Drupal Release: 7.0-alpha7

TL;DR

Drupal 7.0-alpha7 brings significant improvements to field management, accessibility, performance, and security. This release includes better handling of text fields with new formatter settings, enhanced file and image handling, improved accessibility with better contrast and screen reader support, and numerous bug fixes across core modules. Key updates include fixes for comment language saving, taxonomy term handling, and database query optimizations. The release also addresses several security vulnerabilities and improves the upgrade path from Drupal 6.

Highlight of the Release

• New field formatter settings for text fields, replacing the node type 'teaser length' setting
• Improved file and image handling with better multi-value field support
• Enhanced accessibility features including better contrast and screen reader support
• Significant database performance improvements, especially for PostgreSQL
• Better entity API with new entity label support
• Fixed upgrade path issues from Drupal 6 to 7
• Improved dashboard functionality and block management
• Enhanced security with multiple vulnerability fixes

Migration Guide

Text Field Formatter Changes

If you were using the node type 'teaser_length' setting, you'll need to update your code to use the new field formatter settings for 'text_trimmed' and 'text_summary_or_trimmed' formatters. The 'teaser_length' settings for node types have been removed, and an upgrade path has been provided in node_update_7011().

File System Changes

The file_directory_path() function has been removed. Update your code to use the stream wrapper API instead. For example, replace file_directory_path() . '/myfile.txt' with 'public://myfile.txt'.

Entity API Updates

If your code interacts with entities, note that entities now have a 'label' key in their info. Update your code to use this key when referencing entity titles (e.g., node titles).

Form API Changes

If you're using hook_validate() or hook_node_validate(), be aware that the form values are now passed by reference. Update your code accordingly.

Database API Updates

If you're using complex database queries, ensure you're using the correct placeholders. The DB API has been improved to handle complex queries better.

Theme System Changes

If you're overriding theme functions, note that module .info files can now add CSS/JS directly. Consider using this approach instead of implementing hooks for simple CSS/JS additions.

Upgrade Recommendations

Recommendation Level: Important

This alpha release contains significant improvements and bug fixes that enhance stability, security, and performance. While still an alpha version, it addresses several critical issues in the upgrade path from Drupal 6 to 7, making it an important update for anyone testing Drupal 7.

Who Should Upgrade

• Developers testing Drupal 7: This release fixes many issues that were blocking proper testing of Drupal 7 features.
• Site builders creating test sites: The improved upgrade path makes this version better for testing migrations from Drupal 6.
• Module developers: The enhanced APIs and fixed bugs provide a more stable foundation for module development.

Upgrade Considerations

• Back up your database and files before upgrading
• Test thoroughly in a development environment first
• Review the list of fixed bugs to see if any affect your site specifically
• Pay special attention to the field formatter changes if you're using custom text field formatters

Timing

As this is still an alpha release, it's not recommended for production sites. However, for development and testing environments, upgrading promptly will provide the most stable foundation for continued Drupal 7 evaluation.

Bug Fixes

Comment and User Management

• Fixed issue where comment language was not being saved
• Fixed regression that allowed anonymous users to post comments in the name of registered users
• Fixed problem where deleting nodes did not delete their comments
• Fixed issue where no welcome mail was sent to new users after site administrator approval
• Fixed confirmation mail for users after account activation containing wrong links

Field and Form Handling

• Fixed reordering of multivalue file and image field uploads
• Fixed issue where not validated form values appeared in error messages
• Fixed field UI 'Manage fields' affecting ordering on 'Manage display'
• Fixed field UI 'formatter settings' form

Database and Query Issues

• Fixed db_find_tables() expecting tables to be prefixed, with inconsistent implementation and documentation
• Fixed drupal_write_record() unnecessarily setting primary keys while updating
• Fixed database schema issues with PostgreSQL, including changeField() functionality
• Fixed entity query tests failing on PostgreSQL
• Fixed multiple pager support that was partially broken

File System

• Fixed private images functionality
• Fixed CSS aggregation failing to parse some URL references
• Fixed issue where changing from public to private storage did not change field behavior
• Fixed handling of international characters in file handling

Taxonomy and Forum

• Fixed taxonomy parents needing to be saved before term hooks are called
• Fixed error when deleting an invalid term
• Fixed forum module issues after disabling/uninstalling/re-enabling

Upgrade Path

• Fixed upgrade failures related to missing file_usage table
• Fixed issues with Comment module after Drupal 6 to 7 upgrade
• Fixed 'taxo as field' update that could wipe some node/term associations
• Fixed orphaned node types losing bodies on upgrade

New Features

Field Formatter Settings

Text fields now have dedicated formatter settings for 'text_trimmed' and 'text_summary_or_trimmed' formatters, replacing the previous node type 'teaser_length' setting. This provides more granular control over how trimmed content appears across different view modes and entity types.

Entity Label Support

The entity API now includes a 'label' key in entity info, making it easier to consistently reference entity titles (e.g., node titles) across the system.

Module Info File Enhancements

Module .info files can now add CSS/JS files directly, providing a cleaner way to include assets without requiring hook implementations.

Improved File Handling

Image derivatives are now served from the same URL they are generated from, improving caching and performance. The system also handles international characters in filenames better.

Enhanced Dashboard

Dashboard blocks and regions no longer appear on the main blocks configuration page, providing a cleaner separation between dashboard and standard block management.

Security Updates

User Authentication and Authorization

• Fixed issue allowing anonymous users to post comments in the name of registered users
• Addressed permission uniqueness issues among modules, enforcing better permission handling

Input Filtering and XSS Prevention

• Applied filter system security fixes from SA-2008-073 to Drupal 7
• Fixed filter_xss() and Line break filter breaking HTML comments
• Improved URL filter security and functionality

File System Security

• Enhanced file handling security, particularly for private files
• Fixed file access checks to implement proper access controls beyond just nodes and users

Database Security

• Fixed PDO coercing empty strings to NULL when target is a PostgreSQL bytea
• Improved database query placeholders in complex queries

Form Security

• Fixed form validation issues that could expose sensitive information
• Improved form API security with better handling of form values

Performance Improvements

Database Query Optimization

• Implemented use of subqueries for ->countQuery(), at least for MySQL, improving performance of paginated queries
• Optimized file_field_load() to load file fields on all entities at once, reducing the number of database queries

Caching Improvements

• Added caching for hook_field_extra_fields() results, preventing unnecessary rebuilds
• Avoided rebuilds in system_settings_form_submit()
• Removed schema cache from needlessly being loaded on all pages

HTTP Request Handling

• Added timeout support to drupal_http_request(), preventing long-hanging connections
• Improved image derivative handling by serving from the same URL they are generated from

Form Processing

• Improved AJAX handling to follow the same rules for whether to call drupal_rebuild_form() as non-AJAX submissions
• Optimized form validation and error handling

Menu and Path Handling

• Fixed menu links not following parent when moving, improving menu rebuild performance
• Improved locale URL handling to only run on multilingual sites

Impact Summary

Drupal 7.0-alpha7 represents a significant step forward in the Drupal 7 development cycle, addressing over 150 issues across the core system. The release focuses on improving field management, accessibility, performance, and security.

For content editors, the new field formatter settings for text fields provide more granular control over how trimmed content appears. Site administrators will benefit from an improved dashboard, better file handling, and a more robust upgrade path from Drupal 6. Developers gain access to enhanced APIs, including better database query handling and entity management.

Accessibility improvements are a standout feature, with better contrast between error and link colors in status messages, improved screen reader support, and better keyboard navigation. These changes help Drupal sites meet WCAG 2.0 standards more effectively.

Performance enhancements include optimized database queries, better caching, and improved file handling. Security fixes address several vulnerabilities in user authentication, input filtering, and file system access.

While still an alpha release not recommended for production sites, 7.0-alpha7 provides a much more stable foundation for testing and development of Drupal 7 sites and modules. The numerous bug fixes and API improvements make this an important update for anyone involved in Drupal 7 development.