Index: install.php =================================================================== RCS file: /cvs/drupal/drupal/install.php,v retrieving revision 1.32 diff -u -p -r1.32 install.php --- install.php 30 Dec 2006 09:06:22 -0000 1.32 +++ install.php 30 Dec 2006 11:24:11 -0000 @@ -20,6 +20,7 @@ function install_main() { drupal_bootstrap(DRUPAL_BOOTSTRAP_CONFIGURATION); require_once './modules/system/system.install'; require_once './includes/file.inc'; + require_once './includes/database.inc'; // Check existing settings.php. $verify = install_verify_settings(); @@ -27,7 +28,6 @@ function install_main() { // Drupal may already be installed. if ($verify) { // Establish a connection to the database. - require_once './includes/database.inc'; db_set_active(); // Check if Drupal is installed. if (install_verify_drupal()) { @@ -115,15 +115,11 @@ function install_verify_settings() { // We need this because we want to run form_get_errors. include_once './includes/form.inc'; - $url = parse_url(is_array($db_url) ? $db_url['default'] : $db_url); - $db_user = urldecode($url['user']); - $db_pass = urldecode($url['pass']); - $db_host = urldecode($url['host']); - $db_port = isset($url['port']) ? urldecode($url['port']) : ''; - $db_path = ltrim(urldecode($url['path']), '/'); + $url = db_decode_url(parse_url(is_array($db_url) ? $db_url['default'] : $db_url)); + $url['path'] = ltrim($url['path'], '/'); $settings_file = './'. conf_path() .'/settings.php'; - _install_settings_form_validate($db_prefix, $db_type, $db_user, $db_pass, $db_host, $db_port, $db_path, $settings_file); + _install_settings_form_validate($db_prefix, $db_type, $url['user'], $url['pass'], $url['host'], $url['port'], $url['path'], $settings_file); if (!form_get_errors()) { return TRUE; } @@ -136,13 +132,9 @@ function install_verify_settings() { */ function install_change_settings($profile = 'default', $install_locale = '') { global $db_url, $db_type, $db_prefix; - - $url = parse_url(is_array($db_url) ? $db_url['default'] : $db_url); - $db_user = urldecode($url['user']); - $db_pass = urldecode($url['pass']); - $db_host = urldecode($url['host']); - $db_port = isset($url['port']) ? urldecode($url['port']) : ''; - $db_path = ltrim(urldecode($url['path']), '/'); + + $url = db_decode_url(parse_url(is_array($db_url) ? $db_url['default'] : $db_url)); + $url['path'] = ltrim($url['path'], '/'); $settings_file = './'. conf_path() .'/settings.php'; // We always need this because we want to run form_get_errors. @@ -161,9 +153,9 @@ function install_change_settings($profil // Don't fill in placeholders if ($db_url == 'mysql://username:password@localhost/databasename') { - $db_user = $db_pass = $db_path = ''; + $url['user'] = $url['pass'] = $url['path'] = ''; } - $output = drupal_get_form('install_settings_form', $profile, $install_locale, $settings_file, $db_url, $db_type, $db_prefix, $db_user, $db_pass, $db_host, $db_port, $db_path); + $output = drupal_get_form('install_settings_form', $profile, $install_locale, $settings_file, $db_url, $db_type, $db_prefix, $url['user'], $url['pass'], $url['host'], $url['port'], $url['path']); drupal_set_title(st('Database configuration')); print theme('install_page', $output); exit; Index: includes/common.inc =================================================================== RCS file: /cvs/drupal/drupal/includes/common.inc,v retrieving revision 1.603 diff -u -p -r1.603 common.inc --- includes/common.inc 21 Dec 2006 22:20:19 -0000 1.603 +++ includes/common.inc 30 Dec 2006 11:24:11 -0000 @@ -1428,6 +1428,8 @@ function drupal_get_css($css = NULL) { $preprocess_css = variable_get('preprocess_css', FALSE); $directory = file_directory_path(); $is_writable = is_dir($directory) && is_writable($directory) && (variable_get('file_downloads', FILE_DOWNLOADS_PUBLIC) == FILE_DOWNLOADS_PUBLIC); + $no_module_preprocess = ''; + $no_theme_preprocess = ''; foreach ($css as $media => $types) { // If CSS preprocessing is off, we still need to output the styles. Index: includes/database.inc =================================================================== RCS file: /cvs/drupal/drupal/includes/database.inc,v retrieving revision 1.61 diff -u -p -r1.61 database.inc --- includes/database.inc 11 Dec 2006 22:58:17 -0000 1.61 +++ includes/database.inc 30 Dec 2006 11:24:11 -0000 @@ -309,6 +309,31 @@ function db_escape_table($string) { } /** + * Decode all components of a database url. + * + * @param $url + * An array of url components generated by parse_url(). + */ +function db_decode_url($url) { + $components = array('user', 'pass', 'host', 'path'); + foreach ($components as $key) { + if (isset($url[$key])) { + $url[$key] = urldecode($url[$key]); + } + else { + // Default to '' for E_ALL compliance. + $url[$key] = ''; + } + } + + // Set $url['port'] for E_ALL compliance. + if (!isset($url['port'])) { + $url['port'] = ''; + } + return $url; +} + +/** * @} End of "defgroup database". */ Index: includes/database.mysql.inc =================================================================== RCS file: /cvs/drupal/drupal/includes/database.mysql.inc,v retrieving revision 1.66 diff -u -p -r1.66 database.mysql.inc --- includes/database.mysql.inc 27 Dec 2006 22:50:09 -0000 1.66 +++ includes/database.mysql.inc 30 Dec 2006 11:24:11 -0000 @@ -62,22 +62,11 @@ function db_connect($url) { exit; } - $url = parse_url($url); - - // Decode url-encoded information in the db connection string - $url['user'] = urldecode($url['user']); - // Test if database url has a password. - if(isset($url['pass'])) { - $url['pass'] = urldecode($url['pass']); - } - else { - $url['pass'] = ''; - } - $url['host'] = urldecode($url['host']); - $url['path'] = urldecode($url['path']); + // Decode url-encoded information in the db connection string. + $url = db_decode_url(parse_url($url)); // Allow for non-standard MySQL port. - if (isset($url['port'])) { + if ($url['port'] !== '') { $url['host'] = $url['host'] .':'. $url['port']; } Index: includes/database.mysqli.inc =================================================================== RCS file: /cvs/drupal/drupal/includes/database.mysqli.inc,v retrieving revision 1.32 diff -u -p -r1.32 database.mysqli.inc --- includes/database.mysqli.inc 27 Dec 2006 22:50:09 -0000 1.32 +++ includes/database.mysqli.inc 30 Dec 2006 11:24:11 -0000 @@ -62,19 +62,8 @@ function db_connect($url) { exit; } - $url = parse_url($url); - - // Decode url-encoded information in the db connection string - $url['user'] = urldecode($url['user']); - // Test if database url has a password. - if(isset($url['pass'])) { - $url['pass'] = urldecode($url['pass']); - } - else { - $url['pass'] = ''; - } - $url['host'] = urldecode($url['host']); - $url['path'] = urldecode($url['path']); + // Decode url-encoded information in the db connection string. + $url = db_decode_url(parse_url($url)); $connection = mysqli_init(); @mysqli_real_connect($connection, $url['host'], $url['user'], $url['pass'], substr($url['path'], 1), $url['port'], NULL, MYSQLI_CLIENT_FOUND_ROWS); Index: includes/database.pgsql.inc =================================================================== RCS file: /cvs/drupal/drupal/includes/database.pgsql.inc,v retrieving revision 1.43 diff -u -p -r1.43 database.pgsql.inc --- includes/database.pgsql.inc 27 Dec 2006 22:13:56 -0000 1.43 +++ includes/database.pgsql.inc 30 Dec 2006 11:24:12 -0000 @@ -60,24 +60,24 @@ function db_connect($url) { exit; } - $url = parse_url($url); + // Decode url-encoded information in the db connection string. + $url = db_decode_url(parse_url($url)); $conn_string = ''; - // Decode url-encoded information in the db connection string - if (isset($url['user'])) { - $conn_string .= ' user=' . urldecode($url['user']); + if ($url['user'] !== '') { + $conn_string .= ' user='. $url['user']; } - if (isset($url['pass'])) { - $conn_string .= ' password=' . urldecode($url['pass']); + if ($url['pass'] !== '') { + $conn_string .= ' password='. $url['pass']; } - if (isset($url['host'])) { - $conn_string .= ' host=' . urldecode($url['host']); + if ($url['host'] !== '') { + $conn_string .= ' host='. $url['host']; } - if (isset($url['path'])) { - $conn_string .= ' dbname=' . substr(urldecode($url['path']), 1); + if ($url['path'] !== '') { + $conn_string .= ' dbname='. substr($url['path'], 1); } - if (isset($url['port'])) { - $conn_string .= ' port=' . urldecode($url['port']); + if ($url['port'] !== '') { + $conn_string .= ' port='. $url['port']; } // pg_last_error() does not return a useful error message for database Index: includes/form.inc =================================================================== RCS file: /cvs/drupal/drupal/includes/form.inc,v retrieving revision 1.169 diff -u -p -r1.169 form.inc --- includes/form.inc 29 Dec 2006 18:58:48 -0000 1.169 +++ includes/form.inc 30 Dec 2006 11:24:12 -0000 @@ -246,6 +246,7 @@ function drupal_process_form($form_id, & $form_values = array(); $form_submitted = FALSE; $form_button_counter = array(0, 0); + $redirect = NULL; drupal_prepare_form($form_id, $form); if (($form['#programmed']) || (!empty($_POST) && (($_POST['form_id'] == $form_id) || ($_POST['form_id'] == $form['#base'])))) { @@ -448,6 +449,7 @@ function drupal_submit_form($form_id, $f * */ function drupal_render_form($form_id, &$form) { + $base = ''; // Don't override #theme if someone already set it. if (isset($form['#base'])) { $base = $form['#base']; @@ -972,6 +974,13 @@ function form_get_option_key($element, $ * A themed HTML string representing the form item group. */ function theme_fieldset($element) { + // Each key defaults to '' for E_ALL compliance. + $keys = array('#attributes', '#children', '#collapsible', '#description', '#title', '#value'); + foreach ($keys as $key) { + if (!isset($element[$key])) { + $element[$key] = ''; + } + } if ($element['#collapsible']) { drupal_add_js('misc/collapse.js'); Index: includes/install.inc =================================================================== RCS file: /cvs/drupal/drupal/includes/install.inc,v retrieving revision 1.30 diff -u -p -r1.30 install.inc --- includes/install.inc 8 Dec 2006 11:54:04 -0000 1.30 +++ includes/install.inc 30 Dec 2006 11:24:12 -0000 @@ -204,7 +204,7 @@ function drupal_rewrite_settings($settin // Write new value to settings.php in the following format: // $'setting' = 'value'; // 'comment' $setting = $settings[$variable[1]]; - $buffer .= '$'. $variable[1] ." = '". $setting['value'] ."';". ($setting['comment'] ? ' // '. $setting['comment'] ."\n" : "\n"); + $buffer .= '$'. $variable[1] ." = '". $setting['value'] ."';". (isset($setting['comment']) && $setting['comment'] ? ' // '. $setting['comment'] ."\n" : "\n"); unset($settings[$variable[1]]); } else { Index: includes/install.mysql.inc =================================================================== RCS file: /cvs/drupal/drupal/includes/install.mysql.inc,v retrieving revision 1.4 diff -u -p -r1.4 install.mysql.inc --- includes/install.mysql.inc 27 Dec 2006 13:02:34 -0000 1.4 +++ includes/install.mysql.inc 30 Dec 2006 11:24:12 -0000 @@ -25,17 +25,12 @@ function drupal_test_mysql($url, &$succe return FALSE; } - $url = parse_url($url); - // Decode url-encoded information in the db connection string. - $url['user'] = urldecode($url['user']); - $url['pass'] = urldecode($url['pass']); - $url['host'] = urldecode($url['host']); - $url['path'] = urldecode($url['path']); + $url = db_decode_url(parse_url($url)); // Allow for non-standard MySQL port. - if (isset($url['port'])) { - $url['host'] = $url['host'] .':'. $url['port']; + if ($url['port'] !== '') { + $url['host'] = $url['host'] .':'. $url['port']; } // Test connecting to the database. Index: includes/install.mysqli.inc =================================================================== RCS file: /cvs/drupal/drupal/includes/install.mysqli.inc,v retrieving revision 1.6 diff -u -p -r1.6 install.mysqli.inc --- includes/install.mysqli.inc 27 Dec 2006 13:02:34 -0000 1.6 +++ includes/install.mysqli.inc 30 Dec 2006 11:24:12 -0000 @@ -25,13 +25,8 @@ function drupal_test_mysqli($url, &$succ return FALSE; } - $url = parse_url($url); - // Decode url-encoded information in the db connection string. - $url['user'] = urldecode($url['user']); - $url['pass'] = urldecode($url['pass']); - $url['host'] = urldecode($url['host']); - $url['path'] = urldecode($url['path']); + $url = db_decode_url(parse_url($url)); $connection = mysqli_init(); @mysqli_real_connect($connection, $url['host'], $url['user'], $url['pass'], substr($url['path'], 1), $url['port'], NULL, MYSQLI_CLIENT_FOUND_ROWS); Index: includes/install.pgsql.inc =================================================================== RCS file: /cvs/drupal/drupal/includes/install.pgsql.inc,v retrieving revision 1.2 diff -u -p -r1.2 install.pgsql.inc --- includes/install.pgsql.inc 27 Dec 2006 13:02:34 -0000 1.2 +++ includes/install.pgsql.inc 30 Dec 2006 11:24:12 -0000 @@ -25,13 +25,8 @@ function drupal_test_pgsql($url, &$succe return FALSE; } - $url = parse_url($url); - // Decode url-encoded information in the db connection string. - $url['user'] = urldecode($url['user']); - $url['pass'] = urldecode($url['pass']); - $url['host'] = urldecode($url['host']); - $url['path'] = urldecode($url['path']); + $url = db_decode_url(parse_url($url)); // Build pgsql connection string and allow for non-standard PostgreSQL port. $conn_string = ' user='. $url['user'] .' dbname='. substr($url['path'], 1) .' password='. $url['pass'] . ' host=' . $url['host'];