Committing Changes by Moshe Weitzman:
- admin_user_account(), user_edit(), and user_view() no longer have any
hard code for authentication modules. instead authentication modules
implement the _user hook.
- fixed a couple 'help' typos.
- linked the 'REGISTER' text in the login block to the register page.
this page now advertises DA better if site employs DA.
- admins may now edit everything about a user account (was a feature
request).
- user #1 may now login immediately, in addition to receiving his
password via email.
Other changes:
- modules and themes are now enabled/disabled in the administrative /
settings / modules | themes pages. Requires SQL update and things must
be enabled before your site returns to normal. TODO: enable all
functionality. (For now just do UPDATE system SET status = 1;)
- removed $themes from conf.php.
- added a $theme->system() function where theme can specify settings.
All themes in the Drupal CVS have been updated to use this.
- added _system hook to modules. TODO: update modules to use this.
- changed strange use of sprintf to the usual strtr. The disadvantage of
sprintf is that it requires translations to keep the string order,
which may not be possible in all languages.
- an invalid/nonexisting theme in a user profile will now fallback to the
BaseTheme instead of crashing.
variables.
Example: set site_frontpage to "node" and site_frontpage_extra to
"$meta = 'news'" and only nodes with that meta tag will be displayed on
your main page.
This requires some internal knowledge of how the various modules work
and what settings can be passed to <module>_page() functions.
- Fixed tiny quote problem in account.php.
- Fixed tiny bug in comment.inc.
- Fixed tiny bug in comment.module.
- Fixed tiny bug in meta.module.
- Simplified user_access() API.
- Rewrote link system: still needs fine-tuning and testing so don't
upgrade if you are running a production site. ;)
Updated all modules and themes to reflect this change. All other
themes and modules need updating too!
(groups) and 'permissions' ... (inspired by Zope's system).
+ Once installed, click the help-link for more information.
+ See updates/2.00-to-x.xx.sql for the SQL updates.
- Modified loads of code to use our new access.module. The system
still has to mature though: new permissions have to be added and
existing permissions need stream-lining. Awaiting suggestions.
- As a direct result of the new access system, I had to rewrite the
way the top-level links in admin.php are rendered and displayed,
and xhtml-ified admin.php while I was at it.
TODO
- Home-brewed modules need updating, home-brewed themes not.
(Examples: file.module, trip_link.module)
- As soon we *finished* the refactoring of the user system (KJ has
been working on this refactoring already) we should consider to
embed this role and permission code into account.module ...
- Changed meta.module, node.module and index.php to use comma-seperated
lists of attributes rather then "foo=a,bar=b" lists. This makes it a
a lot easier to use both modules. In addition, error handling can be
discarded as it can't be made any simpler, really ...
It fits rather nicely in Drupal's design so I'm getting more and more
happy with this meta.module (but we are not 100% there yet).
- node.module, node.inc:
+ Improved the node-related admin interface so that navigating back
and forth the administrative menus is made both easier and faster.
+ Removed some redundant database fields from the node table. See
2.00-to-x.xx.sql!
+ Added 2 news hooks called "node_insert" and "node_update". Just
like this is the case with the existing hook "node_delete" these
new hooks will automatically get called when a node has been
inserted or udpated. Note that this is an optional call-back that
only needs to be implemented when required. With the addition of
these two hooks, the node mechanism (version 1) is pretty well
completed.
- watchdog.module:
+ Fixed bug whit the 'regular messages' query in the watchdog.module.
- book.module:
+ Fixed bug in book.module: the 'parent' was not set properly when
updating a book page.
+ Made it so that older versions of a book page are automatically
reactived upon deletion of the most recent version, i.e. when
doing a version roll-back.
- comment.inc:
+ Undid Remco's patch to comment.inc; it does not work in some cases.
- conf.module:
+ Fine-tuned some of the options in conf.module a bit.
- marvin.theme:
+ Visual changes to make it look better on Windows browsers. Mind
to give some feedback on this?
+ Fixed 3 HTML typos/bugs.
+ XHTML-ified the theme at a best effort basis; I didn't carry the
XHTML specification with me.
+ Made use of the theme_slogan variable to display the site's slogan.
+ As soon we have at least one valid XHTML theme we can wonder on how
to integrate other XML namespaces (cfr. MathML story at drop.org).
- database.mysql:
+ Updated database.mysql so that it contains all the latest "database
patches".
update, you'll break your site as you need switching from structure
to index.module: so this can be considered an intermediate commit.
If you upgrade, and you are welcome to, just create a collection
called "section" (for now) and assign your nodes some attributes
in the described format.
Feedback and bugreports are welcomed. Questions will be answered.
CHANGES:
- comment system:
+ when replying to a node (rather then to a comment), that
node is displayed above the reply form.
+ when replying to a comment (rather then to a node), that
comment is displayd above the reply form.
- removed structure.inc, removed structure.module.
- node.inc:
+ added 2 new node functions called 'node_attribute_edit()' and
'node_attribute_save()' used to 'hook in' any indexing system
including your home-brewed stuff if you'd want to. Currently,
index.module is the facto default index system.
See story.module for usage.
- book.module, story.module, poll.module, page.module, forum.module:
+ added preview functionality to administration section (via node
module).
+ removed all references to structure.inc (category, topic).
- moderate.module:
+ removed all references to structure.inc (category, topic).
- book.module, story.module, page.module, forum.module:
+ increased the sizes of some textareas.
- submit.php:
+ removed all references to structure.inc (category, topic).
- marvin.theme:
+ removed dead code: function story() was depricated.
- unconed.theme:
+ removed hardcoded references to drop.org.
- marvin.theme, unconed.theme, jeroen.theme, yaroon.theme, example.theme:
+ removed all references to structure.inc (category, topic).
TODO:
- file.module, trip_link.module:
+ update preview functionality:
see story.module for example.
+ remove references to 'cid' and 'tid', use 'attribute' instead:
see story.module for example.
- extend and build upon index.module as well as making it configurable
structure.module either needs work, or replacement by index.module:
see "admin > node > node settings".
It will do for now and it can always made better when we can think
of a better solution; it is the best I could think of. Now what?
index.module or structure.module? I'm currently pro index.module.
- Drastically simplified "variable.inc".
- Removed most dependecies on structure.module from all content related
modules. Thus making our modules more modular. ;)
- Fixed calculation glitch in queue.module.
- Fixed potential function name clash/conflict in rating.module, and
simplified some code on my way.
- Started removing all global variables $status and $rstatus. Global
variables are "yucky" so in near future, we will replace all global
$status variables by a call to node_status(). Originally, $status
was only introduced as a temporary hack and nothing is as permanent
as a temporary hack so I took it out when still possible.
- Changed the watchdog messages a bit.
- Redid settings.module and even renamed it to conf.module.
* Settings are now grouped in basic categories like "system
settings", "module settings" and "filters".
* Added new settings to make Drupal easier to configure and
to make some aspects like the watchdog scale better.
- Renamed includes/settings.php to includes/conf.php.
- Added filter support to conf.module and introduced filter hooks so
modules can implement and export new filters. Example filters are
an HTML filter (implemented), a profanity filter, an url converter,
ASCII smileys to images filter and so on ...
- Reworked the check_* functions: user contributed content/input is
only verified and filtered once in its lifespan.
NOTES
- Altough this is a large commit, no database changes are required.
is selected.
- Made theme_link() less "hard coded", we still have to make
it fully configurable though.
- Fixed glitch in story submission: the warning messages were
not displayed.
- Tidied up block.module a bit.
CHANGES:
- Added "read" and "write" permissions into drupal but removed
it again because - when finished after 3 hours of work - it
was considered nothing but added complexity that didn't buy
us anything. :I
(I'll explain this in detail on the mailing list, I guess.)
- Added a very simple help.module to group all available
documentation on a single page.
- Fixed bug in node_control(), book.module: UnConeD forgot to
global $user when updating the combobox code.
- Removed static wishlist.module: in future, the wishlist can
be maintained as a page in our collaborative book.
- Revised most of settings.module: tidied up the code and the
descriptions to accompany the settings and introduced a new
"default maximum number of nodes to display on the main page"
variable.
- Revised most of comment.module: the administration interface
looks better now, integrated node permissions, and -finally-
made it possible to delete comments.
- Polished on:
+ account.module
+ structure.module
+ locale.module
+ module.module
+ forum.module
- Form-ified:
+ account.php
+ account.module
+ setting.module
+ cvs.module
+ submit.php
+ comment.module
+ forum.module
+ book.module
+ page.module
+ locale.module
- Updated CHANGELOG
INFO:
- Designed a "generic tracker system with optional backends"
on paper. The idea is to allow registered users to hot-list
certain topics, individual nodes or threads (comments) and
to "plug-in" output backends like - for instance - an e-mail
digest. The design requires "intelligent blocks" though.
TODO:
- I want to tidy up the headline.module and backend.class as
well as merge in headlineRSS10.module. Julian spent quite
some time working on headline.module but I'm not sure what
he changed and whether he'd contribute it back?
makes "promoting nodes" to the main page possible. Stories
and reviews could be promoted by default, but - on accasion
a good book entry could be manually promoted too. Thus all
existing content types can be shown on the main page, not
just stories.
Requires a SQL update, see 2.00-to-x.xx.sql!
- Addition: implemented "auto-post new submissions" feature
to disable or by-pass the moderation queue in addition to
"moderate new submissions".
TODO: admin moderation versus registered user moderation.
- Addition: added category and topic support to page.module.
Made it so that we can disable/enable comments on a category by category basis. In order to accomplish this I had to make a few (*temporary*) changes.
I moved all comment code from the "module level" (eg. story.module) to the "node level". It was nothing but the logical next step in nodifying drupal. This enables us to add comments to all existing content types including book entries. But also for book entries, this to can be toggled on and off. :-)
Moreover module writers don't have to worry about the complex comment logic: it is "abstracted" away. This implies that story.module got smaller, faster and easier to comprehend. :-)
In order to accomplish this, I had to update ALL THEMES, which I did - and on my way I updated Goofy, Oranzh and UnConeD - with the previous changes. All themes are up-to-date now! I also had to remove the [ reply to this story ] links, and temporally re-introcuded the "Add comment" button in the "Comment control". Tempora lly that is, UnConeD. ;)
I plan to upgrade drop.org either tommorow or wednesday so test away if you have some time to kill. ;)
Oh, I also fixed a few bugs and made various small improvements.
your theme:
- corrected some missing translations in story.module. Oops!
- grealty simplified the "moderation threshold mechanism"(tm) so
that module writers don't have to worry about this. As a result
story.module and book.module became a bit smaller and easier to
grasp.
- greatly simplified new "category" and "topic" code which is soon
going to replace the "section" code. Needs more work though so
hang on thight.
- includes/section.inc and modules/section.module are replaced by
includes/structure.module and modules/structure.module.
- beautified example.theme a bit without adding HTML complexity:
it is a good example but still useful as a theme
- made theme example use "categories" and "topics"
--> TAKE A LOOK AT IT AND UPDATE YOUR THEME
- made theme marvin use "categories" and "topics"
--> TAKE A LOOK AT IT AND UPDATE YOUR THEME
- added 2 new "story listings" to administrator interface of
story.module to verify story integrity.
- optimized comment table a bit (work in progress)
it now uses the new category code, incl content bindings.
You can setup different "categories" which map on a content
type. Example:
review -> review.module
article -> story.module
column -> story.module
announc. -> story.module
addons -> file.module
themes -> file.module
- "generalised" story.module and book.module's output.
- fixed bug in includes/timer.inc
- fixed glitch in theme example.theme: it said "$how by" but
the variable $how has never been declared.
- added "drupal development settings" to display some timings
- more work on the categories/topics -> does NOT work yet
- fixed small visual glitch in includes/function.inc
- changed SQL tables around a bit to be more consistent
(result: small changes to a lot of different files)
- improved robustness of includes/node.inc
- improved output of cron.module
- improved output of node.php
the index page will only display stories for now but this will/can
change in the near future
- all other files now thinks in terms of nodes, rather then stories
abstract() + article() = story()
abstract() and article() have been merged into a new function story()
which looks like:
function story($story_object, $reply) {
if (!reply) {
// full story
}
else {
// main page version / abstract
}
}
This should allow you to "compress" your theme as abstract() and
article() tended to be 98% identical.
=> I didn't really merge your themes so I leave it up to *you* to
improved the code!!! Do it ASAP as we release drupal 2.00 in 7
days.
In future we'll have similar functions for other content types as
for example:
review($review, $reply);
enquete($enquete, $reply);
...
revised most of the SQL queries and tried to make drupal as secure as possible (while trying to avoid redundant/duplicate checks). For drupal's sake, try to screw something up. See the mail about PHPNuke being hacked appr. 6 days ago. The one who finds a problem is rewarded a beer (and I'm willing to ship it to Norway if required). I beg you to be evil. Try dumping a table a la "http://localhost/index.php?date=77778;DROP TABLE users" or something. ;)
This time I redid the "category"-stuff. Categories - from now on called sections - are now maintained from the admin pages, can have their own post, dump and timout thresholds as discussed earlier (some weeks ago). By tomorrow evening users will be able to enable or disable section as well - i.e. to customize the content of drop.org.
though but I think this is stable enough for public consumption and
real-life testing.
==> a first big step towards a flexible comment engine.
IMPORTANT:
- Required theme updatins:
UnConeD: check your $theme->controls() as I added a very, very
dummy implementation
- Required database updates:
alter table users modify mode tinyint(1) DEFAULT '' NOT NULL;
alter table comments change sid lid int(6) DEFAULT '0' NOT NULL;
alter table comments add link varchar(16) DEFAULT '' NOT NULL;
update comments set link = 'story';
- I rearranged some of the code and clean-up some of the mess.
- Added "blocks" which can be user defined/controlled: check
to see. The positioning of blocks is rather basic for the
moment, so I'm all open for input on that.
site:
- watchdog (rewrite):
+ the collected information provides more details and insights
for post-mortem research
+ input limitation
- database abstraction layer:
+ mysql errors are now verbose and is no longer displayed in a
browser - fixes a possible security risk
- admin.php:
+ updated watchdog page
+ fixed security flaw
- diary.php:
+ fixed nl2br problem
- themes:
+ fixed comment bug in all 3 themes.
- misc:
+ renamed some global variables for sake of consistency:
$sitename --> $site_name
$siteurl --> $site_url
+ added input check where (a) exploitable and (b) possible
+ added input size check
+ various small improvements
+ fixed various typoes
... and much, much more in fact.
visual changes:
- removed redundant files user.class.php, calendar.class.php
and backend.class.php.
- converted *all* mysql queries to queries supported by the
database abstraction layer.
- expanded the watchdog to record more information on what
actually happened.
- bugfix: anonymous readers where not able to view comments.
- bugfix: anonymous readers could gain read-only access to
the submission queue.
- bugfix: invalid includes in backend.php
- bugfix: invalid use of '$user->block'
and last but not least:
- redid 50% of the user account system
made quite a lot of additions. The most remarkable addition is the
diary server, which I slapped together in less then 40 minutes. Most
of the other changes are however `unvisible' for the user but add much
value to a better maintainability from a developer's objective. Like
always, I fixed quite a number of small bugs that creeped into the code
so we should have a bigger, better and more stable drop.org.
Unfortunatly, some theme update _are_ required:
REQUIRED THEME UPDATES:
=======================
* use format_username() where usernames are used
* use format_date() where timestamps/dates are used
* use format_email() where e-mail addresses are displayed
* use format_url() where url are displayed
* replace 'formatTimestamp' with format_date
* replace 'morelink_*' with 'display_morelink'
[most of these functions are in function.inc or template.inc]
___PLEASE___ (<- this should get your attention ;) update your themes
as soon as possible - it only takes 30 min. to get in sync with the
other themes. Don't start whining about the fact you don't know what
to change ... either eat the source cookie, or ask me to elaborate on
a few changes. Just let me know what's puzzling you and I'll try to
help you out!
TODO LIST FOR NEXT WEEK
=======================
* Add checks for max. text length in textarea's? Is there an HMTL
attribute for this or ...?
* Comment moderation + mojo
* Edit/admin user accounts: block, delete, change permissions, ...
* E-mail password, change password, change e-mail address -> extra
checks and routines to validate such `special' changes.
* Input checking - input filter: bad words, html tags, ...
=========================
Wulp. I did a major upgrade by (a) breaking a lot of stuff and (b) by
re-doing those things in a much better way. I redesigned the stories
and submissions SQL tables, the way they work and the way they co-
operate together.
In addition, I changed the way parameters are passed to
$theme->abstract() and $theme->article(). Instead of passing a
sh!tload of parameters that only cluttered the code and required too
much pre-processing on the engine-side, we now pass a singly object
$story. $story has more variables then the paramaters we used to pass,
so it allows for better theming (if you feel like it).
I'm not finished yet but I decided to upload my changes so you can
start patching and updating your themes: PLEASE update your themes
ASAP! I don't plan making heavy changes like this again, so don't
get intimiated. ;) You mainly have to update article() and abstract()
as well as a minor update of footer():
article(), abstract():
----------------------
- use the $story object - see my theme!
- the morelink can now be themed. Currently you can use the function
morelink_bytes() in function.inc to `render' the old morelink. The
idea is to make a morelink_words() or morelink_lines() sooner or
later because "188 bytes in body" is not half as clear as "52 words
in body". Clearly, "52 words" is much more informative. ;-)
footer():
---------
- in the article-part, you need to update the displayRelatedLinks():
instead of passing it $sid, you need to pass it $story (after you
globaled $story).
Everything should display correct on the following pages:
- main page
- article page (follow a `read more | xxx bytes in bdoy | x comments' link)
- submission queue
Check if they work with your theme: they should as they work fine for
me (theme `Dries') ... If you got stuck, just look at my theme or ask
for a hand on the list!
Hopefully you can update your themes asap. Thanks in advance.
number of SQL on the mainpage with factor 10 and shortened the code with 4
lines. There is only *one* optimized SQL query left, being:
$result = db_query("SELECT stories.*, COUNT(comments.sid) AS comments FROM
stories LEFT JOIN comments ON stories.sid = comments.sid WHERE
stories.status = 1 AND stories.time <= $date GROUP BY stories.sid ORDER BY
stories.sid DESC LIMIT $number");
Note: we use a LEFT JOIN to retrieve the number of comments associated
with each story. By retrieving this data now, we elimate a *lot*
of individual queries that would otherwise be required inside the
while-loop. If there is no matching record for the right table in
the ON-part of the LEFT JOIN, a row with all columns set to NULL
is used for the right table. This is required, as not every story
has a counterpart in the comments table (at a given time).
to the outside world. It's a first step towards improving the submission
queue.
* More important (to the theme babies): instead of passing individual
parameters I'm considering to pass an object.
$theme->abstract($story->aid, $story->informant, $story->time,
stripslashes($story->subject), stripslashes($story->abstract),
stripslashes($story->comments), $story->category, $story->department,
$morelink);
would become:
$theme->abstract($story);
What do you guys think about pushing this trough? It would be much better
and would give extra `power' to the themes.