Commit 46dc6485 authored by drumm's avatar drumm

Drupal 5.19

parent f2760768
// $Id$
Drupal 5.19, 2009-07-01
-----------------------
- Fixed security issues (Cross site scripting and Password leakage in URL), see
SA-CORE-2009-007.
- Fixed a variety of small bugs.
Drupal 5.18, 2009-05-13
-----------------------
- Fixed security issues (Cross site scripting), see SA-CORE-2009-006.
......
......@@ -85,7 +85,7 @@ function pager_query($query, $limit = 10, $element = 0, $count_query = NULL) {
function pager_get_querystring() {
static $string = NULL;
if (!isset($string)) {
$string = drupal_query_string_encode($_REQUEST, array_merge(array('q', 'page'), array_keys($_COOKIE)));
$string = drupal_query_string_encode($_REQUEST, array_merge(array('q', 'page', 'pass'), array_keys($_COOKIE)));
}
return $string;
}
......
......@@ -131,7 +131,7 @@ function tablesort_cell($cell, $header, $ts, $i) {
* except for those pertaining to table sorting.
*/
function tablesort_get_querystring() {
return drupal_query_string_encode($_REQUEST, array_merge(array('q', 'sort', 'order'), array_keys($_COOKIE)));
return drupal_query_string_encode($_REQUEST, array_merge(array('q', 'sort', 'order', 'pass'), array_keys($_COOKIE)));
}
/**
......
......@@ -833,6 +833,11 @@ function _forum_new($tid) {
* Menu callback; prints a forum listing.
*/
function forum_page($tid = 0) {
if (!is_numeric($tid)) {
return MENU_NOT_FOUND;
}
$tid = (int)$tid;
drupal_add_css(drupal_get_path('module', 'forum') .'/forum.css');
$forum_per_page = variable_get('forum_per_page', 25);
$sortby = variable_get('forum_order', 1);
......
......@@ -6,7 +6,7 @@
* Configuration system that lets administrators modify the workings of the site.
*/
define('VERSION', '5.18');
define('VERSION', '5.19');
/**
* Implementation of hook_help().
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment