though but I think this is stable enough for public consumption and
real-life testing.
==> a first big step towards a flexible comment engine.
IMPORTANT:
- Required theme updatins:
UnConeD: check your $theme->controls() as I added a very, very
dummy implementation
- Required database updates:
alter table users modify mode tinyint(1) DEFAULT '' NOT NULL;
alter table comments change sid lid int(6) DEFAULT '0' NOT NULL;
alter table comments add link varchar(16) DEFAULT '' NOT NULL;
update comments set link = 'story';
IMPORTANT: you have to drop 2 tables "blocks" and "layout"
and you have to recreate them again with those
in database/database.mysql
- integrated the documentation written by UnConeD
integrated them were appropriate. It works better and the code is
more readable then it used to be:
(see http://drop.org/discussion.php?id=44&pid=0#0)
- story authors can no longer moderate their own stories
(requested by Natrak)
- fix inie-winnie small detail in theme marvin
- drastically improved administration section
- drastically revamped story administration:
added new feature to schedule the publishing of stories
- applied correct naming conventions to submission.php
- fixed 1 small glitch in boxes
- somewhat expanded the documentation
= changed one SQL table
- updated the faq with info on drupal
- ... and more things I forgot about
- configuration:
+ renamed $db_name to $db_user
+ renamed $db_base to $db_name
- fixed small diary glitch
- fixed initial-comment-score problem
- fixed comment rating bug: improved the API and updated the
themes
- removed some tabs from Steven ;)
- fixed backend warnings and improved robustness
I'm not happy yet with the headline grabber - it generates
too many SQL errors.
- some small cosmetic changes in comment.module
- fixed minor glitch in format_interval()
- expanded documentation
(written by Jeroen)
- fixed bug in includes/module.inc
- fixed bug in modules/backend.class
- renamed some of the SQL tables (!)
- started making the diary.module truly modular (not finished yet)
- renamed "admin_blocks" to "boxes"
- added new functionality to "boxes": apart from PHP boxes, you
can now create ASCII boxes as well as HTML boxes for those who
are not confident with PHP.
(requested by stalor)
- added drupal-site module to keep track of known drupal sites
- added small Perl script to generate encrypted CVS passwords
- removed droplets
- added (optional) admin_blocks module
- added (optional) affiliate module
- added (optional) about module (only placeholder, under construction)
- fixed some tiny bugs (e.g. quote bug in search.php)
- partionally rewrote some modules to be big, bad and better
- partionally rewrote some modules to be more uniform
- added GNU GPL license to CVS
Also:
- installed PHP 4.0.4 on my localhost and now working
towards PHP 4.0.4 compatibility.
- I think I'll baptize the engine "drupal". If you have a
better idea, try convincing me ASAP.
Todo:
- more testing (also with PHP 4.0.4)
- make "project"-module: download, info, blah blah
- complete documentation
- I rearranged some of the code and clean-up some of the mess.
- Added "blocks" which can be user defined/controlled: check
to see. The positioning of blocks is rather basic for the
moment, so I'm all open for input on that.
- improved web interface of account module.
- added simple permission system with both administrators
and regular users. It can be made more fine-grained but
it will do for now.
- various small enhancements to the other modules, but
nothing big.
1. improved .htaccess to be more "secure": to keep prying
eyes out
2. rewrote the administration section from scratch using a
modular approach
3. improved the information gathered by error.php - we can
now (hopefully) track what bots are crawling us.
4. fixed a bug in submit.php, fixed a bug in theme zaphod,
fixed a bug in theme marvin.
5. rewrote cron from scratch - it now interfaces with
modules as it should have been from the beginning.
Very cool if you ask me - it can use UNIX/Linux
crontabs.
6. updated widget.inc to be module aware - needs more
work though - maybe this afternoon?
7. updated most modules: small bugfixes, improvements, and
even the documentation
8. removed diary.php and made it a module - you can now
run a drop.org site without a diary system if someone
would prefer so
9. updated all themes to use the new modules where
appropriate
10. added a robots.txt because the error message in the
watchdog become annoying.
11. added the new configuration system (mutliple vhosts
on the same source tree) - use hostname.conf instead
of config.inc
12. removed calendar.inc and made it a module
13. added format_interval() to functions.inc (UnConeD)
14. whatever I forgot ...
- fixed bug in story section
account.php:
- removed death code, clean-up, reorganization
- added "lost password?" functionality
faq.php:
- clean-up
watchdog.inc:
- improvements
- end of input-limit test period
error.php:
- improvements, still crappy layout though
site:
- watchdog (rewrite):
+ the collected information provides more details and insights
for post-mortem research
+ input limitation
- database abstraction layer:
+ mysql errors are now verbose and is no longer displayed in a
browser - fixes a possible security risk
- admin.php:
+ updated watchdog page
+ fixed security flaw
- diary.php:
+ fixed nl2br problem
- themes:
+ fixed comment bug in all 3 themes.
- misc:
+ renamed some global variables for sake of consistency:
$sitename --> $site_name
$siteurl --> $site_url
+ added input check where (a) exploitable and (b) possible
+ added input size check
+ various small improvements
+ fixed various typoes
... and much, much more in fact.
note that `widget.inc' is nothing more then a library with
standard widgets (eg "New headlines", "New diary entries",
and so on). Every theme builder is free to make custom
widgets and to include them in their .theme file!
- fixed bug in discussion.php
- theme update: comment() now takes 3 arguments:
$comment - an object with comment data
$link - a link to the reply form of that particular
comment
$thread - the subthread of that particular comment
- theme 'marvin' and theme 'zaphod' are updated, theme
'unconed' is left to be done
- fixed bug in discussion.php
- theme update: comment() now takes 3 arguments:
$comment - an object with comment data
$link - a link to the reply form of that particular
comment
$thread - the subthread of that particular comment
- theme 'marvin' and theme 'zaphod' are updated, theme
'unconed' is left to be done
(suggestion UnConeD)
- Added anchors to comment links to easy comment navigation.
(suggestion UnConeD)
- Fixed duplicate `you voted' after moderating a story.
(suggestion UnConeD)
- Fixed quote bug in administration center.
- Expanded user administration with timezone information.
- Improved the theme system by eliminating the "preview" function.
Let's not make the system more complex then it ought to be.
- Refined watchdog administration.
- ...
- fixed a bug in account.php: the confirmation url is now correct.
- improved error checking + security in diary.php.
- fixed a bug in the html code of theme zaphod.
- improved the date handling: always call format_date().
- expanded account information in administration pages.
- added a new variable $siteurl to ./includes/config.inc.
- added comment moderation to theme zaphod.
- "alter table users add timezone varchar(8);"
- !!! added new timezone feature !!! :o)
by means of better security checks in order to avoid malicious behavior.
In addition, quite some code has been fine-tuned.
However, as a result, every theme will require a small update ...
visual changes:
- removed redundant files user.class.php, calendar.class.php
and backend.class.php.
- converted *all* mysql queries to queries supported by the
database abstraction layer.
- expanded the watchdog to record more information on what
actually happened.
- bugfix: anonymous readers where not able to view comments.
- bugfix: anonymous readers could gain read-only access to
the submission queue.
- bugfix: invalid includes in backend.php
- bugfix: invalid use of '$user->block'
and last but not least:
- redid 50% of the user account system
- anonymous chicken was able to moderate commnets
- "anonymous chicken" was displayed in the comment reply form
- ...
The only thing left to be done is to tackle (or continue tackling)
the user accounts which in fact is quite some work. :o)
Dries Buytaert
Steven Wittens