My install is a local install with Windows+IIS+MSSQL, which was mentioned here: http://groups.drupal.org/node/121629.
I downloaded the Commerce Guys Drupal 7 download from http://microsoft.com/web/drupal, and it's working great. But as soon as I downloaded v.7.2 and installed it, I started seeing a "security update" message stating the following:
There is a security update available for your version of Drupal. To ensure the security of your server, you should update immediately! See the available updates page for more information and to install your missing updates.
I started receiving this message right after I installed Drupal v7.2, so I'm not sure why it's telling me to now download v7.12. Does anyone know why I'd be receiving this, and how I should proceed?
Comments
This is often confusing, but
This is often confusing, but the way to think of it is that 2 is smaller than 12. Don't think of the period as a decimal, but a separator of two independent numbers.
knaddison blog | Morris Animal Foundation
commerce guys package being updated
Hi Jay -the commerce guys package is in process of being updated right now for our web gallery and we believe this issue is fixed. Should be up there in the next few days...
Best,
Grace
Good to know. Thanks granola!
Good to know. Thanks granola!
I have a quick follow-up
I have a quick follow-up question granola. I see that there's another security update for Drupal from 7.12 to 7.14, but I'm not sure how to proceed. When I see those updates, is there a place that I should go to update my Commerce Guys version of Drupal? I've tried using the core files straight from the site, but that doesn't work. Please keep in mind that I'm a newbie at this still. I'd appreciate your direction.
Hey Jay - thanks for letting
Hey Jay - thanks for letting me know. I just took a look at that in the admin panel and it appears this isn't an incremental update. The good news is we are expecting package updates for the web gallery shortly for both drupal distros we have in there. I need to check how you would apply that though to a current project you are working on... stay tuned.
Very good. Thanks granola.
Very good. Thanks granola. I'll make sure to stay tuned.
Do you know if there is any way to add my name to a notification list when those distributions are ever updated?
Hey there So to do an inplace
Hey there
So to do an inplace upgrade of your existing project this is what the Acquia team sent me:
To upgrade to a fixed version you just need to follow standard Drupal upgrade process - overwrite files and run http:///update.php in your browser
There's no notification in the web gallery when the distributions are updated that I am aware of but that's a good suggestion. Thanks.
-Grace
Ok, good to know. This is
Ok, good to know. This is what I followed last time. Is this correct: http://drupal.org/node/1494290
I'll give it another try soon. It gave me errors last time, so I backed out of it and re-uploaded the backup files.
Thanks for your help.
k let me know how it goes
k let me know how it goes. and if you could post whatever specific errors you get that would be helpful. tx
Will do. Thanks.
Will do. Thanks.
Ok, I just gave it a try, and
Ok, I just gave it a try, and ran into the same blank update.php screen. Here are the steps I followed per http://drupal.org/node/1494290:
9:17am: Backed up core and database
9:21am: Deleted all files except for "sites" folder
9:23am: Attempted to run http://mysite.com/update.php; resulted in blank screen
9:35am: Changed one line of code in update.php per http://drupal.org/node/112884 from "ini_set('display_errors', FALSE);" to "ini_set('display_errors', TRUE);".
9:40am: Received the following error:
Fatal error: require_once(): Failed opening required 'C:\inetpub\wwwroot\drupal/includes/database/database.inc' (include_path='.;C:\php\pear') in C:\inetpub\wwwroot\drupal\includes\bootstrap.inc on line 2370
That's where I'm stuck. When I try to open the "database" directory within "includes" I get an access denied error even though I have full admin rights over the entire server. I also noticed that there are forward and backslashes in the first path, even though I'm not sure if that matters in Drupal World. Any help would be appreciated.
k, got it. we'll investigate
k, got it. we'll investigate and hope to have a solution for you shortly. thanks for sending all the details.
-grace
k, got it. we'll investigate
k, got it. we'll investigate and hope to have a solution for you shortly. thanks for sending all the details.
-grace
No problem. I appreciate your
No problem. I appreciate your help greatly. I'll just sit tight and keep learning:)
Access denied error
The access denied error happens on folders marked for deletion which are already in use by a process, in this case the php-cgi.exe assigned to your web site.
You can restart the application domain assigned to your web site as a workaround to solve this issue.
This "ghost" folders issue happens during a lot of updates scenarios and IMHO needs to be addressed ASAP. I still have to check whether the problem stays in the PHP runtime or elsewhere.
Let me know if this helps :-)
Best,
Alessandro Pilotti
Windows Azure Insider
MVP IIS
Thanks for the info
Thanks for the info Alessandro. I noticed that if I close down the site, and wait about 10-15 minutes, I'm then able to delete the folder. It is a real pain and it about gave me a heart attach on my last update attempt:) Thank God for backups, and thanks (as always) for your help.
did alessandro's suggestions
did alessandro's suggestions get you what you needed to apply the security update?
No, unfortunately not. It
No, unfortunately not. It helped with me being able to upload my backup files over the non-working ones, but the error still appears every time I try to do the update. So that's where I'm stuck.
My backup of the core worked except for one thing: the sites/default/files and sites/default/files/tmp directories weren't writable anymore. I'm not sure why, but it took my network administrator copying over yesterday's version of the site to make it work again. He could have obviously messed with the rights to those folders, but we decided together that it would be better to just do a fresh backup on the server.
That same guy is gone for two days, so I don't want to mess with anything in that time. But after that, if a possible solution is found to that error, I'd love to try it again.
Update Commerce Guys Drupal to v7.14
I can confirm you that some additional steps are required to update a Commerce Guys Drupal site to v7.14. Here's how I solved it.
Install your Commerce Guys Drupal site via WebPi.
Download Drupal-7.14.zip
Set your site in maintenance mode
Using IIS Manager, stop the application pool associated to your web site
Delete all the web site content except the "sites" folder
Copy all the folders and files from inside the extracted Drupal package zip except "sites"
Open a command prompt and cd into your web site folder (e.g.: "cd c:\inetpub\d7commerce")
Copy the SQL Server schema files:
xcopy /i sites\all\modules\sqlsrv\sqlsrv includes\database\sqlsrvStart the application pool associated to your web site
Go to yourdrupalsitename/update.php and execute the updates
I got two SQL errors related to "node.vid" and "file_managed.uri". To solve them:
in the command prompt run:
sqlcmd -E -S .\SQLExpress-- Change the database name according to your setup
use d7commerce
go
alter table node drop column [__unique_vid]
go
DROP INDEX [uri_unique] ON [dbo].[file_managed]
GO
alter table file_managed
drop column [__unique_uri]
go
Don't exit SQLCmd.
Go again to yourdrupalsitename/update.php and execute the updates. This time everything should go fine.
Go back to sqlcmd and run:
alter table node add
[__unique_vid] AS (CONVERT(varbinary,hashbytes('MD4',coalesce(CONVERT(varbinary,[vid],0),CONVERT(varbinary,[__pk],0))),0))
go
alter table file_managed add
[__unique_uri] AS (CONVERT(varbinary,hashbytes('MD4',coalesce(CONVERT(varbinary,[uri],0),CONVERT(varbinary,[__pk],0))),0))
GO
CREATE UNIQUE NONCLUSTERED INDEX [uri_unique] ON [dbo].[file_managed]
(
[__unique_uri] ASC
)WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, SORT_IN_TEMPDB = OFF, IGNORE_DUP_KEY = OFF, DROP_EXISTING = OFF, ONLINE = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON [PRIMARY]
GO
and:
update system set status = '1' where filename = 'profiles/commerce_kickstart/commerce_kickstart.profile'go
Finally go back to your web site and disable maintenance mode.
That's it :-)
let me know if it helps!
Alessandro Pilotti
Windows Azure Insider
MVP ASP.Net / IIS
That is wonderful information
That is wonderful information and wonderful news! Thanks so much for those detailed instructions. I figured that there had to be more to it. I'm going to give it a try sometime this Friday, and I'll add another post on how everything went at that time.
Thanks as always for your help Alessandro:)
Hi Alessandro,I tried to
Hi Alessandro,
I tried to follow your instruction and ran into the following issue on the
alter table node drop column [__unique_vid]step.
Msg 5074, Level 16, State 1, Server BUCKET\SQLEXPRESS, Line 1
The index 'vid_unique' is dependent on column '__unique_vid'.
Msg 4922, Level 16, State 9, Server BUCKET\SQLEXPRESS, Line 1
ALTER TABLE DROP COLUMN __unique_vid failed because one or more objects access this column.
Do you have any idea of what i'm doing wrong?
thanks!
Ok, we've just tried the
Ok, we've just tried the first steps in the update, and ran into a few issues:
1) You wrote:
"Copy the SQL Server schema files:
xcopy /i sites\all\modules\sqlsrv\sqlsrv includes\database\sqlsrv"
I couldn't find any folders below: sites\all\modules\sqlsrv, but I did find a directory here: sites\all\modules\sqlsrv\sqlsrv\
Is this what you meant? If so, are you saying that we should make a "copy" as a backup, or should be place them somewhere else?
2) You write:
"Go to yourdrupalsitename/update.php and execute the updates
I got two SQL errors related to "node.vid" and "file_managed.uri"."
We didn't receive those errors, but this is what we did see: Fatal error: require_once(): Failed opening required 'C:\inetpub\wwwroot\drupal7/includes/database/sqlsrv/database.inc' (include_path='.;C:\php\pear') in C:\inetpub\wwwroot\drupal7\includes\database\database.inc on line 1666
Is this what you're referring to? Thanks for your help.
Drop index
There's an additional index that we simply need to drop before altering the column and recreate it afterwards:
Add the following to the first script to drop the index (before "alter table node drop column [__unique_vid]"):
DROP INDEX node.vid_uniqueGO
And this to the second one to create it:
CREATE UNIQUE NONCLUSTERED INDEX [vid_unique] ON [dbo].[node](
[__unique_vid] ASC
)WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, SORT_IN_TEMPDB = OFF, IGNORE_DUP_KEY = OFF, DROP_EXISTING = OFF, ONLINE = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON [PRIMARY]
GO
update
Hi Jay,
did you manage to complete your Drupal update? :-)
Alessandro
I had to wait until this week
I had to wait until this week in-case I needed to re-upload the backup on error with the help of my Network Administrator.
I'll let you know how it ends up. Thanks again for the detailed instructions.
Alessandro, I do have one
Alessandro, I do have one question concerning dmitry_bezer's post above. Is this how that should look after your additional code?
-- Change the database name according to your setup
use d7commerce
go
DROP INDEX node.vid_unique
GO
alter table node drop column [__unique_vid]
go
CREATE UNIQUE NONCLUSTERED INDEX [vid_unique] ON [dbo].[node]
(
[__unique_vid] ASC
)WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, SORT_IN_TEMPDB = OFF, IGNORE_DUP_KEY = OFF, DROP_EXISTING = OFF, ONLINE = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON) ON [PRIMARY]
GO
DROP INDEX [uri_unique] ON [dbo].[file_managed]
GO
alter table file_managed
drop column [__unique_uri]
go
UPDATE:
UPDATE:
After getting some guidance from Alessandro and the Commerce Guys own community forum, I was able to get past the first error when attempting to run the update.php script on a site using the SQLSRV Driver module. Here are the steps I followed: http://drupal.org/node/1561396#comment-6064230
I did receive 3 errors related to that module, but other similar users have as well. So hopefully some of the maintainers of that module will work on a solution for us SQL Server/Drupal 7 users soon (crossed fingers).
When/if a solution is found, I'll make sure to post it here as well.