openpkg-packages/drupal/drupal.patch

Fix Reverse Proxy Support:
http://drupal.org/node/244593
http://drupal.org/files/issues/drupal_80.patch

Index: includes/bootstrap.inc
--- includes/bootstrap.inc.orig	2008-02-11 15:36:21 +0100
+++ includes/bootstrap.inc	2008-04-09 20:47:49 +0200
@@ -272,6 +272,7 @@
  */
 function conf_init() {
   global $base_url, $base_path, $base_root;
+  global $base_url_local;
 
   // Export the following settings.php variables to the global namespace
   global $db_url, $db_prefix, $cookie_domain, $conf, $installed_profile, $update_free_access;
@@ -723,9 +724,22 @@
  * generate an equivalent using other environment variables.
  */
 function request_uri() {
+  global $base_url;
+  global $base_url_local;
 
   if (isset($_SERVER['REQUEST_URI'])) {
     $uri = $_SERVER['REQUEST_URI'];
+    if (isset($base_url) && isset($base_url_local)) {
+      $parts = parse_url($base_url_local);
+      if (   strlen($uri) >= strlen($base_url_local)
+          && substr($uri, 0, strlen($base_url_local)) == $base_url_local) {
+        $uri = $base_url .  substr($uri, strlen($base_url_local));
+      }
+      elseif (   strlen($uri) >= strlen($parts["path"])
+          && substr($uri, 0, strlen($parts["path"])) == $parts["path"]) {
+        $uri = $base_url .  substr($uri, strlen($parts["path"]));
+      }
+    }
   }
   else {
     if (isset($_SERVER['argv'])) {
Index: sites/default/default.settings.php
--- sites/default/default.settings.php.orig	2007-12-20 10:35:10 +0100
+++ sites/default/default.settings.php	2008-04-09 20:47:32 +0200
@@ -126,6 +126,24 @@
 # $base_url = 'http://www.example.com';  // NO trailing slash!
 
 /**
+ * Local Base URL (optional).
+ *
+ * If you are running Drupal behind a reverse proxy, $base_url (see above)
+ * usually points to the URL of the reverse proxy. Drupal uses this for
+ * all sorts of external URLs. In order to correctly calculate sub-URLs
+ * below $base_url for embedded HTML forms, Drupal also has to know the
+ * URL on the local/origin server under which Drupal is contacted by the
+ * reverse proxy. This is what $base_url_local is for.
+ *
+ * Examples:
+ *   $base_url_local = 'http://www.example.com:8080/drupal';
+ *
+ * It is not allowed to have a trailing slash; Drupal will add it
+ * for you.
+ */
+# $base_url_local = 'http://www.example.com:8080/drupal';  // NO trailing slash!
+
+/**
  * PHP settings:
  *
  * To see what PHP settings are possible, including whether they can

-----------------------------------------------------------------------------

1. Support HTTP Proxies (mainly for update checks, RSS fetching, etc)
http://drupal.org/node/7881
http://drupal.org/files/issues/proxy_11.patch
(post-adjusted and improved by RSE)

2. Fix CSS Cache Building Procedure
http://drupal.org/node/275381
http://drupal.org/files/issues/drupal-css-cache-building.patch
(created by RSE)

Index: includes/common.inc
--- includes/common.inc.orig	2008-04-09 23:11:44 +0200
+++ includes/common.inc	2008-06-26 20:16:16 +0200
@@ -439,13 +439,27 @@
     case 'http':
       $port = isset($uri['port']) ? $uri['port'] : 80;
       $host = $uri['host'] . ($port != 80 ? ':'. $port : '');
-      $fp = @fsockopen($uri['host'], $port, $errno, $errstr, 15);
+      if (variable_get('proxy_server', '') != '') {
+        $proxy_server = variable_get('proxy_server', '');
+        $proxy_port = variable_get('proxy_port', 8080);
+        $fp = @fsockopen($proxy_server, $proxy_port, $errno, $errstr, 15);
+      }
+      else {
+        $fp = @fsockopen($uri['host'], $port, $errno, $errstr, 15);
+      }
       break;
     case 'https':
       // Note: Only works for PHP 4.3 compiled with OpenSSL.
       $port = isset($uri['port']) ? $uri['port'] : 443;
       $host = $uri['host'] . ($port != 443 ? ':'. $port : '');
-      $fp = @fsockopen('ssl://'. $uri['host'], $port, $errno, $errstr, 20);
+      if (variable_get('proxy_server', '') != '') {
+        $proxy_server = variable_get('proxy_server', '');
+        $proxy_port = variable_get('proxy_port', 8080);
+        $fp = @fsockopen($proxy_server, $proxy_port, $errno, $errstr, 15);
+      }
+      else {
+        $fp = @fsockopen('ssl://'. $uri['host'], $port, $errno, $errstr, 20);
+      }
       break;
     default:
       $result->error = 'invalid schema '. $uri['scheme'];
@@ -462,9 +476,14 @@
   }
 
   // Construct the path to act on.
-  $path = isset($uri['path']) ? $uri['path'] : '/';
-  if (isset($uri['query'])) {
-    $path .= '?'. $uri['query'];
+  if (variable_get('proxy_server', '') != '') {
+    $path = $url;
+  }
+  else {
+    $path = isset($uri['path']) ? $uri['path'] : '/';
+    if (isset($uri['query'])) {
+      $path .= '?'. $uri['query'];
+    }
   }
 
   // Create HTTP request.
@@ -482,6 +501,14 @@
     $defaults['Authorization'] = 'Authorization: Basic '. base64_encode($uri['user'] . (!empty($uri['pass']) ? ":". $uri['pass'] : ''));
   }
 
+  // If the proxy server required a username then attempt to authenticate with it
+  if (variable_get('proxy_username', '') != '') {
+    $username = variable_get('proxy_username', '');
+    $password = variable_get('proxy_password', '');
+    $auth_string = base64_encode($username . ($password != '' ? ':'. $password : ''));
+    $defaults['Proxy-Authorization'] = 'Proxy-Authorization: Basic '. $auth_string ."\r\n";
+  }
+
   foreach ($headers as $header => $value) {
     $defaults[$header] = $header .': '. $value;
   }
@@ -1805,7 +1832,7 @@
   $last = '';
   while ($path != $last) {
     $last = $path;
-    $path = preg_replace('`(^|/)(?!../)([^/]+)/../`', '$1', $path);
+    $path = preg_replace('`(^|/)(?!\.\./)([^/]+)/\.\./`', '$1', $path);
   }
   return 'url('. $path .')';
 }
Index: modules/system/system.admin.inc
--- modules/system/system.admin.inc.orig	2008-03-25 12:58:16 +0100
+++ modules/system/system.admin.inc	2008-04-24 11:43:07 +0200
@@ -1363,6 +1363,65 @@
 }
 
 /**
+ * Form builder; Configure the site proxy settings.
+ *
+ * @ingroup forms
+ * @see system_settings_form()
+ */
+function system_proxy_settings() {
+
+  $form['forward_proxy'] = array(
+    '#type' => 'fieldset',
+    '#title' => t('Forward proxy settings'),
+    '#description' => t('The proxy server used when Drupal needs to connect to other sites on the Internet.'),
+  );
+  $form['forward_proxy']['proxy_server'] = array(
+    '#type' => 'textfield',
+    '#title' => t('Proxy host name'),
+    '#default_value' => variable_get('proxy_server', ''),
+    '#description' => t('The host name of the proxy server, eg. localhost. If this is empty Drupal will connect directly to the internet.')
+  );
+  $form['forward_proxy']['proxy_port'] = array(
+    '#type' => 'textfield',
+    '#title' => t('Proxy port number'),
+    '#default_value' => variable_get('proxy_port', 8080),
+    '#description' => t('The port number of the proxy server, eg. 8080'),
+  );
+  $form['forward_proxy']['proxy_username'] = array(
+    '#type' => 'textfield',
+    '#title' => t('Proxy username'),
+    '#default_value' => variable_get('proxy_username', ''),
+    '#description' => t('The username used to authenticate with the proxy server.'),
+  );
+  $form['forward_proxy']['proxy_password'] = array(
+    '#type' => 'textfield',
+    '#title' => t('Proxy password'),
+    '#default_value' => variable_get('proxy_password', ''),
+    '#description' => t('The password used to connect to the proxy server. This is kept as plain text.', '')
+  );
+  $form['#validate'][] = 'system_proxy_settings_validate';
+
+  return system_settings_form($form);
+}
+
+/**
+ * Validate the submitted proxy form.
+ */
+function system_proxy_settings_validate($form, &$form_state) {
+  // Validate the proxy settings
+  $form_state['values']['proxy_server'] = trim($form_state['values']['proxy_server']);
+  if ($form_state['values']['proxy_server'] != '') {
+    // TCP allows the port to be between 0 and 65536 inclusive
+    if (!is_numeric($form_state['values']['proxy_port'])) {
+      form_set_error('proxy_port', t('The proxy port is invalid. It must be a number between 0 and 65535.'));
+    }
+    elseif ($form_state['values']['proxy_port'] < 0 || $form_state['values']['proxy_port'] >= 65536) {
+      form_set_error('proxy_port', t('The proxy port is invalid. It must be between 0 and 65535.'));
+    }
+  }
+}
+
+/**
  * Form builder; Configure the site file handling.
  *
  * @ingroup forms
Index: modules/system/system.module
--- modules/system/system.module.orig	2008-04-09 23:11:49 +0200
+++ modules/system/system.module	2008-04-24 11:43:47 +0200
@@ -55,7 +55,7 @@
       $output .= '<li>'. t('support for enabling and disabling <a href="@themes">themes</a>, which determine the design and presentation of your site. Drupal comes packaged with several core themes and additional contributed themes are available at the <a href="@drupal-themes">Drupal.org theme page</a>.', array('@themes' => url('admin/build/themes'), '@drupal-themes' => 'http://drupal.org/project/themes')) .'</li>';
       $output .= '<li>'. t('a robust <a href="@cache-settings">caching system</a> that allows the efficient re-use of previously-constructed web pages and web page components. Drupal stores the pages requested by anonymous users in a compressed format; depending on your site configuration and the amount of your web traffic tied to anonymous visitors, Drupal\'s caching system may significantly increase the speed of your site.', array('@cache-settings' => url('admin/settings/performance'))) .'</li>';
       $output .= '<li>'. t('a set of routine administrative operations that rely on a correctly-configured <a href="@cron">cron maintenance task</a> to run automatically. A number of other modules, including the feed aggregator, ping module and search also rely on <a href="@cron">cron maintenance tasks</a>. For more information, see the online handbook entry for <a href="@handbook">configuring cron jobs</a>.', array('@cron' => url('admin/reports/status'), '@handbook' => 'http://drupal.org/cron')) .'</li>';
-      $output .= '<li>'. t('basic configuration options for your site, including <a href="@date-settings">date and time settings</a>, <a href="@file-system">file system settings</a>, <a href="@clean-url">clean URL support</a>, <a href="@site-info">site name and other information</a>, and a <a href="@site-maintenance">site maintenance</a> function for taking your site temporarily off-line.', array('@date-settings' => url('admin/settings/date-time'), '@file-system' => url('admin/settings/file-system'), '@clean-url' => url('admin/settings/clean-urls'), '@site-info' => url('admin/settings/site-information'), '@site-maintenance' => url('admin/settings/site-maintenance'))) .'</li></ul>';
+      $output .= '<li>'. t('basic configuration options for your site, including <a href="@date-settings">date and time settings</a>, <a href="@file-system">file system settings</a>, <a href="@clean-url">clean URL support</a>, <a href="@proxy-server">proxy server settings</a>, a href="@site-info">site name and other information</a>, and a <a href="@site-maintenance">site maintenance</a> function for taking your site temporarily off-line.', array('@date-settings' => url('admin/settings/date-time'), '@file-system' => url('admin/settings/file-system'), '@clean-url' => url('admin/settings/clean-urls'), '@site-info' => url('admin/settings/site-information'), '@site-maintenance' => url('admin/settings/site-maintenance'))) .'</li></ul>';
       $output .= '<p>'. t('For more information, see the online handbook entry for <a href="@system">System module</a>.', array('@system' => 'http://drupal.org/handbook/modules/system/')) .'</p>';
       return $output;
     case 'admin':
@@ -406,6 +406,14 @@
     'access arguments' => array('administer site configuration'),
     'file' => 'system.admin.inc',
   );
+  $items['admin/settings/proxy'] = array(
+    'title' => 'Proxy server',
+    'description' => 'Configure settings when the site is behind a proxy server.',
+    'page callback' => 'drupal_get_form',
+    'page arguments' => array('system_proxy_settings'),
+    'access arguments' => array('administer site configuration'),
+    'file' => 'system.admin.inc',
+  );
   $items['admin/settings/file-system'] = array(
     'title' => 'File system',
     'description' => 'Tell Drupal where to store uploaded files and how they are accessed.',

-----------------------------------------------------------------------------

Properly activate Drupal support module in TinyMCE

Index: sites/all/modules/tinymce/plugin_reg.php
--- sites/all/modules/tinymce/plugin_reg.php.orig	2008-03-27 21:11:17 +0100
+++ sites/all/modules/tinymce/plugin_reg.php	2008-05-02 20:56:56 +0200
@@ -102,5 +102,9 @@
 $plugins['zoom'] = array();
 $plugins['zoom']['theme_advanced_buttons2'] = array('zoom');
 
+$plugins['drupalimage'] = array();
+$plugins['drupalimage']['theme_advanced_buttons1'] = array('drupalimage');
+$plugins['drupalimage']['extended_valid_elements'] = array('img[class|src|border=0|alt|title|width|height|align|name]');
+
 return $plugins;
 }

-----------------------------------------------------------------------------

Fix SQL in "remove" functionality of "img_assist" module.
http://drupal.org/node/250128

Index: sites/all/modules/img_assist/img_assist.module
--- sites/all/modules/img_assist/img_assist.module.orig	2008-04-06 19:32:33 +0200
+++ sites/all/modules/img_assist/img_assist.module	2008-05-02 21:00:24 +0200
@@ -1239,7 +1239,7 @@
 }
 
 function _img_assist_remove($node, $size) {
-  $result = db_query("SELECT * FROM {files} f INNER JOIN {image} i WHERE f.fid = i.fid AND i.nid = %d AND f.filename = '%s'", $node->nid, $size['key']);
+  $result = db_query("SELECT * FROM {files} f INNER JOIN {image} ON f.fid = i.fid WHERE i.nid = %d AND f.filename = '%s'", $node->nid, $size['key']);
   while ($file = db_fetch_object($result)) {
     // Never delete original image.
     if ($file->filepath != $node->images[IMAGE_ORIGINAL]) {

-----------------------------------------------------------------------------

Optimize "img_assist" module by loading only when necessary.
http://drupal.org/node/55101

Index: sites/all/modules/img_assist/img_assist.js
--- sites/all/modules/img_assist/img_assist.js.orig	2008-04-06 18:43:18 +0200
+++ sites/all/modules/img_assist/img_assist.js	2008-05-02 21:05:56 +0200
@@ -130,6 +130,24 @@
 	var win = window.open(BASE_URL + 'index.php?q=img_assist/popup/' + nid, 'imagev', 'height='+oy+'-10,width='+ox+',top='+winy+',left='+winx+',scrollbars='+use_scrollbars+',resizable');
 }
 
+function launch_popup(nid, mw, mh) {
+	var ox = mw;
+	var oy = mh;
+	if((ox>=screen.width) || (oy>=screen.height)){
+		var ox = screen.width-150;
+		var oy = screen.height-150;
+		var winx = (screen.width / 2)-(ox / 2);
+		var winy = (screen.height / 2)-(oy / 2);
+		var use_scrollbars = 1;
+	}
+	else{
+		var winx = (screen.width / 2)-(ox / 2);
+		var winy = (screen.height / 2)-(oy / 2);
+		var use_scrollbars = 0;
+	}
+	var win = window.open(BASE_URL + 'index.php?q=img_assist/popup/' + nid, 'imagev', 'height='+oy+'-10,width='+ox+',top='+winy+',left='+winx+',scrollbars='+use_scrollbars+',resizable');
+}
+
 function insertImage() {
   if (window.opener) {
     // Get variables from the fields on the properties frame
Index: sites/all/modules/img_assist/img_assist.module
--- sites/all/modules/img_assist/img_assist.module.orig	2008-05-02 21:04:49 +0200
+++ sites/all/modules/img_assist/img_assist.module	2008-05-02 21:07:24 +0200
@@ -126,7 +126,7 @@
   }
   // Assign base_path to insert in image source by javascript.
   drupal_add_js('var BASE_URL = "'. base_path() .'";', 'inline');
-  drupal_add_js($path .'/img_assist.js');
+  drupal_add_js($path .'/img_assist_popup.js');
 }
 
 /**
@@ -150,6 +150,9 @@
  * Add image link underneath textareas.
  */
 function img_assist_textarea($element) {
+  $path = drupal_get_path('module', 'img_assist');
+  drupal_add_js($path .'/img_assist.js');
+  
   $link = variable_get('img_assist_link', 'icon');
   if (($link == 'icon') || ($link == 'text')) {
     if (_img_assist_textarea_match($element['#id']) && _img_assist_page_match() && !strstr($_GET['q'], 'img_assist')) {
Index: sites/all/modules/img_assist/img_assist_popup.js
--- /dev/null	2008-05-02 21:08:21 +0200
+++ sites/all/modules/img_assist/img_assist_popup.js	2008-05-02 21:05:56 +0200
@@ -0,0 +1,20 @@
+/* $Id: drupal.patch,v 1.27 2008/06/26 18:27:23 rse Exp $ */
+
+function launch_popup(nid, mw, mh) {
+	var ox = mw;
+	var oy = mh;
+	if((ox>=screen.width) || (oy>=screen.height)){
+		var ox = screen.width-150;
+		var oy = screen.height-150;
+		var winx = (screen.width / 2)-(ox / 2);
+		var winy = (screen.height / 2)-(oy / 2);
+		var use_scrollbars = 1;
+	}
+	else{
+		var winx = (screen.width / 2)-(ox / 2);
+		var winy = (screen.height / 2)-(oy / 2);
+		var use_scrollbars = 0;
+	}
+	var win = window.open(BASE_URL + 'index.php?q=img_assist/popup/' + nid, 'imagev', 'height='+oy+'-10,width='+ox+',top='+winy+',left='+winx+',scrollbars='+use_scrollbars+',resizable');
+}
+

-----------------------------------------------------------------------------

Fix file permissions.
http://drupal.org/node/247992

Index: sites/all/modules/img_assist/img_assist.module
--- sites/all/modules/img_assist/img_assist.module.orig	2008-05-02 21:11:15 +0200
+++ sites/all/modules/img_assist/img_assist.module	2008-05-02 21:11:48 +0200
@@ -1230,6 +1230,8 @@
           drupal_set_message(t('Unable to create %label image', array('%label' => $size['label'])), 'error');
         }
         else {
+          // Set standard file permissions for webserver-generated files
+          @chmod(file_create_path($destination), 0664);
           $node->images[$key] = $destination;
           _image_insert($node, $key, file_create_path($destination));
         }

-----------------------------------------------------------------------------

Activate the Drupal glue code for the FCKeditor filemanager.

Index: sites/all/modules/fckeditor/fckeditor/editor/filemanager/connectors/php/config.php
--- sites/all/modules/fckeditor/fckeditor/editor/filemanager/connectors/php/config.php.orig	2008-03-25 16:28:24 +0100
+++ sites/all/modules/fckeditor/fckeditor/editor/filemanager/connectors/php/config.php	2008-05-02 23:02:23 +0200
@@ -39,6 +39,9 @@
 // Attention: The above 'UserFilesPath' must point to the same directory.
 $Config['UserFilesAbsolutePath'] = '' ;
 
+// activate Drupal glue code for filemanager
+require_once "../../../../../filemanager.config.php";
+
 // Due to security issues with Apache modules, it is recommended to leave the
 // following setting enabled.
 $Config['ForceSingleExtension'] = true ;

-----------------------------------------------------------------------------

Degrade the "Update notification" check from ERROR to WARNING severity
as for a packaged Drupal as in OpenPKG the Update notification is less
important and actually confusing anyway. With WARNING one at least still
sees the issue, but under "Administer" one doesn't get the confusing red
error message and longer.

Index: modules/system/system.install
--- modules/system/system.install.orig	2008-02-08 18:07:55 +0100
+++ modules/system/system.install	2008-05-03 10:42:23 +0200
@@ -273,7 +273,7 @@
     if (!module_exists('update')) {
       $requirements['update status'] = array(
         'value' => $t('Not enabled'),
-        'severity' => REQUIREMENT_ERROR,
+        'severity' => REQUIREMENT_WARNING,
         'description' => $t('Update notifications are not enabled. It is <strong>highly recommended</strong> that you enable the update status module from the <a href="@module">module administration page</a> in order to stay up-to-date on new releases. For more information please read the <a href="@update">Update status handbook page</a>.', array('@update' => 'http://drupal.org/handbook/modules/update', '@module' => url('admin/build/modules'))),
       );
     }

-----------------------------------------------------------------------------

Disable "Update notifications" check by default during installation.

Index: install.php
--- install.php.orig	2008-02-08 23:00:45 +0100
+++ install.php	2008-05-09 13:18:09 +0200
@@ -1069,7 +1069,7 @@
     '#type' => 'checkboxes',
     '#title' => st('Update notifications'),
     '#options' => array(1 => st('Check for updates automatically')),
-    '#default_value' => array(1),
+    '#default_value' => array(),
     '#description' => st('With this option enabled, Drupal will notify you when new releases are available. This will significantly enhance your site\'s security and is <strong>highly recommended</strong>. This requires your site to periodically send anonymous information on its installed components to <a href="@drupal">drupal.org</a>. For more information please see the <a href="@update">update notification information</a>.', array('@drupal' => 'http://drupal.org', '@update' => 'http://drupal.org/handbook/modules/update')),
     '#weight' => 15,
   );

-----------------------------------------------------------------------------

No need to always expand the "Menu settings" on node edit pages.

Index: modules/menu/menu.module
--- modules/menu/menu.module.orig	2008-04-09 23:11:48 +0200
+++ modules/menu/menu.module	2008-05-16 20:03:48 +0200
@@ -366,7 +366,7 @@
       '#title' => t('Menu settings'),
       '#access' => user_access('administer menu'),
       '#collapsible' => TRUE,
-      '#collapsed' => FALSE,
+      '#collapsed' => TRUE,
       '#tree' => TRUE,
       '#weight' => -2,
       '#attributes' => array('class' => 'menu-item-form'),

-----------------------------------------------------------------------------

Use a larger text-area on node edit pages.

Index: modules/node/node.pages.inc
--- modules/node/node.pages.inc.orig	2008-02-27 20:44:44 +0100
+++ modules/node/node.pages.inc	2008-05-16 20:06:45 +0200
@@ -287,7 +287,8 @@
     '#type' => 'textarea',
     '#title' => check_plain($label),
     '#default_value' => $include ? $node->body : ($node->teaser . $node->body),
-    '#rows' => 20,
+    '#rows' => 30,
+    '#cols' => 80,
     '#required' => ($word_count > 0),
   );
 
-----------------------------------------------------------------------------

Fix "Action" related administration dialog and corresponding run-time handling.

Index: modules/system/system.module
--- modules/system/system.module.orig	2008-04-09 23:11:49 +0200
+++ modules/system/system.module	2008-05-23 10:41:26 +0200
@@ -1431,7 +1439,7 @@
   if (is_numeric($action)) {
     $aid = $action;
     // Load stored parameter values from database.
-    $data = db_fetch_object(db_query("SELECT * FROM {actions} WHERE aid = %d", intval($aid)));
+    $data = db_fetch_object(db_query("SELECT * FROM {actions} WHERE aid = '%s'", $aid));
     $edit['actions_description'] = $data->description;
     $edit['actions_type'] = $data->type;
     $function = $data->callback;

Index: includes/actions.inc
--- includes/actions.inc.orig	2007-12-31 15:51:04 +0100
+++ includes/actions.inc	2008-05-23 11:22:17 +0200
@@ -54,7 +54,7 @@
     $where_values = array();
     foreach ($action_ids as $action_id) {
       if (is_numeric($action_id)) {
-        $where[] = 'OR aid = %d';
+        $where[] = "OR aid = '%s'";
         $where_values[] = $action_id;
       }
       elseif (isset($available_actions[$action_id])) {
@@ -93,7 +93,7 @@
   else {
     // If it's a configurable action, retrieve stored parameters.
     if (is_numeric($action_ids)) {
-      $action = db_fetch_object(db_query("SELECT * FROM {actions} WHERE aid = %d", $action_ids));
+      $action = db_fetch_object(db_query("SELECT * FROM {actions} WHERE aid = '%s'", $action_ids));
       $function = $action->callback;
       $context = array_merge($context, unserialize($action->parameters));
       $result[$action_ids] = $function($object, $context, $a1, $a2);
@@ -325,7 +325,7 @@
 function actions_save($function, $type, $params, $desc, $aid = NULL) {
   $serialized = serialize($params);
   if ($aid) {
-    db_query("UPDATE {actions} SET callback = '%s', type = '%s', parameters = '%s', description = '%s' WHERE aid = %d", $function, $type, $serialized, $desc, $aid);
+    db_query("UPDATE {actions} SET callback = '%s', type = '%s', parameters = '%s', description = '%s' WHERE aid = '%s'", $function, $type, $serialized, $desc, $aid);
     watchdog('actions', 'Action %action saved.', array('%action' => $desc));
   }
   else {
@@ -333,7 +333,7 @@
     // separate table for numeric aids.
     db_query('INSERT INTO {actions_aid} VALUES (default)');
     $aid = db_last_insert_id('actions_aid', 'aid');
-    db_query("INSERT INTO {actions} (aid, callback, type, parameters, description) VALUES (%d, '%s', '%s', '%s', '%s')", $aid, $function, $type, $serialized, $desc);
+    db_query("INSERT INTO {actions} (aid, callback, type, parameters, description) VALUES ('%s', '%s', '%s', '%s', '%s')", $aid, $function, $type, $serialized, $desc);
     watchdog('actions', 'Action %action created.', array('%action' => $desc));
   }
 
@@ -350,7 +350,7 @@
  *   The appropriate action row from the database as an object.
  */
 function actions_load($aid) {
-  return db_fetch_object(db_query("SELECT * FROM {actions} WHERE aid = %d", $aid));
+  return db_fetch_object(db_query("SELECT * FROM {actions} WHERE aid = '%s'", $aid));
 }
 
 /**
@@ -360,6 +360,6 @@
  *   integer The ID of the action to delete.
  */
 function actions_delete($aid) {
-  db_query("DELETE FROM {actions} WHERE aid = %d", $aid);
+  db_query("DELETE FROM {actions} WHERE aid = '%s'", $aid);
   module_invoke_all('actions_delete', $aid);
 }
Index: modules/user/user.admin.inc
--- modules/user/user.admin.inc.orig	2008-01-16 23:54:41 +0100
+++ modules/user/user.admin.inc	2008-05-23 11:24:13 +0200
@@ -737,13 +737,13 @@
       form_set_error('mask', t('You must enter a mask.'));
     }
     else {
-      db_query("UPDATE {access} SET mask = '%s', type = '%s', status = '%s' WHERE aid = %d", $edit['mask'], $edit['type'], $edit['status'], $aid);
+      db_query("UPDATE {access} SET mask = '%s', type = '%s', status = '%s' WHERE aid = '%s'", $edit['mask'], $edit['type'], $edit['status'], $aid);
       drupal_set_message(t('The access rule has been saved.'));
       drupal_goto('admin/user/rules');
     }
   }
   else {
-    $edit = db_fetch_array(db_query('SELECT aid, type, status, mask FROM {access} WHERE aid = %d', $aid));
+    $edit = db_fetch_array(db_query("SELECT aid, type, status, mask FROM {access} WHERE aid = '%s'", $aid));
   }
   return drupal_get_form('user_admin_access_edit_form', $edit, t('Save rule'));
 }
@@ -859,7 +859,7 @@
  */
 function user_admin_access_delete_confirm($form_state, $aid = 0) {
   $access_types = array('user' => t('username'), 'mail' => t('e-mail'), 'host' => t('host'));
-  $edit = db_fetch_object(db_query('SELECT aid, type, status, mask FROM {access} WHERE aid = %d', $aid));
+  $edit = db_fetch_object(db_query("SELECT aid, type, status, mask FROM {access} WHERE aid = '%s'", $aid));
 
   $form = array();
   $form['aid'] = array('#type' => 'hidden', '#value' => $aid);
@@ -873,7 +873,7 @@
 }
 
 function user_admin_access_delete_confirm_submit($form, &$form_state) {
-  db_query('DELETE FROM {access} WHERE aid = %d', $form_state['values']['aid']);
+  db_query("DELETE FROM {access} WHERE aid = '%s'", $form_state['values']['aid']);
   drupal_set_message(t('The access rule has been deleted.'));
   $form_state['redirect'] = 'admin/user/rules';
   return;
 
-----------------------------------------------------------------------------

1. Fix content validation in "xmlcontent" module in case
   one has enabled multiple filters on a particular input format.
2. Additionally, allow absolute paths to support .xsd/.xsl files
   in arbitrary directories.
3. Finally, do not create a new DOM and output it as XML. Instead directly
   output the transformed XML in order to get rid of the <?xml...?> declaration.
4. Additionally, support an optional XML content template (mainly
   for loading ENTITY definitions which cannot be done via XSD and XSLT)

Index: sites/all/modules/xmlcontent/xmlcontent.module
--- sites/all/modules/xmlcontent/xmlcontent.module.orig	2007-03-14 22:59:59 +0100
+++ sites/all/modules/xmlcontent/xmlcontent.module	2008-05-30 21:13:16 +0200
@@ -39,8 +39,22 @@
       return t('Allows users to post XML node content and get it transformed through a configured XSLT script');
 
     case 'process':
-      $xslt_path = drupal_get_path('module', 'xmlcontent'). '/' . variable_get("xmlcontent_xslt_path_$format", '');
-      return _xmlcontent_transform($text, $xslt_path);
+      $tpl_path = variable_get("xmlcontent_tpl_path_$format", '');
+      if ($tpl_path) {
+          if (substr($tpl_path, 0, 1) != "/")
+              $tpl_path = drupal_get_path('module', 'xmlcontent') . '/' . $tpl_path;
+          $tpl = file_get_contents($tpl_path);
+          $text = preg_replace("/&template_body;/", $text, $tpl);
+          $cwd = getcwd();
+          chdir(preg_replace("/\\/[^\\/]+\$/", "", $tpl_path));
+      }
+      $xslt_path = variable_get("xmlcontent_xslt_path_$format", '');
+      if (substr($xslt_path, 0, 1) != "/")
+          $xslt_path = drupal_get_path('module', 'xmlcontent') . '/' . $xslt_path;
+      $result = _xmlcontent_transform($text, $xslt_path);
+      if ($tpl_path)
+          chdir($cwd);
+      return $result;
 
     case 'settings':
       return _xmlcontent_filter_settings($format);
@@ -72,7 +86,7 @@
       }
       // Does the input format of this node use XML Content filter?
       $format = filter_resolve_format($node->format);
-      $module = db_result(db_query('SELECT module FROM {filters} WHERE format = %d', $format));
+      $module = db_result(db_query("SELECT module FROM {filters} WHERE format = %d AND module = 'xmlcontent'", $format));
       if ($module != 'xmlcontent') {
         return;
       }
@@ -83,7 +97,10 @@
         return;
       }      
       
-      $schema_path = drupal_get_path('module', 'xmlcontent'). '/' . variable_get("xmlcontent_schema_path_$format",'');        
+      $schema_path = variable_get("xmlcontent_schema_path_$format", '');
+      if (substr($schema_path, 0, 1) != "/")
+          $schema_path = drupal_get_path('module', 'xmlcontent') . '/' . $schema_path;
+
       if (!is_file($schema_path) && ($validation == 'xsd' or $validation == 'rng')) {
         $schema_path = null;
         watchdog( 'xmlcontent', t('Validation required but no schema file'), WATCHDOG_WARNING );
@@ -93,7 +110,23 @@
       libxml_clear_errors();
       libxml_use_internal_errors(true);
 
-      if (!_xmlcontent_validate($node->body, $validation, $schema_path)) {
+      $text = $node->body;
+      $tpl_path = variable_get("xmlcontent_tpl_path_$format", '');
+      if ($tpl_path) {
+          if (substr($tpl_path, 0, 1) != "/")
+              $tpl_path = drupal_get_path('module', 'xmlcontent') . '/' . $tpl_path;
+          $tpl = file_get_contents($tpl_path);
+          $text = preg_replace("/&template_body;/", $text, $tpl);
+          $cwd = getcwd();
+          chdir(preg_replace("/\\/[^\\/]+\$/", "", $tpl_path));
+      }
+
+      $result = _xmlcontent_validate($text, $validation, $schema_path);
+
+      if ($tpl_path)
+          chdir($cwd);
+
+      if (!$result) {
         form_set_error('body', t('XML Content: Invalid XML') . libxml_errors_string());
       }
       
@@ -156,6 +189,13 @@
     '#collapsible' => TRUE,
     '#collapsed' => FALSE,
   );
+  $form['xmlcontent']["xmlcontent_tpl_path_$format"] = array(
+    '#type'    => 'textfield',
+    '#title'   => t('Optional XML Template File Path'),
+    '#default_value' => variable_get("xmlcontent_tpl_path_$format", ''),
+    '#field_prefix'  => drupal_get_path('module', 'xmlcontent'). '/',
+    '#description'  => t('The file path to the optional XML template, wrapper around the XML content before processing.'),
+  );
   $form['xmlcontent']["xmlcontent_xslt_path_$format"] = array(
     '#type'    => 'textfield',
     '#title'   => t('XSLT Script File Path'),
@@ -218,6 +258,8 @@
   
   // Load the XML document
   $dom = new DomDocument('1.0', 'UTF-8');
+  $dom->resolveExternals = true;
+  $dom->substituteEntities = true;
   $valid = $dom->loadXML($xml);
   if (!$valid) {
     watchdog('xmlcontent', "Invalid XML Content", WATCHDOG_WARNING);
@@ -227,6 +269,8 @@
   // Load the XSLT script
   // TODO: is there a way to cache it, or not necessary
   $xsl = new DomDocument('1.0', 'UTF-8');
+  $xsl->resolveExternals = true;
+  $xsl->substituteEntities = true;
   $xsl->load($path_to_xslt);   
 
   // Create the XSLT processor
@@ -242,10 +286,8 @@
   }
 
   // Transform
-  $newdom = $proc->transformToDoc($dom);
-  
-  // Return the output as XML text (in fact subset of XHTML, depending on the XSLT script)
-  return $newdom->saveXML();
+  $xml = $proc->transformToXML($dom);
+  return $xml;
 }
 
 
-----------------------------------------------------------------------------

Fix upgrading in "simplefeed" module if PostgreSQL is used.
Fix modules as Drupal 6.2 does not provide db_num_rows() anymore.

Index: sites/all/modules/simplefeed/simplefeed.install
--- sites/all/modules/simplefeed/simplefeed.install.orig	2008-06-11 07:22:28 +0200
+++ sites/all/modules/simplefeed/simplefeed.install	2008-06-14 15:09:53 +0200
@@ -31,8 +31,17 @@
 
 function simplefeed_update_2() {
   $ret = array();
-  $ret[] = update_sql("ALTER TABLE {simplefeed_feed} DROP INDEX url");
-  $ret[] = update_sql("ALTER TABLE {simplefeed_feed} CHANGE url url text");  
+  switch ($GLOBALS['db_type']) {
+    case 'mysql':
+    case 'mysqli':
+      $ret[] = update_sql("ALTER TABLE {simplefeed_feed} DROP INDEX url");
+      $ret[] = update_sql("ALTER TABLE {simplefeed_feed} CHANGE url url text");  
+      break;
+    case 'pgsql':
+      $ret[] = update_sql("DROP INDEX {simplefeed_feed}_url_idx");
+      $ret[] = update_sql("ALTER TABLE {simplefeed_feed} ALTER COLUMN url TYPE text");  
+      break;
+  }
   return $ret;
 }
 
Index: sites/all/modules/simplefeed/simplefeed_item.install
--- sites/all/modules/simplefeed/simplefeed_item.install.orig	2008-06-11 07:22:28 +0200
+++ sites/all/modules/simplefeed/simplefeed_item.install	2008-06-14 16:23:01 +0200
@@ -40,13 +40,15 @@
   // Fetch up to N feed items and update their iids to new schema
   $count = $_SESSION['simplefeed_item_update_2']['count'];
   $feed_items = db_query_range('SELECT r.vid, r.title, s.url FROM {node_revisions} r JOIN {simplefeed_feed_item} s ON r.vid = s.vid ORDER BY r.vid ASC', $count, $limit);
+  $n = 0;
   while ($feed_item = db_fetch_object($feed_items)) {
     $iid = md5($feed_item->title . $feed_item->url);
     db_query("UPDATE {simplefeed_feed_item} SET iid = '%s' WHERE vid = %d", $iid, $feed_item->vid);
     $_SESSION['simplefeed_item_update_2']['vid'] = $feed_item->vid;    
+    $n++;
   }
 
-  if (db_num_rows($feed_items) == $limit) {
+  if ($n == $limit) {
     $_SESSION['simplefeed_item_update_2']['count'] += $limit;
     // Return progress (never return 100% here to ensure clean-up is still run last).
     return array('#finished' => $_SESSION['simplefeed_item_update_2']['vid'] / ($_SESSION['simplefeed_item_update_2']['max'] + 1));
@@ -60,8 +62,18 @@
 
 function simplefeed_item_update_3() {
   $ret = array();
-  $ret[] = update_sql("ALTER TABLE {simplefeed_feed_item} CHANGE url url text");
-  $ret[] = update_sql("ALTER TABLE {simplefeed_feed_item} CHANGE iid iid varchar(32) NOT NULL");  
+  switch ($GLOBALS['db_type']) {
+    case 'mysql':
+    case 'mysqli':
+      $ret[] = update_sql("ALTER TABLE {simplefeed_feed_item} CHANGE url url text");
+      $ret[] = update_sql("ALTER TABLE {simplefeed_feed_item} CHANGE iid iid varchar(32) NOT NULL");  
+      break;
+    case 'pgsql':
+      $ret[] = update_sql("ALTER TABLE {simplefeed_feed_item} ALTER COLUMN url TYPE text");  
+      $ret[] = update_sql("ALTER TABLE {simplefeed_feed_item} ALTER COLUMN iid TYPE VARCHAR(32)");  
+      $ret[] = update_sql("ALTER TABLE {simplefeed_feed_item} ALTER COLUMN iid SET NOT NULL");  
+      break;
+  }
   return $ret;
 }
 
Index: sites/all/modules/autologout/autologout.module
--- sites/all/modules/autologout/autologout.module.orig	2008-03-14 21:05:41 +0100
+++ sites/all/modules/autologout/autologout.module	2008-06-14 15:57:27 +0200
@@ -257,8 +257,8 @@
       if (_autologout_user_in_by_user_role($account)) {
         $account->autologout = 0;
         $r = db_query("SELECT setting FROM {autologout} WHERE uid = %d", $account->uid);
-        if (db_num_rows($r) > 0) {
-          $row = db_fetch_object($r);
+        $row = db_fetch_object($r);
+        if ($row) {
           $account->autologout = (int)$row->setting;
         }
       }

-----------------------------------------------------------------------------

Fix helpers module for PostgreSQL usage.

Index: sites/all/modules/helpers/helpers_database.module
--- sites/all/modules/helpers/helpers_database.module.orig	2008-04-23 04:38:34 +0200
+++ sites/all/modules/helpers/helpers_database.module	2008-06-16 18:06:41 +0200
@@ -16,7 +16,7 @@
  *
  * NOTE: This is open code - do not put a function declaration on it.
  */
-  $db_types = array('mysql', 'mysqli', 'postgres');
+  $db_types = array('mysql', 'mysqli', 'pgsql');
   $dbtype = $GLOBALS['db_type'];
   if (in_array($dbtype, $db_types)) {
     // Using include because the site may not be using this so we don't want a fatal error.
Index: sites/all/modules/helpers/includes/dra_pgsql.inc
--- sites/all/modules/helpers/includes/dra_pgsql.inc.orig	2008-06-16 17:49:43 +0200
+++ sites/all/modules/helpers/includes/dra_pgsql.inc	2008-06-16 18:05:19 +0200
@@ -0,0 +1,40 @@
+<?php
+/* $Id */
+ /**
+ * Return a result array from the previous query. PostgreSql version.
+ * This is very handy for building an option list for a form element.
+ *
+ * @param $result
+ *   A database query result resource, as returned from db_query().
+ * @return
+ *   The resulting array or FALSE.
+ *   If the query contains -- the result array would be 
+ *        0 columns             (bool)FALSE
+ *        1 column              value => value
+ *        2 columns             1st value => 2nd value
+ *        3 or more             1st value => array(2nd value, 3rd value, ...)
+ */
+function db_result_array($result) {
+  $array = array();
+  while ($row = pg_fetch_array($result, NULL, PGSQL_NUM)) {
+    $y = count($row);
+    switch ($y) {
+      case 0:
+        drupal_set_message(t('Db_result_array found no columns in the result set.'), 'error');
+        return false;
+
+      case 1:
+        $array[$row[0]] = $row[0];
+        break;
+
+      case 2:
+        $array[$row[0]] = $row[1];
+        break;
+
+      default:
+        $array[$row[0]] = array_slice($row, 1);
+        break;
+    }
+  }
+  return $array;
+}

-----------------------------------------------------------------------------

Fix PostgreSQL usage.

Index: sites/all/modules/nodeupdates/nodeupdates.install
--- sites/all/modules/nodeupdates/nodeupdates.install.orig	2007-12-31 15:11:57 +0100
+++ sites/all/modules/nodeupdates/nodeupdates.install	2008-06-18 18:00:08 +0200
@@ -15,10 +15,10 @@
 
     case 'pgsql':
       db_query("CREATE TABLE {nodeupdates} (
-        nid integer(10) NOT NULL default '0',
+        nid integer NOT NULL default '0',
         title varchar(128) NOT NULL default '',
-        message longtext NOT NULL default '',
-        timestamp integer(11) NOT NULL default '0'
+        message text NOT NULL default '',
+        timestamp integer NOT NULL default '0'
       )");
       break;
   }

-----------------------------------------------------------------------------

Avoid incorrect ordering of BLOG entries by removing the
db_rewrite_sql() calls which seem to introduce a wrong ordering.

Index: modules/blog/blog.module
--- modules/blog/blog.module.orig	2008-04-09 23:11:45 +0200
+++ modules/blog/blog.module	2008-06-26 17:20:15 +0200
@@ -182,7 +182,7 @@
  * Helper function to determine if a user has blog posts already.
  */
 function _blog_post_exists($account) {
-  return (bool)db_result(db_query_range(db_rewrite_sql("SELECT 1 FROM {node} n WHERE n.type = 'blog' AND n.uid = %d AND n.status = 1"), $account->uid, 0, 1));
+  return (bool)db_result(db_query_range("SELECT 1 FROM {node} n WHERE n.type = 'blog' AND n.uid = %d AND n.status = 1", $account->uid, 0, 1));
 }
 
 /**
@@ -198,7 +198,7 @@
   }
   else if ($op == 'view') {
     if (user_access('access content')) {
-      $result = db_query_range(db_rewrite_sql("SELECT n.nid, n.title, n.created FROM {node} n WHERE n.type = 'blog' AND n.status = 1 ORDER BY n.created DESC"), 0, 10);
+      $result = db_query_range("SELECT n.nid, n.title, n.created FROM {node} n WHERE n.type = 'blog' AND n.status = 1 ORDER BY n.created DESC", 0, 10);
       if ($node_title_list = node_title_list($result)) {
         $block['content'] = $node_title_list;
         $block['content'] .= theme('more_link', url('blog'), t('Read the latest blog entries.'));
Index: modules/blog/blog.pages.inc
--- modules/blog/blog.pages.inc.orig	2008-02-08 22:15:12 +0100
+++ modules/blog/blog.pages.inc	2008-06-26 17:19:49 +0200
@@ -25,7 +25,7 @@
 
   $output = theme('item_list', $items);
 
-  $result = pager_query(db_rewrite_sql("SELECT n.nid, n.sticky, n.created FROM {node} n WHERE n.type = 'blog' AND n.uid = %d AND n.status = 1 ORDER BY n.sticky DESC, n.created DESC"), variable_get('default_nodes_main', 10), 0, NULL, $account->uid);
+  $result = pager_query("SELECT n.nid, n.sticky, n.created FROM {node} n WHERE n.type = 'blog' AND n.uid = %d AND n.status = 1 ORDER BY n.sticky DESC, n.created DESC", variable_get('default_nodes_main', 10), 0, NULL, $account->uid);
   $has_posts = FALSE;
   
   while ($node = db_fetch_object($result)) {
@@ -64,7 +64,7 @@
 
   $output = theme('item_list', $items);
 
-  $result = pager_query(db_rewrite_sql("SELECT n.nid, n.created FROM {node} n WHERE n.type = 'blog' AND n.status = 1 ORDER BY n.sticky DESC, n.created DESC"), variable_get('default_nodes_main', 10));
+  $result = pager_query("SELECT n.nid, n.created FROM {node} n WHERE n.type = 'blog' AND n.status = 1 ORDER BY n.sticky DESC, n.created DESC", variable_get('default_nodes_main', 10));
   $has_posts = FALSE;
 
   while ($node = db_fetch_object($result)) {
@@ -87,7 +87,7 @@
  * Menu callback; displays an RSS feed containing recent blog entries of a given user.
  */
 function blog_feed_user($account) {
-  $result = db_query_range(db_rewrite_sql("SELECT n.nid, n.created FROM {node} n  WHERE n.type = 'blog' AND n.uid = %d AND n.status = 1 ORDER BY n.created DESC"), $account->uid, 0, variable_get('feed_default_items', 10));
+  $result = db_query_range("SELECT n.nid, n.created FROM {node} n  WHERE n.type = 'blog' AND n.uid = %d AND n.status = 1 ORDER BY n.created DESC", $account->uid, 0, variable_get('feed_default_items', 10));
   $channel['title'] = $account->name ."'s blog";
   $channel['link'] = url('blog/'. $account->uid, array('absolute' => TRUE));
 
@@ -102,7 +102,7 @@
  * Menu callback; displays an RSS feed containing recent blog entries of all users.
  */
 function blog_feed_last() {
-  $result = db_query_range(db_rewrite_sql("SELECT n.nid, n.created FROM {node} n WHERE n.type = 'blog' AND n.status = 1 ORDER BY n.created DESC"), 0, variable_get('feed_default_items', 10));
+  $result = db_query_range("SELECT n.nid, n.created FROM {node} n WHERE n.type = 'blog' AND n.status = 1 ORDER BY n.created DESC", 0, variable_get('feed_default_items', 10));
   $channel['title'] = variable_get('site_name', 'Drupal') .' blogs';
   $channel['link'] = url('blog', array('absolute' => TRUE));