56d2664a90
- Patch #245115 by kkaefer, John Morahan, JohnAlbin et al: after a long discussion we've decided to make the concatenation operator consistent with the other operators.
2008-04-14 17:48:46 +00:00
79b016d915
- Patch #216072 by recidive, David Rothstein, ptalindstrom et al: switched from numeric block IDs to string IDs.
...
The short explanation is that Drupal uses a lot of numeric deltas in the block system; blocks are identified by the 'module' and the 'delta'. In early Drupal, delta was numeric, but somewhere along the line it was changed to be possibly a string. In modern Drupal, block overrides are easily done via block-MODULE-DELTA.tpl.php. The primary motivation to switch to string IDs everywhere is to make these deltas friendlier to themers:
block-user-0.tpl.php --> block-user-navigation.tpl.php
block-user-1.tpl.php --> block-user-login.tpl.php
You get the picture.
2008-04-10 10:28:23 +00:00
1dc36aa3d3
- Patch #244597 by drumm: remove login form text as this can now be accomplished using hook form_alter.
2008-04-10 01:35:31 +00:00
08aa23227e
- Patch #228594 by catch et al: removed access rule functionality from core.
...
The access rules capability of user module has been stripped down to a
simple method for blocking IP addresses. E-mail and username restrictions
are now available in a contributed module. IP address range blocking is
no longer supported and should be done at the server level.
This patch is partly motiviated by the fact that at the usability testing,
it frequently came up that users went to "access rules" when trying to
configure their site settings.
2008-04-08 22:50:55 +00:00
ed59911f9e
- Patch #29706 by pwolanin, solardiz, et al: more secure password hashing.
...
This is a big and important patch for Drupal's security. We are switching
to much stronger password hashes that are also compatible with the Portable
PHP password hashing framework.
The new password hashes defeat a number of attacks, including:
- The ability to try candidate passwords against multiple hashes at once.
- The ability to use pre-hashed lists of candidate passwords.
- The ability to determine whether two users have the same (or different)
password without actually having to guess one of the passwords.
Also implemented a pluggable password hashing API (similar to how an alternate
cache mechanism can be used) to allow developers to readily substitute an
alternative hashing and authentication scheme.
Thanks all!
2008-03-31 20:50:05 +00:00
e89ead0ae2
- Patch #226501 by webchick: permission descriptions were used incorrectly at admin/user/user.
2008-03-19 07:35:15 +00:00
584f3e886a
- Patch #30984 by webchick, keith.smith, kkaefer, Crell et al: provide descriptions for permissions on the permission administration page.
2008-02-20 13:46:43 +00:00
38e0ab1f62
- Patch #181578 by Moshe: removed distributed authentication code from user_save(). Factored the relevant code out to a separate function.
2008-02-18 19:34:08 +00:00
60688d68db
- Patch #181411 by Moshe: use schema API for saving and updating user records.
2008-02-18 16:53:37 +00:00
b8a1eab1fb
- Patch #210131 by dvessel, catch, John, et al: updated jQuery library.
2008-02-06 19:38:28 +00:00
c306d56a74
#216858 by jvandyk, moshe weitzman: fix plain wrong and misleading user module phpdoc blocks
2008-02-03 19:23:01 +00:00
7747e1e8e0
#215335 by jvandyk: fix user_login_submit() phpdoc
2008-01-29 18:56:56 +00:00
a44341a822
#208888 by jvandyk: set access time when externally authenticated user first logs in
2008-01-27 20:00:46 +00:00
ba5468e508
#119038 by ximo, Pancho: user role editing usability: include disabled checkbox for authenticated role
2008-01-22 07:51:56 +00:00
5ecb68806b
#210211 by chx, theborg: removing the broken admin user search, which would provide the same as the public facing user search anyway
2008-01-16 22:54:41 +00:00
b17cd3b613
#18954 by kkaefer, Pancho: built-in role names were not translated and some user_roles() call cleanups
2008-01-10 20:22:57 +00:00
a816feaddf
#206078 by Pancho, traxer: order roles with system roles first (usability)
2008-01-10 16:00:44 +00:00
c5aa55b38e
#204705 by pwolanin: abort user_save on SQL errors, to avoid data corruption
2008-01-10 15:03:53 +00:00
b78a990270
#207569 by ScoutBaker (minor code style): clean up @see usage in phpdoc blocks
2008-01-08 10:35:43 +00:00
a88c178b91
- Patch #204221 by webernet: code style fixes.
2007-12-28 12:02:52 +00:00
79d927f7aa
#152497 by bjaspan, with more docs from myself: user_external_login() was not updated to latest login process
2007-12-27 16:00:09 +00:00
34afaf8f28
#176748 follow up by pwolanin: fix bad breadcrumbs and missing/wrong titles
2007-12-27 14:03:37 +00:00
a8e1fb4351
#191914 by chx: admin check was missing from menu user_register_access()
2007-12-27 12:21:58 +00:00
2a1e980cdd
- Patch #203509 by pwolanin, chx, cwgordon7 et al: fixed menu inheritenace.
2007-12-26 19:02:24 +00:00
ac4c8f7ab0
#203274 by Pasqualle: remove excessive witespace from our code (minor)
2007-12-22 23:24:26 +00:00
374a452738
#172993 by drewish, Lynn: remove old user picture even when the newly uploaded one uses a different format
2007-12-20 21:59:17 +00:00
100329ad03
- Patch #201894 by David Rothstein: fixed typo in user output.
2007-12-18 19:20:01 +00:00
81ecb970bc
#199387 by Pancho: revert user login/register/request password page titles to 'User account' as it was in Drupal 5, instead of the bugos 'Log in'
2007-12-17 13:46:36 +00:00
7bcd7429df
#110474 by dww and keith.smith: passwords are not sent in welcome mails, so do not mislead our users
2007-12-14 18:29:59 +00:00
b6532a4fdb
#200069 by keith.smith: new standard for 'more information' links in module help texts, as the handbook we referred to before was renamed
2007-12-14 18:08:50 +00:00
7b52f8d52e
#131493 by spatz4000, ChrisKennedy, keith.smith: consistent username field description wording in installer and runtime interface
2007-12-14 16:07:42 +00:00
ce3542d8ab
#152497 by JohnAlbin, bdragon, moshe weitzman, chx and myself: several user login tasks, such as session id regeneration were not performed in all cases, so centralize this
2007-12-13 12:53:47 +00:00
c6d841c096
#197297 by DanW (as GHOP 17), and keith.smith: clean up lots of help texts, update to drag and drop functionality, drupal.module removal, etc
2007-12-13 09:34:40 +00:00
5622bce2d5
#198579 by webernet and hswong3i: a huge set of coding style fixes, including:
...
- whitespaces at end of lines
- indentation
- control structure usage
- whitespace in empty lines
- phpdoc comment formatting
2007-12-08 14:06:23 +00:00
9a96837b89
- Patch #163246 by keith smith, freso, O Govinda, catch, webchick et al: fixed minor spelling issues and fixed spacing issues.
2007-11-26 16:36:44 +00:00
045002e25c
#111481 by chx and pwolanin: profile categories may contain slashes, but this was not yet supported by the user object menu loader
2007-11-26 08:15:32 +00:00
a1e5ac031e
- Patch #192110 by profix898: fixed hook_profile_alter API.
2007-11-20 13:44:38 +00:00
b0676c8f27
#192692 by jrbeeman and mfer: (security) protect profile category page menu items with the visibility settings already available
2007-11-19 11:24:11 +00:00
8ebc345b9d
- Patch #191914 by chx: you cannot add user/register to a menu. Also removed some whitespace.
2007-11-17 14:25:23 +00:00
2d8259c764
#25605 by Rob Loach et al: disallow editing user data of uid 0
2007-11-14 16:01:30 +00:00
69da830ced
#171117 by JirkaRybka: set access time for admin created or edited accounts so they are exempt from the spam protection we have for accounts never logged in
2007-11-06 12:20:14 +00:00
235621a072
#185209 by ChrisKennedy: only provide picture deletion option if there is an actual user picture present
2007-11-06 08:53:52 +00:00
856ae39d35
#186903 by marcingy, Rob Loach and chx: (regression) restore my recent posts functionality in tracker
2007-11-06 08:51:23 +00:00
207e6f145f
#184729 by hazexp: remove duplicate wording about the username in mail sent out to new users
2007-11-04 16:02:32 +00:00
0d58aae221
#176342 by dmhouse, spatz4000 and Wim Leers: add reset parameter to user_access()
2007-11-04 15:42:52 +00:00
8dcb5ab976
#182528 by RobRoy: move drupal_set_message() out of user deletion API function to UI function
2007-10-27 14:01:12 +00:00
13f9882979
#179276 by JirkaRybka: (regression) fix profile field sections to order properly by weight.
2007-10-25 10:30:40 +00:00
8903cda5ca
#179519 by chx, webchick and Desbeers: fix blog/[uid] to only display posts for that user and also set proper title
2007-10-24 11:17:01 +00:00
b94f2716cf
#184867 by deekayen, catch and keith.smith: fix some spelling errors in our source code and messages printed
2007-10-21 18:59:02 +00:00
09e2701892
#181088 by fajerstarter, catch and JirkaRybka: rename 'access control' to 'permissions' for usability reasons
2007-10-12 10:41:48 +00:00
0313d80108
- Patch #181284 by killes and chx: performance improvements for user_access().
2007-10-07 19:27:40 +00:00
35c0e44330
#179695 by chx: only anonymous users should have permission to visit user/login, so this menu item is automatically hidden when a user is logged in
2007-10-03 13:01:04 +00:00
74def328c8
#167284 by Heine and pwolanin: proper field type placeholders in IN() queries, setting a best practice to avoid vulnerabilities
2007-09-27 16:52:00 +00:00
310dbd432e
#172765 follow up patch by pwolanin: fix user path access, which was broken by the user module split
2007-09-19 18:00:52 +00:00
439942db98
#168261 by mvc: redirect registered users back to the front page if admin approval is required, so their user account page is not directly accessible after registration
2007-09-14 17:38:08 +00:00
6bb5c304f3
#174440 by kkaefer: properly translatable filter dropdown elements on user admin page
2007-09-13 09:51:11 +00:00
ac7637bc9b
#172773 by numerous contributors: Make the actions interface usable by mere mortals (including rename of actions.module to trigger, but keeping the actions themselfs).
...
Complete previous history of actions module:
- #148410 by jvandyk: added rewrite of the actions module!
- #155986 by Uwe: fixed typos.
- #155828 by Eaton, pwolanin and jvandyk: let actions live even if actions.module is not turned on
2007-09-11 14:50:05 +00:00
e3daf88ec7
#166742 by Crell and dvessel: split user module (for performance reasons)
2007-09-10 13:14:38 +00:00
ea0f102c21
#174224 by kkaefer: send user notification email after the user object is updated
2007-09-09 20:21:02 +00:00
4a347be7ed
#173225 corrective fix: there were two uses of the ip variable, so revert to the original patch
2007-09-08 13:57:22 +00:00
15b52931a2
- Patch #173225 by killes: missing ip_address(). Slightly modified by me.
2007-09-08 08:57:26 +00:00
9307321817
#148677 by pwolanin: set active menu item on 403/404 pages (and on the user page)
2007-09-06 12:47:20 +00:00
957997516d
- Patch #172765 by webchick and chx: path 'user' returns 403
2007-09-04 14:37:48 +00:00
1e04b134f4
#172453 by webchick: proper default value for user roles (radios need an int, not an array)
2007-09-02 12:46:21 +00:00
3d6b273206
#172455 by chx: a notice and missing form API conversions in user module
2007-09-02 12:24:49 +00:00
118e91cc40
#155828 by Eaton, pwolanin and jvandyk: let actions live even if actions.module is not turned on
2007-08-29 14:57:50 +00:00
7531f956aa
- Patch #169627 by JirkaRybka: improved logging of mail problems.
2007-08-26 08:00:49 +00:00
5e73b66f3a
- Patch #168028 by dvessler, merlinofchaos, pwolanin et al: both theme functions and templates may need include files. Flush your caches.
2007-08-26 07:46:11 +00:00
74292cd062
- Patch #80951 by killes, yched et al: block caching.
2007-08-19 08:08:45 +00:00
8971add849
#163191 follow up patch by hswong3i and pwolanin: use a has_rows flag where we dont need a counter
2007-08-18 20:03:19 +00:00
6ecef0ee38
#156796 by webernet, asimmonds and pwolanin: user editing forms cleanup and fixing deletion API remainings
2007-08-16 13:07:31 +00:00
c3207e0ec1
#162050 by dvessel: user_comment() now modifies the comment, although hook_comment() was not intended to modify the comment, so we need to pass it in by reference to get modified
2007-08-16 09:32:06 +00:00
bc33e002fa
#166688 by pwolanin: user_build_content() needs to have the account passed by reference
2007-08-12 19:25:57 +00:00
c17499b6fe
- Patch #163191 by hswong3i: removed db_num_rows() for compatibility with Oracle and DB2. Also a performance improvement. (Correct version this time.)
2007-08-12 16:12:00 +00:00
b134b023e1
- Patch #163191 by hswong3i: removed db_num_rows() for compatibility with Oracle and DB2. Also a performance improvement.
2007-08-12 15:55:36 +00:00
51b0221331
#165358 by John Morahan: do not regenerate the session when the user is saved without a password specified
2007-08-09 10:49:26 +00:00
79d8390f90
- Patch #161510 by dvessel: tplified user.module.
2007-08-02 10:41:26 +00:00
bf7a70f98c
- Patch #156553 by AjK: fixed E_NOTICE
2007-08-02 10:22:45 +00:00
1c55ed7d88
- Patch #162486 by Eaton: user/%user/edit/foo tabs only appear if additional profile categories have been defined.
2007-07-27 13:08:17 +00:00
6ea74bfe47
#149092 by Gurpartap Singh slightly modified: Usability: generalize timezone discovery to use on user registration
2007-07-25 17:35:47 +00:00
61b225ee8b
161496 by meba: display message about successful login, if registration verification is not required
2007-07-25 14:49:55 +00:00
64def7cb3e
#100641 by kkaefer, ChrisKennedy and RobRoy: change 'Submit' buttons to 'Save' to compliy with the desktop metaphor and actually tell what the button does ('we know it submits the form, but what it does?')
2007-07-16 12:43:06 +00:00
83654b3dd9
- Patch #159332 by jakeg: can't save roles on user_save().
2007-07-14 15:21:38 +00:00
e4c7378ef3
#158289 by merlinofchaos: Remove paragraph tag from drupal_set_message()
2007-07-11 19:59:11 +00:00
806d0a3dee
#156910 by asimmonds: fix code indentation problems introduced with new code in this development cycle; only whitespace changes
2007-07-05 08:48:58 +00:00
92a32a8676
#156812 by tangent: coding style issues corrected in user.module, identified with coder module
2007-07-04 21:42:39 +00:00
ee701b3336
- Patch #155986 by Uwe: fixed typos.
2007-07-02 14:41:37 +00:00
8caf4da7f1
#82499 by Jose A Reyero and a little bit from myself: send emails localized in the language needed in specific situations, and centralize mail composing operations with hook_mail()
2007-07-01 19:49:19 +00:00
e59852d336
- Rollback of patch #147723 : delete API. Talked to Steven and Gabor and we
...
unanimously agreed to rollback the deletion API. We all support the
features this patch added, yet not its actual design and implementation.
After some talk, we decided that it would be better for Drupal -- in the
long term -- not to go with a solution that isn't 100%. We also recognize
that in the short term, this patch would have been useful addition. So
let's figure out how we can implement this properly in D7.
2007-07-01 17:41:16 +00:00
9e6ef53c2c
#154064 by pwolanin: get hook_help() up to speed to menu changes, allowing router path based lookups, and also full path argument lookup with a passed argument array
2007-06-30 19:46:58 +00:00
15bf4681c2
- Patch #130108 by webchick: link to newly created account in admin panel.
2007-06-29 18:19:25 +00:00
2348e7de6f
- Patch #148410 by jvandyk: added rewrite of the actions module!
...
This is a very important patch, but one that is merely an enabler.
Hopefully we'll see more people submitting "action patches" in the
near future.
Thanks for the hard work and persistence, John. *If* you decide
to update the Drupal Pro Development book to Drupal 6, make sure
to add a chapter on actions. ;)
2007-06-29 18:06:51 +00:00
8dd8b0c223
- Patch #118730 by kaerast, kkaefer and webchick: subltle but important documentation improvement
2007-06-29 11:18:40 +00:00
2bf7c1c0e3
- Patch #147662 by Gordon et al: add new #pre_render callback to drupal_render().
2007-06-28 07:48:41 +00:00
cc9f167e49
#154218 by Steven: HTML to text email converter, centralizing email wrapping in Drupal core and providing a solid conversion function for contributed modules
2007-06-26 22:21:08 +00:00
7093495f7c
#154046 : Optimize confirm_form syntax for common usage (and fix some $form_state bugs).
2007-06-24 10:09:53 +00:00
028c8e6050
#148678 : Fix notices/warnings on invalid paths like 'node/zzz'. (chx/pwolanin/webernet)
2007-06-24 00:38:40 +00:00
b1d45297e7
#113983 by damien_vancouver and myself: allow administrators to search users by e-mail too
2007-06-23 21:35:08 +00:00
68e7598b87
#152492 by JohnAlbin: clean up global user setting, which is done already
2007-06-23 13:15:49 +00:00
1d6be6f0b7
#153372 by bjaspan: fix user login form values and openid interacion
2007-06-23 08:58:31 +00:00
Dries Buytaert
Gábor Hojtsy
Steven Wittens