- they could break accounts in existing installations
- strtolower can corrupt strings in multibyte languages
Is it really a problem that usernames are case sensitive on PostgreSQL?
When using authentication module (ldap, smb, pop etc...) and postgres-database multiple moodle
users were created for usernames like 'Username' 'username' 'userName'
Firstly, I'm replacing all use of old-style global variables like
$HTTY_REFERER with their new-style equivalent $_SERVER["HTTP_REFERER"]
Also using $_POST instead $HTTP_POST_VARS etc
Secondly, if gdversion == 0 (ie GD is not installed) then:
- users are not even allowed to upload new images
- graphs now just print a message instead of failing.
this allows Moodle to still be used even if GD is not present
Should be fixed now. As a bonus, I've removed all the uses of
HTTP_POST_VARS from all scripts.
All forms should use the new data_submitted() function to collect
form data (it does the match_referer thing internally now).
Much nicer.
Uploaded images are now saved even if the rest of the form
has errors.
If errors are found in the form then a message is printed up
the top to make it clearer that they need to fix something.
pluggable modules in the 'auth' directory.
Everything is done through authentication_user_login in lib/moodlelib.php
As well as the old default "email" confirmation, I added a new type of
confirmation "none", which basically does no confirmation at all.
servers that have register_globals turned off (this is the
default setting on newer version of PHP).
In fact it's partly a hack that globalises all GET, POST, FILES
AND COOKIE variables. Unfortunately though the SESSION and
USER global session variables are only available as $_SESSION["USER"]
and $_SESSION["SESSION"], which is cumbersome to use.
So, for every request I now make a copy of these two session variables
into $USER and $SESSION. Whenever I update them thoughout Moodle I
now have to call save_session("USER") which copies them back to the
session variable. This seems to be working well now.
Because I'm using $_SESSION etc now this will raise
the required minimum version of PHP to 4.1.0
rely on the administrator to tell us which is installed because PHP
is not reliable (eg GD 2.* functions are available in 4.0.6 and later
EVEN WHEN gd 2 is not present ... sigh).
So, new config variable $CFG->gdversion
