* Allow or disallow account creation from blocked IP addressess on a per-block basis.
* Prevent duplicate blocks.
* Fixed the problem of expiry and unblocking erroneously affecting multiple blocks.
* Fixed confusing lack of error message when a blocked user attempts to create an account.
* Fixed inefficiency of Special:Ipblocklist in the presence of large numbers of blocks; added indexes and implemented an indexed pager.
* remove require_once() throughout whole code, yet left in few places
* move global functions in HttpUtils, ProxyTools, Credits to class methods
* php5 only: __autoload() now used, combined with class->file map and require()
* move initialization of $wgValidSkinNames to Skin::getSkinNames()
* few more changes that will surely break stuff.
Inserting a newline into some improperly filtered option strings could be used to overwrite other pref values, bypassing their input validation. Any newlines now get filtered out at User::setOption as a final line of defence.
There were a few HTML injection bugs, but none appear to be exploitable, as prefs can only be set if you already control the account.
Bug found by gmaxwell.
* (bug 675) Add page protection level for unregistered/new accounts
* User::isNewbie now uses the registration date and $wgAutoconfirmAge
* Log views show message when no matches
(used to spontaneously switch to Classic skin for old numeric pref records)
This one keeps biting me when I log in on wikis I haven't been to in a year
or two, then change prefs.
- treat NULL properly in watchlist lookup for notification sending
- consolidate a lot of ugly code that fiddles in those tables
- use user_newtalk consistently in enotif mode; watchlist for email notifications, user_newtalk for on-screen message and status check
- clean up handling of other peoples' user_talk pages when in the talk-only limited enotif: only your own will get sent, not other people watching your page
- and others watching your page _will_ work in watchable enotif mode
- add a watch on page + talk page consistently for the auto-add of the user talk page, not just half the page
- don't unwatch the user talk page on view! that's just wacky
- removed UserTalkUpdate, now redundant
- have User::setNewTalk() apply immediately
- clear newtalk from User::clearNotification() and User::clearAllNotifications()
