Merge branch '8.x' of git.drupal.org:project/drupal into 8.x

core/includes/common.inc

@@ -5174,7 +5174,7 @@ function drupal_system_listing($mask, $directory, $key = 'name', $min_depth = 1)
   // distribution we need to include the profile of the parent site (in which
   // test runs are triggered).
   if (drupal_valid_test_ua()) {
-    $testing_profile = config('simpletest.settings')->get('parent_profile');
+    $testing_profile = variable_get('simpletest_parent_profile', FALSE);
     if ($testing_profile && $testing_profile != $profile) {
       $profiles[] = $testing_profile;
     }

core/modules/entity/lib/Drupal/entity/EntityFieldQuery.php

@@ -213,9 +213,7 @@ class EntityFieldQuery {
    *
    * 'bundle', 'revision_id' and 'entity_id' have no such restrictions.
    *
-   * Note: The "comment" and "taxonomy_term" entity types don't support bundle
-   * conditions. For "taxonomy_term", propertyCondition('vid') can be used
-   * instead.
+   * Note: The "comment" entity type does not support bundle conditions.
    *
    * @param $name
    *   'entity_type', 'bundle', 'revision_id' or 'entity_id'.

core/modules/file/file.js

@@ -88,7 +88,14 @@ Drupal.file = Drupal.file || {
       var acceptableMatch = new RegExp('\\.(' + extensionPattern + ')$', 'gi');
       if (!acceptableMatch.test(this.value)) {
         var error = Drupal.t("The selected file %filename cannot be uploaded. Only files with the following extensions are allowed: %extensions.", {
-          '%filename': this.value,
+          // According to the specifications of HTML5, a file upload control
+          // should not reveal the real local path to the file that a user
+          // has selected. Some web browsers implement this restriction by
+          // replacing the local path with "C:\fakepath\", which can cause
+          // confusion by leaving the user thinking perhaps Drupal could not
+          // find the file because it messed up the file path. To avoid this
+          // confusion, therefore, we strip out the bogus fakepath string.
+          '%filename': this.value.replace('C:\\fakepath\\', ''),
           '%extensions': extensionPattern.replace(/\|/g, ', ')
         });
         $(this).closest('div.form-managed-file').prepend('<div class="messages error file-upload-js-error">' + error + '</div>');

core/modules/forum/forum.module

@@ -1359,7 +1359,7 @@ function _forum_get_topic_order($sortby) {
  *   The ID of the node to update.
  */
 function _forum_update_forum_index($nid) {
-  $count = db_query('SELECT COUNT(cid) FROM {comment} WHERE nid = :nid AND status = :status', array(
+  $count = db_query('SELECT COUNT(cid) FROM {comment} c INNER JOIN {forum_index} i ON c.nid=i.nid WHERE c.nid = :nid AND c.status = :status', array(
     ':nid' => $nid,
     ':status' => COMMENT_PUBLISHED,
   ))->fetchField();

core/modules/simpletest/config/simpletest.settings.yml

@@ -1,8 +0,0 @@
-clear_results: '1'
-httpauth:
-    method: '1'
-    password: ''
-    username: ''
-maximum_redirects: '5'
-parent_profile: ''
-verbose: '1'

core/modules/simpletest/lib/Drupal/simpletest/TestBase.php

@@ -529,10 +529,8 @@ abstract class TestBase {
    *   methods during debugging.
    */
   public function run(array $methods = array()) {
-    $simpletest_config = config('simpletest.settings');
-
     $class = get_class($this);
-    if ($simpletest_config->get('verbose')) {
+    if (variable_get('simpletest_verbose', TRUE)) {
       // Initialize verbose debugging.
       $this->verbose = TRUE;
       $this->verboseDirectory = variable_get('file_public_path', conf_path() . '/files') . '/simpletest/verbose';
@@ -543,16 +541,13 @@ abstract class TestBase {
     }
     // HTTP auth settings (<username>:<password>) for the simpletest browser
     // when sending requests to the test site.
-    $this->httpauth_method = (int) $simpletest_config->get('httpauth.method');
-    $username = $simpletest_config->get('httpauth.username');
-    $password = $simpletest_config->get('httpauth.password');
-    if (!empty($username) && !empty($password)) {
+    $this->httpauth_method = variable_get('simpletest_httpauth_method', CURLAUTH_BASIC);
+    $username = variable_get('simpletest_httpauth_username', NULL);
+    $password = variable_get('simpletest_httpauth_password', NULL);
+    if ($username && $password) {
       $this->httpauth_credentials = $username . ':' . $password;
     }
 
-    // Maximum redirects setting for the simpletest browser.
-    $this->maximumRedirects = $simpletest_config->get('maximum_redirects');
-
     set_error_handler(array($this, 'errorHandler'));
     // Iterate through all the methods in this class, unless a specific list of
     // methods to run was passed.

core/modules/simpletest/lib/Drupal/simpletest/Tests/SimpleTestTest.php

@@ -76,7 +76,7 @@ class SimpleTestTest extends WebTestBase {
         'name' => $user->name,
         'pass' => $user->pass_raw
       );
-      $this->maximumRedirects = 1;
+      variable_set('simpletest_maximum_redirects', 1);
       $this->drupalPost('user', $edit, t('Log in'), array(
         'query' => array('destination' => 'user/logout'),
       ));

core/modules/simpletest/lib/Drupal/simpletest/WebTestBase.php

@@ -621,11 +621,11 @@ abstract class WebTestBase extends TestBase {
     variable_set('file_private_path', $this->private_files_directory);
     variable_set('file_temporary_path', $this->temp_files_directory);
 
-    // Set 'parent_profile' of simpletest to add the parent profile's
+    // Set the 'simpletest_parent_profile' variable to add the parent profile's
     // search path to the child site's search paths.
     // @see drupal_system_listing()
     // @todo This may need to be primed like 'install_profile' above.
-    config('simpletest.settings')->set('parent_profile', $this->originalProfile)->save();
+    variable_set('simpletest_parent_profile', $this->originalProfile);
 
     // Include the testing profile.
     variable_set('install_profile', $this->profile);
@@ -917,7 +917,7 @@ abstract class WebTestBase extends TestBase {
     // to prevent fragments being sent to the web server as part
     // of the request.
     // TODO: Remove this for Drupal 8, since fixed in curl 7.20.0.
-    if (in_array($status, array(300, 301, 302, 303, 305, 307)) && $this->redirect_count < $this->maximumRedirects) {
+    if (in_array($status, array(300, 301, 302, 303, 305, 307)) && $this->redirect_count < variable_get('simpletest_maximum_redirects', 5)) {
       if ($this->drupalGetHeader('location')) {
         $this->redirect_count++;
         $curl_options = array();
@@ -2290,6 +2290,32 @@ abstract class WebTestBase extends TestBase {
     return $this->assertNotEqual($actual, $title, $message, $group);
   }
 
+  /**
+   * Asserts themed output.
+   *
+   * @param $callback
+   *   The name of the theme function to invoke; e.g. 'links' for theme_links().
+   * @param $variables
+   *   An array of variables to pass to the theme function.
+   * @param $expected
+   *   The expected themed output string.
+   * @param $message
+   *   (optional) An assertion message.
+   */
+  protected function assertThemeOutput($callback, array $variables = array(), $expected, $message = '') {
+    $output = theme($callback, $variables);
+    $this->verbose('Variables:' . '<pre>' .  check_plain(var_export($variables, TRUE)) . '</pre>'
+      . '<hr />' . 'Result:' . '<pre>' .  check_plain(var_export($output, TRUE)) . '</pre>'
+      . '<hr />' . 'Expected:' . '<pre>' .  check_plain(var_export($expected, TRUE)) . '</pre>'
+      . '<hr />' . $output
+    );
+    if (!$message) {
+      $message = '%callback rendered correctly.';
+    }
+    $message = format_string($message, array('%callback' => 'theme_' . $callback . '()'));
+    $this->assertIdentical($output, $expected, $message);
+  }
+
   /**
    * Asserts that a field exists in the current page by the given XPath.
    *

core/modules/simpletest/simpletest.install

@@ -170,21 +170,13 @@ function simpletest_uninstall() {
   drupal_load('module', 'simpletest');
   simpletest_clean_database();
 
+  // Remove settings variables.
+  variable_del('simpletest_httpauth_method');
+  variable_del('simpletest_httpauth_username');
+  variable_del('simpletest_httpauth_password');
+  variable_del('simpletest_clear_results');
+  variable_del('simpletest_verbose');
+
   // Remove generated files.
   file_unmanaged_delete_recursive('public://simpletest');
 }
-
-/**
- * Move simpletest settings from variables to config.
- */
-function simpletest_update_8000() {
-  update_variables_to_config('simpletest.settings', array(
-    'simpletest_clear_results' => 'clear_results',
-    'simpletest_httpauth_method' => 'httpauth.method',
-    'simpletest_httpauth_password' => 'httpauth.password',
-    'simpletest_httpauth_username' => 'httpauth.username',
-    'simpletest_maximum_redirects' => 'maximum_redirects',
-    'simpletest_parent_profile' => 'parent_profile',
-    'simpletest_verbose' => 'verbose',
-  ));
-}

core/modules/simpletest/simpletest.module

@@ -460,7 +460,7 @@ function simpletest_generate_file($filename, $width, $lines, $type = 'binary-tex
 function simpletest_clean_environment() {
   simpletest_clean_database();
   simpletest_clean_temporary_directories();
-  if (config('simpletest.settings')->get('clear_results')) {
+  if (variable_get('simpletest_clear_results', TRUE)) {
     $count = simpletest_clean_results_table();
     drupal_set_message(format_plural($count, 'Removed 1 test result.', 'Removed @count test results.'));
   }
@@ -530,7 +530,7 @@ function simpletest_clean_temporary_directories() {
  *   The number of results removed.
  */
 function simpletest_clean_results_table($test_id = NULL) {
-  if (config('simpletest.settings')->get('clear_results')) {
+  if (variable_get('simpletest_clear_results', TRUE)) {
     if ($test_id) {
       $count = db_query('SELECT COUNT(test_id) FROM {simpletest_test_id} WHERE test_id = :test_id', array(':test_id' => $test_id))->fetchField();
 

core/modules/simpletest/simpletest.pages.inc

@@ -434,10 +434,8 @@ function simpletest_result_status_image($status) {
  *
  * @ingroup forms
  * @see simpletest_settings_form_validate()
- * @see simpletest_settings_form_submit()
  */
 function simpletest_settings_form($form, &$form_state) {
-  $config = config('simpletest.settings');
   $form['general'] = array(
     '#type' => 'fieldset',
     '#title' => t('General'),
@@ -446,13 +444,13 @@ function simpletest_settings_form($form, &$form_state) {
     '#type' => 'checkbox',
     '#title' => t('Clear results after each complete test suite run'),
     '#description' => t('By default SimpleTest will clear the results after they have been viewed on the results page, but in some cases it may be useful to leave the results in the database. The results can then be viewed at <em>admin/config/development/testing/[test_id]</em>. The test ID can be found in the database, simpletest table, or kept track of when viewing the results the first time. Additionally, some modules may provide more analysis or features that require this setting to be disabled.'),
-    '#default_value' => $config->get('clear_results'),
+    '#default_value' => variable_get('simpletest_clear_results', TRUE),
   );
   $form['general']['simpletest_verbose'] = array(
     '#type' => 'checkbox',
     '#title' => t('Provide verbose information when running tests'),
     '#description' => t('The verbose data will be printed along with the standard assertions and is useful for debugging. The verbose data will be erased between each test suite run. The verbose data output is very detailed and should only be used when debugging.'),
-    '#default_value' => $config->get('verbose'),
+    '#default_value' => variable_get('simpletest_verbose', TRUE),
   );
 
   $form['httpauth'] = array(
@@ -473,16 +471,16 @@ function simpletest_settings_form($form, &$form_state) {
       CURLAUTH_ANY => t('Any'),
       CURLAUTH_ANYSAFE => t('Any safe'),
     ),
-    '#default_value' => $config->get('httpauth.method'),
+    '#default_value' => variable_get('simpletest_httpauth_method', CURLAUTH_BASIC),
   );
-  $username = $config->get('httpauth.username');
-  $password = $config->get('httpauth.password');
+  $username = variable_get('simpletest_httpauth_username');
+  $password = variable_get('simpletest_httpauth_password');
   $form['httpauth']['simpletest_httpauth_username'] = array(
     '#type' => 'textfield',
     '#title' => t('Username'),
     '#default_value' => $username,
   );
-  if (!empty($username) && !empty($password)) {
+  if ($username && $password) {
     $form['httpauth']['simpletest_httpauth_username']['#description'] = t('Leave this blank to delete both the existing username and password.');
   }
   $form['httpauth']['simpletest_httpauth_password'] = array(
@@ -493,20 +491,7 @@ function simpletest_settings_form($form, &$form_state) {
     $form['httpauth']['simpletest_httpauth_password']['#description'] = t('To change the password, enter the new password here.');
   }
 
-  return system_config_form($form, $form_state);
-}
-
-/**
- * Form submission handler for simpletest_settings_form().
- */
-function simpletest_settings_form_submit($form, &$form_state) {
-  config('simpletest.settings')
-    ->set('clear_results', $form_state['values']['simpletest_clear_results'])
-    ->set('verbose', $form_state['values']['simpletest_verbose'])
-    ->set('httpauth.method', $form_state['values']['simpletest_httpauth_method'])
-    ->set('httpauth.username', $form_state['values']['simpletest_httpauth_username'])
-    ->set('httpauth.password', $form_state['values']['simpletest_httpauth_password'])
-    ->save();
+  return system_settings_form($form);
 }
 
 /**
@@ -516,7 +501,7 @@ function simpletest_settings_form_validate($form, &$form_state) {
   // If a username was provided but a password wasn't, preserve the existing
   // password.
   if (!empty($form_state['values']['simpletest_httpauth_username']) && empty($form_state['values']['simpletest_httpauth_password'])) {
-    $form_state['values']['simpletest_httpauth_password'] = config('simpletest.settings')->get('httpauth.password');
+    $form_state['values']['simpletest_httpauth_password'] = variable_get('simpletest_httpauth_password', '');
   }
 
   // If a password was provided but a username wasn't, the credentials are

core/modules/system/lib/Drupal/system/Tests/Theme/FunctionsTest.php

@@ -143,32 +143,6 @@ class FunctionsTest extends WebTestBase {
     $this->assertThemeOutput('links', $variables, $expected);
   }
 
-  /**
-   * Asserts themed output.
-   *
-   * @param $callback
-   *   The name of the theme function to invoke; e.g. 'links' for theme_links().
-   * @param $variables
-   *   An array of variables to pass to the theme function.
-   * @param $expected
-   *   The expected themed output string.
-   * @param $message
-   *   (optional) An assertion message.
-   */
-  protected function assertThemeOutput($callback, array $variables = array(), $expected, $message = '') {
-    $output = theme($callback, $variables);
-    $this->verbose('Variables:' . '<pre>' .  check_plain(var_export($variables, TRUE)) . '</pre>'
-      . '<hr />' . 'Result:' . '<pre>' .  check_plain(var_export($output, TRUE)) . '</pre>'
-      . '<hr />' . 'Expected:' . '<pre>' .  check_plain(var_export($expected, TRUE)) . '</pre>'
-      . '<hr />' . $output
-    );
-    if (!$message) {
-      $message = '%callback rendered correctly.';
-    }
-    $message = t($message, array('%callback' => 'theme_' . $callback . '()'));
-    $this->assertIdentical($output, $expected, $message);
-  }
-
   /**
    * Test the use of drupal_pre_render_links() on a nested array of links.
    */

core/modules/taxonomy/lib/Drupal/taxonomy/Tests/VocabularyTest.php

@@ -63,6 +63,17 @@ class VocabularyTest extends TaxonomyTestBase {
     $edit['machine_name'] = '!&^%';
     $this->drupalPost('admin/structure/taxonomy/add', $edit, t('Save'));
     $this->assertText(t('The machine-readable name must contain only lowercase letters, numbers, and underscores.'));
+
+    // Ensure that vocabulary titles are escaped properly.
+    $edit = array();
+    $edit['name'] = 'Don\'t Panic';
+    $edit['description'] = $this->randomName();
+    $edit['machine_name'] = 'don_t_panic';
+    $this->drupalPost('admin/structure/taxonomy/add', $edit, t('Save'));
+
+    $site_name = config('system.site')->get('name');
+    $this->assertTitle(t('Don\'t Panic | @site-name', array('@site-name' => $site_name)));
+    $this->assertNoTitle(t('Don't Panic | @site-name', array('@site-name' => $site_name)));
   }
 
   /**

core/modules/taxonomy/taxonomy.module

@@ -356,7 +356,7 @@ function taxonomy_menu() {
   );
 
   $items['admin/structure/taxonomy/%taxonomy_vocabulary_machine_name'] = array(
-    'title callback' => 'taxonomy_admin_vocabulary_title_callback',
+    'title callback' => 'entity_page_label',
     'title arguments' => array(3),
     'page callback' => 'drupal_get_form',
     'page arguments' => array('taxonomy_overview_terms', 3),
@@ -427,13 +427,6 @@ function taxonomy_term_access($op, $term) {
   return user_access("$op terms in $term->vid") || user_access('administer taxonomy');
 }
 
-/**
- * Return the vocabulary name given the vocabulary object.
- */
-function taxonomy_admin_vocabulary_title_callback(Vocabulary $vocabulary) {
-  return $vocabulary->name;
-}
-
 /**
  * Saves a vocabulary.
  *
@@ -1680,7 +1673,7 @@ function taxonomy_taxonomy_term_delete(Term $term) {
  * Converts EntityFieldQuery instances on taxonomy terms that have an entity
  * condition on term bundles (vocabulary machine names). Since the vocabulary
  * machine name is not present in the {taxonomy_term_data} table itself, we have
- * to convert the bundle condition into a proprety condition of vocabulary IDs
+ * to convert the bundle condition into a property condition of vocabulary IDs
  * to match against {taxonomy_term_data}.vid.
  */
 function taxonomy_entity_query_alter($query) {