Commit ead5598c authored by Gábor Hojtsy's avatar Gábor Hojtsy

Drupal 6.7

parent dfc80fe0
// $Id$
Drupal 6.7-dev, xxxx-xx-xx (development release)
Drupal 6.7, 2008-12-10
----------------------
- Fixed security issues, (Cross site request forgery and Cross site scripting), see SA-2008-073
- Updated robots.txt and .htaccess to match current file use.
- Fixed a variety of small bugs.
Drupal 6.6, 2008-10-22
----------------------
......@@ -147,6 +150,12 @@ Drupal 6.0, 2008-02-13
- Removed old system updates. Updates from Drupal versions prior to 5.x will
require upgrading to 5.x before upgrading to 6.x.
Drupal 5.13, 2008-12-10
-----------------------
- fixed a variety of small bugs.
- fixed security issues, (Cross site request forgery and Cross site scripting), see SA-2008-073
- updated robots.txt and .htaccess to match current file use.
Drupal 5.12, 2008-10-22
-----------------------
- fixed security issues, (File inclusion), see SA-2008-067
......
......@@ -586,7 +586,7 @@ function drupal_error_handler($errno, $message, $filename, $line, $context) {
return;
}
if ($errno & (E_ALL)) {
if ($errno & (E_ALL ^ E_NOTICE)) {
$types = array(1 => 'error', 2 => 'warning', 4 => 'parse error', 8 => 'notice', 16 => 'core error', 32 => 'core warning', 64 => 'compile error', 128 => 'compile warning', 256 => 'user error', 512 => 'user warning', 1024 => 'user notice', 2048 => 'strict warning', 4096 => 'recoverable fatal error');
// For database errors, we want the line number/file name of the place that
......
......@@ -375,13 +375,20 @@ function filter_list_format($format) {
static $filters = array();
if (!isset($filters[$format])) {
$filters[$format] = array();
$result = db_query("SELECT * FROM {filters} WHERE format = %d ORDER BY weight, module, delta", $format);
while ($filter = db_fetch_object($result)) {
$list = module_invoke($filter->module, 'filter', 'list');
if (isset($list) && is_array($list) && isset($list[$filter->delta])) {
$filter->name = $list[$filter->delta];
$filters[$format][$filter->module .'/'. $filter->delta] = $filter;
if (db_affected_rows($result) == 0 && !db_result(db_query("SELECT 1 FROM {filter_formats} WHERE format = %d", $format))) {
// The format has no filters and does not exist, use the default input
// format.
$filters[$format] = filter_list_format(variable_get('filter_default_format', 1));
}
else {
$filters[$format] = array();
while ($filter = db_fetch_object($result)) {
$list = module_invoke($filter->module, 'filter', 'list');
if (isset($list) && is_array($list) && isset($list[$filter->delta])) {
$filter->name = $list[$filter->delta];
$filters[$format][$filter->module .'/'. $filter->delta] = $filter;
}
}
}
}
......
......@@ -9,7 +9,7 @@
/**
* The current system version.
*/
define('VERSION', '6.7-dev');
define('VERSION', '6.7');
/**
* Core API compatibility.
......
......@@ -369,6 +369,7 @@ function update_info_page() {
update_task_list('info');
drupal_set_title('Drupal database update');
$token = drupal_get_token('update');
$output = '<p>Use this utility to update your database whenever a new release of Drupal or a module is installed.</p><p>For more detailed information, see the <a href="http://drupal.org/node/258">Installation and upgrading handbook</a>. If you are unsure what these terms mean you should probably contact your hosting provider.</p>';
$output .= "<ol>\n";
$output .= "<li><strong>Back up your database</strong>. This process will change your database values and in case of emergency you may need to revert to a backup.</li>\n";
......@@ -377,7 +378,7 @@ function update_info_page() {
$output .= "<li>Install your new files in the appropriate location, as described in the handbook.</li>\n";
$output .= "</ol>\n";
$output .= "<p>When you have performed the steps above, you may proceed.</p>\n";
$output .= '<form method="post" action="update.php?op=selection"><input type="submit" value="Continue" /></form>';
$output .= '<form method="post" action="update.php?op=selection&token='. $token .'"><input type="submit" value="Continue" /></form>';
$output .= "\n";
return $output;
}
......@@ -627,17 +628,21 @@ function update_check_requirements() {
$op = isset($_REQUEST['op']) ? $_REQUEST['op'] : '';
switch ($op) {
// update.php ops
case 'info':
$output = update_info_page();
break;
case 'selection':
$output = update_selection_page();
break;
if (isset($_GET['token']) && $_GET['token'] == drupal_get_token('update')) {
$output = update_selection_page();
break;
}
case 'Update':
update_batch();
if (isset($_GET['token']) && $_GET['token'] == drupal_get_token('update')) {
update_batch();
break;
}
// update.php ops
case 'info':
$output = update_info_page();
break;
case 'results':
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment