diff --git a/.gitignore b/.gitignore
deleted file mode 100644
index baff153..0000000
--- a/.gitignore
+++ /dev/null
@@ -1,6 +0,0 @@
-# Ignore configuration files that may contain sensitive information.
-sites/*/settings*.php
-
-# Ignore paths that contain user-generated content.
-sites/*/files
-sites/*/private
diff --git a/.htaccess b/.htaccess
deleted file mode 100644
index 7ccb6a2..0000000
--- a/.htaccess
+++ /dev/null
@@ -1,143 +0,0 @@
-#
-# Apache/PHP/Drupal settings:
-#
-
-# Protect files and directories from prying eyes.
-
- Order allow,deny
-
-
-# Don't show directory listings for URLs which map to a directory.
-Options -Indexes
-
-# Follow symbolic links in this directory.
-Options +FollowSymLinks
-
-# Make Drupal handle any 404 errors.
-ErrorDocument 404 /index.php
-
-# Set the default handler.
-DirectoryIndex index.php index.html index.htm
-
-# Override PHP settings that cannot be changed at runtime. See
-# sites/default/default.settings.php and drupal_environment_initialize() in
-# includes/bootstrap.inc for settings that can be changed at runtime.
-
-# PHP 5, Apache 1 and 2.
-
- php_flag magic_quotes_gpc off
- php_flag magic_quotes_sybase off
- php_flag register_globals off
- php_flag session.auto_start off
- php_value mbstring.http_input pass
- php_value mbstring.http_output pass
- php_flag mbstring.encoding_translation off
-
-
-# Requires mod_expires to be enabled.
-
- # Enable expirations.
- ExpiresActive On
-
- # Cache all files for 2 weeks after access (A).
- ExpiresDefault A1209600
-
-
- # Do not allow PHP scripts to be cached unless they explicitly send cache
- # headers themselves. Otherwise all scripts would have to overwrite the
- # headers set by mod_expires if they want another caching behavior. This may
- # fail if an error occurs early in the bootstrap process, and it may cause
- # problems if a non-Drupal PHP file is installed in a subdirectory.
- ExpiresActive Off
-
-
-
-# Various rewrite rules.
-
- RewriteEngine on
-
- # Set "protossl" to "s" if we were accessed via https://. This is used later
- # if you enable "www." stripping or enforcement, in order to ensure that
- # you don't bounce between http and https.
- RewriteRule ^ - [E=protossl]
- RewriteCond %{HTTPS} on
- RewriteRule ^ - [E=protossl:s]
-
- # Make sure Authorization HTTP header is available to PHP
- # even when running as CGI or FastCGI.
- RewriteRule ^ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
-
- # Block access to "hidden" directories whose names begin with a period. This
- # includes directories used by version control systems such as Subversion or
- # Git to store control files. Files whose names begin with a period, as well
- # as the control files used by CVS, are protected by the FilesMatch directive
- # above.
- #
- # NOTE: This only works when mod_rewrite is loaded. Without mod_rewrite, it is
- # not possible to block access to entire directories from .htaccess, because
- # is not allowed here.
- #
- # If you do not have mod_rewrite installed, you should remove these
- # directories from your webroot or otherwise protect them from being
- # downloaded.
- RewriteRule "(^|/)\." - [F]
-
- # If your site can be accessed both with and without the 'www.' prefix, you
- # can use one of the following settings to redirect users to your preferred
- # URL, either WITH or WITHOUT the 'www.' prefix. Choose ONLY one option:
- #
- # To redirect all users to access the site WITH the 'www.' prefix,
- # (http://example.com/... will be redirected to http://www.example.com/...)
- # uncomment the following:
- # RewriteCond %{HTTP_HOST} .
- # RewriteCond %{HTTP_HOST} !^www\. [NC]
- # RewriteRule ^ http%{ENV:protossl}://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
- #
- # To redirect all users to access the site WITHOUT the 'www.' prefix,
- # (http://www.example.com/... will be redirected to http://example.com/...)
- # uncomment the following:
- # RewriteCond %{HTTP_HOST} ^www\.(.+)$ [NC]
- # RewriteRule ^ http%{ENV:protossl}://%1%{REQUEST_URI} [L,R=301]
-
- # Modify the RewriteBase if you are using Drupal in a subdirectory or in a
- # VirtualDocumentRoot and the rewrite rules are not working properly.
- # For example if your site is at http://example.com/drupal uncomment and
- # modify the following line:
- # RewriteBase /drupal
- #
- # If your site is running in a VirtualDocumentRoot at http://example.com/,
- # uncomment the following line:
- # RewriteBase /
-
- # Pass all requests not referring directly to files in the filesystem to
- # index.php. Clean URLs are handled in drupal_environment_initialize().
- RewriteCond %{REQUEST_FILENAME} !-f
- RewriteCond %{REQUEST_FILENAME} !-d
- RewriteCond %{REQUEST_URI} !=/favicon.ico
- RewriteRule ^ index.php [L]
-
- # Rules to correctly serve gzip compressed CSS and JS files.
- # Requires both mod_rewrite and mod_headers to be enabled.
-
- # Serve gzip compressed CSS files if they exist and the client accepts gzip.
- RewriteCond %{HTTP:Accept-encoding} gzip
- RewriteCond %{REQUEST_FILENAME}\.gz -s
- RewriteRule ^(.*)\.css $1\.css\.gz [QSA]
-
- # Serve gzip compressed JS files if they exist and the client accepts gzip.
- RewriteCond %{HTTP:Accept-encoding} gzip
- RewriteCond %{REQUEST_FILENAME}\.gz -s
- RewriteRule ^(.*)\.js $1\.js\.gz [QSA]
-
- # Serve correct content types, and prevent mod_deflate double gzip.
- RewriteRule \.css\.gz$ - [T=text/css,E=no-gzip:1]
- RewriteRule \.js\.gz$ - [T=text/javascript,E=no-gzip:1]
-
-
- # Serve correct encoding type.
- Header set Content-Encoding gzip
- # Force proxies to cache gzipped & non-gzipped css/js files separately.
- Header append Vary Accept-Encoding
-
-
-
diff --git a/CHANGELOG.txt b/CHANGELOG.txt
deleted file mode 100644
index 93c4bd5..0000000
--- a/CHANGELOG.txt
+++ /dev/null
@@ -1,2033 +0,0 @@
-
-Drupal 7.36, xxxx-xx-xx (development version)
------------------------
-- Added a 'file_public_schema' variable which allows modules that define
- publicly-accessible streams in hook_stream_wrappers() to bypass file download
- access checks when processing managed file upload fields.
-- Fixed a bug that caused database query tags not to be added to search-related
- database queries under many circumstances, and which prevented the
- corresponding hook_query_TAG_alter() implementations from being called.
-- Fixed the "for" attribute on managed file upload field labels to improve
- accessibility (minor markup change).
-- Added a 'javascript_always_use_jquery' variable which can be set to FALSE by
- sites that may not need jQuery loaded on all pages, and a 'requires_jquery'
- option to drupal_add_js() which modules can set to FALSE when adding
- JavaScript files that have no dependency on jQuery (API addition:
- https://www.drupal.org/node/2462717).
-- Fixed incorrect foreign keys in the User module's role_permission and
- users_roles database tables.
-- Changed permission descriptions throughout Drupal core to consistently link
- to relevant administrative pages, regardless of whether the user viewing the
- Permissions page can view the page being linked to (minor UI change).
-- Fixed the drupal_add_region_content() function so that it actually adds
- content to the page.
-- Added an 'image_suppress_itok_output' variable to allow sites already using
- the existing 'image_allow_insecure_derivatives' variable to also prevent
- security tokens from appearing in image derivative URLs.
-- Fixed double-escaping of theme names in the Block module administrative
- interface (minor string change).
-- Added basic support for Xdebug when running automated tests.
-- Fixed a bug which caused previewing a node to remove elements from the node
- being edited. With this fix, calling node_preview() will no longer modify the
- passed-in node object (minor API change).
-- Added a user_has_role() function to check whether a user has a particular
- role (API addition: https://www.drupal.org/node/2462411).
-- Fixed installation failures when an opcode cache is enabled.
-- Fixed a bug in the Drupal 6 to Drupal 7 upgrade path which caused private
- files to be inaccessible.
-- Fixed a bug in the Drupal 6 to Drupal 7 upgrade path which caused user
- pictures to be lost.
-- Fixed missing language code in hook_field_attach_view_alter() when it is
- invoked from field_view_field().
-- Stopped sending ETag and Last-Modified headers for uncached page requests,
- since they break caching for certain Varnish and Nginx configurations.
-- Changed the Simpletest module to allow PSR-4 test classes to be used in
- Drupal 7.
-- Fixed a fatal error that occurred when using the Comment module's "Unpublish
- comment containing keyword(s)" action.
-- Changed the "lang" attribute on language links to "xml:lang" so it validates
- as XHTML (minor markup change).
-- Prevented the form API from allowing arrays to be submitted for various form
- elements, such as textfields, textareas, and password fields (API change:
- https://www.drupal.org/node/2462723).
-- Fixed a bug in the Contact module which caused the global user object to have
- the incorrect name and e-mail address during the remainder of the page
- request after the contact form is submitted.
-- Numerous small bug fixes.
-- Numerous API documentation improvements.
-- Additional automated test coverage.
-
-Drupal 7.35, 2015-03-18
-----------------------
-- Fixed security issues (multiple vulnerabilities). See SA-CORE-2015-001.
-
-Drupal 7.34, 2014-11-19
-----------------------
-- Fixed security issues (multiple vulnerabilities). See SA-CORE-2014-006.
-
-Drupal 7.33, 2014-11-07
------------------------
-- Began storing the file modification time of each module and theme in the
- {system} database table so that contributed modules can use it to identify
- recently changed modules and themes (minor data structure change to the
- return value of system_get_info() and other related functions).
-- Added a "Did you mean?" feature to the run-tests.sh script for running
- automated tests from the command line, to help developers who are attempting
- to run a particular test class or group.
-- Changed the date format used in various HTTP headers output by Drupal core
- from RFC 1123 format to RFC 7231 format.
-- Added a "block_cache_bypass_node_grants" variable to allow sites which have
- node access modules enabled to use the block cache if desired (API addition).
-- Made image derivative generation HTTP requests return a 404 error (rather
- than a 500 error) when the source image does not exist.
-- Fixed a bug which caused user pictures to be removed from the user object
- after saving, and resulted in data loss if the user account was subsequently
- re-saved.
-- Fixed a bug in which field_has_data() did not return TRUE for fields that
- only had data in older entity revisions, leading to loss of the field's data
- when the field configuration was edited.
-- Fixed a bug which caused the Ajax progress throbber to appear misaligned in
- many situatons (minor styling change).
-- Prevented the Bartik theme from lower-casing the "Permalink" link on
- comments, for improved multilingual support (minor UI change).
-- Added a "preferred_menu_links" tag to the database query that is used by
- menu_link_get_preferred() to find the preferred menu link for a given path,
- to make it easier to alter.
-- Increased the maximum allowed length of block titles to 255 characters
- (database schema change to the {block} table).
-- Removed the Field module's field_modules_uninstalled() function, since it did
- not do anything when it was invoked.
-- Added a "theme_hook_original" variable to templates and theme functions and
- an optional sitewide theme debug mode, to provide contextual information in
- the page's HTML to theme developers. The theme debug mode is based on the one
- used with Twig in Drupal 8 and can be accessed by setting the "theme_debug"
- variable to TRUE (API addition).
-- Added an entity_view_mode_prepare() API function to allow entity-defining
- modules to properly invoke hook_entity_view_mode_alter(), and used it
- throughout Drupal core to fix bugs with the invocation of that hook (API
- change: https://www.drupal.org/node/2369141).
-- Security improvement: Made the database API's orderBy() method sanitize the
- sort direction ("ASC" or "DESC") for queries built with db_select(), so that
- calling code does not have to.
-- Changed the RDF module to consistently output RDF metadata for nodes and
- comments near where the node is rendered in the HTML (minor markup and data
- structure change).
-- Added an HTML class to RDFa metatags throughout Drupal to prevent them from
- accidentally affecting the site appearance (minor markup change).
-- Fixed a bug in the Unicode requirements check which prevented installing
- Drupal on PHP 5.6.
-- Fixed a bug which caused drupal_get_bootstrap_phase() to abort the bootstrap
- when called early in the page request.
-- Renamed the "Search result" view mode to "Search result highlighting input"
- to better reflect how it is used (UI change).
-- Improved database queries generated by EntityFieldQuery in the case where
- delta or language condition groups are used, to reduce the number of INNER
- JOINs (this is a minor data structure change affecting code which implements
- hook_query_alter() on these queries).
-- Removed special-case behavior for file uploads which allowed user #1 to
- bypass maximum file size and user quota limits.
-- Numerous small bug fixes.
-- Numerous API documentation improvements.
-- Additional automated test coverage.
-
-Drupal 7.32, 2014-10-15
-----------------------
-- Fixed security issues (SQL injection). See SA-CORE-2014-005.
-
-Drupal 7.31, 2014-08-06
-----------------------
-- Fixed security issues (denial of service). See SA-CORE-2014-004.
-
-Drupal 7.30, 2014-07-24
------------------------
-- Fixed a regression introduced in Drupal 7.29 that caused files or images
- attached to taxonomy terms to be deleted when the taxonomy term was edited
- and resaved (and other related bugs with contributed and custom modules).
-- Added a warning on the permissions page to recommend restricting access to
- the "View site reports" permission to trusted administrators. See
- DRUPAL-PSA-2014-002.
-- Numerous API documentation improvements.
-- Additional automated test coverage.
-
-Drupal 7.29, 2014-07-16
-----------------------
-- Fixed security issues (multiple vulnerabilities). See SA-CORE-2014-003.
-
-Drupal 7.28, 2014-05-08
------------------------
-- Fixed a regression introduced in Drupal 7.27 that caused JavaScript to break
- on older browsers (such as Internet Explorer 8 and earlier) when Ajax was
- used.
-- Increased the timeout used by the Update Manager module when it fetches data
- from drupal.org (from 5 seconds to 30 seconds), to work around a problem
- which causes incomplete information about security updates to be presented to
- site administrators. This fix may lead to a performance slowdown on the
- Update Manager administration pages, when installing Drupal distributions,
- and (for sites that use the automated cron feature) on occasional page loads
- by site visitors.
-- Fixed the behavior of the token system's "[node:summary]" token when the body
- field does not have a manual summary.
-- Changed the behavior of db_query_temporary() so that it works on SELECT
- queries even when they have leading comments/whitespace. A side effect of
- this fix is that db_query_temporary() will now fail with an error if it is
- ever used on non-SELECT queries.
-- Added a "node_admin_filter" tag to the database query used to build the list
- of nodes on the content administration page, to make it easier to alter.
-- Made the cron queue system log any exceptions that are thrown while an item
- in the queue is being processed, rather than stopping the entire PHP request.
-- Improved screen reader support by adding an aria-live HTML attribute to file
- upload fields when there is an error uploading the file (minor markup
- change).
-- Made the pager on the Tracker module listing pages show the same number of
- items as other pagers throughout Drupal core (minor UI change).
-- Fixed a bug which caused caches not to be properly cleared when a file entity
- was saved or deleted.
-- Added several missing countries to the default list returned by
- country_get_list() (string change).
-- Replaced the term "weight" with "influence" in the content ranking settings
- for search, and added help text for administrators (string change).
-- Fixed untranslatable text strings in the administrative interface for the
- "Crop" effect provided by the Image module (minor string change).
-- Fixed a bug in the Taxonomy module update function introduced in Drupal 7.26
- that caused memory and CPU problems on sites with very large numbers of
- unpublished nodes.
-- Numerous small bug fixes.
-- Numerous API documentation improvements.
-- Additional automated test coverage.
-
-Drupal 7.27, 2014-04-16
-----------------------
-- Fixed security issues (information disclosure). See SA-CORE-2014-002.
-
-Drupal 7.26, 2014-01-15
-----------------------
-- Fixed security issues (multiple vulnerabilities). See SA-CORE-2014-001.
-
-Drupal 7.25, 2014-01-02
------------------------
-- Fixed a bug in node_save() which prevented the saved node from being updated
- in hook_node_insert() and other similar hooks.
-- Added a meta tag to install.php to prevent it from being indexed by search
- engines even when Drupal is installed in a subfolder (minor markup change).
-- Fixed a bug in the database API that caused frequent deadlock errors when
- running merge queries on some servers.
-- Performance improvement: Prevented block rehashing from writing blocks to the
- database on every cache clear and cron run when the blocks have not changed.
- This fix results in an extra 'saved' key which is added and set to TRUE for
- each block returned by _block_rehash() that actually is saved to the database
- (data structure change).
-- Added an optional 'skip on cron' parameter to hook_cron_queue_info() to allow
- queues to avoid being automatically processed on cron runs (API addition).
-- Fixed a bug which caused hook_block_view_MODULE_DELTA_alter() to never be
- invoked if the block delta had a hyphen in it. To implement the hook when the
- block delta has a hyphen, modules should now replace hyphens with underscores
- when constructing the function name for the hook implementation.
-- Fixed a bug which caused cached pages to sometimes be sent to the browser
- with incorrect compression. The fix adds a new 'page_compressed' key to the
- $cache->data array returned by drupal_page_get_cache() (minor data structure
- change).
-- Fixed broken tests on PHP 5.5.
-- Made the File and Image modules more robust when saving entities that have
- deleted files attached. The code in file_field_presave() will now remove the
- record of the deleted file from the entity before saving (minor data
- structure change).
-- Standardized menu callback functions throughout Drupal core to return
- MENU_NOT_FOUND and MENU_ACCESS_DENIED rather than printing their own "page
- not found" or "access denied" pages (minor API change in the return value of
- these functions under some circumstances).
-- Fixed a bug in which caches were not properly cleared when a node was deleted
- via the administrative interface.
-- Changed the Bartik theme to render content contained in , and
- similar tags in a larger font size, so it is easier to read.
-- Fixed a bug in the Search module that caused exceptions to be thrown during
- searches if the server was not configured to represent decimal points as a
- period.
-- Fixed a regression in the Image module that made image_style_url() not work
- when a relative path (rather than a complete file URI) was passed to it.
-- Added an optional feature to the Statistics module to allow node views to be
- tracked by Ajax requests rather than during the server-side generation of the
- page. This allows the node counter to work on sites that use external page
- caches (string change and new administrative option:
- https://drupal.org/node/2164069).
-- Added a link to the drupal.org documentation page for cron to the Cron
- settings page (string change).
-- Added a 'drupal_anonymous_user_object' variable to allow the anonymous user
- object returned by drupal_anonymous_user() to be overridden with a classed
- object (API addition).
-- Changed the database API to allow inserts based on a SELECT * query to work
- correctly.
-- Changed the database schema of the {file_managed} table to allow Drupal to
- manage files larger than 4 GB.
-- Changed the File module's hook_field_load() implementation to prevent file
- entity properties which have the same name as file or image field properties
- from overwriting the field properties (minor API change).
-- Numerous small bug fixes.
-- Numerous API documentation improvements.
-- Additional automated test coverage.
-
-Drupal 7.24, 2013-11-20
-----------------------
-- Fixed security issues (multiple vulnerabilities), see SA-CORE-2013-003.
-
-Drupal 7.23, 2013-08-07
------------------------
-- Fixed a fatal error on PostgreSQL databases when updating the Taxonomy module
- from Drupal 6 to Drupal 7.
-- Fixed the default ordering of CSS files for sites using right-to-left
- languages, to consistently place the right-to-left override file immediately
- after the CSS it is overriding (API change: https://drupal.org/node/2058463).
-- Added a drupal_check_memory_limit() API function to allow the memory limit to
- be checked consistently (API addition).
-- Changed the default web.config file for IIS servers to allow favicon.ico
- files which are present in the filesystem to be accessed.
-- Fixed inconsistent support for the 'tel' protocol in Drupal's URL filtering
- functions.
-- Performance improvement: Allowed all hooks to be included in the
- module_implements() cache, even those that are only invoked on HTTP POST
- requests.
-- Made the database system replace truncate queries with delete queries when
- inside a transaction, to fix issues with PostgreSQL and other databases.
-- Fixed a bug which caused nested contextual links to display improperly.
-- Fixed a bug which prevented cached image derivatives from being flushed for
- private files and other non-default file schemes.
-- Fixed drupal_render() to always return an empty string when there is no
- output, rather than sometimes returning NULL (minor API change).
-- Added protection to cache_clear_all() to ensure that non-cache tables cannot
- be truncated (API addition: a new isValidBin() method has been added to the
- default database cache implementation).
-- Changed the default .htaccess file to support HTTP authorization in CGI
- environments.
-- Changed the password reset form to pre-fill the username when requested via a
- URL query parameter, and used this in the error message that appears after a
- failed login attempt (minor data structure and behavior change).
-- Fixed broken support for foreign keys in the field API.
-- Fixed "No active batch" error when a user cancels their own account.
-- Added a description to the "access content overview" permission on the
- permissions page (string change).
-- Added a drupal_array_diff_assoc_recursive() function to allow associative
- arrays to be compared recursively (API addition).
-- Added human-readable labels to image styles, in addition to the existing
- machine-readable name (API change: https://drupal.org/node/2058503).
-- Moved the drupal_get_hash_salt() function to bootstrap.inc and used it in
- additional places in the code, for added security in the case where there is
- no hash salt in settings.php.
-- Fixed a regression in Drupal 7.22 that caused internal server errors for
- sites running on very old Apache 1.x web servers.
-- Numerous small bug fixes.
-- Numerous API documentation improvements.
-- Additional automated test coverage.
-
-Drupal 7.22, 2013-04-03
------------------------
-- Allowed the drupal_http_request() function to be overridden so that
- additional HTTP request capabilities can be added by contributed modules.
-- Changed the Simpletest module to allow PSR-0 test classes to be used in
- Drupal 7.
-- Removed an unnecessary "Content-Disposition" header from private file
- downloads; it prevented many private files from being viewed inline in a web
- browser.
-- Changed various field API functions to allow them to optionally act on a
- single field within an entity (API addition: http://drupal.org/node/1825844).
-- Fixed a bug which prevented Drupal's file transfer functionality from working
- on some PHP 5.4 systems.
-- Fixed incorrect log message when theme() is called for a theme hook that does
- not exist (minor string change).
-- Fixed Drupal's token-replacement system to allow spaces in the token value.
-- Changed the default behavior after a user creates a node they do not have
- access to view. The user will now be redirected to the front page rather than
- an access denied page.
-- Fixed a bug which prevented empty HTTP headers (such as "0") from being set.
- (Minor behavior change: Callers of drupal_add_http_header() must now set
- FALSE explicitly to prevent a header from being sent at all; this was already
- indicated in the function's documentation.)
-- Fixed OpenID errors when more than one module implements hook_openid(). The
- behavior is now changed so that if more than one module tries to set the same
- parameter, the last module's change takes effect.
-- Fixed a serious documentation bug: The $name variable in the
- taxonomy-term.tpl.php theme template was incorrectly documented as being
- sanitized when in fact it is not.
-- Fixed a bug which prevented Drupal 6 to Drupal 7 upgrades on sites which had
- duplicate permission names in the User module's database tables.
-- Added an empty "datatype" attribute to taxonomy term and username links to
- make the RDFa markup upward compatible with RDFa 1.1 (minor markup addition).
-- Fixed a bug which caused the denial-of-service protection added in Drupal
- 7.20 to break certain valid image URLs that had an extra slash in them.
-- Fixed a bug with update queries in the SQLite database driver that prevented
- Drupal from being installed with SQLite on PHP 5.4.
-- Fixed enforced dependencies errors updating to recent versions of Drupal 7 on
- certain non-MySQL databases.
-- Refactored the Field module's caching behavior to obtain large improvements
- in memory usage for sites with many fields and instances (API addition:
- http://drupal.org/node/1915646).
-- Fixed entity argument not being passed to implementations of
- hook_file_download_access_alter(). The fix adds an additional context
- parameter that can be passed when calling drupal_alter() for any hook (API
- change: http://drupal.org/node/1882722).
-- Fixed broken support for translatable comment fields (API change:
- http://drupal.org/node/1874724).
-- Added an assertThemeOutput() method to Simpletest to allow tests to check
- that themed output matches an expected HTML string (API addition).
-- Added a link to "Install another module" after a module has been successfully
- downloaded via the Update Manager (UI change).
-- Added an optional "exclusive" flag to installation profile .info files which
- allows Drupal distributions to force a profile to be selected during
- installation (API addition: http://drupal.org/node/1961012).
-- Fixed a bug which caused the database API to not properly close database
- connections.
-- Added a link to the URL for running cron from outside the site to the Cron
- settings page (UI change).
-- Fixed a bug which prevented image styles from being reverted on PHP 5.4.
-- Made the default .htaccess rules protocol sensitive to improve security for
- sites which use HTTPS and redirect between "www" and non-"www" versions of
- the page.
-- Numerous small bug fixes.
-- Numerous API documentation improvements.
-- Additional automated test coverage.
-
-Drupal 7.21, 2013-03-06
------------------------
-- Allowed sites using the 'image_allow_insecure_derivatives' variable to still
- have partial protection from the security issues fixed in Drupal 7.20.
-
-Drupal 7.20, 2013-02-20
------------------------
-- Fixed security issues (denial of service). See SA-CORE-2013-002.
-
-Drupal 7.19, 2013-01-16
------------------------
-- Fixed security issues (multiple vulnerabilities). See SA-CORE-2013-001.
-
-Drupal 7.18, 2012-12-19
------------------------
-- Fixed security issues (multiple vulnerabilities). See SA-CORE-2012-004.
-
-Drupal 7.17, 2012-11-07
------------------------
-- Changed the default value of the '404_fast_html' variable to have a DOCTYPE
- declaration.
-- Made it possible to use associative arrays for the 'items' variable in
- theme_item_list().
-- Fixed a bug which prevented required form elements without a title from being
- given an "error" class when the form fails validation.
-- Prevented duplicate HTML IDs from appearing when two forms are displayed on
- the same page and one of them is submitted with invalid data (minor markup
- change).
-- Fixed a bug which prevented Drupal 6 to Drupal 7 upgrades on sites which had
- stale data in the Upload module's database tables.
-- Fixed a bug in the States API which prevented certain types of form elements
- from being disabled when requested.
-- Allowed aggregator feed items with author names longer than 255 characters to
- have a truncated version saved to the database (rather than causing a fatal
- error).
-- Allowed aggregator feed items to have URLs longer than 255 characters
- (schema change which results in several columns in the Aggregator module's
- database tables changing from VARCHAR to TEXT fields).
-- Added hook_taxonomy_term_view() and standardized the process for rendering
- taxonomy terms to invoke hook_entity_view() and otherwise make it consistent
- with other entities (API change: http://drupal.org/node/1808870).
-- Added hook_entity_view_mode_alter() to allow modules to change entity view
- modes on display (API addition: http://drupal.org/node/1833086).
-- Fixed a bug which made database queries running a "LIKE" query on blob fields
- fail on PostgreSQL databases. This caused errors during the Drupal 6 to
- Drupal 7 upgrade.
-- Changed the hook_menu() entry for Drupal's rss.xml page to prevent extra path
- components from being accidentally passed to the page callback function (data
- structure change).
-- Removed a non-standard "name" attribute from Drupal's default Content-Type
- header for file downloads.
-- Fixed the theme settings form to properly clean up submitted values in
- $form_state['values'] when the form is submitted (data structure change).
-- Fixed an inconsistency by removing the colon from the end of the label on
- multi-valued form fields (minor string change).
-- Added support for 'weight' in hook_field_widget_info() to allow modules to
- control the order in which widgets are displayed in the Field UI.
-- Updated various tables in the OpenID and Book modules to use the default
- "empty table" text pattern (string change).
-- Added proxy server support to drupal_http_request().
-- Added "lang" attributes to language links, to better support screen readers.
-- Fixed double occurrence of a "ul" HTML tag on secondary local tasks in the
- Seven theme (markup change).
-- Fixed bugs which caused taxonomy vocabulary and shortcut set titles to be
- double-escaped. The fix replaces the taxonomy vocabulary overview page and
- "Edit shortcuts" menu items' title callback entries in hook_menu() with new
- functions that do not escape HTML characters (data structure change).
-- Modified the Update manager module to allow drupal.org to collect usage
- statistics for individual modules and themes, rather than only for entire
- projects.
-- Modified the node listing database query on Drupal's default front page to
- add table aliases for better query altering (this is a data structure change
- affecting code which implements hook_query_alter() on this query).
-- Improved the translatability of the "Field type(s) in use" message on the
- modules page (admin-facing string change).
-- Fixed a regression which caused a "call to undefined function
- drupal_find_base_themes()" fatal error under rare circumstances.
-- Numerous API documentation improvements.
-- Additional automated test coverage.
-
-Drupal 7.16, 2012-10-17
------------------------
-- Fixed security issues (Arbitrary PHP code execution and information
- disclosure). See SA-CORE-2012-003.
-
-Drupal 7.15, 2012-08-01
------------------------
-- Introduced a 'user_password_reset_timeout' variable to allow the 24-hour
- expiration for user password reset links to be adjusted (API addition).
-- Fixed database errors due to ambiguous column names that occurred when
- EntityFieldQuery was used in certain situations.
-- Changed the drupal_array_get_nested_value() function to return a reference
- (API addition).
-- Changed the System module's hook_block_info() implementation to assign the
- "Main page content" and "System help" blocks to appropriate regions by
- default and prevent error messages on the block administration page (data
- structure change).
-- Fixed regression: Non-node entities couldn't be accessed with
- EntityFieldQuery.
-- Fixed regression: Optional radio buttons with an empty, non-NULL default
- value led to an illegal choice error when none were selected.
-- Reorganized the testing framework to split setUp() into specific sub-methods
- and fix several regressions in the process.
-- Fixed bug which made it impossible to search for strings that have not been
- translated into a particular language.
-- Renamed the "Field" column on the Manage Fields screen to "Field type", since
- the former was confusing and inaccurate (UI change).
-- Performance improvement: Removed needless call to system_rebuild_module_data()
- in field_sync_field_status(), greatly speeding up bulk module enable/disable.
-- Fixed bug which prevented notifications from being sent when core, module, and
- theme updates are available.
-- Fixed bug which prevented sub-themes from inheriting the default values of
- theme settings defined by the base theme.
-- Fixed bug which prevented the jQuery UI Datepicker from being localized.
-- Made Ajax alert dialogs respect error reporting settings.
-- Fixed bug which prevented image styles from being deleted on PHP 5.4.
-- Fixed bug: Language detection by domain only worked on port 80.
-- Fixed regression: The first plural index on a page was not calculated
- correctly.
-- Introduced generic entity language support. Entities may now declare their
- language property in hook_entity_info(), and modules working with entities
- may access the language using entity_language() (API change:
- http://drupal.org/node/1626346).
-- Added EntityFieldQuery support for taxonomy bundles.
-- Fixed issue where field form structure was incomplete if field_access()
- returned FALSE. Instead of being incomplete, the form structure now has
- #access set to FALSE and field form validation is skipped (data structure
- change: http://drupal.org/node/1663020).
-- Fixed data loss issue due to field_has_data() returning inconsistent results.
- The fix adds an optional DANGEROUS_ACCESS_CHECK_OPT_OUT tag to entity field
- queries which field storage engines can respond to (API addition:
- http://drupal.org/node/1597378).
-- Fixed notice: Undefined index: default_image in image_field_prepare_view()
-- Numerous API documentation improvements.
-- Additional automated test coverage.
-
-Drupal 7.14 2012-05-02
-----------------------
-- Fixed "integrity constraint" fatal errors when rebuilding registry.
-- Fixed custom logo and favicon functionality referencing incorrect paths.
-- Fixed DB Case Sensitivity: Allow BINARY attribute in MySQL.
-- Split field_bundle_settings out per bundle.
-- Improve UX for machine names for fields (UI change).
-- Fixed User pictures are not removed properly.
-- Fixed HTTPS sessions not working in all cases.
-- Fixed Regression: Required radios throw illegal choice error when none
- selected.
-- Fixed allow autocompletion requests to include slashes.
-- Eliminate $user->cache and {session}.cache in favor of
- $_SESSION['cache_expiration'][$bin] (Performance).
-- Fixed focus jumps to tab when pressing enter on a form element within tab.
-- Fixed race condition in locale() - duplicates in {locales_source}.
-- Fixed Missing "Default image" per field instance.
-- Quit clobbering people's work when they click the filter tips link
-- Form API #states: Fix conditionals to allow OR and XOR constructions.
-- Fixed Focus jumps to tab when pressing enter on a form element within tab.
- (Accessibility)
-- Improved performance of node_access queries.
-- Fixed Fieldsets inside vertical tabs have no title and can't be collapsed.
-- Reduce size of cache_menu table (Performance).
-- Fixed unnecessary aggregation of CSS/JS (Performance).
-- Fixed taxonomy_autocomplete() produces SQL error for nonexistent field.
-- Fixed HTML filter is not run first by default, despite default weight.
-- Fixed Overlay does not work with prefixed URL paths.
-- Better debug info for field errors (string change).
-- Fixed Data corruption in comment IDs (results in broken threading on
- PostgreSQL).
-- Fixed machine name not editable if every character is replaced.
-- Fixed user picture not appearing in comment preview (Markup change).
-- Added optional vid argument for taxonomy_get_term_by_name().
-- Fixed Invalid Unicode code range in PREG_CLASS_UNICODE_WORD_BOUNDARY fails
- with PCRE 8.30.
-- Fixed {trigger_assignments()}.hook has only 32 characters, is too short.
-- Numerous fixes to run-tests.sh.
-- Fixed Tests in profiles/[name]/modules cannot be run and cannot use a
- different profile for running tests.
-- Numerous JavaScript performance fixes.
-- Numerous documentation fixes.
-- Fixed All pager links have an 'active' CSS class.
-- Numerous upgrade path fixes; notably:
- - system_update_7061() fails on inserting files with same name but different
- case.
- - system_update_7061() converts filepaths too aggressively.
- - Trigger upgrade path: Node triggers removed when upgrading to 7-x from 6.25.
-
-Drupal 7.13 2012-05-02
-----------------------
-- Fixed security issues (Multiple vulnerabilities), see SA-CORE-2012-002.
-
-Drupal 7.12, 2012-02-01
-----------------------
-- Fixed bug preventing custom menus from receiving an active trail.
-- Fixed hook_field_delete() no longer invoked during field_purge_data().
-- Fixed bug causing entity info cache to not be cleared with the rest of caches.
-- Fixed file_unmanaged_copy() fails with Drupal 7.7+ and safe_mode() or
- open_basedir().
-- Fixed Nested transactions throw exceptions when they got out of scope.
-- Fixed bugs with the Return-Path when sending mail on both Windows and
- non-Windows systems.
-- Fixed bug with DrupalCacheArray property visibility preventing others from
- extending it (API change: http://drupal.org/node/1422264).
-- Fixed bug with handling of non-ASCII characters in file names (API change:
- http://drupal.org/node/1424840).
-- Reconciled field maximum length with database column size in image and
- aggregator modules.
-- Fixes to various core JavaScript files to allow for minification and
- aggregation.
-- Fixed Prevent tests from deleting main installation's tables when
- parent::setUp() is not called.
-- Fixed several Poll module bugs.
-- Fixed several Shortcut module bugs.
-- Added new hook_system_theme_info() to provide ability for contributed modules
- to test theme functionality.
-- Added ability to cancel mail sending from hook_mail_alter().
-- Added support for configurable PDO connection options, enabling master-master
- database replication.
-- Numerous improvements to tests and test runner to pave the way for faster test
- runs.
-- Expanded test coverage.
-- Numerous API documentation improvements.
-- Numerous performance improvements, including token replacement and render
- cache.
-
-Drupal 7.11, 2012-02-01
-----------------------
-- Fixed security issues (Multiple vulnerabilities), see SA-CORE-2012-001.
-
-Drupal 7.10, 2011-12-05
-----------------------
-- Fixed Content-Language HTTP header to not cause issues with Drush 5.x.
-- Reduce memory usage of theme registry (performance).
-- Fixed PECL upload progress bar for FileField
-- Fixed running update.php doesn't always clear the cache.
-- Fixed PDO exceptions on long titles.
-- Fixed Overlay redirect does not include query string.
-- Fixed D6 modules satisfy D7 module dependencies.
-- Fixed the ordering of module hooks when using module_implements_alter().
-- Fixed "floating" submit buttons during AJAX requests.
-- Fixed timezone selected on install not propogating to admin account.
-- Added msgctx context to JS translation functions, for feature parity with t().
-- Profiles' .install files now available during hook_install_tasks().
-- Added test coverage of 7.0 -> 7.x upgrade path.
-- Numerous notice fixes.
-- Numerous documentation improvements.
-- Additional automated test coverage.
-
-Drupal 7.9, 2011-10-26
-----------------------
-- Critical fixes to OpenID to spec violations that could allow for
- impersonation in certain scenarios. Existing OpenID users should see
- http://drupal.org/node/1120290#comment-5092796 for more information on
- transitioning.
-- Fixed files getting lost when adding multiple files to multiple file fields
- at the same time.
-- Improved usability of the clean URL test screens.
-- Restored height/width attributes on images run through the theme system.
-- Fixed usability bug with first password field being pre-filled by certain
- browser plugins.
-- Fixed file_usage_list() so that it can return more than one result.
-- Fixed bug preventing preview of private images on node form.
-- Fixed PDO error when inserting an aggregator title longer than 255 characters.
-- Spelled out what TRADITIONAL means in MySQL sql_mode.
-- Deprecated "!=" operator for DBTNG; should be "<>".
-- Added two new API functions (menu_tree_set_path()/menu_tree_get_path()) were
- added in order to enable setting the active menu trail for dynamically
- generated menu paths.
-- Added new "fast 404" capability in settings.php to bypass Drupal bootstrap
- when serving 404 pages for certain file types.
-- Added format_string() function which can perform string munging ala the t()
- function without the overhead of the translation system.
-- Numerous #states system fixes.
-- Numerous EntityFieldQuery, DBTNG, and SQLite fixes.
-- Numerous Shortcut module fixes.
-- Numerous language system fixes.
-- Numerous token fixes.
-- Numerous CSS fixes.
-- Numerous upgrade path fixes.
-- Numerous minor string fixes.
-- Numerous notice fixes.
-
-Drupal 7.8, 2011-08-31
-----------------------
-- Fixed critical upgrade path issue with multilingual sites, leading to lost
- content.
-- Numerous fixes to upgrade path, preventing fatal errors due to incorrect
- dependencies.
-- Fixed issue with saving files on hosts with open_basedir restrictions.
-- Fixed Update manger error when used with Overlay.
-- Fixed RTL support in Seven administration theme and Overlay.
-- Fixes to nested transaction support.
-- Introduced performance pattern to reduce Drupal core's RAM usage.
-- Added support for HTML 5 tags to filter_xss_admin().
-- Added exception handling to cron.
-- Added new hook hook_field_widget_form_alter() for contribtued modules.
-- element_validate_*() functions now available to contrib.
-- Added new maintainers for several subsystems.
-- Numerous testing system improvements.
-- Numerous markup and CSS fixes.
-- Numerous poll module fixes.
-- Numerous notice/warning fixes.
-- Numerous documentation fixes.
-- Numerous token fixes.
-
-Drupal 7.7, 2011-07-27
-----------------------
-- Fixed VERSION string.
-
-Drupal 7.6, 2011-07-27
-----------------------
-- Fixed support for remote streamwrappers.
-- AJAX now binds to 'click' instead of 'mousedown'.
-- 'Translatable' flag on fields created in UI now defaults to FALSE, to match those created via the API.
-- Performance enhancement to permissions page on large numbers of permissions.
-- More secure password generation.
-- Fix for temporary directory on Windows servers.
-- run-tests.sh now uses proc_open() instead of pcntl_fork() for better Windows support.
-- Numerous upgrade path fixes.
-- Numerous documentation fixes.
-- Numerous notice fixes.
-- Numerous fixes to improve PHP 5.4 support.
-- Numerous RTL improvements.
-
-Drupal 7.5, 2011-07-27
-----------------------
-- Fixed security issue (Access bypass), see SA-CORE-2011-003.
-
-Drupal 7.4, 2011-06-29
-----------------------
-- Rolled back patch that caused fatal errors in CTools, Feeds, and other modules using the class registry.
-- Fixed critical bug with saving default images.
-- Fixed fatal errors when uninstalling some modules.
-- Added workaround for MySQL transaction support breaking on DDL statments.
-- Improved page caching with external caching systems.
-- Fix to Batch API, which was terminating too early.
-- Numerous upgrade path fixes.
-- Performance fixes.
-- Additional test coverage.
-- Numerous documentation fixes.
-
-Drupal 7.3, 2011-06-29
-----------------------
-- Fixed security issue (Access bypass), see SA-CORE-2011-002.
-
-Drupal 7.2, 2011-05-25
-----------------------
-- Added a default .gitignore file.
-- Improved PostgreSQL and SQLite support.
-- Numerous critical performance improvements.
-- Numerous critical fixes to the upgrade path.
-- Numerous fixes to language and translation systems.
-- Numerous fixes to AJAX and #states systems.
-- Improvements to the locking system.
-- Numerous documentation fixes.
-- Numerous styling and theme system fixes.
-- Numerous fixes for schema mis-matches between Drupal 6 and 7.
-- Minor internal API clean-ups.
-
-Drupal 7.1, 2011-05-25
-----------------------
-- Fixed security issues (Cross site scripting, File access bypass), see SA-CORE-2011-001.
-
-Drupal 7.0, 2011-01-05
-----------------------
-- Database:
- * Fully rewritten database layer utilizing PHP 5's PDO abstraction layer.
- * Drupal now requires MySQL >= 5.0.15 or PostgreSQL >= 8.3.
- * Added query builders for INSERT, UPDATE, DELETE, MERGE, and SELECT queries.
- * Support for master/slave replication, transactions, multi-insert queries,
- and other features.
- * Added support for the SQLite database engine.
- * Default to InnoDB engine, rather than MyISAM, on MySQL when available.
- This offers increased scalability and data integrity.
-- Security:
- * Protected cron.php -- cron will only run if the proper key is provided.
- * Implemented a pluggable password system and much stronger password hashes
- that are compatible with the Portable PHP password hashing framework.
- * Rate limited login attempts to prevent brute-force password guessing, and
- improved the flood control API to allow variable time windows and
- identifiers for limiting user access to resources.
- * Transformed the "Update status" module into the "Update manager" which
- can securely install or update modules and themes via a web interface.
-- Usability:
- * Added contextual links (a.k.a. local tasks) to page elements, such as
- blocks, nodes, or comments, which allows to perform the most common tasks
- with a single click only.
- * Improved installer requirements check.
- * Improved support for integration of WYSIWYG editors.
- * Implemented drag-and-drop positioning for input format listings.
- * Implemented drag-and-drop positioning for language listing.
- * Implemented drag-and-drop positioning for poll options.
- * Provided descriptions and human-readable names for user permissions.
- * Removed comment controls for users.
- * Removed display order settings for comment module. Comment display
- order can now be customized using the Views module.
- * Removed the 'related terms' feature from taxonomy module since this can
- now be achieved with Field API.
- * Added additional features to the default installation profile, and
- implemented a "slimmed down" profile designed for developers.
- * Added a built-in, automated cron run feature, which is triggered by site
- visitors.
- * Added an administrator role which is assigned all permissions for
- installed modules automatically.
- * Image toolkits are now provided by modules (rather than requiring a
- manual file copy to the includes directory).
- * Added an edit tab to taxonomy term pages.
- * Redesigned password strength validator.
- * Redesigned the add content type screen.
- * Highlight duplicate URL aliases.
- * Renamed "input formats" to "text formats".
- * Moved text format permissions to the main permissions page.
- * Added configurable ability for users to cancel their own accounts.
- * Added "vertical tabs", a reusable interface component that features
- automatic summaries and increases usability.
- * Replaced fieldsets on node edit and add pages with vertical tabs.
-- Performance:
- * Improved performance on uncached page views by loading multiple core
- objects in a single database query.
- * Improved performance for logged-in users by reducing queries for path
- alias lookups.
- * Improved support for HTTP proxies (including reverse proxies), allowing
- anonymous page views to be served entirely from the proxy.
-- Documentation:
- * Hook API documentation now included in Drupal core.
-- News aggregator:
- * Added OPML import functionality for RSS feeds.
- * Optionally, RSS feeds may be configured to not automatically generate feed blocks.
-- Search:
- * Added support for language-aware searches.
-- Aggregator:
- * Introduced architecture that allows pluggable parsers and processors for
- syndicating RSS and Atom feeds.
- * Added options to suspend updating specific feeds and never discard feeds
- items.
-- Testing:
- * Added test framework and tests.
-- Improved time zone support:
- * Drupal now uses PHP's time zone database when rendering dates in local
- time. Site-wide and user-configured time zone offsets have been converted
- to time zone names, e.g. Africa/Abidjan.
- * In some cases the upgrade and install scripts do not choose the preferred
- site default time zone. The automatically-selected time zone can be
- corrected at admin/config/regional/settings.
- * If your site is being upgraded from Drupal 6 and you do not have the
- contributed date or event modules installed, user time zone settings will
- fallback to the system time zone and will have to be reconfigured by each user.
- * User-configured time zones now serve as the default time zone for PHP
- date/time functions.
-- Filter system:
- * Revamped the filter API and text format storage.
- * Added support for default text formats to be assigned on a per-role basis.
- * Refactored the HTML corrector to take advantage of PHP 5 features.
-- User system:
- * Added clean API functions for creating, loading, updating, and deleting
- user roles and permissions.
- * Refactored the "access rules" component of user module: The user module
- now provides a simple interface for blocking single IP addresses. The
- previous functionality in the user module for restricting certain e-mail
- addresses and usernames is now available as a contributed module. Further,
- IP address range blocking is no longer supported and should be implemented
- at the operating system level.
- * Removed per-user themes: Contributed modules with similar functionality
- are available.
-- OpenID:
- * Added support for Gmail and Google Apps for Domain identifiers. Users can
- now login with their user@example.com identifier when example.com is powered
- by Google.
- * Made the OpenID module more pluggable.
-- Added code registry:
- * Using the registry, modules declare their includable files via their .info file,
- allowing Drupal to lazy-load classes and interfaces as needed.
-- Theme system:
- * Removed the Bluemarine, Chameleon and Pushbutton themes. These themes live
- on as contributed themes (http://drupal.org/project/bluemarine,
- http://drupal.org/project/chameleon and http://drupal.org/project/pushbutton).
- * Added Stark theme to make analyzing Drupal's default HTML and CSS easier.
- * Added Seven as the default administration theme.
- * Variable preprocessing of theme hooks prior to template rendering now goes
- through two phases: a 'preprocess' phase and a new 'process' phase. See
- http://api.drupal.org/api/function/theme/7 for details.
- * Theme hooks implemented as functions (rather than as templates) can now
- also have preprocess (and process) functions. See
- http://api.drupal.org/api/function/theme/7 for details.
- * Added Bartik as the default theme.
-- File handling:
- * Files are now first class Drupal objects with file_load(), file_save(),
- and file_validate() functions and corresponding hooks.
- * The file_move(), file_copy() and file_delete() functions now operate on
- file objects and invoke file hooks so that modules are notified and can
- respond to changes.
- * For the occasions when only basic file manipulation are needed--such as
- uploading a site logo--that don't require the overhead of databases and
- hooks, the current unmanaged copy, move and delete operations have been
- preserved but renamed to file_unmanaged_*().
- * Rewrote file handling to use PHP stream wrappers to enable support for
- both public and private files and to support pluggable storage mechanisms
- and access to remote resources (e.g. S3 storage or Flickr photos).
- * The mime_extension_mapping variable has been removed. Modules that need to
- alter the default MIME type extension mappings should implement
- hook_file_mimetype_mapping_alter().
- * Added the hook_file_url_alter() hook, which makes it possible to serve
- files from a CDN.
- * Added a field specifically for uploading files, previously provided by
- the contributed module FileField.
-- Image handling:
- * Improved image handling, including better support for add-on image
- libraries.
- * Added API and interface for creating advanced image thumbnails.
- * Inclusion of additional effects such as rotate and desaturate.
- * Added a field specifically for uploading images, previously provided by
- the contributed module ImageField.
-- Added aliased multi-site support:
- * Added support for mapping domain names to sites directories.
-- Added RDF support:
- * Modules can declare RDF namespaces which are serialized in the tag
- for RDFa support.
- * Modules can specify how their data structure maps to RDF.
- * Added support for RDFa export of nodes, comments, terms, users, etc. and
- their fields.
-- Search engine optimization and web linking:
- * Added a rel="canonical" link on node and comment pages to prevent
- duplicate content indexing by search engines.
- * Added a default rel="shortlink" link on node and comment pages that
- advertises a short link as an alternative URL to third-party services.
- * Meta information is now alterable by all modules before rendering.
-- Field API:
- * Custom data fields may be attached to nodes, users, comments and taxonomy
- terms.
- * Node bodies and teasers are now Field API fields instead of
- being a hard-coded property of node objects.
- * In addition, any other object type may register with Field API
- and allow custom data fields to be attached to itself.
- * Provides most of the features of the former Content Construction
- Kit (CCK) module.
- * Taxonomy terms are now Field API fields that can be added to any fieldable
- object.
-- Installer:
- * Refactored the installer into an API that allows Drupal to be installed
- via a command line script.
-- Page organization
- * Made the help text area a full featured region with blocks.
- * Site mission is replaced with the highlighted content block region and
- separate RSS feed description settings.
- * The footer message setting was removed in favor of custom blocks.
- * Made the main page content a block which can be moved and ordered
- with other blocks in the same region.
- * Blocks can now return structured arrays for later rendering just
- like page callbacks.
-- Translation system
- * The translation system now supports message context (msgctxt).
- * Added support for translatable fields to Field API.
-- JavaScript changes
- * Upgraded the core JavaScript library to jQuery version 1.4.4.
- * Upgraded the jQuery Forms library to 2.52.
- * Added jQuery UI 1.8.7, which allows improvements to Drupal's user
- experience.
-- Better module version support
- * Modules now can specify which version of another module they depend on.
-- Removed modules from core
- * The following modules have been removed from core, because contributed
- modules with similar functionality are available:
- * Blog API module
- * Ping module
- * Throttle module
-- Improved node access control system.
- * All modules may now influence the access to a node at runtime, not just
- the module that defined a node.
- * Users may now be allowed to bypass node access restrictions without giving
- them complete access to the site.
- * Access control affects both published and unpublished nodes.
- * Numerous other improvements to the node access system.
-- Actions system
- * Simplified definitions of actions and triggers.
- * Removed dependency on the combination of hooks and operations. Triggers
- now directly map to module hooks.
-- Task handling
- * Added a queue API to process many or long-running tasks.
- * Added queue API support to cron API.
- * Added a locking framework to coordinate long-running operations across
- requests.
-
-Drupal 6.23-dev, xxxx-xx-xx (development release)
------------------------
-
-Drupal 6.22, 2011-05-25
------------------------
-- Made Drupal 6 work better with IIS and Internet Explorer.
-- Fixed .po file imports to work better with custom textgroups.
-- Improved code documentation at various places.
-- Fixed a variety of other bugs.
-
-Drupal 6.21, 2011-05-25
-----------------------
-- Fixed security issues (Cross site scripting), see SA-CORE-2011-001.
-
-Drupal 6.20, 2010-12-15
-----------------------
-- Fixed a variety of small bugs, improved code documentation.
-
-Drupal 6.19, 2010-08-11
-----------------------
-- Fixed a variety of small bugs, improved code documentation.
-
-Drupal 6.18, 2010-08-11
-----------------------
-- Fixed security issues (OpenID authentication bypass, File download access
- bypass, Comment unpublishing bypass, Actions cross site scripting),
- see SA-CORE-2010-002.
-
-Drupal 6.17, 2010-06-02
-----------------------
-- Improved PostgreSQL compatibility
-- Better PHP 5.3 and PHP 4 compatibility
-- Better browser compatibility of CSS and JS aggregation
-- Improved logging for login failures
-- Fixed an incompatibility with some contributed modules and the locking system
-- Fixed a variety of other bugs.
-
-Drupal 6.16, 2010-03-03
-----------------------
-- Fixed security issues (Installation cross site scripting, Open redirection,
- Locale module cross site scripting, Blocked user session regeneration),
- see SA-CORE-2010-001.
-- Better support for updated jQuery versions.
-- Reduced resource usage of update.module.
-- Fixed several issues relating to support of installation profiles and
- distributions.
-- Added a locking framework to avoid data corruption on long operations.
-- Fixed a variety of other bugs.
-
-Drupal 6.15, 2009-12-16
-----------------------
-- Fixed security issues (Cross site scripting), see SA-CORE-2009-009.
-- Fixed a variety of other bugs.
-
-Drupal 6.14, 2009-09-16
-----------------------
-- Fixed security issues (OpenID association cross site request forgeries,
- OpenID impersonation and File upload), see SA-CORE-2009-008.
-- Changed the system modules page to not run all cache rebuilds; use the
- button on the performance settings page to achieve the same effect.
-- Added support for PHP 5.3.0 out of the box.
-- Fixed a variety of small bugs.
-
-Drupal 6.13, 2009-07-01
-----------------------
-- Fixed security issues (Cross site scripting, Input format access bypass and
- Password leakage in URL), see SA-CORE-2009-007.
-- Fixed a variety of small bugs.
-
-Drupal 6.12, 2009-05-13
-----------------------
-- Fixed security issues (Cross site scripting), see SA-CORE-2009-006.
-- Fixed a variety of small bugs.
-
-Drupal 6.11, 2009-04-29
-----------------------
-- Fixed security issues (Cross site scripting and limited information
- disclosure), see SA-CORE-2009-005
-- Fixed performance issues with the menu router cache, the update
- status cache and improved cache invalidation
-- Fixed a variety of small bugs.
-
-Drupal 6.10, 2009-02-25
-----------------------
-- Fixed a security issue, (Local file inclusion on Windows),
- see SA-CORE-2009-003
-- Fixed node_feed() so custom fields can show up in RSS feeds.
-- Improved PostgreSQL compatibility.
-- Fixed a variety of small bugs.
-
-Drupal 6.9, 2009-01-14
-----------------------
-- Fixed security issues, (Access Bypass, Validation Bypass and Hardening
- against SQL injection), see SA-CORE-2009-001
-- Made HTTP request checking more robust and informative.
-- Fixed HTTP_HOST checking to work again with HTTP 1.0 clients and
- basic shell scripts.
-- Removed t() calls from all schema documentation. Suggested best practice
- changed for contributed modules, see http://drupal.org/node/322731.
-- Fixed a variety of small bugs.
-
-Drupal 6.8, 2008-12-11
-----------------------
-- Removed a previous change incompatible with PHP 5.1.x and lower.
-
-Drupal 6.7, 2008-12-10
-----------------------
-- Fixed security issues, (Cross site request forgery and Cross site scripting), see SA-2008-073
-- Updated robots.txt and .htaccess to match current file use.
-- Fixed a variety of small bugs.
-
-Drupal 6.6, 2008-10-22
-----------------------
-- Fixed security issues, (File inclusion, Cross site scripting), see SA-2008-067
-- Fixed a variety of small bugs.
-
-Drupal 6.5, 2008-10-08
-----------------------
-- Fixed security issues, (File upload access bypass, Access rules bypass,
- BlogAPI access bypass), see SA-2008-060.
-- Fixed a variety of small bugs.
-
-Drupal 6.4, 2008-08-13
-----------------------
-- Fixed a security issue (Cross site scripting, Arbitrary file uploads via
- BlogAPI, Cross site request forgeries and Various Upload module
- vulnerabilities), see SA-2008-047.
-- Improved error messages during installation.
-- Fixed a bug that prevented AHAH handlers to be attached to radios widgets.
-- Fixed a variety of small bugs.
-
-Drupal 6.3, 2008-07-09
-----------------------
-- Fixed security issues, (Cross site scripting, cross site request forgery,
- session fixation and SQL injection), see SA-2008-044.
-- Slightly modified installation process to prevent file ownership issues on
- shared hosts.
-- Improved PostgreSQL compatibility (rewritten queries; custom blocks).
-- Upgraded to jQuery 1.2.6.
-- Performance improvements to search, menu handling and form API caches.
-- Fixed Views compatibility issues (Views for Drupal 6 requires Drupal 6.3+).
-- Fixed a variety of small bugs.
-
-Drupal 6.2, 2008-04-09
-----------------------
-- Fixed a variety of small bugs.
-- Fixed a security issue (Access bypasses), see SA-2008-026.
-
-Drupal 6.1, 2008-02-27
-----------------------
-- Fixed a variety of small bugs.
-- Fixed a security issue (Cross site scripting), see SA-2008-018.
-
-Drupal 6.0, 2008-02-13
-----------------------
-- New, faster and better menu system.
-- New watchdog as a hook functionality.
- * New hook_watchdog that can be implemented by any module to route log
- messages to various destinations.
- * Expands the severity levels from 3 (Error, Warning, Notice) to the 8
- levels defined in RFC 3164.
- * The watchdog module is now called dblog, and is optional, but enabled by
- default in the default installation profile.
- * Extended the database log module so log messages can be filtered.
- * Added syslog module: useful for monitoring large Drupal installations.
-- Added optional e-mail notifications when users are approved, blocked, or
- deleted.
-- Drupal works with error reporting set to E_ALL.
-- Added scripts/drupal.sh to execute Drupal code from the command line. Useful
- to use Drupal as a framework to build command-line tools.
-- Made signature support optional and made it possible to theme signatures.
-- Made it possible to filter the URL aliases on the URL alias administration
- screen.
-- Language system improvements:
- * Support for right to left languages.
- * Language detection based on parts of the URL.
- * Browser based language detection.
- * Made it possible to specify a node's language.
- * Support for translating posts on the site to different languages.
- * Language dependent path aliases.
- * Automatically import translations when adding a new language.
- * JavaScript interface translation.
- * Automatically import a module's translation upon enabling that module.
-- Moved "PHP input filter" to a standalone module so it can be deleted for
- security reasons.
-- Usability:
- * Improved handling of teasers in posts.
- * Added sticky table headers.
- * Check for clean URL support automatically with JavaScript.
- * Removed default/settings.php. Instead the installer will create it from
- default.settings.php.
- * Made it possible to configure your own date formats.
- * Remember anonymous comment posters.
- * Only allow modules and themes to be enabled that have explicitly been
- ported to the correct core API version.
- * Can now specify the minimum PHP version required for a module within the
- .info file.
- * Drupal core no longer requires CREATE TEMPORARY TABLES or LOCK TABLES
- database rights.
- * Dynamically check password strength and confirmation.
- * Refactored poll administration.
- * Implemented drag-and-drop positioning for blocks, menu items, taxonomy
- vocabularies and terms, forums, profile fields, and input format filters.
-- Theme system:
- * Added .info files to themes and made it easier to specify regions and
- features.
- * Added theme registry: modules can directly provide .tpl.php files for
- their themes without having to create theme_ functions.
- * Used the Garland theme for the installation and maintenance pages.
- * Added theme preprocess functions for themes that are templates.
- * Added support for themeable functions in JavaScript.
-- Refactored update.php to a generic batch API to be able to run time-consuming
- operations in multiple subsequent HTTP requests.
-- Installer:
- * Themed the installer with the Garland theme.
- * Added form to provide initial site information during installation.
- * Added ability to provide extra installation steps programmatically.
- * Made it possible to import interface translations during installation.
-- Added the HTML corrector filter:
- * Fixes faulty and chopped off HTML in postings.
- * Tags are now automatically closed at the end of the teaser.
-- Performance:
- * Made it easier to conditionally load .include files and split up many core
- modules.
- * Added a JavaScript aggregator.
- * Added block-level caching, improving performance for both authenticated
- and anonymous users.
- * Made Drupal work correctly when running behind a reverse proxy like
- Squid or Pound.
-- File handling improvements:
- * Entries in the files table are now keyed to a user instead of a node.
- * Added reusable validation functions to check for uploaded file sizes,
- extensions, and image resolution.
- * Added ability to create and remove temporary files during a cron job.
-- Forum improvements:
- * Any node type may now be posted in a forum.
-- Taxonomy improvements:
- * Descriptions for terms are now shown on taxonomy/term pages as well
- as RSS feeds.
- * Added versioning support to categories by associating them with node
- revisions.
-- Added support for OpenID.
-- Added support for triggering configurable actions.
-- Added the Update status module to automatically check for available updates
- and warn sites if they are missing security updates or newer versions.
- Sites deploying from CVS should use http://drupal.org/project/cvs_deploy.
- Advanced settings provided by http://drupal.org/project/update_advanced.
-- Upgraded the core JavaScript library to jQuery version 1.2.3.
-- Added a new Schema API, which provides built-in support for core and
- contributed modules to work with databases other than MySQL.
-- Removed drupal.module. The functionality lives on as the Site network
- contributed module (http://drupal.org/project/site_network).
-- Removed old system updates. Updates from Drupal versions prior to 5.x will
- require upgrading to 5.x before upgrading to 6.x.
-
-Drupal 5.23, 2010-08-11
------------------------
-- Fixed security issues (File download access bypass, Comment unpublishing
- bypass), see SA-CORE-2010-002.
-
-Drupal 5.22, 2010-03-03
------------------------
-- Fixed security issues (Open redirection, Locale module cross site scripting,
- Blocked user session regeneration), see SA-CORE-2010-001.
-
-Drupal 5.21, 2009-12-16
------------------------
-- Fixed a security issue (Cross site scripting), see SA-CORE-2009-009.
-- Fixed a variety of small bugs.
-
-Drupal 5.20, 2009-09-16
------------------------
-- Avoid security problems resulting from writing Drupal 6-style menu
- declarations.
-- Fixed security issues (session fixation), see SA-CORE-2009-008.
-- Fixed a variety of small bugs.
-
-Drupal 5.19, 2009-07-01
------------------------
-- Fixed security issues (Cross site scripting and Password leakage in URL), see
- SA-CORE-2009-007.
-- Fixed a variety of small bugs.
-
-Drupal 5.18, 2009-05-13
------------------------
-- Fixed security issues (Cross site scripting), see SA-CORE-2009-006.
-- Fixed a variety of small bugs.
-
-Drupal 5.17, 2009-04-29
------------------------
-- Fixed security issues (Cross site scripting and limited information
- disclosure) see SA-CORE-2009-005.
-- Fixed a variety of small bugs.
-
-Drupal 5.16, 2009-02-25
------------------------
-- Fixed a security issue, (Local file inclusion on Windows), see SA-CORE-2009-004.
-- Fixed a variety of small bugs.
-
-Drupal 5.15, 2009-01-14
------------------------
-- Fixed security issues, (Hardening against SQL injection), see
- SA-CORE-2009-001
-- Fixed HTTP_HOST checking to work again with HTTP 1.0 clients and basic shell
- scripts.
-- Fixed a variety of small bugs.
-
-Drupal 5.14, 2008-12-11
------------------------
-- removed a previous change incompatible with PHP 5.1.x and lower.
-
-Drupal 5.13, 2008-12-10
------------------------
-- fixed a variety of small bugs.
-- fixed security issues, (Cross site request forgery and Cross site scripting), see SA-2008-073
-- updated robots.txt and .htaccess to match current file use.
-
-Drupal 5.12, 2008-10-22
------------------------
-- fixed security issues, (File inclusion), see SA-2008-067
-
-Drupal 5.11, 2008-10-08
------------------------
-- fixed a variety of small bugs.
-- fixed security issues, (File upload access bypass, Access rules bypass,
- BlogAPI access bypass, Node validation bypass), see SA-2008-060
-
-Drupal 5.10, 2008-08-13
------------------------
-- fixed a variety of small bugs.
-- fixed security issues, (Cross site scripting, Arbitrary file uploads via
- BlogAPI and Cross site request forgery), see SA-2008-047
-
-Drupal 5.9, 2008-07-23
-----------------------
-- fixed a variety of small bugs.
-- fixed security issues, (Session fixation), see SA-2008-046
-
-Drupal 5.8, 2008-07-09
-----------------------
-- fixed a variety of small bugs.
-- fixed security issues, (Cross site scripting, cross site request forgery, and
- session fixation), see SA-2008-044
-
-Drupal 5.7, 2008-01-28
-----------------------
-- fixed the input format configuration page.
-- fixed a variety of small bugs.
-
-Drupal 5.6, 2008-01-10
-----------------------
-- fixed a variety of small bugs.
-- fixed a security issue (Cross site request forgery), see SA-2008-005
-- fixed a security issue (Cross site scripting, UTF8), see SA-2008-006
-- fixed a security issue (Cross site scripting, register_globals), see SA-2008-007
-
-Drupal 5.5, 2007-12-06
-----------------------
-- fixed missing missing brackets in a query in the user module.
-- fixed taxonomy feed bug introduced by SA-2007-031
-
-Drupal 5.4, 2007-12-05
-----------------------
-- fixed a variety of small bugs.
-- fixed a security issue (SQL injection), see SA-2007-031
-
-Drupal 5.3, 2007-10-17
-----------------------
-- fixed a variety of small bugs.
-- fixed a security issue (HTTP response splitting), see SA-2007-024
-- fixed a security issue (Arbitrary code execution via installer), see SA-2007-025
-- fixed a security issue (Cross site scripting via uploads), see SA-2007-026
-- fixed a security issue (User deletion cross site request forgery), see SA-2007-029
-- fixed a security issue (API handling of unpublished comment), see SA-2007-030
-
-Drupal 5.2, 2007-07-26
-----------------------
-- changed hook_link() $teaser argument to match documentation.
-- fixed a variety of small bugs.
-- fixed a security issue (cross-site request forgery), see SA-2007-017
-- fixed a security issue (cross-site scripting), see SA-2007-018
-
-Drupal 5.1, 2007-01-29
-----------------------
-- fixed security issue (code execution), see SA-2007-005
-- fixed a variety of small bugs.
-
-Drupal 5.0, 2007-01-15
-----------------------
-- Completely retooled the administration page
- * /Admin now contains an administration page which may be themed
- * Reorganised administration menu items by task and by module
- * Added a status report page with detailed PHP/MySQL/Drupal information
-- Added web-based installer which can:
- * Check installation and run-time requirements
- * Automatically generate the database configuration file
- * Install pre-made installation profiles or distributions
- * Import the database structure with automatic table prefixing
- * Be localized
-- Added new default Garland theme
-- Added color module to change some themes' color schemes
-- Included the jQuery JavaScript library 1.0.4 and converted all core JavaScript to use it
-- Introduced the ability to alter mail sent from system
-- Module system:
- * Added .info files for module meta-data
- * Added support for module dependencies
- * Improved module installation screen
- * Moved core modules to their own directories
- * Added support for module uninstalling
-- Added support for different cache backends
-- Added support for a generic "sites/all" directory.
-- Usability:
- * Added support for auto-complete forms (AJAX) to user profiles.
- * Made it possible to instantly assign roles to newly created user accounts.
- * Improved configurability of the contact forms.
- * Reorganized the settings pages.
- * Made it easy to investigate popular search terms.
- * Added a 'select all' checkbox and a range select feature to administration tables.
- * Simplified the 'break' tag to split teasers from body.
- * Use proper capitalization for titles, menu items and operations.
-- Integrated urlfilter.module into filter.module
-- Block system:
- * Extended the block visibility settings with a role specific setting.
- * Made it possible to customize all block titles.
-- Poll module:
- * Optionally allow people to inspect all votes.
- * Optionally allow people to cancel their vote.
-- Distributed authentication:
- * Added default server option.
-- Added default robots.txt to control crawlers.
-- Database API:
- * Added db_table_exists().
-- Blogapi module:
- * 'Blogapi new' and 'blogapi edit' nodeapi operations.
-- User module:
- * Added hook_profile_alter().
- * E-mail verification is made optional.
- * Added mass editing and filtering on admin/user/user.
-- PHP Template engine:
- * Add the ability to look for a series of suggested templates.
- * Look for page templates based upon the path.
- * Look for block templates based upon the region, module, and delta.
-- Content system:
- * Made it easier for node access modules to work well with each other.
- * Added configurable content types.
- * Changed node rendering to work with structured arrays.
-- Performance:
- * Improved session handling: reduces database overhead.
- * Improved access checking: reduces database overhead.
- * Made it possible to do memcached based session management.
- * Omit sidebars when serving a '404 - Page not found': saves CPU cycles and bandwidth.
- * Added an 'aggressive' caching policy.
- * Added a CSS aggregator and compressor (up to 40% faster page loads).
-- Removed the archive module.
-- Upgrade system:
- * Created space for update branches.
-- Form API:
- * Made it possible to programmatically submit forms.
- * Improved api for multistep forms.
-- Theme system:
- * Split up and removed drupal.css.
- * Added nested lists generation.
- * Added a self-clearing block class.
-
-Drupal 4.7.11, 2008-01-10
--------------------------
-- fixed a security issue (Cross site request forgery), see SA-2008-005
-- fixed a security issue (Cross site scripting, UTF8), see SA-2008-006
-- fixed a security issue (Cross site scripting, register_globals), see SA-2008-007
-
-Drupal 4.7.10, 2007-12-06
--------------------------
-- fixed taxonomy feed bug introduced by SA-2007-031
-
-Drupal 4.7.9, 2007-12-05
-------------------------
-- fixed a security issue (SQL injection), see SA-2007-031
-
-Drupal 4.7.8, 2007-10-17
-----------------------
-- fixed a security issue (HTTP response splitting), see SA-2007-024
-- fixed a security issue (Cross site scripting via uploads), see SA-2007-026
-- fixed a security issue (API handling of unpublished comment), see SA-2007-030
-
-Drupal 4.7.7, 2007-07-26
-------------------------
-- fixed security issue (XSS), see SA-2007-018
-
-Drupal 4.7.6, 2007-01-29
-------------------------
-- fixed security issue (code execution), see SA-2007-005
-
-Drupal 4.7.5, 2007-01-05
-------------------------
-- Fixed security issue (XSS), see SA-2007-001
-- Fixed security issue (DoS), see SA-2007-002
-
-Drupal 4.7.4, 2006-10-18
-------------------------
-- Fixed security issue (XSS), see SA-2006-024
-- Fixed security issue (CSRF), see SA-2006-025
-- Fixed security issue (Form action attribute injection), see SA-2006-026
-
-Drupal 4.7.3, 2006-08-02
-------------------------
-- Fixed security issue (XSS), see SA-2006-011
-
-Drupal 4.7.2, 2006-06-01
-------------------------
-- Fixed critical upload issue, see SA-2006-007
-- Fixed taxonomy XSS issue, see SA-2006-008
-- Fixed a variety of small bugs.
-
-Drupal 4.7.1, 2006-05-24
-------------------------
-- Fixed critical SQL issue, see SA-2006-005
-- Fixed a serious upgrade related bug.
-- Fixed a variety of small bugs.
-
-Drupal 4.7.0, 2006-05-01
-------------------------
-- Added free tagging support.
-- Added a site-wide contact form.
-- Theme system:
- * Added the PHPTemplate theme engine and removed the Xtemplate engine.
- * Converted the bluemarine theme from XTemplate to PHPTemplate.
- * Converted the pushbutton theme from XTemplate to PHPTemplate.
-- Usability:
- * Reworked the 'request new password' functionality.
- * Reworked the node and comment edit forms.
- * Made it easy to add nodes to the navigation menu.
- * Added site 'offline for maintenance' feature.
- * Added support for auto-complete forms (AJAX).
- * Added support for collapsible page sections (JS).
- * Added support for resizable text fields (JS).
- * Improved file upload functionality (AJAX).
- * Reorganized some settings pages.
- * Added friendly database error screens.
- * Improved styling of update.php.
-- Refactored the forms API.
- * Made it possible to alter, extend or theme forms.
-- Comment system:
- * Added support for "mass comment operations" to ease repetitive tasks.
- * Comment moderation has been removed.
-- Node system:
- * Reworked the revision functionality.
- * Removed the bookmarklet code. Third-party modules can now handle
- This.
-- Upgrade system:
- * Allows contributed modules to plug into the upgrade system.
-- Profiles:
- * Added a block to display author information along with posts.
- * Added support for private profile fields.
-- Statistics module:
- * Added the ability to track page generation times.
- * Made it possible to block certain IPs/hostnames.
-- Block system:
- * Added support for theme-specific block regions.
-- Syndication:
- * Made the aggregator module parse Atom feeds.
- * Made the aggregator generate RSS feeds.
- * Added RSS feed settings.
-- XML-RPC:
- * Replaced the XML-RPC library by a better one.
-- Performance:
- * Added 'loose caching' option for high-traffic sites.
- * Improved performance of path aliasing.
- * Added the ability to track page generation times.
-- Internationalization:
- * Improved Unicode string handling API.
- * Added support for PHP's multibyte string module.
-- Added support for PHP5's 'mysqli' extension.
-- Search module:
- * Made indexer smarter and more robust.
- * Added advanced search operators (e.g. phrase, node type, ...).
- * Added customizable result ranking.
-- PostgreSQL support:
- * Removed dependency on PL/pgSQL procedural language.
-- Menu system:
- * Added support for external URLs.
-- Queue module:
- * Removed from core.
-- HTTP handling:
- * Added support for a tolerant Base URL.
- * Output URIs relative to the root, without a base tag.
-
-Drupal 4.6.11, 2007-01-05
--------------------------
-- Fixed security issue (XSS), see SA-2007-001
-- Fixed security issue (DoS), see SA-2007-002
-
-Drupal 4.6.10, 2006-10-18
-------------------------
-- Fixed security issue (XSS), see SA-2006-024
-- Fixed security issue (CSRF), see SA-2006-025
-- Fixed security issue (Form action attribute injection), see SA-2006-026
-
-Drupal 4.6.9, 2006-08-02
-------------------------
-- Fixed security issue (XSS), see SA-2006-011
-
-Drupal 4.6.8, 2006-06-01
-------------------------
-- Fixed critical upload issue, see SA-2006-007
-- Fixed taxonomy XSS issue, see SA-2006-008
-
-Drupal 4.6.7, 2006-05-24
-------------------------
-- Fixed critical SQL issue, see SA-2006-005
-
-Drupal 4.6.6, 2006-03-13
-------------------------
-- Fixed bugs, including 4 security vulnerabilities.
-
-Drupal 4.6.5, 2005-12-12
-------------------------
-- Fixed bugs: no critical bugs were identified.
-
-Drupal 4.6.4, 2005-11-30
-------------------------
-- Fixed bugs, including 3 security vulnerabilities.
-
-Drupal 4.6.3, 2005-08-15
-------------------------
-- Fixed bugs, including a critical "arbitrary PHP code execution" bug.
-
-Drupal 4.6.2, 2005-06-29
-------------------------
-- Fixed bugs, including two critical "arbitrary PHP code execution" bugs.
-
-Drupal 4.6.1, 2005-06-01
-------------------------
-- Fixed bugs, including a critical input validation bug.
-
-Drupal 4.6.0, 2005-04-15
-------------------------
-- PHP5 compliance
-- Search:
- * Added UTF-8 support to make it work with all languages.
- * Improved search indexing algorithm.
- * Improved search output.
- * Impose a throttle on indexing of large sites.
- * Added search block.
-- Syndication:
- * Made the ping module ping pingomatic.com which, in turn, will ping all the major ping services.
- * Made Drupal generate RSS 2.0 feeds.
- * Made RSS feeds extensible.
- * Added categories to RSS feeds.
- * Added enclosures to RSS feeds.
-- Flood control mechanism:
- * Added a mechanism to throttle certain operations.
-- Usability:
- * Refactored the block configuration pages.
- * Refactored the statistics pages.
- * Refactored the watchdog pages.
- * Refactored the throttle module configuration.
- * Refactored the access rules page.
- * Refactored the content administration page.
- * Introduced forum configuration pages.
- * Added a 'add child page' link to book pages.
-- Contact module:
- * Added a simple contact module that allows users to contact each other using e-mail.
-- Multi-site configuration:
- * Made it possible to run multiple sites from a single code base.
-- Added an image API: enables better image handling.
-- Block system:
- * Extended the block visibility settings.
-- Theme system:
- * Added new theme functions.
-- Database backend:
- * The PEAR database backend is no longer supported.
-- Performance:
- * Improved performance of the forum topics block.
- * Improved performance of the tracker module.
- * Improved performance of the node pages.
-- Documentation:
- * Improved and extended PHPDoc/Doxygen comments.
-
-Drupal 4.5.8, 2006-03-13
-------------------------
-- Fixed bugs, including 3 security vulnerabilities.
-
-Drupal 4.5.7, 2005-12-12
-------------------------
-- Fixed bugs: no critical bugs were identified.
-
-Drupal 4.5.6, 2005-11-30
-------------------------
-- Fixed bugs, including 3 security vulnerabilities.
-
-Drupal 4.5.5, 2005-08-15
-------------------------
-- Fixed bugs, including a critical "arbitrary PHP code execution" bug.
-
-Drupal 4.5.4, 2005-06-29
-------------------------
-- Fixed bugs, including two critical "arbitrary PHP code execution" bugs.
-
-Drupal 4.5.3, 2005-06-01
-------------------------
-- Fixed bugs, including a critical input validation bug.
-
-Drupal 4.5.2, 2005-01-15
-------------------------
-- Fixed bugs: a cross-site scripting (XSS) vulnerability has been fixed.
-
-Drupal 4.5.1, 2004-12-01
-------------------------
-- Fixed bugs: no critical bugs were identified.
-
-Drupal 4.5.0, 2004-10-18
-------------------------
-- Navigation:
- * Made it possible to add, delete, rename and move menu items.
- * Introduced tabs and subtabs for local tasks.
- * Reorganized the navigation menus.
-- User management:
- * Added support for multiple roles per user.
- * Made it possible to add custom profile fields.
- * Made it possible to browse user profiles by field.
-- Node system:
- * Added support for node-level permissions.
-- Comment module:
- * Made it possible to leave contact information without having to register.
-- Upload module:
- * Added support for uploading documents (includes images).
-- Forum module:
- * Added support for sticky forum topics.
- * Made it possible to track forum topics.
-- Syndication:
- * Added support for RSS ping-notifications of http://technorati.com/.
- * Refactored the categorization of syndicated news items.
- * Added an URL alias for 'rss.xml'.
- * Improved date parsing.
-- Database backend:
- * Added support for multiple database connections.
- * The PostgreSQL backend does no longer require PEAR.
-- Theme system:
- * Changed all GIFs to PNGs.
- * Reorganised the handling of themes, template engines, templates and styles.
- * Unified and extended the available theme settings.
- * Added theme screenshots.
-- Blocks:
- * Added 'recent comments' block.
- * Added 'categories' block.
-- Blogger API:
- * Added support for auto-discovery of blogger API via RSD.
-- Performance:
- * Added support for sending gzip compressed pages.
- * Improved performance of the forum module.
-- Accessibility:
- * Improved the accessibility of the archive module's calendar.
- * Improved form handling and error reporting.
- * Added HTTP redirects to prevent submitting twice when refreshing right after a form submission.
-- Refactored 403 (forbidden) handling and added support for custom 403 pages.
-- Documentation:
- * Added PHPDoc/Doxygen comments.
-- Filter system:
- * Added support for using multiple input formats on the site
- * Expanded the embedded PHP-code feature so it can be used everywhere
- * Added support for role-dependent filtering, through input formats
-- UI translation:
- * Managing translations is now completely done through the administration interface
- * Added support for importing/exporting gettext .po files
-
-Drupal 4.4.3, 2005-06-01
-------------------------
-- Fixed bugs, including a critical input validation bug.
-
-Drupal 4.4.2, 2004-07-04
-------------------------
-- Fixed bugs: no critical bugs were identified.
-
-Drupal 4.4.1, 2004-05-01
-------------------------
-- Fixed bugs: no critical bugs were identified.
-
-Drupal 4.4.0, 2004-04-01
-------------------------
-- Added support for the MetaWeblog API and MovableType extensions.
-- Added a file API: enables better document management.
-- Improved the watchdog and search module to log search keys.
-- News aggregator:
- * Added support for conditional GET.
- * Added OPML feed subscription list.
- * Added support for , , , , and .
-- Comment module:
- * Made it possible to disable the "comment viewing controls".
-- Performance:
- * Improved module loading when serving cached pages.
- * Made it possible to automatically disable modules when under heavy load.
- * Made it possible to automatically disable blocks when under heavy load.
- * Improved performance and memory footprint of the locale module.
-- Theme system:
- * Made all theme functions start with 'theme_'.
- * Made all theme functions return their output.
- * Migrated away from using the BaseTheme class.
- * Added many new theme functions and refactored existing theme functions.
- * Added avatar support to 'Xtemplate'.
- * Replaced theme 'UnConeD' by 'Chameleon'.
- * Replaced theme 'Marvin' by 'Pushbutton'.
-- Usability:
- * Added breadcrumb navigation to all pages.
- * Made it possible to add context-sensitive help to all pages.
- * Replaced drop-down menus by radio buttons where appropriate.
- * Removed the 'magic_quotes_gpc = 0' requirement.
- * Added a 'book navigation' block.
-- Accessibility:
- * Made themes degrade gracefully in absence of CSS.
- * Grouped form elements using '' and '' tags.
- * Added '' tags to form elements.
-- Refactored 404 (file not found) handling and added support for custom 404 pages.
-- Improved the filter system to prevent conflicts between filters:
- * Made it possible to change the order in which filters are applied.
-- Documentation:
- * Added PHPDoc/Doxygen comments.
-
-Drupal 4.3.2, 2004-01-01
-------------------------
-- Fixed bugs: no critical bugs were identified.
-
-Drupal 4.3.1, 2003-12-01
-------------------------
-- Fixed bugs: no critical bugs were identified.
-
-Drupal 4.3.0, 2003-11-01
-------------------------
-- Added support for configurable URLs.
-- Added support for sortable table columns.
-- Database backend:
- * Added support for selective database table prefixing.
-- Performance:
- * Optimized many SQL queries for speed by converting left joins to inner joins.
-- Comment module:
- * Rewrote the comment housekeeping code to be much more efficient and scalable.
- * Changed the comment module to use the standard pager.
-- User module:
- * Added support for multiple sessions per user.
- * Added support for anonymous user sessions.
-- Forum module:
- * Improved the forum views and the themability thereof.
-- Book module:
- * Improved integration of non-book nodes in the book outline.
-- Usability:
- * Added support for "mass node operations" to ease repetitive tasks.
- * Added support for breadcrumb navigation to several modules' user pages.
- * Integrated the administration pages with the normal user pages.
-
-Drupal 4.2.0, 2003-08-01
-------------------------
-- Added support for clean URLs.
-- Added textarea hook and support for onload attributes: enables integration of WYSIWYG editors.
-- Rewrote the RSS/RDF parser:
- * It will now use PHP's built-in XML parser to parse news feeds.
-- Rewrote the administration pages:
- * Improved the navigational elements and added breadcrumb navigation.
- * Improved the look and feel.
- * Added context-sensitive help.
-- Database backend:
- * Fixed numerous SQL queries to make Drupal ANSI compliant.
- * Added MSSQL database scheme.
-- Search module:
- * Changed the search module to use implicit AND'ing instead of implicit OR'ing.
-- Node system:
- * Replaced the "post content" permission by more fine-grained permissions.
- * Improved content submission:
- + Improved teasers: teasers are now optional, teaser length can be configured, teaser and body are edited in a single textarea, users will no longer be bothered with teasers when the post is too short for one.
- + Added the ability to preview both the short and the full version of your posts.
- * Extended the node API which allows for better integration.
- * Added default node settings to control the behavior for promotion, moderation and other options.
-- Themes:
- * Replaced theme "Goofy" by "Xtemplate", a template driven theme.
-- Removed the 'register_globals = on' requirement.
-- Added better installation instructions.
-
-Drupal 4.1.0, 2003-02-01
-------------------------
-- Collaboratively revised and expanded the Drupal documentation.
-- Rewrote comment.module:
- * Reintroduced comment rating/moderation.
- * Added support for comment paging.
- * Performance improvements: improved comment caching, faster SQL queries, etc.
-- Rewrote block.module:
- * Performance improvements: blocks are no longer rendered when not displayed.
-- Rewrote forum.module:
- * Added a lot of features one can find in stand-alone forum software including but not limited to support for topic paging, added support for icons, rewrote the statistics module, etc.
-- Rewrote statistics.module:
- * Collects access counts for each node, referrer logs, number of users/guests.
- * Export blocks displaying top viewed nodes over last 24 hour period, top viewed nodes over all time, last nodes viewed, how many users/guest online.
-- Added throttle.module:
- * Auto-throttle congestion control mechanism: Drupal can adapt itself based on the server load.
-- Added profile.module:
- * Enables to extend the user and registration page.
-- Added pager support to the main page.
-- Replaced weblogs.module by ping.module:
- * Added support for normal and RSS notifications of http://blo.gs/.
- * Added support for RSS ping-notifications of http://weblogs.com/.
-- Removed the rating module
-- Themes:
- * Removed a significant portion of hard-coded mark-up.
-
-Drupal 4.0.0, 2002-06-15
-------------------------
-- Added tracker.module:
- * Replaces the previous "your [site]" links (recent comments and nodes).
-- Added weblogs.module:
- * This will ping weblogs.com when new content is promoted.
-- Added taxonomy module which replaces the meta module.
- * Supports relations, hierarchies and synonyms.
-- Added a caching system:
- * Speeds up pages for anonymous users and reduces system load.
-- Added support for external SMTP libraries.
-- Added an archive extension to the calendar.
-- Added support for the Blogger API.
-- Themes:
- * Cleaned up the theme system.
- * Moved themes that are not maintained to contributions CVS repository.
-- Database backend:
- * Changed to PEAR database abstraction layer.
- * Using ANSI SQL queries to be more portable.
-- Rewrote the user system:
- * Added support for Drupal authentication through XML-RPC and through a Jabber server.
- * Added support for modules to add more user data.
- * Users may delete their own account.
- * Added who's new and who's online blocks.
-- Changed block system:
- * Various hard coded blocks are now dynamic.
- * Blocks can now be enabled and/or be set by the user.
- * Blocks can be set to only show up on some pages.
- * Merged box module with block module.
-- Node system:
- * Blogs can be updated.
- * Teasers (abstracts) on all node types.
- * Improved error checking.
- * Content versioning support.
- * Usability improvements.
-- Improved book module to support text, HTML and PHP pages.
-- Improved comment module to mark new comments.
-- Added a general outliner which will let any node type be linked to a book.
-- Added an update script that lets you upgrade from previous releases or on a day to day basis when using the development tree.
-- Search module:
- * Improved the search system by making it context sensitive.
- * Added indexing.
-- Various updates:
- * Changed output to valid XHTML.
- * Improved multiple sites using the same Drupal database support.
- * Added support for session IDs in URLs instead of cookies.
- * Made the type of content on the front page configurable.
- * Made each cloud site have its own settings.
- * Modules and themes can now be enabled/disabled using the administration pages.
- * Added URL abstraction for links.
- * Usability changes (renamed links, better UI, etc).
-- Collaboratively revised and expanded the Drupal documentation.
-
-Drupal 3.0.1, 2001-10-15
-------------------------
-- Various updates:
- * Added missing translations
- * Updated the themes: tidied up some HTML code and added new Drupal logos.
-
-Drupal 3.0.0, 2001-09-15
-------------------------
-- Major overhaul of the entire underlying design:
- * Everything is based on nodes: nodes are a conceptual "black box" to couple and manage different types of content and that promotes reusing existing code, thus reducing the complexity and size of Drupal as well as improving long-term stability.
-- Rewrote submission/moderation queue and renamed it to queue.module.
-- Removed FAQ and documentation module and merged them into a "book module".
-- Removed ban module and integrated it into account.module as "access control":
- * Access control is based on much more powerful regular expressions (regex) now rather than on MySQL pattern matching.
-- Rewrote watchdog and submission throttle:
- * Improved watchdog messages and added watchdog filter.
-- Rewrote headline code and renamed it to import.module and export.module:
- * Added various improvements, including a better parser, bundles and better control over individual feeds.
-- Rewrote section code and renamed it to meta.module:
- * Supports unlimited amount of nested topics. Topics can be nested to create a multi-level hierarchy.
-- Rewrote configuration file resolving:
- * Drupal tries to locate a configuration file that matches your domain name or uses conf.php if the former failed. Note also that the configuration files got renamed from .conf to .php for security's sake on mal-configured Drupal sites.
-- Added caching support which makes Drupal extremely scalable.
-- Added access.module:
- * Allows you to set up 'roles' (groups) and to bind a set of permissions to each group.
-- Added blog.module.
-- Added poll.module.
-- Added system.module:
- * Moved most of the configuration options from hostname.conf to the new administration section.
- * Added support for custom "filters".
-- Added statistics.module
-- Added moderate.module:
- * Allows to assign users editorial/moderator rights to certain nodes or topics.
-- Added page.module:
- * Allows creation of static (and dynamic) pages through the administration interface.
-- Added help.module:
- * Groups all available module documentation on a single page.
-- Added forum.module:
- * Added an integrated forum.
-- Added cvs.module and cvs-to-sql.pl:
- * Allows to display and mail CVS log messages as daily digests.
-- Added book.module:
- * Allows collaborative handbook writing: primary used for Drupal documentation.
-- Removed cron.module and integrated it into conf.module.
-- Removed module.module as it was no longer needed.
-- Various updates:
- * Added "auto-post new submissions" feature versus "moderate new submissions".
- * Introduced links/Drupal tags: [[link]]
- * Added preview functionality when submitting new content (such as a story) from the administration pages.
- * Made the administration section only show those links a user has access to.
- * Made all modules use specific form_* functions to guarantee a rock-solid forms and more consistent layout.
- * Improved scheduler:
- + Content can be scheduled to be 'posted', 'queued' and 'hidden'.
- * Improved account module:
- + Added "access control" to allow/deny certain usernames/e-mail addresses/hostnames.
- * Improved locale module:
- + Added new overview to easy the translation process.
- * Improved comment module:
- + Made it possible to permanently delete comments.
- * Improved rating module
- * Improved story module:
- + Added preview functionality for administrators.
- + Made it possible to permanently delete stories.
- * Improved themes:
- + W3C validation on a best effort basis.
- + Removed $theme->control() from themes.
- + Added theme "goofy".
-- Collaboratively revised and expanded the Drupal documentation.
-
-Drupal 2.0.0, 2001-03-15
-------------------------
-- Rewrote the comment/discussion code:
- * Comment navigation should be less confusing now.
- * Additional/alternative display and order methods have been added.
- * Modules can be extended with a "comment system": modules can embed the existing comment system without having to write their own, duplicate comment system.
-- Added sections and section manager:
- * Story sections can be maintained from the administration pages.
- * Story sections make the open submission more adaptive in that you can set individual post, dump and expiration thresholds for each section according to the story type and urgency level: stories in certain sections do not "expire" and might stay interesting and active as time passes by, whereas news-related stories are only considered "hot" over a short period of time.
-- Multiple vhosts + multiple directories:
- * You can set up multiple Drupal sites on top of the same physical source tree either by using vhosts or sub-directories.
-- Added "user ratings" similar to SlashCode's Karma or Scoop's Mojo:
- * All rating logic is packed into a module to ease experimenting with different rating heuristics/algorithms.
-- Added "search infrastructure":
- * Improved search page and integrated search functionality in the administration pages.
-- Added translation / localization / internationalization support:
- * Because many people would love to see their website showing a lot less of English, and far more of their own language, Drupal provides a framework to set up a multi-lingual website or to overwrite the default English text in English.
-- Added fine-grained user permission (or group) system:
- * Users can be granted access to specific administration sections. Example: a FAQ maintainer can be given access to maintain the FAQ and translators can be given access to the translation pages.
-- Added FAQ module
-- Changed the "open submission queue" into a (optional) module.
-- Various updates:
- * Improved account module:
- + User accounts can be deleted.
- + Added fine-grained permission support.
- * Improved block module
- * Improved diary module:
- + Diary entries can be deleted
- * Improved headline module:
- + Improved parser to support more "generic" RDF/RSS/XML backend.
- * Improved module module
- * Improved watchdog module
- * Improved database abstraction layer
- * Improved themes:
- + W3C validation on a best effort basis
- + Added theme "example" (alias "Stone Age")
- * Added new scripts to directory "scripts"
- * Added directory "misc"
- * Added CREDITS file
-- Revised documentation
-
-Drupal 1.0.0, 2001-01-15
-------------------------
-- Initial release
diff --git a/COPYRIGHT.txt b/COPYRIGHT.txt
deleted file mode 100644
index dc8a855..0000000
--- a/COPYRIGHT.txt
+++ /dev/null
@@ -1,44 +0,0 @@
-All Drupal code is Copyright 2001 - 2013 by the original authors.
-
-This program is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2 of the License, or (at
-your option) any later version.
-
-This program is distributed in the hope that it will be useful, but
-WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
-for more details.
-
-You should have received a copy of the GNU General Public License
-along with this program as the file LICENSE.txt; if not, please see
-http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
-
-Drupal is a registered trademark of Dries Buytaert.
-
-Drupal includes works under other copyright notices and distributed
-according to the terms of the GNU General Public License or a compatible
-license, including:
-
-Javascript
-
- Farbtastic - Copyright (c) 2010 Matt Farina
-
- jQuery - Copyright (c) 2010 John Resig
-
- jQuery BBQ - Copyright (c) 2010 "Cowboy" Ben Alman
-
- jQuery Cookie - Copyright (c) 2006 Klaus Hartl
-
- jQuery Form - Copyright (c) 2010 Mike Alsup
-
- jQuery Once - Copyright (c) 2009 Konstantin K�fer
-
- jQuery UI - Copyright (c) 2010 by the original authors
- (http://jqueryui.com/about)
-
- Sizzle.js - Copyright (c) 2010 The Dojo Foundation (http://sizzlejs.com/)
-
-PHP
-
- ArchiveTar - Copyright (c) 1997 - 2008 Vincent Blavet
diff --git a/INSTALL.mysql.txt b/INSTALL.mysql.txt
deleted file mode 100644
index 95a8734..0000000
--- a/INSTALL.mysql.txt
+++ /dev/null
@@ -1,45 +0,0 @@
-
-CREATE THE MySQL DATABASE
---------------------------
-
-This step is only necessary if you don't already have a database set up (e.g.,
-by your host). In the following examples, 'username' is an example MySQL user
-which has the CREATE and GRANT privileges. Use the appropriate user name for
-your system.
-
-First, you must create a new database for your Drupal site (here, 'databasename'
-is the name of the new database):
-
- mysqladmin -u username -p create databasename
-
-MySQL will prompt for the 'username' database password and then create the
-initial database files. Next you must log in and set the access database rights:
-
- mysql -u username -p
-
-Again, you will be asked for the 'username' database password. At the MySQL
-prompt, enter the following command:
-
- GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER,
- CREATE TEMPORARY TABLES ON databasename.*
- TO 'username'@'localhost' IDENTIFIED BY 'password';
-
-where:
-
- 'databasename' is the name of your database
- 'username' is the username of your MySQL account
- 'localhost' is the web server host where Drupal is installed
- 'password' is the password required for that username
-
-Note: Unless the database user/host combination for your Drupal installation
-has all of the privileges listed above (except possibly CREATE TEMPORARY TABLES,
-which is currently only used by Drupal core automated tests and some
-contributed modules), you will not be able to install or run Drupal.
-
-If successful, MySQL will reply with:
-
- Query OK, 0 rows affected
-
-If the InnoDB storage engine is available, it will be used for all database
-tables. InnoDB provides features over MyISAM such as transaction support,
-row-level locks, and consistent non-locking reads.
diff --git a/INSTALL.pgsql.txt b/INSTALL.pgsql.txt
deleted file mode 100644
index 8fe8043..0000000
--- a/INSTALL.pgsql.txt
+++ /dev/null
@@ -1,44 +0,0 @@
-
-CREATE THE PostgreSQL DATABASE
-------------------------------
-
-Note that the database must be created with UTF-8 (Unicode) encoding.
-
-1. CREATE DATABASE USER
-
- This step is only necessary if you don't already have a user set up (e.g., by
- your host), or want to create a new user for use with Drupal only. The
- following command creates a new user named 'username' and asks for a password
- for that user:
-
- createuser --pwprompt --encrypted --no-createrole --no-createdb username
-
- If there are no errors, then the command was successful.
-
-2. CREATE DRUPAL DATABASE
-
- This step is only necessary if you don't already have a database set up
- (e.g., by your host) or want to create a new database for use with Drupal
- only. The following command creates a new database named 'databasename',
- which is owned by the previously created 'username':
-
- createdb --encoding=UTF8 --owner=username databasename
-
- If there are no errors, then the command was successful.
-
-3. CREATE SCHEMA OR SCHEMAS (Optional advanced step)
-
- Drupal will run across different schemas within your database if you so wish.
- By default, Drupal runs inside the 'public' schema but you can use $db_prefix
- inside settings.php to define a schema for Drupal to run inside of, or
- specify tables that are shared inside of a separate schema. Drupal will not
- create schemas for you. In fact, the user that Drupal runs as should not be
- allowed to do this. You'll need to execute the SQL below as a superuser,
- replace 'username' with the username that Drupal uses to connect to
- PostgreSQL, and replace 'schema_name' with a schema name you wish to use,
- such as 'shared':
-
- CREATE SCHEMA schema_name AUTHORIZATION username;
-
- Do this for as many schemas as you need. See default.settings.php for
- instructions on how to set which tables use which schemas.
diff --git a/INSTALL.sqlite.txt b/INSTALL.sqlite.txt
deleted file mode 100644
index 8e57d60..0000000
--- a/INSTALL.sqlite.txt
+++ /dev/null
@@ -1,31 +0,0 @@
-
-SQLITE REQUIREMENTS
--------------------
-
-To use SQLite with your Drupal installation, the following requirements must be
-met: Server has PHP 5.2 or later with PDO, and the PDO SQLite driver must be
-enabled.
-
-SQLITE DATABASE CREATION
-------------------------
-
-The Drupal installer will create the SQLite database for you. The only
-requirement is that the installer must have write permissions to the directory
-where the database file resides. This directory (not just the database file) also
-has to remain writeable by the web server going forward for SQLite to continue to
-be able to operate.
-
-On the "Database configuration" form in the "Database file" field, you must
-supply the exact path to where you wish your database file to reside. It is
-strongly suggested that you choose a path that is outside of the webroot, yet
-ensure that the directory is writeable by the web server.
-
-If you must place your database file in your webroot, you could try using the
-following in your "Database file" field:
-
- sites/default/files/.ht.sqlite
-
-Note: The .ht in the name will tell Apache to prevent the database from being
-downloaded. Please check that the file is, indeed, protected by your webserver.
-If not, please consult the documentation of your webserver on how to protect a
-file from downloading.
diff --git a/INSTALL.txt b/INSTALL.txt
deleted file mode 100644
index 6f02c05..0000000
--- a/INSTALL.txt
+++ /dev/null
@@ -1,400 +0,0 @@
-
-CONTENTS OF THIS FILE
----------------------
-
- * Requirements and notes
- * Optional server requirements
- * Installation
- * Building and customizing your site
- * Multisite configuration
- * More information
-
-REQUIREMENTS AND NOTES
-----------------------
-
-Drupal requires:
-
-- A web server. Apache (version 2.0 or greater) is recommended.
-- PHP 5.2.4 (or greater) (http://www.php.net/).
-- One of the following databases:
- - MySQL 5.0.15 (or greater) (http://www.mysql.com/).
- - MariaDB 5.1.44 (or greater) (http://mariadb.org/). MariaDB is a fully
- compatible drop-in replacement for MySQL.
- - Percona Server 5.1.70 (or greater) (http://www.percona.com/). Percona
- Server is a backwards-compatible replacement for MySQL.
- - PostgreSQL 8.3 (or greater) (http://www.postgresql.org/).
- - SQLite 3.4.2 (or greater) (http://www.sqlite.org/).
-
-For more detailed information about Drupal requirements, including a list of
-PHP extensions and configurations that are required, see "System requirements"
-(http://drupal.org/requirements) in the Drupal.org online documentation.
-
-For detailed information on how to configure a test server environment using a
-variety of operating systems and web servers, see "Local server setup"
-(http://drupal.org/node/157602) in the Drupal.org online documentation.
-
-Note that all directories mentioned in this document are always relative to the
-directory of your Drupal installation, and commands are meant to be run from
-this directory (except for the initial commands that create that directory).
-
-OPTIONAL SERVER REQUIREMENTS
-----------------------------
-
-- If you want to use Drupal's "Clean URLs" feature on an Apache web server, you
- will need the mod_rewrite module and the ability to use local .htaccess
- files. For Clean URLs support on IIS, see "Clean URLs with IIS"
- (http://drupal.org/node/3854) in the Drupal.org online documentation.
-
-- If you plan to use XML-based services such as RSS aggregation, you will need
- PHP's XML extension. This extension is enabled by default on most PHP
- installations.
-
-- To serve gzip compressed CSS and JS files on an Apache web server, you will
- need the mod_headers module and the ability to use local .htaccess files.
-
-- Some Drupal functionality (e.g., checking whether Drupal and contributed
- modules need updates, RSS aggregation, etc.) require that the web server be
- able to go out to the web and download information. If you want to use this
- functionality, you need to verify that your hosting provider or server
- configuration allows the web server to initiate outbound connections. Most web
- hosting setups allow this.
-
-INSTALLATION
-------------
-
-1. Download and extract Drupal.
-
- You can obtain the latest Drupal release from http://drupal.org -- the files
- are available in .tar.gz and .zip formats and can be extracted using most
- compression tools.
-
- To download and extract the files, on a typical Unix/Linux command line, use
- the following commands (assuming you want version x.y of Drupal in .tar.gz
- format):
-
- wget http://drupal.org/files/projects/drupal-x.y.tar.gz
- tar -zxvf drupal-x.y.tar.gz
-
- This will create a new directory drupal-x.y/ containing all Drupal files and
- directories. Then, to move the contents of that directory into a directory
- within your web server's document root or your public HTML directory,
- continue with this command:
-
- mv drupal-x.y/* drupal-x.y/.htaccess /path/to/your/installation
-
-2. Optionally, download a translation.
-
- By default, Drupal is installed in English, and further languages may be
- installed later. If you prefer to install Drupal in another language
- initially:
-
- - Download a translation file for the correct Drupal version and language
- from the translation server: http://localize.drupal.org/translate/downloads
-
- - Place the file into your installation profile's translations directory.
- For instance, if you are using the Standard installation profile,
- move the .po file into the directory:
-
- profiles/standard/translations/
-
- For detailed instructions, visit http://drupal.org/localize
-
-3. Create the Drupal database.
-
- Because Drupal stores all site information in a database, you must create
- this database in order to install Drupal, and grant Drupal certain database
- privileges (such as the ability to create tables). For details, consult
- INSTALL.mysql.txt, INSTALL.pgsql.txt, or INSTALL.sqlite.txt. You may also
- need to consult your web hosting provider for instructions specific to your
- web host.
-
- Take note of the username, password, database name, and hostname as you
- create the database. You will enter this information during the install.
-
-4. Run the install script.
-
- To run the install script, point your browser to the base URL of your
- website (e.g., http://www.example.com).
-
- You will be guided through several screens to set up the database, add the
- site maintenance account (the first user, also known as user/1), and provide
- basic web site settings.
-
- During installation, several files and directories need to be created, which
- the install script will try to do automatically. However, on some hosting
- environments, manual steps are required, and the install script will tell
- you that it cannot proceed until you fix certain issues. This is normal and
- does not indicate a problem with your server.
-
- The most common steps you may need to perform are:
-
- a. Missing files directory.
-
- The install script will attempt to create a file storage directory in
- the default location at sites/default/files (the location of the files
- directory may be changed after Drupal is installed).
-
- If auto-creation fails, you can make it work by changing permissions on
- the sites/default directory so that the web server can create the files
- directory within it for you. (If you are creating a multisite
- installation, substitute the correct sites directory for sites/default;
- see the Multisite Configuration section of this file, below.)
-
- For example, on a Unix/Linux command line, you can grant everyone
- (including the web server) permission to write to the sites/default
- directory with this command:
-
- chmod a+w sites/default
-
- Be sure to set the permissions back after the installation is finished!
- Sample command:
-
- chmod go-w sites/default
-
- Alternatively, instead of allowing the web server to create the files
- directory for you as described above, you can create it yourself. Sample
- commands from a Unix/Linux command line:
-
- mkdir sites/default/files
- chmod a+w sites/default/files
-
- b. Missing settings file.
-
- Drupal will try to automatically create a settings.php configuration file,
- which is normally in the directory sites/default (to avoid problems when
- upgrading, Drupal is not packaged with this file). If auto-creation fails,
- you will need to create this file yourself, using the file
- sites/default/default.settings.php as a template.
-
- For example, on a Unix/Linux command line, you can make a copy of the
- default.settings.php file with the command:
-
- cp sites/default/default.settings.php sites/default/settings.php
-
- Next, grant write privileges to the file to everyone (including the web
- server) with the command:
-
- chmod a+w sites/default/settings.php
-
- Be sure to set the permissions back after the installation is finished!
- Sample command:
-
- chmod go-w sites/default/settings.php
-
- c. Write permissions after install.
-
- The install script will attempt to write-protect the settings.php file and
- the sites/default directory after saving your configuration. If this
- fails, you will be notified, and you can do it manually. Sample commands
- from a Unix/Linux command line:
-
- chmod go-w sites/default/settings.php
- chmod go-w sites/default
-
-5. Verify that the site is working.
-
- When the install script finishes, you will be logged in with the site
- maintenance account on a "Welcome" page. If the default Drupal theme is not
- displaying properly and links on the page result in "Page Not Found" errors,
- you may be experiencing problems with clean URLs. Visit
- http://drupal.org/getting-started/clean-urls to troubleshoot.
-
-6. Change file system storage settings (optional).
-
- The files directory created in step 4 is the default file system path used to
- store all uploaded files, as well as some temporary files created by
- Drupal. After installation, you can modify the file system path to store
- uploaded files in a different location.
-
- It is not necessary to modify this path, but you may wish to change it if:
-
- - Your site runs multiple Drupal installations from a single codebase (modify
- the file system path of each installation to a different directory so that
- uploads do not overlap between installations).
-
- - Your site runs on a number of web servers behind a load balancer or reverse
- proxy (modify the file system path on each server to point to a shared file
- repository).
-
- - You want to restrict access to uploaded files.
-
- To modify the file system path:
-
- a. Ensure that the new location for the path exists and is writable by the
- web server. For example, to create a new directory named uploads and grant
- write permissions, use the following commands on a Unix/Linux command
- line:
-
- mkdir uploads
- chmod a+w uploads
-
- b. Navigate to Administration > Configuration > Media > File system, and
- enter the desired path. Note that if you want to use private file storage,
- you need to first enter the path for private files and save the
- configuration, and then change the "Default download method" setting and
- save again.
-
- Changing the file system path after files have been uploaded may cause
- unexpected problems on an existing site. If you modify the file system path
- on an existing site, remember to copy all files from the original location
- to the new location.
-
-7. Revoke documentation file permissions (optional).
-
- Some administrators suggest making the documentation files, especially
- CHANGELOG.txt, non-readable so that the exact version of Drupal you are
- running is slightly more difficult to determine. If you wish to implement
- this optional security measure, from a Unix/Linux command line you can use
- the following command:
-
- chmod a-r CHANGELOG.txt
-
- Note that the example only affects CHANGELOG.txt. To completely hide all
- documentation files from public view, repeat this command for each of the
- Drupal documentation files in the installation directory, substituting the
- name of each file for CHANGELOG.txt in the example.
-
- For more information on setting file permissions, see "Modifying Linux,
- Unix, and Mac file permissions" (http://drupal.org/node/202483) or
- "Modifying Windows file permissions" (http://drupal.org/node/202491) in the
- Drupal.org online documentation.
-
-8. Set up independent "cron" maintenance jobs.
-
- Many Drupal modules have tasks that must be run periodically, including the
- Search module (building and updating the index used for keyword searching),
- the Aggregator module (retrieving feeds from other sites), and the System
- module (performing routine maintenance and pruning of database tables). These
- tasks are known as "cron maintenance tasks", named after the Unix/Linux
- "cron" utility.
-
- When you install Drupal, its built-in cron feature is enabled, which
- automatically runs the cron tasks periodically, triggered by people visiting
- pages of your site. You can configure the built-in cron feature by navigating
- to Administration > Configuration > System > Cron.
-
- It is also possible to run the cron tasks independent of site visits; this is
- recommended for most sites. To do this, you will need to set up an automated
- process to visit the page cron.php on your site, which executes the cron
- tasks.
-
- The URL of the cron.php page requires a "cron key" to protect against
- unauthorized access. Your site's cron key is automatically generated during
- installation and is specific to your site. The full URL of the page, with the
- cron key, is available in the "Cron maintenance tasks" section of the Status
- report page at Administration > Reports > Status report.
-
- As an example for how to set up this automated process, you can use the
- crontab utility on Unix/Linux systems. The following crontab line uses the
- wget command to visit the cron.php page, and runs each hour, on the hour:
-
- 0 * * * * wget -O - -q -t 1 http://example.com/cron.php?cron_key=YOURKEY
-
- Replace the text "http://example.com/cron.php?cron_key=YOURKEY" in the
- example with the full URL displayed under "Cron maintenance tasks" on the
- "Status report" page.
-
- More information about cron maintenance tasks is available at
- http://drupal.org/cron, and sample cron shell scripts can be found in the
- scripts/ directory. (Note that these scripts must be customized like the
- above example, to add your site-specific cron key and domain name.)
-
-BUILDING AND CUSTOMIZING YOUR SITE
-----------------------------------
-
-A new installation of Drupal defaults to a very basic configuration. To extend
-your site, you use "modules" and "themes". A module is a plugin that adds
-functionality to Drupal, while a theme changes the look of your site. The core
-of Drupal provides several optional modules and themes, and you can download
-more at http://drupal.org/project/modules and http://drupal.org/project/themes
-
-Do not mix downloaded or custom modules and themes with Drupal's core modules
-and themes. Drupal's modules and themes are located in the top-level modules and
-themes directories, while the modules and themes you add to Drupal are normally
-placed in the sites/all/modules and sites/all/themes directories. If you run a
-multisite installation, you can also place modules and themes in the
-site-specific directories -- see the Multisite Configuration section, below.
-
-Never edit Drupal's core modules and themes; instead, use the hooks available in
-the Drupal API. To modify the behavior of Drupal, develop a module as described
-at http://drupal.org/developing/modules. To modify the look of Drupal, create a
-subtheme as described at http://drupal.org/node/225125, or a completely new
-theme as described at http://drupal.org/documentation/theme
-
-MULTISITE CONFIGURATION
------------------------
-
-A single Drupal installation can host several Drupal-powered sites, each with
-its own individual configuration.
-
-Additional site configurations are created in subdirectories within the 'sites'
-directory. Each subdirectory must have a 'settings.php' file, which specifies
-the configuration settings. The easiest way to create additional sites is to
-copy the 'default' directory and modify the 'settings.php' file as appropriate.
-The new directory name is constructed from the site's URL. The configuration for
-www.example.com could be in 'sites/example.com/settings.php' (note that 'www.'
-should be omitted if users can access your site at http://example.com/).
-
-Sites do not have to have a different domain. You can also use subdomains and
-subdirectories for Drupal sites. For example, example.com, sub.example.com, and
-sub.example.com/site3 can all be defined as independent Drupal sites. The setup
-for a configuration such as this would look like the following:
-
- sites/default/settings.php
- sites/example.com/settings.php
- sites/sub.example.com/settings.php
- sites/sub.example.com.site3/settings.php
-
-When searching for a site configuration (for example www.sub.example.com/site3),
-Drupal will search for configuration files in the following order, using the
-first configuration it finds:
-
- sites/www.sub.example.com.site3/settings.php
- sites/sub.example.com.site3/settings.php
- sites/example.com.site3/settings.php
- sites/www.sub.example.com/settings.php
- sites/sub.example.com/settings.php
- sites/example.com/settings.php
- sites/default/settings.php
-
-If you are installing on a non-standard port, the port number is treated as the
-deepest subdomain. For example: http://www.example.com:8080/ could be loaded
-from sites/8080.www.example.com/. The port number will be removed according to
-the pattern above if no port-specific configuration is found, just like a real
-subdomain.
-
-Each site configuration can have its own site-specific modules and themes in
-addition to those installed in the standard 'modules' and 'themes' directories.
-To use site-specific modules or themes, simply create a 'modules' or 'themes'
-directory within the site configuration directory. For example, if
-sub.example.com has a custom theme and a custom module that should not be
-accessible to other sites, the setup would look like this:
-
- sites/sub.example.com/
- settings.php
- themes/custom_theme
- modules/custom_module
-
-NOTE: for more information about multiple virtual hosts or the configuration
-settings, consult http://drupal.org/getting-started/6/install/multi-site
-
-For more information on configuring Drupal's file system path in a multisite
-configuration, see step 6 above.
-
-MORE INFORMATION
-----------------
-
-- See the Drupal.org online documentation:
- http://drupal.org/documentation
-
-- For a list of security announcements, see the "Security advisories" page at
- http://drupal.org/security (available as an RSS feed). This page also
- describes how to subscribe to these announcements via e-mail.
-
-- For information about the Drupal security process, or to find out how to
- report a potential security issue to the Drupal security team, see the
- "Security team" page at http://drupal.org/security-team
-
-- For information about the wide range of available support options, visit
- http://drupal.org and click on Community and Support in the top or bottom
- navigation.
diff --git a/LICENSE.txt b/LICENSE.txt
deleted file mode 100644
index 94fb846..0000000
--- a/LICENSE.txt
+++ /dev/null
@@ -1,339 +0,0 @@
- GNU GENERAL PUBLIC LICENSE
- Version 2, June 1991
-
- Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
- 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
- Everyone is permitted to copy and distribute verbatim copies
- of this license document, but changing it is not allowed.
-
- Preamble
-
- The licenses for most software are designed to take away your
-freedom to share and change it. By contrast, the GNU General Public
-License is intended to guarantee your freedom to share and change free
-software--to make sure the software is free for all its users. This
-General Public License applies to most of the Free Software
-Foundation's software and to any other program whose authors commit to
-using it. (Some other Free Software Foundation software is covered by
-the GNU Lesser General Public License instead.) You can apply it to
-your programs, too.
-
- When we speak of free software, we are referring to freedom, not
-price. Our General Public Licenses are designed to make sure that you
-have the freedom to distribute copies of free software (and charge for
-this service if you wish), that you receive source code or can get it
-if you want it, that you can change the software or use pieces of it
-in new free programs; and that you know you can do these things.
-
- To protect your rights, we need to make restrictions that forbid
-anyone to deny you these rights or to ask you to surrender the rights.
-These restrictions translate to certain responsibilities for you if you
-distribute copies of the software, or if you modify it.
-
- For example, if you distribute copies of such a program, whether
-gratis or for a fee, you must give the recipients all the rights that
-you have. You must make sure that they, too, receive or can get the
-source code. And you must show them these terms so they know their
-rights.
-
- We protect your rights with two steps: (1) copyright the software, and
-(2) offer you this license which gives you legal permission to copy,
-distribute and/or modify the software.
-
- Also, for each author's protection and ours, we want to make certain
-that everyone understands that there is no warranty for this free
-software. If the software is modified by someone else and passed on, we
-want its recipients to know that what they have is not the original, so
-that any problems introduced by others will not reflect on the original
-authors' reputations.
-
- Finally, any free program is threatened constantly by software
-patents. We wish to avoid the danger that redistributors of a free
-program will individually obtain patent licenses, in effect making the
-program proprietary. To prevent this, we have made it clear that any
-patent must be licensed for everyone's free use or not licensed at all.
-
- The precise terms and conditions for copying, distribution and
-modification follow.
-
- GNU GENERAL PUBLIC LICENSE
- TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
-
- 0. This License applies to any program or other work which contains
-a notice placed by the copyright holder saying it may be distributed
-under the terms of this General Public License. The "Program", below,
-refers to any such program or work, and a "work based on the Program"
-means either the Program or any derivative work under copyright law:
-that is to say, a work containing the Program or a portion of it,
-either verbatim or with modifications and/or translated into another
-language. (Hereinafter, translation is included without limitation in
-the term "modification".) Each licensee is addressed as "you".
-
-Activities other than copying, distribution and modification are not
-covered by this License; they are outside its scope. The act of
-running the Program is not restricted, and the output from the Program
-is covered only if its contents constitute a work based on the
-Program (independent of having been made by running the Program).
-Whether that is true depends on what the Program does.
-
- 1. You may copy and distribute verbatim copies of the Program's
-source code as you receive it, in any medium, provided that you
-conspicuously and appropriately publish on each copy an appropriate
-copyright notice and disclaimer of warranty; keep intact all the
-notices that refer to this License and to the absence of any warranty;
-and give any other recipients of the Program a copy of this License
-along with the Program.
-
-You may charge a fee for the physical act of transferring a copy, and
-you may at your option offer warranty protection in exchange for a fee.
-
- 2. You may modify your copy or copies of the Program or any portion
-of it, thus forming a work based on the Program, and copy and
-distribute such modifications or work under the terms of Section 1
-above, provided that you also meet all of these conditions:
-
- a) You must cause the modified files to carry prominent notices
- stating that you changed the files and the date of any change.
-
- b) You must cause any work that you distribute or publish, that in
- whole or in part contains or is derived from the Program or any
- part thereof, to be licensed as a whole at no charge to all third
- parties under the terms of this License.
-
- c) If the modified program normally reads commands interactively
- when run, you must cause it, when started running for such
- interactive use in the most ordinary way, to print or display an
- announcement including an appropriate copyright notice and a
- notice that there is no warranty (or else, saying that you provide
- a warranty) and that users may redistribute the program under
- these conditions, and telling the user how to view a copy of this
- License. (Exception: if the Program itself is interactive but
- does not normally print such an announcement, your work based on
- the Program is not required to print an announcement.)
-
-These requirements apply to the modified work as a whole. If
-identifiable sections of that work are not derived from the Program,
-and can be reasonably considered independent and separate works in
-themselves, then this License, and its terms, do not apply to those
-sections when you distribute them as separate works. But when you
-distribute the same sections as part of a whole which is a work based
-on the Program, the distribution of the whole must be on the terms of
-this License, whose permissions for other licensees extend to the
-entire whole, and thus to each and every part regardless of who wrote it.
-
-Thus, it is not the intent of this section to claim rights or contest
-your rights to work written entirely by you; rather, the intent is to
-exercise the right to control the distribution of derivative or
-collective works based on the Program.
-
-In addition, mere aggregation of another work not based on the Program
-with the Program (or with a work based on the Program) on a volume of
-a storage or distribution medium does not bring the other work under
-the scope of this License.
-
- 3. You may copy and distribute the Program (or a work based on it,
-under Section 2) in object code or executable form under the terms of
-Sections 1 and 2 above provided that you also do one of the following:
-
- a) Accompany it with the complete corresponding machine-readable
- source code, which must be distributed under the terms of Sections
- 1 and 2 above on a medium customarily used for software interchange; or,
-
- b) Accompany it with a written offer, valid for at least three
- years, to give any third party, for a charge no more than your
- cost of physically performing source distribution, a complete
- machine-readable copy of the corresponding source code, to be
- distributed under the terms of Sections 1 and 2 above on a medium
- customarily used for software interchange; or,
-
- c) Accompany it with the information you received as to the offer
- to distribute corresponding source code. (This alternative is
- allowed only for noncommercial distribution and only if you
- received the program in object code or executable form with such
- an offer, in accord with Subsection b above.)
-
-The source code for a work means the preferred form of the work for
-making modifications to it. For an executable work, complete source
-code means all the source code for all modules it contains, plus any
-associated interface definition files, plus the scripts used to
-control compilation and installation of the executable. However, as a
-special exception, the source code distributed need not include
-anything that is normally distributed (in either source or binary
-form) with the major components (compiler, kernel, and so on) of the
-operating system on which the executable runs, unless that component
-itself accompanies the executable.
-
-If distribution of executable or object code is made by offering
-access to copy from a designated place, then offering equivalent
-access to copy the source code from the same place counts as
-distribution of the source code, even though third parties are not
-compelled to copy the source along with the object code.
-
- 4. You may not copy, modify, sublicense, or distribute the Program
-except as expressly provided under this License. Any attempt
-otherwise to copy, modify, sublicense or distribute the Program is
-void, and will automatically terminate your rights under this License.
-However, parties who have received copies, or rights, from you under
-this License will not have their licenses terminated so long as such
-parties remain in full compliance.
-
- 5. You are not required to accept this License, since you have not
-signed it. However, nothing else grants you permission to modify or
-distribute the Program or its derivative works. These actions are
-prohibited by law if you do not accept this License. Therefore, by
-modifying or distributing the Program (or any work based on the
-Program), you indicate your acceptance of this License to do so, and
-all its terms and conditions for copying, distributing or modifying
-the Program or works based on it.
-
- 6. Each time you redistribute the Program (or any work based on the
-Program), the recipient automatically receives a license from the
-original licensor to copy, distribute or modify the Program subject to
-these terms and conditions. You may not impose any further
-restrictions on the recipients' exercise of the rights granted herein.
-You are not responsible for enforcing compliance by third parties to
-this License.
-
- 7. If, as a consequence of a court judgment or allegation of patent
-infringement or for any other reason (not limited to patent issues),
-conditions are imposed on you (whether by court order, agreement or
-otherwise) that contradict the conditions of this License, they do not
-excuse you from the conditions of this License. If you cannot
-distribute so as to satisfy simultaneously your obligations under this
-License and any other pertinent obligations, then as a consequence you
-may not distribute the Program at all. For example, if a patent
-license would not permit royalty-free redistribution of the Program by
-all those who receive copies directly or indirectly through you, then
-the only way you could satisfy both it and this License would be to
-refrain entirely from distribution of the Program.
-
-If any portion of this section is held invalid or unenforceable under
-any particular circumstance, the balance of the section is intended to
-apply and the section as a whole is intended to apply in other
-circumstances.
-
-It is not the purpose of this section to induce you to infringe any
-patents or other property right claims or to contest validity of any
-such claims; this section has the sole purpose of protecting the
-integrity of the free software distribution system, which is
-implemented by public license practices. Many people have made
-generous contributions to the wide range of software distributed
-through that system in reliance on consistent application of that
-system; it is up to the author/donor to decide if he or she is willing
-to distribute software through any other system and a licensee cannot
-impose that choice.
-
-This section is intended to make thoroughly clear what is believed to
-be a consequence of the rest of this License.
-
- 8. If the distribution and/or use of the Program is restricted in
-certain countries either by patents or by copyrighted interfaces, the
-original copyright holder who places the Program under this License
-may add an explicit geographical distribution limitation excluding
-those countries, so that distribution is permitted only in or among
-countries not thus excluded. In such case, this License incorporates
-the limitation as if written in the body of this License.
-
- 9. The Free Software Foundation may publish revised and/or new versions
-of the General Public License from time to time. Such new versions will
-be similar in spirit to the present version, but may differ in detail to
-address new problems or concerns.
-
-Each version is given a distinguishing version number. If the Program
-specifies a version number of this License which applies to it and "any
-later version", you have the option of following the terms and conditions
-either of that version or of any later version published by the Free
-Software Foundation. If the Program does not specify a version number of
-this License, you may choose any version ever published by the Free Software
-Foundation.
-
- 10. If you wish to incorporate parts of the Program into other free
-programs whose distribution conditions are different, write to the author
-to ask for permission. For software which is copyrighted by the Free
-Software Foundation, write to the Free Software Foundation; we sometimes
-make exceptions for this. Our decision will be guided by the two goals
-of preserving the free status of all derivatives of our free software and
-of promoting the sharing and reuse of software generally.
-
- NO WARRANTY
-
- 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
-FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
-OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
-PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
-OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
-TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
-PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
-REPAIR OR CORRECTION.
-
- 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
-WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
-REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
-INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
-OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
-TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
-YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
-PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
-POSSIBILITY OF SUCH DAMAGES.
-
- END OF TERMS AND CONDITIONS
-
- How to Apply These Terms to Your New Programs
-
- If you develop a new program, and you want it to be of the greatest
-possible use to the public, the best way to achieve this is to make it
-free software which everyone can redistribute and change under these terms.
-
- To do so, attach the following notices to the program. It is safest
-to attach them to the start of each source file to most effectively
-convey the exclusion of warranty; and each file should have at least
-the "copyright" line and a pointer to where the full notice is found.
-
-
- Copyright (C)
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License along
- with this program; if not, write to the Free Software Foundation, Inc.,
- 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
-Also add information on how to contact you by electronic and paper mail.
-
-If the program is interactive, make it output a short notice like this
-when it starts in an interactive mode:
-
- Gnomovision version 69, Copyright (C) year name of author
- Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
- This is free software, and you are welcome to redistribute it
- under certain conditions; type `show c' for details.
-
-The hypothetical commands `show w' and `show c' should show the appropriate
-parts of the General Public License. Of course, the commands you use may
-be called something other than `show w' and `show c'; they could even be
-mouse-clicks or menu items--whatever suits your program.
-
-You should also get your employer (if you work as a programmer) or your
-school, if any, to sign a "copyright disclaimer" for the program, if
-necessary. Here is a sample; alter the names:
-
- Yoyodyne, Inc., hereby disclaims all copyright interest in the program
- `Gnomovision' (which makes passes at compilers) written by James Hacker.
-
- , 1 April 1989
- Ty Coon, President of Vice
-
-This General Public License does not permit incorporating your program into
-proprietary programs. If your program is a subroutine library, you may
-consider it more useful to permit linking proprietary applications with the
-library. If this is what you want to do, use the GNU Lesser General
-Public License instead of this License.
diff --git a/MAINTAINERS.txt b/MAINTAINERS.txt
deleted file mode 100644
index f5cf6f8..0000000
--- a/MAINTAINERS.txt
+++ /dev/null
@@ -1,307 +0,0 @@
-
-Drupal core is built and maintained by the Drupal project community. Everyone is
-encouraged to submit issues and changes (patches) to improve Drupal, and to
-contribute in other ways -- see http://drupal.org/contribute to find out how.
-
-Branch maintainers
-------------------
-
-The Drupal Core branch maintainers oversee the development of Drupal as a whole.
-The branch maintainers for Drupal 7 are:
-
-- Dries Buytaert 'dries' http://drupal.org/user/1
-- Angela Byron 'webchick' http://drupal.org/user/24967
-- David Rothstein 'David_Rothstein' http://drupal.org/user/124982
-
-
-Component maintainers
----------------------
-
-The Drupal Core component maintainers oversee the development of Drupal
-subsystems. See http://drupal.org/contribute/core-maintainers for more
-information on their responsibilities, and to find out how to become a component
-maintainer. Current component maintainers for Drupal 7:
-
-Ajax system
-- Alex Bronstein 'effulgentsia' http://drupal.org/user/78040
-- Earl Miles 'merlinofchaos' http://drupal.org/user/26979
-
-Base system
-- Damien Tournoud 'DamZ' http://drupal.org/user/22211
-- Moshe Weitzman 'moshe weitzman' http://drupal.org/user/23
-
-Batch system
-- Yves Chedemois 'yched' http://drupal.org/user/39567
-
-Cache system
-- Damien Tournoud 'DamZ' http://drupal.org/user/22211
-- Nathaniel Catchpole 'catch' http://drupal.org/user/35733
-
-Cron system
-- Derek Wright 'dww' http://drupal.org/user/46549
-
-Database system
-- Larry Garfield 'Crell' http://drupal.org/user/26398
-
- - MySQL driver
- - Larry Garfield 'Crell' http://drupal.org/user/26398
- - David Strauss 'David Strauss' http://drupal.org/user/93254
-
- - PostgreSQL driver
- - Damien Tournoud 'DamZ' http://drupal.org/user/22211
- - Josh Waihi 'fiasco' http://drupal.org/user/188162
-
- - Sqlite driver
- - Damien Tournoud 'DamZ' http://drupal.org/user/22211
-
-Database update system
-- Ashok Modi 'BTMash' http://drupal.org/user/60422
-
-Entity system
-- Wolfgang Ziegler 'fago' http://drupal.org/user/16747
-- Nathaniel Catchpole 'catch' http://drupal.org/user/35733
-- Franz Heinzmann 'Frando' http://drupal.org/user/21850
-
-File system
-- Andrew Morton 'drewish' http://drupal.org/user/34869
-- Aaron Winborn 'aaron' http://drupal.org/user/33420
-
-Form system
-- Alex Bronstein 'effulgentsia' http://drupal.org/user/78040
-- Wolfgang Ziegler 'fago' http://drupal.org/user/16747
-- Daniel F. Kudwien 'sun' http://drupal.org/user/54136
-- Franz Heinzmann 'Frando' http://drupal.org/user/21850
-
-Image system
-- Andrew Morton 'drewish' http://drupal.org/user/34869
-- Nathan Haug 'quicksketch' http://drupal.org/user/35821
-
-Install system
-- David Rothstein 'David_Rothstein' http://drupal.org/user/124982
-
-JavaScript
-- Théodore Biadala 'nod_' http://drupal.org/user/598310
-- Steve De Jonghe 'seutje' http://drupal.org/user/264148
-- Jesse Renée Beach 'jessebeach' http://drupal.org/user/748566
-
-Language system
-- Francesco Placella 'plach' http://drupal.org/user/183211
-- Daniel F. Kudwien 'sun' http://drupal.org/user/54136
-
-Lock system
-- Damien Tournoud 'DamZ' http://drupal.org/user/22211
-
-Mail system
-- ?
-
-Markup
-- Jacine Luisi 'Jacine' http://drupal.org/user/88931
-- Daniel F. Kudwien 'sun' http://drupal.org/user/54136
-
-Menu system
-- Peter Wolanin 'pwolanin' http://drupal.org/user/49851
-
-Path system
-- Dave Reid 'davereid' http://drupal.org/user/53892
-- Nathaniel Catchpole 'catch' http://drupal.org/user/35733
-
-Render system
-- Moshe Weitzman 'moshe weitzman' http://drupal.org/user/23
-- Alex Bronstein 'effulgentsia' http://drupal.org/user/78040
-- Franz Heinzmann 'Frando' http://drupal.org/user/21850
-
-Theme system
-- Earl Miles 'merlinofchaos' http://drupal.org/user/26979
-- Alex Bronstein 'effulgentsia' http://drupal.org/user/78040
-- Joon Park 'dvessel' http://drupal.org/user/56782
-- John Albin Wilkins 'JohnAlbin' http://drupal.org/user/32095
-
-Token system
-- Dave Reid 'davereid' http://drupal.org/user/53892
-
-XML-RPC system
-- Frederic G. Marand 'fgm' http://drupal.org/user/27985
-
-
-Topic coordinators
-------------------
-
-Accessibility
-- Everett Zufelt 'Everett Zufelt' http://drupal.org/user/406552
-- Brandon Bowersox-Johnson 'bowersox' http://drupal.org/user/186415
-
-Documentation
-- Jennifer Hodgdon 'jhodgdon' http://drupal.org/user/155601
-
-Translations
-- Gerhard Killesreiter 'killes' http://drupal.org/user/83
-
-User experience and usability
-- Roy Scholten 'yoroy' http://drupal.org/user/41502
-- Bojhan Somers 'Bojhan' http://drupal.org/user/87969
-
-Node Access
-- Moshe Weitzman 'moshe weitzman' http://drupal.org/user/23
-- Ken Rickard 'agentrickard' http://drupal.org/user/20975
-- Jess Myrbo 'xjm' http://drupal.org/user/65776
-
-
-Security team
------------------
-
-To report a security issue, see: https://drupal.org/security-team/report-issue
-
-The Drupal security team provides Security Advisories for vulnerabilities,
-assists developers in resolving security issues, and provides security
-documentation. See http://drupal.org/security-team for more information. The
-security team lead is:
-
-- Michael Hess 'mlhess' https://drupal.org/user/102818
-
-
-Module maintainers
-------------------
-
-Aggregator module
-- ?
-
-Block module
-- John Albin Wilkins 'JohnAlbin' http://drupal.org/user/32095
-
-Blog module
-- ?
-
-Book module
-- Peter Wolanin 'pwolanin' http://drupal.org/user/49851
-
-Color module
-- ?
-
-Comment module
-- Nathaniel Catchpole 'catch' http://drupal.org/user/35733
-
-Contact module
-- Dave Reid 'davereid' http://drupal.org/user/53892
-
-Contextual module
-- Daniel F. Kudwien 'sun' http://drupal.org/user/54136
-
-Dashboard module
-- ?
-
-Database logging module
-- Khalid Baheyeldin 'kbahey' http://drupal.org/user/4063
-
-Field module
-- Yves Chedemois 'yched' http://drupal.org/user/39567
-- Barry Jaspan 'bjaspan' http://drupal.org/user/46413
-
-Field UI module
-- Yves Chedemois 'yched' http://drupal.org/user/39567
-
-File module
-- Aaron Winborn 'aaron' http://drupal.org/user/33420
-
-Filter module
-- Daniel F. Kudwien 'sun' http://drupal.org/user/54136
-
-Forum module
-- Lee Rowlands 'larowlan' http://drupal.org/user/395439
-
-Help module
-- ?
-
-Image module
-- Nathan Haug 'quicksketch' http://drupal.org/user/35821
-
-Locale module
-- Gábor Hojtsy 'Gábor Hojtsy' http://drupal.org/user/4166
-
-Menu module
-- ?
-
-Node module
-- Moshe Weitzman 'moshe weitzman' http://drupal.org/user/23
-- David Strauss 'David Strauss' http://drupal.org/user/93254
-
-OpenID module
-- Vojtech Kusy 'wojtha' http://drupal.org/user/56154
-- Christian Schmidt 'c960657' http://drupal.org/user/216078
-- Damien Tournoud 'DamZ' http://drupal.org/user/22211
-
-Overlay module
-- Katherine Senzee 'ksenzee' http://drupal.org/user/139855
-
-Path module
-- Dave Reid 'davereid' http://drupal.org/user/53892
-
-PHP module
-- ?
-
-Poll module
-- Andrei Mateescu 'amateescu' http://drupal.org/user/729614
-
-Profile module
-- ?
-
-RDF module
-- Stéphane Corlosquet 'scor' http://drupal.org/user/52142
-
-Search module
-- Doug Green 'douggreen' http://drupal.org/user/29191
-
-Shortcut module
-- David Rothstein 'David_Rothstein' http://drupal.org/user/124982
-
-Simpletest module
-- Jimmy Berry 'boombatower' http://drupal.org/user/214218
-
-Statistics module
-- Tim Millwood 'timmillwood' http://drupal.org/user/227849
-
-Syslog module
-- Khalid Baheyeldin 'kbahey' http://drupal.org/user/4063
-
-System module
-- ?
-
-Taxonomy module
-- Jess Myrbo 'xjm' http://drupal.org/user/65776
-- Nathaniel Catchpole 'catch' http://drupal.org/user/35733
-- Benjamin Doherty 'bangpound' http://drupal.org/user/100456
-
-Toolbar module
-- ?
-
-Tracker module
-- David Strauss 'David Strauss' http://drupal.org/user/93254
-
-Translation module
-- Francesco Placella 'plach' http://drupal.org/user/183211
-
-Trigger module
-- ?
-
-Update module
-- Derek Wright 'dww' http://drupal.org/user/46549
-
-User module
-- Moshe Weitzman 'moshe weitzman' http://drupal.org/user/23
-- David Strauss 'David Strauss' http://drupal.org/user/93254
-
-
-Theme maintainers
------------------
-
-Bartik theme
-- Jen Simmons 'jensimmons' http://drupal.org/user/140882
-- Jeff Burns 'Jeff Burnz' http://drupal.org/user/61393
-
-Garland theme
-- John Albin Wilkins 'JohnAlbin' http://drupal.org/user/32095
-
-Seven theme
-- Jeff Burns 'Jeff Burnz' http://drupal.org/user/61393
-
-Stark theme
-- John Albin Wilkins 'JohnAlbin' http://drupal.org/user/32095
diff --git a/README.txt b/README.txt
deleted file mode 100644
index 60d3da5..0000000
--- a/README.txt
+++ /dev/null
@@ -1,123 +0,0 @@
-
-CONTENTS OF THIS FILE
----------------------
-
- * About Drupal
- * Configuration and features
- * Installation profiles
- * Appearance
- * Developing for Drupal
-
-ABOUT DRUPAL
-------------
-
-Drupal is an open source content management platform supporting a variety of
-websites ranging from personal weblogs to large community-driven websites. For
-more information, see the Drupal website at http://drupal.org/, and join the
-Drupal community at http://drupal.org/community.
-
-Legal information about Drupal:
- * Know your rights when using Drupal:
- See LICENSE.txt in the same directory as this document.
- * Learn about the Drupal trademark and logo policy:
- http://drupal.com/trademark
-
-CONFIGURATION AND FEATURES
---------------------------
-
-Drupal core (what you get when you download and extract a drupal-x.y.tar.gz or
-drupal-x.y.zip file from http://drupal.org/project/drupal) has what you need to
-get started with your website. It includes several modules (extensions that add
-functionality) for common website features, such as managing content, user
-accounts, image uploading, and search. Core comes with many options that allow
-site-specific configuration. In addition to the core modules, there are
-thousands of contributed modules (for functionality not included with Drupal
-core) available for download.
-
-More about configuration:
- * Install, upgrade, and maintain Drupal:
- See INSTALL.txt and UPGRADE.txt in the same directory as this document.
- * Learn about how to use Drupal to create your site:
- http://drupal.org/documentation
- * Download contributed modules to sites/all/modules to extend Drupal's
- functionality:
- http://drupal.org/project/modules
- * See also: "Developing for Drupal" for writing your own modules, below.
-
-INSTALLATION PROFILES
----------------------
-
-Installation profiles define additional steps (such as enabling modules,
-defining content types, etc.) that run after the base installation provided
-by core when Drupal is first installed. There are two basic installation
-profiles provided with Drupal core.
-
-Installation profiles from the Drupal community modify the installation process
-to provide a website for a specific use case, such as a CMS for media
-publishers, a web-based project tracking tool, or a full-fledged CRM for
-non-profit organizations raising money and accepting donations. They can be
-distributed as bare installation profiles or as "distributions". Distributions
-include Drupal core, the installation profile, and all other required
-extensions, such as contributed and custom modules, themes, and third-party
-libraries. Bare installation profiles require you to download Drupal Core and
-the required extensions separately; place the downloaded profile in the
-/profiles directory before you start the installation process. Note that the
-contents of this directory may be overwritten during updates of Drupal core;
-it is advised to keep code backups or use a version control system.
-
-Additionally, modules and themes may be placed inside subdirectories in a
-specific installation profile such as profiles/your_site_profile/modules and
-profiles/your_site_profile/themes respectively to restrict their usage to only
-sites that were installed with that specific profile.
-
-More about installation profiles and distributions:
- * Read about the difference between installation profiles and distributions:
- http://drupal.org/node/1089736
- * Download contributed installation profiles and distributions:
- http://drupal.org/project/distributions
- * Develop your own installation profile or distribution:
- http://drupal.org/developing/distributions
-
-APPEARANCE
-----------
-
-In Drupal, the appearance of your site is set by the theme (themes are
-extensions that set fonts, colors, and layout). Drupal core comes with several
-themes. More themes are available for download, and you can also create your own
-custom theme.
-
-More about themes:
- * Download contributed themes to sites/all/themes to modify Drupal's
- appearance:
- http://drupal.org/project/themes
- * Develop your own theme:
- http://drupal.org/documentation/theme
-
-DEVELOPING FOR DRUPAL
----------------------
-
-Drupal contains an extensive API that allows you to add to and modify the
-functionality of your site. The API consists of "hooks", which allow modules to
-react to system events and customize Drupal's behavior, and functions that
-standardize common operations such as database queries and form generation. The
-flexible hook architecture means that you should never need to directly modify
-the files that come with Drupal core to achieve the functionality you want;
-instead, functionality modifications take the form of modules.
-
-When you need new functionality for your Drupal site, search for existing
-contributed modules. If you find a module that matches except for a bug or an
-additional needed feature, change the module and contribute your improvements
-back to the project in the form of a "patch". Create new custom modules only
-when nothing existing comes close to what you need.
-
-More about developing:
- * Search for existing contributed modules:
- http://drupal.org/project/modules
- * Contribute a patch:
- http://drupal.org/patch/submit
- * Develop your own module:
- http://drupal.org/developing/modules
- * Follow best practices:
- http://drupal.org/best-practices
- * Refer to the API documentation:
- http://api.drupal.org/api/drupal/7
diff --git a/UPGRADE.txt b/UPGRADE.txt
deleted file mode 100644
index e870ff0..0000000
--- a/UPGRADE.txt
+++ /dev/null
@@ -1,236 +0,0 @@
-INTRODUCTION
-------------
-This document describes how to:
-
- * Update your Drupal site from one minor 7.x version to another minor 7.x
- version; for example, from 7.8 to 7.9, or from 7.6 to 7.10.
-
- * Upgrade your Drupal site's major version from 6.x to 7.x.
-
-First steps and definitions:
-
- * If you are upgrading to Drupal version x.y, then x is known as the major
- version number, and y is known as the minor version number. The download
- file will be named drupal-x.y.tar.gz (or drupal-x.y.zip).
-
- * All directories mentioned in this document are relative to the directory of
- your Drupal installation.
-
- * Make a full backup of all files, directories, and your database(s) before
- starting, and save it outside your Drupal installation directory.
- Instructions may be found at http://drupal.org/upgrade/backing-up-the-db
-
- * It is wise to try an update or upgrade on a test copy of your site before
- applying it to your live site. Even minor updates can cause your site's
- behavior to change.
-
- * Each new release of Drupal has release notes, which explain the changes made
- since the previous version and any special instructions needed to update or
- upgrade to the new version. You can find a link to the release notes for the
- version you are upgrading or updating to on the Drupal project page
- (http://drupal.org/project/drupal).
-
-UPGRADE PROBLEMS
-----------------
-If you encounter errors during this process,
-
- * Note any error messages you see.
-
- * Restore your site to its previous state, using the file and database backups
- you created before you started the upgrade process. Do not attempt to do
- further upgrades on a site that had update problems.
-
- * Consult one of the support options listed on http://drupal.org/support
-
-More in-depth information on upgrading can be found at http://drupal.org/upgrade
-
-MINOR VERSION UPDATES
----------------------
-To update from one minor 7.x version of Drupal to any later 7.x version, after
-following the instructions in the INTRODUCTION section at the top of this file:
-
-1. Log in as a user with the permission "Administer software updates".
-
-2. Go to Administration > Configuration > Development > Maintenance mode.
- Enable the "Put site into maintenance mode" checkbox and save the
- configuration.
-
-3. Remove all old core files and directories, except for the 'sites' directory
- and any custom files you added elsewhere.
-
- If you made modifications to files like .htaccess or robots.txt, you will
- need to re-apply them from your backup, after the new files are in place.
-
- Sometimes an update includes changes to default.settings.php (this will be
- noted in the release notes). If that's the case, follow these steps:
-
- - Make a backup copy of your settings.php file, with a different file name.
-
- - Make a copy of the new default.settings.php file, and name the copy
- settings.php (overwriting your previous settings.php file).
-
- - Copy the custom and site-specific entries from the backup you made into the
- new settings.php file. You will definitely need the lines giving the
- database information, and you will also want to copy in any other
- customizations you have added.
-
-4. Download the latest Drupal 7.x release from http://drupal.org to a
- directory outside of your web root. Extract the archive and copy the files
- into your Drupal directory.
-
- On a typical Unix/Linux command line, use the following commands to download
- and extract:
-
- wget http://drupal.org/files/projects/drupal-x.y.tar.gz
- tar -zxvf drupal-x.y.tar.gz
-
- This creates a new directory drupal-x.y/ containing all Drupal files and
- directories. Copy the files into your Drupal installation directory:
-
- cp -R drupal-x.y/* drupal-x.y/.htaccess /path/to/your/installation
-
- If you do not have command line access to your server, download the archive
- from http://drupal.org using your web browser, extract it, and then use an
- FTP client to upload the files to your web root.
-
-5. Re-apply any modifications to files such as .htaccess or robots.txt.
-
-6. Run update.php by visiting http://www.example.com/update.php (replace
- www.example.com with your domain name). This will update the core database
- tables.
-
- If you are unable to access update.php do the following:
-
- - Open settings.php with a text editor.
-
- - Find the line that says:
- $update_free_access = FALSE;
-
- - Change it into:
- $update_free_access = TRUE;
-
- - Once the upgrade is done, $update_free_access must be reverted to FALSE.
-
-7. Go to Administration > Reports > Status report. Verify that everything is
- working as expected.
-
-8. Ensure that $update_free_access is FALSE in settings.php.
-
-9. Go to Administration > Configuration > Development > Maintenance mode.
- Disable the "Put site into maintenance mode" checkbox and save the
- configuration.
-
-MAJOR VERSION UPGRADE
----------------------
-To upgrade from a previous major version of Drupal to Drupal 7.x, after
-following the instructions in the INTRODUCTION section at the top of this file:
-
-1. Check on the Drupal 7 status of your contributed and custom modules and
- themes. See http://drupal.org/node/948216 for information on upgrading
- contributed modules and themes. See http://drupal.org/node/895314 for a list
- of modules that have been moved into core for Drupal 7, and instructions on
- how to update them. See http://drupal.org/update/modules for information on
- how to update your custom modules, and http://drupal.org/update/theme for
- custom themes.
-
- You may decide at this point that you cannot upgrade your site, because
- needed modules or themes are not ready for Drupal 7.
-
-2. Update to the latest available version of Drupal 6.x (if your current version
- is Drupal 5.x, you have to upgrade to 6.x first). If you need to update,
- download Drupal 6.x and follow the instructions in its UPGRADE.txt. This
- document only applies for upgrades from 6.x to 7.x.
-
-3. In addition to updating to the latest available version of Drupal 6.x core,
- you must also upgrade all of your contributed modules for Drupal to their
- latest Drupal 6.x versions.
-
-4. Log in as user ID 1 (the site maintenance user).
-
-5. Go to Administer > Site configuration > Site maintenance. Select
- "Off-line" and save the configuration.
-
-6. Go to Administer > Site building > Themes. Enable "Garland" and select it as
- the default theme.
-
-7. Go to Administer > Site building > Modules. Disable all modules that are not
- listed under "Core - required" or "Core - optional". It is possible that some
- modules cannot be disabled, because others depend on them. Repeat this step
- until all non-core modules are disabled.
-
- If you know that you will not re-enable some modules for Drupal 7.x and you
- no longer need their data, then you can uninstall them under the Uninstall
- tab after disabling them.
-
-8. On the command line or in your FTP client, remove the file
-
- sites/default/default.settings.php
-
-9. Remove all old core files and directories, except for the 'sites' directory
- and any custom files you added elsewhere.
-
- If you made modifications to files like .htaccess or robots.txt, you will
- need to re-apply them from your backup, after the new files are in place.
-
-10. If you uninstalled any modules, remove them from the sites/all/modules and
- other sites/*/modules directories. Leave other modules in place, even though
- they are incompatible with Drupal 7.x.
-
-11. Download the latest Drupal 7.x release from http://drupal.org to a
- directory outside of your web root. Extract the archive and copy the files
- into your Drupal directory.
-
- On a typical Unix/Linux command line, use the following commands to download
- and extract:
-
- wget http://drupal.org/files/projects/drupal-x.y.tar.gz
- tar -zxvf drupal-x.y.tar.gz
-
- This creates a new directory drupal-x.y/ containing all Drupal files and
- directories. Copy the files into your Drupal installation directory:
-
- cp -R drupal-x.y/* drupal-x.y/.htaccess /path/to/your/installation
-
- If you do not have command line access to your server, download the archive
- from http://drupal.org using your web browser, extract it, and then use an
- FTP client to upload the files to your web root.
-
-12. Re-apply any modifications to files such as .htaccess or robots.txt.
-
-13. Make your settings.php file writeable, so that the update process can
- convert it to the format of Drupal 7.x. settings.php is usually located in
-
- sites/default/settings.php
-
-14. Run update.php by visiting http://www.example.com/update.php (replace
- www.example.com with your domain name). This will update the core database
- tables.
-
- If you are unable to access update.php do the following:
-
- - Open settings.php with a text editor.
-
- - Find the line that says:
- $update_free_access = FALSE;
-
- - Change it into:
- $update_free_access = TRUE;
-
- - Once the upgrade is done, $update_free_access must be reverted to FALSE.
-
-15. Backup your database after the core upgrade has run.
-
-16. Replace and update your non-core modules and themes, following the
- procedures at http://drupal.org/node/948216
-
-17. Go to Administration > Reports > Status report. Verify that everything is
- working as expected.
-
-18. Ensure that $update_free_access is FALSE in settings.php.
-
-19. Go to Administration > Configuration > Development > Maintenance mode.
- Disable the "Put site into maintenance mode" checkbox and save the
- configuration.
-
-To get started with Drupal 7 administration, visit
-http://drupal.org/getting-started/7/admin
diff --git a/authorize.php b/authorize.php
deleted file mode 100644
index 3ea2b20..0000000
--- a/authorize.php
+++ /dev/null
@@ -1,174 +0,0 @@
- $results['messages']));
-
- $links = array();
- if (is_array($results['tasks'])) {
- $links += $results['tasks'];
- }
- else {
- $links = array_merge($links, array(
- l(t('Administration pages'), 'admin'),
- l(t('Front page'), ''),
- ));
- }
-
- $output .= theme('item_list', array('items' => $links, 'title' => t('Next steps')));
- }
- // If a batch is running, let it run.
- elseif (isset($_GET['batch'])) {
- $output = _batch_page();
- }
- else {
- if (empty($_SESSION['authorize_operation']) || empty($_SESSION['authorize_filetransfer_info'])) {
- $output = t('It appears you have reached this page in error.');
- }
- elseif (!$batch = batch_get()) {
- // We have a batch to process, show the filetransfer form.
- $elements = drupal_get_form('authorize_filetransfer_form');
- $output = drupal_render($elements);
- }
- }
- // We defer the display of messages until all operations are done.
- $show_messages = !(($batch = batch_get()) && isset($batch['running']));
-}
-else {
- $output = authorize_access_denied_page();
-}
-
-if (!empty($output)) {
- print theme('update_page', array('content' => $output, 'show_messages' => $show_messages));
-}
diff --git a/cron.php b/cron.php
deleted file mode 100644
index c6ce531..0000000
--- a/cron.php
+++ /dev/null
@@ -1,26 +0,0 @@
- variable_get('actions_max_stack', 35)) {
- watchdog('actions', 'Stack overflow: too many calls to actions_do(). Aborting to prevent infinite recursion.', array(), WATCHDOG_ERROR);
- return;
- }
- $actions = array();
- $available_actions = actions_list();
- $actions_result = array();
- if (is_array($action_ids)) {
- $conditions = array();
- foreach ($action_ids as $action_id) {
- if (is_numeric($action_id)) {
- $conditions[] = $action_id;
- }
- elseif (isset($available_actions[$action_id])) {
- $actions[$action_id] = $available_actions[$action_id];
- }
- }
-
- // When we have action instances we must go to the database to retrieve
- // instance data.
- if (!empty($conditions)) {
- $query = db_select('actions');
- $query->addField('actions', 'aid');
- $query->addField('actions', 'type');
- $query->addField('actions', 'callback');
- $query->addField('actions', 'parameters');
- $query->condition('aid', $conditions, 'IN');
- $result = $query->execute();
- foreach ($result as $action) {
- $actions[$action->aid] = $action->parameters ? unserialize($action->parameters) : array();
- $actions[$action->aid]['callback'] = $action->callback;
- $actions[$action->aid]['type'] = $action->type;
- }
- }
-
- // Fire actions, in no particular order.
- foreach ($actions as $action_id => $params) {
- // Configurable actions need parameters.
- if (is_numeric($action_id)) {
- $function = $params['callback'];
- if (function_exists($function)) {
- $context = array_merge($context, $params);
- $actions_result[$action_id] = $function($object, $context, $a1, $a2);
- }
- else {
- $actions_result[$action_id] = FALSE;
- }
- }
- // Singleton action; $action_id is the function name.
- else {
- $actions_result[$action_id] = $action_id($object, $context, $a1, $a2);
- }
- }
- }
- // Optimized execution of a single action.
- else {
- // If it's a configurable action, retrieve stored parameters.
- if (is_numeric($action_ids)) {
- $action = db_query("SELECT callback, parameters FROM {actions} WHERE aid = :aid", array(':aid' => $action_ids))->fetchObject();
- $function = $action->callback;
- if (function_exists($function)) {
- $context = array_merge($context, unserialize($action->parameters));
- $actions_result[$action_ids] = $function($object, $context, $a1, $a2);
- }
- else {
- $actions_result[$action_ids] = FALSE;
- }
- }
- // Singleton action; $action_ids is the function name.
- else {
- if (function_exists($action_ids)) {
- $actions_result[$action_ids] = $action_ids($object, $context, $a1, $a2);
- }
- else {
- // Set to avoid undefined index error messages later.
- $actions_result[$action_ids] = FALSE;
- }
- }
- }
- $stack--;
- return $actions_result;
-}
-
-/**
- * Discovers all available actions by invoking hook_action_info().
- *
- * This function contrasts with actions_get_all_actions(); see the
- * documentation of actions_get_all_actions() for an explanation.
- *
- * @param $reset
- * Reset the action info static cache.
- *
- * @return
- * An associative array keyed on action function name, with the same format
- * as the return value of hook_action_info(), containing all
- * modules' hook_action_info() return values as modified by any
- * hook_action_info_alter() implementations.
- *
- * @see hook_action_info()
- */
-function actions_list($reset = FALSE) {
- $actions = &drupal_static(__FUNCTION__);
- if (!isset($actions) || $reset) {
- $actions = module_invoke_all('action_info');
- drupal_alter('action_info', $actions);
- }
-
- // See module_implements() for an explanation of this cast.
- return (array) $actions;
-}
-
-/**
- * Retrieves all action instances from the database.
- *
- * This function differs from the actions_list() function, which gathers
- * actions by invoking hook_action_info(). The actions returned by this
- * function and the actions returned by actions_list() are partially
- * synchronized. Non-configurable actions from hook_action_info()
- * implementations are put into the database when actions_synchronize() is
- * called, which happens when admin/config/system/actions is visited.
- * Configurable actions are not added to the database until they are configured
- * in the user interface, in which case a database row is created for each
- * configuration of each action.
- *
- * @return
- * Associative array keyed by numeric action ID. Each value is an associative
- * array with keys 'callback', 'label', 'type' and 'configurable'.
- */
-function actions_get_all_actions() {
- $actions = db_query("SELECT aid, type, callback, parameters, label FROM {actions}")->fetchAllAssoc('aid', PDO::FETCH_ASSOC);
- foreach ($actions as &$action) {
- $action['configurable'] = (bool) $action['parameters'];
- unset($action['parameters']);
- unset($action['aid']);
- }
- return $actions;
-}
-
-/**
- * Creates an associative array keyed by hashes of function names or IDs.
- *
- * Hashes are used to prevent actual function names from going out into HTML
- * forms and coming back.
- *
- * @param $actions
- * An associative array with function names or action IDs as keys
- * and associative arrays with keys 'label', 'type', etc. as values.
- * This is usually the output of actions_list() or actions_get_all_actions().
- *
- * @return
- * An associative array whose keys are hashes of the input array keys, and
- * whose corresponding values are associative arrays with components
- * 'callback', 'label', 'type', and 'configurable' from the input array.
- */
-function actions_actions_map($actions) {
- $actions_map = array();
- foreach ($actions as $callback => $array) {
- $key = drupal_hash_base64($callback);
- $actions_map[$key]['callback'] = isset($array['callback']) ? $array['callback'] : $callback;
- $actions_map[$key]['label'] = $array['label'];
- $actions_map[$key]['type'] = $array['type'];
- $actions_map[$key]['configurable'] = $array['configurable'];
- }
- return $actions_map;
-}
-
-/**
- * Returns an action array key (function or ID), given its hash.
- *
- * Faster than actions_actions_map() when you only need the function name or ID.
- *
- * @param $hash
- * Hash of a function name or action ID array key. The array key
- * is a key into the return value of actions_list() (array key is the action
- * function name) or actions_get_all_actions() (array key is the action ID).
- *
- * @return
- * The corresponding array key, or FALSE if no match is found.
- */
-function actions_function_lookup($hash) {
- // Check for a function name match.
- $actions_list = actions_list();
- foreach ($actions_list as $function => $array) {
- if (drupal_hash_base64($function) == $hash) {
- return $function;
- }
- }
- $aid = FALSE;
- // Must be a configurable action; check database.
- $result = db_query("SELECT aid FROM {actions} WHERE parameters <> ''")->fetchAll(PDO::FETCH_ASSOC);
- foreach ($result as $row) {
- if (drupal_hash_base64($row['aid']) == $hash) {
- $aid = $row['aid'];
- break;
- }
- }
- return $aid;
-}
-
-/**
- * Synchronizes actions that are provided by modules in hook_action_info().
- *
- * Actions provided by modules in hook_action_info() implementations are
- * synchronized with actions that are stored in the actions database table.
- * This is necessary so that actions that do not require configuration can
- * receive action IDs.
- *
- * @param $delete_orphans
- * If TRUE, any actions that exist in the database but are no longer
- * found in the code (for example, because the module that provides them has
- * been disabled) will be deleted.
- */
-function actions_synchronize($delete_orphans = FALSE) {
- $actions_in_code = actions_list(TRUE);
- $actions_in_db = db_query("SELECT aid, callback, label FROM {actions} WHERE parameters = ''")->fetchAllAssoc('callback', PDO::FETCH_ASSOC);
-
- // Go through all the actions provided by modules.
- foreach ($actions_in_code as $callback => $array) {
- // Ignore configurable actions since their instances get put in when the
- // user adds the action.
- if (!$array['configurable']) {
- // If we already have an action ID for this action, no need to assign aid.
- if (isset($actions_in_db[$callback])) {
- unset($actions_in_db[$callback]);
- }
- else {
- // This is a new singleton that we don't have an aid for; assign one.
- db_insert('actions')
- ->fields(array(
- 'aid' => $callback,
- 'type' => $array['type'],
- 'callback' => $callback,
- 'parameters' => '',
- 'label' => $array['label'],
- ))
- ->execute();
- watchdog('actions', "Action '%action' added.", array('%action' => $array['label']));
- }
- }
- }
-
- // Any actions that we have left in $actions_in_db are orphaned.
- if ($actions_in_db) {
- $orphaned = array_keys($actions_in_db);
-
- if ($delete_orphans) {
- $actions = db_query('SELECT aid, label FROM {actions} WHERE callback IN (:orphaned)', array(':orphaned' => $orphaned))->fetchAll();
- foreach ($actions as $action) {
- actions_delete($action->aid);
- watchdog('actions', "Removed orphaned action '%action' from database.", array('%action' => $action->label));
- }
- }
- else {
- $link = l(t('Remove orphaned actions'), 'admin/config/system/actions/orphan');
- $count = count($actions_in_db);
- $orphans = implode(', ', $orphaned);
- watchdog('actions', '@count orphaned actions (%orphans) exist in the actions table. !link', array('@count' => $count, '%orphans' => $orphans, '!link' => $link), WATCHDOG_INFO);
- }
- }
-}
-
-/**
- * Saves an action and its user-supplied parameter values to the database.
- *
- * @param $function
- * The name of the function to be called when this action is performed.
- * @param $type
- * The type of action, to describe grouping and/or context, e.g., 'node',
- * 'user', 'comment', or 'system'.
- * @param $params
- * An associative array with parameter names as keys and parameter values as
- * values.
- * @param $label
- * A user-supplied label of this particular action, e.g., 'Send e-mail
- * to Jim'.
- * @param $aid
- * The ID of this action. If omitted, a new action is created.
- *
- * @return
- * The ID of the action.
- */
-function actions_save($function, $type, $params, $label, $aid = NULL) {
- // aid is the callback for singleton actions so we need to keep a separate
- // table for numeric aids.
- if (!$aid) {
- $aid = db_next_id();
- }
-
- db_merge('actions')
- ->key(array('aid' => $aid))
- ->fields(array(
- 'callback' => $function,
- 'type' => $type,
- 'parameters' => serialize($params),
- 'label' => $label,
- ))
- ->execute();
-
- watchdog('actions', 'Action %action saved.', array('%action' => $label));
- return $aid;
-}
-
-/**
- * Retrieves a single action from the database.
- *
- * @param $aid
- * The ID of the action to retrieve.
- *
- * @return
- * The appropriate action row from the database as an object.
- */
-function actions_load($aid) {
- return db_query("SELECT aid, type, callback, parameters, label FROM {actions} WHERE aid = :aid", array(':aid' => $aid))->fetchObject();
-}
-
-/**
- * Deletes a single action from the database.
- *
- * @param $aid
- * The ID of the action to delete.
- */
-function actions_delete($aid) {
- db_delete('actions')
- ->condition('aid', $aid)
- ->execute();
- module_invoke_all('actions_delete', $aid);
-}
diff --git a/includes/ajax.inc b/includes/ajax.inc
deleted file mode 100644
index 6e8e277..0000000
--- a/includes/ajax.inc
+++ /dev/null
@@ -1,1282 +0,0 @@
- 'select',
- * '#options' => array(
- * 'one' => 'one',
- * 'two' => 'two',
- * 'three' => 'three',
- * ),
- * '#ajax' => array(
- * 'callback' => 'ajax_example_simplest_callback',
- * 'wrapper' => 'replace_textfield_div',
- * ),
- * );
-
- * // This entire form element will be replaced with an updated value.
- * $form['replace_textfield'] = array(
- * '#type' => 'textfield',
- * '#title' => t("The default value will be changed"),
- * '#description' => t("Say something about why you chose") . "'" .
- * (!empty($form_state['values']['changethis'])
- * ? $form_state['values']['changethis'] : t("Not changed yet")) . "'",
- * '#prefix' => '',
- * '#suffix' => '
',
- * );
- * return $form;
- * }
- *
- * function ajax_example_simplest_callback($form, $form_state) {
- * // The form has already been submitted and updated. We can return the replaced
- * // item as it is.
- * return $form['replace_textfield'];
- * }
- * @endcode
- *
- * In the above example, the 'changethis' element is Ajax-enabled. The default
- * #ajax['event'] is 'change', so when the 'changethis' element changes,
- * an Ajax call is made. The form is submitted and reprocessed, and then the
- * callback is called. In this case, the form has been automatically
- * built changing $form['replace_textfield']['#description'], so the callback
- * just returns that part of the form.
- *
- * To implement Ajax handling in a form, add '#ajax' to the form
- * definition of a field. That field will trigger an Ajax event when it is
- * clicked (or changed, depending on the kind of field). #ajax supports
- * the following parameters (either 'path' or 'callback' is required at least):
- * - #ajax['callback']: The callback to invoke to handle the server side of the
- * Ajax event, which will receive a $form and $form_state as arguments, and
- * returns a renderable array (most often a form or form fragment), an HTML
- * string, or an array of Ajax commands. If returning a renderable array or
- * a string, the value will replace the original element named in
- * #ajax['wrapper'], and
- * theme_status_messages()
- * will be prepended to that
- * element. (If the status messages are not wanted, return an array
- * of Ajax commands instead.)
- * #ajax['wrapper']. If an array of Ajax commands is returned, it will be
- * executed by the calling code.
- * - #ajax['path']: The menu path to use for the request. This is often omitted
- * and the default is used. This path should map
- * to a menu page callback that returns data using ajax_render(). Defaults to
- * 'system/ajax', which invokes ajax_form_callback(), eventually calling
- * the function named in #ajax['callback']. If you use a custom
- * path, you must set up the menu entry and handle the entire callback in your
- * own code.
- * - #ajax['wrapper']: The CSS ID of the area to be replaced by the content
- * returned by the #ajax['callback'] function. The content returned from
- * the callback will replace the entire element named by #ajax['wrapper'].
- * The wrapper is usually created using #prefix and #suffix properties in the
- * form. Note that this is the wrapper ID, not a CSS selector. So to replace
- * the element referred to by the CSS selector #some-selector on the page,
- * use #ajax['wrapper'] = 'some-selector', not '#some-selector'.
- * - #ajax['effect']: The jQuery effect to use when placing the new HTML.
- * Defaults to no effect. Valid options are 'none', 'slide', or 'fade'.
- * - #ajax['speed']: The effect speed to use. Defaults to 'slow'. May be
- * 'slow', 'fast' or a number in milliseconds which represents the length
- * of time the effect should run.
- * - #ajax['event']: The JavaScript event to respond to. This is normally
- * selected automatically for the type of form widget being used, and
- * is only needed if you need to override the default behavior.
- * - #ajax['prevent']: A JavaScript event to prevent when 'event' is triggered.
- * Defaults to 'click' for #ajax on #type 'submit', 'button', and
- * 'image_button'. Multiple events may be specified separated by spaces.
- * For example, when binding #ajax behaviors to form buttons, pressing the
- * ENTER key within a textfield triggers the 'click' event of the form's first
- * submit button. Triggering Ajax in this situation leads to problems, like
- * breaking autocomplete textfields. Because of that, Ajax behaviors are bound
- * to the 'mousedown' event on form buttons by default. However, binding to
- * 'mousedown' rather than 'click' means that it is possible to trigger a
- * click by pressing the mouse, holding the mouse button down until the Ajax
- * request is complete and the button is re-enabled, and then releasing the
- * mouse button. For this case, 'prevent' can be set to 'click', so an
- * additional event handler is bound to prevent such a click from triggering a
- * non-Ajax form submission. This also prevents a textfield's ENTER press
- * triggering a button's non-Ajax form submission behavior.
- * - #ajax['method']: The jQuery method to use to place the new HTML.
- * Defaults to 'replaceWith'. May be: 'replaceWith', 'append', 'prepend',
- * 'before', 'after', or 'html'. See the
- * @link http://api.jquery.com/category/manipulation/ jQuery manipulators documentation @endlink
- * for more information on these methods.
- * - #ajax['progress']: Choose either a throbber or progress bar that is
- * displayed while awaiting a response from the callback, and add an optional
- * message. Possible keys: 'type', 'message', 'url', 'interval'.
- * More information is available in the
- * @link forms_api_reference.html Form API Reference @endlink
- *
- * In addition to using Form API for doing in-form modification, Ajax may be
- * enabled by adding classes to buttons and links. By adding the 'use-ajax'
- * class to a link, the link will be loaded via an Ajax call. When using this
- * method, the href of the link can contain '/nojs/' as part of the path. When
- * the Ajax framework makes the request, it will convert this to '/ajax/'.
- * The server is then able to easily tell if this request was made through an
- * actual Ajax request or in a degraded state, and respond appropriately.
- *
- * Similarly, submit buttons can be given the class 'use-ajax-submit'. The
- * form will then be submitted via Ajax to the path specified in the #action.
- * Like the ajax-submit class above, this path will have '/nojs/' replaced with
- * '/ajax/' so that the submit handler can tell if the form was submitted
- * in a degraded state or not.
- *
- * When responding to Ajax requests, the server should do what it needs to do
- * for that request, then create a commands array. This commands array will
- * be converted to a JSON object and returned to the client, which will then
- * iterate over the array and process it like a macro language.
- *
- * Each command item is an associative array which will be converted to a
- * command object on the JavaScript side. $command_item['command'] is the type
- * of command, e.g. 'alert' or 'replace', and will correspond to a method in the
- * Drupal.ajax[command] space. The command array may contain any other data that
- * the command needs to process, e.g. 'method', 'selector', 'settings', etc.
- *
- * Commands are usually created with a couple of helper functions, so they
- * look like this:
- * @code
- * $commands = array();
- * // Replace the content of '#object-1' on the page with 'some html here'.
- * $commands[] = ajax_command_replace('#object-1', 'some html here');
- * // Add a visual "changed" marker to the '#object-1' element.
- * $commands[] = ajax_command_changed('#object-1');
- * // Menu 'page callback' and #ajax['callback'] functions are supposed to
- * // return render arrays. If returning an Ajax commands array, it must be
- * // encapsulated in a render array structure.
- * return array('#type' => 'ajax', '#commands' => $commands);
- * @endcode
- *
- * When returning an Ajax command array, it is often useful to have
- * status messages rendered along with other tasks in the command array.
- * In that case the Ajax commands array may be constructed like this:
- * @code
- * $commands = array();
- * $commands[] = ajax_command_replace(NULL, $output);
- * $commands[] = ajax_command_prepend(NULL, theme('status_messages'));
- * return array('#type' => 'ajax', '#commands' => $commands);
- * @endcode
- *
- * See @link ajax_commands Ajax framework commands @endlink
- */
-
-/**
- * Renders a commands array into JSON.
- *
- * @param $commands
- * A list of macro commands generated by the use of ajax_command_*()
- * functions.
- */
-function ajax_render($commands = array()) {
- // Ajax responses aren't rendered with html.tpl.php, so we have to call
- // drupal_get_css() and drupal_get_js() here, in order to have new files added
- // during this request to be loaded by the page. We only want to send back
- // files that the page hasn't already loaded, so we implement simple diffing
- // logic using array_diff_key().
- foreach (array('css', 'js') as $type) {
- // It is highly suspicious if $_POST['ajax_page_state'][$type] is empty,
- // since the base page ought to have at least one JS file and one CSS file
- // loaded. It probably indicates an error, and rather than making the page
- // reload all of the files, instead we return no new files.
- if (empty($_POST['ajax_page_state'][$type])) {
- $items[$type] = array();
- }
- else {
- $function = 'drupal_add_' . $type;
- $items[$type] = $function();
- drupal_alter($type, $items[$type]);
- // @todo Inline CSS and JS items are indexed numerically. These can't be
- // reliably diffed with array_diff_key(), since the number can change
- // due to factors unrelated to the inline content, so for now, we strip
- // the inline items from Ajax responses, and can add support for them
- // when drupal_add_css() and drupal_add_js() are changed to use a hash
- // of the inline content as the array key.
- foreach ($items[$type] as $key => $item) {
- if (is_numeric($key)) {
- unset($items[$type][$key]);
- }
- }
- // Ensure that the page doesn't reload what it already has.
- $items[$type] = array_diff_key($items[$type], $_POST['ajax_page_state'][$type]);
- }
- }
-
- // Render the HTML to load these files, and add AJAX commands to insert this
- // HTML in the page. We pass TRUE as the $skip_alter argument to prevent the
- // data from being altered again, as we already altered it above. Settings are
- // handled separately, afterwards.
- if (isset($items['js']['settings'])) {
- unset($items['js']['settings']);
- }
- $styles = drupal_get_css($items['css'], TRUE);
- $scripts_footer = drupal_get_js('footer', $items['js'], TRUE);
- $scripts_header = drupal_get_js('header', $items['js'], TRUE);
-
- $extra_commands = array();
- if (!empty($styles)) {
- $extra_commands[] = ajax_command_add_css($styles);
- }
- if (!empty($scripts_header)) {
- $extra_commands[] = ajax_command_prepend('head', $scripts_header);
- }
- if (!empty($scripts_footer)) {
- $extra_commands[] = ajax_command_append('body', $scripts_footer);
- }
- if (!empty($extra_commands)) {
- $commands = array_merge($extra_commands, $commands);
- }
-
- // Now add a command to merge changes and additions to Drupal.settings.
- $scripts = drupal_add_js();
- if (!empty($scripts['settings'])) {
- $settings = $scripts['settings'];
- array_unshift($commands, ajax_command_settings(drupal_array_merge_deep_array($settings['data']), TRUE));
- }
-
- // Allow modules to alter any Ajax response.
- drupal_alter('ajax_render', $commands);
-
- return drupal_json_encode($commands);
-}
-
-/**
- * Gets a form submitted via #ajax during an Ajax callback.
- *
- * This will load a form from the form cache used during Ajax operations. It
- * pulls the form info from $_POST.
- *
- * @return
- * An array containing the $form, $form_state, $form_id, $form_build_id and an
- * initial list of Ajax $commands. Use the list() function to break these
- * apart:
- * @code
- * list($form, $form_state, $form_id, $form_build_id, $commands) = ajax_get_form();
- * @endcode
- */
-function ajax_get_form() {
- $form_state = form_state_defaults();
-
- $form_build_id = $_POST['form_build_id'];
-
- // Get the form from the cache.
- $form = form_get_cache($form_build_id, $form_state);
- if (!$form) {
- // If $form cannot be loaded from the cache, the form_build_id in $_POST
- // must be invalid, which means that someone performed a POST request onto
- // system/ajax without actually viewing the concerned form in the browser.
- // This is likely a hacking attempt as it never happens under normal
- // circumstances, so we just do nothing.
- watchdog('ajax', 'Invalid form POST data.', array(), WATCHDOG_WARNING);
- drupal_exit();
- }
-
- // When a page level cache is enabled, the form-build id might have been
- // replaced from within form_get_cache. If this is the case, it is also
- // necessary to update it in the browser by issuing an appropriate Ajax
- // command.
- $commands = array();
- if (isset($form['#build_id_old']) && $form['#build_id_old'] != $form['#build_id']) {
- // If the form build ID has changed, issue an Ajax command to update it.
- $commands[] = ajax_command_update_build_id($form);
- $form_build_id = $form['#build_id'];
- }
-
- // Since some of the submit handlers are run, redirects need to be disabled.
- $form_state['no_redirect'] = TRUE;
-
- // When a form is rebuilt after Ajax processing, its #build_id and #action
- // should not change.
- // @see drupal_rebuild_form()
- $form_state['rebuild_info']['copy']['#build_id'] = TRUE;
- $form_state['rebuild_info']['copy']['#action'] = TRUE;
-
- // The form needs to be processed; prepare for that by setting a few internal
- // variables.
- $form_state['input'] = $_POST;
- $form_id = $form['#form_id'];
-
- return array($form, $form_state, $form_id, $form_build_id, $commands);
-}
-
-/**
- * Menu callback; handles Ajax requests for the #ajax Form API property.
- *
- * This rebuilds the form from cache and invokes the defined #ajax['callback']
- * to return an Ajax command structure for JavaScript. In case no 'callback' has
- * been defined, nothing will happen.
- *
- * The Form API #ajax property can be set both for buttons and other input
- * elements.
- *
- * This function is also the canonical example of how to implement
- * #ajax['path']. If processing is required that cannot be accomplished with
- * a callback, re-implement this function and set #ajax['path'] to the
- * enhanced function.
- *
- * @see system_menu()
- */
-function ajax_form_callback() {
- list($form, $form_state, $form_id, $form_build_id, $commands) = ajax_get_form();
- drupal_process_form($form['#form_id'], $form, $form_state);
-
- // We need to return the part of the form (or some other content) that needs
- // to be re-rendered so the browser can update the page with changed content.
- // Since this is the generic menu callback used by many Ajax elements, it is
- // up to the #ajax['callback'] function of the element (may or may not be a
- // button) that triggered the Ajax request to determine what needs to be
- // rendered.
- if (!empty($form_state['triggering_element'])) {
- $callback = $form_state['triggering_element']['#ajax']['callback'];
- }
- if (!empty($callback) && function_exists($callback)) {
- $result = $callback($form, $form_state);
-
- if (!(is_array($result) && isset($result['#type']) && $result['#type'] == 'ajax')) {
- // Turn the response into a #type=ajax array if it isn't one already.
- $result = array(
- '#type' => 'ajax',
- '#commands' => ajax_prepare_response($result),
- );
- }
-
- $result['#commands'] = array_merge($commands, $result['#commands']);
-
- return $result;
- }
-}
-
-/**
- * Theme callback for Ajax requests.
- *
- * Many different pages can invoke an Ajax request to system/ajax or another
- * generic Ajax path. It is almost always desired for an Ajax response to be
- * rendered using the same theme as the base page, because most themes are built
- * with the assumption that they control the entire page, so if the CSS for two
- * themes are both loaded for a given page, they may conflict with each other.
- * For example, Bartik is Drupal's default theme, and Seven is Drupal's default
- * administration theme. Depending on whether the "Use the administration theme
- * when editing or creating content" checkbox is checked, the node edit form may
- * be displayed in either theme, but the Ajax response to the Field module's
- * "Add another item" button should be rendered using the same theme as the rest
- * of the page. Therefore, system_menu() sets the 'theme callback' for
- * 'system/ajax' to this function, and it is recommended that modules
- * implementing other generic Ajax paths do the same.
- *
- * @see system_menu()
- * @see file_menu()
- */
-function ajax_base_page_theme() {
- if (!empty($_POST['ajax_page_state']['theme']) && !empty($_POST['ajax_page_state']['theme_token'])) {
- $theme = $_POST['ajax_page_state']['theme'];
- $token = $_POST['ajax_page_state']['theme_token'];
-
- // Prevent a request forgery from giving a person access to a theme they
- // shouldn't be otherwise allowed to see. However, since everyone is allowed
- // to see the default theme, token validation isn't required for that, and
- // bypassing it allows most use-cases to work even when accessed from the
- // page cache.
- if ($theme === variable_get('theme_default', 'bartik') || drupal_valid_token($token, $theme)) {
- return $theme;
- }
- }
-}
-
-/**
- * Packages and sends the result of a page callback as an Ajax response.
- *
- * This function is the equivalent of drupal_deliver_html_page(), but for Ajax
- * requests. Like that function, it:
- * - Adds needed HTTP headers.
- * - Prints rendered output.
- * - Performs end-of-request tasks.
- *
- * @param $page_callback_result
- * The result of a page callback. Can be one of:
- * - NULL: to indicate no content.
- * - An integer menu status constant: to indicate an error condition.
- * - A string of HTML content.
- * - A renderable array of content.
- *
- * @see drupal_deliver_html_page()
- */
-function ajax_deliver($page_callback_result) {
- // Browsers do not allow JavaScript to read the contents of a user's local
- // files. To work around that, the jQuery Form plugin submits forms containing
- // a file input element to an IFRAME, instead of using XHR. Browsers do not
- // normally expect JSON strings as content within an IFRAME, so the response
- // must be customized accordingly.
- // @see http://malsup.com/jquery/form/#file-upload
- // @see Drupal.ajax.prototype.beforeSend()
- $iframe_upload = !empty($_POST['ajax_iframe_upload']);
-
- // Emit a Content-Type HTTP header if none has been added by the page callback
- // or by a wrapping delivery callback.
- if (is_null(drupal_get_http_header('Content-Type'))) {
- if (!$iframe_upload) {
- // Standard JSON can be returned to a browser's XHR object, and to
- // non-browser user agents.
- // @see http://www.ietf.org/rfc/rfc4627.txt?number=4627
- drupal_add_http_header('Content-Type', 'application/json; charset=utf-8');
- }
- else {
- // Browser IFRAMEs expect HTML. With most other content types, Internet
- // Explorer presents the user with a download prompt.
- drupal_add_http_header('Content-Type', 'text/html; charset=utf-8');
- }
- }
-
- // Print the response.
- $commands = ajax_prepare_response($page_callback_result);
- $json = ajax_render($commands);
- if (!$iframe_upload) {
- // Standard JSON can be returned to a browser's XHR object, and to
- // non-browser user agents.
- print $json;
- }
- else {
- // Browser IFRAMEs expect HTML. Browser extensions, such as Linkification
- // and Skype's Browser Highlighter, convert URLs, phone numbers, etc. into
- // links. This corrupts the JSON response. Protect the integrity of the
- // JSON data by making it the value of a textarea.
- // @see http://malsup.com/jquery/form/#file-upload
- // @see http://drupal.org/node/1009382
- print '';
- }
-
- // Perform end-of-request tasks.
- ajax_footer();
-}
-
-/**
- * Converts the return value of a page callback into an Ajax commands array.
- *
- * @param $page_callback_result
- * The result of a page callback. Can be one of:
- * - NULL: to indicate no content.
- * - An integer menu status constant: to indicate an error condition.
- * - A string of HTML content.
- * - A renderable array of content.
- *
- * @return
- * An Ajax commands array that can be passed to ajax_render().
- */
-function ajax_prepare_response($page_callback_result) {
- $commands = array();
- if (!isset($page_callback_result)) {
- // Simply delivering an empty commands array is sufficient. This results
- // in the Ajax request being completed, but nothing being done to the page.
- }
- elseif (is_int($page_callback_result)) {
- switch ($page_callback_result) {
- case MENU_NOT_FOUND:
- $commands[] = ajax_command_alert(t('The requested page could not be found.'));
- break;
-
- case MENU_ACCESS_DENIED:
- $commands[] = ajax_command_alert(t('You are not authorized to access this page.'));
- break;
-
- case MENU_SITE_OFFLINE:
- $commands[] = ajax_command_alert(filter_xss_admin(variable_get('maintenance_mode_message',
- t('@site is currently under maintenance. We should be back shortly. Thank you for your patience.', array('@site' => variable_get('site_name', 'Drupal'))))));
- break;
- }
- }
- elseif (is_array($page_callback_result) && isset($page_callback_result['#type']) && ($page_callback_result['#type'] == 'ajax')) {
- // Complex Ajax callbacks can return a result that contains an error message
- // or a specific set of commands to send to the browser.
- $page_callback_result += element_info('ajax');
- $error = $page_callback_result['#error'];
- if (isset($error) && $error !== FALSE) {
- if ((empty($error) || $error === TRUE)) {
- $error = t('An error occurred while handling the request: The server received invalid input.');
- }
- $commands[] = ajax_command_alert($error);
- }
- else {
- $commands = $page_callback_result['#commands'];
- }
- }
- else {
- // Like normal page callbacks, simple Ajax callbacks can return HTML
- // content, as a string or render array. This HTML is inserted in some
- // relationship to #ajax['wrapper'], as determined by which jQuery DOM
- // manipulation method is used. The method used is specified by
- // #ajax['method']. The default method is 'replaceWith', which completely
- // replaces the old wrapper element and its content with the new HTML.
- $html = is_string($page_callback_result) ? $page_callback_result : drupal_render($page_callback_result);
- $commands[] = ajax_command_insert(NULL, $html);
- // Add the status messages inside the new content's wrapper element, so that
- // on subsequent Ajax requests, it is treated as old content.
- $commands[] = ajax_command_prepend(NULL, theme('status_messages'));
- }
-
- return $commands;
-}
-
-/**
- * Performs end-of-Ajax-request tasks.
- *
- * This function is the equivalent of drupal_page_footer(), but for Ajax
- * requests.
- *
- * @see drupal_page_footer()
- */
-function ajax_footer() {
- // Even for Ajax requests, invoke hook_exit() implementations. There may be
- // modules that need very fast Ajax responses, and therefore, run Ajax
- // requests with an early bootstrap.
- if (drupal_get_bootstrap_phase() == DRUPAL_BOOTSTRAP_FULL && (!defined('MAINTENANCE_MODE') || MAINTENANCE_MODE != 'update')) {
- module_invoke_all('exit');
- }
-
- // Commit the user session. See above comment about the possibility of this
- // function running without session.inc loaded.
- if (function_exists('drupal_session_commit')) {
- drupal_session_commit();
- }
-}
-
-/**
- * Form element processing handler for the #ajax form property.
- *
- * @param $element
- * An associative array containing the properties of the element.
- *
- * @return
- * The processed element.
- *
- * @see ajax_pre_render_element()
- */
-function ajax_process_form($element, &$form_state) {
- $element = ajax_pre_render_element($element);
- if (!empty($element['#ajax_processed'])) {
- $form_state['cache'] = TRUE;
- }
- return $element;
-}
-
-/**
- * Adds Ajax information about an element to communicate with JavaScript.
- *
- * If #ajax['path'] is set on an element, this additional JavaScript is added
- * to the page header to attach the Ajax behaviors. See ajax.js for more
- * information.
- *
- * @param $element
- * An associative array containing the properties of the element.
- * Properties used:
- * - #ajax['event']
- * - #ajax['prevent']
- * - #ajax['path']
- * - #ajax['options']
- * - #ajax['wrapper']
- * - #ajax['parameters']
- * - #ajax['effect']
- *
- * @return
- * The processed element with the necessary JavaScript attached to it.
- */
-function ajax_pre_render_element($element) {
- // Skip already processed elements.
- if (isset($element['#ajax_processed'])) {
- return $element;
- }
- // Initialize #ajax_processed, so we do not process this element again.
- $element['#ajax_processed'] = FALSE;
-
- // Nothing to do if there is neither a callback nor a path.
- if (!(isset($element['#ajax']['callback']) || isset($element['#ajax']['path']))) {
- return $element;
- }
-
- // Add a reasonable default event handler if none was specified.
- if (isset($element['#ajax']) && !isset($element['#ajax']['event'])) {
- switch ($element['#type']) {
- case 'submit':
- case 'button':
- case 'image_button':
- // Pressing the ENTER key within a textfield triggers the click event of
- // the form's first submit button. Triggering Ajax in this situation
- // leads to problems, like breaking autocomplete textfields, so we bind
- // to mousedown instead of click.
- // @see http://drupal.org/node/216059
- $element['#ajax']['event'] = 'mousedown';
- // Retain keyboard accessibility by setting 'keypress'. This causes
- // ajax.js to trigger 'event' when SPACE or ENTER are pressed while the
- // button has focus.
- $element['#ajax']['keypress'] = TRUE;
- // Binding to mousedown rather than click means that it is possible to
- // trigger a click by pressing the mouse, holding the mouse button down
- // until the Ajax request is complete and the button is re-enabled, and
- // then releasing the mouse button. Set 'prevent' so that ajax.js binds
- // an additional handler to prevent such a click from triggering a
- // non-Ajax form submission. This also prevents a textfield's ENTER
- // press triggering this button's non-Ajax form submission behavior.
- if (!isset($element['#ajax']['prevent'])) {
- $element['#ajax']['prevent'] = 'click';
- }
- break;
-
- case 'password':
- case 'textfield':
- case 'textarea':
- $element['#ajax']['event'] = 'blur';
- break;
-
- case 'radio':
- case 'checkbox':
- case 'select':
- $element['#ajax']['event'] = 'change';
- break;
-
- case 'link':
- $element['#ajax']['event'] = 'click';
- break;
-
- default:
- return $element;
- }
- }
-
- // Attach JavaScript settings to the element.
- if (isset($element['#ajax']['event'])) {
- $element['#attached']['library'][] = array('system', 'jquery.form');
- $element['#attached']['library'][] = array('system', 'drupal.ajax');
-
- $settings = $element['#ajax'];
-
- // Assign default settings.
- $settings += array(
- 'path' => 'system/ajax',
- 'options' => array(),
- );
-
- // @todo Legacy support. Remove in Drupal 8.
- if (isset($settings['method']) && $settings['method'] == 'replace') {
- $settings['method'] = 'replaceWith';
- }
-
- // Change path to URL.
- $settings['url'] = url($settings['path'], $settings['options']);
- unset($settings['path'], $settings['options']);
-
- // Add special data to $settings['submit'] so that when this element
- // triggers an Ajax submission, Drupal's form processing can determine which
- // element triggered it.
- // @see _form_element_triggered_scripted_submission()
- if (isset($settings['trigger_as'])) {
- // An element can add a 'trigger_as' key within #ajax to make the element
- // submit as though another one (for example, a non-button can use this
- // to submit the form as though a button were clicked). When using this,
- // the 'name' key is always required to identify the element to trigger
- // as. The 'value' key is optional, and only needed when multiple elements
- // share the same name, which is commonly the case for buttons.
- $settings['submit']['_triggering_element_name'] = $settings['trigger_as']['name'];
- if (isset($settings['trigger_as']['value'])) {
- $settings['submit']['_triggering_element_value'] = $settings['trigger_as']['value'];
- }
- unset($settings['trigger_as']);
- }
- elseif (isset($element['#name'])) {
- // Most of the time, elements can submit as themselves, in which case the
- // 'trigger_as' key isn't needed, and the element's name is used.
- $settings['submit']['_triggering_element_name'] = $element['#name'];
- // If the element is a (non-image) button, its name may not identify it
- // uniquely, in which case a match on value is also needed.
- // @see _form_button_was_clicked()
- if (isset($element['#button_type']) && empty($element['#has_garbage_value'])) {
- $settings['submit']['_triggering_element_value'] = $element['#value'];
- }
- }
-
- // Convert a simple #ajax['progress'] string into an array.
- if (isset($settings['progress']) && is_string($settings['progress'])) {
- $settings['progress'] = array('type' => $settings['progress']);
- }
- // Change progress path to a full URL.
- if (isset($settings['progress']['path'])) {
- $settings['progress']['url'] = url($settings['progress']['path']);
- unset($settings['progress']['path']);
- }
-
- $element['#attached']['js'][] = array(
- 'type' => 'setting',
- 'data' => array('ajax' => array($element['#id'] => $settings)),
- );
-
- // Indicate that Ajax processing was successful.
- $element['#ajax_processed'] = TRUE;
- }
- return $element;
-}
-
-/**
- * @} End of "defgroup ajax".
- */
-
-/**
- * @defgroup ajax_commands Ajax framework commands
- * @{
- * Functions to create various Ajax commands.
- *
- * These functions can be used to create arrays for use with the
- * ajax_render() function.
- */
-
-/**
- * Creates a Drupal Ajax 'alert' command.
- *
- * The 'alert' command instructs the client to display a JavaScript alert
- * dialog box.
- *
- * This command is implemented by Drupal.ajax.prototype.commands.alert()
- * defined in misc/ajax.js.
- *
- * @param $text
- * The message string to display to the user.
- *
- * @return
- * An array suitable for use with the ajax_render() function.
- */
-function ajax_command_alert($text) {
- return array(
- 'command' => 'alert',
- 'text' => $text,
- );
-}
-
-/**
- * Creates a Drupal Ajax 'insert' command using the method in #ajax['method'].
- *
- * This command instructs the client to insert the given HTML using whichever
- * jQuery DOM manipulation method has been specified in the #ajax['method']
- * variable of the element that triggered the request.
- *
- * This command is implemented by Drupal.ajax.prototype.commands.insert()
- * defined in misc/ajax.js.
- *
- * @param $selector
- * A jQuery selector string. If the command is a response to a request from
- * an #ajax form element then this value can be NULL.
- * @param $html
- * The data to use with the jQuery method.
- * @param $settings
- * An optional array of settings that will be used for this command only.
- *
- * @return
- * An array suitable for use with the ajax_render() function.
- */
-function ajax_command_insert($selector, $html, $settings = NULL) {
- return array(
- 'command' => 'insert',
- 'method' => NULL,
- 'selector' => $selector,
- 'data' => $html,
- 'settings' => $settings,
- );
-}
-
-/**
- * Creates a Drupal Ajax 'insert/replaceWith' command.
- *
- * The 'insert/replaceWith' command instructs the client to use jQuery's
- * replaceWith() method to replace each element matched matched by the given
- * selector with the given HTML.
- *
- * This command is implemented by Drupal.ajax.prototype.commands.insert()
- * defined in misc/ajax.js.
- *
- * @param $selector
- * A jQuery selector string. If the command is a response to a request from
- * an #ajax form element then this value can be NULL.
- * @param $html
- * The data to use with the jQuery replaceWith() method.
- * @param $settings
- * An optional array of settings that will be used for this command only.
- *
- * @return
- * An array suitable for use with the ajax_render() function.
- *
- * See
- * @link http://docs.jquery.com/Manipulation/replaceWith#content jQuery replaceWith command @endlink
- */
-function ajax_command_replace($selector, $html, $settings = NULL) {
- return array(
- 'command' => 'insert',
- 'method' => 'replaceWith',
- 'selector' => $selector,
- 'data' => $html,
- 'settings' => $settings,
- );
-}
-
-/**
- * Creates a Drupal Ajax 'insert/html' command.
- *
- * The 'insert/html' command instructs the client to use jQuery's html()
- * method to set the HTML content of each element matched by the given
- * selector while leaving the outer tags intact.
- *
- * This command is implemented by Drupal.ajax.prototype.commands.insert()
- * defined in misc/ajax.js.
- *
- * @param $selector
- * A jQuery selector string. If the command is a response to a request from
- * an #ajax form element then this value can be NULL.
- * @param $html
- * The data to use with the jQuery html() method.
- * @param $settings
- * An optional array of settings that will be used for this command only.
- *
- * @return
- * An array suitable for use with the ajax_render() function.
- *
- * @see http://docs.jquery.com/Attributes/html#val
- */
-function ajax_command_html($selector, $html, $settings = NULL) {
- return array(
- 'command' => 'insert',
- 'method' => 'html',
- 'selector' => $selector,
- 'data' => $html,
- 'settings' => $settings,
- );
-}
-
-/**
- * Creates a Drupal Ajax 'insert/prepend' command.
- *
- * The 'insert/prepend' command instructs the client to use jQuery's prepend()
- * method to prepend the given HTML content to the inside each element matched
- * by the given selector.
- *
- * This command is implemented by Drupal.ajax.prototype.commands.insert()
- * defined in misc/ajax.js.
- *
- * @param $selector
- * A jQuery selector string. If the command is a response to a request from
- * an #ajax form element then this value can be NULL.
- * @param $html
- * The data to use with the jQuery prepend() method.
- * @param $settings
- * An optional array of settings that will be used for this command only.
- *
- * @return
- * An array suitable for use with the ajax_render() function.
- *
- * @see http://docs.jquery.com/Manipulation/prepend#content
- */
-function ajax_command_prepend($selector, $html, $settings = NULL) {
- return array(
- 'command' => 'insert',
- 'method' => 'prepend',
- 'selector' => $selector,
- 'data' => $html,
- 'settings' => $settings,
- );
-}
-
-/**
- * Creates a Drupal Ajax 'insert/append' command.
- *
- * The 'insert/append' command instructs the client to use jQuery's append()
- * method to append the given HTML content to the inside of each element matched
- * by the given selector.
- *
- * This command is implemented by Drupal.ajax.prototype.commands.insert()
- * defined in misc/ajax.js.
- *
- * @param $selector
- * A jQuery selector string. If the command is a response to a request from
- * an #ajax form element then this value can be NULL.
- * @param $html
- * The data to use with the jQuery append() method.
- * @param $settings
- * An optional array of settings that will be used for this command only.
- *
- * @return
- * An array suitable for use with the ajax_render() function.
- *
- * @see http://docs.jquery.com/Manipulation/append#content
- */
-function ajax_command_append($selector, $html, $settings = NULL) {
- return array(
- 'command' => 'insert',
- 'method' => 'append',
- 'selector' => $selector,
- 'data' => $html,
- 'settings' => $settings,
- );
-}
-
-/**
- * Creates a Drupal Ajax 'insert/after' command.
- *
- * The 'insert/after' command instructs the client to use jQuery's after()
- * method to insert the given HTML content after each element matched by
- * the given selector.
- *
- * This command is implemented by Drupal.ajax.prototype.commands.insert()
- * defined in misc/ajax.js.
- *
- * @param $selector
- * A jQuery selector string. If the command is a response to a request from
- * an #ajax form element then this value can be NULL.
- * @param $html
- * The data to use with the jQuery after() method.
- * @param $settings
- * An optional array of settings that will be used for this command only.
- *
- * @return
- * An array suitable for use with the ajax_render() function.
- *
- * @see http://docs.jquery.com/Manipulation/after#content
- */
-function ajax_command_after($selector, $html, $settings = NULL) {
- return array(
- 'command' => 'insert',
- 'method' => 'after',
- 'selector' => $selector,
- 'data' => $html,
- 'settings' => $settings,
- );
-}
-
-/**
- * Creates a Drupal Ajax 'insert/before' command.
- *
- * The 'insert/before' command instructs the client to use jQuery's before()
- * method to insert the given HTML content before each of elements matched by
- * the given selector.
- *
- * This command is implemented by Drupal.ajax.prototype.commands.insert()
- * defined in misc/ajax.js.
- *
- * @param $selector
- * A jQuery selector string. If the command is a response to a request from
- * an #ajax form element then this value can be NULL.
- * @param $html
- * The data to use with the jQuery before() method.
- * @param $settings
- * An optional array of settings that will be used for this command only.
- *
- * @return
- * An array suitable for use with the ajax_render() function.
- *
- * @see http://docs.jquery.com/Manipulation/before#content
- */
-function ajax_command_before($selector, $html, $settings = NULL) {
- return array(
- 'command' => 'insert',
- 'method' => 'before',
- 'selector' => $selector,
- 'data' => $html,
- 'settings' => $settings,
- );
-}
-
-/**
- * Creates a Drupal Ajax 'remove' command.
- *
- * The 'remove' command instructs the client to use jQuery's remove() method
- * to remove each of elements matched by the given selector, and everything
- * within them.
- *
- * This command is implemented by Drupal.ajax.prototype.commands.remove()
- * defined in misc/ajax.js.
- *
- * @param $selector
- * A jQuery selector string. If the command is a response to a request from
- * an #ajax form element then this value can be NULL.
- *
- * @return
- * An array suitable for use with the ajax_render() function.
- *
- * @see http://docs.jquery.com/Manipulation/remove#expr
- */
-function ajax_command_remove($selector) {
- return array(
- 'command' => 'remove',
- 'selector' => $selector,
- );
-}
-
-/**
- * Creates a Drupal Ajax 'changed' command.
- *
- * This command instructs the client to mark each of the elements matched by the
- * given selector as 'ajax-changed'.
- *
- * This command is implemented by Drupal.ajax.prototype.commands.changed()
- * defined in misc/ajax.js.
- *
- * @param $selector
- * A jQuery selector string. If the command is a response to a request from
- * an #ajax form element then this value can be NULL.
- * @param $asterisk
- * An optional CSS selector which must be inside $selector. If specified,
- * an asterisk will be appended to the HTML inside the $asterisk selector.
- *
- * @return
- * An array suitable for use with the ajax_render() function.
- */
-function ajax_command_changed($selector, $asterisk = '') {
- return array(
- 'command' => 'changed',
- 'selector' => $selector,
- 'asterisk' => $asterisk,
- );
-}
-
-/**
- * Creates a Drupal Ajax 'css' command.
- *
- * The 'css' command will instruct the client to use the jQuery css() method
- * to apply the CSS arguments to elements matched by the given selector.
- *
- * This command is implemented by Drupal.ajax.prototype.commands.css()
- * defined in misc/ajax.js.
- *
- * @param $selector
- * A jQuery selector string. If the command is a response to a request from
- * an #ajax form element then this value can be NULL.
- * @param $argument
- * An array of key/value pairs to set in the CSS for the selector.
- *
- * @return
- * An array suitable for use with the ajax_render() function.
- *
- * @see http://docs.jquery.com/CSS/css#properties
- */
-function ajax_command_css($selector, $argument) {
- return array(
- 'command' => 'css',
- 'selector' => $selector,
- 'argument' => $argument,
- );
-}
-
-/**
- * Creates a Drupal Ajax 'settings' command.
- *
- * The 'settings' command instructs the client either to use the given array as
- * the settings for ajax-loaded content or to extend Drupal.settings with the
- * given array, depending on the value of the $merge parameter.
- *
- * This command is implemented by Drupal.ajax.prototype.commands.settings()
- * defined in misc/ajax.js.
- *
- * @param $argument
- * An array of key/value pairs to add to the settings. This will be utilized
- * for all commands after this if they do not include their own settings
- * array.
- * @param $merge
- * Whether or not the passed settings in $argument should be merged into the
- * global Drupal.settings on the page. By default (FALSE), the settings that
- * are passed to Drupal.attachBehaviors will not include the global
- * Drupal.settings.
- *
- * @return
- * An array suitable for use with the ajax_render() function.
- */
-function ajax_command_settings($argument, $merge = FALSE) {
- return array(
- 'command' => 'settings',
- 'settings' => $argument,
- 'merge' => $merge,
- );
-}
-
-/**
- * Creates a Drupal Ajax 'data' command.
- *
- * The 'data' command instructs the client to attach the name=value pair of
- * data to the selector via jQuery's data cache.
- *
- * This command is implemented by Drupal.ajax.prototype.commands.data()
- * defined in misc/ajax.js.
- *
- * @param $selector
- * A jQuery selector string. If the command is a response to a request from
- * an #ajax form element then this value can be NULL.
- * @param $name
- * The name or key (in the key value pair) of the data attached to this
- * selector.
- * @param $value
- * The value of the data. Not just limited to strings can be any format.
- *
- * @return
- * An array suitable for use with the ajax_render() function.
- *
- * @see http://docs.jquery.com/Core/data#namevalue
- */
-function ajax_command_data($selector, $name, $value) {
- return array(
- 'command' => 'data',
- 'selector' => $selector,
- 'name' => $name,
- 'value' => $value,
- );
-}
-
-/**
- * Creates a Drupal Ajax 'invoke' command.
- *
- * The 'invoke' command will instruct the client to invoke the given jQuery
- * method with the supplied arguments on the elements matched by the given
- * selector. Intended for simple jQuery commands, such as attr(), addClass(),
- * removeClass(), toggleClass(), etc.
- *
- * This command is implemented by Drupal.ajax.prototype.commands.invoke()
- * defined in misc/ajax.js.
- *
- * @param $selector
- * A jQuery selector string. If the command is a response to a request from
- * an #ajax form element then this value can be NULL.
- * @param $method
- * The jQuery method to invoke.
- * @param $arguments
- * (optional) A list of arguments to the jQuery $method, if any.
- *
- * @return
- * An array suitable for use with the ajax_render() function.
- */
-function ajax_command_invoke($selector, $method, array $arguments = array()) {
- return array(
- 'command' => 'invoke',
- 'selector' => $selector,
- 'method' => $method,
- 'arguments' => $arguments,
- );
-}
-
-/**
- * Creates a Drupal Ajax 'restripe' command.
- *
- * The 'restripe' command instructs the client to restripe a table. This is
- * usually used after a table has been modified by a replace or append command.
- *
- * This command is implemented by Drupal.ajax.prototype.commands.restripe()
- * defined in misc/ajax.js.
- *
- * @param $selector
- * A jQuery selector string.
- *
- * @return
- * An array suitable for use with the ajax_render() function.
- */
-function ajax_command_restripe($selector) {
- return array(
- 'command' => 'restripe',
- 'selector' => $selector,
- );
-}
-
-/**
- * Creates a Drupal Ajax 'update_build_id' command.
- *
- * This command updates the value of a hidden form_build_id input element on a
- * form. It requires the form passed in to have keys for both the old build ID
- * in #build_id_old and the new build ID in #build_id.
- *
- * The primary use case for this Ajax command is to serve a new build ID to a
- * form served from the cache to an anonymous user, preventing one anonymous
- * user from accessing the form state of another anonymous users on Ajax enabled
- * forms.
- *
- * @param $form
- * The form array representing the form whose build ID should be updated.
- */
-function ajax_command_update_build_id($form) {
- return array(
- 'command' => 'updateBuildId',
- 'old' => $form['#build_id_old'],
- 'new' => $form['#build_id'],
- );
-}
-
-/**
- * Creates a Drupal Ajax 'add_css' command.
- *
- * This method will add css via ajax in a cross-browser compatible way.
- *
- * This command is implemented by Drupal.ajax.prototype.commands.add_css()
- * defined in misc/ajax.js.
- *
- * @param $styles
- * A string that contains the styles to be added.
- *
- * @return
- * An array suitable for use with the ajax_render() function.
- *
- * @see misc/ajax.js
- */
-function ajax_command_add_css($styles) {
- return array(
- 'command' => 'add_css',
- 'data' => $styles,
- );
-}
diff --git a/includes/archiver.inc b/includes/archiver.inc
deleted file mode 100644
index 3ce1173..0000000
--- a/includes/archiver.inc
+++ /dev/null
@@ -1,68 +0,0 @@
- '',
- '#markup' => t('WARNING: You are not using an encrypted connection, so your password will be sent in plain text.
Learn more .', array('@https-link' => 'http://drupal.org/https-information')),
- '#suffix' => '
',
- '#markup' => t('To continue, provide your server connection details'),
- '#suffix' => ' ',
- );
-
- $form['connection_settings']['#tree'] = TRUE;
- $form['connection_settings']['authorize_filetransfer_default'] = array(
- '#type' => 'select',
- '#title' => t('Connection method'),
- '#default_value' => $authorize_filetransfer_default,
- '#weight' => -10,
- );
-
- /*
- * Here we create two submit buttons. For a JS enabled client, they will
- * only ever see submit_process. However, if a client doesn't have JS
- * enabled, they will see submit_connection on the first form (when picking
- * what filetransfer type to use, and submit_process on the second one (which
- * leads to the actual operation).
- */
- $form['submit_connection'] = array(
- '#prefix' => "' . t('@backend connection settings', array('@backend' => $backend['title'])) . ' ',
- );
-
- $form['connection_settings'][$name] += _authorize_filetransfer_connection_settings($name);
-
- // Start non-JS code.
- if (isset($form_state['values']['connection_settings']['authorize_filetransfer_default']) && $form_state['values']['connection_settings']['authorize_filetransfer_default'] == $name) {
-
- // If the user switches from JS to non-JS, Drupal (and Batch API) will
- // barf. This is a known bug: http://drupal.org/node/229825.
- setcookie('has_js', '', time() - 3600, '/');
- unset($_COOKIE['has_js']);
-
- // Change the submit button to the submit_process one.
- $form['submit_process']['#attributes'] = array();
- unset($form['submit_connection']);
-
- // Activate the proper filetransfer settings form.
- $form['connection_settings'][$name]['#attributes']['style'] = 'display:block';
- // Disable the select box.
- $form['connection_settings']['authorize_filetransfer_default']['#disabled'] = TRUE;
-
- // Create a button for changing the type of connection.
- $form['connection_settings']['change_connection_type'] = array(
- '#name' => 'change_connection_type',
- '#type' => 'submit',
- '#value' => t('Change connection type'),
- '#weight' => -5,
- '#attributes' => array('class' => array('filetransfer-change-connection-type')),
- );
- }
- // End non-JS code.
- }
- return $form;
-}
-
-/**
- * Generates the Form API array for a given connection backend's settings.
- *
- * @param $backend
- * The name of the backend (e.g. 'ftp', 'ssh', etc).
- *
- * @return
- * Form API array of connection settings for the given backend.
- *
- * @see hook_filetransfer_backends()
- */
-function _authorize_filetransfer_connection_settings($backend) {
- $defaults = variable_get('authorize_filetransfer_connection_settings_' . $backend, array());
- $form = array();
-
- // Create an instance of the file transfer class to get its settings form.
- $filetransfer = authorize_get_filetransfer($backend);
- if ($filetransfer) {
- $form = $filetransfer->getSettingsForm();
- }
- // Fill in the defaults based on the saved settings, if any.
- _authorize_filetransfer_connection_settings_set_defaults($form, NULL, $defaults);
- return $form;
-}
-
-/**
- * Sets the default settings on a file transfer connection form recursively.
- *
- * The default settings for the file transfer connection forms are saved in
- * the database. The settings are stored as a nested array in the case of a
- * settings form that has fieldsets or otherwise uses a nested structure.
- * Therefore, to properly add defaults, we need to walk through all the
- * children form elements and process those defaults recursively.
- *
- * @param $element
- * Reference to the Form API form element we're operating on.
- * @param $key
- * The key for our current form element, if any.
- * @param array $defaults
- * The default settings for the file transfer backend we're operating on.
- */
-function _authorize_filetransfer_connection_settings_set_defaults(&$element, $key, array $defaults) {
- // If we're operating on a form element which isn't a fieldset, and we have
- // a default setting saved, stash it in #default_value.
- if (!empty($key) && isset($defaults[$key]) && isset($element['#type']) && $element['#type'] != 'fieldset') {
- $element['#default_value'] = $defaults[$key];
- }
- // Now, we walk through all the child elements, and recursively invoke
- // ourself on each one. Since the $defaults settings array can be nested
- // (because of #tree, any values inside fieldsets will be nested), if
- // there's a subarray of settings for the form key we're currently
- // processing, pass in that subarray to the recursive call. Otherwise, just
- // pass on the whole $defaults array.
- foreach (element_children($element) as $child_key) {
- _authorize_filetransfer_connection_settings_set_defaults($element[$child_key], $child_key, ((isset($defaults[$key]) && is_array($defaults[$key])) ? $defaults[$key] : $defaults));
- }
-}
-
-/**
- * Form validation handler for authorize_filetransfer_form().
- *
- * @see authorize_filetransfer_form()
- * @see authorize_filetransfer_submit()
- */
-function authorize_filetransfer_form_validate($form, &$form_state) {
- // Only validate the form if we have collected all of the user input and are
- // ready to proceed with updating or installing.
- if ($form_state['triggering_element']['#name'] != 'process_updates') {
- return;
- }
-
- if (isset($form_state['values']['connection_settings'])) {
- $backend = $form_state['values']['connection_settings']['authorize_filetransfer_default'];
- $filetransfer = authorize_get_filetransfer($backend, $form_state['values']['connection_settings'][$backend]);
- try {
- if (!$filetransfer) {
- throw new Exception(t('Error, this type of connection protocol (%backend) does not exist.', array('%backend' => $backend)));
- }
- $filetransfer->connect();
- }
- catch (Exception $e) {
- // The format of this error message is similar to that used on the
- // database connection form in the installer.
- form_set_error('connection_settings', t('Failed to connect to the server. The server reports the following message: !message For more help installing or updating code on your server, see the handbook .', array(
- '!message' => '' . $e->getMessage() . '
',
- '@handbook_url' => 'http://drupal.org/documentation/install/modules-themes',
- )));
- }
- }
-}
-
-/**
- * Form submission handler for authorize_filetransfer_form().
- *
- * @see authorize_filetransfer_form()
- * @see authorize_filetransfer_validate()
- */
-function authorize_filetransfer_form_submit($form, &$form_state) {
- global $base_url;
- switch ($form_state['triggering_element']['#name']) {
- case 'process_updates':
-
- // Save the connection settings to the DB.
- $filetransfer_backend = $form_state['values']['connection_settings']['authorize_filetransfer_default'];
-
- // If the database is available then try to save our settings. We have
- // to make sure it is available since this code could potentially (will
- // likely) be called during the installation process, before the
- // database is set up.
- try {
- $connection_settings = array();
- foreach ($form_state['values']['connection_settings'][$filetransfer_backend] as $key => $value) {
- // We do *not* want to store passwords in the database, unless the
- // backend explicitly says so via the magic #filetransfer_save form
- // property. Otherwise, we store everything that's not explicitly
- // marked with #filetransfer_save set to FALSE.
- if (!isset($form['connection_settings'][$filetransfer_backend][$key]['#filetransfer_save'])) {
- if ($form['connection_settings'][$filetransfer_backend][$key]['#type'] != 'password') {
- $connection_settings[$key] = $value;
- }
- }
- // The attribute is defined, so only save if set to TRUE.
- elseif ($form['connection_settings'][$filetransfer_backend][$key]['#filetransfer_save']) {
- $connection_settings[$key] = $value;
- }
- }
- // Set this one as the default authorize method.
- variable_set('authorize_filetransfer_default', $filetransfer_backend);
- // Save the connection settings minus the password.
- variable_set('authorize_filetransfer_connection_settings_' . $filetransfer_backend, $connection_settings);
-
- $filetransfer = authorize_get_filetransfer($filetransfer_backend, $form_state['values']['connection_settings'][$filetransfer_backend]);
-
- // Now run the operation.
- authorize_run_operation($filetransfer);
- }
- catch (Exception $e) {
- // If there is no database available, we don't care and just skip
- // this part entirely.
- }
-
- break;
-
- case 'enter_connection_settings':
- $form_state['rebuild'] = TRUE;
- break;
-
- case 'change_connection_type':
- $form_state['rebuild'] = TRUE;
- unset($form_state['values']['connection_settings']['authorize_filetransfer_default']);
- break;
- }
-}
-
-/**
- * Runs the operation specified in $_SESSION['authorize_operation'].
- *
- * @param $filetransfer
- * The FileTransfer object to use for running the operation.
- */
-function authorize_run_operation($filetransfer) {
- $operation = $_SESSION['authorize_operation'];
- unset($_SESSION['authorize_operation']);
-
- if (!empty($operation['page_title'])) {
- drupal_set_title($operation['page_title']);
- }
-
- require_once DRUPAL_ROOT . '/' . $operation['file'];
- call_user_func_array($operation['callback'], array_merge(array($filetransfer), $operation['arguments']));
-}
-
-/**
- * Gets a FileTransfer class for a specific transfer method and settings.
- *
- * @param $backend
- * The FileTransfer backend to get the class for.
- * @param $settings
- * Array of settings for the FileTransfer.
- *
- * @return
- * An instantiated FileTransfer object for the requested method and settings,
- * or FALSE if there was an error finding or instantiating it.
- */
-function authorize_get_filetransfer($backend, $settings = array()) {
- $filetransfer = FALSE;
- if (!empty($_SESSION['authorize_filetransfer_info'][$backend])) {
- $backend_info = $_SESSION['authorize_filetransfer_info'][$backend];
- if (!empty($backend_info['file'])) {
- $file = $backend_info['file path'] . '/' . $backend_info['file'];
- require_once $file;
- }
- if (class_exists($backend_info['class'])) {
- // PHP 5.2 doesn't support $class::factory() syntax, so we have to
- // use call_user_func_array() until we can require PHP 5.3.
- $filetransfer = call_user_func_array(array($backend_info['class'], 'factory'), array(DRUPAL_ROOT, $settings));
- }
- }
- return $filetransfer;
-}
diff --git a/includes/batch.inc b/includes/batch.inc
deleted file mode 100644
index 061acd4..0000000
--- a/includes/batch.inc
+++ /dev/null
@@ -1,539 +0,0 @@
- $id,
- ':token' => drupal_get_token($id),
- ))->fetchField();
- if ($batch) {
- return unserialize($batch);
- }
- return FALSE;
-}
-
-/**
- * Renders the batch processing page based on the current state of the batch.
- *
- * @see _batch_shutdown()
- */
-function _batch_page() {
- $batch = &batch_get();
-
- if (!isset($_REQUEST['id'])) {
- return FALSE;
- }
-
- // Retrieve the current state of the batch.
- if (!$batch) {
- $batch = batch_load($_REQUEST['id']);
- if (!$batch) {
- drupal_set_message(t('No active batch.'), 'error');
- drupal_goto();
- }
- }
-
- // Register database update for the end of processing.
- drupal_register_shutdown_function('_batch_shutdown');
-
- // Add batch-specific CSS.
- foreach ($batch['sets'] as $batch_set) {
- if (isset($batch_set['css'])) {
- foreach ($batch_set['css'] as $css) {
- drupal_add_css($css);
- }
- }
- }
-
- $op = isset($_REQUEST['op']) ? $_REQUEST['op'] : '';
- $output = NULL;
- switch ($op) {
- case 'start':
- $output = _batch_start();
- break;
-
- case 'do':
- // JavaScript-based progress page callback.
- _batch_do();
- break;
-
- case 'do_nojs':
- // Non-JavaScript-based progress page.
- $output = _batch_progress_page_nojs();
- break;
-
- case 'finished':
- $output = _batch_finished();
- break;
- }
-
- return $output;
-}
-
-/**
- * Initializes the batch processing.
- *
- * JavaScript-enabled clients are identified by the 'has_js' cookie set in
- * drupal.js. If no JavaScript-enabled page has been visited during the current
- * user's browser session, the non-JavaScript version is returned.
- */
-function _batch_start() {
- if (isset($_COOKIE['has_js']) && $_COOKIE['has_js']) {
- return _batch_progress_page_js();
- }
- else {
- return _batch_progress_page_nojs();
- }
-}
-
-/**
- * Outputs a batch processing page with JavaScript support.
- *
- * This initializes the batch and error messages. Note that in JavaScript-based
- * processing, the batch processing page is displayed only once and updated via
- * AHAH requests, so only the first batch set gets to define the page title.
- * Titles specified by subsequent batch sets are not displayed.
- *
- * @see batch_set()
- * @see _batch_do()
- */
-function _batch_progress_page_js() {
- $batch = batch_get();
-
- $current_set = _batch_current_set();
- drupal_set_title($current_set['title'], PASS_THROUGH);
-
- // Merge required query parameters for batch processing into those provided by
- // batch_set() or hook_batch_alter().
- $batch['url_options']['query']['id'] = $batch['id'];
-
- $js_setting = array(
- 'batch' => array(
- 'errorMessage' => $current_set['error_message'] . '
';
-}
-
-/**
- * Does one execution pass with JavaScript and returns progress to the browser.
- *
- * @see _batch_progress_page_js()
- * @see _batch_process()
- */
-function _batch_do() {
- // HTTP POST required.
- if ($_SERVER['REQUEST_METHOD'] != 'POST') {
- drupal_set_message(t('HTTP POST is required.'), 'error');
- drupal_set_title(t('Error'));
- return '';
- }
-
- // Perform actual processing.
- list($percentage, $message) = _batch_process();
-
- drupal_json_output(array('status' => TRUE, 'percentage' => $percentage, 'message' => $message));
-}
-
-/**
- * Outputs a batch processing page without JavaScript support.
- *
- * @see _batch_process()
- */
-function _batch_progress_page_nojs() {
- $batch = &batch_get();
-
- $current_set = _batch_current_set();
- drupal_set_title($current_set['title'], PASS_THROUGH);
-
- $new_op = 'do_nojs';
-
- if (!isset($batch['running'])) {
- // This is the first page so we return some output immediately.
- $percentage = 0;
- $message = $current_set['init_message'];
- $batch['running'] = TRUE;
- }
- else {
- // This is one of the later requests; do some processing first.
-
- // Error handling: if PHP dies due to a fatal error (e.g. a nonexistent
- // function), it will output whatever is in the output buffer, followed by
- // the error message.
- ob_start();
- $fallback = $current_set['error_message'] . 'emphasized text.
- * - !variable: Inserted as is, with no sanitization or formatting. Only use
- * this for text that has already been prepared for HTML display (for
- * example, user-supplied text that has already been run through
- * check_plain() previously, or is expected to contain some limited HTML
- * tags and has already been run through filter_xss() previously).
- *
- * @see t()
- * @ingroup sanitization
- */
-function format_string($string, array $args = array()) {
- // Transform arguments before inserting them.
- foreach ($args as $key => $value) {
- switch ($key[0]) {
- case '@':
- // Escaped only.
- $args[$key] = check_plain($value);
- break;
-
- case '%':
- default:
- // Escaped and placeholder.
- $args[$key] = drupal_placeholder($value);
- break;
-
- case '!':
- // Pass-through.
- }
- }
- return strtr($string, $args);
-}
-
-/**
- * Encodes special characters in a plain-text string for display as HTML.
- *
- * Also validates strings as UTF-8 to prevent cross site scripting attacks on
- * Internet Explorer 6.
- *
- * @param string $text
- * The text to be checked or processed.
- *
- * @return string
- * An HTML safe version of $text. If $text is not valid UTF-8, an empty string
- * is returned and, on PHP < 5.4, a warning may be issued depending on server
- * configuration (see @link https://bugs.php.net/bug.php?id=47494 @endlink).
- *
- * @see drupal_validate_utf8()
- * @ingroup sanitization
- */
-function check_plain($text) {
- return htmlspecialchars($text, ENT_QUOTES, 'UTF-8');
-}
-
-/**
- * Checks whether a string is valid UTF-8.
- *
- * All functions designed to filter input should use drupal_validate_utf8
- * to ensure they operate on valid UTF-8 strings to prevent bypass of the
- * filter.
- *
- * When text containing an invalid UTF-8 lead byte (0xC0 - 0xFF) is presented
- * as UTF-8 to Internet Explorer 6, the program may misinterpret subsequent
- * bytes. When these subsequent bytes are HTML control characters such as
- * quotes or angle brackets, parts of the text that were deemed safe by filters
- * end up in locations that are potentially unsafe; An onerror attribute that
- * is outside of a tag, and thus deemed safe by a filter, can be interpreted
- * by the browser as if it were inside the tag.
- *
- * The function does not return FALSE for strings containing character codes
- * above U+10FFFF, even though these are prohibited by RFC 3629.
- *
- * @param $text
- * The text to check.
- *
- * @return
- * TRUE if the text is valid UTF-8, FALSE if not.
- */
-function drupal_validate_utf8($text) {
- if (strlen($text) == 0) {
- return TRUE;
- }
- // With the PCRE_UTF8 modifier 'u', preg_match() fails silently on strings
- // containing invalid UTF-8 byte sequences. It does not reject character
- // codes above U+10FFFF (represented by 4 or more octets), though.
- return (preg_match('/^./us', $text) == 1);
-}
-
-/**
- * Returns the equivalent of Apache's $_SERVER['REQUEST_URI'] variable.
- *
- * Because $_SERVER['REQUEST_URI'] is only available on Apache, we generate an
- * equivalent using other environment variables.
- */
-function request_uri() {
- if (isset($_SERVER['REQUEST_URI'])) {
- $uri = $_SERVER['REQUEST_URI'];
- }
- else {
- if (isset($_SERVER['argv'])) {
- $uri = $_SERVER['SCRIPT_NAME'] . '?' . $_SERVER['argv'][0];
- }
- elseif (isset($_SERVER['QUERY_STRING'])) {
- $uri = $_SERVER['SCRIPT_NAME'] . '?' . $_SERVER['QUERY_STRING'];
- }
- else {
- $uri = $_SERVER['SCRIPT_NAME'];
- }
- }
- // Prevent multiple slashes to avoid cross site requests via the Form API.
- $uri = '/' . ltrim($uri, '/');
-
- return $uri;
-}
-
-/**
- * Logs an exception.
- *
- * This is a wrapper function for watchdog() which automatically decodes an
- * exception.
- *
- * @param $type
- * The category to which this message belongs.
- * @param $exception
- * The exception that is going to be logged.
- * @param $message
- * The message to store in the log. If empty, a text that contains all useful
- * information about the passed-in exception is used.
- * @param $variables
- * Array of variables to replace in the message on display. Defaults to the
- * return value of _drupal_decode_exception().
- * @param $severity
- * The severity of the message, as per RFC 3164.
- * @param $link
- * A link to associate with the message.
- *
- * @see watchdog()
- * @see _drupal_decode_exception()
- */
-function watchdog_exception($type, Exception $exception, $message = NULL, $variables = array(), $severity = WATCHDOG_ERROR, $link = NULL) {
-
- // Use a default value if $message is not set.
- if (empty($message)) {
- // The exception message is run through check_plain() by _drupal_decode_exception().
- $message = '%type: !message in %function (line %line of %file).';
- }
- // $variables must be an array so that we can add the exception information.
- if (!is_array($variables)) {
- $variables = array();
- }
-
- require_once DRUPAL_ROOT . '/includes/errors.inc';
- $variables += _drupal_decode_exception($exception);
- watchdog($type, $message, $variables, $severity, $link);
-}
-
-/**
- * Logs a system message.
- *
- * @param $type
- * The category to which this message belongs. Can be any string, but the
- * general practice is to use the name of the module calling watchdog().
- * @param $message
- * The message to store in the log. Keep $message translatable
- * by not concatenating dynamic values into it! Variables in the
- * message should be added by using placeholder strings alongside
- * the variables argument to declare the value of the placeholders.
- * See t() for documentation on how $message and $variables interact.
- * @param $variables
- * Array of variables to replace in the message on display or
- * NULL if message is already translated or not possible to
- * translate.
- * @param $severity
- * The severity of the message; one of the following values as defined in
- * @link http://www.faqs.org/rfcs/rfc3164.html RFC 3164: @endlink
- * - WATCHDOG_EMERGENCY: Emergency, system is unusable.
- * - WATCHDOG_ALERT: Alert, action must be taken immediately.
- * - WATCHDOG_CRITICAL: Critical conditions.
- * - WATCHDOG_ERROR: Error conditions.
- * - WATCHDOG_WARNING: Warning conditions.
- * - WATCHDOG_NOTICE: (default) Normal but significant conditions.
- * - WATCHDOG_INFO: Informational messages.
- * - WATCHDOG_DEBUG: Debug-level messages.
- * @param $link
- * A link to associate with the message.
- *
- * @see watchdog_severity_levels()
- * @see hook_watchdog()
- */
-function watchdog($type, $message, $variables = array(), $severity = WATCHDOG_NOTICE, $link = NULL) {
- global $user, $base_root;
-
- static $in_error_state = FALSE;
-
- // It is possible that the error handling will itself trigger an error. In that case, we could
- // end up in an infinite loop. To avoid that, we implement a simple static semaphore.
- if (!$in_error_state && function_exists('module_implements')) {
- $in_error_state = TRUE;
-
- // The user object may not exist in all conditions, so 0 is substituted if needed.
- $user_uid = isset($user->uid) ? $user->uid : 0;
-
- // Prepare the fields to be logged
- $log_entry = array(
- 'type' => $type,
- 'message' => $message,
- 'variables' => $variables,
- 'severity' => $severity,
- 'link' => $link,
- 'user' => $user,
- 'uid' => $user_uid,
- 'request_uri' => $base_root . request_uri(),
- 'referer' => isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '',
- 'ip' => ip_address(),
- // Request time isn't accurate for long processes, use time() instead.
- 'timestamp' => time(),
- );
-
- // Call the logging hooks to log/process the message
- foreach (module_implements('watchdog') as $module) {
- module_invoke($module, 'watchdog', $log_entry);
- }
-
- // It is critical that the semaphore is only cleared here, in the parent
- // watchdog() call (not outside the loop), to prevent recursive execution.
- $in_error_state = FALSE;
- }
-}
-
-/**
- * Sets a message to display to the user.
- *
- * Messages are stored in a session variable and displayed in page.tpl.php via
- * the $messages theme variable.
- *
- * Example usage:
- * @code
- * drupal_set_message(t('An error occurred and processing did not complete.'), 'error');
- * @endcode
- *
- * @param string $message
- * (optional) The translated message to be displayed to the user. For
- * consistency with other messages, it should begin with a capital letter and
- * end with a period.
- * @param string $type
- * (optional) The message's type. Defaults to 'status'. These values are
- * supported:
- * - 'status'
- * - 'warning'
- * - 'error'
- * @param bool $repeat
- * (optional) If this is FALSE and the message is already set, then the
- * message won't be repeated. Defaults to TRUE.
- *
- * @return array|null
- * A multidimensional array with keys corresponding to the set message types.
- * The indexed array values of each contain the set messages for that type.
- * Or, if there are no messages set, the function returns NULL.
- *
- * @see drupal_get_messages()
- * @see theme_status_messages()
- */
-function drupal_set_message($message = NULL, $type = 'status', $repeat = TRUE) {
- if ($message) {
- if (!isset($_SESSION['messages'][$type])) {
- $_SESSION['messages'][$type] = array();
- }
-
- if ($repeat || !in_array($message, $_SESSION['messages'][$type])) {
- $_SESSION['messages'][$type][] = $message;
- }
-
- // Mark this page as being uncacheable.
- drupal_page_is_cacheable(FALSE);
- }
-
- // Messages not set when DB connection fails.
- return isset($_SESSION['messages']) ? $_SESSION['messages'] : NULL;
-}
-
-/**
- * Returns all messages that have been set with drupal_set_message().
- *
- * @param string $type
- * (optional) Limit the messages returned by type. Defaults to NULL, meaning
- * all types. These values are supported:
- * - NULL
- * - 'status'
- * - 'warning'
- * - 'error'
- * @param bool $clear_queue
- * (optional) If this is TRUE, the queue will be cleared of messages of the
- * type specified in the $type parameter. Otherwise the queue will be left
- * intact. Defaults to TRUE.
- *
- * @return array
- * A multidimensional array with keys corresponding to the set message types.
- * The indexed array values of each contain the set messages for that type.
- * The messages returned are limited to the type specified in the $type
- * parameter. If there are no messages of the specified type, an empty array
- * is returned.
- *
- * @see drupal_set_message()
- * @see theme_status_messages()
- */
-function drupal_get_messages($type = NULL, $clear_queue = TRUE) {
- if ($messages = drupal_set_message()) {
- if ($type) {
- if ($clear_queue) {
- unset($_SESSION['messages'][$type]);
- }
- if (isset($messages[$type])) {
- return array($type => $messages[$type]);
- }
- }
- else {
- if ($clear_queue) {
- unset($_SESSION['messages']);
- }
- return $messages;
- }
- }
- return array();
-}
-
-/**
- * Gets the title of the current page.
- *
- * The title is displayed on the page and in the title bar.
- *
- * @return
- * The current page's title.
- */
-function drupal_get_title() {
- $title = drupal_set_title();
-
- // During a bootstrap, menu.inc is not included and thus we cannot provide a title.
- if (!isset($title) && function_exists('menu_get_active_title')) {
- $title = check_plain(menu_get_active_title());
- }
-
- return $title;
-}
-
-/**
- * Sets the title of the current page.
- *
- * The title is displayed on the page and in the title bar.
- *
- * @param $title
- * Optional string value to assign to the page title; or if set to NULL
- * (default), leaves the current title unchanged.
- * @param $output
- * Optional flag - normally should be left as CHECK_PLAIN. Only set to
- * PASS_THROUGH if you have already removed any possibly dangerous code
- * from $title using a function like check_plain() or filter_xss(). With this
- * flag the string will be passed through unchanged.
- *
- * @return
- * The updated title of the current page.
- */
-function drupal_set_title($title = NULL, $output = CHECK_PLAIN) {
- $stored_title = &drupal_static(__FUNCTION__);
-
- if (isset($title)) {
- $stored_title = ($output == PASS_THROUGH) ? $title : check_plain($title);
- }
-
- return $stored_title;
-}
-
-/**
- * Checks to see if an IP address has been blocked.
- *
- * Blocked IP addresses are stored in the database by default. However for
- * performance reasons we allow an override in settings.php. This allows us
- * to avoid querying the database at this critical stage of the bootstrap if
- * an administrative interface for IP address blocking is not required.
- *
- * @param $ip
- * IP address to check.
- *
- * @return bool
- * TRUE if access is denied, FALSE if access is allowed.
- */
-function drupal_is_denied($ip) {
- // Because this function is called on every page request, we first check
- // for an array of IP addresses in settings.php before querying the
- // database.
- $blocked_ips = variable_get('blocked_ips');
- $denied = FALSE;
- if (isset($blocked_ips) && is_array($blocked_ips)) {
- $denied = in_array($ip, $blocked_ips);
- }
- // Only check if database.inc is loaded already. If
- // $conf['page_cache_without_database'] = TRUE; is set in settings.php,
- // then the database won't be loaded here so the IPs in the database
- // won't be denied. However the user asked explicitly not to use the
- // database and also in this case it's quite likely that the user relies
- // on higher performance solutions like a firewall.
- elseif (class_exists('Database', FALSE)) {
- $denied = (bool)db_query("SELECT 1 FROM {blocked_ips} WHERE ip = :ip", array(':ip' => $ip))->fetchField();
- }
- return $denied;
-}
-
-/**
- * Handles denied users.
- *
- * @param $ip
- * IP address to check. Prints a message and exits if access is denied.
- */
-function drupal_block_denied($ip) {
- // Deny access to blocked IP addresses - t() is not yet available.
- if (drupal_is_denied($ip)) {
- header($_SERVER['SERVER_PROTOCOL'] . ' 403 Forbidden');
- print 'Sorry, ' . check_plain(ip_address()) . ' has been banned.';
- exit();
- }
-}
-
-/**
- * Returns a URL-safe, base64 encoded string of highly randomized bytes (over the full 8-bit range).
- *
- * @param $byte_count
- * The number of random bytes to fetch and base64 encode.
- *
- * @return string
- * The base64 encoded result will have a length of up to 4 * $byte_count.
- */
-function drupal_random_key($byte_count = 32) {
- return drupal_base64_encode(drupal_random_bytes($byte_count));
-}
-
-/**
- * Returns a URL-safe, base64 encoded version of the supplied string.
- *
- * @param $string
- * The string to convert to base64.
- *
- * @return string
- */
-function drupal_base64_encode($string) {
- $data = base64_encode($string);
- // Modify the output so it's safe to use in URLs.
- return strtr($data, array('+' => '-', '/' => '_', '=' => ''));
-}
-
-/**
- * Returns a string of highly randomized bytes (over the full 8-bit range).
- *
- * This function is better than simply calling mt_rand() or any other built-in
- * PHP function because it can return a long string of bytes (compared to < 4
- * bytes normally from mt_rand()) and uses the best available pseudo-random
- * source.
- *
- * @param $count
- * The number of characters (bytes) to return in the string.
- */
-function drupal_random_bytes($count) {
- // $random_state does not use drupal_static as it stores random bytes.
- static $random_state, $bytes, $has_openssl;
-
- $missing_bytes = $count - strlen($bytes);
-
- if ($missing_bytes > 0) {
- // PHP versions prior 5.3.4 experienced openssl_random_pseudo_bytes()
- // locking on Windows and rendered it unusable.
- if (!isset($has_openssl)) {
- $has_openssl = version_compare(PHP_VERSION, '5.3.4', '>=') && function_exists('openssl_random_pseudo_bytes');
- }
-
- // openssl_random_pseudo_bytes() will find entropy in a system-dependent
- // way.
- if ($has_openssl) {
- $bytes .= openssl_random_pseudo_bytes($missing_bytes);
- }
-
- // Else, read directly from /dev/urandom, which is available on many *nix
- // systems and is considered cryptographically secure.
- elseif ($fh = @fopen('/dev/urandom', 'rb')) {
- // PHP only performs buffered reads, so in reality it will always read
- // at least 4096 bytes. Thus, it costs nothing extra to read and store
- // that much so as to speed any additional invocations.
- $bytes .= fread($fh, max(4096, $missing_bytes));
- fclose($fh);
- }
-
- // If we couldn't get enough entropy, this simple hash-based PRNG will
- // generate a good set of pseudo-random bytes on any system.
- // Note that it may be important that our $random_state is passed
- // through hash() prior to being rolled into $output, that the two hash()
- // invocations are different, and that the extra input into the first one -
- // the microtime() - is prepended rather than appended. This is to avoid
- // directly leaking $random_state via the $output stream, which could
- // allow for trivial prediction of further "random" numbers.
- if (strlen($bytes) < $count) {
- // Initialize on the first call. The contents of $_SERVER includes a mix of
- // user-specific and system information that varies a little with each page.
- if (!isset($random_state)) {
- $random_state = print_r($_SERVER, TRUE);
- if (function_exists('getmypid')) {
- // Further initialize with the somewhat random PHP process ID.
- $random_state .= getmypid();
- }
- $bytes = '';
- }
-
- do {
- $random_state = hash('sha256', microtime() . mt_rand() . $random_state);
- $bytes .= hash('sha256', mt_rand() . $random_state, TRUE);
- }
- while (strlen($bytes) < $count);
- }
- }
- $output = substr($bytes, 0, $count);
- $bytes = substr($bytes, $count);
- return $output;
-}
-
-/**
- * Calculates a base-64 encoded, URL-safe sha-256 hmac.
- *
- * @param string $data
- * String to be validated with the hmac.
- * @param string $key
- * A secret string key.
- *
- * @return string
- * A base-64 encoded sha-256 hmac, with + replaced with -, / with _ and
- * any = padding characters removed.
- */
-function drupal_hmac_base64($data, $key) {
- // Casting $data and $key to strings here is necessary to avoid empty string
- // results of the hash function if they are not scalar values. As this
- // function is used in security-critical contexts like token validation it is
- // important that it never returns an empty string.
- $hmac = base64_encode(hash_hmac('sha256', (string) $data, (string) $key, TRUE));
- // Modify the hmac so it's safe to use in URLs.
- return strtr($hmac, array('+' => '-', '/' => '_', '=' => ''));
-}
-
-/**
- * Calculates a base-64 encoded, URL-safe sha-256 hash.
- *
- * @param $data
- * String to be hashed.
- *
- * @return
- * A base-64 encoded sha-256 hash, with + replaced with -, / with _ and
- * any = padding characters removed.
- */
-function drupal_hash_base64($data) {
- $hash = base64_encode(hash('sha256', $data, TRUE));
- // Modify the hash so it's safe to use in URLs.
- return strtr($hash, array('+' => '-', '/' => '_', '=' => ''));
-}
-
-/**
- * Merges multiple arrays, recursively, and returns the merged array.
- *
- * This function is similar to PHP's array_merge_recursive() function, but it
- * handles non-array values differently. When merging values that are not both
- * arrays, the latter value replaces the former rather than merging with it.
- *
- * Example:
- * @code
- * $link_options_1 = array('fragment' => 'x', 'attributes' => array('title' => t('X'), 'class' => array('a', 'b')));
- * $link_options_2 = array('fragment' => 'y', 'attributes' => array('title' => t('Y'), 'class' => array('c', 'd')));
- *
- * // This results in array('fragment' => array('x', 'y'), 'attributes' => array('title' => array(t('X'), t('Y')), 'class' => array('a', 'b', 'c', 'd'))).
- * $incorrect = array_merge_recursive($link_options_1, $link_options_2);
- *
- * // This results in array('fragment' => 'y', 'attributes' => array('title' => t('Y'), 'class' => array('a', 'b', 'c', 'd'))).
- * $correct = drupal_array_merge_deep($link_options_1, $link_options_2);
- * @endcode
- *
- * @param ...
- * Arrays to merge.
- *
- * @return
- * The merged array.
- *
- * @see drupal_array_merge_deep_array()
- */
-function drupal_array_merge_deep() {
- $args = func_get_args();
- return drupal_array_merge_deep_array($args);
-}
-
-/**
- * Merges multiple arrays, recursively, and returns the merged array.
- *
- * This function is equivalent to drupal_array_merge_deep(), except the
- * input arrays are passed as a single array parameter rather than a variable
- * parameter list.
- *
- * The following are equivalent:
- * - drupal_array_merge_deep($a, $b);
- * - drupal_array_merge_deep_array(array($a, $b));
- *
- * The following are also equivalent:
- * - call_user_func_array('drupal_array_merge_deep', $arrays_to_merge);
- * - drupal_array_merge_deep_array($arrays_to_merge);
- *
- * @see drupal_array_merge_deep()
- */
-function drupal_array_merge_deep_array($arrays) {
- $result = array();
-
- foreach ($arrays as $array) {
- foreach ($array as $key => $value) {
- // Renumber integer keys as array_merge_recursive() does. Note that PHP
- // automatically converts array keys that are integer strings (e.g., '1')
- // to integers.
- if (is_integer($key)) {
- $result[] = $value;
- }
- // Recurse when both values are arrays.
- elseif (isset($result[$key]) && is_array($result[$key]) && is_array($value)) {
- $result[$key] = drupal_array_merge_deep_array(array($result[$key], $value));
- }
- // Otherwise, use the latter value, overriding any previous value.
- else {
- $result[$key] = $value;
- }
- }
- }
-
- return $result;
-}
-
-/**
- * Generates a default anonymous $user object.
- *
- * @return Object - the user object.
- */
-function drupal_anonymous_user() {
- $user = variable_get('drupal_anonymous_user_object', new stdClass);
- $user->uid = 0;
- $user->hostname = ip_address();
- $user->roles = array();
- $user->roles[DRUPAL_ANONYMOUS_RID] = 'anonymous user';
- $user->cache = 0;
- return $user;
-}
-
-/**
- * Ensures Drupal is bootstrapped to the specified phase.
- *
- * In order to bootstrap Drupal from another PHP script, you can use this code:
- * @code
- * define('DRUPAL_ROOT', '/path/to/drupal');
- * require_once DRUPAL_ROOT . '/includes/bootstrap.inc';
- * drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL);
- * @endcode
- *
- * @param int $phase
- * A constant telling which phase to bootstrap to. When you bootstrap to a
- * particular phase, all earlier phases are run automatically. Possible
- * values:
- * - DRUPAL_BOOTSTRAP_CONFIGURATION: Initializes configuration.
- * - DRUPAL_BOOTSTRAP_PAGE_CACHE: Tries to serve a cached page.
- * - DRUPAL_BOOTSTRAP_DATABASE: Initializes the database layer.
- * - DRUPAL_BOOTSTRAP_VARIABLES: Initializes the variable system.
- * - DRUPAL_BOOTSTRAP_SESSION: Initializes session handling.
- * - DRUPAL_BOOTSTRAP_PAGE_HEADER: Sets up the page header.
- * - DRUPAL_BOOTSTRAP_LANGUAGE: Finds out the language of the page.
- * - DRUPAL_BOOTSTRAP_FULL: Fully loads Drupal. Validates and fixes input
- * data.
- * @param boolean $new_phase
- * A boolean, set to FALSE if calling drupal_bootstrap from inside a
- * function called from drupal_bootstrap (recursion).
- *
- * @return int
- * The most recently completed phase.
- */
-function drupal_bootstrap($phase = NULL, $new_phase = TRUE) {
- // Not drupal_static(), because does not depend on any run-time information.
- static $phases = array(
- DRUPAL_BOOTSTRAP_CONFIGURATION,
- DRUPAL_BOOTSTRAP_PAGE_CACHE,
- DRUPAL_BOOTSTRAP_DATABASE,
- DRUPAL_BOOTSTRAP_VARIABLES,
- DRUPAL_BOOTSTRAP_SESSION,
- DRUPAL_BOOTSTRAP_PAGE_HEADER,
- DRUPAL_BOOTSTRAP_LANGUAGE,
- DRUPAL_BOOTSTRAP_FULL,
- );
- // Not drupal_static(), because the only legitimate API to control this is to
- // call drupal_bootstrap() with a new phase parameter.
- static $final_phase;
- // Not drupal_static(), because it's impossible to roll back to an earlier
- // bootstrap state.
- static $stored_phase = -1;
-
- if (isset($phase)) {
- // When not recursing, store the phase name so it's not forgotten while
- // recursing but take care of not going backwards.
- if ($new_phase && $phase >= $stored_phase) {
- $final_phase = $phase;
- }
-
- // Call a phase if it has not been called before and is below the requested
- // phase.
- while ($phases && $phase > $stored_phase && $final_phase > $stored_phase) {
- $current_phase = array_shift($phases);
-
- // This function is re-entrant. Only update the completed phase when the
- // current call actually resulted in a progress in the bootstrap process.
- if ($current_phase > $stored_phase) {
- $stored_phase = $current_phase;
- }
-
- switch ($current_phase) {
- case DRUPAL_BOOTSTRAP_CONFIGURATION:
- _drupal_bootstrap_configuration();
- break;
-
- case DRUPAL_BOOTSTRAP_PAGE_CACHE:
- _drupal_bootstrap_page_cache();
- break;
-
- case DRUPAL_BOOTSTRAP_DATABASE:
- _drupal_bootstrap_database();
- break;
-
- case DRUPAL_BOOTSTRAP_VARIABLES:
- _drupal_bootstrap_variables();
- break;
-
- case DRUPAL_BOOTSTRAP_SESSION:
- require_once DRUPAL_ROOT . '/' . variable_get('session_inc', 'includes/session.inc');
- drupal_session_initialize();
- break;
-
- case DRUPAL_BOOTSTRAP_PAGE_HEADER:
- _drupal_bootstrap_page_header();
- break;
-
- case DRUPAL_BOOTSTRAP_LANGUAGE:
- drupal_language_initialize();
- break;
-
- case DRUPAL_BOOTSTRAP_FULL:
- require_once DRUPAL_ROOT . '/includes/common.inc';
- _drupal_bootstrap_full();
- break;
- }
- }
- }
- return $stored_phase;
-}
-
-/**
- * Returns the time zone of the current user.
- */
-function drupal_get_user_timezone() {
- global $user;
- if (variable_get('configurable_timezones', 1) && $user->uid && $user->timezone) {
- return $user->timezone;
- }
- else {
- // Ignore PHP strict notice if time zone has not yet been set in the php.ini
- // configuration.
- return variable_get('date_default_timezone', @date_default_timezone_get());
- }
-}
-
-/**
- * Gets a salt useful for hardening against SQL injection.
- *
- * @return
- * A salt based on information in settings.php, not in the database.
- */
-function drupal_get_hash_salt() {
- global $drupal_hash_salt, $databases;
- // If the $drupal_hash_salt variable is empty, a hash of the serialized
- // database credentials is used as a fallback salt.
- return empty($drupal_hash_salt) ? hash('sha256', serialize($databases)) : $drupal_hash_salt;
-}
-
-/**
- * Provides custom PHP error handling.
- *
- * @param $error_level
- * The level of the error raised.
- * @param $message
- * The error message.
- * @param $filename
- * The filename that the error was raised in.
- * @param $line
- * The line number the error was raised at.
- * @param $context
- * An array that points to the active symbol table at the point the error
- * occurred.
- */
-function _drupal_error_handler($error_level, $message, $filename, $line, $context) {
- require_once DRUPAL_ROOT . '/includes/errors.inc';
- _drupal_error_handler_real($error_level, $message, $filename, $line, $context);
-}
-
-/**
- * Provides custom PHP exception handling.
- *
- * Uncaught exceptions are those not enclosed in a try/catch block. They are
- * always fatal: the execution of the script will stop as soon as the exception
- * handler exits.
- *
- * @param $exception
- * The exception object that was thrown.
- */
-function _drupal_exception_handler($exception) {
- require_once DRUPAL_ROOT . '/includes/errors.inc';
-
- try {
- // Log the message to the watchdog and return an error page to the user.
- _drupal_log_error(_drupal_decode_exception($exception), TRUE);
- }
- catch (Exception $exception2) {
- // Another uncaught exception was thrown while handling the first one.
- // If we are displaying errors, then do so with no possibility of a further uncaught exception being thrown.
- if (error_displayable()) {
- print 'Additional uncaught exception thrown while handling exception. ';
- print 'Original ' . _drupal_render_exception_safe($exception) . '
';
- print 'Additional ' . _drupal_render_exception_safe($exception2) . '
404 Not Found Not Found The requested URL "@path" was not found on this server.
');
- // Replace @path in the variable with the page path.
- print strtr($fast_404_html, array('@path' => check_plain(request_uri())));
- exit;
- }
- }
-}
-
-/**
- * Returns TRUE if a Drupal installation is currently being attempted.
- */
-function drupal_installation_attempted() {
- return defined('MAINTENANCE_MODE') && MAINTENANCE_MODE == 'install';
-}
-
-/**
- * Returns the name of the proper localization function.
- *
- * get_t() exists to support localization for code that might run during
- * the installation phase, when some elements of the system might not have
- * loaded.
- *
- * This would include implementations of hook_install(), which could run
- * during the Drupal installation phase, and might also be run during
- * non-installation time, such as while installing the module from the
- * module administration page.
- *
- * Example usage:
- * @code
- * $t = get_t();
- * $translated = $t('translate this');
- * @endcode
- *
- * Use t() if your code will never run during the Drupal installation phase.
- * Use st() if your code will only run during installation and never any other
- * time. Use get_t() if your code could run in either circumstance.
- *
- * @see t()
- * @see st()
- * @ingroup sanitization
- */
-function get_t() {
- static $t;
- // This is not converted to drupal_static because there is no point in
- // resetting this as it can not change in the course of a request.
- if (!isset($t)) {
- $t = drupal_installation_attempted() ? 'st' : 't';
- }
- return $t;
-}
-
-/**
- * Initializes all the defined language types.
- */
-function drupal_language_initialize() {
- $types = language_types();
-
- // Ensure the language is correctly returned, even without multilanguage
- // support. Also make sure we have a $language fallback, in case a language
- // negotiation callback needs to do a full bootstrap.
- // Useful for eg. XML/HTML 'lang' attributes.
- $default = language_default();
- foreach ($types as $type) {
- $GLOBALS[$type] = $default;
- }
- if (drupal_multilingual()) {
- include_once DRUPAL_ROOT . '/includes/language.inc';
- foreach ($types as $type) {
- $GLOBALS[$type] = language_initialize($type);
- }
- // Allow modules to react on language system initialization in multilingual
- // environments.
- bootstrap_invoke_all('language_init');
- }
-}
-
-/**
- * Returns a list of the built-in language types.
- *
- * @return
- * An array of key-values pairs where the key is the language type and the
- * value is its configurability.
- */
-function drupal_language_types() {
- return array(
- LANGUAGE_TYPE_INTERFACE => TRUE,
- LANGUAGE_TYPE_CONTENT => FALSE,
- LANGUAGE_TYPE_URL => FALSE,
- );
-}
-
-/**
- * Returns TRUE if there is more than one language enabled.
- *
- * @return
- * TRUE if more than one language is enabled.
- */
-function drupal_multilingual() {
- // The "language_count" variable stores the number of enabled languages to
- // avoid unnecessarily querying the database when building the list of
- // enabled languages on monolingual sites.
- return variable_get('language_count', 1) > 1;
-}
-
-/**
- * Returns an array of the available language types.
- *
- * @return
- * An array of all language types where the keys of each are the language type
- * name and its value is its configurability (TRUE/FALSE).
- */
-function language_types() {
- return array_keys(variable_get('language_types', drupal_language_types()));
-}
-
-/**
- * Returns a list of installed languages, indexed by the specified key.
- *
- * @param $field
- * (optional) The field to index the list with.
- *
- * @return
- * An associative array, keyed on the values of $field.
- * - If $field is 'weight' or 'enabled', the array is nested, with the outer
- * array's values each being associative arrays with language codes as
- * keys and language objects as values.
- * - For all other values of $field, the array is only one level deep, and
- * the array's values are language objects.
- */
-function language_list($field = 'language') {
- $languages = &drupal_static(__FUNCTION__);
- // Init language list
- if (!isset($languages)) {
- if (drupal_multilingual() || module_exists('locale')) {
- $languages['language'] = db_query('SELECT * FROM {languages} ORDER BY weight ASC, name ASC')->fetchAllAssoc('language');
- // Users cannot uninstall the native English language. However, we allow
- // it to be hidden from the installed languages. Therefore, at least one
- // other language must be enabled then.
- if (!$languages['language']['en']->enabled && !variable_get('language_native_enabled', TRUE)) {
- unset($languages['language']['en']);
- }
- }
- else {
- // No locale module, so use the default language only.
- $default = language_default();
- $languages['language'][$default->language] = $default;
- }
- }
-
- // Return the array indexed by the right field
- if (!isset($languages[$field])) {
- $languages[$field] = array();
- foreach ($languages['language'] as $lang) {
- // Some values should be collected into an array
- if (in_array($field, array('enabled', 'weight'))) {
- $languages[$field][$lang->$field][$lang->language] = $lang;
- }
- else {
- $languages[$field][$lang->$field] = $lang;
- }
- }
- }
- return $languages[$field];
-}
-
-/**
- * Returns the default language used on the site
- *
- * @param $property
- * Optional property of the language object to return
- */
-function language_default($property = NULL) {
- $language = variable_get('language_default', (object) array('language' => 'en', 'name' => 'English', 'native' => 'English', 'direction' => 0, 'enabled' => 1, 'plurals' => 0, 'formula' => '', 'domain' => '', 'prefix' => '', 'weight' => 0, 'javascript' => ''));
- return $property ? $language->$property : $language;
-}
-
-/**
- * Returns the requested URL path of the page being viewed.
- *
- * Examples:
- * - http://example.com/node/306 returns "node/306".
- * - http://example.com/drupalfolder/node/306 returns "node/306" while
- * base_path() returns "/drupalfolder/".
- * - http://example.com/path/alias (which is a path alias for node/306) returns
- * "path/alias" as opposed to the internal path.
- * - http://example.com/index.php returns an empty string (meaning: front page).
- * - http://example.com/index.php?page=1 returns an empty string.
- *
- * @return
- * The requested Drupal URL path.
- *
- * @see current_path()
- */
-function request_path() {
- static $path;
-
- if (isset($path)) {
- return $path;
- }
-
- if (isset($_GET['q']) && is_string($_GET['q'])) {
- // This is a request with a ?q=foo/bar query string. $_GET['q'] is
- // overwritten in drupal_path_initialize(), but request_path() is called
- // very early in the bootstrap process, so the original value is saved in
- // $path and returned in later calls.
- $path = $_GET['q'];
- }
- elseif (isset($_SERVER['REQUEST_URI'])) {
- // This request is either a clean URL, or 'index.php', or nonsense.
- // Extract the path from REQUEST_URI.
- $request_path = strtok($_SERVER['REQUEST_URI'], '?');
- $base_path_len = strlen(rtrim(dirname($_SERVER['SCRIPT_NAME']), '\/'));
- // Unescape and strip $base_path prefix, leaving q without a leading slash.
- $path = substr(urldecode($request_path), $base_path_len + 1);
- // If the path equals the script filename, either because 'index.php' was
- // explicitly provided in the URL, or because the server added it to
- // $_SERVER['REQUEST_URI'] even when it wasn't provided in the URL (some
- // versions of Microsoft IIS do this), the front page should be served.
- if ($path == basename($_SERVER['PHP_SELF'])) {
- $path = '';
- }
- }
- else {
- // This is the front page.
- $path = '';
- }
-
- // Under certain conditions Apache's RewriteRule directive prepends the value
- // assigned to $_GET['q'] with a slash. Moreover we can always have a trailing
- // slash in place, hence we need to normalize $_GET['q'].
- $path = trim($path, '/');
-
- return $path;
-}
-
-/**
- * Returns a component of the current Drupal path.
- *
- * When viewing a page at the path "admin/structure/types", for example, arg(0)
- * returns "admin", arg(1) returns "structure", and arg(2) returns "types".
- *
- * Avoid use of this function where possible, as resulting code is hard to
- * read. In menu callback functions, attempt to use named arguments. See the
- * explanation in menu.inc for how to construct callbacks that take arguments.
- * When attempting to use this function to load an element from the current
- * path, e.g. loading the node on a node page, use menu_get_object() instead.
- *
- * @param $index
- * The index of the component, where each component is separated by a '/'
- * (forward-slash), and where the first component has an index of 0 (zero).
- * @param $path
- * A path to break into components. Defaults to the path of the current page.
- *
- * @return
- * The component specified by $index, or NULL if the specified component was
- * not found. If called without arguments, it returns an array containing all
- * the components of the current path.
- */
-function arg($index = NULL, $path = NULL) {
- // Even though $arguments doesn't need to be resettable for any functional
- // reasons (the result of explode() does not depend on any run-time
- // information), it should be resettable anyway in case a module needs to
- // free up the memory used by it.
- // Use the advanced drupal_static() pattern, since this is called very often.
- static $drupal_static_fast;
- if (!isset($drupal_static_fast)) {
- $drupal_static_fast['arguments'] = &drupal_static(__FUNCTION__);
- }
- $arguments = &$drupal_static_fast['arguments'];
-
- if (!isset($path)) {
- $path = $_GET['q'];
- }
- if (!isset($arguments[$path])) {
- $arguments[$path] = explode('/', $path);
- }
- if (!isset($index)) {
- return $arguments[$path];
- }
- if (isset($arguments[$path][$index])) {
- return $arguments[$path][$index];
- }
-}
-
-/**
- * Returns the IP address of the client machine.
- *
- * If Drupal is behind a reverse proxy, we use the X-Forwarded-For header
- * instead of $_SERVER['REMOTE_ADDR'], which would be the IP address of
- * the proxy server, and not the client's. The actual header name can be
- * configured by the reverse_proxy_header variable.
- *
- * @return
- * IP address of client machine, adjusted for reverse proxy and/or cluster
- * environments.
- */
-function ip_address() {
- $ip_address = &drupal_static(__FUNCTION__);
-
- if (!isset($ip_address)) {
- $ip_address = $_SERVER['REMOTE_ADDR'];
-
- if (variable_get('reverse_proxy', 0)) {
- $reverse_proxy_header = variable_get('reverse_proxy_header', 'HTTP_X_FORWARDED_FOR');
- if (!empty($_SERVER[$reverse_proxy_header])) {
- // If an array of known reverse proxy IPs is provided, then trust
- // the XFF header if request really comes from one of them.
- $reverse_proxy_addresses = variable_get('reverse_proxy_addresses', array());
-
- // Turn XFF header into an array.
- $forwarded = explode(',', $_SERVER[$reverse_proxy_header]);
-
- // Trim the forwarded IPs; they may have been delimited by commas and spaces.
- $forwarded = array_map('trim', $forwarded);
-
- // Tack direct client IP onto end of forwarded array.
- $forwarded[] = $ip_address;
-
- // Eliminate all trusted IPs.
- $untrusted = array_diff($forwarded, $reverse_proxy_addresses);
-
- // The right-most IP is the most specific we can trust.
- $ip_address = array_pop($untrusted);
- }
- }
- }
-
- return $ip_address;
-}
-
-/**
- * @addtogroup schemaapi
- * @{
- */
-
-/**
- * Gets the schema definition of a table, or the whole database schema.
- *
- * The returned schema will include any modifications made by any
- * module that implements hook_schema_alter().
- *
- * @param $table
- * The name of the table. If not given, the schema of all tables is returned.
- * @param $rebuild
- * If true, the schema will be rebuilt instead of retrieved from the cache.
- */
-function drupal_get_schema($table = NULL, $rebuild = FALSE) {
- static $schema;
-
- if ($rebuild || !isset($table)) {
- $schema = drupal_get_complete_schema($rebuild);
- }
- elseif (!isset($schema)) {
- $schema = new SchemaCache();
- }
-
- if (!isset($table)) {
- return $schema;
- }
- if (isset($schema[$table])) {
- return $schema[$table];
- }
- else {
- return FALSE;
- }
-}
-
-/**
- * Extends DrupalCacheArray to allow for dynamic building of the schema cache.
- */
-class SchemaCache extends DrupalCacheArray {
-
- /**
- * Constructs a SchemaCache object.
- */
- public function __construct() {
- // Cache by request method.
- parent::__construct('schema:runtime:' . ($_SERVER['REQUEST_METHOD'] == 'GET'), 'cache');
- }
-
- /**
- * Overrides DrupalCacheArray::resolveCacheMiss().
- */
- protected function resolveCacheMiss($offset) {
- $complete_schema = drupal_get_complete_schema();
- $value = isset($complete_schema[$offset]) ? $complete_schema[$offset] : NULL;
- $this->storage[$offset] = $value;
- $this->persist($offset);
- return $value;
- }
-}
-
-/**
- * Gets the whole database schema.
- *
- * The returned schema will include any modifications made by any
- * module that implements hook_schema_alter().
- *
- * @param $rebuild
- * If true, the schema will be rebuilt instead of retrieved from the cache.
- */
-function drupal_get_complete_schema($rebuild = FALSE) {
- static $schema = array();
-
- if (empty($schema) || $rebuild) {
- // Try to load the schema from cache.
- if (!$rebuild && $cached = cache_get('schema')) {
- $schema = $cached->data;
- }
- // Otherwise, rebuild the schema cache.
- else {
- $schema = array();
- // Load the .install files to get hook_schema.
- // On some databases this function may be called before bootstrap has
- // been completed, so we force the functions we need to load just in case.
- if (function_exists('module_load_all_includes')) {
- // This function can be called very early in the bootstrap process, so
- // we force the module_list() cache to be refreshed to ensure that it
- // contains the complete list of modules before we go on to call
- // module_load_all_includes().
- module_list(TRUE);
- module_load_all_includes('install');
- }
-
- require_once DRUPAL_ROOT . '/includes/common.inc';
- // Invoke hook_schema for all modules.
- foreach (module_implements('schema') as $module) {
- // Cast the result of hook_schema() to an array, as a NULL return value
- // would cause array_merge() to set the $schema variable to NULL as well.
- // That would break modules which use $schema further down the line.
- $current = (array) module_invoke($module, 'schema');
- // Set 'module' and 'name' keys for each table, and remove descriptions,
- // as they needlessly slow down cache_get() for every single request.
- _drupal_schema_initialize($current, $module);
- $schema = array_merge($schema, $current);
- }
-
- drupal_alter('schema', $schema);
- // If the schema is empty, avoid saving it: some database engines require
- // the schema to perform queries, and this could lead to infinite loops.
- if (!empty($schema) && (drupal_get_bootstrap_phase() == DRUPAL_BOOTSTRAP_FULL)) {
- cache_set('schema', $schema);
- }
- if ($rebuild) {
- cache_clear_all('schema:', 'cache', TRUE);
- }
- }
- }
-
- return $schema;
-}
-
-/**
- * @} End of "addtogroup schemaapi".
- */
-
-
-/**
- * @addtogroup registry
- * @{
- */
-
-/**
- * Confirms that an interface is available.
- *
- * This function is rarely called directly. Instead, it is registered as an
- * spl_autoload() handler, and PHP calls it for us when necessary.
- *
- * @param $interface
- * The name of the interface to check or load.
- *
- * @return
- * TRUE if the interface is currently available, FALSE otherwise.
- */
-function drupal_autoload_interface($interface) {
- return _registry_check_code('interface', $interface);
-}
-
-/**
- * Confirms that a class is available.
- *
- * This function is rarely called directly. Instead, it is registered as an
- * spl_autoload() handler, and PHP calls it for us when necessary.
- *
- * @param $class
- * The name of the class to check or load.
- *
- * @return
- * TRUE if the class is currently available, FALSE otherwise.
- */
-function drupal_autoload_class($class) {
- return _registry_check_code('class', $class);
-}
-
-/**
- * Checks for a resource in the registry.
- *
- * @param $type
- * The type of resource we are looking up, or one of the constants
- * REGISTRY_RESET_LOOKUP_CACHE or REGISTRY_WRITE_LOOKUP_CACHE, which
- * signal that we should reset or write the cache, respectively.
- * @param $name
- * The name of the resource, or NULL if either of the REGISTRY_* constants
- * is passed in.
- *
- * @return
- * TRUE if the resource was found, FALSE if not.
- * NULL if either of the REGISTRY_* constants is passed in as $type.
- */
-function _registry_check_code($type, $name = NULL) {
- static $lookup_cache, $cache_update_needed;
-
- if ($type == 'class' && class_exists($name) || $type == 'interface' && interface_exists($name)) {
- return TRUE;
- }
-
- if (!isset($lookup_cache)) {
- $lookup_cache = array();
- if ($cache = cache_get('lookup_cache', 'cache_bootstrap')) {
- $lookup_cache = $cache->data;
- }
- }
-
- // When we rebuild the registry, we need to reset this cache so
- // we don't keep lookups for resources that changed during the rebuild.
- if ($type == REGISTRY_RESET_LOOKUP_CACHE) {
- $cache_update_needed = TRUE;
- $lookup_cache = NULL;
- return;
- }
-
- // Called from drupal_page_footer, we write to permanent storage if there
- // changes to the lookup cache for this request.
- if ($type == REGISTRY_WRITE_LOOKUP_CACHE) {
- if ($cache_update_needed) {
- cache_set('lookup_cache', $lookup_cache, 'cache_bootstrap');
- }
- return;
- }
-
- // $type is either 'interface' or 'class', so we only need the first letter to
- // keep the cache key unique.
- $cache_key = $type[0] . $name;
- if (isset($lookup_cache[$cache_key])) {
- if ($lookup_cache[$cache_key]) {
- require_once DRUPAL_ROOT . '/' . $lookup_cache[$cache_key];
- }
- return (bool) $lookup_cache[$cache_key];
- }
-
- // This function may get called when the default database is not active, but
- // there is no reason we'd ever want to not use the default database for
- // this query.
- $file = Database::getConnection('default', 'default')
- ->select('registry', 'r', array('target' => 'default'))
- ->fields('r', array('filename'))
- // Use LIKE here to make the query case-insensitive.
- ->condition('r.name', db_like($name), 'LIKE')
- ->condition('r.type', $type)
- ->execute()
- ->fetchField();
-
- // Flag that we've run a lookup query and need to update the cache.
- $cache_update_needed = TRUE;
-
- // Misses are valuable information worth caching, so cache even if
- // $file is FALSE.
- $lookup_cache[$cache_key] = $file;
-
- if ($file) {
- require_once DRUPAL_ROOT . '/' . $file;
- return TRUE;
- }
- else {
- return FALSE;
- }
-}
-
-/**
- * Rescans all enabled modules and rebuilds the registry.
- *
- * Rescans all code in modules or includes directories, storing the location of
- * each interface or class in the database.
- */
-function registry_rebuild() {
- system_rebuild_module_data();
- registry_update();
-}
-
-/**
- * Updates the registry based on the latest files listed in the database.
- *
- * This function should be used when system_rebuild_module_data() does not need
- * to be called, because it is already known that the list of files in the
- * {system} table matches those in the file system.
- *
- * @return
- * TRUE if the registry was rebuilt, FALSE if another thread was rebuilding
- * in parallel and the current thread just waited for completion.
- *
- * @see registry_rebuild()
- */
-function registry_update() {
- // install_system_module() calls module_enable() which calls into this
- // function during initial system installation, so the lock system is neither
- // loaded nor does its storage exist yet.
- $in_installer = drupal_installation_attempted();
- if (!$in_installer && !lock_acquire(__FUNCTION__)) {
- // Another request got the lock, wait for it to finish.
- lock_wait(__FUNCTION__);
- return FALSE;
- }
-
- require_once DRUPAL_ROOT . '/includes/registry.inc';
- _registry_update();
-
- if (!$in_installer) {
- lock_release(__FUNCTION__);
- }
- return TRUE;
-}
-
-/**
- * @} End of "addtogroup registry".
- */
-
-/**
- * Provides central static variable storage.
- *
- * All functions requiring a static variable to persist or cache data within
- * a single page request are encouraged to use this function unless it is
- * absolutely certain that the static variable will not need to be reset during
- * the page request. By centralizing static variable storage through this
- * function, other functions can rely on a consistent API for resetting any
- * other function's static variables.
- *
- * Example:
- * @code
- * function language_list($field = 'language') {
- * $languages = &drupal_static(__FUNCTION__);
- * if (!isset($languages)) {
- * // If this function is being called for the first time after a reset,
- * // query the database and execute any other code needed to retrieve
- * // information about the supported languages.
- * ...
- * }
- * if (!isset($languages[$field])) {
- * // If this function is being called for the first time for a particular
- * // index field, then execute code needed to index the information already
- * // available in $languages by the desired field.
- * ...
- * }
- * // Subsequent invocations of this function for a particular index field
- * // skip the above two code blocks and quickly return the already indexed
- * // information.
- * return $languages[$field];
- * }
- * function locale_translate_overview_screen() {
- * // When building the content for the translations overview page, make
- * // sure to get completely fresh information about the supported languages.
- * drupal_static_reset('language_list');
- * ...
- * }
- * @endcode
- *
- * In a few cases, a function can have certainty that there is no legitimate
- * use-case for resetting that function's static variable. This is rare,
- * because when writing a function, it's hard to forecast all the situations in
- * which it will be used. A guideline is that if a function's static variable
- * does not depend on any information outside of the function that might change
- * during a single page request, then it's ok to use the "static" keyword
- * instead of the drupal_static() function.
- *
- * Example:
- * @code
- * function actions_do(...) {
- * // $stack tracks the number of recursive calls.
- * static $stack;
- * $stack++;
- * if ($stack > variable_get('actions_max_stack', 35)) {
- * ...
- * return;
- * }
- * ...
- * $stack--;
- * }
- * @endcode
- *
- * In a few cases, a function needs a resettable static variable, but the
- * function is called many times (100+) during a single page request, so
- * every microsecond of execution time that can be removed from the function
- * counts. These functions can use a more cumbersome, but faster variant of
- * calling drupal_static(). It works by storing the reference returned by
- * drupal_static() in the calling function's own static variable, thereby
- * removing the need to call drupal_static() for each iteration of the function.
- * Conceptually, it replaces:
- * @code
- * $foo = &drupal_static(__FUNCTION__);
- * @endcode
- * with:
- * @code
- * // Unfortunately, this does not work.
- * static $foo = &drupal_static(__FUNCTION__);
- * @endcode
- * However, the above line of code does not work, because PHP only allows static
- * variables to be initializied by literal values, and does not allow static
- * variables to be assigned to references.
- * - http://php.net/manual/language.variables.scope.php#language.variables.scope.static
- * - http://php.net/manual/language.variables.scope.php#language.variables.scope.references
- * The example below shows the syntax needed to work around both limitations.
- * For benchmarks and more information, see http://drupal.org/node/619666.
- *
- * Example:
- * @code
- * function user_access($string, $account = NULL) {
- * // Use the advanced drupal_static() pattern, since this is called very often.
- * static $drupal_static_fast;
- * if (!isset($drupal_static_fast)) {
- * $drupal_static_fast['perm'] = &drupal_static(__FUNCTION__);
- * }
- * $perm = &$drupal_static_fast['perm'];
- * ...
- * }
- * @endcode
- *
- * @param $name
- * Globally unique name for the variable. For a function with only one static,
- * variable, the function name (e.g. via the PHP magic __FUNCTION__ constant)
- * is recommended. For a function with multiple static variables add a
- * distinguishing suffix to the function name for each one.
- * @param $default_value
- * Optional default value.
- * @param $reset
- * TRUE to reset one or all variables(s). This parameter is only used
- * internally and should not be passed in; use drupal_static_reset() instead.
- * (This function's return value should not be used when TRUE is passed in.)
- *
- * @return
- * Returns a variable by reference.
- *
- * @see drupal_static_reset()
- */
-function &drupal_static($name, $default_value = NULL, $reset = FALSE) {
- static $data = array(), $default = array();
- // First check if dealing with a previously defined static variable.
- if (isset($data[$name]) || array_key_exists($name, $data)) {
- // Non-NULL $name and both $data[$name] and $default[$name] statics exist.
- if ($reset) {
- // Reset pre-existing static variable to its default value.
- $data[$name] = $default[$name];
- }
- return $data[$name];
- }
- // Neither $data[$name] nor $default[$name] static variables exist.
- if (isset($name)) {
- if ($reset) {
- // Reset was called before a default is set and yet a variable must be
- // returned.
- return $data;
- }
- // First call with new non-NULL $name. Initialize a new static variable.
- $default[$name] = $data[$name] = $default_value;
- return $data[$name];
- }
- // Reset all: ($name == NULL). This needs to be done one at a time so that
- // references returned by earlier invocations of drupal_static() also get
- // reset.
- foreach ($default as $name => $value) {
- $data[$name] = $value;
- }
- // As the function returns a reference, the return should always be a
- // variable.
- return $data;
-}
-
-/**
- * Resets one or all centrally stored static variable(s).
- *
- * @param $name
- * Name of the static variable to reset. Omit to reset all variables.
- * Resetting all variables should only be used, for example, for running unit
- * tests with a clean environment.
- */
-function drupal_static_reset($name = NULL) {
- drupal_static($name, NULL, TRUE);
-}
-
-/**
- * Detects whether the current script is running in a command-line environment.
- */
-function drupal_is_cli() {
- return (!isset($_SERVER['SERVER_SOFTWARE']) && (php_sapi_name() == 'cli' || (is_numeric($_SERVER['argc']) && $_SERVER['argc'] > 0)));
-}
-
-/**
- * Formats text for emphasized display in a placeholder inside a sentence.
- *
- * Used automatically by format_string().
- *
- * @param $text
- * The text to format (plain-text).
- *
- * @return
- * The formatted text (html).
- */
-function drupal_placeholder($text) {
- return '' . check_plain($text) . ' ';
-}
-
-/**
- * Registers a function for execution on shutdown.
- *
- * Wrapper for register_shutdown_function() that catches thrown exceptions to
- * avoid "Exception thrown without a stack frame in Unknown".
- *
- * @param $callback
- * The shutdown function to register.
- * @param ...
- * Additional arguments to pass to the shutdown function.
- *
- * @return
- * Array of shutdown functions to be executed.
- *
- * @see register_shutdown_function()
- * @ingroup php_wrappers
- */
-function &drupal_register_shutdown_function($callback = NULL) {
- // We cannot use drupal_static() here because the static cache is reset during
- // batch processing, which breaks batch handling.
- static $callbacks = array();
-
- if (isset($callback)) {
- // Only register the internal shutdown function once.
- if (empty($callbacks)) {
- register_shutdown_function('_drupal_shutdown_function');
- }
- $args = func_get_args();
- array_shift($args);
- // Save callback and arguments
- $callbacks[] = array('callback' => $callback, 'arguments' => $args);
- }
- return $callbacks;
-}
-
-/**
- * Executes registered shutdown functions.
- */
-function _drupal_shutdown_function() {
- $callbacks = &drupal_register_shutdown_function();
-
- // Set the CWD to DRUPAL_ROOT as it is not guaranteed to be the same as it
- // was in the normal context of execution.
- chdir(DRUPAL_ROOT);
-
- try {
- while (list($key, $callback) = each($callbacks)) {
- call_user_func_array($callback['callback'], $callback['arguments']);
- }
- }
- catch (Exception $exception) {
- // If we are displaying errors, then do so with no possibility of a further uncaught exception being thrown.
- require_once DRUPAL_ROOT . '/includes/errors.inc';
- if (error_displayable()) {
- print 'Uncaught exception thrown in shutdown function. ';
- print '' . _drupal_render_exception_safe($exception) . '
\n";
- $output .= ' ' . check_plain($title) . " \n";
- $output .= ' ' . check_plain(decode_entities(strip_tags($description))) . " \n";
- $output .= ' ' . check_plain($langcode) . " \n";
- $output .= format_xml_elements($args);
- $output .= $items;
- $output .= " \n";
-
- return $output;
-}
-
-/**
- * Formats a single RSS item.
- *
- * Arbitrary elements may be added using the $args associative array.
- */
-function format_rss_item($title, $link, $description, $args = array()) {
- $output = "- \n";
- $output .= '
' . check_plain($title) . " \n";
- $output .= ' ' . check_plain($description) . " \n";
- $output .= format_xml_elements($args);
- $output .= " \n";
-
- return $output;
-}
-
-/**
- * Formats XML elements.
- *
- * @param $array
- * An array where each item represents an element and is either a:
- * - (key => value) pair (value )
- * - Associative array with fields:
- * - 'key': element name
- * - 'value': element contents
- * - 'attributes': associative array of element attributes
- *
- * In both cases, 'value' can be a simple string, or it can be another array
- * with the same format as $array itself for nesting.
- */
-function format_xml_elements($array) {
- $output = '';
- foreach ($array as $key => $value) {
- if (is_numeric($key)) {
- if ($value['key']) {
- $output .= ' <' . $value['key'];
- if (isset($value['attributes']) && is_array($value['attributes'])) {
- $output .= drupal_attributes($value['attributes']);
- }
-
- if (isset($value['value']) && $value['value'] != '') {
- $output .= '>' . (is_array($value['value']) ? format_xml_elements($value['value']) : check_plain($value['value'])) . '\n";
- }
- else {
- $output .= " />\n";
- }
- }
- }
- else {
- $output .= ' <' . $key . '>' . (is_array($value) ? format_xml_elements($value) : check_plain($value)) . "\n";
- }
- }
- return $output;
-}
-
-/**
- * Formats a string containing a count of items.
- *
- * This function ensures that the string is pluralized correctly. Since t() is
- * called by this function, make sure not to pass already-localized strings to
- * it.
- *
- * For example:
- * @code
- * $output = format_plural($node->comment_count, '1 comment', '@count comments');
- * @endcode
- *
- * Example with additional replacements:
- * @code
- * $output = format_plural($update_count,
- * 'Changed the content type of 1 post from %old-type to %new-type.',
- * 'Changed the content type of @count posts from %old-type to %new-type.',
- * array('%old-type' => $info->old_type, '%new-type' => $info->new_type));
- * @endcode
- *
- * @param $count
- * The item count to display.
- * @param $singular
- * The string for the singular case. Make sure it is clear this is singular,
- * to ease translation (e.g. use "1 new comment" instead of "1 new"). Do not
- * use @count in the singular string.
- * @param $plural
- * The string for the plural case. Make sure it is clear this is plural, to
- * ease translation. Use @count in place of the item count, as in
- * "@count new comments".
- * @param $args
- * An associative array of replacements to make after translation. Instances
- * of any key in this array are replaced with the corresponding value.
- * Based on the first character of the key, the value is escaped and/or
- * themed. See format_string(). Note that you do not need to include @count
- * in this array; this replacement is done automatically for the plural case.
- * @param $options
- * An associative array of additional options. See t() for allowed keys.
- *
- * @return
- * A translated string.
- *
- * @see t()
- * @see format_string()
- */
-function format_plural($count, $singular, $plural, array $args = array(), array $options = array()) {
- $args['@count'] = $count;
- if ($count == 1) {
- return t($singular, $args, $options);
- }
-
- // Get the plural index through the gettext formula.
- $index = (function_exists('locale_get_plural')) ? locale_get_plural($count, isset($options['langcode']) ? $options['langcode'] : NULL) : -1;
- // If the index cannot be computed, use the plural as a fallback (which
- // allows for most flexiblity with the replaceable @count value).
- if ($index < 0) {
- return t($plural, $args, $options);
- }
- else {
- switch ($index) {
- case "0":
- return t($singular, $args, $options);
- case "1":
- return t($plural, $args, $options);
- default:
- unset($args['@count']);
- $args['@count[' . $index . ']'] = $count;
- return t(strtr($plural, array('@count' => '@count[' . $index . ']')), $args, $options);
- }
- }
-}
-
-/**
- * Parses a given byte count.
- *
- * @param $size
- * A size expressed as a number of bytes with optional SI or IEC binary unit
- * prefix (e.g. 2, 3K, 5MB, 10G, 6GiB, 8 bytes, 9mbytes).
- *
- * @return
- * An integer representation of the size in bytes.
- */
-function parse_size($size) {
- $unit = preg_replace('/[^bkmgtpezy]/i', '', $size); // Remove the non-unit characters from the size.
- $size = preg_replace('/[^0-9\.]/', '', $size); // Remove the non-numeric characters from the size.
- if ($unit) {
- // Find the position of the unit in the ordered string which is the power of magnitude to multiply a kilobyte by.
- return round($size * pow(DRUPAL_KILOBYTE, stripos('bkmgtpezy', $unit[0])));
- }
- else {
- return round($size);
- }
-}
-
-/**
- * Generates a string representation for the given byte count.
- *
- * @param $size
- * A size in bytes.
- * @param $langcode
- * Optional language code to translate to a language other than what is used
- * to display the page.
- *
- * @return
- * A translated string representation of the size.
- */
-function format_size($size, $langcode = NULL) {
- if ($size < DRUPAL_KILOBYTE) {
- return format_plural($size, '1 byte', '@count bytes', array(), array('langcode' => $langcode));
- }
- else {
- $size = $size / DRUPAL_KILOBYTE; // Convert bytes to kilobytes.
- $units = array(
- t('@size KB', array(), array('langcode' => $langcode)),
- t('@size MB', array(), array('langcode' => $langcode)),
- t('@size GB', array(), array('langcode' => $langcode)),
- t('@size TB', array(), array('langcode' => $langcode)),
- t('@size PB', array(), array('langcode' => $langcode)),
- t('@size EB', array(), array('langcode' => $langcode)),
- t('@size ZB', array(), array('langcode' => $langcode)),
- t('@size YB', array(), array('langcode' => $langcode)),
- );
- foreach ($units as $unit) {
- if (round($size, 2) >= DRUPAL_KILOBYTE) {
- $size = $size / DRUPAL_KILOBYTE;
- }
- else {
- break;
- }
- }
- return str_replace('@size', round($size, 2), $unit);
- }
-}
-
-/**
- * Formats a time interval with the requested granularity.
- *
- * @param $interval
- * The length of the interval in seconds.
- * @param $granularity
- * How many different units to display in the string.
- * @param $langcode
- * Optional language code to translate to a language other than
- * what is used to display the page.
- *
- * @return
- * A translated string representation of the interval.
- */
-function format_interval($interval, $granularity = 2, $langcode = NULL) {
- $units = array(
- '1 year|@count years' => 31536000,
- '1 month|@count months' => 2592000,
- '1 week|@count weeks' => 604800,
- '1 day|@count days' => 86400,
- '1 hour|@count hours' => 3600,
- '1 min|@count min' => 60,
- '1 sec|@count sec' => 1
- );
- $output = '';
- foreach ($units as $key => $value) {
- $key = explode('|', $key);
- if ($interval >= $value) {
- $output .= ($output ? ' ' : '') . format_plural(floor($interval / $value), $key[0], $key[1], array(), array('langcode' => $langcode));
- $interval %= $value;
- $granularity--;
- }
-
- if ($granularity == 0) {
- break;
- }
- }
- return $output ? $output : t('0 sec', array(), array('langcode' => $langcode));
-}
-
-/**
- * Formats a date, using a date type or a custom date format string.
- *
- * @param $timestamp
- * A UNIX timestamp to format.
- * @param $type
- * (optional) The format to use, one of:
- * - 'short', 'medium', or 'long' (the corresponding built-in date formats).
- * - The name of a date type defined by a module in hook_date_format_types(),
- * if it's been assigned a format.
- * - The machine name of an administrator-defined date format.
- * - 'custom', to use $format.
- * Defaults to 'medium'.
- * @param $format
- * (optional) If $type is 'custom', a PHP date format string suitable for
- * input to date(). Use a backslash to escape ordinary text, so it does not
- * get interpreted as date format characters.
- * @param $timezone
- * (optional) Time zone identifier, as described at
- * http://php.net/manual/timezones.php Defaults to the time zone used to
- * display the page.
- * @param $langcode
- * (optional) Language code to translate to. Defaults to the language used to
- * display the page.
- *
- * @return
- * A translated date string in the requested format.
- */
-function format_date($timestamp, $type = 'medium', $format = '', $timezone = NULL, $langcode = NULL) {
- // Use the advanced drupal_static() pattern, since this is called very often.
- static $drupal_static_fast;
- if (!isset($drupal_static_fast)) {
- $drupal_static_fast['timezones'] = &drupal_static(__FUNCTION__);
- }
- $timezones = &$drupal_static_fast['timezones'];
-
- if (!isset($timezone)) {
- $timezone = date_default_timezone_get();
- }
- // Store DateTimeZone objects in an array rather than repeatedly
- // constructing identical objects over the life of a request.
- if (!isset($timezones[$timezone])) {
- $timezones[$timezone] = timezone_open($timezone);
- }
-
- // Use the default langcode if none is set.
- global $language;
- if (empty($langcode)) {
- $langcode = isset($language->language) ? $language->language : 'en';
- }
-
- switch ($type) {
- case 'short':
- $format = variable_get('date_format_short', 'm/d/Y - H:i');
- break;
-
- case 'long':
- $format = variable_get('date_format_long', 'l, F j, Y - H:i');
- break;
-
- case 'custom':
- // No change to format.
- break;
-
- case 'medium':
- default:
- // Retrieve the format of the custom $type passed.
- if ($type != 'medium') {
- $format = variable_get('date_format_' . $type, '');
- }
- // Fall back to 'medium'.
- if ($format === '') {
- $format = variable_get('date_format_medium', 'D, m/d/Y - H:i');
- }
- break;
- }
-
- // Create a DateTime object from the timestamp.
- $date_time = date_create('@' . $timestamp);
- // Set the time zone for the DateTime object.
- date_timezone_set($date_time, $timezones[$timezone]);
-
- // Encode markers that should be translated. 'A' becomes '\xEF\AA\xFF'.
- // xEF and xFF are invalid UTF-8 sequences, and we assume they are not in the
- // input string.
- // Paired backslashes are isolated to prevent errors in read-ahead evaluation.
- // The read-ahead expression ensures that A matches, but not \A.
- $format = preg_replace(array('/\\\\\\\\/', '/(? $langcode,
- );
-
- if ($code == 'F') {
- $options['context'] = 'Long month name';
- }
-
- if ($code == '') {
- $cache[$langcode][$code][$string] = $string;
- }
- else {
- $cache[$langcode][$code][$string] = t($string, array(), $options);
- }
- }
- return $cache[$langcode][$code][$string];
-}
-
-/**
- * Format a username.
- *
- * This is also the label callback implementation of
- * callback_entity_info_label() for user_entity_info().
- *
- * By default, the passed-in object's 'name' property is used if it exists, or
- * else, the site-defined value for the 'anonymous' variable. However, a module
- * may override this by implementing hook_username_alter(&$name, $account).
- *
- * @see hook_username_alter()
- *
- * @param $account
- * The account object for the user whose name is to be formatted.
- *
- * @return
- * An unsanitized string with the username to display. The code receiving
- * this result must ensure that check_plain() is called on it before it is
- * printed to the page.
- */
-function format_username($account) {
- $name = !empty($account->name) ? $account->name : variable_get('anonymous', t('Anonymous'));
- drupal_alter('username', $name, $account);
- return $name;
-}
-
-/**
- * @} End of "defgroup format".
- */
-
-/**
- * Generates an internal or external URL.
- *
- * When creating links in modules, consider whether l() could be a better
- * alternative than url().
- *
- * @param $path
- * (optional) The internal path or external URL being linked to, such as
- * "node/34" or "http://example.com/foo". The default value is equivalent to
- * passing in ''. A few notes:
- * - If you provide a full URL, it will be considered an external URL.
- * - If you provide only the path (e.g. "node/34"), it will be
- * considered an internal link. In this case, it should be a system URL,
- * and it will be replaced with the alias, if one exists. Additional query
- * arguments for internal paths must be supplied in $options['query'], not
- * included in $path.
- * - If you provide an internal path and $options['alias'] is set to TRUE, the
- * path is assumed already to be the correct path alias, and the alias is
- * not looked up.
- * - The special string '' generates a link to the site's base URL.
- * - If your external URL contains a query (e.g. http://example.com/foo?a=b),
- * then you can either URL encode the query keys and values yourself and
- * include them in $path, or use $options['query'] to let this function
- * URL encode them.
- * @param $options
- * (optional) An associative array of additional options, with the following
- * elements:
- * - 'query': An array of query key/value-pairs (without any URL-encoding) to
- * append to the URL.
- * - 'fragment': A fragment identifier (named anchor) to append to the URL.
- * Do not include the leading '#' character.
- * - 'absolute': Defaults to FALSE. Whether to force the output to be an
- * absolute link (beginning with http:). Useful for links that will be
- * displayed outside the site, such as in an RSS feed.
- * - 'alias': Defaults to FALSE. Whether the given path is a URL alias
- * already.
- * - 'external': Whether the given path is an external URL.
- * - 'language': An optional language object. If the path being linked to is
- * internal to the site, $options['language'] is used to look up the alias
- * for the URL. If $options['language'] is omitted, the global $language_url
- * will be used.
- * - 'https': Whether this URL should point to a secure location. If not
- * defined, the current scheme is used, so the user stays on HTTP or HTTPS
- * respectively. TRUE enforces HTTPS and FALSE enforces HTTP, but HTTPS can
- * only be enforced when the variable 'https' is set to TRUE.
- * - 'base_url': Only used internally, to modify the base URL when a language
- * dependent URL requires so.
- * - 'prefix': Only used internally, to modify the path when a language
- * dependent URL requires so.
- * - 'script': The script filename in Drupal's root directory to use when
- * clean URLs are disabled, such as 'index.php'. Defaults to an empty
- * string, as most modern web servers automatically find 'index.php'. If
- * clean URLs are disabled, the value of $path is appended as query
- * parameter 'q' to $options['script'] in the returned URL. When deploying
- * Drupal on a web server that cannot be configured to automatically find
- * index.php, then hook_url_outbound_alter() can be implemented to force
- * this value to 'index.php'.
- * - 'entity_type': The entity type of the object that called url(). Only
- * set if url() is invoked by entity_uri().
- * - 'entity': The entity object (such as a node) for which the URL is being
- * generated. Only set if url() is invoked by entity_uri().
- *
- * @return
- * A string containing a URL to the given path.
- */
-function url($path = NULL, array $options = array()) {
- // Merge in defaults.
- $options += array(
- 'fragment' => '',
- 'query' => array(),
- 'absolute' => FALSE,
- 'alias' => FALSE,
- 'prefix' => ''
- );
-
- // A duplicate of the code from url_is_external() to avoid needing another
- // function call, since performance inside url() is critical.
- if (!isset($options['external'])) {
- // Return an external link if $path contains an allowed absolute URL. Avoid
- // calling drupal_strip_dangerous_protocols() if there is any slash (/),
- // hash (#) or question_mark (?) before the colon (:) occurrence - if any -
- // as this would clearly mean it is not a URL. If the path starts with 2
- // slashes then it is always considered an external URL without an explicit
- // protocol part.
- $colonpos = strpos($path, ':');
- $options['external'] = (strpos($path, '//') === 0)
- || ($colonpos !== FALSE
- && !preg_match('![/?#]!', substr($path, 0, $colonpos))
- && drupal_strip_dangerous_protocols($path) == $path);
- }
-
- // Preserve the original path before altering or aliasing.
- $original_path = $path;
-
- // Allow other modules to alter the outbound URL and options.
- drupal_alter('url_outbound', $path, $options, $original_path);
-
- if (isset($options['fragment']) && $options['fragment'] !== '') {
- $options['fragment'] = '#' . $options['fragment'];
- }
-
- if ($options['external']) {
- // Split off the fragment.
- if (strpos($path, '#') !== FALSE) {
- list($path, $old_fragment) = explode('#', $path, 2);
- // If $options contains no fragment, take it over from the path.
- if (isset($old_fragment) && !$options['fragment']) {
- $options['fragment'] = '#' . $old_fragment;
- }
- }
- // Append the query.
- if ($options['query']) {
- $path .= (strpos($path, '?') !== FALSE ? '&' : '?') . drupal_http_build_query($options['query']);
- }
- if (isset($options['https']) && variable_get('https', FALSE)) {
- if ($options['https'] === TRUE) {
- $path = str_replace('http://', 'https://', $path);
- }
- elseif ($options['https'] === FALSE) {
- $path = str_replace('https://', 'http://', $path);
- }
- }
- // Reassemble.
- return $path . $options['fragment'];
- }
-
- // Strip leading slashes from internal paths to prevent them becoming external
- // URLs without protocol. /example.com should not be turned into
- // //example.com.
- $path = ltrim($path, '/');
-
- global $base_url, $base_secure_url, $base_insecure_url;
-
- // The base_url might be rewritten from the language rewrite in domain mode.
- if (!isset($options['base_url'])) {
- if (isset($options['https']) && variable_get('https', FALSE)) {
- if ($options['https'] === TRUE) {
- $options['base_url'] = $base_secure_url;
- $options['absolute'] = TRUE;
- }
- elseif ($options['https'] === FALSE) {
- $options['base_url'] = $base_insecure_url;
- $options['absolute'] = TRUE;
- }
- }
- else {
- $options['base_url'] = $base_url;
- }
- }
-
- // The special path '' links to the default front page.
- if ($path == '') {
- $path = '';
- }
- elseif (!empty($path) && !$options['alias']) {
- $language = isset($options['language']) && isset($options['language']->language) ? $options['language']->language : '';
- $alias = drupal_get_path_alias($original_path, $language);
- if ($alias != $original_path) {
- $path = $alias;
- }
- }
-
- $base = $options['absolute'] ? $options['base_url'] . '/' : base_path();
- $prefix = empty($path) ? rtrim($options['prefix'], '/') : $options['prefix'];
-
- // With Clean URLs.
- if (!empty($GLOBALS['conf']['clean_url'])) {
- $path = drupal_encode_path($prefix . $path);
- if ($options['query']) {
- return $base . $path . '?' . drupal_http_build_query($options['query']) . $options['fragment'];
- }
- else {
- return $base . $path . $options['fragment'];
- }
- }
- // Without Clean URLs.
- else {
- $path = $prefix . $path;
- $query = array();
- if (!empty($path)) {
- $query['q'] = $path;
- }
- if ($options['query']) {
- // We do not use array_merge() here to prevent overriding $path via query
- // parameters.
- $query += $options['query'];
- }
- $query = $query ? ('?' . drupal_http_build_query($query)) : '';
- $script = isset($options['script']) ? $options['script'] : '';
- return $base . $script . $query . $options['fragment'];
- }
-}
-
-/**
- * Returns TRUE if a path is external to Drupal (e.g. http://example.com).
- *
- * If a path cannot be assessed by Drupal's menu handler, then we must
- * treat it as potentially insecure.
- *
- * @param $path
- * The internal path or external URL being linked to, such as "node/34" or
- * "http://example.com/foo".
- *
- * @return
- * Boolean TRUE or FALSE, where TRUE indicates an external path.
- */
-function url_is_external($path) {
- $colonpos = strpos($path, ':');
- // Avoid calling drupal_strip_dangerous_protocols() if there is any slash (/),
- // hash (#) or question_mark (?) before the colon (:) occurrence - if any - as
- // this would clearly mean it is not a URL. If the path starts with 2 slashes
- // then it is always considered an external URL without an explicit protocol
- // part.
- return (strpos($path, '//') === 0)
- || ($colonpos !== FALSE
- && !preg_match('![/?#]!', substr($path, 0, $colonpos))
- && drupal_strip_dangerous_protocols($path) == $path);
-}
-
-/**
- * Formats an attribute string for an HTTP header.
- *
- * @param $attributes
- * An associative array of attributes such as 'rel'.
- *
- * @return
- * A ; separated string ready for insertion in a HTTP header. No escaping is
- * performed for HTML entities, so this string is not safe to be printed.
- *
- * @see drupal_add_http_header()
- */
-function drupal_http_header_attributes(array $attributes = array()) {
- foreach ($attributes as $attribute => &$data) {
- if (is_array($data)) {
- $data = implode(' ', $data);
- }
- $data = $attribute . '="' . $data . '"';
- }
- return $attributes ? ' ' . implode('; ', $attributes) : '';
-}
-
-/**
- * Converts an associative array to an XML/HTML tag attribute string.
- *
- * Each array key and its value will be formatted into an attribute string.
- * If a value is itself an array, then its elements are concatenated to a single
- * space-delimited string (for example, a class attribute with multiple values).
- *
- * Attribute values are sanitized by running them through check_plain().
- * Attribute names are not automatically sanitized. When using user-supplied
- * attribute names, it is strongly recommended to allow only white-listed names,
- * since certain attributes carry security risks and can be abused.
- *
- * Examples of security aspects when using drupal_attributes:
- * @code
- * // By running the value in the following statement through check_plain,
- * // the malicious script is neutralized.
- * drupal_attributes(array('title' => t('')));
- *
- * // The statement below demonstrates dangerous use of drupal_attributes, and
- * // will return an onmouseout attribute with JavaScript code that, when used
- * // as attribute in a tag, will cause users to be redirected to another site.
- * //
- * // In this case, the 'onmouseout' attribute should not be whitelisted --
- * // you don't want users to have the ability to add this attribute or others
- * // that take JavaScript commands.
- * drupal_attributes(array('onmouseout' => 'window.location="http://malicious.com/";')));
- * @endcode
- *
- * @param $attributes
- * An associative array of key-value pairs to be converted to attributes.
- *
- * @return
- * A string ready for insertion in a tag (starts with a space).
- *
- * @ingroup sanitization
- */
-function drupal_attributes(array $attributes = array()) {
- foreach ($attributes as $attribute => &$data) {
- $data = implode(' ', (array) $data);
- $data = $attribute . '="' . check_plain($data) . '"';
- }
- return $attributes ? ' ' . implode(' ', $attributes) : '';
-}
-
-/**
- * Formats an internal or external URL link as an HTML anchor tag.
- *
- * This function correctly handles aliased paths and adds an 'active' class
- * attribute to links that point to the current page (for theming), so all
- * internal links output by modules should be generated by this function if
- * possible.
- *
- * However, for links enclosed in translatable text you should use t() and
- * embed the HTML anchor tag directly in the translated string. For example:
- * @code
- * t('Visit the settings page', array('@url' => url('admin')));
- * @endcode
- * This keeps the context of the link title ('settings' in the example) for
- * translators.
- *
- * @param string $text
- * The translated link text for the anchor tag.
- * @param string $path
- * The internal path or external URL being linked to, such as "node/34" or
- * "http://example.com/foo". After the url() function is called to construct
- * the URL from $path and $options, the resulting URL is passed through
- * check_plain() before it is inserted into the HTML anchor tag, to ensure
- * well-formed HTML. See url() for more information and notes.
- * @param array $options
- * An associative array of additional options. Defaults to an empty array. It
- * may contain the following elements.
- * - 'attributes': An associative array of HTML attributes to apply to the
- * anchor tag. If element 'class' is included, it must be an array; 'title'
- * must be a string; other elements are more flexible, as they just need
- * to work in a call to drupal_attributes($options['attributes']).
- * - 'html' (default FALSE): Whether $text is HTML or just plain-text. For
- * example, to make an image tag into a link, this must be set to TRUE, or
- * you will see the escaped HTML image tag. $text is not sanitized if
- * 'html' is TRUE. The calling function must ensure that $text is already
- * safe.
- * - 'language': An optional language object. If the path being linked to is
- * internal to the site, $options['language'] is used to determine whether
- * the link is "active", or pointing to the current page (the language as
- * well as the path must match). This element is also used by url().
- * - Additional $options elements used by the url() function.
- *
- * @return string
- * An HTML string containing a link to the given path.
- *
- * @see url()
- */
-function l($text, $path, array $options = array()) {
- global $language_url;
- static $use_theme = NULL;
-
- // Merge in defaults.
- $options += array(
- 'attributes' => array(),
- 'html' => FALSE,
- );
-
- // Append active class.
- if (($path == $_GET['q'] || ($path == '' && drupal_is_front_page())) &&
- (empty($options['language']) || $options['language']->language == $language_url->language)) {
- $options['attributes']['class'][] = 'active';
- }
-
- // Remove all HTML and PHP tags from a tooltip. For best performance, we act only
- // if a quick strpos() pre-check gave a suspicion (because strip_tags() is expensive).
- if (isset($options['attributes']['title']) && strpos($options['attributes']['title'], '<') !== FALSE) {
- $options['attributes']['title'] = strip_tags($options['attributes']['title']);
- }
-
- // Determine if rendering of the link is to be done with a theme function
- // or the inline default. Inline is faster, but if the theme system has been
- // loaded and a module or theme implements a preprocess or process function
- // or overrides the theme_link() function, then invoke theme(). Preliminary
- // benchmarks indicate that invoking theme() can slow down the l() function
- // by 20% or more, and that some of the link-heavy Drupal pages spend more
- // than 10% of the total page request time in the l() function.
- if (!isset($use_theme) && function_exists('theme')) {
- // Allow edge cases to prevent theme initialization and force inline link
- // rendering.
- if (variable_get('theme_link', TRUE)) {
- drupal_theme_initialize();
- $registry = theme_get_registry(FALSE);
- // We don't want to duplicate functionality that's in theme(), so any
- // hint of a module or theme doing anything at all special with the 'link'
- // theme hook should simply result in theme() being called. This includes
- // the overriding of theme_link() with an alternate function or template,
- // the presence of preprocess or process functions, or the presence of
- // include files.
- $use_theme = !isset($registry['link']['function']) || ($registry['link']['function'] != 'theme_link');
- $use_theme = $use_theme || !empty($registry['link']['preprocess functions']) || !empty($registry['link']['process functions']) || !empty($registry['link']['includes']);
- }
- else {
- $use_theme = FALSE;
- }
- }
- if ($use_theme) {
- return theme('link', array('text' => $text, 'path' => $path, 'options' => $options));
- }
- // The result of url() is a plain-text URL. Because we are using it here
- // in an HTML argument context, we need to encode it properly.
- return '' . ($options['html'] ? $text : check_plain($text)) . ' ';
-}
-
-/**
- * Delivers a page callback result to the browser in the appropriate format.
- *
- * This function is most commonly called by menu_execute_active_handler(), but
- * can also be called by error conditions such as drupal_not_found(),
- * drupal_access_denied(), and drupal_site_offline().
- *
- * When a user requests a page, index.php calls menu_execute_active_handler(),
- * which calls the 'page callback' function registered in hook_menu(). The page
- * callback function can return one of:
- * - NULL: to indicate no content.
- * - An integer menu status constant: to indicate an error condition.
- * - A string of HTML content.
- * - A renderable array of content.
- * Returning a renderable array rather than a string of HTML is preferred,
- * because that provides modules with more flexibility in customizing the final
- * result.
- *
- * When the page callback returns its constructed content to
- * menu_execute_active_handler(), this function gets called. The purpose of
- * this function is to determine the most appropriate 'delivery callback'
- * function to route the content to. The delivery callback function then
- * sends the content to the browser in the needed format. The default delivery
- * callback is drupal_deliver_html_page(), which delivers the content as an HTML
- * page, complete with blocks in addition to the content. This default can be
- * overridden on a per menu router item basis by setting 'delivery callback' in
- * hook_menu() or hook_menu_alter(), and can also be overridden on a per request
- * basis in hook_page_delivery_callback_alter().
- *
- * For example, the same page callback function can be used for an HTML
- * version of the page and an Ajax version of the page. The page callback
- * function just needs to decide what content is to be returned and the
- * delivery callback function will send it as an HTML page or an Ajax
- * response, as appropriate.
- *
- * In order for page callbacks to be reusable in different delivery formats,
- * they should not issue any "print" or "echo" statements, but instead just
- * return content.
- *
- * Also note that this function does not perform access checks. The delivery
- * callback function specified in hook_menu(), hook_menu_alter(), or
- * hook_page_delivery_callback_alter() will be called even if the router item
- * access checks fail. This is intentional (it is needed for JSON and other
- * purposes), but it has security implications. Do not call this function
- * directly unless you understand the security implications, and be careful in
- * writing delivery callbacks, so that they do not violate security. See
- * drupal_deliver_html_page() for an example of a delivery callback that
- * respects security.
- *
- * @param $page_callback_result
- * The result of a page callback. Can be one of:
- * - NULL: to indicate no content.
- * - An integer menu status constant: to indicate an error condition.
- * - A string of HTML content.
- * - A renderable array of content.
- * @param $default_delivery_callback
- * (Optional) If given, it is the name of a delivery function most likely
- * to be appropriate for the page request as determined by the calling
- * function (e.g., menu_execute_active_handler()). If not given, it is
- * determined from the menu router information of the current page.
- *
- * @see menu_execute_active_handler()
- * @see hook_menu()
- * @see hook_menu_alter()
- * @see hook_page_delivery_callback_alter()
- */
-function drupal_deliver_page($page_callback_result, $default_delivery_callback = NULL) {
- if (!isset($default_delivery_callback) && ($router_item = menu_get_item())) {
- $default_delivery_callback = $router_item['delivery_callback'];
- }
- $delivery_callback = !empty($default_delivery_callback) ? $default_delivery_callback : 'drupal_deliver_html_page';
- // Give modules a chance to alter the delivery callback used, based on
- // request-time context (e.g., HTTP request headers).
- drupal_alter('page_delivery_callback', $delivery_callback);
- if (function_exists($delivery_callback)) {
- $delivery_callback($page_callback_result);
- }
- else {
- // If a delivery callback is specified, but doesn't exist as a function,
- // something is wrong, but don't print anything, since it's not known
- // what format the response needs to be in.
- watchdog('delivery callback not found', 'callback %callback not found: %q.', array('%callback' => $delivery_callback, '%q' => $_GET['q']), WATCHDOG_ERROR);
- }
-}
-
-/**
- * Packages and sends the result of a page callback to the browser as HTML.
- *
- * @param $page_callback_result
- * The result of a page callback. Can be one of:
- * - NULL: to indicate no content.
- * - An integer menu status constant: to indicate an error condition.
- * - A string of HTML content.
- * - A renderable array of content.
- *
- * @see drupal_deliver_page()
- */
-function drupal_deliver_html_page($page_callback_result) {
- // Emit the correct charset HTTP header, but not if the page callback
- // result is NULL, since that likely indicates that it printed something
- // in which case, no further headers may be sent, and not if code running
- // for this page request has already set the content type header.
- if (isset($page_callback_result) && is_null(drupal_get_http_header('Content-Type'))) {
- drupal_add_http_header('Content-Type', 'text/html; charset=utf-8');
- }
-
- // Send appropriate HTTP-Header for browsers and search engines.
- global $language;
- drupal_add_http_header('Content-Language', $language->language);
-
- // Menu status constants are integers; page content is a string or array.
- if (is_int($page_callback_result)) {
- // @todo: Break these up into separate functions?
- switch ($page_callback_result) {
- case MENU_NOT_FOUND:
- // Print a 404 page.
- drupal_add_http_header('Status', '404 Not Found');
-
- watchdog('page not found', check_plain($_GET['q']), NULL, WATCHDOG_WARNING);
-
- // Check for and return a fast 404 page if configured.
- drupal_fast_404();
-
- // Keep old path for reference, and to allow forms to redirect to it.
- if (!isset($_GET['destination'])) {
- // Make sure that the current path is not interpreted as external URL.
- if (!url_is_external($_GET['q'])) {
- $_GET['destination'] = $_GET['q'];
- }
- }
-
- $path = drupal_get_normal_path(variable_get('site_404', ''));
- if ($path && $path != $_GET['q']) {
- // Custom 404 handler. Set the active item in case there are tabs to
- // display, or other dependencies on the path.
- menu_set_active_item($path);
- $return = menu_execute_active_handler($path, FALSE);
- }
-
- if (empty($return) || $return == MENU_NOT_FOUND || $return == MENU_ACCESS_DENIED) {
- // Standard 404 handler.
- drupal_set_title(t('Page not found'));
- $return = t('The requested page "@path" could not be found.', array('@path' => request_uri()));
- }
-
- drupal_set_page_content($return);
- $page = element_info('page');
- print drupal_render_page($page);
- break;
-
- case MENU_ACCESS_DENIED:
- // Print a 403 page.
- drupal_add_http_header('Status', '403 Forbidden');
- watchdog('access denied', check_plain($_GET['q']), NULL, WATCHDOG_WARNING);
-
- // Keep old path for reference, and to allow forms to redirect to it.
- if (!isset($_GET['destination'])) {
- // Make sure that the current path is not interpreted as external URL.
- if (!url_is_external($_GET['q'])) {
- $_GET['destination'] = $_GET['q'];
- }
- }
-
- $path = drupal_get_normal_path(variable_get('site_403', ''));
- if ($path && $path != $_GET['q']) {
- // Custom 403 handler. Set the active item in case there are tabs to
- // display or other dependencies on the path.
- menu_set_active_item($path);
- $return = menu_execute_active_handler($path, FALSE);
- }
-
- if (empty($return) || $return == MENU_NOT_FOUND || $return == MENU_ACCESS_DENIED) {
- // Standard 403 handler.
- drupal_set_title(t('Access denied'));
- $return = t('You are not authorized to access this page.');
- }
-
- print drupal_render_page($return);
- break;
-
- case MENU_SITE_OFFLINE:
- // Print a 503 page.
- drupal_maintenance_theme();
- drupal_add_http_header('Status', '503 Service unavailable');
- drupal_set_title(t('Site under maintenance'));
- print theme('maintenance_page', array('content' => filter_xss_admin(variable_get('maintenance_mode_message',
- t('@site is currently under maintenance. We should be back shortly. Thank you for your patience.', array('@site' => variable_get('site_name', 'Drupal')))))));
- break;
- }
- }
- elseif (isset($page_callback_result)) {
- // Print anything besides a menu constant, assuming it's not NULL or
- // undefined.
- print drupal_render_page($page_callback_result);
- }
-
- // Perform end-of-request tasks.
- drupal_page_footer();
-}
-
-/**
- * Performs end-of-request tasks.
- *
- * This function sets the page cache if appropriate, and allows modules to
- * react to the closing of the page by calling hook_exit().
- */
-function drupal_page_footer() {
- global $user;
-
- module_invoke_all('exit');
-
- // Commit the user session, if needed.
- drupal_session_commit();
-
- if (variable_get('cache', 0) && ($cache = drupal_page_set_cache())) {
- drupal_serve_page_from_cache($cache);
- }
- else {
- ob_flush();
- }
-
- _registry_check_code(REGISTRY_WRITE_LOOKUP_CACHE);
- drupal_cache_system_paths();
- module_implements_write_cache();
- system_run_automated_cron();
-}
-
-/**
- * Performs end-of-request tasks.
- *
- * In some cases page requests need to end without calling drupal_page_footer().
- * In these cases, call drupal_exit() instead. There should rarely be a reason
- * to call exit instead of drupal_exit();
- *
- * @param $destination
- * If this function is called from drupal_goto(), then this argument
- * will be a fully-qualified URL that is the destination of the redirect.
- * This should be passed along to hook_exit() implementations.
- */
-function drupal_exit($destination = NULL) {
- if (drupal_get_bootstrap_phase() == DRUPAL_BOOTSTRAP_FULL) {
- if (!defined('MAINTENANCE_MODE') || MAINTENANCE_MODE != 'update') {
- module_invoke_all('exit', $destination);
- }
- drupal_session_commit();
- }
- exit;
-}
-
-/**
- * Forms an associative array from a linear array.
- *
- * This function walks through the provided array and constructs an associative
- * array out of it. The keys of the resulting array will be the values of the
- * input array. The values will be the same as the keys unless a function is
- * specified, in which case the output of the function is used for the values
- * instead.
- *
- * @param $array
- * A linear array.
- * @param $function
- * A name of a function to apply to all values before output.
- *
- * @return
- * An associative array.
- */
-function drupal_map_assoc($array, $function = NULL) {
- // array_combine() fails with empty arrays:
- // http://bugs.php.net/bug.php?id=34857.
- $array = !empty($array) ? array_combine($array, $array) : array();
- if (is_callable($function)) {
- $array = array_map($function, $array);
- }
- return $array;
-}
-
-/**
- * Attempts to set the PHP maximum execution time.
- *
- * This function is a wrapper around the PHP function set_time_limit().
- * When called, set_time_limit() restarts the timeout counter from zero.
- * In other words, if the timeout is the default 30 seconds, and 25 seconds
- * into script execution a call such as set_time_limit(20) is made, the
- * script will run for a total of 45 seconds before timing out.
- *
- * It also means that it is possible to decrease the total time limit if
- * the sum of the new time limit and the current time spent running the
- * script is inferior to the original time limit. It is inherent to the way
- * set_time_limit() works, it should rather be called with an appropriate
- * value every time you need to allocate a certain amount of time
- * to execute a task than only once at the beginning of the script.
- *
- * Before calling set_time_limit(), we check if this function is available
- * because it could be disabled by the server administrator. We also hide all
- * the errors that could occur when calling set_time_limit(), because it is
- * not possible to reliably ensure that PHP or a security extension will
- * not issue a warning/error if they prevent the use of this function.
- *
- * @param $time_limit
- * An integer specifying the new time limit, in seconds. A value of 0
- * indicates unlimited execution time.
- *
- * @ingroup php_wrappers
- */
-function drupal_set_time_limit($time_limit) {
- if (function_exists('set_time_limit')) {
- @set_time_limit($time_limit);
- }
-}
-
-/**
- * Returns the path to a system item (module, theme, etc.).
- *
- * @param $type
- * The type of the item (i.e. theme, theme_engine, module, profile).
- * @param $name
- * The name of the item for which the path is requested.
- *
- * @return
- * The path to the requested item or an empty string if the item is not found.
- */
-function drupal_get_path($type, $name) {
- return dirname(drupal_get_filename($type, $name));
-}
-
-/**
- * Returns the base URL path (i.e., directory) of the Drupal installation.
- *
- * base_path() adds a "/" to the beginning and end of the returned path if the
- * path is not empty. At the very least, this will return "/".
- *
- * Examples:
- * - http://example.com returns "/" because the path is empty.
- * - http://example.com/drupal/folder returns "/drupal/folder/".
- */
-function base_path() {
- return $GLOBALS['base_path'];
-}
-
-/**
- * Adds a LINK tag with a distinct 'rel' attribute to the page's HEAD.
- *
- * This function can be called as long the HTML header hasn't been sent, which
- * on normal pages is up through the preprocess step of theme('html'). Adding
- * a link will overwrite a prior link with the exact same 'rel' and 'href'
- * attributes.
- *
- * @param $attributes
- * Associative array of element attributes including 'href' and 'rel'.
- * @param $header
- * Optional flag to determine if a HTTP 'Link:' header should be sent.
- */
-function drupal_add_html_head_link($attributes, $header = FALSE) {
- $element = array(
- '#tag' => 'link',
- '#attributes' => $attributes,
- );
- $href = $attributes['href'];
-
- if ($header) {
- // Also add a HTTP header "Link:".
- $href = '<' . check_plain($attributes['href']) . '>;';
- unset($attributes['href']);
- $element['#attached']['drupal_add_http_header'][] = array('Link', $href . drupal_http_header_attributes($attributes), TRUE);
- }
-
- drupal_add_html_head($element, 'drupal_add_html_head_link:' . $attributes['rel'] . ':' . $href);
-}
-
-/**
- * Adds a cascading stylesheet to the stylesheet queue.
- *
- * Calling drupal_static_reset('drupal_add_css') will clear all cascading
- * stylesheets added so far.
- *
- * If CSS aggregation/compression is enabled, all cascading style sheets added
- * with $options['preprocess'] set to TRUE will be merged into one aggregate
- * file and compressed by removing all extraneous white space.
- * Preprocessed inline stylesheets will not be aggregated into this single file;
- * instead, they are just compressed upon output on the page. Externally hosted
- * stylesheets are never aggregated or compressed.
- *
- * The reason for aggregating the files is outlined quite thoroughly here:
- * http://www.die.net/musings/page_load_time/ "Load fewer external objects. Due
- * to request overhead, one bigger file just loads faster than two smaller ones
- * half its size."
- *
- * $options['preprocess'] should be only set to TRUE when a file is required for
- * all typical visitors and most pages of a site. It is critical that all
- * preprocessed files are added unconditionally on every page, even if the
- * files do not happen to be needed on a page. This is normally done by calling
- * drupal_add_css() in a hook_init() implementation.
- *
- * Non-preprocessed files should only be added to the page when they are
- * actually needed.
- *
- * @param $data
- * (optional) The stylesheet data to be added, depending on what is passed
- * through to the $options['type'] parameter:
- * - 'file': The path to the CSS file relative to the base_path(), or a
- * stream wrapper URI. For example: "modules/devel/devel.css" or
- * "public://generated_css/stylesheet_1.css". Note that Modules should
- * always prefix the names of their CSS files with the module name; for
- * example, system-menus.css rather than simply menus.css. Themes can
- * override module-supplied CSS files based on their filenames, and this
- * prefixing helps prevent confusing name collisions for theme developers.
- * See drupal_get_css() where the overrides are performed. Also, if the
- * direction of the current language is right-to-left (Hebrew, Arabic,
- * etc.), the function will also look for an RTL CSS file and append it to
- * the list. The name of this file should have an '-rtl.css' suffix. For
- * example, a CSS file called 'mymodule-name.css' will have a
- * 'mymodule-name-rtl.css' file added to the list, if exists in the same
- * directory. This CSS file should contain overrides for properties which
- * should be reversed or otherwise different in a right-to-left display.
- * - 'inline': A string of CSS that should be placed in the given scope. Note
- * that it is better practice to use 'file' stylesheets, rather than
- * 'inline', as the CSS would then be aggregated and cached.
- * - 'external': The absolute path to an external CSS file that is not hosted
- * on the local server. These files will not be aggregated if CSS
- * aggregation is enabled.
- * @param $options
- * (optional) A string defining the 'type' of CSS that is being added in the
- * $data parameter ('file', 'inline', or 'external'), or an array which can
- * have any or all of the following keys:
- * - 'type': The type of stylesheet being added. Available options are 'file',
- * 'inline' or 'external'. Defaults to 'file'.
- * - 'basename': Force a basename for the file being added. Modules are
- * expected to use stylesheets with unique filenames, but integration of
- * external libraries may make this impossible. The basename of
- * 'modules/node/node.css' is 'node.css'. If the external library "node.js"
- * ships with a 'node.css', then a different, unique basename would be
- * 'node.js.css'.
- * - 'group': A number identifying the group in which to add the stylesheet.
- * Available constants are:
- * - CSS_SYSTEM: Any system-layer CSS.
- * - CSS_DEFAULT: (default) Any module-layer CSS.
- * - CSS_THEME: Any theme-layer CSS.
- * The group number serves as a weight: the markup for loading a stylesheet
- * within a lower weight group is output to the page before the markup for
- * loading a stylesheet within a higher weight group, so CSS within higher
- * weight groups take precendence over CSS within lower weight groups.
- * - 'every_page': For optimal front-end performance when aggregation is
- * enabled, this should be set to TRUE if the stylesheet is present on every
- * page of the website for users for whom it is present at all. This
- * defaults to FALSE. It is set to TRUE for stylesheets added via module and
- * theme .info files. Modules that add stylesheets within hook_init()
- * implementations, or from other code that ensures that the stylesheet is
- * added to all website pages, should also set this flag to TRUE. All
- * stylesheets within the same group that have the 'every_page' flag set to
- * TRUE and do not have 'preprocess' set to FALSE are aggregated together
- * into a single aggregate file, and that aggregate file can be reused
- * across a user's entire site visit, leading to faster navigation between
- * pages. However, stylesheets that are only needed on pages less frequently
- * visited, can be added by code that only runs for those particular pages,
- * and that code should not set the 'every_page' flag. This minimizes the
- * size of the aggregate file that the user needs to download when first
- * visiting the website. Stylesheets without the 'every_page' flag are
- * aggregated into a separate aggregate file. This other aggregate file is
- * likely to change from page to page, and each new aggregate file needs to
- * be downloaded when first encountered, so it should be kept relatively
- * small by ensuring that most commonly needed stylesheets are added to
- * every page.
- * - 'weight': The weight of the stylesheet specifies the order in which the
- * CSS will appear relative to other stylesheets with the same group and
- * 'every_page' flag. The exact ordering of stylesheets is as follows:
- * - First by group.
- * - Then by the 'every_page' flag, with TRUE coming before FALSE.
- * - Then by weight.
- * - Then by the order in which the CSS was added. For example, all else
- * being the same, a stylesheet added by a call to drupal_add_css() that
- * happened later in the page request gets added to the page after one for
- * which drupal_add_css() happened earlier in the page request.
- * - 'media': The media type for the stylesheet, e.g., all, print, screen.
- * Defaults to 'all'.
- * - 'preprocess': If TRUE and CSS aggregation/compression is enabled, the
- * styles will be aggregated and compressed. Defaults to TRUE.
- * - 'browsers': An array containing information specifying which browsers
- * should load the CSS item. See drupal_pre_render_conditional_comments()
- * for details.
- *
- * @return
- * An array of queued cascading stylesheets.
- *
- * @see drupal_get_css()
- */
-function drupal_add_css($data = NULL, $options = NULL) {
- $css = &drupal_static(__FUNCTION__, array());
-
- // Construct the options, taking the defaults into consideration.
- if (isset($options)) {
- if (!is_array($options)) {
- $options = array('type' => $options);
- }
- }
- else {
- $options = array();
- }
-
- // Create an array of CSS files for each media type first, since each type needs to be served
- // to the browser differently.
- if (isset($data)) {
- $options += array(
- 'type' => 'file',
- 'group' => CSS_DEFAULT,
- 'weight' => 0,
- 'every_page' => FALSE,
- 'media' => 'all',
- 'preprocess' => TRUE,
- 'data' => $data,
- 'browsers' => array(),
- );
- $options['browsers'] += array(
- 'IE' => TRUE,
- '!IE' => TRUE,
- );
-
- // Files with a query string cannot be preprocessed.
- if ($options['type'] === 'file' && $options['preprocess'] && strpos($options['data'], '?') !== FALSE) {
- $options['preprocess'] = FALSE;
- }
-
- // Always add a tiny value to the weight, to conserve the insertion order.
- $options['weight'] += count($css) / 1000;
-
- // Add the data to the CSS array depending on the type.
- switch ($options['type']) {
- case 'inline':
- // For inline stylesheets, we don't want to use the $data as the array
- // key as $data could be a very long string of CSS.
- $css[] = $options;
- break;
- default:
- // Local and external files must keep their name as the associative key
- // so the same CSS file is not be added twice.
- $css[$data] = $options;
- }
- }
-
- return $css;
-}
-
-/**
- * Returns a themed representation of all stylesheets to attach to the page.
- *
- * It loads the CSS in order, with 'module' first, then 'theme' afterwards.
- * This ensures proper cascading of styles so themes can easily override
- * module styles through CSS selectors.
- *
- * Themes may replace module-defined CSS files by adding a stylesheet with the
- * same filename. For example, themes/bartik/system-menus.css would replace
- * modules/system/system-menus.css. This allows themes to override complete
- * CSS files, rather than specific selectors, when necessary.
- *
- * If the original CSS file is being overridden by a theme, the theme is
- * responsible for supplying an accompanying RTL CSS file to replace the
- * module's.
- *
- * @param $css
- * (optional) An array of CSS files. If no array is provided, the default
- * stylesheets array is used instead.
- * @param $skip_alter
- * (optional) If set to TRUE, this function skips calling drupal_alter() on
- * $css, useful when the calling function passes a $css array that has already
- * been altered.
- *
- * @return
- * A string of XHTML CSS tags.
- *
- * @see drupal_add_css()
- */
-function drupal_get_css($css = NULL, $skip_alter = FALSE) {
- if (!isset($css)) {
- $css = drupal_add_css();
- }
-
- // Allow modules and themes to alter the CSS items.
- if (!$skip_alter) {
- drupal_alter('css', $css);
- }
-
- // Sort CSS items, so that they appear in the correct order.
- uasort($css, 'drupal_sort_css_js');
-
- // Provide the page with information about the individual CSS files used,
- // information not otherwise available when CSS aggregation is enabled. The
- // setting is attached later in this function, but is set here, so that CSS
- // files removed below are still considered "used" and prevented from being
- // added in a later AJAX request.
- // Skip if no files were added to the page or jQuery.extend() will overwrite
- // the Drupal.settings.ajaxPageState.css object with an empty array.
- if (!empty($css)) {
- // Cast the array to an object to be on the safe side even if not empty.
- $setting['ajaxPageState']['css'] = (object) array_fill_keys(array_keys($css), 1);
- }
-
- // Remove the overridden CSS files. Later CSS files override former ones.
- $previous_item = array();
- foreach ($css as $key => $item) {
- if ($item['type'] == 'file') {
- // If defined, force a unique basename for this file.
- $basename = isset($item['basename']) ? $item['basename'] : drupal_basename($item['data']);
- if (isset($previous_item[$basename])) {
- // Remove the previous item that shared the same base name.
- unset($css[$previous_item[$basename]]);
- }
- $previous_item[$basename] = $key;
- }
- }
-
- // Render the HTML needed to load the CSS.
- $styles = array(
- '#type' => 'styles',
- '#items' => $css,
- );
-
- if (!empty($setting)) {
- $styles['#attached']['js'][] = array('type' => 'setting', 'data' => $setting);
- }
-
- return drupal_render($styles);
-}
-
-/**
- * Sorts CSS and JavaScript resources.
- *
- * Callback for uasort() within:
- * - drupal_get_css()
- * - drupal_get_js()
- *
- * This sort order helps optimize front-end performance while providing modules
- * and themes with the necessary control for ordering the CSS and JavaScript
- * appearing on a page.
- *
- * @param $a
- * First item for comparison. The compared items should be associative arrays
- * of member items from drupal_add_css() or drupal_add_js().
- * @param $b
- * Second item for comparison.
- *
- * @see drupal_add_css()
- * @see drupal_add_js()
- */
-function drupal_sort_css_js($a, $b) {
- // First order by group, so that, for example, all items in the CSS_SYSTEM
- // group appear before items in the CSS_DEFAULT group, which appear before
- // all items in the CSS_THEME group. Modules may create additional groups by
- // defining their own constants.
- if ($a['group'] < $b['group']) {
- return -1;
- }
- elseif ($a['group'] > $b['group']) {
- return 1;
- }
- // Within a group, order all infrequently needed, page-specific files after
- // common files needed throughout the website. Separating this way allows for
- // the aggregate file generated for all of the common files to be reused
- // across a site visit without being cut by a page using a less common file.
- elseif ($a['every_page'] && !$b['every_page']) {
- return -1;
- }
- elseif (!$a['every_page'] && $b['every_page']) {
- return 1;
- }
- // Finally, order by weight.
- elseif ($a['weight'] < $b['weight']) {
- return -1;
- }
- elseif ($a['weight'] > $b['weight']) {
- return 1;
- }
- else {
- return 0;
- }
-}
-
-/**
- * Default callback to group CSS items.
- *
- * This function arranges the CSS items that are in the #items property of the
- * styles element into groups. Arranging the CSS items into groups serves two
- * purposes. When aggregation is enabled, files within a group are aggregated
- * into a single file, significantly improving page loading performance by
- * minimizing network traffic overhead. When aggregation is disabled, grouping
- * allows multiple files to be loaded from a single STYLE tag, enabling sites
- * with many modules enabled or a complex theme being used to stay within IE's
- * 31 CSS inclusion tag limit: http://drupal.org/node/228818.
- *
- * This function puts multiple items into the same group if they are groupable
- * and if they are for the same 'media' and 'browsers'. Items of the 'file' type
- * are groupable if their 'preprocess' flag is TRUE, items of the 'inline' type
- * are always groupable, and items of the 'external' type are never groupable.
- * This function also ensures that the process of grouping items does not change
- * their relative order. This requirement may result in multiple groups for the
- * same type, media, and browsers, if needed to accommodate other items in
- * between.
- *
- * @param $css
- * An array of CSS items, as returned by drupal_add_css(), but after
- * alteration performed by drupal_get_css().
- *
- * @return
- * An array of CSS groups. Each group contains the same keys (e.g., 'media',
- * 'data', etc.) as a CSS item from the $css parameter, with the value of
- * each key applying to the group as a whole. Each group also contains an
- * 'items' key, which is the subset of items from $css that are in the group.
- *
- * @see drupal_pre_render_styles()
- * @see system_element_info()
- */
-function drupal_group_css($css) {
- $groups = array();
- // If a group can contain multiple items, we track the information that must
- // be the same for each item in the group, so that when we iterate the next
- // item, we can determine if it can be put into the current group, or if a
- // new group needs to be made for it.
- $current_group_keys = NULL;
- // When creating a new group, we pre-increment $i, so by initializing it to
- // -1, the first group will have index 0.
- $i = -1;
- foreach ($css as $item) {
- // The browsers for which the CSS item needs to be loaded is part of the
- // information that determines when a new group is needed, but the order of
- // keys in the array doesn't matter, and we don't want a new group if all
- // that's different is that order.
- ksort($item['browsers']);
-
- // If the item can be grouped with other items, set $group_keys to an array
- // of information that must be the same for all items in its group. If the
- // item can't be grouped with other items, set $group_keys to FALSE. We
- // put items into a group that can be aggregated together: whether they will
- // be aggregated is up to the _drupal_css_aggregate() function or an
- // override of that function specified in hook_css_alter(), but regardless
- // of the details of that function, a group represents items that can be
- // aggregated. Since a group may be rendered with a single HTML tag, all
- // items in the group must share the same information that would need to be
- // part of that HTML tag.
- switch ($item['type']) {
- case 'file':
- // Group file items if their 'preprocess' flag is TRUE.
- // Help ensure maximum reuse of aggregate files by only grouping
- // together items that share the same 'group' value and 'every_page'
- // flag. See drupal_add_css() for details about that.
- $group_keys = $item['preprocess'] ? array($item['type'], $item['group'], $item['every_page'], $item['media'], $item['browsers']) : FALSE;
- break;
- case 'inline':
- // Always group inline items.
- $group_keys = array($item['type'], $item['media'], $item['browsers']);
- break;
- case 'external':
- // Do not group external items.
- $group_keys = FALSE;
- break;
- }
-
- // If the group keys don't match the most recent group we're working with,
- // then a new group must be made.
- if ($group_keys !== $current_group_keys) {
- $i++;
- // Initialize the new group with the same properties as the first item
- // being placed into it. The item's 'data' and 'weight' properties are
- // unique to the item and should not be carried over to the group.
- $groups[$i] = $item;
- unset($groups[$i]['data'], $groups[$i]['weight']);
- $groups[$i]['items'] = array();
- $current_group_keys = $group_keys ? $group_keys : NULL;
- }
-
- // Add the item to the current group.
- $groups[$i]['items'][] = $item;
- }
- return $groups;
-}
-
-/**
- * Default callback to aggregate CSS files and inline content.
- *
- * Having the browser load fewer CSS files results in much faster page loads
- * than when it loads many small files. This function aggregates files within
- * the same group into a single file unless the site-wide setting to do so is
- * disabled (commonly the case during site development). To optimize download,
- * it also compresses the aggregate files by removing comments, whitespace, and
- * other unnecessary content. Additionally, this functions aggregates inline
- * content together, regardless of the site-wide aggregation setting.
- *
- * @param $css_groups
- * An array of CSS groups as returned by drupal_group_css(). This function
- * modifies the group's 'data' property for each group that is aggregated.
- *
- * @see drupal_group_css()
- * @see drupal_pre_render_styles()
- * @see system_element_info()
- */
-function drupal_aggregate_css(&$css_groups) {
- $preprocess_css = (variable_get('preprocess_css', FALSE) && (!defined('MAINTENANCE_MODE') || MAINTENANCE_MODE != 'update'));
-
- // For each group that needs aggregation, aggregate its items.
- foreach ($css_groups as $key => $group) {
- switch ($group['type']) {
- // If a file group can be aggregated into a single file, do so, and set
- // the group's data property to the file path of the aggregate file.
- case 'file':
- if ($group['preprocess'] && $preprocess_css) {
- $css_groups[$key]['data'] = drupal_build_css_cache($group['items']);
- }
- break;
- // Aggregate all inline CSS content into the group's data property.
- case 'inline':
- $css_groups[$key]['data'] = '';
- foreach ($group['items'] as $item) {
- $css_groups[$key]['data'] .= drupal_load_stylesheet_content($item['data'], $item['preprocess']);
- }
- break;
- }
- }
-}
-
-/**
- * #pre_render callback to add the elements needed for CSS tags to be rendered.
- *
- * For production websites, LINK tags are preferable to STYLE tags with @import
- * statements, because:
- * - They are the standard tag intended for linking to a resource.
- * - On Firefox 2 and perhaps other browsers, CSS files included with @import
- * statements don't get saved when saving the complete web page for offline
- * use: http://drupal.org/node/145218.
- * - On IE, if only LINK tags and no @import statements are used, all the CSS
- * files are downloaded in parallel, resulting in faster page load, but if
- * @import statements are used and span across multiple STYLE tags, all the
- * ones from one STYLE tag must be downloaded before downloading begins for
- * the next STYLE tag. Furthermore, IE7 does not support media declaration on
- * the @import statement, so multiple STYLE tags must be used when different
- * files are for different media types. Non-IE browsers always download in
- * parallel, so this is an IE-specific performance quirk:
- * http://www.stevesouders.com/blog/2009/04/09/dont-use-import/.
- *
- * However, IE has an annoying limit of 31 total CSS inclusion tags
- * (http://drupal.org/node/228818) and LINK tags are limited to one file per
- * tag, whereas STYLE tags can contain multiple @import statements allowing
- * multiple files to be loaded per tag. When CSS aggregation is disabled, a
- * Drupal site can easily have more than 31 CSS files that need to be loaded, so
- * using LINK tags exclusively would result in a site that would display
- * incorrectly in IE. Depending on different needs, different strategies can be
- * employed to decide when to use LINK tags and when to use STYLE tags.
- *
- * The strategy employed by this function is to use LINK tags for all aggregate
- * files and for all files that cannot be aggregated (e.g., if 'preprocess' is
- * set to FALSE or the type is 'external'), and to use STYLE tags for groups
- * of files that could be aggregated together but aren't (e.g., if the site-wide
- * aggregation setting is disabled). This results in all LINK tags when
- * aggregation is enabled, a guarantee that as many or only slightly more tags
- * are used with aggregation disabled than enabled (so that if the limit were to
- * be crossed with aggregation enabled, the site developer would also notice the
- * problem while aggregation is disabled), and an easy way for a developer to
- * view HTML source while aggregation is disabled and know what files will be
- * aggregated together when aggregation becomes enabled.
- *
- * This function evaluates the aggregation enabled/disabled condition on a group
- * by group basis by testing whether an aggregate file has been made for the
- * group rather than by testing the site-wide aggregation setting. This allows
- * this function to work correctly even if modules have implemented custom
- * logic for grouping and aggregating files.
- *
- * @param $element
- * A render array containing:
- * - '#items': The CSS items as returned by drupal_add_css() and altered by
- * drupal_get_css().
- * - '#group_callback': A function to call to group #items to enable the use
- * of fewer tags by aggregating files and/or using multiple @import
- * statements within a single tag.
- * - '#aggregate_callback': A function to call to aggregate the items within
- * the groups arranged by the #group_callback function.
- *
- * @return
- * A render array that will render to a string of XHTML CSS tags.
- *
- * @see drupal_get_css()
- */
-function drupal_pre_render_styles($elements) {
- // Group and aggregate the items.
- if (isset($elements['#group_callback'])) {
- $elements['#groups'] = $elements['#group_callback']($elements['#items']);
- }
- if (isset($elements['#aggregate_callback'])) {
- $elements['#aggregate_callback']($elements['#groups']);
- }
-
- // A dummy query-string is added to filenames, to gain control over
- // browser-caching. The string changes on every update or full cache
- // flush, forcing browsers to load a new copy of the files, as the
- // URL changed.
- $query_string = variable_get('css_js_query_string', '0');
-
- // For inline CSS to validate as XHTML, all CSS containing XHTML needs to be
- // wrapped in CDATA. To make that backwards compatible with HTML 4, we need to
- // comment out the CDATA-tag.
- $embed_prefix = "\n\n";
-
- // Defaults for LINK and STYLE elements.
- $link_element_defaults = array(
- '#type' => 'html_tag',
- '#tag' => 'link',
- '#attributes' => array(
- 'type' => 'text/css',
- 'rel' => 'stylesheet',
- ),
- );
- $style_element_defaults = array(
- '#type' => 'html_tag',
- '#tag' => 'style',
- '#attributes' => array(
- 'type' => 'text/css',
- ),
- );
-
- // Loop through each group.
- foreach ($elements['#groups'] as $group) {
- switch ($group['type']) {
- // For file items, there are three possibilites.
- // - The group has been aggregated: in this case, output a LINK tag for
- // the aggregate file.
- // - The group can be aggregated but has not been (most likely because
- // the site administrator disabled the site-wide setting): in this case,
- // output as few STYLE tags for the group as possible, using @import
- // statement for each file in the group. This enables us to stay within
- // IE's limit of 31 total CSS inclusion tags.
- // - The group contains items not eligible for aggregation (their
- // 'preprocess' flag has been set to FALSE): in this case, output a LINK
- // tag for each file.
- case 'file':
- // The group has been aggregated into a single file: output a LINK tag
- // for the aggregate file.
- if (isset($group['data'])) {
- $element = $link_element_defaults;
- $element['#attributes']['href'] = file_create_url($group['data']);
- $element['#attributes']['media'] = $group['media'];
- $element['#browsers'] = $group['browsers'];
- $elements[] = $element;
- }
- // The group can be aggregated, but hasn't been: combine multiple items
- // into as few STYLE tags as possible.
- elseif ($group['preprocess']) {
- $import = array();
- foreach ($group['items'] as $item) {
- // A theme's .info file may have an entry for a file that doesn't
- // exist as a way of overriding a module or base theme CSS file from
- // being added to the page. Normally, file_exists() calls that need
- // to run for every page request should be minimized, but this one
- // is okay, because it only runs when CSS aggregation is disabled.
- // On a server under heavy enough load that file_exists() calls need
- // to be minimized, CSS aggregation should be enabled, in which case
- // this code is not run. When aggregation is enabled,
- // drupal_load_stylesheet() checks file_exists(), but only when
- // building the aggregate file, which is then reused for many page
- // requests.
- if (file_exists($item['data'])) {
- // The dummy query string needs to be added to the URL to control
- // browser-caching. IE7 does not support a media type on the
- // @import statement, so we instead specify the media for the
- // group on the STYLE tag.
- $import[] = '@import url("' . check_plain(file_create_url($item['data']) . '?' . $query_string) . '");';
- }
- }
- // In addition to IE's limit of 31 total CSS inclusion tags, it also
- // has a limit of 31 @import statements per STYLE tag.
- while (!empty($import)) {
- $import_batch = array_slice($import, 0, 31);
- $import = array_slice($import, 31);
- $element = $style_element_defaults;
- // This simplifies the JavaScript regex, allowing each line
- // (separated by \n) to be treated as a completely different string.
- // This means that we can use ^ and $ on one line at a time, and not
- // worry about style tags since they'll never match the regex.
- $element['#value'] = "\n" . implode("\n", $import_batch) . "\n";
- $element['#attributes']['media'] = $group['media'];
- $element['#browsers'] = $group['browsers'];
- $elements[] = $element;
- }
- }
- // The group contains items ineligible for aggregation: output a LINK
- // tag for each file.
- else {
- foreach ($group['items'] as $item) {
- $element = $link_element_defaults;
- // We do not check file_exists() here, because this code runs for
- // files whose 'preprocess' is set to FALSE, and therefore, even
- // when aggregation is enabled, and we want to avoid needlessly
- // taxing a server that may be under heavy load. The file_exists()
- // performed above for files whose 'preprocess' is TRUE is done for
- // the benefit of theme .info files, but code that deals with files
- // whose 'preprocess' is FALSE is responsible for ensuring the file
- // exists.
- // The dummy query string needs to be added to the URL to control
- // browser-caching.
- $query_string_separator = (strpos($item['data'], '?') !== FALSE) ? '&' : '?';
- $element['#attributes']['href'] = file_create_url($item['data']) . $query_string_separator . $query_string;
- $element['#attributes']['media'] = $item['media'];
- $element['#browsers'] = $group['browsers'];
- $elements[] = $element;
- }
- }
- break;
- // For inline content, the 'data' property contains the CSS content. If
- // the group's 'data' property is set, then output it in a single STYLE
- // tag. Otherwise, output a separate STYLE tag for each item.
- case 'inline':
- if (isset($group['data'])) {
- $element = $style_element_defaults;
- $element['#value'] = $group['data'];
- $element['#value_prefix'] = $embed_prefix;
- $element['#value_suffix'] = $embed_suffix;
- $element['#attributes']['media'] = $group['media'];
- $element['#browsers'] = $group['browsers'];
- $elements[] = $element;
- }
- else {
- foreach ($group['items'] as $item) {
- $element = $style_element_defaults;
- $element['#value'] = $item['data'];
- $element['#value_prefix'] = $embed_prefix;
- $element['#value_suffix'] = $embed_suffix;
- $element['#attributes']['media'] = $item['media'];
- $element['#browsers'] = $group['browsers'];
- $elements[] = $element;
- }
- }
- break;
- // Output a LINK tag for each external item. The item's 'data' property
- // contains the full URL.
- case 'external':
- foreach ($group['items'] as $item) {
- $element = $link_element_defaults;
- $element['#attributes']['href'] = $item['data'];
- $element['#attributes']['media'] = $item['media'];
- $element['#browsers'] = $group['browsers'];
- $elements[] = $element;
- }
- break;
- }
- }
-
- return $elements;
-}
-
-/**
- * Aggregates and optimizes CSS files into a cache file in the files directory.
- *
- * The file name for the CSS cache file is generated from the hash of the
- * aggregated contents of the files in $css. This forces proxies and browsers
- * to download new CSS when the CSS changes.
- *
- * The cache file name is retrieved on a page load via a lookup variable that
- * contains an associative array. The array key is the hash of the file names
- * in $css while the value is the cache file name. The cache file is generated
- * in two cases. First, if there is no file name value for the key, which will
- * happen if a new file name has been added to $css or after the lookup
- * variable is emptied to force a rebuild of the cache. Second, the cache file
- * is generated if it is missing on disk. Old cache files are not deleted
- * immediately when the lookup variable is emptied, but are deleted after a set
- * period by drupal_delete_file_if_stale(). This ensures that files referenced
- * by a cached page will still be available.
- *
- * @param $css
- * An array of CSS files to aggregate and compress into one file.
- *
- * @return
- * The URI of the CSS cache file, or FALSE if the file could not be saved.
- */
-function drupal_build_css_cache($css) {
- $data = '';
- $uri = '';
- $map = variable_get('drupal_css_cache_files', array());
- // Create a new array so that only the file names are used to create the hash.
- // This prevents new aggregates from being created unnecessarily.
- $css_data = array();
- foreach ($css as $css_file) {
- $css_data[] = $css_file['data'];
- }
- $key = hash('sha256', serialize($css_data));
- if (isset($map[$key])) {
- $uri = $map[$key];
- }
-
- if (empty($uri) || !file_exists($uri)) {
- // Build aggregate CSS file.
- foreach ($css as $stylesheet) {
- // Only 'file' stylesheets can be aggregated.
- if ($stylesheet['type'] == 'file') {
- $contents = drupal_load_stylesheet($stylesheet['data'], TRUE);
-
- // Build the base URL of this CSS file: start with the full URL.
- $css_base_url = file_create_url($stylesheet['data']);
- // Move to the parent.
- $css_base_url = substr($css_base_url, 0, strrpos($css_base_url, '/'));
- // Simplify to a relative URL if the stylesheet URL starts with the
- // base URL of the website.
- if (substr($css_base_url, 0, strlen($GLOBALS['base_root'])) == $GLOBALS['base_root']) {
- $css_base_url = substr($css_base_url, strlen($GLOBALS['base_root']));
- }
-
- _drupal_build_css_path(NULL, $css_base_url . '/');
- // Anchor all paths in the CSS with its base URL, ignoring external and absolute paths.
- $data .= preg_replace_callback('/url\(\s*[\'"]?(?![a-z]+:|\/+)([^\'")]+)[\'"]?\s*\)/i', '_drupal_build_css_path', $contents);
- }
- }
-
- // Per the W3C specification at http://www.w3.org/TR/REC-CSS2/cascade.html#at-import,
- // @import rules must proceed any other style, so we move those to the top.
- $regexp = '/@import[^;]+;/i';
- preg_match_all($regexp, $data, $matches);
- $data = preg_replace($regexp, '', $data);
- $data = implode('', $matches[0]) . $data;
-
- // Prefix filename to prevent blocking by firewalls which reject files
- // starting with "ad*".
- $filename = 'css_' . drupal_hash_base64($data) . '.css';
- // Create the css/ within the files folder.
- $csspath = 'public://css';
- $uri = $csspath . '/' . $filename;
- // Create the CSS file.
- file_prepare_directory($csspath, FILE_CREATE_DIRECTORY);
- if (!file_exists($uri) && !file_unmanaged_save_data($data, $uri, FILE_EXISTS_REPLACE)) {
- return FALSE;
- }
- // If CSS gzip compression is enabled, clean URLs are enabled (which means
- // that rewrite rules are working) and the zlib extension is available then
- // create a gzipped version of this file. This file is served conditionally
- // to browsers that accept gzip using .htaccess rules.
- if (variable_get('css_gzip_compression', TRUE) && variable_get('clean_url', 0) && extension_loaded('zlib')) {
- if (!file_exists($uri . '.gz') && !file_unmanaged_save_data(gzencode($data, 9, FORCE_GZIP), $uri . '.gz', FILE_EXISTS_REPLACE)) {
- return FALSE;
- }
- }
- // Save the updated map.
- $map[$key] = $uri;
- variable_set('drupal_css_cache_files', $map);
- }
- return $uri;
-}
-
-/**
- * Prefixes all paths within a CSS file for drupal_build_css_cache().
- */
-function _drupal_build_css_path($matches, $base = NULL) {
- $_base = &drupal_static(__FUNCTION__);
- // Store base path for preg_replace_callback.
- if (isset($base)) {
- $_base = $base;
- }
-
- // Prefix with base and remove '../' segments where possible.
- $path = $_base . $matches[1];
- $last = '';
- while ($path != $last) {
- $last = $path;
- $path = preg_replace('`(^|/)(?!\.\./)([^/]+)/\.\./`', '$1', $path);
- }
- return 'url(' . $path . ')';
-}
-
-/**
- * Loads the stylesheet and resolves all @import commands.
- *
- * Loads a stylesheet and replaces @import commands with the contents of the
- * imported file. Use this instead of file_get_contents when processing
- * stylesheets.
- *
- * The returned contents are compressed removing white space and comments only
- * when CSS aggregation is enabled. This optimization will not apply for
- * color.module enabled themes with CSS aggregation turned off.
- *
- * @param $file
- * Name of the stylesheet to be processed.
- * @param $optimize
- * Defines if CSS contents should be compressed or not.
- * @param $reset_basepath
- * Used internally to facilitate recursive resolution of @import commands.
- *
- * @return
- * Contents of the stylesheet, including any resolved @import commands.
- */
-function drupal_load_stylesheet($file, $optimize = NULL, $reset_basepath = TRUE) {
- // These statics are not cache variables, so we don't use drupal_static().
- static $_optimize, $basepath;
- if ($reset_basepath) {
- $basepath = '';
- }
- // Store the value of $optimize for preg_replace_callback with nested
- // @import loops.
- if (isset($optimize)) {
- $_optimize = $optimize;
- }
-
- // Stylesheets are relative one to each other. Start by adding a base path
- // prefix provided by the parent stylesheet (if necessary).
- if ($basepath && !file_uri_scheme($file)) {
- $file = $basepath . '/' . $file;
- }
- // Store the parent base path to restore it later.
- $parent_base_path = $basepath;
- // Set the current base path to process possible child imports.
- $basepath = dirname($file);
-
- // Load the CSS stylesheet. We suppress errors because themes may specify
- // stylesheets in their .info file that don't exist in the theme's path,
- // but are merely there to disable certain module CSS files.
- $content = '';
- if ($contents = @file_get_contents($file)) {
- // Return the processed stylesheet.
- $content = drupal_load_stylesheet_content($contents, $_optimize);
- }
-
- // Restore the parent base path as the file and its childen are processed.
- $basepath = $parent_base_path;
- return $content;
-}
-
-/**
- * Processes the contents of a stylesheet for aggregation.
- *
- * @param $contents
- * The contents of the stylesheet.
- * @param $optimize
- * (optional) Boolean whether CSS contents should be minified. Defaults to
- * FALSE.
- *
- * @return
- * Contents of the stylesheet including the imported stylesheets.
- */
-function drupal_load_stylesheet_content($contents, $optimize = FALSE) {
- // Remove multiple charset declarations for standards compliance (and fixing Safari problems).
- $contents = preg_replace('/^@charset\s+[\'"](\S*?)\b[\'"];/i', '', $contents);
-
- if ($optimize) {
- // Perform some safe CSS optimizations.
- // Regexp to match comment blocks.
- $comment = '/\*[^*]*\*+(?:[^/*][^*]*\*+)*/';
- // Regexp to match double quoted strings.
- $double_quot = '"[^"\\\\]*(?:\\\\.[^"\\\\]*)*"';
- // Regexp to match single quoted strings.
- $single_quot = "'[^'\\\\]*(?:\\\\.[^'\\\\]*)*'";
- // Strip all comment blocks, but keep double/single quoted strings.
- $contents = preg_replace(
- "<($double_quot|$single_quot)|$comment>Ss",
- "$1",
- $contents
- );
- // Remove certain whitespace.
- // There are different conditions for removing leading and trailing
- // whitespace.
- // @see http://php.net/manual/regexp.reference.subpatterns.php
- $contents = preg_replace('<
- # Strip leading and trailing whitespace.
- \s*([@{};,])\s*
- # Strip only leading whitespace from:
- # - Closing parenthesis: Retain "@media (bar) and foo".
- | \s+([\)])
- # Strip only trailing whitespace from:
- # - Opening parenthesis: Retain "@media (bar) and foo".
- # - Colon: Retain :pseudo-selectors.
- | ([\(:])\s+
- >xS',
- // Only one of the three capturing groups will match, so its reference
- // will contain the wanted value and the references for the
- // two non-matching groups will be replaced with empty strings.
- '$1$2$3',
- $contents
- );
- // End the file with a new line.
- $contents = trim($contents);
- $contents .= "\n";
- }
-
- // Replaces @import commands with the actual stylesheet content.
- // This happens recursively but omits external files.
- $contents = preg_replace_callback('/@import\s*(?:url\(\s*)?[\'"]?(?![a-z]+:)([^\'"\()]+)[\'"]?\s*\)?\s*;/', '_drupal_load_stylesheet', $contents);
- return $contents;
-}
-
-/**
- * Loads stylesheets recursively and returns contents with corrected paths.
- *
- * This function is used for recursive loading of stylesheets and
- * returns the stylesheet content with all url() paths corrected.
- */
-function _drupal_load_stylesheet($matches) {
- $filename = $matches[1];
- // Load the imported stylesheet and replace @import commands in there as well.
- $file = drupal_load_stylesheet($filename, NULL, FALSE);
-
- // Determine the file's directory.
- $directory = dirname($filename);
- // If the file is in the current directory, make sure '.' doesn't appear in
- // the url() path.
- $directory = $directory == '.' ? '' : $directory .'/';
-
- // Alter all internal url() paths. Leave external paths alone. We don't need
- // to normalize absolute paths here (i.e. remove folder/... segments) because
- // that will be done later.
- return preg_replace('/url\(\s*([\'"]?)(?![a-z]+:|\/+)([^\'")]+)([\'"]?)\s*\)/i', 'url(\1' . $directory . '\2\3)', $file);
-}
-
-/**
- * Deletes old cached CSS files.
- */
-function drupal_clear_css_cache() {
- variable_del('drupal_css_cache_files');
- file_scan_directory('public://css', '/.*/', array('callback' => 'drupal_delete_file_if_stale'));
-}
-
-/**
- * Callback to delete files modified more than a set time ago.
- */
-function drupal_delete_file_if_stale($uri) {
- // Default stale file threshold is 30 days.
- if (REQUEST_TIME - filemtime($uri) > variable_get('drupal_stale_file_threshold', 2592000)) {
- file_unmanaged_delete($uri);
- }
-}
-
-/**
- * Prepares a string for use as a CSS identifier (element, class, or ID name).
- *
- * http://www.w3.org/TR/CSS21/syndata.html#characters shows the syntax for valid
- * CSS identifiers (including element names, classes, and IDs in selectors.)
- *
- * @param $identifier
- * The identifier to clean.
- * @param $filter
- * An array of string replacements to use on the identifier.
- *
- * @return
- * The cleaned identifier.
- */
-function drupal_clean_css_identifier($identifier, $filter = array(' ' => '-', '_' => '-', '/' => '-', '[' => '-', ']' => '')) {
- // By default, we filter using Drupal's coding standards.
- $identifier = strtr($identifier, $filter);
-
- // Valid characters in a CSS identifier are:
- // - the hyphen (U+002D)
- // - a-z (U+0030 - U+0039)
- // - A-Z (U+0041 - U+005A)
- // - the underscore (U+005F)
- // - 0-9 (U+0061 - U+007A)
- // - ISO 10646 characters U+00A1 and higher
- // We strip out any character not in the above list.
- $identifier = preg_replace('/[^\x{002D}\x{0030}-\x{0039}\x{0041}-\x{005A}\x{005F}\x{0061}-\x{007A}\x{00A1}-\x{FFFF}]/u', '', $identifier);
-
- return $identifier;
-}
-
-/**
- * Prepares a string for use as a valid class name.
- *
- * Do not pass one string containing multiple classes as they will be
- * incorrectly concatenated with dashes, i.e. "one two" will become "one-two".
- *
- * @param $class
- * The class name to clean.
- *
- * @return
- * The cleaned class name.
- */
-function drupal_html_class($class) {
- // The output of this function will never change, so this uses a normal
- // static instead of drupal_static().
- static $classes = array();
-
- if (!isset($classes[$class])) {
- $classes[$class] = drupal_clean_css_identifier(drupal_strtolower($class));
- }
- return $classes[$class];
-}
-
-/**
- * Prepares a string for use as a valid HTML ID and guarantees uniqueness.
- *
- * This function ensures that each passed HTML ID value only exists once on the
- * page. By tracking the already returned ids, this function enables forms,
- * blocks, and other content to be output multiple times on the same page,
- * without breaking (X)HTML validation.
- *
- * For already existing IDs, a counter is appended to the ID string. Therefore,
- * JavaScript and CSS code should not rely on any value that was generated by
- * this function and instead should rely on manually added CSS classes or
- * similarly reliable constructs.
- *
- * Two consecutive hyphens separate the counter from the original ID. To manage
- * uniqueness across multiple Ajax requests on the same page, Ajax requests
- * POST an array of all IDs currently present on the page, which are used to
- * prime this function's cache upon first invocation.
- *
- * To allow reverse-parsing of IDs submitted via Ajax, any multiple consecutive
- * hyphens in the originally passed $id are replaced with a single hyphen.
- *
- * @param $id
- * The ID to clean.
- *
- * @return
- * The cleaned ID.
- */
-function drupal_html_id($id) {
- // If this is an Ajax request, then content returned by this page request will
- // be merged with content already on the base page. The HTML IDs must be
- // unique for the fully merged content. Therefore, initialize $seen_ids to
- // take into account IDs that are already in use on the base page.
- $seen_ids_init = &drupal_static(__FUNCTION__ . ':init');
- if (!isset($seen_ids_init)) {
- // Ideally, Drupal would provide an API to persist state information about
- // prior page requests in the database, and we'd be able to add this
- // function's $seen_ids static variable to that state information in order
- // to have it properly initialized for this page request. However, no such
- // page state API exists, so instead, ajax.js adds all of the in-use HTML
- // IDs to the POST data of Ajax submissions. Direct use of $_POST is
- // normally not recommended as it could open up security risks, but because
- // the raw POST data is cast to a number before being returned by this
- // function, this usage is safe.
- if (empty($_POST['ajax_html_ids'])) {
- $seen_ids_init = array();
- }
- else {
- // This function ensures uniqueness by appending a counter to the base id
- // requested by the calling function after the first occurrence of that
- // requested id. $_POST['ajax_html_ids'] contains the ids as they were
- // returned by this function, potentially with the appended counter, so
- // we parse that to reconstruct the $seen_ids array.
- if (isset($_POST['ajax_html_ids'][0]) && strpos($_POST['ajax_html_ids'][0], ',') === FALSE) {
- $ajax_html_ids = $_POST['ajax_html_ids'];
- }
- else {
- // jquery.form.js may send the server a comma-separated string as the
- // first element of an array (see http://drupal.org/node/1575060), so
- // we need to convert it to an array in that case.
- $ajax_html_ids = explode(',', $_POST['ajax_html_ids'][0]);
- }
- foreach ($ajax_html_ids as $seen_id) {
- // We rely on '--' being used solely for separating a base id from the
- // counter, which this function ensures when returning an id.
- $parts = explode('--', $seen_id, 2);
- if (!empty($parts[1]) && is_numeric($parts[1])) {
- list($seen_id, $i) = $parts;
- }
- else {
- $i = 1;
- }
- if (!isset($seen_ids_init[$seen_id]) || ($i > $seen_ids_init[$seen_id])) {
- $seen_ids_init[$seen_id] = $i;
- }
- }
- }
- }
- $seen_ids = &drupal_static(__FUNCTION__, $seen_ids_init);
-
- $id = strtr(drupal_strtolower($id), array(' ' => '-', '_' => '-', '[' => '-', ']' => ''));
-
- // As defined in http://www.w3.org/TR/html4/types.html#type-name, HTML IDs can
- // only contain letters, digits ([0-9]), hyphens ("-"), underscores ("_"),
- // colons (":"), and periods ("."). We strip out any character not in that
- // list. Note that the CSS spec doesn't allow colons or periods in identifiers
- // (http://www.w3.org/TR/CSS21/syndata.html#characters), so we strip those two
- // characters as well.
- $id = preg_replace('/[^A-Za-z0-9\-_]/', '', $id);
-
- // Removing multiple consecutive hyphens.
- $id = preg_replace('/\-+/', '-', $id);
- // Ensure IDs are unique by appending a counter after the first occurrence.
- // The counter needs to be appended with a delimiter that does not exist in
- // the base ID. Requiring a unique delimiter helps ensure that we really do
- // return unique IDs and also helps us re-create the $seen_ids array during
- // Ajax requests.
- if (isset($seen_ids[$id])) {
- $id = $id . '--' . ++$seen_ids[$id];
- }
- else {
- $seen_ids[$id] = 1;
- }
-
- return $id;
-}
-
-/**
- * Provides a standard HTML class name that identifies a page region.
- *
- * It is recommended that template preprocess functions apply this class to any
- * page region that is output by the theme (Drupal core already handles this in
- * the standard template preprocess implementation). Standardizing the class
- * names in this way allows modules to implement certain features, such as
- * drag-and-drop or dynamic Ajax loading, in a theme-independent way.
- *
- * @param $region
- * The name of the page region (for example, 'page_top' or 'content').
- *
- * @return
- * An HTML class that identifies the region (for example, 'region-page-top'
- * or 'region-content').
- *
- * @see template_preprocess_region()
- */
-function drupal_region_class($region) {
- return drupal_html_class("region-$region");
-}
-
-/**
- * Adds a JavaScript file, setting, or inline code to the page.
- *
- * The behavior of this function depends on the parameters it is called with.
- * Generally, it handles the addition of JavaScript to the page, either as
- * reference to an existing file or as inline code. The following actions can be
- * performed using this function:
- * - Add a file ('file'): Adds a reference to a JavaScript file to the page.
- * - Add inline JavaScript code ('inline'): Executes a piece of JavaScript code
- * on the current page by placing the code directly in the page (for example,
- * to tell the user that a new message arrived, by opening a pop up, alert
- * box, etc.). This should only be used for JavaScript that cannot be executed
- * from a file. When adding inline code, make sure that you are not relying on
- * $() being the jQuery function. Wrap your code in
- * @code (function ($) {... })(jQuery); @endcode
- * or use jQuery() instead of $().
- * - Add external JavaScript ('external'): Allows the inclusion of external
- * JavaScript files that are not hosted on the local server. Note that these
- * external JavaScript references do not get aggregated when preprocessing is
- * on.
- * - Add settings ('setting'): Adds settings to Drupal's global storage of
- * JavaScript settings. Per-page settings are required by some modules to
- * function properly. All settings will be accessible at Drupal.settings.
- *
- * Examples:
- * @code
- * drupal_add_js('misc/collapse.js');
- * drupal_add_js('misc/collapse.js', 'file');
- * drupal_add_js('jQuery(document).ready(function () { alert("Hello!"); });', 'inline');
- * drupal_add_js('jQuery(document).ready(function () { alert("Hello!"); });',
- * array('type' => 'inline', 'scope' => 'footer', 'weight' => 5)
- * );
- * drupal_add_js('http://example.com/example.js', 'external');
- * drupal_add_js(array('myModule' => array('key' => 'value')), 'setting');
- * @endcode
- *
- * Calling drupal_static_reset('drupal_add_js') will clear all JavaScript added
- * so far.
- *
- * If JavaScript aggregation is enabled, all JavaScript files added with
- * $options['preprocess'] set to TRUE will be merged into one aggregate file.
- * Preprocessed inline JavaScript will not be aggregated into this single file.
- * Externally hosted JavaScripts are never aggregated.
- *
- * The reason for aggregating the files is outlined quite thoroughly here:
- * http://www.die.net/musings/page_load_time/ "Load fewer external objects. Due
- * to request overhead, one bigger file just loads faster than two smaller ones
- * half its size."
- *
- * $options['preprocess'] should be only set to TRUE when a file is required for
- * all typical visitors and most pages of a site. It is critical that all
- * preprocessed files are added unconditionally on every page, even if the
- * files are not needed on a page. This is normally done by calling
- * drupal_add_js() in a hook_init() implementation.
- *
- * Non-preprocessed files should only be added to the page when they are
- * actually needed.
- *
- * @param $data
- * (optional) If given, the value depends on the $options parameter, or
- * $options['type'] if $options is passed as an associative array:
- * - 'file': Path to the file relative to base_path().
- * - 'inline': The JavaScript code that should be placed in the given scope.
- * - 'external': The absolute path to an external JavaScript file that is not
- * hosted on the local server. These files will not be aggregated if
- * JavaScript aggregation is enabled.
- * - 'setting': An associative array with configuration options. The array is
- * merged directly into Drupal.settings. All modules should wrap their
- * actual configuration settings in another variable to prevent conflicts in
- * the Drupal.settings namespace. Items added with a string key will replace
- * existing settings with that key; items with numeric array keys will be
- * added to the existing settings array.
- * @param $options
- * (optional) A string defining the type of JavaScript that is being added in
- * the $data parameter ('file'/'setting'/'inline'/'external'), or an
- * associative array. JavaScript settings should always pass the string
- * 'setting' only. Other types can have the following elements in the array:
- * - type: The type of JavaScript that is to be added to the page. Allowed
- * values are 'file', 'inline', 'external' or 'setting'. Defaults
- * to 'file'.
- * - scope: The location in which you want to place the script. Possible
- * values are 'header' or 'footer'. If your theme implements different
- * regions, you can also use these. Defaults to 'header'.
- * - group: A number identifying the group in which to add the JavaScript.
- * Available constants are:
- * - JS_LIBRARY: Any libraries, settings, or jQuery plugins.
- * - JS_DEFAULT: Any module-layer JavaScript.
- * - JS_THEME: Any theme-layer JavaScript.
- * The group number serves as a weight: JavaScript within a lower weight
- * group is presented on the page before JavaScript within a higher weight
- * group.
- * - every_page: For optimal front-end performance when aggregation is
- * enabled, this should be set to TRUE if the JavaScript is present on every
- * page of the website for users for whom it is present at all. This
- * defaults to FALSE. It is set to TRUE for JavaScript files that are added
- * via module and theme .info files. Modules that add JavaScript within
- * hook_init() implementations, or from other code that ensures that the
- * JavaScript is added to all website pages, should also set this flag to
- * TRUE. All JavaScript files within the same group and that have the
- * 'every_page' flag set to TRUE and do not have 'preprocess' set to FALSE
- * are aggregated together into a single aggregate file, and that aggregate
- * file can be reused across a user's entire site visit, leading to faster
- * navigation between pages. However, JavaScript that is only needed on
- * pages less frequently visited, can be added by code that only runs for
- * those particular pages, and that code should not set the 'every_page'
- * flag. This minimizes the size of the aggregate file that the user needs
- * to download when first visiting the website. JavaScript without the
- * 'every_page' flag is aggregated into a separate aggregate file. This
- * other aggregate file is likely to change from page to page, and each new
- * aggregate file needs to be downloaded when first encountered, so it
- * should be kept relatively small by ensuring that most commonly needed
- * JavaScript is added to every page.
- * - weight: A number defining the order in which the JavaScript is added to
- * the page relative to other JavaScript with the same 'scope', 'group',
- * and 'every_page' value. In some cases, the order in which the JavaScript
- * is presented on the page is very important. jQuery, for example, must be
- * added to the page before any jQuery code is run, so jquery.js uses the
- * JS_LIBRARY group and a weight of -20, jquery.once.js (a library drupal.js
- * depends on) uses the JS_LIBRARY group and a weight of -19, drupal.js uses
- * the JS_LIBRARY group and a weight of -1, other libraries use the
- * JS_LIBRARY group and a weight of 0 or higher, and all other scripts use
- * one of the other group constants. The exact ordering of JavaScript is as
- * follows:
- * - First by scope, with 'header' first, 'footer' last, and any other
- * scopes provided by a custom theme coming in between, as determined by
- * the theme.
- * - Then by group.
- * - Then by the 'every_page' flag, with TRUE coming before FALSE.
- * - Then by weight.
- * - Then by the order in which the JavaScript was added. For example, all
- * else being the same, JavaScript added by a call to drupal_add_js() that
- * happened later in the page request gets added to the page after one for
- * which drupal_add_js() happened earlier in the page request.
- * - requires_jquery: Set this to FALSE if the JavaScript you are adding does
- * not have a dependency on jQuery. Defaults to TRUE, except for JavaScript
- * settings where it defaults to FALSE. This is used on sites that have the
- * 'javascript_always_use_jquery' variable set to FALSE; on those sites, if
- * all the JavaScript added to the page by drupal_add_js() does not have a
- * dependency on jQuery, then for improved front-end performance Drupal
- * will not add jQuery and related libraries and settings to the page.
- * - defer: If set to TRUE, the defer attribute is set on the