Downloads

Download twitter-6.x-5.2.tar.gztar.gz 64.93 KB
MD5: bf6145d93d8a06527b0bfae8c8b8888e
SHA-1: c5c4a595912650949d5c0189224a18027827e68a
SHA-256: 0297b77ce450eee42efe49a0fbf0a10c7dbca8ce7348c6011c0a7e5e8afef3dc
Download twitter-6.x-5.2.zipzip 76.56 KB
MD5: 2df6e813a22236844f0af7d3bb3ec157
SHA-1: 334767b9bcbf97e07b322e76120d71168b8e9473
SHA-256: 17fb7fec9d9a3d376454cc9d580f133f2483b902be065bcf0b1839fa403929e0

Release notes

This has been superseded by v6.x-5.3.

Twitter - Moderately Critical - Access bypass - SA-CONTRIB-2015-146

This includes a wealth of improvements and bug fixes since the last release, totaling almost 100 issues fixed and almost 300 new patches written in the past six months, and is a recommended update for all sites. As always, test the update on a copy of the site to confirm there are no unexpected changes.

Notable changes include:

  • Downloading tweets that contain emoji will no longer break the module.
  • There now exists a notion of a Twitter account being considered "global". When writing tweets via the Twitter Post submodule, a user may select from either global accounts or authenticated ones that they themselves have added to the site. Users may also no longer publish from an account that is not publish which they do not own. There are new options permissions involved in this, it is highly recommended to verify the site's configuration after updating to ensure everything is still working as intended.
  • Images embedded in tweets will now be displayed.
  • A custom pane was added for Panels integration, for posting to Twitter when building a custom node_edit display.
  • A new text filter was added that allows embedding tweets by simply pasting the full URL of a single tweet.
  • Improved error handling when API calls fail.
  • Many bug fixes.

Full changelog since v6.x-5.1:

  • #1045304 by escore: Rules: Post to current user's Twitter account.
  • By DamienMcKenna: Initial CHANGELOG.txt file.
  • #2369833 by Jorrit: twitter_twitter_accounts() shouldn't return any accounts for the anonymous user.
  • #1953280 by lifecoderua: Wrong API declaration for hook_twitter_account_save().
  • #604530 by aaronbauman, DamienMcKenna: Fix hook_content_extra_fields integration so the fieldset can be positioned on node form.
  • #1884064 by jgSnell, e0ipso: Link path to configure is wrong in hook_requirements().
  • #2205277 by AdamPS: Do not convert in_reply_to_user_id field to integer when it must allow larger values.
  • #1929126 by colin_vanarts, leewillis77, AdamPS, DamienMcKenna: Store the entire message for retweets.
  • #1985708 by DamienMcKenna, ingaro: Internal API incorrectly assumed numeric screen names were actually account IDs.
  • #2049187 by Xano: search.twitter.com is no longer active.
  • #2055951 by xurizaemon, leewillis77, drupal_jon, DamienMcKenna: Change the twitter_id field to a BIGINT field, to allow room for Twitter's larger-than- 32bit unique IDs.
  • #1825680 by lyricnz, DamienMcKenna: Add width/height attributes to the profile images.
  • #1929126 by DamienMcKenna: Remove redundant RT: bit from retweets.
  • #1929126 by AdamPS, DamienMcKenna: Fix RT text.
  • #2022485 by DamienMcKenna, Elijah Lynn: Improve status message upon posting to Twitter.
  • By DamienMcKenna: Misspelling of "Twitter" in twitter.pages.inc.
  • #1642522 by cinnamon, digitalhorde, stimalsina, DamienMcKenna: Protocol-relative URLs for profile images.
  • #1895320 by Drave Robber, DamienMcKenna: Updated API docs for hook_twitter_account_save().
  • #1970498 by nielsonm, arcovia, DamienMcKenna: Only allow users to tweet using global or their personal accounts.
  • #652680 by steinmb, DamienMcKenna: Don't assume user registration is successful.
  • #2042053 by InternetDevels: Allow translation of the "characters remaining" phrase in the Twitter Post module.
  • #2403717 by dysproseum, DamienMcKenna: Catch any Twitter API request errors.
  • #1967798 by DamienMcKenna: Updated README.txt to explain about the OAuth reqs.
  • #1943398 by nwehner, tanc, DamienMcKenna: Truncate !title token to prevent the tweet submission failing.
  • #2548093 by DamienMcKenna: Fixed incorrect variable name in try-catch block.
  • #2548097 by DamienMcKenna: Fixed incorrect variable name in users_show().
  • #2548101 by DamienMcKenna: Don't exist variables exist in twitter_oauth_callback_validate().
  • #2548111 by DamienMcKenna: twitter_account_load() query error when passing in a screen name.
  • #633450 by graker, steinmb, DamienMcKenna: Don't loose the Twitter Post options when previewing a node.
  • #2040901 by jamiehollern, DamienMcKenna: Allow mentions for unknown users.
  • #2212407 by DamienMcKenna, jonhines: Tie non-auth accounts to the correct user.
  • #2084729 by DamienMcKenna: twitter_connect() shouldn't list non-authed users.
  • #1902780 by DamienMcKenna: Removed the dependency on Views, it's optional.
  • #2353371 by DamienMcKenna, filippo.ledda: Fix tweet formatting so that mentions prefaced by a period will work correctly.
  • #2531874 by DamienMcKenna; Changed {twitter}.in_reply_to_status_id, {twitter}.in_reply_to_user_id and {twitter_account}.twitter_uid to BIGINT.
  • #1365452 by sillygwailo, balleyne, GaxZE, happysnowmantech, jenlampton, DamienMcKenna: Text filter for embedding tweets.
  • #1910376 by lex0r, joelpittet, nicrodgers, IT-Cru, DamienMcKenna, basvredeling: Update {twitter}.text field to use a 'blob' to avoid problems with MySQL's character limitations in the 'utf8' table scheme. See: https://www.drupal.org/node/1910376
  • #2534206 by DamienMcKenna: More verbose comments in hook_schema to explain why the {twitter}.text field is stored as a blob.
  • #1878660 by DamienMcKenna: Don't show the login/registration form options if the API keys haven't been saved yet.
  • #2430229 by DamienMcKenna, sumitmadan: By default don't re-post tweets on nodes that are already published, but give an option to change this.
  • #1886540 by DamienMcKenna: By default don't allow logins when the site is in maintenance mode, but give sites the option to allow it.
  • #2338125 by durum: Fixed permission check for adding non-authenticated accounts.
  • #1895472 by DamienMcKenna, Adirael: Don't allow people to edit each other's Twitter accounts.
  • #1993470 by jamix, DamienMcKenna: Improved _twitter_filter_text().
  • #1514284 by DamienMcKenna: Some slight cleanup to the signup oauth callback.
  • #2143605 by kladrian, DamienMcKenna: Reload the user object after logging in to ensure a full user object is passed along to the various hooks.
  • #2249055 by DamienMcKenna: Fixed the paths mentioned in the README.txt.
  • #2553107 by DamienMcKenna: Backported Drush improvements from 7.x-5.x.
  • #2214867 by DamienMcKenna: Added index on {twitter}.created_time.
  • #1911494 by DamienMcKenna, Sheldon Rampton: Don't assume twitter_connect() works every time, identify failures.
  • #2553077 by DamienMcKenna: Option to disable loading the bundled views.
  • #2055685 by DamienMcKenna, marthinal: API calls for authenticated users should use that account.
  • #2388479 by DamienMcKenna: Warn that the hashtag text filter causes problems with other HTML.
  • #1994362 by DamienMcKenna, mgriego: Reverted changes to update 6504, made it cover for more scenarios.
  • #2025899 by DamienMcKenna: Give a warning if OAuth v2 is installed, v3 is required.
  • #2222837 by rahulbile, DamienMcKenna: New permission for controlling settings.
  • #2119759 by djac, DamienMcKenna: Add index on {twitter_account}.uid.
  • #2022561 by Elijah Lynn: Return the status message in hook_nodeapi.
  • #2544672 by gurvan, DamienMcKenna: Add classes to linked inserted by the text filters.
  • #1648970 by DamienMcKenna, HaloFX, wouters_f: Optionally hide the Twitter button on login forms.
  • #1275440 by ultimateboy: Internal API for retweeting a tweet.
  • #1943440 by DamienMcKenna, Sheldon Rampton: Added new hooks around the timeline loading process.
  • #2357921 by mkolar, DamienMcKenna: Allow the OAuth callback URL to be changed.
  • By DamienMcKenna: Renamed the twitter_account_load_all function to twitter_load_accounts() to match v6.
  • #1890926 by Drave Robber, DamienMcKenna: Drush command for posting tweets.
  • #940060 by Jon Pugh, univate, justondoge, DamienMcKenna: Pass the current domain when authenticating.
  • #1890926 by DamienMcKenna: Fixes to the Drush 'tweet' command.
  • #2556013 by DamienMcKenna: Ensure the 'post' option is respected on new content.
  • #2239041 by DamienMcKenna: Replaced all http:// URLs with https:// ones.
  • #2556611 by DamienMcKenna: New permission for controlling who has access to post using a global account.
  • #2556011 by DamienMcKenna: Updated the README.txt file.
  • #2558443 by DamienMcKenna: Fixed D7-style paths in documentation & help text.
  • #2558457 by DamienMcKenna: Additional logging during cron.
  • #2559153 by DamienMcKenna: Incorrect use of user_load() when posting tweets.
  • #2559239 by DamienMcKenna: Fixed embedded tweets, other functionality after recent changes to twitter_connect().
  • #2163715 by migrad, hideaway, mkolar, DamienMcKenna: Optionally hide the new-user password message.
Created by: DamienMcKenna
Created on: 30 Aug 2015 at 10:01 UTC
Last updated: 9 Sep 2015 at 19:22 UTC
Git tag 6.x-5.2
Security update
Bug fixes
New features

Other releases