5 files changed, 65 insertions, 20 deletions
diff --git a/phpBB/includes/acp/acp_php_info.php b/phpBB/includes/acp/acp_php_info.php
index 0499095004..7dd345971a 100644
--- a/phpBB/includes/acp/acp_php_info.php
+++ b/phpBB/includes/acp/acp_php_info.php
@@ -67,6 +67,9 @@ class acp_php_info
 		$output = preg_replace('#<img border="0"#i', '<img', $output);
 		$output = str_replace(array('class="e"', 'class="v"', 'class="h"', '<hr />', '<font', '</font>'), array('class="row1"', 'class="row2"', '', '', '<span', '</span>'), $output);
 
+		// Fix invalid anchor names (eg "module_Zend Optimizer")
+		$output = preg_replace_callback('#<a name="([^"]+)">#', array($this, 'remove_spaces'), $output);
+
 		if (empty($output))
 		{
 			trigger_error('NO_PHPINFO_AVAILABLE', E_USER_WARNING);
@@ -79,6 +82,11 @@ class acp_php_info
 
 		$template->assign_var('PHPINFO', $output);
 	}
+	
+	function remove_spaces($matches)
+	{
+		return '<a name="' . str_replace(' ', '_', $matches[1]) . '">';
+	}
 }
 
 ?>
 \ No newline at end of file
diff --git a/phpBB/includes/bbcode.php b/phpBB/includes/bbcode.php
index d77bb3c4a7..9356e3e9b4 100644
--- a/phpBB/includes/bbcode.php
+++ b/phpBB/includes/bbcode.php
@@ -584,6 +584,13 @@ class bbcode
 				$code = str_replace("\t", '&nbsp; &nbsp;', $code);
 				$code = str_replace('  ', '&nbsp; ', $code);
 				$code = str_replace('  ', ' &nbsp;', $code);
+				$code = str_replace("\n ", "\n&nbsp;", $code);
+
+				// keep space at the beginning
+				if (!empty($code) && $code[0] == ' ')
+				{
+					$code = '&nbsp;' . substr($code, 1);
+				}
 
 				// remove newline at the beginning
 				if (!empty($code) && $code[0] == "\n")
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php
index 1a5be3091c..6b6679bde5 100644
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@@ -629,8 +629,8 @@ function phpbb_email_hash($email)
 * @param string $version2		Second version number
 * @param string $operator		Comparison operator (optional)
 *
-* @return mixed					Integer (-1, 0, 1) if comparison operator is specified.
-*								Boolean (true, false) otherwise.
+* @return mixed					Boolean (true, false) if comparison operator is specified.
+*								Integer (-1, 0, 1) otherwise.
 */
 function phpbb_version_compare($version1, $version2, $operator = null)
 {
@@ -2708,12 +2708,6 @@ function send_status_line($code, $message)
 		{
 			$version = $_SERVER['SERVER_PROTOCOL'];
 		}
-		else if (!empty($_SERVER['HTTP_VERSION']))
-		{
-			// I cannot remember where I got this from.
-			// This code path may never be reachable in reality.
-			$version = $_SERVER['HTTP_VERSION'];
-		}
 		else
 		{
 			$version = 'HTTP/1.0';
diff --git a/phpBB/includes/functions_content.php b/phpBB/includes/functions_content.php
index faff9dd0de..b34976db2a 100644
--- a/phpBB/includes/functions_content.php
+++ b/phpBB/includes/functions_content.php
@@ -691,6 +691,9 @@ function censor_text($text)
 		return '';
 	}
 
+	// Strip control characters
+	$text = preg_replace('/[\x00-\x0f]/', '', $text);
+
 	// We moved the word censor checks in here because we call this function quite often - and then only need to do the check once
 	if (!isset($censors) || !is_array($censors))
 	{
@@ -1107,7 +1110,7 @@ function extension_allowed($forum_id, $extension, &$extensions)
 * @param int $max_length Maximum length of string (multibyte character count as 1 char / Html entity count as 1 char)
 * @param int $max_store_length Maximum character length of string (multibyte character count as 1 char / Html entity count as entity chars).
 * @param bool $allow_reply Allow Re: in front of string 
-* 	NOTE: This parameter can cause undesired behavior (returning strings longer than $max_store_legnth) and is deprecated. 
+* 	NOTE: This parameter can cause undesired behavior (returning strings longer than $max_store_length) and is deprecated. 
 * @param string $append String to be appended
 */
 function truncate_string($string, $max_length = 60, $max_store_length = 255, $allow_reply = false, $append = '')
diff --git a/phpBB/includes/functions_transfer.php b/phpBB/includes/functions_transfer.php
index 046abede8e..5ab7a87efd 100644
--- a/phpBB/includes/functions_transfer.php
+++ b/phpBB/includes/functions_transfer.php
@@ -808,23 +808,56 @@ class ftp_fsock extends transfer
 	*/
 	function _open_data_connection()
 	{
-		$this->_send_command('PASV', '', false);
-
-		if (!$ip_port = $this->_check_command(true))
+		// Try to find out whether we have a IPv4 or IPv6 (control) connection
+		if (function_exists('stream_socket_get_name'))
 		{
-			return false;
+			$socket_name = stream_socket_get_name($this->connection, true);
+			$server_ip = substr($socket_name, 0, strrpos($socket_name, ':'));
 		}
 
-		// open the connection to start sending the file
-		if (!preg_match('#[0-9]{1,3},[0-9]{1,3},[0-9]{1,3},[0-9]{1,3},[0-9]+,[0-9]+#', $ip_port, $temp))
+		if (!isset($server_ip) || preg_match(get_preg_expression('ipv4'), $server_ip))
 		{
-			// bad ip and port
-			return false;
+			// Passive mode
+			$this->_send_command('PASV', '', false);
+
+			if (!$ip_port = $this->_check_command(true))
+			{
+				return false;
+			}
+
+			// open the connection to start sending the file
+			if (!preg_match('#[0-9]{1,3},[0-9]{1,3},[0-9]{1,3},[0-9]{1,3},[0-9]+,[0-9]+#', $ip_port, $temp))
+			{
+				// bad ip and port
+				return false;
+			}
+
+			$temp = explode(',', $temp[0]);
+			$server_ip = $temp[0] . '.' . $temp[1] . '.' . $temp[2] . '.' . $temp[3];
+			$server_port = $temp[4] * 256 + $temp[5];
+		}
+		else
+		{
+			// Extended Passive Mode - RFC2428
+			$this->_send_command('EPSV', '', false);
+
+			if (!$epsv_response = $this->_check_command(true))
+			{
+				return false;
+			}
+
+			// Response looks like "229 Entering Extended Passive Mode (|||12345|)"
+			// where 12345 is the tcp port for the data connection
+			if (!preg_match('#\(\|\|\|([0-9]+)\|\)#', $epsv_response, $match))
+			{
+				return false;
+			}
+			$server_port = (int) $match[1];
+
+			// fsockopen expects IPv6 address in square brackets
+			$server_ip = "[$server_ip]";
 		}
 
-		$temp = explode(',', $temp[0]);
-		$server_ip = $temp[0] . '.' . $temp[1] . '.' . $temp[2] . '.' . $temp[3];
-		$server_port = $temp[4] * 256 + $temp[5];
 		$errno = 0;
 		$errstr = '';