salve ragazzi, ho appena fatto un grosso ed importante aggiornamento al forum, la maggior parte riguarda la sicurezza, proprio per questo non troverete nulla a riguardo nuove funzioni o simili...

giusto per darvi un idea, questi sono gli aggiornamenti effettuati:


* [fix] prevent login attempts from incrementing for inactive users
* [fix] do not check maximum login attempts on re-authentication to the admin panel - tomknight
* [fix] regenerate session keys on password change
* [fix] retrieving category rows in index.php (bug #90)
* [fix] improved index performance by determining the permissions before iterating through all forums (bug #91)
* [fix] better handling of short usernames within the search (bug #105)
* [fix] send a no-cache header on admin pages as well as normal board pages (bug #149)
* [fix] apply word censors to the message when quoting it (bug #405)
* [fix] improved performance of query in admin_groups (bug #753)
* [fix] workaround for an issue in either php or mssql resulting in a space being returned instead of an empty string (bug #830)
* [fix] correct use of default_style config value (bug #861)
* [fix] replace unneeded unset calls in admin_db_utilities.php - vanderaj
* [fix] improved error handling in modcp.php
* [fix] improved handling of forums to which the user does not have any explicit permissions - vanderaj
* [fix] assorted fixes and cleanup of admin_ranks.php, now requires confirmation of deletions
* [fix] assorted fixes and cleanup of admin_words.php, now requires confirmation of deletions
* [fix] addition and editing of smilies can no longer be performed via get, now requires confirmation of deletions
* [fix] escape group names in admin_groups.php
* [sec] replace strip_tags with htmlspecialchars in private message subject
* [sec] some changes to html handling if enabled
* [sec] escape any special characters in reverse dns - anthrax101
* [sec] typecast poll id values - anthrax101
* [sec] added configurable search flood control to reduce the effect of dos style attacks
* [sec] changed the way we create "random" values for use as keys - chinchilla/anthrax101
* [sec] enabled visual confirmation by default
* [change] changed handling of the case where a selected style doesn't exist in the database
* [change] changed handling of topic pruning to improve performance
* [change] changed default forum permissions to only allow registered users to post in new forums