############################################################## 
##
## MOD Title:		  phpBB Security
##
## MOD Author:		  aUsTiN => austin_inc@hotmail.com
##
## MOD Description:       Please read the Features.txt
##
## MOD Version:           1.0.1
##
## MOD Help:		  http://phpbb-amod.com/
## 
## Installation Level:    Easy
##
## Installation Time:     20 Minutes
##
## Files To Edit:         13
##
## Included Files:        7
##
############################################################## 
############################################################## 
##
## Author Notes: 
##
##
##	Copyright  phpBB-Amod, 2003-2005
##
##	Feel free to see it in action at http://phpbb-amod.com/
##
##	If the copyright is removed or not in place, you WILL NOT
##	receive support. Its a matter of respect to the ones who
##	take the time to give yall these scripts.
##
##	If you wish to display the ones who have been caught, you
##	can add a link wherever you want on your boards pointing to
##	http://yoursite.com/phpbb/login_security.php?phpBBSecurity=caught
##
############################################################## 
##
## MOD History: 
## 
##	Jan 05th 2005 - Version 1.0.1
##      	- Added chr Prevention
##      	- Added file write & file open Prevention
##      	- Recoded usercp_register edits (worked out all issues)
##		- Added CBACK Worm prevention
##		- Added pagination to the caught page
##		- Added the link they used to get banned to the caught page
##		- Highlights ips with red if they have ever posted on your site
## 
##	Dec 10th 2004 - Version 1.0.0
##      	- Beta Released
##
############################################################## 
##
## Before Adding This MOD To Your Forum, You Should Back Up All Files Related To This MOD 
##
##############################################################
##
##	Definitions:
##
##		Root: Folder your config.php is located
##		templates/*/: Your template folder (All template folders are suggested)
##		lang_*/: Your current language folder (All lang folders are suggested)
##
##############################################################

-----------------------------------
----[ SQL EXECUTION ]--------------
-----------------------------------

Execute the installer.php, upload it to your root directory
IE: http://yoursite.com/index.php is your site, it needs to be
http://yoursite.com/installer.php. Then point your browser to 
it & run it.

-----------------------------------
----[ UPLOAD FILES ]---------------
-----------------------------------

login_security.php	-> Root/
phpbb_security.php	-> Root/includes
login_security.tpl	-> Root/templates/*/
lang_phpbb_security.php	-> language/lang_*/

-----------------------------------
----[ OPEN ]-----------------------
-----------------------------------

common.php

-----------------------------------
----[ FIND ]-----------------------
-----------------------------------

?>

-----------------------------------
----[ ADD, BEFORE ]----------------
-----------------------------------

#======================================================================= |
#==== Start: == phpBB Security ========================================= |
#==== v1.0.1 =========================================================== |
#====					
include_once($phpbb_root_path .'includes/phpbb_security.'. $phpEx);
$ps_check = phpBBSecurity_Blocks();
	if ($ps_check)
		phpBBSecurity_Ban(phpBBSecurity_IP(), $board_config['phpBBSecurity_auto_ban'], $ps_check);
phpBBSecurity_MaxSessions($board_config['phpBBSecurity_allowed_sessions']);
#====
#==== Author: aUsTiN [austin@phpbb-amod.com] [http://phpbb-amod.com] === |
#==== End: ==== phpBB Security ========================================= |	
#======================================================================= |

-----------------------------------
----[ CLOSE & SAVE ]---------------
-----------------------------------

-----------------------------------
----[ OPEN ]-----------------------
-----------------------------------

login.php

-----------------------------------
----[ FIND ]-----------------------
-----------------------------------

//
// End session management
//

-----------------------------------
----[ ADD, AFTER ]-----------------
-----------------------------------

#======================================================================= |
#==== Start: == phpBB Security ========================================= |
#==== v1.0.1 =========================================================== |
#====					
include_once($phpbb_root_path .'includes/phpbb_security.'. $phpEx);
#====
#==== Author: aUsTiN [austin@phpbb-amod.com] [http://phpbb-amod.com] === |
#==== End: ==== phpBB Security ========================================= |	
#======================================================================= |

-----------------------------------
----[ FIND ]-----------------------
-----------------------------------

			if( $row['user_level'] != ADMIN && $board_config['board_disable'] )
			{

-----------------------------------
----[ ADD, BEFORE ]----------------
-----------------------------------

#======================================================================= |
#==== Start: == phpBB Security ========================================= |
#==== v1.0.1 =========================================================== |
#====
		if (md5($password) != $row['user_password'])
			phpBBSecurity_InvalidLogin($row['user_id']);								
			phpBBSecurity_CheckTries($row['user_id']);
#====
#==== Author: aUsTiN [austin@phpbb-amod.com] [http://phpbb-amod.com] === |
#==== End: ==== phpBB Security ========================================= |	
#======================================================================= |

-----------------------------------
----[ FIND ]-----------------------
-----------------------------------

					if( $session_id )
					{

-----------------------------------
----[ ADD, AFTER ]-----------------
-----------------------------------

#======================================================================= |
#==== Start: == phpBB Security ========================================= |
#==== v1.0.1 =========================================================== |
#====					
						phpBBSecurity_ResetTries($row['user_id']);
#====
#==== Author: aUsTiN [austin@phpbb-amod.com] [http://phpbb-amod.com] === |
#==== End: ==== phpBB Security ========================================= |	
#======================================================================= |

-----------------------------------
----[ CLOSE & SAVE ]---------------
-----------------------------------

-----------------------------------
----[ OPEN ]-----------------------
-----------------------------------

admin/admin_board.php

-----------------------------------
----[ FIND ]-----------------------
-----------------------------------

include($phpbb_root_path . 'includes/functions_selects.'.$phpEx);

-----------------------------------
----[ ADD, AFTER ]-----------------
-----------------------------------

#======================================================================= |
#==== Start: == phpBB Security ========================================= |
#==== v1.0.1 =========================================================== |
#====					
include_once($phpbb_root_path .'includes/phpbb_security.'. $phpEx);
#====
#==== Author: aUsTiN [austin@phpbb-amod.com] [http://phpbb-amod.com] === |
#==== End: ==== phpBB Security ========================================= |	
#======================================================================= |

-----------------------------------
----[ FIND ]-----------------------
-----------------------------------

			{
				message_die(GENERAL_ERROR, "Failed to update general configuration for $config_name", "", __LINE__, __FILE__, $sql);
			}

-----------------------------------
----[ ADD, AFTER ]-----------------
-----------------------------------

#======================================================================= |
#==== Start: == phpBB Security ========================================= |
#==== v1.0.0 =========================================================== |
#====
		$ps_a = ($_POST['ps_admin']) 		? $_POST['ps_admin'] 		: $HTTP_POST_VARS['ps_admin'];
		$ps_i = ($_POST['ps_admin_id']) 	? $_POST['ps_admin_id'] 	: $HTTP_POST_VARS['ps_admin_id'];
		$ps_l = ($_POST['ps_limit']) 		? $_POST['ps_limit'] 		: $HTTP_POST_VARS['ps_limit'];
		$ps_b = ($_POST['ps_ban']) 			? $_POST['ps_ban'] 			: $HTTP_POST_VARS['ps_ban'];
		$ps_s = ($_POST['ps_sess']) 		? $_POST['ps_sess'] 		: $HTTP_POST_VARS['ps_sess'];
		$ps_c = ($_POST['ps_allow_change']) ? $_POST['ps_allow_change'] : $HTTP_POST_VARS['ps_allow_change'];
		$ps_p = ($_POST['ps_admin_pm']) 	? $_POST['ps_admin_pm'] 	: $HTTP_POST_VARS['ps_admin_pm'];
		$ps_e = ($_POST['ps_admin_em']) 	? $_POST['ps_admin_em'] 	: $HTTP_POST_VARS['ps_admin_em'];
		
		phpBBSecurity_UpdateConfig($ps_a, $ps_i, $ps_l, $ps_b, $ps_s, $ps_c, $ps_p, $ps_e);
		
	if ($userdata['user_id'] == phpBBSecurity_OldestAdmin())
		{
	$s_a 	= ($_POST['special_admin']) 	? $_POST['special_admin'] 	: $HTTP_POST_VARS['special_admin'];
	$s_m 	= ($_POST['special_mod']) 		? $_POST['special_mod'] 	: $HTTP_POST_VARS['special_mod'];
	$s_u 	= ($_POST['ps_use_special']) 	? $_POST['ps_use_special'] 	: $HTTP_POST_VARS['ps_use_special'];
	$s_d	= ($_POST['ps_ddos_option']) 	? $_POST['ps_ddos_option'] 	: $HTTP_POST_VARS['ps_ddos_option'];
	$s_cl	= ($_POST['ps_clike_option']) 	? $_POST['ps_clike_option']	: $HTTP_POST_VARS['ps_clike_option'];
	$s_cb	= ($_POST['ps_cback_option']) 	? $_POST['ps_cback_option'] : $HTTP_POST_VARS['ps_cback_option'];
	$s_e	= ($_POST['ps_chr_option']) 	? $_POST['ps_chr_option'] 	: $HTTP_POST_VARS['ps_chr_option'];
	$s_s	= ($_POST['ps_sql_option']) 	? $_POST['ps_sql_option'] 	: $HTTP_POST_VARS['ps_sql_option'];
	$s_p	= ($_POST['ps_perl_option']) 	? $_POST['ps_perl_option'] 	: $HTTP_POST_VARS['ps_perl_option'];
	$s_un	= ($_POST['ps_union_option']) 	? $_POST['ps_union_option'] : $HTTP_POST_VARS['ps_union_option'];
	$s_f	=( $_POST['ps_file_option']) 	? $_POST['ps_file_option'] 	: $HTTP_POST_VARS['ps_file_option'];
	
		phpBBSecurity_UpdateSpecial($s_a, $s_m, $s_u, $s_d, $s_cl, $s_cb, $s_e, $s_s, $s_p, $s_un, $s_f);
		}
				
#====
#==== Author: aUsTiN [austin@phpbb-amod.com] [http://phpbb-amod.com] === |
#==== End: ==== phpBB Security ========================================= |	
#======================================================================= |

-----------------------------------
----[ FIND ]-----------------------
-----------------------------------

$new['site_desc'] = str_replace('"', '&quot;', $new['site_desc']);
$new['sitename'] = str_replace('"', '&quot;', strip_tags($new['sitename']));

-----------------------------------
----[ ADD, AFTER ]-----------------
-----------------------------------

#======================================================================= |
#==== Start: == phpBB Security ========================================= |
#==== v1.0.1 =========================================================== |
#====					
	$q = "SELECT username, user_id
		  FROM ". USERS_TABLE ."
		  WHERE user_level = '". ADMIN ."'";
	$r 				= $db->sql_query($q);
	while($admins 	= $db->sql_fetchrow($r))
		{
	$template->assign_block_vars('admins', array(
		'ID'	=> $admins['user_id'],
		'NAME'	=> $admins['username'])
			);
		}
		
	if ($userdata['user_id'] == phpBBSecurity_OldestAdmin())
		{
	$special 	= phpBBSecurity_SpecialCount();
	$split_it 	= explode('%SPLIT%', $special);
	$t_admins 	= str_replace('%X%', $split_it[0], $lang['PS_special_admins_total']);
	$t_mods 	= str_replace('%X%', $split_it[1], $lang['PS_special_mods_total']);
	
		if ($split_it[1] > $board_config[phpBBSecurity_ModConfigName()])
			$mod_problem = $lang['PS_special_mods_offset'];
		else
			$mod_problem = '';
			
		if ($split_it[0] > $board_config[phpBBSecurity_AdminConfigName()])
			$admin_problem = $lang['PS_special_admins_offset'];
		else
			$admin_problem = '';			
		
	$template->assign_block_vars('phpBBSecurity_special', array(
		'WARNING'	=> $lang['PS_option_warning'],
		'ONE'		=> $lang['PS_option_ban'],
		'TWO'		=> $lang['PS_option_block'],
		'THREE'		=> $lang['PS_option_ignore'],
		# Clike Start
		'BAN_1'		=> ($board_config['phpBBSecurity_Clike_Ban'] == 1) ? 'checked="checked"' : '',
		'BLOCK_1'	=> ($board_config['phpBBSecurity_Clike_Ban'] == 2) ? 'checked="checked"' : '',
		'IGNORE_1'	=> ($board_config['phpBBSecurity_Clike_Ban'] == 0) ? 'checked="checked"' : '',
		'EXP_1'		=> $lang['PS_list_two'],
		# Clike Stop; Union Start
		'BAN_2'		=> ($board_config['phpBBSecurity_Union_Ban'] == 1) ? 'checked="checked"' : '',
		'BLOCK_2'	=> ($board_config['phpBBSecurity_Union_Ban'] == 2) ? 'checked="checked"' : '',
		'IGNORE_2'	=> ($board_config['phpBBSecurity_Union_Ban'] == 0) ? 'checked="checked"' : '',
		'EXP_2'		=> $lang['PS_list_three'],
		# Union Stop; SQL Start
		'BAN_3'		=> ($board_config['phpBBSecurity_SQL_Ban'] == 1) ? 'checked="checked"' : '',
		'BLOCK_3'	=> ($board_config['phpBBSecurity_SQL_Ban'] == 2) ? 'checked="checked"' : '',
		'IGNORE_3'	=> ($board_config['phpBBSecurity_SQL_Ban'] == 0) ? 'checked="checked"' : '',
		'EXP_3'		=> $lang['PS_list_five'],
		# SQL Stop; DDoS Start
		'BAN_4'		=> ($board_config['phpBBSecurity_DDoS_Ban'] == 1) ? 'checked="checked"' : '',
		'BLOCK_4'	=> ($board_config['phpBBSecurity_DDoS_Ban'] == 2) ? 'checked="checked"' : '',
		'IGNORE_4'	=> ($board_config['phpBBSecurity_DDoS_Ban'] == 0) ? 'checked="checked"' : '',
		'EXP_4'		=> $lang['PS_list_one'],
		# DDoS Stop; File Start
		'BAN_5'		=> ($board_config['phpBBSecurity_File_Ban'] == 1) ? 'checked="checked"' : '',
		'BLOCK_5'	=> ($board_config['phpBBSecurity_File_Ban'] == 2) ? 'checked="checked"' : '',
		'IGNORE_5'	=> ($board_config['phpBBSecurity_File_Ban'] == 0) ? 'checked="checked"' : '',
		'EXP_5'		=> $lang['PS_list_eight'],
		# File Stop; Perl Start
		'BAN_6'		=> ($board_config['phpBBSecurity_Perl_Ban'] == 1) ? 'checked="checked"' : '',
		'BLOCK_6'	=> ($board_config['phpBBSecurity_Perl_Ban'] == 2) ? 'checked="checked"' : '',
		'IGNORE_6'	=> ($board_config['phpBBSecurity_Perl_Ban'] == 0) ? 'checked="checked"' : '',
		'EXP_6'		=> $lang['PS_list_six'],
		# Perl Stop; Encoded Start
		'BAN_7'		=> ($board_config['phpBBSecurity_Encoded_Ban'] == 1) ? 'checked="checked"' : '',
		'BLOCK_7'	=> ($board_config['phpBBSecurity_Encoded_Ban'] == 2) ? 'checked="checked"' : '',
		'IGNORE_7'	=> ($board_config['phpBBSecurity_Encoded_Ban'] == 0) ? 'checked="checked"' : '',
		'EXP_7'		=> $lang['PS_list_seven'],
		# Encoded Stop; CBACK Start
		'BAN_8'		=> ($board_config['phpBBSecurity_Cback_Ban'] == 1) ? 'checked="checked"' : '',
		'BLOCK_8'	=> ($board_config['phpBBSecurity_Cback_Ban'] == 2) ? 'checked="checked"' : '',
		'IGNORE_8'	=> ($board_config['phpBBSecurity_Cback_Ban'] == 0) ? 'checked="checked"' : '',
		'EXP_8'		=> $lang['PS_list_four'],
		# CBACK Stop												
		'TITLE'		=> $lang['PS_special'],
		'ADMIN'		=> $lang['PS_special_admins'],
		'ADMIN_2'	=> $lang['PS_special_admins_exp'],
		'ADMIN_3'	=> $board_config[phpBBSecurity_AdminConfigName()],
		'ADMIN_4'	=> $t_admins,
		'ADMIN_5'	=> $admin_problem,
		'MOD'		=> $lang['PS_special_mods'],
		'MOD_2'		=> $lang['PS_special_mods_exp'],
		'MOD_3'		=> $board_config[phpBBSecurity_ModConfigName()],
		'MOD_4'		=> $t_mods,
		'MOD_5'		=> $mod_problem,
		'USE'		=> $lang['PS_use_special'],
		'USE_E'		=> $lang['PS_use_special_exp'],
		'USE_Y'		=> ($board_config[phpBBSecurity_UseSpecial()]) ? 'checked="checked"' : '',	
		'USE_N'		=> (!$board_config[phpBBSecurity_UseSpecial()]) ? 'checked="checked"' : '')
			);
		}
#====
#==== Author: aUsTiN [austin@phpbb-amod.com] [http://phpbb-amod.com] === |
#==== End: ==== phpBB Security ========================================= |	
#======================================================================= |

-----------------------------------
----[ FIND ]-----------------------
-----------------------------------

$template->assign_vars(array(

-----------------------------------
----[ ADD, AFTER ]-----------------
-----------------------------------

#======================================================================= |
#==== Start: == phpBB Security ========================================= |
#==== v1.0.1 =========================================================== |
#====
	'PS_YES_L'			=> $lang['PS_list_choice_one'],
	'PS_NO_L'			=> $lang['PS_list_choice_two'],
	'ADMIN_EM_V'		=> ($board_config['phpBBSecurity_notify_admin_em']) ? 'checked="checked"' : '',	
	'ADMIN_EM_L'		=> $lang['PS_notify_admin_by_em'],
	'ADMIN_PM_V'		=> ($board_config['phpBBSecurity_notify_admin_pm']) ? 'checked="checked"' : '',	
	'ADMIN_PM_L'		=> $lang['PS_notify_admin_by_pm'],
	'ALLOW_CHANGE_L'	=> $lang['PS_allow_user_change'],	
	'ALLOW_CHANGE_Y'	=> ($board_config['phpBBSecurity_Allow_Change']) ? 'checked="checked"' : '',
	'ALLOW_CHANGE_N'	=> (!$board_config['phpBBSecurity_Allow_Change']) ? 'checked="checked"' : '',	
	'PS_LOGIN_LIMIT_V'	=> $board_config['phpBBSecurity_login_limit'],
	'PS_LOGIN_LIMIT_L'	=> $lang['PS_admin_one'],
	'PS_LOGIN_LIMIT_E'	=> $lang['PS_admin_one_exp'],	
	'PS_NOTIFY_ADMIN_L'	=> $lang['PS_admin_two'],
	'PS_NOTIFY_ADMIN_E'	=> $lang['PS_admin_two_exp'],
	'PS_NOTIFY_ADMIN_Y'	=> ($board_config['phpBBSecurity_notify_admin']) ? 'checked="checked"' : '',	
	'PS_NOTIFY_ADMIN_N'	=> (!$board_config['phpBBSecurity_notify_admin']) ? 'checked="checked"' : '',	
	'PS_ADMIN_ID_V'		=> str_replace('%A%', phpBBSecurity_GetName($board_config['phpBBSecurity_notify_admin_id']), $lang['PS_admin_current']),
	'PS_ADMIN_ID_L'		=> $lang['PS_admin_three'],
	'PS_ADMIN_ID_E'		=> $lang['PS_admin_three_exp'],
	'PS_ADMIN_DEFAULT'	=> $lang['PS_admin_default'],
	'PS_ADMIN_BAN_L'	=> $lang['PS_admin_ban'],
	'PS_ADMIN_BAN_E'	=> $lang['PS_admin_ban_exp'],
	'PS_ADMIN_BAN_Y'	=> ($board_config['phpBBSecurity_auto_ban']) ? 'checked="checked"' : '',	
	'PS_ADMIN_BAN_N'	=> (!$board_config['phpBBSecurity_auto_ban']) ? 'checked="checked"' : '',	
	'PS_ADMIN_SESS_L'	=> $lang['PS_admin_sessions'],
	'PS_ADMIN_SESS_E'	=> $lang['PS_admin_sessions_exp'],
	'PS_ADMIN_SESS_V'	=> $board_config['phpBBSecurity_allowed_sessions'],
	'PS_ADMIN_TITLE'	=> $lang['PS_login_header'],
#====
#==== Author: aUsTiN [austin@phpbb-amod.com] [http://phpbb-amod.com] === |
#==== End: ==== phpBB Security ========================================= |	
#======================================================================= |

-----------------------------------
----[ CLOSE & SAVE ]---------------
-----------------------------------

-----------------------------------
----[ OPEN ]-----------------------
-----------------------------------

admin/admin_users.php

-----------------------------------
----[ FIND ]-----------------------
-----------------------------------

		$user_allowavatar = ( !empty($HTTP_POST_VARS['user_allowavatar']) ) ? intval( $HTTP_POST_VARS['user_allowavatar'] ) : 0;

-----------------------------------
----[ ADD, AFTER ]-----------------
-----------------------------------

#======================================================================= |
#==== Start: == phpBB Security ========================================= |
#==== v1.0.1 =========================================================== |
#====
	include_once($phpbb_root_path .'includes/phpbb_security.'. $phpEx);		
		$locked_status 	= ($_POST['ps_lock']) ? $_POST['ps_lock'] : $HTTP_POST_VARS['ps_lock'];
		$reset_status 	= ($_POST['ps_reset']) ? $_POST['ps_reset'] : $HTTP_POST_VARS['ps_reset'];
		phpBBSecurity_Admin($user_id, $locked_status, $reset_status);
#====
#==== Author: aUsTiN [austin@phpbb-amod.com] [http://phpbb-amod.com] === |
#==== End: ==== phpBB Security ========================================= |	
#======================================================================= |

-----------------------------------
----[ FIND ]-----------------------
-----------------------------------
#
#
# This should be in the main $template->assign_vars( array, so if you have a mod that adds this
# anywhere else, make sure you put it in the right place.

'USERNAME' => $username,

-----------------------------------
----[ ADD, BEFORE ]----------------
-----------------------------------

#======================================================================= |
#==== Start: == phpBB Security ========================================= |
#==== v1.0.1 =========================================================== |
#====		
			'PS_STATUS'		=> ($this_userdata['phpBBSecurity_login_tries'] >= $board_config['phpBBSecurity_login_limit']) ? $lang['PS_user_status_l'] : $lang['PS_user_status_u'],
			'PS_RESET'		=> $lang['PS_user_reset'],
			'PS_RESET_EXP'	=> $lang['PS_user_reset_exp'],
			'PS_LOCK'		=> $lang['PS_user_lock'],
			'PS_LOCK_EXP'	=> $lang['PS_user_lock_exp'],
#====
#==== Author: aUsTiN [austin@phpbb-amod.com] [http://phpbb-amod.com] === |
#==== End: ==== phpBB Security ========================================= |	
#======================================================================= |

-----------------------------------
----[ CLOSE & SAVE ]---------------
-----------------------------------

-----------------------------------
----[ OPEN ]-----------------------
-----------------------------------

includes/functions.php

-----------------------------------
----[ FIND ]-----------------------
-----------------------------------

//
// Initialise user settings on page load
function init_userprefs($userdata)
{
	global $board_config, $theme, $images;
	global $template, $lang, $phpEx, $phpbb_root_path;
	global $nav_links;


-----------------------------------
----[ ADD, AFTER ]-----------------
-----------------------------------

#======================================================================= |
#==== Start: == phpBB Security ========================================= |
#==== v1.0.1 =========================================================== |
#====					
include_once($phpbb_root_path .'includes/phpbb_security.'. $phpEx);
phpBBSecurity_Elimination($board_config[phpBBSecurity_AdminConfigName()], $board_config[phpBBSecurity_ModConfigName()], $userdata['user_id']);
#====
#==== Author: aUsTiN [austin@phpbb-amod.com] [http://phpbb-amod.com] === |
#==== End: ==== phpBB Security ========================================= |	
#======================================================================= |

-----------------------------------
----[ CLOSE & SAVE ]---------------
-----------------------------------

-----------------------------------
----[ OPEN ]-----------------------
-----------------------------------

includes/page_header.php

-----------------------------------
----[ FIND ]-----------------------
-----------------------------------

//
// The following assigns all _common_ variables that may be used at any point
// in a template.
//

-----------------------------------
----[ ADD, BEFORE ]----------------
-----------------------------------

#======================================================================= |
#==== Start: == phpBB Security ========================================= |
#==== v1.0.1 =========================================================== |
#====					
include_once($phpbb_root_path .'includes/phpbb_security.'. $phpEx);
#====
#==== Author: aUsTiN [austin@phpbb-amod.com] [http://phpbb-amod.com] === |
#==== End: ==== phpBB Security ========================================= |	
#======================================================================= |

-----------------------------------
----[ FIND ]-----------------------
-----------------------------------

$template->pparse('overall_header');

-----------------------------------
----[ ADD, AFTER ]-----------------
-----------------------------------

#======================================================================= |
#==== Start: == phpBB Security ========================================= |
#==== v1.0.1 =========================================================== |
#====					
	# Only allow them to login & view profile to update it
	if ($_SERVER['PHP_SELF'] == $board_config['script_path'] .'profile.'. $phpEx)
		$is_valid = TRUE;
	elseif ($_SERVER['PHP_SELF'] == $board_config['script_path'] .'login.'. $phpEx)
		$is_valid = TRUE;
	else
		$is_valid = '';
		
	if ( (!$is_valid)  && (!$gen_simple_header) ) 
		{
		# Make sure they are not a guest
		if ($userdata['user_id'] != ANONYMOUS)
			{
			# Do the check
			if (!$userdata['phpBBSecurity_answer'] || !$userdata['phpBBSecurity_question'])
				phpBBSecurity_Force();
			}
		}
#====
#==== Author: aUsTiN [austin@phpbb-amod.com] [http://phpbb-amod.com] === |
#==== End: ==== phpBB Security ========================================= |	
#======================================================================= |

-----------------------------------
----[ CLOSE & SAVE ]---------------
-----------------------------------

-----------------------------------
----[ OPEN ]-----------------------
-----------------------------------

includes/page_tail.php

-----------------------------------
----[ FIND ]-----------------------
-----------------------------------

	'PHPBB_VERSION' => '2' . $board_config['version'],

-----------------------------------
----[ ADD, BEFORE ]----------------
-----------------------------------

#======================================================================= |
#==== Start: == phpBB Security ========================================= |
#==== v1.0.1 =========================================================== |
#====
	'BLOCKED'	=> str_replace('%T%', '<b>'. number_format($board_config['phpBBSecurity_total_attempts']) .'</b>', $lang['PS_blocked_line']),
#====
#==== Author: aUsTiN [austin@phpbb-amod.com] [http://phpbb-amod.com] === |
#==== End: ==== phpBB Security ========================================= |	
#======================================================================= |

-----------------------------------
----[ CLOSE & SAVE ]---------------
-----------------------------------

-----------------------------------
----[ OPEN ]-----------------------
-----------------------------------

includes/usercp_register.php

-----------------------------------
----[ FIND ]-----------------------
-----------------------------------

			$sql = "UPDATE " . USERS_TABLE . "

-----------------------------------
----[ ADD, BEFORE ]----------------
-----------------------------------

#======================================================================= |
#==== Start: == phpBB Security ========================================= |
#==== v1.0.1 =========================================================== |
#====
include_once($phpbb_root_path .'includes/phpbb_security.'. $phpEx);
	$ps_question 	= ($_POST['PS_question']) 	? $_POST['PS_question'] : $HTTP_POST_VARS['PS_question'];
	$ps_answer 		= ($_POST['PS_answer']) 	? $_POST['PS_answer'] 	: $HTTP_POST_VARS['PS_answer'];
	if ( (isset($HTTP_POST_VARS['submit'])) && ($mode == 'editprofile') )
		phpBBSecurity_Validate($ps_question, $ps_answer, $userdata['user_id'], $mode);
#====
#==== Author: aUsTiN [austin@phpbb-amod.com] [http://phpbb-amod.com] === |
#==== End: ==== phpBB Security ========================================= |	
#======================================================================= |

-----------------------------------
----[ FIND ]-----------------------
-----------------------------------

			if ( !($result = $db->sql_query($sql, BEGIN_TRANSACTION)) )
			{
				message_die(GENERAL_ERROR, 'Could not insert data into users table', '', __LINE__, __FILE__, $sql);
			}

-----------------------------------
----[ ADD, AFTER ]-----------------
-----------------------------------

#======================================================================= |
#==== Start: == phpBB Security ========================================= |
#==== v1.0.1 =========================================================== |
#====
include_once($phpbb_root_path .'includes/phpbb_security.'. $phpEx);
	$ps_question 	= ($_POST['PS_question']) 	? $_POST['PS_question'] : $HTTP_POST_VARS['PS_question'];
	$ps_answer 		= ($_POST['PS_answer']) 	? $_POST['PS_answer'] 	: $HTTP_POST_VARS['PS_answer'];
	if ((isset($HTTP_POST_VARS['submit'])) && ($mode == 'register') )
		phpBBSecurity_Validate($ps_question, $ps_answer, $user_id, $mode);
#====
#==== Author: aUsTiN [austin@phpbb-amod.com] [http://phpbb-amod.com] === |
#==== End: ==== phpBB Security ========================================= |	
#======================================================================= |

-----------------------------------
----[ FIND ]-----------------------
-----------------------------------

	'USERNAME' => $username,

-----------------------------------
----[ ADD, BEFORE ]----------------
-----------------------------------

#======================================================================= |
#==== Start: == phpBB Security ========================================= |
#==== v1.0.1 =========================================================== |
#====	
		'PS_TITLE'			=> $lang['PS_security_title'],
		'PS_QUESTION'		=> $lang['PS_security_question'],
		'PS_QUESTION_EXP'	=> $lang['PS_security_question_exp'],
		'PS_Q'				=> $userdata['phpBBSecurity_question'],		
		'PS_ANSWER'			=> $lang['PS_security_answer'],
		'PS_ANSWER_EXP'		=> $lang['PS_security_answer_exp'],
		'PS_A'				=> $userdata['phpBBSecurity_answer'],
		'PS_A_EXP'			=> $lang['PS_security_a_exp'],
		'PS_EXP'			=> $lang['PS_profile_explain'],
#====
#==== Author: aUsTiN [austin@phpbb-amod.com] [http://phpbb-amod.com] === |
#==== End: ==== phpBB Security ========================================= |	
#======================================================================= |

-----------------------------------
----[ CLOSE & SAVE ]---------------
-----------------------------------

-----------------------------------
----[ OPEN ]-----------------------
-----------------------------------

templates/*/overall_footer.tpl

-----------------------------------
----[ FIND ]-----------------------
-----------------------------------

Powered by <a href="http://www.phpbb.com/"

-----------------------------------
----[ ADD, BEFORE ]----------------
-----------------------------------
#
# If you dont want to show the people who get caught:

Protected by phpBB Security 1.0.1  <a href="http://phpbb-amod.com" class="copyright" target="_blank">phpBB-Amod</a><br />{BLOCKED}<br />

#
# If you want to show the poeple who get caught:

<a href="login_security.php?phpBBSecurity=caught" class="copyright">Protected</a> by phpBB Security 1.0.1  <a href="http://phpbb-amod.com" class="copyright" target="_blank">phpBB-Amod</a><br>{BLOCKED}<br>

-----------------------------------
----[ CLOSE & SAVE ]---------------
-----------------------------------

-----------------------------------
----[ OPEN ]-----------------------
-----------------------------------

templates/*/profile_add_body.tpl

-----------------------------------
----[ FIND ]-----------------------
-----------------------------------

	<!-- END switch_avatar_local_gallery -->
	<!-- END switch_avatar_block -->

-----------------------------------
----[ ADD, AFTER ]-----------------
-----------------------------------

	<!-- Start: phpBB Security -->
	<tr> 
	  <td class="catSides" colspan="2" height="28">&nbsp;</td>
	</tr>
	<tr> 
		<th class="thSides" colspan="2" height="12" valign="middle">{PS_TITLE}</th>
	</tr>
	<tr>
		<td align="left" class="row2" colspan="2">
			<span class="genmed">
				{PS_EXP}
			</span>
		</td>
	</tr>
	<tr>
		<td align="left" valign="bottom" class="row1">
			<span class="genmed">
				{PS_QUESTION}
			</span>
			<br>
			<span class="gensmall">
				{PS_QUESTION_EXP}
			</span>			
		</td>
		<td align="left" valign="middle" class="row2">
			<input type="text" name="PS_question" value="{PS_Q}" class="post" size="50">
		</td>		
	</tr>
	<tr>
		<td align="left" valign="bottom" class="row1">
			<span class="genmed">
				{PS_ANSWER}
			</span>
			<br>
			<span class="gensmall">
				{PS_ANSWER_EXP}
			</span>			
		</td>
		<td align="left" valign="middle" class="row2">
			<input type="text" name="PS_answer" value="{PS_A}" class="post" size="50">
			<span class="gensmall">
				{PS_A_EXP}
			</span>
		</td>		
	</tr>	
	<!-- End: phpBB Security -->

-----------------------------------
----[ CLOSE & SAVE ]---------------
-----------------------------------

-----------------------------------
----[ OPEN ]-----------------------
-----------------------------------

templates/*/admin/board_config_body.tpl

-----------------------------------
----[ FIND ]-----------------------
-----------------------------------

	<tr>
		<th class="thHead" colspan="2">{L_COOKIE_SETTINGS}</th>
	</tr>

-----------------------------------
----[ ADD, BEFORE ]----------------
-----------------------------------

<!-- Start: phpBB Security -->	
	<tr>
		<th class="thHead" colspan="2">{PS_ADMIN_TITLE}</th>
	</tr>
	<tr>
		<td class="row1"><span class="genmed">{ALLOW_CHANGE_L}</span></td>
		<td class="row2"><span class="genmed"><input type="radio" name="ps_allow_change" value="1" {ALLOW_CHANGE_Y} /> {L_ENABLED}  <input type="radio" name="ps_allow_change" value="0" {ALLOW_CHANGE_N} /> {L_DISABLED}</span></td>
	</tr>			
	<tr>
		<td class="row1"><span class="genmed">{PS_ADMIN_SESS_L}</span><span class="gensmall">{PS_ADMIN_SESS_E}</span></td>
		<td class="row2"><input type="text" name="ps_sess" class="post" size="5" value="{PS_ADMIN_SESS_V}" /></td>
	</tr>
	<tr>
		<td class="row1"><span class="genmed">{PS_ADMIN_BAN_L}</span><span class="gensmall">{PS_ADMIN_BAN_E}</span></td>
		<td class="row2"><span class="genmed"><input type="radio" name="ps_ban" value="1" {PS_ADMIN_BAN_Y} /> {L_ENABLED}  <input type="radio" name="ps_ban" value="0" {PS_ADMIN_BAN_N} /> {L_DISABLED}</span></td>
	</tr>
	<tr>
		<td class="row1"><span class="genmed">{PS_LOGIN_LIMIT_L}</span><span class="gensmall">{PS_LOGIN_LIMIT_E}</span></td>
		<td class="row2"><input type="text" name="ps_limit" class="post" size="5" value="{PS_LOGIN_LIMIT_V}" /></td>
	</tr>
	<tr>
		<td class="row1"><span class="genmed">{PS_NOTIFY_ADMIN_L}</span><span class="gensmall">{PS_NOTIFY_ADMIN_E}</span></td>
		<td class="row2">
			<span class="genmed">
				<input type="radio" name="ps_admin" value="1" {PS_NOTIFY_ADMIN_Y} /> {L_ENABLED}  <input type="radio" name="ps_admin" value="0" {PS_NOTIFY_ADMIN_N} /> {L_DISABLED}
				<br>
				<input type="checkbox" name="ps_admin_em" value="1" {ADMIN_EM_V}>{ADMIN_EM_L}	<input type="checkbox" name="ps_admin_pm" value="1" {ADMIN_PM_V}>{ADMIN_PM_L}
			</span>
		</td>
	</tr>
	<tr>
		<td class="row1"><span class="genmed">{PS_ADMIN_ID_L}</span><span class="gensmall">{PS_ADMIN_ID_E}</span></td>
		<td class="row2">
			<select name="ps_admin_id">
				<option value="" class="post">{PS_ADMIN_DEFAULT}</option>
		<!-- BEGIN admins -->
				<option value="{admins.ID}" class="post">{admins.NAME}</option>
		<!-- END admins -->
			</select>
			<br>
			<span class="gensmall">
				{PS_ADMIN_ID_V}
			</span>
		</td>
	</tr>
	<!-- BEGIN phpBBSecurity_special -->
	<tr>
		<th class="thHead" colspan="2">{phpBBSecurity_special.TITLE}</th>
	</tr>		
	<tr>
		<td class="row1"><span class="genmed">{phpBBSecurity_special.USE}</span><span class="gensmall">{phpBBSecurity_special.USE_E}</span></td>
		<td class="row2"><input type="radio" name="ps_use_special" value="1" {phpBBSecurity_special.USE_Y} /> {L_ENABLED}  <input type="radio" name="ps_use_special" value="0" {phpBBSecurity_special.USE_N} /> {L_DISABLED}</td>
	</tr>
	<tr>
		<td class="row1"><span class="genmed">{phpBBSecurity_special.ADMIN}</span><span class="gensmall">{phpBBSecurity_special.ADMIN_2}</span></td>
		<td class="row2"><input type="text" name="special_admin" class="post" size="5" value="{phpBBSecurity_special.ADMIN_3}" /><span class="gensmall">{phpBBSecurity_special.ADMIN_4}{phpBBSecurity_special.ADMIN_5}</span></td>
	</tr>
	<tr>
		<td class="row1"><span class="genmed">{phpBBSecurity_special.MOD}</span><span class="gensmall">{phpBBSecurity_special.MOD_2}</span></td>
		<td class="row2"><input type="text" name="special_mod" class="post" size="5" value="{phpBBSecurity_special.MOD_3}" /><span class="gensmall">{phpBBSecurity_special.MOD_4}{phpBBSecurity_special.MOD_5}</span></td>
	</tr>
	<tr>
		<td class="row2" colspan="2">{phpBBSecurity_special.WARNING}</td>
	</tr>
	<tr>
		<td class="row1"><span class="genmed">{phpBBSecurity_special.EXP_1}</span></td>
		<td class="row2"><span class="genmed"><input type="radio" name="ps_clike_option" value="1" {phpBBSecurity_special.BAN_1}> {phpBBSecurity_special.ONE}  <input type="radio" name="ps_clike_option" value="2" {phpBBSecurity_special.BLOCK_1}> {phpBBSecurity_special.TWO}  <input type="radio" name="ps_clike_option" value="0" {phpBBSecurity_special.IGNORE_1}> {phpBBSecurity_special.THREE}</span></td>
	</tr>	
	<tr>
		<td class="row1"><span class="genmed">{phpBBSecurity_special.EXP_2}</span></td>
		<td class="row2"><span class="genmed"><input type="radio" name="ps_union_option" value="1" {phpBBSecurity_special.BAN_2}> {phpBBSecurity_special.ONE}  <input type="radio" name="ps_union_option" value="2" {phpBBSecurity_special.BLOCK_2}> {phpBBSecurity_special.TWO}  <input type="radio" name="ps_union_option" value="0" {phpBBSecurity_special.IGNORE_2}> {phpBBSecurity_special.THREE}</span></td>
	</tr>
	<tr>
		<td class="row1"><span class="genmed">{phpBBSecurity_special.EXP_3}</span></td>
		<td class="row2"><span class="genmed"><input type="radio" name="ps_sql_option" value="1" {phpBBSecurity_special.BAN_3}> {phpBBSecurity_special.ONE}  <input type="radio" name="ps_sql_option" value="2" {phpBBSecurity_special.BLOCK_3}> {phpBBSecurity_special.TWO}  <input type="radio" name="ps_sql_option" value="0" {phpBBSecurity_special.IGNORE_3}> {phpBBSecurity_special.THREE}</span></td>
	</tr>
	<tr>
		<td class="row1"><span class="genmed">{phpBBSecurity_special.EXP_4}</span></td>
		<td class="row2"><span class="genmed"><input type="radio" name="ps_ddos_option" value="1" {phpBBSecurity_special.BAN_4}> {phpBBSecurity_special.ONE}  <input type="radio" name="ps_ddos_option" value="2" {phpBBSecurity_special.BLOCK_4}> {phpBBSecurity_special.TWO}  <input type="radio" name="ps_ddos_option" value="0" {phpBBSecurity_special.IGNORE_4}> {phpBBSecurity_special.THREE}</span></td>
	</tr>
	<tr>
		<td class="row1"><span class="genmed">{phpBBSecurity_special.EXP_5}</span></td>
		<td class="row2"><span class="genmed"><input type="radio" name="ps_file_option" value="1" {phpBBSecurity_special.BAN_5}> {phpBBSecurity_special.ONE}  <input type="radio" name="ps_file_option" value="2" {phpBBSecurity_special.BLOCK_5}> {phpBBSecurity_special.TWO}  <input type="radio" name="ps_file_option" value="0" {phpBBSecurity_special.IGNORE_5}> {phpBBSecurity_special.THREE}</span></td>
	</tr>
	<tr>
		<td class="row1"><span class="genmed">{phpBBSecurity_special.EXP_6}</span></td>
		<td class="row2"><span class="genmed"><input type="radio" name="ps_perl_option" value="1" {phpBBSecurity_special.BAN_6}> {phpBBSecurity_special.ONE}  <input type="radio" name="ps_perl_option" value="2" {phpBBSecurity_special.BLOCK_6}> {phpBBSecurity_special.TWO}  <input type="radio" name="ps_perl_option" value="0" {phpBBSecurity_special.IGNORE_6}> {phpBBSecurity_special.THREE}</span></td>
	</tr>
	<tr>
		<td class="row1"><span class="genmed">{phpBBSecurity_special.EXP_7}</span></td>
		<td class="row2"><span class="genmed"><input type="radio" name="ps_chr_option" value="1" {phpBBSecurity_special.BAN_7}> {phpBBSecurity_special.ONE}  <input type="radio" name="ps_chr_option" value="2" {phpBBSecurity_special.BLOCK_7}> {phpBBSecurity_special.TWO}  <input type="radio" name="ps_chr_option" value="0" {phpBBSecurity_special.IGNORE_7}> {phpBBSecurity_special.THREE}</span></td>
	</tr>
	<tr>
		<td class="row1"><span class="genmed">{phpBBSecurity_special.EXP_8}</span></td>
		<td class="row2"><span class="genmed"><input type="radio" name="ps_cback_option" value="1" {phpBBSecurity_special.BAN_8}> {phpBBSecurity_special.ONE}  <input type="radio" name="ps_cback_option" value="2" {phpBBSecurity_special.BLOCK_8}> {phpBBSecurity_special.TWO}  <input type="radio" name="ps_cback_option" value="0" {phpBBSecurity_special.IGNORE_8}> {phpBBSecurity_special.THREE}</span></td>
	</tr>									
	<!-- END phpBBSecurity_special -->
<!-- End: phpBB Security -->	

-----------------------------------
----[ CLOSE & SAVE ]---------------
-----------------------------------

-----------------------------------
----[ OPEN ]-----------------------
-----------------------------------

templates/*/admin/user_edit_body.tpl

-----------------------------------
----[ FIND ]-----------------------
-----------------------------------

	<tr>
	  <td class="row1" colspan="2"><span class="gensmall">{L_SPECIAL_EXPLAIN}</span></td>
	</tr>

-----------------------------------
----[ ADD, AFTER ]-----------------
-----------------------------------

<!-- Start: phpBB Security -->
	<tr>
		<td class="row1">
			<span class="gen">
				{PS_LOCK}
			</span>
			<br />
			<span class="gensmall">
				{PS_LOCK_EXP}
			</span>			
		</td>
		<td class="row2">
			<span class="gensmall">
				<input type="checkbox" name="ps_lock">  {PS_STATUS}
			</span>
		</td>
	</tr>
	<tr>
		<td class="row1">
			<span class="gen">
				{PS_RESET}
			</span>
			<br />
			<span class="gensmall">
				{PS_RESET_EXP}
			</span>			
		</td>
		<td class="row2">
			<input type="checkbox" name="ps_reset">
		</td>	
	</tr>
<!-- End: phpBB Security -->

-----------------------------------
----[ CLOSE & SAVE ]---------------
-----------------------------------


#==== Next Step: ======================= |

Configuring your admin popup login. You will need to goto http://www.earthlink.net/cgi-bin/pwgenerator.pl
and encrtpy your password. Take that & whatever username you want to use & open

rename.phpbbsecurity

In your rename.phpbbsecurity, you need to put the login info in there, in the format below

username:password

Keep in mind the password HAS TO BE encoded before you do this, or you will never be able to 
login to your admin panel.

Now that you have the rename.phpbbsecurity file done, onto the next one. Open rename.htaccess
with a text editor of some sort. Find

AuthUserFile "/home/{USERNAME}/public_html/.phpbbsecurity"

and change that to yours. The word "{USERNAME}" is what needs to be changed. Your cPanel username,
FTP username & phpMyAdmin username, is what it needs to be. After you change that line, close 
& save it. Next file, rename2.htaccess. If you already use a .htaccess in your public_html
directory, you will need to edit it. Otherwise we will use the one provided. If you already
have one, open it & add

<Files .phpbbsecurity>
  deny from all
</Files>

then close & save it.

Now that we have prepared all the files, lets put them in place. Upload rename.phpbbsecurity
and rename2.htaccess to your public_html folder. After they are uploaded, rename them.

rename2.htaccess 	: Rename to :		.htaccess
rename.phpbbsecurity	: Rename to :		.phpbbsecurity

Then upload rename.htaccess to your admin/ directory. After its uploaded, rename it.

rename.htaccess		: Rename to :		.htaccess

After you do all that, you will notice the files disappear, this is normal. That part is done.

These are CaSe SeNsItIvE, so when logging in, you need to use the same info you just stored.

#==== Next Step: ======================= |

Goto your administration panel -> General Admin -> Configuration

Setup how you want everything to work.

EoM