common.inc 37.1 KB
Newer Older
Dries's avatar
   
Dries committed
1
2
3
4
5
6
7
8
9
10
11
<?php
// $Id$

function conf_init() {

  /*
  ** Try finding a matching configuration file by stripping the website's
  ** URI from left to right.  If no configuration file is found, return a
  ** default value 'conf'.
  */

Dries's avatar
   
Dries committed
12
  $uri = $_SERVER["PHP_SELF"];
Dries's avatar
   
Dries committed
13

Dries's avatar
   
Dries committed
14
  $file = strtolower(strtr($_SERVER["HTTP_HOST"] . substr($uri, 0, strrpos($uri, "/")), "/:", ".."));
Dries's avatar
   
Dries committed
15
16
17
18
19
20
21
22
23
24
25
26
27

  while (strlen($file) > 4) {
    if (file_exists("includes/$file.php")) {
      return $file;
    }
    else {
      $file = substr($file, strpos($file, ".") + 1);
    }
  }

  return "conf";
}

Dries's avatar
   
Dries committed
28
29
30
/**
 * Build the alias/path array
 */
Dries's avatar
   
Dries committed
31
function drupal_get_path_map($action = "") {
Dries's avatar
   
Dries committed
32
33
  static $map;

Dries's avatar
   
Dries committed
34
35
36
37
  if ($action == "rebuild") {
    $map = NULL;
  }

Dries's avatar
   
Dries committed
38
39
40
  if (empty($map)) {
    $result = db_query("SELECT * FROM {path}");
    while ($data = db_fetch_object($result)) {
Dries's avatar
   
Dries committed
41
      $map[$data->dst] = $data->src;
Dries's avatar
   
Dries committed
42
43
44
45
46
47
    }
  }

  return $map;
}

Dries's avatar
   
Dries committed
48
49
50
51
function drupal_rebuild_path_map() {
  drupal_get_path_map("rebuild");
}

Dries's avatar
   
Dries committed
52
53
54
function error_handler($errno, $message, $filename, $line, $variables) {
  $types = array(1 => "error", 2 => "warning", 4 => "parse error", 8 => "notice", 16 => "core error", 32 => "core warning", 64 => "compile error", 128 => "compile warning", 256 => "user error", 512 => "user warning", 1024 => "user notice");
  $entry = $types[$errno] .": $message in $filename on line $line.";
Dries's avatar
   
Dries committed
55
56

  if ($errno & E_ALL ^ E_NOTICE) {
Dries's avatar
   
Dries committed
57
    watchdog("error", $types[$errno] .": $message in $filename on line $line.");
58
    print "<pre>$entry</pre>";
Dries's avatar
   
Dries committed
59
60
61
  }
}

Dries's avatar
   
Dries committed
62
function watchdog($type, $message, $link = NULL) {
Dries's avatar
   
Dries committed
63
  global $user;
Dries's avatar
   
Dries committed
64
  db_query("INSERT INTO {watchdog} (uid, type, message, link, location, hostname, timestamp) VALUES (%d, '%s', '%s', '%s', '%s', '%s', %d)", $user->uid, $type, $message, $link, request_uri(), getenv("REMOTE_ADDR"), time());
Dries's avatar
   
Dries committed
65
66
67
68
}

function throttle($type, $rate) {
  if (!user_access("access administration pages")) {
Dries's avatar
   
Dries committed
69
    if ($throttle = db_fetch_object(db_query("SELECT * FROM {watchdog} WHERE type = '$type' AND hostname = '". getenv("REMOTE_ADDR") ."' AND ". time() ." - timestamp < $rate"))) {
Dries's avatar
   
Dries committed
70
71
72
73
74
75
76
77
78
      watchdog("warning", "throttle: '". getenv("REMOTE_ADDR") ."' exceeded submission rate - $throttle->type");
      die(message_throttle());
    }
    else {
      watchdog($type, "throttle");
    }
  }
}

Dries's avatar
   
Dries committed
79
80
function check_php_setting($name, $value) {
  if (ini_get($name) != $value) {
Steven Wittens's avatar
Steven Wittens committed
81
    print "<p>Note that the value of PHP's configuration option <code><b>$name</b></code> is incorrect.  It should be set to '$value' for Drupal to work properly.  Either configure your webserver to support <code>.htaccess</code> files so Drupal's <code>.htaccess</code> file can set it to the proper value, or edit your <code>php.ini</code> file directly.  This message will automatically dissapear when the problem has been fixed.</p>";
Dries's avatar
   
Dries committed
82
83
84
  }
}

Dries's avatar
   
Dries committed
85
86
87
88
89
function arg($index) {

  static $arguments;

  if (empty($arguments)) {
Dries's avatar
   
Dries committed
90
    $arguments = explode("/", $_GET["q"]);
Dries's avatar
   
Dries committed
91
92
93
94
95
  }

  return $arguments[$index];
}

Dries's avatar
   
Dries committed
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
function array2object($node) {

  if (is_array($node)) {
    foreach ($node as $key => $value) {
      $object->$key = $value;
    }
  }
  else {
    $object = $node;
  }

  return $object;
}

function object2array($node) {

  if (is_object($node)) {
    foreach ($node as $key => $value) {
      $array[$key] = $value;
    }
  }
  else {
    $array = $node;
  }

  return $array;
}

Dries's avatar
   
Dries committed
124
125
126
127
128
129
130
131
132
function referer_uri() {

  if (isset($_SERVER["HTTP_REFERER"])) {
    $uri = $_SERVER["HTTP_REFERER"];

    return check_url($uri);
  }
}

Dries's avatar
   
Dries committed
133
function request_uri() {
Dries's avatar
   
Dries committed
134
135
136
137
  /*
  ** Since request_uri() is only available on Apache, we generate
  ** equivalent using other environment vars.
  */
Dries's avatar
   
Dries committed
138

Dries's avatar
   
Dries committed
139
  if (isset($_SERVER["REQUEST_URI"])) {
140
    $uri = $_SERVER["REQUEST_URI"];
Dries's avatar
   
Dries committed
141
142
  }
  else {
143
    $uri = $_SERVER["PHP_SELF"] ."?". $_SERVER["QUERY_STRING"];
Dries's avatar
   
Dries committed
144
  }
145

Dries's avatar
   
Dries committed
146
  return check_url($uri);
Dries's avatar
   
Dries committed
147
148
}

Dries's avatar
   
Dries committed
149
function message_access() {
Dries's avatar
   
Dries committed
150
  return t("You are not authorized to access this page.");
Dries's avatar
   
Dries committed
151
152
153
154
155
156
157
158
159
160
}

function message_na() {
  return t("n/a");
}

function message_throttle() {
  return t("You exceeded the maximum submission rate.  Please wait a few minutes and try again.");
}

Dries's avatar
   
Dries committed
161
162
function locale_init() {
  global $languages, $user;
Dries's avatar
   
Dries committed
163
164
165
166
167
168
  if ($user->uid && $languages[$user->language]) {
    return $user->language;
  }
  else {
    return key($languages);
  }
Dries's avatar
   
Dries committed
169
170
}

Dries's avatar
   
Dries committed
171
function t($string, $args = 0) {
Dries's avatar
   
Dries committed
172
  global $languages;
173

Dries's avatar
   
Dries committed
174
175
176
177
178
179
180
  /*
  ** About the usage of t().  We try to keep strings whole as much as
  ** possible and are unafraid of HTML markup within translation strings
  ** if necessary.  The suggested syntax for a link embedded within a
  ** translation string is for example:
  **
  ** $msg = t("You must login below or <a href=\"%url\">create a new
Dries's avatar
   
Dries committed
181
182
  **           account</a> before viewing the next page.", array("%url"
  **           => url("user/register")));
Dries's avatar
   
Dries committed
183
184
  */

185
  $string = ($languages && module_exist("locale") ? locale($string) : $string);
186

Dries's avatar
   
Dries committed
187
188
  if (!$args) {
    return $string;
Kjartan's avatar
Kjartan committed
189
190
  }
  else {
Dries's avatar
   
Dries committed
191
192
    return strtr($string, $args);
  }
Dries's avatar
   
Dries committed
193
194
195
}

function variable_init($conf = array()) {
Dries's avatar
   
Dries committed
196
  $result = db_query("SELECT * FROM {variable} ");
Dries's avatar
   
Dries committed
197
198
  while ($variable = db_fetch_object($result)) {
    if (!isset($conf[$variable->name])) {
Dries's avatar
   
Dries committed
199
      $conf[$variable->name] = unserialize($variable->value);
Dries's avatar
   
Dries committed
200
201
202
203
204
205
    }
  }

  return $conf;
}

206
function variable_get($name, $default) {
Dries's avatar
   
Dries committed
207
208
209
210
211
212
213
214
  global $conf;

  return isset($conf[$name]) ? $conf[$name] : $default;
}

function variable_set($name, $value) {
  global $conf;

Dries's avatar
   
Dries committed
215
216
  db_query("DELETE FROM {variable} WHERE name = '%s'", $name);
  db_query("INSERT INTO {variable} (name, value) VALUES ('%s', '%s')", $name, serialize($value));
Dries's avatar
   
Dries committed
217
218
219
220
221
222
223

  $conf[$name] = $value;
}

function variable_del($name) {
  global $conf;

Dries's avatar
   
Dries committed
224
  db_query("DELETE FROM {variable} WHERE name = '%s'", $name);
Dries's avatar
   
Dries committed
225
226
227
228

  unset($conf[$name]);
}

Dries's avatar
   
Dries committed
229
function drupal_specialchars($input, $quotes = ENT_NOQUOTES) {
Dries's avatar
   
Dries committed
230
231
232
233
234
235
236
237
238

  /*
  ** Note that we'd like to go 'htmlspecialchars($input, $quotes, "utf-8")'
  ** like the PHP manual tells us to, but we can't because there's a bug in
  ** PHP <4.3 that makes it mess up multibyte charsets if we specify the
  ** charset.  Change this later once we make PHP 4.3 a requirement.
  */

  return htmlspecialchars($input, $quotes);
Dries's avatar
   
Dries committed
239
240
}

Dries's avatar
   
Dries committed
241
function table_cell($cell, $header = 0) {
Dries's avatar
   
Dries committed
242
  if (is_array($cell)) {
Dries's avatar
   
Dries committed
243
244
245
246
247
248
249
250
251
252
253
    $data = $cell["data"];
    foreach ($cell as $key => $value) {
      if ($key != "data")  {
        $attributes .= " $key=\"$value\"";
      }
    }
  }
  else {
    $data = $cell;
  }

Dries's avatar
   
Dries committed
254
  if ($header) {
Dries's avatar
   
Dries committed
255
256
257
258
259
260
261
262
263
264
265
    $output = "<th$attributes>$data</th>";
  }
  else {
    $output = "<td$attributes>$data</td>";
  }

  return $output;
}

function table($header, $rows) {

266
  $output = "<table>\n";
Dries's avatar
   
Dries committed
267
268
269
270
271

  /*
  ** Emit the table header:
  */

Dries's avatar
   
Dries committed
272
273
274
  if (is_array($header)) {
    $output .= " <tr>";
    foreach ($header as $cell) {
Dries's avatar
   
Dries committed
275
276
277
      if (is_array($cell) && $cell["field"]) {
        $cell = tablesort($cell, $header);
      }
Dries's avatar
   
Dries committed
278
279
      $output .= table_cell($cell, 1);
    }
Dries's avatar
   
Dries committed
280
    $output .= " </tr>\n";
Dries's avatar
   
Dries committed
281
282
283
284
285
286
  }

  /*
  ** Emit the table rows:
  */

Dries's avatar
   
Dries committed
287
288
289
290
291
292
293
294
  if (is_array($rows)) {
    foreach ($rows as $number => $row) {
      if ($number % 2 == 1) {
        $output .= " <tr class=\"light\">";
      }
      else {
        $output .= " <tr class=\"dark\">";
      }
Dries's avatar
   
Dries committed
295

Dries's avatar
   
Dries committed
296
297
298
      foreach ($row as $cell) {
        $output .= table_cell($cell, 0);
      }
Dries's avatar
   
Dries committed
299
      $output .= " </tr>\n";
Dries's avatar
   
Dries committed
300
301
302
    }
  }

Dries's avatar
   
Dries committed
303
  $output .= "</table>\n";
Dries's avatar
   
Dries committed
304
305
306
307

  return $output;
}

308
309
310
311
312
313
/**
 * Verify the syntax of the given e-mail address.  Empty e-mail addresses
 * are allowed.  See RFC 2822 for details.
 *
 * @param $mail  a email address
 */
Dries's avatar
   
Dries committed
314
function valid_email_address($mail) {
315
316
317
318
319
320
321
322
323
324
325
326
327
  $user = '[a-zA-Z0-9_\-\.\+\^!#\$%&*+\/\=\?\`\|\{\}~\']+';
  $domain = '(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9]\.?)+';
  $ipv4 = '[0-9]{1,3}(\.[0-9]{1,3}){3}';
  $ipv6 = '[0-9a-fA-F]{1,4}(\:[0-9a-fA-F]{1,4}){7}';

  if (preg_match("/^$user@($domain|(\[($ipv4|$ipv6)\]))$/", $mail)) {
    return 1;
  }
  else {
    return 0;
  }
}

Dries's avatar
   
Dries committed
328
329
330
331
332
333
334
/**
 * Verify the syntax of the given URL.
 *
 * @param $url  an URL
 */
function valid_url($url) {

Dries's avatar
   
Dries committed
335
  if (preg_match("/^[a-zA-z0-9\/:_\-_\.,]+$/", $url)) {
Dries's avatar
   
Dries committed
336
337
338
339
340
341
342
    return 1;
  }
  else {
    return 0;
  }
}

Kjartan's avatar
Kjartan committed
343
344
345
346
/**
 * Format a single result entry of a search query:
 *
 * @param $item  a single search result as returned by <module>_search of type
Dries's avatar
   
Dries committed
347
 *               array("count" => ..., "link" => ..., "title" => ...,
Kjartan's avatar
Kjartan committed
348
349
350
 *               "user" => ..., "date" => ..., "keywords" => ...)
 * @param $type  module type of this item
 */
Dries's avatar
   
Dries committed
351
function search_item($item, $type) {
Dries's avatar
   
Dries committed
352
353
354
355
356
357
358
359
360
361

  /*
  ** Modules may implement the "search_item" hook in order to overwrite
  ** the default function to display search results.
  */

  if (module_hook($type, "search_item")) {
    $output = module_invoke($type, "search_item", $item);
  }
  else {
Dries's avatar
   
Dries committed
362
    $output .= " <b><u><a href=\"". $item["link"] ."\">". $item["title"] ."</a></u></b><br />";
Dries's avatar
   
Dries committed
363
364
365
    $output .= " <small>$type ". ($item["user"] ? " - ". $item["user"] : "") ."". ($item["date"] ? " - ". format_date($item["date"], "small") : "") ."</small>";
    $output .= "<br /><br />";
  }
Dries's avatar
   
Dries committed
366
367
368
369

  return $output;
}

Kjartan's avatar
Kjartan committed
370
371
372
373
/**
 * Render a generic search form.
 *
 * "Generic" means "universal usable" - that is, usable not only from
Dries's avatar
   
Dries committed
374
 * 'site.com/search', but also as a simple seach box (without
Dries's avatar
   
Dries committed
375
376
 * "Restrict search to", help text, etc) from theme's header etc.
 * This means: provide options to only conditionally render certain
Kjartan's avatar
Kjartan committed
377
378
 * parts of this form.
 *
Dries's avatar
   
Dries committed
379
 * @param $action  Form action. Defaults to 'site.com/search'.
Dries's avatar
   
Dries committed
380
 * @param $keys   string containing keywords for the search.
Dries's avatar
   
Dries committed
381
 * @param $options != 0: Render additional form fields/text
Kjartan's avatar
Kjartan committed
382
383
 *                 ("Restrict search to", help text, etc).
 */
Dries's avatar
   
Dries committed
384
function search_form($action = NULL, $keys = NULL, $options = NULL) {
Dries's avatar
   
Dries committed
385
386

  if (!$action) {
Dries's avatar
   
Dries committed
387
    $action = url("search");
Dries's avatar
   
Dries committed
388
389
  }

Kjartan's avatar
Kjartan committed
390
391
  $output .= " <br /><input type=\"text\" size=\"50\" value=\"". check_form($keys) ."\" name=\"keys\" />";
  $output .= " <input type=\"submit\" value=\"". t("Search") ."\" />\n";
Dries's avatar
   
Dries committed
392
393
394
395
396
397
398

  if ($options != 0) {
    $output .= "<br />";
    $output .= t("Restrict search to") .": ";

    foreach (module_list() as $name) {
      if (module_hook($name, "search")) {
Kjartan's avatar
Kjartan committed
399
        $output .= " <input type=\"checkbox\" name=\"edit[type][$name]\" ". ($edit["type"][$name] ? " checked=\"checked\"" : "") ." /> ". t($name);
Dries's avatar
   
Dries committed
400
401
402
403
      }
    }
  }

Kjartan's avatar
Kjartan committed
404
405
  $form .= "<br />";

Dries's avatar
   
Dries committed
406
407
408
409
  return form($output, "post", $action);
}

/*
Kjartan's avatar
Kjartan committed
410
411
 * Collect the search results:
 */
Dries's avatar
   
Dries committed
412
function search_data($keys = NULL) {
Dries's avatar
   
Dries committed
413
414

  $edit = $_POST["edit"];
Dries's avatar
   
Dries committed
415

Dries's avatar
   
Dries committed
416
  if (isset($keys)) {
Dries's avatar
   
Dries committed
417
    foreach (module_list() as $name) {
Dries's avatar
   
Dries committed
418
      if (module_hook($name, "search") && (!$edit["type"] || $edit["type"][$name]) && ($result = module_invoke($name, "search", $keys))) {
Kjartan's avatar
Kjartan committed
419
        if ($name == "node" || $name == "comment") {
Dries's avatar
   
Dries committed
420
          $output .= "<p><b>". t("Matching ". $name ."s ranked in order of relevance") .":</b></p>";
Kjartan's avatar
Kjartan committed
421
422
        }
        else {
Dries's avatar
   
Dries committed
423
          $output .= "<p><b>". t("Matching ". $name ."s") .":</b></p>";
Kjartan's avatar
Kjartan committed
424
        }
Dries's avatar
   
Dries committed
425
426
427
428
429
430
431
432
433
434
        foreach ($result as $entry) {
          $output .= search_item($entry, $name);
        }
      }
    }
  }

  return $output;
}

Kjartan's avatar
Kjartan committed
435
436
437
/**
 * Display the search form and the resulting data.
 *
Dries's avatar
   
Dries committed
438
 * @param $type    If set, search only nodes of this type.
Kjartan's avatar
Kjartan committed
439
 *                 Otherwise, search all types.
Dries's avatar
   
Dries committed
440
 * @param $action  Form action. Defaults to 'site.com/search'.
Kjartan's avatar
Kjartan committed
441
 * @param $query   Query string. Defaults to global $keys.
Dries's avatar
   
Dries committed
442
 * @param $options != 0: Render additional form fields/text
Kjartan's avatar
Kjartan committed
443
444
 *                 ("Restrict search to", help text, etc).
 */
Dries's avatar
   
Dries committed
445
function search_type($type, $action = NULL, $keys = NULL, $options = NULL) {
Dries's avatar
   
Dries committed
446

Dries's avatar
   
Dries committed
447
  $_POST["edit"]["type"][$type] = "on";
Dries's avatar
   
Dries committed
448

Dries's avatar
   
Dries committed
449
  return search_form($action, $keys, $options) . "<br />". search_data($keys);
Dries's avatar
   
Dries committed
450
451
}

Dries's avatar
   
Dries committed
452

Dries's avatar
   
Dries committed
453
454
function drupal_goto($url) {

Dries's avatar
   
Dries committed
455
456
457
  /*
  ** Translate &amp; to simply &
  */
Dries's avatar
   
Dries committed
458

Dries's avatar
   
Dries committed
459
  $url = str_replace("&amp;", "&", $url);
Dries's avatar
   
Dries committed
460

Dries's avatar
   
Dries committed
461
462
463
464
465
  /*
  ** It is advised to use "drupal_goto()" instead of PHP's "header()" as
  ** "drupal_goto()" will append the user's session ID to the URI when PHP
  ** is compiled with "--enable-trans-sid".
  */
Dries's avatar
   
Dries committed
466
  if (!ini_get("session.use_trans_sid") || !session_id() || strstr($url, session_id())) {
Dries's avatar
   
Dries committed
467
468
469
    header("Location: $url");
  }
  else {
Dries's avatar
   
Dries committed
470
471
472
473
474
475
476
477
    $sid = session_name() . "=" . session_id();

    if (strstr($url, "?") && !strstr($url, $sid)) {
      header("Location: $url&". $sid);
    }
    else {
      header("Location: $url?". $sid);
    }
Dries's avatar
   
Dries committed
478
479
480
481
  }

  /*
  ** The "Location" header sends a REDIRECT status code to the http
Dries's avatar
   
Dries committed
482
  ** daemon.  In some cases this can go wrong, so we make sure none
Dries's avatar
   
Dries committed
483
484
485
486
487
488
489
490
491
492
493
  ** of the code /below/ gets executed when we redirect.
  */

  exit();
}

/*
** Stores the referer in a persistent variable:
*/

function referer_save() {
Dries's avatar
   
Dries committed
494
495
  if (!strstr(referer_uri(), request_uri())) {
    $_SESSION["referer"] = referer_uri();
Dries's avatar
   
Dries committed
496
497
498
499
500
501
502
503
  }
}

/*
** Restores the referer from a persistent variable:
*/

function referer_load() {
Dries's avatar
   
Dries committed
504
505
  if (isset($_SESSION["referer"])) {
    return $_SESSION["referer"];
Dries's avatar
   
Dries committed
506
507
508
509
510
511
  }
  else {
    return 0;
  }
}

512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574

/*
** Save a common file
*/
function drupal_file_save($file) {
  global $user;
  // TODO: extend to support filesystem storage
  if (variable_get("file_save", "database")) {
    if ($file->fid) {
      if ($file->tmp_name) {
        $data = fread(fopen($file->tmp_name, "rb"), $file->size);
        db_query("UPDATE {file} SET uid = %d, filename = '%s', type = '%s', size = %d, counter = %d, data = '%s', temporary = %d WHERE fid = %d", $file->uid, $file->filename, $file->type, $file->size, $file->counter, base64_encode($data), $file->temporary, $file->fid);
      }
      else {
        db_query("UPDATE {file} SET uid = %d, filename = '%s', type = '%s', size = %d, counter = %d, temporary = %d WHERE fid = %d", $file->uid, $file->filename, $file->type, $file->size, $file->counter, $file->temporary, $file->fid);
      }
    }
    else {
      if ($file->tmp_name) {
        $file->fid = db_next_id("file_fid");
        $data = fread(fopen($file->tmp_name, "rb"), $file->size);
        db_query("INSERT INTO {file} SET fid = %d, uid = %d, created = %d, filename = '%s', type = '%s', size = %d, counter = 0, data = '%s', temporary = %d", $file->fid, $user->uid, time(), $file->filename, $file->type, $file->size, base64_encode($data), $file->temporary);
      }
      else {
        return 0;
      }
    }
  }
  return $file->fid;
}

/*
** Load a common file
*/
function drupal_file_load($fid, $data = 0) {
  // TODO: extend to support filesystem storage
  if (variable_get("file_save", "database")) {
    if ($data) {
      $file = db_fetch_object(db_query("SELECT * FROM {file} WHERE fid = %d", $fid));
    }
    else {
      $file = db_fetch_object(db_query("SELECT fid, uid, filename, created, type, size, counter, temporary FROM {file} WHERE fid = %d", $fid));
    }

    if ($file->data) {
      $file->data = base64_decode($file->data);
    }
    return $file;
  }
}

/*
** Generate the HTTP headers and dump the data
*/
function drupal_file_send($fid) {
  if (($file = drupal_file_load($fid, 1))) {
    header("Content-type: $file->type");
    header("Content-length: $file->size");
    header("Content-Disposition: inline; filename=$file->filename");
    print $file->data;
  }
}

Dries's avatar
   
Dries committed
575
function valid_input_data($data) {
576

577
  if (is_array($data) || is_object($data)) {
578
579
580
581
582
    /*
    ** Form data can contain a number of nested arrays.
    */

    foreach ($data as $key => $value) {
Dries's avatar
   
Dries committed
583
584
585
      if (!valid_input_data($value)) {
        return 0;
      }
586
587
588
589
590
591
592
    }
  }
  else {
    /*
    ** Detect evil input data.
    */

Dries's avatar
Dries committed
593
    // check strings:
Dries's avatar
Dries committed
594
    $match  = preg_match("/\Wjavascript\s*:/i", $data);
Dries's avatar
Dries committed
595
596
597
    $match += preg_match("/\Wexpression\s*\(/i", $data);
    $match += preg_match("/\Walert\s*\(/i", $data);

598
    // check attributes:
Dries's avatar
Dries committed
599
    $match += preg_match("/\W(dynsrc|datasrc|data|lowsrc|on[a-z]+)\s*=[^>]+?>/i", $data);
Dries's avatar
   
Dries committed
600

601
602

    // check tags:
Dries's avatar
   
Dries committed
603
    $match += preg_match("/<\s*(applet|script|object|style|embed|form|blink|meta|html|frame|iframe|layer|ilayer|head|frameset|xml)/i", $data);
604
605
606

    if ($match) {
      watchdog("warning", "terminated request because of suspicious input data: ". drupal_specialchars($data));
Dries's avatar
   
Dries committed
607
      return 0;
608
609
    }
  }
Dries's avatar
   
Dries committed
610
611

  return 1;
612
}
Dries's avatar
   
Dries committed
613

614
function check_url($uri) {
Dries's avatar
   
Dries committed
615
616
617
618
619
620
621
622
623
624
625
626
  $uri = htmlspecialchars($uri, ENT_QUOTES);

  /*
  ** We replace ( and ) with their entity equivalents to prevent XSS
  ** attacks.
  */

  $uri = strtr($uri, array("(" => "&040;", ")" => "&041;"));

  return $uri;
}

Dries's avatar
   
Dries committed
627
function check_form($text) {
Dries's avatar
   
Dries committed
628
  return drupal_specialchars($text, ENT_QUOTES);
Dries's avatar
   
Dries committed
629
630
}

Dries's avatar
   
Dries committed
631
function check_query($text) {
Dries's avatar
   
Dries committed
632
  return addslashes($text);
Dries's avatar
   
Dries committed
633
634
635
}

function filter($text) {
Dries's avatar
   
Dries committed
636

Dries's avatar
   
Dries committed
637
638
639
640
641
642
643
644
645
646
647
648
649
  $modules = module_list();

  /*
  ** Make sure the HTML filters that are part of the node module
  ** are run first.
  */

  if (in_array("node", $modules)) {
    $text = module_invoke("node", "filter", $text);
  }

  foreach ($modules as $name) {
    if (module_hook($name, "filter") && $name != "node") {
Dries's avatar
   
Dries committed
650
651
652
653
654
      $text = module_invoke($name, "filter", $text);
    }
  }

  return $text;
Dries's avatar
   
Dries committed
655
656
}

Dries's avatar
   
Dries committed
657
658
function rewrite_old_urls($text) {

Dries's avatar
   
Dries committed
659
660
661
662
  global $base_url;

  $end = substr($base_url, 12);

Dries's avatar
   
Dries committed
663
664
665
  /*
  ** This is a *temporary* filter to rewrite old-style URLs to new-style
  ** URLs (clean URLs).  Currently, URLs are being rewritten dynamically
Dries's avatar
   
Dries committed
666
667
  ** (ie. "on output"), however when these rewrite rules have been tested
  ** enough, we will use them to permanently rewrite the links in node
Dries's avatar
   
Dries committed
668
669
670
  ** and comment bodies.
  */

Dries's avatar
   
Dries committed
671
  if (variable_get("clean_url", "0") == "0") {
Dries's avatar
   
Dries committed
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
    /*
    ** Relative URLs:
    */

    // rewrite 'node.php?id=<number>[&cid=<number>]' style URLs:
    $text = eregi_replace("\"(node)\.php\?id=([[:digit:]]+)(&cid=)?([[:digit:]]*)", "\"?q=\\1/view/\\2/\\4", $text);

    // rewrite 'module.php?mod=<name>{&<op>=<value>}' style URLs:
    $text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "\"?q=\\2/\\4/\\6" , $text);
    $text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "\"?q=\\2/\\4", $text);
    $text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))", "\"?q=\\2", $text);

    /*
    ** Absolute URLs:
    */

Dries's avatar
   
Dries committed
688
    // rewrite 'node.php?id=<number>[&cid=<number>]' style URLs:
Dries's avatar
   
Dries committed
689
    $text = eregi_replace("$end/(node)\.php\?id=([[:digit:]]+)(&cid=)?([[:digit:]]*)", "$end/?q=\\1/view/\\2/\\4", $text);
Dries's avatar
   
Dries committed
690

Dries's avatar
   
Dries committed
691
    // rewrite 'module.php?mod=<name>{&<op>=<value>}' style URLs:
Dries's avatar
   
Dries committed
692
693
694
    $text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/?q=\\2/\\4/\\6" , $text);
    $text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/?q=\\2/\\4", $text);
    $text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))", "\"$end/?q=\\2", $text);
Dries's avatar
   
Dries committed
695
696
  }
  else {
Dries's avatar
   
Dries committed
697
698
699
700
    /*
    ** Relative URLs:
    */

Dries's avatar
   
Dries committed
701
    // rewrite 'node.php?id=<number>[&cid=<number>]' style URLs:
Dries's avatar
   
Dries committed
702
    $text = eregi_replace("\"(node)\.php\?id=([[:digit:]]+)(&cid=)?([[:digit:]]*)", "\"\\1/view/\\2/\\4", $text);
Dries's avatar
   
Dries committed
703
704

    // rewrite 'module.php?mod=<name>{&<op>=<value>}' style URLs:
Dries's avatar
   
Dries committed
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
    $text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "\"\\2/\\4/\\6", $text);
    $text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "\"\\2/\\4", $text);
    $text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))", "\"\\2", $text);

    /*
    ** Absolute URLs:
    */

    // rewrite 'node.php?id=<number>[&cid=<number>]' style URLs:
    $text = eregi_replace("$end/(node)\.php\?id=([[:digit:]]+)(&cid=)?([[:digit:]]*)", "$end/\\1/view/\\2/\\4", $text);

    // rewrite 'module.php?mod=<name>{&<op>=<value>}' style URLs:
    $text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/\\2/\\4/\\6", $text);
    $text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/\\2/\\4", $text);
    $text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/\\2", $text);
}
Dries's avatar
   
Dries committed
721

Dries's avatar
   
Dries committed
722
723
724
  return $text;
}

Dries's avatar
   
Dries committed
725
function check_output($text) {
Dries's avatar
   
Dries committed
726
  if (isset($text)) {
Dries's avatar
   
Dries committed
727
728
729
730
    // filter content on output:
    $text = filter($text);

    // get the line breaks right:
Dries's avatar
   
Dries committed
731
    if (strip_tags($text, "<a><i><b><u><tt><code><cite><strong><img>") == $text) {
Dries's avatar
   
Dries committed
732
733
734
735
736
737
738
739
      $text = nl2br($text);
    }
  }
  else {
    $text = message_na();
  }

  return $text;
Dries's avatar
   
Dries committed
740
741
}

742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
/**
* Checks if a file is valid and correct.
*
* @param $name the name of the form_file item
* @param $type restrict to mime types
* @param $size restrict file size
* @param $paranoid flag to make sure file belongs to the current user
*
* @returns mixed file object, or error object, or false if there is no file
*/
function check_file($name, $type = "/.+/", $size = 0) {
  // Make sure we don't have a file stored temporarily
  if ($_POST["edit"]["__file"][$name]) {
    $file = drupal_file_load($_POST["edit"]["__file"][$name]);
    if (!$file->temporary) {
      unset($file);
    }
Dries's avatar
   
Dries committed
759
  }
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797

  // make sure $name exists in $_FILES
  if ($_FILES["edit"]["name"][$name]) {

    // populate $file object to make further testing simpler
    $file->filename = $_FILES["edit"]["name"][$name];
    $file->type = $_FILES["edit"]["type"][$name];
    $file->tmp_name = $_FILES["edit"]["tmp_name"][$name];
    $file->error = $_FILES["edit"]["error"][$name];
    $file->size = $_FILES["edit"]["size"][$name];

    if (!valid_input_data($file)) {
      $return->error = t("possible exploit abuse");
    }

    // make sure the file is a valid upload
    if (!is_uploaded_file($file->tmp_name) || $file->error == UPLOAD_ERR_PARTIAL || $file->error == UPLOAD_ERR_NO_FILE) {
      $return->error = t("invalid file upload");
    }

    // validate the file type uploaded
    if (!preg_match($type, $file->filename)) {
      $return->error = t("invalid file type");
    }

    // check the file size to make sure the file isn't too big
    if (($size && $file->size > $size) || $file->error == UPLOAD_ERR_INI_SIZE || $file->error == UPLOAD_ERR_FORM_SIZE) {
      $return->error = t("file size too big");
    }

    if (!$return->error) {
      $file->temporary = 1;
      $file->fid = drupal_file_save($file);
    }
  }

  if ($return->error) {
    return $return;
Dries's avatar
   
Dries committed
798
  }
799
800

  return $file ? $file : false;
Dries's avatar
   
Dries committed
801
802
}

Dries's avatar
   
Dries committed
803
804
805
function format_rss_channel($title, $link, $description, $items, $language = "en", $args = array()) {
  // arbitrary elements may be added using the $args associative array

Dries's avatar
   
Dries committed
806
  $output .= "<channel>\n";
Dries's avatar
   
Dries committed
807
808
809
810
  $output .= " <title>". drupal_specialchars(strip_tags($title)) ."</title>\n";
  $output .= " <link>". drupal_specialchars(strip_tags($link)) ."</link>\n";
  $output .= " <description>". drupal_specialchars($description) ."</description>\n";
  $output .= " <language>". drupal_specialchars(strip_tags($language)) ."</language>\n";
Dries's avatar
   
Dries committed
811
  foreach ($args as $key => $value) {
Dries's avatar
   
Dries committed
812
    $output .= " <$key>". drupal_specialchars(strip_tags($value)) ."</$key>\n";
Dries's avatar
   
Dries committed
813
  }
Dries's avatar
   
Dries committed
814
815
816
817
818
819
  $output .= $items;
  $output .= "</channel>\n";

  return $output;
}

Dries's avatar
   
Dries committed
820
821
822
function format_rss_item($title, $link, $description, $args = array()) {
  // arbitrary elements may be added using the $args associative array

Dries's avatar
   
Dries committed
823
  $output .= "<item>\n";
Dries's avatar
   
Dries committed
824
825
826
  $output .= " <title>". drupal_specialchars(strip_tags($title)) ."</title>\n";
  $output .= " <link>". drupal_specialchars(strip_tags($link)) ."</link>\n";
  $output .= " <description>". drupal_specialchars(check_output($description)) ."</description>\n";
Dries's avatar
   
Dries committed
827
  foreach ($args as $key => $value) {
Dries's avatar
   
Dries committed
828
    $output .= "<$key>". drupal_specialchars(strip_tags($value)) ."</$key>";
Dries's avatar
   
Dries committed
829
  }
Dries's avatar
   
Dries committed
830
831
832
833
834
  $output .= "</item>\n";

  return $output;
}

Dries's avatar
   
Dries committed
835
836
837
838
839
840
841
842
843
844
845
846
847
848
/**
 * Formats a string with a count of items so that the string is pluralized
 * correctly.
 * format_plural calls t() by itself, make sure not to pass already localized
 * strings to it.
 *
 * @param $count    The item count to display.
 * @param $singular The string for the singular case. Please make sure it's clear
 *                  this is singular, to ease translation. ("1 new comment" instead of
 *                  "1 new").
 * @param $plural   The string for the plrual case. Please make sure it's clear
 *                  this is plural, to ease translation. Use %count in places of the
 *                  item count, as in "%count new comments".
 */
Dries's avatar
   
Dries committed
849
function format_plural($count, $singular, $plural) {
Dries's avatar
   
Dries committed
850
  return t($count == 1 ? $singular : $plural, array("%count" => $count));
Dries's avatar
   
Dries committed
851
852
853
}

function format_size($size) {
Dries's avatar
   
Dries committed
854
  $suffix = t("bytes");
Dries's avatar
   
Dries committed
855
856
  if ($size > 1024) {
    $size = round($size / 1024, 2);
Dries's avatar
   
Dries committed
857
    $suffix = t("KB");
Dries's avatar
   
Dries committed
858
859
860
  }
  if ($size > 1024) {
    $size = round($size / 1024, 2);
Dries's avatar
   
Dries committed
861
    $suffix = t("MB");
Dries's avatar
   
Dries committed
862
  }
Dries's avatar
   
Dries committed
863
  return t("%size %suffix", array("%size" => $size, "%suffix" => $suffix));
Dries's avatar
   
Dries committed
864
865
}

Dries's avatar
   
Dries committed
866
function cache_get($key) {
Dries's avatar
   
Dries committed
867
  $cache = db_fetch_object(db_query("SELECT data, created FROM {cache} WHERE cid = '%s'", $key));
Dries's avatar
   
Dries committed
868
  return $cache->data ? $cache : 0;
Dries's avatar
   
Dries committed
869
870
871
}

function cache_set($cid, $data, $expire = 0) {
Dries's avatar
   
Dries committed
872
873
  if (db_fetch_object(db_query("SELECT cid FROM {cache} WHERE cid = '%s'", $cid))) {
    db_query("UPDATE {cache} SET data = '%s', created = %d, expire = %d WHERE cid = '%s'", $data, time(), $expire, $cid);
Dries's avatar
   
Dries committed
874
875
  }
  else {
Dries's avatar
   
Dries committed
876
    db_query("INSERT INTO {cache} (cid, data, created, expire) VALUES('%s', '%s', %d, %d)", $cid, $data, time(), $expire);
Dries's avatar
   
Dries committed
877
  }
Dries's avatar
   
Dries committed
878
879
}

Dries's avatar
   
Dries committed
880
881
function cache_clear_all($cid = NULL) {
  if (empty($cid)) {
Dries's avatar
   
Dries committed
882
    db_query("DELETE FROM {cache} WHERE expire <> 0");
Dries's avatar
   
Dries committed
883
884
  }
  else {
Dries's avatar
   
Dries committed
885
    db_query("DELETE FROM {cache} WHERE cid = '%s'", $cid);
Dries's avatar
   
Dries committed
886
  }
Dries's avatar
   
Dries committed
887
888
889
}

function page_set_cache() {
Dries's avatar
   
Dries committed
890
  global $user;
Dries's avatar
   
Dries committed
891

Dries's avatar
   
Dries committed
892
  if (!$user->uid && $_SERVER["REQUEST_METHOD"] == "GET") {
Dries's avatar
   
Dries committed
893
    if ($data = ob_get_contents()) {
Dries's avatar
   
Dries committed
894
      cache_set(request_uri(), $data, 1);
Dries's avatar
   
Dries committed
895
896
897
898
    }
  }
}

Dries's avatar
   
Dries committed
899
function page_get_cache() {
Dries's avatar
   
Dries committed
900
  global $user;
Dries's avatar
   
Dries committed
901

Dries's avatar
   
Dries committed
902
903
  $cache = NULL;

Dries's avatar
   
Dries committed
904
  if (!$user->uid && $_SERVER["REQUEST_METHOD"] == "GET") {
Dries's avatar
   
Dries committed
905
906
907
    $cache = cache_get(request_uri());

    if (empty($cache)) {
Dries's avatar
   
Dries committed
908
      ob_start();
Dries's avatar
   
Dries committed
909
910
    }
  }
Dries's avatar
   
Dries committed
911

Dries's avatar
   
Dries committed
912
  return $cache;
Dries's avatar
   
Dries committed
913
914
915
}

function format_interval($timestamp) {
Dries's avatar
   
Dries committed
916
  $units = array("1 year|%count years" => 31536000, "1 week|%count weeks" => 604800, "1 day|%count days" => 86400, "1 hour|%count hours" => 3600, "1 min|%count min" => 60, "1 sec|%count sec" => 1);
Kjartan's avatar
Kjartan committed
917
  foreach ($units as $key=>$value) {
Dries's avatar
   
Dries committed
918
919
920
921
922
923
    $key = explode("|", $key);
    if ($timestamp >= $value) {
      $output .= ($output ? " " : "") . format_plural(floor($timestamp / $value), $key[0], $key[1]);
      $timestamp %= $value;
    }
  }
Dries's avatar
   
Dries committed
924
  return ($output) ? $output : t("0 sec");
Dries's avatar
   
Dries committed
925
926
927
928
929
}

function format_date($timestamp, $type = "medium", $format = "") {
  global $user;

Kjartan's avatar
Kjartan committed
930
  $timestamp += ($user->timezone) ? $user->timezone - date("Z") : 0;
Dries's avatar
   
Dries committed
931
932
933

  switch ($type) {
    case "small":
Dries's avatar
   
Dries committed
934
      $format = variable_get("date_format_short", "m/d/Y - H:i");
Dries's avatar
   
Dries committed
935
936
      break;
    case "large":
Dries's avatar
   
Dries committed
937
      $format = variable_get("date_format_long", "l, F j, Y - H:i");
Dries's avatar
   
Dries committed
938
939
      break;
    case "custom":
Dries's avatar
   
Dries committed
940
      // No change to format
Dries's avatar
   
Dries committed
941
      break;
Dries's avatar
   
Dries committed
942
    case "medium":
Dries's avatar
   
Dries committed
943
    default:
Dries's avatar
   
Dries committed
944
945
946
947
948
949
950
951
952
953
954
955
956
      $format = variable_get("date_format_medium", "D, m/d/Y - H:i");
  }

  for ($i = strlen($format); $i >= 0; $c = $format[--$i]) {
    if (strstr("DFlMSw", $c)) {
      $date = t(date($c, $timestamp)) . $date;
    }
    else if (strstr("AaBdgGhHiIjLmnOrstTUWYyZz", $c)) {
      $date = date($c, $timestamp) . $date;
    }
    else {
      $date = $c.$date;
    }
Dries's avatar
   
Dries committed
957
958
959
960
961
962
963
  }
  return $date;
}

function format_name($object) {

  if ($object->uid && $object->name) {
Dries's avatar
Dries committed
964
965
966
967
968
969
970
971
972
973
974
975
    /*
    ** Shorten the name when it is too long or it will break many
    ** tables.
    */

    if (strlen($object->name) > 20) {
      $name = substr($object->name, 0, 15) ."...";
    }
    else {
      $name = $object->name;
    }

Dries's avatar
   
Dries committed
976
    if (arg(0) == "admin") {
Dries's avatar
Dries committed
977
      $output = l($name, "admin/user/edit/$object->uid", array("title" => t("Administer user profile.")));
Dries's avatar
   
Dries committed
978
979
    }
    else {
Dries's avatar
Dries committed
980
      $output = l($name, "user/view/$object->uid", array("title" => t("View user profile.")));
Dries's avatar
   
Dries committed
981
    }
Dries's avatar
   
Dries committed
982
  }
Dries's avatar
   
Dries committed
983
984
985
986
987
988
989
990
991
992
  else if ($object->name) {
    /*
    ** Sometimes modules display content composed by people who are
    ** not registers members of the site (i.e. mailing list or news
    ** aggregator modules).  This clause enables modules to display
    ** the true author of the content.
    */

    $output = $object->name;
  }
Dries's avatar
   
Dries committed
993
  else {
Dries's avatar
   
Dries committed
994
    $output = t(variable_get("anonymous", "Anonymous"));
Dries's avatar
   
Dries committed
995
996
  }

Dries's avatar
   
Dries committed
997
  return $output;
Dries's avatar
   
Dries committed
998
999
1000
}

function form($form, $method = "post", $action = 0, $options = 0) {
Dries's avatar
   
Dries committed
1001
1002

  if (!$action) {
1003
    $action = request_uri();
Dries's avatar
   
Dries committed
1004
  }
1005
  return "<form action=\"$action\" method=\"$method\"". drupal_attributes($options) .">\n$form\n</form>\n";
Dries's avatar
   
Dries committed
1006
1007
1008
}

function form_item($title, $value, $description = 0) {
Dries's avatar
   
Dries committed
1009
  return "<div class=\"form-item\">". ($title ? "<div class=\"title\">$title:</div>" : "") . $value . ($description ? "<div class=\"description\">$description</div>" : "") ."</div>\n";
Dries's avatar
   
Dries committed
1010
1011
}

1012
1013
function form_radio($title, $name, $value = 1, $checked = 0, $description = 0, $attributes = 0) {
  return form_item(0, "<input type=\"radio\" class=\"form-radio\" name=\"edit[$name]\" value=\"". $value ."\"". ($checked ? " checked=\"checked\"" : "") . drupal_attributes($attributes) ." /> $title", $description);
Dries's avatar
   
Dries committed
1014
1015
}

1016
1017
function form_checkbox($title, $name, $value = 1, $checked = 0, $description = 0, $attributes = 0) {
  return form_hidden($name, 0) . form_item(0, "<input type=\"checkbox\" class=\"form-checkbox\" name=\"edit[$name]\" value=\"". $value ."\"". ($checked ? " checked=\"checked\"" : "") . drupal_attributes($attributes) ." /> $title", $description);
Dries's avatar
   
Dries committed
1018
1019
}

1020
function form_textfield($title, $name, $value, $size, $maxlength, $description = 0, $attributes = 0) {
Dries's avatar
   
Dries committed
1021
  $size = $size ? " size=\"$size\"" : "";
1022
  return form_item($title, "<input type=\"text\" maxlength=\"$maxlength\" class=\"form-text\" name=\"edit[$name]\"$size value=\"". check_form($value) ."\"". drupal_attributes($attributes) ." />", $description);
Dries's avatar
   
Dries committed
1023
1024
}

1025
function form_password($title, $name, $value, $size, $maxlength, $description = 0, $attributes = 0) {
Dries's avatar
   
Dries committed
1026
  $size = $size ? " size=\"$size\"" : "";
1027
  return form_item($title, "<input type=\"password\" class=\"form-password\" maxlength=\"$maxlength\" name=\"edit[$name]\"$size value=\"". check_form($value) ."\"". drupal_attributes($attributes) ." />", $description);
Dries's avatar
   
Dries committed
1028
1029
}

1030
function form_textarea($title, $name, $value, $cols, $rows, $description = 0, $attributes = 0) {
Dries's avatar
   
Dries committed
1031
  $cols = $cols ? " cols=\"$cols\"" : "";
Dries's avatar
   
Dries committed
1032
  module_invoke_all("textarea", $name);  // eg. optionally plug in a WYSIWYG editor
1033
  return form_item($title, "<textarea wrap=\"virtual\"$cols rows=\"$rows\" name=\"edit[$name]\" id=\"edit[$name]\"". drupal_attributes($attributes) .">". check_form($value) ."</textarea>", $description);
Dries's avatar
   
Dries committed
1034
1035
}

Dries's avatar
   
Dries committed
1036
function form_select($title, $name, $value, $options, $description = 0, $extra = 0, $multiple = 0) {
Dries's avatar
   
Dries committed
1037
  if (count($options) > 0) {
Kjartan's avatar
Kjartan committed
1038
    foreach ($options as $key=>$choice) {
1039
      $select .= "<option value=\"$key\"". (is_array($value) ? (in_array($key, $value) ? " selected=\"selected\"" : "") : ($value == $key ? " selected=\"selected\"" : "")) .">". check_form($choice) ."</option>";
Dries's avatar
   
Dries committed
1040
    }
Kjartan's avatar
Kjartan committed
1041
    return form_item($title, "<select name=\"edit[$name]". ($multiple ? "[]" : "") ."\"". ($multiple ? " multiple " : "") . ($extra ? " $extra" : "") .">$select</select>", $description);
Dries's avatar
   
Dries committed
1042
1043
1044
  }
}

Dries's avatar
   
Dries committed
1045
1046
1047
1048
1049
1050
1051
1052
1053
function form_radios($title, $name, $value, $options, $description = 0) {
  if (count($options) > 0) {
    foreach ($options as $key=>$choice) {
      $output .= form_radio($choice, $name, $key, ($key == $value));
    }
    return form_item($title, $output, $description);
  }
}

1054
1055
1056
1057
1058
function form_file($title, $name, $size, $description = 0, $fid = 0) {
  if ($fid) { // Include file upload in case of preview
    $extra = form_hidden("__file][$name", $fid);
  }
  return $extra . form_item($title, "<input type=\"file\" class=\"form-file\" name=\"edit[$name]\" size=\"$size\" />\n", $description);
Dries's avatar
   
Dries committed
1059
1060
1061
1062
1063
1064
}

function form_hidden($name, $value) {
  return "<input type=\"hidden\" name=\"edit[$name]\" value=\"". check_form($value) ."\" />\n";
}

1065
function form_submit($value, $name = "op", $attributes = 0) {
Dries's avatar
   
Dries committed
1066
  return "<input type=\"submit\" class=\"form-submit\" name=\"$name\" value=\"". check_form($value) ."\" />\n";
Dries's avatar
   
Dries committed
1067
1068
}

Dries's avatar
   
Dries committed
1069
function form_weight($title = NULL, $name = "weight", $value = 0, $delta = 10, $description = 0, $extra = 0) {
Dries's avatar
   
Dries committed
1070
  for ($n = (-1 * $delta); $n <= $delta; $n++) {
Dries's avatar
   
Dries committed
1071
1072
1073
1074
1075
1076
    $weights[$n] = $n;
  }

  return form_select($title, $name, $value, $weights, $description, $extra);
}

Dries's avatar
   
Dries committed
1077
1078
1079
1080
function form_allowed_tags_text() {
  return variable_get("allowed_html", "") ? (t("Allowed HTML tags") .": ". htmlspecialchars(variable_get("allowed_html", ""))) : "";
}

Dries's avatar
   
Dries committed
1081
1082
1083
/**
 * Given an old url, return the alias.
 */
Dries's avatar
   
Dries committed
1084
1085
function drupal_get_path_alias($path) {
  $map = drupal_get_path_map();
Dries's avatar
   
Dries committed
1086

Dries's avatar
   
Dries committed
1087
1088
1089
  if ($map) {
    return array_search($path, $map);
  }
Dries's avatar
   
Dries committed
1090
1091
1092
}

/**
Dries's avatar
   
Dries committed
1093
 * Given an alias, return the default url.
Dries's avatar
   
Dries committed
1094
 */
Dries's avatar
   
Dries committed
1095
1096
function drupal_get_normal_path($path) {
  $map = drupal_get_path_map();
Dries's avatar
   
Dries committed
1097
1098
1099
  return $map[$path];
}

Dries's avatar
   
Dries committed
1100
function url($url = NULL, $query = NULL) {
Dries's avatar
   
Dries committed
1101
  global $base_url;
Dries's avatar
   
Dries committed
1102

Dries's avatar
   
Dries committed
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
  static $script;

  if (empty($script)) {
    /*
    ** On some webservers such as IIS we can't omit "index.php".  As such we
    ** generate "index.php?q=foo" instead of "?q=foo" on anything that is not
    ** Apache.
    */
    $script = (strpos($_SERVER["SERVER_SOFTWARE"], "Apache") === false) ? "index.php" : "";
  }

Dries's avatar
   
Dries committed
1114
  if ($alias = drupal_get_path_alias($url)) {
Dries's avatar
   
Dries committed
1115
1116
1117
    $url = $alias;
  }

Dries's avatar
   
Dries committed
1118
  if (variable_get("clean_url", "0") == "0") {
Dries's avatar
   
Dries committed
1119
1120
    if (isset($url)) {
      if (isset($query)) {
Dries's avatar
   
Dries committed
1121
        return "$base_url/$script?q=$url&amp;$query";
Dries's avatar
   
Dries committed
1122
1123
      }
      else {
Dries's avatar
   
Dries committed
1124
        return "$base_url/$script?q=$url";
Dries's avatar
   
Dries committed
1125
      }
Dries's avatar
   
Dries committed
1126
1127
    }
    else {
Dries's avatar
   
Dries committed
1128
      if (isset($query)) {
Dries's avatar
   
Dries committed
1129
        return "$base_url/$script?$query";
Dries's avatar
   
Dries committed
1130
1131
      }
      else {
Dries's avatar
   
Dries committed
1132
        return "$base_url/";
Dries's avatar
   
Dries committed
1133
      }
Dries's avatar
   
Dries committed
1134
1135
1136
    }
  }
  else {
Dries's avatar
   
Dries committed
1137
1138
    if (isset($url)) {
      if (isset($query)) {
Dries's avatar
   
Dries committed
1139
        return "$base_url/$url?$query";
Dries's avatar
   
Dries committed
1140
1141
      }
      else {
Dries's avatar
   
Dries committed
1142
        return "$base_url/$url";
Dries's avatar
   
Dries committed
1143
      }
Dries's avatar
   
Dries committed
1144
    }
Dries's avatar
   
Dries committed
1145
    else {
Dries's avatar
   
Dries committed
1146
      if (isset($query)) {
Dries's avatar
   
Dries committed
1147
        return "$base_url/$script?$query";
Dries's avatar
   
Dries committed
1148
1149
      }
      else {
Dries's avatar
   
Dries committed
1150
        return "$base_url/";
Dries's avatar
   
Dries committed
1151
      }
Dries's avatar
   
Dries committed
1152
    }
Dries's avatar
   
Dries committed
1153
  }
Dries's avatar
   
Dries committed
1154
1155
}

1156
1157
1158
1159
1160
1161
1162
function drupal_attributes($attributes = 0) {
  if (is_array($attributes)) {
    $t = array();
    foreach ($attributes as $key => $value) {
      $t[] = "$key=\"$value\"";
    }
    return " ". implode($t, " ");
Dries's avatar
   
Dries committed
1163
  }
1164
}
Dries's avatar
   
Dries committed
1165

1166
1167
function l($text, $url, $attributes = array(), $query = NULL) {
  return "<a href=\"". url($url, $query) ."\"". drupal_attributes($attributes) .">$text</a>";
Dries's avatar
   
Dries committed
1168
1169
}

Dries's avatar
   
Dries committed
1170
function field_get($string, $name) {
1171
  ereg(",?$name=([^,]+)", ", $string", $regs);
Dries's avatar
   
Dries committed
1172
1173
1174
1175
1176
  return $regs[1];
}

function field_set($string, $name, $value) {
  $rval = ereg_replace(",$name=[^,]+", "", ",$string");
Dries's avatar
   
Dries committed
1177
  if (isset($value)) {
Kjartan's avatar
Kjartan committed
1178
1179
    $rval .= ($rval == "," ? "" : ",") ."$name=$value";
  }
Dries's avatar
   
Dries committed
1180
1181