myBloggie {VERSION}

Changes
---------------------------------------------------------------------------------------------------------
setting.php   -- important !
replace this
$mb_version                   = "2.1.3";
with
$mb_version                   = "2.1.4";
---------------------------------------------------------------------------------------------------------
admin_header.tpl  -

> Line 81 : change to
    background:url("templates/{STYLE}/admin/images/tab_left.gif") no-repeat left top;

> Line 6 : Change to

<title>myBloggie {VERSION} - by myWebland {ADMIN_TITLE}</title>

---------------------------------------------------------------------------------------------------------
admincontent.tpl

> Line 17 - insert

    <tr>
        <td align="center">
           <fieldset style="border:solid #c0c0c0 1px; margin:0 100px 0 100px; padding:10px 20px 10px 20px">
             <legend>Version Update</legend>
             {VERSION_INFO}
           </fieldset>
        </td>
    </tr>

---------------------------------------------------------------------------------------------------------
footer.tpl  (
Line 11 (/template/aura directory)
Line 12 (/template/admin directory)
        Powered by <a class="copyright" href="http://mybloggie.mywebland.com">myBloggie {VERSION}</a> Copyright &copy; 2004 2006<br/>

---------------------------------------------------------------------------------------------------------

s_includes.php  - missing security image code

> Line 55  : replace this

return $this->decrypt(urldecode($txt));

With

return $this->decrypt(str_replace('\0', chr(0), urldecode($txt))); // 2.1.4

---------------------------------------------------------------------------------------------------------
admin.php

> Line 142 - Insert before   'MENU_TOOLS'       => "<a href=\"".$_SERVER['PHP_SELF']."?mode=upload\">".$lang['Tools']."</a>", the followings,

     'VERSION'          => "myBloggie ".$mb_version,
     'VERSION_INFO'     => versioncheck($mb_version),

> Line 37 - Insert before include_once($mybloggie_root_path.'language/'.$language);

include_once($mybloggie_root_path.'common.php');

---------------------------------------------------------------------------------------------------------

common.php ( new file 0

> copy the common.php into the mybloggie root directory

---------------------------------------------------------------------------------------------------------

index.php
> Line 41 - Insert before include_once($mybloggie_root_path.'language/'.$language);

include_once($mybloggie_root_path.'common.php');
---------------------------------------------------------------------------------------------------------
view.php - recommended to replace with new version...
Line 229 : Insert this

Line 122 : replace with this
                if (intval($row['most_recent_time']) > 0 && ($current_time - intval($row['most_recent_time'])) < intval($floodcontrol) && $level<>1) //214

Line 60  : Insert this
  $username = $_SESSION['username'];
  $sql    =  "SELECT id, user, level FROM ".USER_TBL." WHERE user='$username'" ;                                         ///214
  $result = $db->sql_query($sql);                                                                                        ///214
  $userid = $db->sql_fetchrow($result);                                                                                  ///214
  $level =   $userid['level'];                                                                                           ///214

---------------------------------------------------------------------------------------------------------

Replace all the following files with new version
search.php   --  For address SQL Injecttion
function.php -- security enhancement for bbcode img & url tags & code effeciency
mysql.php ( includes folder )
add.php
addcat.php
adduser.php
all_com.php
del.php
delcat.php
delcomment.php
deluser.php
deluserlist.php
edit.php
editcat.php
editcom.php
edituser.php
search.php
upload.php
---------------------------------------------------------------------------------------------------------