From 4869f96c9d45e80fb025f33710e19dfceac5bbea Mon Sep 17 00:00:00 2001 From: Lorenz Schori Date: Sun, 6 Jan 2013 16:57:37 +0100 Subject: [PATCH] Fix generic part of ajax/authcache.php * Adapt headerdoc comments. * Remove _authcache_shutdown function from ajax handler. XHProf does not interfere with non-HTML responses anymore. * Remove call to variable_initialize. Variables are already present in DRUPAL_BOOTSTRAP_SESSION * Use drupal 7 version of drupal_to_js --- ajax/authcache.php | 38 ++++++++++++++------------------------ 1 file changed, 14 insertions(+), 24 deletions(-) diff --git a/ajax/authcache.php b/ajax/authcache.php index 1288cf6..a93ab03 100644 --- a/ajax/authcache.php +++ b/ajax/authcache.php @@ -4,16 +4,17 @@ * @file * Authcache Ajax Callback (authcache.php) * - * The Authcache Ajax phase, included by ../authcache.inc during - * Drupal's index.php EARLY_PAGE_CACHE bootstrap. Executed within - * _drupal_bootstrap() function. + * The Authcache Ajax phase, included by ../authcache.inc during the drupal + * bootstrap stage DRUPAL_BOOTSTRAP_PAGE_CACHE. * * Calls functions as defined in GET request: _authcache_{key} => value(s) * (Uses Authcache:ajax JSON from authcache.js) * Outputs JSON object of values returned by functions, if any. * * DO NOT MODIFY THIS FILE! - * For custom functions, use "authcache_custom.php" + * Place custom functions into sites/yoursite/authcache_custom.php. Additionally + * you may place functions into authcache_custom.php in the same directory as + * this file. *************************************************************/ // Attempt to prevent "cross-site request forgery" by requiring a custom header. @@ -30,12 +31,8 @@ if (isset($_POST['q'])) { $_GET['q'] = $_POST['q']; } -// Register a shutdown function (that will prevent other shutdown functions from running) -drupal_register_shutdown_function('_authcache_shutdown'); - - // Continue Drupal bootstrap. Establish database connection and validate session. -drupal_bootstrap(DRUPAL_BOOTSTRAP_SESSION); +drupal_bootstrap(DRUPAL_BOOTSTRAP_SESSION, TRUE); // If user session is invalid/expired, delete Authcache-defined cookies. global $user; @@ -46,9 +43,6 @@ if (!$user->uid && isset($_COOKIE['authcache'])) { setcookie('nocache', "", REQUEST_TIME - 86400, ini_get('session.cookie_path'), ini_get('session.cookie_domain'), ini_get('session.cookie_secure') == '1'); } -// Initialize configuration variables, using values from settings.php if available. -$conf = variable_initialize(isset($conf) ? $conf : array()); - $is_ajax_authcache = true; // Add your own custom functions to authcache_custom.php and place in your settings.php directory. @@ -91,12 +85,16 @@ if (isset($SOURCE['max_age']) && is_numeric($SOURCE['max_age'])) { header("Content-type: text/javascript"); -if (function_exists('json_encode')) { // Found in PHP 5.2 - print json_encode($response); +// Extracted from drupal_json_encode in common.inc +if (version_compare(PHP_VERSION, '5.3.0', '>=')) { + // Encode <, >, ', &, and " using the json_encode() options parameter. + print json_encode($response, JSON_HEX_TAG | JSON_HEX_APOS | JSON_HEX_AMP | JSON_HEX_QUOT); } else { - require_once './includes/common.inc'; // drupal_to_js - print drupal_to_js($response); + // json_encode() escapes <, >, ', &, and " using its options parameter, but + // does not support this parameter prior to PHP 5.3.0. Use a helper instead. + include_once DRUPAL_ROOT . '/includes/json-encode.inc'; + print drupal_json_encode_helper($response); } @@ -319,14 +317,6 @@ function _authcache_dev_query() { return count($queries) . " queries @ {$time_query} ms"; } -/** - * Shutdown function prevents other shutdown functions (eg xhprof) from corrupting the javascript output - */ -function _authcache_shutdown() { - exit; -} - - // // Contributed Module functions // -- 1.7.10.4