.inc files can be read from the web including `config.inc' which contains
the account information (login, password) to the MySQL database. Apache
has now been setup to deny access to all *.inc files from the web.
I replaced much of the giffies filenames with more human-readable ones.
Yes this implies a lot of removing and replacing giffies. Expect some more
cvs updates. :)
been fixed yet though, but at least it won't try to load non-existing
themes. That is, you might not be able to select your prefered theme,
but you should be able to surf the pages with the default theme no
matter what. Hence, it semi-fixes the theme problem reported earlier
by UnConeD.
Natrak: make sure the new user system won't suffer the same problem.
Use file_exists(string filename) to check whether the theme
does actually exist. If not, load the default theme.
IMPORTANT: temporary theme fix!
-------------------------------
* Added a *temporary* (see below) file called 'reset.php'. Visiting
this page at http://beta.drop.org/reset.php will reset your drop.org
cookie. This will automatically make you logout from your drop.org
account, eventually (read: hopefully) fixing some cookie problems
(if any).
Example: if you can't surf the site anymore because of the theme
problem, you can visit reset.php to logout. This will dump
you on the default theme, which you should always be able
to use no matter what.
* Note that this is a temporary file/fix! Maybe we should start making
a development page which groups this kind of features. For instance,
we could add a 'cookie reset', 'cookie dump', 'cookie examine', etc.
If non-developers need this kind of features too, then we might want
to add it to the account settings, make a helpdesk.php page or
whatever. Yes or no? Suggestions?
The new version is a generic framework that has everything ready to add
support RSS and XML backends in a 100% transparant way. It's a flexible
framework. Other changes include: better coding, improved robustness and
readability.
* RSS and XML support will be integrated in near future.
* Cache-invalidation is set to 30 minutes.
Dries Buytaert
natrak
Jeroen Bensch