Drupal Release: 7.4

TL;DR

Drupal 7.4 is a maintenance release that addresses numerous bugs, documentation improvements, and minor enhancements. This update focuses on fixing issues with field handling, database transactions, accessibility, and various API functions. While there are no major new features, the release includes important fixes for comment previews, cron functionality, nested database transactions, and field language handling that improve overall stability and developer experience.

Highlight of the Release

• Fixed issue where running cron did not check for available updates
• Improved accessibility with fixed 'Skip to main content' link in Overlay
• Fixed nested database transactions that previously threw exceptions on DDL changes
• Better field language handling in Field API
• Performance improvement by replacing strtr() with str_replace() for database prefixing

Migration Guide

Drupal 7.4 is a maintenance release that primarily contains bug fixes and documentation improvements. There are no significant API changes or database schema modifications that would require special migration steps.

However, developers should be aware of the following changes:

• Database Transactions: If your code relies on nested transactions with DDL changes, the fix for Issue #1007830 may affect your implementation. Review your transaction handling code to ensure compatibility.

• Field Language Handling: The fix for Issue #1169426 improves how field_invoke_multiple() handles field languages. If you have custom code that interacts with multilingual fields, test thoroughly after upgrading.

• Module Uninstallation: Modules that provide entity types should now call field_attach_delete_bundle() in their hook_uninstall() implementation. Review your custom modules to ensure compliance.

• Database Prefixing: The change from strtr() to str_replace() for database prefixing (Issue #561422) improves performance but might affect custom database handling code that extends core functionality.

For most sites, upgrading to Drupal 7.4 should be straightforward and require no special steps beyond the standard update procedure.

Upgrade Recommendations

Recommendation Level: Recommended for all Drupal 7 sites

Drupal 7.4 is a maintenance release containing numerous bug fixes, documentation improvements, and minor enhancements that improve the stability and performance of Drupal 7. While it doesn't address critical security vulnerabilities, it does fix several important bugs that could affect site functionality.

Who should upgrade immediately:

• Sites experiencing issues with nested database transactions
• Sites with multilingual content experiencing field language issues
• Sites where cron is not properly checking for available updates
• Sites with accessibility requirements using the Overlay with Bartik or Stark themes

Upgrade Considerations:

• As with any update, back up your database and files before proceeding
• Test the upgrade on a staging environment before applying to production
• Review the full list of fixed issues to identify if any address problems you're currently experiencing
• Most fixes are non-invasive and unlikely to cause regressions, making this a relatively safe update

The upgrade process follows the standard Drupal update procedure and should not require any special steps or post-update actions.

Bug Fixes

This release includes numerous bug fixes across various components:

• Comment Module: Fixed missing comment preview color due to mis-targeted CSS rule.
• Cron Functionality: Fixed issue where running cron did not check for available updates.
• Database Handling:
  • Fixed nested transactions throwing exceptions on DDL changes.
  • Fixed wrong use of db_transaction() in block module.
• Field API:
  • Fixed PHP Notice: Undefined index: content in template_preprocess_node().
  • Fixed strict PHP warning in Fields UI tests.
  • Fixed field language handling in field_invoke_multiple().
• Node Module:
  • Fixed JavaScript error in node preview when there are unlimited value fields in overlay.
  • Fixed menu D6->D7 upgrade not maintaining node-menu configuration.
• User Module:
  • Fixed broken user email template tokens in user_update_7011().
  • Fixed machine name JavaScript not respecting maxlength of target field.
• File Handling:
  • Fixed critical issue where default image was not set to permanent and saved to the wrong schema.
  • Fixed float and decimal values not being fully validated.
• Help System: Fixed help block being empty on every page or showing the same content on every page due to 'cache per role'.
• Accessibility: Fixed 'Skip to main content' link not working in Overlay for Bartik or Stark themes.
• Internationalization: Fixed Drupal.formatPlural() incorrectly handling complex plural rules.
• HTTP Handling: Fixed inconsistent redirect_url() in drupal_http_request().

New Features

This release primarily focuses on bug fixes and documentation improvements rather than introducing new features. However, there are some notable enhancements:

• Improved Field Language API: Better handling of field languages in field_invoke_multiple() function, providing more consistent multilingual support.
• Enhanced Database Prefixing Performance: Replaced strtr() with str_replace() for database prefixing, resulting in improved performance.
• Better Error Handling: More accurate error handling in EntityFieldQuery for non-existing fields.
• Disallow Search Engine Indexing: Added functionality to prevent search engines from indexing the /filter/tips page.
• Improved Batch API: Modified to finish when >99.5% of items have been processed, providing better user experience for long-running batch operations.

Security Updates

• Test Coverage for Security Issues: Added tests to check for SA-CORE-2011-001, improving the ability to detect and prevent similar security issues in the future.

• Improved Sanitization: Enhanced sanitization of watchdog link/operations items, reducing the risk of potential XSS vulnerabilities.

• Form Element Sanitization: Fixed an issue where FAPI element #title was not properly sanitized, which could potentially lead to XSS vulnerabilities.

While this release doesn't contain major security patches, these improvements help maintain the overall security posture of Drupal 7.

Performance Improvements

• Database Prefixing: Replaced strtr() with str_replace() for database prefixing, resulting in measurable performance improvements. This change affects both the general database system and SQLite support specifically.

• Batch Processing: Modified the Batch API to finish when >99.5% of items have been processed, which improves performance for long-running batch operations by avoiding unnecessary processing of the final fraction of items.

• External Page Caching: Fixed an issue where external page caching only worked when 'page_cache_invoke_hooks()' was set to FALSE (equivalent to the old 'Aggressive Mode'). This improves caching performance in certain configurations.

• Help Module: Fixed an issue with the help block being cached per role, which was causing unnecessary cache entries and performance degradation.

Impact Summary

Drupal 7.4 is a maintenance release that brings significant stability improvements through numerous bug fixes and documentation enhancements. While not introducing major new features, this update addresses important issues across multiple subsystems including field handling, database transactions, accessibility, and API functions.

Key improvements include fixing nested database transactions that previously threw exceptions, resolving an issue where cron didn't check for available updates, improving field language handling, and enhancing accessibility with a fixed 'Skip to main content' link in Overlay. Performance gains come from optimized database prefixing by replacing strtr() with str_replace().

For developers, the extensive documentation improvements across numerous API functions provide clearer guidance and more accurate examples. Site administrators will benefit from more reliable module uninstallation processes and better handling of default images. Content editors will experience fewer issues with comment previews and node previews when using unlimited value fields.

This release represents an important step in Drupal 7's maturation, focusing on polish and reliability rather than flashy new features. The numerous small fixes combine to create a more stable and developer-friendly platform.