Drupal 7.x

The forum led me to the answer last time, thought I would try one more...

I have a site at www.amberwavesdiving.com/our-gear. I want the them of the gear, which is different than the rest of the theme, but with a WYSIWYG editor and without the items showing up. If I remove taxonomy from the view, I lose my searchability at the top of the page.

I have created several sites that use Location based data. Usually all that is needed is a place to store the address and display them on a google map. I have been using the Location/gmap module combination. The problem is they seem out dated and not really cck or views centric. Also, they just barely work as they are and do not provide a good user experience. There are others out there but I was wondering what the community thought about them.

I down loaded the pixture theme to my local host. I want to develop a website which I want put top navigation on the right top side. some subnavigation on the left side. and also develop some content. Can you tell me how to get start?

Hello. I've wanted to raise an issue that actually isn't within Drupal itself. There is an XSS vulnerability that IE MIME-sniffer creates, which can be easily exploited in Drupal with Upload module enabled. Drupal Security Team won't release a fix, because it's out of Drupal control. More information on vulnerability and fix can be found here

Here is an extract from my blog:

IE always loved to create vulnerabilities where they would never be. Not many people know, but there is an old bug in IE MIME-sniffer, which can be easily exploited. The essence of the bug is that when IE renders file, which was sent along with Content-type: text/plain header, it tries to identify its MIME type. So, if file contains HTML code inside, IE will think its text/html and render it. Simple example of exploit in Drupal:
1. There is a Drupal site with enabled Upload module.
2. Attacker uploads *.txt file with HTML code inside. By default Drupal allows *.txt files.
3. Attacker sends a link to that file to victim.
4. Victim opens it in IE and HTML code is rendered.

Hi,

In a module that I am currently writing. I need to be able to change the currently active default theme of the website. How can this be done?

How do I change the current theme programatically?

Raj

I wonder if it is possible to restrict access (view) of certain nodes / node-types / by taxonomy or whatever in Drupal 7.
"Simple Access" seems to be the only module ported to Drupal 7. But it is buggy and i think it is not maintained anymore. Any other options?
Thx h3ndrik