--- includes/common.inc 2006-07-19 02:00:10.000000000 -0700 +++ includes/common.inc 2006-07-27 20:47:48.000000000 -0700 @@ -1018,7 +1018,10 @@ function url($path = NULL, $query = NULL // The special path '' links to the default front page. if (!empty($path) && $path != '') { - $path = drupal_get_path_alias($path); + // disallow paths that cannot be aliased + if (drupal_alias_allowed($path)) { + $path = drupal_get_path_alias($path); + } $path = drupal_urlencode($path); if (!$clean_url) { if (isset($query)) { @@ -1047,6 +1050,28 @@ function url($path = NULL, $query = NULL } } +/** + * Check a path to see if it can be aliased. + * @param $path + * The Drupal path being linked to, such as "admin/node", or an existing URL + * like "http://drupal.org/". + * @return + * Boolean TRUE if the alias is allowed. + * FALSE if disallowed. + **/ + +function drupal_alias_allowed($path) { + $allowed = variable_get('path_aliases_allowed', array('node' => 'node', 'user' => 'user')); + $lookup = explode('/', $path); + $root = $lookup[0]; + if (empty($allowed) || $path == $_GET['q'] || $allowed[$root[0]] != '0') { + return TRUE; + } + else { + return FALSE; + } +} + /** * Format an attribute string to insert in a tag. * --- modules/path/path.module 2006-07-10 12:27:52.000000000 -0700 +++ modules/path/path.module 2006-07-28 21:06:16.000000000 -0700 @@ -67,6 +67,10 @@ function path_menu($may_cache) { 'callback' => 'path_admin_edit', 'access' => user_access('administer url aliases'), 'type' => MENU_LOCAL_TASK); + $items[] = array('path' => 'admin/path/configure', 'title' => t('configure aliases'), + 'callback' => 'path_admin_configure', + 'access' => user_access('administer url aliases'), + 'type' => MENU_LOCAL_TASK); } return $items; @@ -130,6 +134,30 @@ function path_admin_delete($pid = 0) { } +/** + * Allow/disallow settings for path aliasing + */ +function path_admin_configure() { + $ignore = array('rss.xml', 'system', 'logout'); + $allowed = variable_get('path_aliases_allowed', array('node' => 'node', 'user' => 'user')); + $path_list = array(); + $menu = menu_get_menu(); + foreach ($menu['items'] as $path) { + $root = explode("/", $path['path']); + if (!empty($root[0]) && !in_array($root[0], $path_list) && !in_array($root[0], $ignore)) { + $path_list[] = $root[0]; + } + } + $paths = drupal_map_assoc($path_list); + natcasesort($paths); + $form['path_aliases_allowed'] = array( + '#type' => 'checkboxes', '#title' => t('Select the paths that can be aliased.'), '#default_value' => $allowed, + '#options' => $paths, + '#description' => t('To eliminate database overhead, only paths whose root matches the items in the above list can be aliased. Enter each root path on a separate line, with neither a forward nor a trailing slash.') + ); + + return system_settings_form('path_admin_configure', $form); +} /** * Set an aliased path for a given Drupal path, preventing duplicates.