[Pkg-drupal-commits] r2025 - in /branches/drupal-5.0: ./ debian/ includes/ misc/ modules/aggregator/ modules/block/ modules/blog/ modules/blogapi/ modules/book/ modules/color/ modules/comment/ modules/contact/ modules/drupal/ modules/filter/ modules/forum/ modules/help/ modules/legacy/ modules/locale/ modules/menu/ modules/node/ modules/path/ modules/ping/ modules/poll/ modules/profile/ modules/search/ modules/statistics/ modules/system/ modules/taxonomy/ modules/throttle/ modules/tracker/ modules/upload/ modules/user/ modules/watchdog/ themes/bluemarine/ themes/chameleon/ themes/engines/phptemplate/ themes/garland/ themes/pushbutton/
luigi at users.alioth.debian.org
luigi at users.alioth.debian.org
Mon May 4 17:54:05 UTC 2009
Author: luigi
Date: Mon May 4 17:54:04 2009
New Revision: 2025
URL: http://svn.debian.org/wsvn/pkg-drupal/?sc=1&rev=2025
Log:
New upstream release - Fixes XSS vulnerability (Ref: SA-CORE-2009-005, CVE-TBD)
Modified:
branches/drupal-5.0/.htaccess
branches/drupal-5.0/CHANGELOG.txt
branches/drupal-5.0/debian/changelog
branches/drupal-5.0/includes/bootstrap.inc
branches/drupal-5.0/includes/common.inc
branches/drupal-5.0/includes/form.inc
branches/drupal-5.0/includes/theme.inc
branches/drupal-5.0/misc/drupal.js
branches/drupal-5.0/modules/aggregator/aggregator.info
branches/drupal-5.0/modules/block/block.info
branches/drupal-5.0/modules/blog/blog.info
branches/drupal-5.0/modules/blogapi/blogapi.info
branches/drupal-5.0/modules/book/book.info
branches/drupal-5.0/modules/color/color.info
branches/drupal-5.0/modules/comment/comment.info
branches/drupal-5.0/modules/comment/comment.module
branches/drupal-5.0/modules/contact/contact.info
branches/drupal-5.0/modules/drupal/drupal.info
branches/drupal-5.0/modules/filter/filter.info
branches/drupal-5.0/modules/forum/forum.info
branches/drupal-5.0/modules/forum/forum.module
branches/drupal-5.0/modules/help/help.info
branches/drupal-5.0/modules/legacy/legacy.info
branches/drupal-5.0/modules/locale/locale.info
branches/drupal-5.0/modules/menu/menu.info
branches/drupal-5.0/modules/menu/menu.module
branches/drupal-5.0/modules/node/node.info
branches/drupal-5.0/modules/path/path.info
branches/drupal-5.0/modules/ping/ping.info
branches/drupal-5.0/modules/poll/poll.info
branches/drupal-5.0/modules/profile/profile.info
branches/drupal-5.0/modules/search/search.info
branches/drupal-5.0/modules/statistics/statistics.info
branches/drupal-5.0/modules/system/system.info
branches/drupal-5.0/modules/system/system.install
branches/drupal-5.0/modules/system/system.module
branches/drupal-5.0/modules/taxonomy/taxonomy.info
branches/drupal-5.0/modules/throttle/throttle.info
branches/drupal-5.0/modules/tracker/tracker.info
branches/drupal-5.0/modules/upload/upload.info
branches/drupal-5.0/modules/user/user.info
branches/drupal-5.0/modules/watchdog/watchdog.info
branches/drupal-5.0/themes/bluemarine/page.tpl.php
branches/drupal-5.0/themes/chameleon/chameleon.theme
branches/drupal-5.0/themes/engines/phptemplate/phptemplate.engine
branches/drupal-5.0/themes/garland/page.tpl.php
branches/drupal-5.0/themes/pushbutton/page.tpl.php
Modified: branches/drupal-5.0/.htaccess
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/.htaccess?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/.htaccess (original)
+++ branches/drupal-5.0/.htaccess Mon May 4 17:54:04 2009
@@ -13,8 +13,13 @@
# Follow symbolic links in this directory.
Options +FollowSymLinks
-# Customized error messages.
+# Make Drupal handle any 404 errors.
ErrorDocument 404 /index.php
+
+# Force simple error message for requests for non-existent favicon.ico.
+<Files favicon.ico>
+ ErrorDocument 404 "The requested file favicon.ico was not found.
+</Files>
# Set the default handler.
DirectoryIndex index.php
@@ -104,10 +109,11 @@
#RewriteCond %{QUERY_STRING} ^mod=([^&]+)$
#RewriteRule module.php index.php?q=%1 [L]
- # Rewrite current-style URLs of the form 'index.php?q=x'.
+ # Rewrite current-style URLs of the form 'x' to the form 'index.php?q=x'.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
+ RewriteCond %{REQUEST_URI} !=/favicon.ico
RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]
</IfModule>
-# $Id: .htaccess,v 1.81.2.5 2008/12/10 20:12:26 drumm Exp $
+# $Id: .htaccess,v 1.81.2.6 2009/02/26 07:03:29 drumm Exp $
Modified: branches/drupal-5.0/CHANGELOG.txt
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/CHANGELOG.txt?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/CHANGELOG.txt (original)
+++ branches/drupal-5.0/CHANGELOG.txt Mon May 4 17:54:04 2009
@@ -1,4 +1,10 @@
-// $Id: CHANGELOG.txt,v 1.173.2.37 2009/02/25 23:14:05 drumm Exp $
+// $Id: CHANGELOG.txt,v 1.173.2.39 2009/04/30 00:13:48 drumm Exp $
+
+Drupal 5.17, 2009-04-29
+-----------------------
+- Fixed security issues (Cross site scripting and limited information
+ disclosure) see SA-CORE-2009-005.
+- Fixed a variety of small bugs.
Drupal 5.16, 2009-02-25
-----------------------
Modified: branches/drupal-5.0/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/debian/changelog?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/debian/changelog (original)
+++ branches/drupal-5.0/debian/changelog Mon May 4 17:54:04 2009
@@ -1,3 +1,12 @@
+drupal5 (5.17-1) UNRELEASED; urgency=low
+
+ * (NOT RELEASED YET)
+
+ * New upstream release
+ - Fixes XSS vulnerability (Ref: SA-CORE-2009-005, CVE-TBD)
+
+ -- Luigi Gangitano <luigi at debian.org> Mon, 04 May 2009 15:03:32 +0200
+
drupal5 (5.16-1) unstable; urgency=low
[ Luigi Gangitano ]
Modified: branches/drupal-5.0/includes/bootstrap.inc
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/includes/bootstrap.inc?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/includes/bootstrap.inc (original)
+++ branches/drupal-5.0/includes/bootstrap.inc Mon May 4 17:54:04 2009
@@ -1,5 +1,5 @@
<?php
-// $Id: bootstrap.inc,v 1.145.2.13 2009/01/14 19:12:27 drumm Exp $
+// $Id: bootstrap.inc,v 1.145.2.14 2009/04/30 00:13:48 drumm Exp $
/**
* @file
@@ -725,6 +725,8 @@
$uri = $_SERVER['SCRIPT_NAME'] .'?'. $_SERVER['QUERY_STRING'];
}
}
+ // Prevent multiple slashes to avoid cross site requests via the FAPI.
+ $uri = '/'. ltrim($uri, '/');
return $uri;
}
Modified: branches/drupal-5.0/includes/common.inc
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/includes/common.inc?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/includes/common.inc (original)
+++ branches/drupal-5.0/includes/common.inc Mon May 4 17:54:04 2009
@@ -1,5 +1,5 @@
<?php
-// $Id: common.inc,v 1.611.2.22 2009/01/16 19:26:09 drumm Exp $
+// $Id: common.inc,v 1.611.2.23 2009/04/30 00:13:48 drumm Exp $
/**
* @file
@@ -149,6 +149,15 @@
*/
function drupal_get_headers() {
return drupal_set_header();
+}
+
+/**
+ * Make any final alterations to the rendered xhtml.
+ */
+function drupal_final_markup($content) {
+ // Make sure that the charset is always specified as the first element of the
+ // head region to prevent encoding-based attacks.
+ return preg_replace('/<head[^>]*>/i', "\$0\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />", $content, 1);
}
/**
Modified: branches/drupal-5.0/includes/form.inc
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/includes/form.inc?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/includes/form.inc (original)
+++ branches/drupal-5.0/includes/form.inc Mon May 4 17:54:04 2009
@@ -1,5 +1,5 @@
<?php
-// $Id: form.inc,v 1.174.2.16 2008/12/21 02:38:53 drumm Exp $
+// $Id: form.inc,v 1.174.2.17 2009/02/26 05:50:33 drumm Exp $
/**
* @defgroup form Form generation
@@ -1265,7 +1265,19 @@
if (count($element['#options']) > 0) {
foreach ($element['#options'] as $key => $choice) {
if (!isset($element[$key])) {
- $element[$key] = array('#type' => 'radio', '#title' => $choice, '#return_value' => check_plain($key), '#default_value' => $element['#default_value'], '#attributes' => $element['#attributes'], '#parents' => $element['#parents'], '#spawned' => TRUE);
+ // Generate the parents as the autogenerator does, so we will have a
+ // unique id for each radio button.
+ $parents_for_id = array_merge($element['#parents'], array($key));
+ $element[$key] = array(
+ '#type' => 'radio',
+ '#title' => $choice,
+ '#return_value' => check_plain($key),
+ '#default_value' => $element['#default_value'],
+ '#attributes' => $element['#attributes'],
+ '#id' => form_clean_id('edit-'. implode('-', $parents_for_id)),
+ '#parents' => $element['#parents'],
+ '#spawned' => TRUE
+ );
}
}
}
Modified: branches/drupal-5.0/includes/theme.inc
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/includes/theme.inc?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/includes/theme.inc (original)
+++ branches/drupal-5.0/includes/theme.inc Mon May 4 17:54:04 2009
@@ -1,5 +1,5 @@
<?php
-// $Id: theme.inc,v 1.337.2.7 2008/12/05 22:32:50 dries Exp $
+// $Id: theme.inc,v 1.337.2.8 2009/04/30 00:13:48 drumm Exp $
/**
* @file
@@ -168,7 +168,12 @@
$functions[$function] = theme_get_function($function);
}
if ($functions[$function]) {
- return call_user_func_array($functions[$function], $args);
+ $output = call_user_func_array($functions[$function], $args);
+ // Add final markup to the full page.
+ if ($function == 'page') {
+ $output = drupal_final_markup($output);
+ }
+ return $output;
}
}
Modified: branches/drupal-5.0/misc/drupal.js
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/misc/drupal.js?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/misc/drupal.js (original)
+++ branches/drupal-5.0/misc/drupal.js Mon May 4 17:54:04 2009
@@ -1,4 +1,4 @@
-// $Id: drupal.js,v 1.29.2.2 2008/08/13 18:12:23 drumm Exp $
+// $Id: drupal.js,v 1.29.2.3 2009/02/26 06:46:48 drumm Exp $
var Drupal = Drupal || {};
@@ -12,8 +12,8 @@
*/
Drupal.extend = function(obj) {
for (var i in obj) {
- if (this[i]) {
- Drupal.extend.apply(this[i], [obj[i]]);
+ if (this[i] && (typeof(this[i]) == 'function' || typeof(this[i]) == 'object')) {
+ Drupal.extend.apply(this[i], [obj[i]]);
}
else {
this[i] = obj[i];
Modified: branches/drupal-5.0/modules/aggregator/aggregator.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/aggregator/aggregator.info?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/modules/aggregator/aggregator.info (original)
+++ branches/drupal-5.0/modules/aggregator/aggregator.info Mon May 4 17:54:04 2009
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2009-02-25
-version = "5.16"
+; Information added by drupal.org packaging script on 2009-04-30
+version = "5.17"
project = "drupal"
-datestamp = "1235604023"
+datestamp = "1241050830"
Modified: branches/drupal-5.0/modules/block/block.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/block/block.info?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/modules/block/block.info (original)
+++ branches/drupal-5.0/modules/block/block.info Mon May 4 17:54:04 2009
@@ -4,8 +4,8 @@
package = Core - required
version = VERSION
-; Information added by drupal.org packaging script on 2009-02-25
-version = "5.16"
+; Information added by drupal.org packaging script on 2009-04-30
+version = "5.17"
project = "drupal"
-datestamp = "1235604023"
+datestamp = "1241050830"
Modified: branches/drupal-5.0/modules/blog/blog.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/blog/blog.info?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/modules/blog/blog.info (original)
+++ branches/drupal-5.0/modules/blog/blog.info Mon May 4 17:54:04 2009
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2009-02-25
-version = "5.16"
+; Information added by drupal.org packaging script on 2009-04-30
+version = "5.17"
project = "drupal"
-datestamp = "1235604023"
+datestamp = "1241050830"
Modified: branches/drupal-5.0/modules/blogapi/blogapi.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/blogapi/blogapi.info?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/modules/blogapi/blogapi.info (original)
+++ branches/drupal-5.0/modules/blogapi/blogapi.info Mon May 4 17:54:04 2009
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2009-02-25
-version = "5.16"
+; Information added by drupal.org packaging script on 2009-04-30
+version = "5.17"
project = "drupal"
-datestamp = "1235604023"
+datestamp = "1241050830"
Modified: branches/drupal-5.0/modules/book/book.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/book/book.info?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/modules/book/book.info (original)
+++ branches/drupal-5.0/modules/book/book.info Mon May 4 17:54:04 2009
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2009-02-25
-version = "5.16"
+; Information added by drupal.org packaging script on 2009-04-30
+version = "5.17"
project = "drupal"
-datestamp = "1235604023"
+datestamp = "1241050830"
Modified: branches/drupal-5.0/modules/color/color.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/color/color.info?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/modules/color/color.info (original)
+++ branches/drupal-5.0/modules/color/color.info Mon May 4 17:54:04 2009
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2009-02-25
-version = "5.16"
+; Information added by drupal.org packaging script on 2009-04-30
+version = "5.17"
project = "drupal"
-datestamp = "1235604023"
+datestamp = "1241050830"
Modified: branches/drupal-5.0/modules/comment/comment.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/comment/comment.info?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/modules/comment/comment.info (original)
+++ branches/drupal-5.0/modules/comment/comment.info Mon May 4 17:54:04 2009
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2009-02-25
-version = "5.16"
+; Information added by drupal.org packaging script on 2009-04-30
+version = "5.17"
project = "drupal"
-datestamp = "1235604023"
+datestamp = "1241050830"
Modified: branches/drupal-5.0/modules/comment/comment.module
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/comment/comment.module?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/modules/comment/comment.module (original)
+++ branches/drupal-5.0/modules/comment/comment.module Mon May 4 17:54:04 2009
@@ -1,5 +1,5 @@
<?php
-// $Id: comment.module,v 1.520.2.13 2008/12/03 17:55:49 drumm Exp $
+// $Id: comment.module,v 1.520.2.14 2009/04/29 18:32:15 drumm Exp $
/**
* @file
@@ -1656,7 +1656,7 @@
// 2) Strip out all HTML tags
// 3) Convert entities back to plain-text.
// Note: format is checked by check_markup().
- $form_values['subject'] = trim(truncate_utf8(decode_entities(strip_tags(check_markup($form_values['comment'], $form_values['format']))), 29, TRUE));
+ $form_values['subject'] = truncate_utf8(trim(decode_entities(strip_tags(check_markup($form_values['comment'], $form_values['format'])))), 29, TRUE);
// Edge cases where the comment body is populated only by HTML tags will
// require a default subject.
if ($form_values['subject'] == '') {
Modified: branches/drupal-5.0/modules/contact/contact.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/contact/contact.info?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/modules/contact/contact.info (original)
+++ branches/drupal-5.0/modules/contact/contact.info Mon May 4 17:54:04 2009
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2009-02-25
-version = "5.16"
+; Information added by drupal.org packaging script on 2009-04-30
+version = "5.17"
project = "drupal"
-datestamp = "1235604023"
+datestamp = "1241050830"
Modified: branches/drupal-5.0/modules/drupal/drupal.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/drupal/drupal.info?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/modules/drupal/drupal.info (original)
+++ branches/drupal-5.0/modules/drupal/drupal.info Mon May 4 17:54:04 2009
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2009-02-25
-version = "5.16"
+; Information added by drupal.org packaging script on 2009-04-30
+version = "5.17"
project = "drupal"
-datestamp = "1235604023"
+datestamp = "1241050830"
Modified: branches/drupal-5.0/modules/filter/filter.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/filter/filter.info?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/modules/filter/filter.info (original)
+++ branches/drupal-5.0/modules/filter/filter.info Mon May 4 17:54:04 2009
@@ -4,8 +4,8 @@
package = Core - required
version = VERSION
-; Information added by drupal.org packaging script on 2009-02-25
-version = "5.16"
+; Information added by drupal.org packaging script on 2009-04-30
+version = "5.17"
project = "drupal"
-datestamp = "1235604023"
+datestamp = "1241050830"
Modified: branches/drupal-5.0/modules/forum/forum.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/forum/forum.info?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/modules/forum/forum.info (original)
+++ branches/drupal-5.0/modules/forum/forum.info Mon May 4 17:54:04 2009
@@ -5,8 +5,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2009-02-25
-version = "5.16"
+; Information added by drupal.org packaging script on 2009-04-30
+version = "5.17"
project = "drupal"
-datestamp = "1235604023"
+datestamp = "1241050830"
Modified: branches/drupal-5.0/modules/forum/forum.module
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/forum/forum.module?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/modules/forum/forum.module (original)
+++ branches/drupal-5.0/modules/forum/forum.module Mon May 4 17:54:04 2009
@@ -1,5 +1,5 @@
<?php
-// $Id: forum.module,v 1.375.2.7 2008/04/05 02:18:59 drumm Exp $
+// $Id: forum.module,v 1.375.2.8 2009/04/29 18:53:38 drumm Exp $
/**
* @file
@@ -645,18 +645,8 @@
return array('#type' => 'select', '#title' => $title, '#default_value' => $parent, '#options' => $options, '#description' => $description, '#required' => TRUE);
}
-function forum_link_alter(&$node, &$links) {
- foreach ($links as $module => $link) {
- if (strstr($module, 'taxonomy_term')) {
- // Link back to the forum and not the taxonomy term page. We'll only
- // do this if the taxonomy term in question belongs to forums.
- $tid = str_replace('taxonomy/term/', '', $link['href']);
- $term = taxonomy_get_term($tid);
- if ($term->vid == _forum_get_vid()) {
- $links[$module]['href'] = str_replace('taxonomy/term', 'forum', $link['href']);
- }
- }
- }
+function forum_term_path($term) {
+ return 'forum/'. $term->tid;
}
/**
Modified: branches/drupal-5.0/modules/help/help.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/help/help.info?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/modules/help/help.info (original)
+++ branches/drupal-5.0/modules/help/help.info Mon May 4 17:54:04 2009
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2009-02-25
-version = "5.16"
+; Information added by drupal.org packaging script on 2009-04-30
+version = "5.17"
project = "drupal"
-datestamp = "1235604023"
+datestamp = "1241050830"
Modified: branches/drupal-5.0/modules/legacy/legacy.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/legacy/legacy.info?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/modules/legacy/legacy.info (original)
+++ branches/drupal-5.0/modules/legacy/legacy.info Mon May 4 17:54:04 2009
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2009-02-25
-version = "5.16"
+; Information added by drupal.org packaging script on 2009-04-30
+version = "5.17"
project = "drupal"
-datestamp = "1235604023"
+datestamp = "1241050830"
Modified: branches/drupal-5.0/modules/locale/locale.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/locale/locale.info?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/modules/locale/locale.info (original)
+++ branches/drupal-5.0/modules/locale/locale.info Mon May 4 17:54:04 2009
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2009-02-25
-version = "5.16"
+; Information added by drupal.org packaging script on 2009-04-30
+version = "5.17"
project = "drupal"
-datestamp = "1235604023"
+datestamp = "1241050830"
Modified: branches/drupal-5.0/modules/menu/menu.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/menu/menu.info?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/modules/menu/menu.info (original)
+++ branches/drupal-5.0/modules/menu/menu.info Mon May 4 17:54:04 2009
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2009-02-25
-version = "5.16"
+; Information added by drupal.org packaging script on 2009-04-30
+version = "5.17"
project = "drupal"
-datestamp = "1235604023"
+datestamp = "1241050830"
Modified: branches/drupal-5.0/modules/menu/menu.module
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/menu/menu.module?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/modules/menu/menu.module (original)
+++ branches/drupal-5.0/modules/menu/menu.module Mon May 4 17:54:04 2009
@@ -1,5 +1,5 @@
<?php
-// $Id: menu.module,v 1.100.2.3 2008/11/15 02:47:59 drumm Exp $
+// $Id: menu.module,v 1.100.2.4 2009/02/26 06:56:26 drumm Exp $
/**
* @file
@@ -176,7 +176,7 @@
if (isset($form['type']) && $form['type']['#value'] .'_node_form' == $form_id) {
$item = array();
if ($form['nid']['#value'] > 0) {
- $item = db_fetch_array(db_query("SELECT * FROM {menu} WHERE path = 'node/%d'", $form['nid']['#value']));
+ $item = db_fetch_array(db_query("SELECT * FROM {menu} WHERE path = 'node/%d' ORDER BY mid", $form['nid']['#value']));
if (isset($form['#post']['menu']) && is_array($form['#post']['menu'])) {
$item = !is_array($item) ? $form['#post']['menu'] : (($form['#post']['op'] == t('Preview')) ? array_merge($item, $form['#post']['menu']) : array_merge($form['#post']['menu'], $item));
}
Modified: branches/drupal-5.0/modules/node/node.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/node/node.info?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/modules/node/node.info (original)
+++ branches/drupal-5.0/modules/node/node.info Mon May 4 17:54:04 2009
@@ -4,8 +4,8 @@
package = Core - required
version = VERSION
-; Information added by drupal.org packaging script on 2009-02-25
-version = "5.16"
+; Information added by drupal.org packaging script on 2009-04-30
+version = "5.17"
project = "drupal"
-datestamp = "1235604023"
+datestamp = "1241050830"
Modified: branches/drupal-5.0/modules/path/path.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/path/path.info?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/modules/path/path.info (original)
+++ branches/drupal-5.0/modules/path/path.info Mon May 4 17:54:04 2009
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2009-02-25
-version = "5.16"
+; Information added by drupal.org packaging script on 2009-04-30
+version = "5.17"
project = "drupal"
-datestamp = "1235604023"
+datestamp = "1241050830"
Modified: branches/drupal-5.0/modules/ping/ping.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/ping/ping.info?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/modules/ping/ping.info (original)
+++ branches/drupal-5.0/modules/ping/ping.info Mon May 4 17:54:04 2009
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2009-02-25
-version = "5.16"
+; Information added by drupal.org packaging script on 2009-04-30
+version = "5.17"
project = "drupal"
-datestamp = "1235604023"
+datestamp = "1241050830"
Modified: branches/drupal-5.0/modules/poll/poll.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/poll/poll.info?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/modules/poll/poll.info (original)
+++ branches/drupal-5.0/modules/poll/poll.info Mon May 4 17:54:04 2009
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2009-02-25
-version = "5.16"
+; Information added by drupal.org packaging script on 2009-04-30
+version = "5.17"
project = "drupal"
-datestamp = "1235604023"
+datestamp = "1241050830"
Modified: branches/drupal-5.0/modules/profile/profile.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/profile/profile.info?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/modules/profile/profile.info (original)
+++ branches/drupal-5.0/modules/profile/profile.info Mon May 4 17:54:04 2009
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2009-02-25
-version = "5.16"
+; Information added by drupal.org packaging script on 2009-04-30
+version = "5.17"
project = "drupal"
-datestamp = "1235604023"
+datestamp = "1241050830"
Modified: branches/drupal-5.0/modules/search/search.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/search/search.info?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/modules/search/search.info (original)
+++ branches/drupal-5.0/modules/search/search.info Mon May 4 17:54:04 2009
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2009-02-25
-version = "5.16"
+; Information added by drupal.org packaging script on 2009-04-30
+version = "5.17"
project = "drupal"
-datestamp = "1235604023"
+datestamp = "1241050830"
Modified: branches/drupal-5.0/modules/statistics/statistics.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/statistics/statistics.info?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/modules/statistics/statistics.info (original)
+++ branches/drupal-5.0/modules/statistics/statistics.info Mon May 4 17:54:04 2009
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2009-02-25
-version = "5.16"
+; Information added by drupal.org packaging script on 2009-04-30
+version = "5.17"
project = "drupal"
-datestamp = "1235604023"
+datestamp = "1241050830"
Modified: branches/drupal-5.0/modules/system/system.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/system/system.info?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/modules/system/system.info (original)
+++ branches/drupal-5.0/modules/system/system.info Mon May 4 17:54:04 2009
@@ -4,8 +4,8 @@
package = Core - required
version = VERSION
-; Information added by drupal.org packaging script on 2009-02-25
-version = "5.16"
+; Information added by drupal.org packaging script on 2009-04-30
+version = "5.17"
project = "drupal"
-datestamp = "1235604023"
+datestamp = "1241050830"
Modified: branches/drupal-5.0/modules/system/system.install
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/system/system.install?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/modules/system/system.install (original)
+++ branches/drupal-5.0/modules/system/system.install Mon May 4 17:54:04 2009
@@ -1,5 +1,5 @@
<?php
-// $Id: system.install,v 1.69.2.11 2008/02/25 02:25:36 drumm Exp $
+// $Id: system.install,v 1.69.2.12 2009/03/22 19:55:22 drumm Exp $
define('DRUPAL_MINIMUM_PHP', '4.3.5');
define('DRUPAL_MINIMUM_MYSQL', '3.23.17'); // If using MySQL
@@ -1257,7 +1257,7 @@
}
// Flush the menu cache:
- cache_clear_all('menu:', TRUE);
+ cache_clear_all('*', 'cache_menu', TRUE);
return $ret;
}
Modified: branches/drupal-5.0/modules/system/system.module
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/system/system.module?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/modules/system/system.module (original)
+++ branches/drupal-5.0/modules/system/system.module Mon May 4 17:54:04 2009
@@ -1,12 +1,12 @@
<?php
-// $Id: system.module,v 1.440.2.48 2009/02/25 23:14:05 drumm Exp $
+// $Id: system.module,v 1.440.2.51 2009/04/30 00:13:48 drumm Exp $
/**
* @file
* Configuration system that lets administrators modify the workings of the site.
*/
-define('VERSION', '5.16');
+define('VERSION', '5.17');
/**
* Implementation of hook_help().
@@ -526,7 +526,7 @@
function _system_zonelist() {
$timestamp = time();
- $zonelist = array(-11, -10, -9.5, -9, -8, -7, -6, -5, -4, -3.5, -3, -2, -1, 0, 1, 2, 3, 3.5, 4, 5, 5.5, 5.75, 6, 6.5, 7, 8, 9, 9.5, 10, 10.5, 11, 11.5, 12, 12.75, 13, 14);
+ $zonelist = array(-11, -10, -9.5, -9, -8, -7, -6, -5, -4, -3.5, -3, -2.5, -2, -1, 0, 1, 2, 3, 3.5, 4, 5, 5.5, 5.75, 6, 6.5, 7, 8, 9, 9.5, 10, 10.5, 11, 11.5, 12, 12.75, 13, 14);
$zones = array();
foreach ($zonelist as $offset) {
$zone = $offset * 3600;
Modified: branches/drupal-5.0/modules/taxonomy/taxonomy.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/taxonomy/taxonomy.info?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/modules/taxonomy/taxonomy.info (original)
+++ branches/drupal-5.0/modules/taxonomy/taxonomy.info Mon May 4 17:54:04 2009
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2009-02-25
-version = "5.16"
+; Information added by drupal.org packaging script on 2009-04-30
+version = "5.17"
project = "drupal"
-datestamp = "1235604023"
+datestamp = "1241050830"
Modified: branches/drupal-5.0/modules/throttle/throttle.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/throttle/throttle.info?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/modules/throttle/throttle.info (original)
+++ branches/drupal-5.0/modules/throttle/throttle.info Mon May 4 17:54:04 2009
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2009-02-25
-version = "5.16"
+; Information added by drupal.org packaging script on 2009-04-30
+version = "5.17"
project = "drupal"
-datestamp = "1235604023"
+datestamp = "1241050830"
Modified: branches/drupal-5.0/modules/tracker/tracker.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/tracker/tracker.info?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/modules/tracker/tracker.info (original)
+++ branches/drupal-5.0/modules/tracker/tracker.info Mon May 4 17:54:04 2009
@@ -5,8 +5,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2009-02-25
-version = "5.16"
+; Information added by drupal.org packaging script on 2009-04-30
+version = "5.17"
project = "drupal"
-datestamp = "1235604023"
+datestamp = "1241050830"
Modified: branches/drupal-5.0/modules/upload/upload.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/upload/upload.info?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/modules/upload/upload.info (original)
+++ branches/drupal-5.0/modules/upload/upload.info Mon May 4 17:54:04 2009
@@ -4,8 +4,8 @@
package = Core - optional
version = VERSION
-; Information added by drupal.org packaging script on 2009-02-25
-version = "5.16"
+; Information added by drupal.org packaging script on 2009-04-30
+version = "5.17"
project = "drupal"
-datestamp = "1235604023"
+datestamp = "1241050830"
Modified: branches/drupal-5.0/modules/user/user.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/user/user.info?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/modules/user/user.info (original)
+++ branches/drupal-5.0/modules/user/user.info Mon May 4 17:54:04 2009
@@ -4,8 +4,8 @@
package = Core - required
version = VERSION
-; Information added by drupal.org packaging script on 2009-02-25
-version = "5.16"
+; Information added by drupal.org packaging script on 2009-04-30
+version = "5.17"
project = "drupal"
-datestamp = "1235604023"
+datestamp = "1241050830"
Modified: branches/drupal-5.0/modules/watchdog/watchdog.info
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/modules/watchdog/watchdog.info?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/modules/watchdog/watchdog.info (original)
+++ branches/drupal-5.0/modules/watchdog/watchdog.info Mon May 4 17:54:04 2009
@@ -4,8 +4,8 @@
package = Core - required
version = VERSION
-; Information added by drupal.org packaging script on 2009-02-25
-version = "5.16"
+; Information added by drupal.org packaging script on 2009-04-30
+version = "5.17"
project = "drupal"
-datestamp = "1235604023"
+datestamp = "1241050830"
Modified: branches/drupal-5.0/themes/bluemarine/page.tpl.php
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/themes/bluemarine/page.tpl.php?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/themes/bluemarine/page.tpl.php (original)
+++ branches/drupal-5.0/themes/bluemarine/page.tpl.php Mon May 4 17:54:04 2009
@@ -2,8 +2,8 @@
<html xmlns="http://www.w3.org/1999/xhtml" lang="<?php print $language ?>" xml:lang="<?php print $language ?>">
<head>
+ <?php print $head ?>
<title><?php print $head_title ?></title>
- <?php print $head ?>
<?php print $styles ?>
<?php print $scripts ?>
<script type="text/javascript"><?php /* Needed to avoid Flash of Unstyle Content in IE */ ?> </script>
Modified: branches/drupal-5.0/themes/chameleon/chameleon.theme
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/themes/chameleon/chameleon.theme?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/themes/chameleon/chameleon.theme (original)
+++ branches/drupal-5.0/themes/chameleon/chameleon.theme Mon May 4 17:54:04 2009
@@ -1,5 +1,5 @@
<?php
-// $Id: chameleon.theme,v 1.56.2.2 2007/05/31 06:13:36 drumm Exp $
+// $Id: chameleon.theme,v 1.56.2.3 2009/04/30 00:13:49 drumm Exp $
/**
* @file
@@ -39,8 +39,8 @@
$output = "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\n";
$output .= "<html xmlns=\"http://www.w3.org/1999/xhtml\" lang=\"$language\" xml:lang=\"$language\">\n";
$output .= "<head>\n";
+ $output .= drupal_get_html_head();
$output .= " <title>". ($title ? strip_tags($title) ." | ". variable_get("site_name", "Drupal") : variable_get("site_name", "Drupal") ." | ". variable_get("site_slogan", "")) ."</title>\n";
- $output .= drupal_get_html_head();
$output .= drupal_get_css();
$output .= drupal_get_js();
$output .= "</head>";
Modified: branches/drupal-5.0/themes/engines/phptemplate/phptemplate.engine
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/themes/engines/phptemplate/phptemplate.engine?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/themes/engines/phptemplate/phptemplate.engine (original)
+++ branches/drupal-5.0/themes/engines/phptemplate/phptemplate.engine Mon May 4 17:54:04 2009
@@ -1,5 +1,5 @@
<?php
-// $Id: phptemplate.engine,v 1.54.2.5 2009/02/25 23:14:05 drumm Exp $
+// $Id: phptemplate.engine,v 1.54.2.6 2009/04/29 17:49:52 drumm Exp $
/**
* @file
@@ -257,7 +257,7 @@
$suggestion = 'page';
$suggestions = array($suggestion);
while ($arg = arg($i++)) {
- $arg = str_replace(array('/', '\\', '\0'), '', $arg);
+ $arg = str_replace(array("/", "\\", "\0"), '', $arg);
$suggestions[] = $suggestion . '-' . $arg;
if (!is_numeric($arg)) {
$suggestion .= '-' . $arg;
@@ -377,9 +377,14 @@
function _phptemplate_default($hook, $variables, $suggestions = array(), $extension = '.tpl.php') {
global $theme_engine;
+ // Remove slashes or null to prevent files from being included from
+ // an unexpected location (especially on Windows servers).
+ $extension = str_replace(array("/", "\\", "\0"), '', $extension);
+
// Loop through any suggestions in FIFO order.
$suggestions = array_reverse($suggestions);
foreach ($suggestions as $suggestion) {
+ $suggestion = str_replace(array("/", "\\", "\0"), '', $suggestion);
if (!empty($suggestion) && file_exists(path_to_theme() .'/'. $suggestion . $extension)) {
$file = path_to_theme() .'/'. $suggestion . $extension;
break;
Modified: branches/drupal-5.0/themes/garland/page.tpl.php
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/themes/garland/page.tpl.php?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/themes/garland/page.tpl.php (original)
+++ branches/drupal-5.0/themes/garland/page.tpl.php Mon May 4 17:54:04 2009
@@ -2,8 +2,8 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="<?php print $language ?>" lang="<?php print $language ?>">
<head>
+ <?php print $head ?>
<title><?php print $head_title ?></title>
- <?php print $head ?>
<?php print $styles ?>
<?php print $scripts ?>
<style type="text/css" media="print">@import "<?php print base_path() . path_to_theme() ?>/print.css";</style>
Modified: branches/drupal-5.0/themes/pushbutton/page.tpl.php
URL: http://svn.debian.org/wsvn/pkg-drupal/branches/drupal-5.0/themes/pushbutton/page.tpl.php?rev=2025&op=diff
==============================================================================
--- branches/drupal-5.0/themes/pushbutton/page.tpl.php (original)
+++ branches/drupal-5.0/themes/pushbutton/page.tpl.php Mon May 4 17:54:04 2009
@@ -1,9 +1,9 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="<?php print $language ?>" xml:lang="<?php print $language ?>">
<head>
- <title><?php print $head_title ?></title>
<meta http-equiv="Content-Style-Type" content="text/css" />
<?php print $head ?>
+ <title><?php print $head_title ?></title>
<?php print $styles ?>
<?php print $scripts ?>
</head>
More information about the Pkg-drupal-commits
mailing list