? safe-css-class.patch
? sites/default/files
Index: includes/common.inc
===================================================================
RCS file: /cvs/drupal/drupal/includes/common.inc,v
retrieving revision 1.845
diff -u -p -r1.845 common.inc
--- includes/common.inc	11 Jan 2009 08:39:07 -0000	1.845
+++ includes/common.inc	11 Jan 2009 16:23:55 -0000
@@ -2301,6 +2301,23 @@ function drupal_clear_css_cache() {
 }
 
 /**
+ * Ensure that a CSS class name only contains legal characters.
+ *
+ * We are not using 'a-z' in the regex, as that might leave
+ * in certain international characters (e.g. German umlauts).
+ *
+ * @param $string
+ * The raw name of the CSS class to prepare.
+ * @param $token
+ * The replacement token to use for illegal characters.
+ * @return
+ * A safe CSS class string, all lower-case.
+ */
+function check_class($string, $token = '') {
+  return preg_replace('![^abcdefghijklmnopqrstuvwxyz0-9-_]+!s', $token, strtolower($string));
+}
+
+/**
  * Add a JavaScript file, setting or inline code to the page.
  *
  * The behavior of this function depends on the parameters it is called with.
Index: includes/theme.inc
===================================================================
RCS file: /cvs/drupal/drupal/includes/theme.inc,v
retrieving revision 1.461
diff -u -p -r1.461 theme.inc
--- includes/theme.inc	9 Jan 2009 16:19:55 -0000	1.461
+++ includes/theme.inc	11 Jan 2009 16:23:57 -0000
@@ -1908,10 +1908,8 @@ function template_preprocess_page(&$vari
   // Add a class that tells us whether the page is viewed by an authenticated user or not.
   $body_classes[] = $variables['logged_in'] ? 'logged-in' : 'not-logged-in';
   // Add arg(0) to make it possible to theme the page depending on the current page
-  // type (e.g. node, admin, user, etc.). To avoid illegal characters in the class,
-  // we're removing everything disallowed. We are not using 'a-z' as that might leave
-  // in certain international characters (e.g. German umlauts).
-  $body_classes[] = preg_replace('![^abcdefghijklmnopqrstuvwxyz0-9-_]+!s', '', 'page-' . form_clean_id(drupal_strtolower(arg(0))));
+  // type (e.g. node, admin, user, etc.).
+  $body_classes[] = check_class('page-' . form_clean_id(drupal_strtolower(arg(0))));
   // If on an individual node page, add the node type.
   if (isset($variables['node']) && $variables['node']->type) {
     $body_classes[] = 'node-type-' . form_clean_id($variables['node']->type);
Index: modules/block/block.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/block/block.module,v
retrieving revision 1.318
diff -u -p -r1.318 block.module
--- modules/block/block.module	30 Dec 2008 16:43:15 -0000	1.318
+++ modules/block/block.module	11 Jan 2009 16:23:58 -0000
@@ -217,10 +217,12 @@ function block_block_save($delta = 0, $e
 /**
  * Implementation of hook_block_view().
  *
- * Generates the administrator-defined blocks for display.
+ * Generates the administrator-defined blocks for display. For easier theming, 
+ * we turn the delta into a string, using only class-safe characters.
  */
 function block_block_view($delta = 0, $edit = array()) {
-  $block = db_fetch_object(db_query('SELECT body, format FROM {box} WHERE bid = %d', $delta));
+  $block = db_fetch_object(db_query('SELECT body, format, info FROM {box} WHERE bid = %d', $delta));
+  $data['delta'] = check_class($block->info, '-');
   $data['content'] = check_markup($block->body, $block->format, '', FALSE);
   return $data;
 }