diff options
author | David Rothstein <drothstein@gmail.com> | 2014-11-01 13:21:52 -0400 |
---|---|---|
committer | David Rothstein <drothstein@gmail.com> | 2014-11-01 13:21:52 -0400 |
commit | 6b7514afd2f03f3543d7c84e77cc97fa1d84dbb4 (patch) | |
tree | 5e8205a6cf1e734f8e2c30db9be64b2a598f537b /CHANGELOG.txt | |
parent | 3a4f085dfbf48a12d364b3aa80d0ecd336eb23e9 (diff) | |
download | brdo-6b7514afd2f03f3543d7c84e77cc97fa1d84dbb4.tar.gz brdo-6b7514afd2f03f3543d7c84e77cc97fa1d84dbb4.tar.bz2 |
Issue #829464 by Berdir, klausi, sepgil | Heine: Fixed orderby() should verify that the sort direction is always ASC or DESC.
Diffstat (limited to 'CHANGELOG.txt')
-rw-r--r-- | CHANGELOG.txt | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/CHANGELOG.txt b/CHANGELOG.txt index 46096d302..97a04b3f6 100644 --- a/CHANGELOG.txt +++ b/CHANGELOG.txt @@ -1,6 +1,9 @@ Drupal 7.33, xxxx-xx-xx (development version) ----------------------- +- Security improvement: Made the database API's orderBy() method sanitize the + sort direction ("ASC" or "DESC") for queries built with db_select(), so that + calling code does not have to. - Changed the RDF module to consistently output RDF metadata for nodes and comments near where the node is rendered in the HTML (minor markup and data structure change). |