By macelee on
The new Drupal core 7.20 contains the following update notes:
any code which programmatically generates a link to an image derivative without using the standard image_style_url() API function will no longer work correctly if the image does not already exist in the file system, since the necessary token will not be present in the URL.
This is a bit too technical for me. I have a board game site which has a text filter converting board positions from plain texts to PNG files which are embedded in articles and forum posts. Will I be affected by the above?
Comments
Can anyone explain the
Can anyone explain the warning in Drupal update notes please? I don't understand what "image derivative" is and could not find any explanation.
When you upload an image
When you upload an image Drupal might, for example, generate a thumbnail. That's an "image derivative".
The creation of derivatives is broken in 7.20. To get the feature to work it's necessary to include the line in the settings file mentioned in the readme. Took me several hours to figure that out.
The only change in 7.20 relates to improved security for images. So overriding the feature via the settings file negates the value of the update. Given that there is a security issue related to images and that the current "fix" breaks things implies the developers are going to have to come up with an alternate strategy.
Derivatives not broken
My previous statement to the effect that imagestyles/derivatives were broken in drupal 7.20 was incorrect.
My problem was solved by overriding the security update in 7.20 however testing a clean drupal 7.19 install and then upgrading to 7.20 does not reproduce the issue.
7.20 works fine. My problem lies elsewhere.
Most sites should work fine
Most sites should work fine after upgrading to Drupal 7.20. However, there are several modules that won't work currently (see the "known issues" section of http://drupal.org/drupal-7.20-release-notes). If you are running any of those modules on your site, see the notes there for further information.
If you're not running any of those modules, there's a good chance you'll be fine, although there's always the possibility of another module having issues which hasn't been reported yet (or custom code which does things with image derivatives that would need to be updated as well). That's why for this release in particular (but also in general!) it's recommended to test the upgrade on a local backup of your site or on a test server before deploying it to production.
Hope that helps...