- Changed the authentication and login scheme as discussed on the mailing
  list.
- Fixed the export function in book.module (patch my Julian).
- Fixed the comment alignment (comments got truncated).

system.module
- made the words used in passwords configurable thru the admin interface.

Extremely large commit:

- Fixed tiny quote problem in account.php.

- Fixed tiny bug in comment.inc.

- Fixed tiny bug in comment.module.

- Fixed tiny bug in meta.module.

- Simplified user_access() API.

- Rewrote link system: still needs fine-tuning and testing so don't
  upgrade if you are running a production site. ;)

  Updated all modules and themes to reflect this change.  All other
  themes and modules need updating too!

- Made it possible to enter longer username such as 'Gerhard K*llesreit'.

- Updated database.mysql.

- Added a brand-new access.module which allows you to manage 'roles'
  (groups) and 'permissions' ... (inspired by Zope's system).

    + Once installed, click the help-link for more information.

    + See updates/2.00-to-x.xx.sql for the SQL updates.

- Modified loads of code to use our new access.module.  The system
  still has to mature though: new permissions have to be added and
  existing permissions need stream-lining.  Awaiting suggestions.

- As a direct result of the new access system, I had to rewrite the
  way the top-level links in admin.php are rendered and displayed,
  and xhtml-ified admin.php while I was at it.

TODO

- Home-brewed modules need updating, home-brewed themes not.
  (Examples: file.module, trip_link.module)

- As soon we *finished* the refactoring of the user system (KJ has
  been working on this refactoring already) we should consider to
  embed this role and permission code into account.module ...

- Made it so that usernames can contain spaces.  Like that, people can
  use their full name as their username.

- Moved account_password() and account_validate() to user.inc.
- Greatly reduced the number of SQL calls in account_save() when editing an
  account. Now uses one db_query() call instead of 1 + (2 * # of access
  granted).
- Fixed access not being saved when account was added.
- Should now be possible to edit and add accounts. There were certain bugs
  before that would cause odd errors.

- Improved the rating module: made it possible to define "weights"
  for the different content types.  These weights are used when
  calculating each user's gravity.  This is a required step before
  we can even think of "nodifying" the diary or headline module.

- Polished a bit more on the other modules' crons.

- Tidied up the field_get() API and improved the implementation of
  both field_set() and field_get().

- Removed the "history"-field from the SQL table "users" and added
  this information to the "users"-field in both nodes and comments.
  This database/table change reduces the number of SQL queries and
  makes Drupal scale better where a lot of voting/moderation takes
  place.  Last but not least it can be considered a new and better
  foundation for future moderation metrics / algorithms.  In other
  words: it is plain better.

    --> oops, all voting/moderation results will be lost!
    --> requires database update, see "2.00-to-x.xx.sql"!

- Updated database/database.mysql

- small fine-tuning

- small update to gravity

- a bunch of various updates

- various smaller improvements

Commiting my work of last Sunday:

 - removed ban.inc and ban.module and integrated it in account.module
   under the name "access control" --> the ban code was not really up
   to standard so this has now been dealt with.  This refactoring and
   reintegration cuts down the code size with 100 lines too.  :-)
   (The ban.module code was really old and it showed.)

 - added node.module and made the other modules reuse some of this
   code --> cut down the code size of modules by at least 100 lines
   and adds stability.

 - added a status() function to admin.php to display a conform status
   message where appropriate.  See admin.php for usage.

 - removed $theme->control() and made comments.inc handle this itself
   wrapped in a $theme->box().  No need to clutter the themes with
   such complexity --> updated all themes already. :-)

 - some small visual changes to some administration pages to be more
   consistent across different modules.

- fixed "you-have-to-logout-and-login-before-permissions-change" bug
  (reported by UnConeD)
- added "add node" link to book selection box and made it display the
  current location
- removed tabs and whitespaces from themes - done automatically

Flushing my backlog (in case Natrak wants to make more changes):

 - tidied up some of the code
 - fixed a small problems

- applied David Norman's patch to turn all <?'s into fully qualified
  <?php's.

- added fine-grained user permission system which allows us to give
  certain users access to specific administration sections only.
    Ex. a FAQ maintainer can only edit the FAQ, and members of an
        "editorial board" can only edit comments, diaries and
         stories, ..
- code review => rewrote include/user.inc which is much easier now
- fixed 4 small bugs

- small fix for 4.0.4

- removed redundant spaces

I know, I know, it is getting nasty lately but I have another large commit after nothing but code.

This time I redid the "category"-stuff.  Categories - from now on called sections - are now maintained from the admin pages, can have their own post, dump and timout thresholds as discussed earlier (some weeks ago).  By tomorrow evening users will be able to enable or disable section as well - i.e. to customize the content of drop.org.

- here a bunch of changes to make "drupal" (for now) work with PHP 4.0.4
- tidied up some of the code and mainly working on the documentation

- improved web interface of cron module.

- improved web interface of account module.

- added simple permission system with both administrators
  and regular users. It can be made more fine-grained but
  it will do for now.

- various small enhancements to the other modules, but
  nothing big.

- large batch of updated files featuring various changes: big, small and
  new stuff!

Another batch with a lot of internal updates, yet no visual changes to the
site:

- watchdog (rewrite):
   + the collected information provides more details and insights
     for post-mortem research
   + input limitation
- database abstraction layer:
   + mysql errors are now verbose and is no longer displayed in a
     browser - fixes a possible security risk
- admin.php:
   + updated watchdog page
   + fixed security flaw
- diary.php:
   + fixed nl2br problem
- themes:
   + fixed comment bug in all 3 themes.
- misc:
   + renamed some global variables for sake of consistency:
      $sitename  -->  $site_name
      $siteurl   -->  $site_url
   + added input check where (a) exploitable and (b) possible
   + added input size check
   + various small improvements
   + fixed various typoes

... and much, much more in fact.

A big, fat commit with a shitload of internal changes.  Not that much
visual changes:

- removed redundant files user.class.php, calendar.class.php
  and backend.class.php.
- converted *all* mysql queries to queries supported by the
  database abstraction layer.
- expanded the watchdog to record more information on what
  actually happened.
- bugfix: anonymous readers where not able to view comments.
- bugfix: anonymous readers could gain read-only access to
  the submission queue.
- bugfix: invalid includes in backend.php
- bugfix: invalid use of '$user->block'

and last but not least:

- redid 50% of the user account system

structure changes, some sections are expanded.  Take a look at the source
code or ask me to elaborate on certain issues/topics.

Over the last 2 days I redid and reorganized an afwul lot of code and
made quite a lot of additions.   The most remarkable addition is the
diary server, which I slapped together in less then 40 minutes.   Most
of the other changes are however `unvisible' for the user but add much
value to a better maintainability from a developer's objective.  Like
always, I fixed quite a number of small bugs that creeped into the code
so we should have a bigger, better and more stable drop.org.

Unfortunatly, some theme update _are_ required:


REQUIRED THEME UPDATES:
=======================

* use format_username() where usernames are used
* use format_date() where timestamps/dates are used
* use format_email() where e-mail addresses are displayed
* use format_url() where url are displayed
* replace 'formatTimestamp' with format_date
* replace 'morelink_*' with 'display_morelink'

[most of these functions are in function.inc or template.inc]

___PLEASE___ (<- this should get your attention ;) update your themes
as soon as possible - it only takes 30 min. to get in sync with the
other themes.  Don't start whining about the fact you don't know what
to change ... either eat the source cookie, or ask me to elaborate on
a few changes.  Just let me know what's puzzling you and I'll try to
help you out!


TODO LIST FOR NEXT WEEK
=======================
* Add checks for max. text length in textarea's?  Is there an HMTL
  attribute for this or ...?
* Comment moderation + mojo
* Edit/admin user accounts: block, delete, change permissions, ...
* E-mail password, change password, change e-mail address -> extra
  checks and routines to validate such `special' changes.
* Input checking - input filter: bad words, html tags, ...

* Added more and better error checking which should fix 'potential'
  bugs or weird behavior in case something goes wrong.  We aim for
  something that is rock-solid, right? :-)

* Integrated the database abstraction layer into the account pages.  One
  reason for doing so is because the database abstraction layer provides
  build-in error checking and a debug mode for easy development.

Here we go again with a rather large commit:
fixed a lot of annoying bugs and boxed whatever there was left to be boxed.

 * user.class.php: renamed $user->update() to $user->rehash().
 * user.class.php: fixed a typical quote-bug in $user->rehash().
 * functions.inc: fixed bug in displayOldHeadlines().
 * functions.inc: improved several functions.
 * account.php: fixed major bug in showUser().
 * account.php: added some extra words to the human-readable
                password-generator(tm).
 * account.php: boxed ALL functions! Fieuw!
 * submit.php: add some general information and guidlines on how to
               post submissions.
 * config.inc: re-thought the categories to be more generic.
 * submission.php: minor changes
 * search.pph: fixed minor bug with the author's names.

Woops.  I have an exam within 4 hours: back to my books. ;-)

--------------------------------------------------------------------

 * Anyone could check sumbit.php, sumbission.php and faq.php for
   typoes?
 * Anyone could adjust calendar.class.php to fit IE?  *huh*huh*
 * Don't be scared to hack along (see below)!  I'll be working on
   the submissions and comments.

--------------------------------------------------------------------

Status of drop v0.10:
(make the system erational' and release it.)

  - submissions:
      submission queue         (75% complete)
      submission moderation    (75% complete)
  - comments:
      comment moderation       ( 0% complete)
      comment administration   ( 0% complete)
      fixup timestamp mess     ( 0% complete)
  - user system:
      mail password            ( 0% complete)
      user administation       (50% complete)
      patch admin.php          ( 0% complete)
      account confirmation     ( 0% complete)
      e-mail confimation upon modification of e-mail address
                               ( 0% complete)
  - proper handling of forms: text2html, html2text
      html2txt, txt2html       (10% complete)
      bad-word filter          (80% complete)
      automatic link detection ( 0% complete)
      allowed HTML-tag checker ( 0% complete)
  - FAQ:
      cleanup, disclaimer      (50% complete)
  - theme:
      box everything          (100% complete)

Hoeray!  I have a first core version of submission moderation up and
running.  This means people can submit stories, and moderators can
moderate stories.  When a submission reaches a certain positive
threshold (currently set to 2) the submission becomes a story and up
it goes.   If a submission reaches a certain negative threshold
(currently set to -2) the submission is dumped.

The fact this is all done by our visitors (without our intervention)
makes it truly spiffy imho.  The website can live a life on it's own,
fed by the visitors.

Beware, a lot of work need to be done though ... it's just a first
basic implementation with the core functionality.  There are quite
a lot of things that I'll need to change, extend and improve.  But
comments, suggestions and ideas are - as always - welcomed.

Please read this log message carefully!  It features quite a lot of
important information.

To test the moderation, log in, select theme 'Dries' (the other themes
need a small update) and head by clicking the one and only 'submission
moderation' link.  Don't be afraid to submit lame/funny/useless
stories for testing purpose ... as soon we go public, we'll wipe out
the story database.  ;-)


WHAT'S NEW?
-----------
* Added 2 new operations to user.class.php to set and retrieve the
  user's "history".  Very evil but required to avoid people voting
  twice.
* Moved dbsave() from account.php to functions.php.  In addition, I
  added a new function to user.class.php called `save()' that ...
  well, saves the object back to the database.  It's (IMHO) a better
  approach compared to dbsave(): it keeps things organized. ;-)


BUGFIXES:
---------
* Fixed a (heavy) memory leak in the constructor of user.class.php:
  mysql_fetch_array() returns an _associative_ array which made the
  constructor `pollute' the object with a lot of useless variables.
* Fixed the slash-problem on the account pages. :-)
* Fixed UnConeD's theme glitch, alas the warning.
* Fixed the e-mail address not showing in the confirmation email
  (upon registration).
* Fixed the typical quote and backslash problems in submit.php.
* submit.php now uses the database abstraction layer.

IMPORTANT:
----------
* You can check the new submission system at:
    http://beta.drop.org/submission.php
  or by following the `submission moderation' link from my theme.
* UnConeD, Jeroen: you'll need to update your themes to take
  advantage of the new function: displayAccount().  This function
  will display the `submission moderation' link when a user is
  logged on.
* Natrak: you might want to apply the patches in user.class.php
  on the other sites using the same user-system.

Updates:
 * Various small changes to account.php including a SQL table movement:
   'testusers' -> 'users'.  As a result, user.class.php and article.php
   needed patching as well.  Hopefully I didn't break anyting.  ;o)