12 files changed, 54 insertions, 25 deletions
diff --git a/phpBB/docs/CHANGELOG.html b/phpBB/docs/CHANGELOG.html
index 998fea5de8..da25ae64ab 100644
--- a/phpBB/docs/CHANGELOG.html
+++ b/phpBB/docs/CHANGELOG.html
@@ -121,6 +121,7 @@
 		<li>[Fix] Don't allow promoting unapproved group members (#16124)</li>
 		<li>[Fix] Correctly fetch server name if using non-standard port (#27395)</li>
 		<li>[Fix] Regular expression for email matching in posts will no longer die on long words.</li>
+		<li>[Sec] Only allow urls gone through redirect() being used within login_box(). (thanks nookieman)</li>
 	</ul>
 
 	<a name="v300"></a><h3>1.ii. Changes since 3.0.0</h3>
diff --git a/phpBB/docs/INSTALL.html b/phpBB/docs/INSTALL.html
index 40ae50047b..41642f1cb6 100644
--- a/phpBB/docs/INSTALL.html
+++ b/phpBB/docs/INSTALL.html
@@ -273,7 +273,7 @@
 
 	<p>This package is meant for those wanting to only replace changed files from a previous version to the latest version. This package normally contains the changed files from up to five previous versions.</p>
 
-	<p>This package contains a number of archives, each contains the files changed from a given release to the latest version. You should select the appropriate archive for your current version, e.g. if you currently have <samp>3.0.0</samp> you should select the phpBB-3.0.0_to_3.0.1.zip/tar.gz file.</p>
+	<p>This package contains a number of archives, each contains the files changed from a given release to the latest version. You should select the appropriate archive for your current version, e.g. if you currently have <samp>3.0.1</samp> you should select the phpBB-3.0.1_to_3.0.2.zip/tar.gz file.</p>
 
 	<p>The directory structure has been preserved enabling you (if you wish) to simply upload the contents of the archive to the appropriate location on your server, i.e. simply overwrite the existing files with the new versions. Do not forget that if you have installed any MODs these files will overwrite the originals possibly destroying them in the process. You will need to re-add MODs to any affected file before uploading.</p>
 
@@ -285,7 +285,7 @@
 
 	<p>The patch file is one solution for those with many Modifications (MODs) or other changes who do not want to re-add them back to all the changed files if they use the method explained above. To use this you will need command line access to a standard UNIX type <strong>patch</strong> application. If you do not have access to such an application but still want to use this update approach, we strongly recommend the <a href="#update_auto">Automatic update package</a> explained below. It is also the preferred update method.</p>
 
-	<p>A number of patch files are provided to allow you to update from previous stable releases. Select the correct patch, e.g. if your current version is 3.0.0 you need the phpBB-3.0.0_to_3.0.1.patch file. Place the correct patch in the parent directory containing the phpBB3 core files (i.e. index.php, viewforum.php, etc.). With this done you should run the following command: <strong>patch -cl -d [PHPBB DIRECTORY] -p1 &lt; [PATCH NAME]</strong> (where PHPBB DIRECTORY is the directory name your phpBB Installation resides in, for example phpBB3, and where PATCH NAME is the relevant filename of the selected patch file). This should complete quickly, hopefully without any HUNK FAILED comments.</p>
+	<p>A number of patch files are provided to allow you to update from previous stable releases. Select the correct patch, e.g. if your current version is 3.0.1 you need the phpBB-3.0.1_to_3.0.1.patch file. Place the correct patch in the parent directory containing the phpBB3 core files (i.e. index.php, viewforum.php, etc.). With this done you should run the following command: <strong>patch -cl -d [PHPBB DIRECTORY] -p1 &lt; [PATCH NAME]</strong> (where PHPBB DIRECTORY is the directory name your phpBB Installation resides in, for example phpBB3, and where PATCH NAME is the relevant filename of the selected patch file). This should complete quickly, hopefully without any HUNK FAILED comments.</p>
 
 	<p>If you do get failures you should look at using the <a href="#update_files">Changed files only</a> package to replace the files which failed to patch, please note that you will need to manually re-add any Modifications (MODs) to these particular files. Alternatively if you know how you can examine the .rej files to determine what failed where and make manual adjustments to the relevant source.</p>
 
diff --git a/phpBB/install/database_update.php b/phpBB/install/database_update.php
index e79a69d173..43d8c06a27 100644
--- a/phpBB/install/database_update.php
+++ b/phpBB/install/database_update.php
@@ -8,7 +8,7 @@
 *
 */
 
-$updates_to_version = '3.0.1'; //'3.0.2-RC1';
+$updates_to_version = '3.0.2-RC1';
 
 // Return if we "just include it" to find out for which version the database update is responsible for
 if (defined('IN_PHPBB') && defined('IN_INSTALL'))
@@ -496,10 +496,12 @@ $database_update_info = array(
 			GROUPS_TABLE			=> array('group_legend'),
 		),
 	),
-	// No changes from 3.0.0 to 3.0.1-RC1
-	'3.0.1-RC1'		=> array(),
 	// No changes from 3.0.1-RC1 to 3.0.1
+	'3.0.1-RC1'		=> array(),
+	// No changes from 3.0.1 to 3.0.2-RC1
 	'3.0.1'			=> array(),
+// uncomment once RC1 out - no changes from 3.0.2-RC1 to 3.0.2
+//	'3.0.2-RC1'		=> array(),
 );
 
 // Determine mapping database type
@@ -585,6 +587,11 @@ while ($row = $db->sql_fetchrow($result))
 }
 $db->sql_freeresult($result);
 
+/*if ($debug_from_version !== false)
+{
+	$config['version'] = $debug_from_version;
+}*/
+
 echo $lang['PREVIOUS_VERSION'] . ' :: <strong>' . $config['version'] . '</strong><br />';
 echo $lang['UPDATED_VERSION'] . ' :: <strong>' . $updates_to_version . '</strong></p>';
 
@@ -608,7 +615,7 @@ else
 
 // Checks/Operations that have to be completed prior to starting the update itself
 $exit = false;
-if (version_compare($current_version, '3.0.RC8', '<='))
+if (version_compare($current_version, '3.0.RC8', '<=')) /* && $debug_from_version === false) */
 {
 	// Define missing language entries...
 	if (!isset($lang['CLEANING_USERNAMES']))
@@ -1096,13 +1103,20 @@ for ($i = 0; $i < sizeof($versions); $i++)
 
 	$next_version = (isset($versions[$i + 1])) ? $versions[$i + 1] : $updates_to_version;
 
-	if (!sizeof($schema_changes))
+	// If the installed version to be updated to is < than the current version, and if the current version is >= as the version to be updated to next, we will skip the process
+	if (version_compare($version, $current_version, '<') && version_compare($current_version, $next_version, '>='))
 	{
 		continue;
 	}
 
-	// If the installed version to be updated to is < than the current version, and if the current version is >= as the version to be updated to next, we will skip the process
-	if (version_compare($version, $current_version, '<') && version_compare($current_version, $next_version, '>='))
+/*	if ($debug_from_version !== false)
+	{
+		// Applying update schema for version array with key '$version'
+		// for version '$version' to '$next_version'
+		continue;
+	}*/
+
+	if (!sizeof($schema_changes))
 	{
 		continue;
 	}
@@ -1213,10 +1227,7 @@ $errored = $no_updates = false;
 flush();
 
 $no_updates = true;
-
-$versions = array(
-	'3.0.RC2', '3.0.RC3', '3.0.RC4', '3.0.RC5', '3.0.0', '3.0.1-RC1'
-);
+$versions = array_keys($database_update_info);
 
 // some code magic
 for ($i = 0; $i < sizeof($versions); $i++)
@@ -1230,8 +1241,14 @@ for ($i = 0; $i < sizeof($versions); $i++)
 		continue;
 	}
 
-	$no_updates = false;
-	change_database_data($version);
+/*	if ($debug_from_version !== false)
+	{
+		// Applying update schema for version array with key '$version'
+		// for version '$version' to '$next_version'
+		continue;
+	}*/
+
+	change_database_data($no_updates, $version);
 }
 
 _write_result($no_updates, $errored, $error_ary);
@@ -1250,6 +1267,9 @@ $errored = $no_updates = false;
 
 flush();
 
+//if ($debug_from_version === false)
+// {
+
 // update the version
 $sql = "UPDATE " . CONFIG_TABLE . "
 	SET config_value = '$updates_to_version'
@@ -1262,6 +1282,8 @@ $sql = 'UPDATE ' . USERS_TABLE . "
 		user_perm_from = 0";
 _sql($sql, $errored, $error_ary);
 
+// }
+
 /* Optimize/vacuum analyze the tables where appropriate
 // this should be done for each version in future along with
 // the version number update
@@ -1349,7 +1371,7 @@ if (function_exists('exit_handler'))
 /**
 * Function where all data changes are executed
 */
-function change_database_data($version)
+function change_database_data(&$no_updates, $version)
 {
 	global $db, $map_dbms, $errored, $error_ary, $config, $phpbb_root_path;
 
@@ -1396,6 +1418,7 @@ function change_database_data($version)
 				sql_create_index($map_dbms, 'ath_op_id', ACL_ROLES_DATA_TABLE, array('auth_option_id'));
 			}
 
+			$no_updates = false;
 		break;
 
 		case '3.0.RC3':
@@ -1485,6 +1508,7 @@ function change_database_data($version)
 			set_config('allow_birthdays', '1');
 			set_config('cron_lock', '0', true);
 
+			$no_updates = false;
 		break;
 
 		case '3.0.RC4':
@@ -1682,6 +1706,7 @@ function change_database_data($version)
 			set_config('ldap_port', '');
 			set_config('ldap_user_filter', '');
 
+			$no_updates = false;
 		break;
 
 		case '3.0.RC5':
@@ -1715,6 +1740,7 @@ function change_database_data($version)
 
 			$db->sql_transaction('commit');
 
+			$no_updates = false;
 		break;
 
 		case '3.0.0':
@@ -1741,6 +1767,7 @@ function change_database_data($version)
 				}
 			}
 
+			$no_updates = false;
 		break;
 
 		case '3.0.1-RC1':
@@ -1749,6 +1776,7 @@ function change_database_data($version)
 			set_config('check_attachment_content', '1');
 			set_config('mime_triggers', 'body|head|html|img|plaintext|a href|pre|script|table|title');
 
+			$no_updates = false;
 		break;
 
 	}
diff --git a/phpBB/install/schemas/schema_data.sql b/phpBB/install/schemas/schema_data.sql
index f8100e36ca..3dfe8ae0d9 100644
--- a/phpBB/install/schemas/schema_data.sql
+++ b/phpBB/install/schemas/schema_data.sql
@@ -214,7 +214,7 @@ INSERT INTO phpbb_config (config_name, config_value) VALUES ('topics_per_page',
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('tpl_allow_php', '0');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('upload_icons_path', 'images/upload_icons');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('upload_path', 'files');
-INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '3.0.1');
+INSERT INTO phpbb_config (config_name, config_value) VALUES ('version', '3.0.2-RC1');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('warnings_expire_days', '90');
 INSERT INTO phpbb_config (config_name, config_value) VALUES ('warnings_gc', '14400');
 
diff --git a/phpBB/styles/prosilver/imageset/imageset.cfg b/phpBB/styles/prosilver/imageset/imageset.cfg
index 83b5cdb710..4635a8bcef 100644
--- a/phpBB/styles/prosilver/imageset/imageset.cfg
+++ b/phpBB/styles/prosilver/imageset/imageset.cfg
@@ -19,7 +19,7 @@
 # General Information about this style
 name = prosilver
 copyright = &copy; phpBB Group, 2007
-version = 3.0.0
+version = 3.0.2
 
 # Images
 img_site_logo = site_logo.gif*52*139
diff --git a/phpBB/styles/prosilver/style.cfg b/phpBB/styles/prosilver/style.cfg
index f1ea67f7ce..988dee1650 100644
--- a/phpBB/styles/prosilver/style.cfg
+++ b/phpBB/styles/prosilver/style.cfg
@@ -19,4 +19,4 @@
 # General Information about this style
 name = prosilver
 copyright = &copy; phpBB Group, 2007
-version = 3.0.0
-\ No newline at end of file
+version = 3.0.2
+\ No newline at end of file
diff --git a/phpBB/styles/prosilver/template/template.cfg b/phpBB/styles/prosilver/template/template.cfg
index 1251dcdce2..dbf3a29077 100644
--- a/phpBB/styles/prosilver/template/template.cfg
+++ b/phpBB/styles/prosilver/template/template.cfg
@@ -19,7 +19,7 @@
 # General Information about this template
 name = prosilver
 copyright = &copy; phpBB Group, 2007
-version = 3.0.0
+version = 3.0.2
 
 # Defining a different template bitfield
 template_bitfield = lNg=
diff --git a/phpBB/styles/prosilver/theme/theme.cfg b/phpBB/styles/prosilver/theme/theme.cfg
index 19fb8517b2..070d356aa5 100644
--- a/phpBB/styles/prosilver/theme/theme.cfg
+++ b/phpBB/styles/prosilver/theme/theme.cfg
@@ -21,7 +21,7 @@
 # General Information about this theme
 name = prosilver
 copyright = &copy; phpBB Group, 2007
-version = 3.0.0
+version = 3.0.2
 
 # Some configuration options
 
diff --git a/phpBB/styles/subsilver2/imageset/imageset.cfg b/phpBB/styles/subsilver2/imageset/imageset.cfg
index 44f44007d7..11800f5fb7 100644
--- a/phpBB/styles/subsilver2/imageset/imageset.cfg
+++ b/phpBB/styles/subsilver2/imageset/imageset.cfg
@@ -19,7 +19,7 @@
 # General Information about this style
 name = subsilver2
 copyright = &copy; phpBB Group, 2003
-version = 3.0.0
+version = 3.0.2
 
 # Images 
 img_site_logo = site_logo.gif*94*170
diff --git a/phpBB/styles/subsilver2/style.cfg b/phpBB/styles/subsilver2/style.cfg
index 7465d36673..6451ea13db 100644
--- a/phpBB/styles/subsilver2/style.cfg
+++ b/phpBB/styles/subsilver2/style.cfg
@@ -19,4 +19,4 @@
 # General Information about this style
 name = subsilver2
 copyright = &copy; 2005 phpBB Group
-version = 3.0.0
+version = 3.0.2
diff --git a/phpBB/styles/subsilver2/template/template.cfg b/phpBB/styles/subsilver2/template/template.cfg
index c83a1d94ad..c1f549eac2 100644
--- a/phpBB/styles/subsilver2/template/template.cfg
+++ b/phpBB/styles/subsilver2/template/template.cfg
@@ -19,5 +19,5 @@
 # General Information about this template
 name = subsilver2
 copyright = &copy; phpBB Group, 2003
-version = 3.0.0
+version = 3.0.2
 
diff --git a/phpBB/styles/subsilver2/theme/theme.cfg b/phpBB/styles/subsilver2/theme/theme.cfg
index 648c5732a8..96a68258cb 100644
--- a/phpBB/styles/subsilver2/theme/theme.cfg
+++ b/phpBB/styles/subsilver2/theme/theme.cfg
@@ -21,7 +21,7 @@
 # General Information about this theme
 name = subsilver2
 copyright = &copy; phpBB Group, 2003
-version = 3.0.0
+version = 3.0.2
 
 # Some configuration options