bootstrap.inc 39.9 KB
Newer Older
1
<?php
2 3 4 5
/**
 * @file
 * Functions that need to be loaded on every Drupal request.
 */
Dries's avatar
 
Dries committed
6

7
use Drupal\Component\Datetime\DateTimePlus;
8
use Drupal\Component\Utility\Crypt;
9
use Drupal\Component\Utility\Environment;
10
use Drupal\Component\Utility\SafeMarkup;
11
use Drupal\Component\Utility\Unicode;
12
use Drupal\Core\DrupalKernel;
13
use Drupal\Core\Extension\ExtensionDiscovery;
14
use Drupal\Core\Logger\RfcLogLevel;
15
use Drupal\Core\Session\AccountInterface;
16
use Drupal\Core\Site\Settings;
17
use Drupal\Core\Utility\Error;
18
use Symfony\Component\ClassLoader\ApcClassLoader;
19
use Symfony\Component\HttpFoundation\Request;
20
use Symfony\Component\HttpFoundation\Response;
21
use Drupal\Core\Language\LanguageInterface;
22

23 24
/**
 * Minimum supported version of PHP.
25
 */
26
const DRUPAL_MINIMUM_PHP = '5.5.9';
27 28 29

/**
 * Minimum recommended value of PHP memory_limit.
30
 *
31 32 33
 * 64M was chosen as a minimum requirement in order to allow for additional
 * contributed modules to be installed prior to hitting the limit. However,
 * 40M is the target for the Standard installation profile.
34
 */
35
const DRUPAL_MINIMUM_PHP_MEMORY_LIMIT = '64M';
36

37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56
/**
 * Error reporting level: display no errors.
 */
const ERROR_REPORTING_HIDE = 'hide';

/**
 * Error reporting level: display errors and warnings.
 */
const ERROR_REPORTING_DISPLAY_SOME = 'some';

/**
 * Error reporting level: display all messages.
 */
const ERROR_REPORTING_DISPLAY_ALL = 'all';

/**
 * Error reporting level: display all messages, plus backtrace information.
 */
const ERROR_REPORTING_DISPLAY_VERBOSE = 'verbose';

57 58
/**
 * Role ID for anonymous users; should match what's in the "role" table.
59 60 61 62
 *
 * @deprecated in Drupal 8.0.0, will be removed before Drupal 9.0.0.
 *   Use Drupal\Core\Session\AccountInterface::ANONYMOUS_ROLE or
 *   \Drupal\user\RoleInterface::ANONYMOUS_ID instead.
63
 */
64
const DRUPAL_ANONYMOUS_RID = AccountInterface::ANONYMOUS_ROLE;
65 66 67

/**
 * Role ID for authenticated users; should match what's in the "role" table.
68 69 70 71
 *
 * @deprecated in Drupal 8.0.0, will be removed before Drupal 9.0.0.
 *   Use Drupal\Core\Session\AccountInterface::AUTHENTICATED_ROLE or
 *   \Drupal\user\RoleInterface::AUTHENTICATED_ID instead.
72
 */
73
const DRUPAL_AUTHENTICATED_RID = AccountInterface::AUTHENTICATED_ROLE;
74

75 76 77 78 79
/**
 * The maximum number of characters in a module or theme name.
 */
const DRUPAL_EXTENSION_NAME_MAX_LENGTH = 50;

80
/**
81
 * Time of the current request in seconds elapsed since the Unix Epoch.
82
 *
83 84 85 86 87 88
 * This differs from $_SERVER['REQUEST_TIME'], which is stored as a float
 * since PHP 5.4.0. Float timestamps confuse most PHP functions
 * (including date_create()).
 *
 * @see http://php.net/manual/reserved.variables.server.php
 * @see http://php.net/manual/function.time.php
89
 */
90
define('REQUEST_TIME', (int) $_SERVER['REQUEST_TIME']);
91

92 93 94
/**
 * Regular expression to match PHP function names.
 *
95
 * @see http://php.net/manual/language.functions.php
96
 */
97
const DRUPAL_PHP_FUNCTION_PATTERN = '[a-zA-Z_\x7f-\xff][a-zA-Z0-9_\x7f-\xff]*';
98

99 100 101
/**
 * $config_directories key for active directory.
 *
102
 * @see config_get_config_directory()
103 104 105 106 107 108
 */
const CONFIG_ACTIVE_DIRECTORY = 'active';

/**
 * $config_directories key for staging directory.
 *
109
 * @see config_get_config_directory()
110 111 112
 */
const CONFIG_STAGING_DIRECTORY = 'staging';

113 114 115 116 117 118 119
/**
 * Defines the root directory of the Drupal installation.
 *
 * This strips two levels of directories off the current directory.
 */
define('DRUPAL_ROOT', dirname(dirname(__DIR__)));

Dries's avatar
 
Dries committed
120
/**
121
 * Returns the appropriate configuration directory.
Dries's avatar
 
Dries committed
122
 *
123
 * @param bool $require_settings
124 125 126 127
 *   Only configuration directories with an existing settings.php file
 *   will be recognized. Defaults to TRUE. During initial installation,
 *   this is set to FALSE so that Drupal can detect a matching directory,
 *   then create a new settings.php file in it.
128
 * @param bool $reset
129
 *   Force a full search for matching directories even if one had been
130
 *   found previously. Defaults to FALSE.
131 132 133
 * @param \Symfony\Component\HttpFoundation\Request $request
 *   (optional) The current request. Defaults to \Drupal::request() or a new
 *   request created from globals.
134
 *
135 136
 * @return string
 *   The path of the matching directory.@see default.settings.php
137
 *
138 139 140 141 142 143 144 145 146 147 148 149 150 151
 * @deprecated in Drupal 8.x-dev, will be removed before Drupal 8.0.
 *   Use \Drupal\Core\DrupalKernel::getSitePath() instead. If the kernel is
 *   unavailable or the site path needs to be recalculated then
 *   Drupal\Core\DrupalKernel::findSitePath() can be used.
 */
function conf_path($require_settings = TRUE, $reset = FALSE, Request $request = NULL) {
  if (!isset($request)) {
    if (\Drupal::hasRequest()) {
      $request = \Drupal::request();
    }
    // @todo Remove once external CLI scripts (Drush) are updated.
    else {
      $request = Request::createFromGlobals();
    }
152
  }
153 154
  if (\Drupal::hasService('kernel')) {
    $site_path = \Drupal::service('kernel')->getSitePath();
155
  }
156 157
  if (!isset($site_path) || empty($site_path)) {
    $site_path = DrupalKernel::findSitePath($request, $require_settings);
Dries's avatar
 
Dries committed
158
  }
159
  return $site_path;
Dries's avatar
 
Dries committed
160
}
161
/**
162 163 164 165 166
 * Returns the path of a configuration directory.
 *
 * @param string $type
 *   (optional) The type of config directory to return. Drupal core provides
 *   'active' and 'staging'. Defaults to CONFIG_ACTIVE_DIRECTORY.
167 168 169 170
 *
 * @return string
 *   The configuration directory path.
 */
171 172
function config_get_config_directory($type = CONFIG_ACTIVE_DIRECTORY) {
  global $config_directories;
173

174
  if (!empty($config_directories[$type])) {
175
    return $config_directories[$type];
176
  }
177
  throw new \Exception("The configuration directory type '$type' does not exist");
178 179
}

Dries's avatar
Dries committed
180
/**
181 182 183 184
 * Returns and optionally sets the filename for a system resource.
 *
 * The filename, whether provided, cached, or retrieved from the database, is
 * only returned if the file exists.
Dries's avatar
Dries committed
185
 *
Dries's avatar
Dries committed
186 187
 * This function plays a key role in allowing Drupal's resources (modules
 * and themes) to be located in different places depending on a site's
188
 * configuration. For example, a module 'foo' may legally be located
Dries's avatar
Dries committed
189 190
 * in any of these three places:
 *
191 192 193
 * core/modules/foo/foo.info.yml
 * modules/foo/foo.info.yml
 * sites/example.com/modules/foo/foo.info.yml
Dries's avatar
Dries committed
194 195 196 197
 *
 * Calling drupal_get_filename('module', 'foo') will give you one of
 * the above, depending on where the module is located.
 *
Dries's avatar
Dries committed
198
 * @param $type
199 200
 *   The type of the item; one of 'core', 'profile', 'module', 'theme', or
 *   'theme_engine'.
Dries's avatar
Dries committed
201
 * @param $name
202 203
 *   The name of the item for which the filename is requested. Ignored for
 *   $type 'core'.
Dries's avatar
Dries committed
204 205 206 207 208
 * @param $filename
 *   The filename of the item if it is to be set explicitly rather
 *   than by consulting the database.
 *
 * @return
209
 *   The filename of the requested item or NULL if the item is not found.
Dries's avatar
Dries committed
210
 */
Dries's avatar
Dries committed
211
function drupal_get_filename($type, $name, $filename = NULL) {
212 213
  // The location of files will not change during the request, so do not use
  // drupal_static().
214
  static $files = array();
Dries's avatar
Dries committed
215

216 217 218 219 220 221 222 223
  // Type 'core' only exists to simplify application-level logic; it always maps
  // to the /core directory, whereas $name is ignored. It is only requested via
  // drupal_get_path(). /core/core.info.yml does not exist, but is required
  // since drupal_get_path() returns the dirname() of the returned pathname.
  if ($type === 'core') {
    return 'core/core.info.yml';
  }

224 225 226
  // Profiles are converted into modules in system_rebuild_module_data().
  // @todo Remove false-exposure of profiles as modules.
  $original_type = $type;
227
  if ($type == 'profile') {
228
    $type = 'module';
229
  }
230
  if (!isset($files[$type])) {
Dries's avatar
Dries committed
231 232 233
    $files[$type] = array();
  }

234
  if (isset($filename)) {
Dries's avatar
Dries committed
235 236
    $files[$type][$name] = $filename;
  }
237 238 239 240 241 242
  elseif (!isset($files[$type][$name])) {
    // If the pathname of the requested extension is not known, try to retrieve
    // the list of extension pathnames from various providers, checking faster
    // providers first.
    // Retrieve the current module list (derived from the service container).
    if ($type == 'module' && \Drupal::hasService('module_handler')) {
243 244 245
      foreach (\Drupal::moduleHandler()->getModuleList() as $module_name => $module) {
        $files[$type][$module_name] = $module->getPathname();
      }
246 247
    }
    // If still unknown, retrieve the file list prepared in state by
248 249
    // system_rebuild_module_data() and
    // \Drupal\Core\Extension\ThemeHandlerInterface::rebuildThemeData().
250 251
    if (!isset($files[$type][$name]) && \Drupal::hasService('state')) {
      $files[$type] += \Drupal::state()->get('system.' . $type . '.files', array());
252
    }
253
    // If still unknown, create a user-level error message.
254
    if (!isset($files[$type][$name])) {
255
      trigger_error(SafeMarkup::format('The following @type is missing from the file system: @name', array('@type' => $type, '@name' => $name)), E_USER_WARNING);
Dries's avatar
Dries committed
256 257 258
    }
  }

259 260 261
  if (isset($files[$type][$name])) {
    return $files[$type][$name];
  }
Dries's avatar
Dries committed
262 263
}

264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280
/**
 * Returns the path to a system item (module, theme, etc.).
 *
 * @param $type
 *   The type of the item; one of 'core', 'profile', 'module', 'theme', or
 *   'theme_engine'.
 * @param $name
 *   The name of the item for which the path is requested. Ignored for
 *   $type 'core'.
 *
 * @return
 *   The path to the requested item or an empty string if the item is not found.
 */
function drupal_get_path($type, $name) {
  return dirname(drupal_get_filename($type, $name));
}

281
/**
282
 * Sets an HTTP response header for the current page.
283 284 285 286 287
 *
 * Note: When sending a Content-Type header, always include a 'charset' type,
 * too. This is necessary to avoid security bugs (e.g. UTF-7 XSS).
 *
 * @param $name
288
 *   The HTTP header name, or the special 'Status' header name.
289
 * @param $value
290 291 292
 *   The HTTP header value; if equal to FALSE, the specified header is unset.
 *   If $name is 'Status', this is expected to be a status code followed by a
 *   reason phrase, e.g. "404 Not Found".
293 294
 * @param $append
 *   Whether to append the value to an existing header or to replace it.
295
 *
296 297
 * @deprecated in Drupal 8.x-dev, will be removed before Drupal 8.0.
 *   Use \Symfony\Component\HttpFoundation\Response->headers->set().
298
 *   See https://www.drupal.org/node/2181523.
299
 */
300
function _drupal_add_http_header($name, $value, $append = FALSE) {
301
  // The headers as name/value pairs.
302
  $headers = &drupal_static('drupal_http_headers', array());
303

304
  $name_lower = strtolower($name);
305
  _drupal_set_preferred_header_name($name);
306

307
  if ($value === FALSE) {
308
    $headers[$name_lower] = FALSE;
309
  }
310
  elseif (isset($headers[$name_lower]) && $append) {
311 312
    // Multiple headers with identical names may be combined using comma (RFC
    // 2616, section 4.2).
313
    $headers[$name_lower] .= ',' . $value;
314 315
  }
  else {
316
    $headers[$name_lower] = $value;
317 318 319 320
  }
}

/**
321
 * Gets the HTTP response headers for the current page.
322 323 324 325
 *
 * @param $name
 *   An HTTP header name. If omitted, all headers are returned as name/value
 *   pairs. If an array value is FALSE, the header has been unset.
326
 *
327 328 329
 * @return
 *   A string containing the header value, or FALSE if the header has been set,
 *   or NULL if the header has not been set.
330
 *
331 332
 * @deprecated in Drupal 8.x-dev, will be removed before Drupal 8.0.
 *   Use \Symfony\Component\HttpFoundation\Response->headers->get().
333
 *   See https://www.drupal.org/node/2181523.
334
 */
335
function drupal_get_http_header($name = NULL) {
336
  $headers = &drupal_static('drupal_http_headers', array());
337 338 339 340 341 342 343 344 345 346
  if (isset($name)) {
    $name = strtolower($name);
    return isset($headers[$name]) ? $headers[$name] : NULL;
  }
  else {
    return $headers;
  }
}

/**
347 348
 * Sets the preferred name for the HTTP header.
 *
349
 * Header names are case-insensitive, but for maximum compatibility they should
350 351
 * follow "common form" (see RFC 2616, section 4.2).
 *
352
 * @deprecated in Drupal 8.x-dev, will be removed before Drupal 8.0.
353
 *   See https://www.drupal.org/node/2181523.
354 355 356 357 358 359 360 361 362 363
 */
function _drupal_set_preferred_header_name($name = NULL) {
  static $header_names = array();

  if (!isset($name)) {
    return $header_names;
  }
  $header_names[strtolower($name)] = $name;
}

364
/**
365
 * Translates a string to the current language or to a given language.
366
 *
367 368 369
 * The t() function serves two purposes. First, at run-time it translates
 * user-visible text into the appropriate language. Second, various mechanisms
 * that figure out what text needs to be translated work off t() -- the text
370 371 372 373 374
 * inside t() calls is added to the database of strings to be translated.
 * These strings are expected to be in English, so the first argument should
 * always be in English. To enable a fully-translatable site, it is important
 * that all human-readable text that will be displayed on the site or sent to
 * a user is passed through the t() function, or a related function. See the
375
 * @link https://www.drupal.org/node/322729 Localization API @endlink pages for
376 377 378
 * more information, including recommendations on how to break up or not
 * break up strings for translation.
 *
379
 * @section sec_translating_vars Translating Variables
380 381 382 383 384 385 386 387 388
 * You should never use t() to translate variables, such as calling t($text)
 * unless the text that the variable holds has been passed through t()
 * elsewhere (e.g., $text is one of several translated literal strings in an
 * array). It is especially important never to call t($user_text) where
 * $user_text is some text that a user entered - doing that can lead to
 * cross-site scripting and other security problems. However, you can use
 * variable substitution in your string, to put variable text such as user
 * names or link URLs into translated text. Variable substitution looks like
 * this:
389
 * @code
390
 * $text = t("@name's blog", array('@name' => user_format_name($account)));
391
 * @endcode
392
 * Basically, you can put variables like @name into your string, and t() will
393 394
 * substitute their sanitized values at translation time. (See the
 * Localization API pages referenced above and the documentation of
395 396 397 398
 * \Drupal\Component\Utility\SafeMarkup::format() for details about how to
 * define variables in your string.). Translators can then rearrange the string
 * as necessary for the language (e.g., in Spanish, it might be "blog de
 * @name").
399 400 401 402
 *
 * @param $string
 *   A string containing the English string to translate.
 * @param $args
403 404
 *   An associative array of replacements to make after translation. Based
 *   on the first character of the key, the value is escaped and/or themed.
405
 *   See \Drupal\Component\Utility\SafeMarkup::format() for details.
406
 * @param $options
407 408 409 410 411
 *   An associative array of additional options, with the following elements:
 *   - 'langcode' (defaults to the current language): The language code to
 *     translate to a language other than what is used to display the page.
 *   - 'context' (defaults to the empty context): The context the source string
 *     belongs to.
412
 *
413 414
 * @return
 *   The translated string.
415
 *
416
 * @see \Drupal\Component\Utility\SafeMarkup::format()
417
 * @ingroup sanitization
418 419
 */
function t($string, array $args = array(), array $options = array()) {
420
  return \Drupal::translation()->translate($string, $args, $options);
421 422 423
}

/**
424 425
 * Formats a string for HTML display by replacing variable placeholders.
 *
426
 * @see \Drupal\Component\Utility\SafeMarkup::format()
427 428 429 430
 * @see t()
 * @ingroup sanitization
 */
function format_string($string, array $args = array()) {
431
  return SafeMarkup::format($string, $args);
432 433
}

Gábor Hojtsy's avatar
Gábor Hojtsy committed
434 435 436 437 438 439 440 441 442 443 444 445 446 447 448
/**
 * Checks whether a string is valid UTF-8.
 *
 * All functions designed to filter input should use drupal_validate_utf8
 * to ensure they operate on valid UTF-8 strings to prevent bypass of the
 * filter.
 *
 * When text containing an invalid UTF-8 lead byte (0xC0 - 0xFF) is presented
 * as UTF-8 to Internet Explorer 6, the program may misinterpret subsequent
 * bytes. When these subsequent bytes are HTML control characters such as
 * quotes or angle brackets, parts of the text that were deemed safe by filters
 * end up in locations that are potentially unsafe; An onerror attribute that
 * is outside of a tag, and thus deemed safe by a filter, can be interpreted
 * by the browser as if it were inside the tag.
 *
449 450
 * The function does not return FALSE for strings containing character codes
 * above U+10FFFF, even though these are prohibited by RFC 3629.
Gábor Hojtsy's avatar
Gábor Hojtsy committed
451 452 453
 *
 * @param $text
 *   The text to check.
454
 *
Gábor Hojtsy's avatar
Gábor Hojtsy committed
455 456
 * @return
 *   TRUE if the text is valid UTF-8, FALSE if not.
457 458
 *
 * @see \Drupal\Component\Utility\Unicode::validateUtf8()
Gábor Hojtsy's avatar
Gábor Hojtsy committed
459 460
 */
function drupal_validate_utf8($text) {
461
  return Unicode::validateUtf8($text);
Dries's avatar
Dries committed
462 463
}

464
/**
465
 * Logs an exception.
466
 *
467
 * This is a wrapper logging function which automatically decodes an exception.
468 469 470 471 472 473 474
 *
 * @param $type
 *   The category to which this message belongs.
 * @param $exception
 *   The exception that is going to be logged.
 * @param $message
 *   The message to store in the log. If empty, a text that contains all useful
475
 *   information about the passed-in exception is used.
476
 * @param $variables
477 478 479
 *   Array of variables to replace in the message on display or
 *   NULL if message is already translated or not possible to
 *   translate.
480 481 482 483 484
 * @param $severity
 *   The severity of the message, as per RFC 3164.
 * @param $link
 *   A link to associate with the message.
 *
485
 * @see \Drupal\Core\Utility\Error::decodeException()
486
 */
487
function watchdog_exception($type, Exception $exception, $message = NULL, $variables = array(), $severity = RfcLogLevel::ERROR, $link = NULL) {
488

489 490 491
  // Use a default value if $message is not set.
  if (empty($message)) {
    // The exception message is run through
492
    // \Drupal\Component\Utility\SafeMarkup::checkPlain() by
493 494 495 496 497 498 499 500 501 502 503
    // \Drupal\Core\Utility\Error:decodeException().
    $message = '%type: !message in %function (line %line of %file).';
  }

  if ($link) {
    $variables['link'] = $link;
  }

  $variables += Error::decodeException($exception);

  \Drupal::logger($type)->log($severity, $message, $variables);
504 505
}

Dries's avatar
 
Dries committed
506
/**
507
 * Sets a message to display to the user.
Dries's avatar
 
Dries committed
508
 *
509 510
 * Messages are stored in a session variable and displayed in the page template
 * via the $messages theme variable.
Dries's avatar
 
Dries committed
511
 *
512 513 514 515 516 517 518 519 520 521 522 523
 * Example usage:
 * @code
 * drupal_set_message(t('An error occurred and processing did not complete.'), 'error');
 * @endcode
 *
 * @param string $message
 *   (optional) The translated message to be displayed to the user. For
 *   consistency with other messages, it should begin with a capital letter and
 *   end with a period.
 * @param string $type
 *   (optional) The message's type. Defaults to 'status'. These values are
 *   supported:
524
 *   - 'status'
525
 *   - 'warning'
526
 *   - 'error'
527 528
 * @param bool $repeat
 *   (optional) If this is FALSE and the message is already set, then the
529
 *   message won't be repeated. Defaults to FALSE.
530 531 532
 *
 * @return array|null
 *   A multidimensional array with keys corresponding to the set message types.
533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553
 *   The indexed array values of each contain the set messages for that type,
 *   and each message is an associative array with the following format:
 *   - safe: Boolean indicating whether the message string has been marked as
 *     safe. Non-safe strings will be escaped automatically.
 *   - message: The message string.
 *   So, the following is an example of the full return array structure:
 *   @code
 *     array(
 *       'status' => array(
 *         array(
 *           'safe' => TRUE,
 *           'message' => 'A <em>safe</em> markup string.',
 *         ),
 *         array(
 *           'safe' => FALSE,
 *           'message' => "$arbitrary_user_input to escape.",
 *         ),
 *       ),
 *     );
 *   @endcode
 *   If there are no messages set, the function returns NULL.
554 555
 *
 * @see drupal_get_messages()
556
 * @see status-messages.html.twig
Dries's avatar
 
Dries committed
557
 */
558
function drupal_set_message($message = NULL, $type = 'status', $repeat = FALSE) {
559
  if (isset($message)) {
Dries's avatar
 
Dries committed
560 561 562 563
    if (!isset($_SESSION['messages'][$type])) {
      $_SESSION['messages'][$type] = array();
    }

564 565
    $new = array(
      'safe' => SafeMarkup::isSafe($message),
566
      'message' => (string) $message,
567 568 569
    );
    if ($repeat || !in_array($new, $_SESSION['messages'][$type])) {
      $_SESSION['messages'][$type][] = $new;
570
    }
571

572
    // Mark this page as being uncacheable.
573
    \Drupal::service('page_cache_kill_switch')->trigger();
574 575
  }

576
  // Messages not set when DB connection fails.
577
  return isset($_SESSION['messages']) ? $_SESSION['messages'] : NULL;
578 579
}

Dries's avatar
 
Dries committed
580
/**
581
 * Returns all messages that have been set with drupal_set_message().
Dries's avatar
 
Dries committed
582
 *
583 584 585 586 587 588 589 590 591 592 593
 * @param string $type
 *   (optional) Limit the messages returned by type. Defaults to NULL, meaning
 *   all types. These values are supported:
 *   - NULL
 *   - 'status'
 *   - 'warning'
 *   - 'error'
 * @param bool $clear_queue
 *   (optional) If this is TRUE, the queue will be cleared of messages of the
 *   type specified in the $type parameter. Otherwise the queue will be left
 *   intact. Defaults to TRUE.
594
 *
595
 * @return array
596 597 598 599
 *   An associative, nested array of messages grouped by message type, with
 *   the top-level keys as the message type. The messages returned are
 *   limited to the type specified in the $type parameter, if any. If there
 *   are no messages of the specified type, an empty array is returned. See
600
 *   drupal_set_message() for the array structure of individual messages.
601 602
 *
 * @see drupal_set_message()
603
 * @see status-messages.html.twig
Dries's avatar
 
Dries committed
604
 */
605
function drupal_get_messages($type = NULL, $clear_queue = TRUE) {
606
  if ($messages = drupal_set_message()) {
607 608
    foreach ($messages as $message_type => $message_typed_messages) {
      foreach ($message_typed_messages as $key => $message) {
609 610 611 612
        // Because the messages are stored in the session, the safe status of
        // the messages also needs to be stored in the session. We retrieve the
        // safe status here and determine whether to mark the string as safe or
        // let autoescape do its thing. See drupal_set_message().
613 614 615 616 617 618
        if ($message['safe']) {
          $message['message'] = SafeMarkup::set($message['message']);
        }
        $messages[$message_type][$key] = $message['message'];
      }
    }
619
    if ($type) {
620
      if ($clear_queue) {
621
        unset($_SESSION['messages'][$type]);
622
      }
623 624 625
      if (isset($messages[$type])) {
        return array($type => $messages[$type]);
      }
626 627
    }
    else {
628
      if ($clear_queue) {
629
        unset($_SESSION['messages']);
630
      }
631 632
      return $messages;
    }
633
  }
634
  return array();
635 636
}

637
/**
638
 * Returns the time zone of the current user.
639 640
 */
function drupal_get_user_timezone() {
641
  $user = \Drupal::currentUser();
642
  $config = \Drupal::config('system.date');
643

644
  if ($user && $config->get('timezone.user.configurable') && $user->isAuthenticated() && $user->getTimezone()) {
645
    return $user->getTimezone();
646 647
  }
  else {
648 649
    // Ignore PHP strict notice if time zone has not yet been set in the php.ini
    // configuration.
650
    $config_data_default_timezone = $config->get('timezone.default');
651
    return !empty($config_data_default_timezone) ? $config_data_default_timezone : @date_default_timezone_get();
652 653 654
  }
}

655
/**
656
 * Provides custom PHP error handling.
657 658 659 660 661 662 663 664 665 666
 *
 * @param $error_level
 *   The level of the error raised.
 * @param $message
 *   The error message.
 * @param $filename
 *   The filename that the error was raised in.
 * @param $line
 *   The line number the error was raised at.
 * @param $context
667 668
 *   An array that points to the active symbol table at the point the error
 *   occurred.
669 670
 */
function _drupal_error_handler($error_level, $message, $filename, $line, $context) {
671
  require_once __DIR__ . '/errors.inc';
672 673 674 675
  _drupal_error_handler_real($error_level, $message, $filename, $line, $context);
}

/**
676
 * Provides custom PHP exception handling.
677 678 679 680 681
 *
 * Uncaught exceptions are those not enclosed in a try/catch block. They are
 * always fatal: the execution of the script will stop as soon as the exception
 * handler exits.
 *
682
 * @param \Exception|\Throwable $exception
683 684 685
 *   The exception object that was thrown.
 */
function _drupal_exception_handler($exception) {
686
  require_once __DIR__ . '/errors.inc';
687 688 689

  try {
    // Log the message to the watchdog and return an error page to the user.
690
    _drupal_log_error(Error::decodeException($exception), TRUE);
691
  }
692 693 694 695
  // PHP 7 introduces Throwable, which covers both Error and
  // Exception throwables.
  catch (\Throwable $error) {
    _drupal_exception_handler_additional($exception, $error);
696 697
  }
  // In order to be compatibile with PHP 5 we also catch regular Exceptions.
698
  catch (\Exception $exception2) {
699 700 701 702 703 704 705
    _drupal_exception_handler_additional($exception, $exception2);
  }
}

/**
 * Displays any additional errors caught while handling an exception.
 *
706
 * @param \Exception|\Throwable $exception
707
 *   The first exception object that was thrown.
708
 * @param \Exception|\Throwable $exception2
709 710 711 712 713 714 715 716 717 718
 *   The second exception object that was thrown.
 */
function _drupal_exception_handler_additional($exception, $exception2) {
  // Another uncaught exception was thrown while handling the first one.
  // If we are displaying errors, then do so with no possibility of a further
  // uncaught exception being thrown.
  if (error_displayable()) {
    print '<h1>Additional uncaught exception thrown while handling exception.</h1>';
    print '<h2>Original</h2><p>' . Error::renderExceptionSafe($exception) . '</p>';
    print '<h2>Additional</h2><p>' . Error::renderExceptionSafe($exception2) . '</p><hr />';
719
  }
720 721
}

722
/**
723
 * Returns the test prefix if this is an internal request from SimpleTest.
724
 *
725
 * @param string $new_prefix
726
 *   Internal use only. A new prefix to be stored.
727
 *
728
 * @return string|FALSE
729 730 731
 *   Either the simpletest prefix (the string "simpletest" followed by any
 *   number of digits) or FALSE if the user agent does not contain a valid
 *   HMAC and timestamp.
732
 */
733
function drupal_valid_test_ua($new_prefix = NULL) {
734 735
  static $test_prefix;

736 737 738
  if (isset($new_prefix)) {
    $test_prefix = $new_prefix;
  }
739 740 741
  if (isset($test_prefix)) {
    return $test_prefix;
  }
742 743 744
  // Unless the below User-Agent and HMAC validation succeeds, we are not in
  // a test environment.
  $test_prefix = FALSE;
745

746 747 748 749 750 751
  // A valid Simpletest request will contain a hashed and salted authentication
  // code. Check if this code is present in a cookie or custom user agent
  // string.
  $http_user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : NULL;
  $user_agent = isset($_COOKIE['SIMPLETEST_USER_AGENT']) ? $_COOKIE['SIMPLETEST_USER_AGENT'] : $http_user_agent;
  if (isset($user_agent) && preg_match("/^(simpletest\d+);(.+);(.+);(.+)$/", $user_agent, $matches)) {
752 753
    list(, $prefix, $time, $salt, $hmac) = $matches;
    $check_string =  $prefix . ';' . $time . ';' . $salt;
754 755 756 757 758 759 760 761 762 763 764 765 766
    // Read the hash salt prepared by drupal_generate_test_ua().
    // This function is called before settings.php is read and Drupal's error
    // handlers are set up. While Drupal's error handling may be properly
    // configured on production sites, the server's PHP error_reporting may not.
    // Ensure that no information leaks on production sites.
    $key_file = DRUPAL_ROOT . '/sites/simpletest/' . substr($prefix, 10) . '/.htkey';
    if (!is_readable($key_file)) {
      header($_SERVER['SERVER_PROTOCOL'] . ' 403 Forbidden');
      exit;
    }
    $private_key = file_get_contents($key_file);
    // The file properties add more entropy not easily accessible to others.
    $key = $private_key . filectime(__FILE__) . fileinode(__FILE__);
767
    $time_diff = REQUEST_TIME - $time;
768
    $test_hmac = Crypt::hmacBase64($check_string, $key);
769 770
    // Since we are making a local request a 5 second time window is allowed,
    // and the HMAC must match.
771
    if ($time_diff >= 0 && $time_diff <= 5 && $hmac === $test_hmac) {
772 773 774
      $test_prefix = $prefix;
    }
  }
775
  return $test_prefix;
776 777 778
}

/**
779
 * Generates a user agent string with a HMAC and timestamp for simpletest.
780 781
 */
function drupal_generate_test_ua($prefix) {
782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 798 799 800 801
  static $key, $last_prefix;

  if (!isset($key) || $last_prefix != $prefix) {
    $last_prefix = $prefix;
    $key_file = DRUPAL_ROOT . '/sites/simpletest/' . substr($prefix, 10) . '/.htkey';
    // When issuing an outbound HTTP client request from within an inbound test
    // request, then the outbound request has to use the same User-Agent header
    // as the inbound request. A newly generated private key for the same test
    // prefix would invalidate all subsequent inbound requests.
    // @see \Drupal\Core\Http\Plugin\SimpletestHttpRequestSubscriber
    if (DRUPAL_TEST_IN_CHILD_SITE && $parent_prefix = drupal_valid_test_ua()) {
      if ($parent_prefix != $prefix) {
        throw new \RuntimeException("Malformed User-Agent: Expected '$parent_prefix' but got '$prefix'.");
      }
      // If the file is not readable, a PHP warning is expected in this case.
      $private_key = file_get_contents($key_file);
    }
    else {
      // Generate and save a new hash salt for a test run.
      // Consumed by drupal_valid_test_ua() before settings.php is loaded.
802
      $private_key = Crypt::randomBytesBase64(55);
803 804 805 806
      file_put_contents($key_file, $private_key);
    }
    // The file properties add more entropy not easily accessible to others.
    $key = $private_key . filectime(__FILE__) . fileinode(__FILE__);
807
  }
808 809 810
  // Generate a moderately secure HMAC based on the database credentials.
  $salt = uniqid('', TRUE);
  $check_string = $prefix . ';' . time() . ';' . $salt;
811
  return $check_string . ';' . Crypt::hmacBase64($check_string, $key);
812 813
}

814
/**
815 816 817
 * Enables use of the theme system without requiring database access.
 *
 * Loads and initializes the theme system for site installs, updates and when
818
 * the site is in maintenance mode. This also applies when the database fails.
819 820
 *
 * @see _drupal_maintenance_theme()
821 822
 */
function drupal_maintenance_theme() {
823
  require_once __DIR__ . '/theme.maintenance.inc';
824
  _drupal_maintenance_theme();
825
}
826

827
/**
828
 * Returns TRUE if a Drupal installation is currently being attempted.
829 830
 */
function drupal_installation_attempted() {
831 832 833 834 835 836
  // This cannot rely on the MAINTENANCE_MODE constant, since that would prevent
  // tests from using the non-interactive installer, in which case Drupal
  // only happens to be installed within the same request, but subsequently
  // executed code does not involve the installer at all.
  // @see install_drupal()
  return isset($GLOBALS['install_state']) && empty($GLOBALS['install_state']['installation_finished']);
837 838
}

839 840 841 842 843 844 845 846 847 848 849 850 851 852 853 854 855 856 857 858 859 860 861 862 863 864 865 866 867 868 869 870 871
/**
 * Gets the name of the currently active installation profile.
 *
 * When this function is called during Drupal's initial installation process,
 * the name of the profile that's about to be installed is stored in the global
 * installation state. At all other times, the "install_profile" setting will be
 * available in settings.php.
 *
 * @return string|null $profile
 *   The name of the installation profile or NULL if no installation profile is
 *   currently active. This is the case for example during the first steps of
 *   the installer or during unit tests.
 */
function drupal_get_profile() {
  global $install_state;

  if (drupal_installation_attempted()) {
    // If the profile has been selected return it.
    if (isset($install_state['parameters']['profile'])) {
      $profile = $install_state['parameters']['profile'];
    }
    else {
      $profile = NULL;
    }
  }
  else {
    // Fall back to NULL, if there is no 'install_profile' setting.
    $profile = Settings::get('install_profile');
  }

  return $profile;
}

872 873 874 875 876 877 878 879 880
/**
 * Registers an additional namespace.
 *
 * @param string $name
 *   The namespace component to register; e.g., 'node'.
 * @param string $path
 *   The relative path to the Drupal component in the filesystem.
 */
function drupal_classloader_register($name, $path) {
881
  $loader = \Drupal::service('class_loader');
882
  $loader->addPsr4('Drupal\\' . $name . '\\', \Drupal::root() . '/' . $path . '/src');
883 884
}

885
/**
886
 * Provides central static variable storage.
887
 *
888 889 890 891 892 893 894 895 896
 * All functions requiring a static variable to persist or cache data within
 * a single page request are encouraged to use this function unless it is
 * absolutely certain that the static variable will not need to be reset during
 * the page request. By centralizing static variable storage through this
 * function, other functions can rely on a consistent API for resetting any
 * other function's static variables.
 *
 * Example:
 * @code
897 898 899
 * function example_list($field = 'default') {
 *   $examples = &drupal_static(__FUNCTION__);
 *   if (!isset($examples)) {
900 901
 *     // If this function is being called for the first time after a reset,
 *     // query the database and execute any other code needed to retrieve
902
 *     // information.
903 904
 *     ...
 *   }
905
 *   if (!isset($examples[$field])) {