Commit e9347cca authored by drumm's avatar drumm

Drupal 5.13

parent 7ce6206e
// $Id$
Drupal 5.13-dev, xxxx-xx-xx (development version)
Drupal 5.13, 2008-12-10
-----------------------
- fixed a variety of small bugs.
- fixed security issues, (Cross site request forgery and Cross site scripting), see SA-2008-073
- updated robots.txt and .htaccess to match current file use.
Drupal 5.12, 2008-10-22
-----------------------
......
......@@ -709,13 +709,20 @@ function filter_list_format($format) {
static $filters = array();
if (!isset($filters[$format])) {
$filters[$format] = array();
$result = db_query("SELECT * FROM {filters} WHERE format = %d ORDER BY weight ASC", $format);
while ($filter = db_fetch_object($result)) {
$list = module_invoke($filter->module, 'filter', 'list');
if (isset($list) && is_array($list) && isset($list[$filter->delta])) {
$filter->name = $list[$filter->delta];
$filters[$format][$filter->module .'/'. $filter->delta] = $filter;
if (db_num_rows($result) == 0 && !db_result(db_query("SELECT 1 FROM {filter_formats} WHERE format = %d", $format))) {
// The format has no filters and does not exist, use the default input
// format.
$filters[$format] = filter_list_format(variable_get('filter_default_format', 1));
}
else {
$filters[$format] = array();
while ($filter = db_fetch_object($result)) {
$list = module_invoke($filter->module, 'filter', 'list');
if (isset($list) && is_array($list) && isset($list[$filter->delta])) {
$filter->name = $list[$filter->delta];
$filters[$format][$filter->module .'/'. $filter->delta] = $filter;
}
}
}
}
......
......@@ -6,7 +6,7 @@
* Configuration system that lets administrators modify the workings of the site.
*/
define('VERSION', '5.13-dev');
define('VERSION', '5.13');
/**
* Implementation of hook_help().
......
......@@ -562,10 +562,11 @@ function update_finished_page($success) {
function update_info_page() {
drupal_set_title('Drupal database update');
$link = 'update.php?op=selection&token='. drupal_get_token('update');
$output = "<ol>\n";
$output .= "<li>Use this script to <strong>upgrade an existing Drupal installation</strong>. You don't need this script when installing Drupal from scratch.</li>";
$output .= "<li>Before doing anything, backup your database. This process will change your database and its values, and some things might get lost.</li>\n";
$output .= "<li>Update your Drupal sources, check the notes below and <a href=\"update.php?op=selection\">run the database upgrade script</a>. Don't upgrade your database twice as it may cause problems.</li>\n";
$output .= "<li>Update your Drupal sources, check the notes below and <a href=\"$link\">run the database upgrade script</a>. Don't upgrade your database twice as it may cause problems.</li>\n";
$output .= "<li>Go through the various administration pages to change the existing and new settings to your liking.</li>\n";
$output .= "</ol>";
$output .= '<p>For more help, see the <a href="http://drupal.org/node/258">Installation and upgrading handbook</a>. If you are unsure what these terms mean you should probably contact your hosting provider.</p>';
......@@ -793,10 +794,6 @@ function update_create_cache_tables() {
$op = isset($_REQUEST['op']) ? $_REQUEST['op'] : '';
switch ($op) {
case 'Update':
$output = update_update_page();
break;
case 'finished':
$output = update_finished_page(TRUE);
break;
......@@ -813,10 +810,18 @@ function update_create_cache_tables() {
$output = update_progress_page_nojs();
break;
case 'Update':
if ($_GET['token'] == drupal_get_token('update')) {
$output = update_update_page();
break;
}
// If the token did not match we just display the default page.
case 'selection':
$output = update_selection_page();
break;
if ($_GET['token'] == drupal_get_token('update')) {
$output = update_selection_page();
break;
}
// If the token did not match we just display the default page.
default:
$output = update_info_page();
break;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment