diff -Nru drupal6-6.16/.bzr/branch/branch.conf drupal6-6.19/.bzr/branch/branch.conf --- drupal6-6.16/.bzr/branch/branch.conf 1970-01-01 01:00:00.000000000 +0100 +++ drupal6-6.19/.bzr/branch/branch.conf 2010-08-18 09:52:57.000000000 +0100 @@ -0,0 +1 @@ +parent_location = bzr+ssh://bazaar.launchpad.net/~ubuntu-small-business-server/%2Bjunk/drupal6-core/ diff -Nru drupal6-6.16/.bzr/branch/format drupal6-6.19/.bzr/branch/format --- drupal6-6.16/.bzr/branch/format 1970-01-01 01:00:00.000000000 +0100 +++ drupal6-6.19/.bzr/branch/format 2010-08-18 09:52:57.000000000 +0100 @@ -0,0 +1 @@ +Bazaar Branch Format 7 (needs bzr 1.6) diff -Nru drupal6-6.16/.bzr/branch/last-revision drupal6-6.19/.bzr/branch/last-revision --- drupal6-6.16/.bzr/branch/last-revision 1970-01-01 01:00:00.000000000 +0100 +++ drupal6-6.19/.bzr/branch/last-revision 2010-08-18 09:52:57.000000000 +0100 @@ -0,0 +1 @@ +14 david@fourkitchens.com-20100811205417-lnphb75h8gqkrwsm diff -Nru drupal6-6.16/.bzr/branch/tags drupal6-6.19/.bzr/branch/tags --- drupal6-6.16/.bzr/branch/tags 1970-01-01 01:00:00.000000000 +0100 +++ drupal6-6.19/.bzr/branch/tags 2010-08-18 09:52:57.000000000 +0100 @@ -0,0 +1 @@ +d3:6.657:bzr@web3.fourkitchens.com-20081206090233-iiw30tyxi6lq1rcf3:6.757:bzr@web3.fourkitchens.com-20081211045637-mvfr7y7hzjjcxpk411:DRUPAL-6-1057:bzr@web3.fourkitchens.com-20090225223309-ya4v006gu9q2rusr11:DRUPAL-6-1157:bzr@web3.fourkitchens.com-20090430003653-gwp19yqbdzggw0rs11:DRUPAL-6-1257:bzr@web3.fourkitchens.com-20090513204741-i1qqucbz7nxj8rn611:DRUPAL-6-1357:bzr@web3.fourkitchens.com-20090701223352-332v8xxs6b2mv5td11:DRUPAL-6-1454:david@fourkitchens.com-20090916195716-bi9stbs141s8jwy411:DRUPAL-6-1554:david@fourkitchens.com-20091216214650-430zd7jrkbdus1w911:DRUPAL-6-1654:david@fourkitchens.com-20100304013205-rzm7nzx405tybf1o11:DRUPAL-6-1754:david@fourkitchens.com-20100602203018-a7xev8yhbrlx2lcx11:DRUPAL-6-1854:david@fourkitchens.com-20100811205244-1ktjme1c89eay97i11:DRUPAL-6-1954:david@fourkitchens.com-20100811205417-lnphb75h8gqkrwsm10:DRUPAL-6-657:bzr@web3.fourkitchens.com-20081206090233-iiw30tyxi6lq1rcf10:DRUPAL-6-757:bzr@web3.fourkitchens.com-20081211045637-mvfr7y7hzjjcxpk410:DRUPAL-6-857:bzr@web3.fourkitchens.com-20081211184810-doysuz3j49jln3be10:DRUPAL-6-957:bzr@web3.fourkitchens.com-20090115003006-09rbv04r2gw9bnkde \ No newline at end of file diff -Nru drupal6-6.16/.bzr/branch-format drupal6-6.19/.bzr/branch-format --- drupal6-6.16/.bzr/branch-format 1970-01-01 01:00:00.000000000 +0100 +++ drupal6-6.19/.bzr/branch-format 2010-08-18 09:52:53.000000000 +0100 @@ -0,0 +1 @@ +Bazaar-NG meta directory, format 1 diff -Nru drupal6-6.16/.bzr/checkout/conflicts drupal6-6.19/.bzr/checkout/conflicts --- drupal6-6.16/.bzr/checkout/conflicts 1970-01-01 01:00:00.000000000 +0100 +++ drupal6-6.19/.bzr/checkout/conflicts 2010-08-18 09:52:58.000000000 +0100 @@ -0,0 +1 @@ +BZR conflict list format 1 Binary files /tmp/qMsWXH8ddj/drupal6-6.16/.bzr/checkout/dirstate and /tmp/q7FbXOgh65/drupal6-6.19/.bzr/checkout/dirstate differ diff -Nru drupal6-6.16/.bzr/checkout/format drupal6-6.19/.bzr/checkout/format --- drupal6-6.16/.bzr/checkout/format 1970-01-01 01:00:00.000000000 +0100 +++ drupal6-6.19/.bzr/checkout/format 2010-08-18 09:52:57.000000000 +0100 @@ -0,0 +1 @@ +Bazaar Working Tree Format 6 (bzr 1.14) diff -Nru drupal6-6.16/.bzr/README drupal6-6.19/.bzr/README --- drupal6-6.16/.bzr/README 1970-01-01 01:00:00.000000000 +0100 +++ drupal6-6.19/.bzr/README 2010-08-18 09:52:53.000000000 +0100 @@ -0,0 +1,3 @@ +This is a Bazaar control directory. +Do not change any files in this directory. +See http://bazaar-vcs.org/ for more information about Bazaar. diff -Nru drupal6-6.16/.bzr/repository/format drupal6-6.19/.bzr/repository/format --- drupal6-6.16/.bzr/repository/format 1970-01-01 01:00:00.000000000 +0100 +++ drupal6-6.19/.bzr/repository/format 2010-08-18 09:52:53.000000000 +0100 @@ -0,0 +1 @@ +Bazaar RepositoryFormatKnitPack6RichRoot (bzr 1.9) Binary files /tmp/qMsWXH8ddj/drupal6-6.16/.bzr/repository/indices/8f76abb147d93b780476fccf2d0339bc.iix and /tmp/q7FbXOgh65/drupal6-6.19/.bzr/repository/indices/8f76abb147d93b780476fccf2d0339bc.iix differ Binary files /tmp/qMsWXH8ddj/drupal6-6.16/.bzr/repository/indices/8f76abb147d93b780476fccf2d0339bc.rix and /tmp/q7FbXOgh65/drupal6-6.19/.bzr/repository/indices/8f76abb147d93b780476fccf2d0339bc.rix differ diff -Nru drupal6-6.16/.bzr/repository/indices/8f76abb147d93b780476fccf2d0339bc.six drupal6-6.19/.bzr/repository/indices/8f76abb147d93b780476fccf2d0339bc.six --- drupal6-6.16/.bzr/repository/indices/8f76abb147d93b780476fccf2d0339bc.six 1970-01-01 01:00:00.000000000 +0100 +++ drupal6-6.19/.bzr/repository/indices/8f76abb147d93b780476fccf2d0339bc.six 2010-08-18 09:52:57.000000000 +0100 @@ -0,0 +1,5 @@ +B+Tree Graph Index 2 +node_ref_lists=0 +key_elements=1 +len=0 +row_lengths= Binary files /tmp/qMsWXH8ddj/drupal6-6.16/.bzr/repository/indices/8f76abb147d93b780476fccf2d0339bc.tix and /tmp/q7FbXOgh65/drupal6-6.19/.bzr/repository/indices/8f76abb147d93b780476fccf2d0339bc.tix differ diff -Nru drupal6-6.16/.bzr/repository/pack-names drupal6-6.19/.bzr/repository/pack-names --- drupal6-6.16/.bzr/repository/pack-names 1970-01-01 01:00:00.000000000 +0100 +++ drupal6-6.19/.bzr/repository/pack-names 2010-08-18 09:52:57.000000000 +0100 @@ -0,0 +1,6 @@ +B+Tree Graph Index 2 +node_ref_lists=0 +key_elements=1 +len=1 +row_lengths=1 +xœÁ±À @k§päµÈ0‚R¥H‘&ÛçîýžsÝgE]fM°'Fh¸íÊ<ÍSê,EJÐ( ü)õ³ \ No newline at end of file Binary files /tmp/qMsWXH8ddj/drupal6-6.16/.bzr/repository/packs/8f76abb147d93b780476fccf2d0339bc.pack and /tmp/q7FbXOgh65/drupal6-6.19/.bzr/repository/packs/8f76abb147d93b780476fccf2d0339bc.pack differ diff -Nru drupal6-6.16/CHANGELOG.txt drupal6-6.19/CHANGELOG.txt --- drupal6-6.16/CHANGELOG.txt 2010-03-04 00:15:28.000000000 +0000 +++ drupal6-6.19/CHANGELOG.txt 2010-08-18 09:52:58.000000000 +0100 @@ -1,4 +1,23 @@ -// $Id: CHANGELOG.txt,v 1.253.2.37 2010/03/04 00:15:28 goba Exp $ +// $Id: CHANGELOG.txt,v 1.253.2.41 2010/08/11 20:35:47 goba Exp $ + +Drupal 6.19, 2010-08-11 +---------------------- +- Fixed a variety of small bugs, improved code documentation. + +Drupal 6.18, 2010-08-11 +---------------------- +- Fixed security issues (OpenID authentication bypass, File download access + bypass, Comment unpublishing bypass, Actions cross site scripting), + see SA-CORE-2010-002. + +Drupal 6.17, 2010-06-02 +---------------------- +- Improved PostgreSQL compatibility +- Better PHP 5.3 and PHP 4 compatibility +- Better browser compatibility of CSS and JS aggregation +- Improved logging for login failures +- Fixed an incompatibility with some contributed modules and the locking system +- Fixed a variety of other bugs. Drupal 6.16, 2010-03-03 ---------------------- @@ -218,6 +237,11 @@ - Removed old system updates. Updates from Drupal versions prior to 5.x will require upgrading to 5.x before upgrading to 6.x. +Drupal 5.23, 2010-08-11 +----------------------- +- Fixed security issues (File download access bypass, Comment unpublishing + bypass), see SA-CORE-2010-002. + Drupal 5.22, 2010-03-03 ----------------------- - Fixed security issues (Open redirection, Locale module cross site scripting, diff -Nru drupal6-6.16/COPYRIGHT.txt drupal6-6.19/COPYRIGHT.txt --- drupal6-6.16/COPYRIGHT.txt 2009-09-14 13:50:38.000000000 +0100 +++ drupal6-6.19/COPYRIGHT.txt 2010-08-18 09:52:58.000000000 +0100 @@ -1,6 +1,6 @@ -// $Id: COPYRIGHT.txt,v 1.2.2.2 2009/09/14 12:50:38 goba Exp $ +// $Id: COPYRIGHT.txt,v 1.2.2.3 2010/08/06 10:58:29 goba Exp $ -All Drupal code is Copyright 2001 - 2009 by the original authors. +All Drupal code is Copyright 2001 - 2010 by the original authors. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff -Nru drupal6-6.16/debian/changelog drupal6-6.19/debian/changelog --- drupal6-6.16/debian/changelog 2010-08-18 10:12:48.000000000 +0100 +++ drupal6-6.19/debian/changelog 2010-08-18 09:55:57.000000000 +0100 @@ -1,3 +1,9 @@ +drupal6 (6.19-1usbs1) lucid; urgency=high + + * Rebuild for 6.19 + + -- Anders Wallenquist Wed, 18 Aug 2010 10:54:59 +0200 + drupal6 (6.16-1) unstable; urgency=high [ Luigi Gangitano ] diff -Nru drupal6-6.16/includes/actions.inc drupal6-6.19/includes/actions.inc --- drupal6-6.16/includes/actions.inc 2009-11-06 08:14:05.000000000 +0000 +++ drupal6-6.19/includes/actions.inc 2010-08-18 09:52:58.000000000 +0100 @@ -1,5 +1,5 @@ $params) { if (is_numeric($action_id)) { // Configurable actions need parameters. $function = $params['callback']; - $context = array_merge($context, $params); - $result[$action_id] = $function($object, $context, $a1, $a2); + if (function_exists($function)) { + $context = array_merge($context, $params); + $actions_result[$action_id] = $function($object, $context, $a1, $a2); + } + else { + $actions_result[$action_id] = FALSE; + } } // Singleton action; $action_id is the function name. else { @@ -96,8 +139,13 @@ if (is_numeric($action_ids)) { $action = db_fetch_object(db_query("SELECT * FROM {actions} WHERE aid = '%s'", $action_ids)); $function = $action->callback; - $context = array_merge($context, unserialize($action->parameters)); - $result[$action_ids] = $function($object, $context, $a1, $a2); + if (function_exists($function)) { + $context = array_merge($context, unserialize($action->parameters)); + $actions_result[$action_ids] = $function($object, $context, $a1, $a2); + } + else { + $actions_result[$action_ids] = FALSE; + } } // Singleton action; $action_ids is the function name. else { @@ -280,7 +328,7 @@ else { // This is a new singleton that we don't have an aid for; assign one. db_query("INSERT INTO {actions} (aid, type, callback, parameters, description) VALUES ('%s', '%s', '%s', '%s', '%s')", $callback, $array['type'], $callback, '', $array['description']); - watchdog('actions', "Action '%action' added.", array('%action' => filter_xss_admin($array['description']))); + watchdog('actions', "Action '%action' added.", array('%action' => $array['description'])); } } } @@ -302,7 +350,7 @@ $results = db_query("SELECT a.aid, a.description FROM {actions} a WHERE callback IN ($placeholders)", $orphaned); while ($action = db_fetch_object($results)) { actions_delete($action->aid); - watchdog('actions', "Removed orphaned action '%action' from database.", array('%action' => filter_xss_admin($action->description))); + watchdog('actions', "Removed orphaned action '%action' from database.", array('%action' => $action->description)); } } else { diff -Nru drupal6-6.16/includes/batch.inc drupal6-6.19/includes/batch.inc --- drupal6-6.16/includes/batch.inc 2007-12-20 11:57:20.000000000 +0000 +++ drupal6-6.19/includes/batch.inc 2010-08-18 09:52:58.000000000 +0100 @@ -1,5 +1,5 @@ '. $batch['error_message']; + drupal_maintenance_theme(); $fallback = theme('maintenance_page', $fallback, FALSE, FALSE); // We strip the end of the page using a marker in the template, so any diff -Nru drupal6-6.16/includes/bootstrap.inc drupal6-6.19/includes/bootstrap.inc --- drupal6-6.16/includes/bootstrap.inc 2010-02-01 16:49:14.000000000 +0000 +++ drupal6-6.19/includes/bootstrap.inc 2010-08-18 09:52:58.000000000 +0100 @@ -1,5 +1,5 @@ 2 && !is_numeric(str_replace('.', '', $cookie_domain))) { @@ -488,7 +566,11 @@ } /** - * Return a persistent variable. + * Returns a persistent variable. + * + * Case-sensitivity of the variable_* functions depends on the database + * collation used. To avoid problems, always use lower case for persistent + * variable names. * * @param $name * The name of the variable to return. @@ -506,7 +588,11 @@ } /** - * Set a persistent variable. + * Sets a persistent variable. + * + * Case-sensitivity of the variable_* functions depends on the database + * collation used. To avoid problems, always use lower case for persistent + * variable names. * * @param $name * The name of the variable to set. @@ -531,7 +617,11 @@ } /** - * Unset a persistent variable. + * Unsets a persistent variable. + * + * Case-sensitivity of the variable_* functions depends on the database + * collation used. To avoid problems, always use lower case for persistent + * variable names. * * @param $name * The name of the variable to undefine. @@ -674,15 +764,19 @@ header("Expires: Sun, 19 Nov 1978 05:00:00 GMT"); header("Cache-Control: must-revalidate"); - if (variable_get('page_compression', TRUE)) { + if (variable_get('page_compression', TRUE) && extension_loaded('zlib')) { // Determine if the browser accepts gzipped data. - if (@strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') === FALSE && function_exists('gzencode')) { - // Strip the gzip header and run uncompress. - $cache->data = gzinflate(substr(substr($cache->data, 10), 0, -8)); - } - elseif (function_exists('gzencode')) { + if (isset($_SERVER['HTTP_ACCEPT_ENCODING']) && strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') !== FALSE) { + // $cache->data is already gzip'ed, so make sure zlib.output_compression + // does not compress it once more. + ini_set('zlib.output_compression', '0'); header('Content-Encoding: gzip'); } + else { + // The client does not support compression, so unzip the data in the + // cache. Strip the gzip header and run uncompress. + $cache->data = gzinflate(substr(substr($cache->data, 10), 0, -8)); + } } // Send the original request's headers. We send them one after @@ -714,7 +808,7 @@ function drupal_unpack($obj, $field = 'data') { if ($obj->$field && $data = unserialize($obj->$field)) { foreach ($data as $key => $value) { - if (!isset($obj->$key)) { + if (!empty($key) && !isset($obj->$key)) { $obj->$key = $value; } } @@ -734,11 +828,35 @@ /** * Encode special characters in a plain-text string for display as HTML. * - * Uses drupal_validate_utf8 to prevent cross site scripting attacks on + * Also validates strings as UTF-8 to prevent cross site scripting attacks on * Internet Explorer 6. + * + * @param $text + * The text to be checked or processed. + * @return + * An HTML safe version of $text, or an empty string if $text is not + * valid UTF-8. + * + * @see drupal_validate_utf8(). */ function check_plain($text) { - return drupal_validate_utf8($text) ? htmlspecialchars($text, ENT_QUOTES) : ''; + static $php525; + + if (!isset($php525)) { + $php525 = version_compare(PHP_VERSION, '5.2.5', '>='); + } + // We duplicate the preg_match() to validate strings as UTF-8 from + // drupal_validate_utf8() here. This avoids the overhead of an additional + // function call, since check_plain() may be called hundreds of times during + // a request. For PHP 5.2.5+, this check for valid UTF-8 should be handled + // internally by PHP in htmlspecialchars(). + // @see http://www.php.net/releases/5_2_5.php + // @todo remove this when support for either IE6 or PHP < 5.2.5 is dropped. + + if ($php525) { + return htmlspecialchars($text, ENT_QUOTES, 'UTF-8'); + } + return (preg_match('/^./us', $text) == 1) ? htmlspecialchars($text, ENT_QUOTES, 'UTF-8') : ''; } /** @@ -774,6 +892,7 @@ if (strlen($text) == 0) { return TRUE; } + // For performance reasons this logic is duplicated in check_plain(). return (preg_match('/^./us', $text) == 1); } @@ -807,7 +926,8 @@ * Log a system message. * * @param $type - * The category to which this message belongs. + * The category to which this message belongs. Can be any string, but the + * general practice is to use the name of the module calling watchdog(). * @param $message * The message to store in the log. See t() for documentation * on how $message and $variables interact. Keep $message @@ -817,7 +937,8 @@ * NULL if message is already translated or not possible to * translate. * @param $severity - * The severity of the message, as per RFC 3164 + * The severity of the message, as per RFC 3164. Possible values are + * WATCHDOG_ERROR, WATCHDOG_WARNING, etc. * @param $link * A link to associate with the message. * @@ -841,7 +962,7 @@ ); // Call the logging hooks to log/process the message - foreach (module_implements('watchdog', TRUE) as $module) { + foreach (module_implements('watchdog') as $module) { module_invoke($module, 'watchdog', $log_message); } } @@ -1020,6 +1141,10 @@ // Initialize the default database. require_once './includes/database.inc'; db_set_active(); + // Allow specifying alternate lock implementations in settings.php, like + // those using APC or memcached. + require_once variable_get('lock_inc', './includes/lock.inc'); + lock_init(); break; case DRUPAL_BOOTSTRAP_ACCESS: @@ -1060,8 +1185,6 @@ exit; } // Prepare for non-cached page workflow. - require_once variable_get('lock_inc', './includes/lock.inc'); - lock_init(); drupal_page_header(); break; @@ -1200,7 +1323,8 @@ if (!empty($reverse_proxy_addresses) && in_array($ip_address, $reverse_proxy_addresses, TRUE)) { // If there are several arguments, we need to check the most // recently added one, i.e. the last one. - $ip_address = array_pop(explode(',', $_SERVER['HTTP_X_FORWARDED_FOR'])); + $ip_address_parts = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']); + $ip_address = array_pop($ip_address_parts); } } } diff -Nru drupal6-6.16/includes/common.inc drupal6-6.19/includes/common.inc --- drupal6-6.16/includes/common.inc 2010-03-04 00:15:28.000000000 +0000 +++ drupal6-6.19/includes/common.inc 2010-08-18 09:52:58.000000000 +0100 @@ -1,5 +1,5 @@ data) = explode("\r\n\r\n", $response, 2); $split = preg_split("/\r\n|\n|\r/", $split); - list($protocol, $code, $text) = explode(' ', trim(array_shift($split)), 3); + list($protocol, $code, $status_message) = explode(' ', trim(array_shift($split)), 3); + $result->protocol = $protocol; + $result->status_message = $status_message; + $result->headers = array(); // Parse headers. @@ -603,7 +607,7 @@ break; default: - $result->error = $text; + $result->error = $status_message; } $result->code = $code; @@ -985,7 +989,7 @@ if ($absolute) { return (bool)preg_match(" /^ # Start at the beginning of the text - (?:ftp|https?):\/\/ # Look for ftp, http, or https schemes + (?:ftp|https?|feed):\/\/ # Look for ftp, http, https or feed schemes (?: # Userinfo (optional) which is typically (?:(?:[\w\.\-\+!$&'\(\)*\+,;=]|%[0-9a-f]{2})+:)* # a username or a username and password (?:[\w\.\-\+%!$&'\(\)*\+,;=]|%[0-9a-f]{2})+@ # combination @@ -1378,42 +1382,48 @@ */ /** - * Generate a URL from a Drupal menu path. Will also pass-through existing URLs. + * Generates an internal or external URL. + * + * When creating links in modules, consider whether l() could be a better + * alternative than url(). * * @param $path - * The Drupal path being linked to, such as "admin/content/node", or an - * existing URL like "http://drupal.org/". The special path - * '' may also be given and will generate the site's base URL. + * The internal path or external URL being linked to, such as "node/34" or + * "http://example.com/foo". A few notes: + * - If you provide a full URL, it will be considered an external URL. + * - If you provide only the path (e.g. "node/34"), it will be + * considered an internal link. In this case, it should be a system URL, + * and it will be replaced with the alias, if one exists. Additional query + * arguments for internal paths must be supplied in $options['query'], not + * included in $path. + * - If you provide an internal path and $options['alias'] is set to TRUE, the + * path is assumed already to be the correct path alias, and the alias is + * not looked up. + * - The special string '' generates a link to the site's base URL. + * - If your external URL contains a query (e.g. http://example.com/foo?a=b), + * then you can either URL encode the query keys and values yourself and + * include them in $path, or use $options['query'] to let this function + * URL encode them. * @param $options - * An associative array of additional options, with the following keys: - * - 'query' - * A URL-encoded query string to append to the link, or an array of query - * key/value-pairs without any URL-encoding. - * - 'fragment' - * A fragment identifier (or named anchor) to append to the link. - * Do not include the '#' character. - * - 'absolute' (default FALSE) - * Whether to force the output to be an absolute link (beginning with - * http:). Useful for links that will be displayed outside the site, such - * as in an RSS feed. - * - 'alias' (default FALSE) - * Whether the given path is an alias already. - * - 'external' - * Whether the given path is an external URL. - * - 'language' - * An optional language object. Used to build the URL to link to and - * look up the proper alias for the link. - * - 'base_url' - * Only used internally, to modify the base URL when a language dependent - * URL requires so. - * - 'prefix' - * Only used internally, to modify the path when a language dependent URL - * requires so. + * An associative array of additional options, with the following elements: + * - 'query': A URL-encoded query string to append to the link, or an array of + * query key/value-pairs without any URL-encoding. + * - 'fragment': A fragment identifier (named anchor) to append to the URL. + * Do not include the leading '#' character. + * - 'absolute' (default FALSE): Whether to force the output to be an absolute + * link (beginning with http:). Useful for links that will be displayed + * outside the site, such as in an RSS feed. + * - 'alias' (default FALSE): Whether the given path is a URL alias already. + * - 'external': Whether the given path is an external URL. + * - 'language': An optional language object. Used to build the URL to link + * to and look up the proper alias for the link. + * - 'base_url': Only used internally, to modify the base URL when a language + * dependent URL requires so. + * - 'prefix': Only used internally, to modify the path when a language + * dependent URL requires so. + * * @return * A string containing a URL to the given path. - * - * When creating links in modules, consider whether l() could be a better - * alternative than url(). */ function url($path = NULL, $options = array()) { // Merge in defaults. @@ -1540,47 +1550,37 @@ } /** - * Format an internal Drupal link. + * Formats an internal or external URL link as an HTML anchor tag. * - * This function correctly handles aliased paths, and allows themes to highlight - * links to the current page correctly, so all internal links output by modules - * should be generated by this function if possible. + * This function correctly handles aliased paths, and adds an 'active' class + * attribute to links that point to the current page (for theming), so all + * internal links output by modules should be generated by this function if + * possible. * * @param $text - * The text to be enclosed with the anchor tag. + * The link text for the anchor tag. * @param $path - * The Drupal path being linked to, such as "admin/content/node". Can be an - * external or internal URL. - * - If you provide the full URL, it will be considered an external URL. - * - If you provide only the path (e.g. "admin/content/node"), it is - * considered an internal link. In this case, it must be a system URL - * as the url() function will generate the alias. - * - If you provide '', it generates a link to the site's - * base URL (again via the url() function). - * - If you provide a path, and 'alias' is set to TRUE (see below), it is - * used as is. + * The internal path or external URL being linked to, such as "node/34" or + * "http://example.com/foo". After the url() function is called to construct + * the URL from $path and $options, the resulting URL is passed through + * check_url() before it is inserted into the HTML anchor tag, to ensure + * well-formed HTML. See url() for more information and notes. * @param $options - * An associative array of additional options, with the following keys: - * - 'attributes' - * An associative array of HTML attributes to apply to the anchor tag. - * - 'query' - * A query string to append to the link, or an array of query key/value - * properties. - * - 'fragment' - * A fragment identifier (named anchor) to append to the link. - * Do not include the '#' character. - * - 'absolute' (default FALSE) - * Whether to force the output to be an absolute link (beginning with - * http:). Useful for links that will be displayed outside the site, such - * as in an RSS feed. - * - 'html' (default FALSE) - * Whether the title is HTML, or just plain-text. For example for making - * an image a link, this must be set to TRUE, or else you will see the - * escaped HTML. - * - 'alias' (default FALSE) - * Whether the given path is an alias already. + * An associative array of additional options, with the following elements: + * - 'attributes': An associative array of HTML attributes to apply to the + * anchor tag. + * - 'html' (default FALSE): Whether $text is HTML or just plain-text. For + * example, to make an image tag into a link, this must be set to TRUE, or + * you will see the escaped HTML image tag. + * - 'language': An optional language object. If the path being linked to is + * internal to the site, $options['language'] is used to look up the alias + * for the URL, and to determine whether the link is "active", or pointing + * to the current page (the language as well as the path must match).This + * element is also used by url(). + * - Additional $options elements used by the url() function. + * * @return - * an HTML string containing a link to the given path. + * An HTML string containing a link to the given path. */ function l($text, $path, $options = array()) { global $language; @@ -2017,10 +2017,21 @@ if ($_optimize) { // Perform some safe CSS optimizations. - $contents = preg_replace('< - \s*([@{}:;,]|\)\s|\s\()\s* | # Remove whitespace around separators, but keep space around parentheses. - /\*([^*\\\\]|\*(?!/))+\*/ # Remove comments that are not CSS hacks. - >x', '\1', $contents); + // Regexp to match comment blocks. + $comment = '/\*[^*]*\*+(?:[^/*][^*]*\*+)*/'; + // Regexp to match double quoted strings. + $double_quot = '"[^"\\\\]*(?:\\\\.[^"\\\\]*)*"'; + // Regexp to match single quoted strings. + $single_quot = "'[^'\\\\]*(?:\\\\.[^'\\\\]*)*'"; + $contents = preg_replace_callback( + "<$double_quot|$single_quot|$comment>Sus", // Match all comment blocks along + "_process_comment", // with double/single quoted strings + $contents); // and feed them to _process_comment(). + $contents = preg_replace( + '<\s*([@{}:;,]|\)\s|\s\()\s*>S', // Remove whitespace around separators, + '\1', $contents); // but keep space around parentheses. + // End the file with a new line. + $contents .= "\n"; } // Change back directory. @@ -2031,6 +2042,41 @@ } /** + * Process comment blocks. + * + * This is the callback function for the preg_replace_callback() + * used in drupal_load_stylesheet_content(). Support for comment + * hacks is implemented here. + */ +function _process_comment($matches) { + static $keep_nextone = FALSE; + + // Quoted string, keep it. + if ($matches[0][0] == "'" || $matches[0][0] == '"') { + return $matches[0]; + } + // End of IE-Mac hack, keep it. + if ($keep_nextone) { + $keep_nextone = FALSE; + return $matches[0]; + } + switch (strrpos($matches[0], '\\')) { + case FALSE : + // No backslash, strip it. + return ''; + + case drupal_strlen($matches[0])-3 : + // Ends with \*/ so is a multi line IE-Mac hack, keep the next one also. + $keep_nextone = TRUE; + return '/*_\*/'; + + default : + // Single line IE-Mac hack. + return '/*\_*/'; + } +} + +/** * Loads stylesheets recursively and returns contents with corrected paths. * * This function is used for recursive loading of stylesheets and @@ -2040,8 +2086,16 @@ $filename = $matches[1]; // Load the imported stylesheet and replace @import commands in there as well. $file = drupal_load_stylesheet($filename); - // Alter all url() paths, but not external. - return preg_replace('/url\(([\'"]?)(?![a-z]+:)([^\'")]+)[\'"]?\)?;/i', 'url(\1'. dirname($filename) .'/', $file); + // Determine the file's directory. + $directory = dirname($filename); + // If the file is in the current directory, make sure '.' doesn't appear in + // the url() path. + $directory = $directory == '.' ? '' : $directory .'/'; + + // Alter all internal url() paths. Leave external paths alone. We don't need + // to normalize absolute paths here (i.e. remove folder/... segments) because + // that will be done later. + return preg_replace('/url\s*\(([\'"]?)(?![a-z]+:|\/+)/i', 'url(\1'. $directory, $file); } /** @@ -2408,8 +2462,8 @@ // Build aggregate JS file. foreach ($files as $path => $info) { if ($info['preprocess']) { - // Append a ';' after each JS file to prevent them from running together. - $contents .= file_get_contents($path) .';'; + // Append a ';' and a newline after each JS file to prevent them from running together. + $contents .= file_get_contents($path) .";\n"; } } @@ -2626,13 +2680,13 @@ /** * Store the current page in the cache. * - * We try to store a gzipped version of the cache. This requires the - * PHP zlib extension (http://php.net/manual/en/ref.zlib.php). - * Presence of the extension is checked by testing for the function - * gzencode. There are two compression algorithms: gzip and deflate. - * The majority of all modern browsers support gzip or both of them. - * We thus only deal with the gzip variant and unzip the cache in case - * the browser does not accept gzip encoding. + * If page_compression is enabled, a gzipped version of the page is stored in + * the cache to avoid compressing the output on each request. The cache entry + * is unzipped in the relatively rare event that the page is requested by a + * client without gzip support. + * + * Page compression requires the PHP zlib extension + * (http://php.net/manual/en/ref.zlib.php). * * @see drupal_page_header */ @@ -2642,23 +2696,11 @@ if (!$user->uid && $_SERVER['REQUEST_METHOD'] == 'GET' && page_get_cache(TRUE)) { // This will fail in some cases, see page_get_cache() for the explanation. if ($data = ob_get_contents()) { - $cache = TRUE; - if (variable_get('page_compression', TRUE) && function_exists('gzencode')) { - // We do not store the data in case the zlib mode is deflate. - // This should be rarely happening. - if (zlib_get_coding_type() == 'deflate') { - $cache = FALSE; - } - else if (zlib_get_coding_type() == FALSE) { - $data = gzencode($data, 9, FORCE_GZIP); - } - // The remaining case is 'gzip' which means the data is - // already compressed and nothing left to do but to store it. + if (variable_get('page_compression', TRUE) && extension_loaded('zlib')) { + $data = gzencode($data, 9, FORCE_GZIP); } ob_end_flush(); - if ($cache && $data) { - cache_set($base_root . request_uri(), $data, 'cache_page', CACHE_TEMPORARY, drupal_get_headers()); - } + cache_set($base_root . request_uri(), $data, 'cache_page', CACHE_TEMPORARY, drupal_get_headers()); } } } @@ -2793,9 +2835,11 @@ /** - * This dispatch function hands off structured Drupal arrays to type-specific - * *_alter implementations. It ensures a consistent interface for all altering - * operations. + * Hands off alterable variables to type-specific *_alter implementations. + * + * This dispatch function hands off the passed in variables to type-specific + * hook_TYPE_alter() implementations in modules. It ensures a consistent + * interface for all altering operations. * * @param $type * The data type of the structured array. 'form', 'links', @@ -2845,9 +2889,16 @@ * Renders HTML given a structured array tree. * * Recursively iterates over each of the array elements, generating HTML code. - * This function is usually called from within a another function, like + * This function is usually called from within another function, like * drupal_get_form() or node_view(). * + * drupal_render() flags each element with a '#printed' status to indicate that + * the element has been rendered, which allows individual elements of a given + * array to be rendered independently. This prevents elements from being + * rendered more than once on subsequent calls to drupal_render() if, for example, + * they are part of a larger array. If the same array or array element is passed + * more than once to drupal_render(), it simply returns a NULL value. + * * @param $elements * The structured array describing the data to be rendered. * @return @@ -3313,7 +3364,7 @@ */ function drupal_get_schema_unprocessed($module, $table = NULL) { // Load the .install file to get hook_schema. - module_load_include('install', $module); + module_load_install($module); $schema = module_invoke($module, 'schema'); if (!is_null($table) && isset($schema[$table])) { @@ -3641,6 +3692,8 @@ /** * Explode a string of given tags into an array. + * + * @see drupal_implode_tags() */ function drupal_explode_tags($tags) { // This regexp allows the following types of user input: @@ -3665,6 +3718,8 @@ /** * Implode an array of tags into a string. + * + * @see drupal_explode_tags() */ function drupal_implode_tags($tags) { $encoded_tags = array(); diff -Nru drupal6-6.16/includes/database.inc drupal6-6.19/includes/database.inc --- drupal6-6.16/includes/database.inc 2010-02-01 16:32:10.000000000 +0000 +++ drupal6-6.19/includes/database.inc 2010-08-18 09:52:58.000000000 +0100 @@ -1,5 +1,5 @@ = 0)"; - } - else { - $sql .= '_unsigned'; - } - } if (in_array($spec['type'], array('varchar', 'char', 'text')) && isset($spec['length'])) { $sql .= '('. $spec['length'] .')'; @@ -595,6 +587,10 @@ $sql .= '('. $spec['precision'] .', '. $spec['scale'] .')'; } + if (!empty($spec['unsigned'])) { + $sql .= " CHECK ($name >= 0)"; + } + if (isset($spec['not null']) && $spec['not null']) { $sql .= ' NOT NULL'; } diff -Nru drupal6-6.16/includes/file.inc drupal6-6.19/includes/file.inc --- drupal6-6.16/includes/file.inc 2010-03-01 09:51:16.000000000 +0000 +++ drupal6-6.19/includes/file.inc 2010-08-18 09:52:58.000000000 +0100 @@ -1,5 +1,5 @@ filepath : $source; @@ -344,11 +359,23 @@ /** * Modify a filename as needed for security purposes. * - * Dangerous file names will be altered; for instance, the file name - * "exploit.php.pps" will become "exploit.php_.pps". All extensions that are + * Munging a file name prevents unknown file extensions from masking exploit + * files. When web servers such as Apache decide how to process a URL request, + * they use the file extension. If the extension is not recognized, Apache + * skips that extension and uses the previous file extension. For example, if + * the file being requested is exploit.php.pps, and Apache does not recognize + * the '.pps' extension, it treats the file as PHP and executes it. To make + * this file name safe for Apache and prevent it from executing as PHP, the + * .php extension is "munged" into .php_, making the safe file name + * exploit.php_.pps. + * + * Specifically, this function adds an underscore to all extensions that are * between 2 and 5 characters in length, internal to the file name, and not - * included in $extensions will be altered by adding an underscore. If variable - * 'allow_insecure_uploads' evaluates to TRUE, no alterations will be made. + * included in $extensions. + * + * Function behavior is also controlled by the Drupal variable + * 'allow_insecure_uploads'. If 'allow_insecure_uploads' evaluates to TRUE, no + * alterations will be made, if it evaluates to FALSE, the filename is 'munged'. * * @param $filename * File name to modify. @@ -558,7 +585,7 @@ } // Rename potentially executable files, to help prevent exploits. - if (preg_match('/\.(php|pl|py|cgi|asp|js)$/i', $file->filename) && (substr($file->filename, -4) != '.txt')) { + if (preg_match('/\.(php|pl|py|cgi|asp|js)$/i', $file->filename) && (substr($file->filename, -4) != '.txt')) { $file->filemime = 'text/plain'; $file->filepath .= '.txt'; $file->filename .= '.txt'; diff -Nru drupal6-6.16/includes/form.inc drupal6-6.19/includes/form.inc --- drupal6-6.16/includes/form.inc 2010-03-01 09:24:22.000000000 +0000 +++ drupal6-6.19/includes/form.inc 2010-08-18 09:52:58.000000000 +0100 @@ -1,5 +1,5 @@ filename)) { - list($nplurals, $plural) = $p; - db_query("UPDATE {languages} SET plurals = %d, formula = '%s' WHERE language = '%s'", $nplurals, $plural, $lang); - } - else { - db_query("UPDATE {languages} SET plurals = %d, formula = '%s' WHERE language = '%s'", 0, '', $lang); + $languages = language_list(); + if (($mode != LOCALE_IMPORT_KEEP) || empty($languages[$lang]->plurals)) { + // Since we only need to parse the header if we ought to update the + // plural formula, only run this if we don't need to keep existing + // data untouched or if we don't have an existing plural formula. + $header = _locale_import_parse_header($value['msgstr']); + + // Get the plural formula and update in database. + if (isset($header["Plural-Forms"]) && $p = _locale_import_parse_plural_forms($header["Plural-Forms"], $file->filename)) { + list($nplurals, $plural) = $p; + db_query("UPDATE {languages} SET plurals = %d, formula = '%s' WHERE language = '%s'", $nplurals, $plural, $lang); + } + else { + db_query("UPDATE {languages} SET plurals = %d, formula = '%s' WHERE language = '%s'", 0, '', $lang); + } } $headerdone = TRUE; } diff -Nru drupal6-6.16/includes/lock.inc drupal6-6.19/includes/lock.inc --- drupal6-6.16/includes/lock.inc 2010-02-01 16:49:14.000000000 +0000 +++ drupal6-6.19/includes/lock.inc 2010-08-18 09:52:58.000000000 +0100 @@ -1,5 +1,5 @@ ). * * @param $text * The text to decode entities in. * @param $exclude * An array of characters which should not be decoded. For example, * array('<', '&', '"'). This affects both named and numerical entities. + * + * @return + * The input $text, with all HTML entities decoded once. */ function decode_entities($text, $exclude = array()) { static $table; diff -Nru drupal6-6.16/includes/xmlrpc.inc drupal6-6.19/includes/xmlrpc.inc --- drupal6-6.16/includes/xmlrpc.inc 2009-01-14 21:36:16.000000000 +0000 +++ drupal6-6.19/includes/xmlrpc.inc 2010-08-18 09:52:58.000000000 +0100 @@ -1,5 +1,5 @@ message = preg_replace('/<\?xml(.*)?\?'.'>/', '', $xmlrpc_message->message); - if (trim($xmlrpc_message->message) == '') { - return FALSE; - } $xmlrpc_message->_parser = xml_parser_create(); // Set XML parser to take the case of tags into account. xml_parser_set_option($xmlrpc_message->_parser, XML_OPTION_CASE_FOLDING, FALSE); @@ -175,7 +170,10 @@ xml_parser_free($xmlrpc_message->_parser); // Grab the error messages, if any $xmlrpc_message = xmlrpc_message_get(); - if ($xmlrpc_message->messagetype == 'fault') { + if (!isset($xmlrpc_message->messagetype)) { + return FALSE; + } + elseif ($xmlrpc_message->messagetype == 'fault') { $xmlrpc_message->fault_code = $xmlrpc_message->params[0]['faultCode']; $xmlrpc_message->fault_string = $xmlrpc_message->params[0]['faultString']; } diff -Nru drupal6-6.16/includes/xmlrpcs.inc drupal6-6.19/includes/xmlrpcs.inc --- drupal6-6.16/includes/xmlrpcs.inc 2009-12-07 11:36:28.000000000 +0000 +++ drupal6-6.19/includes/xmlrpcs.inc 2010-08-18 09:52:58.000000000 +0100 @@ -1,5 +1,5 @@ is_error) { + if (is_object($result) && !empty($result->is_error)) { $return[] = array( 'faultCode' => $result->code, 'faultString' => $result->message diff -Nru drupal6-6.16/install.php drupal6-6.19/install.php --- drupal6-6.16/install.php 2010-03-01 09:36:01.000000000 +0000 +++ drupal6-6.19/install.php 2010-08-18 09:52:58.000000000 +0100 @@ -1,5 +1,5 @@ $feed['title'])); drupal_set_message(t('There is new syndicated content from %site.', array('%site' => $feed['title']))); - break; } - $result->error = t('feed not parseable'); - // Deliberate no break. + break; default: watchdog('aggregator', 'The feed from %site seems to be broken, due to "%error".', array('%site' => $feed['title'], '%error' => $result->code .' '. $result->error), WATCHDOG_WARNING); drupal_set_message(t('The feed from %site seems to be broken, because of error "%error".', array('%site' => $feed['title'], '%error' => $result->code .' '. $result->error))); diff -Nru drupal6-6.16/modules/block/block.info drupal6-6.19/modules/block/block.info --- drupal6-6.16/modules/block/block.info 2010-03-04 00:20:08.000000000 +0000 +++ drupal6-6.19/modules/block/block.info 2010-08-18 09:52:58.000000000 +0100 @@ -5,8 +5,8 @@ version = VERSION core = 6.x -; Information added by drupal.org packaging script on 2010-03-04 -version = "6.16" +; Information added by drupal.org packaging script on 2010-08-11 +version = "6.19" project = "drupal" -datestamp = "1267662008" +datestamp = "1281559292" diff -Nru drupal6-6.16/modules/blog/blog.info drupal6-6.19/modules/blog/blog.info --- drupal6-6.16/modules/blog/blog.info 2010-03-04 00:20:08.000000000 +0000 +++ drupal6-6.19/modules/blog/blog.info 2010-08-18 09:52:58.000000000 +0100 @@ -5,8 +5,8 @@ version = VERSION core = 6.x -; Information added by drupal.org packaging script on 2010-03-04 -version = "6.16" +; Information added by drupal.org packaging script on 2010-08-11 +version = "6.19" project = "drupal" -datestamp = "1267662008" +datestamp = "1281559292" diff -Nru drupal6-6.16/modules/blogapi/blogapi.info drupal6-6.19/modules/blogapi/blogapi.info --- drupal6-6.16/modules/blogapi/blogapi.info 2010-03-04 00:20:08.000000000 +0000 +++ drupal6-6.19/modules/blogapi/blogapi.info 2010-08-18 09:52:58.000000000 +0100 @@ -5,8 +5,8 @@ version = VERSION core = 6.x -; Information added by drupal.org packaging script on 2010-03-04 -version = "6.16" +; Information added by drupal.org packaging script on 2010-08-11 +version = "6.19" project = "drupal" -datestamp = "1267662008" +datestamp = "1281559292" diff -Nru drupal6-6.16/modules/book/book.info drupal6-6.19/modules/book/book.info --- drupal6-6.16/modules/book/book.info 2010-03-04 00:20:08.000000000 +0000 +++ drupal6-6.19/modules/book/book.info 2010-08-18 09:52:58.000000000 +0100 @@ -5,8 +5,8 @@ version = VERSION core = 6.x -; Information added by drupal.org packaging script on 2010-03-04 -version = "6.16" +; Information added by drupal.org packaging script on 2010-08-11 +version = "6.19" project = "drupal" -datestamp = "1267662008" +datestamp = "1281559292" diff -Nru drupal6-6.16/modules/book/book.pages.inc drupal6-6.19/modules/book/book.pages.inc --- drupal6-6.16/modules/book/book.pages.inc 2008-08-14 00:59:13.000000000 +0100 +++ drupal6-6.19/modules/book/book.pages.inc 2010-08-18 09:52:58.000000000 +0100 @@ -1,5 +1,5 @@ uid && $user->uid == $comment->uid && comment_num_replies($comment->cid) == 0) || user_access('administer comments'); + return ($user->uid && $user->uid == $comment->uid && comment_num_replies($comment->cid) == 0 && $comment->status == COMMENT_PUBLISHED) || user_access('administer comments'); } } @@ -949,7 +949,7 @@ if ($comment = db_fetch_object($result)) { $comment->name = $comment->uid ? $comment->registered_name : $comment->name; $links = module_invoke_all('link', 'comment', $comment, 1); - drupal_alter('link', $links, $node); + drupal_alter('link', $links, $node, $comment); $output .= theme('comment_view', $comment, $node, $links); } @@ -1744,7 +1744,7 @@ */ function theme_comment_flat_expanded($comment, $node) { $links = module_invoke_all('link', 'comment', $comment, 0); - drupal_alter('link', $links, $node); + drupal_alter('link', $links, $node, $comment); return theme('comment_view', $comment, $node, $links); } @@ -1772,7 +1772,7 @@ */ function theme_comment_thread_expanded($comment, $node) { $links = module_invoke_all('link', 'comment', $comment, 0); - drupal_alter('link', $links, $node); + drupal_alter('link', $links, $node, $comment); return theme('comment_view', $comment, $node, $links); } @@ -2033,6 +2033,14 @@ */ function comment_action_info() { return array( + 'comment_publish_action' => array( + 'description' => t('Publish comment'), + 'type' => 'comment', + 'configurable' => FALSE, + 'hooks' => array( + 'comment' => array('insert', 'update'), + ), + ), 'comment_unpublish_action' => array( 'description' => t('Unpublish comment'), 'type' => 'comment', @@ -2053,12 +2061,37 @@ } /** - * Drupal action to unpublish a comment. + * Action to publish a comment. * + * @param $comment + * An optional comment object. * @param $context * Keyed array. Must contain the id of the comment if $comment is not passed. + * + * @ingroup actions + */ +function comment_publish_action($comment, $context = array()) { + if (isset($comment->cid)) { + $cid = $comment->cid; + $subject = $comment->subject; + } + else { + $cid = $context['cid']; + $subject = db_result(db_query("SELECT subject FROM {comments} WHERE cid = %d", $cid)); + } + db_query('UPDATE {comments} SET status = %d WHERE cid = %d', COMMENT_PUBLISHED, $cid); + watchdog('action', 'Published comment %subject.', array('%subject' => $subject)); +} + +/** + * Action to unpublish a comment. + * * @param $comment * An optional comment object. + * @param $context + * Keyed array. Must contain the id of the comment if $comment is not passed. + * + * @ingroup actions */ function comment_unpublish_action($comment, $context = array()) { if (isset($comment->cid)) { @@ -2074,9 +2107,35 @@ } /** + * Action to unpublish a comment if it contains a certain string. + * + * @param $comment + * A comment object. + * @param $context + * An array providing more information about the context of the call to this action. + * Unused here, since this action currently only supports the insert and update ops of + * the comment hook, both of which provide a complete $comment object. + * + * @ingroup actions + * @see comment_unpublish_by_keyword_action_form() + * @see comment_unpublish_by_keyword_action_submit() + */ +function comment_unpublish_by_keyword_action($comment, $context) { + foreach ($context['keywords'] as $keyword) { + if (strpos($comment->comment, $keyword) !== FALSE || strpos($comment->subject, $keyword) !== FALSE) { + db_query('UPDATE {comments} SET status = %d WHERE cid = %d', COMMENT_NOT_PUBLISHED, $comment->cid); + watchdog('action', 'Unpublished comment %subject.', array('%subject' => $comment->subject)); + break; + } + } +} + +/** * Form builder; Prepare a form for blacklisted keywords. * * @ingroup forms + * @see comment_unpublish_by_keyword_action() + * @see comment_unpublish_by_keyword_action_submit() */ function comment_unpublish_by_keyword_action_form($context) { $form['keywords'] = array( @@ -2090,28 +2149,9 @@ /** * Process comment_unpublish_by_keyword_action_form form submissions. + * + * @see comment_unpublish_by_keyword_action() */ function comment_unpublish_by_keyword_action_submit($form, $form_state) { return array('keywords' => drupal_explode_tags($form_state['values']['keywords'])); } - -/** - * Implementation of a configurable Drupal action. - * Unpublish a comment if it contains a certain string. - * - * @param $context - * An array providing more information about the context of the call to this action. - * Unused here since this action currently only supports the insert and update ops of - * the comment hook, both of which provide a complete $comment object. - * @param $comment - * A comment object. - */ -function comment_unpublish_by_keyword_action($comment, $context) { - foreach ($context['keywords'] as $keyword) { - if (strstr($comment->comment, $keyword) || strstr($comment->subject, $keyword)) { - db_query('UPDATE {comments} SET status = %d WHERE cid = %d', COMMENT_NOT_PUBLISHED, $comment->cid); - watchdog('action', 'Unpublished comment %subject.', array('%subject' => $comment->subject)); - break; - } - } -} diff -Nru drupal6-6.16/modules/contact/contact.info drupal6-6.19/modules/contact/contact.info --- drupal6-6.16/modules/contact/contact.info 2010-03-04 00:20:08.000000000 +0000 +++ drupal6-6.19/modules/contact/contact.info 2010-08-18 09:52:58.000000000 +0100 @@ -5,8 +5,8 @@ version = VERSION core = 6.x -; Information added by drupal.org packaging script on 2010-03-04 -version = "6.16" +; Information added by drupal.org packaging script on 2010-08-11 +version = "6.19" project = "drupal" -datestamp = "1267662008" +datestamp = "1281559292" diff -Nru drupal6-6.16/modules/dblog/dblog.info drupal6-6.19/modules/dblog/dblog.info --- drupal6-6.16/modules/dblog/dblog.info 2010-03-04 00:20:08.000000000 +0000 +++ drupal6-6.19/modules/dblog/dblog.info 2010-08-18 09:52:58.000000000 +0100 @@ -5,8 +5,8 @@ version = VERSION core = 6.x -; Information added by drupal.org packaging script on 2010-03-04 -version = "6.16" +; Information added by drupal.org packaging script on 2010-08-11 +version = "6.19" project = "drupal" -datestamp = "1267662008" +datestamp = "1281559292" diff -Nru drupal6-6.16/modules/filter/filter.info drupal6-6.19/modules/filter/filter.info --- drupal6-6.16/modules/filter/filter.info 2010-03-04 00:20:08.000000000 +0000 +++ drupal6-6.19/modules/filter/filter.info 2010-08-18 09:52:58.000000000 +0100 @@ -5,8 +5,8 @@ version = VERSION core = 6.x -; Information added by drupal.org packaging script on 2010-03-04 -version = "6.16" +; Information added by drupal.org packaging script on 2010-08-11 +version = "6.19" project = "drupal" -datestamp = "1267662008" +datestamp = "1281559292" diff -Nru drupal6-6.16/modules/filter/filter.module drupal6-6.19/modules/filter/filter.module --- drupal6-6.16/modules/filter/filter.module 2010-03-01 10:54:29.000000000 +0000 +++ drupal6-6.19/modules/filter/filter.module 2010-08-18 09:52:58.000000000 +0100 @@ -1,5 +1,5 @@ ]+?)>/', $text, -1, PREG_SPLIT_DELIM_CAPTURE); + $split = preg_split('/<(!--.*?--|[^>]+?)>/s', $text, -1, PREG_SPLIT_DELIM_CAPTURE); // Note: PHP ensures the array consists of alternating delimiters and literals // and begins and ends with a literal (inserting $null as required). @@ -787,37 +796,43 @@ foreach ($split as $value) { // Process HTML tags. if ($tag) { - list($tagname) = explode(' ', strtolower($value), 2); - // Closing tag - if ($tagname{0} == '/') { - $tagname = substr($tagname, 1); - // Discard XHTML closing tags for single use tags. - if (!isset($single_use[$tagname])) { - // See if we possibly have a matching opening tag on the stack. - if (in_array($tagname, $stack)) { - // Close other tags lingering first. - do { - $output .= ''; - } while (array_shift($stack) != $tagname); - } - // Otherwise, discard it. - } + // Passthrough comments. + if (substr($value, 0, 3) == '!--') { + $output .= '<'. $value .'>'; } - // Opening tag else { - // See if we have an identical 'no nesting' tag already open and close it if found. - if (count($stack) && ($stack[0] == $tagname) && isset($no_nesting[$stack[0]])) { - $output .= ''; - } - // Push non-single-use tags onto the stack - if (!isset($single_use[$tagname])) { - array_unshift($stack, $tagname); + list($tagname) = preg_split('/\s/', strtolower($value), 2); + // Closing tag + if ($tagname{0} == '/') { + $tagname = substr($tagname, 1); + // Discard XHTML closing tags for single use tags. + if (!isset($single_use[$tagname])) { + // See if we possibly have a matching opening tag on the stack. + if (in_array($tagname, $stack)) { + // Close other tags lingering first. + do { + $output .= ''; + } while (array_shift($stack) != $tagname); + } + // Otherwise, discard it. + } } - // Add trailing slash to single-use tags as per X(HT)ML. + // Opening tag else { - $value = rtrim($value, ' /') .' /'; + // See if we have an identical 'no nesting' tag already open and close it if found. + if (count($stack) && ($stack[0] == $tagname) && isset($no_nesting[$stack[0]])) { + $output .= ''; + } + // Push non-single-use tags onto the stack + if (!isset($single_use[$tagname])) { + array_unshift($stack, $tagname); + } + // Add trailing slash to single-use tags as per X(HT)ML. + else { + $value = rtrim($value, ' /') .' /'; + } + $output .= '<'. $value .'>'; } - $output .= '<'. $value .'>'; } } else { @@ -882,7 +897,7 @@ // We don't apply any processing to the contents of these tags to avoid messing // up code. We look for matched pairs and allow basic nesting. For example: // "processed 
 ignored  ignored
processed" - $chunks = preg_split('@(]*>)@i', $text, -1, PREG_SPLIT_DELIM_CAPTURE); + $chunks = preg_split('@(<(?:!--.*?--|/?(?:pre|script|style|object)[^>]*)>)@si', $text, -1, PREG_SPLIT_DELIM_CAPTURE); // Note: PHP ensures the array consists of alternating delimiters and literals // and begins and ends with a literal (inserting NULL as required). $ignore = FALSE; @@ -890,19 +905,25 @@ $output = ''; foreach ($chunks as $i => $chunk) { if ($i % 2) { - // Opening or closing tag? - $open = ($chunk[1] != '/'); - list($tag) = split('[ >]', substr($chunk, 2 - $open), 2); - if (!$ignore) { - if ($open) { - $ignore = TRUE; - $ignoretag = $tag; - } + // Passthrough comments. + if (substr($chunk, 1, 3) == '!--') { + $output .= $chunk; } - // Only allow a matching tag to close it. - else if (!$open && $ignoretag == $tag) { - $ignore = FALSE; - $ignoretag = ''; + else { + // Opening or closing tag? + $open = ($chunk[1] != '/'); + list($tag) = split('[ >]', substr($chunk, 2 - $open), 2); + if (!$ignore) { + if ($open) { + $ignore = TRUE; + $ignoretag = $tag; + } + } + // Only allow a matching tag to close it. + else if (!$open && $ignoretag == $tag) { + $ignore = FALSE; + $ignoretag = ''; + } } } else if (!$ignore) { @@ -911,7 +932,8 @@ $chunk = preg_replace('!(<'. $block .'[^>]*>)!', "\n$1", $chunk); // Space things out a little $chunk = preg_replace('!()!', "$1\n\n", $chunk); // Space things out a little $chunk = preg_replace("/\n\n+/", "\n\n", $chunk); // take care of duplicates - $chunk = preg_replace('/\n?(.+?)(?:\n\s*\n|\z)/s', "

$1

\n", $chunk); // make paragraphs, including one at the end + $chunk = preg_replace('/^\n|\n\s*\n$/', '', $chunk); + $chunk = '

'. preg_replace('/\n\s*\n\n?(.)/', "

\n

$1", $chunk) ."

\n"; // make paragraphs, including one at the end $chunk = preg_replace("|

(|", "$1", $chunk); // problem with nested lists $chunk = preg_replace('|

]*)>|i', "

", $chunk); $chunk = str_replace('

', '

', $chunk); @@ -943,23 +965,30 @@ } /** - * Filters XSS. Based on kses by Ulf Harnhammar, see - * http://sourceforge.net/projects/kses + * Filters an HTML string to prevent cross-site-scripting (XSS) vulnerabilities. * - * For examples of various XSS attacks, see: - * http://ha.ckers.org/xss.html + * Based on kses by Ulf Harnhammar, see http://sourceforge.net/projects/kses. + * For examples of various XSS attacks, see http://ha.ckers.org/xss.html. * * This code does four things: - * - Removes characters and constructs that can trick browsers - * - Makes sure all HTML entities are well-formed - * - Makes sure all HTML tags and attributes are well-formed - * - Makes sure no HTML tags contain URLs with a disallowed protocol (e.g. javascript:) + * - Removes characters and constructs that can trick browsers. + * - Makes sure all HTML entities are well-formed. + * - Makes sure all HTML tags and attributes are well-formed. + * - Makes sure no HTML tags contain URLs with a disallowed protocol (e.g. + * javascript:). * * @param $string - * The string with raw HTML in it. It will be stripped of everything that can cause - * an XSS attack. + * The string with raw HTML in it. It will be stripped of everything that can + * cause an XSS attack. * @param $allowed_tags * An array of allowed tags. + * + * @return + * An XSS safe version of $string, or an empty string if $string is not + * valid UTF-8. + * + * @see drupal_validate_utf8() + * @ingroup sanitization */ function filter_xss($string, $allowed_tags = array('a', 'em', 'strong', 'cite', 'code', 'ul', 'ol', 'li', 'dl', 'dt', 'dd')) { // Only operate on valid UTF-8 strings. This is necessary to prevent cross @@ -988,6 +1017,8 @@ ( <(?=[^a-zA-Z!/]) # a lone < | # or + # a comment + | # or <[^>]*(>|$) # a string that starts with a <, up until the > or the end of the string | # or > # just a > @@ -1026,7 +1057,7 @@ return '<'; } - if (!preg_match('%^<\s*(/\s*)?([a-zA-Z0-9]+)([^>]*)>?$%', $string, $matches)) { + if (!preg_match('%^(?:<\s*(/\s*)?([a-zA-Z0-9]+)([^>]*)>?|())$%', $string, $matches)) { // Seriously malformed return ''; } @@ -1034,12 +1065,21 @@ $slash = trim($matches[1]); $elem = &$matches[2]; $attrlist = &$matches[3]; + $comment = &$matches[4]; + + if ($comment) { + $elem = '!--'; + } if (!isset($allowed_html[strtolower($elem)])) { // Disallowed HTML element return ''; } + if ($comment) { + return $comment; + } + if ($slash != '') { return ""; } diff -Nru drupal6-6.16/modules/forum/forum.info drupal6-6.19/modules/forum/forum.info --- drupal6-6.16/modules/forum/forum.info 2010-03-04 00:20:08.000000000 +0000 +++ drupal6-6.19/modules/forum/forum.info 2010-08-18 09:52:58.000000000 +0100 @@ -7,8 +7,8 @@ version = VERSION core = 6.x -; Information added by drupal.org packaging script on 2010-03-04 -version = "6.16" +; Information added by drupal.org packaging script on 2010-08-11 +version = "6.19" project = "drupal" -datestamp = "1267662008" +datestamp = "1281559292" diff -Nru drupal6-6.16/modules/help/help.info drupal6-6.19/modules/help/help.info --- drupal6-6.16/modules/help/help.info 2010-03-04 00:20:08.000000000 +0000 +++ drupal6-6.19/modules/help/help.info 2010-08-18 09:52:58.000000000 +0100 @@ -5,8 +5,8 @@ version = VERSION core = 6.x -; Information added by drupal.org packaging script on 2010-03-04 -version = "6.16" +; Information added by drupal.org packaging script on 2010-08-11 +version = "6.19" project = "drupal" -datestamp = "1267662008" +datestamp = "1281559292" diff -Nru drupal6-6.16/modules/locale/locale.info drupal6-6.19/modules/locale/locale.info --- drupal6-6.16/modules/locale/locale.info 2010-03-04 00:20:08.000000000 +0000 +++ drupal6-6.19/modules/locale/locale.info 2010-08-18 09:52:58.000000000 +0100 @@ -5,8 +5,8 @@ version = VERSION core = 6.x -; Information added by drupal.org packaging script on 2010-03-04 -version = "6.16" +; Information added by drupal.org packaging script on 2010-08-11 +version = "6.19" project = "drupal" -datestamp = "1267662008" +datestamp = "1281559292" diff -Nru drupal6-6.16/modules/menu/menu.admin.inc drupal6-6.19/modules/menu/menu.admin.inc --- drupal6-6.16/modules/menu/menu.admin.inc 2009-12-16 20:47:10.000000000 +0000 +++ drupal6-6.19/modules/menu/menu.admin.inc 2010-08-18 09:52:58.000000000 +0100 @@ -1,5 +1,5 @@ body = drupal_render($node->content); // Fetch comments for snippet. - $node->body .= module_invoke('comment', 'nodeapi', $node, 'update index'); + if (module_exists('comment')) { + $node->body .= comment_nodeapi($node, 'update index'); + } // Fetch terms for snippet. - $node->body .= module_invoke('taxonomy', 'nodeapi', $node, 'update index'); + if (module_exists('taxonomy')) { + $node->body .= taxonomy_nodeapi($node, 'update index'); + } $extra = node_invoke_nodeapi($node, 'search result'); $results[] = array( @@ -2183,13 +2190,13 @@ } /** - * This function will call module invoke to get a list of grants and then - * write them to the database. It is called at node save, and should be - * called by modules whenever something other than a node_save causes - * the permissions on a node to change. + * Gets the list of node access grants and writes them to the database. * - * This function is the only function that should write to the node_access - * table. + * This function is called when a node is saved, and can also be called by + * modules if something other than a node save causes node access permissions + * to change. It collects all node access grants for the node from + * hook_node_access_records() implementations and saves the collected + * grants to the database. * * @param $node * The $node to acquire grants for. @@ -2213,12 +2220,12 @@ } /** - * This function will write a list of grants to the database, deleting - * any pre-existing grants. If a realm is provided, it will only - * delete grants from that realm, but it will always delete a grant - * from the 'all' realm. Modules which utilize node_access can - * use this function when doing mass updates due to widespread permission - * changes. + * Writes a list of grants to the database, deleting any previously saved ones. + * + * If a realm is provided, it will only delete grants from that realm, but it + * will always delete a grant from the 'all' realm. Modules that utilize + * node_access can use this function when doing mass updates due to widespread + * permission changes. * * @param $node * The $node being written to. All that is necessary is that it contain a nid. @@ -2376,7 +2383,7 @@ node_access_acquire_grants($loaded_node); } $context['sandbox']['progress']++; - $context['sandbox']['current_node'] = $loaded_node->nid; + $context['sandbox']['current_node'] = $row['nid']; } // Multistep processing : report progress. diff -Nru drupal6-6.16/modules/openid/openid.info drupal6-6.19/modules/openid/openid.info --- drupal6-6.16/modules/openid/openid.info 2010-03-04 00:20:08.000000000 +0000 +++ drupal6-6.19/modules/openid/openid.info 2010-08-18 09:52:58.000000000 +0100 @@ -5,8 +5,8 @@ package = Core - optional core = 6.x -; Information added by drupal.org packaging script on 2010-03-04 -version = "6.16" +; Information added by drupal.org packaging script on 2010-08-11 +version = "6.19" project = "drupal" -datestamp = "1267662008" +datestamp = "1281559292" diff -Nru drupal6-6.16/modules/openid/openid.install drupal6-6.19/modules/openid/openid.install --- drupal6-6.16/modules/openid/openid.install 2009-01-06 15:46:37.000000000 +0000 +++ drupal6-6.19/modules/openid/openid.install 2010-08-18 09:52:58.000000000 +0100 @@ -1,5 +1,5 @@ array('assoc_handle'), ); + $schema['openid_nonce'] = array( + 'description' => 'Stores received openid.response_nonce per OpenID endpoint URL to prevent replay attacks.', + 'fields' => array( + 'idp_endpoint_uri' => array( + 'type' => 'varchar', + 'length' => 255, + 'description' => 'URI of the OpenID Provider endpoint.', + ), + 'nonce' => array( + 'type' => 'varchar', + 'length' => 255, + 'description' => 'The value of openid.response_nonce' + ), + 'expires' => array( + 'type' => 'int', + 'not null' => TRUE, + 'default' => 0, + 'description' => 'A Unix timestamp indicating when the entry should expire.', + ), + ), + 'indexes' => array( + 'nonce' => array('nonce'), + 'expires' => array('expires'), + ), + ); + return $schema; } + +/** + * @defgroup updates-6.x-extra Extra openid updates for 6.x + * @{ + */ + +/** + * Add the openid_nonce table. + * + * Implementation of hook_update_N(). + */ +function openid_update_6000() { + $ret = array(); + + $schema['openid_nonce'] = array( + 'description' => 'Stores received openid.response_nonce per OpenID endpoint URL to prevent replay attacks.', + 'fields' => array( + 'idp_endpoint_uri' => array( + 'type' => 'varchar', + 'length' => 255, + 'description' => 'URI of the OpenID Provider endpoint.', + ), + 'nonce' => array( + 'type' => 'varchar', + 'length' => 255, + 'description' => 'The value of openid.response_nonce' + ), + 'expires' => array( + 'type' => 'int', + 'not null' => TRUE, + 'default' => 0, + 'description' => 'A Unix timestamp indicating when the entry should expire.', + ), + ), + 'indexes' => array( + 'nonce' => array('nonce'), + 'expires' => array('expires'), + ), + ); + + db_create_table($ret, 'openid_nonce', $schema['openid_nonce']); + + return $ret; +} + +/** + * @} End of "defgroup updates-6.x-extra" + * The next series of updates should start at 7000. + */ diff -Nru drupal6-6.16/modules/openid/openid.module drupal6-6.19/modules/openid/openid.module --- drupal6-6.16/modules/openid/openid.module 2009-12-07 12:52:22.000000000 +0000 +++ drupal6-6.19/modules/openid/openid.module 2010-08-18 09:52:58.000000000 +0100 @@ -1,5 +1,5 @@ l(t('Cancel OpenID login'), '#'), 'class' => 'user-link', ); - + $form['openid_links'] = array( '#value' => theme('item_list', $items), '#weight' => 1, @@ -111,7 +111,7 @@ '#weight' => -1, '#description' => l(t('What is OpenID?'), 'http://openid.net/', array('external' => TRUE)), ); - $form['openid.return_to'] = array('#type' => 'hidden', '#value' => url('openid/authenticate', array('absolute' => TRUE, 'query' => drupal_get_destination()))); + $form['openid.return_to'] = array('#type' => 'hidden', '#value' => url('openid/authenticate', array('absolute' => TRUE, 'query' => user_login_destination()))); } elseif ($form_id == 'user_register' && isset($_SESSION['openid']['values'])) { // We were unable to auto-register a new user. Prefill the registration @@ -220,12 +220,13 @@ * $response['status'] set to one of 'success', 'failed' or 'cancel'. */ function openid_complete($response = array()) { + global $base_url; module_load_include('inc', 'openid'); if (count($response) == 0) { $response = _openid_response(); } - + // Default to failed response $response['status'] = 'failed'; if (isset($_SESSION['openid']['service']['uri']) && isset($_SESSION['openid']['claimed_id'])) { @@ -238,7 +239,7 @@ $response['status'] = 'cancel'; } else { - if (openid_verify_assertion($service['uri'], $response)) { + if (openid_verify_assertion($service, $response)) { // If the returned claimed_id is different from the session claimed_id, // then we need to do discovery and make sure the op_endpoint matches. if ($service['version'] == 2 && $response['openid.claimed_id'] != $claimed_id) { @@ -250,6 +251,31 @@ else { $response['openid.claimed_id'] = $claimed_id; } + // Verify that openid.return_to matches the current URL (see OpenID + // Authentication 2.0, section 11.1). + // While OpenID Authentication 1.1, section 4.3 does not mandate + // return_to verification, the received return_to should still + // match these constraints. + $return_to_parts = parse_url($response['openid.return_to']); + + $base_url_parts = parse_url($base_url); + $current_parts = parse_url($base_url_parts['scheme'] .'://'. $base_url_parts['host'] . request_uri()); + + if ($return_to_parts['scheme'] != $current_parts['scheme'] || + $return_to_parts['host'] != $current_parts['host'] || + $return_to_parts['path'] != $current_parts['path']) { + + return $response; + } + // Verify that all query parameters in the openid.return_to URL have + // the same value in the current URL. In addition, the current URL + // contains a number of other parameters added by the OpenID Provider. + parse_str(isset($return_to_parts['query']) ? $return_to_parts['query'] : '', $return_to_query_parameters); + foreach ($return_to_query_parameters as $name => $value) { + if (!array_key_exists($name, $_GET) || $_GET[$name] != $value) { + return $response; + } + } $response['status'] = 'success'; } } @@ -502,33 +528,39 @@ /** * Attempt to verify the response received from the OpenID Provider. * - * @param $op_endpoint The OpenID Provider URL. - * @param $response Array of repsonse values from the provider. + * @param $service + * Array describing the OpenID provider. + * @param $response + * Array of response values from the provider. * * @return boolean */ -function openid_verify_assertion($op_endpoint, $response) { +function openid_verify_assertion($service, $response) { module_load_include('inc', 'openid'); - $valid = FALSE; + // http://openid.net/specs/openid-authentication-2_0.html#rfc.section.11.3 + // Check the Nonce to protect against replay attacks. + if (!openid_verify_assertion_nonce($service, $response)) { + return FALSE; + } + // http://openid.net/specs/openid-authentication-2_0.html#rfc.section.11.4 + // Verify the signatures. + $valid = FALSE; $association = db_fetch_object(db_query("SELECT * FROM {openid_association} WHERE assoc_handle = '%s'", $response['openid.assoc_handle'])); if ($association && isset($association->session_type)) { - $keys_to_sign = explode(',', $response['openid.signed']); - $self_sig = _openid_signature($association, $response, $keys_to_sign); - if ($self_sig == $response['openid.sig']) { - $valid = TRUE; - } - else { - $valid = FALSE; - } + // http://openid.net/specs/openid-authentication-2_0.html#rfc.section.11.4.2 + // Verification using an association. + $valid = openid_verify_assertion_signature($service, $association, $response); } else { + // http://openid.net/specs/openid-authentication-2_0.html#rfc.section.11.4.3 + // Direct verification. $request = $response; $request['openid.mode'] = 'check_authentication'; $message = _openid_create_message($request); $headers = array('Content-Type' => 'application/x-www-form-urlencoded; charset=utf-8'); - $result = drupal_http_request($op_endpoint, $headers, 'POST', _openid_encode_message($message)); + $result = drupal_http_request($service['uri'], $headers, 'POST', _openid_encode_message($message)); if (!isset($result->error)) { $response = _openid_parse_message($result->data); if (strtolower(trim($response['is_valid'])) == 'true') { @@ -541,3 +573,101 @@ } return $valid; } + +/** + * Verify the signature of the response received from the OpenID provider. + * + * @param $service + * Array describing the OpenID provider. + * @param $association + * Information on the association with the OpenID provider. + * @param $response + * Array of response values from the provider. + * + * @return + * TRUE if the signature is valid and covers all fields required to be signed. + * @see http://openid.net/specs/openid-authentication-2_0.html#rfc.section.11.4 + */ +function openid_verify_assertion_signature($service, $association, $response) { + if ($service['version'] == 2) { + // OpenID Authentication 2.0, section 10.1: + // These keys must always be signed. + $mandatory_keys = array('op_endpoint', 'return_to', 'response_nonce', 'assoc_handle'); + if (isset($response['openid.claimed_id'])) { + // If present, these two keys must also be signed. According to the spec, + // they are either both present or both absent. + $mandatory_keys[] = 'claimed_id'; + $mandatory_keys[] = 'identity'; + } + } + else { + // OpenID Authentication 1.1. section 4.3.3. + $mandatory_keys = array('identity', 'return_to'); + } + + $keys_to_sign = explode(',', $response['openid.signed']); + + if (count(array_diff($mandatory_keys, $keys_to_sign)) > 0) { + return FALSE; + } + + return _openid_signature($association, $response, $keys_to_sign) == $response['openid.sig']; +} + +/** + * Verify that the nonce has not been used in earlier assertions from the same OpenID provider. + * + * @param $service + * Array describing the OpenID provider. + * @param $response + * Array of response values from the provider. + * + * @return + * TRUE if the nonce has not expired and has not been used earlier. + */ +function openid_verify_assertion_nonce($service, $response) { + if ($service['version'] != 2) { + return TRUE; + } + + if (preg_match('/^(\d{4})-(\d{2})-(\d{2})T(\d{2}):(\d{2}):(\d{2})Z/', $response['openid.response_nonce'], $matches)) { + list(, $year, $month, $day, $hour, $minutes, $seconds) = $matches; + $nonce_timestamp = gmmktime($hour, $minutes, $seconds, $month, $day, $year); + } + else { + watchdog('openid', 'Nonce from @endpoint rejected because it is not correctly formatted, nonce: @nonce.', array('@endpoint' => $service['uri'], '@nonce' => $response['openid.response_nonce']), WATCHDOG_WARNING); + return FALSE; + } + + // A nonce with a timestamp to far in the past or future will already have + // been removed and cannot be checked for single use anymore. + $time = time(); + $expiry = 900; + if ($nonce_timestamp <= $time - $expiry || $nonce_timestamp >= $time + $expiry) { + watchdog('openid', 'Nonce received from @endpoint is out of range (time difference: @intervals). Check possible clock skew.', array('@endpoint' => $service['uri'], '@interval' => $time - $nonce_timestamp), WATCHDOG_WARNING); + return FALSE; + } + + // Record that this nonce was used. + db_query("INSERT INTO {openid_nonce} (idp_endpoint_uri, nonce, expires) VALUES ('%s', '%s', %d)", $service['uri'], $response['openid.response_nonce'], $nonce_timestamp + $expiry); + + // Count the number of times this nonce was used. + $count_used = db_result(db_query("SELECT COUNT(*) FROM {openid_nonce} WHERE nonce = '%s' AND idp_endpoint_uri = '%s'", $response['openid.response_nonce'], $service['uri'])); + + if ($count_used == 1) { + return TRUE; + } + else { + watchdog('openid', 'Nonce replay attempt blocked from @ip, nonce: @nonce.', array('@ip' => ip_address(), '@nonce' => $response['openid.response_nonce']), WATCHDOG_CRITICAL); + return FALSE; + } +} + +/** + * Remove expired nonces from the database. + * + * Implementation of hook_cron(). + */ +function openid_cron() { + db_query("DELETE FROM {openid_nonce} WHERE expires < %d", time()); +} diff -Nru drupal6-6.16/modules/path/path.info drupal6-6.19/modules/path/path.info --- drupal6-6.16/modules/path/path.info 2010-03-04 00:20:08.000000000 +0000 +++ drupal6-6.19/modules/path/path.info 2010-08-18 09:52:58.000000000 +0100 @@ -5,8 +5,8 @@ version = VERSION core = 6.x -; Information added by drupal.org packaging script on 2010-03-04 -version = "6.16" +; Information added by drupal.org packaging script on 2010-08-11 +version = "6.19" project = "drupal" -datestamp = "1267662008" +datestamp = "1281559292" diff -Nru drupal6-6.16/modules/php/php.info drupal6-6.19/modules/php/php.info --- drupal6-6.16/modules/php/php.info 2010-03-04 00:20:08.000000000 +0000 +++ drupal6-6.19/modules/php/php.info 2010-08-18 09:52:58.000000000 +0100 @@ -5,8 +5,8 @@ version = VERSION core = 6.x -; Information added by drupal.org packaging script on 2010-03-04 -version = "6.16" +; Information added by drupal.org packaging script on 2010-08-11 +version = "6.19" project = "drupal" -datestamp = "1267662008" +datestamp = "1281559292" diff -Nru drupal6-6.16/modules/ping/ping.info drupal6-6.19/modules/ping/ping.info --- drupal6-6.16/modules/ping/ping.info 2010-03-04 00:20:08.000000000 +0000 +++ drupal6-6.19/modules/ping/ping.info 2010-08-18 09:52:58.000000000 +0100 @@ -5,8 +5,8 @@ version = VERSION core = 6.x -; Information added by drupal.org packaging script on 2010-03-04 -version = "6.16" +; Information added by drupal.org packaging script on 2010-08-11 +version = "6.19" project = "drupal" -datestamp = "1267662008" +datestamp = "1281559292" diff -Nru drupal6-6.16/modules/poll/poll.info drupal6-6.19/modules/poll/poll.info --- drupal6-6.16/modules/poll/poll.info 2010-03-04 00:20:08.000000000 +0000 +++ drupal6-6.19/modules/poll/poll.info 2010-08-18 09:52:58.000000000 +0100 @@ -5,8 +5,8 @@ version = VERSION core = 6.x -; Information added by drupal.org packaging script on 2010-03-04 -version = "6.16" +; Information added by drupal.org packaging script on 2010-08-11 +version = "6.19" project = "drupal" -datestamp = "1267662008" +datestamp = "1281559292" diff -Nru drupal6-6.16/modules/poll/poll.module drupal6-6.19/modules/poll/poll.module --- drupal6-6.16/modules/poll/poll.module 2009-09-14 11:16:54.000000000 +0100 +++ drupal6-6.19/modules/poll/poll.module 2010-08-18 09:52:58.000000000 +0100 @@ -1,5 +1,5 @@ TRUE, ); @@ -308,17 +306,15 @@ '#default_value' => $value, '#parents' => array('choice', $delta, 'chtext'), ); - - if ($admin) { - $form['chvotes'] = array( - '#type' => 'textfield', - '#title' => t('Votes for choice @n', array('@n' => ($delta + 1))), - '#default_value' => $votes, - '#size' => 5, - '#maxlength' => 7, - '#parents' => array('choice', $delta, 'chvotes'), - ); - } + $form['chvotes'] = array( + '#type' => 'textfield', + '#title' => t('Votes for choice @n', array('@n' => ($delta + 1))), + '#default_value' => $votes, + '#size' => 5, + '#maxlength' => 7, + '#parents' => array('choice', $delta, 'chvotes'), + '#access' => user_access('administer nodes'), + ); return $form; } diff -Nru drupal6-6.16/modules/profile/profile.info drupal6-6.19/modules/profile/profile.info --- drupal6-6.16/modules/profile/profile.info 2010-03-04 00:20:08.000000000 +0000 +++ drupal6-6.19/modules/profile/profile.info 2010-08-18 09:52:58.000000000 +0100 @@ -5,8 +5,8 @@ version = VERSION core = 6.x -; Information added by drupal.org packaging script on 2010-03-04 -version = "6.16" +; Information added by drupal.org packaging script on 2010-08-11 +version = "6.19" project = "drupal" -datestamp = "1267662008" +datestamp = "1281559292" diff -Nru drupal6-6.16/modules/search/search.info drupal6-6.19/modules/search/search.info --- drupal6-6.16/modules/search/search.info 2010-03-04 00:20:08.000000000 +0000 +++ drupal6-6.19/modules/search/search.info 2010-08-18 09:52:58.000000000 +0100 @@ -5,8 +5,8 @@ version = VERSION core = 6.x -; Information added by drupal.org packaging script on 2010-03-04 -version = "6.16" +; Information added by drupal.org packaging script on 2010-08-11 +version = "6.19" project = "drupal" -datestamp = "1267662008" +datestamp = "1281559292" diff -Nru drupal6-6.16/modules/search/search.module drupal6-6.19/modules/search/search.module --- drupal6-6.16/modules/search/search.module 2009-12-07 15:44:33.000000000 +0000 +++ drupal6-6.19/modules/search/search.module 2010-08-18 09:52:58.000000000 +0100 @@ -1,5 +1,5 @@ variable_get('statistics_enable_access_log', 0), '#options' => $options, '#description' => t('Log each page access. Required for referrer statistics.')); - $period = drupal_map_assoc(array(3600, 10800, 21600, 32400, 43200, 86400, 172800, 259200, 604800, 1209600, 2419200, 4838400, 9676800), 'format_interval'); + $period = array('0' => t('Never')) + drupal_map_assoc(array(3600, 10800, 21600, 32400, 43200, 86400, 172800, 259200, 604800, 1209600, 2419200, 4838400, 9676800), 'format_interval'); $form['access']['statistics_flush_accesslog_timer'] = array( '#type' => 'select', '#title' => t('Discard access logs older than'), diff -Nru drupal6-6.16/modules/statistics/statistics.info drupal6-6.19/modules/statistics/statistics.info --- drupal6-6.16/modules/statistics/statistics.info 2010-03-04 00:20:08.000000000 +0000 +++ drupal6-6.19/modules/statistics/statistics.info 2010-08-18 09:52:58.000000000 +0100 @@ -5,8 +5,8 @@ version = VERSION core = 6.x -; Information added by drupal.org packaging script on 2010-03-04 -version = "6.16" +; Information added by drupal.org packaging script on 2010-08-11 +version = "6.19" project = "drupal" -datestamp = "1267662008" +datestamp = "1281559292" diff -Nru drupal6-6.16/modules/statistics/statistics.module drupal6-6.19/modules/statistics/statistics.module --- drupal6-6.16/modules/statistics/statistics.module 2009-04-27 13:25:24.000000000 +0100 +++ drupal6-6.19/modules/statistics/statistics.module 2010-08-18 09:52:58.000000000 +0100 @@ -1,5 +1,5 @@ 0) { + db_query('DELETE FROM {accesslog} WHERE timestamp < %d', time() - variable_get('statistics_flush_accesslog_timer', 259200)); + } } /** diff -Nru drupal6-6.16/modules/syslog/syslog.info drupal6-6.19/modules/syslog/syslog.info --- drupal6-6.16/modules/syslog/syslog.info 2010-03-04 00:20:08.000000000 +0000 +++ drupal6-6.19/modules/syslog/syslog.info 2010-08-18 09:52:58.000000000 +0100 @@ -5,8 +5,8 @@ version = VERSION core = 6.x -; Information added by drupal.org packaging script on 2010-03-04 -version = "6.16" +; Information added by drupal.org packaging script on 2010-08-11 +version = "6.19" project = "drupal" -datestamp = "1267662008" +datestamp = "1281559292" diff -Nru drupal6-6.16/modules/system/page.tpl.php drupal6-6.19/modules/system/page.tpl.php --- drupal6-6.16/modules/system/page.tpl.php 2009-04-30 01:13:31.000000000 +0100 +++ drupal6-6.19/modules/system/page.tpl.php 2010-08-18 09:52:58.000000000 +0100 @@ -1,10 +1,9 @@ language contains its textual representation. - * $language->dir contains the language direction. It will either be 'ltr' or 'rtl'. - * - $head_title: A modified version of the page title, for use in the TITLE tag. - * - $head: Markup for the HEAD section (including meta tags, keyword tags, and + * $language->dir contains the language direction. It will either be 'ltr' or + * 'rtl'. + * - $head_title: A modified version of the page title, for use in the TITLE + * element. + * - $head: Markup for the HEAD element (including meta tags, keyword tags, and * so on). * - $styles: Style tags necessary to import all CSS files for the page. * - $scripts: Script tags necessary to load the JavaScript files and settings * for the page. * - $body_classes: A set of CSS classes for the BODY tag. This contains flags - * indicating the current layout (multiple columns, single column), the current - * path, whether the user is logged in, and so on. + * indicating the current layout (multiple columns, single column), the + * current path, whether the user is logged in, and so on. * * Site identity: * - $front_page: The URL of the front page. Use this instead of $base_path, - * when linking to the front page. This includes the language domain or prefix. + * when linking to the front page. This includes the language domain or + * prefix. * - $logo: The path to the logo image, as defined in theme configuration. - * - $site_name: The name of the site, empty when display has been disabled - * in theme settings. + * - $site_name: The name of the site, empty when display has been disabled in + * theme settings. * - $site_slogan: The slogan of the site, empty when display has been disabled * in theme settings. - * - $mission: The text of the site mission, empty when display has been disabled - * in theme settings. + * - $mission: The text of the site mission, empty when display has been + * disabled in theme settings. * * Navigation: - * - $search_box: HTML to display the search box, empty if search has been disabled. - * - $primary_links (array): An array containing primary navigation links for the - * site, if they have been configured. - * - $secondary_links (array): An array containing secondary navigation links for + * - $search_box: HTML to display the search box, empty if search has been + * disabled. + * - $primary_links (array): An array containing primary navigation links for * the site, if they have been configured. + * - $secondary_links (array): An array containing secondary navigation links + * for the site, if they have been configured. * - * Page content (in order of occurrance in the default page.tpl.php): + * Page content (in order of occurrence in the default page.tpl.php): * - $left: The HTML for the left sidebar. - * * - $breadcrumb: The breadcrumb trail for the current page. * - $title: The page title, for use in the actual HTML content. * - $help: Dynamic help text, mostly for admin pages. - * - $messages: HTML for status and error messages. Should be displayed prominently. - * - $tabs: Tabs linking to any sub-pages beneath the current page (e.g., the view - * and edit tabs when displaying a node). - * + * - $messages: HTML for status and error messages. Should be displayed + * prominently. + * - $tabs: Tabs linking to any sub-pages beneath the current page (e.g., the + * view and edit tabs when displaying a node). * - $content: The main content of the current Drupal page. - * * - $right: The HTML for the right sidebar. + * - $node: The node object, if there is an automatically-loaded node associated + * with the page, and the node ID is the second argument in the page's path + * (e.g. node/12345 and node/12345/revisions, but not comment/reply/12345). * * Footer/closing data: * - $feed_icons: A string of all feed icons for the current page. * - $footer_message: The footer message as defined in the admin settings. * - $footer : The footer region. * - $closure: Final closing markup from any modules that have altered the page. - * This variable should always be output last, after all other dynamic content. + * This variable should always be output last, after all other dynamic + * content. * * @see template_preprocess() * @see template_preprocess_page() diff -Nru drupal6-6.16/modules/system/system.info drupal6-6.19/modules/system/system.info --- drupal6-6.16/modules/system/system.info 2010-03-04 00:20:08.000000000 +0000 +++ drupal6-6.19/modules/system/system.info 2010-08-18 09:52:58.000000000 +0100 @@ -5,8 +5,8 @@ version = VERSION core = 6.x -; Information added by drupal.org packaging script on 2010-03-04 -version = "6.16" +; Information added by drupal.org packaging script on 2010-08-11 +version = "6.19" project = "drupal" -datestamp = "1267662008" +datestamp = "1281559292" diff -Nru drupal6-6.16/modules/system/system.install drupal6-6.19/modules/system/system.install --- drupal6-6.16/modules/system/system.install 2010-03-01 16:53:57.000000000 +0000 +++ drupal6-6.19/modules/system/system.install 2010-08-18 09:52:58.000000000 +0100 @@ -1,5 +1,5 @@ TRUE, 'default' => 0), 'status' => array( - 'description' => 'A flag indicating whether file is temporary (1) or permanent (0).', + 'description' => 'A flag indicating whether file is temporary (0) or permanent (1).', 'type' => 'int', 'not null' => TRUE, 'default' => 0), diff -Nru drupal6-6.16/modules/system/system.module drupal6-6.19/modules/system/system.module --- drupal6-6.16/modules/system/system.module 2010-03-04 00:15:28.000000000 +0000 +++ drupal6-6.19/modules/system/system.module 2010-08-18 09:52:58.000000000 +0100 @@ -1,5 +1,5 @@ foo?"). + * block foo?"). The page title will be set to this value. * @param $path - * The page to go to if the user denies the action. - * Can be either a drupal path, or an array with the keys 'path', 'query', 'fragment'. + * The page to go to if the user cancels the action. This can be either: + * - A string containing a Drupal path. + * - An associative array with a 'path' key. Additional array values are + * passed as the $options parameter to l(). + * If the 'destination' query parameter is set in the URL when viewing a + * confirmation form, that value will be used instead of $path. * @param $description - * Additional text to display (defaults to "This action cannot be undone."). + * Additional text to display. Defaults to t('This action cannot be undone.'). * @param $yes - * A caption for the button which confirms the action (e.g. "Delete", - * "Replace", ...). + * A caption for the button that confirms the action (e.g. "Delete", + * "Replace", ...). Defaults to t('Confirm'). * @param $no - * A caption for the link which denies the action (e.g. "Cancel"). + * A caption for the link which cancels the action (e.g. "Cancel"). Defaults + * to t('Cancel'). * @param $name * The internal name used to refer to the confirmation item. + * * @return - * The form. + * The form array. */ function confirm_form($form, $question, $path, $description = NULL, $yes = NULL, $no = NULL, $name = 'confirm') { $description = isset($description) ? $description : t('This action cannot be undone.'); @@ -1378,7 +1388,7 @@ while ($action = db_fetch_object($result)) { $row[] = array( array('data' => $action->type), - array('data' => $action->description), + array('data' => filter_xss_admin($action->description)), array('data' => $action->parameters ? l(t('configure'), "admin/settings/actions/configure/$action->aid") : ''), array('data' => $action->parameters ? l(t('delete'), "admin/settings/actions/delete/$action->aid") : '') ); @@ -1584,9 +1594,8 @@ $aid = $form_state['values']['aid']; $action = actions_load($aid); actions_delete($aid); - $description = check_plain($action->description); - watchdog('user', 'Deleted action %aid (%action)', array('%aid' => $aid, '%action' => $description)); - drupal_set_message(t('Action %action was deleted', array('%action' => $description))); + watchdog('user', 'Deleted action %aid (%action)', array('%aid' => $aid, '%action' => $action->description)); + drupal_set_message(t('Action %action was deleted', array('%action' => $action->description))); $form_state['redirect'] = 'admin/settings/actions/manage'; } @@ -1786,7 +1795,7 @@ ); } $subject = strtr($context['subject'], $variables); - $body = strtr($context['message'], $variables); + $body = strtr(filter_xss_admin($context['message']), $variables); $message['subject'] .= str_replace(array("\r", "\n"), '', $subject); $message['body'][] = drupal_html_to_text($body); } @@ -1835,11 +1844,11 @@ case 'taxonomy': $vocabulary = taxonomy_vocabulary_load($object->vid); $variables = array_merge($variables, array( - '%term_name' => $object->name, - '%term_description' => $object->description, + '%term_name' => check_plain($object->name), + '%term_description' => filter_xss_admin($object->description), '%term_id' => $object->tid, - '%vocabulary_name' => $vocabulary->name, - '%vocabulary_description' => $vocabulary->description, + '%vocabulary_name' => check_plain($vocabulary->name), + '%vocabulary_description' => filter_xss_admin($vocabulary->description), '%vocabulary_id' => $vocabulary->vid, ) ); @@ -1854,13 +1863,13 @@ '%uid' => $node->uid, '%node_url' => url('node/'. $node->nid, array('absolute' => TRUE)), '%node_type' => check_plain(node_get_types('name', $node)), - '%title' => filter_xss($node->title), - '%teaser' => filter_xss($node->teaser), - '%body' => filter_xss($node->body), + '%title' => check_plain($node->title), + '%teaser' => check_markup($node->teaser, $node->format, FALSE), + '%body' => check_markup($node->body, $node->format, FALSE), ) ); } - $context['message'] = strtr($context['message'], $variables); + $context['message'] = strtr(filter_xss_admin($context['message']), $variables); drupal_set_message($context['message']); } diff -Nru drupal6-6.16/modules/taxonomy/taxonomy.admin.inc drupal6-6.19/modules/taxonomy/taxonomy.admin.inc --- drupal6-6.16/modules/taxonomy/taxonomy.admin.inc 2009-02-25 12:53:24.000000000 +0000 +++ drupal6-6.19/modules/taxonomy/taxonomy.admin.inc 2010-08-18 09:52:58.000000000 +0100 @@ -1,5 +1,5 @@ $form_state['values']['name']))); watchdog('taxonomy', 'Reset vocabulary %name to alphabetical order.', array('%name' => $form_state['values']['name']), WATCHDOG_NOTICE); $form_state['redirect'] = 'admin/content/taxonomy/'. $form_state['values']['vid']; diff -Nru drupal6-6.16/modules/taxonomy/taxonomy.info drupal6-6.19/modules/taxonomy/taxonomy.info --- drupal6-6.16/modules/taxonomy/taxonomy.info 2010-03-04 00:20:08.000000000 +0000 +++ drupal6-6.19/modules/taxonomy/taxonomy.info 2010-08-18 09:52:58.000000000 +0100 @@ -5,8 +5,8 @@ version = VERSION core = 6.x -; Information added by drupal.org packaging script on 2010-03-04 -version = "6.16" +; Information added by drupal.org packaging script on 2010-08-11 +version = "6.19" project = "drupal" -datestamp = "1267662008" +datestamp = "1281559292" diff -Nru drupal6-6.16/modules/taxonomy/taxonomy.module drupal6-6.19/modules/taxonomy/taxonomy.module --- drupal6-6.16/modules/taxonomy/taxonomy.module 2010-03-01 10:08:21.000000000 +0000 +++ drupal6-6.19/modules/taxonomy/taxonomy.module 2010-08-18 09:52:58.000000000 +0100 @@ -1,5 +1,5 @@ nid) ? array() : taxonomy_node_get_terms($node); } else { - // After preview the terms must be converted to objects. - if (isset($form_state['node_preview'])) { + // After a preview or form reload, the terms must be converted to objects. + reset($node->taxonomy); + if (!is_object(current($node->taxonomy))) { $node->taxonomy = taxonomy_preview_terms($node); } $terms = $node->taxonomy; @@ -1314,7 +1330,9 @@ } /** - * Implode a list of tags of a certain vocabulary into a string. + * Implodes a list of tags of a certain vocabulary into a string. + * + * @see drupal_explode_tags() */ function taxonomy_implode_tags($tags, $vid = NULL) { $typed_tags = array(); diff -Nru drupal6-6.16/modules/throttle/throttle.info drupal6-6.19/modules/throttle/throttle.info --- drupal6-6.16/modules/throttle/throttle.info 2010-03-04 00:20:08.000000000 +0000 +++ drupal6-6.19/modules/throttle/throttle.info 2010-08-18 09:52:58.000000000 +0100 @@ -5,8 +5,8 @@ version = VERSION core = 6.x -; Information added by drupal.org packaging script on 2010-03-04 -version = "6.16" +; Information added by drupal.org packaging script on 2010-08-11 +version = "6.19" project = "drupal" -datestamp = "1267662008" +datestamp = "1281559292" diff -Nru drupal6-6.16/modules/tracker/tracker.info drupal6-6.19/modules/tracker/tracker.info --- drupal6-6.16/modules/tracker/tracker.info 2010-03-04 00:20:08.000000000 +0000 +++ drupal6-6.19/modules/tracker/tracker.info 2010-08-18 09:52:58.000000000 +0100 @@ -6,8 +6,8 @@ version = VERSION core = 6.x -; Information added by drupal.org packaging script on 2010-03-04 -version = "6.16" +; Information added by drupal.org packaging script on 2010-08-11 +version = "6.19" project = "drupal" -datestamp = "1267662008" +datestamp = "1281559292" diff -Nru drupal6-6.16/modules/translation/translation.info drupal6-6.19/modules/translation/translation.info --- drupal6-6.16/modules/translation/translation.info 2010-03-04 00:20:08.000000000 +0000 +++ drupal6-6.19/modules/translation/translation.info 2010-08-18 09:52:58.000000000 +0100 @@ -6,8 +6,8 @@ version = VERSION core = 6.x -; Information added by drupal.org packaging script on 2010-03-04 -version = "6.16" +; Information added by drupal.org packaging script on 2010-08-11 +version = "6.19" project = "drupal" -datestamp = "1267662008" +datestamp = "1281559292" diff -Nru drupal6-6.16/modules/trigger/trigger.admin.inc drupal6-6.19/modules/trigger/trigger.admin.inc --- drupal6-6.16/modules/trigger/trigger.admin.inc 2008-01-08 10:35:43.000000000 +0000 +++ drupal6-6.19/modules/trigger/trigger.admin.inc 2010-08-18 09:52:58.000000000 +0100 @@ -1,5 +1,5 @@ check_plain($actions[$aid]['description']))); + watchdog('actions', 'Action %action has been unassigned.', array('%action' => $actions[$aid]['description'])); drupal_set_message(t('Action %action has been unassigned.', array('%action' => $actions[$aid]['description']))); $hook = $form_values['hook'] == 'nodeapi' ? 'node' : $form_values['hook']; $form_state['redirect'] = 'admin/build/trigger/'. $hook; @@ -239,7 +239,7 @@ $rows = array(); foreach ($element['assigned']['#value'] as $aid => $info) { $rows[] = array( - $info['description'], + filter_xss_admin($info['description']), $info['link'] ); } diff -Nru drupal6-6.16/modules/trigger/trigger.info drupal6-6.19/modules/trigger/trigger.info --- drupal6-6.16/modules/trigger/trigger.info 2010-03-04 00:20:08.000000000 +0000 +++ drupal6-6.19/modules/trigger/trigger.info 2010-08-18 09:52:58.000000000 +0100 @@ -5,8 +5,8 @@ version = VERSION core = 6.x -; Information added by drupal.org packaging script on 2010-03-04 -version = "6.16" +; Information added by drupal.org packaging script on 2010-08-11 +version = "6.19" project = "drupal" -datestamp = "1267662008" +datestamp = "1281559292" diff -Nru drupal6-6.16/modules/trigger/trigger.module drupal6-6.19/modules/trigger/trigger.module --- drupal6-6.16/modules/trigger/trigger.module 2009-06-08 17:34:57.000000000 +0100 +++ drupal6-6.19/modules/trigger/trigger.module 2010-08-18 09:52:58.000000000 +0100 @@ -1,5 +1,5 @@ $nice_name, 'page callback' => 'trigger_assign', 'page arguments' => array($module), + 'access callback' => 'trigger_access_check', 'access arguments' => array($module), 'type' => MENU_LOCAL_TASK, 'file' => 'trigger.admin.inc', diff -Nru drupal6-6.16/modules/update/update.compare.inc drupal6-6.19/modules/update/update.compare.inc --- drupal6-6.16/modules/update/update.compare.inc 2010-03-01 09:40:45.000000000 +0000 +++ drupal6-6.19/modules/update/update.compare.inc 2010-08-18 09:52:58.000000000 +0100 @@ -1,5 +1,5 @@ $value) { + if (!isset($whitelist[$key])) { + unset($info[$key]); + } + } + return $info; } diff -Nru drupal6-6.16/modules/update/update.info drupal6-6.19/modules/update/update.info --- drupal6-6.16/modules/update/update.info 2010-03-04 00:20:08.000000000 +0000 +++ drupal6-6.19/modules/update/update.info 2010-08-18 09:52:58.000000000 +0100 @@ -5,8 +5,8 @@ package = Core - optional core = 6.x -; Information added by drupal.org packaging script on 2010-03-04 -version = "6.16" +; Information added by drupal.org packaging script on 2010-08-11 +version = "6.19" project = "drupal" -datestamp = "1267662008" +datestamp = "1281559292" diff -Nru drupal6-6.16/modules/update/update.install drupal6-6.19/modules/update/update.install --- drupal6-6.16/modules/update/update.install 2009-01-06 15:46:38.000000000 +0000 +++ drupal6-6.19/modules/update/update.install 2010-08-18 09:52:58.000000000 +0100 @@ -1,5 +1,5 @@ filepath) { + // Since some database servers sometimes use a case-insensitive + // comparison by default, double check that the filename is an exact + // match. + continue; + } if (user_access('view uploaded files') && ($node = node_load($file->nid)) && node_access('view', $node)) { return array( 'Content-Type: ' . $file->filemime, @@ -189,6 +195,9 @@ if (isset($form_state['values']['files'])) { foreach ($form_state['values']['files'] as $fid => $file) { + // If the node was previewed prior to saving, $form['#node']->files[$fid] + // is an array instead of an object. Convert file to object for compatibility. + $form['#node']->files[$fid] = (object) $form['#node']->files[$fid]; $form_state['values']['files'][$fid]['new'] = !empty($form['#node']->files[$fid]->new); } } diff -Nru drupal6-6.16/modules/user/user.info drupal6-6.19/modules/user/user.info --- drupal6-6.16/modules/user/user.info 2010-03-04 00:20:08.000000000 +0000 +++ drupal6-6.19/modules/user/user.info 2010-08-18 09:52:58.000000000 +0100 @@ -5,8 +5,8 @@ version = VERSION core = 6.x -; Information added by drupal.org packaging script on 2010-03-04 -version = "6.16" +; Information added by drupal.org packaging script on 2010-08-11 +version = "6.19" project = "drupal" -datestamp = "1267662008" +datestamp = "1281559292" diff -Nru drupal6-6.16/modules/user/user.module drupal6-6.19/modules/user/user.module --- drupal6-6.16/modules/user/user.module 2010-03-01 11:42:50.000000000 +0000 +++ drupal6-6.19/modules/user/user.module 2010-08-18 09:52:58.000000000 +0100 @@ -1,5 +1,5 @@ USERNAME_MAX_LENGTH) return t('The username %name is too long: it must be %max characters or less.', array('%name' => $name, '%max' => USERNAME_MAX_LENGTH)); + if (drupal_strlen($name) > USERNAME_MAX_LENGTH) { + return t('The username %name is too long: it must be %max characters or less.', array('%name' => $name, '%max' => USERNAME_MAX_LENGTH)); + } } function user_validate_mail($mail) { @@ -1154,7 +1165,7 @@ $accounts[$uid] = user_load($uid); } $valid = TRUE; - if ($account = $accounts[$uid]) { + if (($account = $accounts[$uid]) && isset($map[$index + 1]) && $map[$index + 1] == 'edit') { // Since the path is like user/%/edit/category_name, the category name will // be at a position 2 beyond the index corresponding to the % wildcard. $category_index = $index + 2; @@ -1239,7 +1250,7 @@ if ($value) { db_query("UPDATE {authmap} SET authname = '%s' WHERE uid = %d AND module = '%s'", $value, $account->uid, $module[1]); if (!db_affected_rows()) { - db_query("INSERT INTO {authmap} (authname, uid, module) VALUES ('%s', %d, '%s')", $value, $account->uid, $module[1]); + @db_query("INSERT INTO {authmap} (authname, uid, module) VALUES ('%s', %d, '%s')", $value, $account->uid, $module[1]); } } else { @@ -1335,7 +1346,6 @@ global $user; if (!$user->uid) { form_set_error('name', t('Sorry, unrecognized username or password. Have you forgotten your password?', array('@password' => url('user/password')))); - watchdog('user', 'Login attempt failed for %user.', array('%user' => $form_state['values']['name'])); } } @@ -1368,6 +1378,9 @@ user_authenticate_finalize($form_values); return $user; } + else { + watchdog('user', 'Login attempt failed for %user.', array('%user' => $form_values['name'])); + } } /** @@ -1439,6 +1452,16 @@ } } +/** + * Generates a unique URL for a user to login and reset their password. + * + * @param object $account + * An object containing the user account. + * + * @return + * A unique URL that provides a one-time log in for the user, from which + * they can change their password. + */ function user_pass_reset_url($account) { $timestamp = time(); return url("user/reset/$account->uid/$timestamp/". user_pass_rehash($account->pass, $timestamp, $account->login), array('absolute' => TRUE)); @@ -2504,3 +2527,18 @@ return empty($groups) ? FALSE : $groups; } + +/** + * Prepare a destination query string for use in combination with drupal_goto(). + * + * Used to direct the user back to the referring page after completing + * the openid login. This function prevents the login page from being + * returned because that page will give an access denied message to an + * authenticated user. + * + * @see drupal_get_destination() + */ +function user_login_destination() { + $destination = drupal_get_destination(); + return $destination == 'destination=user%2Flogin' ? 'destination=user' : $destination; +} diff -Nru drupal6-6.16/modules/user/user.pages.inc drupal6-6.19/modules/user/user.pages.inc --- drupal6-6.16/modules/user/user.pages.inc 2009-09-16 18:54:20.000000000 +0100 +++ drupal6-6.19/modules/user/user.pages.inc 2010-08-18 09:52:58.000000000 +0100 @@ -1,5 +1,5 @@ $name))); - } // Try to load by email. $account = user_load(array('mail' => $name, 'status' => 1)); @@ -56,6 +51,13 @@ // No success, try to load by name. $account = user_load(array('name' => $name, 'status' => 1)); } + if ($account) { + // Blocked accounts cannot request a new password, + // check provided username and email against access rules. + if (drupal_is_denied('user', $account->name) || drupal_is_denied('mail', $account->mail)) { + form_set_error('name', t('%name is not allowed to request a new password.', array('%name' => $name))); + } + } if (isset($account->uid)) { form_set_value(array('#parents' => array('account')), $account, $form_state); } diff -Nru drupal6-6.16/themes/bluemarine/bluemarine.info drupal6-6.19/themes/bluemarine/bluemarine.info --- drupal6-6.16/themes/bluemarine/bluemarine.info 2010-03-04 00:20:08.000000000 +0000 +++ drupal6-6.19/themes/bluemarine/bluemarine.info 2010-08-18 09:52:58.000000000 +0100 @@ -5,8 +5,8 @@ core = 6.x engine = phptemplate -; Information added by drupal.org packaging script on 2010-03-04 -version = "6.16" +; Information added by drupal.org packaging script on 2010-08-11 +version = "6.19" project = "drupal" -datestamp = "1267662008" +datestamp = "1281559292" diff -Nru drupal6-6.16/themes/chameleon/chameleon.info drupal6-6.19/themes/chameleon/chameleon.info --- drupal6-6.16/themes/chameleon/chameleon.info 2010-03-04 00:20:08.000000000 +0000 +++ drupal6-6.19/themes/chameleon/chameleon.info 2010-08-18 09:52:58.000000000 +0100 @@ -12,8 +12,8 @@ version = VERSION core = 6.x -; Information added by drupal.org packaging script on 2010-03-04 -version = "6.16" +; Information added by drupal.org packaging script on 2010-08-11 +version = "6.19" project = "drupal" -datestamp = "1267662008" +datestamp = "1281559292" diff -Nru drupal6-6.16/themes/chameleon/marvin/marvin.info drupal6-6.19/themes/chameleon/marvin/marvin.info --- drupal6-6.16/themes/chameleon/marvin/marvin.info 2010-03-04 00:20:08.000000000 +0000 +++ drupal6-6.19/themes/chameleon/marvin/marvin.info 2010-08-18 09:52:58.000000000 +0100 @@ -7,8 +7,8 @@ core = 6.x base theme = chameleon -; Information added by drupal.org packaging script on 2010-03-04 -version = "6.16" +; Information added by drupal.org packaging script on 2010-08-11 +version = "6.19" project = "drupal" -datestamp = "1267662008" +datestamp = "1281559292" diff -Nru drupal6-6.16/themes/engines/phptemplate/phptemplate.engine drupal6-6.19/themes/engines/phptemplate/phptemplate.engine --- drupal6-6.16/themes/engines/phptemplate/phptemplate.engine 2007-10-02 17:19:23.000000000 +0100 +++ drupal6-6.19/themes/engines/phptemplate/phptemplate.engine 2010-08-18 09:52:58.000000000 +0100 @@ -1,11 +1,14 @@ filename) .'/template.php'; if (file_exists($file)) { @@ -14,14 +17,10 @@ } /** - * Implementation of hook_theme to tell Drupal what templates the engine - * and the current theme use. The $existing argument will contain hooks - * pre-defined by Drupal so that we can use that information if - * we need to. + * Implementation of hook_theme(). */ function phptemplate_theme($existing, $type, $theme, $path) { $templates = drupal_find_theme_functions($existing, array('phptemplate', $theme)); $templates += drupal_find_theme_templates($existing, '.tpl.php', $path); return $templates; } - diff -Nru drupal6-6.16/themes/garland/garland.info drupal6-6.19/themes/garland/garland.info --- drupal6-6.16/themes/garland/garland.info 2010-03-04 00:20:08.000000000 +0000 +++ drupal6-6.19/themes/garland/garland.info 2010-08-18 09:52:58.000000000 +0100 @@ -7,8 +7,8 @@ stylesheets[all][] = style.css stylesheets[print][] = print.css -; Information added by drupal.org packaging script on 2010-03-04 -version = "6.16" +; Information added by drupal.org packaging script on 2010-08-11 +version = "6.19" project = "drupal" -datestamp = "1267662008" +datestamp = "1281559292" diff -Nru drupal6-6.16/themes/garland/minnelli/minnelli.info drupal6-6.19/themes/garland/minnelli/minnelli.info --- drupal6-6.16/themes/garland/minnelli/minnelli.info 2010-03-04 00:20:08.000000000 +0000 +++ drupal6-6.19/themes/garland/minnelli/minnelli.info 2010-08-18 09:52:58.000000000 +0100 @@ -6,8 +6,8 @@ base theme = garland stylesheets[all][] = minnelli.css -; Information added by drupal.org packaging script on 2010-03-04 -version = "6.16" +; Information added by drupal.org packaging script on 2010-08-11 +version = "6.19" project = "drupal" -datestamp = "1267662008" +datestamp = "1281559292" diff -Nru drupal6-6.16/themes/garland/print.css drupal6-6.19/themes/garland/print.css --- drupal6-6.16/themes/garland/print.css 2007-09-06 22:23:32.000000000 +0100 +++ drupal6-6.19/themes/garland/print.css 2010-08-18 09:52:58.000000000 +0100 @@ -1,4 +1,4 @@ -/* $Id: print.css,v 1.3 2007/09/06 21:23:32 goba Exp $ */ +/* $Id: print.css,v 1.3.2.1 2010/08/06 11:37:38 goba Exp $ */ /** * Garland, for Drupal 5.0 @@ -19,7 +19,7 @@ display: none; } -body.sidebars, body.sideber-left, body.sidebar-right, body { +body.sidebars, body.sidebar-left, body.sidebar-right, body { width: 640px; } diff -Nru drupal6-6.16/themes/garland/template.php drupal6-6.19/themes/garland/template.php --- drupal6-6.16/themes/garland/template.php 2009-08-10 12:32:54.000000000 +0100 +++ drupal6-6.19/themes/garland/template.php 2010-08-18 09:52:58.000000000 +0100 @@ -1,5 +1,5 @@