From 5533335a5db2597123184154a16aaa34ee65c491 Mon Sep 17 00:00:00 2001 From: "stefan.r" Date: Wed, 5 Oct 2016 20:49:50 +0200 Subject: [PATCH 01/28] Back to 7.x-dev --- CHANGELOG.txt | 3 +++ includes/bootstrap.inc | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index 1cfc6dac8a5..1d06253eefa 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -1,4 +1,7 @@ +Drupal 7.52 (development version), xxxx-xx-xx +--------------------------------------------- + Drupal 7.51, 2016-10-05 ----------------------- - The Update module now also checks for updates to a disabled theme that is diff --git a/includes/bootstrap.inc b/includes/bootstrap.inc index 3c41c69ff86..4e233477615 100644 --- a/includes/bootstrap.inc +++ b/includes/bootstrap.inc @@ -8,7 +8,7 @@ /** * The current system version. */ -define('VERSION', '7.51'); +define('VERSION', '7.52-dev'); /** * Core API compatibility. From 7b9af6b9e9514c8cccb346315abc40475419aa0d Mon Sep 17 00:00:00 2001 From: Fabian Franz Date: Thu, 24 Nov 2016 03:45:51 -0800 Subject: [PATCH 02/28] Issue #2825396 by pounard, Pol, Fabianx, David_Rothstein, SebCorbin: Enable modules to define theme engines --- CHANGELOG.txt | 2 + modules/simpletest/tests/theme.test | 31 +++++++++++ modules/simpletest/tests/theme_test.module | 24 +++++++++ .../themes/engines/nyan_cat/nyan_cat.engine | 53 +++++++++++++++++++ .../theme_test_template_test.nyan-cat.html | 1 + .../test_theme_nyan_cat.info | 5 ++ modules/system/system.api.php | 16 ++++++ modules/system/system.module | 10 ++++ 8 files changed, 142 insertions(+) create mode 100644 modules/simpletest/tests/themes/engines/nyan_cat/nyan_cat.engine create mode 100644 modules/simpletest/tests/themes/test_theme_nyan_cat/templates/theme_test_template_test.nyan-cat.html create mode 100644 modules/simpletest/tests/themes/test_theme_nyan_cat/test_theme_nyan_cat.info diff --git a/CHANGELOG.txt b/CHANGELOG.txt index 988fb575c5b..54acc1a2685 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -2,6 +2,8 @@ Drupal 7.53, xxxx-xx-xx (development version) ----------------------- +- Modules are now able to define theme engines. + Drupal 7.52, 2016-11-16 ----------------------- - Fixed security issues (multiple vulnerabilities). See SA-CORE-2016-005. diff --git a/modules/simpletest/tests/theme.test b/modules/simpletest/tests/theme.test index f5ddfa9b036..5f095bd5582 100644 --- a/modules/simpletest/tests/theme.test +++ b/modules/simpletest/tests/theme.test @@ -646,3 +646,34 @@ class ThemeDebugMarkupTestCase extends DrupalWebTestCase { } } + +/** + * Tests module-provided theme engines. + */ +class ModuleProvidedThemeEngineTestCase extends DrupalWebTestCase { + + public static function getInfo() { + return array( + 'name' => 'Theme engine test', + 'description' => 'Tests module-provided theme engines.', + 'group' => 'Theme', + ); + } + + function setUp() { + parent::setUp('theme_test'); + theme_enable(array('test_theme', 'test_theme_nyan_cat')); + } + + /** + * Ensures that the module provided theme engine is found and used by core. + */ + function testEngineIsFoundAndWorking() { + variable_set('theme_default', 'test_theme_nyan_cat'); + variable_set('admin_theme', 'test_theme_nyan_cat'); + + $this->drupalGet('theme-test/engine-info-test'); + $this->assertText('Miaou'); + } + +} diff --git a/modules/simpletest/tests/theme_test.module b/modules/simpletest/tests/theme_test.module index 948d8175abb..1dbc3b95646 100644 --- a/modules/simpletest/tests/theme_test.module +++ b/modules/simpletest/tests/theme_test.module @@ -27,9 +27,18 @@ function theme_test_system_theme_info() { $themes['test_theme'] = drupal_get_path('module', 'theme_test') . '/themes/test_theme/test_theme.info'; $themes['test_basetheme'] = drupal_get_path('module', 'theme_test') . '/themes/test_basetheme/test_basetheme.info'; $themes['test_subtheme'] = drupal_get_path('module', 'theme_test') . '/themes/test_subtheme/test_subtheme.info'; + $themes['test_theme_nyan_cat'] = drupal_get_path('module', 'theme_test') . '/themes/test_theme_nyan_cat/test_theme_nyan_cat.info'; return $themes; } +/** + * Implements hook_system_theme_engine_info(). + */ +function theme_test_system_theme_engine_info() { + $theme_engines['nyan_cat'] = drupal_get_path('module', 'theme_test') . '/themes/engines/nyan_cat/nyan_cat.engine'; + return $theme_engines; +} + /** * Implements hook_menu(). */ @@ -58,6 +67,12 @@ function theme_test_menu() { 'access callback' => TRUE, 'type' => MENU_CALLBACK, ); + $items['theme-test/engine-info-test'] = array( + 'description' => "Serves a simple page rendered using a Nyan Cat theme engine template.", + 'page callback' => '_theme_test_engine_info_test', + 'access callback' => TRUE, + 'type' => MENU_CALLBACK, + ); return $items; } @@ -139,6 +154,15 @@ function _theme_test_drupal_add_region_content() { return 'Hello'; } +/** + * Serves a simple page renderered using a Nyan Cat theme engine template. + */ +function _theme_test_engine_info_test() { + return array( + '#markup' => theme('theme_test_template_test'), + ); +} + /** * Theme function for testing theme('theme_test_foo'). */ diff --git a/modules/simpletest/tests/themes/engines/nyan_cat/nyan_cat.engine b/modules/simpletest/tests/themes/engines/nyan_cat/nyan_cat.engine new file mode 100644 index 00000000000..1b8ffef810d --- /dev/null +++ b/modules/simpletest/tests/themes/engines/nyan_cat/nyan_cat.engine @@ -0,0 +1,53 @@ +filename) . '/template.theme'; + if (file_exists($file)) { + include_once DRUPAL_ROOT . '/' . $file; + } +} + +/** + * Implements hook_theme(). + */ +function nyan_cat_theme($existing, $type, $theme, $path) { + $templates = drupal_find_theme_functions($existing, array($theme)); + $templates += drupal_find_theme_templates($existing, '.nyan-cat.html', $path); + return $templates; +} + +/** + * Implements hook_extension(). + */ +function nyan_cat_extension() { + return '.nyan-cat.html'; +} + +/** + * Implements hook_render_template(). + * + * @param string $template_file + * The filename of the template to render. + * @param mixed[] $variables + * A keyed array of variables that will appear in the output. + * + * @return string + * The output generated by the template. + */ +function nyan_cat_render_template($template_file, $variables) { + $output = str_replace('div', 'nyancat', file_get_contents(DRUPAL_ROOT . '/' . $template_file)); + foreach ($variables as $key => $variable) { + if (strpos($output, '9' . $key) !== FALSE) { + $output = str_replace('9' . $key, $variable, $output); + } + } + return $output; +} diff --git a/modules/simpletest/tests/themes/test_theme_nyan_cat/templates/theme_test_template_test.nyan-cat.html b/modules/simpletest/tests/themes/test_theme_nyan_cat/templates/theme_test_template_test.nyan-cat.html new file mode 100644 index 00000000000..7202dd48ce6 --- /dev/null +++ b/modules/simpletest/tests/themes/test_theme_nyan_cat/templates/theme_test_template_test.nyan-cat.html @@ -0,0 +1 @@ +Miaou \ No newline at end of file diff --git a/modules/simpletest/tests/themes/test_theme_nyan_cat/test_theme_nyan_cat.info b/modules/simpletest/tests/themes/test_theme_nyan_cat/test_theme_nyan_cat.info new file mode 100644 index 00000000000..6580fe730b1 --- /dev/null +++ b/modules/simpletest/tests/themes/test_theme_nyan_cat/test_theme_nyan_cat.info @@ -0,0 +1,5 @@ +name = Nyan cat engine based test theme +description = Theme for testing the module-provided theme engines. +core = 7.x +hidden = TRUE +engine = nyan_cat diff --git a/modules/system/system.api.php b/modules/system/system.api.php index 3152139aa04..f1855b96aa9 100644 --- a/modules/system/system.api.php +++ b/modules/system/system.api.php @@ -2050,6 +2050,22 @@ function hook_system_theme_info() { return $themes; } +/** + * Return additional theme engines provided by modules. + * + * This hook is invoked from _system_rebuild_theme_data() and allows modules to + * register additional theme engines outside of the regular 'themes/engines' + * directories of a Drupal installation. + * + * @return + * An associative array. Each key is the system name of a theme engine and + * each value is the corresponding path to the theme engine's .engine file. + */ +function hook_system_theme_engine_info() { + $theme_engines['izumi'] = drupal_get_path('module', 'mymodule') . '/izumi/izumi.engine'; + return $theme_engines; +} + /** * Alter the information parsed from module and theme .info files * diff --git a/modules/system/system.module b/modules/system/system.module index ae7c432342d..53844d878fa 100644 --- a/modules/system/system.module +++ b/modules/system/system.module @@ -2521,6 +2521,16 @@ function _system_rebuild_theme_data() { // Find theme engines $engines = drupal_system_listing('/^' . DRUPAL_PHP_FUNCTION_PATTERN . '\.engine$/', 'themes/engines'); + // Allow modules to add further theme engines. + if ($module_engines = module_invoke_all('system_theme_engine_info')) { + foreach ($module_engines as $name => $theme_engine_path) { + $engines[$name] = (object) array( + 'uri' => $theme_engine_path, + 'filename' => basename($theme_engine_path), + 'name' => $name, + ); + } + } // Set defaults for theme info. $defaults = array( From 367700622c0d220187d7031cb33052201b96f752 Mon Sep 17 00:00:00 2001 From: Fabian Franz Date: Thu, 24 Nov 2016 04:05:28 -0800 Subject: [PATCH 03/28] Issue #1617918 by pfrenssen, stefan.r, Ayesh, Fabianx, rfay, tea.time: $form['#token'] = FALSE in custom form always causes validation error for anonymous users --- CHANGELOG.txt | 1 + includes/form.inc | 4 ++-- modules/simpletest/tests/form.test | 8 +++++++ modules/simpletest/tests/form_test.module | 28 +++++++++++++++++++++++ 4 files changed, 39 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index 54acc1a2685..e996e50cb9b 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -3,6 +3,7 @@ Drupal 7.53, xxxx-xx-xx (development version) ----------------------- - Modules are now able to define theme engines. +- Numerous bug fixes. Drupal 7.52, 2016-11-16 ----------------------- diff --git a/includes/form.inc b/includes/form.inc index 130775f4d1d..e749239ef99 100644 --- a/includes/form.inc +++ b/includes/form.inc @@ -1176,7 +1176,7 @@ function drupal_validate_form($form_id, &$form, &$form_state) { // If the session token was set by drupal_prepare_form(), ensure that it // matches the current user's session. This is duplicate to code in // form_builder() but left to protect any custom form handling code. - if (isset($form['#token'])) { + if (!empty($form['#token'])) { if (!drupal_valid_token($form_state['values']['form_token'], $form['#token']) || !empty($form_state['invalid_token'])) { _drupal_invalid_token_set_form_error(); // Stop here and don't run any further validation handlers, because they @@ -1837,7 +1837,7 @@ function form_builder($form_id, &$element, &$form_state) { // If the session token was set by drupal_prepare_form(), ensure that it // matches the current user's session. $form_state['invalid_token'] = FALSE; - if (isset($element['#token'])) { + if (!empty($element['#token'])) { if (empty($form_state['input']['form_token']) || !drupal_valid_token($form_state['input']['form_token'], $element['#token'])) { // Set an early form error to block certain input processing since that // opens the door for CSRF vulnerabilities. diff --git a/modules/simpletest/tests/form.test b/modules/simpletest/tests/form.test index 6bf2d9e8a3d..a441ceeba43 100644 --- a/modules/simpletest/tests/form.test +++ b/modules/simpletest/tests/form.test @@ -690,6 +690,14 @@ class FormValidationTestCase extends DrupalWebTestCase { $this->assertText('The form has become outdated. Copy any unsaved work in the form below'); } + /** + * Tests that a form with a disabled CSRF token can be validated. + */ + function testDisabledToken() { + $this->drupalPost('form-test/validate-no-token', array(), 'Save'); + $this->assertText('The form_test_validate_no_token form has been submitted successfully.'); + } + /** * Tests partial form validation through #limit_validation_errors. */ diff --git a/modules/simpletest/tests/form_test.module b/modules/simpletest/tests/form_test.module index 4fd708f12ce..097e58841d6 100644 --- a/modules/simpletest/tests/form_test.module +++ b/modules/simpletest/tests/form_test.module @@ -37,6 +37,13 @@ function form_test_menu() { 'access callback' => TRUE, 'type' => MENU_CALLBACK, ); + $items['form-test/validate-no-token'] = array( + 'title' => 'Form validation without a CSRF token', + 'page callback' => 'drupal_get_form', + 'page arguments' => array('form_test_validate_no_token'), + 'access callback' => TRUE, + 'type' => MENU_CALLBACK, + ); $items['form-test/limit-validation-errors'] = array( 'title' => 'Form validation with some error suppression', 'page callback' => 'drupal_get_form', @@ -454,6 +461,27 @@ function form_test_validate_required_form_no_title_submit($form, &$form_state) { drupal_set_message('The form_test_validate_required_form_no_title form was submitted successfully.'); } +/** + * Form builder for testing submission of a form without a CSRF token. + */ +function form_test_validate_no_token($form, &$form_state) { + $form['submit'] = array( + '#type' => 'submit', + '#value' => 'Save', + ); + + $form['#token'] = FALSE; + + return $form; +} + +/** + * Form submission handler for form_test_validate_no_token(). + */ +function form_test_validate_no_token_submit($form, &$form_state) { + drupal_set_message('The form_test_validate_no_token form has been submitted successfully.'); +} + /** * Builds a simple form with a button triggering partial validation. */ From 7a94baeb94781e8aba2ba104394ddab879bc83b7 Mon Sep 17 00:00:00 2001 From: Fabian Franz Date: Tue, 29 Nov 2016 05:58:49 -0800 Subject: [PATCH 04/28] Issue #2821441 by davic, droplet, David_Rothstein, Joe Keene, Fabianx, tory-w: Fixed that newer Chrome versions cannot drag and drop anymore on desktop after 7.51 update when jQuery is updated to 1.7-1.11.0 --- CHANGELOG.txt | 2 ++ misc/tabledrag.js | 12 ++++++++++-- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index e996e50cb9b..94291c7a102 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -4,6 +4,8 @@ Drupal 7.53, xxxx-xx-xx (development version) - Modules are now able to define theme engines. - Numerous bug fixes. +- Fixed drag and drop support on newer Chrome/IE 11+ versions after 7.51 update + when jQuery is updated to 1.7-1.11.0. Drupal 7.52, 2016-11-16 ----------------------- diff --git a/misc/tabledrag.js b/misc/tabledrag.js index 4e07784c7df..7ea88b607a1 100644 --- a/misc/tabledrag.js +++ b/misc/tabledrag.js @@ -580,12 +580,20 @@ Drupal.tableDrag.prototype.dropRow = function (event, self) { * Get the mouse coordinates from the event (allowing for browser differences). */ Drupal.tableDrag.prototype.mouseCoords = function (event) { + // Complete support for pointer events was only introduced to jQuery in + // version 1.11.1; between versions 1.7 and 1.11.0 pointer events have the + // clientX and clientY properties undefined. In those cases, the properties + // must be retrieved from the event.originalEvent object instead. + var clientX = event.clientX || event.originalEvent.clientX; + var clientY = event.clientY || event.originalEvent.clientY; + if (event.pageX || event.pageY) { return { x: event.pageX, y: event.pageY }; } + return { - x: event.clientX + document.body.scrollLeft - document.body.clientLeft, - y: event.clientY + document.body.scrollTop - document.body.clientTop + x: clientX + document.body.scrollLeft - document.body.clientLeft, + y: clientY + document.body.scrollTop - document.body.clientTop }; }; From dc0064dd917f7d38a37531aeaca09a9e75c78482 Mon Sep 17 00:00:00 2001 From: Fabian Franz Date: Tue, 29 Nov 2016 10:16:31 -0800 Subject: [PATCH 05/28] Issue #2715113 by anshuljain2k8, SwapS, dagmar, Fabianx, ndobromirov: Watchdog logging of all searches is performance hit; need ability to turn it off (7.x) --- modules/search/search.admin.inc | 10 ++++++++++ modules/search/search.install | 1 + modules/search/search.pages.inc | 7 ++++--- modules/search/search.test | 15 ++++++++++++++- 4 files changed, 29 insertions(+), 4 deletions(-) diff --git a/modules/search/search.admin.inc b/modules/search/search.admin.inc index a609485ac04..a37d37b9f50 100644 --- a/modules/search/search.admin.inc +++ b/modules/search/search.admin.inc @@ -125,6 +125,16 @@ function search_admin_settings($form) { '#options' => $module_options, '#description' => t('Choose which search module is the default.') ); + $form['logging'] = array( + '#type' => 'fieldset', + '#title' => t('Logging') + ); + $form['logging']['search_logging'] = array( + '#type' => 'checkbox', + '#title' => t('Log searches'), + '#default_value' => variable_get('search_logging', 1), + '#description' => t('If checked, all searches will be logged. Uncheck to skip logging. Logging may affect performance.'), + ); $form['#validate'][] = 'search_admin_settings_validate'; $form['#submit'][] = 'search_admin_settings_submit'; diff --git a/modules/search/search.install b/modules/search/search.install index f0113b3f0c6..c91283c465f 100644 --- a/modules/search/search.install +++ b/modules/search/search.install @@ -12,6 +12,7 @@ function search_uninstall() { variable_del('minimum_word_size'); variable_del('overlap_cjk'); variable_del('search_cron_limit'); + variable_del('search_logging'); } /** diff --git a/modules/search/search.pages.inc b/modules/search/search.pages.inc index 2123dd75a9e..b24de8edae6 100644 --- a/modules/search/search.pages.inc +++ b/modules/search/search.pages.inc @@ -57,9 +57,10 @@ function search_view($module = NULL, $keys = '') { } // Only search if there are keywords or non-empty conditions. if ($keys || !empty($conditions)) { - // Log the search keys. - watchdog('search', 'Searched %type for %keys.', array('%keys' => $keys, '%type' => $info['title']), WATCHDOG_NOTICE, l(t('results'), 'search/' . $info['path'] . '/' . $keys)); - + if (variable_get('search_logging', TRUE)) { + // Log the search keys. + watchdog('search', 'Searched %type for %keys.', array('%keys' => $keys, '%type' => $info['title']), WATCHDOG_NOTICE, l(t('results'), 'search/' . $info['path'] . '/' . $keys)); + } // Collect the search results. $results = search_data($keys, $info['module'], $conditions); } diff --git a/modules/search/search.test b/modules/search/search.test index 913d198911d..d3a60b490b1 100644 --- a/modules/search/search.test +++ b/modules/search/search.test @@ -1453,7 +1453,7 @@ class SearchConfigSettingsForm extends DrupalWebTestCase { parent::setUp('search', 'search_extra_type'); // Login as a user that can create and search content. - $this->search_user = $this->drupalCreateUser(array('search content', 'administer search', 'administer nodes', 'bypass node access', 'access user profiles', 'administer users', 'administer blocks')); + $this->search_user = $this->drupalCreateUser(array('search content', 'administer search', 'administer nodes', 'bypass node access', 'access user profiles', 'administer users', 'administer blocks', 'access site reports')); $this->drupalLogin($this->search_user); // Add a single piece of content and index it. @@ -1502,6 +1502,19 @@ class SearchConfigSettingsForm extends DrupalWebTestCase { ); $this->drupalPost('admin/config/search/settings', $edit, t('Save configuration')); $this->assertNoText(t('The configuration options have been saved.'), 'Form does not save with an invalid word length.'); + + // Test logging setting. It should be on by default. + $text = $this->randomName(5); + $this->drupalPost('search/node', array('keys' => $text), t('Search')); + $this->drupalGet('admin/reports/dblog'); + $this->assertLink('Searched Content for ' . $text . '.', 0, 'Search was logged'); + + // Turn off logging. + variable_set('search_logging', FALSE); + $text = $this->randomName(5); + $this->drupalPost('search/node', array('keys' => $text), t('Search')); + $this->drupalGet('admin/reports/dblog'); + $this->assertNoLink('Searched Content for ' . $text . '.', 'Search was not logged'); } /** From 43d1568dc823bc6132f13e7aa1edb4f8fe0b29b4 Mon Sep 17 00:00:00 2001 From: Fabian Franz Date: Tue, 29 Nov 2016 10:17:26 -0800 Subject: [PATCH 06/28] Updated CHANGELOG.txt. --- CHANGELOG.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index 94291c7a102..3bfeac00029 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -6,6 +6,7 @@ Drupal 7.53, xxxx-xx-xx (development version) - Numerous bug fixes. - Fixed drag and drop support on newer Chrome/IE 11+ versions after 7.51 update when jQuery is updated to 1.7-1.11.0. +- Logging of searches can now be disabled. Drupal 7.52, 2016-11-16 ----------------------- From 33013d38e0bf406f57b588cdbb912e7386c897f8 Mon Sep 17 00:00:00 2001 From: Fabian Franz Date: Tue, 29 Nov 2016 10:59:27 -0800 Subject: [PATCH 07/28] Issue #1569856 by wizonesolutions, faline, IvoryTierra, tstoeckler, sun, cebasqueira: Make CommentHelperCase support $modules like DrupalWebTestCase and make CommentNodeAccessTest use that --- modules/comment/comment.test | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/modules/comment/comment.test b/modules/comment/comment.test index 534b2c135a3..e087a7173ee 100644 --- a/modules/comment/comment.test +++ b/modules/comment/comment.test @@ -11,7 +11,13 @@ class CommentHelperCase extends DrupalWebTestCase { protected $node; function setUp() { - parent::setUp('comment', 'search'); + $modules = func_get_args(); + if (isset($modules[0]) && is_array($modules[0])) { + $modules = $modules[0]; + } + $modules[] = 'comment'; + parent::setUp($modules); + // Create users and test node. $this->admin_user = $this->drupalCreateUser(array('administer content types', 'administer comments', 'administer blocks', 'administer actions', 'administer fields')); $this->web_user = $this->drupalCreateUser(array('access comments', 'post comments', 'create article content', 'edit own comments')); @@ -1490,7 +1496,7 @@ class CommentNodeAccessTest extends CommentHelperCase { } function setUp() { - DrupalWebTestCase::setUp('comment', 'search', 'node_access_test'); + parent::setUp('search', 'node_access_test'); node_access_rebuild(); // Create users and test node. From 2e1c672337e7adb25fafe1b84bec6c77b6a52cd1 Mon Sep 17 00:00:00 2001 From: Stefan Ruijsenaars Date: Thu, 26 Jan 2017 14:52:29 -0800 Subject: [PATCH 08/28] Issue #2237329 by cs_shadow, amgoncalves: comments in OptionsWidgetsTest are in the wrong place --- modules/field/modules/options/options.test | 28 +++++++++++++++++----- 1 file changed, 22 insertions(+), 6 deletions(-) diff --git a/modules/field/modules/options/options.test b/modules/field/modules/options/options.test index 1cbb38546b6..321c2a4b5d1 100644 --- a/modules/field/modules/options/options.test +++ b/modules/field/modules/options/options.test @@ -23,8 +23,15 @@ class OptionsWidgetsTestCase extends FieldTestCase { 'type' => 'list_integer', 'cardinality' => 1, 'settings' => array( - // Make sure that 0 works as an option. - 'allowed_values' => array(0 => 'Zero', 1 => 'One', 2 => 'Some & unescaped markup', 3 => 'Some HTML encoded markup with < & >'), + 'allowed_values' => array( + // Make sure that 0 works as an option. + 0 => 'Zero', + 1 => 'One', + // Make sure that option text is properly sanitized. + 2 => 'Some & unescaped markup', + // Make sure that HTML entities in option text are not double-encoded. + 3 => 'Some HTML encoded markup with < & >', + ), ), ); $this->card_1 = field_create_field($this->card_1); @@ -35,8 +42,13 @@ class OptionsWidgetsTestCase extends FieldTestCase { 'type' => 'list_integer', 'cardinality' => 2, 'settings' => array( - // Make sure that 0 works as an option. - 'allowed_values' => array(0 => 'Zero', 1 => 'One', 2 => 'Some & unescaped markup'), + 'allowed_values' => array( + // Make sure that 0 works as an option. + 0 => 'Zero', + 1 => 'One', + // Make sure that option text is properly sanitized. + 2 => 'Some & unescaped markup', + ), ), ); $this->card_2 = field_create_field($this->card_2); @@ -47,8 +59,12 @@ class OptionsWidgetsTestCase extends FieldTestCase { 'type' => 'list_boolean', 'cardinality' => 1, 'settings' => array( - // Make sure that 0 works as a 'on' value'. - 'allowed_values' => array(1 => 'Zero', 0 => 'Some & unescaped markup'), + 'allowed_values' => array( + // Make sure that 1 works as a 'on' value'. + 1 => 'Zero', + // Make sure that option text is properly sanitized. + 0 => 'Some & unescaped markup', + ), ), ); $this->bool = field_create_field($this->bool); From cfe9983aa79338119998f77b3c7a3c8850cf044e Mon Sep 17 00:00:00 2001 From: Stefan Ruijsenaars Date: Fri, 27 Jan 2017 17:16:21 -0800 Subject: [PATCH 09/28] Issue #2821203 by plach: Factor out logic to detect HTTPS requests into an API function --- includes/bootstrap.inc | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/includes/bootstrap.inc b/includes/bootstrap.inc index 99ce1183cb2..44137dda85e 100644 --- a/includes/bootstrap.inc +++ b/includes/bootstrap.inc @@ -718,6 +718,16 @@ function drupal_valid_http_host($host) { && preg_match('/^\[?(?:[a-zA-Z0-9-:\]_]+\.?)+$/', $host); } +/** + * Checks whether an HTTPS request is being served. + * + * @return bool + * TRUE if the request is HTTPS, FALSE otherwise. + */ +function drupal_is_https() { + return isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on'; +} + /** * Sets the base URL, cookie domain, and session name from configuration. */ @@ -731,7 +741,7 @@ function drupal_settings_initialize() { if (file_exists(DRUPAL_ROOT . '/' . conf_path() . '/settings.php')) { include_once DRUPAL_ROOT . '/' . conf_path() . '/settings.php'; } - $is_https = isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) == 'on'; + $is_https = drupal_is_https(); if (isset($base_url)) { // Parse fixed base URL from settings.php. From 4004b9f10c5e7b8808b8458d57bf0a9f3ef600ec Mon Sep 17 00:00:00 2001 From: Stefan Ruijsenaars Date: Fri, 27 Jan 2017 17:40:29 -0800 Subject: [PATCH 10/28] Issue #767404 by das-peter, geru, Ketan Harit, nikhilsukul, Nitesh Sethia: theme_menu_tree() removes helpful data for theming custom menu trees --- CHANGELOG.txt | 1 + includes/menu.inc | 1 + 2 files changed, 2 insertions(+) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index 282399cd758..02b8b27a6e0 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -4,6 +4,7 @@ Drupal 7.54, xxxx-xx-xx (development version) - Modules are now able to define theme engines. - Numerous bug fixes. - Logging of searches can now be disabled. +- Added menu tree render structure to (pre-)process hooks for theme_menu_tree(). Drupal 7.53, 2016-12-07 ----------------------- diff --git a/includes/menu.inc b/includes/menu.inc index 05ecac060db..3e09c19b297 100644 --- a/includes/menu.inc +++ b/includes/menu.inc @@ -1606,6 +1606,7 @@ function _menu_tree_data(&$links, $parents, $depth) { * Implements template_preprocess_HOOK() for theme_menu_tree(). */ function template_preprocess_menu_tree(&$variables) { + $variables['#tree'] = $variables['tree']; $variables['tree'] = $variables['tree']['#children']; } From 31864beb3ab9c3cb9c550ffba9ead3e779ab1398 Mon Sep 17 00:00:00 2001 From: Stefan Ruijsenaars Date: Fri, 27 Jan 2017 17:50:42 -0800 Subject: [PATCH 11/28] Issue #2042411 by aerozeppelin, generalredneck: Float field type not validating number with decimal point but no decimal numbers --- modules/field/modules/number/number.module | 9 +++++ modules/field/modules/number/number.test | 46 ++++++++++++++++++++++ 2 files changed, 55 insertions(+) diff --git a/modules/field/modules/number/number.module b/modules/field/modules/number/number.module index 0b8660dc248..ef603330637 100644 --- a/modules/field/modules/number/number.module +++ b/modules/field/modules/number/number.module @@ -164,6 +164,15 @@ function number_field_presave($entity_type, $entity, $field, $instance, $langcod } } } + if ($field['type'] == 'number_float') { + // Fix for #2042411 - Float field type not validating number with decimal + // point but no decimal numbers. + foreach ($items as $delta => $item) { + if (isset($item['value'])) { + $items[$delta]['value'] = floatval($item['value']); + } + } + } } /** diff --git a/modules/field/modules/number/number.test b/modules/field/modules/number/number.test index c88b4c1824e..839da36c37b 100644 --- a/modules/field/modules/number/number.test +++ b/modules/field/modules/number/number.test @@ -152,4 +152,50 @@ class NumberFieldTestCase extends DrupalWebTestCase { ); $this->drupalPost(NULL, $edit, t('Save')); } + + /** + * Test number_float field. + */ + function testNumberFloatField() { + $this->field = array( + 'field_name' => drupal_strtolower($this->randomName()), + 'type' => 'number_float', + 'settings' => array( + 'precision' => 8, 'scale' => 4, 'decimal_separator' => '.', + ) + ); + field_create_field($this->field); + $this->instance = array( + 'field_name' => $this->field['field_name'], + 'entity_type' => 'test_entity', + 'bundle' => 'test_bundle', + 'widget' => array( + 'type' => 'number', + ), + 'display' => array( + 'default' => array( + 'type' => 'number_float', + ), + ), + ); + field_create_instance($this->instance); + + $langcode = LANGUAGE_NONE; + $value = array( + '9.' => '9', + '.' => '0', + '123.55' => '123.55', + '.55' => '0.55', + '-0.55' => '-0.55', + ); + foreach($value as $key => $value) { + $edit = array( + "{$this->field['field_name']}[$langcode][0][value]" => $key, + ); + $this->drupalPost('test-entity/add/test-bundle', $edit, t('Save')); + $this->assertNoText("PDOException"); + $this->assertRaw($value, 'Correct value is displayed.'); + } + } + } From 82866f9c85998a3845cee53bfa2958875714cd88 Mon Sep 17 00:00:00 2001 From: Stefan Ruijsenaars Date: Fri, 27 Jan 2017 18:02:31 -0800 Subject: [PATCH 12/28] Issue #2838650 by er.pushpinderrana: menu_cache_clear description contains duplicate word: cached cached --- CHANGELOG.txt | 1 + includes/menu.inc | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index 02b8b27a6e0..928db04189b 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -3,6 +3,7 @@ Drupal 7.54, xxxx-xx-xx (development version) ----------------------- - Modules are now able to define theme engines. - Numerous bug fixes. +- Numerous API documentation improvements. - Logging of searches can now be disabled. - Added menu tree render structure to (pre-)process hooks for theme_menu_tree(). diff --git a/includes/menu.inc b/includes/menu.inc index 3e09c19b297..4664d27e892 100644 --- a/includes/menu.inc +++ b/includes/menu.inc @@ -2683,7 +2683,7 @@ function menu_link_load($mlid) { } /** - * Clears the cached cached data for a single named menu. + * Clears the cached data for a single named menu. */ function menu_cache_clear($menu_name = 'navigation') { $cache_cleared = &drupal_static(__FUNCTION__, array()); From 223cd3435b23f6a9702d6eb147f3aac15d770d39 Mon Sep 17 00:00:00 2001 From: Stefan Ruijsenaars Date: Sat, 28 Jan 2017 08:28:30 -0800 Subject: [PATCH 13/28] Issue #2779379 by sandip27: Minor Coding Standard Issue in color.test file --- modules/color/color.test | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/color/color.test b/modules/color/color.test index 09043250b05..f29c0c26794 100644 --- a/modules/color/color.test +++ b/modules/color/color.test @@ -122,7 +122,7 @@ class ColorTestCase extends DrupalWebTestCase { $edit['palette[bg]'] = $color; $this->drupalPost($settings_path, $edit, t('Save configuration')); - if($is_valid) { + if ($is_valid) { $this->assertText('The configuration options have been saved.'); } else { From 856aa8c85a9fd9bcd06ee5261dcad5c7452de846 Mon Sep 17 00:00:00 2001 From: Stefan Ruijsenaars Date: Sat, 28 Jan 2017 16:00:10 -0800 Subject: [PATCH 14/28] Issue #2724773 by Stevel: Translation tests fail on site with english language prefix (global $language_url is not reset in tests) --- modules/simpletest/drupal_web_test_case.php | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/modules/simpletest/drupal_web_test_case.php b/modules/simpletest/drupal_web_test_case.php index 08452f31c6a..51407991dd6 100644 --- a/modules/simpletest/drupal_web_test_case.php +++ b/modules/simpletest/drupal_web_test_case.php @@ -1374,10 +1374,11 @@ protected function changeDatabasePrefix() { * @see DrupalWebTestCase::tearDown() */ protected function prepareEnvironment() { - global $user, $language, $conf; + global $user, $language, $language_url, $conf; // Store necessary current values before switching to prefixed database. $this->originalLanguage = $language; + $this->originalLanguageUrl = $language_url; $this->originalLanguageDefault = variable_get('language_default'); $this->originalFileDirectory = variable_get('file_public_path', conf_path() . '/files'); $this->originalProfile = drupal_get_profile(); @@ -1387,7 +1388,7 @@ protected function prepareEnvironment() { // Set to English to prevent exceptions from utf8_truncate() from t() // during install if the current language is not 'en'. // The following array/object conversion is copied from language_default(). - $language = (object) array('language' => 'en', 'name' => 'English', 'native' => 'English', 'direction' => 0, 'enabled' => 1, 'plurals' => 0, 'formula' => '', 'domain' => '', 'prefix' => '', 'weight' => 0, 'javascript' => ''); + $language_url = $language = (object) array('language' => 'en', 'name' => 'English', 'native' => 'English', 'direction' => 0, 'enabled' => 1, 'plurals' => 0, 'formula' => '', 'domain' => '', 'prefix' => '', 'weight' => 0, 'javascript' => ''); // Save and clean the shutdown callbacks array because it is static cached // and will be changed by the test run. Otherwise it will contain callbacks @@ -1445,7 +1446,7 @@ protected function prepareEnvironment() { * @see DrupalWebTestCase::prepareEnvironment() */ protected function setUp() { - global $user, $language, $conf; + global $user, $language, $language_url, $conf; // Create the database prefix for this test. $this->prepareDatabasePrefix(); @@ -1542,7 +1543,7 @@ protected function setUp() { // Set up English language. unset($conf['language_default']); - $language = language_default(); + $language_url = $language = language_default(); // Use the test mail class instead of the default mail handler class. variable_set('mail_system', array('default-system' => 'TestingMailSystem')); @@ -1636,7 +1637,7 @@ protected function refreshVariables() { * and reset the database prefix. */ protected function tearDown() { - global $user, $language; + global $user, $language, $language_url; // In case a fatal error occurred that was not in the test process read the // log to pick up any fatal errors. @@ -1701,6 +1702,7 @@ protected function tearDown() { // Reset language. $language = $this->originalLanguage; + $language_url = $this->originalLanguageUrl; if ($this->originalLanguageDefault) { $GLOBALS['conf']['language_default'] = $this->originalLanguageDefault; } From 6fa7f7a2770c6a416e032b2531f8e3f74abe9267 Mon Sep 17 00:00:00 2001 From: Stefan Ruijsenaars Date: Sat, 28 Jan 2017 16:07:33 -0800 Subject: [PATCH 15/28] Issue #1361810 by cr0ss, David_Rothstein, rlmumford, oriol_e9g, rooby, billywardrop: Non-collapsible fieldsets within collapsed fieldsets have "expanded" icon --- modules/system/system.theme-rtl.css | 4 ++-- modules/system/system.theme.css | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/modules/system/system.theme-rtl.css b/modules/system/system.theme-rtl.css index 0cd7fa6431f..17a2c548b31 100644 --- a/modules/system/system.theme-rtl.css +++ b/modules/system/system.theme-rtl.css @@ -41,12 +41,12 @@ th { /** * Collapsible fieldsets. */ -html.js fieldset.collapsible .fieldset-legend { +html.js fieldset.collapsible > legend .fieldset-legend { background-position: 98% 75%; padding-left: 0; padding-right: 15px; } -html.js fieldset.collapsed .fieldset-legend { +html.js fieldset.collapsed > legend .fieldset-legend { background-image: url(../../misc/menu-collapsed-rtl.png); background-position: 98% 50%; } diff --git a/modules/system/system.theme.css b/modules/system/system.theme.css index 73cebee739f..89a784fd9d1 100644 --- a/modules/system/system.theme.css +++ b/modules/system/system.theme.css @@ -173,11 +173,11 @@ input.form-radio { * * @see collapse.js */ -html.js fieldset.collapsible .fieldset-legend { +html.js fieldset.collapsible > legend .fieldset-legend { background: url(../../misc/menu-expanded.png) 5px 65% no-repeat; /* LTR */ padding-left: 15px; /* LTR */ } -html.js fieldset.collapsed .fieldset-legend { +html.js fieldset.collapsed > legend .fieldset-legend { background-image: url(../../misc/menu-collapsed.png); /* LTR */ background-position: 5px 50%; /* LTR */ } From d9ee137c4cc620d62374fbca294a26053d5156ee Mon Sep 17 00:00:00 2001 From: Stefan Ruijsenaars Date: Sat, 28 Jan 2017 16:09:04 -0800 Subject: [PATCH 16/28] Updated: Issue #2042411 by aerozeppelin, generalredneck: Float field type not validating number with decimal point but no decimal numbers --- modules/field/modules/number/number.module | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/field/modules/number/number.module b/modules/field/modules/number/number.module index ef603330637..2538bdd1424 100644 --- a/modules/field/modules/number/number.module +++ b/modules/field/modules/number/number.module @@ -165,7 +165,7 @@ function number_field_presave($entity_type, $entity, $field, $instance, $langcod } } if ($field['type'] == 'number_float') { - // Fix for #2042411 - Float field type not validating number with decimal + // Remove the decimal point from float values with decimal // point but no decimal numbers. foreach ($items as $delta => $item) { if (isset($item['value'])) { From 00b07260760b15d00e4ba6a5df202236fbed04d5 Mon Sep 17 00:00:00 2001 From: Stefan Ruijsenaars Date: Sat, 28 Jan 2017 16:14:31 -0800 Subject: [PATCH 17/28] Issue #2494221 by david_garcia, dagmar: Slow Log/Watchdog clear when there are lots of data --- CHANGELOG.txt | 1 + modules/dblog/dblog.admin.inc | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index 928db04189b..4332841e95d 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -3,6 +3,7 @@ Drupal 7.54, xxxx-xx-xx (development version) ----------------------- - Modules are now able to define theme engines. - Numerous bug fixes. +- Numerous performance improvements. - Numerous API documentation improvements. - Logging of searches can now be disabled. - Added menu tree render structure to (pre-)process hooks for theme_menu_tree(). diff --git a/modules/dblog/dblog.admin.inc b/modules/dblog/dblog.admin.inc index 0d5780cb018..f8a00c26bb0 100644 --- a/modules/dblog/dblog.admin.inc +++ b/modules/dblog/dblog.admin.inc @@ -420,6 +420,6 @@ function dblog_clear_log_form($form) { */ function dblog_clear_log_submit() { $_SESSION['dblog_overview_filter'] = array(); - db_delete('watchdog')->execute(); + db_truncate('watchdog')->execute(); drupal_set_message(t('Database log cleared.')); } From 8ad071fa6884b5c012f2c3b5b4041ef092b7a846 Mon Sep 17 00:00:00 2001 From: David Rothstein Date: Sun, 29 Jan 2017 11:50:56 -0500 Subject: [PATCH 18/28] Issue #1817748 by markpavlitski, hgoto, wavesailor, Sophie.SK: /admin/config/regional/date-time does not show the correct default format for short and medium format --- CHANGELOG.txt | 2 ++ includes/date.inc | 20 +++++++------- modules/system/system.test | 54 ++++++++++++++++++++++++++++++++++++++ 3 files changed, 66 insertions(+), 10 deletions(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index 4332841e95d..7e9183f6eea 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -7,6 +7,8 @@ Drupal 7.54, xxxx-xx-xx (development version) - Numerous API documentation improvements. - Logging of searches can now be disabled. - Added menu tree render structure to (pre-)process hooks for theme_menu_tree(). +- Fixed incorrect default value for short and medium date formats on the date + type configuration page. Drupal 7.53, 2016-12-07 ----------------------- diff --git a/includes/date.inc b/includes/date.inc index 01ab131b3b1..9e68fee4072 100644 --- a/includes/date.inc +++ b/includes/date.inc @@ -12,11 +12,6 @@ function system_default_date_formats() { $formats = array(); // Short date formats. - $formats[] = array( - 'type' => 'short', - 'format' => 'Y-m-d H:i', - 'locales' => array(), - ); $formats[] = array( 'type' => 'short', 'format' => 'm/d/Y - H:i', @@ -37,6 +32,11 @@ function system_default_date_formats() { 'format' => 'd.m.Y - H:i', 'locales' => array('de-ch', 'de-de', 'de-lu', 'fi-fi', 'fr-ch', 'is-is', 'pl-pl', 'ro-ro', 'ru-ru'), ); + $formats[] = array( + 'type' => 'short', + 'format' => 'Y-m-d H:i', + 'locales' => array(), + ); $formats[] = array( 'type' => 'short', 'format' => 'm/d/Y - g:ia', @@ -84,11 +84,6 @@ function system_default_date_formats() { ); // Medium date formats. - $formats[] = array( - 'type' => 'medium', - 'format' => 'D, Y-m-d H:i', - 'locales' => array(), - ); $formats[] = array( 'type' => 'medium', 'format' => 'D, m/d/Y - H:i', @@ -104,6 +99,11 @@ function system_default_date_formats() { 'format' => 'D, Y/m/d - H:i', 'locales' => array('en-ca', 'fr-ca', 'no-no', 'sv-se'), ); + $formats[] = array( + 'type' => 'medium', + 'format' => 'D, Y-m-d H:i', + 'locales' => array(), + ); $formats[] = array( 'type' => 'medium', 'format' => 'F j, Y - H:i', diff --git a/modules/system/system.test b/modules/system/system.test index ec71093dcde..9eaf562b28c 100644 --- a/modules/system/system.test +++ b/modules/system/system.test @@ -1461,6 +1461,60 @@ class DateTimeFunctionalTest extends DrupalWebTestCase { } } +/** + * Tests date format configuration. + */ +class DateFormatTestCase extends DrupalWebTestCase { + public static function getInfo() { + return array( + 'name' => 'Date format', + 'description' => 'Test date format configuration and defaults.', + 'group' => 'System', + ); + } + + function setUp() { + parent::setUp(); + + // Create admin user and log in admin user. + $this->admin_user = $this->drupalCreateUser(array('administer site configuration')); + $this->drupalLogin($this->admin_user); + } + + /** + * Test the default date type formats are consistent. + */ + function testDefaultDateFormats() { + // These are the default format values from format_date(). + $default_formats = array( + 'short' => 'm/d/Y - H:i', + 'medium' => 'D, m/d/Y - H:i', + 'long' => 'l, F j, Y - H:i', + ); + + // Clear the date format variables. + variable_del('date_format_short'); + variable_del('date_format_medium'); + variable_del('date_format_long'); + + $this->drupalGet('admin/config/regional/date-time'); + + foreach ($default_formats as $format_name => $format_value) { + $id = 'edit-date-format-' . $format_name; + // Check that the configuration fields match the default format. + $this->assertOptionSelected( + $id, + $format_value, + format_string('The @type format type matches the expected format @format.', + array( + '@type' => $format_name, + '@format' => $format_value, + ) + )); + } + } +} + class PageTitleFiltering extends DrupalWebTestCase { protected $content_user; protected $saved_title; From 6d92c0c1a74b6b2d4454559e9f11976342ed4d2c Mon Sep 17 00:00:00 2001 From: David Rothstein Date: Sun, 29 Jan 2017 12:15:30 -0500 Subject: [PATCH 19/28] Issue #2637552 by vmachado, Fabianx: Use the drupal_static_fast pattern in drupal_html_id() --- includes/common.inc | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/includes/common.inc b/includes/common.inc index 339a69b3add..da8996a1b9a 100644 --- a/includes/common.inc +++ b/includes/common.inc @@ -3986,7 +3986,11 @@ function drupal_html_id($id) { // be merged with content already on the base page. The HTML IDs must be // unique for the fully merged content. Therefore, initialize $seen_ids to // take into account IDs that are already in use on the base page. - $seen_ids_init = &drupal_static(__FUNCTION__ . ':init'); + static $drupal_static_fast; + if (!isset($drupal_static_fast['seen_ids_init'])) { + $drupal_static_fast['seen_ids_init'] = &drupal_static(__FUNCTION__ . ':init'); + } + $seen_ids_init = &$drupal_static_fast['seen_ids_init']; if (!isset($seen_ids_init)) { // Ideally, Drupal would provide an API to persist state information about // prior page requests in the database, and we'd be able to add this @@ -4031,7 +4035,10 @@ function drupal_html_id($id) { } } } - $seen_ids = &drupal_static(__FUNCTION__, $seen_ids_init); + if (!isset($drupal_static_fast['seen_ids'])) { + $drupal_static_fast['seen_ids'] = &drupal_static(__FUNCTION__, $seen_ids_init); + } + $seen_ids = &$drupal_static_fast['seen_ids']; $id = strtr(drupal_strtolower($id), array(' ' => '-', '_' => '-', '[' => '-', ']' => '')); From ffe9f9178b3fb0f87acfeae74d14548e56ab1355 Mon Sep 17 00:00:00 2001 From: "stefan.r" Date: Sun, 29 Jan 2017 18:19:53 -0500 Subject: [PATCH 20/28] Issue #1621356 by oriol_e9g, joachim, tim.plunkett, dsdeiz: Pass all the parameters of hook_options_list() to options_list_callback --- modules/field/modules/list/tests/list_test.module | 2 +- modules/taxonomy/taxonomy.module | 14 ++++++++++++-- 2 files changed, 13 insertions(+), 3 deletions(-) diff --git a/modules/field/modules/list/tests/list_test.module b/modules/field/modules/list/tests/list_test.module index aa5333779e8..2d25daafe1e 100644 --- a/modules/field/modules/list/tests/list_test.module +++ b/modules/field/modules/list/tests/list_test.module @@ -8,7 +8,7 @@ /** * Allowed values callback. */ -function list_test_allowed_values_callback($field) { +function list_test_allowed_values_callback($field, $instance, $entity_type, $entity) { $values = array( 'Group 1' => array( 0 => 'Zero', diff --git a/modules/taxonomy/taxonomy.module b/modules/taxonomy/taxonomy.module index 981649d2aca..ad3f19aadb2 100644 --- a/modules/taxonomy/taxonomy.module +++ b/modules/taxonomy/taxonomy.module @@ -1493,7 +1493,7 @@ function taxonomy_field_widget_info_alter(&$info) { */ function taxonomy_options_list($field, $instance, $entity_type, $entity) { $function = !empty($field['settings']['options_list_callback']) ? $field['settings']['options_list_callback'] : 'taxonomy_allowed_values'; - return $function($field); + return $function($field, $instance, $entity_type, $entity); } /** @@ -1646,10 +1646,20 @@ function taxonomy_field_formatter_view($entity_type, $entity, $field, $instance, * * @param $field * The field definition. + * @param $instance + * The instance definition. It is recommended to only use instance level + * properties to filter out values from a list defined by field level + * properties. + * @param $entity_type + * The entity type the field is attached to. + * @param $entity + * The entity object the field is attached to, or NULL if no entity + * exists (e.g. in field settings page). + * * @return * The array of valid terms for this field, keyed by term id. */ -function taxonomy_allowed_values($field) { +function taxonomy_allowed_values($field, $instance, $entity_type, $entity) { $options = array(); foreach ($field['settings']['allowed_values'] as $tree) { if ($vocabulary = taxonomy_vocabulary_machine_name_load($tree['vocabulary'])) { From deb4de9b9c73dccf0221b3980ef6dbfbd4ebf05a Mon Sep 17 00:00:00 2001 From: "stefan.r" Date: Sun, 29 Jan 2017 18:21:12 -0500 Subject: [PATCH 21/28] Issue #1884830 by pwolanin, dcam: Regression - replace md5 in Filter module calls with sha2 hashes --- modules/filter/filter.module | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/filter/filter.module b/modules/filter/filter.module index c710ee700bb..e9fd01d3880 100644 --- a/modules/filter/filter.module +++ b/modules/filter/filter.module @@ -1638,7 +1638,7 @@ function _filter_url_escape_comments($match, $escape = NULL) { // Replace all HTML coments with a '' placeholder. if ($mode) { $content = $match[1]; - $hash = md5($content); + $hash = hash('sha256', $content); $comments[$hash] = $content; return ""; } From f1a3f532e271058b5ff05bd9f325078a70d78466 Mon Sep 17 00:00:00 2001 From: "stefan.r" Date: Sun, 29 Jan 2017 18:24:18 -0500 Subject: [PATCH 22/28] Issue #1792032 by aerozeppelin, bjorpe, lmeurs, ndobromirov, balsama: File validation error message not removed after subsequent upload of valid file --- CHANGELOG.txt | 2 ++ modules/file/file.module | 3 ++- modules/file/tests/file.test | 50 ++++++++++++++++++++++++++++++++++++ 3 files changed, 54 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index 7e9183f6eea..c6908385ecb 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -9,6 +9,8 @@ Drupal 7.54, xxxx-xx-xx (development version) - Added menu tree render structure to (pre-)process hooks for theme_menu_tree(). - Fixed incorrect default value for short and medium date formats on the date type configuration page. +- File validation error message is now removed after subsequent upload of valid + file. Drupal 7.53, 2016-12-07 ----------------------- diff --git a/modules/file/file.module b/modules/file/file.module index bf7b07d8b15..18ed2654eb4 100644 --- a/modules/file/file.module +++ b/modules/file/file.module @@ -280,7 +280,8 @@ function file_ajax_upload() { $form['#suffix'] .= ''; } - $output = theme('status_messages') . drupal_render($form); + $form['#prefix'] .= theme('status_messages'); + $output = drupal_render($form); $js = drupal_add_js(); $settings = call_user_func_array('array_merge_recursive', $js['settings']['data']); diff --git a/modules/file/tests/file.test b/modules/file/tests/file.test index 1510a697716..41e97cdfa34 100644 --- a/modules/file/tests/file.test +++ b/modules/file/tests/file.test @@ -596,6 +596,56 @@ class FileFieldWidgetTestCase extends FileFieldTestCase { $this->doTestTemporaryFileRemovalExploit($victim_uid, $attacker_uid); } + /** + * Tests validation with the Upload button. + */ + function testWidgetValidation() { + $type_name = 'article'; + $field_name = strtolower($this->randomName()); + $this->createFileField($field_name, $type_name); + $this->updateFileField($field_name, $type_name, array('file_extensions' => 'txt')); + + foreach (array('nojs', 'js') as $type) { + // Create node and prepare files for upload. + $node = $this->drupalCreateNode(array('type' => 'article')); + $nid = $node->nid; + $this->drupalGet("node/$nid/edit"); + $test_file_text = $this->getTestFile('text'); + $test_file_image = $this->getTestFile('image'); + $field = field_info_field($field_name); + $name = 'files[' . $field_name . '_' . LANGUAGE_NONE . '_0]'; + + // Upload file with incorrect extension, check for validation error. + $edit[$name] = drupal_realpath($test_file_image->uri); + switch ($type) { + case 'nojs': + $this->drupalPost(NULL, $edit, t('Upload')); + break; + + case 'js': + $button = $this->xpath('//input[@type="submit" and @value="' . t('Upload') . '"]'); + $this->drupalPostAJAX(NULL, $edit, array((string) $button[0]['name'] => (string) $button[0]['value'])); + break; + } + $error_message = t('Only files with the following extensions are allowed: %files-allowed.', array('%files-allowed' => 'txt')); + $this->assertRaw($error_message, t('Validation error when file with wrong extension uploaded (JSMode=%type).', array('%type' => $type))); + + // Upload file with correct extension, check that error message is removed. + $edit[$name] = drupal_realpath($test_file_text->uri); + switch ($type) { + case 'nojs': + $this->drupalPost(NULL, $edit, t('Upload')); + break; + + case 'js': + $button = $this->xpath('//input[@type="submit" and @value="' . t('Upload') . '"]'); + $this->drupalPostAJAX(NULL, $edit, array((string) $button[0]['name'] => (string) $button[0]['value'])); + break; + } + $this->assertNoRaw($error_message, t('Validation error removed when file with correct extension uploaded (JSMode=%type).', array('%type' => $type))); + } + } + /** * Helper for testing exploiting the temporary file removal using fid. * From 198ba6542446b3d6513f2a7580c1e3b155146dd9 Mon Sep 17 00:00:00 2001 From: "stefan.r" Date: Mon, 30 Jan 2017 08:19:09 -0500 Subject: [PATCH 23/28] Issue #2107287 by BR0kEN: PHP 5.4 calls a new stream_metadata() method on stream wrappers not implemented by Drupal --- includes/stream_wrappers.inc | 152 ++++++++++++++++++++++++++++++++++- 1 file changed, 150 insertions(+), 2 deletions(-) diff --git a/includes/stream_wrappers.inc b/includes/stream_wrappers.inc index 48829388417..232ff1437c1 100644 --- a/includes/stream_wrappers.inc +++ b/includes/stream_wrappers.inc @@ -133,7 +133,7 @@ interface DrupalStreamWrapperInterface extends StreamWrapperInterface { * @param $uri * A string containing the URI that should be used for this instance. */ - function setUri($uri); + public function setUri($uri); /** * Returns the stream resource URI. @@ -219,7 +219,6 @@ interface DrupalStreamWrapperInterface extends StreamWrapperInterface { public function dirname($uri = NULL); } - /** * Drupal stream wrapper base class for local files. * @@ -549,6 +548,155 @@ abstract class DrupalLocalStreamWrapper implements DrupalStreamWrapperInterface return fclose($this->handle); } + /** + * Sets metadata on the stream. + * + * WARNING: Do not call this method directly! It will be called internally by + * PHP itself when one of the following functions is called on a stream URL: + * + * @param string $uri + * A string containing the URI to the file to set metadata on. + * @param int $option + * One of: + * - STREAM_META_TOUCH: The method was called in response to touch(). + * - STREAM_META_OWNER_NAME: The method was called in response to chown() + * with string parameter. + * - STREAM_META_OWNER: The method was called in response to chown(). + * - STREAM_META_GROUP_NAME: The method was called in response to chgrp(). + * - STREAM_META_GROUP: The method was called in response to chgrp(). + * - STREAM_META_ACCESS: The method was called in response to chmod(). + * @param mixed $value + * If option is: + * - STREAM_META_TOUCH: Array consisting of two arguments of the touch() + * function. + * - STREAM_META_OWNER_NAME or STREAM_META_GROUP_NAME: The name of the owner + * user/group as string. + * - STREAM_META_OWNER or STREAM_META_GROUP: The value of the owner + * user/group as integer. + * - STREAM_META_ACCESS: The argument of the chmod() as integer. + * + * @return bool + * Returns TRUE on success or FALSE on failure. If $option is not + * implemented, FALSE should be returned. + * + * @see touch() + * @see chmod() + * @see chown() + * @see chgrp() + * @link http://php.net/manual/streamwrapper.stream-metadata.php + */ + public function stream_metadata($uri, $option, $value) { + $target = $this->getLocalPath($uri); + $return = FALSE; + switch ($option) { + case STREAM_META_TOUCH: + if (!empty($value)) { + $return = touch($target, $value[0], $value[1]); + } + else { + $return = touch($target); + } + break; + + case STREAM_META_OWNER_NAME: + case STREAM_META_OWNER: + $return = chown($target, $value); + break; + + case STREAM_META_GROUP_NAME: + case STREAM_META_GROUP: + $return = chgrp($target, $value); + break; + + case STREAM_META_ACCESS: + $return = chmod($target, $value); + break; + } + if ($return) { + // For convenience clear the file status cache of the underlying file, + // since metadata operations are often followed by file status checks. + clearstatcache(TRUE, $target); + } + return $return; + } + + /** + * Truncate stream. + * + * Will respond to truncation; e.g., through ftruncate(). + * + * @param int $new_size + * The new size. + * + * @return bool + * TRUE on success, FALSE otherwise. + */ + public function stream_truncate($new_size) { + return ftruncate($this->handle, $new_size); + } + + /** + * Retrieve the underlying stream resource. + * + * This method is called in response to stream_select(). + * + * @param int $cast_as + * Can be STREAM_CAST_FOR_SELECT when stream_select() is calling + * stream_cast() or STREAM_CAST_AS_STREAM when stream_cast() is called for + * other uses. + * + * @return resource|false + * The underlying stream resource or FALSE if stream_select() is not + * supported. + * + * @see stream_select() + * @link http://php.net/manual/streamwrapper.stream-cast.php + */ + public function stream_cast($cast_as) { + return $this->handle ? $this->handle : FALSE; + } + + /** + * Change stream options. + * + * This method is called to set options on the stream. + * + * Since Windows systems do not allow it and it is not needed for most use + * cases anyway, this method is not supported on local files and will trigger + * an error and return false. If needed, custom subclasses can provide + * OS-specific implementations for advanced use cases. + * + * @param int $option + * One of: + * - STREAM_OPTION_BLOCKING: The method was called in response to + * stream_set_blocking(). + * - STREAM_OPTION_READ_TIMEOUT: The method was called in response to + * stream_set_timeout(). + * - STREAM_OPTION_WRITE_BUFFER: The method was called in response to + * stream_set_write_buffer(). + * @param int $arg1 + * If option is: + * - STREAM_OPTION_BLOCKING: The requested blocking mode: + * - 1 means blocking. + * - 0 means not blocking. + * - STREAM_OPTION_READ_TIMEOUT: The timeout in seconds. + * - STREAM_OPTION_WRITE_BUFFER: The buffer mode, STREAM_BUFFER_NONE or + * STREAM_BUFFER_FULL. + * @param int $arg2 + * If option is: + * - STREAM_OPTION_BLOCKING: This option is not set. + * - STREAM_OPTION_READ_TIMEOUT: The timeout in microseconds. + * - STREAM_OPTION_WRITE_BUFFER: The requested buffer size. + * + * @return bool + * TRUE on success, FALSE otherwise. If $option is not implemented, FALSE + * should be returned. + */ + public function stream_set_option($option, $arg1, $arg2) { + trigger_error('stream_set_option() not supported for local file based stream wrappers', E_USER_WARNING); + return FALSE; + } + /** * Support for unlink(). * From 2f3b6e8912866204ccb6eecafec2a280aa25c17d Mon Sep 17 00:00:00 2001 From: "stefan.r" Date: Mon, 30 Jan 2017 08:26:50 -0500 Subject: [PATCH 24/28] Issue #878284 by jp.stacey: cache_set documentation should make lifetime clearer --- includes/cache.inc | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/includes/cache.inc b/includes/cache.inc index 4c2bed32135..945dd663195 100644 --- a/includes/cache.inc +++ b/includes/cache.inc @@ -122,7 +122,12 @@ function cache_get_multiple(array &$cids, $bin = 'cache') { * the administrator panel. * - cache_path: Stores the system paths that have an alias. * @param $expire - * (optional) One of the following values: + * (optional) Controls the maximum lifetime of this cache entry. Note that + * caches might be subject to clearing at any time, so this setting does not + * guarantee a minimum lifetime. With this in mind, the cache should not be + * used for data that must be kept during a cache clear, like sessions. + * + * Use one of the following values: * - CACHE_PERMANENT: Indicates that the item should never be removed unless * explicitly told to using cache_clear_all() with a cache ID. * - CACHE_TEMPORARY: Indicates that the item should be removed at the next @@ -262,7 +267,12 @@ interface DrupalCacheInterface { * 1MB in size to be stored by default. When caching large arrays or * similar, take care to ensure $data does not exceed this size. * @param $expire - * (optional) One of the following values: + * (optional) Controls the maximum lifetime of this cache entry. Note that + * caches might be subject to clearing at any time, so this setting does not + * guarantee a minimum lifetime. With this in mind, the cache should not be + * used for data that must be kept during a cache clear, like sessions. + * + * Use one of the following values: * - CACHE_PERMANENT: Indicates that the item should never be removed unless * explicitly told to using cache_clear_all() with a cache ID. * - CACHE_TEMPORARY: Indicates that the item should be removed at the next From 13ece45695961526f8256f6f2bd38ce1c837a519 Mon Sep 17 00:00:00 2001 From: David Rothstein Date: Tue, 31 Jan 2017 13:23:33 -0500 Subject: [PATCH 25/28] Revert "Issue #1621356 by oriol_e9g, joachim, tim.plunkett, dsdeiz: Pass all the parameters of hook_options_list() to options_list_callback" This reverts commit ffe9f9178b3fb0f87acfeae74d14548e56ab1355. --- modules/field/modules/list/tests/list_test.module | 2 +- modules/taxonomy/taxonomy.module | 14 ++------------ 2 files changed, 3 insertions(+), 13 deletions(-) diff --git a/modules/field/modules/list/tests/list_test.module b/modules/field/modules/list/tests/list_test.module index 2d25daafe1e..aa5333779e8 100644 --- a/modules/field/modules/list/tests/list_test.module +++ b/modules/field/modules/list/tests/list_test.module @@ -8,7 +8,7 @@ /** * Allowed values callback. */ -function list_test_allowed_values_callback($field, $instance, $entity_type, $entity) { +function list_test_allowed_values_callback($field) { $values = array( 'Group 1' => array( 0 => 'Zero', diff --git a/modules/taxonomy/taxonomy.module b/modules/taxonomy/taxonomy.module index ad3f19aadb2..981649d2aca 100644 --- a/modules/taxonomy/taxonomy.module +++ b/modules/taxonomy/taxonomy.module @@ -1493,7 +1493,7 @@ function taxonomy_field_widget_info_alter(&$info) { */ function taxonomy_options_list($field, $instance, $entity_type, $entity) { $function = !empty($field['settings']['options_list_callback']) ? $field['settings']['options_list_callback'] : 'taxonomy_allowed_values'; - return $function($field, $instance, $entity_type, $entity); + return $function($field); } /** @@ -1646,20 +1646,10 @@ function taxonomy_field_formatter_view($entity_type, $entity, $field, $instance, * * @param $field * The field definition. - * @param $instance - * The instance definition. It is recommended to only use instance level - * properties to filter out values from a list defined by field level - * properties. - * @param $entity_type - * The entity type the field is attached to. - * @param $entity - * The entity object the field is attached to, or NULL if no entity - * exists (e.g. in field settings page). - * * @return * The array of valid terms for this field, keyed by term id. */ -function taxonomy_allowed_values($field, $instance, $entity_type, $entity) { +function taxonomy_allowed_values($field) { $options = array(); foreach ($field['settings']['allowed_values'] as $tree) { if ($vocabulary = taxonomy_vocabulary_machine_name_load($tree['vocabulary'])) { From fcf5b4556e11b5924762837fc1b2bacc039dad9a Mon Sep 17 00:00:00 2001 From: David Rothstein Date: Wed, 1 Feb 2017 01:54:47 -0500 Subject: [PATCH 26/28] Revert "Issue #1361810 by cr0ss, David_Rothstein, rlmumford, oriol_e9g, rooby, billywardrop: Non-collapsible fieldsets within collapsed fieldsets have "expanded" icon" This reverts commit 6fa7f7a2770c6a416e032b2531f8e3f74abe9267. --- modules/system/system.theme-rtl.css | 4 ++-- modules/system/system.theme.css | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/modules/system/system.theme-rtl.css b/modules/system/system.theme-rtl.css index 17a2c548b31..0cd7fa6431f 100644 --- a/modules/system/system.theme-rtl.css +++ b/modules/system/system.theme-rtl.css @@ -41,12 +41,12 @@ th { /** * Collapsible fieldsets. */ -html.js fieldset.collapsible > legend .fieldset-legend { +html.js fieldset.collapsible .fieldset-legend { background-position: 98% 75%; padding-left: 0; padding-right: 15px; } -html.js fieldset.collapsed > legend .fieldset-legend { +html.js fieldset.collapsed .fieldset-legend { background-image: url(../../misc/menu-collapsed-rtl.png); background-position: 98% 50%; } diff --git a/modules/system/system.theme.css b/modules/system/system.theme.css index 89a784fd9d1..73cebee739f 100644 --- a/modules/system/system.theme.css +++ b/modules/system/system.theme.css @@ -173,11 +173,11 @@ input.form-radio { * * @see collapse.js */ -html.js fieldset.collapsible > legend .fieldset-legend { +html.js fieldset.collapsible .fieldset-legend { background: url(../../misc/menu-expanded.png) 5px 65% no-repeat; /* LTR */ padding-left: 15px; /* LTR */ } -html.js fieldset.collapsed > legend .fieldset-legend { +html.js fieldset.collapsed .fieldset-legend { background-image: url(../../misc/menu-collapsed.png); /* LTR */ background-position: 5px 50%; /* LTR */ } From fcbd2c105ad7740ce929b2ed903e835255f0202c Mon Sep 17 00:00:00 2001 From: David Rothstein Date: Wed, 1 Feb 2017 02:24:57 -0500 Subject: [PATCH 27/28] Various fixes to CHANGELOG.txt in preparation for the 7.54 release. --- CHANGELOG.txt | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index c6908385ecb..3624c8ed682 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -1,16 +1,22 @@ Drupal 7.54, xxxx-xx-xx (development version) ----------------------- -- Modules are now able to define theme engines. -- Numerous bug fixes. -- Numerous performance improvements. -- Numerous API documentation improvements. -- Logging of searches can now be disabled. -- Added menu tree render structure to (pre-)process hooks for theme_menu_tree(). +- Modules are now able to define theme engines (API addition: + https://www.drupal.org/node/2826480). +- Logging of searches can now be disabled (new option in the administrative + interface). +- Added menu tree render structure to (pre-)process hooks for theme_menu_tree() + (API addition: https://www.drupal.org/node/2827134). +- Added new function for determining whether an HTTPS request is being served + (API addition: https://www.drupal.org/node/2824590). - Fixed incorrect default value for short and medium date formats on the date type configuration page. - File validation error message is now removed after subsequent upload of valid file. +- Numerous bug fixes. +- Numerous API documentation improvements. +- Additional performance improvements. +- Additional automated test coverage. Drupal 7.53, 2016-12-07 ----------------------- From 986185c49bfecad6dfce7b6df81b325486585d9e Mon Sep 17 00:00:00 2001 From: "stefan.r" Date: Wed, 1 Feb 2017 16:34:27 -0500 Subject: [PATCH 28/28] Drupal 7.54 --- CHANGELOG.txt | 2 +- includes/bootstrap.inc | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.txt b/CHANGELOG.txt index 3624c8ed682..c015fb4fa2b 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -1,5 +1,5 @@ -Drupal 7.54, xxxx-xx-xx (development version) +Drupal 7.54, 2017-02-01 ----------------------- - Modules are now able to define theme engines (API addition: https://www.drupal.org/node/2826480). diff --git a/includes/bootstrap.inc b/includes/bootstrap.inc index 44137dda85e..99a5ac84dcf 100644 --- a/includes/bootstrap.inc +++ b/includes/bootstrap.inc @@ -8,7 +8,7 @@ /** * The current system version. */ -define('VERSION', '7.54-dev'); +define('VERSION', '7.54'); /** * Core API compatibility.