Drupal Release: 4.6.0

TL;DR

Drupal 4.6.0 introduces significant improvements to the core functionality, including enhanced image handling capabilities, improved search functionality, PostgreSQL support, and numerous usability enhancements. This release focuses on making Drupal more flexible, performant, and user-friendly while maintaining backward compatibility. Key additions include a new image API toolkit, better forum management, improved RSS feeds with enclosures, and more themeable components.

Highlight of the Release

• New image API toolkit for better image handling and manipulation
• Improved search functionality with clean URLs and wildcard support
• PostgreSQL database support
• Enhanced forum management with dedicated admin screens
• Better block administration with blocks organized by region
• RSS feeds with category and enclosure support
• Prevention of data loss during simultaneous node editing

Migration Guide

Upgrading to Drupal 4.6.0

1. Back up your database and files before attempting to upgrade.

2. Database Schema Changes:

   • The poll module's voters table has been renamed to polled
   • Some field types have been corrected in the profile module

3. PHP Settings:

   • Session settings have been moved to /sites/default/settings.php
   • Review your PHP settings if you've customized them previously

4. Module Updates:

   • If you've customized any core modules, review the changes carefully
   • The node module is now optional, but still required for most functionality
   • System vocabularies are now editable

5. Theme Changes:

   • More components are now themeable, including book navigation and pager
   • Review your theme if you've customized it extensively
   • Note that themes in ./themes/subdir are now picked up, not directly in ./themes

6. API Changes for Developers:

   • node_rewrite_query() has been generalized to db_rewrite_sql()
   • New image API toolkit functions are available
   • The theme system now uses lazy initialization

7. PostgreSQL Users:

   • If you're using PostgreSQL, review the specific PostgreSQL fixes included in this release

8. Clean URLs:

   • The search module now uses clean URLs (e.g., "search/node/keywords")
   • Test your clean URL configuration after upgrading

9. File Permissions:

   • Ensure your files/ directory exists and has the correct permissions

10. Cron Jobs:

    • A curl-based script for grabbing cron.php has been added
    • Make sure your cron jobs are properly configured

Upgrade Recommendations

Recommendation Level: Recommended Upgrade

Drupal 4.6.0 is a significant feature release that brings many improvements to core functionality, performance, and usability. While there are no critical security fixes mentioned, the numerous bug fixes and enhancements make this a worthwhile upgrade for most sites.

Who should upgrade immediately:

• Sites that need better image handling capabilities
• Sites using or planning to use PostgreSQL
• Sites with active forums that would benefit from the improved forum management
• Sites experiencing issues with any of the bugs fixed in this release

Upgrade considerations:

• This is a feature release with substantial changes to core functionality
• Test thoroughly in a staging environment before upgrading production sites
• Review the database schema changes, particularly if you use the poll module
• If you've customized core modules or themes, review the changes carefully
• Developers should note the API changes, particularly the generalization of node_rewrite_query() to db_rewrite_sql()

Preparation steps:

1. Back up your database and files
2. Review the full changelog for any changes that might affect your specific site configuration
3. Test the upgrade on a development or staging environment first
4. Plan for some downtime during the upgrade process
5. Update any custom modules or themes that might be affected by core changes

Overall, the benefits of this release outweigh the potential upgrade challenges for most sites, making it a recommended upgrade.

Bug Fixes

Node and Content Management

• Fixed issue where data could be lost when two users were editing a node at the same time
• Fixed problem with terms getting lost upon preview
• Fixed issue where non-admins were not obeying workflow
• Fixed bug with comment replies allowing unauthorized access to nodes
• Fixed twin comment problem in HEAD
• Fixed broken search after SQL rewrite patches
• Fixed issue where book pages slightly disobeyed the node_access system

User Interface and Theming

• Fixed Safari CSS issues with node admin
• Fixed weird IE crash on some admin pages with Pushbutton theme
• Fixed broken "delete" link for blocks
• Fixed HTML typos in help text
• Fixed broken URLs in help text
• Fixed broken colspan in tables
• Fixed issue with forum or container deletion causing multiple nested pages

Database and Performance

• Fixed PostgreSQL-specific issues
• Fixed problem with database prefixing
• Fixed issue with db_set_active()
• Fixed issue where the queue module did not record any votes
• Fixed bug in taxonomy_term_count_nodes() (one parenthesis too many)

Module-specific Fixes

• Fixed bug in aggregator module's setting page
• Fixed bugs in RSS handling of blogs
• Fixed problem with forum container getting lost when editing a forum
• Fixed issue where comment statistics weren't updated after approval in the moderation queue
• Fixed problem with posting using BloggerAPI
• Fixed issue with URL aliases that map to Userland Manila posts (now allows '$' in URLs)

New Features

Image API Toolkit

A new image API toolkit has been added to enable better image handling. The toolkit provides five main functions that modules can utilize:

• image_get_info() - Checks if a file exists and is a valid image, returning information about it
• image_scale() - Resizes an image while maintaining aspect ratio
• image_resize() - Resizes an image without maintaining aspect ratio
• image_rotate() - Rotates an image by a specified number of degrees
• image_crop() - Crops an image to a given rectangle

Enhanced Search Functionality

• Clean URLs for search (e.g., "search/node/drupal release")
• Search keywords are remembered when switching between search tabs
• Reports which keywords were ignored because they were too short
• New search block
• Automatic wildcard search if no results are found

PostgreSQL Support

Added support for PostgreSQL database, making Drupal more flexible in terms of database backend options.

Forum Improvements

• Added admin screens to maintain forums instead of forcing users to add a taxonomy
• Separated forum blocks for better consistency with other blocks
• Added XML icons on forum listings for tracking updates/changes
• Better forum container explanations

RSS Enhancements

• Export categories and enclosures to RSS feeds
• Made RSS feeds extensible
• Bumped RSS version from 0.92 to 2.0
• Added prettier RSS discovery URLs for taxonomy pages

Improved Block Administration

• Blocks are now organized by region on the block administration page
• Better display of block titles when no description is given

Configurable Settings

• Moved session settings into /sites/default/settings.php for better control
• Added configuration option to show blocks only on pages of certain node type
• Made the lifetime of news items configurable

Security Updates

No specific security fixes were mentioned in the release notes. However, several improvements were made that could indirectly enhance security:

• Fixed issue with comment replies that could potentially allow unauthorized access to nodes
• Improved handling of user permissions and access controls
• Better validation of user input in various forms
• Enhanced session handling with settings moved to sites/default/settings.php

Performance Improvements

Database Optimization

• Improved performance of node access checks
• Enhanced performance of taxonomy queries, especially when many terms are matched
• Fixed issue with unnecessary DISTINCT in SQL queries

System Performance

• Lazy initialization of the theme system, improving performance of pages that don't need theming (such as RSS feeds)
• Prevented modules from inadvertently loading all other modules during bootstrap, which degraded performance for anonymous users when caching was enabled
• Stopped output buffering once the page has been rendered
• Made the menu cache locale aware for better performance

Browser Caching

• Fixed mod_expire forcing page caching on the client side
• Improved browser caching issues for better performance

Code Optimization

• Removed dependency on GD for avatar uploading
• Replaced time-consuming foreach loops with more efficient array_key_exists in theme administration
• Improved recursion in taxonomy_get_tree()
• Removed unused variables in various modules

Impact Summary

Drupal 4.6.0 represents a significant evolution in Drupal's core functionality, focusing on enhancing user experience, developer tools, and system performance. The introduction of the image API toolkit is particularly impactful, providing a standardized way to handle image manipulation that will benefit both core and contributed modules. This lays the groundwork for more sophisticated image handling in Drupal.

The improved search functionality with clean URLs, wildcard support, and better user interface makes content discovery more intuitive for end users. Site administrators will appreciate the reorganized block administration and enhanced forum management tools, which streamline common administrative tasks.

For developers, the addition of PostgreSQL support expands deployment options, while the generalization of node_rewrite_query() to db_rewrite_sql() provides more flexible query modification. The lazy initialization of the theme system and other performance improvements demonstrate a continued focus on making Drupal more efficient.

The prevention of data loss during simultaneous node editing addresses a significant pain point for content-heavy sites with multiple editors. Similarly, the improved RSS feeds with category and enclosure support enhance Drupal's capabilities as a content publishing platform.

While not explicitly mentioned as security fixes, several improvements to access control and input validation contribute to a more secure platform. The migration of configuration settings to sites/default/settings.php gives site administrators more control over their environment.

Overall, Drupal 4.6.0 delivers meaningful improvements across the board that enhance Drupal's capabilities as a content management framework while maintaining backward compatibility.