diff --git a/admin_bans.php b/admin_bans.php
index 5d6d5b589..8269f7505 100644
--- a/admin_bans.php
+++ b/admin_bans.php
@@ -1,569 +1,569 @@
-<?php
-
-/**
- * Copyright (C) 2008-2012 FluxBB
- * based on code by Rickard Andersson copyright (C) 2002-2008 PunBB
- * License: http://www.gnu.org/licenses/gpl.html GPL version 2 or higher
- */
-
-// Tell header.php to use the admin template
-define('PUN_ADMIN_CONSOLE', 1);
-
-define('PUN_ROOT', dirname(__FILE__).'/');
-require PUN_ROOT.'include/common.php';
-require PUN_ROOT.'include/common_admin.php';
-
-
-if ($pun_user['g_id'] != PUN_ADMIN && ($pun_user['g_moderator'] != '1' || $pun_user['g_mod_ban_users'] == '0'))
-	message($lang_common['No permission'], false, '403 Forbidden');
-
-// Load the admin_bans.php language file
-require PUN_ROOT.'lang/'.$admin_language.'/admin_bans.php';
-
-// Add/edit a ban (stage 1)
-if (isset($_REQUEST['add_ban']) || isset($_GET['edit_ban']))
-{
-	if (isset($_GET['add_ban']) || isset($_POST['add_ban']))
-	{
-		// If the ID of the user to ban was provided through GET (a link from profile.php)
-		if (isset($_GET['add_ban']))
-		{
-			$user_id = intval($_GET['add_ban']);
-			if ($user_id < 2)
-				message($lang_common['Bad request'], false, '404 Not Found');
-
-			$result = $db->query('SELECT group_id, username, email FROM '.$db->prefix.'users WHERE id='.$user_id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
-			if ($db->num_rows($result))
-				list($group_id, $ban_user, $ban_email) = $db->fetch_row($result);
-			else
-				message($lang_admin_bans['No user ID message']);
-		}
-		else // Otherwise the username is in POST
-		{
-			$ban_user = pun_trim($_POST['new_ban_user']);
-
-			if ($ban_user != '')
-			{
-				$result = $db->query('SELECT id, group_id, username, email FROM '.$db->prefix.'users WHERE username=\''.$db->escape($ban_user).'\' AND id>1') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
-				if ($db->num_rows($result))
-					list($user_id, $group_id, $ban_user, $ban_email) = $db->fetch_row($result);
-				else
-					message($lang_admin_bans['No user message']);
-			}
-		}
-
-		// Make sure we're not banning an admin or moderator
-		if (isset($group_id))
-		{
-			if ($group_id == PUN_ADMIN)
-				message(sprintf($lang_admin_bans['User is admin message'], pun_htmlspecialchars($ban_user)));
-
-			$result = $db->query('SELECT g_moderator FROM '.$db->prefix.'groups WHERE g_id='.$group_id) or error('Unable to fetch group info', __FILE__, __LINE__, $db->error());
-			$is_moderator_group = $db->result($result);
-
-			if ($is_moderator_group)
-				message(sprintf($lang_admin_bans['User is mod message'], pun_htmlspecialchars($ban_user)));
-		}
-
-		// If we have a $user_id, we can try to find the last known IP of that user
-		if (isset($user_id))
-		{
-			$result = $db->query('SELECT poster_ip FROM '.$db->prefix.'posts WHERE poster_id='.$user_id.' ORDER BY posted DESC LIMIT 1') or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
-			$ban_ip = ($db->num_rows($result)) ? $db->result($result) : '';
-
-			if ($ban_ip == '')
-			{
-				$result = $db->query('SELECT registration_ip FROM '.$db->prefix.'users WHERE id='.$user_id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
-				$ban_ip = ($db->num_rows($result)) ? $db->result($result) : '';
-			}
-		}
-
-		$mode = 'add';
-	}
-	else // We are editing a ban
-	{
-		$ban_id = intval($_GET['edit_ban']);
-		if ($ban_id < 1)
-			message($lang_common['Bad request'], false, '404 Not Found');
-
-		$result = $db->query('SELECT username, ip, email, message, expire FROM '.$db->prefix.'bans WHERE id='.$ban_id) or error('Unable to fetch ban info', __FILE__, __LINE__, $db->error());
-		if ($db->num_rows($result))
-			list($ban_user, $ban_ip, $ban_email, $ban_message, $ban_expire) = $db->fetch_row($result);
-		else
-			message($lang_common['Bad request'], false, '404 Not Found');
-
-		$diff = ($pun_user['timezone'] + $pun_user['dst']) * 3600;
-		$ban_expire = ($ban_expire != '') ? gmdate('Y-m-d', $ban_expire + $diff) : '';
-
-		$mode = 'edit';
-	}
-
-	$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_admin_common['Admin'], $lang_admin_common['Bans']);
-	$focus_element = array('bans2', 'ban_user');
-	define('PUN_ACTIVE_PAGE', 'admin');
-	require PUN_ROOT.'header.php';
-
-	generate_admin_menu('bans');
-
-?>
-	<div class="blockform">
-		<h2><span><?php echo $lang_admin_bans['Ban advanced head'] ?></span></h2>
-		<div class="box">
-			<form id="bans2" method="post" action="admin_bans.php">
-				<div class="inform">
-				<input type="hidden" name="mode" value="<?php echo $mode ?>" />
-<?php if ($mode == 'edit'): ?>				<input type="hidden" name="ban_id" value="<?php echo $ban_id ?>" />
-<?php endif; ?>				<fieldset>
-						<legend><?php echo $lang_admin_bans['Ban advanced subhead'] ?></legend>
-						<div class="infldset">
-							<table class="aligntop">
-								<tr>
-									<th scope="row"><?php echo $lang_admin_bans['Username label'] ?></th>
-									<td>
-										<input type="text" name="ban_user" size="25" maxlength="25" value="<?php if (isset($ban_user)) echo pun_htmlspecialchars($ban_user); ?>" tabindex="1" />
-										<span><?php echo $lang_admin_bans['Username help'] ?></span>
-									</td>
-								</tr>
-								<tr>
-									<th scope="row"><?php echo $lang_admin_bans['IP label'] ?></th>
-									<td>
-										<input type="text" name="ban_ip" size="45" maxlength="255" value="<?php if (isset($ban_ip)) echo pun_htmlspecialchars($ban_ip); ?>" tabindex="2" />
-										<span><?php echo $lang_admin_bans['IP help'] ?><?php if ($ban_user != '' && isset($user_id)) printf(' '.$lang_admin_bans['IP help link'], '<a href="admin_users.php?ip_stats='.$user_id.'">'.$lang_admin_common['here'].'</a>') ?></span>
-									</td>
-								</tr>
-								<tr>
-									<th scope="row"><?php echo $lang_admin_bans['E-mail label'] ?></th>
-									<td>
-										<input type="text" name="ban_email" size="40" maxlength="80" value="<?php if (isset($ban_email)) echo $ban_email; ?>" tabindex="3" />
-										<span><?php echo $lang_admin_bans['E-mail help'] ?></span>
-									</td>
-								</tr>
-							</table>
-							<p class="topspace"><strong class="warntext"><?php echo $lang_admin_bans['Ban IP range info'] ?></strong></p>
-						</div>
-					</fieldset>
-				</div>
-				<div class="inform">
-					<fieldset>
-						<legend><?php echo $lang_admin_bans['Message expiry subhead'] ?></legend>
-						<div class="infldset">
-							<table class="aligntop">
-								<tr>
-									<th scope="row"><?php echo $lang_admin_bans['Ban message label'] ?></th>
-									<td>
-										<input type="text" name="ban_message" size="50" maxlength="255" value="<?php if (isset($ban_message)) echo pun_htmlspecialchars($ban_message); ?>" tabindex="4" />
-										<span><?php echo $lang_admin_bans['Ban message help'] ?></span>
-									</td>
-								</tr>
-								<tr>
-									<th scope="row"><?php echo $lang_admin_bans['Expire date label'] ?></th>
-									<td>
-										<input type="text" name="ban_expire" size="17" maxlength="10" value="<?php if (isset($ban_expire)) echo $ban_expire; ?>" tabindex="5" />
-										<span><?php echo $lang_admin_bans['Expire date help'] ?></span>
-									</td>
-								</tr>
-							</table>
-						</div>
-					</fieldset>
-				</div>
-				<p class="submitend"><input type="submit" name="add_edit_ban" value="<?php echo $lang_admin_common['Save'] ?>" tabindex="6" /></p>
-			</form>
-		</div>
-	</div>
-	<div class="clearer"></div>
-</div>
-<?php
-
-	require PUN_ROOT.'footer.php';
-}
-
-// Add/edit a ban (stage 2)
-else if (isset($_POST['add_edit_ban']))
-{
-	confirm_referrer('admin_bans.php');
-
-	$ban_user = pun_trim($_POST['ban_user']);
-	$ban_ip = pun_trim($_POST['ban_ip']);
-	$ban_email = strtolower(pun_trim($_POST['ban_email']));
-	$ban_message = pun_trim($_POST['ban_message']);
-	$ban_expire = pun_trim($_POST['ban_expire']);
-
-	if ($ban_user == '' && $ban_ip == '' && $ban_email == '')
-		message($lang_admin_bans['Must enter message']);
-	else if (strtolower($ban_user) == 'guest')
-		message($lang_admin_bans['Cannot ban guest message']);
-
-	// Make sure we're not banning an admin or moderator
-	if (!empty($ban_user))
-	{
-		$result = $db->query('SELECT group_id FROM '.$db->prefix.'users WHERE username=\''.$db->escape($ban_user).'\' AND id>1') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
-		if ($db->num_rows($result))
-		{
-			$group_id = $db->result($result);
-
-			if ($group_id == PUN_ADMIN)
-				message(sprintf($lang_admin_bans['User is admin message'], pun_htmlspecialchars($ban_user)));
-
-			$result = $db->query('SELECT g_moderator FROM '.$db->prefix.'groups WHERE g_id='.$group_id) or error('Unable to fetch group info', __FILE__, __LINE__, $db->error());
-			$is_moderator_group = $db->result($result);
-
-			if ($is_moderator_group)
-				message(sprintf($lang_admin_bans['User is mod message'], pun_htmlspecialchars($ban_user)));
-		}
-	}
-
-	// Validate IP/IP range (it's overkill, I know)
-	if ($ban_ip != '')
-	{
-		$ban_ip = preg_replace('%\s{2,}%S', ' ', $ban_ip);
-		$addresses = explode(' ', $ban_ip);
-		$addresses = array_map('pun_trim', $addresses);
-
-		for ($i = 0; $i < count($addresses); ++$i)
-		{
-			if (strpos($addresses[$i], ':') !== false)
-			{
-				$octets = explode(':', $addresses[$i]);
-
-				for ($c = 0; $c < count($octets); ++$c)
-				{
-					$octets[$c] = ltrim($octets[$c], "0");
-
-					if ($c > 7 || (!empty($octets[$c]) && !ctype_xdigit($octets[$c])) || intval($octets[$c], 16) > 65535)
-						message($lang_admin_bans['Invalid IP message']);
-				}
-
-				$cur_address = implode(':', $octets);
-				$addresses[$i] = $cur_address;
-			}
-			else
-			{
-				$octets = explode('.', $addresses[$i]);
-
-				for ($c = 0; $c < count($octets); ++$c)
-				{
-					$octets[$c] = (strlen($octets[$c]) > 1) ? ltrim($octets[$c], "0") : $octets[$c];
-
-					if ($c > 3 || preg_match('%[^0-9]%', $octets[$c]) || intval($octets[$c]) > 255)
-						message($lang_admin_bans['Invalid IP message']);
-				}
-
-				$cur_address = implode('.', $octets);
-				$addresses[$i] = $cur_address;
-			}
-		}
-
-		$ban_ip = implode(' ', $addresses);
-	}
-
-	require PUN_ROOT.'include/email.php';
-	if ($ban_email != '' && !is_valid_email($ban_email))
-	{
-		if (!preg_match('%^[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})$%', $ban_email))
-			message($lang_admin_bans['Invalid e-mail message']);
-	}
-
-	if ($ban_expire != '' && $ban_expire != 'Never')
-	{
-		$ban_expire = strtotime($ban_expire.' GMT');
-
-		if ($ban_expire == -1 || !$ban_expire)
-			message($lang_admin_bans['Invalid date message'].' '.$lang_admin_bans['Invalid date reasons']);
-
-		$diff = ($pun_user['timezone'] + $pun_user['dst']) * 3600;
-		$ban_expire -= $diff;
-
-		if ($ban_expire <= time())
-			message($lang_admin_bans['Invalid date message'].' '.$lang_admin_bans['Invalid date reasons']);
-	}
-	else
-		$ban_expire = 'NULL';
-
-	$ban_user = ($ban_user != '') ? '\''.$db->escape($ban_user).'\'' : 'NULL';
-	$ban_ip = ($ban_ip != '') ? '\''.$db->escape($ban_ip).'\'' : 'NULL';
-	$ban_email = ($ban_email != '') ? '\''.$db->escape($ban_email).'\'' : 'NULL';
-	$ban_message = ($ban_message != '') ? '\''.$db->escape($ban_message).'\'' : 'NULL';
-
-	if ($_POST['mode'] == 'add')
-		$db->query('INSERT INTO '.$db->prefix.'bans (username, ip, email, message, expire, ban_creator) VALUES('.$ban_user.', '.$ban_ip.', '.$ban_email.', '.$ban_message.', '.$ban_expire.', '.$pun_user['id'].')') or error('Unable to add ban', __FILE__, __LINE__, $db->error());
-	else
-		$db->query('UPDATE '.$db->prefix.'bans SET username='.$ban_user.', ip='.$ban_ip.', email='.$ban_email.', message='.$ban_message.', expire='.$ban_expire.' WHERE id='.intval($_POST['ban_id'])) or error('Unable to update ban', __FILE__, __LINE__, $db->error());
-
-	// Regenerate the bans cache
-	if (!defined('FORUM_CACHE_FUNCTIONS_LOADED'))
-		require PUN_ROOT.'include/cache.php';
-
-	generate_bans_cache();
-
-	if ($_POST['mode'] == 'edit')
-		redirect('admin_bans.php', $lang_admin_bans['Ban edited redirect']);
-	else
-		redirect('admin_bans.php', $lang_admin_bans['Ban added redirect']);
-}
-
-// Remove a ban
-else if (isset($_GET['del_ban']))
-{
-	confirm_referrer('admin_bans.php');
-
-	$ban_id = intval($_GET['del_ban']);
-	if ($ban_id < 1)
-		message($lang_common['Bad request'], false, '404 Not Found');
-
-	$db->query('DELETE FROM '.$db->prefix.'bans WHERE id='.$ban_id) or error('Unable to delete ban', __FILE__, __LINE__, $db->error());
-
-	// Regenerate the bans cache
-	if (!defined('FORUM_CACHE_FUNCTIONS_LOADED'))
-		require PUN_ROOT.'include/cache.php';
-
-	generate_bans_cache();
-
-	redirect('admin_bans.php', $lang_admin_bans['Ban removed redirect']);
-}
-
-// Find bans
-else if (isset($_GET['find_ban']))
-{
-	$form = isset($_GET['form']) ? $_GET['form'] : array();
-
-	// trim() all elements in $form
-	$form = array_map('pun_trim', $form);
-	$conditions = $query_str = array();
-
-	$expire_after = isset($_GET['expire_after']) ? pun_trim($_GET['expire_after']) : '';
-	$expire_before = isset($_GET['expire_before']) ? pun_trim($_GET['expire_before']) : '';
-	$order_by = isset($_GET['order_by']) && in_array($_GET['order_by'], array('username', 'ip', 'email', 'expire')) ? 'b.'.$_GET['order_by'] : 'b.username';
-	$direction = isset($_GET['direction']) && $_GET['direction'] == 'DESC' ? 'DESC' : 'ASC';
-
-	$query_str[] = 'order_by='.$order_by;
-	$query_str[] = 'direction='.$direction;
-
-	// Try to convert date/time to timestamps
-	if ($expire_after != '')
-	{
-		$query_str[] = 'expire_after='.$expire_after;
-
-		$expire_after = strtotime($expire_after);
-		if ($expire_after === false || $expire_after == -1)
-			message($lang_admin_bans['Invalid date message']);
-
-		$conditions[] = 'b.expire>'.$expire_after;
-	}
-	if ($expire_before != '')
-	{
-		$query_str[] = 'expire_before='.$expire_before;
-
-		$expire_before = strtotime($expire_before);
-		if ($expire_before === false || $expire_before == -1)
-			message($lang_admin_bans['Invalid date message']);
-
-		$conditions[] = 'b.expire<'.$expire_before;
-	}
-
-	$like_command = ($db_type == 'pgsql') ? 'ILIKE' : 'LIKE';
-	foreach ($form as $key => $input)
-	{
-		if ($input != '' && in_array($key, array('username', 'ip', 'email', 'message')))
-		{
-			$conditions[] = 'b.'.$db->escape($key).' '.$like_command.' \''.$db->escape(str_replace('*', '%', $input)).'\'';
-			$query_str[] = 'form%5B'.$key.'%5D='.urlencode($input);
-		}
-	}
-
-	// Fetch ban count
-	$result = $db->query('SELECT COUNT(id) FROM '.$db->prefix.'bans as b WHERE b.id>0'.(!empty($conditions) ? ' AND '.implode(' AND ', $conditions) : '')) or error('Unable to fetch ban list', __FILE__, __LINE__, $db->error());
-	$num_bans = $db->result($result);
-
-	// Determine the ban offset (based on $_GET['p'])
-	$num_pages = ceil($num_bans / 50);
-
-	$p = (!isset($_GET['p']) || $_GET['p'] <= 1 || $_GET['p'] > $num_pages) ? 1 : intval($_GET['p']);
-	$start_from = 50 * ($p - 1);
-
-	// Generate paging links
-	$paging_links = '<span class="pages-label">'.$lang_common['Pages'].' </span>'.paginate($num_pages, $p, 'admin_bans.php?find_ban=&amp;'.implode('&amp;', $query_str));
-
-	$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_admin_common['Admin'], $lang_admin_common['Bans'], $lang_admin_bans['Results head']);
-	define('PUN_ACTIVE_PAGE', 'admin');
-	require PUN_ROOT.'header.php';
-
-?>
-<div class="linkst">
-	<div class="inbox crumbsplus">
-		<ul class="crumbs">
-			<li><a href="admin_index.php"><?php echo $lang_admin_common['Admin'].' '.$lang_admin_common['Index'] ?></a></li>
-			<li><span>»&#160;</span><a href="admin_bans.php"><?php echo $lang_admin_common['Bans'] ?></a></li>
-			<li><span>»&#160;</span><strong><?php echo $lang_admin_bans['Results head'] ?></strong></li>
-		</ul>
-		<div class="pagepost">
-			<p class="pagelink"><?php echo $paging_links ?></p>
-		</div>
-		<div class="clearer"></div>
-	</div>
-</div>
-
-
-<div id="bans1" class="blocktable">
-	<h2><span><?php echo $lang_admin_bans['Results head'] ?></span></h2>
-	<div class="box">
-		<div class="inbox">
-			<table>
-			<thead>
-				<tr>
-					<th class="tcl" scope="col"><?php echo $lang_admin_bans['Results username head'] ?></th>
-					<th class="tc2" scope="col"><?php echo $lang_admin_bans['Results e-mail head'] ?></th>
-					<th class="tc3" scope="col"><?php echo $lang_admin_bans['Results IP address head'] ?></th>
-					<th class="tc4" scope="col"><?php echo $lang_admin_bans['Results expire head'] ?></th>
-					<th class="tc5" scope="col"><?php echo $lang_admin_bans['Results message head'] ?></th>
-					<th class="tc6" scope="col"><?php echo $lang_admin_bans['Results banned by head'] ?></th>
-					<th class="tcr" scope="col"><?php echo $lang_admin_bans['Results actions head'] ?></th>
-				</tr>
-			</thead>
-			<tbody>
-<?php
-
-	$result = $db->query('SELECT b.id, b.username, b.ip, b.email, b.message, b.expire, b.ban_creator, u.username AS ban_creator_username FROM '.$db->prefix.'bans AS b LEFT JOIN '.$db->prefix.'users AS u ON b.ban_creator=u.id WHERE b.id>0'.(!empty($conditions) ? ' AND '.implode(' AND ', $conditions) : '').' ORDER BY '.$db->escape($order_by).' '.$db->escape($direction).' LIMIT '.$start_from.', 50') or error('Unable to fetch ban list', __FILE__, __LINE__, $db->error());
-	if ($db->num_rows($result))
-	{
-		while ($ban_data = $db->fetch_assoc($result))
-		{
-
-			$actions = '<a href="admin_bans.php?edit_ban='.$ban_data['id'].'">'.$lang_admin_common['Edit'].'</a> | <a href="admin_bans.php?del_ban='.$ban_data['id'].'">'.$lang_admin_common['Remove'].'</a>';
-			$expire = format_time($ban_data['expire'], true);
-
-?>
-				<tr>
-					<td class="tcl"><?php echo ($ban_data['username'] != '') ? pun_htmlspecialchars($ban_data['username']) : '&#160;' ?></td>
-					<td class="tc2"><?php echo ($ban_data['email'] != '') ? $ban_data['email'] : '&#160;' ?></td>
-					<td class="tc3"><?php echo ($ban_data['ip'] != '') ? pun_htmlspecialchars($ban_data['ip']) : '&#160;' ?></td>
-					<td class="tc4"><?php echo $expire ?></td>
-					<td class="tc5"><?php echo ($ban_data['message'] != '') ? pun_htmlspecialchars($ban_data['message']) : '&#160;' ?></td>
-					<td class="tc6"><?php echo ($ban_data['ban_creator_username'] != '') ? '<a href="profile.php?id='.$ban_data['ban_creator'].'">'.pun_htmlspecialchars($ban_data['ban_creator_username']).'</a>' : $lang_admin_bans['Unknown'] ?></td>
-					<td class="tcr"><?php echo $actions ?></td>
-				</tr>
-<?php
-
-		}
-	}
-	else
-		echo "\t\t\t\t".'<tr><td class="tcl" colspan="7">'.$lang_admin_bans['No match'].'</td></tr>'."\n";
-
-?>
-			</tbody>
-			</table>
-		</div>
-	</div>
-</div>
-
-<div class="linksb">
-	<div class="inbox crumbsplus">
-		<div class="pagepost">
-			<p class="pagelink"><?php echo $paging_links ?></p>
-		</div>
-		<ul class="crumbs">
-			<li><a href="admin_index.php"><?php echo $lang_admin_common['Admin'].' '.$lang_admin_common['Index'] ?></a></li>
-			<li><span>»&#160;</span><a href="admin_bans.php"><?php echo $lang_admin_common['Bans'] ?></a></li>
-			<li><span>»&#160;</span><strong><?php echo $lang_admin_bans['Results head'] ?></strong></li>
-		</ul>
-		<div class="clearer"></div>
-	</div>
-</div>
-<?php
-
-	require PUN_ROOT.'footer.php';
-}
-
-$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_admin_common['Admin'], $lang_admin_common['Bans']);
-$focus_element = array('bans', 'new_ban_user');
-define('PUN_ACTIVE_PAGE', 'admin');
-require PUN_ROOT.'header.php';
-
-generate_admin_menu('bans');
-
-?>
-	<div class="blockform">
-		<h2><span><?php echo $lang_admin_bans['New ban head'] ?></span></h2>
-		<div class="box">
-			<form id="bans" method="post" action="admin_bans.php?action=more">
-				<div class="inform">
-					<fieldset>
-						<legend><?php echo $lang_admin_bans['Add ban subhead'] ?></legend>
-						<div class="infldset">
-							<table class="aligntop">
-								<tr>
-									<th scope="row"><?php echo $lang_admin_bans['Username label'] ?><div><input type="submit" name="add_ban" value="<?php echo $lang_admin_common['Add'] ?>" tabindex="2" /></div></th>
-									<td>
-										<input type="text" name="new_ban_user" size="25" maxlength="25" tabindex="1" />
-										<span><?php echo $lang_admin_bans['Username advanced help'] ?></span>
-									</td>
-								</tr>
-							</table>
-						</div>
-					</fieldset>
-				</div>
-			</form>
-		</div>
-
-		<h2 class="block2"><span><?php echo $lang_admin_bans['Ban search head'] ?></span></h2>
-		<div class="box">
-			<form id="find_bans" method="get" action="admin_bans.php">
-				<p class="submittop"><input type="submit" name="find_ban" value="<?php echo $lang_admin_bans['Submit search'] ?>" tabindex="3" /></p>
-				<div class="inform">
-					<fieldset>
-						<legend><?php echo $lang_admin_bans['Ban search subhead'] ?></legend>
-						<div class="infldset">
-							<p><?php echo $lang_admin_bans['Ban search info'] ?></p>
-							<table class="aligntop">
-								<tr>
-									<th scope="row"><?php echo $lang_admin_bans['Username label'] ?></th>
-									<td><input type="text" name="form[username]" size="25" maxlength="25" tabindex="4" /></td>
-								</tr>
-								<tr>
-									<th scope="row"><?php echo $lang_admin_bans['IP label'] ?></th>
-									<td><input type="text" name="form[ip]" size="30" maxlength="255" tabindex="5" /></td>
-								</tr>
-								<tr>
-									<th scope="row"><?php echo $lang_admin_bans['E-mail label'] ?></th>
-									<td><input type="text" name="form[email]" size="30" maxlength="80" tabindex="6" /></td>
-								</tr>
-								<tr>
-									<th scope="row"><?php echo $lang_admin_bans['Message label'] ?></th>
-									<td><input type="text" name="form[message]" size="30" maxlength="255" tabindex="7" /></td>
-								</tr>
-								<tr>
-									<th scope="row"><?php echo $lang_admin_bans['Expire after label'] ?></th>
-									<td><input type="text" name="expire_after" size="10" maxlength="10" tabindex="8" />
-									<span><?php echo $lang_admin_bans['Date help'] ?></span></td>
-								</tr>
-								<tr>
-									<th scope="row"><?php echo $lang_admin_bans['Expire before label'] ?></th>
-									<td><input type="text" name="expire_before" size="10" maxlength="10" tabindex="9" />
-									<span><?php echo $lang_admin_bans['Date help'] ?></span></td>
-								</tr>
-								<tr>
-									<th scope="row"><?php echo $lang_admin_bans['Order by label'] ?></th>
-									<td>
-										<select name="order_by" tabindex="10">
-											<option value="username" selected="selected"><?php echo $lang_admin_bans['Order by username'] ?></option>
-											<option value="ip"><?php echo $lang_admin_bans['Order by ip'] ?></option>
-											<option value="email"><?php echo $lang_admin_bans['Order by e-mail'] ?></option>
-											<option value="expire"><?php echo $lang_admin_bans['Order by expire'] ?></option>
-										</select>&#160;&#160;&#160;<select name="direction" tabindex="11">
-											<option value="ASC" selected="selected"><?php echo $lang_admin_bans['Ascending'] ?></option>
-											<option value="DESC"><?php echo $lang_admin_bans['Descending'] ?></option>
-										</select>
-									</td>
-								</tr>
-							</table>
-						</div>
-					</fieldset>
-				</div>
-				<p class="submitend"><input type="submit" name="find_ban" value="<?php echo $lang_admin_bans['Submit search'] ?>" tabindex="12" /></p>
-			</form>
-		</div>
-	</div>
-	<div class="clearer"></div>
-</div>
-<?php
-
-require PUN_ROOT.'footer.php';
+<?php
+
+/**
+ * Copyright (C) 2008-2012 FluxBB
+ * based on code by Rickard Andersson copyright (C) 2002-2008 PunBB
+ * License: http://www.gnu.org/licenses/gpl.html GPL version 2 or higher
+ */
+
+// Tell header.php to use the admin template
+define('PUN_ADMIN_CONSOLE', 1);
+
+define('PUN_ROOT', dirname(__FILE__).'/');
+require PUN_ROOT.'include/common.php';
+require PUN_ROOT.'include/common_admin.php';
+
+
+if ($pun_user['g_id'] != PUN_ADMIN && ($pun_user['g_moderator'] != '1' || $pun_user['g_mod_ban_users'] == '0'))
+	message($lang_common['No permission'], false, '403 Forbidden');
+
+// Load the admin_bans.php language file
+require PUN_ROOT.'lang/'.$admin_language.'/admin_bans.php';
+
+// Add/edit a ban (stage 1)
+if (isset($_REQUEST['add_ban']) || isset($_GET['edit_ban']))
+{
+	if (isset($_GET['add_ban']) || isset($_POST['add_ban']))
+	{
+		// If the ID of the user to ban was provided through GET (a link from profile.php)
+		if (isset($_GET['add_ban']))
+		{
+			$user_id = intval($_GET['add_ban']);
+			if ($user_id < 2)
+				message($lang_common['Bad request'], false, '404 Not Found');
+
+			$result = $db->query('SELECT group_id, username, email FROM '.$db->prefix.'users WHERE id='.$user_id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
+			if ($db->num_rows($result))
+				list($group_id, $ban_user, $ban_email) = $db->fetch_row($result);
+			else
+				message($lang_admin_bans['No user ID message']);
+		}
+		else // Otherwise the username is in POST
+		{
+			$ban_user = pun_trim($_POST['new_ban_user']);
+
+			if ($ban_user != '')
+			{
+				$result = $db->query('SELECT id, group_id, username, email FROM '.$db->prefix.'users WHERE username=\''.$db->escape($ban_user).'\' AND id>1') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
+				if ($db->num_rows($result))
+					list($user_id, $group_id, $ban_user, $ban_email) = $db->fetch_row($result);
+				else
+					message($lang_admin_bans['No user message']);
+			}
+		}
+
+		// Make sure we're not banning an admin or moderator
+		if (isset($group_id))
+		{
+			if ($group_id == PUN_ADMIN)
+				message(sprintf($lang_admin_bans['User is admin message'], pun_htmlspecialchars($ban_user)));
+
+			$result = $db->query('SELECT g_moderator FROM '.$db->prefix.'groups WHERE g_id='.$group_id) or error('Unable to fetch group info', __FILE__, __LINE__, $db->error());
+			$is_moderator_group = $db->result($result);
+
+			if ($is_moderator_group)
+				message(sprintf($lang_admin_bans['User is mod message'], pun_htmlspecialchars($ban_user)));
+		}
+
+		// If we have a $user_id, we can try to find the last known IP of that user
+		if (isset($user_id))
+		{
+			$result = $db->query('SELECT poster_ip FROM '.$db->prefix.'posts WHERE poster_id='.$user_id.' ORDER BY posted DESC LIMIT 1') or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
+			$ban_ip = ($db->num_rows($result)) ? $db->result($result) : '';
+
+			if ($ban_ip == '')
+			{
+				$result = $db->query('SELECT registration_ip FROM '.$db->prefix.'users WHERE id='.$user_id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
+				$ban_ip = ($db->num_rows($result)) ? $db->result($result) : '';
+			}
+		}
+
+		$mode = 'add';
+	}
+	else // We are editing a ban
+	{
+		$ban_id = intval($_GET['edit_ban']);
+		if ($ban_id < 1)
+			message($lang_common['Bad request'], false, '404 Not Found');
+
+		$result = $db->query('SELECT username, ip, email, message, expire FROM '.$db->prefix.'bans WHERE id='.$ban_id) or error('Unable to fetch ban info', __FILE__, __LINE__, $db->error());
+		if ($db->num_rows($result))
+			list($ban_user, $ban_ip, $ban_email, $ban_message, $ban_expire) = $db->fetch_row($result);
+		else
+			message($lang_common['Bad request'], false, '404 Not Found');
+
+		$diff = ($pun_user['timezone'] + $pun_user['dst']) * 3600;
+		$ban_expire = ($ban_expire != '') ? gmdate('Y-m-d', $ban_expire + $diff) : '';
+
+		$mode = 'edit';
+	}
+
+	$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_admin_common['Admin'], $lang_admin_common['Bans']);
+	$focus_element = array('bans2', 'ban_user');
+	define('PUN_ACTIVE_PAGE', 'admin');
+	require PUN_ROOT.'header.php';
+
+	generate_admin_menu('bans');
+
+?>
+	<div class="blockform">
+		<h2><span><?php echo $lang_admin_bans['Ban advanced head'] ?></span></h2>
+		<div class="box">
+			<form id="bans2" method="post" action="admin_bans.php">
+				<div class="inform">
+				<input type="hidden" name="mode" value="<?php echo $mode ?>" />
+<?php if ($mode == 'edit'): ?>				<input type="hidden" name="ban_id" value="<?php echo $ban_id ?>" />
+<?php endif; ?>				<fieldset>
+						<legend><?php echo $lang_admin_bans['Ban advanced subhead'] ?></legend>
+						<div class="infldset">
+							<table class="aligntop">
+								<tr>
+									<th scope="row"><?php echo $lang_admin_bans['Username label'] ?></th>
+									<td>
+										<input type="text" name="ban_user" size="25" maxlength="25" value="<?php if (isset($ban_user)) echo pun_htmlspecialchars($ban_user); ?>" tabindex="1" />
+										<span><?php echo $lang_admin_bans['Username help'] ?></span>
+									</td>
+								</tr>
+								<tr>
+									<th scope="row"><?php echo $lang_admin_bans['IP label'] ?></th>
+									<td>
+										<input type="text" name="ban_ip" size="45" maxlength="255" value="<?php if (isset($ban_ip)) echo pun_htmlspecialchars($ban_ip); ?>" tabindex="2" />
+										<span><?php echo $lang_admin_bans['IP help'] ?><?php if ($ban_user != '' && isset($user_id)) printf(' '.$lang_admin_bans['IP help link'], '<a href="admin_users.php?ip_stats='.$user_id.'">'.$lang_admin_common['here'].'</a>') ?></span>
+									</td>
+								</tr>
+								<tr>
+									<th scope="row"><?php echo $lang_admin_bans['E-mail label'] ?></th>
+									<td>
+										<input type="text" name="ban_email" size="40" maxlength="80" value="<?php if (isset($ban_email)) echo pun_htmlspecialchars($ban_email); ?>" tabindex="3" />
+										<span><?php echo $lang_admin_bans['E-mail help'] ?></span>
+									</td>
+								</tr>
+							</table>
+							<p class="topspace"><strong class="warntext"><?php echo $lang_admin_bans['Ban IP range info'] ?></strong></p>
+						</div>
+					</fieldset>
+				</div>
+				<div class="inform">
+					<fieldset>
+						<legend><?php echo $lang_admin_bans['Message expiry subhead'] ?></legend>
+						<div class="infldset">
+							<table class="aligntop">
+								<tr>
+									<th scope="row"><?php echo $lang_admin_bans['Ban message label'] ?></th>
+									<td>
+										<input type="text" name="ban_message" size="50" maxlength="255" value="<?php if (isset($ban_message)) echo pun_htmlspecialchars($ban_message); ?>" tabindex="4" />
+										<span><?php echo $lang_admin_bans['Ban message help'] ?></span>
+									</td>
+								</tr>
+								<tr>
+									<th scope="row"><?php echo $lang_admin_bans['Expire date label'] ?></th>
+									<td>
+										<input type="text" name="ban_expire" size="17" maxlength="10" value="<?php if (isset($ban_expire)) echo $ban_expire; ?>" tabindex="5" />
+										<span><?php echo $lang_admin_bans['Expire date help'] ?></span>
+									</td>
+								</tr>
+							</table>
+						</div>
+					</fieldset>
+				</div>
+				<p class="submitend"><input type="submit" name="add_edit_ban" value="<?php echo $lang_admin_common['Save'] ?>" tabindex="6" /></p>
+			</form>
+		</div>
+	</div>
+	<div class="clearer"></div>
+</div>
+<?php
+
+	require PUN_ROOT.'footer.php';
+}
+
+// Add/edit a ban (stage 2)
+else if (isset($_POST['add_edit_ban']))
+{
+	confirm_referrer('admin_bans.php');
+
+	$ban_user = pun_trim($_POST['ban_user']);
+	$ban_ip = pun_trim($_POST['ban_ip']);
+	$ban_email = strtolower(pun_trim($_POST['ban_email']));
+	$ban_message = pun_trim($_POST['ban_message']);
+	$ban_expire = pun_trim($_POST['ban_expire']);
+
+	if ($ban_user == '' && $ban_ip == '' && $ban_email == '')
+		message($lang_admin_bans['Must enter message']);
+	else if (strtolower($ban_user) == 'guest')
+		message($lang_admin_bans['Cannot ban guest message']);
+
+	// Make sure we're not banning an admin or moderator
+	if (!empty($ban_user))
+	{
+		$result = $db->query('SELECT group_id FROM '.$db->prefix.'users WHERE username=\''.$db->escape($ban_user).'\' AND id>1') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
+		if ($db->num_rows($result))
+		{
+			$group_id = $db->result($result);
+
+			if ($group_id == PUN_ADMIN)
+				message(sprintf($lang_admin_bans['User is admin message'], pun_htmlspecialchars($ban_user)));
+
+			$result = $db->query('SELECT g_moderator FROM '.$db->prefix.'groups WHERE g_id='.$group_id) or error('Unable to fetch group info', __FILE__, __LINE__, $db->error());
+			$is_moderator_group = $db->result($result);
+
+			if ($is_moderator_group)
+				message(sprintf($lang_admin_bans['User is mod message'], pun_htmlspecialchars($ban_user)));
+		}
+	}
+
+	// Validate IP/IP range (it's overkill, I know)
+	if ($ban_ip != '')
+	{
+		$ban_ip = preg_replace('%\s{2,}%S', ' ', $ban_ip);
+		$addresses = explode(' ', $ban_ip);
+		$addresses = array_map('pun_trim', $addresses);
+
+		for ($i = 0; $i < count($addresses); ++$i)
+		{
+			if (strpos($addresses[$i], ':') !== false)
+			{
+				$octets = explode(':', $addresses[$i]);
+
+				for ($c = 0; $c < count($octets); ++$c)
+				{
+					$octets[$c] = ltrim($octets[$c], "0");
+
+					if ($c > 7 || (!empty($octets[$c]) && !ctype_xdigit($octets[$c])) || intval($octets[$c], 16) > 65535)
+						message($lang_admin_bans['Invalid IP message']);
+				}
+
+				$cur_address = implode(':', $octets);
+				$addresses[$i] = $cur_address;
+			}
+			else
+			{
+				$octets = explode('.', $addresses[$i]);
+
+				for ($c = 0; $c < count($octets); ++$c)
+				{
+					$octets[$c] = (strlen($octets[$c]) > 1) ? ltrim($octets[$c], "0") : $octets[$c];
+
+					if ($c > 3 || preg_match('%[^0-9]%', $octets[$c]) || intval($octets[$c]) > 255)
+						message($lang_admin_bans['Invalid IP message']);
+				}
+
+				$cur_address = implode('.', $octets);
+				$addresses[$i] = $cur_address;
+			}
+		}
+
+		$ban_ip = implode(' ', $addresses);
+	}
+
+	require PUN_ROOT.'include/email.php';
+	if ($ban_email != '' && !is_valid_email($ban_email))
+	{
+		if (!preg_match('%^[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,63})$%', $ban_email))
+			message($lang_admin_bans['Invalid e-mail message']);
+	}
+
+	if ($ban_expire != '' && $ban_expire != 'Never')
+	{
+		$ban_expire = strtotime($ban_expire.' GMT');
+
+		if ($ban_expire == -1 || !$ban_expire)
+			message($lang_admin_bans['Invalid date message'].' '.$lang_admin_bans['Invalid date reasons']);
+
+		$diff = ($pun_user['timezone'] + $pun_user['dst']) * 3600;
+		$ban_expire -= $diff;
+
+		if ($ban_expire <= time())
+			message($lang_admin_bans['Invalid date message'].' '.$lang_admin_bans['Invalid date reasons']);
+	}
+	else
+		$ban_expire = 'NULL';
+
+	$ban_user = ($ban_user != '') ? '\''.$db->escape($ban_user).'\'' : 'NULL';
+	$ban_ip = ($ban_ip != '') ? '\''.$db->escape($ban_ip).'\'' : 'NULL';
+	$ban_email = ($ban_email != '') ? '\''.$db->escape($ban_email).'\'' : 'NULL';
+	$ban_message = ($ban_message != '') ? '\''.$db->escape($ban_message).'\'' : 'NULL';
+
+	if ($_POST['mode'] == 'add')
+		$db->query('INSERT INTO '.$db->prefix.'bans (username, ip, email, message, expire, ban_creator) VALUES('.$ban_user.', '.$ban_ip.', '.$ban_email.', '.$ban_message.', '.$ban_expire.', '.$pun_user['id'].')') or error('Unable to add ban', __FILE__, __LINE__, $db->error());
+	else
+		$db->query('UPDATE '.$db->prefix.'bans SET username='.$ban_user.', ip='.$ban_ip.', email='.$ban_email.', message='.$ban_message.', expire='.$ban_expire.' WHERE id='.intval($_POST['ban_id'])) or error('Unable to update ban', __FILE__, __LINE__, $db->error());
+
+	// Regenerate the bans cache
+	if (!defined('FORUM_CACHE_FUNCTIONS_LOADED'))
+		require PUN_ROOT.'include/cache.php';
+
+	generate_bans_cache();
+
+	if ($_POST['mode'] == 'edit')
+		redirect('admin_bans.php', $lang_admin_bans['Ban edited redirect']);
+	else
+		redirect('admin_bans.php', $lang_admin_bans['Ban added redirect']);
+}
+
+// Remove a ban
+else if (isset($_GET['del_ban']))
+{
+	confirm_referrer('admin_bans.php');
+
+	$ban_id = intval($_GET['del_ban']);
+	if ($ban_id < 1)
+		message($lang_common['Bad request'], false, '404 Not Found');
+
+	$db->query('DELETE FROM '.$db->prefix.'bans WHERE id='.$ban_id) or error('Unable to delete ban', __FILE__, __LINE__, $db->error());
+
+	// Regenerate the bans cache
+	if (!defined('FORUM_CACHE_FUNCTIONS_LOADED'))
+		require PUN_ROOT.'include/cache.php';
+
+	generate_bans_cache();
+
+	redirect('admin_bans.php', $lang_admin_bans['Ban removed redirect']);
+}
+
+// Find bans
+else if (isset($_GET['find_ban']))
+{
+	$form = isset($_GET['form']) ? $_GET['form'] : array();
+
+	// trim() all elements in $form
+	$form = array_map('pun_trim', $form);
+	$conditions = $query_str = array();
+
+	$expire_after = isset($_GET['expire_after']) ? pun_trim($_GET['expire_after']) : '';
+	$expire_before = isset($_GET['expire_before']) ? pun_trim($_GET['expire_before']) : '';
+	$order_by = isset($_GET['order_by']) && in_array($_GET['order_by'], array('username', 'ip', 'email', 'expire')) ? 'b.'.$_GET['order_by'] : 'b.username';
+	$direction = isset($_GET['direction']) && $_GET['direction'] == 'DESC' ? 'DESC' : 'ASC';
+
+	$query_str[] = 'order_by='.$order_by;
+	$query_str[] = 'direction='.$direction;
+
+	// Try to convert date/time to timestamps
+	if ($expire_after != '')
+	{
+		$query_str[] = 'expire_after='.$expire_after;
+
+		$expire_after = strtotime($expire_after);
+		if ($expire_after === false || $expire_after == -1)
+			message($lang_admin_bans['Invalid date message']);
+
+		$conditions[] = 'b.expire>'.$expire_after;
+	}
+	if ($expire_before != '')
+	{
+		$query_str[] = 'expire_before='.$expire_before;
+
+		$expire_before = strtotime($expire_before);
+		if ($expire_before === false || $expire_before == -1)
+			message($lang_admin_bans['Invalid date message']);
+
+		$conditions[] = 'b.expire<'.$expire_before;
+	}
+
+	$like_command = ($db_type == 'pgsql') ? 'ILIKE' : 'LIKE';
+	foreach ($form as $key => $input)
+	{
+		if ($input != '' && in_array($key, array('username', 'ip', 'email', 'message')))
+		{
+			$conditions[] = 'b.'.$db->escape($key).' '.$like_command.' \''.$db->escape(str_replace('*', '%', $input)).'\'';
+			$query_str[] = 'form%5B'.$key.'%5D='.urlencode($input);
+		}
+	}
+
+	// Fetch ban count
+	$result = $db->query('SELECT COUNT(id) FROM '.$db->prefix.'bans as b WHERE b.id>0'.(!empty($conditions) ? ' AND '.implode(' AND ', $conditions) : '')) or error('Unable to fetch ban list', __FILE__, __LINE__, $db->error());
+	$num_bans = $db->result($result);
+
+	// Determine the ban offset (based on $_GET['p'])
+	$num_pages = ceil($num_bans / 50);
+
+	$p = (!isset($_GET['p']) || $_GET['p'] <= 1 || $_GET['p'] > $num_pages) ? 1 : intval($_GET['p']);
+	$start_from = 50 * ($p - 1);
+
+	// Generate paging links
+	$paging_links = '<span class="pages-label">'.$lang_common['Pages'].' </span>'.paginate($num_pages, $p, 'admin_bans.php?find_ban=&amp;'.implode('&amp;', $query_str));
+
+	$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_admin_common['Admin'], $lang_admin_common['Bans'], $lang_admin_bans['Results head']);
+	define('PUN_ACTIVE_PAGE', 'admin');
+	require PUN_ROOT.'header.php';
+
+?>
+<div class="linkst">
+	<div class="inbox crumbsplus">
+		<ul class="crumbs">
+			<li><a href="admin_index.php"><?php echo $lang_admin_common['Admin'].' '.$lang_admin_common['Index'] ?></a></li>
+			<li><span>»&#160;</span><a href="admin_bans.php"><?php echo $lang_admin_common['Bans'] ?></a></li>
+			<li><span>»&#160;</span><strong><?php echo $lang_admin_bans['Results head'] ?></strong></li>
+		</ul>
+		<div class="pagepost">
+			<p class="pagelink"><?php echo $paging_links ?></p>
+		</div>
+		<div class="clearer"></div>
+	</div>
+</div>
+
+
+<div id="bans1" class="blocktable">
+	<h2><span><?php echo $lang_admin_bans['Results head'] ?></span></h2>
+	<div class="box">
+		<div class="inbox">
+			<table>
+			<thead>
+				<tr>
+					<th class="tcl" scope="col"><?php echo $lang_admin_bans['Results username head'] ?></th>
+					<th class="tc2" scope="col"><?php echo $lang_admin_bans['Results e-mail head'] ?></th>
+					<th class="tc3" scope="col"><?php echo $lang_admin_bans['Results IP address head'] ?></th>
+					<th class="tc4" scope="col"><?php echo $lang_admin_bans['Results expire head'] ?></th>
+					<th class="tc5" scope="col"><?php echo $lang_admin_bans['Results message head'] ?></th>
+					<th class="tc6" scope="col"><?php echo $lang_admin_bans['Results banned by head'] ?></th>
+					<th class="tcr" scope="col"><?php echo $lang_admin_bans['Results actions head'] ?></th>
+				</tr>
+			</thead>
+			<tbody>
+<?php
+
+	$result = $db->query('SELECT b.id, b.username, b.ip, b.email, b.message, b.expire, b.ban_creator, u.username AS ban_creator_username FROM '.$db->prefix.'bans AS b LEFT JOIN '.$db->prefix.'users AS u ON b.ban_creator=u.id WHERE b.id>0'.(!empty($conditions) ? ' AND '.implode(' AND ', $conditions) : '').' ORDER BY '.$db->escape($order_by).' '.$db->escape($direction).' LIMIT '.$start_from.', 50') or error('Unable to fetch ban list', __FILE__, __LINE__, $db->error());
+	if ($db->num_rows($result))
+	{
+		while ($ban_data = $db->fetch_assoc($result))
+		{
+
+			$actions = '<a href="admin_bans.php?edit_ban='.$ban_data['id'].'">'.$lang_admin_common['Edit'].'</a> | <a href="admin_bans.php?del_ban='.$ban_data['id'].'">'.$lang_admin_common['Remove'].'</a>';
+			$expire = format_time($ban_data['expire'], true);
+
+?>
+				<tr>
+					<td class="tcl"><?php echo ($ban_data['username'] != '') ? pun_htmlspecialchars($ban_data['username']) : '&#160;' ?></td>
+					<td class="tc2"><?php echo ($ban_data['email'] != '') ? pun_htmlspecialchars($ban_data['email']) : '&#160;' ?></td>
+					<td class="tc3"><?php echo ($ban_data['ip'] != '') ? pun_htmlspecialchars($ban_data['ip']) : '&#160;' ?></td>
+					<td class="tc4"><?php echo $expire ?></td>
+					<td class="tc5"><?php echo ($ban_data['message'] != '') ? pun_htmlspecialchars($ban_data['message']) : '&#160;' ?></td>
+					<td class="tc6"><?php echo ($ban_data['ban_creator_username'] != '') ? '<a href="profile.php?id='.$ban_data['ban_creator'].'">'.pun_htmlspecialchars($ban_data['ban_creator_username']).'</a>' : $lang_admin_bans['Unknown'] ?></td>
+					<td class="tcr"><?php echo $actions ?></td>
+				</tr>
+<?php
+
+		}
+	}
+	else
+		echo "\t\t\t\t".'<tr><td class="tcl" colspan="7">'.$lang_admin_bans['No match'].'</td></tr>'."\n";
+
+?>
+			</tbody>
+			</table>
+		</div>
+	</div>
+</div>
+
+<div class="linksb">
+	<div class="inbox crumbsplus">
+		<div class="pagepost">
+			<p class="pagelink"><?php echo $paging_links ?></p>
+		</div>
+		<ul class="crumbs">
+			<li><a href="admin_index.php"><?php echo $lang_admin_common['Admin'].' '.$lang_admin_common['Index'] ?></a></li>
+			<li><span>»&#160;</span><a href="admin_bans.php"><?php echo $lang_admin_common['Bans'] ?></a></li>
+			<li><span>»&#160;</span><strong><?php echo $lang_admin_bans['Results head'] ?></strong></li>
+		</ul>
+		<div class="clearer"></div>
+	</div>
+</div>
+<?php
+
+	require PUN_ROOT.'footer.php';
+}
+
+$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_admin_common['Admin'], $lang_admin_common['Bans']);
+$focus_element = array('bans', 'new_ban_user');
+define('PUN_ACTIVE_PAGE', 'admin');
+require PUN_ROOT.'header.php';
+
+generate_admin_menu('bans');
+
+?>
+	<div class="blockform">
+		<h2><span><?php echo $lang_admin_bans['New ban head'] ?></span></h2>
+		<div class="box">
+			<form id="bans" method="post" action="admin_bans.php?action=more">
+				<div class="inform">
+					<fieldset>
+						<legend><?php echo $lang_admin_bans['Add ban subhead'] ?></legend>
+						<div class="infldset">
+							<table class="aligntop">
+								<tr>
+									<th scope="row"><?php echo $lang_admin_bans['Username label'] ?><div><input type="submit" name="add_ban" value="<?php echo $lang_admin_common['Add'] ?>" tabindex="2" /></div></th>
+									<td>
+										<input type="text" name="new_ban_user" size="25" maxlength="25" tabindex="1" />
+										<span><?php echo $lang_admin_bans['Username advanced help'] ?></span>
+									</td>
+								</tr>
+							</table>
+						</div>
+					</fieldset>
+				</div>
+			</form>
+		</div>
+
+		<h2 class="block2"><span><?php echo $lang_admin_bans['Ban search head'] ?></span></h2>
+		<div class="box">
+			<form id="find_bans" method="get" action="admin_bans.php">
+				<p class="submittop"><input type="submit" name="find_ban" value="<?php echo $lang_admin_bans['Submit search'] ?>" tabindex="3" /></p>
+				<div class="inform">
+					<fieldset>
+						<legend><?php echo $lang_admin_bans['Ban search subhead'] ?></legend>
+						<div class="infldset">
+							<p><?php echo $lang_admin_bans['Ban search info'] ?></p>
+							<table class="aligntop">
+								<tr>
+									<th scope="row"><?php echo $lang_admin_bans['Username label'] ?></th>
+									<td><input type="text" name="form[username]" size="25" maxlength="25" tabindex="4" /></td>
+								</tr>
+								<tr>
+									<th scope="row"><?php echo $lang_admin_bans['IP label'] ?></th>
+									<td><input type="text" name="form[ip]" size="30" maxlength="255" tabindex="5" /></td>
+								</tr>
+								<tr>
+									<th scope="row"><?php echo $lang_admin_bans['E-mail label'] ?></th>
+									<td><input type="text" name="form[email]" size="30" maxlength="80" tabindex="6" /></td>
+								</tr>
+								<tr>
+									<th scope="row"><?php echo $lang_admin_bans['Message label'] ?></th>
+									<td><input type="text" name="form[message]" size="30" maxlength="255" tabindex="7" /></td>
+								</tr>
+								<tr>
+									<th scope="row"><?php echo $lang_admin_bans['Expire after label'] ?></th>
+									<td><input type="text" name="expire_after" size="10" maxlength="10" tabindex="8" />
+									<span><?php echo $lang_admin_bans['Date help'] ?></span></td>
+								</tr>
+								<tr>
+									<th scope="row"><?php echo $lang_admin_bans['Expire before label'] ?></th>
+									<td><input type="text" name="expire_before" size="10" maxlength="10" tabindex="9" />
+									<span><?php echo $lang_admin_bans['Date help'] ?></span></td>
+								</tr>
+								<tr>
+									<th scope="row"><?php echo $lang_admin_bans['Order by label'] ?></th>
+									<td>
+										<select name="order_by" tabindex="10">
+											<option value="username" selected="selected"><?php echo $lang_admin_bans['Order by username'] ?></option>
+											<option value="ip"><?php echo $lang_admin_bans['Order by ip'] ?></option>
+											<option value="email"><?php echo $lang_admin_bans['Order by e-mail'] ?></option>
+											<option value="expire"><?php echo $lang_admin_bans['Order by expire'] ?></option>
+										</select>&#160;&#160;&#160;<select name="direction" tabindex="11">
+											<option value="ASC" selected="selected"><?php echo $lang_admin_bans['Ascending'] ?></option>
+											<option value="DESC"><?php echo $lang_admin_bans['Descending'] ?></option>
+										</select>
+									</td>
+								</tr>
+							</table>
+						</div>
+					</fieldset>
+				</div>
+				<p class="submitend"><input type="submit" name="find_ban" value="<?php echo $lang_admin_bans['Submit search'] ?>" tabindex="12" /></p>
+			</form>
+		</div>
+	</div>
+	<div class="clearer"></div>
+</div>
+<?php
+
+require PUN_ROOT.'footer.php';
diff --git a/admin_options.php b/admin_options.php
index a7451373c..d4cd63d6c 100644
--- a/admin_options.php
+++ b/admin_options.php
@@ -705,14 +705,14 @@
 								<tr>
 									<th scope="row"><?php echo $lang_admin_options['Admin e-mail label'] ?></th>
 									<td>
-										<input type="text" name="form[admin_email]" size="50" maxlength="80" value="<?php echo $pun_config['o_admin_email'] ?>" />
+										<input type="text" name="form[admin_email]" size="50" maxlength="80" value="<?php echo pun_htmlspecialchars($pun_config['o_admin_email']) ?>" />
 										<span><?php echo $lang_admin_options['Admin e-mail help'] ?></span>
 									</td>
 								</tr>
 								<tr>
 									<th scope="row"><?php echo $lang_admin_options['Webmaster e-mail label'] ?></th>
 									<td>
-										<input type="text" name="form[webmaster_email]" size="50" maxlength="80" value="<?php echo $pun_config['o_webmaster_email'] ?>" />
+										<input type="text" name="form[webmaster_email]" size="50" maxlength="80" value="<?php echo pun_htmlspecialchars($pun_config['o_webmaster_email']) ?>" />
 										<span><?php echo $lang_admin_options['Webmaster e-mail help'] ?></span>
 									</td>
 								</tr>
diff --git a/db_update.php b/db_update.php
index 0aeaa6a8a..ea59a78d6 100644
--- a/db_update.php
+++ b/db_update.php
@@ -7,7 +7,7 @@
  */
 
 // The FluxBB version this script updates to
-define('UPDATE_TO', '1.5.6');
+define('UPDATE_TO', '1.5.7');
 
 define('UPDATE_TO_DB_REVISION', 21);
 define('UPDATE_TO_SI_REVISION', 2);
diff --git a/include/common.php b/include/common.php
index 5f99ed0be..5c8d8215b 100644
--- a/include/common.php
+++ b/include/common.php
@@ -10,7 +10,7 @@
 	exit('The constant PUN_ROOT must be defined and point to a valid FluxBB installation root directory.');
 
 // Define the version and database revision that this code was written for
-define('FORUM_VERSION', '1.5.6');
+define('FORUM_VERSION', '1.5.7');
 
 define('FORUM_DB_REVISION', 21);
 define('FORUM_SI_REVISION', 2);
diff --git a/include/functions.php b/include/functions.php
index 8f74d88e7..c6a46fafc 100644
--- a/include/functions.php
+++ b/include/functions.php
@@ -1075,6 +1075,38 @@ function confirm_referrer($scripts, $error_msg = false)
 }
 
 
+//
+// Validate the given redirect URL, use the fallback otherwise
+//
+function validate_redirect($redirect_url, $fallback_url)
+{
+	$referrer = parse_url(strtolower($redirect_url));
+	
+	// Remove www subdomain if it exists
+	if (strpos($referrer['host'], 'www.') === 0)
+		$referrer['host'] = substr($referrer['host'], 4);
+
+	// Make sure the path component exists
+	if (!isset($referrer['path']))
+		$referrer['path'] = '';
+
+	$valid = parse_url(strtolower(get_base_url()));
+
+	// Remove www subdomain if it exists
+	if (strpos($valid['host'], 'www.') === 0)
+		$valid['host'] = substr($valid['host'], 4);
+
+	// Make sure the path component exists
+	if (!isset($valid['path']))
+		$valid['path'] = '';
+
+	if ($referrer['host'] == $valid['host'] && preg_match('%^'.preg_quote($valid['path'], '%').'/(.*?)\.php%i', $referrer['path']))
+		return $redirect_url;
+	else
+		return $fallback_url;
+}
+
+
 //
 // Generate a random password of length $len
 // Compatibility wrapper for random_key
diff --git a/install.php b/install.php
index 0a5ad98a2..6e4bb421f 100644
--- a/install.php
+++ b/install.php
@@ -7,7 +7,7 @@
  */
 
 // The FluxBB version this script installs
-define('FORUM_VERSION', '1.5.6');
+define('FORUM_VERSION', '1.5.7');
 
 define('FORUM_DB_REVISION', 21);
 define('FORUM_SI_REVISION', 2);
diff --git a/login.php b/login.php
index 8a2894b6d..2c8193787 100644
--- a/login.php
+++ b/login.php
@@ -1,304 +1,286 @@
-<?php
-
-/**
- * Copyright (C) 2008-2012 FluxBB
- * based on code by Rickard Andersson copyright (C) 2002-2008 PunBB
- * License: http://www.gnu.org/licenses/gpl.html GPL version 2 or higher
- */
-
-if (isset($_GET['action']))
-	define('PUN_QUIET_VISIT', 1);
-
-define('PUN_ROOT', dirname(__FILE__).'/');
-require PUN_ROOT.'include/common.php';
-
-
-// Load the login.php language file
-require PUN_ROOT.'lang/'.$pun_user['language'].'/login.php';
-
-$action = isset($_GET['action']) ? $_GET['action'] : null;
-
-if (isset($_POST['form_sent']) && $action == 'in')
-{
-	$form_username = pun_trim($_POST['req_username']);
-	$form_password = pun_trim($_POST['req_password']);
-	$save_pass = isset($_POST['save_pass']);
-
-	$username_sql = ($db_type == 'mysql' || $db_type == 'mysqli' || $db_type == 'mysql_innodb' || $db_type == 'mysqli_innodb') ? 'username=\''.$db->escape($form_username).'\'' : 'LOWER(username)=LOWER(\''.$db->escape($form_username).'\')';
-
-	$result = $db->query('SELECT * FROM '.$db->prefix.'users WHERE '.$username_sql) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
-	$cur_user = $db->fetch_assoc($result);
-
-	$authorized = false;
-
-	if (!empty($cur_user['password']))
-	{
-		$form_password_hash = pun_hash($form_password); // Will result in a SHA-1 hash
-
-		// If there is a salt in the database we have upgraded from 1.3-legacy though haven't yet logged in
-		if (!empty($cur_user['salt']))
-		{
-			if (sha1($cur_user['salt'].sha1($form_password)) == $cur_user['password']) // 1.3 used sha1(salt.sha1(pass))
-			{
-				$authorized = true;
-
-				$db->query('UPDATE '.$db->prefix.'users SET password=\''.$form_password_hash.'\', salt=NULL WHERE id='.$cur_user['id']) or error('Unable to update user password', __FILE__, __LINE__, $db->error());
-			}
-		}
-		// If the length isn't 40 then the password isn't using sha1, so it must be md5 from 1.2
-		else if (strlen($cur_user['password']) != 40)
-		{
-			if (md5($form_password) == $cur_user['password'])
-			{
-				$authorized = true;
-
-				$db->query('UPDATE '.$db->prefix.'users SET password=\''.$form_password_hash.'\' WHERE id='.$cur_user['id']) or error('Unable to update user password', __FILE__, __LINE__, $db->error());
-			}
-		}
-		// Otherwise we should have a normal sha1 password
-		else
-			$authorized = ($cur_user['password'] == $form_password_hash);
-	}
-
-	if (!$authorized)
-		message($lang_login['Wrong user/pass'].' <a href="login.php?action=forget">'.$lang_login['Forgotten pass'].'</a>');
-
-	// Update the status if this is the first time the user logged in
-	if ($cur_user['group_id'] == PUN_UNVERIFIED)
-	{
-		$db->query('UPDATE '.$db->prefix.'users SET group_id='.$pun_config['o_default_user_group'].' WHERE id='.$cur_user['id']) or error('Unable to update user status', __FILE__, __LINE__, $db->error());
-
-		// Regenerate the users info cache
-		if (!defined('FORUM_CACHE_FUNCTIONS_LOADED'))
-			require PUN_ROOT.'include/cache.php';
-
-		generate_users_info_cache();
-	}
-
-	// Remove this user's guest entry from the online list
-	$db->query('DELETE FROM '.$db->prefix.'online WHERE ident=\''.$db->escape(get_remote_address()).'\'') or error('Unable to delete from online list', __FILE__, __LINE__, $db->error());
-
-	$expire = ($save_pass == '1') ? time() + 1209600 : time() + $pun_config['o_timeout_visit'];
-	pun_setcookie($cur_user['id'], $form_password_hash, $expire);
-
-	// Reset tracked topics
-	set_tracked_topics(null);
-
-	redirect(pun_htmlspecialchars($_POST['redirect_url']), $lang_login['Login redirect']);
-}
-
-
-else if ($action == 'out')
-{
-	if ($pun_user['is_guest'] || !isset($_GET['id']) || $_GET['id'] != $pun_user['id'] || !isset($_GET['csrf_token']) || $_GET['csrf_token'] != pun_hash($pun_user['id'].pun_hash(get_remote_address())))
-	{
-		header('Location: index.php');
-		exit;
-	}
-
-	// Remove user from "users online" list
-	$db->query('DELETE FROM '.$db->prefix.'online WHERE user_id='.$pun_user['id']) or error('Unable to delete from online list', __FILE__, __LINE__, $db->error());
-
-	// Update last_visit (make sure there's something to update it with)
-	if (isset($pun_user['logged']))
-		$db->query('UPDATE '.$db->prefix.'users SET last_visit='.$pun_user['logged'].' WHERE id='.$pun_user['id']) or error('Unable to update user visit data', __FILE__, __LINE__, $db->error());
-
-	pun_setcookie(1, pun_hash(uniqid(rand(), true)), time() + 31536000);
-
-	redirect('index.php', $lang_login['Logout redirect']);
-}
-
-
-else if ($action == 'forget' || $action == 'forget_2')
-{
-	if (!$pun_user['is_guest'])
-	{
-		header('Location: index.php');
-		exit;
-	}
-
-	if (isset($_POST['form_sent']))
-	{
-		// Start with a clean slate
-		$errors = array();
-
-		require PUN_ROOT.'include/email.php';
-
-		// Validate the email address
-		$email = strtolower(pun_trim($_POST['req_email']));
-		if (!is_valid_email($email))
-			$errors[] = $lang_common['Invalid email'];
-
-		// Did everything go according to plan?
-		if (empty($errors))
-		{
-			$result = $db->query('SELECT id, username, last_email_sent FROM '.$db->prefix.'users WHERE email=\''.$db->escape($email).'\'') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
-
-			if ($db->num_rows($result))
-			{
-				// Load the "activate password" template
-				$mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/activate_password.tpl'));
-
-				// The first row contains the subject
-				$first_crlf = strpos($mail_tpl, "\n");
-				$mail_subject = trim(substr($mail_tpl, 8, $first_crlf-8));
-				$mail_message = trim(substr($mail_tpl, $first_crlf));
-
-				// Do the generic replacements first (they apply to all emails sent out here)
-				$mail_message = str_replace('<base_url>', get_base_url().'/', $mail_message);
-				$mail_message = str_replace('<board_mailer>', $pun_config['o_board_title'], $mail_message);
-
-				// Loop through users we found
-				while ($cur_hit = $db->fetch_assoc($result))
-				{
-					if ($cur_hit['last_email_sent'] != '' && (time() - $cur_hit['last_email_sent']) < 3600 && (time() - $cur_hit['last_email_sent']) >= 0)
-						message(sprintf($lang_login['Email flood'], intval((3600 - (time() - $cur_hit['last_email_sent'])) / 60)), true);
-
-					// Generate a new password and a new password activation code
-					$new_password = random_pass(12);
-					$new_password_key = random_pass(8);
-
-					$db->query('UPDATE '.$db->prefix.'users SET activate_string=\''.pun_hash($new_password).'\', activate_key=\''.$new_password_key.'\', last_email_sent = '.time().' WHERE id='.$cur_hit['id']) or error('Unable to update activation data', __FILE__, __LINE__, $db->error());
-
-					// Do the user specific replacements to the template
-					$cur_mail_message = str_replace('<username>', $cur_hit['username'], $mail_message);
-					$cur_mail_message = str_replace('<activation_url>', get_base_url().'/profile.php?id='.$cur_hit['id'].'&action=change_pass&key='.$new_password_key, $cur_mail_message);
-					$cur_mail_message = str_replace('<new_password>', $new_password, $cur_mail_message);
-
-					pun_mail($email, $mail_subject, $cur_mail_message);
-				}
-
-				message($lang_login['Forget mail'].' <a href="mailto:'.pun_htmlspecialchars($pun_config['o_admin_email']).'">'.pun_htmlspecialchars($pun_config['o_admin_email']).'</a>.', true);
-			}
-			else
-				$errors[] = $lang_login['No email match'].' '.htmlspecialchars($email).'.';
-			}
-		}
-
-	$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_login['Request pass']);
-	$required_fields = array('req_email' => $lang_common['Email']);
-	$focus_element = array('request_pass', 'req_email');
-	define ('PUN_ACTIVE_PAGE', 'login');
-	require PUN_ROOT.'header.php';
-
-// If there are errors, we display them
-if (!empty($errors))
-{
-
-?>
-<div id="posterror" class="block">
-	<h2><span><?php echo $lang_login['New password errors'] ?></span></h2>
-	<div class="box">
-		<div class="inbox error-info">
-			<p><?php echo $lang_login['New passworderrors info'] ?></p>
-			<ul class="error-list">
-<?php
-
-	foreach ($errors as $cur_error)
-		echo "\t\t\t\t".'<li><strong>'.$cur_error.'</strong></li>'."\n";
-?>
-			</ul>
-		</div>
-	</div>
-</div>
-
-<?php
-
-}
-?>
-<div class="blockform">
-	<h2><span><?php echo $lang_login['Request pass'] ?></span></h2>
-	<div class="box">
-		<form id="request_pass" method="post" action="login.php?action=forget_2" onsubmit="this.request_pass.disabled=true;if(process_form(this)){return true;}else{this.request_pass.disabled=false;return false;}">
-			<div class="inform">
-				<fieldset>
-					<legend><?php echo $lang_login['Request pass legend'] ?></legend>
-					<div class="infldset">
-						<input type="hidden" name="form_sent" value="1" />
-						<label class="required"><strong><?php echo $lang_common['Email'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br /><input id="req_email" type="text" name="req_email" size="50" maxlength="80" /><br /></label>
-						<p><?php echo $lang_login['Request pass info'] ?></p>
-					</div>
-				</fieldset>
-			</div>
-			<p class="buttons"><input type="submit" name="request_pass" value="<?php echo $lang_common['Submit'] ?>" /><?php if (empty($errors)): ?> <a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a><?php endif; ?></p>
-		</form>
-	</div>
-</div>
-<?php
-
-	require PUN_ROOT.'footer.php';
-}
-
-
-if (!$pun_user['is_guest'])
-{
-	header('Location: index.php');
-	exit;
-}
-
-// Try to determine if the data in HTTP_REFERER is valid (if not, we redirect to index.php after login)
-if (!empty($_SERVER['HTTP_REFERER']))
-{
-	$referrer = parse_url($_SERVER['HTTP_REFERER']);
-	// Remove www subdomain if it exists
-	if (strpos($referrer['host'], 'www.') === 0)
-		$referrer['host'] = substr($referrer['host'], 4);
-
-	// Make sure the path component exists
-	if (!isset($referrer['path']))
-		$referrer['path'] = '';
-
-	$valid = parse_url(get_base_url());
-	// Remove www subdomain if it exists
-	if (strpos($valid['host'], 'www.') === 0)
-		$valid['host'] = substr($valid['host'], 4);
-
-	// Make sure the path component exists
-	if (!isset($valid['path']))
-		$valid['path'] = '';
-
-	if ($referrer['host'] == $valid['host'] && preg_match('%^'.preg_quote($valid['path'], '%').'/(.*?)\.php%i', $referrer['path']))
-		$redirect_url = $_SERVER['HTTP_REFERER'];
-}
-
-if (!isset($redirect_url))
-	$redirect_url = 'index.php';
-else if (preg_match('%viewtopic\.php\?pid=(\d+)$%', $redirect_url, $matches))
-	$redirect_url .= '#p'.$matches[1];
-
-$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_common['Login']);
-$required_fields = array('req_username' => $lang_common['Username'], 'req_password' => $lang_common['Password']);
-$focus_element = array('login', 'req_username');
-define('PUN_ACTIVE_PAGE', 'login');
-require PUN_ROOT.'header.php';
-
-?>
-<div class="blockform">
-	<h2><span><?php echo $lang_common['Login'] ?></span></h2>
-	<div class="box">
-		<form id="login" method="post" action="login.php?action=in" onsubmit="return process_form(this)">
-			<div class="inform">
-				<fieldset>
-					<legend><?php echo $lang_login['Login legend'] ?></legend>
-					<div class="infldset">
-						<input type="hidden" name="form_sent" value="1" />
-						<input type="hidden" name="redirect_url" value="<?php echo pun_htmlspecialchars($redirect_url) ?>" />
-						<label class="conl required"><strong><?php echo $lang_common['Username'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br /><input type="text" name="req_username" size="25" maxlength="25" tabindex="1" /><br /></label>
-						<label class="conl required"><strong><?php echo $lang_common['Password'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br /><input type="password" name="req_password" size="25" tabindex="2" /><br /></label>
-
-						<div class="rbox clearb">
-							<label><input type="checkbox" name="save_pass" value="1" tabindex="3" /><?php echo $lang_login['Remember me'] ?><br /></label>
-						</div>
-
-						<p class="clearb"><?php echo $lang_login['Login info'] ?></p>
-						<p class="actions"><span><a href="register.php" tabindex="5"><?php echo $lang_login['Not registered'] ?></a></span> <span><a href="login.php?action=forget" tabindex="6"><?php echo $lang_login['Forgotten pass'] ?></a></span></p>
-					</div>
-				</fieldset>
-			</div>
-			<p class="buttons"><input type="submit" name="login" value="<?php echo $lang_common['Login'] ?>" tabindex="4" /></p>
-		</form>
-	</div>
-</div>
-<?php
-
-require PUN_ROOT.'footer.php';
+<?php
+
+/**
+ * Copyright (C) 2008-2012 FluxBB
+ * based on code by Rickard Andersson copyright (C) 2002-2008 PunBB
+ * License: http://www.gnu.org/licenses/gpl.html GPL version 2 or higher
+ */
+
+if (isset($_GET['action']))
+	define('PUN_QUIET_VISIT', 1);
+
+define('PUN_ROOT', dirname(__FILE__).'/');
+require PUN_ROOT.'include/common.php';
+
+
+// Load the login.php language file
+require PUN_ROOT.'lang/'.$pun_user['language'].'/login.php';
+
+$action = isset($_GET['action']) ? $_GET['action'] : null;
+
+if (isset($_POST['form_sent']) && $action == 'in')
+{
+	$form_username = pun_trim($_POST['req_username']);
+	$form_password = pun_trim($_POST['req_password']);
+	$save_pass = isset($_POST['save_pass']);
+
+	$username_sql = ($db_type == 'mysql' || $db_type == 'mysqli' || $db_type == 'mysql_innodb' || $db_type == 'mysqli_innodb') ? 'username=\''.$db->escape($form_username).'\'' : 'LOWER(username)=LOWER(\''.$db->escape($form_username).'\')';
+
+	$result = $db->query('SELECT * FROM '.$db->prefix.'users WHERE '.$username_sql) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
+	$cur_user = $db->fetch_assoc($result);
+
+	$authorized = false;
+
+	if (!empty($cur_user['password']))
+	{
+		$form_password_hash = pun_hash($form_password); // Will result in a SHA-1 hash
+
+		// If there is a salt in the database we have upgraded from 1.3-legacy though haven't yet logged in
+		if (!empty($cur_user['salt']))
+		{
+			if (sha1($cur_user['salt'].sha1($form_password)) == $cur_user['password']) // 1.3 used sha1(salt.sha1(pass))
+			{
+				$authorized = true;
+
+				$db->query('UPDATE '.$db->prefix.'users SET password=\''.$form_password_hash.'\', salt=NULL WHERE id='.$cur_user['id']) or error('Unable to update user password', __FILE__, __LINE__, $db->error());
+			}
+		}
+		// If the length isn't 40 then the password isn't using sha1, so it must be md5 from 1.2
+		else if (strlen($cur_user['password']) != 40)
+		{
+			if (md5($form_password) == $cur_user['password'])
+			{
+				$authorized = true;
+
+				$db->query('UPDATE '.$db->prefix.'users SET password=\''.$form_password_hash.'\' WHERE id='.$cur_user['id']) or error('Unable to update user password', __FILE__, __LINE__, $db->error());
+			}
+		}
+		// Otherwise we should have a normal sha1 password
+		else
+			$authorized = ($cur_user['password'] == $form_password_hash);
+	}
+
+	if (!$authorized)
+		message($lang_login['Wrong user/pass'].' <a href="login.php?action=forget">'.$lang_login['Forgotten pass'].'</a>');
+
+	// Update the status if this is the first time the user logged in
+	if ($cur_user['group_id'] == PUN_UNVERIFIED)
+	{
+		$db->query('UPDATE '.$db->prefix.'users SET group_id='.$pun_config['o_default_user_group'].' WHERE id='.$cur_user['id']) or error('Unable to update user status', __FILE__, __LINE__, $db->error());
+
+		// Regenerate the users info cache
+		if (!defined('FORUM_CACHE_FUNCTIONS_LOADED'))
+			require PUN_ROOT.'include/cache.php';
+
+		generate_users_info_cache();
+	}
+
+	// Remove this user's guest entry from the online list
+	$db->query('DELETE FROM '.$db->prefix.'online WHERE ident=\''.$db->escape(get_remote_address()).'\'') or error('Unable to delete from online list', __FILE__, __LINE__, $db->error());
+
+	$expire = ($save_pass == '1') ? time() + 1209600 : time() + $pun_config['o_timeout_visit'];
+	pun_setcookie($cur_user['id'], $form_password_hash, $expire);
+
+	// Reset tracked topics
+	set_tracked_topics(null);
+
+	// Try to determine if the data in redirect_url is valid (if not, we redirect to index.php after login)
+	$redirect_url = validate_redirect($_POST['redirect_url'], 'index.php');
+
+	redirect(pun_htmlspecialchars($redirect_url), $lang_login['Login redirect']);
+}
+
+
+else if ($action == 'out')
+{
+	if ($pun_user['is_guest'] || !isset($_GET['id']) || $_GET['id'] != $pun_user['id'] || !isset($_GET['csrf_token']) || $_GET['csrf_token'] != pun_hash($pun_user['id'].pun_hash(get_remote_address())))
+	{
+		header('Location: index.php');
+		exit;
+	}
+
+	// Remove user from "users online" list
+	$db->query('DELETE FROM '.$db->prefix.'online WHERE user_id='.$pun_user['id']) or error('Unable to delete from online list', __FILE__, __LINE__, $db->error());
+
+	// Update last_visit (make sure there's something to update it with)
+	if (isset($pun_user['logged']))
+		$db->query('UPDATE '.$db->prefix.'users SET last_visit='.$pun_user['logged'].' WHERE id='.$pun_user['id']) or error('Unable to update user visit data', __FILE__, __LINE__, $db->error());
+
+	pun_setcookie(1, pun_hash(uniqid(rand(), true)), time() + 31536000);
+
+	redirect('index.php', $lang_login['Logout redirect']);
+}
+
+
+else if ($action == 'forget' || $action == 'forget_2')
+{
+	if (!$pun_user['is_guest'])
+	{
+		header('Location: index.php');
+		exit;
+	}
+
+	if (isset($_POST['form_sent']))
+	{
+		// Start with a clean slate
+		$errors = array();
+
+		require PUN_ROOT.'include/email.php';
+
+		// Validate the email address
+		$email = strtolower(pun_trim($_POST['req_email']));
+		if (!is_valid_email($email))
+			$errors[] = $lang_common['Invalid email'];
+
+		// Did everything go according to plan?
+		if (empty($errors))
+		{
+			$result = $db->query('SELECT id, username, last_email_sent FROM '.$db->prefix.'users WHERE email=\''.$db->escape($email).'\'') or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
+
+			if ($db->num_rows($result))
+			{
+				// Load the "activate password" template
+				$mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/activate_password.tpl'));
+
+				// The first row contains the subject
+				$first_crlf = strpos($mail_tpl, "\n");
+				$mail_subject = trim(substr($mail_tpl, 8, $first_crlf-8));
+				$mail_message = trim(substr($mail_tpl, $first_crlf));
+
+				// Do the generic replacements first (they apply to all emails sent out here)
+				$mail_message = str_replace('<base_url>', get_base_url().'/', $mail_message);
+				$mail_message = str_replace('<board_mailer>', $pun_config['o_board_title'], $mail_message);
+
+				// Loop through users we found
+				while ($cur_hit = $db->fetch_assoc($result))
+				{
+					if ($cur_hit['last_email_sent'] != '' && (time() - $cur_hit['last_email_sent']) < 3600 && (time() - $cur_hit['last_email_sent']) >= 0)
+						message(sprintf($lang_login['Email flood'], intval((3600 - (time() - $cur_hit['last_email_sent'])) / 60)), true);
+
+					// Generate a new password and a new password activation code
+					$new_password = random_pass(12);
+					$new_password_key = random_pass(8);
+
+					$db->query('UPDATE '.$db->prefix.'users SET activate_string=\''.pun_hash($new_password).'\', activate_key=\''.$new_password_key.'\', last_email_sent = '.time().' WHERE id='.$cur_hit['id']) or error('Unable to update activation data', __FILE__, __LINE__, $db->error());
+
+					// Do the user specific replacements to the template
+					$cur_mail_message = str_replace('<username>', $cur_hit['username'], $mail_message);
+					$cur_mail_message = str_replace('<activation_url>', get_base_url().'/profile.php?id='.$cur_hit['id'].'&action=change_pass&key='.$new_password_key, $cur_mail_message);
+					$cur_mail_message = str_replace('<new_password>', $new_password, $cur_mail_message);
+
+					pun_mail($email, $mail_subject, $cur_mail_message);
+				}
+
+				message($lang_login['Forget mail'].' <a href="mailto:'.pun_htmlspecialchars($pun_config['o_admin_email']).'">'.pun_htmlspecialchars($pun_config['o_admin_email']).'</a>.', true);
+			}
+			else
+				$errors[] = $lang_login['No email match'].' '.htmlspecialchars($email).'.';
+			}
+		}
+
+	$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_login['Request pass']);
+	$required_fields = array('req_email' => $lang_common['Email']);
+	$focus_element = array('request_pass', 'req_email');
+	define ('PUN_ACTIVE_PAGE', 'login');
+	require PUN_ROOT.'header.php';
+
+// If there are errors, we display them
+if (!empty($errors))
+{
+
+?>
+<div id="posterror" class="block">
+	<h2><span><?php echo $lang_login['New password errors'] ?></span></h2>
+	<div class="box">
+		<div class="inbox error-info">
+			<p><?php echo $lang_login['New passworderrors info'] ?></p>
+			<ul class="error-list">
+<?php
+
+	foreach ($errors as $cur_error)
+		echo "\t\t\t\t".'<li><strong>'.$cur_error.'</strong></li>'."\n";
+?>
+			</ul>
+		</div>
+	</div>
+</div>
+
+<?php
+
+}
+?>
+<div class="blockform">
+	<h2><span><?php echo $lang_login['Request pass'] ?></span></h2>
+	<div class="box">
+		<form id="request_pass" method="post" action="login.php?action=forget_2" onsubmit="this.request_pass.disabled=true;if(process_form(this)){return true;}else{this.request_pass.disabled=false;return false;}">
+			<div class="inform">
+				<fieldset>
+					<legend><?php echo $lang_login['Request pass legend'] ?></legend>
+					<div class="infldset">
+						<input type="hidden" name="form_sent" value="1" />
+						<label class="required"><strong><?php echo $lang_common['Email'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br /><input id="req_email" type="text" name="req_email" size="50" maxlength="80" /><br /></label>
+						<p><?php echo $lang_login['Request pass info'] ?></p>
+					</div>
+				</fieldset>
+			</div>
+			<p class="buttons"><input type="submit" name="request_pass" value="<?php echo $lang_common['Submit'] ?>" /><?php if (empty($errors)): ?> <a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a><?php endif; ?></p>
+		</form>
+	</div>
+</div>
+<?php
+
+	require PUN_ROOT.'footer.php';
+}
+
+
+if (!$pun_user['is_guest'])
+{
+	header('Location: index.php');
+	exit;
+}
+
+// Try to determine if the data in HTTP_REFERER is valid (if not, we redirect to index.php after login)
+if (!empty($_SERVER['HTTP_REFERER']))
+	$redirect_url = validate_redirect($_SERVER['HTTP_REFERER'], null);
+
+if (!isset($redirect_url))
+	$redirect_url = 'index.php';
+else if (preg_match('%viewtopic\.php\?pid=(\d+)$%', $redirect_url, $matches))
+	$redirect_url .= '#p'.$matches[1];
+
+$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_common['Login']);
+$required_fields = array('req_username' => $lang_common['Username'], 'req_password' => $lang_common['Password']);
+$focus_element = array('login', 'req_username');
+define('PUN_ACTIVE_PAGE', 'login');
+require PUN_ROOT.'header.php';
+
+?>
+<div class="blockform">
+	<h2><span><?php echo $lang_common['Login'] ?></span></h2>
+	<div class="box">
+		<form id="login" method="post" action="login.php?action=in" onsubmit="return process_form(this)">
+			<div class="inform">
+				<fieldset>
+					<legend><?php echo $lang_login['Login legend'] ?></legend>
+					<div class="infldset">
+						<input type="hidden" name="form_sent" value="1" />
+						<input type="hidden" name="redirect_url" value="<?php echo pun_htmlspecialchars($redirect_url) ?>" />
+						<label class="conl required"><strong><?php echo $lang_common['Username'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br /><input type="text" name="req_username" size="25" maxlength="25" tabindex="1" /><br /></label>
+						<label class="conl required"><strong><?php echo $lang_common['Password'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br /><input type="password" name="req_password" size="25" tabindex="2" /><br /></label>
+
+						<div class="rbox clearb">
+							<label><input type="checkbox" name="save_pass" value="1" tabindex="3" /><?php echo $lang_login['Remember me'] ?><br /></label>
+						</div>
+
+						<p class="clearb"><?php echo $lang_login['Login info'] ?></p>
+						<p class="actions"><span><a href="register.php" tabindex="5"><?php echo $lang_login['Not registered'] ?></a></span> <span><a href="login.php?action=forget" tabindex="6"><?php echo $lang_login['Forgotten pass'] ?></a></span></p>
+					</div>
+				</fieldset>
+			</div>
+			<p class="buttons"><input type="submit" name="login" value="<?php echo $lang_common['Login'] ?>" tabindex="4" /></p>
+		</form>
+	</div>
+</div>
+<?php
+
+require PUN_ROOT.'footer.php';
diff --git a/misc.php b/misc.php
index a758892a3..214fdd1ce 100644
--- a/misc.php
+++ b/misc.php
@@ -1,424 +1,406 @@
-<?php
-
-/**
- * Copyright (C) 2008-2012 FluxBB
- * based on code by Rickard Andersson copyright (C) 2002-2008 PunBB
- * License: http://www.gnu.org/licenses/gpl.html GPL version 2 or higher
- */
-
-if (isset($_GET['action']))
-	define('PUN_QUIET_VISIT', 1);
-
-define('PUN_ROOT', dirname(__FILE__).'/');
-require PUN_ROOT.'include/common.php';
-
-
-// Load the misc.php language file
-require PUN_ROOT.'lang/'.$pun_user['language'].'/misc.php';
-
-$action = isset($_GET['action']) ? $_GET['action'] : null;
-
-
-if ($action == 'rules')
-{
-	if ($pun_config['o_rules'] == '0' || ($pun_user['is_guest'] && $pun_user['g_read_board'] == '0' && $pun_config['o_regs_allow'] == '0'))
-		message($lang_common['Bad request'], false, '404 Not Found');
-
-	// Load the register.php language file
-	require PUN_ROOT.'lang/'.$pun_user['language'].'/register.php';
-
-	$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_register['Forum rules']);
-	define('PUN_ACTIVE_PAGE', 'rules');
-	require PUN_ROOT.'header.php';
-
-?>
-<div id="rules" class="block">
-	<div class="hd"><h2><span><?php echo $lang_register['Forum rules'] ?></span></h2></div>
-	<div class="box">
-		<div id="rules-block" class="inbox">
-			<div class="usercontent"><?php echo $pun_config['o_rules_message'] ?></div>
-		</div>
-	</div>
-</div>
-<?php
-
-	require PUN_ROOT.'footer.php';
-}
-
-
-else if ($action == 'markread')
-{
-	if ($pun_user['is_guest'])
-		message($lang_common['No permission'], false, '403 Forbidden');
-
-	$db->query('UPDATE '.$db->prefix.'users SET last_visit='.$pun_user['logged'].' WHERE id='.$pun_user['id']) or error('Unable to update user last visit data', __FILE__, __LINE__, $db->error());
-
-	// Reset tracked topics
-	set_tracked_topics(null);
-
-	redirect('index.php', $lang_misc['Mark read redirect']);
-}
-
-
-// Mark the topics/posts in a forum as read?
-else if ($action == 'markforumread')
-{
-	if ($pun_user['is_guest'])
-		message($lang_common['No permission'], false, '403 Forbidden');
-
-	$fid = isset($_GET['fid']) ? intval($_GET['fid']) : 0;
-	if ($fid < 1)
-		message($lang_common['Bad request'], false, '404 Not Found');
-
-	$tracked_topics = get_tracked_topics();
-	$tracked_topics['forums'][$fid] = time();
-	set_tracked_topics($tracked_topics);
-
-	redirect('viewforum.php?id='.$fid, $lang_misc['Mark forum read redirect']);
-}
-
-
-else if (isset($_GET['email']))
-{
-	if ($pun_user['is_guest'] || $pun_user['g_send_email'] == '0')
-		message($lang_common['No permission'], false, '403 Forbidden');
-
-	$recipient_id = intval($_GET['email']);
-	if ($recipient_id < 2)
-		message($lang_common['Bad request'], false, '404 Not Found');
-
-	$result = $db->query('SELECT username, email, email_setting FROM '.$db->prefix.'users WHERE id='.$recipient_id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
-	if (!$db->num_rows($result))
-		message($lang_common['Bad request'], false, '404 Not Found');
-
-	list($recipient, $recipient_email, $email_setting) = $db->fetch_row($result);
-
-	if ($email_setting == 2 && !$pun_user['is_admmod'])
-		message($lang_misc['Form email disabled']);
-
-
-	if (isset($_POST['form_sent']))
-	{
-		confirm_referrer('misc.php');
-
-		// Clean up message and subject from POST
-		$subject = pun_trim($_POST['req_subject']);
-		$message = pun_trim($_POST['req_message']);
-
-		if ($subject == '')
-			message($lang_misc['No email subject']);
-		else if ($message == '')
-			message($lang_misc['No email message']);
-		// Here we use strlen() not pun_strlen() as we want to limit the post to PUN_MAX_POSTSIZE bytes, not characters
-		else if (strlen($message) > PUN_MAX_POSTSIZE)
-			message($lang_misc['Too long email message']);
-
-		if ($pun_user['last_email_sent'] != '' && (time() - $pun_user['last_email_sent']) < $pun_user['g_email_flood'] && (time() - $pun_user['last_email_sent']) >= 0)
-			message(sprintf($lang_misc['Email flood'], $pun_user['g_email_flood'], $pun_user['g_email_flood'] - (time() - $pun_user['last_email_sent'])));
-
-		// Load the "form email" template
-		$mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/form_email.tpl'));
-
-		// The first row contains the subject
-		$first_crlf = strpos($mail_tpl, "\n");
-		$mail_subject = pun_trim(substr($mail_tpl, 8, $first_crlf-8));
-		$mail_message = pun_trim(substr($mail_tpl, $first_crlf));
-
-		$mail_subject = str_replace('<mail_subject>', $subject, $mail_subject);
-		$mail_message = str_replace('<sender>', $pun_user['username'], $mail_message);
-		$mail_message = str_replace('<board_title>', $pun_config['o_board_title'], $mail_message);
-		$mail_message = str_replace('<mail_message>', $message, $mail_message);
-		$mail_message = str_replace('<board_mailer>', $pun_config['o_board_title'], $mail_message);
-
-		require_once PUN_ROOT.'include/email.php';
-
-		pun_mail($recipient_email, $mail_subject, $mail_message, $pun_user['email'], $pun_user['username']);
-
-		$db->query('UPDATE '.$db->prefix.'users SET last_email_sent='.time().' WHERE id='.$pun_user['id']) or error('Unable to update user', __FILE__, __LINE__, $db->error());
-
-		redirect(pun_htmlspecialchars($_POST['redirect_url']), $lang_misc['Email sent redirect']);
-	}
-
-
-	// Try to determine if the data in HTTP_REFERER is valid (if not, we redirect to the user's profile after the email is sent)
-	if (!empty($_SERVER['HTTP_REFERER']))
-	{
-		$referrer = parse_url($_SERVER['HTTP_REFERER']);
-		// Remove www subdomain if it exists
-		if (strpos($referrer['host'], 'www.') === 0)
-			$referrer['host'] = substr($referrer['host'], 4);
-
-		// Make sure the path component exists
-		if (!isset($referrer['path']))
-			$referrer['path'] = '';
-
-		$valid = parse_url(get_base_url());
-		// Remove www subdomain if it exists
-		if (strpos($valid['host'], 'www.') === 0)
-			$valid['host'] = substr($valid['host'], 4);
-
-		// Make sure the path component exists
-		if (!isset($valid['path']))
-			$valid['path'] = '';
-
-		if ($referrer['host'] == $valid['host'] && preg_match('%^'.preg_quote($valid['path'], '%').'/(.*?)\.php%i', $referrer['path']))
-			$redirect_url = $_SERVER['HTTP_REFERER'];
-	}
-
-	if (!isset($redirect_url))
-		$redirect_url = 'profile.php?id='.$recipient_id;
-	else if (preg_match('%viewtopic\.php\?pid=(\d+)$%', $redirect_url, $matches))
-		$redirect_url .= '#p'.$matches[1];
-
-	$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_misc['Send email to'].' '.pun_htmlspecialchars($recipient));
-	$required_fields = array('req_subject' => $lang_misc['Email subject'], 'req_message' => $lang_misc['Email message']);
-	$focus_element = array('email', 'req_subject');
-	define('PUN_ACTIVE_PAGE', 'index');
-	require PUN_ROOT.'header.php';
-
-?>
-<div id="emailform" class="blockform">
-	<h2><span><?php echo $lang_misc['Send email to'] ?> <?php echo pun_htmlspecialchars($recipient) ?></span></h2>
-	<div class="box">
-		<form id="email" method="post" action="misc.php?email=<?php echo $recipient_id ?>" onsubmit="this.submit.disabled=true;if(process_form(this)){return true;}else{this.submit.disabled=false;return false;}">
-			<div class="inform">
-				<fieldset>
-					<legend><?php echo $lang_misc['Write email'] ?></legend>
-					<div class="infldset txtarea">
-						<input type="hidden" name="form_sent" value="1" />
-						<input type="hidden" name="redirect_url" value="<?php echo pun_htmlspecialchars($redirect_url) ?>" />
-						<label class="required"><strong><?php echo $lang_misc['Email subject'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br />
-						<input class="longinput" type="text" name="req_subject" size="75" maxlength="70" tabindex="1" /><br /></label>
-						<label class="required"><strong><?php echo $lang_misc['Email message'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br />
-						<textarea name="req_message" rows="10" cols="75" tabindex="2"></textarea><br /></label>
-						<p><?php echo $lang_misc['Email disclosure note'] ?></p>
-					</div>
-				</fieldset>
-			</div>
-			<p class="buttons"><input type="submit" name="submit" value="<?php echo $lang_common['Submit'] ?>" tabindex="3" accesskey="s" /> <a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p>
-		</form>
-	</div>
-</div>
-<?php
-
-	require PUN_ROOT.'footer.php';
-}
-
-
-else if (isset($_GET['report']))
-{
-	if ($pun_user['is_guest'])
-		message($lang_common['No permission'], false, '403 Forbidden');
-
-	$post_id = intval($_GET['report']);
-	if ($post_id < 1)
-		message($lang_common['Bad request'], false, '404 Not Found');
-
-	if (isset($_POST['form_sent']))
-	{
-		// Make sure they got here from the site
-		confirm_referrer('misc.php');
-		
-		// Clean up reason from POST
-		$reason = pun_linebreaks(pun_trim($_POST['req_reason']));
-		if ($reason == '')
-			message($lang_misc['No reason']);
-		else if (strlen($reason) > 65535) // TEXT field can only hold 65535 bytes
-			message($lang_misc['Reason too long']);
-
-		if ($pun_user['last_report_sent'] != '' && (time() - $pun_user['last_report_sent']) < $pun_user['g_report_flood'] && (time() - $pun_user['last_report_sent']) >= 0)
-			message(sprintf($lang_misc['Report flood'], $pun_user['g_report_flood'], $pun_user['g_report_flood'] - (time() - $pun_user['last_report_sent'])));
-
-		// Get the topic ID
-		$result = $db->query('SELECT topic_id FROM '.$db->prefix.'posts WHERE id='.$post_id) or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
-		if (!$db->num_rows($result))
-			message($lang_common['Bad request'], false, '404 Not Found');
-
-		$topic_id = $db->result($result);
-
-		// Get the subject and forum ID
-		$result = $db->query('SELECT subject, forum_id FROM '.$db->prefix.'topics WHERE id='.$topic_id) or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());
-		if (!$db->num_rows($result))
-			message($lang_common['Bad request'], false, '404 Not Found');
-
-		list($subject, $forum_id) = $db->fetch_row($result);
-
-		// Should we use the internal report handling?
-		if ($pun_config['o_report_method'] == '0' || $pun_config['o_report_method'] == '2')
-			$db->query('INSERT INTO '.$db->prefix.'reports (post_id, topic_id, forum_id, reported_by, created, message) VALUES('.$post_id.', '.$topic_id.', '.$forum_id.', '.$pun_user['id'].', '.time().', \''.$db->escape($reason).'\')' ) or error('Unable to create report', __FILE__, __LINE__, $db->error());
-
-		// Should we email the report?
-		if ($pun_config['o_report_method'] == '1' || $pun_config['o_report_method'] == '2')
-		{
-			// We send it to the complete mailing-list in one swoop
-			if ($pun_config['o_mailing_list'] != '')
-			{
-				// Load the "new report" template
-				$mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/new_report.tpl'));
-
-				// The first row contains the subject
-				$first_crlf = strpos($mail_tpl, "\n");
-				$mail_subject = trim(substr($mail_tpl, 8, $first_crlf-8));
-				$mail_message = trim(substr($mail_tpl, $first_crlf));
-
-				$mail_subject = str_replace('<forum_id>', $forum_id, $mail_subject);
-				$mail_subject = str_replace('<topic_subject>', $subject, $mail_subject);
-				$mail_message = str_replace('<username>', $pun_user['username'], $mail_message);
-				$mail_message = str_replace('<post_url>', get_base_url().'/viewtopic.php?pid='.$post_id.'#p'.$post_id, $mail_message);
-				$mail_message = str_replace('<reason>', $reason, $mail_message);
-				$mail_message = str_replace('<board_mailer>', $pun_config['o_board_title'], $mail_message);
-
-				require PUN_ROOT.'include/email.php';
-
-				pun_mail($pun_config['o_mailing_list'], $mail_subject, $mail_message);
-			}
-		}
-
-		$db->query('UPDATE '.$db->prefix.'users SET last_report_sent='.time().' WHERE id='.$pun_user['id']) or error('Unable to update user', __FILE__, __LINE__, $db->error());
-
-		redirect('viewforum.php?id='.$forum_id, $lang_misc['Report redirect']);
-	}
-
-	// Fetch some info about the post, the topic and the forum
-	$result = $db->query('SELECT f.id AS fid, f.forum_name, t.id AS tid, t.subject FROM '.$db->prefix.'posts AS p INNER JOIN '.$db->prefix.'topics AS t ON t.id=p.topic_id INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND p.id='.$post_id) or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
-	if (!$db->num_rows($result))
-		message($lang_common['Bad request'], false, '404 Not Found');
-
-	$cur_post = $db->fetch_assoc($result);
-
-	if ($pun_config['o_censoring'] == '1')
-		$cur_post['subject'] = censor_words($cur_post['subject']);
-
-	$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_misc['Report post']);
-	$required_fields = array('req_reason' => $lang_misc['Reason']);
-	$focus_element = array('report', 'req_reason');
-	define('PUN_ACTIVE_PAGE', 'index');
-	require PUN_ROOT.'header.php';
-
-?>
-<div class="linkst">
-	<div class="inbox">
-		<ul class="crumbs">
-			<li><a href="index.php"><?php echo $lang_common['Index'] ?></a></li>
-			<li><span>»&#160;</span><a href="viewforum.php?id=<?php echo $cur_post['fid'] ?>"><?php echo pun_htmlspecialchars($cur_post['forum_name']) ?></a></li>
-			<li><span>»&#160;</span><a href="viewtopic.php?pid=<?php echo $post_id ?>#p<?php echo $post_id ?>"><?php echo pun_htmlspecialchars($cur_post['subject']) ?></a></li>
-			<li><span>»&#160;</span><strong><?php echo $lang_misc['Report post'] ?></strong></li>
-		</ul>
-	</div>
-</div>
-
-<div id="reportform" class="blockform">
-	<h2><span><?php echo $lang_misc['Report post'] ?></span></h2>
-	<div class="box">
-		<form id="report" method="post" action="misc.php?report=<?php echo $post_id ?>" onsubmit="this.submit.disabled=true;if(process_form(this)){return true;}else{this.submit.disabled=false;return false;}">
-			<div class="inform">
-				<fieldset>
-					<legend><?php echo $lang_misc['Reason desc'] ?></legend>
-					<div class="infldset txtarea">
-						<input type="hidden" name="form_sent" value="1" />
-						<label class="required"><strong><?php echo $lang_misc['Reason'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br /><textarea name="req_reason" rows="5" cols="60"></textarea><br /></label>
-					</div>
-				</fieldset>
-			</div>
-			<p class="buttons"><input type="submit" name="submit" value="<?php echo $lang_common['Submit'] ?>" accesskey="s" /> <a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p>
-		</form>
-	</div>
-</div>
-<?php
-
-	require PUN_ROOT.'footer.php';
-}
-
-
-else if ($action == 'subscribe')
-{
-	if ($pun_user['is_guest'])
-		message($lang_common['No permission'], false, '403 Forbidden');
-
-	$topic_id = isset($_GET['tid']) ? intval($_GET['tid']) : 0;
-	$forum_id = isset($_GET['fid']) ? intval($_GET['fid']) : 0;
-	if ($topic_id < 1 && $forum_id < 1)
-		message($lang_common['Bad request'], false, '404 Not Found');
-
-	if ($topic_id)
-	{
-		if ($pun_config['o_topic_subscriptions'] != '1')
-			message($lang_common['No permission'], false, '403 Forbidden');
-
-		// Make sure the user can view the topic
-		$result = $db->query('SELECT 1 FROM '.$db->prefix.'topics AS t LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=t.forum_id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.id='.$topic_id.' AND t.moved_to IS NULL') or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());
-		if (!$db->num_rows($result))
-			message($lang_common['Bad request'], false, '404 Not Found');
-
-		$result = $db->query('SELECT 1 FROM '.$db->prefix.'topic_subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$topic_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error());
-		if ($db->num_rows($result))
-			message($lang_misc['Already subscribed topic']);
-
-		$db->query('INSERT INTO '.$db->prefix.'topic_subscriptions (user_id, topic_id) VALUES('.$pun_user['id'].' ,'.$topic_id.')') or error('Unable to add subscription', __FILE__, __LINE__, $db->error());
-
-		redirect('viewtopic.php?id='.$topic_id, $lang_misc['Subscribe redirect']);
-	}
-
-	if ($forum_id)
-	{
-		if ($pun_config['o_forum_subscriptions'] != '1')
-			message($lang_common['No permission'], false, '403 Forbidden');
-
-		// Make sure the user can view the forum
-		$result = $db->query('SELECT 1 FROM '.$db->prefix.'forums AS f LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND f.id='.$forum_id) or error('Unable to fetch forum info', __FILE__, __LINE__, $db->error());
-		if (!$db->num_rows($result))
-			message($lang_common['Bad request'], false, '404 Not Found');
-
-		$result = $db->query('SELECT 1 FROM '.$db->prefix.'forum_subscriptions WHERE user_id='.$pun_user['id'].' AND forum_id='.$forum_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error());
-		if ($db->num_rows($result))
-			message($lang_misc['Already subscribed forum']);
-
-		$db->query('INSERT INTO '.$db->prefix.'forum_subscriptions (user_id, forum_id) VALUES('.$pun_user['id'].' ,'.$forum_id.')') or error('Unable to add subscription', __FILE__, __LINE__, $db->error());
-
-		redirect('viewforum.php?id='.$forum_id, $lang_misc['Subscribe redirect']);
-	}
-}
-
-
-else if ($action == 'unsubscribe')
-{
-	if ($pun_user['is_guest'])
-		message($lang_common['No permission'], false, '403 Forbidden');
-
-	$topic_id = isset($_GET['tid']) ? intval($_GET['tid']) : 0;
-	$forum_id = isset($_GET['fid']) ? intval($_GET['fid']) : 0;
-	if ($topic_id < 1 && $forum_id < 1)
-		message($lang_common['Bad request'], false, '404 Not Found');
-
-	if ($topic_id)
-	{
-		if ($pun_config['o_topic_subscriptions'] != '1')
-			message($lang_common['No permission'], false, '403 Forbidden');
-
-		$result = $db->query('SELECT 1 FROM '.$db->prefix.'topic_subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$topic_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error());
-		if (!$db->num_rows($result))
-			message($lang_misc['Not subscribed topic']);
-
-		$db->query('DELETE FROM '.$db->prefix.'topic_subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$topic_id) or error('Unable to remove subscription', __FILE__, __LINE__, $db->error());
-
-		redirect('viewtopic.php?id='.$topic_id, $lang_misc['Unsubscribe redirect']);
-	}
-
-	if ($forum_id)
-	{
-		if ($pun_config['o_forum_subscriptions'] != '1')
-			message($lang_common['No permission'], false, '403 Forbidden');
-
-		$result = $db->query('SELECT 1 FROM '.$db->prefix.'forum_subscriptions WHERE user_id='.$pun_user['id'].' AND forum_id='.$forum_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error());
-		if (!$db->num_rows($result))
-			message($lang_misc['Not subscribed forum']);
-
-		$db->query('DELETE FROM '.$db->prefix.'forum_subscriptions WHERE user_id='.$pun_user['id'].' AND forum_id='.$forum_id) or error('Unable to remove subscription', __FILE__, __LINE__, $db->error());
-
-		redirect('viewforum.php?id='.$forum_id, $lang_misc['Unsubscribe redirect']);
-	}
-}
-
-
-else
-	message($lang_common['Bad request'], false, '404 Not Found');
+<?php
+
+/**
+ * Copyright (C) 2008-2012 FluxBB
+ * based on code by Rickard Andersson copyright (C) 2002-2008 PunBB
+ * License: http://www.gnu.org/licenses/gpl.html GPL version 2 or higher
+ */
+
+if (isset($_GET['action']))
+	define('PUN_QUIET_VISIT', 1);
+
+define('PUN_ROOT', dirname(__FILE__).'/');
+require PUN_ROOT.'include/common.php';
+
+
+// Load the misc.php language file
+require PUN_ROOT.'lang/'.$pun_user['language'].'/misc.php';
+
+$action = isset($_GET['action']) ? $_GET['action'] : null;
+
+
+if ($action == 'rules')
+{
+	if ($pun_config['o_rules'] == '0' || ($pun_user['is_guest'] && $pun_user['g_read_board'] == '0' && $pun_config['o_regs_allow'] == '0'))
+		message($lang_common['Bad request'], false, '404 Not Found');
+
+	// Load the register.php language file
+	require PUN_ROOT.'lang/'.$pun_user['language'].'/register.php';
+
+	$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_register['Forum rules']);
+	define('PUN_ACTIVE_PAGE', 'rules');
+	require PUN_ROOT.'header.php';
+
+?>
+<div id="rules" class="block">
+	<div class="hd"><h2><span><?php echo $lang_register['Forum rules'] ?></span></h2></div>
+	<div class="box">
+		<div id="rules-block" class="inbox">
+			<div class="usercontent"><?php echo $pun_config['o_rules_message'] ?></div>
+		</div>
+	</div>
+</div>
+<?php
+
+	require PUN_ROOT.'footer.php';
+}
+
+
+else if ($action == 'markread')
+{
+	if ($pun_user['is_guest'])
+		message($lang_common['No permission'], false, '403 Forbidden');
+
+	$db->query('UPDATE '.$db->prefix.'users SET last_visit='.$pun_user['logged'].' WHERE id='.$pun_user['id']) or error('Unable to update user last visit data', __FILE__, __LINE__, $db->error());
+
+	// Reset tracked topics
+	set_tracked_topics(null);
+
+	redirect('index.php', $lang_misc['Mark read redirect']);
+}
+
+
+// Mark the topics/posts in a forum as read?
+else if ($action == 'markforumread')
+{
+	if ($pun_user['is_guest'])
+		message($lang_common['No permission'], false, '403 Forbidden');
+
+	$fid = isset($_GET['fid']) ? intval($_GET['fid']) : 0;
+	if ($fid < 1)
+		message($lang_common['Bad request'], false, '404 Not Found');
+
+	$tracked_topics = get_tracked_topics();
+	$tracked_topics['forums'][$fid] = time();
+	set_tracked_topics($tracked_topics);
+
+	redirect('viewforum.php?id='.$fid, $lang_misc['Mark forum read redirect']);
+}
+
+
+else if (isset($_GET['email']))
+{
+	if ($pun_user['is_guest'] || $pun_user['g_send_email'] == '0')
+		message($lang_common['No permission'], false, '403 Forbidden');
+
+	$recipient_id = intval($_GET['email']);
+	if ($recipient_id < 2)
+		message($lang_common['Bad request'], false, '404 Not Found');
+
+	$result = $db->query('SELECT username, email, email_setting FROM '.$db->prefix.'users WHERE id='.$recipient_id) or error('Unable to fetch user info', __FILE__, __LINE__, $db->error());
+	if (!$db->num_rows($result))
+		message($lang_common['Bad request'], false, '404 Not Found');
+
+	list($recipient, $recipient_email, $email_setting) = $db->fetch_row($result);
+
+	if ($email_setting == 2 && !$pun_user['is_admmod'])
+		message($lang_misc['Form email disabled']);
+
+
+	if (isset($_POST['form_sent']))
+	{
+		confirm_referrer('misc.php');
+
+		// Clean up message and subject from POST
+		$subject = pun_trim($_POST['req_subject']);
+		$message = pun_trim($_POST['req_message']);
+
+		if ($subject == '')
+			message($lang_misc['No email subject']);
+		else if ($message == '')
+			message($lang_misc['No email message']);
+		// Here we use strlen() not pun_strlen() as we want to limit the post to PUN_MAX_POSTSIZE bytes, not characters
+		else if (strlen($message) > PUN_MAX_POSTSIZE)
+			message($lang_misc['Too long email message']);
+
+		if ($pun_user['last_email_sent'] != '' && (time() - $pun_user['last_email_sent']) < $pun_user['g_email_flood'] && (time() - $pun_user['last_email_sent']) >= 0)
+			message(sprintf($lang_misc['Email flood'], $pun_user['g_email_flood'], $pun_user['g_email_flood'] - (time() - $pun_user['last_email_sent'])));
+
+		// Load the "form email" template
+		$mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/form_email.tpl'));
+
+		// The first row contains the subject
+		$first_crlf = strpos($mail_tpl, "\n");
+		$mail_subject = pun_trim(substr($mail_tpl, 8, $first_crlf-8));
+		$mail_message = pun_trim(substr($mail_tpl, $first_crlf));
+
+		$mail_subject = str_replace('<mail_subject>', $subject, $mail_subject);
+		$mail_message = str_replace('<sender>', $pun_user['username'], $mail_message);
+		$mail_message = str_replace('<board_title>', $pun_config['o_board_title'], $mail_message);
+		$mail_message = str_replace('<mail_message>', $message, $mail_message);
+		$mail_message = str_replace('<board_mailer>', $pun_config['o_board_title'], $mail_message);
+
+		require_once PUN_ROOT.'include/email.php';
+
+		pun_mail($recipient_email, $mail_subject, $mail_message, $pun_user['email'], $pun_user['username']);
+
+		$db->query('UPDATE '.$db->prefix.'users SET last_email_sent='.time().' WHERE id='.$pun_user['id']) or error('Unable to update user', __FILE__, __LINE__, $db->error());
+
+		// Try to determine if the data in redirect_url is valid (if not, we redirect to index.php after login)
+		$redirect_url = validate_redirect($_POST['redirect_url'], 'index.php');
+
+		redirect(pun_htmlspecialchars($redirect_url), $lang_misc['Email sent redirect']);
+	}
+
+
+	// Try to determine if the data in HTTP_REFERER is valid (if not, we redirect to the user's profile after the email is sent)
+	if (!empty($_SERVER['HTTP_REFERER']))
+		$redirect_url = validate_redirect($_SERVER['HTTP_REFERER'], null);
+
+	if (!isset($redirect_url))
+		$redirect_url = 'profile.php?id='.$recipient_id;
+	else if (preg_match('%viewtopic\.php\?pid=(\d+)$%', $redirect_url, $matches))
+		$redirect_url .= '#p'.$matches[1];
+
+	$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_misc['Send email to'].' '.pun_htmlspecialchars($recipient));
+	$required_fields = array('req_subject' => $lang_misc['Email subject'], 'req_message' => $lang_misc['Email message']);
+	$focus_element = array('email', 'req_subject');
+	define('PUN_ACTIVE_PAGE', 'index');
+	require PUN_ROOT.'header.php';
+
+?>
+<div id="emailform" class="blockform">
+	<h2><span><?php echo $lang_misc['Send email to'] ?> <?php echo pun_htmlspecialchars($recipient) ?></span></h2>
+	<div class="box">
+		<form id="email" method="post" action="misc.php?email=<?php echo $recipient_id ?>" onsubmit="this.submit.disabled=true;if(process_form(this)){return true;}else{this.submit.disabled=false;return false;}">
+			<div class="inform">
+				<fieldset>
+					<legend><?php echo $lang_misc['Write email'] ?></legend>
+					<div class="infldset txtarea">
+						<input type="hidden" name="form_sent" value="1" />
+						<input type="hidden" name="redirect_url" value="<?php echo pun_htmlspecialchars($redirect_url) ?>" />
+						<label class="required"><strong><?php echo $lang_misc['Email subject'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br />
+						<input class="longinput" type="text" name="req_subject" size="75" maxlength="70" tabindex="1" /><br /></label>
+						<label class="required"><strong><?php echo $lang_misc['Email message'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br />
+						<textarea name="req_message" rows="10" cols="75" tabindex="2"></textarea><br /></label>
+						<p><?php echo $lang_misc['Email disclosure note'] ?></p>
+					</div>
+				</fieldset>
+			</div>
+			<p class="buttons"><input type="submit" name="submit" value="<?php echo $lang_common['Submit'] ?>" tabindex="3" accesskey="s" /> <a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p>
+		</form>
+	</div>
+</div>
+<?php
+
+	require PUN_ROOT.'footer.php';
+}
+
+
+else if (isset($_GET['report']))
+{
+	if ($pun_user['is_guest'])
+		message($lang_common['No permission'], false, '403 Forbidden');
+
+	$post_id = intval($_GET['report']);
+	if ($post_id < 1)
+		message($lang_common['Bad request'], false, '404 Not Found');
+
+	if (isset($_POST['form_sent']))
+	{
+		// Make sure they got here from the site
+		confirm_referrer('misc.php');
+		
+		// Clean up reason from POST
+		$reason = pun_linebreaks(pun_trim($_POST['req_reason']));
+		if ($reason == '')
+			message($lang_misc['No reason']);
+		else if (strlen($reason) > 65535) // TEXT field can only hold 65535 bytes
+			message($lang_misc['Reason too long']);
+
+		if ($pun_user['last_report_sent'] != '' && (time() - $pun_user['last_report_sent']) < $pun_user['g_report_flood'] && (time() - $pun_user['last_report_sent']) >= 0)
+			message(sprintf($lang_misc['Report flood'], $pun_user['g_report_flood'], $pun_user['g_report_flood'] - (time() - $pun_user['last_report_sent'])));
+
+		// Get the topic ID
+		$result = $db->query('SELECT topic_id FROM '.$db->prefix.'posts WHERE id='.$post_id) or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
+		if (!$db->num_rows($result))
+			message($lang_common['Bad request'], false, '404 Not Found');
+
+		$topic_id = $db->result($result);
+
+		// Get the subject and forum ID
+		$result = $db->query('SELECT subject, forum_id FROM '.$db->prefix.'topics WHERE id='.$topic_id) or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());
+		if (!$db->num_rows($result))
+			message($lang_common['Bad request'], false, '404 Not Found');
+
+		list($subject, $forum_id) = $db->fetch_row($result);
+
+		// Should we use the internal report handling?
+		if ($pun_config['o_report_method'] == '0' || $pun_config['o_report_method'] == '2')
+			$db->query('INSERT INTO '.$db->prefix.'reports (post_id, topic_id, forum_id, reported_by, created, message) VALUES('.$post_id.', '.$topic_id.', '.$forum_id.', '.$pun_user['id'].', '.time().', \''.$db->escape($reason).'\')' ) or error('Unable to create report', __FILE__, __LINE__, $db->error());
+
+		// Should we email the report?
+		if ($pun_config['o_report_method'] == '1' || $pun_config['o_report_method'] == '2')
+		{
+			// We send it to the complete mailing-list in one swoop
+			if ($pun_config['o_mailing_list'] != '')
+			{
+				// Load the "new report" template
+				$mail_tpl = trim(file_get_contents(PUN_ROOT.'lang/'.$pun_user['language'].'/mail_templates/new_report.tpl'));
+
+				// The first row contains the subject
+				$first_crlf = strpos($mail_tpl, "\n");
+				$mail_subject = trim(substr($mail_tpl, 8, $first_crlf-8));
+				$mail_message = trim(substr($mail_tpl, $first_crlf));
+
+				$mail_subject = str_replace('<forum_id>', $forum_id, $mail_subject);
+				$mail_subject = str_replace('<topic_subject>', $subject, $mail_subject);
+				$mail_message = str_replace('<username>', $pun_user['username'], $mail_message);
+				$mail_message = str_replace('<post_url>', get_base_url().'/viewtopic.php?pid='.$post_id.'#p'.$post_id, $mail_message);
+				$mail_message = str_replace('<reason>', $reason, $mail_message);
+				$mail_message = str_replace('<board_mailer>', $pun_config['o_board_title'], $mail_message);
+
+				require PUN_ROOT.'include/email.php';
+
+				pun_mail($pun_config['o_mailing_list'], $mail_subject, $mail_message);
+			}
+		}
+
+		$db->query('UPDATE '.$db->prefix.'users SET last_report_sent='.time().' WHERE id='.$pun_user['id']) or error('Unable to update user', __FILE__, __LINE__, $db->error());
+
+		redirect('viewforum.php?id='.$forum_id, $lang_misc['Report redirect']);
+	}
+
+	// Fetch some info about the post, the topic and the forum
+	$result = $db->query('SELECT f.id AS fid, f.forum_name, t.id AS tid, t.subject FROM '.$db->prefix.'posts AS p INNER JOIN '.$db->prefix.'topics AS t ON t.id=p.topic_id INNER JOIN '.$db->prefix.'forums AS f ON f.id=t.forum_id LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND p.id='.$post_id) or error('Unable to fetch post info', __FILE__, __LINE__, $db->error());
+	if (!$db->num_rows($result))
+		message($lang_common['Bad request'], false, '404 Not Found');
+
+	$cur_post = $db->fetch_assoc($result);
+
+	if ($pun_config['o_censoring'] == '1')
+		$cur_post['subject'] = censor_words($cur_post['subject']);
+
+	$page_title = array(pun_htmlspecialchars($pun_config['o_board_title']), $lang_misc['Report post']);
+	$required_fields = array('req_reason' => $lang_misc['Reason']);
+	$focus_element = array('report', 'req_reason');
+	define('PUN_ACTIVE_PAGE', 'index');
+	require PUN_ROOT.'header.php';
+
+?>
+<div class="linkst">
+	<div class="inbox">
+		<ul class="crumbs">
+			<li><a href="index.php"><?php echo $lang_common['Index'] ?></a></li>
+			<li><span>»&#160;</span><a href="viewforum.php?id=<?php echo $cur_post['fid'] ?>"><?php echo pun_htmlspecialchars($cur_post['forum_name']) ?></a></li>
+			<li><span>»&#160;</span><a href="viewtopic.php?pid=<?php echo $post_id ?>#p<?php echo $post_id ?>"><?php echo pun_htmlspecialchars($cur_post['subject']) ?></a></li>
+			<li><span>»&#160;</span><strong><?php echo $lang_misc['Report post'] ?></strong></li>
+		</ul>
+	</div>
+</div>
+
+<div id="reportform" class="blockform">
+	<h2><span><?php echo $lang_misc['Report post'] ?></span></h2>
+	<div class="box">
+		<form id="report" method="post" action="misc.php?report=<?php echo $post_id ?>" onsubmit="this.submit.disabled=true;if(process_form(this)){return true;}else{this.submit.disabled=false;return false;}">
+			<div class="inform">
+				<fieldset>
+					<legend><?php echo $lang_misc['Reason desc'] ?></legend>
+					<div class="infldset txtarea">
+						<input type="hidden" name="form_sent" value="1" />
+						<label class="required"><strong><?php echo $lang_misc['Reason'] ?> <span><?php echo $lang_common['Required'] ?></span></strong><br /><textarea name="req_reason" rows="5" cols="60"></textarea><br /></label>
+					</div>
+				</fieldset>
+			</div>
+			<p class="buttons"><input type="submit" name="submit" value="<?php echo $lang_common['Submit'] ?>" accesskey="s" /> <a href="javascript:history.go(-1)"><?php echo $lang_common['Go back'] ?></a></p>
+		</form>
+	</div>
+</div>
+<?php
+
+	require PUN_ROOT.'footer.php';
+}
+
+
+else if ($action == 'subscribe')
+{
+	if ($pun_user['is_guest'])
+		message($lang_common['No permission'], false, '403 Forbidden');
+
+	$topic_id = isset($_GET['tid']) ? intval($_GET['tid']) : 0;
+	$forum_id = isset($_GET['fid']) ? intval($_GET['fid']) : 0;
+	if ($topic_id < 1 && $forum_id < 1)
+		message($lang_common['Bad request'], false, '404 Not Found');
+
+	if ($topic_id)
+	{
+		if ($pun_config['o_topic_subscriptions'] != '1')
+			message($lang_common['No permission'], false, '403 Forbidden');
+
+		// Make sure the user can view the topic
+		$result = $db->query('SELECT 1 FROM '.$db->prefix.'topics AS t LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=t.forum_id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.id='.$topic_id.' AND t.moved_to IS NULL') or error('Unable to fetch topic info', __FILE__, __LINE__, $db->error());
+		if (!$db->num_rows($result))
+			message($lang_common['Bad request'], false, '404 Not Found');
+
+		$result = $db->query('SELECT 1 FROM '.$db->prefix.'topic_subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$topic_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error());
+		if ($db->num_rows($result))
+			message($lang_misc['Already subscribed topic']);
+
+		$db->query('INSERT INTO '.$db->prefix.'topic_subscriptions (user_id, topic_id) VALUES('.$pun_user['id'].' ,'.$topic_id.')') or error('Unable to add subscription', __FILE__, __LINE__, $db->error());
+
+		redirect('viewtopic.php?id='.$topic_id, $lang_misc['Subscribe redirect']);
+	}
+
+	if ($forum_id)
+	{
+		if ($pun_config['o_forum_subscriptions'] != '1')
+			message($lang_common['No permission'], false, '403 Forbidden');
+
+		// Make sure the user can view the forum
+		$result = $db->query('SELECT 1 FROM '.$db->prefix.'forums AS f LEFT JOIN '.$db->prefix.'forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id='.$pun_user['g_id'].') WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND f.id='.$forum_id) or error('Unable to fetch forum info', __FILE__, __LINE__, $db->error());
+		if (!$db->num_rows($result))
+			message($lang_common['Bad request'], false, '404 Not Found');
+
+		$result = $db->query('SELECT 1 FROM '.$db->prefix.'forum_subscriptions WHERE user_id='.$pun_user['id'].' AND forum_id='.$forum_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error());
+		if ($db->num_rows($result))
+			message($lang_misc['Already subscribed forum']);
+
+		$db->query('INSERT INTO '.$db->prefix.'forum_subscriptions (user_id, forum_id) VALUES('.$pun_user['id'].' ,'.$forum_id.')') or error('Unable to add subscription', __FILE__, __LINE__, $db->error());
+
+		redirect('viewforum.php?id='.$forum_id, $lang_misc['Subscribe redirect']);
+	}
+}
+
+
+else if ($action == 'unsubscribe')
+{
+	if ($pun_user['is_guest'])
+		message($lang_common['No permission'], false, '403 Forbidden');
+
+	$topic_id = isset($_GET['tid']) ? intval($_GET['tid']) : 0;
+	$forum_id = isset($_GET['fid']) ? intval($_GET['fid']) : 0;
+	if ($topic_id < 1 && $forum_id < 1)
+		message($lang_common['Bad request'], false, '404 Not Found');
+
+	if ($topic_id)
+	{
+		if ($pun_config['o_topic_subscriptions'] != '1')
+			message($lang_common['No permission'], false, '403 Forbidden');
+
+		$result = $db->query('SELECT 1 FROM '.$db->prefix.'topic_subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$topic_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error());
+		if (!$db->num_rows($result))
+			message($lang_misc['Not subscribed topic']);
+
+		$db->query('DELETE FROM '.$db->prefix.'topic_subscriptions WHERE user_id='.$pun_user['id'].' AND topic_id='.$topic_id) or error('Unable to remove subscription', __FILE__, __LINE__, $db->error());
+
+		redirect('viewtopic.php?id='.$topic_id, $lang_misc['Unsubscribe redirect']);
+	}
+
+	if ($forum_id)
+	{
+		if ($pun_config['o_forum_subscriptions'] != '1')
+			message($lang_common['No permission'], false, '403 Forbidden');
+
+		$result = $db->query('SELECT 1 FROM '.$db->prefix.'forum_subscriptions WHERE user_id='.$pun_user['id'].' AND forum_id='.$forum_id) or error('Unable to fetch subscription info', __FILE__, __LINE__, $db->error());
+		if (!$db->num_rows($result))
+			message($lang_misc['Not subscribed forum']);
+
+		$db->query('DELETE FROM '.$db->prefix.'forum_subscriptions WHERE user_id='.$pun_user['id'].' AND forum_id='.$forum_id) or error('Unable to remove subscription', __FILE__, __LINE__, $db->error());
+
+		redirect('viewforum.php?id='.$forum_id, $lang_misc['Unsubscribe redirect']);
+	}
+}
+
+
+else
+	message($lang_common['Bad request'], false, '404 Not Found');
diff --git a/profile.php b/profile.php
index a2ee583f2..feb8295f8 100644
--- a/profile.php
+++ b/profile.php
@@ -55,7 +55,7 @@
 			message($lang_profile['Pass key bad'].' <a href="mailto:'.pun_htmlspecialchars($pun_config['o_admin_email']).'">'.pun_htmlspecialchars($pun_config['o_admin_email']).'</a>.');
 		else
 		{
-			$db->query('UPDATE '.$db->prefix.'users SET password=\''.$cur_user['activate_string'].'\', activate_string=NULL, activate_key=NULL'.(!empty($cur_user['salt']) ? ', salt=NULL' : '').' WHERE id='.$id) or error('Unable to update password', __FILE__, __LINE__, $db->error());
+			$db->query('UPDATE '.$db->prefix.'users SET password=\''.$db->escape($cur_user['activate_string']).'\', activate_string=NULL, activate_key=NULL'.(!empty($cur_user['salt']) ? ', salt=NULL' : '').' WHERE id='.$id) or error('Unable to update password', __FILE__, __LINE__, $db->error());
 
 			message($lang_profile['Pass updated'], true);
 		}