up the documentation a little.
chx: can you double-check whether the global $conf variable is secure?
(That is, make sure it can't be send using the URL or something.)
Drupal's existing caching mechanism doesn't perform well on highly dynamic websites in which the cache is flushed frequently. One example is a site that is under attack by a spambot that is posting spam comments every few seconds, causing all cached pages to be flushed every few seconds. Loose caching immediately flushes the cache only for specific users who have modified cached data (whether or not they are logged in), delaying the flushing of data for other users by several minutes.
(I rewrote the help text a bit and made minor changes to the code comments.)
* Fix a bug which would cause the "configure" link for styles to be broken.
* Fix a bug with using drupal_get_filename for theme engines. Although this is not called anywhere in core, we should still fix it for contrib. (i.e. themes that may want to manually invoke a theme engine to create a hybrid theme)
* Correct an inaccurate comment in theme.inc
* Populate the default primary links with an "edit primary links" link for consistency with the secondary links
* remove some unnecessary variables in the theme administration which had misleading and confusing names
* replace time-consuming foreach when rendering theme admin page with a more efficient array_key_exists
* usability: rather than completely removing the search box checkbox when search.module is disabled, simply disable it. (UI elements shouldn't appear/disappear.)
We added a 'severity' column to watchdog():
watchdog($type, $message, $link) --> watchdog($type, $message, $severity, $link);
* Specify a severity in case you are reporting a warning or error.
* The $link-parameter is now the fourth parameter instead of the third.
TODO: document this in the upgrade guide.
+ Make bootstrap functionality work with HEAD.
+ Move functions into bootstrap.inc so that statistics_exit() works for cached pages. (Does this close any issues?)
Read the manual for pg_escape_string: "Use of this function is recommended instead of addslashes()." Or read sqlite_escape_string: "addslashes() should NOT be used to quote your strings for SQLite queries; it will lead to strange results when retrieving your data."
1) Menu problems with Postgres (this is a highly critical 1 line fix)
2) Archive module fails with Postgres
3) Postgres setup problems - changes to database.pgsql (although i made these changes myself before finding this patch)
4) Book module fails with Postgres
5) Postgres problems following creation of a new type of user - which is actually about a taxonomy.module bug.
6) Creating accregator_item_table in PostgreSQL
7) Postgres - Polls not displayed on Poll Page
8) Blog module has sql errors with postgres
This should not affect MySQL users (hopefully).
Here's an overview of the changes:
1) Multiple Input formats: they are complete filter configurations (what filters to use, in what order and with which settings). Input formats are admin-definable, and usage of them is role-dependant. For example, you can set it up so that regular users can only use limited HTML, while admins can free HTML without any tag limitations.
The input format can be chosen per content item (nodes, comments, blocks, ...) when you add/edit them. If only a single format is available, there is no choice, and nothing changes with before.
The default install (and the upgrade) contains a basic set of formats which should satisfy the average user's needs.
2) Filters have toggles
Because now you might want to enable a filter only on some input formats, an explicit toggle is provided by the filter system. Modules do not need to worry about it and filters that still have their own on/off switch should get rid of it.
3) Multiple filters per module
This was necessary to accomodate the next change, and it's also a logical extension of the filter system.
4) Embedded PHP is now a filter
Thanks to the multiple input formats, I was able to move the 'embedded PHP' feature from block.module, page.module and book.module into a simple filter which executes PHP code. This filter is part of filter.module, and by default there is an input format 'PHP', restricted to the administrator only, which contains this filter.
This change means that block.module now passes custom block contents through the filter system.
As well as from reducing code duplication and avoiding two type selectors for page/book nodes, you can now combine PHP code with other filters.
5) User-supplied PHP code now requires <?php ?> tags.
This is required for teasers to work with PHP code. Because PHP evaluation is now just another step in the filter process, we can't do this. Also, because teasers are generated before filtering, this would result in errors when the teaser generation would cut off a piece of PHP code.
Also, regular PHP syntax explicitly includes the <?php ?> tags for PHP files, so it makes sense to use the same convention for embedded PHP in Drupal.
6) Filter caching was added.
Benchmarking shows that even for a simple setup (basic html filtering + legacy URL rewriting), filtercache can offer speedups. Unlike the old filtercache, this uses the normal cache table.
7) Filtertips were moved from help into a hook_filter_tips(). This was required to accomodate the fact that there are multiple filters per module, and that filter settings are format dependant. Shoehorning filter tips into _help was ugly and silly. The display of the filter tips is done through the input format selector, so filter_tips_short() no longer exists.
8) A more intelligent linebreak convertor was added, which doesn't stop working if you use block-level tags and which adds <p> tags.
http://drupal.org/files/issues/error_messages_list.png (issue #9138).
drupal_set_message() has been changed to group message by type and a
helper function, theme_status_message(), is added to display the messages.
Chameleon and Xtemplate have been updated to use this new function.
- Updated CHANGELOG.txt.
Steven Wittens
Dries Buytaert
Kjartan Mannes
