HomeContent Toolkit Logo

Content Toolkit

Home

>

Tools

>

Drupal

>

Releases

>

4.7.0-beta-4

Drupal Release: 4.7.0-beta-4

Pre Release

Tag Name: 4.7.0-beta-4

Release Date: 1/26/2006

View Release
Drupal LogoDrupal

Highly flexible, open-source content management system known for complex, scalable web applications. Preferred by government, educational, and large enterprise websites requiring advanced customization and security features. Robust module ecosystem.

Open SourceDeveloper-FriendlyEnterprise

TL;DR

Drupal 4.7.0-beta-4: Critical Bugfixes and Performance Improvements

This beta release focuses on critical bugfixes, performance optimizations, and code improvements. Key highlights include fixes for comment editing, private downloads, and user authentication. The release also improves HTML/CSS output, enhances form handling, and addresses database character set issues to ensure UTF-8 compatibility. Several security-related improvements have been implemented, including better form token handling and session management.

Highlight of the Release

    • Critical bugfix for comment editing functionality
    • Fixed private downloads functionality
    • Improved performance in taxonomy_get_tree()
    • Enhanced form handling with themable form elements
    • UTF-8 character set enforcement on databases
    • Improved security with session-based form submission validation
    • Better accessibility in pager navigation
    • Fixed critical bug in block administration

Migration Guide

Database Updates

  • This release enforces UTF-8 character set on databases. An upgrade path is included for incorrectly set up databases. If you experience character encoding issues after upgrading, you may need to manually check your database configuration.

Form API Changes

  • The Forms API has undergone significant changes. Form elements that don't specify a #weight will now maintain their original array order. If you've explicitly set form elements to #weight 0, you may need to review your code as this could cause unexpected ordering.
  • Form validation now uses session IDs instead of IP addresses. If you have custom form validation code, ensure it's compatible with this change.

Theme Changes

  • Form elements are now themable. If you have custom themes, you may want to review and update your theme implementations to take advantage of this.
  • Several CSS improvements have been made throughout the system. Custom themes may need adjustments to maintain visual consistency.

Module Updates

  • The comment moderation tables have been removed. If you were using these tables directly, you'll need to update your code.
  • Several API consistency improvements have been made, particularly ensuring arrays are always passed. Review any custom code that interfaces with core APIs.

Upgrade Recommendations

Who should upgrade

  • All users running Drupal 4.7.0-beta-3 should upgrade to this beta-4 release, especially if you've encountered any of the critical bugs fixed in this release.
  • Sites experiencing issues with comment editing, private downloads, or user authentication should prioritize this upgrade.

Upgrade Priority

  • Medium-High: While this is still a beta release, it contains numerous critical bugfixes that significantly improve stability and security.

Upgrade Notes

  • Back up your database before upgrading.
  • Test the upgrade on a staging environment first if possible.
  • Pay special attention to the UTF-8 database character set enforcement, as this may affect sites with existing character encoding issues.
  • Review any custom code that interacts with forms, as the Forms API has received significant improvements.
  • If you've customized themes, review CSS changes as several improvements have been made to HTML/CSS output.

Bug Fixes

  • Critical Fixes:

    • Fixed comment editing functionality (patch #43325)
    • Restored private downloads functionality (patch #44011)
    • Fixed problem with categories not being properly set when editing content (patch #45281)
    • Removed debug code from profile module (patch #43989)
    • Fixed issue where deleting non-existent users could block the entire site (patch #42137)

  • Form Handling:

    • Fixed problem with form validation (patch #46227)
    • Fixed infinite loop problem with 404 and 403 handlers (patch #46366)
    • Fixed critical bug in block administration (patch #36029)
    • Fixed issue with comment validation failing on PHP5 (patch #45723)

  • Content Management:

    • Fixed vocabulary_node_types functionality (patch #37373)
    • Fixed upgrade path for input formats (patch #42088)
    • Fixed problem with alias table corruption (patch #22035)
    • Fixed inconsistent behavior of user-specified paths (patch #9477)

  • User Management:

    • Fixed bug that stored plain text passwords (patch #45793)
    • Fixed maintenance mode functionality (patch #46183)
    • Properly load anonymous user if authentication failed (patch #46137)
    • Load anonymous user on logout (patch #46262)

  • Multilingual Support:

    • Fixed issue preventing enabling more than one language (patch #44136)

  • Other Fixes:

    • Fixed Safari alert when no autocomplete matches are returned
    • Fixed Unicode autocomplete in IE
    • Fixed "Who's new" block inaccuracy (patch #44754)
    • Fixed problem with closed tags being filtered out (patch #45742)
    • Fixed issue with menu_rebuild() (patch #45854)

New Features

and Enhancements

  • Themable Form Elements: Form elements are now themable, providing greater flexibility for customizing the appearance of forms.
  • Form Array Access: Critical feature #40670 makes the form array accessible, enabling more advanced form manipulations.
  • Required Field Marking: Required fields are now clearly marked with a visual indicator (red star) and include an explanation.
  • Session-based Form Validation: Form submissions are now validated using session IDs rather than IP addresses, improving security and reliability.
  • Improved Contact Module: Various enhancements to the contact form including better validation, submission handling, and documentation.
  • Enhanced User Management: Administrators can now edit blocked user accounts.
  • Better Offline Mode: Improved usability of the site maintenance/offline mode.

Security Updates

  • Authentication & Authorization:

    • Fixed bug in user.module that was storing plain text passwords (patch #45793)
    • Improved session management by using session IDs to check form submissions rather than IP addresses (patch #36591)
    • Made form tokens work correctly for better CSRF protection
    • Always grant the 'authenticated user' role to authenticated users for consistent permission handling (patch #44379)

  • Input Validation:

    • Fixed problem with form validation to prevent potential security issues (patch #46227)
    • Improved handling of special characters in database passwords (patch #21719)

  • Access Control:

    • Don't show blocked users on profile pages (patch #44490)
    • Fixed permission checking issues (patch #45729)

Performance Improvements

  • Code Optimizations:

    • Improved performance of taxonomy_get_tree() (patch #43588)
    • Replaced split() with explode() for better performance (patch #44176)
    • Added ./ prefix for conf file include for faster processing (patch #44992)
    • Various minor code speedups (patch #45107)
    • Replaced rand() with mt_rand() for better random number generation (patch #45041)

  • Database Optimizations:

    • Made node search indexing more robust against bad nodes and timeouts (patch #42277)
    • Added primary key to improve database performance (patch #45747)
    • Enforced UTF-8 character set on the database side for better performance and compatibility (patch #40515)

  • Resource Usage:

    • Removed dead code in multiple areas, reducing overhead
    • Improved form handling to reduce processing time
    • Better initialization of URL/path in statistics_exit() (patch #44828)

Impact Summary

Drupal 4.7.0-beta-4 represents a significant step toward a stable 4.7.0 release, focusing on fixing critical bugs and improving performance rather than adding new features. The release addresses several high-impact issues that affected core functionality:

  1. Critical Functionality Restored: Comment editing, private downloads, and user management functions that were broken have been fixed, restoring essential site functionality.

  2. Performance Optimizations: Several performance improvements have been implemented, particularly in taxonomy handling and form processing, which should result in better response times for most sites.

  3. Security Enhancements: The shift to session-based form validation and improved password handling strengthens the security posture of Drupal sites.

  4. Code Quality: Significant refactoring and dead code removal has improved the codebase quality, making it more maintainable and robust.

  5. Accessibility and UI: Improvements to HTML/CSS output and form handling enhance the user experience and accessibility compliance.

  6. Database Reliability: The enforcement of UTF-8 character sets helps ensure consistent data handling across different environments.

This beta release demonstrates the Drupal project's commitment to stability and quality, addressing user-reported issues while preparing for the final 4.7.0 release. The focus on fixing critical bugs rather than adding features indicates the maturation of this release cycle.

Statistics:

File Changed89
Line Additions1,724
Line Deletions15,030
Line Changes16,754
Total Commits128

User Affected:

  • Benefit from improved API consistency with array parameters
  • Can now access form arrays directly through critical feature #40670
  • Need to adapt to UTF-8 character set enforcement on databases
  • Should review changes to form validation and submission handling
  • Will notice improved code organization with better separation between UI and logic

Contributors:

dbuytaert