Commit 4b205056 authored by yched's avatar yched
parent 346b3a1d
//$Id$
CCK 6.2-dev
CCK 6.x-2.0
===========
=======
IMPORTANT : this release fixes (minor) cross-site scripting (XSS) vulnerabilities
in nodereference.module, userreference.module, content_copy.module, and CCK's Views integration
See the Security Annoucement on http://drupal.org/node/330546 for more information.
Note: Filters available for CCK fields in Views have changed slightly since the RC releases.
If upgrading from a RC release, you might need to check your views, and if needed.
This only applies to filters defined on Text or Number fields that specify a list of 'Allowed values'.
......@@ -57,8 +60,8 @@ Other changes:
- #323681 Panels integration: make 'field as pane' work again.
- #311912 Views integration: The many_to_one filters for fields with 'allowed values' gain should not replace the regular 'starts with'/'greater than' filters.
CCK 6.2-rc10
============
CCK 6.x-2.0-rc10
================
- Get rid of helper function content_is_updated(), we can do it better using the content version variable.
- #318224 by brmassa, fix several errors in Content Copy.
......@@ -69,8 +72,8 @@ CCK 6.2-rc10
- #107407 by dopry, optimization patch, do nothing in hook_form_alter() and hook_nodeapi() if there are no fields.
- #317932 Fix userreference documentation typo.
CCK 6.2-rc9
===========
CCK 6.x-2.0-rc9
===============
- Change update instructions to recommend leaving CCK modules out of the modules folder until they're enabled.
- #317036 by hass, context-sensitive translation fixes.
......@@ -79,8 +82,8 @@ CCK 6.2-rc9
- #311146 by Brian294, dheffron, yched, and others, fix critical javascript problem in new Manage fields UI screen in some themes.
- #317032 by hass, code cleanup.
CCK 6.2-rc8
===========
CCK 6.x-2.0-rc8
===============
Be sure to visit update.php after uploading this release.
......@@ -124,8 +127,8 @@ Be sure to visit update.php after uploading this release.
- #310873 Upgrade path : abort updates if content.module and/or field modules are disabled, and fix existing sites possibly affected.
- #310219 Let modules expose additional display modes iunder the 'Display fields' tab : hook_content_build_modes().
CCK 6.2-rc7
===========
CCK 6.x-2.0-rc7
===============
Note:
- There has been a few files moved around since RC6, so be sure to *delete* the previous contents
......@@ -200,8 +203,8 @@ Other changes:
- Content copy: wrong page title after export code has been generated.
- Fieldgroup: fix broken node preview.
CCK 6.2.rc6
===========
CCK 6.x-2.0-rc6
===============
Hotfix release for:
- #295537 fix warnings in update 6004 when site has no actual cck fields.
......@@ -210,8 +213,8 @@ Those errors were harmless, no need to worry or run update.php again if you had
Minor fix:
- #265795 by smk-ka: formatter labels go through t() twice in Views exposed data.
CCK 6.2.rc5
===========
CCK 6.x-2.0-rc5
===============
Main bugs fixed :
- #281388 Optionwidgets: Unselect values doesn't take.
......@@ -254,8 +257,8 @@ Other changes :
- #75423 by mh89 - Text: 'size' setting for textfield widget.
CCK 6.2.rc4
===========
CCK 6.x-2.0-rc4
===============
This RC Mainly fixes a critical bug :
http://www.drupal.org/node/277968 - Saving 'Display Fields' wipes widget settings.
......@@ -286,19 +289,22 @@ http://www.drupal.org/node/277968 - Saving 'Display Fields' wipes widget setting
- #279190 content_crud_instance_update wiped existing widget settings in some cases.
Also added a tests for a few basic properties of the CRUD API.
CCK 6.2.rc3
===========
CCK 6.x-2.0-rc3
===============
- #278116 by Damien Tournoud: Make some strings easier to translate in views intergration forms.
- #278135 fix some translation quirks + fix french typography for ':' :-)
- Nodereference: 'Title mismatch. Please check your selection' error should break validation (+ fix typo).
- #277968 by jpetso: Fix fatal error when cck folder lives in the main /modules folder.
CCK 6.2.rc2
============
CCK 6.x-2.0-rc2
===============
- #276994 Follow up, remove conditional loading for content.views.inc, Views handles it.
CCK 6.2.rc1
============
CCK 6.x-2.0-rc1
===============
- #276994 Remove views_include_handlers() from content.views.inc, no longer needed.
- Change 'allow_empty' to 'allow empty' so that Views filters work correctly.
- #272871 Pass #node to formatters to be consistent with the values that were available in the D5 version.
......
......@@ -169,6 +169,7 @@ function content_views_field_views_data($field) {
$types = array();
foreach (content_types() as $type) {
if (isset($type['fields'][$field['field_name']])) {
// TODO : run check_plain here instead of on the imploded string below ?
$types[] = $type['name'];
}
}
......@@ -219,8 +220,8 @@ function content_views_field_views_data($field) {
$data[$columns[0]] = array(
'group' => t('Content'),
'title' => t($field['widget']['label']) . ' ('. $field['field_name'] .')',
'title_short' => t($field['widget']['label']),
'title' => t('@label - (!name)', array('@label' => t($field['widget']['label']), '!name' => $field['field_name'])),
'title_short' => check_plain(t($field['widget']['label'])),
'help' => t($field_types[$field['type']]['label']) .' - '. t('Appears in: @types', array('@types' => implode(', ', $types))),
'field' => array(
'field' => $columns[0],
......
......@@ -530,7 +530,7 @@ function content_copy_types() {
$types = array();
$content_info = _content_type_info();
foreach ($content_info['content types'] as $type_name => $val) {
$types[$type_name] = $val['name'] .' ('. $type_name .')';
$types[$type_name] = check_plain($val['name']) .' ('. $type_name .')';
}
return $types;
}
......
......@@ -75,7 +75,7 @@ function nodereference_field_settings($op, $field) {
'#title' => t('Content types that can be referenced'),
'#multiple' => TRUE,
'#default_value' => is_array($field['referenceable_types']) ? $field['referenceable_types'] : array(),
'#options' => node_get_types('names'),
'#options' => array_map('check_plain', node_get_types('names')),
);
if (module_exists('views')) {
$views = array('--' => '--');
......@@ -943,7 +943,6 @@ function theme_nodereference_buttons($element) {
return $element['#children'];
}
function theme_nodereference_autocomplete($element) {
return $element['#children'];
}
......@@ -175,7 +175,7 @@ function number_field_settings($op, $field) {
// Filter: Add a 'many to one' filter.
$copy = $data[$table_alias][$field['field_name'] .'_value'];
$copy['title'] = check_plain(t($field['widget']['label'])) .' ('. $field['field_name'] .') - '. t('Allowed values');
$copy['title'] = t('@label (!name) - Allowed values', array('@label' => t($field['widget']['label']), '!name' => $field['field_name']));
$copy['filter']['handler'] = 'content_handler_filter_many_to_one';
$copy['filter']['numeric'] = TRUE;
unset($copy['field'], $copy['argument'], $copy['sort']);
......
......@@ -128,7 +128,7 @@ function text_field_settings($op, $field) {
// Filter: Add a 'many to one' filter.
$copy = $data[$table_alias][$field['field_name'] .'_value'];
$copy['title'] = check_plain(t($field['widget']['label'])) .' ('. $field['field_name'] .') - '. t('Allowed values');
$copy['title'] = t('@label (!name) - Allowed values', array('@label' => t($field['widget']['label']), '!name' => $field['field_name']));
$copy['filter']['handler'] = 'content_handler_filter_many_to_one';
unset($copy['field'], $copy['argument'], $copy['sort']);
$data[$table_alias][$field['field_name'] .'_value_many_to_one'] = $copy;
......
......@@ -861,7 +861,7 @@ function userreference_user($type, &$edit, &$account) {
if (isset($values[$node_type])) {
$additions[] = array(
'#type' => 'user_profile_item',
'#title' => $node_types[$node_type]['name'],
'#title' => check_plain($node_types[$node_type]['name']),
'#value' => theme('item_list', $values[$node_type]),
);
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment