The release provides some post-fixes and issues discovered after upgrading older versions of miniBB to 3.0.1. Some of them include just the default layout changes, which are not mandatory to update for existing forum owners. There are, however, some significant improvements regarding location redirection (Refresh vs. Location option), Right-To-Left Override character fix (so called "profanity issue"), and a little Statistics page fix.

Most important are the following fixes and additions:

- 'rheader' option is not a mandatory one, and it could basically have just 2 values: 'Location:' and 'Refresh:0;url=', which are used in 'header' function of PHP. In the ancient times, Refresh was introduced in miniBB to support IIS servers, which do not work with Location. However this may appear as the out-of-standards approach, thus sometimes Refresh may be disabled on some "extremely" valid Linux servers, and Location may work relatively faster. In the current version, it's possible to specify it on the optional level. If $rheader option is not set (under setup_options.php), "Location:" is used by default and embedded in index.php (this works in most cases).

- "Profanity issue" of miniBB - by now, you may Google it and find a related thread, posted by '3vilp4wn'; not sure if it will live forever, but anyway, this is a place where the investigation of this problem has been started from, not mentioning miniBB demo forums, where we were having a related thread. The problem was the following: if you type & # 8238; ("Right-To-Left Override" symbol, all chars together with no spaces), it will put the whole text reversed, which could lead to security bugs. It worked in miniBB like any other Unicode character in HTML. This is done intentionally to provide possibility to post some characters which may be not present in ISO encoding. In the current version, miniBB will try to cut off this symbol from the posted messages.

There is an interesting story about this issue, as it appears quite fresh to all developers. At the moment of my investigation, it even bugged Google, i.e. if you would type '& # 8238;' with no spaces in the Google search field just couple of days ago, it would put the search phrase in reverse with an interesting effect on the screen; this issue has been fixed on Google just recently, they were abnormally quick on this update :)

As 3vilp4wn reported me, he discovered this issue by accident when he was looking at this xkcd comic:



If you want more infos, you can contact 3vilp4wn directly: ENH [AT] lavabit [DOT] com .


This would be all at the moment.
As usually, you will find the history of changed files under Updating History package of miniBB.

Feel free to download the updated miniBB, and upgrade today!

Thanks Paul for updating miniBB, keeping it safe and secure!

Do we need to change templates also or just php files?

Check in Updating History -> in below of the !UPDATE.txt file and you will find the answer.
Not only for this version, but for any other :)

Actually, only .php files are needed to update for this small intermediate release.

Thanks! :)

Sorry to everybody who downloaded the update yesterday - it seems the black mouse eaten some string in the update file,
there should be mentioned bb_func_txt.php to update for 'customized_conversion' function and profanity issue.

Please update this file as well amongst others mentioned.