Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Drupal currently executes functions in include files. This is very annoying if you want to include files from external scripts such as update scripts or other scripts that want to use Drupal as a framework.
Offending files are:
database.inc:
db_set_active();
session.inc:
session_set_save_handler("sess_open", "sess_close", "sess_read", "sess_write", "sess_destroy", "sess_gc");
session_start();
common.inc:
A bunch of stuff at the bottom.
All this should be moved into a start.inc file.
Comment | File | Size | Author |
---|---|---|---|
#41 | bootstrap_13.patch | 13.77 KB | chx |
#39 | bootstrap_12.patch | 13.77 KB | chx |
#37 | bootstrap_11.patch | 13.76 KB | chx |
#33 | bootstrap_10.patch | 17.38 KB | chx |
#32 | bootstrap_9.patch | 16.17 KB | killes@www.drop.org |
Comments
Comment #1
adrian CreditAttribution: adrian commentedI haven't done this recently, but back in 4.4 era I attempted something similar to this for the install api.
A _lot_ of modifications were required to be able to use (for instance) the theme api without needing to have a database connection active.
Comment #2
adrian CreditAttribution: adrian commentedIt's definately not a simple problem.
For instance.. the db connection needs to be started during bootstrap, and during normal execution.
I think the better idea is to include a DRUPAL_INIT constant we can check before executing the function. (or a DRUPAL_NO_INIT .. i'm not picky).
Comment #3
killes@www.drop.org CreditAttribution: killes@www.drop.org commentedHere's an old patch by me that illustrates what I want to do.
http://lists.drupal.org/archives/drupal-devel/2005-03/txtq23pAcHATw.txt
Instead of putting the stuff into index.php, alternative file names need to be found.
Comment #4
chx CreditAttribution: chx commentedWell, I have written something to address the issue.
Now you can include everything to your hearts content just include init.inc as well and do an appropriate drupal_bootstrap.
Alas, ATM database and bootstrap is very interwined. This interdependency could be obliterated if we'd not use variable_get('dev_query') in database.*.inc.
cvs diff -u -N -F^f against cvs.drupal.org as CVSROOT failed to include to include the two new files, so I'll include them as followups.
Comment #5
chx CreditAttribution: chx commentedHm, settings.php changes were ommited.
Comment #6
chx CreditAttribution: chx commentedComment #7
chx CreditAttribution: chx commentedComment #8
chx CreditAttribution: chx commentedFollowing advice from darix I have now created one patch. Still, I'd like to know how could I do this with cvs.
Comment #9
chx CreditAttribution: chx commentedSteef found that I had $$ in settings.php.
He also asked what's this good for. Several things, but most advantages come when you use only parts of Drupal. If you want use, say, only our forms functions then now you can include('common.inc'); without side effects. If you need the database layer, you do a include('init.inc') and call drupal_bootstrap('database')
Comment #10
chx CreditAttribution: chx commentedThe database layer is now totally independent of other parts of Drupal.
Comment #11
chx CreditAttribution: chx commentedA very stupid bug related to variable init is fixed and I am sync'd to HEAD, so timer_init('page') is called.
Comment #12
chx CreditAttribution: chx commentedComment #13
chx CreditAttribution: chx commentedComment #14
chx CreditAttribution: chx commentedFixed drupal_bootstrap('database') -- $phase was 0 , and == FALSE fired. === FALSE is used.
Comment #15
nsk CreditAttribution: nsk commentedSome days before I was studying the Drupal source code and it caused me headaches that it executed code via include calls. I think it is better design to not execute anything automatically in includes.
Comment #16
chx CreditAttribution: chx commentedAdded phpdoc and moved drupal_unpack to init.inc thus now session handler can be used independently.
Comment #17
Dries CreditAttribution: Dries commentedSorry but the quality of the PHPdoc is not up to standards. Please use proper punctuation, typography, line-wrapping, etc. It should also explain when/why to use this function.
I can't help but think this is ugly code.
drupal_bootstrap
, for example, can be written more elegantly (not tested):instead of:
Comment #18
chx CreditAttribution: chx commentedSome code simplification in drupal_bootstrap and better PHPdoc. (Thanks Dries and Steven.)
Comment #19
moshe weitzman CreditAttribution: moshe weitzman commentedi did a quick code review and this patch looks quite nice to me. note that it changes some of the same bits that are changed by my 'ban hosts' patch. i'm ok with committing this one first, and i will update accordingly.
Comment #20
Dries CreditAttribution: Dries commented- Patch breaks
update.php
. Might want to double-checkcron.php
andxmlrpc.php
.- The PHPdoc code wraps at variable width/length. Might want to tidy up that a little.
Comment #21
moshe weitzman CreditAttribution: moshe weitzman commentedin the big case statement in drupal_bootstrap(), perhaps use defined constants instead of 0, 1, 2 ...
i think the 4 phase bootstrap is perfect.
perhaps move the code in the drupal_bootstrap('all') section to common.inc under a new function called drupal_bootstrap_all(). that makes the code a bit tidier and keeps a few lines out of init.inc which is useful. saves a bit of parsing on requests that don't use the whole framework. you could do that for the other phases as well although the benefit is smaller.
Comment #22
chx CreditAttribution: chx commentedWe were already using named phases (not constants), but I have renamed them now as discussed with moshe. Moved the code for the last phase (now called 'full') to common.inc. Simplified index.php -- much simpler than in previous patch, a bit simpler than pre-patch.
Comment #23
chx CreditAttribution: chx commentedFollowing Moshe's advice to see http://talks.php.net/show/acc_php/33 , I have added a few dots before the paths.
Comment #24
Bèr Kessels CreditAttribution: Bèr Kessels commentedI love the idea of this. +1 for the last (#8) patch from me. I must mention i did not test it thoroughly, hust saw that it works here! The levelled include looks great to me.
A minor thing , that I thnik would make this even better, is an additional level for feeds. Feeds need not load all the theme, blocks, and other stuff, only the nodes (items) in the feeds.
For reference, my last statistics:
So my main feeds are the 13th most referenced URL on my sites. (the 4-12 contain a lot of odd deeplinked images, and off course /node and / )
Comment #25
chx CreditAttribution: chx commentedSeparating node/feed is not an easy thing, maybe impossible First off, you need most modules as nodeapi is called during this a theme call is possible. I do not see what can be omitted from 'full'.
I think this could be a next patch, if we can (which I doubt) an intermediate between 'page cache' and 'full'.
Comment #26
Bèr Kessels CreditAttribution: Bèr Kessels commentedI figured it would be hard. So lets ignore my post. I will think of a way to cache it better inside node.module and taxonomy.module.
Comment #27
killes@www.drop.org CreditAttribution: killes@www.drop.org commentedI read the patch and would like to see it get into core rather sooner than later.
Comment #28
Stefan Nagtegaal CreditAttribution: Stefan Nagtegaal commentedThis would make things pretty simple.. When we look at the upcoming install-api, we only have todo:
to make database access possible and ready for usage..
I cannot see anything inside the code itself which looks not right, but:
Shouldn't that be something like:
<?php
+ header('HTTP/1.0 403 Forbidden');
+ drupal_set_message('error', t('Sorry, %remote-address has been banned.' array('%remote-address' => $_SERVER['REMOTE_ADDR'])));
+ exit();
But, I'm not sure if this function is already known at this point of loading...
Comment #29
gordon CreditAttribution: gordon commented+1, I agree that this needs to go into live sooner, or we are not going to be able to get it into the next release.
This is going to require a good shake down to make sure that it is all working.
Comment #30
chx CreditAttribution: chx commentedStefan, your comment is cut, but even if it were not, that's a different issue -- I moved that code intact. So if you have some concerns over the recent deny patch, please reopen that issue.
Comment #31
Dries CreditAttribution: Dries commentedPatch no longer works.
Comment #32
killes@www.drop.org CreditAttribution: killes@www.drop.org commentedupdated
Comment #33
chx CreditAttribution: chx commentedthanks killes. xmlrpc and cron patched.
Comment #34
Dries CreditAttribution: Dries commentedWhy do we need a init.inc AND a bootstrap.inc? IMO, these names are somewhat confusing. Can't we merge init.inc into bootstrap.inc (and keep it simple)?
Comment #35
chx CreditAttribution: chx commentedMaybe rename bootstrap to something better? I do not want to merge, on of the good things in this patch that you are not forced to include bootstrap (which is 20K) only init.inc (which is only 4K).
Comment #36
killes@www.drop.org CreditAttribution: killes@www.drop.org commented20K difference are really no reason to not merge them.
Comment #37
chx CreditAttribution: chx commentedI hate CVS.
Comment #38
Dries CreditAttribution: Dries commentedThe code comments need updating too; they mention
init.inc
. The documentation starts talking about 'levels' and then switches to use the word 'phases' ... I think we should call it a 'boostrap phase', or 'phase'. Is the checkif ($called) return
necessary? Who's going to call that function twice?Comment #39
chx CreditAttribution: chx commentedI do not know, but fix gpc magic is protected as well, so I thought I will protect mine.
CVS delenda est.
Comment #40
Dries CreditAttribution: Dries commentedI don't think you updated your CVS repository first ...
Comment #41
chx CreditAttribution: chx commentedWhy do you think so? The patch applies cleanly. I do not like CVS because it is so hard to use. Can we get back the core SVN readonly mirror please?
jvandyk advised stage instead of phase. So be it.
Comment #42
Dries CreditAttribution: Dries commentedThe patch applies but does not work. For example, drupal_deny() has been renamed to drupal_is_denied(). I'll fix up your patch.
Comment #43
Dries CreditAttribution: Dries commentedCommitted to HEAD.
chx: can you double-check whether the global $conf variable is still secure? That is, make sure it can't be send using the URL or something. I believe we used to unset it explicitely.
Comment #44
chx CreditAttribution: chx commentedDuring normal code flow, _drupal_bootstrap is called with appropriate stages, and the the first call of _drupal_bootstrap (with 'database') has an unset($conf); in it. If someone writes a helper script which includes bootstrap.inc and calls directly _drupal_bootstrap with another stage then maybe... but I think nothing will work in that case, because the database functions won't be there.
Comment #45
Dries CreditAttribution: Dries commentedPerfect. Marking this fixed.
Comment #46
(not verified) CreditAttribution: commentedComment #47
(not verified) CreditAttribution: commentedComment #48
(not verified) CreditAttribution: commentedComment #49
(not verified) CreditAttribution: commentedComment #50
(not verified) CreditAttribution: commentedComment #51
(not verified) CreditAttribution: commentedComment #52
(not verified) CreditAttribution: commentedComment #53
(not verified) CreditAttribution: commented