diff options
-rw-r--r-- | includes/session.inc | 25 | ||||
-rw-r--r-- | modules/node/node.module | 3 | ||||
-rw-r--r-- | modules/search/search.pages.inc | 2 | ||||
-rw-r--r-- | modules/system/system.admin.inc | 4 |
4 files changed, 27 insertions, 7 deletions
diff --git a/includes/session.inc b/includes/session.inc index f79f11736..e589c07e4 100644 --- a/includes/session.inc +++ b/includes/session.inc @@ -56,8 +56,9 @@ function sess_read($key) { function sess_write($key, $value) { global $user; - // If the client doesn't have a session, and one isn't being created ($value), do nothing. - if (empty($_COOKIE[session_name()]) && empty($value)) { + // If saving of session data is disabled or if the client doesn't have a session, + // and one isn't being created ($value), do nothing. + if (!session_save_session() || (empty($_COOKIE[session_name()]) && empty($value))) { return TRUE; } @@ -153,3 +154,23 @@ function sess_gc($lifetime) { return TRUE; } + +/** + * Determine whether to save session data of the current request. + * + * This function allows the caller to temporarily disable writing of session data, + * should the request end while performing potentially dangerous operations, such as + * manipulating the global $user object. + * + * @param $status + * Disables writing of session data when FALSE, (re-)enables writing when TRUE. + * @return + * FALSE if writing session data has been disabled. Otherwise, TRUE. + */ +function session_save_session($status = NULL) { + static $save_session = TRUE; + if (isset($status)) { + $save_session = $status; + } + return ($save_session); +} diff --git a/modules/node/node.module b/modules/node/node.module index e6ca5eb91..c4ea1336e 100644 --- a/modules/node/node.module +++ b/modules/node/node.module @@ -1373,10 +1373,9 @@ function node_menu() { 'type' => MENU_CALLBACK, ); foreach (node_get_types('types', NULL, TRUE) as $type) { - $name = check_plain($type->name); $type_url_str = str_replace('_', '-', $type->type); $items['node/add/'. $type_url_str] = array( - 'title' => drupal_ucfirst($name), + 'title' => drupal_ucfirst($type->name), 'page callback' => 'node_add', 'page arguments' => array(2), 'access callback' => 'node_access', diff --git a/modules/search/search.pages.inc b/modules/search/search.pages.inc index f566223ec..4fea80cb5 100644 --- a/modules/search/search.pages.inc +++ b/modules/search/search.pages.inc @@ -84,7 +84,7 @@ function template_preprocess_search_result(&$variables) { $info = array(); if (!empty($result['type'])) { - $info['type'] = $result['type']; + $info['type'] = check_plain($result['type']); } if (!empty($result['user'])) { $info['user'] = $result['user']; diff --git a/modules/system/system.admin.inc b/modules/system/system.admin.inc index bc354c77a..72f49b9a4 100644 --- a/modules/system/system.admin.inc +++ b/modules/system/system.admin.inc @@ -172,7 +172,7 @@ function system_admin_theme_settings() { * Menu callback; displays a listing of all themes. * * @ingroup forms - * @see system_themes_form_submt(). + * @see system_themes_form_submit(). */ function system_themes_form() { @@ -405,7 +405,7 @@ function system_theme_settings(&$form_state, $key = '') { '#suffix' => '</div>', ); foreach ($node_types as $type => $name) { - $form['node_info']["toggle_node_info_$type"] = array('#type' => 'checkbox', '#title' => $name, '#default_value' => $settings["toggle_node_info_$type"]); + $form['node_info']["toggle_node_info_$type"] = array('#type' => 'checkbox', '#title' => check_plain($name), '#default_value' => $settings["toggle_node_info_$type"]); } } } |