Wikipedia:Request an account/Changelog

This page is currently inactive and is retained for historical reference. Either the page is no longer relevant or consensus on its purpose has become unclear. To revive discussion, seek broader input via a forum such as the village pump.

This is a summary of any technical changes that have occurred recently in the ACC Interface.

The current revision is r3086.

• Checkusers are allowed to see IP addresses in requests.
• ACCBot can respond to commands in PMs. (ACC-132)
• Tool Administrators can break any reservations on requests. (ACC-148)
• A count of current "Checkuser needed" requests is shown on statistics.php.
• Users can now filter for "Defer to checkuser" logs. (ACC-149)
• A Javascript popup box will appear when attempting to leave a request page when there is an unsubmitted comment. (ACC-150)
• Users can now filter for "SUL Taken" logs.
• When requesting an account an API check will be performed to determine if the requested name already exists in SUL. The request will not go through if the check finds a SUL account.
• E-Mail Addresses will now be hidden similarly to IP Addresses. (ACC-151)
• IP Addresses and E-Mail addresses will only show to non-tool admins and non-Checkusers if they have reserved the request or if the reserving user linked them to a specific URL in the format http://toolserver.org/~acc/acc.php?action=zoom&id=127001&hash=8b3616a71c3ef2a36b3276ede5689624. This URL will be visible only to the reserving user on a request's zoom page. (ACC-154)
• Request IDs will now be shown in outgoing E-Mails to users.
• Logs for reserving requests will now link to the request in question.

• Interface and ACCBot now reports "Request X deferred to flagged users" instead of "Request X deferred to admins" when deferring a request to Account Creators. (ACC-143)
• Changed edit counter link in user management to use Soxred's edit counter instead of Interiot's edit counter which no longer works. (ACC-147)
• Prevent quotes from being added to the username box when filtering for logs.
• Comments should now look correct when they are reported by ACCBot. For example "Will this comment get \"sanitized\"?" will become "Will this comment get "sanitized"?".
• Fixed most HTML validation errors present in the interface. (ACC-11)
• Fixed an SQL injection vulnerability that was present for any usernames requested with a ' in them.
• ACCBot will not post "DCC", "CTCP", or "PRIVMSG" if it appears in comments.

• "Hagger" and "Haggar" will no longer trigger the blacklist.
• Fixed an issue with links to the statistics pages in Sand.
• Search.php no longer allows E-Mail Address searching for non-admins/non-checkusers. (ACC-151)
• Cleaned up Search.php for better error handling and to hide the options for E-Mail and IP Address searching from non-admins.
• Ban management will no longer link to the EMail/IP search pages for non-admins/non-checkusers.

• Added "Account Created" checkbox to custom email form that will distinguish between accounts created and not created.
• Added {{User:Hi878/Welcome}} to welcome templates list.
• Improved changing passwords in action=prefs by making it so that a user only needs to enter their old password and their new one twice to change it, instead of using the forgotten password feature.
• If a user attempts to mark a request as created where the username does not exist on the English Wikipedia, a confirmation message will appear.
• Confirmation is now added for several actions in user management.

• "Preference editing" log filter changed to "Message editing".
• Ban input is now validated (IE: Checking email bans are emails, IP bans are IPs etc) ACC-57.
• When force breaking a request reservation, the request ID in the URL is checked to confirm that it is a valid request ID that is currently reserved.
• Fixed an HTML Injection vulnerability with commenting, and an SQL Injection vulnerability with renaming.
• Input is now encoded in UTF-8 instead of ISO-8859-1, which will allow names in languages such as Arabic and Chinese to be handled correctly by the tool.
• Usernames with spaces in them will be correctly handled by the automatic "Taken in SUL" check with occurs when requesting.
• The links in action=zoom now work correctly for names with ampersands (&) in them.
• Whitespace is now stripped from the !count and !stats ACCBot commands.
• Invalid request IDs are now caught in action=done and action=breakreserve.
• Input into banning forms is now validated.

• Requests that have been closed for a week can no longer be re-opened or reserved by non-admins. (ACC-154)
• Email searching re-enabled for non-admins.
• ~ is now caught as an invalid character by the tool.
• Fixed HTML injections in user management.
• Fixed 2 CSS validation issues.
• Requests that have been closed for a week can no longer be reopened/reserved except by tool administrators and checkusers.
• "CC to mailing list" is now checked by default in custom closes.
• The "preference editing" log filter now more accurately states "message editing".

• Fixed the message displayed when wiki functions are disabled. (stwalkerster, r3091)

• Add geolocation link. (funpika, r3080)

• Hide the close links from the main page in an incredibly hacky way. (funpika, r3073)
• If a request is not reserved, don't show the links for marking as done. (funpika, r3075)
• Moving the check links out of the same area as the username, email, actual IP address, done links, etc and putting them just below. (funpika, r3077, stwalkerster, r3087, r3090)

• Removed references to configuration variable $enableReserving in config.inc.php, acc.php, functions.php. Reserving is now permanently enabled. (stwalkerster, r3081)
• Hide the "Create!" link from the main page and from unreserved requests per CR-ACC-38 (funpika, r3083)

• Better handling of non-standard usernames:
  • Comments from users with non-latin usernames will now display correctly.
  • An issue with statistics pages for usernames with non-latin usernames has been fixed.
  • Apostrophes in usernames are now correctly handled.
• The user statistics page on sand was using data from live, this has been fixed.
• Creation links for usernames containing ampersands now work correctly.
• The page showing inactive users now correctly leaves out checkusers.

• The request log and the comment log have been merged into one view.
• There are now new links to reset the passwords of similar users, if it appears that it may be belong to the requester.
• There is a new close type - 'Password Reset' - which sends an email to the requester telling them that the password of a similarly-named account has been reset, and asking them to reply if they did not get the password reset email.
• The tool now accepts XFF headers from trusted proxies, and displays the links for the actual IP, as well as the proxy, if applicable.

• The whole tool is now valid HTML.
• The sandbox has been cleared to update the database. Users should re-register.