phpBB3 • Readme

Installation, update and conversion instructions can be found in the INSTALL document in this directory. If you are intending on converting from a phpBB 2.0.x installation we highly recommend that you backup any existing data before proceeding!

Users of phpBB3 Beta versions cannot directly update.

Please note that we don't support the following installation types:

Updates from phpBB3 Beta versions to phpBB3 RC1 and higher
Conversions from phpBB 2.0.x to phpBB3 Beta versions
phpBB3 Beta installations

We give support for the following installation types:

Updates from phpBB3 RC1 to the latest version
Note: if using the Automatic Update Package, updates are supported from phpBB 3.0.2 onward. To update a pre-3.0.2 installation, first update to 3.0.2 and then update to the current version.
Conversions from phpBB 2.0.x to the latest version
New installations of phpBB3 - only the latest released version

Once installed, phpBB is easily managed via the Administration and Moderator Control Panels. If you need help or advice with phpBB, please see Section 3 below.

2.i. Languages (Internationalisation - i18n)

A number of language packs with included style localisations are available. You can find them listed in the Language Packs pages of our downloads section or from the Language Packs section of the Customisation Database.

For more information about language packs, please see: https://www.phpbb.com/languages/

This is the official location for all supported language sets. If you download a package from a 3rd party site you do so with the understanding that we cannot offer support. Please do not ask for support if you download a language pack from a 3rd party site.

Installation of these packages is straightforward: simply download the required language pack, uncompress (unzip) it and via FTP transfer the included language and styles folders to the root of your board installation. The language can then be installed via the Administration Control Panel of your board: System tab -> General Tasks -> Language packs. A more detailed description of the process is in the Knowledge Base article, How to Install a Language Pack.

If your language is not available, please visit our [3.0.x] Translations forum where you will find topics on translations in progress. Should you wish to volunteer to translate a language not currently available or assist in maintaining an existing language pack, you can Apply to become a translator.

2.ii. Styles

Although the phpBB Group is rather proud of the included styles, we realise that they may not be to everyone's taste. Therefore, phpBB3 allows styles to be switched with relative ease. First, you need to locate and download a style you like. You can find them listed in the Styles section of our Customisation Database.

For more information about styles, please see: https://www.phpbb.com/styles/

Please note that 3rd party styles downloaded for versions of phpBB2 will not work in phpBB3. It is also important to ensure that the style is updated to match the current version of the phpBB software you are using.

Once you have downloaded a style, the usual next step is to unarchive (or upload the unarchived contents of) the package into your styles/ directory. You then need to visit Administration Control Panel -> Styles tab where you should see the new style available. Click "Install" to install the style.

Please note that to improve efficiency, the software caches certain data. For this reason, if you create your own style or modify existing ones, please remember to "Refresh" the appropriate style components Administration Control Panel -> Styles tab -> Style Components screen. You may also need to reload the page you have changed in your web browser to overcome browser caching. If the changed components are not refreshed you will not see your changes taking effect.

2.iii. Modifications

Although not officially supported by the phpBB Group, phpBB has a thriving modification scene. These third party modifications to the standard phpBB software, known as MODs, extend its capabilities still further. You can browse through many of the MODs in the Modifications section of our Customisation Database.

For more information about MODs, please see: https://www.phpbb.com/mods/

Please remember that any bugs or other issues that occur after you have added any modification should NOT be reported to the bug tracker (see below). First remove the MOD and see if the problem is resolved. Any support for a MOD should only be sought in the "Discussion/Support" forum for that MOD.

Also remember that any modifications, particularly those which modify the database in any way, may render upgrading your forum to future versions more difficult. With all this said, many users have and continue to utilise many of the MODs already available with great success.

phpBB3 can sometimes seem a little daunting to new users, particularly with regards to the permission system. The first thing you should do is check the FAQ, which covers a few basic getting started questions. If you need additional help there are several places you can find it.

3.i. phpBB3 Documentation

Comprehensive documentation is now available on the phpBB website:

https://www.phpbb.com/support/documentation/3.0/

This covers everything from installation to setting permissions and managing users.

3.ii. Knowledge Base

The Knowledge Base consists of a number of detailed articles on some common issues phpBB users may encounter while using the product. The Knowledge Base can be found at:

https://www.phpbb.com/kb/

3.iii. Community Forums

The phpBB Group maintains a thriving community where a number of people have generously decided to donate their time to help support users. This site can be found at:

https://www.phpbb.com/community/

If you do seek help via our forums please be sure to do a search before posting; if someone has experienced the issue before, then you may find that your question has already been answered. Please remember that phpBB is entirely staffed by volunteers, no one receives any compensation for the time they give, including moderators as well as developers; please be respectful and mindful when awaiting responses and receiving support.

3.iv Internet Relay Chat

Another place you may find help is our IRC channel. This operates on the Freenode IRC network, irc.freenode.net and the channel is #phpbb and can be accessed by any decent IRC client such as mIRC, XChat, etc. Again, please do not abuse this service and be respectful of other users.

There are other IRC channels available, please see https://www.phpbb.com/support/irc/ for the complete list.

This is the third stable release of phpBB. The 3.0.x line is essentially feature frozen, with only point releases seeing fixes for bugs and security issues, though feature alterations and minor feature additions may be done if deemed absolutely required. Our next major release will be phpBB 3.1. Please do not post questions asking when 3.1 will be available, no release date has been set.

Those interested in the development of phpBB should keep an eye on the development forums to see how things are progressing:

http://area51.phpbb.com/phpBB/

Please note that the development forums should NOT be used to seek support for or ask questions about phpBB 2.0.x or phpBB 3.0.x, the main community forums are the place for this. Any such posts will be locked and go unanswered.

The phpBB Group uses a bug tracking system to store, list and manage all reported bugs, it can be found at the location listed below. Please DO NOT post bug reports to our forums. In addition please DO NOT use the bug tracker for support requests. Posting such a request will only see you directed to the support forums (while taking time away from working on real bugs).

http://tracker.phpbb.com/browse/PHPBB3

While we very much appreciate receiving bug reports (the more reports the more stable phpBB will be) we ask you carry out a few steps before adding new entries:

First, determine if your bug is reproduceable; how to determine this depends on the bug in question. Only if the bug is reproduceable is it likely to be a problem with phpBB3 (or in some way connected). If something cannot be reproduced it may turn out to have been your hosting provider working on something, a user doing something silly, etc. Bug reports for non-reproduceable events can slow down our attempts to fix real, reproduceable issues
Next, please read or search through the existing bug reports to see if your bug (or one very similar to it) is already listed. If it is please add to that existing bug rather than creating a new duplicate entry (all this does is slow us down).
Check the forums (use search!) to see if people have discussed anything that sounds similar to what you are seeing. However, as noted above please DO NOT post your particular bug to the forum unless it's non-reproduceable or you are sure it’s related to something you have done rather than phpBB3
If no existing bug exists then please feel free to add it

If you do post a new bug (i.e. one that isn't already listed in the bug tracker) first make sure that you have logged in (your username and password are the same as for the community forums) then please include the following details:

Your server type/version, e.g. Apache 1.3.28, IIS 4, Sambar, etc.
PHP version and mode of operation, e.g. PHP 5.1.1 as a module, PHP 4.4.4 running as CGI, etc.
DB type/version, e.g. MySQL 4.0.1, PostgreSQL 7.3.2, MSSQL Server 2000 SP1, etc.

The relevant database type/version is listed within the administration control panel.

Please be as detailed as you can in your report, and if possible, list the steps required to duplicate the problem. If you have a patch that fixes the issue, please attach it to the ticket or submit a pull request to our repository on GitHub.

If you create a patch, it is very much appreciated (but not required) if you follow the phpBB coding guidelines. Please note that the coding guidelines are somewhat different between different versions of phpBB. For phpBB 3.0.x the coding guidelines may be found here: http://area51.phpbb.com/docs/30x/coding-guidelines.html

Once a bug has been submitted you will be emailed any follow up comments added to it. Please if you are requested to supply additional information, do so! It is frustrating for us to receive bug reports, ask for additional information but get nothing. In these cases we have a policy of closing the bug, which may leave a very real problem in place. Obviously we would rather not have this situation arise.

5.i. Security related bugs

If you find a potential security related vulnerability in phpBB please DO NOT post it to the bug tracker, public forums, etc.! Doing so may allow unscrupulous users to take advantage of it before we have time to put a fix in place. All security related bugs should be sent to our security tracker:

https://www.phpbb.com/security/

This list is not complete but does represent those bugs which may affect users on a wider scale. Other bugs listed in the tracker have typically been shown to be limited to certain setups or methods of installation, updating and/or conversions.

Conversions may fail to complete on large boards under some hosts.
Updates may fail to complete on large update sets under some hosts.
Smilies placed directly after bbcode tags will not get parsed. Smilies always need to be separated by spaces.

phpBB is no longer supported on PHP3 due to several compatibility issues and we recommend that you upgrade to the latest stable release of PHP5 to run phpBB. The minimum version required is PHP 4.3.3. The minimum version that will be required for phpBB 3.1 is PHP 5.3.3.

Please remember that running any application on a development (unstable, e.g. a beta release) version of PHP can lead to strange/unexpected results which may appear to be bugs in the application. Therefore, we recommend you upgrade to the newest stable version of PHP before running phpBB3. If you are running a development version of PHP please check any bugs you find on a system running a stable release before submitting.

This board has been developed and tested under Linux and Windows (amongst others) running Apache using MySQL 3.23, 4.x, 5.x, MSSQL Server 2000, PostgreSQL 7.x, Oracle 8, SQLite 2 and Firebird. Versions of PHP used range from 4.3.3 to 5.4.x without problem.

7.i. Notice on PHP security issues

Currently there are no known issues regarding PHP security.

This application is opensource software released under the GNU General Public License v2. Please see source code and the docs directory for more details. This package and its contents are Copyright © phpBB Group, All Rights Reserved.

Simple answer, no we will not. We are not being difficult when we say this we are actually trying to help you. phpBB has a reputation for being easy to install, that reputation is we believe well deserved. It is a simple process of unarchiving a single file, uploading the resulting directory/files to their intended location and entering some data in a web based form. The sequence of events, what to type where, etc. is covered in detail in the accompanying INSTALL.html documentation. If you cannot install phpBB3 the chances are you will be unable to administer or update it.

There are people, companies (unrelated to your hosting provider), etc. that will install your forum, either for free or for a payment. We do not recommend you make use of these offers. Unless the service is provided by your hosting company you will have to divulge passwords and other sensitive details. If you did not know how to use an ATM would you give a passer-by your bank card and PIN and ask them to show you what to do? No, probably not! The same applies to your hosting account details!

We think a better solution is for you to carefully read the enclosed documentation, read through our knowledge base at www.phpbb.com and if necessary ask for help on any thing you get stuck on. However, the decision is yours but please note we may not offer support if we believe you have had the board installed by a third party. In such cases you should direct your questions to that company or person/s.

We provide the software, we have absolutely nothing to do with any board that runs it (beyond phpbb.com of course!) and we also do not host any site. The GPL grants the user an unlimited right of use subject to their adherence of that license. Therefore we cannot prevent, dictate, control or otherwise limit the use of phpBB software. So please do not contact us for such matters.

If you have a problem with a given board please take it up with them, not us. We are not and cannot be held legally responsible for any third party use of this software (much like Microsoft et al cannot be held responsible for the use of Windows in illegal activities, etc.). Additionally we do not track the use of phpBB software in any way. So please do not ask us for details on a "given" board we will not be able to help you. If any law firms or lawyers out there send us writs, cease and desist orders, etc. for third party website use of this software we reserve the right to charge for time wasted dealing with such issues...

No, they probably are not. phpBB uses sessions to keep track of users as they move between pages. The session information tells us who this user is. Therefore in order to determine what a user can do on a page we first need the session details. Once this data is available we can check whether the user is permitted to do whatever it is they are trying to do. This can result in it appearing as if a user is reading a topic in a forum they should not be able to access. Or perhaps viewing private messages when they are only guests, etc. In practice the user is not doing these things, they are viewing a "You are not permitted to do this" type message. The session data has simply been updated before we were able to determine what the user could or could not do.

Of course this only applies where permissions have been set correctly!

This error will occur if phpBB cannot send mail. phpBB can send email two ways; using the PHP mail() function or directly via SMTP. Some hosting providers limit the mail() function to prevent its use in spamming, others may rename it or limit its functionality. If the mail() function got renamed, you are able to enter the correct name within the administration control panel. In either case you may need to make use of SMTP. This requires that you have access to such a facility, e.g. your hosting provider may provide one (perhaps requiring specific written authorisation), etc. Please see www.phpbb.com for additional help on this matter.

If you do require SMTP services please do not ask (on our forums or elsewhere) for someone to provide you with one. Open relays are now things of the past thanks to the unthinking spammers out there. Therefore you are unlikely to find someone willing to offer you (free) services.

You must have deleted a language pack or the language pack is incomplete. phpBB will try to send emails in the users selected language. If it cannot find a suitable email template it will switch to the boards default language.

phpBB uses sessions to keep track of users as they browse the board. These sessions use a combination of a unique session id, the users IP and if specified the users browser and/or the users x-forwarded-for header to identify each user. We make use of all of this as an extra safe-guard to help prevent sessions being hijacked (by discovering the unique session id).

Unfortunately this only works when the users IP is constant as they browse the board. For most users this will be the case. However certain providers route their users via a cluster of proxys. In some cases, particularly the AOL browser, this results in different IPs being forwarded as the user moves between pages. We take account of this by not checking the entire IP by default but only the first "three quads" (A.B.C). Again in most cases this will be fine. However again AOL uses IPs which can vary so much that checking only the first two quads results in a fairly static IP being available for session validation.

If you are experiencing problems related to this you can set the Session IP validation parameter found in Admin->General->Server Configuration->Security Settings to A.B. Please note that reducing the IP validation length does potentially increase the risk of sessions being hijacked (this is something for you to consider, phpBB Group takes no responsibility should anything happen!). We suggest to at least additionally enable the browser validation.

There are two possibilities here, the first is you have not created the directory you specified as the storage location for avatars, ie. as specified in the Admin -> General -> Board Configuration -> Avatar settings section. If the directory does not exist uploadeable avatars are automatically disabled. You should create the required directory (ensuring it has global write access or other appropriate permissions to allow the webserver to write files to it).

The second possibility is that your provider has disabled file_upload support. You should contact your provider and ask them if this is the case. There is not a lot you can do, there are still three other avatar settings left to choose from including uploading via an URL which will work fine.

phpBB categorises gallery avatars and it does this by reading through folders contained in the location you specified as being the gallery path. For example, if you set the gallery path to images/avatars/gallery phpBB will expect to find a series of folders within that path, e.g. images/avatars/gallery/moviestars, images/avatars/gallery/cartoons, images/avatars/gallery/misc, etc. Placing images directly in images/avatars/gallery/ will result in nothing being listed in your gallery.

Please read the paragraph about permissions in our extensive online documentation.

If you (or your users) are, after attempting a login, being returned to the index (or other page) without appearing to be logged in the most likely problem is incorrect cookie settings. phpBB uses cookies to store a session id and a small amount of user data. For this data to be stored correctly the cookie domain, name, path and secure settings must be correct. You can check this in Admin->General->Server Configuration->Cookie Settings. Typically the cookie domain can be left blank and the cookie path set to / (a single forward slash). Do not set the cookie as being secure unless your board is running over a secure sockets layer connection, ie. https://

If you still have problems try setting the cookie domain to your full domain name, e.g. www.mysystem.tld, www.something.mydomain.tld. You must ensure the domain name contains at least two dots or browsers will be unlikely to recognise the cookie, e.g. .mydomain.com, mydomain.com. Do not add http:// or anything else to the domain name!

You can increase the default length of sessions (ie. how long before a users session is considered 'dead') in Admin->General->Server Configuration->Load Settings. Set it to whatever value your users feel comfortable with, remember that security issues may affect your decision (ie. having too long a session may allow non-users to abuse your board should a user forget to logout or otherwise leave a current session on a public workstation).

Please read our extensive user documentation first, it may just explain what you want to know.

Feel free to search our community forum for the information you require. PLEASE DO NOT post your question without having first used search, chances are someone has already asked and answered your question. You can find our board here:

www.phpbb.com

1.i. Editor Settings

Tabs vs Spaces:

In order to make this as simple as possible, we will be using tabs, not spaces. We enforce 4 (four) spaces for one tab - therefore you need to set your tab width within your editor to 4 spaces. Make sure that when you save the file, it's saving tabs and not spaces. This way, we can each have the code be displayed the way we like it, without breaking the layout of the actual files.

Tabs in front of lines are no problem, but having them within the text can be a problem if you do not set it to the amount of spaces every one of us uses. Here is a short example of how it should look like:

{TAB}$mode{TAB}{TAB}= request_var('mode', '');
{TAB}$search_id{TAB}= request_var('search_id', '');

If entered with tabs (replace the {TAB}) both equal signs need to be on the same column.

Linefeeds:

Ensure that your editor is saving files in the UNIX (LF) line ending format. This means that lines are terminated with a newline, not with Windows Line endings (CR/LF combo) as they are on Win32 or Classic Mac (CR) Line endings. Any decent editor should be able to do this, but it might not always be the default setting. Know your editor. If you want advice for an editor for your Operating System, just ask one of the developers. Some of them do their editing on Win32.

1.ii. File Header

Standard header for new files:

This template of the header must be included at the start of all phpBB files:

/**
*
* @package {PACKAGENAME}
* @copyright (c) 2007 phpBB Group
* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
*
*/

Please see the File Locations section for the correct package name.

Files containing inline code:

For those files you have to put an empty comment directly after the header to prevent the documentor assigning the header to the first code element found.

/**
* {HEADER}
*/

/**
*/
{CODE}

Files containing only functions:

Do not forget to comment the functions (especially the first function following the header). Each function should have at least a comment of what this function does. For more complex functions it is recommended to document the parameters too.

Files containing only classes:

Do not forget to comment the class. Classes need a separate @package definition, it is the same as the header package name. Apart from this special case the above statement for files containing only functions needs to be applied to classes and it's methods too.

Code following the header but only functions/classes file:

If this case is true, the best method to avoid documentation confusions is adding an ignore command, for example:

/**
* {HEADER}
*/

/**
* @ignore
*/
Small code snipped, mostly one or two defines or an if statement

/**
* {DOCUMENTATION}
*/
class ...

1.iii. File Locations

Functions used by more than one page should be placed in functions.php, functions specific to one page should be placed on that page (at the bottom) or within the relevant sections functions file. Some files in /includes are holding functions responsible for special sections, for example uploading files, displaying "things", user related functions and so forth.

The following packages are defined, and related new features/functions should be placed within the mentioned files/locations, as well as specifying the correct package name. The package names are bold within this list:

phpBB3
Core files and all files not assigned to a separate package
acm
/includes/acm, /includes/cache.php
Cache System
acp
/adm, /includes/acp, /includes/functions_admin.php
Administration Control Panel
dbal
/includes/db
Database Abstraction Layer.
Base class is dbal
- /includes/db/dbal.php
  Base DBAL class, defining the overall framework
- /includes/db/firebird.php
  Firebird/Interbase Database Abstraction Layer
- /includes/db/msssql.php
  MSSQL Database Abstraction Layer
- /includes/db/mssql_odbc.php
  MSSQL ODBC Database Abstraction Layer for MSSQL
- /includes/db/mysql.php
  MySQL Database Abstraction Layer for MySQL 3.x/4.0.x/4.1.x/5.x
- /includes/db/mysqli.php
  MySQLi Database Abstraction Layer
- /includes/db/oracle.php
  Oracle Database Abstraction Layer
- /includes/db/postgres.php
  PostgreSQL Database Abstraction Layer
- /includes/db/sqlite.php
  Sqlite Database Abstraction Layer
diff
/includes/diff
Diff Engine
docs
/docs
phpBB Documentation
images
/images
All global images not connected to styles
install
/install
Installation System
language
/language
All language files
login
/includes/auth
Login Authentication Plugins
VC
/includes/captcha
CAPTCHA
mcp
mcp.php, /includes/mcp, report.php
Moderator Control Panel
ucp
ucp.php, /includes/ucp
User Control Panel
utf
/includes/utf
UTF8-related functions/classes
search
/includes/search, search.php
Search System
styles
/styles, style.php
phpBB Styles/Templates/Themes/Imagesets

1.iv. Special Constants

There are some special constants application developers are able to utilize to bend some of phpBB's internal functionality to suit their needs.

PHPBB_MSG_HANDLER          (overwrite message handler)
PHPBB_DB_NEW_LINK          (overwrite new_link parameter for sql_connect)
PHPBB_ROOT_PATH            (overwrite $phpbb_root_path)
PHPBB_ADMIN_PATH           (overwrite $phpbb_admin_path)
PHPBB_USE_BOARD_URL_PATH   (use generate_board_url() for image paths instead of $phpbb_root_path)
PHPBB_DISABLE_ACP_EDITOR   (disable ACP style editor for templates)
PHPBB_DISABLE_CONFIG_CHECK (disable ACP config.php writeable check)

PHPBB_ACM_MEMCACHE_PORT     (overwrite memcached port, default is 11211)
PHPBB_ACM_MEMCACHE_COMPRESS (overwrite memcached compress setting, default is disabled)
PHPBB_ACM_MEMCACHE_HOST     (overwrite memcached host name, default is localhost)

PHPBB_ACM_REDIS_HOST        (overwrite redis host name, default is localhost)
PHPBB_ACM_REDIS_PORT        (overwrite redis port, default is 6379)
PHPBB_ACM_REDIS_PASSWORD    (overwrite redis password, default is empty)
PHPBB_ACM_REDIS_DB          (overwrite redis default database)

PHPBB_QA                   (Set board to QA-Mode, which means the updater also checks for RC-releases)

PHPBB_USE_BOARD_URL_PATH

If the PHPBB_USE_BOARD_URL_PATH constant is set to true, phpBB uses generate_board_url() (this will return the boards url with the script path included) on all instances where web-accessible images are loaded. The exact locations are:

/includes/session.php - user::img()
/includes/functions_content.php - smiley_text()

Path locations for the following template variables are affected by this too:

{T_THEME_PATH} - styles/xxx/theme
{T_TEMPLATE_PATH} - styles/xxx/template
{T_SUPER_TEMPLATE_PATH} - styles/xxx/template
{T_IMAGESET_PATH} - styles/xxx/imageset
{T_IMAGESET_LANG_PATH} - styles/xxx/imageset/yy
{T_IMAGES_PATH} - images/
{T_SMILIES_PATH} - $config['smilies_path']/
{T_AVATAR_PATH} - $config['avatar_path']/
{T_AVATAR_GALLERY_PATH} - $config['avatar_gallery_path']/
{T_ICONS_PATH} - $config['icons_path']/
{T_RANKS_PATH} - $config['ranks_path']/
{T_UPLOAD_PATH} - $config['upload_path']/
{T_STYLESHEET_LINK} - styles/xxx/theme/stylesheet.css (or link to style.php if css is parsed dynamically)
New template variable {BOARD_URL} for the board url + script path.

Please note that these guidelines apply to all php, html, javascript and css files.

2.i. Variable/Function Naming

We will not be using any form of hungarian notation in our naming conventions. Many of us believe that hungarian naming is one of the primary code obfuscation techniques currently in use.

Variable Names:

Variable names should be in all lowercase, with words separated by an underscore, example:

$current_user is right, but $currentuser and $currentUser are not.

Names should be descriptive, but concise. We don't want huge sentences as our variable names, but typing an extra couple of characters is always better than wondering what exactly a certain variable is for.

Loop Indices:

The only situation where a one-character variable name is allowed is when it's the index for some looping construct. In this case, the index of the outer loop should always be $i. If there's a loop inside that loop, its index should be $j, followed by $k, and so on. If the loop is being indexed by some already-existing variable with a meaningful name, this guideline does not apply, example:

for ($i = 0; $i < $outer_size; $i++)
{
   for ($j = 0; $j < $inner_size; $j++)
   {
      foo($i, $j);
   }
}

Function Names:

Functions should also be named descriptively. We're not programming in C here, we don't want to write functions called things like "stristr()". Again, all lower-case names with words separated by a single underscore character. Function names should preferably have a verb in them somewhere. Good function names are print_login_status(), get_user_data(), etc.

Function Arguments:

Arguments are subject to the same guidelines as variable names. We don't want a bunch of functions like: do_stuff($a, $b, $c). In most cases, we'd like to be able to tell how to use a function by just looking at its declaration.

Summary:

The basic philosophy here is to not hurt code clarity for the sake of laziness. This has to be balanced by a little bit of common sense, though; print_login_status_for_a_given_user() goes too far, for example -- that function would be better named print_user_login_status(), or just print_login_status().

Special Namings:

For all emoticons use the term smiley in singular and smilies in plural.

2.ii. Code Layout

Always include the braces:

This is another case of being too lazy to type 2 extra characters causing problems with code clarity. Even if the body of some construct is only one line long, do not drop the braces. Just don't, examples:

// These are all wrong.

if (condition) do_stuff();

if (condition)
	do_stuff();

while (condition)
	do_stuff();

for ($i = 0; $i < size; $i++)
	do_stuff($i);

// These are all right.

if (condition)
{
	do_stuff();
}

while (condition)
{
	do_stuff();
}

for ($i = 0; $i < size; $i++)
{
	do_stuff();
}

Where to put the braces:

This one is a bit of a holy war, but we're going to use a style that can be summed up in one sentence: Braces always go on their own line. The closing brace should also always be at the same column as the corresponding opening brace, examples:

if (condition)
{
	while (condition2)
	{
		...
	}
}
else
{
	...
}

for ($i = 0; $i < $size; $i++)
{
	...
}

while (condition)
{
	...
}

function do_stuff()
{
	...
}

Use spaces between tokens:

This is another simple, easy step that helps keep code readable without much effort. Whenever you write an assignment, expression, etc.. Always leave one space between the tokens. Basically, write code as if it was English. Put spaces between variable names and operators. Don't put spaces just after an opening bracket or before a closing bracket. Don't put spaces just before a comma or a semicolon. This is best shown with a few examples, examples:

// Each pair shows the wrong way followed by the right way.

$i=0;
$i = 0;

if($i<7) ...
if ($i < 7) ...

if ( ($i < 7)&&($j > 8) ) ...
if ($i < 7 && $j > 8) ...

do_stuff( $i, 'foo', $b );
do_stuff($i, 'foo', $b);

for($i=0; $i<$size; $i++) ...
for ($i = 0; $i < $size; $i++) ...

$i=($j < $size)?0:1;
$i = ($j < $size) ? 0 : 1;

Operator precedence:

Do you know the exact precedence of all the operators in PHP? Neither do I. Don't guess. Always make it obvious by using brackets to force the precedence of an equation so you know what it does. Remember to not over-use this, as it may harden the readability. Basically, do not enclose single expressions. Examples:

// what's the result? who knows.

$bool = ($i < 7 && $j > 8 || $k == 4);

// now you can be certain what I'm doing here.

$bool = (($i < 7) && (($j < 8) || ($k == 4)));

// But this one is even better, because it is easier on the eye but the intention is preserved

$bool = ($i < 7 && ($j < 8 || $k == 4));

Quoting strings:

There are two different ways to quote strings in PHP - either with single quotes or with double quotes. The main difference is that the parser does variable interpolation in double-quoted strings, but not in single quoted strings. Because of this, you should always use single quotes unless you specifically need variable interpolation to be done on that string. This way, we can save the parser the trouble of parsing a bunch of strings where no interpolation needs to be done.

Also, if you are using a string variable as part of a function call, you do not need to enclose that variable in quotes. Again, this will just make unnecessary work for the parser. Note, however, that nearly all of the escape sequences that exist for double-quoted strings will not work with single-quoted strings. Be careful, and feel free to break this guideline if it's making your code easier to read, examples:

// wrong

$str = "This is a really long string with no variables for the parser to find.";

do_stuff("$str");

// right

$str = 'This is a really long string with no variables for the parser to find.';

do_stuff($str);

// Sometimes single quotes are just not right

$post_url = $phpbb_root_path . 'posting.' . $phpEx . '?mode=' . $mode . '&amp;start=' . $start;

// Double quotes are sometimes needed to not overcrowd the line with concatenations.

$post_url = "{$phpbb_root_path}posting.$phpEx?mode=$mode&amp;start=$start";

In SQL statements mixing single and double quotes is partly allowed (following the guidelines listed here about SQL formatting), else one should try to only use one method - mostly single quotes.

Associative array keys:

In PHP, it's legal to use a literal string as a key to an associative array without quoting that string. We don't want to do this -- the string should always be quoted to avoid confusion. Note that this is only when we're using a literal, not when we're using a variable, examples:

// wrong

$foo = $assoc_array[blah];

// right

$foo = $assoc_array['blah'];

// wrong

$foo = $assoc_array["$var"];

// right

$foo = $assoc_array[$var];

Comments:

Each complex function should be preceded by a comment that tells a programmer everything they need to know to use that function. The meaning of every parameter, the expected input, and the output are required as a minimal comment. The function's behaviour in error conditions (and what those error conditions are) should also be present - but mostly included within the comment about the output.

Especially important to document are any assumptions the code makes, or preconditions for its proper operation. Any one of the developers should be able to look at any part of the application and figure out what's going on in a reasonable amount of time.

Avoid using /* */ comment blocks for one-line comments, // should be used for one/two-liners.

Magic numbers:

Don't use them. Use named constants for any literal value other than obvious special cases. Basically, it's ok to check if an array has 0 elements by using the literal 0. It's not ok to assign some special meaning to a number and then use it everywhere as a literal. This hurts readability AND maintainability. The constants true and false should be used in place of the literals 1 and 0 -- even though they have the same values (but not type!), it's more obvious what the actual logic is when you use the named constants. Typecast variables where it is needed, do not rely on the correct variable type (PHP is currently very loose on typecasting which can lead to security problems if a developer does not keep a very close eye on it).

Shortcut operators:

The only shortcut operators that cause readability problems are the shortcut increment $i++ and decrement $j-- operators. These operators should not be used as part of an expression. They can, however, be used on their own line. Using them in expressions is just not worth the headaches when debugging, examples:

// wrong

$array[++$i] = $j;
$array[$i++] = $k;

// right

$i++;
$array[$i] = $j;

$array[$i] = $k;
$i++;

Inline conditionals:

Inline conditionals should only be used to do very simple things. Preferably, they will only be used to do assignments, and not for function calls or anything complex at all. They can be harmful to readability if used incorrectly, so don't fall in love with saving typing by using them, examples:

// Bad place to use them

($i < $size && $j > $size) ? do_stuff($foo) : do_stuff($bar);

// OK place to use them

$min = ($i < $j) ? $i : $j;

Don't use uninitialized variables.

For phpBB3, we intend to use a higher level of run-time error reporting. This will mean that the use of an uninitialized variable will be reported as a warning. These warnings can be avoided by using the built-in isset() function to check whether a variable has been set - but preferably the variable is always existing. For checking if an array has a key set this can come in handy though, examples:

// Wrong

if ($forum) ...

// Right

if (isset($forum)) ...

// Also possible

if (isset($forum) && $forum == 5)

The empty() function is useful if you want to check if a variable is not set or being empty (an empty string, 0 as an integer or string, NULL, false, an empty array or a variable declared, but without a value in a class). Therefore empty should be used in favor of isset($array) && sizeof($array) > 0 - this can be written in a shorter way as !empty($array).

Switch statements:

Switch/case code blocks can get a bit long sometimes. To have some level of notice and being in-line with the opening/closing brace requirement (where they are on the same line for better readability), this also applies to switch/case code blocks and the breaks. An example:

// Wrong

switch ($mode)
{
	case 'mode1':
		// I am doing something here
		break;
	case 'mode2':
		// I am doing something completely different here
		break;
}

// Good

switch ($mode)
{
	case 'mode1':
		// I am doing something here
	break;

	case 'mode2':
		// I am doing something completely different here
	break;

	default:
		// Always assume that a case was not caught
	break;
}

// Also good, if you have more code between the case and the break

switch ($mode)
{
	case 'mode1':

		// I am doing something here

	break;

	case 'mode2':

		// I am doing something completely different here

	break;

	default:

		// Always assume that a case was not caught

	break;
}

Even if the break for the default case is not needed, it is sometimes better to include it just for readability and completeness.

If no break is intended, please add a comment instead. An example:

// Example with no break

switch ($mode)
{
	case 'mode1':

		// I am doing something here

	// no break here

	case 'mode2':

		// I am doing something completely different here

	break;

	default:

		// Always assume that a case was not caught

	break;
}

2.iii. SQL/SQL Layout

Common SQL Guidelines:

All SQL should be cross-DB compatible, if DB specific SQL is used alternatives must be provided which work on all supported DB's (MySQL3/4/5, MSSQL (7.0 and 2000), PostgreSQL (7.0+), Firebird, SQLite, Oracle8, ODBC (generalised if possible)).

All SQL commands should utilise the DataBase Abstraction Layer (DBAL)

SQL code layout:

SQL Statements are often unreadable without some formatting, since they tend to be big at times. Though the formatting of sql statements adds a lot to the readability of code. SQL statements should be formatted in the following way, basically writing keywords:

$sql = 'SELECT *
<-one tab->FROM ' . SOME_TABLE . '
<-one tab->WHERE a = 1
<-two tabs->AND (b = 2
<-three tabs->OR b = 3)
<-one tab->ORDER BY b';

Here the example with the tabs applied:

$sql = 'SELECT *
	FROM ' . SOME_TABLE . '
	WHERE a = 1
		AND (b = 2
			OR b = 3)
	ORDER BY b';

SQL Quotes:

Use double quotes where applicable. (The variables in these examples are typecasted to integers beforehand.) Examples:

// These are wrong.

"UPDATE " . SOME_TABLE . " SET something = something_else WHERE a = $b";

'UPDATE ' . SOME_TABLE . ' SET something = ' . $user_id . ' WHERE a = ' . $something;

// These are right.

'UPDATE ' . SOME_TABLE . " SET something = something_else WHERE a = $b";

'UPDATE ' . SOME_TABLE . " SET something = $user_id WHERE a = $something";

In other words use single quotes where no variable substitution is required or where the variable involved shouldn't appear within double quotes. Otherwise use double quotes.

Avoid DB specific SQL:

The "not equals operator", as defined by the SQL:2003 standard, is "<>"

// This is wrong.

$sql = 'SELECT *
	FROM ' . SOME_TABLE . '
	WHERE a != 2';

// This is right.

$sql = 'SELECT *
	FROM ' . SOME_TABLE . '
	WHERE a <> 2';

Common DBAL methods:

sql_escape():

Always use $db->sql_escape() if you need to check for a string within an SQL statement (even if you are sure the variable cannot contain single quotes - never trust your input), for example:

$sql = 'SELECT *
	FROM ' . SOME_TABLE . "
	WHERE username = '" . $db->sql_escape($username) . "'";

sql_query_limit():

We do not add limit statements to the sql query, but instead use $db->sql_query_limit(). You basically pass the query, the total number of lines to retrieve and the offset.

Note: Since Oracle handles limits differently and because of how we implemented this handling you need to take special care if you use sql_query_limit with an sql query retrieving data from more than one table.

Make sure when using something like "SELECT x.*, y.jars" that there is not a column named jars in x; make sure that there is no overlap between an implicit column and the explicit columns.

sql_build_array():

If you need to UPDATE or INSERT data, make use of the $db->sql_build_array() function. This function already escapes strings and checks other types, so there is no need to do this here. The data to be inserted should go into an array - $sql_ary - or directly within the statement if one or two variables needs to be inserted/updated. An example of an insert statement would be:

$sql_ary = array(
	'somedata'		=> $my_string,
	'otherdata'		=> $an_int,
	'moredata'		=> $another_int
);

$db->sql_query('INSERT INTO ' . SOME_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));

To complete the example, this is how an update statement would look like:

$sql_ary = array(
	'somedata'		=> $my_string,
	'otherdata'		=> $an_int,
	'moredata'		=> $another_int
);

$sql = 'UPDATE ' . SOME_TABLE . '
	SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
	WHERE user_id = ' . (int) $user_id;
$db->sql_query($sql);

The $db->sql_build_array() function supports the following modes: INSERT (example above), INSERT_SELECT (building query for INSERT INTO table (...) SELECT value, column ... statements), UPDATE (example above) and SELECT (for building WHERE statement [AND logic]).

sql_multi_insert():

If you want to insert multiple statements at once, please use the separate sql_multi_insert() method. An example:

$sql_ary = array();

$sql_ary[] = array(
	'somedata'		=> $my_string_1,
	'otherdata'		=> $an_int_1,
	'moredata'		=> $another_int_1,
);

$sql_ary[] = array(
	'somedata'		=> $my_string_2,
	'otherdata'		=> $an_int_2,
	'moredata'		=> $another_int_2,
);

$db->sql_multi_insert(SOME_TABLE, $sql_ary);

sql_in_set():

The $db->sql_in_set() function should be used for building IN () and NOT IN () constructs. Since (specifically) MySQL tend to be faster if for one value to be compared the = and <> operator is used, we let the DBAL decide what to do. A typical example of doing a positive match against a number of values would be:

$sql = 'SELECT *
	FROM ' . FORUMS_TABLE . '
	WHERE ' . $db->sql_in_set('forum_id', $forum_ids);
$db->sql_query($sql);

Based on the number of values in $forum_ids, the query can look differently.

// SQL Statement if $forum_ids = array(1, 2, 3);

SELECT FROM phpbb_forums WHERE forum_id IN (1, 2, 3)

// SQL Statement if $forum_ids = array(1) or $forum_ids = 1

SELECT FROM phpbb_forums WHERE forum_id = 1

Of course the same is possible for doing a negative match against a number of values:

$sql = 'SELECT *
	FROM ' . FORUMS_TABLE . '
	WHERE ' . $db->sql_in_set('forum_id', $forum_ids, true);
$db->sql_query($sql);

Based on the number of values in $forum_ids, the query can look differently here too.

// SQL Statement if $forum_ids = array(1, 2, 3);

SELECT FROM phpbb_forums WHERE forum_id NOT IN (1, 2, 3)

// SQL Statement if $forum_ids = array(1) or $forum_ids = 1

SELECT FROM phpbb_forums WHERE forum_id <> 1

If the given array is empty, an error will be produced.

sql_build_query():

The $db->sql_build_query() function is responsible for building sql statements for SELECT and SELECT DISTINCT queries if you need to JOIN on more than one table or retrieve data from more than one table while doing a JOIN. This needs to be used to make sure the resulting statement is working on all supported db's. Instead of explaining every possible combination, I will give a short example:

$sql_array = array(
	'SELECT'	=> 'f.*, ft.mark_time',

	'FROM'		=> array(
		FORUMS_WATCH_TABLE	=> 'fw',
		FORUMS_TABLE		=> 'f'
	),

	'LEFT_JOIN'	=> array(
		array(
			'FROM'	=> array(FORUMS_TRACK_TABLE => 'ft'),
			'ON'	=> 'ft.user_id = ' . $user->data['user_id'] . ' AND ft.forum_id = f.forum_id'
		)
	),

	'WHERE'		=> 'fw.user_id = ' . $user->data['user_id'] . '
		AND f.forum_id = fw.forum_id',

	'ORDER_BY'	=> 'left_id'
);

$sql = $db->sql_build_query('SELECT', $sql_array);

The possible first parameter for sql_build_query() is SELECT or SELECT_DISTINCT. As you can see, the logic is pretty self-explaining. For the LEFT_JOIN key, just add another array if you want to join on to tables for example. The added benefit of using this construct is that you are able to easily build the query statement based on conditions - for example the above LEFT_JOIN is only necessary if server side topic tracking is enabled; a slight adjustement would be:

$sql_array = array(
	'SELECT'	=> 'f.*',

	'FROM'		=> array(
		FORUMS_WATCH_TABLE	=> 'fw',
		FORUMS_TABLE		=> 'f'
	),

	'WHERE'		=> 'fw.user_id = ' . $user->data['user_id'] . '
		AND f.forum_id = fw.forum_id',

	'ORDER_BY'	=> 'left_id'
);

if ($config['load_db_lastread'])
{
	$sql_array['LEFT_JOIN'] = array(
		array(
			'FROM'	=> array(FORUMS_TRACK_TABLE => 'ft'),
			'ON'	=> 'ft.user_id = ' . $user->data['user_id'] . ' AND ft.forum_id = f.forum_id'
		)
	);

	$sql_array['SELECT'] .= ', ft.mark_time ';
}
else
{
	// Here we read the cookie data
}

$sql = $db->sql_build_query('SELECT', $sql_array);

2.iv. Optimizations

Operations in loop definition:

Always try to optimize your loops if operations are going on at the comparing part, since this part is executed every time the loop is parsed through. For assignments a descriptive name should be chosen. Example:

// On every iteration the sizeof function is called

for ($i = 0; $i < sizeof($post_data); $i++)
{
	do_something();
}

// You are able to assign the (not changing) result within the loop itself

for ($i = 0, $size = sizeof($post_data); $i < $size; $i++)
{
	do_something();
}

Use of in_array():

Try to avoid using in_array() on huge arrays, and try to not place them into loops if the array to check consist of more than 20 entries. in_array() can be very time consuming and uses a lot of cpu processing time. For little checks it is not noticeable, but if checked against a huge array within a loop those checks alone can take several seconds. If you need this functionality, try using isset() on the arrays keys instead, actually shifting the values into keys and vice versa. A call to isset($array[$var]) is a lot faster than in_array($var, array_keys($array)) for example.

2.v. General Guidelines

General things:

Never trust user input (this also applies to server variables as well as cookies).

Try to sanitize values returned from a function.

Try to sanitize given function variables within your function.

The auth class should be used for all authorisation checking.

No attempt should be made to remove any copyright information (either contained within the source or displayed interactively when the source is run/compiled), neither should the copyright information be altered in any way (it may be added to).

Variables:

Make use of the request_var() function for anything except for submit or single checking params.

The request_var function determines the type to set from the second parameter (which determines the default value too). If you need to get a scalar variable type, you need to tell this the request_var function explicitly. Examples:

// Old method, do not use it

$start = (isset($HTTP_GET_VARS['start'])) ? intval($HTTP_GET_VARS['start']) : intval($HTTP_POST_VARS['start']);
$submit = (isset($HTTP_POST_VARS['submit'])) ? true : false;

// Use request var and define a default variable (use the correct type)

$start = request_var('start', 0);
$submit = (isset($_POST['submit'])) ? true : false;

// $start is an int, the following use of request_var therefore is not allowed

$start = request_var('start', '0');

// Getting an array, keys are integers, value defaults to 0

$mark_array = request_var('mark', array(0));

// Getting an array, keys are strings, value defaults to 0

$action_ary = request_var('action', array('' => 0));

Login checks/redirection:

To show a forum login box use login_forum_box($forum_data), else use the login_box() function.

$forum_data should contain at least the forum_id and forum_password fields. If the field forum_name is available, then it is displayed on the forum login page.

The login_box() function can have a redirect as the first parameter. As a thumb of rule, specify an empty string if you want to redirect to the users current location, else do not add the $SID to the redirect string (for example within the ucp/login we redirect to the board index because else the user would be redirected to the login screen).

Sensitive Operations:

For sensitive operations always let the user confirm the action. For the confirmation screens, make use of the confirm_box() function.

Altering Operations:

For operations altering the state of the database, for instance posting, always verify the form token, unless you are already using confirm_box(). To do so, make use of the add_form_key() and check_form_key() functions.

	add_form_key('my_form');

	if ($submit)
	{
		if (!check_form_key('my_form'))
		{
			trigger_error('FORM_INVALID');
		}
	}

The string passed to add_form_key() needs to match the string passed to check_form_key(). Another requirement for this to work correctly is that all forms include the {S_FORM_TOKEN} template variable.

Sessions:

Sessions should be initiated on each page, as near the top as possible using the following code:

$user->session_begin();
$auth->acl($user->data);
$user->setup();

The $user->setup() call can be used to pass on additional language definition and a custom style (used in viewforum).

Errors and messages:

All messages/errors should be outputted by calling trigger_error() using the appropriate message type and language string. Example:

trigger_error('NO_FORUM');

trigger_error($user->lang['NO_FORUM']);

trigger_error('NO_MODE', E_USER_ERROR);

Url formatting

All urls pointing to internal files need to be prepended by the $phpbb_root_path variable. Within the administration control panel all urls pointing to internal files need to be prepended by the $phpbb_admin_path variable. This makes sure the path is always correct and users being able to just rename the admin folder and the acp still working as intended (though some links will fail and the code need to be slightly adjusted).

The append_sid() function from 2.0.x is available too, though it does not handle url alterations automatically. Please have a look at the code documentation if you want to get more details on how to use append_sid(). A sample call to append_sid() can look like this:

append_sid("{$phpbb_root_path}memberlist.$phpEx", 'mode=group&amp;g=' . $row['group_id'])

General function usage:

Some of these functions are only chosen over others because of personal preference and have no benefit other than maintaining consistency throughout the code.

Use sizeof instead of count
Use strpos instead of strstr
Use else if instead of elseif
Use false (lowercase) instead of FALSE
Use true (lowercase) instead of TRUE

Exiting

Your page should either call page_footer() in the end to trigger output through the template engine and terminate the script, or alternatively at least call the exit_handler(). That call is necessary because it provides a method for external applications embedding phpBB to be called at the end of the script.

3.i. Style Config Files

Style cfg files are simple name-value lists with the information necessary for installing a style. Similar cfg files exist for templates, themes and imagesets. These follow the same principle and will not be introduced individually. Styles can use installed components by using the required_theme/required_template/required_imageset entries. The important part of the style configuration file is assigning an unique name.

        # General Information about this style
        name = prosilver_duplicate
        copyright = © phpBB Group, 2007
        version = 3.0.3
        required_template = prosilver
        required_theme = prosilver
        required_imageset = prosilver

3.2. General Styling Rules

Templates should be produced in a consistent manner. Where appropriate they should be based off an existing copy, e.g. index, viewforum or viewtopic (the combination of which implement a range of conditional and variable forms). Please also note that the indentation and coding guidelines also apply to templates where possible.

The outer table class forumline has gone and is replaced with tablebg.

When writing <table> the order <table class="" cellspacing="" cellpadding="" border="" align=""> creates consistency and allows everyone to easily see which table produces which "look". The same applies to most other tags for which additional parameters can be set, consistency is the major aim here.

Each block level element should be indented by one tab, same for tabular elements, e.g. <tr> <td> etc., whereby the intendiation of <table> and the following/ending <tr> should be on the same line. This applies not to div elements of course.

Don't use <span> more than is essential ... the CSS is such that text sizes are dependent on the parent class. So writing <span class="gensmall"><span class="gensmall">TEST</span></span> will result in very very small text. Similarly don't use span at all if another element can contain the class definition, e.g.

<td><span class="gensmall">TEST</span></td>

can just as well become:

<td class="gensmall">TEST</td>

Try to match text class types with existing useage, e.g. don't use the nav class where viewtopic uses gensmall for example.

Row colours/classes are now defined by the template, use an IF S_ROW_COUNT switch, see viewtopic or viewforum for an example.

Remember block level ordering is important ... while not all pages validate as XHTML 1.0 Strict compliant it is something we're trying to work on.

Use a standard cellpadding of 2 and cellspacing of 0 on outer tables. Inner tables can vary from 0 to 3 or even 4 depending on the need.

Use div container/css for styling and table for data representation.

The separate catXXXX and thXXX classes are gone. When defining a header cell just use <th> rather than <th class="thHead"> etc. Similarly for cat, don't use <td class="catLeft"> use <td class="cat"> etc.

Try to retain consistency of basic layout and class useage, i.e. _EXPLAIN text should generally be placed below the title it explains, e.g. {L_POST_USERNAME}<br /><span class="gensmall">{L_POST_USERNAME_EXPLAIN}</span> is the typical way of handling this ... there may be exceptions and this isn't a hard and fast rule.

Try to keep template conditional and other statements tabbed in line with the block to which they refer.

this is correct

<!-- BEGIN test -->
	<tr>
		<td>{test.TEXT}</td>
	</tr>
<!-- END test -->

this is also correct:

<!-- BEGIN test -->
<tr>
	<td>{test.TEXT}</td>
</tr>
<!-- END test -->

it gives immediate feedback on exactly what is looping - decide which way to use based on the readability.

4.i. General Templating

File naming

Firstly templates now take the suffix ".html" rather than ".tpl". This was done simply to make the lives of some people easier wrt syntax highlighting, etc.

Variables

All template variables should be named appropriately (using underscores for spaces), language entries should be prefixed with L_, system data with S_, urls with U_, javascript urls with UA_, language to be put in javascript statements with LA_, all other variables should be presented 'as is'.

L_* template variables are automatically mapped to the corresponding language entry if the code does not set (and therefore overwrite) this variable specifically and if the language entry exists. For example {L_USERNAME} maps to $user->lang['USERNAME']. The LA_* template variables are handled within the same way, but properly escaped so they can be put in javascript code. This should reduce the need to assign loads of new language variables in MODifications.

Blocks/Loops

The basic block level loop remains and takes the form:

<!-- BEGIN loopname -->
	markup, {loopname.X_YYYYY}, etc.
<!-- END loopname -->

A bit later loops will be explained further. To not irritate you we will explain conditionals as well as other statements first.

Including files

Something that existed in 2.0.x which no longer exists in 3.0.x is the ability to assign a template to a variable. This was used (for example) to output the jumpbox. Instead (perhaps better, perhaps not but certainly more flexible) we now have INCLUDE. This takes the simple form:

<!-- INCLUDE filename -->

You will note in the 3.0 templates the major sources start with  or , etc. In 2.0.x control of "which" header to use was defined entirely within the code. In 3.0.x the template designer can output what they like. Note that you can introduce new templates (i.e. other than those in the default set) using this system and include them as you wish ... perhaps useful for a common "menu" bar or some such. No need to modify loads of files as with 2.0.x.

Added in 3.0.6 is the ability to include a file using a template variable to specify the file, this functionality only works for root variables (i.e. not block variables).

<!-- INCLUDE {FILE_VAR} -->

Template defined variables can also be utilised.

<!-- DEFINE $SOME_VAR = 'my_file.html' -->
<!-- INCLUDE {$SOME_VAR} -->

PHP

A contentious decision has seen the ability to include PHP within the template introduced. This is achieved by enclosing the PHP within relevant tags:

<!-- PHP -->
	echo "hello!";
<!-- ENDPHP -->

You may also include PHP from an external file using:

<!-- INCLUDEPHP somefile.php -->

it will be included and executed inline.

A note, it is very much encouraged that template designers do not include PHP. The ability to include raw PHP was introduced primarily to allow end users to include banner code, etc. without modifying multiple files (as with 2.0.x). It was not intended for general use ... hence www.phpbb.com will not make available template sets which include PHP. And by default templates will have PHP disabled (the admin will need to specifically activate PHP for a template).

Conditionals/Control structures

The most significant addition to 3.0.x are conditions or control structures, "if something then do this else do that". The system deployed is very similar to Smarty. This may confuse some people at first but it offers great potential and great flexibility with a little imagination. In their most simple form these constructs take the form:

<!-- IF expr -->
	markup
<!-- ENDIF -->

expr can take many forms, for example:

<!-- IF loop.S_ROW_COUNT is even -->
	markup
<!-- ENDIF -->

This will output the markup if the S_ROW_COUNT variable in the current iteration of loop is an even value (i.e. the expr is TRUE). You can use various comparison methods (standard as well as equivalent textual versions noted in square brackets) including (not, or, and, eq, neq, is should be used if possible for better readability):

== [eq]
!= [neq, ne]
<> (same as !=)
!== (not equivalent in value and type)
=== (equivalent in value and type)
> [gt]
< [lt]
>= [gte]
<= [lte]
&& [and]
|| [or]
% [mod]
! [not]
+
-
*
/
,
<< (bitwise shift left)
>> (bitwise shift right)
| (bitwise or)
^ (bitwise xor)
& (bitwise and)
~ (bitwise not)
is (can be used to join comparison operations)

Basic parenthesis can also be used to enforce good old BODMAS rules. Additionally some basic comparison types are defined:

even
odd
div

Beyond the simple use of IF you can also do a sequence of comparisons using the following:

<!-- IF expr1 -->
	markup
<!-- ELSEIF expr2 -->
	markup
	.
	.
	.
<!-- ELSEIF exprN -->
	markup
<!-- ELSE -->
	markup
<!-- ENDIF -->

Each statement will be tested in turn and the relevant output generated when a match (if a match) is found. It is not necessary to always use ELSEIF, ELSE can be used alone to match "everything else".

So what can you do with all this? Well take for example the colouration of rows in viewforum. In 2.0.x row colours were predefined within the source as either row color1, row color2 or row class1, row class2. In 3.0.x this is moved to the template, it may look a little daunting at first but remember control flows from top to bottom and it's not too difficult:

<table>
	<!-- IF loop.S_ROW_COUNT is even -->
		<tr class="row1">
	<!-- ELSE -->
		<tr class="row2">
	<!-- ENDIF -->
	<td>HELLO!</td>
</tr>
</table>

This will cause the row cell to be output using class row1 when the row count is even, and class row2 otherwise. The S_ROW_COUNT parameter gets assigned to loops by default. Another example would be the following:

<table>
	<!-- IF loop.S_ROW_COUNT > 10 -->
		<tr bgcolor="#FF0000">
	<!-- ELSEIF loop.S_ROW_COUNT > 5 -->
		<tr bgcolor="#00FF00">
	<!-- ELSEIF loop.S_ROW_COUNT > 2 -->
		<tr bgcolor="#0000FF">
	<!-- ELSE -->
		<tr bgcolor="#FF00FF">
	<!-- ENDIF -->
	<td>hello!</td>
</tr>
</table>

This will output the row cell in purple for the first two rows, blue for rows 2 to 5, green for rows 5 to 10 and red for remainder. So, you could produce a "nice" gradient effect, for example.

What else can you do? Well, you could use IF to do common checks on for example the login state of a user:

<!-- IF S_USER_LOGGED_IN -->
	markup
<!-- ENDIF -->

This replaces the existing (fudged) method in 2.0.x using a zero length array and BEGIN/END.

Extended syntax for Blocks/Loops

Back to our loops - they had been extended with the following additions. Firstly you can set the start and end points of the loop. For example:

<!-- BEGIN loopname(2) -->
	markup
<!-- END loopname -->

Will start the loop on the third entry (note that indexes start at zero). Extensions of this are:

loopname(2): Will start the loop on the 3rd entry
loopname(-2): Will start the loop two entries from the end
loopname(3,4): Will start the loop on the fourth entry and end it on the fifth
loopname(3,-4): Will start the loop on the fourth entry and end it four from last

A further extension to begin is BEGINELSE:

<!-- BEGIN loop -->
	markup
<!-- BEGINELSE -->
	markup
<!-- END loop -->

This will cause the markup between BEGINELSE and END to be output if the loop contains no values. This is useful for forums with no topics (for example) ... in some ways it replaces "bits of" the existing "switch_" type control (the rest being replaced by conditionals).

Another way of checking if a loop contains values is by prefixing the loops name with a dot:

<!-- IF .loop -->
	<!-- BEGIN loop -->
		markup
	<!-- END loop -->
<!-- ELSE -->
	markup
<!-- ENDIF -->

You are even able to check the number of items within a loop by comparing it with values within the IF condition:

<!-- IF .loop > 2 -->
	<!-- BEGIN loop -->
		markup
	<!-- END loop -->
<!-- ELSE -->
	markup
<!-- ENDIF -->

Nesting loops cause the conditionals needing prefixed with all loops from the outer one to the inner most. An illustration of this:

<!-- BEGIN firstloop -->
	{firstloop.MY_VARIABLE_FROM_FIRSTLOOP}

	<!-- BEGIN secondloop -->
		{firstloop.secondloop.MY_VARIABLE_FROM_SECONDLOOP}
	<!-- END secondloop -->
<!-- END firstloop -->

Sometimes it is necessary to break out of nested loops to be able to call another loop within the current iteration. This sounds a little bit confusing and it is not used very often. The following (rather complex) example shows this quite good - it also shows how you test for the first and last row in a loop (i will explain the example in detail further down):

<!-- BEGIN l_block1 -->
	<!-- IF l_block1.S_SELECTED -->
		<strong>{l_block1.L_TITLE}</strong>
		<!-- IF S_PRIVMSGS -->

			<!-- the ! at the beginning of the loop name forces the loop to be not a nested one of l_block1 -->
			<!-- BEGIN !folder -->
				<!-- IF folder.S_FIRST_ROW -->
					<ul class="nav">
				<!-- ENDIF -->

				<li><a href="{folder.U_FOLDER}">{folder.FOLDER_NAME}</a></li>

				<!-- IF folder.S_LAST_ROW -->
					</ul>
				<!-- ENDIF -->
			<!-- END !folder -->

		<!-- ENDIF -->

		<ul class="nav">
		<!-- BEGIN l_block2 -->
			<li>
				<!-- IF l_block1.l_block2.S_SELECTED -->
					<strong>{l_block1.l_block2.L_TITLE}</strong>
				<!-- ELSE -->
					<a href="{l_block1.l_block2.U_TITLE}">{l_block1.l_block2.L_TITLE}</a>
				<!-- ENDIF -->
			</li>
		<!-- END l_block2 -->
		</ul>
	<!-- ELSE -->
		<a class="nav" href="{l_block1.U_TITLE}">{l_block1.L_TITLE}</a>
	<!-- ENDIF -->
<!-- END l_block1 -->

Let us first concentrate on this part of the example:

<!-- BEGIN l_block1 -->
	<!-- IF l_block1.S_SELECTED -->
		markup
	<!-- ELSE -->
		<a class="nav" href="{l_block1.U_TITLE}">{l_block1.L_TITLE}</a>
	<!-- ENDIF -->
<!-- END l_block1 -->

Here we open the loop l_block1 and do some things if the value S_SELECTED within the current loop iteration is true, else we write the blocks link and title. Here, you see {l_block1.L_TITLE} referenced - you remember that L_* variables get automatically assigned the corresponding language entry? This is true, but not within loops. The L_TITLE variable within the loop l_block1 is assigned within the code itself.

Let's have a closer look at the markup:

<!-- BEGIN l_block1 -->
.
.
	<!-- IF S_PRIVMSGS -->

		<!-- BEGIN !folder -->
			<!-- IF folder.S_FIRST_ROW -->
				<ul class="nav">
			<!-- ENDIF -->

			<li><a href="{folder.U_FOLDER}">{folder.FOLDER_NAME}</a></li>

			<!-- IF folder.S_LAST_ROW -->
				</ul>
			<!-- ENDIF -->
		<!-- END !folder -->

	<!-- ENDIF -->
.
.
<!-- END l_block1 -->

The  statement clearly checks a global variable and not one within the loop, since the loop is not given here. So, if S_PRIVMSGS is true we execute the shown markup. Now, you see the  statement. The exclamation mark is responsible for instructing the template engine to iterate through the main loop folder. So, we are now within the loop folder - with  we would have been within the loop l_block1.folder automatically as is the case with l_block2:

<!-- BEGIN l_block1 -->
.
.
	<ul class="nav">
	<!-- BEGIN l_block2 -->
		<li>
			<!-- IF l_block1.l_block2.S_SELECTED -->
				<strong>{l_block1.l_block2.L_TITLE}</strong>
			<!-- ELSE -->
				<a href="{l_block1.l_block2.U_TITLE}">{l_block1.l_block2.L_TITLE}</a>
			<!-- ENDIF -->
		</li>
	<!-- END l_block2 -->
	</ul>
.
.
<!-- END l_block1 -->

You see the difference? The loop l_block2 is a member of the loop l_block1 but the loop folder is a main loop.

Now back to our folder loop:

<!-- IF folder.S_FIRST_ROW -->
	<ul class="nav">
<!-- ENDIF -->

<li><a href="{folder.U_FOLDER}">{folder.FOLDER_NAME}</a></li>

<!-- IF folder.S_LAST_ROW -->
	</ul>
<!-- ENDIF -->

You may have wondered what the comparison to S_FIRST_ROW and S_LAST_ROW is about. If you haven't guessed already - it is checking for the first iteration of the loop with S_FIRST_ROW and the last iteration with S_LAST_ROW. This can come in handy quite often if you want to open or close design elements, like the above list. Let us imagine a folder loop build with three iterations, it would go this way:

<ul class="nav"> <!-- written on first iteration -->
	<li>first element</li> <!-- written on first iteration -->
	<li>second element</li> <!-- written on second iteration -->
	<li>third element</li> <!-- written on third iteration -->
</ul> <!-- written on third iteration -->

As you can see, all three elements are written down as well as the markup for the first iteration and the last one. Sometimes you want to omit writing the general markup - for example:

<!-- IF folder.S_FIRST_ROW -->
	<ul class="nav">
<!-- ELSEIF folder.S_LAST_ROW -->
	</ul>
<!-- ELSE -->
	<li><a href="{folder.U_FOLDER}">{folder.FOLDER_NAME}</a></li>
<!-- ENDIF -->

would result in the following markup:

<ul class="nav"> <!-- written on first iteration -->
	<li>second element</li> <!-- written on second iteration -->
</ul> <!-- written on third iteration -->

Just always remember that processing is taking place from top to bottom.

Forms

If a form is used for a non-trivial operation (i.e. more than a jumpbox), then it should include the {S_FORM_TOKEN} template variable.

<form method="post" id="mcp" action="{U_POST_ACTION}">

	<fieldset class="submit-buttons">
		<input type="reset" value="{L_RESET}" name="reset" class="button2" /> 
		<input type="submit" name="action[add_warning]" value="{L_SUBMIT}" class="button1" />
		{S_FORM_TOKEN}
	</fieldset>
</form>

4.ii. Template Inheritance

When basing a new style on an existing one, it is not necessary to provide all the template files. By declaring the base style name in the inherit_from field in the template configuration file, the style can be set to inherit template files from the base style. The limitation on this is that the base style has to be installed and complete, meaning that it is not itself inheriting.

The effect of doing so is that the template engine will use the template files in the new style where they exist, but fall back to files in the base style otherwise. Declaring a style to inherit from another also causes it to use some of the configuration settings of the base style, notably database storage.

We strongly encourage the use of inheritance for styles based on the bundled styles, as it will ease the update procedure.

        # General Information about this template
        name = inherits
        copyright = © phpBB Group, 2007
        version = 3.0.3

        # Defining a different template bitfield
        template_bitfield = lNg=

        # Are we inheriting?
        inherit_from = prosilver

What are Unicode, UCS and UTF-8?

The Universal Character Set (UCS) described in ISO/IEC 10646 consists of a large amount of characters. Each of them has a unique name and a code point which is an integer number. Unicode - which is an industry standard - complements the Universal Character Set with further information about the characters' properties and alternative character encodings. More information on Unicode can be found on the Unicode Consortium's website. One of the Unicode encodings is the 8-bit Unicode Transformation Format (UTF-8). It encodes characters with up to four bytes aiming for maximum compatibility with the American Standard Code for Information Interchange which is a 7-bit encoding of a relatively small subset of the UCS.

phpBB's use of Unicode

Unfortunately PHP does not faciliate the use of Unicode prior to version 6. Most functions simply treat strings as sequences of bytes assuming that each character takes up exactly one byte. This behaviour still allows for storing UTF-8 encoded text in PHP strings but many operations on strings have unexpected results. To circumvent this problem we have created some alternative functions to PHP's native string operations which use code points instead of bytes. These functions can be found in /includes/utf/utf_tools.php. They are also covered in the phpBB3 Sourcecode Documentation. A lot of native PHP functions still work with UTF-8 as long as you stick to certain restrictions. For example explode still works as long as the first and the last character of the delimiter string are ASCII characters.

phpBB only uses the ASCII and the UTF-8 character encodings. Still all Strings are UTF-8 encoded because ASCII is a subset of UTF-8. The only exceptions to this rule are code sections which deal with external systems which use other encodings and character sets. Such external data should be converted to UTF-8 using the utf8_recode() function supplied with phpBB. It supports a variety of other character sets and encodings, a full list can be found below.

With request_var() you can either allow all UCS characters in user input or restrict user input to ASCII characters. This feature is controlled by the function's third parameter called $multibyte. You should allow multibyte characters in posts, PMs, topic titles, forum names, etc. but it's not necessary for internal uses like a $mode variable which should only hold a predefined list of ASCII strings anyway.

// an input string containing a multibyte character
$_REQUEST['multibyte_string'] = 'Käse';

// print request variable as a UTF-8 string allowing multibyte characters
echo request_var('multibyte_string', '', true);
// print request variable as ASCII string
echo request_var('multibyte_string', '');

This code snippet will generate the following output:

Käse
K??se

Unicode Normalization

If you retrieve user input with multibyte characters you should additionally normalize the string using utf8_normalize_nfc() before you work with it. This is necessary to make sure that equal characters can only occur in one particular binary representation. For example the character Å can be represented either as U+00C5 (LATIN CAPITAL LETTER A WITH RING ABOVE) or as U+212B (ANGSTROM SIGN). phpBB uses Normalization Form Canonical Composition (NFC) for all text. So the correct version of the above example would look like this:

$_REQUEST['multibyte_string'] = 'Käse';

// normalize multibyte strings
echo utf8_normalize_nfc(request_var('multibyte_string', '', true));
// ASCII strings do not need to be normalized
echo request_var('multibyte_string', '');

Case Folding

Case insensitive comparison of strings is no longer possible with strtolower or strtoupper as some characters have multiple lower case or multiple upper case forms depending on their position in a word. The utf8_strtolower and the utf8_strtoupper functions suffer from the same problem so they can only be used to display upper/lower case versions of a string but they cannot be used for case insensitive comparisons either. So instead you should use case folding which gives you a case insensitive version of the string which can be used for case insensitive comparisons. An NFC normalized string can be case folded using utf8_case_fold_nfc().

// Bad - The strings might be the same even if strtolower differs

if (strtolower($string1) == strtolower($string2))
{
	echo '$string1 and $string2 are equal or differ in case';
}

// Good - Case folding is really case insensitive

if (utf8_case_fold_nfc($string1) == utf8_case_fold_nfc($string2))
{
	echo '$string1 and $string2 are equal or differ in case';
}

Confusables Detection

phpBB offers a special method utf8_clean_string which can be used to make sure string identifiers are unique. This method uses Normalization Form Compatibility Composition (NFKC) instead of NFC and replaces similarly looking characters with a particular representative of the equivalence class. This method is currently used for usernames and group names to avoid confusion with similarly looking names.

6.i. Standardisation

Reason:

phpBB is one of the most translated open-source projects, with the current stable version being available in over 60 localisations. Whilst the ad hoc approach to the naming of language packs has worked, for phpBB3 and beyond we hope to make this process saner which will allow for better interoperation with current and future web browsers.

Encoding:

With phpBB3, the output encoding for the forum in now UTF-8, a Universal Character Encoding by the Unicode Consortium that is by design a superset to US-ASCII and ISO-8859-1. By using one character set which simultaenously supports all scripts which previously would have required different encodings (eg: ISO-8859-1 to ISO-8859-15 (Latin, Greek, Cyrillic, Thai, Hebrew, Arabic); GB2312 (Simplified Chinese); Big5 (Traditional Chinese), EUC-JP (Japanese), EUC-KR (Korean), VISCII (Vietnamese); et cetera), we remove the need to convert between encodings and improves the accessibility of multilingual forums.

The impact is that the language files for phpBB must now also be encoded as UTF-8, with a caveat that the files must not contain a BOM for compatibility reasons with non-Unicode aware versions of PHP. For those with forums using the Latin character set (ie: most European languages), this change is transparent since UTF-8 is superset to US-ASCII and ISO-8859-1.

Language Tag:

The IETF recently published RFC 4646 for tags used to identify languages, which in combination with RFC 4647 obseletes the older RFC 3006 and older-still RFC 1766. RFC 4646 uses ISO 639-1/ISO 639-2, ISO 3166-1 alpha-2, ISO 15924 and UN M.49 to define a language tag. Each complete tag is composed of subtags which are not case sensitive and can also be empty.

Ordering of the subtags in the case that they are all non-empty is: language-script-region-variant-extension-privateuse. Should any subtag be empty, its corresponding hyphen would also be ommited. Thus, the language tag for English will be en and not en-----.

Most language tags consist of a two- or three-letter language subtag (from ISO 639-1/ISO 639-2). Sometimes, this is followed by a two-letter or three-digit region subtag (from ISO 3166-1 alpha-2 or UN M.49). Some examples are:

Language tag examples
Language tag	Description	Component subtags
`en`	English	`language`
`mas`	Masai	`language`
`fr-CA`	French as used in Canada	`language`+`region`
`en-833`	English as used in the Isle of Man	`language`+`region`
`zh-Hans`	Chinese written with Simplified script	`language`+`script`
`zh-Hant-HK`	Chinese written with Traditional script as used in Hong Kong	`language`+`script`+`region`
`de-AT-1996`	German as used in Austria with 1996 orthography	`language`+`region`+`variant`

The ultimate aim of a language tag is to convey the needed useful distingushing information, whilst keeping it as short as possible. So for example, use en, fr and ja as opposed to en-GB, fr-FR and ja-JP, since we know English, French and Japanese are the native language of Great Britain, France and Japan respectively.

Next is the ISO 15924 language script code and when one should or shouldn't use it. For example, whilst en-Latn is syntaxically correct for describing English written with Latin script, real world English writing is more-or-less exclusively in the Latin script. For such languages like English that are written in a single script, the IANA Language Subtag Registry has a "Suppress-Script" field meaning the script code should be ommitted unless a specific language tag requires a specific script code. Some languages are written in more than one script and in such cases, the script code is encouraged since an end-user may be able to read their language in one script, but not the other. Some examples are:

Language subtag + script subtag examples
Language tag	Description	Component subtags
`en-Brai`	English written in Braille script	`language`+`script`
`en-Dsrt`	English written in Deseret (Mormon) script	`language`+`script`
`sr-Latn`	Serbian written in Latin script	`language`+`script`
`sr-Cyrl`	Serbian written in Cyrillic script	`language`+`script`
`mn-Mong`	Mongolian written in Mongolian script	`language`+`script`
`mn-Cyrl`	Mongolian written in Cyrillic script	`language`+`script`
`mn-Phag`	Mongolian written in Phags-pa script	`language`+`script`
`az-Cyrl-AZ`	Azerbaijani written in Cyrillic script as used in Azerbaijan	`language`+`script`+`region`
`az-Latn-AZ`	Azerbaijani written in Latin script as used in Azerbaijan	`language`+`script`+`region`
`az-Arab-IR`	Azerbaijani written in Arabic script as used in Iran	`language`+`script`+`region`

Usage of the three-digit UN M.49 code over the two-letter ISO 3166-1 alpha-2 code should hapen if a macro-geographical entity is required and/or the ISO 3166-1 alpha-2 is ambiguous.

Examples of English using marco-geographical regions:

Coding for English using macro-geographical regions
ISO 639-1/ISO 639-2 + ISO 3166-1 alpha-2	ISO 639-1/ISO 639-2 + UN M.49 (Example macro regions)
`en-AU` English as used in Australia	`en-053` English as used in Australia & New Zealand	`en-009` English as used in Oceania
`en-NZ` English as used in New Zealand	`en-053` English as used in Australia & New Zealand
`en-FJ` English as used in Fiji	`en-054` English as used in Melanesia

Examples of Spanish using marco-geographical regions:

Coding for Spanish macro-geographical regions
ISO 639-1/ISO 639-2 + ISO 3166-1 alpha-2	ISO 639-1/ISO 639-2 + UN M.49 (Example macro regions)
`es-PR` Spanish as used in Puerto Rico	`es-419` Spanish as used in Latin America & the Caribbean	`es-019` Spanish as used in the Americas
`es-HN` Spanish as used in Honduras
`es-AR` Spanish as used in Argentina
`es-US` Spanish as used in United States of America	`es-021` Spanish as used in North America

Example of where the ISO 3166-1 alpha-2 is ambiguous and why UN M.49 might be preferred:

Coding for ambiguous ISO 3166-1 alpha-2 regions
`CS` assignment pre-1994		`CS` assignment post-1994
`CS` Czechoslovakia (ISO 3166-1) `200` Czechoslovakia (UN M.49)		`CS` Serbian & Montenegro (ISO 3166-1) `891` Serbian & Montenegro (UN M.49)
`CZ` Czech Republic (ISO 3166-1) `203` Czech Republic (UN M.49)	`SK` Slovakia (ISO 3166-1) `703` Slovakia (UN M.49)	`RS` Serbia (ISO 3166-1) `688` Serbia (UN M.49)	`ME` Montenegro (ISO 3166-1) `499` Montenegro (UN M.49)

Macro-languages & Topolects:

RFC 4646 anticipates features which shall be available in (currently draft) ISO 639-3 which aims to provide as complete enumeration of languages as possible, including living, extinct, ancient and constructed languages, whether majour, minor or unwritten. A new feature of ISO 639-3 compared to the previous two revisions is the concept of macrolanguages where Arabic and Chinese are two such examples. In such cases, their respective codes of ar and zh is very vague as to which dialect/topolect is used or perhaps some terse classical variant which may be difficult for all but very educated users. For such macrolanguages, it is recommended that the sub-language tag is used as a suffix to the macrolanguage tag, eg:

Macrolanguage subtag + sub-language subtag examples
Language tag	Description	Component subtags
`zh-cmn`	Mandarin (Putonghau/Guoyu) Chinese	`macrolanguage`+`sublanguage`
`zh-yue`	Yue (Cantonese) Chinese	`macrolanguage`+`sublanguage`
`zh-cmn-Hans`	Mandarin (Putonghau/Guoyu) Chinese written in Simplified script	`macrolanguage`+`sublanguage`+`script`
`zh-cmn-Hant`	Mandarin (Putonghau/Guoyu) Chinese written in Traditional script	`macrolanguage`+`sublanguage`+`script`
`zh-nan-Latn-TW`	Minnan (Hoklo) Chinese written in Latin script (POJ Romanisation) as used in Taiwan	`macrolanguage`+`sublanguage`+`script`+`region`

6.ii. Other considerations

Normalisation of language tags for phpBB:

For phpBB, the language tags are not used in their raw form and instead converted to all lower-case and have the hyphen - replaced with an underscore _ where appropriate, with some examples below:

Language tag normalisation examples
Raw language tag	Description	Value of `USER_LANG` in `./common.php`	Language pack directory name in `/language/`
`en`	British English	`en`	`en`
`de-AT`	German as used in Austria	`de-at`	`de_at`
`es-419`	Spanish as used in Latin America & Caribbean	`en-419`	`en_419`
`zh-yue-Hant-HK`	Cantonese written in Traditional script as used in Hong Kong	`zh-yue-hant-hk`	`zh_yue_hant_hk`

How to use `iso.txt`:

The iso.txt file is a small UTF-8 encoded plain-text file which consists of three lines:

Language's English name
Language's local name
Authors information

iso.txt is automatically generated by the language pack submission system on phpBB.com. You don't have to create this file yourself if you plan on releasing your language pack on phpBB.com, but do keep in mind that phpBB itself does require this file to be present.

Because language tags themselves are meant to be machine read, they can be rather obtuse to humans and why descriptive strings as provided by iso.txt are needed. Whilst en-US could be fairly easily deduced to be "English as used in the United States", de-CH is more difficult less one happens to know that de is from "Deutsch", German for "German" and CH is the abbreviation of the official Latin name for Switzerland, "Confoederatio Helvetica".

For the English language description, the language name is always first and any additional attributes required to describe the subtags within the language code are then listed in order separated with commas and enclosed within parentheses, eg:

English language description examples for iso.txt
Raw language tag	English description within `iso.txt`
`en`	British English
`en-US`	English (United States)
`en-053`	English (Australia & New Zealand)
`de`	German
`de-CH-1996`	German (Switzerland, 1996 orthography)
`gws-1996`	Swiss German (1996 orthography)
`zh-cmn-Hans-CN`	Mandarin Chinese (Simplified, Mainland China)
`zh-yue-Hant-HK`	Cantonese Chinese (Traditional, Hong Kong)

For the localised language description, just translate the English version though use whatever appropriate punctuation typical for your own locale, assuming the language uses punctuation at all.

Unicode bi-directional considerations:

Because phpBB is now UTF-8, all translators must take into account that certain strings may be shown when the directionality of the document is either opposite to normal or is ambiguous.

The various Unicode control characters for bi-directional text and their HTML enquivalents where appropriate are as follows:

Unicode bidirectional control characters & HTML elements/entities
Unicode character abbreviation	Unicode code-point	Unicode character name	Equivalent HTML markup/entity	Raw character (enclosed between '')
`LRM`	`U+200E`	Left-to-Right Mark	`&lrm;`	'‎'
`RLM`	`U+200F`	Right-to-Left Mark	`&rlm;`	'‏'
`LRE`	`U+202A`	Left-to-Right Embedding	`dir="ltr"`	'‪'
`RLE`	`U+202B`	Right-to-Left Embedding	`dir="rtl"`	'‫'
`PDF`	`U+202C`	Pop Directional Formatting	`</bdo>`	'‬'
`LRO`	`U+202D`	Left-to-Right Override	`<bdo dir="ltr">`	'‭'
`RLO`	`U+202E`	Right-to-Left Override	`<bdo dir="rtl">`	'‮'

For iso.txt, the directionality of the text can be explicitly set using special Unicode characters via any of the three methods provided by left-to-right/right-to-left markers/embeds/overrides, as without them, the ordering of characters will be incorrect, eg:

Unicode bidirectional control characters iso.txt
Directionality	Raw character view	Display of localised description in `iso.txt`	Ordering
`dir="ltr"`	English (Australia & New Zealand)	English (Australia & New Zealand)	Correct
`dir="rtl"`	English (Australia & New Zealand)	English (Australia & New Zealand)	Incorrect
`dir="rtl"` with `LRM`	English (Australia & New Zealand)`U+200E`	English (Australia & New Zealand)‎	Correct
`dir="rtl"` with `LRE` & `PDF`	`U+202A`English (Australia & New Zealand)`U+202C`	‪English (Australia & New Zealand)‬	Correct
`dir="rtl"` with `LRO` & `PDF`	`U+202D`English (Australia & New Zealand)`U+202C`	‭English (Australia & New Zealand)‬	Correct

In choosing which of the three methods to use, in the majority of cases, the LRM or RLM to put a "strong" character to fully enclose an ambiguous punctuation character and thus make it inherit the correct directionality is sufficient.

Within some cases, there may be mixed scripts of a left-to-right and right-to-left direction, so using LRE & RLE with PDF may be more appropriate. Lastly, in very rare instances where directionality must be forced, then use LRO & RLO with PDF.

For further information on authoring techniques of bi-directional text, please see the W3C tutorial on authoring techniques for XHTML pages with bi-directional text.

Working with placeholders:

As phpBB is translated into languages with different ordering rules to that of English, it is possible to show specific values in any order deemed appropriate. Take for example the extremely simple "Page X of Y", whilst in English this could just be coded as:

	...
'PAGE_OF'	=>	'Page %s of %s',
		/* Just grabbing the replacements as they
		come and hope they are in the right order */
	...

… a clearer way to show explicit replacement ordering is to do:

	...
'PAGE_OF'	=>	'Page %1$s of %2$s',
		/* Explicit ordering of the replacements,
		even if they are the same order as English */
	...

Why bother at all? Because some languages, the string transliterated back to English might read something like:

	...
'PAGE_OF'	=>	'Total of %2$s pages, currently on page %1$s',
		/* Explicit ordering of the replacements,
		reversed compared to English as the total comes first */
	...

6.iii. Writing Style

Miscellaneous tips & hints:

As the language files are PHP files, where the various strings for phpBB are stored within an array which in turn are used for display within an HTML page, rules of syntax for both must be considered. Potentially problematic characters are: ' (straight quote/apostrophe), " (straight double quote), < (less-than sign), > (greater-than sign) and & (ampersand).

// Bad - The un-escapsed straight-quote/apostrophe will throw a PHP parse error

	...
'CONV_ERROR_NO_AVATAR_PATH'
	=>	'Note to developer: you must specify $convertor['avatar_path'] to use %s.',
	...

// Good - Literal straight quotes should be escaped with a backslash, ie: \

	...
'CONV_ERROR_NO_AVATAR_PATH'
	=>	'Note to developer: you must specify $convertor[\'avatar_path\'] to use %s.',
	...

However, because phpBB3 now uses UTF-8 as its sole encoding, we can actually use this to our advantage and not have to remember to escape a straight quote when we don't have to:

// Bad - The un-escapsed straight-quote/apostrophe will throw a PHP parse error

	...
'USE_PERMISSIONS'	=>	'Test out user's permissions',
	...

// Okay - However, non-programmers wouldn't type "user\'s" automatically

	...
'USE_PERMISSIONS'	=>	'Test out user\'s permissions',
	...

// Best - Use the Unicode Right-Single-Quotation-Mark character

	...
'USE_PERMISSIONS'	=>	'Test out user’s permissions',
	...

The " (straight double quote), < (less-than sign) and > (greater-than sign) characters can all be used as displayed glyphs or as part of HTML markup, for example:

// Bad - Invalid HTML, as segments not part of elements are not entitised

	...
'FOO_BAR'	=>	'PHP version < 4.3.3.<br />
	Visit "Downloads" at <a href="http://www.php.net/">www.php.net</a>.',
	...

// Okay - No more invalid HTML, but """ is rather clumsy

	...
'FOO_BAR'	=>	'PHP version &lt; 4.3.3.<br />
	Visit &quot;Downloads&quot; at <a href="http://www.php.net/">www.php.net</a>.',
	...

// Best - No more invalid HTML, and usage of correct typographical quotation marks

	...
'FOO_BAR'	=>	'PHP version &lt; 4.3.3.<br />
	Visit “Downloads” at <a href="http://www.php.net/">www.php.net</a>.',
	...

Lastly, the & (ampersand) must always be entitised regardless of where it is used:

// Bad - Invalid HTML, none of the ampersands are entitised

	...
'FOO_BAR'	=>	'<a href="http://somedomain.tld/?foo=1&bar=2">Foo & Bar</a>.',
	...

// Good - Valid HTML, amperands are correctly entitised in all cases

	...
'FOO_BAR'	=>	'<a href="http://somedomain.tld/?foo=1&amp;bar=2">Foo &amp; Bar</a>.',
	...

As for how these charcters are entered depends very much on choice of Operating System, current language locale/keyboard configuration and native abilities of the text editor used to edit phpBB language files. Please see http://en.wikipedia.org/wiki/Unicode#Input_methods for more information.

Spelling, punctuation, grammar, et cetera:

The default language pack bundled with phpBB is British English using Cambridge University Press spelling and is assigned the language code en. The style and tone of writing tends towards formal and translations should emulate this style, at least for the variant using the most compact language code. Less formal translations or those with colloquialisms must be denoted as such via either an extension or privateuse tag within its language code.

What is it?

The auth class contains methods related to authorisation users to access various board functions, e.g. posting, viewing, replying, logging in (and out), etc. If you need to check whether a user can carry out a task or handle user login/logouts this class is required.

Initialisation

To use any methods contained with the auth class it first needs to be instantiated. This is best achieved early in the execution of the script in the following manner:

$auth = new auth();

Once an instance of the class has been created you are free to call the various methods it contains. Please note that should you wish to use the auth_admin methods you will need to instantiate this separately but in the same way.

Following are the methods you are able to use.

2.i. acl

The acl method is the initialisation routine for all the acl functions. If you intend calling any acl method you must first call this. The method takes as its one and only required parameter an associative array containing user information as stored in the database. This array must contain at least the following information; user_id, user_permissions and user_type. It is called in the following way:

$auth->acl(userdata);

Where userdata is the array containing the aforementioned data.

2.ii. acl_get

This method is the primary way of determining what a user can and cannot do for a given option globally or in a given forum. The method should be called in the following way:

$result = $auth->acl_get(option[, forum]);

Where option is a string representing the required option, e.g. 'f_list', 'm_edit', 'a_adduser', etc. By adding a ! in front of the option, e.g. '!f_list' the result of this method will be negated. The optional forum term is the integer forum_id.

The method returns a positive integer when the user is allowed to carry out the option and a zero if denied or the other way around if the option is prefixed with an exclamation mark.

If you specify a forum and there is also a global setting for the specified option then this method will return a positive integer if one of them evaluates to a positive integer. An example would be the m_approve option which can be set per forum but also globally. If a user has the global option he will automatically have m_approve in every forum.

There are some special options or flags which are used as prefixes for other options, e.g. 'f_' or 'm_'. These flags will automatically be set to a positive integer if the user has one or more permissions with the given prefix. A local setting will result in the flag being set only locally (so it will require a forum id to retrieve). If a user has one or more global permissions with the prefix acl_get will return a positive integer regardless of the forum id.

2.iii. acl_gets

This method is funtionally similar to acl_get in that it returns information on whether a user can or cannot carry out a given task. The difference here is the ability to test several different options in one go. This may be useful for testing whether a user is a moderator or an admin in one call. Rather than having to call and check acl_get twice.

The method should be called thus:

$result = $auth->acl_gets(option1[, option2, ..., optionN, forum]);

As with the acl_get method the options are strings representing the required permissions to check. The forum again is an integer representing a given forum_id.

The method will return a positive integer if acl_get for one of the options evaluates to a positive integer (combines permissions with OR).

2.iv. acl_getf

This method is used to find out in which forums a user is allowed to carry out an operation or to find out in which forums he is not allowed to carry out an operation. The method should be called in the following way:

$result = $auth->acl_getf(option[, clean]);

Just like in the acl_get method the option is a string specifying the permission which has to be checked (negation using ! is allowed). The second parameter is a boolean. If it is set to false this method returns all forums with either zero or a positive integer. If it is set to true only those forums with a positive integer as the result will be returned.

The method returns an associative array of the form:

array(forum_id1 => array(option => integer), forum_id2 => ...)

Where option is the option passed to the method and integer is either zero or a positive integer and the same acl_get(option, forum_id) would return.

2.v. acl_getf_global

This method is used to find out whether a user has a permission in at least one forum or globally. This method is similar to checking whether acl_getf(option, true) returned one or more forums but it's faster. It should be called in the following way:

$result = $auth->acl_getf_global(option)

As with the previous methods option is a string specifying the permission which has to be checked.

This method returns either zero or a positive integer.

2.vi. acl_cache

This should be considered a private method and not be called externally. It handles the generation of the user_permissions data from the basic user and group authorisation data. When necessary this method is called automatically by acl.

2.vii. acl_clear_prefetch

This method clears the user_permissions column in the users table for the given user. If the user ID passed is zero, the permissions cache is cleared for all users. This method should be called whenever permissions are set.

// clear stored permissions for user 2
$user_id = 2;
$auth->acl_clear_prefetch($user_id);

This method returns null.

2.viii. acl_get_list

This method returns an an array describing which users have permissions in given fora. The resultant array contains an entry for permission that every user has in every forum when no arguments are passed.

$user_id = array(2, 53);
$permissions = array('f_list', 'f_read');
$forum_id = array(1, 2, 3);
$result = $auth->acl_get_list($user_id, $permissions, $forum_id);

The parameters may be of the following legal types:

$user_id: false, int, array(int, int, int, ...)
$permissions: false, string, array(string, string, ...)
$forum_id: false, int, array(int, int, int, ...)

2.ix. Miscellaneous

There are other methods defined in the auth class which serve mostly as private methods, but are available for use if needed. Each of them is used to pull data directly from the database tables. They are:

function acl_group_raw_data($group_id = false, $opts = false, $forum_id = false)

function acl_user_raw_data($user_id = false, $opts = false, $forum_id = false)

function acl_raw_data_single_user($user_id)

function acl_raw_data($user_id = false, $opts = false, $forum_id = false)

function acl_role_data($user_type, $role_type, $ug_id = false, $forum_id = false)

Of these, acl_raw_data is the most general, but the others will be faster if you need a smaller amount of data.

A number of additional methods are available related to auth. These handle more basic functions such as adding user and group permissions, new options and clearing the user cache. These methods are contained within a separate class, auth_admin. This can be found in includes/acp/auth.php.

To use any methods this class contains it first needs to be instantiated separately from auth. This is achieved in the same way as auth:

$auth_admin = new auth_admin();

This instance gives you access to both the methods of this specific class and that of auth.

What is it?

The hook system allows applicaton and mod developers to hook into phpBB's or their own functions.

Pre-defined hookable phpBB3 functions

In phpBB3 there are four functions you are able to hook into with your custom functions:

phpbb_user_session_handler(); which is called within user::setup after the session and the user object is correctly initialized.
append_sid($url, $params = false, $is_amp = true, $session_id = false); which is called for building urls (appending the session id)
$template->display($handle, $include_once = true); which is called directly before outputting the (not-yet-compiled) template.
exit_handler(); which is called at the very end of phpBB3's execution.

Please note: The $template->display hook takes a third $template argument, which is the template instance being used, which should be used instead of the global.

There are also valid external constants you may want to use if you embed phpBB3 into your application:

PHPBB_MSG_HANDLER (overwrite message handler)
PHPBB_DB_NEW_LINK (overwrite new_link parameter for sql_connect)
PHPBB_ROOT_PATH   (overwrite $phpbb_root_path)
PHPBB_ADMIN_PATH  (overwrite $phpbb_admin_path)
PHPBB_USE_BOARD_URL_PATH (use generate_board_url() for image paths instead of $phpbb_root_path)

/includes/session.php - user::img()
/includes/functions_content.php - smiley_text()

Path locations for the following template variables are affected by this too:

{T_THEME_PATH} - styles/xxx/theme
{T_TEMPLATE_PATH} - styles/xxx/template
{T_SUPER_TEMPLATE_PATH} - styles/xxx/template
{T_IMAGESET_PATH} - styles/xxx/imageset
{T_IMAGESET_LANG_PATH} - styles/xxx/imageset/yy
{T_IMAGES_PATH} - images/
{T_SMILIES_PATH} - $config['smilies_path']/
{T_AVATAR_PATH} - $config['avatar_path']/
{T_AVATAR_GALLERY_PATH} - $config['avatar_gallery_path']/
{T_ICONS_PATH} - $config['icons_path']/
{T_RANKS_PATH} - $config['ranks_path']/
{T_UPLOAD_PATH} - $config['upload_path']/
{T_STYLESHEET_LINK} - styles/xxx/theme/stylesheet.css (or link to style.php if css is parsed dynamically)
New template variable {BOARD_URL} for the board url + script path.

The following examples explain how phpBB3 utilize the in-build hook system. You will be more interested in registering your hooks, but showing you this may help you understand the system better along the way.

First of all, this is how a function need to be layed out if you want to allow it to be hookable...

function my_own_function($my_first_parameter, $my_second_parameter)
{
	global $phpbb_hook;

	if ($phpbb_hook->call_hook(__FUNCTION__, $my_first_parameter, $my_second_parameter))
	{
		if ($phpbb_hook->hook_return(__FUNCTION__))
		{
			return $phpbb_hook->hook_return_result(__FUNCTION__);
		}
	}

	[YOUR CODE HERE]
}

Above, the call_hook function should always be mapping your function call... in regard to the number of parameters passed.

This is how you could make a method being hookable...

class my_hookable_object
{
	function hook_me($my_first_parameter, $my_second_parameter)
	{
		global $phpbb_hook;

		if ($phpbb_hook->call_hook(array(__CLASS__, __FUNCTION__), $my_first_parameter, $my_second_parameter))
		{
			if ($phpbb_hook->hook_return(array(__CLASS__, __FUNCTION__)))
			{
				return $phpbb_hook->hook_return_result(array(__CLASS__, __FUNCTION__));
			}
		}

		[YOUR CODE HERE]
	}
}

The only difference about calling it is the way you define the first parameter. For a function it is only __FUNCTION__, for a method it is array(__CLASS__, __FUNCTION__). In PHP4 __CLASS__ is always returning the class in lowercase.

Now, in phpBB there are some pre-defined hooks available, but how do you make your own hookable function available (and therefore allowing others to hook into it)? For this, there is the add_hook() method:

// Adding your own hookable function:
$phpbb_hook->add_hook('my_own_function');

// Adding your own hookable method:
$phpbb_hook->add_hook(array('my_hookable_object', 'hook_me'));

You are also able to remove the possibility of hooking a function/method by calling $phpbb_hook->remove_hook() with the same parameters as add_hook().
This comes in handy if you want to force some hooks not to be called - at all.

Registering hooks

Now to actually defining your functions which should be called. For this we take the append_sid() function as an example (this function is able to be hooked by default). We create two classes, one being static and a function:

class my_append_sid_class
{
	// Our functions
	function my_append_sid(&$hook, $url, $params = false, $is_amp = true, $session_id = false)
	{
		// Get possible previous results
		$result = $hook->previous_hook_result('append_sid');

		return $result['result'] . '<br />And i was the second one.';
	}
}

// Yet another class :o
class my_second_append_sid_class
{
	function my_append_sid(&$hook, $url, $params = false, $is_amp = true, $session_id = false)
	{
		// Get possible previous results
		$result = $hook->previous_hook_result('append_sid');

		echo $result['result'] . '<br />I was called as the third one.';
	}
}

// And a normal function
function my_append_sid(&$hook, $url, $params = false, $is_amp = true, $session_id = false)
{
	// Get possible previous results
	$result = $hook->previous_hook_result('append_sid');

	return 'I was called as the first one';
}

// Initializing the second class
$my_second_append_sid_class = new my_second_append_sid_class();

Make sure you add the same parameters to your function as is defined for the hookable function with one exception: The first variable is always &$hook... this is the hook object itself you are able to operate on.

Now we register the hooks one by one with the $phpbb_hook->register() method:

// Now, we register our append_sid "replacements" in a stacked way...
// Registering the function (this is called first)
$phpbb_hook->register('append_sid', 'my_append_sid');

// Registering the first class
$phpbb_hook->register('append_sid', array('my_append_sid_class', 'my_append_sid'));
$phpbb_hook->register('append_sid', array(&$my_second_append_sid_class, 'my_append_sid'));

With this you are even able to make your own functions that are already hooked itself being hooked again...

// Registering hook, which will be called
$phpbb_hook->register('append_sid', 'my_own_append_sid');

// Add hook to our called hook function
$phpbb_hook->add_hook('my_own_append_sid');

// Register added hook
$phpbb_hook->register('my_own_append_sid', 'also_my_own_append_sid');

Special treatment/chains

The register method is able to take a third argument to specify a special 'chain' mode. The valid modes are first, last and standalone

$phpbb_hook->register('append_sid', 'my_own_append_sid', 'first') would make sure that the function is called in the beginning of the chain. It is possible that more than one function is called within the first block - here the FIFO principle is used.

$phpbb_hook->register('append_sid', 'my_own_append_sid', 'last') would make sure that the function is called at the very end of the chain. It is possible that more than one function is called within the last block - here the FIFO principle is used.

$phpbb_hook->register('append_sid', 'my_own_append_sid', 'standalone') makes sure only the defined function is called. All other functions are removed from the chain and no other functions are added to it later on. If two applications try to trigger the standalone mode a PHP notice will be printed and the second function being discarded.

Only allowing hooks for some objects

Because the hook system is not able to differate between initialized objects and only operate on the class, you need to solve this on the code level.

One possibility would be to use a property:

class my_hookable_object
{
	function blabla()
	{
	}
}

class my_hookable_object2 extends my_hookable_object
{
	var $call_hook = true;

	function hook_me($my_first_parameter, $my_second_parameter)
	{
		if ($this->call_hook)
		{
			global $phpbb_hook;

			if ($phpbb_hook->call_hook(array(__CLASS__, __FUNCTION__), $my_first_parameter, $my_second_parameter))
			{
				if ($phpbb_hook->hook_return(array(__CLASS__, __FUNCTION__)))
				{
					return $phpbb_hook->hook_return_result(array(__CLASS__, __FUNCTION__));
				}
			}
		}

		return 'not hooked';
	}
}

function hooking(&$hook, $first, $second)
{
	return 'hooked';
}

$first_object = new my_hookable_object2();
$second_object = new my_hookable_object2();

$phpbb_hook->add_hook(array('my_hookable_object2', 'hook_me'));

$phpbb_hook->register(array('my_hookable_object2', 'hook_me'), 'hooking');

// Do not call the hook for $first_object
$first_object->call_hook = false;

echo $first_object->hook_me('first', 'second') . '<br />';
echo $second_object->hook_me('first', 'second') . '<br />';

OUTPUT:

not hooked
hooked

A different possibility would be using a function variable (which could be left out on passing the function variables to the hook):

class my_hookable_object
{
	function blabla()
	{
	}
}

class my_hookable_object2 extends my_hookable_object
{
	function hook_me($my_first_parameter, $my_second_parameter, $hook_me = true)
	{
		if ($hook_me)
		{
			global $phpbb_hook;

			if ($phpbb_hook->call_hook(array(__CLASS__, __FUNCTION__), $my_first_parameter, $my_second_parameter))
			{
				if ($phpbb_hook->hook_return(array(__CLASS__, __FUNCTION__)))
				{
					return $phpbb_hook->hook_return_result(array(__CLASS__, __FUNCTION__));
				}
			}
		}

		return 'not hooked';
	}
}

function hooking(&$hook, $first, $second)
{
	return 'hooked';
}

$first_object = new my_hookable_object2();
$second_object = new my_hookable_object2();

$phpbb_hook->add_hook(array('my_hookable_object2', 'hook_me'));

$phpbb_hook->register(array('my_hookable_object2', 'hook_me'), 'hooking');

echo $first_object->hook_me('first', 'second', false) . '<br />';
echo $second_object->hook_me('first', 'second') . '<br />';

OUTPUT:

not hooked
hooked

Generally, the distinction has to be made if a function returns the result obtained from the called function or continue the execution. Based on the needs of the application this may differ. Therefore, the function returns the results only if the called hook function is returning a result.

Case 1 - Returning the result

Imagine the following function supporting hooks:

function append_sid($url, $params = false, $is_amp = true, $session_id = false)
{
	global $_SID, $_EXTRA_URL, $phpbb_hook;

	// Developers using the hook function need to globalise the $_SID and $_EXTRA_URL on their own and also handle it appropiatly.
	// They could mimick most of what is within this function
	if ($phpbb_hook->call_hook(__FUNCTION__, $url, $params, $is_amp, $session_id))
	{
		if ($phpbb_hook->hook_return(__FUNCTION__))
		{
			return $phpbb_hook->hook_return_result(__FUNCTION__);
		}
	}

	[...]
}

Now, the following function is yours. Since you return a value, the append_sid() function itself is returning it as is:

// The function called
function my_append_sid(&$hook, $url, $params = false, $is_amp = true, $session_id = false)
{
	// Get possible previous results
	$result = $hook->previous_hook_result('append_sid');

	return 'Since i return something the append_sid() function will return my result.';
}

To be able to get the results returned from functions higher in the change the previous_hook_result() method should always be used, it returns an array('result' => [your result]) construct.

Case 2 - Not Returning any result

Sometimes applications want to return nothing and therefore force the underlying function to continue it's execution:

function append_sid($url, $params = false, $is_amp = true, $session_id = false)
{
	global $_SID, $_EXTRA_URL, $phpbb_hook;

	// Developers using the hook function need to globalise the $_SID and $_EXTRA_URL on their own and also handle it appropiatly.
	// They could mimick most of what is within this function
	if ($phpbb_hook->call_hook(__FUNCTION__, $url, $params, $is_amp, $session_id))
	{
		if ($phpbb_hook->hook_return(__FUNCTION__))
		{
			return $phpbb_hook->hook_return_result(__FUNCTION__);
		}
	}

	[...]
}

// The function called
function my_append_sid(&$hook, $url, $params = false, $is_amp = true, $session_id = false)
{
	// Get possible previous results
	$result = $hook->previous_hook_result('append_sid');

	[...]

	// I only rewrite some variables, but return nothing. Therefore, the append_sid() function will not return my (non)result.
}

Please Note: The decision to return or not return is solely made of the very last function call within the hook chain. An example:

// The function called
function my_append_sid(&$hook, $url, $params = false, $is_amp = true, $session_id = false)
{
	// Get possible previous results
	$result = $hook->previous_hook_result('append_sid');

	// $result is not filled

	return 'FILLED';
}

// This function is registered too and gets executed after my_append_sid()
function my_own_append_sid(&$hook, $url, $params = false, $is_amp = true, $session_id = false)
{
	$result = $hook->previous_hook_result('append_sid');

	// $result is actually filled with $result['result'] = 'FILLED'
	// But i return nothing, therefore append_sid() continues it's execution.
}

// The way both functions are registered.
$phpbb_hook->register('append_sid', 'my_append_sid');
$phpbb_hook->register('append_sid', 'my_own_append_sid');

There are basically two methods you are able to choose from:

1) Add a file to includes/hooks/. The file need to be prefixed by hook_. This file is included within common.php, you are able to register your hooks, include other files or functions, etc. It is advised to only include other files if needed (within a function call for example).

Please be aware that you need to purge your cache within the ACP to make your newly placed file available to phpBB3.

2) The second method is meant for those wanting to wrap phpBB3 without placing a custom file to the hooks directory. This is mostly done by including phpBB's files within the application file. To be able to register your hooks you need to create a function within your application:

// My function which gets executed within the hooks constuctor
function phpbb_hook_register(&$hook)
{
	$hook->register('append_sid', 'my_append_sid');
}

[...]

You should get the idea. ;)

If you have basic knowledge of using FTP and are sure your hosting service or server will run phpBB3 you can use these steps to quickly get started. For a more detailed explanation you should skip this and go to section 2 below.

Decompress the phpBB3 archive to a local directory on your system.
Upload all the files contained in this archive (retaining the directory structure) to a web accessible directory on your server or hosting account.
Change the permissions on config.php to be writable by all (666 or -rw-rw-rw- within your FTP Client)
Change the permissions on the following directories to be writable by all (777 or -rwxrwxrwx within your FTP Client):
store/, cache/, files/ and images/avatars/upload/.
Point your web browser to the location where you uploaded the phpBB3 files with the addition of install/index.php or simply install/, e.g. http://www.example.com/phpBB3/install/index.php, http://www.example.com/forum/install/.
Click the INSTALL tab, follow the steps and fill out all the requested information.
Change the permissions on config.php to be writable only by yourself (644 or -rw-r--r-- within your FTP Client)
phpBB3 should now be available, please MAKE SURE you read at least Section 6 below for important, security related post-installation instructions, and also take note of Section 7 regarding anti-spam measures.

If you experienced problems or do not know how to proceed with any of the steps above please read the rest of this document.

phpBB 3.0.x has a few requirements which must be met before you are able to install and use it.

A webserver or web hosting account running on any major Operating System with support for PHP
A SQL database system, one of:
- MySQL 3.23 or above (MySQLi supported)
- PostgreSQL 7.3+
- SQLite 2.8.2+ (SQLite 3 is not supported)
- Firebird 2.1+
- MS SQL Server 2000 or above (directly or via ODBC or the native adapter)
- Oracle
PHP (>=4.3.3, >=4.4.0, >=5.0.0) with support for the database you intend to use.
getimagesize() function must be enabled.
Presence of the following modules within PHP will provide access to additional features, but they are not required:
- zlib Compression support
- Remote FTP support
- XML support
- Imagemagick support
- GD Support

If your server or hosting account does not meet the requirements above then you will be unable to install phpBB 3.0.x.

Installation of phpBB3 will vary according to your server and database. If you have shell access to your account (via telnet or ssh for example) you may want to upload the entire phpBB3 archive (in binary mode!) to a directory on your host and unarchive it there.

If you do not have shell access or do not wish to use it, you will need to decompress the phpBB3 archive to a local directory on your system using your favourite compression program, e.g. winzip, rar, zip, etc. From there you must FTP ALL the files it contains (being sure to retain the directory structure and filenames) to your host. Please ensure that the cases of filenames are retained, do NOT force filenames to all lower or upper case as doing so will cause errors later.

All .php, .sql, .cfg, .css, .js, .html, .htaccess and .txt files should be uploaded in ASCII mode, while all graphics should be uploaded in BINARY mode. If you are unfamiliar with what this means please refer to your FTP client documentation. In most cases this is all handled transparantly by your ftp client, but if you encounter problems later you should be sure the files were uploaded correctly as described here.

phpBB3 comes supplied with British English as its standard language. However, a number of separate packs for different languages are available. If you are not a native English speaker you may wish to install one or more of these packages before continuing. The installation process below will allow you to select a default language from those available (you can, of course, change this default at a later stage). For more details on language packs, where to obtain them and how to install them please see the README.

Once all the files have been uploaded to your site, you should point your browser at this location with the addition of /install/. For example, if your domain name is www.example.com and you placed the phpBB3 files in the directory /phpBB3 off your web root you would enter http://www.example.com/phpBB3/install/ or (alternatively) http://www.example.com/phpBB3/install/index.php into your browser. When you have done this, you should see the phpBB3 Introduction screen appear.

Introduction:

The initial screen gives you a short introduction into phpBB. It allows you to read the license phpBB3 is released under (General Public License v2) and provides information about how you can receive support. To start the installation, use the INSTALL tab.

Requirements

The first page you will see after starting the installation is the Requirements list. phpBB3 automatically checks whether everything that it needs to run properly is installed on your server. You need to have at least the minimum PHP version installed, and at least one database available to continue the installation. Also important, is that all shown folders are available and have the correct permissions. Please see the description of each section to find out whether they are optional or required for phpBB3 to run. If everything is in order, you can continue the installation with Start Install.

Database settings

You now have to decide which database to use. See the Requirements section for information on which databases are supported. If you do not know your database settings, please contact your host and ask for them. You will not be able to continue without them. You need:

The Database Type - the database you will be using.
The Database server hostname or DSN - the address of the database server.
The Database server port - the port of the database server (most of the time this is not needed).
The Database name - the name of the database on the server.
The Database username and Database password - the login data to access the database.

Note: if you are installing using SQLite, you should enter the full path to your database file in the DSN field and leave the username and password fields blank. For security reasons, you should make sure that the database file is not stored in a location accessible from the web.

You don't need to change the Prefix for tables in database setting, unless you plan on using multipe phpBB installations on one database. In this case, you can use a different prefix for each installation to make it work.

After you entered your details, you can continue with the Proceed to next step button. Now phpBB3 will check whether the data you entered will lead to a successful database connection and whether tables with the same prefix already exist.

A Could not connect to the database error means that you didn't enter the database data correctly and it is not possible for phpBB to connect. Make sure that everything you entered is in order and try again. Again, if you are unsure about your database settings, please contact your host.

If you installed another version of phpBB before on the same database with the same prefix, phpBB will inform you and you just need to enter a different database prefix.

If you see the Successful Connection message, you can continue to the next step.

Administrator details

Now you have to create your administration user. This user will have full administration access and he/she will be the first user on your forum. All fields on this page are required. You can also set the default language of your forum on this page. In a vanilla phpBB3 installation, we only include British English. You can download further languages from www.phpbb.com, and add them before installing or later.

Configuration file

In this step, phpBB will try to write the configuration file automatically. The forum needs the configuration file in order to operate. It contains all the database settings, so without it, phpBB will not be able to access the database.

Usually, writing the configuration file automatically works fine. If the file permissions are not set correctly, this process can fail. In this case, you need to upload the file manually. phpBB asks you to download the config.php file and tells you what to do with it. Please read the instructions carefully. After you have uploaded the file, use Done to get to the last step. If Done returns you to the same page as before, and does not return a success message, you did not upload the file correctly.

Advanced settings

The Advanced settings allow you to set additional parameters of the board configuration. They are optional and you can always change them later. So, even if you are not sure what these settings mean, you can still proceed to the final step and finish the installation.

If the installation was successful, you can now use the Login button to visit the Administration Control Panel. Congratulations, you have installed phpBB successfully. But there is still work ahead!

If you are unable to get phpBB3 installed even after reading this guide, please look at the support section of the installer's introduction page to find out where you can ask for further assistance.

At this point if you are converting from phpBB 2.0.x, you should refer to the conversion steps for further information. If not, you should remove the install directory from your server as you will only be able to access the Administration Control Panel whilst it is present.

If you are currently using a stable release of phpBB3, updating to this version is straightforward. You would have downloaded one of four packages and your choice determines what you need to do. Note: Before updating, we heavily recommend you do a full backup of your database and existing phpBB3 files! If you are unsure how to achieve this please ask your hosting provider for advice.

Please make sure you update your phpBB3 source files too, even if you run the database_update.php file.

4.i. Full package

The full package is normally meant for new installations only, but if you want to replace all source files, this package comes in handy.

First, you should make a copy of your existing config.php file; keep it in a safe place! Next, delete all the existing phpBB3 files, you may want to leave your files/ and images/ directorie in place. You can leave alternative styles in place too. With this complete, you can upload the new phpBB files (see New installation for details if necessary). Once complete, copy back your saved config.php, replacing the new one. Another method is to just replace the existing files with the files from the full package - though make sure you do not overwrite your config.php file.

You should now run install/database_update.php which, depending on your previous version, will make a number of database changes. You may receive FAILURES during this procedure. They should not be a cause for concern unless you see an actual ERROR, in which case the script will stop (in this case you should seek help via our forums or bug tracker).

Once install/database_update.php has completed, you may proceed to the Administration Control Panel and then remove the install directory as advised.

4.ii. Changed files

This package is meant for those wanting to only replace the files that were changed between a previous version and the latest version.

This package contains a number of archives, each contains the files changed from a given release to the latest version. You should select the appropriate archive for your current version, e.g. if you currently have 3.0.11 you should select the appropriate phpBB-3.0.12-files.zip/tar.bz2 file.

The directory structure has been preserved, enabling you (if you wish) to simply upload the uncompressed contents of the archive to the appropriate location on your server, i.e. simply overwrite the existing files with the new versions. Do not forget that if you have installed any modifications (MODs) these files will overwrite the originals, possibly destroying them in the process. You will need to re-add MODs to any affected file before uploading.

As for the other update procedures, you should run install/database_update.php after you have finished updating the files. This will update your database schema and increment the version number.

4.iii. Patch file

The patch file package is for those wanting to update through the patch application, and should only be used by those who are comfortable with it.

The patch file is one solution for those with many Modifications (MODs) or other changes and do not want to re-add them back to all the changed files. To use this you will need command line access to a standard UNIX type patch application. If you do not have access to such an application, but still want to use this update approach, we strongly recommend the Automatic update package explained below. It is also the recommended update method.

A number of patch files are provided to allow you to update from previous stable releases. Select the correct patch, e.g. if your current version is 3.0.11, you need the phpBB-3.0.12-patch.zip/tar.bz2 file. Place the correct patch in the parent directory containing the phpBB core files (i.e. index.php, viewforum.php, etc.). With this done you should run the following command: patch -cl -d [PHPBB DIRECTORY] -p1 < [PATCH NAME] (where PHPBB DIRECTORY is the directory name your phpBB Installation resides in, for example phpBB, and where PATCH NAME is the relevant filename of the selected patch file). This should complete quickly, hopefully without any HUNK FAILED comments.

If you do get failures, you should look at using the Changed Files package to replace the files which failed to patch. Please note that you will need to manually re-add any MODs to these particular files. Alternatively, if you know how, you can examine the .rej files to determine what failed where and make manual adjustments to the relevant source.

You should, of course, delete the patch file (or files) after use. As for the other update procedures, you should run install/database_update.php after you have finished updating the files. This will update your database schema and data (if appropriate) and increment the version number.

4.iv. Automatic update package

This update method is the recommended method for updating. This package detects changed files automatically and merges in changes if needed.

The automatic update package will update the board from a given version to the latest version. A number of automatic update files are available, and you should choose the one that corresponds to the version of the board that you are currently running. For example, if your current version is 3.0.11, you need the phpBB-3.0.11_to_3.0.12.zip/tar.bz2 file.

To perform the update, either follow the instructions from the Administration Control Panel->System Tab - this should point out that you are running an outdated version and will guide you through the update - or follow the instructions listed below.

Go to the downloads page and download the latest update package listed there, matching your current version.
Upload the uncompressed archive contents to your phpBB installation - only the install folder is required. Upload the whole install folder, retaining the file structure.
After the install folder is present, phpBB3 will go offline automatically.
Point your browser to the install directory, for example http://www.example.com/phpBB3/install/
Choose the "Update" Tab and follow the instructions

4.v. All package types

If you have non-English language packs installed, you may want to see if a new version has been made available. A number of missing strings may have been added which, though not essential, may be beneficial to users. Please note that at this time not all language packs have been updated so you should be prepared to periodically check for updates.

These update methods will only update the standard styles, prosilver and subsilver2, any other styles you have installed for your board will usually also need to be updated.

This paragraph explains the steps necessary to convert your existing phpBB2 installation to phpBB3.

5.i. Requirements before converting

Before converting, we heavily recommend you do a full backup of your database and files! If you are unsure how to achieve this, please ask your hosting provider for advice. You basically need to follow the instructions given for New installations. Please do not overwrite any old files - install phpBB3 at a different location.

Once you made a backup of everything and also have a brand new phpBB3 installation, you can now begin the conversion.

Note that the conversion requires CREATE and DROP privileges for the phpBB3 database user account.

5.ii. Converting

To begin the conversion, visit the install/ folder of your phpBB3 installation (the same as you have done for installing). Now you will see a new tab Convert. Click this tab.

As with install, the conversion is automated. Your previous 2.0.x database tables will not be changed and the original 2.0.x files will remain unaltered. The conversion is actually only filling your phpBB3 database tables and copying additional data over to your phpBB3 installation. This has the benefit that if something goes wrong, you are able to either re-run the conversion or continue a conversion, while your old board is still accessible. We really recommend that you disable your old installation while converting, else you may have inconsistent data after the conversion.

Please note that this conversion process may take quite some time and depending on your hosting provider this may result in it failing (due to web server resource limits or other timeout issues). If this is the case, you should ask your provider if they are willing to allow the convert script to temporarily exceed their limits (be nice and they will probably be quite helpful). If your host is unwilling to increase the limits to run the convertor, please see this article for performing the conversion on your local machine: Knowledge Base - Offline Conversions

Once completed, your board should be immediately available. If you encountered errors, you should report the problems to our bug tracker or seek help via our forums (see README for details).

5.iii. Things to do after conversion

After a successful conversion, there may be a few items you need to do - apart from checking if the installation is accessible and everything displayed correctly.

The first thing you may want to do is to go to the administration control panel and check every configuration item within the general tab. Thereafter, you may want to adjust the forum descriptions/names if you entered HTML there. You also may want to access the other administrative sections, e.g. adjusting permissions, smilies, icons, ranks, etc.

During the conversion, the search index is not created or transferred. This means after conversion you are not able to find any matches if you want to search for something. We recommend you rebuild your search index within Administration Control Panel -> Maintenance -> Database -> Search Index.

After verifying the settings in the ACP, you can delete the install directory to enable the board. The board will stay disabled until you do so.

Once you are pleased with your new installation, you may want to give it the name of your old installation, changing the directory name. With phpBB3 this is possible without any problems, but you may still want to check your cookie settings within the administration panel; in case your cookie path needs to be adjusted prior to renaming.

5.iv. Common conversion problems

Broken non-latin characters The conversion script assumes that the database encoding in the source phpBB2 matches the encoding defined in the lang_main.php file of the default language pack of the source installation. Edit that file to match the database's encoding and re-start the conversion procedure.

http 500 / white pages The conversion is a load-heavy procedure. Restrictions imposed by some server hosting providers can cause problems. The most common causes are: values too low for the PHP settings memory_limit and max_execution_time. Limits on the allowed CPU time are also a frequent cause for such errors, as are limits on the number of database queries allowed. If you cannot change such settings, then contact your hosting provider or run the conversion procedure on a different computer. The phpBB.com forums are also an excellent location to ask for support.

Password conversion Due to the utf-8 based handling of passwords in phpBB3, it is not always possible to transfer all passwords. For passwords "lost in translation" the easiest workaround is to use the I forgot my password link on the login page.

Path to your former board The convertor expects the relative path to your old board's files. So, for instance, if the old board is located at http://www.yourdomain.com/forum and the phpBB3 installation is located at http://www.yourdomain.com/phpBB3, then the correct value would be ../forum. Note that the webserver user must be able to access the source installation's files.

Missing images If your default board language's language pack does not include all images, then some images might be missing in your installation. Always use a complete language pack as default language.

Smilies During the conversion you might see warnings about image files where the copying failed. This can happen if the old board's smilies have the same file names as those on the new board. Copy those files manually after the conversion, if you want to continue using the old smilies.

Once you have successfully installed phpBB3 you MUST ensure you remove the entire install/ directory. Leaving the install directory in place is a very serious potential security issue which may lead to deletion or alteration of files, etc. Please note that until this directory is removed, phpBB will not operate and a warning message will be displayed. Beyond this essential deletion, you may also wish to delete the docs/ directory if you wish.

With these directories deleted, you should proceed to the administration panel. Depending on how the installation completed, you may have been directed there automatically. If not, login as the administrator you specified during install/conversion and click the Administration Control Panel link at the bottom of any page. Ensure that details specified on the General tab are correct!

6.i. Uploadable avatars

phpBB3 supports several methods for allowing users to select their own avatar (an avatar is a small image generally unique to a user and displayed just below their username in posts).

Two of these options allow users to upload an avatar from their machine or a remote location (via a URL). If you wish to enable this function you should first ensure the correct path for uploadable avatars is set in Administration Control Panel -> General -> Board Configuration -> Avatar settings. By default this is images/avatars/uploads, but you can set it to whatever you like, just ensure the configuration setting is updated. You must also ensure this directory can be written to by the webserver. Usually this means you have to alter its permissions to allow anyone to read and write to it. Exactly how you should do this depends on your FTP client or server operating system.

On UNIX systems, for example, you set the directory to a+rwx (or ugo+rwx or even 777). This can be done from a command line on your server using chmod or via your FTP client (using the Change Permissions, chmod or other Permissions dialog box, see your FTP client's documentation for help). Most FTP clients list permissions in the form of User (Read, Write, Execute), Group (Read, Write, Execute) and Other (Read, Write, Execute). You need to tick all of these boxes to set correct permissions.

On Windows systems, you need to ensure the directory is not write-protected and that it has global write permissions (see your server's documentation or contact your hosting provider if you are unsure on how to achieve this).

Please be aware that setting a directory's permissions to global write access is a potential security issue. While it is unlikely that anything nasty will occur (such as all the avatars being deleted) there are always people out there to cause trouble. Therefore you should monitor this directory and if possible make regular backups.

6.ii. Webserver configuration

Depending on your web server, you may have to configure your server to deny web access to the cache/, files/, store/ and other directories. This is to prevent users from accessing sensitive files.

For Apache there are .htaccess files already in place to do this for you. Similarly, for Windows based servers using IIS there are web.config files already in place to do this for you. For other webservers, you will have to adjust the configuration yourself. Sample files for nginx and lighttpd to help you get started may be found in docs/ directory.

Like any online site that allows user input, your board could be subject to unwanted posts; often referred to as forum spam. The vast majority of these attacks will be from automated computer programs known as spambots. The attacks, generally, are not personal as the spammers are just trying to find accessible targets. phpBB has a number of anti-spam measures built in, including a range of CAPTCHAs. However, administrators are strongly urged to read and follow the advice for Preventing Spam in phpBB as soon as possible after completing the installation of your board.

This application is opensource software released under the GNU General Public License v2. Please see the source code and docs/ directory for more details. This package and its contents are Copyright © phpBB Group, All Rights Reserved.

1.i. Changes since 3.0.11

Bug

[PHPBB3-6723] - Empty message in deleted messages in PM history
[PHPBB3-7262] - Clarify docs about is_dynamic not being updated by set_config()
[PHPBB3-8319] - LOCAL_URL not enforced in bbcodes
[PHPBB3-9551] - Mysql fulltext index creation fails due to partial collation change
[PHPBB3-9975] - Hard coded language in sessions.php
[PHPBB3-10184] - Bots can be sent private messages
[PHPBB3-10491] - Fatal error in functional tests when server returns 404
[PHPBB3-10568] - Modify the trigger language when you edit a PM
[PHPBB3-10602] - A bug in mail queue processing
[PHPBB3-10661] - UCP > PM > Compose > enumerated recipients > BCC group misses a   (prosilver)
[PHPBB3-10678] - Provide Firebird, Oracle, and increased MSSQL support in unit tests
[PHPBB3-10772] - trigger_error is using the default style
[PHPBB3-10789] - PM print template (prosilver) with unnecessary variables
[PHPBB3-10820] - Display images directly in IE9 and 10 instead of download
[PHPBB3-10828] - PostgreSQL dbal tests try to connect to the database named as user specified in configuration
[PHPBB3-10838] - Functional tests are not mentioned in RUNNING_TESTS.txt
[PHPBB3-10840] - If you add a member to a group, the form_token can be set to 0 if the creation_time is 0 too. Maybe even if creation_time is unchanged.
[PHPBB3-10848] - Wrong redirect to installer from acp
[PHPBB3-10850] - create_schema_files.php is not creating the oracle or postgres' schema file properly
[PHPBB3-10879] - prosilver: attachment-link will be displayed wrong, when filename is too long
[PHPBB3-10880] - m_approve should not imply f_noapprove
[PHPBB3-10896] - board_email & board_contact are not validated as email addresses in ACP
[PHPBB3-10897] - Bot Definitions are outdated
[PHPBB3-10918] - docs/INSTALL.html claims there are tar.gz packages
[PHPBB3-10943] - Search Box should display keywords entered by the user
[PHPBB3-10967] - PHPBB_USE_BOARD_URL_PATH not implemented in posting_gen_topic_icons
[PHPBB3-10986] - Invalid email message ids because config variable server_name is used even when force server URL settings is disabled
[PHPBB3-10995] - Return value of $db->sql_fetchrow() on empty tables is not consistent on mssqlnative
[PHPBB3-10996] - Travis tests fail on Postgres because database does not exist
[PHPBB3-11034] - The functional test case framework does not install a full board each time
[PHPBB3-11066] - MSSQLnative driver contains debug code error_reporting(E_ALL)
[PHPBB3-11069] - missing closing span in subsilver2 simple_footer.html
[PHPBB3-11081] - Duplicated /TD in styles/subsilver2/template/catpcha_qa.html
[PHPBB3-11093] - acp_users_overview.html has a wrongly placed </dd>
[PHPBB3-11094] - prosilver: searching for users: no textbox for Jabber
[PHPBB3-11105] - Missing mandatory space in meta http-equiv=refresh
[PHPBB3-11112] - phpBB Footer Link should be SSL
[PHPBB3-11122] - Update docs/AUTHORS for 3.0.12-RC1
[PHPBB3-11144] - {FORUM_NAME} is not filled in login mask when logging into a password protected forum
[PHPBB3-11145] - ATTACHED_IMAGE_NOT_IMAGE thrown because of file limit in php.ini
[PHPBB3-11158] - modules table lacks acl_u_sig for signature module
[PHPBB3-11159] - Coding guidelines: static public
[PHPBB3-11164] - Composer not finding symfony/config in PHP 5.3.3
[PHPBB3-11178] - database_update.php should not set error_reporting to E_ALL
[PHPBB3-11186] - Database unit tests fail on windows using sqlite2
[PHPBB3-11190] - Functional tests do not clear the cache between each test
[PHPBB3-11196] - /includes/session.php sends 401 HTTP status with "Not authorized" instead of "Unauthorized"
[PHPBB3-11219] - Database sequences are not updated for tests using fixtures with auto_incremented columns
[PHPBB3-11227] - @return void -> @return null
[PHPBB3-11233] - Anonymous can be selected as a PM recipient
[PHPBB3-11248] - CRLF line endings
[PHPBB3-11262] - .lock files are not in .gitignore
[PHPBB3-11265] - Functional tests do not assert that board installation succeeded
[PHPBB3-11269] - Travis functional test case errors
[PHPBB3-11278] - Firebird tables are not removed correctly on 3.0.9-rc1 update
[PHPBB3-11291] - "Could not open input file: ../composer.phar" error during phing's create-package
[PHPBB3-11292] - Newlines removed in display of PM reports, no clickable links in PM reports
[PHPBB3-11301] - "String offset cast occured" error on PHP 5.4
[PHPBB3-11304] - check_form_key breaks in tests when form is submitted in the same second it is retrieved
[PHPBB3-11343] - Loose string comparison during new password activation
[PHPBB3-11355] - Incorrect error message when no user selected for action on group membership management page
[PHPBB3-11358] - Success message even withot selecting a user and performing a group operation
[PHPBB3-11361] - "Array to string conversion" error in $user->format_date()
[PHPBB3-11493] - Functional tests should fail if any debug output is made
[PHPBB3-11517] - Numbering is wrong in coding guidelines
[PHPBB3-11536] - Installer incorrectly removes /install from script_path
[PHPBB3-11537] - UCP group manage page's error box differs heavily from the rest of the UCP
[PHPBB3-11538] - SQL error on UCP groups manage page caused by setting color to 7 characters long string
[PHPBB3-11544] - Add admin_login() to 3.0 functional test case
[PHPBB3-11545] - is_absolute() should not depend on DIRECTORY_SEPARATOR
[PHPBB3-11546] - is_absolute() throws E_NOTICE for empty string
[PHPBB3-11547] - Test fixtures do not support utf8 characters
[PHPBB3-11548] - Untranslated TOO_SHORT in UCP "Manage Groups"
[PHPBB3-11566] - Reporting a post should require a captcha to be solved by guests
[PHPBB3-11568] - Functional tests fail with retrieving install pages using file_get_contents
[PHPBB3-11575] - phpbb_dbal_order_lower_test::test_cross_join should be called test_order_lower
[PHPBB3-11578] - Missing underscore after function prefix in validate_data()
[PHPBB3-11579] - Add unit tests for validate_data()
[PHPBB3-11580] - Avoid API Limit from composer downloads on github
[PHPBB3-11588] - install/install_update.php should use version.phpbb.com instead of www
[PHPBB3-11590] - Close database connections from tests whenever possible
[PHPBB3-11601] - Allow manual resync of database columns in unit tests not only on fixture load
[PHPBB3-11603] - git-tools use invalid api urls
[PHPBB3-11604] - Functional tests fail when phpBB can not create the config file
[PHPBB3-11617] - Missing U_ACTION in acp_captcha.php
[PHPBB3-11618] - Template tests fail on some systems due to a PHP error in glob()
[PHPBB3-11619] - get_remote_file() should use HTTP 1.0
[PHPBB3-11630] - Improvements to the PHP lint pre-commit hook
[PHPBB3-11644] - Skip phpbb_dbal_order_lower_test on MySQL 5.6
[PHPBB3-11662] - "occured" should be "occurred"
[PHPBB3-11670] - Replace trademark ™ with ® on "Welcome to phpBB" install page
[PHPBB3-11674] - Do not include vendor folder if there are no dependencies.
[PHPBB3-11524] - MySQL Upgrader throws warnings on PHP 5.4
[PHPBB3-11720] - Reporting posts leads to white page error
[PHPBB3-11769] - Wrong poster in subscription email when poster is using the Quote button
[PHPBB3-11775] - Error while moving posts to a new topic
[PHPBB3-11802] - Undefined variable $browser in /download/file.php

Improvement

[PHPBB3-8743] - New topic / reply notifications do not contain author's name.
[PHPBB3-10050] - subsilver2: Do not show "Mark topics as read" when there are no topics
[PHPBB3-10205] - More informative reporting of errors when database connection fails (MySQL and others)
[PHPBB3-10716] - PHP-parse all php files as part of the test suite
[PHPBB3-10841] - Disable style and language selectors if there's only one installed.
[PHPBB3-10854] - sql server drop default constraint when dropping column
[PHPBB3-10865] - Updated and Added to docs/INSTALL.html
[PHPBB3-10873] - Change language entry for deleted PMs
[PHPBB3-10981] - Upgrade Goutte and use Composer for Installation
[PHPBB3-11131] - Phrasing & semantics of Board settings
[PHPBB3-11162] - Get rid of $db->sql_return_on_error(true) trickery when splitting/merging topics
[PHPBB3-11192] - Add Tebibyte to get_formatted_filesize()
[PHPBB3-11202] - Add response status checks to functional tests
[PHPBB3-11220] - Improve tooltip explaining the [list=] - BBcode
[PHPBB3-11238] - Specify goutte version
[PHPBB3-11285] - Use more granularity in dependency checks in compress test
[PHPBB3-11293] - Prefer mysqli over mysql due to php 5.5 alpha 2 deprecating mysql
[PHPBB3-11294] - Update extension list in running tests doc
[PHPBB3-11368] - Latest pm reports row count
[PHPBB3-11583] - InnoDB supports FULLTEXT index since MySQL 5.6.4.
[PHPBB3-11740] - Update link in FAQ to Ideas Centre
[PHPBB3-11873] - Prevent expensive hash computation in phpbb_check_hash() by rejecting very long passwords

Sub-task

[PHPBB3-10974] - Move tests/mock_user.php to tests/mock/user.php
[PHPBB3-11009] - Backport phing build.xml from develop to develop-olympus so it uses composer.
[PHPBB3-11540] - Add unit tests for (phpbb_)is_absolute()
[PHPBB3-11541] - Add unit tests for style_select() in functions.php
[PHPBB3-11542] - Add unit tests for language_select() in functions.php
[PHPBB3-11543] - Add unit tests for obtain online functions in functions.php

Task

[PHPBB3-10877] - Have bamboo generate and publish a phpBB package for every build.
[PHPBB3-11045] - Add unit tests for the compress class
[PHPBB3-11059] - Fix README logo
[PHPBB3-11060] - Fix travis.yml pyrus config
[PHPBB3-11240] - Turn on PHPUnit's verbose mode on Travis
[PHPBB3-11324] - Add PHP 5.5 environment on Travis-CI
[PHPBB3-11337] - Run functional tests on Travis CI
[PHPBB3-11513] - Install PHPUnit via Composer's require-dev to simplify test running (no need for pear)
[PHPBB3-11526] - Increase composer minimum-stability from beta to stable
[PHPBB3-11527] - Upgrade composer.phar to 1.0.0-alpha7
[PHPBB3-11529] - Rename RUNNING_TESTS file to .md file to render it on GitHub
[PHPBB3-11576] - Make phpBB Test Suite MySQL behave at least as strict as phpBB MySQL driver
[PHPBB3-11671] - Add phing/phing to composer.json
[PHPBB3-11752] - Update phpBB.com URLs to https in email templates
[PHPBB3-11753] - Upgrade mysql_upgrader.php schema data.

1.ii. Changes since 3.0.10

Bug

[PHPBB3-7432] - Unclear language for Inactive Users on ACP main page
[PHPBB3-8652] - Duplicate Emails Sent When Subscribed to Forum and Topic
[PHPBB3-9079] - Display backtrace on all E_USER_ERROR errors, not only SQL errors (when DEBUG_EXTRA is enabled)
[PHPBB3-9084] - Unable to display 'option equal to non entered value' if dropdown CPF is not required
[PHPBB3-9089] - PM message title box not accessible via Tab key
[PHPBB3-9220] - Blue border width when table in a div
[PHPBB3-9681] - Password length not in security settings
[PHPBB3-9813] - fulltext_native.php on innodb loading deadly slow for big indexes
[PHPBB3-9831] - Cannot change default of Boolean checkbox custom profile field
[PHPBB3-10094] - Clear cache before phpBB installation
[PHPBB3-10129] - Missing apostrophes in ACP user management -> permissions
[PHPBB3-10349] - Unit tests do not remove comments from schemas
[PHPBB3-10399] - Special characters aren't parsed in style component variables
[PHPBB3-10401] - auth_ldap has an incorrect return value in login_ldap()
[PHPBB3-10407] - Incorrect check for empty image file paths during conversion
[PHPBB3-10428] - optionget/optionset functions in session.php and acp_users.php incorrectly check whether $data is at its default value
[PHPBB3-10456] - Subsilver2 does not define $CAPTCHA_TAB_INDEX
[PHPBB3-10508] - Marking forums as read displays misleading language
[PHPBB3-10511] - Grammar defect in permissions language
[PHPBB3-10512] - Test failure when no default timezone is set in php
[PHPBB3-10532] - Out of range $start causes a page with no search results but with pagination
[PHPBB3-10538] - Special character are not correctly parsed for SMTP protocol
[PHPBB3-10542] - Incorrect class="postlink" in styles/subsilver2/template/faq_body.html
[PHPBB3-10546] - Argument missing for adm_back_link() in acp_captcha.php
[PHPBB3-10561] - All users can choose deactivated styles.
[PHPBB3-10569] - template/ucp_main_front.html does not correctly handle active topic with the name "0"
[PHPBB3-10580] - Default tz in registration dropdown not the same as the board default tz
[PHPBB3-10589] - user_birthday does not use table alias in $leap_year_birthdays variable definition
[PHPBB3-10605] - Orpahned privmsgs are left in the prvmsgs table, with no ties in privmsgs_to table
[PHPBB3-10606] - $s_hidden_fields -> incorrect array name (3 files affected)
[PHPBB3-10611] - Add a check for selected tables existence for ACP database backup tool
[PHPBB3-10615] - Static calls in utf normalizer yield E_STRICT spam on php 5.4
[PHPBB3-10630] - Prune Users produced unnecessarily long query; Got a packet bigger than 'max_allowed_packet' bytes
[PHPBB3-10633] - Users are able to get the real filename of attachment
[PHPBB3-10639] - negative value of ranks message
[PHPBB3-10658] - Rank-item is not shown on team-list
[PHPBB3-10675] - Use more descriptive message when disk is out of space
[PHPBB3-10684] - Function user_notification() prevents notifications for users with stale bans
[PHPBB3-10689] - Bug in the popup " Find a member" when select by letter.
[PHPBB3-10691] - Search index creation CLI script incorrectly calculates indexing speed
[PHPBB3-10699] - Long h2 title breaks div.minitabs in MCP
[PHPBB3-10708] - After a conversion, passwords with UTF8 characters do not work when user_pass_convert is set.
[PHPBB3-10717] - memberlist_view.html: including admin defined profile fields doesnt work
[PHPBB3-10723] - Do not use SQLite on PHP 5.4 in Tests on Travis
[PHPBB3-10731] - JS function addquote() works incorrectly in Opera
[PHPBB3-10751] - MS SQL Error when searching Admin Log
[PHPBB3-10760] - In pre-commit git hook, syntax error is thrown, but is not specifically described
[PHPBB3-10767] - Git hooks do not work properly with git GUIs
[PHPBB3-10774] - db_tools::create_unique_index does not use specified index names on MySQL
[PHPBB3-10790] - Strict comparison on user_id for sending pms
[PHPBB3-10797] - Template var for user rank not filled
[PHPBB3-10835] - Misleading message in UCP when no permission to change password
[PHPBB3-10846] - Missing alias for MAX(post_id) in SQL query in acp_main.php
[PHPBB3-10849] - Missing BBCode Help Text in subsilver2
[PHPBB3-10858] - $db->sql_fetchfield returns false with mssqlnative
[PHPBB3-10860] - Side-by-side diff styling javascript bug
[PHPBB3-10881] - Some files use 0xA9 as the copyright symbol which is neither ASCII nor the UTF8 copyright symbol.
[PHPBB3-10887] - Auto increment tests depend on varbinary handling
[PHPBB3-10889] - Default value for c_char_size in database unit tests is an empty string instead of a char(4)
[PHPBB3-10890] - test_sql_fetchrow_returns_false_when_empty() fails on MSSQL and Oracle
[PHPBB3-10908] - No remote avatar size limit results in files limited only by PHP memory limit
[PHPBB3-10913] - Admin is logged out when accessing any url under adm/ without session id
[PHPBB3-10441] - Update to docs/README.html
[PHPBB3-10773] - ACP phpBB logo needs registered trademark symbol
[PHPBB3-10935] - Limit number of PM rules per user
[PHPBB3-10937] - Comment removal functions: Backward compatibility broken
[PHPBB3-10950] - Deleting user with undelivered PMs causes SQL error
[PHPBB3-10952] - includes/constants.php version number incorrect
[PHPBB3-10965] - Dropdown CPF now shows in profile when no value is selected
[PHPBB3-10978] - Typo in prosilvers ucp_groups_membership.html

Improvement

[PHPBB3-8599] - Add "Select All" to "Add multiple smilies" screen
[PHPBB3-8636] - Add resync option to topic_view moderation page
[PHPBB3-9876] - Names and descriptions for roles "Newly registered User" in "User roles" and "Forum roles" must be different
[PHPBB3-9914] - Add backup warning to Automatic DB Updater
[PHPBB3-9916] - License in header not linking to version 2 of GNU GPL
[PHPBB3-10093] - Make commit-msg hook always not fatal
[PHPBB3-10162] - Allow TLDs over 6 characters in email addresses
[PHPBB3-10280] - Change the ACP user activation display
[PHPBB3-10308] - Disable Retain/Delete Posts selection if the user has no posts.
[PHPBB3-10453] - PM viewmessage page is misplacing the online icon
[PHPBB3-10492] - Port functional tests to develop-olympus
[PHPBB3-10507] - Sort installed styles list in admin control panel - styles
[PHPBB3-10550] - Sort not installed styles list in admin control panel - styles
[PHPBB3-10563] - ACP usability improvement: show deactivated styles below active styles in styles list
[PHPBB3-10565] - Performance: Unneeded GROUP BY in update_forum_tracking_info
[PHPBB3-10607] - phpBB Credit Line Hardcoded
[PHPBB3-10653] - Add ability to count table rows to database abstraction layer
[PHPBB3-10730] - Add label tags around "select" text in post splitting UI in MCP
[PHPBB3-10764] - FAQ mentions SourceForge
[PHPBB3-10812] - Installer should not display register globals UI for php 5.4+
[PHPBB3-10815] - Enable Feeds by default
[PHPBB3-10819] - Improve side-by-side diff styling
[PHPBB3-10834] - Backport general development language changes in readme files
[PHPBB3-10836] - Enable Avatars by default
[PHPBB3-10891] - Allow specifying test config file name via environment variable
[PHPBB3-10892] - Cosmetic improvements to RUNNING_TESTS.txt
[PHPBB3-10898] - Do not write ?> into config.php to avoid whitespace output
[PHPBB3-10925] - Clarify that SQLite3 is not supported for phpBB 3.0.x

New Feature

[PHPBB3-10616] - Add template inheritance by default

Sub-task

[PHPBB3-10907] - Mark (var)binary tests as incomplete on non-MySQL DBMSes

Task

[PHPBB3-9896] - Update links in docs/readme.html
[PHPBB3-10434] - Add a script that allows creating a search index from CLI
[PHPBB3-10455] - Remove NOTE from header files
[PHPBB3-10694] - Update notification in ACP (Olympus) for increase of minimum PHP version to 5.3.2
[PHPBB3-10718] - Add Travis CI
[PHPBB3-10788] - Update docs/AUTHORS for 3.0.11-RC1
[PHPBB3-10909] - Update Travis Test Configuration: Travis no longer supports PHP 5.3.2

1.iii. Changes since 3.0.9

Bug

[PHPBB3-5506] - Deleting all items from last page results in empty list display
[PHPBB3-6458] - Width of Topics and Posts columns in Board Index is causing problems with language packs
[PHPBB3-7138] - Cannot display simple header/footer with trigger_error()
[PHPBB3-7291] - Broken links of char selection in memberlist
[PHPBB3-7932] - Fix font size in select boxes
[PHPBB3-8094] - Text in the forums.php and install.php not matching
[PHPBB3-8173] - Redundant BBCode helpline in JS
[PHPBB3-8177] - February 29th birthdays not shown in non-leap year
[PHPBB3-8571] - Users can make their age a negative number on memberlist
[PHPBB3-8691] - Error creating log_time index
[PHPBB3-8937] - Code tags - single space indent
[PHPBB3-9008] - Incorrect unread topic tracking for unapproved topics
[PHPBB3-9066] - Invalid Prefix Names Allowed
[PHPBB3-9416] - HTML entities in poll titles and options incorrectly re-encoded
[PHPBB3-9525] - Minimum characters per post/message should never be '0'
[PHPBB3-9645] - XHTML error on phpinfo page in ACP
[PHPBB3-9776] - When deleting and recreating a poll, old options aren't deleted and reappear with the new ones
[PHPBB3-9956] - No error message displayed when disapprove reason is invalid or empty
[PHPBB3-9976] - Direct post links open the wrong page of viewtopic when multiple posts are posted in the same second
[PHPBB3-9978] - Missing semicolons in // <![CDATA[ part of overall_header.html
[PHPBB3-10087] - Limited browser support for ban exclusion emphasis
[PHPBB3-10157] - Missing error handling when a custom profile field is not defined for current language
[PHPBB3-10166] - Post-admin activation email confusingly refers to username
[PHPBB3-10187] - XHTML error in ucp_groups_manage.html
[PHPBB3-10190] - Misleading information about permissions displayed after editing forum settings
[PHPBB3-10212] - Captcha not displayed when username not exists
[PHPBB3-10216] - Updater's failed query language grammatically incorrect
[PHPBB3-10226] - Mysqli dbal extension does not allow connection via pipes
[PHPBB3-10227] - Mysqli dbal extension does not allow persistent connection for PHP >= 5.3.0
[PHPBB3-10237] - Unwatching a forum/topic does not check for correct hash parameter
[PHPBB3-10240] - Word filter evasion
[PHPBB3-10253] - IE9 Quote problem
[PHPBB3-10255] - gitignore ignores too much
[PHPBB3-10257] - AAAA record parsing fails on older versions of Windows
[PHPBB3-10259] - Incorrect email on joining Open group
[PHPBB3-10265] - Unit test tests/random/mt_rand.php is not run because of missing _test suffix.
[PHPBB3-10266] - Poor navigation links after reporting a post
[PHPBB3-10267] - Missing strlen() on $table_prefix in db tools index name length check
[PHPBB3-10274] - Hardcoded module ID in "Re-check version" link on ACP front page
[PHPBB3-10275] - Wrong information about sent passwords in FAQ
[PHPBB3-10292] - Whitespace inconsistency in acp_ranks
[PHPBB3-10293] - Jumpbox allows jumping to invalid forums in prosilver
[PHPBB3-10294] - sqlsrv_rows_affected non-functional in MSSQLNative.php
[PHPBB3-10296] - incorrect cross join in SQL Server
[PHPBB3-10298] - EMBED Tag Not Closed Properly In subSilver2 attachment.html
[PHPBB3-10299] - Typo in comment about $max_store_length in truncate_string() (in functions_content.php)
[PHPBB3-10303] - send_status_line() doesn't validate user input
[PHPBB3-10304] - Bad url in U_ICQ on /ucp_mp_viewmessage.php
[PHPBB3-10307] - Return value of $db->sql_fetchrow() on empty tables is not consistent
[PHPBB3-10309] - Utf tests download data into temporary locations deep in source tree
[PHPBB3-10320] - "Most active topic" can leak topic title of topics in password-protected forums
[PHPBB3-10321] - Link to page 1 of the Memberlist has a useless question mark at the end
[PHPBB3-10324] - XHTML error in Prosilver - MCP - User Notes
[PHPBB3-10339] - Typo in prosilver's mcp_front.html
[PHPBB3-10341] - Topic title of "0" does not show as "Most active topic"
[PHPBB3-10351] - Invalid syntax for Oracle's sql_column_remove()
[PHPBB3-10352] - Missing break for Oracle's sql_table_drop()
[PHPBB3-10365] - Moderators can view forbidden information
[PHPBB3-10377] - All moderators can change topic type
[PHPBB3-10394] - Tests use call-time pass by reference which results in Fatal error on PHP 5.4
[PHPBB3-10397] - Pagination code inconsistency
[PHPBB3-10400] - '0' (zero) not allowed as forum name
[PHPBB3-10413] - Make create_schema_files usable
[PHPBB3-10416] - Use dbport in phpbb_database_test_connection_manager::connect()
[PHPBB3-10420] - Update startup to account for PHP 5.4
[PHPBB3-10421] - Interchanged parameters in includes/acp/acp_users.php
[PHPBB3-10422] - Unnecessary  statement in viewtopic_body.html
[PHPBB3-10435] - Topic count mismatch on viewforum
[PHPBB3-10437] - Announcements on moderation queue are not hidden
[PHPBB3-10446] - Unencoded 8bit characters in email headers
[PHPBB3-10452] - XHTML error when printing a PM
[PHPBB3-10461] - MCP's recent actions list is empty
[PHPBB3-10479] - Remove PostgreSQL version numbers from driver's language string
[PHPBB3-10485] - XHTML error in Prosilver - index and viewforum
[PHPBB3-10488] - Database updater for 3.0.10-RC1 overwrites config variable email_max_chunk_size without checking for custom value
[PHPBB3-10497] - SQL error when guest visits forum with unread topic
[PHPBB3-10319] - Missing hidden fields in search form
[PHPBB3-10501] - Description of table prefix is wrong
[PHPBB3-10502] - CHANGELOG.html has a typo: 'red' should be 'read'.
[PHPBB3-10503] - Debug error when previewing edits
[PHPBB3-10504] - MCP Layout STILL broken in ProSilver when screen is resized to less 1200 pixels
[PHPBB3-10531] - Last remaining style can be uninstalled

Improvement

[PHPBB3-8616] - Add direct link to PM to notification message
[PHPBB3-9036] - Forums that can be listed but not read expose forum information
[PHPBB3-9297] - Add support for Extended Passive Mode (EPSV) in class ftp_fsock to better support IPv6 connections.
[PHPBB3-9307] - Mass email $max_chunk_size
[PHPBB3-9361] - Edit account settings - Improved clarification needed
[PHPBB3-9778] - Member Search from the Admin Control Panel is not Intuitive
[PHPBB3-9898] - Readme needs updating to reflect more opening for patches
[PHPBB3-9995] - Unnecessary coding in display_forums() in functions_display.php
[PHPBB3-10032] - BBCode Add List Item Control Name Contains Typo
[PHPBB3-10074] - Change default value of 'Set as special rank' to No for Add new rank
[PHPBB3-10185] - Board startdate not being set
[PHPBB3-10189] - Add "automatically generated" comment into schema-files.
[PHPBB3-10199] - Performance: viewtopic has a useless join
[PHPBB3-10222] - Also build language and styles changes in diff/patch format
[PHPBB3-10239] - Add "Are you sure" confirmation to backup restore in ACP
[PHPBB3-10243] - Add gmgetdate() wrapper for getdate() which returns dates in UTC.
[PHPBB3-10245] - Messenger uses output buffering for error collection, should use error collector instead
[PHPBB3-10246] - Remove VCS section from docs/coding-guidelines.html
[PHPBB3-10254] - Remove style names from themes and fix some information on it
[PHPBB3-10263] - Add phpbb_version_compare() wrapper for version_compare()
[PHPBB3-10278] - Improve timeout handling in get_remote_file()
[PHPBB3-10315] - Radio Buttons in ACP are clipped in Safari - Fix suggested
[PHPBB3-10327] - Use "ALTER TABLE ... ADD INDEX" instead of "CREATE INDEX"
[PHPBB3-10334] - Birthday List display not dependent on user privileges
[PHPBB3-10335] - Responses to bots should have extra header to be used by reverse proxies
[PHPBB3-10346] - Add drop_tables key for database updater
[PHPBB3-10354] - When template tests are skipped because cache is not writable, print cache directory path
[PHPBB3-10369] - Change error collector to always report errfile and errline
[PHPBB3-10370] - Various improvements for get_backtrace()
[PHPBB3-10402] - Displaying report texts with linebreaks and clickable links
[PHPBB3-10419] - Add mbstring PHP ini parameters checks to ACP
[PHPBB3-10430] - Some typos and the like in docs/coding-guidelines.html

New Feature

[PHPBB3-8240] - Request: db_tools to have two additional functions, table list and column list

Task

[PHPBB3-9689] - Scripts and utilities
[PHPBB3-10003] - Resolve db_tools proliferation
[PHPBB3-10313] - Include slow unit tests when running build script
[PHPBB3-10483] - Test suite does not run with MySQL strict mode
[PHPBB3-10486] - Create git shortlog and git diff --stat in build script
[PHPBB3-10480] - Automate changelog building

1.iv. Changes since 3.0.8

Bug

[PHPBB3-217] - Multiline [url] not Converted
[PHPBB3-6712] - Topic bumping does not create new topic icon on index
[PHPBB3-7057] - Quicksearch uses POST, thus the page expires!
[PHPBB3-7778] - Increase limit of custom BBcodes
[PHPBB3-7834] - Correctly update topic_time when deleting first post in topic
[PHPBB3-7888] - URL of search results page does not always contain all keywords of the search query
[PHPBB3-7941] - mistake in description of function generate_board_url
[PHPBB3-8138] - Browser autocompleton fills wrong fields in ACP
[PHPBB3-8736] - Honour ACP settings for min/max username length when posting as a guest.
[PHPBB3-8802] - Wrong confirmation text when clicking "mark forums read" in a category
[PHPBB3-8904] - Show numeric CPF default value when editing
[PHPBB3-9166] - Subsilver and prosilver CSS elements out of order.
[PHPBB3-9348] - Correctly encode default_dateformat when converting from phpBB2
[PHPBB3-9575] - The word "administrate" is not correct.
[PHPBB3-9630] - Naming inconsistency of Merging Posts / Topics in MCP
[PHPBB3-9675] - Add option to delete template/theme/imageset when deleting style.
[PHPBB3-9685] - Unable to create "Fulltext native" search index using the mssqlnative DBAL
[PHPBB3-9751] - Password requirement "Must contain letters and numbers" is not working properly
[PHPBB3-9764] - Empty value for CONFIG_TABLE config_name= 'mime_triggers' causes functions_fileupload.php->fileupload->check_content() to be too restrictive
[PHPBB3-9851] - "Search new posts" should require login
[PHPBB3-9872] - Total topics isn't correct after I deleted a user
[PHPBB3-9874] - view_log() performs unneeded count query over all log entries.
[PHPBB3-9892] - Firebird index name length limit is not taken into account
[PHPBB3-9905] - DSN field should include SQLite
[PHPBB3-9908] - Send "Moved Permanently" before stripping off session ids for Bots.
[PHPBB3-9910] - Javascript bug in Subsilver2 PMs
[PHPBB3-9911] - Incorrect open/close field in Manage ranks ACP
[PHPBB3-9913] - currunt should be current
[PHPBB3-9915] - "Length of ban:" is not displayed in ACP
[PHPBB3-9924] - $template->display hook does not pass $template instance
[PHPBB3-9925] - prosilver logo margin bug in IE 6-7-8
[PHPBB3-9928] - Do not link "login to your board" to the "send statistics" page after completed update.
[PHPBB3-9930] - Redirect fails with open_basedir enabled
[PHPBB3-9932] - The Bing bot is not added when converting.
[PHPBB3-9933] - Wrong handling of consecutive multiple asterisks in word censor
[PHPBB3-9934] - Mass Mail missing under the system tab on a fresh install
[PHPBB3-9939] - JavaScript error in recaptcha ACP template
[PHPBB3-9944] - Extension groups naming don't use users' language in ACP
[PHPBB3-9946] - $inserts empty in sql_query() for oracle
[PHPBB3-9948] - Inline quicktime files won't display
[PHPBB3-9949] - $user->lang() is not handling arguments as per documentation
[PHPBB3-9950] - Problem with localized button images after uprading from 3.0.7-PL1 to 3.0.8
[PHPBB3-9953] - Set focus to password on re-authentication
[PHPBB3-9954] - u_masspm* permissions are forced to never for certain groups
[PHPBB3-9961] - Inconsistent activation logs
[PHPBB3-9966] - Language download in ACP creates index.html and misses captcha_*
[PHPBB3-9970] - user_lang input not checked during registration
[PHPBB3-9981] - Fix unit test dependencies on phpBB files
[PHPBB3-9985] - 3D Wave CAPTCHA mt_rand() does not check order of min/max values
[PHPBB3-9997] - Inconsistent approve/disapprove button order in modcp
[PHPBB3-9999] - {forumrow.L_FORUM_FOLDER_ALT} and {SEARCH_IMG} only return a language key.
[PHPBB3-10005] - users can register without custom profile field correctly entered
[PHPBB3-10011] - __DIR__ in test suite renders it unusable on php < 5.3
[PHPBB3-10016] - set_config_count() fails on PostreSQL 7
[PHPBB3-10020] - ACP function validate_range() fails partially on non-32-bit systems
[PHPBB3-10021] - "Find a member" generates SQL error when large dates are entered
[PHPBB3-10029] - No such thing as $_SERVER['HTTP_VERSION']
[PHPBB3-10033] - "Disallow usernames" does not check already disallowed names
[PHPBB3-10035] - ACP template edit feature allows to read any files on webserver and to upload/execute any script on it
[PHPBB3-10036] - Use image from configuration file for displaying online-status.
[PHPBB3-10038] - download/file.php uses $_GET value instead of function request_var()
[PHPBB3-10039] - 2.x to 3.x conversion fails when using mssqlnative to connect to destination database
[PHPBB3-10042] - GD captcha has invalid mt_rand calls
[PHPBB3-10047] - Session ID always included in URL on posting.php
[PHPBB3-10049] - Session test files are misnamed, session tests are not run
[PHPBB3-10052] - Session tests are broken
[PHPBB3-10056] - Firebird misspelled in database updater
[PHPBB3-10058] - Root path is undefined in MySQL upgrader
[PHPBB3-10059] - Consistent is misspelled twice
[PHPBB3-10060] - Typo in tests database connection manager
[PHPBB3-10068] - Firefox4 restrictions to :visited
[PHPBB3-10078] - commit-msg hook prints \n on freebsd
[PHPBB3-10081] - Cleanup Template Tests
[PHPBB3-10084] - Add smilie errors out when image is missing
[PHPBB3-10088] - Cache mock does not unset database versions other than mysqli
[PHPBB3-10090] - cache/queue.php.lock isn't covered by .gitignore
[PHPBB3-10092] - commit-msg hook aborts on overlength comment lines
[PHPBB3-10096] - Wrong whitespace in functions.php
[PHPBB3-10100] - Race condition in unique_id() on heavily busy database.
[PHPBB3-10102] - member.S_PENDING_SET in styles/prosilver/template/ucp_groups_manage.html
[PHPBB3-10104] - missing one intval() along with others already being there
[PHPBB3-10109] - Errors while copying a topic
[PHPBB3-10112] - Use of count() in captcha_gd.php and mssqlnative.php
[PHPBB3-10115] - BBcodes not working if post contains about or more 55000 non-english symbols
[PHPBB3-10117] - Big posts becomes empty if they have smilies on specified places.
[PHPBB3-10121] - ICQ profile link leads to a webservice that is no longer active
[PHPBB3-10123] - Inconsistent use of smilie/smiley
[PHPBB3-10128] - Error message is on green background when trying to ban a nonexistent user
[PHPBB3-10137] - Deleting an unintended space at the end of PHP_URL_FOPEN_SUPPORT_EXPLAIN
[PHPBB3-10146] - Firebird cannot handle DECIMAL(255, 0)
[PHPBB3-10147] - Typo in code comment in functions_template.php
[PHPBB3-10149] - deregister_globals causes error when cookie called GLOBALS is set to scalar value
[PHPBB3-10170] - reCAPTCHA address has changed
[PHPBB3-10171] - Firefox4 displays grey pixels at PM message rows when message is neither marked nor replied
[PHPBB3-10177] - phpBB package cannot be built with bsdtar
[PHPBB3-10178] - build.xml does not specify path to find - breaks on FreeBSD
[PHPBB3-10188] - Broken compressed output when errors/warnings are handled by phpbb and output_buffering is set to 4096 and phpbb gzip is enabled
[PHPBB3-10191] - Duplicate output when output_handler is set in php.ini
[PHPBB3-10192] - Missing semicolon in MySQL Upgrader
[PHPBB3-10195] - Do not check DNS Blacklists if IPv6 address is passed to session::check_dnsbl().
[PHPBB3-10198] - Function validate_config_vars() improperly validates multibyte strings
[PHPBB3-10203] - Fix quotations and hyphen in language strings for PHPBB3-10067
[PHPBB3-10204] - Package build tool does not detect binary file changes
[PHPBB3-10206] - Normalization tests fail when unicode.org is not reachable
[PHPBB3-10211] - Missing space on the recent PHPBB3-9992 changes
[PHPBB3-10213] - IP limit index name too long on Oracle
[PHPBB3-10214] - Cannot configure Q&A on Oracle
[PHPBB3-10218] - STRIP is not defined in style.php causing a notice to be thrown
[PHPBB3-10219] - Inappropriate character in web.config file
[PHPBB3-10220] - Logging in with Mobile Device triggers SQL error on *_login_attempts.
[PHPBB3-10221] - Inconsistent usage of "Seconds" in ACP Settings
[PHPBB3-7729] - Prevent date/time functions from throwing E_WARNING on PHP 5.3 by setting a default timezone
[PHPBB3-10188] - Broken compressed output when errors/warnings are handled by phpbb and output_buffering is set to 4096 and phpbb gzip is enabled
[PHPBB3-10223] - Updater references startup.php from board path
[PHPBB3-10228] - Typo in 3.0.9-RC1 user registration settings
[PHPBB3-10229] - On languge/acp/styles.php "%s" should be "%s"
[PHPBB3-10232] - Search within topic/forum searches all posts
[PHPBB3-10233] - IE Emulation fix breaks posting layout when PMing
[PHPBB3-10234] - msg_handler() reports E_WARNING as "PHP Notice: "
[PHPBB3-10247] - mediumint(8) too small for phpbb_login_attempts.attempt_id
[PHPBB3-10250] - phpBB Logo needs the Registered Trademark Symbol

Improvement

[PHPBB3-9581] - Banned users get mass emails.
[PHPBB3-9802] - Optimize session_begin REMOTE_ADDR validation
[PHPBB3-9878] - Get rid of Internet Explorer 7 emulation
[PHPBB3-9897] - Language typos in language/en/acp/board.php
[PHPBB3-9922] - Posting URL in subsilver 2
[PHPBB3-9937] - Feed Icon displays on Forum links
[PHPBB3-9980] - URLs to javascript should be T_SUPER_TEMPLATE_PATH instead of T_TEMPLATE_PATH
[PHPBB3-9989] - Skip PM popup in overall_header.html, if there are no new PMs.
[PHPBB3-10007] - Add directive 'internal' to blocked folders in nginx example configuration.
[PHPBB3-10009] - Differentiate published/updated dates in Atom feed
[PHPBB3-10014] - Make the error message when cache is not writable clearer
[PHPBB3-10024] - Allow a Style to present Unread PM in different way than read PM
[PHPBB3-10040] - Continuous integration on PHP 5.2
[PHPBB3-10041] - download/file.php needs more use of send_status_line
[PHPBB3-10044] - Setup github network improvements
[PHPBB3-10057] - More informative reporting of errors when database connection fails for Firebird and PostgreSQL.
[PHPBB3-10067] - ACP options for account activation are confusing when emails are turned off board-wide
[PHPBB3-10069] - Improvements in sample nginx config file
[PHPBB3-10072] - Send the post number to the template as it relates to it's position in the topic
[PHPBB3-10101] - Compatibility with native phpass hashes
[PHPBB3-10126] - Replace ^ with &~ in error_reporting calls
[PHPBB3-10141] - Performance improvement for $auth->_fill_acl()
[PHPBB3-10145] - Ability to force recompilation of all templates on every page load
[PHPBB3-10154] - Move "copy permissions from" to below "parent" in forum creation form
[PHPBB3-10158] - Return link not really useful after sending a Private Message
[PHPBB3-10186] - UCP signature panel displays when not authed for signatures

New Feature

[PHPBB3-9942] - WinCache Caching Module
[PHPBB3-9992] - Limit amount of failed login attempts per IP
[PHPBB3-10110] - Redis caching module

Task

[PHPBB3-9788] - Add README for GitHub
[PHPBB3-9805] - Add a script for setting up git remotes for a github network
[PHPBB3-9806] - Script for easy merging
[PHPBB3-9824] - Git hook quirks
[PHPBB3-9859] - Remove the years from visible copyright in the footer.
[PHPBB3-9921] - Add sample configuration for lighttpd webserver
[PHPBB3-9943] - Setup phpDocumentor API documentation generation
[PHPBB3-9967] - Use phpunit.xml for test suite
[PHPBB3-9987] - Enforce _test.php suffix for test files
[PHPBB3-9990] - Integrate utf normalizer tests into test suite
[PHPBB3-10043] - Refactor phpbb_database_test_case
[PHPBB3-10046] - Getting rid of register_shutdown_function() in cron.php to prevent path disclosure (reported by lacton)
[PHPBB3-10075] - Update docs/AUTHORS for 3.0.9-RC1 release
[PHPBB3-10079] - Add gallery avatars to .gitignore.
[PHPBB3-10082] - Fix Session Test Issues with CHAR vs. VARCHAR.
[PHPBB3-10105] - Update AIM express link and "Download Application" links
[PHPBB3-10107] - Improve docs for non-apache webserver configuration

Sub-task

[PHPBB3-9732] - Cover session code extensively in tests
[PHPBB3-9968] - Create unit test for word censor regular expression
[PHPBB3-9969] - Move word censor regular expression creation into separate function definition in functions.php

1.v. Changes since 3.0.7-PL1

Security

[PHPBB3-9903] - Execute javascript in [flash=] BBCode

Bug

[PHPBB3-4923] - compress_tar incorrectly determines type
[PHPBB3-5164] - Honor minimum and maximum password length in generated passwords as much as possible.
[PHPBB3-6726] - Connecting to PostgreSQL using 'localhost' doesn't try to use a TCP connection
[PHPBB3-6747] - word censoring * does not handle space for two or more words
[PHPBB3-7260] - Do not delete polls if one exists and editing user lacks permissions
[PHPBB3-7296] - Style export to tar(.*) does not work
[PHPBB3-7369] - Custom Profile dates display incorrectly
[PHPBB3-7417] - Search keywords field does not initially get focus
[PHPBB3-7538] - Query exceeds maximum value for user_login_attempts
[PHPBB3-7716] - Data too long for column 'message_subject'
[PHPBB3-7720] - Fix alternative image-description for unread posts.
[PHPBB3-7782] - Send HTTP 404 if topic, forum or user do not exist
[PHPBB3-7972] - Copied topics are not indexed
[PHPBB3-8169] - Parse CSS Regex accepts invalid code
[PHPBB3-8792] - Misleading error message in auth_ldap.php, function init_ldap()
[PHPBB3-8894] - JavaScript error and visible quote button on topic review if BBCodes disallowed
[PHPBB3-8924] - spelling in admin_welcome_inactive.txt
[PHPBB3-8929] - MS SQL error on view all smilies after 3.0.6 upgrade
[PHPBB3-8935] - able to set minimal avatar size larger than maximum
[PHPBB3-8944] - Error on database update (must specify size of index on MySQL4)
[PHPBB3-9012] - Retain original topic title in shadow topic when moving a topic and editing the title.
[PHPBB3-9034] - Redirect() fails with directory traversal
[PHPBB3-9047] - Active topics and reported posts
[PHPBB3-9049] - Password reminder system generates confusable passwords
[PHPBB3-9053] - Correctly sort database backup file list by date on database restore page
[PHPBB3-9061] - Race condition in queue locking
[PHPBB3-9068] - Grammatical Error under Load Settings
[PHPBB3-9075] - Missing / bad default values of CPFs result in SQL errors on registration of new users
[PHPBB3-9091] - Wrong IP checking for IPv4 addresses mapped into IPv6
[PHPBB3-9094] - Hide "Copy permissions" message, when permissions were copied.
[PHPBB3-9095] - Misleading setting text for CAPTCHA
[PHPBB3-9099] - Missing comma in PASSWORD_EXPLAIN acp language strings
[PHPBB3-9101] - Bad text placement for reCAPTCHA description
[PHPBB3-9104] - Safari does not display box headers correctly in the ACP.
[PHPBB3-9107] - Can't Set Parent Forum
[PHPBB3-9108] - RSS feeds does not work on Postgres
[PHPBB3-9112] - Most active forum post count does not respect m_approve permission
[PHPBB3-9114] - Recent bug fix for smilies causing problems on older MySQL versions
[PHPBB3-9117] - Wrong redirection after login
[PHPBB3-9119] - Language selection is disregarded in automatic update
[PHPBB3-9120] - Typo fix in a comment in functions.php
[PHPBB3-9121] - Forum feed shows posts that are currently on the moderation queue
[PHPBB3-9125] - ACP User Overview: Unmatched </form> tag when viewing own user
[PHPBB3-9126] - Invalid redirection after login to forum not in web root
[PHPBB3-9132] - Oracle CLOB support is broken, preventing storage of long strings
[PHPBB3-9135] - Fix report-icon for moderators in PM folders.
[PHPBB3-9140] - Check current board version in incremental update packages
[PHPBB3-9145] - Fix open_basedir issues when accessing styles- and language-management
[PHPBB3-9146] - Quick-Reply tabindex="6" set twice
[PHPBB3-9147] - "Change topic type"-option "Normal" always selected.
[PHPBB3-9154] - Correctly check for double inclusion in captcha garbage collection
[PHPBB3-9158] - viewforum/viewtopic pages unnecessarily duplicated with start=0
[PHPBB3-9162] - BBCode in poll options is broken, when posting without question.
[PHPBB3-9167] - Remove shadow topics from remaining forums when deleting a forum including posts
[PHPBB3-9170] - Unable to get image size in img bbcode when URL has multiple parameters.
[PHPBB3-9173] - sql_config_count() artificially limits number scope to 4byte-integer on PostgreSQL and Firebird
[PHPBB3-9176] - When setting the board's date format the board's timezone settings aren't taken into account
[PHPBB3-9451] - Unnecessary overhead in avatar_process_user function
[PHPBB3-9478] - Validate maximum number of allowed recipients per PM value
[PHPBB3-9495] - Loginbox <input /> redirect breaks xHTML
[PHPBB3-9499] - Javascript function dE does not correctly detect element visibility
[PHPBB3-9504] - Allow gallery avatars with whitespaces in the filename
[PHPBB3-9509] - phpBB Coding Guidelines state subversion as the version control system for phpBB
[PHPBB3-9510] - Unable to copy permissions from and to forums you cannot see
[PHPBB3-9512] - Fix dead link in MCP on reports for global announcements in prosilver.
[PHPBB3-9514] - Correctly delete big datasets when deleting a forum including topics/posts on non-MySQL databases
[PHPBB3-9518] - Postgres DBAL does not correctly create a new database connection when passing $new_link as true
[PHPBB3-9519] - Replace remaining is_writable() calls with phpbb_is_writable().
[PHPBB3-9521] - MSSQL error reporting returns String instead of an error
[PHPBB3-9524] - IPv6 regular expression does not match addresses starting in ::
[PHPBB3-9526] - User Preference to hide online status does not work for bots
[PHPBB3-9528] - Quoting in a PM does not fall back to bbcode-less quotes using "> " when bbcodes are disabled
[PHPBB3-9529] - Topic review does not display all selected posts
[PHPBB3-9530] - subsilver2 missing fallback option on quoting when bbcodes are disabled
[PHPBB3-9531] - BBCode-less fall back option for quotes is missing "Author wrote:" line when quoting from topic-review.
[PHPBB3-9535] - Incorrect margins in RTL languages: signatures, permission ACP & updater
[PHPBB3-9545] - 'Your first forum' should have 'Display active topics:' set to 'Yes'
[PHPBB3-9546] - Moving all posts from one topic to another does not delete bookmarks
[PHPBB3-9547] - Changing forum type applies FORUM_FLAG_ACTIVE_TOPICS to new forum type.
[PHPBB3-9548] - Delete user quicktool drop down should have an empty or invalid selection as the default
[PHPBB3-9559] - Messenger Queue Batch Size configuration option is overridden
[PHPBB3-9567] - Newly registered users group ACP wording
[PHPBB3-9582] - Missing MSSQL native driver case statements
[PHPBB3-9587] - Prosilver overrides reCaptcha class.
[PHPBB3-9592] - Test suite does not run on SQLite
[PHPBB3-9593] - Missing documentation for running unit tests
[PHPBB3-9599] - Windows workaround for checkdnsrr() returns wrong results
[PHPBB3-9605] - Wrong class added to topiclist, when there's no announcement topic.
[PHPBB3-9615] - When attaching a file whose name contains quotes, filename before last quote is cut off in display
[PHPBB3-9623] - Strings not properly normalized - acp_prune.php
[PHPBB3-9626] - Regular expressions from get_preg_expression() are untested.
[PHPBB3-9628] - Add module function does not correctly insert a module after the specified one
[PHPBB3-9633] - Newly registered users group color is not used in Our Newest Member
[PHPBB3-9635] - Useless parameter $data['post_time'] in function submit_post.
[PHPBB3-9637] - SET NAMES 'BINARY' error in convertor
[PHPBB3-9643] - DB connection error when $dbhost is an IPv6 address
[PHPBB3-9644] - submit_post shows support for options that cause a trigger_error in the call to user_notification
[PHPBB3-9646] - Cant hide/outcomment @import in stylesheet.css
[PHPBB3-9650] - It should not be possible to ban Anonymous
[PHPBB3-9653] - xhtml errors in subsilver2 when using the bbcodes code and quote in signatures
[PHPBB3-9655] - Selecting an unavailable captcha plugin looks like a successful action
[PHPBB3-9656] - PHP Information in ACP always lists error_reporting as 0
[PHPBB3-9658] - Optimize topic splitting
[PHPBB3-9662] - Search interval applied inconsistently
[PHPBB3-9664] - Another duplicate accesskey: t = top and list item
[PHPBB3-9665] - Signature "0" cannot be previewed
[PHPBB3-9677] - Subsilver2 is missing the bbcode-helpline for inline-attachments.
[PHPBB3-9678] - Flash attachments are not displayed in subsilver2.
[PHPBB3-9679] - "Notify User" checkbox appears in MCP Queue even if no notification methods are enabled
[PHPBB3-9686] - Unable to create data backup using the mssqlnative DBAL
[PHPBB3-9694] - Calling download/file.php with empty avatar parameter can throw an E_NOTICE message
[PHPBB3-9695] - Bad Display of User Input - mcp_ban
[PHPBB3-9696] - Installation of phpBB with SQLite fails
[PHPBB3-9697] - Backlink broken when the select parent forum does not exist.
[PHPBB3-9698] - Returning result of new by reference is deprecated in php 5.3
[PHPBB3-9702] - "Ban until (date)" appears to be based on UTC time instead of local time
[PHPBB3-9703] - Removing a user does not remove their private message folders or rules
[PHPBB3-9704] - Coding guidelines typo
[PHPBB3-9712] - Future dates display as "less than one minute ago"
[PHPBB3-9714] - "Undefined variable: email" in email regular expression unit tests
[PHPBB3-9715] - Fix email address regular expression or adjust email regular expression unit tests
[PHPBB3-9722] - "New Topic" button title attribute mismatch in prosilver's viewforum
[PHPBB3-9727] - Feed replaces ./ with board URL
[PHPBB3-9743] - Fix background-position of top2-class in prosilver for RTL-languages.
[PHPBB3-9744] - Mistyped word 'then' in FAQ. It should be 'than'.
[PHPBB3-9748] - <br /> not being replaced in prepare_message
[PHPBB3-9749] - fulltext_mysql.php overreacts on + and - characters in search words
[PHPBB3-9752] - Misleading text when using Q&A CAPTCHA
[PHPBB3-9754] - Template variable S_USER_POSTED always set to false in search.php
[PHPBB3-9757] - Empty template variable HISTORY_TITLE in ucp_pm_history
[PHPBB3-9760] - Fulltext native search, wildcard * does not get escaped leading to long execution time
[PHPBB3-9761] - Quote nesting depth explanation is misleading
[PHPBB3-9771] - build_url() doesn't ignore empty parameters
[PHPBB3-9772] - Under some circumstances, email addresses are shown to undesired users
[PHPBB3-9780] - gen_rand_string() not respecting $num_chars parameter anymore.
[PHPBB3-9782] - Board disable radio in Board-Settings set on when server load high
[PHPBB3-9793] - Undefined function send_status_line() in download/file.php when in avatar mode.
[PHPBB3-9807] - Avatar tab displays when avatars are disabled
[PHPBB3-9810] - Clicking on "Select All" of code tag on print page results in a javascript error when using prosilver
[PHPBB3-9820] - Fix undefined indexes when trying to post a new topic
[PHPBB3-9822] - Can not delete style-components from the file-system as per explanation.
[PHPBB3-9829] - Recaptcha plugin result interpretation fault
[PHPBB3-9835] - Login Confirm Explain Not Working
[PHPBB3-9840] - Display view unread posts link for guests
[PHPBB3-9841] - Change "Save" button to "Save draft"
[PHPBB3-9847] - Language typo and written form (British/American)
[PHPBB3-9854] - Auth API documentation is incomplete
[PHPBB3-9855] - Tests don't run on PHPUnit 3.5
[PHPBB3-9879] - captcha_qa.php spelling, punctuation and grammar errors
[PHPBB3-9883] - CAPTCHA uses american english
[PHPBB3-9884] - Massive email delays
[PHPBB3-9885] - Default file extension groups not properly updated by database updater.
[PHPBB3-9886] - Database updater does not run on PostgreSQL because of an error in _add_module()
[PHPBB3-9888] - Update fails when Bing [Bot] was already added to the users table
[PHPBB3-9891] - Updater drops language-selection after database-update
[PHPBB3-9509] - phpBB Coding Guidelines state subversion as the version control system for phpBB

Improvement

[PHPBB3-7332] - MCP post details usability
[PHPBB3-7717] - Use user's language for standard-extensions-group name
[PHPBB3-8709] - Multibyte keys in request_var not possible
[PHPBB3-8936] - subsilver2 missing reply-to-all feature
[PHPBB3-9088] - Add missing semicolons in js files
[PHPBB3-9179] - improve quasi-documentation of notify_status values
[PHPBB3-9503] - Posts with empty titles in moderation queue are not easily approved
[PHPBB3-9534] - user_ipwhois() does not support IPv6 addresses
[PHPBB3-9536] - Small improvement for query against sessions table in acp_users.php
[PHPBB3-9553] - Make git hooks run with /bin/sh instead of bash
[PHPBB3-9570] - Change "system timezone" to "guest timezone" in acp, add explanation
[PHPBB3-9578] - ACP Posting tab is missing "Post settings" module.
[PHPBB3-9589] - Sample nginx configuration file
[PHPBB3-9595] - Search settings in ACP: Add information on minimum word size indexed when using Fulltext MySQL backend
[PHPBB3-9598] - Call checkdnsrr() on Windows with PHP 5.3
[PHPBB3-9609] - Use send_status_line instead of calling header
[PHPBB3-9611] - Increase entropy in activation keys
[PHPBB3-9612] - Split gen_rand_string() into gen_rand_string() and gen_rand_string_friendly()
[PHPBB3-9629] - sid parameter forced for style.php makes caching difficult
[PHPBB3-9659] - Default phpBB signature user_options need to be set for convertors
[PHPBB3-9690] - MSN Bot will become Bing Bot
[PHPBB3-9777] - Print useful error message in pre-commit hook when php is not installed.
[PHPBB3-9785] - Not able to recover a password when board disabled
[PHPBB3-9825] - Run tests on sqlite if available and no test db configured
[PHPBB3-9827] - IE9 Beta fixes IE8 textarea bug
[PHPBB3-9830] - Awkward message when config.php is missing
[PHPBB3-9850] - Allow version checker to display information on multiple releases
[PHPBB3-9853] - Change default reCAPTCHA theme in Prosilver & Subsilver2 to better coordinate with style color scheme
[PHPBB3-9880] - Rename all mentions of CAPTCHA or visual confirmation to anti-bot
[PHPBB3-9899] - Change the style in the ACP for the recaptcha to match that displayed on prosilver

New Feature

[PHPBB3-9039] - Native SQL Server Support mssqlnative.php
[PHPBB3-9511] - View note for moderators on unapproved posts/topics with unapproved posts in ATOM Feed.

Task

[PHPBB3-9520] - Add web.config files for IIS
[PHPBB3-9625] - Update database UNIT-test
[PHPBB3-9701] - Enable notices in unit tests
[PHPBB3-9768] - Create git commit-msg hook that verifies the commit message conforms to our standards
[PHPBB3-9769] - Add install and uninstall scripts for the git hooks
[PHPBB3-9770] - Git commit message should be prefilled with branch and ticket information
[PHPBB3-9800] - Update tracker URL in docs/README.html
[PHPBB3-9804] - Update docs/AUTHORS (DavidMJ & igorw)
[PHPBB3-9808] - Git commit message hook depends on GNU wc
[PHPBB3-9816] - Remove config.php from git repository
[PHPBB3-9848] - Add phpBB data files to .gitignore.
[PHPBB3-9849] - Create build script using phing
[PHPBB3-9857] - Remove visible $Id$ from docs files.
[PHPBB3-9868] - Make the test suite run and pass using the mssqlnative driver
[PHPBB3-9904] - Update WebPI Parameters.xml

Sub-task

[PHPBB3-9517] - Remote avatar upload does not check the filesize before and during transfer.
[PHPBB3-9562] - Advanced Search is inaccessible using the mssqlnative DBAL
[PHPBB3-9564] - Reported messages are not assigned the default report reason when a reason is removed from the ACP using the mssqlnative DBAL
[PHPBB3-9565] - It is impossible to create a custom profile field using the mssqlnative DBAL
[PHPBB3-9566] - Two debug notices are displayed when setting a custom profile field though the UCP using the mssqlnative DBAL
[PHPBB3-9583] - MSSQL native backups cannot be restored
[PHPBB3-9606] - Drop redundant SQL query for unreads fetching
[PHPBB3-9613] - Implement a load switch for unreads search feature.
[PHPBB3-9817] - Make build script create blank config.php

1.vi. Changes since 3.0.7

[Sec] Do not expose forum content of forums with ACL entries but no actual permission in ATOM Feeds. (Bug #58595)

1.vii. Changes since 3.0.6

[Fix] Allow ban reason and length to be selected and copied in ACP and subsilver2 MCP. (Bug #51095)
[Fix] Force full date for board online record date.
[Fix] Correctly reset login keys if passed value is the current user. (Bug #54125)
[Fix] Correctly set last modified headers. (Bug #54245, thanks Paul.J.Murphy)
[Fix] Show correct HTML title when reporting private messages. (Bug #54375)
[Fix] Correctly exclude subforums from ATOM Feeds. (Bug #54285)
[Fix] Do not link to user profile in ATOM feed entry if post has been made by the guest user. (Bug #54275)
[Fix] Make word censoring case insensitive. (Bug #54265)
[Fix] Fulltext-MySQL search for keywords and username at the same time. (Bug #54325)
[Fix] Various XHTML and CSS mistakes in prosilver and subsilver2. (Bugs #54705, #55895, #57505, #57875 - Patch by HardStyle)
[Fix] Correctly show topic ATOM feed link when only post id is specified. (Bug #53025)
[Fix] Cleanly handle forum/topic not found in ATOM Feeds. (Bug #54295)
[Fix] PHP 5.3 compatibility: Check if function dl() exists before calling it. (Bug #54665)
[Fix] PHP 5.3 compatibility: Disable E_DEPRECATED on startup to keep set_magic_quotes_runtime(0) quiet. (Bug #54495)
[Fix] Correctly replace table prefix before inserting schema data into the database. (Bug #54815)
[Fix] Correctly take post time instead of topic time for the overall forum feed statistics row. (Bug #55005)
[Fix] Posting errors with CAPTCHAs using user::add_lang(). (Bug #55245)
[Fix] Use memcache::replace() instead of memcache::set() for existing keys to prevent problems.
[Fix] Check for required functions in eAccelerator. (Bug #54465)
[Fix] Use correct RFC 3339 date format in ATOM feed. (Bug #55005)
[Fix] Do not deliver topics from unreadable or passworded forums in the news feed. (Bug #54345)
[Fix] Restore user language choice to compiled stylesheets. (Bug #54035)
[Fix] Add missing language entries. (Bug #55095)
[Fix] Do not permit unauthorised users to delete private messages from folder listing. (Bug #54355)
[Fix] Correctly check for empty strings in custom profile fields. (Bug #55335)
[Fix] Use correct options to parse BBCodes in signatures when previewing PMs.
[Fix] Correct rendering of prosilver quick reply under IE6. (Bug #54115 - Patch by Raimon)
[Fix] Correct wording for "How do I show an image below my username" question answer in FAQ. (Bug #23935)
[Fix] Handle export of private messages where all recipients were deleted. (Bug #50985)
[Fix] Correctly get unread status information for global announcements in search results.
[Fix] Correctly handle global announcements in ATOM feeds.
[Fix] Use correct limit config parameter in the News feed.
[Fix] Restrict search for styles/../style.cfg to folders. (Bug #55665)
[Fix] Add ability to disable overall (aka board-wide) feed.
[Fix] Do not pass new_link parameter when creating a persistent connection with mysql. (Bug #55785)
[Fix] Improved search query performance through sorting words by their occurance. (Bug #21555)
[Fix] Correctly move sql_row_pointer forward when calling sql_fetchfield() on cached queries. (Bug #55865)
[Fix] Remove item limit from "All forums" feed.
[Fix] Do not use group colours for usernames on print view. (Bug #30315 - Patch by Pasqualle)
[Fix] Pagination of User Notes in MCP uses two different config values. (Bug #56025)
[Fix] List hidden groups on viewprofile where the viewing user is also a member. (Bug #31845)
[Fix] Sort viewprofile group list by group name.
[Fix] Strictly check whether a moderator can post in the destination forum when moving topic. (Bug #56255)
[Fix] Added some error handling to the compress class.
[Fix] Correctly determine permissions to show quick reply button. (Bug #56555)
[Fix] Do not unsubscribe users from topics replying with quickreply. (Bug #56235)
[Fix] Don't submit when pressing enter on preview button. (Bug #54395)
[Fix] Load reCAPTCHA over https when using a secure connection to the board. (Bug #55755)
[Fix] Clarify explanation of bump feature setting. (Bug #56075)
[Fix] Properly paginate unapproved posts in the MCP. (Bug #56285)
[Fix] Do not duplicate previous/next links in pagination text of moderator logs and user notes in MCP for subsilver2. (Bug #55045)
[Fix] Do not automatically unsubscribe users from topics, when email and jabber is disabled.
[Fix] Don't send activation email when user tries to change email without permission. (Bug #56335 - Fix by nrohler)
[Fix] Replace hard coded "px" with translated language-string. (Bug #52495)
[Fix] Correctly hover list menu in UCP and MCP for RTL languages. (Bug #49945)
[Fix] Correctly orientate quoted text image on RTL languages. (Bug #33745)
[Fix] Deprecate $allow_reply parameter to truncate_string() (Bug #56675)
[Fix] Fall back to default language email template if specified file does not exist. (Bug #35595)
[Fix] Update users last visit field correctly when changing activation status. (Bug #56185)
[Fix] Database updater now separates ADD COLUMN from SET NOT NULL and SET DEFAULT, when using PostgreSQL <= 7.4 (Bug #54435)
[Fix] Styles adjustment to correctly display an order of rtl/ltr mixed content. (Bugs #55485, #55545)
[Fix] Fix language string for PM-Reports refering to post-data. (Bug #54745)
[Fix] Do not store email templates in database. (Bug #54505)
[Fix] Fix javascript bug in the smilies ACP. (Bug #55725)
[Fix] Unify BBCode Selection across browsers. (Bug #38765)
[Fix] Allow convertors to read in configuration from files. (Bug #57265 - Patch by Dicky)
[Fix] Fix problems with firebird by no longer using 'count' as a column alias. (Bug #57455)
[Fix] Small language correction for the FAQ page. (Bug #57825)
[Fix] Restrict search for language/../iso.txt to folders. (Bug #57795)
[Fix] Make user_email_hash() function independent from system's architecture. (Bug #57755)
[Fix] Correct behavior of "force_approved_state" when value is false. (Bug #57715)
[Fix] Global announcements could not be accessed on a board using Firebird as the database server. (Bug #57525)
[Fix] BBCode parser now uses the user object for all settings rather than taking some from the template object (Bug #57365)
[Fix] Ensure a database connection is available before logging general errors. (Bug #57975)
[Fix] Do not delete unrelated attachments when deleting empty forums. (Bug #57375)
[Fix] Update: Store expected resulting file contents in cache and do not suggest further merges if the contents match, also fixes infinite merge loop (Bug #54075)
[Change] Move redirect into a hidden field to avoid issues with mod_security. (Bug #54145)
[Change] Log activation through inactive users ACP. (Bug #30145)
[Change] Send time of last item instead of current time in ATOM Feeds. (Bug #53305)
[Change] Use em dash instead of hyphen/minus as separator in ATOM Feeds item statistics. (Bug #53565)
[Change] Alter ACP user quick tools interface to reduce confusion with the delete operation.
[Change] Send statistics now check for IPv6 and send private network status as a boolean.
[Change] Split "All topics" feed into "New Topics" and "Active Topics" feeds.
[Change] Forum feed no longer includes posts of subforums.
[Change] Show login attempt CAPTCHA option in the captcha plugin module.
[Change] It is no longer possible to persist a solution for the login CAPTCHA.
[Change] SQLite is no longer autoloaded by the installer. (Bug #56105)
[Change] Friends and foes will not show up as private message rule options if their respective UCP modules are disabled. (Bug #51155)
[Change] Offer for guests to log in for egosearch and unreadposts search before the search permissions check. (Bug #51585)
[Change] Show warning box for users of PHP < 5.2.0 about phpBB ending support.
[Change] Disallow deleting the last question of the Q&A CAPTCHA.
[Change] Tweak Q&A CAPTCHA garbage collection.
[Change] Show a proper preview for the Q&A CAPTCHA. (Bug #56365)
[Change] Speed up topic move operation by adding an index for topic_id on the topics track table. (Bug #56545)
[Change] Warn users about potentially dangerous BBcodes.
[Feature] Ability to use HTTP authentication in ATOM feeds by passing the GET parameter "auth=http".
[Feature] Add INTTEXT token type to custom bbcodes to allow non-ASCII letters in html attributes.
[Feature] Add ability to enable quick reply in all forums.

1.viii. Changes since 3.0.5

[Fix] Allow whitespaces in avatar gallery names. (Bug #44955)
[Fix] Sorting by author or subject on viewtopic now preserves the order. (Bug #44875)
[Fix] Correctly determine writable status of files on Windows operating systems. (Bug #39035)
[Fix] Show report button in prosilver for guests who are allowed to report posts. (Bug #45695)
[Fix] Correctly show private message history. (Bug #46065)
[Fix] Various XHTML mistakes in prosilver, subsilver2 and the ACP. (Bugs #25545, #26315, #38555, #45505 - Patch by Raimon, #45785, #45865, #47085 - Patch by Raimon)
[Fix] Fix some ACP style issues. (Bug #16109 - Patch by prototech)
[Fix] Move post bump information markup to the template. (Bug #34295)
[Fix] Show error in the ACP when template folder is not readable. (Bug #45705)
[Fix] Adjust viewonline filename regular expression to be less strict. (Bug #46215)
[Fix] Correctly apply the "can change vote" permission again. Regression introduced in r9470. (Bug #45895)
[Fix] Remove data from friend/foe table when deleting user. (Bug #45345)
[Fix] Correctly hide skiplink in prosilver right-to-left mode. (Bug #45765 - Patch by prototech and bantu)
[Fix] Fix dynamic config update routine error if firebird is used. (Bug #46315)
[Fix] Allow friends/foes to be added and removed at the same time. (Bug #46255)
[Fix] Only change topic/post icon on edit if icons are enabled and user is allowed to use icons. (Bug #46355)
[Fix] Fix saving custom profile fields in ACP if Oracle is used. (Bug #46015)
[Fix] Make view_log() more resilient to corrupt serialized data. (Bug #46545)
[Fix] Show error if hostname lookup doesn't return a valid IP address when banning. (Bug #45585)
[Fix] Fix incorrect layout when loading private message draft. (Bug #38435 - Patch by nickvergessen)
[Fix] Show proper error message when trying to add bots to friends/foes list. (Bug #40205)
[Fix] Fixed database backup and restore with Oracle DBMS. (Bug #46715)
[Fix] Update attachments table when deleting user and retaining his posts. (Bug #40245)
[Fix] Correctly detect files in subfolders when viewing cached template files. (Bug #46145)
[Fix] Display user's jabber address in popup if jabber functionality is disabled. (Bug #20775)
[Fix] Correctly exclude forums from active topics list. (Bug #19135)
[Fix] Do not display banned users in birthday list. (Bug #20625)
[Fix] Fix function to recalculate nested sets. (Bug #41555 - Patch by EXreaction)
[Fix] Display but also highlight already used rank images while assigning new ranks. (Bug #22665)
[Fix] Correctly orientate quoted text image on RTL languages. (Bug #33745)
[Fix] Do not display "View user notes" and "Warn user" links in user profile if corresponding MCP modules are disabled. (Bug #10519)
[Fix] Show proper error message when trying to create a private messages folder with an empty name. (Bug #39875)
[Fix] No longer state that it is possible to manage group leaders from the UCP. (Bug #19945)
[Fix] Do not throw an error when PDO is a shared module and not loaded preventing SQLite from being loaded.
[Fix] Fix censoring of unicode words. (Bug #16555)
[Fix] Display coloured usernames in ACP groups management screens.
[Fix] Correctly describe founder permissions on trace-information. (Bug #37235)
[Fix] Correct the width value for poll_center.gif omitted in imageset.cfg for subsilver2. (Bug #43005)
[Fix] Correctly load complex language variable using acp_language. (Bug #45735 - Patch by leviatan21)
[Fix] Fix reapply_sid() to correctly strip session id in certain circumstances. (Bug #43125 - Patch by leviatan21)
[Fix] Correctly state why one language pack is marked with an asterisk in the ACP. (Bug #37565)
[Fix] Correctly check if install directory is still present. (Bug #46965)
[Fix] Correct banned user behaviour when "force password change" is enabled. (Bug #47145 - Patch by nickvergessen and leviatan21)
[Fix] Correctly display ACP logs options, without permission to clear logs. (Bug #24155 - Patch by leviatan21)
[Fix] Display topic icons in MCP forum view again (only prosilver).
[Fix] Properly display post status messages in topic when post is reported and unapproved (Bug #44455 - Patch by leviatan21)
[Fix] Do not remove recipients when loading private message draft. (Bug #38395)
[Fix] Add author name to moderator log when deleting post/topic. (Bug #46225)
[Fix] Fix broken "Report details" link in the MCP. (Bug #46975)
[Fix] Resolve accesskey conflicts in prosilver. (Bug #44685)
[Fix] Check if template file is empty before trying to read from it. (Bug #47345)
[Fix] More descriptive descriptions for permissions to use BBCode, smilies, images and flash. (Bug #36065)
[Fix] Fix style issues in print mode. (Bug #26375 - Patch by leviatan21)
[Fix] Fix minor issue with L_QUOTE language string missing in several PM composing modes. (Bug #39625)
[Fix] Also fetch posts of guests and deleted or deactivated users while searching for author names. (Bug #36565, #47765)
[Fix] Show end of ban in MCP and ACP when user is banned by duration. (Bug #47815 - Patch by Pyramide)
[Fix] Correctly count posts awaiting approval in the MCP. (Bug #47685)
[Fix] Display user's posts count in private message when it is equal to 0 (prosilver). (Bug #40155)
[Fix] Only allow users to disable word censor if globally allowed. (Bug #47575 - Patch by 00mohgta7)
[Fix] Fix database updater and db tools to support multiple column changes/additions/removals with SQLite.
[Fix] Correctly detect GZIP status in debug mode. (Bug #24075)
[Fix] Posting smilies in view more smilies screen now works again in IE. (Bug #46025 - Patch by leviatan21)
[Fix] Properly convert and show filesize information. (Bug #47775)
[Fix] Add ability to prune users who never logged in. (Bug #44295)
[Fix] Show smilies and images in topic print view. (Bug #47265)
[Fix] Force full date in private message print view.
[Fix] Fix "Always show a scrollbar for short pages" for IE8 and Firefox 3.5. (Bug #47865 - Patch by stokerpiller)
[Fix] Do not allow setting group as default group for pending users. (Bug #45675)
[Fix] Fail gracefully if store folder is not writable during update. (Bugs #46615, #46945)
[Fix] Hide profile-icon from viewtopic page if user has no permissions (subsilver2 only). (Bug #37635 - Patch by leviatan21)
[Fix] Correct escaping/unescaping in the LDAP authentication plugin. (Bug #48175)
[Fix] Add hard limit for smilies.
[Fix] Remove redundant SQL query from ucp.php. (Bug #40305)
[Fix] Reorder frame order of animated subsilver2 topic icons to be useful when animations are disabled. (Bug #29385 - Patch by prototech)
[Fix] Ensure user errors are displayed regardless of PHP settings. (Bug #47505)
[Fix] Permit null values for non-required integer custom profile fields and ensure zero complies with the range limits. (Bug #40925)
[Fix] Allow changing forum from select box under certain circumstances. (Bug #37525)
[Fix] Display required fields notice on registration above the custom profile fields. (Bug #39665)
[Fix] Copy poll options properly when copying topic. (Bug #39065)
[Fix] Fix error with disapproval of topics having several queued posts only. (Bug #47705)
[Fix] Preserve newlines in template files (one newline had been always dropped after a template variable due to PHP's handling of closing tags).
[Fix] Be less strict with FTP daemons for getting directory filelists. (Bug #46295)
[Fix] Fix set_custom_template for database-stored styles. (Bug #40515)
[Fix] Banning an already banned user states to be successful, but has no effect. (Bug #47825 - Patch by Pyramide)
[Fix] Do not add style parameter again to URL after admin re-authentification. (Bug #18005 - Patch by leviatan21)
[Fix] Do not cut post-message in between HTML-Entities on search.php. (Bug #31505 - Patch by leviatan21)
[Fix] Correctly set attachment flag for topics, posts and pms after deleting attachments. (Bug #48265 - Patch by MarcoDM and nickvergessen)
[Fix] Display "Locked" button instead of "Reply" one for locked forum in viewtopic (prosilver). (Bug #38055 - Patch by Raimon)
[Fix] Correctly propagate umlauts over search result pages. (Bug #33755)
[Fix] Preserve post options when refusing to save the post as a draft. (Bug #39115)
[Fix] Do not send private message back to sender if sender is in the same group the private message was sent to.
[Fix] Correctly add user to a group making it a default one. (Bug #48345)
[Fix] Add log entry when copying forum permissions.
[Fix] Min/max characters per posts no longer affects poll options. (Bug #47295)
[Fix] Correctly log action when users request to join a group. (Bug #37585)
[Fix] Do not try to create thumbnails for images we cannot open properly. (Bug #48695)
[Fix] Apply locale-independent basename() to attachment filenames. New function added: utf8_basename(). (Bug #43335 - Patch by ocean=Yohsuke)
[Fix] Adjust build_url() to not prepend $phpbb_root_path if path returned from redirect() is an URL. This fixes redirect issues with some installations and bridges. (Bug #47535)
[Fix] Do not mark global announcements as read if all topics in a forum become read (Bug #15729).
[Fix] Fix general error in registration, caused by an undefined $config variable in validate_referer(). (Bug #49035 - Patch by wjvriend)
[Fix] Correctly extract column default value when exporting PostgreSQL tables. (Bug #48955)
[Fix] Allow updater to work correctly with PHP filename extensions other than ".php". (Bugs #15809, #49215)
[Fix] Update search index if only post subject changed. (Bug #49435)
[Fix] Fix who is online displaying incorrect data. (Bug #49485, thanks Brainy)
[Fix] Fixed incorrect "topic does not exist" if unapproved posts were visited without global moderator permissions. (Bug #47795)
[Fix] Prevent style switcher from blocking the tab key. (Bug #49335)
[Fix] Correctly redirect back to MCP main page after posts approval/disapproval from it. (Bug #49625)
[Fix] Do not display topic approval status image for shadow topic if a user is not a moderator in the forum the topic has been moved to. (Bug #43295)
[Fix] Fix email problems on servers with PHP installations not accepting RFC-compliant subject string passed to the mail()-function. (Bug #46725)
[Fix] Correctly orientate control panel navigation background-image on RTL languages. (Bug #49945)
[Fix] Sort private messages by message time and not message id. (Bug #50015)
[Fix] Make sure only logs for existing users are displayed and user-specific logs removed on user deletion. (Bug #49855)
[Fix] Only show "Add friend" and "Add foe" links if the specific module is enabled. (Bug #50475)
[Fix] Correctly display list items in forum description in prosilver and administration. (Bug #48055 - Patch by leviatan21)
[Fix] Only embed cron.php if there is no cron lock present to reduce overhead. (Bug #45725 - Patch by TerryE)
[Fix] Add header gradient back into subsilver2 but keep site logo easily replaceable with smaller and bigger ones. (Bug #11142 - Patch by dark/Rain and Raimon)
[Fix] Send activation email when activating user from user settings. (Bug #43145)
[Fix] Do not show resend activation email link when using admin activation. (Bug #44375 - Patch by bbrunnrman)
[Fix] Do not display links to user/post search if search is disabled. (Bug #50685 - Patch by HardStyle)
[Fix] Fix icon alignment for forums with large descriptions in subsilver2. (Bug #50445)
[Fix] Correctly display underlined links placed in last line in viewtopic. (Bug #14811 - Patch by primehalo)
[Fix] Only check whether forum image exists if forum image is specified. (Bug #51905)
[Fix] Fixed database updater for changes to columns having default value in MSSQL (adding/dropping constraints).
[Fix] Jabber SASL PLAIN authentication failures. (Bug #52995)
[Fix] Check sort options on memberlist to avoid a general error. (Bug #53655)
[Fix] Fix sql error in cache_moderators() if using postgresql. (Bug #53765)
[Change] Database updater now supports checking for existing/missing indexes.
[Change] submit_post() now accepts force_approved_state key passed to $data to indicate new posts being approved (true) or unapproved (false).
[Change] Change the data format of the default file ACM to be more secure from tampering and have better performance.
[Change] Template engine now permits variable includes to a limited extent.
[Change] Quote BBCode no longer requires the f_reply permission. (Bug #16079)
[Change] Banning/unbanning users now generates an entry in their user notes. (Bug #21825)
[Change] Smilies no longer require the f_bbcode permission. (Bug #26545)
[Change] Ability to define column split in FAQ/BBCode help. (Bug #31405)
[Change] Changed behaviour of group_create() function to support specifying additional group columns.
[Change] Hide avatar when avatar-type is not allowed. (Bug #46785 - Patch by cYbercOsmOnauT and nickvergessen)
[Change] INCLUDEPHP paths are now relative to $phpbb_root_path. (Bug #45805)
[Change] Ability to fetch moderators with get_moderators() even if load_moderators setting is off. (Bug #35955)
[Change] "Post details" links with image in MCP. (Bug #39845 - Patch by leviatan21)
[Change] PM history now only shows PMs of users you currently reply to. (Bug #39505)
[Change] Show quote button for own PMs in PM history. (Bug #37285)
[Change] Fetch requested cookie variables directly from cookie super global. (Bug #47785)
[Change] Add confirmation for deactivating styles. (Bug #14304 - Patch by leviatan21)
[Change] Add confirmation for deactivating language packs. (Patch by leviatan21)
[Change] Add confirmation for deleting permissions. (Bug #13673)
[Change] Add pagination for icons and smilies in the ACP and smilies in the smiley popup.
[Change] Cache get_username_string() function calls on viewtopic.
[Change] Cache version check.
[Change] When creating a new forum without copying permissions, ask again.
[Change] Introduce new parameter to page_header() for forum specific who is online listings.
[Change] Changed minimum requirement for Firebird DBMS from 2.0+ to 2.1+.
[Change] Unapproved topics can no longer be replied to. (Bug #44005, #47675, #23605)
[Change] Require user to be registered and logged in to search for unread posts if topic read tracking is disabled for guests. (Bug #49525)
[Change] Allow three-digit hex notation in color BBcode. (Bug #39965 - Patch by m0rpha)
[Change] Simplified login_box() and redirection after login. S_LOGIN_ACTION can now be used on every page. (Bug #50285)
[Change] Do not take edit post time into account for determining permission to delete last post in topic. (Bug #48615)
[Change] Resize oversized topic icons. (Bug #44415)
[Change] Banned IPs are now sorted. (Bug #43045 - Patch by DavidIQ)
[Change] phpBB updater now skips sole whitespace/tab changes while computing differences. This reduces the chance of conflicts tremendously.
[Change] phpBB updater now solves common conflicts on its own. This further reduces the chance of conflicts.
[Feature] Add language selection to the registration terms page. (Bug #15085 - Patch by leviatan21)
[Feature] Backported 3.2 captcha plugins:
- Classic and GD CAPTCHA
- reCaptcha (based on API from recaptcha.net by Mike Crawford and Ben Maurer)
- Q&A CAPTCHA
- 3D Wave (by Robert "Xore" Hetzler)
[Feature] Introduced new ACM (Cache) plugins:
- null (to disable caching completely)
- memcache
- APC
- XCache
- eAccelerator
[Feature] ATOM Feeds (Idea from RSS Feed 2.0 MOD (Version 1.0.8/9) by leviatan21)
[Feature] New groups option to excempt group leaders from group permissions.
[Feature] New "Newly Registered Users" group for assigning permissions to newly registered users. They will be removed from this group once they reach a defineable amount of posts.
[Feature] Ability to define if the "Newly Registered Users" group will be assigned as the default group to newly registered users.
[Feature] Add new option to disable avatars board-wide. (Bug #46785 - Patch by cYbercOsmOnauT and nickvergessen)
[Feature] Enhance obtain_users_online_string to be able to return user-lists for other session items. (Bug #31975)
[Feature] Add unapproved topic icon for moderators on forum list. (Bug #46865)
[Feature] Ability to define minimum number of characters for posts/pms.
[Feature] Store signature configuration options in database. (Bug #45115)
[Feature] Add bare-bones quick-reply editor to viewtopic.
[Feature] Detect if a post has been altered by someone else while editing.
[Feature] Add unread posts quick search option. (Bug #46765)
[Feature] Add option to disable avatar uploads from remote locations. (Bug #45375)
[Feature] Ability to delete warnings and keep warnings permanently. (Bug #43375)
[Feature] Ability to empty a user's outbox from the user ACP quick tools.
[Feature] Ability to search ACP/MCP logs.
[Feature] Users can report PMs to moderators which are then visible in a new MCP module.
[Feature] Parse email text files with the template engine.
[Feature] Use email-style quoting when bbcodes are disabled.
[Feature] Added new functionality to inactive users module:
- Ability to set users per page.
- Ability to sort by posts/number of reminders/last reminded date.
- Show number of posts and ability to search posts.
- Show number of reminders sent to user.
- Show date of last reminder sent to user.
[Feature] Display version check on ACP main page.
[Feature] Ability to copy permissions from one forum to several other forums.
[Feature] Ability to control the display of custom profile fields on viewtopic. (Bug #48985)
[Feature] Fallback options for missing language files. (Bug #38575 - Patch by EXreaction)
[Feature] Separate "PM Reply" and "PM Reply to all" in prosilver.
[Feature] Place debug notices during captcha rendering in the error log - useful for debugging output already started errors.
[Feature] Ability to define constant PHPBB_USE_BOARD_URL_PATH to use board url for images/avatars/ranks/imageset (useful for bridges and applications using phpBB).
[Feature] Added function to generate email hash. (Bug #49195)
[Feature] Style authors are now able to define the default submit button used for form submission on ENTER keypress on forms using more than one submit button. Prosilver uses this for the posting page(s) and registration screen.
[Feature] Ability to specify amount of time user is able to delete his last post in topic.
[Feature] Send anonymous statistical information to phpBB on installation and update (optional).

1.ix. Changes since 3.0.4

[Fix] Delete user entry from ban list table upon user deletion (Bug #40015 - Patch by TerraFrost)
[Fix] Posts incremented for multiple approval of the same topic (Bug #40495 - Patch by TerraFrost)
[Fix] Missing end " in quote bb tag deletes text (Bug #40565 - Patch by TerraFrost)
[Fix] Friend/foe system displays posts made by foes while composing (Bug #40325 - Patch by TerraFrost and Highway of Life)
[Fix] Check forum_image whether it exists (Bug #39005 - Patch by TerraFrost)
[Fix] The sql query in acp_users.php lacks a condition (Bug #40275 - Patch by grimskies)
[Fix] Added missing read permission information for some phpbb_chmod() calls
[Fix] Correctly display future dates (Bug #38755)
[Fix] Fix guest/bot session problems with apache authentication plugin (Bug #41085)
[Fix] Whois now works reliably for RIRs other than APNIC and RIPE. (Bug #40085)
[Fix] Correctly convert Niels' Birthday MOD to the date format used in phpBB3. (Bug #32895)
[Fix] Changed the success message when requesting a new password to be more accurate. (Bug #41405)
[Fix] Add missing anti-abuse email headers to acp_inactive.php and ucp_resend.php.
[Fix] Only remind users in the correct inactive states depending on the board account activation level.
[Fix] Various XHTML mistakes in prosilver, subsilver2 and the ACP. (Bugs #41745, #42265 - Patch by nickvergessen, #38465, #43015, #46585 - Patch by Raimon)
[Fix] Log password changes via password reset function. (Bug #41365)
[Fix] Poll, negative durations generate error (Bug #41295 - Patch by TerraFrost)
[Fix] Visibility of custom field on registration is incorrectly controlled by setting "display" (Bug #41385 - Patch by Eelke and fade2gray)
[Fix] Smilies in username are misparsed on [quote=""] (Bug #41955 - Patch by TerraFrost)
[Fix] Deleting all posts in a topic - bad redirect (Bug #41705 - Patch by TerraFrost)
[Fix] Deleted users still appear logged in (Bug #41985 - Patch by TerraFrost)
[Fix] Removed redundant code and unnecessary queries in forum management. (Bug #42265 - Patch by nickvergessen)
[Fix] Correct mbstring regular expression for the allowable username characters, only affects USERNAME_LETTER_NUM_SPACERS. (Bug #42325)
[Fix] Fix infinite loop in message handler if cache directory is not writable. (Bug #38675)
[Fix] While post is awaiting approval it can still be edited even though it can not be seen (Bug #41435 - Patch by TerraFrost)
[Fix] Fix imageset editing for retaining and correctly setting dimensions for images, as well as displaying correct settings for first page load.
[Fix] Use OS-specific line endings for mail headers. (related to Bug #42755)
[Fix] Hide font size options which are bigger than the allowed size in the editor. (Bug #42615 - Patch by nickvergessen)
[Fix] Better thumbnail quality with imagemagick. (Bug #42565)
[Fix] Fix download count increments for image attachments without corresponding thumbnails. (Bug #42505)
[Fix] Fix wrong bot ip check if bot ip was wrongly entered by admin. (Bug #42485)
[Fix] Fix javascript errors in simple header (prosilver) by adding forum_fn.js and the corresponding variables. (Bug #42135)
[Fix] Set connection encoding for MySQL versions 4.1.0 to 4.1.2. This may fix some conversion issues with special characters. (Bug #41805)
[Fix] Deleting private message attachments could delete post attachments. (Bug #42815)
[Fix] Do not suppress PHP notices/errors in language packs if DEBUG_EXTRA mode enabled. (Bug #41485)
[Fix] Flash files do not display anymore after update to flash player 10 (Bug #41315)
[Fix] Use FQDN for SMTP EHLO/HELO command. (Bug #41025)
[Fix] Mass Email works again for users with empty jabber address but notification set to 'both'. (Bug #39755)
[Fix] Fix race condition for updating post/topic/etc. counter. (Reported by BartVB)
[Fix] Fix duplicate creation of acl options in acl_add_options() under certain conditions. (Bug #38385, #40225)
[Fix] Cancel when replying to global announcement redirects to first forum - not to the current forum (Bug #41225 - Patch by TerraFrost)
[Fix] Cursor Jumps on New Topic in IE (Bug #42455 - Patch by TerraFrost)
[Fix] Add indicator to be used in code if session was created (user visits the site for the first time).
[Fix] Correctly count topic views for guests visiting the website the first time by entering the topic directly (Bug #43445)
[Fix] Fix bug in postgresql db layer for LIMIT ALL clauses (Reported by JRSweets)
[Fix] Sort backups by date, newest first (Bug #14818)
[Fix] Prevent incomplete backups stored if option "store and download" is selected and admin cancel download by removing the option. (Bug #20325)
[Fix] Enforce correct case for template variables
[Fix] Set topic_last_view_time on post/reply/edit to circumvent race conditions in auto prune and false removal of topics for manual forum prune (Bug #18055, #43515)
[Fix] Correctly split long subject lines according to the used RFC. This fixes extra spaces within long subjects. (Bug #43715)
[Fix] Fix skipping messages if using next/prev PM in history links. (Bug #22205)
[Fix] Messenger now also able to use a custom language path. (Bug #36545)
[Fix] PM Export uses ISO 8601 date now. (Bug #32645)
[Fix] Apply append_sid() to newest/latest post links in viewforum/search and UCP main module. (Bug #26815)
[Fix] Do not create thumbnail if thumbnail would've the same size as the original image. (Bug #30725)
[Fix] Ability to vote in poll is now required for the ability to change existing vote. (Bug #38925)
[Fix] Search for 'topic title only' and 'first post' should work again for non-mysql dbms. (Bug #40605)
[Fix] Make sure additional information for accessibility is always exposed to screen readers (Bug #44335 - Patch by MarcoZ)
[Fix] Approving a topic when some of the posts within that topic have already been approved (Bug #42585 - Patch by TerraFrost)
[Fix] Online status shown when post hidden (Bug #35505 - Patch by Raimon)
[Fix] memberlist.php display formating can be distorted by posting long URL for website (Bug #36675 - Patch by TerraFrost)
[Fix] Display the online status of hidden users to users with the u_viewonline permission when viewing PMs.
[Fix] "Select all" selects much too much in Opera (Bug #42885 - Patch by TerraFrost and ToonArmy)
[Fix] Correct calculation of source/target forum statistics if mass moving topics with global announcements (Bug #44545)
[Fix] Fix column handling in db updater, custom profile fields an db tools for firebird DBMS (Bug #44555)
[Fix] IE8 textarea issues (Bug #43305)
[Fix] Prevent accounts from being activated by users when admin activation is turned on and the correct activation key is known.
[Fix] Allow the installer to operate under PHP 5.3. (Bug #45255)
[Change] Default difference view is now 'inline' instead of 'side by side'
[Change] Added new option for merging differences to conflicting files in automatic updater
[Change] Add link to user profile in the MCP for user notes and warn user.
[Change] Add IN_PHPBB check to generated cache files. (Reported by bantu)
[Change] Add topic icons to prosilver UCP main and subscribed templates (Bug #42735 - Patch by Raimon)
[Change] Add unique key to ACL options table to prevent duplicate permission options. (Bug #41835)
[Change] Redirect to relevant MCP page of multi-page topic if accessing quickmod tools (Split option for example)
[Change] Performance improvements for native fulltext search (Patch by Paul)
[Change] Changed jumpto() JS function to be more fail-safe. (But #27635 - Patch by peterkclee)
[Feature] Added new options for visual confirmation.
[Feature] Allow download of conflicting file for later reference in automatic updater
[Feature] Allow translation of custom BBCode help messages. (Patch by bantu)
[Feature] db_tools now support create table and drop table.
[Feature] Database updater checks for incompatible db schema (MySQL 3.x/4.x against MySQL 4.1.x/5.x/6.x)
[Feature] New search option: Maximum number of words allowed to search for.
[Sec] Only use forum id supplied for posting if global announcement detected. (Reported by nickvergessen)

1.x. Changes since 3.0.3

[Fix] Allow mixed-case template directories to be inherited (Bug #36725)
[Fix] Regression bug from revision #8908 regarding log display in ACP
[Fix] Allow the UCP group management to work for groups with avatars. (Bug #37375)
[Fix] Fix header list build for replying oldest PM in PM history (Bug #37275)
[Fix] Do not display COPPA group in memberlist find member dialog if COPPA disabled (Bug #37175)
[Fix] Do not try to send jabber notifications if no jid entered (Bug #36775)
[Fix] Only display special ranks to guests; no longer display normal ranks for guests (Bug #36735)
[Fix] Properly treat punctuation marks after local urls (Bug #37055)
[Fix] Make searching for members by YIM address work in prosilver
[Fix] Tell users to recreate the search index after changing the common word threshold for fulltext_native (Bug #36345)
[Fix] Adjusted phpbb_chmod() to always set permissions for group bit.
[Fix] Do not increment users post count after post approval if post had been posted in a forum with no post count increasing set (Bug #37865)
[Fix] Extend vertical line for last post column if no posts in forum (Bug #37125)
[Fix] correctly update last topic/forum information if changing guest usernames through editing posts (Bug #38095)
[Fix] fix postcount resync for situations where low and high post ids are higher than step value, resulting in users having 0 posts. (Bug #38195)
[Fix] Use a left join for the topics table on search to avoid trouble with FROM syntax on some databases (Bug #37005)
[Fix] Do not show 'Forward' button if the user cannot send PM's
[Change] Alllow applications to set custom module inclusion path (idea by HoL)
[Change] Handle checking for duplicate usernames in chunks (Bug #17285 - Patch by A_Jelly_Doughnut)
[Change] Better handling and finer control for custom profile fields visibility options. (Patch by Highway of Life)
[Change] Performance increase for format_date() (Bug #37575 - Patch by BartVB)
[Change] Changed prosilver date separator from 'on' to '»'
[Change] Performance increase for get_username_string() (Bug #37545 - Patch by BartVB)
[Change] Slight performance increase for common parameter calls to append_sid() (Bug #37555 - Patch by BartVB)
[Feature] Added 'AGO' setting to relative date strings. For example: posted 14 minutes ago. (Patch by BartVB)
[Sec] Fixed an issue where deactivated accounts could be re-activated without the required privileges. (Reported by Jorick)
[Sec] Ask for forum password if post within passworded forum quoted in private message. (Reported by nickvergessen)

1.xi. Changes since 3.0.2

[Fix] Correctly set topic starter if first post in topic removed (Bug #30575 - Patch by blueray2048)
[Fix] Delete avatar files (Bug #29985).
[Fix] Preserve selection in the MCP. (Bug #31265).
[Fix] Added VST - Venezuela Standard Time (Bug #30545).
[Fix] Close DB connections in file.php.
[Fix] Correctly return results for nested cached queries (Bug #31445 - Patch by faw).
[Fix] Allow export of PM pages greater one. (#33155)
[Fix] Display coloured username of last poster in list of subscribed forums (prosilver).
[Fix] Added missing UCP language string NO_AUTH_READ_HOLD_MESSAGE.
[Fix] Do not jump back to page 1 when hiding member search in memberlist. (Bug #32515)
[Fix] Correctly limit input of the users location to 100 characters in the UCP and ACP. (Bug #32655)
[Fix] Sync reports when using the move all users posts tool in the ACP. (Bug #31165)
[Fix] Extra slash is included in the redirect url when redirecting to the forum root directory. (Bug #33605)
[Fix] Remove reported flag from shadow topics when closing reports. (Bug #19765)
[Fix] Do not show non indexed forums on the search page if they contain no subforums. (Bug #33125)
[Fix] Stop search bots incrementing topic views. (Bug #32675 - Patch by eviL<3)
[Fix] Use correct link for post author search. (Bug #32595)
[Fix] Do not decrease topics counter when deleting shadow topics. (Bug #26495)
[Fix] Send localised disapproval reasons in the recipients local language. (Bug #31645)
[Fix] Language typos/fixes. (Bugs #27625, #30755, #34185, #32795)
[Fix] Added missing terms parameter to search pagination. (Bug #34085)
[Fix] Wrong table order in query obtaining posts if post id given.
[Fix] Do not display reported topic icon for shadow topics. (Bug #13970)
[Fix] Display popular topic based on posts within topic instead of replies within topic. (Bug #16099)
[Fix] Expand shown ban reason in unban screen to fully show long entries. (Bug #16234)
[Fix] Preserve alpha transparency for created thumbnails. (Bug #16575)
[Fix] Use correct port delimiter for MSSQL connections in windows. (Bug #16615)
[Fix] Do not allow setting forums parent to the forum itself. (Bug #18855)
[Fix] Display assigned rank/avatar for guests. (Bug #19155)
[Fix] Set secure cookie for style switcher if required. (Bug #19625)
[Fix] Fix native full text search on postgresql while using excluding keyword matches. (Bug #19195)
[Fix] Pass S_SEARCH_ACTION through append_sid() in search.php. (Bug #21585)
[Fix] Correctly delete message attachments. (Bug #23755)
[Fix] Correctly handle unread status of subforums (that are not shown on the index) of forums that are shown on the index. (Bug #14589)
[Fix] Stop users from deleting posts after the edit time has passed or they have been locked. (Bug #19115)
[Fix] Split posts target forum requires 'f_post' now instead of 'm_split'. (Bug #31015)
[Fix] Duplicate log messages for deleting a topic ('LOG_TOPIC_DELETED' has been deprecated in favour of 'LOG_DELETE_TOPIC').
[Fix] Use a distinct log message for shadow topic deletions to differentiate between normal topic deletions. (Bug #34635)
[Fix] Fix problems with styles using an underscore within the filename. (Bug #34315)
[Fix] Better return links when deleting topics through the MCP. (Bug #34655)
[Fix] Add quoting support to PM history when composing a reply. (Bug #34285)
[Fix] Use phpBB 3.1.x method for storing cached data to prevent PHP bug with our usage of var_export(). (Thanks to Techie-Micheal and HoL for pointing out possible problems)
[Fix] Check users pm preferences for pm's sent to groups. (Bug #33245)
[Fix] Do not allow password reminders if u_passchg permission is not given. (Bug #14806)
[Fix] Implemented strict check for cached user permissions and existing ACL options. This fix makes sure cached permissions are valid, even if they got already cached.
[Fix] Do not show link to user/group profiles if user has no permission to view the linked page and gets a denied message anyway. (Bug #15088)
[Fix] Do not display last post link and sort display options for search engines. (Bug #15088)
[Fix] Make sure users still get notifications if they set to only be notified by Jabber, but Jabber service disabled. (Bug #29715 - Patch by Paul)
[Fix] Don't show forum subscription link on categories. (Bug #34895)
[Fix] Display a message if no topics or forums are selected when unsubscribing. (Bug #34855)
[Fix] Mark/unmark all links in UCP now select/unselect both subscribed topics and forums.
[Fix] Increase board topic counter when splitting topics. (Bug #32125)
[Fix] Display profile icons when viewing a topic, or PM when only the jabber icon is to be visible. (Bug #34755)
[Fix] Do not send PMs with warnings if the user cannot read PMs or they are disabled. (Bug #30815)
[Fix] Correctly convert Niels' Birthday MOD to the date format used in phpBB3. (Bug #32895)
[Fix] Parse BBCode lists of type square, circle and disc. (Bug #35295)
[Fix] Round the displayed percentages in polls. (Bug #32375)
[Fix] Disable mass e-mail when e-mail is disabled. (Bug #27385)
[Fix] Display coloured poster username of queued posts displayed on the front of the MCP.
[Fix] Moderators can only see reports/queue/logs from forums they can actually read. (Bug #31085)
[Fix] Correctly display topic when start parameter is equal to the number of posts.
[Fix] Correctly display topic in MCP when start parameter is equal to or greater than the number of posts. (Bug #30525)
[Change] No longer allow the direct use of MULTI_INSERT in sql_build_array. sql_multi_insert() must be used.
[Change] Display warning in ACP if config.php file is left writable.
[Change] More restrictive chmod to new files being created. (phpbb_chmod() function mostly by faw)
[Change] Set headers to allow browsers to better cache attachments (Mylek pointed this out)
[Change] Hide parameters if they equal the default in viewforum/viewtopic (Bug #31185)
[Change] Various improvements to group listings (Bugs #32155, #32145, #32085, #26675, #26265)
[Change] Set headers for IE 8 in file.php
[Change] Do not count queued posts to user_posts.
[Change] Allow setting birth year to current year.
[Change] Do not use the topics posted table when performing an egosearch.
[Change] Log the forum name that topics are moved into.
[Change] Automatically add users/groups to the PM recipient list, if entered or selected.
[Change] Reply to PM now includes all previous recipients and not only the original sender.
[Change] Make topic selection for merge less confusing by removing unneeded controls. (Bug #21925)
[Change] MCP topic view checkboxes now default to unchecked.
[Change] Adjust language key SPLIT_AFTER to make the action clearer.
[Change] Add links to the post and forum when viewing a report from the MCP. (Bugs #33795, #33805)
[Change] Added CSRF protection to GET-only actions like marking forums.
[Change] Remove NUL-Bytes directly in request_var() for strings and within the custom DBAL sql_escape() functions (MSSQL, Firebird, Oracle) (reported by AdhostMikeSw)
[Feature] Allow limited inheritance for template sets.
[Feature] Allow hard disabling of the template editor.
[Feature] Allow setting custom language path through $user->set_custom_lang_path(). $user->lang_path now also do not include the user language, but only the path.
[Feature] Ability to define nullar/singular/plural language entries
[Feature] Ability to mimic sprintf() calls with $user->lang() with the ability to correctly assign nullar/singular/plural language entries.
[Feature] Added the possibility to force user posts put in queue if post count is lower than an admin defined value. Guest posting is not affected by this setting.
[Feature] Added 'max_recipients' setting for private messages. This setting allows admins to define the maximum number of recipients per private message with a board-wide setting and a group-specific setting.
[Feature] Added new permission setting for sending private messages to groups. Now there are two permissions to define sending private messages to multiple recipients and private messages to groups.
[Feature] Allow specific connection to different server for jabber functionality by providing a valid JID as username. This also allows the use of talk.google.com as jabber server with gmail.com JIDs. (Bug #14989)
[Sec Precaution] Stricter validation of the HTTP_HOST header (Thanks to Techie-Micheal et al for pointing out possible issues in derived code)

1.xii. Changes since 3.0.1

[Fix] Ability to set permissions on non-mysql dbms (Bug #24955)
[Fix] Fixed blank style on setups having no username defined within config.php (Bug #25065)
[Fix] Made the compress_tar class tolerate archives that do not properly have their archived contents listed (Bug #14429 / thanks to JRSweets for his patch)
[Fix] Moved topics should not count towards the number of topics in a forum (Bug #14648 / thanks to Schumi for his patch)
[Fix] Properly check for invalid characters in MySQL DB prefixes during install (Bug #18775)
[Fix] Bring the PostgreSQL backup system back to working order (Bug #22385)
[Fix] Update correct theme for cached styles in style.php (Bug #25805)
[Fix] Also add PHPBB_INSTALLED check to download/file.php for inline avatar delivery
[Fix] Unable to login to some jabber server, reverted previous change (Bug #25095)
[Fix] Do not return BMP as valid image type for GD image manipulation (Bug #25925)
[Fix] Correctly determine safe mode for temp file creation in functions_upload.php (Bug #23525)
[Fix] Correctly sort by rank in memberlist (Bug #24435)
[Fix] Purge cache after database restore (Bug #24245)
[Fix] Correctly display subforum read/unread icons from RTL in FF3, Konqueror and Safari3+. (thanks arod-1 for the fix, related to Bug #14830)
[Fix] Added missing form token in acp (thanks NBBN).
[Fix] Do not remove whitespace in front of url containing the boards url and no relative path appended (Bug #27355)
[Fix] reset forum notifications in viewtopic (Bug #28025)
[Fix] corrected link for searching post author's other posts (Bug #26455)
[Fix] HTTP Authentication supports UTF-8 usernames now (Bug #21135)
[Fix] Topic searches by author no longer return invalid results (Bug #11777)
[Fix] Delete drafts and bookmarks when deleting an user. (#27585, thanks Schumi for the fix)
[Fix] Set last_post_subject for new topics. (#23945)
[Fix] Allow moving posts to invisible forums. (#27325)
[Fix] Don't allow promoting unapproved group members (#16124)
[Fix] Correctly fetch server name if using non-standard port (#27395)
[Fix] Regular expression for email matching in posts will no longer die on long words.
[Fix] Do not display ban message if direct call to cron. (thanks Dog Cow for reporting)
[Fix] Correctly display double-colon on special conditions within highlighted php source (Bug #26795)
[Fix] Increase storage capacity of titles/subjects due to specialchared content (Bug #25235)
[Fix] Catch invalid username wildcard ban (we do not support these) (Bug #29305)
[Fix] Fix (email)-domain checks for those having DNS prefixes set (Bug #29635)
[Change] Adjust truncate_string() to be able to adjust the maximum storage length.
[Change] Generalize load check (Bug #21255 / thanks to Xipher)
[Change] Make utf8_htmlspecialchars not pass its argument by reference (Bug #21885)
[Change] Sort the tables at the database table backup screen
[Change] For determining the maximum number of private messages in one box, use the biggest value from all groups the user is a member of (Bug #24665)
[Change] Show email ban reason on registration. Additionally allow custom errors properly returned if using validate_data(). (Bug #26885)
[Change] Don't allow redirects to different domains. (thanks nookieman)
[Feature] Added optional referer validation of POST requests as additional CSRF protection.
[Feature] Added optional stricter upload validation to avoid mime sniffing in addition to the safeguards provided by file.php. (thanks to Nicolas Grekas for compiling the list).
[Feature] Streamlined banning via the MCP by adding a ban link to the user profile. Also pre-fills ban fields as far as possible.
[Feature] Added ACP logout to reset an admin session.
[Sec] Only allow urls gone through redirect() being used within login_box(). (thanks nookieman)

1.xiii Changes since 3.0.0

[Change] Validate birthdays (Bug #15004)
[Fix] Allow correct avatar caching for CGI installations. (thanks wildbill)
[Fix] Fix disabling of word censor, now possible again
[Fix] Allow single quotes in db password to be stored within config.php in installer
[Fix] Correctly quote db password for re-display in installer (Bug #16695 / thanks to m313 for reporting too - #s17235)
[Fix] Correctly handle empty imageset entries (Bug #16865)
[Fix] Correctly check empty subjects/messages (Bug #17915)
[Change] Do not check usernames against word censor list. Disallowed usernames is already checked and word censor belong to posts. (Bug #17745)
[Fix] Additionally include non-postable forums for moderators forums shown within the teams list. (Bug #17265)
[Change] Sped up viewforum considerably (also goes towards mcp_forum)
[Fix] Do not split topic list for topics being promoted to announcements after been moved to another forum (Bug #18635)
[Fix] Allow editing usernames within database_update on username cleanup (Bug #18415)
[Fix] Fixing wrong sync() calls if moving all posts by a member in ACP (Bug #18385)
[Fix] Check entered imagemagick path for trailing slash (Bug #18205)
[Fix] Use proper title on index for new/unread posts (Bug #13101) - patch provided by Pyramide
[Fix] Allow calls to $user->set_cookie() define no cookie time for setting session cookies (Bug #18025)
[Fix] Stricter checks on smilie packs (Bug #19675)
[Fix] Gracefully return from cancelling pm drafts (Bug #19675)
[Fix] Possible login problems with IE7 if browser check is activated (Bug #20135)
[Fix] Fix possible database transaction errors if code returns on error and rollback happened (Bug #17025)
[Change] Allow numbers in permission names for modifications, as well as uppercase letters for the request_ part (Bug #20125)
[Fix] Use HTTP_HOST in favor of SERVER_NAME for determining server url for redirection and installation (Bug #19955)
[Fix] Removing s_watching_img from watch_topic_forum() function (Bug #20445)
[Fix] Changing order for post review if more than one post affected (Bug #15249)
[Fix] Language typos/fixes (Bug #20425, #15719, #15429, #14669, #13479, #20795, #21095, #21405, #21715, #21725, #21755, #21865, #15689)
[Fix] Style/Template fixes (Bug #20065, #19405, #19205, #15028, #14934, #14821, #14752, #14497, #13707, #14738, #19725)
[Fix] Tiny code fixes (Bug #20165, #20025, #19795, #14804)
[Fix] Prepend phpbb_root_path to ranks path for displaying ranks (Bug #19075)
[Fix] Allow forum notifications if topic notifications are disabled but forum notifications enabled (Bug #14765)
[Fix] Fixing realpath issues for provider returning the passed value instead of disabling it. This fixes issues with confirm boxes for those hosted on Network Solutions for example. (Bug #20435)
[Fix] Try to sort last active date on memberlist correctly at least on current page (Bug #18665)
[Fix] Handle generation of form tokens when maximum time is set to -1
[Fix] Correctly delete unapproved posts without deleting the topic (Bug #15120)
[Fix] Respect signature permissions in posting (Bug #16029)
[Fix] Users allowed to resign only from open and freely open groups (Bug #19355)
[Fix] Assign a last viewed date to converted topics (Bug #16565)
[Fix] Many minor and/or cosmetic fixes (Including, but not limited to: #21315, #18575, #18435, #21215)
[Feature] New option to hide the entire list of subforums on listforums
[Fix] Custom BBCode {EMAIL}-Token usage (Bug #21155)
[Fix] Do not rely on parameter returned by unlink() for verifying cache directory write permission (Bug #19565)
[Change] Use correct string for filesize (MiB instead of MB for example)
[Change] Remove left join for query used to retrieve already assigned users and groups within permission panel (Bug #20235)
[Fix] Correctly return sole whitespaces if used with BBCodes (Bug #19535)
[Fix] Quote bbcode parsing adding too much closing tags on special conditions (Bug #20735)
[Change] Added sanity checks to various ACP settings
[Change] Removed minimum form times
[Fix] Check topics_per_page value in acp_forums (Bug #15539)
[Fix] Custom profile fields with date type should be timezone independend (Bug #15003)
[Fix] Fixing some XHTML errors/warnings within the ACP (Bug #22875)
[Fix] Warnings if poll title/options exceed maximum characters per post (Bug #22865)
[Fix] Do not allow selecting non-authorized groups within memberlist by adjusting URL (Bug #22805 - patch provided by ToonArmy)
[Fix] Correctly specify "close report action" (Bug #22685)
[Fix] Display "empty password error" within the login box instead of issuing a general error (Bug #22525)
[Fix] Clean up who is online code in page_header (Bug #22715, thanks HighwayofLife)
[Fix] Pertain select single link on memberlist (Bug #23235 - patch provided by Schumi)
[Fix] Allow & and | in local part of email addresses (Bug #22995)
[Fix] Do not error out if php_uname function disabled / Authenticating on SMTP Server (Bug #22235 - patch by HoL)
[Fix] Correctly obtain to be ignored users within topic/forum notification (Bug #21795 - patch provided by dr.death)
[Fix] Correctly update board statistics for attaching orphaned files to existing posts (Bug #20185)
[Fix] Do not detect the board URL as a link twice in posts (Bug #19215)
[Fix] Set correct error reporting in style.php to avoid blank pages after CSS changes (Bug #23885)
[Fix] If pruning users based on last activity, do not include users never logged in before (Bug #18105)
[Sec] Only allow searching by email address in memberlist for users having the a_user permission (reported by evil<3)
[Sec] Limit private message attachments to be viewable only by the recipient(s)/sender (Report #s23535) - reported by AlleyKat
[Sec] Check for non-empty config.php within style.php (Report #s24575) - reported by bantu
[Fix] Find and display colliding usernames correctly when converting from one database to another (Bug #23925)

1.xiv. Changes since 3.0.RC8

[Fix] Cleaned usernames contain only single spaces, so "a_name" and "a__name" are treated as the same name (Bug #15634)
[Fix] Check "able to disable word censor" option while applying word censor on text (Bug #15974)
[Fix] Rollback changes on failed transaction if returning on sql error is set
[Fix] Call garbage_collection() within database updater to correctly close connections (affects Oracle for example)

1.xv. Changes since 3.0.RC7

[Fix] Fixed MSSQL related bug in the update system
[Fix] Display "Return to" links on unwritable forums (Bug #14824)
[Fix] Mitigating different realpath() handling between PHP versions (fixing confirm box redirects)
[Fix] Fix signature editing - ability to remove signature (Bug #14820)
[Fix] Send correct activation key by forcing reactivation for inactive user (Bug #14819)
[Fix] Adding correct IP for private messages sent by issuing warnings (Bug #14781)
[Fix] Open private message notification (Bug #14773)
[Fix] Fixing false new private message indicator (Bug #14627)
[Fix] Let newly activated passwords work if users were converted (Bug #14787)
[Fix] Quote bbcode fixes. Letting parse quote="[" and re-allowing whitelisted bbcodes within username portion (Bug #14770)
[Fix] Allow alternative text for styled buttons if images turned off, but CSS staying on
[Sec] Fix bbcode helpline display for custom bbcodes - this requires style changes for any custom style (Bug #14850)
[Fix] Correctly count announcements when filtering forums by date (Bug #14877)
[Fix] Allow charset names containing underscores or spaces
[Fix] Don't allow previous/next links for non-existing topics (Bug #15039)
[Change] Do not assign converted votes to the first option in a vote.
[Fix] Use correct RFC 2822 date format in emails (Bug #15042)
[Fix] Require founder status for some actions on founder-only groups (Bug #15119)
[Fix] Allow changing the "now" option of date CPFs (Bug #15111)
[Change] Some improvements to the caching of avatars
[Change] Set template recompilation to be disabled by default. All mod and style authors and all those who want to modify their styles should enabled it after installation.
[Change] Disable debug mode. All mod and style authors should enable DEBUG and DEBUG_EXTRA.
[Fix] Check error reporting level for all error level. This fixes a problem for hosts having manipulated the error handler. (Bug #14831)
[Feature] Constant PHPBB_DB_NEW_LINK introduced which can be used to force phpBB to create a new database connection instead of reusing an existing one if the dbms supports it (Bug #14927)
[Fix] Automatic URL parsing no longer allows dots in the schema but can parse URLs starting after a dot (Bug #15110)
[Fix] Dynamic width for birthday select boxes (Bug #15149)
[Fix] Recache Moderators when copying permissions. (Bug #15384)
[Fix] Propagate sort options in mcp_forums (Bug #15464)
[Change] Do not allow [size=0] bbcodes (font-size of 0)
[Fix] No duplication of active topics (Bug #15474)

1.xvi. Changes since 3.0.RC6

[Fix] Submitting language changes using acp_language (Bug #14736)
[Fix] Fixed wrong bbcode handling for forum rules, forum descriptions and group descriptions
[Fix] Fixed faulty form tokens (Bug #14725, #14762 and #14755)
[Fix] Fixed bbcode uid generation in the phpBB2 converter (Bug #14722)
[Fix] Able to request new password (Bug #14743)

1.xvii. Changes since 3.0.RC5

[Feature] Removing constant PHPBB_EMBEDDED in favor of using an exit_handler(); the constant was meant to achive this more or less.
[Feature] Constant PHPBB_ADMIN_PATH introduced, having the same purpose as PHPBB_ROOT_PATH, but for the ACP.
[Fix] Further fixing user profile view (please do not forget to update/refresh your template and style) (Bug #14230)
[Fix] Adjust google adsense bot information (Bug #14296)
[Fix] Fix horizontal scrollbar problem in IE6 (Bug #14228) - fix provided by Danny-dev
[Fix] Use correct size values in ACP user signature screen (Bug #13367)
[Fix] Attachment Place inline won't work with single quotes (Bug #14291)
[Fix] Unable to save email templates through ACP language page (Bug #14266)
[Fix] Correctly set user style for guest user (able to be changed within user management)
[Change] Moved note about dns_get_record function for using GTalk (Jabber) from Jabber log to Jabber ACP panel
[Fix] Do not use register_shutdown_function within cron.php if handling the queue and the mail function being used (Bug #14321)
[Fix] Fixing private message on-hold code if moving messages into folder based on rules (Bug #14309)
[Fix] Allow the merge selection screen to work (Bug #14363)
[Change] Require additional permissions for copying permission when editing forums
[Fix] Local magic URLs no longer get an additional trailing slash (Bug #14362)
[Fix] Do not let the cron script stale for one hour if register_shutdown_function is not able to be called (Bug #14436)
[Feature] Added /includes/db/db_tools.php file, which includes tools for handling cross-db actions such as altering columns, etc.
[Change] Reset the start parameter when the timeframe is changed in the mcp topic page (Ticket #14438)
[Change] Added Code for cleaning the confirm table to the session garbage collection
[Fix] Fixed token handling in jabber class for extremely spec-compliant XMPP server (Bug #14445)
[Fix] Disallowed galleries from using special characters (Bug #14466)
[Change] Listing the board url within the email text instead of appending it to the subject (Bug #14378)
[Fix] Always display the quote button as the most accessible one (this means edit is before quote in prosilver due to the way we lay out profiles)
[Fix] Use correct dimension (width x height) in ACP (Bug #14452)
[Fix] Only display PM history links if there are PM's to be displayed (Bug #14484)
[Feature] Added completely new hook system to allow better application/mod integration - see docs/hook_system.html
[Fix] Correctly delete excess poll options (Bug #14566)
[Fix] Allow names evaluating to false for poll options
[Change] use in-build functions for user online list (Bug #14596) - provided by rxu
[Fix] Fixing google cache display problems with Firefox (Bug #14472) - patch provided by Raimon
[Fix] Prevent topic unlocking if locked by someone else while posting (Bug #10307)
[Change] Allow years in future be selected for date custom profile field (Bug #14519)
[Fix] Don't display "Avatars Disabled" message on edit groups in UCP (Bug #14636)
[Change] Require confirm for deleting inactive users. (Bug #14641)
[Fix] Match custom BBCodes in the same way during first and second pass - patch provided by IBBoard (Bug #14268)
[Fix] Correct quote parsing if opening bracket before opening quote (Bug #14667)
[Fix] Clean post message for checking length to prevent posting empty messages
[Fix] Display jumpbox if needed for functionality (Bug #14702)
[Feature] Added an option to enforce that users spend a configurable amount of time on the terms page during registration
[Fix] Fixed copy permissions box in the ACP
[Fix] Enforce types for the user table during conversions
[Sec] Fixing possible XSS through compromised WHOIS server (#i63, #i64)
[Sec] Missing access control on whois in viewonline.php (#i51)
[Sec] Encoding some variables within user::page array correctly (to cope with browser not doing it correctly) to prevent XSS through functions re-using them (#i61)
[Sec] Fixed XSS through memberlist search feature (#i62)
[Sec] Fixed XSS through colour swatch (#i65)
[Sec] Fixed insecure attachment deletion (#i53)
[Sec] Only allow whitelisted protocols in meta_redirect/redirect (#i66)
[Sec] Check file names to be written in language management panel (#i52)
[Sec] Deregister globals if ini_get has been disabled (#i112)
[Sec] Added form tokens to most forms to enforce a lighter variant of CSRF protection (#i91 - #i96)
[Sec] Use new password hash method for forum passwords (#i43)
[Sec] Changed download file location to prevent flash crossdomain policies taking effect (#i8)
[Sec] Do not allow autocompletion for password on admin re-authentication (#i41)
[Sec] Made sure users are not completely locked out if they have a GLOBALS cookie (#i101)
[Sec] Use the secure hash to generate BBCODE_UIDs (#i71)
[Sec] Increase the length of BBCODE_UIDs (#i72)
[Sec] New password hashing mechanism for storing passwords (#i42)

1.xviii. Changes since 3.0.RC4

[Fix] MySQL, PostgreSQL and SQLite related database fixes (Bug #13862)
[Fix] Allow MS SQL to properly connect when using the mssql driver and PHP is less than either 4.4.1 or 5.1 (Bug #13874)
[Fix] Ignore files containing HTML special chars in the filenames as gallery avatars (Bug #13906)
[Fix] Multiple PM recipients not separated (Bug #13876)
[Change] Split the select list for the smilie order to clarify which are feasible and which are not (Bug #13911)
[Fix] Convert empty homepage fields (Bug #13917)
[Fix] Use board default DST setting on creating new profiles (Bug #11563)
[Feature] New constant PHPBB_EMBEDDED can be used to let phpBB not call exit; if wrapped/embedded (We may re-check this constant on other code locations later too)
[Feature] append_sid() having a check for the function append_sid_phpbb_hook(). This function is called in favour of append_sid() with the exact same parameters if present.
[Fix] Only list enabled modes within the dropdown at user administration (Bug #13883) - patch provided by damnian
[Fix] Properly display ban reason if selecting banned entries within the ACP (Bug #13896)
[Fix] Properly parse SQL expressions for Oracle (Bug #13916)
[Fix] Added label bindings to the custom profile fields in the ACP (Bug #13936) - patch provided by damnian
[Change] Made group avatar/rank changes more intuitive
[Fix] Give more feedback in icon/smilie management (Bug #13295)
[Fix] Correctly set user::lang_id (Bug #14010)
[Fix] Properly display the smiley export screen (Bug #13968)
[Feature] Add "DECIMAL:", "PDECIMAL", and "PDECIMAL:" to the schema creation code (Bug #13999) - patch provided by poyntesm
[Fix] Don't show the notify checkbox in the approval queue if the only posts are written by ANONYMOUS (Bug #13973)
[Fix] Redirect to bots management page on edit/add (Bug #14073)
[Fix] Display locked icon in viewforum/prosilver if forum locked (Bug #14009)
[Feature] Display message history in compose PM screen
[Change] Do not force login on visiting topic/forum from notification emails (Bug #13818)
[Fix] Fixed cron_lock value for cron execution. This bug led to users having problems with the email queue and other cron related issues.
[Fix] Prevent white pages on php notices with gzip compression enabled (Bug #14096)
[Fix] Propagate the cleaned identifier for CFPs (Bug #14072)
[Fix] Do not display NO_TOPICS message if viewing non-postable category (Bug #13489)
[Fix] Let the theme immediately expire if changed from ACP for at least 30 minutes after change
[Fix] Do not append hilit= in search if highlighting term is empty (Bug #13910)
[Fix] Return to last page after voting in viewtopic instead of first page in topic (Bug #13976)
[Fix] If sending PM's to groups only include activated member (Bug #14040)
[Fix] Correctly wrap words in emails containing utf8 characters (Bug #14109)
[Change] For new posts or editing the first post topic titles have a maxlength of 60 characters. For any subsequent posts the length is extended to 64 to make room for the Re: part, but cutting at 60 characters. The maxlength need to be 64, else users using opera are unable to post (opera does not allow pre-filling a field with more characters than specified within the maxlength attribute)
[Fix] Disable gzip compression for cached stylesheet for Internet Explorer 6 or empty browser (IE6 is not able to properly display the compressed stylesheet) (Bug #14054)
[Fix] Header icons fixed in FF for RTL languages (Bug #14084)
[Change] Words in topic titles and post subjects are highlighted on the search results page and viewtopic too now (Bug #13383)
[Fix] Made sure strip_bbcode cannot get the idea that a smiley is a BBCode (Bug #14030)
[Change] Added a filter for user objects to LDAP configuration and improved explanations (Bug #12627)
[Fix] Display searchable subforums of invisible parents in advanced search forum selection (Bug #11395)
[Fix] Allow line breaks in custom BBCodes (Bug #10758)
[Fix] Ordered BBcode parsing functions in the same way everywhere where they are used
[Fix] Prevent {URL} token in custom BBCodes from make_clickable messing (Bug #14151)
[Sec] Added alternative tokens to custom BBCodes which are safe for CSS/Javascript and changed TEXT token to entitise opening and closing parantheses.
[Fix] Convert 2.0 moderator posting permissions (Bug #14105)
[Fix] Correctly apply PM box limit of 0 to custom folder (Bug #14154)
[Fix] odbc_autocommit causing existing result sets to be dropped (Bug #14182)

1.xix. Changes since 3.0.RC3

[Fix] Fixing some subsilver2 and prosilver style issues
[Fix] Parse error in MCP ban (Bug #13109)
[Fix] Correctly hide online status in the profile (Bug #13059)
[Feature] Let the user choose how to update modified files (merging, using new file or using old file) within automatic updater
[Fix] An extra \ in an Oracle SQL regex was corrected (Bug #13151)
[Fix] Added a missing global to get_file() (Bug #13149)
[Fix] Hide autologin box when autologin is disabled (Bug #13093)
[Fix] Account for the forum id not being part of the request uri in prosilver (Bug #13121)
[Fix] Properly alter PostgreSQL tables
[Fix] Properly cache template files that were stored in the database (Bug #12675)
[Fix] Do not count the deletion of an unapproved topic as a decrease in normally viewable posts (Bug #13167)
[Fix] Allow column_exists() to return true if the column exists but no data is in the table
[Fix] Allow setting the smiley order via the select. Also allow to add smileys at the top. (Bug #13199)
[Fix] Fix php notice on sending jabber messages (Bug #13201)
[Fix] Make the window showing file differences a little wider (Bug #13157)
[Fix] Preserve preview style on search form (Bug #13205)
[Fix] Place attachment filename in new line in posting editor (Bug #9726)
[Fix] Don't allow caching to occur in the update sequence (Bug #13207)
[Fix] Enforce the max password length for automatically generated password created by the password sender (Bug #13181)
[Fix] Handle phpinfo() when expose_php is false (Bug #12777)
[Fix] Allow managing of forum roles without global users (Bug #13249)
[Change] Do not run cron script if board is disabled
[Fix] Correctly destroy sql cache for some query combinations (Bug #13237)
[Fix] Allow link forums being password protected (Bug #12967)
[Fix] Allow wrapping topic/post icons in posting editor (Bug #12843)
[Fix] Display L_RANK only once in template if rank title and image defined (Bug #13231)
[Fix] Make sure selected transfer method exists before calling (Bug #13265)
[Fix] Correctly escape language keys in language editor (Bug #13279)
[Fix] Correctly hide post/reply buttons if permissions are not given (related to Bug #12809)
[Fix] Remove orphan/wrong permission entries for non-existent forums - self-repairing permissions if conversions went "crazy"
[Feature] Allow "older" updates applied with the automatic updater. This allows people using it for updating, say, from 3.0.0 to 3.0.1 (with the correct package of course) and then from 3.0.1 to 3.0.2 if the latest version at this time is 3.0.2. These changes take effect beginning with RC4 or people replacing install/install_update.php manually prior doing the updates.
[Fix] Present correct error message if user tries to edit already read private message (Bug #13271)
[Fix] Also display board disabled notice for admins/mods if board got disabled due to exceeding the load limit (Bug #13267)
[Fix] Correctly deliver avatar if readfile function has been disabled (Bug #13309)
[Fix] Display php information page with the correct direction (Bug #12557)
[Fix] Increased the number of style objects (styles, templates, themes and imagesets) possible from 127 to 65535 for MySQL (Bug #13179)
[Fix] Although theoretically impossible in our code, removed the chance of trying to open a file that does not exist (Bug #13327)
[Fix] Although theoretically impossible in our code, changed the handling of non-existent language files (Bug #13329, #13331)
[Fix] Removed extra ampersand from ACP link (Bug #13315)
[Fix] used cleaned up version of given field identification for pre-filling a new custom profile field (Bug #13319)
[Fix] Correctly convert 2.0 website profile fields. (Bug #13379)
[Fix] Fixed the "Alphanumeric" and "Alphanumeric and spacers" username selection limitations (Bug #13391)
[Fix] Make sure filelist() is only returning array types (Bug #13385)
[Fix] Correctly mark forums read if using cookie based topic tracking (Bug #13245)
[Change] Put custom profile fields into top box and signature into separate box in members profile view (Bug #13357)
[Fix] Only show moderator log entries for forums the user is having moderation rights in (Bug #12481)
[Feature] Show resulting permission alone in trace window (Bug #10952) - thanks to dark/rain for the proposal
[Fix] Fixed bug in realpath replacement letting it actually work again
[Change] Try to be a bit more specific regarding global/local permission trace (Bug #11032)
[Fix] Fixed some strangeness in password validation due to mb_ereg()
[Fix] Subforums of a forum would overwrite the latest post information even if they did not contain the latest post (Bug #11931)
[Fix] Use global username display function on several places (Bug #11080, #11098) - patch by HoL
[Fix] Several viewonline fixes and feature changes. Also displaying the users browser in viewonline list to let the admin easier spot additional search bots, connected to a_user permission (Bug #11088) - patch and suggestions provided by HoL
[Change] u_viewprofile permission also affecting viewonline list now
[Fix] Do not display return to search link in prosilver if search is not allowed (Bug #11393)
[Fix] Use global url validation for img bbcode tag (Bug #11935)
[Fix] Added proper unicode support to style names (Bug #12165)
[Fix] Search result extract should not end in the middle of a multibyte character (Bug #11863)
[Fix] Missing localisation for an imageset no longer triggers a lot of "imageset refreshed" log messages (Bug #12027)
[Fix] Explain that themes which need parsing cannot be stored on the filesystem (Bug #11134)
[Fix] Normalize usernames
[Change] Improved utf8_clean_string with a more complete list of homographs and NFKC normalization
[Fix] Fixed error messages that ACP Database can give (Bug #13463)
[Fix] Fixed potential issues with databases that use tables names is uppercase
[Fix] Handle forum links/redirects within viewforum if no read permission given (to display login box or error message) (Bug #13467)
[Fix] Prevent changing postable forum having subforums to link forum without moving subforums out first
[Fix] Do not display version in admin template (Bug #13495)
[Fix] Allow manual specification of remote avatar dimensions if getimagesize is disabled (Bug #13531)
[Fix] Make viewonline use the session page's added forum parameter (Bug #13597)
[Fix] Correcting BBCode FAQ (Bug #11180)
[Fix] Make to/bcc line in view private message display consistent with other username displays in prosilver (Bug #11989)
[Fix] Send out activation email if admin activation is enabled and user activated through inactive users panel upon registration (Bug #12065)
[Change] Re-implemented All Yes/No/Never links in permission panels for easier changing all categories at once
[Change] Advanced permission link now "marked" if no role is assigned and custom permissions set. With this an admin can instantly see if the object is not set at all or having custom permissions, something you only saw if advanced permissions were viewed before.
[Fix] Change misleading custom BBCodes explanation, regarding tokens and useable template variables (Bug #12403, #5660)
[Feature] Ability to disable birthdays completely with new board features setting
[Fix] Fix disallowed username check (Bug #13511)
[Fix] Allow for unicode usernames to be pruned (Bug #13643)
[Fix] Do not copy forum permissions from self (Bug #13663)
[Fix] Allow for polls to work during preview (Bug #13657) - thanks to Thatbitextra
[Fix] Finer error conditions for sending IM messages (Bugs #13681, #13683)
[Fix] Add a confirmation for log deletion in the MCP (Bug #13693)
[Fix] Do not erase ranks and avatars when changing default groups (Bugs #13701, #13697)
[Fix] Limit author searches to firstpost, if selected (Bug #13579)
[Fix] Properly resync user post counts for users that have no posts (Bug #13581)
[Fix] Do not require space after , in smiley pak files (Bug #13647)
[Fix] Properly display the subscribe link in topic and forum display for Oracle (Bug #13583)
[Change] Add version number to ACP index (Bug #13703)
[Fix] Several fixes for custom profile fields on multi-lingual boards (Bugs #13763, #13527, #13525, #11515)
[Fix] Return to the mode previously selected after disaproving a post (Bug #13796)
[Fix] Cron now uses a locking variable to make sure it does not spawn too many webserver processes (Bug #12741)
[Fix] Cached stylesheet now supporting gzip compression
[Fix] Added link to inbox for deleted PMs (Bug #13813)
[Fix] Re-syncing the board stats also refreshes the newest user (Bug #13831)
[Feature] Ability to externally set $phpbb_root_path if wrapping phpBB3 by defining constant PHPBB_ROOT_PATH
[Fix] Implemented correct left/right floating within ACP in regard to RTL languages (Bug #13777)
[Fix] Fixing session problems when using MySQL strict mode in conjunction with very long browser agent string (Bug #13827)
[Fix] Disallow post/pm subjects entirely made up from non-printable chars and whitespaces (Bug #13800)
[Fix] Allow moving private messages from the sentbox (Bug #13791)
[Fix] Properly export localized imagesets
[Feature] Show the size of Firebird databases
[Fix] Show error when moving topic into a category via quickmod (Bug #11611)
[Fix] Allow Oracle to install on a database without specify the database name

1.xx. Changes since 3.0.RC2

[Fix] Re-allow searching within the memberlist
[Fix] Force prune related values to integers during conversions
[Fix] Updater now detects successfully merged files having conflicts and user chose to merge with modifications (Bug #12685)
[Fix] Updater is no longer listing missing language entries and styles if these had been removed (Bug #12655)
[Fix] Correct approval of posts in global announcements (Bug #12699)
[Sec] Do not allow setup spiders/robots to post, even if permissions are given. We see no reason why this should be possible. (Thanks to Frank Rizzo for convincing us regarding this)
[Sec] Do not display the last active column within the memberlist if u_viewonline permission is not given (Bug #12797)
[Fix] Display custom profile field "date" based on users language (Bug #12787)
[Fix] Allow adding of help language files within subdirectories (Bug #12783)
[Fix] Correctly apply smileys on posting having # within their emotion code
[Fix] Correctly convert smileys having double quotes within their emotion code (Bug #12731)
[Fix] The converter now adds the protocol to user website profile fields missing it (Bug #12819)
[Fix] Correctly escape banned ip/email using wildcard for ban check (Bug #12815)
[Fix] Fixed some very nasty opera bugs (dropdown list bug, cpu spike bug) (Bug #12763, #11609)
[Fix] Font colour list having the correct height in IE (Bug #9571)
[Feature] Added mark/unmark all links to the bots page (Bug #12461)
[Fix] Introduced check on duplicate usernames during bot creation/edit (Bug #12461)
[Fix] Allow multibyte letters for smilie codes(Bug #12321)
[Fix] Correctly chmod created cache files (Bug #12859)
[Fix] Use our global expression for checking email syntax in memberlist (Bug #12827)
[Fix] Correctly retrieve/refresh templates stored in database if using subdirectories within template directory (Bug #12839)
[Fix] Correctly translate special group names in ucp_groups.php (Bug #12597)
[Fix] Search boxes not losing session id (changing method from get to post) (Bug #12643)
[Fix] Make sure the automatic update is also working for those having fsockopen disabled
[Fix] Simulate recache of theme data on automatic update finished page - recaching it if css data changed
[Feature] Allow dropping in custom "info_[module class]_*.php" files to language/*/mods directory for inclusion into the menu structure without the need to modify phpBB language files for menu placements
[Fix] Added login box to egosearch (Bug #12941)
[Fix] Deal with slashed quotes during quote bbcode conversion (Bug #12607)
[Fix] Minor language and style fixes (Bugs #12235, #12493, #11949)
[Feature] Added backlinks to mcp_report (Bug #12905)
[Fix] Only check usernames in guest posts upon edit (Bug #11349)
[Fix] Consider viewonline permission when viewing friends/foes (Bug #12955)
[Fix] Added proper unicode support to ban reasons (Bug #12947)
[Fix] The forum/topic sync code now recognizes other ways that the latest post in a topic can be expressed (Bug #12947) - patch provided by APTX
[Fix] Topic deletion via the user post deletion mechanism did not take into account statistics for forums that hold shadow topics (Bug #12981)
[Fix] Allow for negative and decimal numbers to be in transposed queries in the Oracle and Firebird DBAL (Bug #13033)
[Fix] Some jabber related bugs (Bug #12989, #11805, #11809)
[Fix] Added UTF-8 support for banning via the MCP (Bug #13013)
[Fix] Properly detect the script name in session::extract_current_page() if PHP_SELF is not defined (Bug #12705) - patch provided by ToonArmy
[Fix] Show role mask for global permission class under Permissions->Permission Roles (Bug #13057)

1.xxi. Changes since 3.0.RC1

[Fix] (X)HTML issues within the templates (Bug #11255, #11255)
[Fix] Tiny language and grammar changes
[Fix] Several style related fixes, mainly fixing cross-browser issues
[Fix] Several RTL fixes within prosilver
[Fix] MCP looses forum_id in some panels (Bug #11255)
[Fix] Moderation queue used unfriendly notification of no posts/topics (Bug #11291)
[Fix] Array in Oracle DBAL not always set (Bug #11475)
[Fix] Improper continue; in acp_styles.php (Bug #11523)
[Fix] Imageset editor more friendly (Bug #11511)
[Fix] Made Custom BBCode validation more strict (Bug #11335)
[Fix] Proper sync of data on topic copy (Bug #11335)
[Fix] Introduced ORDER BY clauses to converter queries (Bug #10697)
[Fix] Stopped bots from getting added to the registered users group during conversion (Bug #11283)
[Fix] Filled "SMILIEYS_DISABLED" template variable (Bug #11257)
[Fix] Properly escaped the delimiter in disallowed username comparisons (Bug #11339)
[Fix] Check global purge setting (Bug #11555)
[Fix] Improper magic url parsing applied to already parsed [url=] bbcode tag (Bug #11429)
[Fix] Renamed two indicies for Oracle support (Bug #11457)
[Fix] Added support for ISO-8859-8(-i) in the character set convertor (Bug #11265, #12039)
[Fix] Added support for Oracle's "easy connect naming"
[Fix] Let Mark/Unmark All work in Manage Drafts (Bug #11679)
[Fix] Display correct message if no attachments found in user administration (Bug #11629)
[Fix] Let the "Delete all board cookies" being displayed for guests too (only prosilver) (Bug #11603)
[Fix] Do not display view topic link in MCP while there is no link present (Bug #11573)
[Fix] MySQL now properly sorts by post_subject (Bug #11637)
[Fix] Introduced checks to stop negative postcounts (Bug #11561, #11421)
[Fix] Allow IP v4/v6 urls for remote avatars (Bug #11633)
[Fix] Delete avatar files automatically (Bug #11631)
[Fix] Automatically add selected columns to group by statements in the converter (Bug #11465)
[Fix] Allow posts without subjects to be clicked in the MCP (Bug #11483)
[Fix] Sync the forums that shadow topics reside in when the topic that they point to is deleted
[Fix] Do not use the gen_random_string function to create cookie names during install (Bug #11431)
[Fix] Send stylesheet in style.php even without a valid session id (Bug #11531)
[Fix] request_var should strictly return the requested number of dimensions
[Fix] Correct assignment of custom width to $user->img(); / Correctly display poll bars in subsilver2 (Bug #11301)
[Fix] Allow removing polls in prosilver
[Fix] Correct link to post in managing users attachments (Bug #11765)
[Fix] Reload confirm screen for selecting new forum for global topic type change if not postable forum is chosen (Bug #11711)
[Fix] Correctly show system default color for disabled options in Internet Explorer which does not support disabled option fields
[Fix] Update query for custom profiles in user management used wrong order for left/right delimiter (affecting mssql) (Bug #11781)
[Fix] Inconsistent display of more smileys link fixed (Bug #11801)
[Fix] Outbox messages are no always neither new nor unread post-conversion (Bug #11461)
[Feature] Replaced outdated jabber class with the one from the flyspray project
[Feature] The converter no longer relies on the smiley ID to decide if it should be displayed on the posting page
[Change] Limit maximum number of allowed characters in messages to 60.000 by default. Admins should increase their PHP time limits if they want to raise this tremedously.
[Change] Some changes to the conversion documentation
[Fix] Only use permissions from existing forums during the conversion (Bug #11417)
[Fix] Do not permit the decimal as a valid prefix character (Bug #11967)
[Fix] Account for the fact that the IM fields might hold non-IM information
[Fix] Make the queue function on post details
[Fix] Check if there are active styles left before deleting a style
[Fix] Correctly update styles after the deletion of an imageset.
[Fix] Replaced jabber validation to use the method used by the new jabber class (Bug #9822)
[Sec] Adding confirm boxes to UCP group actions (ToonArmy)
[Feature] Added the option to disable the flash bbcode globally (DelvarWorld)
[Sec] Changed the embedding of Flash (NeoThermic, DelvarWorld)
[Fix] Use the signature setting for PMs (Bug #12001)
[Fix] Made the DBMS selection use language variables (Bug #11969)
[Fix] Make sure that a folder is used when viewing messages to oneself (Bug #12105)
[Fix] Account for the fact that a board might have no visible Admins (Bug #12185)
[Fix] Change group ranks even if empty (Bug #12231)
[Fix] Correctly propagate variables across the custom profile field wizard (Bug #12237)
[Fix] Correctly move pm's into folders if more than one is received (Bug #12135)
[Fix] Corrected various bugs with CPF on multi-language boards (Bug #11803)
[Fix] Disable notify checkbox in posting editor when board email is disabled (Bug #12263)
[Fix] Removed maxlength from password/username fields (Bugs #12215, #11797)
[Fix] Use icon-unsubscribe in prosilver (Bug #12211)
[Fix] Seperated PREVIOUS/NEXT language vars for pagination and next/previous step (Bug #12197)
[Feature] append_sid() supporting anchor (Bug #11535) - patch provided by Schumi and ToonArmy
[Fix] Remember selected language while registering after submit (Bug #11435)
[Fix] UTF-8 support in theme and template editors (Bug #12251)
[Fix] Allow for posts per page in the MCP to change during topic selection (Bug #12067)
[Fix] Remove group avatars upon deletion from all profiles, not just the people having the group as default (Bug #12275, #12267)
[Fix] Allow for conversions to SQLite (Bug #12279) - patch provided by ToonArmy
[Fix] Apply colours to guests (Bug #12219)
[Fix] Set the Admin group as founder_manage during conversion (Bug #12287)
[Fix] Fixed a special quote BBCode case (Bug #12189)
[Fix] Correctly parse BBCodes in a post when a poll is being used (Bug #11833)
[Fix] Remember attached files on PM edit (Bug #12019)
[Fix] Correctly display poll ending on preview (Bug #12303)
[Feature] Display the success message on posting longer for posts awaiting approval (Bug #12053)
[Fix] Display maximum and entered number of characters for the "maximum number of characters exceeded" error messages (Bug #11981)
[Fix] Wrongly applied setting for allowing links in private messages (used the signature setting instead of the post setting) (Bug #11945)
[Fix] Unread flag for multipage topic wrongly set under some conditions (Bug #12127) - fix provided by asinshesq
[Fix] Able to delete posts within user prune panel (Bug #11849)
[Feature] Allow to specify dimensions of images manually on imageset config (Bug #11675)
[Fix] Correctly re-assign query result id after seeking rows (MSSQL/Firebird) (Bug #12369)
[Feature] Make effect of a changed hideonline permission instantaneous
[Fix] Do not overwrite larger memory values in the installer (Bug #12195)
[Fix] Order forums on role permission mask (Bug #12337)
[Fix] Show "no image" image when a non-selectable item was selected in the acp imageset editor - IE (Bug #12423)
[Fix] Update session information without new pageload (Bug #12393, Bug #12441)
[Fix] Let polls be edited correctly (Bug #12433)
[Fix] Overcome Oracle's inability to handle IN() clauses with over one thousand elements (Bug #12449)
[Fix] Simulate Firebird's affected rows mechanism for older versions of PHP
[Fix] Custom BBCodes properly handle lowercasing of parameterized tags (Bug #12377)
[Fix] Update the forum_id sequence for PostgreSQL during conversion (Bug #11927)
[Fix] Allow for multiple tags containing URL and LOCAL_URL tokens (Bug #12473)
[Fix] Properly display forum list in the MCP Queue (Bug #11313)
[Fix] Use the localised guest name for quotes (Bug #12483)
[Fix] Added post anchor to links in default warning message (Bug #12489)
[Fix] Allow 5 digits in editing time fields (Bug #12489)
[Fix] MS SQL DBAL drivers now write over extension limitations, they are too low for most installations (Bug #12415)
[Fix] Fix sorting by author on "unanswered posts" (Bug #12545)
[Fix] Allow searching for multibyte authors (Bug #11793)
[Fix] Writing directories/files with correct permissions using FTP for transfers on PHP4
[Fix] Oracle sequences during conversions are now corrected (Bug #12555)
[Fix] Allow users to continue after selecting "No" in the merge quickmod confirmation (Bug #12577)
[Fix] Correctly check permissions on the UCP subscription/bookmark pages (Bug #12595)
[Fix] Only convert non-orphaned PMs
[Fix] Fixed a few Postgres related errors (Bug #12587)
[Feature] New DBAL wrapper for LIKE expressions / sql_like_expression()
[Sec] Stricter validation of language entries.

phpBB 3.0.x Readme

Readme

1. Installing phpBB3

2. Running phpBB3

2.i. Languages (Internationalisation - i18n)

2.ii. Styles

2.iii. Modifications

3. Getting help with phpBB3

3.i. phpBB3 Documentation

3.ii. Knowledge Base

3.iii. Community Forums

3.iv Internet Relay Chat

4. Status of this version

5. Reporting Bugs

5.i. Security related bugs

6. Overview of current bug list

7. PHP compatibility issues

7.i. Notice on PHP security issues

8. Copyright and disclaimer

phpBB 3.0.x FAQ

FAQ

I am finding phpBB too difficult to install. Will you do it for me?

I am having problems with the admin at a certain board, help! A board has ripped off my graphics/software/etc., stop them! A board is dealing in warez/porn/etc., you need to prevent them doing this! I want to sue you because i think you host an illegal board!

According to viewonline a user is doing/reading something they should not be able to!

I keep getting Mail sending errors when I (or my users) post/send PM's/etc.!

My users are complaining that emails are not in their selected language!

My AOL based users keep getting logged out!

I am unable to upload avatars from my computer, regardless of the settings.

I just cannot get gallery avatars to appear!

How do I use/set permissions?

I (or my users) cannot stay logged in to the forum!

My users are complaining about being logged out too quickly!

My question isn't answered here!

Copyright and disclaimer

Coding Guidelines

Coding Guidelines

1. Defaults

1.i. Editor Settings

Tabs vs Spaces:

Linefeeds:

1.ii. File Header

Standard header for new files:

Files containing inline code:

Files containing only functions:

Files containing only classes:

Code following the header but only functions/classes file:

1.iii. File Locations

1.iv. Special Constants

PHPBB_USE_BOARD_URL_PATH

2. Code Layout/Guidelines

2.i. Variable/Function Naming

Variable Names:

Loop Indices:

Function Names:

Function Arguments:

Summary:

Special Namings:

2.ii. Code Layout

Always include the braces:

Where to put the braces:

Use spaces between tokens:

Operator precedence:

Quoting strings:

Associative array keys:

Comments:

Magic numbers:

Shortcut operators:

Inline conditionals:

Don't use uninitialized variables.

Switch statements:

2.iii. SQL/SQL Layout

Common SQL Guidelines:

SQL code layout:

SQL Quotes:

Avoid DB specific SQL:

Common DBAL methods:

sql_escape():

sql_query_limit():

sql_build_array():

sql_multi_insert():

I am having problems with the admin at a certain board, help!
A board has ripped off my graphics/software/etc., stop them!
A board is dealing in warez/porn/etc., you need to prevent them doing this!
I want to sue you because i think you host an illegal board!

How to use `iso.txt`: