GitLab

- Emit charset for blogapi RSD

  (Untested because the admin/settings page doesn't work yet.)

  TODO:
  + The contact.module was broken; a new patch for contact.module is needed.
  + Documentation is needed.
  + The most important modules need to be updated ASAP.

  to validate other form submissions, not just comments. Two new functions
  are introduced, form_token() and form_validate(). The first function uses
  a private key and a public key to set a token in a hidden field. The second
  function validates the token. The comment and contect module are updated to
  use these functions.

- Patch #29030 by Goba, chx, Jose, et al: reworked the URL rewrite hook so URLs can be rewritten dynamically.

  Comment from Steven: It does this by redirecting the submission of the form to a hidden <iframe> when you click "Attach" (we cannot submit data through Ajax directly because you cannot read file contents from JS for security reasons).  Once the file is submitted, the upload-section of the form is updated.  Things to note:

    * The feature degrades back to the current behaviour without JS.
    * If there are errors with the uploaded file (disallowed type, too big, ...), they are displayed at the top of the file attachments fieldset.
    * Though the hidden-iframe method sounds dirty, it's quite compact and is 100% implemented in .js files. The drupal.js api makes it a snap to use.
    * I included some minor improvements to the Drupal JS API and code.
    * I added an API drupal_call_js() to bridge the PHP/JS gap: it takes a function name and arguments, and outputs a <script> tag. The kicker is that it preserves the structure and type of arguments, so e.g. PHP associative arrays end up as objects in JS.
    * I also included a progressbar widget that I wrote for drumm's ongoing update.php work. It includes Ajax status updating/monitoring, but it is only used as a pure throbber in this patch. But as the code was already written and is going to be used in the near future, I left that part in. It's pretty small ;). If PHP supports ad-hoc upload info in the future like Ruby on Rails, we can implement that in 5 minutes.

- Patch #7458 by chx: merged the XML-RPC multicall support into xmlrpc() and use lazy-loading for the XML-RPC libraries.(performance improvement).

- Patch #28482 by Uwe: add CVS $Id$ tags to all source files in Drupal core. This allows admins to know exactly which version of which files they use. In addition I want to use CVS $Id$ tags in my upcoming security.module to check for possible vulnerabilities. That's not possible if some files simply don't have $Id$s.

Note: I also (mostly) unified the tags to use the "// ID" form instead of "/* ID */", but that's more of a cosmetic issue. I'm not sure whether *.txt files and the stuff in themes/ need tags(?).

  Usernames can now be themed; eg. an icon/avatar could be added.

  TODO: update contributed modules + update the migration docs.