Places that display list of users (such as course participants page)
with additional identifier fields now respect the user's permission to
view other users' hidden profile fields.
This includes:
- Changing PHPUnit's bootstrap to use https://www...
- Modify all existing expectations to the new wwwroot.
- Amend some tests now with different defaults because of is_https()
- Added a note to main upgrade.php about the change.
set_user_preference and unset_user_preference let you pass the user to
set preferences for as an id. Previously, if you passed $USER->id there,
those methods did not update the Cache in $USER, which was surprising,
and not easy to debug.
Now, we always update the preference cache in $USER if the preference is
being changed for the current user.
It was discovered by unit tests that the return value is not a real
boolean as was intuitively expected and documented. To avoid potential
issues with the truthyness in the future, we explicitly cast the return
value to boolean now.
The patch adds validation for the noreplyaddress setting variable, for
the explicit $replyto parameter and for the sender's email. In case of
misconfigured noreplyaddress setting, it falls back to the default
noreply address value. In case of invalid email in the user's record,
the email is not sent.
The patch also adds unit test for the value returned by the function
generate_email_processing_address() so that it can be considered as a
valid email, too.
This is supposed to significantly minimise the risk of exploiting the
vulnerability in PHPMailer's Sender field.
Use core functions that are faster for test file creation.
To support large requests for hashes, the core hash function
must support large hashes without recursion. PHP has a default
recursion depth of 100 and long hashes don't support this.
Remove transactions as they create performance problems for larger
courses and doesn't introduce significant benefit for developers.
Performance changes meant the times were much faster, a reasonable
guess was taken on performance of an average machine.
Repositories can now override usespost() if they don't upload using POST
requests. This restores the ability of users with
moodle/course:ignorefilesizelimits to upload files of unlimited size
lost in MDL-44626.
The value Etc/GMT-14 was added to the list of known timezones,
and Etc/GMT+13 & Etc/GMT+14 were removed as they are not valid.
Tests were added to ensure that legacy user timezones are mapped
to known timezones. Other tests were changed to reflect the changes
with regards to Etc/GMT+13 and +-14.
When $CFG->divertallemailsto is specified, this allows a list of email
or domain exceptions to be whitelisted enabling easier testing by groups
of testers who don't share a single email address.
This patch replaces all homegrown timezone
stuff with standard PHP date/time code.
The main change is the introduction of core_date
class that returns normalised user and server
timezones. From now on nobody should be using
$CFG->timezone or $user->timezone directly!
Other new features and fixes:
* admins are prompted for timezone during install
* editing of other users is finally fixed
* timezones are displayed in user profile
* new $this->setTimezone() in phpunit
* time locale is now automatically reset in phpunit
* timezone is now automatically reset in phpunit
* phpunit has Australia/Perth as default timezone
