Wikipedia:Request an account/Changelog

This is a summary of any technical changes that have occurred recently in the ACC Interface.

The current revision is r3086.

New Features

 * Checkusers are allowed to see IP addresses in requests.
 * ACCBot can respond to commands in PMs. (ACC-132)
 * Tool Administrators can break any reservations on requests. (ACC-148)
 * A count of current "Checkuser needed" requests is shown on statistics.php.
 * Users can now filter for "Defer to checkuser" logs. (ACC-149)
 * A Javascript popup box will appear when attempting to leave a request page when there is an unsubmitted comment. (ACC-150)
 * Users can now filter for "SUL Taken" logs.
 * When requesting an account an API check will be performed to determine if the requested name already exists in SUL. The request will not go through if the check finds a SUL account.
 * E-Mail Addresses will now be hidden similarly to IP Addresses. (ACC-151)
 * IP Addresses and E-Mail addresses will only show to non-tool admins and non-Checkusers if they have reserved the request or if the reserving user linked them to a specific URL in the format http://toolserver.org/~acc/acc.php?action=zoom&id=127001&hash=8b3616a71c3ef2a36b3276ede5689624. This URL will be visible only to the reserving user on a request's zoom page. (ACC-154)
 * Request IDs will now be shown in outgoing E-Mails to users.
 * Logs for reserving requests will now link to the request in question.

Bug fixes

 * Interface and ACCBot now reports "Request X deferred to flagged users" instead of "Request X deferred to admins" when deferring a request to Account Creators. (ACC-143)
 * Changed edit counter link in user management to use Soxred's edit counter instead of Interiot's edit counter which no longer works. (ACC-147)
 * Prevent quotes from being added to the username box when filtering for logs.
 * Comments should now look correct when they are reported by ACCBot. For example "Will this comment get \&quot;sanitized\&quot;?" will become "Will this comment get "sanitized"?".
 * Fixed most HTML validation errors present in the interface. (ACC-11)
 * Fixed an SQL injection vulnerability that was present for any usernames requested with a ' in them.
 * ACCBot will not post "DCC", "CTCP", or "PRIVMSG" if it appears in comments.

Other

 * "Hagger" and "Haggar" will no longer trigger the blacklist.
 * Fixed an issue with links to the statistics pages in Sand.
 * Search.php no longer allows E-Mail Address searching for non-admins/non-checkusers. (ACC-151)
 * Cleaned up Search.php for better error handling and to hide the options for E-Mail and IP Address searching from non-admins.
 * Ban management will no longer link to the EMail/IP search pages for non-admins/non-checkusers.

New features

 * Added "Account Created" checkbox to custom email form that will distinguish between accounts created and not created.
 * Added to welcome templates list.
 * Improved changing passwords in action=prefs by making it so that a user only needs to enter their old password and their new one twice to change it, instead of using the forgotten password feature.
 * If a user attempts to mark a request as created where the username does not exist on the English Wikipedia, a confirmation message will appear.
 * Confirmation is now added for several actions in user management.

Bug fixes

 * "Preference editing" log filter changed to "Message editing".
 * Ban input is now validated (IE: Checking email bans are emails, IP bans are IPs etc) ACC-57.
 * When force breaking a request reservation, the request ID in the URL is checked to confirm that it is a valid request ID that is currently reserved.
 * Fixed an HTML Injection vulnerability with commenting, and an SQL Injection vulnerability with renaming.
 * Input is now encoded in UTF-8 instead of ISO-8859-1, which will allow names in languages such as Arabic and Chinese to be handled correctly by the tool.
 * Usernames with spaces in them will be correctly handled by the automatic "Taken in SUL" check with occurs when requesting.
 * The links in action=zoom now work correctly for names with ampersands (&) in them.
 * Whitespace is now stripped from the !count and !stats ACCBot commands.
 * Invalid request IDs are now caught in action=done and action=breakreserve.
 * Input into banning forms is now validated.

Other

 * Requests that have been closed for a week can no longer be re-opened or reserved by non-admins. (ACC-154)
 * Email searching re-enabled for non-admins.
 * ~ is now caught as an invalid character by the tool.
 * Fixed HTML injections in user management.
 * Fixed 2 CSS validation issues.
 * Requests that have been closed for a week can no longer be reopened/reserved except by tool administrators and checkusers.
 * "CC to mailing list" is now checked by default in custom closes.
 * The "preference editing" log filter now more accurately states "message editing".

Bug Fixes

 * Fixed the message displayed when wiki functions are disabled. (stwalkerster, r3091)

New Features

 * Add geolocation link. (funpika, r3080)

Other

 * Hide the close links from the main page in an incredibly hacky way. (funpika, r3073)
 * If a request is not reserved, don't show the links for marking as done. (funpika, r3075)
 * Moving the check links out of the same area as the username, email, actual IP address, done links, etc and putting them just below. (funpika, r3077, stwalkerster, r3087, r3090)


 * Removed references to configuration variable $enableReserving in config.inc.php, acc.php, functions.php. Reserving is now permanently enabled. (stwalkerster, r3081)
 * Hide the "Create!" link from the main page and from unreserved requests per CR-ACC-38 (funpika, r3083)