Drupal
/
drupal
mirror of https://git.drupalcode.org/project/drupal.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

500-7002-AS

5.x
Neil Drumm 2007-01-29 21:51:53 +00:00
parent 69ba5d1abe
commit 12bd111762
5 changed files with 35 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CHANGELOG.txt
View File

@ -1,5 +1,11 @@
// $Id$ // $Id$
Drupal 5.1, 2007-01-29
----------------------
- fixed security issue (code execution), see SA-2007-005
- fixed a variety of small bugs.
Drupal 5.0, 2007-01-15 Drupal 5.0, 2007-01-15
------------------------ ------------------------
- completely retooled the administration page - completely retooled the administration page

10
includes/form.inc
View File

@ -959,7 +959,7 @@ function form_select_options($element, $choices = NULL) {
else { else {
$selected = ''; $selected = '';
} }
$options .= '<option value="'. $key .'"'. $selected .'>'. check_plain($choice) .'</option>'; $options .= '<option value="'. check_plain($key) .'"'. $selected .'>'. check_plain($choice) .'</option>';
} }
} }
return $options; return $options;
@ -1055,7 +1055,7 @@ function theme_radio($element) {
$output = '<input type="radio" '; $output = '<input type="radio" ';
$output .= 'name="' . $element['#name'] .'" '; $output .= 'name="' . $element['#name'] .'" ';
$output .= 'value="'. $element['#return_value'] .'" '; $output .= 'value="'. $element['#return_value'] .'" ';
$output .= ($element['#value'] == $element['#return_value']) ? ' checked="checked" ' : ' '; $output .= (check_plain($element['#value']) == $element['#return_value']) ? ' checked="checked" ' : ' ';
$output .= drupal_attributes($element['#attributes']) .' />'; $output .= drupal_attributes($element['#attributes']) .' />';
if (!is_null($element['#title'])) { if (!is_null($element['#title'])) {
$output = '<label class="option">'. $output .' '. $element['#title'] .'</label>'; $output = '<label class="option">'. $output .' '. $element['#title'] .'</label>';
@ -1258,7 +1258,7 @@ function expand_radios($element) {
if (count($element['#options']) > 0) { if (count($element['#options']) > 0) {
foreach ($element['#options'] as $key => $choice) { foreach ($element['#options'] as $key => $choice) {
if (!isset($element[$key])) { if (!isset($element[$key])) {
$element[$key] = array('#type' => 'radio', '#title' => $choice, '#return_value' => $key, '#default_value' => $element['#default_value'], '#attributes' => $element['#attributes'], '#parents' => $element['#parents'], '#spawned' => TRUE); $element[$key] = array('#type' => 'radio', '#title' => $choice, '#return_value' => check_plain($key), '#default_value' => $element['#default_value'], '#attributes' => $element['#attributes'], '#parents' => $element['#parents'], '#spawned' => TRUE);
} }
} }
} }
@ -1537,10 +1537,10 @@ function theme_form_element($element, $value) {
if (!empty($element['#title'])) { if (!empty($element['#title'])) {
$title = $element['#title']; $title = $element['#title'];
if (!empty($element['#id'])) { if (!empty($element['#id'])) {
$output .= ' <label for="'. $element['#id'] .'">'. t('!title: !required', array('!title' => $title, '!required' => $required)) ."</label>\n"; $output .= ' <label for="'. $element['#id'] .'">'. t('!title: !required', array('!title' => filter_xss_admin($title), '!required' => $required)) ."</label>\n";
} }
else { else {
$output .= ' <label>'. t('!title: !required', array('!title' => $title, '!required' => $required)) ."</label>\n"; $output .= ' <label>'. t('!title: !required', array('!title' => filter_xss_admin($title), '!required' => $required)) ."</label>\n";
} }
} }

10
modules/comment/comment.module
View File

@ -1582,7 +1582,12 @@ function comment_form_add_preview($form, $edit) {
$output = ''; $output = '';
comment_validate($edit); // Invoke full validation for the form, to protect against cross site
// request forgeries (CSRF) and setting arbitrary values for fields such as
// the input format. Preview the comment only when form validation does not
// set any errors.
drupal_validate_form($form['form_id']['#value'], $form);
if (!form_get_errors()) {
$comment = (object)_comment_form_submit($edit); $comment = (object)_comment_form_submit($edit);
// Attach the user and time information. // Attach the user and time information.
@ -1597,9 +1602,6 @@ function comment_form_add_preview($form, $edit) {
$comment->name = check_plain($account->name); $comment->name = check_plain($account->name);
} }
$comment->timestamp = $edit['timestamp'] ? $edit['timestamp'] : time(); $comment->timestamp = $edit['timestamp'] ? $edit['timestamp'] : time();
// Preview the comment with security check.
if (!form_get_errors()) {
$output .= theme('comment_view', $comment); $output .= theme('comment_view', $comment);
} }
$form['comment_preview'] = array( $form['comment_preview'] = array(

4
modules/node/node.module
View File

@ -2069,6 +2069,10 @@ function node_form_add_preview($form) {
$op = isset($form_values['op']) ? $form_values['op'] : ''; $op = isset($form_values['op']) ? $form_values['op'] : '';
if ($op == t('Preview')) { if ($op == t('Preview')) {
// Invoke full validation for the form, to protect against cross site
// request forgeries (CSRF) and setting arbitrary values for fields such as
// the input format. Preview the node only when form validation does not
// set any errors.
drupal_validate_form($form['form_id']['#value'], $form); drupal_validate_form($form['form_id']['#value'], $form);
if (!form_get_errors()) { if (!form_get_errors()) {
// Because the node preview may display a form, we must render it // Because the node preview may display a form, we must render it

2
modules/system/system.module
View File

@ -6,7 +6,7 @@
* Configuration system that lets administrators modify the workings of the site. * Configuration system that lets administrators modify the workings of the site.
*/ */
define('VERSION', '5.1-dev'); define('VERSION', '5.1');
/** /**
* Implementation of hook_help(). * Implementation of hook_help().