bootstrap.inc 62.9 KB
Newer Older
1
<?php
2
3
4
5
/**
 * @file
 * Functions that need to be loaded on every Drupal request.
 */
Dries's avatar
 
Dries committed
6

7
use Drupal\Component\Utility\Crypt;
8
use Drupal\Component\Utility\Environment;
9
use Drupal\Component\Utility\String;
10
use Drupal\Component\Utility\Unicode;
11
use Drupal\Core\DrupalKernel;
12
use Drupal\Core\Extension\ExtensionDiscovery;
13
use Drupal\Core\Site\Settings;
14
use Drupal\Core\Utility\Error;
15
use Symfony\Component\ClassLoader\ApcClassLoader;
16
use Symfony\Component\HttpFoundation\Request;
17
use Symfony\Component\HttpFoundation\Response;
18
use Drupal\Core\Language\LanguageInterface;
19

20
21
22
/**
 * Minimum supported version of PHP.
 */
23
const DRUPAL_MINIMUM_PHP = '5.4.2';
24
25
26
27

/**
 * Minimum recommended value of PHP memory_limit.
 */
28
const DRUPAL_MINIMUM_PHP_MEMORY_LIMIT = '32M';
29

30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
/**
 * Error reporting level: display no errors.
 */
const ERROR_REPORTING_HIDE = 'hide';

/**
 * Error reporting level: display errors and warnings.
 */
const ERROR_REPORTING_DISPLAY_SOME = 'some';

/**
 * Error reporting level: display all messages.
 */
const ERROR_REPORTING_DISPLAY_ALL = 'all';

/**
 * Error reporting level: display all messages, plus backtrace information.
 */
const ERROR_REPORTING_DISPLAY_VERBOSE = 'verbose';

50
51
52
53
54
55
/**
 * @defgroup logging_severity_levels Logging severity levels
 * @{
 * Logging severity levels as defined in RFC 3164.
 *
 * The WATCHDOG_* constant definitions correspond to the logging severity levels
56
 * defined in RFC 3164, section 4.1.1. PHP supplies predefined LOG_* constants
57
 * for use in the syslog() function, but their values on Windows builds do not
58
 * correspond to RFC 3164. The associated PHP bug report was closed with the
59
60
61
62
63
64
65
66
67
68
69
70
71
72
 * comment, "And it's also not a bug, as Windows just have less log levels,"
 * and "So the behavior you're seeing is perfectly normal."
 *
 * @see http://www.faqs.org/rfcs/rfc3164.html
 * @see http://bugs.php.net/bug.php?id=18090
 * @see http://php.net/manual/function.syslog.php
 * @see http://php.net/manual/network.constants.php
 * @see watchdog()
 * @see watchdog_severity_levels()
 */

/**
 * Log message severity -- Emergency: system is unusable.
 */
73
const WATCHDOG_EMERGENCY = 0;
74
75
76
77

/**
 * Log message severity -- Alert: action must be taken immediately.
 */
78
const WATCHDOG_ALERT = 1;
79
80

/**
81
 * Log message severity -- Critical conditions.
82
 */
83
const WATCHDOG_CRITICAL = 2;
84
85

/**
86
 * Log message severity -- Error conditions.
87
 */
88
const WATCHDOG_ERROR = 3;
89
90

/**
91
 * Log message severity -- Warning conditions.
92
 */
93
const WATCHDOG_WARNING = 4;
94
95

/**
96
 * Log message severity -- Normal but significant conditions.
97
 */
98
const WATCHDOG_NOTICE = 5;
99
100

/**
101
 * Log message severity -- Informational messages.
102
 */
103
const WATCHDOG_INFO = 6;
104
105

/**
106
 * Log message severity -- Debug-level messages.
107
 */
108
const WATCHDOG_DEBUG = 7;
109
110
111
112
113

/**
 * @} End of "defgroup logging_severity_levels".
 */

114
115
/**
 * First bootstrap phase: initialize configuration.
116
117
 *
 * @deprecated in Drupal 8.x-dev, will be removed before Drupal 8.0.
118
 */
119
const DRUPAL_BOOTSTRAP_CONFIGURATION = 0;
120
121

/**
122
123
124
 * Second bootstrap phase, initialize a kernel.
 *
 * @deprecated in Drupal 8.x-dev, will be removed before Drupal 8.0.
125
 */
126
const DRUPAL_BOOTSTRAP_KERNEL = 1;
127
128

/**
129
 * Third bootstrap phase: try to serve a cached page.
130
131
 *
 * @deprecated in Drupal 8.x-dev, will be removed before Drupal 8.0.
132
 */
133
const DRUPAL_BOOTSTRAP_PAGE_CACHE = 2;
134
135

/**
136
 * Fourth bootstrap phase: load code for subsystems and modules.
137
138
 *
 * @deprecated in Drupal 8.x-dev, will be removed before Drupal 8.0.
139
 */
140
const DRUPAL_BOOTSTRAP_CODE = 3;
141
142

/**
143
 * Final bootstrap phase: initialize language, path, theme, and modules.
144
145
 *
 * @deprecated in Drupal 8.x-dev, will be removed before Drupal 8.0.
146
 */
147
const DRUPAL_BOOTSTRAP_FULL = 4;
148

149
150
151
/**
 * Role ID for anonymous users; should match what's in the "role" table.
 */
152
const DRUPAL_ANONYMOUS_RID = 'anonymous';
153
154
155
156

/**
 * Role ID for authenticated users; should match what's in the "role" table.
 */
157
const DRUPAL_AUTHENTICATED_RID = 'authenticated';
158

159
160
161
162
163
/**
 * The maximum number of characters in a module or theme name.
 */
const DRUPAL_EXTENSION_NAME_MAX_LENGTH = 50;

164
/**
165
 * Time of the current request in seconds elapsed since the Unix Epoch.
166
 *
167
168
169
170
171
172
 * This differs from $_SERVER['REQUEST_TIME'], which is stored as a float
 * since PHP 5.4.0. Float timestamps confuse most PHP functions
 * (including date_create()).
 *
 * @see http://php.net/manual/reserved.variables.server.php
 * @see http://php.net/manual/function.time.php
173
 */
174
define('REQUEST_TIME', (int) $_SERVER['REQUEST_TIME']);
175

176
177
178
/**
 * Regular expression to match PHP function names.
 *
179
 * @see http://php.net/manual/language.functions.php
180
 */
181
const DRUPAL_PHP_FUNCTION_PATTERN = '[a-zA-Z_\x7f-\xff][a-zA-Z0-9_\x7f-\xff]*';
182

183
184
185
/**
 * $config_directories key for active directory.
 *
186
 * @see config_get_config_directory()
187
188
189
190
191
192
 */
const CONFIG_ACTIVE_DIRECTORY = 'active';

/**
 * $config_directories key for staging directory.
 *
193
 * @see config_get_config_directory()
194
195
196
 */
const CONFIG_STAGING_DIRECTORY = 'staging';

197
198
199
200
201
202
203
/**
 * Defines the root directory of the Drupal installation.
 *
 * This strips two levels of directories off the current directory.
 */
define('DRUPAL_ROOT', dirname(dirname(__DIR__)));

Dries's avatar
   
Dries committed
204
/**
205
 * Returns the appropriate configuration directory.
Dries's avatar
   
Dries committed
206
 *
207
 * @param bool $require_settings
208
209
210
211
 *   Only configuration directories with an existing settings.php file
 *   will be recognized. Defaults to TRUE. During initial installation,
 *   this is set to FALSE so that Drupal can detect a matching directory,
 *   then create a new settings.php file in it.
212
 * @param bool $reset
213
 *   Force a full search for matching directories even if one had been
214
 *   found previously. Defaults to FALSE.
215
216
217
 * @param \Symfony\Component\HttpFoundation\Request $request
 *   (optional) The current request. Defaults to \Drupal::request() or a new
 *   request created from globals.
218
 *
219
220
 * @return string
 *   The path of the matching directory.@see default.settings.php
221
 *
222
223
224
225
226
227
228
229
230
231
232
233
234
235
 * @deprecated in Drupal 8.x-dev, will be removed before Drupal 8.0.
 *   Use \Drupal\Core\DrupalKernel::getSitePath() instead. If the kernel is
 *   unavailable or the site path needs to be recalculated then
 *   Drupal\Core\DrupalKernel::findSitePath() can be used.
 */
function conf_path($require_settings = TRUE, $reset = FALSE, Request $request = NULL) {
  if (!isset($request)) {
    if (\Drupal::hasRequest()) {
      $request = \Drupal::request();
    }
    // @todo Remove once external CLI scripts (Drush) are updated.
    else {
      $request = Request::createFromGlobals();
    }
236
  }
237
238
  if (\Drupal::hasService('kernel')) {
    $site_path = \Drupal::service('kernel')->getSitePath();
239
  }
240
241
  if (!isset($site_path) || empty($site_path)) {
    $site_path = DrupalKernel::findSitePath($request, $require_settings);
Dries's avatar
 
Dries committed
242
  }
243
  return $site_path;
Dries's avatar
 
Dries committed
244
}
245
/**
246
247
248
249
250
 * Returns the path of a configuration directory.
 *
 * @param string $type
 *   (optional) The type of config directory to return. Drupal core provides
 *   'active' and 'staging'. Defaults to CONFIG_ACTIVE_DIRECTORY.
251
252
253
254
 *
 * @return string
 *   The configuration directory path.
 */
255
256
function config_get_config_directory($type = CONFIG_ACTIVE_DIRECTORY) {
  global $config_directories;
257

258
  if (!empty($config_directories[$type])) {
259
    return $config_directories[$type];
260
  }
261
  throw new \Exception(format_string('The configuration directory type %type does not exist.', array('%type' => $type)));
262
263
}

Dries's avatar
Dries committed
264
/**
265
266
267
268
 * Returns and optionally sets the filename for a system resource.
 *
 * The filename, whether provided, cached, or retrieved from the database, is
 * only returned if the file exists.
Dries's avatar
Dries committed
269
 *
Dries's avatar
Dries committed
270
271
 * This function plays a key role in allowing Drupal's resources (modules
 * and themes) to be located in different places depending on a site's
272
 * configuration. For example, a module 'foo' may legally be located
Dries's avatar
Dries committed
273
274
 * in any of these three places:
 *
275
276
277
 * core/modules/foo/foo.info.yml
 * modules/foo/foo.info.yml
 * sites/example.com/modules/foo/foo.info.yml
Dries's avatar
Dries committed
278
279
280
281
 *
 * Calling drupal_get_filename('module', 'foo') will give you one of
 * the above, depending on where the module is located.
 *
Dries's avatar
Dries committed
282
 * @param $type
283
284
 *   The type of the item; one of 'core', 'profile', 'module', 'theme', or
 *   'theme_engine'.
Dries's avatar
Dries committed
285
 * @param $name
286
287
 *   The name of the item for which the filename is requested. Ignored for
 *   $type 'core'.
Dries's avatar
Dries committed
288
289
290
291
292
 * @param $filename
 *   The filename of the item if it is to be set explicitly rather
 *   than by consulting the database.
 *
 * @return
293
 *   The filename of the requested item or NULL if the item is not found.
Dries's avatar
Dries committed
294
 */
Dries's avatar
Dries committed
295
function drupal_get_filename($type, $name, $filename = NULL) {
296
297
  // The location of files will not change during the request, so do not use
  // drupal_static().
298
  static $files = array();
Dries's avatar
Dries committed
299

300
301
302
303
304
305
306
307
  // Type 'core' only exists to simplify application-level logic; it always maps
  // to the /core directory, whereas $name is ignored. It is only requested via
  // drupal_get_path(). /core/core.info.yml does not exist, but is required
  // since drupal_get_path() returns the dirname() of the returned pathname.
  if ($type === 'core') {
    return 'core/core.info.yml';
  }

308
309
310
  // Profiles are converted into modules in system_rebuild_module_data().
  // @todo Remove false-exposure of profiles as modules.
  $original_type = $type;
311
  if ($type == 'profile') {
312
    $type = 'module';
313
  }
314
  if (!isset($files[$type])) {
Dries's avatar
Dries committed
315
316
317
    $files[$type] = array();
  }

318
  if (isset($filename)) {
Dries's avatar
Dries committed
319
320
    $files[$type][$name] = $filename;
  }
321
322
323
324
325
326
  elseif (!isset($files[$type][$name])) {
    // If the pathname of the requested extension is not known, try to retrieve
    // the list of extension pathnames from various providers, checking faster
    // providers first.
    // Retrieve the current module list (derived from the service container).
    if ($type == 'module' && \Drupal::hasService('module_handler')) {
327
328
329
      foreach (\Drupal::moduleHandler()->getModuleList() as $module_name => $module) {
        $files[$type][$module_name] = $module->getPathname();
      }
330
331
332
333
334
    }
    // If still unknown, retrieve the file list prepared in state by
    // system_rebuild_module_data() and system_rebuild_theme_data().
    if (!isset($files[$type][$name]) && \Drupal::hasService('state')) {
      $files[$type] += \Drupal::state()->get('system.' . $type . '.files', array());
335
    }
336
    // If still unknown, perform a filesystem scan.
337
    if (!isset($files[$type][$name])) {
338
339
340
341
      $listing = new ExtensionDiscovery();
      // Prevent an infinite recursion by this legacy function.
      if ($original_type == 'profile') {
        $listing->setProfileDirectories(array());
342
      }
343
      foreach ($listing->scan($original_type) as $extension_name => $file) {
344
        $files[$type][$extension_name] = $file->getPathname();
Dries's avatar
Dries committed
345
346
347
348
      }
    }
  }

349
350
351
  if (isset($files[$type][$name])) {
    return $files[$type][$name];
  }
Dries's avatar
Dries committed
352
353
}

354
355
356
357
358
359
360
361
362
363
364
365
/**
 * Gets the page cache cid for this request.
 *
 * @param \Symfony\Component\HttpFoundation\Request $request
 *   The request for this page.
 *
 * @return string
 *   The cid for this request.
 */
function drupal_page_cache_get_cid(Request $request) {
  $cid_parts = array(
    $request->getUri(),
366
    \Drupal::service('content_negotiation')->getContentType($request),
367
368
369
370
  );
  return sha1(implode(':', $cid_parts));
}

Dries's avatar
   
Dries committed
371
/**
372
 * Retrieves the current page from the cache.
Dries's avatar
   
Dries committed
373
 *
374
375
 * @param \Symfony\Component\HttpFoundation\Request $request
 *   The request for this page.
376
 *
377
378
 * @return \Symfony\Component\HttpFoundation\Response
 *   The response, if the page was found in the cache, NULL otherwise.
Dries's avatar
   
Dries committed
379
 */
380
function drupal_page_get_cache(Request $request) {
381
382
383
  $cache = \Drupal::cache('render')->get(drupal_page_cache_get_cid($request));
  if ($cache) {
    return $cache->data;
384
  }
385
386
387
}

/**
388
 * Determines the cacheability of the current page.
389
 *
390
391
392
393
394
 * Note: we do not serve cached pages to authenticated users, or to anonymous
 * users when $_SESSION is non-empty. $_SESSION may contain status messages
 * from a form submission, the contents of a shopping cart, or other user-
 * specific content that should not be cached and displayed to other users.
 *
395
 * @param $allow_caching
396
397
 *   Set to FALSE if you want to prevent this page to get cached.
 *
398
 * @return
399
 *   TRUE if the current page can be cached, FALSE otherwise.
400
401
402
403
404
 */
function drupal_page_is_cacheable($allow_caching = NULL) {
  $allow_caching_static = &drupal_static(__FUNCTION__, TRUE);
  if (isset($allow_caching)) {
    $allow_caching_static = $allow_caching;
Dries's avatar
 
Dries committed
405
  }
406
407

  return $allow_caching_static && ($_SERVER['REQUEST_METHOD'] == 'GET' || $_SERVER['REQUEST_METHOD'] == 'HEAD')
408
    && !drupal_is_cli();
Dries's avatar
 
Dries committed
409
410
}

411
/**
412
 * Sets an HTTP response header for the current page.
413
414
415
416
417
 *
 * Note: When sending a Content-Type header, always include a 'charset' type,
 * too. This is necessary to avoid security bugs (e.g. UTF-7 XSS).
 *
 * @param $name
418
 *   The HTTP header name, or the special 'Status' header name.
419
 * @param $value
420
421
422
 *   The HTTP header value; if equal to FALSE, the specified header is unset.
 *   If $name is 'Status', this is expected to be a status code followed by a
 *   reason phrase, e.g. "404 Not Found".
423
424
 * @param $append
 *   Whether to append the value to an existing header or to replace it.
425
 *
426
427
428
 * @deprecated in Drupal 8.x-dev, will be removed before Drupal 8.0.
 *   Use \Symfony\Component\HttpFoundation\Response->headers->set().
 *   See https://drupal.org/node/2181523.
429
 */
430
function drupal_add_http_header($name, $value, $append = FALSE) {
431
  // The headers as name/value pairs.
432
  $headers = &drupal_static('drupal_http_headers', array());
433

434
  $name_lower = strtolower($name);
435
  _drupal_set_preferred_header_name($name);
436

437
  if ($value === FALSE) {
438
    $headers[$name_lower] = FALSE;
439
  }
440
  elseif (isset($headers[$name_lower]) && $append) {
441
442
    // Multiple headers with identical names may be combined using comma (RFC
    // 2616, section 4.2).
443
    $headers[$name_lower] .= ',' . $value;
444
445
  }
  else {
446
    $headers[$name_lower] = $value;
447
448
449
450
  }
}

/**
451
 * Gets the HTTP response headers for the current page.
452
453
454
455
 *
 * @param $name
 *   An HTTP header name. If omitted, all headers are returned as name/value
 *   pairs. If an array value is FALSE, the header has been unset.
456
 *
457
458
459
 * @return
 *   A string containing the header value, or FALSE if the header has been set,
 *   or NULL if the header has not been set.
460
 *
461
462
463
 * @deprecated in Drupal 8.x-dev, will be removed before Drupal 8.0.
 *   Use \Symfony\Component\HttpFoundation\Response->headers->get().
 *   See https://drupal.org/node/2181523.
464
 */
465
function drupal_get_http_header($name = NULL) {
466
  $headers = &drupal_static('drupal_http_headers', array());
467
468
469
470
471
472
473
474
475
476
  if (isset($name)) {
    $name = strtolower($name);
    return isset($headers[$name]) ? $headers[$name] : NULL;
  }
  else {
    return $headers;
  }
}

/**
477
478
 * Sets the preferred name for the HTTP header.
 *
479
 * Header names are case-insensitive, but for maximum compatibility they should
480
481
 * follow "common form" (see RFC 2616, section 4.2).
 *
482
483
 * @deprecated in Drupal 8.x-dev, will be removed before Drupal 8.0.
 *   See https://drupal.org/node/2181523.
484
485
486
487
488
489
490
491
492
493
494
 */
function _drupal_set_preferred_header_name($name = NULL) {
  static $header_names = array();

  if (!isset($name)) {
    return $header_names;
  }
  $header_names[strtolower($name)] = $name;
}

/**
495
496
497
498
 * Sends the HTTP response headers that were previously set, adding defaults.
 *
 * Headers are set in drupal_add_http_header(). Default headers are not set
 * if they have been replaced or unset using drupal_add_http_header().
499
 *
500
501
502
503
504
 * @param array $default_headers
 *   (optional) An array of headers as name/value pairs.
 * @param bool $only_default
 *   (optional) If TRUE and headers have already been sent, send only the
 *   specified headers.
505
 *
506
507
 * @deprecated in Drupal 8.x-dev, will be removed before Drupal 8.0.
 *   See https://drupal.org/node/2181523.
508
509
510
 */
function drupal_send_headers($default_headers = array(), $only_default = FALSE) {
  $headers_sent = &drupal_static(__FUNCTION__, FALSE);
511
  $headers = drupal_get_http_header();
512
513
514
515
516
517
518
519
520
521
522
523
524
525
  if ($only_default && $headers_sent) {
    $headers = array();
  }
  $headers_sent = TRUE;

  $header_names = _drupal_set_preferred_header_name();
  foreach ($default_headers as $name => $value) {
    $name_lower = strtolower($name);
    if (!isset($headers[$name_lower])) {
      $headers[$name_lower] = $value;
      $header_names[$name_lower] = $name;
    }
  }
  foreach ($headers as $name_lower => $value) {
526
    if ($name_lower == 'status') {
527
528
529
      header($_SERVER['SERVER_PROTOCOL'] . ' ' . $value);
    }
    // Skip headers that have been unset.
530
    elseif ($value !== FALSE) {
531
532
533
534
535
      header($header_names[$name_lower] . ': ' . $value);
    }
  }
}

Dries's avatar
   
Dries committed
536
/**
537
 * Sets HTTP headers in preparation for a page response.
538
 *
539
540
541
542
 * Authenticated users are always given a 'no-cache' header, and will fetch a
 * fresh page on every request. This prevents authenticated users from seeing
 * locally cached pages.
 *
543
 * Also give each page a unique ETag. This should force clients to include both
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
 * an If-Modified-Since header and an If-None-Match header when doing
 * conditional requests for the page (required by RFC 2616, section 13.3.4),
 * making the validation more robust. This is a workaround for a bug in Mozilla
 * Firefox that is triggered when Drupal's caching is enabled and the user
 * accesses Drupal via an HTTP proxy (see
 * https://bugzilla.mozilla.org/show_bug.cgi?id=269303): When an authenticated
 * user requests a page, and then logs out and requests the same page again,
 * Firefox may send a conditional request based on the page that was cached
 * locally when the user was logged in. If this page did not have an ETag
 * header, the request only contains an If-Modified-Since header. The date will
 * be recent, because with authenticated users the Last-Modified header always
 * refers to the time of the request. If the user accesses Drupal via a proxy
 * server, and the proxy already has a cached copy of the anonymous page with an
 * older Last-Modified date, the proxy may respond with 304 Not Modified, making
 * the client think that the anonymous and authenticated pageviews are
 * identical.
560
 *
561
 * @see drupal_page_set_cache()
562
 *
563
564
 * @deprecated in Drupal 8.x-dev, will be removed before Drupal 8.0.
 *   See https://drupal.org/node/2181523.
Dries's avatar
   
Dries committed
565
 */
Dries's avatar
 
Dries committed
566
function drupal_page_header() {
567
568
569
570
571
572
573
574
575
576
577
578
579
  $headers_sent = &drupal_static(__FUNCTION__, FALSE);
  if ($headers_sent) {
    return TRUE;
  }
  $headers_sent = TRUE;

  $default_headers = array(
    'Expires' => 'Sun, 19 Nov 1978 05:00:00 GMT',
    'Last-Modified' => gmdate(DATE_RFC1123, REQUEST_TIME),
    'Cache-Control' => 'no-cache, must-revalidate, post-check=0, pre-check=0',
    'ETag' => '"' . REQUEST_TIME . '"',
  );
  drupal_send_headers($default_headers);
580
}
Dries's avatar
   
Dries committed
581

582
/**
583
 * Sets HTTP headers in preparation for a cached page response.
584
 *
585
586
 * The headers allow as much as possible in proxies and browsers without any
 * particular knowledge about the pages. Modules can override these headers
587
 * using drupal_add_http_header().
588
 *
589
590
591
592
 * If the request is conditional (using If-Modified-Since and If-None-Match),
 * and the conditions match those currently in the cache, a 304 Not Modified
 * response is sent.
 */
593
594
595
596
597
598
599
600
601
602
603
function drupal_serve_page_from_cache(Response $response, Request $request) {
  // Only allow caching in the browser and prevent that the response is stored
  // by an external proxy server when the following conditions apply:
  // 1. There is a session cookie on the request.
  // 2. The Vary: Cookie header is on the response.
  // 3. The Cache-Control header does not contain the no-cache directive.
  if ($request->cookies->has(session_name()) &&
    in_array('Cookie', $response->getVary()) &&
    !$response->headers->hasCacheControlDirective('no-cache')) {

    $response->setPrivate();
604
605
  }

606
607
608
609
  // Negotiate whether to use compression.
  if ($response->headers->get('Content-Encoding') == 'gzip' && extension_loaded('zlib')) {
    if (strpos($request->headers->get('Accept-Encoding'), 'gzip') !== FALSE) {
      // The response content is already gzip'ed, so make sure
610
      // zlib.output_compression does not compress it once more.
611
      ini_set('zlib.output_compression', '0');
612
613
    }
    else {
614
615
616
617
618
619
      // The client does not support compression. Decompress the content and
      // remove the Content-Encoding header.
      $content = $response->getContent();
      $content = gzinflate(substr(substr($content, 10), 0, -8));
      $response->setContent($content);
      $response->headers->remove('Content-Encoding');
620
    }
621
622
  }

623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
  // Perform HTTP revalidation.
  // @todo Use Response::isNotModified() as per https://drupal.org/node/2259489
  $last_modified = $response->getLastModified();
  if ($last_modified) {
    // See if the client has provided the required HTTP headers.
    $if_modified_since = $request->server->has('HTTP_IF_MODIFIED_SINCE') ? strtotime($request->server->get('HTTP_IF_MODIFIED_SINCE')) : FALSE;
    $if_none_match = $request->server->has('HTTP_IF_NONE_MATCH') ? stripslashes($request->server->get('HTTP_IF_NONE_MATCH')) : FALSE;

    if ($if_modified_since && $if_none_match
      && $if_none_match == $response->getEtag() // etag must match
      && $if_modified_since == $last_modified->getTimestamp()) {  // if-modified-since must match
      $response->setStatusCode(304);
      $response->setContent(NULL);

      // In the case of a 304 response, certain headers must be sent, and the
      // remaining may not (see RFC 2616, section 10.3.5).
      foreach (array_keys($response->headers->all()) as $name) {
        if (!in_array($name, array('content-location', 'expires', 'cache-control', 'vary'))) {
          $response->headers->remove($name);
        }
      }
    }
  }
Dries's avatar
 
Dries committed
646
647
}

648
/**
649
 * Translates a string to the current language or to a given language.
650
 *
651
652
653
 * The t() function serves two purposes. First, at run-time it translates
 * user-visible text into the appropriate language. Second, various mechanisms
 * that figure out what text needs to be translated work off t() -- the text
654
655
656
657
658
 * inside t() calls is added to the database of strings to be translated.
 * These strings are expected to be in English, so the first argument should
 * always be in English. To enable a fully-translatable site, it is important
 * that all human-readable text that will be displayed on the site or sent to
 * a user is passed through the t() function, or a related function. See the
659
660
661
662
 * @link http://drupal.org/node/322729 Localization API @endlink pages for
 * more information, including recommendations on how to break up or not
 * break up strings for translation.
 *
663
 * @section sec_translating_vars Translating Variables
664
665
666
667
668
669
670
671
672
 * You should never use t() to translate variables, such as calling
 * @code t($text); @endcode, unless the text that the variable holds has been
 * passed through t() elsewhere (e.g., $text is one of several translated
 * literal strings in an array). It is especially important never to call
 * @code t($user_text); @endcode, where $user_text is some text that a user
 * entered - doing that can lead to cross-site scripting and other security
 * problems. However, you can use variable substitution in your string, to put
 * variable text such as user names or link URLs into translated text. Variable
 * substitution looks like this:
673
 * @code
674
 * $text = t("@name's blog", array('@name' => user_format_name($account)));
675
 * @endcode
676
 * Basically, you can put variables like @name into your string, and t() will
677
678
 * substitute their sanitized values at translation time. (See the
 * Localization API pages referenced above and the documentation of
679
680
681
 * format_string() for details about how to define variables in your string.)
 * Translators can then rearrange the string as necessary for the language
 * (e.g., in Spanish, it might be "blog de @name").
682
683
684
685
 *
 * @param $string
 *   A string containing the English string to translate.
 * @param $args
686
687
688
 *   An associative array of replacements to make after translation. Based
 *   on the first character of the key, the value is escaped and/or themed.
 *   See format_string() for details.
689
 * @param $options
690
691
692
693
694
 *   An associative array of additional options, with the following elements:
 *   - 'langcode' (defaults to the current language): The language code to
 *     translate to a language other than what is used to display the page.
 *   - 'context' (defaults to the empty context): The context the source string
 *     belongs to.
695
 *
696
697
 * @return
 *   The translated string.
698
 *
699
 * @see format_string()
700
 * @ingroup sanitization
701
702
 */
function t($string, array $args = array(), array $options = array()) {
703
  return \Drupal::translation()->translate($string, $args, $options);
704
705
706
}

/**
707
708
 * Formats a string for HTML display by replacing variable placeholders.
 *
709
 * @see \Drupal\Component\Utility\String::format()
710
711
712
713
 * @see t()
 * @ingroup sanitization
 */
function format_string($string, array $args = array()) {
714
  return String::format($string, $args);
715
716
}

Dries's avatar
Dries committed
717
/**
718
 * Encodes special characters in a plain-text string for display as HTML.
Gábor Hojtsy's avatar
Gábor Hojtsy committed
719
 *
720
 * @see drupal_validate_utf8()
721
 * @ingroup sanitization
722
 *
723
724
 * @deprecated in Drupal 8.x-dev, will be removed before Drupal 8.0.
 *   Use \Drupal\Component\Utility\String::checkPlain().
Dries's avatar
Dries committed
725
726
 */
function check_plain($text) {
727
  return String::checkPlain($text);
Gábor Hojtsy's avatar
Gábor Hojtsy committed
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
}

/**
 * Checks whether a string is valid UTF-8.
 *
 * All functions designed to filter input should use drupal_validate_utf8
 * to ensure they operate on valid UTF-8 strings to prevent bypass of the
 * filter.
 *
 * When text containing an invalid UTF-8 lead byte (0xC0 - 0xFF) is presented
 * as UTF-8 to Internet Explorer 6, the program may misinterpret subsequent
 * bytes. When these subsequent bytes are HTML control characters such as
 * quotes or angle brackets, parts of the text that were deemed safe by filters
 * end up in locations that are potentially unsafe; An onerror attribute that
 * is outside of a tag, and thus deemed safe by a filter, can be interpreted
 * by the browser as if it were inside the tag.
 *
745
746
 * The function does not return FALSE for strings containing character codes
 * above U+10FFFF, even though these are prohibited by RFC 3629.
Gábor Hojtsy's avatar
Gábor Hojtsy committed
747
748
749
 *
 * @param $text
 *   The text to check.
750
 *
Gábor Hojtsy's avatar
Gábor Hojtsy committed
751
752
 * @return
 *   TRUE if the text is valid UTF-8, FALSE if not.
753
754
 *
 * @see \Drupal\Component\Utility\Unicode::validateUtf8()
Gábor Hojtsy's avatar
Gábor Hojtsy committed
755
756
 */
function drupal_validate_utf8($text) {
757
  return Unicode::validateUtf8($text);
Dries's avatar
Dries committed
758
759
}

Dries's avatar
   
Dries committed
760
/**
761
762
763
764
 * Returns the equivalent of Apache's $_SERVER['REQUEST_URI'] variable.
 *
 * Because $_SERVER['REQUEST_URI'] is only available on Apache, we generate an
 * equivalent using other environment variables.
765
766
 *
 * @todo The above comment is incorrect: http://drupal.org/node/1547294.
Dries's avatar
   
Dries committed
767
 */
768
function request_uri($omit_query_string = FALSE) {
769
770
771
772
  if (isset($_SERVER['REQUEST_URI'])) {
    $uri = $_SERVER['REQUEST_URI'];
  }
  else {
773
    if (isset($_SERVER['argv'][0])) {
774
      $uri = $_SERVER['SCRIPT_NAME'] . '?' . $_SERVER['argv'][0];
775
    }
776
    elseif (isset($_SERVER['QUERY_STRING'])) {
777
      $uri = $_SERVER['SCRIPT_NAME'] . '?' . $_SERVER['QUERY_STRING'];
778
    }
779
780
781
    else {
      $uri = $_SERVER['SCRIPT_NAME'];
    }
Dries's avatar
 
Dries committed
782
  }
783
784
  // Prevent multiple slashes to avoid cross site requests via the Form API.
  $uri = '/' . ltrim($uri, '/');
785

786
  return $omit_query_string ? strtok($uri, '?') : $uri;
Dries's avatar
 
Dries committed
787
}
Dries's avatar
Dries committed
788

789
/**
790
 * Logs an exception.
791
792
793
794
795
796
797
798
799
800
 *
 * This is a wrapper function for watchdog() which automatically decodes an
 * exception.
 *
 * @param $type
 *   The category to which this message belongs.
 * @param $exception
 *   The exception that is going to be logged.
 * @param $message
 *   The message to store in the log. If empty, a text that contains all useful
801
 *   information about the passed-in exception is used.
802
 * @param $variables
803
804
805
 *   Array of variables to replace in the message on display or
 *   NULL if message is already translated or not possible to
 *   translate.
806
807
808
809
810
811
 * @param $severity
 *   The severity of the message, as per RFC 3164.
 * @param $link
 *   A link to associate with the message.
 *
 * @see watchdog()
812
 * @see \Drupal\Core\Utility\Error::decodeException()
813
 */
814
function watchdog_exception($type, Exception $exception, $message = NULL, $variables = array(), $severity = WATCHDOG_ERROR, $link = NULL) {
815
816
817

   // Use a default value if $message is not set.
   if (empty($message)) {
818
819
     // The exception message is run through
     // \Drupal\Component\Utility\String::checkPlain() by
820
     // \Drupal\Core\Utility\Error:decodeException().
821
     $message = '%type: !message in %function (line %line of %file).';
822
823
824
825
826
827
   }
   // $variables must be an array so that we can add the exception information.
   if (!is_array($variables)) {
     $variables = array();
   }

828
   $variables += Error::decodeException($exception);
829
830
831
   watchdog($type, $message, $variables, $severity, $link);
}

Dries's avatar
   
Dries committed
832
/**
833
 * Logs a system message.
Dries's avatar
   
Dries committed
834
835
 *
 * @param $type
836
837
 *   The category to which this message belongs. Can be any string, but the
 *   general practice is to use the name of the module calling watchdog().
Dries's avatar
   
Dries committed
838
 * @param $message
839
840
841
842
843
 *   The message to store in the log. Keep $message translatable
 *   by not concatenating dynamic values into it! Variables in the
 *   message should be added by using placeholder strings alongside
 *   the variables argument to declare the value of the placeholders.
 *   See t() for documentation on how $message and $variables interact.
844
 * @param $variables
845
846
 *   Array of variables to replace in the message on display or array() if
 *   message is already translated or not possible to translate.
847
 * @param $severity
848
849
850
851
852
853
854
855
856
857
 *   The severity of the message; one of the following values as defined in
 *   @link http://www.faqs.org/rfcs/rfc3164.html RFC 3164: @endlink
 *   - WATCHDOG_EMERGENCY: Emergency, system is unusable.
 *   - WATCHDOG_ALERT: Alert, action must be taken immediately.
 *   - WATCHDOG_CRITICAL: Critical conditions.
 *   - WATCHDOG_ERROR: Error conditions.
 *   - WATCHDOG_WARNING: Warning conditions.
 *   - WATCHDOG_NOTICE: (default) Normal but significant conditions.
 *   - WATCHDOG_INFO: Informational messages.
 *   - WATCHDOG_DEBUG: Debug-level messages.
Dries's avatar
   
Dries committed
858
859
 * @param $link
 *   A link to associate with the message.
860
 *
861
862
863
864
 * @deprecated in Drupal 8.x-dev, will be removed before Drupal 8.0.
 *   Use \Drupal::logger($channel)->log($severity, $message, $context), or any
 *   of the shortcut methods of \Psr\Log\LoggerTrait.
 *
865
 * @see watchdog_severity_levels()
866
 * @see hook_watchdog()
Dries's avatar
   
Dries committed
867
 */
868
869
870
function watchdog($type, $message, array $variables = array(), $severity = WATCHDOG_NOTICE, $link = NULL) {
  if ($link) {
    $variables['link'] = $link;
871
  }
872
  \Drupal::service('logger.factory')->get($type)->log($severity, $message, $variables);
Dries's avatar
   
Dries committed
873
874
}

Dries's avatar
   
Dries committed
875
/**
876
 * Sets a message to display to the user.
Dries's avatar
   
Dries committed
877
 *
878
879
 * Messages are stored in a session variable and displayed in the page template
 * via the $messages theme variable.
Dries's avatar
   
Dries committed
880
 *
881
882
883
884
885
886
887
888
889
890
891
892
 * Example usage:
 * @code
 * drupal_set_message(t('An error occurred and processing did not complete.'), 'error');
 * @endcode
 *
 * @param string $message
 *   (optional) The translated message to be displayed to the user. For
 *   consistency with other messages, it should begin with a capital letter and
 *   end with a period.
 * @param string $type
 *   (optional) The message's type. Defaults to 'status'. These values are
 *   supported:
893
 *   - 'status'
894
 *   - 'warning'
895
 *   - 'error'
896
897
 * @param bool $repeat
 *   (optional) If this is FALSE and the message is already set, then the
898
 *   message won't be repeated. Defaults to FALSE.
899
900
901
902
903
904
905
906
 *
 * @return array|null
 *   A multidimensional array with keys corresponding to the set message types.
 *   The indexed array values of each contain the set messages for that type.
 *   Or, if there are no messages set, the function returns NULL.
 *
 * @see drupal_get_messages()
 * @see theme_status_messages()
Dries's avatar
   
Dries committed
907
 */
908
function drupal_set_message($message = NULL, $type = 'status', $repeat = FALSE) {
909
  if ($message) {
Dries's avatar
   
Dries committed
910
911
912
913
    if (!isset($_SESSION['messages'][$type])) {
      $_SESSION['messages'][$type] = array();
    }

914
915
916
    if ($repeat || !in_array($message, $_SESSION['messages'][$type])) {
      $_SESSION['messages'][$type][] = $message;
    }
917

918
    // Mark this page as being uncacheable.
919
    drupal_page_is_cacheable(FALSE);
920
921
  }

922
  // Messages not set when DB connection fails.
923
  return isset($_SESSION['messages']) ? $_SESSION['messages'] : NULL;
924
925
}

Dries's avatar
   
Dries committed
926
/**
927
 * Returns all messages that have been set with drupal_set_message().
Dries's avatar
   
Dries committed
928
 *
929
930
931
932
933
934
935
936
937
938
939
 * @param string $type
 *   (optional) Limit the messages returned by type. Defaults to NULL, meaning
 *   all types. These values are supported:
 *   - NULL
 *   - 'status'
 *   - 'warning'
 *   - 'error'
 * @param bool $clear_queue
 *   (optional) If this is TRUE, the queue will be cleared of messages of the
 *   type specified in the $type parameter. Otherwise the queue will be left
 *   intact. Defaults to TRUE.
940
 *
941
942
943
944
945
946
947
948
949
 * @return array
 *   A multidimensional array with keys corresponding to the set message types.
 *   The indexed array values of each contain the set messages for that type.
 *   The messages returned are limited to the type specified in the $type
 *   parameter. If there are no messages of the specified type, an empty array
 *   is returned.
 *
 * @see drupal_set_message()
 * @see theme_status_messages()
Dries's avatar
   
Dries committed
950
 */
951
function drupal_get_messages($type = NULL, $clear_queue = TRUE) {
952
  if ($messages = drupal_set_message()) {
953
    if ($type) {
954
      if ($clear_queue) {
955
        unset($_SESSION['messages'][$type]);
956
      }
957
958
959
      if (isset($messages[$type])) {
        return array($type => $messages[$type]);
      }
960
961
    }
    else {
962
      if ($clear_queue) {
963
        unset($_SESSION['messages']);
964
      }
965
966
      return $messages;
    }
967
  }
968
  return array();
969
970
}

971
/**
972
973
974
975
976
977
978
979
 * Ensures Drupal is bootstrapped to the specified phase.
 *
 * In order to bootstrap Drupal from another PHP script, you can use this code:
 * @code
 *   require_once '/path/to/drupal/core/vendor/autoload.php';
 *   require_once '/path/to/drupal/core/includes/bootstrap.inc';
 *   drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL);
 * @endcode
980
981
 *
 * @param $phase
982
 *   A constant telling which phase to bootstrap to. Possible values:
983
 *   - DRUPAL_BOOTSTRAP_CONFIGURATION: Initializes configuration.
984
 *   - DRUPAL_BOOTSTRAP_KERNEL: Initalizes a kernel.
985
 *
986
 * @return int
987
 *   The most recently completed phase.
988
989
990
 *
 * @deprecated in Drupal 8.x-dev, will be removed before Drupal 8.0.
 *   Interact directly with the kernel.
991
 */
992
function drupal_bootstrap($phase = NULL) {
993
994
995
996
997
  // Temporary variables used for booting later legacy phases.
  /** @var \Drupal\Core\DrupalKernel $kernel */
  static $kernel;
  static $boot_level = 0;

998
  if (isset($phase)) {
999
1000
    $request = Request::createFromGlobals();
    for ($current_phase = $boot_level; $current_phase <= $phase; $current_phase++) {
1001

1002
1003
      switch ($current_phase) {
        case DRUPAL_BOOTSTRAP_CONFIGURATION:
catch's avatar