* Defer load of groups data
* Introduce newFromRow()/loadFromRow() to allow bulk loading of user objects from a result set
* Hook email and email authentication save/load to allow CentralAuth to provide a global email address
* Defer save of user data after confirmEmail() and invalidateEmail(). Caller must now also call saveSettings(). This reduces the master query count in some code paths.
Elsewhere:
* Introduce UserArray class, for bulk loading of user objects. Immediately useful in email notification, potentially useful for proposed user alias feature.
* In Special:Confirmemail, remove useless handling for impossible false return from confirmEmail()/invalidateEmail().
* Declaration of Image::newFromTitle() should be compatible with that of LocalFile::newFromTitle() : Moved Image class to Image.php, will only be loaded when an old extension need it.
* Declaration of OldLocalFile::newFromTitle() should be compatible with that of LocalFile::newFromTitle() : Added an unsed param to LocalFile::newFromTitle() with a null default value, also added the null default value to OldLocalFile::newFromTitle() but that function will throw an Exception if that value isn't modified (even if these functions should not be called by extensions).
Pass $suffix parameter to File::getArchiveRel() in File::getArchivePath()
* Add LogEventList class. LogReader and Viewer added to the file for b/c for now.
* Add $wgLogRestrictions to restrict logs
* Show log items in watchlists
* Wrote two concrete implementations. LBFactory_Simple is for general installations. LBFactory_Multi will replace the runtime configuration used on Wikimedia and allow load-balanced connections to any DB.
* Ported Special:Userrights, CentralAuth and OAI audit to the LBFactory system.
* Added ForeignDBViaLBRepo, a file repository which uses LBFactory.
* Removed $wgLoadBalancer and $wgAlternateMaster
* Improved the query group concept to allow failover and lag control
* Improved getReaderIndex(), it will now try all servers before waiting, instead of waiting after each.
* Removed the $fail parameter to getConnection(), obsolete.
* Removed the useless force() function.
* Abstracted the replication position interface to allow for future non-MySQL support.
* Rearranged Database.php. Added a few debugging features.
* Removed ancient benet-specific hack from waitForSlave.php
* PHP 5.3 compatibility fix for wfRunHooks() called with no parameters
An autoloaded 'Namespace' class alias is retained for compatibility with
extensions which haven't updated to the new class name... however they too
will break on PHP 5.3. Yay!
* Adds Category and CategoryList classes to represent categories themselves.
* Adds a category table, giving each category a name, ID, and counts of all members, subcats only, and files.
* Adds a maintenance script to populate the category table efficiently. This script is careful to wait for slaves and should be safe to run on a live database. The maintenance script's includes file is called by update.php.
* Until the category table is populated, the patch handles weird category table rows gracefully. It detects whether they're obviously impossible, and if so, it outputs appropriate messages.
* Switch XML type detection/validity check from dipping for XML processing instructions, doctypes, or subtags to just trying to parse it and checking the root element's name and namespace. This lets us properly handle SVG files which specify a namespace but no doctype, as well as rejecting files that aren't well-formed. (See http://meta.wikimedia.org/wiki/SVG_validity_checks for some samples of bad files I encountered.) Non-XML files will abort parsing pretty quickly, so this shouldn't be a big burden on other types that didn't hit a magic check.
* Fix Unicode unix script checks (er.... is that even right? :D), remove the iconv dependency
* Verified Preprocessor_Hash against Preprocessor_DOM with a differential fuzz test.
* Improved the utility of Parser_DiffTest by synchronising strip markers and allowing for loose object comparison.
* Abstracted PPDStack to make it usable in Preprocessor_Hash.
Both now accept namespace prefixes, handle 'Media:' and 'Special:' pages,
and reject interwiki prefixes. PrefixSearch class centralizes this code,
and the backend part can be overridden by the PrefixSearchBackend hook.
* Reduced stack depth by using an internal stack in expand(), and by having some common code paths (e.g. non-subst double-brace during PST) return objects which can be expanded in that internal stack instead of the PHP stack. This is friendly to xdebug but slightly slower than the original version. Also it probably helps robustness when you don't add 7 stack levels per pair of double braces.
* Profiling indicates that expand and PPD are now good targets for porting to C. Abstracted and refactored the relevant code to allow for a drop-in replacement. A factor of 2 reduction in average-case replaceVariables() time may be possible.
* Verified with preprocessorFuzzTest.php against r29950, updated to allow better PST tests.
* Made parserTests.php respect $wgParserConf
* LST and ParserFunctions need a simultaneous update with the core due to changed interfaces. DOM objects are now wrapped rather than directly exposed.
* Removing action=render module (which was deprecated) in favor of action=parse
* Added prop parameter to action=parse so certain parts of the output can be left out
* action=parse&prop=text behaves pretty much exactly like action=render used to
** This probably shouldn't be hard-coded the way I did it
* UserrightsPage::saveUserGroups() now takes $removegroup and $addgroup parameters by reference. Parameters are changed to reflect what was actually added and removed.
* Re-adding ApiChangeRights module, which now handles permission denied errors more gracefully
* Adjust UserrightsForm so that it inherits from SpecialPage; nuke HTMLForm. Since this breaks backward compatibility, renamed to UserrightsPage.
* Created SpecialPage::isRestricted() and enforced use of SpecialPage::userCanExecute() instead of hardcoded checks. These can now be overridden so that more complicated restriction systems work sanely. Used them for UserrightsPage (fixes bug 12489).
* A few random comment/documentation tweaks.
Also, update Special:Version date.
Split out the remote accessors into a UserRightsProxy object, so the main interface code
doesn't have to worry about it -- it just uses the regular User object interface functions,
without caring that it's got a remote object here.
Should have cleaner behavior with numeric ID accesses as well; it now does a name lookup even for remote ones, and logs with that.
* Made it possible to configure the parser class being used, via $wgParserConf.
* Moved defines from the top of Parser.php to either class constants or Defines.php
* Added Parser_DiffTest, a differential parser class for regression testing
* Added Parser_OldPP, a parser class which operates like the parser before this commit. I made one breaking change: a bugfix to avoid losing whitespace when adding MWTEMPLATESECTION markers.
* Made internal tidy work with PHP 5
* Added the ability to supply a hook for template fetching via ParserOptions. This is handy for testing.
* Updated parserTests.txt to account for the various breaking changes I made. Removed a few parser tests that no longer test for anything useful.
format=raw is an HTML injection machine like action=raw but without any safeguards; it's trivial to create JavaScript exploits which hit at least Internet Explorer.
There's no reason to add a whole new danger point here when you've got machine-readable structure already... please do not add this raw formatter back.
