Commit 20397ad3 authored by Dries's avatar Dries
Browse files

CHANGES

- Redid settings.module and even renamed it to conf.module.
    * Settings are now grouped in basic categories like "system
      settings", "module settings" and "filters".
  * Added new settings to make Drupal easier to configure and
  to make some aspects like the watchdog scale better.

- Renamed includes/settings.php to includes/conf.php.

- Added filter support to conf.module and introduced filter hooks so
  modules can implement and export new filters.  Example filters are
  an HTML filter (implemented), a profanity filter, an url converter,
  ASCII smileys to images filter and so on ...

- Reworked the check_* functions: user contributed content/input is
  only verified and filtered once in its lifespan.

NOTES

- Altough this is a large commit, no database changes are required.
parent 3fbd49d7
......@@ -2,7 +2,7 @@
include_once "includes/common.inc";
if (variable_get(dev_timing, 0)) timer_start();
page_header();
function account_get_user($uname) {
$result = db_query("SELECT * FROM users WHERE userid = '$uname'");
......@@ -74,7 +74,7 @@ function account_session_close() {
}
function account_user_edit() {
global $allowed_html, $theme, $user;
global $theme, $user;
if ($user->id) {
// construct form:
......@@ -83,8 +83,8 @@ function account_user_edit() {
$form .= form_item(t("Real e-mail address"), $user->real_email, t("Required, unique, can not be changed.") ." ". t("Your real e-mail address is never displayed publicly: only needed in case you lose your password."));
$form .= form_textfield(t("Fake e-mail address"), "fake_email", $user->fake_email, 30, 55, t("Optional") .". ". t("Displayed publicly so you may spam proof your real e-mail address if you want."));
$form .= form_textfield(t("Homepage"), "url", $user->url, 30, 55, t("Optional") .". ". t("Make sure you enter fully qualified URLs only. That is, remember to include \"http://\"."));
$form .= form_textarea(t("Bio"), "bio", $user->bio, 35, 5, t("Optional") .". ". t("Maximal 255 characters.") ." ". t("This biographical information is publicly displayed on your user page.") ."<BR>". t("Allowed HTML tags") .": ". htmlspecialchars($allowed_html));
$form .= form_textarea(t("Signature"), "signature", $user->signature, 35, 5, t("Optional") .". ". t("Maximal 255 characters.") ." ". t("This information will be publicly displayed at the end of your comments.") ."<BR>". t("Allowed HTML tags") .": ". htmlspecialchars($allowed_html));
$form .= form_textarea(t("Bio"), "bio", $user->bio, 35, 5, t("Optional") .". ". t("Maximal 255 characters.") ." ". t("This biographical information is publicly displayed on your user page.") ."<BR>". t("Allowed HTML tags") .": ". htmlspecialchars(variable_get("allowed_html", "")));
$form .= form_textarea(t("Signature"), "signature", $user->signature, 35, 5, t("Optional") .". ". t("Maximal 255 characters.") ." ". t("This information will be publicly displayed at the end of your comments.") ."<BR>". t("Allowed HTML tags") .": ". htmlspecialchars(variable_get("allowed_html", "")));
$form .= form_item(t("Password"), "<INPUT TYPE=\"password\" NAME=\"edit[pass1]\" SIZE=\"10\" MAXLENGTH=\"20\"> <INPUT TYPE=\"password\" NAME=\"edit[pass2]\" SIZE=\"10\" MAXLENGTH=\"20\">", t("Enter your new password twice if you want to change your current password or leave it blank if you are happy with your current password."));
$form .= form_submit(t("Save user information"));
......@@ -491,6 +491,6 @@ function account_track_site() {
account_user($user->userid);
}
if (variable_get(dev_timing, 0)) timer_print();
page_footer();
?>
\ No newline at end of file
......@@ -24,9 +24,9 @@ function module($name) {
<HEAD><TITLE><?php echo variable_get(site_name, "drupal"); ?> administration</TITLE></HEAD>
<STYLE>
body { font-family: helvetica, arial; }
h1 { font-size: 18pt; font-weight: bold; color: #990000; }
h2 { font-family: helvetica, arial; font-size: 18pt; font-weight: bold; }
h3 { font-family: helvetica, arial; font-size: 14pt; font-weight: bold; }
h1 { font-famile: helvetica, arial; font-size: 18pt; font-weight: bold; color: #660000; }
h2 { font-family: helvetica, arial; font-size: 18pt; font-weight: bold; color: #000066; }
h3 { font-family: helvetica, arial; font-size: 14pt; font-weight: bold; color: #006600; }
th { font-family: helvetica, arial; text-align: center; vertical-align: top; background-color: #CCCCCC; color: #995555; }
td { font-family: helvetica, arial; }
</STYLE>
......
......@@ -118,17 +118,6 @@ CREATE TABLE comments (
KEY lid (lid)
);
#
# Table structure for table 'crons'
#
DROP TABLE IF EXISTS crons;
CREATE TABLE crons (
module varchar(64) DEFAULT '' NOT NULL,
scheduled int(11),
timestamp int(11),
PRIMARY KEY (module)
);
#
# Table structure for table 'cvs'
#
......
......@@ -48,7 +48,7 @@ function comment_settings($mode, $order, $threshold) {
}
function comment_reply($pid, $id) {
global $allowed_html, $REQUEST_URI, $theme, $user;
global $REQUEST_URI, $theme, $user;
if ($pid) {
$item = db_fetch_object(db_query("SELECT comments.*, users.userid FROM comments LEFT JOIN users ON comments.author = users.id WHERE comments.cid = '$pid'"));
......@@ -69,8 +69,8 @@ function comment_reply($pid, $id) {
// Comment field:
$output .= "<B>".t("Comment") .":</B><BR>\n";
$output .= "<TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"10\" NAME=\"comment\">". check_textarea($user->signature) ."</TEXTAREA><BR>\n";
$output .= "<SMALL><I>". t("Allowed HTML tags") .": ". htmlspecialchars($allowed_html) .".</I></SMALL><P>\n";
$output .= "<TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"10\" NAME=\"comment\">". check_form($user->signature) ."</TEXTAREA><BR>\n";
$output .= "<SMALL><I>". t("Allowed HTML tags") .": ". htmlspecialchars(variable_get("allowed_html", "")) .".</I></SMALL><P>\n";
// Preview button:
$output .= "<SMALL><I>". t("You must preview at least once before you can submit") .":</I></SMALL><BR>\n";
......@@ -84,10 +84,10 @@ function comment_reply($pid, $id) {
}
function comment_preview($pid, $id, $subject, $comment) {
global $allowed_html, $REQUEST_URI, $theme, $user;
global $REQUEST_URI, $theme, $user;
// Preview comment:
comment_view(new Comment($user->userid, $subject, $comment, time(), $user->url, $user->fake_email, 0, 0, 0, 0), t("reply to this comment"));
comment_view(new Comment($user->userid, check_preview($subject), check_preview($comment), time(), check_preview($user->url), check_preview($user->fake_email), 0, 0, 0, 0), t("reply to this comment"));
// Build reply form:
$output .= "<FORM ACTION=\"$REQUEST_URI\" METHOD=\"post\">\n";
......@@ -98,12 +98,12 @@ function comment_preview($pid, $id, $subject, $comment) {
// Subject field:
$output .= "<B>". t("Subject") .":</B><BR>\n";
$output .= "<INPUT TYPE=\"text\" NAME=\"subject\" SIZE=\"50\" MAXLENGTH=\"60\" VALUE=\"". check_textfield($subject) ."\"><P>\n";
$output .= "<INPUT TYPE=\"text\" NAME=\"subject\" SIZE=\"50\" MAXLENGTH=\"60\" VALUE=\"". check_form($subject) ."\"><P>\n";
// Comment field:
$output .= "<B>". t("Comment") .":</B><BR>\n";
$output .= "<TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"10\" NAME=\"comment\">". check_textarea($comment) ."</TEXTAREA><BR>\n";
$output .= "<SMALL><I>". t("Allowed HTML tags") .": ". htmlspecialchars($allowed_html) .".</I></SMALL><P>\n";
$output .= "<TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"10\" NAME=\"comment\">". check_form($comment) ."</TEXTAREA><BR>\n";
$output .= "<SMALL><I>". t("Allowed HTML tags") .": ". htmlspecialchars(variable_get("allowed_html", "")) .".</I></SMALL><P>\n";
// Hidden fields:
$output .= "<INPUT TYPE=\"hidden\" NAME=\"pid\" VALUE=\"$pid\">\n";
......
......@@ -6,7 +6,7 @@ function conf_init() {
global $HTTP_HOST, $REQUEST_URI;
$file = strtolower(strtr($HTTP_HOST ."". substr($REQUEST_URI, 0, strrpos($REQUEST_URI, "/")), "/:", ".."));
while ($file && !file_exists("includes/$file.php")) $file = substr($file, 0, strrpos($file, "."));
return $file ? $file : "setting";
return $file ? $file : "conf";
}
function error_handler($errno, $message, $filename, $line, $variables) {
......@@ -52,30 +52,16 @@ function notice_account() {
return t("This page requires a valid user account. Please <A HREF=\"account.php\">create a user account</A> and <A HREF=\"account.php\">login</A> prior to accessing it.");
}
function check_textfield($message) {
return strip_tags(str_replace("\"", "&quot;", stripslashes($message)));
function check_form($text) {
return htmlspecialchars(stripslashes($text));
}
function check_select($message) {
return check_textfield($message);
function check_export($text) {
return htmlspecialchars(stripslashes($text));
}
function check_export($message) {
return check_textfield($message);
}
function check_textarea($message) {
global $allowed_html;
return htmlspecialchars(strip_tags(stripslashes($message), $allowed_html));
}
function check_input($message) {
global $allowed_html;
return strip_tags(addslashes(stripslashes(substr($message, 0, variable_get(max_input_size, 10000)))), $allowed_html);
}
function check_code($message) {
return $message;
function check_code($text) {
return $text;
}
function check_mail($mail) {
......@@ -86,10 +72,18 @@ function check_name($name) {
return ereg("[^a-zA-Z0-9_-]", $name) ? 0 : 1;
}
function check_output($message, $nl2br = 0) {
global $allowed_html, $na;
$var = strip_tags(stripslashes(node_macro($message)), $allowed_html);
return ($var) ? (($nl2br) ? nl2br($var) : $var) : $na;
function check_preview($text) {
return check_output(check_input($text), 1);
}
function check_input($text) {
foreach (module_list() as $module) $text = module_invoke($module, "filter", $text);
return addslashes(stripslashes(substr($text, 0, variable_get("max_input_size", 10000))));
}
function check_output($text, $nl2br = 0) {
global $na;
return ($text) ? (($nl2br) ? nl2br(stripslashes($text)) : stripslashes($text)) : $na;
}
function format_plural($count, $singular, $plural) {
......@@ -172,15 +166,15 @@ function form_item($title, $value, $description = 0) {
}
function form_textfield($title, $name, $value, $size, $maxlength, $description = 0) {
return form_item($title, "<INPUT MAXLENGTH=\"$maxlength\" NAME=\"edit[$name]\" SIZE=\"$size\" VALUE=\"". check_textfield($value) ."\">", $description);
return form_item($title, "<INPUT MAXLENGTH=\"$maxlength\" NAME=\"edit[$name]\" SIZE=\"$size\" VALUE=\"". check_form($value) ."\">", $description);
}
function form_textarea($title, $name, $value, $cols, $rows, $description = 0) {
return form_item($title, "<TEXTAREA WRAP=\"virtual\" COLS=\"$cols\" ROWS=\"$rows\" NAME=\"edit[$name]\">". check_textarea($value) ."</TEXTAREA>", $description);
return form_item($title, "<TEXTAREA WRAP=\"virtual\" COLS=\"$cols\" ROWS=\"$rows\" NAME=\"edit[$name]\">". check_form($value) ."</TEXTAREA>", $description);
}
function form_select($title, $name, $value, $options, $description = 0) {
foreach ($options as $key=>$choice) $select .= "<OPTION VALUE=\"$key\"". ($key == $value ? " SELECTED" : "") .">". check_select($choice) ."</OPTION>";
foreach ($options as $key=>$choice) $select .= "<OPTION VALUE=\"$key\"". ($key == $value ? " SELECTED" : "") .">". check_form($choice) ."</OPTION>";
return form_item($title, "<SELECT NAME=\"edit[$name]\">$select</SELECT>", $description);
}
......@@ -189,11 +183,11 @@ function form_file($title, $name, $size, $description = 0) {
}
function form_hidden($name, $value) {
return "<INPUT TYPE=\"hidden\" NAME=\"edit[$name]\" VALUE=\"". check_textfield($value) ."\">\n";
return "<INPUT TYPE=\"hidden\" NAME=\"edit[$name]\" VALUE=\"". check_form($value) ."\">\n";
}
function form_submit($value) {
return "<INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"". check_textfield($value) ."\">\n";
return "<INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"". check_form($value) ."\">\n";
}
function field_get($string, $name) {
......@@ -227,6 +221,26 @@ function field_set($string, $name, $value) {
return $rval;
}
function timer_start() {
global $timer;
$timer = explode(" ", microtime());
}
function timer_print() {
global $timer;
$stop = explode(" ", microtime());
$diff = $stop[0] - $timer[0];
print "<PRE>execution time: $diff ms</PRE>";
}
function page_header() {
if (variable_get("dev_timer", 0)) timer_start();
}
function page_footer() {
if (variable_get("dev_timer", 0)) timer_print();
}
$conf = conf_init();
include_once "includes/$conf.php";
......@@ -237,7 +251,6 @@ function field_set($string, $name, $value) {
include_once "includes/module.inc";
include_once "includes/locale.inc";
include_once "includes/search.inc";
include_once "includes/timer.inc";
include_once "includes/theme.inc";
include_once "includes/user.inc";
include_once "includes/node.inc";
......
......@@ -24,11 +24,6 @@
"+4" => "+ 4",
"+5" => "+ 5");
#
# Allowed HTML tags:
#
$allowed_html = "<A><B><BLOCKQUOTE><CODE><DD><DL><DT><EM><HR><I><LI><SMALL><OL><U><UL>";
#
# Themes:
# The first theme listed in this associative array will automatically
......@@ -47,16 +42,6 @@
# automatically become the default language. You can add a language
# but make sure your SQL table, called locales is updated
# appropriately.
#
# Translation support - as provided by the default locale module add
# significant overhead to your site in exchange for excessive
# maintenance capabilities. If your site does not require
# translation support, disable it by commenting out the $language
# variable below.
#$languages = array(); // = language support disabled
$languages = array("en" => "English");
# This line prevents users from accessing your settings file:
if (basename($SCRIPT_FILENAME) == basename(__FILE__) && basename($SCRIPT_FILENAME) != "") die("access denied");
?>
\ No newline at end of file
......@@ -6,6 +6,7 @@ function db_connect($host, $user, $pass, $name) {
// NOTE: we are using a persistent connection!
}
function db_query($query, $debug = 0) {
$result = mysql_query($query);
if ($debug) print "<P>query: $query<BR>error:". mysql_error() ."</P>";
......
......@@ -13,7 +13,7 @@ function module_iterate($function, $argument = "") {
// invoke hook $hook of module $name with optional arguments:
function module_invoke($name, $hook, $argument = "") {
$function = $name ."_". $hook;
if (function_exists($function)) return $function($argument);
return function_exists($function) ? $function($argument) : $argument;
}
// return true if module $name supports hook $hook, and false otherwise:
......
......@@ -183,13 +183,20 @@ function visit(site) {
}
$output .= "<FORM METHOD=\"get\" ACTION=\"\">\n";
foreach ($choices as $key => $value) $options .= "<OPTION VALUE=\"$key\"". (strstr($REQUEST_URI,"/$key") ? " SELECTED" : "") .">". check_select($value) ."</OPTION>\n";
foreach ($choices as $key => $value) $options .= "<OPTION VALUE=\"$key\"". (strstr($REQUEST_URI,"/$key") ? " SELECTED" : "") .">". check_form($value) ."</OPTION>\n";
$output .= " <SELECT NAME=\"op\" ONCHANGE=\"visit(this.options[this.selectedIndex].value)\">$options</SELECT>\n";
$output .= "</FORM>\n";
return $output;
}
function node_preview($node) {
foreach ($node as $key=>$value) {
if ($node[$key]) $node[$key] = check_preview($value);
}
return $node;
}
function node_visible($node) {
global $user, $status;
return ($node->status == $status[posted]) || ($node->status == $status[queued] && $user->id) || user_access($user, $node->type) || user_access($user, "node");
......
......@@ -3,7 +3,7 @@
function search_form($keys) {
global $REQUEST_URI;
$output .= "<FORM ACTION=\"$REQUEST_URI\" METHOD=\"POST\">\n";
$output .= " <INPUT SIZE=\"50\" VALUE=\"". check_textfield($keys) ."\" NAME=\"keys\">";
$output .= " <INPUT SIZE=\"50\" VALUE=\"". check_form($keys) ."\" NAME=\"keys\">";
$output .= " <INPUT TYPE=\"submit\" VALUE=\"". t("Search") ."\">\n";
$output .= "</FORM>\n";
return $output;
......
......@@ -74,7 +74,7 @@ function category_name($cid) {
function category_form_select($type, $edit = array(), $size = 1) {
$result = db_query("SELECT * FROM category WHERE type = '$type'");
while ($category = db_fetch_object($result)) {
$options .= "<OPTION VALUE=\"$category->cid\"". ($edit[cid] == $category->cid ? "SELECTED" : "") .">". check_select($category->name) ."</OPTION>";
$options .= "<OPTION VALUE=\"$category->cid\"". ($edit[cid] == $category->cid ? "SELECTED" : "") .">". check_form($category->name) ."</OPTION>";
}
return "<SELECT NAME=\"edit[cid]\" SIZE=\"$size\"". ($size > 1 ? "MULTIPLE" : "") .">$options</SELECT>\n";
}
......@@ -133,7 +133,7 @@ function topic_moderate($tid) {
// renders a HTML form to select one or more topics:
function topic_form_select($edit = array(), $size = 1) {
foreach (topic_tree() as $tid=>$name) {
$options .= "<OPTION VALUE=\"$tid\"". ($edit[tid] == $tid ? "SELECTED" : "") .">". check_select($name) ."</OPTION>";
$options .= "<OPTION VALUE=\"$tid\"". ($edit[tid] == $tid ? "SELECTED" : "") .">". check_form($name) ."</OPTION>";
}
return "<SELECT NAME=\"edit[tid]\" SIZE=\"$size\"". ($size > 1 ? "MULTIPLE" : "") .">$options</SELECT>\n";
}
......
......@@ -32,7 +32,7 @@ function variable_get($name, $default, $object = 0) {
case "expire_threshold":
return handler_expire_threshold($object, $default);
default:
return ($conf[$name] ? $conf[$name] : $default);
return $conf[$name] ? $conf[$name] : $default;
}
}
......@@ -45,4 +45,12 @@ function variable_set($name, $value) {
$conf[$name] = $value;
}
function variable_del($name) {
global $conf;
db_query("DELETE FROM variable WHERE name = '". check_input($name) ."'");
$conf[$name] = "";
}
?>
\ No newline at end of file
......@@ -2,9 +2,7 @@
include_once "includes/common.inc";
if (variable_get("dev_timing", 0)) {
timer_start();
}
page_header();
if ($category) {
$c = "AND cid = '". check_input($category) ."'";
......@@ -23,8 +21,6 @@
}
$theme->footer();
if (variable_get("dev_timing", 0)) {
timer_print();
}
page_footer();
?>
<?php
include_once "includes/common.inc";
if (variable_get(dev_timing, 0)) timer_start();
page_header();
module_invoke($mod, "page");
if (variable_get(dev_timing, 0)) timer_print();
page_footer();
?>
......@@ -101,7 +101,7 @@ function book_toc($parent = "", $indent = "", $toc = array()) {
}
function book_form($edit = array()) {
global $allowed_html, $REQUEST_URI, $user;
global $REQUEST_URI, $user;
$form .= form_item(t("Author"), format_username(($edit[userid] ? $edit[userid] : $user->userid)));
$form .= form_hidden(userid, $edit[userid]);
......@@ -117,7 +117,7 @@ function book_form($edit = array()) {
$form .= form_select(t("Parent"), "parent", $edit[parent], book_toc(), t("The parent subject or category the page belongs in."));
}
$form .= form_textarea(t("Content"), "body", $edit[body], 50, 10, t("Allowed HTML tags") .": ". htmlspecialchars($allowed_html));
$form .= form_textarea(t("Content"), "body", $edit[body], 50, 10, t("Allowed HTML tags") .": ". htmlspecialchars(variable_get("allowed_html", "")));
$form .= form_textarea(t("Log message"), "log", $edit[log], 50, 5, t("An explanation of the additions or updates being made to help the group understand your motivations."));
if (user_access($user, "book")) {
......@@ -218,7 +218,7 @@ function book_admin() {
print book_tree();
break;
case t("Preview"):
book_view(new Book($edit));
book_view(new Book(node_preview($edit)));
print book_form($edit);
break;
case t("Submit"):
......@@ -269,7 +269,7 @@ function book_user() {
$theme->box($title, book_update($id));
break;
case t("Preview"):
book_view(new Book($edit));
book_view(new Book(node_preview($edit)));
$theme->box($title, book_form($edit));
break;
case t("Submit"):
......
......@@ -101,7 +101,7 @@ function book_toc($parent = "", $indent = "", $toc = array()) {
}
function book_form($edit = array()) {
global $allowed_html, $REQUEST_URI, $user;
global $REQUEST_URI, $user;
$form .= form_item(t("Author"), format_username(($edit[userid] ? $edit[userid] : $user->userid)));
$form .= form_hidden(userid, $edit[userid]);
......@@ -117,7 +117,7 @@ function book_form($edit = array()) {
$form .= form_select(t("Parent"), "parent", $edit[parent], book_toc(), t("The parent subject or category the page belongs in."));
}
$form .= form_textarea(t("Content"), "body", $edit[body], 50, 10, t("Allowed HTML tags") .": ". htmlspecialchars($allowed_html));
$form .= form_textarea(t("Content"), "body", $edit[body], 50, 10, t("Allowed HTML tags") .": ". htmlspecialchars(variable_get("allowed_html", "")));
$form .= form_textarea(t("Log message"), "log", $edit[log], 50, 5, t("An explanation of the additions or updates being made to help the group understand your motivations."));
if (user_access($user, "book")) {
......@@ -218,7 +218,7 @@ function book_admin() {
print book_tree();
break;
case t("Preview"):
book_view(new Book($edit));
book_view(new Book(node_preview($edit)));
print book_form($edit);
break;
case t("Submit"):
......@@ -269,7 +269,7 @@ function book_user() {
$theme->box($title, book_update($id));
break;
case t("Preview"):
book_view(new Book($edit));
book_view(new Book(node_preview($edit)));
$theme->box($title, book_form($edit));
break;
case t("Submit"):
......
......@@ -104,7 +104,7 @@ function box_admin_edit($id) {
$output .= "<P>\n";
$output .= " <B>Subject:</B><BR>\n";
$output .= " <INPUT TYPE=\"text\" NAME=\"subject\" VALUE=\"". check_textfield($block->subject) ."\">\n";
$output .= " <INPUT TYPE=\"text\" NAME=\"subject\" VALUE=\"". check_form($block->subject) ."\">\n";
$output .= "</P>\n";
$output .= "<P>\n";
$output .= " <B>Content:</B><BR>\n";
......@@ -120,11 +120,11 @@ function box_admin_edit($id) {
$output .= "</P>\n";
$output .= "<P>\n";
$output .= " <B>Description:</B><BR>\n";
$output .= " <INPUT TYPE=\"text\" NAME=\"info\" VALUE=\"". check_textfield($block->info) ."\">\n";
$output .= " <INPUT TYPE=\"text\" NAME=\"info\" VALUE=\"". check_form($block->info) ."\">\n";
$output .= "</P>\n";
$output .= "<P>\n";
$output .= " <B>Link:</B><BR>\n";
$output .= " <INPUT TYPE=\"text\" NAME=\"link\" VALUE=\"". check_textfield($block->link) ."\">\n";
$output .= " <INPUT TYPE=\"text\" NAME=\"link\" VALUE=\"". check_form($block->link) ."\">\n";
$output .= "</P>\n";
$output .= "<P>\n";
$output .= " <INPUT TYPE=\"hidden\" NAME=\"id\" VALUE=\"$id\">\n";
......
<?php
function settings_help() {
function conf_help() {
?>
<P>Drupal comes with system-wide defaults but the setting-module provides control over many Drupal preferences, behaviors including visual and operational settings.</P>
<P>Drupal comes with system-wide defaults but the setting-module provides control over many Drupal preferences, behaviors including visual and operational conf.</P>
<H3>Cron</H3>
<P>Some settings require a <I>cron</I> or <I>crontab</I>. Cron (which stands for chronograph) is a periodic command scheduler: it executes commands at intervals specified in seconds. It can be used to control the execution of daily, weekly and monthly jobs (or anything with a period of <i>n</i> seconds). Automating tasks is one of the best ways to keep a system running smoothly, and if most of your administration does not require your direct involvement, cron is an ideal solution.</P>
<P>Some conf require a <I>cron</I> or <I>crontab</I>. Cron (which stands for chronograph) is a periodic command scheduler: it executes commands at intervals specified in seconds. It can be used to control the execution of daily, weekly and monthly jobs (or anything with a period of <i>n</i> seconds). Automating tasks is one of the best ways to keep a system running smoothly, and if most of your administration does not require your direct involvement, cron is an ideal solution.</P>
<P>Whenever <A HREF="<?php echo path_uri(); ?>cron.php"><?php echo path_uri(); ?>cron.php</A> is accessed, cron will run: it checks for the jobs cron controls, and their periods in seconds. If a certain task wasn't executed in the last n seconds, where n is the period of that job, it will be executed. When all the executed commands terminate, cron is done.</P>
<P>The recommended way to setup your cron system is to setup a Unix/Linux crontab that frequently visits <A HREF="<?php echo path_uri(); ?>cron.php"><?php echo path_uri(); ?>cron.php</A>. Note that cron does not guarantee the commands will be executed at the specified interval. However, Drupal will try his best and run the crons as close to the specified intervals as possible. The more you visit cron.php, the more accurate cron will be.</P>
<P>If your hosting company does not allow you to setup crontabs, you can always ask someone else to setup a crontab for you. After all, virtually any Unix/Linux machine with access to the internet can setup a crontab to frequently visit <A HREF="<?php echo path_uri(); ?>cron.php"><?php echo path_uri(); ?>cron.php</A>.</P>
......@@ -12,20 +12,21 @@ function settings_help() {
<?php
}
function settings_conf() {
function conf_view_system() {
global $conf, $cmodes, $corder, $themes;
// general settings:
$output .= form_textfield(t("Name"), "site_name", variable_get(site_name, "drupal"), 30, 55, t("The name of this website."));
$output .= form_textfield(t("Slogan"), "site_slogan", variable_get(site_slogan, ""), 30, 55, t("The slogan of this website"));
$output .= form_textfield(t("E-mail address"), "site_mail", variable_get(site_mail, "root@localhost"), 30, 55, t("A valid e-mail address for this website, used by the auto-mailer to create new user accounts."));
$output .= form_textarea(t("Footer message"), "site_footer", variable_get(site_footer, ""), 55, 3, t("This text will be displayed at the bottom of each page. Useful for adding a copyright notice to your pages."));
$output .= form_textfield(t("Anonymous user"), "anonymous", variable_get(anonymous, "Anonymous"), 30, 55, t("The name used to indicate anonymous users."));
$output .= "<H3>General settings</H3>\n";
$output .= form_textfield(t("Name"), "site_name", variable_get("site_name", "drupal"), 30, 55, t("The name of this website."));
$output .= form_textfield(t("Slogan"), "site_slogan", variable_get("site_slogan", ""), 30, 55, t("The slogan of this website"));
$output .= form_textfield(t("E-mail address"), "site_mail", variable_get("site_mail", "root@localhost"), 30, 55, t("A valid e-mail address for this website, used by the auto-mailer to create new user accounts."));
$output .= form_textarea(t("Footer message"), "site_footer", variable_get("site_footer", ""), 55, 3, t("This text will be displayed at the bottom of each page. Useful for adding a copyright notice to your pages."));
$output .= form_textfield(t("Anonymous user"), "anonymous", variable_get("anonymous", "Anonymous"), 30, 55, t("The name used to indicate anonymous users."));
$output .= "<HR>\n";
// node settings:
$output .= "<H3>Node settings</H3>\n";
$output .= form_select(t("Default number of nodes to display"), "default_nodes_main", variable_get(default_nodes_main, 10), array(10 => 10, 15 => 15, 20 => 20, 25 => 25, 30 => 30), t("The default maximum number of nodes to display on the main page."));
$output .= form_select(t("Default number of nodes to display"), "default_nodes_main", variable_get("default_nodes_main", 10), array(10 => 10, 15 => 15, 20 => 20, 25 => 25, 30 => 30), t("The default maximum number of nodes to display on the main page."));
$output .= "<HR>\n";
// comment settings:
......@@ -39,77 +40,93 @@ function settings_conf() {
// submission settings:
$output .= "<H3>Submission settings</H3>\n";
$size = array(1000 => "1.000 characters", 5000 => "5.000 characters", 10000 => "10.000 characters", 15000 => "15.000 characters", 30.000 => "30.000 characters", 50000 => "50.000 characters", 100000 => "100.000 characters");
$output .= form_select(t("Maximum submission size"), "max_input_size", variable_get(max_input_size, 10000), $size, t("The maximum number of characters someone can enter in a form."));
$output .= form_select(t("Maximum submission size"), "max_input_size", variable_get("max_input_size", 10000), $size, t("The maximum number of characters someone can enter in a form."));
$rate = array(1 => "Maximum 1 every second", 5 => "Maximum 1 every 5 seconds", 15 => "Maximum 1 every 15 seconds", 30 => "Maximum 1 every 30 seconds", 60 => "Maximum 1 every minute", 300 => "Maximum 1 every 5 minutes", 900 => "Maximum 1 every 15 minutes", 1800 => "Maximum 1 every 30 minutes", 3600 => "Maximum 1 every hour", 21600 => "Maximum 1 every 6 hour", 43200 => "Maximum 1 every 12 hour");
$output .= form_select(t("Maximum node rate"), "max_node_rate", variable_get(max_node_rate, 900), $rate, t("The maximum submission rate for nodes. Its purpose is to stop potential abuse or denial of service attacks."));
$output .= form_select(t("Maximum comment rate"), "max_comment_rate", variable_get(max_comment_rate, 120), $rate, t("The maximum submission rate for comments. Its purpose is to stop potential abuse or denial of service attacks."));
$output .= form_select(t("Maximum node rate"), "max_node_rate", variable_get("max_node_rate", 900), $rate, t("The maximum submission rate for nodes. Its purpose is to stop potential abuse or denial of service attacks."));
$output .= form_select(t("Maximum comment rate"), "max_comment_rate", variable_get("max_comment_rate", 120), $rate, t("The maximum submission rate for comments. Its purpose is to stop potential abuse or denial of service attacks."));
$output .= "<HR>\n";
// theme settings:
$output .= "<H3>Theme settings</H3>\n";
foreach ($themes as $key=>$value) $options .= "<OPTION VALUE=\"$key\"". (variable_get(theme_default, key($themes)) == $key ? " SELECTED" : "") .">$key</OPTION>\n";
foreach ($themes as $key=>$value) $options .= "<OPTION VALUE=\"$key\"". (variable_get("theme_default", key($themes)) == $key ? " SELECTED" : "") .">$key</OPTION>\n";
$output .= form_item(t("Default theme"), "<SELECT NAME=\"edit[theme_default]\">$options</SELECT>", t("The default theme as seen by new visitors and anonymous users."));
$output .= "<HR>\n";
// development settings:
$output .= "<H3>Development settings</H3>\n";
$output .= form_select(t("Display timings"), "dev_timing", variable_get(dev_timing, 0), array("Disabled", "Enabled"), t("Display the time it took to generate a page: for Drupal development only."));
$output .= form_select(t("Display timer information"), "dev_timer", variable_get("dev_timer", 0), array("Disabled", "Enabled"), t("Display the time it took to generate a page. For Drupal development only."));
$output .= "<HR>\n";
return $output;
}
function setting_modules() {
function conf_view_module() {
foreach (module_list() as $name) {
if (module_hook($name, "conf")) {
$output .= "<H3>". ucfirst($name) ." module</H3>\n";
$output .= module_invoke($name, "conf");
$output .= "<HR>\n";
if (module_hook($name, "conf_options")) {
$output .= "<H3>". ucfirst($name) ." settings</H3>". module_invoke($name, "conf_options") ."<HR>\n";
}
}
return $output;
}