The upload custom avatar hack by SaiyaMan at Spawn's UBB Hacks site (
http://spawn.piratecove.org/ubbmods/) allows any user to change any other users custom avatar, a big security hole if you ask me.
Is there any way to have it check your username, then check the file name to make sure both are the same exact thing before uploading the avatar? I see it checks $FileName, so would putting a check $UserName thing in there be too difficult? I'm an idiot when it comes to UBB hacking, but a upload custom avatar script would be great, and the other one requires installing new files to the server, something my server won't let me do
