common.inc 37.1 KB
Newer Older
Dries's avatar
 
Dries committed
1 2 3 4 5 6 7 8 9 10 11
<?php
// $Id$

function conf_init() {

  /*
  ** Try finding a matching configuration file by stripping the website's
  ** URI from left to right.  If no configuration file is found, return a
  ** default value 'conf'.
  */

Dries's avatar
 
Dries committed
12
  $uri = $_SERVER["PHP_SELF"];
Dries's avatar
 
Dries committed
13

Dries's avatar
 
Dries committed
14
  $file = strtolower(strtr($_SERVER["HTTP_HOST"] . substr($uri, 0, strrpos($uri, "/")), "/:", ".."));
Dries's avatar
 
Dries committed
15 16 17 18 19 20 21 22 23 24 25 26 27

  while (strlen($file) > 4) {
    if (file_exists("includes/$file.php")) {
      return $file;
    }
    else {
      $file = substr($file, strpos($file, ".") + 1);
    }
  }

  return "conf";
}

Dries's avatar
 
Dries committed
28 29 30
/**
 * Build the alias/path array
 */
Dries's avatar
 
Dries committed
31
function drupal_get_path_map($action = "") {
Dries's avatar
 
Dries committed
32 33
  static $map;

Dries's avatar
 
Dries committed
34 35 36 37
  if ($action == "rebuild") {
    $map = NULL;
  }

Dries's avatar
 
Dries committed
38 39 40
  if (empty($map)) {
    $result = db_query("SELECT * FROM {path}");
    while ($data = db_fetch_object($result)) {
Dries's avatar
 
Dries committed
41
      $map[$data->dst] = $data->src;
Dries's avatar
 
Dries committed
42 43 44 45 46 47
    }
  }

  return $map;
}

Dries's avatar
 
Dries committed
48 49 50 51
function drupal_rebuild_path_map() {
  drupal_get_path_map("rebuild");
}

Dries's avatar
 
Dries committed
52 53 54
function error_handler($errno, $message, $filename, $line, $variables) {
  $types = array(1 => "error", 2 => "warning", 4 => "parse error", 8 => "notice", 16 => "core error", 32 => "core warning", 64 => "compile error", 128 => "compile warning", 256 => "user error", 512 => "user warning", 1024 => "user notice");
  $entry = $types[$errno] .": $message in $filename on line $line.";
Dries's avatar
 
Dries committed
55 56

  if ($errno & E_ALL ^ E_NOTICE) {
Dries's avatar
 
Dries committed
57
    watchdog("error", $types[$errno] .": $message in $filename on line $line.");
58
    print "<pre>$entry</pre>";
Dries's avatar
 
Dries committed
59 60 61
  }
}

Dries's avatar
 
Dries committed
62
function watchdog($type, $message, $link = NULL) {
Dries's avatar
 
Dries committed
63
  global $user;
Dries's avatar
 
Dries committed
64
  db_query("INSERT INTO {watchdog} (uid, type, message, link, location, hostname, timestamp) VALUES (%d, '%s', '%s', '%s', '%s', '%s', %d)", $user->uid, $type, $message, $link, request_uri(), getenv("REMOTE_ADDR"), time());
Dries's avatar
 
Dries committed
65 66 67 68
}

function throttle($type, $rate) {
  if (!user_access("access administration pages")) {
Dries's avatar
 
Dries committed
69
    if ($throttle = db_fetch_object(db_query("SELECT * FROM {watchdog} WHERE type = '$type' AND hostname = '". getenv("REMOTE_ADDR") ."' AND ". time() ." - timestamp < $rate"))) {
Dries's avatar
 
Dries committed
70 71 72 73 74 75 76 77 78
      watchdog("warning", "throttle: '". getenv("REMOTE_ADDR") ."' exceeded submission rate - $throttle->type");
      die(message_throttle());
    }
    else {
      watchdog($type, "throttle");
    }
  }
}

Dries's avatar
 
Dries committed
79 80
function check_php_setting($name, $value) {
  if (ini_get($name) != $value) {
Steven Wittens's avatar
Steven Wittens committed
81
    print "<p>Note that the value of PHP's configuration option <code><b>$name</b></code> is incorrect.  It should be set to '$value' for Drupal to work properly.  Either configure your webserver to support <code>.htaccess</code> files so Drupal's <code>.htaccess</code> file can set it to the proper value, or edit your <code>php.ini</code> file directly.  This message will automatically dissapear when the problem has been fixed.</p>";
Dries's avatar
 
Dries committed
82 83 84
  }
}

Dries's avatar
 
Dries committed
85 86 87 88 89
function arg($index) {

  static $arguments;

  if (empty($arguments)) {
Dries's avatar
 
Dries committed
90
    $arguments = explode("/", $_GET["q"]);
Dries's avatar
 
Dries committed
91 92 93 94 95
  }

  return $arguments[$index];
}

Dries's avatar
 
Dries committed
96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123
function array2object($node) {

  if (is_array($node)) {
    foreach ($node as $key => $value) {
      $object->$key = $value;
    }
  }
  else {
    $object = $node;
  }

  return $object;
}

function object2array($node) {

  if (is_object($node)) {
    foreach ($node as $key => $value) {
      $array[$key] = $value;
    }
  }
  else {
    $array = $node;
  }

  return $array;
}

Dries's avatar
 
Dries committed
124 125 126 127 128 129 130 131 132
function referer_uri() {

  if (isset($_SERVER["HTTP_REFERER"])) {
    $uri = $_SERVER["HTTP_REFERER"];

    return check_url($uri);
  }
}

Dries's avatar
 
Dries committed
133
function request_uri() {
Dries's avatar
 
Dries committed
134 135 136 137
  /*
  ** Since request_uri() is only available on Apache, we generate
  ** equivalent using other environment vars.
  */
Dries's avatar
 
Dries committed
138

Dries's avatar
 
Dries committed
139
  if (isset($_SERVER["REQUEST_URI"])) {
140
    $uri = $_SERVER["REQUEST_URI"];
Dries's avatar
 
Dries committed
141 142
  }
  else {
143
    $uri = $_SERVER["PHP_SELF"] ."?". $_SERVER["QUERY_STRING"];
Dries's avatar
 
Dries committed
144
  }
145

Dries's avatar
 
Dries committed
146
  return check_url($uri);
Dries's avatar
 
Dries committed
147 148
}

Dries's avatar
 
Dries committed
149
function message_access() {
Dries's avatar
 
Dries committed
150
  return t("You are not authorized to access this page.");
Dries's avatar
 
Dries committed
151 152 153 154 155 156 157 158 159 160
}

function message_na() {
  return t("n/a");
}

function message_throttle() {
  return t("You exceeded the maximum submission rate.  Please wait a few minutes and try again.");
}

Dries's avatar
 
Dries committed
161 162
function locale_init() {
  global $languages, $user;
Dries's avatar
 
Dries committed
163 164 165 166 167 168
  if ($user->uid && $languages[$user->language]) {
    return $user->language;
  }
  else {
    return key($languages);
  }
Dries's avatar
 
Dries committed
169 170
}

Dries's avatar
 
Dries committed
171
function t($string, $args = 0) {
Dries's avatar
 
Dries committed
172
  global $languages;
173

Dries's avatar
 
Dries committed
174 175 176 177 178 179 180
  /*
  ** About the usage of t().  We try to keep strings whole as much as
  ** possible and are unafraid of HTML markup within translation strings
  ** if necessary.  The suggested syntax for a link embedded within a
  ** translation string is for example:
  **
  ** $msg = t("You must login below or <a href=\"%url\">create a new
Dries's avatar
 
Dries committed
181 182
  **           account</a> before viewing the next page.", array("%url"
  **           => url("user/register")));
Dries's avatar
 
Dries committed
183 184
  */

185
  $string = ($languages && module_exist("locale") ? locale($string) : $string);
186

Dries's avatar
 
Dries committed
187 188
  if (!$args) {
    return $string;
Kjartan's avatar
Kjartan committed
189 190
  }
  else {
Dries's avatar
 
Dries committed
191 192
    return strtr($string, $args);
  }
Dries's avatar
 
Dries committed
193 194 195
}

function variable_init($conf = array()) {
Dries's avatar
 
Dries committed
196
  $result = db_query("SELECT * FROM {variable} ");
Dries's avatar
 
Dries committed
197 198
  while ($variable = db_fetch_object($result)) {
    if (!isset($conf[$variable->name])) {
Dries's avatar
 
Dries committed
199
      $conf[$variable->name] = unserialize($variable->value);
Dries's avatar
 
Dries committed
200 201 202 203 204 205
    }
  }

  return $conf;
}

206
function variable_get($name, $default) {
Dries's avatar
 
Dries committed
207 208 209 210 211 212 213 214
  global $conf;

  return isset($conf[$name]) ? $conf[$name] : $default;
}

function variable_set($name, $value) {
  global $conf;

Dries's avatar
 
Dries committed
215 216
  db_query("DELETE FROM {variable} WHERE name = '%s'", $name);
  db_query("INSERT INTO {variable} (name, value) VALUES ('%s', '%s')", $name, serialize($value));
Dries's avatar
 
Dries committed
217 218 219 220 221 222 223

  $conf[$name] = $value;
}

function variable_del($name) {
  global $conf;

Dries's avatar
 
Dries committed
224
  db_query("DELETE FROM {variable} WHERE name = '%s'", $name);
Dries's avatar
 
Dries committed
225 226 227 228

  unset($conf[$name]);
}

Dries's avatar
 
Dries committed
229
function drupal_specialchars($input, $quotes = ENT_NOQUOTES) {
Dries's avatar
 
Dries committed
230 231 232 233 234 235 236 237 238

  /*
  ** Note that we'd like to go 'htmlspecialchars($input, $quotes, "utf-8")'
  ** like the PHP manual tells us to, but we can't because there's a bug in
  ** PHP <4.3 that makes it mess up multibyte charsets if we specify the
  ** charset.  Change this later once we make PHP 4.3 a requirement.
  */

  return htmlspecialchars($input, $quotes);
Dries's avatar
 
Dries committed
239 240
}

Dries's avatar
 
Dries committed
241
function table_cell($cell, $header = 0) {
Dries's avatar
 
Dries committed
242
  if (is_array($cell)) {
Dries's avatar
 
Dries committed
243 244 245 246 247 248 249 250 251 252 253
    $data = $cell["data"];
    foreach ($cell as $key => $value) {
      if ($key != "data")  {
        $attributes .= " $key=\"$value\"";
      }
    }
  }
  else {
    $data = $cell;
  }

Dries's avatar
 
Dries committed
254
  if ($header) {
Dries's avatar
 
Dries committed
255 256 257 258 259 260 261 262 263 264 265
    $output = "<th$attributes>$data</th>";
  }
  else {
    $output = "<td$attributes>$data</td>";
  }

  return $output;
}

function table($header, $rows) {

266
  $output = "<table>\n";
Dries's avatar
 
Dries committed
267 268 269 270 271

  /*
  ** Emit the table header:
  */

Dries's avatar
 
Dries committed
272 273 274
  if (is_array($header)) {
    $output .= " <tr>";
    foreach ($header as $cell) {
Dries's avatar
 
Dries committed
275 276 277
      if (is_array($cell) && $cell["field"]) {
        $cell = tablesort($cell, $header);
      }
Dries's avatar
 
Dries committed
278 279
      $output .= table_cell($cell, 1);
    }
Dries's avatar
 
Dries committed
280
    $output .= " </tr>\n";
Dries's avatar
 
Dries committed
281 282 283 284 285 286
  }

  /*
  ** Emit the table rows:
  */

Dries's avatar
 
Dries committed
287 288 289 290 291 292 293 294
  if (is_array($rows)) {
    foreach ($rows as $number => $row) {
      if ($number % 2 == 1) {
        $output .= " <tr class=\"light\">";
      }
      else {
        $output .= " <tr class=\"dark\">";
      }
Dries's avatar
 
Dries committed
295

Dries's avatar
 
Dries committed
296 297 298
      foreach ($row as $cell) {
        $output .= table_cell($cell, 0);
      }
Dries's avatar
 
Dries committed
299
      $output .= " </tr>\n";
Dries's avatar
 
Dries committed
300 301 302
    }
  }

Dries's avatar
 
Dries committed
303
  $output .= "</table>\n";
Dries's avatar
 
Dries committed
304 305 306 307

  return $output;
}

308 309 310 311 312 313
/**
 * Verify the syntax of the given e-mail address.  Empty e-mail addresses
 * are allowed.  See RFC 2822 for details.
 *
 * @param $mail  a email address
 */
Dries's avatar
 
Dries committed
314
function valid_email_address($mail) {
315 316 317 318 319 320 321 322 323 324 325 326 327
  $user = '[a-zA-Z0-9_\-\.\+\^!#\$%&*+\/\=\?\`\|\{\}~\']+';
  $domain = '(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9]\.?)+';
  $ipv4 = '[0-9]{1,3}(\.[0-9]{1,3}){3}';
  $ipv6 = '[0-9a-fA-F]{1,4}(\:[0-9a-fA-F]{1,4}){7}';

  if (preg_match("/^$user@($domain|(\[($ipv4|$ipv6)\]))$/", $mail)) {
    return 1;
  }
  else {
    return 0;
  }
}

Dries's avatar
 
Dries committed
328 329 330 331 332 333 334
/**
 * Verify the syntax of the given URL.
 *
 * @param $url  an URL
 */
function valid_url($url) {

Dries's avatar
 
Dries committed
335
  if (preg_match("/^[a-zA-z0-9\/:_\-_\.,]+$/", $url)) {
Dries's avatar
 
Dries committed
336 337 338 339 340 341 342
    return 1;
  }
  else {
    return 0;
  }
}

Kjartan's avatar
Kjartan committed
343 344 345 346
/**
 * Format a single result entry of a search query:
 *
 * @param $item  a single search result as returned by <module>_search of type
Dries's avatar
 
Dries committed
347
 *               array("count" => ..., "link" => ..., "title" => ...,
Kjartan's avatar
Kjartan committed
348 349 350
 *               "user" => ..., "date" => ..., "keywords" => ...)
 * @param $type  module type of this item
 */
Dries's avatar
 
Dries committed
351
function search_item($item, $type) {
Dries's avatar
 
Dries committed
352 353 354 355 356 357 358 359 360 361

  /*
  ** Modules may implement the "search_item" hook in order to overwrite
  ** the default function to display search results.
  */

  if (module_hook($type, "search_item")) {
    $output = module_invoke($type, "search_item", $item);
  }
  else {
Dries's avatar
 
Dries committed
362
    $output .= " <b><u><a href=\"". $item["link"] ."\">". $item["title"] ."</a></u></b><br />";
Dries's avatar
 
Dries committed
363 364 365
    $output .= " <small>$type ". ($item["user"] ? " - ". $item["user"] : "") ."". ($item["date"] ? " - ". format_date($item["date"], "small") : "") ."</small>";
    $output .= "<br /><br />";
  }
Dries's avatar
 
Dries committed
366 367 368 369

  return $output;
}

Kjartan's avatar
Kjartan committed
370 371 372 373
/**
 * Render a generic search form.
 *
 * "Generic" means "universal usable" - that is, usable not only from
Dries's avatar
 
Dries committed
374
 * 'site.com/search', but also as a simple seach box (without
Dries's avatar
 
Dries committed
375 376
 * "Restrict search to", help text, etc) from theme's header etc.
 * This means: provide options to only conditionally render certain
Kjartan's avatar
Kjartan committed
377 378
 * parts of this form.
 *
Dries's avatar
 
Dries committed
379
 * @param $action  Form action. Defaults to 'site.com/search'.
Dries's avatar
 
Dries committed
380
 * @param $keys   string containing keywords for the search.
Dries's avatar
 
Dries committed
381
 * @param $options != 0: Render additional form fields/text
Kjartan's avatar
Kjartan committed
382 383
 *                 ("Restrict search to", help text, etc).
 */
Dries's avatar
 
Dries committed
384
function search_form($action = NULL, $keys = NULL, $options = NULL) {
Dries's avatar
 
Dries committed
385 386

  if (!$action) {
Dries's avatar
 
Dries committed
387
    $action = url("search");
Dries's avatar
 
Dries committed
388 389
  }

Kjartan's avatar
Kjartan committed
390 391
  $output .= " <br /><input type=\"text\" size=\"50\" value=\"". check_form($keys) ."\" name=\"keys\" />";
  $output .= " <input type=\"submit\" value=\"". t("Search") ."\" />\n";
Dries's avatar
 
Dries committed
392 393 394 395 396 397 398

  if ($options != 0) {
    $output .= "<br />";
    $output .= t("Restrict search to") .": ";

    foreach (module_list() as $name) {
      if (module_hook($name, "search")) {
Kjartan's avatar
Kjartan committed
399
        $output .= " <input type=\"checkbox\" name=\"edit[type][$name]\" ". ($edit["type"][$name] ? " checked=\"checked\"" : "") ." /> ". t($name);
Dries's avatar
 
Dries committed
400 401 402 403
      }
    }
  }

Kjartan's avatar
Kjartan committed
404 405
  $form .= "<br />";

Dries's avatar
 
Dries committed
406 407 408 409
  return form($output, "post", $action);
}

/*
Kjartan's avatar
Kjartan committed
410 411
 * Collect the search results:
 */
Dries's avatar
 
Dries committed
412
function search_data($keys = NULL) {
Dries's avatar
 
Dries committed
413 414

  $edit = $_POST["edit"];
Dries's avatar
 
Dries committed
415

Dries's avatar
 
Dries committed
416
  if (isset($keys)) {
Dries's avatar
 
Dries committed
417
    foreach (module_list() as $name) {
Dries's avatar
 
Dries committed
418
      if (module_hook($name, "search") && (!$edit["type"] || $edit["type"][$name]) && ($result = module_invoke($name, "search", $keys))) {
Kjartan's avatar
Kjartan committed
419
        if ($name == "node" || $name == "comment") {
Dries's avatar
 
Dries committed
420
          $output .= "<p><b>". t("Matching ". $name ."s ranked in order of relevance") .":</b></p>";
Kjartan's avatar
Kjartan committed
421 422
        }
        else {
Dries's avatar
 
Dries committed
423
          $output .= "<p><b>". t("Matching ". $name ."s") .":</b></p>";
Kjartan's avatar
Kjartan committed
424
        }
Dries's avatar
 
Dries committed
425 426 427 428 429 430 431 432 433 434
        foreach ($result as $entry) {
          $output .= search_item($entry, $name);
        }
      }
    }
  }

  return $output;
}

Kjartan's avatar
Kjartan committed
435 436 437
/**
 * Display the search form and the resulting data.
 *
Dries's avatar
 
Dries committed
438
 * @param $type    If set, search only nodes of this type.
Kjartan's avatar
Kjartan committed
439
 *                 Otherwise, search all types.
Dries's avatar
 
Dries committed
440
 * @param $action  Form action. Defaults to 'site.com/search'.
Kjartan's avatar
Kjartan committed
441
 * @param $query   Query string. Defaults to global $keys.
Dries's avatar
 
Dries committed
442
 * @param $options != 0: Render additional form fields/text
Kjartan's avatar
Kjartan committed
443 444
 *                 ("Restrict search to", help text, etc).
 */
Dries's avatar
 
Dries committed
445
function search_type($type, $action = NULL, $keys = NULL, $options = NULL) {
Dries's avatar
 
Dries committed
446

Dries's avatar
 
Dries committed
447
  $_POST["edit"]["type"][$type] = "on";
Dries's avatar
 
Dries committed
448

Dries's avatar
 
Dries committed
449
  return search_form($action, $keys, $options) . "<br />". search_data($keys);
Dries's avatar
 
Dries committed
450 451
}

Dries's avatar
 
Dries committed
452

Dries's avatar
 
Dries committed
453 454
function drupal_goto($url) {

Dries's avatar
 
Dries committed
455 456 457
  /*
  ** Translate &amp; to simply &
  */
Dries's avatar
 
Dries committed
458

Dries's avatar
 
Dries committed
459
  $url = str_replace("&amp;", "&", $url);
Dries's avatar
 
Dries committed
460

Dries's avatar
 
Dries committed
461 462 463 464 465
  /*
  ** It is advised to use "drupal_goto()" instead of PHP's "header()" as
  ** "drupal_goto()" will append the user's session ID to the URI when PHP
  ** is compiled with "--enable-trans-sid".
  */
Dries's avatar
 
Dries committed
466
  if (!ini_get("session.use_trans_sid") || !session_id() || strstr($url, session_id())) {
Dries's avatar
 
Dries committed
467 468 469
    header("Location: $url");
  }
  else {
Dries's avatar
 
Dries committed
470 471 472 473 474 475 476 477
    $sid = session_name() . "=" . session_id();

    if (strstr($url, "?") && !strstr($url, $sid)) {
      header("Location: $url&". $sid);
    }
    else {
      header("Location: $url?". $sid);
    }
Dries's avatar
 
Dries committed
478 479 480 481
  }

  /*
  ** The "Location" header sends a REDIRECT status code to the http
Dries's avatar
 
Dries committed
482
  ** daemon.  In some cases this can go wrong, so we make sure none
Dries's avatar
 
Dries committed
483 484 485 486 487 488 489 490 491 492 493
  ** of the code /below/ gets executed when we redirect.
  */

  exit();
}

/*
** Stores the referer in a persistent variable:
*/

function referer_save() {
Dries's avatar
 
Dries committed
494 495
  if (!strstr(referer_uri(), request_uri())) {
    $_SESSION["referer"] = referer_uri();
Dries's avatar
 
Dries committed
496 497 498 499 500 501 502 503
  }
}

/*
** Restores the referer from a persistent variable:
*/

function referer_load() {
Dries's avatar
 
Dries committed
504 505
  if (isset($_SESSION["referer"])) {
    return $_SESSION["referer"];
Dries's avatar
 
Dries committed
506 507 508 509 510 511
  }
  else {
    return 0;
  }
}

512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 561 562 563 564 565 566 567 568 569 570 571 572 573 574

/*
** Save a common file
*/
function drupal_file_save($file) {
  global $user;
  // TODO: extend to support filesystem storage
  if (variable_get("file_save", "database")) {
    if ($file->fid) {
      if ($file->tmp_name) {
        $data = fread(fopen($file->tmp_name, "rb"), $file->size);
        db_query("UPDATE {file} SET uid = %d, filename = '%s', type = '%s', size = %d, counter = %d, data = '%s', temporary = %d WHERE fid = %d", $file->uid, $file->filename, $file->type, $file->size, $file->counter, base64_encode($data), $file->temporary, $file->fid);
      }
      else {
        db_query("UPDATE {file} SET uid = %d, filename = '%s', type = '%s', size = %d, counter = %d, temporary = %d WHERE fid = %d", $file->uid, $file->filename, $file->type, $file->size, $file->counter, $file->temporary, $file->fid);
      }
    }
    else {
      if ($file->tmp_name) {
        $file->fid = db_next_id("file_fid");
        $data = fread(fopen($file->tmp_name, "rb"), $file->size);
        db_query("INSERT INTO {file} SET fid = %d, uid = %d, created = %d, filename = '%s', type = '%s', size = %d, counter = 0, data = '%s', temporary = %d", $file->fid, $user->uid, time(), $file->filename, $file->type, $file->size, base64_encode($data), $file->temporary);
      }
      else {
        return 0;
      }
    }
  }
  return $file->fid;
}

/*
** Load a common file
*/
function drupal_file_load($fid, $data = 0) {
  // TODO: extend to support filesystem storage
  if (variable_get("file_save", "database")) {
    if ($data) {
      $file = db_fetch_object(db_query("SELECT * FROM {file} WHERE fid = %d", $fid));
    }
    else {
      $file = db_fetch_object(db_query("SELECT fid, uid, filename, created, type, size, counter, temporary FROM {file} WHERE fid = %d", $fid));
    }

    if ($file->data) {
      $file->data = base64_decode($file->data);
    }
    return $file;
  }
}

/*
** Generate the HTTP headers and dump the data
*/
function drupal_file_send($fid) {
  if (($file = drupal_file_load($fid, 1))) {
    header("Content-type: $file->type");
    header("Content-length: $file->size");
    header("Content-Disposition: inline; filename=$file->filename");
    print $file->data;
  }
}

Dries's avatar
 
Dries committed
575
function valid_input_data($data) {
576

577
  if (is_array($data) || is_object($data)) {
578 579 580 581 582
    /*
    ** Form data can contain a number of nested arrays.
    */

    foreach ($data as $key => $value) {
Dries's avatar
 
Dries committed
583 584 585
      if (!valid_input_data($value)) {
        return 0;
      }
586 587 588 589 590 591 592
    }
  }
  else {
    /*
    ** Detect evil input data.
    */

Dries's avatar
Dries committed
593
    // check strings:
Dries's avatar
Dries committed
594
    $match  = preg_match("/\Wjavascript\s*:/i", $data);
Dries's avatar
Dries committed
595 596 597
    $match += preg_match("/\Wexpression\s*\(/i", $data);
    $match += preg_match("/\Walert\s*\(/i", $data);

598
    // check attributes:
Dries's avatar
Dries committed
599
    $match += preg_match("/\W(dynsrc|datasrc|data|lowsrc|on[a-z]+)\s*=[^>]+?>/i", $data);
Dries's avatar
 
Dries committed
600

601 602

    // check tags:
Dries's avatar
 
Dries committed
603
    $match += preg_match("/<\s*(applet|script|object|style|embed|form|blink|meta|html|frame|iframe|layer|ilayer|head|frameset|xml)/i", $data);
604 605 606

    if ($match) {
      watchdog("warning", "terminated request because of suspicious input data: ". drupal_specialchars($data));
Dries's avatar
 
Dries committed
607
      return 0;
608 609
    }
  }
Dries's avatar
 
Dries committed
610 611

  return 1;
612
}
Dries's avatar
 
Dries committed
613

614
function check_url($uri) {
Dries's avatar
 
Dries committed
615 616 617 618 619 620 621 622 623 624 625 626
  $uri = htmlspecialchars($uri, ENT_QUOTES);

  /*
  ** We replace ( and ) with their entity equivalents to prevent XSS
  ** attacks.
  */

  $uri = strtr($uri, array("(" => "&040;", ")" => "&041;"));

  return $uri;
}

Dries's avatar
 
Dries committed
627
function check_form($text) {
Dries's avatar
 
Dries committed
628
  return drupal_specialchars($text, ENT_QUOTES);
Dries's avatar
 
Dries committed
629 630
}

Dries's avatar
 
Dries committed
631
function check_query($text) {
Dries's avatar
 
Dries committed
632
  return addslashes($text);
Dries's avatar
 
Dries committed
633 634 635
}

function filter($text) {
Dries's avatar
 
Dries committed
636

Dries's avatar
 
Dries committed
637 638 639 640 641 642 643 644 645 646 647 648 649
  $modules = module_list();

  /*
  ** Make sure the HTML filters that are part of the node module
  ** are run first.
  */

  if (in_array("node", $modules)) {
    $text = module_invoke("node", "filter", $text);
  }

  foreach ($modules as $name) {
    if (module_hook($name, "filter") && $name != "node") {
Dries's avatar
 
Dries committed
650 651 652 653 654
      $text = module_invoke($name, "filter", $text);
    }
  }

  return $text;
Dries's avatar
 
Dries committed
655 656
}

Dries's avatar
 
Dries committed
657 658
function rewrite_old_urls($text) {

Dries's avatar
 
Dries committed
659 660 661 662
  global $base_url;

  $end = substr($base_url, 12);

Dries's avatar
 
Dries committed
663 664 665
  /*
  ** This is a *temporary* filter to rewrite old-style URLs to new-style
  ** URLs (clean URLs).  Currently, URLs are being rewritten dynamically
Dries's avatar
 
Dries committed
666 667
  ** (ie. "on output"), however when these rewrite rules have been tested
  ** enough, we will use them to permanently rewrite the links in node
Dries's avatar
 
Dries committed
668 669 670
  ** and comment bodies.
  */

Dries's avatar
 
Dries committed
671
  if (variable_get("clean_url", "0") == "0") {
Dries's avatar
 
Dries committed
672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687
    /*
    ** Relative URLs:
    */

    // rewrite 'node.php?id=<number>[&cid=<number>]' style URLs:
    $text = eregi_replace("\"(node)\.php\?id=([[:digit:]]+)(&cid=)?([[:digit:]]*)", "\"?q=\\1/view/\\2/\\4", $text);

    // rewrite 'module.php?mod=<name>{&<op>=<value>}' style URLs:
    $text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "\"?q=\\2/\\4/\\6" , $text);
    $text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "\"?q=\\2/\\4", $text);
    $text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))", "\"?q=\\2", $text);

    /*
    ** Absolute URLs:
    */

Dries's avatar
 
Dries committed
688
    // rewrite 'node.php?id=<number>[&cid=<number>]' style URLs:
Dries's avatar
 
Dries committed
689
    $text = eregi_replace("$end/(node)\.php\?id=([[:digit:]]+)(&cid=)?([[:digit:]]*)", "$end/?q=\\1/view/\\2/\\4", $text);
Dries's avatar
 
Dries committed
690

Dries's avatar
 
Dries committed
691
    // rewrite 'module.php?mod=<name>{&<op>=<value>}' style URLs:
Dries's avatar
 
Dries committed
692 693 694
    $text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/?q=\\2/\\4/\\6" , $text);
    $text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/?q=\\2/\\4", $text);
    $text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))", "\"$end/?q=\\2", $text);
Dries's avatar
 
Dries committed
695 696
  }
  else {
Dries's avatar
 
Dries committed
697 698 699 700
    /*
    ** Relative URLs:
    */

Dries's avatar
 
Dries committed
701
    // rewrite 'node.php?id=<number>[&cid=<number>]' style URLs:
Dries's avatar
 
Dries committed
702
    $text = eregi_replace("\"(node)\.php\?id=([[:digit:]]+)(&cid=)?([[:digit:]]*)", "\"\\1/view/\\2/\\4", $text);
Dries's avatar
 
Dries committed
703 704

    // rewrite 'module.php?mod=<name>{&<op>=<value>}' style URLs:
Dries's avatar
 
Dries committed
705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720
    $text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "\"\\2/\\4/\\6", $text);
    $text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "\"\\2/\\4", $text);
    $text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))", "\"\\2", $text);

    /*
    ** Absolute URLs:
    */

    // rewrite 'node.php?id=<number>[&cid=<number>]' style URLs:
    $text = eregi_replace("$end/(node)\.php\?id=([[:digit:]]+)(&cid=)?([[:digit:]]*)", "$end/\\1/view/\\2/\\4", $text);

    // rewrite 'module.php?mod=<name>{&<op>=<value>}' style URLs:
    $text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/\\2/\\4/\\6", $text);
    $text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/\\2/\\4", $text);
    $text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/\\2", $text);
}
Dries's avatar
 
Dries committed
721

Dries's avatar
 
Dries committed
722 723 724
  return $text;
}

Dries's avatar
 
Dries committed
725
function check_output($text) {
Dries's avatar
 
Dries committed
726
  if (isset($text)) {
Dries's avatar
 
Dries committed
727 728 729 730
    // filter content on output:
    $text = filter($text);

    // get the line breaks right:
Dries's avatar
 
Dries committed
731
    if (strip_tags($text, "<a><i><b><u><tt><code><cite><strong><img>") == $text) {
Dries's avatar
 
Dries committed
732 733 734 735 736 737 738 739
      $text = nl2br($text);
    }
  }
  else {
    $text = message_na();
  }

  return $text;
Dries's avatar
 
Dries committed
740 741
}

742 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758
/**
* Checks if a file is valid and correct.
*
* @param $name the name of the form_file item
* @param $type restrict to mime types
* @param $size restrict file size
* @param $paranoid flag to make sure file belongs to the current user
*
* @returns mixed file object, or error object, or false if there is no file
*/
function check_file($name, $type = "/.+/", $size = 0) {
  // Make sure we don't have a file stored temporarily
  if ($_POST["edit"]["__file"][$name]) {
    $file = drupal_file_load($_POST["edit"]["__file"][$name]);
    if (!$file->temporary) {
      unset($file);
    }
Dries's avatar
 
Dries committed
759
  }
760 761 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797

  // make sure $name exists in $_FILES
  if ($_FILES["edit"]["name"][$name]) {

    // populate $file object to make further testing simpler
    $file->filename = $_FILES["edit"]["name"][$name];
    $file->type = $_FILES["edit"]["type"][$name];
    $file->tmp_name = $_FILES["edit"]["tmp_name"][$name];
    $file->error = $_FILES["edit"]["error"][$name];
    $file->size = $_FILES["edit"]["size"][$name];

    if (!valid_input_data($file)) {
      $return->error = t("possible exploit abuse");
    }

    // make sure the file is a valid upload
    if (!is_uploaded_file($file->tmp_name) || $file->error == UPLOAD_ERR_PARTIAL || $file->error == UPLOAD_ERR_NO_FILE) {
      $return->error = t("invalid file upload");
    }

    // validate the file type uploaded
    if (!preg_match($type, $file->filename)) {
      $return->error = t("invalid file type");
    }

    // check the file size to make sure the file isn't too big
    if (($size && $file->size > $size) || $file->error == UPLOAD_ERR_INI_SIZE || $file->error == UPLOAD_ERR_FORM_SIZE) {
      $return->error = t("file size too big");
    }

    if (!$return->error) {
      $file->temporary = 1;
      $file->fid = drupal_file_save($file);
    }
  }

  if ($return->error) {
    return $return;
Dries's avatar
 
Dries committed
798
  }
799 800

  return $file ? $file : false;
Dries's avatar
 
Dries committed
801 802
}

Dries's avatar
 
Dries committed
803 804 805
function format_rss_channel($title, $link, $description, $items, $language = "en", $args = array()) {
  // arbitrary elements may be added using the $args associative array

Dries's avatar
 
Dries committed
806
  $output .= "<channel>\n";
Dries's avatar
 
Dries committed
807 808 809 810
  $output .= " <title>". drupal_specialchars(strip_tags($title)) ."</title>\n";
  $output .= " <link>". drupal_specialchars(strip_tags($link)) ."</link>\n";
  $output .= " <description>". drupal_specialchars($description) ."</description>\n";
  $output .= " <language>". drupal_specialchars(strip_tags($language)) ."</language>\n";
Dries's avatar
 
Dries committed
811
  foreach ($args as $key => $value) {
Dries's avatar
 
Dries committed
812
    $output .= " <$key>". drupal_specialchars(strip_tags($value)) ."</$key>\n";
Dries's avatar
 
Dries committed
813
  }
Dries's avatar
 
Dries committed
814 815 816 817 818 819
  $output .= $items;
  $output .= "</channel>\n";

  return $output;
}

Dries's avatar
 
Dries committed
820 821 822
function format_rss_item($title, $link, $description, $args = array()) {
  // arbitrary elements may be added using the $args associative array

Dries's avatar
 
Dries committed
823
  $output .= "<item>\n";
Dries's avatar
 
Dries committed
824 825 826
  $output .= " <title>". drupal_specialchars(strip_tags($title)) ."</title>\n";
  $output .= " <link>". drupal_specialchars(strip_tags($link)) ."</link>\n";
  $output .= " <description>". drupal_specialchars(check_output($description)) ."</description>\n";
Dries's avatar
 
Dries committed
827
  foreach ($args as $key => $value) {
Dries's avatar
 
Dries committed
828
    $output .= "<$key>". drupal_specialchars(strip_tags($value)) ."</$key>";
Dries's avatar
 
Dries committed
829
  }
Dries's avatar
 
Dries committed
830 831 832 833 834
  $output .= "</item>\n";

  return $output;
}

Dries's avatar
 
Dries committed
835 836 837 838 839 840 841 842 843 844 845 846 847 848
/**
 * Formats a string with a count of items so that the string is pluralized
 * correctly.
 * format_plural calls t() by itself, make sure not to pass already localized
 * strings to it.
 *
 * @param $count    The item count to display.
 * @param $singular The string for the singular case. Please make sure it's clear
 *                  this is singular, to ease translation. ("1 new comment" instead of
 *                  "1 new").
 * @param $plural   The string for the plrual case. Please make sure it's clear
 *                  this is plural, to ease translation. Use %count in places of the
 *                  item count, as in "%count new comments".
 */
Dries's avatar
 
Dries committed
849
function format_plural($count, $singular, $plural) {
Dries's avatar
 
Dries committed
850
  return t($count == 1 ? $singular : $plural, array("%count" => $count));
Dries's avatar
 
Dries committed
851 852 853
}

function format_size($size) {
Dries's avatar
 
Dries committed
854
  $suffix = t("bytes");
Dries's avatar
 
Dries committed
855 856
  if ($size > 1024) {
    $size = round($size / 1024, 2);
Dries's avatar
 
Dries committed
857
    $suffix = t("KB");
Dries's avatar
 
Dries committed
858 859 860
  }
  if ($size > 1024) {
    $size = round($size / 1024, 2);
Dries's avatar
 
Dries committed
861
    $suffix = t("MB");
Dries's avatar
 
Dries committed
862
  }
Dries's avatar
 
Dries committed
863
  return t("%size %suffix", array("%size" => $size, "%suffix" => $suffix));
Dries's avatar
 
Dries committed
864 865
}

Dries's avatar
 
Dries committed
866
function cache_get($key) {
Dries's avatar
 
Dries committed
867
  $cache = db_fetch_object(db_query("SELECT data, created FROM {cache} WHERE cid = '%s'", $key));
Dries's avatar
 
Dries committed
868
  return $cache->data ? $cache : 0;
Dries's avatar
 
Dries committed
869 870 871
}

function cache_set($cid, $data, $expire = 0) {
Dries's avatar
 
Dries committed
872 873
  if (db_fetch_object(db_query("SELECT cid FROM {cache} WHERE cid = '%s'", $cid))) {
    db_query("UPDATE {cache} SET data = '%s', created = %d, expire = %d WHERE cid = '%s'", $data, time(), $expire, $cid);
Dries's avatar
 
Dries committed
874 875
  }
  else {
Dries's avatar
 
Dries committed
876
    db_query("INSERT INTO {cache} (cid, data, created, expire) VALUES('%s', '%s', %d, %d)", $cid, $data, time(), $expire);
Dries's avatar
 
Dries committed
877
  }
Dries's avatar
 
Dries committed
878 879
}

Dries's avatar
 
Dries committed
880 881
function cache_clear_all($cid = NULL) {
  if (empty($cid)) {
Dries's avatar
 
Dries committed
882
    db_query("DELETE FROM {cache} WHERE expire <> 0");
Dries's avatar
 
Dries committed
883 884
  }
  else {
Dries's avatar
 
Dries committed
885
    db_query("DELETE FROM {cache} WHERE cid = '%s'", $cid);
Dries's avatar
 
Dries committed
886
  }
Dries's avatar
 
Dries committed
887 888 889
}

function page_set_cache() {
Dries's avatar
 
Dries committed
890
  global $user;
Dries's avatar
 
Dries committed
891

Dries's avatar
 
Dries committed
892
  if (!$user->uid && $_SERVER["REQUEST_METHOD"] == "GET") {
Dries's avatar
 
Dries committed
893
    if ($data = ob_get_contents()) {
Dries's avatar
 
Dries committed
894
      cache_set(request_uri(), $data, 1);
Dries's avatar
 
Dries committed
895 896 897 898
    }
  }
}

Dries's avatar
 
Dries committed
899
function page_get_cache() {
Dries's avatar
 
Dries committed
900
  global $user;
Dries's avatar
 
Dries committed
901

Dries's avatar
 
Dries committed
902 903
  $cache = NULL;

Dries's avatar
 
Dries committed
904
  if (!$user->uid && $_SERVER["REQUEST_METHOD"] == "GET") {
Dries's avatar
 
Dries committed
905 906 907
    $cache = cache_get(request_uri());

    if (empty($cache)) {
Dries's avatar
 
Dries committed
908
      ob_start();
Dries's avatar
 
Dries committed
909 910
    }
  }
Dries's avatar
 
Dries committed
911

Dries's avatar
 
Dries committed
912
  return $cache;
Dries's avatar
 
Dries committed
913 914 915
}

function format_interval($timestamp) {
Dries's avatar
 
Dries committed
916
  $units = array("1 year|%count years" => 31536000, "1 week|%count weeks" => 604800, "1 day|%count days" => 86400, "1 hour|%count hours" => 3600, "1 min|%count min" => 60, "1 sec|%count sec" => 1);
Kjartan's avatar
Kjartan committed
917
  foreach ($units as $key=>$value) {
Dries's avatar
 
Dries committed
918 919 920 921 922 923
    $key = explode("|", $key);
    if ($timestamp >= $value) {
      $output .= ($output ? " " : "") . format_plural(floor($timestamp / $value), $key[0], $key[1]);
      $timestamp %= $value;
    }
  }
Dries's avatar
 
Dries committed
924
  return ($output) ? $output : t("0 sec");
Dries's avatar
 
Dries committed
925 926 927 928 929
}

function format_date($timestamp, $type = "medium", $format = "") {
  global $user;

Kjartan's avatar
Kjartan committed
930
  $timestamp += ($user->timezone) ? $user->timezone - date("Z") : 0;
Dries's avatar
 
Dries committed
931 932 933

  switch ($type) {
    case "small":
Dries's avatar
 
Dries committed
934
      $format = variable_get("date_format_short", "m/d/Y - H:i");
Dries's avatar
 
Dries committed
935 936
      break;
    case "large":
Dries's avatar
 
Dries committed
937
      $format = variable_get("date_format_long", "l, F j, Y - H:i");
Dries's avatar
 
Dries committed
938 939
      break;
    case "custom":
Dries's avatar
 
Dries committed
940
      // No change to format
Dries's avatar
 
Dries committed
941
      break;
Dries's avatar
 
Dries committed
942
    case "medium":
Dries's avatar
 
Dries committed
943
    default:
Dries's avatar
 
Dries committed
944 945 946 947 948 949 950 951 952 953 954 955 956
      $format = variable_get("date_format_medium", "D, m/d/Y - H:i");
  }

  for ($i = strlen($format); $i >= 0; $c = $format[--$i]) {
    if (strstr("DFlMSw", $c)) {
      $date = t(date($c, $timestamp)) . $date;
    }
    else if (strstr("AaBdgGhHiIjLmnOrstTUWYyZz", $c)) {
      $date = date($c, $timestamp) . $date;
    }
    else {
      $date = $c.$date;
    }
Dries's avatar
 
Dries committed
957 958 959 960 961 962 963
  }
  return $date;
}

function format_name($object) {

  if ($object->uid && $object->name) {
Dries's avatar
Dries committed
964 965 966 967 968 969 970 971 972 973 974 975
    /*
    ** Shorten the name when it is too long or it will break many
    ** tables.
    */

    if (strlen($object->name) > 20) {
      $name = substr($object->name, 0, 15) ."...";
    }
    else {
      $name = $object->name;
    }

Dries's avatar
 
Dries committed
976
    if (arg(0) == "admin") {
Dries's avatar
Dries committed
977
      $output = l($name, "admin/user/edit/$object->uid", array("title" => t("Administer user profile.")));
Dries's avatar
 
Dries committed
978 979
    }
    else {
Dries's avatar
Dries committed
980
      $output = l($name, "user/view/$object->uid", array("title" => t("View user profile.")));
Dries's avatar
 
Dries committed
981
    }
Dries's avatar
 
Dries committed
982
  }
Dries's avatar
 
Dries committed
983 984 985 986 987 988 989 990 991 992
  else if ($object->name) {
    /*
    ** Sometimes modules display content composed by people who are
    ** not registers members of the site (i.e. mailing list or news
    ** aggregator modules).  This clause enables modules to display
    ** the true author of the content.
    */

    $output = $object->name;
  }
Dries's avatar
 
Dries committed
993
  else {
Dries's avatar
 
Dries committed
994
    $output = t(variable_get("anonymous", "Anonymous"));
Dries's avatar
 
Dries committed
995 996
  }

Dries's avatar
 
Dries committed
997
  return $output;
Dries's avatar
 
Dries committed
998 999 1000
}

function form($form, $method = "post", $action = 0, $options = 0) {
Dries's avatar
 
Dries committed
1001 1002

  if (!$action) {
1003
    $action = request_uri();
Dries's avatar
 
Dries committed
1004
  }
1005
  return "<form action=\"$action\" method=\"$method\"". drupal_attributes($options) .">\n$form\n</form>\n";
Dries's avatar
 
Dries committed
1006 1007 1008
}

function form_item($title, $value, $description = 0) {
Dries's avatar
 
Dries committed
1009
  return "<div class=\"form-item\">". ($title ? "<div class=\"title\">$title:</div>" : "") . $value . ($description ? "<div class=\"description\">$description</div>" : "") ."</div>\n";
Dries's avatar
 
Dries committed
1010 1011
}

1012 1013
function form_radio($title, $name, $value = 1, $checked = 0, $description = 0, $attributes = 0) {
  return form_item(0, "<input type=\"radio\" class=\"form-radio\" name=\"edit[$name]\" value=\"". $value ."\"". ($checked ? " checked=\"checked\"" : "") . drupal_attributes($attributes) ." /> $title", $description);
Dries's avatar
 
Dries committed
1014 1015
}

1016 1017
function form_checkbox($title, $name, $value = 1, $checked = 0, $description = 0, $attributes = 0) {
  return form_hidden($name, 0) . form_item(0, "<input type=\"checkbox\" class=\"form-checkbox\" name=\"edit[$name]\" value=\"". $value ."\"". ($checked ? " checked=\"checked\"" : "") . drupal_attributes($attributes) ." /> $title", $description);
Dries's avatar
 
Dries committed
1018 1019
}

1020
function form_textfield($title, $name, $value, $size, $maxlength, $description = 0, $attributes = 0) {
Dries's avatar
 
Dries committed
1021
  $size = $size ? " size=\"$size\"" : "";
1022
  return form_item($title, "<input type=\"text\" maxlength=\"$maxlength\" class=\"form-text\" name=\"edit[$name]\"$size value=\"". check_form($value) ."\"". drupal_attributes($attributes) ." />", $description);
Dries's avatar
 
Dries committed
1023 1024
}

1025
function form_password($title, $name, $value, $size, $maxlength, $description = 0, $attributes = 0) {
Dries's avatar
 
Dries committed
1026
  $size = $size ? " size=\"$size\"" : "";
1027
  return form_item($title, "<input type=\"password\" class=\"form-password\" maxlength=\"$maxlength\" name=\"edit[$name]\"$size value=\"". check_form($value) ."\"". drupal_attributes($attributes) ." />", $description);
Dries's avatar
 
Dries committed
1028 1029
}

1030
function form_textarea($title, $name, $value, $cols, $rows, $description = 0, $attributes = 0) {
Dries's avatar
 
Dries committed
1031
  $cols = $cols ? " cols=\"$cols\"" : "";
Dries's avatar
 
Dries committed
1032
  module_invoke_all("textarea", $name);  // eg. optionally plug in a WYSIWYG editor
1033
  return form_item($title, "<textarea wrap=\"virtual\"$cols rows=\"$rows\" name=\"edit[$name]\" id=\"edit[$name]\"". drupal_attributes($attributes) .">". check_form($value) ."</textarea>", $description);
Dries's avatar
 
Dries committed
1034 1035
}

Dries's avatar
 
Dries committed
1036
function form_select($title, $name, $value, $options, $description = 0, $extra = 0, $multiple = 0) {
Dries's avatar
 
Dries committed
1037
  if (count($options) > 0) {
Kjartan's avatar
Kjartan committed
1038
    foreach ($options as $key=>$choice) {
1039
      $select .= "<option value=\"$key\"". (is_array($value) ? (in_array($key, $value) ? " selected=\"selected\"" : "") : ($value == $key ? " selected=\"selected\"" : "")) .">". check_form($choice) ."</option>";
Dries's avatar
 
Dries committed
1040
    }
Kjartan's avatar
Kjartan committed
1041
    return form_item($title, "<select name=\"edit[$name]". ($multiple ? "[]" : "") ."\"". ($multiple ? " multiple " : "") . ($extra ? " $extra" : "") .">$select</select>", $description);
Dries's avatar
 
Dries committed
1042 1043 1044
  }
}

Dries's avatar
 
Dries committed
1045 1046 1047 1048 1049 1050 1051 1052 1053
function form_radios($title, $name, $value, $options, $description = 0) {
  if (count($options) > 0) {
    foreach ($options as $key=>$choice) {
      $output .= form_radio($choice, $name, $key, ($key == $value));
    }
    return form_item($title, $output, $description);
  }
}

1054 1055 1056 1057 1058
function form_file($title, $name, $size, $description = 0, $fid = 0) {
  if ($fid) { // Include file upload in case of preview
    $extra = form_hidden("__file][$name", $fid);
  }
  return $extra . form_item($title, "<input type=\"file\" class=\"form-file\" name=\"edit[$name]\" size=\"$size\" />\n", $description);
Dries's avatar
 
Dries committed
1059 1060 1061 1062 1063 1064
}

function form_hidden($name, $value) {
  return "<input type=\"hidden\" name=\"edit[$name]\" value=\"". check_form($value) ."\" />\n";
}

1065
function form_submit($value, $name = "op", $attributes = 0) {
Dries's avatar
 
Dries committed
1066
  return "<input type=\"submit\" class=\"form-submit\" name=\"$name\" value=\"". check_form($value) ."\" />\n";
Dries's avatar
 
Dries committed
1067 1068
}

Dries's avatar
 
Dries committed
1069
function form_weight($title = NULL, $name = "weight", $value = 0, $delta = 10, $description = 0, $extra = 0) {
Dries's avatar
 
Dries committed
1070
  for ($n = (-1 * $delta); $n <= $delta; $n++) {
Dries's avatar
 
Dries committed
1071 1072 1073 1074 1075 1076
    $weights[$n] = $n;
  }

  return form_select($title, $name, $value, $weights, $description, $extra);
}

Dries's avatar
 
Dries committed
1077 1078 1079 1080
function form_allowed_tags_text() {
  return variable_get("allowed_html", "") ? (t("Allowed HTML tags") .": ". htmlspecialchars(variable_get("allowed_html", ""))) : "";
}

Dries's avatar
 
Dries committed
1081 1082 1083
/**
 * Given an old url, return the alias.
 */
Dries's avatar
 
Dries committed
1084 1085
function drupal_get_path_alias($path) {
  $map = drupal_get_path_map();
Dries's avatar
 
Dries committed
1086

Dries's avatar
 
Dries committed
1087 1088 1089
  if ($map) {
    return array_search($path, $map);
  }
Dries's avatar
 
Dries committed
1090 1091 1092
}

/**
Dries's avatar
 
Dries committed
1093
 * Given an alias, return the default url.
Dries's avatar
 
Dries committed
1094
 */
Dries's avatar
 
Dries committed
1095 1096
function drupal_get_normal_path($path) {
  $map = drupal_get_path_map();
Dries's avatar
 
Dries committed
1097 1098 1099
  return $map[$path];
}

Dries's avatar
 
Dries committed
1100
function url($url = NULL, $query = NULL) {
Dries's avatar
 
Dries committed
1101
  global $base_url;
Dries's avatar
 
Dries committed
1102

Dries's avatar
 
Dries committed
1103 1104 1105 1106 1107 1108 1109 1110 1111 1112 1113
  static $script;

  if (empty($script)) {
    /*
    ** On some webservers such as IIS we can't omit "index.php".  As such we
    ** generate "index.php?q=foo" instead of "?q=foo" on anything that is not
    ** Apache.
    */
    $script = (strpos($_SERVER["SERVER_SOFTWARE"], "Apache") === false) ? "index.php" : "";
  }

Dries's avatar
 
Dries committed
1114
  if ($alias = drupal_get_path_alias($url)) {
Dries's avatar
 
Dries committed
1115 1116 1117
    $url = $alias;
  }

Dries's avatar
 
Dries committed
1118
  if (variable_get("clean_url", "0") == "0") {
Dries's avatar
 
Dries committed
1119 1120
    if (isset($url)) {
      if (isset($query)) {
Dries's avatar
 
Dries committed
1121
        return "$base_url/$script?q=$url&amp;$query";
Dries's avatar
 
Dries committed
1122 1123
      }
      else {
Dries's avatar
 
Dries committed
1124
        return "$base_url/$script?q=$url";
Dries's avatar
 
Dries committed
1125
      }
Dries's avatar
 
Dries committed
1126 1127
    }
    else {
Dries's avatar
 
Dries committed
1128
      if (isset($query)) {
Dries's avatar
 
Dries committed
1129
        return "$base_url/$script?$query";
Dries's avatar
 
Dries committed
1130 1131
      }
      else {
Dries's avatar
 
Dries committed
1132
        return "$base_url/";
Dries's avatar
 
Dries committed
1133
      }
Dries's avatar
 
Dries committed
1134 1135 1136
    }
  }
  else {
Dries's avatar
 
Dries committed
1137 1138
    if (isset($url)) {
      if (isset($query)) {
Dries's avatar
 
Dries committed
1139
        return "$base_url/$url?$query";
Dries's avatar
 
Dries committed
1140 1141
      }
      else {
Dries's avatar
 
Dries committed
1142
        return "$base_url/$url";
Dries's avatar
 
Dries committed
1143
      }
Dries's avatar
 
Dries committed
1144
    }
Dries's avatar
 
Dries committed
1145
    else {
Dries's avatar
 
Dries committed
1146
      if (isset($query)) {
Dries's avatar
 
Dries committed
1147
        return "$base_url/$script?$query";
Dries's avatar
 
Dries committed
1148 1149
      }
      else {
Dries's avatar
 
Dries committed
1150
        return "$base_url/";
Dries's avatar
 
Dries committed
1151
      }
Dries's avatar
 
Dries committed
1152
    }
Dries's avatar
 
Dries committed
1153
  }
Dries's avatar
 
Dries committed
1154 1155
}

1156 1157 1158 1159 1160 1161 1162
function drupal_attributes($attributes = 0) {
  if (is_array($attributes)) {
    $t = array();
    foreach ($attributes as $key => $value) {
      $t[] = "$key=\"$value\"";
    }
    return " ". implode($t, " ");
Dries's avatar
 
Dries committed
1163
  }
1164
}
Dries's avatar
 
Dries committed
1165

1166 1167
function l($text, $url, $attributes = array(), $query = NULL) {
  return "<a href=\"". url($url, $query) ."\"". drupal_attributes($attributes) .">$text</a>";
Dries's avatar
 
Dries committed
1168 1169
}

Dries's avatar
 
Dries committed
1170
function field_get($string, $name) {
1171
  ereg(",?$name=([^,]+)", ", $string", $regs);
Dries's avatar
 
Dries committed
1172 1173 1174 1175 1176
  return $regs[1];
}

function field_set($string, $name, $value) {
  $rval = ereg_replace(",$name=[^,]+", "", ",$string");
Dries's avatar
 
Dries committed
1177
  if (isset($value)) {
Kjartan's avatar
Kjartan committed
1178 1179
    $rval .= ($rval == "," ? "" : ",") ."$name=$value";
  }
Dries's avatar
 
Dries committed
1180 1181 1182 1183
  return substr($rval, 1);
}

function link_page() {
1184
  global $custom_links;
Dries's avatar
 
Dries committed
1185

1186
  if (is_array($custom_links)) {
1187 1188 1189
    return $custom_links;
  }
  else {
Dries's avatar
 
Dries committed
1190
    $links = module_invoke_all("link", "page");
1191
    array_unshift($links, l(t("home"), "", array("title" => t("Return to the main page."))));
1192
    return $links;
Dries's avatar
 
Dries committed
1193
  }
Dries's avatar
 
Dries committed
1194
}
Dries's avatar
 
Dries committed
1195 1196

function link_node($node, $main = 0) {
Dries's avatar
 
Dries committed
1197
  return module_invoke_all("link", "node", $node, $main);
Dries's avatar
 
Dries committed
1198 1199 1200 1201
}

function timer_start() {
  global $timer;
Dries's avatar
 
Dries committed
1202 1203
  list($usec, $sec) = explode(" ", microtime());
  $timer = (float)$usec + (float)$sec;
Dries's avatar
 
Dries committed
1204 1205
}

Dries's avatar
 
Dries committed
1206
function drupal_page_header() {
1207

Dries's avatar
 
Dries committed
1208 1209 1210 1211 1212
  if (variable_get("dev_timer", 0)) {
    timer_start();
  }

  if (variable_get("cache", 0)) {
Dries's avatar
 
Dries committed
1213
    if ($cache = page_get_cache()) {
Dries's avatar
 
Dries committed
1214 1215

      // Set default values:
Dries's avatar
 
Dries committed
1216
      $date = gmdate("D, d M Y H:i:s", $cache->created) ." GMT";
Dries's avatar
 
Dries committed
1217 1218 1219
      $etag = '"'. md5($date) .'"';

      // Check http headers:
1220
      $modified_since = isset($_SERVER["HTTP_IF_MODIFIED_SINCE"]) ? $_SERVER["HTTP_IF_MODIFIED_SINCE"] == $date : NULL;
1221
      $none_match = isset($_SERVER["HTTP_IF_NONE_MATCH"]) ? $_SERVER["HTTP_IF_NONE_MATCH"] == $etag : NULL;
Dries's avatar
 
Dries committed
1222

1223 1224
      // The type checking here is very important, be careful when changing entries.
      if (($modified_since !== NULL || $none_match !== NULL) && $modified_since !== false && $none_match !== false) {
Dries's avatar
 
Dries committed
1225 1226
        header("HTTP/1.0 304 Not Modified");
        exit();
Dries's avatar
 
Dries committed
1227
      }
Dries's avatar
 
Dries committed
1228

1229 1230 1231
      // Send appropriate response:
      header("Last-Modified: $date");
      header("ETag: $etag");
Dries's avatar
 
Dries committed
1232
      print $cache->data;
Dries's avatar
 
Dries committed
1233 1234 1235 1236 1237 1238 1239 1240

      /*
      ** A hook for modules where modules may take action at the end of a
      ** request good uses include setting a cache, page logging, etc.
      */

      module_invoke_all("exit");

Dries's avatar
 
Dries committed
1241 1242 1243
      exit();
    }
  }