diff --git a/CHANGELOG b/CHANGELOG
index 62abda7f277..28072fdac15 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,23 +1,27 @@
drupal x.xx, xx/xx/xxxx
-----------------------
- major overhaul of the entire underlying design:
- * everything is based on nodes
- * introduced links/drupal tags
+ * everything is based on nodes: nodes are a conceptual "black box" to couple and manage different types of content and that promotes reusing existing code, thus reducing the complexity and size of drupal as well as improving long-term stability.
+ * introduced links/drupal tags: [[link]]
- rewrote submission/moderation queue:
* renamed submission.module to moderation.module
* updated submission forms
-- added a "book module":
- * merged documentation and FAQ module into a book module
+- removed FAQ and documentation module and merged them into a "book module":
+ * allows collaborative book writing
+- removed ban module and integrated it in account.module as "access control":
+ * access control is based on much more powerful regular expressions (regex) now rather than on MySQL pattern matching.
- various updates:
* added preview functionality when submitting new content (such as a story) from the administration pages.
* made the administration section only show those links a user has access to.
- * improved account module
+ * improved account module:
+ + added "acess control" to allow/deny certain usernames/e-mail addresses/hostnames
* improved comment module
* improved story module:
- + stories can now be permanently deleted
+ + added preview functionality for administrators
+ + made it possible to permanently delete stories
* improved themes:
+ W3C validation on a best effort basis
- + added goofy theme
+ + added theme "goofy"
- revised documentation
drupal 2.00, 15/03/2001
@@ -56,10 +60,10 @@ drupal 2.00, 15/03/2001
* improved database abstraction layer
* improved themes:
+ W3C validation on a best effort basis
- + added example theme
- * added CREDITS file
- * added directory "misc"
+ + added theme "example" (alas "Stone Age")
* added new scripts to directory "scripts"
+ * added directory "misc"
+ * added CREDITS file
- revised documentation
drupal 1.00, 15/01/2001
diff --git a/account.php b/account.php
index bf598661044..3bd1e900094 100644
--- a/account.php
+++ b/account.php
@@ -24,7 +24,7 @@ function account_create($error = "") {
global $theme;
if ($error) {
- $output .= "
". t("Failed to create account: $error.") ."
\n";
+ $output .= "
". t("Failed to create account") .": ". check_output($error) .".
\n";
watchdog("message", "failed to create account: $error.");
}
else {
@@ -47,8 +47,19 @@ function account_create($error = "") {
function account_session_start($userid, $passwd) {
global $user;
if ($userid && $passwd) $user = new User($userid, $passwd);
- if ($user->id) session_register("user");
- watchdog("message", ($user->id ? "session opened for user '$user->userid'" : "failed login for user '$userid'"));
+ if ($user->id) {
+ if ($rule = user_ban($user->userid, "username")) {
+ watchdog("message", "failed to login for '$user->userid': banned by $rule->type rule '$rule->mask'");
+ }
+ else if ($rule = user_ban($user->last_host, "hostname")) {
+ watchdog("message", "failed to login for '$user->userid': banned by $rule->type rule '$rule->mask'");
+ }
+ else {
+ session_register("user");
+ watchdog("message", "session opened for '$user->userid'");
+ }
+ }
+ else watchdog("message", "failed to login for '$userid': invalid username - password combination");
}
function account_session_close() {
@@ -283,20 +294,18 @@ function account_user($uname) {
}
function account_validate($user) {
- global $type2index;
-
// Verify username and e-mail address:
- if (empty($user[real_email]) || (!eregi("^[_\.0-9a-z-]+@([0-9a-z][0-9a-z-]+\.)+[a-z]{2,3}$", $user[real_email]))) $error = t("the specified e-mail address is not valid");
- if (empty($user[userid]) || (ereg("[^a-zA-Z0-9_-]", $user[userid]))) $error = t("the specified username is not valid");
- if (strlen($user[userid]) > 15) $error = t("the specified username is too long: it must be less than 15 characters");
+ if (empty($user[real_email]) || (!eregi("^[_\.0-9a-z-]+@([0-9a-z][0-9a-z-]+\.)+[a-z]{2,3}$", $user[real_email]))) $error = t("the e-mail address '$user[real_email]' is not valid");
+ if (empty($user[userid]) || (ereg("[^a-zA-Z0-9_-]", $user[userid]))) $error = t("the username '$user[userid]' is not valid");
+ if (strlen($user[userid]) > 15) $error = t("the username '$user[userid]' is too long: it must be less than 15 characters");
// Check to see whether the username or e-mail address are banned:
- if ($ban = ban_match($user[userid], $type2index[usernames])) $error = t("the specified username is banned") .": $ban->reason";
- if ($ban = ban_match($user[real_email], $type2index[addresses])) $error = t("the specified e-mail address is banned") .": $ban->reason";
+ if ($ban = user_ban($user[userid], "username")) $error = t("the username '$user[userid]' is banned") .": $ban->reason";
+ if ($ban = user_ban($user[real_email], "e-mail address")) $error = t("the e-mail address '$user[real_email]' is banned") .": $ban->reason";
// Verify whether username and e-mail address are unique:
- if (db_num_rows(db_query("SELECT userid FROM users WHERE LOWER(userid) = LOWER('$user[userid]')")) > 0) $error = t("the specified username is already taken");
- if (db_num_rows(db_query("SELECT real_email FROM users WHERE LOWER(real_email) = LOWER('$user[real_email]')")) > 0) $error = t("the specified e-mail address is already in use by another account");
+ if (db_num_rows(db_query("SELECT userid FROM users WHERE LOWER(userid) = LOWER('$user[userid]')")) > 0) $error = t("the username '$user[userid]' is already taken");
+ if (db_num_rows(db_query("SELECT real_email FROM users WHERE LOWER(real_email) = LOWER('$user[real_email]')")) > 0) $error = t("the e-mail address '$user[real_email]' is already in use by another account");
return $error;
}
diff --git a/admin.php b/admin.php
index acf8986b5a1..9a430806302 100644
--- a/admin.php
+++ b/admin.php
@@ -5,6 +5,10 @@ include_once "includes/common.inc";
// validate user access:
if (!user_access($user)) exit();
+function status($message) {
+ if ($message) return "Status: $message\n";
+}
+
function admin_page($mod) {
global $repository, $site_name, $menu, $modules, $user;
diff --git a/includes/ban.inc b/includes/ban.inc
deleted file mode 100644
index 98f39be6d6c..00000000000
--- a/includes/ban.inc
+++ /dev/null
@@ -1,54 +0,0 @@
- 0x01,
- "profanity" => 0x02,
- "hostnames" => 0x03,
- "usernames" => 0x04);
-
-$index2type = array(0x01 => "addresses",
- 0x02 => "profanity",
- 0x03 => "hostnames",
- 0x04 => "usernames");
-
-function ban_match($mask, $category) {
- // Perform query:
- $result = db_query("SELECT * FROM bans WHERE type = '$category' AND LOWER('$mask') LIKE LOWER(mask)");
-
- // Return result:
- return db_fetch_object($result);
-}
-
-// TODO --> $message by reference
-function ban_add($mask, $category, $reason, $message = 0) {
- global $index2type;
-
- if (empty($mask)) {
- $message = "failed: empty banmasks are not allowed.
\n";
- }
- else if ($ban = db_fetch_object(db_query("SELECT * FROM bans WHERE type = '$category' AND '$mask' LIKE mask"))) {
- $message = "failed: ban is already matched by '$ban->mask'.
\n";
- }
- else {
- $result = db_query("INSERT INTO bans (mask, type, reason, timestamp) VALUES ('$mask', '$category', '$reason', '". time() ."')");
- $message = "added new ban with mask '$mask'.
\n";
-
- // Add log entry:
- watchdog("message", "added new ban '$mask' to category '". $index2type[$category] ."' with reason '$reason'.");
- }
-}
-
-function ban_delete($id) {
- global $index2type;
-
- $result = db_query("SELECT * FROM bans WHERE id = '$id'");
-
- if ($ban = db_fetch_object($result)) {
- // Perform query:
- $result = db_query("DELETE FROM bans WHERE id = '$id'");
-
- // Deleted log entry:
- watchdog("message", "removed ban '$ban->mask' from category '". $index2type[$ban->type] ."'.");
- }
-}
-
-?>
diff --git a/includes/comment.inc b/includes/comment.inc
index 57b87583b2c..b15cee23b5c 100644
--- a/includes/comment.inc
+++ b/includes/comment.inc
@@ -184,14 +184,12 @@ function comment_moderation($comment) {
function comment_controls($threshold = 1, $mode = 3, $order = 1) {
global $REQUEST_URI, $user;
- $output .= "\n";
$output .= "\n";
- $output .= "\n";
return $output;
}
@@ -289,7 +287,7 @@ function comment_render($lid, $cid) {
if ($user->id) {
// Comment control:
- $theme->controls($threshold, $mode, $order);
+ $theme->box(t("Comment control"), "
The ban module keeps a list of bans in four categories:
-
-
Email bans: this type of ban specifies which email addresses will be rejected when registering new users. Can be used to prevent users from using a free email account (e.g. userid@hotmail.com).
-
Profanity bans: under construction
-
Hostname bans: this type of ban allows you to block certain hostnames from access to your site or from registering as a new user.
-
Username bans: this ban will block certain usernames from registration. Typical examples include admin, anonymous, root, webmaster, etc.
-
-
The ban module allows you to use a flexible wild-card ban system. This means you can block all email addresses from a certain domain name, block every username starting with "guest", etc. To do this, use the following wild-card characters:
-
-
% : matches any number of characters, including zero characters.
-
_ : matches exactly one character.
-
-
Examples:
-
-
Email address bans %@hotmail.com, %@altavista.%, %@usa.net, etc. Used to prevent users from using free email accounts, which might be used to cause trouble.
-
Username bans root, webmaster, admin%, etc. Used to prevent administrator impersonators.
\n";
+
+ return $output;
+}
+
+function node_admin_view($id) {
+ global $nstatus;
+
+ $node = node_get_object("nid", $id);
+
+ $output .= "\n";
+
+ return $output;
+}
+
+function node_admin_edit($id) {
+ global $status, $user;
+
+ $node = node_get_object("nid", $id);
+
+ foreach (array($node->userid => $node->author, $user->userid => $user->id) as $value=>$key) $author .= " \n";
+ foreach (array(format_date($node->timestamp) ." (original)" => $node->timestamp, format_date(time()) ." (current)" => time()) as $value=>$key) $timestamp .= " \n";
+ foreach ($status as $value=>$key) $statuz .= " \n";
+
+ $output .= "\n";
+
+ return $output;
+}
+
+function node_delete($id) {
+ return (node_del("nid", $id) ? "failed to delete node: node must be dumped first." : "node has been deleted.");
+}
+
+function node_admin() {
+ global $op, $id, $edit;
+
+ $id = check_input($edit[nid] ? $edit[nid] : $id);
+
+ switch ($op) {
+ case "Edit node":
+ case "edit":
+ print node_admin_edit($id);
+ break;
+ case "Delete node":
+ print status(node_delete($id));
+ print node_overview();
+ break;
+ case "Save node":
+ print status(node_save($edit));
+ print node_overview();
+ break;
+ case "View node":
+ case "view":
+ print node_admin_view($id);
+ break;
+ default:
+ print node_overview();
+ }
+}
+
+?>
diff --git a/modules/story.module b/modules/story.module
index 81f46be784f..82254440b8e 100644
--- a/modules/story.module
+++ b/modules/story.module
@@ -1,7 +1,6 @@
"story_cron",
- "help" => "story_help",
+$module = array("help" => "story_help",
"find" => "story_find",
"user" => "story_user",
"queue" => "story_queue",
@@ -20,14 +19,6 @@ class Story {
}
}
-function story_cron() {
- global $status;
- $result = db_query("SELECT * FROM node WHERE status = '$status[scheduled]' AND timestamp <= ". time() ."");
- while ($story = db_fetch_object($result)) {
- db_query("UPDATE node SET status = '$status[queued]', timestamp = '". time() ."' WHERE nid = '$story->nid' AND type = 'story'");
- }
-}
-
function story_find($keys) {
global $status, $user;
$find = array();
@@ -46,7 +37,6 @@ function story_search() {
function story_help() {
?>
-
Scheduled stories: stories that are scheduled to be automatically published at a given date and time. Useful when you have to leave the site alone for a while or when you want to regulate the flow of new content.
Queued stories: user-contributed stories are automatically whisked away to a submission queue for moderators (i.e. registered user) to frown at. Moderators vote whether or not a story should be posted to the front page for discussion.
Posted stories: published stories accessible to all visitors.
Dumped stories: rejected stories that are no longer available to visitors.
@@ -107,7 +97,7 @@ function story_view($node, $page = 1) {
}
function story_form($edit = array()) {
- global $allowed_html, $REQUEST_URI, $status, $theme, $user;
+ global $allowed_html, $REQUEST_URI, $user;
$output .= "