MyBB 1.8.21

admin/inc/functions_themes.php

@@ -262,6 +262,8 @@ function import_theme_xml($xml, $options=array())
 		$loop = 1;
 		foreach($theme['stylesheets']['stylesheet'] as $stylesheet)
 		{
+			$stylesheet['attributes']['name'] = my_substr($stylesheet['attributes']['name'], 0, 30);
+
 			if(substr($stylesheet['attributes']['name'], -4) != ".css")
 			{
 				continue;
@@ -375,6 +377,11 @@ function cache_stylesheet($tid, $filename, $stylesheet)
 	$tid = (int) $tid;
 	$theme_directory = "cache/themes/theme{$tid}";
 
+	if(substr($filename, -4) != ".css")
+	{
+		return false;
+	}
+
 	// If we're in safe mode save to the main theme folder by default
 	if($mybb->safemode)
 	{

admin/modules/config/settings.php

@@ -1039,6 +1039,23 @@
 			}
 		}
 
+		$fields = array(
+			'uploadspath',
+			'cdnpath',
+			'avataruploadpath',
+		);
+
+		foreach($fields as $field)
+		{
+			if(
+				isset($mybb->input['upsetting'][$field]) &&
+				is_string($mybb->input['upsetting'][$field]) &&
+				strpos($mybb->input['upsetting'][$field], '://') !== false)
+			{
+				unset($mybb->input['upsetting'][$field]);
+			}
+		}
+
 		if(is_array($mybb->input['upsetting']))
 		{
 			foreach($mybb->input['upsetting'] as $name => $value)

admin/modules/forum/attachments.php

@@ -374,13 +374,18 @@
 			foreach($bad_attachments as $file)
 			{
 				$file_path = MYBB_ROOT.$mybb->settings['uploadspath']."/".$file;
-				$filesize = get_friendly_size(filesize($file_path));
-				$table->construct_cell($form->generate_check_box('orphaned_files[]', $file, '', array('checked' => true)));
-				$table->construct_cell(get_attachment_icon(get_extension($attachment['filename'])), array('width' => 1));
-				$table->construct_cell("<span class=\"float_right\">{$filesize}</span>{$file}");
-				$table->construct_cell($lang->reason_not_in_table, array('class' => 'align_center'));
-				$table->construct_cell(my_date('relative', filemtime($file_path)), array('class' => 'align_center'));
-				$table->construct_row();
+
+				if(file_exists($file_path))
+				{
+					$filename = htmlspecialchars_uni($file);
+					$filesize = get_friendly_size(filesize($file_path));
+					$table->construct_cell($form->generate_check_box('orphaned_files[]', $file, '', array('checked' => true)));
+					$table->construct_cell(get_attachment_icon(get_extension($attachment['filename'])), array('width' => 1));
+					$table->construct_cell("<span class=\"float_right\">{$filesize}</span>{$filename}");
+					$table->construct_cell($lang->reason_not_in_table, array('class' => 'align_center'));
+					$table->construct_cell(my_date('relative', filemtime($file_path)), array('class' => 'align_center'));
+					$table->construct_row();
+				}
 			}
 		}
 

editpost.php

@@ -678,6 +678,11 @@
 		$reason = htmlspecialchars_uni($mybb->get_input('editreason'));
 	}
 
+	$previewmessage = $message;
+	$previewsubject = $subject;
+	$message = htmlspecialchars_uni($message);
+	$subject = htmlspecialchars_uni($subject);
+
 	if(!isset($post_errors))
 	{
 		$post_errors = '';
@@ -738,10 +743,6 @@
 		}
 		else
 		{
-			$previewmessage = $message;
-			$previewsubject = $subject;
-			$message = htmlspecialchars_uni($message);
-			$subject = htmlspecialchars_uni($subject);
 
 			$postoptions = $mybb->get_input('postoptions', MyBB::INPUT_ARRAY);
 
@@ -804,9 +805,6 @@
 	}
 	else if(!$post_errors)
 	{
-		$message = htmlspecialchars_uni($message);
-		$subject = htmlspecialchars_uni($subject);
-
 		$preview = '';
 
 		if($post['includesig'] != 0)

inc/class_parser.php

@@ -1536,7 +1536,7 @@ function mycode_parse_video($video, $url)
 			return "[video={$video}]{$url}[/video]";
 		}
 
-		$id = htmlspecialchars_uni($id);
+		$id = $this->encode_url($id);
 
 		eval("\$video_code = \"".$templates->get("video_{$video}_embed", 1, 0)."\";");
 		return $video_code;

private.php

@@ -60,7 +60,7 @@
 if($update)
 {
 	$sql_array = array(
-		 "pmfolders" => $mybb->user['pmfolders']
+		 "pmfolders" => $db->escape_string($mybb->user['pmfolders']),
 	);
 	$db->update_query("users", $sql_array, "uid = ".$mybb->user['uid']);
 }