This image can be sent with a long expires header, so given that it is on every page this makes sense.

Even if the user changes their profile icon, the image shown to them will still be correct, because it will be at a different URL now.

So far, they are only being sent on images that we know will never change, namely the profileiconbyid icons and thumbs for the blocktypes.

The following things are done:

1) If mod_deflate is available, use it to send text/html, text/css and application/x-javascript files gzipped
2) Remove ETags from all files. They can give benefits in some situations if configured correctly, but until they're investigated I'll just turn them off
3) Send expires headers for a bunch of the static stuff, mainly the stuff in /theme and /js

So far, this has resulted in reducing the size of the homepage from about 300K to 80K, and warm cache hits are only 2K in one request. These performance benefits apply similarly across the whole site.

If a user has checked out a language pack repository, they can add the path of it to a new configuration variable, 'langpacksearchpaths', which is an array of paths to search.

Helpfiles are not handled yet.

This can be tested by checking out the en_AR.utf8 language pack and adding it to langpacksearchpaths. You should get an option to use language 'Avast!'.

This was caused by two things:

1) Not re-getting the user data after firing the create user hook (thus not picking up that the user has the default quota)
2) Looking for, and attempting to place images in, the wrong folder. This was probably broken since 0.9, when the on-disk layout of files changed.

Unfortunately we have to delete the existing auth_remote_user record for them, which means there's little hope of restoring the old user record. Not that we'd want to, perhaps.

Fixing this was interrupted by four hours of trying to work out why key rotation was screwed :(

This comes from a report on the forums: http://www.mahara.org/node/155

The problem stemmed from an apparent misunderstanding in the code about the purpose of the 'authinstance' column in the usr table. It is for the authentication instance the user uses to log in, and is normally the parent if they are using a child/parent authentication method. However, if the authentication method doesn't have a parent, it will be the child.

This means we need to change checks in a couple of places to look for the parent _or_ child, rather than just one of them. Otherwise, some parts of the code believe that users don't exist when in fact they do, etc.

This is kinda important if we want icons for rss feeds to work! :)

Conflicts:

	htdocs/blocktype/externalfeed/version.php

Getting rid of the lines that set the style of the clones to be dragged around seems to work. They don't seem to be necessary anyway.

This patch makes most blocktypes have no title set by default when created. For those that used to set their own titles, if no title is set after the configuration form is submitted, then they get the chance to set the title.

So for example, the RSS block will start with an empty title, but if the user doesn't set it, the title will be the title of the feed that is being syndicated.

Blocks like 'textbox' still keep their defaults, because they don't have any special case way of setting their own titles.

This used to work, but for some reason the code for it has disappeared. The links to edit and delete a view have disappeared from the 'My Views' page, but you could still visit the pages directly. Now that has been locked down.

Before this wasn't happening, so if an administrator created a group, then later edited it and turned it into a controlled group, the group would have no tutors.

* You can now configure whether you want to see just a brief summary of the feed, or the feed in full
* If the description is the same as the first item (Google News is stupid like this), then don't show the description
* Show the feed icon with the feed (regardless of whether it's brief or full mode)
* Show an RSS icon which links to the feed itself so other people can subscribe to it
* Only fetch the first 10 items of a feed, not the first 11. Not sure why the code thought that only 10 were being fetched...

It now lists the sites from which users can embed videos. It also explicitly states you can use the 'embed code' the sites provide. You always could, but now everyone will know.