system.module 61.6 KB
Newer Older
Dries's avatar
 
Dries committed
1 2
<?php

Dries's avatar
 
Dries committed
3 4 5 6 7
/**
 * @file
 * Configuration system that lets administrators modify the workings of the site.
 */

8
use Drupal\Component\Render\PlainTextOutput;
9
use Drupal\Component\Utility\UrlHelper;
10
use Drupal\Core\Asset\AttachedAssetsInterface;
11
use Drupal\Core\Cache\Cache;
12
use Drupal\Core\Queue\QueueGarbageCollectionInterface;
13
use Drupal\Core\Database\Query\AlterableInterface;
14
use Drupal\Core\Extension\Extension;
15
use Drupal\Core\Extension\ExtensionDiscovery;
16
use Drupal\Core\Form\FormStateInterface;
17
use Drupal\Core\KeyValueStore\KeyValueDatabaseExpirableFactory;
18
use Drupal\Core\PageCache\RequestPolicyInterface;
19
use Drupal\Core\PhpStorage\PhpStorageFactory;
20
use Drupal\Core\Routing\RouteMatchInterface;
21
use Drupal\Core\Routing\StackedRouteMatchInterface;
22
use Drupal\Core\Language\LanguageInterface;
23
use Drupal\Core\Menu\MenuTreeParameters;
24
use Drupal\Core\Extension\ModuleHandler;
25
use Drupal\Core\Url;
26
use Drupal\Core\Block\BlockPluginInterface;
27
use Drupal\user\UserInterface;
28
use Symfony\Component\HttpFoundation\RedirectResponse;
29
use GuzzleHttp\Exception\RequestException;
30

31 32
/**
 * New users will be set to the default time zone at registration.
33 34 35
 *
 * @deprecated in Drupal 8.3.x and will be removed before Drupal 9.0.0.
 *   Use \Drupal\user\UserInterface::TIMEZONE_DEFAULT instead.
36
 */
37
const DRUPAL_USER_TIMEZONE_DEFAULT = 0;
38 39 40

/**
 * New users will get an empty time zone at registration.
41 42 43
 *
 * @deprecated in Drupal 8.3.x and will be removed before Drupal 9.0.0.
 *   Use \Drupal\user\UserInterface::TIMEZONE_EMPTY instead.
44
 */
45
const DRUPAL_USER_TIMEZONE_EMPTY = 1;
46 47 48

/**
 * New users will select their own timezone at registration.
49 50 51
 *
 * @deprecated in Drupal 8.3.x and will be removed before Drupal 9.0.0.
 *   Use \Drupal\user\UserInterface::TIMEZONE_SELECT instead.
52
 */
53
const DRUPAL_USER_TIMEZONE_SELECT = 2;
54

55
/**
56 57
 * Disabled option on forms and settings
 */
58
const DRUPAL_DISABLED = 0;
59 60 61 62

/**
 * Optional option on forms and settings
 */
63
const DRUPAL_OPTIONAL = 1;
64 65 66 67

/**
 * Required option on forms and settings
 */
68
const DRUPAL_REQUIRED = 2;
69

70
/**
71
 * Return only visible regions.
72
 *
73 74 75
 * @deprecated in Drupal 8.3.x and will be removed before Drupal 9.0.0.
 *   Use \Drupal\block\BlockRepositoryInterface::REGIONS_VISIBLE instead.
 *
76
 * @see system_region_list()
77
 */
78
const REGIONS_VISIBLE = 'visible';
79 80

/**
81
 * Return all regions.
82
 *
83 84 85
 * @deprecated in Drupal 8.3.x and will be removed before Drupal 9.0.0.
 *   Use \Drupal\block\BlockRepositoryInterface::REGIONS_ALL instead.
 *
86
 * @see system_region_list()
87
 */
88
const REGIONS_ALL = 'all';
89

Dries's avatar
 
Dries committed
90
/**
91
 * Implements hook_help().
Dries's avatar
 
Dries committed
92
 */
93
function system_help($route_name, RouteMatchInterface $route_match) {
94 95
  switch ($route_name) {
    case 'help.page.system':
96 97
      $output = '';
      $output .= '<h3>' . t('About') . '</h3>';
98
      $output .= '<p>' . t('The System module is integral to the site: it provides user interfaces for many core systems and settings, as well as the basic administrative menu structure. For more information, see the <a href=":system">online documentation for the System module</a>.', [':system' => 'https://www.drupal.org/documentation/modules/system']) . '</p>';
99 100 101
      $output .= '<h3>' . t('Uses') . '</h3>';
      $output .= '<dl>';
      $output .= '<dt>' . t('Managing modules') . '</dt>';
102
      $output .= '<dd>' . t('Users with appropriate permission can install and uninstall modules from the <a href=":modules">Extend page</a>. Depending on which distribution or installation profile you choose when you install your site, several modules are installed and others are provided but not installed. Each module provides a discrete set of features; modules may be installed or uninstalled depending on the needs of the site. Many additional modules contributed by members of the Drupal community are available for download from the <a href=":drupal-modules">Drupal.org module page</a>. Note that uninstalling a module is a destructive action: when you uninstall a module, you will permanently lose all data connected to the module.', [':modules' => \Drupal::url('system.modules_list'), ':drupal-modules' => 'https://www.drupal.org/project/modules']) . '</dd>';
103
      $output .= '<dt>' . t('Managing themes') . '</dt>';
104
      $output .= '<dd>' . t('Users with appropriate permission can install and uninstall themes on the <a href=":themes">Appearance page</a>. Themes determine the design and presentation of your site. Depending on which distribution or installation profile you choose when you install your site, a default theme is installed, and possibly a different theme for administration pages. Other themes are provided but not installed, and additional contributed themes are available at the <a href=":drupal-themes">Drupal.org theme page</a>.', [':themes' => \Drupal::url('system.themes_page'), ':drupal-themes' => 'https://www.drupal.org/project/themes']) . '</dd>';
105
      $output .= '<dt>' . t('Disabling drag-and-drop functionality') . '</dt>';
106 107
      $output .= '<dd>' . t('The default drag-and-drop user interface for ordering tables in the administrative interface presents a challenge for some users, including users of screen readers and other assistive technology. The drag-and-drop interface can be disabled in a table by clicking a link labeled "Show row weights" above the table. The replacement interface allows users to order the table by choosing numerical weights instead of dragging table rows.') . '</dd>';
      $output .= '<dt>' . t('Configuring basic site settings') . '</dt>';
108
      $output .= '<dd>' . t('The System module provides pages for managing basic site configuration, including <a href=":date-time-settings">Date and time formats</a> and <a href=":site-info">Basic site settings</a> (site name, email address to send mail from, home page, and error pages). Additional configuration pages are listed on the main <a href=":config">Configuration page</a>.', [':date-time-settings' => \Drupal::url('entity.date_format.collection'), ':site-info' => \Drupal::url('system.site_information_settings'), ':config' => \Drupal::url('system.admin_config')]) . '</dd>';
109
      $output .= '<dt>' . t('Checking site status') . '</dt>';
110
      $output .= '<dd>' . t('The <a href=":status">Status report</a> provides an overview of the configuration, status, and health of your site. Review this report to make sure there are not any problems to address, and to find information about the software your site and web server are using.', [':status' => \Drupal::url('system.status')]) . '</dd>';
111
      $output .= '<dt>' . t('Using maintenance mode') . '</dt>';
112
      $output .= '<dd>' . t('When you are performing site maintenance, you can prevent non-administrative users (including anonymous visitors) from viewing your site by putting it in <a href=":maintenance-mode">Maintenance mode</a>. This will prevent unauthorized users from making changes to the site while you are performing maintenance, or from seeing a broken site while updates are in progress.', [':maintenance-mode' => \Drupal::url('system.site_maintenance_mode')]) . '</dd>';
113
      $output .= '<dt>' . t('Configuring for performance') . '</dt>';
114
      $output .= '<dd>' . t('On the <a href=":performance-page">Performance page</a>, the site can be configured to aggregate CSS and JavaScript files, making the total request size smaller. Note that, for small- to medium-sized websites, the <a href=":page-cache">Internal Page Cache module</a> should be installed so that pages are efficiently cached and reused for anonymous users. Finally, for websites of all sizes, the <a href=":dynamic-page-cache">Dynamic Page Cache module</a> should also be installed so that the non-personalized parts of pages are efficiently cached (for all users).', [':performance-page' => \Drupal::url('system.performance_settings'), ':page-cache' => (\Drupal::moduleHandler()->moduleExists('page_cache')) ? \Drupal::url('help.page', ['name' => 'page_cache']) : '#', ':dynamic-page-cache' => (\Drupal::moduleHandler()->moduleExists('dynamic_page_cache')) ? \Drupal::url('help.page', ['name' => 'dynamic_page_cache']) : '#']) . '</dd>';
115
      $output .= '<dt>' . t('Configuring cron') . '</dt>';
116
      $output .= '<dd>' . t('In order for the site and its modules to continue to operate well, a set of routine administrative operations must run on a regular basis; these operations are known as <em>cron</em> tasks. On the <a href=":cron">Cron page</a>, you can configure cron to run periodically as part of server responses by installing the <em>Automated Cron</em> module, or you can turn this off and trigger cron from an outside process on your web server. You can verify the status of cron tasks by visiting the <a href=":status">Status report page</a>. For more information, see the <a href=":handbook">online documentation for configuring cron jobs</a>.', [':status' => \Drupal::url('system.status'), ':handbook' => 'https://www.drupal.org/cron', ':cron' => \Drupal::url('system.cron_settings')]) . '</dd>';
117
      $output .= '<dt>' . t('Configuring the file system') . '</dt>';
118
      $output .= '<dd>' . t('Your site has several file directories, which are used to store and process uploaded and generated files. The <em>public</em> file directory, which is configured in your settings.php file, is the default place for storing uploaded files. Links to files in this directory contain the direct file URL, so when the files are requested, the web server will send them directly without invoking your site code. This means that the files can be downloaded by anyone with the file URL, so requests are not access-controlled but they are efficient. The <em>private</em> file directory, also configured in your settings.php file and ideally located outside the site web root, is access controlled. Links to files in this directory are not direct, so requests to these files are mediated by your site code. This means that your site can check file access permission for each file before deciding to fulfill the request, so the requests are more secure, but less efficient. You should only use the private storage for files that need access control, not for files like your site logo and background images used on every page. The <em>temporary</em> file directory is used internally by your site code for various operations, and is configured on the <a href=":file-system">File system settings</a> page. You can also see the configured public and private file directories on this page, and choose whether public or private should be the default for uploaded files.', [':file-system' => \Drupal::url('system.file_system_settings')]) . '</dd>';
119
      $output .= '<dt>' . t('Configuring the image toolkit') . '</dt>';
120
      $output .= '<dd>' . t('On the <a href=":toolkit">Image toolkit page</a>, you can select and configure the PHP toolkit used to manipulate images. Depending on which distribution or installation profile you choose when you install your site, the GD2 toolkit and possibly others are included; other toolkits may be provided by contributed modules.', [':toolkit' => \Drupal::url('system.image_toolkit_settings')]) . '</dd>';
121
      $output .= '</dl>';
122
      return $output;
123 124

    case 'system.admin_index':
125
      return '<p>' . t('This page shows you all available administration tasks for each module.') . '</p>';
126 127

    case 'system.themes_page':
128
      $output = '<p>' . t('Set and configure the default theme for your website.  Alternative <a href=":themes">themes</a> are available.', [':themes' => 'https://www.drupal.org/project/themes']) . '</p>';
129
      if (\Drupal::moduleHandler()->moduleExists('block')) {
130
        $output .= '<p>' . t('You can place blocks for each theme on the <a href=":blocks">block layout</a> page.', [':blocks' => \Drupal::url('block.admin_display')]) . '</p>';
131
      }
132
      return $output;
133 134

    case 'system.theme_settings_theme':
135
      $theme_list = \Drupal::service('theme_handler')->listInfo();
136
      $theme = $theme_list[$route_match->getParameter('theme')];
137
      return '<p>' . t('These options control the display settings for the %name theme. When your site is displayed using this theme, these settings will be used.', ['%name' => $theme->info['name']]) . '</p>';
138 139

    case 'system.theme_settings':
140
      return '<p>' . t('Control default display settings for your site, across all themes. Use theme-specific settings to override these defaults.') . '</p>';
141 142

    case 'system.modules_list':
143
      $output = '<p>' . t('Download additional <a href=":modules">contributed modules</a> to extend your site\'s functionality.', [':modules' => 'https://www.drupal.org/project/modules']) . '</p>';
144
      if (!\Drupal::moduleHandler()->moduleExists('update')) {
145
        $output .= '<p>' . t('Regularly review available updates to maintain a secure and current site. Always run the <a href=":update-php">update script</a> each time a module is updated. Enable the <a href=":update-manager">Update Manager module</a> to update and install modules and themes.', [':update-php' => \Drupal::url('system.db_update'), ':update-manager' => \Drupal::url('system.modules_list', [], ['fragment' => 'module-update'])]) . '</p>';
146
      }
147
      return $output;
148 149

    case 'system.modules_uninstall':
150
      return '<p>' . t('The uninstall process removes all data related to a module.') . '</p>';
151

152
    case 'entity.block.edit_form':
153
      if (($block = $route_match->getParameter('block')) && $block->getPluginId() == 'system_powered_by_block') {
154
        return '<p>' . t('The <em>Powered by Drupal</em> block is an optional link to the home page of the Drupal project. While there is absolutely no requirement that sites feature this link, it may be used to show support for Drupal.') . '</p>';
155
      }
156
      break;
157 158

    case 'block.admin_add':
159
      if ($route_match->getParameter('plugin_id') == 'system_powered_by_block') {
160 161 162 163 164
        return '<p>' . t('The <em>Powered by Drupal</em> block is an optional link to the home page of the Drupal project. While there is absolutely no requirement that sites feature this link, it may be used to show support for Drupal.') . '</p>';
      }
      break;

    case 'system.site_maintenance_mode':
165
      if (\Drupal::currentUser()->id() == 1) {
166
        return '<p>' . t('Use maintenance mode when making major updates, particularly if the updates could disrupt visitors or the update process. Examples include upgrading, importing or exporting content, modifying a theme, modifying content types, and making backups.') . '</p>';
167
      }
168
      break;
169 170

    case 'system.status':
171
      return '<p>' . t("Here you can find a short overview of your site's parameters as well as any problems detected with your installation. It may be useful to copy and paste this information into support requests filed on Drupal.org's support forums and project issue queues. Before filing a support request, ensure that your web server meets the <a href=\":system-requirements\">system requirements.</a>", [':system-requirements' => 'https://www.drupal.org/requirements']) . '</p>';
172
  }
Dries's avatar
 
Dries committed
173 174
}

175
/**
176
 * Implements hook_theme().
177
 */
178
function system_theme() {
179
  return array_merge(drupal_common_theme(), [
180
    // Normally theme suggestion templates are only picked up when they are in
181 182
    // themes. We explicitly define theme suggestions here so that the block
    // templates in core/modules/system/templates are picked up.
183
    'block__system_branding_block' => [
184
      'render element' => 'elements',
185
      'base hook' => 'block',
186 187
    ],
    'block__system_messages_block' => [
188
      'base hook' => 'block',
189 190
    ],
    'block__system_menu_block' => [
191 192
      'render element' => 'elements',
      'base hook' => 'block',
193 194 195 196 197 198
    ],
    'system_themes_page' => [
      'variables' => [
        'theme_groups' => [],
        'theme_group_titles' => [],
      ],
199
      'file' => 'system.admin.inc',
200 201
    ],
    'system_config_form' => [
202
      'render element' => 'form',
203 204
    ],
    'confirm_form' => [
205
      'render element' => 'form',
206 207
    ],
    'system_modules_details' => [
208
      'render element' => 'form',
209
      'file' => 'system.admin.inc',
210 211
    ],
    'system_modules_uninstall' => [
212
      'render element' => 'form',
213
      'file' => 'system.admin.inc',
214 215 216 217 218
    ],
    'status_report_page' => [
      'variables' => [
        'counters' => [],
        'general_info' => [],
219
        'requirements' => NULL,
220 221 222 223
      ],
    ],
    'status_report' => [
      'variables' => [
224 225
        'grouped_requirements' => NULL,
        'requirements' => NULL,
226 227 228 229
      ],
    ],
    'status_report_grouped' => [
      'variables' => [
230 231
        'grouped_requirements' => NULL,
        'requirements' => NULL,
232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249
      ],
    ],
    'status_report_counter' => [
      'variables' => ['amount' => NULL, 'text' => NULL, 'severity' => NULL],
    ],
    'status_report_general_info' => [
      'variables' => [
        'drupal' => [],
        'cron' => [],
        'database_system' => [],
        'database_system_version' => [],
        'php' => [],
        'php_memory_limit' => [],
        'webserver' => [],
      ],
    ],
    'admin_page' => [
      'variables' => ['blocks' => NULL],
250
      'file' => 'system.admin.inc',
251 252
    ],
    'admin_block' => [
253
      'variables' => ['block' => NULL, 'attributes' => []],
254
      'file' => 'system.admin.inc',
255 256 257
    ],
    'admin_block_content' => [
      'variables' => ['content' => NULL],
258
      'file' => 'system.admin.inc',
259 260 261
    ],
    'system_admin_index' => [
      'variables' => ['menu_items' => NULL],
262
      'file' => 'system.admin.inc',
263 264 265 266
    ],
    'entity_add_list' => [
      'variables' => [
        'bundles' => [],
267
        'add_bundle_message' => NULL,
268
      ],
269
      'template' => 'entity-add-list',
270 271
    ],
  ]);
272
}
273

274
/**
275
 * Implements hook_hook_info().
276 277
 */
function system_hook_info() {
278
  $hooks['token_info'] = [
279
    'group' => 'tokens',
280 281
  ];
  $hooks['token_info_alter'] = [
282
    'group' => 'tokens',
283 284
  ];
  $hooks['tokens'] = [
285
    'group' => 'tokens',
286 287
  ];
  $hooks['tokens_alter'] = [
288
    'group' => 'tokens',
289
  ];
290

291 292 293
  return $hooks;
}

294 295 296 297
/**
 * Implements hook_theme_suggestions_HOOK().
 */
function system_theme_suggestions_html(array $variables) {
298
  $path_args = explode('/', trim(\Drupal::service('path.current')->getPath(), '/'));
299
  return theme_get_suggestions($path_args, 'html');
300 301 302 303 304 305
}

/**
 * Implements hook_theme_suggestions_HOOK().
 */
function system_theme_suggestions_page(array $variables) {
306
  $path_args = explode('/', trim(\Drupal::service('path.current')->getPath(), '/'));
307
  return theme_get_suggestions($path_args, 'page');
308 309 310 311 312 313
}

/**
 * Implements hook_theme_suggestions_HOOK().
 */
function system_theme_suggestions_maintenance_page(array $variables) {
314
  $suggestions = [];
315 316 317 318 319

  // Dead databases will show error messages so supplying this template will
  // allow themers to override the page and the content completely.
  $offline = defined('MAINTENANCE_MODE');
  try {
320
    \Drupal::service('path.matcher')->isFrontPage();
321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336
  }
  catch (Exception $e) {
    // The database is not yet available.
    $offline = TRUE;
  }
  if ($offline) {
    $suggestions[] = 'maintenance_page__offline';
  }

  return $suggestions;
}

/**
 * Implements hook_theme_suggestions_HOOK().
 */
function system_theme_suggestions_region(array $variables) {
337
  $suggestions = [];
338 339 340 341 342 343
  if (!empty($variables['elements']['#region'])) {
    $suggestions[] = 'region__' . $variables['elements']['#region'];
  }
  return $suggestions;
}

344 345 346 347
/**
 * Implements hook_theme_suggestions_HOOK().
 */
function system_theme_suggestions_field(array $variables) {
348
  $suggestions = [];
349 350 351 352 353 354 355 356 357 358 359
  $element = $variables['element'];

  $suggestions[] = 'field__' . $element['#field_type'];
  $suggestions[] = 'field__' . $element['#field_name'];
  $suggestions[] = 'field__' . $element['#entity_type'] . '__' . $element['#bundle'];
  $suggestions[] = 'field__' . $element['#entity_type'] . '__' . $element['#field_name'];
  $suggestions[] = 'field__' . $element['#entity_type'] . '__' . $element['#field_name'] . '__' . $element['#bundle'];

  return $suggestions;
}

360 361 362 363 364 365 366 367 368
/**
 * Prepares variables for the list of available bundles.
 *
 * Default template: entity-add-list.html.twig.
 *
 * @param array $variables
 *   An associative array containing:
 *   - bundles: An array of bundles with the label, description, add_link keys.
 *   - add_bundle_message: The message shown when there are no bundles. Only
369
 *     available if the entity type uses bundle entities.
370 371 372 373 374 375 376 377 378
 */
function template_preprocess_entity_add_list(&$variables) {
  foreach ($variables['bundles'] as $bundle_name => $bundle_info) {
    $variables['bundles'][$bundle_name]['description'] = [
      '#markup' => $bundle_info['description'],
    ];
  }
}

379
/**
380 381 382
 * @defgroup authorize Authorized operations
 * @{
 * Functions to run operations with elevated privileges via authorize.php.
383
 *
384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403
 * Because of the Update manager functionality included in Drupal core, there
 * is a mechanism for running operations with elevated file system privileges,
 * the top-level authorize.php script. This script runs at a reduced Drupal
 * bootstrap level so that it is not reliant on the entire site being
 * functional. The operations use a FileTransfer class to manipulate code
 * installed on the system as the user that owns the files, not the user that
 * the httpd is running as.
 *
 * The first setup is to define a callback function that should be authorized
 * to run with the elevated privileges. This callback should take a
 * FileTransfer as its first argument, although you can define an array of
 * other arguments it should be invoked with. The callback should be placed in
 * a separate .inc file that will be included by authorize.php.
 *
 * To run the operation, certain data must be saved into the SESSION, and then
 * the flow of control should be redirected to the authorize.php script. There
 * are two ways to do this, either to call system_authorized_run() directly,
 * or to call system_authorized_init() and then redirect to authorize.php,
 * using the URL from system_authorized_get_url(). Redirecting yourself is
 * necessary when your authorized operation is being triggered by a form
404
 * submit handler, since calling redirecting in a submit handler is a bad
405
 * idea, and you should instead use $form_state->setRedirect().
406 407 408 409 410 411 412 413 414 415
 *
 * Once the SESSION is setup for the operation and the user is redirected to
 * authorize.php, they will be prompted for their connection credentials (core
 * provides FTP and SSH by default, although other connection classes can be
 * added via contributed modules). With valid credentials, authorize.php will
 * instantiate the appropriate FileTransfer object, and then invoke the
 * desired operation passing in that object. The authorize.php script can act
 * as a Batch API processing page, if the operation requires a batch.
 *
 * @see authorize.php
416
 * @see \Drupal\Core\FileTransfer\FileTransfer
417
 * @see hook_filetransfer_info()
418 419 420 421 422
 */

/**
 * Setup a given callback to run via authorize.php with elevated privileges.
 *
423 424 425 426 427 428 429 430 431
 * To use authorize.php, certain variables must be stashed into $_SESSION. This
 * function sets up all the necessary $_SESSION variables. The calling function
 * should then redirect to authorize.php, using the full path returned by
 * system_authorized_get_url(). That initiates the workflow that will eventually
 * lead to the callback being invoked. The callback will be invoked at a low
 * bootstrap level, without all modules being invoked, so it needs to be careful
 * not to assume any code exists. Example (system_authorized_run()):
 * @code
 *   system_authorized_init($callback, $file, $arguments, $page_title);
432
 *   return new RedirectResponse(system_authorized_get_url()->toString());
433 434 435 436 437 438
 * @endcode
 * Example (update_manager_install_form_submit()):
 * @code
 *  system_authorized_init('update_authorize_run_install',
 *    drupal_get_path('module', 'update') . '/update.authorize.inc',
 *    $arguments, t('Update manager'));
439
 *  $form_state->setRedirectUrl(system_authorized_get_url());
440
 * @endcode
441 442
 *
 * @param $callback
443
 *   The name of the function to invoke once the user authorizes the operation.
444 445 446 447 448 449 450 451 452
 * @param $file
 *   The full path to the file where the callback function is implemented.
 * @param $arguments
 *   Optional array of arguments to pass into the callback when it is invoked.
 *   Note that the first argument to the callback is always the FileTransfer
 *   object created by authorize.php when the user authorizes the operation.
 * @param $page_title
 *   Optional string to use as the page title once redirected to authorize.php.
 * @return
453
 *   Nothing, this function just initializes variables in the user's session.
454
 */
455
function system_authorized_init($callback, $file, $arguments = [], $page_title = NULL) {
456 457 458
  // First, figure out what file transfer backends the site supports, and put
  // all of those in the SESSION so that authorize.php has access to all of
  // them via the class autoloader, even without a full bootstrap.
459
  $_SESSION['authorize_filetransfer_info'] = drupal_get_filetransfer_info();
460 461

  // Now, define the callback to invoke.
462
  $_SESSION['authorize_operation'] = [
463 464 465
    'callback' => $callback,
    'file' => $file,
    'arguments' => $arguments,
466
  ];
467 468

  if (isset($page_title)) {
469
    $_SESSION['authorize_page_title'] = $page_title;
470
  }
471
}
472

473 474
/**
 * Return the URL for the authorize.php script.
475 476
 *
 * @param array $options
477
 *   Optional array of options to set on the \Drupal\Core\Url object.
478
 * @return \Drupal\Core\Url
479
 *   The full URL to authorize.php, using HTTPS if available.
480 481
 *
 * @see system_authorized_init()
482
 */
483
function system_authorized_get_url(array $options = []) {
484 485
  // core/authorize.php is an unrouted URL, so using the base: scheme is
  // the correct usage for this case.
486
  $url = Url::fromUri('base:core/authorize.php');
487 488 489
  $url_options = $url->getOptions();
  $url->setOptions($options + $url_options);
  return $url;
490 491
}

492 493
/**
 * Returns the URL for the authorize.php script when it is processing a batch.
494 495
 *
 * @param array $options
496
 *   Optional array of options to set on the \Drupal\Core\Url object.
497 498
 *
 * @return \Drupal\Core\Url
499
 */
500 501
function system_authorized_batch_processing_url(array $options = []) {
  $options['query'] = ['batch' => '1'];
502
  return system_authorized_get_url($options);
503 504
}

505 506 507
/**
 * Setup and invoke an operation using authorize.php.
 *
508
 * @see system_authorized_init()
509
 */
510
function system_authorized_run($callback, $file, $arguments = [], $page_title = NULL) {
511
  system_authorized_init($callback, $file, $arguments, $page_title);
512
  return new RedirectResponse(system_authorized_get_url()->toString());
513 514
}

515 516 517 518 519 520 521
/**
 * Use authorize.php to run batch_process().
 *
 * @see batch_process()
 */
function system_authorized_batch_process() {
  $finish_url = system_authorized_get_url();
522
  $process_url = system_authorized_batch_processing_url();
523
  return batch_process($finish_url->setAbsolute()->toString(), $process_url);
524 525
}

526 527 528 529
/**
 * @} End of "defgroup authorize".
 */

530
/**
531
 * Implements hook_updater_info().
532 533
 */
function system_updater_info() {
534 535
  return [
    'module' => [
536
      'class' => 'Drupal\Core\Updater\Module',
537 538
      'name' => t('Update modules'),
      'weight' => 0,
539 540
    ],
    'theme' => [
541
      'class' => 'Drupal\Core\Updater\Theme',
542 543
      'name' => t('Update themes'),
      'weight' => 0,
544 545
    ],
  ];
546 547
}

548
/**
549
 * Implements hook_filetransfer_info().
550
 */
551
function system_filetransfer_info() {
552
  $backends = [];
553

554
  // This is the default, will be available on most systems.
555
  if (function_exists('ftp_connect')) {
556
    $backends['ftp'] = [
557
      'title' => t('FTP'),
558
      'class' => 'Drupal\Core\FileTransfer\FTP',
559
      'weight' => 0,
560
    ];
561
  }
562

563 564 565
  // SSH2 lib connection is only available if the proper PHP extension is
  // installed.
  if (function_exists('ssh2_connect')) {
566
    $backends['ssh'] = [
567
      'title' => t('SSH'),
568
      'class' => 'Drupal\Core\FileTransfer\SSH',
569
      'weight' => 20,
570
    ];
571 572 573 574
  }
  return $backends;
}

575
/**
576
 * Implements hook_page_attachments().
577 578
 *
 * @see template_preprocess_maintenance_page()
579
 * @see \Drupal\Core\EventSubscriber\ActiveLinkResponseFilter
580
 */
581
function system_page_attachments(array &$page) {
582
  // Ensure the same CSS is loaded in template_preprocess_maintenance_page().
583
  $page['#attached']['library'][] = 'system/base';
584
  if (\Drupal::service('router.admin_context')->isAdminRoute()) {
585
    $page['#attached']['library'][] = 'system/admin';
586
  }
587

588
  // Attach libraries used by this theme.
589 590 591 592 593 594 595 596 597
  $active_theme = \Drupal::theme()->getActiveTheme();
  foreach ($active_theme->getLibraries() as $library) {
    $page['#attached']['library'][] = $library;
  }

  // Attach favicon.
  if (theme_get_setting('features.favicon')) {
    $favicon = theme_get_setting('favicon.url');
    $type = theme_get_setting('favicon.mimetype');
598
    $page['#attached']['html_head_link'][][] = [
599 600 601
      'rel' => 'shortcut icon',
      'href' => UrlHelper::stripDangerousProtocols($favicon),
      'type' => $type,
602
    ];
603 604 605 606 607 608
  }

  // Get the major Drupal version.
  list($version, ) = explode('.', \Drupal::VERSION);

  // Attach default meta tags.
609
  $meta_default = [
610 611 612
    // Make sure the Content-Type comes first because the IE browser may be
    // vulnerable to XSS via encoding attacks from any content that comes
    // before this META tag, such as a TITLE tag.
613
    'system_meta_content_type' => [
614
      '#tag' => 'meta',
615
      '#attributes' => [
616
        'charset' => 'utf-8',
617
      ],
618 619
      // Security: This always has to be output first.
      '#weight' => -1000,
620
    ],
621
    // Show Drupal and the major version number in the META GENERATOR tag.
622
    'system_meta_generator' => [
623 624
      '#type' => 'html_tag',
      '#tag' => 'meta',
625
      '#attributes' => [
626
        'name' => 'Generator',
627
        'content' => 'Drupal ' . $version . ' (https://www.drupal.org)',
628 629
      ],
    ],
630
    // Attach default mobile meta tags for responsive design.
631
    'MobileOptimized' => [
632
      '#tag' => 'meta',
633
      '#attributes' => [
634 635
        'name' => 'MobileOptimized',
        'content' => 'width',
636 637 638
      ],
    ],
    'HandheldFriendly' => [
639
      '#tag' => 'meta',
640
      '#attributes' => [
641 642
        'name' => 'HandheldFriendly',
        'content' => 'true',
643 644 645
      ],
    ],
    'viewport' => [
646
      '#tag' => 'meta',
647
      '#attributes' => [
648 649
        'name' => 'viewport',
        'content' => 'width=device-width, initial-scale=1.0',
650 651 652
      ],
    ],
  ];
653 654 655 656
  foreach ($meta_default as $key => $value) {
    $page['#attached']['html_head'][] = [$value, $key];
  }

657 658
  // Handle setting the "active" class on links by:
  // - loading the active-link library if the current user is authenticated;
659
  // - applying a response filter if the current user is anonymous.
660
  // @see \Drupal\Core\Link
661
  // @see \Drupal\Core\Utility\LinkGenerator::generate()
662
  // @see template_preprocess_links()
663
  // @see \Drupal\Core\EventSubscriber\ActiveLinkResponseFilter
664
  if (\Drupal::currentUser()->isAuthenticated()) {
665
    $page['#attached']['library'][] = 'core/drupal.active-link';
666
  }
667 668
}

669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694
/**
 * Implements hook_js_settings_build().
 *
 * Sets values for the core/drupal.ajax library, which just depends on the
 * active theme but no other request-dependent values.
 */
function system_js_settings_build(&$settings, AttachedAssetsInterface $assets) {
  // Generate the values for the core/drupal.ajax library.
  // We need to send ajaxPageState settings for core/drupal.ajax if:
  // - ajaxPageState is being loaded in this Response, in which case it will
  //   already exist at $settings['ajaxPageState'] (because the core/drupal.ajax
  //   library definition specifies a placeholder 'ajaxPageState' setting).
  // - core/drupal.ajax already has been loaded and hence this is an AJAX
  //   Response in which we must send the list of extra asset libraries that are
  //   being added in this AJAX Response.
  /** @var \Drupal\Core\Asset\LibraryDependencyResolver $library_dependency_resolver */
  $library_dependency_resolver = \Drupal::service('library.dependency_resolver');
  if (isset($settings['ajaxPageState']) || in_array('core/drupal.ajax', $library_dependency_resolver->getLibrariesWithDependencies($assets->getAlreadyLoadedLibraries()))) {
    // Provide the page with information about the theme that's used, so that
    // a later AJAX request can be rendered using the same theme.
    // @see \Drupal\Core\Theme\AjaxBasePageNegotiator
    $theme_key = \Drupal::theme()->getActiveTheme()->getName();
    $settings['ajaxPageState']['theme'] = $theme_key;
  }
}

695 696 697
/**
 * Implements hook_js_settings_alter().
 *
698 699
 * Sets values which depend on the current request, like core/drupalSettings
 * as well as theme_token ajax state.
700
 */
701
function system_js_settings_alter(&$settings, AttachedAssetsInterface $assets) {
702 703 704
  // As this is being output in the final response always use the master
  // request.
  $request = \Drupal::requestStack()->getMasterRequest();
705
  $current_query = $request->query->all();
706 707 708 709 710 711 712 713

  // Let output path processors set a prefix.
  /** @var \Drupal\Core\PathProcessor\OutboundPathProcessorInterface $path_processor */
  $path_processor = \Drupal::service('path_processor_manager');
  $options = ['prefix' => ''];
  $path_processor->processOutbound('/', $options);
  $pathPrefix = $options['prefix'];

714 715 716 717 718 719
  $route_match = \Drupal::routeMatch();
  if ($route_match instanceof StackedRouteMatchInterface) {
    $route_match = $route_match->getMasterRouteMatch();
  }
  $current_path = $route_match->getRouteName() ? Url::fromRouteMatch($route_match)->getInternalPath() : '';
  $current_path_is_admin = \Drupal::service('router.admin_context')->isAdminRoute($route_match->getRouteObject());
720 721 722 723 724
  $path_settings = [
    'baseUrl' => $request->getBaseUrl() . '/',
    'pathPrefix' => $pathPrefix,
    'currentPath' => $current_path,
    'currentPathIsAdmin' => $current_path_is_admin,
725
    'isFront' => \Drupal::service('path.matcher')->isFrontPage(),
726 727 728 729 730 731 732 733 734 735 736 737 738
    'currentLanguage' => \Drupal::languageManager()->getCurrentLanguage(LanguageInterface::TYPE_URL)->getId(),
  ];
  if (!empty($current_query)) {
    ksort($current_query);
    $path_settings['currentQuery'] = (object) $current_query;
  }

  // Only set core/drupalSettings values that haven't been set already.
  foreach ($path_settings as $key => $value) {
    if (!isset($settings['path'][$key])) {
      $settings['path'][$key] = $value;
    }
  }
739 740
  if (!isset($settings['pluralDelimiter'])) {
    $settings['pluralDelimiter'] = LOCALE_PLURAL_DELIMITER;
741
  }
742
  // Add the theme token to ajaxPageState, ensuring the database is available
743
  // before doing so. Also add the loaded libraries to ajaxPageState.
744 745 746 747
  /** @var \Drupal\Core\Asset\LibraryDependencyResolver $library_dependency_resolver */
  $library_dependency_resolver = \Drupal::service('library.dependency_resolver');
  if (isset($settings['ajaxPageState']) || in_array('core/drupal.ajax', $library_dependency_resolver->getLibrariesWithDependencies($assets->getAlreadyLoadedLibraries()))) {
    if (!defined('MAINTENANCE_MODE')) {
748 749 750 751 752 753 754 755
      // The theme token is only validated when the theme requested is not the
      // default, so don't generate it unless necessary.
      // @see \Drupal\Core\Theme\AjaxBasePageNegotiator::determineActiveTheme()
      $active_theme_key = \Drupal::theme()->getActiveTheme()->getName();
      if ($active_theme_key !== \Drupal::service('theme_handler')->getDefault()) {
        $settings['ajaxPageState']['theme_token'] = \Drupal::csrfToken()
          ->get($active_theme_key);
      }
756
    }
757 758 759 760 761 762 763 764
    // Provide the page with information about the individual asset libraries
    // used, information not otherwise available when aggregation is enabled.
    $minimal_libraries = $library_dependency_resolver->getMinimalRepresentativeSubset(array_merge(
      $assets->getLibraries(),
      $assets->getAlreadyLoadedLibraries()
    ));
    sort($minimal_libraries);
    $settings['ajaxPageState']['libraries'] = implode(',', $minimal_libraries);
765
  }
766 767
}

768 769 770 771 772 773 774 775 776 777 778 779 780 781 782 783 784 785 786 787 788 789 790
/**
 * Implements hook_form_alter().
 */
function system_form_alter(&$form, FormStateInterface $form_state) {
  // If the page that's being built is cacheable, set the 'immutable' flag, to
  // ensure that when the form is used, a new form build ID is generated when
  // appropriate, to prevent information disclosure.

  // Note: This code just wants to know whether cache response headers are set,
  // not whether page_cache module will be active.
  // \Drupal\Core\EventSubscriber\FinishResponseSubscriber::onRespond will
  // send those headers, in case $request_policy->check($request) succeeds. In
  // that case we need to ensure that the immutable flag is sot, so future POST
  // request won't take over the form state of another user.
  /** @var \Drupal\Core\PageCache\RequestPolicyInterface $request_policy */
  $request_policy = \Drupal::service('page_cache_request_policy');
  $request = \Drupal::requestStack()->getCurrentRequest();
  $request_is_cacheable = $request_policy->check($request) === RequestPolicyInterface::ALLOW;
  if ($request_is_cacheable) {
    $form_state->addBuildInfo('immutable', TRUE);
  }
}

Dries's avatar
 
Dries committed
791
/**
792
 * Implements hook_form_FORM_ID_alter() for \Drupal\user\AccountForm.
Dries's avatar
 
Dries committed
793
 */
794
function system_form_user_form_alter(&$form, FormStateInterface $form_state) {
795
  if (\Drupal::config('system.date')->get('timezone.user.configurable')) {
796
    system_user_timezone($form, $form_state);
797 798 799 800
  }
}

/**
801
 * Implements hook_form_FORM_ID_alter() for \Drupal\user\RegisterForm.
802
 */
Dries's avatar