Downloads
Release notes
Maintenance release of the Drupal 7 series. Includes a variety of new features, improvements, and bug fixes (no major, non-backwards-compatible new functionality).
No security fixes are included in this release.
Drupal 7.50 is a version jump compared to the previous 7.44 release; this is to indicate that this Drupal 7 point release is a bit larger than past ones and makes a few more changes and new features available than normal. See the release announcement for more information about Drupal 7.50.
Two minor changes have been made to the robots.txt and default.settings.php files in this release:
- Added support for full UTF-8 (emojis, Asian symbols, mathematical symbols) on MySQL when the site and database are configured to allow it
- Robots.txt now allows search engines access to CSS, JavaScript and image files
Upgrading custom versions of these files to incorporate the above changes is recommended, but not required.
In addition, an .editorconfig file has been added:
No changes have been made to the .htaccess and web.config files in this release.
"The following module is missing from the file system..." warning messages
As of Drupal 7.50, Drupal will log a PHP warning message when it cannot find a file that it expects to be in the filesystem. See How to fix "The following module is missing from the file system..." warning messages for information on how to fix this warning message.
Known issues:
- Sites using a PostgreSQL database with multiple schemas or with a database prefix may get a failure when trying to update to Drupal 7.50. See #2765043: multiple primary keys for table "history" are not allowed for additional details.
Major changes since 7.44:
- #611294: Added a new "administer fields" permission for trusted users, which is required in addition to other permissions to use the field UI (change record).
- #2514136: Added clickjacking protection to Drupal core by setting the X-Frame-Options header to SAMEORIGIN by default (change record).
- #2488180: Added support for full UTF-8 (emojis, Asian symbols, mathematical symbols) on MySQL and other database drivers when the site and database are configured to allow it (change record).
- #1081266: Improved performance by avoiding a re-scan of directories when a file is missing; instead, trigger a PHP warning (minor API change; see the change record).
- #2747679 and #2760609: Made it possible to use any PHP callable in Ajax form callbacks, form API form-building functions, and form API wrapper callbacks (API addition; see the change record).
- #889772: Fixed that following a password reset link while logged in leaves users unable to change their password (minor user interface change; see the change record).
- #2620104 and #2656548: Implemented various fixes for automated test failures on PHP 5.4+ and PHP 7. Drupal core automated tests now pass in these environments.
- #2656548: Improved support for PHP 7 by fixing various problems.
- #2215369: Fixed various bugs with PHP 5.5+ imagerotate(), including when incorrect color indices are passed in.
- #2678822: Fixed a regression introduced in Drupal 7.43 that allowed files uploaded by anonymous users to be lost after form validation errors, and that also caused regressions with certain contributed modules.
- #2502263: Fixed a regression introduced in Drupal 7.36 which caused the default value of hidden textarea fields to be ignored.
- #2364343: Fixed robots.txt to allow search engines to access CSS, JavaScript and image files (change record).
- #2470145: Changed wording on the Update Manager settings page to clarify that the option to check for disabled module updates also applies to uninstalled modules (administrative-facing translatable string change).
- #2418209: Changed the help text when editing menu links and configuring URL redirect actions so that it does not reference "Drupal" or the drupal.org website (administrative-facing translatable string change).
- #2371861: Fixed the locale safety check that is used to ensure that translations are safe to allow for tokens in the href/src attributes of translated strings.
- #1645156: Fixed that URL generation only works on port 80 when using domain based language negotation.
- #1116326: Made method="get" forms work inside the administrative overlay. The fix adds a new hidden field to these forms when they appear inside the overlay (minor data structure change).
- #2578173: Increased maxlength of menu link title input fields in the node form and menu link form from 128 to 255 characters.
- #2646280: Removed meaningless post-check=0 and pre-check=0 cache control headers from Drupal HTTP responses.
- #1713662: Added a .editorconfig file to auto-configure editors that support it (change record).
- #2551981: Added --directory option to run-tests.sh for easier test discovery of all tests within a project.
- #2189345: Made run-tests.sh exit with a failure code when there are test fails or problems running the script.
- #2491353: Fixed that cookies from previous tests are still present when a new test starts in DrupalWebTestCase.
- #2634840: Improved performance of queries on the {authmap} database table.
- #412808: Fixed handling of missing files and functions inside the registry.
- #1458824: Fixed Ajax handling for tableselect form elements that use checkboxes.
- #1327728: Fixed a bug which caused ip_address() to return nothing when the client IP address and proxy IP address are the same.
- #2393461: Added a new option to format_xml_elements() to allow for already encoded values.
- #2633334: Changed the {history} table's node ID field to be an unsigned integer, to match the same field in the {node} table and to prevent errors with very large node IDs.
- #2674028: Added an explicit page callback to the "admin/people/create" menu item in the User module (minor data structure change). Previously this automatically inherited the page callback from the parent "admin/people" menu item, which broke contributed modules that override the "admin/people" page.
All changes since 7.44:
- #2762393 by stefan.r, MustangGB, David_Rothstein: Skip error triggering for missing files if the files are empty or "default"
- #2761285 by MegaChriz: _drupal_session_write() does not always return a boolean
- #2488180 by stefan.r, stovak, pwolanin, David_Rothstein, Noe_, typhonius, KhaledBlah, joelpittet, Fabianx, geerlingguy, nithinkolekar, mikeytown2, jduhls, scuba_fly, travelvc, hass: Support full UTF-8 (emojis, Asian symbols, mathematical symbols) on MySQL and other database drivers when they are configured to allow it
- #2760609: Allow the use of callbacks instead of global functions in the Form API
- #2759899 by Fabianx: drupal_get_schema_versions() does report wrong data the first time a test is run
- #2747679 by david_garcia, pashupathi nath gajawada, izaaksom: Ajax form callbacks can only be global functions
- #2502263 by hgoto, David_Rothstein, klausi, ckng, rhclayto: Drupal 7.36 regression: hidden field textarea #default_value is ignored
- #1645156 by attiks, tstoeckler, talhaparacha, amontero, Carsten Müller, Albert Volkman, Gábor Hojtsy, David_Rothstein, leschekfm, vasi1186, dcam, catch, Sweetchuck, Fabianx, nicrodgers: URL generation only works on port 80
- #1458824 by idebr, JvE, therealssj, mayaz17, cwoky, Henrik Opel, lokapujya, kevinquillen, presleyd, nod_, jbeuckm, botris, mistermoper, gcardinal: Ajax doesn't work with Tableselect with checkboxes
- #1081266 by stefan.r, jeroen.b, mikeytown2, David_Rothstein, tsphethean, mfb, joseph.olstad, marcelovani, Kars-T, joelpittet, Fabianx, catch, fgm, das-peter, alexpott, emcniece, oriol_e9g, sun, corbacho, klausi, mgifford, onelittleant, Peter Bex, Spleshka, beejeebus, Berdir, pwaterz, SocialNicheGuru, sylus, Wim Leers, heyyo, joshtaylor, swentel, alanburke, dagmar, alexmoreno, kenorb, EvanSchisler, Mark Theunissen, bmateus, andypost, Lukas von Blarer, ChristophWeber, nicholas.alipaz, arosboro, askibinski, dawehner, DerekL, ExTexan: Avoid re-scanning module directory when a filename or a module is missing
- #2393461 followup by Sagar Ramgade: format_xml_elements() does not allow unencoded values
- #2393461 followup by nevergone: format_xml_elements() does not allow unencoded values
- #2393461 by David_Rothstein, mpv, maciej.zgadzaj, Sagar Ramgade, davic, Fabianx: format_xml_elements() does not allow unencoded values
- #2578173 by Peacog, David_Rothstein, maximpodorov, marvin_B8, andypost, alexpott, tatisilva: Increase menu title maxlength to 255 in forms containing menu items
- #2371861 followup by David_Rothstein: Strings including tokens in href or src attributes cannot be translated due to safeness check incompatibilities
- #1116326 by s_leu, yannickoo, dawehner, nod_, pwolanin, David_Rothstein, ksenzee, realityloop, miro_dietiker, broeker, mariagwyn, Christian DeLoach: Support admin overlay in exposed forms
- #2749489 by pwolanin: Write test for the User module security issue from SA-CORE-2016-002
- #2563751 by borisson_, rocketeerbkw, cilefen, pietmarcus, NikitaJain, imanol.eguskiza, pjonckiere: Password field errors on user create/edit/login when password is (literally) 0
- #1327728 by Darren Oh, Josh Waihi, cspitzlay, c960657: ip_address() fails when client request IP and proxy IP are the same
- #1388664 by akoepke, chirhotec, klokie, lOggOl: Blog module conflicts with other URL routes beginning with "blog/"
- #1622964 by felribeiro, snehi, ar-jan, Girish-jerk, jhodgdon, joachim, jp.stacey, stefan.r: docs for EntityFieldQuery::fieldCondition are really sparse
- #2676472 by micaelamenara, dagmar, jhodgdon: docs for t() and related functions don't explain how context works
- #2669704 by eiriksm, jhodgdon: Missing function doc comments in user.pages.inc
- #2640888 by IRuslan, kala4ek: Broken link on image toolkits conf page when no toolkits are installed
- #1732906 by peterpoe, Ken Ficara, forestgardener, eesquibel, minax.de: Uninitialized variable in number_field_formatter_settings_form
- #2674028 by catch: Add page callback to admin/people/create menu item
- #2633334 by orbmantell, e._s, catch, TravisCarden: Unsigned int vs. int mismatch between node.nid and history.nid
- #2215369 by fietserwin, Lowell, mondrake, mr.baileys, David_Rothstein, kristofferwiklund, TwoD, bradjones1, svanou, kristiaanvandeneynde, Fabianx: Various bugs with PHP 5.5 imagerotate(), including when incorrect color indices are passed in
- #2660762 by twistor: TrackerTest::testTrackerNewComments() sets the node title incorrectly
- #2660766 by David_Rothstein, twistor: UpgradePathTaxonomyTestCase::testTaxonomyUpgrade() doesn't properly test field settings
- #2660754 by twistor, David_Rothstein: Invalid numeric comparison in OpenIDTestCase::testConversion()
- #412808 by Berdir, rupertj, beejeebus, sun, PieterDC, scottalan, catch: Handling of missing files and functions inside the registry
- #2717633 by mikeytown2, twistor, scor, Fabianx, MustangGB: PHP 7 hook_rdf_mapping() ['mapping']['rdftype'] failing in rdf.test: RDF type is present on post
- #2364343 by damien_vancouver, criz, ksenzee, Neograph734, joegraduate, k_zoltan, droplet, pounard, jp.stacey, ciss, corbacho, TravisJohnston: Fix robots.txt to allow search engines access to CSS, JavaScript and image files
- #2189345 by benjy, sanduhrs, Mile23, joshtaylor, jbekker, David_Rothstein, klausi, sun, zaporylie, pfrenssen, jsacksick, jibran, Mixologic, znerol, Xano, alberto56: run-tests.sh should exit with a failure code if any tests failed
- #2551981 by jthorson, Mixologic, Fabianx, David_Rothstein: Add --directory option to run-tests.sh test discovery
- #2491353 by pfrenssen, pietmarcus, znerol, David_Rothstein: Cookies from previous tests are still present when a new test starts
- #1713662 by nod_, Eric_A, treyhunner, sun, basvredeling: Introduce .editorconfig to auto-configure editors that support it
- #889772 by tuutti, stefan.r, opdavies, Sutharsan, Perignon, pjcdawkins, joachim, das-peter, YesCT, David_Rothstein, Zerdiox, hussainweb, Fabianx, mgifford, xjm: Following a password reset link while logged in leaves users unable to change their password
- #2669568 by soaratul: Docblock typo in file_download_headers
- #1364694 by gielfeldt: MemoryQueue::createItem does not return TRUE
- #2311305 by donutdan4114, stefan.r, Polonium, rpayanm, tadityar, Fabianx, Dave Reid: getPrefixInfo() calls wrong function to get the connection info
- #2634840 by brianV: Add index on uid and module columns to authmap
- #2660744 by twistor: Skip test for decoding invalid numeric entities in 5.4+
- #2371861 by DuaelFr, YesCT, pietmarcus, Gábor Hojtsy, tucho: Strings including tokens in href or src attributes cannot be translated due to safeness check incompatibilities
- #2756209: Add the new Drupal 7 co-maintainers to MAINTAINERS.txt
- #2694731 by nicrodgers: user_access(): incorrect documentation
- #2660240 by Kgaut: Typo in menu.inc
- #376391 by mimran, snehi, pietmarcus, jhodgdon: Document that module_invoke_all / ModuleHandlerInterface::invokeAll reindexes arrays
- #2718323 by Liam Morland, jhodgdon: In drupal_http_request(), mention http_build_query()
- #2718179 by dagmar: Better documentation for suspicious encoded string in dblog tests
- #2663752 by twistor, DamienMcKenna, ParisLiakos, sdstyles, Berdir: Undefined string index 0 in DrupalTestCase::getAbsoluteUrl() in PHP 7
- #2663746 by twistor, MustangGB: Array to string conversion in trigger.test for PHP 7
- #2460833 by jackbravo, colinmccabe, checker, Alan D., twistor: _drupal_session_destroy() should return boolean
- #2712993 by MustangGB, klausi: Can't override the same CSS files multiple times
- Merge tag '7.44' into 7.x
- #2646280 by Elijah Lynn, pietmarcus: Remove IE pre-check and post-check Cache-control headers
- #2395385 by DamienMcKenna: simpletest fatal error when creating a non language neutral node and not specifying a node body
- #2514136 by pwolanin, David_Rothstein, Fabianx, greggles: Add default clickjacking defense to core
- #611294 by swentel, klausi, David_Rothstein, tsphethean, jenlampton, attiks, yched, sun, benjy, dcam: Added a new "administer fields" permission for trusted users to use the field UI.
- #2640344 by rafaolf, mohit_aghera, GrigoriuNicolae, jhodgdon: Document how to make hook_search_info() titles translatable
- #2470145 by David_Rothstein, rbmboogie, tbradbury, johnpicozzi, talhaparacha, ifrik, darol100: Fix text for update manager checkbox for disabled extensions
- #2418209 by chintan.vyas, lucastockmann, jacob.embree: Replace user facing strings that use drupal.org as example of an external url
- #2678822 by DamienMcKenna, David_Rothstein, stefan.r: Drupal 7.43 regression: When an anonymous user submits a form with an un-uploaded file that leads to a validation error, the file is lost on the next correct submission