Drupal Release: 3.0.1

TL;DR

Drupal 3.0.1 is a significant maintenance release that builds upon the 3.0.0 foundation with numerous bug fixes, feature enhancements, and architectural improvements. This update introduces an XML-RPC server, a new user module with improved authentication, search functionality enhancements, and a new tracker module. It also includes important database architecture changes for better cross-database compatibility, theme improvements, and various UI refinements. This release focuses on stabilizing the platform while adding targeted functionality improvements that enhance both the user and administrator experience.

Highlight of the Release

• Added XML-RPC server allowing modules to export remote procedure calls
• Introduced new user module with improved authentication and session handling
• Added context-sensitive search functionality with translatable categories
• New tracker module for monitoring content changes ('your drupal' feature)
• PEAR-ification of Drupal enabling support for multiple database systems (MySQL, PostgreSQL, MSSQL)
• Configurable front page system allowing customization of what content appears on the home page
• Path-based block visibility using regular expressions
• Improved comment system with better anonymous user support

Migration Guide

Upgrading to Drupal 3.0.1

Database Updates

Apply the database changes from the updates/3.00-to-x.xx.sql file (or the appropriate file for your database system). Key changes include:

1. Table structure changes for blocks (added path column)
2. Renamed "id" fields to "xid" where "x" is the first letter of the table name
3. Renamed "userid" fields to "uid" for consistency
4. Removed node link ID (lid)
5. Renamed "author" fields to "uid" for consistency
6. Added sequence tables for cross-database compatibility

Code Updates

1. Replace all header("Location: foo") calls with drupal_goto() for better session handling

2. Update the form() function usage - the first parameter (action) is now optional:

   • Old: $form = form($REQUEST_URI, $form_content);
   • New: $form = form($form_content);

3. Update any custom themes to use the new theme inheritance system

4. Update any custom modules that implement node or comment functionality to use the updated APIs

Configuration

1. Review the new configuration options for front page settings:

   • site_frontpage - Sets which module handles the front page
   • site_frontpage_extra - Passes additional parameters to the front page handler

2. Configure block visibility using the new path-based regular expressions

XML-RPC Integration

If you want to expose functionality via XML-RPC, implement the new 'xmlrpc' hook in your modules:

function mymodule_xmlrpc() {
  return array("drupal.myfunction" => array("function" => "mymodule_myfunction"));
}

Upgrade Recommendations

Who should upgrade

All Drupal 3.0.0 users should upgrade to 3.0.1 as soon as possible. This release contains numerous bug fixes, security improvements, and feature enhancements that significantly improve the stability and functionality of your Drupal site.

Upgrade priority: High

This is considered a high-priority upgrade due to:

• Important bug fixes for the user authentication system
• Security improvements in session handling
• Critical fixes for node and comment management
• Database compatibility improvements

Upgrade complexity: Moderate

The upgrade process requires database schema changes and some code modifications for custom modules. Site administrators should:

1. Back up their database and files before upgrading
2. Apply the database changes from the appropriate update file
3. Update any custom modules that use the modified APIs
4. Test thoroughly after upgrading, especially user authentication, node management, and comment functionality

Preparation steps

1. Review the migration guide thoroughly
2. Schedule maintenance downtime for the upgrade
3. Test the upgrade on a staging environment first if possible

Bug Fixes

User System Fixes

• Fixed the access_get_role() problem
• Fixed language bug in user.module
• Fixed issue where user.module would show another login box instead of user settings after login
• Fixed bug where anonymous users couldn't post comments

Node Management Fixes

• Fixed book.module not generating next/prev links properly
• Fixed potential bug in node.php where nodes with same titles were causing confusion
• Fixed bug in node_del() and comment_del()
• Re-added default node options to the admin page
• Fixed SQL bug in the "next / prev" code of book.module
• Fixed bugs introduced by moving index.php to node_page() in node.module
• Fixed problem with node retrieval if several nodes had the same title but only one was posted

Theme Fixes

• Fixed bugs in theme UnConeD
• Fixed HTML/XHTML typos in various templates
• Fixed bug in forum.module when locales were enabled

Comment System Fixes

• Fixed issue where anonymous users couldn't change comment settings
• Fixed bug where comment author's name was displayed as 'anonymous' when replying
• Fixed comments using the timestamp of the comment instead of the user's timestamp

Translation and Localization Fixes

• Fixed translation bugs reported by Alexander Schwartz
• Made search categories translatable
• Made selection boxes translatable
• Fixed language settings not being saved

Database and SQL Fixes

• Fixed SQL queries to use ANSI SQL instead of MySQL-specific syntax
• Fixed SQL error in node.php (user → users)
• Added missing database table keys for node types
• Fixed typo: "call to undefined function: db_num_row()"

New Features

XML-RPC Server

Added an XML-RPC server allowing modules to export remote procedure calls through the new 'xmlrpc' hook. This enables remote interaction with Drupal sites.

New User Module

Completely revamped user system with improved authentication, session handling, and user management capabilities. Includes a new 'Log in' block for easier authentication.

Enhanced Search Functionality

Improved search architecture with context-sensitive results and translatable categories, making content discovery more effective.

Tracker Module

Added a new tracker module that shows recent comments and content changes, fulfilling the frequently requested "your drupal" feature.

Configurable Front Page

Made the front page of the system configurable. Any <node>_page() function can now be set as the default page, with additional filtering options through configuration variables.

Path-based Block Visibility

Added a path field to blocks using regular expressions to define which pages blocks should appear on, providing more granular control over block display.

Weblogs.com Notification

Added a small module to notify or ping weblogs.com when content is updated.

Configuration Override System

Added ability to override site settings in the config file using a $conf variable, enabling hosting of multiple domains from the same Drupal installation with different settings.

Security Updates

Password Security

• Added password hashing capability to the user module (though it was temporarily disabled)
• Improved session handling with session_set_save_handler() in user.module
• Added ini_set() to conf.php to solve history/cache browsing issues on some installations

Input Validation

• Modified the variable code so configuration values cannot be changed by users in GET or POST strings
• Improved server variable handling by using $HTTP_SERVER_VARS instead of $GLOBAL[REMOTE_ADDR] to be less reliant on PHP configuration

Performance Improvements

Database Optimization

• Added sequence tables for better database performance
• Improved node sorting algorithms for more efficient content retrieval
• Added table keys for node types to improve query performance

Theme System Improvements

• Pass theme objects by reference to avoid creating copies, improving memory usage
• Simplified theme inheritance, allowing custom themes to inherit most functionality from the BaseTheme
• Modified theme_block() to ignore blocks with no content, reducing unnecessary processing

Query Optimization

• Re-introduced temporary SQL tables in _node_get() for better query performance
• Small improvements to db_query() to make debugging queries easier and more efficient
• Optimized database schema with more consistent naming conventions and relationships

Impact Summary

Drupal 3.0.1 represents a significant step forward in Drupal's evolution, focusing on stability, cross-database compatibility, and targeted feature enhancements. The introduction of the XML-RPC server opens new possibilities for remote interaction with Drupal sites, while the new user module improves authentication and session handling. The PEAR-ification of Drupal is particularly noteworthy as it enables support for multiple database systems beyond MySQL, making Drupal more accessible to organizations with different database preferences.

For administrators, the configurable front page system and path-based block visibility provide greater control over site appearance and content organization. Developers benefit from API improvements like the simplified form() function and the new drupal_goto() function for better session handling. Content creators will appreciate the enhanced search functionality and the new tracker module for monitoring content changes.

The release also addresses numerous bugs across various components, particularly in the user system, node management, and comment functionality. These fixes, combined with the performance optimizations and security improvements, make Drupal 3.0.1 a more robust and reliable platform.

Overall, this release balances fixing existing issues with introducing carefully selected new features that enhance the user experience without disrupting the core functionality. The focus on cross-database compatibility and API improvements also sets the foundation for Drupal's continued growth and adoption across different environments.