Skip to content

Commit

Permalink
Update to Drupal 7.102. For more information, see https://www.drupal.…
Browse files Browse the repository at this point in the history
  • Loading branch information
Pantheon Automation committed Nov 20, 2024
1 parent f220992 commit 34b0406
Show file tree
Hide file tree
Showing 10 changed files with 73 additions and 4 deletions.
6 changes: 6 additions & 0 deletions CHANGELOG.txt
Original file line number Diff line number Diff line change
@@ -1,3 +1,9 @@
Drupal 7.102, 2024-11-20
------------------------
- Fixed security issues:
- SA-CORE-2024-005
- SA-CORE-2024-008

Drupal 7.101, 2024-06-05
-----------------------
- Various security improvements
Expand Down
5 changes: 4 additions & 1 deletion includes/bootstrap.inc
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
/**
* The current system version.
*/
define('VERSION', '7.101');
define('VERSION', '7.102');

/**
* Core API compatibility.
Expand Down Expand Up @@ -457,6 +457,9 @@ abstract class DrupalCacheArray implements ArrayAccess {
if ($this->bin == 'cache_form' && !variable_get('drupal_cache_array_persist_cache_form', FALSE)) {
return;
}
if (!is_array($this->keysToPersist)) {
throw new UnexpectedValueException();
}
$data = array();
foreach ($this->keysToPersist as $offset => $persist) {
if ($persist) {
Expand Down
16 changes: 16 additions & 0 deletions includes/database/mysql/query.inc
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,14 @@ class InsertQuery_mysql extends InsertQuery {

$max_placeholder = 0;
$values = array();
if (!is_array($this->insertValues)) {
if (version_compare(PHP_VERSION, '7.4', '>=')) {
throw new UnexpectedValueException();
}
else {
drupal_trigger_fatal_error('Unexpected Value');
}
}
if (count($this->insertValues)) {
foreach ($this->insertValues as $insert_values) {
$placeholders = array();
Expand Down Expand Up @@ -96,6 +104,14 @@ class TruncateQuery_mysql extends TruncateQuery { }
class UpdateQuery_mysql extends UpdateQuery {
public function __toString() {
if (method_exists($this->connection, 'escapeField')) {
if (!is_array($this->fields)) {
if (version_compare(PHP_VERSION, '7.4', '>=')) {
throw new UnexpectedValueException();
}
else {
drupal_trigger_fatal_error('Unexpected Value');
}
}
$escapedFields = array();
foreach ($this->fields as $field => $data) {
$field = $this->connection->escapeField($field);
Expand Down
10 changes: 9 additions & 1 deletion includes/database/pgsql/query.inc
Original file line number Diff line number Diff line change
Expand Up @@ -120,7 +120,15 @@ class InsertQuery_pgsql extends InsertQuery {

$max_placeholder = 0;
$values = array();
if (count($this->insertValues)) {
if (!is_array($this->insertValues)) {
if (version_compare(PHP_VERSION, '7.4', '>=')) {
throw new UnexpectedValueException();
}
else {
drupal_trigger_fatal_error('Unexpected Value');
}
}
if (count($this->insertValues)) {
foreach ($this->insertValues as $insert_values) {
$placeholders = array();

Expand Down
9 changes: 9 additions & 0 deletions includes/database/prefetch.inc
Original file line number Diff line number Diff line change
Expand Up @@ -293,6 +293,15 @@ class DatabaseStatementPrefetch implements Iterator, DatabaseStatementInterface
$class_name = $this->fetchOptions['class'];
}
if (count($this->fetchOptions['constructor_args'])) {
// Verify the current db connection to avoid this code being called
// in an inappropriate context.
$db_connection_options = Database::getConnection()->getConnectionOptions();
$defaults = array('sqlite', 'oracle');
$extras = variable_get('database_statement_prefetch_valid_db_drivers', array());
$valid_db_drivers = array_merge($defaults, $extras);
if (!in_array($db_connection_options['driver'], $valid_db_drivers)) {
throw new BadMethodCallException();
}
$reflector = new ReflectionClass($class_name);
$result = $reflector->newInstanceArgs($this->fetchOptions['constructor_args']);
}
Expand Down
9 changes: 9 additions & 0 deletions includes/database/query.inc
Original file line number Diff line number Diff line change
Expand Up @@ -1190,6 +1190,15 @@ class UpdateQuery extends Query implements QueryConditionInterface {
* The prepared statement.
*/
public function __toString() {
if (!is_array($this->expressionFields) || !is_array($this->fields)) {
if (version_compare(PHP_VERSION, '7.4', '>=')) {
throw new UnexpectedValueException();
}
else {
drupal_trigger_fatal_error('Unexpected Value');
}
}

// Create a sanitized comment string to prepend to the query.
$comments = $this->connection->makeComment($this->comments);

Expand Down
3 changes: 3 additions & 0 deletions includes/database/sqlite/database.inc
Original file line number Diff line number Diff line change
Expand Up @@ -134,6 +134,9 @@ class DatabaseConnection_sqlite extends DatabaseConnection {
*/
public function __destruct() {
if ($this->tableDropped && !empty($this->attachedDatabases)) {
if (!is_array($this->attachedDatabases)) {
throw new UnexpectedValueException();
}
foreach ($this->attachedDatabases as $prefix) {
// Check if the database is now empty, ignore the internal SQLite tables.
try {
Expand Down
4 changes: 2 additions & 2 deletions modules/overlay/overlay-parent.js
Original file line number Diff line number Diff line change
Expand Up @@ -229,7 +229,7 @@ Drupal.overlay.destroy = function () {
*/
Drupal.overlay.redirect = function (url) {
// Create a native Link object, so we can use its object methods.
var link = $(url.link(url)).get(0);
var link = $("<a>").attr("href", url).get(0);

// If the link is already open, force the hashchange event to simulate reload.
if (window.location.href == link.href) {
Expand Down Expand Up @@ -865,7 +865,7 @@ Drupal.overlay.resetActiveClass = function(activePath) {
Drupal.overlay.getPath = function (link, ignorePathFromQueryString) {
if (typeof link == 'string') {
// Create a native Link object, so we can use its object methods.
link = $(link.link(link)).get(0);
link = $("<a>").attr("href", link).get(0);
}

var path = link.pathname;
Expand Down
7 changes: 7 additions & 0 deletions modules/system/system.install
Original file line number Diff line number Diff line change
Expand Up @@ -3432,6 +3432,13 @@ function system_update_7087() {
}
}

/**
* Clear caches as registry has been altered.
*/
function system_update_7088() {
// Empty update to clear caches.
}

/**
* @} End of "defgroup updates-7.x-extra".
* The next series of updates should start at 8000.
Expand Down
8 changes: 8 additions & 0 deletions modules/system/system.module
Original file line number Diff line number Diff line change
Expand Up @@ -4139,3 +4139,11 @@ function system_file_download($uri) {
}
}
}

/**
* Implements hook_registry_files_alter
*/
function system_registry_files_alter(&$files, $modules) {
// Database drivers that use DatabaseStatementPrefetch must include this file.
unset($files['includes/database/prefetch.inc']);
}

0 comments on commit 34b0406

Please sign in to comment.