bootstrap.inc 53.6 KB
Newer Older
1
<?php
2 3 4 5
/**
 * @file
 * Functions that need to be loaded on every Drupal request.
 */
Dries's avatar
 
Dries committed
6

7
use Drupal\Component\Datetime\DateTimePlus;
8
use Drupal\Component\Utility\Crypt;
9
use Drupal\Component\Utility\Environment;
10
use Drupal\Component\Utility\SafeMarkup;
11
use Drupal\Component\Utility\String;
12
use Drupal\Component\Utility\Unicode;
13
use Drupal\Core\DrupalKernel;
14
use Drupal\Core\Extension\ExtensionDiscovery;
15
use Drupal\Core\Site\Settings;
16
use Drupal\Core\Utility\Error;
17
use Symfony\Component\ClassLoader\ApcClassLoader;
18
use Symfony\Component\HttpFoundation\Request;
19
use Symfony\Component\HttpFoundation\Response;
20
use Drupal\Core\Language\LanguageInterface;
21

22 23 24
/**
 * Minimum supported version of PHP.
 */
25
const DRUPAL_MINIMUM_PHP = '5.4.2';
26 27 28

/**
 * Minimum recommended value of PHP memory_limit.
29 30 31
 *
 * @todo Reduce the memory required to install on some environments in
 *   https://www.drupal.org/node/2289201 and then decrease this limit.
32
 */
33
const DRUPAL_MINIMUM_PHP_MEMORY_LIMIT = '64M';
34

35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54
/**
 * Error reporting level: display no errors.
 */
const ERROR_REPORTING_HIDE = 'hide';

/**
 * Error reporting level: display errors and warnings.
 */
const ERROR_REPORTING_DISPLAY_SOME = 'some';

/**
 * Error reporting level: display all messages.
 */
const ERROR_REPORTING_DISPLAY_ALL = 'all';

/**
 * Error reporting level: display all messages, plus backtrace information.
 */
const ERROR_REPORTING_DISPLAY_VERBOSE = 'verbose';

55 56 57 58 59 60
/**
 * @defgroup logging_severity_levels Logging severity levels
 * @{
 * Logging severity levels as defined in RFC 3164.
 *
 * The WATCHDOG_* constant definitions correspond to the logging severity levels
61
 * defined in RFC 3164, section 4.1.1. PHP supplies predefined LOG_* constants
62
 * for use in the syslog() function, but their values on Windows builds do not
63
 * correspond to RFC 3164. The associated PHP bug report was closed with the
64 65 66 67 68 69 70 71 72 73 74 75 76
 * comment, "And it's also not a bug, as Windows just have less log levels,"
 * and "So the behavior you're seeing is perfectly normal."
 *
 * @see http://www.faqs.org/rfcs/rfc3164.html
 * @see http://bugs.php.net/bug.php?id=18090
 * @see http://php.net/manual/function.syslog.php
 * @see http://php.net/manual/network.constants.php
 * @see watchdog_severity_levels()
 */

/**
 * Log message severity -- Emergency: system is unusable.
 */
77
const WATCHDOG_EMERGENCY = 0;
78 79 80 81

/**
 * Log message severity -- Alert: action must be taken immediately.
 */
82
const WATCHDOG_ALERT = 1;
83 84

/**
85
 * Log message severity -- Critical conditions.
86
 */
87
const WATCHDOG_CRITICAL = 2;
88 89

/**
90
 * Log message severity -- Error conditions.
91
 */
92
const WATCHDOG_ERROR = 3;
93 94

/**
95
 * Log message severity -- Warning conditions.
96
 */
97
const WATCHDOG_WARNING = 4;
98 99

/**
100
 * Log message severity -- Normal but significant conditions.
101
 */
102
const WATCHDOG_NOTICE = 5;
103 104

/**
105
 * Log message severity -- Informational messages.
106
 */
107
const WATCHDOG_INFO = 6;
108 109

/**
110
 * Log message severity -- Debug-level messages.
111
 */
112
const WATCHDOG_DEBUG = 7;
113 114 115 116 117

/**
 * @} End of "defgroup logging_severity_levels".
 */

118 119
/**
 * First bootstrap phase: initialize configuration.
120 121
 *
 * @deprecated in Drupal 8.x-dev, will be removed before Drupal 8.0.
122
 */
123
const DRUPAL_BOOTSTRAP_CONFIGURATION = 0;
124 125

/**
126 127 128
 * Second bootstrap phase, initialize a kernel.
 *
 * @deprecated in Drupal 8.x-dev, will be removed before Drupal 8.0.
129
 */
130
const DRUPAL_BOOTSTRAP_KERNEL = 1;
131 132

/**
133
 * Third bootstrap phase: try to serve a cached page.
134 135
 *
 * @deprecated in Drupal 8.x-dev, will be removed before Drupal 8.0.
136
 */
137
const DRUPAL_BOOTSTRAP_PAGE_CACHE = 2;
138 139

/**
140
 * Fourth bootstrap phase: load code for subsystems and modules.
141 142
 *
 * @deprecated in Drupal 8.x-dev, will be removed before Drupal 8.0.
143
 */
144
const DRUPAL_BOOTSTRAP_CODE = 3;
145 146

/**
147
 * Final bootstrap phase: initialize language, path, theme, and modules.
148 149
 *
 * @deprecated in Drupal 8.x-dev, will be removed before Drupal 8.0.
150
 */
151
const DRUPAL_BOOTSTRAP_FULL = 4;
152

153 154 155
/**
 * Role ID for anonymous users; should match what's in the "role" table.
 */
156
const DRUPAL_ANONYMOUS_RID = 'anonymous';
157 158 159 160

/**
 * Role ID for authenticated users; should match what's in the "role" table.
 */
161
const DRUPAL_AUTHENTICATED_RID = 'authenticated';
162

163 164 165 166 167
/**
 * The maximum number of characters in a module or theme name.
 */
const DRUPAL_EXTENSION_NAME_MAX_LENGTH = 50;

168
/**
169
 * Time of the current request in seconds elapsed since the Unix Epoch.
170
 *
171 172 173 174 175 176
 * This differs from $_SERVER['REQUEST_TIME'], which is stored as a float
 * since PHP 5.4.0. Float timestamps confuse most PHP functions
 * (including date_create()).
 *
 * @see http://php.net/manual/reserved.variables.server.php
 * @see http://php.net/manual/function.time.php
177
 */
178
define('REQUEST_TIME', (int) $_SERVER['REQUEST_TIME']);
179

180 181 182
/**
 * Regular expression to match PHP function names.
 *
183
 * @see http://php.net/manual/language.functions.php
184
 */
185
const DRUPAL_PHP_FUNCTION_PATTERN = '[a-zA-Z_\x7f-\xff][a-zA-Z0-9_\x7f-\xff]*';
186

187 188 189
/**
 * $config_directories key for active directory.
 *
190
 * @see config_get_config_directory()
191 192 193 194 195 196
 */
const CONFIG_ACTIVE_DIRECTORY = 'active';

/**
 * $config_directories key for staging directory.
 *
197
 * @see config_get_config_directory()
198 199 200
 */
const CONFIG_STAGING_DIRECTORY = 'staging';

201 202 203 204 205 206 207
/**
 * Defines the root directory of the Drupal installation.
 *
 * This strips two levels of directories off the current directory.
 */
define('DRUPAL_ROOT', dirname(dirname(__DIR__)));

Dries's avatar
 
Dries committed
208
/**
209
 * Returns the appropriate configuration directory.
Dries's avatar
 
Dries committed
210
 *
211
 * @param bool $require_settings
212 213 214 215
 *   Only configuration directories with an existing settings.php file
 *   will be recognized. Defaults to TRUE. During initial installation,
 *   this is set to FALSE so that Drupal can detect a matching directory,
 *   then create a new settings.php file in it.
216
 * @param bool $reset
217
 *   Force a full search for matching directories even if one had been
218
 *   found previously. Defaults to FALSE.
219 220 221
 * @param \Symfony\Component\HttpFoundation\Request $request
 *   (optional) The current request. Defaults to \Drupal::request() or a new
 *   request created from globals.
222
 *
223 224
 * @return string
 *   The path of the matching directory.@see default.settings.php
225
 *
226 227 228 229 230 231 232 233 234 235 236 237 238 239
 * @deprecated in Drupal 8.x-dev, will be removed before Drupal 8.0.
 *   Use \Drupal\Core\DrupalKernel::getSitePath() instead. If the kernel is
 *   unavailable or the site path needs to be recalculated then
 *   Drupal\Core\DrupalKernel::findSitePath() can be used.
 */
function conf_path($require_settings = TRUE, $reset = FALSE, Request $request = NULL) {
  if (!isset($request)) {
    if (\Drupal::hasRequest()) {
      $request = \Drupal::request();
    }
    // @todo Remove once external CLI scripts (Drush) are updated.
    else {
      $request = Request::createFromGlobals();
    }
240
  }
241 242
  if (\Drupal::hasService('kernel')) {
    $site_path = \Drupal::service('kernel')->getSitePath();
243
  }
244 245
  if (!isset($site_path) || empty($site_path)) {
    $site_path = DrupalKernel::findSitePath($request, $require_settings);
Dries's avatar
 
Dries committed
246
  }
247
  return $site_path;
Dries's avatar
 
Dries committed
248
}
249
/**
250 251 252 253 254
 * Returns the path of a configuration directory.
 *
 * @param string $type
 *   (optional) The type of config directory to return. Drupal core provides
 *   'active' and 'staging'. Defaults to CONFIG_ACTIVE_DIRECTORY.
255 256 257 258
 *
 * @return string
 *   The configuration directory path.
 */
259 260
function config_get_config_directory($type = CONFIG_ACTIVE_DIRECTORY) {
  global $config_directories;
261

262
  if (!empty($config_directories[$type])) {
263
    return $config_directories[$type];
264
  }
265
  throw new \Exception(format_string('The configuration directory type %type does not exist.', array('%type' => $type)));
266 267
}

Dries's avatar
Dries committed
268
/**
269 270 271 272
 * Returns and optionally sets the filename for a system resource.
 *
 * The filename, whether provided, cached, or retrieved from the database, is
 * only returned if the file exists.
Dries's avatar
Dries committed
273
 *
Dries's avatar
Dries committed
274 275
 * This function plays a key role in allowing Drupal's resources (modules
 * and themes) to be located in different places depending on a site's
276
 * configuration. For example, a module 'foo' may legally be located
Dries's avatar
Dries committed
277 278
 * in any of these three places:
 *
279 280 281
 * core/modules/foo/foo.info.yml
 * modules/foo/foo.info.yml
 * sites/example.com/modules/foo/foo.info.yml
Dries's avatar
Dries committed
282 283 284 285
 *
 * Calling drupal_get_filename('module', 'foo') will give you one of
 * the above, depending on where the module is located.
 *
Dries's avatar
Dries committed
286
 * @param $type
287 288
 *   The type of the item; one of 'core', 'profile', 'module', 'theme', or
 *   'theme_engine'.
Dries's avatar
Dries committed
289
 * @param $name
290 291
 *   The name of the item for which the filename is requested. Ignored for
 *   $type 'core'.
Dries's avatar
Dries committed
292 293 294 295 296
 * @param $filename
 *   The filename of the item if it is to be set explicitly rather
 *   than by consulting the database.
 *
 * @return
297
 *   The filename of the requested item or NULL if the item is not found.
Dries's avatar
Dries committed
298
 */
Dries's avatar
Dries committed
299
function drupal_get_filename($type, $name, $filename = NULL) {
300 301
  // The location of files will not change during the request, so do not use
  // drupal_static().
302
  static $files = array();
Dries's avatar
Dries committed
303

304 305 306 307 308 309 310 311
  // Type 'core' only exists to simplify application-level logic; it always maps
  // to the /core directory, whereas $name is ignored. It is only requested via
  // drupal_get_path(). /core/core.info.yml does not exist, but is required
  // since drupal_get_path() returns the dirname() of the returned pathname.
  if ($type === 'core') {
    return 'core/core.info.yml';
  }

312 313 314
  // Profiles are converted into modules in system_rebuild_module_data().
  // @todo Remove false-exposure of profiles as modules.
  $original_type = $type;
315
  if ($type == 'profile') {
316
    $type = 'module';
317
  }
318
  if (!isset($files[$type])) {
Dries's avatar
Dries committed
319 320 321
    $files[$type] = array();
  }

322
  if (isset($filename)) {
Dries's avatar
Dries committed
323 324
    $files[$type][$name] = $filename;
  }
325 326 327 328 329 330
  elseif (!isset($files[$type][$name])) {
    // If the pathname of the requested extension is not known, try to retrieve
    // the list of extension pathnames from various providers, checking faster
    // providers first.
    // Retrieve the current module list (derived from the service container).
    if ($type == 'module' && \Drupal::hasService('module_handler')) {
331 332 333
      foreach (\Drupal::moduleHandler()->getModuleList() as $module_name => $module) {
        $files[$type][$module_name] = $module->getPathname();
      }
334 335 336 337 338
    }
    // If still unknown, retrieve the file list prepared in state by
    // system_rebuild_module_data() and system_rebuild_theme_data().
    if (!isset($files[$type][$name]) && \Drupal::hasService('state')) {
      $files[$type] += \Drupal::state()->get('system.' . $type . '.files', array());
339
    }
340
    // If still unknown, perform a filesystem scan.
341
    if (!isset($files[$type][$name])) {
342 343 344 345
      $listing = new ExtensionDiscovery();
      // Prevent an infinite recursion by this legacy function.
      if ($original_type == 'profile') {
        $listing->setProfileDirectories(array());
346
      }
347
      foreach ($listing->scan($original_type) as $extension_name => $file) {
348
        $files[$type][$extension_name] = $file->getPathname();
Dries's avatar
Dries committed
349 350 351 352
      }
    }
  }

353 354 355
  if (isset($files[$type][$name])) {
    return $files[$type][$name];
  }
Dries's avatar
Dries committed
356 357
}

358 359 360 361 362 363 364 365 366 367 368 369
/**
 * Gets the page cache cid for this request.
 *
 * @param \Symfony\Component\HttpFoundation\Request $request
 *   The request for this page.
 *
 * @return string
 *   The cid for this request.
 */
function drupal_page_cache_get_cid(Request $request) {
  $cid_parts = array(
    $request->getUri(),
370
    \Drupal::service('content_negotiation')->getContentType($request),
371 372 373 374
  );
  return sha1(implode(':', $cid_parts));
}

Dries's avatar
 
Dries committed
375
/**
376
 * Retrieves the current page from the cache.
Dries's avatar
 
Dries committed
377
 *
378 379
 * @param \Symfony\Component\HttpFoundation\Request $request
 *   The request for this page.
380
 *
381 382
 * @return \Symfony\Component\HttpFoundation\Response
 *   The response, if the page was found in the cache, NULL otherwise.
Dries's avatar
 
Dries committed
383
 */
384
function drupal_page_get_cache(Request $request) {
385 386 387
  $cache = \Drupal::cache('render')->get(drupal_page_cache_get_cid($request));
  if ($cache) {
    return $cache->data;
388
  }
389 390
}

391
/**
392
 * Sets an HTTP response header for the current page.
393 394 395 396 397
 *
 * Note: When sending a Content-Type header, always include a 'charset' type,
 * too. This is necessary to avoid security bugs (e.g. UTF-7 XSS).
 *
 * @param $name
398
 *   The HTTP header name, or the special 'Status' header name.
399
 * @param $value
400 401 402
 *   The HTTP header value; if equal to FALSE, the specified header is unset.
 *   If $name is 'Status', this is expected to be a status code followed by a
 *   reason phrase, e.g. "404 Not Found".
403 404
 * @param $append
 *   Whether to append the value to an existing header or to replace it.
405
 *
406 407 408
 * @deprecated in Drupal 8.x-dev, will be removed before Drupal 8.0.
 *   Use \Symfony\Component\HttpFoundation\Response->headers->set().
 *   See https://drupal.org/node/2181523.
409
 */
410
function drupal_add_http_header($name, $value, $append = FALSE) {
411
  // The headers as name/value pairs.
412
  $headers = &drupal_static('drupal_http_headers', array());
413

414
  $name_lower = strtolower($name);
415
  _drupal_set_preferred_header_name($name);
416

417
  if ($value === FALSE) {
418
    $headers[$name_lower] = FALSE;
419
  }
420
  elseif (isset($headers[$name_lower]) && $append) {
421 422
    // Multiple headers with identical names may be combined using comma (RFC
    // 2616, section 4.2).
423
    $headers[$name_lower] .= ',' . $value;
424 425
  }
  else {
426
    $headers[$name_lower] = $value;
427 428 429 430
  }
}

/**
431
 * Gets the HTTP response headers for the current page.
432 433 434 435
 *
 * @param $name
 *   An HTTP header name. If omitted, all headers are returned as name/value
 *   pairs. If an array value is FALSE, the header has been unset.
436
 *
437 438 439
 * @return
 *   A string containing the header value, or FALSE if the header has been set,
 *   or NULL if the header has not been set.
440
 *
441 442 443
 * @deprecated in Drupal 8.x-dev, will be removed before Drupal 8.0.
 *   Use \Symfony\Component\HttpFoundation\Response->headers->get().
 *   See https://drupal.org/node/2181523.
444
 */
445
function drupal_get_http_header($name = NULL) {
446
  $headers = &drupal_static('drupal_http_headers', array());
447 448 449 450 451 452 453 454 455 456
  if (isset($name)) {
    $name = strtolower($name);
    return isset($headers[$name]) ? $headers[$name] : NULL;
  }
  else {
    return $headers;
  }
}

/**
457 458
 * Sets the preferred name for the HTTP header.
 *
459
 * Header names are case-insensitive, but for maximum compatibility they should
460 461
 * follow "common form" (see RFC 2616, section 4.2).
 *
462 463
 * @deprecated in Drupal 8.x-dev, will be removed before Drupal 8.0.
 *   See https://drupal.org/node/2181523.
464 465 466 467 468 469 470 471 472 473 474
 */
function _drupal_set_preferred_header_name($name = NULL) {
  static $header_names = array();

  if (!isset($name)) {
    return $header_names;
  }
  $header_names[strtolower($name)] = $name;
}

/**
475 476 477 478
 * Sends the HTTP response headers that were previously set, adding defaults.
 *
 * Headers are set in drupal_add_http_header(). Default headers are not set
 * if they have been replaced or unset using drupal_add_http_header().
479
 *
480 481 482 483 484
 * @param array $default_headers
 *   (optional) An array of headers as name/value pairs.
 * @param bool $only_default
 *   (optional) If TRUE and headers have already been sent, send only the
 *   specified headers.
485
 *
486 487
 * @deprecated in Drupal 8.x-dev, will be removed before Drupal 8.0.
 *   See https://drupal.org/node/2181523.
488 489 490
 */
function drupal_send_headers($default_headers = array(), $only_default = FALSE) {
  $headers_sent = &drupal_static(__FUNCTION__, FALSE);
491
  $headers = drupal_get_http_header();
492 493 494 495 496 497 498 499 500 501 502 503 504 505
  if ($only_default && $headers_sent) {
    $headers = array();
  }
  $headers_sent = TRUE;

  $header_names = _drupal_set_preferred_header_name();
  foreach ($default_headers as $name => $value) {
    $name_lower = strtolower($name);
    if (!isset($headers[$name_lower])) {
      $headers[$name_lower] = $value;
      $header_names[$name_lower] = $name;
    }
  }
  foreach ($headers as $name_lower => $value) {
506
    if ($name_lower == 'status') {
507 508 509
      header($_SERVER['SERVER_PROTOCOL'] . ' ' . $value);
    }
    // Skip headers that have been unset.
510
    elseif ($value !== FALSE) {
511 512 513 514 515
      header($header_names[$name_lower] . ': ' . $value);
    }
  }
}

Dries's avatar
 
Dries committed
516
/**
517
 * Sets HTTP headers in preparation for a page response.
518
 *
519 520 521 522
 * Authenticated users are always given a 'no-cache' header, and will fetch a
 * fresh page on every request. This prevents authenticated users from seeing
 * locally cached pages.
 *
523
 * Also give each page a unique ETag. This should force clients to include both
524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539
 * an If-Modified-Since header and an If-None-Match header when doing
 * conditional requests for the page (required by RFC 2616, section 13.3.4),
 * making the validation more robust. This is a workaround for a bug in Mozilla
 * Firefox that is triggered when Drupal's caching is enabled and the user
 * accesses Drupal via an HTTP proxy (see
 * https://bugzilla.mozilla.org/show_bug.cgi?id=269303): When an authenticated
 * user requests a page, and then logs out and requests the same page again,
 * Firefox may send a conditional request based on the page that was cached
 * locally when the user was logged in. If this page did not have an ETag
 * header, the request only contains an If-Modified-Since header. The date will
 * be recent, because with authenticated users the Last-Modified header always
 * refers to the time of the request. If the user accesses Drupal via a proxy
 * server, and the proxy already has a cached copy of the anonymous page with an
 * older Last-Modified date, the proxy may respond with 304 Not Modified, making
 * the client think that the anonymous and authenticated pageviews are
 * identical.
540
 *
541
 * @see drupal_page_set_cache()
542
 *
543 544
 * @deprecated in Drupal 8.x-dev, will be removed before Drupal 8.0.
 *   See https://drupal.org/node/2181523.
Dries's avatar
 
Dries committed
545
 */
Dries's avatar
 
Dries committed
546
function drupal_page_header() {
547 548 549 550 551 552 553 554
  $headers_sent = &drupal_static(__FUNCTION__, FALSE);
  if ($headers_sent) {
    return TRUE;
  }
  $headers_sent = TRUE;

  $default_headers = array(
    'Expires' => 'Sun, 19 Nov 1978 05:00:00 GMT',
555
    'Last-Modified' => gmdate(DateTimePlus::RFC7231, REQUEST_TIME),
556 557 558 559
    'Cache-Control' => 'no-cache, must-revalidate, post-check=0, pre-check=0',
    'ETag' => '"' . REQUEST_TIME . '"',
  );
  drupal_send_headers($default_headers);
560
}
Dries's avatar
 
Dries committed
561

562
/**
563
 * Sets HTTP headers in preparation for a cached page response.
564
 *
565 566
 * The headers allow as much as possible in proxies and browsers without any
 * particular knowledge about the pages. Modules can override these headers
567
 * using drupal_add_http_header().
568
 *
569 570 571 572
 * If the request is conditional (using If-Modified-Since and If-None-Match),
 * and the conditions match those currently in the cache, a 304 Not Modified
 * response is sent.
 */
573 574 575 576 577 578 579 580 581 582 583
function drupal_serve_page_from_cache(Response $response, Request $request) {
  // Only allow caching in the browser and prevent that the response is stored
  // by an external proxy server when the following conditions apply:
  // 1. There is a session cookie on the request.
  // 2. The Vary: Cookie header is on the response.
  // 3. The Cache-Control header does not contain the no-cache directive.
  if ($request->cookies->has(session_name()) &&
    in_array('Cookie', $response->getVary()) &&
    !$response->headers->hasCacheControlDirective('no-cache')) {

    $response->setPrivate();
584 585
  }

586 587 588 589
  // Negotiate whether to use compression.
  if ($response->headers->get('Content-Encoding') == 'gzip' && extension_loaded('zlib')) {
    if (strpos($request->headers->get('Accept-Encoding'), 'gzip') !== FALSE) {
      // The response content is already gzip'ed, so make sure
590
      // zlib.output_compression does not compress it once more.
591
      ini_set('zlib.output_compression', '0');
592 593
    }
    else {
594 595 596 597 598 599
      // The client does not support compression. Decompress the content and
      // remove the Content-Encoding header.
      $content = $response->getContent();
      $content = gzinflate(substr(substr($content, 10), 0, -8));
      $response->setContent($content);
      $response->headers->remove('Content-Encoding');
600
    }
601 602
  }

603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625
  // Perform HTTP revalidation.
  // @todo Use Response::isNotModified() as per https://drupal.org/node/2259489
  $last_modified = $response->getLastModified();
  if ($last_modified) {
    // See if the client has provided the required HTTP headers.
    $if_modified_since = $request->server->has('HTTP_IF_MODIFIED_SINCE') ? strtotime($request->server->get('HTTP_IF_MODIFIED_SINCE')) : FALSE;
    $if_none_match = $request->server->has('HTTP_IF_NONE_MATCH') ? stripslashes($request->server->get('HTTP_IF_NONE_MATCH')) : FALSE;

    if ($if_modified_since && $if_none_match
      && $if_none_match == $response->getEtag() // etag must match
      && $if_modified_since == $last_modified->getTimestamp()) {  // if-modified-since must match
      $response->setStatusCode(304);
      $response->setContent(NULL);

      // In the case of a 304 response, certain headers must be sent, and the
      // remaining may not (see RFC 2616, section 10.3.5).
      foreach (array_keys($response->headers->all()) as $name) {
        if (!in_array($name, array('content-location', 'expires', 'cache-control', 'vary'))) {
          $response->headers->remove($name);
        }
      }
    }
  }
Dries's avatar
 
Dries committed
626 627
}

628
/**
629
 * Translates a string to the current language or to a given language.
630
 *
631 632 633
 * The t() function serves two purposes. First, at run-time it translates
 * user-visible text into the appropriate language. Second, various mechanisms
 * that figure out what text needs to be translated work off t() -- the text
634 635 636 637 638
 * inside t() calls is added to the database of strings to be translated.
 * These strings are expected to be in English, so the first argument should
 * always be in English. To enable a fully-translatable site, it is important
 * that all human-readable text that will be displayed on the site or sent to
 * a user is passed through the t() function, or a related function. See the
639 640 641 642
 * @link http://drupal.org/node/322729 Localization API @endlink pages for
 * more information, including recommendations on how to break up or not
 * break up strings for translation.
 *
643
 * @section sec_translating_vars Translating Variables
644 645 646 647 648 649 650 651 652
 * You should never use t() to translate variables, such as calling
 * @code t($text); @endcode, unless the text that the variable holds has been
 * passed through t() elsewhere (e.g., $text is one of several translated
 * literal strings in an array). It is especially important never to call
 * @code t($user_text); @endcode, where $user_text is some text that a user
 * entered - doing that can lead to cross-site scripting and other security
 * problems. However, you can use variable substitution in your string, to put
 * variable text such as user names or link URLs into translated text. Variable
 * substitution looks like this:
653
 * @code
654
 * $text = t("@name's blog", array('@name' => user_format_name($account)));
655
 * @endcode
656
 * Basically, you can put variables like @name into your string, and t() will
657 658
 * substitute their sanitized values at translation time. (See the
 * Localization API pages referenced above and the documentation of
659 660 661
 * format_string() for details about how to define variables in your string.)
 * Translators can then rearrange the string as necessary for the language
 * (e.g., in Spanish, it might be "blog de @name").
662 663 664 665
 *
 * @param $string
 *   A string containing the English string to translate.
 * @param $args
666 667 668
 *   An associative array of replacements to make after translation. Based
 *   on the first character of the key, the value is escaped and/or themed.
 *   See format_string() for details.
669
 * @param $options
670 671 672 673 674
 *   An associative array of additional options, with the following elements:
 *   - 'langcode' (defaults to the current language): The language code to
 *     translate to a language other than what is used to display the page.
 *   - 'context' (defaults to the empty context): The context the source string
 *     belongs to.
675
 *
676 677
 * @return
 *   The translated string.
678
 *
679
 * @see format_string()
680
 * @ingroup sanitization
681 682
 */
function t($string, array $args = array(), array $options = array()) {
683
  return \Drupal::translation()->translate($string, $args, $options);
684 685 686
}

/**
687 688
 * Formats a string for HTML display by replacing variable placeholders.
 *
689
 * @see \Drupal\Component\Utility\String::format()
690 691 692 693
 * @see t()
 * @ingroup sanitization
 */
function format_string($string, array $args = array()) {
694
  return String::format($string, $args);
695 696
}

Gábor Hojtsy's avatar
Gábor Hojtsy committed
697 698 699 700 701 702 703 704 705 706 707 708 709 710 711
/**
 * Checks whether a string is valid UTF-8.
 *
 * All functions designed to filter input should use drupal_validate_utf8
 * to ensure they operate on valid UTF-8 strings to prevent bypass of the
 * filter.
 *
 * When text containing an invalid UTF-8 lead byte (0xC0 - 0xFF) is presented
 * as UTF-8 to Internet Explorer 6, the program may misinterpret subsequent
 * bytes. When these subsequent bytes are HTML control characters such as
 * quotes or angle brackets, parts of the text that were deemed safe by filters
 * end up in locations that are potentially unsafe; An onerror attribute that
 * is outside of a tag, and thus deemed safe by a filter, can be interpreted
 * by the browser as if it were inside the tag.
 *
712 713
 * The function does not return FALSE for strings containing character codes
 * above U+10FFFF, even though these are prohibited by RFC 3629.
Gábor Hojtsy's avatar
Gábor Hojtsy committed
714 715 716
 *
 * @param $text
 *   The text to check.
717
 *
Gábor Hojtsy's avatar
Gábor Hojtsy committed
718 719
 * @return
 *   TRUE if the text is valid UTF-8, FALSE if not.
720 721
 *
 * @see \Drupal\Component\Utility\Unicode::validateUtf8()
Gábor Hojtsy's avatar
Gábor Hojtsy committed
722 723
 */
function drupal_validate_utf8($text) {
724
  return Unicode::validateUtf8($text);
Dries's avatar
Dries committed
725 726
}

Dries's avatar
 
Dries committed
727
/**
728 729 730 731
 * Returns the equivalent of Apache's $_SERVER['REQUEST_URI'] variable.
 *
 * Because $_SERVER['REQUEST_URI'] is only available on Apache, we generate an
 * equivalent using other environment variables.
732 733
 *
 * @todo The above comment is incorrect: http://drupal.org/node/1547294.
Dries's avatar
 
Dries committed
734
 */
735
function request_uri($omit_query_string = FALSE) {
736 737 738 739
  if (isset($_SERVER['REQUEST_URI'])) {
    $uri = $_SERVER['REQUEST_URI'];
  }
  else {
740
    if (isset($_SERVER['argv'][0])) {
741
      $uri = $_SERVER['SCRIPT_NAME'] . '?' . $_SERVER['argv'][0];
742
    }
743
    elseif (isset($_SERVER['QUERY_STRING'])) {
744
      $uri = $_SERVER['SCRIPT_NAME'] . '?' . $_SERVER['QUERY_STRING'];
745
    }
746 747 748
    else {
      $uri = $_SERVER['SCRIPT_NAME'];
    }
Dries's avatar
 
Dries committed
749
  }
750 751
  // Prevent multiple slashes to avoid cross site requests via the Form API.
  $uri = '/' . ltrim($uri, '/');
752

753
  return $omit_query_string ? strtok($uri, '?') : $uri;
Dries's avatar
 
Dries committed
754
}
Dries's avatar
Dries committed
755

756
/**
757
 * Logs an exception.
758
 *
759
 * This is a wrapper logging function which automatically decodes an exception.
760 761 762 763 764 765 766
 *
 * @param $type
 *   The category to which this message belongs.
 * @param $exception
 *   The exception that is going to be logged.
 * @param $message
 *   The message to store in the log. If empty, a text that contains all useful
767
 *   information about the passed-in exception is used.
768
 * @param $variables
769 770 771
 *   Array of variables to replace in the message on display or
 *   NULL if message is already translated or not possible to
 *   translate.
772 773 774 775 776
 * @param $severity
 *   The severity of the message, as per RFC 3164.
 * @param $link
 *   A link to associate with the message.
 *
777
 * @see \Drupal\Core\Utility\Error::decodeException()
778
 */
779
function watchdog_exception($type, Exception $exception, $message = NULL, $variables = array(), $severity = WATCHDOG_ERROR, $link = NULL) {
780

781 782 783 784 785 786 787 788 789 790 791 792 793 794 795
  // Use a default value if $message is not set.
  if (empty($message)) {
    // The exception message is run through
    // \Drupal\Component\Utility\String::checkPlain() by
    // \Drupal\Core\Utility\Error:decodeException().
    $message = '%type: !message in %function (line %line of %file).';
  }

  if ($link) {
    $variables['link'] = $link;
  }

  $variables += Error::decodeException($exception);

  \Drupal::logger($type)->log($severity, $message, $variables);
796 797
}

Dries's avatar
 
Dries committed
798
/**
799
 * Sets a message to display to the user.
Dries's avatar
 
Dries committed
800
 *
801 802
 * Messages are stored in a session variable and displayed in the page template
 * via the $messages theme variable.
Dries's avatar
 
Dries committed
803
 *
804 805 806 807 808 809 810 811 812 813 814 815
 * Example usage:
 * @code
 * drupal_set_message(t('An error occurred and processing did not complete.'), 'error');
 * @endcode
 *
 * @param string $message
 *   (optional) The translated message to be displayed to the user. For
 *   consistency with other messages, it should begin with a capital letter and
 *   end with a period.
 * @param string $type
 *   (optional) The message's type. Defaults to 'status'. These values are
 *   supported:
816
 *   - 'status'
817
 *   - 'warning'
818
 *   - 'error'
819 820
 * @param bool $repeat
 *   (optional) If this is FALSE and the message is already set, then the
821
 *   message won't be repeated. Defaults to FALSE.
822 823 824
 *
 * @return array|null
 *   A multidimensional array with keys corresponding to the set message types.
825 826 827 828 829 830 831 832 833 834 835 836 837 838 839 840 841 842 843 844 845
 *   The indexed array values of each contain the set messages for that type,
 *   and each message is an associative array with the following format:
 *   - safe: Boolean indicating whether the message string has been marked as
 *     safe. Non-safe strings will be escaped automatically.
 *   - message: The message string.
 *   So, the following is an example of the full return array structure:
 *   @code
 *     array(
 *       'status' => array(
 *         array(
 *           'safe' => TRUE,
 *           'message' => 'A <em>safe</em> markup string.',
 *         ),
 *         array(
 *           'safe' => FALSE,
 *           'message' => "$arbitrary_user_input to escape.",
 *         ),
 *       ),
 *     );
 *   @endcode
 *   If there are no messages set, the function returns NULL.
846 847 848
 *
 * @see drupal_get_messages()
 * @see theme_status_messages()
Dries's avatar
 
Dries committed
849
 */
850
function drupal_set_message($message = NULL, $type = 'status', $repeat = FALSE) {
851
  if (isset($message)) {
Dries's avatar
 
Dries committed
852 853 854 855
    if (!isset($_SESSION['messages'][$type])) {
      $_SESSION['messages'][$type] = array();
    }

856
    if ($repeat || !in_array($message, $_SESSION['messages'][$type])) {
857 858 859 860
      $_SESSION['messages'][$type][] = array(
        'safe' => SafeMarkup::isSafe($message),
        'message' => $message,
      );
861
    }
862

863
    // Mark this page as being uncacheable.
864
    \Drupal::service('page_cache_kill_switch')->trigger();
865 866
  }

867
  // Messages not set when DB connection fails.
868
  return isset($_SESSION['messages']) ? $_SESSION['messages'] : NULL;
869 870
}

Dries's avatar
 
Dries committed
871
/**
872
 * Returns all messages that have been set with drupal_set_message().
Dries's avatar
 
Dries committed
873
 *
874 875 876 877 878 879 880 881 882 883 884
 * @param string $type
 *   (optional) Limit the messages returned by type. Defaults to NULL, meaning
 *   all types. These values are supported:
 *   - NULL
 *   - 'status'
 *   - 'warning'
 *   - 'error'
 * @param bool $clear_queue
 *   (optional) If this is TRUE, the queue will be cleared of messages of the
 *   type specified in the $type parameter. Otherwise the queue will be left
 *   intact. Defaults to TRUE.
885
 *
886
 * @return array
887 888 889 890
 *   An associative, nested array of messages grouped by message type, with
 *   the top-level keys as the message type. The messages returned are
 *   limited to the type specified in the $type parameter, if any. If there
 *   are no messages of the specified type, an empty array is returned. See
891
 *   drupal_set_message() for the array structure of individual messages.
892 893 894
 *
 * @see drupal_set_message()
 * @see theme_status_messages()
Dries's avatar
 
Dries committed
895
 */
896
function drupal_get_messages($type = NULL, $clear_queue = TRUE) {
897
  if ($messages = drupal_set_message()) {
898 899 900 901 902 903 904 905
    foreach ($messages as $message_type => $message_typed_messages) {
      foreach ($message_typed_messages as $key => $message) {
        if ($message['safe']) {
          $message[</