updated core to 7.73
This commit is contained in:
@@ -478,18 +478,17 @@ function _batch_finished() {
|
||||
$queue->deleteQueue();
|
||||
}
|
||||
}
|
||||
// Clean-up the session. Not needed for CLI updates.
|
||||
if (isset($_SESSION)) {
|
||||
unset($_SESSION['batches'][$batch['id']]);
|
||||
if (empty($_SESSION['batches'])) {
|
||||
unset($_SESSION['batches']);
|
||||
}
|
||||
}
|
||||
}
|
||||
$_batch = $batch;
|
||||
$batch = NULL;
|
||||
|
||||
// Clean-up the session. Not needed for CLI updates.
|
||||
if (isset($_SESSION)) {
|
||||
unset($_SESSION['batches'][$batch['id']]);
|
||||
if (empty($_SESSION['batches'])) {
|
||||
unset($_SESSION['batches']);
|
||||
}
|
||||
}
|
||||
|
||||
// Redirect if needed.
|
||||
if ($_batch['progressive']) {
|
||||
// Revert the 'destination' that was saved in batch_process().
|
||||
|
||||
@@ -8,7 +8,7 @@
|
||||
/**
|
||||
* The current system version.
|
||||
*/
|
||||
define('VERSION', '7.69');
|
||||
define('VERSION', '7.73');
|
||||
|
||||
/**
|
||||
* Core API compatibility.
|
||||
|
||||
@@ -391,7 +391,7 @@ function drupal_add_feed($url = NULL, $title = '') {
|
||||
*/
|
||||
function drupal_get_feeds($delimiter = "\n") {
|
||||
$feeds = drupal_add_feed();
|
||||
return implode($feeds, $delimiter);
|
||||
return implode($delimiter, $feeds);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -684,7 +684,10 @@ function drupal_goto($path = '', array $options = array(), $http_response_code =
|
||||
// We do not allow absolute URLs to be passed via $_GET, as this can be an attack vector.
|
||||
if (isset($_GET['destination']) && !url_is_external($_GET['destination'])) {
|
||||
$destination = drupal_parse_url($_GET['destination']);
|
||||
$path = $destination['path'];
|
||||
// Double check the path derived by drupal_parse_url() is not external.
|
||||
if (!url_is_external($destination['path'])) {
|
||||
$path = $destination['path'];
|
||||
}
|
||||
$options['query'] = $destination['query'];
|
||||
$options['fragment'] = $destination['fragment'];
|
||||
}
|
||||
@@ -3740,7 +3743,7 @@ function _drupal_build_css_path($matches, $base = NULL) {
|
||||
}
|
||||
|
||||
// Prefix with base and remove '../' segments where possible.
|
||||
$path = $_base . $matches[1];
|
||||
$path = $_base . (isset($matches[1]) ? $matches[1] : '');
|
||||
$last = '';
|
||||
while ($path != $last) {
|
||||
$last = $path;
|
||||
@@ -6653,7 +6656,7 @@ function element_children(&$elements, $sort = FALSE) {
|
||||
$children = array();
|
||||
$sortable = FALSE;
|
||||
foreach ($elements as $key => $value) {
|
||||
if ($key === '' || $key[0] !== '#') {
|
||||
if (is_int($key) || $key === '' || $key[0] !== '#') {
|
||||
$children[$key] = $value;
|
||||
if (is_array($value) && isset($value['#weight'])) {
|
||||
$sortable = TRUE;
|
||||
|
||||
@@ -301,7 +301,7 @@ abstract class FileTransfer {
|
||||
$parts = explode('/', $path);
|
||||
$chroot = '';
|
||||
while (count($parts)) {
|
||||
$check = implode($parts, '/');
|
||||
$check = implode('/', $parts);
|
||||
if ($this->isFile($check . '/' . drupal_basename(__FILE__))) {
|
||||
// Remove the trailing slash.
|
||||
return substr($chroot, 0, -1);
|
||||
|
||||
@@ -1135,12 +1135,8 @@ function drupal_prepare_form($form_id, &$form, &$form_state) {
|
||||
* Helper function to call form_set_error() if there is a token error.
|
||||
*/
|
||||
function _drupal_invalid_token_set_form_error() {
|
||||
$path = current_path();
|
||||
$query = drupal_get_query_parameters();
|
||||
$url = url($path, array('query' => $query));
|
||||
|
||||
// Setting this error will cause the form to fail validation.
|
||||
form_set_error('form_token', t('The form has become outdated. Copy any unsaved work in the form below and then <a href="@link">reload this page</a>.', array('@link' => $url)));
|
||||
form_set_error('form_token', t('The form has become outdated. Press the back button, copy any unsaved work in the form, and then reload the page.'));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -1181,6 +1177,11 @@ function drupal_validate_form($form_id, &$form, &$form_state) {
|
||||
if (!empty($form['#token'])) {
|
||||
if (!drupal_valid_token($form_state['values']['form_token'], $form['#token']) || !empty($form_state['invalid_token'])) {
|
||||
_drupal_invalid_token_set_form_error();
|
||||
// Ignore all submitted values.
|
||||
$form_state['input'] = array();
|
||||
$_POST = array();
|
||||
// Make sure file uploads do not get processed.
|
||||
$_FILES = array();
|
||||
// Stop here and don't run any further validation handlers, because they
|
||||
// could invoke non-safe operations which opens the door for CSRF
|
||||
// vulnerabilities.
|
||||
@@ -1848,6 +1849,9 @@ function form_builder($form_id, &$element, &$form_state) {
|
||||
_drupal_invalid_token_set_form_error();
|
||||
// This value is checked in _form_builder_handle_input_element().
|
||||
$form_state['invalid_token'] = TRUE;
|
||||
// Ignore all submitted values.
|
||||
$form_state['input'] = array();
|
||||
$_POST = array();
|
||||
// Make sure file uploads do not get processed.
|
||||
$_FILES = array();
|
||||
}
|
||||
|
||||
@@ -2483,6 +2483,9 @@ function menu_link_get_preferred($path = NULL, $selected_menu = NULL) {
|
||||
// untranslated paths). Afterwards, the most relevant path is picked from
|
||||
// the menus, ordered by menu preference.
|
||||
$item = menu_get_item($path);
|
||||
if ($item === FALSE) {
|
||||
return FALSE;
|
||||
}
|
||||
$path_candidates = array();
|
||||
// 1. The current item href.
|
||||
$path_candidates[$item['href']] = $item['href'];
|
||||
|
||||
@@ -324,6 +324,16 @@ function theme_pager($variables) {
|
||||
$quantity = empty($variables['quantity']) ? 0 : $variables['quantity'];
|
||||
global $pager_page_array, $pager_total;
|
||||
|
||||
// Nothing to do if there is no pager.
|
||||
if (!isset($pager_page_array[$element]) || !isset($pager_total[$element])) {
|
||||
return;
|
||||
}
|
||||
|
||||
// Nothing to do if there is only one page.
|
||||
if ($pager_total[$element] <= 1) {
|
||||
return;
|
||||
}
|
||||
|
||||
// Calculate various markers within this pager piece:
|
||||
// Middle is used to "center" pages around the current page.
|
||||
$pager_middle = ceil($quantity / 2);
|
||||
@@ -455,6 +465,11 @@ function theme_pager_first($variables) {
|
||||
global $pager_page_array;
|
||||
$output = '';
|
||||
|
||||
// Nothing to do if there is no pager.
|
||||
if (!isset($pager_page_array[$element])) {
|
||||
return;
|
||||
}
|
||||
|
||||
// If we are anywhere but the first page
|
||||
if ($pager_page_array[$element] > 0) {
|
||||
$output = theme('pager_link', array('text' => $text, 'page_new' => pager_load_array(0, $element, $pager_page_array), 'element' => $element, 'parameters' => $parameters));
|
||||
@@ -485,6 +500,11 @@ function theme_pager_previous($variables) {
|
||||
global $pager_page_array;
|
||||
$output = '';
|
||||
|
||||
// Nothing to do if there is no pager.
|
||||
if (!isset($pager_page_array[$element])) {
|
||||
return;
|
||||
}
|
||||
|
||||
// If we are anywhere but the first page
|
||||
if ($pager_page_array[$element] > 0) {
|
||||
$page_new = pager_load_array($pager_page_array[$element] - $interval, $element, $pager_page_array);
|
||||
@@ -524,6 +544,11 @@ function theme_pager_next($variables) {
|
||||
global $pager_page_array, $pager_total;
|
||||
$output = '';
|
||||
|
||||
// Nothing to do if there is no pager.
|
||||
if (!isset($pager_page_array[$element]) || !isset($pager_total[$element])) {
|
||||
return;
|
||||
}
|
||||
|
||||
// If we are anywhere but the last page
|
||||
if ($pager_page_array[$element] < ($pager_total[$element] - 1)) {
|
||||
$page_new = pager_load_array($pager_page_array[$element] + $interval, $element, $pager_page_array);
|
||||
@@ -560,6 +585,11 @@ function theme_pager_last($variables) {
|
||||
global $pager_page_array, $pager_total;
|
||||
$output = '';
|
||||
|
||||
// Nothing to do if there is no pager.
|
||||
if (!isset($pager_page_array[$element]) || !isset($pager_total[$element])) {
|
||||
return;
|
||||
}
|
||||
|
||||
// If we are anywhere but the last page
|
||||
if ($pager_page_array[$element] < ($pager_total[$element] - 1)) {
|
||||
$output = theme('pager_link', array('text' => $text, 'page_new' => pager_load_array($pager_total[$element] - 1, $element, $pager_page_array), 'element' => $element, 'parameters' => $parameters));
|
||||
|
||||
@@ -466,13 +466,15 @@ function path_delete($criteria) {
|
||||
$criteria = array('pid' => $criteria);
|
||||
}
|
||||
$path = path_load($criteria);
|
||||
$query = db_delete('url_alias');
|
||||
foreach ($criteria as $field => $value) {
|
||||
$query->condition($field, $value);
|
||||
if (isset($path['source'])) {
|
||||
$query = db_delete('url_alias');
|
||||
foreach ($criteria as $field => $value) {
|
||||
$query->condition($field, $value);
|
||||
}
|
||||
$query->execute();
|
||||
module_invoke_all('path_delete', $path);
|
||||
drupal_clear_path_cache($path['source']);
|
||||
}
|
||||
$query->execute();
|
||||
module_invoke_all('path_delete', $path);
|
||||
drupal_clear_path_cache($path['source']);
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -99,7 +99,7 @@ class DrupalRequestSanitizer {
|
||||
protected static function stripDangerousValues($input, array $whitelist, array &$sanitized_keys) {
|
||||
if (is_array($input)) {
|
||||
foreach ($input as $key => $value) {
|
||||
if ($key !== '' && $key[0] === '#' && !in_array($key, $whitelist, TRUE)) {
|
||||
if ($key !== '' && is_string($key) && $key[0] === '#' && !in_array($key, $whitelist, TRUE)) {
|
||||
unset($input[$key]);
|
||||
$sanitized_keys[] = $key;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user