1. 11 Oct, 2000 2 commits
  2. 05 Oct, 2000 1 commit
  3. 02 Oct, 2000 1 commit
    • Dries's avatar
      · e7019c25
      Dries authored
      - improved the user information page.
      - improved the story submission page.
      - fixed comments score bug: '.00' --> 'x.00'
      - tried fixing the calendar wrapping - UnConeD, is it fixed now?
      - provided a link back to the submission queue after having voted
        for a story.
      - fixed comment subject bug (and security flaw) by replacing
        quotes by ".
      - updated theme 'zaphod': fixed 2 bugs.
      - updated theme 'marvin': fixed 1 bug and improved the layout so
        things wrap (hopefully) better in Windows.
      - comments have by default no subject pre-set - if no subject is
        provided, the user is warned and when a comment eventually got
        submitted without a subject, a subject is composed using the x
        first characters of the comment's body.
      - improved comments on submit.php
      - corrected a typo in the FAQ.
      - replace 'article.php' by 'discussion.php'
      - comment() still uses old references to account.php: the
        parameters you supply to account.php does no longer hold.
        You have to update those links to the new syntax.
      - commentcontrol() is outdated - copy paste the one of
        theme 'marvin' and adjust it to your likings.
  4. 26 Sep, 2000 1 commit
    • Dries's avatar
      I just commit everything what was queued in my backlog: · 5fc99970
      Dries authored
      - Added a basic implementation of comment moderation
      - Updated and renamed my 2 themes: I removed redundant boxes and tried to
        work towards simplicity.
      - Disabled the other themes as they are broken (I gave you sufficent time
        to update them).
      - Removed redundant files.
      - Added security checks with regard to the usage of HTML tags.
  5. 11 Sep, 2000 1 commit
    • Dries's avatar
      · 1f0a87f4
      Dries authored
      Over the last 2 days I redid and reorganized an afwul lot of code and
      made quite a lot of additions.   The most remarkable addition is the
      diary server, which I slapped together in less then 40 minutes.   Most
      of the other changes are however `unvisible' for the user but add much
      value to a better maintainability from a developer's objective.  Like
      always, I fixed quite a number of small bugs that creeped into the code
      so we should have a bigger, better and more stable drop.org.
      Unfortunatly, some theme update _are_ required:
      * use format_username() where usernames are used
      * use format_date() where timestamps/dates are used
      * use format_email() where e-mail addresses are displayed
      * use format_url() where url are displayed
      * replace 'formatTimestamp' with format_date
      * replace 'morelink_*' with 'display_morelink'
      [most of these functions are in function.inc or template.inc]
      ___PLEASE___ (<- this should get your attention ;) update your themes
      as soon as possible - it only takes 30 min. to get in sync with the
      other themes.  Don't start whining about the fact you don't know what
      to change ... either eat the source cookie, or ask me to elaborate on
      a few changes.  Just let me know what's puzzling you and I'll try to
      help you out!
      * Add checks for max. text length in textarea's?  Is there an HMTL
        attribute for this or ...?
      * Comment moderation + mojo
      * Edit/admin user accounts: block, delete, change permissions, ...
      * E-mail password, change password, change e-mail address -> extra
        checks and routines to validate such `special' changes.
      * Input checking - input filter: bad words, html tags, ...
  6. 22 Jun, 2000 1 commit
    • Dries's avatar
      · 9a0689a9
      Dries authored
      * Added extra PHP variables to .htaccess as discussed earlier this week.
  7. 05 Jun, 2000 1 commit
    • Dries's avatar
      · 467817f9
      Dries authored
      * Enhancement: protect the themes/-directory (and subdirectory) from
        prying eyes.
  8. 03 Jun, 2000 1 commit
  9. 01 Jun, 2000 1 commit
    • Dries's avatar
      · fbfb8281
      Dries authored
      * The CVS directories (automatically created by the CVS repository) can no
        longer be accessed from the web.  Let's keep lurking eyes out. ;)
      * I'm still idling (except for these kind of tidbits) until Natrak commited
        the new user system.  *evil grin*
  10. 29 May, 2000 2 commits
    • Dries's avatar
      sorry - small typoe · fd13be20
      Dries authored
    • Dries's avatar
      · ff18c8e1
      Dries authored
      Fixed a security flaw:
      .inc files can be read from the web including `config.inc' which contains
      the account information (login, password) to the MySQL database.  Apache
      has now been setup to deny access to all *.inc files from the web.
  11. 28 May, 2000 1 commit