assynchronization of mySQL time

* bb_func_regusr.php - avoiding assynchronization of mySQL time

* bb_func_txt.php - bb_codes.php inclusion

* bb_func_usernfo.php - fix containing latest replies bug; fixed sorting of latest replies in user profile

* bb_func_vthread.php - meta robots tags now will be NOINDEX,NOFOLLOW for non-existing/unaccessible topics; reply link addition

* bb_func_vtopic.php - update regarding "new topic form" addon

* bb_functions.php - fixed emailCheckBox() as reported here: http://www.minibb.com/forums/3_4021_0.html; version change; "elseif(isset($GLOBALS['nTop'])..." instead of "if..."

* index.php - updated Location procedure (changed from "Location: " to "Refresh: 0; url=") in redirection procedure after posting message/topic. This should fix redirection in IE for multipart forms, and also redirection in Opera. Also included Captcha condition for post-only forums; changes regarding $l_anonTxt; bb_codes.php inclusion is now moved from index.php to other files, and included only when it's necessary. Condition 'delmsg' added to post-only forums checking.

2) Update the following templates (or overwrite them, if there were no custom changes made by you):

* templates/main_posts_cell.html - {$eachReply} var added before getQuotation() tag. Experimental link, which should force "first-time" visitors to make easy & straight replies on your board, without looking up the necessary link at the top. Should be available only when reply form is visible.

* templates/user_login_only_form.html - added: /id="login" name="login"/ to the form tag (for handling Enter)

* templates/user_login_form.html - added: JavaScript function handleEnter() for handling Enter key pressed; /onkeydown="JavaScript:handleEnter(event);"/ added to "password field"; changed: {$queryStr} to {$queryStrDisp}

* templates/tools_userips.html - caption6 changed to caption3

* templates/main_user_info.html - caption6 changed to caption3

* templates/main_footer.html - {$software} variable added. Copyright notice changes: avoiding ranging links to minibb.com, link text now will be randomly rotated from the keywords, defined in index.php. Please, update this file accordingly to GPL license conditions!

* bb_default_style.css - caption6 class REMOVED and not used anymore

3) The following files were also updated in default installation package (do not update them):

_install.php - avoiding assynchronization of mySQL time
 

Changes comparision: 2.0.2 - 2.0.2a
********************************************
Security fix! If you have register_globals set ON in php.ini, it affects you!

Affected files (backup, overwrite):

bb_func_forums.php
bb_func_txt.php
bb_functions.php

Changed: each file must have the following condition at the top:

if (!defined('INCLUDED776')) die ('Fatal error.');


Changes comparision: 2.0.2a - 2.0.3
********************************************

1. The big functional update: search users section in admin panel. Now it is possible to delete users with 0 posts from ANY type of search in "checkbox" way (many users at once). Also there is a new option, which shows all disabled users (who have activity status 0). We found too much waste to introduce new language pack variable, so this menu will state as "Member: [No]" - we hope it's quite clear. Hope new features will allow to clean up your users database quickly (if you need it at all).

2. Other big functional update: now we store information about last poster's username in topics table. That means, default version (if $textLd option is not enabled) will load up much faster on the first page (with only 2 mySQL requests!). Intermediate topics listing pages will also load faster (also, default version requires only 2 mySQL requests). This change is specially significant for large databases and communities.

3. One more big update regarding email notification changes: if users is subscribed to some topic, he will get next new replies notification ONLY after he clicks the URL in the email body and reads the thread; or if he reads the thread as logged member on forums. That way it's possible to prevent from "dead" subscribers and users, who are not visiting the forums, and save up a lot of resources. Changes regarding this feature affect upgrade of database also.

4. Good anti-spam update: posting URLs is separated for registered members and guests; only registered members who posted more than 5 messages, are allowed to use URL/IMG BB codes (incl. smilies, if installed). Guests and new members still are able to post URLs (incl. those who are pointing to images); however, they will be shortened and only textual URL will be displayed (with no highlight). Until URLs are not clickable, they lose the main sense of spam and flood. We hope this little change will make your forums maintenance easier.

5. Little addition: when topic is locked, users are not able to do the following:
- Delete topic (even if it's allowed in options)
- Edit any message in this topic (even if they are still not expired by time)
- Delete any messages in this topic
These rules do not affect admins and moderators.


For upgrading your copy of the software, you will need to:
- upgrade the database with provided SQL commands (via phpMyAdmin or other mySQL tool)
- upgrade the database running convdb.php tool ("Database upgrading script" from our Downloads section)
- back up and overwrite core script .php files
- optionally update some HTML templates from /templates/ folder

Please, read instructions below on how to proceed.


1) Upgrade the database with provided SQL commands below. All commands are included below the !UPDATE_DB.sql file (see "Update History" package in our Downloads section).

ALTER TABLE minibbtable_posts CHANGE poster_name poster_name VARCHAR(255) DEFAULT "Anonymous" NOT NULL;
ALTER TABLE minibbtable_topics CHANGE topic_poster_name topic_poster_name VARCHAR(255) DEFAULT "Anonymous" NOT NULL;
ALTER TABLE minibbtable_users CHANGE username username VARCHAR(255)  NOT NULL;

# These commands make username field larger, but it only prevents incorrect postings of username either from guests, either because improper non-English encoding set. This is also included in default miniBB installation, _install_mysql.sql file, and !UPDATE_DB.sql.

ALTER ignore TABLE minibbtable_users add key username (username);

# This command will index username field and that way it should work faster on authorization

ALTER ignore TABLE minibbtable_send_mails ADD active INT(1) UNSIGNED DEFAULT '1' NOT NULL;

# This command adds new field to email subscriptions table, which states for a status of sending message

ALTER ignore TABLE minibbtable_topics ADD topic_last_poster VARCHAR(255) default '' NOT NULL;

# This command adds new field in topics table, which stores last poster username of this topic, that way the script works absolutely faster on the first forums page and intermediate topic listings


2) Upgrade the database running convdb.php tool. Download from here: http://www.minibb.com/download.php?file=minibb_convdb , unpack, place into your forums folder, point browser to it, choose your miniBB version (most probably "2.0.x stable"), optionally check the box "to not show system output information", click "Continue". The script will go through your current database and update 'topic_last_poster' field in topics table.


3) Backup, then overwrite the following core files (changes are mentioned near each filename below for those who want to know what's changed):


* bb_admin.php: little banning function fix; admin panel update (user search)

* bb_codes.php - update regarding color decoding tag; disabling most important URL codes for non-members or newbies; new (hidden) code [nourl][/nourl] for admins and moderators, who have ability to post clickable URLs, however, it sometimes happens (as on minibb.com/forums), when you want to keep the URL, but do not want to make it clickable. Use [nourl]http://someurl_here[/nourl] tags for doing this. Also implemented improvings in IMG/IMGS tags (now they include "title" tag).

* bb_func_checkusr.php - wrong password report fix

* bb_func_delmsg.php - fix of deletion of the first message in the thread; locked topic issues

* bb_func_deltopic.php - locked topic issues

* bb_func_editprf.php - XHTML fix

* bb_func_forums.php - optimization of forums SQL: now forum info will be requested only once per topics or messages page; fixes regarding only one forum setup

* bb_func_ldisc.php - mdash; fixed latest/first message text display depending on sorting

* bb_func_login.php - fixes regarding guest names, which contains apostrophes and quotes; redirection mod_rewrite issues when logging in from intermediate page(s) or starting page

* bb_func_posthold.php - fix regarding $_FILES array

* bb_func_pthread.php - email notifications update

* bb_func_ptopic.php - email notifications update

* bb_func_regusr.php - username checking fix

* bb_func_search.php - update regarding highlighting of the found term; search title as keyword appears now; small fix regarding highlighting phrases at the end of text; now should count on '$' sign too

* bb_func_txt.php: fix of UTF-8 text conversion incompatibility; disabling most important URL codes for non-members or newbies; removing \r

* bb_func_usernfo.php - more reliable parsing of custom language variables; only logged-in members view highlighted URL; nofollow tag changes (on user posts, now it will be always included by default, but not in other places); if email is allowed to display publicly, it will be displayed only to logged-in members now

* bb_func_vforum.php - clForums update

* bb_func_vthread.php - slight anchor fix; optimization of forums SQL; new variable $posterNameJs; now it's possible to delete the first message in the thread - but only if this thread has other replies; locked topic issues

* bb_func_vtopic.php -  optimization of forums SQL; mdash; fixes regarding only one forum setup; latest/first message text display

* bb_functions.php - preventing uknown $action parameter passing; pageNav() function now keeps the order, when sorting by new topics, and doesn't use mod_rewrite URLs in that case; makeValuedDropDown() - CSS class changed to "selectTxt"; pageNav function fix; emailCheckBox() updated; fix of load_header() function (menu elements placement)

* index.php - 404 header when topic has been moved to a restricted area; if header has not been loaded; footer won't be loaded too this time; $redthread fix; on logout, now will be redirected to $startIndex; fix of $queryStr preg_replace; locked topic issues; email notifications update; fixes regarding only one forum setup; changes in $metaRobots - now user info page will have NOINDEX, FOLLOW tag for better indexing of links.

* setup_mysql.php - updates in db_genPhrase() function (when searching by topic titles); fix of searching function db_genPhrase(); db_deadUsers() - admin panel update (user search); email notifications update


4) Mandatory template changes (update or overwrite your existing HTML files):

* templates/form.js - added "myField.scrollTop=myField.scrollHeight;" code line in Mozilla/Netscape support section. This will force Mozilla to not move scrollbar's position at the top, when the text is not fitting into textarea. Little trick, but much more comfort...


* templates/main_posts_cell.html : paste_strinL('{$posterName}',2) - $posterName changed to $posterNameJs (prevents JS error when username contains apostrophes)


* templates/email_reply_notify_eng.txt - important change: link to the post, which SHOULD have [USER_ID] in it. Like:

{$main_url}/{$indexphp}action=vthread&forum={$forum}&topic={$topic}&goPost={$topic_last_post_id}&user=[USER_ID]


* templates/main_posts.html: fixed checkBrowser() and getQuotation() functions for IE7, like described here:

http://www.minibb.com/forums/5_3362_-1.html#msg20524


5) Optional changes affected the following files (you may modify them, comparing to the originals, or just overwrite your existing files, if they have not been changed by you):

* lang/eng.php - English pack syntax and grammar updates [-]

* templates/email_user_confirm_eng.txt
* templates/email_user_password_eng.txt
* templates/email_user_register_eng.txt - all emaling templates: URL to forums changes to {$main_url}/{$startIndex}

* templates/admin_searchusers.html - admin panel update (user search)

* templates/admin_searchusersres.html - admin panel update (user search)

* templates/main_header.html: fix of the main forums menu elements ($l_sepr at the end of each element, not beginning)

* templates/main_last_discussions.html - added "white-space:nowrap;" to the latest reply column

* templates/main_topics.html: $l_lastAuthor cell: added style - white-space:nowrap;

* templates/main_topics_cell.html - &nbsp; moved out from <a> tag

* templates/manual_eng.html - manual updated [-]

* templates/tools_move_topic.html - removed unnecessary "yes/no" condition

* templates/user_dataform.html - added country: Palestina; Country dropdown class changed to "selectTxt"; removed spare </span> tag (XHTML issue)

* templates/user_login_only_form.html - added tabindex="5" to the submit button field - makes browsing by tabs easier; added style="width:100%" to the generic table


6) These files related to the newest updates, were also updated, but it's not necessary for you to pay attention to it:

* convdb.php
* _install_mysql.sql


Changes comparision: 2.0.3 - 2.0.3a
********************************************
* index.php - file inclusion fix.


Changes comparision: 2.0.3a - 2.0.4
********************************************
This release includes a lot of small fixes and adjustments collected within 4 months after release of miniBB latest version. For example, automated URL highlighting for guests and members who's made less than X posting, is now an option. The new option $reply_to_email also introduces a secondary email which could be visible in Reply-To fields in all automated letters. Other changes also include small, non-critical and non-security related updates; however it is recommended to upgrade to this version. Just because to make your forums better!

1) Backup, then overwrite the following core files (changes are mentioned near each filename below for those who want to know what's changed):

* bb_admin.php - fix of the disabled user pagination; \r\n in exporting email addresses

* bb_codes.php: hyperlinks option fix (incl. $allowHyperlinks)

* bb_func_editprf.php - $reply_to_email addition

* bb_func_ldisc.php - fix of the displaying breakes when $textLd is set to 2

* bb_func_movetpc.php - page <title> now is displayed

* bb_func_posthold.php - fix of quotes if containing in topic's title

* bb_func_pthread.php - fix of the converting back the entities for forum title, topic title and username; new function convEnt(); $reply_to_email addition

* bb_func_regusr.php - $reply_to_email addition

* bb_func_search.php - boldtext and highlight fix (now will avoid broken tags); newlines fix in search results

* bb_func_sendpwd.php  - $reply_to_email addition

* bb_func_txt.php - numerical HTML entities introduced (may be used on some encodings like ISO-8859-2); update for $adminHTML option; hyperlinks option fix (incl. $allowHyperlinks)

* bb_func_usernfo.php - email change again...

* bb_func_viewip.php - small update regarding layout "no ip found" sentense

* bb_func_vthread.php - avoiding duplicated content issues page number fix; NOINDEX,NOFOLLOW tag if forum doesn't exist

* bb_func_vtopic.php - fix of the displaying breakes when $textLd is set to 2; $posterNameJs improvement; avoiding duplicated content issues page number fix

* bb_functions.php - fix of the pageNav() function; fix in the load_header() function (regarding "new topic form" addon); emailCheckBox() - removed link to manual

* index.php - little fix related to the javascript error appearing after avatar has been deleted; if "empty" subscribings (w/o message text) are allowed, user will be redirected to the message form to see if he has been subscribed at all; adjustment for karma addon; defineRobots() fix regarding stats page; other little fixes


2) MANDATORY template changes (update or overwrite your existing files):

* templates/email_reply_notify_eng.txt - {$topicTitle} becomes {$topicTitle_em}, {$forum_title} becomes {$forum_title_em}, {$user_usr} becomes {$user_usr_em}.

* setup_options.php : new MANDATORY option $allowHyperlinks : if greater than zero, it means hyperlinks will be allowed for members only who made not less than $allowHyperlinks postings. If set to zero, hyperlinks will be automated also for guests. By hyperlinks, we mean highlighted URLs in postings: when you post anything beginning from http:// , or www. or enclosed in [url][/url] BB codes, it is converted to a clickable hyperlink.


3) These files related to the newest updates were also updated, but it's not needed for you to update them, if you're thinking it's not obligate:

* setup_options.php : new not mandatory option $reply_to_email which keeps an email-address specified, used used in Reply-To, Errors-To and Return-Path fields. That way you may specify a specific, non-used in regular mailing address where you will get all errors and which will be visible in "Reply" field in all automated miniBB messages. Currently by default, all emails contain Reply-To email specified in $admin_email field, which is visible in all automated correspondence.

* lang/eng.php - adjustments in english language pack (incl. $l_emailNotify)

* templates/main_header.html - changed order of main forum elements at the top

* templates/main_post_form.html - removed "Disable BB code" box (however it still can be pasted for anybody who will be in need of it); instead of fake URLs like http://www.url-to-your-image-here.com/image.jpg or http://www.your-url-here.com (in BB codes/JS pop-up windows), by default the URLs will now point to the {$main_url} specified in options (forums URL)

* templates/manual_eng.html - fix of the register link; updates concerning new options

* templates/user_dataform.html - removed links to manual on "Display email publicly?" and "Sort topics by"


Changes comparision: 2.0.4 - 2.0.4a
********************************************

* bb_codes.php: initial fix of the cross-site image hacking.


Changes comparision: 2.0.4a - 2.0.5 [released: May 24, 2007]
********************************************
The most important part of this release is XSRF/CSRF protection, based on introduction of additional random "token" cookie, which is set when a member is signed in. New non-mandatory option $addMainTitle allows to display generic forums name following certain forum's or topic's title in <title> tag (by default it won't be displayed anymore).

This upgrade is highly recommended to everybody, since after initial testing, CSRF protection based on the new cookie, will be also introduced in some paid addons later next week. Be sure your software version is safe!


1) Backup, then overwrite the following core files (changes are mentioned near each filename below for those who want to know what's changed):

* index.php - parsing of the new variable $csrfchk; update regarding email notification's redirection
* bb_func_delmsg.php - comparision check of $csrfchk and csrfchk's cookie value
* bb_func_deltopic.php - comparision check of $csrfchk and csrfchk's cookie value
* bb_func_login.php -  setCSRFCheckCookie() call after setMyCookie for the admin and the user
* bb_func_vthread.php - update of the title tag (intr. new option $addMainTitle)
* bb_func_vtopic.php - update of the title tag (intr. new option $addMainTitle)
* bb_functions.php - new function setCSRFCheckCookie()


2) MANDATORY template changes (update or overwrite your existing files):

* templates/main_posts.html: new JS function getCSRFCookie(); changed function confirmDelete(); new hidden field "csrfchk" in 'allMsgs' form


3) Not needed to update:

* templates/manual_eng.html: added new option


Changes comparision: 2.0.5 - 2.0.5a [released: June 19, 2007]
********************************************

* index.php: little fix of the getPage() function.
* bb_func_login.php - fix of undefined variables.
* bb_functions.php - fix of the getIP() function.


Changes comparision: 2.0.5a - 2.0.5b [released: June 26, 2007]
********************************************

* bb_functions.php - getIP() function update
* bb_func_delmsg.php - $post variable fix


Changes comparision: 2.0.5a - 2.1 [released: October 2, 2007]
********************************************
The new release of miniBB provides a stable functional core inherited from the previous release, plus some new options and improvements. One of the most important is that now admin and forum moderators are able to update user's profiles, clicking on the link from the public profile page. That way it will be possible to act for the staff person like he would be the user himself; and that way, it will be possible to update custom values of user's profile, like Avatars, Signature, Pictures and possibly others. Corresponding add-ons will be upgraded as well. By this we eliminate support of the "Editing profiles" add-on. Important programming value is that now $isMod variable is defined at the top level. $useSessions setting and support is eliminated in this version: as our experience showed, if the site is using sessions and it it's necessary to set up the sessions-based login routine, it is better to implement modifying bb_cookie.php, and so following miniBB's Synchronization guide. Other changes listed below include small-to-average non-critical bugfixes.

This upgrade is highly recommended, because many profile-based add-ons in the future will be compatible only with the currently implemented core.

Upgrading process:


1) Upgrade the database with provided SQL commands below. It was suddenly discovered, that from the previous versions miniBB keeps regular keys for primary values, which is not necessary since they already contain index keys by default. BACKUP YOUR DATABASE before executing these statements! Removing the keys may cause in database processing, however this operation is highly recommended.

alter table minibbtable_posts drop index post_id;
alter table minibbtable_topics drop index topic_id;


2) Backup, then overwrite the following core files (changes are mentioned near each filename below for those who want to know what's changed):

* bb_admin.php - fix of user deletion from send_mails table; fix of get_forums_fast_preview() function; $useSessions eliminated

* bb_func_checkusr.php - username fix http://www.minibb.com/forums/3_4792_0.html

* bb_func_deltopic.php - very small fix of $countRes variable; require_once changed to require

* bb_func_editmsg.php - $useSessions eliminated

* bb_func_editprf.php - new addition of editing any profile by admin or moderator; definition and inclusion of bb_plugins_user.php

* bb_func_login.php  - $useSessions eliminated

* bb_func_regusr.php - definition and inclusion of bb_plugins_user.php

* bb_func_search.php - fix of the redirecting to the proper page (if the text has been found in the latest message listed on some page in multi-paged thread); fix of $middleTxt ($end-$start instead of $end).

* bb_func_stats.php - num_posts field fix http://www.minibb.com/forums/3_4744_0.html

* bb_func_usernfo.php - the editing profile link appearing for admin or moderator; direct email add-on changes

* bb_func_vthread.php - added: <br />, '&amp;', '&quot;' to $description meta tag variable; changed the number of characters in meta description tag from 1000 to 400; removed links from $we

* bb_functions.php - fix of the pageNav function ($cellNav is back); $emailCharset option handling in sendMail()

* bb_plugins_user.php - NEW file, which could handle additional parsing for user custom profile values

* index.php - generic moderators definition (it's possible now refer to $isMod in custom add-ons); $useSessions eliminated; emailCharset, adminUser unset; if($forb>0) condition improvement (now will display generic footer in the case of forbidden access); $poForums condition changed

* setup_mysql.php - $result variable fix in db_simpleSelect


3) MANDATORY template changes (update or overwrite your existing files):

* templates/user_dataform.html - before the closing </form> tag there should be pasted: {$adminEditField}


4) These files related to the newest updates were also updated, but it's not needed for you to update them, if you're thinking it's not obligate:

* templates/main_posts_cell.html - newlines surrounding <a> tag removed

* setup_options.php - $useSessions option eliminated. Non-mandatory option available: $emailCharset. It it is set to the certain value (like for example 'UTF-8'), and your forums email templates are stored in specific charset (like UTF-8), it is recommended to set up this option, so emails are sent in the proper encoding and not garbled on the client side.

* templates/admin_panel.html - added informative field regarding current miniBB version installed


5) Not needed to update:

* lang/eng.php - minor changes

* _install_mysql.sql - regular keys for posts ID and topics ID fields are eliminated

* !UPDATE_DB.sql - dropped duplicate indexes

* templates/manual_eng.html - updated and fixed regarding new options


Changes comparision: 2.1 - 2.1a [released: October 30, 2007]
********************************************
Update the file:

* bb_func_search.php - security fix (works only with register_globals = ON and if you have not renamed default miniBB tables upon installation)



Changes comparision: 2.1a - 2.1b [released: November 6, 2007]
********************************************
Update the file:

* bb_func_vtopic.php - page navigation fix if user sorting is set by "New topics"


Changes comparision: 2.1b - 2.1c [released: November 29, 2007]
********************************************
Update the files:

* bb_admin.php - 'cook' unset var - security fix
* index.php - 'cook' unset var - security fix


Changes comparision: 2.1c - 2.2 [released: February 19, 2008]
********************************************
Growing up to the newest release 2.2, miniBB starts its 6th Anniversary with the surprisingly new forums layout. This time it's not only different from the competitors, but also provides more flexibility, usability, still keeping "simple over simple" concept. It continues to develop "the forum software for ages" idea and we hope you will find it exciting.

We have taken into attention all the most important user-friendly opinions which were received during past years of work. During the last 3 months we were working on the new layout schema harder than ever; as a result you you see what you see: step of the perfection inside the simplicity.

Core script changes are very minor this time; the most important fix affects the "integer bug" disclosure, which still can't be called critical and which was already fixed in all our add-ons some time ago. There are also small fixes regarding add-ons compatibility, few non-critical bugs fixed and added couple of new BB codes: for quoting the messages (finally we have decided it is useful for most users) and highlighting the block of the message; for example it could be a programming code or other kind of content which needs to be separated from the main posting text. There is a bit of improvement for PHP6 and the valid XHTML - now we are sure all miniBB generated pages come even without Tidy warnings; if you have HTML Validator add-on for Mozilla Firefox installed in the Serial mode, you should always see there is a "green" icon indicating a proper XHTML for each section of miniBB forum. Important change of the core templates, files and in the future add-ons will include replacing !pix.gif justification image to p.gif: as our experience shown many client programs do not like exclamation sign in the filename, that's why we have decided to avoid it despite it brings a lot of work.

Upgrading process:

1) Backup, then overwrite the following core files (changes are mentioned near each filename below for those who want to know what's changed):

* bb_admin.php - admin panel tag is now defined at the top of inclusions; png type icon added to forum icons; replacing !pix.gif; little fixes regarding new layout; get_magic_quotes_gpc() provided instead of ini_get

* bb_codes.php - new variable $simpleCodes ("empty post" issue update). New codes introduced, Quote (built-in by default now basing on the highly popular solution) and HL (=highlight) which allows to highlight certain blocks of text for various purposes; for example, code highlighting. [u] tag won't be available anymore by default, only for admins staff. Rarely used and may look confusing faking the URL. The same change applies to templates/main_post_form.html

* bb_cookie.php - $minimalistBBsession condition removed; get_magic_quotes_gpc() provided instead of ini_get

* bb_func_checkusr.php - condition added to not allow usernames with digits only

* bb_func_editmsg.php - "empty post" issue update

* bb_func_ldisc.php - changes regarding new layout and valid W3C tidy issues

* bb_func_man.php - updated CSS accordingly to the new layout

* bb_func_posthold.php - valid XHTML issue + postingText class added

* bb_func_pthread.php - "empty post" issue update; convEnt function moved to bb_func_txt; user_id fix ($dbUserId) when selecting from $Tu

* bb_func_ptopic.php - "empty post" issue update; TOPIC_TIME is defined now only if not defined previously

* bb_func_regusr.php - $pluginsFile insertion also done on errors

* bb_func_search.php - adjustments regarding new layout; search bug when searching by poster name AND other param; integer recognition bag (fixed on PF!)

* bb_func_stats.php - integer recognition bag

* bb_func_sticky.php - little non-critical fix supporting the 'super-sticky' add-on

* bb_func_txt.php - "empty post" issue update; function convEnt moved here from pthread

* bb_func_usernfo.php - integer recognition bag; activity field fix

* bb_func_vforum.php - changes regarding new layout

* bb_func_vthread.php - adjustments regarding new layout and valid W3C tidy issues

* bb_func_vtopic.php  - adjustments regarding new layout and valid W3C tidy issues

* bb_functions.php - adjustments concerning cloning mode (featured); pageNav function rewritten; pgRng function added; added new function get_magic_quotes_gpc - compatibility fix for PHP6.

* index.php - integer recognition bag; adjustments concerning cloning mode (featured)

* templates/form.js - Opera support for BB tags: improved insertAtCursor() function (added if (typeof(myField.selectionStart) == 'number') condition + it's swapped with the condition for IE); also fixed cursor position for Mozilla/Opera (now won't scroll down the textarea if the text is highlighted at the beginning). Quoting solution added by default.

2) bb_default_style.css was completely rewritten for the new release, adjusting the layout for the first page and introducing some new classes which allow more CSS control over the templates. These changes however ARE NOT MANDATORY for older users. You don't need to adjust your CSS if you think it fits your taste perfectly; so these changes are for the newest release only. New classes were added in default CSS:

.popUp
.sepr
.txtSm A
td.icon
.noWrap
td.tbClCp
td.txtC
td.txtL
td.txtR
table.forumCol
span.latest
span.replies
span.author
.headingTitle
tr.tbCel1 td.replies
tr.tbCel1 td.author
tr.tbCel1 td.latest
tr.tbCel2 td.replies
tr.tbCel2 td.author
tr.tbCel2 td.latest
td.author
td.latest
.groupTitle
.groupTitle A
td.forumTitle
.fdesc
.fdescNum
.postedText
.pauthor
.quote
.quoting
.hl
td.pform
.postingForm
table.statsTable
.statsCaption
.tbStRow
.warningLnk
.tbHead
.capMenu


Explanations are put in CSS file and organized more "logical" way comparing to the previous version, so choosing your own colors and fonts you are applying them "from beginning to the end" as you follow it on forums themselves.

3) Update your language pack adding new variable at the end of it: $l_page. It will indicate page navigation's title. Overall under /lang/eng.php we have made various changes of the default English language and corrective updates which are probably not mandatory to update for each user.

4) setup_options.php now contains the mandatory setting:  $startPageModern=TRUE; (FALSE will provide a "traditional" layout of the first forums page). 'Guest' is put in the disallowed names index, $l_sepr has a default value of '<span class="sepr">|</span>' and $useSessions setting was removed. By default there were also changed the following options:

$viewlastdiscussions=20;
$viewmaxreplys=15;
$viewmaxsearch=20;

5) Not a mandatory update for your side which affects new miniBB version only - the following template files under templates/ folder were updated to meet new CSS styling compatibility:

admin_addforum1.html
admin_editforum2.html
admin_panel.html
admin_viewsubs.html

main_forumgroup.html (old-style traditional layout)
main_forums.html (old-style traditional layout)
main_forums_cell.html (old-style traditional layout)

main_forums_list.html

main_header.html
main_last_discuss_cell.html (old-style traditional layout)
main_last_discussions.html (old-style traditional layout)

main_modern_fcell.html - new template for the forums first page
main_modern_layout.html - new template for the forums first page
main_modern_lcell.html - new template for the forums first page
main_modern_stitle.html - new template for the forums first page

main_post_area.html
main_post_closed.html
main_post_form.html
main_posts.html
main_posts_cell.html
main_topics.html
main_topics_cell.html
main_user_info.html
main_user_info_cell.html
main_warning.html
manual_eng.html
search.html
stats.html
stats_bar.html
tools_edit_post.html
tools_edit_topic_title.html
tools_send_password.html
tools_userips.html
user_dataform.html
user_login_form.html

6) /img/topic*.gif - all default topic icons for miniBB forums were updated. It's not mandatory to update on your side.

7) /img/p.gif - there is a new justification gif which in the future will replace !pix.gif. Currently the core files were already updated to refer to the new "shortened" filename. Despite both files are presented in the new release, older files is kept for temporary compatibility. We recommend to update each of your forums file regarding this change.


Changes comparision: 2.2 - 2.2a [released: April 22, 2008]
********************************************
First follower in 3 months, this release includes minor improvements of some core files, experimental search form improvement, as well as security fix in index.php which should worry all users who have register_globals = On in php.ini. 

Upgrading process:

1) Backup, then overwrite the following core files (changes are mentioned near each filename below for those who want to know what's changed):

bb_admin.php - little fix: bb_plugins2 now included after header is loaded

bb_func_deltopic.php - little fix regarding user rights when deleting a message

bb_func_delmsg.php - little fix regarding deleting the messages when $enableGroupMsgDelete is set to TRUE; fix regarding user rights when deleting a message

bb_func_inslng.php - improvement: declaring $glang array

bb_func_man.php - it's possible now to avoid inclusion of styling in manual

bb_func_search.php - slight adjustment when searching by username (will search by user ID if such registered member exists); experimental search function improvement

bb_functions.php - makeValuedDropDown now also will provide element ID

index.php - copyright link changed. No random keywords anymore. Vulnerability fix - 'xtr' must be added to $unset -  provided by 'girex' (vulnerability works only if register_globals=On)

setup_mysql.php - experimental search function improvement

templates/search.html - experimental search function improvement


Changes comparision: 2.2a - 2.2b [released: October 2, 2008]
********************************************

Minor security update in authorization file (function getMyCookie() was updated).
Replace or update bb_cookie.php.
Update is not required for custom authorization modules.


Changes comparision: 2.2b - 2.3 [released: February 16, 2009]
********************************************

In this release we don't introduce anything critical or branding fresh. Main features are "Today/Yesterday" on displayed dates (optional); improved hyperlink-based BB codes for external and internal websites, there are few average security fixes and minor improvements, and Recent Topics icons on the first page are back.

No database upgrade is needed.

Upgrading process:

1) Backup, then overwrite the following core files (changes are mentioned near each filename below for those who want to know what's changed):

bb_admin.php (admin's panel script) - 'fix' of the 'pseudo' XSS as reported here: http://www.minibb.com/forums/3_5116_0.html

bb_codes.php: improved codes for quote and hl (breaks); $url_follow introduction (read below); improvements regarding internal links to forum (will be available for everybody and without "nofollow" attribute by default); as well as internal/external image URLs.

bb_func_checkusr.php - fixed user_website field (should not be mandatory); full path disclosure fix ( http://www.minibb.com/forums/3_5228_0.html ) ; username length's check basing on the new non-mandatory options $uname_minlength and/or $uname_maxlength

bb_func_deltopic.php - fixed full admin URLs

bb_func_editmsg.php - now after editing the message, the script will redirect straight to the message, if under setup_options.php you have not specified $editMsgAlert=TRUE; (if such variable specified, after editing the message you will be given an alert with the proper warning)

bb_func_pthread.php - emptySubscribe option fix ( http://www.minibb.com/forums/3_5273_0.html )

bb_func_search.php - search form's values improvement

bb_func_txt.php - urlMaker(), textFilter() functions fixes (should remove ending punctuation sign in URL) and improvement regarding internal URLs; $url_follow introduction; 

bb_func_usernfo.php - fixed order of topic/forum variables in dynamic URLs

bb_func_vthread.php - changed title's pagination algorithm - now "Page" will not be displayed on the first page, having a proper wording to avoid confusions; trimming $description; improvement: if $userUnlock option is set to 1, "Lock/Unlock" links won't appear for the member in read-only forums

bb_func_vtopic.php - changed title's pagination principle

bb_functions.php - convert_date() function has been updated to have "today/yesterday" wording available for today's and yesterday's dates. This option is not mandatory and should be properly specified under setup_options.php (read below for more). pageNav() function has been updated to have different pagination ranges for topics browsing and cell contents.

index.php - $url_follow introduction. Introduced referrers exploit fix (as reported here: http://www.minibb.com/forums/3_5259_0.html ) - this code block is marked as "Allowing to post only from the internal or allowed domain". Internal domain is determined automatically, and stored under $tUrl. This variable is used in updated BB codes as well.

2) Some new options were introduced in setup_options.php. It's up to you either to enable them or not.

- optionally now it's possible to specify a new setting var: $url_follow. If it's set to TRUE, ALL posted URLs will NOT contain rel="nofollow" attribute, like it happens by default with URLs which are not dedicated to the primary domain of forums. Please don't forget, that admins and moderators always have a right to set any kind of 3rd party URL without this attribute, using [urlc=...][/url] code instead of regular [url=...][/url]. This attribute manipulation on such pages as Statistics or User's Profile, is controlled by 'NOFOLLOW' variable which needs to be defined separately.

- optionally now it's possible to specify variables: $dateOnlyFormat and $timeOnlyFormat. By default they are included in miniBB. If they are specified, forum dates will display "Today" and "Yesterday" instead of the current date. Under $dateOnlyFormat you should specify PHP date containing year, month and day only (default: 'j F Y'); under $timeOnlyFormat there should be hours, minutes, and seconds (default: 'H:i'). $dateFormat setting should consist of the concatenation of those variables (default: $dateOnlyFormat.' '.$timeOnlyFormat). When parsing the date, $dateOnlyFormat string could be replaced either by 'Today' or 'Yesterday'. The algorithm is based on "R.U.R."'s suggestion as posted here: http://www.minibb.com/forums/12_3749_1.html - but with our own improvement.

- yet another optional setting: $editMsgReloc=TRUE; - if set to TRUE, after editing the message you will not see an intermediate warning screen, redirecting straight to the message. This setting may be enabled only if you are sure editing message doesn't affect other installed add-ons. For exampe, if you have File Upload add-on installed, this setting should be disabled, else when modifying message, the script will "miss" re-uploaded files and modified file descriptions. The same could affect many other regular and custom add-ons which include the code for bb_plugins2.php. Disabled by default.

- non mandatory: option $allowedRefs allows to specify list of allowed referrers from external sites which may post to your forum. Format: variable array. DO NOT SPECIFY that variable if you don't really understand what it means. It's only for professional sites which are plugged in with 3rd party software.

- non mandatory: option $allowedDirectPostActions allows to specify list of allowed actions set under $action variable which may be passed from external sites or add-ons. Format: variable array. DO NOT SPECIFY that variable if you don't really understand what it means. It's only for professional sites which are plugged in with 3rd party software.

- Username as an option: ( http://www.minibb.com/forums/4_5274_0.html ) - if you specify non-mandatory options $uname_minlength and/or $uname_maxlength, the script will take them into attention when registering a new user. Default values are 3 and 40. If you specify one of such options, or both, update the language pack modifying $l_userErrors[1] variable as well (it declares the proper username's length).

3) Some non-mandatory changes were applied to the default miniBB release only. You don't need to upgrade your version if you feel everything is fine:

/img/menubg.jpg - new background file for using in default miniBB menu

bb_func_default.css - removed div.capMenu and references; there is new class under css called "td.rdficon". It specifies the background and alignment for the forum icon placed on the left side of Recent Topics in the 'Modern' forum theme. Updated inputButton and textForm classes (rounded shapes for Mozilla/Opera - still W3C-incompatible!).

templates/email_*.txt files - were modified to have minor text updates

templates/main_header.html - adjustments regarding default miniBB header

templates/main_modern_lcell.html - updated regarding Recent Topics icons column

templates/main_modern_layout.html - updated regarding Recent Topics icons column

templates/manual_eng.html: update regarding new optional settings

lang/eng.php (Language pack): introduced new variables $l_today, $l_yesterday. Language pack improvements:

$l_postEdited - removed variable
$l_mysql_error - change .net to .com

$l_editPost='Edit Message';
$l_topicTitleUpdated='Subject has been updated.';
$l_topicTextUpdated='Message has been updated.';

$l_chooseForum='Switch Forum';

$l_sub_post_msg='Post Message';
$l_sub_post_tpc='Post New Topic';

$l_topicTitle='Subject';
$l_sub_answer='Your Reply';


Changes comparision: 2.3 - 2.4 "Bimbo" [released: August 18, 2009]
********************************************

The biggest feature of this release is that miniBB is finally tuned up to have keywords-rich URLs, in combination with Apache's mod_rewrite module. As by default, the new functions regulate how URLs will appear in older, numeric-only mode (and how it is described in miniBB Manual). For minimalist fans, our recommendation is still to keep URLs containing numbers-only (i.e. topic/forum IDs and page numbers). This is specially useful for international non-English forums, where topic titles consist of non-latin alphabet characters. At least, they are short, constant and mini by the nature. Despite of it, now it is possible to turn on a more advanced SEO-module, which may appear different for each individual case, and which will transform topic and forum URLs accordingly to the forum and topic titles on the fly. You may install one of our free modules available to download, or order a special one exactly for your website. Keyword-rich URLs may have a different format, encoding and may look not like in your neighbour - everything is only up to your imagination. All miniBB add-ons are featured to support such URLs as well.

The aforementioned doesn't mean miniBB does not work without mod_rewrite anymore. As earlier, this version may be left to work (by default) even on non-Apache servers, with the standard PHP GET requests.

The second big change is swap of pagination - if earlier the first page of a topic or forum in miniBB started from "0", now it starts from the more logical "1". Still it's possible to keep the older compatibility (read below), so your older *indexed* URLs do not change. Still, in the new version, in navigation URLs, the first page's number will be ignored.

The third change applied to usernames in threads. Now you will go to user's Profile clicking on the Username. If you would like to quote a username (in bold between [b][/b] tags) like it happened earlier, just click on "Quote" link without selecting the text.

Except the aforementioned features, the new version contains some non-critical bugfixes, other SEO-improvements and little changes in functionality. 

There is no database upgrade.

Upgrading process:

1) Backup, then overwrite the following core files (changes are mentioned near each filename below for those who want to know what's changed):

bb_admin.php - pagination schema change

bb_func_delmsg.php - SEO-improved URLs

bb_func_deltopic.php - SEO-improved URLs

bb_func_editmsg.php - SEO-improved URLs

bb_func_ldisc.php - a bug fix for the Premoderation add-on as described in http://www.minibb.com/forums/3_5344_0.html#msg31558 ; SEO-improved URLs and pagination schema change

bb_func_locktop.php - SEO-improved URLs

bb_func_login.php - $l_errorUserData added to handle the title of invalid login page; redirect to $startIndex instead of $indexphp; SEO-improved URLs

bb_func_movetpc.php -  SEO-improved URLs

bb_func_ptopic.php - SEO-improved URLs

bb_func_search.php - SEO-improved URLs and pagination schema change; search by postername fix (stripslashes + navigation)

bb_func_stats.php - SEO-improved URLs

bb_func_txt.php - URL maker - ) in ending URLs fixed; fix of wrapText function for long line ending with HTML code

bb_func_usernfo.php - SEO-improved URLs

bb_func_vforum.php - SEO-improved URLs

bb_func_vthread.php: '$c1=FALSE; $c4=FALSE;' string code added to prevent warning notice if $userUnlock setting is 1; changed implementation of profile links and URLs; BBJSBUTTONS code update (read below for more); SEO-improved URLs mode; view IP URL fix; strolower from URL comparision removed

bb_func_vtopic.php - a bug fix for the Premoderation add-on; BBJSBUTTONS code update; SEO-improved URLs; strolower from URL comparision removed; showSep fix

bb_functions.php - convert_date function optimization - months should be exploded only once; 7 new functions regarding new SEO-improved URLs mode; pageNav function improvement - now will contain a little icon near 'pagination' row (page.gif - read below); version change

index.php - SEO-improved URLs; copyright link improved; banned IPs range improvement

setup_mysql.php - makeLim function updated regarding new SEO-improved URLs mode; db_inactiveUsers updated; db_ipCheck updated

templates/form.js - changed quote mechanism (paste_strinL) - now if Quote without selected text pressed, it will paste the poster's username in the message area.

templates/main_post_form.html - now will contain dynamic BB buttons section between <!--BBJSBUTTONS-->...<!--/BBJSBUTTONS--> Such tags should surroung BB buttons which have "a href" tag - the script will try to convert the whole area into JavaScript code, so those "links" are not indexed. This may be used only for internal template mark up for preventing <a href...> tags from indexing. Important is that any other JavaScript code should not be present in the raw template inside of these tags.

templates/main_posts_cell.html - changed implementation of profile links and URLs (pay attention to $pLink1 and $pLink2 and how they surround the username. In this version, we put a link to member's profile right under username, not like previously when there was a link placed on forum poster's status). Also, in the same template, there will be a little moment of interactivity: s.gif icon placed near each username and that way meaning such user is "Saying" so. 

img/s.gif and img/page.gif - some new mini icons adding some more interactivity to the board's look.

2) Some non-mandatory changes were applied to the default miniBB release only. You don't need to upgrade your version if you feel everything is fine:

bb_codes.php - in the function deCodeBB(), the block which says "Old [IMG] tag code - without fixed width" has been moved on top of other blocks, because it could cause compatibility with some codes on editing. In the same function, $GLOBALS['relFollowUrl'] was enclosed in 'addslashes' function to meet better compatibility with quotes.

_install_mysql.sql - update to have Windows line endings

templates/main_last_discussions.html - added rel="nofollow" tag to the "Sort by..." link

templates/main_modern_layout.html - added rel="nofollow" tag to the "Sort by..." link

templates/main_topics.html - swapped <form id=... HTML (elements should follow in order 'id', 'action', 'method', 'class' for better compatibility); forum icon is now moved closely to the heading title (we thought it may look more attractive that way); added rel="nofollow" tag to the sorting link

templates/main_posts.html - removed {$massMoveLink}, {$mergeTopic} {earlier left by mistake}

templates/main_post_area.html  - swapped <form id=... HTML; 'onClick' to lowercase

template/stats.html - Windows line endings

templates/user_dataform.html - Windows line endings

templates/user_login_form.html - rel="nofollow" tag added to the "Password" link

language pack (lang/eng.php) -  the value of $l_about changed to 'Forums Profile for' and now means the alternative tag under poster's username in thread and profile's page title.
The value of $l_poweredBy changed to 'Powered by'.

setup_options.php -> PAGE1_OFFSET - introduced ONLY for compatibility issues. Not a mandatory setting, still older users must define it correctly. Default value is 0 (no offset), old-compatibility mode is -1. Do not set other values under this setting - it could mesh up the forum pagination.

templates/main_footer.html - updated to have a new copyright link. Now it will consist of the 75-bytes miniBB micro-logo (img/minibb.gif) and the alternative text saying "[Your Forums] Powered by [Forum Software] miniBB (R)". This text is static, individually depending on the forums title, and is not changing randomly like it happened in the previous versions. We have tried to make our Copyright information more visibly hidden still SEO-friendly supporting our product. The Copyright picture should appear on the right-hand side. If you are miniBB friend and use our software for free, please do not remove this Attribution link.

.htaccess: updated only on miniBB forums to have improved keyword-rich URLs

September 24, 2009 update: all email templates (/templates/email_***.txt) were updated to have as short email subject as possible, because of some spam filters algorithms. The proper notice has been put in Manual.


Changes comparision: 2.4 - 2.4a [released: October 12, 2009]
********************************************

A post-fix of BBJSBUTTONS code parsing under new topic, reply forms, and editing form. There is a new function 'convertBBJS' introduced under bb_functions.php which is used now in bb_func_vthread.php, bb_func_vtopic.php and bb_func_editmsg.php. 

For update, back-up, then overwrite the following core files:

bb_func_editmsg.php
bb_func_vthread.php
bb_func_vtopic.php
bb_functions.php


Changes comparision: 2.4a - 2.4.1 [released: December 25, 2009]
********************************************

In this "Christmas" version, we provide the final miniBB 2009 version, which contain only minor core improvements and user interface extensions. This version of miniBB just shares more comfort to its users and customers. In this version it's now possible to customize the width and height of forum icons without major modifications of templates; there is improved Quotation mechanism for forum fans which love to reply and quote other messages often; there are also layout improvements and auto-login provided after registration.

There is no database upgrade.

Upgrading process:

1) Backup, then overwrite the following core files (changes are mentioned near each filename below for those who want to know what's changed):

* bb_admin.php (admin panel file) - added handling of customizable forum icons width and height

* bb_func_editprf.php - in the case of $closeRegister enabled, email address should be not verified for admin (may be useful for admin's testing purposes)

* bb_func_regusr.php - Auto-Sign in after Registration process added, like suggested here: http://www.minibb.com/forums/4_5432_1.html

* bb_func_vthread.php - $anchor2 update; added NO_RELOC definition to handle "Preview" function of Premoderation add-on correctly; added $backToPostLink

* bb_functions.php - load_header() fix; pagination addition to pageNav() (page X of Y); version change

* index.php (root core file) - customizable forum icons dimensions addition



2) Backup, then modify the following customized files to meet new compatibility with this version:

* lang/eng.php (Language pack): introduced new variables, which were added to the end of the pack: $l_backToPostLink, $l_goUp, $l_pageOf

* templates/form.js - added 'var globalPost=0;'; updated paste_strinL function to handle Quoted post's ID; in the code `if(bbCode1.substring(0,4)=='[img' || bbCode1.substring(0,4)=='[url' ){` - added '||' condition (for allowing to customize URL button)

* templates/main_posts.html - function's getQuotation() update; function getToPost() - new; added "Top" link; added {$fIconWidth}, {$fIconHeight}

* templates/main_posts_cell.html:

   - before {$allowed} var, there will be the updated code like `<script type="text/javascript">getQuotation('{$posterNameJs}', 2, {$cols[6]});</script><script type="text/javascript">getQuotation('{$posterNameJs}', 1, {$cols[6]});</script>`.

   - {$anchor2} href has been extended to: `<a id="msg{$cols[6]}" name="msg{$cols[6]}" href="#msg{$cols[6]}" class="txtSm">#{$anchor2}</a>`. 

   - {$eachReply} var has been eliminated from this template by default, but still it's present in the core script and is possible to paste. The difference with the new algorithm will be that now, when clicking "Reply" link near each thread, the script will quote the poster's username and paste it in reply box (like in earlier miniBB it happened when clicking the Username - now it leads to Profile page). At the time the usual "{$eachReply}" link just forwards to the Reply box. Also now, when clicking Quote link without selecting the text, it will give the proper alert, like it happened in earlier versions.

* templates/main_post_form.html - {$l_messageABC} has been put after closing </a> (do not put in the href tag, it may change the color when you mouse over it); paste `&nbsp;{$backToPostLink}` after `{$l_messageABC}` (it will indicate "up" icon indicating moving back to the quoted text)



3) Some non-mandatory changes were applied to the default miniBB release only. You don't need to upgrade your version if you feel everything is fine:

* bb_default_style.css - default CSS has been modified to have the following changes:

   - removed 'background-color' on A:hover tag (the new default version will use 'background:url' put under main_header.html - read below), also changed A:hover color (the same now as other A colors). This has been done to prevents bugs over background on uploaded and references images in IE, Opera and possibly other browsers.

   - txtSm A:hover, .tbStBar A:hover - removed

   - removed all CSS references found by `hover img`

   - added 'captionTop' class - used to style "Topic", "Forum", "Replies", "Views" a.o. headings (column titles) in forum and topic listings. 

* setup_options.php - $fIconWidth, $fIconHeight are the settings which may define the custom forum icons width and height (this also relates to all default 16x16 px topic icons). Currently, such icon dimensions are set up by default to 16 pixels both. This setting is for those who would like to *sensitively* customize their forums. You may not specify it if you would like to keep default dimensions.

* templates/main_header.html
   - added 'A:hover' styling to provide dotted line on hovering the links. It must be preferrably added in the header template, because then the browser loads the proper image faster; additionally, this image should have a direct URL reference, which is impossible to paste in .css file, because it's parsed like a template.
   - added "<a name="top"></a>" HTML code to define the top anchor of the page.

* templates/main_forums.html -  column titles changed to old-school look

* templates/main_forums_cell.html - added {$fIconWidth}, {$fIconHeight}

* templates/main_last_discuss_cell.html -  column titles changed to old-school look (captionTop class); added {$fIconWidth}, {$fIconHeight}

* templates/main_last_discussions.html -  column titles changed to old-school look

* templates/main_modern_fcell.html - added {$fIconWidth}, {$fIconHeight}

* templates/main_modern_layout.html -  column titles changed to old-school look

* templates/main_modern_lcell.html -  column titles changed to old-school look; added {$fIconWidth}, {$fIconHeight}

* templates/main_topics_cell.html -  column titles changed to old-school look; added {$fIconWidth}, {$fIconHeight}

* templates/main_topics.html -  column titles changed to old-school look

* templates/manual_eng.html -  added description for {$fIconWidth}, {$fIconHeight}


4) New graphic icons are put under /img/ folder and they are:

* dottedhl.gif - dotted line graphics to handle A:hover links

* up.gif - icon to display moving step to the Quoted text


Changes comparision: 2.4.1 - 2.5 [released: October 4, 2010]
********************************************
The most major modification of this release is introducing an Archiving feature, which allows to create multiple Archived forums on the same core, that way keeping your forums live and archived at once. Other features include allowing moderators to ban users; more specific error reporting when user tries to post a topic without Subject or an empty Message; formatting for large numbers; small bugfixes and security fixes; compatibility issues with the latest PHP version 5.3.

There is no database upgrade.

Upgrading process:

1) MANDATORY core changes - backup, then overwrite the following core files (changes are mentioned near each filename below for those who want to know what's changed):

* bb_admin.php (admin panel script) - remove banning code (banUsr1, banUsr2, deleteban1, deleteban2); fIconWidth global var fix as described in http://www.minibb.com/forums/3_5531_1.html

* bb_codes.php - [url=xxx][/url] code addition (empty URL tag without title)

* bb_cookie.php - reset cookie bugfix as described in http://www.minibb.com/forums/3_5506_1.html

* bb_func_banip.php - NEW module

* bb_func_checkusr.php - eregi deprecation fix - http://www.minibb.com/forums/3_5534_1.html

* bb_func_delmsg.php - Archiving feature; addGenUrlPage fix; multiple posts deletion issue

* bb_func_deltopic.php - Archiving feature

* bb_func_editmsg.php - "Return to the topics list" link fix as described in http://www.minibb.com/forums/3_5475_1.html

* bb_func_editprf.php - user ID re-defining on successful profile editing by admin or moderator (security fix); changed deprecated ereg_replace to preg_replace

* bb_func_ldisc.php - formatting function

* bb_func_locktop.php - security fix - guests can not close topics created by guests

* bb_func_movetpc.php - upgrade regarding proper URLs when redirecting to a moved topic (mod_rewrite case)

* bb_func_pthread.php - added `if(sizeof($allUsers)>0){` condition which should be enabled only for topics with available subscriptions; code for archiving Stats

* bb_func_ptopic.php - archiving feature

* bb_func_regusr.php - changed deprecated ereg_replace to preg_replace

* bb_func_search.php - formatting function; cutText function improvement - should cut only full words now, specially critical for UTF-8 Databases; addGenUrlPage fix

* bb_func_sendpwd.php - changed deprecated ereg_replace to preg_replace

* bb_func_stats.php - Archiving feature; formatting function; admin is counted as a regular member now

* bb_func_txt.php - additions for "smart link" add-on

* bb_func_usernfo.php - Archiving feature; formatting function

* bb_func_vforum.php - formatting function

* bb_func_viewip.php - new module

* bb_func_vthread.php - Archiving feature; `target="_blank"` added to IP address link ($viewIP); formatting function; addGenUrlPage fix; pageNav tags removal; $archivesURL

* bb_func_vtopic.php - Archiving feature; formatting function; pageNav tags removal

* bb_functions.php - version change; new function - parseStatsNum() - may be substituted by a user's custom function - provides formatting for large thousand numbers; convert_date() update - replacing months should not affect Today/Yesterday date (for possibility to apply different styling to them)

* index.php - archiving feature;  for 'editmsg2' there will be require_once inclusion, instead of 'require'; add `elseif($action=='banip') {require($pathToFiles.'bb_func_banip.php');}`; add `if ($user_id!=1 and db_ipCheck($thisIp,$thisIpMask,$user_id))` (user_id==1 condition passes IP ban); additions for "smart link" add-on; $Tas, $Taus defaults; ; addGenUrlPage fixes; $l_anonDisallowedClr addition

* setup_mysql.php - db_calcTotalUserAmount, db_calcTotalStats - new functions for extended Stats (Archiving); db_calcAmount - changed mysql_result to mysql_fetch_row


* templates/admin_banusr1.html - added caption, form updates etc. for allowing moderators to ban users

* templates/admin_deleteban1.html - added caption, form updates etc. for allowing moderators to ban users

* templates/admin_panel.html - removed banning links

* templates/form.js - submitForm() is extended to handle non-entered subject, message or login. Functionality inherited from the suggestional thread: http://www.minibb.com/forums/1_3936_1.html. 

* templates/main_post_form.html - JavaScript for handling non-entered text or non-entered login (look up for vars: enterSubject, enterMessage, enterLogin)

* templates/main_posts.html - added `rel="nofollow"` for "#top" link; now it contains <!--pageNav-->...<!--/pageNav--> tags surrounding $pageNav table. If there is no $pageNav present, this section will be removed by the script.

* templates/main_posts_cell.html - added `rel="nofollow"` for "#anchor2" link

* templates/main_topics.html - now it contains <!--pageNav-->...<!--/pageNav--> tags surrounding $pageNav table. If there is no $pageNav present, this section will be removed by the script.

* templates/stats.html - new additions for Archiving feature (look up for `<!--forLiveForum--><!--/forLiveForum-->` tags) and default layout changes

* language pack lang/eng.php: new variables - $l_enterSubject, $l_enterMessage

2) Some non-mandatory changes were applied to the default miniBB release only. You don't need to upgrade your version if you feel everything is fine on your end:

Language pack fixes:

$l_userDeleted='User has been deleted from USERS table.';
$l_userNotDeleted='There was an error: User is not deleted!';
$l_userMsgsDeleted='User messages deleted.';
$l_userMsgsNotDeleted='User messages were not deleted.';
$l_userUpdated0='User info updated as "Guest" on forums.';
$l_userNotUpdated0='User info was not updated.';

Updated $l_days_within var.  Removed $l_stats_days_c var.

* bb_default_style.css - added text-shadow for .headingTitle; td.pform - padding-top, padding-bottom changed to generic padding



Changes comparision: 2.5 - 2.5a [released: November 5, 2010]
********************************************
"High-Tech Bridge" reported vulnerabilities fix. As described on http://www.minibb.com/forums/9_5631_1.html

* bb_codes.php - sanitized input for [img]..[/img] and [imgs]...[/imgs] BB codes, which may contain a possible ALT description tag (XSS issue). Now it shouldbe possible to provide ALT containing only major characters (no square brackets, apmersands, quotes, apostrophes etc.)

* bb_func_usrdat.php - sanitizied input of double back-slashes for user's profile form (both for registration and editing the profile) - now it's not possible to provide backslashes in the profile's form fields.



Changes comparision: 2.5a - 3.0 [released: December 20, 2011]
********************************************
The major additions to this release include the direct unsubscribe link in topic subscription emails (miniBB, again, tries to meet even more mailing requirements compatibility with that), improvements regarding standard-compatible email headers in all emails, updates regarding the version-for-mobile pack, super-sticky topics, whole forum navigation by pages, and other few bugfixes, improvements and updates. There is also a little Search modernization: search box will be a standalone template, available by default in the "Modern" layout's first page, on the internal forum navigation pages, under any forum and under any topic. To the search options we have now, it will be also possible to search in messages of a certain topic. As you may see, in this version miniBB comes in a surprisingly new look. It doesn't affect the upgrade of your own customized forum, but it's still making the step to get even better!

Make a backup of your database before upgrading!

Upgrading process:

0) There must be a database upgrade performed. Add the new field to the "send_mails" table with the following command (substitute `minibbtable_send_mails` with your table name):

alter table minibbtable_send_mails add email_code varchar(10);

Optionally, you may clean up this table for suspisious subscriptions:

delete from minibbtable_send_mails where active>1;

If your database is ok, you should note "0 rows deleted".

After that, from miniBB Downloads section, download and run the script called "Renew Subscription Codes" - renew_subcodes.php.


1) MANDATORY core files changes - backup, then overwrite the following core files (near each filename there are more detailed changes mentioned):

* bb_func_checkusr.php - $disallowNames and $disallowNamesIndex were swapped (for a very long time, nobody really noticed this script contains a bug!). Usernames verification optimized, based on the suggestions spread in http://www.minibb.com/forums/3_5773_1.html - now it's possible re-define the function to verify usernames ().

* bb_func_forums.php - $searchBox definition

* bb_func_ldisc.php - $LinkToLastPostInTopic added. Page icon fixes. New URL parsing functions (possible to re-define) - addExtranavURLPage, addExtranavmrURLPage. "Super-sticky" function.

* bb_func_login.php - fix regarding page's title, when the invalid user input is specified

* bb_func_man.php - CSS and styling updates.

* bb_func_pthread.php - updates regarding direct Unsubscribe link. Email notifications now will be sent only to strictly confirmed emails (activity = 1)

* bb_func_regusr.php - error in user data fix (delimiter removed)

* bb_func_search.php - search algorithm improved to allow search in a certain topic

* bb_func_stats.php - `or $lst>1` added to remove "within days" block from places where it is not present. Extended forum stats (how many messages in % per each forum).  Additions regarding Most Popular Forums stats.

* bb_func_sticky.php - after topic is sticked, the script will go to the forums or the first page; the script will go to the topic, only if topic is unsticked. The stickyin' algorithm updated to allow to set "super-sticky" topics.

* bb_func_supersticky.php - new (file to handle displaying of super-sticky topics block)

* bb_func_txt.php - convEnt function update - <br /> should be converted to \n only

* bb_func_unsub.php - updates regarding direct Unsubscribe link

* bb_func_usernfo.php -> addFieldsGen strict definition (customized board may miss some defs); banned members (which are set to "no" from the profile by admin or moderator), now will be removed from email notifications as it's mentioned on http://www.minibb.com/forums/3_5742_1.html

* bb_func_vforum.php - $totalTopics addition

* bb_func_vthread.php - align="middle" removed on topic_reverse icon. "Super-sticky" function.

* bb_func_vtopic.php - added $startNewTopic link. Added $LinkToLastPostInTopic. "Super-sticky" function.

* bb_functions.php - today/yesterday adjustments when $timeDiff is set http://www.minibb.com/forums/3_5669_1.html . New pageNav, pgRng functions optimized for mobile version, and lots of other additions for the mobile version. Updated sendMail function - for cross-platform compatibility, $eeol variable should be used to determine the separator of the linefeed in 'additional_headers'.
By default, it's equal to "\r\n". But regarding PHP documentation, "some poor quality Unix mail transfer agents replace LF by CRLF automatically", in that case, the MTA (mail transfer agent) may send "\r\r\n" in headers. You can fix it directly in miniBB options from now. If you experience troubles with your emails, when all headers are included in the email body, most likely you should experiment with $eeol in setup_options.php, setting it to "\n"; sendMail() function was also updated regarding this report: http://www.minibb.com/forums/20_5741_1.html . makeUp function was updated to meet standards-compatible email templates - "Each line should be separated with a LF (\n)", regarding PHP documentation. So all email templates will be converted on the fly regarding this change, if they still contain \r\n. You may speed up your forums a bit, providing the valid templates right away, like we mention in #2) below.

* index.php - $unset array updates. $_GET['nh'] in action==tpl - allows to load up the pop-up template only, without header and footer (may be used for File Upload rules, for example). Ban reason report when displaying banned page. Added $startNewTopic link. Put $uname_maxlength = 15 by default (may be redefined in setup_options.php). $registerButton added. "Super-sticky" function. Search box definition.

* setup_mysql.php -> db_calcTotalUserAmount -> fix regarding $dbUserId field (instead of plain 'user_id'); $mysql_set_names option to customly set binary names; ban reason report displaying.

* templates/email_reply_notify_eng.txt (the URL containing [USER_ID] tag is now completely changed to [FOLLOW_CODE], after [FOLLOW_CODE] there is a new tag added - [UNSUBSCRIBE_BY_CODE] - which will be transformed into Unsubscribe link for each individual user. Attention: FOLLOW_CODE should be strictly pasted BEFORE [UNSUBSCRIBE_BY_CODE] tag!

* lang/eng.php or whatever [language pack] - new variables added at the end of file ($l_previousPage, $l_nextPage, $l_stats_pop_forums, $l_makeSupersticky). There were also made some adjustments to the default English pack.

* img/t.gif - new icon 
* img/topic_supersticky.gif - new icon for super-sticky topics

2) There are a lot of updates to the default templates, which are in [templates] folder. But for the current forum owners, they are not mandatory or could be applied selectively. I've marked with asterisk those templates, which I think are important to touch for existing forums:

templates/admin_addforum1.html - updated layout

templates/admin_editforum2.html - updated layout

templates/admin_login.html - small fix for the new layout

* templates/admin_panel.html - as it's suggested on http://www.minibb.com/forums/3_5730_1.html , the direct Unban link is now back in admin panel

* templates/email_admin_userregister_eng.txt - link to the user's profile added

* templates/main_access_denied.html - ban reason report addition ($banRes)

templates/main_forumgroup.html - updated layout

templates/main_forums.html - updated layout

templates/main_forums_cell.html - updated layout

* templates/main_forums_list.html - search function's modernization ($searchBox added)

templates/main_last_discuss_cell.html - updated layout

* templates/main_last_discuss_more.html - NEW template

templates/main_last_discussions.html - updated layout

templates/main_modern_fcell.html - reworked view of the forums on the first page

* templates/main_modern_layout.html - search function's modernization ($searchBox); "Super-sticky" function; reworked view of the modern layout

templates/main_modern_lcell.html - added hyperlinks to forum icons; reworked layout

templates/main_post_area.html - pform class removed; form now will be completely transparent

templates/main_post_form.html - reworked layout

* templates/main_posts.html - checkBrowser(), getQuotation function updates for hiding Quoting function for mobiles [temporarily]. Reworked layout.

templates/main_posts_cell.html - reworked layout

* templates/main_topics.html - added $startNewTopic link; "Super-sticky" function ($specialThreads); reworked layout

templates/main_topics_cell.html - reworked layout

templates/main_user_info_cell.html - caption5 replaced to `caption1 tbCel2`

templates/manual_eng.html - Manual fixes and updates. $eeol and $disableSuperSticky functions explained, files and options list updated. .htaccess - new pages rule for 'extra navigation' added.

templates/protect_forums.html - slight modification of the template

* templates/search.html - search function's modernization. Added Topic title to be displayed, when the search is performed in a Topic. Look up for `tbSearchTopic` additions.

* templates/search_box.html - NEW template - search box on internal forum pages

* templates/stats.html - additions regarding Most Popular Forums stats - {$list_stats_forums}

* templates/stats_bar.html - {$forumIconTd} - an addition regarding Most Popular Forums stats (will stand for forum's icon)

* templates/user_dataform.html - will check for $uname_maxlength in login field (put a static value f.e. =40, if your forums layout is ready to handle longer usernames)

templates/user_logged_in.html - spare newline removed

* templates/user_login_form.html - will check for $uname_maxlength in login field

* templates/user_login_only_form.html - $registerButton added


3) Some non-mandatory changes were applied to the default miniBB release only. You don't need to upgrade your version if you feel everything is fine on your end:

* _install.php - there were some adjustments for reading not only global, but also local PHP settings

* _install_mysql.sql - TYPE changed to ENGINE; new table properties for "send_mails"

* templates/email_*.txt - All default miniBB email templates were fixed to have LF only.

* templates/main_header.html - changed generously

* bb_default_style.css - CSS style completely reworked! Eliminated are classes pform, caption2, and to the bottom part added some new.

* img/topic_*.gif , img/button_*.gif - all icons and default buttons were updated to be cool with the newest miniBB layout

* img/forum_icons/ - the newer miniBB package will include 13 icons of various colors, for very various forums

* img/minibb.png, img/mini_bb.gif - default miniBB logos were updated

* img/menubg.jpg - eliminated

* default robots.txt added to the default package (mostly, for avoiding 404 errors in logs)

* setup_options.php - $postRange decreased to 5 scs by default; cookie options appear after $bb_admin in setup_options.php by default



Changes comparision: 3.0 - 3.0.1 [released: March 15, 2013]
********************************************

This version of miniBB is thoroughly tested and made compatible with the most recent at this date release of PHP, which is 5.4.x.

Removing user profiles now will be allowed to moderators, too (with the optional possibility to exclude certain moderators from this feature). For this, to the earlier admin panel's function, there is a couple of new conditions added. Now it's possible to just *block* the user's account without completely removing it; AND delete user's messages at once. This could allow to fight spamming members more effectively. Often there is a case when some account floods a lot of messages, and later there is no way to remove them all easily at once. Now there should be few of ways.

To avoid confusions, admin panel's "delete email notifications" section now will not remove all emails from the subscriptions table, if no email was typed in. Instead, a standalone "Delete All" button will be present on this form.

Since in PHP 5.4.x `htmlspecialchars` function became obsolete (it actually doesn't transform only specific quotes, apostrophes or 'less than', 'greater than' chars, but also completely garbles non-UTF8 content by default), there was a decision to re-create the old-style of this function in miniBB. Also, there were new rules created to support MS-Word-based characters conversion, specifically in ISO/UTF encodings (which now should allow to copy/paste texts from MS Word into miniBB with the proper tension to convert most common specific chars). To that, in all miniBB official add-ons we have replaced `htmlspecialchars` to that function.

Make a backup of your database and files before upgrading!


1) MANDATORY core files changes - backup, then overwrite the following core files (near each filename there are more detailed changes mentioned):

* bb_admin.php - CSRF issue fixes, following the possible bug described: http://www.minibb.com/forums/3_5894_1.html (included now are CSRF checks for adding/editing the forum actions); delsendmails action - added "Delete All" button (with the resp. language var); the script changed to handle "All" deletion separately; 'removeuser1', 'removeuser2' actions moved to a standalone script; banning functions removed (obviously they left from an earlier release); /* Searching by dead users */ block fixed; `htmlspecialchars` replaced to `operate_string`; even more sanitized input for $forumID, $whatus, $forum_name vars; setCSRFCheckCookie inclusion to the login routine from the admin panel

* bb_func_banip.php - `htmlspecialchars` replaced to `operate_string`

* bb_func_confpwd.php - `htmlspecialchars` replaced to `operate_string`

* bb_func_deluser.php - NEW script (removing profile actions; moved there from the admin's panel)

* bb_func_editmsg.php - bb_plugins2 file inclusion

* bb_func_editprf.php - $deleteProfileLnk added for admin/moderators

* bb_func_forums.php - strip_tags applied to forum group's label (forum group may contain direct HTML tags like <a href> etc.)

* bb_func_login.php - `htmlspecialchars` replaced to `operate_string`

* bb_func_posthold.php - "maxlength" added to the topic's title field; 'htmlspecialchars' replaced with 'operate_string'

* bb_func_pthread.php - bug fix as described on http://www.minibb.com/forums/3_5849_1.html

* bb_func_regusr.php - `htmlspecialchars` replaced to `operate_string`

* bb_func_search.php - `htmlspecialchars` replaced to `operate_string`

* bb_func_sendpwd.php - `htmlspecialchars` replaced to `operate_string`

* bb_func_supersticky.php - $lPostst def.fix

* bb_func_txt.php - `textFilter` function's improvement; new function: `customized_conversion` (will try to transform MS-Word-based characters, like opening/closed quotes, apostrophes dots into web-based symbols)

* bb_func_usrdat.php - `htmlspecialchars` replaced to `operate_string`

* bb_func_vforum.php - 'main_forums' template loading condition changed

* bb_func_viewip.php - `htmlspecialchars` replaced to `operate_string`

* bb_func_vtopic.php - when there are less than 5 topics on forum, and if the Conf. Topic Form add-on is not installed, Start New Topic link should be hidden, as the form to post a new topic is obviously visible (so to avoid less confusion of why it can be clicked). The code pasted is: `if(!isset($_GET['showSep']) and $numRows<5) { $startNewTopicLink=''; $nTop=0; }`

* bb_functions.php - `checkModerator` function added; `operate_string` function added (to provide a native replacement for htmlspecialchars); added CUSTOM_PAGE_ICON condition which could used for possible CSS sprites; `operate_string` - new function to replace htmlspecialchars

* index.php - `$forum=0;` added to searchbox/$action='' ; 'removeuser' action/inclusion added

* setup_mysql.php - db_deadUsers function fixed

* lang/eng.php or whatever [language pack] - new variables added at the end of file ($l_deleteAll, $l_justLockProfile, $l_userDeactivated); default miniBB language updated

* templates/admin_addforum1.html - hidden field of 'csrfchk' value added, javascript's 'getCSRFCookie'/'submitForm' functions added

* templates/admin_editforum2.html - hidden field of 'csrfchk' value added, javascript's 'getCSRFCookie' function added

* templates/admin_panel.html - 'Delete Profile' hyperlink change

* templates/admin_removeuser1.html - reworked template, now containing extra features for blocking/removing messages

* templates/admin_searchusersres.html - Delete Profile hyperlink change

* templates/admin_sendmails1.html - template reworked to have "Delete All" button and action

* templates/user_dataform.html - $deleteProfileLnk added (will appear for allowed mods and admin only on editing other users profiles); removed the last cell's 'tblCp' class



2) Some non-mandatory changes were applied to the default miniBB release only. You don't need to upgrade your version if you feel everything is fine on your end:

* _install.php - introductional fixes and corrections

* bb_func_man.php - some of CSS fixes for default miniBB manual

* templates/email_reply_notify_eng.txt - info about Password eliminated

* templates/main_forums_list.html - bug fixed as described on http://www.minibb.com/forums/3_5858_1.html ; W3C validation issue

* templates/main_last_discuss_cell.html - 'vmiddle' added to the views/msgs TD class

* templates/main_last_discussions.html - <!--pageNav--> added

* templates/main_modern_lcell.html - 'vmiddle' added to the views/msgs TD class

* templates/main_post_form.html - 'subjectPad' added to the "textarea" cell; 'pformBottom' class added to the login cell; 'caption2' changed to 'caption3' to provide a different background for subject/message titles; 'padding-top' eliminated in the table of BB-buttons; 'editorControls' TD class removed

* templates/main_posts_cell.html - completely reworked and fixed table rows layout; obsolete "name" attribute removed from <a> tag

* templates/main_topics.html - 'subjectPad' added; 'forumsmb' for the "mainPostForm" table changed to 'tbTransparentmb'; 'caption2' changed to 'caption3' to provide a different background for subject/message titles; subject's cell's <a id="newtopic"> W3C-fix (will contain &nbsp;); added `value="{$topicpTitle}"` on topicTitle (adjustment for the Customizable Topic Form add-on); '{$newTopicForm}' tag removed

* templates/main_topics_cell.html - 'vmiddle' added to the topic author and latest poster rows

* templates/manual_eng.html - updates regarding the newest release

* templates/stats.html - more wider padding for the stats heading table; fixes regarding HTML5

* templates/stats_bar.html - more wider padding for the stats heading table; fixes regarding HTML5

* templates/tools_edit_post.html - 'forumsmb' changed to 'tbTransparentmb'

* templates/tools_edit_topic_title.html - 'subjectPad' added; 'caption2' to 'caption3' replaced

* bb_default_style.css - new classes added: `vmiddle`, `subjectPad` (to make input fields on forms more separate), `pformBottom` (to provide a different bottom padding of the login/posting form); 'inputButton' styling changed; 'postedLeftCell' - added padding-top; 'pauthor' - changed padding-top; 'tbStBar' now contains more wider padding; 'captionTop' - put the same padding as in 'caption1' - 5px; in 'captionTop', 'caption2' - removed 'font-weight' attribute; 'font-weight:bold'  added to 'groupTitle'; changed font-size and added padding in 'warning'; padding options added for 'caption5'

* favicon.ico added to the default package


Changes comparision: 3.0.1 - 3.0.2 [released: May 22, 2013]
********************************************
This release provides some post-fixes and issues discovered after upgrading older versions of miniBB to 3.0.x. Some of them include just the default layout changes, which are not mandatory to update for existing forum owners. There are, however, some significant improvements regarding location redirection (Refresh vs. Location option), Right-To-Left Override character fix (so called "profanity issue"), and a little Statistics page fix.

No database upgrade is required.

Make a backup of your database and files before upgrading!


1) MANDATORY core files changes - backup, then overwrite the following core files (near each filename there are more detailed changes mentioned):

* bb_admin.php (administration script) - 'rheader' option introdution (read more below for 'index.php')

* bb_functions.php - version's change

* bb_func_editmsg.php - 'rheader' option fix

* bb_func_stats.php - hyperlink fix for non-mod-rewritten forums tab

* bb_func_txt.php - `customized_conversion` function improved to cut off the "Right-To-Left Override" character

* index.php - 'rheader' option introduced. It's a mandatory option, which basically could have just 2 values: 'Location:' and 'Refresh:0;url=', which are used in 'header' function of PHP. In the ancient times, Refresh was introduced in miniBB to support IIS servers, which do not work with Location. However this may appear as the out-of-standards approach, thus sometimes Refresh may be disabled on some "extremely" valid Linux servers, and Location may work relatively faster. In the current version, it's possible to specify it on the optional level. If $rheader option is not set (under setup_options.php), "Location:" is used by default and embedded in index.php (which works in most cases).


2) Some non-mandatory changes were applied to the default miniBB release only. You don't need to upgrade your version if you feel everything is fine on your end:

* templates/main_modern_layout.html - '<br />' put as a separator between sorting options

* templates/admin_editforum1.html - 'selectTxt' class is being used instead of 'textForm'

* templates/main_last_discussions.html - {$specialThreads} pasted for old-school layout



Changes comparision: 3.0.2 - 3.0.3 [released: September 18, 2013]
********************************************
At first, this release should be important for those who TIRED of massive spam registrations, which can't be avoided even if Captcha module is installed, or some other protection tool (China still has lots of 1-buck workers to complete this manually). Spammers usually have registered 	insignificant accounts, but having Website field provided, or even other Profile-related fields filled in with URL-values. Despite these URLs are active only for logged members, and inactive for guests and search engines, this version of miniBB provides a solution to avoid this behavior. We still support the Website field, considering it is important for "normal" posters who will get some "profit" from their useful postings; but the solution doesn't allow to fill this field in, until a member has been made more than '$allowHyperlinksProfile' posts on forum. '$allowHyperlinksProfile' can be defined differently, or it is equal to '$allowHyperlinks' value by default. The approach works that way:  1) when registering an account, it's not possible to provide Website field's value; and if it has been provided, the script will not allow to register an account;  2) when editing the Profile, it will be possible to provide the value for the Website field only having at least '$allowHyperlinksProfile' total posts made on forum; 3) if member's topic or message has been deleted, and now this member has less than '$allowHyperlinksProfile' of total posts, the Website field will be [i]nulled[/i] automatically (so the spammer has no chances to keep this link after his bulk postings were deleted); 4) There is a basic function coded to protect other text-type fields of the Profile to not have possible to insert 'http', 'www' or 2-4 letter char followed after dot (single domain). This solution came from the suggestional thread of one of our members: http://www.minibb.com/forums/12_6036_1.html and it has been proved to work on miniBB forums.

Other minor updates of this release include few non-critical bugfixes and polishing updates.

No database upgrade is required.

Make a backup of your database and files before upgrading!

1) MANDATORY core files changes - backup, then overwrite the following core files (near each filename there are more detailed changes mentioned):

* bb_codes.php - deCodeBB function's update for 'nourl' tag: the URL definition should not contain space i.e. `([^<>\n\r]+?)` comp. to the older format `([^<> \n\r]+?)` (useful for long URLs which can't be broken then)

* bb_func_checkusr.php - not possible to provide Website value on registration or having too less posts; added functionality (verifyForLinks() func.+verification algo) to avoid insertion of hyperlink-related values in the other default text fields of miniBB member's profile

* bb_func_deltopic.php - $poster_id added to the $pUsers array - to fix the case of updating the account of the topic's author, if the first message of this topic has been moved to another thread. There is a new code for that: `if(!in_array($poster_id, $pUsers) and $poster_id!=0) $pUsers[]=$poster_id;`

* bb_func_editmsg.php - bugfix: moderators should not be allowed to edit messages from the forbidden forums; as reported in http://www.minibb.com/forums/3_5924_1.html

* bb_func_editprf.php - it will remove the WEBSITE field from the form, if user_num_posts < allowHyperlinksProfile

* bb_func_regusr.php - it will remove the WEBSITE field from the form when completing a new registration

* bb_func_stats.php: - `$tuW=(isset($statsDefField)?$statsDefField:'topic_last_post_time');` instead of just `$tuW='topic_last_post_time';` - this will allow to customize the ordering of stats records, it could be defined to `topic_time` to have different results displayed for fresh topics, not the most answered topics

* bb_functions.php: version update; update of pageNav function - for mobiles, now it's possible to insert customized prev/next links; comma eliminated from Today/Yesterday statements (possible to put into translation anyway)

* index.php: 'unset' vars extended to new values; `allowHyperlinksProfile` code added

* setup_mysql.php - db_calcTotalUserAmount() function updated: Users having less than allowHyperlinksProfile posts made, will have not be allowed to keep the hyperlink in the profile under the user_website field, it will be removed automatically as soon as the system detects this, when posting or deleting a message. Doesn't affect admins. 

* templates/user_dataform.html: <!--WEBSITE-->...<!--/WEBSITE--> flags - put in your template for the Website block, following the package's example, to protect the profile from spam registrations.


2) Some non-mandatory changes were applied to the default miniBB release only. You don't need to upgrade your version if you feel everything is fine on your end:

* lang/eng.php - updates regarding l_userErrors related messages



Changes comparision: 3.0.3 - 3.1 [released: September 29, 2014; updated: November 3, 2014]
********************************************
This release includes:

[-] mysqli support. Now miniBB will gradually switch to a new connection module (setup_mysqli.php), because the older mySQL will be deprecated in PHP starting from the version 5.5. This will be used as default from the 3.1 release. Currently, we run miniBB project completely on mysqli, including the primary website and support forum. In 3.1, there's still provided the older mysql module's support (setup_mysql.php), as many users most likely will keep the earlier PHP as long as they can: switching to mysqli or PDA, sometimes the whole website should be re-coded, for many this will be a tough task. Also, it's quite possible PHP developers could change their minds and recode mySQL in some way to continue to support it because of requests. There've been also updated many add-ons and tools, now supporting both support of mysql and mysqli (the list follows).

[-] important change in more sophisticated "not found/gone/forbidden/moved" header handling (resp. 404/410/403/301 headers). Now it should fully meet IETF internet standards, like described here: http://en.wikipedia.org/wiki/List_of_HTTP_status_codes. This would also bring more SEO effect from Google and other search engines, since this makes the verification of missing/forbidden/moved URLs more precise.

[-] adjustments in the registration/profile update processes; sending emails; search; administrative panel; and some more.

Database upgrade is not required.
Make a backup of your database and files before upgrading!

1) MANDATORY core files changes - backup, then overwrite the following core files (near each filename there are more detailed changes mentioned):

* bb_admin.php (administration file): 'searchusers2' case/'inactive' - the code should contain `$rDate=convert_date($row[$dbUserDateKey]);` instead of the earlier `$rDate=convert_date($row[2]);`; 'allowHyperlinksProfile' and handling added; `set_time_limit` added to the 'deleteforum' block; `/* Amount of user topics */` block changed; `db_calcTotalUserAmount` added instead of `dbCalcAmount` for users handling; changes regarding Editing/Adding forums to Archives.

* bb_func_checkusr.php: update of the code regarding the starting/ending downscore of the registered username: should contain a reference to $GLOBALS['userRegName'] and not \w like it was earlier, because \w is for alphanumerical chars only; but there could be used another set of chars for username for non-English forums.

* bb_func_delmsg.php - added the code after `//Determine the last possible page.` - it will help to determine the real page number after deletion, if all messages were deleted from the last page. This change is necessary because of headers handling update - now missing pages may give 'Forbidden' error instead of 301-redirection.

* bb_func_editprf.php: changed the value of $l_passOnceAgain; extended the value of $l_sub_pass - the modification like suggested under http://www.minibb.com/forums/20_6274_1.html ; handling of <!--INITMSG--> added; definition of $reply_to_email removed.

* bb_func_ldisc.php: new code under /* Handling not-available pages in Extra navigation */

* bb_func_pthread.php - definition of $reply_to_email removed.

* bb_func_regusr.php - now the script will insert the admin's account (USER_ID=1) automatically, if it's not present; there will be standalone warnings about existing username and email on registration; parsing of <!--INITMSG--> added; registration emails to admin now will be sent from $reply_to_email.

* bb_func_search.php: different parsing for $_GET['phrase'], $_GET['posterName'] (these both should be checked for incoming arrays) and $phrase1; now miniBB will consider the search request as the "whole phrase" only if it's containing more than 3 words (were 2); extra condition for $numRows; bugfix of "search in Topic" - now the Topic title/ID should not be reset for this case, if nothing is found (possible to re-define the search for the same topic right away).

* bb_func_sendpwd.php - definition of $reply_to_email removed.

* bb_func_stats.php - updates regarding mysqli updates and the new parsing algorithms for core statistical values.

* bb_func_usernfo.php: Added 410 header and $metaRobots for non-existing profiles.

* bb_func_vforum.php: introduction of $forumsTpl variable, which will hold the value of the forums template. Removed all output from this script.

* bb_func_vthread.php: `//avoiding duplicated content issues` block completely changed to have another conditions, including the new 301/404 headers issues and a case for "nulled" topics (could happen on big forums sometimes); $addMainTitle now will be executed at the end of the <title> tag after the (possible) page number or the original topic's title; `header('Status: 404 Not Found');` replaced to `header($proto.' 410 Gone');` or put below of 404; handling of '<!--ADMIN_JS-->' tag; introduction of $allPosters and $delBlock.

* bb_func_vtopic.php: $addMainTitle now will be executed at the end of the <title> tag after the (possible) page number or the original forum's title; $proto added; `if (!isset($forumsArray[$forum])) {` now will have 410 header sent.

* bb_functions.php: operate_string extended ($backMode added for possibility to de-code the operated string); `getIP()` function improvement - security issue; added new function `display_footer()` (I'm just tired of repeating the same code in multiple places - this function may be also used in further improving the add-ons, containing the duplicated code of Loading Footer); _featured_ - added scanFilePHP() function, which later will be used in secure scanning of uploaded files in all related add-ons; sendMail function now could be re-defined; $GLOBALS['admin_email'] replaced to $GLOBALS['reply_to_email'].

* index.php - duplicate definition of $manualIndex is removed; $proto definition added (will be used in 301/404/410 headers); `if ($forb>0) {` condition's header now will be 403 instead of 404; the code for `if($user_id!=1 and db_ipCheck($thisIp,$thisIpMask,$user_id)) {` changed code fixes bug of the banned IPs (IP has not been truly banned, if the reason was not provided); display_footer() function replaces now the older loading of footer part (it also could be replaced by a custom function); on `elseif($action==''){` there is supressed/initialized empty $tplPr output; the final output looks like: `echo load_header().$forumsTpl.$tplPr;`; the line setting '$uname_maxlength' has been eliminated; workaround of unset $tplPr value; definition of default $reply_to_email value added.

* setup_mysql.php, setup_mysqli.php - `db_ipCheck` function has been updated to give more exact value on return; `updateArray` function has been updated to make it possible to set NULL values; `db_genPhrase` function has been updated to provide swapping of words search if "Words containing the fragment" mode has been chosen: there will be allowed the 'swapped' search for 2-3 words in search, for example, if you search for 'rent car', then topics like '* rent * car *' or '* car * rent *' should now be found, on weak DBs this could be switched off specifying: `define('NO_SWAP_SEARCH', 1);`.

* lang/eng.php: default values for $l_onlyIfChangePwd and $l_errorUserExists changed; added new var: $l_errorEmailExists; 

* templates/main_posts.html - <!--ADMIN_JS-->...<!--/ADMIN_JS--> tags added; will be used to remove the administration block of JavaScript (resp., getCSRFCookie and confirmDelete functions), if non-admin is being logged in; updates regarding Quoting operation on mobile devices -- in an experimental way, we will now switch them on, `checkBrowser()` function updated with a mod of 'this.mobile' ('android' addition), `getQuotation` function updated, eliminating 'displayQuote=false' for 'bw.mobile' condition and adding 'bw.mobile' condition to the primary allowance list.

* templates/search.html: added {$topicIdField} - bugfix of search in topic

* templates/user_dataform.html - added <!--INITMSG-->...<!--/INITMSG--> tags - the text placed in between them, will be displayed only in the initial registration or profile form. If an error occurs after submitting the form, this text will be removed, that way providing more appealing content on the screen; `autocomplete="off"` tag added for Password input fields.


2) Some non-mandatory changes were applied to the default miniBB release only. You don't need to upgrade your version if you feel everything is fine on your end:

* _install.php: changes regarding mysqli module connection.

* templates/admin_panel.html: optional code to uncomment in a case of Archived forums installed.

* templates/admin_searchusersres.html: user profiles will now be opened in a new window by default: target="_blank" added to profile links.

* templates/email_reply_notify_eng.txt - slight change of signature

* templates/email_user_confirm_eng.txt - default URL to the forums removed

* templates/email_user_password_eng.txt - default URL to the forums removed


Changes comparision: 3.1 - 3.1.1 [released: April 10, 2015]
********************************************
This version introduces small fixes/updates of the previous release, as well as medium security fix, and the option for keeping member's messages on the forum, while the member's account itself is being deleted (this could be only useful for forum owners, which are often requested to remove user's profiles by the users themselves).

Database upgrade is not required.
Make a backup of your database and files before upgrading!

1) MANDATORY core files changes - backup, then overwrite the following core files (near each filename there are more detailed changes mentioned):

* bb_admin.php (administration file): `display_footer();` replaced the older footer output; `header("Location...")` replaced to `{$rheader...}` option + $rheader definition; XSS fix - `selsub` array's sanitizing; $_POST['topic'] sanitizing. 

* bb_func_checkusr.php - `verifyForLinks` function's update.

* bb_func_delmsg.php - `header("Location...")` replaced to `{$rheader...}`.

* bb_func_deltopic.php - `header("Location...")` replaced to `{$rheader...}`.

* bb_func_deluser.php - improved /* Make user posts as Guest in Live forums */ section.

* bb_func_editmsg.php - `$ch` changed to more valid HTML format.

* bb_func_ldisc.php: /0/ and /1/ pages now should be excluded from the "extra-navigation" (/* Handling not-available pages in Extra navigation */ block fix).

* bb_func_login.php - `header("Location...")` replaced to `{$rheader...}`.

* bb_func_search.php - `header("Location...")` replaced to `{$rheader...}`.

* bb_func_sendpwd.php - now inactive (disabled) members should not be able to get their passwords emailed.

* bb_func_supersticky.php - `$numReplies-=1` moved to another place for more proper displaying of the amount of replies.

* bb_func_vthread.php - `header("Location...")` replaced to `{$rheader...}`.

* bb_func_vtopic.php - `header("Location...")` replaced to `{$rheader...}`.

* bb_functions.php - `global $l_loadingtime;` added to display_footer() [so now it's possible to `{$l_loadingtime} {$totaltime}` to public as the old footer format]; number of version changed.

* index.php: `header("Location...")` replaced to `{$rheader...}` option + $rheader definition moved right after options; $violating_the_copyright_may_result_in_your_criminal_responsibility is now included right after the language inclusion,  so it could be also referenced in plugins like Captcha (footer inclusion) and on the "forbidden alert" pages; 'topic_last_post_time' added to the $topicData request; footer now should be displayed for the "forbidden" alert pages as well.

* templates/admin_removeuser1.html - slight changes for approving the "Username/Guest" option.

* lang/eng.php or alternative language pack - `$l_removeUserMessages` extended to to have a "radio" selection for guest/username option upon deletion of a user.


Changes comparision: 3.1.1 - 3.2 [released: October 1st, 2015]
********************************************

This release is about enhanced security improvements, and some new or extended options of the forum management. It also contains additions for the newer (database-based) version of the upcoming Premoderation add-on.

Database upgrade is not required.
Make a backup of your database and files before upgrading!

1) MANDATORY core files changes - backup, then overwrite the following core files (near each filename there are more detailed changes mentioned):

* bb_admin.php - $isMod changed to 0 by default; inclusion of bb_specials.php for possible top menu add-ons; $rheader definition; `delsendmails1`/`delsendmails2` case improvement - now it's possible to delete subscription emails related to the certain domain OR mask only; 'searchusers2' case improvement - now results will be possible to sort out by profile registration date asc/desc mode; secured '+0' operations to avoid app error message; fixed XSS/SQL vulnerability issues provided by Onur Yilmaz and Robert Abela from netsparker.com.

* bb_codes.php: '#' (hashtag) added to the exclusive pattern for all images (image URLs could not have an anchor, if we are about that).

* bb_cookie.php - `setMyCookie` and `deleteMyCookie` updated to have HTTPOnly flag for setting cookies; default auth module re-build regarding admin's login data and username. This module is not required to upgrade for customized membership, or if it works properly on your end; secured '+0' operations to avoid app error message.

* bb_func_delmsg.php - ARCHIVE setting improval; secured '+0' operations to avoid app error message.

* bb_func_deltopic.php - ARCHIVE setting improval.

* bb_func_deluser.php - $archives syntax improval; improvement regarding deletion posts and updating stats in Archives.

* bb_func_editmsg.php - changes regarding the newer version of Premoderation add-on; XSS vulnerability fix provided by Tim Coen from curesec.com; secured '+0' operations to avoid app error message.

* bb_func_editprf.php - secured '+0' operations to avoid app error message.

* bb_func_movetpc.php - secured '+0' operations to avoid app error message.

* bb_func_posthold.php - fixed XSS vulnerability issue provided by Nicholas Sciberras from acunetix.com.

* bb_func_pthread.php - changes regarding the newer version of Premoderation add-on; ARCHIVE setting improval.

* bb_func_ptopic.php - changes regarding the newer version of Premoderation add-on.

* bb_func_regusr.php - secured '+0' operations to avoid app error message.

* bb_func_search.php - secured '+0' operations to avoid app error message.

* bb_func_stats.php - secured $days to integer.

* bb_func_unsub.php - secured '+0' operations to avoid app error message.

* bb_func_usernfo.php - ARCHIVE setting improval.

* bb_functions.php - version's change; getIP function improved to verify the incoming IP by the IPv4 mask and give back '0.0.0.0' if no IP is provided - this would optionally allow an easy extension to protect the forum from those who hide behind the proxy with no IP supplied; operate_string improvement; now it is possible to re-define `getForumTitleById` function; update for `sendMail` -> PHPMailer sending option, comes from http://www.minibb.com/forums/3_6609_1.html.

* index.php - arrangements in the default codes; `setcookie` updated to have HTTPOnly flag for setting cookies; secured '+0' operations to avoid app error message.

* setup_mysqli.php, setup_mysql.php - sorting option added to the functions `db_inactiveUsers` and `db_deadUsers`.

* lang/eng.php or alternative language pack - changed default text of $l_delSendMais - now includes wide description for deleting emails using * mask.

* templates/admin_searchusers.html - {$sortOptions} and hidden name "sort" added to provide possibility of sorting the users search results.

* templates/tools_edit_post.html - instead of the field `<input type="hidden" name="action" value="editmsg2" />`, there should be: {$nextAction}.


2) Some non-mandatory changes were applied to the default miniBB release only. You don't need to upgrade your version if you feel everything is fine on your end:

* templates/admin_login.html - `autocomplete="off"` added to the 'password' field.

* templates/main_last_discuss_more.html - default layout changes: 'search' field and page navigation now are swapped, and located differently.

* templates/main_modern_layout.html - default layout changes: the bottom line navigation now will be located to the left of the topics listing section.

* templates/main_post_form.html - default layout changes: `<h1 class="headingTitle">` added to surround {$l_messageABC} that way making the title above the form more notable.

* templates/main_posts.html - default layout changes: the bottom line navigation now will be located at the center of the page.

* templates/main_topics.html - default layout changes: the bottom line navigation now will be located to the left of the page by default; the Forum's title ($forumName) now will be moved a bit down, with an addition of "Start New Topic" ($l_new_topic) title above the posting form + minor topic form's fixes.

* templates/manual_eng.html - updates regarding $enablePhpMailer option; updates to $enableNewRegistrations explanation like it was suggested here: http://www.minibb.com/forums/4_6602_1.html ; updates to $enableProfileUpdate description; and other few slight text updates.

* templates/search.html - `var views = new Array();` removed.

* templates/user_login_form.html - `autocomplete="off"` added to the 'password' field.


Changes comparision: 3.2 - 3.2.1 [released: October 21st, 2015]
********************************************

This release is a post-scriptum to 3.2, fixing even more SQL injection and XSS issues, provided by Nicholas Sciberras from acunetix.com. Mostly all of them are related to the logged-in admin account and could not be considered; still, nobody knows from where the brick could fall, so everyone is welcome to upgrade these issues in the forums.

Database upgrade is not required.
Make a backup of your database and files before upgrading!

1) MANDATORY core files changes - backup, then overwrite the following core files (near each filename there are more detailed changes mentioned):

* bb_admin.php - `delus` var protected in the /* Delete users if selected */ section; `forum_icon` vars protected from XSS in the 'addforum2' and 'editforum3' sections; `searchus` and `whatus` vars protected in the 'searchusers2' section.

* bb_func_banip.php - `banip` var protected from XSS.

* bb_func_usernfo.php - `activity` var protected from XSS.

* bb_functions.php - version's change.


Changes comparision: 3.2.1 - 3.2.2 [released: June 25th, 2016]
********************************************

This release includes small-to-medium non-security related yet important bugfixes; also core updates regarding Premoderation 2 add-on (the older version of this add-on is being eliminated from the code and no longer supported); and various default CSS/templates fixes and adjustments.


Database upgrade is not required.
Make a backup of your database and files before upgrading!


1) MANDATORY core files changes - backup, then overwrite the following core files (near each filename there are more detailed changes mentioned):


* bb_codes.php - `$pattern[]='#\[url[=]?\]('.$dotsSiteUrl.'[^<> \n\r\[\]]*)\](.+?)\[/url\]#i';` pattern replaced to a more valid version of `$pattern[]='#\[url[=]?\]('.$dotsSiteUrl.'[^<> \n\r\[\]]*)\[/url\]#i';` pattern

* bb_func_editprf.php - `$tmpUser=$user_id;` line moved on top of the primary code

* bb_func_forums.php - the condition `($viewTopicsIfOnlyOneForum!=1 or defined('ADMIN_PANEL'))` removed; definition of `$listForums='';` moved up

* bb_func_ldisc.php - /* Handling not-available pages in Extra navigation */ - fix; `l_topicQueued` conditions removed; `l_postQueued` conditions removed

* bb_func_search.php - 301-header for redirection to posts; `l_topicQueued` conditions removed; `l_postQueued` conditions removed

* bb_func_stats.php - `l_topicQueued` conditions removed

* bb_func_supersticky.php - num.replies and page navigation fix; `l_postQueued` conditions removed

* bb_func_usernfo.php - `l_topicQueued` conditions removed

* bb_func_vthread.php - direct Location replaced to {$rheader}; redirection adjustments; `l_topicQueued` conditions removed; `l_postQueued` conditions removed; `$cols[4]='';` code disabled - having IP address could be useful to have available in `parseMessage` function; `/* keeping the original values of userInfoInPosts */` code added - this could be useful in developing custom add-ons, for rewriting the default supplied values

* bb_func_vtopic.php - direct Location replaced to {$rheader}; redirection adjustments; `l_topicQueued` conditions removed; `l_postQueued` conditions removed

* bb_functions.php - version change; update of the `convert_date` - new codes for the planned 'Posted Time-Ago' add-on release

* index.php - $minibb_copyright_txt added to provide possibility of adding miniBB hyperlink-only-based copyright notice to heavily customized layouts; 'disableDates' added to `unset` array


2) Some non-mandatory changes were applied to the default miniBB release only. You don't need to upgrade your version if you feel everything is fine on your end:


* _install.php - updates regarding various possible SQL commands from add-ons

* bb_default_style.css - added 'tcellpn' class for aligning the poster name in topics lists; added '.postedText img' and '.popUp img' defining 'max-width:100%' for proper resizing of external images, which do not fit on the screen.

* templates/main_forums_list.html - `noWrap` for searchbox

* templates/main_last_discuss_cell.html - update for 'tcellpn' class and reduced size

* templates/main_topics_cell.html - update for 'tcellpn' class and reduced size

* templates/search.html - for the search phrase field, `type="text"` replaced to `type="search"` 

* templates/search_box.html - more aligned code; `type="text"` replaced to `type="search"`

* templates/user_dataform.html - for the Email field, `type="text"` replaced to `type="email"`; for URL field, `type="text"` replaced to `type="url"`


Changes comparision: 3.2.2 - 3.3 beta 1 [released: August 2nd, 2017]
********************************************

This release is the first step of implementation the mobile-friendly layout as proposed by Google. It provides the re-designed CSS file, which from now will be stored in the [css] folder instead of the bb_*_style.css as earlier; all styles were re-combined to provide more flexible version in terms of adjustment to the client's colors, fonts and common website styling. Now it's possible to change just 2 basic colors and 5 original colors to adopt the forums layout easily and quickly. Also, this version contains the usage of the external fonts embedded via the `font-face` definition, which also could be quickly changed, for example, when plugging in the Google fonts library. By default, miniBB is distributed with the free 'Droid Sans' font, developed by Steve Matteson.

Other than this, miniBB now provides more sophisticated algorithms for handling the *truly* mobile version of the layout. $brtag option is now introduced to handle different versions of <br>|<br /> - this could be critical for different versions of HTML and now is possible to customize easily. All static layout hyperlinks now should be marked with a special CSS class, which also should help in more advanced layout customizations (note: dynamic hyperlinks put in messages will come without this class as earlier and it's not needed to update - these links' styling could be adjusted from the "postedText" CSS class).

Database upgrade is required, but only if you would like to switch UTF-8 mode. In the case you'd like to switch, read the point #0 below; in the case you'd not, leave your database intact.

Make a backup of your database and files before upgrading!



0) ONLY in the case you'd like to switch your forums to a proper UTF-8 mode (if they are not running in UTF-8 by now) or even if you'd like simply make sure your database is prepared for UTF-8 mode, apply the following commands to your mySQL database (via phpMyAdmin tool or whatever program you have for this purpose) - substitute the proper table names for your private case:

alter table minibbtable_topics modify topic_title varchar(700) not null default '';
alter table minibbtable_topics modify topic_poster_name varchar(254) not null default '';

alter table minibbtable_users modify user_occ varchar(254) not null default '';
alter table minibbtable_users modify user_from varchar(254) not null default '';
alter table minibbtable_users modify user_interest varchar(300) not null default '';

These changes are required for UTF8-chars which are not Latin. Each non-Latin char in UTF8 takes 2 bytes instead of 1. Then for example, if you have a setting named $topic_max_length equal to 250 (max. 250 chars in the topic title) you should reserve at least 500 bytes for it. The same for all profile-related fields, which lengths are defined in templates/user_dataform.html.



1) MANDATORY core files changes - backup, then overwrite the following core files (near each filename there are more detailed changes mentioned):

* bb_admin.php -> '<br />' changed to {$brtag}; ` class=\"mnblnk\"` added to links

* bb_codes.php -> '<br />' changed to {$brtag}; added: $msg=str_replace (array('<br />', '<br>'), "\n", $msg);

* bb_cookie.php - fixes regarding httponlycookie 

* bb_func_banip.php -> '<br />' changed to {$brtag}; `class=\"mnblnk\"`added

* bb_func_checkusr.php - default $umax value changed to 20; {5,32} changed to {5,30}

* bb_func_deluser.php -> '<br />' changed to {$brtag}

* bb_func_editmsg.php -> '<br />' changed to {$brtag}, ` class=\"mnblnk\"` added

* bb_func_editprf.php -> '<br />' changed to {$brtag}, ` class=\"mnblnk\"` added

* bb_func_forums.php - searchBox exluded from the search action

* bb_func_ldisc.php - $lastPostIcon code change; '<br />' changed to {$brtag}; removed `style=\"...` for icons; forumIcon and authorIcon classes added to icons; $lastPostIcon removed

* bb_func_locktop.php - `class=\"mnblnk\"`added

* bb_func_login.php - `class=\"mnblnk\"`added; `exit` added after all Location headers; more proper relocation to $main_url added

* bb_func_movetpc.php - `class=\"mnblnk\"`added

* bb_func_posthold.php -> '<br />' changed to {$brtag}

* bb_func_search.php -> '<br />' changed to {$brtag}; <!--pageNav--> removal added; <!--warningBottom--> removal added; various additions regarding improval of the search in topics/messages (links similar to sorting on the first page/topics pages); now search results will be loaded from new templates (read below)

* bb_func_stats.php - `class="mnblnk"` added to all hyperlinks

* bb_func_sticky.php - `class=\"mnblnk\"`added

* bb_func_supersticky.php - '<br />' changed to {$brtag}; removed `style=\"...` for images/icons; forumIcon and authorIcon classes added to icons; $lastPostIcon removed; $lastPosterIcon added

* bb_func_txt.php -> '<br />' changed to {$brtag}; `$eofs` part of the code improvement; urlMaker improvement - added code for more proper handling of parentheses in the hyperlinked phrase/URL; 'substr_unicode' function added; textFilter function improvement - now '&#..;' pattern will be re-parsed more properly and only for valid codes

* bb_func_usernfo.php - captions and titles changes; class=\"mnblnk\" added to all links

* bb_func_vforum.php -> '<br />' changed to {$brtag}; `class=\"mnblnk\"`added

* bb_func_viewip.php -> '<br />' changed to {$brtag}; `class=\"mnblnk\"`added; $banLink hyperlink style change

* bb_func_vthread.php -> $pLink1 link style added; convertTopicTitle function added (extended possibility to convert topic title on displaying); `class="mnblnk"` added to all related hyperlinks; '<br />' changed to {$brtag}; $backToPostLink 'style=...' removed; s/t icons change depending on the number of message ('t' for the first message, 's' for all other messages); forumIcon and authorIcon classes added to icons; 'substr_unicode' func now is used for $description (instead of regular 'substr'); '{', '}', '&gt;', '&lt;' chars are added to the replacement tags of the $description; $description adjustment

* bb_func_vtopic.php - '<br />' changed to {$brtag}; $lastPosterIcon added; '<br />' changed to {$brtag}; `class=\"mnblnk\"`added; removed `style=\"...` for images/icons; forumIcon and authorIcon classes added to icons; $lastPostIcon removed

* bb_functions.php - version change; added `class=\"mnblnk\"` to all hyperlinks  of every function met in this file; pageNav -> removed 'style=...' for the navigation icon and added 'class' for the whole navigation string, added 'txtNr' and 'noWrap' spans; $l_menu[0] condition change (now Forums link will also appear in the Advanced pagination)

* index.php - `class="mnblnk"` added; 'lastPosterIcon' and 'dstr' added to unset array; $brtag added (definition of the generic <br> or <br />); '<br />' changed to {$brtag}; $lastPostIcon definition brought in this script (instead of duplicating it in 3 places); 'bb_func_txt.php' now included for 'vthread' pages ('substr_unicode' function will be used for shortened Description); added $httponlycookie for determining if it's possible to set HTTPOnly cookie flag.

* setup_options.php - a MANDATORY addition is about the code located in the `/* determining the mobile device */` block - this code will try to determine if the client is browsing from the mobile device. Leave this option for further add-ons and options developed in the future versions. It should be put after cookie settings, and before the $main_url, $skin, $fontsCSS, $sitename and the other options specified differently for the mobile and desktop version. 

* templates/common.js - NEW JavaScript file - the collection of common scripts used widely on forums (in the current version, there's a code for the dynamic "Top" link located at the bottom right of forum pages)

* templates/search_messages_cell.html - NEW mandatory template defining the layout for search results in messages

* templates/search_topics_cell.html - NEW mandatory template defining the layout for search results in titles



2) Some non-mandatory changes were applied to the default miniBB release only. You don't need to upgrade your version if you feel everything is fine on your end:

* bb_default_style.css - removed

* _install.php - breaks and ` class="mnblnk"` added

* _install_mysql.sql - because of the generic UTF8 switch, some columns listed in the #0 above updated

* bb_cookie.php - added conditions with $httponlycookie to check if there's a HTTPOnly flag available in setcookie function since PHP 5.2.0 ( http://www.minibb.com/forums/msg.php?id=41134 )

* bb_func_man.php - default styling for miniBB Manual changed (if you have the Manual template enabled, update/modify this file as well)

* setup_options.php - $viewlastdiscussions value changed to the default of 24; an optional setting named $fontsCSS is added - it will hold the stylesheet link which is used for external fonts, like the font from the Google fonts project, or your own fonts - {$fontsCSS} could be inserted in templates/main_header.html for different template sets like mobile and desktop versions.

* lang/eng.php - class=\"mnblnk\" added to all links; '<br />' changed to {$brtag}; $l_about change (removed "for");  $l_search[7] changed to 'Words starting from...'; $l_search[13] changed to 'Words containing...'; $l_recordsFound - 'Records' changed to 'Results'

* img/keypwd.gif - removed

* img/minibb.png - new icon and miniBB logo now will be provided in the header/footer of all pages by default

* img/topic_reverse.gif - updated to the "author icon" size (12 x 9 px)

* css/default.css, css/fonts.css - the new folder and CSS files storing the new layout of miniBB software. Comparing to the older one, the new CSS file will contain a new structure and a lot of new classes and definitions.

* New layout changes are applied to the ALL default templates, EXCEPT email_* templates and: 

faq.html
form.js
main_access_denied.html
main_forumgroup.html
main_post_area.html


Changes comparision: 3.3 beta 1 - 3.3 beta 2 [released: January 18th, 2018]
********************************************

This version is mostly about improving of the Mobile mode templates and CSS; also contains a few of little bugfixes not related to security, and W3C-validation fixes. The most important functional change is about different algorithm of splitting large words, based on the $post_word_maxlength setting. In bb_func_txt.php script, there is introduced a new experimental function `wrapText`, which uses another chunking and splitting methods.

Database upgrade is not required.
Make a backup of your database and files before upgrading!


1) MANDATORY core files changes - backup, then overwrite the following core files (near each filename there are more detailed changes mentioned):

* bb_admin.php - httponlycookie fix; view subscriptions - Mobile mode updates; 'deleteban' steps removed

* bb_codes.php - '<wbr>' string added to deCodeBB function

* bb_cookie.php - httponly fix (added to 2 another functions where the global was missing)

* bb_func_banip.php - updates regarding the Mobile version; a bit of styling change - now regular IPs will come in plain text (not italic)

* bb_func_deluser.php - updates regarding the Mobile version

* bb_func_forums.php - $is_mobile addition

* bb_func_ldisc.php - `$topic=0; $forum=0;` added to prevent wrong $topic values for add-ons (like mobile); adjustments regarding $pageNavCell for the mobile layout

* bb_func_login.php - now the login form will be displayed immediately instead of the "back" message, if wrong username/password entered; registerButton added; `$correctErr` now will focus on the login field in case of wrong login on mobile devices; in the case if mobile version is opened, do not redirect to posting forms on logging

* bb_func_search.php - '!' fix when no results are found (for searching in topics); `$addCaptionSearch` added for displaying either forum either topic search title

* bb_func_stats.php - updates regarding the mobile version

* bb_func_txt.php - `special_substr` function moved to bb_functions.php; `chunkStr` added specifying <wbr> tag for more sophisticated chunking regarding $post_word_maxlength; experimental - the NEW function `wrapText` now should be more simpler and also taking care of UTF-8 texts.

* bb_func_viewip.php - Mobile mode updates

* bb_func_vthread.php - `startReplyLink` added; `is_mobileBr` added; changes regarding $is_mobile mode (l_sepr auto-changed to brtag)

* bb_func_vtopic.php - `$topic=0;` added to prevent wrong $topic values for add-ons (like mobile)

* bb_functions.php - makeUp: `an attempt to look up in the original folder`; load_header: new built-in functions for 'is_mobile*' conditions, `isMobileHd` addition for mobile menu to default items; registerButton function added; `special_substr` function moved here from bb_func_txt.php; pageNav - new improvements regarding $is_mobile; $GLOBALS['l_menu'][7] improved for mobile - an icon will be displayed for a new topic; `violating_the_copyright_may_result_in_your_criminal_responsibility` and `minibb_copyright_txt` moved to display_footer func.

* index.php - added new vars to the unset list ('is_mobile_test', 'is_mobile_browser', 'is_mobile', 'startReplyLink', 'chunkStr', 'splitExpression'); code rearrangement of copyright notices and logos (so they are visible always); `l_mobilePages`, `startReplyLink` added to unset array; different handling of $user_logging_top

* setup_options.php -- /* determining the mobile device */ -- updated code; (!important!) the new order of some settings - f.e., $pathToFiles should be strictly defined right after $indexphp. Follow the original setup_options.php file, or the miniBB Manual, and place your settings in the proposed order; default $post_word_maxlength changed to 30 (to fit 400x{...} mobile screens)

* setup_mysqli.php - `brtag` addition for error reporting.

* templates/admin_addforum1.html
* templates/admin_banusr1.html
* templates/admin_deleteban1.html
* templates/admin_editforum2.html
* templates/admin_panel.html
* templates/admin_removeuser1.html
* templates/admin_searchusers.html
* templates/admin_searchusersres.html
* templates/admin_sendmails1.html
* templates/admin_viewsubs.html - Mobile mode updates for almost every Administrative template

* templates/main_forums_list.html - <!--searchBox--> tag addition

* templates/search.html - another approach for displaying searched areas. `$addCaptionSearch` added, and topic-related title block eliminated so far.

* templates/tools_userips.html - added 'desktop' tag to remove portions of content on the Mobile


* css/default.css - updated `postingForm` height; `.pages` background added (mobile version - pages amount in the topics listing); w100 style added (100% width)


* img/progress.gif - now included in default package, for possible using in the next versions, also existing add-ons. Use http://ajaxload.info/ to create your own version, which should be preferrably 16x16 px.

* img/v.gif - the new Views icon



2) Some non-mandatory changes were applied to the default miniBB release only. You don't need to upgrade your version if you feel everything is fine on your end:

* bb_func_man.php - <pre> styling completely removed from CSS and the Manual itself

* lang/eng.php - $l_anonAllowed, $l_loginpasswordincorrect - values updated/shortened

New values for:

$l_newAnswers='Recent replies first';
$l_newTopics='New topics first';
$l_lastDiscussions='Recent Stuff';
$l_returntoforums='Get to the begin';
$l_stats_aUsers='Most active partakers';
$l_stats_numUsers='Partakers amount';
$l_stats_numTopics='Topics amount';
$l_stats_numPosts='Replies amount';
$l_stats_admin='Administered by';
$l_stats_lastReg='Recently registered';
$l_days_within='Display bars for the last';
$l_addforum='Add a forum';
$l_noAsking='This is the final step of submission. You will be asked only once.';
$l_forumDeleteAlert='If you tick the box above, after submission your forum, ALL topics and ALL posts of it WILL BE DELETED with no extra backup!';

* templates/faq.html - table removed

* templates/main_post_form.html
* templates/main_posts.html
* templates/main_topics.html
* templates/main_user_info.html

* templates/tools_edit_topic_title.html - changes regarding the padding of the top title (associated with CSS' `headingTitle` because margins were removed from this class, and added vmTP, vmBT instead)

* templates/tools_move_topic.html - `&nbsp;` replaced to {$brtag}

* templates/manual_eng.html - massive updates of the HTML layout, making it 100% Mobile Friendly and W3C correct, also a few of contextual updates

* templates/protect_forums.html - updated button's title

* templates/stats.html - `border="1"` REMOVED (bugfix)

* bb_default_style.css - removed from the default package

* bb_functions.php - `defined('MOBILE') traces completely removed; slight change in page nav. unit amounts



Changes comparision: 3.3 beta 2 - 3.3 beta 3 [released: June 12th, 2018]
********************************************

This release is a polishing update to the almost final miniBB version 3.3. Most changes are related to the new layout or Mobile/Responsive mode/add-on; a couple of collected issues relate to the "make it even better" processes. There is a low security-related update (CVE-2018-6506) in the admin panel, and a couple of changes related to PHP7, so this release makes the newer miniBB fully compatible with PHP7. We appreciate the help and advices from Kshitij Khakurdikar and Frédéric Vasseur from touslescables.com.

Database upgrade is not required.
Make a backup of your database and files before upgrading!


1) MANDATORY core files changes - backup, then overwrite the following core files (near each filename there are more detailed changes mentioned):

* bb_admin.php - $bbimgmrg added; on saving/adding the forum, no more straight HTML will be allowed, but only all possible BB-codes (like for any message on the forum) - scripted to prevent possible unwanted actions from the untrusted admin ; PHP7's deprecated function `each()` replaced to `foreach`

* bb_func_banip.php - possibility to specify $banreason in GET; changes in redirection after ban is completed (to make it more obvious); PHP7's deprecated function `each()` replaced to `foreach`

* bb_func_editmsg.php - `if ($fif!=0) $errorMSG.=$l_topicTextUpdated;` - removed ending {$brtag}; updates regarding $editMsgReloc option - now if this option is set, and if the Files Attachments add-on is installed, the script will always auto-redirect to the message, excluding the case when a file has been not uploaded.

* bb_func_ldisc.php - s.gif replaced to s.png

* bb_func_posthold.php - adjustments regarding responsive layout

* bb_func_ptopic.php - addition of $topic_last_post_time regarding the new datetime format

* bb_func_search.php - wordWrap added for search results (obvious for the Mobile mode); $l_sepr fix when searching in messages

* bb_func_stats.php - BOLD style removed from non-selected Stats Options

* bb_func_supersticky.php - s.gif replaced to s.png

* bb_func_txt.php - wrapText update - chunk reset also at 10,13 codes (\r\n)

* bb_func_usernfo.php - username needs to be included in the functional parsing; `wrapText` added to the website parsing function (to chunk LONG URLs if required)

* bb_func_vthread.php - for 404 not-found page added parsed message incl. $l_pageNotFoundLinked meanings - for making deleted pages less-confusing.

* bb_func_vtopic.php - s.gif replaced to s.png; new conditions for `if($main!='')`; for 404 not-found page added parsed message incl. $l_pageNotFoundLinked meanings - for making deleted pages less-confusing.

* bb_functions.php -> LOAD_HEADER(() - added/cached clean titles of menu items (so they could be used in extra templates); l_pageN introduced for pgRng, pageNav (for making $l_page not conflicting with <title>); `convert_date` to support plain conversion mode disregarding today/yesterday/Time-ago add-on; version change

* index.php - $brMobile addition; user_login_form - tabindex replacement; 'l_pageN', 'firstPageTopicForm' added to `unset` array; 'bbimgmrg' introduced (defines 'margin-right' amount in px for BB code image buttons - could vary depending on Desktop/Mobile template); $bzoutput introduced - an experimental (still not documented) option which will allow to output BZ-compressed pages, if it's supported on the server-side by PHP.


* img/s.png - new (optimized) icon (you have to upgrade the file name and format, as it's built-in in the core scripts)


* lang/eng.php (or update your own language pack):

$l_pageNotFoundLinked='Page {PAGE_NUMBER} not found, probably deleted or never existed. Try to check the <a href="{FIRST_PAGE_LINK}">first</a> or the <a href="{LAST_PAGE_LINK}">last page</a> of this topic';

-- here, {PAGE_NUMBER} will be substituted to a missing Page Number; {FIRST_PAGE_LINK} and {LAST_PAGE_LINK} - relatively to the first and the last pages of the forum or topic.


* templates/admin_removeuser1.html - mandatory adjustments for the responsive version

* templates/form.js - `myField.focus();` added before calculating selections (for Microsoft Edge)

* templates/go.html - changes regarding the new layout

* templates/main_post_area.html - <form> also should have  `name="postMsg"`

* templates/main_posthold.html - adjustments regarding the new mobile layout

* templates/main_topics.html - <form> also should have  `name="postMsg"`

* templates/protect_forums.html - {$fontsCSS} instead of straight HTML code for Fonts' CSS

* templates/user_login_form.html - {$brMobile} added; `handleEnter` function update - should have a referenced form name


2) Some non-mandatory changes were applied to the default miniBB release only. You don't need to upgrade your version if you feel everything is fine on your end:

* setup_options.php - added by default: `$uname_maxlength=20;` (shorter usernames help to keep the Responsive mode smart); default font-style changed to `Roboto`

* css/default.css - `.fdesc A` attributes added; `postedLeftCell` - change `padding-top:27px;` to `padding-top:29px;`; `fPopUp` class added to default CSS; background color removed for `.postedText A:hover`; padding options for `td.caption5` concatenated with `td.tbClCp` padding; added: `padding-bottom:6px;` for `td.caption5`

* templates/admin_panel.html - only {$version} is now enclosed in BOLD tags

* templates/common.js - optimized for speedy load

* templates/main_header.html - for "common.js", 'async' now will be used; `vmiddle` alignments/HTML rebuilding for top logos; `viewport` meat tag should have the closing tag

* templates/main_post_closed.html - `width:100%` replaced to `w100`

* templates/main_posts.html - `width:100%` replaced to `w100`; `document.writeln` replaced to a regular `document.write` - a regular space will be added to the end of line

* templates/main_topics.html - `onclick` to lowercase; `<td class="tbTransparentCell"><h1 class="headingTitle vmTP vmBT">{$l_topicTitle}<a id="newtopic">&nbsp;</a></h1></td>` - here, 'tbTransparentCell' changed to 'caption3'; `vmBT` added to {$forumName}: ``<td class="w100 vmTP vmBT"><h1 class="headingTitle">{$forumName}</h1></td>``; added `<!--MAINTOPICFORUMINPUT-->...<!--/MAINTOPICFORUMINPUT-->` to the <table> where `{$forumName} &rarr; {$l_new_topic}` resides (necessary for the 1st page news add-on)

* templates/main_topics_cell.html - <span class="views"> replaced to <span class="txtSm"> (similar to the look of the main forums page)

* templates/main_user_info.html - vmTP added; basic table changed to align username more smoothly

* templates/main_user_info_cell.html - `caption1` replaced to `caption5`

* templates/manual_eng.html - s.gif replaced to s.png

* templates/tools_move_topic.html - single quotes on Topic Title removed

* templates/user_dataform.html - `style="width:100%"` changed to `w100` CSS

* templates/user_login_only_form.html - `style="width:100%"` changed to `w100` CSS

* lang/eng.php - updated default translations:

$l_signIn='This is allowed only to registered users.';
$l_enterSubject='Please, enter a meaningful '.$l_topicTitle.'!';
$l_enterMessage='Please, enter a meaningful '.$l_message.'!';
$l_fixData='Please verify/update the data, and try again.';
$l_errorUserData='Sorry! Wrong input.';
$l_loginpasswordincorrect='The username or password you have entered is incorrect.';


* _install_mysql.sql - fixes regarding the new datetime format; http://www.minibb.com/forums/msg.php?id=41613


Changes comparision: 3.3 beta 3 - 3.3 *final* [released: June 22, 2018]
********************************************

This is just a little FINAL post-update to the almost final miniBB 3.3 beta 3. Just update a few files.

* bb_func_vthread.php - `usernameFilter` added (for chunk_split'ting large usernames)

* bb_functions.php - version's change; new functions substr_unicode, strlen_unicode, strtolower_unicode - these functions are possible to override for custom encoding/charsets.

* templates/main_posts_cell.html - `noWrap` removed for `pauthor` column (long usernames will be 'physically' chunked from now)

* index.php - `viewUnameLngLim` added to unset


Changes comparision: 3.3 - 3.4 RC1 [released: November 29, 2018]
********************************************
In this version miniBB makes another big step forward, related to Unicode/UTF-8 forums. New functions for UTF-8 text parsing introduced, all add-ons will be updated for these functions. Optional Logins via email-address were implemented; Password restoration now includes just a common message (keeping email addresses not disclosured); also there are updates related to the default and Mobile layouts, and some other fixes. This is a "release candidate" version, that means, prior to the stable release a few of other updates may follow after we upgrade all add-ons which should be compliant with this version.

Database upgrade is not required.
Make a backup of your database and files before upgrading!


1) MANDATORY core files changes - backup, then overwrite the following core files (near each filename there are more detailed changes mentioned):

* bb_admin.php - chunkStr, splitExpression added

* bb_codes.php - fixes in enCodeBB function ("local images" and "external images" - changes allow to post a picture reference without providing the Description/Alt Text); deCodeBB function ([imgs]/[img] codes - `(.+?)` for alt and title replaced to `(.*?)`).

* bb_cookie.php - "strtolower" replaced by "strtolower_unicode"

* bb_func_checkusr.php - unicode usernames validation fix; improvements regarding unicode-dependent checks

* bb_func_deluser.php - bugfix for Archives - added code `/* Delete from archive_userstats */` - if a username is kept with all posts, then this record should be eliminated from the related table.

* bb_func_editmsg.php - improved $userAllow block - added $topic and $forum so these values are not passed via GET or POST; updates for "_unicode" functions

* bb_func_login.php - updates for "_unicode" functions

* bb_func_posthold.php - only the fix about $postRange "length"

* bb_func_pthread.php - updates for "_unicode" functions

* bb_func_ptopic.php - updates for "_unicode" functions

* bb_func_regusr.php - the fix about email notification on a new registration to admin – decoded html entities in a form values, `&amp;` to `&`, `&lt;` to `<` etc.; updates for "_unicode" functions

* bb_func_search.php - strtolower_rus eliminated (replaced to strtolower_unicode)

* bb_func_sendpwd.php - lowercase checking of emails; a common message which is now displayed for all cases even if email has not been sent (updated to prevent exploration of email addresses, which exist in forums database).

* bb_func_txt.php: new function: usernameFilter; more proper shortening by $size (using substr_unicode and strlen_unicode) - textFilter improved - updates for "_unicode" functions

* bb_func_vthread.php - updates for "_unicode" functions

* bb_func_vtopic.php - updates for "_unicode" functions

* bb_functions.php: display_footer() - 'is_mobile_samsung' handling ("SamsungBrowser") - in this case, the "TOP" layer will be eliminated, because a similar one is already present in the default Samsung Browser on Android devices; `load_header` update - `rel="nofollow"` added to the "Register" link; new functions - substr_unicode, strlen_unicode, strtolower_unicode added; version's change

* index.php: `mysql_set_charset` added to unset; updates for "_unicode" functions; added `if(!isset($chunkStr)) $chunkStr='<wbr>';` added `if(!isset($splitExpression)) $splitExpression='//u';`; added `if(!isset($viewUnameLngLim)) $viewUnameLngLim=15;`

* setup_mysqli.php - $mysql_set_charset added; rebuild of $mysql_set_names; updates for "_unicode" functions

* setup_options.php - `$is_mobile_test=FALSE;` left by default; testing mode described in the Mobile add-on's README now; added the code to determine a default Samsung browser; $post_word_maxlength=28; is set by default (a recommended value)

* css/default.css - `scroll-to-top` - the "TOP" layer is centered horizontally in this version, to make a balance between left- and right-handed persons.

* lang/eng.php (or any other default language pack) - `$l_emailNotExists` eliminated and will be no longer used; `$l_emailSent` updated with a new text regarding the password restoration. Now this common message will be given for all cases. This will help to prevent exploration of email addresses, which exist in forums database.

* templates/admin_searchusers.html: remove `span=txtSm` on $pageNav

* templates/main_footer.html - `&uarr;` changed to `&uArr;`and {$l_goUp} eliminated

* templates/main_post_form.html - `rel="nofollow"` added to all default BB code buttons.

* templates/main_posts.html - `getQuotation` update - `rel="nofollow"` added to Reply, Quote hyperlinks

* templates/main_topics.html - pageNav section before <!--/MAINTOPICSPAGE--> fix. `tbTransparentmb` replaced to `tbTransparent`. `{$brtag}` added before <!--/MAINTOPICSPAGE-->. This is done for more proper aligning of the new topic form if there's no page navigation present.

* templates/user_login_form.html: {$uname_maxlength} changed to 100 (useful for email-based logins)


2) Some optional changes were applied to the default miniBB release only. You don't need to upgrade your version if you feel everything is fine on your side:

* _install.php - additions for Multibyte String functions

* bb_func_man.php: fonts size updates; P.special class added

* setup_mysql.php is removed from this and the next releases; support for this module is abandoned for miniBB.

* robots.txt - by default, add `Allow: /templates/common.js`

* templates/manual_eng.html: a new chapter "Setting up your forums & database encoding properly" related to the proper setting the forums in Unicode/UTF-8; an addition regarding Email as a 'login name' (User's login section)


Changes comparision: 3.4 RC1 - 3.4 [released: December 17, 2018]
********************************************
The final release of miniBB 3.4 just sums up the previous Release Candidate with some minor changes, related to the Mobile functionality.

Database upgrade is not required.
Make a backup of your database and files before upgrading!

1) MANDATORY core files changes - backup, then overwrite the following core files (near each filename there are more detailed changes mentioned):

* bb_func_login.php - $topLogin condition added (for proper anchor redirections on login from different forms)

* bb_functions.php - changes in `registerButton` - now the "Cancel" button will be located in the same row as "Sign in" and "Register" buttons

* index.php - $loginTop additions


Changes comparision: 3.4 - 3.4.1 [released: September 19, 2019]
********************************************

This release includes some improvements and bugfixes not related to security issues.

Database upgrade is not required.
Make a backup of your database and files before upgrading!

1) MANDATORY core files changes - backup, then overwrite the following core files (near each filename there are more detailed changes mentioned):

* bb_func_posthold.php - bugfix: in the code before `{$topicTitleField}{$postTextField}` there should be always present `<tr><td>`

* bb_func_pthread.php - `//Posting with anti-spam protection` - block improvement (will skip checking if a new topic creation already set a spam-range)

* bb_func_ptopic.php - `//Posting with anti-spam protection` - block improvement

* bb_func_vforum.php - posts counting bugfix (as described here: http://www.minibb.com/forums/bugs-3/incorrect-counting-bb_func_vforum-6960.html)

* bb_functions.php - `navCellSel` addition to the `pgRng` function; $totaltime replaced to $GLOBALS['totaltime'] (as suggested/discussed here: http://www.minibb.com/forums/msg.php?id=42181); `violating_the_copyright_may_result_in_your_criminal_responsibility` link - added `class="vmiddle"`; load_header() - `removeBlocks` - the new code for replacing/adding the customized HTML blocks in the Header template; could be set up for various add-ons or actions. For example, in the Contacts Form script, portions of default forum menu could be removed and only basic links left.

* index.php - $unset optimization (as suggested/discussed here: http://www.minibb.com/forums/4-6961-1.html); running the bans query only if it's really necessary - (as suggested/discussed here: http://www.minibb.com/forums/msg.php?id=42197); 'antiSpam' and 'removeBlocks' added to $unset array; removed `if(defined('MOBILE')`codes

* templates/form.js - `insertAtCursor`, `pasteSel` functions updated - changes related to the selection event in iOS-related devices, and also selection events improvements for regular browsers; `getSelectionText` - new function, also added new triggers: `mouseup`, `touchend`.

* css/default.css - `navCellSel` addition - new class (transparent background for selected Page in Navigation)


2) Some optional changes were applied to the default miniBB release only. You don't have to upgrade your version if you feel the forum runs fine on your side even without these changes:

* css/default.css - scroll-to-top - `bottom:` changed to 13px;

* lang/eng.php - $l_menu[0]='Start'; now (was 'Begin')

* templates/main_header.html - `{$l_menu[7]}` ("Start New Topic") temporarily/experimentally removed as it brings sort of confusion to the end client and duplicates the already existing link.

* templates/manual_eng.html - updates regarding descriptions of the line feeds: for the Language packs, they should be Windows-like (CR+LF), for email templates - Unix-like (LF only).


Changes comparision: 3.4.1 - 3.4.2 [released: October 28th, 2019]
********************************************

In this version: improved politics of miniBB links presentation and pages index, and small post-fixes to the previous release. The "nofollow" attribute should be removed from all internal forum links - whenever they could appear (like on the Statistics or phrase-based Search pages); all links should have "follow" (default) attribute. Additionally, the "ugc" attribute is introduced for all `user-generated content` links (i.e. those links put in messages) - it will replace the older "nofollow" attribute; all this is introduced regarding the recent Google revisions as described here: https://webmasters.googleblog.com/2019/09/evolving-nofollow-new-ways-to-identify.html

Database upgrade is not required.
Make a backup of your database and files before upgrading!

1) MANDATORY core files changes - backup, then overwrite the following core files (near each filename there are more detailed changes mentioned):

* bb_admin.php (administration script could have a different filename) - `url_follow` removed from $unset; $reldef codes added.

* bb_codes.php - `reldef` additions.

* bb_func_stats.php - `rel="nofollow"` now is eliminated from all internal links (as well as `$nof`). Improvements in Titles on various options. 

* bb_func_usernfo.php - `rel="nofollow"` now is eliminated from all internal links (as well as `$nof`). Improvements in the default `parseUserInfo_user_website` - URL will be clickable for Guests, but masked with a Javascript-based function.

* bb_func_vthread.php - `rel="nofollow"` now is eliminated from all internal links (as well as `$nof`).

* bb_functions.php - sendMail() - $reply_to_email added as an optional parameter. Now for various scripts (like Contacts) there could strictly separated From, Reply-To and Errors-To fields.

* index.php - changes in the default `defineRobots` function. Now Search pages will have INDEX,FOLLOW tags - but *only* if a phrase is entered to search. This won't affect default search form, and search results with non-phrase params. 'reldef' added to `unset`, as well as `$reldef` defined in script. `url_follow` removed from unset, as well from the code (if $reldef is set to '' (an empty string), no rel tag should be generated for user links).

* /css/default.css - FIX: .navCellSel{ background-color:transparent; } (was: none).


2) Some optional changes were applied to the default miniBB release only, or miniBB.com forums. You don't have to upgrade your version if you feel the forum runs fine on your side even without these changes:

* lang/eng.php - Caps on titles : 
$l_stats_popular='Most Popular Topics';
$l_stats_aUsers='Most Active Partakers';
$l_stats_viewed='Most Viewed Topics';
$l_new_topic='Post New Topic'; (was: Start new topic)
$l_menu[7]='Post New Topic'; (was: Start new topic)

* templates/manual_eng.html - description of `$reldef` (non-mandatory option - described below).

* setup_options.php - you could specify the `rel` attribute's value, which will be used for outgoing links in messages. By default it is "ugc"; however you could re-set it to "nofollow", pasting this:

$reldef='nofollow';

Putting an empty value will not set `rel` attribute in outgoing message links at all.

Preferrably you should set this option once and forever; if you change your mind later, make sure to update the forum database with the SQL query provided below.


* DATABASE MODIFICATIONS: if you'd like to change `rel="nofollow"` attributes in the database records, use the following SQL statements (execute them in the database manager's like phpMyAdmin SQL window):

select count(*) from minibbtable_posts where post_text like '%rel="nofollow"%';
#the query above displays the amount of all messages currently containing `rel="nofollow"`. This query is also useful to check how many messages with this attribute are left after update (should be 0 left).

update minibbtable_posts set post_text=replace(post_text, 'rel="nofollow"', 'rel="ugc"') where post_text like '%rel="nofollow"%';
#the query above is used to update all messages, replacing "nofollow" to "ugc".


Changes comparision: 3.4.2 - 3.5 [released: May 14, 2021]
********************************************

This version is a final attempt to collect everything of current interest before proceeding to miniBB 4.0, which is planned to have a new authorization functionality and some major layout improvements. Most of new functions are mentioned in the file updating notes below. Please read carefully until the end to prepare your forum for the next step of the annual existence.

Please note that all scripts were updated during a long-time period, and now are just collected in the common release. In some scripts, you could see the "Latest File Update" referring to the prior dates of this release date, but this is normal.

Database upgrade *is required* for this version, since it contains major changes to some fields, and introduces new fields and tables.

Make a backup of your database and files before upgrading!

0) If you have mySQL 5.5.3+, please read all this section until the end to understand what you should apply to make your database fully support UTF-8. 

* There is a new table added, named 'minibbtable_failedlogin' - in this release, a new function ("Failed Logins Auto-ban") to prevent automatic selection of l/p combinations (brute-force attacks) is added. This table will keep the failed login attempts and release them in a certain time. The methods of how it works stands closely to the methods used by the 'fail2ban' software for Linux (but of course, it's not about the server-side functionality, and takes care of the forum logins only).

Proceed adding the new table to your forums database (change 'minibbtable' prefix if necessary):

CREATE TABLE minibbtable_failedlogin (
forced_id int(10) NOT NULL,
forced_username varchar(200) NOT NULL,
forced_ip varchar(45) NOT NULL,
forced_amount int(2) NOT NULL,
blocked_until datetime
) ENGINE=MYISAM;

If you have mySQL 5.5.3+, refer to the paragraph below describing the "_install_mysql_utf8mb4.sql" commands set, which also includes the update of this table for the full UTF-8 support.


* Added a new field to the `send_mails` table - for handling the Subscriptions/Watching topics - will keep the currently fixed last 'post_id' in a Subscribed topic (it's reset back to 0 after the topic is checked). 

Update your database with the following command (change 'minibbtable' prefix if necessary):

alter table minibbtable_send_mails add post_id int(11);


* To the 'banned' table, a new field is added for keeping the date and time of the banned IP. In the future, it's planned to release the function which would allow to delete outdated IPs in one click (for example those older 2 years and so on). By now, IP addition time is just displayed under the Admin panel for new records. 

Update your database with the following command (change 'minibbtable' prefix if necessary):

alter table minibbtable_banned add banwhen datetime;


* If you have mySQL 5.5.3+, you could update it to have the 'utf8mb4' as the default character set, and 'utf8mb4_unicode_ci' as default collation for text-based fields. This could extend the database to provide a full support of UTF-8, including emojis and astral symbols (on older/improperly configured mySQL database, it's quite possible to enter the error gate if some invalid symbol is put in). To upgrade your database, refer to the section below describing the new file named "_install_mysql_utf8mb4.sql".


* Optionally, you could upgrade field lengths, changed in default package: for the IP values, the length is increased to 45 (meeting the upcoming IPv6), and the email field is now also increased in length (from 50 to 100).

Update your database with the following commands (change 'minibbtable' prefix if necessary):

ALTER TABLE minibbtable_banned CHANGE banip banip varchar(45) NOT NULL default '';
ALTER TABLE minibbtable_posts CHANGE poster_ip poster_ip varchar(45) NOT NULL default '';
ALTER TABLE minibbtable_users CHANGE user_email user_email varchar(100) NOT NULL default '';


* This is ONLY for older version mySQL databases and purely Optional; and even for newer version mySQL, *you have to skip this step if you already applied the commands from '_install_mysql_utf8mb4.sql' as mentioned below*, 'cause lengths are already adjusted in this file. So, if you'd like to keep some field lengths more properly aligned to the current miniBB defaults, apply the following (you could specify bigger lengths for these fields, if needed):

ALTER TABLE minibbtable_banned CHANGE banreason banreason varchar(256) NOT NULL DEFAULT '';
ALTER TABLE minibbtable_forums CHANGE forum_name forum_name varchar(150) NOT NULL default ''; 
ALTER TABLE minibbtable_posts CHANGE poster_name poster_name varchar(200) NOT NULL default 'Guest';
ALTER TABLE minibbtable_topics CHANGE topic_poster_name topic_poster_name varchar(200) NOT NULL default 'Guest';
ALTER TABLE minibbtable_users CHANGE username username varchar(200) NOT NULL default '';
ALTER TABLE minibbtable_users CHANGE user_icq user_icq varchar(256) NOT NULL default '';
ALTER TABLE minibbtable_users CHANGE user_occ user_occ varchar(256) NOT NULL default '';
ALTER TABLE minibbtable_users CHANGE user_from user_from varchar(256) NOT NULL default '';
ALTER TABLE minibbtable_users CHANGE user_custom1 user_custom1 varchar(256) NOT NULL default '';
ALTER TABLE minibbtable_users CHANGE user_custom2 user_custom2 varchar(256) NOT NULL default '';
ALTER TABLE minibbtable_users CHANGE user_custom3 user_custom3 varchar(256) NOT NULL default '';



1) MANDATORY core files changes - backup, then overwrite the following core files (near each filename there are more detailed changes mentioned):

* /css/default.css — new class addition (for the Mobile add-on): `.watchIcon{ padding-right:4px; }`. New class added: `.tcelllastm` (will separately handle the last cell for mobile). `.quote` and `.hl` are updated to have different margins and padding (since there will be no <br> tag put after [quote] and [hl], we also need margin-bottom defined for them; defaults to 20px). `capMenu` is now transformed to handle the menu table separately.

* /img/topic_active.gif — a NEW icon for indicating subscribed topics (displayed in the Subcription lists, paying attention to a new reply available).

* /lang/eng.php (and whatever language pack) — now similarly to all core scripts, each language pack should have on the top of it this code string: `if (!defined('INCLUDED776')) die ('Fatal error.');`. This is a security issue, and you should also update your language pack(s) with this line. $l_emailNotify updated to an only value of 'Watch this topic' (should not include the mentioning of email updates - this could be optional from now). $l_unsubscribe has now the value of just 'Unsubscribe'. New variables added following the /* v.3.5 */ comment (include those defining the Watch/Subscribe interface, Failed Logins Auto-ban, Message locator errors, Preview).

* /preview/index.php — NEW folder and the file which came from an earlier Preview add-on, now included in miniBB by default.

* bb_admin.php — the commented string containing `get_magic_quotes_gpc` eliminated. Removed `$httponlycookie` values. Cases `viewsubs` and `viewsubs2` moved to the `bb_func_viewsubs.php`.

* bb_codes.php (or whatever script name you may have for Administration) — for [img]/[imgs] tags there were improved regular expressions handling image description (alt/title tag). Patterns like `([^<>\n\r\[\]&=/"\']*?)` and `([^<>\n\r\[\]&=\/\"']*?)` were resp. changed to `([^<>\n\r\[\]=\']*?)` and `([^<>\n\r\[\]=']*?)` - this supposes that inserting ampersands and quotes in the alt/title tag is safe (and often necessary), the '/' symbol is also allowed (but the combination like '://' will be removed for regular users in alt/title tags). SVG added to the allowed image extensions list. An ending $GLOBALS['brtag'] has been removed from the "quote" and "hl" BB tags, it's be replaced by the updated CSS; codes for these tags were also updated to provide more smooth editing with newlines. 

* bb_cookie.php — `getMyCookie` now completely eliminates apostrophes in its values; `get_magic_quotes_gpc` eliminated. New function `setGenCookie` - will be used from now to set cookies in all scripts for miniBB. It takes into attention the "options" array avail. since PHP 7.3.0 (incl. the 'samesite' element), and also "httponly" parameter which is now set up as $cookie_httponly; refer to the new $cookie_* options for more. New function - `formCookieVal` - to catch the login values from bb_func_login.php in a more easy and shared way. For $GLOBALS['user_sort'] values, now it's possible to specify a global sorting value, which would override even sorting specified in the Profile; for example - it could be useful to provide the "always-default" sorting by New Topics in some forums (like on miniBB - "Tidings" - New Topics always on top by default).

* bb_func_banip.php — $banwhen addition (banning date)

* bb_func_checkusr.php — default $umax now equals to 15. For email validation, filter_var/FILTER_VALIDATE_EMAIL will be used. This also makes the requirement to run miniBB starting from PHP v.5.2.

* bb_func_delmsg.php — `setGenCookie` instead of `setcookie`.

* bb_func_deltopic.php — `setGenCookie` instead of `setcookie`.

* bb_func_editmsg.php — `$topicTitle=$row[1];` replaced to `$topicTitle=operate_string($row[1], FALSE);`; this is useful if $adminHTML setting is TRUE. `trim` added to `deCodeBB`. $furlCl added for PREMOD_EDITMSG/PREMOD_EDITTPC.

* bb_func_editprf.php — more notable $warning displaying (will add breaks after if it's present); removed the '<span>' code and a semicolon in displaying of {$l_userErrors[$correct]}.

* bb_func_fla.php — NEW file to handle failed logins and that way attempting to prevent brute-force attacks. 

* bb_func_fla_admin.php — NEW file to review failed logins.

* bb_func_ldisc.php — shortened/hidden numeration on amounts - added `$topic_viewsClean`, `$numRepliesClean`.

* bb_func_login.php — `get_magic_quotes_gpc` eliminated. More stronger handling of apostrophes and quotes in guest names. The $cook value is now formed and read using the function `formCookieVal`.

* bb_func_movepost.php — NEW file (previously known as the "Moving Replies" add-on, or addon_movepost2.php - now it's included in the core by default)

* bb_func_posthold.php — `get_magic_quotes_gpc` eliminated.

* bb_func_preview.php — NEW file - Preview add-on is now ebmbedded into the basic miniBB by default (known earlier as 'addon_preview.php').

* bb_func_pthread.php — additions for the Watching topics function. `$allowedByWatch` def added with the related conditions. The code named `/* Update current subscriptions except for the author */` - moved below the emailing codes, and updated heavily - now it will activate the topic's subscription of the author immediately (previously this step was completed after redirection to the topic). Added `$post_id=$topic_last_post_id;` to the SECOND `//Insert user into email notifies if allowed` code; also 'post_id' to "insertArray" of the same block of code. Limits check by $userTotalSubs and $subscriptionsLimit. $followCode updated to have a new Subscription's Follow-up link (leading to msg.php and not index.php).

* bb_func_regusr.php — `$user_id==1` check replaced to `$logged_admin==1`. Fixes regarding profile's registration by admin (should not auto-login the new account).

* bb_func_search.php — added `isset($numRows)` (the bottom code Ln#499).

* bb_func_stats.php — bugfix in displaying number of replies (should not include the number of topics). $numUsersClean, $numTopicsClean, $numPostsClean to provide exact amounts under '<abbr>' tag.

* bb_func_subscriptions.php — a NEW script to handle the Watching/Subscriptions functionality

* bb_func_supersticky.php — shortened/hidden numeration on amounts.

* bb_func_txt.php — critical bugfix - in the code string like `$text=preg_replace("/&amp;#([0-9]+);/", '&#\\1', $text);` a semicolon should be added to '&#\\1' so it looks like: `$text=preg_replace("/&amp;#([0-9]+);/", '&#\\1;', $text);`. `get_magic_quotes_gpc`eliminated. Addition of `enableDash` codes - replace ' - ' to '&mdash; or '&ndash;' or whatever ($enableDash in setup_options.php).

* bb_func_unsub.php — now contains the direct link to the Unsubscribed Topic ("Get Back" link).

* bb_func_usernfo.php — new code - $subscriptionsBlock; `parseStatsNum`, `parseNumClean` functions added for plain stats numbers

* bb_func_viewsubs.php — NEW script. Now also Moderators are be allowed to view and moderate the Topics Subcription lists; most of related functions moved here from the Admin panel, and improved.

* bb_func_vthread.php — $watchIframe, $watchJs and $watchLinkSetup added for subscriptions handling. `get_magic_quotes_gpc`eliminated. Experimental: "Edited By" info is now available in Desktop version only for Admin/Moderators; there were thoughts that this is a waste information giving mostly nothing to a regular visitor or Guests; in most cases, poster himself could edit a message to fix some wrongly posted chars or sentenses; even in this case, this info gives nothing important - it was completely eliminated for the Mobile layout, giving more breathe in a portrait-oriented look; the information still will be kept in database as it was - you could anytime bring back an {$editedBy} value to the `templates/main_posts_cell.html`. Link to Subscriptions changed ($indexphp instead of $bb_admin). Additions regarding the default embedding of the Moving Replies function. For the Mobile template, an IP address for admins would be now displayed without the 'IP' prefix. '~' as a sub-name introduced for all guest names similar to $l_anonymous.

* bb_func_vtopic.php — shortened/hidden numeration on amounts. The fix for the "New Configurable Topic Form" add-on (if it's installed): if there's a new forum, and there are no topics posted in it, there was "no obvious option to be first to post" - as reported here: https://www.minibb.com/forums/bugs-3/no-obvious-option-to-be-first-to-post-9681.html . '$ini_sort' added (possible to re-assign default sorting as a global value for certain forums).

* bb_functions.php — `strlen_unicode` function updated (also, the hidden def TEXT_ENCODING now allows to strictly define the proper encoding, if the server fails to do it on its own). `get_magic_quotes_gpc` function removed. The code string `and isset($GLOBALS['user_id']) and` added in load_header() function. `setCSRFCheckCookie` update - now will use `setGenCookie` instead of `setcookie`. `parseStatsNum` function updated, `parseNumClean` - new function (parse shortened/hidden numeration on amounts). `emailCheckBox` function updated to include values for Watch/Subscribe functionality. `fixWrongLogin` - new function to handle failed logins. New function: `replaceQuotes` (to transform the regular quotes to « and », or what's specified). `get_magic_quotes_gpc`eliminated. Check for `$GLOBALS['pathToTpl']` added to 'load_header' and 'registerButton' functions to avoid wrong interface when viewing from a mobile device with no connection to the Mobile template. Fix for the 'emailname' (in some undetermined cases produced a Notice).

* index.php — removed $httponlycookie values. 'register' action should be executed having a $_POST array enabled - `elseif($action=='register' and ($user_id==1 or $enableNewRegistrations) and sizeof($_POST)>0)...`. 'enableDash', 'purgeEmailSettings', 'eliminateCheckBox', 'activeEmailsDisable', 'ini_sort', 'replaceQuotes' added to $unset. $replaceQuotes added for validation. `sitename_subtitle` added (optionally could be defined in setup_options.php and then it will differ from $sitename by default) - it could be used in main_header to provide a title different from what's displayed in <title> tag. `$totalPosts=$topicData[5];` is now predicted with a condition, to avoid PHP Notice when a deleted topic is being accessed by an old URL. 'post_id' update added to the "update send_mails table" process. (New) definition of $watchReset added. New: ($action=='viewsubs'), ($action=='fla') and ($action=='movepost'). On `$_POST['mode']=='login'`, there is added a new script: `include_once($pathToFiles.'bb_func_fla.php');`. The code block containing 'goPost' - responsively, the block to update the subscription while watching the Topic - has been eliminated and move to 'msg.php' (since the new subcription link will open this script instead). $previewButton added and new additions for `prevForm`.

* msg.php — this script is now available *by default* in miniBB package (known previously as the part of the "Advanced Anchors" add-on, which is still available but just *will not* contain this script anymore). As practice shown, this script is useful to include in many other related references, and gradually it will also be used in faster search results, or location of messages elsewhere. In templates/main_posts_cell.html, you could still use the old-school reference for each message as "#msg{$cols[6]}", but in default release, it will be present as "{$main_url}/msg.php?id={$cols[6]}".

* setup_mysqli.php — Function `updateArray` extended to have a second set of comparision values ($uniq2,$uniqVal2) - by default, they are empty. The new function introduced: `smart_deadDB` - could be rewritten on a custom basis. This function will provide a smart screen template to display when there's a problem connection to mySQL database. This is provided instead of the earlier 'die' statement with the 'Database configuration/error' message. On production servers, it could sometimes happen that a server experiences connections overload, or other issues. This message should be user-friendly, but when installing your forum, keep in mind that there's now a new message displayed, if you configure your mySQL host improperly. The message will contain a reference code, beginning with '1' or '2' and ending with a current date. Your forum members could provide you such reference if they see this error. The starting '1' means the connection to mySQL is dead, or wrong login/password/host supplied. The starting '2' in this reference means that the database became missing or corrupted, and the script could connect to mySQL, but could not connect to the database. You could overwrite this function, copying it to setup_options.php, and re-configuring your own template and text. 

* setup_options.php — New mandatory options: $cookie_httponly, $cookie_options, $cookie_samesite; should be added straight after older $cookie* settings - refer to the Manual for descriptions - add carefully depending on your PHP version. New mandatory option: `$Tl='minibbtable_failedlogin';` - specifies a table name in forums database storing Failed Logins information. New mandatory options related to the Watching/Subscriptions functionality: $eliminateCheckBox, $subscriptionsLimit, $additionAlerts, $purgeEmailSettings (refer to the Manual for descriptions). New mandatory options starting with the '$fla_' prefix - they specify some important settings regarding the Failed Logins Autoban functionality (refer to the Manual for descriptions). `$uname_maxlength=15;` by default. New default values for cookies: `$cookie_expires=604800;` (expires by default in 7 days/1 week); `$cookie_renew=172800;` (renewing process initiated if expiration is less than in 2 days). $sitename_subtitle added. $brtag setting from now is also mandatory (defaults to '<br />') - preferrably set up straight after cookie options. New setting: $replaceQuotes (`array('&laquo;', '&raquo;')` by default, but could be reset to an empty array if you'd like to disable transforming the regular quotes on message posting).

* /templates/admin_editforum2.html — spare `colspan="2"` removed.

* /templates/admin_panel.html — new code for Subscriptions TOP100: `<li><a href="{$main_url}/{$indexphp}action=subscriptions" class="mnblnk">{$l_subsWatchingList}</a></li>`. New codes for "Failed Logins" links: `<li>{$l_flaAdminList} &mdash; <a href="{$main_url}/{$indexphp}action=fla&amp;step=0" class="mnblnk">{$l_flaAdminListCurrent}</a></li><li>{$l_flaAdminList} &mdash; <a href="{$main_url}/{$indexphp}action=fla&amp;step=1" class="mnblnk">{$l_flaAdminListLogFile}</a></li>`

* /templates/email_reply_notify_eng.txt — experimental: default email notifications about new post now *will not contain* a whole or partial message. They will just contain the link to the post and the unsubscribe link. In theory, this would force users to review the post clicking the link, and that way continuing the subscription automatically, thus avoiding confusion of why the subscription has been stopped (they read the message in the email, but didn't go to the forum). {$postTextSmall} still would be available to admins willing insert short preview of the text in the subscription email.

* /templates/email_user_register_eng.txt — default email notifications on a new registration now will not contain a straight password or username visible. This email would be just about a notification of a successfull registration. Applying an option named `$closeRegister`, you should have another template of a similar filename installed, which would contain {$username} and {$passwd} filled in.

* /templates/form.js — now contains the function for Preview embedded by default - `previewMsg`; comparing to the add-on's version, this one will contain a loading indicator - progress.gif.

* /templates/main_footer.html — MANDATORY: at the top of this template (or elsewhere), there should be a hidden iframe present: `<iframe id="actionframe" name="actionframe" src="about:blank" style="display:none;overflow:hidden;width:0px;height:0px"></iframe>`- it would be useful for other extensions planned in miniBB for the future, currently involved in Subscriptions. Also, two '&nbsp;'s now surround the Up-Arrow button for better UE.

* /templates/main_header.html — {$watchingLink} added by default. Gradually, the Watching function will supress the Favorites add-on, so if you have a link to it in this templates, it's time to remove it now (but you could keep the Favorites add-on installed until necessary). {$borderRightMobile} is now eliminated for Desktop/Mobile versions; instead, the 'capMenu' class is introduced for the menu items table.

* /templates/main_modern_lcell.html — $topic_viewsClean, $numRepliesClean added.

* /templates/main_post_area.html — now contains {$previewButton}.

* /templates/main_post_form.html — "p.gif" with the `$bbimgmrg` px is now introduced to support more aligned layout of BB code buttons.

* /templates/main_posts.html — {$watchLinkSetup} added (would indicate the Watch/Subscribe or Unsubscribe link with no obligation making a new post or topic). {$watchJs} and {$watchIframe} added to handle the background processes of adding/removed a Subscription. {$massMoveJs}, {$massMoveLink} and {$onClickTopicTitle} are now added by default to handle the Moving Replies functionality. `main_url` added (for Preview indicator). `getCSRFCookie` function of JS now should be available to everyone (not just an admin) and moved to the top part of the JS section.

* /templates/main_posts_cell.html — {$moveLink} added by default (to display the position of the "Move" function).

* /templates/main_preview.html — NEW template for displaying the Preview pop-up (know earlier as 'addon_preview.html').

* /templates/main_subscriptions.html — a NEW template for Watching/Subscriptions list displaying (layout)

* /templates/main_subscriptions_cell.html — a NEW template for Watching/Subscriptions list displaying (cells)

* /templates/main_topics.html — Sorting by New topics/posts is now back (lost occassionally in the initial miniBB ver.3.0). Now contains {$previewButton} and `main_url`. Added `onkeydown` event for `topicTitle` - prevents the form from submission by hitting Enter in this field.

* /templates/main_topics_cell.html — $topic_viewsClean, $numRepliesClean added.

* /templates/main_user_info.html — {$subscriptionsBlock} added. [Remove {$favoritesBlock} if you have it].

* /templates/main_viewsubs.html — NEW template, but it's actually renamed from the earlier `/templates/admin_viewsubs.html`.

* /templates/tools_edit_post.html — now contains {$previewButton} and `main_url`.

* /templates/tools_edit_topic_title.html - added `onkeydown` event for `topicTitle` - prevents the form from submission by hitting Enter in this field.

* /templates/user_login_form.html — {$uname_maxlength} added to `maxlength`. `logintop` fix.



2) Some non-mandatory changes were applied to the default miniBB release only. You don't have to upgrade your version if everything is fine on your side with these files:

* _install.php — new additions regarding mySQL version comparision for analysis; for versions not supporting "utf8mb4" character set, the script will change defaults in "_install_mysql.sql".

* _install_mysql.sql — default installation set has some improvements - some of them regarding 4-bytes 'utf8mb4' support, default Guest name changed to 'Guest' from 'Anonymous', 'poster_ip' is now increased in length to support the planned IPv6; "username" fiels is limited up to 200 chars only (supposing it couldn't be bigger than 50-chars if it would consist of UTF-8 chars only with the 4-bytes model of 'utf8mb4' structure); this is anyway way too big length for a reasonable username, which usually shouldn't exceed 25 chars in any layout (15 chars would be also a non-layout-breaking limit for the Mobile template).

* _install_mysql_utf8mb4.sql - new file - for compatible mySQL databases (ver.5.5.3+), the installation script will put 'CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci' for text-based fields. You could use the same set of commands to update your database (before this, assign proper table names/prefixes, if necessary). In SQL statement window of your mySQL client, you could execute all these commands at once.

* setup_options.php - for new installations, there will be introduced an automatic title generation based on the day of the week. This is just for demonstration, and surely could and should be replaced to a static forums string-based title.

* /css/default.css — `.popUp` is now with 'padding:10px;'. `.inputButton` and `.inputButton:hover` were updated to have an universal gradient and borders. Before `.navCellSel` added new definitions of `.tcelllast A:link, .tcelllast A:visited, .tcelllast A:active, .tcelllast A:hover` (this eliminates doubtful hyperlinking on links to certain posts in Topic listings and makes the link more obvious).  Default "padding-top" and "padding-bottom" changed to 8px for `postedText`. Improved 'authorIcon' class (middle/padding-bottom): `img.authorIcon{...vertical-align:bottom;...padding-bottom:4px;}`. `cursor: help;` added to 'abbr'. 

* /templates/main_header.html — Removed the top part raw; <!--topSlogan-->...<!--/topSlogan--> moved straight under the `miniBB` title.  

* /templates/main_last_discuss_cell.html — Removed 'tcell' class for the {$lastPoster} column. `w100` instead of `style="width:100%"`.

* /templates/main_modern_layout.html — '13pt' changed to '5px' aligning in `<td style="width:30%;vertical-align:top;padding-top:13pt">` and '15pt' changed to '20px' in `<td style="width:70%;vertical-align:top;padding-right:15pt;">`.

* /templates/main_modern_lcell.html — added `width:50%` for user columns (helps to align long usernames more properly on devices like iPad).  Removed 'tcell' class for the {$lastPoster} column. `w100` instead of `style="width:100%"`.

* /templates/main_topics_cell.html — removed 'tcell' class for the {$lastPoster} column. `w100` instead of `style="width:100%"`.

* /templates/manual_eng.html — a lot of new stuff and updates were put in the miniBB core instructions file, the "User's registration" chapter mostly rewritten. New options described: $cookie_httponly, $cookie_options, $cookie_samesite; $enableDash, $eliminateCheckBox, $subscriptionsLimit, $additionAlerts, $purgeEmailSettings, $fla_attempts, $fla_mode, $fla_manyAttemptsLimit, $fla_blockPeriod, $fla_logFile, $fla_logLang, $fla_autoBanned, $predefinedMovedTopics, $replaceQuotes.

* /templates/stats.html — added $numUsersClean, $numTopicsClean, $numPostsClean to provide exact amounts under '<abbr>' tag.

* /templates/user_dataform.html — default `maxlength` values changed for the following fields:

name="passwd": from `maxlength="32"` to `maxlength="100"`
name="email": from `maxlength="50"` to `maxlength="100"`
name="icq": from `maxlength="15"` to `maxlength="64"`
name="occupation": from `maxlength="100"` to `maxlength="64"`
name="from": from `maxlength="100"` to `maxlength="64"`
name="interest": from `maxlength="150"` to `maxlength="64"`


Changes comparision: 3.5 - 3.6 [released: March 23, 2023]
********************************************

In January 2022, the German Court declared that Google Fonts is not compliant with GDPR/DSGVO; that means, websites using Google Fonts API are not GDPR-Compliant too, and could be subject of penalties. If your miniBB-forum is located in European Union, you should avoid referring to Google fonts API; this also affects any EU-based websites. You have to provide the local server hosting of the fonts you use, incl. Google Fonts, in order to comply with the GDPR rule. That basically means, the fonts should be located on the same server you keep the forums and domain on. 

Since then, and because we are located in EU too, miniBB package will not include the reference to the Roboto font hosted by the Google API anymore. By default, it will include the set of Roboto fonts and the local CSS reference to them. This will make the default miniBB package about 300 Kb heavier, but that's the necessary step. The default link to the Google font was actually the one referring to the 3rd party libraries in miniBB scripting, that's why this step will make miniBB absolutely clean, and possible to test/install on closed intranet networks by default. All like in the ancient good old times.

Please note that by default only the Latin charset is provided in miniBB package. Even on miniBB website (minibb.com) or miniBB demo page (minibb.org) we use extended sets of Roboto font. 

On miniBB demo, we have used the approach suggested on the "google-webfonts-helper" project -> https://gwfh.mranftl.com/fonts . 

You could try the same, easily getting a local copy of any type of free Google fonts online. The webpage of this project allows to choose a font, make the charset selection, specify the folder name where the font files will be located, then copy the automatically generated CSS and download all necessary files at once. Follow what's created under /css/ folder of miniBB, how it's referenced in roboto.css as for an example, put the additional font names and defs under /css/default.css which is used on the forum, and then update the value of $fontsCSS in setup_options.php, replacing your fonts set, or adding it as a different stylesheet in additional meta-tag.

Surely, you could also avoid applying any of the downloadable custom fonts, and use one from commonly used generic font families (like Times, Georgia, Arial, Tahoma, Trebuchet MS etc.). In this case, you just have to name one or few of those fonts in your CSS, and check how your fonts appear on different browsers and devices.

Follow more detailed guide below for updating certain files of the miniBB version 3.6.

1) Database upgrade is required if you'd like your forum to meet updated W3C standards regarding self-closed tags like <br /> and <img ... />. Keeping the tags like these will produce a notice on W3C which will say: "Trailing slash on void elements has no effect and interacts badly with unquoted attribute values", that's why your forum pages won't validate properly.

Update is quite easy, you should apply the commands below to your database, substituting the proper table names:

update minibbtable_forums set forum_desc=replace(forum_desc, ' />', '>') where forum_desc like '% />%';
update minibbtable_posts set post_text=replace(post_text, ' />', '>') where post_text like '% />%';


2*) Most miniBB templates were also updated because of W3C change mentioned above. For quick-fixing this, two tool-scripts were released: `replace_script.php` and `replace_selfclosed.php` (available to Download in miniBB's Utilities section: https://www.minibb.com/download.html#utilities ).

`replace_selfclosed.php` will update self-closed tags like ' />' to '>' in mostly templates, but possibly also in bb_plugins.php and other .php add-on scripts, where they appear to be embedded in the code. Please note that in some PHP codes, appearance of the '<br />' tag in the `str_replace` function should be left as is.

`replace_script.php` will try to replace all instances like <script type="text/javascript"> (to just <script>...</script>) which produce an unwanted notice on W3C, also tags like '<!--' and '//-->' inside of the JavaScript code, which are outdated and no longer needed for modern browsers.

Use these scripts to quickly update your forums if you feel the need in updating these tags. Each script contains instuctions inside.

PLEASE NOTE: these scripts are coded for miniBB only, and despite they *may* be used for other websites, it makes them possible for easy use just because miniBB coding was very strict and contains well-known schemas.

The basic miniBB version's default templates were updated for the new tags and they are (on your customized forum, *you don't have to overwrite them* - just use the scripts mentioned above to update them in folder):

admin_addforum1.html
admin_banusr1.html
admin_deleteban1.html
admin_editforum1.html
admin_editforum2.html
admin_export_emails.html
admin_removeuser1.html
admin_searchusers.html
admin_sendmails1.html
main_forums_cell.html
main_last_discuss_cell.html
main_last_discussions.html
main_modern_fcell.html
main_modern_lcell.html
main_post_area.html
main_post_form.html
main_posts.html
main_posts_cell.html
main_preview.html
main_subscriptions.html
main_subscriptions_cell.html
main_topics.html
main_topics_cell.html
search.html
search_box.html
stats.html
stats_bar.html
tools_edit_post.html
tools_edit_topic_title.html
tools_move_topic.html

*Further below this report, there are also mentioned templates which contain other significant changes besides of the self-closed tag fix*.
Make sure you check out them all.


3) MANDATORY core files changes - backup, then overwrite the following core files (near each filename there are more detailed changes mentioned):

* /preview/index.php - `type="text/javascript"` removed; self-closed tags fixed.

* /lang/eng.php - because default order of Profile values has been changed on the Registration/Profile form and Profile View page, it's critical to update the language pack, from now having different order of field indexes, which is present as:

$l_usrInfo[5]='Motto, slogan';
$l_usrInfo[6]='Location';
$l_usrInfo[7]='Website';
$l_usrInfo[8]=$l_userOcc;

(was:
$l_usrInfo[5]='Instant messenger';
$l_usrInfo[6]='Website';
$l_usrInfo[7]=$l_userOcc;
$l_usrInfo[8]='Location';
)

More changes of this file described below as non-mandatory, but if you update `templates/user_dataform.html` as described below, this language pack update is significant.

* bb_admin.php - forums quick view update in the `get_forums_fast_preview` function. Instead of the ORDER number (which was too obvious and not meaningful), there will be provided the forum ID to show, which could be more helpful in the moving topic process. Check for `setup_options.php` existance before including it (read below `index.php` for more infos). 'adminpwd' handling changed to 'user_pwd' to provide the Password Revealing option on the login form. Default values of`$l_asc` and `$l_desc` updated.

* bb_codes.php - '<script>' added to $simpleCodes; fixes in `enCodeBB` and `deCodeBB` functions - all <img> tags from now should be not self-closed; but the backwards compatibility of editing of such tags kept. Default value of `$GLOBALS['imgsWidth']` changed to 350. New var: $nestedArray (default array definition of regex for [quote] and [hl] tags used widely in the script). New replace callbacks (and new functions: `removeHlsInQuoting`, `removeHlsInQuote`, `removeQuotesInHl`) for Quoting, Quote and Highlight tags: an attempt to remove nested codes (like [quote]...[hl]...[/hl]...[/quote] and otherwise) to avoid layout breakouts; from now such nested codes should not be allowed, and improper tags will be removed. New callback and BB code for the `noBBCodes` function. There will be a hidden BB code like [nobb]...[/nobb]. Everything which is put between these tags, will not be parsed as BB codes; instead, they will be displayed with square brackets. It's sometimes useful to provide infos on how to use this or that BB code on the forum, that's why this option was introduced.

* bb_func_banip.php - self-closed tags fixed.

* bb_func_checkusr.php - 'passwd2' code eliminated.

* bb_func_delmsg.php - `if(!isset($_COOKIE[$cookiename.'_csrfchk'])...` added.

* bb_func_deluser.php - self-closed tags fixed.

* bb_func_editmsg.php - self-closed tags fixed. `operate_string` removed for the $topicTitle at the first step of editing (all topic titles should be already stored in the native format to display in the editing field).

* bb_func_editprf.php - update regarding inclusion of `bb_func_sendmail.php`. `<!--INITMSG-->` block is now removed for the Profile editing; self-closed tags fixed. `$l_passOnceAgain` eliminated, as all the scripting related to the repeated password input. `passwd2`-code eliminated. 'passwd' code changed to 'user_pwd'. `l_onlyIfChangePwd` code eliminated.

* bb_func_fla_admin.php - self-closed tags fixed.

* bb_func_ldisc.php - self-closed tags fixed.

* bb_func_login.php - $user_id added (could be useful for add-ons when logging is done amongst the new topic/post); a couple of bugfixes regarding wrong substitutions when logging is completed amongst posting a new topic or message, or email address is used. After `$logged_admin=1;` there is added: `$user_id=1;`. After `$logged_user=1;` there is added: `$user_id=$uid;`. `type="text/javascript"` removed.

* bb_func_man.php - `type="text/css" removed.

* bb_func_movepost.php - `type="text/javascript"` removed; self-closed tags fixed.

* bb_func_posthold.php - self-closed tags fixed; `type="text/javascript"` removed.

* bb_func_pthread.php - update regarding inclusion of `bb_func_sendmail.php`.

* bb_func_regusr.php - update regarding inclusion of `bb_func_sendmail.php`. `$l_userErrors[$correct]` and `$userErrorMsg` updated to have ending of `$brtag.$brtag`. `passwd2`-related codes eliminated. 'passwd' changed to 'user_pwd' in all codes. `<!--EDITONLY-->` codes added.

* bb_func_search.php - keeping the original $xtr in the `if($posterName!='') {...` block, self-closed tag removed in `$topicIdField`. All links are now pointing through msg.php for faster execution.

* bb_func_sendmail.php - NEW file, which now contains the standalone sendMail function, moved here from bb_functions.php. Reason: this function became quite massive, it's not used in every task, and it contains mandatory namespaces reserve for PHPMailer which is not used on every forum at all. 

* bb_func_sendpwd.php - update regarding inclusion of `bb_func_sendmail.php`.

* bb_func_stats.php - code updates regarding update in `stats_bar.html`- handling of `<!--forum_icon-->...<!--/forum_icon-->` tags.

* bb_func_subscriptions.php - major bugfix - admin and moderators weren't able to Watch the topic from closed Forums (if they are not listed in the allowed users list). `type="text/javascript"` removed. Self-closed tags fixed. Regular links to recent messages updated to the format of Subscription links in emails (for easier recognition of when to reset the Subscription). Also, if by some case the topic remains to contain new messages, at the time when they were deleted, or moved to another forum, an active link to the message should be present for possibility to reset the subscription.

* bb_func_supersticky.php - self-closed tags fixed.

* bb_func_txt.php - PHP 8 compatibility - the code `$str=preg_split($splitExpression, $fragment, null, PREG_SPLIT_NO_EMPTY);` replaced to `$str=preg_split($splitExpression, $fragment, 0, PREG_SPLIT_NO_EMPTY);`. The script will now also check if $str array is not empty before passing it through. `urlMaker` function updated - now it includes some defaults for auto-conversion of URLs starting with 'https'. `convert_entities` func extended with new entities. Elimination of the older commented code for the `wrapTextOld` func. Self-closed tags fixed.

* bb_func_usernfo.php - `type="text/javascript"` removed. Default order in `$addFieldsGen` changed. Code additions for $vAlign Recent topics/replies posted and Forum activity.

* bb_func_usrdat.php - `'passwd2' block eliminated

* bb_func_viewsubs.php - `type="text/javascript"` removed; self-closed tags fixed.

* bb_func_vthread.php - self-closed tags fixed.

* bb_func_vtopic.php - $description's update for handling breaks and spaces more properly. Self-closed tags fixed.

* bb_functions.php - `sendMail` function improved/extended for being compatible with the most recent PHPMailer v6.7.1. `$fromSimple` and `$from_email_full` vars added to handle plain-text email formatting more properly. `strtolower_unicode` func extended to have an alternative for mb_strtolower - `$GLOBALS['lowerCharset'];` (could be specified in setup_options.php). `type="text/javascript"` removed. $GLOBALS['user_id'] added to `load_header` func. Function `getAccess`: exclusion of `$user_id!=1` condition - this excludes forums properly also on paginated pages even for admin.

* index.php - minor change regarding the private forums <title> tag. `if(!isset($user_id)) $user_id=0;` - this line should be brought upper before the inclusion of bb_functions.php. `if(!isset($chars_encoding)) $chars_encoding='UTF-8';` - this line brought upper to the definitions coming straight after setup_options.php inclusion. 'lowerCharset' added to the $unset array. Added: `$user_logging_top=$loginLogout;` for logged status. `$setWrong` introduced for handling pwd-protected forums. Updates in the `Protected forums stuff` code (for the $_POST['user_pwd']). Self-closed tags fixed. Check for `setup_options.php` existance before including it. For example, when updating this file on the server, a temporary delay could occur - at the same time, some common script could try to load it and fail. Solution: execution should be stopped, if this script is not physically found. Attempt to display the warning message, if a hardly banned (by IP or ID) user tries to Watch some topic - look up the `<!--COMMON_DENIED-->...<!--/COMMON_DENIED-->` tags to locate pieces of new code, also updated in `templates/main_access_denied.html`.

* msg.php - self-closed tag fixed. Check for `setup_options.php` existance before including it (read above `index.php` for more infos). More advanced updating of the Subscriptions table, in a case if some message was deleted, or moved to another topic, including closed forums.

* setup_mysqli.php - PHP 8 issue fix in `db_simpleSelect` func; `smart_deadDB` - update of default error message displayed when the DB is inaccessible. Self-closed tags fixed.

* setup_options.php - !important: the ending value of the $dbUserSheme['user_password'] changed from 'passwd' to 'user_pwd' and it's changed in default Profile form. Update it in your configuration, if you have updated this form.

* /templates/common.js - new function `revealPwd()`

* /templates/admin_editforum2.html - a few updates regarding the changed quick view of forums.

* /templates/admin_login.html - the login form updated to provide the Reveal Password option.

* /templates/main_access_denied.html - updated to generic view of the template (forums CSS added); the contents between `<!--COMMON_DENIED-->...<!--/COMMON_DENIED-->` now will be replaced to a static JavaScript, which will display an alert if a hardly banned members tries to Watch some topic. The <doctype> change; self-closed tags removed.

* /templates/main_forums.html - instead of {$user_logging} there should be: {$user_logging_top}.

* /templates/main_modern_layout.html - instead of {$user_logging} there should be: {$user_logging_top}.

* /templates/main_post_form.html - default values for [url] and [img] BB-buttons removed.

* /templates/protect_forums.html - major changes in password handling. Revealing the password option. Self-closed tags removed.

* /templates/search_messages_cell.html - references to msg.php will be used from now when searching in Messages

* /templates/stats_bar.html - `padding-right:5px` added; {$forumIconTd} replaced to the actual Forum Icons HTML

* /templates/user_dataform.html - a minor outlook change for the $l_necessaryFields. Self-closed tags removed. `l_passOnceAgain` block eliminated. Revealing the password visibility button added. Formname's change from 'regform' to 'postMsg'; 'passwd' changed to 'user_pwd'; `insertCountry` function updated. Optional fields re-arranged. `<!--EDITONLY-->...<!--EDITONLY-->` tags introduced to display the password-related message kept in `$l_onlyIfChangePwd` on the Profile editing form only. `<!--REGONLY-->...<!--/REGONLY-->` tags added to the bolding the password only on the Registration form. Default maxlength of 'icq' field changed to 200. Updates in the Location dropdown.

* /templates/user_login_form.html - new link for revealing the password visibility; updated the common look and functionality of links.


4) Some non-mandatory changes were applied to the default miniBB release only. You don't have to upgrade your version if everything is fine on your side with these files:

* /css/default.css - for `.inputButton:hover` there's added: `transition:border 0.3s;`; also changed default "border" option's color. `::-ms-reveal` added for hiding the "eye" icon in MS browsers (miniBB will use its own password revealing option by default). Changes in for the .inputButton class: it's removed from /* color 1 */ def.block (will use its own font-color); removed from the common `border-radius:3px;` definition (will use its own border-radius); in the primary class, default options changed for the "border", "background-image" and "color", "font-size" option removed (as it's already defined above). Added: .limbb, UL, OL{...margin-top:0px;}. `td.tbClCp, td.caption5` for 'padding' - became `.tbClCp, td.caption5`. `inputButton` - extended with extra "padding-left:6px; padding-right:6px;".

* /css/roboto.css - default CSS file now self-hosted in default miniBB package.

* /css/roboto/*.* - the saved copy of Roboto web fonts is now distributed amongst miniBB package.

* /lang/eng.php (and any other language pack should be preferrably updated) - default of $l_lastDiscussions changed to 'Recent Messages'. The default value of `$l_pwdWillBeSent` has been updated. Added new vars: $_forgotPwd, $l_revealPwd - they are basically used in titleing of Revealing and Restoring the password, that's why they are still optional, but preferred to add in this update. `$l_passOnceAgain` eliminated. Default value of $l_usrInfo[5] changed from 'Instant Messenger' to 'Motto, slogan'. $l_chooseCountry changed to 'Choose from the list, or specify your own'; (the dropdown will be displayed below the Location field).

* _install.php - `type="text/css"` removed; HTML header update.

* _install_mysql_utf8mb4.sql - Added 'post_text' to the conversion.

* bb_cookie.php - `$GLOBALS['user_usr']=$username;` code could be removed from the '/* Preventing hijack */' section. The final `$GLOBALS['user_usr']=$username;` put above the `if($resetCookie) {` code.

* bb_specials.php - default version of this file now contains the proper array definition of $clForumsUsers.

* setup_options.php - `$fontsCSS` updated to refer to the local Roboto fonts. New default (increased) values for `$cookie_expires` and `$cookie_renew`. Default `$description` changed to less than 120 chars. $brtag is now set to '<br>' by default. Default value of `$main_url` will now lead not to the miniBB website by default, but it will try to generate a dynamic URL on-the-go. This should help to avoid confusion for initial miniBB installations on local networks.

* /templates/email_admin_userregister_eng.txt - brief change of field names and order

* /templates/go.html - the <doctype> change; self-closed tags removed.

* /templates/main_footer.html - iframe `actionframe` moved to the ending part of file before the closing </head>. `<td style="padding-right:10px;padding-bottom:10px">` - added `padding-bottom:10px` to the copyright icon. Added double {$brtag} to make the scroll-top icon more standalone.

* /templates/main_forums_list.html - the <select> item will now have default `max-width:200px` - recommended to update it for the case of proper long forum titles appearance in mobile layout. Self-closed tags removed.

* /templates/main_header.html - 'common.js' loading changed from 'async' to 'defer'. Self-closed tags removed.

* /templates/main_user_info_cell.html - added `{$vAlign}`- Recent topics/replies posted and Forum activity titles will be aligned vertically top (vTop class applied), if the amount of topics/replies/activities starts from 2. Defaults for 1 value apply nothing.

* /templates/manual_eng.html - updates regarding $fontsCSS, $emailname, $enablePhpMailer and $lowerCharset options. Minor additions in the `Editing a forum` section. Self-closed tags removed.

* /templates/tools_send_password.html - additional styling for variable width of the Email field; {$_forgotPwd} title added. Self-closed tags removed.

* /templates/user_login_only_form.html - `vmiddle` class added to <td>. Self-closed tags removed.


Changes comparision: 3.6 - 3.6.1 [released: June 9, 2023]
********************************************

Minor post-fixes and improvements to the version 3.6. No database upgrade is required.

1) MANDATORY core files changes - backup, then overwrite the following core files (near each filename there are more detailed changes mentioned):

* /css/default.css - new class '.scroll-to-btm' - used for styling the scroll-to-bottom button, in many places it's tied up or separated from the '.scroll-to-top' class, which is now moved lower. `.inputButton:hover` moved now closer to the `.inputButton` defs; new: `A.scroll-to-btm:hover`. Re-arrangment of color blocks order (for overriding hover in `A.scroll-to-btm:hover`). `img.authorIcon` - "padding-bottom" changed from 4px to 5px. Class .pages extended to have 'padding' attributes. `td.pauthor` - "padding-top" changed from 27px to 25px. `html { scroll-behavior: smooth; }` added.

* /preview/index.php - include definition of `idForm.elements['forum']` if it's present - else Polls won't work in Preview.

* bb_func_login.php - introduction of $loginCorrectErr.

* bb_func_stats.php - the info about most recent registered user now will be displayed for Active users only. Tiny re-builds of the code for the "Most popular..." sections.

* bb_functions.php - `registerButton` function fix - "Cancel" button should be skipped on the wrong login page. Version changed.

* /templates/common.js - new function `scrollToBottomShow` - appears also on window onload and is mostly used for the Mobile's version "scroll-to-bottom" element appearance. `document.body.scrollHeight` introduced, and could be used in the 'scrollBy' method instead of 'scrollTo'. Introduction of `scrollToBottom`, `pageBottom` and `scrollToBtmEx.addEventListener`. `function scrollToTop()` now replaced to `function scrollToTop(x)` (universal approach could be used for moving to the top or to the bottom of the page).

* /templates/form.js - new function - `doGetCaretPosition` - for getting the cursor position on opening the Preview window.

* /templates/main_footer.html - changed the contents between <!--scrollTop-->...<!--/scrollTop--> tags: removed DIV, added ID and 'scroll-to-top' class to the <a> tag, `scrollToTop();` changed to `scrollToTop(0);`. Fix: `colspan="2"` removed.

* /templates/main_preview.html - new function `setCaretPosition` - and also more advanced function `closePreview` - on Preview closing, there will be an attempt made to get back to the earlier caret position in the posting form.

* /templates/main_warning.html - introduction of $loginCorrectErr.

* /templates/stats.html - rebuilds for the `$statsOpt` and `$statsTop` infos (standalone tables).

* /templates/tools_send_password.html - `.emailFld{width: 98%;}` changed to `.emailFld{width: 95%;}`

* /templates/user_login_form.html - `id="user_pwd"` should be eliminated (all JS actions completed by "name", because this form could be duplicated on the same page, for example, in the Mobile add-on or Configurable Topic Form add-on).


2) Some non-mandatory changes were applied to the default miniBB release only. You don't have to upgrade your version if everything is fine on your side with these files:

* /lang/eng.php: $l_websiteUrl - updated value: 'Website (full URL)'; $l_userViewEmail - updated value: 'Email address visible to public?'.

* /templates/go.html - minor improvements for generic outlook and the mobile appearance.

* /templates/manual_eng.html - minor improvements of HTML code, making Manual more appealing, scrollable and accessible on Mobile screens (specially on Chrome Mobile even on older Android versions).

* /templates/user_dataform.html - `JavaScript` prefix in lowercase.

* setup_options.php - 'touch' added to the Mobile defitions (`$is_mobile_exclude` and `$is_mobile_browser` - trying to catch up Surface devices).



Changes comparision: 3.6.1 - 3.7 [released: December 11, 2025]
********************************************

Database upgrade is not required.
Make a backup of your database and files before upgrading!

1) MANDATORY core files changes - backup, then overwrite the following core files (near each filename there are more detailed changes mentioned):

* bb_admin.php (default Admin Panel): fix after `$numdel=0;` code - the block for deleting a user from "send_mails" table should be just one request and not a loop. Corrections regarding editing the forum and icons arrangement: added allowance for *.svg icons; added 'forumIcon' CSS to handle the icons size properly (updated: 'get_forums_fast_preview', 'getForumIcons' functions). `default.gif` replaced to `default.svg`

* bb_codes.php - $simpleCodes updated to have '<script src' - for the Polls add-on compatibility

* bb_func_banip.php - $_GET['banip'] and $banIp reg.expressions changed (IPv6 compatibility).

* bb_func_checkusr.php - $userRegPassword added; $unameVerify introduced to clean the apostrophe in username validation; function `verifyUsername` extended for additional validation: username now should start only with an alphanumerical char, should contain only one apostrophe, or one space, or one underscore, or one dash per username.

* bb_func_deluser.php - now it's impossible to delete user with ID=1.

* bb_func_ldisc.php - introduction of $topicIconAlt, $forumLink1 and $forumLink2 to present different forum links on forum icons in topic listings for the Mobile version, tiny re-arrangements of code blocks. `t.gif` replaced to `t.svg`, `s.png` replaced to `s.svg`, `page.gif` replaced to `page.svg class="pageIcon"`.

* bb_func_login.php - $topLogin condition change (now works also on desktop version)

* bb_func_movepost.php - if a post, or group of posts are moved to a new topic, or to a related topic, and each of them is not in the poster(s) Watch list, then these topics optionally (by checking the box) could be added to the Watch list and become an unread subscription unless checked out. This is done for avoid confusion and pay users attention, that some of their unrelated content has been moved to the other topic, which then could be easy to find out.

* bb_func_preview.php - new function `encodeText` and other updates for the experimental positioning between the message area and the preview widnow.

* bb_func_txt.php - `textFilter` updates: strict boolean conversions (possible PHP8 issues); `$text=preg_replace("/&amp;#([0-9]);/", '&#\\1;', $text);` replaced to `$text=preg_replace("/&amp;#([0-9]+);/", '&#\\1;', $text);` (added plus sign in regexp). New function: skipHLQuotes - now by default, quotes between the [hl]...[/hl] BB-code won't be converted even if they are defined in updated function `$replaceQuotes`; this is done for proper displaying of PHP/HTML and other codes. Because of this, the function `replaceQuotes` also has been updated. `!$sce` code update.

* bb_func_search.php - NOINDEX,NOFOLLOW added for the case when no search results are found; bugfix: handling of a non-existing forum - `if(!isset($forums[$forum])){...`; $phrase should not be nulled when searching by a username (if it's present).

* bb_func_stats.php - forum icons now also appearing in "Most Popular Topics" and "Most Viewed Topics". Fix: forum icons are back also for the Mobile version.

* bb_func_subscriptions.php - `page.gif` changed to `page.svg class="pageIcon"`; `s.png` replaced to `s.svg`; `topic_reverse.gif` replaced to `topic_reverse.svg`; `icon_subscribe.png` replaced to `icon_subscribe.svg`, `icon_unsubscribe.png` replaced to `icon_unsubscribe.svg`.

* bb_func_supersticky.php - s.png replaced to s.svg

* bb_func_usernfo.php - after /* subscriptions */ added `unset($xtr)`; `if(sizeof($postsAll)>0){` extended with the condition `if(isset($topicVals[$key])){...}` - to prevent PHP Notices which could appear because of DB occassion, which left a topic ID not removed properly from the posts table.

* bb_func_vthread.php - backslashes added in `$watchLinkSetup` javascript (W3C validation issue); space added before {$deleteBox}, also class="vmiddle" added to its HTML code. '.gif' icons replaced to '.svg'.

* bb_func_vtopic.php - `s.png` replaced to `s.svg`; `topic_reverse.gif` replaced to `topic_reverse.svg`; `page.gif` replaced to `page.svg class="pageIcon"`.

* bb_functions.php - `getIP` function updated to support both IPv4 and IPv6 addresses; updates for $GLOBALS['l_menu'][5] and $GLOBALS['l_menu'][6]; new dynamic vars handling: $menuLogin, $displayTopLogin. `strtolower_unicode` update: passed value should not be NULL. Changes in copyright note (minibb.png replaced to minibb.svg, style change to `width:32px;height:auto`); button_newtopic.png replaced to button_newtopic.svg, CSS style added.  `page.gif` replaced to `page.svg class="pageIcon"`; changes in $pageNav layout. `load_header()` function updated (/* Canonical URLs */ block). Mobile code updates: .png icons replaced to .svg.

* index.php - added absolute ("abs") conversions for $forum, $topic, $page values. `$logged_admin=0;` code moved upper before all verifications. To the $unset array added: 'Tpmp', 'lastVisitPeriods', 'lastVisitPeriods_defs'. After `user_logged_in`, on `$action=='editprefs'` follows a new code for multi-language forums: if the Profile Language has been updated, the proper language pack will be selected on the next notice screen. Defaults for $signInEachPage, $topLoginDisplay; updates for $loginTop block; 'canonicalMeta' added to the $unset array.

* setup_options.php: $userRegName option updated to have additional allowed chars like dash and apostrophe. New mandatory option: $userRegPassword - allows to specify what chars to allow in passwords, for their better security. New mandatory option: $signInEachPage - appearance of the Sign in form. Copyright infos updated. Updated value for $l_sepr.


* /css/default.css: CSS Variables for colors (+Dark Theme); changes to .scroll-to-top, .scroll-to-btm. `img.authorIcon` changes (width, height, no padding-bottom, vertical-align:middle). `td.icon` change (added: padding-top:10px; padding-left:0). Changes in .tcelllast, .tcelllastm padding (from 7px to 9px). Changes in `watchIcon` (width, height). Changes in `td.caption3` (added `padding-left:0;`). New class: `pageIcon` (for the new page.svg). New class: `btnSvg` - common styling for look&feel BB-code buttons, incl. borders, width, height, and background for all at once. 

* /lang/eng.php: changes in default language for: `$l_userErrors[1]`, `$l_userErrors[2]`, `$l_adminpanel`, `$l_forumIconDesc`. `$_forgotPwd` replaced to `$l_forgotPwd` (common syntax bugfix). New vars: `$l_addToWatchMovedPost`, `$l_addToWatchMovedPosts`.

* /img/button_bold.svg [eliminated: button_bold.gif]
* /img/button_italic.svg [eliminated: button_italic.gif]
* /img/button_image.svg [eliminated: button_image.gif]
* /img/button_url.svg [eliminated: button_url.gif]
--- new default BB-buttons in SVG format

* /img/page.svg - new icon for pagination row (eliminated: page.gif)
* /img/progress.svg - new progress/loading icon (eliminated: progress.gif) [courtesy of svgbackgrounds.com]
* /img/s.svg - new replier icon (eliminated: s.gif, s.png)
* /img/t.svg - new author icon (eliminated: t.gif)
* /img/topic_reverse.svg - new reverse icon (eliminated: topic_reverse.gif)
* /img/up.svg - new "up to quoting" icon (eliminated: up.gif)

* /preview/index.php - added the code for the condition `idForm.elements['action'].value=='pmail'` - it's for switching off the Anti-guest add-on in PM Preview mode. New block (for preview positioning): `if(idForm.elements['caretpos'])` {...}; updated value for: `prevForm.setAttribute('action'` {...}. `progress.gif` replaced to `progress.svg`

* /templates/common.js: `scrollToBottomShow` is now simply loaded without window.onload ('cause the script's inclusion is "defer"); moved function `handleEnter`; new function: `showTopLogin`

* /templates/form.js - `if(selektionEvent.length>0){` changed to `if(selektionEvent && selektionEvent.length>0){`. Bugfix: added `selektionEvent='';` (value reset) - should be pasted before myField.focus(); in 3 places of insertAtCursor function as proposed in https://www.minibb.com/forums/msg.php?id=46115. Introduction of `caretPos` and related codes for the preview positioning.

* /templates/admin_banusr1.html - @media style added (default for the mobile & desktop layouts); `size` attributes eliminated; `banIpFld` class added; `<tr>` row for the {$warning} added.

* /templates/admin_panel.html - closing `</table>` added (bugfix).

* /templates/main_footer.html: id="scrolltop" now belongs to <div> with no <a> tag

* /templates/main_forums.html - $user_logging_top table removed

* /templates/main_header.html: {$l_menuLogin} added, {$l_menu[5]} removed (Logout link reformed); added (moved): <!--toplogin-->...<!--/toplogin--> block ($user_logging_top). After </title> added: {$canonicalMeta}.

* /templates/main_last_discuss_cell.html - t.gif replaced to t.svg

* /templates/main_modern_layout.html - $user_logging_top table removed;  `<td class="tbTransparentCell txtL">{$pageNavExtra}&nbsp;</td>` - replaced to `<td>{$pageNavExtra}&nbsp;</td>`.

* /templates/main_modern_lcell.html - t.gif replaced to t.svg; in the topicAuthor table, `<table class="forumCol">` replaced by `<table class="tbTransparent w100">` , p.gif eliminated.

* /templates/main_post_area.html - new field: `<input type="hidden" name="caretpos" value="">`

* /templates/main_post_form.html - .jpg BB-buttons replaced to .svg; added `class="btnSvg"` for BB-buttons

* /templates/main_posts_cell.html - {$posterIcon}.gif replaced to {$posterIcon}.svg

* /templates/main_preview.html - experimental implementation of positioning text fragment at the current caret position in the message area (`scrollBy` block).

* /templates/main_subscriptions_cell.html - `t.gif` replaced to `t.svg`

* /templates/main_topics_cell.html - `t.gif` replaced to `t.svg`

* /templates/stats_bar.html - `class="forumIcon"` added

* /templates/tools_send_password.html - `$_forgotPwd` replaced to `$l_forgotPwd` (bugfix)

* /templates/user_dataform.html - `autocomplete="off"` for the "login" field

* /templates/user_login_form.html - `$_forgotPwd` replaced to `$l_forgotPwd`; JavaScript code moved to templates/common.js; `autocomplete="off" by default for the "username" field. `handleEnter` eliminated (moved to common.js).


2) Some optional changes were applied to the default miniBB release only. You don't have to upgrade your version if you feel the forum runs fine on your side even without these changes:

* /img/forum_icons/*.svg - new set of 20 original default icons for a miniBB-based forum [eliminated: .gif icons]

* /img/mini_bb.gif - removed from the basic zip package

* /img/minibb.svg - new miniBB logo in SVG

* /templates/main_header.html - `<td style="padding:4px">` replaced to `<td class="capMenu" style="padding:4px">`.

* /templates/main_posts_cell.html - &nbsp; before {$deleteBox} removed; removed spare spaces between </tr>...<tr>, and a spare newline.

* /templates/manual_eng.html - updates regarding options: $userRegName, $userRegPassword

* /templates/main_viewsubs.html - clean up of the JavaScript tags



Changes comparision: 3.7.1 [released: March 5, 2026]
********************************************

Database upgrade is not required.
Make a backup of your database and files before upgrading!

* templates/form.js - removed:
`if(bbCode1=='[youtube=null]') { bbCode1=''; bbCode2=''; myValue=''; }
if(bbCode1=='[vimeo=null]') { bbCode1=''; bbCode2=''; myValue=''; }` 

* /templates/main_header.html - adjustments in <!--topmenu--> and <!--/mobileMenuSwitch--> parts; standalone place for the `{$l_menu[6]}` item

* /templates/main_posts_cell.html - `class="postedLeftCell"` replaced to `class="postedLeftCell txtC"` - for centering all possible icons in this cell

* /preview/index.php - 'NO_MOD_REWRITE' definition added

* bb_func_editmsg.php - (integer) replaced to (int) / PHP 8.5.x issue

* bb_func_login.php - `$brMobile` added for the failed login page

* bb_func_movepost.php - (integer) replaced to (int) / PHP 8.5.x issue

* bb_func_search.php - (integer) replaced to (int) / PHP 8.5.x issue

* bb_func_stats.php - (integer) replaced to (int) / PHP 8.5.x issue

* bb_functions.php - (integer) replaced to (int) / PHP 8.5.x issue; adjustments for the `['l_menu'][6]` layout (Profile/Logout) - this item is moved to top right to stand alone from main menu; changes regarding $canonicalUrl ($GLOBALS['forb'] condition added to prevent PHP Notices on forbidden pages)

* index.php - (integer) replaced to (int) / PHP 8.5.x issue; before `$loginLogout=ParseTpl($ulg);` pasted: `$l_anonTxt='';` (to avoid extra info on the top login form); removed the code trace for `$csecurejs`.



Changes comparision: 3.7.2 [released: April 2, 2026]
********************************************
!Important bugfixes: prevent the script from displaying "PHP Notice:  Undefined index: forumName..." when the topic or forum is not found, and will also eliminate the canonical link from the source.

* bb_func_vthread.php - above the code which looks like:

header($proto.' 410 Gone');
$metaRobots='NOINDEX,NOFOLLOW';
$errorMSG=$l_topicnotexists; $correctErr='';

there should be added two definitions:

$forumName=''; $topicData=array(0=>'');

* bb_func_vtopic.php - above the code which looks like

header($proto.' 410 Gone');

there should be added:

$forumName='';

* bb_functions.php - /* Canonical URLs */ section improvement - no canonical link should be present for 404 topic pages, this affects forums, topics, and user profiles. Version updated.