Drupal core! This is an important milestone for the project so enable
the module and check it out ... :)
Thanks to Rok Žlender, Károly Négyesi, Jimmy Berry, Kevin Bridges, Charlie
Gordon, Douglas Hubler, Miglius Alaburda, Andy Kirkham, Dimitri13, Kieran
Lal, Moshe Weitzman, and the many other people that helped with testing
over the past years and that drove this home.
It all works but it is still rough around the edges (i.e. documentation
is still being written, the coding style is not 100% yet, a number of
tests still fail) but we spent the entire weekend working on it in Paris
and made a ton of progress. The best way to help and to get up to speed,
is to start writing and contributing some tests ... as well as fixing
some of the failures.
For those willing to help with improving the test framework, here are
some next steps and issues to resolve:
- How to best approach unit tests and mock functions?
- How to test drupal_mail() and drupal_http_request()?
- How to improve the admin UI so we have a nice progress bar?
- How best to do code coverage?
- See http://g.d.o/node/10099 for more ...
This is a big and important patch for Drupal's security. We are switching
to much stronger password hashes that are also compatible with the Portable
PHP password hashing framework.
The new password hashes defeat a number of attacks, including:
- The ability to try candidate passwords against multiple hashes at once.
- The ability to use pre-hashed lists of candidate passwords.
- The ability to determine whether two users have the same (or different)
password without actually having to guess one of the passwords.
Also implemented a pluggable password hashing API (similar to how an alternate
cache mechanism can be used) to allow developers to readily substitute an
alternative hashing and authentication scheme.
Thanks all!
1. fixed problem with long URLs being truncated (and causing errors)
2. added CREATE UNIQUE INDEX to prefix.sh
3. changed totalcount from int to bigint to prevent overflow
4. unifies index names, syncs with database.mysql
Updated changelog.
- Fixed a typo in the MSSQL database scheme. Patch by Michael Frankowski.
- Removed dependency on "register_globals = on"! Patches by Michael Frankowski.
Notes:
+ Updated the patches to use $foo["bar"] instead of $foo['bar'].
+ Updated the INSTALL and CHANGELOG files as well.
- Tiny improvement to the "./scripts/code-clean.sh" script.
correctly. Patch by Stefan.
- Added missing t() functions and improved the %x directives for
better readability and to ease the process of translating your
site. Patches by Stefan.
- Made two small additions to the 'code-clean.sh' script; it will
now remove patch related junk.
NOTES:
- I removed the · related bits. Let's tackle these later on
in a separate patch after we got some sort of consensus.
- I removed the 'module_exist("drupal")' check in the user module;
I *think* it is incomplete and therefore incorrect.
- Stefan, try using quotes in your translations and check whether
everything still works. Example: translate the "Create account"
button to "Create \"haha\" account \'hihi\'" and see if you can
still create new accounts. Maybe automate this using a quick
hack in the locale module ...
+ Changed node_form() to use good ol' tables instead of div/CSS-tags.
+ Revised the "revision API": I think we have both an easy and powerful
API now that should make everyone happy.
+ Improved the usability of the rollback functionality a bit.
+ Removed the "view node" link from the "node overview" page in the
admin section and added a "delete node" link instead.
+ Added a few missing translations; there might be missing more
translations though.
- book.module:
+ Made the book module use the "revision API" instead of having it poke
and use the innards and underlying details of the revision system.
- queue.module:
+ Made the queue module use the improved revision number.
- module.inc:
+ Applied Moshe's patch: added more arguments to module_invoke()
- mail-to-sql.pl:
+ Added support for more header fields and for folded fields
Notes:
- no database updates required
CVS log messages. Our additional Perl script that hooks into
the CVS repository is also provided in ./scripts. Requires a
SQL update, see 2.00-to-x.xx.sql.
a seperate module called "rating.module". This should allow people
to experiment with different rating heuristics/algorithms.
- The rating module also generates a "Top 100 users" page, see:
http://drop.org/module.php?mod=rating
- Adjusted ./scripts/php-clean to ignore png files.
(I should do it the way around and make it ignore everything but
our php files.)
- expanded documentation
(written by Jeroen)
- fixed bug in includes/module.inc
- fixed bug in modules/backend.class
- renamed some of the SQL tables (!)
- started making the diary.module truly modular (not finished yet)
- renamed "admin_blocks" to "boxes"
- added new functionality to "boxes": apart from PHP boxes, you
can now create ASCII boxes as well as HTML boxes for those who
are not confident with PHP.
(requested by stalor)
- added drupal-site module to keep track of known drupal sites
- added small Perl script to generate encrypted CVS passwords
1. improved .htaccess to be more "secure": to keep prying
eyes out
2. rewrote the administration section from scratch using a
modular approach
3. improved the information gathered by error.php - we can
now (hopefully) track what bots are crawling us.
4. fixed a bug in submit.php, fixed a bug in theme zaphod,
fixed a bug in theme marvin.
5. rewrote cron from scratch - it now interfaces with
modules as it should have been from the beginning.
Very cool if you ask me - it can use UNIX/Linux
crontabs.
6. updated widget.inc to be module aware - needs more
work though - maybe this afternoon?
7. updated most modules: small bugfixes, improvements, and
even the documentation
8. removed diary.php and made it a module - you can now
run a drop.org site without a diary system if someone
would prefer so
9. updated all themes to use the new modules where
appropriate
10. added a robots.txt because the error message in the
watchdog become annoying.
11. added the new configuration system (mutliple vhosts
on the same source tree) - use hostname.conf instead
of config.inc
12. removed calendar.inc and made it a module
13. added format_interval() to functions.inc (UnConeD)
14. whatever I forgot ...
Dries Buytaert
Gerhard Killesreiter
Kjartan Mannes