Drupal Release: 7.0-unstable-4

TL;DR

This Drupal 7.0-unstable-4 release represents a significant milestone with major infrastructure improvements including SQLite support, database abstraction layer enhancements, and user account cancellation. The release includes substantial code cleanup, performance optimizations, and improved test coverage across multiple modules. Key highlights include a new hook_js_alter(), RDF namespace registry, and standardized database table naming conventions. This release focuses on improving developer experience, database compatibility, and system robustness while laying groundwork for future features.

Highlight of the Release

• SQLite support added to Drupal core (#67349)
• User account cancellation functionality (#8)
• New hook_js_alter() for modifying JavaScript before output (#315801)
• RDF namespace registry for semantic web development (#332980)
• Improved database abstraction layer with subquery support (#299178)
• Standardized database table naming conventions (#335086)
• Improved module dependency system (#320451)

Migration Guide

Database Layer Changes

• Modules using direct SQL queries need to be updated to use the new database abstraction layer
• db_placeholders() has been converted to the new database API (#314464)
• db_rewrite_sql() has been replaced with hook_query_alter() (#299176)
• Table names have been standardized (e.g., taxonomy tables renamed from term_data to taxonomy_term_data) (#225562)

Hook Implementation Changes

• hook_block() no longer uses the $edit parameter (#345866)
• hook_comment() no longer uses the $op parameter (#353480)
• hook_user() now uses $account instead of arg(1) (#109588)
• hook_nodeapi() function signatures have been updated (#319356)

Path Changes

• The 'logout' path has been renamed to 'user/logout' for consistency (#337820)

Module Dependencies

• The module dependency system has been improved (#320451)
• The bootstrap flag in the system table has been removed (#333143)

File Handling

• FILE_STATUS_TEMPORARY field has been cleaned up (#353207)
• Managed file overwriting has been improved (#334303)

Theme Changes

• Parent theme handling has been improved to prevent clobbering (#333060)

Testing

• SimpleTest has been updated to work with the new database layer
• Test performance has been significantly improved by pre-loading the registry (#340052)

Upgrade Recommendations

For Module Developers

This unstable release contains significant changes to the database abstraction layer, hook implementations, and module dependency system. Module developers should thoroughly test their code against this release and update any direct SQL queries to use the new database API. Pay special attention to hook implementations that have changed, particularly hook_block(), hook_comment(), and hook_user().

For Site Administrators

While this is an unstable release and not recommended for production sites, testing on development environments is encouraged to provide feedback. The SQLite support and improved database abstraction layer offer new deployment options worth exploring. The user account cancellation feature and improved administrative interfaces provide better user management capabilities.

For Theme Developers

Theme developers should test their themes with this release to ensure compatibility with the improved parent theme handling and new JavaScript modification hook (hook_js_alter()).

General Recommendation

As this is an unstable release (7.0-unstable-4), it should only be used for testing and development purposes. Production sites should wait for a stable release. However, early testing and feedback on these significant changes will help ensure a more stable final release.

Bug Fixes

Database and Query Fixes

• Fixed issues with database abstraction layer for PostgreSQL compatibility (#296624, #323528)
• Fixed replacement of unnamed placeholders in SQLite (#342366)
• Fixed db_update() failure on expression-only SQL (#343620)
• Fixed schema function findTables for PostgreSQL (#342503)
• Fixed transaction support issues (#301049, #355278)

User Interface and Functionality Fixes

• Fixed block sorting when more than 20 blocks are present (#293370)
• Fixed editing of anonymous comments (#334826)
• Fixed users not being able to be assigned to roles (#334671)
• Fixed duplicate names in Who's Online block (#107051)
• Fixed URL fields by converting from VARCHAR to TEXT to avoid errors (#107824)
• Fixed automatic line breaking that sometimes resulted in unpaired paragraph tags (#212236)

System and Performance Fixes

• Fixed hook_boot() not being invoked on uncached page views in aggressive cache mode (#323474)
• Fixed notices in form.inc visible from update.php (#334732)
• Fixed undefined index errors (#207736)
• Fixed inconsistency between parse_size() and format_size() functions (#267883)
• Fixed getActiveConnection() and getConnection() when $db_url not found (#335614)
• Fixed session regeneration issues (#280934)
• Fixed language selection for domain to look at HTTP_HOST not SERVER_NAME (#262920)
• Fixed valid_url() to support all valid URL characters (#124492)

Testing and Development Fixes

• Fixed SimpleTest to work under PostgreSQL (#337794)
• Fixed DatabaseStatement Prefect iterator implementation (#342693)
• Fixed PHP strict warnings when running tests (#348448)

New Features

SQLite Support in Core

Drupal now officially supports SQLite as a database backend (#67349), expanding deployment options and making local development easier.

User Account Cancellation

Users can now cancel their accounts (#8), providing better user control over their data and presence on Drupal sites.

JavaScript Modification Hook

A new hook_js_alter() (#315801) allows modules to modify JavaScript before it's printed to the page, providing greater flexibility for theme and module developers.

RDF Namespace Registry

Added an RDF namespace registry (#332980) to support semantic web development and improve Drupal's capabilities for structured data.

Subquery Support

Enhanced database abstraction layer now supports subqueries in FROM and JOIN clauses (#299178), enabling more complex and efficient database operations.

Improved Module Dependency System

The module dependency system has been improved (#320451) to better handle dependencies, which helps with fields in core and other complex module relationships.

Pluggable Architecture for Aggregator

Introduced a pluggable architecture for the aggregator module (#303930), allowing for more flexible feed handling and processing.

Multiple Entity Loading

New functionality to load multiple nodes and terms at once (#324313), improving performance for operations that need to retrieve multiple entities.

Security Updates

Session Security

• Hardened session regeneration to prevent session fixation attacks (#280934)
• Improved user session handling during user editing operations (#169937)

Input Validation

• Added validation for translation strings on import to prevent malicious input (#276111)
• Fixed double escaping issues that could lead to security vulnerabilities (#330090)

Database Security

• Added forced MySQL ANSI compatibility mode to improve SQL security and consistency (#344575)
• Improved database abstraction layer to prevent SQL injection vulnerabilities

File System Security

• Improved handling of file uploads and downloads with better security checks (#276280)
• Added notification when users upload files larger than max_upload_filesize to prevent potential exploits (#30520)

Performance Improvements

Database Optimization

• Created a better index for the default front page (#295283)
• Eliminated unnecessary database query by using cached parent node (#330674)
• Avoided unnecessary SQL query on front page when no node access modules are enabled (#352093)
• Made db_query_temporary() generate its own temporary table names for better performance (#349500)

Caching and Processing

• Used static caching in drupal_is_front_page() to reduce redundant operations (#340557)
• Removed redundant cache flushing in several areas (#325908)
• Improved SimpleTest performance by pre-loading the registry, speeding up tests by orders of magnitude (#340052)

File Handling

• Improved file_scan_directory() implementation for better performance (#74645)
• Enhanced temporary file handling with better cleanup procedures (#330633)

JavaScript Performance

• Sped up simpletest.js and made it more cross-browser compliant (#335214)

Multiple Entity Loading

• Added functionality to load multiple nodes at once (#324313)
• Added functionality to load multiple terms at once (#343746)
• Made it possible to load multiple files with fewer queries (#348201)

Impact Summary

This Drupal 7.0-unstable-4 release represents a major step forward in Drupal's evolution with significant infrastructure improvements. The addition of SQLite support expands deployment options, while the enhanced database abstraction layer improves cross-database compatibility and query capabilities. The user account cancellation feature addresses a long-standing user management need.

For developers, this release offers powerful new tools including hook_js_alter(), RDF namespace registry, and subquery support in the database layer. The standardized database table naming conventions and improved module dependency system create a more consistent and maintainable codebase.

Site administrators benefit from improved interfaces, better error reporting, and more efficient user management tools. Performance optimizations throughout the system, including multiple entity loading and better caching, should result in faster sites.

The extensive test coverage added in this release helps ensure stability despite the significant changes. Many long-standing bugs have been fixed, particularly around database handling, session management, and user interfaces.

While this is an unstable release intended for testing rather than production use, it demonstrates Drupal's commitment to improving developer experience, performance, and cross-platform compatibility. The changes lay important groundwork for future features and improvements in Drupal 7.