diff --git a/core/modules/block/block.module b/core/modules/block/block.module index 74a811b..9900f44 100644 --- a/core/modules/block/block.module +++ b/core/modules/block/block.module @@ -124,6 +124,133 @@ function _block_rehash($theme = NULL) { /** * Initializes blocks for installed themes. + * Returns information from database about a user-created (custom) block. + * + * @param $bid + * ID of the block to get information for. + * + * @return + * Associative array of information stored in the database for this block. + * Array keys: + * - bid: Block ID. + * - info: Block description. + * - body: Block contents. + * - format: Filter ID of the filter format for the body. + */ +function block_custom_block_get($bid) { + return db_query("SELECT * FROM {block_custom} WHERE bid = :bid", array(':bid' => $bid))->fetchAssoc(); +} + +/** + * Form constructor for the custom block form. + * + * @param $edit + * (optional) An associative array of information retrieved by + * block_custom_get_block() if an existing block is being edited, or an empty + * array otherwise. Defaults to array(). + * + * @ingroup forms + */ +function block_custom_block_form($edit = array()) { + $edit += array( + 'info' => '', + 'body' => '', + ); + $form['info'] = array( + '#type' => 'textfield', + '#title' => t('Block description'), + '#default_value' => $edit['info'], + '#maxlength' => 64, + '#description' => t('A brief description of your block. Used on the Blocks administration page.', array('@overview' => url('admin/structure/block'))), + '#required' => TRUE, + '#weight' => -18, + ); + $form['body_field']['#weight'] = -17; + $form['body_field']['body'] = array( + '#type' => 'text_format', + '#title' => t('Block body'), + '#default_value' => $edit['body'], + '#format' => isset($edit['format']) ? $edit['format'] : NULL, + '#rows' => 15, + '#description' => t('The content of the block as shown to the user.'), + '#required' => TRUE, + '#weight' => -17, + ); + + return $form; +} + +/** + * Saves a user-created block in the database. + * + * @param $edit + * Associative array of fields to save. Array keys: + * - info: Block description. + * - body: Associative array of body value and format. Array keys: + * - value: Block contents. + * - format: Filter ID of the filter format for the body. + * @param $delta + * Block ID of the block to save. + * + * @return + * Always returns TRUE. + */ +function block_custom_block_save($edit, $delta) { + db_update('block_custom') + ->fields(array( + 'body' => $edit['body']['value'], + 'info' => $edit['info'], + 'format' => $edit['body']['format'], + )) + ->condition('bid', $delta) + ->execute(); + return TRUE; +} + +/** + * Implements hook_form_FORM_ID_alter() for user_profile_form(). + */ +function block_form_user_profile_form_alter(&$form, &$form_state) { + $account = $form['#user']; + $rids = array_keys($account->roles); + $result = db_query("SELECT DISTINCT b.* FROM {block} b LEFT JOIN {block_role} r ON b.module = r.module AND b.delta = r.delta WHERE b.status = 1 AND b.custom <> 0 AND (r.rid IN (:rids) OR r.rid IS NULL) ORDER BY b.weight, b.module", array(':rids' => $rids)); + + $blocks = array(); + foreach ($result as $block) { + $data = module_invoke($block->module, 'block_info'); + if ($data[$block->delta]['info']) { + $blocks[$block->module][$block->delta] = array( + '#type' => 'checkbox', + '#title' => check_plain($data[$block->delta]['info']), + '#default_value' => isset($account->data['block'][$block->module][$block->delta]) ? $account->data['block'][$block->module][$block->delta] : ($block->custom == 1), + ); + } + } + // Only display the fieldset if there are any personalizable blocks. + if ($blocks) { + $form['block'] = array( + '#type' => 'fieldset', + '#title' => t('Personalize blocks'), + '#description' => t('Blocks consist of content or information that complements the main content of the page. Enable or disable optional blocks using the checkboxes below.'), + '#weight' => 3, + '#tree' => TRUE, + '#group' => 'user_settings', + ); + $form['block'] += $blocks; + } +} + +/** + * Implements hook_user_presave(). + */ +function block_user_presave(&$edit, $account) { + if (isset($edit['block'])) { + $edit['data']['block'] = $edit['block']; + } +} + +/** + * Initializes blocks for enabled themes. * * @param $theme_list * An array of theme names. diff --git a/core/modules/contact/contact.module b/core/modules/contact/contact.module index 110a6e4..3f5cb48 100644 --- a/core/modules/contact/contact.module +++ b/core/modules/contact/contact.module @@ -173,6 +173,7 @@ function contact_form_user_form_alter(&$form, FormStateInterface $form_state) { '#title' => t('Contact settings'), '#open' => TRUE, '#weight' => 5, + '#group' => 'user_settings', ); $account = $form_state->getFormObject()->getEntity(); if (!\Drupal::currentUser()->isAnonymous() && $account->id()) { diff --git a/core/modules/overlay/overlay.module b/core/modules/overlay/overlay.module new file mode 100644 index 0000000..53c43a8 --- /dev/null +++ b/core/modules/overlay/overlay.module @@ -0,0 +1,978 @@ +' . t('About') . ''; + $output .= '

' . t('The Overlay module makes the administration pages on your site display in a JavaScript overlay of the page you were viewing when you clicked the administrative link, instead of replacing the page in your browser window. Use the close link on the overlay to return to the page you were viewing when you clicked the link. For more information, see the online handbook entry for Overlay module.', array('@overlay' => 'http://drupal.org/handbook/modules/overlay')) . '

'; + return $output; + } +} + +/** + * Implements hook_menu(). + */ +function overlay_menu() { + $items['overlay-ajax/%'] = array( + 'title' => '', + 'page callback' => 'overlay_ajax_render_region', + 'page arguments' => array(1), + 'access arguments' => array('access overlay'), + 'type' => MENU_CALLBACK, + ); + $items['overlay/dismiss-message'] = array( + 'title' => '', + 'page callback' => 'overlay_user_dismiss_message', + 'access arguments' => array('access overlay'), + 'type' => MENU_CALLBACK, + ); + return $items; +} + +/** + * Implements hook_admin_paths(). + */ +function overlay_admin_paths() { + $paths = array( + // This is marked as an administrative path so that if it is visited from + // within the overlay, the user will stay within the overlay while the + // callback is being processed. + 'overlay/dismiss-message' => TRUE, + ); + return $paths; +} + +/** + * Implements hook_permission(). + */ +function overlay_permission() { + return array( + 'access overlay' => array( + 'title' => t('Access the administrative overlay'), + 'description' => t('View administrative pages in the overlay.'), + ), + ); +} + +/** + * Implements hook_theme(). + */ +function overlay_theme() { + return array( + 'overlay' => array( + 'render element' => 'page', + 'template' => 'overlay', + ), + 'overlay_disable_message' => array( + 'render element' => 'element', + ), + ); +} + +/** + * Implements hook_form_FORM_ID_alter(). + */ +function overlay_form_user_profile_form_alter(&$form, &$form_state) { + $account = $form['#user']; + if (user_access('access overlay', $account)) { + $form['overlay_control'] = array( + '#type' => 'fieldset', + '#title' => t('Administrative overlay'), + '#weight' => 50, + '#group' => 'user_settings', + '#attributes' => array( + 'class' => array('user-form-administrative-overlay'), + ), + '#attached' => array( + 'js' => array(drupal_get_path('module', 'user') . '/user.js'), + ), + ); + $form['overlay_control']['overlay'] = array( + '#type' => 'checkbox', + '#title' => t('Use the overlay for administrative pages.'), + '#description' => t('Show administrative pages on top of the page you started from.'), + '#default_value' => isset($account->data['overlay']) ? $account->data['overlay'] : 1, + ); + } +} + +/** + * Implements hook_user_presave(). + */ +function overlay_user_presave(&$edit, $account) { + if (isset($edit['overlay'])) { + $edit['data']['overlay'] = $edit['overlay']; + } +} + +/** + * Implements hook_init(). + * + * Determine whether the current page request is destined to appear in the + * parent window or in the overlay window, and format the page accordingly. + * + * @see overlay_set_mode() + */ +function overlay_init() { + global $user; + + $mode = overlay_get_mode(); + + // Only act if the user has access to the overlay and a mode was not already + // set. Other modules can also enable the overlay directly for other uses. + $use_overlay = !isset($user->data['overlay']) || $user->data['overlay']; + if (empty($mode) && user_access('access overlay') && $use_overlay) { + $current_path = current_path(); + // After overlay is enabled on the modules page, redirect to + // #overlay=admin/modules to actually enable the overlay. + if (isset($_SESSION['overlay_enable_redirect']) && $_SESSION['overlay_enable_redirect']) { + unset($_SESSION['overlay_enable_redirect']); + drupal_goto('', array('fragment' => 'overlay=' . $current_path)); + } + + if (isset($_GET['render']) && $_GET['render'] == 'overlay') { + // If a previous page requested that we close the overlay, close it and + // redirect to the final destination. + if (isset($_SESSION['overlay_close_dialog'])) { + call_user_func_array('overlay_close_dialog', $_SESSION['overlay_close_dialog']); + unset($_SESSION['overlay_close_dialog']); + } + // If this page shouldn't be rendered inside the overlay, redirect to the + // parent. + elseif (!path_is_admin($current_path)) { + overlay_close_dialog($current_path, array('query' => drupal_get_query_parameters(NULL, array('q', 'render')))); + } + + // Indicate that we are viewing an overlay child page. + overlay_set_mode('child'); + + // Unset the render parameter to avoid it being included in URLs on the page. + unset($_GET['render']); + } + // Do not enable the overlay if we already are on an admin page. + elseif (!path_is_admin($current_path)) { + // Otherwise add overlay parent code and our behavior. + overlay_set_mode('parent'); + } + } +} + +/** + * Implements hook_exit(). + * + * When viewing an overlay child page, check if we need to trigger a refresh of + * the supplemental regions of the overlay on the next page request. + */ +function overlay_exit() { + // Check that we are in an overlay child page. Note that this should never + // return TRUE on a cached page view, since the child mode is not set until + // overlay_init() is called. + if (overlay_get_mode() == 'child') { + // Load any markup that was stored earlier in the page request, via calls + // to overlay_store_rendered_content(). If none was stored, this is not a + // page request where we expect any changes to the overlay supplemental + // regions to have occurred, so we do not need to proceed any further. + $original_markup = overlay_get_rendered_content(); + if (!empty($original_markup)) { + // Compare the original markup to the current markup that we get from + // rendering each overlay supplemental region now. If they don't match, + // something must have changed, so we request a refresh of that region + // within the parent window on the next page request. + foreach (overlay_supplemental_regions() as $region) { + if (!isset($original_markup[$region]) || $original_markup[$region] != overlay_render_region($region)) { + overlay_request_refresh($region); + } + } + } + } +} + +/** + * Implements hook_library_info(). + */ +function overlay_library_info() { + $module_path = drupal_get_path('module', 'overlay'); + + // Overlay parent. + $libraries['parent'] = array( + 'title' => 'Overlay: Parent', + 'website' => 'http://drupal.org/handbook/modules/overlay', + 'version' => '1.0', + 'js' => array( + $module_path . '/overlay-parent.js' => array(), + ), + 'css' => array( + $module_path . '/overlay-parent.css' => array(), + ), + 'dependencies' => array( + array('system', 'ui'), + array('system', 'jquery.bbq'), + ), + ); + // Overlay child. + $libraries['child'] = array( + 'title' => 'Overlay: Child', + 'website' => 'http://drupal.org/handbook/modules/overlay', + 'version' => '1.0', + 'js' => array( + $module_path . '/overlay-child.js' => array(), + ), + 'css' => array( + $module_path . '/overlay-child.css' => array(), + ), + ); + + return $libraries; +} + +/** + * Implements hook_drupal_goto_alter(). + */ +function overlay_drupal_goto_alter(&$path, &$options, &$http_response_code) { + if (overlay_get_mode() == 'child') { + // The authorize.php script bootstraps Drupal to a very low level, where + // the PHP code that is necessary to close the overlay properly will not be + // loaded. Therefore, if we are redirecting to authorize.php inside the + // overlay, instead redirect back to the current page with instructions to + // close the overlay there before redirecting to the final destination; see + // overlay_init(). + if ($path == system_authorized_get_url() || $path == system_authorized_batch_processing_url()) { + $_SESSION['overlay_close_dialog'] = array($path, $options); + $path = current_path(); + $options = drupal_get_query_parameters(); + } + + // If the current page request is inside the overlay, add ?render=overlay + // to the new path, so that it appears correctly inside the overlay. + if (isset($options['query'])) { + $options['query'] += array('render' => 'overlay'); + } + else { + $options['query'] = array('render' => 'overlay'); + } + } +} + +/** + * Implements hook_batch_alter(). + * + * If the current page request is inside the overlay, add ?render=overlay to + * the success callback URL, so that it appears correctly within the overlay. + * + * @see overlay_get_mode() + */ +function overlay_batch_alter(&$batch) { + if (overlay_get_mode() == 'child') { + if (isset($batch['url_options']['query'])) { + $batch['url_options']['query']['render'] = 'overlay'; + } + else { + $batch['url_options']['query'] = array('render' => 'overlay'); + } + } +} + +/** + * Implements hook_page_alter(). + */ +function overlay_page_alter(&$page) { + // If we are limiting rendering to a subset of page regions, deny access to + // all other regions so that they will not be processed. + if ($regions_to_render = overlay_get_regions_to_render()) { + $skipped_regions = array_diff(element_children($page), $regions_to_render); + foreach ($skipped_regions as $skipped_region) { + $page[$skipped_region]['#access'] = FALSE; + } + } + + $mode = overlay_get_mode(); + if ($mode == 'child') { + // Add the overlay wrapper before the html wrapper. + array_unshift($page['#theme_wrappers'], 'overlay'); + } + elseif ($mode == 'parent' && ($message = overlay_disable_message())) { + $page['page_top']['disable_overlay'] = $message; + } +} + +/** + * Menu callback; dismisses the overlay accessibility message for this user. + */ +function overlay_user_dismiss_message() { + global $user; + // It's unlikely, but possible that "access overlay" permission is granted to + // the anonymous role. In this case, we do not display the message to disable + // the overlay, so there is nothing to dismiss. Also, protect against + // cross-site request forgeries by validating a token. + if (empty($user->uid) || !isset($_GET['token']) || !drupal_valid_token($_GET['token'], 'overlay')) { + return MENU_ACCESS_DENIED; + } + else { + user_save(user_load($user->uid), array('data' => array('overlay_message_dismissed' => 1))); + drupal_set_message(t('The message has been dismissed. You can change your overlay settings at any time by visiting your profile page.')); + // Destination is normally given. Go to the user profile as a fallback. + drupal_goto('user/' . $user->uid . '/edit'); + } +} + +/** + * Returns a renderable array representing a message for disabling the overlay. + * + * If the current user can access the overlay and has not previously indicated + * that this message should be dismissed, this function returns a message + * containing a link to disable the overlay. Nothing is returned for anonymous + * users, because the links control per-user settings. Therefore, because some + * screen readers are unable to properly read overlay contents, site builders + * are discouraged from granting the "access overlay" permission to the + * anonymous role. See http://drupal.org/node/890284. + */ +function overlay_disable_message() { + global $user; + + if (!empty($user->uid) && empty($user->data['overlay_message_dismissed']) && (!isset($user->data['overlay']) || $user->data['overlay']) && user_access('access overlay')) { + $build = array( + '#theme' => 'overlay_disable_message', + '#weight' => -99, + // Link to the user's profile page, where the overlay can be disabled. + 'profile_link' => array( + '#type' => 'link', + '#title' => t('If you have problems accessing administrative pages on this site, disable the overlay on your profile page.'), + '#href' => 'user/' . $user->uid . '/edit', + '#options' => array( + 'query' => drupal_get_destination(), + 'fragment' => 'edit-overlay-control', + 'attributes' => array( + 'id' => 'overlay-profile-link', + // Prevent the target page from being opened in the overlay. + 'class' => array('overlay-exclude'), + ), + ), + ), + // Link to a menu callback that allows this message to be permanently + // dismissed for the current user. + 'dismiss_message_link' => array( + '#type' => 'link', + '#title' => t('Dismiss this message.'), + '#href' => 'overlay/dismiss-message', + '#options' => array( + 'query' => drupal_get_destination() + array( + // Add a token to protect against cross-site request forgeries. + 'token' => drupal_get_token('overlay'), + ), + 'attributes' => array( + 'id' => 'overlay-dismiss-message', + // If this message is being displayed outside the overlay, prevent + // this link from opening the overlay. + 'class' => (overlay_get_mode() == 'parent') ? array('overlay-exclude') : array(), + ), + ), + ) + ); + } + else { + $build = array(); + } + + return $build; +} + +/** + * Returns the HTML for the message about how to disable the overlay. + * + * @see overlay_disable_message() + */ +function theme_overlay_disable_message($variables) { + $element = $variables['element']; + + // Add CSS classes to hide the links from most sighted users, while keeping + // them accessible to screen-reader users and keyboard-only users. To assist + // screen-reader users, this message appears in both the parent and child + // documents, but only the one in the child document is part of the tab order. + foreach (array('profile_link', 'dismiss_message_link') as $key) { + $element[$key]['#options']['attributes']['class'][] = 'element-invisible'; + if (overlay_get_mode() == 'child') { + $element[$key]['#options']['attributes']['class'][] = 'element-focusable'; + } + } + + // Render the links. + $output = drupal_render($element['profile_link']) . ' ' . drupal_render($element['dismiss_message_link']); + + // Add a heading for screen-reader users. The heading doesn't need to be seen + // by sighted users. + $output = '

' . t('Options for the administrative overlay') . '

' . $output; + + // Wrap in a container for styling. + $output = '
' . $output . '
'; + + return $output; +} + +/** + * Implements hook_block_list_alter(). + */ +function overlay_block_list_alter(&$blocks) { + // If we are limiting rendering to a subset of page regions, hide all blocks + // which appear in regions not on that list. Note that overlay_page_alter() + // does a more comprehensive job of preventing unwanted regions from being + // displayed (regardless of whether they contain blocks or not), but the + // reason for duplicating effort here is performance; we do not even want + // these blocks to be built if they are not going to be displayed. + if ($regions_to_render = overlay_get_regions_to_render()) { + foreach ($blocks as $bid => $block) { + if (!in_array($block->region, $regions_to_render)) { + unset($blocks[$bid]); + } + } + } +} + +/** + * Implements hook_system_info_alter(). + * + * Add default regions for the overlay. + */ +function overlay_system_info_alter(&$info, $file, $type) { + if ($type == 'theme') { + $info['overlay_regions'][] = 'content'; + $info['overlay_regions'][] = 'help'; + } +} + +/** + * Implements hook_preprocess_html(). + * + * If the current page request is inside the overlay, add appropriate classes + * to the element, and simplify the page title. + * + * @see overlay_get_mode() + */ +function overlay_preprocess_html(&$variables) { + if (overlay_get_mode() == 'child') { + // Add overlay class, so themes can react to being displayed in the overlay. + $variables['classes_array'][] = 'overlay'; + } +} + +/** + * Implements hook_preprocess_maintenance_page(). + * + * If the current page request is inside the overlay, add appropriate classes + * to the element, and simplify the page title. + * + * @see overlay_preprocess_maintenance_page() + */ +function overlay_preprocess_maintenance_page(&$variables) { + overlay_preprocess_html($variables); +} + +/** + * Preprocesses template variables for overlay.tpl.php + * + * @see overlay.tpl.php + */ +function template_preprocess_overlay(&$variables) { + $variables['tabs'] = menu_primary_local_tasks(); + $variables['title'] = drupal_get_title(); + $variables['disable_overlay'] = overlay_disable_message(); + $variables['content_attributes_array']['class'][] = 'clearfix'; +} + +/** + * Processes variables for overlay.tpl.php + * + * @see template_preprocess_overlay() + * @see overlay.tpl.php + */ +function template_process_overlay(&$variables) { + // Place the rendered HTML for the page body into a top level variable. + $variables['page'] = $variables['page']['#children']; +} + +/** + * Implements hook_preprocess_page(). + * + * Hide tabs inside the overlay. + * + * @see overlay_get_mode() + */ +function overlay_preprocess_page(&$variables) { + if (overlay_get_mode() == 'child') { + unset($variables['tabs']['#primary']); + } +} + +/** + * Callback to request that the overlay display an empty page. + * + * This is used to prevent a page request which closes the overlay (for + * example, a form submission) from being fully re-rendered before the overlay + * is closed. Instead, we store a variable which will cause the page to be + * rendered by a delivery callback function that does not actually print + * visible HTML (but rather only the bare minimum scripts and styles necessary + * to trigger the overlay to close), thereby allowing the dialog to be closed + * faster and with less interruption, and also allowing the display of messages + * to be deferred to the parent window (rather than displaying them in the + * child window, which will close before the user has had a chance to read + * them). + * + * @param $value + * By default, an empty page will not be displayed. Set to TRUE to request + * an empty page display, or FALSE to disable the empty page display (if it + * was previously enabled on this page request). + * + * @return + * TRUE if the current behavior is to display an empty page, or FALSE if not. + * + * @see overlay_page_delivery_callback_alter() + */ +function overlay_display_empty_page($value = NULL) { + $display_empty_page = &drupal_static(__FUNCTION__, FALSE); + if (isset($value)) { + $display_empty_page = $value; + } + return $display_empty_page; +} + +/** + * Implements hook_page_delivery_callback_alter(). + */ +function overlay_page_delivery_callback_alter(&$callback) { + if (overlay_display_empty_page()) { + $callback = 'overlay_deliver_empty_page'; + } +} + +/** + * Delivery callback to display an empty page. + * + * This function is used to print out a bare minimum empty page which still has + * the scripts and styles necessary in order to trigger the overlay to close. + */ +function overlay_deliver_empty_page() { + $empty_page = '' . drupal_get_css() . drupal_get_js() . ''; + print $empty_page; + drupal_exit(); +} + +/** + * Get the current overlay mode. + * + * @see overlay_set_mode() + */ +function overlay_get_mode() { + return overlay_set_mode(NULL); +} + +/** + * Sets the overlay mode and adds proper JavaScript and styles to the page. + * + * Note that since setting the overlay mode triggers a variety of behaviors + * (including hooks being invoked), it can only be done once per page request. + * Therefore, the first call to this function which passes along a value of the + * $mode parameter controls the overlay mode that will be used. + * + * @param $mode + * To set the mode, pass in one of the following values: + * - 'parent': This is used in the context of a parent window (a regular + * browser window). If set, JavaScript is added so that administrative + * links in the parent window will open in an overlay. + * - 'child': This is used in the context of the child overlay window (the + * page actually appearing within the overlay iframe). If set, JavaScript + * and CSS are added so that Drupal behaves nicely from within the overlay. + * - 'none': This is used to avoid adding any overlay-related code to the + * page at all. Modules can set this to explicitly prevent the overlay from + * being used. For example, since the overlay module itself sets the mode + * to 'parent' or 'child' in overlay_init() when certain conditions are + * met, other modules which want to override that behavior can do so by + * setting the mode to 'none' earlier in the page request - e.g., in their + * own hook_init() implementations, if they have a lower weight. + * This parameter is optional, and if omitted, the current mode will be + * returned with no action taken. + * + * @return + * The current mode, if any has been set, or NULL if no mode has been set. + * + * @ingroup overlay_api + * @see overlay_init() + */ +function overlay_set_mode($mode = NULL) { + global $base_path; + $overlay_mode = &drupal_static(__FUNCTION__); + + // Make sure external resources are not included more than once. Also return + // the current mode, if no mode was specified. + if (isset($overlay_mode) || !isset($mode)) { + return $overlay_mode; + } + $overlay_mode = $mode; + + switch ($overlay_mode) { + case 'parent': + drupal_add_library('overlay', 'parent'); + + // Allow modules to act upon overlay events. + module_invoke_all('overlay_parent_initialize'); + break; + + case 'child': + drupal_add_library('overlay', 'child'); + + // Allow modules to act upon overlay events. + module_invoke_all('overlay_child_initialize'); + break; + } + return $overlay_mode; +} + +/** + * Implements hook_overlay_parent_initialize(). + */ +function overlay_overlay_parent_initialize() { + // Let the client side know which paths are administrative. + $paths = path_get_admin_paths(); + foreach ($paths as &$type) { + $type = str_replace('', variable_get('site_frontpage', 'node'), $type); + } + drupal_add_js(array('overlay' => array('paths' => $paths)), 'setting'); + // Pass along the Ajax callback for rerendering sections of the parent window. + drupal_add_js(array('overlay' => array('ajaxCallback' => 'overlay-ajax')), 'setting'); +} + +/** + * Implements hook_overlay_child_initialize(). + */ +function overlay_overlay_child_initialize() { + // Check if the parent window needs to refresh any page regions on this page + // request. + overlay_trigger_refresh(); + // If this is a POST request, or a GET request with a token parameter, we + // have an indication that something in the supplemental regions of the + // overlay might change during the current page request. We therefore store + // the initial rendered content of those regions here, so that we can compare + // it to the same content rendered in overlay_exit(), at the end of the page + // request. This allows us to check if anything actually did change, and, if + // so, trigger an immediate Ajax refresh of the parent window. + if (!empty($_POST) || isset($_GET['token'])) { + foreach (overlay_supplemental_regions() as $region) { + overlay_store_rendered_content($region, overlay_render_region($region)); + } + // In addition, notify the parent window that when the overlay closes, + // the entire parent window should be refreshed. + overlay_request_page_refresh(); + } + // Indicate that when the main page rendering occurs later in the page + // request, only the regions that appear within the overlay should be + // rendered. + overlay_set_regions_to_render(overlay_regions()); +} + +/** + * Callback to request that the overlay close as soon as the page is displayed. + * + * @param $redirect + * (optional) The path that should open in the parent window after the + * overlay closes. If not set, no redirect will be performed on the parent + * window. + * @param $redirect_options + * (optional) An associative array of options to use when generating the + * redirect URL. + */ +function overlay_close_dialog($redirect = NULL, $redirect_options = array()) { + $settings = array( + 'overlayChild' => array( + 'closeOverlay' => TRUE, + ), + ); + + // Tell the child window to perform the redirection when requested to. + if (isset($redirect)) { + $settings['overlayChild']['redirect'] = url($redirect, $redirect_options); + } + + drupal_add_js($settings, array('type' => 'setting')); + + // Since we are closing the overlay as soon as the page is displayed, we do + // not want to show any of the page's actual content. + overlay_display_empty_page(TRUE); +} + +/** + * Returns a list of page regions that appear in the overlay. + * + * Overlay regions correspond to the entire contents of the overlay child + * window and are refreshed each time a new page request is made within the + * overlay. + * + * @return + * An array of region names that correspond to those which appear in the + * overlay, within the theme that is being used to display the current page. + * + * @see overlay_supplemental_regions() + */ +function overlay_regions() { + return _overlay_region_list('overlay_regions'); +} + +/** + * Returns a list of supplemental page regions for the overlay. + * + * Supplemental overlay regions are those which are technically part of the + * parent window, but appear to the user as being related to the overlay + * (usually because they are displayed next to, rather than underneath, the + * main overlay regions) and therefore need to be dynamically refreshed if any + * administrative actions taken within the overlay change their contents. + * + * An example of a typical overlay supplemental region would be the 'page_top' + * region, in the case where a toolbar is being displayed there. + * + * @return + * An array of region names that correspond to supplemental overlay regions, + * within the theme that is being used to display the current page. + * + * @see overlay_regions() + */ +function overlay_supplemental_regions() { + return _overlay_region_list('overlay_supplemental_regions'); +} + +/** + * Helper function for returning a list of page regions related to the overlay. + * + * @param $type + * The type of regions to return. This can either be 'overlay_regions' or + * 'overlay_supplemental_regions'. + * + * @return + * An array of region names of the given type, within the theme that is being + * used to display the current page. + * + * @see overlay_regions() + * @see overlay_supplemental_regions() + */ +function _overlay_region_list($type) { + // Obtain the current theme. We need to first make sure the theme system is + // initialized, since this function can be called early in the page request. + drupal_theme_initialize(); + $themes = list_themes(); + $theme = $themes[$GLOBALS['theme']]; + // Return the list of regions stored within the theme's info array, or an + // empty array if no regions of the appropriate type are defined. + return !empty($theme->info[$type]) ? $theme->info[$type] : array(); +} + +/** + * Returns a list of page regions that rendering should be limited to. + * + * @return + * An array containing the names of the regions that will be rendered when + * drupal_render_page() is called. If empty, then no limits will be imposed, + * and all regions of the page will be rendered. + * + * @see overlay_page_alter() + * @see overlay_block_list_alter() + * @see overlay_set_regions_to_render() + */ +function overlay_get_regions_to_render() { + return overlay_set_regions_to_render(); +} + +/** + * Sets the regions of the page that rendering will be limited to. + * + * @param $regions + * (Optional) An array containing the names of the regions that should be + * rendered when drupal_render_page() is called. Pass in an empty array to + * remove all limits and cause drupal_render_page() to render all page + * regions (the default behavior). If this parameter is omitted, no change + * will be made to the current list of regions to render. + * + * @return + * The current list of regions to render, or an empty array if the regions + * are not being limited. + * + * @see overlay_page_alter() + * @see overlay_block_list_alter() + * @see overlay_get_regions_to_render() + */ +function overlay_set_regions_to_render($regions = NULL) { + $regions_to_render = &drupal_static(__FUNCTION__, array()); + if (isset($regions)) { + $regions_to_render = $regions; + } + return $regions_to_render; +} + +/** + * Renders an individual page region. + * + * This function is primarily intended to be used for checking the content of + * supplemental overlay regions (e.g., a region containing a toolbar). Passing + * in a region that is intended to display the main page content is not + * supported; the region will be rendered by this function, but the main page + * content will not appear in it. In addition, although this function returns + * the rendered HTML for the provided region, it does not place it on the final + * page, nor add any of its associated JavaScript or CSS to the page. + * + * @param $region + * The name of the page region that should be rendered. + * + * @return + * The rendered HTML of the provided region. + */ +function overlay_render_region($region) { + // Indicate the region that we will be rendering, so that other regions will + // be hidden by overlay_page_alter() and overlay_block_list_alter(). + overlay_set_regions_to_render(array($region)); + // Do what is necessary to force drupal_render_page() to only display HTML + // from the requested region. Specifically, declare that the main page + // content does not need to automatically be added to the page, and pass in + // a page array that has all theme functions removed (so that overall HTML + // for the page will not be added either). + $system_main_content_added = &drupal_static('system_main_content_added'); + $system_main_content_added = TRUE; + $page = array( + '#type' => 'page', + '#theme' => NULL, + '#theme_wrappers' => array(), + ); + // Render the region, but do not cache any JavaScript or CSS associated with + // it. This region might not be included the next time drupal_render_page() + // is called, and we do not want its JavaScript or CSS to erroneously appear + // on the final rendered page. + $original_js = drupal_add_js(); + $original_css = drupal_add_css(); + $original_libraries = drupal_static('drupal_add_library'); + $js = &drupal_static('drupal_add_js'); + $css = &drupal_static('drupal_add_css'); + $libraries = &drupal_static('drupal_add_library'); + $markup = drupal_render_page($page); + $js = $original_js; + $css = $original_css; + $libraries = $original_libraries; + // Indicate that the main page content has not, in fact, been displayed, so + // that future calls to drupal_render_page() will be able to render it + // correctly. + $system_main_content_added = FALSE; + // Restore the original behavior of rendering all regions for the next time + // drupal_render_page() is called. + overlay_set_regions_to_render(array()); + return $markup; +} + +/** + * Returns any rendered content that was stored earlier in the page request. + * + * @return + * An array of all rendered HTML that was stored earlier in the page request, + * keyed by the identifier with which it was stored. If no content was + * stored, an empty array is returned. + * + * @see overlay_store_rendered_content() + */ +function overlay_get_rendered_content() { + return overlay_store_rendered_content(); +} + +/** + * Stores strings representing rendered HTML content. + * + * This function is used to keep a static cache of rendered content that can be + * referred to later in the page request. + * + * @param $id + * (Optional) An identifier for the content which is being stored, which will + * be used as an array key in the returned array. If omitted, no change will + * be made to the current stored data. + * @param $content + * (Optional) A string representing the rendered data to store. This only has + * an effect if $id is also provided. + * + * @return + * An array representing all data that is currently being stored, or an empty + * array if there is none. + * + * @see overlay_get_rendered_content() + */ +function overlay_store_rendered_content($id = NULL, $content = NULL) { + $rendered_content = &drupal_static(__FUNCTION__, array()); + if (isset($id)) { + $rendered_content[$id] = $content; + } + return $rendered_content; +} + +/** + * Request that the parent window refresh a particular page region. + * + * @param $region + * The name of the page region to refresh. The parent window will trigger a + * refresh of this region on the next page load. + * + * @see overlay_trigger_refresh() + * @see Drupal.overlay.refreshRegions() + */ +function overlay_request_refresh($region) { + $class = drupal_region_class($region); + $_SESSION['overlay_regions_to_refresh'][] = array($class => $region); +} + +/** + * Request that the entire parent window be reloaded when the overlay closes. + * + * @see overlay_trigger_refresh() + */ +function overlay_request_page_refresh() { + $_SESSION['overlay_refresh_parent'] = TRUE; +} + +/** + * Check if the parent window needs to be refreshed on this page load. + * + * If the previous page load requested that any page regions be refreshed, or + * if it requested that the entire page be refreshed when the overlay closes, + * pass that request via JavaScript to the child window, so it can in turn pass + * the request to the parent window. + * + * @see overlay_request_refresh() + * @see overlay_request_page_refresh() + * @see Drupal.overlay.refreshRegions() + */ +function overlay_trigger_refresh() { + if (!empty($_SESSION['overlay_regions_to_refresh'])) { + $settings = array( + 'overlayChild' => array( + 'refreshRegions' => $_SESSION['overlay_regions_to_refresh'], + ), + ); + drupal_add_js($settings, array('type' => 'setting')); + unset($_SESSION['overlay_regions_to_refresh']); + } + if (!empty($_SESSION['overlay_refresh_parent'])) { + drupal_add_js(array('overlayChild' => array('refreshPage' => TRUE)), array('type' => 'setting')); + unset($_SESSION['overlay_refresh_parent']); + } +} + +/** + * Prints the markup obtained by rendering a single region of the page. + * + * This function is intended to be called via Ajax. + * + * @param $region + * The name of the page region to render. + * + * @see Drupal.overlay.refreshRegions() + */ +function overlay_ajax_render_region($region) { + print overlay_render_region($region); +} diff --git a/core/modules/system/system.module b/core/modules/system/system.module index f784b3f..0c70f81 100644 --- a/core/modules/system/system.module +++ b/core/modules/system/system.module @@ -438,9 +438,1811 @@ function system_authorized_get_url(array $options = array()) { * * @return \Drupal\Core\Url */ -function system_authorized_batch_processing_url(array $options = array()) { - $options['query'] = array('batch' => '1'); - return system_authorized_get_url($options); +function system_library_info() { + // Drupal's Ajax framework. + $libraries['drupal.ajax'] = array( + 'title' => 'Drupal AJAX', + 'website' => 'http://api.drupal.org/api/drupal/includes--ajax.inc/group/ajax/7', + 'version' => VERSION, + 'js' => array( + 'core/misc/ajax.js' => array('group' => JS_LIBRARY, 'weight' => 2), + ), + 'dependencies' => array( + array('system', 'drupal.progress'), + ), + ); + + // Drupal's batch API. + $libraries['drupal.batch'] = array( + 'title' => 'Drupal batch API', + 'version' => VERSION, + 'js' => array( + 'core/misc/batch.js' => array('group' => JS_DEFAULT, 'cache' => FALSE), + ), + 'dependencies' => array( + array('system', 'drupal.progress'), + ), + ); + + // Drupal's progress indicator. + $libraries['drupal.progress'] = array( + 'title' => 'Drupal progress indicator', + 'version' => VERSION, + 'js' => array( + 'core/misc/progress.js' => array('group' => JS_DEFAULT, 'cache' => FALSE), + ), + ); + + // Drupal's form library. + $libraries['drupal.form'] = array( + 'title' => 'Drupal form library', + 'version' => VERSION, + 'js' => array( + 'core/misc/form.js' => array('group' => JS_LIBRARY, 'weight' => 1), + ), + ); + + // Drupal's states library. + $libraries['drupal.states'] = array( + 'title' => 'Drupal states', + 'version' => VERSION, + 'js' => array( + 'core/misc/states.js' => array('group' => JS_LIBRARY, 'weight' => 1), + ), + ); + + // Drupal's collapsible fieldset. + $libraries['drupal.collapse'] = array( + 'title' => 'Drupal collapsible fieldset', + 'version' => VERSION, + 'js' => array( + 'core/misc/collapse.js' => array('group' => JS_DEFAULT), + ), + 'dependencies' => array( + // collapse.js relies on drupalGetSummary in form.js + array('system', 'drupal.form'), + ), + ); + + // Drupal's resizable textarea. + $libraries['drupal.textarea'] = array( + 'title' => 'Drupal resizable textarea', + 'version' => VERSION, + 'js' => array( + 'core/misc/textarea.js' => array('group' => JS_DEFAULT), + ), + ); + + // Drupal's autocomplete widget. + $libraries['drupal.autocomplete'] = array( + 'title' => 'Drupal autocomplete', + 'version' => VERSION, + 'js' => array( + 'core/misc/autocomplete.js' => array('group' => JS_DEFAULT), + ), + ); + + // jQuery. + $libraries['jquery'] = array( + 'title' => 'jQuery', + 'website' => 'http://jquery.com', + 'version' => '1.4.4', + 'js' => array( + 'core/misc/jquery.js' => array('group' => JS_LIBRARY, 'weight' => -20), + ), + ); + + // jQuery Once. + $libraries['jquery.once'] = array( + 'title' => 'jQuery Once', + 'website' => 'http://plugins.jquery.com/project/once', + 'version' => '1.2', + 'js' => array( + 'core/misc/jquery.once.js' => array('group' => JS_LIBRARY, 'weight' => -19), + ), + ); + + // jQuery Form Plugin. + $libraries['jquery.form'] = array( + 'title' => 'jQuery Form Plugin', + 'website' => 'http://malsup.com/jquery/form/', + 'version' => '2.52', + 'js' => array( + 'core/misc/jquery.form.js' => array(), + ), + 'dependencies' => array( + array('system', 'jquery.cookie'), + ), + ); + + // jQuery BBQ plugin. + $libraries['jquery.bbq'] = array( + 'title' => 'jQuery BBQ', + 'website' => 'http://benalman.com/projects/jquery-bbq-plugin/', + 'version' => '1.2.1', + 'js' => array( + 'core/misc/jquery.ba-bbq.js' => array(), + ), + ); + + // Vertical Tabs. + $libraries['drupal.vertical-tabs'] = array( + 'title' => 'Vertical Tabs', + 'website' => 'http://drupal.org/node/323112', + 'version' => '1.0', + 'js' => array( + 'core/misc/vertical-tabs.js' => array(), + ), + 'css' => array( + 'core/misc/vertical-tabs.css' => array(), + ), + 'dependencies' => array( + // Vertical tabs relies on drupalGetSummary in form.js + array('system', 'drupal.form'), + ), + ); + + // Farbtastic. + $libraries['farbtastic'] = array( + 'title' => 'Farbtastic', + 'website' => 'http://code.google.com/p/farbtastic/', + 'version' => '1.2', + 'js' => array( + 'core/misc/farbtastic/farbtastic.js' => array(), + ), + 'css' => array( + 'core/misc/farbtastic/farbtastic.css' => array(), + ), + ); + + // Cookie. + $libraries['jquery.cookie'] = array( + 'title' => 'Cookie', + 'website' => 'http://plugins.jquery.com/project/cookie', + 'version' => '1.0', + 'js' => array( + 'core/misc/jquery.cookie.js' => array(), + ), + ); + + // jQuery UI. + $libraries['ui'] = array( + 'title' => 'jQuery UI: Core', + 'website' => 'http://jqueryui.com', + 'version' => '1.8.7', + 'js' => array( + 'core/misc/ui/jquery.ui.core.min.js' => array('group' => JS_LIBRARY, 'weight' => -11), + ), + 'css' => array( + 'core/misc/ui/jquery.ui.core.css' => array(), + 'core/misc/ui/jquery.ui.theme.css' => array(), + ), + ); + $libraries['ui.accordion'] = array( + 'title' => 'jQuery UI: Accordion', + 'website' => 'http://jqueryui.com/demos/accordion/', + 'version' => '1.8.7', + 'js' => array( + 'core/misc/ui/jquery.ui.accordion.min.js' => array(), + ), + 'css' => array( + 'core/misc/ui/jquery.ui.accordion.css' => array(), + ), + 'dependencies' => array( + array('system', 'ui.widget'), + ), + ); + $libraries['ui.autocomplete'] = array( + 'title' => 'jQuery UI: Autocomplete', + 'website' => 'http://jqueryui.com/demos/autocomplete/', + 'version' => '1.8.7', + 'js' => array( + 'core/misc/ui/jquery.ui.autocomplete.min.js' => array(), + ), + 'css' => array( + 'core/misc/ui/jquery.ui.autocomplete.css' => array(), + ), + 'dependencies' => array( + array('system', 'ui.widget'), + array('system', 'ui.position'), + ), + ); + $libraries['ui.button'] = array( + 'title' => 'jQuery UI: Button', + 'website' => 'http://jqueryui.com/demos/button/', + 'version' => '1.8.7', + 'js' => array( + 'core/misc/ui/jquery.ui.button.min.js' => array(), + ), + 'css' => array( + 'core/misc/ui/jquery.ui.button.css' => array(), + ), + 'dependencies' => array( + array('system', 'ui.widget'), + ), + ); + $libraries['ui.datepicker'] = array( + 'title' => 'jQuery UI: Date Picker', + 'website' => 'http://jqueryui.com/demos/datepicker/', + 'version' => '1.8.7', + 'js' => array( + 'core/misc/ui/jquery.ui.datepicker.min.js' => array(), + ), + 'css' => array( + 'core/misc/ui/jquery.ui.datepicker.css' => array(), + ), + 'dependencies' => array( + array('system', 'ui'), + ), + ); + $libraries['ui.dialog'] = array( + 'title' => 'jQuery UI: Dialog', + 'website' => 'http://jqueryui.com/demos/dialog/', + 'version' => '1.8.7', + 'js' => array( + 'core/misc/ui/jquery.ui.dialog.min.js' => array(), + ), + 'css' => array( + 'core/misc/ui/jquery.ui.dialog.css' => array(), + ), + 'dependencies' => array( + array('system', 'ui.widget'), + array('system', 'ui.button'), + array('system', 'ui.draggable'), + array('system', 'ui.mouse'), + array('system', 'ui.position'), + array('system', 'ui.resizable'), + ), + ); + $libraries['ui.draggable'] = array( + 'title' => 'jQuery UI: Draggable', + 'website' => 'http://jqueryui.com/demos/draggable/', + 'version' => '1.8.7', + 'js' => array( + 'core/misc/ui/jquery.ui.draggable.min.js' => array(), + ), + 'dependencies' => array( + array('system', 'ui.widget'), + array('system', 'ui.mouse'), + ), + ); + $libraries['ui.droppable'] = array( + 'title' => 'jQuery UI: Droppable', + 'website' => 'http://jqueryui.com/demos/droppable/', + 'version' => '1.8.7', + 'js' => array( + 'core/misc/ui/jquery.ui.droppable.min.js' => array(), + ), + 'dependencies' => array( + array('system', 'ui.widget'), + array('system', 'ui.mouse'), + array('system', 'ui.draggable'), + ), + ); + $libraries['ui.mouse'] = array( + 'title' => 'jQuery UI: Mouse', + 'website' => 'http://docs.jquery.com/UI/Mouse', + 'version' => '1.8.7', + 'js' => array( + 'core/misc/ui/jquery.ui.mouse.min.js' => array(), + ), + 'dependencies' => array( + array('system', 'ui.widget'), + ), + ); + $libraries['ui.position'] = array( + 'title' => 'jQuery UI: Position', + 'website' => 'http://jqueryui.com/demos/position/', + 'version' => '1.8.7', + 'js' => array( + 'core/misc/ui/jquery.ui.position.min.js' => array(), + ), + ); + $libraries['ui.progressbar'] = array( + 'title' => 'jQuery UI: Progress Bar', + 'website' => 'http://jqueryui.com/demos/progressbar/', + 'version' => '1.8.7', + 'js' => array( + 'core/misc/ui/jquery.ui.progressbar.min.js' => array(), + ), + 'css' => array( + 'core/misc/ui/jquery.ui.progressbar.css' => array(), + ), + 'dependencies' => array( + array('system', 'ui.widget'), + ), + ); + $libraries['ui.resizable'] = array( + 'title' => 'jQuery UI: Resizable', + 'website' => 'http://jqueryui.com/demos/resizable/', + 'version' => '1.8.7', + 'js' => array( + 'core/misc/ui/jquery.ui.resizable.min.js' => array(), + ), + 'css' => array( + 'core/misc/ui/jquery.ui.resizable.css' => array(), + ), + 'dependencies' => array( + array('system', 'ui.widget'), + array('system', 'ui.mouse'), + ), + ); + $libraries['ui.selectable'] = array( + 'title' => 'jQuery UI: Selectable', + 'website' => 'http://jqueryui.com/demos/selectable/', + 'version' => '1.8.7', + 'js' => array( + 'core/misc/ui/jquery.ui.selectable.min.js' => array(), + ), + 'css' => array( + 'core/misc/ui/jquery.ui.selectable.css' => array(), + ), + 'dependencies' => array( + array('system', 'ui.widget'), + array('system', 'ui.mouse'), + ), + ); + $libraries['ui.slider'] = array( + 'title' => 'jQuery UI: Slider', + 'website' => 'http://jqueryui.com/demos/slider/', + 'version' => '1.8.7', + 'js' => array( + 'core/misc/ui/jquery.ui.slider.min.js' => array(), + ), + 'css' => array( + 'core/misc/ui/jquery.ui.slider.css' => array(), + ), + 'dependencies' => array( + array('system', 'ui.widget'), + array('system', 'ui.mouse'), + ), + ); + $libraries['ui.sortable'] = array( + 'title' => 'jQuery UI: Sortable', + 'website' => 'http://jqueryui.com/demos/sortable/', + 'version' => '1.8.7', + 'js' => array( + 'core/misc/ui/jquery.ui.sortable.min.js' => array(), + ), + 'dependencies' => array( + array('system', 'ui.widget'), + array('system', 'ui.mouse'), + ), + ); + $libraries['ui.tabs'] = array( + 'title' => 'jQuery UI: Tabs', + 'website' => 'http://jqueryui.com/demos/tabs/', + 'version' => '1.8.7', + 'js' => array( + 'core/misc/ui/jquery.ui.tabs.min.js' => array(), + ), + 'css' => array( + 'core/misc/ui/jquery.ui.tabs.css' => array(), + ), + 'dependencies' => array( + array('system', 'ui.widget'), + ), + ); + $libraries['ui.widget'] = array( + 'title' => 'jQuery UI: Widget', + 'website' => 'http://docs.jquery.com/UI/Widget', + 'version' => '1.8.7', + 'js' => array( + 'core/misc/ui/jquery.ui.widget.min.js' => array('group' => JS_LIBRARY, 'weight' => -10), + ), + 'dependencies' => array( + array('system', 'ui'), + ), + ); + $libraries['effects'] = array( + 'title' => 'jQuery UI: Effects', + 'website' => 'http://jqueryui.com/demos/effect/', + 'version' => '1.8.7', + 'js' => array( + 'core/misc/ui/jquery.effects.core.min.js' => array('group' => JS_LIBRARY, 'weight' => -9), + ), + ); + $libraries['effects.blind'] = array( + 'title' => 'jQuery UI: Effects Blind', + 'website' => 'http://jqueryui.com/demos/effect/', + 'version' => '1.8.7', + 'js' => array( + 'core/misc/ui/jquery.effects.blind.min.js' => array(), + ), + 'dependencies' => array( + array('system', 'effects'), + ), + ); + $libraries['effects.bounce'] = array( + 'title' => 'jQuery UI: Effects Bounce', + 'website' => 'http://jqueryui.com/demos/effect/', + 'version' => '1.8.7', + 'js' => array( + 'core/misc/ui/jquery.effects.bounce.min.js' => array(), + ), + 'dependencies' => array( + array('system', 'effects'), + ), + ); + $libraries['effects.clip'] = array( + 'title' => 'jQuery UI: Effects Clip', + 'website' => 'http://jqueryui.com/demos/effect/', + 'version' => '1.8.7', + 'js' => array( + 'core/misc/ui/jquery.effects.clip.min.js' => array(), + ), + 'dependencies' => array( + array('system', 'effects'), + ), + ); + $libraries['effects.drop'] = array( + 'title' => 'jQuery UI: Effects Drop', + 'website' => 'http://jqueryui.com/demos/effect/', + 'version' => '1.8.7', + 'js' => array( + 'core/misc/ui/jquery.effects.drop.min.js' => array(), + ), + 'dependencies' => array( + array('system', 'effects'), + ), + ); + $libraries['effects.explode'] = array( + 'title' => 'jQuery UI: Effects Explode', + 'website' => 'http://jqueryui.com/demos/effect/', + 'version' => '1.8.7', + 'js' => array( + 'core/misc/ui/jquery.effects.explode.min.js' => array(), + ), + 'dependencies' => array( + array('system', 'effects'), + ), + ); + $libraries['effects.fade'] = array( + 'title' => 'jQuery UI: Effects Fade', + 'website' => 'http://jqueryui.com/demos/effect/', + 'version' => '1.8.7', + 'js' => array( + 'core/misc/ui/jquery.effects.fade.min.js' => array(), + ), + 'dependencies' => array( + array('system', 'effects'), + ), + ); + $libraries['effects.fold'] = array( + 'title' => 'jQuery UI: Effects Fold', + 'website' => 'http://jqueryui.com/demos/effect/', + 'version' => '1.8.7', + 'js' => array( + 'core/misc/ui/jquery.effects.fold.min.js' => array(), + ), + 'dependencies' => array( + array('system', 'effects'), + ), + ); + $libraries['effects.highlight'] = array( + 'title' => 'jQuery UI: Effects Highlight', + 'website' => 'http://jqueryui.com/demos/effect/', + 'version' => '1.8.7', + 'js' => array( + 'core/misc/ui/jquery.effects.highlight.min.js' => array(), + ), + 'dependencies' => array( + array('system', 'effects'), + ), + ); + $libraries['effects.pulsate'] = array( + 'title' => 'jQuery UI: Effects Pulsate', + 'website' => 'http://jqueryui.com/demos/effect/', + 'version' => '1.8.7', + 'js' => array( + 'core/misc/ui/jquery.effects.pulsate.min.js' => array(), + ), + 'dependencies' => array( + array('system', 'effects'), + ), + ); + $libraries['effects.scale'] = array( + 'title' => 'jQuery UI: Effects Scale', + 'website' => 'http://jqueryui.com/demos/effect/', + 'version' => '1.8.7', + 'js' => array( + 'core/misc/ui/jquery.effects.scale.min.js' => array(), + ), + 'dependencies' => array( + array('system', 'effects'), + ), + ); + $libraries['effects.shake'] = array( + 'title' => 'jQuery UI: Effects Shake', + 'website' => 'http://jqueryui.com/demos/effect/', + 'version' => '1.8.7', + 'js' => array( + 'core/misc/ui/jquery.effects.shake.min.js' => array(), + ), + 'dependencies' => array( + array('system', 'effects'), + ), + ); + $libraries['effects.slide'] = array( + 'title' => 'jQuery UI: Effects Slide', + 'website' => 'http://jqueryui.com/demos/effect/', + 'version' => '1.8.7', + 'js' => array( + 'core/misc/ui/jquery.effects.slide.min.js' => array(), + ), + 'dependencies' => array( + array('system', 'effects'), + ), + ); + $libraries['effects.transfer'] = array( + 'title' => 'jQuery UI: Effects Transfer', + 'website' => 'http://jqueryui.com/demos/effect/', + 'version' => '1.8.7', + 'js' => array( + 'core/misc/ui/jquery.effects.transfer.min.js' => array(), + ), + 'dependencies' => array( + array('system', 'effects'), + ), + ); + + // These library names are deprecated. Earlier versions of Drupal 7 didn't + // consistently namespace their libraries, so these names are included for + // backwards compatibility with those versions. + $libraries['once'] = &$libraries['jquery.once']; + $libraries['form'] = &$libraries['jquery.form']; + $libraries['jquery-bbq'] = &$libraries['jquery.bbq']; + $libraries['vertical-tabs'] = &$libraries['drupal.vertical-tabs']; + $libraries['cookie'] = &$libraries['jquery.cookie']; + + return $libraries; +} + +/** + * Implements hook_stream_wrappers(). + */ +function system_stream_wrappers() { + $wrappers = array( + 'public' => array( + 'name' => t('Public files'), + 'class' => 'DrupalPublicStreamWrapper', + 'description' => t('Public local files served by the webserver.'), + 'type' => STREAM_WRAPPERS_LOCAL_NORMAL, + ), + 'temporary' => array( + 'name' => t('Temporary files'), + 'class' => 'DrupalTemporaryStreamWrapper', + 'description' => t('Temporary local files for upload and previews.'), + 'type' => STREAM_WRAPPERS_LOCAL_HIDDEN, + ), + ); + + // Only register the private file stream wrapper if a file path has been set. + if (variable_get('file_private_path', FALSE)) { + $wrappers['private'] = array( + 'name' => t('Private files'), + 'class' => 'DrupalPrivateStreamWrapper', + 'description' => t('Private local files served by Drupal.'), + 'type' => STREAM_WRAPPERS_LOCAL_NORMAL, + ); + } + + return $wrappers; +} + +/** + * Retrieve a blocked IP address from the database. + * + * @param $iid integer + * The ID of the blocked IP address to retrieve. + * + * @return + * The blocked IP address from the database as an array. + */ +function blocked_ip_load($iid) { + return db_query("SELECT * FROM {blocked_ips} WHERE iid = :iid", array(':iid' => $iid))->fetchAssoc(); +} + +/** + * Menu item access callback - only admin or enabled themes can be accessed. + */ +function _system_themes_access($theme) { + return user_access('administer themes') && drupal_theme_access($theme); +} + +/** + * @defgroup authorize Authorized operations + * @{ + * Functions to run operations with elevated privileges via authorize.php. + * + * Because of the Update manager functionality included in Drupal core, there + * is a mechanism for running operations with elevated file system privileges, + * the top-level authorize.php script. This script runs at a reduced Drupal + * bootstrap level so that it is not reliant on the entire site being + * functional. The operations use a FileTransfer class to manipulate code + * installed on the system as the user that owns the files, not the user that + * the httpd is running as. + * + * The first setup is to define a callback function that should be authorized + * to run with the elevated privileges. This callback should take a + * FileTransfer as its first argument, although you can define an array of + * other arguments it should be invoked with. The callback should be placed in + * a separate .inc file that will be included by authorize.php. + * + * To run the operation, certain data must be saved into the SESSION, and then + * the flow of control should be redirected to the authorize.php script. There + * are two ways to do this, either to call system_authorized_run() directly, + * or to call system_authorized_init() and then redirect to authorize.php, + * using the URL from system_authorized_get_url(). Redirecting yourself is + * necessary when your authorized operation is being triggered by a form + * submit handler, since calling drupal_goto() in a submit handler is a bad + * idea, and you should instead set $form_state['redirect']. + * + * Once the SESSION is setup for the operation and the user is redirected to + * authorize.php, they will be prompted for their connection credentials (core + * provides FTP and SSH by default, although other connection classes can be + * added via contributed modules). With valid credentials, authorize.php will + * instantiate the appropriate FileTransfer object, and then invoke the + * desired operation passing in that object. The authorize.php script can act + * as a Batch API processing page, if the operation requires a batch. + * + * @see authorize.php + * @see FileTransfer + * @see hook_filetransfer_info() + */ + +/** + * Setup a given callback to run via authorize.php with elevated privileges. + * + * To use authorize.php, certain variables must be stashed into $_SESSION. + * This function sets up all the necessary $_SESSION variables, then returns + * the full path to authorize.php so the caller can redirect to authorize.php. + * That initiates the workflow that will eventually lead to the callback being + * invoked. The callback will be invoked at a low bootstrap level, without all + * modules being invoked, so it needs to be careful not to assume any code + * exists. + * + * @param $callback + * The name of the function to invoke one the user authorizes the operation. + * @param $file + * The full path to the file where the callback function is implemented. + * @param $arguments + * Optional array of arguments to pass into the callback when it is invoked. + * Note that the first argument to the callback is always the FileTransfer + * object created by authorize.php when the user authorizes the operation. + * @param $page_title + * Optional string to use as the page title once redirected to authorize.php. + * @return + * Nothing, this function just initializes variables in the user's session. + */ +function system_authorized_init($callback, $file, $arguments = array(), $page_title = NULL) { + // First, figure out what file transfer backends the site supports, and put + // all of those in the SESSION so that authorize.php has access to all of + // them via the class autoloader, even without a full bootstrap. + $_SESSION['authorize_filetransfer_info'] = drupal_get_filetransfer_info(); + + // Now, define the callback to invoke. + $_SESSION['authorize_operation'] = array( + 'callback' => $callback, + 'file' => $file, + 'arguments' => $arguments, + ); + + if (isset($page_title)) { + $_SESSION['authorize_operation']['page_title'] = $page_title; + } +} + +/** + * Return the URL for the authorize.php script. + * + * @param array $options + * Optional array of options to pass to url(). + * @return + * The full URL to authorize.php, using https if available. + */ +function system_authorized_get_url(array $options = array()) { + global $base_url; + // Force https if available, regardless of what the caller specifies. + $options['https'] = TRUE; + // We prefix with $base_url so we get a full path even if clean URLs are + // disabled. + return url($base_url . '/core/authorize.php', $options); +} + +/** + * Returns the URL for the authorize.php script when it is processing a batch. + */ +function system_authorized_batch_processing_url() { + return system_authorized_get_url(array('query' => array('batch' => '1'))); +} + +/** + * Setup and invoke an operation using authorize.php. + * + * @see system_authorized_init() + */ +function system_authorized_run($callback, $file, $arguments = array(), $page_title = NULL) { + system_authorized_init($callback, $file, $arguments, $page_title); + drupal_goto(system_authorized_get_url()); +} + +/** + * Use authorize.php to run batch_process(). + * + * @see batch_process() + */ +function system_authorized_batch_process() { + $finish_url = system_authorized_get_url(); + $process_url = system_authorized_batch_processing_url(); + batch_process($finish_url, $process_url); +} + +/** + * @} End of "defgroup authorize". + */ + +/** + * Implements hook_updater_info(). + */ +function system_updater_info() { + return array( + 'module' => array( + 'class' => 'ModuleUpdater', + 'name' => t('Update modules'), + 'weight' => 0, + ), + 'theme' => array( + 'class' => 'ThemeUpdater', + 'name' => t('Update themes'), + 'weight' => 0, + ), + ); +} + +/** + * Implements hook_filetransfer_info(). + */ +function system_filetransfer_info() { + $backends = array(); + + // This is the default, will be available on most systems. + if (function_exists('ftp_connect')) { + $backends['ftp'] = array( + 'title' => t('FTP'), + 'class' => 'FileTransferFTP', + 'file' => 'ftp.inc', + 'file path' => 'core/includes/filetransfer', + 'weight' => 0, + ); + } + + // SSH2 lib connection is only available if the proper PHP extension is + // installed. + if (function_exists('ssh2_connect')) { + $backends['ssh'] = array( + 'title' => t('SSH'), + 'class' => 'FileTransferSSH', + 'file' => 'ssh.inc', + 'file path' => 'core/includes/filetransfer', + 'weight' => 20, + ); + } + return $backends; +} + +/** + * Implements hook_init(). + */ +function system_init() { + $path = drupal_get_path('module', 'system'); + // Add the CSS for this module. These aren't in system.info, because they + // need to be in the CSS_SYSTEM group rather than the CSS_DEFAULT group. + drupal_add_css($path . '/system.base.css', array('group' => CSS_SYSTEM, 'every_page' => TRUE)); + if (path_is_admin(current_path())) { + drupal_add_css($path . '/system.admin.css', array('group' => CSS_SYSTEM)); + } + drupal_add_css($path . '/system.theme.css', array('group' => CSS_SYSTEM, 'every_page' => TRUE)); + + // Ignore slave database servers for this request. + // + // In Drupal's distributed database structure, new data is written to the master + // and then propagated to the slave servers. This means there is a lag + // between when data is written to the master and when it is available on the slave. + // At these times, we will want to avoid using a slave server temporarily. + // For example, if a user posts a new node then we want to disable the slave + // server for that user temporarily to allow the slave server to catch up. + // That way, that user will see their changes immediately while for other + // users we still get the benefits of having a slave server, just with slightly + // stale data. Code that wants to disable the slave server should use the + // db_set_ignore_slave() function to set $_SESSION['ignore_slave_server'] to + // the timestamp after which the slave can be re-enabled. + if (isset($_SESSION['ignore_slave_server'])) { + if ($_SESSION['ignore_slave_server'] >= REQUEST_TIME) { + Database::ignoreTarget('default', 'slave'); + } + else { + unset($_SESSION['ignore_slave_server']); + } + } + + // Add CSS/JS files from module .info files. + system_add_module_assets(); +} + +/** + * Adds CSS and JavaScript files declared in module .info files. + */ +function system_add_module_assets() { + foreach (system_get_info('module') as $module => $info) { + if (!empty($info['stylesheets'])) { + foreach ($info['stylesheets'] as $media => $stylesheets) { + foreach ($stylesheets as $stylesheet) { + drupal_add_css($stylesheet, array('every_page' => TRUE, 'media' => $media)); + } + } + } + if (!empty($info['scripts'])) { + foreach ($info['scripts'] as $script) { + drupal_add_js($script, array('every_page' => TRUE)); + } + } + } +} + +/** + * Implements hook_custom_theme(). + */ +function system_custom_theme() { + if (user_access('view the administration theme') && path_is_admin(current_path())) { + return variable_get('admin_theme'); + } +} + +/** + * Implements hook_form_FORM_ID_alter(). + */ +function system_form_user_profile_form_alter(&$form, &$form_state) { + if (variable_get('configurable_timezones', 1)) { + system_user_timezone($form, $form_state); + // Add the form to vertical tabs display on user account form + $form['timezone']['#collapsible'] = FALSE; + $form['timezone']['#group'] = 'user_settings'; + } + return $form; +} + +/** + * Implements hook_form_FORM_ID_alter(). + */ +function system_form_user_register_form_alter(&$form, &$form_state) { + if (variable_get('configurable_timezones', 1)) { + if (variable_get('user_default_timezone', DRUPAL_USER_TIMEZONE_DEFAULT) == DRUPAL_USER_TIMEZONE_SELECT) { + system_user_timezone($form, $form_state); + } + else { + $form['account']['timezone'] = array( + '#type' => 'hidden', + '#value' => variable_get('user_default_timezone', DRUPAL_USER_TIMEZONE_DEFAULT) ? '' : variable_get('date_default_timezone', ''), + ); + } + return $form; + } +} + +/** + * Implements hook_user_login(). + */ +function system_user_login(&$edit, $account) { + // If the user has a NULL time zone, notify them to set a time zone. + if (!$account->timezone && variable_get('configurable_timezones', 1) && variable_get('empty_timezone_message', 0)) { + drupal_set_message(t('Configure your account time zone setting.', array('@user-edit' => url("user/$account->uid/edit", array('query' => drupal_get_destination(), 'fragment' => 'edit-timezone'))))); + } +} + +/** + * Add the time zone field to the user edit and register forms. + */ +function system_user_timezone(&$form, &$form_state) { + global $user; + + $account = $form['#user']; + $form['timezone'] = array( + '#type' => 'fieldset', + '#title' => t('Locale settings'), + '#weight' => 6, + '#collapsible' => TRUE, + ); + $form['timezone']['timezone'] = array( + '#type' => 'select', + '#title' => t('Time zone'), + '#default_value' => isset($account->timezone) ? $account->timezone : ($account->uid == $user->uid ? variable_get('date_default_timezone', '') : ''), + '#options' => system_time_zones($account->uid != $user->uid), + '#description' => t('Select the desired local time and time zone. Dates and times throughout this site will be displayed using this time zone.'), + ); + if (!isset($account->timezone) && $account->uid == $user->uid && empty($form_state['input']['timezone'])) { + $form['timezone']['#description'] = t('Your time zone setting will be automatically detected if possible. Confirm the selection and click save.'); + $form['timezone']['timezone']['#attributes'] = array('class' => array('timezone-detect')); + drupal_add_js('core/misc/timezone.js'); + } +} + +/** + * Implements hook_block_info(). + */ +function system_block_info() { + $blocks['main'] = array( + 'info' => t('Main page content'), + // Cached elsewhere. + 'cache' => DRUPAL_NO_CACHE, + ); + $blocks['powered-by'] = array( + 'info' => t('Powered by Drupal'), + 'weight' => '10', + 'cache' => DRUPAL_NO_CACHE, + ); + $blocks['help'] = array( + 'info' => t('System help'), + 'weight' => '5', + 'cache' => DRUPAL_NO_CACHE, + ); + // System-defined menu blocks. + foreach (menu_list_system_menus() as $menu_name => $title) { + $blocks[$menu_name]['info'] = t($title); + // Menu blocks can't be cached because each menu item can have + // a custom access callback. menu.inc manages its own caching. + $blocks[$menu_name]['cache'] = DRUPAL_NO_CACHE; + } + return $blocks; +} + +/** + * Implements hook_block_view(). + * + * Generate a block with a promotional link to Drupal.org and + * all system menu blocks. + */ +function system_block_view($delta = '') { + $block = array(); + switch ($delta) { + case 'main': + $block['subject'] = NULL; + $block['content'] = drupal_set_page_content(); + return $block; + case 'powered-by': + $block['subject'] = NULL; + $block['content'] = theme('system_powered_by'); + return $block; + case 'help': + $block['subject'] = NULL; + $block['content'] = menu_get_active_help(); + return $block; + default: + // All system menu blocks. + $system_menus = menu_list_system_menus(); + if (isset($system_menus[$delta])) { + $block['subject'] = t($system_menus[$delta]); + $block['content'] = menu_tree($delta); + return $block; + } + break; + } +} + +/** + * Implements hook_preprocess_block(). + */ +function system_preprocess_block(&$variables) { + // System menu blocks should get the same class as menu module blocks. + if ($variables['block']->module == 'system' && in_array($variables['block']->delta, array_keys(menu_list_system_menus()))) { + $variables['classes_array'][] = 'block-menu'; + } +} + +/** + * Provide a single block on the administration overview page. + * + * @param $item + * The menu item to be displayed. + */ +function system_admin_menu_block($item) { + $cache = &drupal_static(__FUNCTION__, array()); + // If we are calling this function for a menu item that corresponds to a + // local task (for example, admin/tasks), then we want to retrieve the + // parent item's child links, not this item's (since this item won't have + // any). + if ($item['tab_root'] != $item['path']) { + $item = menu_get_item($item['tab_root_href']); + } + + if (!isset($item['mlid'])) { + $item += db_query("SELECT mlid, menu_name FROM {menu_links} ml WHERE ml.router_path = :path AND module = 'system'", array(':path' => $item['path']))->fetchAssoc(); + } + + if (isset($cache[$item['mlid']])) { + return $cache[$item['mlid']]; + } + + $content = array(); + $query = db_select('menu_links', 'ml', array('fetch' => PDO::FETCH_ASSOC)); + $query->join('menu_router', 'm', 'm.path = ml.router_path'); + $query + ->fields('ml') + // Weight should be taken from {menu_links}, not {menu_router}. + ->fields('m', array_diff(drupal_schema_fields_sql('menu_router'), array('weight'))) + ->condition('ml.plid', $item['mlid']) + ->condition('ml.menu_name', $item['menu_name']) + ->condition('ml.hidden', 0); + + foreach ($query->execute() as $link) { + _menu_link_translate($link); + if ($link['access']) { + // The link description, either derived from 'description' in + // hook_menu() or customized via menu module is used as title attribute. + if (!empty($link['localized_options']['attributes']['title'])) { + $link['description'] = $link['localized_options']['attributes']['title']; + unset($link['localized_options']['attributes']['title']); + } + // Prepare for sorting as in function _menu_tree_check_access(). + // The weight is offset so it is always positive, with a uniform 5-digits. + $key = (50000 + $link['weight']) . ' ' . drupal_strtolower($link['title']) . ' ' . $link['mlid']; + $content[$key] = $link; + } + } + ksort($content); + $cache[$item['mlid']] = $content; + return $content; +} + +/** + * Checks the existence of the directory specified in $form_element. + * + * This function is called from the system_settings form to check all core + * file directories (file_public_path, file_private_path, file_temporary_path). + * + * @param $form_element + * The form element containing the name of the directory to check. + */ +function system_check_directory($form_element) { + $directory = $form_element['#value']; + if (strlen($directory) == 0) { + return $form_element; + } + + if (!is_dir($directory) && !drupal_mkdir($directory, NULL, TRUE)) { + // If the directory does not exists and cannot be created. + form_set_error($form_element['#parents'][0], t('The directory %directory does not exist and could not be created.', array('%directory' => $directory))); + watchdog('file system', 'The directory %directory does not exist and could not be created.', array('%directory' => $directory), WATCHDOG_ERROR); + } + + if (is_dir($directory) && !is_writable($directory) && !drupal_chmod($directory)) { + // If the directory is not writable and cannot be made so. + form_set_error($form_element['#parents'][0], t('The directory %directory exists but is not writable and could not be made writable.', array('%directory' => $directory))); + watchdog('file system', 'The directory %directory exists but is not writable and could not be made writable.', array('%directory' => $directory), WATCHDOG_ERROR); + } + elseif (is_dir($directory)) { + if ($form_element['#name'] == 'file_public_path') { + // Create public .htaccess file. + file_save_htaccess($directory, FALSE); + } + else { + // Create private .htaccess file. + file_save_htaccess($directory); + } + } + + return $form_element; +} + +/** + * Retrieves the current status of an array of files in the system table. + * + * @param $files + * An array of files to check. + * @param $type + * The type of the files. + */ +function system_get_files_database(&$files, $type) { + // Extract current files from database. + $result = db_query("SELECT filename, name, type, status, schema_version, weight FROM {system} WHERE type = :type", array(':type' => $type)); + foreach ($result as $file) { + if (isset($files[$file->name]) && is_object($files[$file->name])) { + $file->uri = $file->filename; + foreach ($file as $key => $value) { + if (!isset($files[$file->name]->$key)) { + $files[$file->name]->$key = $value; + } + } + } + } +} + +/** + * Updates the records in the system table based on the files array. + * + * @param $files + * An array of files. + * @param $type + * The type of the files. + */ +function system_update_files_database(&$files, $type) { + $result = db_query("SELECT * FROM {system} WHERE type = :type", array(':type' => $type)); + + // Add all files that need to be deleted to a DatabaseCondition. + $delete = db_or(); + foreach ($result as $file) { + if (isset($files[$file->name]) && is_object($files[$file->name])) { + // Keep the old filename from the database in case the file has moved. + $old_filename = $file->filename; + + $updated_fields = array(); + + // Handle info specially, compare the serialized value. + $serialized_info = serialize($files[$file->name]->info); + if ($serialized_info != $file->info) { + $updated_fields['info'] = $serialized_info; + } + unset($file->info); + + // Scan remaining fields to find only the updated values. + foreach ($file as $key => $value) { + if (isset($files[$file->name]->$key) && $files[$file->name]->$key != $value) { + $updated_fields[$key] = $files[$file->name]->$key; + } + } + + // Update the record. + if (count($updated_fields)) { + db_update('system') + ->fields($updated_fields) + ->condition('filename', $old_filename) + ->execute(); + } + + // Indicate that the file exists already. + $files[$file->name]->exists = TRUE; + } + else { + // File is not found in file system, so delete record from the system table. + $delete->condition('filename', $file->filename); + } + } + + if (count($delete) > 0) { + // Delete all missing files from the system table, but only if the plugin + // has never been installed. + db_delete('system') + ->condition($delete) + ->condition('schema_version', -1) + ->execute(); + } + + // All remaining files are not in the system table, so we need to add them. + $query = db_insert('system')->fields(array('filename', 'name', 'type', 'owner', 'info')); + foreach ($files as &$file) { + if (isset($file->exists)) { + unset($file->exists); + } + else { + $query->values(array( + 'filename' => $file->uri, + 'name' => $file->name, + 'type' => $type, + 'owner' => isset($file->owner) ? $file->owner : '', + 'info' => serialize($file->info), + )); + $file->type = $type; + $file->status = 0; + $file->schema_version = -1; + } + } + $query->execute(); + + // If any module or theme was moved to a new location, we need to reset the + // system_list() cache or we will continue to load the old copy, look for + // schema updates in the wrong place, etc. + system_list_reset(); +} + +/** + * Returns an array of information about enabled modules or themes. + * + * This function returns the information from the {system} table corresponding + * to the cached contents of the .info file for each active module or theme. + * + * @param $type + * Either 'module' or 'theme'. + * @param $name + * (optional) The name of a module or theme whose information shall be + * returned. If omitted, all records for the provided $type will be returned. + * If $name does not exist in the provided $type or is not enabled, an empty + * array will be returned. + * + * @return + * An associative array of module or theme information keyed by name, or only + * information for $name, if given. If no records are available, an empty + * array is returned. + * + * @see system_rebuild_module_data() + * @see system_rebuild_theme_data() + */ +function system_get_info($type, $name = NULL) { + $info = array(); + if ($type == 'module') { + $type = 'module_enabled'; + } + $list = system_list($type); + foreach ($list as $shortname => $item) { + if (!empty($item->status)) { + $info[$shortname] = $item->info; + } + } + if (isset($name)) { + return isset($info[$name]) ? $info[$name] : array(); + } + return $info; +} + +/** + * Helper function to scan and collect module .info data. + * + * @return + * An associative array of module information. + */ +function _system_rebuild_module_data() { + // Find modules + $modules = drupal_system_listing('/^' . DRUPAL_PHP_FUNCTION_PATTERN . '\.module$/', 'modules', 'name', 0); + + // Include the install profile in modules that are loaded. + $profile = drupal_get_profile(); + $modules[$profile] = new stdClass(); + $modules[$profile]->name = $profile; + $modules[$profile]->uri = 'profiles/' . $profile . '/' . $profile . '.profile'; + $modules[$profile]->filename = $profile . '.profile'; + + // Install profile hooks are always executed last. + $modules[$profile]->weight = 1000; + + // Set defaults for module info. + $defaults = array( + 'dependencies' => array(), + 'description' => '', + 'package' => 'Other', + 'version' => NULL, + 'php' => DRUPAL_MINIMUM_PHP, + 'files' => array(), + 'bootstrap' => 0, + ); + + // Read info files for each module. + foreach ($modules as $key => $module) { + // The module system uses the key 'filename' instead of 'uri' so copy the + // value so it will be used by the modules system. + $modules[$key]->filename = $module->uri; + + // Look for the info file. + $module->info = drupal_parse_info_file(dirname($module->uri) . '/' . $module->name . '.info'); + + // Skip modules that don't provide info. + if (empty($module->info)) { + unset($modules[$key]); + continue; + } + + // Merge in defaults and save. + $modules[$key]->info = $module->info + $defaults; + + // Prefix stylesheets and scripts with module path. + $path = dirname($module->uri); + if (isset($module->info['stylesheets'])) { + $module->info['stylesheets'] = _system_info_add_path($module->info['stylesheets'], $path); + } + if (isset($module->info['scripts'])) { + $module->info['scripts'] = _system_info_add_path($module->info['scripts'], $path); + } + + // Install profiles are hidden by default, unless explicitly specified + // otherwise in the .info file. + if ($key == $profile && !isset($modules[$key]->info['hidden'])) { + $modules[$key]->info['hidden'] = TRUE; + } + + // Invoke hook_system_info_alter() to give installed modules a chance to + // modify the data in the .info files if necessary. + $type = 'module'; + drupal_alter('system_info', $modules[$key]->info, $modules[$key], $type); + } + + if (isset($modules[$profile])) { + // The install profile is required, if it's a valid module. + $modules[$profile]->info['required'] = TRUE; + // Add a default distribution name if the profile did not provide one. This + // matches the default value used in install_profile_info(). + if (!isset($modules[$profile]->info['distribution_name'])) { + $modules[$profile]->info['distribution_name'] = 'Drupal'; + } + } + + return $modules; +} + +/** + * Rebuild, save, and return data about all currently available modules. + * + * @return + * Array of all available modules and their data. + */ +function system_rebuild_module_data() { + $modules_cache = &drupal_static(__FUNCTION__); + // Only rebuild once per request. $modules and $modules_cache cannot be + // combined into one variable, because the $modules_cache variable is reset by + // reference from system_list_reset() during the rebuild. + if (!isset($modules_cache)) { + $modules = _system_rebuild_module_data(); + ksort($modules); + system_get_files_database($modules, 'module'); + system_update_files_database($modules, 'module'); + $modules = _module_build_dependencies($modules); + $modules_cache = $modules; + } + return $modules_cache; +} + +/** + * Refresh bootstrap column in the system table. + * + * This is called internally by module_enable/disable() to flag modules that + * implement hooks used during bootstrap, such as hook_boot(). These modules + * are loaded earlier to invoke the hooks. + */ +function _system_update_bootstrap_status() { + $bootstrap_modules = array(); + foreach (bootstrap_hooks() as $hook) { + foreach (module_implements($hook) as $module) { + $bootstrap_modules[] = $module; + } + } + $query = db_update('system')->fields(array('bootstrap' => 0)); + if ($bootstrap_modules) { + db_update('system') + ->fields(array('bootstrap' => 1)) + ->condition('name', $bootstrap_modules, 'IN') + ->execute(); + $query->condition('name', $bootstrap_modules, 'NOT IN'); + } + $query->execute(); + // Reset the cached list of bootstrap modules. + system_list_reset(); +} + +/** + * Helper function to scan and collect theme .info data and their engines. + * + * @return + * An associative array of themes information. + */ +function _system_rebuild_theme_data() { + // Find themes + $themes = drupal_system_listing('/^' . DRUPAL_PHP_FUNCTION_PATTERN . '\.info$/', 'themes'); + // Find theme engines + $engines = drupal_system_listing('/^' . DRUPAL_PHP_FUNCTION_PATTERN . '\.engine$/', 'themes/engines'); + + // Set defaults for theme info. + $defaults = array( + 'engine' => 'phptemplate', + 'regions' => array( + 'sidebar_first' => 'Left sidebar', + 'sidebar_second' => 'Right sidebar', + 'content' => 'Content', + 'header' => 'Header', + 'footer' => 'Footer', + 'highlighted' => 'Highlighted', + 'help' => 'Help', + 'page_top' => 'Page top', + 'page_bottom' => 'Page bottom', + ), + 'description' => '', + 'features' => _system_default_theme_features(), + 'screenshot' => 'screenshot.png', + 'php' => DRUPAL_MINIMUM_PHP, + 'stylesheets' => array(), + 'scripts' => array(), + ); + + $sub_themes = array(); + // Read info files for each theme + foreach ($themes as $key => $theme) { + $themes[$key]->filename = $theme->uri; + $themes[$key]->info = drupal_parse_info_file($theme->uri) + $defaults; + + // Invoke hook_system_info_alter() to give installed modules a chance to + // modify the data in the .info files if necessary. + $type = 'theme'; + drupal_alter('system_info', $themes[$key]->info, $themes[$key], $type); + + if (!empty($themes[$key]->info['base theme'])) { + $sub_themes[] = $key; + } + if ($themes[$key]->info['engine'] == 'theme') { + $filename = dirname($themes[$key]->uri) . '/' . $themes[$key]->name . '.theme'; + if (file_exists($filename)) { + $themes[$key]->owner = $filename; + $themes[$key]->prefix = $key; + } + } + else { + $engine = $themes[$key]->info['engine']; + if (isset($engines[$engine])) { + $themes[$key]->owner = $engines[$engine]->uri; + $themes[$key]->prefix = $engines[$engine]->name; + $themes[$key]->template = TRUE; + } + } + + // Prefix stylesheets and scripts with module path. + $path = dirname($theme->uri); + $theme->info['stylesheets'] = _system_info_add_path($theme->info['stylesheets'], $path); + $theme->info['scripts'] = _system_info_add_path($theme->info['scripts'], $path); + + // Give the screenshot proper path information. + if (!empty($themes[$key]->info['screenshot'])) { + $themes[$key]->info['screenshot'] = $path . '/' . $themes[$key]->info['screenshot']; + } + } + + // Now that we've established all our master themes, go back and fill in data + // for subthemes. + foreach ($sub_themes as $key) { + $themes[$key]->base_themes = system_find_base_themes($themes, $key); + // Don't proceed if there was a problem with the root base theme. + if (!current($themes[$key]->base_themes)) { + continue; + } + $base_key = key($themes[$key]->base_themes); + foreach (array_keys($themes[$key]->base_themes) as $base_theme) { + $themes[$base_theme]->sub_themes[$key] = $themes[$key]->info['name']; + } + // Copy the 'owner' and 'engine' over if the top level theme uses a theme + // engine. + if (isset($themes[$base_key]->owner)) { + if (isset($themes[$base_key]->info['engine'])) { + $themes[$key]->info['engine'] = $themes[$base_key]->info['engine']; + $themes[$key]->owner = $themes[$base_key]->owner; + $themes[$key]->prefix = $themes[$base_key]->prefix; + } + else { + $themes[$key]->prefix = $key; + } + } + } + + return $themes; +} + +/** + * Rebuild, save, and return data about all currently available themes. + * + * @return + * Array of all available themes and their data. + */ +function system_rebuild_theme_data() { + $themes = _system_rebuild_theme_data(); + ksort($themes); + system_get_files_database($themes, 'theme'); + system_update_files_database($themes, 'theme'); + return $themes; +} + +/** + * Prefixes all values in an .info file array with a given path. + * + * This helper function is mainly used to prefix all array values of an .info + * file property with a single given path (to the module or theme); e.g., to + * prefix all values of the 'stylesheets' or 'scripts' properties with the file + * path to the defining module/theme. + * + * @param $info + * A nested array of data of an .info file to be processed. + * @param $path + * A file path to prepend to each value in $info. + * + * @return + * The $info array with prefixed values. + * + * @see _system_rebuild_module_data() + * @see _system_rebuild_theme_data() + */ +function _system_info_add_path($info, $path) { + foreach ($info as $key => $value) { + // Recurse into nested values until we reach the deepest level. + if (is_array($value)) { + $info[$key] = _system_info_add_path($info[$key], $path); + } + // Unset the original value's key and set the new value with prefix, using + // the original value as key, so original values can still be looked up. + else { + unset($info[$key]); + $info[$value] = $path . '/' . $value; + } + } + return $info; +} + +/** + * Returns an array of default theme features. + */ +function _system_default_theme_features() { + return array( + 'logo', + 'favicon', + 'name', + 'slogan', + 'node_user_picture', + 'comment_user_picture', + 'comment_user_verification', + 'main_menu', + 'secondary_menu', + ); +} + +/** + * Find all the base themes for the specified theme. + * + * Themes can inherit templates and function implementations from earlier themes. + * + * @param $themes + * An array of available themes. + * @param $key + * The name of the theme whose base we are looking for. + * @param $used_keys + * A recursion parameter preventing endless loops. + * @return + * Returns an array of all of the theme's ancestors; the first element's value + * will be NULL if an error occurred. + */ +function system_find_base_themes($themes, $key, $used_keys = array()) { + $base_key = $themes[$key]->info['base theme']; + // Does the base theme exist? + if (!isset($themes[$base_key])) { + return array($base_key => NULL); + } + + $current_base_theme = array($base_key => $themes[$base_key]->info['name']); + + // Is the base theme itself a child of another theme? + if (isset($themes[$base_key]->info['base theme'])) { + // Do we already know the base themes of this theme? + if (isset($themes[$base_key]->base_themes)) { + return $themes[$base_key]->base_themes + $current_base_theme; + } + // Prevent loops. + if (!empty($used_keys[$base_key])) { + return array($base_key => NULL); + } + $used_keys[$base_key] = TRUE; + return system_find_base_themes($themes, $base_key, $used_keys) + $current_base_theme; + } + // If we get here, then this is our parent theme. + return $current_base_theme; +} + +/** + * Get a list of available regions from a specified theme. + * + * @param $theme_key + * The name of a theme. + * @param $show + * Possible values: REGIONS_ALL or REGIONS_VISIBLE. Visible excludes hidden + * regions. + * @return + * An array of regions in the form $region['name'] = 'description'. + */ +function system_region_list($theme_key, $show = REGIONS_ALL) { + $themes = list_themes(); + if (!isset($themes[$theme_key])) { + return array(); + } + + $list = array(); + $info = $themes[$theme_key]->info; + // If requested, suppress hidden regions. See block_admin_display_form(). + foreach ($info['regions'] as $name => $label) { + if ($show == REGIONS_ALL || !isset($info['regions_hidden']) || !in_array($name, $info['regions_hidden'])) { + $list[$name] = t($label); + } + } + + return $list; +} + +/** + * Implements hook_system_info_alter(). + */ +function system_system_info_alter(&$info, $file, $type) { + // Remove page-top from the blocks UI since it is reserved for modules to + // populate from outside the blocks system. + if ($type == 'theme') { + $info['regions_hidden'][] = 'page_top'; + $info['regions_hidden'][] = 'page_bottom'; + } +} + +/** + * Get the name of the default region for a given theme. + * + * @param $theme + * The name of a theme. + * @return + * A string that is the region name. + */ +function system_default_region($theme) { + $regions = array_keys(system_region_list($theme, REGIONS_VISIBLE)); + return isset($regions[0]) ? $regions[0] : ''; +} + +/** + * Add default buttons to a form and set its prefix. + * + * @param $form + * An associative array containing the structure of the form. + * + * @return + * The form structure. + * + * @see system_settings_form_submit() + * @ingroup forms + */ +function system_settings_form($form) { + $form['actions']['#type'] = 'actions'; + $form['actions']['submit'] = array('#type' => 'submit', '#value' => t('Save configuration')); + + if (!empty($_POST) && form_get_errors()) { + drupal_set_message(t('The settings have not been saved because of the errors.'), 'error'); + } + $form['#submit'][] = 'system_settings_form_submit'; + // By default, render the form using theme_system_settings_form(). + if (!isset($form['#theme'])) { + $form['#theme'] = 'system_settings_form'; + } + return $form; +} + +/** + * Execute the system_settings_form. + * + * If you want node type configure style handling of your checkboxes, + * add an array_filter value to your form. + */ +function system_settings_form_submit($form, &$form_state) { + // Exclude unnecessary elements. + form_state_values_clean($form_state); + + foreach ($form_state['values'] as $key => $value) { + if (is_array($value) && isset($form_state['values']['array_filter'])) { + $value = array_keys(array_filter($value)); + } + variable_set($key, $value); + } + + drupal_set_message(t('The configuration options have been saved.')); +} + +/** + * Helper function to sort requirements. + */ +function _system_sort_requirements($a, $b) { + if (!isset($a['weight'])) { + if (!isset($b['weight'])) { + return strcmp($a['title'], $b['title']); + } + return -$b['weight']; + } + return isset($b['weight']) ? $a['weight'] - $b['weight'] : $a['weight']; +} + +/** + * Generates a form array for a confirmation form. + * + * This function returns a complete form array for confirming an action. The + * form contains a confirm button as well as a cancellation link that allows a + * user to abort the action. + * + * If the submit handler for a form that implements confirm_form() is invoked, + * the user successfully confirmed the action. You should never directly + * inspect $_POST to see if an action was confirmed. + * + * Note - if the parameters $question, $description, $yes, or $no could contain + * any user input (such as node titles or taxonomy terms), it is the + * responsibility of the code calling confirm_form() to sanitize them first with + * a function like check_plain() or filter_xss(). + * + * @param $form + * Additional elements to add to the form. These can be regular form elements, + * #value elements, etc., and their values will be available to the submit + * handler. + * @param $question + * The question to ask the user (e.g. "Are you sure you want to delete the + * block foo?"). The page title will be set to this value. + * @param $path + * The page to go to if the user cancels the action. This can be either: + * - A string containing a Drupal path. + * - An associative array with a 'path' key. Additional array values are + * passed as the $options parameter to l(). + * If the 'destination' query parameter is set in the URL when viewing a + * confirmation form, that value will be used instead of $path. + * @param $description + * Additional text to display. Defaults to t('This action cannot be undone.'). + * @param $yes + * A caption for the button that confirms the action (e.g. "Delete", + * "Replace", ...). Defaults to t('Confirm'). + * @param $no + * A caption for the link which cancels the action (e.g. "Cancel"). Defaults + * to t('Cancel'). + * @param $name + * The internal name used to refer to the confirmation item. + * + * @return + * The form array. + */ +function confirm_form($form, $question, $path, $description = NULL, $yes = NULL, $no = NULL, $name = 'confirm') { + $description = isset($description) ? $description : t('This action cannot be undone.'); + + // Prepare cancel link. + if (isset($_GET['destination'])) { + $options = drupal_parse_url(urldecode($_GET['destination'])); + } + elseif (is_array($path)) { + $options = $path; + } + else { + $options = array('path' => $path); + } + + drupal_set_title($question, PASS_THROUGH); + + $form['#attributes']['class'][] = 'confirmation'; + $form['description'] = array('#markup' => $description); + $form[$name] = array('#type' => 'hidden', '#value' => 1); + + $form['actions'] = array('#type' => 'actions'); + $form['actions']['submit'] = array( + '#type' => 'submit', + '#value' => $yes ? $yes : t('Confirm'), + ); + $form['actions']['cancel'] = array( + '#type' => 'link', + '#title' => $no ? $no : t('Cancel'), + '#href' => $options['path'], + '#options' => $options, + ); + // By default, render the form using theme_confirm_form(). + if (!isset($form['#theme'])) { + $form['#theme'] = 'confirm_form'; + } + return $form; +} + +/** + * Determines if the current user is in compact mode. + * + * @return + * TRUE when in compact mode, FALSE when in expanded mode. + */ +function system_admin_compact_mode() { + // PHP converts dots into underscores in cookie names to avoid problems with + // its parser, so we use a converted cookie name. + return isset($_COOKIE['Drupal_visitor_admin_compact_mode']) ? $_COOKIE['Drupal_visitor_admin_compact_mode'] : variable_get('admin_compact_mode', FALSE); +} + +/** + * Menu callback; Sets whether the admin menu is in compact mode or not. + * + * @param $mode + * Valid values are 'on' and 'off'. + */ +function system_admin_compact_page($mode = 'off') { + user_cookie_save(array('admin_compact_mode' => ($mode == 'on'))); + drupal_goto(); } /** diff --git a/core/modules/user/user.js b/core/modules/user/user.js index ded4c0a..375c903 100644 --- a/core/modules/user/user.js +++ b/core/modules/user/user.js @@ -175,4 +175,23 @@ }; +Drupal.behaviors.userFieldsetSummaries = { + attach: function (context) { + $('fieldset.user-form-account-roles-status', context).drupalSetSummary(function (context) { + var vals = []; + + $('input:checked', context).parent().each(function () { + vals.push(Drupal.checkPlain($.trim($(this).text()))); + }); + + return vals.join(', '); + }); + $('fieldset.user-form-administrative-overlay', context).drupalSetSummary(function (context) { + return $('.form-item-overlay input', context).is(':checked') ? + Drupal.t('Enabled') : + Drupal.t('Disabled'); + }); + } +}; + })(jQuery); diff --git a/core/modules/user/user.module b/core/modules/user/user.module index fbc900c..a0439fa 100644 --- a/core/modules/user/user.module +++ b/core/modules/user/user.module @@ -154,9 +154,55 @@ function user_attach_accounts(array &$build, array $entities) { * add/edit/delete forms and populate the 'picture' variable during the * preprocess stage. */ -function user_picture_enabled() { - $field_definitions = \Drupal::entityManager()->getFieldDefinitions('user', 'user'); - return isset($field_definitions['user_picture']); +function user_field_extra_fields() { + $return['user']['user'] = array( + 'form' => array( + 'account' => array( + 'label' => t('User name and password'), + 'description' => t('User module account form elements.'), + 'weight' => -10, + ), + 'account_roles_status' => array( + 'label' => 'User role and status', + 'description' => t('User module role and status form elements.'), + 'weight' => -10, + ), + 'timezone' => array( + 'label' => t('Timezone'), + 'description' => t('User module timezone form element.'), + 'weight' => 6, + ), + ), + 'display' => array( + 'member_for' => array( + 'label' => t('Member for'), + 'description' => t('User module \'member for\' view element.'), + 'weight' => 5, + ), + ), + ); + + if (variable_get('user_pictures', 1) == 1) { + $return['user']['user']['form'] += array( + 'picture' => array( + 'label' => 'User picture', + 'description' => t('User module picture form element.'), + 'weight' => 1, + ), + ); + } + + if (variable_get('user_signatures', 1) == 1) { + $return['user']['user']['form'] += array( + 'signature' => array( + 'label' => 'User signature', + 'description' => t('User module signature form element.'), + 'weight' => 2, + ), + ); + } + + return $return; } /** @@ -609,6 +655,1429 @@ function user_user_logout($account) { // Reset static cache of default variables in template_preprocess() to reflect // the new user. drupal_static_reset('template_preprocess'); + $form['#validate'][] = 'user_account_form_validate'; + + $form['user_settings'] = array( + '#title' => t('User settings'), + '#type' => 'vertical_tabs', + '#weight' => 50, + ); + + // Account information. + $form['account'] = array( + '#type' => 'fieldset', + '#weight' => -10, + '#title' => t('Username and password'), + ); + // Only show name field on registration form or user can change own username. + $form['account']['name'] = array( + '#type' => 'textfield', + '#title' => t('Username'), + '#maxlength' => USERNAME_MAX_LENGTH, + '#description' => t('Spaces are allowed; punctuation is not allowed except for periods, hyphens, apostrophes, and underscores.'), + '#required' => TRUE, + '#attributes' => array('class' => array('username')), + '#default_value' => (!$register ? $account->name : ''), + '#access' => ($register || ($user->uid == $account->uid && user_access('change own username')) || $admin), + '#weight' => -10, + ); + + $form['account']['mail'] = array( + '#type' => 'textfield', + '#title' => t('E-mail address'), + '#maxlength' => EMAIL_MAX_LENGTH, + '#description' => t('A valid e-mail address. All e-mails from the system will be sent to this address. The e-mail address is not made public and will only be used if you wish to receive a new password or wish to receive certain news or notifications by e-mail.'), + '#required' => TRUE, + '#default_value' => (!$register ? $account->mail : ''), + ); + + // Display password field only for existing users or when user is allowed to + // assign a password during registration. + if (!$register) { + $form['account']['pass'] = array( + '#type' => 'password_confirm', + '#size' => 25, + '#description' => t('To change the current user password, enter the new password in both fields.'), + ); + // To skip the current password field, the user must have logged in via a + // one-time link and have the token in the URL. + $pass_reset = isset($_SESSION['pass_reset_' . $account->uid]) && isset($_GET['pass-reset-token']) && ($_GET['pass-reset-token'] == $_SESSION['pass_reset_' . $account->uid]); + $protected_values = array(); + $current_pass_description = ''; + // The user may only change their own password without their current + // password if they logged in via a one-time login link. + if (!$pass_reset) { + $protected_values['mail'] = $form['account']['mail']['#title']; + $protected_values['pass'] = t('Password'); + $request_new = l(t('Request new password'), 'user/password', array('attributes' => array('title' => t('Request new password via e-mail.')))); + $current_pass_description = t('Enter your current password to change the %mail or %pass. !request_new.', array('%mail' => $protected_values['mail'], '%pass' => $protected_values['pass'], '!request_new' => $request_new)); + } + // The user must enter their current password to change to a new one. + if ($user->uid == $account->uid) { + $form['account']['current_pass_required_values'] = array( + '#type' => 'value', + '#value' => $protected_values, + ); + $form['account']['current_pass'] = array( + '#type' => 'password', + '#title' => t('Current password'), + '#size' => 25, + '#access' => !empty($protected_values), + '#description' => $current_pass_description, + '#weight' => -5, + '#attributes' => array('autocomplete' => 'off'), + ); + $form['#validate'][] = 'user_validate_current_pass'; + } + } + elseif (!variable_get('user_email_verification', TRUE) || $admin) { + $form['account']['pass'] = array( + '#type' => 'password_confirm', + '#size' => 25, + '#description' => t('Provide a password for the new account in both fields.'), + '#required' => TRUE, + ); + } + + if ($admin) { + $status = isset($account->status) ? $account->status : 1; + } + else { + $status = $register ? variable_get('user_register', USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL) == USER_REGISTER_VISITORS : $account->status; + } + $form['account']['status'] = array( + '#type' => 'radios', + '#title' => t('Status'), + '#default_value' => $status, + '#options' => array(t('Blocked'), t('Active')), + '#access' => $admin, + ); + + $form['account_roles_status'] = array( + '#type' => 'fieldset', + '#title' => t('Roles and status'), + '#access' => $admin, + '#group' => (!$register ? 'user_settings' : ''), + '#attributes' => array( + 'class' => array('user-form-account-roles-status'), + ), + '#attached' => array( + 'js' => array(drupal_get_path('module', 'user') . '/user.js'), + ), + ); + + $roles = array_map('check_plain', user_roles(TRUE)); + // The disabled checkbox subelement for the 'authenticated user' role + // must be generated separately and added to the checkboxes element, + // because of a limitation in Form API not supporting a single disabled + // checkbox within a set of checkboxes. + // @todo This should be solved more elegantly. See issue #119038. + $checkbox_authenticated = array( + '#type' => 'checkbox', + '#title' => $roles[DRUPAL_AUTHENTICATED_RID], + '#default_value' => TRUE, + '#disabled' => TRUE, + ); + unset($roles[DRUPAL_AUTHENTICATED_RID]); + $form['account_roles_status']['roles'] = array( + '#type' => 'checkboxes', + '#title' => t('Roles'), + '#default_value' => (!$register && isset($account->roles) ? array_keys($account->roles) : array()), + '#options' => $roles, + '#access' => $roles && user_access('administer permissions'), + '#group' => 'user_settings', + DRUPAL_AUTHENTICATED_RID => $checkbox_authenticated, + ); + + $form['account']['notify'] = array( + '#type' => 'checkbox', + '#title' => t('Notify user of new account'), + '#access' => $register && $admin, + ); + + // Signature. + $form['signature_settings'] = array( + '#type' => 'fieldset', + '#title' => t('Signature settings'), + '#weight' => 1, + '#access' => (!$register && variable_get('user_signatures', 0)), + ); + + $form['signature_settings']['signature'] = array( + '#type' => 'text_format', + '#title' => t('Signature'), + '#default_value' => isset($account->signature) ? $account->signature : '', + '#description' => t('Your signature will be publicly displayed at the end of your comments.'), + '#format' => isset($account->signature_format) ? $account->signature_format : NULL, + '#group' => 'user_settings', + ); + + // Picture/avatar. + $form['picture'] = array( + '#type' => 'fieldset', + '#title' => t('Picture'), + '#weight' => 1, + '#access' => (!$register && variable_get('user_pictures', 0)), + ); + $form['picture']['picture'] = array( + '#type' => 'value', + '#value' => isset($account->picture) ? $account->picture : NULL, + ); + $form['picture']['picture_current'] = array( + '#markup' => theme('user_picture', array('account' => $account)), + ); + $form['picture']['picture_delete'] = array( + '#type' => 'checkbox', + '#title' => t('Delete picture'), + '#access' => !empty($account->picture->fid), + '#description' => t('Check this box to delete your current picture.'), + ); + $form['picture']['picture_upload'] = array( + '#type' => 'file', + '#title' => t('Upload picture'), + '#size' => 48, + '#description' => t('Your virtual face or picture. Pictures larger than @dimensions pixels will be scaled down.', array('@dimensions' => variable_get('user_picture_dimensions', '85x85'))) . ' ' . filter_xss_admin(variable_get('user_picture_guidelines', '')), + ); + $form['#validate'][] = 'user_validate_picture'; +} + +/** + * Form validation handler for the current password on the user_account_form(). + * + * @see user_account_form() + */ +function user_validate_current_pass(&$form, &$form_state) { + $account = $form['#user']; + foreach ($form_state['values']['current_pass_required_values'] as $key => $name) { + // This validation only works for required textfields (like mail) or + // form values like password_confirm that have their own validation + // that prevent them from being empty if they are changed. + if ((strlen(trim($form_state['values'][$key])) > 0) && ($form_state['values'][$key] != $account->$key)) { + require_once DRUPAL_ROOT . '/' . variable_get('password_inc', 'core/includes/password.inc'); + $current_pass_failed = empty($form_state['values']['current_pass']) || !user_check_password($form_state['values']['current_pass'], $account); + if ($current_pass_failed) { + form_set_error('current_pass', t("Your current password is missing or incorrect; it's required to change the %name.", array('%name' => $name))); + form_set_error($key); + } + // We only need to check the password once. + break; + } + } +} + +/** + * Form validation handler for user_account_form(). + * + * @see user_account_form() + */ +function user_account_form_validate($form, &$form_state) { + $account = $form['#user']; + // Validate new or changing username. + if (isset($form_state['values']['name'])) { + if ($error = user_validate_name($form_state['values']['name'])) { + form_set_error('name', $error); + } + elseif ((bool) db_select('users')->fields('users', array('uid'))->condition('uid', $account->uid, '<>')->condition('name', db_like($form_state['values']['name']), 'LIKE')->range(0, 1)->execute()->fetchField()) { + form_set_error('name', t('The name %name is already taken.', array('%name' => $form_state['values']['name']))); + } + } + + // Trim whitespace from mail, to prevent confusing 'e-mail not valid' + // warnings often caused by cutting and pasting. + $mail = trim($form_state['values']['mail']); + form_set_value($form['account']['mail'], $mail, $form_state); + + // Validate the e-mail address, and check if it is taken by an existing user. + if ($error = user_validate_mail($form_state['values']['mail'])) { + form_set_error('mail', $error); + } + elseif ((bool) db_select('users')->fields('users', array('uid'))->condition('uid', $account->uid, '<>')->condition('mail', db_like($form_state['values']['mail']), 'LIKE')->range(0, 1)->execute()->fetchField()) { + // Format error message dependent on whether the user is logged in or not. + if ($GLOBALS['user']->uid) { + form_set_error('mail', t('The e-mail address %email is already taken.', array('%email' => $form_state['values']['mail']))); + } + else { + form_set_error('mail', t('The e-mail address %email is already registered. Have you forgotten your password?', array('%email' => $form_state['values']['mail'], '@password' => url('user/password')))); + } + } + + // Make sure the signature isn't longer than the size of the database field. + // Signatures are disabled by default, so make sure it exists first. + if (isset($form_state['values']['signature'])) { + // Move text format for user signature into 'signature_format'. + $form_state['values']['signature_format'] = $form_state['values']['signature']['format']; + // Move text value for user signature into 'signature'. + $form_state['values']['signature'] = $form_state['values']['signature']['value']; + + $user_schema = drupal_get_schema('users'); + if (drupal_strlen($form_state['values']['signature']) > $user_schema['fields']['signature']['length']) { + form_set_error('signature', t('The signature is too long: it must be %max characters or less.', array('%max' => $user_schema['fields']['signature']['length']))); + } + } +} + +/** + * Implements hook_user_presave(). + */ +function user_user_presave(&$edit, $account) { + if (!empty($edit['picture_upload'])) { + $edit['picture'] = $edit['picture_upload']; + } + // Delete picture if requested, and if no replacement picture was given. + elseif (!empty($edit['picture_delete'])) { + $edit['picture'] = NULL; + } + // Prepare user roles. + if (isset($edit['roles'])) { + $edit['roles'] = array_filter($edit['roles']); + } + + // Move account cancellation information into $user->data. + foreach (array('user_cancel_method', 'user_cancel_notify') as $key) { + if (isset($edit[$key])) { + $edit['data'][$key] = $edit[$key]; + } + } +} + +function user_login_block($form) { + $form['#action'] = url($_GET['q'], array('query' => drupal_get_destination())); + $form['#id'] = 'user-login-form'; + $form['#validate'] = user_login_default_validators(); + $form['#submit'][] = 'user_login_submit'; + $form['name'] = array('#type' => 'textfield', + '#title' => t('Username'), + '#maxlength' => USERNAME_MAX_LENGTH, + '#size' => 15, + '#required' => TRUE, + ); + $form['pass'] = array('#type' => 'password', + '#title' => t('Password'), + '#maxlength' => 60, + '#size' => 15, + '#required' => TRUE, + ); + $form['actions'] = array('#type' => 'actions'); + $form['actions']['submit'] = array('#type' => 'submit', + '#value' => t('Log in'), + ); + $items = array(); + if (variable_get('user_register', USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL)) { + $items[] = l(t('Create new account'), 'user/register', array('attributes' => array('title' => t('Create a new user account.')))); + } + $items[] = l(t('Request new password'), 'user/password', array('attributes' => array('title' => t('Request new password via e-mail.')))); + $form['links'] = array('#markup' => theme('item_list', array('items' => $items))); + return $form; +} + +/** + * Implements hook_block_info(). + */ +function user_block_info() { + global $user; + + $blocks['login']['info'] = t('User login'); + // Not worth caching. + $blocks['login']['cache'] = DRUPAL_NO_CACHE; + + $blocks['new']['info'] = t('Who\'s new'); + $blocks['new']['properties']['administrative'] = TRUE; + + // Too dynamic to cache. + $blocks['online']['info'] = t('Who\'s online'); + $blocks['online']['cache'] = DRUPAL_NO_CACHE; + $blocks['online']['properties']['administrative'] = TRUE; + + return $blocks; +} + +/** + * Implements hook_block_configure(). + */ +function user_block_configure($delta = '') { + global $user; + + switch ($delta) { + case 'new': + $form['user_block_whois_new_count'] = array( + '#type' => 'select', + '#title' => t('Number of users to display'), + '#default_value' => variable_get('user_block_whois_new_count', 5), + '#options' => drupal_map_assoc(array(1, 2, 3, 4, 5, 6, 7, 8, 9, 10)), + ); + return $form; + + case 'online': + $period = drupal_map_assoc(array(30, 60, 120, 180, 300, 600, 900, 1800, 2700, 3600, 5400, 7200, 10800, 21600, 43200, 86400), 'format_interval'); + $form['user_block_seconds_online'] = array('#type' => 'select', '#title' => t('User activity'), '#default_value' => variable_get('user_block_seconds_online', 900), '#options' => $period, '#description' => t('A user is considered online for this long after they have last viewed a page.')); + $form['user_block_max_list_count'] = array('#type' => 'select', '#title' => t('User list length'), '#default_value' => variable_get('user_block_max_list_count', 10), '#options' => drupal_map_assoc(array(0, 5, 10, 15, 20, 25, 30, 40, 50, 75, 100)), '#description' => t('Maximum number of currently online users to display.')); + return $form; + } +} + +/** + * Implements hook_block_save(). + */ +function user_block_save($delta = '', $edit = array()) { + global $user; + + switch ($delta) { + case 'new': + variable_set('user_block_whois_new_count', $edit['user_block_whois_new_count']); + break; + + case 'online': + variable_set('user_block_seconds_online', $edit['user_block_seconds_online']); + variable_set('user_block_max_list_count', $edit['user_block_max_list_count']); + break; + } +} + +/** + * Implements hook_block_view(). + */ +function user_block_view($delta = '') { + global $user; + + $block = array(); + + switch ($delta) { + case 'login': + // For usability's sake, avoid showing two login forms on one page. + if (!$user->uid && !(arg(0) == 'user' && !is_numeric(arg(1)))) { + + $block['subject'] = t('User login'); + $block['content'] = drupal_get_form('user_login_block'); + } + return $block; + + case 'new': + if (user_access('access content')) { + // Retrieve a list of new users who have subsequently accessed the site successfully. + $items = db_query_range('SELECT uid, name FROM {users} WHERE status <> 0 AND access <> 0 ORDER BY created DESC', 0, variable_get('user_block_whois_new_count', 5))->fetchAll(); + $output = theme('user_list', array('users' => $items)); + + $block['subject'] = t('Who\'s new'); + $block['content'] = $output; + } + return $block; + + case 'online': + if (user_access('access content')) { + // Count users active within the defined period. + $interval = REQUEST_TIME - variable_get('user_block_seconds_online', 900); + + // Perform database queries to gather online user lists. We use s.timestamp + // rather than u.access because it is much faster. + $authenticated_count = db_query("SELECT COUNT(DISTINCT s.uid) FROM {sessions} s WHERE s.timestamp >= :timestamp AND s.uid > 0", array(':timestamp' => $interval))->fetchField(); + + $output = '

' . format_plural($authenticated_count, 'There is currently 1 user online.', 'There are currently @count users online.') . '

'; + + // Display a list of currently online users. + $max_users = variable_get('user_block_max_list_count', 10); + if ($authenticated_count && $max_users) { + $items = db_query_range('SELECT u.uid, u.name, MAX(s.timestamp) AS max_timestamp FROM {users} u INNER JOIN {sessions} s ON u.uid = s.uid WHERE s.timestamp >= :interval AND s.uid > 0 GROUP BY u.uid, u.name ORDER BY max_timestamp DESC', 0, $max_users, array(':interval' => $interval))->fetchAll(); + $output .= theme('user_list', array('users' => $items)); + } + + $block['subject'] = t('Who\'s online'); + $block['content'] = $output; + } + return $block; + } +} + +/** + * Process variables for user-picture.tpl.php. + * + * The $variables array contains the following arguments: + * - $account: A user, node or comment object with 'name', 'uid' and 'picture' + * fields. + * + * @see user-picture.tpl.php + */ +function template_preprocess_user_picture(&$variables) { + $variables['user_picture'] = ''; + if (variable_get('user_pictures', 0)) { + $account = $variables['account']; + if (!empty($account->picture)) { + // @TODO: Ideally this function would only be passed file objects, but + // since there's a lot of legacy code that JOINs the {users} table to + // {node} or {comments} and passes the results into this function if we + // a numeric value in the picture field we'll assume it's a file id + // and load it for them. Once we've got user_load_multiple() and + // comment_load_multiple() functions the user module will be able to load + // the picture files in mass during the object's load process. + if (is_numeric($account->picture)) { + $account->picture = file_load($account->picture); + } + if (!empty($account->picture->uri)) { + $filepath = $account->picture->uri; + } + } + elseif (variable_get('user_picture_default', '')) { + $filepath = variable_get('user_picture_default', ''); + } + if (isset($filepath)) { + $alt = t("@user's picture", array('@user' => format_username($account))); + // If the image does not have a valid Drupal scheme (for eg. HTTP), + // don't load image styles. + if (module_exists('image') && file_valid_uri($filepath) && $style = variable_get('user_picture_style', '')) { + $variables['user_picture'] = theme('image_style', array('style_name' => $style, 'path' => $filepath, 'alt' => $alt, 'title' => $alt)); + } + else { + $variables['user_picture'] = theme('image', array('path' => $filepath, 'alt' => $alt, 'title' => $alt)); + } + if (!empty($account->uid) && user_access('access user profiles')) { + $attributes = array('attributes' => array('title' => t('View user profile.')), 'html' => TRUE); + $variables['user_picture'] = l($variables['user_picture'], "user/$account->uid", $attributes); + } + } + } +} + +/** + * Returns HTML for a list of users. + * + * @param $variables + * An associative array containing: + * - users: An array with user objects. Should contain at least the name and + * uid. + * - title: (optional) Title to pass on to theme_item_list(). + * + * @ingroup themeable + */ +function theme_user_list($variables) { + $users = $variables['users']; + $title = $variables['title']; + $items = array(); + + if (!empty($users)) { + foreach ($users as $user) { + $items[] = theme('username', array('account' => $user)); + } + } + return theme('item_list', array('items' => $items, 'title' => $title)); +} + +function user_is_anonymous() { + // Menu administrators can see items for anonymous when administering. + return !$GLOBALS['user']->uid || !empty($GLOBALS['menu_admin']); +} + +function user_is_logged_in() { + return (bool) $GLOBALS['user']->uid; +} + +function user_register_access() { + return user_is_anonymous() && variable_get('user_register', USER_REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL); +} + +/** + * User view access callback. + * + * @param $account + * Can either be a full user object or a $uid. + */ +function user_view_access($account) { + $uid = is_object($account) ? $account->uid : (int) $account; + + // Never allow access to view the anonymous user account. + if ($uid) { + // Admins can view all, users can view own profiles at all times. + if ($GLOBALS['user']->uid == $uid || user_access('administer users')) { + return TRUE; + } + elseif (user_access('access user profiles')) { + // At this point, load the complete account object. + if (!is_object($account)) { + $account = user_load($uid); + } + return (is_object($account) && $account->status); + } + } + return FALSE; +} + +/** + * Access callback for user account editing. + */ +function user_edit_access($account) { + return (($GLOBALS['user']->uid == $account->uid) || user_access('administer users')) && $account->uid > 0; +} + +/** + * Menu access callback; limit access to account cancellation pages. + * + * Limit access to users with the 'cancel account' permission or administrative + * users, and prevent the anonymous user from cancelling the account. + */ +function user_cancel_access($account) { + return ((($GLOBALS['user']->uid == $account->uid) && user_access('cancel account')) || user_access('administer users')) && $account->uid > 0; +} + +/** + * Implements hook_menu(). + */ +function user_menu() { + $items['user/autocomplete'] = array( + 'title' => 'User autocomplete', + 'page callback' => 'user_autocomplete', + 'access callback' => 'user_access', + 'access arguments' => array('access user profiles'), + 'type' => MENU_CALLBACK, + 'file' => 'user.pages.inc', + ); + + // Registration and login pages. + $items['user'] = array( + 'title' => 'User account', + 'title callback' => 'user_menu_title', + 'page callback' => 'user_page', + 'access callback' => TRUE, + 'file' => 'user.pages.inc', + 'weight' => -10, + 'menu_name' => 'user-menu', + ); + + $items['user/login'] = array( + 'title' => 'Log in', + 'access callback' => 'user_is_anonymous', + 'type' => MENU_DEFAULT_LOCAL_TASK, + ); + + $items['user/register'] = array( + 'title' => 'Create new account', + 'page callback' => 'drupal_get_form', + 'page arguments' => array('user_register_form'), + 'access callback' => 'user_register_access', + 'type' => MENU_LOCAL_TASK, + ); + + $items['user/password'] = array( + 'title' => 'Request new password', + 'page callback' => 'drupal_get_form', + 'page arguments' => array('user_pass'), + 'access callback' => TRUE, + 'type' => MENU_LOCAL_TASK, + 'file' => 'user.pages.inc', + ); + $items['user/reset/%/%/%'] = array( + 'title' => 'Reset password', + 'page callback' => 'drupal_get_form', + 'page arguments' => array('user_pass_reset', 2, 3, 4), + 'access callback' => TRUE, + 'type' => MENU_CALLBACK, + 'file' => 'user.pages.inc', + ); + + $items['user/logout'] = array( + 'title' => 'Log out', + 'access callback' => 'user_is_logged_in', + 'page callback' => 'user_logout', + 'weight' => 10, + 'menu_name' => 'user-menu', + 'file' => 'user.pages.inc', + ); + + // User listing pages. + $items['admin/people'] = array( + 'title' => 'People', + 'description' => 'Manage user accounts, roles, and permissions.', + 'page callback' => 'user_admin', + 'page arguments' => array('list'), + 'access arguments' => array('administer users'), + 'position' => 'left', + 'weight' => -4, + 'file' => 'user.admin.inc', + ); + $items['admin/people/people'] = array( + 'title' => 'List', + 'description' => 'Find and manage people interacting with your site.', + 'access arguments' => array('administer users'), + 'type' => MENU_DEFAULT_LOCAL_TASK, + 'weight' => -10, + 'file' => 'user.admin.inc', + ); + + // Permissions and role forms. + $items['admin/people/permissions'] = array( + 'title' => 'Permissions', + 'description' => 'Determine access to features by selecting permissions for roles.', + 'page callback' => 'drupal_get_form', + 'page arguments' => array('user_admin_permissions'), + 'access arguments' => array('administer permissions'), + 'file' => 'user.admin.inc', + 'type' => MENU_LOCAL_TASK, + ); + $items['admin/people/permissions/list'] = array( + 'title' => 'Permissions', + 'description' => 'Determine access to features by selecting permissions for roles.', + 'type' => MENU_DEFAULT_LOCAL_TASK, + 'weight' => -8, + ); + $items['admin/people/permissions/roles'] = array( + 'title' => 'Roles', + 'description' => 'List, edit, or add user roles.', + 'page callback' => 'drupal_get_form', + 'page arguments' => array('user_admin_roles'), + 'access arguments' => array('administer permissions'), + 'file' => 'user.admin.inc', + 'type' => MENU_LOCAL_TASK, + 'weight' => -5, + ); + $items['admin/people/permissions/roles/edit/%user_role'] = array( + 'title' => 'Edit role', + 'page arguments' => array('user_admin_role', 5), + 'access callback' => 'user_role_edit_access', + 'access arguments' => array(5), + ); + $items['admin/people/permissions/roles/delete/%user_role'] = array( + 'title' => 'Delete role', + 'page callback' => 'drupal_get_form', + 'page arguments' => array('user_admin_role_delete_confirm', 5), + 'access callback' => 'user_role_edit_access', + 'access arguments' => array(5), + 'file' => 'user.admin.inc', + ); + + $items['admin/people/create'] = array( + 'title' => 'Add user', + 'page arguments' => array('create'), + 'access arguments' => array('administer users'), + 'type' => MENU_LOCAL_ACTION, + ); + + // Administration pages. + $items['admin/config/people'] = array( + 'title' => 'People', + 'description' => 'Configure user accounts.', + 'position' => 'left', + 'weight' => -20, + 'page callback' => 'system_admin_menu_block_page', + 'access arguments' => array('access administration pages'), + 'file' => 'system.admin.inc', + 'file path' => drupal_get_path('module', 'system'), + ); + $items['admin/config/people/accounts'] = array( + 'title' => 'Account settings', + 'description' => 'Configure default behavior of users, including registration requirements, e-mails, fields, and user pictures.', + 'page callback' => 'drupal_get_form', + 'page arguments' => array('user_admin_settings'), + 'access arguments' => array('administer users'), + 'file' => 'user.admin.inc', + 'weight' => -10, + ); + $items['admin/config/people/accounts/settings'] = array( + 'title' => 'Settings', + 'type' => MENU_DEFAULT_LOCAL_TASK, + 'weight' => -10, + ); + + $items['user/%user'] = array( + 'title' => 'My account', + 'title callback' => 'user_page_title', + 'title arguments' => array(1), + 'page callback' => 'user_view_page', + 'page arguments' => array(1), + 'access callback' => 'user_view_access', + 'access arguments' => array(1), + // By assigning a different menu name, this item (and all registered child + // paths) are no longer considered as children of 'user'. When accessing the + // user account pages, the preferred menu link that is used to build the + // active trail (breadcrumb) will be found in this menu (unless there is + // more specific link), so the link to 'user' will not be in the breadcrumb. + 'menu_name' => 'navigation', + ); + + $items['user/%user/view'] = array( + 'title' => 'View', + 'type' => MENU_DEFAULT_LOCAL_TASK, + 'weight' => -10, + ); + + $items['user/%user/cancel'] = array( + 'title' => 'Cancel account', + 'page callback' => 'drupal_get_form', + 'page arguments' => array('user_cancel_confirm_form', 1), + 'access callback' => 'user_cancel_access', + 'access arguments' => array(1), + 'file' => 'user.pages.inc', + ); + + $items['user/%user/cancel/confirm/%/%'] = array( + 'title' => 'Confirm account cancellation', + 'page callback' => 'user_cancel_confirm', + 'page arguments' => array(1, 4, 5), + 'access callback' => 'user_cancel_access', + 'access arguments' => array(1), + 'file' => 'user.pages.inc', + ); + + $items['user/%user/edit'] = array( + 'title' => 'Edit', + 'page callback' => 'drupal_get_form', + 'page arguments' => array('user_profile_form', 1), + 'access callback' => 'user_edit_access', + 'access arguments' => array(1), + 'type' => MENU_LOCAL_TASK, + 'file' => 'user.pages.inc', + ); + return $items; +} + +/** + * Implements hook_menu_site_status_alter(). + */ +function user_menu_site_status_alter(&$menu_site_status, $path) { + if ($menu_site_status == MENU_SITE_OFFLINE) { + // If the site is offline, log out unprivileged users. + if (user_is_logged_in() && !user_access('access site in maintenance mode')) { + module_load_include('pages.inc', 'user', 'user'); + user_logout(); + } + + if (user_is_anonymous()) { + switch ($path) { + case 'user': + // Forward anonymous user to login page. + drupal_goto('user/login'); + case 'user/login': + case 'user/password': + // Disable offline mode. + $menu_site_status = MENU_SITE_ONLINE; + break; + default: + if (strpos($path, 'user/reset/') === 0) { + // Disable offline mode. + $menu_site_status = MENU_SITE_ONLINE; + } + break; + } + } + } + if (user_is_logged_in()) { + if ($path == 'user/login') { + // If user is logged in, redirect to 'user' instead of giving 403. + drupal_goto('user'); + } + if ($path == 'user/register') { + // Authenticated user should be redirected to user edit page. + drupal_goto('user/' . $GLOBALS['user']->uid . '/edit'); + } + } +} + +/** + * Implements hook_menu_link_alter(). + */ +function user_menu_link_alter(&$link) { + // The path 'user' must be accessible for anonymous users, but only visible + // for authenticated users. Authenticated users should see "My account", but + // anonymous users should not see it at all. Therefore, invoke + // user_translated_menu_link_alter() to conditionally hide the link. + if ($link['link_path'] == 'user' && $link['module'] == 'system') { + $link['options']['alter'] = TRUE; + } + + // Force the Logout link to appear on the top-level of 'user-menu' menu by + // default (i.e., unless it has been customized). + if ($link['link_path'] == 'user/logout' && $link['module'] == 'system' && empty($link['customized'])) { + $link['plid'] = 0; + } +} + +/** + * Implements hook_translated_menu_link_alter(). + */ +function user_translated_menu_link_alter(&$link) { + // Hide the "User account" link for anonymous users. + if ($link['link_path'] == 'user' && $link['module'] == 'system' && user_is_anonymous()) { + $link['hidden'] = 1; + } +} + +/** + * Implements hook_admin_paths(). + */ +function user_admin_paths() { + $paths = array( + 'user/*/cancel' => TRUE, + 'user/*/edit' => TRUE, + 'user/*/edit/*' => TRUE, + ); + return $paths; +} + +/** + * Returns $arg or the user ID of the current user if $arg is '%' or empty. + * + * Deprecated. Use %user_uid_optional instead. + * + * @todo D8: Remove. + */ +function user_uid_only_optional_to_arg($arg) { + return user_uid_optional_to_arg($arg); +} + +/** + * Load either a specified or the current user account. + * + * @param $uid + * An optional user ID of the user to load. If not provided, the current + * user's ID will be used. + * @return + * A fully-loaded $user object upon successful user load, FALSE if user + * cannot be loaded. + * + * @see user_load() + * @todo rethink the naming of this in Drupal 8. + */ +function user_uid_optional_load($uid = NULL) { + if (!isset($uid)) { + $uid = $GLOBALS['user']->uid; + } + return user_load($uid); +} + +/** + * Returns $arg or the user ID of the current user if $arg is '%' or empty. + * + * @todo rethink the naming of this in Drupal 8. + */ +function user_uid_optional_to_arg($arg) { + // Give back the current user uid when called from eg. tracker, aka. + // with an empty arg. Also use the current user uid when called from + // the menu with a % for the current account link. + return empty($arg) || $arg == '%' ? $GLOBALS['user']->uid : $arg; +} + +/** + * Menu item title callback for the 'user' path. + * + * Anonymous users should see "User account", but authenticated users are + * expected to see "My account". + */ +function user_menu_title() { + return user_is_logged_in() ? t('My account') : t('User account'); +} + +/** + * Menu item title callback - use the user name. + */ +function user_page_title($account) { + return is_object($account) ? format_username($account) : ''; +} + +/** + * Discover which external authentication module(s) authenticated a username. + * + * @param $authname + * A username used by an external authentication module. + * @return + * An associative array with module as key and username as value. + */ +function user_get_authmaps($authname = NULL) { + $authmaps = db_query("SELECT module, authname FROM {authmap} WHERE authname = :authname", array(':authname' => $authname))->fetchAllKeyed(); + return count($authmaps) ? $authmaps : 0; +} + +/** + * Save mappings of which external authentication module(s) authenticated + * a user. Maps external usernames to user ids in the users table. + * + * @param $account + * A user object. + * @param $authmaps + * An associative array with a compound key and the username as the value. + * The key is made up of 'authname_' plus the name of the external authentication + * module. + * @see user_external_login_register() + */ +function user_set_authmaps($account, $authmaps) { + foreach ($authmaps as $key => $value) { + $module = explode('_', $key, 2); + if ($value) { + db_merge('authmap') + ->key(array( + 'uid' => $account->uid, + 'module' => $module[1], + )) + ->fields(array('authname' => $value)) + ->execute(); + } + else { + db_delete('authmap') + ->condition('uid', $account->uid) + ->condition('module', $module[1]) + ->execute(); + } + } +} + +/** + * Form builder; the main user login form. + * + * @ingroup forms + */ +function user_login($form, &$form_state) { + global $user; + + // If we are already logged on, go to the user page instead. + if ($user->uid) { + drupal_goto('user/' . $user->uid); + } + + // Display login form: + $form['name'] = array('#type' => 'textfield', + '#title' => t('Username'), + '#size' => 60, + '#maxlength' => USERNAME_MAX_LENGTH, + '#required' => TRUE, + ); + + $form['name']['#description'] = t('Enter your @s username.', array('@s' => variable_get('site_name', 'Drupal'))); + $form['pass'] = array('#type' => 'password', + '#title' => t('Password'), + '#description' => t('Enter the password that accompanies your username.'), + '#required' => TRUE, + ); + $form['#validate'] = user_login_default_validators(); + $form['actions'] = array('#type' => 'actions'); + $form['actions']['submit'] = array('#type' => 'submit', '#value' => t('Log in')); + + return $form; +} + +/** + * Set up a series for validators which check for blocked users, + * then authenticate against local database, then return an error if + * authentication fails. Distributed authentication modules are welcome + * to use hook_form_alter() to change this series in order to + * authenticate against their user database instead of the local users + * table. If a distributed authentication module is successful, it + * should set $form_state['uid'] to a user ID. + * + * We use three validators instead of one since external authentication + * modules usually only need to alter the second validator. + * + * @see user_login_name_validate() + * @see user_login_authenticate_validate() + * @see user_login_final_validate() + * @return array + * A simple list of validate functions. + */ +function user_login_default_validators() { + return array('user_login_name_validate', 'user_login_authenticate_validate', 'user_login_final_validate'); +} + +/** + * A FAPI validate handler. Sets an error if supplied username has been blocked. + */ +function user_login_name_validate($form, &$form_state) { + if (isset($form_state['values']['name']) && user_is_blocked($form_state['values']['name'])) { + // Blocked in user administration. + form_set_error('name', t('The username %name has not been activated or is blocked.', array('%name' => $form_state['values']['name']))); + } +} + +/** + * A validate handler on the login form. Check supplied username/password + * against local users table. If successful, $form_state['uid'] + * is set to the matching user ID. + */ +function user_login_authenticate_validate($form, &$form_state) { + $password = trim($form_state['values']['pass']); + if (!empty($form_state['values']['name']) && !empty($password)) { + // Do not allow any login from the current user's IP if the limit has been + // reached. Default is 50 failed attempts allowed in one hour. This is + // independent of the per-user limit to catch attempts from one IP to log + // in to many different user accounts. We have a reasonably high limit + // since there may be only one apparent IP for all users at an institution. + if (!flood_is_allowed('failed_login_attempt_ip', variable_get('user_failed_login_ip_limit', 50), variable_get('user_failed_login_ip_window', 3600))) { + $form_state['flood_control_triggered'] = 'ip'; + return; + } + $account = db_query("SELECT * FROM {users} WHERE name = :name AND status = 1", array(':name' => $form_state['values']['name']))->fetchObject(); + if ($account) { + if (variable_get('user_failed_login_identifier_uid_only', FALSE)) { + // Register flood events based on the uid only, so they apply for any + // IP address. This is the most secure option. + $identifier = $account->uid; + } + else { + // The default identifier is a combination of uid and IP address. This + // is less secure but more resistant to denial-of-service attacks that + // could lock out all users with public user names. + $identifier = $account->uid . '-' . ip_address(); + } + $form_state['flood_control_user_identifier'] = $identifier; + + // Don't allow login if the limit for this user has been reached. + // Default is to allow 5 failed attempts every 6 hours. + if (!flood_is_allowed('failed_login_attempt_user', variable_get('user_failed_login_user_limit', 5), variable_get('user_failed_login_user_window', 21600), $identifier)) { + $form_state['flood_control_triggered'] = 'user'; + return; + } + } + // We are not limited by flood control, so try to authenticate. + // Set $form_state['uid'] as a flag for user_login_final_validate(). + $form_state['uid'] = user_authenticate($form_state['values']['name'], $password); + } +} + +/** + * The final validation handler on the login form. + * + * Sets a form error if user has not been authenticated, or if too many + * logins have been attempted. This validation function should always + * be the last one. + */ +function user_login_final_validate($form, &$form_state) { + if (empty($form_state['uid'])) { + // Always register an IP-based failed login event. + flood_register_event('failed_login_attempt_ip', variable_get('user_failed_login_ip_window', 3600)); + // Register a per-user failed login event. + if (isset($form_state['flood_control_user_identifier'])) { + flood_register_event('failed_login_attempt_user', variable_get('user_failed_login_user_window', 21600), $form_state['flood_control_user_identifier']); + } + + if (isset($form_state['flood_control_triggered'])) { + if ($form_state['flood_control_triggered'] == 'user') { + form_set_error('name', format_plural(variable_get('user_failed_login_user_limit', 5), 'Sorry, there has been more than one failed login attempt for this account. It is temporarily blocked. Try again later or request a new password.', 'Sorry, there have been more than @count failed login attempts for this account. It is temporarily blocked. Try again later or request a new password.', array('@url' => url('user/password')))); + } + else { + // We did not find a uid, so the limit is IP-based. + form_set_error('name', t('Sorry, too many failed login attempts from your IP address. This IP address is temporarily blocked. Try again later or request a new password.', array('@url' => url('user/password')))); + } + } + else { + form_set_error('name', t('Sorry, unrecognized username or password. Have you forgotten your password?', array('@password' => url('user/password')))); + watchdog('user', 'Login attempt failed for %user.', array('%user' => $form_state['values']['name'])); + } + } + elseif (isset($form_state['flood_control_user_identifier'])) { + // Clear past failures for this user so as not to block a user who might + // log in and out more than once in an hour. + flood_clear_event('failed_login_attempt_user', $form_state['flood_control_user_identifier']); + } +} + +/** + * Try to validate the user's login credentials locally. + * + * @param $name + * User name to authenticate. + * @param $password + * A plain-text password, such as trimmed text from form values. + * @return + * The user's uid on success, or FALSE on failure to authenticate. + */ +function user_authenticate($name, $password) { + $uid = FALSE; + if (!empty($name) && !empty($password)) { + $account = user_load_by_name($name); + if ($account) { + // Allow alternate password hashing schemes. + require_once DRUPAL_ROOT . '/' . variable_get('password_inc', 'core/includes/password.inc'); + if (user_check_password($password, $account)) { + // Successful authentication. + $uid = $account->uid; + + // Update user to new password scheme if needed. + if (user_needs_new_hash($account)) { + user_save($account, array('pass' => $password)); + } + } + } + } + return $uid; +} + +/** + * Finalize the login process. Must be called when logging in a user. + * + * The function records a watchdog message about the new session, saves the + * login timestamp, calls hook_user op 'login' and generates a new session. * + */ +function user_login_finalize(&$edit = array()) { + global $user; + watchdog('user', 'Session opened for %name.', array('%name' => $user->name)); + // Update the user table timestamp noting user has logged in. + // This is also used to invalidate one-time login links. + $user->login = REQUEST_TIME; + db_update('users') + ->fields(array('login' => $user->login)) + ->condition('uid', $user->uid) + ->execute(); + + // Regenerate the session ID to prevent against session fixation attacks. + // This is called before hook_user in case one of those functions fails + // or incorrectly does a redirect which would leave the old session in place. + drupal_session_regenerate(); + + user_module_invoke('login', $edit, $user); +} + +/** + * Submit handler for the login form. Load $user object and perform standard login + * tasks. The user is then redirected to the My Account page. Setting the + * destination in the query string overrides the redirect. + */ +function user_login_submit($form, &$form_state) { + global $user; + $user = user_load($form_state['uid']); + $form_state['redirect'] = 'user/' . $user->uid; + + user_login_finalize($form_state); +} + +/** + * Helper function for authentication modules. Either logs in or registers + * the current user, based on username. Either way, the global $user object is + * populated and login tasks are performed. + */ +function user_external_login_register($name, $module) { + $account = user_external_load($name); + if (!$account) { + // Register this new user. + $userinfo = array( + 'name' => $name, + 'pass' => user_password(), + 'init' => $name, + 'status' => 1, + 'access' => REQUEST_TIME + ); + $account = user_save(drupal_anonymous_user(), $userinfo); + // Terminate if an error occurred during user_save(). + if (!$account) { + drupal_set_message(t("Error saving user account."), 'error'); + return; + } + user_set_authmaps($account, array("authname_$module" => $name)); + } + + // Log user in. + $form_state['uid'] = $account->uid; + user_login_submit(array(), $form_state); +} + +/** + * Generates a unique URL for a user to login and reset their password. + * + * @param object $account + * An object containing the user account. + * + * @return + * A unique URL that provides a one-time log in for the user, from which + * they can change their password. + */ +function user_pass_reset_url($account) { + $timestamp = REQUEST_TIME; + return url("user/reset/$account->uid/$timestamp/" . user_pass_rehash($account->pass, $timestamp, $account->login), array('absolute' => TRUE)); +} + +/** + * Generates a URL to confirm an account cancellation request. + * + * @param object $account + * The user account object, which must contain at least the following + * properties: + * - uid: The user uid number. + * - pass: The hashed user password string. + * - login: The user login name. + * + * @return + * A unique URL that may be used to confirm the cancellation of the user + * account. + * + * @see user_mail_tokens() + * @see user_cancel_confirm() + */ +function user_cancel_url($account) { + $timestamp = REQUEST_TIME; + return url("user/$account->uid/cancel/confirm/$timestamp/" . user_pass_rehash($account->pass, $timestamp, $account->login), array('absolute' => TRUE)); +} + +/** + * Creates a unique hash value for use in time-dependent per-user URLs. + * + * This hash is normally used to build a unique and secure URL that is sent to + * the user by email for purposes such as resetting the user's password. In + * order to validate the URL, the same hash can be generated again, from the + * same information, and compared to the hash value from the URL. The URL + * normally contains both the time stamp and the numeric user ID. The login + * name and hashed password are retrieved from the database as necessary. For a + * usage example, see user_cancel_url() and user_cancel_confirm(). + * + * @param $password + * The hashed user account password value. + * @param $timestamp + * A unix timestamp. + * @param $login + * The user account login name. + * + * @return + * A string that is safe for use in URLs and SQL statements. + */ +function user_pass_rehash($password, $timestamp, $login) { + return drupal_hmac_base64($timestamp . $login, drupal_get_hash_salt() . $password); +} + +/** + * Cancel a user account. + * + * Since the user cancellation process needs to be run in a batch, either + * Form API will invoke it, or batch_process() needs to be invoked after calling + * this function and should define the path to redirect to. + * + * @param $edit + * An array of submitted form values. + * @param $uid + * The user ID of the user account to cancel. + * @param $method + * The account cancellation method to use. + * + * @see _user_cancel() + */ +function user_cancel($edit, $uid, $method) { + global $user; + + $account = user_load($uid); + + if (!$account) { + drupal_set_message(t('The user account %id does not exist.', array('%id' => $uid)), 'error'); + watchdog('user', 'Attempted to cancel non-existing user account: %id.', array('%id' => $uid), WATCHDOG_ERROR); + return; + } + + // Initialize batch (to set title). + $batch = array( + 'title' => t('Cancelling account'), + 'operations' => array(), + ); + batch_set($batch); + + // Modules use hook_user_delete() to respond to deletion. + if ($method != 'user_cancel_delete') { + // Allow modules to add further sets to this batch. + module_invoke_all('user_cancel', $edit, $account, $method); + } + + // Finish the batch and actually cancel the account. + $batch = array( + 'title' => t('Cancelling user account'), + 'operations' => array( + array('_user_cancel', array($edit, $account, $method)), + ), + ); + batch_set($batch); + + // Batch processing is either handled via Form API or has to be invoked + // manually. +} + +/** + * Last batch processing step for cancelling a user account. + * + * Since batch and session API require a valid user account, the actual + * cancellation of a user account needs to happen last. + * + * @see user_cancel() + */ +function _user_cancel($edit, $account, $method) { + global $user; + + switch ($method) { + case 'user_cancel_block': + case 'user_cancel_block_unpublish': + default: + // Send account blocked notification if option was checked. + if (!empty($edit['user_cancel_notify'])) { + _user_mail_notify('status_blocked', $account); + } + user_save($account, array('status' => 0)); + drupal_set_message(t('%name has been disabled.', array('%name' => $account->name))); + watchdog('user', 'Blocked user: %name %email.', array('%name' => $account->name, '%email' => '<' . $account->mail . '>'), WATCHDOG_NOTICE); + break; + + case 'user_cancel_reassign': + case 'user_cancel_delete': + // Send account canceled notification if option was checked. + if (!empty($edit['user_cancel_notify'])) { + _user_mail_notify('status_canceled', $account); + } + user_delete($account->uid); + drupal_set_message(t('%name has been deleted.', array('%name' => $account->name))); + watchdog('user', 'Deleted user: %name %email.', array('%name' => $account->name, '%email' => '<' . $account->mail . '>'), WATCHDOG_NOTICE); + break; + } + + // After cancelling account, ensure that user is logged out. + if ($account->uid == $user->uid) { + // Destroy the current session, and reset $user to the anonymous user. + session_destroy(); + } + + // Clear the cache for anonymous users. + cache_clear_all(); +} + +/** + * Delete a user. + * + * @param $uid + * A user ID. + */ +function user_delete($uid) { + user_delete_multiple(array($uid)); +} + +/** + * Delete multiple user accounts. + * + * @param $uids + * An array of user IDs. + */ +function user_delete_multiple(array $uids) { + if (!empty($uids)) { + $accounts = user_load_multiple($uids, array()); + + $transaction = db_transaction(); + try { + foreach ($accounts as $uid => $account) { + module_invoke_all('user_delete', $account); + module_invoke_all('entity_delete', $account, 'user'); + field_attach_delete('user', $account); + drupal_session_destroy_uid($account->uid); + } + + db_delete('users') + ->condition('uid', $uids, 'IN') + ->execute(); + db_delete('users_roles') + ->condition('uid', $uids, 'IN') + ->execute(); + db_delete('authmap') + ->condition('uid', $uids, 'IN') + ->execute(); + } + catch (Exception $e) { + $transaction->rollback(); + watchdog_exception('user', $e); + throw $e; + } + entity_get_controller('user')->resetCache(); + } +} + +/** + * Page callback wrapper for user_view(). + */ +function user_view_page($account) { + // An administrator may try to view a non-existent account, + // so we give them a 404 (versus a 403 for non-admins). + return is_object($account) ? user_view($account) : MENU_NOT_FOUND; } /**