Early Bird Registration for DrupalCon Portland 2024 is open! Register by 23:59 UTC on 18 March 2024, to get $100 off your ticket.
Install
Works with Drupal: 7.xUsing Composer to manage Drupal site dependencies
Downloads
Download views-7.x-3.6.tar.gztar.gz
1.56 MB
MD5: 1531a1ece3970332db1559b854f5dcc9
SHA-1: ba3b766cbf2ac884d0c2f632ea341abd9bda2a71
SHA-256: fe230f80ff59f34f38075707759db596766dddf4fe996a3adf8bc2c9e5ea7b26
Download views-7.x-3.6.zipzip
1.79 MB
MD5: 0d7c7de301caa52670869060e22d1ef3
SHA-1: 6e25f9037dd928b14d47693b9097001ffd44a627
SHA-256: da4a9eb08721d5171c4da5e7cdd71f8f62fcb032558eb6263290ee88109bbb12
Release notes
The security issue in views is caused by various places in the views UI where a string is not sanitized,
because it has been assumed to be static and by commiters, though you can change some of these strings using other administrative permissions. SA-CONTRIB-2013-035 - Views - Cross Site Scripting (XSS)
Other commits:
- #82088 by grisendo: Add sanitation in various places in the views UI
- #1920690 by jnettik: Added Allow for inline to be configured for jump menus.
- #1551534 by bcn: Added Allow a button in an exposed forms to trigger ajax.
- #1914024 by peximo | heyyo: Fixed Title-overriden term name not translated on a taxonomy overriden views page.
- #1889198 by Pedro Lozano: Fixed Performance problem in _views_fetch_data(), multiple unnecessary cache rebuilds.
- #1496418 by dawehner, hass, webflo: Fixed Views: Don't change capitalization of translatable strings with CSS.
- #1852116 by Les Lim, Chris Burge: Added Backport from D8: Customizable true/false Views output for booleans.
- #1294056 by dawehner | wgthompson: Fixed Cannot use Aggregator IID in Contextual Filter.
- #1514162 by SteveTheRed: Fixed Regular expression filters on numeric fields produce invalid SQL.
- #1947444 by ericduran: Fixed Do not always apply the jQuery UI dialog patch.
- #1920278 by greggles, dawehner: Indicate that 'administer views' and 'access all views' is kind of a big deal by making it 'restrict access' -> true.
- #1525152 by dawehner, Berdir, Georgique: Fixed format_key() handling broken which results in lost translations.
- #1306564 follow-up by damiankloip, jweowu: Added Remove contextual links from rendered view.
- #857282 by dawehner, slv_ | Bojhan: Fixed Advanced help message.
- #1879290 by xiukun.zhou | rb2k: Fixed Error 'Use of undefined constant link_url() on default homepage.
- #1391856 by mariacha1 : Don't export field display_options()['fields']['url']['alter']['target'] as translatable string.
- #1804448 by naxoc: Fixed Code from documentation is causing PHP notices.
- #1831142 by damiankloip, mducharme, dawehner: Fixed Path is never empty in option summary.
- #1874838 by Itangalo, dawehner: Added Allow exposed blocks to use 'Link display' settings.
- #1852588 by Ivan Zugec | toomanypets: Fixed Incorrect filename in documentation.
- small codestyle fixes in the prev. commit
- #1863020 by amarnus: Fixed View's build fails when an unrelated form on the same page has validation errors.
- #1862014 by tim.plunkett, agentrickard: Fixed Revision handler makes assumptions about path.
- #1069326 by atouchard, dawehner, greggles | dgiamporcaro: Fixed access arguments on admin/views/ajax/autocomplete/user ajax call.
- #1855816 by Hydra: Fixed Disableing 'Add views row classes' causes div's with whitespace.
- #1844276 by nagwani, YesCT | jweowu: Fixed Spelling mistake.
- #1677692 by damiankloip, ptrl, kid_icarus | chebureque: Fixed Remove duplicates from exposed search filter results.
- #1807916 by David_Rothstein | Gode: Fixed Reset button on exposed filters causes a redirect loop in Drupal 7.17.
- #1829734 by dawehner, dww: Expose tracker data to views.
- #1625248 by Jorrit | sigent: Fixed Mini Pager ('tags') aren't being applied.
- #1822440 by ezra-g: Fixed 'Content access' filter should check for node_grants() implementations before adding node access grant queries.
- #1815062 by Ignigena | jhr: Typo 'Standard derivation' to 'Standard deviation' .
- #1809510 by erikwebb: Added Make render time performance metric accessible in hook_views_post_render().
- #1752062 by NewSky, dawehner, shardach: Fixed Fatal error: Unsupported operand types in [path to drupal]/sites/all/modules/views/includes/handlers.inc on line 1032.
- #1507854 by rooby, mgifford: Added the ability to have a label for jump menu selector fields.
- #843708 by colan, mgifford, samuelsov, greggles, dawehner: Added option to set caption in the html table (Accessibility).
- #1421844 by catch, bdragon, swentel | thebuckst0p: Fixed views_fetch_data() cache item can reach over 10mb in size.
- #948198 by Darren Oh, dawehner | perandre: Added Option not to display Order selectbox when using Exposed sort criterion.
- #1646392 by ygerasimov, damiankloip | henrikakselsen: Fixed Getting a 'No views match the search criteria.' on the main views screen.
- #1782678 by Pierre Paul Lefebvre: Fixed 'Combine fields' filter doesn't work with 'Contains any word'.
- #1515156 by plach, fabsor, steinmb: Added Expose the field language column for translatable fields.
- #1496418 by dawehner, webflo, hass: Fixed Remove capitalization abuse in strings.
- #1791372 by yannickoo: Added 0 and 1 to views_handler_field_boolean().
- #1751460 by sphism: Clarify the empty result settings description on fields.
- #1754354 by andypost, Staratel | bjarkig82: Change the node_revision default_relationship to use a vid join to match the previous behaviour.
- #1765824 by tim.plunkett: Issue #1765824 by tim.plunkett: Make define_mappings on map style plugin abstract.
- #1765824 by tim.plunkett: Added Provide a way to map views fields to a certain meaning.
- #1765724 by tim.plunkett: Fixed options_form() is called twice for Page and Feed.
- #1632504 by joachim: Fixed views_handler_field_term_link_edit() should check it actually has a term tid.