Drupal Release: 4.7.5

TL;DR

Drupal 4.7.5: Critical Bugfixes and Stability Improvements

This release addresses numerous critical bugs affecting core functionality in Drupal 4.7.4, including a fix for MySQL 5.0.13 compatibility that prevented search indexing from working. It also resolves issues with node loading in PHP5, file uploads on Windows servers, and various security-related improvements. This maintenance release focuses on stability rather than new features, making it an essential upgrade for all Drupal 4.7.x sites.

Highlight of the Release

• Fixed critical MySQL 5.0.13 compatibility issue that prevented search indexing
• Resolved node_load functionality in PHP5 environments
• Fixed file upload issues on Windows servers with magic_quotes_gpc enabled
• Improved session handling to prevent login problems
• Enhanced database query handling for better cross-database compatibility

Migration Guide

No specific migration steps are required for this update. This is a maintenance release that focuses on bug fixes and does not introduce any API changes or database schema modifications that would require special migration procedures.

To update from Drupal 4.7.4 to 4.7.5:

1. Back up your database and site files
2. Replace all core files and directories except for the sites directory
3. Run the update script by visiting update.php in your browser
4. Clear all caches

If you are using contributed modules, ensure they are compatible with Drupal 4.7.x before updating.

Upgrade Recommendations

Priority: High

This update is highly recommended for all Drupal 4.7.x sites due to the critical fixes included, particularly:

• The MySQL 5.0.13 compatibility fix that resolves search indexing issues
• PHP5 compatibility improvements for node_load functionality
• File upload fixes for Windows servers
• Session handling improvements

Sites experiencing any of the specific issues mentioned in the bug fixes section should upgrade immediately. The update contains no API changes or database schema modifications, making it a low-risk upgrade that significantly improves stability.

For sites running earlier versions than 4.7.4, it is recommended to upgrade directly to 4.7.5 rather than intermediate versions.

Bug Fixes

Critical Fixes

• Search Indexing: Fixed compatibility with MySQL 5.0.13 that prevented search indexing from working (#90128)
• PHP5 Compatibility: Fixed node_load functionality under PHP5 environments (#86842)
• File Uploads: Resolved silent failures of file uploads on Windows when magic_quotes_gpc is enabled (#91624)
• Session Handling: Fixed session handler execution issues that occurred after $user object destruction (#93945)

User & Permissions

• Fixed user edit operations that remove "update" permission (#83288)
• Resolved issues with duplicate role creation triggering SQL errors (#41293)
• Added maxlength attribute for password fields in user login block (#87622)
• Fixed profile modules functionality (#90062)
• Prevented storing all form values in user data (#79804)

Content Management

• Fixed book module not updating the database properly (#93678)
• Resolved issue where nodes weren't indexed when passing directly from Moderation to Promoted (#98686)
• Fixed break, teaser, and PHP input handling (#49926)
• Improved node teaser generation (#73910)
• Fixed node preview forms (#100775)
• Fixed node caching issues (#104618)

Comments & Forums

• Fixed clicking login from comment URL producing 404 errors with clean URLs (#89059)
• Resolved duplicate IDs for new comments (#18870)
• Fixed long links in forum/book navigation (#72467)
• Removed unnecessary function call in comment link (#104156)
• Fixed comment subject being empty when comment only contains HTML tags (#60916)

Path & URL Handling

• Fixed path alias memory cache (#97317)
• Ensured breadcrumb home link points to correct path (#78129)
• Fixed drupal_get_destination() to return URL in 'source' format (#78377)
• Resolved forbidden error when no path or alias is entered (#80927)

Form Handling

• Fixed forms in node preview (#100775)
• Resolved issue where having a #theme for an element changes the meaning of prefix (#100787)
• Fixed node_form_add_preview() destroying existing prefix values (#104729)
• Added proper error styling for select boxes (#103184)

Database & Query Handling

• Improved database portability with databases like Oracle (#90128)
• Fixed node_db_rewrite_sql breaking modules when node_access and PostgreSQL are used (#76819)
• Removed unnecessary 'GROUP BY' clause in thread-building code (#102151)
• Fixed unexpected results from db_rewrite_sql() when using OR (#106370)
• Avoided using temporary tables in db_query_range() (#105461)

Menu & Navigation

• Fixed menu on-the-fly resets of custom menu settings (#48178)
• Prevented empty menu item titles (#46935)
• Fixed block visibility by path to check both aliased and non-aliased paths (#68187)

File System & Media

• Avoided scanning hidden files and directories (#91592)
• Fixed image_scale() to not scale to identical sizes (#101970)
• Fixed image toolkit settings that were missing (#99160)
• Improved file information updating as files are saved (#97870)
• Added OpenDocument formats to defaults (#101714)

Other Fixes

• Fixed aggregator categorization errors (#100859)
• Prevented showing empty aggregator blocks (#68156)
• Fixed private files showing open/save prompt for PDFs while public files open inline (#61528)
• Improved .htaccess security by hiding CVS files (#105851)
• Fixed tracker not tracking updated nodes (#44276)
• Fixed poll editing clearing all old votes (#67895)
• Resolved CSS issues in Archive Calendar (#46677)

New Features

No significant new features were added in this maintenance release. Drupal 4.7.5 focuses on bug fixes and stability improvements to the existing functionality.

Security Updates

Security Improvements

• File System Security: Enhanced .htaccess security by improving protection for CVS files (#105851, #86737)
• Form Token Handling: Fixed 'op' and 'form_token' being saved as variables in system_settings_form_submit, improving form security (#99601)
• Session Management: Improved session handling to prevent potential issues (#93945, #87372)
• Input Validation: Fixed drupal_eval() results depending on whitespace, reducing potential security risks (#63267)
• Permission Handling: Fixed issues with user permissions and role management that could lead to security problems (#83288)

Performance Improvements

• Database Optimization: Removed unnecessary 'GROUP BY' clause in thread-building code, improving query performance (#102151)
• Path Alias Caching: Fixed broken path alias memory cache, which should improve performance for sites using path aliases (#97317)
• File System Scanning: Avoided scanning hidden files and directories, reducing unnecessary file operations (#91592)
• Node Caching: Fixed node caching issues, improving performance for sites with heavy node traffic (#104618)
• Query Optimization: Improved database query handling for better performance across different database systems, particularly with MySQL 5.0.13+ and Oracle

Impact Summary

Drupal 4.7.5 is a maintenance release that addresses numerous critical bugs and stability issues in the 4.7.x branch. The most significant impact is the fix for MySQL 5.0.13 compatibility that was preventing search indexing from working properly. This release also resolves important issues with PHP5 compatibility, file uploads on Windows servers, and session handling.

The update improves cross-database compatibility, making Drupal work better with systems like Oracle while fixing PostgreSQL-specific issues. Form handling, node caching, and path alias management have all been enhanced, providing a more stable platform for content management.

Security has been improved through better session management, form token handling, and file system protection. Performance enhancements include optimized database queries and improved caching mechanisms.

This release contains no API changes or database schema modifications, making it a straightforward and low-risk upgrade that significantly improves the stability and reliability of Drupal 4.7.x sites.