HomeContent Toolkit Logo

Content Toolkit

Home

>

Tools

>

Drupal

>

Releases

>

6.17

Drupal Release: 6.17

Tag Name: 6.17

Release Date: 6/2/2010

View Release
Drupal LogoDrupal

Highly flexible, open-source content management system known for complex, scalable web applications. Preferred by government, educational, and large enterprise websites requiring advanced customization and security features. Robust module ecosystem.

Open SourceDeveloper-FriendlyEnterprise

TL;DR

Drupal 6.17: Maintenance and Compatibility Update

This release focuses on PHP 4/5 compatibility improvements, documentation enhancements, and numerous bug fixes across core modules. Key improvements include better PHP 5.3 compatibility, optimized performance for common functions like check_plain(), and fixes for several security-related issues in user authentication and access control. While not introducing major new features, this update addresses important stability issues and improves code documentation throughout the system.

Highlight of the Release

    • Improved PHP 5.3 compatibility while maintaining PHP 4 support
    • Optimized check_plain() function for better performance
    • Fixed user authentication and access control issues
    • Enhanced documentation across multiple core modules
    • Improved database compatibility with PostgreSQL

Migration Guide

No specific migration steps are required for this maintenance release. Drupal 6.17 is a bug fix and compatibility release that should not break existing functionality.

However, if you're using custom code that:

  1. Relies on specific behavior of the check_plain() function
  2. Implements custom authentication schemes
  3. Uses advanced PostgreSQL features with table aliases in UPDATE queries

You may want to test your site thoroughly after upgrading to ensure compatibility with the optimizations and fixes in this release.

The UPGRADE.txt file has been updated with clearer directory name instructions, which may be helpful if you're upgrading from an older version of Drupal 6.

Upgrade Recommendations

This is a recommended upgrade for all Drupal 6 sites, especially those:

  • Running on PHP 5.3 or planning to upgrade to PHP 5.3
  • Using PostgreSQL as the database backend
  • Experiencing issues with user authentication or content filtering
  • Concerned about performance optimizations

The update primarily contains bug fixes and compatibility improvements with no known breaking changes, making it a low-risk upgrade that improves stability and security.

To upgrade:

  1. Back up your database and site files
  2. Replace your existing Drupal core files with the 6.17 release
  3. Run update.php to apply any necessary database changes

As always, test the upgrade on a staging environment before applying to production.

Bug Fixes

  • PHP Compatibility

    • Fixed PHP 4 incompatibility in the update module
    • Improved PHP 5.3 compatibility in node_search() implementation
    • Fixed handling of uploaded files in previews for PHP 5.2.12+
    • Resolved issues with JavaScript concatenation that could lead to parse errors

  • User Management

    • Fixed username validation to properly support apostrophes
    • Improved password reset request handling to check name and email access rules separately
    • Fixed user category loading to properly display edit tabs

  • Content & Filters

    • Fixed HTML corrector filter that was incorrectly escaping HTML comments
    • Resolved line break converter issues that could result in empty node display due to PCRE limits
    • Fixed katakana word splitting in search functionality

  • Database & Performance

    • Fixed PostgreSQL compatibility with unsigned numeric fields
    • Improved UPDATE queries to avoid table name aliases for better PostgreSQL support
    • Fixed potential infinite recursion in filter_list_format() when database contains broken data

  • URL & Path Handling

    • Added missing feed URL handling for http protocol
    • Fixed path mangling in CSS aggregation for IE compatibility
    • Fixed ability to remove query strings and fragments from menu items

  • Other Fixes

    • Fixed statistics module pagination issues with PostgreSQL
    • Resolved issues with node_access batch rebuild when nodes aren't loadable
    • Fixed cookie domain handling to only remove www prefix from autodetected domains

New Features

No significant new features were introduced in this maintenance release. Drupal 6.17 focuses primarily on bug fixes, performance improvements, and compatibility enhancements to ensure stability across different PHP versions and database systems.

Security Updates

  • User Authentication

    • Moved user login failure attempt logging to user_authenticate() to ensure unified logging across all authentication schemes, including blogapi, improving security monitoring capabilities

  • Access Control

    • Improved documentation for taxonomy_form() to help developers avoid potential security issues in contributed code
    • Fixed poll module vote number form access handling to prevent unauthorized clearing of vote numbers when editing polls

  • Input Validation

    • Enhanced username validation with better error handling and security checks
    • Improved handling of action callbacks to avoid calling nonexistent functions when modules are disabled

  • Locale Import

    • Applied locale import protection user settings to plural forms, ensuring consistent security across all parts of .po file imports

Performance Improvements

  • Optimized check_plain() Function

    • Improved performance of the frequently used check_plain() function by leveraging PHP 5 features and inlining UTF-8 checking, which reduces overhead in one of Drupal's most commonly called functions

  • Front Page Detection

    • Sped up drupal_is_front_page() by caching its value instead of computing it on each page request, reducing redundant processing

  • XML-RPC Handling

    • Enhanced Drupal's capability to handle larger XML-RPC messages by removing unnecessary processing, improving performance for sites using remote procedure calls

  • Form Processing

    • Made form_build_id generation more consistent and efficient

  • Menu System

    • Removed superfluous menu_rebuild() call from update_uninstall(), preventing unnecessary menu rebuilds

  • Page Caching

    • Simplified and improved compatibility of compression code in page caching, enhancing delivery performance

Impact Summary

Drupal 6.17 is a maintenance release that focuses on compatibility, performance, and bug fixes rather than introducing new features. The impact is primarily positive for all Drupal 6 sites, with particular benefits for sites running on newer PHP versions or PostgreSQL databases.

The performance optimizations to check_plain() and front page detection will benefit all sites, especially those with high traffic. Security improvements to user authentication logging and access control enhance the overall security posture without requiring configuration changes.

Documentation improvements throughout the codebase will primarily benefit developers working with the Drupal 6 API, making the system more maintainable and easier to extend.

The fixes for PHP 5.3 compatibility are particularly important for sites planning to upgrade their hosting environment, as they allow Drupal 6 to continue functioning properly on newer PHP versions while maintaining backward compatibility with PHP 4.

Overall, this is a solid maintenance release that improves stability and performance without introducing disruptive changes.

Statistics:

File Changed35
Line Additions625
Line Deletions286
Line Changes911
Total Commits58

User Affected:

  • Improved PHP 4 and PHP 5.3 compatibility fixes
  • Better documentation for core functions and hooks
  • Fixed issues with reference handling in bootstrap.inc
  • Optimized check_plain() function for better performance

Contributors:

gobadbuytaert