[Pkg-drupal-commits] r1898 - in /branches/drupal-5.0: ./ debian/ includes/ modules/aggregator/ modules/block/ modules/blog/ modules/blogapi/ modules/book/ modules/color/ modules/comment/ modules/contact/ modules/drupal/ modules/filter/ modules/forum/ modules/help/ modules/legacy/ modules/locale/ modules/menu/ modules/node/ modules/path/ modules/ping/ modules/poll/ modules/profile/ modules/search/ modules/statistics/ modules/system/ modules/taxonomy/ modules/throttle/ modules/tracker/ modules/upload/ modules/user/ modules/watchdog/ themes/engines/phptemplate/
luigi at users.alioth.debian.org
luigi at users.alioth.debian.org
Thu Jul 24 08:50:41 UTC 2008
Author: luigi
Date: Thu Jul 24 08:50:41 2008
New Revision: 1898
URL: http://svn.debian.org/wsvn/pkg-drupal/?sc=1&rev=1898
Log:
New Upstream Release
Modified:
branches/drupal-5.0/CHANGELOG.txt
branches/drupal-5.0/debian/changelog
branches/drupal-5.0/includes/database.mysqli.inc
branches/drupal-5.0/includes/database.pgsql.inc
branches/drupal-5.0/modules/aggregator/aggregator.info
branches/drupal-5.0/modules/block/block.info
branches/drupal-5.0/modules/block/block.module
branches/drupal-5.0/modules/blog/blog.info
branches/drupal-5.0/modules/blogapi/blogapi.info
branches/drupal-5.0/modules/book/book.info
branches/drupal-5.0/modules/color/color.info
branches/drupal-5.0/modules/comment/comment.info
branches/drupal-5.0/modules/contact/contact.info
branches/drupal-5.0/modules/drupal/drupal.info
branches/drupal-5.0/modules/filter/filter.info
branches/drupal-5.0/modules/forum/forum.info
branches/drupal-5.0/modules/help/help.info
branches/drupal-5.0/modules/legacy/legacy.info
branches/drupal-5.0/modules/locale/locale.info
branches/drupal-5.0/modules/menu/menu.info
branches/drupal-5.0/modules/node/node.info
branches/drupal-5.0/modules/node/node.module
branches/drupal-5.0/modules/path/path.info
branches/drupal-5.0/modules/ping/ping.info
branches/drupal-5.0/modules/poll/poll.info
branches/drupal-5.0/modules/profile/profile.info
branches/drupal-5.0/modules/search/search.info
branches/drupal-5.0/modules/statistics/statistics.info
branches/drupal-5.0/modules/system/system.info
branches/drupal-5.0/modules/system/system.module
branches/drupal-5.0/modules/taxonomy/taxonomy.info
branches/drupal-5.0/modules/throttle/throttle.info
branches/drupal-5.0/modules/tracker/tracker.info
branches/drupal-5.0/modules/upload/upload.info
branches/drupal-5.0/modules/user/user.info
branches/drupal-5.0/modules/user/user.module
branches/drupal-5.0/modules/watchdog/watchdog.info
branches/drupal-5.0/themes/engines/phptemplate/phptemplate.engine
Modified: branches/drupal-5.0/CHANGELOG.txt
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/CHANGELOG.txt?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/CHANGELOG.txt (original)
+++ branches/drupal-5.0/CHANGELOG.txt Thu Jul 24 08:50:41 2008
@@ -1,4 +1,9 @@
-// $Id: CHANGELOG.txt,v 1.173.2.21 2008/07/09 21:48:41 drumm Exp $
+// $Id: CHANGELOG.txt,v 1.173.2.23 2008/07/23 19:52:50 drumm Exp $
+
+Drupal 5.9, 2008-07-23
+----------------------
+- fixed a variety of small bugs.
+- fixed security issues, (Session fixation), see SA-2008-046
Drupal 5.8, 2008-07-09
----------------------
Modified: branches/drupal-5.0/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/debian/changelog?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/debian/changelog (original)
+++ branches/drupal-5.0/debian/changelog Thu Jul 24 08:50:41 2008
@@ -1,3 +1,13 @@
+drupal5 (5.9-1) UNRELEASED; urgency=low
+
+ * (NOT RELEASED YET)
+
+ * New upstream release
+ - Fixes Security Fixation vulnerability that was not completely addressed
+ in drupal 5.8 (Ref: SA-2008-046)
+
+ -- Luigi Gangitano <luigi at debian.org> Thu, 24 Jul 2008 10:47:27 +0200
+
drupal5 (5.8-1) unstable; urgency=high
[ Luigi Gangitano ]
Modified: branches/drupal-5.0/includes/database.mysqli.inc
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/includes/database.mysqli.inc?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/includes/database.mysqli.inc (original)
+++ branches/drupal-5.0/includes/database.mysqli.inc Thu Jul 24 08:50:41 2008
@@ -1,5 +1,5 @@
<?php
-// $Id: database.mysqli.inc,v 1.32.2.3 2008/06/23 04:43:57 drumm Exp $
+// $Id: database.mysqli.inc,v 1.32.2.4 2008/07/16 18:55:38 drumm Exp $
/**
* @file
@@ -202,18 +202,18 @@
}
/**
-* Return an individual result field from the previous query.
-*
-* Only use this function if exactly one field is being selected; otherwise,
-* use db_fetch_object() or db_fetch_array().
-*
-* @param $result
-* A database query result resource, as returned from db_query().
-* @param $row
-* The index of the row whose result is needed.
-* @return
-* The resulting field or FALSE.
-*/
+ * Return an individual result field from the previous query.
+ *
+ * Only use this function if exactly one field is being selected; otherwise,
+ * use db_fetch_object() or db_fetch_array().
+ *
+ * @param $result
+ * A database query result resource, as returned from db_query().
+ * @param $row
+ * The index of the row whose result is needed.
+ * @return
+ * The resulting field or FALSE.
+ */
function db_result($result, $row = 0) {
if ($result && mysqli_num_rows($result) > $row) {
$array = mysqli_fetch_array($result, MYSQLI_NUM);
Modified: branches/drupal-5.0/includes/database.pgsql.inc
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/includes/database.pgsql.inc?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/includes/database.pgsql.inc (original)
+++ branches/drupal-5.0/includes/database.pgsql.inc Thu Jul 24 08:50:41 2008
@@ -1,5 +1,5 @@
<?php
-// $Id: database.pgsql.inc,v 1.43.2.1 2007/10/19 21:49:26 drumm Exp $
+// $Id: database.pgsql.inc,v 1.43.2.2 2008/07/16 19:12:52 drumm Exp $
/**
* @file
@@ -418,10 +418,14 @@
* @return SQL query with the DISTINCT wrapper surrounding the given table.field.
*/
function db_distinct_field($table, $field, $query) {
- $field_to_select = 'DISTINCT ON ('. $table .'.'. $field .") $table.$field";
- // (?<!text) is a negative look-behind (no need to rewrite queries that already use DISTINCT).
- $query = preg_replace('/(SELECT.*)(?:'. $table .'\.|\s)(?<!DISTINCT\()(?<!DISTINCT\('. $table .'\.)'. $field .'(.*FROM )/AUsi', '\1 '. $field_to_select .'\2', $query);
- $query = preg_replace('/(ORDER BY )(?!'.$table.'\.'.$field.')/', '\1'."$table.$field, ", $query);
+ if (!preg_match('/FROM\s+\S+\s+AS/si', $query)
+ && !preg_match('/DISTINCT\s+ON\s*\(\s*(' . $table . '\s*\.\s*)?' . $field . '\s*\)/si', $query)
+ && !preg_match('/DISTINCT[ (]' . $field . '/si', $query)
+ && preg_match('/(.*FROM\s+)(.*?\s)(\s*(WHERE|GROUP|HAVING|ORDER|LIMIT|FOR).*)/Asi', $query, $m)) {
+ $query = $m[1];
+ $query .= preg_replace('/([\{\w+\}]+)\s+(' . $table . ')\s/Usi', '(SELECT DISTINCT ON (' . $field . ') * FROM \1) \2 ', $m[2]);
+ $query .= $m[3];
+ }
return $query;
}
Modified: branches/drupal-5.0/modules/aggregator/aggregator.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/aggregator/aggregator.info?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/modules/aggregator/aggregator.info (original)
+++ branches/drupal-5.0/modules/aggregator/aggregator.info Thu Jul 24 08:50:41 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-09
-version = "5.8"
+; Information added by drupal.org packaging script on 2008-07-23
+version = "5.9"
project = "drupal"
-datestamp = "1215640809"
+datestamp = "1216843213"
Modified: branches/drupal-5.0/modules/block/block.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/block/block.info?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/modules/block/block.info (original)
+++ branches/drupal-5.0/modules/block/block.info Thu Jul 24 08:50:41 2008
@@ -4,8 +4,8 @@
package = Core - required
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-09
-version = "5.8"
+; Information added by drupal.org packaging script on 2008-07-23
+version = "5.9"
project = "drupal"
-datestamp = "1215640809"
+datestamp = "1216843213"
Modified: branches/drupal-5.0/modules/block/block.module
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/block/block.module?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/modules/block/block.module (original)
+++ branches/drupal-5.0/modules/block/block.module Thu Jul 24 08:50:41 2008
@@ -1,5 +1,5 @@
<?php
-// $Id: block.module,v 1.246.2.9 2008/05/13 04:51:04 drumm Exp $
+// $Id: block.module,v 1.246.2.10 2008/07/16 19:09:39 drumm Exp $
/**
* @file
@@ -359,7 +359,7 @@
}
function block_box_get($bid) {
- return db_fetch_array(db_query("SELECT bx.*, bl.title FROM {boxes} bx INNER JOIN {blocks} bl ON bx.bid = bl.delta WHERE bl.module = 'block' AND bx.bid = %d", $bid));
+ return db_fetch_array(db_query("SELECT * FROM {boxes} WHERE bid = %d", $bid));
}
/**
@@ -524,7 +524,7 @@
*/
function block_box_delete($bid = 0) {
$box = block_box_get($bid);
- $form['info'] = array('#type' => 'hidden', '#value' => $box['info'] ? $box['info'] : $box['title']);
+ $form['info'] = array('#type' => 'hidden', '#value' => $box['info']);
$form['bid'] = array('#type' => 'hidden', '#value' => $bid);
return confirm_form($form, t('Are you sure you want to delete the block %name?', array('%name' => $box['info'])), 'admin/build/block', '', t('Delete'), t('Cancel'));
Modified: branches/drupal-5.0/modules/blog/blog.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/blog/blog.info?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/modules/blog/blog.info (original)
+++ branches/drupal-5.0/modules/blog/blog.info Thu Jul 24 08:50:41 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-09
-version = "5.8"
+; Information added by drupal.org packaging script on 2008-07-23
+version = "5.9"
project = "drupal"
-datestamp = "1215640809"
+datestamp = "1216843213"
Modified: branches/drupal-5.0/modules/blogapi/blogapi.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/blogapi/blogapi.info?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/modules/blogapi/blogapi.info (original)
+++ branches/drupal-5.0/modules/blogapi/blogapi.info Thu Jul 24 08:50:41 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-09
-version = "5.8"
+; Information added by drupal.org packaging script on 2008-07-23
+version = "5.9"
project = "drupal"
-datestamp = "1215640809"
+datestamp = "1216843213"
Modified: branches/drupal-5.0/modules/book/book.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/book/book.info?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/modules/book/book.info (original)
+++ branches/drupal-5.0/modules/book/book.info Thu Jul 24 08:50:41 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-09
-version = "5.8"
+; Information added by drupal.org packaging script on 2008-07-23
+version = "5.9"
project = "drupal"
-datestamp = "1215640809"
+datestamp = "1216843213"
Modified: branches/drupal-5.0/modules/color/color.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/color/color.info?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/modules/color/color.info (original)
+++ branches/drupal-5.0/modules/color/color.info Thu Jul 24 08:50:41 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-09
-version = "5.8"
+; Information added by drupal.org packaging script on 2008-07-23
+version = "5.9"
project = "drupal"
-datestamp = "1215640809"
+datestamp = "1216843213"
Modified: branches/drupal-5.0/modules/comment/comment.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/comment/comment.info?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/modules/comment/comment.info (original)
+++ branches/drupal-5.0/modules/comment/comment.info Thu Jul 24 08:50:41 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-09
-version = "5.8"
+; Information added by drupal.org packaging script on 2008-07-23
+version = "5.9"
project = "drupal"
-datestamp = "1215640809"
+datestamp = "1216843213"
Modified: branches/drupal-5.0/modules/contact/contact.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/contact/contact.info?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/modules/contact/contact.info (original)
+++ branches/drupal-5.0/modules/contact/contact.info Thu Jul 24 08:50:41 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-09
-version = "5.8"
+; Information added by drupal.org packaging script on 2008-07-23
+version = "5.9"
project = "drupal"
-datestamp = "1215640809"
+datestamp = "1216843213"
Modified: branches/drupal-5.0/modules/drupal/drupal.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/drupal/drupal.info?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/modules/drupal/drupal.info (original)
+++ branches/drupal-5.0/modules/drupal/drupal.info Thu Jul 24 08:50:41 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-09
-version = "5.8"
+; Information added by drupal.org packaging script on 2008-07-23
+version = "5.9"
project = "drupal"
-datestamp = "1215640809"
+datestamp = "1216843213"
Modified: branches/drupal-5.0/modules/filter/filter.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/filter/filter.info?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/modules/filter/filter.info (original)
+++ branches/drupal-5.0/modules/filter/filter.info Thu Jul 24 08:50:41 2008
@@ -4,8 +4,8 @@
package = Core - required
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-09
-version = "5.8"
+; Information added by drupal.org packaging script on 2008-07-23
+version = "5.9"
project = "drupal"
-datestamp = "1215640809"
+datestamp = "1216843213"
Modified: branches/drupal-5.0/modules/forum/forum.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/forum/forum.info?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/modules/forum/forum.info (original)
+++ branches/drupal-5.0/modules/forum/forum.info Thu Jul 24 08:50:41 2008
@@ -5,8 +5,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-09
-version = "5.8"
+; Information added by drupal.org packaging script on 2008-07-23
+version = "5.9"
project = "drupal"
-datestamp = "1215640809"
+datestamp = "1216843213"
Modified: branches/drupal-5.0/modules/help/help.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/help/help.info?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/modules/help/help.info (original)
+++ branches/drupal-5.0/modules/help/help.info Thu Jul 24 08:50:41 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-09
-version = "5.8"
+; Information added by drupal.org packaging script on 2008-07-23
+version = "5.9"
project = "drupal"
-datestamp = "1215640809"
+datestamp = "1216843213"
Modified: branches/drupal-5.0/modules/legacy/legacy.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/legacy/legacy.info?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/modules/legacy/legacy.info (original)
+++ branches/drupal-5.0/modules/legacy/legacy.info Thu Jul 24 08:50:41 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-09
-version = "5.8"
+; Information added by drupal.org packaging script on 2008-07-23
+version = "5.9"
project = "drupal"
-datestamp = "1215640809"
+datestamp = "1216843213"
Modified: branches/drupal-5.0/modules/locale/locale.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/locale/locale.info?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/modules/locale/locale.info (original)
+++ branches/drupal-5.0/modules/locale/locale.info Thu Jul 24 08:50:41 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-09
-version = "5.8"
+; Information added by drupal.org packaging script on 2008-07-23
+version = "5.9"
project = "drupal"
-datestamp = "1215640809"
+datestamp = "1216843213"
Modified: branches/drupal-5.0/modules/menu/menu.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/menu/menu.info?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/modules/menu/menu.info (original)
+++ branches/drupal-5.0/modules/menu/menu.info Thu Jul 24 08:50:41 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-09
-version = "5.8"
+; Information added by drupal.org packaging script on 2008-07-23
+version = "5.9"
project = "drupal"
-datestamp = "1215640809"
+datestamp = "1216843213"
Modified: branches/drupal-5.0/modules/node/node.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/node/node.info?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/modules/node/node.info (original)
+++ branches/drupal-5.0/modules/node/node.info Thu Jul 24 08:50:41 2008
@@ -4,8 +4,8 @@
package = Core - required
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-09
-version = "5.8"
+; Information added by drupal.org packaging script on 2008-07-23
+version = "5.9"
project = "drupal"
-datestamp = "1215640809"
+datestamp = "1216843213"
Modified: branches/drupal-5.0/modules/node/node.module
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/node/node.module?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/modules/node/node.module (original)
+++ branches/drupal-5.0/modules/node/node.module Thu Jul 24 08:50:41 2008
@@ -1,5 +1,5 @@
<?php
-// $Id: node.module,v 1.776.2.28 2008/06/07 00:52:54 drumm Exp $
+// $Id: node.module,v 1.776.2.30 2008/07/16 19:04:21 drumm Exp $
/**
* @file
@@ -960,12 +960,22 @@
$join2 .= ' LEFT JOIN {node_counter} nc ON nc.nid = i.sid';
$total += $weight;
}
- $select2 = (count($ranking) ? implode(' + ', $ranking) : 'i.relevance') .' AS score';
-
- // Do search
+
+ // When all search factors are disabled (ie they have a weight of zero),
+ // the default score is based only on keyword relevance and there is no need to
+ // adjust the score of each item.
+ if ($total == 0) {
+ $select2 = 'i.relevance AS score';
+ $total = 1;
+ }
+ else {
+ $select2 = implode(' + ', $ranking) . ' AS score';
+ }
+
+ // Do search.
$find = do_search($keys, 'node', 'INNER JOIN {node} n ON n.nid = i.sid '. $join1 .' INNER JOIN {users} u ON n.uid = u.uid', $conditions1 . (empty($where1) ? '' : ' AND '. $where1), $arguments1, $select2, $join2, $arguments2);
- // Load results
+ // Load results.
$results = array();
foreach ($find as $item) {
// Build the node body.
@@ -973,9 +983,9 @@
$node = node_build_content($node, FALSE, FALSE);
$node->body = drupal_render($node->content);
- // Fetch comments for snippet
+ // Fetch comments for snippet.
$node->body .= module_invoke('comment', 'nodeapi', $node, 'update index');
- // Fetch terms for snippet
+ // Fetch terms for snippet.
$node->body .= module_invoke('taxonomy', 'nodeapi', $node, 'update index');
$extra = node_invoke_nodeapi($node, 'search result');
@@ -1922,7 +1932,7 @@
// Allow modules to add additional item fields and/or modify $item
$extra = node_invoke_nodeapi($item, 'rss item');
- $extra = array_merge($extra, array(array('key' => 'pubDate', 'value' => format_date($item->created, 'custom', 'r')), array('key' => 'dc:creator', 'value' => $item->name), array('key' => 'guid', 'value' => $item->nid .' at '. $base_url, 'attributes' => array('isPermaLink' => 'false'))));
+ $extra = array_merge($extra, array(array('key' => 'pubDate', 'value' => gmdate('r', $item->created)), array('key' => 'dc:creator', 'value' => $item->name), array('key' => 'guid', 'value' => $item->nid .' at '. $base_url, 'attributes' => array('isPermaLink' => 'false'))));
foreach ($extra as $element) {
if ($element['namespace']) {
$namespaces = array_merge($namespaces, $element['namespace']);
Modified: branches/drupal-5.0/modules/path/path.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/path/path.info?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/modules/path/path.info (original)
+++ branches/drupal-5.0/modules/path/path.info Thu Jul 24 08:50:41 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-09
-version = "5.8"
+; Information added by drupal.org packaging script on 2008-07-23
+version = "5.9"
project = "drupal"
-datestamp = "1215640809"
+datestamp = "1216843213"
Modified: branches/drupal-5.0/modules/ping/ping.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/ping/ping.info?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/modules/ping/ping.info (original)
+++ branches/drupal-5.0/modules/ping/ping.info Thu Jul 24 08:50:41 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-09
-version = "5.8"
+; Information added by drupal.org packaging script on 2008-07-23
+version = "5.9"
project = "drupal"
-datestamp = "1215640809"
+datestamp = "1216843213"
Modified: branches/drupal-5.0/modules/poll/poll.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/poll/poll.info?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/modules/poll/poll.info (original)
+++ branches/drupal-5.0/modules/poll/poll.info Thu Jul 24 08:50:41 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-09
-version = "5.8"
+; Information added by drupal.org packaging script on 2008-07-23
+version = "5.9"
project = "drupal"
-datestamp = "1215640809"
+datestamp = "1216843213"
Modified: branches/drupal-5.0/modules/profile/profile.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/profile/profile.info?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/modules/profile/profile.info (original)
+++ branches/drupal-5.0/modules/profile/profile.info Thu Jul 24 08:50:41 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-09
-version = "5.8"
+; Information added by drupal.org packaging script on 2008-07-23
+version = "5.9"
project = "drupal"
-datestamp = "1215640809"
+datestamp = "1216843213"
Modified: branches/drupal-5.0/modules/search/search.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/search/search.info?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/modules/search/search.info (original)
+++ branches/drupal-5.0/modules/search/search.info Thu Jul 24 08:50:41 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-09
-version = "5.8"
+; Information added by drupal.org packaging script on 2008-07-23
+version = "5.9"
project = "drupal"
-datestamp = "1215640809"
+datestamp = "1216843213"
Modified: branches/drupal-5.0/modules/statistics/statistics.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/statistics/statistics.info?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/modules/statistics/statistics.info (original)
+++ branches/drupal-5.0/modules/statistics/statistics.info Thu Jul 24 08:50:41 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-09
-version = "5.8"
+; Information added by drupal.org packaging script on 2008-07-23
+version = "5.9"
project = "drupal"
-datestamp = "1215640809"
+datestamp = "1216843213"
Modified: branches/drupal-5.0/modules/system/system.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/system/system.info?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/modules/system/system.info (original)
+++ branches/drupal-5.0/modules/system/system.info Thu Jul 24 08:50:41 2008
@@ -4,8 +4,8 @@
package = Core - required
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-09
-version = "5.8"
+; Information added by drupal.org packaging script on 2008-07-23
+version = "5.9"
project = "drupal"
-datestamp = "1215640809"
+datestamp = "1216843213"
Modified: branches/drupal-5.0/modules/system/system.module
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/system/system.module?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/modules/system/system.module (original)
+++ branches/drupal-5.0/modules/system/system.module Thu Jul 24 08:50:41 2008
@@ -1,12 +1,12 @@
<?php
-// $Id: system.module,v 1.440.2.31 2008/07/09 21:48:42 drumm Exp $
+// $Id: system.module,v 1.440.2.33 2008/07/23 19:52:50 drumm Exp $
/**
* @file
* Configuration system that lets administrators modify the workings of the site.
*/
-define('VERSION', '5.8');
+define('VERSION', '5.9');
/**
* Implementation of hook_help().
Modified: branches/drupal-5.0/modules/taxonomy/taxonomy.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/taxonomy/taxonomy.info?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/modules/taxonomy/taxonomy.info (original)
+++ branches/drupal-5.0/modules/taxonomy/taxonomy.info Thu Jul 24 08:50:41 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-09
-version = "5.8"
+; Information added by drupal.org packaging script on 2008-07-23
+version = "5.9"
project = "drupal"
-datestamp = "1215640809"
+datestamp = "1216843213"
Modified: branches/drupal-5.0/modules/throttle/throttle.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/throttle/throttle.info?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/modules/throttle/throttle.info (original)
+++ branches/drupal-5.0/modules/throttle/throttle.info Thu Jul 24 08:50:41 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-09
-version = "5.8"
+; Information added by drupal.org packaging script on 2008-07-23
+version = "5.9"
project = "drupal"
-datestamp = "1215640809"
+datestamp = "1216843213"
Modified: branches/drupal-5.0/modules/tracker/tracker.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/tracker/tracker.info?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/modules/tracker/tracker.info (original)
+++ branches/drupal-5.0/modules/tracker/tracker.info Thu Jul 24 08:50:41 2008
@@ -5,8 +5,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-09
-version = "5.8"
+; Information added by drupal.org packaging script on 2008-07-23
+version = "5.9"
project = "drupal"
-datestamp = "1215640809"
+datestamp = "1216843213"
Modified: branches/drupal-5.0/modules/upload/upload.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/upload/upload.info?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/modules/upload/upload.info (original)
+++ branches/drupal-5.0/modules/upload/upload.info Thu Jul 24 08:50:41 2008
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-09
-version = "5.8"
+; Information added by drupal.org packaging script on 2008-07-23
+version = "5.9"
project = "drupal"
-datestamp = "1215640809"
+datestamp = "1216843213"
Modified: branches/drupal-5.0/modules/user/user.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/user/user.info?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/modules/user/user.info (original)
+++ branches/drupal-5.0/modules/user/user.info Thu Jul 24 08:50:41 2008
@@ -4,8 +4,8 @@
package = Core - required
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-09
-version = "5.8"
+; Information added by drupal.org packaging script on 2008-07-23
+version = "5.9"
project = "drupal"
-datestamp = "1215640809"
+datestamp = "1216843213"
Modified: branches/drupal-5.0/modules/user/user.module
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/user/user.module?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/modules/user/user.module (original)
+++ branches/drupal-5.0/modules/user/user.module Thu Jul 24 08:50:41 2008
@@ -1,5 +1,5 @@
<?php
-// $Id: user.module,v 1.745.2.30 2008/05/10 02:12:41 drumm Exp $
+// $Id: user.module,v 1.745.2.31 2008/07/16 19:46:02 drumm Exp $
/**
* @file
@@ -965,9 +965,11 @@
// Update the user table timestamp noting user has logged in.
db_query("UPDATE {users} SET login = %d WHERE uid = %d", time(), $user->uid);
+ // Regenerate the session ID to prevent against session fixation attacks.
+ sess_regenerate();
+
user_module_invoke('login', $form_values, $user);
- sess_regenerate();
return 'user/'. $user->uid;
}
}
Modified: branches/drupal-5.0/modules/watchdog/watchdog.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/watchdog/watchdog.info?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/modules/watchdog/watchdog.info (original)
+++ branches/drupal-5.0/modules/watchdog/watchdog.info Thu Jul 24 08:50:41 2008
@@ -4,8 +4,8 @@
package = Core - required
version = VERSION
-; Information added by drupal.org packaging script on 2008-07-09
-version = "5.8"
+; Information added by drupal.org packaging script on 2008-07-23
+version = "5.9"
project = "drupal"
-datestamp = "1215640809"
+datestamp = "1216843213"
Modified: branches/drupal-5.0/themes/engines/phptemplate/phptemplate.engine
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/themes/engines/phptemplate/phptemplate.engine?rev=1898&op=diff
==============================================================================
--- branches/drupal-5.0/themes/engines/phptemplate/phptemplate.engine (original)
+++ branches/drupal-5.0/themes/engines/phptemplate/phptemplate.engine Thu Jul 24 08:50:41 2008
@@ -1,5 +1,5 @@
<?php
-// $Id: phptemplate.engine,v 1.54.2.2 2007/05/31 06:21:32 drumm Exp $
+// $Id: phptemplate.engine,v 1.54.2.3 2008/07/16 18:37:18 drumm Exp $
/**
* @file
@@ -113,7 +113,9 @@
// This pre-loading is necessary because phptemplate uses variable names different from
// the region names, e.g., 'sidebar_left' instead of 'left'.
if (!in_array($region, array('left', 'right', 'footer'))) {
- isset($variables[$region]) ? $variables[$region] .= theme('blocks', $region) : $variables[$region] = theme('blocks', $region);
+ $normal_blocks = (isset($variables['regions'])) ? $variables['regions'][$region] : theme('blocks', $region);
+
+ isset($variables[$region]) ? $variables[$region] .= $normal_blocks : $variables[$region] = $normal_blocks;
}
}
}
@@ -148,6 +150,9 @@
* current path. If none are found, the default page.tpl.php is used.
*/
function phptemplate_page($content, $show_blocks = TRUE) {
+ global $theme;
+ $regions = array_keys(system_region_list($theme));
+ $variables = array('regions'=>array());
/* Set title and breadcrumb to declared values */
if (drupal_is_front_page()) {
@@ -166,20 +171,31 @@
/**
* Sidebar_indicator tells the block counting code to count sidebars separately.
*/
+
+ // Load blocks early for adding header info
+ foreach ($regions as $region) {
+ $variables['regions'][$region] = theme('blocks', $region);
+ }
+
$sidebar_indicator = 'left';
- $sidebar_left = theme('blocks', 'left');
+ $sidebar_left = $variables['regions']['left'];
if ($sidebar_left != '') {
$layout = 'left';
}
$sidebar_indicator = 'right';
- $sidebar_right = theme('blocks', 'right');
+ $sidebar_right = $variables['regions']['right'];
if ($sidebar_right != '') {
$layout = ($layout == 'left') ? 'both' : 'right';
}
$sidebar_indicator = NULL;
}
-
+ else {
+ // Add empty strings as default
+ foreach($regions as $region) {
+ $variables['regions'][$region] = '';
+ }
+ }
// Construct page title
if (drupal_get_title()) {
$head_title = array(strip_tags(drupal_get_title()), variable_get('site_name', 'Drupal'));
@@ -191,13 +207,13 @@
}
}
- $variables = array(
+ $variables = array_merge($variables, array(
'base_path' => base_path(),
'breadcrumb' => theme('breadcrumb', drupal_get_breadcrumb()),
'closure' => theme('closure'),
'content' => $content,
'feed_icons' => drupal_get_feeds(),
- 'footer_message' => filter_xss_admin(variable_get('site_footer', FALSE)) . "\n" . theme('blocks', 'footer'),
+ 'footer_message' => filter_xss_admin(variable_get('site_footer', FALSE)) . "\n" . $variables['regions']['footer'],
'head' => drupal_get_html_head(),
'head_title' => implode(' | ', $head_title),
'help' => theme('help'),
@@ -218,7 +234,7 @@
'scripts' => drupal_get_js(),
'tabs' => theme('menu_local_tasks'),
'title' => drupal_get_title()
- );
+ ));
if ((arg(0) == 'node') && is_numeric(arg(1))) {
$variables['node'] = node_load(arg(1));
More information about the Pkg-drupal-commits
mailing list