1. 20 Apr, 2008 3 commits
    • Dries's avatar
      - Added a test framework to Drupal along with a first batch of tests for · af474609
      Dries authored
        Drupal core!  This is an important milestone for the project so enable
        the module and check it out ... :)
        Thanks to Rok Žlender, Károly Négyesi, Jimmy Berry, Kevin Bridges, Charlie
        Gordon, Douglas Hubler, Miglius Alaburda, Andy Kirkham, Dimitri13, Kieran
        Lal, Moshe Weitzman, and the many other people that helped with testing
        over the past years and that drove this home.
        It all works but it is still rough around the edges (i.e. documentation
        is still being written, the coding style is not 100% yet, a number of
        tests still fail) but we spent the entire weekend working on it in Paris
        and made a ton of progress.  The best way to help and to get up to speed,
        is to start writing and contributing some tests ... as well as fixing
        some of the failures.
        For those willing to help with improving the test framework, here are
        some next steps and issues to resolve:
          - How to best approach unit tests and mock functions?
          - How to test drupal_mail() and drupal_http_request()?
          - How to improve the admin UI so we have a nice progress bar?
          - How best to do code coverage?
          - See http://g.d.o/node/10099 for more ...
    • Dries's avatar
    • Dries's avatar
  2. 19 Apr, 2008 3 commits
  3. 17 Apr, 2008 1 commit
  4. 16 Apr, 2008 3 commits
  5. 15 Apr, 2008 2 commits
  6. 14 Apr, 2008 4 commits
  7. 11 Apr, 2008 1 commit
  8. 10 Apr, 2008 6 commits
  9. 08 Apr, 2008 1 commit
    • Dries's avatar
      - Patch #228594 by catch et al: removed access rule functionality from core. · 08aa2322
      Dries authored
        The access rules capability of user module has been stripped down to a
        simple method for blocking IP addresses. E-mail and username restrictions
        are now available in a contributed module. IP address range blocking is
        no longer supported and should be done at the server level.
        This patch is partly motiviated by the fact that at the usability testing,
        it frequently came up that users went to "access rules" when trying to
        configure their site settings.
  10. 06 Apr, 2008 1 commit
  11. 02 Apr, 2008 4 commits
  12. 01 Apr, 2008 5 commits
  13. 31 Mar, 2008 3 commits
    • Dries's avatar
      - Patch #29706 by pwolanin, solardiz, et al: more secure password hashing. · ed59911f
      Dries authored
        This is a big and important patch for Drupal's security.  We are switching
        to much stronger password hashes that are also compatible with the Portable
        PHP password hashing framework.
        The new password hashes defeat a number of attacks, including:
        - The ability to try candidate passwords against multiple hashes at once.
        - The ability to use pre-hashed lists of candidate passwords.
        - The ability to determine whether two users have the same (or different)
          password without actually having to guess one of the passwords.
        Also implemented a pluggable password hashing API (similar to how an alternate
        cache mechanism can be used) to allow developers to readily substitute an
        alternative hashing and authentication scheme.
        Thanks all!
    • Dries's avatar
    • Dries's avatar
      - Patch #239958 by Steve Dondley: make the explicit cache clearing... · 771950b1
      Dries authored
      - Patch #239958 by Steve Dondley: make the explicit cache clearing functionality reload the theme's .info file.  (We're back from a vacation in the French Alpes, BTW!  Time to catch up with patches.)
  14. 27 Mar, 2008 1 commit
  15. 25 Mar, 2008 2 commits