- Apr 02, 2008
-
-
Dries Buytaert authored
- Patch #241629 by solotandem: the cron.php query left an extra row in the watchdog table due to a off-by-one error.
-
- Apr 01, 2008
-
-
Dries Buytaert authored
-
Dries Buytaert authored
- Patch #241021 by keith.smith: we forgot to remove a reference to the 'story' node type. It was renamed to 'article'.
-
- Mar 31, 2008
-
-
Dries Buytaert authored
This is a big and important patch for Drupal's security. We are switching to much stronger password hashes that are also compatible with the Portable PHP password hashing framework. The new password hashes defeat a number of attacks, including: - The ability to try candidate passwords against multiple hashes at once. - The ability to use pre-hashed lists of candidate passwords. - The ability to determine whether two users have the same (or different) password without actually having to guess one of the passwords. Also implemented a pluggable password hashing API (similar to how an alternate cache mechanism can be used) to allow developers to readily substitute an alternative hashing and authentication scheme. Thanks all!
-
Dries Buytaert authored
-
- Mar 27, 2008
-
-
Dries Buytaert authored
-
- Mar 25, 2008
-
-
Dries Buytaert authored
-
- Mar 23, 2008
-
-
Dries Buytaert authored
-
Dries Buytaert authored
-
- Mar 21, 2008
-
-
Dries Buytaert authored
- Patch #235821 by kbahey and pwolanin: include upgrade path for cron changes, improved security of key.
-
Dries Buytaert authored
- Patch #232037 by pwolanin and flobruit: block_list() renders all blocks even on 404. Refactored the code a bit so ithere is a split between loading and rendering of blocks. By doing so, we are no longer forced to render _all_ blocks if we know they won't be shown. There is more room for improvement here, I believe, but this is an incremental improvement.
-
- Mar 19, 2008
-
-
Dries Buytaert authored
-
- Mar 17, 2008
-
-
Dries Buytaert authored
-
- Mar 15, 2008
-
-
Dries Buytaert authored
-
- Mar 14, 2008
-
-
Dries Buytaert authored
-
Dries Buytaert authored
-
- Mar 13, 2008
-
-
Dries Buytaert authored
-
- Mar 11, 2008
-
-
Dries Buytaert authored
-
Dries Buytaert authored
-
- Mar 10, 2008
-
-
Dries Buytaert authored
-
- Mar 02, 2008
-
-
Dries Buytaert authored
-
- Feb 23, 2008
-
-
Dries Buytaert authored
-
Dries Buytaert authored
-
- Feb 21, 2008
-
-
Dries Buytaert authored
- Patch #81931 by webchick et al: made the recent comments block configurable. Somme minor changes by me.
-
- Feb 20, 2008
-
-
Dries Buytaert authored
-
Dries Buytaert authored
- Patch #30984 by webchick, keith.smith, kkaefer, Crell et al: provide descriptions for permissions on the permission administration page.
-
- Feb 19, 2008
-
-
Dries Buytaert authored
- Patch #222183 by Gabor and Keith: make the input formats reorderable as a first step towards better input format handling, and ultimately, good WYSIWYIG support.
-
- Feb 18, 2008
-
-
Dries Buytaert authored
- Patch #181578 by Moshe: removed distributed authentication code from user_save(). Factored the relevant code out to a separate function.
-
Dries Buytaert authored
-
Dries Buytaert authored
-
Dries Buytaert authored
-
Dries Buytaert authored
-
- Feb 17, 2008
-
-
Dries Buytaert authored
-
Dries Buytaert authored
-
- Feb 14, 2008
-
-
Dries Buytaert authored
-
Dries Buytaert authored
-
Dries Buytaert authored
-
Dries Buytaert authored
-
- Feb 12, 2008
-
-
Dries Buytaert authored
-
Dries Buytaert authored
-