v2.3.1 Patch #4

231patch4 fixes these issues in v231:

Extract to v2.3.1 folder

• !!! Fixes cross-site security issue
• Re-introduces old (0.9x) theme compatibility if OLD_THEME_COMPATIBLE constant is set in the theme config.php settings file
• Fixes issue where IE fixes would be applied since they were loaded before the stylesheets
• Fixes issue with possible mangled meta tags (due to bad user input)
• Fixes issue where message queue wasn't always displayed
• Fixes issue in a dropdown control where both 'blank item' and 'no items' would be listed
• Fixes shipping/billing calculator upgrade script to run on all upgrades
• Updates removal of some old libraries left in after ugprade from v2.3.0 to v2.3.1
• Adds comment to .htaccess file to help with issues running from subfolder
• Fixes bad refs for .htaccess error documents
• Fixes some issues saving bootstraptheme/bootstrap3theme theme configuration setting changes
• Fix display of showlogin view for bootstrap3
• Fixes bad closing tag on new 'message' smarty function
• Fixes issue where MOTD item allowed setting of 'any month' was not allowed
• Fixes expSession to deal with mangled $user session variable
• Fixes expUtil::browser() method to work w/ php v5.2.1
• Fix for possible database manager write error reporting 'Invalid CSRF token'
• More graceful exit from an upgrade if the database is down
• Fixes styling of DataTables Tabletools for non-bootstrap views
• Now allows sorting by 'is admin' for manage user view
• Fixes issue w/ CKEditor (only elFinder support fixed) where image size didn't appear in insert image dialog after file selection, now also transfers 'alt' from file manager

NOTE: You MUST be logged in as a Super-Admin user in order to perform an upgrade of v2.3.0 or later!