Commit 49e2d2ca authored by webchick's avatar webchick

Drupal 7.2

parents 2ce86d77 316bd96e
Drupal 7.1-dev, xxxx-xx-xx (development version)
Drupal 7.2, 2011-05-25
----------------------
- Added a default .gitignore file.
- Improved PostgreSQL and SQLite support.
- Numerous critical performance improvements.
- Numerous critical fixes to the upgrade path.
- Numerous fixes to language and translation systems.
- Numerous fixes to AJAX and #states systems.
- Improvements to the locking system.
- Numerous documentation fixes.
- Numerous styling and theme system fixes.
- Numerous fixes for schema mis-matches between Drupal 6 and 7.
- Minor internal API clean-ups.
Drupal 7.1, 2011-05-25
----------------------
- Fixed security issues (Cross site scripting, File access bypass), see SA-CORE-2011-001.
Drupal 7.0, 2011-01-05
----------------------
......@@ -221,6 +236,17 @@ Drupal 7.0, 2011-01-05
* Added a locking framework to coordinate long-running operations across
requests.
Drupal 6.22, 2011-05-25
-----------------------
- Made Drupal 6 work better with IIS and Internet Explorer.
- Fixed .po file imports to work better with custom textgroups.
- Improved code documentation at various places.
- Fixed a variety of other bugs.
Drupal 6.21, 2011-05-25
----------------------
- Fixed security issues (Cross site scripting), see SA-CORE-2011-001.
Drupal 6.20, 2010-12-15
----------------------
- Fixed a variety of small bugs, improved code documentation.
......
......@@ -8,7 +8,7 @@
/**
* The current system version.
*/
define('VERSION', '7.0-dev');
define('VERSION', '7.2');
/**
* Core API compatibility.
......
......@@ -40,3 +40,18 @@ function color_requirements($phase) {
return $requirements;
}
/**
* Warn site administrator if unsafe CSS color codes are found in the database.
*/
function color_update_7001() {
$theme_palettes = db_query("SELECT name FROM {variable} WHERE name LIKE 'color_%_palette'")->fetchCol();
foreach ($theme_palettes as $name) {
$palette = variable_get($name, array());
foreach ($palette as $key => $color) {
if (!preg_match('/^#([a-f0-9]{3}){1,2}$/iD', $color)) {
drupal_set_message('Some of the custom CSS color codes specified via the color module are invalid. Please examine the themes which are making use of the color module at the <a href="'. url('admin/appearance/settings') .'">Appearance settings</a> page to verify their CSS color values.', 'warning');
}
}
}
}
......@@ -42,6 +42,7 @@ function color_form_system_theme_settings_alter(&$form, &$form_state) {
'#theme' => 'color_scheme_form',
);
$form['color'] += color_scheme_form($form, $form_state, $theme);
$form['#validate'][] = 'color_scheme_form_validate';
$form['#submit'][] = 'color_scheme_form_submit';
}
}
......@@ -270,6 +271,18 @@ function theme_color_scheme_form($variables) {
return $output;
}
/**
* Validation handler for color change form.
*/
function color_scheme_form_validate($form, &$form_state) {
// Only accept hexadecimal CSS color strings to avoid XSS upon use.
foreach ($form_state['values']['palette'] as $key => $color) {
if (!preg_match('/^#([a-f0-9]{3}){1,2}$/iD', $color)) {
form_set_error('palette][' . $key, t('%name must be a valid hexadecimal CSS color value.', array('%name' => $form['color']['palette'][$key]['#title'])));
}
}
}
/**
* Submit handler for color change form.
*/
......
......@@ -976,7 +976,7 @@ function file_get_file_references($file, $field = NULL, $age = FIELD_LOAD_REVISI
}
}
return isset($field) ? $references[$field['field_name']] : $references;
return isset($field) ? $references[$field['field_name']] : array_filter($references);
}
/**
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment