From f3be40fd722c621e5d73e69be581b6684986c358 Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Sat, 6 Jun 2015 14:47:35 +0200
Subject: [PATCH 1/9] [ticket/571] Intval more variables and improve code
 quality

B3P-571
---
 acp/portal_module.php               |  2 +-
 includes/functions.php              | 18 +++++++--------
 migrations/v210_beta1.php           |  6 +++--
 modules/poll.php                    | 36 ++++++++++++++++-------------
 modules/random_member.php           |  2 +-
 modules/user_menu.php               |  2 +-
 modules/whois_online.php            |  4 ++--
 portal/modules/database_handler.php | 18 +++++++--------
 portal/modules/manager.php          |  4 ++--
 9 files changed, 49 insertions(+), 43 deletions(-)

diff --git a/acp/portal_module.php b/acp/portal_module.php
index eb7ed658..b1ab4060 100644
--- a/acp/portal_module.php
+++ b/acp/portal_module.php
@@ -470,7 +470,7 @@ class portal_module
 
 						$sql = 'SELECT module_order
 							FROM ' . PORTAL_MODULES_TABLE . '
-							WHERE module_column = ' . $add_column . '
+							WHERE module_column = ' . (int) $add_column . '
 							ORDER BY module_order DESC';
 						$result = $this->db->sql_query_limit($sql, 1);
 						$module_order = 1 + (int) $this->db->sql_fetchfield('module_order');
diff --git a/includes/functions.php b/includes/functions.php
index 7cb51633..81001e34 100644
--- a/includes/functions.php
+++ b/includes/functions.php
@@ -312,9 +312,9 @@ function get_portal_tracking_info($fetch_news)
 			$mark_time = array();
 
 			$sql = 'SELECT topic_id, mark_time
-				FROM ' . TOPICS_TRACK_TABLE . "
-				WHERE user_id = {$user->data['user_id']}
-					AND " . $db->sql_in_set('topic_id', $current_forum);
+				FROM ' . TOPICS_TRACK_TABLE . '
+				WHERE user_id =  ' . (int) $user->data['user_id'] . '
+					AND ' . $db->sql_in_set('topic_id', $current_forum);
 			$result = $db->sql_query($sql);
 
 			while ($row = $db->sql_fetchrow($result))
@@ -328,9 +328,9 @@ function get_portal_tracking_info($fetch_news)
 			if (sizeof($topic_ids))
 			{
 				$sql = 'SELECT forum_id, mark_time
-					FROM ' . FORUMS_TRACK_TABLE . "
-					WHERE user_id = {$user->data['user_id']}
-						AND " . $db->sql_in_set('forum_id', $forum_ids);
+					FROM ' . FORUMS_TRACK_TABLE . '
+					WHERE user_id =  ' . (int) $user->data['user_id'] . '
+						AND ' . $db->sql_in_set('forum_id', $forum_ids);
 				$result = $db->sql_query($sql);
 
 				while ($row = $db->sql_fetchrow($result))
@@ -339,10 +339,10 @@ function get_portal_tracking_info($fetch_news)
 				}
 				$db->sql_freeresult($result);
 
-				// @todo: do not use $current_forum here as this is already used by the outside foreach
-				foreach ($forum_ids as $current_forum)
+				// Set user last mark time
+				foreach ($forum_ids as $current_forum_id)
 				{
-					$user_lastmark[$current_forum] = (isset($mark_time[$current_forum])) ? $mark_time[$current_forum] : $user->data['user_lastmark'];
+					$user_lastmark[$current_forum_id] = (isset($mark_time[$current_forum_id])) ? $mark_time[$current_forum_id] : $user->data['user_lastmark'];
 				}
 
 				// @todo: also check if $user_lastmark has been defined for this specific forum_id
diff --git a/migrations/v210_beta1.php b/migrations/v210_beta1.php
index ecc7768c..e20c01e9 100644
--- a/migrations/v210_beta1.php
+++ b/migrations/v210_beta1.php
@@ -180,7 +180,8 @@ class v210_beta1 extends \phpbb\db\migration\migration
 	{
 		if ($this->db_tools->sql_table_exists($this->table_prefix . 'portal_config'))
 		{
-			$sql = 'SELECT * FROM ' . $this->table_prefix . 'portal_config';
+			$sql = 'SELECT *
+				FROM ' . $this->table_prefix . 'portal_config';
 			$result = $this->db->sql_query_limit($sql, 1);
 			$row = $this->db->sql_fetchrow($result);
 			$this->db->sql_freeresult($result);
@@ -198,7 +199,8 @@ class v210_beta1 extends \phpbb\db\migration\migration
 		$in_ary = array('GUESTS', 'REGISTERED', 'REGISTERED_COPPA');
 		$groups_ary = array();
 
-		$sql = 'SELECT group_id, group_name FROM ' . $this->table_prefix . 'groups
+		$sql = 'SELECT group_id, group_name
+			FROM ' . $this->table_prefix . 'groups
 			WHERE ' . $this->db->sql_in_set('group_name', $in_ary);
 		$result = $this->db->sql_query($sql);
 		while ($row = $this->db->sql_fetchrow($result))
diff --git a/modules/poll.php b/modules/poll.php
index 5efb59f3..91b44285 100644
--- a/modules/poll.php
+++ b/modules/poll.php
@@ -199,8 +199,8 @@ class poll extends module_base
 			{
 				$sql = 'SELECT poll_option_id
 					FROM ' . POLL_VOTES_TABLE . '
-					WHERE topic_id = ' . $up_topic_id . '
-						AND vote_user_id = ' . $this->user->data['user_id'];
+					WHERE topic_id = ' . (int) $up_topic_id . '
+						AND vote_user_id = ' . (int) $this->user->data['user_id'];
 				$result = $this->db->sql_query($sql);
 
 				while ($row = $this->db->sql_fetchrow($result))
@@ -222,8 +222,10 @@ class poll extends module_base
 			}
 
 			$sql = 'SELECT t.poll_length, t.poll_start, t.poll_vote_change, t.topic_status, f.forum_status, t.poll_max_options
-					FROM ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f
-					WHERE t.forum_id = f.forum_id AND t.topic_id = " . (int) $up_topic_id . " AND t.forum_id = " . (int) $up_forum_id;
+				FROM ' . TOPICS_TABLE . ' t, ' . FORUMS_TABLE . " f
+				WHERE t.forum_id = f.forum_id
+					AND t.topic_id = " . (int) $up_topic_id . "
+					AND t.forum_id = " . (int) $up_forum_id;
 			$result = $this->db->sql_query_limit($sql, 1);
 			$topic_data = $this->db->sql_fetchrow($result);
 			$this->db->sql_freeresult($result);
@@ -312,8 +314,8 @@ class poll extends module_base
 				}
 
 				$sql = 'UPDATE ' . TOPICS_TABLE . '
-					SET poll_last_vote = ' . time() . "
-					WHERE topic_id = $up_topic_id";
+					SET poll_last_vote = ' . time() . '
+					WHERE topic_id = ' . (int) $up_topic_id;
 				//, topic_last_post_time = ' . time() . " -- for bumping topics with new votes, ignore for now
 				$this->db->sql_query($sql);
 
@@ -351,7 +353,7 @@ class poll extends module_base
 
 		if ($this->config['board3_poll_hide_' . $module_id])
 		{
-			$portal_poll_hide = "AND (t.poll_start + t.poll_length > ". time() ." OR t.poll_length = 0)";
+			$portal_poll_hide = 'AND (t.poll_start + t.poll_length > ' . time() . ' OR t.poll_length = 0)';
 		}
 		else
 		{
@@ -362,13 +364,15 @@ class poll extends module_base
 		{
 
 			$sql = 'SELECT t.poll_title, t.poll_start, t.topic_id,  t.topic_first_post_id, t.forum_id, t.poll_length, t.poll_vote_change, t.poll_max_options, t.topic_status, f.forum_status, p.bbcode_bitfield, p.bbcode_uid
-					FROM ' . TOPICS_TABLE . ' t, ' . POSTS_TABLE . ' p, ' . FORUMS_TABLE . " f
-					WHERE t.forum_id = f.forum_id AND t.topic_visibility = 1 AND t.poll_start > 0
+				FROM ' . TOPICS_TABLE . ' t, ' . POSTS_TABLE . ' p, ' . FORUMS_TABLE . " f
+				WHERE t.forum_id = f.forum_id
+					AND t.topic_visibility = 1
+					AND t.poll_start > 0
 					{$where}
 					AND t.topic_moved_id = 0
 					AND p.post_id = t.topic_first_post_id
 					{$portal_poll_hide}
-					ORDER BY t.poll_start DESC";
+				ORDER BY t.poll_start DESC";
 			$limit = (isset($this->config['board3_poll_limit_' . $module_id])) ? $this->config['board3_poll_limit_' . $module_id] : 3;
 			$result = $this->db->sql_query_limit($sql, $limit);
 			$has_poll = false;
@@ -390,8 +394,8 @@ class poll extends module_base
 						{
 							$vote_sql = 'SELECT poll_option_id
 								FROM ' . POLL_VOTES_TABLE . '
-								WHERE topic_id = ' . $topic_id . '
-									AND vote_user_id = ' . $this->user->data['user_id'];
+								WHERE topic_id = ' . (int) $topic_id . '
+									AND vote_user_id = ' . (int) $this->user->data['user_id'];
 							$vote_result = $this->db->sql_query($vote_sql);
 
 							while ($row = $this->db->sql_fetchrow($vote_result))
@@ -426,9 +430,9 @@ class poll extends module_base
 					$s_display_results = (!$s_can_vote || ($s_can_vote && sizeof($cur_voted_id)) || ($view == 'viewpoll' && in_array($topic_id, $poll_view_ar))) ? true : false;
 
 					$poll_sql = 'SELECT po.poll_option_id, po.poll_option_text, po.poll_option_total
-						FROM ' . POLL_OPTIONS_TABLE . " po
-						WHERE po.topic_id = {$topic_id}
-						ORDER BY po.poll_option_id";
+						FROM ' . POLL_OPTIONS_TABLE . ' po
+						WHERE po.topic_id = ' . (int) $topic_id .'
+						ORDER BY po.poll_option_id';
 
 					$poll_result = $this->db->sql_query($poll_sql);
 					$poll_total_votes = 0;
@@ -483,7 +487,7 @@ class poll extends module_base
 					$this->template->assign_block_vars(($type !== '') ? 'poll_' . $type : 'poll', array(
 						'S_POLL_HAS_OPTIONS'	=> $poll_has_options,
 						'POLL_QUESTION'			=> $data['poll_title'],
-						'U_POLL_TOPIC'			=> append_sid($this->phpbb_root_path . 'viewtopic.' . $this->php_ext . '?t=' . $topic_id . '&amp;f=' . $forum_id),
+						'U_POLL_TOPIC'			=> append_sid($this->phpbb_root_path . 'viewtopic.' . $this->php_ext, 't=' . $topic_id . '&amp;f=' . $forum_id),
 						'POLL_LENGTH'			=> $data['poll_length'],
 						'TOPIC_ID'				=> $topic_id,
 						'TOTAL_VOTES'			=> $poll_total_votes,
diff --git a/modules/random_member.php b/modules/random_member.php
index 563c3be5..9a34aba8 100644
--- a/modules/random_member.php
+++ b/modules/random_member.php
@@ -127,7 +127,7 @@ class random_member extends module_base
 
 			'USER_POSTS'	=> (int) $row['user_posts'],
 			'AVATAR_IMG'	=> $avatar_img,
-			'JOINED'		=> $this->user->format_date($row['user_regdate'], 'd.M.Y'),
+			'JOINED'		=> $this->user->format_date($row['user_regdate']),
 //			'USER_OCC'		=> censor_text($row['user_occ']),
 //			'USER_FROM'		=> censor_text($row['user_from']),
 //			'U_WWW'			=> censor_text($row['user_website']),
diff --git a/modules/user_menu.php b/modules/user_menu.php
index f40c77ed..fa64b579 100644
--- a/modules/user_menu.php
+++ b/modules/user_menu.php
@@ -127,7 +127,7 @@ class user_menu extends module_base
 
 			$sql = 'SELECT COUNT(DISTINCT t.topic_id) as total
 						FROM ' . TOPICS_TABLE . ' t
-						WHERE t.topic_last_post_time > ' . $this->user->data['user_lastvisit'] . '
+						WHERE t.topic_last_post_time > ' . (int) $this->user->data['user_lastvisit'] . '
 							AND t.topic_moved_id = 0
 							' . str_replace(array('p.', 'post_'), array('t.', 'topic_'), $m_approve_fid_sql) . '
 							' . ((sizeof($ex_fid_ary)) ? 'AND ' . $this->db->sql_in_set('t.forum_id', $ex_fid_ary, true) : '');
diff --git a/modules/whois_online.php b/modules/whois_online.php
index 14c10859..204ae704 100644
--- a/modules/whois_online.php
+++ b/modules/whois_online.php
@@ -112,11 +112,11 @@ class whois_online extends module_base
 				LEFT JOIN ' . USER_GROUP_TABLE . ' ug
 					ON (
 						g.group_id = ug.group_id
-						AND ug.user_id = ' . $this->user->data['user_id'] . '
+						AND ug.user_id = ' . (int) $this->user->data['user_id'] . '
 						AND ug.user_pending = 0
 					)
 				WHERE g.group_legend > 0
-					AND (g.group_type <> ' . GROUP_HIDDEN . ' OR ug.user_id = ' . $this->user->data['user_id'] . ')
+					AND (g.group_type <> ' . GROUP_HIDDEN . ' OR ug.user_id = ' . (int) $this->user->data['user_id'] . ')
 				ORDER BY g.' . $order_legend . ' ASC';
 		}
 		$result = $this->db->sql_query($sql);
diff --git a/portal/modules/database_handler.php b/portal/modules/database_handler.php
index b2d18036..666654c9 100644
--- a/portal/modules/database_handler.php
+++ b/portal/modules/database_handler.php
@@ -109,7 +109,7 @@ class database_handler
 		}
 
 		$sql = 'UPDATE ' . PORTAL_MODULES_TABLE . '
-				SET module_order = module_order' . $other_increment . '
+				SET module_order = module_order' . (int) $other_increment . '
 				WHERE module_order = ' . (int) ($module_data['module_order'] + ($direction * $step)) . '
 					AND module_column = ' . (int) $module_data['module_column'];
 		$this->db->sql_query($sql);
@@ -117,7 +117,7 @@ class database_handler
 		if ($updated)
 		{
 			$sql = 'UPDATE ' . PORTAL_MODULES_TABLE . '
-					SET module_order = module_order' . $current_increment . '
+					SET module_order = module_order' . (int) $current_increment . '
 					WHERE module_id = ' . (int) $module_id;
 			$this->db->sql_query($sql);
 		}
@@ -136,20 +136,20 @@ class database_handler
 	{
 		$sql = 'UPDATE ' . PORTAL_MODULES_TABLE . '
 				SET module_order = module_order + 1
-				WHERE module_order >= ' . $module_data['module_order'] . '
-					AND module_column = ' . ($module_data['module_column'] + $move_action);
+				WHERE module_order >= ' . (int) $module_data['module_order'] . '
+					AND module_column = ' . (int) ($module_data['module_column'] + $move_action);
 		$this->db->sql_query($sql);
 		$updated = $this->db->sql_affectedrows();
 
 		$sql = 'UPDATE ' . PORTAL_MODULES_TABLE . '
-				SET module_column = ' . ($module_data['module_column'] + $move_action) . '
+				SET module_column = ' . (int) ($module_data['module_column'] + $move_action) . '
 				WHERE module_id = ' . (int) $module_id;
 		$this->db->sql_query($sql);
 
 		$sql = 'UPDATE ' . PORTAL_MODULES_TABLE . '
 				SET module_order = module_order - 1
-				WHERE module_order >= ' . $module_data['module_order'] . '
-				AND module_column = ' . $module_data['module_column'];
+				WHERE module_order >= ' . (int) $module_data['module_order'] . '
+				AND module_column = ' . (int) $module_data['module_column'];
 		$this->db->sql_query($sql);
 
 		// the module that needs to moved is in the last row
@@ -157,13 +157,13 @@ class database_handler
 		{
 			$sql = 'SELECT MAX(module_order) as new_order
 						FROM ' . PORTAL_MODULES_TABLE . '
-						WHERE module_order < ' . $module_data['module_order'] . '
+						WHERE module_order < ' . (int) $module_data['module_order'] . '
 						AND module_column = ' . (int) ($module_data['module_column'] + $move_action);
 			$this->db->sql_query($sql);
 			$new_order = $this->db->sql_fetchfield('new_order') + 1;
 
 			$sql = 'UPDATE ' . PORTAL_MODULES_TABLE . '
-					SET module_order = ' . $new_order . '
+					SET module_order = ' . (int) $new_order . '
 					WHERE module_id = ' . (int) $module_id;
 			$this->db->sql_query($sql);
 		}
diff --git a/portal/modules/manager.php b/portal/modules/manager.php
index eefd9642..651b8219 100644
--- a/portal/modules/manager.php
+++ b/portal/modules/manager.php
@@ -348,8 +348,8 @@ class manager
 
 				$sql = 'UPDATE ' . PORTAL_MODULES_TABLE . '
 					SET module_order = module_order - 1
-					WHERE module_column = ' . $module_data['module_column'] . '
-						AND module_order > ' . $module_data['module_order'];
+					WHERE module_column = ' . (int) $module_data['module_column'] . '
+						AND module_order > ' . (int) $module_data['module_order'];
 				$this->db->sql_query($sql);
 
 				$this->cache->purge(); // make sure we don't get errors after re-adding a module

From 9d4515432cef2f0da575ce78c4c8baca67d6020c Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Sat, 6 Jun 2015 14:50:46 +0200
Subject: [PATCH 2/9] [ticket/571] Remove unused ext.php

B3P-571
---
 ext.php | 16 ----------------
 1 file changed, 16 deletions(-)
 delete mode 100644 ext.php

diff --git a/ext.php b/ext.php
deleted file mode 100644
index e4c82596..00000000
--- a/ext.php
+++ /dev/null
@@ -1,16 +0,0 @@
-<?php
-/**
-*
-* @package Board3 Portal v2.1
-* @copyright (c) 2014 Board3 Group ( www.board3.de )
-* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
-*
-*/
-
-// This file is needed for phpBB3 to properly register the extension
-
-namespace board3\portal;
-
-class ext extends \phpbb\extension\base
-{
-}

From 45fb1c859d71a089f43d8ce7c705cb6153c08dc3 Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Sat, 6 Jun 2015 15:29:37 +0200
Subject: [PATCH 3/9] [ticket/571] Some more minor fixes

B3P-571
---
 adm/style/portal/acp_portal_calendar.html | 78 +++++++++++------------
 adm/style/portal/acp_portal_links.html    |  4 +-
 modules/links.php                         |  2 +-
 portal/modules/manager.php                |  2 +-
 4 files changed, 43 insertions(+), 43 deletions(-)

diff --git a/adm/style/portal/acp_portal_calendar.html b/adm/style/portal/acp_portal_calendar.html
index ab3e990e..3ce3519a 100644
--- a/adm/style/portal/acp_portal_calendar.html
+++ b/adm/style/portal/acp_portal_calendar.html
@@ -149,47 +149,47 @@
 	</fieldset>
 
 	<fieldset>
-	<legend>{L_ACP_PORTAL_EVENTS}</legend>
-	<fieldset class="tabulated">
+		<legend>{L_ACP_PORTAL_EVENTS}</legend>
+		<fieldset class="tabulated">
 
-	<p class="quick">
-		<input class="button2" name="add" type="submit" value="{L_ADD_EVENT}" />
-	</p>
+		<p class="quick">
+			<input class="button2" name="add" type="submit" value="{L_ADD_EVENT}" />
+		</p>
 
-	<table cellspacing="1">
-	<thead>
-	<tr>
-		<th>{L_EVENT_TITLE}</th>
-		<th>{L_EVENT_DESC}</th>
-		<th>{L_EVENT_TIME}</th>
-		<th>{L_EVENT_LINK}</th>
-		<th>{L_ACTION}</th>
-	</tr>
-	</thead>
-	<tbody>
-	<!-- BEGIN events -->
-		<!-- IF events.S_ROW_COUNT is even --><tr class="row1"><!-- ELSE --><tr class="row2"><!-- ENDIF -->
-		<td style="text-align: center;">{events.EVENT_TITLE}</td>
-		<td style="text-align: center;">{events.EVENT_DESC}</td>
-		<td style="text-align: center;"><!-- IF events.EVENT_END -->{L_EVENT_START}{L_COLON}&nbsp;{events.EVENT_START}&nbsp;&#124;&nbsp;{L_EVENT_END}{L_COLON}&nbsp;{events.EVENT_END}<!-- ELSE -->{L_EVENT_TIME}{L_COLON}&nbsp;{events.EVENT_START}<!-- IF events.EVENT_ALL_DAY -->&nbsp;&#124;&nbsp;{L_EVENT_ALL_DAY}<!-- ENDIF --><!-- ENDIF --></td>
-		<td style="text-align: center;"><a href="{events.EVENT_URL}" alt="{events.EVENT_TITLE}">{events.EVENT_URL_RAW}</td>
-		<td style="text-align: center;">
-			<a href="{events.U_EDIT}">{ICON_EDIT}</a> <a href="{events.U_DELETE}">{ICON_DELETE}</a>
-		</td>
-	</tr>
-	<!-- BEGINELSE -->
-	<tr class="row1">
-		<td style="text-align: center;" colspan="5">{L_NO_EVENTS}</td>
-	</tr>
-	<!-- END events -->
-	</tbody>
-	</table>
-	<p class="submit-buttons">
-		<input class="button1" type="submit" id="submit" name="submit" value="{L_SUBMIT}" />&nbsp;
-		<input class="button2" type="reset" id="reset" name="reset" value="{L_RESET}" />
-	</p>
-	{S_FORM_TOKEN}
-	</fieldset>
+		<table cellspacing="1">
+		<thead>
+		<tr>
+			<th>{L_EVENT_TITLE}</th>
+			<th>{L_EVENT_DESC}</th>
+			<th>{L_EVENT_TIME}</th>
+			<th>{L_EVENT_LINK}</th>
+			<th>{L_ACTION}</th>
+		</tr>
+		</thead>
+		<tbody>
+		<!-- BEGIN events -->
+			<!-- IF events.S_ROW_COUNT is even --><tr class="row1"><!-- ELSE --><tr class="row2"><!-- ENDIF -->
+			<td style="text-align: center;">{events.EVENT_TITLE}</td>
+			<td style="text-align: center;">{events.EVENT_DESC}</td>
+			<td style="text-align: center;"><!-- IF events.EVENT_END -->{L_EVENT_START}{L_COLON}&nbsp;{events.EVENT_START}&nbsp;&#124;&nbsp;{L_EVENT_END}{L_COLON}&nbsp;{events.EVENT_END}<!-- ELSE -->{L_EVENT_TIME}{L_COLON}&nbsp;{events.EVENT_START}<!-- IF events.EVENT_ALL_DAY -->&nbsp;&#124;&nbsp;{L_EVENT_ALL_DAY}<!-- ENDIF --><!-- ENDIF --></td>
+			<td style="text-align: center;"><a href="{events.EVENT_URL}" alt="{events.EVENT_TITLE}">{events.EVENT_URL_RAW}</td>
+			<td style="text-align: center;">
+				<a href="{events.U_EDIT}">{ICON_EDIT}</a> <a href="{events.U_DELETE}">{ICON_DELETE}</a>
+			</td>
+		</tr>
+		<!-- BEGINELSE -->
+		<tr class="row1">
+			<td style="text-align: center;" colspan="5">{L_NO_EVENTS}</td>
+		</tr>
+		<!-- END events -->
+		</tbody>
+		</table>
+		<p class="submit-buttons">
+			<input class="button1" type="submit" id="submit" name="submit" value="{L_SUBMIT}" />&nbsp;
+			<input class="button2" type="reset" id="reset" name="reset" value="{L_RESET}" />
+		</p>
+		{S_FORM_TOKEN}
+		</fieldset>
 	</fieldset>
 	</form>
 
diff --git a/adm/style/portal/acp_portal_links.html b/adm/style/portal/acp_portal_links.html
index 80d57713..8fb0934c 100644
--- a/adm/style/portal/acp_portal_links.html
+++ b/adm/style/portal/acp_portal_links.html
@@ -64,7 +64,7 @@
 	</form>
 
 <!-- ELSE -->
-	<form id="acp_portal_links" method="post" action="{U_ACTION}">
+	<form id="acp_portal_links" method="post" action="{B3P_U_ACTION}">
 	<!-- IF SHOW_MODULE_OPTIONS -->
 	<fieldset>
 		<legend>{L_MODULE_OPTIONS}</legend>
@@ -139,7 +139,7 @@
 		<input class="button2" name="add" type="submit" value="{L_ACP_PORTAL_LINK_ADD}" />
 	</p>
 
-	<table cellspacing="1">
+	<table style="cellspacing: 1;">
 	<thead>
 	<tr>
 		<th>{L_ACP_PORTAL_LINK_TITLE}</th>
diff --git a/modules/links.php b/modules/links.php
index 2db14e1c..6b583e60 100644
--- a/modules/links.php
+++ b/modules/links.php
@@ -249,7 +249,7 @@ class links extends module_base
 
 		$links = $this->utf_unserialize($portal_config['board3_links_array_' . $module_id]);
 
-		$u_action = append_sid('index.' . $this->php_ext, 'i=\board3\portal\acp\portal_module&amp;mode=config&amp;module_id=' . $module_id);
+		$u_action = append_sid('index.' . $this->php_ext, 'i=-board3-portal-acp-portal_module&amp;mode=config&amp;module_id=' . $module_id);
 
 		switch ($action)
 		{
diff --git a/portal/modules/manager.php b/portal/modules/manager.php
index 651b8219..5c2cce53 100644
--- a/portal/modules/manager.php
+++ b/portal/modules/manager.php
@@ -393,6 +393,6 @@ class manager
 	 */
 	public function get_module_link($mode, $module_id)
 	{
-		return preg_replace(array('/i=[0-9]+/', '/mode=[a-zA-Z0-9_]+/'), array('i=%5C' . str_replace('\\', '%5C', $this->acp_class), 'mode=' . $mode), $this->u_action) . (($module_id) ? '&amp;module_id=' . $module_id : '');
+		return preg_replace(array('/i=[0-9]+/', '/mode=[a-zA-Z0-9_]+/'), array('i=%5C' . str_replace('\\', '-', $this->acp_class), 'mode=' . $mode), $this->u_action) . (($module_id) ? '&amp;module_id=' . $module_id : '');
 	}
 }

From 31d01f0aa47dde37c1abf612b89862d7d3547eeb Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Sat, 6 Jun 2015 15:37:03 +0200
Subject: [PATCH 4/9] [ticket/571] Use proper links for forms in ACP

B3P-571
---
 adm/style/portal/acp_portal_calendar.html  | 4 ++--
 adm/style/portal/acp_portal_menu.html      | 4 ++--
 modules/calendar.php                       | 2 +-
 modules/custom.php                         | 2 +-
 modules/main_menu.php                      | 2 +-
 modules/welcome.php                        | 2 +-
 tests/unit/portal/modules_manager_test.php | 2 +-
 7 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/adm/style/portal/acp_portal_calendar.html b/adm/style/portal/acp_portal_calendar.html
index 3ce3519a..f703502a 100644
--- a/adm/style/portal/acp_portal_calendar.html
+++ b/adm/style/portal/acp_portal_calendar.html
@@ -80,7 +80,7 @@
 	</form>
 
 <!-- ELSE -->
-	<form id="acp_portal_calendar" method="post" action="{U_ACTION}">
+	<form id="acp_portal_calendar" method="post" action="{B3P_U_ACTION}">
 	<!-- IF SHOW_MODULE_OPTIONS -->
 	<fieldset>
 		<legend>{L_MODULE_OPTIONS}</legend>
@@ -156,7 +156,7 @@
 			<input class="button2" name="add" type="submit" value="{L_ADD_EVENT}" />
 		</p>
 
-		<table cellspacing="1">
+		<table style="cellspacing: 1;">
 		<thead>
 		<tr>
 			<th>{L_EVENT_TITLE}</th>
diff --git a/adm/style/portal/acp_portal_menu.html b/adm/style/portal/acp_portal_menu.html
index ab23eda6..3c4a3957 100644
--- a/adm/style/portal/acp_portal_menu.html
+++ b/adm/style/portal/acp_portal_menu.html
@@ -71,7 +71,7 @@
 	</form>
 
 <!-- ELSE -->
-	<form id="acp_portal_links" method="post" action="{U_ACTION}">
+	<form id="acp_portal_links" method="post" action="{B3P_U_ACTION}">
 	<!-- IF SHOW_MODULE_OPTIONS -->
 	<fieldset>
 		<legend>{L_MODULE_OPTIONS}</legend>
@@ -146,7 +146,7 @@
 		<input class="button2" name="add" type="submit" value="{L_ACP_PORTAL_MENU_ADD}" />
 	</p>
 
-	<table cellspacing="1">
+	<table style="cellspacing: 1;">
 	<thead>
 	<tr>
 		<th>{L_ACP_PORTAL_MENU_TITLE}</th>
diff --git a/modules/calendar.php b/modules/calendar.php
index e4082674..0db55937 100644
--- a/modules/calendar.php
+++ b/modules/calendar.php
@@ -426,7 +426,7 @@ class calendar extends module_base
 		$events = (strlen($portal_config['board3_calendar_events_' . $module_id]) >= 1) ? $this->utf_unserialize($portal_config['board3_calendar_events_' . $module_id]) : array();
 
 		// append_sid() adds adm/ already, no need to add it here
-		$u_action = append_sid('index.' . $this->php_ext, 'i=\board3\portal\acp\portal_module&amp;mode=config&amp;module_id=' . $module_id);
+		$u_action = append_sid('index.' . $this->php_ext, 'i=-board3-portal-acp-portal_module&amp;mode=config&amp;module_id=' . $module_id);
 
 		switch ($action)
 		{
diff --git a/modules/custom.php b/modules/custom.php
index b38bface..5e2f58a3 100644
--- a/modules/custom.php
+++ b/modules/custom.php
@@ -187,7 +187,7 @@ class custom extends module_base
 
 		$portal_config = obtain_portal_config();
 
-		$u_action = append_sid('index.' . $this->php_ext, 'i=\board3\portal\acp\portal_module&amp;mode=config&amp;module_id=' . $module_id);
+		$u_action = append_sid('index.' . $this->php_ext, 'i=-board3-portal-acp-portal_module&amp;mode=config&amp;module_id=' . $module_id);
 
 		switch ($action)
 		{
diff --git a/modules/main_menu.php b/modules/main_menu.php
index a06cec95..5d265714 100644
--- a/modules/main_menu.php
+++ b/modules/main_menu.php
@@ -304,7 +304,7 @@ class main_menu extends module_base
 
 		$links = $this->utf_unserialize($portal_config['board3_menu_array_' . $module_id]);
 
-		$u_action = append_sid('index.' . $this->php_ext, 'i=%5Cboard3%5Cportal%5Cacp%5Cportal_module&amp;mode=config&amp;module_id=' . $module_id);
+		$u_action = append_sid('index.' . $this->php_ext, 'i=-board3-portal-acp-portal_module&amp;mode=config&amp;module_id=' . $module_id);
 
 		switch ($action)
 		{
diff --git a/modules/welcome.php b/modules/welcome.php
index 8b77a606..7ae9c2df 100644
--- a/modules/welcome.php
+++ b/modules/welcome.php
@@ -171,7 +171,7 @@ class welcome extends module_base
 
 		$portal_config = obtain_portal_config();
 
-		$u_action = append_sid('index.' . $this->php_ext, 'i=\board3\portal\acp\portal_module&amp;mode=config&amp;module_id=' . $module_id);
+		$u_action = append_sid('index.' . $this->php_ext, 'i=-board3-portal-acp-portal_module&amp;mode=config&amp;module_id=' . $module_id);
 
 		switch($action)
 		{
diff --git a/tests/unit/portal/modules_manager_test.php b/tests/unit/portal/modules_manager_test.php
index c55c7a85..7e898a39 100644
--- a/tests/unit/portal/modules_manager_test.php
+++ b/tests/unit/portal/modules_manager_test.php
@@ -128,7 +128,7 @@ class board3_portal_modules_manager_test extends \board3\portal\tests\testframew
 	public function test_get_module_link()
 	{
 		$this->modules_manager->set_acp_class('foo\bar')->set_u_action('index.php?i=25&amp;mode=barfoo');
-		$this->assertEquals('index.php?i=%5Cfoo%5Cbar&amp;mode=test&amp;module_id=5', $this->modules_manager->get_module_link('test', 5));
+		$this->assertEquals('index.php?i=-foo-bar&amp;mode=test&amp;module_id=5', $this->modules_manager->get_module_link('test', 5));
 	}
 
 	public function test_handle_ajax_request()

From 35e07a1201be9be736d156055e44be33e975348b Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Sat, 6 Jun 2015 15:45:58 +0200
Subject: [PATCH 5/9] [ticket/571] No longer enforce date formats

B3P-571
---
 modules/calendar.php | 17 ++++++-----------
 1 file changed, 6 insertions(+), 11 deletions(-)

diff --git a/modules/calendar.php b/modules/calendar.php
index 0db55937..838f8c2c 100644
--- a/modules/calendar.php
+++ b/modules/calendar.php
@@ -313,8 +313,8 @@ class calendar extends module_base
 							$this->template->assign_block_vars('minical.cur_events', array(
 								'EVENT_URL'		=> (isset($cur_event['url']) && $cur_event['url'] != '') ? $this->validate_url($cur_event['url']) : '',
 								'EVENT_TITLE'	=> $cur_event['title'],
-								'START_TIME'	=> $this->user->format_date($cur_event['start_time'], 'j. M Y, H:i'),
-								'END_TIME'		=> (!empty($cur_event['end_time'])) ? $this->user->format_date($cur_event['end_time'], 'j. M Y, H:i') : false,
+								'START_TIME'	=> $this->user->format_date($cur_event['start_time']),
+								'END_TIME'		=> (!empty($cur_event['end_time'])) ? $this->user->format_date($cur_event['end_time']) : false,
 								'EVENT_DESC'	=> (isset($cur_event['desc']) && $cur_event['desc'] != '') ? $cur_event['desc'] : '',
 								'ALL_DAY'	=> ($cur_event['all_day']) ? true : false,
 								'MODULE_ID'		=> $module_id,
@@ -326,8 +326,8 @@ class calendar extends module_base
 							$this->template->assign_block_vars('minical.upcoming_events', array(
 								'EVENT_URL'		=> (isset($cur_event['url']) && $cur_event['url'] != '') ? $this->validate_url($cur_event['url']) : '',
 								'EVENT_TITLE'	=> $cur_event['title'],
-								'START_TIME'	=> $this->user->format_date($cur_event['start_time'], 'j. M Y, H:i'),
-								'END_TIME'		=> (!$cur_event['all_day']) ? $this->user->format_date($cur_event['end_time'], 'j. M Y, H:i') : '',
+								'START_TIME'	=> $this->user->format_date($cur_event['start_time']),
+								'END_TIME'		=> (!$cur_event['all_day']) ? $this->user->format_date($cur_event['end_time']) : '',
 								'EVENT_DESC'	=> (isset($cur_event['desc']) && $cur_event['desc'] != '') ? $cur_event['desc'] : '',
 								'ALL_DAY'	=> (($cur_event['start_time'] - $cur_event['end_time']) == 1) ? true : false,
 								'MODULE_ID'		=> $module_id,
@@ -613,17 +613,12 @@ class calendar extends module_base
 		for ($i = 0; $i < sizeof($events); $i++)
 		{
 			$event_all_day = ($events[$i]['all_day'] == true) ? true : false;
-			$start_time_format = (!intval($this->user->format_date($events[$i]['start_time'], 'H')) && !intval($this->user->format_date($events[$i]['start_time'], 'i'))) ? 'j. M Y' : 'j. M Y, H:i';
-			if (!empty($events[$i]['end_time']))
-			{
-				$end_time_format = (!intval($this->user->format_date($events[$i]['end_time'], 'H')) && !intval($this->user->format_date($events[$i]['end_time'], 'i'))) ? 'j. M Y' : 'j. M Y, H:i';
-			}
 
 			$this->template->assign_block_vars('events', array(
 				'EVENT_TITLE'	=> ($action != 'add') ? ((isset($this->user->lang[$events[$i]['title']])) ? $this->user->lang[$events[$i]['title']] : $events[$i]['title']) : '',
 				'EVENT_DESC'	=> ($action != 'add') ? $events[$i]['desc'] : '',
-				'EVENT_START'	=> ($action != 'add') ? $this->user->format_date($events[$i]['start_time'], $start_time_format) : '',
-				'EVENT_END'		=> ($action != 'add' && !$event_all_day && !empty($end_time_format)) ? $this->user->format_date($events[$i]['end_time'], $end_time_format) : '',
+				'EVENT_START'	=> ($action != 'add') ? $this->user->format_date($events[$i]['start_time']) : '',
+				'EVENT_END'		=> ($action != 'add' && !$event_all_day && !empty($end_time_format)) ? $this->user->format_date($events[$i]['end_time']) : '',
 				'EVENT_URL'		=> ($action != 'add' && isset($events[$i]['url']) && !empty($events[$i]['url'])) ? $this->validate_url($events[$i]['url']) : '',
 				'EVENT_URL_RAW'	=> ($action != 'add' && isset($events[$i]['url']) && !empty($events[$i]['url'])) ? $events[$i]['url'] : '',
 				'U_EDIT'		=> $u_action . '&amp;action=edit&amp;id=' . $i,

From 7d5128db80a78bed026001e9698d28b634fadd0c Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Sat, 6 Jun 2015 15:46:16 +0200
Subject: [PATCH 6/9] [ticket/571] Improve docblocks and simplify check in
 controller helper

B3P-571
---
 controller/helper.php | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/controller/helper.php b/controller/helper.php
index a2ba9bc0..25164acb 100644
--- a/controller/helper.php
+++ b/controller/helper.php
@@ -114,7 +114,7 @@ class helper
 	*/
 	protected function check_permission()
 	{
-		if (!isset($this->config['board3_enable']) || !$this->config['board3_enable'] || !$this->auth->acl_get('u_view_portal'))
+		if (empty($this->config['board3_enable']) || !$this->auth->acl_get('u_view_portal'))
 		{
 			redirect(append_sid($this->phpbb_root_path . 'index' . $this->php_ext));
 		}
@@ -173,7 +173,9 @@ class helper
 	}
 
 	/**
-	* Check if user is in required groups
+	* Check if user is in required groups.
+	* If the group_ary is empty, this means that there are no limitation on
+	* which groups can see this module.
 	*
 	* @param array $row Module row
 	*

From 2ee6b3c8198f52383315291d153c5c7a684561bb Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Sat, 6 Jun 2015 16:24:45 +0200
Subject: [PATCH 7/9] [ticket/572] Use json_decode/encode instead of
 serializing data

B3P-572
---
 migrations/v210.php   | 63 +++++++++++++++++++++++++++++++++++++++++++
 modules/calendar.php  | 23 +++-------------
 modules/links.php     | 27 +++++--------------
 modules/main_menu.php | 27 +++++--------------
 4 files changed, 79 insertions(+), 61 deletions(-)

diff --git a/migrations/v210.php b/migrations/v210.php
index a9652c71..f357afc6 100644
--- a/migrations/v210.php
+++ b/migrations/v210.php
@@ -21,6 +21,7 @@ class v210 extends \phpbb\db\migration\migration
 		return array(
 			array('config.update', array('board3_portal_version', '2.1.0')),
 			array('custom', array(array($this, 'add_donation_setting'))),
+			array('custom', array(array($this, 'convert_serialize_to_json'))),
 		);
 	}
 
@@ -39,4 +40,66 @@ class v210 extends \phpbb\db\migration\migration
 		}
 		$this->db->sql_freeresult($result);
 	}
+
+	public function convert_serialize_to_json()
+	{
+		if (!function_exists('obtain_portal_config'))
+		{
+			include ($this->phpbb_root_path . 'ext/board3/portal/includes/functions.' . $this->php_ext);
+			define('PORTAL_CONFIG_TABLE', $this->table_prefix . 'portal_config');
+		}
+
+		$portal_config = obtain_portal_config();
+
+		$sql = 'SELECT module_id, module_classname
+			FROM ' . $this->table_prefix . 'portal_modules
+			WHERE ' . $this->db->sql_in_set('module_classname', array(
+				'\board3\portal\modules\calendar',
+				'\board3\portal\modules\links',
+				'\board3\portal\modules\main_menu',
+			));
+		$result = $this->db->sql_query($sql);
+		while ($row = $this->db->sql_fetchrow($result))
+		{
+			switch ($row['module_classname'])
+			{
+				case '\board3\portal\modules\calendar':
+					$setting = 'board3_calendar_events_' . $row['module_id'];
+				break;
+				case '\board3\portal\modules\links':
+					$setting = 'board3_links_array_' . $row['module_id'];
+				break;
+				case '\board3\portal\modules\main_menu':
+					$setting = 'board3_menu_array_' . $row['module_id'];
+				break;
+				default:
+					// nothing
+			}
+
+			// Do not try to unserialize empty data
+			if (empty($setting) || empty($portal_config[$setting]))
+			{
+				continue;
+			}
+
+			// Save json encoded setting
+			set_portal_config($setting, json_encode($this->utf_unserialize($portal_config[$setting])));
+		}
+		$this->db->sql_freeresult($result);
+	}
+
+	/**
+	 * Unserialize links array
+	 *
+	 * @param string $serial_str Serialized string
+	 *
+	 * @return array Unserialized string
+	 */
+	private function utf_unserialize($serial_str)
+	{
+		$out = preg_replace_callback('!s:(\d+):"(.*?)";!s', function ($result) {
+			return 's:' . strlen($result[2]) . ":\"{$result[2]}\";";
+		}, $serial_str);
+		return unserialize($out);
+	}
 }
diff --git a/modules/calendar.php b/modules/calendar.php
index e4082674..074fc580 100644
--- a/modules/calendar.php
+++ b/modules/calendar.php
@@ -265,7 +265,7 @@ class calendar extends module_base
 		* Let's start displaying the events
 		* make sure we only display events in the future
 		*/
-		$events = $this->utf_unserialize($portal_config['board3_calendar_events_' . $module_id]);
+		$events = json_decode($portal_config['board3_calendar_events_' . $module_id], true);
 
 		if (!empty($events) && $this->config['board3_display_events_' . $module_id])
 		{
@@ -423,7 +423,7 @@ class calendar extends module_base
 		$link_id = $this->request->variable('id', 99999999); // 0 will trigger unwanted behavior, therefore we set a number we should never reach
 		$portal_config = obtain_portal_config();
 
-		$events = (strlen($portal_config['board3_calendar_events_' . $module_id]) >= 1) ? $this->utf_unserialize($portal_config['board3_calendar_events_' . $module_id]) : array();
+		$events = (strlen($portal_config['board3_calendar_events_' . $module_id]) >= 1) ? json_decode($portal_config['board3_calendar_events_' . $module_id], true) : array();
 
 		// append_sid() adds adm/ already, no need to add it here
 		$u_action = append_sid('index.' . $this->php_ext, 'i=\board3\portal\acp\portal_module&amp;mode=config&amp;module_id=' . $module_id);
@@ -533,7 +533,7 @@ class calendar extends module_base
 					$time_ary[$key] = $cur_event['start_time'];
 				}
 				array_multisort($time_ary, SORT_NUMERIC, $events);
-				$board3_events_array = serialize($events);
+				$board3_events_array = json_encode($events);
 				set_portal_config('board3_calendar_events_' . $module_id, $board3_events_array);
 
 				trigger_error($message . adm_back_link($u_action));
@@ -555,7 +555,7 @@ class calendar extends module_base
 					array_splice($events, $link_id, 1);
 					$events = array_merge($events);
 
-					$board3_events_array = serialize($events);
+					$board3_events_array = json_encode($events);
 					set_portal_config('board3_calendar_events_' . $module_id, $board3_events_array);
 
 					$this->log->add('admin', $this->user->data['user_id'], $this->user->data['user_ip'], 'LOG_PORTAL_EVENT_REMOVED', false, array($cur_event_title));
@@ -711,21 +711,6 @@ class calendar extends module_base
 		}
 	}
 
-	/**
-	 * Unserialize links array
-	 *
-	 * @param string $serial_str Serialized string
-	 *
-	 * @return array Unserialized string
-	 */
-	private function utf_unserialize($serial_str)
-	{
-		$out = preg_replace_callback('!s:(\d+):"(.*?)";!s', function ($result) {
-			return 's:' . strlen($result[2]) . ":\"{$result[2]}\";";
-		}, $serial_str);
-		return unserialize($out);
-	}
-
 	/**
 	* Validate URLs and execute apppend_sid if necessary
 	*
diff --git a/modules/links.php b/modules/links.php
index 2db14e1c..539c4374 100644
--- a/modules/links.php
+++ b/modules/links.php
@@ -111,7 +111,7 @@ class links extends module_base
 	{
 		$portal_config = obtain_portal_config();
 
-		$links = $this->utf_unserialize($portal_config['board3_links_array_' . $module_id]);
+		$links = json_decode($portal_config['board3_links_array_' . $module_id], true);
 
 		// get user's groups
 		$groups_ary = get_user_groups();
@@ -200,7 +200,7 @@ class links extends module_base
 			);
 		}
 
-		$board3_menu_array = serialize($links);
+		$board3_menu_array = json_encode($links);
 		set_portal_config('board3_links_array_' . $module_id, $board3_menu_array);
 		$this->config->set('board3_links_' . $module_id, '');
 		$this->config->set('board3_links_url_new_window_' . $module_id, 0);
@@ -247,7 +247,7 @@ class links extends module_base
 		$link_id = $this->request->variable('id', 99999999); // 0 will trigger unwanted behavior, therefore we set a number we should never reach
 		$portal_config = obtain_portal_config();
 
-		$links = $this->utf_unserialize($portal_config['board3_links_array_' . $module_id]);
+		$links = json_decode($portal_config['board3_links_array_' . $module_id], true);
 
 		$u_action = append_sid('index.' . $this->php_ext, 'i=\board3\portal\acp\portal_module&amp;mode=config&amp;module_id=' . $module_id);
 
@@ -319,7 +319,7 @@ class links extends module_base
 					$this->log->add('admin', $this->user->data['user_id'], $this->user->data['user_ip'],'LOG_PORTAL_LINK_ADDED', false, array($link_title));
 				}
 
-				$board3_links_array = serialize($links);
+				$board3_links_array = json_encode($links);
 				set_portal_config('board3_links_array_' . $module_id, $board3_links_array);
 
 				trigger_error($message . adm_back_link($u_action));
@@ -341,7 +341,7 @@ class links extends module_base
 					array_splice($links, $link_id, 1);
 					$links = array_merge($links);
 
-					$board3_links_array = serialize($links);
+					$board3_links_array = json_encode($links);
 					set_portal_config('board3_links_array_' . $module_id, $board3_links_array);
 
 					$this->log->add('admin', $this->user->data['user_id'], $this->user->data['user_ip'], 'LOG_PORTAL_LINK_REMOVED', false, array($cur_link_title));
@@ -397,7 +397,7 @@ class links extends module_base
 				// insert the info of the moved link
 				$links[$switch_order_id] = $cur_link;
 
-				$board3_links_array = serialize($links);
+				$board3_links_array = json_encode($links);
 				set_portal_config('board3_links_array_' . $module_id, $board3_links_array);
 
 			break;
@@ -460,19 +460,4 @@ class links extends module_base
 	{
 		$this->manage_links('', $key, $module_id);
 	}
-
-	/**
-	 * Unserialize links array
-	 *
-	 * @param string $serial_str Serialized string
-	 *
-	 * @return array Unserialized string
-	 */
-	private function utf_unserialize($serial_str)
-	{
-		$out = preg_replace_callback('!s:(\d+):"(.*?)";!s', function ($result) {
-			return 's:' . strlen($result[2]) . ":\"{$result[2]}\";";
-		}, $serial_str);
-		return unserialize($out);
-	}
 }
diff --git a/modules/main_menu.php b/modules/main_menu.php
index a06cec95..c814bab2 100644
--- a/modules/main_menu.php
+++ b/modules/main_menu.php
@@ -112,7 +112,7 @@ class main_menu extends module_base
 	{
 		$portal_config = obtain_portal_config();
 
-		$links = $this->utf_unserialize($portal_config['board3_menu_array_' . $module_id]);
+		$links = json_decode($portal_config['board3_menu_array_' . $module_id], true);
 
 		$this->template->assign_block_vars('portal_menu', array('MODULE_ID' => $module_id));
 
@@ -255,7 +255,7 @@ class main_menu extends module_base
 			);
 		}
 
-		$board3_menu_array = serialize($links);
+		$board3_menu_array = json_encode($links);
 		set_portal_config('board3_menu_array_' . $module_id, $board3_menu_array);
 		$this->config->set('board3_menu_' . $module_id, '');
 		$this->config->set('board3_menu_url_new_window_' . $module_id, 0);
@@ -302,7 +302,7 @@ class main_menu extends module_base
 		$link_id = $this->request->variable('id', 99999999); // 0 will trigger unwanted behavior, therefore we set a number we should never reach
 		$portal_config = obtain_portal_config();
 
-		$links = $this->utf_unserialize($portal_config['board3_menu_array_' . $module_id]);
+		$links = json_decode($portal_config['board3_menu_array_' . $module_id], true);
 
 		$u_action = append_sid('index.' . $this->php_ext, 'i=%5Cboard3%5Cportal%5Cacp%5Cportal_module&amp;mode=config&amp;module_id=' . $module_id);
 
@@ -379,7 +379,7 @@ class main_menu extends module_base
 					$this->log->add('admin', $this->user->data['user_id'], $this->user->data['user_ip'], 'LOG_PORTAL_LINK_ADDED', false, array($link_title));
 				}
 
-				$board3_menu_array = serialize($links);
+				$board3_menu_array = json_encode($links);
 				set_portal_config('board3_menu_array_' . $module_id, $board3_menu_array);
 
 				trigger_error($message . adm_back_link($u_action));
@@ -401,7 +401,7 @@ class main_menu extends module_base
 					array_splice($links, $link_id, 1);
 					$links = array_merge($links);
 
-					$board3_menu_array = serialize($links);
+					$board3_menu_array = json_encode($links);
 					set_portal_config('board3_menu_array_' . $module_id, $board3_menu_array);
 
 					$this->log->add('admin', $this->user->data['user_id'], $this->user->data['user_ip'], 'LOG_PORTAL_LINK_REMOVED', false, array($cur_link_title));
@@ -457,7 +457,7 @@ class main_menu extends module_base
 				// insert the info of the moved link
 				$links[$switch_order_id] = $cur_link;
 
-				$board3_menu_array = serialize($links);
+				$board3_menu_array = json_encode($links);
 				set_portal_config('board3_menu_array_' . $module_id, $board3_menu_array);
 
 			break;
@@ -524,19 +524,4 @@ class main_menu extends module_base
 	{
 		$this->manage_links('', $key, $module_id);
 	}
-
-	/**
-	 * Unserialize links array
-	 *
-	 * @param string $serial_str Serialized string
-	 *
-	 * @return array Unserialized string
-	 */
-	private function utf_unserialize($serial_str)
-	{
-		$out = preg_replace_callback('!s:(\d+):"(.*?)";!s', function ($result) {
-			return 's:' . strlen($result[2]) . ":\"{$result[2]}\";";
-		}, $serial_str);
-		return unserialize($out);
-	}
 }

From 0665dba08fc55cc0ed440c4911c2063fb040ae3b Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Sat, 6 Jun 2015 16:33:50 +0200
Subject: [PATCH 8/9] [ticket/571] Fix incorrect cast to integer in
 database_handler

B3P-571
---
 portal/modules/database_handler.php                    | 9 ++++++---
 portal/modules/manager.php                             | 2 +-
 tests/unit/portal/modules_manager_confirm_box_test.php | 2 +-
 3 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/portal/modules/database_handler.php b/portal/modules/database_handler.php
index 666654c9..9ee0e0dd 100644
--- a/portal/modules/database_handler.php
+++ b/portal/modules/database_handler.php
@@ -97,6 +97,9 @@ class database_handler
 	 */
 	public function move_module_vertical($module_id, $module_data, $direction, $step = 1)
 	{
+		$direction = (int) $direction;
+		$step = (int) $step;
+
 		if ($direction == self::MOVE_DIRECTION_DOWN)
 		{
 			$current_increment = ' + ' . $step;
@@ -109,15 +112,15 @@ class database_handler
 		}
 
 		$sql = 'UPDATE ' . PORTAL_MODULES_TABLE . '
-				SET module_order = module_order' . (int) $other_increment . '
-				WHERE module_order = ' . (int) ($module_data['module_order'] + ($direction * $step)) . '
+				SET module_order = module_order' . $other_increment . '
+				WHERE module_order = ' . ($module_data['module_order'] + ($direction * $step)) . '
 					AND module_column = ' . (int) $module_data['module_column'];
 		$this->db->sql_query($sql);
 		$updated = (bool) $this->db->sql_affectedrows();
 		if ($updated)
 		{
 			$sql = 'UPDATE ' . PORTAL_MODULES_TABLE . '
-					SET module_order = module_order' . (int) $current_increment . '
+					SET module_order = module_order' . $current_increment . '
 					WHERE module_id = ' . (int) $module_id;
 			$this->db->sql_query($sql);
 		}
diff --git a/portal/modules/manager.php b/portal/modules/manager.php
index 5c2cce53..a4cc1e14 100644
--- a/portal/modules/manager.php
+++ b/portal/modules/manager.php
@@ -393,6 +393,6 @@ class manager
 	 */
 	public function get_module_link($mode, $module_id)
 	{
-		return preg_replace(array('/i=[0-9]+/', '/mode=[a-zA-Z0-9_]+/'), array('i=%5C' . str_replace('\\', '-', $this->acp_class), 'mode=' . $mode), $this->u_action) . (($module_id) ? '&amp;module_id=' . $module_id : '');
+		return preg_replace(array('/i=[0-9]+/', '/mode=[a-zA-Z0-9_]+/'), array('i=-' . str_replace('\\', '-', $this->acp_class), 'mode=' . $mode), $this->u_action) . (($module_id) ? '&amp;module_id=' . $module_id : '');
 	}
 }
diff --git a/tests/unit/portal/modules_manager_confirm_box_test.php b/tests/unit/portal/modules_manager_confirm_box_test.php
index dc0b6807..33a3b43d 100644
--- a/tests/unit/portal/modules_manager_confirm_box_test.php
+++ b/tests/unit/portal/modules_manager_confirm_box_test.php
@@ -134,7 +134,7 @@ class modules_manager_confirm_box_test extends \board3\portal\tests\testframewor
 		$this->assertNull($this->modules_manager->reset_module(15, 'barfoo', 6, array()));
 		$this->assertEquals(array(
 			'seconds'	=> 3,
-			'link'		=> 'adm/index.php?i=%5Cfoo%5Cbar&amp;mode=config&amp;module_id=6',
+			'link'		=> 'adm/index.php?i=-foo-bar&amp;mode=config&amp;module_id=6',
 		), self::$meta_refresh);
 		$this->assertEquals(phpbb_acp_move_module_test::$error_type, E_USER_NOTICE);
 		$this->assertEquals(phpbb_acp_move_module_test::$error, 'adm/index.php?i=15&amp;mode=foobar&amp;module_id=6');

From a364f1f2582f36e5e5590a26483762351ad5eb4a Mon Sep 17 00:00:00 2001
From: Marc Alexander <admin@m-a-styles.de>
Date: Sat, 6 Jun 2015 17:01:29 +0200
Subject: [PATCH 9/9] [ticket/575] Remove border-radius from top and bottom
 modules

B3P-575
---
 styles/prosilver/theme/portal.css | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/styles/prosilver/theme/portal.css b/styles/prosilver/theme/portal.css
index b20c2a14..1b9cf273 100644
--- a/styles/prosilver/theme/portal.css
+++ b/styles/prosilver/theme/portal.css
@@ -305,7 +305,10 @@ a.portal-forumtitle {
 	display: block;
 }
 
-#portal-center-wrapper .panel, #portal-center-wrapper .post {
+#portal-center-wrapper .panel, #portal-center-wrapper .post,
+#portal-top .panel, #portal-top .post,
+#portal-bottom .panel, #portal-bottom .post
+{
 	border-radius: 0;
 }