bachir/materio-base-legacy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

drupal core updated to 7.28

Browse Source
This commit is contained in:
Bachir Soussi Chiadmi
2014-07-07 18:53:44 +02:00
parent 10de06dd70
commit c3011cef61
263 changed files with 3331 additions and 8894 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
includes/install.core.inc
View File

@@ -692,6 +692,21 @@ function install_full_redirect_url($install_state) {
*/
function install_display_output($output, $install_state) {
drupal_page_header();
// Prevent install.php from being indexed when installed in a sub folder.
// robots.txt rules are not read if the site is within domain.com/subfolder
// resulting in /subfolder/install.php being found through search engines.
// When settings.php is writeable this can be used via an external database
// leading a malicious user to gain php access to the server.
$noindex_meta_tag = array(
'#tag' => 'meta',
'#attributes' => array(
'name' => 'robots',
'content' => 'noindex, nofollow',
),
);
drupal_add_html_head($noindex_meta_tag, 'install_meta_robots');
// Only show the task list if there is an active task; otherwise, the page
// request has ended before tasks have even been started, so there is nothing
// meaningful to show.
@@ -766,6 +781,15 @@ function install_system_module(&$install_state) {
// Install system.module.
drupal_install_system();
// Call file_ensure_htaccess() to ensure that all of Drupal's standard
// directories (e.g., the public and private files directories) have
// appropriate .htaccess files. These directories will have already been
// created by this point in the installer, since Drupal creates them during
// the install_verify_requirements() task. Note that we cannot call
// file_ensure_htaccess() any earlier than this, since it relies on
// system.module in order to work.
file_ensure_htaccess();
// Enable the user module so that sessions can be recorded during the
// upcoming bootstrap step.
module_enable(array('user'), FALSE);
@@ -981,7 +1005,7 @@ function install_settings_form_submit($form, &$form_state) {
'required' => TRUE,
);
$settings['drupal_hash_salt'] = array(
'value' => drupal_hash_base64(drupal_random_bytes(55)),
'value' => drupal_random_key(),
'required' => TRUE,
);
drupal_rewrite_settings($settings);