* Refactored the "brains" of user_login() to user_authenticate($user, $pass) so that blogapi (and others) can authenticate users (including those using DistAuth) without all the html and drupal_goto calls
* Updates blogapi_validate_user to use user_authenticate.
* Adds missing quotes around the username in "session closed" watchdog messages from user.module (session opened has quotes, but session closed does not).
* Changed "view detals" after watchdog entries to "details".
I had some trouble adding this feature but realized that the "who's online" block is a geek think, and therefore it won't hurt to add some more geekiness. If you don't know what "offline users" means, you would not have understood "online users" in the first place. Either way, I think most people who have the block enabled, will find this an interesting addition.
The new locale module provides every functionality on the web interface, so you don't need to edit the configuration files or add columns, when you add a new language. This module is an integration of the old locale and localegettext modules, plus a bunch of logic to parse Gettext Portable Object files (opposed to Machine Object files, as supported by localegettext).
Note: I made some minor changes to the context-sensitive help texts and to some of the status messages.
Here's an overview of the changes:
1) Multiple Input formats: they are complete filter configurations (what filters to use, in what order and with which settings). Input formats are admin-definable, and usage of them is role-dependant. For example, you can set it up so that regular users can only use limited HTML, while admins can free HTML without any tag limitations.
The input format can be chosen per content item (nodes, comments, blocks, ...) when you add/edit them. If only a single format is available, there is no choice, and nothing changes with before.
The default install (and the upgrade) contains a basic set of formats which should satisfy the average user's needs.
2) Filters have toggles
Because now you might want to enable a filter only on some input formats, an explicit toggle is provided by the filter system. Modules do not need to worry about it and filters that still have their own on/off switch should get rid of it.
3) Multiple filters per module
This was necessary to accomodate the next change, and it's also a logical extension of the filter system.
4) Embedded PHP is now a filter
Thanks to the multiple input formats, I was able to move the 'embedded PHP' feature from block.module, page.module and book.module into a simple filter which executes PHP code. This filter is part of filter.module, and by default there is an input format 'PHP', restricted to the administrator only, which contains this filter.
This change means that block.module now passes custom block contents through the filter system.
As well as from reducing code duplication and avoiding two type selectors for page/book nodes, you can now combine PHP code with other filters.
5) User-supplied PHP code now requires <?php ?> tags.
This is required for teasers to work with PHP code. Because PHP evaluation is now just another step in the filter process, we can't do this. Also, because teasers are generated before filtering, this would result in errors when the teaser generation would cut off a piece of PHP code.
Also, regular PHP syntax explicitly includes the <?php ?> tags for PHP files, so it makes sense to use the same convention for embedded PHP in Drupal.
6) Filter caching was added.
Benchmarking shows that even for a simple setup (basic html filtering + legacy URL rewriting), filtercache can offer speedups. Unlike the old filtercache, this uses the normal cache table.
7) Filtertips were moved from help into a hook_filter_tips(). This was required to accomodate the fact that there are multiple filters per module, and that filter settings are format dependant. Shoehorning filter tips into _help was ugly and silly. The display of the filter tips is done through the input format selector, so filter_tips_short() no longer exists.
8) A more intelligent linebreak convertor was added, which doesn't stop working if you use block-level tags and which adds <p> tags.
- Users who have not edited their account yet would be reset to GMT rather than the sitewide timezone.
- Users who chose GMT (zero timezone) on a site with a non-zero timezone as default would have incorrect timezone.
+ The 'previous topic' / 'next topic' links skipped topic without comments (changed one inner join back to a left join).
+ The default order setting in admin/settings/forum had no effect.
+ The 'first new topic' link jumped to the first unread topic ever instead of the first unread topic since NODE_NEW_LIMIT.
+ This also removes the unused $offset param from theme_forum_display and theme_forum_topic_list, so any themes using these functions should be updated (i checked the core themes but none of them used these functions).
As discussed before, the path "taxonomy/page/or/1,2" becomes "taxonomy/term/1+2" and the path "taxonomy/page/and/1,2" becomes "taxonomy/term/1,2". The most common case of listing nodes attached to a single term becomes simpler, since it doesn't require a meaningless "or" or "and". A depth of "0" is assumed, but a positive integer or "all" can be used. Feeds are available at "taxonomy/term/1+2/all/feed" and the like.
This iteration of the patch also changes the structure of taxonomy_select_nodes(), since it was not following Drupal conventions. A handful of contrib modules call this function, and will need to be updated. Instead of passing in a $taxonomy object containing parameters for the function, the parameters are passed independently. This simplifies the code quite a bit. The queries were changed to only return node IDs for speed; all results from this function are passed through node_load() anyway, so the extra information returned was discarded. The AND query was also changed to avoid the strange trick and remove an extra query, at the expense of a table join per root term in the AND. This cleans up the code substantially while at the same time enabling the use of AND with a depth parameter.
TODO: update contribution modules.
+ the confirmation before deleting a comment was missing a check_output.
+ after editing a comment, two pages were shown (two calls to theme('page',..)), replaced this by a drupal_goto.
Modules can be stored anywhere, as there is now a set of functions called module_get_filename, and module_set_filename .. which allow system_listing and module_list to specify the locations of the files.
A new function module_load_all() replaces the hardcoded includes in module_init, and loads all modules which have been enabled, using module_load.
module_listing no longer includes files itself, instead it just keeps the listing (and sets the filenames).
This patch is a requirement for the multisite configuration patch, as overriding modules are currently being loaded due to the only protection of loading them is include_once.
Here's a new patch that unifies the node/52 and book/view/52 paths for nodes. It involves a small change to hook_view(), which is discussed first:
Currently hook_view() expects node modules to return a themed node. However, each module does this the same way; they modify $node as necessary, then call theme('node', $node) and return the result. We can refactor this so that the calling function node_view() calls theme('node') instead. By doing this, it becomes possible for hook_nodeapi('view') to be called after hook_view() where the node contents are filtered, and before theme('node') where the body is enclosed in other HTML. This way the book module can insert its navigation into the body right before the theming.
Advantages of this refactoring:
- I can use it for book.module to remove the extra viewing path.
- The function of hook_nodeapi('view') becomes more like hook_view(), as neither will expect a return value.
- We more closely follow the flow of other nodeapi calls, which usually directly follow their corresponding specific node type hooks (instead of preceding them).
- The attachment.module people could use it to append their attachments in a list after the node.
- Gabor could use it instead of his filter perversion for his "articles in a series" module.
- A little less code in each view hook.
- The content hook is no longer needed, so that means even less code.
Disadvantages:
- Any modules written to use nodeapi('view') could be affected (but these would all be post-4.4 modules).
- Implementations of hook_view() would need to be updated (but return values would be ignored, so most would work without updates anyway).
Now the patch takes advantage of this API shift to inject its navigation at the end of all book nodes, regardless of the viewing path. In fact, since the paths become identical, I've removed the book/view handler entirely. We should probably provide an .htaccess rewrite for this (one is still needed for node/view/nn anyway). At the same time, there is a check in book_block() that shows the block appropriately on these pages.
Currently pager_query() is the black sheep of the database query family, because it does not allow for printf-style arguments to be inserted in the query. This is a problem because it introduces developer confusion when moving from an unpaged query to a paged one, and it encourages substitution of variables directly into the query, which can bypass our check_query() security feature.
This patch adds this ability to pager_query(). The change is backwards-compatible, but a couple calls to the function in core have been changed to use the new capability.
- #8193: Moving the two instances of the timezone list into a function.
- #3859: Adding drupal_goto for module/theme/settings pages. Aside from general drupal_goto usability, this fixes the bug of menu items not immediately appearing after enabling a module.
This commit fixes the problem: custom menus were being defined as MENU_CUSTOM_ITEM rather than MENU_CUSTOM_MENU. It also fixes a problem in which custom menus were mistakenly given the MENU_VISIBLE_IN_BREADCRUMB bit when edited. This would cause their titles to show up in the breadcrumb (which is undesirable... only menu items should be in there).
Note that this will not fix any non-functioning custom menus you've defined since this bug appeared. You'll have to delete and recreate them or update the "type" column in the DB manually.
Changes are as follows:
"maintain personal blog" -> "edit own blog" (aggregator.module, blog.module, blogapi.module)
"maintain personal pages" -> "edit own pages" (page.module)
"maintain personal stories" -> "edit own stories (story.module)
* improves the doxygentation and help text.
* deletes comment_admin and comment_page; using proper callbacks instead.
* related/modified callbacks/menus/functions were tweaked to not use arg() at all.
* the "settings" subtab was weighted to -10 so it'd appear first (in prep of JonBob's local default).
* moderation pages weren't properly showing defined votes or thresholds; fixed.
* when moderation votes or thresholds didn't exist, no error stating as such was shown; fixed.
* we show "submit votes" on the moderation votes page only when votes actually exist.
* fixes the (broken in CVS) comment/reply and comment/edit features.
* fixes the (broken in CVS) "save settings" for comment view options and comment moderation.
In addition I:
* fixed a couple warnings introduced by Morbus' patch.
* fixed a couple translation bugs.
* fixed comment_node_url().
I also found that:
* the collapsed comment views (i.e. 'threaded list - collapsed) are broken.
forms using the $required argument of the form_ functions.
- Replaced all Optional's and Required's from the taxonomy forms with proper
use of the form_ functions.
Please check your contributed modules too!
- If you are allowed to vote, results are now shown on a separate node tab "node/id/results".
- Poll voting now submits to a separate URL and uses drupal_goto to go back to the poll node
* The _validate hook and the _nodeapi('validate') hook of the node API (1) no longer take an 'error' parameter and (2) should no longer return an error array. To set an error, call form_set_error().
* The _form hook of the node module no longer takes a form hook and should not worry about displaying errors. Ditto for _nodeapi('form_post') and _nodeapi('form_pre').
* slightly reorders the functions in anticipation of http://drupal.org/node/view/9010.
* reorders help definitions to match the alphabetical nature of the menu items.
* tweaked visual appearance of menu code (whitespace, etc.)
* minor tweaks to "warning" help to match style of others.
* @file header with a oneliner and blurb description about watchdog.module.
* standardized the text between admin/help#watchdog and admin/logs.
* tweaked the descriptions of log types available ever so slightly.
* removed anything that referred to the old settings page.
* added an assumed 'type' to one of the menu's.
$ diffstat user.patch
database/database.mysql | 4
database/database.pgsql | 2
database/updates.inc | 10 -
modules/block.module | 20 +-
modules/locale.module | 9
modules/profile.module | 108 +++++++----
modules/system.module | 8
modules/user.module | 456 +++++++++++++++++++-----------------------------
8 files changed, 289 insertions(+), 328 deletions(-)
More functionality, less code. Here is a list of the changes:
- Some user API changes:
+ When $type is 'form', you have to return an associative array of groups. In turn, each group is an array with a 'title', 'data' and 'weight'.
+ A new $type has been added, namely 'categories'. User settings can be organized in categories. Categories can be sorted, as can the groups within a category. (Ordering 'categories' is somewhat broken due to a bug in the menu system.)
- The 'my account > edit' page will use subtabs for each 'category'. Read: you can break down the account settings into multiple subpages.
- Profile module improvements:
+ Added support for private fields to the profile module!
+ Improved workflow of profile administration pages.
+ Improved the form descriptions.
- Code improvements:
+ Unified user_edit() and user_admin_edit().
+ Unified and cleaned up the validation code. Fixed some validation glitches too.
Specifically, it lets you edit more than one node's taxonomy within
the same form.
This patch also removes the behavior where taxonomy remembers your
last choice for a given vocab and automatically selects it for you.
That is poor behavior. If someone changes a date or author in a
node, he is likely to inadvertently add taxo terms using with this
'feature'.
+ Changed menu.inc to generate two separate lists instead of nested lists:
that seems to be the only alternative to get rid of absolute positioning.
+ Changed the tabs code to be more sexy and put the code in misc/drupal.css
so all themes are automagically updated.
CHANGES
-------
+ Introduced tabs. First, we extended the menu system to support tabs. Next, a tab was added for every link that was (1) an administrative action other than the implicit 'view' (2) relevant to that particular page only. This is illustrated by the fact that all tabs are verbs and that clicking a page's tab leads you to a subpage of that page.
+ Flattened the administration menu. The tabs helped simplify the navigation menu as I could separate 'actions' from 'navigation'. In addition, I removed the 'administer > configuration'-menu, renamed 'blocks' to 'sidebars' which I hope is a bit more descriptive, and made a couple more changes. Earlier, we already renamed 'taxonomy' to 'categorization' and we move 'statistics' under 'logs'.
+ Grouped settings. All settings have been grouped under 'administer > settings'.
TODO
----
+ Update core themes: only Xtemplate default supports tabs and even those look ugly. Need help.
+ Update contributed modules. The menu() hook changed drastically. Updating your code adhere the new menu() function should be 90% of the work. Moreover, ensure that your modue's admin links are still valid and that URLs to node get updated to the new scheme ('node/view/x' -> 'node/x').
+ Introduced two new functions:
1. form_set_error($name, $message): files an error against the form
element with the specified $name.
2. form_has_errors(): returns true if errors has been filed against
form elements.
+ Updated the form handling:
1. The form_ functions will add 'class="error"' when a form field
has been found to be erroneous.
2. The error message is passed to theme_form_element() when the
particular form field has been found to be erroneous.
+ I updated the user and profile module to take advantage of these new
functions.
+ IMPORTANT: the _user() hook changed. The 'validate' case should no
longer retun an error message when something goes wrong but should
set it with form_set_error().
anonymous usernames in comments. It does not solve all my problems, but
others claim it works as advertised. I'm committing this because it does
fix some pending issues (even though that might not be the end of it).
made it possible to enforce a username/e-mail address. Based on
James Seng's work there are now 3 radio buttons:
( ) Anonymous users may not enter contact information
( ) Anonymous users may leave contact information
( ) Anonymous users must leave contact information
- Fixed a bug in the default theme_comment_view() function.
- Added permalinks for comments. Requested by Michael and Christina.
Maintainers of contributed themes might want to add permalinks too.
TODO:
- Fix the interaction design of the submission form: the page you are
directed to and the validation of the contact information.
- Changing the comment viewing options appears to be broken?
Dries Buytaert
Steven Wittens
Kjartan Mannes