are those that have the "bypass input data check" permission set. Should
address bug #2147.
- Improvement: simplified index.php and modules/admin.module.
- Bugfix: fixed broken links in bloggerapi documentation. Patch by Chris
Johnson. Fixes bug #2030.
- Bugfix: fixed the date shown on a book module preview. Reported as part
of bug #2097.
- Bugfix: fixed broken URL in the book module documentation.
and the request will be terminated when something suspicious is
detected. This will be logged in the watchdog. With help from Marco.
- Fixed translation issue in the archive module. Patch by Gerhard.
- Removed dead parameter from variable_get(). Patch by Chris Johnson.
Fixes bug #2111.
- Improved input checking of taxonomy module. Patch by Gerhard.
Fixes bug #2112.
the fix was somewhat simpler. Fixes bug #2003.
- Bugfix: fixed problem with voting on certain poll pages. Patch #37 by Al.
- Improvement: removed stupid descriptions from profile module.
- Bugfix: fixed translation problems in the user module and the block module. Patch by Stefan.
- Improvement: made it impossible to delete user role #1 and #2. Patch #38 by Al.
- Improvement: fixed the "Allowed HTML tag" issues. Makes for better code and improved usability. Patch #35 by Al.
NOTE: as soon the compose tips make their way into CVS, most of this code can be removed.
- Bugfix: block patch fix. Patch by Gerhard.
- Bugfix: fixed broken URL in ping. Patch by Gerhard.
(This should fix the problems shown on http://www.blo.gs/info.php?id=1515.)
- Improvement: added better password generator. Patch #1 by Al. Fixes bug
#1935.
- Improvement: performance improvement to the blog module. Patch by Marco.
- Improvement: renamed some theme functions of the forum module for sake of consistency/readability. Patch #2 by Kristjan.
- Improvement: usability improvements to the Xtemplate theme. Patch #3 by Kristjan.
- Improvement: CSS'ified the book module pages. Patch #3 by Al. (I simplified the "l
ocation" part. Al's approach gave you a bit more power but I'm not sure anyone wants
to change that. Besides, this will change as soon we integrate the menu system so I kept it easy for now.)
- Bugfix: fixed the defaults for blocks in database.mssql so the NOT NULL fields get values. Patch by Kjartan.
- Bugfix: changed check_form() to use htmlspecialchars() instead of drupal_specialchars() as this caused Drupal to emit incorrect form items in presence of quotes. Example:
<input type="submit" class="form-submit" name="op" value="Submit "top nodes" block changes" />
IMO, drupal_specialchars() is better called xmlspecialchars() to avoid confusion.
- Bugfix: when an anonymous user visits a site, they shouldn't see any content (except the login block, if it is enabled) unless they have the "access content" permissions. Patch by Matt Westgate.
- Improvement: improved the error checking and the error messages in the profile module. Updated the code to match the Drupal coding conventions. Modified patch from Matt Westgate.
- Improvement: don't generate the <base href=""> tag in the base theme; it is already emitted by theme_head(). Patch by Kristjan.
- Improvement: don't execute any SQL queries when checking the permissions of user #1. Patch by Kjartan.
- Improvement: made a scalable layout form that works in IE and that behaves better with narrow themes. Part of patch #51 by Al.
- Improvement: removed some redundant print statements from the comment module. Modified patch from Craig Courtney.
- Bugfix: made the "moderate" field behave. Patch 0030.queue.module.help.and.settings.form.patch by Al.
- Documentation: revised a large part of the help texts / documentation! Al's 0024.* patches.
- Documentation: added a glossary to the help module. Patch 0025.help.module.glossary.patch by Al and Michael.
- Usability: first step towards unifying the terminology used in the cloud module. Patch by 0028.site.cloud.rationalize.name.patch Al.
- Usability + CSS improvements: revamped the node form and removed all tables. Patch 0027.node.form.rewrite.patch by Al.
- CSS improvements: patch 0026.admin.css.small.improvement.patch by Al.
- Updated the MAINTAINERS file.
==> This fix requires to run update.php!
- Bugfix: made sessions work without warnings when register_globals is turned off. The solution is to use $_SESSION instead of session_register(). This fixes critical bug #1797. Patch by Marco.
- Bugfix: sometimes error messages where being discarded when previewing a node. Patch by Craig Courtney.
- Bugfix: fixed charset problems. This fixes critical bug #1549. Patch '0023.charset.patch' by Al.
- Code improvements: removed some dead code from the comment module. Patch by Marco.
- Documentation improvements: polished the node module help texts and form descriptions. Patch '0019.node.module.help.patch' by Al.
- CSS improvements all over the map! Patch '0021.more.css.patch' by Al.
- GUI improvements: improved the position of Druplicon in the admin menu. Patch '0020.admin.logo.patch' by Al.
- GUI improvements: new logos for theme Marvin and theme UnConeD. Logos by Kristjan Jansen.
- GUI improvements: small changes to the output emitted by the profile module. Suggestions by Steven Wittens.
- GUI improvements: small fixes to Xtemplate. Patch '0022.xtemplate.css.patch' by Al.
TODO:
- Some modules such as the buddy list module and the annotation module in the contributions repository are also using session_register(). They should be updated. We should setup a task on Drupal.
- There is code emitting '<div align="right">' which doesn't validate.
- Does our XML feeds validate with the charset changes?
- The forum module's SQL doesn't work properly on PostgreSQL.
to avoid XSS attacks! Patch by Al, Moshe, Marco, Kjartan and me.
- Bugfix: the admin module does now import drupal.css prior to admin.css.
Patch by me.
- Bugfix: the admin module was still emitting a <base href=""> tag. I
removed this as it is been taken care of by theme_head(); Patch by me.
- Bugfix: made the tracker module's pager only consider published pages.
Patch by Moshe.
- Bugfix: cured some typos in the comment module's help function. Patch by
Marco.
- Bugfix: fixed a typo in the pager_display() that caused optional
attributes to be discarded.
- Bugfix: made the Xtemplate emit empty boxes like any other theme does.
Patch by Al.
- Bugfix: fixed broken link on the statistics module's log page.
Reported by Kjartan.
- CSS improvements: made the HTML output emitted by the tracker module
look nicer. Patch by Moshe and Al.
- CSS improvements: added CSS classes for form elements. Patch by Al.
- CSS improvements: added a vertical gap between the last form item and the
submit button. Patch by Al. Note that Opera 6 is not picking up this
CSS but apparently others browsers such as Konqueror do.
- Xtemplate improvements: changed the color of the selected day in the
archive module's calendar. Patch by Al.
- Usability improvements: made the "birthday" field of the profile module
look nicer. Patch by Al.
------
- TODO: it might be a good idea to emit the following meta tag in the
theme_head() function:
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
Currently, some themes (and modules!) emit this while others don't. This
would also make it possible to change the charset site-wide.
- TODO: now we added support for td.dark and td.light to drupal.css, maybe
it can be removed from admin.css as well as xtemplate.css?
components such as lists, form items, removes an ugly hack from the
archive module and should fix the poll problem (although it doesn't
Opera/Konqueror).
a little hack that sometimes patches the request_uri(); I don't think
this should trigger in first place. If it does, let me know the URL of
the form as well as the referring page. (If this needs fixing after all,
fixing this _inside_ request_uri() might be a better solution.)
of the "footer" hook (and because of the existence of the page module).
This caused the node view counter to be incremented twice per page view,
the cache being set twice, etc. Quite a bug.
- Fixed a typo in the MSSQL database scheme. Patch by Michael Frankowski.
- Removed dependency on "register_globals = on"! Patches by Michael Frankowski.
Notes:
+ Updated the patches to use $foo["bar"] instead of $foo['bar'].
+ Updated the INSTALL and CHANGELOG files as well.
- Tiny improvement to the "./scripts/code-clean.sh" script.
The Great Git Migration
Dries Buytaert
Kjartan Mannes