up the documentation a little.
chx: can you double-check whether the global $conf variable is secure?
(That is, make sure it can't be send using the URL or something.)
TODO: update the "Migrating themes from Drupal 4.6 to Drupal HEAD"-page in
the Drupal handbook!
TODO: update the themes in the contributions repository.
Changes include:
* parsing of the primary/secondary links has been moved out of phptemplate and into theme_get_setting.
* unnecessary and XHTML-invalidating duplicate div#help removed from themes/bluemarine/page.tpl.php (this is already generated by theme_help)
* weird generation of the "edit primary/secondary links" messages removed from bluemarine and placed in theme.inc
* unnecessary changes to themes/bluemarine/style.css rolled back (the phptemplate bluemarine had an older version of style.css than the one in core)
* chameleon updated to work with new link scheme (passes links through theme_links)
- Converted the Bluemarine theme from XTemplate to PHPTemplate.
- Moved the the Pushbutton theme and the Xtemplate engine to the contributions repository.
* Fix a bug which would cause the "configure" link for styles to be broken.
* Fix a bug with using drupal_get_filename for theme engines. Although this is not called anywhere in core, we should still fix it for contrib. (i.e. themes that may want to manually invoke a theme engine to create a hybrid theme)
* Correct an inaccurate comment in theme.inc
* Populate the default primary links with an "edit primary links" link for consistency with the secondary links
* remove some unnecessary variables in the theme administration which had misleading and confusing names
* replace time-consuming foreach when rendering theme admin page with a more efficient array_key_exists
* usability: rather than completely removing the search box checkbox when search.module is disabled, simply disable it. (UI elements shouldn't appear/disappear.)
* Less logic in theme code.
* Encourages use of the menu system.
* Easier to find where a title or breadcrumb comes from in other people's code because there are less places to look. Look in menu and then grep for the appropriate set function. Looking for calls to theme_page() is hard because there are too many of them.
* Very slightly more efficient.
- Fixed separate styles: added theme_get_styles() and the xtemplate {styles} tag to make sure stylesheets get included in the right order (drupal-specific, template-specific, style-specific).
- Fixing missing class on screenshots.
- Renamed drupal_get_theme_setting() and drupal_get_theme_settings() to theme_get_setting() and theme_get_settings().
- Changing theme('image') so the automatic image size fetching can be toggled independently from attributes. Specifying attributes and autosizing are 2 different things.
- Suppressing PHP errors from getimagesize() using @. drupal_set_message() is used to report these errors already and in a much prettier way.
- #9958: Fixing broken displaying of avatars.
- Don't show the default avatar in 'edit my account' if the user has no avatar of his/her own.
- Added ability to delete avatars (without having to replace them).
http://drupal.org/files/issues/error_messages_list.png (issue #9138).
drupal_set_message() has been changed to group message by type and a
helper function, theme_status_message(), is added to display the messages.
Chameleon and Xtemplate have been updated to use this new function.
- Updated CHANGELOG.txt.
CHANGES
-------
+ Introduced tabs. First, we extended the menu system to support tabs. Next, a tab was added for every link that was (1) an administrative action other than the implicit 'view' (2) relevant to that particular page only. This is illustrated by the fact that all tabs are verbs and that clicking a page's tab leads you to a subpage of that page.
+ Flattened the administration menu. The tabs helped simplify the navigation menu as I could separate 'actions' from 'navigation'. In addition, I removed the 'administer > configuration'-menu, renamed 'blocks' to 'sidebars' which I hope is a bit more descriptive, and made a couple more changes. Earlier, we already renamed 'taxonomy' to 'categorization' and we move 'statistics' under 'logs'.
+ Grouped settings. All settings have been grouped under 'administer > settings'.
TODO
----
+ Update core themes: only Xtemplate default supports tabs and even those look ugly. Need help.
+ Update contributed modules. The menu() hook changed drastically. Updating your code adhere the new menu() function should be 90% of the work. Moreover, ensure that your modue's admin links are still valid and that URLs to node get updated to the new scheme ('node/view/x' -> 'node/x').
+ Introduced two new functions:
1. form_set_error($name, $message): files an error against the form
element with the specified $name.
2. form_has_errors(): returns true if errors has been filed against
form elements.
+ Updated the form handling:
1. The form_ functions will add 'class="error"' when a form field
has been found to be erroneous.
2. The error message is passed to theme_form_element() when the
particular form field has been found to be erroneous.
+ I updated the user and profile module to take advantage of these new
functions.
+ IMPORTANT: the _user() hook changed. The 'validate' case should no
longer retun an error message when something goes wrong but should
set it with form_set_error().
- Adds drupal_set_header() and drupal_get_headers().
- Cache now stores custom headers.
- Replace theme_head() with drupal_get_html_head(), added drupal_set_html_head().
- Added RSS autodiscover links to node, blog and taxonomy pages.
- Added support for new tags:
+ Optinal feed image: <image> tag.
+ Dublin core dates: <dc:date> <dcterms:created>, <dcterms:issued>,
<dcterms:modified>.
- Usability improvements:
+ On the administration page, made the feed/bundle titles link
to the feeds/bundles' pages. On the feed/bundle's page, made
the 'Last updated' field link to the administration page.
+ Moved the 'syndication' menu one level down.
- Updated some content sensitive help.
- Further improved themeability.
- Fixed some invalid HTML.
1. Remove the theme object. There is no need to keep it around since meta
information for a theme can be retrieved via list_themes(). All we really
need is the theme name.
2. Check if the user selected theme is enabled during theme initialization.
This is the easiest place to put the check and doesn't mess with the user's
settings. Their database profile will still contain the disabled theme
selection, but they will be rendering the default admin-selected theme
until their chosen theme is once again activated.
tags.
To be discussed and investigated: when a form element has no title an empty
<label> tag will be emitted (eg. "remember me" checkbox). This doesn't make
sense but is our best option for now.
* fixes all doxygen warnings [#]_ in the current code base
+ changes @param style from phpDocumentor (@param type $var desc) to doxygen (@param $var desc)
+ documents all undocumented parameters
+ escapes / fixes html warnings
+ fixes @defgroup in theme.inc
* adds more groupings [#]_
+ drupal_{set|get}_title, drupal_{set|get}_breadcrumb
+ pager.inc: pager_api (pager_query(), pager_display()), pager pieces
* adds a new group "themeable" which contains all themeable functions.
+ block_list() (in block.module): returns an array of block objects for
$region.
+ theme_blocks() (in theme.inc): uses block_list() and theme("block") to
actually render them.
Advantages:
+ Decouples blocks content and layout, allows block_list() to be used
for non-output purposes (think "pull").
+ Unifies naming in theme.inc: render_blocks()) didn't really fit there.
+ Puts block_list() in blocks.module where it logically belongs.
- Removed some cruft from the Xtemplate theme. Patch by Ax.
Some TODO's:
* The sidebars of theme Marvin and theme UnConeD look unstyled.
* CSS-ify theme UnConeD so we can remove the class around the functions.
* Rewrite theme_init() not to use a class and simplify theme()
accordingly.
- Improvement: removed a left-over from Drupal 4.2.0 (dead code).
- Improvement: replaced hard-coded XHTML around the XML icons with class="xml-icon".
- Improvement: removed the custom navigation menus shown at the top of the "user information page" and integrated them in the new navigation block. The "my account" link in the navigation menu will unfold. Also removed the "delete account" link/functionality (for now).
- Improvement: fix for "magic quotes" settings. Patch by Steven. I also removed check_php_settings().
- Improvement: block themability improvements. Modified patch from Ax and Steve/CodeMonkeyX.
- Fixed bug #2617: editing user information does not work. Patch by Kjartan.
- Bugfix: block patch fix. Patch by Gerhard.
- Bugfix: fixed broken URL in ping. Patch by Gerhard.
(This should fix the problems shown on http://www.blo.gs/info.php?id=1515.)
- Improvement: added better password generator. Patch #1 by Al. Fixes bug
#1935.
- Improvement: performance improvement to the blog module. Patch by Marco.
- Bugfix: fixed the defaults for blocks in database.mssql so the NOT NULL fields get values. Patch by Kjartan.
- Bugfix: changed check_form() to use htmlspecialchars() instead of drupal_specialchars() as this caused Drupal to emit incorrect form items in presence of quotes. Example:
<input type="submit" class="form-submit" name="op" value="Submit "top nodes" block changes" />
IMO, drupal_specialchars() is better called xmlspecialchars() to avoid confusion.
- Bugfix: when an anonymous user visits a site, they shouldn't see any content (except the login block, if it is enabled) unless they have the "access content" permissions. Patch by Matt Westgate.
- Improvement: improved the error checking and the error messages in the profile module. Updated the code to match the Drupal coding conventions. Modified patch from Matt Westgate.
- Improvement: don't generate the <base href=""> tag in the base theme; it is already emitted by theme_head(). Patch by Kristjan.
- Improvement: don't execute any SQL queries when checking the permissions of user #1. Patch by Kjartan.
- Improvement: made a scalable layout form that works in IE and that behaves better with narrow themes. Part of patch #51 by Al.
- Improvement: removed some redundant print statements from the comment module. Modified patch from Craig Courtney.
==> This fix requires to run update.php!
- Bugfix: made sessions work without warnings when register_globals is turned off. The solution is to use $_SESSION instead of session_register(). This fixes critical bug #1797. Patch by Marco.
- Bugfix: sometimes error messages where being discarded when previewing a node. Patch by Craig Courtney.
- Bugfix: fixed charset problems. This fixes critical bug #1549. Patch '0023.charset.patch' by Al.
- Code improvements: removed some dead code from the comment module. Patch by Marco.
- Documentation improvements: polished the node module help texts and form descriptions. Patch '0019.node.module.help.patch' by Al.
- CSS improvements all over the map! Patch '0021.more.css.patch' by Al.
- GUI improvements: improved the position of Druplicon in the admin menu. Patch '0020.admin.logo.patch' by Al.
- GUI improvements: new logos for theme Marvin and theme UnConeD. Logos by Kristjan Jansen.
- GUI improvements: small changes to the output emitted by the profile module. Suggestions by Steven Wittens.
- GUI improvements: small fixes to Xtemplate. Patch '0022.xtemplate.css.patch' by Al.
TODO:
- Some modules such as the buddy list module and the annotation module in the contributions repository are also using session_register(). They should be updated. We should setup a task on Drupal.
- There is code emitting '<div align="right">' which doesn't validate.
- Does our XML feeds validate with the charset changes?
- The forum module's SQL doesn't work properly on PostgreSQL.
components such as lists, form items, removes an ugly hack from the
archive module and should fix the poll problem (although it doesn't
Opera/Konqueror).
- Fixed a typo in the MSSQL database scheme. Patch by Michael Frankowski.
- Removed dependency on "register_globals = on"! Patches by Michael Frankowski.
Notes:
+ Updated the patches to use $foo["bar"] instead of $foo['bar'].
+ Updated the INSTALL and CHANGELOG files as well.
- Tiny improvement to the "./scripts/code-clean.sh" script.
will now barf when trying to instantiate a non-existing theme class.
This should help to identify broken themes, and to track down theme system
related bugs.
- Removed all instances of '$user->nodes'.
- Committed Moshe's taxonomy patch - minus the node_compact_list() bit. It needs a bit more thought/work. This patch changes the links of taxonomy pages/feeds so update your custom code and themes accordingly!
Themes should now use "taxonomy_link("taxonomy terms", $node)" to get an array of taxonomy term links. The old construct is deprecated and should be changed.
// old theme blob:
if (function_exists("taxonomy_node_get_terms")) {
foreach (taxonomy_node_get_terms($node->nid) as $term) {
$terms[] = l($term->name, NULL, array(), "or=$term->tid");
}
}
// new theme blob:
if (module_exist("taxonomy")) {
$terms = taxonomy_link("taxonomy terms", $node);
}
// old URL:
http://foo.com/index.php?or=1,2
// new URL:
http://foo.com/?q=taxonomy/page/or/1,2
- Bad usage of css ID's: they may be used for a single element only,
but were used as #node, #block, which can occur multiple times in a
single page.
- Moved HTML from theme to template - thats what templates are all
about!
- Added support for head() hook
- Added support for diffentiating between boxes and blocks.
- Typo: secundary -> secondary
"This patch to theme.inc adds the ability for modules to insert HTML
into the <HEAD> section of all web pages. The additional modules in
this directory [ed: blog.module] demonstate possible uses for the
new _head() hook."
"This is a simple, generic pager for Drupal-CVS. It is designed to be
easily themeable and expandable. The code is highly-commented to
enhance readability."
"Pagers are constructed by combining the provided pieces (all of which
can be easily modified to display the text or image you prefer) into
your custom pager."
* Statistics module fixes by Jeremy:
- removed superfluous check for existence of watchdog()
- saving changes in admin page displays status and returns same page
- no longer return 1971/01/01 in "view statistics" table
- switched from "!=" to "<>" in SQL queries for ANSI-SQL compliance
- switched from "MAX(timestamp) as timestamp" to "MAX(timestamp) as
max_timestamp" moving towards ANSI-SQL compliance.
* Added a "theme_item_list" function to format itemized lists. Also
changed a couple of modules to take advantage of it. Makes for a
more consistent UI.
+ Blocks are not longer called if not rendered: major performance
improvement.
+ Fixed some bugs (preview option was broken, path option was broken).
+ Removed "ascii"-type blocks.
+ Added permission to for "PHP blocks"
+ ...
NOTES:
+ You'll want to run "update.php":
ALTER TABLE blocks DROP remove;
ALTER TABLE blocks DROP name;
+ You'll want to update your custom modules as well as the modules in
the contrib repository. Block function should now read:
function *_block($op = "list", $delta = 0) {
if ($op == "list") {
return array of block infos
}
else {
return subject and content of $delta block
}
}
returned by theme_list() as it breaks the site ... The attached patch
prevents this from happening but does not remove the theme from the system
table in the SQL database - if the theme is removed from the database upon
viewing the themes administration page (or another trigger), I guess that
is fine.
Kjartan: my fix is the right thing to apply because theme_list() is used
elsewhere where it requires to return a list of existing themes.
Maybe it's a little sad but the current theme loading code might
be slower and more complex than the old Drupal 3 theme loading
code ... ?
or disabled as it will cause errors otherwise.
- split status into status and custom. Status will turn the block
on/off, and custom defined if the user can change the status.
Requires sql update.
- reintroduced user page to configure blocks.
+ Changed the db_query() API.
+ Wrapped all links in l(), lm(), la(), ..., drupal_url() functions.
+ XHTML-ified some HTML.
+ Wrapped a lot of text in the administrative pages in a t()
function.
+ Replaced all $REQUEST_URI/$PATH_INFOs by request_uri().
+ Small bugfixes (eg. bug in book_export_html() and clean-ups (eg.
RSS code).
+ Fixed some bugs in the taxonomy module (eg. tree making bug), added
new functionality (eg. new APIs for use by other modules), included
Moshe's taxonomy extensions, and some documentation udpates.
+ ...
Committing Changes by Moshe Weitzman:
- admin_user_account(), user_edit(), and user_view() no longer have any
hard code for authentication modules. instead authentication modules
implement the _user hook.
- fixed a couple 'help' typos.
- linked the 'REGISTER' text in the login block to the register page.
this page now advertises DA better if site employs DA.
- admins may now edit everything about a user account (was a feature
request).
- user #1 may now login immediately, in addition to receiving his
password via email.
Other changes:
- modules and themes are now enabled/disabled in the administrative /
settings / modules | themes pages. Requires SQL update and things must
be enabled before your site returns to normal. TODO: enable all
functionality. (For now just do UPDATE system SET status = 1;)
- removed $themes from conf.php.
- added a $theme->system() function where theme can specify settings.
All themes in the Drupal CVS have been updated to use this.
- added _system hook to modules. TODO: update modules to use this.
- changed strange use of sprintf to the usual strtr. The disadvantage of
sprintf is that it requires translations to keep the string order,
which may not be possible in all languages.
- an invalid/nonexisting theme in a user profile will now fallback to the
BaseTheme instead of crashing.
Steven Wittens
Dries Buytaert
Kjartan Mannes
