- Changing theme('image') so the automatic image size fetching can be toggled independently from attributes. Specifying attributes and autosizing are 2 different things.
- Suppressing PHP errors from getimagesize() using @. drupal_set_message() is used to report these errors already and in a much prettier way.
- #9958: Fixing broken displaying of avatars.
- Don't show the default avatar in 'edit my account' if the user has no avatar of his/her own.
- Added ability to delete avatars (without having to replace them).
- Admin - upload only shows up for 'access administration section' perms
- Users without 'upload files' perm do not see the attachments form (and cannot attach even when sending their own http request)
Note: if a user can edit a node, but not 'upload files', then the attachments are left untouched (and cannot be changed).
This makes sense because people will expect attachments to work everywhere when they enable this module. This also matches comment.module's behaviour, where comments are allowed by default unless turned off.
+ If an array of tb urls is given for mt_tb_ping_urls, the last url actually gets pinged twice.
+ mt_allow_comments and mt_convert_breaks were not being sent properly in the xmlrpc response for getPost.
* Don't rely on a blog table (i.e. do 'extended' the drupal way.
* Allow listing / setting new 'input format' - (using mt.supportedTextFilters).
* Handle MT extensions to metaWeblog.newPost/editPost where applicable.
* Implemented mt.supportedMethods.
* Also did a bit of refactoring to make sure we generate post values the same for both newPost/editPost but also for getRecentPosts and getPost
- Restoring broken update path.
- Adding birthday/date function back, with update path.
- Show private fields when viewing your own profile, or for admins.
- Do not allow browsing of private fields for non admins (403)
- Throw a 404 for browsing unbrowsable fields, rather than an SQL error
- Fixing input processing: nothing is filtered twice anymore, and I replaced several strip_tags with specialchars (more flexible).
- Minor admin UI tweaks + added friendly field type names.
* Refactored the "brains" of user_login() to user_authenticate($user, $pass) so that blogapi (and others) can authenticate users (including those using DistAuth) without all the html and drupal_goto calls
* Updates blogapi_validate_user to use user_authenticate.
* Adds missing quotes around the username in "session closed" watchdog messages from user.module (session opened has quotes, but session closed does not).
* Changed "view detals" after watchdog entries to "details".
I had some trouble adding this feature but realized that the "who's online" block is a geek think, and therefore it won't hurt to add some more geekiness. If you don't know what "offline users" means, you would not have understood "online users" in the first place. Either way, I think most people who have the block enabled, will find this an interesting addition.