Commit 32390a19 authored by drumm's avatar drumm

Drupal 5.8.

parent 24a6f253
// $Id$
Drupal 5.8, xxxx-xx-xx
Drupal 5.8, 2008-07-09
----------------------
- fixed a variety of small bugs.
- fixed security issues, (Cross site scripting, cross site request forgery, and session fixation), see SA-2008-044
Drupal 5.7, 2008-01-28
----------------------
......
......@@ -545,16 +545,14 @@ function theme_links($links, $attributes = array('class' => 'links')) {
$i = 1;
foreach ($links as $key => $link) {
$class = '';
$class = $key;
// Automatically add a class to each link and also to each LI
if (isset($link['attributes']) && isset($link['attributes']['class'])) {
$link['attributes']['class'] .= ' ' . $key;
$class = $key;
}
else {
$link['attributes']['class'] = $key;
$class = $key;
}
// Add first and last classes to the list of links to help out themers.
......@@ -565,7 +563,7 @@ function theme_links($links, $attributes = array('class' => 'links')) {
if ($i == $num_links) {
$extra_class .= 'last ';
}
$output .= '<li class="'. $extra_class . $class .'">';
$output .= '<li '. drupal_attributes(array('class' => $extra_class . $class)) .'>';
// Is the title HTML?
$html = isset($link['html']) && $link['html'];
......
......@@ -153,6 +153,15 @@ function install_change_settings($profile = 'default', $install_locale = '') {
include_once './includes/form.inc';
drupal_maintenance_theme();
// Don't fill in placeholders
if ($db_url == 'mysql://username:password@localhost/databasename') {
$db_user = $db_pass = $db_path = '';
}
elseif (!empty($db_url)) {
// Do not install over a configured settings.php.
install_already_done_error();
}
// The existing database settings are not working, so we need write access
// to settings.php to change them.
if (!drupal_verify_install_file($settings_file, FILE_EXIST|FILE_READABLE|FILE_WRITABLE)) {
......@@ -163,14 +172,6 @@ function install_change_settings($profile = 'default', $install_locale = '') {
exit;
}
// Don't fill in placeholders
if ($db_url == 'mysql://username:password@localhost/databasename') {
$db_user = $db_pass = $db_path = '';
}
elseif (!empty($db_url)) {
// Do not install over a configured settings.php.
install_already_done_error();
}
$output = drupal_get_form('install_settings_form', $profile, $install_locale, $settings_file, $db_url, $db_type, $db_prefix, $db_user, $db_pass, $db_host, $db_port, $db_path);
drupal_set_title(st('Database configuration'));
print theme('install_page', $output);
......
......@@ -1244,7 +1244,7 @@ function _filter_autop($text) {
* for scripts and styles.
*/
function filter_xss_admin($string) {
return filter_xss($string, array('a', 'abbr', 'acronym', 'address', 'b', 'bdo', 'big', 'blockquote', 'br', 'caption', 'cite', 'code', 'col', 'colgroup', 'dd', 'del', 'dfn', 'div', 'dl', 'dt', 'em', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'hr', 'i', 'img', 'ins', 'kbd', 'li', 'object', 'ol', 'p', 'param', 'pre', 'q', 'samp', 'small', 'span', 'strong', 'sub', 'sup', 'table', 'tbody', 'td', 'tfoot', 'th', 'thead', 'tr', 'tt', 'ul', 'var'));
return filter_xss($string, array('a', 'abbr', 'acronym', 'address', 'b', 'bdo', 'big', 'blockquote', 'br', 'caption', 'cite', 'code', 'col', 'colgroup', 'dd', 'del', 'dfn', 'div', 'dl', 'dt', 'em', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'hr', 'i', 'img', 'ins', 'kbd', 'li', 'ol', 'p', 'param', 'pre', 'q', 'samp', 'small', 'span', 'strong', 'sub', 'sup', 'table', 'tbody', 'td', 'tfoot', 'th', 'thead', 'tr', 'tt', 'ul', 'var'));
}
/**
......
......@@ -111,7 +111,7 @@ function locale_menu($may_cache) {
'type' => MENU_CALLBACK);
$items[] = array('path' => 'admin/settings/locale/string/delete/'. arg(5),
'title' => t('Delete string'),
'callback' => 'locale_admin_string_delete',
'callback' => 'locale_admin_string_delete_page',
'callback arguments' => array(arg(5)),
'access' => $access,
'type' => MENU_CALLBACK);
......@@ -407,9 +407,29 @@ function locale_admin_string_edit_submit($form_id, $form_values) {
}
/**
* Delete a string.
* String deletion confirmation page.
*/
function locale_admin_string_delete($lid) {
function locale_admin_string_delete_page($lid) {
if ($source = db_fetch_object(db_query('SELECT * FROM {locales_source} WHERE lid = %d', $lid))) {
return drupal_get_form('locale_string_delete_form', $source);
}
else {
return drupal_not_found();
}
}
/**
* User interface for the string deletion confirmation screen.
*/
function locale_string_delete_form($source) {
$form['lid'] = array('#type' => 'value', '#value' => $source->lid);
return confirm_form($form, t('Are you sure you want to delete the string "%source"?', array('%source' => $source->source)), 'admin/build/translate/search', t('Deleting the string will remove all translations of this string in all languages. This action cannot be undone.'), t('Delete'), t('Cancel'));
}
/**
* Process string deletion submissions.
*/
function locale_string_delete_form_submit($form_id, $form_values) {
include_once './includes/locale.inc';
_locale_string_delete($lid);
_locale_string_delete($form_values['lid']);
}
......@@ -6,7 +6,7 @@
* Configuration system that lets administrators modify the workings of the site.
*/
define('VERSION', '5.8-dev');
define('VERSION', '5.8');
/**
* Implementation of hook_help().
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment