Skip navigation
Help

authorize.inc

  1. drupal
    1. 7 drupal/includes/authorize.inc

Helper functions and form handlers used for the authorize.php script.

Functions & methods

NameDescription
authorize_filetransfer_formBuild the form for choosing a FileTransfer type and supplying credentials.
authorize_filetransfer_form_submitSubmit callback when a file transfer is being authorized.
authorize_filetransfer_form_validateValidate callback for the filetransfer authorization form.
authorize_get_filetransferGet a FileTransfer class for a specific transfer method and settings.
authorize_run_operationRun the operation specified in $_SESSION['authorize_operation']
_authorize_filetransfer_connection_settingsGenerate the Form API array for the settings for a given connection backend.
_authorize_filetransfer_connection_settings_set_defaultsRecursively fill in the default settings on a file transfer connection form.

File

drupal/includes/authorize.inc
View source
  1. <?php
  2. /**
  3. * @file
  4. * Helper functions and form handlers used for the authorize.php script.
  5. */
  6. /**
  7. * Build the form for choosing a FileTransfer type and supplying credentials.
  8. */
  9. function authorize_filetransfer_form($form, &$form_state) {
  10. global $base_url, $is_https;
  11. $form = array();
  12. // If possible, we want to post this form securely via https.
  13. $form['#https'] = TRUE;
  14. // CSS we depend on lives in modules/system/maintenance.css, which is loaded
  15. // via the default maintenance theme.
  16. $form['#attached']['js'][] = $base_url . '/misc/authorize.js';
  17. // Get all the available ways to transfer files.
  18. if (empty($_SESSION['authorize_filetransfer_info'])) {
  19. drupal_set_message(t('Unable to continue, no available methods of file transfer'), 'error');
  20. return array();
  21. }
  22. $available_backends = $_SESSION['authorize_filetransfer_info'];
  23. if (!$is_https) {
  24. $form['information']['https_warning'] = array(
  25. '#prefix' => '<div class="messages error">',
  26. '#markup' => t('WARNING: You are not using an encrypted connection, so your password will be sent in plain text. <a href="@https-link">Learn more</a>.', array('@https-link' => 'http://drupal.org/https-information')),
  27. '#suffix' => '</div>',
  28. );
  29. }
  30. // Decide on a default backend.
  31. if (isset($form_state['values']['connection_settings']['authorize_filetransfer_default'])) {
  32. $authorize_filetransfer_default = $form_state['values']['connection_settings']['authorize_filetransfer_default'];
  33. }
  34. elseif ($authorize_filetransfer_default = variable_get('authorize_filetransfer_default', NULL));
  35. else {
  36. $authorize_filetransfer_default = key($available_backends);
  37. }
  38. $form['information']['main_header'] = array(
  39. '#prefix' => '<h3>',
  40. '#markup' => t('To continue, provide your server connection details'),
  41. '#suffix' => '</h3>',
  42. );
  43. $form['connection_settings']['#tree'] = TRUE;
  44. $form['connection_settings']['authorize_filetransfer_default'] = array(
  45. '#type' => 'select',
  46. '#title' => t('Connection method'),
  47. '#default_value' => $authorize_filetransfer_default,
  48. '#weight' => -10,
  49. );
  50. /*
  51. * Here we create two submit buttons. For a JS enabled client, they will
  52. * only ever see submit_process. However, if a client doesn't have JS
  53. * enabled, they will see submit_connection on the first form (when picking
  54. * what filetransfer type to use, and submit_process on the second one (which
  55. * leads to the actual operation).
  56. */
  57. $form['submit_connection'] = array(
  58. '#prefix' => "<br style='clear:both'/>",
  59. '#name' => 'enter_connection_settings',
  60. '#type' => 'submit',
  61. '#value' => t('Enter connection settings'),
  62. '#weight' => 100,
  63. );
  64. $form['submit_process'] = array(
  65. '#name' => 'process_updates',
  66. '#type' => 'submit',
  67. '#value' => t('Continue'),
  68. '#weight' => 100,
  69. '#attributes' => array('style' => 'display:none'),
  70. );
  71. // Build a container for each connection type.
  72. foreach ($available_backends as $name => $backend) {
  73. $form['connection_settings']['authorize_filetransfer_default']['#options'][$name] = $backend['title'];
  74. $form['connection_settings'][$name] = array(
  75. '#type' => 'container',
  76. '#attributes' => array('class' => array("filetransfer-$name", 'filetransfer')),
  77. );
  78. // We can't use #prefix on the container itself since then the header won't
  79. // be hidden and shown when the containers are being manipulated via JS.
  80. $form['connection_settings'][$name]['header'] = array(
  81. '#markup' => '<h4>' . t('@backend connection settings', array('@backend' => $backend['title'])) . '</h4>',
  82. );
  83. $form['connection_settings'][$name] += _authorize_filetransfer_connection_settings($name);
  84. // Start non-JS code.
  85. if (isset($form_state['values']['connection_settings']['authorize_filetransfer_default']) && $form_state['values']['connection_settings']['authorize_filetransfer_default'] == $name) {
  86. // If the user switches from JS to non-JS, Drupal (and Batch API) will
  87. // barf. This is a known bug: http://drupal.org/node/229825.
  88. setcookie('has_js', '', time() - 3600, '/');
  89. unset($_COOKIE['has_js']);
  90. // Change the submit button to the submit_process one.
  91. $form['submit_process']['#attributes'] = array();
  92. unset($form['submit_connection']);
  93. // Activate the proper filetransfer settings form.
  94. $form['connection_settings'][$name]['#attributes']['style'] = 'display:block';
  95. // Disable the select box.
  96. $form['connection_settings']['authorize_filetransfer_default']['#disabled'] = TRUE;
  97. // Create a button for changing the type of connection.
  98. $form['connection_settings']['change_connection_type'] = array(
  99. '#name' => 'change_connection_type',
  100. '#type' => 'submit',
  101. '#value' => t('Change connection type'),
  102. '#weight' => -5,
  103. '#attributes' => array('class' => array('filetransfer-change-connection-type')),
  104. );
  105. }
  106. // End non-JS code.
  107. }
  108. return $form;
  109. }
  110. /**
  111. * Generate the Form API array for the settings for a given connection backend.
  112. *
  113. * @param $backend
  114. * The name of the backend (e.g. 'ftp', 'ssh', etc).
  115. * @return
  116. * Form API array of connection settings for the given backend.
  117. *
  118. * @see hook_filetransfer_backends()
  119. */
  120. function _authorize_filetransfer_connection_settings($backend) {
  121. $defaults = variable_get('authorize_filetransfer_connection_settings_' . $backend, array());
  122. $form = array();
  123. // Create an instance of the file transfer class to get its settings form.
  124. $filetransfer = authorize_get_filetransfer($backend);
  125. if ($filetransfer) {
  126. $form = $filetransfer->getSettingsForm();
  127. }
  128. // Fill in the defaults based on the saved settings, if any.
  129. _authorize_filetransfer_connection_settings_set_defaults($form, NULL, $defaults);
  130. return $form;
  131. }
  132. /**
  133. * Recursively fill in the default settings on a file transfer connection form.
  134. *
  135. * The default settings for the file transfer connection forms are saved in
  136. * the database. The settings are stored as a nested array in the case of a
  137. * settings form that has fieldsets or otherwise uses a nested structure.
  138. * Therefore, to properly add defaults, we need to walk through all the
  139. * children form elements and process those defaults recursively.
  140. *
  141. * @param $element
  142. * Reference to the Form API form element we're operating on.
  143. * @param $key
  144. * The key for our current form element, if any.
  145. * @param array $defaults
  146. * The default settings for the file transfer backend we're operating on.
  147. * @return
  148. * Nothing, this function just sets $element['#default_value'] if needed.
  149. */
  150. function _authorize_filetransfer_connection_settings_set_defaults(&$element, $key, array $defaults) {
  151. // If we're operating on a form element which isn't a fieldset, and we have
  152. // a default setting saved, stash it in #default_value.
  153. if (!empty($key) && isset($defaults[$key]) && isset($element['#type']) && $element['#type'] != 'fieldset') {
  154. $element['#default_value'] = $defaults[$key];
  155. }
  156. // Now, we walk through all the child elements, and recursively invoke
  157. // ourself on each one. Since the $defaults settings array can be nested
  158. // (because of #tree, any values inside fieldsets will be nested), if
  159. // there's a subarray of settings for the form key we're currently
  160. // processing, pass in that subarray to the recursive call. Otherwise, just
  161. // pass on the whole $defaults array.
  162. foreach (element_children($element) as $child_key) {
  163. _authorize_filetransfer_connection_settings_set_defaults($element[$child_key], $child_key, ((isset($defaults[$key]) && is_array($defaults[$key])) ? $defaults[$key] : $defaults));
  164. }
  165. }
  166. /**
  167. * Validate callback for the filetransfer authorization form.
  168. *
  169. * @see authorize_filetransfer_form()
  170. */
  171. function authorize_filetransfer_form_validate($form, &$form_state) {
  172. // Only validate the form if we have collected all of the user input and are
  173. // ready to proceed with updating or installing.
  174. if ($form_state['triggering_element']['#name'] != 'process_updates') {
  175. return;
  176. }
  177. if (isset($form_state['values']['connection_settings'])) {
  178. $backend = $form_state['values']['connection_settings']['authorize_filetransfer_default'];
  179. $filetransfer = authorize_get_filetransfer($backend, $form_state['values']['connection_settings'][$backend]);
  180. try {
  181. if (!$filetransfer) {
  182. throw new Exception(t('Error, this type of connection protocol (%backend) does not exist.', array('%backend' => $backend)));
  183. }
  184. $filetransfer->connect();
  185. }
  186. catch (Exception $e) {
  187. // The format of this error message is similar to that used on the
  188. // database connection form in the installer.
  189. form_set_error('connection_settings', t('Failed to connect to the server. The server reports the following message: !message For more help installing or updating code on your server, see the <a href="@handbook_url">handbook</a>.', array(
  190. '!message' => '<p class="error">' . $e->getMessage() . '</p>',
  191. '@handbook_url' => 'http://drupal.org/documentation/install/modules-themes',
  192. )));
  193. }
  194. }
  195. }
  196. /**
  197. * Submit callback when a file transfer is being authorized.
  198. *
  199. * @see authorize_filetransfer_form()
  200. */
  201. function authorize_filetransfer_form_submit($form, &$form_state) {
  202. global $base_url;
  203. switch ($form_state['triggering_element']['#name']) {
  204. case 'process_updates':
  205. // Save the connection settings to the DB.
  206. $filetransfer_backend = $form_state['values']['connection_settings']['authorize_filetransfer_default'];
  207. // If the database is available then try to save our settings. We have
  208. // to make sure it is available since this code could potentially (will
  209. // likely) be called during the installation process, before the
  210. // database is set up.
  211. try {
  212. $connection_settings = array();
  213. foreach ($form_state['values']['connection_settings'][$filetransfer_backend] as $key => $value) {
  214. // We do *not* want to store passwords in the database, unless the
  215. // backend explicitly says so via the magic #filetransfer_save form
  216. // property. Otherwise, we store everything that's not explicitly
  217. // marked with #filetransfer_save set to FALSE.
  218. if (!isset($form['connection_settings'][$filetransfer_backend][$key]['#filetransfer_save'])) {
  219. if ($form['connection_settings'][$filetransfer_backend][$key]['#type'] != 'password') {
  220. $connection_settings[$key] = $value;
  221. }
  222. }
  223. // The attribute is defined, so only save if set to TRUE.
  224. elseif ($form['connection_settings'][$filetransfer_backend][$key]['#filetransfer_save']) {
  225. $connection_settings[$key] = $value;
  226. }
  227. }
  228. // Set this one as the default authorize method.
  229. variable_set('authorize_filetransfer_default', $filetransfer_backend);
  230. // Save the connection settings minus the password.
  231. variable_set('authorize_filetransfer_connection_settings_' . $filetransfer_backend, $connection_settings);
  232. $filetransfer = authorize_get_filetransfer($filetransfer_backend, $form_state['values']['connection_settings'][$filetransfer_backend]);
  233. // Now run the operation.
  234. authorize_run_operation($filetransfer);
  235. }
  236. catch (Exception $e) {
  237. // If there is no database available, we don't care and just skip
  238. // this part entirely.
  239. }
  240. break;
  241. case 'enter_connection_settings':
  242. $form_state['rebuild'] = TRUE;
  243. break;
  244. case 'change_connection_type':
  245. $form_state['rebuild'] = TRUE;
  246. unset($form_state['values']['connection_settings']['authorize_filetransfer_default']);
  247. break;
  248. }
  249. }
  250. /**
  251. * Run the operation specified in $_SESSION['authorize_operation']
  252. *
  253. * @param $filetransfer
  254. * The FileTransfer object to use for running the operation.
  255. */
  256. function authorize_run_operation($filetransfer) {
  257. $operation = $_SESSION['authorize_operation'];
  258. unset($_SESSION['authorize_operation']);
  259. if (!empty($operation['page_title'])) {
  260. drupal_set_title($operation['page_title']);
  261. }
  262. require_once DRUPAL_ROOT . '/' . $operation['file'];
  263. call_user_func_array($operation['callback'], array_merge(array($filetransfer), $operation['arguments']));
  264. }
  265. /**
  266. * Get a FileTransfer class for a specific transfer method and settings.
  267. *
  268. * @param $backend
  269. * The FileTransfer backend to get the class for.
  270. * @param $settings
  271. * Array of settings for the FileTransfer.
  272. * @return
  273. * An instantiated FileTransfer object for the requested method and settings,
  274. * or FALSE if there was an error finding or instantiating it.
  275. */
  276. function authorize_get_filetransfer($backend, $settings = array()) {
  277. $filetransfer = FALSE;
  278. if (!empty($_SESSION['authorize_filetransfer_info'][$backend])) {
  279. $backend_info = $_SESSION['authorize_filetransfer_info'][$backend];
  280. if (!empty($backend_info['file'])) {
  281. $file = $backend_info['file path'] . '/' . $backend_info['file'];
  282. require_once $file;
  283. }
  284. if (class_exists($backend_info['class'])) {
  285. // PHP 5.2 doesn't support $class::factory() syntax, so we have to
  286. // use call_user_func_array() until we can require PHP 5.3.
  287. $filetransfer = call_user_func_array(array($backend_info['class'], 'factory'), array(DRUPAL_ROOT, $settings));
  288. }
  289. }
  290. return $filetransfer;
  291. }