Wikipedia:Request an account/Changelog
historical reference. . Either the page is no longer relevant or consensus on its purpose has become unclear. To revive discussion, seek broader input via a forum such as the village pump |
This is a summary of any technical changes that have occurred recently in the ACC Interface.
The current revision is r3086.
r2885 to r2994
New Features
- Checkusers are allowed to see IP addresses in requests.
- ACCBot can respond to commands in PMs. (ACC-132)
- Tool Administrators can break any reservations on requests. (ACC-148)
- A count of current "Checkuser needed" requests is shown on statistics.php.
- Users can now filter for "Defer to checkuser" logs. (ACC-149)
- A Javascript popup box will appear when attempting to leave a request page when there is an unsubmitted comment. (ACC-150)
- Users can now filter for "SUL Taken" logs.
- When requesting an account an API check will be performed to determine if the requested name already exists in SUL. The request will not go through if the check finds a SUL account.
- E-Mail Addresses will now be hidden similarly to IP Addresses. (ACC-151)
- IP Addresses and E-Mail addresses will only show to non-tool admins and non-Checkusers if they have reserved the request or if the reserving user linked them to a specific URL in the format http://toolserver.org/~acc/acc.php?action=zoom&id=127001&hash=8b3616a71c3ef2a36b3276ede5689624. This URL will be visible only to the reserving user on a request's zoom page. (ACC-154)
- Request IDs will now be shown in outgoing E-Mails to users.
- Logs for reserving requests will now link to the request in question.
Bug fixes
- Interface and ACCBot now reports "Request X deferred to flagged users" instead of "Request X deferred to admins" when deferring a request to Account Creators. (ACC-143)
- Changed edit counter link in user management to use Soxred's edit counter instead of Interiot's edit counter which no longer works. (ACC-147)
- Prevent quotes from being added to the username box when filtering for logs.
- Comments should now look correct when they are reported by ACCBot. For example "Will this comment get \"sanitized\"?" will become "Will this comment get "sanitized"?".
- Fixed most HTML validation errors present in the interface. (ACC-11)
- Fixed an SQL injection vulnerability that was present for any usernames requested with a ' in them.
- ACCBot will not post "DCC", "CTCP", or "PRIVMSG" if it appears in comments.
Other
- "Hagger" and "Haggar" will no longer trigger the blacklist.
- Fixed an issue with links to the statistics pages in Sand.
- Search.php no longer allows E-Mail Address searching for non-admins/non-checkusers. (ACC-151)
- Cleaned up Search.php for better error handling and to hide the options for E-Mail and IP Address searching from non-admins.
- Ban management will no longer link to the EMail/IP search pages for non-admins/non-checkusers.
r2995 to r3072
New features
- Added "Account Created" checkbox to custom email form that will distinguish between accounts created and not created.
- Added {{User:Hi878/Welcome}} to welcome templates list.
- Improved changing passwords in action=prefs by making it so that a user only needs to enter their old password and their new one twice to change it, instead of using the forgotten password feature.
- If a user attempts to mark a request as created where the username does not exist on the English Wikipedia, a confirmation message will appear.
- Confirmation is now added for several actions in user management.
Bug fixes
- "Preference editing" log filter changed to "Message editing".
- Ban input is now validated (IE: Checking email bans are emails, IP bans are IPs etc) ACC-57.
- When force breaking a request reservation, the request ID in the URL is checked to confirm that it is a valid request ID that is currently reserved.
- Fixed an HTML Injection vulnerability with commenting, and an SQL Injection vulnerability with renaming.
- Input is now encoded in ISO-8859-1, which will allow names in languages such as Arabic and Chinese to be handled correctly by the tool.
- Usernames with spaces in them will be correctly handled by the automatic "Taken in SUL" check with occurs when requesting.
- The links in action=zoom now work correctly for names with ampersands (&) in them.
- Whitespace is now stripped from the !count and !stats ACCBot commands.
- Invalid request IDs are now caught in action=done and action=breakreserve.
- Input into banning forms is now validated.
Other
- Requests that have been closed for a week can no longer be re-opened or reserved by non-admins. (ACC-154)
- Email searching re-enabled for non-admins.
- ~ is now caught as an invalid character by the tool.
- Fixed HTML injections in user management.
- Fixed 2 CSS validation issues.
- Requests that have been closed for a week can no longer be reopened/reserved except by tool administrators and checkusers.
- "CC to mailing list" is now checked by default in custom closes.
- The "preference editing" log filter now more accurately states "message editing".
r3073 to r3097
Bug Fixes
- Fixed the message displayed when wiki functions are disabled. (stwalkerster, r3091)
New Features
- Add geolocation link. (funpika, r3080)
Other
- Hide the close links from the main page in an incredibly hacky way. (funpika, r3073)
- If a request is not reserved, don't show the links for marking as done. (funpika, r3075)
- Moving the check links out of the same area as the username, email, actual IP address, done links, etc and putting them just below. (funpika, r3077, stwalkerster, r3087, r3090)
- Removed references to configuration variable $enableReserving in config.inc.php, acc.php, functions.php. Reserving is now permanently enabled. (stwalkerster, r3081)
- Hide the "Create!" link from the main page and from unreserved requests per CR-ACC-38 (funpika, r3083)
r3334 to r3417
Bug fixes
- Better handling of non-standard usernames:
- Comments from users with non-latin usernames will now display correctly.
- An issue with statistics pages for usernames with non-latin usernames has been fixed.
- Apostrophes in usernames are now correctly handled.
- The user statistics page on sand was using data from live, this has been fixed.
- Creation links for usernames containing ampersands now work correctly.
- The page showing inactive users now correctly leaves out checkusers.
New features
- The request log and the comment log have been merged into one view.
- There are now new links to reset the passwords of similar users, if it appears that it may be belong to the requester.
- There is a new close type - 'Password Reset' - which sends an email to the requester telling them that the password of a similarly-named account has been reset, and asking them to reply if they did not get the password reset email.
- The tool now accepts XFFheaders from trusted proxies, and displays the links for the actual IP, as well as the proxy, if applicable.