diff -crN phpbb207/admin/admin_board.php phpbb2017/admin/admin_board.php
*** phpbb207/admin/admin_board.php Sat Jul 10 20:16:28 2004
--- phpbb2017/admin/admin_board.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_board.php,v 1.51.2.6 2003/06/10 00:37:12 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_board.php,v 1.51.2.9 2004/11/18 17:49:33 acydburn Exp $
*
*
***************************************************************************/
***************
*** 43,49 ****
{
$config_name = $row['config_name'];
$config_value = $row['config_value'];
! $default_config[$config_name] = $config_value;
$new[$config_name] = ( isset($HTTP_POST_VARS[$config_name]) ) ? $HTTP_POST_VARS[$config_name] : $default_config[$config_name];
--- 43,49 ----
{
$config_name = $row['config_name'];
$config_value = $row['config_value'];
! $default_config[$config_name] = isset($HTTP_POST_VARS['submit']) ? str_replace("'", "\'", $config_value) : $config_value;
$new[$config_name] = ( isset($HTTP_POST_VARS[$config_name]) ) ? $HTTP_POST_VARS[$config_name] : $default_config[$config_name];
***************
*** 97,102 ****
--- 97,105 ----
$activation_user = ( $new['require_activation'] == USER_ACTIVATION_SELF ) ? "checked=\"checked\"" : "";
$activation_admin = ( $new['require_activation'] == USER_ACTIVATION_ADMIN ) ? "checked=\"checked\"" : "";
+ $confirm_yes = ($new['enable_confirm']) ? 'checked="checked"' : '';
+ $confirm_no = (!$new['enable_confirm']) ? 'checked="checked"' : '';
+
$board_email_form_yes = ( $new['board_email_form'] ) ? "checked=\"checked\"" : "";
$board_email_form_no = ( !$new['board_email_form'] ) ? "checked=\"checked\"" : "";
***************
*** 160,165 ****
--- 163,170 ----
"L_NONE" => $lang['Acc_None'],
"L_USER" => $lang['Acc_User'],
"L_ADMIN" => $lang['Acc_Admin'],
+ "L_VISUAL_CONFIRM" => $lang['Visual_confirm'],
+ "L_VISUAL_CONFIRM_EXPLAIN" => $lang['Visual_confirm_explain'],
"L_COOKIE_SETTINGS" => $lang['Cookie_settings'],
"L_COOKIE_SETTINGS_EXPLAIN" => $lang['Cookie_settings_explain'],
"L_COOKIE_DOMAIN" => $lang['Cookie_domain'],
diff -crN phpbb207/admin/admin_db_utilities.php phpbb2017/admin/admin_db_utilities.php
*** phpbb207/admin/admin_db_utilities.php Sat Jul 10 20:16:28 2004
--- phpbb2017/admin/admin_db_utilities.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_db_utilities.php,v 1.42.2.10 2003/03/04 21:02:19 acydburn Exp $
*
****************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_db_utilities.php,v 1.42.2.11 2005/02/21 18:36:49 acydburn Exp $
*
****************************************************************************/
***************
*** 693,699 ****
include('./page_footer_admin.'.$phpEx);
}
! $tables = array('auth_access', 'banlist', 'categories', 'config', 'disallow', 'forums', 'forum_prune', 'groups', 'posts', 'posts_text', 'privmsgs', 'privmsgs_text', 'ranks', 'search_results', 'search_wordlist', 'search_wordmatch', 'sessions', 'smilies', 'themes', 'themes_name', 'topics', 'topics_watch', 'user_group', 'users', 'vote_desc', 'vote_results', 'vote_voters', 'words');
$additional_tables = (isset($HTTP_POST_VARS['additional_tables'])) ? $HTTP_POST_VARS['additional_tables'] : ( (isset($HTTP_GET_VARS['additional_tables'])) ? $HTTP_GET_VARS['additional_tables'] : "" );
--- 693,699 ----
include('./page_footer_admin.'.$phpEx);
}
! $tables = array('auth_access', 'banlist', 'categories', 'config', 'disallow', 'forums', 'forum_prune', 'groups', 'posts', 'posts_text', 'privmsgs', 'privmsgs_text', 'ranks', 'search_results', 'search_wordlist', 'search_wordmatch', 'sessions', 'smilies', 'themes', 'themes_name', 'topics', 'topics_watch', 'user_group', 'users', 'vote_desc', 'vote_results', 'vote_voters', 'words', 'confirm');
$additional_tables = (isset($HTTP_POST_VARS['additional_tables'])) ? $HTTP_POST_VARS['additional_tables'] : ( (isset($HTTP_GET_VARS['additional_tables'])) ? $HTTP_GET_VARS['additional_tables'] : "" );
diff -crN phpbb207/admin/admin_forumauth.php phpbb2017/admin/admin_forumauth.php
*** phpbb207/admin/admin_forumauth.php Sat Jul 10 20:16:28 2004
--- phpbb2017/admin/admin_forumauth.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_forumauth.php,v 1.23.2.4 2002/05/21 16:52:08 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_forumauth.php,v 1.23.2.5 2004/03/25 15:57:19 acydburn Exp $
*
*
***************************************************************************/
***************
*** 102,121 ****
{
if(isset($HTTP_POST_VARS['simpleauth']))
{
! $simple_ary = $simple_auth_ary[$HTTP_POST_VARS['simpleauth']];
for($i = 0; $i < count($simple_ary); $i++)
{
$sql .= ( ( $sql != '' ) ? ', ' : '' ) . $forum_auth_fields[$i] . ' = ' . $simple_ary[$i];
}
! $sql = "UPDATE " . FORUMS_TABLE . " SET $sql WHERE forum_id = $forum_id";
}
else
{
for($i = 0; $i < count($forum_auth_fields); $i++)
{
! $value = $HTTP_POST_VARS[$forum_auth_fields[$i]];
if ( $forum_auth_fields[$i] == 'auth_vote' )
{
--- 102,124 ----
{
if(isset($HTTP_POST_VARS['simpleauth']))
{
! $simple_ary = $simple_auth_ary[intval($HTTP_POST_VARS['simpleauth'])];
for($i = 0; $i < count($simple_ary); $i++)
{
$sql .= ( ( $sql != '' ) ? ', ' : '' ) . $forum_auth_fields[$i] . ' = ' . $simple_ary[$i];
}
! if (is_array($simple_ary))
! {
! $sql = "UPDATE " . FORUMS_TABLE . " SET $sql WHERE forum_id = $forum_id";
! }
}
else
{
for($i = 0; $i < count($forum_auth_fields); $i++)
{
! $value = intval($HTTP_POST_VARS[$forum_auth_fields[$i]]);
if ( $forum_auth_fields[$i] == 'auth_vote' )
{
diff -crN phpbb207/admin/admin_forums.php phpbb2017/admin/admin_forums.php
*** phpbb207/admin/admin_forums.php Sat Jul 10 20:16:28 2004
--- phpbb2017/admin/admin_forums.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_forums.php,v 1.40.2.10 2003/01/05 02:36:00 psotfx Exp $
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_forums.php,v 1.40.2.12 2005/05/07 22:18:10 acydburn Exp $
*
***************************************************************************/
***************
*** 55,60 ****
--- 55,61 ----
if( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) )
{
$mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
+ $mode = htmlspecialchars($mode);
}
else
{
***************
*** 232,237 ****
--- 233,239 ----
if( $mode == "addforum" )
{
list($cat_id) = each($HTTP_POST_VARS['addforum']);
+ $cat_id = intval($cat_id);
//
// stripslashes needs to be run on this because slashes are added when the forum name is posted
//
***************
*** 1023,1026 ****
include('./page_footer_admin.'.$phpEx);
! ?>
--- 1025,1028 ----
include('./page_footer_admin.'.$phpEx);
! ?>
\ No newline at end of file
diff -crN phpbb207/admin/admin_groups.php phpbb2017/admin/admin_groups.php
*** phpbb207/admin/admin_groups.php Sat Jul 10 20:16:28 2004
--- phpbb2017/admin/admin_groups.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_groups.php,v 1.25.2.8 2003/05/17 17:32:18 acydburn Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_groups.php,v 1.25.2.9 2004/03/25 15:57:20 acydburn Exp $
*
*
***************************************************************************/
***************
*** 49,54 ****
--- 49,55 ----
if ( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) )
{
$mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
+ $mode = htmlspecialchars($mode);
}
else
{
diff -crN phpbb207/admin/admin_ranks.php phpbb2017/admin/admin_ranks.php
*** phpbb207/admin/admin_ranks.php Sat Jul 10 20:16:28 2004
--- phpbb2017/admin/admin_ranks.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_ranks.php,v 1.13.2.3 2002/11/28 00:11:39 psotfx Exp $
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_ranks.php,v 1.13.2.4 2004/03/25 15:57:20 acydburn Exp $
*
***************************************************************************/
***************
*** 38,43 ****
--- 38,44 ----
if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
{
$mode = ($HTTP_GET_VARS['mode']) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
+ $mode = htmlspecialchars($mode);
}
else
{
diff -crN phpbb207/admin/admin_smilies.php phpbb2017/admin/admin_smilies.php
*** phpbb207/admin/admin_smilies.php Sat Jul 10 20:16:28 2004
--- phpbb2017/admin/admin_smilies.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_smilies.php,v 1.22.2.12 2002/12/22 15:34:01 psotfx Exp $
*
****************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_smilies.php,v 1.22.2.14 2005/05/06 20:50:09 acydburn Exp $
*
****************************************************************************/
***************
*** 57,62 ****
--- 57,63 ----
if( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) )
{
$mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
+ $mode = htmlspecialchars($mode);
}
else
{
***************
*** 313,318 ****
--- 314,320 ----
//
$smiley_id = ( !empty($HTTP_POST_VARS['id']) ) ? $HTTP_POST_VARS['id'] : $HTTP_GET_VARS['id'];
+ $smiley_id = intval($smiley_id);
$sql = "DELETE FROM " . SMILIES_TABLE . "
WHERE smilies_id = " . $smiley_id;
***************
*** 333,338 ****
--- 335,341 ----
//
$smiley_id = ( !empty($HTTP_POST_VARS['id']) ) ? $HTTP_POST_VARS['id'] : $HTTP_GET_VARS['id'];
+ $smiley_id = intval($smiley_id);
$sql = "SELECT *
FROM " . SMILIES_TABLE . "
***************
*** 444,449 ****
--- 447,455 ----
$smile_code = ( isset($HTTP_POST_VARS['smile_code']) ) ? $HTTP_POST_VARS['smile_code'] : $HTTP_GET_VARS['smile_code'];
$smile_url = ( isset($HTTP_POST_VARS['smile_url']) ) ? $HTTP_POST_VARS['smile_url'] : $HTTP_GET_VARS['smile_url'];
$smile_emotion = ( isset($HTTP_POST_VARS['smile_emotion']) ) ? $HTTP_POST_VARS['smile_emotion'] : $HTTP_GET_VARS['smile_emotion'];
+ $smile_code = trim($smile_code);
+ $smile_url = trim($smile_url);
+ $smile_emotion = trim($smile_emotion);
// If no code was entered complain ...
if ($smile_code == '' || $smile_url == '')
***************
*** 550,553 ****
//
include('./page_footer_admin.'.$phpEx);
! ?>
--- 556,559 ----
//
include('./page_footer_admin.'.$phpEx);
! ?>
\ No newline at end of file
diff -crN phpbb207/admin/admin_styles.php phpbb2017/admin/admin_styles.php
*** phpbb207/admin/admin_styles.php Sat Jul 10 20:16:28 2004
--- phpbb2017/admin/admin_styles.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_styles.php,v 1.27.2.11 2003/06/26 00:08:17 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_styles.php,v 1.27.2.14 2005/03/17 17:33:30 acydburn Exp $
*
*
***************************************************************************/
***************
*** 48,53 ****
--- 48,56 ----
require('./pagestart.' . $phpEx);
+ $confirm = ( isset($HTTP_POST_VARS['confirm']) ) ? TRUE : FALSE;
+ $cancel = ( isset($HTTP_POST_VARS['cancel']) ) ? TRUE : FALSE;
+
if ($cancel)
{
redirect('admin/' . append_sid("admin_styles.$phpEx", true));
***************
*** 56,61 ****
--- 59,65 ----
if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
{
$mode = ( isset($HTTP_GET_VARS['mode']) ) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
+ $mode = htmlspecialchars($mode);
}
else
{
***************
*** 71,77 ****
if( isset($install_to) )
{
! include($phpbb_root_path. "templates/" . $install_to . "/theme_info.cfg");
$template_name = $$install_to;
$found = FALSE;
--- 75,81 ----
if( isset($install_to) )
{
! include($phpbb_root_path. "templates/" . basename($install_to) . "/theme_info.cfg");
$template_name = $$install_to;
$found = FALSE;
***************
*** 488,494 ****
$themes_title = $lang['Edit_theme'];
$themes_explain = $lang['Edit_theme_explain'];
! $style_id = $HTTP_GET_VARS['style_id'];
$selected_names = array();
$selected_values = array();
--- 492,498 ----
$themes_title = $lang['Edit_theme'];
$themes_explain = $lang['Edit_theme_explain'];
! $style_id = intval($HTTP_GET_VARS['style_id']);
$selected_names = array();
$selected_values = array();
***************
*** 703,709 ****
$sql = "SELECT *
FROM " . THEMES_TABLE . "
! WHERE template_name = '$template_name'";
if(!$result = $db->sql_query($sql))
{
message_die(GENERAL_ERROR, "Could not get theme data for selected template", "", __LINE__, __FILE__, $sql);
--- 707,713 ----
$sql = "SELECT *
FROM " . THEMES_TABLE . "
! WHERE template_name = '" . str_replace("\'", "''", $template_name) . "'";
if(!$result = $db->sql_query($sql))
{
message_die(GENERAL_ERROR, "Could not get theme data for selected template", "", __LINE__, __FILE__, $sql);
***************
*** 735,741 ****
@umask(0111);
! $fp = @fopen($phpbb_root_path . 'templates/' . $template_name . '/theme_info.cfg', 'w');
if( !$fp )
{
--- 739,745 ----
@umask(0111);
! $fp = @fopen($phpbb_root_path . 'templates/' . basename($template_name) . '/theme_info.cfg', 'w');
if( !$fp )
{
diff -crN phpbb207/admin/admin_ug_auth.php phpbb2017/admin/admin_ug_auth.php
*** phpbb207/admin/admin_ug_auth.php Sat Jul 10 20:16:28 2004
--- phpbb2017/admin/admin_ug_auth.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_ug_auth.php,v 1.13.2.4 2003/05/17 17:32:19 acydburn Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_ug_auth.php,v 1.13.2.9 2005/07/19 20:01:05 acydburn Exp $
*
*
***************************************************************************/
***************
*** 56,61 ****
--- 56,63 ----
$user_id = intval($user_id);
$group_id = intval($group_id);
+ $adv = intval($adv);
+ $mode = htmlspecialchars($mode);
//
// Start program - define vars
***************
*** 412,417 ****
--- 414,420 ----
FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug, " . USERS_TABLE . " u
WHERE ug.group_id = aa.group_id
AND u.user_id = ug.user_id
+ AND ug.user_pending = 0
AND u.user_level NOT IN (" . MOD . ", " . ADMIN . ")
GROUP BY u.user_id
HAVING SUM(aa.auth_mod) > 0";
***************
*** 506,511 ****
--- 509,556 ----
}
}
+ $sql = 'SELECT user_id FROM ' . USER_GROUP_TABLE . "
+ WHERE group_id = $group_id";
+ $result = $db->sql_query($sql);
+
+ $group_user = array();
+ while ($row = $db->sql_fetchrow($result))
+ {
+ $group_user[$row['user_id']] = $row['user_id'];
+ }
+ $db->sql_freeresult($result);
+
+ $sql = "SELECT ug.user_id, COUNT(auth_mod) AS is_auth_mod
+ FROM " . AUTH_ACCESS_TABLE . " aa, " . USER_GROUP_TABLE . " ug
+ WHERE ug.user_id IN (" . implode(', ', $group_user) . ")
+ AND aa.group_id = ug.group_id
+ AND aa.auth_mod = 1
+ GROUP BY ug.user_id";
+ if ( !($result = $db->sql_query($sql)) )
+ {
+ message_die(GENERAL_ERROR, 'Could not obtain moderator status', '', __LINE__, __FILE__, $sql);
+ }
+
+ while ($row = $db->sql_fetchrow($result))
+ {
+ if ($row['is_auth_mod'])
+ {
+ unset($group_user[$row['user_id']]);
+ }
+ }
+ $db->sql_freeresult($result);
+
+ if (sizeof($group_user))
+ {
+ $sql = "UPDATE " . USERS_TABLE . "
+ SET user_level = " . USER . "
+ WHERE user_id IN (" . implode(', ', $group_user) . ") AND user_level = " . MOD;
+ if ( !($result = $db->sql_query($sql)) )
+ {
+ message_die(GENERAL_ERROR, 'Could not update user level', '', __LINE__, __FILE__, $sql);
+ }
+ }
+
message_die(GENERAL_MESSAGE, $message);
}
}
***************
*** 524,532 ****
//
// Front end
//
! $sql = "SELECT *
! FROM " . FORUMS_TABLE . " f
! ORDER BY forum_order";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't obtain forum information", "", __LINE__, __FILE__, $sql);
--- 569,578 ----
//
// Front end
//
! $sql = "SELECT f.*
! FROM " . FORUMS_TABLE . " f, " . CATEGORIES_TABLE . " c
! WHERE f.cat_id = c.cat_id
! ORDER BY c.cat_order, f.forum_order ASC";
if ( !($result = $db->sql_query($sql)) )
{
message_die(GENERAL_ERROR, "Couldn't obtain forum information", "", __LINE__, __FILE__, $sql);
***************
*** 559,565 ****
}
}
! $sql = "SELECT u.user_id, u.username, u.user_level, g.group_id, g.group_name, g.group_single_user FROM " . USERS_TABLE . " u, " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug WHERE ";
$sql .= ( $mode == 'user' ) ? "u.user_id = $user_id AND ug.user_id = u.user_id AND g.group_id = ug.group_id" : "g.group_id = $group_id AND ug.group_id = g.group_id AND u.user_id = ug.user_id";
if ( !($result = $db->sql_query($sql)) )
{
--- 605,611 ----
}
}
! $sql = "SELECT u.user_id, u.username, u.user_level, g.group_id, g.group_name, g.group_single_user, ug.user_pending FROM " . USERS_TABLE . " u, " . GROUPS_TABLE . " g, " . USER_GROUP_TABLE . " ug WHERE ";
$sql .= ( $mode == 'user' ) ? "u.user_id = $user_id AND ug.user_id = u.user_id AND g.group_id = ug.group_id" : "g.group_id = $group_id AND ug.group_id = g.group_id AND u.user_id = ug.user_id";
if ( !($result = $db->sql_query($sql)) )
{
***************
*** 762,768 ****
$i++;
}
! @reset($auth_user);
if ( $mode == 'user' )
{
--- 808,814 ----
$i++;
}
! // @reset($auth_user);
if ( $mode == 'user' )
{
***************
*** 787,798 ****
if( count($name) )
{
! $t_usergroup_list = '';
for($i = 0; $i < count($ug_info); $i++)
{
$ug = ( $mode == 'user' ) ? 'group&' . POST_GROUPS_URL : 'user&' . POST_USERS_URL;
! $t_usergroup_list .= ( ( $t_usergroup_list != '' ) ? ', ' : '' ) . '' . $name[$i] . '';
}
}
else
--- 833,851 ----
if( count($name) )
{
! $t_usergroup_list = $t_pending_list = '';
for($i = 0; $i < count($ug_info); $i++)
{
$ug = ( $mode == 'user' ) ? 'group&' . POST_GROUPS_URL : 'user&' . POST_USERS_URL;
! if (!$ug_info[$i]['user_pending'])
! {
! $t_usergroup_list .= ( ( $t_usergroup_list != '' ) ? ', ' : '' ) . '' . $name[$i] . '';
! }
! else
! {
! $t_pending_list .= ( ( $t_pending_list != '' ) ? ', ' : '' ) . '' . $name[$i] . '';
! }
}
}
else
***************
*** 855,861 ****
$template->assign_vars(array(
'USERNAME' => $t_groupname,
! 'GROUP_MEMBERSHIP' => $lang['Usergroup_members'] . ' : ' . $t_usergroup_list)
);
}
--- 908,914 ----
$template->assign_vars(array(
'USERNAME' => $t_groupname,
! 'GROUP_MEMBERSHIP' => $lang['Usergroup_members'] . ' : ' . $t_usergroup_list . '
' . $lang['Pending_members'] . ' : ' . $t_pending_list)
);
}
diff -crN phpbb207/admin/admin_user_ban.php phpbb2017/admin/admin_user_ban.php
*** phpbb207/admin/admin_user_ban.php Sat Jul 10 20:16:28 2004
--- phpbb2017/admin/admin_user_ban.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_user_ban.php,v 1.21.2.4 2003/03/31 06:56:30 acydburn Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_user_ban.php,v 1.21.2.5 2004/03/25 15:57:20 acydburn Exp $
*
*
***************************************************************************/
***************
*** 277,283 ****
{
if ( $user_list[$i] != -1 )
{
! $where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . $user_list[$i];
}
}
}
--- 277,283 ----
{
if ( $user_list[$i] != -1 )
{
! $where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . intval($user_list[$i]);
}
}
}
***************
*** 290,296 ****
{
if ( $ip_list[$i] != -1 )
{
! $where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . $ip_list[$i];
}
}
}
--- 290,296 ----
{
if ( $ip_list[$i] != -1 )
{
! $where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . str_replace("\'", "''", $ip_list[$i]);
}
}
}
***************
*** 303,309 ****
{
if ( $email_list[$i] != -1 )
{
! $where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . $email_list[$i];
}
}
}
--- 303,309 ----
{
if ( $email_list[$i] != -1 )
{
! $where_sql .= ( ( $where_sql != '' ) ? ', ' : '' ) . str_replace("\'", "''", $email_list[$i]);
}
}
}
diff -crN phpbb207/admin/admin_users.php phpbb2017/admin/admin_users.php
*** phpbb207/admin/admin_users.php Sat Jul 10 20:16:28 2004
--- phpbb2017/admin/admin_users.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_users.php,v 1.57.2.25 2003/06/20 07:40:27 acydburn Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_users.php,v 1.57.2.27 2005/07/19 20:01:07 acydburn Exp $
*
*
***************************************************************************/
***************
*** 47,52 ****
--- 47,53 ----
if( isset( $HTTP_POST_VARS['mode'] ) || isset( $HTTP_GET_VARS['mode'] ) )
{
$mode = ( isset( $HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
+ $mode = htmlspecialchars($mode);
}
else
{
***************
*** 85,91 ****
$row = $db->sql_fetchrow($result);
$sql = "UPDATE " . POSTS_TABLE . "
! SET poster_id = " . DELETED . ", post_username = '$username'
WHERE poster_id = $user_id";
if( !$db->sql_query($sql) )
{
--- 86,92 ----
$row = $db->sql_fetchrow($result);
$sql = "UPDATE " . POSTS_TABLE . "
! SET poster_id = " . DELETED . ", post_username = '" . str_replace("\\'", "''", addslashes($this_userdata['username'])) . "'
WHERE poster_id = $user_id";
if( !$db->sql_query($sql) )
{
***************
*** 838,844 ****
if( isset($HTTP_POST_VARS['avatarcategory']) )
{
! $category = $HTTP_POST_VARS['avatarcategory'];
}
else
{
--- 839,845 ----
if( isset($HTTP_POST_VARS['avatarcategory']) )
{
! $category = htmlspecialchars($HTTP_POST_VARS['avatarcategory']);
}
else
{
diff -crN phpbb207/admin/admin_words.php phpbb2017/admin/admin_words.php
*** phpbb207/admin/admin_words.php Sat Jul 10 20:16:28 2004
--- phpbb2017/admin/admin_words.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_words.php,v 1.10.2.2 2002/05/12 15:57:45 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: admin_words.php,v 1.10.2.3 2004/03/25 15:57:20 acydburn Exp $
*
*
***************************************************************************/
***************
*** 39,44 ****
--- 39,45 ----
if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
{
$mode = ($HTTP_GET_VARS['mode']) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
+ $mode = htmlspecialchars($mode);
}
else
{
***************
*** 63,69 ****
{
if( $mode == "edit" || $mode == "add" )
{
! $word_id = ( isset($HTTP_GET_VARS['id']) ) ? $HTTP_GET_VARS['id'] : 0;
$template->set_filenames(array(
"body" => "admin/words_edit_body.tpl")
--- 64,70 ----
{
if( $mode == "edit" || $mode == "add" )
{
! $word_id = ( isset($HTTP_GET_VARS['id']) ) ? intval($HTTP_GET_VARS['id']) : 0;
$template->set_filenames(array(
"body" => "admin/words_edit_body.tpl")
***************
*** 113,119 ****
}
else if( $mode == "save" )
{
! $word_id = ( isset($HTTP_POST_VARS['id']) ) ? $HTTP_POST_VARS['id'] : 0;
$word = ( isset($HTTP_POST_VARS['word']) ) ? trim($HTTP_POST_VARS['word']) : "";
$replacement = ( isset($HTTP_POST_VARS['replacement']) ) ? trim($HTTP_POST_VARS['replacement']) : "";
--- 114,120 ----
}
else if( $mode == "save" )
{
! $word_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : 0;
$word = ( isset($HTTP_POST_VARS['word']) ) ? trim($HTTP_POST_VARS['word']) : "";
$replacement = ( isset($HTTP_POST_VARS['replacement']) ) ? trim($HTTP_POST_VARS['replacement']) : "";
***************
*** 150,155 ****
--- 151,157 ----
if( isset($HTTP_POST_VARS['id']) || isset($HTTP_GET_VARS['id']) )
{
$word_id = ( isset($HTTP_POST_VARS['id']) ) ? $HTTP_POST_VARS['id'] : $HTTP_GET_VARS['id'];
+ $word_id = intval($word_id);
}
else
{
diff -crN phpbb207/admin/index.php phpbb2017/admin/index.php
*** phpbb207/admin/index.php Sat Jul 10 20:16:28 2004
--- phpbb2017/admin/index.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: index.php,v 1.40.2.5 2003/08/03 11:50:51 acydburn Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: index.php,v 1.40.2.7 2005/02/21 18:37:02 acydburn Exp $
*
*
***************************************************************************/
***************
*** 332,338 ****
WHERE s.session_logged_in = " . TRUE . "
AND u.user_id = s.session_user_id
AND u.user_id <> " . ANONYMOUS . "
! AND u.user_session_time >= " . ( time() - 300 ) . "
ORDER BY u.user_session_time DESC";
if(!$result = $db->sql_query($sql))
{
--- 332,338 ----
WHERE s.session_logged_in = " . TRUE . "
AND u.user_id = s.session_user_id
AND u.user_id <> " . ANONYMOUS . "
! AND s.session_time >= " . ( time() - 300 ) . "
ORDER BY u.user_session_time DESC";
if(!$result = $db->sql_query($sql))
{
***************
*** 559,564 ****
--- 559,629 ----
"L_NO_GUESTS_BROWSING" => $lang['No_users_browsing'])
);
}
+
+ // Check for new version
+ $current_version = explode('.', '2' . $board_config['version']);
+ $minor_revision = (int) $current_version[2];
+
+ $errno = 0;
+ $errstr = $version_info = '';
+
+ if ($fsock = @fsockopen('www.phpbb.com', 80, $errno, $errstr))
+ {
+ @fputs($fsock, "GET /updatecheck/20x.txt HTTP/1.1\r\n");
+ @fputs($fsock, "HOST: www.phpbb.com\r\n");
+ @fputs($fsock, "Connection: close\r\n\r\n");
+
+ $get_info = false;
+ while (!@feof($fsock))
+ {
+ if ($get_info)
+ {
+ $version_info .= @fread($fsock, 1024);
+ }
+ else
+ {
+ if (@fgets($fsock, 1024) == "\r\n")
+ {
+ $get_info = true;
+ }
+ }
+ }
+ @fclose($fsock);
+
+ $version_info = explode("\n", $version_info);
+ $latest_head_revision = (int) $version_info[0];
+ $latest_minor_revision = (int) $version_info[2];
+ $latest_version = (int) $version_info[0] . '.' . (int) $version_info[1] . '.' . (int) $version_info[2];
+
+ if ($latest_head_revision == 2 && $minor_revision == $latest_minor_revision)
+ {
+ $version_info = '' . $lang['Version_up_to_date'] . '
';
+ }
+ else
+ {
+ $version_info = '' . $lang['Version_not_up_to_date'];
+ $version_info .= '
' . sprintf($lang['Latest_version_info'], $latest_version) . sprintf($lang['Current_version_info'], '2' . $board_config['version']) . '
';
+ }
+ }
+ else
+ {
+ if ($errstr)
+ {
+ $version_info = '' . sprintf($lang['Connect_socket_error'], $errstr) . '
';
+ }
+ else
+ {
+ $version_info = '' . $lang['Socket_functions_disabled'] . '
';
+ }
+ }
+
+ $version_info .= '' . $lang['Mailing_list_subscribe_reminder'] . '
';
+
+
+ $template->assign_vars(array(
+ 'VERSION_INFO' => $version_info,
+ 'L_VERSION_INFORMATION' => $lang['Version_information'])
+ );
$template->pparse("body");
diff -crN phpbb207/admin/page_footer_admin.php phpbb2017/admin/page_footer_admin.php
*** phpbb207/admin/page_footer_admin.php Sat Jul 10 20:16:28 2004
--- phpbb2017/admin/page_footer_admin.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: page_footer_admin.php,v 1.9.2.2 2002/05/12 15:57:45 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: page_footer_admin.php,v 1.9.2.3 2005/04/15 20:15:47 acydburn Exp $
*
*
***************************************************************************/
***************
*** 33,39 ****
);
$template->assign_vars(array(
! 'PHPBB_VERSION' => '2' . $board_config['version'],
'TRANSLATION_INFO' => $lang['TRANSLATION_INFO'])
);
--- 33,39 ----
);
$template->assign_vars(array(
! 'PHPBB_VERSION' => ($userdata['user_level'] == ADMIN && $userdata['user_id'] != ANONYMOUS) ? '2' . $board_config['version'] : '',
'TRANSLATION_INFO' => $lang['TRANSLATION_INFO'])
);
diff -crN phpbb207/admin/page_header_admin.php phpbb2017/admin/page_header_admin.php
*** phpbb207/admin/page_header_admin.php Sat Jul 10 20:16:28 2004
--- phpbb2017/admin/page_header_admin.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: page_header_admin.php,v 1.12.2.5 2003/06/10 20:48:18 acydburn Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: page_header_admin.php,v 1.12.2.6 2005/03/26 14:15:59 acydburn Exp $
*
*
***************************************************************************/
***************
*** 35,41 ****
{
$phpver = phpversion();
! $useragent = (isset($_SERVER["HTTP_USER_AGENT"]) ) ? $_SERVER["HTTP_USER_AGENT"] : $HTTP_USER_AGENT;
if ( $phpver >= '4.0.4pl1' && ( strstr($useragent,'compatible') || strstr($useragent,'Gecko') ) )
{
--- 35,41 ----
{
$phpver = phpversion();
! $useragent = (isset($HTTP_SERVER_VARS['HTTP_USER_AGENT'])) ? $HTTP_SERVER_VARS['HTTP_USER_AGENT'] : getenv('HTTP_USER_AGENT');
if ( $phpver >= '4.0.4pl1' && ( strstr($useragent,'compatible') || strstr($useragent,'Gecko') ) )
{
diff -crN phpbb207/admin/pagestart.php phpbb2017/admin/pagestart.php
*** phpbb207/admin/pagestart.php Sat Jul 10 20:16:28 2004
--- phpbb2017/admin/pagestart.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: pagestart.php,v 1.1.2.6 2003/05/06 20:18:42 acydburn Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: pagestart.php,v 1.1.2.9 2005/06/26 14:39:30 acydburn Exp $
*
*
***************************************************************************/
***************
*** 40,46 ****
if (!$userdata['session_logged_in'])
{
! redirect(append_sid("login.$phpEx?redirect=admin/", true));
}
else if ($userdata['user_level'] != ADMIN)
{
--- 40,46 ----
if (!$userdata['session_logged_in'])
{
! redirect(append_sid("login.$phpEx?redirect=admin/index.$phpEx", true));
}
else if ($userdata['user_level'] != ADMIN)
{
***************
*** 56,62 ****
$url = preg_replace('/\?$/', '', $url);
$url .= ((strpos($url, '?')) ? '&' : '?') . 'sid=' . $userdata['session_id'];
! redirect($url);
}
if (empty($no_page_header))
--- 56,67 ----
$url = preg_replace('/\?$/', '', $url);
$url .= ((strpos($url, '?')) ? '&' : '?') . 'sid=' . $userdata['session_id'];
! redirect("index.$phpEx?sid=" . $userdata['session_id']);
! }
!
! if (!$userdata['session_admin'])
! {
! redirect(append_sid("login.$phpEx?redirect=admin/index.$phpEx&admin=1", true));
}
if (empty($no_page_header))
diff -crN phpbb207/common.php phpbb2017/common.php
*** phpbb207/common.php Sat Jul 10 20:16:29 2004
--- phpbb2017/common.php Tue Jul 19 22:14:58 2005
***************
*** 6,13 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: common.php,v 1.74.2.10 2003/06/04 17:41:39 acydburn Exp $
! *
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: common.php,v 1.74.2.17 2005/02/21 19:29:30 acydburn Exp $
*
***************************************************************************/
***************
*** 25,33 ****
--- 24,105 ----
die("Hacking attempt");
}
+ //
error_reporting (E_ERROR | E_WARNING | E_PARSE); // This will NOT report uninitialized variables
set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
+ // The following code (unsetting globals) was contributed by Matt Kavanagh
+
+ // PHP5 with register_long_arrays off?
+ if (!isset($HTTP_POST_VARS) && isset($_POST))
+ {
+ $HTTP_POST_VARS = $_POST;
+ $HTTP_GET_VARS = $_GET;
+ $HTTP_SERVER_VARS = $_SERVER;
+ $HTTP_COOKIE_VARS = $_COOKIE;
+ $HTTP_ENV_VARS = $_ENV;
+ $HTTP_POST_FILES = $_FILES;
+
+ // _SESSION is the only superglobal which is conditionally set
+ if (isset($_SESSION))
+ {
+ $HTTP_SESSION_VARS = $_SESSION;
+ }
+ }
+
+ if (@phpversion() < '4.0.0')
+ {
+ // PHP3 path; in PHP3, globals are _always_ registered
+
+ // We 'flip' the array of variables to test like this so that
+ // we can validate later with isset($test[$var]) (no in_array())
+ $test = array('HTTP_GET_VARS' => NULL, 'HTTP_POST_VARS' => NULL, 'HTTP_COOKIE_VARS' => NULL, 'HTTP_SERVER_VARS' => NULL, 'HTTP_ENV_VARS' => NULL, 'HTTP_POST_FILES' => NULL, 'phpEx' => NULL, 'phpbb_root_path' => NULL);
+
+ // Loop through each input array
+ @reset($test);
+ while (list($input,) = @each($test))
+ {
+ while (list($var,) = @each($$input))
+ {
+ // Validate the variable to be unset
+ if (!isset($test[$var]) && $var != 'test' && $var != 'input')
+ {
+ unset($$var);
+ }
+ }
+ }
+ }
+ else if (@ini_get('register_globals') == '1' || strtolower(@ini_get('register_globals')) == 'on')
+ {
+ // PHP4+ path
+ $not_unset = array('HTTP_GET_VARS', 'HTTP_POST_VARS', 'HTTP_COOKIE_VARS', 'HTTP_SERVER_VARS', 'HTTP_SESSION_VARS', 'HTTP_ENV_VARS', 'HTTP_POST_FILES', 'phpEx', 'phpbb_root_path');
+
+ // Not only will array_merge give a warning if a parameter
+ // is not an array, it will actually fail. So we check if
+ // HTTP_SESSION_VARS has been initialised.
+ if (!isset($HTTP_SESSION_VARS))
+ {
+ $HTTP_SESSION_VARS = array();
+ }
+
+ // Merge all into one extremely huge array; unset
+ // this later
+ $input = array_merge($HTTP_GET_VARS, $HTTP_POST_VARS, $HTTP_COOKIE_VARS, $HTTP_SERVER_VARS, $HTTP_SESSION_VARS, $HTTP_ENV_VARS, $HTTP_POST_FILES);
+
+ unset($input['input']);
+ unset($input['not_unset']);
+
+ while (list($var,) = @each($input))
+ {
+ if (!in_array($var, $not_unset))
+ {
+ unset($$var);
+ }
+ }
+
+ unset($input);
+ }
+
//
// addslashes to vars if magic_quotes_gpc is off
// this is a security precaution to prevent someone
***************
*** 106,111 ****
--- 178,184 ----
$theme = array();
$images = array();
$lang = array();
+ $nav_links = array();
$gen_simple_header = FALSE;
include($phpbb_root_path . 'config.'.$phpEx);
***************
*** 126,157 ****
//
// Obtain and encode users IP
//
! if( getenv('HTTP_X_FORWARDED_FOR') != '' )
! {
! $client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : $REMOTE_ADDR );
!
! $entries = explode(',', getenv('HTTP_X_FORWARDED_FOR'));
! reset($entries);
! while (list(, $entry) = each($entries))
! {
! $entry = trim($entry);
! if ( preg_match("/^([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)/", $entry, $ip_list) )
! {
! $private_ip = array('/^0\./', '/^127\.0\.0\.1/', '/^192\.168\..*/', '/^172\.((1[6-9])|(2[0-9])|(3[0-1]))\..*/', '/^10\..*/', '/^224\..*/', '/^240\..*/');
! $found_ip = preg_replace($private_ip, $client_ip, $ip_list[1]);
!
! if ($client_ip != $found_ip)
! {
! $client_ip = $found_ip;
! break;
! }
! }
! }
! }
! else
! {
! $client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : $REMOTE_ADDR );
! }
$user_ip = encode_ip($client_ip);
//
--- 199,210 ----
//
// Obtain and encode users IP
//
! // I'm removing HTTP_X_FORWARDED_FOR ... this may well cause other problems such as
! // private range IP's appearing instead of the guilty routable IP, tough, don't
! // even bother complaining ... go scream and shout at the idiots out there who feel
! // "clever" is doing harm rather than good ... karma is a great thing ... :)
! //
! $client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : getenv('REMOTE_ADDR') );
$user_ip = encode_ip($client_ip);
//
diff -crN phpbb207/db/oracle.php phpbb2017/db/oracle.php
*** phpbb207/db/oracle.php Sat Jul 10 20:16:28 2004
--- phpbb2017/db/oracle.php Thu Jan 1 01:00:00 1970
***************
*** 1,472 ****
- persistency = $persistency;
- $this->user = $sqluser;
- $this->password = $sqlpassword;
- $this->server = $sqlserver;
- $this->dbname = $database;
-
- if($this->persistency)
- {
- $this->db_connect_id = @OCIPLogon($this->user, $this->password, $this->server);
- }
- else
- {
- $this->db_connect_id = @OCINLogon($this->user, $this->password, $this->server);
- }
- if($this->db_connect_id)
- {
- return $this->db_connect_id;
- }
- else
- {
- return false;
- }
- }
-
- //
- // Other base methods
- //
- function sql_close()
- {
- if($this->db_connect_id)
- {
- // Commit outstanding transactions
- if($this->in_transaction)
- {
- OCICommit($this->db_connect_id);
- }
-
- if($this->query_result)
- {
- @OCIFreeStatement($this->query_result);
- }
- $result = @OCILogoff($this->db_connect_id);
- return $result;
- }
- else
- {
- return false;
- }
- }
-
- //
- // Base query method
- //
- function sql_query($query = "", $transaction = FALSE)
- {
- // Remove any pre-existing queries
- unset($this->query_result);
-
- // Put us in transaction mode because with Oracle as soon as you make a query you're in a transaction
- $this->in_transaction = TRUE;
-
- if($query != "")
- {
- $this->last_query = $query;
- $this->num_queries++;
-
- if(eregi("LIMIT", $query))
- {
- preg_match("/^(.*)LIMIT ([0-9]+)[, ]*([0-9]+)*/s", $query, $limits);
-
- $query = $limits[1];
- if($limits[3])
- {
- $row_offset = $limits[2];
- $num_rows = $limits[3];
- }
- else
- {
- $row_offset = 0;
- $num_rows = $limits[2];
- }
- }
-
- if(eregi("^(INSERT|UPDATE) ", $query))
- {
- $query = preg_replace("/\\\'/s", "''", $query);
- }
-
- $this->query_result = @OCIParse($this->db_connect_id, $query);
- $success = @OCIExecute($this->query_result, OCI_DEFAULT);
- }
- if($success)
- {
- if($transaction == END_TRANSACTION)
- {
- OCICommit($this->db_connect_id);
- $this->in_transaction = FALSE;
- }
-
- unset($this->row[$this->query_result]);
- unset($this->rowset[$this->query_result]);
- $this->last_query_text[$this->query_result] = $query;
-
- return $this->query_result;
- }
- else
- {
- if($this->in_transaction)
- {
- OCIRollback($this->db_connect_id);
- }
- return false;
- }
- }
-
- //
- // Other query methods
- //
- function sql_numrows($query_id = 0)
- {
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- if($query_id)
- {
- $result = @OCIFetchStatement($query_id, $this->rowset);
- // OCIFetchStatment kills our query result so we have to execute the statment again
- // if we ever want to use the query_id again.
- @OCIExecute($query_id, OCI_DEFAULT);
- return $result;
- }
- else
- {
- return false;
- }
- }
- function sql_affectedrows($query_id = 0)
- {
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- if($query_id)
- {
- $result = @OCIRowCount($query_id);
- return $result;
- }
- else
- {
- return false;
- }
- }
- function sql_numfields($query_id = 0)
- {
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- if($query_id)
- {
- $result = @OCINumCols($query_id);
- return $result;
- }
- else
- {
- return false;
- }
- }
- function sql_fieldname($offset, $query_id = 0)
- {
- // OCIColumnName uses a 1 based array so we have to up the offset by 1 in here to maintain
- // full abstraction compatibitly
- $offset += 1;
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- if($query_id)
- {
- $result = strtolower(@OCIColumnName($query_id, $offset));
- return $result;
- }
- else
- {
- return false;
- }
- }
- function sql_fieldtype($offset, $query_id = 0)
- {
- // This situation is the same as fieldname
- $offset += 1;
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- if($query_id)
- {
- $result = @OCIColumnType($query_id, $offset);
- return $result;
- }
- else
- {
- return false;
- }
- }
- function sql_fetchrow($query_id = 0, $debug = FALSE)
- {
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- if($query_id)
- {
- $result_row = "";
- $result = @OCIFetchInto($query_id, $result_row, OCI_ASSOC+OCI_RETURN_NULLS);
- if($debug)
- {
- echo "Query was: ".$this->last_query . "
";
- echo "Result: $result
";
- echo "Query ID: $query_id
";
- echo "";
- var_dump($result_row);
- echo "
";
- }
- if($result_row == "")
- {
- return false;
- }
-
- for($i = 0; $i < count($result_row); $i++)
- {
- list($key, $val) = each($result_row);
- $return_arr[strtolower($key)] = $val;
- }
- $this->row[$query_id] = $return_arr;
-
- return $this->row[$query_id];
- }
- else
- {
- return false;
- }
- }
- // This function probably isn't as efficant is it could be but any other way I do it
- // I end up losing 1 row...
- function sql_fetchrowset($query_id = 0)
- {
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- if($query_id)
- {
- $rows = @OCIFetchStatement($query_id, $results);
- @OCIExecute($query_id, OCI_DEFAULT);
- for($i = 0; $i < $rows; $i++)
- {
- @OCIFetchInto($query_id, $tmp_result, OCI_ASSOC+OCI_RETURN_NULLS);
-
- for($j = 0; $j < count($tmp_result); $j++)
- {
- list($key, $val) = each($tmp_result);
- $return_arr[strtolower($key)] = $val;
- }
- $result[] = $return_arr;
- }
- return $result;
- }
- else
- {
- return false;
- }
- }
- function sql_fetchfield($field, $rownum = -1, $query_id = 0)
- {
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- if($query_id)
- {
- if($rownum > -1)
- {
- // Reset the internal rownum pointer.
- @OCIExecute($query_id, OCI_DEFAULT);
- for($i = 0; $i < $rownum; $i++)
- {
- // Move the interal pointer to the row we want
- @OCIFetch($query_id);
- }
- // Get the field data.
- $result = @OCIResult($query_id, strtoupper($field));
- }
- else
- {
- // The internal pointer should be where we want it
- // so we just grab the field out of the current row.
- $result = @OCIResult($query_id, strtoupper($field));
- }
- return $result;
- }
- else
- {
- return false;
- }
- }
- function sql_rowseek($rownum, $query_id = 0)
- {
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- if($query_id)
- {
- @OCIExecute($query_id, OCI_DEFAULT);
- for($i = 0; $i < $rownum; $i++)
- {
- @OCIFetch($query_id);
- }
- $result = @OCIFetch($query_id);
- return $result;
- }
- else
- {
- return false;
- }
- }
- function sql_nextid($query_id = 0)
- {
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- if($query_id && $this->last_query_text[$query_id] != "")
- {
- if( eregi("^(INSERT{1}|^INSERT INTO{1})[[:space:]][\"]?([a-zA-Z0-9\_\-]+)[\"]?", $this->last_query_text[$query_id], $tablename))
- {
- $query = "SELECT ".$tablename[2]."_id_seq.currval FROM DUAL";
- $stmt = @OCIParse($this->db_connect_id, $query);
- @OCIExecute($stmt,OCI_DEFAULT );
- $temp_result = @OCIFetchInto($stmt, $temp_result, OCI_ASSOC+OCI_RETURN_NULLS);
- if($temp_result)
- {
- return $temp_result['CURRVAL'];
- }
- else
- {
- return false;
- }
- }
- else
- {
- return false;
- }
- }
- else
- {
- return false;
- }
- }
-
- function sql_nextid($query_id = 0)
- {
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- if($query_id && $this->last_query_text[$query_id] != "")
- {
- if( eregi("^(INSERT{1}|^INSERT INTO{1})[[:space:]][\"]?([a-zA-Z0-9\_\-]+)[\"]?", $this->last_query_text[$query_id], $tablename))
- {
- $query = "SELECT ".$tablename[2]."_id_seq.CURRVAL FROM DUAL";
- $temp_q_id = @OCIParse($this->db_connect_id, $query);
- @OCIExecute($temp_q_id, OCI_DEFAULT);
- @OCIFetchInto($temp_q_id, $temp_result, OCI_ASSOC+OCI_RETURN_NULLS);
-
- if($temp_result)
- {
- return $temp_result['CURRVAL'];
- }
- else
- {
- return false;
- }
- }
- else
- {
- return false;
- }
- }
- else
- {
- return false;
- }
- }
-
-
-
- function sql_freeresult($query_id = 0)
- {
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- if($query_id)
- {
- $result = @OCIFreeStatement($query_id);
- return $result;
- }
- else
- {
- return false;
- }
- }
- function sql_error($query_id = 0)
- {
- if(!$query_id)
- {
- $query_id = $this->query_result;
- }
- $result = @OCIError($query_id);
- return $result;
- }
-
- } // class sql_db
-
- } // if ... define
-
- ?>
\ No newline at end of file
--- 0 ----
diff -crN phpbb207/db/postgres7.php phpbb2017/db/postgres7.php
*** phpbb207/db/postgres7.php Sat Jul 10 20:16:28 2004
--- phpbb2017/db/postgres7.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : supportphpbb.com
*
! * $Id: postgres7.php,v 1.19 2002/03/05 02:19:38 psotfx Exp $
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : supportphpbb.com
*
! * $Id: postgres7.php,v 1.19.2.3 2005/05/06 20:50:10 acydburn Exp $
*
***************************************************************************/
diff -crN phpbb207/faq.php phpbb2017/faq.php
*** phpbb207/faq.php Sat Jul 10 20:16:28 2004
--- phpbb2017/faq.php Tue Jul 19 22:14:58 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: faq.php,v 1.14 2002/03/31 00:06:33 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: faq.php,v 1.14.2.2 2004/07/11 16:46:15 acydburn Exp $
*
*
***************************************************************************/
***************
*** 34,39 ****
--- 34,42 ----
// End session management
//
+ // Set vars to prevent naughtiness
+ $faq = array();
+
//
// Load the appropriate faq file
//
***************
*** 97,103 ****
$template->set_filenames(array(
'body' => 'faq_body.tpl')
);
! make_jumpbox('viewforum.'.$phpEx, $forum_id);
$template->assign_vars(array(
'L_FAQ_TITLE' => $l_title,
--- 100,106 ----
$template->set_filenames(array(
'body' => 'faq_body.tpl')
);
! make_jumpbox('viewforum.'.$phpEx);
$template->assign_vars(array(
'L_FAQ_TITLE' => $l_title,
diff -crN phpbb207/groupcp.php phpbb2017/groupcp.php
*** phpbb207/groupcp.php Sat Jul 10 20:16:28 2004
--- phpbb2017/groupcp.php Tue Jul 19 22:14:58 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: groupcp.php,v 1.58.2.19 2003/12/30 14:17:49 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: groupcp.php,v 1.58.2.23 2005/05/06 20:50:10 acydburn Exp $
*
*
***************************************************************************/
***************
*** 337,343 ****
message_die(GENERAL_ERROR, 'Could not obtain moderator status', '', __LINE__, __FILE__, $sql);
}
! if ( !($row = $db->sql_fetchrow($result)) )
{
$sql = "UPDATE " . USERS_TABLE . "
SET user_level = " . USER . "
--- 337,343 ----
message_die(GENERAL_ERROR, 'Could not obtain moderator status', '', __LINE__, __FILE__, $sql);
}
! if ( !($row = $db->sql_fetchrow($result)) || $row['is_auth_mod'] == 0 )
{
$sql = "UPDATE " . USERS_TABLE . "
SET user_level = " . USER . "
***************
*** 425,431 ****
$sql = "SELECT g.group_moderator, g.group_type, aa.auth_mod
FROM " . GROUPS_TABLE . " g, " . AUTH_ACCESS_TABLE . " aa
WHERE g.group_id = $group_id
! AND aa.group_id = g.group_id(+)";
break;
default:
--- 425,431 ----
$sql = "SELECT g.group_moderator, g.group_type, aa.auth_mod
FROM " . GROUPS_TABLE . " g, " . AUTH_ACCESS_TABLE . " aa
WHERE g.group_id = $group_id
! AND aa.group_id (+) = g.group_id";
break;
default:
***************
*** 472,478 ****
if ( isset($HTTP_POST_VARS['add']) )
{
! $username = ( isset($HTTP_POST_VARS['username']) ) ? htmlspecialchars($HTTP_POST_VARS['username']) : '';
$sql = "SELECT user_id, user_email, user_lang, user_level
FROM " . USERS_TABLE . "
--- 472,478 ----
if ( isset($HTTP_POST_VARS['add']) )
{
! $username = ( isset($HTTP_POST_VARS['username']) ) ? phpbb_clean_username($HTTP_POST_VARS['username']) : '';
$sql = "SELECT user_id, user_email, user_lang, user_level
FROM " . USERS_TABLE . "
***************
*** 1149,1154 ****
--- 1149,1156 ----
// Select all group that the user is a member of or where the user has
// a pending membership.
//
+ $in_group = array();
+
if ( $userdata['session_logged_in'] )
{
$sql = "SELECT g.group_id, g.group_name, g.group_type, ug.user_pending
***************
*** 1243,1249 ****
$template->assign_block_vars('switch_groups_remaining', array() );
}
! $s_hidden_fields = '';
$template->assign_vars(array(
'L_GROUP_MEMBERSHIP_DETAILS' => $lang['Group_member_details'],
--- 1245,1251 ----
$template->assign_block_vars('switch_groups_remaining', array() );
}
! $s_hidden_fields = '';
$template->assign_vars(array(
'L_GROUP_MEMBERSHIP_DETAILS' => $lang['Group_member_details'],
diff -crN phpbb207/includes/bbcode.php phpbb2017/includes/bbcode.php
*** phpbb207/includes/bbcode.php Sat Jul 10 20:16:29 2004
--- phpbb2017/includes/bbcode.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: bbcode.php,v 1.36.2.28 2003/09/10 17:50:14 psotfx Exp $
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: bbcode.php,v 1.36.2.35 2005/07/19 20:01:10 acydburn Exp $
*
***************************************************************************/
***************
*** 124,129 ****
--- 124,131 ----
{
global $lang, $bbcode_tpl;
+ $text = preg_replace('#(script|about|applet|activex|chrome):#is', "\\1:", $text);
+
// pad it with a space so we can distinguish between FALSE and matching the 1st char (index 0).
// This is important; bbencode_quote(), bbencode_list(), and bbencode_code() all depend on it.
$text = " " . $text;
***************
*** 194,216 ****
// [img]image_url_here[/img] code..
// This one gets first-passed..
! $patterns[] = "#\[img:$uid\](.*?)\[/img:$uid\]#si";
$replacements[] = $bbcode_tpl['img'];
// matches a [url]xxxx://www.phpbb.com[/url] code..
! $patterns[] = "#\[url\]([\w]+?://[^ \"\n\r\t<]*?)\[/url\]#is";
$replacements[] = $bbcode_tpl['url1'];
// [url]www.phpbb.com[/url] code.. (no xxxx:// prefix).
! $patterns[] = "#\[url\]((www|ftp)\.[^ \"\n\r\t<]*?)\[/url\]#is";
$replacements[] = $bbcode_tpl['url2'];
// [url=xxxx://www.phpbb.com]phpBB[/url] code..
! $patterns[] = "#\[url=([\w]+?://[^ \"\n\r\t<]*?)\](.*?)\[/url\]#is";
$replacements[] = $bbcode_tpl['url3'];
// [url=www.phpbb.com]phpBB[/url] code.. (no xxxx:// prefix).
! $patterns[] = "#\[url=((www|ftp)\.[^ \"\n\r\t<]*?)\](.*?)\[/url\]#is";
$replacements[] = $bbcode_tpl['url4'];
// [email]user@domain.tld[/email] code..
--- 196,218 ----
// [img]image_url_here[/img] code..
// This one gets first-passed..
! $patterns[] = "#\[img:$uid\]([^?].*?)\[/img:$uid\]#i";
$replacements[] = $bbcode_tpl['img'];
// matches a [url]xxxx://www.phpbb.com[/url] code..
! $patterns[] = "#\[url\]([\w]+?://[\w\#$%&~/.\-;:=,?@\[\]+]*?)\[/url\]#is";
$replacements[] = $bbcode_tpl['url1'];
// [url]www.phpbb.com[/url] code.. (no xxxx:// prefix).
! $patterns[] = "#\[url\]((www|ftp)\.[\w\#$%&~/.\-;:=,?@\[\]+]*?)\[/url\]#is";
$replacements[] = $bbcode_tpl['url2'];
// [url=xxxx://www.phpbb.com]phpBB[/url] code..
! $patterns[] = "#\[url=([\w]+?://[\w\#$%&~/.\-;:=,?@\[\]+]*?)\]([^?\n\r\t].*?)\[/url\]#is";
$replacements[] = $bbcode_tpl['url3'];
// [url=www.phpbb.com]phpBB[/url] code.. (no xxxx:// prefix).
! $patterns[] = "#\[url=((www|ftp)\.[\w\#$%&~/.\-;:=,?@\[\]+]*?)\]([^?\n\r\t].*?)\[/url\]#is";
$replacements[] = $bbcode_tpl['url4'];
// [email]user@domain.tld[/email] code..
***************
*** 281,287 ****
$text = preg_replace("#\[i\](.*?)\[/i\]#si", "[i:$uid]\\1[/i:$uid]", $text);
// [img]image_url_here[/img] code..
! $text = preg_replace("#\[img\]((ht|f)tp://)([^\r\n\t<\"]*?)\[/img\]#sie", "'[img:$uid]\\1' . str_replace(' ', '%20', '\\3') . '[/img:$uid]'", $text);
// Remove our padding from the string..
return substr($text, 1);;
--- 283,289 ----
$text = preg_replace("#\[i\](.*?)\[/i\]#si", "[i:$uid]\\1[/i:$uid]", $text);
// [img]image_url_here[/img] code..
! $text = preg_replace("#\[img\]((http|ftp|https|ftps)://)([^ \?&=\#\"\n\r\t<]*?(\.(jpg|jpeg|gif|png)))\[/img\]#sie", "'[img:$uid]\\1' . str_replace(' ', '%20', '\\3') . '[/img:$uid]'", $text);
// Remove our padding from the string..
return substr($text, 1);;
***************
*** 614,619 ****
--- 616,622 ----
*/
function make_clickable($text)
{
+ $text = preg_replace('#(script|about|applet|activex|chrome):#is', "\\1:", $text);
// pad it with a space so we can match things at the start of the 1st line.
$ret = ' ' . $text;
***************
*** 621,633 ****
// matches an "xxxx://yyyy" URL at the start of a line, or after a space.
// xxxx can only be alpha characters.
// yyyy is anything up to the first space, newline, comma, double quote or <
! $ret = preg_replace("#(^|[\n ])([\w]+?://[^ \"\n\r\t<]*)#is", "\\1\\2", $ret);
// matches a "www|ftp.xxxx.yyyy[/zzzz]" kinda lazy URL thing
// Must contain at least 2 dots. xxxx contains either alphanum, or "-"
// zzzz is optional.. will contain everything up to the first space, newline,
// comma, double quote or <.
! $ret = preg_replace("#(^|[\n ])((www|ftp)\.[^ \"\t\n\r<]*)#is", "\\1\\2", $ret);
// matches an email@domain type address at the start of a line, or after a space.
// Note: Only the followed chars are valid; alphanums, "-", "_" and or ".".
--- 624,636 ----
// matches an "xxxx://yyyy" URL at the start of a line, or after a space.
// xxxx can only be alpha characters.
// yyyy is anything up to the first space, newline, comma, double quote or <
! $ret = preg_replace("#(^|[\n ])([\w]+?://[\w\#$%&~/.\-;:=,?@\[\]+]*)#is", "\\1\\2", $ret);
// matches a "www|ftp.xxxx.yyyy[/zzzz]" kinda lazy URL thing
// Must contain at least 2 dots. xxxx contains either alphanum, or "-"
// zzzz is optional.. will contain everything up to the first space, newline,
// comma, double quote or <.
! $ret = preg_replace("#(^|[\n ])((www|ftp)\.[\w\#$%&~/.\-;:=,?@\[\]+]*)#is", "\\1\\2", $ret);
// matches an email@domain type address at the start of a line, or after a space.
// Note: Only the followed chars are valid; alphanums, "-", "_" and or ".".
diff -crN phpbb207/includes/constants.php phpbb2017/includes/constants.php
*** phpbb207/includes/constants.php Sat Jul 10 20:16:29 2004
--- phpbb2017/includes/constants.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : ('C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: constants.php,v 1.47.2.4 2003/06/10 00:39:51 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : ('C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: constants.php,v 1.47.2.5 2004/11/18 17:49:42 acydburn Exp $
*
*
***************************************************************************/
***************
*** 148,153 ****
--- 148,154 ----
// Table names
+ define('CONFIRM_TABLE', $table_prefix.'confirm');
define('AUTH_ACCESS_TABLE', $table_prefix.'auth_access');
define('BANLIST_TABLE', $table_prefix.'banlist');
define('CATEGORIES_TABLE', $table_prefix.'categories');
diff -crN phpbb207/includes/functions.php phpbb2017/includes/functions.php
*** phpbb207/includes/functions.php Sat Jul 10 20:16:29 2004
--- phpbb2017/includes/functions.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: functions.php,v 1.133.2.31 2003/07/20 13:14:27 acydburn Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: functions.php,v 1.133.2.35 2005/07/19 20:01:11 acydburn Exp $
*
*
***************************************************************************/
***************
*** 74,79 ****
--- 74,115 ----
return false;
}
+ // added at phpBB 2.0.11 to properly format the username
+ function phpbb_clean_username($username)
+ {
+ $username = substr(htmlspecialchars(str_replace("\'", "'", trim($username))), 0, 25);
+ $username = phpbb_rtrim($username, "\\");
+ $username = str_replace("'", "\'", $username);
+
+ return $username;
+ }
+
+ // added at phpBB 2.0.12 to fix a bug in PHP 4.3.10 (only supporting charlist in php >= 4.1.0)
+ function phpbb_rtrim($str, $charlist = false)
+ {
+ if ($charlist === false)
+ {
+ return rtrim($str);
+ }
+
+ $php_version = explode('.', PHP_VERSION);
+
+ // php version < 4.1.0
+ if ((int) $php_version[0] < 4 || ((int) $php_version[0] == 4 && (int) $php_version[1] < 1))
+ {
+ while ($str{strlen($str)-1} == $charlist)
+ {
+ $str = substr($str, 0, strlen($str)-1);
+ }
+ }
+ else
+ {
+ $str = rtrim($str, $charlist);
+ }
+
+ return $str;
+ }
+
//
// Get Userdata, $user can be username or user_id. If force_str is true, the username will be forced.
//
***************
*** 81,91 ****
{
global $db;
! if (intval($user) == 0 || $force_str)
{
! $user = trim(htmlspecialchars($user));
! $user = substr(str_replace("\\'", "'", $user), 0, 25);
! $user = str_replace("'", "\\'", $user);
}
else
{
--- 117,125 ----
{
global $db;
! if (!is_numeric($user) || $force_str)
{
! $user = phpbb_clean_username($user);
}
else
{
***************
*** 188,197 ****
$boxstring .= '';
}
! if ( !empty($SID) )
! {
$boxstring .= '';
! }
$template->set_filenames(array(
'jumpbox' => 'jumpbox.tpl')
--- 222,232 ----
$boxstring .= '';
}
! // Let the jumpbox work again in sites having additional session id checks.
! // if ( !empty($SID) )
! // {
$boxstring .= '';
! // }
$template->set_filenames(array(
'jumpbox' => 'jumpbox.tpl')
***************
*** 543,549 ****
die("message_die() was called multiple times. This isn't supposed to happen. Was message_die() used in page_tail.php?");
}
! define(HAS_DIED, 1);
$sql_store = $sql;
--- 578,584 ----
die("message_die() was called multiple times. This isn't supposed to happen. Was message_die() used in page_tail.php?");
}
! define('HAS_DIED', 1);
$sql_store = $sql;
***************
*** 570,576 ****
if ( $err_line != '' && $err_file != '' )
{
! $debug_text .= '
Line : ' . $err_line . '
File : ' . $err_file;
}
}
--- 605,611 ----
if ( $err_line != '' && $err_file != '' )
{
! $debug_text .= '
Line : ' . $err_line . '
File : ' . basename($err_file);
}
}
***************
*** 742,747 ****
--- 777,787 ----
if (!empty($db))
{
$db->sql_close();
+ }
+
+ if (strstr(urldecode($url), "\n") || strstr(urldecode($url), "\r"))
+ {
+ message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.');
}
$server_protocol = ($board_config['cookie_secure']) ? 'https://' : 'http://';
diff -crN phpbb207/includes/functions_post.php phpbb2017/includes/functions_post.php
*** phpbb207/includes/functions_post.php Sat Jul 10 20:16:29 2004
--- phpbb2017/includes/functions_post.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: functions_post.php,v 1.9.2.35 2003/06/09 19:35:56 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: functions_post.php,v 1.9.2.37 2004/11/18 17:49:44 acydburn Exp $
*
*
***************************************************************************/
***************
*** 128,134 ****
// Check username
if (!empty($username))
{
! $username = trim(strip_tags($username));
if (!$userdata['session_logged_in'] || ($userdata['session_logged_in'] && $username != $userdata['username']))
{
--- 128,134 ----
// Check username
if (!empty($username))
{
! $username = phpbb_clean_username($username);
if (!$userdata['session_logged_in'] || ($userdata['session_logged_in'] && $username != $userdata['username']))
{
***************
*** 769,775 ****
$gen_simple_header = TRUE;
! $page_title = $lang['Review_topic'] . " - $topic_title";
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
--- 769,775 ----
$gen_simple_header = TRUE;
! $page_title = $lang['Emoticons'] . " - $topic_title";
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
diff -crN phpbb207/includes/functions_search.php phpbb2017/includes/functions_search.php
*** phpbb207/includes/functions_search.php Sat Jul 10 20:16:29 2004
--- phpbb2017/includes/functions_search.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2002 The phpBB Group
* email : support@phpbb.com
*
! * $Id: functions_search.php,v 1.8.2.17 2003/08/23 01:16:13 psotfx Exp $
*
****************************************************************************/
--- 6,12 ----
* copyright : (C) 2002 The phpBB Group
* email : support@phpbb.com
*
! * $Id: functions_search.php,v 1.8.2.19 2004/11/18 17:49:45 acydburn Exp $
*
****************************************************************************/
***************
*** 198,203 ****
--- 198,204 ----
$value_sql .= ( ( $value_sql != '' ) ? ', ' : '' ) . '(\'' . $word[$i] . '\', 0)';
break;
case 'mssql':
+ case 'mssql-odbc':
$value_sql .= ( ( $value_sql != '' ) ? ' UNION ALL ' : '' ) . "SELECT '" . $word[$i] . "', 0";
break;
default:
***************
*** 222,227 ****
--- 223,229 ----
VALUES $value_sql";
break;
case 'mssql':
+ case 'mssql-odbc':
$sql = "INSERT INTO " . SEARCH_WORD_TABLE . " (word_text, word_common)
$value_sql";
break;
***************
*** 433,439 ****
$username_list = '';
if ( !empty($search_match) )
{
! $username_search = preg_replace('/\*/', '%', trim(strip_tags($search_match)));
$sql = "SELECT username
FROM " . USERS_TABLE . "
--- 435,441 ----
$username_list = '';
if ( !empty($search_match) )
{
! $username_search = preg_replace('/\*/', '%', phpbb_clean_username($search_match));
$sql = "SELECT username
FROM " . USERS_TABLE . "
***************
*** 467,473 ****
);
$template->assign_vars(array(
! 'USERNAME' => ( !empty($search_match) ) ? strip_tags($search_match) : '',
'L_CLOSE_WINDOW' => $lang['Close_window'],
'L_SEARCH_USERNAME' => $lang['Find_username'],
--- 469,475 ----
);
$template->assign_vars(array(
! 'USERNAME' => (!empty($search_match)) ? phpbb_clean_username($search_match) : '',
'L_CLOSE_WINDOW' => $lang['Close_window'],
'L_SEARCH_USERNAME' => $lang['Find_username'],
diff -crN phpbb207/includes/functions_selects.php phpbb2017/includes/functions_selects.php
*** phpbb207/includes/functions_selects.php Sat Jul 10 20:16:29 2004
--- phpbb2017/includes/functions_selects.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: functions_selects.php,v 1.3.2.4 2002/12/22 12:20:35 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: functions_selects.php,v 1.3.2.5 2005/05/06 20:50:11 acydburn Exp $
*
*
***************************************************************************/
***************
*** 108,111 ****
return $tz_select;
}
! ?>
--- 108,111 ----
return $tz_select;
}
! ?>
\ No newline at end of file
diff -crN phpbb207/includes/functions_validate.php phpbb2017/includes/functions_validate.php
*** phpbb207/includes/functions_validate.php Sat Jul 10 20:16:29 2004
--- phpbb2017/includes/functions_validate.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: functions_validate.php,v 1.6.2.12 2003/06/09 19:13:05 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: functions_validate.php,v 1.6.2.13 2005/07/19 20:01:15 acydburn Exp $
*
*
***************************************************************************/
***************
*** 30,40 ****
global $db, $lang, $userdata;
// Remove doubled up spaces
! $username = preg_replace('#\s+#', ' ', $username);
! // Limit username length
! $username = substr(str_replace("\'", "'", $username), 0, 25);
! $username = str_replace("'", "''", $username);
!
$sql = "SELECT username
FROM " . USERS_TABLE . "
WHERE LOWER(username) = '" . strtolower($username) . "'";
--- 30,38 ----
global $db, $lang, $userdata;
// Remove doubled up spaces
! $username = preg_replace('#\s+#', ' ', trim($username));
! $username = phpbb_clean_username($username);
!
$sql = "SELECT username
FROM " . USERS_TABLE . "
WHERE LOWER(username) = '" . strtolower($username) . "'";
diff -crN phpbb207/includes/page_header.php phpbb2017/includes/page_header.php
*** phpbb207/includes/page_header.php Sat Jul 10 20:16:29 2004
--- phpbb2017/includes/page_header.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: page_header.php,v 1.106.2.22 2004/03/01 16:46:37 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: page_header.php,v 1.106.2.24 2005/03/26 14:15:59 acydburn Exp $
*
*
***************************************************************************/
***************
*** 35,41 ****
{
$phpver = phpversion();
! $useragent = (isset($_SERVER["HTTP_USER_AGENT"]) ) ? $_SERVER["HTTP_USER_AGENT"] : $HTTP_USER_AGENT;
if ( $phpver >= '4.0.4pl1' && ( strstr($useragent,'compatible') || strstr($useragent,'Gecko') ) )
{
--- 35,41 ----
{
$phpver = phpversion();
! $useragent = (isset($HTTP_SERVER_VARS['HTTP_USER_AGENT'])) ? $HTTP_SERVER_VARS['HTTP_USER_AGENT'] : getenv('HTTP_USER_AGENT');
if ( $phpver >= '4.0.4pl1' && ( strstr($useragent,'compatible') || strstr($useragent,'Gecko') ) )
{
***************
*** 91,96 ****
--- 91,97 ----
$logged_hidden_online = 0;
$guests_online = 0;
$online_userlist = '';
+ $l_online_users = '';
if (defined('SHOW_ONLINE'))
{
***************
*** 111,117 ****
$userlist_visible = array();
$prev_user_id = 0;
! $prev_user_ip = '';
while( $row = $db->sql_fetchrow($result) )
{
--- 112,118 ----
$userlist_visible = array();
$prev_user_id = 0;
! $prev_user_ip = $prev_session_ip = '';
while( $row = $db->sql_fetchrow($result) )
{
***************
*** 465,471 ****
// Work around for "current" Apache 2 + PHP module which seems to not
// cope with private cache control setting
! if (!empty($_SERVER['SERVER_SOFTWARE']) && strstr($_SERVER['SERVER_SOFTWARE'], 'Apache/2'))
{
header ('Cache-Control: no-cache, pre-check=0, post-check=0');
}
--- 466,472 ----
// Work around for "current" Apache 2 + PHP module which seems to not
// cope with private cache control setting
! if (!empty($HTTP_SERVER_VARS['SERVER_SOFTWARE']) && strstr($HTTP_SERVER_VARS['SERVER_SOFTWARE'], 'Apache/2'))
{
header ('Cache-Control: no-cache, pre-check=0, post-check=0');
}
diff -crN phpbb207/includes/page_tail.php phpbb2017/includes/page_tail.php
*** phpbb207/includes/page_tail.php Sat Jul 10 20:16:29 2004
--- phpbb2017/includes/page_tail.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: page_tail.php,v 1.27.2.2 2002/11/26 11:42:12 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: page_tail.php,v 1.27.2.3 2004/12/22 02:04:00 psotfx Exp $
*
*
***************************************************************************/
***************
*** 35,42 ****
);
$template->assign_vars(array(
! 'PHPBB_VERSION' => '2' . $board_config['version'],
! 'TRANSLATION_INFO' => ( isset($lang['TRANSLATION_INFO']) ) ? $lang['TRANSLATION_INFO'] : '',
'ADMIN_LINK' => $admin_link)
);
--- 35,41 ----
);
$template->assign_vars(array(
! 'TRANSLATION_INFO' => ( isset($lang['TRANSLATION_INFO']) ) ? $lang['TRANSLATION_INFO'] : '',
'ADMIN_LINK' => $admin_link)
);
diff -crN phpbb207/includes/sessions.php phpbb2017/includes/sessions.php
*** phpbb207/includes/sessions.php Sat Jul 10 20:16:29 2004
--- phpbb2017/includes/sessions.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: sessions.php,v 1.58.2.10 2003/04/05 12:04:33 acydburn Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: sessions.php,v 1.58.2.14 2005/05/06 20:50:11 acydburn Exp $
*
*
***************************************************************************/
***************
*** 24,30 ****
// Adds/updates a new session to the database for the given userid.
// Returns the new session ID on success.
//
! function session_begin($user_id, $user_ip, $page_id, $auto_create = 0, $enable_autologin = 0)
{
global $db, $board_config;
global $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $SID;
--- 24,30 ----
// Adds/updates a new session to the database for the given userid.
// Returns the new session ID on success.
//
! function session_begin($user_id, $user_ip, $page_id, $auto_create = 0, $enable_autologin = 0, $admin = 0)
{
global $db, $board_config;
global $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $SID;
***************
*** 47,52 ****
--- 47,60 ----
$sessionmethod = SESSION_METHOD_GET;
}
+ //
+ if (!preg_match('/^[A-Za-z0-9]*$/', $session_id))
+ {
+ $session_id = '';
+ }
+
+ $page_id = (int) $page_id;
+
$last_visit = 0;
$current_time = time();
$expiry_time = $current_time - $board_config['session_length'];
***************
*** 73,79 ****
if ( isset($sessiondata['autologinid']) && $userdata['user_active'] )
{
// We have to login automagically
! if( $sessiondata['autologinid'] == $auto_login_key )
{
// autologinid matches password
$login = 1;
--- 81,87 ----
if ( isset($sessiondata['autologinid']) && $userdata['user_active'] )
{
// We have to login automagically
! if( $sessiondata['autologinid'] === $auto_login_key )
{
// autologinid matches password
$login = 1;
***************
*** 85,90 ****
--- 93,103 ----
$login = 0;
$enable_autologin = 0;
$user_id = $userdata['user_id'] = ANONYMOUS;
+
+ $sql = 'SELECT * FROM ' . USERS_TABLE . ' WHERE user_id = ' . ANONYMOUS;
+ $result = $db->sql_query($sql);
+ $userdata = $db->sql_fetchrow($result);
+ $db->sql_freeresult($result);
}
}
else
***************
*** 93,98 ****
--- 106,116 ----
$login = 0;
$enable_autologin = 0;
$user_id = $userdata['user_id'] = ANONYMOUS;
+
+ $sql = 'SELECT * FROM ' . USERS_TABLE . ' WHERE user_id = ' . ANONYMOUS;
+ $result = $db->sql_query($sql);
+ $userdata = $db->sql_fetchrow($result);
+ $db->sql_freeresult($result);
}
}
else
***************
*** 137,152 ****
// Create or update the session
//
$sql = "UPDATE " . SESSIONS_TABLE . "
! SET session_user_id = $user_id, session_start = $current_time, session_time = $current_time, session_page = $page_id, session_logged_in = $login
WHERE session_id = '" . $session_id . "'
AND session_ip = '$user_ip'";
if ( !$db->sql_query($sql) || !$db->sql_affectedrows() )
{
! $session_id = md5(uniqid($user_ip));
$sql = "INSERT INTO " . SESSIONS_TABLE . "
! (session_id, session_user_id, session_start, session_time, session_ip, session_page, session_logged_in)
! VALUES ('$session_id', $user_id, $current_time, $current_time, '$user_ip', $page_id, $login)";
if ( !$db->sql_query($sql) )
{
message_die(CRITICAL_ERROR, 'Error creating new session', '', __LINE__, __FILE__, $sql);
--- 155,172 ----
// Create or update the session
//
$sql = "UPDATE " . SESSIONS_TABLE . "
! SET session_user_id = $user_id, session_start = $current_time, session_time = $current_time, session_page = $page_id, session_logged_in = $login, session_admin = $admin
WHERE session_id = '" . $session_id . "'
AND session_ip = '$user_ip'";
if ( !$db->sql_query($sql) || !$db->sql_affectedrows() )
{
! list($sec, $usec) = explode(' ', microtime());
! mt_srand((float) $sec + ((float) $usec * 100000));
! $session_id = md5(uniqid(mt_rand(), true));
$sql = "INSERT INTO " . SESSIONS_TABLE . "
! (session_id, session_user_id, session_start, session_time, session_ip, session_page, session_logged_in, session_admin)
! VALUES ('$session_id', $user_id, $current_time, $current_time, '$user_ip', $page_id, $login, $admin)";
if ( !$db->sql_query($sql) )
{
message_die(CRITICAL_ERROR, 'Error creating new session', '', __LINE__, __FILE__, $sql);
***************
*** 157,173 ****
{// ( $userdata['user_session_time'] > $expiry_time && $auto_create ) ? $userdata['user_lastvisit'] : (
$last_visit = ( $userdata['user_session_time'] > 0 ) ? $userdata['user_session_time'] : $current_time;
! $sql = "UPDATE " . USERS_TABLE . "
! SET user_session_time = $current_time, user_session_page = $page_id, user_lastvisit = $last_visit
! WHERE user_id = $user_id";
! if ( !$db->sql_query($sql) )
{
! message_die(CRITICAL_ERROR, 'Error updating last visit time', '', __LINE__, __FILE__, $sql);
}
$userdata['user_lastvisit'] = $last_visit;
! $sessiondata['autologinid'] = ( $enable_autologin && $sessionmethod == SESSION_METHOD_COOKIE ) ? $auto_login_key : '';
$sessiondata['userid'] = $user_id;
}
--- 177,196 ----
{// ( $userdata['user_session_time'] > $expiry_time && $auto_create ) ? $userdata['user_lastvisit'] : (
$last_visit = ( $userdata['user_session_time'] > 0 ) ? $userdata['user_session_time'] : $current_time;
! if (!$admin)
{
! $sql = "UPDATE " . USERS_TABLE . "
! SET user_session_time = $current_time, user_session_page = $page_id, user_lastvisit = $last_visit
! WHERE user_id = $user_id";
! if ( !$db->sql_query($sql) )
! {
! message_die(CRITICAL_ERROR, 'Error updating last visit time', '', __LINE__, __FILE__, $sql);
! }
}
$userdata['user_lastvisit'] = $last_visit;
! $sessiondata['autologinid'] = (!$admin) ? (( $enable_autologin && $sessionmethod == SESSION_METHOD_COOKIE ) ? $auto_login_key : '') : $sessiondata['autologinid'];
$sessiondata['userid'] = $user_id;
}
***************
*** 178,183 ****
--- 201,207 ----
$userdata['session_page'] = $page_id;
$userdata['session_start'] = $current_time;
$userdata['session_time'] = $current_time;
+ $userdata['session_admin'] = $admin;
setcookie($cookiename . '_data', serialize($sessiondata), $current_time + 31536000, $cookiepath, $cookiedomain, $cookiesecure);
setcookie($cookiename . '_sid', $session_id, 0, $cookiepath, $cookiedomain, $cookiesecure);
***************
*** 217,222 ****
--- 241,254 ----
$sessionmethod = SESSION_METHOD_GET;
}
+ //
+ if (!preg_match('/^[A-Za-z0-9]*$/', $session_id))
+ {
+ $session_id = '';
+ }
+
+ $thispage_id = (int) $thispage_id;
+
//
// Does a session exist?
//
***************
*** 259,266 ****
//
if ( $current_time - $userdata['session_time'] > 60 )
{
$sql = "UPDATE " . SESSIONS_TABLE . "
! SET session_time = $current_time, session_page = $thispage_id
WHERE session_id = '" . $userdata['session_id'] . "'";
if ( !$db->sql_query($sql) )
{
--- 291,301 ----
//
if ( $current_time - $userdata['session_time'] > 60 )
{
+ // A little trick to reset session_admin on session re-usage
+ $update_admin = (!defined('IN_ADMIN') && $current_time - $userdata['session_time'] > ($board_config['session_length']+60)) ? ', session_admin = 0' : '';
+
$sql = "UPDATE " . SESSIONS_TABLE . "
! SET session_time = $current_time, session_page = $thispage_id$update_admin
WHERE session_id = '" . $userdata['session_id'] . "'";
if ( !$db->sql_query($sql) )
{
***************
*** 270,276 ****
if ( $userdata['user_id'] != ANONYMOUS )
{
$sql = "UPDATE " . USERS_TABLE . "
! SET user_session_time = $current_time, user_session_page = $thispage_id
WHERE user_id = " . $userdata['user_id'];
if ( !$db->sql_query($sql) )
{
--- 305,311 ----
if ( $userdata['user_id'] != ANONYMOUS )
{
$sql = "UPDATE " . USERS_TABLE . "
! SET user_session_time = $current_time, user_session_page = $thispage_id
WHERE user_id = " . $userdata['user_id'];
if ( !$db->sql_query($sql) )
{
***************
*** 282,287 ****
--- 317,323 ----
// Delete expired sessions
//
$expiry_time = $current_time - $board_config['session_length'];
+
$sql = "DELETE FROM " . SESSIONS_TABLE . "
WHERE session_time < $expiry_time
AND session_id <> '$session_id'";
***************
*** 345,350 ****
--- 381,391 ----
$sessionmethod = SESSION_METHOD_GET;
}
+ if (!preg_match('/^[A-Za-z0-9]*$/', $session_id))
+ {
+ return;
+ }
+
//
// Delete existing session
//
diff -crN phpbb207/includes/smtp.php phpbb2017/includes/smtp.php
*** phpbb207/includes/smtp.php Sat Jul 10 20:16:29 2004
--- phpbb2017/includes/smtp.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: smtp.php,v 1.16.2.9 2003/07/18 16:34:01 acydburn Exp $
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: smtp.php,v 1.16.2.10 2005/05/06 20:50:11 acydburn Exp $
*
***************************************************************************/
***************
*** 106,112 ****
// Ok we have error checked as much as we can to this point let's get on
// it already.
! if( !$socket = fsockopen($board_config['smtp_host'], 25, $errno, $errstr, 20) )
{
message_die(GENERAL_ERROR, "Could not connect to smtp host : $errno : $errstr", "", __LINE__, __FILE__);
}
--- 106,112 ----
// Ok we have error checked as much as we can to this point let's get on
// it already.
! if( !$socket = @fsockopen($board_config['smtp_host'], 25, $errno, $errstr, 20) )
{
message_die(GENERAL_ERROR, "Could not connect to smtp host : $errno : $errstr", "", __LINE__, __FILE__);
}
diff -crN phpbb207/includes/template.php phpbb2017/includes/template.php
*** phpbb207/includes/template.php Sat Jul 10 20:16:29 2004
--- phpbb2017/includes/template.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: template.php,v 1.10.2.3 2002/12/21 19:09:57 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: template.php,v 1.10.2.5 2005/05/06 20:50:11 acydburn Exp $
*
*
***************************************************************************/
***************
*** 230,236 ****
// Check if it's an absolute or relative path.
if (substr($filename, 0, 1) != '/')
{
! $filename = phpbb_realpath($this->root . '/' . $filename);
}
if (!file_exists($filename))
--- 230,236 ----
// Check if it's an absolute or relative path.
if (substr($filename, 0, 1) != '/')
{
! $filename = ($rp_filename = phpbb_realpath($this->root . '/' . $filename)) ? $rp_filename : $filename;
}
if (!file_exists($filename))
***************
*** 475,478 ****
}
! ?>
--- 475,478 ----
}
! ?>
\ No newline at end of file
diff -crN phpbb207/includes/topic_review.php phpbb2017/includes/topic_review.php
*** phpbb207/includes/topic_review.php Sat Jul 10 20:16:29 2004
--- phpbb2017/includes/topic_review.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: topic_review.php,v 1.5.2.2 2004/03/01 15:56:51 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: topic_review.php,v 1.5.2.4 2005/05/06 20:50:12 acydburn Exp $
*
*
***************************************************************************/
***************
*** 30,38 ****
if ( !$is_inline_review )
{
! if ( !isset($topic_id) )
{
! message_die(GENERAL_MESSAGE, 'Topic_not_exist');
}
//
--- 30,38 ----
if ( !$is_inline_review )
{
! if ( !isset($topic_id) || !$topic_id)
{
! message_die(GENERAL_MESSAGE, 'Topic_post_not_exist');
}
//
***************
*** 225,228 ****
}
}
! ?>
--- 225,228 ----
}
}
! ?>
\ No newline at end of file
diff -crN phpbb207/includes/usercp_activate.php phpbb2017/includes/usercp_activate.php
*** phpbb207/includes/usercp_activate.php Sat Jul 10 20:16:29 2004
--- phpbb2017/includes/usercp_activate.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: usercp_activate.php,v 1.6.2.7 2003/05/03 23:24:02 acydburn Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: usercp_activate.php,v 1.6.2.8 2005/07/19 20:01:16 acydburn Exp $
*
*
***************************************************************************/
***************
*** 47,52 ****
--- 47,57 ----
}
else if ((trim($row['user_actkey']) == trim($HTTP_GET_VARS['act_key'])) && (trim($row['user_actkey']) != ''))
{
+ if (intval($board_config['require_activation']) == USER_ACTIVATION_ADMIN && $userdata['user_level'] != ADMIN)
+ {
+ message_die(GENERAL_MESSAGE, $lang['Not_Authorised']);
+ }
+
$sql_update_pass = ( $row['user_newpasswd'] != '' ) ? ", user_password = '" . str_replace("\'", "''", $row['user_newpasswd']) . "', user_newpasswd = ''" : '';
$sql = "UPDATE " . USERS_TABLE . "
diff -crN phpbb207/includes/usercp_avatar.php phpbb2017/includes/usercp_avatar.php
*** phpbb207/includes/usercp_avatar.php Sat Jul 10 20:16:29 2004
--- phpbb2017/includes/usercp_avatar.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: usercp_avatar.php,v 1.8.2.17 2003/03/04 21:02:36 acydburn Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: usercp_avatar.php,v 1.8.2.21 2005/07/19 20:01:16 acydburn Exp $
*
*
***************************************************************************/
***************
*** 51,56 ****
--- 51,57 ----
{
global $board_config, $userdata;
+ $avatar_file = basename($avatar_file);
if ( $avatar_type == USER_AVATAR_UPLOAD && $avatar_file != '' )
{
if ( @file_exists(@phpbb_realpath('./' . $board_config['avatar_path'] . '/' . $avatar_file)) )
***************
*** 65,70 ****
--- 66,78 ----
function user_avatar_gallery($mode, &$error, &$error_msg, $avatar_filename)
{
global $board_config;
+
+ $avatar_filename = str_replace(array('../', '..\\', './', '.\\'), '', $avatar_filename);
+ if ($avatar_filename{0} == '/' || $avatar_filename{0} == "\\")
+ {
+ return '';
+ }
+
if ( file_exists(@phpbb_realpath($board_config['avatar_gallery_path'] . '/' . $avatar_filename)) && ($mode == 'editprofile') )
{
$return = ", user_avatar = '" . str_replace("\'", "''", $avatar_filename) . "', user_avatar_type = " . USER_AVATAR_GALLERY;
***************
*** 78,89 ****
function user_avatar_url($mode, &$error, &$error_msg, $avatar_filename)
{
if ( !preg_match('#^(http)|(ftp):\/\/#i', $avatar_filename) )
{
$avatar_filename = 'http://' . $avatar_filename;
}
! if ( !preg_match('#^((http)|(ftp):\/\/[\w\-]+?\.([\w\-]+\.)+[\w]+(:[0-9]+)*\/.*?\.(gif|jpg|jpeg|png)$)#is', $avatar_filename) )
{
$error = true;
$error_msg = ( !empty($error_msg) ) ? $error_msg . '
' . $lang['Wrong_remote_avatar_format'] : $lang['Wrong_remote_avatar_format'];
--- 86,99 ----
function user_avatar_url($mode, &$error, &$error_msg, $avatar_filename)
{
+ global $lang;
+
if ( !preg_match('#^(http)|(ftp):\/\/#i', $avatar_filename) )
{
$avatar_filename = 'http://' . $avatar_filename;
}
! if ( !preg_match("#^((ht|f)tp://)([^ \?&=\#\"\n\r\t<]*?(\.(jpg|jpeg|gif|png))$)#is", $avatar_filename) )
{
$error = true;
$error_msg = ( !empty($error_msg) ) ? $error_msg . '
' . $lang['Wrong_remote_avatar_format'] : $lang['Wrong_remote_avatar_format'];
***************
*** 191,197 ****
return;
}
! if ( $width <= $board_config['avatar_max_width'] && $height <= $board_config['avatar_max_height'] )
{
$new_filename = uniqid(rand()) . $imgtype;
--- 201,207 ----
return;
}
! if ( $width > 0 && $height > 0 && $width <= $board_config['avatar_max_width'] && $height <= $board_config['avatar_max_height'] )
{
$new_filename = uniqid(rand()) . $imgtype;
***************
*** 224,229 ****
--- 234,243 ----
$move_file = 'copy';
}
+ if (!is_uploaded_file($avatar_filename))
+ {
+ message_die(GENERAL_ERROR, 'Unable to upload file', '', __LINE__, __FILE__);
+ }
$move_file($avatar_filename, './' . $board_config['avatar_path'] . "/$new_filename");
}
***************
*** 342,345 ****
return;
}
! ?>
--- 356,359 ----
return;
}
! ?>
\ No newline at end of file
diff -crN phpbb207/includes/usercp_confirm.php phpbb2017/includes/usercp_confirm.php
*** phpbb207/includes/usercp_confirm.php Thu Jan 1 01:00:00 1970
--- phpbb2017/includes/usercp_confirm.php Tue Jul 19 22:14:56 2005
***************
*** 0 ****
--- 1,435 ----
+ sql_query($sql);
+
+ // If we have a row then grab data else create a new id
+ if ($row = $db->sql_fetchrow($result))
+ {
+ $db->sql_freeresult($result);
+ $code = $row['code'];
+ }
+ else
+ {
+ exit;
+ }
+
+ // If we can we will generate a single filtered png else we will have to simply
+ // output six seperate original pngs ... first way is preferable!
+ if (@extension_loaded('zlib'))
+ {
+ $_png = define_filtered_pngs();
+
+ $total_width = 320;
+ $total_height = 50;
+ $img_height = 40;
+ $img_width = 0;
+ $l = 0;
+
+ list($usec, $sec) = explode(' ', microtime());
+ mt_srand($sec * $usec);
+
+ $char_widths = array();
+ for ($i = 0; $i < strlen($code); $i++)
+ {
+ $char = $code{$i};
+
+ $width = mt_rand(0, 4);
+ $char_widths[] = $width;
+ $img_width += $_png[$char]['width'] - $width;
+ }
+
+ $offset_x = mt_rand(0, $total_width - $img_width);
+ $offset_y = mt_rand(0, $total_height - $img_height);
+
+ $image = '';
+ $hold_chars = array();
+ for ($i = 0; $i < $total_height; $i++)
+ {
+ $image .= chr(0);
+
+ if ($i > $offset_y && $i < $offset_y + $img_height)
+ {
+ $j = 0;
+
+ for ($k = 0; $k < $offset_x; $k++)
+ {
+ $image .= chr(mt_rand(140, 255));
+ }
+
+ for ($k = 0; $k < strlen($code); $k++)
+ {
+ $char = $code{$k};
+
+ if (empty($hold_chars[$char]))
+ {
+ $hold_chars[$char] = explode("\n", chunk_split(base64_decode($_png[$char]['data']), $_png[$char]['width'] + 1, "\n"));
+ }
+ $image .= randomise(substr($hold_chars[$char][$l], 1), $char_widths[$j]);
+ $j++;
+ }
+
+ for ($k = $offset_x + $img_width; $k < $total_width; $k++)
+ {
+ $image .= chr(mt_rand(140, 255));
+ }
+
+ $l++;
+ }
+ else
+ {
+ for ($k = 0; $k < $total_width; $k++)
+ {
+ $image .= chr(mt_rand(140, 255));
+ }
+ }
+
+ }
+ unset($hold);
+
+ $image = create_png(gzcompress($image), $total_width, $total_height);
+
+ // Output image
+ header('Content-Type: image/png');
+ header('Cache-control: no-cache, no-store');
+ echo $image;
+
+ unset($image);
+ unset($_png);
+ exit;
+
+ }
+ else
+ {
+ if (!empty($HTTP_GET_VARS['c']))
+ {
+ $_png = define_raw_pngs();
+
+ $char = substr($code, intval($HTTP_GET_VARS['c']) - 1, 1);
+ header('Content-Type: image/png');
+ header('Cache-control: no-cache, no-store');
+ echo base64_decode($_png[$char]);
+
+ unset($_png);
+ exit;
+ }
+ }
+
+ exit;
+
+ // This is designed to randomise the pixels of the image data within
+ // certain limits so as to keep it readable. It also varies the image
+ // width a little
+ function randomise($scanline, $width)
+ {
+ $new_line = '';
+ $start = floor($width/2);
+ $end = strlen($scanline) - ceil($width/2);
+
+ for ($i = $start; $i < $end; $i++)
+ {
+ $pixel = ord($scanline{$i});
+
+ if ($pixel < 190)
+ {
+ $new_line .= chr(mt_rand(0, 205));
+ }
+ else if ($pixel > 190)
+ {
+ $new_line .= chr(mt_rand(145, 255));
+ }
+ else
+ {
+ $new_line .= $scanline{$i};
+ }
+ }
+
+ return $new_line;
+ }
+
+ // This creates a chunk of the given type, with the given data
+ // of the given length adding the relevant crc
+ function png_chunk($length, $type, $data)
+ {
+ $raw = $type;
+ $raw .= $data;
+ $crc = crc32($raw);
+ $raw .= pack('C4', $crc >> 24, $crc >> 16, $crc >> 8, $crc);
+
+ return pack('C4', $length >> 24, $length >> 16, $length >> 8, $length) . $raw;
+ }
+
+ // Creates greyscale 8bit png - The PNG spec can be found at
+ // http://www.libpng.org/pub/png/spec/PNG-Contents.html we use
+ // png because it's a fully recognised open standard and supported
+ // by practically all modern browsers and OSs
+ function create_png($gzimage, $width, $height)
+ {
+ // SIG
+ $image = pack('C8', 137, 80, 78, 71, 13, 10, 26, 10);
+ // IHDR
+ $raw = pack('C4', $width >> 24, $width >> 16, $width >> 8, $width);
+ $raw .= pack('C4', $height >> 24, $height >> 16, $height >> 8, $height);
+ $raw .= pack('C5', 8, 0, 0, 0, 0);
+ $image .= png_chunk(13, 'IHDR', $raw);
+ // IDAT
+ $image .= png_chunk(strlen($gzimage), 'IDAT', $gzimage);
+ // IEND
+ $image .= png_chunk(0, 'IEND', '');
+
+ return $image;
+ }
+
+ // Each 'data' element is base64_encoded uncompressed IDAT
+ // png image data
+ function define_filtered_pngs()
+ {
+ $_png = array(
+ '0' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A///////////////////olFAkBAAAGDyA4P///M31/////////////wD////////////////0dAgAAAAAAAAAAAAEcPipFGHn////////////AP//////////////6DAAAAAAAAAAAAAAAAAALSEAN+T///////////8A//////////////xAAAAAAAAAAAAAAAAAAAAAACPA/////////////wD/////////////oAAAAAAAAAAAAAAAAAAAAAAAev//////////////AP////////////8oAAAAAAAAPNj/zDAAAAAAAABD//////////////8A////////////1AAAAAAAABjw////5BAAAAAAAADo/////////////wD///////////+QAAAAAAAAbP//////QgAAAAAAAKj/////////////AP///////////1wAAAAAAACs/////8AXAAAAAAAAcP////////////8A////////////OAAAAAAAAND////dNwAAAAAAAABI/////////////wD///////////8gAAAAAAAA4P//7koACwAAAAAAACT/////////////AP///////////wgAAAAAAAD///VqAwaPAAAAAAAAEP////////////8A////////////AAAAAAAAAP/8kQYDavUAAAAAAAAA/////////////wD///////////8AAAAAAAAA/6kNAEru/wAAAAAAAAD/////////////AP///////////wAAAAAAAADAIwA33f//AAAAAAAAAP////////////8A////////////FAAAAAAAADYAI8D///8AAAAAAAAQ/////////////wD///////////8kAAAAAAAAAA2p////5AAAAAAAACD/////////////AP///////////0gAAAAAAAAFkfz////UAAAAAAAAQP////////////8A////////////cAAAAAAAAET1/////7AAAAAAAABo/////////////wD///////////+oAAAAAAAAXfX/////sAAAAAAAAGj/////////////AAAAALgAAAAAAAAwAAAAAAAAAAAAAAD////////////oAAAAAAAACOT////oEAAAAAAAAOD/////////////AP////////////8+AAAAAAAAKMz/zDQAAAAAAAA0//////////////8A////////////7jgAAAAAAAAAAAAAAAAAAAAAAKT//////////////wD///////////VqAwIAAAAAAAAAAAAAAAAAAAA8////////////////AP//////////rQcDaVEAAAAAAAAAAAAAAAAAKOj///////////////8A///////////nblnu/IAIAAAAAAAAAAAAAFzw/////////////////wD////////////79////+iITCAAAAAgSITg////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////w==',
+ 'width' => 40
+ ),
+ '1' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////8BAAAAAAAP//////////////////AP////////////////////////9sAAAAAAAA//////////////////8A////////////////////////pAAAAAAAAAD//////////////////wD//////////////////////6wEAAAAAAAAAP//////////////////AP////////////////////h4AAAAAAAAAAAA//////////////////8A//////////////////ygJAAAAAAAAAAAAAD//////////////////wD//////////////9x8HAAAAAAAAAAAAAAAAP//////////////////AP//////////////AAAAAAAAAAAAAAAAAAAA//////////////////8A//////////////8AAAAAAAAAAAAAAAAAAAD//////////////////wD//////////////wAAAAAAAAR4AAAAAAAAAP//////////////////AP//////////////AAAAAAA4zP8AAAAAAAAA//////////////////8A//////////////8AAAA4sP///wAAAAAAAAD//////////////////wD//////////////yR80P//////AAAAAAAAAP//////////////////AP////////////////////////8AAAAAAAAA//////////////////8A/////////////////////////wAAAAAAAAD//////////////////wD/////////////////////////AAAAAAAAAP//////////////////AP////////////////////////8AAAAAAAAA//////////////////8A/////////////////////////wAAAAAAAAD//////////////////wD/////////////////////////AAAAAAAAAP//////////////////AP////////////////////////8AAAAAAAAA//////////////////8A/////////////////////////wAAAAAAAAD//////////////////wD/////////////////////////AAAAAAAAAP//////////////////AP////////////////////////8AAAAAAAAA//////////////////8A/////////////////////////wAAAAAAAAD//////////////////wD/////////////////////////AAAAAAAAAP//////////////////AP////////////////////////8AAAAAAAAA//////////////////8A/////////////////////////wAAAAAAAAD//////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ '2' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP/////////////////okFAkCAAABCBIfNT///////////////////8A///////////////8hAgAAAAAAAAAAAAAAFTo/////////////////wD//////////////1QAAAAAAAAAAAAAAAAAACjo////////////////AP////////////+MAAAAAAAAAAAAAAAAAAAAADj///////////////8A////////////9BAAAAAAAAAAAAAAAAAAAAAAALD//////////////wD///////////+gAAAAAAAAAHjs+KwMAAAAAAAAVP//////////////AP///////////1gAAAAAAABM/////6QAAAAAAAAU//////////////8A////////////KAAAAAAAALj/////+AAAAAAAAAD//////////////wD///////////+MfGBMOCAI8P/////wAAAAAAAACP//////////////AP///////////////////////////5wAAAAAAAAw//////////////8A///////////////////////////oFAAAAAAAAHz//////////////wD/////////////////////////6CgAAAAAAAAE3P//////////////AP///////////////////////9ggAAAAAAAAAHT///////////////8A//////////////////////+0DAAAAAAAAAA8+P///////////////wD/////////////////////gAAAAAAAAAAAKOj/////////////////AP//////////////////9FAAAAAAAAAAADzw//////////////////8A/////////////////+g4AAAAAAAAAABk/P///////////////////wD////////////////oKAAAAAAAAAAMqP//////////////////////AP//////////////6CgAAAAAAAAAMNz///////////////////////8A//////////////g4AAAAAAAAAFT0/////////////////////////wD/////////////bAAAAAAAAABU/P//////////////////////////AP///////////8wAAAAAAAAAAAAAAAAAAAAAAAAA//////////////8A////////////SAAAAAAAAAAAAAAAAAAAAAAAAAD//////////////wD//////////9wAAAAAAAAAAAAAAAAAAAAAAAAAAP//////////////AP//////////hAAAAAAAAAAAAAAAAAAAAAAAAAAA//////////////8A//////////9AAAAAAAAAAAAAAAAAAAAAAAAAAAD//////////////wD//////////xAAAAAAAAAAAAAAAAAAAAAAAAAAAP//////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ '3' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD////////////////8sGg0FAAAACA4cLz8////////////////////AP//////////////rBgAAAAAAAAAAAAAACTA//////////////////8A/////////////3QAAAAAAAAAAAAAAAAAAASs/////////////////wD///////////+YAAAAAAAAAAAAAAAAAAAAAAjc////////////////AP//////////6AwAAAAAAAAAAAAAAAAAAAAAAGT///////////////8A//////////94AAAAAAAABJDw/8g4AAAAAAAAHP///////////////wD//////////yAAAAAAAACE/////9gAAAAAAAAA////////////////AP///////////NSwiGQ4FOT//////AAAAAAAABD///////////////8A//////////////////////////+YAAAAAAAAVP///////////////wD//////////////////////P/ggAQAAAAAAATM////////////////AP////////////////////9gAAAAAAAAAAAElP////////////////8A/////////////////////0AAAAAAAAAAHLj//////////////////wD/////////////////////OAAAAAAAAAAwkPj/////////////////AP////////////////////8gAAAAAAAAAAAAINj///////////////8A/////////////////////xAAAAAAAAAAAAAAIPD//////////////wD/////////////////////uOz/4HgEAAAAAAAAhP//////////////AP///////////////////////////3wAAAAAAAAw//////////////8A////////////////////////////6AAAAAAAAAj//////////////wD/////////////////////////////AAAAAAAAAP//////////////AP//////////tJh8YEQoDNz//////+AAAAAAAAAY//////////////8A//////////88AAAAAAAAaP//////dAAAAAAAAEz//////////////wD//////////6QAAAAAAAAAdOD/5HQAAAAAAAAApP//////////////AP///////////CgAAAAAAAAAAAAAAAAAAAAAACD4//////////////8A////////////yAQAAAAAAAAAAAAAAAAAAAAEuP///////////////wD/////////////rAQAAAAAAAAAAAAAAAAABJD/////////////////AP//////////////zDQAAAAAAAAAAAAAACTA//////////////////8A/////////////////8BwOCAAAAAUNGi0/P///////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ '4' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP//////////////////////////nAAAAAAAAAD///////////////8A/////////////////////////8AEAAAAAAAAAP///////////////wD////////////////////////gGAAAAAAAAAAA////////////////AP//////////////////////9DAAAAAAAAAAAAD///////////////8A//////////////////////9UAAAAAAAAAAAAAP///////////////wD/////////////////////hAAAAAAAAAAAAAAA////////////////AP///////////////////7QAAAAAAAAAAAAAAAD///////////////8A///////////////////UDAAAAAAUAAAAAAAAAP///////////////wD/////////////////7CQAAAAABMAAAAAAAAAA////////////////AP////////////////xEAAAAAACU/wAAAAAAAAD///////////////8A////////////////cAAAAAAAZP//AAAAAAAAAP///////////////wD//////////////6AAAAAAADz8//8AAAAAAAAA////////////////AP/////////////IBAAAAAAc6P///wAAAAAAAAD///////////////8A////////////5BgAAAAADMz/////AAAAAAAAAP///////////////wD///////////g0AAAAAACk//////8AAAAAAAAA////////////////AP//////////XAAAAAAAfP///////wAAAAAAAAD///////////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP///////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD///////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP///////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD///////////8A////////////////////////////AAAAAAAAAP///////////////wD///////////////////////////8AAAAAAAAA////////////////AP///////////////////////////wAAAAAAAAD///////////////8A////////////////////////////AAAAAAAAAP///////////////wD///////////////////////////8AAAAAAAAA////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ '5' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP//////////////8AAAAAAAAAAAAAAAAAAAAAAA//////////////8A///////////////MAAAAAAAAAAAAAAAAAAAAAAD//////////////wD//////////////6wAAAAAAAAAAAAAAAAAAAAAAP//////////////AP//////////////iAAAAAAAAAAAAAAAAAAAAAAA//////////////8A//////////////9kAAAAAAAAAAAAAAAAAAAAAAD//////////////wD//////////////0QAAAAAAAAAAAAAAAAAAAAAAP//////////////AP//////////////IAAAAAAAYP////////////////////////////8A//////////////wAAAAAAAB8/////////////////////////////wD/////////////3AAAAAAAAIj/////////////////////////////AP////////////+4AAAAAAAAoLRYHAAEKGTE//////////////////8A/////////////5QAAAAAAAAQAAAAAAAAAABY9P///////////////wD/////////////dAAAAAAAAAAAAAAAAAAAAAA89P//////////////AP////////////9QAAAAAAAAAAAAAAAAAAAAAABg//////////////8A/////////////zAAAAAAAAAAAAAAAAAAAAAAAADQ/////////////wD/////////////IAAAAAAAAGjY/+h4BAAAAAAAAGz/////////////AP//////////////9NS0lHSc//////90AAAAAAAALP////////////8A/////////////////////////////9QAAAAAAAAE/////////////wD//////////////////////////////wAAAAAAAAD/////////////AP/////////////////////////////8AAAAAAAAEP////////////8A////////////pIRwWEAgDOD//////8wAAAAAAAA8/////////////wD///////////9EAAAAAAAAaP//////ZAAAAAAAAHz/////////////AP///////////6QAAAAAAAAAaOD/4GQAAAAAAAAE4P////////////8A/////////////CQAAAAAAAAAAAAAAAAAAAAAAGD//////////////wD/////////////yAQAAAAAAAAAAAAAAAAAAAAc7P//////////////AP//////////////rAwAAAAAAAAAAAAAAAAAGNj///////////////8A////////////////0EAAAAAAAAAAAAAAAFTo/////////////////wD//////////////////8h4QCAAAAAcQHzU////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ '6' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD///////////////////+0ZCwMAAAUNGjI////////////////////AP/////////////////EMAAAAAAAAAAAAABM6P////////////////8A////////////////lAQAAAAAAAAAAAAAAAAo6P///////////////wD//////////////6wAAAAAAAAAAAAAAAAAAABI////////////////AP/////////////oEAAAAAAAAAAAAAAAAAAAAACw//////////////8A/////////////3AAAAAAAAAoxP/YPAAAAAAAAEj//////////////wD////////////4EAAAAAAACOD////YDCBAVGiAoP//////////////AP///////////7gAAAAAAABY//////////////////////////////8A////////////eAAAAAAAAJT//////////////////////////////wD///////////9MAAAAAAAAvP/IXBgABCx03P//////////////////AP///////////ygAAAAAAADcdAAAAAAAAAAEiP////////////////8A////////////FAAAAAAAAFAAAAAAAAAAAAAAcP///////////////wD///////////8AAAAAAAAAAAAAAAAAAAAAAAAAlP//////////////AP///////////wAAAAAAAAAAAAAAAAAAAAAAAAAQ8P////////////8A////////////AAAAAAAAAABAyP/kZAAAAAAAAACQ/////////////wD///////////8MAAAAAAAALPj/////WAAAAAAAAET/////////////AP///////////yQAAAAAAACY///////MAAAAAAAAFP////////////8A////////////SAAAAAAAAMD///////wAAAAAAAAA/////////////wD///////////9wAAAAAAAAvP///////wAAAAAAAAD/////////////AP///////////7QAAAAAAACI///////UAAAAAAAAJP////////////8A////////////+AwAAAAAACDw/////2wAAAAAAABY/////////////wD/////////////cAAAAAAAADC8/Ox4AAAAAAAAAKj/////////////AP/////////////oEAAAAAAAAAAAAAAAAAAAAAAk/P////////////8A//////////////+oAAAAAAAAAAAAAAAAAAAABLj//////////////wD///////////////+QAAAAAAAAAAAAAAAAAACQ////////////////AP////////////////+0JAAAAAAAAAAAAAAkuP////////////////8A///////////////////8sGg0FAAADCxgqPz//////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ '7' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD///////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP///////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAP////////////8A////////////AAAAAAAAAAAAAAAAAAAAAAAAAAAA/////////////wD///////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP///////////wAAAAAAAAAAAAAAAAAAAAAAAAAABP////////////8A////////////AAAAAAAAAAAAAAAAAAAAAAAAAAy4/////////////wD//////////////////////////+QUAAAAAAAEuP//////////////AP/////////////////////////8QAAAAAAAAKT///////////////8A/////////////////////////4wAAAAAAAB0/////////////////wD////////////////////////cCAAAAAAANPz/////////////////AP///////////////////////0QAAAAAAATY//////////////////8A//////////////////////+0AAAAAAAAeP///////////////////wD//////////////////////CQAAAAAABTw////////////////////AP////////////////////+gAAAAAAAAkP////////////////////8A/////////////////////ywAAAAAABDw/////////////////////wD///////////////////+4AAAAAAAAbP//////////////////////AP///////////////////1wAAAAAAADQ//////////////////////8A///////////////////4DAAAAAAAMP///////////////////////wD//////////////////7QAAAAAAAB8////////////////////////AP//////////////////aAAAAAAAAMj///////////////////////8A//////////////////8oAAAAAAAM/P///////////////////////wD/////////////////8AAAAAAAAET/////////////////////////AP////////////////+0AAAAAAAAcP////////////////////////8A/////////////////4wAAAAAAACY/////////////////////////wD/////////////////WAAAAAAAAMD/////////////////////////AP////////////////80AAAAAAAA4P////////////////////////8A/////////////////xAAAAAAAAD4/////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ '8' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD////////////////////IdDQUAAAEIEiA1P//////////////////AP/////////////////gRAAAAAAAAAAAAAAAROD///////////////8A////////////////0BgAAAAAAAAAAAAAAAAAEMj//////////////wD///////////////AcAAAAAAAAAAAAAAAAAAAAHPD/////////////AP//////////////hAAAAAAAAAAAAAAAAAAAAAAAhP////////////8A//////////////8sAAAAAAAAKMz/zCgAAAAAAAAs/////////////wD//////////////wAAAAAAAADM////zAAAAAAAAAD/////////////AP//////////////BAAAAAAAAP//////AAAAAAAABP////////////8A//////////////8sAAAAAAAAzP///9QAAAAAAAAw/////////////wD//////////////3wAAAAAAAAoyP/YNAAAAAAAAIT/////////////AP//////////////7BgAAAAAAAAAAAAAAAAAAAAc8P////////////8A////////////////xBgAAAAAAAAAAAAAAAAAGNj//////////////wD/////////////////tAQAAAAAAAAAAAAAAACo////////////////AP///////////////HAAAAAAAAAAAAAAAAAAAAB8//////////////8A//////////////9gAAAAAAAAAAAAAAAAAAAAAAB8/////////////wD/////////////wAAAAAAAAABk4P/UWAAAAAAAAATQ////////////AP////////////9UAAAAAAAAaP//////XAAAAAAAAGT///////////8A/////////////xgAAAAAAADg///////cAAAAAAAAJP///////////wD/////////////AAAAAAAAAP////////8AAAAAAAAA////////////AP////////////8AAAAAAAAA4P//////3AAAAAAAAAT///////////8A/////////////ygAAAAAAABg//////9cAAAAAAAALP///////////wD/////////////ZAAAAAAAAABY1P/cXAAAAAAAAABw////////////AP/////////////QAAAAAAAAAAAAAAAAAAAAAAAABNz///////////8A//////////////9gAAAAAAAAAAAAAAAAAAAAAAB0/////////////wD///////////////Q8AAAAAAAAAAAAAAAAAAAAUPz/////////////AP////////////////x4CAAAAAAAAAAAAAAAEIT8//////////////8A///////////////////smFQwGAAAABg0ZKT0/////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ '9' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD///////////////////ysYCwMAAAUNGiw/P//////////////////AP////////////////+4JAAAAAAAAAAAAAAkuP////////////////8A////////////////lAQAAAAAAAAAAAAAAAAAkP///////////////wD//////////////8AEAAAAAAAAAAAAAAAAAAAAqP//////////////AP/////////////8JAAAAAAAAAAAAAAAAAAAAAAQ7P////////////8A/////////////6wAAAAAAAAAfOz8vCwAAAAAAABw/////////////wD/////////////WAAAAAAAAHD/////7BgAAAAAAAz4////////////AP////////////8kAAAAAAAA1P//////hAAAAAAAALT///////////8A/////////////wAAAAAAAAD///////+4AAAAAAAAcP///////////wD/////////////AAAAAAAAAPz//////8AAAAAAAABI////////////AP////////////8UAAAAAAAAzP//////lAAAAAAAACT///////////8A/////////////0QAAAAAAABY//////gsAAAAAAAADP///////////wD/////////////kAAAAAAAAABw5P/IPAAAAAAAAAAA////////////AP/////////////wEAAAAAAAAAAAAAAAAAAAAAAAAAD///////////8A//////////////+UAAAAAAAAAAAAAAAAAAAAAAAAAP///////////wD///////////////9wAAAAAAAAAAAAAFAAAAAAAAAU////////////AP////////////////+IBAAAAAAAAABw3AAAAAAAACj///////////8A///////////////////cdCwEABhcxP+8AAAAAAAATP///////////wD//////////////////////////////5AAAAAAAAB4////////////AP//////////////////////////////UAAAAAAAALj///////////8A//////////////+kgGxUQCAM2P///+AIAAAAAAAQ+P///////////wD//////////////0gAAAAAAAA42P/EKAAAAAAAAHD/////////////AP//////////////sAAAAAAAAAAAAAAAAAAAAAAQ6P////////////8A////////////////TAAAAAAAAAAAAAAAAAAAAKz//////////////wD////////////////oKAAAAAAAAAAAAAAAAASU////////////////AP/////////////////sUAAAAAAAAAAAAAAwxP////////////////8A////////////////////yHA0FAAADCxktP///////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'A' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD//////////////////+QAAAAAAAAAAAAAAOT/////////////////AP//////////////////kAAAAAAAAAAAAAAAkP////////////////8A//////////////////88AAAAAAAAAAAAAAA8/////////////////wD/////////////////5AAAAAAAAAAAAAAAAADk////////////////AP////////////////+QAAAAAAAAAAAAAAAAAJD///////////////8A/////////////////zwAAAAAAAAAAAAAAAAAPP///////////////wD////////////////kAAAAAAAAAAgAAAAAAAAA5P//////////////AP///////////////5AAAAAAAAAAgAAAAAAAAACQ//////////////8A////////////////PAAAAAAAAAz8HAAAAAAAADz//////////////wD//////////////+QAAAAAAAAAWP9kAAAAAAAAANz/////////////AP//////////////kAAAAAAAAACk/7wAAAAAAAAAhP////////////8A//////////////88AAAAAAAABOz//BQAAAAAAAAw/////////////wD/////////////4AAAAAAAAAA8////ZAAAAAAAAADc////////////AP////////////+EAAAAAAAAAIj///+8AAAAAAAAAIT///////////8A/////////////zAAAAAAAAAA2P////wQAAAAAAAAMP///////////wD////////////cAAAAAAAAACT//////1wAAAAAAAAA3P//////////AP///////////4QAAAAAAAAAAAAAAAAAAAAAAAAAAACE//////////8A////////////MAAAAAAAAAAAAAAAAAAAAAAAAAAAADD//////////wD//////////9wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANz/////////AP//////////hAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhP////////8A//////////8wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAw/////////wD/////////3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADc////////AP////////+EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIT///////8A/////////zAAAAAAAAAAhP///////////2QAAAAAAAAAMP///////wD////////cAAAAAAAAAADM////////////vAAAAAAAAAAA3P//////AP///////4QAAAAAAAAAHP/////////////4DAAAAAAAAACE//////8A////////MAAAAAAAAABk//////////////9cAAAAAAAAADD//////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'B' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A//////////8AAAAAAAAAAAAAAAAAAAAAEDh83P///////////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAEhP//////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAeP////////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAxP///////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAABY////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAABT///////////8A//////////8AAAAAAAAAAP/////4zEwAAAAAAAAAAP///////////wD//////////wAAAAAAAAAA////////7AAAAAAAAAAQ////////////AP//////////AAAAAAAAAAD////////sAAAAAAAAAEj///////////8A//////////8AAAAAAAAAAP/////4zEQAAAAAAAAAtP///////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAFz/////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAiA/P////////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAIjPj//////////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAGKz/////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAJT///////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAABNz//////////wD//////////wAAAAAAAAAA///////sqCAAAAAAAAAAbP//////////AP//////////AAAAAAAAAAD/////////yAAAAAAAAAAs//////////8A//////////8AAAAAAAAAAP//////////AAAAAAAAAAT//////////wD//////////wAAAAAAAAAA/////////7wAAAAAAAAAAP//////////AP//////////AAAAAAAAAAD//////+ikGAAAAAAAAAAY//////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFT//////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsP//////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAADj///////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAc6P///////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAATOj/////////////AP//////////AAAAAAAAAAAAAAAAAAAEIEBkkNj///////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'C' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP//////////////////5JRULBAAAAgkTIDQ//////////////////8A////////////////1FAAAAAAAAAAAAAAAABAyP///////////////wD//////////////4gEAAAAAAAAAAAAAAAAAAAElP//////////////AP////////////9wAAAAAAAAAAAAAAAAAAAAAAAAlP////////////8A////////////kAAAAAAAAAAAAAAAAAAAAAAAAAAEyP///////////wD//////////9wIAAAAAAAAAAAAAAAAAAAAAAAAAAAw////////////AP//////////WAAAAAAAAAAAWMz/8JwQAAAAAAAAAACw//////////8A/////////+wEAAAAAAAAAID//////9QMAAAAAAAAAET//////////wD/////////nAAAAAAAAAAo/P///////3wAAAAABDBspP//////////AP////////9gAAAAAAAAAIz/////////3BxQjMT0//////////////8A/////////zQAAAAAAAAAzP///////////////////////////////wD/////////GAAAAAAAAADo////////////////////////////////AP////////8AAAAAAAAAAP////////////////////////////////8A/////////wAAAAAAAAAA/////////////////////////////////wD/////////AAAAAAAAAAD/////////////////////////////////AP////////8cAAAAAAAAAOj///////////////////////////////8A/////////zgAAAAAAAAA0P/////////kIGio7P///////////////wD/////////bAAAAAAAAACg/////////5wAAAAAMHS49P//////////AP////////+oAAAAAAAAAEz/////////PAAAAAAAAAAc//////////8A//////////QIAAAAAAAAALz//////6QAAAAAAAAAAGT//////////wD//////////3AAAAAAAAAADIzo/+SEBAAAAAAAAAAAyP//////////AP//////////7BAAAAAAAAAAAAAAAAAAAAAAAAAAAED///////////8A////////////rAAAAAAAAAAAAAAAAAAAAAAAAAAE0P///////////wD/////////////fAAAAAAAAAAAAAAAAAAAAAAAAJz/////////////AP//////////////iAQAAAAAAAAAAAAAAAAAAASY//////////////8A////////////////yEAAAAAAAAAAAAAAAAA8yP///////////////wD//////////////////9yIUCwQAAAAIEB4yP//////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'D' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD///////////8AAAAAAAAAAAAAAAAADChQkOT/////////////////AP///////////wAAAAAAAAAAAAAAAAAAAAAABGjw//////////////8A////////////AAAAAAAAAAAAAAAAAAAAAAAAACDY/////////////wD///////////8AAAAAAAAAAAAAAAAAAAAAAAAAABjk////////////AP///////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAED///////////8A////////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAKj//////////wD///////////8AAAAAAAAAAP///+isSAAAAAAAAAAANP//////////AP///////////wAAAAAAAAAA////////hAAAAAAAAAAA2P////////8A////////////AAAAAAAAAAD/////////MAAAAAAAAACQ/////////wD///////////8AAAAAAAAAAP////////+MAAAAAAAAAFj/////////AP///////////wAAAAAAAAAA/////////8gAAAAAAAAAMP////////8A////////////AAAAAAAAAAD/////////5AAAAAAAAAAY/////////wD///////////8AAAAAAAAAAP//////////AAAAAAAAAAD/////////AP///////////wAAAAAAAAAA//////////8AAAAAAAAAAP////////8A////////////AAAAAAAAAAD//////////wAAAAAAAAAA/////////wD///////////8AAAAAAAAAAP/////////wAAAAAAAAABD/////////AP///////////wAAAAAAAAAA/////////9QAAAAAAAAAJP////////8A////////////AAAAAAAAAAD/////////qAAAAAAAAABI/////////wD///////////8AAAAAAAAAAP////////9QAAAAAAAAAHj/////////AP///////////wAAAAAAAAAA////////uAAAAAAAAAAAvP////////8A////////////AAAAAAAAAAD////w0HwEAAAAAAAAACT8/////////wD///////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAoP//////////AP///////////wAAAAAAAAAAAAAAAAAAAAAAAAAAADz8//////////8A////////////AAAAAAAAAAAAAAAAAAAAAAAAAAAY6P///////////wD///////////8AAAAAAAAAAAAAAAAAAAAAAAAAKNz/////////////AP///////////wAAAAAAAAAAAAAAAAAAAAAACHT0//////////////8A////////////AAAAAAAAAAAAAAAAABg4bKj0/////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'E' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAP////////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAA/////////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAP////////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAA/////////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP//////////AAAAAAAAAAD///////////////////////////////8A//////////8AAAAAAAAAAP///////////////////////////////wD//////////wAAAAAAAAAA////////////////////////////////AP//////////AAAAAAAAAAD///////////////////////////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAD//////////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAP//////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAA//////////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAD//////////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAP//////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAA//////////////8A//////////8AAAAAAAAAAP///////////////////////////////wD//////////wAAAAAAAAAA////////////////////////////////AP//////////AAAAAAAAAAD///////////////////////////////8A//////////8AAAAAAAAAAP///////////////////////////////wD//////////wAAAAAAAAAA////////////////////////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAP////////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAA/////////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAP////////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAA/////////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'F' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////wAAAAAAAAAAAAAAAAAAAAAAAAAA/////////////wD/////////////AAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP////////////8AAAAAAAAAAAAAAAAAAAAAAAAAAP////////////8A/////////////wAAAAAAAAAAAAAAAAAAAAAAAAAA/////////////wD/////////////AAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP////////////8AAAAAAAAAAAAAAAAAAAAAAAAAAP////////////8A/////////////wAAAAAAAAAA/////////////////////////////wD/////////////AAAAAAAAAAD/////////////////////////////AP////////////8AAAAAAAAAAP////////////////////////////8A/////////////wAAAAAAAAAA/////////////////////////////wD/////////////AAAAAAAAAAAAAAAAAAAAAAAA////////////////AP////////////8AAAAAAAAAAAAAAAAAAAAAAAD///////////////8A/////////////wAAAAAAAAAAAAAAAAAAAAAAAP///////////////wD/////////////AAAAAAAAAAAAAAAAAAAAAAAA////////////////AP////////////8AAAAAAAAAAAAAAAAAAAAAAAD///////////////8A/////////////wAAAAAAAAAAAAAAAAAAAAAAAP///////////////wD/////////////AAAAAAAAAAD/////////////////////////////AP////////////8AAAAAAAAAAP////////////////////////////8A/////////////wAAAAAAAAAA/////////////////////////////wD/////////////AAAAAAAAAAD/////////////////////////////AP////////////8AAAAAAAAAAP////////////////////////////8A/////////////wAAAAAAAAAA/////////////////////////////wD/////////////AAAAAAAAAAD/////////////////////////////AP////////////8AAAAAAAAAAP////////////////////////////8A/////////////wAAAAAAAAAA/////////////////////////////wD/////////////AAAAAAAAAAD/////////////////////////////AP////////////8AAAAAAAAAAP////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'G' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD//////////////////MB8TCgQAAAACCA4YJzs////////////////AP///////////////JQcAAAAAAAAAAAAAAAAAAhw8P////////////8A/////////////9gwAAAAAAAAAAAAAAAAAAAAAAAk2P///////////wD////////////EDAAAAAAAAAAAAAAAAAAAAAAAAAAc7P//////////AP//////////2AwAAAAAAAAAAAAAAAAAAAAAAAAAAABY//////////8A//////////wwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ/////////wD/////////kAAAAAAAAAAAEHzQ/P/gmCAAAAAAAAAAAFz/////////AP////////wcAAAAAAAAACjg////////8CwAAAAAAAAgWP////////8A////////vAAAAAAAAAAI2P//////////yBRAcJjI8P///////////wD///////94AAAAAAAAAGD/////////////////////////////////AP///////0AAAAAAAAAAsP////////////////////////////////8A////////IAAAAAAAAADc/////////////////////////////////wD///////8AAAAAAAAAAP///////wAAAAAAAAAAAAAAAAD/////////AP///////wAAAAAAAAAA////////AAAAAAAAAAAAAAAAAP////////8A////////AAAAAAAAAAD///////8AAAAAAAAAAAAAAAAA/////////wD///////8gAAAAAAAAAOD//////wAAAAAAAAAAAAAAAAD/////////AP///////0AAAAAAAAAAtP//////AAAAAAAAAAAAAAAAAP////////8A////////cAAAAAAAAABw//////8AAAAAAAAAAAAAAAAA/////////wD///////+8AAAAAAAAABDs////////////AAAAAAAAAAD/////////AP////////wYAAAAAAAAADz0//////////AAAAAAAAAAAP////////8A/////////5AAAAAAAAAAACCY4P//3KhcCAAAAAAAAAAA/////////wD/////////+CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/////////AP//////////xAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIP////////8A////////////rAQAAAAAAAAAAAAAAAAAAAAAAAAAAGTw/////////wD/////////////vBQAAAAAAAAAAAAAAAAAAAAAADjI////////////AP//////////////8HAQAAAAAAAAAAAAAAAAAEiw//////////////8A//////////////////iwcEAgBAAABCA4aKDk/////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'H' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////8AAAAAAAAAAP///////////wAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////AAAAAAAAAAD///////////8AAAAAAAAAAP//////////AP////////8AAAAAAAAAAP///////////wAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////AAAAAAAAAAD///////////8AAAAAAAAAAP//////////AP////////8AAAAAAAAAAP///////////wAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////AAAAAAAAAAD///////////8AAAAAAAAAAP//////////AP////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA//////////8A/////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD//////////wD/////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP//////////AP////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA//////////8A/////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD//////////wD/////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP//////////AP////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////AAAAAAAAAAD///////////8AAAAAAAAAAP//////////AP////////8AAAAAAAAAAP///////////wAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////AAAAAAAAAAD///////////8AAAAAAAAAAP//////////AP////////8AAAAAAAAAAP///////////wAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////AAAAAAAAAAD///////////8AAAAAAAAAAP//////////AP////////8AAAAAAAAAAP///////////wAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////AAAAAAAAAAD///////////8AAAAAAAAAAP//////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'I' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////AAAAAAAAAAAAAAAAAAAAAAAA////////////////AP////////////8AAAAAAAAAAAAAAAAAAAAAAAD///////////////8A/////////////wAAAAAAAAAAAAAAAAAAAAAAAP///////////////wD/////////////AAAAAAAAAAAAAAAAAAAAAAAA////////////////AP////////////8AAAAAAAAAAAAAAAAAAAAAAAD///////////////8A/////////////wAAAAAAAAAAAAAAAAAAAAAAAP///////////////wD/////////////AAAAAAAAAAAAAAAAAAAAAAAA////////////////AP///////////////////wAAAAAAAAAA//////////////////////8A////////////////////AAAAAAAAAAD//////////////////////wD///////////////////8AAAAAAAAAAP//////////////////////AP///////////////////wAAAAAAAAAA//////////////////////8A////////////////////AAAAAAAAAAD//////////////////////wD///////////////////8AAAAAAAAAAP//////////////////////AP///////////////////wAAAAAAAAAA//////////////////////8A////////////////////AAAAAAAAAAD//////////////////////wD///////////////////8AAAAAAAAAAP//////////////////////AP///////////////////wAAAAAAAAAA//////////////////////8A////////////////////AAAAAAAAAAD//////////////////////wD///////////////////8AAAAAAAAAAP//////////////////////AP///////////////////wAAAAAAAAAA//////////////////////8A////////////////////AAAAAAAAAAD//////////////////////wD///////////////////8AAAAAAAAAAP//////////////////////AP////////////8AAAAAAAAAAAAAAAAAAAAAAAD///////////////8A/////////////wAAAAAAAAAAAAAAAAAAAAAAAP///////////////wD/////////////AAAAAAAAAAAAAAAAAAAAAAAA////////////////AP////////////8AAAAAAAAAAAAAAAAAAAAAAAD///////////////8A/////////////wAAAAAAAAAAAAAAAAAAAAAAAP///////////////wD/////////////AAAAAAAAAAAAAAAAAAAAAAAA////////////////AP////////////8AAAAAAAAAAAAAAAAAAAAAAAD///////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'J' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP///////////////////////////wAAAAAAAAAA//////////////8A////////////////////////////AAAAAAAAAAD//////////////wD///////////////////////////8AAAAAAAAAAP//////////////AP///////////////////////////wAAAAAAAAAA//////////////8A////////////////////////////AAAAAAAAAAD//////////////wD///////////////////////////8AAAAAAAAAAP//////////////AP///////////////////////////wAAAAAAAAAA//////////////8A////////////////////////////AAAAAAAAAAD//////////////wD///////////////////////////8AAAAAAAAAAP//////////////AP///////////////////////////wAAAAAAAAAA//////////////8A////////////////////////////AAAAAAAAAAD//////////////wD///////////////////////////8AAAAAAAAAAP//////////////AP///////////////////////////wAAAAAAAAAA//////////////8A////////////////////////////AAAAAAAAAAD//////////////wD///////////////////////////8AAAAAAAAAAP//////////////AP///////////////////////////wAAAAAAAAAA//////////////8A////////////////////////////AAAAAAAAAAj//////////////wD//////////+zMrIxwUDAQ//////wAAAAAAAAAIP//////////////AP//////////DAAAAAAAAADo////2AAAAAAAAAA0//////////////8A//////////8wAAAAAAAAAKj///+YAAAAAAAAAFj//////////////wD//////////2gAAAAAAAAAIND/yBgAAAAAAAAAkP//////////////AP//////////vAAAAAAAAAAAAAAAAAAAAAAAAADc//////////////8A////////////MAAAAAAAAAAAAAAAAAAAAAAAUP///////////////wD////////////EBAAAAAAAAAAAAAAAAAAAABjk////////////////AP////////////+sBAAAAAAAAAAAAAAAAAAY2P////////////////8A///////////////EMAAAAAAAAAAAAAAAVOj//////////////////wD/////////////////vHBAIAAAABg8fNT/////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'K' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD///////8AAAAAAAAAAP//////////wAQAAAAAAAAAAABw////////AP///////wAAAAAAAAAA/////////9AMAAAAAAAAAAAAcP////////8A////////AAAAAAAAAAD////////cGAAAAAAAAAAAAHD//////////wD///////8AAAAAAAAAAP//////6CgAAAAAAAAAAABs////////////AP///////wAAAAAAAAAA//////Q0AAAAAAAAAAAAVPz///////////8A////////AAAAAAAAAAD////8RAAAAAAAAAAAAFT8/////////////wD///////8AAAAAAAAAAP///1gAAAAAAAAAAABU/P//////////////AP///////wAAAAAAAAAA//9wAAAAAAAAAAAASPz///////////////8A////////AAAAAAAAAAD/jAAAAAAAAAAAADz0/////////////////wD///////8AAAAAAAAAAKQAAAAAAAAAAAA89P//////////////////AP///////wAAAAAAAAAABAAAAAAAAAAAFPT///////////////////8A////////AAAAAAAAAAAAAAAAAAAAAAAApP///////////////////wD///////8AAAAAAAAAAAAAAAAAAAAAAAAU8P//////////////////AP///////wAAAAAAAAAAAAAAAAAAAAAAAABk//////////////////8A////////AAAAAAAAAAAAAAAAAAAAAAAAAADE/////////////////wD///////8AAAAAAAAAAAAAAAAoEAAAAAAAACz8////////////////AP///////wAAAAAAAAAAAAAAGNiAAAAAAAAAAIj///////////////8A////////AAAAAAAAAAAAABjY//gYAAAAAAAACOD//////////////wD///////8AAAAAAAAAAAAY2P///5wAAAAAAAAASP//////////////AP///////wAAAAAAAAAAGNj//////CgAAAAAAAAAqP////////////8A////////AAAAAAAAAADI////////sAAAAAAAAAAc8P///////////wD///////8AAAAAAAAAAP//////////QAAAAAAAAABs////////////AP///////wAAAAAAAAAA///////////IAAAAAAAAAATI//////////8A////////AAAAAAAAAAD///////////9YAAAAAAAAADD8/////////wD///////8AAAAAAAAAAP///////////9wEAAAAAAAAAJD/////////AP///////wAAAAAAAAAA/////////////3AAAAAAAAAADOT///////8A////////AAAAAAAAAAD/////////////7BAAAAAAAAAAUP///////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'L' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////8AAAAAAAAAAP////////////////////////////8A/////////////wAAAAAAAAAA/////////////////////////////wD/////////////AAAAAAAAAAD/////////////////////////////AP////////////8AAAAAAAAAAP////////////////////////////8A/////////////wAAAAAAAAAA/////////////////////////////wD/////////////AAAAAAAAAAD/////////////////////////////AP////////////8AAAAAAAAAAP////////////////////////////8A/////////////wAAAAAAAAAA/////////////////////////////wD/////////////AAAAAAAAAAD/////////////////////////////AP////////////8AAAAAAAAAAP////////////////////////////8A/////////////wAAAAAAAAAA/////////////////////////////wD/////////////AAAAAAAAAAD/////////////////////////////AP////////////8AAAAAAAAAAP////////////////////////////8A/////////////wAAAAAAAAAA/////////////////////////////wD/////////////AAAAAAAAAAD/////////////////////////////AP////////////8AAAAAAAAAAP////////////////////////////8A/////////////wAAAAAAAAAA/////////////////////////////wD/////////////AAAAAAAAAAD/////////////////////////////AP////////////8AAAAAAAAAAP////////////////////////////8A/////////////wAAAAAAAAAA/////////////////////////////wD/////////////AAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP////////////8AAAAAAAAAAAAAAAAAAAAAAAAAAP////////////8A/////////////wAAAAAAAAAAAAAAAAAAAAAAAAAA/////////////wD/////////////AAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP////////////8AAAAAAAAAAAAAAAAAAAAAAAAAAP////////////8A/////////////wAAAAAAAAAAAAAAAAAAAAAAAAAA/////////////wD/////////////AAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'M' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A//////8AAAAAAAAAAAAAAHz//////3wAAAAAAAAAAAAAAP///////wD//////wAAAAAAAAAAAAAATP//////UAAAAAAAAAAAAAAA////////AP//////AAAAAAAAAAAAAAAc//////8cAAAAAAAAAAAAAAD///////8A//////8AAAAAAAAAAAAAAADw////8AAAAAAAAAAAAAAAAP///////wD//////wAAAAAAAAAAAAAAALz////AAAAAAAAAAAAAAAAA////////AP//////AAAAAAAAAAAAAAAAkP///5AAAAAAAAAAAAAAAAD///////8A//////8AAAAAAAAAAAAAAABc////ZAAAAAAAAAAAAAAAAP///////wD//////wAAAAAAAAAoAAAAADD///8wAAAAACQAAAAAAAAA////////AP//////AAAAAAAAAFwAAAAABPz//AgAAAAAXAAAAAAAAAD///////8A//////8AAAAAAAAAkAAAAAAA0P/UAAAAAACQAAAAAAAAAP///////wD//////wAAAAAAAADMAAAAAACg/6gAAAAAAMQAAAAAAAAA////////AP//////AAAAAAAAAPgEAAAAAHD/dAAAAAAE+AAAAAAAAAD///////8A//////8AAAAAAAAA/zQAAAAAQP9IAAAAADD/AAAAAAAAAP///////wD//////wAAAAAAAAD/bAAAAAAQ/xQAAAAAaP8AAAAAAAAA////////AP//////AAAAAAAAAP+gAAAAAADQAAAAAACc/wAAAAAAAAD///////8A//////8AAAAAAAAA/9QAAAAAAGgAAAAAAND/AAAAAAAAAP///////wD//////wAAAAAAAAD//wwAAAAAFAAAAAAM/P8AAAAAAAAA////////AP//////AAAAAAAAAP//RAAAAAAAAAAAADz//wAAAAAAAAD///////8A//////8AAAAAAAAA//94AAAAAAAAAAAAcP//AAAAAAAAAP///////wD//////wAAAAAAAAD//7AAAAAAAAAAAACo//8AAAAAAAAA////////AP//////AAAAAAAAAP//5AAAAAAAAAAAANz//wAAAAAAAAD///////8A//////8AAAAAAAAA////HAAAAAAAAAAQ////AAAAAAAAAP///////wD//////wAAAAAAAAD///9QAAAAAAAAAEz///8AAAAAAAAA////////AP//////AAAAAAAAAP///4gAAAAAAAAAfP///wAAAAAAAAD///////8A//////8AAAAAAAAA////vAAAAAAAAACw////AAAAAAAAAP///////wD//////wAAAAAAAAD////wAAAAAAAAAOz///8AAAAAAAAA////////AP//////AAAAAAAAAP////8sAAAAAAAc/////wAAAAAAAAD///////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'N' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////AAAAAAAAALD/////////////AAAAAAAAAP//////////AP////////8AAAAAAAAAFOj///////////8AAAAAAAAA//////////8A/////////wAAAAAAAAAASP///////////wAAAAAAAAD//////////wD/////////AAAAAAAAAAAAkP//////////AAAAAAAAAP//////////AP////////8AAAAAAAAAAAAI1P////////8AAAAAAAAA//////////8A/////////wAAAAAAAAAAAAAw+P///////wAAAAAAAAD//////////wD/////////AAAAAAAAAAAAAABw////////AAAAAAAAAP//////////AP////////8AAAAAAAAAAAAAAAC8//////8AAAAAAAAA//////////8A/////////wAAAAAAAAAAAAAAABzs/////wAAAAAAAAD//////////wD/////////AAAAAAAAAAAAAAAAAFD/////AAAAAAAAAP//////////AP////////8AAAAAAAAAAAAAAAAAAJz///8AAAAAAAAA//////////8A/////////wAAAAAAAAAUAAAAAAAADNz//wAAAAAAAAD//////////wD/////////AAAAAAAAALQAAAAAAAAANPz/AAAAAAAAAP//////////AP////////8AAAAAAAAA/2wAAAAAAAAAfP8AAAAAAAAA//////////8A/////////wAAAAAAAAD/+CwAAAAAAAAExAAAAAAAAAD//////////wD/////////AAAAAAAAAP//0AQAAAAAAAAgAAAAAAAAAP//////////AP////////8AAAAAAAAA////jAAAAAAAAAAAAAAAAAAA//////////8A/////////wAAAAAAAAD/////RAAAAAAAAAAAAAAAAAD//////////wD/////////AAAAAAAAAP/////kFAAAAAAAAAAAAAAAAP//////////AP////////8AAAAAAAAA//////+sAAAAAAAAAAAAAAAA//////////8A/////////wAAAAAAAAD///////9kAAAAAAAAAAAAAAD//////////wD/////////AAAAAAAAAP////////QkAAAAAAAAAAAAAP//////////AP////////8AAAAAAAAA/////////8wEAAAAAAAAAAAA//////////8A/////////wAAAAAAAAD//////////4QAAAAAAAAAAAD//////////wD/////////AAAAAAAAAP///////////DwAAAAAAAAAAP//////////AP////////8AAAAAAAAA////////////4BAAAAAAAAAA//////////8A/////////wAAAAAAAAD/////////////qAAAAAAAAAD//////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'O' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A///////////////////0qGw4HAAAABw4aKT0/////////////////wD////////////////wcAwAAAAAAAAAAAAAAAho6P//////////////AP//////////////uBQAAAAAAAAAAAAAAAAAAAAMoP////////////8A/////////////6AEAAAAAAAAAAAAAAAAAAAAAAAAkP///////////wD///////////+4BAAAAAAAAAAAAAAAAAAAAAAAAAAAoP//////////AP//////////8BQAAAAAAAAAAAAAAAAAAAAAAAAAAAAM5P////////8A//////////9wAAAAAAAAAAAsrPD/7KQsAAAAAAAAAABg/////////wD/////////+BAAAAAAAAAAUPj///////hQAAAAAAAAAAjs////////AP////////+sAAAAAAAAABDw//////////AYAAAAAAAAAKD///////8A/////////2wAAAAAAAAAdP///////////3wAAAAAAAAAYP///////wD/////////OAAAAAAAAAC4////////////xAAAAAAAAAAw////////AP////////8cAAAAAAAAAOD////////////oAAAAAAAAABT///////8A/////////wAAAAAAAAAA//////////////8AAAAAAAAAAP///////wD/////////AAAAAAAAAAD//////////////wAAAAAAAAAA////////AP////////8AAAAAAAAAAP/////////////8AAAAAAAAAAD///////8A/////////xwAAAAAAAAA5P///////////+AAAAAAAAAAHP///////wD/////////NAAAAAAAAAC8////////////uAAAAAAAAAA4////////AP////////9oAAAAAAAAAHj///////////98AAAAAAAAAGT///////8A/////////6gAAAAAAAAAGPD/////////+BgAAAAAAAAApP///////wD/////////9AwAAAAAAAAAUPz///////xcAAAAAAAAAAjs////////AP//////////cAAAAAAAAAAALKjs//CwOAAAAAAAAAAAYP////////8A///////////wFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzk/////////wD///////////+4BAAAAAAAAAAAAAAAAAAAAAAAAAAAoP//////////AP////////////+QAAAAAAAAAAAAAAAAAAAAAAAAAJD///////////8A//////////////+sEAAAAAAAAAAAAAAAAAAAAAyg/////////////wD////////////////oZAgAAAAAAAAAAAAAAARg4P//////////////AP//////////////////9KhsOCAAAAAUMFyc7P////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'P' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP///////////wAAAAAAAAAAAAAAAAAACCxguP////////////////8A////////////AAAAAAAAAAAAAAAAAAAAAAAAOOD//////////////wD///////////8AAAAAAAAAAAAAAAAAAAAAAAAAGOD/////////////AP///////////wAAAAAAAAAAAAAAAAAAAAAAAAAARP////////////8A////////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAxP///////////wD///////////8AAAAAAAAAAAAAAAAAAAAAAAAAAABo////////////AP///////////wAAAAAAAAAA////6JwMAAAAAAAAADD///////////8A////////////AAAAAAAAAAD//////6AAAAAAAAAADP///////////wD///////////8AAAAAAAAAAP//////9AAAAAAAAAAA////////////AP///////////wAAAAAAAAAA///////0AAAAAAAAAAD///////////8A////////////AAAAAAAAAAD//////5gAAAAAAAAAHP///////////wD///////////8AAAAAAAAAAP///9iICAAAAAAAAABI////////////AP///////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAJD///////////8A////////////AAAAAAAAAAAAAAAAAAAAAAAAAAAI6P///////////wD///////////8AAAAAAAAAAAAAAAAAAAAAAAAAAIT/////////////AP///////////wAAAAAAAAAAAAAAAAAAAAAAAABU/P////////////8A////////////AAAAAAAAAAAAAAAAAAAAAAAIhPz//////////////wD///////////8AAAAAAAAAAAAAAAAABCRMkOz/////////////////AP///////////wAAAAAAAAAA//////////////////////////////8A////////////AAAAAAAAAAD//////////////////////////////wD///////////8AAAAAAAAAAP//////////////////////////////AP///////////wAAAAAAAAAA//////////////////////////////8A////////////AAAAAAAAAAD//////////////////////////////wD///////////8AAAAAAAAAAP//////////////////////////////AP///////////wAAAAAAAAAA//////////////////////////////8A////////////AAAAAAAAAAD//////////////////////////////wD///////////8AAAAAAAAAAP//////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'Q' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////SoaDQcAAAAHDhoqPT///////////////////8A//////////////BwDAAAAAAAAAAAAAAACHDo/////////////////wD///////////+4FAAAAAAAAAAAAAAAAAAAABCo////////////////AP//////////nAQAAAAAAAAAAAAAAAAAAAAAAACQ//////////////8A/////////7gEAAAAAAAAAAAAAAAAAAAAAAAAAACg/////////////wD////////wFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzo////////////AP///////3AAAAAAAAAAACyo8P/sqCwAAAAAAAAAAGT///////////8A///////4EAAAAAAAAABM+P///////FQAAAAAAAAACPT//////////wD//////7AAAAAAAAAAFPD/////////9BgAAAAAAAAApP//////////AP//////bAAAAAAAAAB4////////////fAAAAAAAAABk//////////8A//////84AAAAAAAAALz///////////+8AAAAAAAAADT//////////wD//////xwAAAAAAAAA6P///////////+QAAAAAAAAAHP//////////AP//////AAAAAAAAAAD//////////////wAAAAAAAAAA//////////8A//////8AAAAAAAAAAP//////////////AAAAAAAAAAD//////////wD//////wAAAAAAAAAA/P////////////8AAAAAAAAAAP//////////AP//////GAAAAAAAAADg////////////4AAAAAAAAAAc//////////8A//////84AAAAAAAAALT////MJHTo//+8AAAAAAAAADT//////////wD//////2wAAAAAAAAAdP///2AAABCg/3wAAAAAAAAAZP//////////AP//////rAAAAAAAAAAY9P/sCAAAAABMGAAAAAAAAACk//////////8A///////4EAAAAAAAAABU/P+0OAAAAAAAAAAAAAAACPT//////////wD///////94AAAAAAAAAAA4sPD/gAAAAAAAAAAAAABk////////////AP////////AcAAAAAAAAAAAAAAAAAAAAAAAAAAAADOT///////////8A/////////7wEAAAAAAAAAAAAAAAAAAAAAAAAAACQ/////////////wD//////////6wEAAAAAAAAAAAAAAAAAAAAAAAAABSs////////////AP///////////7gUAAAAAAAAAAAAAAAAAAAAAAAAAABAwP////////8A//////////////BwDAAAAAAAAAAAAAAABAgAAAAAAAA8/////////wD////////////////0qGg0GAAAABgwXJjkxBgAAAAAALD/////////AP//////////////////////////////////5DQAAAAk/P////////8A////////////////////////////////////+GwAAJD//////////wD//////////////////////////////////////8A49P//////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'R' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////wAAAAAAAAAAAAAAAAAAAAQgOGSk+P///////////////wD/////////AAAAAAAAAAAAAAAAAAAAAAAAAAAcuP//////////////AP////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAEsP////////////8A/////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQ6P///////////wD/////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8////////////AP////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADD///////////8A/////////wAAAAAAAAAA///////svDgAAAAAAAAACP///////////wD/////////AAAAAAAAAAD/////////7AAAAAAAAAAA////////////AP////////8AAAAAAAAAAP/////////cAAAAAAAAABD///////////8A/////////wAAAAAAAAAA//////DQoCQAAAAAAAAAQP///////////wD/////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAACU////////////AP////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAIPj///////////8A/////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAzU/////////////wD/////////AAAAAAAAAAAAAAAAAAAAAAAAAAA02P//////////////AP////////8AAAAAAAAAAAAAAAAAAAAAAAxctPz///////////////8A/////////wAAAAAAAAAAAAAAAAAAAAAAAEDY/////////////////wD/////////AAAAAAAAAAD/9LAsAAAAAAAAAAzc////////////////AP////////8AAAAAAAAAAP///+wkAAAAAAAAADD8//////////////8A/////////wAAAAAAAAAA/////8QAAAAAAAAAAJD//////////////wD/////////AAAAAAAAAAD//////1QAAAAAAAAAFPD/////////////AP////////8AAAAAAAAAAP//////3AQAAAAAAAAAgP////////////8A/////////wAAAAAAAAAA////////aAAAAAAAAAAM6P///////////wD/////////AAAAAAAAAAD////////oCAAAAAAAAABs////////////AP////////8AAAAAAAAAAP////////+AAAAAAAAAAATc//////////8A/////////wAAAAAAAAAA//////////AUAAAAAAAAAFj//////////wD/////////AAAAAAAAAAD//////////5AAAAAAAAAAAND/////////AP////////8AAAAAAAAAAP//////////+CQAAAAAAAAAQP////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'S' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP/////////////////8vHBEIAgAAAQgQHC8/P////////////////8A////////////////pCQAAAAAAAAAAAAAAAAcoP///////////////wD//////////////FwAAAAAAAAAAAAAAAAAAAAAXP//////////////AP////////////9oAAAAAAAAAAAAAAAAAAAAAAAAhP////////////8A////////////zAAAAAAAAAAAAAAAAAAAAAAAAAAI6P///////////wD///////////9cAAAAAAAAAAAAAAAAAAAAAAAAAACA////////////AP///////////xgAAAAAAAAAUOD/8KwkAAAAAAAAADj///////////8A////////////AAAAAAAAAAD0/////8wABCAgICxASP///////////wD///////////8MAAAAAAAAAMz/////////////////////////////AP///////////0AAAAAAAAAACFiQxPT///////////////////////8A////////////oAAAAAAAAAAAAAAAADBwtPT//////////////////wD////////////8QAAAAAAAAAAAAAAAAAAACFTA////////////////AP/////////////oOAAAAAAAAAAAAAAAAAAAAABM6P////////////8A///////////////4fAgAAAAAAAAAAAAAAAAAAAAY2P///////////wD/////////////////7IwwAAAAAAAAAAAAAAAAAAAo+P//////////AP/////////////////////koGw0BAAAAAAAAAAAAACU//////////8A///////////////////////////4uFgAAAAAAAAAADz//////////wD//////////2BgSEA0IBwA6P///////5QAAAAAAAAADP//////////AP//////////JAAAAAAAAACc/////////AAAAAAAAAAA//////////8A//////////9YAAAAAAAAACDo///////AAAAAAAAAABT//////////wD//////////6QAAAAAAAAAACCk7P/snBQAAAAAAAAAUP//////////AP//////////+BAAAAAAAAAAAAAAAAAAAAAAAAAAAACs//////////8A////////////kAAAAAAAAAAAAAAAAAAAAAAAAAAAOP///////////wD////////////8RAAAAAAAAAAAAAAAAAAAAAAAABjc////////////AP/////////////0PAAAAAAAAAAAAAAAAAAAAAAg2P////////////8A///////////////8hBQAAAAAAAAAAAAAAAAMdPT//////////////wD/////////////////+LRwSCAMAAAAHDhoqPT/////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'T' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA////////////AP////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD///////////8A/////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP///////////wD/////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA////////////AP////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD///////////8A/////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP///////////wD///////////////////8AAAAAAAAAAP//////////////////////AP///////////////////wAAAAAAAAAA//////////////////////8A////////////////////AAAAAAAAAAD//////////////////////wD///////////////////8AAAAAAAAAAP//////////////////////AP///////////////////wAAAAAAAAAA//////////////////////8A////////////////////AAAAAAAAAAD//////////////////////wD///////////////////8AAAAAAAAAAP//////////////////////AP///////////////////wAAAAAAAAAA//////////////////////8A////////////////////AAAAAAAAAAD//////////////////////wD///////////////////8AAAAAAAAAAP//////////////////////AP///////////////////wAAAAAAAAAA//////////////////////8A////////////////////AAAAAAAAAAD//////////////////////wD///////////////////8AAAAAAAAAAP//////////////////////AP///////////////////wAAAAAAAAAA//////////////////////8A////////////////////AAAAAAAAAAD//////////////////////wD///////////////////8AAAAAAAAAAP//////////////////////AP///////////////////wAAAAAAAAAA//////////////////////8A////////////////////AAAAAAAAAAD//////////////////////wD///////////////////8AAAAAAAAAAP//////////////////////AP///////////////////wAAAAAAAAAA//////////////////////8A////////////////////AAAAAAAAAAD//////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'U' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////8AAAAAAAAAAP///////////wAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////AAAAAAAAAAD///////////8AAAAAAAAAAP//////////AP////////8AAAAAAAAAAP///////////wAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////AAAAAAAAAAD///////////8AAAAAAAAAAP//////////AP////////8AAAAAAAAAAP///////////wAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////AAAAAAAAAAD///////////8AAAAAAAAAAP//////////AP////////8AAAAAAAAAAP///////////wAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////AAAAAAAAAAD///////////8AAAAAAAAAAP//////////AP////////8AAAAAAAAAAP///////////wAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////AAAAAAAAAAD///////////8AAAAAAAAAAP//////////AP////////8AAAAAAAAAAP///////////wAAAAAAAAAA//////////8A/////////wAAAAAAAAAA////////////AAAAAAAAAAD//////////wD/////////JAAAAAAAAADk/////////+gAAAAAAAAAHP//////////AP////////9MAAAAAAAAAJz/////////nAAAAAAAAABE//////////8A/////////4gAAAAAAAAAHOj//////+ggAAAAAAAAAHz//////////wD/////////0AAAAAAAAAAAIJzs/+ykIAAAAAAAAAAA0P//////////AP//////////QAAAAAAAAAAAAAAAAAAAAAAAAAAAAED///////////8A///////////IBAAAAAAAAAAAAAAAAAAAAAAAAAAE0P///////////wD///////////+YAAAAAAAAAAAAAAAAAAAAAAAAAJj/////////////AP////////////+UBAAAAAAAAAAAAAAAAAAAAASU//////////////8A///////////////IPAAAAAAAAAAAAAAAAAAwyP///////////////wD/////////////////0IxYOCAIAAAEIEiAyP//////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'V' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD//////zAAAAAAAAAAYP//////////////ZAAAAAAAAAAw////////AP//////kAAAAAAAAAAU/P////////////8UAAAAAAAAAJD///////8A///////oBAAAAAAAAADE////////////xAAAAAAAAAAE7P///////wD///////9MAAAAAAAAAHD///////////94AAAAAAAAAEz/////////AP///////6gAAAAAAAAAJP///////////yQAAAAAAAAArP////////8A////////+BAAAAAAAAAA1P/////////YAAAAAAAAABT4/////////wD/////////aAAAAAAAAACE/////////4QAAAAAAAAAbP//////////AP/////////EAAAAAAAAADT/////////OAAAAAAAAADM//////////8A//////////8kAAAAAAAAAOT//////+QAAAAAAAAAKP///////////wD//////////4QAAAAAAAAAmP//////nAAAAAAAAACI////////////AP//////////5AAAAAAAAABE//////9EAAAAAAAABOT///////////8A////////////QAAAAAAAAAT0////9AgAAAAAAABI/////////////wD///////////+gAAAAAAAAAKT///+kAAAAAAAAAKj/////////////AP////////////QIAAAAAAAAXP///1wAAAAAAAAM+P////////////8A/////////////1wAAAAAAAAM+P/8DAAAAAAAAGT//////////////wD/////////////vAAAAAAAAAC8/7wAAAAAAAAAxP//////////////AP//////////////HAAAAAAAAGj/aAAAAAAAACT///////////////8A//////////////94AAAAAAAAHP8cAAAAAAAAhP///////////////wD//////////////9gAAAAAAAAAkAAAAAAAAADk////////////////AP///////////////zgAAAAAAAAQAAAAAAAAQP////////////////8A////////////////lAAAAAAAAAAAAAAAAACg/////////////////wD////////////////sCAAAAAAAAAAAAAAADPT/////////////////AP////////////////9QAAAAAAAAAAAAAABg//////////////////8A/////////////////7AAAAAAAAAAAAAAAMD//////////////////wD//////////////////BQAAAAAAAAAAAAc////////////////////AP//////////////////cAAAAAAAAAAAAHz///////////////////8A///////////////////MAAAAAAAAAAAA3P///////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'W' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A//8cAAAAAAAAALz/////4AAAAAAAAAAA6P////+8AAAAAAAAABz//wD//1QAAAAAAAAAjP////+gAAAAAAAAAACo/////4wAAAAAAAAAUP//AP//jAAAAAAAAABU/////2AAAAAAAAAAAGj/////VAAAAAAAAACM//8A///EAAAAAAAAACT/////IAAAAAAAAAAAKP////8kAAAAAAAAAMT//wD///gEAAAAAAAAAPD//+AAAAAAAAAAAAAA6P//8AAAAAAAAAAE9P//AP///zAAAAAAAAAAvP//oAAAAAAAAAAAAACo//+8AAAAAAAAADD///8A////bAAAAAAAAACM//9gAAAAAAAAAAAAAGT//4wAAAAAAAAAaP///wD///+kAAAAAAAAAFT//yAAAAAAAAAAAAAAIP//VAAAAAAAAACc////AP///9gAAAAAAAAAJP/gAAAAAAAAAAAAAAAA4P8kAAAAAAAAANT///8A/////xAAAAAAAAAA8KAAAAAAAAAAAAAAAACg8AAAAAAAAAAQ/////wD/////TAAAAAAAAAC8YAAAAAAAAAAAAAAAAGC8AAAAAAAAAET/////AP////+AAAAAAAAAAIwgAAAAAAAAAAAAAAAAIIwAAAAAAAAAfP////8A/////7gAAAAAAAAANAAAAAAAACwwAAAAAAAANAAAAAAAAACw/////wD/////8AAAAAAAAAAAAAAAAAAAdHgAAAAAAAAAAAAAAAAAAOz/////AP//////KAAAAAAAAAAAAAAAAAC4vAAAAAAAAAAAAAAAAAAg//////8A//////9gAAAAAAAAAAAAAAAACPj4CAAAAAAAAAAAAAAAAFj//////wD//////5QAAAAAAAAAAAAAAABE//9IAAAAAAAAAAAAAAAAkP//////AP//////0AAAAAAAAAAAAAAAAIj//4wAAAAAAAAAAAAAAADI//////8A///////8DAAAAAAAAAAAAAAAzP//1AAAAAAAAAAAAAAABPj//////wD///////88AAAAAAAAAAAAABT/////GAAAAAAAAAAAAAA0////////AP///////3QAAAAAAAAAAAAAWP////9gAAAAAAAAAAAAAHD///////8A////////sAAAAAAAAAAAAACg/////6QAAAAAAAAAAAAApP///////wD////////kAAAAAAAAAAAAAOT/////6AAAAAAAAAAAAADc////////AP////////8cAAAAAAAAAAAo////////MAAAAAAAAAAAEP////////8A/////////1QAAAAAAAAAAHD///////94AAAAAAAAAABM/////////wD/////////jAAAAAAAAAAAtP///////7wAAAAAAAAAAID/////////AP/////////EAAAAAAAAAAT0////////+AgAAAAAAAAAuP////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'X' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD///////9UAAAAAAAAAKz///////////+sAAAAAAAAAFD/////////AP///////+QQAAAAAAAAFOT/////////8BwAAAAAAAAM5P////////8A/////////5gAAAAAAAAATP////////9kAAAAAAAAAJD//////////wD//////////0AAAAAAAAAAoP//////wAAAAAAAAAA0/P//////////AP//////////2AgAAAAAAAAQ4P////gkAAAAAAAABMz///////////8A////////////iAAAAAAAAABA////dAAAAAAAAABw/////////////wD////////////8MAAAAAAAAACU/9AEAAAAAAAAHPD/////////////AP/////////////IBAAAAAAAAAzYMAAAAAAAAACs//////////////8A//////////////90AAAAAAAAABAAAAAAAAAATP///////////////wD///////////////QgAAAAAAAAAAAAAAAAAAzg////////////////AP///////////////7wAAAAAAAAAAAAAAAAAjP////////////////8A/////////////////2AAAAAAAAAAAAAAADD8/////////////////wD/////////////////7BQAAAAAAAAAAAAEyP//////////////////AP/////////////////gDAAAAAAAAAAAAAjY//////////////////8A/////////////////0AAAAAAAAAAAAAAADj8/////////////////wD///////////////+UAAAAAAAAAAAAAAAAAJD/////////////////AP//////////////4AwAAAAAAAAAAAAAAAAADOD///////////////8A//////////////9AAAAAAAAAAAAAAAAAAAAAQP///////////////wD/////////////nAAAAAAAAAAAWAAAAAAAAAAAlP//////////////AP///////////+QQAAAAAAAAAGD/YAAAAAAAAAAM4P////////////8A////////////TAAAAAAAAAAs9P/0LAAAAAAAAABM/////////////wD//////////6AAAAAAAAAADNT////UDAAAAAAAAACg////////////AP/////////kEAAAAAAAAACg//////+gAAAAAAAAABDk//////////8A/////////0wAAAAAAAAAYP////////9gAAAAAAAAAEz//////////wD///////+oAAAAAAAAACz0//////////QsAAAAAAAAAKT/////////AP//////7BQAAAAAAAAM1P///////////9QMAAAAAAAAFOz///////8A//////9UAAAAAAAAAKD//////////////6AAAAAAAAAAVP///////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'Y' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP///////1QAAAAAAAAAAGj//////////2gAAAAAAAAAAFT///////8A////////5BAAAAAAAAAAAMT////////EAAAAAAAAAAAQ5P///////wD/////////mAAAAAAAAAAAKPj/////+CgAAAAAAAAAAJj/////////AP//////////PAAAAAAAAAAAgP////+AAAAAAAAAAAA8//////////8A///////////YCAAAAAAAAAAE2P//2AQAAAAAAAAACNj//////////wD///////////+AAAAAAAAAAAA4//84AAAAAAAAAACA////////////AP////////////woAAAAAAAAAACUlAAAAAAAAAAAKPz///////////8A/////////////8gAAAAAAAAAABAQAAAAAAAAAADI/////////////wD//////////////2wAAAAAAAAAAAAAAAAAAAAAbP//////////////AP//////////////8BwAAAAAAAAAAAAAAAAAABzw//////////////8A////////////////tAAAAAAAAAAAAAAAAAAAtP///////////////wD/////////////////VAAAAAAAAAAAAAAAAFT/////////////////AP/////////////////oEAAAAAAAAAAAAAAQ6P////////////////8A//////////////////+cAAAAAAAAAAAAAJz//////////////////wD///////////////////9AAAAAAAAAAABA////////////////////AP///////////////////9gAAAAAAAAAANj///////////////////8A/////////////////////wAAAAAAAAAA/////////////////////wD/////////////////////AAAAAAAAAAD/////////////////////AP////////////////////8AAAAAAAAAAP////////////////////8A/////////////////////wAAAAAAAAAA/////////////////////wD/////////////////////AAAAAAAAAAD/////////////////////AP////////////////////8AAAAAAAAAAP////////////////////8A/////////////////////wAAAAAAAAAA/////////////////////wD/////////////////////AAAAAAAAAAD/////////////////////AP////////////////////8AAAAAAAAAAP////////////////////8A/////////////////////wAAAAAAAAAA/////////////////////wD/////////////////////AAAAAAAAAAD/////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ 'Z' => array(
+ 'data' => 'AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAD//////////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAP//////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAA//////////////8A//////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAD//////////////wD//////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAP//////////////AP//////////AAAAAAAAAAAAAAAAAAAAAAAAAAAQ//////////////8A/////////////////////////1AAAAAAAAAABLz//////////////wD///////////////////////98AAAAAAAAAACY////////////////AP//////////////////////pAAAAAAAAAAAaP////////////////8A/////////////////////8QIAAAAAAAAAET8/////////////////wD////////////////////gGAAAAAAAAAAo9P//////////////////AP//////////////////9CwAAAAAAAAAFNz///////////////////8A//////////////////xMAAAAAAAAAATA/////////////////////wD/////////////////eAAAAAAAAAAAnP//////////////////////AP///////////////5wAAAAAAAAAAHT///////////////////////8A///////////////ABAAAAAAAAABM/P///////////////////////wD/////////////3BQAAAAAAAAALPT/////////////////////////AP////////////QoAAAAAAAAABjg//////////////////////////8A///////////8SAAAAAAAAAAExP///////////////////////////wD//////////2wAAAAAAAAAAKD/////////////////////////////AP////////+YAAAAAAAAAAB8//////////////////////////////8A/////////wQAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/////////////wD/////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP////////////8A/////////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/////////////wD/////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/////////////AP////////8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8A/////////////////////////////////////////////////////wD/////////////////////////////////////////////////////AP////////////////////////////////////////////////////8=',
+ 'width' => 40
+ ),
+ );
+
+ return $_png;
+ }
+
+ // These define base64_encoded raw png image data used
+ // when we cannot generate our own single png image
+ function define_raw_pngs()
+ {
+ $_png = array(
+ '0' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QKCNGXKO6AAAAB3RJTUUH0wUOEDQ6EUG1VwAAAAlwSFlzAAALEgAACxIB0t1+/AAAAXNJREFUeNpj/M9AHGAiUt2wVvhyaqAqKyOjpG3jQwaGv+e+IUn9RwJfSjjg4iwFP1aKJD6HyyErfGGAYrquIoP5E2wK/zigu0v5wH9sChdgeKDqP1aFGhBZmxv/z0Dd4IxV4RWIpMQHIPuJAITzAqEQETx7IFQIP5CQNoJwDmALxzMQCuyjg1chnBPYwtECwr8AZN41h0p6YHOjAkTuwf//77wYuCEcFWwKOWA2fM1iZuuHcASwKYQ55c9ENuasrxgRjKlwJS+D17v/hBUeUGYwv/sfn0IRiJQZJIbxuFEFagjvSlDUQNgK2GIGqpC1JRhIfoAqxBYz0DRhn8IMJO+giKEqhMaMJBeI3AHhIKdkRPqG8DlAifqFADyasKRHO6h1Z/6fMYEwTbCmx3cWGCl8CTaFwBhGz+M2/7EpXMvOnBmIok7jBVaFz/Mi3/1pQORrhpgPyOr+M8IL0j9/gKpeLjhy5QEwoDVsYuRR3cE4IktcAJNx8cJaZBeQAAAAAElFTkSuQmCC',
+ '1' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QMi//xxVKAAAAB3RJTUUH0wUOEDYLcqnX7wAAAAlwSFlzAAALEgAACxIB0t1+/AAAAHpJREFUeNpj/M9AHGAiUh1WhR8FGUGAsMKaD9iM/I8BlmCVwVS4hoUohT8qcNiFyv2zQIWBCIV3amRwu54RKcDRAgQ1KigIcJYK7CqR3QsCFmf+Y8qgeQakbANMAz6FKjUXECbj8zWa76nm61GFw1UhI10KqVGFNFQIADdK9Zj7PsV9AAAAAElFTkSuQmCC',
+ '2' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QMwPUBEjoAAAAB3RJTUUH0wUOEDUqFe2UcgAAAAlwSFlzAAALEgAACxIB0t1+/AAAAQxJREFUeNpj/M9AHGAiUt2owkGrkAWF93LFgStPfjCwyGiYRGijqfyPAH9aOJAkQl78RwbICkNQjdB4gUNhD7qzLLAr/CKA4YENSAoRvl7zAUJXvPmxhgfCXILVMxEQvg+IDVUhgtVqDYjkDhD7B2aQIMIx5cOTN29evLAAsaEKObBajQzmQOQMcIQjHLwQgSisIaDwBdS5LHfwK7yhAHVVyX+8CrdAA5HB5gdehQ3Yoxpd4ZcAmDqbD//xKISEIjhU//zHoxDmXQaeFRhOZ8CmzuDOf3wKf8DsDfnyH6/CHJi6P//xKjyDJethVehBpMI7DPgVwrPCCgb8AK5wDwGFcNMF8EkCASOx1QcAGUxu1untnFIAAAAASUVORK5CYII=',
+ '3' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QMxBQugk2AAAAB3RJTUUH0wUOEDU3duv4qwAAAAlwSFlzAAALEgAACxIB0t1+/AAAATdJREFUeNpj/M9AHGAiUt0IVciCzPm7ZceZB28YGBQkLHwcmNFU/keANRJI4ioH/qMAJIUlaHatwaFwBrqrOO5gVfiCB8P9KVgVVkAtnPDh/wkLCFsGq0IFiGQLiH0D06P/GWHJ7O+NOzfuXLlzQRrEhgSawHscwYPurxAcwQMBf/4/aIAYyHIGr8IEeDhO+Y9XoQNUncwOVHGMRPEDSovc+IkzrpGDCQgUbuC1WgBhhsIHfAp3vPn/oIIFKfRxKQSDGohCA4IKX0DTD7YoRAWMUJ9iyQpbn4DBBWUQ5yFEDDnFw622gXAzwBxoYvfB5sYlUI0lD/4/gWWKJdgU/tHAcKjCD6y+PsGCpo4FJbaRgmcNqkqWCThTzxkTJHXo+Ro1HA9uOPHiATDlKJj4eKCVFIzDqWgGAK7GW/haPS+zAAAAAElFTkSuQmCC',
+ '4' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QMyqWttCEAAAAB3RJTUUH0wUOEDUxn4hdngAAAAlwSFlzAAALEgAACxIB0t1+/AAAAKBJREFUeNpj/M9AHGAiUh2FCucyQgCK4H9McIAFixwWhQ8kGIhS+MWAgTiFIQzEKWxhIE7hFgbiFF7hASkQIajwjQpInuUAIYV/XMDyU/4TUlgAlk75T0jhArCszR9CCk+AY07mxX8CCp+AY47nzH8CCn+YgOWW/CekMAYsVfMfl0JGmCBq4kNEDp2zAn0UMmItABjRvDykPTO43DgyFQIANP6pTFLWAdoAAAAASUVORK5CYII=',
+ '5' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QMzPy3XhEAAAAB3RJTUUH0wUOEDUk8lW5dQAAAAlwSFlzAAALEgAACxIB0t1+/AAAAQpJREFUeNpj/M9AHGAiUt2oQuIVfmREBzgU3iHWxAfEKiTaRFpZnfAfAbAr/AsxUYagiVCbeQgqhPpFYmukLCOrZupRNJUIB02BCAjAZCK+/Ed2LoJZgm6bzRfsCgMw3JWAXaEBpg8uIGSRPPMBQmXc+P+iggXCnoOQZUQK1K8PgEAjGcQs7QGL6FzG5mtkcAUiyYIQYcRRUkDTLEIWR1b4ixamQMPhrKUP3rx48eDNFXmwdyFiOthixgXqaTAnBcKpwRaOS6A6Mx78fwBVx/IAm8I/KsTGzAkWNHUyb7Ar/L8GNSlK3MCRev7/v+CApC7kBUoUoAX4yQ0nHjwAWqpiE6GNFgNDoAwHAKC2Q2lMNcCmAAAAAElFTkSuQmCC',
+ '6' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QNAObRd4vAAAAB3RJTUUH0wUOEDUc2lcB6wAAAAlwSFlzAAALEgAACxIB0t1+/AAAATtJREFUeNpj/M9AHGAiUh2Gwq2puryMjKKmmSfRVf5HBkcMEBI+L1CkUBROYUE2QuMFLoVr0CzzwKHwhQC6szZgV1gAtfHI/xs2mEYywsPxp8QHEMVxQ56B4aaJiIKIiIRCPDZf74DwI/5jB4hwPAChbAgG+BWoExlOxkoysuqW3sUV4BoQ/p0SqARLB44AF4HIByDMKMCuEIu7phCrUOADNl/DgMOJ/09SIMwPC7B5hgfC1/kB4kRAOC7YrFaByM0Ac85AOCLYrFaBhSMIQNPlG2wBDg3HP2CSGU/MuEAoiKVXUWxB9cwPiG8UwEGSg5FCMNOjwZ4/byqgpqwgMoWr/MGeZ1agqWPZgSNz/Z+AqnDCf1wK/29B8qbKDhQpRtTE8HfLjjMP3jDwKJh4hKCGJSPNC6lRhTRWCABWpdoxd/bZ4QAAAABJRU5ErkJggg==',
+ '7' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QNA18/fMoAAAAB3RJTUUH0wUOEDUVo4u5TwAAAAlwSFlzAAALEgAACxIB0t1+/AAAAM9JREFUeNpj/M9AHGAiUt2oQnorZIGzGLFJIyJ40HqGhUiFPFuQ/YUFPBGBmLcDSQybwj8OEDOW/CegsAeiruQ/AYV3OMDqTP4QUugCceCN/wQUQn1a8Z+Awj8qYHUiHwgpXAAxcMJ/Qgp1wOoEPhBSuANiYM5/QgpjIAovEFL4gweszgAz0NASxZ4vYMqHYDKDBiIWhWhWa0CS1x9CVn+8AaYsmAlZfQRC6RDMChADGTQIKjxDrMI7EEoBi0JGlMJe8AOY+sFOSCEeQHQBAABCZ7xyT9fJhwAAAABJRU5ErkJggg==',
+ '8' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QNBeBnwpSAAAAB3RJTUUH0wUOEDUOKe5wowAAAAlwSFlzAAALEgAACxIB0t1+/AAAATVJREFUeNpj/M9AHGAiUt1AKmRB459cc+DBGwYWGQ2LEG1Umf/I4IELkozLA2QpFIUXJFDMEDiBQ+EHGTR3yHzArrAFwwct2BXqQGQ1zvw/owFh6mBXCDXmDJB5BsOrjEhxzfoHIgkiGCGB9xtrgEPtOwvEV6FWY4+ZAAgVc5LhZgKEGYI9wN+gBiPu4Pl/BFWlxA1cMfN/C0rUr8AVhX8K0KyuwaEwASNmarAqPACVTXnw/0oENBFewKYQGhYZYE4MVBM2hVAvQ1LhHQhHBVsUMjIgYhCdhy3PPASTd6GOxBYz0KhOQHajDjY3pkC1Rlz5fweqjqEAm8ILGK5gYLlDZICXYI+ZLzZo6gL+4EgUfyo4kJQJtCCpQ8kKQPB2zZ47L14AU5iMgUMAN7IM43AqHwdQIQAhMPz6Gz5V/wAAAABJRU5ErkJggg==',
+ '9' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QNCQ+T2tEAAAAB3RJTUUH0wUOEDUHUDLIBwAAAAlwSFlzAAALEgAACxIB0t1+/AAAAUZJREFUeNpj/M9AHGAiUh26wr9rE3V5GRlFTTM3/kVT+R8Z7FBBSKjsQJFCUTiFBcWMCbgUHmBBs20FdoV/VNDUMQi8wapwDVS65s2fPToQZgFWhRFIkm8kwGyeH9gUQm2+Aua0QDhb4LJI4XgHQmmDSRMIZw+emIEENAeEcwObQhEIdQHiABRbUGPGBSIQAWL/gHqbB5tnJkC1Fjz5f8IGwxwkhR8EsCQarFE4hViF/wsQCgKgHsSu8H8HLFkUQL2rgUPh/zslOiwMEjFH/kND2geXQvQgqMAWhSjgAIRygAswIuXCpXfevHjz4M0ZdQaGhxo/wAnyBTuWmPnvARGxuPH/iAa+9Ph/A7r9Ai+wK/zvg6ZwzX8cCl9oICtjmfIfl8L/bwIQ6gyO/Met8P//EwUmwHTJo5OyBU2CkdaF1KhCWisEAM/sJxmZkdWnAAAAAElFTkSuQmCC',
+ 'A' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QFwy1U7TfAAAAB3RJTUUH0wUOEC0ZKCZtPQAAAAlwSFlzAAALEgAACxIB0t1+/AAAAO1JREFUeNrt1LERwiAUBuAHZ2GRwsIypQMwQEZwgBQpM4QDZBSLFI7gCA5gQWGRdA5gkTuMSh48eMTUnq96wH98B+QiDCwruTD3D76qF676ueAp0Y9lSBXeSkFWaLAje3T+kkzK4SgpBzZw8pqxJWcdOJuRsyGPbWDk0tS20zw9SXsobdfytJVXdzNsP61i6Zt3K7Ht0UeUgbPdjsrOXMd+2IS2C2qb271HVWi7YANcNXFQsUEVBTXwNdl46jYRxPl52dnwRUZbhkLSDmS8DnxFRWiULxg8UxvobefuRR8ZQYDKtffVVcQWv/RrfgJC4bd0upw4MQAAAABJRU5ErkJggg==',
+ 'B' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QGAusrz2zAAAAB3RJTUUH0wUOEC01Gv4B3gAAAAlwSFlzAAALEgAACxIB0t1+/AAAANJJREFUeNpj/M9AHGAiUh0tFTKiAUHL2rsoKv9DARZDWFr+IwA+hQwMFcQqZDhCrMIIYhWK4FYIYv8444PuV+wK//9/A+UJwBUSCHAL3OEIsdoFyttCpGdiiAtHjoY/RCnk6PlBbBRKrCE6CqcQq5DlDs5whIT3CgUI788EvOEIBCegXB2YPCNMBSNMISqf5TeUjysK90LpP/itfrFEAhZCMHkWdKMYUbk2MAah7BqD02pUYEFkgMu8IE6hD0IdpmegwSejoKLjoY7syaFU7A0HhQA2e4cJytImvAAAAABJRU5ErkJggg==',
+ 'C' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QGBbPqVFqAAAAB3RJTUUH0wUOEC4BEGemqAAAAAlwSFlzAAALEgAACxIB0t1+/AAAASlJREFUeNpj/M9AHGAiUt2owkGrkAWV+3TDgRtPPjBwyGiYBOijSv1HAlcCkGUcTiDLISvsQDOeZQp2hQWYDpuCTeEEbD44ganwDgc2vxpgKoyAyUWc+f9hjgCMtwFd4RuYRxog/ueBcl3QFc6BSmj8gfBrwE40yFmCrjABqrAH5mSZgJ4jX7AEjwlU4Zn/OAAsrp9AaRlccc0IzdeMsBilOPWQrBDmtpfEKnwBpZ8qZq58i6IS6vscKHcBcgQYlOz4gh6OK6AKfaB8G5hN6Aq/wBLPHjB3CczCFIzUA0u2PD0v/j9pgaf1ExgK3wgwYAEOWFL4GizqWC5gyzM1mArnEJkLZ2DPhf//n3BAVmeDkq8ZUZPL3TUn7gBLCgYFBYsAcxQZRmKrDwABNsv9SJSDwwAAAABJRU5ErkJggg==',
+ 'D' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QGC1+orhOAAAAB3RJTUUH0wUOEC4yr7fHvgAAAAlwSFlzAAALEgAACxIB0t1+/AAAAM9JREFUeNpj/M9AHGAiUt1AKmSBsxiRhXlkNBxCpFFU/ocBTDMyPvxHADwKGRgUbhCpkEHiCZEKGRyIVciwArdCIPPFGg8YzwSvQiBogXFvEFD43wDKnQDl44yZGCh9glAU2sCsJqRQBkq/gMUw3G2wuP6PnU/H9PgRSgsQUvgESosQUngFSqsQUrgCSsNiCFcU7oBx9+CL6w8XamB5SeUPkelxAZEJ1+YPcQolXhCXFTTuEJULOUq+IOVrFgasQELBxMaHG1mEcTiVjwOoEADAIkCnGpmJKgAAAABJRU5ErkJggg==',
+ 'E' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QGDeDwEE0AAAAB3RJTUUH0wUOEC8CkHXGUwAAAAlwSFlzAAALEgAACxIB0t1+/AAAAD5JREFUeNpj/M9AHGAiUt2owkGrkAXGYMQqjUgJQ8EzpPsa05+D140oMYTk4KEQ4MMqZqgUhcM1czESW30AABfqB1XDnLzcAAAAAElFTkSuQmCC',
+ 'F' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QGQe8AkDZAAAAB3RJTUUH0wUOEC8JB6cf2wAAAAlwSFlzAAALEgAACxIB0t1+/AAAADlJREFUeNpj/M9AHGAiUt3wUsiCYDJikUYE3lDwDDm+xvTp4HUjIoaQXTsUAnxYxcyoQryAcUSWuAAW/gZTg/yEMAAAAABJRU5ErkJggg==',
+ 'G' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QGRFI1vWIAAAAB3RJTUUH0wUOEC8QY8y3GwAAAAlwSFlzAAALEgAACxIB0t1+/AAAASZJREFUeNpj/M9AHGAiUt0IVciCwvt7ZM+FOy8+MDBwSEho2AQII8v9R4A/U2RQtHEUfEBIIim8YYBhn8oNLAqP8GBxmcwbDIU3sKljYIhAV/jHgAE7uICmcAJMQqDmwp//D2YowPgxqAr/wPyr8QAi8EEHwleIQFW4BxYicG+eEHEomHECET5QhRVQhQn/cQFoFJ6AKgwgFNcPoFwdnAoZIXmGERahKDwkIdqlR1j4PiRW4RVCCmExvQenQrSYEXiDiAoUBfC4loAK23yBSnzArhCRehRmAJPFnRUxHDgU/lDA7zZECj/Cgl2dAkaeWYNVZcoHDIX/94hgKLM4gS27/v9QIICizGMDkiQjSon7c8eBCw+e/GFgkZEwsHCRRpZiHE5FMwCa2YE+WcAOUwAAAABJRU5ErkJggg==',
+ 'H' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QGRw2Z4k1AAAAB3RJTUUH0wUOEC8agxleBQAAAAlwSFlzAAALEgAACxIB0t1+/AAAAD1JREFUeNpj/M9AHGAiUt2oQvyABUozQml4+KMLDAXPDAWFLGh8RlwKh4JnaB88GOlxELhxVCFewDgEynAAN2sFVHAvevkAAAAASUVORK5CYII=',
+ 'I' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QGSlg1E0WAAAAB3RJTUUH0wUOEC86uHd+zQAAAAlwSFlzAAALEgAACxIB0t1+/AAAAD5JREFUeNpj/M9AHGAiUt1AKmRBMBkxJJE9OhQ8Q32FjGhxDQsjjCQwFDwzqnCwKkRKZqO5EBMwDqcSl2iFAMMeB0s/kLo2AAAAAElFTkSuQmCC',
+ 'J' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QGywiiNsbAAAAB3RJTUUH0wUOEDAFw0tdbgAAAAlwSFlzAAALEgAACxIB0t1+/AAAAKdJREFUeNpj/M9AHGAiUh3xClmwijJCaSR3Ud/qUYWjCklTyIHEhifctw8ePHgCxO+B7L9QMQlsChW+QOiX4gwMd6BiItisVoHSB6AYWQwM/kNBBszkC/9PwKyc8B8B4Ar3YPHMHWwK/xtgqAv4j1XhEfScK/EEu8L/a1BVStz4j0Ph/yPItoe8QFH3nxGlkNq75cKDB0DDVBwitNEcwjhwpdmoQrwAAN6ioiFapgUdAAAAAElFTkSuQmCC',
+ 'K' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHAEoFhGpAAAAB3RJTUUH0wUOEDANzZDVXAAAAAlwSFlzAAALEgAACxIB0t1+/AAAAPZJREFUeNpj/M9AHGAiUt2owgFSyAgFMOGDrDARxkKo0H8wYEDh/b/AAzepACqEVeEdCQx1WBW+0ICry/mPR+EXE7i6kD94FP5xwaYOi8IIrOowFRbA1Xkgq8NQ2ANXZ/PlPx6FS3CpQ1fIAmOIoKn7jxbXf2CMNxvQIxvVRAQQ+YDXaiSQQqxChiOEFGoIQGidP/gVStxogLI68CqUuPH/BzSVcTzAoxCo7v//ObBIxK0QrO7/H1iCXIFT4QkIFxbaMh9wKYQJO0D5OYQUnoDF/QkCCuHJ1+APAYV3YOloAgGF8JTO84SAwjfQiGQIgPAZqV4rAACnKSarzdlc4gAAAABJRU5ErkJggg==',
+ 'L' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHA64qQw4AAAAB3RJTUUH0wUOEDAXMPIsJgAAAAlwSFlzAAALEgAACxIB0t1+/AAAADlJREFUeNpj/M9AHGAiUt2QUMiCYDJCaezhMBQ8M6pwVCEdFLJgCjEisRH5Zyh4hvoKGUdkQUq0QgARaARRV9jUFQAAAABJRU5ErkJggg==',
+ 'M' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHBhMfblpAAAAB3RJTUUH0wUOEDAqaJpgNwAAAAlwSFlzAAALEgAACxIB0t1+/AAAAPNJREFUeNrdlK0OgzAUhS8bCQYxMYmcmEAgEAgejQfZQyG2pAIxOYlATkAu691o2tvSYia2iv7lyzn3NG0jhG1tt5H7Aggom7ZuaKPhBFqKV+pFWDGjjcxStEAYXuvBkrKtoVX+gdRiK9i6sxjgeVGUMJzWwZLACaZOTqoAOAronmrlBuvPkQsIgHn8BqnE2AMmhaaYJ57jqTRFMwsDyW249XaJLhAujizm7UFM5XCUXTqiTvBLQYWRc7H3WWt+3NmlyGbOGh9q/45mjQxUb+CA6A2jSqu5MweX0ooQWLJxLYx6fz0GwmBOsww5GP3At/dX4Ayb7qpFI9y5ygAAAABJRU5ErkJggg==',
+ 'N' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHC6DxyzwAAAAB3RJTUUH0wUOEDAye/b4YQAAAAlwSFlzAAALEgAACxIB0t1+/AAAALRJREFUeNpj/M9AHGAiUt0IV8gIARsRMlAROP8/BEB5Ii/+/0cVgXNRhRk8iFXIMIFYhRxXiFTIYPCDSIUMBcQqZNhDrEKZN0QqZAggViHDHIIKRSAUzx1CCrdAaZM/BBT+z4Eyaggp/KEDYbAcIaDw/wUWCEuBkML/PagBgFvhfxdiFT4RIVLh/zXEKvyfQqzCLypEKvx/hoVIhf9biFX4x4ZIhf8fCBCp8P8KNBHG4VQ0AwDEOyeZhO5p1AAAAABJRU5ErkJggg==',
+ 'O' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHQExDSDoAAAAB3RJTUUH0wUOEDA4myMRfwAAAAlwSFlzAAALEgAACxIB0t1+/AAAATtJREFUeNpj/M9AHGAiUt3wUsiCyv265ciZJ08YGGRkDGwCuFGk/iOBDwU8SDIcGS+Q5JAV7hBBs45nAVaFC1gwXTYBi8IdWNQxMCzAUPhBBJs6Bp4n6AoLYFI6az78f7NEB8ZNQFP4QwAqEfADwg+A+f0NqsI1UHGBDzCnSKC6EhYzB6B0Cj+UwZ+CKgNTeAZKu8C94QGlL6DGjAyU+wAeXC+gIiIQLiM0KzDC9CFCBlWICsnsL3aFMDc+hcs8QZWBKYSF2g24whvYFZpA6T1whUegNCwyoYGxAmYyLGZ+wOxYghqFX2BpO+APmP8nBspHj2uk1LPizf8PGyxgXPTUQ3x6JDqF//8/AYs6bHkGmCYF0O3FnguBCSaFA0kZS8IDJDlG1IIUVFK8eABMWzI6DgHCyDKMI7LEBQCD5YgI9wbKGgAAAABJRU5ErkJggg==',
+ 'P' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHQvR2Mn2AAAAB3RJTUUH0wUOEDEDMzPJGgAAAAlwSFlzAAALEgAACxIB0t1+/AAAAKVJREFUeNpj/M9AHGAiUh05ChlRAKdu4k5Ulf9hANMQiwf/EQCfQgaJB0QqZHAhViHDEbg0AV8vwRM8QN0v5vBAOSfw+BrMWQDl8MClGeEKGGEKQcRXHmQemTGD1RMy+N14o4MDyvGAS7NgGMaIzPHAYyIy4HhBZMy0EBmFIX+IUsjRgqQOi2fAgEVBwyVGGEUEQw2O3EbLzDWSFDIOhtJsVCEWAAC/Yt2X+2PYcgAAAABJRU5ErkJggg==',
+ 'Q' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHRxSC0wxAAAAB3RJTUUH0wUOEDEKSu9xvgAAAAlwSFlzAAALEgAACxIB0t1+/AAAAW1JREFUeNpj/M9AHGAiUt2QUMiCzPm65cCZF08YGGRkDBx8uNFU/oeDDwU8SOIcBS/+IwOEwh0iaEYIrMCqcA4LprsmYFG4A4s6BoYFGAo/iGBTx8DzAl1hAUxKZ8WH/29W6MC4KWgKfwhAJXx+gPl/QmB+/4KqcANUXOQDVPiLBFRkCUwhJGb2wGzihzK4U6CMA6hReAbKc4F7wwFKX0CNGRkoB+HJJ1ARGZgAIziFM8J0IUIGXYjMZPaXkEJYYDyBiz+EuRFVoQKUdwWIz6qWvmRguAMVkUBVaIIUalPu9GgshIefAWrwrIHp//L/DQc4KjFiBi2uQ/7832KB5AX0uP5fAZOx2PDhfwNCIXrq+f9BhgEb4HmCkcL3YE3hSHkBnmfWYFMpsoaYXAgGDgcwFKLlaxYOCG2DqRCYrldkmIACUMIgZsaTI5Cg3IBNISp4AoovlT+EFf7/kYPkb3wK//8/YAGPGcYhUIYDAHBC9Yak1w7iAAAAAElFTkSuQmCC',
+ 'R' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHSkEuIgSAAAAB3RJTUUH0wUOEDEUsOBM3QAAAAlwSFlzAAALEgAACxIB0t1+/AAAAOZJREFUeNpj/M9AHGAiUh0NFLJAaUY0YRkJHYcQdmSh/xCAzRCZHf8RAJ9CBpYNRCpkEHgBV4jfMx+mEOVGIDDAaTWY82aPBZTLgV8hUCkaH6cbP8B8gxHgyODjgwstMDfiVIgWQyFE+lrhB3EBznOFuJgxuUFMXPPEbPmDpA53FH55osKMIoAe4F826MDMvPMfj9WgWFGBBeIf/Ar/H4FxJhBQ+B8WzCIfCCi8A4uvBgIK/2fA/POCgMIXHFBuDqH02ABLM3cIKPwgAuVHEFD4fwJM4AIBhT9goe4AFWAcAsXesFIIAEvJyZHTCSiTAAAAAElFTkSuQmCC',
+ 'S' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHTRnvuTLAAAAB3RJTUUH0wUOEDEbIF9RTAAAAAlwSFlzAAALEgAACxIB0t1+/AAAAVZJREFUeNpj/M9AHGAiUt2oQvyABYX398CWK3de/GBgkVEw8HFgRpH7jwSWqCDLyCxAlkNS+CcG3boY7AozMB3Wgk3hGSw+4HgBl0b4egIWhT9mYPGMBFQg4MH/D2tgvrKASzPC0yMjlP7CDSTOmrDIMDDwiHBsxzSRBypw5j9WgFDoAPNAxIQjX/ApXIDsC4OCLV9wKfzjwIACOEIO4IiZFxbooePzAqvC/z9qONBUStzAqvD//zc9BqgqNX5gVwgETxbkmCClvSk4FYLdsCMCptAGI2YSGV78+PLmz5MX4mDu1ByIMM9n9JiBxe4caGChy8MZMMsUIEFyAMoVwVC4BGaEwpI3/9/MEYGlJQyFPwQYsIE1mL7GlnCR0iNSXLtgqpO4gy1mvtigq1NAxCBKgP9pEUFWxlOCnNIYUYrmn3v23Ljx5gsw88sYOPhwI0sxDoEyHAABtSc836a1EQAAAABJRU5ErkJggg==',
+ 'T' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHgUdTbcyAAAAB3RJTUUH0wUOEDEgkVS4aAAAAAlwSFlzAAALEgAACxIB0t1+/AAAADdJREFUeNpj/M9AHGAiUt0IVcgCpRlxyMODeSh4hmiFjGipB+Z7jEQ1FDwzqnBU4WBSyDicimYAb/AFTaJpyH8AAAAASUVORK5CYII=',
+ 'U' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHhEHl2NPAAAAB3RJTUUH0wUOEDEon48wWgAAAAlwSFlzAAALEgAACxIB0t1+/AAAAKlJREFUeNpj/M9AHGAiUh3xClmgNCOUhrsEXYD6Vo8qHFVIuUIVKP0USr+E0jLoCjWg9A4ovQVNHJjUIaADZsILMPeFApRfA5X/D1N4AaZRYc6b/2+WwNQxXEBX+N8Bqxcc/mMoPMGCRR3LBUyF/2dgUTjjPxaF/6egm8ky5T9Whf9P2KCoMziBJPefEaWQurjnzIMXL34wsMhoWHiYo2hjHLjSbFQhXgAAKzejCLAOcVMAAAAASUVORK5CYII=',
+ 'V' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHh/gL05IAAAAB3RJTUUH0wUOEDEuduyVbwAAAAlwSFlzAAALEgAACxIB0t1+/AAAAVNJREFUeNpj/M9AHGAiUt2owoFRaMgIAYlIMqlQMUMo/z8ITIByRP78hwMRqNgECBei8AULVPQIXN0RqAjLGwgfYrW4B1R4DdzmLVDaQxjZ6v8roDwVuIkqMK3/ka3+/0MAKn4FKn4D5uof/5GtZmCPgEpsQHNDBDsDitVwt5tA+RZQ/pn/qFYj3PQEzHsC5WnA3QyPmQQU3+5AE0VYDTfDBcxzgQbik/8YVv93gMp9AbK/cEAD8T+m1TBb/oD8veEHhs0IE2GmxADZMRAmz4//WKxGkv3DA2Gm/MeqcA/Ujj1w1hHsCv/LQKQz/megRzyawgqIvAxMRwsuhbCEAEvGT3AphEUwNCU5IEv9R8lcUH9/wAxE5HAEgjccSBI8X3CbKOyBxAnhxm3i/w1IEgdQZFA98/+PCFydDKo6VKsZmGPQ0wgOq/+fgYvfQTORkeq1AgCIAvD7+THsDgAAAABJRU5ErkJggg==',
+ 'W' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QFhZRKnzkAAAAB3RJTUUH0wUOEDIR66frkQAAAAlwSFlzAAALEgAACxIB0t1+/AAAAXNJREFUeNrtlK1ywkAUhZdMZsJMKyIqKhAIBAKBiEBEVCDyCJV9iIo+Do9QGRERgUBEVCAqKhAIREVERURnTvfn3t27xSA6g+kOQ/ZkP/aec5NlBHXZSC7k/sE/AhUwoVkDPQ58/2RUQ2IC6B1XpN7MV8tg62/pUdjSDO7OwR2J0pbekpqZYlMG50bNSGwBDQ4pyV5YtCZ7mqZf1mO2IN2Jynba0XRx49pThjQCbEKWFfVRpIlBzlK4PuLdpxEWlTr4LHvYMEDOaTYS3HCW3DAJt8mmaSXYchZbOfEzkyYGZRbrEbX8qe7GMpLqFeyxV9F4fon1pwcxjxbqJpJTBPBJLoyHYSz1I3xq78aOMssepHZZHFjKhbX9/AZd6e9bsdABeyHTQXiE2PLO6PugCwiP/r1QVLYSlpXwKE1Wno7b7jY+hoWj0aegPyA9+jPrzgqwZJ0j8hhMVtElmDoD19FFPAvamc+sOXBm+KdYEzC63p/9D7Tr72kj/8qjAAAAAElFTkSuQmCC',
+ 'X' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHi/G9n7kAAAAB3RJTUUH0wUOEDIXAsROpAAAAAlwSFlzAAALEgAACxIB0t1+/AAAAT9JREFUeNpj/M9AHGAiUt3IVhjKCAFr4RJroSKBMIH/YPBEAMITeQLh//8gAxHggQlAFf6fAdXnA+WnQPkT/qMp/O8AlVkA5h2A8kz+YCi8wQGREngA5PxQgXBYzvzHUPi/A2qIA5BdAmUX/Mei8I8BVHbK/wssEJbMB2wK/5+ASvPcgGlZ8x+rQriFAmghgKHwiwJKXPA8wKXw/x4UhT3/cSr8n4CkzuAPHoVvRODqWE6gyPxHTT1ffiAUCjCgAhRtDkgSFnisnoJixAScCh/wEBk8DmiucsChcA5MQQSMMQWrQlgiZ0iAByey5QiFPlBZnS//v+hgxjZc4QKYKVeAnCswby3AUAi3eAGKNoEn6Ap94A5EjXUfNIUrEA6EALgzl6AohCUGsAMhAOZMkTfICkMw3I5wZgiEyzicimYAFRFkVwgDfJ0AAAAASUVORK5CYII=',
+ 'Y' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHjkyIsu1AAAAB3RJTUUH0wUOEDIkvRQvsgAAAAlwSFlzAAALEgAACxIB0t1+/AAAANJJREFUeNrt1L0NgzAQBWAcUVB6AAZgBAoKhmAICoZgCAoKxmAECkbwABSUlBRILwF8duwYhFJEihJ37+6T5T9g8K6N20X3FdDDNjKKOeTIqZLtWcKBU73bCx1lPhgQNTWieY1zRLmGCZFQp1xTSSmBDUUgW754BF+GQLxAPUkMxMb0FlzUsqpKLXhxQPRqo+oIerggCvuMC7jhFJounA4gWhO2OIL6Jp/uzglHrh0fTyAaDRucQaTkUpxDQVBYDWZ/hYze6bsv/A8/DNlP/kgvwzuer4kCMGPZDgAAAABJRU5ErkJggg==',
+ 'Z' => 'iVBORw0KGgoAAAANSUhEUgAAACgAAAAoCAAAAACpleexAAAAFXRFWHRDcmVhdGlvbiBUaW1lAAfTBQ4QHwfqWOdfAAAAB3RJTUUH0wUOEDIrLasyIwAAAAlwSFlzAAALEgAACxIB0t1+/AAAAL5JREFUeNrl1C0OwkAQBWCWQIJEVPQIFT0GAlHBMRBIBKIHqahAIDlERY9R0UOs3ORh5qVLunmp5GfUZvczbzKzDqtltV7ofgtueHCp16h33xBGwn0KYqoTO/J868Csaj418e0cPujOkLDfmTsECcfcXOGhoC/NZQMUDBUDd5DwxiAtJGzprpCw48xVQcIhM1d6KOgLc/kIBcORgXtIeGGQOyRs6Oq0g7P92YbkRE7bRZhcwhh+6nLF5f7yx30B8Z7FgxzMWtEAAAAASUVORK5CYII=',
+ );
+
+ return $_png;
+ }
+
+ ?>
\ No newline at end of file
diff -crN phpbb207/includes/usercp_register.php phpbb2017/includes/usercp_register.php
*** phpbb207/includes/usercp_register.php Sat Jul 10 20:16:29 2004
--- phpbb2017/includes/usercp_register.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: usercp_register.php,v 1.20.2.56 2004/03/13 15:08:22 acydburn Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: usercp_register.php,v 1.20.2.61 2005/06/26 12:03:44 acydburn Exp $
*
*
***************************************************************************/
***************
*** 21,26 ****
--- 21,39 ----
*
***************************************************************************/
+ /*
+
+ This code has been modified from its original form by psoTFX @ phpbb.com
+ Changes introduce the back-ported phpBB 2.2 visual confirmation code.
+
+ NOTE: Anyone using the modified code contained within this script MUST include
+ a relevant message such as this in usercp_register.php ... failure to do so
+ will affect a breach of Section 2a of the GPL and our copyright
+
+ png visual confirmation system : (c) phpBB Group, 2003 : All Rights Reserved
+
+ */
+
if ( !defined('IN_PHPBB') )
{
die("Hacking attempt");
***************
*** 94,99 ****
--- 107,113 ----
}
$strip_var_list = array('username' => 'username', 'email' => 'email', 'icq' => 'icq', 'aim' => 'aim', 'msn' => 'msn', 'yim' => 'yim', 'website' => 'website', 'location' => 'location', 'occupation' => 'occupation', 'interests' => 'interests');
+ $strip_var_list['confirm_code'] = 'confirm_code';
// Strip all tags from data ... may p**s some people off, bah, strip_tags is
// doing the job but can still break HTML output ... have no choice, have
***************
*** 177,183 ****
$board_config['default_dateformat'] = $row['config_value'];
$user_dateformat = ( !empty($HTTP_POST_VARS['dateformat']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['dateformat'])) : $board_config['default_dateformat'];
! $user_avatar_local = ( isset($HTTP_POST_VARS['avatarselect']) && !empty($HTTP_POST_VARS['submitavatar']) && $board_config['allow_avatar_local'] ) ? $HTTP_POST_VARS['avatarselect'] : ( ( isset($HTTP_POST_VARS['avatarlocal']) ) ? htmlspecialchars($HTTP_POST_VARS['avatarlocal']) : '' );
$user_avatar_remoteurl = ( !empty($HTTP_POST_VARS['avatarremoteurl']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['avatarremoteurl'])) : '';
$user_avatar_upload = ( !empty($HTTP_POST_VARS['avatarurl']) ) ? trim($HTTP_POST_VARS['avatarurl']) : ( ( $HTTP_POST_FILES['avatar']['tmp_name'] != "none") ? $HTTP_POST_FILES['avatar']['tmp_name'] : '' );
--- 191,197 ----
$board_config['default_dateformat'] = $row['config_value'];
$user_dateformat = ( !empty($HTTP_POST_VARS['dateformat']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['dateformat'])) : $board_config['default_dateformat'];
! $user_avatar_local = ( isset($HTTP_POST_VARS['avatarselect']) && !empty($HTTP_POST_VARS['submitavatar']) && $board_config['allow_avatar_local'] ) ? htmlspecialchars($HTTP_POST_VARS['avatarselect']) : ( ( isset($HTTP_POST_VARS['avatarlocal']) ) ? htmlspecialchars($HTTP_POST_VARS['avatarlocal']) : '' );
$user_avatar_remoteurl = ( !empty($HTTP_POST_VARS['avatarremoteurl']) ) ? trim(htmlspecialchars($HTTP_POST_VARS['avatarremoteurl'])) : '';
$user_avatar_upload = ( !empty($HTTP_POST_VARS['avatarurl']) ) ? trim($HTTP_POST_VARS['avatarurl']) : ( ( $HTTP_POST_FILES['avatar']['tmp_name'] != "none") ? $HTTP_POST_FILES['avatar']['tmp_name'] : '' );
***************
*** 253,258 ****
--- 267,323 ----
}
}
+ if ($board_config['enable_confirm'] && $mode == 'register')
+ {
+ if (empty($HTTP_POST_VARS['confirm_id']))
+ {
+ $error = TRUE;
+ $error_msg .= ( ( isset($error_msg) ) ? '
' : '' ) . $lang['Confirm_code_wrong'];
+ }
+ else
+ {
+ $confirm_id = htmlspecialchars($HTTP_POST_VARS['confirm_id']);
+ if (!preg_match('/^[A-Za-z0-9]+$/', $confirm_id))
+ {
+ $confirm_id = '';
+ }
+
+ $sql = 'SELECT code
+ FROM ' . CONFIRM_TABLE . "
+ WHERE confirm_id = '$confirm_id'
+ AND session_id = '" . $userdata['session_id'] . "'";
+ if (!($result = $db->sql_query($sql)))
+ {
+ message_die(GENERAL_ERROR, 'Could not obtain confirmation code', __LINE__, __FILE__, $sql);
+ }
+
+ if ($row = $db->sql_fetchrow($result))
+ {
+ if ($row['code'] != $confirm_code)
+ {
+ $error = TRUE;
+ $error_msg .= ( ( isset($error_msg) ) ? '
' : '' ) . $lang['Confirm_code_wrong'];
+ }
+ else
+ {
+ $sql = 'DELETE FROM ' . CONFIRM_TABLE . "
+ WHERE confirm_id = '$confirm_id'
+ AND session_id = '" . $userdata['session_id'] . "'";
+ if (!$db->sql_query($sql))
+ {
+ message_die(GENERAL_ERROR, 'Could not delete confirmation code', __LINE__, __FILE__, $sql);
+ }
+ }
+ }
+ else
+ {
+ $error = TRUE;
+ $error_msg .= ( ( isset($error_msg) ) ? '
' : '' ) . $lang['Confirm_code_wrong'];
+ }
+ $db->sql_freeresult($result);
+ }
+ }
+
$passwd_sql = '';
if ( !empty($new_password) && !empty($password_confirm) )
{
***************
*** 344,352 ****
// Error is already triggered, since one field is empty.
$error = TRUE;
}
! else if ( $username != $userdata['username'] || $mode == 'register' )
{
! if (strtolower($username) != strtolower($userdata['username']))
{
$result = validate_username($username);
if ( $result['error'] )
--- 409,417 ----
// Error is already triggered, since one field is empty.
$error = TRUE;
}
! else if ( $username != $userdata['username'] || $mode == 'register')
{
! if (strtolower($username) != strtolower($userdata['username']) || $mode == 'register')
{
$result = validate_username($username);
if ( $result['error'] )
***************
*** 389,400 ****
{
$avatar_sql = user_avatar_delete($userdata['user_avatar_type'], $userdata['user_avatar']);
}
!
if ( ( !empty($user_avatar_upload) || !empty($user_avatar_name) ) && $board_config['allow_avatar_upload'] )
{
if ( !empty($user_avatar_upload) )
{
! $avatar_mode = ( !empty($user_avatar_name) ) ? 'local' : 'remote';
$avatar_sql = user_avatar_upload($mode, $avatar_mode, $userdata['user_avatar'], $userdata['user_avatar_type'], $error, $error_msg, $user_avatar_upload, $user_avatar_name, $user_avatar_size, $user_avatar_filetype);
}
else if ( !empty($user_avatar_name) )
--- 454,465 ----
{
$avatar_sql = user_avatar_delete($userdata['user_avatar_type'], $userdata['user_avatar']);
}
! else
if ( ( !empty($user_avatar_upload) || !empty($user_avatar_name) ) && $board_config['allow_avatar_upload'] )
{
if ( !empty($user_avatar_upload) )
{
! $avatar_mode = (empty($user_avatar_name)) ? 'remote' : 'local';
$avatar_sql = user_avatar_upload($mode, $avatar_mode, $userdata['user_avatar'], $userdata['user_avatar_type'], $error, $error_msg, $user_avatar_upload, $user_avatar_name, $user_avatar_size, $user_avatar_filetype);
}
else if ( !empty($user_avatar_name) )
***************
*** 835,840 ****
--- 900,982 ----
$template->assign_block_vars('switch_namechange_disallowed', array());
}
+
+ // Visual Confirmation
+ $confirm_image = '';
+ if (!empty($board_config['enable_confirm']) && $mode == 'register')
+ {
+ $sql = 'SELECT session_id
+ FROM ' . SESSIONS_TABLE;
+ if (!($result = $db->sql_query($sql)))
+ {
+ message_die(GENERAL_ERROR, 'Could not select session data', '', __LINE__, __FILE__, $sql);
+ }
+
+ if ($row = $db->sql_fetchrow($result))
+ {
+ $confirm_sql = '';
+ do
+ {
+ $confirm_sql .= (($confirm_sql != '') ? ', ' : '') . "'" . $row['session_id'] . "'";
+ }
+ while ($row = $db->sql_fetchrow($result));
+
+ $sql = 'DELETE FROM ' . CONFIRM_TABLE . "
+ WHERE session_id NOT IN ($confirm_sql)";
+ if (!$db->sql_query($sql))
+ {
+ message_die(GENERAL_ERROR, 'Could not delete stale confirm data', '', __LINE__, __FILE__, $sql);
+ }
+ }
+ $db->sql_freeresult($result);
+
+ $sql = 'SELECT COUNT(session_id) AS attempts
+ FROM ' . CONFIRM_TABLE . "
+ WHERE session_id = '" . $userdata['session_id'] . "'";
+ if (!($result = $db->sql_query($sql)))
+ {
+ message_die(GENERAL_ERROR, 'Could not obtain confirm code count', '', __LINE__, __FILE__, $sql);
+ }
+
+ if ($row = $db->sql_fetchrow($result))
+ {
+ if ($row['attempts'] > 3)
+ {
+ message_die(GENERAL_MESSAGE, $lang['Too_many_registers']);
+ }
+ }
+ $db->sql_freeresult($result);
+
+ $confirm_chars = array('A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', '1', '2', '3', '4', '5', '6', '7', '8', '9');
+
+ list($usec, $sec) = explode(' ', microtime());
+ mt_srand($sec * $usec);
+
+ $max_chars = count($confirm_chars) - 1;
+ $code = '';
+ for ($i = 0; $i < 6; $i++)
+ {
+ $code .= $confirm_chars[mt_rand(0, $max_chars)];
+ }
+
+ $confirm_id = md5(uniqid($user_ip));
+
+ $sql = 'INSERT INTO ' . CONFIRM_TABLE . " (confirm_id, session_id, code)
+ VALUES ('$confirm_id', '". $userdata['session_id'] . "', '$code')";
+ if (!$db->sql_query($sql))
+ {
+ message_die(GENERAL_ERROR, 'Could not insert new confirm code information', '', __LINE__, __FILE__, $sql);
+ }
+
+ unset($code);
+
+ $confirm_image = (@extension_loaded('zlib')) ? '
' : '';
+ $s_hidden_fields .= '';
+
+ $template->assign_block_vars('switch_confirm', array());
+ }
+
+
//
// Let's do an overall check for settings/versions which would prevent
// us from doing file uploads....
***************
*** 848,853 ****
--- 990,996 ----
'NEW_PASSWORD' => $new_password,
'PASSWORD_CONFIRM' => $password_confirm,
'EMAIL' => $email,
+ 'CONFIRM_IMG' => $confirm_image,
'YIM' => $yim,
'ICQ' => $icq,
'MSN' => $msn,
***************
*** 941,946 ****
--- 1084,1093 ----
'L_PROFILE_INFO' => $lang['Profile_info'],
'L_PROFILE_INFO_NOTICE' => $lang['Profile_info_warn'],
'L_EMAIL_ADDRESS' => $lang['Email_address'],
+
+ 'L_CONFIRM_CODE_IMPAIRED' => sprintf($lang['Confirm_code_impaired'], '', ''),
+ 'L_CONFIRM_CODE' => $lang['Confirm_code'],
+ 'L_CONFIRM_CODE_EXPLAIN' => $lang['Confirm_code_explain'],
'S_ALLOW_AVATAR_UPLOAD' => $board_config['allow_avatar_upload'],
'S_ALLOW_AVATAR_LOCAL' => $board_config['allow_avatar_local'],
diff -crN phpbb207/includes/usercp_sendpasswd.php phpbb2017/includes/usercp_sendpasswd.php
*** phpbb207/includes/usercp_sendpasswd.php Sat Jul 10 20:16:29 2004
--- phpbb2017/includes/usercp_sendpasswd.php Tue Jul 19 22:14:56 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: usercp_sendpasswd.php,v 1.6.2.11 2003/05/03 23:24:03 acydburn Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: usercp_sendpasswd.php,v 1.6.2.12 2004/11/18 17:49:45 acydburn Exp $
*
*
***************************************************************************/
***************
*** 29,35 ****
if ( isset($HTTP_POST_VARS['submit']) )
{
! $username = ( !empty($HTTP_POST_VARS['username']) ) ? trim(strip_tags($HTTP_POST_VARS['username'])) : '';
$email = ( !empty($HTTP_POST_VARS['email']) ) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['email']))) : '';
$sql = "SELECT user_id, username, user_email, user_active, user_lang
--- 29,35 ----
if ( isset($HTTP_POST_VARS['submit']) )
{
! $username = ( !empty($HTTP_POST_VARS['username']) ) ? phpbb_clean_username($HTTP_POST_VARS['username']) : '';
$email = ( !empty($HTTP_POST_VARS['email']) ) ? trim(strip_tags(htmlspecialchars($HTTP_POST_VARS['email']))) : '';
$sql = "SELECT user_id, username, user_email, user_active, user_lang
diff -crN phpbb207/includes/usercp_viewprofile.php phpbb2017/includes/usercp_viewprofile.php
*** phpbb207/includes/usercp_viewprofile.php Sat Jul 10 20:16:29 2004
--- phpbb2017/includes/usercp_viewprofile.php Tue Jul 19 22:14:57 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: usercp_viewprofile.php,v 1.5.2.1 2003/02/25 23:28:30 acydburn Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: usercp_viewprofile.php,v 1.5.2.5 2005/07/19 20:01:16 acydburn Exp $
*
*
***************************************************************************/
***************
*** 33,38 ****
--- 33,43 ----
}
$profiledata = get_userdata($HTTP_GET_VARS[POST_USERS_URL]);
+ if (!$profiledata)
+ {
+ message_die(GENERAL_MESSAGE, $lang['No_user_id_specified']);
+ }
+
$sql = "SELECT *
FROM " . RANKS_TABLE . "
ORDER BY rank_special, rank_min";
***************
*** 41,46 ****
--- 46,52 ----
message_die(GENERAL_ERROR, 'Could not obtain ranks information', '', __LINE__, __FILE__, $sql);
}
+ $ranksrow = array();
while ( $row = $db->sql_fetchrow($result) )
{
$ranksrow[] = $row;
***************
*** 159,166 ****
$yim = ( $profiledata['user_yim'] ) ? '' . $lang['YIM'] . '' : '';
$temp_url = append_sid("search.$phpEx?search_author=" . urlencode($profiledata['username']) . "&showresults=posts");
! $search_img = '![' . $lang['Search_user_posts'] . '](' . $images['icon_search'] . ' "' . $lang['Search_user_posts'] . '")
';
! $search = '' . $lang['Search_user_posts'] . '';
//
// Generate page
--- 165,172 ----
$yim = ( $profiledata['user_yim'] ) ? '' . $lang['YIM'] . '' : '';
$temp_url = append_sid("search.$phpEx?search_author=" . urlencode($profiledata['username']) . "&showresults=posts");
! $search_img = '';
! $search = '' . sprintf($lang['Search_user_posts'], $profiledata['username']) . '';
//
// Generate page
***************
*** 168,173 ****
--- 174,188 ----
$page_title = $lang['Viewing_profile'];
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
+ if (function_exists('get_html_translation_table'))
+ {
+ $u_search_author = urlencode(strtr($profiledata['username'], array_flip(get_html_translation_table(HTML_ENTITIES))));
+ }
+ else
+ {
+ $u_search_author = urlencode(str_replace(array('&', ''', '"', '<', '>'), array('&', "'", '"', '<', '>'), $profiledata['username']));
+ }
+
$template->assign_vars(array(
'USERNAME' => $profiledata['username'],
'JOINED' => create_date($lang['DATE_FORMAT'], $profiledata['user_regdate'], $board_config['board_timezone']),
***************
*** 222,228 ****
'L_OCCUPATION' => $lang['Occupation'],
'L_INTERESTS' => $lang['Interests'],
! 'U_SEARCH_USER' => append_sid("search.$phpEx?search_author=" . urlencode($profiledata['username'])),
'S_PROFILE_ACTION' => append_sid("profile.$phpEx"))
);
--- 237,243 ----
'L_OCCUPATION' => $lang['Occupation'],
'L_INTERESTS' => $lang['Interests'],
! 'U_SEARCH_USER' => append_sid("search.$phpEx?search_author=" . $u_search_author),
'S_PROFILE_ACTION' => append_sid("profile.$phpEx"))
);
diff -crN phpbb207/index.php phpbb2017/index.php
*** phpbb207/index.php Sat Jul 10 20:16:28 2004
--- phpbb2017/index.php Tue Jul 19 22:14:58 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: index.php,v 1.99.2.2 2004/03/01 15:56:52 psotfx Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: index.php,v 1.99.2.3 2004/07/11 16:46:15 acydburn Exp $
*
*
***************************************************************************/
***************
*** 118,123 ****
--- 118,124 ----
message_die(GENERAL_ERROR, 'Could not query categories list', '', __LINE__, __FILE__, $sql);
}
+ $category_rows = array();
while( $category_rows[] = $db->sql_fetchrow($result) );
$db->sql_freeresult($result);
diff -crN phpbb207/language/lang_english/lang_admin.php phpbb2017/language/lang_english/lang_admin.php
*** phpbb207/language/lang_english/lang_admin.php Sat Jul 10 20:16:29 2004
--- phpbb2017/language/lang_english/lang_admin.php Tue Jul 19 22:14:57 2005
***************
*** 7,13 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: lang_admin.php,v 1.35.2.9 2003/06/10 00:31:19 psotfx Exp $
*
****************************************************************************/
--- 7,13 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: lang_admin.php,v 1.35.2.10 2005/02/21 18:38:17 acydburn Exp $
*
****************************************************************************/
***************
*** 723,728 ****
--- 723,740 ----
$lang['Install_No_Ext'] = 'The PHP configuration on your server doesn\'t support the database type that you chose';
$lang['Install_No_PCRE'] = 'phpBB2 Requires the Perl-Compatible Regular Expressions Module for PHP which your PHP configuration doesn\'t appear to support!';
+
+ //
+ // Version Check
+ //
+ $lang['Version_up_to_date'] = 'Your installation is up to date, no updates are available for your version of phpBB.';
+ $lang['Version_not_up_to_date'] = 'Your installation does not seem to be up to date. Updates are available for your version of phpBB, please visit http://www.phpbb.com/downloads.php to obtain the latest version.';
+ $lang['Latest_version_info'] = 'The latest available version is phpBB %s.';
+ $lang['Current_version_info'] = 'You are running phpBB %s.';
+ $lang['Connect_socket_error'] = 'Unable to open connection to phpBB Server, reported error is:
%s';
+ $lang['Socket_functions_disabled'] = 'Unable to use socket functions.';
+ $lang['Mailing_list_subscribe_reminder'] = 'For the latest information on updates to phpBB, why not subscribe to our mailing list.';
+ $lang['Version_information'] = 'Version Information';
//
// That's all Folks!
diff -crN phpbb207/language/lang_english/lang_main.php phpbb2017/language/lang_english/lang_main.php
*** phpbb207/language/lang_english/lang_main.php Sat Jul 10 20:16:29 2004
--- phpbb2017/language/lang_english/lang_main.php Tue Jul 19 22:14:57 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: lang_main.php,v 1.85.2.15 2003/06/10 00:31:19 psotfx Exp $
*
****************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: lang_main.php,v 1.85.2.16 2005/05/06 20:50:13 acydburn Exp $
*
****************************************************************************/
***************
*** 1017,1022 ****
--- 1017,1024 ----
$lang['Critical_Error'] = 'Critical Error';
$lang['An_error_occured'] = 'An Error Occurred';
$lang['A_critical_error'] = 'A Critical Error Occurred';
+
+ $lang['Admin_reauthenticate'] = 'To administer the board you must re-authenticate yourself.';
//
// That's all, Folks!
diff -crN phpbb207/login.php phpbb2017/login.php
*** phpbb207/login.php Sat Jul 10 20:16:28 2004
--- phpbb2017/login.php Tue Jul 19 22:14:58 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: login.php,v 1.47.2.15 2004/03/18 18:15:51 acydburn Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: login.php,v 1.47.2.18 2005/05/06 20:50:10 acydburn Exp $
*
*
***************************************************************************/
***************
*** 52,62 ****
if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($HTTP_POST_VARS['logout']) || isset($HTTP_GET_VARS['logout']) )
{
! if( ( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) ) && !$userdata['session_logged_in'] )
{
! $username = isset($HTTP_POST_VARS['username']) ? trim(htmlspecialchars($HTTP_POST_VARS['username'])) : '';
! $username = substr(str_replace("\\'", "'", $username), 0, 25);
! $username = str_replace("'", "\\'", $username);
$password = isset($HTTP_POST_VARS['password']) ? $HTTP_POST_VARS['password'] : '';
$sql = "SELECT user_id, username, user_password, user_active, user_level
--- 52,60 ----
if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($HTTP_POST_VARS['logout']) || isset($HTTP_GET_VARS['logout']) )
{
! if( ( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) ) && (!$userdata['session_logged_in'] || isset($HTTP_POST_VARS['admin'])) )
{
! $username = isset($HTTP_POST_VARS['username']) ? phpbb_clean_username($HTTP_POST_VARS['username']) : '';
$password = isset($HTTP_POST_VARS['password']) ? $HTTP_POST_VARS['password'] : '';
$sql = "SELECT user_id, username, user_password, user_active, user_level
***************
*** 79,85 ****
{
$autologin = ( isset($HTTP_POST_VARS['autologin']) ) ? TRUE : 0;
! $session_id = session_begin($row['user_id'], $user_ip, PAGE_INDEX, FALSE, $autologin);
if( $session_id )
{
--- 77,84 ----
{
$autologin = ( isset($HTTP_POST_VARS['autologin']) ) ? TRUE : 0;
! $admin = (isset($HTTP_POST_VARS['admin'])) ? 1 : 0;
! $session_id = session_begin($row['user_id'], $user_ip, PAGE_INDEX, FALSE, $autologin, $admin);
if( $session_id )
{
***************
*** 96,101 ****
--- 95,105 ----
$redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : '';
$redirect = str_replace('?', '&', $redirect);
+ if (strstr(urldecode($redirect), "\n") || strstr(urldecode($redirect), "\r"))
+ {
+ message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.');
+ }
+
$template->assign_vars(array(
'META' => "")
);
***************
*** 111,116 ****
--- 115,125 ----
$redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : "";
$redirect = str_replace("?", "&", $redirect);
+ if (strstr(urldecode($redirect), "\n") || strstr(urldecode($redirect), "\r"))
+ {
+ message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.');
+ }
+
$template->assign_vars(array(
'META' => "")
);
***************
*** 150,156 ****
// Do a full login page dohickey if
// user not already logged in
//
! if( !$userdata['session_logged_in'] )
{
$page_title = $lang['Login'];
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
--- 159,165 ----
// Do a full login page dohickey if
// user not already logged in
//
! if( !$userdata['session_logged_in'] || (isset($HTTP_GET_VARS['admin']) && $userdata['session_logged_in'] && $userdata['user_level'] == ADMIN))
{
$page_title = $lang['Login'];
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
***************
*** 199,210 ****
$username = ( $userdata['user_id'] != ANONYMOUS ) ? $userdata['username'] : '';
$s_hidden_fields = '';
make_jumpbox('viewforum.'.$phpEx, $forum_id);
$template->assign_vars(array(
'USERNAME' => $username,
! 'L_ENTER_PASSWORD' => $lang['Enter_password'],
'L_SEND_PASSWORD' => $lang['Forgotten_password'],
'U_SEND_PASSWORD' => append_sid("profile.$phpEx?mode=sendpassword"),
--- 208,220 ----
$username = ( $userdata['user_id'] != ANONYMOUS ) ? $userdata['username'] : '';
$s_hidden_fields = '';
+ $s_hidden_fields .= (isset($HTTP_GET_VARS['admin'])) ? '' : '';
make_jumpbox('viewforum.'.$phpEx, $forum_id);
$template->assign_vars(array(
'USERNAME' => $username,
! 'L_ENTER_PASSWORD' => (isset($HTTP_GET_VARS['admin'])) ? $lang['Admin_reauthenticate'] : $lang['Enter_password'],
'L_SEND_PASSWORD' => $lang['Forgotten_password'],
'U_SEND_PASSWORD' => append_sid("profile.$phpEx?mode=sendpassword"),
diff -crN phpbb207/memberlist.php phpbb2017/memberlist.php
*** phpbb207/memberlist.php Sat Jul 10 20:16:28 2004
--- phpbb2017/memberlist.php Tue Jul 19 22:14:58 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: memberlist.php,v 1.36.2.9 2004/03/01 15:56:52 psotfx Exp $
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: memberlist.php,v 1.36.2.10 2004/07/11 16:46:15 acydburn Exp $
*
***************************************************************************/
***************
*** 235,241 ****
$row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
$template->assign_block_vars('memberrow', array(
! 'ROW_NUMBER' => $i + ( $HTTP_GET_VARS['start'] + 1 ),
'ROW_COLOR' => '#' . $row_color,
'ROW_CLASS' => $row_class,
'USERNAME' => $username,
--- 235,241 ----
$row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
$template->assign_block_vars('memberrow', array(
! 'ROW_NUMBER' => $i + ( $start + 1 ),
'ROW_COLOR' => '#' . $row_color,
'ROW_CLASS' => $row_class,
'USERNAME' => $username,
diff -crN phpbb207/modcp.php phpbb2017/modcp.php
*** phpbb207/modcp.php Sat Jul 10 20:16:28 2004
--- phpbb2017/modcp.php Tue Jul 19 22:14:58 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: modcp.php,v 1.71.2.23 2004/03/13 15:08:22 acydburn Exp $
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: modcp.php,v 1.71.2.26 2005/06/26 12:03:46 acydburn Exp $
*
***************************************************************************/
***************
*** 131,136 ****
--- 131,141 ----
}
$topic_row = $db->sql_fetchrow($result);
+ if (!$topic_row)
+ {
+ message_die(GENERAL_MESSAGE, 'Topic_post_not_exist');
+ }
+
$forum_topics = ( $topic_row['forum_topics'] == 0 ) ? 1 : $topic_row['forum_topics'];
$forum_id = $topic_row['forum_id'];
$forum_name = $topic_row['forum_name'];
***************
*** 146,151 ****
--- 151,161 ----
}
$topic_row = $db->sql_fetchrow($result);
+ if (!$topic_row)
+ {
+ message_die(GENERAL_MESSAGE, 'Forum_not_exist');
+ }
+
$forum_topics = ( $topic_row['forum_topics'] == 0 ) ? 1 : $topic_row['forum_topics'];
$forum_name = $topic_row['forum_name'];
}
***************
*** 453,458 ****
--- 463,482 ----
$new_forum_id = intval($HTTP_POST_VARS['new_forum']);
$old_forum_id = $forum_id;
+ $sql = 'SELECT forum_id FROM ' . FORUMS_TABLE . '
+ WHERE forum_id = ' . $new_forum_id;
+ if ( !($result = $db->sql_query($sql)) )
+ {
+ message_die(GENERAL_ERROR, 'Could not select from forums table', '', __LINE__, __FILE__, $sql);
+ }
+
+ if (!$db->sql_fetchrow($result))
+ {
+ message_die(GENERAL_MESSAGE, 'New forum does not exist');
+ }
+
+ $db->sql_freeresult($result);
+
if ( $new_forum_id != $old_forum_id )
{
$topics = ( isset($HTTP_POST_VARS['topic_id_list']) ) ? $HTTP_POST_VARS['topic_id_list'] : array($topic_id);
***************
*** 746,751 ****
--- 770,789 ----
$new_forum_id = intval($HTTP_POST_VARS['new_forum_id']);
$topic_time = time();
+ $sql = 'SELECT forum_id FROM ' . FORUMS_TABLE . '
+ WHERE forum_id = ' . $new_forum_id;
+ if ( !($result = $db->sql_query($sql)) )
+ {
+ message_die(GENERAL_ERROR, 'Could not select from forums table', '', __LINE__, __FILE__, $sql);
+ }
+
+ if (!$db->sql_fetchrow($result))
+ {
+ message_die(GENERAL_MESSAGE, 'New forum does not exist');
+ }
+
+ $db->sql_freeresult($result);
+
$sql = "INSERT INTO " . TOPICS_TABLE . " (topic_title, topic_poster, topic_time, forum_id, topic_status, topic_type)
VALUES ('" . str_replace("\'", "''", $post_subject) . "', $first_poster, " . $topic_time . ", $new_forum_id, " . TOPIC_UNLOCKED . ", " . POST_NORMAL . ")";
if (!($db->sql_query($sql, BEGIN_TRANSACTION)))
***************
*** 841,850 ****
'S_FORUM_SELECT' => make_forum_select("new_forum_id", false, $forum_id))
);
for($i = 0; $i < $total_posts; $i++)
{
$post_id = $postrow[$i]['post_id'];
! $poster_id = $postrow[$i]['user_id'];
$poster = $postrow[$i]['username'];
$post_date = create_date($board_config['default_dateformat'], $postrow[$i]['post_time'], $board_config['board_timezone']);
--- 879,895 ----
'S_FORUM_SELECT' => make_forum_select("new_forum_id", false, $forum_id))
);
+ //
+ // Define censored word matches
+ //
+ $orig_word = array();
+ $replacement_word = array();
+ obtain_word_list($orig_word, $replacement_word);
+
for($i = 0; $i < $total_posts; $i++)
{
$post_id = $postrow[$i]['post_id'];
! $poster_id = $postrow[$i]['poster_id'];
$poster = $postrow[$i]['username'];
$post_date = create_date($board_config['default_dateformat'], $postrow[$i]['post_time'], $board_config['board_timezone']);
***************
*** 869,881 ****
{
$message = ( $board_config['allow_bbcode'] ) ? bbencode_second_pass($message, $bbcode_uid) : preg_replace('/\:[0-9a-z\:]+\]/si', ']', $message);
}
-
- //
- // Define censored word matches
- //
- $orig_word = array();
- $replacement_word = array();
- obtain_word_list($orig_word, $replacement_word);
if ( count($orig_word) )
{
--- 914,919 ----
diff -crN phpbb207/posting.php phpbb2017/posting.php
*** phpbb207/posting.php Sat Jul 10 20:16:28 2004
--- phpbb2017/posting.php Tue Jul 19 22:14:58 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: posting.php,v 1.159.2.21 2004/03/13 15:08:22 acydburn Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: posting.php,v 1.159.2.23 2005/05/06 20:50:10 acydburn Exp $
*
*
***************************************************************************/
***************
*** 30,36 ****
//
// Check and set various parameters
//
! $params = array('submit' => 'post', 'confirm' => 'confirm', 'preview' => 'preview', 'delete' => 'delete', 'poll_delete' => 'poll_delete', 'poll_add' => 'add_poll_option', 'poll_edit' => 'edit_poll_option', 'mode' => 'mode');
while( list($var, $param) = @each($params) )
{
if ( !empty($HTTP_POST_VARS[$param]) || !empty($HTTP_GET_VARS[$param]) )
--- 30,36 ----
//
// Check and set various parameters
//
! $params = array('submit' => 'post', 'preview' => 'preview', 'delete' => 'delete', 'poll_delete' => 'poll_delete', 'poll_add' => 'add_poll_option', 'poll_edit' => 'edit_poll_option', 'mode' => 'mode');
while( list($var, $param) = @each($params) )
{
if ( !empty($HTTP_POST_VARS[$param]) || !empty($HTTP_GET_VARS[$param]) )
***************
*** 43,48 ****
--- 43,50 ----
}
}
+ $confirm = isset($HTTP_POST_VARS['confirm']) ? true : false;
+
$params = array('forum_id' => POST_FORUM_URL, 'topic_id' => POST_TOPIC_URL, 'post_id' => POST_POST_URL);
while( list($var, $param) = @each($params) )
{
***************
*** 1103,1106 ****
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
! ?>
--- 1105,1108 ----
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
! ?>
\ No newline at end of file
diff -crN phpbb207/privmsg.php phpbb2017/privmsg.php
*** phpbb207/privmsg.php Sat Jul 10 20:16:28 2004
--- phpbb2017/privmsg.php Tue Jul 19 22:14:58 2005
***************
*** 6,12 ****
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: privmsg.php,v 1.96.2.34 2004/03/18 18:16:21 acydburn Exp $
*
*
***************************************************************************/
--- 6,12 ----
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
! * $Id: privmsg.php,v 1.96.2.40 2005/07/19 20:01:19 acydburn Exp $
*
*
***************************************************************************/
***************
*** 212,218 ****
break;
case 'savebox':
$l_box_name = $lang['Savebox'];
! $pm_sql_user .= "AND ( ( pm.privmsgs_to_userid = " . $userdata['user_id'] . "
AND pm.privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " )
OR ( pm.privmsgs_from_userid = " . $userdata['user_id'] . "
AND pm.privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " )
--- 212,218 ----
break;
case 'savebox':
$l_box_name = $lang['Savebox'];
! $pm_sql_user = "AND ( ( pm.privmsgs_to_userid = " . $userdata['user_id'] . "
AND pm.privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " )
OR ( pm.privmsgs_from_userid = " . $userdata['user_id'] . "
AND pm.privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " )
***************
*** 493,499 ****
$profile_img = '![' . $lang['Read_profile'] . '](' . $images['icon_profile'] . ' "' . $lang['Read_profile'] . '")
';
$profile = '' . $lang['Read_profile'] . '';
! $temp_url = append_sid("privmsg.$phpEx?mode=post&" . POST_USERS_URL . "=$poster_id");
$pm_img = '![' . $lang['Send_private_message'] . '](' . $images['icon_pm'] . ' "' . $lang['Send_private_message'] . '")
';
$pm = '' . $lang['Send_private_message'] . '';
--- 493,499 ----
$profile_img = '';
$profile = '' . $lang['Read_profile'] . '';
! $temp_url = append_sid("privmsg.$phpEx?mode=post&" . POST_USERS_URL . "=$user_id_from");
$pm_img = '';
$pm = '' . $lang['Send_private_message'] . '';
***************
*** 563,571 ****
// If the board has HTML off but the post has HTML
// on then we process it, else leave it alone
//
! if ( !$board_config['allow_html'] )
{
! if ( $user_sig != '' && $privmsg['privmsgs_enable_sig'] && $userdata['user_allowhtml'] )
{
$user_sig = preg_replace('#(<)([\/]?.*?)(>)#is', "<\\2>", $user_sig);
}
--- 563,571 ----
// If the board has HTML off but the post has HTML
// on then we process it, else leave it alone
//
! if ( !$board_config['allow_html'] || !$userdata['user_allowhtml'])
{
! if ( $user_sig != '')
{
$user_sig = preg_replace('#(<)([\/]?.*?)(>)#is', "<\\2>", $user_sig);
}
***************
*** 698,744 ****
}
else if ( $confirm )
{
! if ( $delete_all )
{
! switch($folder)
{
! case 'inbox':
! $delete_type = "privmsgs_to_userid = " . $userdata['user_id'] . " AND (
! privmsgs_type = " . PRIVMSGS_READ_MAIL . " OR privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
! break;
! case 'outbox':
! $delete_type = "privmsgs_from_userid = " . $userdata['user_id'] . " AND ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
! break;
! case 'sentbox':
! $delete_type = "privmsgs_from_userid = " . $userdata['user_id'] . " AND privmsgs_type = " . PRIVMSGS_SENT_MAIL;
! break;
! case 'savebox':
! $delete_type = "( ( privmsgs_from_userid = " . $userdata['user_id'] . "
! AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " )
! OR ( privmsgs_to_userid = " . $userdata['user_id'] . "
! AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " ) )";
! break;
! }
! $sql = "SELECT privmsgs_id
! FROM " . PRIVMSGS_TABLE . "
! WHERE $delete_type";
! if ( !($result = $db->sql_query($sql)) )
! {
! message_die(GENERAL_ERROR, 'Could not obtain id list to delete all messages', '', __LINE__, __FILE__, $sql);
! }
! while ( $row = $db->sql_fetchrow($result) )
! {
! $mark_list[] = $row['privmsgs_id'];
! }
! unset($delete_type);
}
if ( count($mark_list) )
{
$delete_sql_id = '';
--- 698,754 ----
}
else if ( $confirm )
{
! $delete_sql_id = '';
!
! if (!$delete_all)
{
! for ($i = 0; $i < count($mark_list); $i++)
{
! $delete_sql_id .= (($delete_sql_id != '') ? ', ' : '') . intval($mark_list[$i]);
! }
! $delete_sql_id = "AND privmsgs_id IN ($delete_sql_id)";
! }
! switch($folder)
! {
! case 'inbox':
! $delete_type = "privmsgs_to_userid = " . $userdata['user_id'] . " AND (
! privmsgs_type = " . PRIVMSGS_READ_MAIL . " OR privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
! break;
! case 'outbox':
! $delete_type = "privmsgs_from_userid = " . $userdata['user_id'] . " AND ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . " OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " )";
! break;
! case 'sentbox':
! $delete_type = "privmsgs_from_userid = " . $userdata['user_id'] . " AND privmsgs_type = " . PRIVMSGS_SENT_MAIL;
! break;
! case 'savebox':
! $delete_type = "( ( privmsgs_from_userid = " . $userdata['user_id'] . "
! AND privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . " )
! OR ( privmsgs_to_userid = " . $userdata['user_id'] . "
! AND privmsgs_type = " . PRIVMSGS_SAVED_IN_MAIL . " ) )";
! break;
! }
! $sql = "SELECT privmsgs_id
! FROM " . PRIVMSGS_TABLE . "
! WHERE $delete_type $delete_sql_id";
! if ( !($result = $db->sql_query($sql)) )
! {
! message_die(GENERAL_ERROR, 'Could not obtain id list to delete messages', '', __LINE__, __FILE__, $sql);
}
+ $mark_list = array();
+ while ( $row = $db->sql_fetchrow($result) )
+ {
+ $mark_list[] = $row['privmsgs_id'];
+ }
+
+ unset($delete_type);
+
if ( count($mark_list) )
{
$delete_sql_id = '';
***************
*** 1042,1048 ****
$saved_sql .= " SET privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . "
WHERE privmsgs_from_userid = " . $userdata['user_id'] . "
AND ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
! OR privmsgs_type = " . PRIVMSGS_UNERAD_MAIL . " ) ";
break;
case 'sentbox':
--- 1052,1058 ----
$saved_sql .= " SET privmsgs_type = " . PRIVMSGS_SAVED_OUT_MAIL . "
WHERE privmsgs_from_userid = " . $userdata['user_id'] . "
AND ( privmsgs_type = " . PRIVMSGS_NEW_MAIL . "
! OR privmsgs_type = " . PRIVMSGS_UNREAD_MAIL . " ) ";
break;
case 'sentbox':
***************
*** 1132,1138 ****
{
if ( !empty($HTTP_POST_VARS['username']) )
{
! $to_username = $HTTP_POST_VARS['username'];
$sql = "SELECT user_id, user_notify_pm, user_email, user_lang, user_active
FROM " . USERS_TABLE . "
--- 1142,1148 ----
{
if ( !empty($HTTP_POST_VARS['username']) )
{
! $to_username = phpbb_clean_username($HTTP_POST_VARS['username']);
$sql = "SELECT user_id, user_notify_pm, user_email, user_lang, user_active
FROM " . USERS_TABLE . "
***************
*** 1337,1343 ****
// passed to the script, process it a little, do some checks
// where neccessary, etc.
//
! $to_username = ( isset($HTTP_POST_VARS['username']) ) ? trim(strip_tags(stripslashes($HTTP_POST_VARS['username']))) : '';
$privmsg_subject = ( isset($HTTP_POST_VARS['subject']) ) ? trim(strip_tags(stripslashes($HTTP_POST_VARS['subject']))) : '';
$privmsg_message = ( isset($HTTP_POST_VARS['message']) ) ? trim($HTTP_POST_VARS['message']) : '';
$privmsg_message = preg_replace('#