drupal 6.0-rc3

For more information on this release candidate and about compatible modules, themes and translations, refer to: http://drupal.org/drupal-6.0-rc3

This release candidate fixes a security vulnerability. Those running the previous release candidate are urged to upgrade immediately. For more details, please see the security announcement:

• SA-2008-016 - OpenID - Incorrect claimed_id returned for OpenID 2.0

In addition to this security vulnerability, the following bugs have been fixed since the first release candidate:

• #208427 report by Pancho, patch by dvessel: strpos() parameters were flipped in color module, resulting in bad colors
• #208197 by dvessel: back to cloning the table header only in tableheader.js (fixes radio button issues and Safari 2 crashing)
• - Patch #210140 by dww: fixed code comment: 'default_major' is now deprecated in favor of 'supported_majors'.
• - Patch #209236 by traxer: added a validation function for the poll form.
• - Patch #206495 by jvandyk: improved consistency of trigger descriptions.
• - Patch #208926 by keith.smith: fixed broken link. The external link to the RSS specification changed.
• - Patch #115606 by Junyor, thesaint_02: added support for PHP 5.2's 'recoverable fatal errors'.
• - Patch #209034 by theborg: fixed small code style error that generates warnings.
• - Patch #210141 by dww (with some modifications by me): implement hook_flush_caches().
• #201540 follow up by zoo33: move jpeg quality validation to where it belongs, so it is only called if the current image toolkit requires it
• #209584 by Rob Loach: 404/403 validation is also done in runtime so to allow more flexibility here, remove the submission time validation
• #209045 by keith.smith: small typo in INSTALL.txt
• #208991 by JirkaRybka: target sticky table headers to Drupal output tables only, so it won't sticky random tables in other site content
• #190729 by aufumy, Pasqualle, slightly modified: report incompatibility early, if the dependencies key is not an array in the .info file
• #209077 by bec: missing initialization for the placeholders array in drupal_write_record()
• #200674 by scor, catch: update.php should inform users if their memory limit will possibly result in a WSOD
• #196630 follow up by JirkaRybka: fix theme location information in maintenance theming, so IE6 fix CSS is loaded properly
• #189785 by dropcube: anonymous users did not have permission to view the personal contact form, so catch them early
• #210141 follow up by dww: cleaning up some code comments
• #201641 by Ralf Stamm, Pancho: sort themes by their .info name, not their file name (just like modules)
• #208938 by bjaspan, scor: use schema PI for index updates instead of database dependent code
• #210211 by chx, theborg: removing the broken admin user search, which would provide the same as the public facing user search anyway
• #210260 by dropcube: kill notice when anonymous users uses site-wide contact form
• #208991 follow up by dvessel: forgot to mark the blocks table with sticky-enabled
• #209242 by dww: local .info file changes (ie. updated code) was not taken properly into account in update module
• #201641 by Ralf Stamm, Pancho: sort admin themes by info name as well
• #209720 by theborg: avoid processing resizable teasers before teaser.js is run and the proper wrappers are in place
• #211060 by boydjd: do not display the taxonomy-term-description div when there is no description
• #208602 by KarenS: add support for aborting all updates of one module, when a critical error happens
• #211322 by keith.smith: drag and drop documentation for input formats was missing, damn
• #211322 follow up by catch: forums also support drag and drop, mention in changelog
• #211443 by dropcube: kill a feed warning on taxonomy pages
• #200210 by gaele: more accessible color contrast in Garland error messages
• #210936 by Pancho: some padding around taxonomy descriptions on taxonomy pages, so that they get more breathing space
• #211067 by webchick: blogapi_mt_get_post_categories() not using taxonomy_node_get_terms() properly
• #211359 by chx: make dead menu items disappear on a Drupal 6 upgrade
• #211353 follow up by JirkaRybka: ensure that on upgrades, if the file_directory_path was not set, set it to the Drupal 5 default
• #210479 by catch, dvessel: add newlines to list items, so inline display and RTL issues are resolved
• #208498 by pwolanin: remove pager from menu admin page (for big menus, you will need to use a contrib module)
• #208602 follow up by myself and webernet: invert conditional to properly update schema versions, when needed
• #212285 by wrwrwr: hr should be treated as a block level tag
• #211404 by dvessel: improve tableheader.js performance in all browsers, solves freeze in IE7
• #195283 by pwolanin: code documentation for the 'forms' function group
• #211876 by hass: typo in profile module docs
• #212050 by keith.smith: JS compression was removed, but not from the changelog
• #209409 by Heine, webernet, dww: more accurate register globals value checking
• #210335 by keith.smith: highly confusing example in trigger module help, use a better one instead
• #206778 follow up by dvessel: better filtering for subtheme files
• #211403 by dww: Removed fallback code for determining the project based on the directory.
• #211053 by momendo: poll submission and editing field columns fixed
• #119038 by ximo, Pancho: user role editing usability: include disabled checkbox for authenticated role
• #212813 by dww: link project status information to the admin/reports/updates page (usability)
• #212409 by theborg: avoid calling check_plain() twice on menu links
• Outdated use of watchdog() noticed while creating translation templates
• #213172 by skiquel: let color module run properly without a base image
• #213064 by dvessel: fix sticky table headers bug when resizing
• #194494 by Jax, slightly expanded: unify empty password handling is MySQL and MySQLi installer and runtime drivers
• #208768 by dvessel, Arancaytar: language direction should be in the HTML source, so it is more accessible even without CSS
• Three remaining instances of t() use in system module update code removed.
• #204411 by catch: elevate MySQL requirements to 4.1.1 (the first production MySQL 4.1.x was 4.1.5 anyway)
• #107375 follow up by zeta-zoo: fixed incorrect description for MySQL's 'Select_range_check'
• #213319 by add1sun: minor code documentation fix at template_preprocess_block()
• #211742 by theborg, chx: detect and solve the problem when blocks are assigned to invalid regions (happens in theme development)
• #212921 by fgm: remove unused reference on update_process_info_list() parameter list, which causes strict warnings in PHP 5
• #205067 by asimmonds: kill notice in install.php when the profile is not yet set
• #204411 by chx, slightly modified: heal a possible MySQL import error when the anonymous user becomes broken
• #194327 by dvessel, David_Rothstein, catch, theborg: IE form submission button correction was buggy
• #212126 report by salvis, patch by myself: allow clearing of drupal_html_to_text() URL list, so it can be used multiple times on the page
• #214213 by keith.smith: fix broken link in INSTALL.txt
• #205523 by assimonds: (minor) add missing CVS Id tags
• #213150 by Lynn: fix HTML validation problem with node term listings
• #214058 by catch, Arancaytar: forum form alter was mistakenly dropping the parent field in all taxonomy forms
• #187075 by dvessel: do not compute a breadcrumb for the home page (regression)
• #200028 by agentrickard, dww: cache more project module data, so there is less burden on Drupal when generating admin pages (performance)
• #214579 by keith.smith: vocabulary drag and drop was not properly documented (string change)
• #204415 by Lynn, traxer, pwolanin: migrate node type URLs to a path model based on menu paths, so conflicts between action and node type names are not a problem
• #212864 suggestion by pp, patch by gdevlugt: use format_date() for RSS item dates instead of date() to honor site time zone settings
• #172571 by fgm, slightly modified: document that theme_xml_icon() was superceded in most cases by theme_feed_icon()
• #207330 by c960657: allow custom URL rewriter to work on base_url and fix urlencoding of front page URL with a path prefix
• #208888 by jvandyk: set access time when externally authenticated user first logs in
• #206955 follow up by merlinofchaos: avoid misusing default values for image buttons
• #206881 by ScoutBaker: (minor) fix whitespace at TRANSLATION_ENABLED, so the phpdoc shows up properly
• #214922 by Eaton: fix code typo which prevented from image buttons in a tree form from working
• #213657 by dopry and moshe weitzman: typo in rss feed build mode and better link handling
• #207029 by JohnAlbin: some menu item properties were not passed along for theming (regression)
• #213517 by ax: inline documentation cleanup, fixing four unclosed @defgroups
• #193331 by ufku: the replace parameter was not used in file_save_upload() as documented, fix this
• Translating menu items and taxonomies is not a core feature, so do not mislead users. Noticed while translating to Hungarian.
• #213664 by chx, theborg: menu item not expanded on front page
• #210219 by htalvitie, yched: initialize block caching properties properly on install (and update bugos RC2 sites as well)
• #210219 follow by myself: update_sql() does not support placeholders, so we should compose our own SQL ourselfs
• #215303 by Pancho, slightly modified: clean URL test support text was not green if not using JS
• #214292 by theborg: collapse.js alters the default submit buttons in forms in Internet Explorer
• #215361 by bec: phpdoc for menu_load_objects(), _menu_item_localize() and _menu_link_translate()
• #202382 by Pasqualle and Pancho: phpdoc improvements and code style fixes in node module
• #215252 by bdragon: reset the cache flush variable before the cache is flushed, so busy sites will not attempt multiple cache flushes at a time
• #208556 by Pancho: fix broken display of OpenID links
• #215335 by jvandyk: fix user_login_submit() phpdoc
• #79018 by pwolanin, catch, Morbus Iff: document how can one hide CHANGELOG.txt, etc. to improve security a slight bit
• #207863 by mikey_p, Pancho: use module_load_include() as intended
• #214329 by starbow: avoid attaching scroll behavior multiple times
• #215454 by keith.smith: cleaning up some language in INSTALL.txt
• #215848 by simonc: SMALLTEXT is not a valid MySQL type, TINYTEXT is there instead
• #208858 by theborg, gdevlugt: fix forum node and comment counting, taking term revisioning into account
• #216014 report by meba, patch by myself: menu_install() did not use get_t() for its menu item creation
• #105405 by chx, Pancho: (regression) remove web server version checking; it is not in Drupal 5; Apache 1.3 is surpassed for a long time now
• #215127 by chx, webernet, catch; testing by theborg: menu item parenting was broken when moving menu items
• #216042 by Eaton: provide the complete form to element validators as well (critical regression for CCK)
• #216022 reported by johnnysxip, patch by walkah: (SA-2008-016) OpenID - Incorrect claimed_id returned for OpenID 2.0 and other minor OpenID 2.0 compliance fixes
• #200028 follow up by dww: clear update module cache on update.php run as well