- Apr 01, 2008
-
-
Dries Buytaert authored
- Oops, I forgot to add this file to CVS when I committed the secure password hashing patch last night. Mea culpa.
-
- Mar 31, 2008
-
-
Dries Buytaert authored
This is a big and important patch for Drupal's security. We are switching to much stronger password hashes that are also compatible with the Portable PHP password hashing framework. The new password hashes defeat a number of attacks, including: - The ability to try candidate passwords against multiple hashes at once. - The ability to use pre-hashed lists of candidate passwords. - The ability to determine whether two users have the same (or different) password without actually having to guess one of the passwords. Also implemented a pluggable password hashing API (similar to how an alternate cache mechanism can be used) to allow developers to readily substitute an alternative hashing and authentication scheme. Thanks all!
-
Dries Buytaert authored
- Patch #239958 by Steve Dondley: make the explicit cache clearing functionality reload the theme's .info file. (We're back from a vacation in the French Alpes, BTW! Time to catch up with patches.)
-
- Mar 25, 2008
-
-
Dries Buytaert authored
-
- Mar 21, 2008
-
-
Dries Buytaert authored
-
- Mar 19, 2008
-
-
Dries Buytaert authored
-
- Mar 17, 2008
-
-
Dries Buytaert authored
-
- Mar 15, 2008
-
-
Dries Buytaert authored
-
Dries Buytaert authored
- Patch #234403 by alienbrain: drupal_mail_send() should use CRLFs instead of LFs in e-mail headers.
-
Dries Buytaert authored
-
- Mar 14, 2008
-
-
Dries Buytaert authored
-
- Feb 23, 2008
-
-
Dries Buytaert authored
-
Dries Buytaert authored
-
- Feb 21, 2008
-
-
Dries Buytaert authored
-
- Feb 20, 2008
-
-
Dries Buytaert authored
-
Dries Buytaert authored
-
- Feb 18, 2008
-
-
Dries Buytaert authored
-
Dries Buytaert authored
- Patch #196862 by earnie et al: make drupal_lookup_path() a tad faster by eliminating an SQL query.
-
- Feb 17, 2008
-
-
Dries Buytaert authored
-
Dries Buytaert authored
-
Dries Buytaert authored
-
Dries Buytaert authored
- Patch #212918 by pwolanin: enable MySQL's ANSI-mode. We can chose to disable this when we ship Drupal 7, but it is really helpful during the development cycle.
-
Dries Buytaert authored
-
- Feb 14, 2008
-
-
Dries Buytaert authored
-
- Feb 12, 2008
-
-
Dries Buytaert authored
- Patch #216059 by nedjo, theborg, karens, goba, webchick et al: AHAH triggered by text input enter key press breaks autocomplete.
-
Dries Buytaert authored
- Patch #217803 by csevb10 and senpai: uninstall system does not correctly remove dynamic menu items when a module is deleted.
-
- Feb 10, 2008
-
-
Dries Buytaert authored
- Patch #215858 by pwolanin, goba, catch et al: localized menu link data getting saved back to the database.
-
Dries Buytaert authored
-
Dries Buytaert authored
- Patch #209240 by saxofaan, mike stewart, gopherspidey: fixed installation problem with multi-site setups.
-
Dries Buytaert authored
- Patch #184926 by Rob and brightloudnoise: improved usability of status message when site is offline.
-
Dries Buytaert authored
- Patch #211979 by chx, theborg, pwolanin, et al: menu items show no matter where their parent is found.
-
- Feb 08, 2008
-
-
Dries Buytaert authored
- Patch #218054 by Arancaytar: _db_create_field_sql has precision and scale arguments in wrong order.
-
- Feb 06, 2008
-
-
Dries Buytaert authored
-
Dries Buytaert authored
-
Dries Buytaert authored
-
- Feb 04, 2008
-
-
Gábor Hojtsy authored
#215858 by pwolanin: localized menu options were saved into the database, avoid this by using different variable names / array keys
-
Gábor Hojtsy authored
-
- Feb 03, 2008
-
-
Gábor Hojtsy authored
-
- Jan 30, 2008
-
-
Gábor Hojtsy authored
-
Gábor Hojtsy authored
-