security update core+modules
This commit is contained in:
Bachir Soussi Chiadmi
@@ -200,25 +200,28 @@ class views_plugin_cache extends views_plugin {
|
||||
$this->storage['head'] = '';
|
||||
}
|
||||
|
||||
// Check if the advanced mapping function of D 7.23 is available.
|
||||
$array_mapping_func = function_exists('drupal_array_diff_assoc_recursive') ? 'drupal_array_diff_assoc_recursive' : 'array_diff_assoc';
|
||||
|
||||
// Slightly less simple for CSS:
|
||||
$css = drupal_add_css();
|
||||
$css_start = isset($this->storage['css']) ? $this->storage['css'] : array();
|
||||
$this->storage['css'] = array_diff_assoc($css, $css_start);
|
||||
$this->storage['css'] = $array_mapping_func($css, $css_start);
|
||||
|
||||
// Get javascript after/before views renders.
|
||||
$js = drupal_add_js();
|
||||
$js_start = isset($this->storage['js']) ? $this->storage['js'] : array();
|
||||
// If there are any differences between the old and the new javascript then
|
||||
// store them to be added later.
|
||||
$this->storage['js'] = array_diff_assoc($js, $js_start);
|
||||
$this->storage['js'] = $array_mapping_func($js, $js_start);
|
||||
|
||||
// Special case the settings key and get the difference of the data.
|
||||
$settings = isset($js['settings']['data']) ? $js['settings']['data'] : array();
|
||||
$settings_start = isset($js_start['settings']['data']) ? $js_start['settings']['data'] : array();
|
||||
$this->storage['js']['settings'] = array_diff_assoc($settings, $settings_start);
|
||||
$this->storage['js']['settings'] = $array_mapping_func($settings, $settings_start);
|
||||
|
||||
// Get difference of HTTP headers.
|
||||
$this->storage['headers'] = array_diff_assoc(drupal_get_http_header(), $this->storage['headers']);
|
||||
$this->storage['headers'] = $array_mapping_func(drupal_get_http_header(), $this->storage['headers']);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -253,59 +256,61 @@ class views_plugin_cache extends views_plugin {
|
||||
}
|
||||
|
||||
function get_results_key() {
|
||||
global $user;
|
||||
|
||||
if (!isset($this->_results_key)) {
|
||||
|
||||
$build_info = $this->view->build_info;
|
||||
|
||||
$query_plugin = $this->view->display_handler->get_plugin('query');
|
||||
|
||||
foreach (array('query','count_query') as $index) {
|
||||
// If the default query back-end is used generate SQL query strings from
|
||||
// the query objects.
|
||||
if ($build_info[$index] instanceof SelectQueryInterface) {
|
||||
$query = clone $build_info[$index];
|
||||
$query->preExecute();
|
||||
$build_info[$index] = (string) $query;
|
||||
}
|
||||
}
|
||||
$key_data = array(
|
||||
'build_info' => $build_info,
|
||||
'roles' => array_keys($user->roles),
|
||||
'super-user' => $user->uid == 1, // special caching for super user.
|
||||
'language' => $GLOBALS['language']->language,
|
||||
'base_url' => $GLOBALS['base_url'],
|
||||
);
|
||||
foreach (array('exposed_info', 'page', 'sort', 'order', 'items_per_page', 'offset') as $key) {
|
||||
if (isset($_GET[$key])) {
|
||||
$key_data[$key] = $_GET[$key];
|
||||
}
|
||||
}
|
||||
|
||||
$this->_results_key = $this->view->name . ':' . $this->display->id . ':results:' . md5(serialize($key_data));
|
||||
$this->_results_key = $this->view->name . ':' . $this->display->id . ':results:' . $this->get_cache_key();
|
||||
}
|
||||
|
||||
return $this->_results_key;
|
||||
}
|
||||
|
||||
function get_output_key() {
|
||||
global $user;
|
||||
if (!isset($this->_output_key)) {
|
||||
$key_data = array(
|
||||
'result' => $this->view->result,
|
||||
'roles' => array_keys($user->roles),
|
||||
'super-user' => $user->uid == 1, // special caching for super user.
|
||||
'theme' => $GLOBALS['theme'],
|
||||
'language' => $GLOBALS['language']->language,
|
||||
'base_url' => $GLOBALS['base_url'],
|
||||
);
|
||||
|
||||
$this->_output_key = $this->view->name . ':' . $this->display->id . ':output:' . md5(serialize($key_data));
|
||||
$this->_output_key = $this->view->name . ':' . $this->display->id . ':output:' . $this->get_cache_key($key_data);
|
||||
}
|
||||
|
||||
return $this->_output_key;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns cache key.
|
||||
*
|
||||
* @param array $key_data
|
||||
* Additional data for cache segmentation and/or overrides for default
|
||||
* segmentation.
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
function get_cache_key($key_data = array()) {
|
||||
global $user;
|
||||
|
||||
$key_data += array(
|
||||
'roles' => array_keys($user->roles),
|
||||
'super-user' => $user->uid == 1, // special caching for super user.
|
||||
'language' => $GLOBALS['language']->language,
|
||||
'base_url' => $GLOBALS['base_url'],
|
||||
);
|
||||
|
||||
if (empty($key_data['build_info'])) {
|
||||
$build_info = $this->view->build_info;
|
||||
foreach (array('query','count_query') as $index) {
|
||||
// If the default query back-end is used generate SQL query strings from
|
||||
// the query objects.
|
||||
if ($build_info[$index] instanceof SelectQueryInterface) {
|
||||
$query = clone $build_info[$index];
|
||||
$query->preExecute();
|
||||
$key_data['build_info'][$index] = array(
|
||||
'sql' => (string) $query,
|
||||
'arguments' => $query->getArguments(),
|
||||
);
|
||||
}
|
||||
}
|
||||
}
|
||||
$key = md5(serialize($key_data));
|
||||
return $key;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -476,7 +476,7 @@ class views_plugin_display extends views_plugin {
|
||||
'display_description' => FALSE,
|
||||
'use_ajax' => TRUE,
|
||||
'hide_attachment_summary' => TRUE,
|
||||
'hide_admin_links' => FALSE,
|
||||
'hide_admin_links' => TRUE,
|
||||
'pager' => TRUE,
|
||||
'pager_options' => TRUE,
|
||||
'use_more' => TRUE,
|
||||
@@ -918,7 +918,7 @@ class views_plugin_display extends views_plugin {
|
||||
/**
|
||||
* Get a full array of handlers for $type. This caches them.
|
||||
*/
|
||||
function get_handlers($type) {
|
||||
function &get_handlers($type) {
|
||||
if (!isset($this->handlers[$type])) {
|
||||
$this->handlers[$type] = array();
|
||||
$types = views_object_types();
|
||||
|
||||
@@ -37,7 +37,7 @@ class views_plugin_display_feed extends views_plugin_display_page {
|
||||
function execute() {
|
||||
$output = $this->view->render();
|
||||
if (empty($output)) {
|
||||
return drupal_not_found();
|
||||
return MENU_NOT_FOUND;
|
||||
}
|
||||
print $output;
|
||||
}
|
||||
|
||||
@@ -30,6 +30,7 @@ class views_plugin_display_page extends views_plugin_display {
|
||||
'weight' => array('default' => 0),
|
||||
'name' => array('default' => variable_get('menu_default_node_menu', 'navigation')),
|
||||
'context' => array('default' => ''),
|
||||
'context_only_inline' => array('default' => FALSE),
|
||||
),
|
||||
);
|
||||
$options['tab_options'] = array(
|
||||
@@ -153,7 +154,7 @@ class views_plugin_display_page extends views_plugin_display {
|
||||
// Add context for contextual links.
|
||||
// @see menu_contextual_links()
|
||||
if (!empty($menu['context'])) {
|
||||
$items[$path]['context'] = MENU_CONTEXT_INLINE;
|
||||
$items[$path]['context'] = !empty($menu['context_only_inline']) ? MENU_CONTEXT_INLINE : (MENU_CONTEXT_PAGE | MENU_CONTEXT_INLINE);
|
||||
}
|
||||
|
||||
// If this is a 'default' tab, check to see if we have to create teh
|
||||
@@ -215,11 +216,11 @@ class views_plugin_display_page extends views_plugin_display {
|
||||
// display, and arguments should be set on the view.
|
||||
$this->view->build();
|
||||
if (!empty($this->view->build_info['fail'])) {
|
||||
return drupal_not_found();
|
||||
return MENU_NOT_FOUND;
|
||||
}
|
||||
|
||||
if (!empty($this->view->build_info['denied'])) {
|
||||
return drupal_access_denied();
|
||||
return MENU_ACCESS_DENIED;
|
||||
}
|
||||
|
||||
$this->view->get_breadcrumb(TRUE);
|
||||
@@ -386,12 +387,23 @@ class views_plugin_display_page extends views_plugin_display {
|
||||
);
|
||||
$form['menu']['context'] = array(
|
||||
'#title' => t('Context'),
|
||||
'#suffix' => '</div>',
|
||||
'#type' => 'checkbox',
|
||||
'#default_value' => !empty($menu['context']),
|
||||
'#description' => t('Displays the link in contextual links'),
|
||||
'#dependency' => array('radio:menu[type]' => array('tab')),
|
||||
);
|
||||
$form['menu']['context_only_inline'] = array(
|
||||
'#title' => t('Hide menu tab'),
|
||||
'#suffix' => '</div>',
|
||||
'#type' => 'checkbox',
|
||||
'#default_value' => !empty($menu['context_only_inline']),
|
||||
'#description' => t('Only display menu item entry in contextual links. Menu tab should not be displayed.'),
|
||||
'#dependency' => array(
|
||||
'radio:menu[type]' => array('tab'),
|
||||
'edit-menu-context' => array(1),
|
||||
),
|
||||
'#dependency_count' => 2,
|
||||
);
|
||||
break;
|
||||
case 'tab_options':
|
||||
$form['#title'] .= t('Default tab options');
|
||||
|
||||
@@ -173,7 +173,7 @@ class views_plugin_exposed_form extends views_plugin {
|
||||
$view = $this->view;
|
||||
$exposed_data = isset($view->exposed_data) ? $view->exposed_data : array();
|
||||
$sort_by = isset($exposed_data['sort_by']) ? $exposed_data['sort_by'] : NULL;
|
||||
if (!empty($sort_by)) {
|
||||
if (!empty($sort_by) && $this->view->style_plugin->build_sort()) {
|
||||
// Make sure the original order of sorts is preserved
|
||||
// (e.g. a sticky sort is often first)
|
||||
if (isset($view->sort[$sort_by])) {
|
||||
|
||||
@@ -71,6 +71,7 @@ class views_plugin_exposed_form_input_required extends views_plugin_exposed_form
|
||||
'group_type' => 'group',
|
||||
'content' => $this->options['text_input_required'],
|
||||
'format' => $this->options['text_input_required_format'],
|
||||
'empty' => TRUE,
|
||||
);
|
||||
$handler = views_get_handler('views', 'area', 'area');
|
||||
$handler->init($this->view, $options);
|
||||
|
||||
@@ -107,7 +107,7 @@ class views_plugin_pager extends views_plugin {
|
||||
* Get the pager id, if it exists
|
||||
*/
|
||||
function get_pager_id() {
|
||||
return isset($this->options['id']) ? $this->options['id'] : 0;
|
||||
return !empty($this->options['id']) ? $this->options['id'] : 0;
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -276,7 +276,7 @@ class views_plugin_pager_full extends views_plugin_pager {
|
||||
);
|
||||
$output = theme($pager_theme, array(
|
||||
'tags' => $tags,
|
||||
'element' => $this->options['id'],
|
||||
'element' => $this->get_pager_id(),
|
||||
'parameters' => $input,
|
||||
'quantity' => $this->options['quantity'],
|
||||
));
|
||||
@@ -308,11 +308,12 @@ class views_plugin_pager_full extends views_plugin_pager {
|
||||
// array hasn't been initialized before.
|
||||
$page = isset($_GET['page']) ? explode(',', $_GET['page']) : array();
|
||||
|
||||
for ($i = 0; $i <= $this->options['id'] || $i < count($pager_page_array); $i++) {
|
||||
$pager_id = $this->get_pager_id();
|
||||
for ($i = 0; $i <= $pager_id || $i < count($pager_page_array); $i++) {
|
||||
$pager_page_array[$i] = empty($page[$i]) ? 0 : $page[$i];
|
||||
}
|
||||
|
||||
$this->current_page = intval($pager_page_array[$this->options['id']]);
|
||||
$this->current_page = intval($pager_page_array[$pager_id]);
|
||||
|
||||
if ($this->current_page < 0) {
|
||||
$this->current_page = 0;
|
||||
@@ -348,24 +349,25 @@ class views_plugin_pager_full extends views_plugin_pager {
|
||||
// Dump information about what we already know into the globals.
|
||||
global $pager_page_array, $pager_total, $pager_total_items, $pager_limits;
|
||||
// Set the limit.
|
||||
$pager_limits[$this->options['id']] = $this->options['items_per_page'];
|
||||
$pager_id = $this->get_pager_id();
|
||||
$pager_limits[$pager_id] = $this->options['items_per_page'];
|
||||
// Set the item count for the pager.
|
||||
$pager_total_items[$this->options['id']] = $this->total_items;
|
||||
$pager_total_items[$pager_id] = $this->total_items;
|
||||
// Calculate and set the count of available pages.
|
||||
$pager_total[$this->options['id']] = $this->get_pager_total();
|
||||
$pager_total[$pager_id] = $this->get_pager_total();
|
||||
|
||||
// See if the requested page was within range:
|
||||
if ($this->current_page < 0) {
|
||||
$this->current_page = 0;
|
||||
}
|
||||
else if ($this->current_page >= $pager_total[$this->options['id']]) {
|
||||
else if ($this->current_page >= $pager_total[$pager_id]) {
|
||||
// Pages are numbered from 0 so if there are 10 pages, the last page is 9.
|
||||
$this->current_page = $pager_total[$this->options['id']] - 1;
|
||||
$this->current_page = $pager_total[$pager_id] - 1;
|
||||
}
|
||||
|
||||
// Put this number in to guarantee that we do not generate notices when the pager
|
||||
// goes to look for it later.
|
||||
$pager_page_array[$this->options['id']] = $this->current_page;
|
||||
$pager_page_array[$pager_id] = $this->current_page;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -63,7 +63,7 @@ class views_plugin_pager_mini extends views_plugin_pager_full {
|
||||
);
|
||||
return theme($pager_theme, array(
|
||||
'tags' => $tags,
|
||||
'element' => $this->options['id'],
|
||||
'element' => $this->get_pager_id(),
|
||||
'parameters' => $input,
|
||||
));
|
||||
}
|
||||
|
||||
@@ -1365,6 +1365,16 @@ class views_plugin_query_default extends views_plugin_query {
|
||||
// Add all query substitutions as metadata.
|
||||
$query->addMetaData('views_substitutions', module_invoke_all('views_query_substitutions', $this));
|
||||
|
||||
if (!$get_count) {
|
||||
if (!empty($this->limit) || !empty($this->offset)) {
|
||||
// We can't have an offset without a limit, so provide a very large limit
|
||||
// instead.
|
||||
$limit = intval(!empty($this->limit) ? $this->limit : 999999);
|
||||
$offset = intval(!empty($this->offset) ? $this->offset : 0);
|
||||
$query->range($offset, $limit);
|
||||
}
|
||||
}
|
||||
|
||||
return $query;
|
||||
}
|
||||
|
||||
@@ -1469,16 +1479,8 @@ class views_plugin_query_default extends views_plugin_query {
|
||||
$this->pager->execute_count_query($count_query);
|
||||
}
|
||||
|
||||
// Let the pager modify the query to add limits.
|
||||
$this->pager->pre_execute($query);
|
||||
|
||||
if (!empty($this->limit) || !empty($this->offset)) {
|
||||
// We can't have an offset without a limit, so provide a very large limit instead.
|
||||
$limit = intval(!empty($this->limit) ? $this->limit : 999999);
|
||||
$offset = intval(!empty($this->offset) ? $this->offset : 0);
|
||||
$query->range($offset, $limit);
|
||||
}
|
||||
|
||||
$result = $query->execute();
|
||||
|
||||
$view->result = array();
|
||||
|
||||
@@ -19,6 +19,7 @@ class views_plugin_style_jump_menu extends views_plugin_style {
|
||||
$options['text'] = array('default' => 'Go', 'translatable' => TRUE);
|
||||
$options['label'] = array('default' => '', 'translatable' => TRUE);
|
||||
$options['choose'] = array('default' => '- Choose -', 'translatable' => TRUE);
|
||||
$options['inline'] = array('default' => TRUE, 'bool' => TRUE);
|
||||
$options['default_value'] = array('default' => FALSE, 'bool' => TRUE);
|
||||
|
||||
return $options;
|
||||
@@ -83,6 +84,12 @@ class views_plugin_style_jump_menu extends views_plugin_style {
|
||||
'#description' => t('The text that will appear as the selected option in the jump menu.'),
|
||||
);
|
||||
|
||||
$form['inline'] = array(
|
||||
'#type' => 'checkbox',
|
||||
'#title' => t('Set this field to display inline'),
|
||||
'#default_value' => !empty($this->options['inline']),
|
||||
);
|
||||
|
||||
$form['default_value'] = array(
|
||||
'#type' => 'checkbox',
|
||||
'#title' => t('Select the current contextual filter value'),
|
||||
@@ -135,8 +142,17 @@ class views_plugin_style_jump_menu extends views_plugin_style {
|
||||
unset($this->view->row_index);
|
||||
|
||||
$default_value = '';
|
||||
if ($this->options['default_value'] && !empty($paths[url($_GET['q'])])) {
|
||||
$default_value = $paths[url($_GET['q'])];
|
||||
if ($this->options['default_value']) {
|
||||
$lookup_options = array();
|
||||
// We need to check if the path is absolute
|
||||
// or else language is not taken in account.
|
||||
if ($this->view->display[$this->view->current_display]->display_options['fields'][$this->options['path']]['absolute']) {
|
||||
$lookup_options['absolute'] = TRUE;
|
||||
}
|
||||
$lookup_url = url($_GET['q'], $lookup_options);
|
||||
if (!empty($paths[$lookup_url])) {
|
||||
$default_value = $paths[$lookup_url];
|
||||
}
|
||||
}
|
||||
|
||||
ctools_include('jump-menu');
|
||||
@@ -145,6 +161,7 @@ class views_plugin_style_jump_menu extends views_plugin_style {
|
||||
'button' => $this->options['text'],
|
||||
'title' => $this->options['label'],
|
||||
'choose' => $this->options['choose'],
|
||||
'inline' => $this->options['inline'],
|
||||
'default_value' => $default_value,
|
||||
);
|
||||
|
||||
|
||||
@@ -20,6 +20,7 @@ class views_plugin_style_summary_jump_menu extends views_plugin_style {
|
||||
$options['text'] = array('default' => 'Go', 'translatable' => TRUE);
|
||||
$options['label'] = array('default' => '', 'translatable' => TRUE);
|
||||
$options['choose'] = array('default' => '- Choose -', 'translatable' => TRUE);
|
||||
$options['inline'] = array('default' => TRUE, 'bool' => TRUE);
|
||||
$options['default_value'] = array('default' => FALSE, 'bool' => TRUE);
|
||||
|
||||
return $options;
|
||||
@@ -78,6 +79,12 @@ class views_plugin_style_summary_jump_menu extends views_plugin_style {
|
||||
'#description' => t('The text that will appear as the selected option in the jump menu.'),
|
||||
);
|
||||
|
||||
$form['inline'] = array(
|
||||
'#type' => 'checkbox',
|
||||
'#title' => t('Set this field to display inline'),
|
||||
'#default_value' => !empty($this->options['inline']),
|
||||
);
|
||||
|
||||
$form['default_value'] = array(
|
||||
'#type' => 'checkbox',
|
||||
'#title' => t('Select the current contextual filter value'),
|
||||
@@ -129,6 +136,7 @@ class views_plugin_style_summary_jump_menu extends views_plugin_style {
|
||||
'button' => $this->options['text'],
|
||||
'title' => $this->options['label'],
|
||||
'choose' => $this->options['choose'],
|
||||
'inline' => $this->options['inline'],
|
||||
'default_value' => $default_value,
|
||||
);
|
||||
|
||||
|
||||
@@ -75,6 +75,7 @@ class ViewsUiCommentViewsWizard extends ViewsUiBaseViewsWizard {
|
||||
|
||||
// Add permission-based access control.
|
||||
$display_options['access']['type'] = 'perm';
|
||||
$display_options['access']['perm'] = 'access comments';
|
||||
|
||||
// Add a relationship to nodes.
|
||||
$display_options['relationships']['nid']['id'] = 'nid';
|
||||
|
||||
@@ -64,6 +64,7 @@ class ViewsUiNodeViewsWizard extends ViewsUiBaseViewsWizard {
|
||||
|
||||
// Add permission-based access control.
|
||||
$display_options['access']['type'] = 'perm';
|
||||
$display_options['access']['perm'] = 'access content';
|
||||
|
||||
// Remove the default fields, since we are customizing them here.
|
||||
unset($display_options['fields']);
|
||||
|
||||
@@ -15,6 +15,7 @@ class ViewsUiTaxonomyTermViewsWizard extends ViewsUiBaseViewsWizard {
|
||||
|
||||
// Add permission-based access control.
|
||||
$display_options['access']['type'] = 'perm';
|
||||
$display_options['access']['perm'] = 'access content';
|
||||
|
||||
// Remove the default fields, since we are customizing them here.
|
||||
unset($display_options['fields']);
|
||||
|
||||
Reference in New Issue
Block a user