Parent Directory
| 
Revision Log
| 
Revision Graph
| Links to HEAD: | (view) (download) (as text) (annotate) |
| Sticky Tag: |
#619666 follow-up by effulgentsia: Fixed hunk in user_access().
#619666 by effulgentsia, casey, and catch: Changed Introduce new pattern for drupal_static() in performance-critical functions.
#108818 by David Strauss, chx, Crell: Add transactions to key X_save() routines.
#622136 by brandonojc and mgifford: Fixed user filter accessibility.
- Patch #530652 by sun: _user_password_dynamic_validation() should be a #process of password_confirm().
- Patch #630864 by Amitaibu: fixed notice when fields were added to user, becuase object was not passed correctly.
- Patch #614444 by scor, effulgentsia: more consistent RDFa logic for username.
#525504 follow-up by andypost: Fixed PHPDoc typo.
- Patch #607244 by sun: added permission to decrease performance impact of contextual links.
#525504 by gpk, Dave Reid, sun: anonymous users should not have a contact form; also with added code documentation
#192056 by effulgentsia, Dave Cohen, andypost, hswong3i, geodaniel, pwolanin, and dahacouk: Ensure user's raw login name is never output directly.
- Patch #616616 by sime: add warning to 'Administer users' permission.
#600974 by effulgentsia, JohnAlbin, sun, and Damien Tournoud: Allow theme functions to take one argument without any hacks. NOTE: This is an API change in hook_theme().
- Patch #443200 by c960657: fixed user pictures not working with private files.
- Patch #493030 by scor, Stefan Freudenberg, pwolanin, fago, Benjamin Melançon, kriskras, dmitrig01, sun: added RDFa support to Drupal core. Oh my, oh my.
- Patch #589126 by mfb: fixed bug with user module using a flood window of 6 hours, but flood events more than 1 hour old being deleted by cron. Improved API documentation, and added tests.
- Patch #550718 by sun, alexanderpas: admin/people needs to have default tab so it looks consistent on ?q=admin.
#356074 by chx and Damien Tournoud: Provide a sequences API. Gets rid of stupid tables that only contain an incrementing ID, and fixes database import problems due to user ID 0.
- Patch #440876 by Dave Reid, sun: reuse comment.module's anonymous cookie information.
#493314 by yched and catch: Add multiple hook for formatters.
- Patch #356074 by chx, Damien Tournoud: provide a sequences API.
- Patch #594650 by sun, c960657: provide central ()['values'] clearance.
- Patch #590092 by baldwinlouie: who's online block should never report anonymous users.
#569238 by sun, swentel, catch: Changed Make check_markup() not cache by default.
- Patch #525504 by Dave Reid, gpk: anonymous user should not have contact form.
#118345 by sun: Make user.module conform to standard presave/insert/update/form_alter hook paradigm.
- #440876 by Dave Reid, sun: reuse comment.module's anonymous cookie information for contact forms.
#589160 by Amitaibu: Use user_load_multiple() in user operations.
- Patch #572618 by effulgentsia, pwolanin, sun: all theme functions should take a single argument. Code clean-up and performance improvement. Woot.
- Patch #595982 by moshe, chx: use #tableselect instead of ugly theming on admin users and admin nodes.
- Patch #554088 by mr.baileys, sun | eaton: Changed Move user_mail_tokens() and emails to token system.
- Patch #578520 by sun | c960657, mfb, Dries, catch, mattyoung: make in url() only accept an array. Another nice API clean-up!
- Patch #118345 by sun: code clean-up and removed extra condition that slipped in.
- Patch #550718 by alexanderpas, Gábor Hojtsy | Dries, webchick, ugerhard: tabs on admin pages are not accessible from overviews and menus.
- Patch #118345 by sun | nedjo, pwolanin, webchick: DIE hook_user_form() + hook_user_register() DIE!
Patch #331893 by mgifford, nigel, Xano, Everett Zufelt | Cliff, Bojhan, mcrittenden, webchick, Josh Waihi, alpritt, heather: improved the password checker.
Patch #579366 by sun, litwol | chx, Dries: simplified form API redirection handling. I can actually understand it now. ;-).
- Patch ##525540 by jvandyk, sun, jhodgdon, fago | webchick, TheRec, Dave Reid, brianV, sun.core, cweagans, Dries: gave trigger.module and includes/actions.inc an API overhaul. Simplified definitions of actions and triggers and removed dependency on the combination of hooks and operations. Triggers now directly map to module hooks.
- Patch #300993 by sun: extended the roles and permissions API so we can revoke permissions from a role etc.
#571086 by sun and merlinofchaos: Added a 'wrapper callback' that executes before a form builder function, to facilitate common form elements. Clean-up from form_builder changes from CTools patch. Has nice side-benefit of making all form functions' signatures consistent.
#564394 by Berdir and Crell: Removed database BC layer. nah nah nah nah... hey hey hey... gooood byeeee...
#365597 by mfb, Jody Lynn: Don't show access denied when logging in via OpenID to user/login.
Drupal 5.20
#360605 by Berdir et al.: make Drupal core work with PHP 5.3.0 out of the box (fixes for incompatibilities introduced with PHP 5.3.0)
#530950 by catch, andypost: use \!isset() instead of is_null() in user_access() to be consistent and more performant
#318453 by svdoord and ahmed.othman, slightly modified: ensure that the user registration guidelines show above form fields added by the profile module by setting a low enough weight
- Patch #574002 by sun: remove argument from user_access().
#564632 by moshe weitzman: Unify various _build() functions and remove duplicate copy of content.
- Patch #572932 by sun: rename hook_elements() to hook_elements_info() for consistency. Yay to API clean-ups during 'slush'.
- Patch #565290 by flobruit, chx: fixed user register when configured not to use e-mails.
- Patch ##239676 by v1nce, pwolanin, mfb: fixed SA-CORE-2009-001: missing validation for hook_user().
#331180 follow-up by pwolanin and mfb: Fix sending of mail.
- Patch #495968 by Frando, moshe weitzman: added drupal_render() cache pattern. Start using it for blocks.
- Patch #505214 by pwolanin: make the search module a slightly better framework.
- Patch #560746 by dropcube: rename hook_block_list() to hook_block_info() for consistency in the API.
#562624 by mcjim: Fixed WSOD on admin/config/people.
- Patch #296693 by sun: revert system_admin_menu_block_access().
- Patch #300993 by dropcube, Dave Reid: user roles and permission API. Great patch.
- Patch #460320 by catch, fago, Frando: standardized, pluggable entity loading for nodes, users, taxonomies, files and comments.
#497118 by chx, catch, pwolanin, JoshuaRogers, and Jacob Singh: Remove the function registry. While the hope was that this would result in improved performance for low-end hosts, it comes at the expense of critical development experience problems and less benefit than something like APC. Class registry remains intact to facilitate autoloading.
Of all the patches to accidentally commit without a message. :( Rolling back registry rip. Let's try that again.
*** empty log message ***
#542658 follow-up by sun: Move action 'tabs' out of local tasks and into local actions.
#326539 by JohnAlbin, sun, cha0s, ultimateboy, Rob Loach, Damien Tournoud: Convert 'class' attribute to use an array, not a string.
- Patch #549432 by Bohjan, Gábor Hojtsy: create 'people and permissions' section in 'configuration and modules'.
#551080 by Gábor Hojtsy: List non-container items (stuff in the toolbar) on /admin for a complete overview.
#516138 by yched, KarenS, quicksketch, bangpound, et al.: CC-FREAKING-K IN CORE! OH YEAH! :D
#517814 by jmstacey, justinrandell, pwolanin, drewish, Jody Lynn, aaron, dopry, and c960657: Converted File API to stream wrappers, for enhanced private/public file handling, and the ability to reference other storage mechanisms such as s3:// and flicker://.
- Patch #491972 by Berdir, webchick: clean-up of user/profile related hooks and APIs.
- Patch #538526 by catch, Gábor Hojtsy, yoroy, et al: rename 'User management' to 'People' in the header -- not anywhere else.
#517606 by jerdiggity, JuliaKM: minimal whitespace fix in user.module
#485974 by pwolanin, Damien Tournoud, mr.baileys: Improved security by limiting the number of allowed login attempts.
#382870 by geerlingguy, jmburnz, EclipseGc, JohnAlbin, sun, et al: Update and Polish default node.tpl.php output.
#433992 by David_Rothstein and Frando: Change #theme_wrapper to #theme_wrappers to allow multiple theme functions to execute on renderable objects.
#530950 by catch: Replace iss_null() with isset() - small optimization.
- Patch #536570 by Gábor Hojtsy: implemented new IA for top-level users.
- Patch #517606 by JuliaKM: removed one white space ...
#525754 by chx: Clean up some trailing whitespace.
- Patch #493746 by JohnAlbin, ultimateboy, moshe weitzman: Enhance drupal_attributes() for multiple valued values.
- Patch #491456 by quicksketch, drewish, et al: image effects and actions.
#488542 by yched: Allow field UI to be attached to any fieldable entity.
#372766 by jhodgdon: Clarify documentation for user_save().
- Patch #510740 by agentrickard: rename user_admin_perm() to user_admin_permission().
- Patch #506976 by catch: rename hook_perm to hook_permission.
#504678 follow-up by catch: Fix notice in PHP 5.3.
Drupal 6.13
- Patch #477944 by DamZ: more streamlining and clean-up of session handling code.
- Patch #497612 by Moshe Weitzman et al: harden user login by correctly using the form API. Complete commit now. Thank you, thank you.
#460706 by wulff and c960657: Don't show surrounding fieldset on user registration form when only one profile category exists.
- Patch #409750 by yched et al: overhaul and extend node build modes.
- Patch #391412 by JamesAn et al: move contact form, post, and user settings below Site configuration.
- Patch #334283 by Damien Tournoud, andypost, Freso et al: add context to t() to help deal with ambigious strings (and improved the locale APIs a bit). Example: May is both a short month name as a long month name in English, but not necessarily in other languages.
- Patch #481802 by catch, leisa: update user permission help text.
- Patch #479966 by Berdir: document and fix hook_user_categories.
- Patch #477944 by Damien Tournoud: fix and streamline page cache and session handling.
- Patch #461298 by catch: move node_load_multiple() special casing into user_node_load().
- Patch #472642 by stella, agentrickard: remove 'implementation of' nominalizations from Docblocks.
#296693 by Damien Tournoud, boombatower, sun, and Xano: Hide parent administrative menu items when user has no access to any of their children.
- Patch #471800 by stella: more code style fixes.
- Patch #470594 by Moshe: convert more pages and blocks to return arrays.
- Patch #471070 by stella: millions of code style fixes.
#61856 by blakehall, Pancho, and jredding: Trim e-mail addresses before validation/submission.
Roll-back of #310467: Breaks installer requirements check and update.php.
- Patch #468978 by Bohjan: removed user administration description.
#196862 by Damien Tournoud, et al: Replace COUNT(*) queries with SELECT 1 ... LIMIT 1 queries when all that's required is a check for whether rows exist.
- Patch #310467 by chx, moshe weitzman: made hook_theme slimmer.
- Patch #399248 by deekayen: detect when a signature is too long to prevent SQL errors.
- Patch #353069 by Moshe Weitzman, dmitrig01: make drupal_get_form() return unrendered forms.
- Patch #240873 by Gábor Hojtsy, sun: block system clean-ups. Thanks for the review sun.
- Patch #394594 by Berdir: additional conversion to the new database abstraction layer plus clean-up.
- Patch #240873 by Gábor Hojtsy: move custom help settings to blocks. Very exciting.
#437930 by soxofaan: remove unnecessary tabindex attribute from login form; makes altering harder
- Patch #444966 by dereine: code style clean-up.
#303965 by moshe weitzman and snufkin: Allow data import scripts to set /->is_new programmatically.
- Patch #147310 by c960657: added tests for private files, fixed a problem with private files and minor improvements.
#368559 by moshe weitzman: Return renderable arrays from profile pages.
Roll-back of #333054; needs more discussion.
- Patch #437930 by soxofaan: remove tabindex attributes from user_login form.
- Patch #394594 by ksenzee: converted most of the user module code to the new database abstraction layer.
- Patch #333054 by c960657: page cache should be case sensitive.
#369964 by yched and bjaspan: Refactor field validation and error reporting. Field API no longer coupled to Form API. Hooray.
- Patch #273137 by pwolanin, David_Rothstein, chx, et al: split navigation to user and administration menu. Will require follow-up patches.
#347250 follow-up by c960657: Fix OpenID failure introduced by user_load_multiple().
#347250 follow-up by yched: Re-order fields load to before the general module load.
#347250 by catch, drewish, and Berdir: Add function for loading multiple users in one request.
- Patch #322344 by merlinofchaos, Frando, catch, sun: form improvements from Views.
Roll-back of users -> user table name change in #330983: Broken pgsql is no fun.
#109588 by fago, cdale: use the existing user account objects instead of arg() checks, as well as fix use of where it should be
- Patch #374568 by chx: remove useless JOIN from permission query.
#330983 by recidive and boombatower: Rename users/users_roles tables to user/user_role for consistency.
#371327 by quicksketch: Fix user picture rendering (with fixed tests).
- Patch #355236 by Frando: refactor drupal_render() theming.
- Patch #361683by Barry, Yves, Karen, Moshe Weitzman, David Strauss, floriant, chx, David Rothstein: initial field API patch. More work to be done, but ... oh my!
- Patch #360605 by Berdir: made CVS HEAD compatible with PHP5.3.
#357591 by sun: Add watchdog calls for user cancel operations.
- Patch #362003 by Steven Jones: minor language massaging.
- Patch #195976 by mcarbone: made error message more accurate and more informative.
#357403 by drewish: Make user pictures managed files.
- Patch #201122 by c960657, Moshe Weitzman: never write anonymous sessions, unless something has been written to . This is an important performance improvements -- as long as you use modules that use carefully. It might be good to report some analytics about this in the performance settings page so administrators can see if there is a 'broken' module.
Drupal 6.9
#358021 by drewish: Remove unnecessary indirection of hook_user_X code.
#8 by sun and most of #drupal: Users can now cancel their accounts. Fixing the 8th issue, almost 8 years later, on January 8th, after working 8 days full-time on it. GREAT WORK :D
#169937 by Heine, drumm, alexanderpas, Darren Oh: only regenerate session if the user is the current global user
- Patch #353480 by dereine, justinrandell: remove from hook_comment().
- Patch #352470 by scor: fixed typos and grammar in comments.
- Patch #352054 by catch: convert calls to db_placeholders() in static queries.
- Patch #109588 by fago, cdale: make hook_user use instead of arg(1).
- Patch #349504 by keith.smith: clean up sentence spacing in code comments.
- Patch #330090 by j.somers: avoid duouble escaping.
- Patch #345866 by alexanderpas, justinrandell, Dave Reid: remove from hook_block().
- Patch #169937 by Heine, drumm: user_save should not regenerate the session even when the current user is not the edited user.
- Patch #337820 by Dave Reid, Damien Tournoud, et al: rename menu path 'logout' to 'user/logout'. For real now.
Reverting #337820 once more, as it causes mysterious test failures.
- Patch #337820 by Dave Reid: rename menu path logout to user/logout.
- Patch #280934 by pwolanin, swentel, et al: harden session regeneration. It took a while, but it comes with tests and extra features now.
Reverting #337820 which causes menu tests to fail, unbeknownst to testing bot. Hrm...
#337820 by Dave Reid: Rename menu path 'logout' to 'user/logout' for consistency.
#11077 by mfb, KarenS, macgirvin, and jjkd: Can you say Daylight Savings Time? I bet you didn't think Drupal ever would! :)
#107051 by Dave Reid, gdevlugt, and vladimir.dolgopolov: Remove duplicate names from Who's Online block.
- Rollback of patch #334671 by Steve Dondley: still tests failing.
- Patch #334671 by Steve Dondley: users cannot be assigned to roles or removed from them -- comes with tests. Yay.
- Patch #334030 by justinrandell: replace module_list with module_implements when calling a hook.
- Patch #325665 by chx, Damien Tournoud, justinrandell et al: improved the cache registry lookups.
#315798 by Rob Loach, mfer, Grugnog2, and sun: Add weighting to drupal_add_js().
- Patch #329646 by Damien Tournoud: properly reset user_access().
- Patch #329646 by Damien Tournoud: properly reset user_access().
- Patch #266358 by Rob Loach, mfer: use array in drupal_add_css().
- Patch #199870 by alpritt et al: beter password strength checker. Really cool.
#282405 by Damien Tournoud, lilou, Dave Reid: Enforce coding standard on elseif.
#313213 by maartenvg, Gábor Hojtsy: Add a 'title' attribute for permissions to allow for localization of permission names
#142995 by dopry, drewish, quicksketch, jpetso, and flobruit: Adding hook_file_X(). This is an enabler of lots and lots of goodies. See CHANGELOG.txt for more. Awesome work, guys. :)
Drupal 6.5
Drupal 5.11.
- Patch #310212 by justinrandell, catch, et all: killed in _user hook, as well as two small kittens.
- Patch #305236 by crell: made OpenID work again. We need tests for this.
#259623 by dopry and Damien Tournoud: Convert includes/requires to use absolute paths.
- Patch #305645 by pwolanin: ['REQUEST_TIME'] -> REQUEST_TIME. Improved developer experience.
- Patch #253702 by Damien Tournoud et al: further clean-up of the session handling code.
#308434 by drewish, dopry, quicksketch, aaron, jhedstrom, and friends: Massive file.inc cleanup aaaaaand... tests! Yay! :D
#283026 by Damien Tournoud. Make user_authenticate from external source (for existing users) work with no server part.
#259679 by Damien Tournoud: Fix user/X/edit tab on user tracker page.
- Patch #302763 by Dave Reid, Rob Loach: replace time() by ['REQUEST_TIME'] as per Rasmus' suggestion. Removed drupal_referrer() for consistency.
- Patch #225450 by Crell, chx, bjaspan, catch, swentel, recidive et al: next generation database layer for Drupal 7.
- Patch #265899 by mfb: uri_brief mail token did not support https URLs.
- Patch #265899 by mfb: uri_brief mail token did not support https URLs.
- Patch #265899 by mfb: uri_brief mail token did not support https URLs.
- Patch #237381 by beeradb, flobruit: renamed () parameter from user_save() to .
Drupal 5.10.
- Patch #165642 by Damien Tournoud: error in SQL syntax in user.module.
- Patch #165642 by Damien Tournoud et al: fixed SQL error.
- Patch #218189 by Arancaytar, fago, et al: invoke hook_user before deleting user from database.
- Patch #252013 by Eaton, pwolanin, Susurrus et al: drupal_render() now printes #markup, not #value.
#280934. Make sure session is always regenerated.
Drupal 6.3
- Patch #266488 by Damien Tournoud: cleanup for user_validate_name().
- Patch #270045 by drewish, Susurrus: clean up return values.
- Patch #101543 by webchick: document all constants.
#217957 by yched, quicksketch: header cell removal is broken when headers use colspans (and a little bit of performance improvement)
- Patch #259463 by dmitrig01: notification e-mail for pending user registrations had blank subject line.
- Patch #259463 by dmitrig01: notification e-mail for pending user registrations had blank subject line.
#208888 by jvandyk: set access time when externally authenticated user first logs in Backport by joshk and stevecrozz.
- Patch #73874 by pwolanin: normalize the permissions table and wrote simpletests for the (new) permission handling. At last.
- Patch #221964 by chx, dopry, webernet, moshe, webchick, justinrandall, flobruit et al. Can you say 'registry'? Drupal now maintains an internal registry of all functions or classes in the system, allowing it to lazy-load code files as needed (reducing the amount of code that must be parsed on each request). The list of included files is cached per menu callback for subsequent loading by the menu router. This way, a given page request will have all the code it needs but little else, minimizing time spent parsing unneeded code.
- Patch #227830 by JohnAlbin: link attributes added to l() incorrectly.
- Patch #249546 by pwolanin: rip menu access inheritance -- was already committed to D6.
- Patch #228594 by catch and flobruit: some code clean-up.
- Patch #245115 by kkaefer, John Morahan, JohnAlbin et al: after a long discussion we've decided to make the concatenation operator consistent with the other operators.
- Patch #216072 by recidive, David Rothstein, ptalindstrom et al: switched from numeric block IDs to string IDs.
The short explanation is that Drupal uses a lot of numeric deltas in the block system; blocks are identified by the 'module' and the 'delta'. In early Drupal, delta was numeric, but somewhere along the line it was changed to be possibly a string. In modern Drupal, block overrides are easily done via block-MODULE-DELTA.tpl.php. The primary motivation to switch to string IDs everywhere is to make these deltas friendlier to themers:
block-user-0.tpl.php --> block-user-navigation.tpl.php
block-user-1.tpl.php --> block-user-login.tpl.php
You get the picture.
#244597 by kbahey: remove cruft from user_login(), that added extra message to the form was never used or displayed
- Patch #244597 by drumm: remove login form text as this can now be accomplished using hook form_alter.
Drupal 6.2
#244597 by kbahey: remove cruft from user_login(), that added extra message to the form was never used or displayed
- Patch #228594 by catch et al: removed access rule functionality from core. The access rules capability of user module has been stripped down to a simple method for blocking IP addresses. E-mail and username restrictions are now available in a contributed module. IP address range blocking is no longer supported and should be done at the server level. This patch is partly motiviated by the fact that at the usability testing, it frequently came up that users went to "access rules" when trying to configure their site settings.
- Patch #29706 by pwolanin, solardiz, et al: more secure password hashing.
This is a big and important patch for Drupal's security. We are switching
to much stronger password hashes that are also compatible with the Portable
PHP password hashing framework.
The new password hashes defeat a number of attacks, including:
- The ability to try candidate passwords against multiple hashes at once.
- The ability to use pre-hashed lists of candidate passwords.
- The ability to determine whether two users have the same (or different)
password without actually having to guess one of the passwords.
Also implemented a pluggable password hashing API (similar to how an alternate
cache mechanism can be used) to allow developers to readily substitute an
alternative hashing and authentication scheme.
Thanks all!
- Patch #226501 by webchick: permission descriptions were used incorrectly at admin/user/user.
- Patch #30984 by webchick, keith.smith, kkaefer, Crell et al: provide descriptions for permissions on the permission administration page.
- Patch #181578 by Moshe: removed distributed authentication code from user_save(). Factored the relevant code out to a separate function.
- Patch #181411 by Moshe: use schema API for saving and updating user records.
Remove typo.
#165642 by Bart Jansens. Use a local variable rather than overwriting the global $user.
- Patch #210131 by dvessel, catch, John, et al: updated jQuery library.
#216858 by jvandyk, moshe weitzman: fix plain wrong and misleading user module phpdoc blocks
#215335 by jvandyk: fix user_login_submit() phpdoc
#208888 by jvandyk: set access time when externally authenticated user first logs in
#119038 by ximo, Pancho: user role editing usability: include disabled checkbox for authenticated role
#210211 by chx, theborg: removing the broken admin user search, which would provide the same as the public facing user search anyway
#18954 by kkaefer, Pancho: built-in role names were not translated and some user_roles() call cleanups
#206078 by Pancho, traxer: order roles with system roles first (usability)
#204705 by pwolanin: abort user_save on SQL errors, to avoid data corruption
#207569 by ScoutBaker (minor code style): clean up @see usage in phpdoc blocks
Partial backport of #112715 to fix #124641.
- Patch #204221 by webernet: code style fixes.
#203727 by Arancaytar. More effectively use hook API.
#152497 by bjaspan, with more docs from myself: user_external_login() was not updated to latest login process
#176748 follow up by pwolanin: fix bad breadcrumbs and missing/wrong titles
#191914 by chx: admin check was missing from menu user_register_access()
- Patch #201894 by David Rothstein: fixed typo in user output.
- Patch #203509 by pwolanin, chx, cwgordon7 et al: fixed menu inheritenace.
#203274 by Pasqualle: remove excessive witespace from our code (minor)
#172993 by drewish, Lynn: remove old user picture even when the newly uploaded one uses a different format
- Patch #201894 by David Rothstein: fixed typo in user output.
#199387 by Pancho: revert user login/register/request password page titles to 'User account' as it was in Drupal 5, instead of the bugos 'Log in'
#110474 by dww and keith.smith: passwords are not sent in welcome mails, so do not mislead our users
#200069 by keith.smith: new standard for 'more information' links in module help texts, as the handbook we referred to before was renamed
#131493 by spatz4000, ChrisKennedy, keith.smith: consistent username field description wording in installer and runtime interface
#152497 by JohnAlbin, bdragon, moshe weitzman, chx and myself: several user login tasks, such as session id regeneration were not performed in all cases, so centralize this
#197297 by DanW (as GHOP 17), and keith.smith: clean up lots of help texts, update to drag and drop functionality, drupal.module removal, etc
#198579 by webernet and hswong3i: a huge set of coding style fixes, including: - whitespaces at end of lines - indentation - control structure usage - whitespace in empty lines - phpdoc comment formatting
#194859 by Rob Loach: missing brackets around table names in user.admin.inc
- Patch #163246 by keith smith, freso, O Govinda, catch, webchick et al: fixed minor spelling issues and fixed spacing issues.
#111481 by chx and pwolanin: profile categories may contain slashes, but this was not yet supported by the user object menu loader
- Patch #192110 by profix898: fixed hook_profile_alter API.
#192692 by jrbeeman and mfer: (security) protect profile category page menu items with the visibility settings already available
- Patch #191914 by chx: you cannot add user/register to a menu. Also removed some whitespace.
#25605 by Rob Loach et al: disallow editing user data of uid 0
#165924 by odious. Use accurate count query for user list.
#171117 by JirkaRybka: set access time for admin created or edited accounts so they are exempt from the spam protection we have for accounts never logged in
#171117 by JirkaRybka: set access time for admin created or edited accounts so they are exempt from the spam protection we have for accounts never logged in
#185209 by ChrisKennedy: only provide picture deletion option if there is an actual user picture present
#186903 by marcingy, Rob Loach and chx: (regression) restore my recent posts functionality in tracker
#184729 by hazexp: remove duplicate wording about the username in mail sent out to new users
#176342 by dmhouse, spatz4000 and Wim Leers: add reset parameter to user_access()
#182528 by RobRoy: move drupal_set_message() out of user deletion API function to UI function
#179276 by JirkaRybka: (regression) fix profile field sections to order properly by weight.
#179519 by chx, webchick and Desbeers: fix blog/[uid] to only display posts for that user and also set proper title
#184867 by deekayen, catch and keith.smith: fix some spelling errors in our source code and messages printed
Drupal 5.3
#181088 by fajerstarter, catch and JirkaRybka: rename 'access control' to 'permissions' for usability reasons
- Patch #181284 by killes and chx: performance improvements for user_access().
#179695 by chx: only anonymous users should have permission to visit user/login, so this menu item is automatically hidden when a user is logged in
#167284 by Heine and pwolanin: proper field type placeholders in IN() queries, setting a best practice to avoid vulnerabilities
#172765 follow up patch by pwolanin: fix user path access, which was broken by the user module split
#174270 by kkaefer. Make user filter translatbale.
#168261 by mvc: redirect registered users back to the front page if admin approval is required, so their user account page is not directly accessible after registration
#174440 by kkaefer: properly translatable filter dropdown elements on user admin page
#167284 by Heine and pwolanin. Avoid abusing %s for lists.
#165604 by mvc. Redirect to home page after user registration requiring admin approval.
#172773 by numerous contributors: Make the actions interface usable by mere mortals (including rename of actions.module to trigger, but keeping the actions themselfs). Complete previous history of actions module: - #148410 by jvandyk: added rewrite of the actions module! - #155986 by Uwe: fixed typos. - #155828 by Eaton, pwolanin and jvandyk: let actions live even if actions.module is not turned on
#166742 by Crell and dvessel: split user module (for performance reasons)
#174224 by kkaefer: send user notification email after the user object is updated
#173225 corrective fix: there were two uses of the ip variable, so revert to the original patch
- Patch #173225 by killes: missing ip_address(). Slightly modified by me.
#148677 by pwolanin: set active menu item on 403/404 pages (and on the user page)
- Patch #172765 by webchick and chx: path 'user' returns 403
#172453 by webchick: proper default value for user roles (radios need an int, not an array)
#172455 by chx: a notice and missing form API conversions in user module
#155828 by Eaton, pwolanin and jvandyk: let actions live even if actions.module is not turned on
- Patch #169627 by JirkaRybka: improved logging of mail problems.
- Patch #168028 by dvessler, merlinofchaos, pwolanin et al: both theme functions and templates may need include files. Flush your caches.
- Patch #80951 by killes, yched et al: block caching.
#163191 follow up patch by hswong3i and pwolanin: use a has_rows flag where we dont need a counter
#156796 by webernet, asimmonds and pwolanin: user editing forms cleanup and fixing deletion API remainings
#162050 by dvessel: user_comment() now modifies the comment, although hook_comment() was not intended to modify the comment, so we need to pass it in by reference to get modified
Reverting #163458
#166688 by pwolanin: user_build_content() needs to have the account passed by reference
- Patch #163191 by hswong3i: removed db_num_rows() for compatibility with Oracle and DB2. Also a performance improvement. (Correct version this time.)
- Patch #163191 by hswong3i: removed db_num_rows() for compatibility with Oracle and DB2. Also a performance improvement.
#165358 by John Morahan: do not regenerate the session when the user is saved without a password specified
#165358 by John Morahan. Better check for changed password.
#163458 by heyrocker. Make sure the user object has roles before checking them.
- Patch #161510 by dvessel: tplified user.module.
- Patch #156553 by AjK: fixed E_NOTICE
- Patch #162486 by Eaton: user/%user/edit/foo tabs only appear if additional profile categories have been defined.