Since 2.0 all uploaded files need to go through the file picker which does the scanning,
the idea is that it is more important to warn users that their computer is crawling
with viruses. All teachers are supposed to have local up-to-date antivirus software!
Since 2.0 we are not scanning existing files on server, in future we might use the
status flag in files table to indicate the file is problematic, but still we should
never detele anthing from the filedir...
* Removed functions which were throwing fatal errors
* Fixup navmenu comment, as it hasn't been throwing a fatal error, it
shouldn't be removed as part of this issue yet. (Although if you are
still using this function, you are crazy and should thank me ;-)).
List of changes:
* New OOP API using PHP namespace \core\session\.
* All handlers now update the sessions table consistently.
* Experimental DB session support in Oracle.
* Full support for session file handler (filesystem locking required).
* New option for alternative session directory.
* Official memcached session handler support.
* Workaround for memcached version with non-functional gc.
* Improved security - forced session id regeneration.
* Improved compatibility with recent PHP releases.
* Fixed borked CSS during install in debug mode.
* Switched to file based sessions in new installs.
* DB session setting disappears if DB does not support sessions.
* DB session setting disappears if session handler specified in config.php.
* Fast purging of sessions used in request only.
* No legacy distinction - file, database and memcached support the same functionality.
* Session handler name included in performance info.
* Fixed user_loggedin and user_loggedout event triggering.
* Other minor bugfixing and improvements.
* Fixed database session segfault if MUC disposed before $DB.
Limitations:
* Session access time is now updated right after session start.
* Support for $CFG->sessionlockloggedinonly was removed.
* First request does not update userid in sessions table.
* The timeouts may break badly if server hosting forces PHP.ini session settings.
* The session GC is a lot slower, we do not rely on external session timeouts.
* There cannot be any hooks triggered at the session write time.
* File and memcached handlers do not support session lock acquire timeouts.
* Some low level PHP session functions can not be used directly in Moodle code.
generate_email_supportuser was not creating user which can
be used by messaging system. core_user::get_support_user()
should be used to get support_user record.
This commit moves user agent related functionality out of several
core libraries and combines it into a more manageable class.
All core uses are converted and functions deprecated in favor
of the new class.
This reverts commit af62237d0e6e27df868d50848f7098f57c103f86.
This reverts commit 87a4194fdcd322d4aee5a6207b55a8da0864da94.
This reverts commit b2c66eb60c01805f26cc791966f05be52af7b406.
Conflicts:
version.php
This commit moves user agent related functionality out of several
core libraries and combines it into a more manageable class.
All core uses are converted and functions deprecated in favor
of the new class.
