system.module 58.8 KB
Newer Older
1 2
<?php

3 4 5 6 7
/**
 * @file
 * Configuration system that lets administrators modify the workings of the site.
 */

8
use Drupal\Component\Render\PlainTextOutput;
9
use Drupal\Component\Utility\UrlHelper;
10
use Drupal\Core\Asset\AttachedAssetsInterface;
11
use Drupal\Core\Cache\Cache;
12
use Drupal\Core\Queue\QueueGarbageCollectionInterface;
13
use Drupal\Core\Database\Query\AlterableInterface;
14
use Drupal\Core\Extension\Extension;
15
use Drupal\Core\Form\FormStateInterface;
16
use Drupal\Core\KeyValueStore\KeyValueDatabaseExpirableFactory;
17
use Drupal\Core\PageCache\RequestPolicyInterface;
18
use Drupal\Core\PhpStorage\PhpStorageFactory;
19
use Drupal\Core\Routing\RouteMatchInterface;
20
use Drupal\Core\Routing\StackedRouteMatchInterface;
21
use Drupal\Core\Language\LanguageInterface;
22
use Drupal\Core\Menu\MenuTreeParameters;
23
use Drupal\Core\Extension\ModuleHandler;
24
use Drupal\Core\Url;
25
use Drupal\Core\Block\BlockPluginInterface;
26
use Drupal\user\UserInterface;
27
use Symfony\Component\HttpFoundation\RedirectResponse;
28
use GuzzleHttp\Exception\RequestException;
29

30 31
/**
 * New users will be set to the default time zone at registration.
32 33 34
 *
 * @deprecated in Drupal 8.3.x and will be removed before Drupal 9.0.0.
 *   Use \Drupal\user\UserInterface::TIMEZONE_DEFAULT instead.
35 36
 *
 * @see https://www.drupal.org/node/2831620
37
 */
38
const DRUPAL_USER_TIMEZONE_DEFAULT = 0;
39 40 41

/**
 * New users will get an empty time zone at registration.
42 43 44
 *
 * @deprecated in Drupal 8.3.x and will be removed before Drupal 9.0.0.
 *   Use \Drupal\user\UserInterface::TIMEZONE_EMPTY instead.
45 46
 *
 * @see https://www.drupal.org/node/2831620
47
 */
48
const DRUPAL_USER_TIMEZONE_EMPTY = 1;
49 50 51

/**
 * New users will select their own timezone at registration.
52 53 54
 *
 * @deprecated in Drupal 8.3.x and will be removed before Drupal 9.0.0.
 *   Use \Drupal\user\UserInterface::TIMEZONE_SELECT instead.
55 56
 *
 * @see https://www.drupal.org/node/2831620
57
 */
58
const DRUPAL_USER_TIMEZONE_SELECT = 2;
59

60
/**
61 62
 * Disabled option on forms and settings
 */
63
const DRUPAL_DISABLED = 0;
64 65 66 67

/**
 * Optional option on forms and settings
 */
68
const DRUPAL_OPTIONAL = 1;
69 70 71 72

/**
 * Required option on forms and settings
 */
73
const DRUPAL_REQUIRED = 2;
74

75
/**
76
 * Return only visible regions.
77
 *
78 79 80
 * @deprecated in Drupal 8.3.x and will be removed before Drupal 9.0.0.
 *   Use \Drupal\block\BlockRepositoryInterface::REGIONS_VISIBLE instead.
 *
81
 * @see system_region_list()
82
 * @see https://www.drupal.org/node/2831620
83
 */
84
const REGIONS_VISIBLE = 'visible';
85 86

/**
87
 * Return all regions.
88
 *
89 90 91
 * @deprecated in Drupal 8.3.x and will be removed before Drupal 9.0.0.
 *   Use \Drupal\block\BlockRepositoryInterface::REGIONS_ALL instead.
 *
92
 * @see system_region_list()
93
 * @see https://www.drupal.org/node/2831620
94
 */
95
const REGIONS_ALL = 'all';
96

Dries's avatar
Dries committed
97
/**
98
 * Implements hook_help().
Dries's avatar
Dries committed
99
 */
100
function system_help($route_name, RouteMatchInterface $route_match) {
101 102
  switch ($route_name) {
    case 'help.page.system':
103 104
      $output = '';
      $output .= '<h3>' . t('About') . '</h3>';
105
      $output .= '<p>' . t('The System module is integral to the site: it provides user interfaces for many core systems and settings, as well as the basic administrative menu structure. For more information, see the <a href=":system">online documentation for the System module</a>.', [':system' => 'https://www.drupal.org/documentation/modules/system']) . '</p>';
106 107 108
      $output .= '<h3>' . t('Uses') . '</h3>';
      $output .= '<dl>';
      $output .= '<dt>' . t('Managing modules') . '</dt>';
109
      $output .= '<dd>' . t('Users with appropriate permission can install and uninstall modules from the <a href=":modules">Extend page</a>. Depending on which distribution or installation profile you choose when you install your site, several modules are installed and others are provided but not installed. Each module provides a discrete set of features; modules may be installed or uninstalled depending on the needs of the site. Many additional modules contributed by members of the Drupal community are available for download from the <a href=":drupal-modules">Drupal.org module page</a>. Note that uninstalling a module is a destructive action: when you uninstall a module, you will permanently lose all data connected to the module.', [':modules' => \Drupal::url('system.modules_list'), ':drupal-modules' => 'https://www.drupal.org/project/modules']) . '</dd>';
110
      $output .= '<dt>' . t('Managing themes') . '</dt>';
111
      $output .= '<dd>' . t('Users with appropriate permission can install and uninstall themes on the <a href=":themes">Appearance page</a>. Themes determine the design and presentation of your site. Depending on which distribution or installation profile you choose when you install your site, a default theme is installed, and possibly a different theme for administration pages. Other themes are provided but not installed, and additional contributed themes are available at the <a href=":drupal-themes">Drupal.org theme page</a>.', [':themes' => \Drupal::url('system.themes_page'), ':drupal-themes' => 'https://www.drupal.org/project/themes']) . '</dd>';
112
      $output .= '<dt>' . t('Disabling drag-and-drop functionality') . '</dt>';
113 114
      $output .= '<dd>' . t('The default drag-and-drop user interface for ordering tables in the administrative interface presents a challenge for some users, including users of screen readers and other assistive technology. The drag-and-drop interface can be disabled in a table by clicking a link labeled "Show row weights" above the table. The replacement interface allows users to order the table by choosing numerical weights instead of dragging table rows.') . '</dd>';
      $output .= '<dt>' . t('Configuring basic site settings') . '</dt>';
115
      $output .= '<dd>' . t('The System module provides pages for managing basic site configuration, including <a href=":date-time-settings">Date and time formats</a> and <a href=":site-info">Basic site settings</a> (site name, email address to send mail from, home page, and error pages). Additional configuration pages are listed on the main <a href=":config">Configuration page</a>.', [':date-time-settings' => \Drupal::url('entity.date_format.collection'), ':site-info' => \Drupal::url('system.site_information_settings'), ':config' => \Drupal::url('system.admin_config')]) . '</dd>';
116
      $output .= '<dt>' . t('Checking site status') . '</dt>';
117
      $output .= '<dd>' . t('The <a href=":status">Status report</a> provides an overview of the configuration, status, and health of your site. Review this report to make sure there are not any problems to address, and to find information about the software your site and web server are using.', [':status' => \Drupal::url('system.status')]) . '</dd>';
118
      $output .= '<dt>' . t('Using maintenance mode') . '</dt>';
119
      $output .= '<dd>' . t('When you are performing site maintenance, you can prevent non-administrative users (including anonymous visitors) from viewing your site by putting it in <a href=":maintenance-mode">Maintenance mode</a>. This will prevent unauthorized users from making changes to the site while you are performing maintenance, or from seeing a broken site while updates are in progress.', [':maintenance-mode' => \Drupal::url('system.site_maintenance_mode')]) . '</dd>';
120
      $output .= '<dt>' . t('Configuring for performance') . '</dt>';
121
      $output .= '<dd>' . t('On the <a href=":performance-page">Performance page</a>, the site can be configured to aggregate CSS and JavaScript files, making the total request size smaller. Note that, for small- to medium-sized websites, the <a href=":page-cache">Internal Page Cache module</a> should be installed so that pages are efficiently cached and reused for anonymous users. Finally, for websites of all sizes, the <a href=":dynamic-page-cache">Dynamic Page Cache module</a> should also be installed so that the non-personalized parts of pages are efficiently cached (for all users).', [':performance-page' => \Drupal::url('system.performance_settings'), ':page-cache' => (\Drupal::moduleHandler()->moduleExists('page_cache')) ? \Drupal::url('help.page', ['name' => 'page_cache']) : '#', ':dynamic-page-cache' => (\Drupal::moduleHandler()->moduleExists('dynamic_page_cache')) ? \Drupal::url('help.page', ['name' => 'dynamic_page_cache']) : '#']) . '</dd>';
122
      $output .= '<dt>' . t('Configuring cron') . '</dt>';
123
      $output .= '<dd>' . t('In order for the site and its modules to continue to operate well, a set of routine administrative operations must run on a regular basis; these operations are known as <em>cron</em> tasks. On the <a href=":cron">Cron page</a>, you can configure cron to run periodically as part of server responses by installing the <em>Automated Cron</em> module, or you can turn this off and trigger cron from an outside process on your web server. You can verify the status of cron tasks by visiting the <a href=":status">Status report page</a>. For more information, see the <a href=":handbook">online documentation for configuring cron jobs</a>.', [':status' => \Drupal::url('system.status'), ':handbook' => 'https://www.drupal.org/cron', ':cron' => \Drupal::url('system.cron_settings')]) . '</dd>';
124
      $output .= '<dt>' . t('Configuring the file system') . '</dt>';
125
      $output .= '<dd>' . t('Your site has several file directories, which are used to store and process uploaded and generated files. The <em>public</em> file directory, which is configured in your settings.php file, is the default place for storing uploaded files. Links to files in this directory contain the direct file URL, so when the files are requested, the web server will send them directly without invoking your site code. This means that the files can be downloaded by anyone with the file URL, so requests are not access-controlled but they are efficient. The <em>private</em> file directory, also configured in your settings.php file and ideally located outside the site web root, is access controlled. Links to files in this directory are not direct, so requests to these files are mediated by your site code. This means that your site can check file access permission for each file before deciding to fulfill the request, so the requests are more secure, but less efficient. You should only use the private storage for files that need access control, not for files like your site logo and background images used on every page. The <em>temporary</em> file directory is used internally by your site code for various operations, and is configured on the <a href=":file-system">File system settings</a> page. You can also see the configured public and private file directories on this page, and choose whether public or private should be the default for uploaded files.', [':file-system' => \Drupal::url('system.file_system_settings')]) . '</dd>';
126
      $output .= '<dt>' . t('Configuring the image toolkit') . '</dt>';
127
      $output .= '<dd>' . t('On the <a href=":toolkit">Image toolkit page</a>, you can select and configure the PHP toolkit used to manipulate images. Depending on which distribution or installation profile you choose when you install your site, the GD2 toolkit and possibly others are included; other toolkits may be provided by contributed modules.', [':toolkit' => \Drupal::url('system.image_toolkit_settings')]) . '</dd>';
128
      $output .= '</dl>';
129
      return $output;
130 131

    case 'system.admin_index':
132
      return '<p>' . t('This page shows you all available administration tasks for each module.') . '</p>';
133 134

    case 'system.themes_page':
135
      $output = '<p>' . t('Set and configure the default theme for your website.  Alternative <a href=":themes">themes</a> are available.', [':themes' => 'https://www.drupal.org/project/themes']) . '</p>';
136
      if (\Drupal::moduleHandler()->moduleExists('block')) {
137
        $output .= '<p>' . t('You can place blocks for each theme on the <a href=":blocks">block layout</a> page.', [':blocks' => \Drupal::url('block.admin_display')]) . '</p>';
138
      }
139
      return $output;
140 141

    case 'system.theme_settings_theme':
142
      $theme_list = \Drupal::service('theme_handler')->listInfo();
143
      $theme = $theme_list[$route_match->getParameter('theme')];
144
      return '<p>' . t('These options control the display settings for the %name theme. When your site is displayed using this theme, these settings will be used.', ['%name' => $theme->info['name']]) . '</p>';
145 146

    case 'system.theme_settings':
147
      return '<p>' . t('Control default display settings for your site, across all themes. Use theme-specific settings to override these defaults.') . '</p>';
148 149

    case 'system.modules_list':
150
      $output = '<p>' . t('Download additional <a href=":modules">contributed modules</a> to extend your site\'s functionality.', [':modules' => 'https://www.drupal.org/project/modules']) . '</p>';
151
      if (!\Drupal::moduleHandler()->moduleExists('update')) {
152
        $output .= '<p>' . t('Regularly review available updates to maintain a secure and current site. Always run the <a href=":update-php">update script</a> each time a module is updated. Enable the <a href=":update-manager">Update Manager module</a> to update and install modules and themes.', [':update-php' => \Drupal::url('system.db_update'), ':update-manager' => \Drupal::url('system.modules_list', [], ['fragment' => 'module-update'])]) . '</p>';
153
      }
154
      return $output;
155 156

    case 'system.modules_uninstall':
157
      return '<p>' . t('The uninstall process removes all data related to a module.') . '</p>';
158

159
    case 'entity.block.edit_form':
160
      if (($block = $route_match->getParameter('block')) && $block->getPluginId() == 'system_powered_by_block') {
161
        return '<p>' . t('The <em>Powered by Drupal</em> block is an optional link to the home page of the Drupal project. While there is absolutely no requirement that sites feature this link, it may be used to show support for Drupal.') . '</p>';
162
      }
163
      break;
164 165

    case 'block.admin_add':
166
      if ($route_match->getParameter('plugin_id') == 'system_powered_by_block') {
167 168 169 170 171
        return '<p>' . t('The <em>Powered by Drupal</em> block is an optional link to the home page of the Drupal project. While there is absolutely no requirement that sites feature this link, it may be used to show support for Drupal.') . '</p>';
      }
      break;

    case 'system.site_maintenance_mode':
172
      if (\Drupal::currentUser()->id() == 1) {
173
        return '<p>' . t('Use maintenance mode when making major updates, particularly if the updates could disrupt visitors or the update process. Examples include upgrading, importing or exporting content, modifying a theme, modifying content types, and making backups.') . '</p>';
174
      }
175
      break;
176 177

    case 'system.status':
178
      return '<p>' . t("Here you can find a short overview of your site's parameters as well as any problems detected with your installation. It may be useful to copy and paste this information into support requests filed on Drupal.org's support forums and project issue queues. Before filing a support request, ensure that your web server meets the <a href=\":system-requirements\">system requirements.</a>", [':system-requirements' => 'https://www.drupal.org/requirements']) . '</p>';
179
  }
180 181
}

182
/**
183
 * Implements hook_theme().
184
 */
185
function system_theme() {
186
  return array_merge(drupal_common_theme(), [
187
    // Normally theme suggestion templates are only picked up when they are in
188 189
    // themes. We explicitly define theme suggestions here so that the block
    // templates in core/modules/system/templates are picked up.
190
    'block__system_branding_block' => [
191
      'render element' => 'elements',
192
      'base hook' => 'block',
193 194
    ],
    'block__system_messages_block' => [
195
      'base hook' => 'block',
196 197
    ],
    'block__system_menu_block' => [
198 199
      'render element' => 'elements',
      'base hook' => 'block',
200 201 202 203 204 205
    ],
    'system_themes_page' => [
      'variables' => [
        'theme_groups' => [],
        'theme_group_titles' => [],
      ],
206
      'file' => 'system.admin.inc',
207 208
    ],
    'system_config_form' => [
209
      'render element' => 'form',
210 211
    ],
    'confirm_form' => [
212
      'render element' => 'form',
213 214
    ],
    'system_modules_details' => [
215
      'render element' => 'form',
216
      'file' => 'system.admin.inc',
217 218
    ],
    'system_modules_uninstall' => [
219
      'render element' => 'form',
220
      'file' => 'system.admin.inc',
221 222 223 224 225
    ],
    'status_report_page' => [
      'variables' => [
        'counters' => [],
        'general_info' => [],
226
        'requirements' => NULL,
227 228 229 230
      ],
    ],
    'status_report' => [
      'variables' => [
231 232
        'grouped_requirements' => NULL,
        'requirements' => NULL,
233 234 235 236
      ],
    ],
    'status_report_grouped' => [
      'variables' => [
237 238
        'grouped_requirements' => NULL,
        'requirements' => NULL,
239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256
      ],
    ],
    'status_report_counter' => [
      'variables' => ['amount' => NULL, 'text' => NULL, 'severity' => NULL],
    ],
    'status_report_general_info' => [
      'variables' => [
        'drupal' => [],
        'cron' => [],
        'database_system' => [],
        'database_system_version' => [],
        'php' => [],
        'php_memory_limit' => [],
        'webserver' => [],
      ],
    ],
    'admin_page' => [
      'variables' => ['blocks' => NULL],
257
      'file' => 'system.admin.inc',
258 259
    ],
    'admin_block' => [
260
      'variables' => ['block' => NULL, 'attributes' => []],
261
      'file' => 'system.admin.inc',
262 263 264
    ],
    'admin_block_content' => [
      'variables' => ['content' => NULL],
265
      'file' => 'system.admin.inc',
266 267 268
    ],
    'system_admin_index' => [
      'variables' => ['menu_items' => NULL],
269
      'file' => 'system.admin.inc',
270 271 272 273
    ],
    'entity_add_list' => [
      'variables' => [
        'bundles' => [],
274
        'add_bundle_message' => NULL,
275
      ],
276
      'template' => 'entity-add-list',
277
    ],
278 279 280
    'off_canvas_page_wrapper' => [
      'variables' => ['children' => NULL],
    ],
281
  ]);
282
}
283

284
/**
285
 * Implements hook_hook_info().
286 287
 */
function system_hook_info() {
288
  $hooks['token_info'] = [
289
    'group' => 'tokens',
290 291
  ];
  $hooks['token_info_alter'] = [
292
    'group' => 'tokens',
293 294
  ];
  $hooks['tokens'] = [
295
    'group' => 'tokens',
296 297
  ];
  $hooks['tokens_alter'] = [
298
    'group' => 'tokens',
299
  ];
300

301 302 303
  return $hooks;
}

304 305 306 307
/**
 * Implements hook_theme_suggestions_HOOK().
 */
function system_theme_suggestions_html(array $variables) {
308
  $path_args = explode('/', trim(\Drupal::service('path.current')->getPath(), '/'));
309
  return theme_get_suggestions($path_args, 'html');
310 311 312 313 314 315
}

/**
 * Implements hook_theme_suggestions_HOOK().
 */
function system_theme_suggestions_page(array $variables) {
316
  $path_args = explode('/', trim(\Drupal::service('path.current')->getPath(), '/'));
317
  return theme_get_suggestions($path_args, 'page');
318 319 320 321 322 323
}

/**
 * Implements hook_theme_suggestions_HOOK().
 */
function system_theme_suggestions_maintenance_page(array $variables) {
324
  $suggestions = [];
325 326 327 328 329

  // Dead databases will show error messages so supplying this template will
  // allow themers to override the page and the content completely.
  $offline = defined('MAINTENANCE_MODE');
  try {
330
    \Drupal::service('path.matcher')->isFrontPage();
331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346
  }
  catch (Exception $e) {
    // The database is not yet available.
    $offline = TRUE;
  }
  if ($offline) {
    $suggestions[] = 'maintenance_page__offline';
  }

  return $suggestions;
}

/**
 * Implements hook_theme_suggestions_HOOK().
 */
function system_theme_suggestions_region(array $variables) {
347
  $suggestions = [];
348 349 350 351 352 353
  if (!empty($variables['elements']['#region'])) {
    $suggestions[] = 'region__' . $variables['elements']['#region'];
  }
  return $suggestions;
}

354 355 356 357
/**
 * Implements hook_theme_suggestions_HOOK().
 */
function system_theme_suggestions_field(array $variables) {
358
  $suggestions = [];
359 360 361 362 363 364 365 366 367 368 369
  $element = $variables['element'];

  $suggestions[] = 'field__' . $element['#field_type'];
  $suggestions[] = 'field__' . $element['#field_name'];
  $suggestions[] = 'field__' . $element['#entity_type'] . '__' . $element['#bundle'];
  $suggestions[] = 'field__' . $element['#entity_type'] . '__' . $element['#field_name'];
  $suggestions[] = 'field__' . $element['#entity_type'] . '__' . $element['#field_name'] . '__' . $element['#bundle'];

  return $suggestions;
}

370 371 372 373 374 375 376 377 378
/**
 * Prepares variables for the list of available bundles.
 *
 * Default template: entity-add-list.html.twig.
 *
 * @param array $variables
 *   An associative array containing:
 *   - bundles: An array of bundles with the label, description, add_link keys.
 *   - add_bundle_message: The message shown when there are no bundles. Only
379
 *     available if the entity type uses bundle entities.
380 381 382 383 384 385 386 387 388
 */
function template_preprocess_entity_add_list(&$variables) {
  foreach ($variables['bundles'] as $bundle_name => $bundle_info) {
    $variables['bundles'][$bundle_name]['description'] = [
      '#markup' => $bundle_info['description'],
    ];
  }
}

389
/**
390 391 392
 * @defgroup authorize Authorized operations
 * @{
 * Functions to run operations with elevated privileges via authorize.php.
393
 *
394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413
 * Because of the Update manager functionality included in Drupal core, there
 * is a mechanism for running operations with elevated file system privileges,
 * the top-level authorize.php script. This script runs at a reduced Drupal
 * bootstrap level so that it is not reliant on the entire site being
 * functional. The operations use a FileTransfer class to manipulate code
 * installed on the system as the user that owns the files, not the user that
 * the httpd is running as.
 *
 * The first setup is to define a callback function that should be authorized
 * to run with the elevated privileges. This callback should take a
 * FileTransfer as its first argument, although you can define an array of
 * other arguments it should be invoked with. The callback should be placed in
 * a separate .inc file that will be included by authorize.php.
 *
 * To run the operation, certain data must be saved into the SESSION, and then
 * the flow of control should be redirected to the authorize.php script. There
 * are two ways to do this, either to call system_authorized_run() directly,
 * or to call system_authorized_init() and then redirect to authorize.php,
 * using the URL from system_authorized_get_url(). Redirecting yourself is
 * necessary when your authorized operation is being triggered by a form
414
 * submit handler, since calling redirecting in a submit handler is a bad
415
 * idea, and you should instead use $form_state->setRedirect().
416 417 418 419 420 421 422 423 424 425
 *
 * Once the SESSION is setup for the operation and the user is redirected to
 * authorize.php, they will be prompted for their connection credentials (core
 * provides FTP and SSH by default, although other connection classes can be
 * added via contributed modules). With valid credentials, authorize.php will
 * instantiate the appropriate FileTransfer object, and then invoke the
 * desired operation passing in that object. The authorize.php script can act
 * as a Batch API processing page, if the operation requires a batch.
 *
 * @see authorize.php
426
 * @see \Drupal\Core\FileTransfer\FileTransfer
427
 * @see hook_filetransfer_info()
428 429 430 431 432
 */

/**
 * Setup a given callback to run via authorize.php with elevated privileges.
 *
433 434 435 436 437 438 439 440 441
 * To use authorize.php, certain variables must be stashed into $_SESSION. This
 * function sets up all the necessary $_SESSION variables. The calling function
 * should then redirect to authorize.php, using the full path returned by
 * system_authorized_get_url(). That initiates the workflow that will eventually
 * lead to the callback being invoked. The callback will be invoked at a low
 * bootstrap level, without all modules being invoked, so it needs to be careful
 * not to assume any code exists. Example (system_authorized_run()):
 * @code
 *   system_authorized_init($callback, $file, $arguments, $page_title);
442
 *   return new RedirectResponse(system_authorized_get_url()->toString());
443 444 445 446 447 448
 * @endcode
 * Example (update_manager_install_form_submit()):
 * @code
 *  system_authorized_init('update_authorize_run_install',
 *    drupal_get_path('module', 'update') . '/update.authorize.inc',
 *    $arguments, t('Update manager'));
449
 *  $form_state->setRedirectUrl(system_authorized_get_url());
450
 * @endcode
451
 *
452
 * @param callable $callback
453
 *   The name of the function to invoke once the user authorizes the operation.
454 455 456 457 458 459 460 461 462
 * @param $file
 *   The full path to the file where the callback function is implemented.
 * @param $arguments
 *   Optional array of arguments to pass into the callback when it is invoked.
 *   Note that the first argument to the callback is always the FileTransfer
 *   object created by authorize.php when the user authorizes the operation.
 * @param $page_title
 *   Optional string to use as the page title once redirected to authorize.php.
 * @return
463
 *   Nothing, this function just initializes variables in the user's session.
464
 */
465
function system_authorized_init($callback, $file, $arguments = [], $page_title = NULL) {
466 467 468
  // First, figure out what file transfer backends the site supports, and put
  // all of those in the SESSION so that authorize.php has access to all of
  // them via the class autoloader, even without a full bootstrap.
469
  $_SESSION['authorize_filetransfer_info'] = drupal_get_filetransfer_info();
470 471

  // Now, define the callback to invoke.
472
  $_SESSION['authorize_operation'] = [
473 474 475
    'callback' => $callback,
    'file' => $file,
    'arguments' => $arguments,
476
  ];
477 478

  if (isset($page_title)) {
479
    $_SESSION['authorize_page_title'] = $page_title;
480
  }
481
}
482

483 484
/**
 * Return the URL for the authorize.php script.
485 486
 *
 * @param array $options
487
 *   Optional array of options to set on the \Drupal\Core\Url object.
488
 * @return \Drupal\Core\Url
489
 *   The full URL to authorize.php, using HTTPS if available.
490 491
 *
 * @see system_authorized_init()
492
 */
493
function system_authorized_get_url(array $options = []) {
494 495
  // core/authorize.php is an unrouted URL, so using the base: scheme is
  // the correct usage for this case.
496
  $url = Url::fromUri('base:core/authorize.php');
497 498 499
  $url_options = $url->getOptions();
  $url->setOptions($options + $url_options);
  return $url;
500 501
}

502 503
/**
 * Returns the URL for the authorize.php script when it is processing a batch.
504 505
 *
 * @param array $options
506
 *   Optional array of options to set on the \Drupal\Core\Url object.
507 508
 *
 * @return \Drupal\Core\Url
509
 */
510 511
function system_authorized_batch_processing_url(array $options = []) {
  $options['query'] = ['batch' => '1'];
512
  return system_authorized_get_url($options);
513 514
}

515 516 517
/**
 * Setup and invoke an operation using authorize.php.
 *
518
 * @see system_authorized_init()
519
 */
520
function system_authorized_run($callback, $file, $arguments = [], $page_title = NULL) {
521
  system_authorized_init($callback, $file, $arguments, $page_title);
522
  return new RedirectResponse(system_authorized_get_url()->toString());
523 524
}

525 526 527 528 529 530 531
/**
 * Use authorize.php to run batch_process().
 *
 * @see batch_process()
 */
function system_authorized_batch_process() {
  $finish_url = system_authorized_get_url();
532
  $process_url = system_authorized_batch_processing_url();
533
  return batch_process($finish_url->setAbsolute()->toString(), $process_url);
534 535
}

536 537 538 539
/**
 * @} End of "defgroup authorize".
 */

540
/**
541
 * Implements hook_updater_info().
542 543
 */
function system_updater_info() {
544 545
  return [
    'module' => [
546
      'class' => 'Drupal\Core\Updater\Module',
547 548
      'name' => t('Update modules'),
      'weight' => 0,
549 550
    ],
    'theme' => [
551
      'class' => 'Drupal\Core\Updater\Theme',
552 553
      'name' => t('Update themes'),
      'weight' => 0,
554 555
    ],
  ];
556 557
}

558
/**
559
 * Implements hook_filetransfer_info().
560
 */
561
function system_filetransfer_info() {
562
  $backends = [];
563

564
  // This is the default, will be available on most systems.
565
  if (function_exists('ftp_connect')) {
566
    $backends['ftp'] = [
567
      'title' => t('FTP'),
568
      'class' => 'Drupal\Core\FileTransfer\FTP',
569
      'weight' => 0,
570
    ];
571
  }
572

573 574 575
  // SSH2 lib connection is only available if the proper PHP extension is
  // installed.
  if (function_exists('ssh2_connect')) {
576
    $backends['ssh'] = [
577
      'title' => t('SSH'),
578
      'class' => 'Drupal\Core\FileTransfer\SSH',
579
      'weight' => 20,
580
    ];
581 582 583 584
  }
  return $backends;
}

585
/**
586
 * Implements hook_page_attachments().
587 588
 *
 * @see template_preprocess_maintenance_page()
589
 * @see \Drupal\Core\EventSubscriber\ActiveLinkResponseFilter
590
 */
591
function system_page_attachments(array &$page) {
592
  // Ensure the same CSS is loaded in template_preprocess_maintenance_page().
593
  $page['#attached']['library'][] = 'system/base';
594
  if (\Drupal::service('router.admin_context')->isAdminRoute()) {
595
    $page['#attached']['library'][] = 'system/admin';
596
  }
597

598
  // Attach libraries used by this theme.
599 600 601 602 603 604 605 606 607
  $active_theme = \Drupal::theme()->getActiveTheme();
  foreach ($active_theme->getLibraries() as $library) {
    $page['#attached']['library'][] = $library;
  }

  // Attach favicon.
  if (theme_get_setting('features.favicon')) {
    $favicon = theme_get_setting('favicon.url');
    $type = theme_get_setting('favicon.mimetype');
608
    $page['#attached']['html_head_link'][][] = [
609 610 611
      'rel' => 'shortcut icon',
      'href' => UrlHelper::stripDangerousProtocols($favicon),
      'type' => $type,
612
    ];
613 614 615
  }

  // Get the major Drupal version.
616
  list($version,) = explode('.', \Drupal::VERSION);
617 618

  // Attach default meta tags.
619
  $meta_default = [
620 621 622
    // Make sure the Content-Type comes first because the IE browser may be
    // vulnerable to XSS via encoding attacks from any content that comes
    // before this META tag, such as a TITLE tag.
623
    'system_meta_content_type' => [
624
      '#tag' => 'meta',
625
      '#attributes' => [
626
        'charset' => 'utf-8',
627
      ],
628 629
      // Security: This always has to be output first.
      '#weight' => -1000,
630
    ],
631
    // Show Drupal and the major version number in the META GENERATOR tag.
632
    'system_meta_generator' => [
633 634
      '#type' => 'html_tag',
      '#tag' => 'meta',
635
      '#attributes' => [
636
        'name' => 'Generator',
637
        'content' => 'Drupal ' . $version . ' (https://www.drupal.org)',
638 639
      ],
    ],
640
    // Attach default mobile meta tags for responsive design.
641
    'MobileOptimized' => [
642
      '#tag' => 'meta',
643
      '#attributes' => [
644 645
        'name' => 'MobileOptimized',
        'content' => 'width',
646 647 648
      ],
    ],
    'HandheldFriendly' => [
649
      '#tag' => 'meta',
650
      '#attributes' => [
651 652
        'name' => 'HandheldFriendly',
        'content' => 'true',
653 654 655
      ],
    ],
    'viewport' => [
656
      '#tag' => 'meta',
657
      '#attributes' => [
658 659
        'name' => 'viewport',
        'content' => 'width=device-width, initial-scale=1.0',
660 661 662
      ],
    ],
  ];
663 664 665 666
  foreach ($meta_default as $key => $value) {
    $page['#attached']['html_head'][] = [$value, $key];
  }

667 668
  // Handle setting the "active" class on links by:
  // - loading the active-link library if the current user is authenticated;
669
  // - applying a response filter if the current user is anonymous.
670
  // @see \Drupal\Core\Link
671
  // @see \Drupal\Core\Utility\LinkGenerator::generate()
672
  // @see template_preprocess_links()
673
  // @see \Drupal\Core\EventSubscriber\ActiveLinkResponseFilter
674
  if (\Drupal::currentUser()->isAuthenticated()) {
675
    $page['#attached']['library'][] = 'core/drupal.active-link';
676
  }
677 678
}

679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704
/**
 * Implements hook_js_settings_build().
 *
 * Sets values for the core/drupal.ajax library, which just depends on the
 * active theme but no other request-dependent values.
 */
function system_js_settings_build(&$settings, AttachedAssetsInterface $assets) {
  // Generate the values for the core/drupal.ajax library.
  // We need to send ajaxPageState settings for core/drupal.ajax if:
  // - ajaxPageState is being loaded in this Response, in which case it will
  //   already exist at $settings['ajaxPageState'] (because the core/drupal.ajax
  //   library definition specifies a placeholder 'ajaxPageState' setting).
  // - core/drupal.ajax already has been loaded and hence this is an AJAX
  //   Response in which we must send the list of extra asset libraries that are
  //   being added in this AJAX Response.
  /** @var \Drupal\Core\Asset\LibraryDependencyResolver $library_dependency_resolver */
  $library_dependency_resolver = \Drupal::service('library.dependency_resolver');
  if (isset($settings['ajaxPageState']) || in_array('core/drupal.ajax', $library_dependency_resolver->getLibrariesWithDependencies($assets->getAlreadyLoadedLibraries()))) {
    // Provide the page with information about the theme that's used, so that
    // a later AJAX request can be rendered using the same theme.
    // @see \Drupal\Core\Theme\AjaxBasePageNegotiator
    $theme_key = \Drupal::theme()->getActiveTheme()->getName();
    $settings['ajaxPageState']['theme'] = $theme_key;
  }
}

705 706 707
/**
 * Implements hook_js_settings_alter().
 *
708 709
 * Sets values which depend on the current request, like core/drupalSettings
 * as well as theme_token ajax state.
710
 */
711
function system_js_settings_alter(&$settings, AttachedAssetsInterface $assets) {
712 713 714
  // As this is being output in the final response always use the master
  // request.
  $request = \Drupal::requestStack()->getMasterRequest();
715
  $current_query = $request->query->all();
716 717 718 719 720 721 722 723

  // Let output path processors set a prefix.
  /** @var \Drupal\Core\PathProcessor\OutboundPathProcessorInterface $path_processor */
  $path_processor = \Drupal::service('path_processor_manager');
  $options = ['prefix' => ''];
  $path_processor->processOutbound('/', $options);
  $pathPrefix = $options['prefix'];

724 725 726 727 728 729
  $route_match = \Drupal::routeMatch();
  if ($route_match instanceof StackedRouteMatchInterface) {
    $route_match = $route_match->getMasterRouteMatch();
  }
  $current_path = $route_match->getRouteName() ? Url::fromRouteMatch($route_match)->getInternalPath() : '';
  $current_path_is_admin = \Drupal::service('router.admin_context')->isAdminRoute($route_match->getRouteObject());
730 731 732 733 734
  $path_settings = [
    'baseUrl' => $request->getBaseUrl() . '/',
    'pathPrefix' => $pathPrefix,
    'currentPath' => $current_path,
    'currentPathIsAdmin' => $current_path_is_admin,
735
    'isFront' => \Drupal::service('path.matcher')->isFrontPage(),
736 737 738 739 740 741 742 743 744 745 746 747 748
    'currentLanguage' => \Drupal::languageManager()->getCurrentLanguage(LanguageInterface::TYPE_URL)->getId(),
  ];
  if (!empty($current_query)) {
    ksort($current_query);
    $path_settings['currentQuery'] = (object) $current_query;
  }

  // Only set core/drupalSettings values that haven't been set already.
  foreach ($path_settings as $key => $value) {
    if (!isset($settings['path'][$key])) {
      $settings['path'][$key] = $value;
    }
  }
749 750
  if (!isset($settings['pluralDelimiter'])) {
    $settings['pluralDelimiter'] = LOCALE_PLURAL_DELIMITER;
751
  }
752
  // Add the theme token to ajaxPageState, ensuring the database is available
753
  // before doing so. Also add the loaded libraries to ajaxPageState.
754 755 756 757
  /** @var \Drupal\Core\Asset\LibraryDependencyResolver $library_dependency_resolver */
  $library_dependency_resolver = \Drupal::service('library.dependency_resolver');
  if (isset($settings['ajaxPageState']) || in_array('core/drupal.ajax', $library_dependency_resolver->getLibrariesWithDependencies($assets->getAlreadyLoadedLibraries()))) {
    if (!defined('MAINTENANCE_MODE')) {
758 759 760 761 762 763 764 765
      // The theme token is only validated when the theme requested is not the
      // default, so don't generate it unless necessary.
      // @see \Drupal\Core\Theme\AjaxBasePageNegotiator::determineActiveTheme()
      $active_theme_key = \Drupal::theme()->getActiveTheme()->getName();
      if ($active_theme_key !== \Drupal::service('theme_handler')->getDefault()) {
        $settings['ajaxPageState']['theme_token'] = \Drupal::csrfToken()
          ->get($active_theme_key);
      }
766
    }
767 768
    // Provide the page with information about the individual asset libraries
    // used, information not otherwise available when aggregation is enabled.
769
    $minimal_libraries = $library_dependency_resolver->getMinimalRepresentativeSubset(array_unique(array_merge(
770 771
      $assets->getLibraries(),
      $assets->getAlreadyLoadedLibraries()
772
    )));
773 774
    sort($minimal_libraries);
    $settings['ajaxPageState']['libraries'] = implode(',', $minimal_libraries);
775
  }
776 777
}

778 779 780 781 782 783 784 785 786 787 788 789 790 791 792 793 794 795 796 797 798 799 800
/**
 * Implements hook_form_alter().
 */
function system_form_alter(&$form, FormStateInterface $form_state) {
  // If the page that's being built is cacheable, set the 'immutable' flag, to
  // ensure that when the form is used, a new form build ID is generated when
  // appropriate, to prevent information disclosure.

  // Note: This code just wants to know whether cache response headers are set,
  // not whether page_cache module will be active.
  // \Drupal\Core\EventSubscriber\FinishResponseSubscriber::onRespond will
  // send those headers, in case $request_policy->check($request) succeeds. In
  // that case we need to ensure that the immutable flag is sot, so future POST
  // request won't take over the form state of another user.
  /** @var \Drupal\Core\PageCache\RequestPolicyInterface $request_policy */
  $request_policy = \Drupal::service('page_cache_request_policy');
  $request = \Drupal::requestStack()->getCurrentRequest();
  $request_is_cacheable = $request_policy->check($request) === RequestPolicyInterface::ALLOW;
  if ($request_is_cacheable) {
    $form_state->addBuildInfo('immutable', TRUE);
  }
}

Dries's avatar
Dries committed
801
/**
802
 * Implements hook_form_FORM_ID_alter() for \Drupal\user\AccountForm.
Dries's avatar
Dries committed
803
 */
804
function system_form_user_form_alter(&$form, FormStateInterface $form_state) {
805
  if (\Drupal::config('system.date')->get('timezone.user.configurable')) {
806
    system_user_timezone($form, $form_state);
807 808 809 810
  }
}

/**
811
 * Implements hook_form_FORM_ID_alter() for \Drupal\user\RegisterForm.
812
 */
813
function system_form_user_register_form_alter(&$form, FormStateInterface $form_state) {
814
  $config = \Drupal::config('system.date');
815
  if ($config->get('timezone.user.configurable') && $config->get('timezone.user.default') == DRUPAL_USER_TIMEZONE_SELECT) {
816
    system_user_timezone($form, $form_state);
817
  }
818 819
}

820
/**
821
 * Implements hook_ENTITY_TYPE_presave() for user entities.
822
 */
823
function system_user_presave(UserInterface $account) {
824
  $config = \Drupal::config('system.date');
825 826
  if ($config->get('timezone.user.configurable') && !$account->getTimeZone() && !$config->get('timezone.user.default')) {
    $account->timezone = $config->get('timezone.default');
827 828 829
  }
}

830
/**
831
 * Implements hook_user_login().
832
 */
833
function system_user_login(UserInterface $account) {
834
  $config = \Drupal::config('system.date');
835
  // If the user has a NULL time zone, notify them to set a time zone.
836
  if (!$account->getTimezone() && $config->get('timezone.user.configurable') && $config->get('timezone.user.warn')) {
837 838 839 840 841 842 843
    \Drupal::messenger()
      ->addStatus(t('Configure your <a href=":user-edit">account time zone setting</a>.', [
        ':user-edit' => $account->url('edit-form', [
          'query' => \Drupal::destination()->getAsArray(),
          'fragment' => 'edit-timezone',
        ]),
      ]));
844 845 846 847 848 849
  }
}

/**
 * Add the time zone field to the user edit and register forms.
 */
850
function system_user_timezone(&$form, FormStateInterface $form_state) {
851
  $user = \Drupal::currentUser();
852

853
  $account = $form_state->getFormObject()->getEntity();
854
  $form['timezone'] = [
855
    '#type' => 'details',
856
    '#title' => t('Locale settings'),
857
    '#open' => TRUE,
858
    '#weight' => 6,
859 860
  ];
  $form['timezone']['timezone'] = [
861 862
    '#type' => 'select',
    '#title' => t('Time zone'),
863
    '#default_value' => $account->getTimezone() ? $account->getTimezone() : \Drupal::config('system.date')->get('timezone.default'),
864
    '#options' => system_time_zones($account->id() != $user->id(), TRUE),
865
    '#description' => t('Select the desired local time and time zone. Dates and times throughout this site will be displayed using this time zone.'),
866
  ];
867 868
  $user_input = $form_state->getUserInput();
  if (!$account->getTimezone() && $account->id() == $user->id() && empty($user_input['timezone'])) {
869
    $form['timezone']['#attached']['library'][] = 'core/drupal.timezone';
870
    $form['timezone']['timezone']['#attributes'] = ['class' => ['timezone-detect']];
871 872 873
  }
}

874
/**
875
 * Implements hook_preprocess_HOOK() for block templates.
876
 */
877
function system_preprocess_block(&$variables) {
878
  switch ($variables['base_plugin_id']) {
879 880 881 882 883 884 885 886 887 888 889
    case 'system_branding_block':
      $variables['site_logo'] = '';
      if ($variables['content']['site_logo']['#access'] && $variables['content']['site_logo']['#uri']) {
        $variables['site_logo'] = $variables['content']['site_logo']['#uri'];
      }
      $variables['site_name'] = '';
      if ($variables['content']['site_name']['#access'] && $variables['content']['site_name']['#markup']) {
        $variables['site_name'] = $variables['content']['site_name']['#markup'];
      }
      $variables['site_slogan'] = '';
      if ($variables['content']['site_slogan']['#access'] && $variables['content']['site_slogan']['#markup']) {
890 891 892
        $variables['site_slogan'] = [
          '#markup' => $variables['content']['site_slogan']['#markup'],
        ];