protected_node 7.x-1.9

Bug fixes

Contributors (1)

meyerrob

Changelog

Issues: 1 issues resolved.

Changes since 7.x-1.8:

Bug

  • #3345439 by meyerrob: Calls of protected_node_access_callback without $_GET['destination'] throw warnings

protected_node 7.x-1.8

New features

This new hash mecanism will help in migrating existing data to D9.

Contributors (2)

Grimreaper, meyerrob

Changelog

Issues: 1 issues resolved.

Changes since 7.x-1.7:

protected_node 7.x-1.7

Bug fixes

Contributors (2)

danyg, Grimreaper

Changelog

Issues: 2 issues resolved.

Changes since 7.x-1.6:

protected_node 7.x-1.0-rc2

Bug fixes

protected_node 7.x-1.0-rc1

First Drupal 7 release.

It will be promoted to stable release if no bug is discovered.

protected_node 6.x-1.9

Bug fixes

Found out that the SQL rewrite function would block many more nodes from view than expected.
(so this was not a security problem, but the other way around...)
This should fix the problems users noticed with views.

protected_node 6.x-1.8

Bug fixes

A few bug fixes, you should upgrade to avoid potential problems with node titles.
Also fixed some coder mistakes.
See issue #1498952: Clean up code based on Coder module output by Barrett for additional information.

protected_node 6.x-1.7

New features
Bug fixes

* Deleted node are not removed from the protected nodes table.
* Issue #420464: Integration with webfm by Frank Steiner: Integration with webfm.
* Fixed an error message that was not changed on a copy + paste.

protected_node 6.x-1.6

Security update
New features
Bug fixes

This release includes a fix for SA-CONTRIB-2012-101 - Protected Node - Access Bypass.
Note: many of the following bugs, fixes, etc. are intermediary (i.e. between different development stages); I keep them here for reference

* Issue #1179048: Password fields should be mandatory by eL: global passwords must be ignored if the node was created by the anonymous user.
* Issue #1179048: Password fields should be mandatory from eL: Password fields should be mandatory -- especially for anonymous users.
* Issue #1179048: Password fields should be mandatory by eL: Password fields should be mandatory.
* Issue #1137526: No password for viewing but a password for editing by eL and AlexisWilke:
** Select status of the protected node field set when editing the node.
** Select whether a node is always protected, is protected by default, or never protected.
** "Security fix," avoid saving the global password in clear (this was in one of the alpha version and not considered as a security issue by the Drupal security team.)
** Added information about the hook_protected_node_hide() callback.
** Fixed the INSERT to include the protected node hint field.
** Added some missing documentation.
** Added support for a node type wide password.
* Issue #1159948: edit properties uses insert instead of update by ferrum: edit properties uses insert instead of update when password is empty.
* Fixed syntax errors in comments and strings, removed useless comments.
* Issue: #1159964: autoincrement nid field by ferrum: autoincrement nid field (replaced by simple int).

protected_node 6.x-1.6-beta3

Bug fixes
Insecure

* Password fields should be mandatory.
* Global passwords must be ignored if the node was created by the anonymous user.

protected_node 6.x-1.6-beta2

New features
Bug fixes
Insecure

* Select status of the protected node field set when editing the node.
* Select whether a node is always protected, is protected by default, or never protected.
* Security fix, avoid saving the global password in clear.
* Added information about the hook_protected_node_hide() callback.
* Fixed the INSERT to include the protected node hint field.
* Added some missing documentation.
* Added support for a node type wide password.

protected_node 6.x-1.6-beta1

Bug fixes
Insecure

Fixed a problem with updating a node that had a protected node entry with an empty password (double INSERT)
Fixed a comment
Fixed the nid parameter in the database from serial to integer.

protected_node 6.x-1.6-alpha4

Bug fixes
Insecure

Fixed usage of different variables.
Fixed a double 'the the' in a string.
Added two missing exit() calls after drupal_access_denied().
Fixed many more permission problems (proper support of View, Edit, and Delete).
Renamed the "edit protected content" into "edit any password" and corresponding node type specific permissions.

protected_node 6.x-1.6-alpha3

Bug fixes
Insecure

I added a switch() without an expression. Just added the expression in alpha3.

protected_node 6.x-1.6-alpha1

New features
Bug fixes
Insecure

PLEASE MAKE A DATABASE BACKUP.

This version upgrades your database, so to go back to an older version, you will have to restore the database. Make sure to make a backup first.

All bugs reported in the last 18 or so months have been fixed. They need testing by the community.
Many of the feature requests have been implemented. The module has many more options even though the feature remains the same.

protected_node 5.x-1.4

New features
Bug fixes

This release fixes a display bug:

#385950

It also contains a single improvement regarding password bypass by role assignment and french translation (by sbordage):

#361947 - Patch by Frank Steiner

protected_node 6.x-1.5

New features
Bug fixes
Insecure

This release fixes a display bug:

#385950

It also contains improvements regarding password bypass by role assignment, node type specific texts and french translation (by sbordage):
#261551 - Patch by jrglasgow
#361947 - Patch by Frank Steiner

protected_node 5.x-1.3

New features
Bug fixes

Important: This release contain a regression. The protected node admin page no longer contains the node type selection control. This represented a duplicate functionality with access control and have been dropped in favor for access control group regulations. After upgrade, please go to access control and give your groups at least access to view protected content.

Also this release contains a new simple API, many-many bugfixes and Views 1.x integration.
Issues closed in this release:

protected_node 6.x-1.4

New features
Bug fixes
Insecure

Important: This release contain a regression. The protected node admin page no longer contains the node type selection control. This represented a duplicate functionality with access control and have been dropped in favor for access control group regulations. After upgrade, please go to access control and give your groups at least access to view protected content.

Also this release contains a new simple API, many-many bugfixes and refactoring for better performance.
Issues closed in this release:

protected_node 5.x-1.0

This is the first stable release of protected node. After using it extensively it proves itself quiet robust.

protected_node 5.x-1.x-dev

Bug fixes
New features

This release is for Drupal 5.x
It is fairly stable, I use it on one of my sites. Please test it and report back if you find any bugs or problems.

UPDATE as of 2007.11.08:
Major update on how protection works. Protected_node now utilises the Node Protection System.

Protected_node now stores passwords as sha1 hashes with optional salt. Salt could be configured in settings.php by definig $protected_node_salt variable with a random value. More entropy means better security. Usage is recommended.

Subscribe with RSS Subscribe to Releases for Protected Node