Drupal
/
drupal
mirror of https://git.drupalcode.org/project/drupal.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Drupal 5.13

5.x 5.13
Neil Drumm 2008-12-10 22:21:27 +00:00
parent 7ce6206eae
commit e9347cca05
4 changed files with 31 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
CHANGELOG.txt
View File

@ -1,7 +1,10 @@
// $Id$
Drupal 5.13-dev, xxxx-xx-xx (development version)
Drupal 5.13, 2008-12-10
-----------------------
- fixed a variety of small bugs.
- fixed security issues, (Cross site request forgery and Cross site scripting), see SA-2008-073
- updated robots.txt and .htaccess to match current file use.
Drupal 5.12, 2008-10-22
-----------------------

19
modules/filter/filter.module
View File

@ -709,13 +709,20 @@ function filter_list_format($format) {
static $filters = array();
if (!isset($filters[$format])) {
$filters[$format] = array();
$result = db_query("SELECT * FROM {filters} WHERE format = %d ORDER BY weight ASC", $format);
while ($filter = db_fetch_object($result)) {
$list = module_invoke($filter->module, 'filter', 'list');
if (isset($list) && is_array($list) && isset($list[$filter->delta])) {
$filter->name = $list[$filter->delta];
$filters[$format][$filter->module .'/'. $filter->delta] = $filter;
if (db_num_rows($result) == 0 && !db_result(db_query("SELECT 1 FROM {filter_formats} WHERE format = %d", $format))) {
// The format has no filters and does not exist, use the default input
// format.
$filters[$format] = filter_list_format(variable_get('filter_default_format', 1));
}
else {
$filters[$format] = array();
while ($filter = db_fetch_object($result)) {
$list = module_invoke($filter->module, 'filter', 'list');
if (isset($list) && is_array($list) && isset($list[$filter->delta])) {
$filter->name = $list[$filter->delta];
$filters[$format][$filter->module .'/'. $filter->delta] = $filter;
}
}
}
}

2
modules/system/system.module
View File

@ -6,7 +6,7 @@
* Configuration system that lets administrators modify the workings of the site.
*/
define('VERSION', '5.13-dev');
define('VERSION', '5.13');
/**
* Implementation of hook_help().

21
update.php
View File

@ -562,10 +562,11 @@ function update_finished_page($success) {
function update_info_page() {
drupal_set_title('Drupal database update');
$link = 'update.php?op=selection&token='. drupal_get_token('update');
$output = "<ol>\n";
$output .= "<li>Use this script to <strong>upgrade an existing Drupal installation</strong>. You don't need this script when installing Drupal from scratch.</li>";
$output .= "<li>Before doing anything, backup your database. This process will change your database and its values, and some things might get lost.</li>\n";
$output .= "<li>Update your Drupal sources, check the notes below and <a href=\"update.php?op=selection\">run the database upgrade script</a>. Don't upgrade your database twice as it may cause problems.</li>\n";
$output .= "<li>Update your Drupal sources, check the notes below and <a href=\"$link\">run the database upgrade script</a>. Don't upgrade your database twice as it may cause problems.</li>\n";
$output .= "<li>Go through the various administration pages to change the existing and new settings to your liking.</li>\n";
$output .= "</ol>";
$output .= '<p>For more help, see the <a href="http://drupal.org/node/258">Installation and upgrading handbook</a>. If you are unsure what these terms mean you should probably contact your hosting provider.</p>';
@ -793,10 +794,6 @@ if (($access_check == FALSE) || ($user->uid == 1)) {
$op = isset($_REQUEST['op']) ? $_REQUEST['op'] : '';
switch ($op) {
case 'Update':
$output = update_update_page();
break;
case 'finished':
$output = update_finished_page(TRUE);
break;
@ -813,10 +810,18 @@ if (($access_check == FALSE) || ($user->uid == 1)) {
$output = update_progress_page_nojs();
break;
case 'Update':
if ($_GET['token'] == drupal_get_token('update')) {
$output = update_update_page();
break;
}
// If the token did not match we just display the default page.
case 'selection':
$output = update_selection_page();
break;
if ($_GET['token'] == drupal_get_token('update')) {
$output = update_selection_page();
break;
}
// If the token did not match we just display the default page.
default:
$output = update_info_page();
break;