- Apr 02, 2008
-
-
Dries Buytaert authored
- Patch #241629 by solotandem: the cron.php query left an extra row in the watchdog table due to a off-by-one error.
-
- Apr 01, 2008
-
-
Dries Buytaert authored
-
Dries Buytaert authored
- Patch #241021 by keith.smith: we forgot to remove a reference to the 'story' node type. It was renamed to 'article'.
-
Dries Buytaert authored
- Patch #238528 by misamuelson, approved by Stefan: disabled menu items should not be opaque for usability.
-
Dries Buytaert authored
-
Dries Buytaert authored
- Oops, I forgot to add this file to CVS when I committed the secure password hashing patch last night. Mea culpa.
-
- Mar 31, 2008
-
-
Dries Buytaert authored
This is a big and important patch for Drupal's security. We are switching to much stronger password hashes that are also compatible with the Portable PHP password hashing framework. The new password hashes defeat a number of attacks, including: - The ability to try candidate passwords against multiple hashes at once. - The ability to use pre-hashed lists of candidate passwords. - The ability to determine whether two users have the same (or different) password without actually having to guess one of the passwords. Also implemented a pluggable password hashing API (similar to how an alternate cache mechanism can be used) to allow developers to readily substitute an alternative hashing and authentication scheme. Thanks all!
-
Dries Buytaert authored
-
Dries Buytaert authored
- Patch #239958 by Steve Dondley: make the explicit cache clearing functionality reload the theme's .info file. (We're back from a vacation in the French Alpes, BTW! Time to catch up with patches.)
-
- Mar 27, 2008
-
-
Dries Buytaert authored
-
- Mar 25, 2008
-
-
Dries Buytaert authored
-
Dries Buytaert authored
-
- Mar 23, 2008
-
-
Dries Buytaert authored
-
Dries Buytaert authored
-
Dries Buytaert authored
-
- Mar 21, 2008
-
-
Dries Buytaert authored
-
Dries Buytaert authored
- Patch #235821 by kbahey and pwolanin: include upgrade path for cron changes, improved security of key.
-
Dries Buytaert authored
- Patch #232037 by pwolanin and flobruit: block_list() renders all blocks even on 404. Refactored the code a bit so ithere is a split between loading and rendering of blocks. By doing so, we are no longer forced to render _all_ blocks if we know they won't be shown. There is more room for improvement here, I believe, but this is an incremental improvement.
-
Dries Buytaert authored
-
- Mar 19, 2008
-
-
Dries Buytaert authored
-
Dries Buytaert authored
-
Dries Buytaert authored
-
- Mar 17, 2008
-
-
Dries Buytaert authored
-
Dries Buytaert authored
-
- Mar 15, 2008
-
-
Dries Buytaert authored
-
Dries Buytaert authored
-
Dries Buytaert authored
- Patch #234403 by alienbrain: drupal_mail_send() should use CRLFs instead of LFs in e-mail headers.
-
Dries Buytaert authored
-
- Mar 14, 2008
-
-
Dries Buytaert authored
-
Dries Buytaert authored
-
- Mar 13, 2008
-
-
Dries Buytaert authored
-
Dries Buytaert authored
-
- Mar 11, 2008
-
-
Dries Buytaert authored
-
Dries Buytaert authored
-
- Mar 10, 2008
-
-
Dries Buytaert authored
-
Dries Buytaert authored
-
Dries Buytaert authored
- Patch #197765 by boydjd et al: renamed 'story' to 'article' -- further backed by usability testing at UoM.
-
- Mar 02, 2008
-
-
Dries Buytaert authored
-
- Feb 23, 2008
-
-
Dries Buytaert authored
-
Dries Buytaert authored
-