1. 26 Oct, 2008 1 commit
  2. 19 Oct, 2008 1 commit
  3. 12 Oct, 2008 1 commit
  4. 09 Oct, 2008 2 commits
  5. 06 Oct, 2008 1 commit
  6. 21 Sep, 2008 1 commit
  7. 20 Sep, 2008 1 commit
  8. 17 Sep, 2008 1 commit
  9. 15 Sep, 2008 2 commits
  10. 08 Sep, 2008 1 commit
  11. 06 Sep, 2008 1 commit
  12. 21 Aug, 2008 1 commit
  13. 17 Aug, 2008 1 commit
  14. 14 Aug, 2008 1 commit
  15. 08 Aug, 2008 1 commit
  16. 02 Aug, 2008 1 commit
  17. 16 Jul, 2008 1 commit
  18. 27 Jun, 2008 1 commit
  19. 18 Jun, 2008 1 commit
  20. 26 May, 2008 1 commit
  21. 17 May, 2008 1 commit
  22. 07 May, 2008 1 commit
  23. 06 May, 2008 1 commit
    • Dries's avatar
      - Patch #221964 by chx, dopry, webernet, moshe, webchick, justinrandall, flobruit · 2e18cb89
      Dries authored
        et al.  Can you say 'registry'?  Drupal now maintains an internal registry of
        all functions or classes in the system, allowing it to lazy-load code files as
        needed (reducing the amount of code that must be parsed on each request). The
        list of included files is cached per menu callback for subsequent loading by
        the menu router. This way, a given page request will have all the code it needs
        but little else, minimizing time spent parsing unneeded code.
      2e18cb89
  24. 02 May, 2008 1 commit
  25. 23 Apr, 2008 1 commit
  26. 19 Apr, 2008 1 commit
  27. 14 Apr, 2008 1 commit
  28. 10 Apr, 2008 2 commits
    • Dries's avatar
      - Patch #216072 by recidive, David Rothstein, ptalindstrom et al: switched... · 79b016d9
      Dries authored
      - Patch #216072 by recidive, David Rothstein, ptalindstrom et al: switched from numeric block IDs to string IDs.
      
        The short explanation is that Drupal uses a lot of numeric deltas in the block system; blocks are identified by the 'module' and the 'delta'. In early Drupal, delta was numeric, but somewhere along the line it was changed to be possibly a string. In modern Drupal, block overrides are easily done via block-MODULE-DELTA.tpl.php.  The primary motivation to switch to string IDs everywhere is to make these deltas friendlier to themers:
      
          block-user-0.tpl.php --> block-user-navigation.tpl.php
          block-user-1.tpl.php --> block-user-login.tpl.php
      
        You get the picture.
      79b016d9
    • Dries's avatar
      - Patch #244597 by drumm: remove login form text as this can now be... · 1dc36aa3
      Dries authored
      - Patch #244597 by drumm: remove login form text as this can now be accomplished using hook form_alter.
      1dc36aa3
  29. 08 Apr, 2008 1 commit
    • Dries's avatar
      - Patch #228594 by catch et al: removed access rule functionality from core. · 08aa2322
      Dries authored
        The access rules capability of user module has been stripped down to a
        simple method for blocking IP addresses. E-mail and username restrictions
        are now available in a contributed module. IP address range blocking is
        no longer supported and should be done at the server level.
      
        This patch is partly motiviated by the fact that at the usability testing,
        it frequently came up that users went to "access rules" when trying to
        configure their site settings.
      08aa2322
  30. 31 Mar, 2008 1 commit
    • Dries's avatar
      - Patch #29706 by pwolanin, solardiz, et al: more secure password hashing. · ed59911f
      Dries authored
        This is a big and important patch for Drupal's security.  We are switching
        to much stronger password hashes that are also compatible with the Portable
        PHP password hashing framework.
      
        The new password hashes defeat a number of attacks, including:
      
        - The ability to try candidate passwords against multiple hashes at once.
        - The ability to use pre-hashed lists of candidate passwords.
        - The ability to determine whether two users have the same (or different)
          password without actually having to guess one of the passwords.
      
        Also implemented a pluggable password hashing API (similar to how an alternate
        cache mechanism can be used) to allow developers to readily substitute an
        alternative hashing and authentication scheme.
      
        Thanks all!
      ed59911f
  31. 19 Mar, 2008 1 commit
  32. 20 Feb, 2008 1 commit
  33. 18 Feb, 2008 2 commits
  34. 06 Feb, 2008 1 commit
  35. 03 Feb, 2008 1 commit
  36. 29 Jan, 2008 1 commit