· Use the right JSON MIME type in drupal_json().
· Fixed phpdoc for system_settings_overview().
· When drupal_execute()ing multiple forms with same form_id in a page request, only the first one was validated.
· Link in update.php instructions was pointing to an outdated handbook page. Update it.
· Plural formula information was blanked when importing a poorly-formed .po file.
· OpenID realm should not be language dependent.
· Tabledrag.js should not use for...in to iterate over an array.
· Invalid Unicode code range in PREG_CLASS_UNICODE_WORD_BOUNDARY fails with PCRE 8.30.
· Improved theme_links() documentation.
· Improved db_query_temporary() documentation to apply even if persistent database connections are used.
· Better return value documentation for db_query().
· Minor documentation fix in the batch_set() docs.
· Expanded drupal_goto() documentation for query argument.
· Documentation cleanup for _user_mail_notify().
· Rollback for issue #12274 given that it does not consider email domain names with hyphens valid after the first component of the domain name.
· Fixed duplicate entry of theme primary key in system table on Drupal 6.24 when updating using drush.
· Fixed 'Call to undefined function locale_inc_callback()' during 6.22 -> 6.24 upgrade if locale module was previously enabled but is not currently enabled.
· This is a development snapshot release for the 8.x series. This is not stable, and production sites should not run this code.
· Maintenance releases which fix security vulnerabilities.
· Fixed Content-Language HTTP header to not cause issues with Drush 5.x.
· Reduce memory usage of theme registry (performance).
· Fixed PECL upload progress bar for FileField
· Fixed running update.php doesn't always clear the cache.
· Fixed PDO exceptions on long titles.
· Fixed Overlay redirect does not include query string.
· Fixed D6 modules satisfy D7 module dependencies.
· Fixed the ordering of module hooks when using module_implements_alter().
· Fixed "floating" submit buttons during AJAX requests.
· Fixed timezone selected on install not propogating to admin account.
· Added msgctx context to JS translation functions, for feature parity with t().
· Profiles' .install files now available during hook_install_tasks().
· Added test coverage of 7.0 -> 7.x upgrade path.
· Numerous notice fixes.
· Numerous documentation improvements.
· Additional automated test coverage.
· Fixed files getting lost when adding multiple files to multiple file fields at the same time.
· Improved usability of the clean URL test screens.
· Restored height/width attributes on images run through the theme system.
· Fixed usability bug with first password field being pre-filled by certain browser plugins.
· Fixed file_usage_list() so that it can return more than one result.
· Fixed bug preventing preview of private images on node form.
· Fixed PDO error when inserting an aggregator title longer than 255 characters.
· Spelled out what TRADITIONAL means in MySQL sql_mode.
· Deprecated "!=" operator for DBTNG; should be "<>".
· Added two new API functions (menu_tree_set_path()/menu_tree_get_path()) were added in order to enable setting the active menu trail for dynamically generated menu paths.
· Added new "fast 404" capability in settings.php to bypass Drupal bootstrap when serving 404 pages for certain file types.
· Added format_string() function which can perform string munging ala the t() function without the overhead of the translation system.
· Numerous #states system fixes.
· Numerous EntityFieldQuery, DBTNG, and SQLite fixes.
· Numerous Shortcut module fixes.
· Numerous language system fixes.
· Numerous token fixes.
· Numerous CSS fixes.
· Numerous upgrade path fixes.
· Numerous minor string fixes.
· Numerous notice fixes.
· Minor typo in docs for function menu_link_get_preferred().
· shortcut_set_unassign_user() deletes in the wrong table.
· Fixed Tabledrag doesn't hide columns when the whole table is initially hidden.
· Fixed PHP memory not allowing color scheme change.
· Fixed warning: Invalid argument supplied for foreach() in filter_list_format() (line 675 of /.../modules/filter/filter.module).
· Let Field API fail in a tale-telling way on invalid .
· Fixed Add support to sqlite for char:normal type.
· Fixed role page weight title.
· Fixed variable was removed, but is still being assigned in template_preprocess_maintenance_page().
· Fixed PHP notices when creating menu link '#'.
· Fixed field_default_view() doc has problems.
· Fixed Node access rights doc should mention how to use query tags.
· Fixed theme_pager_link() doc missing 'text' variable.
· Fixed taxonomy_check_vocabulary_hierarchy() doc lacks return value.
· Fixed drupal_add_css() support for stream wrappers not documented.
· Fixed Batch operations example needs redirect.
· Fixed taxonomy_vocabulary_save() doc needs more detail.
· Fixed hook_field_extra_fields_alter() functions example code is wrong.
· Fixed taxonomy_get_children() return value doc is not complete.
· Fixed 'Installation failed' errors when installing modules from Update Manager w/ Overlay.
· Fixed Testing does not work at all when locale of host session is not English.
· New users do not know to click on 'Modules' to extend their site.
· AJAX now responds to 'click' instead of 'mousedown'. Testing was performed to make sure this doesn't affect major contributed modules, but could cause issues.
· The 'translatable' flag on fields added via the UI now defaults to FALSE, same as fields added via the API do. Contrib modules such as Entity Translation can allow toggling this back for sites that need it. An upgrade path will be included in a future release to bring all legacy fields into compliance.
· Remote streamwrappers are now supported, because of fixes to where drupal_realpath() is called.
· Drupal 7.4 fixes issues reported through the bug tracking system.
· Drupal 7.2 and 6.22 fixes issues reported through the bug tracking system.
· Upgrading the existing Drupal 7 and 6 sites is strongly recommended.
· Fixed can't install projects packed as zip in Update Manager.
· Fixed Radio button values get run through check_plain() twice
· Fix to field_sql_storage_update_7001().
· Add DBTNG support for EXISTS conditions.
· Fixed Fatal error: Call to undefined function language_negotiation_get_switch_links() when using only one language
· Fixed drupal_add_js() documentation makes reference to drupal_add_css()
· Fixed Duplicate comment line for drupal_render_cid_parts()
· Fixed Drupal.ajaxError may itself throw an exception, causing silent 'AJAX Error 0' events
· Fixed Call to undefined function decode_entities IN common.inc
· Fixed Explain in INSTALL.txt that on some servers, the automated settings.php creation isn't expected to work
· Better method of changing to DRUPAL_ROOT.
· Fix table prefixes to prevent random testbot failures.
· Fixed Topics/groups in D7 need cleanup
· Fixed exception handling while downloading/verifying a tarball in update manager.
· Fixed UpdateTestUploadCase->testUploadModule() raises an exception during testing with E_STRICT
· Fixed Update module should verify downloaded tarballs and propagate errors correctly
· Fixed all possible problems with comment links, using new generatePermutations testing function.
· Update to jQuery UI 1.8.7
· Fixed search-block-form.tpl.php refers to ['submit'], which no longer exists
· Fixed Custom #type machine_name 'exists' callbacks cannot access other form elements/values
· Fixed hook_init() example violates what doc says to do
· Upgrade jQuery Form library to 2.52.
· Fixed Update manager doesn't allow you to install a project if it finds a single 'broken' module in it
· Fixed FileTransfer doesn't properly handle any advanced settings nor the ssh username
· Fixed SSH connection class has wrong port in error string.
· Fixed Explain that the Update manager only works if you have FTP or SSH access to your server
· Fixed Update manager should not take you out of maintenance mode unless you asked it to
· Fixed administer comments does not respect node access.
· Fixed warn of PHP memory limit < 64MB for Testing module.
· Improved documentation of hook_date_formats()
· Fixed Overlay title jumps when active
· Add border-radius for IE9 / Opera 10.50
· Fixed Reordering fails with more than 31 book pages in a book
· Fixed Paths containing a hyphen aren't compatible with page theme_hook_suggestions
· Fixed Drupal cannot be installed in a non-predefined language
· Further clean-ups to group topics.
· Fixed _system_date_format_types_build improper use of in_array()
· EVEN better docs for format_date() and friends.
· Remove Dave Reid as update.module maintainer. :(
· Fixed borked Bartik comment layout.
· Fix regex in Updater classes.
· Remove phantom empty column on date settings.
· Fixed authorize.php connection settings form broken (doesn't degrade, pointless fieldset)
· Fixed Move background color from body to #page-wrapper in Bartik
· Fixed search_excerpt() doesn't highlight words that are matched via search_simplify()
· update.php displays misleading messages for modules that return no messages.
· Update results generate a spurious </ul>.
· Fixed Multiple notices from tracker after deleting a node.
· Fixed SelectQuery::countQuery() fails with a group by expression.
· Fixed Always use DRUPAL_ROOT instead of getcwd().
· Document how to add support for non-standard SQL types to hook_schema().
· Fixed Rehashed passwords after Drupal 6 upgrade fail.
· Fixed D6 to D7 upgrade on PostgreSQL stopped cold at update.php.
· Fixed db_change_field() fails to convert int to varchar on PostgreSQL.
· Modify robots.txt to give search engine crawlers permission to index content in /sites/*, such as images uploaded to the site
· Theme settings forms were not inherited by sub-themes
· Backport hiding of hidden modules on the modules page, so if projects include hidden modules for testing, those will not confuse users
· Fix minor code documentation typo in menu.inc
· Make syslog identity configurable on the user interface (instead of hardwired to 'drupal')
· Fall back on an empty array if hook_schema is not defined for a module
· Clean up documentation for menu_set_active_trail
· Path argument was not documented on the arg() function
· Minor fix to drupal_add_css() documentation to have correct path example
· Document search_form() return value properly
· Document that drupal_get_path(), drupal_load() and drupal_get_filename() can be used with 'profile' as well
· Copy semaphore site creation to update_fix_d6_requirements() to solve issues upgrading from any version of Drupal 5
· Fix formatting in Schema API documentation lists
· Backport support for newly popular tel: protocol in filter_xss_bad_protocols()
· Document the return value of arg() better
· Document return value of valid_email_address() better
· Fix argument name in code documentation for db_add_field()
· Improve documentation on theme_image()
· Fix notice in cache.inc when $user->cache is not defined
· user_load() can take a uid not just an array; document that properly
· Includes: Aggregator, Bartik, Block, Book, Color, Comment, Content translation, Contextual links, Dashboard, Database logging, Field, Field SQL storage, Field UI, File, Filter, Forum, Help, Image, List, Locale, Menu, Node, Number, Options, Overlay, Path, Profile, RDF, Search, Seven, Shortcut, System, Taxonomy, Text, Toolbar, Tracker, Update manager, User.
· Upgrade to jQuery 1.4.4 and jQuery UI 1.8.6.
· Numerous upgrade path fixes.
· Numerous accessibility fixes.
· All critical bugs fixed.
· Better error trapping during installation and upgrade for various incompatible systems, based on error reports from folks newly trying out Drupal 7 on various environments. We think we've caught all the ones we have so far, but please keep the reports coming.
· Better support for exportables in the form of a new Form API type "machine_name" and format IDs stored as strings rather than integers.
· Links can now participate in the D7 AJAX framework, which was previously limited to forms.
· Raised minimum version of PHP to PHP 5.2.4, to facilitate stream wrapper security.
· Numerous tweaks to basic navigation in the default profile, to prevent information overload.
· Fixed a regression in Schema API that prevented modules such as Date from adding to the column types supported by core.
· Profile module no longer shows up on the module listing on new sites, in favour of fieldable user entities.
· Fixing of numerous Bartik and Seven theme style & RTL bugs. There are still lots more, so please help get Drupal 7's new look and feel as polished as possible.
· We think that we have resolved all critical data loss and security bugs in Drupal 7.
· We think that our APIs are now frozen enough so that contributed module and theme authors can start (or pick up again) their #D7CX pledges.
· We think that we have caught and fixed most of the problems with the upgrade path. We were able to successfully upgrade a copy of the Drupal.org database to Drupal 7.
· HUGE number of upgrade path fixes, including automated tests for updates. We are *very* close to a totally working upgrade path! Please test!
· Great usability improvements, including the installer not greeing you with a red error of death anymore on shared hosts!
· Field UI improvements to allow it to be further extended from contrib.
· Numerous Form API fixes and improvements.
· Numerous accessibility fixes.
· A variety of PostgreSQL and SQLite fixes, almost at 100% automated tests passing on both!
· Lots of polish on coding standards compliance and API documentation.
· Markup improvements, and a new default jQuery UI theme.
· Numerous security fixes, including 'forward-ports' of Drupal core SAs, and fixes to private files.
· Performance improvements.
· There have been several API changes since alpha6 to fix critical issues.
· This release fixes security vulnerabilities.
· Avoid a PHP notice when a batch is used without JavaScript.
· Locale module import code state machine inconsistency ends up in ignored plural string variants.
· Fix documentation for node_access_acquire_grants() and friends.
· OpenID logins show Access denied after login due to redirection issues.
· Improve documentation of drupal_execute().
· Drupal has a new core theme: Bartik!
· Numerous fixes to the upgrade path, including basic tests. Getting very close! :)
· Numerous important security fixes.
· Numerous accessibility improvements.
· Setting up Private files is now optional, rather than required.
· Registry made more fool-proof and robust.
· Redesign of Field UI "Manage Display" screen, to reflect multiple view modes. Field UI screens are now also extensible from contrib.
· Re-implementation of Overlay without jQuery UI, to address numerous critical issues.
· User creation setting now defaults to "Visitors, with admin approval" for security.
· Installation will no longer fail when settings.php is not present. Nice usability improvement.
· Required modules are once again shown on the modules page.
· Many improvements to input formats and filters.
· Table prefixes are now per-database connection, rather than global.
· Fixed PHP 4 incompatibility problem in update module.
· User password request should check name access rules against names, email access rules against emails.
· Prevent the padding in drupalhtml_to_text() from falling below zero.
· Avoid reporting two error messages when feed parse errors occur in aggregator.
· Make form_build_id generation consistent.
· Numerous upgrade path fixes.
· Numerous security path fixes.
· Numerous API documentation additions -- all core hooks are documented now!
· Lots and lots of critical bug fixes.
· Color module now usable by themes other than Garland.
· Usability improvements including re-weightable roles and saner Forum module defaults.
· A variety of optimizations made to data import-related functions to make migrations faster.
· Lots of previously missing documentation for hooks has now been documented. Hooray!
· Increased test coverage, particularly core Tokens.
· Lots of smaller bug fixes, security patches, and improvements.
· Drupal 7 now ships with jQuery 1.4.2 and jQuery UI 1.8.
· API change: AJAX commands are now defined as array('#type' => 'ajax', '#commands' => $output) rather than array('#type' => 'ajax_commands', '#ajax_commands' => $output).
· API change: There is a new form element #type 'text_format', should be used for textareas with format selectors (e.g. body fields).
· page--front.tpl.php works again.
· Bug where IE quits displaying any CSS after 31+ stylesheets now fixed.
· The "Add" link now shows up for blocks. :P
· Now, running drupal_execute() multiple times on forms will validate each time, instead of only the first one.
· UI for translatable fields removed, in favour of contributed module.
· MAINTAINERS.txt now actually approximates the truth.
· Numerous upgrade path fixes.
· Numerous documentation fixes and documentation holes filled.
· Numerous markup fixes and improvements.
· Various performance improvements, especially around data import.
· Numerous security fixes, including both forward-ports of 6.x holes and plugging a D7-only one where Drupal 7 was storing plain-text copies of passwords in user.data under certain conditions.
Changes to 6.15:
· Some set_time_limit() numbers were inadvertently removed in the previous patch.
· Better documentation and add code example for module_load_include()
· Improve general documentation about hooks
· Code documentation for block_box_get() and block_box_save()
· Fix code example in drupal_execute() phpdoc; password fields should have two string values
· Minor fix for documentation of return value in drupal_match_path()
· Do not allow PHP scripts to be cached unless they explicitly send cache headers themselves.
Changes to 5.21:
· This release fixes security vulnerabilities.
Changes to 6.14:
· Only check the db prefix for simpletest if it was a string (not running a multisite)
· DISTINCT handling in db_distinct_field()'s MySQL implementations was resulting in bogus queries
· drupal_urlencode() and Drupal.encodeURIComponent was used to encode query strings and other components it should not have been used for
· Drupal lacked support for positive integer values in database queries, beyond PHP_INT_MAX; caused issues with twitter integration and big numbers in general
· Document type argument on action_save()
· Incorrectly documented parameter name on flood_is_allowed()
· Missing phpdoc @code tags on PHP code examples in form.inc and actions.inc
· Better documentation on how the cid and wildcard arguments interact on cache_clear_all()
· theme_admin_block_content() had wrong argument name documented
· node.tpl.php mistakenly mentions theme_user(); should reference theme_username() instead
· Only add Content-Length if we actually have any content or if it is a POST or PUT request.
· Fix named entity handling in filter_xss(), so it does not clash with other entities and result in wrong encoding
· MODULE_preprocess_maintenance_page() functions were never called, even if the database is online
· drupal_clear_css_cache() should not be called on all invocations to the themes admin page; should be called only on submit - consistent with the modules admin page
· Garland mistakenly used phptemplate_comment_wrapper() to override comment-wrapper.tpl.php; should use a preprocess function instead to complement the core comment-wrapper.tpl.php
Changes to 5.20:
· Per-table cache_flush variables to avoid not flushing all but the first table when multiple tables are cleared.
· taxonomy_term_path() and its phpdoc block was separated by one blank line, thus disconnecting it for the API docs parser.
· Deny D6-style access elements.
· Create temporary mysql tables in memory.
· Fix login destination again on 403/404 pages and make the search form work there if displayed
· As of December, 2007, Venezuela is GMT/UTC-0430, but that timezone was not in the list of our supported zones
· Fix issue with disappearing Garland tabs in Internet Explorer
· Patch: XML-RPC error handling was incomplete.
6.13 Changes:
· Fixed documentation glitch.
· JavaScript string split() function does not behave like PHP explode(); causes problems with multiple node body break tags
· _drupal_flush_css_js() should not have 'q' as a possible CSS query character, since that is the Drupal path name character too
· Names of compressed CSS and JS files should have a prefix, so that names starting in ad* will not happen. Those are easily blocked by firewalls, Firefox's Adblock, etc.
· cache_clear_all() mentioned cache_flush_delay incorrectly; it should say we use cache_lifetime
· drupal_set_title() in forum_overview() is not needed; menu already sets the title and is localized
· Password equality checking was not using strict type checking; we should assume these are strings and compared character to character
· Fixed grammar in forum module messages
· Fixed module support for disabled module update status checking and do not track usage in that case.
· The Anonymous name is a plain text setting, so it should be escaped properly for output.
· Actions set to run on cron were not actually triggered.
· We should always show the node access rebuild button. The check on when to show it was fragile, so the button might not have been there when actually needed.
· For proper HTTP query simpletesting, we should pass on the instance identifier (database prefix).
· Save a query by only calling file_space_used() when a limit is provided.
· The 'serialize' Schema API property was used but not documented.
· The session.use_cookies PHP setting is required by Drupal, but it can be turned off, so try to ensure it is turned on at all times.
· When changing columns, PostgreSQL needs explicit type casting to ensure that values are kept properly.
· In system_clear_cache_submit(), the function arguments were swapped (but it did not affect how it actually worked).
· Update status should not attempt to request update data until a limit is reached. Fixed Drupal instances when drupal.org is down and gets less load on Drupal.org if data is not found.
· Remove url() wrapping from remote links and link in a more user friendly OpenID provider list.
· Use filter_xss_admin() on site name and site slogan, just like footer message and mission
· Fix drupal_mail() documentation, so that it encourages to set the body of the email as an array (like core does).
· The tablesort code did not account for possibly nested tables; only match immediate descendants, so elements of nested tables are not matched.
· The safe string check on translations should only be applied to the default textgroup. Strings in other textgroups such as blocks and menu items are displayed via escaping and filtering, and might contain arbitrary HTML.
5.19 Changes:
· hr should be treated as a block level tag. Backport by alexanderpas.
· The session.use_cookies PHP setting is required by Drupal, but it can be turned off, so try to ensure it is turned on at all times.
· fixed bug in drupal_lookup_path('wipe').
· fixed wildcard loader names with numbers.
· fixed wildcard loader problem
· correction for user-profile.tpl.php documentation.
· fixed exceptions in XML-RPC library. Backported from CVS HEAD.
· All translations were removed from translation set when deleting a node and only two nodes are left.
· Avoid a 403 on autocomplete fields, when people do not have access to the path used for autocompletion; by disabling the autocomplete altogether in this case.
· Fix incorrect path to remove orphaned actions.
· hook_exit() was not invoked for some cached requests.
· exanded PHP doc of path_to_theme().
· fixed translation issue.
· drupal_init_language() should be called before drupal_maintenance_theme() in _db_error_page() to ensure that the language object exists on DB error pages.
· locale_block() generated incorrect paths for frontpage links
· file_transfer() should only call ob_end_clean() if there was an actual output buffer opened
· little usability tweak to link the site offline admin message to the maintenance settings page
· let user_authenticate() be called without cookies previously set; allows web service modules to start a session with the authentication
· fixed problem with PostgreSQL users not being able to delete blocks.
· untranslatable string in the installer
· Primary/secondary links did not get the 'active-trail' class properly on the list items
· missing /td tag.
· SA-2008-047 - Drupal core - Multiple vulnerabilities
· #117748 by webchick, Pancho, Rob Loach, pwolanin: required field values were not properly trim()ed on validation
· #207991 by Rok Zlender: xmlrpc_date did not parse dates well. Backport by clemens.tolboom.
· Patch #254725 by Steve Dondley and BioALIEN: maxlength field for 'allowed HTML tags' is too short. Backport by scor.
· Patch #285467 by mustafau: fixed typo a MT blog API function.
· #272636 by evolvingweb, dvessel: add 'js' class to html tag in drupal.js instead of overwriting all its classes with 'js'. Backport by sun.
· #292538 by Damien Tournoud and hanoii. Fix $sidebar_indicator behavior.
· SA-2008-047 - Drupal core - Multiple vulnerabilities
· #225880 follow up by webchick: improve error message when writable settings.php is not present
· Patch #275801 by Damien Tournoud and Gribnif: fixed performance issue due to typo.
· Patch #281943 by webchick, Arancaytar, dropcube et al: order install profiles alphabetically.
· Patch #285467 by mustafau: fixed typo a MT blog API function.
· Patch #238600 by scor: removed two unused links from context-sentive help.
· Patch #268491 by mustafu, pwolanin, et al: fixed notice after deleting aggregator feed.
· Patch #293434 by eMPee584 and Damien: fixed broken watchdog call.
· Patch #254725 by Steve Dondley and BioALIEN: maxlength field for 'allowed HTML tags' is too short
· Patch #290918 by pwolanin: don't unset project info during processing.
· Patch #165642 by Damien Tournoud: error in SQL syntax in user.module.
· Patch #246522 by mustafu, Dries: fixed typo in documentation.
· Patch #283806 by mustafau, Aron Noval: improved error handling in drupal_http_request().
· Patch #290869 by Wim Leers: AHAH functionality was not working for radio buttons.
· Patch #293421 by Bart Jansens: fixed documentation of sess_count().
· Patch #290869 by swenterl, cwgordon07: fixed notice in #ahah handling.
· Patch #293343 by Bart Jansens: removed obsolete table name from documentation. Candidate for Most Trivial Patch of the Month Award.
· Patch #293504 by Damien Tournoud: fixed search on PostgreSQL - argument of AND must be type boolean, not type integer.
· Patch #283806 by mustafau: fixed bug in drupal_http_request()
Find us on Google+
