core security update

modules/statistics/statistics.info

@@ -6,8 +6,8 @@ core = 7.x
 files[] = statistics.test
 configure = admin/config/system/statistics
 
-; Information added by Drupal.org packaging script on 2015-04-02
-version = "7.36"
+; Information added by Drupal.org packaging script on 2016-10-05
+version = "7.51"
 project = "drupal"
-datestamp = "1427943826"
+datestamp = "1475694174"
 

modules/statistics/statistics.module

@@ -118,10 +118,9 @@ function statistics_node_view($node, $view_mode) {
   // Attach Ajax node count statistics if configured.
   if (variable_get('statistics_count_content_views', 0) && variable_get('statistics_count_content_views_ajax', 0)) {
     if (!empty($node->nid) && $view_mode == 'full' && node_is_page($node) && empty($node->in_preview)) {
-      $node->content['#attached']['js'] = array(
-        drupal_get_path('module', 'statistics') . '/statistics.js' => array(
-          'scope' => 'footer'
-        ),
+      $statistics = drupal_get_path('module', 'statistics') . '/statistics.js';
+      $node->content['#attached']['js'][$statistics] = array(
+        'scope' => 'footer',
       );
       $settings = array('data' => array('nid' => $node->nid), 'url' => url(drupal_get_path('module', 'statistics') . '/statistics.php'));
       $node->content['#attached']['js'][] = array(

modules/statistics/statistics.php

@@ -15,17 +15,19 @@ chdir(DRUPAL_ROOT);
 include_once DRUPAL_ROOT . '/includes/bootstrap.inc';
 drupal_bootstrap(DRUPAL_BOOTSTRAP_VARIABLES);
 if (variable_get('statistics_count_content_views', 0) && variable_get('statistics_count_content_views_ajax', 0)) {
-  $nid = $_POST['nid'];
-  if (is_numeric($nid)) {
-    db_merge('node_counter')
-      ->key(array('nid' => $nid))
-      ->fields(array(
-        'daycount' => 1,
-        'totalcount' => 1,
-        'timestamp' => REQUEST_TIME,
-      ))
-      ->expression('daycount', 'daycount + 1')
-      ->expression('totalcount', 'totalcount + 1')
-      ->execute();
+  if (isset($_POST['nid'])) {
+    $nid = $_POST['nid'];
+    if (is_numeric($nid)) {
+      db_merge('node_counter')
+        ->key(array('nid' => $nid))
+        ->fields(array(
+          'daycount' => 1,
+          'totalcount' => 1,
+          'timestamp' => REQUEST_TIME,
+        ))
+        ->expression('daycount', 'daycount + 1')
+        ->expression('totalcount', 'totalcount + 1')
+        ->execute();
+    }
   }
 }

modules/statistics/statistics.test

@@ -35,7 +35,7 @@ class StatisticsTestCase extends DrupalWebTestCase {
         'title' => 'test',
         'path' => 'node/1',
         'url' => 'http://example.com',
-        'hostname' => '192.168.1.1',
+        'hostname' => '1.2.3.3',
         'uid' => 0,
         'sid' => 10,
         'timer' => 10,
@@ -268,7 +268,7 @@ class StatisticsBlockVisitorsTestCase extends StatisticsTestCase {
    */
   function testIPAddressBlocking() {
     // IP address for testing.
-    $test_ip_address = '192.168.1.1';
+    $test_ip_address = '1.2.3.3';
 
     // Verify the IP address from accesslog appears on the top visitors page
     // and that a 'block IP address' link is displayed.