- Dec 10, 2008
-
-
Neil Drumm authored
-
Neil Drumm authored
#299582 by hass: Remove outdated items from robots.txt and fix ordering of items to make stuff easier to find.
-
Neil Drumm authored
#28776 by Uwe Hermann, Morbus Iff, jvandyk: Protect *.test files and SVN metafiles from being exposed under Drupal
-
Neil Drumm authored
#324875 by pwolanin: improve HTTP_HOST checking, ensuring that the host is lowercased and only valid characters are allowed.
-
Neil Drumm authored
#280934 follow up by pwolanin: harden the cookie handling in sess_regenerate() by setting our session cookie to be an HTTP only cookie, thus reducing the risk of session stealing via XSS
-
- Dec 05, 2008
-
-
Dries Buytaert authored
-
- Dec 03, 2008
-
-
Neil Drumm authored
#195161 by mcarbone with some modifications: only show 'login to post comments' if logging in actually lets you post comments. Backport by salvis.
-
- Nov 15, 2008
-
-
Neil Drumm authored
Last commit was actually: #213699 reported by gpk, patch by c960657: Race condition in sess_write() caused duplicate entry errors in the sessions table, fix that.
-
Neil Drumm authored
-
Neil Drumm authored
-
Neil Drumm authored
-
- Nov 13, 2008
-
-
Neil Drumm authored
#293612 by egfrith, Bart Jansens: let user_authenticate() be called without cookies previously set; allows web service modules to start a session with the authentication.
-
Neil Drumm authored
-
- Nov 02, 2008
-
-
Neil Drumm authored
-
- Oct 22, 2008
-
-
Neil Drumm authored
-
Neil Drumm authored
-
- Oct 08, 2008
-
-
Neil Drumm authored
-
Neil Drumm authored
-
- Oct 05, 2008
-
-
Neil Drumm authored
#312730 by Damien Tournoud. hook_requirements('install') should work for modules that don't reside in the main './modules' folder.
-
Neil Drumm authored
#67895 patch by goba, tested by JirkaRybka and blackdog: move poll votes with poll options, when an option is removed, instead of dropping all old votes, solving an old data loss bug. Backport by dww.
-
- Oct 01, 2008
-
-
Neil Drumm authored
-
Neil Drumm authored
#208270 reported by Dries, patch by jvandyk: it was not possible to clear the XML-RPC error cache, making it impossible to do multiple queries in one request. Add xmlrpc_clear_error() and slightly modify xmlrpc_error() to fix.
-
- Sep 17, 2008
-
-
Neil Drumm authored
follow up to #280621 by lilou: the object tag was disallowed in a previous version in filter_xss_admin(), so disallow param as well, which is only meaningful inside an object tag
-
- Sep 15, 2008
-
-
Neil Drumm authored
- Patch #230932 by ryanlath: file_scan_directory() didn't scan the directory called '0'. Backport by cridenour.
-
Neil Drumm authored
-
Neil Drumm authored
-
Neil Drumm authored
#283026 by Damien Tournoud. Make user_authenticate from external source (for existing users) work with no server part.
-
Neil Drumm authored
-
Neil Drumm authored
- Patch #246143 by bjaspan, Damien Tournoud: make sure updates are run in numeric order, not in definition order.
-
- Aug 27, 2008
-
-
Neil Drumm authored
-
- Aug 24, 2008
-
-
Neil Drumm authored
-
- Aug 17, 2008
-
-
Dries Buytaert authored
-
- Aug 14, 2008
-
-
Neil Drumm authored
-
- Aug 13, 2008
-
-
Neil Drumm authored
-
Neil Drumm authored
-
Neil Drumm authored
#272636 by evolvingweb, dvessel: add 'js' class to html tag in drupal.js instead of overwriting all its classes with 'js'. Backport by sun.
-
Neil Drumm authored
-
Neil Drumm authored
Patch #254725 by Steve Dondley and BioALIEN: maxlength field for 'allowed HTML tags' is too short. Backport by scor.
-
Neil Drumm authored
-
- Aug 04, 2008
-
-
Neil Drumm authored
#117748 by webchick, Pancho, Rob Loach, pwolanin: required field values were not properly trim()ed on validation
-