updated drupal core to 7.43

2016-03-16 16:41:44 +01:00 · 2016-03-16 16:41:44 +01:00 · b27aabe359
commit b27aabe359
parent 8fb9c70e42
230 changed files with 4138 additions and 2075 deletions
--- a/CHANGELOG.txt
+++ b/CHANGELOG.txt
@ -1,4 +1,101 @@
 Drupal 7.43, 2016-02-24
 -----------------------
 - Fixed security issues (multiple vulnerabilities). See SA-CORE-2016-001.
 Drupal 7.42, 2016-02-03
 -----------------------
 - Stopped invoking hook_flush_caches() on every cron run, since some modules
  use that hook for expensive operations that are only needed on cache clears.
 - Changed the default .htaccess and web.config to block Composer-related files.
 - Added static caching to module_load_include() to improve performance.
 - Fixed double-encoding bugs in select field widgets provided by the Options
  module. The fix deprecates the 'strip_tags' property on option widgets and
  replaces it with a new 'strip_tags_and_unescape' property (minor data
  structure change).
 - Improved MySQL 5.7 support by changing the MySQL database driver to stop
  using the ANSI SQL mode alias, which has different meanings for different
  MySQL versions.
 - Fixed a regression introduced in Drupal 7.39 which prevented autocomplete
  functionality from working on servers that are not configured to
  automatically recognize index.php.
 - Updated the Archive_Tar PEAR package to the latest 1.4.0 release, to fix bugs
  with tar file handling on various operating systems.
 - Fixed fatal errors on node preview when a field is displayed in the node
  teaser but hidden in the full node view. The fix removes a
  field_attach_prepare_view() call from the node_preview() function since it is
  redundant with one in the node preview theme layer.
 - Improved the description of the "Trimmed" format option on text fields
  (translatable string change, and minor UI and data structure change).
 - Numerous small bug fixes.
 - Numerous API documentation improvements.
 - Additional automated test coverage.
 Drupal 7.41, 2015-10-21
 -----------------------
 - Fixed security issues (open redirect). See SA-CORE-2015-004.
 Drupal 7.40, 2015-10-14
 -----------------------
 - Made Drupal's code for parsing .info files run much faster and use much less
  memory.
 - Prevented drupal_http_request() from returning an error when it receives a
  201 through 206 HTTP status code.
 - Added support for autoloading traits via the registry on sites running PHP
  5.4 or higher.
 - Allowed the user-picture.tpl.php theme template to have HTML classes besides
  the default "user-picture" class printed in it (markup change).
 - Fixed the URL text filter to convert e-mail addresses with plus signs into
  mailto: links.
 - Added alternate text to file icons displayed by the File module, to improve
  accessibility (string change, and minor API addition to theme_file_icon()).
 - Changed one-time login link failure messages to be displayed as errors or
  warnings as appropriate, rather than as regular status messages (minor UI
  change and data structure change).
 - Changed the default settings.php configuration to exclude private files from
  the "404_fast_paths" behavior.
 - Changed the page that displays filter tips for a particular text format, for
  example filter/tips/full_html, to return "page not found" or "access denied"
  if the format does not exist or the user does not have access to it. This
  change adds a new menu item to the Filter module's hook_menu() entry (minor
  data structure change).
 - Added a new hook, hook_block_cid_parts_alter(), to allow modules to alter the
  cache keys used for caching a particular block.
 - Made drupal_set_message() display and return messages when "0" is passed in
  as the message to set.
 - Fixed non-functional "Files displayed by default" setting on file fields.
 - The "worker callback" provided in hook_cron_queue_info() and the "finished"
  callback specified during batch processing can now be any PHP callable
  instead of just functions.
 - Prevented drupal_set_time_limit() from decreasing the time limit in the case
  where the PHP maximum execution time is already unlimited.
 - Changed the default thousand marker for numeric fields from a space ("1 000")
  to nothing ("1000") (minor UI change: https://www.drupal.org/node/1388376).
 - Prevented malformed theme .info files (without a "name" key) from causing
  exceptions during menu rebuilds. If an .info file without a "name" key is
  found in a module or theme directory, Drupal will now use the module or
  theme's machine name as the display name instead.
 - Made the format column in the {date_format_locale} database table
  case-sensitive, to match the equivalent column in the {date_formats} table.
 - Fixed a bug in the Statistics module that caused JavaScript files attached to
  a node while it is being viewed to be omitted from the page.
 - Added an optional 'project:' prefix that can be added to dependencies in a
  module's .info file to indicate which project the dependency resides in (API
  addition: https://www.drupal.org/node/2299747).
 - Fixed various bugs that occurred after hooks were invoked early in the Drupal
  bootstrap and that caused module_implements() and drupal_alter() to cache an
  incomplete set of hook implementations for later use.
 - Set the X-Content-Type-Options header to "nosniff" when possible, to prevent
  certain web browsers from picking an unsafe MIME type.
 - Prevented the database API from executing multiple queries at once on MySQL,
  if the site's PHP version is new enough to do so. This is a secondary defense
  against SQL injection (API change: https://www.drupal.org/node/2463973).
 - Fixed a bug in the Drupal 6 to Drupal 7 upgrade path which caused the upgrade
  to fail when there were multiple file records pointing to the same file.
 - Numerous small bug fixes.
 - Numerous API documentation improvements.
 - Additional automated test coverage.
 Drupal 7.39, 2015-08-19
 -----------------------
 - Fixed security issues (multiple vulnerabilities). See SA-CORE-2015-003.
@ -86,11 +183,11 @@ Drupal 7.36, 2015-04-01
 - Additional automated test coverage.
 Drupal 7.35, 2015-03-18
----------------------
+-----------------------
 - Fixed security issues (multiple vulnerabilities). See SA-CORE-2015-001.
 Drupal 7.34, 2014-11-19
----------------------
+-----------------------
 - Fixed security issues (multiple vulnerabilities). See SA-CORE-2014-006.
 Drupal 7.33, 2014-11-07
@ -159,11 +256,11 @@ Drupal 7.33, 2014-11-07
 - Additional automated test coverage.
 Drupal 7.32, 2014-10-15
----------------------
+-----------------------
 - Fixed security issues (SQL injection). See SA-CORE-2014-005.
 Drupal 7.31, 2014-08-06
----------------------
+-----------------------
 - Fixed security issues (denial of service). See SA-CORE-2014-004.
 Drupal 7.30, 2014-07-24
@ -178,7 +275,7 @@ Drupal 7.30, 2014-07-24
 - Additional automated test coverage.
 Drupal 7.29, 2014-07-16
----------------------
+-----------------------
 - Fixed security issues (multiple vulnerabilities). See SA-CORE-2014-003.
 Drupal 7.28, 2014-05-08
@ -224,11 +321,11 @@ Drupal 7.28, 2014-05-08
 - Additional automated test coverage.
 Drupal 7.27, 2014-04-16
----------------------
+-----------------------
 - Fixed security issues (information disclosure). See SA-CORE-2014-002.
 Drupal 7.26, 2014-01-15
----------------------
+-----------------------
 - Fixed security issues (multiple vulnerabilities). See SA-CORE-2014-001.
 Drupal 7.25, 2014-01-02
@ -294,7 +391,7 @@ Drupal 7.25, 2014-01-02
 - Additional automated test coverage.
 Drupal 7.24, 2013-11-20
----------------------
+-----------------------
 - Fixed security issues (multiple vulnerabilities), see SA-CORE-2013-003.
 Drupal 7.23, 2013-08-07
@ -548,8 +645,8 @@ Drupal 7.15, 2012-08-01
 - Numerous API documentation improvements.
 - Additional automated test coverage.
-Drupal 7.14 2012-05-02
+Drupal 7.14, 2012-05-02
----------------------
+-----------------------
 - Fixed "integrity constraint" fatal errors when rebuilding registry.
 - Fixed custom logo and favicon functionality referencing incorrect paths.
 - Fixed DB Case Sensitivity: Allow BINARY attribute in MySQL.
@ -597,12 +694,12 @@ Drupal 7.14 2012-05-02
  - system_update_7061() converts filepaths too aggressively.
  - Trigger upgrade path: Node triggers removed when upgrading to 7-x from 6.25.
-Drupal 7.13 2012-05-02
+Drupal 7.13, 2012-05-02
----------------------
+-----------------------
 - Fixed security issues (Multiple vulnerabilities), see SA-CORE-2012-002.
 Drupal 7.12, 2012-02-01
----------------------
+-----------------------
 - Fixed bug preventing custom menus from receiving an active trail.
 - Fixed hook_field_delete() no longer invoked during field_purge_data().
 - Fixed bug causing entity info cache to not be cleared with the rest of caches.
@ -636,11 +733,11 @@ Drupal 7.12, 2012-02-01
  cache.
 Drupal 7.11, 2012-02-01
----------------------
+-----------------------
 - Fixed security issues (Multiple vulnerabilities), see SA-CORE-2012-001.
 Drupal 7.10, 2011-12-05
----------------------
+-----------------------
 - Fixed Content-Language HTTP header to not cause issues with Drush 5.x.
 - Reduce memory usage of theme registry (performance).
 - Fixed PECL upload progress bar for FileField
@ -993,7 +1090,7 @@ Drupal 7.0, 2011-01-05
      requests.
 Drupal 6.23-dev, xxxx-xx-xx (development release)
-----------------------
+---------------------------
 Drupal 6.22, 2011-05-25
 -----------------------
@ -1003,25 +1100,25 @@ Drupal 6.22, 2011-05-25
 - Fixed a variety of other bugs.
 Drupal 6.21, 2011-05-25
----------------------
+-----------------------
 - Fixed security issues (Cross site scripting), see SA-CORE-2011-001.
 Drupal 6.20, 2010-12-15
----------------------
+-----------------------
 - Fixed a variety of small bugs, improved code documentation.
 Drupal 6.19, 2010-08-11
----------------------
+-----------------------
 - Fixed a variety of small bugs, improved code documentation.
 Drupal 6.18, 2010-08-11
----------------------
+-----------------------
 - Fixed security issues (OpenID authentication bypass, File download access
  bypass, Comment unpublishing bypass, Actions cross site scripting),
  see SA-CORE-2010-002.
 Drupal 6.17, 2010-06-02
----------------------
+-----------------------
 - Improved PostgreSQL compatibility
 - Better PHP 5.3 and PHP 4 compatibility
 - Better browser compatibility of CSS and JS aggregation
@ -1030,7 +1127,7 @@ Drupal 6.17, 2010-06-02
 - Fixed a variety of other bugs.
 Drupal 6.16, 2010-03-03
----------------------
+-----------------------
 - Fixed security issues (Installation cross site scripting, Open redirection,
  Locale module cross site scripting, Blocked user session regeneration),
  see SA-CORE-2010-001.
@ -1042,12 +1139,12 @@ Drupal 6.16, 2010-03-03
 - Fixed a variety of other bugs.
 Drupal 6.15, 2009-12-16
----------------------
+-----------------------
 - Fixed security issues (Cross site scripting), see SA-CORE-2009-009.
 - Fixed a variety of other bugs.
 Drupal 6.14, 2009-09-16
----------------------
+-----------------------
 - Fixed security issues (OpenID association cross site request forgeries,
  OpenID impersonation and File upload), see SA-CORE-2009-008.
 - Changed the system modules page to not run all cache rebuilds; use the
@ -1056,18 +1153,18 @@ Drupal 6.14, 2009-09-16
 - Fixed a variety of small bugs.
 Drupal 6.13, 2009-07-01
----------------------
+-----------------------
 - Fixed security issues (Cross site scripting, Input format access bypass and
  Password leakage in URL), see SA-CORE-2009-007.
 - Fixed a variety of small bugs.
 Drupal 6.12, 2009-05-13
----------------------
+-----------------------
 - Fixed security issues (Cross site scripting), see SA-CORE-2009-006.
 - Fixed a variety of small bugs.
 Drupal 6.11, 2009-04-29
----------------------
+-----------------------
 - Fixed security issues (Cross site scripting and limited information
  disclosure), see SA-CORE-2009-005
 - Fixed performance issues with the menu router cache, the update
@ -1075,7 +1172,7 @@ Drupal 6.11, 2009-04-29
 - Fixed a variety of small bugs.
 Drupal 6.10, 2009-02-25
----------------------
+-----------------------
 - Fixed a security issue, (Local file inclusion on Windows),
  see SA-CORE-2009-003
 - Fixed node_feed() so custom fields can show up in RSS feeds.
@ -1471,7 +1568,7 @@ Drupal 4.7.9, 2007-12-05
 - fixed a security issue (SQL injection), see SA-2007-031
 Drupal 4.7.8, 2007-10-17
----------------------
+------------------------
 - fixed a security issue (HTTP response splitting), see SA-2007-024
 - fixed a security issue (Cross site scripting via uploads), see SA-2007-026
 - fixed a security issue (API handling of unpublished comment), see SA-2007-030
@ -1584,7 +1681,7 @@ Drupal 4.6.11, 2007-01-05
 - Fixed security issue (DoS), see SA-2007-002
 Drupal 4.6.10, 2006-10-18
------------------------
+-------------------------
 - Fixed security issue (XSS), see SA-2006-024
 - Fixed security issue (CSRF), see SA-2006-025
 - Fixed security issue (Form action attribute injection), see SA-2006-026
--- a/MAINTAINERS.txt
+++ b/MAINTAINERS.txt
@ -1,7 +1,8 @@
 Drupal core is built and maintained by the Drupal project community. Everyone is
 encouraged to submit issues and changes (patches) to improve Drupal, and to
-contribute in other ways -- see http://drupal.org/contribute to find out how.
+contribute in other ways -- see https://www.drupal.org/contribute to find out
 how.
 Branch maintainers
 ------------------
@ -9,154 +10,153 @@ Branch maintainers
 The Drupal Core branch maintainers oversee the development of Drupal as a whole.
 The branch maintainers for Drupal 7 are:
- Dries Buytaert 'dries' http://drupal.org/user/1
+- Dries Buytaert 'dries' https://www.drupal.org/u/dries
- Angela Byron 'webchick' http://drupal.org/user/24967
+- Angela Byron 'webchick' https://www.drupal.org/u/webchick
- David Rothstein 'David_Rothstein' http://drupal.org/user/124982
+- David Rothstein 'David_Rothstein' https://www.drupal.org/u/david_rothstein
 Component maintainers
 ---------------------
 The Drupal Core component maintainers oversee the development of Drupal
-subsystems. See http://drupal.org/contribute/core-maintainers for more
+subsystems. See https://www.drupal.org/contribute/core-maintainers for more
 information on their responsibilities, and to find out how to become a component
 maintainer. Current component maintainers for Drupal 7:
 Ajax system
- Alex Bronstein 'effulgentsia' http://drupal.org/user/78040
+- Alex Bronstein 'effulgentsia' https://www.drupal.org/u/effulgentsia
- Earl Miles 'merlinofchaos' http://drupal.org/user/26979
+- Earl Miles 'merlinofchaos' https://www.drupal.org/u/merlinofchaos
 Base system
- Damien Tournoud 'DamZ' http://drupal.org/user/22211
+- Damien Tournoud 'DamZ' https://www.drupal.org/u/damien-tournoud
- Moshe Weitzman 'moshe weitzman' http://drupal.org/user/23
+- Moshe Weitzman 'moshe weitzman' https://www.drupal.org/u/moshe-weitzman
 Batch system
- Yves Chedemois 'yched' http://drupal.org/user/39567
+- Yves Chedemois 'yched' https://www.drupal.org/u/yched
 Cache system
- Damien Tournoud 'DamZ' http://drupal.org/user/22211
+- Damien Tournoud 'DamZ' https://www.drupal.org/u/damien-tournoud
- Nathaniel Catchpole 'catch' http://drupal.org/user/35733
+- Nathaniel Catchpole 'catch' https://www.drupal.org/u/catch
 Cron system
- Derek Wright 'dww' http://drupal.org/user/46549
+- Derek Wright 'dww' https://www.drupal.org/u/dww
 Database system
- Larry Garfield 'Crell' http://drupal.org/user/26398
+- Larry Garfield 'Crell' https://www.drupal.org/u/crell
  - MySQL driver
-    - Larry Garfield 'Crell' http://drupal.org/user/26398
+    - Larry Garfield 'Crell' https://www.drupal.org/u/crell
-    - David Strauss 'David Strauss' http://drupal.org/user/93254
+    - David Strauss 'David Strauss' https://www.drupal.org/u/david-strauss
  - PostgreSQL driver
-    - Damien Tournoud 'DamZ' http://drupal.org/user/22211
+    - Damien Tournoud 'DamZ' https://www.drupal.org/u/damien-tournoud
-    - Josh Waihi 'fiasco' http://drupal.org/user/188162
+    - Josh Waihi 'fiasco' https://www.drupal.org/u/josh-waihi
  - Sqlite driver
-    - Damien Tournoud 'DamZ' http://drupal.org/user/22211
+    - Damien Tournoud 'DamZ' https://www.drupal.org/u/damien-tournoud
 Database update system
- Ashok Modi 'BTMash' http://drupal.org/user/60422
+- Ashok Modi 'BTMash' https://www.drupal.org/u/btmash
 Entity system
- Wolfgang Ziegler 'fago' http://drupal.org/user/16747
+- Wolfgang Ziegler 'fago' https://www.drupal.org/u/fago
- Nathaniel Catchpole 'catch' http://drupal.org/user/35733
+- Nathaniel Catchpole 'catch' https://www.drupal.org/u/catch
- Franz Heinzmann 'Frando' http://drupal.org/user/21850
+- Franz Heinzmann 'Frando' https://www.drupal.org/u/frando
 File system
- Andrew Morton 'drewish' http://drupal.org/user/34869
+- Andrew Morton 'drewish' https://www.drupal.org/u/drewish
- Aaron Winborn 'aaron' http://drupal.org/user/33420
+- Aaron Winborn 'aaron' https://www.drupal.org/u/aaron
 Form system
- Alex Bronstein 'effulgentsia' http://drupal.org/user/78040
+- Alex Bronstein 'effulgentsia' https://www.drupal.org/u/effulgentsia
- Wolfgang Ziegler 'fago' http://drupal.org/user/16747
+- Wolfgang Ziegler 'fago' https://www.drupal.org/u/fago
- Daniel F. Kudwien 'sun' http://drupal.org/user/54136
+- Daniel F. Kudwien 'sun' https://www.drupal.org/u/sun
- Franz Heinzmann 'Frando' http://drupal.org/user/21850
+- Franz Heinzmann 'Frando' https://www.drupal.org/u/frando
 Image system
- Andrew Morton 'drewish' http://drupal.org/user/34869
+- Andrew Morton 'drewish' https://www.drupal.org/u/drewish
- Nathan Haug 'quicksketch' http://drupal.org/user/35821
+- Nathan Haug 'quicksketch' https://www.drupal.org/u/quicksketch
 Install system
- David Rothstein 'David_Rothstein' http://drupal.org/user/124982
+- David Rothstein 'David_Rothstein' https://www.drupal.org/u/david_rothstein
 JavaScript
- Théodore Biadala 'nod_' http://drupal.org/user/598310
+- Théodore Biadala 'nod_' https://www.drupal.org/u/nod_
- Steve De Jonghe 'seutje' http://drupal.org/user/264148
+- Steve De Jonghe 'seutje' https://www.drupal.org/u/seutje
 - Jesse Renée Beach 'jessebeach' http://drupal.org/user/748566
 Language system
- Francesco Placella 'plach' http://drupal.org/user/183211
+- Francesco Placella 'plach' https://www.drupal.org/u/plach
- Daniel F. Kudwien 'sun' http://drupal.org/user/54136
+- Daniel F. Kudwien 'sun' https://www.drupal.org/u/sun
 Lock system
- Damien Tournoud 'DamZ' http://drupal.org/user/22211
+- Damien Tournoud 'DamZ' https://www.drupal.org/u/damien-tournoud
 Mail system
 - ?
 Markup
- Jacine Luisi 'Jacine' http://drupal.org/user/88931
+- Jacine Luisi 'Jacine' https://www.drupal.org/u/jacine
- Daniel F. Kudwien 'sun' http://drupal.org/user/54136
+- Daniel F. Kudwien 'sun' https://www.drupal.org/u/sun
 Menu system
- Peter Wolanin 'pwolanin' http://drupal.org/user/49851
+- Peter Wolanin 'pwolanin' https://www.drupal.org/u/pwolanin
 Path system
- Dave Reid 'davereid' http://drupal.org/user/53892
+- Dave Reid 'davereid' https://www.drupal.org/u/dave-reid
- Nathaniel Catchpole 'catch' http://drupal.org/user/35733
+- Nathaniel Catchpole 'catch' https://www.drupal.org/u/catch
 Render system
- Moshe Weitzman 'moshe weitzman' http://drupal.org/user/23
+- Moshe Weitzman 'moshe weitzman' https://www.drupal.org/u/moshe-weitzman
- Alex Bronstein 'effulgentsia' http://drupal.org/user/78040
+- Alex Bronstein 'effulgentsia' https://www.drupal.org/u/effulgentsia
- Franz Heinzmann 'Frando' http://drupal.org/user/21850
+- Franz Heinzmann 'Frando' https://www.drupal.org/u/frando
 Theme system
- Earl Miles 'merlinofchaos' http://drupal.org/user/26979
+- Earl Miles 'merlinofchaos' https://www.drupal.org/u/merlinofchaos
- Alex Bronstein 'effulgentsia' http://drupal.org/user/78040
+- Alex Bronstein 'effulgentsia' https://www.drupal.org/u/effulgentsia
- Joon Park 'dvessel' http://drupal.org/user/56782
+- Joon Park 'dvessel' https://www.drupal.org/u/dvessel
- John Albin Wilkins 'JohnAlbin' http://drupal.org/user/32095
+- John Albin Wilkins 'JohnAlbin' https://www.drupal.org/u/johnalbin
 Token system
- Dave Reid 'davereid' http://drupal.org/user/53892
+- Dave Reid 'davereid' https://www.drupal.org/u/dave-reid
 XML-RPC system
- Frederic G. Marand 'fgm' http://drupal.org/user/27985
+- Frederic G. Marand 'fgm' https://www.drupal.org/u/fgm
 Topic coordinators
 ------------------
 Accessibility
- Everett Zufelt 'Everett Zufelt' http://drupal.org/user/406552
+- Everett Zufelt 'Everett Zufelt' https://www.drupal.org/u/everett-zufelt
- Brandon Bowersox-Johnson 'bowersox' http://drupal.org/user/186415
+- Brandon Bowersox-Johnson 'bowersox' https://www.drupal.org/u/bowersox
 Documentation
- Jennifer Hodgdon 'jhodgdon' http://drupal.org/user/155601
+- Jennifer Hodgdon 'jhodgdon' https://www.drupal.org/u/jhodgdon
 Translations
- Gerhard Killesreiter 'killes' http://drupal.org/user/83
+- Gerhard Killesreiter 'killes' https://www.drupal.org/u/gerhard-killesreiter
 User experience and usability
- Roy Scholten 'yoroy' http://drupal.org/user/41502
+- Roy Scholten 'yoroy' https://www.drupal.org/u/yoroy
- Bojhan Somers 'Bojhan' http://drupal.org/user/87969
+- Bojhan Somers 'Bojhan' https://www.drupal.org/u/bojhan
 Node Access
- Moshe Weitzman 'moshe weitzman' http://drupal.org/user/23
+- Moshe Weitzman 'moshe weitzman' https://www.drupal.org/u/moshe-weitzman
- Ken Rickard 'agentrickard' http://drupal.org/user/20975
+- Ken Rickard 'agentrickard' https://www.drupal.org/u/agentrickard
- Jess Myrbo 'xjm' http://drupal.org/user/65776
+- Jess Myrbo 'xjm' https://www.drupal.org/u/xjm
 Security team
 -----------------
-To report a security issue, see: https://drupal.org/security-team/report-issue
+To report a security issue, see: https://www.drupal.org/security-team/report-issue
 The Drupal security team provides Security Advisories for vulnerabilities,
 assists developers in resolving security issues, and provides security
-documentation. See http://drupal.org/security-team for more information. The
+documentation. See https://www.drupal.org/security-team for more information.
-security team lead is:
+The security team lead is:
- Michael Hess 'mlhess' https://drupal.org/user/102818
+- Michael Hess 'mlhess' https://www.drupal.org/u/mlhess
 Module maintainers
@ -166,142 +166,142 @@ Aggregator module
 - ?
 Block module
- John Albin Wilkins 'JohnAlbin' http://drupal.org/user/32095
+- John Albin Wilkins 'JohnAlbin' https://www.drupal.org/u/johnalbin
 Blog module
 - ?
 Book module
- Peter Wolanin 'pwolanin' http://drupal.org/user/49851
+- Peter Wolanin 'pwolanin' https://www.drupal.org/u/pwolanin
 Color module
 - ?
 Comment module
- Nathaniel Catchpole 'catch' http://drupal.org/user/35733
+- Nathaniel Catchpole 'catch' https://www.drupal.org/u/catch
 Contact module
- Dave Reid 'davereid' http://drupal.org/user/53892
+- Dave Reid 'davereid' https://www.drupal.org/u/dave-reid
 Contextual module
- Daniel F. Kudwien 'sun' http://drupal.org/user/54136
+- Daniel F. Kudwien 'sun' https://www.drupal.org/u/sun
 Dashboard module
 - ?
 Database logging module
- Khalid Baheyeldin 'kbahey' http://drupal.org/user/4063
+- Khalid Baheyeldin 'kbahey' https://www.drupal.org/u/kbahey
 Field module
- Yves Chedemois 'yched' http://drupal.org/user/39567
+- Yves Chedemois 'yched' https://www.drupal.org/u/yched
- Barry Jaspan 'bjaspan' http://drupal.org/user/46413
+- Barry Jaspan 'bjaspan' https://www.drupal.org/u/bjaspan
 Field UI module
- Yves Chedemois 'yched' http://drupal.org/user/39567
+- Yves Chedemois 'yched' https://www.drupal.org/u/yched
 File module
- Aaron Winborn 'aaron' http://drupal.org/user/33420
+- Aaron Winborn 'aaron' https://www.drupal.org/u/aaron
 Filter module
- Daniel F. Kudwien 'sun' http://drupal.org/user/54136
+- Daniel F. Kudwien 'sun' https://www.drupal.org/u/sun
 Forum module
- Lee Rowlands 'larowlan' http://drupal.org/user/395439
+- Lee Rowlands 'larowlan' https://www.drupal.org/u/larowlan
 Help module
 - ?
 Image module
- Nathan Haug 'quicksketch' http://drupal.org/user/35821
+- Nathan Haug 'quicksketch' https://www.drupal.org/u/quicksketch
 Locale module
- Gábor Hojtsy 'Gábor Hojtsy' http://drupal.org/user/4166
+- Gábor Hojtsy 'Gábor Hojtsy' https://www.drupal.org/u/gábor-hojtsy
 Menu module
 - ?
 Node module
- Moshe Weitzman 'moshe weitzman' http://drupal.org/user/23
+- Moshe Weitzman 'moshe weitzman' https://www.drupal.org/u/moshe-weitzman
- David Strauss 'David Strauss' http://drupal.org/user/93254
+- David Strauss 'David Strauss' https://www.drupal.org/u/david-strauss
 OpenID module
- Vojtech Kusy 'wojtha' http://drupal.org/user/56154
+- Vojtech Kusy 'wojtha' https://www.drupal.org/u/wojtha
- Christian Schmidt 'c960657' http://drupal.org/user/216078
+- Christian Schmidt 'c960657' https://www.drupal.org/u/c960657
- Damien Tournoud 'DamZ' http://drupal.org/user/22211
+- Damien Tournoud 'DamZ' https://www.drupal.org/u/damien-tournoud
 Overlay module
- Katherine Senzee 'ksenzee' http://drupal.org/user/139855
+- Katherine Senzee 'ksenzee' https://www.drupal.org/u/ksenzee
 Path module
- Dave Reid 'davereid' http://drupal.org/user/53892
+- Dave Reid 'davereid' https://www.drupal.org/u/dave-reid
 PHP module
 - ?
 Poll module
- Andrei Mateescu 'amateescu' http://drupal.org/user/729614
+- Andrei Mateescu 'amateescu' https://www.drupal.org/u/amateescu
 Profile module
 - ?
 RDF module
- Stéphane Corlosquet 'scor' http://drupal.org/user/52142
+- Stéphane Corlosquet 'scor' https://www.drupal.org/u/scor
 Search module
- Doug Green 'douggreen' http://drupal.org/user/29191
+- Doug Green 'douggreen' https://www.drupal.org/u/douggreen
 Shortcut module
- David Rothstein 'David_Rothstein' http://drupal.org/user/124982
+- David Rothstein 'David_Rothstein' https://www.drupal.org/u/david_rothstein
 Simpletest module
- Jimmy Berry 'boombatower' http://drupal.org/user/214218
+- Jimmy Berry 'boombatower' https://www.drupal.org/u/boombatower
 Statistics module
- Tim Millwood 'timmillwood' http://drupal.org/user/227849
+- Tim Millwood 'timmillwood' https://www.drupal.org/u/timmillwood
 Syslog module
- Khalid Baheyeldin 'kbahey' http://drupal.org/user/4063
+- Khalid Baheyeldin 'kbahey' https://www.drupal.org/u/kbahey
 System module
 - ?
 Taxonomy module
- Jess Myrbo 'xjm' http://drupal.org/user/65776
+- Jess Myrbo 'xjm' https://www.drupal.org/u/xjm
- Nathaniel Catchpole 'catch' http://drupal.org/user/35733
+- Nathaniel Catchpole 'catch' https://www.drupal.org/u/catch
- Benjamin Doherty 'bangpound' http://drupal.org/user/100456
+- Benjamin Doherty 'bangpound' https://www.drupal.org/u/bangpound
 Toolbar module
 - ?
 Tracker module
- David Strauss 'David Strauss' http://drupal.org/user/93254
+- David Strauss 'David Strauss' https://www.drupal.org/u/david-strauss
 Translation module
- Francesco Placella 'plach' http://drupal.org/user/183211
+- Francesco Placella 'plach' https://www.drupal.org/u/plach
 Trigger module
 - ?
 Update module
- Derek Wright 'dww' http://drupal.org/user/46549
+- Derek Wright 'dww' https://www.drupal.org/u/dww
 User module
- Moshe Weitzman 'moshe weitzman' http://drupal.org/user/23
+- Moshe Weitzman 'moshe weitzman' https://www.drupal.org/u/moshe-weitzman
- David Strauss 'David Strauss' http://drupal.org/user/93254
+- David Strauss 'David Strauss' https://www.drupal.org/u/david-strauss
 Theme maintainers
 -----------------
 Bartik theme
- Jen Simmons 'jensimmons' http://drupal.org/user/140882
+- Jen Simmons 'jensimmons' https://www.drupal.org/u/jensimmons
- Jeff Burns 'Jeff Burnz' http://drupal.org/user/61393
+- Jeff Burns 'Jeff Burnz' https://www.drupal.org/u/jeff-burnz
 Garland theme
- John Albin Wilkins 'JohnAlbin' http://drupal.org/user/32095
+- John Albin Wilkins 'JohnAlbin' https://www.drupal.org/u/johnalbin
 Seven theme
- Jeff Burns 'Jeff Burnz' http://drupal.org/user/61393
+- Jeff Burns 'Jeff Burnz' https://www.drupal.org/u/jeff-burnz
 Stark theme
- John Albin Wilkins 'JohnAlbin' http://drupal.org/user/32095
+- John Albin Wilkins 'JohnAlbin' https://www.drupal.org/u/johnalbin
--- a/UPGRADE.txt
+++ b/UPGRADE.txt
@ -64,6 +64,9 @@ following the instructions in the INTRODUCTION section at the top of this file:
   Sometimes an update includes changes to default.settings.php (this will be
   noted in the release notes). If that's the case, follow these steps:
   - Locate your settings.php file in the /sites/* directory. (Typically
     sites/default.)
   - Make a backup copy of your settings.php file, with a different file name.
   - Make a copy of the new default.settings.php file, and name the copy
@ -74,6 +77,13 @@ following the instructions in the INTRODUCTION section at the top of this file:
     database information, and you will also want to copy in any other
     customizations you have added.
   You can find the release notes for your version at
   https://www.drupal.org/project/drupal. At bottom of the project page under
   "Downloads" use the link for your version of Drupal to view the release
   notes. If your version is not listed, use the 'View all releases' link. From
   this page you can scroll down or use the filter to find your version and its
   release notes.
 4. Download the latest Drupal 7.x release from http://drupal.org to a
   directory outside of your web root. Extract the archive and copy the files
   into your Drupal directory.
--- a/includes/batch.inc
+++ b/includes/batch.inc
@ -460,10 +460,10 @@ function _batch_finished() {
      if (isset($batch_set['file']) && is_file($batch_set['file'])) {
        include_once DRUPAL_ROOT . '/' . $batch_set['file'];
      }
-      if (function_exists($batch_set['finished'])) {
+      if (is_callable($batch_set['finished'])) {
        $queue = _batch_queue($batch_set);
        $operations = $queue->getAllItems();
-        $batch_set['finished']($batch_set['success'], $batch_set['results'], $operations, format_interval($batch_set['elapsed'] / 1000));
+        call_user_func($batch_set['finished'], $batch_set['success'], $batch_set['results'], $operations, format_interval($batch_set['elapsed'] / 1000));
      }
    }
  }
--- a/includes/bootstrap.inc
+++ b/includes/bootstrap.inc
@ -8,7 +8,7 @@
 /**
 * The current system version.
 */
-define('VERSION', '7.39');
+define('VERSION', '7.43');
 /**
 * Core API compatibility.
@ -1055,7 +1055,7 @@ function drupal_page_get_cache($check_only = FALSE) {
 * Determines the cacheability of the current page.
 *
 * @param $allow_caching
- *   Set to FALSE if you want to prevent this page to get cached.
+ *   Set to FALSE if you want to prevent this page from being cached.
 *
 * @return
 *   TRUE if the current page can be cached, FALSE otherwise.
@ -1262,6 +1262,10 @@ function drupal_page_header() {
  $default_headers = array(
    'Expires' => 'Sun, 19 Nov 1978 05:00:00 GMT',
    'Cache-Control' => 'no-cache, must-revalidate, post-check=0, pre-check=0',
    // Prevent browsers from sniffing a response and picking a MIME type
    // different from the declared content-type, since that can lead to
    // XSS and other vulnerabilities.
    'X-Content-Type-Options' => 'nosniff',
  );
  drupal_send_headers($default_headers);
 }
@ -1776,7 +1780,7 @@ function watchdog($type, $message, $variables = array(), $severity = WATCHDOG_NO
 * @see theme_status_messages()
 */
 function drupal_set_message($message = NULL, $type = 'status', $repeat = TRUE) {
-  if ($message) {
+  if ($message || $message === '0' || $message === 0) {
    if (!isset($_SESSION['messages'][$type])) {
      $_SESSION['messages'][$type] = array();
    }
@ -2464,6 +2468,9 @@ function _drupal_bootstrap_database() {
  // the install or upgrade process.
  spl_autoload_register('drupal_autoload_class');
  spl_autoload_register('drupal_autoload_interface');
  if (version_compare(PHP_VERSION, '5.4') >= 0) {
    spl_autoload_register('drupal_autoload_trait');
  }
 }
 /**
@ -2779,10 +2786,14 @@ function language_list($field = 'language') {
 }
 /**
- * Returns the default language used on the site
+ * Returns the default language, as an object, or one of its properties.
 *
 * @param $property
- *   Optional property of the language object to return
+ *   (optional) The property of the language object to return.
 *
 * @return
 *   Either the language object for the default language used on the site,
 *   or the property of that object named in the $property parameter.
 */
 function language_default($property = NULL) {
  $language = variable_get('language_default', (object) array('language' => 'en', 'name' => 'English', 'native' => 'English', 'direction' => 0, 'enabled' => 1, 'plurals' => 0, 'formula' => '', 'domain' => '', 'prefix' => '', 'weight' => 0, 'javascript' => ''));
@ -2952,7 +2963,9 @@ function ip_address() {
 * Gets the schema definition of a table, or the whole database schema.
 *
 * The returned schema will include any modifications made by any
- * module that implements hook_schema_alter().
+ * module that implements hook_schema_alter(). To get the schema without
 * modifications, use drupal_get_schema_unprocessed().
 *
 *
 * @param $table
 *   The name of the table. If not given, the schema of all tables is returned.
@ -3107,6 +3120,22 @@ function drupal_autoload_class($class) {
  return _registry_check_code('class', $class);
 }
 /**
 * Confirms that a trait is available.
 *
 * This function is rarely called directly. Instead, it is registered as an
 * spl_autoload() handler, and PHP calls it for us when necessary.
 *
 * @param string $trait
 *   The name of the trait to check or load.
 *
 * @return bool
 *   TRUE if the trait is currently available, FALSE otherwise.
 */
 function drupal_autoload_trait($trait) {
  return _registry_check_code('trait', $trait);
 }
 /**
 * Checks for a resource in the registry.
 *
@ -3125,7 +3154,7 @@ function drupal_autoload_class($class) {
 function _registry_check_code($type, $name = NULL) {
  static $lookup_cache, $cache_update_needed;
-  if ($type == 'class' && class_exists($name) || $type == 'interface' && interface_exists($name)) {
+  if ($type == 'class' && class_exists($name) || $type == 'interface' && interface_exists($name) || $type == 'trait' && trait_exists($name)) {
    return TRUE;
  }
--- a/includes/cache.inc
+++ b/includes/cache.inc
@ -14,6 +14,7 @@
 *
 * @param $bin
 *   The cache bin for which the cache object should be returned.
 *
 * @return DrupalCacheInterface
 *   The cache object associated with the specified bin.
 *
--- a/includes/common.inc
+++ b/includes/common.inc
@ -688,6 +688,13 @@ function drupal_goto($path = '', array $options = array(), $http_response_code =
    $options['fragment'] = $destination['fragment'];
  }
  // In some cases modules call drupal_goto(current_path()). We need to ensure
  // that such a redirect is not to an external URL.
  if ($path === current_path() && empty($options['external']) && url_is_external($path)) {
    // Force url() to generate a non-external URL.
    $options['external'] = FALSE;
  }
  drupal_alter('drupal_goto', $path, $options, $http_response_code);
  // The 'Location' HTTP header must be absolute.
@ -1057,6 +1064,12 @@ function drupal_http_request($url, array $options = array()) {
  switch ($code) {
    case 200: // OK
    case 201: // Created
    case 202: // Accepted
    case 203: // Non-Authoritative Information
    case 204: // No Content
    case 205: // Reset Content
    case 206: // Partial Content
    case 304: // Not modified
      break;
    case 301: // Moved permanently
@ -2214,20 +2227,8 @@ function url($path = NULL, array $options = array()) {
    'prefix' => ''
  );
  // A duplicate of the code from url_is_external() to avoid needing another
  // function call, since performance inside url() is critical.
  if (!isset($options['external'])) {
-    // Return an external link if $path contains an allowed absolute URL. Avoid
+    $options['external'] = url_is_external($path);
    // calling drupal_strip_dangerous_protocols() if there is any slash (/),
    // hash (#) or question_mark (?) before the colon (:) occurrence - if any -
    // as this would clearly mean it is not a URL. If the path starts with 2
    // slashes then it is always considered an external URL without an explicit
    // protocol part.
    $colonpos = strpos($path, ':');
    $options['external'] = (strpos($path, '//') === 0)
      || ($colonpos !== FALSE
        && !preg_match('![/?#]!', substr($path, 0, $colonpos))
        && drupal_strip_dangerous_protocols($path) == $path);
  }
  // Preserve the original path before altering or aliasing.
@ -2347,12 +2348,18 @@ function url($path = NULL, array $options = array()) {
 */
 function url_is_external($path) {
  $colonpos = strpos($path, ':');
-  // Avoid calling drupal_strip_dangerous_protocols() if there is any slash (/),
+  // Some browsers treat \ as / so normalize to forward slashes.
-  // hash (#) or question_mark (?) before the colon (:) occurrence - if any - as
+  $path = str_replace('\\', '/', $path);
-  // this would clearly mean it is not a URL. If the path starts with 2 slashes
+  // If the path starts with 2 slashes then it is always considered an external
-  // then it is always considered an external URL without an explicit protocol
+  // URL without an explicit protocol part.
  // part.
  return (strpos($path, '//') === 0)
    // Leading control characters may be ignored or mishandled by browsers, so
    // assume such a path may lead to an external location. The \p{C} character
    // class matches all UTF-8 control, unassigned, and private characters.
    || (preg_match('/^\p{C}/u', $path) !== 0)
    // Avoid calling drupal_strip_dangerous_protocols() if there is any slash
    // (/), hash (#) or question_mark (?) before the colon (:) occurrence - if
    // any - as this would clearly mean it is not a URL.
    || ($colonpos !== FALSE
      && !preg_match('![/?#]!', substr($path, 0, $colonpos))
      && drupal_strip_dangerous_protocols($path) == $path);
@ -2812,11 +2819,11 @@ function drupal_map_assoc($array, $function = NULL) {
 * into script execution a call such as set_time_limit(20) is made, the
 * script will run for a total of 45 seconds before timing out.
 *
- * It also means that it is possible to decrease the total time limit if
+ * If the current time limit is not unlimited it is possible to decrease the
- * the sum of the new time limit and the current time spent running the
+ * total time limit if the sum of the new time limit and the current time spent
- * script is inferior to the original time limit. It is inherent to the way
+ * running the script is inferior to the original time limit. It is inherent to
- * set_time_limit() works, it should rather be called with an appropriate
+ * the way set_time_limit() works, it should rather be called with an
- * value every time you need to allocate a certain amount of time
+ * appropriate value every time you need to allocate a certain amount of time
 * to execute a task than only once at the beginning of the script.
 *
 * Before calling set_time_limit(), we check if this function is available
@ -2833,7 +2840,11 @@ function drupal_map_assoc($array, $function = NULL) {
 */
 function drupal_set_time_limit($time_limit) {
  if (function_exists('set_time_limit')) {
-    @set_time_limit($time_limit);
+    $current = ini_get('max_execution_time');
    // Do not set time limit if it is currently unlimited.
    if ($current != 0) {
      @set_time_limit($time_limit);
    }
  }
 }
@ -5212,6 +5223,11 @@ function _drupal_bootstrap_full() {
  fix_gpc_magic();
  // Load all enabled modules
  module_load_all();
  // Reset drupal_alter() and module_implements() static caches as these
  // include implementations for vital modules only when called early on
  // in the bootstrap.
  drupal_static_reset('drupal_alter');
  drupal_static_reset('module_implements');
  // Make sure all stream wrappers are registered.
  file_get_stream_wrappers();
  // Ensure mt_rand is reseeded, to prevent random values from one page load
@ -5308,8 +5324,8 @@ function drupal_page_set_cache() {
 *
 * Do not call this function from a test. Use $this->cronRun() instead.
 *
- * @return
+ * @return bool
- *   TRUE if cron ran successfully.
+ *   TRUE if cron ran successfully and FALSE if cron is already running.
 */
 function drupal_cron_run() {
  // Allow execution to continue even if the request gets canceled.
@ -5371,12 +5387,12 @@ function drupal_cron_run() {
      // Do not run if queue wants to skip.
      continue;
    }
-    $function = $info['worker callback'];
+    $callback = $info['worker callback'];
    $end = time() + (isset($info['time']) ? $info['time'] : 15);
    $queue = DrupalQueue::get($queue_name);
    while (time() < $end && ($item = $queue->claimItem())) {
      try {
-        $function($item->data);
+        call_user_func($callback, $item->data);
        $queue->deleteItem($item);
      }
      catch (Exception $e) {
@ -7083,7 +7099,8 @@ function drupal_uninstall_schema($module) {
 * specification of a schema, as it was defined in a module's
 * hook_schema(). No additional default values will be set,
 * hook_schema_alter() is not invoked and these unprocessed
- * definitions won't be cached.
+ * definitions won't be cached. To retrieve the schema after
 * hook_schema_alter() has been invoked use drupal_get_schema().
 *
 * This function can be used to retrieve a schema specification in
 * hook_schema(), so it allows you to derive your tables from existing
@ -7156,6 +7173,7 @@ function _drupal_schema_initialize(&$schema, $module, $remove_descriptions = TRU
 */
 function drupal_schema_field_types($table) {
  $table_schema = drupal_get_schema($table);
  $field_types = array();
  foreach ($table_schema['fields'] as $field_name => $field_info) {
    $field_types[$field_name] = isset($field_info['type']) ? $field_info['type'] : NULL;
  }
@ -7363,7 +7381,16 @@ function drupal_write_record($table, &$record, $primary_keys = array()) {
 * Information stored in a module .info file:
 * - name: The real name of the module for display purposes.
 * - description: A brief description of the module.
- * - dependencies: An array of shortnames of other modules this module requires.
+ * - dependencies: An array of dependency strings. Each is in the form
 *   'project:module (versions)'; with the following meanings:
 *   - project: (optional) Project shortname, recommended to ensure uniqueness,
 *     if the module is part of a project hosted on drupal.org. If omitted,
 *     also omit the : that follows. The project name is currently ignored by
 *     Drupal core but is used for automated testing.
 *   - module: (required) Module shortname within the project.
 *   - (versions): Optional version information, consisting of one or more
 *     comma-separated operator/value pairs or simply version numbers, which
 *     can contain "x" as a wildcard. Examples: (>=7.22, <7.28), (7.x-3.x).
 * - package: The name of the package of modules this module belongs to.
 *
 * See forum.info for an example of a module .info file.
@ -7443,7 +7470,6 @@ function drupal_parse_info_file($filename) {
 */
 function drupal_parse_info_format($data) {
  $info = array();
  $constants = get_defined_constants();
  if (preg_match_all('
    @^\s*                           # Start at the beginning of a line, ignoring leading whitespace
@ -7483,8 +7509,8 @@ function drupal_parse_info_format($data) {
      }
      // Handle PHP constants.
-      if (isset($constants[$value])) {
+      if (preg_match('/^\w+$/i', $value) && defined($value)) {
-        $value = $constants[$value];
+        $value = constant($value);
      }
      // Insert actual value.
@ -7648,7 +7674,12 @@ function debug($data, $label = NULL, $print_r = FALSE) {
 * Parses a dependency for comparison by drupal_check_incompatibility().
 *
 * @param $dependency
- *   A dependency string, for example 'foo (>=7.x-4.5-beta5, 3.x)'.
+ *   A dependency string, which specifies a module dependency, and optionally
 *   the project it comes from and versions that are supported. Supported
 *   formats include:
 *   - 'module'
 *   - 'project:module'
 *   - 'project:module (>=version, version)'
 *
 * @return
 *   An associative array with three keys:
@ -7663,6 +7694,12 @@ function debug($data, $label = NULL, $print_r = FALSE) {
 * @see drupal_check_incompatibility()
 */
 function drupal_parse_dependency($dependency) {
  $value = array();
  // Split out the optional project name.
  if (strpos($dependency, ':')) {
    list($project_name, $dependency) = explode(':', $dependency);
    $value['project'] = $project_name;
  }
  // We use named subpatterns and support every op that version_compare
  // supports. Also, op is optional and defaults to equals.
  $p_op = '(?P<operation>!=|==|=|<|<=|>|>=|<>)?';
@ -7671,7 +7708,6 @@ function drupal_parse_dependency($dependency) {
  $p_major = '(?P<major>\d+)';
  // By setting the minor version to x, branches can be matched.
  $p_minor = '(?P<minor>(?:\d+|x)(?:-[A-Za-z]+\d+)?)';
  $value = array();
  $parts = explode('(', $dependency, 2);
  $value['name'] = trim($parts[0]);
  if (isset($parts[1])) {
--- a/includes/database/database.inc
+++ b/includes/database/database.inc
@ -656,7 +656,7 @@ abstract class DatabaseConnection extends PDO {
   * @return DatabaseStatementInterface
   *   This method will return one of: the executed statement, the number of
   *   rows affected by the query (not the number matched), or the generated
-   *   insert IT of the last query, depending on the value of
+   *   insert ID of the last query, depending on the value of
   *   $options['return']. Typically that value will be set by default or a
   *   query builder and should not be set by a user. If there is an error,
   *   this method will return NULL and may throw an exception if
--- a/includes/database/mysql/database.inc
+++ b/includes/database/mysql/database.inc
@ -51,6 +51,11 @@ class DatabaseConnection_mysql extends DatabaseConnection {
      // Because MySQL's prepared statements skip the query cache, because it's dumb.
      PDO::ATTR_EMULATE_PREPARES => TRUE,
    );
    if (defined('PDO::MYSQL_ATTR_MULTI_STATEMENTS')) {
      // An added connection option in PHP 5.5.21+ to optionally limit SQL to a
      // single statement like mysqli.
      $connection_options['pdo'] += array(PDO::MYSQL_ATTR_MULTI_STATEMENTS => FALSE);
    }
    parent::__construct($dsn, $connection_options['username'], $connection_options['password'], $connection_options['pdo']);
@ -76,10 +81,12 @@ class DatabaseConnection_mysql extends DatabaseConnection {
      'init_commands' => array(),
    );
    $connection_options['init_commands'] += array(
-      'sql_mode' => "SET sql_mode = 'ANSI,STRICT_TRANS_TABLES,STRICT_ALL_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER'",
+      'sql_mode' => "SET sql_mode = 'REAL_AS_FLOAT,PIPES_AS_CONCAT,ANSI_QUOTES,IGNORE_SPACE,STRICT_TRANS_TABLES,STRICT_ALL_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER'",
    );
-    // Set connection options.
+    // Execute initial commands.
-    $this->exec(implode('; ', $connection_options['init_commands']));
+    foreach ($connection_options['init_commands'] as $sql) {
      $this->exec($sql);
    }
  }
  public function __destruct() {
--- a/includes/database/schema.inc
+++ b/includes/database/schema.inc
@ -92,7 +92,8 @@ require_once dirname(__FILE__) . '/query.inc';
 *    specification). Each specification is an array containing the name of
 *    the referenced table ('table'), and an array of column mappings
 *    ('columns'). Column mappings are defined by key pairs ('source_column' =>
- *    'referenced_column').
+ *    'referenced_column'). This key is for documentation purposes only; foreign
 *    keys are not created in the database, nor are they enforced by Drupal.
 *  - 'indexes':  An associative array of indexes ('indexname' =>
 *    specification). Each specification is an array of one or more
 *    key column specifiers (see below) that form an index on the
@ -144,6 +145,8 @@ require_once dirname(__FILE__) . '/query.inc';
 *   'unique keys' => array(
 *     'vid' => array('vid'),
 *   ),
 *   // For documentation purposes only; foreign keys are not created in the
 *   // database.
 *   'foreign keys' => array(
 *     'node_revision' => array(
 *       'table' => 'node_revision',
--- a/includes/database/sqlite/install.inc
+++ b/includes/database/sqlite/install.inc
@ -14,8 +14,6 @@ class DatabaseTasks_sqlite extends DatabaseTasks {
  /**
   * Minimum engine version.
   *
   * @todo: consider upping to 3.6.8 in Drupal 8 to get SAVEPOINT support.
   */
  public function minimumVersion() {
    return '3.3.7';
--- a/includes/file.inc
+++ b/includes/file.inc
@ -1785,7 +1785,7 @@ function file_validate_is_image(stdClass $file) {
 /**
 * Verifies that image dimensions are within the specified maximum and minimum.
 *
- * Non-image files will be ignored. If a image toolkit is available the image
+ * Non-image files will be ignored. If an image toolkit is available the image
 * will be scaled to fit within the desired maximum dimensions.
 *
 * @param $file
--- a/includes/form.inc
+++ b/includes/form.inc
@ -3385,9 +3385,12 @@ function form_process_container($element, &$form_state) {
 /**
 * Returns HTML to wrap child elements in a container.
 *
- * Used for grouped form items. Can also be used as a #theme_wrapper for any
+ * Used for grouped form items. Can also be used as a theme wrapper for any
 * renderable element, to surround it with a <div> and add attributes such as
- * classes or an HTML id.
+ * classes or an HTML ID.
 *
 * See the @link forms_api_reference.html Form API reference @endlink for more
 * information on the #theme_wrappers render array property.
 *
 * @param $variables
 *   An associative array containing:
@ -3979,7 +3982,12 @@ function form_process_autocomplete($element) {
    // browser interpreting the path plus search string as an actual file.
    $current_clean_url = isset($GLOBALS['conf']['clean_url']) ? $GLOBALS['conf']['clean_url'] : NULL;
    $GLOBALS['conf']['clean_url'] = 0;
-    $element['#autocomplete_input']['#url_value'] = url($element['#autocomplete_path'], array('absolute' => TRUE));
+    // Force the script path to 'index.php', in case the server is not
    // configured to find it automatically. Normally it is the responsibility
    // of the site to do this themselves using hook_url_outbound_alter() (see
    // url()) but since this code is forcing non-clean URLs on sites that don't
    // normally use them, it is done here instead.
    $element['#autocomplete_input']['#url_value'] = url($element['#autocomplete_path'], array('absolute' => TRUE, 'script' => 'index.php'));
    $GLOBALS['conf']['clean_url'] = $current_clean_url;
  }
  return $element;
@ -4484,7 +4492,7 @@ function element_validate_number($element, &$form_state) {
 *
 * Sample callback_batch_finished():
 * @code
- * function batch_test_finished($success, $results, $operations) {
+ * function my_finished_callback($success, $results, $operations) {
 *   // The 'success' parameter means no fatal PHP errors were detected. All
 *   // other error management should be handled using 'results'.
 *   if ($success) {
--- a/includes/install.core.inc
+++ b/includes/install.core.inc
@ -1590,7 +1590,9 @@ function install_finished(&$install_state) {
 }
 /**
- * Batch callback for batch installation of modules.
+ * Implements callback_batch_operation().
 *
 * Performs batch installation of modules.
 */
 function _install_module_batch($module, $module_name, &$context) {
  // Install and enable the module right away, so that the module will be
@ -1603,6 +1605,8 @@ function _install_module_batch($module, $module_name, &$context) {
 }
 /**
 * Implements callback_batch_finished().
 *
 * 'Finished' callback for module installation batch.
 */
 function _install_profile_modules_finished($success, $results, $operations) {
--- a/includes/install.inc
+++ b/includes/install.inc
@ -750,7 +750,7 @@ function drupal_install_system() {
 /**
 * Uninstalls a given list of disabled modules.
 *
- * @param array $module_list
+ * @param string[] $module_list
 *   The modules to uninstall. It is the caller's responsibility to ensure that
 *   all modules in this list have already been disabled before this function
 *   is called.
@ -769,6 +769,7 @@ function drupal_install_system() {
 *   included in $module_list).
 *
 * @see module_disable()
 * @see module_enable()
 */
 function drupal_uninstall_modules($module_list = array(), $uninstall_dependents = TRUE) {
  if ($uninstall_dependents) {
--- a/includes/locale.inc
+++ b/includes/locale.inc
@ -2306,6 +2306,8 @@ function _locale_batch_build($files, $finished = NULL, $components = array()) {
 }
 /**
 * Implements callback_batch_operation().
 *
 * Perform interface translation import as a batch step.
 *
 * @param $filepath
@ -2324,6 +2326,8 @@ function _locale_batch_import($filepath, &$context) {
 }
 /**
 * Implements callback_batch_finished().
 *
 * Finished callback of system page locale import batch.
 * Inform the user of translation files imported.
 */
@ -2334,6 +2338,8 @@ function _locale_batch_system_finished($success, $results) {
 }
 /**
 * Implements callback_batch_finished().
 *
 * Finished callback of language addition locale import batch.
 * Inform the user of translation files imported.
 */
--- a/includes/mail.inc
+++ b/includes/mail.inc
@ -566,7 +566,7 @@ function _drupal_wrap_mail_line(&$line, $key, $values) {
  // Use soft-breaks only for purely quoted or unindented text.
  $line = wordwrap($line, 77 - $values['length'], $values['soft'] ? " \n" : "\n");
  // Break really long words at the maximum width allowed.
-  $line = wordwrap($line, 996 - $values['length'], $values['soft'] ? " \n" : "\n");
+  $line = wordwrap($line, 996 - $values['length'], $values['soft'] ? " \n" : "\n", TRUE);
 }
 /**
--- a/includes/menu.inc
+++ b/includes/menu.inc
@ -229,12 +229,20 @@ define('MENU_CONTEXT_INLINE', 0x0002);
 define('MENU_FOUND', 1);
 /**
- * Internal menu status code -- Menu item was not found.
+ * Menu status code -- Not found.
 *
 * This can be used as the return value from a page callback, although it is
 * preferable to use a load function to accomplish this; see the hook_menu()
 * documentation for details.
 */
 define('MENU_NOT_FOUND', 2);
 /**
- * Internal menu status code -- Menu item access is denied.
+ * Menu status code -- Access denied.
 *
 * This can be used as the return value from a page callback, although it is
 * preferable to use an access callback to accomplish this; see the hook_menu()
 * documentation for details.
 */
 define('MENU_ACCESS_DENIED', 3);
@ -431,7 +439,7 @@ function menu_set_item($path, $router_item) {
 *
 * @param $path
 *   The path; for example, 'node/5'. The function will find the corresponding
- *   node/% item and return that.
+ *   node/% item and return that. Defaults to the current path.
 * @param $router_item
 *   Internal use only.
 *
@ -2613,10 +2621,30 @@ function menu_get_active_breadcrumb() {
 */
 function menu_get_active_title() {
  $active_trail = menu_get_active_trail();
  $local_task_title = NULL;
  foreach (array_reverse($active_trail) as $item) {
-    if (!(bool) ($item['type'] & MENU_IS_LOCAL_TASK)) {
+    // Local task titles are displayed as tabs and therefore should not be
-      return $item['title'];
+    // repeated as the page title. However, if the local task appears in a
    // top-level menu, it is no longer a "local task" anymore (the front page
    // of the site does not have tabs) so it is better to use the local task
    // title in that case than to fall back on the front page link in the
    // active trail (which is usually "Home" and would not make sense in this
    // context).
    if ((bool) ($item['type'] & MENU_IS_LOCAL_TASK)) {
      // A local task title is being skipped; track it in case it needs to be
      // used later.
      $local_task_title = $item['title'];
    }
    else {
      // This is not a local task, so use it for the page title (unless the
      // conditions described above are met).
      if (isset($local_task_title) && isset($item['href']) && $item['href'] == '<front>') {
        return $local_task_title;
      }
      else {
        return $item['title'];
      }
    }
  }
 }
--- a/includes/module.inc
+++ b/includes/module.inc
@ -320,16 +320,27 @@ function module_load_install($module) {
 *   The name of the included file, if successful; FALSE otherwise.
 */
 function module_load_include($type, $module, $name = NULL) {
  static $files = array();
  if (!isset($name)) {
    $name = $module;
  }
  $key = $type . ':' . $module . ':' . $name;
  if (isset($files[$key])) {
    return $files[$key];
  }
  if (function_exists('drupal_get_path')) {
    $file = DRUPAL_ROOT . '/' . drupal_get_path('module', $module) . "/$name.$type";
    if (is_file($file)) {
      require_once $file;
      $files[$key] = $file;
      return $file;
    }
    else {
      $files[$key] = FALSE;
    }
  }
  return FALSE;
 }
@ -365,20 +376,22 @@ function module_load_all_includes($type, $name = NULL) {
 * - Invoke hook_modules_installed().
 * - Invoke hook_modules_enabled().
 *
- * @param $module_list
+ * @param string[] $module_list
 *   An array of module names.
- * @param $enable_dependencies
+ * @param bool $enable_dependencies
 *   If TRUE, dependencies will automatically be added and enabled in the
 *   correct order. This incurs a significant performance cost, so use FALSE
 *   if you know $module_list is already complete and in the correct order.
 *
- * @return
+ * @return bool
 *   FALSE if one or more dependencies are missing, TRUE otherwise.
 *
 * @see hook_install()
 * @see hook_enable()
 * @see hook_modules_installed()
 * @see hook_modules_enabled()
 * @see module_disable()
 * @see drupal_uninstall_modules()
 */
 function module_enable($module_list, $enable_dependencies = TRUE) {
  if ($enable_dependencies) {
@ -505,12 +518,15 @@ function module_enable($module_list, $enable_dependencies = TRUE) {
 /**
 * Disables a given set of modules.
 *
- * @param $module_list
+ * @param string[] $module_list
 *   An array of module names.
- * @param $disable_dependents
+ * @param bool $disable_dependents
 *   If TRUE, dependent modules will automatically be added and disabled in the
 *   correct order. This incurs a significant performance cost, so use FALSE
 *   if you know $module_list is already complete and in the correct order.
 *
 * @see drupal_uninstall_modules()
 * @see module_enable()
 */
 function module_disable($module_list, $disable_dependents = TRUE) {
  if ($disable_dependents) {
@ -676,12 +692,16 @@ function module_hook($module, $hook) {
 /**
 * Determines which modules are implementing a hook.
 *
- * @param $hook
+ * Lazy-loaded include files specified with "group" via hook_hook_info() or
 * hook_module_implements_alter() will be automatically included by this
 * function when necessary.
 *
 * @param string $hook
 *   The name of the hook (e.g. "help" or "menu").
- * @param $sort
+ * @param bool $sort
 *   By default, modules are ordered by weight and filename, settings this option
 *   to TRUE, module list will be ordered by module name.
- * @param $reset
+ * @param bool $reset
 *   For internal use only: Whether to force the stored list of hook
 *   implementations to be regenerated (such as after enabling a new module,
 *   before processing hook_enable).
@ -696,8 +716,10 @@ function module_implements($hook, $sort = FALSE, $reset = FALSE) {
  static $drupal_static_fast;
  if (!isset($drupal_static_fast)) {
    $drupal_static_fast['implementations'] = &drupal_static(__FUNCTION__);
    $drupal_static_fast['verified'] = &drupal_static(__FUNCTION__ . ':verified');
  }
  $implementations = &$drupal_static_fast['implementations'];
  $verified = &$drupal_static_fast['verified'];
  // We maintain a persistent cache of hook implementations in addition to the
  // static cache to avoid looping through every module and every hook on each
@ -711,14 +733,19 @@ function module_implements($hook, $sort = FALSE, $reset = FALSE) {
  // per request.
  if ($reset) {
    $implementations = array();
    $verified = array();
    cache_set('module_implements', array(), 'cache_bootstrap');
    drupal_static_reset('module_hook_info');
    drupal_static_reset('drupal_alter');
    cache_clear_all('hook_info', 'cache_bootstrap');
    cache_clear_all('system_cache_tables', 'cache');
    return;
  }
  // Fetch implementations from cache.
  // This happens on the first call to module_implements(*, *, FALSE) during a
  // request, but also when $implementations have been reset, e.g. after
  // module_enable().
  if (empty($implementations)) {
    $implementations = cache_get('module_implements', 'cache_bootstrap');
    if ($implementations === FALSE) {
@ -727,12 +754,17 @@ function module_implements($hook, $sort = FALSE, $reset = FALSE) {
    else {
      $implementations = $implementations->data;
    }
    // Forget all previously "verified" hooks, in case that $implementations
    // were cleared via drupal_static_reset('module_implements') instead of
    // module_implements(*, *, TRUE).
    $verified = array();
  }
  if (!isset($implementations[$hook])) {
    // The hook is not cached, so ensure that whether or not it has
    // implementations, that the cache is updated at the end of the request.
    $implementations['#write_cache'] = TRUE;
    // Discover implementations for this hook.
    $hook_info = module_hook_info();
    $implementations[$hook] = array();
    $list = module_list(FALSE, FALSE, $sort);
@ -744,13 +776,31 @@ function module_implements($hook, $sort = FALSE, $reset = FALSE) {
        $implementations[$hook][$module] = $include_file ? $hook_info[$hook]['group'] : FALSE;
      }
    }
-    // Allow modules to change the weight of specific implementations but avoid
+    // Allow modules to change the weight of specific implementations, but avoid
    // an infinite loop.
    if ($hook != 'module_implements_alter') {
      // Remember the implementations before hook_module_implements_alter().
      $implementations_before = $implementations[$hook];
      drupal_alter('module_implements', $implementations[$hook], $hook);
      // Verify implementations that were added or modified.
      foreach (array_diff_assoc($implementations[$hook], $implementations_before) as $module => $group) {
        // If drupal_alter('module_implements') changed or added a $group, the
        // respective file needs to be included.
        if ($group) {
          module_load_include('inc', $module, "$module.$group");
        }
        // If a new implementation was added, verify that the function exists.
        if (!function_exists($module . '_' . $hook)) {
          unset($implementations[$hook][$module]);
        }
      }
    }
    // Implementations for this hook are now "verified".
    $verified[$hook] = TRUE;
  }
-  else {
+  elseif (!isset($verified[$hook])) {
    // Implementations for this hook were in the cache, but they are not
    // "verified" yet.
    foreach ($implementations[$hook] as $module => $group) {
      // If this hook implementation is stored in a lazy-loaded file, so include
      // that file first.
@ -769,6 +819,7 @@ function module_implements($hook, $sort = FALSE, $reset = FALSE) {
        $implementations['#write_cache'] = TRUE;
      }
    }
    $verified[$hook] = TRUE;
  }
  return array_keys($implementations[$hook]);
@ -833,6 +884,11 @@ function module_hook_info() {
 * @see module_implements()
 */
 function module_implements_write_cache() {
  // The list of implementations includes vital modules only before full
  // bootstrap, so do not write cache if we are not fully bootstrapped yet.
  if (drupal_get_bootstrap_phase() != DRUPAL_BOOTSTRAP_FULL) {
    return;
  }
  $implementations = &drupal_static('module_implements');
  if (isset($implementations['#write_cache'])) {
    unset($implementations['#write_cache']);
--- a/includes/path.inc
+++ b/includes/path.inc
@ -347,7 +347,8 @@ function drupal_match_path($path, $patterns) {
 * drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL) makes this function available.
 *
 * @return
- *   The current Drupal URL path.
+ *   The current Drupal URL path. The path is untrusted user input and must be
 *   treated as such.
 *
 * @see request_path()
 */
--- a/includes/registry.inc
+++ b/includes/registry.inc
@ -164,7 +164,7 @@ function _registry_parse_files($files) {
 *   (optional) Weight of the module.
 */
 function _registry_parse_file($filename, $contents, $module = '', $weight = 0) {
-  if (preg_match_all('/^\s*(?:abstract|final)?\s*(class|interface)\s+([a-zA-Z0-9_]+)/m', $contents, $matches)) {
+  if (preg_match_all('/^\s*(?:abstract|final)?\s*(class|interface|trait)\s+([a-zA-Z0-9_]+)/m', $contents, $matches)) {
    foreach ($matches[2] as $key => $name) {
      db_merge('registry')
        ->key(array(
--- a/includes/theme.inc
+++ b/includes/theme.inc
@ -1710,11 +1710,29 @@ function theme_status_messages($variables) {
 * copy if none of the enabled modules or the active theme implement any
 * preprocess or process functions or override this theme implementation.
 *
- * @param $variables
+ * @param array $variables
- *   An associative array containing the keys 'text', 'path', and 'options'.
+ *   An associative array containing the keys:
- *   See the l() function for information about these variables.
+ *   - text: The text of the link.
 *   - path: The internal path or external URL being linked to. It is used as
 *     the $path parameter of the url() function.
 *   - options: (optional) An array that defaults to empty, but can contain:
 *     - attributes: Can contain optional attributes:
 *       - class: must be declared in an array. Example: 'class' =>
 *         array('class_name1','class_name2').
 *       - title: must be a string. Example: 'title' => 'Example title'
 *       - Others are more flexible as long as they work with
 *         drupal_attributes($variables['options']['attributes]).
 *     - html: Boolean flag that tells whether text contains HTML or plain
 *       text. If set to TRUE, the text value will not be sanitized so the
         calling function must ensure that it already contains safe HTML.
 *   The elements $variables['options']['attributes'] and
 *   $variables['options']['html'] are used in this function similarly to the
 *   way that $options['attributes'] and $options['html'] are used in l().
 *   The link itself is built by the url() function, which takes
 *   $variables['path'] and $variables['options'] as arguments.
 *
 * @see l()
 * @see url()
 */
 function theme_link($variables) {
  return '<a href="' . check_plain(url($variables['path'], $variables['options'])) . '"' . drupal_attributes($variables['options']['attributes']) . '>' . ($variables['options']['html'] ? $variables['text'] : check_plain($variables['text'])) . '</a>';
@ -1791,7 +1809,8 @@ function theme_links($variables) {
    foreach ($links as $key => $link) {
      $class = array($key);
-      // Add first, last and active classes to the list of links to help out themers.
+      // Add first, last and active classes to the list of links to help out
      // themers.
      if ($i == 1) {
        $class[] = 'first';
      }
@ -1809,7 +1828,8 @@ function theme_links($variables) {
        $output .= l($link['title'], $link['href'], $link);
      }
      elseif (!empty($link['title'])) {
-        // Some links are actually not links, but we wrap these in <span> for adding title and class attributes.
+        // Some links are actually not links, but we wrap these in <span> for
        // adding title and class attributes.
        if (empty($link['html'])) {
          $link['title'] = check_plain($link['title']);
        }
--- a/includes/update.inc
+++ b/includes/update.inc
@ -908,6 +908,8 @@ function update_get_d6_session_name() {
 }
 /**
 * Implements callback_batch_operation().
 *
 * Performs one update and stores the results for display on the results page.
 *
 * If an update function completes successfully, it should return a message
@ -1078,6 +1080,8 @@ function update_batch($start, $redirect = NULL, $url = NULL, $batch = array(), $
 }
 /**
 * Implements callback_batch_finished().
 *
 * Finishes the update process and stores the results for eventual display.
 *
 * After the updates run, all caches are flushed. The update results are
--- a/includes/xmlrpcs.inc
+++ b/includes/xmlrpcs.inc
@ -264,6 +264,10 @@ function xmlrpc_server_call($xmlrpc_server, $methodname, $args) {
 */
 function xmlrpc_server_multicall($methodcalls) {
  // See http://www.xmlrpc.com/discuss/msgReader$1208
  // To avoid multicall expansion attacks, limit the number of duplicate method
  // calls allowed with a default of 1. Set to -1 for unlimited.
  $duplicate_method_limit = variable_get('xmlrpc_multicall_duplicate_method_limit', 1);
  $method_count = array();
  $return = array();
  $xmlrpc_server = xmlrpc_server_get();
  foreach ($methodcalls as $call) {
@ -273,10 +277,14 @@ function xmlrpc_server_multicall($methodcalls) {
      $ok = FALSE;
    }
    $method = $call['methodName'];
    $method_count[$method] = isset($method_count[$method]) ? $method_count[$method] + 1 : 1;
    $params = $call['params'];
    if ($method == 'system.multicall') {
      $result = xmlrpc_error(-32600, t('Recursive calls to system.multicall are forbidden.'));
    }
    elseif ($duplicate_method_limit > 0 && $method_count[$method] > $duplicate_method_limit) {
      $result = xmlrpc_error(-156579, t('Too many duplicate method calls in system.multicall.'));
    }
    elseif ($ok) {
      $result = xmlrpc_server_call($xmlrpc_server, $method, $params);
    }
--- a/misc/states.js
+++ b/misc/states.js
@ -493,7 +493,11 @@ $(document).bind('state:disabled', function(e) {
 $(document).bind('state:required', function(e) {
  if (e.trigger) {
    if (e.value) {
-      $(e.target).closest('.form-item, .form-wrapper').find('label').append('<span class="form-required">*</span>');
+      var $label = $(e.target).closest('.form-item, .form-wrapper').find('label');
      // Avoids duplicate required markers on initialization.
      if (!$label.find('.form-required').length) {
        $label.append('<span class="form-required">*</span>');
      }
    }
    else {
      $(e.target).closest('.form-item, .form-wrapper').find('label .form-required').remove();
--- a/modules/aggregator/aggregator.info
+++ b/modules/aggregator/aggregator.info
@ -7,8 +7,8 @@ files[] = aggregator.test
 configure = admin/config/services/aggregator/settings
 stylesheets[all][] = aggregator.css
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/aggregator/tests/aggregator_test.info
+++ b/modules/aggregator/tests/aggregator_test.info
@ -5,8 +5,8 @@ version = VERSION
 core = 7.x
 hidden = TRUE
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/block/block.api.php
+++ b/modules/block/block.api.php
@ -363,6 +363,31 @@ function hook_block_list_alter(&$blocks) {
  }
 }
 /**
 * Act on block cache ID (cid) parts before the cid is generated.
 *
 * This hook allows you to add, remove or modify the custom keys used to
 * generate a block cache ID (by default, these keys are set to the block
 * module and delta). These keys will be combined with the standard ones
 * provided by drupal_render_cid_parts() to generate the final block cache ID.
 *
 * To change the cache granularity used by drupal_render_cid_parts(), this hook
 * cannot be used; instead, set the 'cache' key in the block's definition in
 * hook_block_info().
 *
 * @params $cid_parts
 *   An array of elements used to build the cid.
 * @param $block
 *   The block object being acted on.
 *
 * @see _block_get_cache_id()
 */
 function hook_block_cid_parts_alter(&$cid_parts, $block) {
  global $user;
  // This example shows how to cache a block based on the user's timezone.
  $cid_parts[] = $user->timezone;
 }
 /**
 * @} End of "addtogroup hooks".
 */
--- a/modules/block/block.info
+++ b/modules/block/block.info
@ -6,8 +6,8 @@ core = 7.x
 files[] = block.test
 configure = admin/structure/block
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/block/block.js
+++ b/modules/block/block.js
@ -24,7 +24,7 @@ Drupal.behaviors.blockSettingsSummary = {
    $('fieldset#edit-node-type', context).drupalSetSummary(function (context) {
      var vals = [];
      $('input[type="checkbox"]:checked', context).each(function () {
-        vals.push($.trim($(this).next('label').text()));
+        vals.push($.trim($(this).next('label').html()));
      });
      if (!vals.length) {
        vals.push(Drupal.t('Not restricted'));
@ -35,7 +35,7 @@ Drupal.behaviors.blockSettingsSummary = {
    $('fieldset#edit-role', context).drupalSetSummary(function (context) {
      var vals = [];
      $('input[type="checkbox"]:checked', context).each(function () {
-        vals.push($.trim($(this).next('label').text()));
+        vals.push($.trim($(this).next('label').html()));
      });
      if (!vals.length) {
        vals.push(Drupal.t('Not restricted'));
@ -49,7 +49,7 @@ Drupal.behaviors.blockSettingsSummary = {
        return Drupal.t('Not customizable');
      }
      else {
-        return $radio.next('label').text();
+        return $radio.next('label').html();
      }
    });
  }
--- a/modules/block/block.module
+++ b/modules/block/block.module
@ -16,7 +16,7 @@ define('BLOCK_REGION_NONE', -1);
 define('BLOCK_CUSTOM_FIXED', 0);
 /**
- *  Shows this block by default, but lets individual users hide it.
+ * Shows this block by default, but lets individual users hide it.
 */
 define('BLOCK_CUSTOM_ENABLED', 1);
@ -59,6 +59,7 @@ function block_help($path, $arg) {
      $output .= '<dd>' . t('Users with the <em>Administer blocks</em> permission can <a href="@block-add">add custom blocks</a>, which are then listed on the <a href="@blocks">Blocks administration page</a>. Once created, custom blocks behave just like default and module-generated blocks.', array('@blocks' => url('admin/structure/block'), '@block-add' => url('admin/structure/block/add'))) . '</dd>';
      $output .= '</dl>';
      return $output;
    case 'admin/structure/block/add':
      return '<p>' . t('Use this page to create a new custom block.') . '</p>';
  }
@ -189,6 +190,7 @@ function _block_themes_access($theme) {
 * @param $theme
 *   The theme whose blocks are being configured. If not set, the default theme
 *   is assumed.
 *
 * @return
 *   The theme that should be used for the block configuration page, or NULL
 *   to indicate that the default theme should be used.
@ -343,14 +345,17 @@ function _block_get_renderable_array($list = array()) {
    // to perform contextual actions on the help block, and the links needlessly
    // draw attention on it.
    if ($key != 'system_main' && $key != 'system_help') {
-      $build[$key]['#contextual_links']['block'] = array('admin/structure/block/manage', array($block->module, $block->delta));
+      $build[$key]['#contextual_links']['block'] = array(
        'admin/structure/block/manage',
        array($block->module, $block->delta),
      );
    }
    $build[$key] += array(
      '#block' => $block,
      '#weight' => ++$weight,
    );
-    $build[$key]['#theme_wrappers'][] ='block';
+    $build[$key]['#theme_wrappers'][] = 'block';
  }
  $build['#sorted'] = TRUE;
  return $build;
@ -386,18 +391,20 @@ function _block_rehash($theme = NULL) {
  // Gather the blocks defined by modules.
  foreach (module_implements('block_info') as $module) {
    $module_blocks = module_invoke($module, 'block_info');
    $delta_list = array();
    foreach ($module_blocks as $delta => $block) {
      // Compile a condition to retrieve this block from the database.
      $condition = db_and()
        ->condition('module', $module)
        ->condition('delta', $delta);
      $or->condition($condition);
      // Add identifiers.
      $delta_list[] = $delta;
      $block['module'] = $module;
-      $block['delta']  = $delta;
+      $block['delta'] = $delta;
-      $block['theme']  = $theme;
+      $block['theme'] = $theme;
      $current_blocks[$module][$delta] = $block;
    }
    if (!empty($delta_list)) {
      $condition = db_and()->condition('module', $module)->condition('delta', $delta_list);
      $or->condition($condition);
    }
  }
  // Save the blocks defined in code for alter context.
  $code_blocks = $current_blocks;
@ -644,7 +651,8 @@ function block_theme_initialize($theme) {
    $regions = system_region_list($theme, REGIONS_VISIBLE);
    $result = db_query("SELECT * FROM {block} WHERE theme = :theme", array(':theme' => $default_theme), array('fetch' => PDO::FETCH_ASSOC));
    foreach ($result as $block) {
-      // If the region isn't supported by the theme, assign the block to the theme's default region.
+      // If the region isn't supported by the theme, assign the block to the
      // theme's default region.
      if ($block['status'] && !isset($regions[$block['region']])) {
        $block['region'] = system_default_region($theme);
      }
@ -812,17 +820,18 @@ function block_block_list_alter(&$blocks) {
      // with different case. Ex: /Page, /page, /PAGE.
      $pages = drupal_strtolower($block->pages);
      if ($block->visibility < BLOCK_VISIBILITY_PHP) {
-        // Convert the Drupal path to lowercase
+        // Convert the Drupal path to lowercase.
        $path = drupal_strtolower(drupal_get_path_alias($_GET['q']));
        // Compare the lowercase internal and lowercase path alias (if any).
        $page_match = drupal_match_path($path, $pages);
        if ($path != $_GET['q']) {
          $page_match = $page_match || drupal_match_path($_GET['q'], $pages);
        }
-        // When $block->visibility has a value of 0 (BLOCK_VISIBILITY_NOTLISTED),
+        // When $block->visibility has a value of 0
-        // the block is displayed on all pages except those listed in $block->pages.
+        // (BLOCK_VISIBILITY_NOTLISTED), the block is displayed on all pages
-        // When set to 1 (BLOCK_VISIBILITY_LISTED), it is displayed only on those
+        // except those listed in $block->pages. When set to 1
-        // pages listed in $block->pages.
+        // (BLOCK_VISIBILITY_LISTED), it is displayed only on those pages
        // listed in $block->pages.
        $page_match = !($block->visibility xor $page_match);
      }
      elseif (module_exists('php')) {
@ -845,7 +854,8 @@ function block_block_list_alter(&$blocks) {
 * Render the content and subject for a set of blocks.
 *
 * @param $region_blocks
- *   An array of block objects such as returned for one region by _block_load_blocks().
+ *   An array of block objects such as returned for one region by
 *   _block_load_blocks().
 *
 * @return
 *   An array of visible blocks as expected by drupal_render().
@ -953,6 +963,8 @@ function _block_render_blocks($region_blocks) {
 * Theme and language contexts are automatically differentiated.
 *
 * @param $block
 *   The block to get the cache_id from.
 *
 * @return
 *   The string used as cache_id for the block.
 */
@ -967,6 +979,7 @@ function _block_get_cache_id($block) {
    // Start with common sub-patterns: block identification, theme, language.
    $cid_parts[] = $block->module;
    $cid_parts[] = $block->delta;
    drupal_alter('block_cid_parts', $cid_parts, $block);
    $cid_parts = array_merge($cid_parts, drupal_render_cid_parts($block->cache));
    return implode(':', $cid_parts);
--- a/modules/block/tests/block_test.info
+++ b/modules/block/tests/block_test.info
@ -5,8 +5,8 @@ version = VERSION
 core = 7.x
 hidden = TRUE
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/block/tests/themes/block_test_theme/block_test_theme.info
+++ b/modules/block/tests/themes/block_test_theme/block_test_theme.info
@ -13,8 +13,8 @@ regions[footer] = Footer
 regions[highlighted] = Highlighted
 regions[help] = Help
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/blog/blog.info
+++ b/modules/blog/blog.info
@ -5,8 +5,8 @@ version = VERSION
 core = 7.x
 files[] = blog.test
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/book/book.info
+++ b/modules/book/book.info
@ -7,8 +7,8 @@ files[] = book.test
 configure = admin/content/book/settings
 stylesheets[all][] = book.css
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/color/color.info
+++ b/modules/color/color.info
@ -5,8 +5,8 @@ version = VERSION
 core = 7.x
 files[] = color.test
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/comment/comment.info
+++ b/modules/comment/comment.info
@ -9,8 +9,8 @@ files[] = comment.test
 configure = admin/content/comment
 stylesheets[all][] = comment.css
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/contact/contact.info
+++ b/modules/contact/contact.info
@ -6,8 +6,8 @@ core = 7.x
 files[] = contact.test
 configure = admin/structure/contact
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/contextual/contextual.info
+++ b/modules/contextual/contextual.info
@ -5,8 +5,8 @@ version = VERSION
 core = 7.x
 files[] = contextual.test
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/dashboard/dashboard.info
+++ b/modules/dashboard/dashboard.info
@ -7,8 +7,8 @@ files[] = dashboard.test
 dependencies[] = block
 configure = admin/dashboard/customize
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/dblog/dblog.info
+++ b/modules/dblog/dblog.info
@ -5,8 +5,8 @@ version = VERSION
 core = 7.x
 files[] = dblog.test
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/dblog/dblog.module
+++ b/modules/dblog/dblog.module
@ -144,17 +144,20 @@ function _dblog_get_message_types() {
 * Note: Some values may be truncated to meet database column size restrictions.
 */
 function dblog_watchdog(array $log_entry) {
  if (!function_exists('drupal_substr')) {
    require_once DRUPAL_ROOT . '/includes/unicode.inc';
  }
  Database::getConnection('default', 'default')->insert('watchdog')
    ->fields(array(
      'uid' => $log_entry['uid'],
-      'type' => substr($log_entry['type'], 0, 64),
+      'type' => drupal_substr($log_entry['type'], 0, 64),
      'message' => $log_entry['message'],
      'variables' => serialize($log_entry['variables']),
      'severity' => $log_entry['severity'],
-      'link' => substr($log_entry['link'], 0, 255),
+      'link' => drupal_substr($log_entry['link'], 0, 255),
      'location' => $log_entry['request_uri'],
      'referer' => $log_entry['referer'],
-      'hostname' => substr($log_entry['ip'], 0, 128),
+      'hostname' => drupal_substr($log_entry['ip'], 0, 128),
      'timestamp' => $log_entry['timestamp'],
    ))
    ->execute();
--- a/modules/dblog/dblog.test
+++ b/modules/dblog/dblog.test
@ -119,13 +119,16 @@ class DBLogTestCase extends DrupalWebTestCase {
  private function generateLogEntries($count, $type = 'custom', $severity = WATCHDOG_NOTICE) {
    global $base_root;
    // Make it just a little bit harder to pass the link part of the test.
    $link = urldecode('/content/xo%E9%85%B1%E5%87%89%E6%8B%8C%E7%B4%A0%E9%B8%A1%E7%85%A7%E7%83%A7%E9%B8%A1%E9%BB%84%E7%8E%AB%E7%91%B0-%E7%A7%91%E5%B7%9E%E7%9A%84%E5%B0%8F%E4%B9%9D%E5%AF%A8%E6%B2%9F%E7%BB%9D%E7%BE%8E%E9%AB%98%E5%B1%B1%E6%B9%96%E6%B3%8A%E9%85%B1%E5%87%89%E6%8B%8C%E7%B4%A0%E9%B8%A1%E7%85%A7%E7%83%A7%E9%B8%A1%E9%BB%84%E7%8E%AB%E7%91%B0-%E7%A7%91%E5%B7%9E%E7%9A%84%E5%B0%8F%E4%B9%9D%E5%AF%A8%E6%B2%9F%E7%BB%9D%E7%BE%8E%E9%AB%98%E5%B1%B1%E6%B9%96%E6%B3%8A%E9%85%B1%E5%87%89%E6%8B%8C%E7%B4%A0%E9%B8%A1%E7%85%A7%E7%83%A7%E9%B8%A1%E9%BB%84%E7%8E%AB%E7%91%B0-%E7%A7%91%E5%B7%9E%E7%9A%84%E5%B0%8F%E4%B9%9D%E5%AF%A8%E6%B2%9F%E7%BB%9D%E7%BE%8E%E9%AB%98%E5%B1%B1%E6%B9%96%E6%B3%8A%E9%85%B1%E5%87%89%E6%8B%8C%E7%B4%A0%E9%B8%A1%E7%85%A7%E7%83%A7%E9%B8%A1%E9%BB%84%E7%8E%AB%E7%91%B0-%E7%A7%91%E5%B7%9E%E7%9A%84%E5%B0%8F%E4%B9%9D%E5%AF%A8%E6%B2%9F%E7%BB%9D%E7%BE%8E%E9%AB%98%E5%B1%B1%E6%B9%96%E6%B3%8A%E9%85%B1%E5%87%89%E6%8B%8C%E7%B4%A0%E9%B8%A1%E7%85%A7%E7%83%A7%E9%B8%A1%E9%BB%84%E7%8E%AB%E7%91%B0-%E7%A7%91%E5%B7%9E%E7%9A%84%E5%B0%8F%E4%B9%9D%E5%AF%A8%E6%B2%9F%E7%BB%9D%E7%BE%8E%E9%AB%98%E5%B1%B1%E6%B9%96%E6%B3%8A%E9%85%B1%E5%87%89%E6%8B%8C%E7%B4%A0%E9%B8%A1%E7%85%A7%E7%83%A7%E9%B8%A1%E9%BB%84%E7%8E%AB%E7%91%B0-%E7%A7%91%E5%B7%9E%E7%9A%84%E5%B0%8F%E4%B9%9D%E5%AF%A8%E6%B2%9F%E7%BB%9D%E7%BE%8E%E9%AB%98%E5%B1%B1%E6%B9%96%E6%B3%8A%E9%85%B1%E5%87%89%E6%8B%8C%E7%B4%A0%E9%B8%A1%E7%85%A7%E7%83%A7%E9%B8%A1%E9%BB%84%E7%8E%AB%E7%91%B0-%E7%A7%91%E5%B7%9E%E7%9A%84%E5%B0%8F%E4%B9%9D%E5%AF%A8%E6%B2%9F%E7%BB%9D%E7%BE%8E%E9%AB%98%E5%B1%B1%E6%B9%96%E6%B3%8A%E9%85%B1%E5%87%89%E6%8B%8C%E7%B4%A0%E9%B8%A1%E7%85%A7%E7%83%A7%E9%B8%A1%E9%BB%84%E7%8E%AB%E7%91%B0-%E7%A7%91%E5%B7%9E%E7%9A%84%E5%B0%8F%E4%B9%9D%E5%AF%A8%E6%B2%9F%E7%BB%9D%E7%BE%8E%E9%AB%98%E5%B1%B1%E6%B9%96%E6%B3%8A%E9%85%B1%E5%87%89%E6%8B%8C%E7%B4%A0%E9%B8%A1%E7%85%A7%E7%83%A7%E9%B8%A1%E9%BB%84%E7%8E%AB%E7%91%B0-%E7%A7%91%E5%B7%9E%E7%9A%84%E5%B0%8F%E4%B9%9D%E5%AF%A8%E6%B2%9F%E7%BB%9D%E7%BE%8E%E9%AB%98%E5%B1%B1%E6%B9%96%E6%B3%8A%E9%85%B1%E5%87%89%E6%8B%8C%E7%B4%A0%E9%B8%A1%E7%85%A7%E7%83%A7%E9%B8%A1%E9%BB%84%E7%8E%AB%E7%91%B0-%E7%A7%91%E5%B7%9E%E7%9A%84%E5%B0%8F%E4%B9%9D%E5%AF%A8%E6%B2%9F%E7%BB%9D%E7%BE%8E%E9%AB%98%E5%B1%B1%E6%B9%96%E6%B3%8A%E9%85%B1%E5%87%89%E6%8B%8C%E7%B4%A0%E9%B8%A1%E7%85%A7%E7%83%A7%E9%B8%A1%E9%BB%84%E7%8E%AB%E7%91%B0-%E7%A7%91%E5%B7%9E%E7%9A%84%E5%B0%8F%E4%B9%9D%E5%AF%A8%E6%B2%9F%E7%BB%9D%E7%BE%8E%E9%AB%98%E5%B1%B1%E6%B9%96%E6%B3%8A%E9%85%B1%E5%87%89%E6%8B%8C%E7%B4%A0%E9%B8%A1%E7%85%A7%E7%83%A7%E9%B8%A1%E9%BB%84%E7%8E%AB%E7%91%B0-%E7%A7%91%E5%B7%9E%E7%9A%84%E5%B0%8F%E4%B9%9D%E5%AF%A8%E6%B2%9F%E7%BB%9D%E7%BE%8E%E9%AB%98%E5%B1%B1%E6%B9%96%E6%B3%8A%E9%85%B1%E5%87%89%E6%8B%8C%E7%B4%A0%E9%B8%A1%E7%85%A7%E7%83%A7%E9%B8%A1%E9%BB%84%E7%8E%AB%E7%91%B0-%E7%A7%91%E5%B7%9E%E7%9A%84%E5%B0%8F%E4%B9%9D%E5%AF%A8%E6%B2%9F%E7%BB%9D%E7%BE%8E%E9%AB%98%E5%B1%B1%E6%B9%96%E6%B3%8A-lake-isabelle');
    // Prepare the fields to be logged
    $log = array(
      'type'        => $type,
      'message'     => 'Log entry added to test the dblog row limit.',
      'variables'   => array(),
      'severity'    => $severity,
-      'link'        => NULL,
+      'link'        => $link,
      'user'        => $this->big_user,
      'uid'         => isset($this->big_user->uid) ? $this->big_user->uid : 0,
      'request_uri' => $base_root . request_uri(),
@ -634,4 +637,3 @@ class DBLogTestCase extends DrupalWebTestCase {
    $this->assertLink(html_entity_decode($message_text), 0, $message);
  }
 }
--- a/modules/field/field.info
+++ b/modules/field/field.info
@ -11,8 +11,8 @@ dependencies[] = field_sql_storage
 required = TRUE
 stylesheets[all][] = theme/field.css
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/field/field.info.class.inc
+++ b/modules/field/field.info.class.inc
@ -612,10 +612,12 @@ class FieldInfo {
    // Fill in default values.
    $display += array(
      'label' => 'above',
      'type' => $field_type_info['default_formatter'],
      'settings' => array(),
      'weight' => 0,
    );
    if (empty($display['type'])) {
      $display['type'] = $field_type_info['default_formatter'];
    }
    if ($display['type'] != 'hidden') {
      $formatter_type_info = field_info_formatter_types($display['type']);
      // Fall back to default formatter if formatter type is not available.
--- a/modules/field/modules/field_sql_storage/field_sql_storage.info
+++ b/modules/field/modules/field_sql_storage/field_sql_storage.info
@ -7,8 +7,8 @@ dependencies[] = field
 files[] = field_sql_storage.test
 required = TRUE
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/field/modules/list/list.info
+++ b/modules/field/modules/list/list.info
@ -7,8 +7,8 @@ dependencies[] = field
 dependencies[] = options
 files[] = tests/list.test
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/field/modules/list/tests/list_test.info
+++ b/modules/field/modules/list/tests/list_test.info
@ -5,8 +5,8 @@ package = Testing
 version = VERSION
 hidden = TRUE
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/field/modules/number/number.info
+++ b/modules/field/modules/number/number.info
@ -6,8 +6,8 @@ core = 7.x
 dependencies[] = field
 files[] = number.test
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/field/modules/number/number.module
+++ b/modules/field/modules/number/number.module
@ -188,7 +188,7 @@ function number_field_formatter_info() {
      'label' => t('Default'),
      'field types' => array('number_integer'),
      'settings' =>  array(
-        'thousand_separator' => ' ',
+        'thousand_separator' => '',
        // The 'decimal_separator' and 'scale' settings are not configurable
        // through the UI, and will therefore keep their default values. They
        // are only present so that the 'number_integer' and 'number_decimal'
@ -202,7 +202,7 @@ function number_field_formatter_info() {
      'label' => t('Default'),
      'field types' => array('number_decimal', 'number_float'),
      'settings' =>  array(
-        'thousand_separator' => ' ',
+        'thousand_separator' => '',
        'decimal_separator' => '.',
        'scale' => 2,
        'prefix_suffix' => TRUE,
--- a/modules/field/modules/options/options.info
+++ b/modules/field/modules/options/options.info
@ -6,8 +6,8 @@ core = 7.x
 dependencies[] = field
 files[] = options.test
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/field/modules/options/options.module
+++ b/modules/field/modules/options/options.module
@ -185,6 +185,7 @@ function _options_properties($type, $multiple, $required, $has_value) {
  $base = array(
    'filter_xss' => FALSE,
    'strip_tags' => FALSE,
    'strip_tags_and_unescape' => FALSE,
    'empty_option' => FALSE,
    'optgroups' => FALSE,
  );
@ -195,7 +196,7 @@ function _options_properties($type, $multiple, $required, $has_value) {
    case 'select':
      $properties = array(
        // Select boxes do not support any HTML tag.
-        'strip_tags' => TRUE,
+        'strip_tags_and_unescape' => TRUE,
        'optgroups' => TRUE,
      );
      if ($multiple) {
@ -271,9 +272,16 @@ function _options_prepare_options(&$options, $properties) {
      _options_prepare_options($options[$value], $properties);
    }
    else {
      // The 'strip_tags' option is deprecated. Use 'strip_tags_and_unescape'
      // when plain text is required (and where the output will be run through
      // check_plain() before being inserted back into HTML) or 'filter_xss'
      // when HTML is required.
      if ($properties['strip_tags']) {
        $options[$value] = strip_tags($label);
      }
      if ($properties['strip_tags_and_unescape']) {
        $options[$value] = decode_entities(strip_tags($label));
      }
      if ($properties['filter_xss']) {
        $options[$value] = field_filter_xss($label);
      }
--- a/modules/field/modules/options/options.test
+++ b/modules/field/modules/options/options.test
@ -24,7 +24,7 @@ class OptionsWidgetsTestCase extends FieldTestCase {
      'cardinality' => 1,
      'settings' => array(
        // Make sure that 0 works as an option.
-        'allowed_values' => array(0 => 'Zero', 1 => 'One', 2 => 'Some <script>dangerous</script> & unescaped <strong>markup</strong>'),
+        'allowed_values' => array(0 => 'Zero', 1 => 'One', 2 => 'Some <script>dangerous</script> & unescaped <strong>markup</strong>',  3 => 'Some HTML encoded markup with &lt; &amp; &gt;'),
      ),
    );
    $this->card_1 = field_create_field($this->card_1);
@ -233,6 +233,7 @@ class OptionsWidgetsTestCase extends FieldTestCase {
    $this->assertNoOptionSelected("edit-card-1-$langcode", 1);
    $this->assertNoOptionSelected("edit-card-1-$langcode", 2);
    $this->assertRaw('Some dangerous &amp; unescaped markup', 'Option text was properly filtered.');
    $this->assertRaw('Some HTML encoded markup with &lt; &amp; &gt;', 'HTML entities in option text were properly handled and not double-encoded');
    // Submit form: select invalid 'none' option.
    $edit = array("card_1[$langcode]" => '_none');
--- a/modules/field/modules/text/text.info
+++ b/modules/field/modules/text/text.info
@ -7,8 +7,8 @@ dependencies[] = field
 files[] = text.test
 required = TRUE
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/field/modules/text/text.module
+++ b/modules/field/modules/text/text.module
@ -223,11 +223,13 @@ function text_field_formatter_settings_form($field, $instance, $view_mode, $form
  if (strpos($display['type'], '_trimmed') !== FALSE) {
    $element['trim_length'] = array(
-      '#title' => t('Trim length'),
+      '#title' => t('Trimmed limit'),
      '#type' => 'textfield',
      '#field_suffix' => t('characters'),
      '#size' => 10,
      '#default_value' => $settings['trim_length'],
      '#element_validate' => array('element_validate_integer_positive'),
      '#description' => t('If the summary is not set, the trimmed %label field will be shorter than this character limit.', array('%label' => $instance['label'])),
      '#required' => TRUE,
    );
  }
@ -245,7 +247,7 @@ function text_field_formatter_settings_summary($field, $instance, $view_mode) {
  $summary = '';
  if (strpos($display['type'], '_trimmed') !== FALSE) {
-    $summary = t('Trim length') . ': ' . check_plain($settings['trim_length']);
+    $summary = t('Trimmed limit: @trim_length characters', array('@trim_length' => $settings['trim_length']));
  }
  return $summary;
--- a/modules/field/tests/field_test.info
+++ b/modules/field/tests/field_test.info
@ -6,8 +6,8 @@ files[] = field_test.entity.inc
 version = VERSION
 hidden = TRUE
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/field_ui/field_ui.info
+++ b/modules/field_ui/field_ui.info
@ -6,8 +6,8 @@ core = 7.x
 dependencies[] = field
 files[] = field_ui.test
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/file/file.field.inc
+++ b/modules/file/file.field.inc
@ -632,7 +632,7 @@ function file_field_widget_process($element, &$form_state, $form) {
  $element['#theme'] = 'file_widget';
  // Add the display field if enabled.
-  if (!empty($field['settings']['display_field']) && $item['fid']) {
+  if (!empty($field['settings']['display_field'])) {
    $element['display'] = array(
      '#type' => empty($item['fid']) ? 'hidden' : 'checkbox',
      '#title' => t('Include file in display'),
--- a/modules/file/file.info
+++ b/modules/file/file.info
@ -6,8 +6,8 @@ core = 7.x
 dependencies[] = field
 files[] = tests/file.test
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/file/file.module
+++ b/modules/file/file.module
@ -92,7 +92,7 @@ function file_theme() {
      'variables' => array('file' => NULL, 'icon_directory' => NULL),
    ),
    'file_icon' => array(
-      'variables' => array('file' => NULL, 'icon_directory' => NULL),
+      'variables' => array('file' => NULL, 'icon_directory' => NULL, 'alt' => ''),
    ),
    'file_managed_file' => array(
      'render element' => 'element',
@ -529,14 +529,19 @@ function file_managed_file_value(&$element, $input = FALSE, $form_state = NULL)
        // publicly accessible, with no download restrictions; for security
        // reasons all other schemes must go through the file_download_access()
        // check.
-        if (in_array(file_uri_scheme($file->uri), variable_get('file_public_schema', array('public'))) || file_download_access($file->uri)) {
+        if (!in_array(file_uri_scheme($file->uri), variable_get('file_public_schema', array('public'))) && !file_download_access($file->uri)) {
          $fid = $file->fid;
        }
        // If the current user doesn't have access, don't let the file be
        // changed.
        else {
          $force_default = TRUE;
        }
        // Temporary files that belong to other users should never be allowed.
        // Since file ownership can't be determined for anonymous users, they
        // are not allowed to reuse temporary files at all.
        elseif ($file->status != FILE_STATUS_PERMANENT && (!$GLOBALS['user']->uid || $file->uid != $GLOBALS['user']->uid)) {
          $force_default = TRUE;
        }
        // If all checks pass, allow the file to be changed.
        else {
          $fid = $file->fid;
        }
      }
    }
  }
@ -749,7 +754,32 @@ function theme_file_link($variables) {
  $icon_directory = $variables['icon_directory'];
  $url = file_create_url($file->uri);
-  $icon = theme('file_icon', array('file' => $file, 'icon_directory' => $icon_directory));
+
  // Human-readable names, for use as text-alternatives to icons.
  $mime_name = array(
    'application/msword' => t('Microsoft Office document icon'),
    'application/vnd.ms-excel' => t('Office spreadsheet icon'),
    'application/vnd.ms-powerpoint' => t('Office presentation icon'),
    'application/pdf' => t('PDF icon'),
    'video/quicktime' => t('Movie icon'),
    'audio/mpeg' => t('Audio icon'),
    'audio/wav' => t('Audio icon'),
    'image/jpeg' => t('Image icon'),
    'image/png' => t('Image icon'),
    'image/gif' => t('Image icon'),
    'application/zip' => t('Package icon'),
    'text/html' => t('HTML icon'),
    'text/plain' => t('Plain text icon'),
    'application/octet-stream' => t('Binary Data'),
  );
  $mimetype = file_get_mimetype($file->uri);
  $icon = theme('file_icon', array(
    'file' => $file,
    'icon_directory' => $icon_directory,
    'alt' => !empty($mime_name[$mimetype]) ? $mime_name[$mimetype] : t('File'),
  ));
  // Set options as per anchor format described at
  // http://microformats.org/wiki/file-format-examples
@ -779,16 +809,19 @@ function theme_file_link($variables) {
 *   - file: A file object for which to make an icon.
 *   - icon_directory: (optional) A path to a directory of icons to be used for
 *     files. Defaults to the value of the "file_icon_directory" variable.
 *   - alt: (optional) The alternative text to represent the icon in text-based
 *     browsers. Defaults to an empty string.
 *
 * @ingroup themeable
 */
 function theme_file_icon($variables) {
  $file = $variables['file'];
  $alt = $variables['alt'];
  $icon_directory = $variables['icon_directory'];
  $mime = check_plain($file->filemime);
  $icon_url = file_icon_url($file, $icon_directory);
-  return '<img class="file-icon" alt="" title="' . $mime . '" src="' . $icon_url . '" />';
+  return '<img class="file-icon" alt="' . check_plain($alt) . '" title="' . $mime . '" src="' . $icon_url . '" />';
 }
 /**
--- a/modules/file/tests/file.test
+++ b/modules/file/tests/file.test
@ -218,6 +218,30 @@ class FileFieldTestCase extends DrupalWebTestCase {
    $message = isset($message) ? $message : format_string('File %file is permanent.', array('%file' => $file->uri));
    $this->assertTrue($file->status == FILE_STATUS_PERMANENT, $message);
  }
  /**
   * Creates a temporary file, for a specific user.
   *
   * @param string $data
   *   A string containing the contents of the file.
   * @param int $uid
   *   The user ID of the file owner.
   *
   * @return object
   *   A file object, or FALSE on error.
   */
  function createTemporaryFile($data, $uid = NULL) {
    $file = file_save_data($data, NULL, NULL);
    if ($file) {
      $file->uid = isset($uid) ? $uid : $this->admin_user->uid;
      // Change the file status to be temporary.
      $file->status = NULL;
      return file_save($file);
    }
    return $file;
  }
 }
 /**
@ -526,6 +550,120 @@ class FileFieldWidgetTestCase extends FileFieldTestCase {
    }
  }
  /**
   * Tests exploiting the temporary file removal of another user using fid.
   */
  function testTemporaryFileRemovalExploit() {
    // Create a victim user.
    $victim_user = $this->drupalCreateUser();
    // Create an attacker user.
    $attacker_user = $this->drupalCreateUser(array(
      'access content',
      'create page content',
      'edit any page content',
    ));
    // Log in as the attacker user.
    $this->drupalLogin($attacker_user);
    // Perform tests using the newly created users.
    $this->doTestTemporaryFileRemovalExploit($victim_user->uid, $attacker_user->uid);
  }
  /**
   * Tests exploiting the temporary file removal for anonymous users using fid.
   */
  public function testTemporaryFileRemovalExploitAnonymous() {
    // Set up an anonymous victim user.
    $victim_uid = 0;
    // Set up an anonymous attacker user.
    $attacker_uid = 0;
    // Set up permissions for anonymous attacker user.
    user_role_change_permissions(DRUPAL_ANONYMOUS_RID, array(
      'access content' => TRUE,
      'create page content' => TRUE,
      'edit any page content' => TRUE,
    ));
    // In order to simulate being the anonymous attacker user, we need to log
    // out here since setUp() has logged in the admin.
    $this->drupalLogout();
    // Perform tests using the newly set up users.
    $this->doTestTemporaryFileRemovalExploit($victim_uid, $attacker_uid);
  }
  /**
   * Helper for testing exploiting the temporary file removal using fid.
   *
   * @param int $victim_uid
   *   The victim user ID.
   * @param int $attacker_uid
   *   The attacker user ID.
   */
  protected function doTestTemporaryFileRemovalExploit($victim_uid, $attacker_uid) {
    // Use 'page' instead of 'article', so that the 'article' image field does
    // not conflict with this test. If in the future the 'page' type gets its
    // own default file or image field, this test can be made more robust by
    // using a custom node type.
    $type_name = 'page';
    $field_name = 'test_file_field';
    $this->createFileField($field_name, $type_name);
    $test_file = $this->getTestFile('text');
    foreach (array('nojs', 'js') as $type) {
      // Create a temporary file owned by the anonymous victim user. This will be
      // as if they had uploaded the file, but not saved the node they were
      // editing or creating.
      $victim_tmp_file = $this->createTemporaryFile('some text', $victim_uid);
      $victim_tmp_file = file_load($victim_tmp_file->fid);
      $this->assertTrue($victim_tmp_file->status != FILE_STATUS_PERMANENT, 'New file saved to disk is temporary.');
      $this->assertFalse(empty($victim_tmp_file->fid), 'New file has a fid');
      $this->assertEqual($victim_uid, $victim_tmp_file->uid, 'New file belongs to the victim user');
      // Have attacker create a new node with a different uploaded file and
      // ensure it got uploaded successfully.
      // @todo Can we test AJAX? See https://www.drupal.org/node/2538260
      $edit = array(
        'title' => $type . '-title',
      );
      // Attach a file to a node.
      $langcode = LANGUAGE_NONE;
      $edit['files[' . $field_name . '_' . $langcode . '_0]'] = drupal_realpath($test_file->uri);
      $this->drupalPost("node/add/$type_name", $edit, 'Save');
      $node = $this->drupalGetNodeByTitle($edit['title']);
      $node_file = file_load($node->{$field_name}[$langcode][0]['fid']);
      $this->assertFileExists($node_file, 'New file saved to disk on node creation.');
      $this->assertEqual($attacker_uid, $node_file->uid, 'New file belongs to the attacker.');
      // Ensure the file can be downloaded.
      $this->drupalGet(file_create_url($node_file->uri));
      $this->assertResponse(200, 'Confirmed that the generated URL is correct by downloading the shipped file.');
      // "Click" the remove button (emulating either a nojs or js submission).
      // In this POST request, the attacker "guesses" the fid of the victim's
      // temporary file and uses that to remove this file.
      $this->drupalGet('node/' . $node->nid . '/edit');
      switch ($type) {
        case 'nojs':
          $this->drupalPost(NULL, array("{$field_name}[$langcode][0][fid]" => (string) $victim_tmp_file->fid), 'Remove');
          break;
        case 'js':
          $button = $this->xpath('//input[@type="submit" and @value="Remove"]');
          $this->drupalPostAJAX(NULL, array("{$field_name}[$langcode][0][fid]" => (string) $victim_tmp_file->fid), array((string) $button[0]['name'] => (string) $button[0]['value']));
          break;
      }
      // The victim's temporary file should not be removed by the attacker's
      // POST request.
      $this->assertFileExists($victim_tmp_file);
    }
  }
  /**
   * Tests upload and remove buttons for multiple multi-valued File fields.
   */
@ -951,6 +1089,34 @@ class FileFieldDisplayTestCase extends FileFieldTestCase {
    $this->assertRaw($field_name . '[' . LANGUAGE_NONE . '][0][display]', 'First file appears as expected.');
    $this->assertRaw($field_name . '[' . LANGUAGE_NONE . '][1][display]', 'Second file appears as expected.');
  }
  /**
   * Tests default display of File Field.
   */
  function testDefaultFileFieldDisplay() {
    $field_name = strtolower($this->randomName());
    $type_name = 'article';
    $field_settings = array(
      'display_field' => '1',
      'display_default' => '0',
    );
    $instance_settings = array(
      'description_field' => '1',
    );
    $widget_settings = array();
    $this->createFileField($field_name, $type_name, $field_settings, $instance_settings, $widget_settings);
    $field = field_info_field($field_name);
    $instance = field_info_instance('node', $field_name, $type_name);
    $test_file = $this->getTestFile('text');
    // Create a new node with the uploaded file.
    $nid = $this->uploadNodeFile($test_file, $field_name, $type_name);
    $this->drupalGet('node/' . $nid . '/edit');
    $this->assertFieldByXPath('//input[@type="checkbox" and @name="' . $field_name . '[und][0][display]"]', NULL, 'Default file display checkbox field exists.');
    $this->assertFieldByXPath('//input[@type="checkbox" and @name="' . $field_name . '[und][0][display]" and not(@checked)]', NULL, 'Default file display is off.');
  }
 }
 /**
--- a/modules/file/tests/file_module_test.info
+++ b/modules/file/tests/file_module_test.info
@ -5,8 +5,8 @@ version = VERSION
 core = 7.x
 hidden = TRUE
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/filter/filter.info
+++ b/modules/filter/filter.info
@ -7,8 +7,8 @@ files[] = filter.test
 required = TRUE
 configure = admin/config/content/formats
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/filter/filter.module
+++ b/modules/filter/filter.module
@ -93,6 +93,14 @@ function filter_menu() {
    'type' => MENU_SUGGESTED_ITEM,
    'file' => 'filter.pages.inc',
  );
  $items['filter/tips/%filter_format'] = array(
    'title' => 'Compose tips',
    'page callback' => 'filter_tips_long',
    'page arguments' => array(2),
    'access callback' => 'filter_access',
    'access arguments' => array(2),
    'file' => 'filter.pages.inc',
  );
  $items['admin/config/content/formats'] = array(
    'title' => 'Text formats',
    'description' => 'Configure how content input by users is filtered, including allowed HTML tags. Also allows enabling of module-provided filters.',
@ -1119,18 +1127,23 @@ function filter_dom_serialize($dom_document) {
  $body_node = $dom_document->getElementsByTagName('body')->item(0);
  $body_content = '';
-  foreach ($body_node->getElementsByTagName('script') as $node) {
+  if ($body_node !== NULL) {
-    filter_dom_serialize_escape_cdata_element($dom_document, $node);
+    foreach ($body_node->getElementsByTagName('script') as $node) {
-  }
+      filter_dom_serialize_escape_cdata_element($dom_document, $node);
    }
-  foreach ($body_node->getElementsByTagName('style') as $node) {
+    foreach ($body_node->getElementsByTagName('style') as $node) {
-    filter_dom_serialize_escape_cdata_element($dom_document, $node, '/*', '*/');
+      filter_dom_serialize_escape_cdata_element($dom_document, $node, '/*', '*/');
-  }
+    }
-  foreach ($body_node->childNodes as $child_node) {
+    foreach ($body_node->childNodes as $child_node) {
-    $body_content .= $dom_document->saveXML($child_node);
+      $body_content .= $dom_document->saveXML($child_node);
    }
    return preg_replace('|<([^> ]*)/>|i', '<$1 />', $body_content);
  }
  else {
    return $body_content;
  }
  return preg_replace('|<([^> ]*)/>|i', '<$1 />', $body_content);
 }
 /**
@ -1484,7 +1497,7 @@ function _filter_url($text, $filter) {
  $tasks['_filter_url_parse_full_links'] = $pattern;
  // Match e-mail addresses.
-  $url_pattern = "[A-Za-z0-9._-]{1,254}@(?:$domain)";
+  $url_pattern = "[A-Za-z0-9._+-]{1,254}@(?:$domain)";
  $pattern = "`($url_pattern)`";
  $tasks['_filter_url_parse_email_links'] = $pattern;
--- a/modules/filter/filter.pages.inc
+++ b/modules/filter/filter.pages.inc
@ -14,10 +14,9 @@
 * @see filter_menu()
 * @see theme_filter_tips()
 */
-function filter_tips_long() {
+function filter_tips_long($format = NULL) {
-  $format_id = arg(2);
+  if (!empty($format)) {
-  if ($format_id) {
+    $output = theme('filter_tips', array('tips' => _filter_tips($format->format, TRUE), 'long' => TRUE));
    $output = theme('filter_tips', array('tips' => _filter_tips($format_id, TRUE), 'long' => TRUE));
  }
  else {
    $output = theme('filter_tips', array('tips' => _filter_tips(-1, TRUE), 'long' => TRUE));
--- a/modules/filter/filter.test
+++ b/modules/filter/filter.test
@ -555,6 +555,27 @@ class FilterFormatAccessTestCase extends DrupalWebTestCase {
    $this->assertTrue(isset($options[$this->allowed_format->format]), 'The allowed text format appears as an option when adding a new node.');
    $this->assertFalse(isset($options[$this->disallowed_format->format]), 'The disallowed text format does not appear as an option when adding a new node.');
    $this->assertTrue(isset($options[filter_fallback_format()]), 'The fallback format appears as an option when adding a new node.');
    // Check regular user access to the filter tips pages.
    $this->drupalGet('filter/tips/' . $this->allowed_format->format);
    $this->assertResponse(200);
    $this->drupalGet('filter/tips/' . $this->disallowed_format->format);
    $this->assertResponse(403);
    $this->drupalGet('filter/tips/' . filter_fallback_format());
    $this->assertResponse(200);
    $this->drupalGet('filter/tips/invalid-format');
    $this->assertResponse(404);
    // Check admin user access to the filter tips pages.
    $this->drupalLogin($this->admin_user);
    $this->drupalGet('filter/tips/' . $this->allowed_format->format);
    $this->assertResponse(200);
    $this->drupalGet('filter/tips/' . $this->disallowed_format->format);
    $this->assertResponse(200);
    $this->drupalGet('filter/tips/' . filter_fallback_format());
    $this->assertResponse(200);
    $this->drupalGet('filter/tips/invalid-format');
    $this->assertResponse(404);
  }
  /**
@ -1273,6 +1294,7 @@ class FilterUnitTestCase extends DrupalUnitTestCase {
    // Create a e-mail that is too long.
    $long_email = str_repeat('a', 254) . '@example.com';
    $too_long_email = str_repeat('b', 255) . '@example.com';
    $email_with_plus_sign = 'one+two@example.com';
    // Filter selection/pattern matching.
@ -1286,12 +1308,13 @@ http://example.com or www.example.com
      ),
      // MAILTO URLs.
      '
-person@example.com or mailto:person2@example.com or ' . $long_email . ' but not ' . $too_long_email . '
+person@example.com or mailto:person2@example.com or ' . $email_with_plus_sign . ' or ' . $long_email . ' but not ' . $too_long_email . '
 ' => array(
        '<a href="mailto:person@example.com">person@example.com</a>' => TRUE,
        '<a href="mailto:person2@example.com">mailto:person2@example.com</a>' => TRUE,
        '<a href="mailto:' . $long_email . '">' . $long_email . '</a>' => TRUE,
        '<a href="mailto:' . $too_long_email . '">' . $too_long_email . '</a>' => FALSE,
        '<a href="mailto:' . $email_with_plus_sign . '">' . $email_with_plus_sign . '</a>' => TRUE,
      ),
      // URI parts and special characters.
      '
@ -1983,3 +2006,26 @@ class FilterSettingsTestCase extends DrupalWebTestCase {
    }
  }
 }
 /**
 * Tests DOMDocument serialization.
 */
 class FilterDOMSerializeTestCase extends DrupalWebTestCase {
  public static function getInfo() {
    return array(
      'name' => 'Serialization',
      'description' => 'Test serialization of DOMDocument objects.',
      'group' => 'Filter',
    );
  }
  /**
   * Tests empty DOMDocument object.
   */
  function testFilterEmptyDOMSerialization() {
    $document = new DOMDocument();
    $result = filter_dom_serialize($document);
    $this->assertEqual('', $result);
  }
 }
--- a/modules/forum/forum.info
+++ b/modules/forum/forum.info
@ -9,8 +9,8 @@ files[] = forum.test
 configure = admin/structure/forum
 stylesheets[all][] = forum.css
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/help/help.info
+++ b/modules/help/help.info
@ -5,8 +5,8 @@ version = VERSION
 core = 7.x
 files[] = help.test
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/image/image.info
+++ b/modules/image/image.info
@ -7,8 +7,8 @@ dependencies[] = file
 files[] = image.test
 configure = admin/config/media/image-styles
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/image/image.module
+++ b/modules/image/image.module
@ -64,7 +64,7 @@ function image_help($path, $arg) {
      $effect = image_effect_definition_load($arg[7]);
      return isset($effect['help']) ? ('<p>' . $effect['help'] . '</p>') : NULL;
    case 'admin/config/media/image-styles/edit/%/effects/%':
-      $effect = ($arg[5] == 'add') ? image_effect_definition_load($arg[6]) : image_effect_load($arg[6], $arg[4]);
+      $effect = ($arg[5] == 'add') ? image_effect_definition_load($arg[6]) : image_effect_load($arg[7], $arg[5]);
      return isset($effect['help']) ? ('<p>' . $effect['help'] . '</p>') : NULL;
  }
 }
@ -801,6 +801,8 @@ function image_style_options($include_empty = TRUE, $output = CHECK_PLAIN) {
 *
 * @param $style
 *   The image style
 * @param $scheme
 *   The file scheme, for example 'public' for public files.
 */
 function image_style_deliver($style, $scheme) {
  $args = func_get_args();
@ -833,8 +835,8 @@ function image_style_deliver($style, $scheme) {
      file_download($scheme, file_uri_target($derivative_uri));
    }
    else {
-      $headers = module_invoke_all('file_download', $image_uri);
+      $headers = file_download_headers($image_uri);
-      if (in_array(-1, $headers) || empty($headers)) {
+      if (empty($headers)) {
        return MENU_ACCESS_DENIED;
      }
      if (count($headers)) {
--- a/modules/image/image.test
+++ b/modules/image/image.test
@ -77,6 +77,24 @@ class ImageFieldTestCase extends DrupalWebTestCase {
    return field_create_instance($instance);
  }
  /**
   * Create a random style.
   *
   * @return array
   *  A list containing the details of the generated image style.
   */
  function createRandomStyle() {
    $style_name = strtolower($this->randomName(10));
    $style_label = $this->randomString();
    image_style_save(array('name' => $style_name, 'label' => $style_label));
    $style_path = 'admin/config/media/image-styles/edit/' . $style_name;
    return array(
      'name' => $style_name,
      'label' => $style_label,
      'path' => $style_path,
    );
  }
  /**
   * Upload an image to a node.
   *
@ -183,6 +201,22 @@ class ImageStylesPathAndUrlTestCase extends DrupalWebTestCase {
    $this->assertResponse(404, 'Accessing an image style URL with a source image that does not exist provides a 404 error response.');
  }
  /**
   * Test that we do not pass an array to drupal_add_http_header.
   */
  function testImageContentTypeHeaders() {
    $files = $this->drupalGetTestFiles('image');
    $file = array_shift($files);
    // Copy the test file to private folder.
    $private_file = file_copy($file, 'private://', FILE_EXISTS_RENAME);
    // Tell image_module_test module to return the headers we want to test.
    variable_set('image_module_test_invalid_headers', $private_file->uri);
    // Invoke image_style_deliver so it will try to set headers.
    $generated_url = image_style_url($this->style_name, $private_file->uri);
    $this->drupalGet($generated_url);
    variable_del('image_module_test_invalid_headers');
  }
  /**
   * Test image_style_url().
   */
@ -469,6 +503,58 @@ class ImageEffectsUnitTest extends ImageToolkitTestCase {
  }
 }
 /**
 * Tests the administrative user interface.
 */
 class ImageAdminUiTestCase extends ImageFieldTestCase {
  public static function getInfo() {
    return array(
      'name' => 'Administrative user interface',
      'description' => 'Tests the forms used in the administrative user interface.',
      'group' => 'Image',
    );
  }
  function setUp() {
    parent::setUp(array('image'));
  }
  /**
   * Test if the help text is available on the add effect form.
   */
  function testAddEffectHelpText() {
    // Create a random image style.
    $style = $this->createRandomStyle();
    // Open the add effect form and check for the help text.
    $this->drupalGet($style['path'] . '/add/image_crop');
    $this->assertText(t('Cropping will remove portions of an image to make it the specified dimensions.'), 'The image style effect help text was displayed on the add effect page.');
  }
  /**
   * Test if the help text is available on the edit effect form.
   */
  function testEditEffectHelpText() {
    // Create a random image style.
    $random_style = $this->createRandomStyle();
    // Add the crop effect to the image style.
    $edit = array();
    $edit['data[width]'] = 20;
    $edit['data[height]'] = 20;
    $this->drupalPost($random_style['path'] . '/add/image_crop', $edit, t('Add effect'));
    // Open the edit effect form and check for the help text.
    drupal_static_reset('image_styles');
    $style = image_style_load($random_style['name']);
    foreach ($style['effects'] as $ieid => $effect) {
      $this->drupalGet($random_style['path'] . '/effects/' . $ieid);
      $this->assertText(t('Cropping will remove portions of an image to make it the specified dimensions.'), 'The image style effect help text was displayed on the edit effect page.');
    }
  }
 }
 /**
 * Tests creation, deletion, and editing of image styles and effects.
 */
--- a/modules/image/tests/image_module_test.info
+++ b/modules/image/tests/image_module_test.info
@ -6,8 +6,8 @@ core = 7.x
 files[] = image_module_test.module
 hidden = TRUE
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/image/tests/image_module_test.module
+++ b/modules/image/tests/image_module_test.module
@ -9,6 +9,9 @@ function image_module_test_file_download($uri) {
  if (variable_get('image_module_test_file_download', FALSE) == $uri) {
    return array('X-Image-Owned-By' => 'image_module_test');
  }
  if (variable_get('image_module_test_invalid_headers', FALSE) == $uri) {
    return array('Content-Type' => 'image/png');
  }
 }
 /**
--- a/modules/locale/locale.info
+++ b/modules/locale/locale.info
@ -6,8 +6,8 @@ core = 7.x
 files[] = locale.test
 configure = admin/config/regional/language
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/locale/tests/locale_test.info
+++ b/modules/locale/tests/locale_test.info
@ -5,8 +5,8 @@ package = Testing
 version = VERSION
 hidden = TRUE
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/menu/menu.info
+++ b/modules/menu/menu.info
@ -6,8 +6,8 @@ core = 7.x
 files[] = menu.test
 configure = admin/structure/menu
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/menu/menu.test
+++ b/modules/menu/menu.test
@ -72,6 +72,17 @@ class MenuTestCase extends DrupalWebTestCase {
    $saved_item = menu_link_load($item['mlid']);
    $this->assertEqual($description, $saved_item['options']['attributes']['title'], 'Saving an existing link updates the description (title attribute)');
    $this->resetMenuLink($item, $old_title);
    // Test that the page title is correct when a local task appears in a
    // top-level menu item. See https://www.drupal.org/node/1973262.
    $item = $this->addMenuLink(0, 'user/register', 'user-menu');
    $this->drupalGet('user/password');
    $this->assertNoTitle('Home | Drupal');
    $this->drupalLogout();
    $this->drupalGet('user/register');
    $this->assertTitle($item['link_title'] . ' | Drupal');
    $this->drupalGet('user');
    $this->assertNoTitle('Home | Drupal');
  }
  /**
--- a/modules/node/node.admin.inc
+++ b/modules/node/node.admin.inc
@ -329,6 +329,8 @@ function _node_mass_update_helper($nid, $updates) {
 }
 /**
 * Implements callback_batch_operation().
 *
 * Executes a batch operation for node_mass_update().
 *
 * @param array $nodes
@ -367,7 +369,9 @@ function _node_mass_update_batch_process($nodes, $updates, &$context) {
 }
 /**
- * Menu callback: Reports the status of batch operation for node_mass_update().
+ * Implements callback_batch_finished().
 *
 * Reports the status of batch operation for node_mass_update().
 *
 * @param bool $success
 *   A boolean indicating whether the batch mass update operation successfully
@ -504,14 +508,17 @@ function node_admin_nodes() {
  $options = array();
  foreach ($nodes as $node) {
    $langcode = entity_language('node', $node);
-    $l_options = $langcode != LANGUAGE_NONE && isset($languages[$langcode]) ? array('language' => $languages[$langcode]) : array();
+    $uri = entity_uri('node', $node);
    if ($langcode != LANGUAGE_NONE && isset($languages[$langcode])) {
      $uri['options']['language'] = $languages[$langcode];
    }
    $options[$node->nid] = array(
      'title' => array(
        'data' => array(
          '#type' => 'link',
          '#title' => $node->title,
-          '#href' => 'node/' . $node->nid,
+          '#href' => $uri['path'],
-          '#options' => $l_options,
+          '#options' => $uri['options'],
          '#suffix' => ' ' . theme('mark', array('type' => node_mark($node->nid, $node->changed))),
        ),
      ),
--- a/modules/node/node.api.php
+++ b/modules/node/node.api.php
@ -950,7 +950,7 @@ function hook_node_info() {
 *   'recent', or 'comments'. The values should be arrays themselves, with the
 *   following keys available:
 *   - title: (required) The human readable name of the ranking mechanism.
- *   - join: (optional) The part of a query string to join to any additional
+ *   - join: (optional) An array with information to join any additional
 *     necessary table. This is not necessary if the table required is already
 *     joined to by the base query, such as for the {node} table. Other tables
 *     should use the full table name as an alias to avoid naming collisions.
@ -974,7 +974,12 @@ function hook_ranking() {
        'title' => t('Average vote'),
        // Note that we use i.sid, the search index's search item id, rather than
        // n.nid.
-        'join' => 'LEFT JOIN {vote_node_data} vote_node_data ON vote_node_data.nid = i.sid',
+        'join' => array(
          'type' => 'LEFT',
          'table' => 'vote_node_data',
          'alias' => 'vote_node_data',
          'on' => 'vote_node_data.nid = i.sid',
        ),
        // The highest possible score should be 1, and the lowest possible score,
        // always 0, should be 0.
        'score' => 'vote_node_data.average / CAST(%f AS DECIMAL)',
@ -1079,19 +1084,9 @@ function hook_delete($node) {
 * @ingroup node_api_hooks
 */
 function hook_prepare($node) {
-  $file = file_save_upload($field_name, _image_filename($file->filename, NULL, TRUE));
+  if (!isset($node->mymodule_value)) {
-  if ($file) {
+    $node->mymodule_value = 'foo';
    if (!image_get_info($file->uri)) {
      form_set_error($field_name, t('Uploaded file is not a valid image'));
      return;
    }
  }
  else {
    return;
  }
  $node->images['_original'] = $file->uri;
  _image_build_derivatives($node, TRUE);
  $node->new_file = TRUE;
 }
 /**
--- a/modules/node/node.info
+++ b/modules/node/node.info
@ -9,8 +9,8 @@ required = TRUE
 configure = admin/structure/types
 stylesheets[all][] = node.css
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/node/node.module
+++ b/modules/node/node.module
@ -2953,7 +2953,10 @@ function node_search_validate($form, &$form_state) {
 * system. When adding a node listing to your module, be sure to use a dynamic
 * query created by db_select() and add a tag of "node_access". This will allow
 * modules dealing with node access to ensure only nodes to which the user has
- * access are retrieved, through the use of hook_query_TAG_alter().
+ * access are retrieved, through the use of hook_query_TAG_alter(). Tagging a
 * query with "node_access" does not check the published/unpublished status of
 * nodes, so the base query is responsible for ensuring that unpublished nodes
 * are not displayed to inappropriate users.
 *
 * Note: Even a single module returning NODE_ACCESS_DENY from hook_node_access()
 * will block access to the node. Therefore, implementers should take care to
@ -3669,6 +3672,8 @@ function node_access_rebuild($batch_mode = FALSE) {
 }
 /**
 * Implements callback_batch_operation().
 *
 * Performs batch operation for node_access_rebuild().
 *
 * This is a multistep operation: we go through all nodes by packs of 20. The
@ -3683,7 +3688,7 @@ function _node_access_rebuild_batch_operation(&$context) {
    // Initiate multistep processing.
    $context['sandbox']['progress'] = 0;
    $context['sandbox']['current_node'] = 0;
-    $context['sandbox']['max'] = db_query('SELECT COUNT(DISTINCT nid) FROM {node}')->fetchField();
+    $context['sandbox']['max'] = db_query('SELECT COUNT(nid) FROM {node}')->fetchField();
  }
  // Process the next 20 nodes.
@ -3707,6 +3712,8 @@ function _node_access_rebuild_batch_operation(&$context) {
 }
 /**
 * Implements callback_batch_finished().
 *
 * Performs post-processing for node_access_rebuild().
 *
 * @param bool $success
--- a/modules/node/node.pages.inc
+++ b/modules/node/node.pages.inc
@ -396,7 +396,6 @@ function node_preview($node) {
    $cloned_node->changed = REQUEST_TIME;
    $nodes = array($cloned_node->nid => $cloned_node);
    field_attach_prepare_view('node', $nodes, 'full');
    // Display a preview of the node.
    if (!form_get_errors()) {
--- a/modules/node/node.test
+++ b/modules/node/node.test
@ -457,10 +457,70 @@ class PagePreviewTestCase extends DrupalWebTestCase {
  }
  function setUp() {
-    parent::setUp();
+    parent::setUp(array('taxonomy', 'node'));
    $web_user = $this->drupalCreateUser(array('edit own page content', 'create page content'));
    $this->drupalLogin($web_user);
    // Add a vocabulary so we can test different view modes.
    $vocabulary = (object) array(
      'name' => $this->randomName(),
      'description' => $this->randomName(),
      'machine_name' => drupal_strtolower($this->randomName()),
      'help' => '',
      'nodes' => array('page' => 'page'),
    );
    taxonomy_vocabulary_save($vocabulary);
    $this->vocabulary = $vocabulary;
    // Add a term to the vocabulary.
    $term = (object) array(
      'name' => $this->randomName(),
      'description' => $this->randomName(),
      // Use the first available text format.
      'format' => db_query_range('SELECT format FROM {filter_format}', 0, 1)->fetchField(),
      'vid' => $this->vocabulary->vid,
      'vocabulary_machine_name' => $vocabulary->machine_name,
    );
    taxonomy_term_save($term);
    $this->term = $term;
    // Set up a field and instance.
    $this->field_name = drupal_strtolower($this->randomName());
    $this->field = array(
      'field_name' => $this->field_name,
      'type' => 'taxonomy_term_reference',
      'settings' => array(
        'allowed_values' => array(
          array(
            'vocabulary' => $this->vocabulary->machine_name,
            'parent' => '0',
          ),
        ),
      )
    );
    field_create_field($this->field);
    $this->instance = array(
      'field_name' => $this->field_name,
      'entity_type' => 'node',
      'bundle' => 'page',
      'widget' => array(
        'type' => 'options_select',
      ),
      // Hide on full display but render on teaser.
      'display' => array(
        'default' => array(
          'type' => 'hidden',
        ),
        'teaser' => array(
          'type' => 'taxonomy_term_reference_link',
        ),
      ),
    );
    field_create_instance($this->instance);
  }
  /**
@ -470,21 +530,26 @@ class PagePreviewTestCase extends DrupalWebTestCase {
    $langcode = LANGUAGE_NONE;
    $title_key = "title";
    $body_key = "body[$langcode][0][value]";
    $term_key = "{$this->field_name}[$langcode]";
    // Fill in node creation form and preview node.
    $edit = array();
    $edit[$title_key] = $this->randomName(8);
    $edit[$body_key] = $this->randomName(16);
    $edit[$term_key] = $this->term->tid;
    $this->drupalPost('node/add/page', $edit, t('Preview'));
-    // Check that the preview is displaying the title and body.
+    // Check that the preview is displaying the title, body, and term.
    $this->assertTitle(t('Preview | Drupal'), 'Basic page title is preview.');
    $this->assertText($edit[$title_key], 'Title displayed.');
    $this->assertText($edit[$body_key], 'Body displayed.');
    $this->assertText($this->term->name, 'Term displayed.');
-    // Check that the title and body fields are displayed with the correct values.
+    // Check that the title, body, and term fields are displayed with the
    // correct values.
    $this->assertFieldByName($title_key, $edit[$title_key], 'Title field displayed.');
    $this->assertFieldByName($body_key, $edit[$body_key], 'Body field displayed.');
    $this->assertFieldByName($term_key, $edit[$term_key], 'Term field displayed.');
  }
  /**
@ -494,6 +559,7 @@ class PagePreviewTestCase extends DrupalWebTestCase {
    $langcode = LANGUAGE_NONE;
    $title_key = "title";
    $body_key = "body[$langcode][0][value]";
    $term_key = "{$this->field_name}[$langcode]";
    // Force revision on "Basic page" content.
    variable_set('node_options_page', array('status', 'revision'));
@ -501,17 +567,21 @@ class PagePreviewTestCase extends DrupalWebTestCase {
    $edit = array();
    $edit[$title_key] = $this->randomName(8);
    $edit[$body_key] = $this->randomName(16);
    $edit[$term_key] = $this->term->tid;
    $edit['log'] = $this->randomName(32);
    $this->drupalPost('node/add/page', $edit, t('Preview'));
-    // Check that the preview is displaying the title and body.
+    // Check that the preview is displaying the title, body, and term.
    $this->assertTitle(t('Preview | Drupal'), 'Basic page title is preview.');
    $this->assertText($edit[$title_key], 'Title displayed.');
    $this->assertText($edit[$body_key], 'Body displayed.');
    $this->assertText($this->term->name, 'Term displayed.');
-    // Check that the title and body fields are displayed with the correct values.
+    // Check that the title, body, and term fields are displayed with the
    // correct values.
    $this->assertFieldByName($title_key, $edit[$title_key], 'Title field displayed.');
    $this->assertFieldByName($body_key, $edit[$body_key], 'Body field displayed.');
    $this->assertFieldByName($term_key, $edit[$term_key], 'Term field displayed.');
    // Check that the log field has the correct value.
    $this->assertFieldByName('log', $edit['log'], 'Log field displayed.');
--- a/modules/node/tests/node_access_test.info
+++ b/modules/node/tests/node_access_test.info
@ -5,8 +5,8 @@ version = VERSION
 core = 7.x
 hidden = TRUE
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/node/tests/node_test.info
+++ b/modules/node/tests/node_test.info
@ -5,8 +5,8 @@ version = VERSION
 core = 7.x
 hidden = TRUE
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/node/tests/node_test_exception.info
+++ b/modules/node/tests/node_test_exception.info
@ -5,8 +5,8 @@ version = VERSION
 core = 7.x
 hidden = TRUE
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/openid/openid.info
+++ b/modules/openid/openid.info
@ -5,8 +5,8 @@ package = Core
 core = 7.x
 files[] = openid.test
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/openid/tests/openid_test.info
+++ b/modules/openid/tests/openid_test.info
@ -6,8 +6,8 @@ core = 7.x
 dependencies[] = openid
 hidden = TRUE
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/overlay/overlay-parent.js
+++ b/modules/overlay/overlay-parent.js
@ -350,7 +350,7 @@ Drupal.overlay.setFocusBefore = function ($element, document) {
 *   TRUE if the URL represents an administrative link, FALSE otherwise.
 */
 Drupal.overlay.isAdminLink = function (url) {
-  if (Drupal.overlay.isExternalLink(url)) {
+  if (!Drupal.urlIsLocal(url)) {
    return false;
  }
@ -378,6 +378,8 @@ Drupal.overlay.isAdminLink = function (url) {
 /**
 * Determine whether a link is external to the site.
 *
 * Deprecated. Use Drupal.urlIsLocal() instead.
 *
 * @param url
 *   The URL to be tested.
 *
@ -385,8 +387,7 @@ Drupal.overlay.isAdminLink = function (url) {
 *   TRUE if the URL is external to the site, FALSE otherwise.
 */
 Drupal.overlay.isExternalLink = function (url) {
-  var re = RegExp('^((f|ht)tps?:)?//(?!' + window.location.host + ')');
+  return !Drupal.urlIsLocal(url);
  return re.test(url);
 };
 /**
@ -405,7 +406,7 @@ Drupal.overlay.isExternalLink = function (url) {
 */
 Drupal.overlay.getInternalUrl = function (path) {
  var url = Drupal.settings.basePath + path;
-  if (!this.isExternalLink(url)) {
+  if (Drupal.urlIsLocal(url)) {
    return url;
  }
 };
--- a/modules/overlay/overlay.info
+++ b/modules/overlay/overlay.info
@ -4,8 +4,8 @@ package = Core
 version = VERSION
 core = 7.x
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/path/path.info
+++ b/modules/path/path.info
@ -6,8 +6,8 @@ core = 7.x
 files[] = path.test
 configure = admin/config/search/path
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/path/path.module
+++ b/modules/path/path.module
@ -185,7 +185,7 @@ function path_form_element_validate($element, &$form_state, $complete_form) {
 * Implements hook_node_insert().
 */
 function path_node_insert($node) {
-  if (isset($node->path)) {
+  if (isset($node->path) && isset($node->path['alias'])) {
    $path = $node->path;
    $path['alias'] = trim($path['alias']);
    // Only save a non-empty alias.
@ -205,9 +205,9 @@ function path_node_insert($node) {
 function path_node_update($node) {
  if (isset($node->path)) {
    $path = $node->path;
-    $path['alias'] = trim($path['alias']);
+    $path['alias'] = isset($path['alias']) ? trim($path['alias']) : '';
    // Delete old alias if user erased it.
-    if (!empty($path['pid']) && empty($path['alias'])) {
+    if (!empty($path['pid']) && !$path['alias']) {
      path_delete($path['pid']);
    }
    path_node_insert($node);
--- a/modules/php/php.info
+++ b/modules/php/php.info
@ -5,8 +5,8 @@ version = VERSION
 core = 7.x
 files[] = php.test
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/poll/poll.info
+++ b/modules/poll/poll.info
@ -6,8 +6,8 @@ core = 7.x
 files[] = poll.test
 stylesheets[all][] = poll.css
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/poll/poll.module
+++ b/modules/poll/poll.module
@ -631,9 +631,6 @@ function poll_delete($node) {
 *   The node object to load.
 */
 function poll_block_latest_poll_view($node) {
  global $user;
  $output = '';
  // This is necessary for shared objects because PHP doesn't copy objects, but
  // passes them by reference.  So when the objects are cached it can result in
  // the wrong output being displayed on subsequent calls.  The cloning and
@ -674,9 +671,6 @@ function poll_block_latest_poll_view($node) {
 * Implements hook_view().
 */
 function poll_view($node, $view_mode) {
  global $user;
  $output = '';
  if (!empty($node->allowvotes) && empty($node->show_results)) {
    $node->content['poll_view_voting'] = drupal_get_form('poll_view_voting', $node);
  }
@ -694,7 +688,7 @@ function poll_view($node, $view_mode) {
 function poll_teaser($node) {
  $teaser = NULL;
  if (is_array($node->choice)) {
-    foreach ($node->choice as $k => $choice) {
+    foreach ($node->choice as $choice) {
      if ($choice['chtext'] != '') {
        $teaser .= '* ' . check_plain($choice['chtext']) . "\n";
      }
--- a/modules/profile/profile.info
+++ b/modules/profile/profile.info
@ -11,8 +11,8 @@ configure = admin/config/people/profile
 ; See user_system_info_alter().
 hidden = TRUE
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/profile/profile.test
+++ b/modules/profile/profile.test
@ -342,7 +342,7 @@ class ProfileTestAutocomplete extends ProfileTestCase {
    // Autocomplete always uses non-clean URLs.
    $current_clean_url = isset($GLOBALS['conf']['clean_url']) ? $GLOBALS['conf']['clean_url'] : NULL;
    $GLOBALS['conf']['clean_url'] = 0;
-    $autocomplete_url = url('profile/autocomplete/' . $field['fid'], array('absolute' => TRUE));
+    $autocomplete_url = url('profile/autocomplete/' . $field['fid'], array('absolute' => TRUE, 'script' => 'index.php'));
    $GLOBALS['conf']['clean_url'] = $current_clean_url;
    $autocomplete_id = drupal_html_id('edit-' . $field['form_name'] . '-autocomplete');
    $autocomplete_html = '<input type="hidden" id="' . $autocomplete_id . '" value="' . $autocomplete_url . '" disabled="disabled" class="autocomplete" />';
--- a/modules/rdf/rdf.info
+++ b/modules/rdf/rdf.info
@ -5,8 +5,8 @@ version = VERSION
 core = 7.x
 files[] = rdf.test
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/rdf/tests/rdf_test.info
+++ b/modules/rdf/tests/rdf_test.info
@ -5,8 +5,8 @@ version = VERSION
 core = 7.x
 hidden = TRUE
-; Information added by Drupal.org packaging script on 2015-08-19
+; Information added by Drupal.org packaging script on 2016-02-24
-version = "7.39"
+version = "7.43"
 project = "drupal"
-datestamp = "1440020197"
+datestamp = "1456343506"
--- a/modules/search/search.extender.inc
+++ b/modules/search/search.extender.inc
@ -409,10 +409,10 @@ class SearchQuery extends SelectQueryExtender {
   * used. However, if at least one call to addScore() has taken place, the
   * keyword relevance score is not automatically added.
   *
-   * Also note that if you call orderBy() directly on the query, search scores
+   * Note that you must use this method to add ordering to your searches, and
-   * will not automatically be used to order search results. Your orderBy()
+   * not call orderBy() directly, when using the SearchQuery extender. This is
-   * expression can reference 'calculated_score', which will be the total
+   * because of the two-pass system the SearchQuery class uses to normalize
-   * calculated score value.
+   * scores.
   *
   * @param $score
   *   The score expression, which should evaluate to a number between 0 and 1.
--- a/Show More
+++ b/Show More