are those that have the "bypass input data check" permission set. Should
address bug #2147.
- Improvement: simplified index.php and modules/admin.module.
- Bugfix: fixed broken links in bloggerapi documentation. Patch by Chris
Johnson. Fixes bug #2030.
- Bugfix: fixed the date shown on a book module preview. Reported as part
of bug #2097.
- Bugfix: fixed broken URL in the book module documentation.
of the "footer" hook (and because of the existence of the page module).
This caused the node view counter to be incremented twice per page view,
the cache being set twice, etc. Quite a bug.
- Fixed a typo in the MSSQL database scheme. Patch by Michael Frankowski.
- Removed dependency on "register_globals = on"! Patches by Michael Frankowski.
Notes:
+ Updated the patches to use $foo["bar"] instead of $foo['bar'].
+ Updated the INSTALL and CHANGELOG files as well.
- Tiny improvement to the "./scripts/code-clean.sh" script.
Committing Changes by Moshe Weitzman:
- admin_user_account(), user_edit(), and user_view() no longer have any
hard code for authentication modules. instead authentication modules
implement the _user hook.
- fixed a couple 'help' typos.
- linked the 'REGISTER' text in the login block to the register page.
this page now advertises DA better if site employs DA.
- admins may now edit everything about a user account (was a feature
request).
- user #1 may now login immediately, in addition to receiving his
password via email.
Other changes:
- modules and themes are now enabled/disabled in the administrative /
settings / modules | themes pages. Requires SQL update and things must
be enabled before your site returns to normal. TODO: enable all
functionality. (For now just do UPDATE system SET status = 1;)
- removed $themes from conf.php.
- added a $theme->system() function where theme can specify settings.
All themes in the Drupal CVS have been updated to use this.
- added _system hook to modules. TODO: update modules to use this.
- changed strange use of sprintf to the usual strtr. The disadvantage of
sprintf is that it requires translations to keep the string order,
which may not be possible in all languages.
- an invalid/nonexisting theme in a user profile will now fallback to the
BaseTheme instead of crashing.
variables.
Example: set site_frontpage to "node" and site_frontpage_extra to
"$meta = 'news'" and only nodes with that meta tag will be displayed on
your main page.
This requires some internal knowledge of how the various modules work
and what settings can be passed to <module>_page() functions.
- Fixed tiny quote problem in account.php.
- Fixed tiny bug in comment.inc.
- Fixed tiny bug in comment.module.
- Fixed tiny bug in meta.module.
- Simplified user_access() API.
- Rewrote link system: still needs fine-tuning and testing so don't
upgrade if you are running a production site. ;)
Updated all modules and themes to reflect this change. All other
themes and modules need updating too!
(groups) and 'permissions' ... (inspired by Zope's system).
+ Once installed, click the help-link for more information.
+ See updates/2.00-to-x.xx.sql for the SQL updates.
- Modified loads of code to use our new access.module. The system
still has to mature though: new permissions have to be added and
existing permissions need stream-lining. Awaiting suggestions.
- As a direct result of the new access system, I had to rewrite the
way the top-level links in admin.php are rendered and displayed,
and xhtml-ified admin.php while I was at it.
TODO
- Home-brewed modules need updating, home-brewed themes not.
(Examples: file.module, trip_link.module)
- As soon we *finished* the refactoring of the user system (KJ has
been working on this refactoring already) we should consider to
embed this role and permission code into account.module ...
- Changed meta.module, node.module and index.php to use comma-seperated
lists of attributes rather then "foo=a,bar=b" lists. This makes it a
a lot easier to use both modules. In addition, error handling can be
discarded as it can't be made any simpler, really ...
It fits rather nicely in Drupal's design so I'm getting more and more
happy with this meta.module (but we are not 100% there yet).
- node.module, node.inc:
+ Improved the node-related admin interface so that navigating back
and forth the administrative menus is made both easier and faster.
+ Removed some redundant database fields from the node table. See
2.00-to-x.xx.sql!
+ Added 2 news hooks called "node_insert" and "node_update". Just
like this is the case with the existing hook "node_delete" these
new hooks will automatically get called when a node has been
inserted or udpated. Note that this is an optional call-back that
only needs to be implemented when required. With the addition of
these two hooks, the node mechanism (version 1) is pretty well
completed.
- watchdog.module:
+ Fixed bug whit the 'regular messages' query in the watchdog.module.
- book.module:
+ Fixed bug in book.module: the 'parent' was not set properly when
updating a book page.
+ Made it so that older versions of a book page are automatically
reactived upon deletion of the most recent version, i.e. when
doing a version roll-back.
- comment.inc:
+ Undid Remco's patch to comment.inc; it does not work in some cases.
- conf.module:
+ Fine-tuned some of the options in conf.module a bit.
- marvin.theme:
+ Visual changes to make it look better on Windows browsers. Mind
to give some feedback on this?
+ Fixed 3 HTML typos/bugs.
+ XHTML-ified the theme at a best effort basis; I didn't carry the
XHTML specification with me.
+ Made use of the theme_slogan variable to display the site's slogan.
+ As soon we have at least one valid XHTML theme we can wonder on how
to integrate other XML namespaces (cfr. MathML story at drop.org).
- database.mysql:
+ Updated database.mysql so that it contains all the latest "database
patches".
update, you'll break your site as you need switching from structure
to index.module: so this can be considered an intermediate commit.
If you upgrade, and you are welcome to, just create a collection
called "section" (for now) and assign your nodes some attributes
in the described format.
Feedback and bugreports are welcomed. Questions will be answered.
CHANGES:
- comment system:
+ when replying to a node (rather then to a comment), that
node is displayed above the reply form.
+ when replying to a comment (rather then to a node), that
comment is displayd above the reply form.
- removed structure.inc, removed structure.module.
- node.inc:
+ added 2 new node functions called 'node_attribute_edit()' and
'node_attribute_save()' used to 'hook in' any indexing system
including your home-brewed stuff if you'd want to. Currently,
index.module is the facto default index system.
See story.module for usage.
- book.module, story.module, poll.module, page.module, forum.module:
+ added preview functionality to administration section (via node
module).
+ removed all references to structure.inc (category, topic).
- moderate.module:
+ removed all references to structure.inc (category, topic).
- book.module, story.module, page.module, forum.module:
+ increased the sizes of some textareas.
- submit.php:
+ removed all references to structure.inc (category, topic).
- marvin.theme:
+ removed dead code: function story() was depricated.
- unconed.theme:
+ removed hardcoded references to drop.org.
- marvin.theme, unconed.theme, jeroen.theme, yaroon.theme, example.theme:
+ removed all references to structure.inc (category, topic).
TODO:
- file.module, trip_link.module:
+ update preview functionality:
see story.module for example.
+ remove references to 'cid' and 'tid', use 'attribute' instead:
see story.module for example.
- extend and build upon index.module as well as making it configurable
structure.module either needs work, or replacement by index.module:
see "admin > node > node settings".
It will do for now and it can always made better when we can think
of a better solution; it is the best I could think of. Now what?
index.module or structure.module? I'm currently pro index.module.
- Drastically simplified "variable.inc".
- Removed most dependecies on structure.module from all content related
modules. Thus making our modules more modular. ;)
- Fixed calculation glitch in queue.module.
- Fixed potential function name clash/conflict in rating.module, and
simplified some code on my way.
- Started removing all global variables $status and $rstatus. Global
variables are "yucky" so in near future, we will replace all global
$status variables by a call to node_status(). Originally, $status
was only introduced as a temporary hack and nothing is as permanent
as a temporary hack so I took it out when still possible.
- Changed the watchdog messages a bit.
- Redid settings.module and even renamed it to conf.module.
* Settings are now grouped in basic categories like "system
settings", "module settings" and "filters".
* Added new settings to make Drupal easier to configure and
to make some aspects like the watchdog scale better.
- Renamed includes/settings.php to includes/conf.php.
- Added filter support to conf.module and introduced filter hooks so
modules can implement and export new filters. Example filters are
an HTML filter (implemented), a profanity filter, an url converter,
ASCII smileys to images filter and so on ...
- Reworked the check_* functions: user contributed content/input is
only verified and filtered once in its lifespan.
NOTES
- Altough this is a large commit, no database changes are required.
is selected.
- Made theme_link() less "hard coded", we still have to make
it fully configurable though.
- Fixed glitch in story submission: the warning messages were
not displayed.
- Tidied up block.module a bit.
CHANGES:
- Added "read" and "write" permissions into drupal but removed
it again because - when finished after 3 hours of work - it
was considered nothing but added complexity that didn't buy
us anything. :I
(I'll explain this in detail on the mailing list, I guess.)
- Added a very simple help.module to group all available
documentation on a single page.
- Fixed bug in node_control(), book.module: UnConeD forgot to
global $user when updating the combobox code.
- Removed static wishlist.module: in future, the wishlist can
be maintained as a page in our collaborative book.
- Revised most of settings.module: tidied up the code and the
descriptions to accompany the settings and introduced a new
"default maximum number of nodes to display on the main page"
variable.
- Revised most of comment.module: the administration interface
looks better now, integrated node permissions, and -finally-
made it possible to delete comments.
- Polished on:
+ account.module
+ structure.module
+ locale.module
+ module.module
+ forum.module
- Form-ified:
+ account.php
+ account.module
+ setting.module
+ cvs.module
+ submit.php
+ comment.module
+ forum.module
+ book.module
+ page.module
+ locale.module
- Updated CHANGELOG
INFO:
- Designed a "generic tracker system with optional backends"
on paper. The idea is to allow registered users to hot-list
certain topics, individual nodes or threads (comments) and
to "plug-in" output backends like - for instance - an e-mail
digest. The design requires "intelligent blocks" though.
TODO:
- I want to tidy up the headline.module and backend.class as
well as merge in headlineRSS10.module. Julian spent quite
some time working on headline.module but I'm not sure what
he changed and whether he'd contribute it back?
makes "promoting nodes" to the main page possible. Stories
and reviews could be promoted by default, but - on accasion
a good book entry could be manually promoted too. Thus all
existing content types can be shown on the main page, not
just stories.
Requires a SQL update, see 2.00-to-x.xx.sql!
- Addition: implemented "auto-post new submissions" feature
to disable or by-pass the moderation queue in addition to
"moderate new submissions".
TODO: admin moderation versus registered user moderation.
- Addition: added category and topic support to page.module.
Made it so that we can disable/enable comments on a category by category basis. In order to accomplish this I had to make a few (*temporary*) changes.
I moved all comment code from the "module level" (eg. story.module) to the "node level". It was nothing but the logical next step in nodifying drupal. This enables us to add comments to all existing content types including book entries. But also for book entries, this to can be toggled on and off. :-)
Moreover module writers don't have to worry about the complex comment logic: it is "abstracted" away. This implies that story.module got smaller, faster and easier to comprehend. :-)
In order to accomplish this, I had to update ALL THEMES, which I did - and on my way I updated Goofy, Oranzh and UnConeD - with the previous changes. All themes are up-to-date now! I also had to remove the [ reply to this story ] links, and temporally re-introcuded the "Add comment" button in the "Comment control". Tempora lly that is, UnConeD. ;)
I plan to upgrade drop.org either tommorow or wednesday so test away if you have some time to kill. ;)
Oh, I also fixed a few bugs and made various small improvements.
your theme:
- corrected some missing translations in story.module. Oops!
- grealty simplified the "moderation threshold mechanism"(tm) so
that module writers don't have to worry about this. As a result
story.module and book.module became a bit smaller and easier to
grasp.
- greatly simplified new "category" and "topic" code which is soon
going to replace the "section" code. Needs more work though so
hang on thight.
- includes/section.inc and modules/section.module are replaced by
includes/structure.module and modules/structure.module.
- beautified example.theme a bit without adding HTML complexity:
it is a good example but still useful as a theme
- made theme example use "categories" and "topics"
--> TAKE A LOOK AT IT AND UPDATE YOUR THEME
- made theme marvin use "categories" and "topics"
--> TAKE A LOOK AT IT AND UPDATE YOUR THEME
- added 2 new "story listings" to administrator interface of
story.module to verify story integrity.
- optimized comment table a bit (work in progress)
it now uses the new category code, incl content bindings.
You can setup different "categories" which map on a content
type. Example:
review -> review.module
article -> story.module
column -> story.module
announc. -> story.module
addons -> file.module
themes -> file.module
- "generalised" story.module and book.module's output.
- fixed bug in includes/timer.inc
- fixed glitch in theme example.theme: it said "$how by" but
the variable $how has never been declared.
- added "drupal development settings" to display some timings
- more work on the categories/topics -> does NOT work yet
- fixed small visual glitch in includes/function.inc
- changed SQL tables around a bit to be more consistent
(result: small changes to a lot of different files)
- improved robustness of includes/node.inc
- improved output of cron.module
- improved output of node.php
the index page will only display stories for now but this will/can
change in the near future
- all other files now thinks in terms of nodes, rather then stories
abstract() + article() = story()
abstract() and article() have been merged into a new function story()
which looks like:
function story($story_object, $reply) {
if (!reply) {
// full story
}
else {
// main page version / abstract
}
}
This should allow you to "compress" your theme as abstract() and
article() tended to be 98% identical.
=> I didn't really merge your themes so I leave it up to *you* to
improved the code!!! Do it ASAP as we release drupal 2.00 in 7
days.
In future we'll have similar functions for other content types as
for example:
review($review, $reply);
enquete($enquete, $reply);
...
revised most of the SQL queries and tried to make drupal as secure as possible (while trying to avoid redundant/duplicate checks). For drupal's sake, try to screw something up. See the mail about PHPNuke being hacked appr. 6 days ago. The one who finds a problem is rewarded a beer (and I'm willing to ship it to Norway if required). I beg you to be evil. Try dumping a table a la "http://localhost/index.php?date=77778;DROP TABLE users" or something. ;)
This time I redid the "category"-stuff. Categories - from now on called sections - are now maintained from the admin pages, can have their own post, dump and timout thresholds as discussed earlier (some weeks ago). By tomorrow evening users will be able to enable or disable section as well - i.e. to customize the content of drop.org.
though but I think this is stable enough for public consumption and
real-life testing.
==> a first big step towards a flexible comment engine.
IMPORTANT:
- Required theme updatins:
UnConeD: check your $theme->controls() as I added a very, very
dummy implementation
- Required database updates:
alter table users modify mode tinyint(1) DEFAULT '' NOT NULL;
alter table comments change sid lid int(6) DEFAULT '0' NOT NULL;
alter table comments add link varchar(16) DEFAULT '' NOT NULL;
update comments set link = 'story';
- I rearranged some of the code and clean-up some of the mess.
- Added "blocks" which can be user defined/controlled: check
to see. The positioning of blocks is rather basic for the
moment, so I'm all open for input on that.
site:
- watchdog (rewrite):
+ the collected information provides more details and insights
for post-mortem research
+ input limitation
- database abstraction layer:
+ mysql errors are now verbose and is no longer displayed in a
browser - fixes a possible security risk
- admin.php:
+ updated watchdog page
+ fixed security flaw
- diary.php:
+ fixed nl2br problem
- themes:
+ fixed comment bug in all 3 themes.
- misc:
+ renamed some global variables for sake of consistency:
$sitename --> $site_name
$siteurl --> $site_url
+ added input check where (a) exploitable and (b) possible
+ added input size check
+ various small improvements
+ fixed various typoes
... and much, much more in fact.
Dries Buytaert
Kjartan Mannes
Steven Wittens