common.inc 191 KB
Newer Older
Dries's avatar
   
Dries committed
1
<?php
2
// $Id$
Dries's avatar
   
Dries committed
3

Dries's avatar
   
Dries committed
4
5
6
7
8
9
10
11
/**
 * @file
 * Common functions that many Drupal modules will need to reference.
 *
 * The functions that are critical and need to be available even when serving
 * a cached page are instead located in bootstrap.inc.
 */

12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
/**
 * @defgroup php_wrappers PHP wrapper functions
 * @{
 * Functions that are wrappers or custom implementations of PHP functions.
 *
 * Certain PHP functions should not be used in Drupal. Instead, Drupal's
 * replacement functions should be used.
 *
 * For example, for improved or more secure UTF8-handling, or RFC-compliant
 * handling of URLs in Drupal.
 *
 * For ease of use and memorizing, all these wrapper functions use the same name
 * as the original PHP function, but prefixed with "drupal_". Beware, however,
 * that not all wrapper functions support the same arguments as the original
 * functions.
 *
 * You should always use these wrapper functions in your code.
 *
 * Wrong:
 * @code
 *   $my_substring = substr($original_string, 0, 5);
 * @endcode
 *
 * Correct:
 * @code
 *   $my_substring = drupal_substr($original_string, 0, 5);
 * @endcode
 *
 * @} End of "defgroup php_wrappers".
 */

43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
/**
 * Error reporting level: display no errors.
 */
define('ERROR_REPORTING_HIDE', 0);

/**
 * Error reporting level: display errors and warnings.
 */
define('ERROR_REPORTING_DISPLAY_SOME', 1);

/**
 * Error reporting level: display all messages.
 */
define('ERROR_REPORTING_DISPLAY_ALL', 2);

58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
/**
 * Return status for saving which involved creating a new item.
 */
define('SAVED_NEW', 1);

/**
 * Return status for saving which involved an update to an existing item.
 */
define('SAVED_UPDATED', 2);

/**
 * Return status for saving which deleted an existing item.
 */
define('SAVED_DELETED', 3);

73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
/**
 * The default weight of system CSS files added to the page.
 */
define('CSS_SYSTEM', -100);

/**
 * The default weight of CSS files added to the page.
 */
define('CSS_DEFAULT', 0);

/**
 * The default weight of theme CSS files added to the page.
 */
define('CSS_THEME', 100);

88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
/**
 * The weight of JavaScript libraries, settings or jQuery plugins being
 * added to the page.
 */
define('JS_LIBRARY', -100);

/**
 * The default weight of JavaScript being added to the page.
 */
define('JS_DEFAULT', 0);

/**
 * The weight of theme JavaScript code being added to the page.
 */
define('JS_THEME', 100);

104
105
106
107
108
109
/**
 * Error code indicating that the request made by drupal_http_request() exceeded
 * the specified timeout.
 */
define('HTTP_REQUEST_TIMEOUT', 1);

110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
/**
 * Constants defining cache granularity for blocks and renderable arrays.
 *
 * Modules specify the caching patterns for their blocks using binary
 * combinations of these constants in their hook_block_info():
 *   $block[delta]['cache'] = DRUPAL_CACHE_PER_ROLE | DRUPAL_CACHE_PER_PAGE;
 * DRUPAL_CACHE_PER_ROLE is used as a default when no caching pattern is
 * specified. Use DRUPAL_CACHE_CUSTOM to disable standard block cache and
 * implement
 *
 * The block cache is cleared in cache_clear_all(), and uses the same clearing
 * policy than page cache (node, comment, user, taxonomy added or updated...).
 * Blocks requiring more fine-grained clearing might consider disabling the
 * built-in block cache (DRUPAL_NO_CACHE) and roll their own.
 *
 * Note that user 1 is excluded from block caching.
 */

/**
 * The block should not get cached. This setting should be used:
 * - for simple blocks (notably those that do not perform any db query),
 * where querying the db cache would be more expensive than directly generating
 * the content.
 * - for blocks that change too frequently.
 */
define('DRUPAL_NO_CACHE', -1);

/**
 * The block is handling its own caching in its hook_block_view(). From the
 * perspective of the block cache system, this is equivalent to DRUPAL_NO_CACHE.
 * Useful when time based expiration is needed or a site uses a node access
 * which invalidates standard block cache.
 */
define('DRUPAL_CACHE_CUSTOM', -2);

/**
 * The block or element can change depending on the roles the user viewing the
 * page belongs to. This is the default setting for blocks, used when the block
 * does not specify anything.
 */
define('DRUPAL_CACHE_PER_ROLE', 0x0001);

/**
 * The block or element can change depending on the user viewing the page.
 * This setting can be resource-consuming for sites with large number of users,
 * and thus should only be used when DRUPAL_CACHE_PER_ROLE is not sufficient.
 */
define('DRUPAL_CACHE_PER_USER', 0x0002);

/**
 * The block or element can change depending on the page being viewed.
 */
define('DRUPAL_CACHE_PER_PAGE', 0x0004);

/**
 * The block or element is the same for every user on every page where it is visible.
 */
define('DRUPAL_CACHE_GLOBAL', 0x0008);

169
/**
170
 * Add content to a specified region.
171
172
 *
 * @param $region
173
 *   Page region the content is added to.
174
 * @param $data
175
 *   Content to be added.
176
 */
177
function drupal_add_region_content($region = NULL, $data = NULL) {
178
179
180
181
182
183
184
185
186
  static $content = array();

  if (!is_null($region) && !is_null($data)) {
    $content[$region][] = $data;
  }
  return $content;
}

/**
187
 * Get assigned content for a given region.
188
189
 *
 * @param $region
190
191
 *   A specified region to fetch content for. If NULL, all regions will be
 *   returned.
192
 * @param $delimiter
193
 *   Content to be inserted between imploded array elements.
194
 */
195
196
function drupal_get_region_content($region = NULL, $delimiter = ' ') {
  $content = drupal_add_region_content();
197
198
  if (isset($region)) {
    if (isset($content[$region]) && is_array($content[$region])) {
Steven Wittens's avatar
Steven Wittens committed
199
      return implode($delimiter, $content[$region]);
200
    }
201
202
203
204
  }
  else {
    foreach (array_keys($content) as $region) {
      if (is_array($content[$region])) {
Steven Wittens's avatar
Steven Wittens committed
205
        $content[$region] = implode($delimiter, $content[$region]);
206
207
208
209
210
211
      }
    }
    return $content;
  }
}

212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
/**
 * Get the name of the currently active install profile.
 *
 * When this function is called during Drupal's initial installation process,
 * the name of the profile that's about to be installed is stored in the global
 * installation state. At all other times, the standard Drupal systems variable
 * table contains the name of the current profile, and we can call variable_get()
 * to determine what one is active.
 *
 * @return $profile
 *   The name of the install profile.
 */
function drupal_get_profile() {
  global $install_state;

  if (isset($install_state['parameters']['profile'])) {
    $profile = $install_state['parameters']['profile'];
  }
  else {
    $profile = variable_get('install_profile', 'default');
  }

  return $profile;
}


Dries's avatar
   
Dries committed
238
/**
Dries's avatar
   
Dries committed
239
 * Set the breadcrumb trail for the current page.
Dries's avatar
   
Dries committed
240
 *
Dries's avatar
   
Dries committed
241
242
243
 * @param $breadcrumb
 *   Array of links, starting with "home" and proceeding up to but not including
 *   the current page.
Kjartan's avatar
Kjartan committed
244
 */
Dries's avatar
   
Dries committed
245
function drupal_set_breadcrumb($breadcrumb = NULL) {
246
  $stored_breadcrumb = &drupal_static(__FUNCTION__);
Dries's avatar
   
Dries committed
247

248
  if (!is_null($breadcrumb)) {
Dries's avatar
   
Dries committed
249
250
251
252
253
    $stored_breadcrumb = $breadcrumb;
  }
  return $stored_breadcrumb;
}

Dries's avatar
   
Dries committed
254
255
256
/**
 * Get the breadcrumb trail for the current page.
 */
Dries's avatar
   
Dries committed
257
258
259
function drupal_get_breadcrumb() {
  $breadcrumb = drupal_set_breadcrumb();

260
  if (is_null($breadcrumb)) {
Dries's avatar
   
Dries committed
261
262
263
264
265
266
    $breadcrumb = menu_get_active_breadcrumb();
  }

  return $breadcrumb;
}

267
/**
268
269
 * Return a string containing RDF namespaces for the <html> tag of an XHTML
 * page.
270
271
272
273
274
275
276
277
278
279
 */
function drupal_get_rdf_namespaces() {
  // Serialize the RDF namespaces used in RDFa annotation.
  $xml_rdf_namespaces = array();
  foreach (module_invoke_all('rdf_namespaces') as $prefix => $uri) {
    $xml_rdf_namespaces[] = 'xmlns:' . $prefix . '="' . $uri . '"';
  }
  return implode("\n  ", $xml_rdf_namespaces);
}

Dries's avatar
Dries committed
280
/**
Dries's avatar
   
Dries committed
281
 * Add output to the head tag of the HTML page.
282
 *
Dries's avatar
   
Dries committed
283
 * This function can be called as long the headers aren't sent.
Dries's avatar
Dries committed
284
 */
285
function drupal_add_html_head($data = NULL) {
286
  $stored_head = &drupal_static(__FUNCTION__, '');
Dries's avatar
Dries committed
287
288

  if (!is_null($data)) {
289
    $stored_head .= $data . "\n";
Dries's avatar
Dries committed
290
291
292
293
  }
  return $stored_head;
}

Dries's avatar
   
Dries committed
294
295
296
/**
 * Retrieve output to be displayed in the head tag of the HTML page.
 */
Dries's avatar
Dries committed
297
function drupal_get_html_head() {
Dries's avatar
   
Dries committed
298
  $output = "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n";
299
  return $output . drupal_add_html_head();
Dries's avatar
Dries committed
300
301
}

Dries's avatar
   
Dries committed
302
/**
303
 * Reset the static variable which holds the aliases mapped for this request.
Dries's avatar
   
Dries committed
304
 */
305
306
function drupal_clear_path_cache() {
  drupal_lookup_path('wipe');
Dries's avatar
   
Dries committed
307
}
Kjartan's avatar
Kjartan committed
308

309
/**
310
311
 * Add a feed URL for the current page.
 *
312
313
 * This function can be called as long the HTML header hasn't been sent.
 *
314
 * @param $url
315
 *   A url for the feed.
316
 * @param $title
317
 *   The title of the feed.
318
 */
319
function drupal_add_feed($url = NULL, $title = '') {
320
  $stored_feed_links = &drupal_static(__FUNCTION__, array());
321

322
  if (!is_null($url) && !isset($stored_feed_links[$url])) {
323
    $stored_feed_links[$url] = theme('feed_icon', $url, $title);
324
325
326
327
328

    drupal_add_link(array('rel' => 'alternate',
                          'type' => 'application/rss+xml',
                          'title' => $title,
                          'href' => $url));
329
330
331
332
333
334
335
336
  }
  return $stored_feed_links;
}

/**
 * Get the feed URLs for the current page.
 *
 * @param $delimiter
337
 *   A delimiter to split feeds by.
338
339
340
341
342
343
 */
function drupal_get_feeds($delimiter = "\n") {
  $feeds = drupal_add_feed();
  return implode($feeds, $delimiter);
}

Dries's avatar
   
Dries committed
344
345
346
/**
 * @name HTTP handling
 * @{
Dries's avatar
   
Dries committed
347
 * Functions to properly handle HTTP responses.
Dries's avatar
   
Dries committed
348
349
 */

350
/**
351
 * Process a URL query parameter array to remove unwanted elements.
352
353
 *
 * @param $query
354
 *   (optional) An array to be processed. Defaults to $_GET.
355
 * @param $exclude
356
357
 *   (optional) A list of $query array keys to remove. Use "parent[child]" to
 *   exclude nested items. Defaults to array('q').
358
 * @param $parent
359
360
 *   Internal use only. Used to build the $query array key for nested items.
 *
361
 * @return
362
 *   An array containing query parameters, which can be used for url().
363
 */
364
365
366
367
368
369
370
371
372
373
374
375
function drupal_get_query_parameters(array $query = NULL, array $exclude = array('q'), $parent = '') {
  // Set defaults, if none given.
  if (!isset($query)) {
    $query = $_GET;
  }
  // If $exclude is empty, there is nothing to filter.
  if (empty($exclude)) {
    return $query;
  }
  elseif (!$parent) {
    $exclude = array_flip($exclude);
  }
376

377
  $params = array();
378
  foreach ($query as $key => $value) {
379
380
381
    $string_key = ($parent ? $parent . '[' . $key . ']' : $key);
    if (isset($exclude[$string_key])) {
      continue;
382
383
    }

384
385
386
387
388
    if (is_array($value)) {
      $params[$key] = drupal_get_query_parameters($value, $exclude, $string_key);
    }
    else {
      $params[$key] = $value;
389
    }
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
  }

  return $params;
}

/**
 * Parse an array into a valid, rawurlencoded query string.
 *
 * This differs from http_build_query() as we need to rawurlencode() (instead of
 * urlencode()) all query parameters.
 *
 * @param $query
 *   The query parameter array to be processed, e.g. $_GET.
 * @param $parent
 *   Internal use only. Used to build the $query array key for nested items.
 *
 * @return
 *   A rawurlencoded string which can be used as or appended to the URL query
 *   string.
 *
 * @see drupal_get_query_parameters()
 * @ingroup php_wrappers
 */
function drupal_http_build_query(array $query, $parent = '') {
  $params = array();

  foreach ($query as $key => $value) {
    $key = ($parent ? $parent . '[' . rawurlencode($key) . ']' : rawurlencode($key));
418

419
    // Recurse into children.
420
    if (is_array($value)) {
421
422
423
424
425
      $params[] = drupal_http_build_query($value, $key);
    }
    // If a query parameter value is NULL, only append its key.
    elseif (!isset($value)) {
      $params[] = $key;
426
427
    }
    else {
428
429
430
      // For better readability of paths in query strings, we decode slashes.
      // @see drupal_encode_path()
      $params[] = $key . '=' . str_replace('%2F', '/', rawurlencode($value));
431
432
433
434
435
436
    }
  }

  return implode('&', $params);
}

437
/**
438
 * Prepare a 'destination' URL query parameter for use in combination with drupal_goto().
439
 *
440
441
442
443
 * Used to direct the user back to the referring page after completing a form.
 * By default the current URL is returned. If a destination exists in the
 * previous request, that destination is returned. As such, a destination can
 * persist across multiple pages.
444
445
446
447
 *
 * @see drupal_goto()
 */
function drupal_get_destination() {
448
449
450
451
452
453
  $destination = &drupal_static(__FUNCTION__);

  if (isset($destination)) {
    return $destination;
  }

454
  if (isset($_GET['destination'])) {
455
    $destination = array('destination' => $_GET['destination']);
456
457
  }
  else {
458
459
    $path = $_GET['q'];
    $query = drupal_http_build_query(drupal_get_query_parameters());
460
    if ($query != '') {
461
      $path .= '?' . $query;
462
    }
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
    $destination = array('destination' => $path);
  }
  return $destination;
}

/**
 * Wrapper around parse_url() to parse a given URL into an associative array, suitable for url().
 *
 * The returned array contains a 'path' that may be passed separately to url().
 * For example:
 * @code
 *   $options = drupal_parse_url($_GET['destination']);
 *   $my_url = url($options['path'], $options);
 *   $my_link = l('Example link', $options['path'], $options);
 * @endcode
 *
 * This is required, because url() does not support relative URLs containing a
 * query string or fragment in its $path argument. Instead, any query string
 * needs to be parsed into an associative query parameter array in
 * $options['query'] and the fragment into $options['fragment'].
 *
 * @param $url
 *   The URL string to parse, f.e. $_GET['destination'].
 *
 * @return
 *   An associative array containing the keys:
 *   - 'path': The path of the URL. If the given $url is external, this includes
 *     the scheme and host.
 *   - 'query': An array of query parameters of $url, if existent.
 *   - 'fragment': The fragment of $url, if existent.
 *
 * @see url()
 * @see drupal_goto()
 * @ingroup php_wrappers
 */
function drupal_parse_url($url) {
  $options = array(
    'path' => NULL,
    'query' => array(),
    'fragment' => '',
  );

  // External URLs: not using parse_url() here, so we do not have to rebuild
  // the scheme, host, and path without having any use for it.
  if (strpos($url, '://') !== FALSE) {
    // Split off everything before the query string into 'path'.
    $parts = explode('?', $url);
    $options['path'] = $parts[0];
    // If there is a query string, transform it into keyed query parameters.
    if (isset($parts[1])) {
      $query_parts = explode('#', $parts[1]);
      parse_str($query_parts[0], $options['query']);
      // Take over the fragment, if there is any.
      if (isset($query_parts[1])) {
        $options['fragment'] = $query_parts[1];
      }
    }
  }
  // Internal URLs.
  else {
    $parts = parse_url($url);
    $options['path'] = $parts['path'];
    if (isset($parts['query'])) {
      parse_str($parts['query'], $options['query']);
    }
    if (isset($parts['fragment'])) {
      $options['fragment'] = $parts['fragment'];
    }
  }

  return $options;
}

/**
 * Encode a path for usage in a URL.
 *
 * Wrapper around rawurlencode() which avoids Apache quirks. Should be used when
 * placing arbitrary data into the path component of an URL.
 *
 * Do not use this function to pass a path to url(). url() properly handles
 * and encodes paths internally.
 * This function should only be used on paths, not on query string arguments.
 * Otherwise, unwanted double encoding will occur.
 *
 * Notes:
 * - For esthetic reasons, we do not escape slashes. This also avoids a 'feature'
 *   in Apache where it 404s on any path containing '%2F'.
 * - mod_rewrite unescapes %-encoded ampersands, hashes, and slashes when clean
 *   URLs are used, which are interpreted as delimiters by PHP. These
 *   characters are double escaped so PHP will still see the encoded version.
 * - With clean URLs, Apache changes '//' to '/', so every second slash is
 *   double escaped.
 *
 * @param $path
 *   The URL path component to encode.
 */
function drupal_encode_path($path) {
  if (!empty($GLOBALS['conf']['clean_url'])) {
    return str_replace(array('%2F', '%26', '%23', '//'),
                       array('/', '%2526', '%2523', '/%252F'),
                       rawurlencode($path)
    );
  }
  else {
    return str_replace('%2F', '/', rawurlencode($path));
568
569
570
  }
}

Kjartan's avatar
Kjartan committed
571
/**
Dries's avatar
   
Dries committed
572
 * Send the user to a different Drupal page.
Kjartan's avatar
Kjartan committed
573
 *
Dries's avatar
   
Dries committed
574
575
 * This issues an on-site HTTP redirect. The function makes sure the redirected
 * URL is formatted correctly.
Kjartan's avatar
Kjartan committed
576
 *
577
 * Usually the redirected URL is constructed from this function's input
578
 * parameters. However you may override that behavior by setting a
579
 * destination in either the $_REQUEST-array (i.e. by using
580
 * the query string of an URI) This is used to direct the user back to
581
 * the proper page after completing a form. For example, after editing
582
 * a post on the 'admin/content'-page or after having logged on using the
583
 * 'user login'-block in a sidebar. The function drupal_get_destination()
584
585
 * can be used to help set the destination URL.
 *
586
587
 * Drupal will ensure that messages set by drupal_set_message() and other
 * session data are written to the database before the user is redirected.
Dries's avatar
   
Dries committed
588
 *
589
 * This function ends the request; use it instead of a return in your menu callback.
Dries's avatar
   
Dries committed
590
591
 *
 * @param $path
592
 *   A Drupal path or a full URL.
Dries's avatar
   
Dries committed
593
 * @param $query
594
 *   A query string component, if any.
Dries's avatar
   
Dries committed
595
 * @param $fragment
596
 *   A destination fragment identifier (named anchor).
597
598
599
600
601
602
603
604
 * @param $http_response_code
 *   Valid values for an actual "goto" as per RFC 2616 section 10.3 are:
 *   - 301 Moved Permanently (the recommended value for most redirects)
 *   - 302 Found (default in Drupal and PHP, sometimes used for spamming search
 *         engines)
 *   - 303 See Other
 *   - 304 Not Modified
 *   - 305 Use Proxy
605
 *   - 307 Temporary Redirect (alternative to "503 Site Down for Maintenance")
606
 *   Note: Other values are defined by RFC 2616, but are rarely used and poorly
607
 *   supported.
608
 * @see drupal_get_destination()
Kjartan's avatar
Kjartan committed
609
 */
610
function drupal_goto($path = '', array $query = array(), $fragment = NULL, $http_response_code = 302) {
611
  if (isset($_GET['destination'])) {
612
    extract(drupal_parse_url(urldecode($_GET['destination'])));
613
614
  }

615
616
617
618
619
620
621
622
  $args = array(
    'path' => &$path,
    'query' => &$query,
    'fragment' => &$fragment,
    'http_response_code' => &$http_response_code,
  );
  drupal_alter('drupal_goto', $args);

623
  $url = url($path, array('query' => $query, 'fragment' => $fragment, 'absolute' => TRUE));
Kjartan's avatar
Kjartan committed
624

625
  // Allow modules to react to the end of the page request before redirecting.
626
  // We do not want this while running update.php.
627
  if (!defined('MAINTENANCE_MODE') || MAINTENANCE_MODE != 'update') {
628
629
    module_invoke_all('exit', $url);
  }
Dries's avatar
   
Dries committed
630

631
632
633
  // Commit the session, if necessary. We need all session data written to the
  // database before redirecting.
  drupal_session_commit();
634

635
  header('Location: ' . $url, TRUE, $http_response_code);
636
637

  // The "Location" header sends a redirect status code to the HTTP daemon. In
638
639
  // some cases this can be wrong, so we make sure none of the code below the
  // drupal_goto() call gets executed upon redirection.
Kjartan's avatar
Kjartan committed
640
641
642
  exit();
}

643
/**
644
 * Generates a site offline message.
645
646
 */
function drupal_site_offline() {
647
  drupal_maintenance_theme();
648
  drupal_add_http_header('503 Service unavailable');
649
650
  drupal_set_title(t('Site under maintenance'));
  print theme('maintenance_page', filter_xss_admin(variable_get('maintenance_mode_message',
651
    t('@site is currently under maintenance. We should be back shortly. Thank you for your patience.', array('@site' => variable_get('site_name', 'Drupal'))))));
652
653
}

Kjartan's avatar
Kjartan committed
654
655
656
/**
 * Generates a 404 error if the request can not be handled.
 */
Dries's avatar
   
Dries committed
657
function drupal_not_found() {
658
  drupal_add_http_header('404 Not Found');
659

660
  watchdog('page not found', check_plain($_GET['q']), NULL, WATCHDOG_WARNING);
661

662
  // Keep old path for reference, and to allow forms to redirect to it.
663
664
  if (!isset($_GET['destination'])) {
    $_GET['destination'] = $_GET['q'];
665
666
  }

Dries's avatar
   
Dries committed
667
  $path = drupal_get_normal_path(variable_get('site_404', ''));
drumm's avatar
drumm committed
668
  if ($path && $path != $_GET['q']) {
669
670
    // Custom 404 handler. Set the active item in case there are tabs to
    // display, or other dependencies on the path.
671
    menu_set_active_item($path);
672
    $return = menu_execute_active_handler($path);
673
  }
Dries's avatar
   
Dries committed
674

675
  if (empty($return) || $return == MENU_NOT_FOUND || $return == MENU_ACCESS_DENIED) {
676
    // Standard 404 handler.
drumm's avatar
drumm committed
677
    drupal_set_title(t('Page not found'));
678
    $return = t('The requested page could not be found.');
Dries's avatar
   
Dries committed
679
  }
680

681
682
  drupal_set_page_content($return);
  $page = element_info('page');
683
  print drupal_render_page($page);
Dries's avatar
   
Dries committed
684
}
Dries's avatar
   
Dries committed
685

Dries's avatar
   
Dries committed
686
687
688
689
/**
 * Generates a 403 error if the request is not allowed.
 */
function drupal_access_denied() {
690
  drupal_add_http_header('403 Forbidden');
691
  watchdog('access denied', check_plain($_GET['q']), NULL, WATCHDOG_WARNING);
Dries's avatar
   
Dries committed
692

693
  // Keep old path for reference, and to allow forms to redirect to it.
694
695
  if (!isset($_GET['destination'])) {
    $_GET['destination'] = $_GET['q'];
696
697
  }

Dries's avatar
   
Dries committed
698
  $path = drupal_get_normal_path(variable_get('site_403', ''));
drumm's avatar
drumm committed
699
  if ($path && $path != $_GET['q']) {
700
701
    // Custom 403 handler. Set the active item in case there are tabs to
    // display or other dependencies on the path.
702
    menu_set_active_item($path);
703
    $return = menu_execute_active_handler($path);
704
  }
Dries's avatar
   
Dries committed
705

706
  if (empty($return) || $return == MENU_NOT_FOUND || $return == MENU_ACCESS_DENIED) {
707
    // Standard 403 handler.
drumm's avatar
drumm committed
708
709
    drupal_set_title(t('Access denied'));
    $return = t('You are not authorized to access this page.');
Dries's avatar
   
Dries committed
710
  }
711
712

  print drupal_render_page($return);
Dries's avatar
   
Dries committed
713
714
}

Dries's avatar
   
Dries committed
715
/**
Dries's avatar
   
Dries committed
716
 * Perform an HTTP request.
Dries's avatar
   
Dries committed
717
 *
718
719
 * This is a flexible and powerful HTTP client implementation. Correctly
 * handles GET, POST, PUT or any other HTTP requests. Handles redirects.
Dries's avatar
   
Dries committed
720
721
722
 *
 * @param $url
 *   A string containing a fully qualified URI.
723
724
725
726
727
728
729
730
731
732
733
 * @param $options
 *   (optional) An array which can have one or more of following keys:
 *   - headers
 *       An array containing request headers to send as name/value pairs.
 *   - method
 *       A string containing the request method. Defaults to 'GET'.
 *   - data
 *       A string containing the request body. Defaults to NULL.
 *   - max_redirects
 *       An integer representing how many times a redirect may be followed.
 *       Defaults to 3.
734
735
736
737
 *   - timeout
 *       A float representing the maximum number of seconds the function call
 *       may take. The default is 30 seconds. If a timeout occurs, the error
 *       code is set to the HTTP_REQUEST_TIMEOUT constant.
Dries's avatar
   
Dries committed
738
 * @return
739
740
741
742
743
744
 *   An object which can have one or more of the following parameters:
 *   - request
 *       A string containing the request body that was sent.
 *   - code
 *       An integer containing the response status code, or the error code if
 *       an error occurred.
745
 *   - protocol
746
 *       The response protocol (e.g. HTTP/1.1 or HTTP/1.0).
747
 *   - status_message
748
 *       The status message from the response, if a response was received.
749
750
751
752
753
 *   - redirect_code
 *       If redirected, an integer containing the initial response status code.
 *   - redirect_url
 *       If redirected, a string containing the redirection location.
 *   - error
754
 *       If an error occurred, the error message. Otherwise not set.
755
756
757
758
 *   - headers
 *       An array containing the response headers as name/value pairs.
 *   - data
 *       A string containing the response body that was received.
Dries's avatar
   
Dries committed
759
 */
760
function drupal_http_request($url, array $options = array()) {
761
  global $db_prefix;
762

763
  $result = new stdClass();
Dries's avatar
   
Dries committed
764

765
  // Parse the URL and make sure we can handle the schema.
766
  $uri = @parse_url($url);
767

768
769
  if ($uri == FALSE) {
    $result->error = 'unable to parse URL';
770
    $result->code = -1001;
771
772
773
    return $result;
  }

774
775
  if (!isset($uri['scheme'])) {
    $result->error = 'missing schema';
776
    $result->code = -1002;
777
778
779
    return $result;
  }

780
781
782
783
784
785
786
787
788
789
790
  timer_start(__FUNCTION__);

  // Merge the default options.
  $options += array(
    'headers' => array(),
    'method' => 'GET',
    'data' => NULL,
    'max_redirects' => 3,
    'timeout' => 30,
  );

Dries's avatar
   
Dries committed
791
792
  switch ($uri['scheme']) {
    case 'http':
Dries's avatar
Dries committed
793
      $port = isset($uri['port']) ? $uri['port'] : 80;
794
      $host = $uri['host'] . ($port != 80 ? ':' . $port : '');
795
      $fp = @fsockopen($uri['host'], $port, $errno, $errstr, $options['timeout']);
Dries's avatar
   
Dries committed
796
797
      break;
    case 'https':
798
      // Note: Only works when PHP is compiled with OpenSSL support.
Dries's avatar
Dries committed
799
      $port = isset($uri['port']) ? $uri['port'] : 443;
800
      $host = $uri['host'] . ($port != 443 ? ':' . $port : '');
801
      $fp = @fsockopen('ssl://' . $uri['host'], $port, $errno, $errstr, $options['timeout']);
Dries's avatar
   
Dries committed
802
803
      break;
    default:
804
      $result->error = 'invalid schema ' . $uri['scheme'];
805
      $result->code = -1003;
Dries's avatar
   
Dries committed
806
807
808
      return $result;
  }

Dries's avatar
   
Dries committed
809
  // Make sure the socket opened properly.
Dries's avatar
   
Dries committed
810
  if (!$fp) {
811
812
    // When a network error occurs, we use a negative number so it does not
    // clash with the HTTP status codes.
813
814
    $result->code = -$errno;
    $result->error = trim($errstr);
815
816
817
818
819
820
821

    // Mark that this request failed. This will trigger a check of the web
    // server's ability to make outgoing HTTP requests the next time that
    // requirements checking is performed.
    // @see system_requirements()
    variable_set('drupal_http_request_fails', TRUE);

Dries's avatar
   
Dries committed
822
823
824
    return $result;
  }

Dries's avatar
   
Dries committed
825
  // Construct the path to act on.
Dries's avatar
Dries committed
826
827
  $path = isset($uri['path']) ? $uri['path'] : '/';
  if (isset($uri['query'])) {
828
    $path .= '?' . $uri['query'];
Dries's avatar
   
Dries committed
829
830
  }

831
832
833
  // Merge the default headers.
  $options['headers'] += array(
    'User-Agent' => 'Drupal (+http://drupal.org/)',
Dries's avatar
   
Dries committed
834
835
  );

836
837
838
839
840
  // RFC 2616: "non-standard ports MUST, default ports MAY be included".
  // We don't add the standard port to prevent from breaking rewrite rules
  // checking the host that do not take into account the port number.
  $options['headers']['Host'] = $host;

841
842
843
844
  // Only add Content-Length if we actually have any content or if it is a POST
  // or PUT request. Some non-standard servers get confused by Content-Length in
  // at least HEAD/GET requests, and Squid always requires Content-Length in
  // POST/PUT requests.
845
846
847
  $content_length = strlen($options['data']);
  if ($content_length > 0 || $options['method'] == 'POST' || $options['method'] == 'PUT') {
    $options['headers']['Content-Length'] = $content_length;
848
849
850
  }

  // If the server URL has a user then attempt to use basic authentication.
851
  if (isset($uri['user'])) {
852
    $options['headers']['Authorization'] = 'Basic ' . base64_encode($uri['user'] . (!empty($uri['pass']) ? ":" . $uri['pass'] : ''));
853
854
  }

855
856
857
858
859
860
  // If the database prefix is being used by SimpleTest to run the tests in a copied
  // database then set the user-agent header to the database prefix so that any
  // calls to other Drupal pages will run the SimpleTest prefixed database. The
  // user-agent is used to ensure that multiple testing sessions running at the
  // same time won't interfere with each other as they would if the database
  // prefix were stored statically in a file or database variable.
861
862
  if (is_string($db_prefix) && preg_match("/simpletest\d+/", $db_prefix, $matches)) {
    $options['headers']['User-Agent'] = drupal_generate_test_ua($matches[0]);
863
864
  }

865
  $request = $options['method'] . ' ' . $path . " HTTP/1.0\r\n";
866
  foreach ($options['headers'] as $name => $value) {
867
    $request .= $name . ': ' . trim($value) . "\r\n";
Dries's avatar
   
Dries committed
868
  }
869
  $request .= "\r\n" . $options['data'];
Dries's avatar
   
Dries committed
870
871
872
873
874
  $result->request = $request;

  fwrite($fp, $request);

  // Fetch response.
875
  $response = '';
876
877
878
879
880
881
882
883
884
885
  while (!feof($fp)) {
    // Calculate how much time is left of the original timeout value.
    $timeout = $options['timeout'] - timer_read(__FUNCTION__) / 1000;
    if ($timeout <= 0) {
      $result->code = HTTP_REQUEST_TIMEOUT;
      $result->error = 'request timed out';
      return $result;
    }
    stream_set_timeout($fp, floor($timeout), floor(1000000 * fmod($timeout, 1)));
    $response .= fread($fp, 1024);
Dries's avatar
   
Dries committed
886
887
888
  }
  fclose($fp);

889
890
891
  // Parse response headers from the response body.
  list($response, $result->data) = explode("\r\n\r\n", $response, 2);
  $response = preg_split("/\r\n|\n|\r/", $response);
892

893
  // Parse the response status line.
894
895
896
897
  list($protocol, $code, $status_message) = explode(' ', trim(array_shift($response)), 3);
  $result->protocol = $protocol;
  $result->status_message = $status_message;

Dries's avatar
   
Dries committed
898
899
  $result->headers = array();

900
901
  // Parse the response headers.
  while ($line = trim(array_shift($response))) {
Dries's avatar
   
Dries committed
902
    list($header, $value) = explode(':', $line, 2);
903
904
905
    if (isset($result->headers[$header]) && $header == 'Set-Cookie') {
      // RFC 2109: the Set-Cookie response header comprises the token Set-
      // Cookie:, followed by a comma-separated list of one or more cookies.
906
      $result->headers[$header] .= ',' . trim($value);
907
908
909
910
    }
    else {
      $result->headers[$header] = trim($value);
    }
Dries's avatar
   
Dries committed
911
912
913
  }

  $responses = array(
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
    100 => 'Continue',
    101 => 'Switching Protocols',
    200 => 'OK',
    201 => 'Created',
    202 => 'Accepted',
    203 => 'Non-Authoritative Information',
    204 => 'No Content',
    205 => 'Reset Content',
    206 => 'Partial Content',
    300 => 'Multiple Choices',
    301 => 'Moved Permanently',
    302 => 'Found',
    303 => 'See Other',
    304 => 'Not Modified',
    305 => 'Use Proxy',
    307 => 'Temporary Redirect',
    400 => 'Bad Request',
    401 => 'Unauthorized',
    402 => 'Payment Required',
    403 => 'Forbidden',
    404 => 'Not Found',
    405 => 'Method Not Allowed',
    406 => 'Not Acceptable',
    407 => 'Proxy Authentication Required',
    408 => 'Request Time-out',
    409 => 'Conflict',
    410 => 'Gone',
    411 => 'Length Required',
    412 => 'Precondition Failed',
    413 => 'Request Entity Too Large',
    414 => 'Request-URI Too Large',
    415 => 'Unsupported Media Type',
    416 => 'Requested range not satisfiable',
    417 => 'Expectation Failed',
    500 => 'Internal Server Error',
    501 => 'Not Implemented',
    502 => 'Bad Gateway',
    503 => 'Service Unavailable',
    504 => 'Gateway Time-out',
    505 => 'HTTP Version not supported',
Dries's avatar
   
Dries committed
954
  );
955
956
  // RFC 2616 states that all unknown HTTP codes must be treated the same as the
  // base code in their class.
Dries's avatar
   
Dries committed
957
958
959
  if (!isset($responses[$code])) {
    $code = floor($code / 100) * 100;
  }
960
  $result->code = $code;
Dries's avatar
   
Dries committed
961
962
963
964
965
966
967
968
969

  switch ($code) {
    case 200: // OK
    case 304: // Not modified
      break;
    case 301: // Moved permanently
    case 302: // Moved temporarily
    case 307: // Moved temporarily
      $location = $result->headers['Location'];
970
971
972
973
974
975
      $options['timeout'] -= timer_read(__FUNCTION__) / 1000;
      if ($options['timeout'] <= 0) {
        $result->code = HTTP_REQUEST_TIMEOUT;
        $result->error = 'request timed out';
      }
      elseif ($options['max_redirects']) {
976
977
978
        // Redirect to the new location.
        $options['max_redirects']--;
        $result = drupal_http_request($location, $options);
979
        $result->redirect_code = $code;
Dries's avatar
   
Dries committed
980
981
982
983
      }
      $result->redirect_url = $location;
      break;
    default:
984
      $result->error = $status_message;
Dries's avatar
   
Dries committed
985
986
987
988
  }

  return $result;
}
Dries's avatar
   
Dries committed
989
990
991
/**
 * @} End of "HTTP handling".
 */
Dries's avatar
   
Dries committed
992

Dries's avatar
   
Dries committed
993
/**
994
 * Custom PHP error handler.
995
 *
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
 * @param $error_level
 *   The level of the error raised.
 * @param $message
 *   The error message.
 * @param $filename
 *   The filename that the error was raised in.
 * @param $line
 *   The line number the error was raised at.
 * @param $context
 *   An array that points to the active symbol table at the point the error occurred.
 */
function _drupal_error_handler($error_level, $message, $filename, $line, $context) {
  if ($error_level & error_reporting()) {
    // All these constants are documented at http://php.net/manual/en/errorfunc.constants.php
    $types = array(
      E_ERROR => 'Error',
      E_WARNING => 'Warning',
      E_PARSE => 'Parse error',
      E_NOTICE => 'Notice',
      E_CORE_ERROR => 'Core error',
      E_CORE_WARNING => 'Core warning',
      E_COMPILE_ERROR => 'Compile error',
      E_COMPILE_WARNING => 'Compile warning',
      E_USER_ERROR => 'User error',
      E_USER_WARNING => 'User warning',
      E_USER_NOTICE => 'User notice',
      E_STRICT => 'Strict warning',
      E_RECOVERABLE_ERROR => 'Recoverable fatal error'
    );
1025
1026
    $caller = _drupal_get_last_caller(debug_backtrace());

1027
    // We treat recoverable errors as fatal.
1028
1029
1030
1031
1032
1033
1034
    _drupal_log_error(array(
      '%type' => isset($types[$error_level]) ? $types[$error_level] : 'Unknown error',
      '%message' => $message,
      '%function' => $caller['function'],
      '%file' => $caller['file'],
      '%line' => $caller['line'],
    ), $error_level == E_RECOVERABLE_ERROR);
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
  }
}

/**
 * Custom PHP exception handler.
 *
 * Uncaught exceptions are those not enclosed in a try/catch block. They are
 * always fatal: the execution of the script will stop as soon as the exception
 * handler exits.
 *
 * @param $exception
 *   The exception object that was thrown.
Dries's avatar
   
Dries committed
1047
 */
1048
function _drupal_exception_handler($exception) {
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
  // Log the message to the watchdog and return an error page to the user.
  _drupal_log_error(_drupal_decode_exception($exception), TRUE);
}

/**
 * Decode an exception, especially to retrive the correct caller.
 *
 * @param $exception
 *   The exception object that was thrown.
 * @return An error in the format expected by _drupal_log_error().
 */
function _drupal_decode_exception($exception) {
1061
1062
  $message = $exception->getMessage();

1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
  $backtrace = $exception->getTrace();
  // Add the line throwing the exception to the backtrace.
  array_unshift($backtrace, array('line' => $exception->getLine(), 'file' => $exception->getFile()));

  // For PDOException errors, we try to return the initial caller,
  // skipping internal functions of the database layer.
  if ($exception instanceof PDOException) {
    // The first element in the stack is the call, the second element gives us the caller.
    // We skip calls that occurred in one of the classes of the database layer
    // or in one of its global functions.
1073
    $db_functions = array('db_query',  'db_query_range');
1074
    while (!empty($backtrace[1]) && ($caller = $backtrace[1]) &&
1075
        ((isset($caller['class']) && (strpos($caller['class'], 'Query') !== FALSE || strpos($caller['class'], 'Database') !== FALSE || strpos($caller['class'], 'PDO') !== FALSE)) ||
1076
        in_array($caller['function'], $db_functions))) {
1077
1078
1079
      // We remove that call.
      array_shift($backtrace);
    }
1080
1081
1082
    if (isset($exception->query_string, $exception->args)) {
      $message .= ": " . $exception->query_string . "; " . print_r($exception->args, TRUE);
    }
1083
  }
1084
  $caller = _drupal_get_last_caller($backtrace);
1085

1086
1087
  return array(
    '%type' => get_class($exception),
1088
    '%message' => $message,
1089
1090
1091
1092
    '%function' => $caller['function'],
    '%file' => $caller['file'],
    '%line' => $caller['line'],
  );
1093
}
1094

1095
1096
1097
/**
 * Log a PHP error or exception, display an error page in fatal cases.
 *
1098
1099
 * @param $error
 *   An array with the following keys: %type, %message, %function, %file, %line.
1100
1101
1102
 * @param $fatal
 *   TRUE if the error is fatal.
 */
1103
function _drupal_log_error($error, $fatal = FALSE) {
1104
  // Initialize a maintenance theme if the boostrap was not complete.
1105
  // Do it early because drupal_set_message() triggers a drupal_theme_initialize().
1106
1107
  if ($fatal && (drupal_get_bootstrap_phase() != DRUPAL_BOOTSTRAP_FULL)) {
    unset($GLOBALS['theme']);
1108
1109
1110
    if (!defined('MAINTENANCE_MODE')) {
      define('MAINTENANCE_MODE', 'error');
    }
1111
1112
    drupal_maintenance_theme();
  }
1113

1114
1115
  // When running inside the testing framework, we relay the errors
  // to the tested site by the way of HTTP headers.
1116
  if (isset($_SERVER['HTTP_USER_AGENT']) && preg_match("/^simpletest\d+;/", $_SERVER['HTTP_USER_AGENT']) && !headers_sent() && (!defined('SIMPLETEST_COLLECT_ERRORS') || SIMPLETEST_COLLECT_ERRORS)) {
1117
1118
    // $number does not use drupal_static as it should not be reset
    // as it uniquely identifies each PHP error.
1119
1120
    static $number = 0;
    $assertion = array(
1121
1122
      $error['%message'],
      $error['%type'],
1123
1124
1125
1126
1127
      array(
        'function' => $error['%function'],
        'file' => $error['%file'],
        'line' => $error['%line'],
      ),
1128
1129
1130
1131
1132
    );
    header('X-Drupal-Assertion-' . $number . ': ' . rawurlencode(serialize($assertion)));
    $number++;
  }

1133
1134
1135
1136
  try {
    watchdog('php', '%type: %message in %function (line %line of %file).', $error, WATCHDOG_ERROR);
  }
  catch (Exception $e) {
1137
1138
    // Ignore any additional watchdog exception, as that probably means
    // that the database was not initialized correctly.
1139
  }
Dries's avatar
   
Dries committed
1140

1141
  if ($fatal) {
1142
    drupal_add_http_header('500 Service unavailable (with message)');
1143
1144
1145
1146
1147
1148
1149
  }

  if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest') {
    if ($fatal) {
      // When called from JavaScript, simply output the error message.
      print t('%type: %message in %function (line %line of %file).', $error);
      exit;
Dries's avatar
Dries committed
1150
    }
1151
1152
1153
1154
1155
1156
1157
  }
  else {
    // Display the message if the current error reporting level allows this type
    // of message to be displayed, and unconditionnaly in update.php.
    $error_level = variable_get('error_level', ERROR_REPORTING_DISPLAY_ALL);
    $display_error = $error_level == ERROR_REPORTING_DISPLAY_ALL || ($error_level == ERROR_REPORTING_DISPLAY_SOME && $error['%type'] != 'Notice');
    if ($display_error || (defined('MAINTENANCE_MODE') && MAINTENANCE_MODE == 'update')) {
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
      $class = 'error';

      // If error type is 'User notice' then treat it as debug information
      // instead of an error message, see dd().
      if ($error['%type'] == 'User notice') {
        $error['%type'] = 'Debug';
        $class = 'status';
      }

      drupal_set_message(t('%type: %message in %function (line %line of %file).', $error), $class);
1168
1169
1170
1171
1172
1173
    }

    if ($fatal) {
      drupal_set_title(t('Error'));
      // We fallback to a maintenance page at this point, because the page generation
      // itself can generate errors.
1174
      print theme('maintenance_page', t('The website encountered an unexpected error. Please try again later.'));
1175
      exit;
1176
    }
Dries's avatar
   
Dries committed
1177
1178
1179
  }
}

1180
/**
1181
 * Gets the last caller from a backtrace.
1182
1183
1184
1185
1186
1187
1188
 *
 * @param $backtrace
 *   A standard PHP backtrace.
 * @return
 *   An associative array with keys 'file', 'line' and 'function'.
 */
function _drupal_get_last_caller($backtrace) {
1189
1190
1191
1192
1193
  // Errors that occur inside PHP internal functions do not generate
  // information about file and line. Ignore black listed functions.
  $blacklist = array('debug');
  while (($backtrace && !isset($backtrace[0]['line'])) ||
         (isset($backtrace[1]['function']) && in_array($backtrace[1]['function'], $blacklist))) {
1194
1195
1196
    array_shift($backtrace);
  }

1197
1198
1199
  // The first trace is the call itself.
  // It gives us the line and the file of the last call.
  $call = $backtrace[0];
1200

1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
  // The second call give us the function where the call originated.
  if (isset($backtrace[1])) {
    if (isset($backtrace[1]['class'])) {
      $call['function'] = $backtrace[1]['class'] . $backtrace[1]['type'] . $backtrace[1]['function'] . '()';
    }
    else {
      $call['function'] = $backtrace[1]['function'] . '()';
    }
  }
  else {
    $call['function'] = 'main()';
  }
  return $call;
}

Dries's avatar
   
Dries committed
1216
function _fix_gpc_magic(&$item) {
Dries's avatar
Dries committed
1217
  if (is_array($item)) {
Kjartan's avatar
Kjartan committed
1218
1219
1220
    array_walk($item, '_fix_gpc_magic');
  }
  else {
Kjartan's avatar