Skip navigation
Help

bootstrap.inc

  1. drupal
    1. 6 drupal/includes/bootstrap.inc
    2. 7 drupal/includes/bootstrap.inc

Functions that need to be loaded on every Drupal request.

Functions & methods

NameDescription
bootstrap_hooksDefine the critical hooks that force modules to always be loaded.
bootstrap_invoke_allCall all init or exit hooks without including all modules.
check_plainEncode special characters in a plain-text string for display as HTML.
conf_initLoads the configuration and sets the base URL, cookie domain, and session name correctly.
conf_pathFind the appropriate configuration directory.
drupal_anonymous_userGenerates a default anonymous $user object.
drupal_bootstrapA string describing a phase of Drupal to load. Each phase adds to the previous one, so invoking a later phase automatically runs the earlier phases too. The most important usage is that if you want to access the Drupal database from a script without…
drupal_get_filenameReturns and optionally sets the filename for a system item (module, theme, etc.). The filename, whether provided, cached, or retrieved from the database, is only returned if the file exists.
drupal_get_messagesReturn all messages that have been set.
drupal_init_languageChoose a language for the current page, based on site and user preferences.
drupal_is_deniedPerform an access check for a given mask and rule type. Rules are usually created via admin/user/rules page.
drupal_loadIncludes a file with the provided type and name. This prevents including a theme, engine, module, etc., more than once.
drupal_maintenance_themeEnables use of the theme system without requiring database access.
drupal_page_cache_headerSet HTTP headers in preparation for a cached page response.
drupal_page_headerSet HTTP headers in preparation for a page response.
drupal_set_messageSet a message which reflects the status of the performed operation.
drupal_unpackUnserializes and appends elements from a serialized string.
drupal_unset_globalsUnsets all disallowed global variables. See $allowed for what's allowed.
drupal_validate_utf8Checks whether a string is valid UTF-8.
drupal_valid_http_hostValidate that a hostname (for example $_SERVER['HTTP_HOST']) is safe.
get_tReturn the name of the localisation function. Use in code that needs to run both during installation and normal operation.
ip_addressIf Drupal is behind a reverse proxy, we use the X-Forwarded-For header instead of $_SERVER['REMOTE_ADDR'], which would be the IP address of the proxy server, and not the client's.
language_defaultDefault language used on the site
language_listGet a list of languages set up indexed by the specified key
page_get_cacheRetrieve the current page from the cache.
referer_uriReturn the URI of the referring page.
request_uriSince $_SERVER['REQUEST_URI'] is only available on Apache, we generate an equivalent using other environment variables.
timer_readRead the current timer value without stopping the timer.
timer_startStart the timer with the specified name. If you start and stop the same timer multiple times, the measured intervals will be accumulated.
timer_stopStop the timer with the specified name.
variable_delUnsets a persistent variable.
variable_getReturns a persistent variable.
variable_initLoad the persistent variable table.
variable_setSets a persistent variable.
watchdogLog a system message.
_drupal_bootstrap

Constants

NameDescription
CACHE_AGGRESSIVEIndicates that page caching is using "aggressive" mode. This bypasses loading any modules for additional speed, which may break functionality in modules that expect to be run on each page load.
CACHE_DISABLEDIndicates that page caching is disabled.
CACHE_NORMALIndicates that page caching is enabled, using "normal" mode.
CACHE_PERMANENTIndicates that the item should never be removed unless explicitly told to using cache_clear_all() with a cache ID.
CACHE_TEMPORARYIndicates that the item should be removed at the next general cache wipe.
DRUPAL_ANONYMOUS_RIDRole ID for anonymous users; should match what's in the "role" table.
DRUPAL_AUTHENTICATED_RIDRole ID for authenticated users; should match what's in the "role" table.
DRUPAL_BOOTSTRAP_ACCESSFourth bootstrap phase: identify and reject banned hosts.
DRUPAL_BOOTSTRAP_CONFIGURATIONFirst bootstrap phase: initialize configuration.
DRUPAL_BOOTSTRAP_DATABASEThird bootstrap phase: initialize database layer.
DRUPAL_BOOTSTRAP_EARLY_PAGE_CACHESecond bootstrap phase: try to call a non-database cache fetch routine.
DRUPAL_BOOTSTRAP_FULLFinal bootstrap phase: Drupal is fully loaded; validate and fix input data.
DRUPAL_BOOTSTRAP_LANGUAGESeventh bootstrap phase: find out language of the page.
DRUPAL_BOOTSTRAP_LATE_PAGE_CACHESixth bootstrap phase: load bootstrap.inc and module.inc, start the variable system and try to serve a page from the cache.
DRUPAL_BOOTSTRAP_PATHEighth bootstrap phase: set $_GET['q'] to Drupal path of request.
DRUPAL_BOOTSTRAP_SESSIONFifth bootstrap phase: initialize session handling.
LANGUAGE_LTRLanguage written left to right. Possible value of $language->direction.
LANGUAGE_NEGOTIATION_DOMAINDomain based negotiation with fallback to default language if no language identified by domain.
LANGUAGE_NEGOTIATION_NONENo language negotiation. The default language is used.
LANGUAGE_NEGOTIATION_PATHPath based negotiation with fallback to user preferences and browser language detection if no defined path prefix identified.
LANGUAGE_NEGOTIATION_PATH_DEFAULTPath based negotiation with fallback to default language if no defined path prefix identified.
LANGUAGE_RTLLanguage written right to left. Possible value of $language->direction.
WATCHDOG_ALERTLog message severity -- Alert: action must be taken immediately.
WATCHDOG_CRITICALLog message severity -- Critical: critical conditions.
WATCHDOG_DEBUGLog message severity -- Debug: debug-level messages.
WATCHDOG_EMERGLog message severity -- Emergency: system is unusable.
WATCHDOG_ERRORLog message severity -- Error: error conditions.
WATCHDOG_INFOLog message severity -- Informational: informational messages.
WATCHDOG_NOTICELog message severity -- Notice: normal but significant condition.
WATCHDOG_WARNINGLog message severity -- Warning: warning conditions.

File

drupal/includes/bootstrap.inc
View source
  1. <?php
  2. /**
  3. * @file
  4. * Functions that need to be loaded on every Drupal request.
  5. */
  6. /**
  7. * Indicates that the item should never be removed unless explicitly told to
  8. * using cache_clear_all() with a cache ID.
  9. */
  10. define('CACHE_PERMANENT', 0);
  11. /**
  12. * Indicates that the item should be removed at the next general cache wipe.
  13. */
  14. define('CACHE_TEMPORARY', -1);
  15. /**
  16. * Indicates that page caching is disabled.
  17. */
  18. define('CACHE_DISABLED', 0);
  19. /**
  20. * Indicates that page caching is enabled, using "normal" mode.
  21. */
  22. define('CACHE_NORMAL', 1);
  23. /**
  24. * Indicates that page caching is using "aggressive" mode. This bypasses
  25. * loading any modules for additional speed, which may break functionality in
  26. * modules that expect to be run on each page load.
  27. */
  28. define('CACHE_AGGRESSIVE', 2);
  29. /**
  30. * Log message severity -- Emergency: system is unusable.
  31. *
  32. * The WATCHDOG_* constant definitions correspond to the logging severity levels
  33. * defined in RFC 3164, section 4.1.1: http://www.faqs.org/rfcs/rfc3164.html
  34. *
  35. * @see watchdog()
  36. * @see watchdog_severity_levels()
  37. */
  38. define('WATCHDOG_EMERG', 0);
  39. /**
  40. * Log message severity -- Alert: action must be taken immediately.
  41. *
  42. * The WATCHDOG_* constant definitions correspond to the logging severity levels
  43. * defined in RFC 3164, section 4.1.1: http://www.faqs.org/rfcs/rfc3164.html
  44. *
  45. * @see watchdog()
  46. * @see watchdog_severity_levels()
  47. */
  48. define('WATCHDOG_ALERT', 1);
  49. /**
  50. * Log message severity -- Critical: critical conditions.
  51. *
  52. * The WATCHDOG_* constant definitions correspond to the logging severity levels
  53. * defined in RFC 3164, section 4.1.1: http://www.faqs.org/rfcs/rfc3164.html
  54. *
  55. * @see watchdog()
  56. * @see watchdog_severity_levels()
  57. */
  58. define('WATCHDOG_CRITICAL', 2);
  59. /**
  60. * Log message severity -- Error: error conditions.
  61. *
  62. * The WATCHDOG_* constant definitions correspond to the logging severity levels
  63. * defined in RFC 3164, section 4.1.1: http://www.faqs.org/rfcs/rfc3164.html
  64. *
  65. * @see watchdog()
  66. * @see watchdog_severity_levels()
  67. */
  68. define('WATCHDOG_ERROR', 3);
  69. /**
  70. * Log message severity -- Warning: warning conditions.
  71. *
  72. * The WATCHDOG_* constant definitions correspond to the logging severity levels
  73. * defined in RFC 3164, section 4.1.1: http://www.faqs.org/rfcs/rfc3164.html
  74. *
  75. * @see watchdog()
  76. * @see watchdog_severity_levels()
  77. */
  78. define('WATCHDOG_WARNING', 4);
  79. /**
  80. * Log message severity -- Notice: normal but significant condition.
  81. *
  82. * The WATCHDOG_* constant definitions correspond to the logging severity levels
  83. * defined in RFC 3164, section 4.1.1: http://www.faqs.org/rfcs/rfc3164.html
  84. *
  85. * @see watchdog()
  86. * @see watchdog_severity_levels()
  87. */
  88. define('WATCHDOG_NOTICE', 5);
  89. /**
  90. * Log message severity -- Informational: informational messages.
  91. *
  92. * The WATCHDOG_* constant definitions correspond to the logging severity levels
  93. * defined in RFC 3164, section 4.1.1: http://www.faqs.org/rfcs/rfc3164.html
  94. *
  95. * @see watchdog()
  96. * @see watchdog_severity_levels()
  97. */
  98. define('WATCHDOG_INFO', 6);
  99. /**
  100. * Log message severity -- Debug: debug-level messages.
  101. *
  102. * The WATCHDOG_* constant definitions correspond to the logging severity levels
  103. * defined in RFC 3164, section 4.1.1: http://www.faqs.org/rfcs/rfc3164.html
  104. *
  105. * @see watchdog()
  106. * @see watchdog_severity_levels()
  107. */
  108. define('WATCHDOG_DEBUG', 7);
  109. /**
  110. * First bootstrap phase: initialize configuration.
  111. */
  112. define('DRUPAL_BOOTSTRAP_CONFIGURATION', 0);
  113. /**
  114. * Second bootstrap phase: try to call a non-database cache
  115. * fetch routine.
  116. */
  117. define('DRUPAL_BOOTSTRAP_EARLY_PAGE_CACHE', 1);
  118. /**
  119. * Third bootstrap phase: initialize database layer.
  120. */
  121. define('DRUPAL_BOOTSTRAP_DATABASE', 2);
  122. /**
  123. * Fourth bootstrap phase: identify and reject banned hosts.
  124. */
  125. define('DRUPAL_BOOTSTRAP_ACCESS', 3);
  126. /**
  127. * Fifth bootstrap phase: initialize session handling.
  128. */
  129. define('DRUPAL_BOOTSTRAP_SESSION', 4);
  130. /**
  131. * Sixth bootstrap phase: load bootstrap.inc and module.inc, start
  132. * the variable system and try to serve a page from the cache.
  133. */
  134. define('DRUPAL_BOOTSTRAP_LATE_PAGE_CACHE', 5);
  135. /**
  136. * Seventh bootstrap phase: find out language of the page.
  137. */
  138. define('DRUPAL_BOOTSTRAP_LANGUAGE', 6);
  139. /**
  140. * Eighth bootstrap phase: set $_GET['q'] to Drupal path of request.
  141. */
  142. define('DRUPAL_BOOTSTRAP_PATH', 7);
  143. /**
  144. * Final bootstrap phase: Drupal is fully loaded; validate and fix
  145. * input data.
  146. */
  147. define('DRUPAL_BOOTSTRAP_FULL', 8);
  148. /**
  149. * Role ID for anonymous users; should match what's in the "role" table.
  150. */
  151. define('DRUPAL_ANONYMOUS_RID', 1);
  152. /**
  153. * Role ID for authenticated users; should match what's in the "role" table.
  154. */
  155. define('DRUPAL_AUTHENTICATED_RID', 2);
  156. /**
  157. * No language negotiation. The default language is used.
  158. */
  159. define('LANGUAGE_NEGOTIATION_NONE', 0);
  160. /**
  161. * Path based negotiation with fallback to default language
  162. * if no defined path prefix identified.
  163. */
  164. define('LANGUAGE_NEGOTIATION_PATH_DEFAULT', 1);
  165. /**
  166. * Path based negotiation with fallback to user preferences
  167. * and browser language detection if no defined path prefix
  168. * identified.
  169. */
  170. define('LANGUAGE_NEGOTIATION_PATH', 2);
  171. /**
  172. * Domain based negotiation with fallback to default language
  173. * if no language identified by domain.
  174. */
  175. define('LANGUAGE_NEGOTIATION_DOMAIN', 3);
  176. /**
  177. * Language written left to right. Possible value of $language->direction.
  178. */
  179. define('LANGUAGE_LTR', 0);
  180. /**
  181. * Language written right to left. Possible value of $language->direction.
  182. */
  183. define('LANGUAGE_RTL', 1);
  184. // Hide E_DEPRECATED messages.
  185. if (defined('E_DEPRECATED')) {
  186. error_reporting(error_reporting() & ~E_DEPRECATED);
  187. }
  188. /**
  189. * Start the timer with the specified name. If you start and stop
  190. * the same timer multiple times, the measured intervals will be
  191. * accumulated.
  192. *
  193. * @param name
  194. * The name of the timer.
  195. */
  196. function timer_start($name) {
  197. global $timers;
  198. list($usec, $sec) = explode(' ', microtime());
  199. $timers[$name]['start'] = (float)$usec + (float)$sec;
  200. $timers[$name]['count'] = isset($timers[$name]['count']) ? ++$timers[$name]['count'] : 1;
  201. }
  202. /**
  203. * Read the current timer value without stopping the timer.
  204. *
  205. * @param name
  206. * The name of the timer.
  207. * @return
  208. * The current timer value in ms.
  209. */
  210. function timer_read($name) {
  211. global $timers;
  212. if (isset($timers[$name]['start'])) {
  213. list($usec, $sec) = explode(' ', microtime());
  214. $stop = (float)$usec + (float)$sec;
  215. $diff = round(($stop - $timers[$name]['start']) * 1000, 2);
  216. if (isset($timers[$name]['time'])) {
  217. $diff += $timers[$name]['time'];
  218. }
  219. return $diff;
  220. }
  221. }
  222. /**
  223. * Stop the timer with the specified name.
  224. *
  225. * @param name
  226. * The name of the timer.
  227. * @return
  228. * A timer array. The array contains the number of times the
  229. * timer has been started and stopped (count) and the accumulated
  230. * timer value in ms (time).
  231. */
  232. function timer_stop($name) {
  233. global $timers;
  234. $timers[$name]['time'] = timer_read($name);
  235. unset($timers[$name]['start']);
  236. return $timers[$name];
  237. }
  238. /**
  239. * Find the appropriate configuration directory.
  240. *
  241. * Try finding a matching configuration directory by stripping the website's
  242. * hostname from left to right and pathname from right to left. The first
  243. * configuration file found will be used; the remaining will ignored. If no
  244. * configuration file is found, return a default value '$confdir/default'.
  245. *
  246. * Example for a fictitious site installed at
  247. * http://www.drupal.org:8080/mysite/test/ the 'settings.php' is searched in
  248. * the following directories:
  249. *
  250. * 1. $confdir/8080.www.drupal.org.mysite.test
  251. * 2. $confdir/www.drupal.org.mysite.test
  252. * 3. $confdir/drupal.org.mysite.test
  253. * 4. $confdir/org.mysite.test
  254. *
  255. * 5. $confdir/8080.www.drupal.org.mysite
  256. * 6. $confdir/www.drupal.org.mysite
  257. * 7. $confdir/drupal.org.mysite
  258. * 8. $confdir/org.mysite
  259. *
  260. * 9. $confdir/8080.www.drupal.org
  261. * 10. $confdir/www.drupal.org
  262. * 11. $confdir/drupal.org
  263. * 12. $confdir/org
  264. *
  265. * 13. $confdir/default
  266. *
  267. * @param $require_settings
  268. * Only configuration directories with an existing settings.php file
  269. * will be recognized. Defaults to TRUE. During initial installation,
  270. * this is set to FALSE so that Drupal can detect a matching directory,
  271. * then create a new settings.php file in it.
  272. * @param reset
  273. * Force a full search for matching directories even if one had been
  274. * found previously.
  275. * @return
  276. * The path of the matching directory.
  277. */
  278. function conf_path($require_settings = TRUE, $reset = FALSE) {
  279. static $conf = '';
  280. if ($conf && !$reset) {
  281. return $conf;
  282. }
  283. $confdir = 'sites';
  284. $uri = explode('/', $_SERVER['SCRIPT_NAME'] ? $_SERVER['SCRIPT_NAME'] : $_SERVER['SCRIPT_FILENAME']);
  285. $server = explode('.', implode('.', array_reverse(explode(':', rtrim($_SERVER['HTTP_HOST'], '.')))));
  286. for ($i = count($uri) - 1; $i > 0; $i--) {
  287. for ($j = count($server); $j > 0; $j--) {
  288. $dir = implode('.', array_slice($server, -$j)) . implode('.', array_slice($uri, 0, $i));
  289. if (file_exists("$confdir/$dir/settings.php") || (!$require_settings && file_exists("$confdir/$dir"))) {
  290. $conf = "$confdir/$dir";
  291. return $conf;
  292. }
  293. }
  294. }
  295. $conf = "$confdir/default";
  296. return $conf;
  297. }
  298. /**
  299. * Unsets all disallowed global variables. See $allowed for what's allowed.
  300. */
  301. function drupal_unset_globals() {
  302. if (ini_get('register_globals')) {
  303. $allowed = array('_ENV' => 1, '_GET' => 1, '_POST' => 1, '_COOKIE' => 1, '_FILES' => 1, '_SERVER' => 1, '_REQUEST' => 1, 'GLOBALS' => 1);
  304. foreach ($GLOBALS as $key => $value) {
  305. if (!isset($allowed[$key])) {
  306. unset($GLOBALS[$key]);
  307. }
  308. }
  309. }
  310. }
  311. /**
  312. * Validate that a hostname (for example $_SERVER['HTTP_HOST']) is safe.
  313. *
  314. * As $_SERVER['HTTP_HOST'] is user input, ensure it only contains characters
  315. * allowed in hostnames. See RFC 952 (and RFC 2181). $_SERVER['HTTP_HOST'] is
  316. * lowercased.
  317. *
  318. * @return
  319. * TRUE if only containing valid characters, or FALSE otherwise.
  320. */
  321. function drupal_valid_http_host($host) {
  322. return preg_match('/^\[?(?:[a-z0-9-:\]_]+\.?)+$/', $host);
  323. }
  324. /**
  325. * Loads the configuration and sets the base URL, cookie domain, and
  326. * session name correctly.
  327. */
  328. function conf_init() {
  329. global $base_url, $base_path, $base_root;
  330. // Export the following settings.php variables to the global namespace
  331. global $db_url, $db_prefix, $db_collation, $cookie_domain, $conf, $installed_profile, $update_free_access;
  332. $conf = array();
  333. if (isset($_SERVER['HTTP_HOST'])) {
  334. // As HTTP_HOST is user input, ensure it only contains characters allowed
  335. // in hostnames. See RFC 952 (and RFC 2181).
  336. // $_SERVER['HTTP_HOST'] is lowercased here per specifications.
  337. $_SERVER['HTTP_HOST'] = strtolower($_SERVER['HTTP_HOST']);
  338. if (!drupal_valid_http_host($_SERVER['HTTP_HOST'])) {
  339. // HTTP_HOST is invalid, e.g. if containing slashes it may be an attack.
  340. header('HTTP/1.1 400 Bad Request');
  341. exit;
  342. }
  343. }
  344. else {
  345. // Some pre-HTTP/1.1 clients will not send a Host header. Ensure the key is
  346. // defined for E_ALL compliance.
  347. $_SERVER['HTTP_HOST'] = '';
  348. }
  349. if (file_exists('./'. conf_path() .'/settings.php')) {
  350. include_once './'. conf_path() .'/settings.php';
  351. }
  352. // Ignore the placeholder url from default.settings.php.
  353. if (isset($db_url) && $db_url == 'mysql://username:password@localhost/databasename') {
  354. $db_url = '';
  355. }
  356. if (isset($base_url)) {
  357. // Parse fixed base URL from settings.php.
  358. $parts = parse_url($base_url);
  359. if (!isset($parts['path'])) {
  360. $parts['path'] = '';
  361. }
  362. $base_path = $parts['path'] .'/';
  363. // Build $base_root (everything until first slash after "scheme://").
  364. $base_root = substr($base_url, 0, strlen($base_url) - strlen($parts['path']));
  365. }
  366. else {
  367. // Create base URL
  368. $base_root = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? 'https' : 'http';
  369. $base_url = $base_root .= '://'. $_SERVER['HTTP_HOST'];
  370. // $_SERVER['SCRIPT_NAME'] can, in contrast to $_SERVER['PHP_SELF'], not
  371. // be modified by a visitor.
  372. if ($dir = trim(dirname($_SERVER['SCRIPT_NAME']), '\,/')) {
  373. $base_path = "/$dir";
  374. $base_url .= $base_path;
  375. $base_path .= '/';
  376. }
  377. else {
  378. $base_path = '/';
  379. }
  380. }
  381. if ($cookie_domain) {
  382. // If the user specifies the cookie domain, also use it for session name.
  383. $session_name = $cookie_domain;
  384. }
  385. else {
  386. // Otherwise use $base_url as session name, without the protocol
  387. // to use the same session identifiers across http and https.
  388. list( , $session_name) = explode('://', $base_url, 2);
  389. // We escape the hostname because it can be modified by a visitor.
  390. if (!empty($_SERVER['HTTP_HOST'])) {
  391. $cookie_domain = check_plain($_SERVER['HTTP_HOST']);
  392. // Strip leading periods, www., and port numbers from cookie domain.
  393. $cookie_domain = ltrim($cookie_domain, '.');
  394. if (strpos($cookie_domain, 'www.') === 0) {
  395. $cookie_domain = substr($cookie_domain, 4);
  396. }
  397. $cookie_domain = explode(':', $cookie_domain);
  398. $cookie_domain = '.'. $cookie_domain[0];
  399. }
  400. }
  401. // To prevent session cookies from being hijacked, a user can configure the
  402. // SSL version of their website to only transfer session cookies via SSL by
  403. // using PHP's session.cookie_secure setting. The browser will then use two
  404. // separate session cookies for the HTTPS and HTTP versions of the site. So we
  405. // must use different session identifiers for HTTPS and HTTP to prevent a
  406. // cookie collision.
  407. if (ini_get('session.cookie_secure')) {
  408. $session_name .= 'SSL';
  409. }
  410. // Per RFC 2109, cookie domains must contain at least one dot other than the
  411. // first. For hosts such as 'localhost' or IP Addresses we don't set a cookie domain.
  412. if (count(explode('.', $cookie_domain)) > 2 && !is_numeric(str_replace('.', '', $cookie_domain))) {
  413. ini_set('session.cookie_domain', $cookie_domain);
  414. }
  415. session_name('SESS'. md5($session_name));
  416. }
  417. /**
  418. * Returns and optionally sets the filename for a system item (module,
  419. * theme, etc.). The filename, whether provided, cached, or retrieved
  420. * from the database, is only returned if the file exists.
  421. *
  422. * This function plays a key role in allowing Drupal's resources (modules
  423. * and themes) to be located in different places depending on a site's
  424. * configuration. For example, a module 'foo' may legally be be located
  425. * in any of these three places:
  426. *
  427. * modules/foo/foo.module
  428. * sites/all/modules/foo/foo.module
  429. * sites/example.com/modules/foo/foo.module
  430. *
  431. * Calling drupal_get_filename('module', 'foo') will give you one of
  432. * the above, depending on where the module is located.
  433. *
  434. * @param $type
  435. * The type of the item (i.e. theme, theme_engine, module, profile).
  436. * @param $name
  437. * The name of the item for which the filename is requested.
  438. * @param $filename
  439. * The filename of the item if it is to be set explicitly rather
  440. * than by consulting the database.
  441. *
  442. * @return
  443. * The filename of the requested item.
  444. */
  445. function drupal_get_filename($type, $name, $filename = NULL) {
  446. static $files = array();
  447. if (!isset($files[$type])) {
  448. $files[$type] = array();
  449. }
  450. if (!empty($filename) && file_exists($filename)) {
  451. $files[$type][$name] = $filename;
  452. }
  453. elseif (isset($files[$type][$name])) {
  454. // nothing
  455. }
  456. // Verify that we have an active database connection, before querying
  457. // the database. This is required because this function is called both
  458. // before we have a database connection (i.e. during installation) and
  459. // when a database connection fails.
  460. elseif (db_is_active() && (($file = db_result(db_query("SELECT filename FROM {system} WHERE name = '%s' AND type = '%s'", $name, $type))) && file_exists($file))) {
  461. $files[$type][$name] = $file;
  462. }
  463. else {
  464. // Fallback to searching the filesystem if the database connection is
  465. // not established or the requested file is not found.
  466. $config = conf_path();
  467. $dir = (($type == 'theme_engine') ? 'themes/engines' : "${type}s");
  468. $file = (($type == 'theme_engine') ? "$name.engine" : "$name.$type");
  469. foreach (array("$config/$dir/$file", "$config/$dir/$name/$file", "$dir/$file", "$dir/$name/$file") as $file) {
  470. if (file_exists($file)) {
  471. $files[$type][$name] = $file;
  472. break;
  473. }
  474. }
  475. }
  476. if (isset($files[$type][$name])) {
  477. return $files[$type][$name];
  478. }
  479. }
  480. /**
  481. * Load the persistent variable table.
  482. *
  483. * The variable table is composed of values that have been saved in the table
  484. * with variable_set() as well as those explicitly specified in the configuration
  485. * file.
  486. */
  487. function variable_init($conf = array()) {
  488. // NOTE: caching the variables improves performance by 20% when serving cached pages.
  489. if ($cached = cache_get('variables', 'cache')) {
  490. $variables = $cached->data;
  491. }
  492. else {
  493. $result = db_query('SELECT * FROM {variable}');
  494. while ($variable = db_fetch_object($result)) {
  495. $variables[$variable->name] = unserialize($variable->value);
  496. }
  497. cache_set('variables', $variables);
  498. }
  499. foreach ($conf as $name => $value) {
  500. $variables[$name] = $value;
  501. }
  502. return $variables;
  503. }
  504. /**
  505. * Returns a persistent variable.
  506. *
  507. * Case-sensitivity of the variable_* functions depends on the database
  508. * collation used. To avoid problems, always use lower case for persistent
  509. * variable names.
  510. *
  511. * @param $name
  512. * The name of the variable to return.
  513. * @param $default
  514. * The default value to use if this variable has never been set.
  515. * @return
  516. * The value of the variable.
  517. *
  518. * @see variable_del(), variable_set()
  519. */
  520. function variable_get($name, $default) {
  521. global $conf;
  522. return isset($conf[$name]) ? $conf[$name] : $default;
  523. }
  524. /**
  525. * Sets a persistent variable.
  526. *
  527. * Case-sensitivity of the variable_* functions depends on the database
  528. * collation used. To avoid problems, always use lower case for persistent
  529. * variable names.
  530. *
  531. * @param $name
  532. * The name of the variable to set.
  533. * @param $value
  534. * The value to set. This can be any PHP data type; these functions take care
  535. * of serialization as necessary.
  536. *
  537. * @see variable_del(), variable_get()
  538. */
  539. function variable_set($name, $value) {
  540. global $conf;
  541. $serialized_value = serialize($value);
  542. db_query("UPDATE {variable} SET value = '%s' WHERE name = '%s'", $serialized_value, $name);
  543. if (!db_affected_rows()) {
  544. @db_query("INSERT INTO {variable} (name, value) VALUES ('%s', '%s')", $name, $serialized_value);
  545. }
  546. cache_clear_all('variables', 'cache');
  547. $conf[$name] = $value;
  548. }
  549. /**
  550. * Unsets a persistent variable.
  551. *
  552. * Case-sensitivity of the variable_* functions depends on the database
  553. * collation used. To avoid problems, always use lower case for persistent
  554. * variable names.
  555. *
  556. * @param $name
  557. * The name of the variable to undefine.
  558. *
  559. * @see variable_get(), variable_set()
  560. */
  561. function variable_del($name) {
  562. global $conf;
  563. db_query("DELETE FROM {variable} WHERE name = '%s'", $name);
  564. cache_clear_all('variables', 'cache');
  565. unset($conf[$name]);
  566. }
  567. /**
  568. * Retrieve the current page from the cache.
  569. *
  570. * Note: we do not serve cached pages when status messages are waiting (from
  571. * a redirected form submission which was completed).
  572. *
  573. * @param $status_only
  574. * When set to TRUE, retrieve the status of the page cache only
  575. * (whether it was started in this request or not).
  576. */
  577. function page_get_cache($status_only = FALSE) {
  578. static $status = FALSE;
  579. global $user, $base_root;
  580. if ($status_only) {
  581. return $status;
  582. }
  583. $cache = NULL;
  584. if (!$user->uid && $_SERVER['REQUEST_METHOD'] == 'GET' && count(drupal_set_message()) == 0 && $_SERVER['SERVER_SOFTWARE'] !== 'PHP CLI') {
  585. $cache = cache_get($base_root . request_uri(), 'cache_page');
  586. if (empty($cache)) {
  587. ob_start();
  588. $status = TRUE;
  589. }
  590. }
  591. return $cache;
  592. }
  593. /**
  594. * Call all init or exit hooks without including all modules.
  595. *
  596. * @param $hook
  597. * The name of the bootstrap hook we wish to invoke.
  598. */
  599. function bootstrap_invoke_all($hook) {
  600. foreach (module_list(TRUE, TRUE) as $module) {
  601. drupal_load('module', $module);
  602. module_invoke($module, $hook);
  603. }
  604. }
  605. /**
  606. * Includes a file with the provided type and name. This prevents
  607. * including a theme, engine, module, etc., more than once.
  608. *
  609. * @param $type
  610. * The type of item to load (i.e. theme, theme_engine, module, profile).
  611. * @param $name
  612. * The name of the item to load.
  613. *
  614. * @return
  615. * TRUE if the item is loaded or has already been loaded.
  616. */
  617. function drupal_load($type, $name) {
  618. static $files = array();
  619. if (isset($files[$type][$name])) {
  620. return TRUE;
  621. }
  622. $filename = drupal_get_filename($type, $name);
  623. if ($filename) {
  624. include_once "./$filename";
  625. $files[$type][$name] = TRUE;
  626. return TRUE;
  627. }
  628. return FALSE;
  629. }
  630. /**
  631. * Set HTTP headers in preparation for a page response.
  632. *
  633. * Authenticated users are always given a 'no-cache' header, and will
  634. * fetch a fresh page on every request. This prevents authenticated
  635. * users seeing locally cached pages that show them as logged out.
  636. *
  637. * @see page_set_cache()
  638. */
  639. function drupal_page_header() {
  640. header("Expires: Sun, 19 Nov 1978 05:00:00 GMT");
  641. header("Last-Modified: ". gmdate("D, d M Y H:i:s") ." GMT");
  642. header("Cache-Control: store, no-cache, must-revalidate");
  643. header("Cache-Control: post-check=0, pre-check=0", FALSE);
  644. }
  645. /**
  646. * Set HTTP headers in preparation for a cached page response.
  647. *
  648. * The general approach here is that anonymous users can keep a local
  649. * cache of the page, but must revalidate it on every request. Then,
  650. * they are given a '304 Not Modified' response as long as they stay
  651. * logged out and the page has not been modified.
  652. *
  653. */
  654. function drupal_page_cache_header($cache) {
  655. // Set default values:
  656. $last_modified = gmdate('D, d M Y H:i:s', $cache->created) .' GMT';
  657. $etag = '"'. md5($last_modified) .'"';
  658. // See if the client has provided the required HTTP headers:
  659. $if_modified_since = isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) ? stripslashes($_SERVER['HTTP_IF_MODIFIED_SINCE']) : FALSE;
  660. $if_none_match = isset($_SERVER['HTTP_IF_NONE_MATCH']) ? stripslashes($_SERVER['HTTP_IF_NONE_MATCH']) : FALSE;
  661. if ($if_modified_since && $if_none_match
  662. && $if_none_match == $etag // etag must match
  663. && $if_modified_since == $last_modified) { // if-modified-since must match
  664. header('HTTP/1.1 304 Not Modified');
  665. // All 304 responses must send an etag if the 200 response for the same object contained an etag
  666. header("Etag: $etag");
  667. return;
  668. }
  669. // Send appropriate response:
  670. header("Last-Modified: $last_modified");
  671. header("ETag: $etag");
  672. // The following headers force validation of cache:
  673. header("Expires: Sun, 19 Nov 1978 05:00:00 GMT");
  674. header("Cache-Control: must-revalidate");
  675. if (variable_get('page_compression', TRUE) && extension_loaded('zlib')) {
  676. // Determine if the browser accepts gzipped data.
  677. if (isset($_SERVER['HTTP_ACCEPT_ENCODING']) && strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') !== FALSE) {
  678. // $cache->data is already gzip'ed, so make sure zlib.output_compression
  679. // does not compress it once more.
  680. ini_set('zlib.output_compression', '0');
  681. header('Content-Encoding: gzip');
  682. }
  683. else {
  684. // The client does not support compression, so unzip the data in the
  685. // cache. Strip the gzip header and run uncompress.
  686. $cache->data = gzinflate(substr(substr($cache->data, 10), 0, -8));
  687. }
  688. }
  689. // Send the original request's headers. We send them one after
  690. // another so PHP's header() function can deal with duplicate
  691. // headers.
  692. $headers = explode("\n", $cache->headers);
  693. foreach ($headers as $header) {
  694. header($header);
  695. }
  696. print $cache->data;
  697. }
  698. /**
  699. * Define the critical hooks that force modules to always be loaded.
  700. */
  701. function bootstrap_hooks() {
  702. return array('boot', 'exit');
  703. }
  704. /**
  705. * Unserializes and appends elements from a serialized string.
  706. *
  707. * @param $obj
  708. * The object to which the elements are appended.
  709. * @param $field
  710. * The attribute of $obj whose value should be unserialized.
  711. */
  712. function drupal_unpack($obj, $field = 'data') {
  713. if ($obj->$field && $data = unserialize($obj->$field)) {
  714. foreach ($data as $key => $value) {
  715. if (!empty($key) && !isset($obj->$key)) {
  716. $obj->$key = $value;
  717. }
  718. }
  719. }
  720. return $obj;
  721. }
  722. /**
  723. * Return the URI of the referring page.
  724. */
  725. function referer_uri() {
  726. if (isset($_SERVER['HTTP_REFERER'])) {
  727. return $_SERVER['HTTP_REFERER'];
  728. }
  729. }
  730. /**
  731. * Encode special characters in a plain-text string for display as HTML.
  732. *
  733. * Also validates strings as UTF-8 to prevent cross site scripting attacks on
  734. * Internet Explorer 6.
  735. *
  736. * @param $text
  737. * The text to be checked or processed.
  738. * @return
  739. * An HTML safe version of $text, or an empty string if $text is not
  740. * valid UTF-8.
  741. *
  742. * @see drupal_validate_utf8().
  743. */
  744. function check_plain($text) {
  745. static $php525;
  746. if (!isset($php525)) {
  747. $php525 = version_compare(PHP_VERSION, '5.2.5', '>=');
  748. }
  749. // We duplicate the preg_match() to validate strings as UTF-8 from
  750. // drupal_validate_utf8() here. This avoids the overhead of an additional
  751. // function call, since check_plain() may be called hundreds of times during
  752. // a request. For PHP 5.2.5+, this check for valid UTF-8 should be handled
  753. // internally by PHP in htmlspecialchars().
  754. // @see http://www.php.net/releases/5_2_5.php
  755. // @todo remove this when support for either IE6 or PHP < 5.2.5 is dropped.
  756. if ($php525) {
  757. return htmlspecialchars($text, ENT_QUOTES, 'UTF-8');
  758. }
  759. return (preg_match('/^./us', $text) == 1) ? htmlspecialchars($text, ENT_QUOTES, 'UTF-8') : '';
  760. }
  761. /**
  762. * Checks whether a string is valid UTF-8.
  763. *
  764. * All functions designed to filter input should use drupal_validate_utf8
  765. * to ensure they operate on valid UTF-8 strings to prevent bypass of the
  766. * filter.
  767. *
  768. * When text containing an invalid UTF-8 lead byte (0xC0 - 0xFF) is presented
  769. * as UTF-8 to Internet Explorer 6, the program may misinterpret subsequent
  770. * bytes. When these subsequent bytes are HTML control characters such as
  771. * quotes or angle brackets, parts of the text that were deemed safe by filters
  772. * end up in locations that are potentially unsafe; An onerror attribute that
  773. * is outside of a tag, and thus deemed safe by a filter, can be interpreted
  774. * by the browser as if it were inside the tag.
  775. *
  776. * This function exploits preg_match behaviour (since PHP 4.3.5) when used
  777. * with the u modifier, as a fast way to find invalid UTF-8. When the matched
  778. * string contains an invalid byte sequence, it will fail silently.
  779. *
  780. * preg_match may not fail on 4 and 5 octet sequences, even though they
  781. * are not supported by the specification.
  782. *
  783. * The specific preg_match behaviour is present since PHP 4.3.5.
  784. *
  785. * @param $text
  786. * The text to check.
  787. * @return
  788. * TRUE if the text is valid UTF-8, FALSE if not.
  789. */
  790. function drupal_validate_utf8($text) {
  791. if (strlen($text) == 0) {
  792. return TRUE;
  793. }
  794. // For performance reasons this logic is duplicated in check_plain().
  795. return (preg_match('/^./us', $text) == 1);
  796. }
  797. /**
  798. * Since $_SERVER['REQUEST_URI'] is only available on Apache, we
  799. * generate an equivalent using other environment variables.
  800. */
  801. function request_uri() {
  802. if (isset($_SERVER['REQUEST_URI'])) {
  803. $uri = $_SERVER['REQUEST_URI'];
  804. }
  805. else {
  806. if (isset($_SERVER['argv'])) {
  807. $uri = $_SERVER['SCRIPT_NAME'] .'?'. $_SERVER['argv'][0];
  808. }
  809. elseif (isset($_SERVER['QUERY_STRING'])) {
  810. $uri = $_SERVER['SCRIPT_NAME'] .'?'. $_SERVER['QUERY_STRING'];
  811. }
  812. else {
  813. $uri = $_SERVER['SCRIPT_NAME'];
  814. }
  815. }
  816. // Prevent multiple slashes to avoid cross site requests via the FAPI.
  817. $uri = '/'. ltrim($uri, '/');
  818. return $uri;
  819. }
  820. /**
  821. * Log a system message.
  822. *
  823. * @param $type
  824. * The category to which this message belongs. Can be any string, but the
  825. * general practice is to use the name of the module calling watchdog().
  826. * @param $message
  827. * The message to store in the log. See t() for documentation
  828. * on how $message and $variables interact. Keep $message
  829. * translatable by not concatenating dynamic values into it!
  830. * @param $variables
  831. * Array of variables to replace in the message on display or
  832. * NULL if message is already translated or not possible to
  833. * translate.
  834. * @param $severity
  835. * The severity of the message, as per RFC 3164. Possible values are
  836. * WATCHDOG_ERROR, WATCHDOG_WARNING, etc.
  837. * @param $link
  838. * A link to associate with the message.
  839. *
  840. * @see watchdog_severity_levels()
  841. */
  842. function watchdog($type, $message, $variables = array(), $severity = WATCHDOG_NOTICE, $link = NULL) {
  843. global $user, $base_root;
  844. // Prepare the fields to be logged
  845. $log_message = array(
  846. 'type' => $type,
  847. 'message' => $message,
  848. 'variables' => $variables,
  849. 'severity' => $severity,
  850. 'link' => $link,
  851. 'user' => $user,
  852. 'request_uri' => $base_root . request_uri(),
  853. 'referer' => referer_uri(),
  854. 'ip' => ip_address(),
  855. 'timestamp' => time(),
  856. );
  857. // Call the logging hooks to log/process the message
  858. foreach (module_implements('watchdog') as $module) {
  859. module_invoke($module, 'watchdog', $log_message);
  860. }
  861. }
  862. /**
  863. * Set a message which reflects the status of the performed operation.
  864. *
  865. * If the function is called with no arguments, this function returns all set
  866. * messages without clearing them.
  867. *
  868. * @param $message
  869. * The message should begin with a capital letter and always ends with a
  870. * period '.'.
  871. * @param $type
  872. * The type of the message. One of the following values are possible:
  873. * - 'status'
  874. * - 'warning'
  875. * - 'error'
  876. * @param $repeat
  877. * If this is FALSE and the message is already set, then the message won't
  878. * be repeated.
  879. */
  880. function drupal_set_message($message = NULL, $type = 'status', $repeat = TRUE) {
  881. if ($message) {
  882. if (!isset($_SESSION['messages'])) {
  883. $_SESSION['messages'] = array();
  884. }
  885. if (!isset($_SESSION['messages'][$type])) {
  886. $_SESSION['messages'][$type] = array();
  887. }
  888. if ($repeat || !in_array($message, $_SESSION['messages'][$type])) {
  889. $_SESSION['messages'][$type][] = $message;
  890. }
  891. }
  892. // messages not set when DB connection fails
  893. return isset($_SESSION['messages']) ? $_SESSION['messages'] : NULL;
  894. }
  895. /**
  896. * Return all messages that have been set.
  897. *
  898. * @param $type
  899. * (optional) Only return messages of this type.
  900. * @param $clear_queue
  901. * (optional) Set to FALSE if you do not want to clear the messages queue
  902. * @return
  903. * An associative array, the key is the message type, the value an array
  904. * of messages. If the $type parameter is passed, you get only that type,
  905. * or an empty array if there are no such messages. If $type is not passed,
  906. * all message types are returned, or an empty array if none exist.
  907. */
  908. function drupal_get_messages($type = NULL, $clear_queue = TRUE) {
  909. if ($messages = drupal_set_message()) {
  910. if ($type) {
  911. if ($clear_queue) {
  912. unset($_SESSION['messages'][$type]);
  913. }
  914. if (isset($messages[$type])) {
  915. return array($type => $messages[$type]);
  916. }
  917. }
  918. else {
  919. if ($clear_queue) {
  920. unset($_SESSION['messages']);
  921. }
  922. return $messages;
  923. }
  924. }
  925. return array();
  926. }
  927. /**
  928. * Perform an access check for a given mask and rule type. Rules are usually
  929. * created via admin/user/rules page.
  930. *
  931. * If any allow rule matches, access is allowed. Otherwise, if any deny rule
  932. * matches, access is denied. If no rule matches, access is allowed.
  933. *
  934. * @param $type string
  935. * Type of access to check: Allowed values are:
  936. * - 'host': host name or IP address
  937. * - 'mail': e-mail address
  938. * - 'user': username
  939. * @param $mask string
  940. * String or mask to test: '_' matches any character, '%' matches any
  941. * number of characters.
  942. * @return bool
  943. * TRUE if access is denied, FALSE if access is allowed.
  944. */
  945. function drupal_is_denied($type, $mask) {
  946. // Because this function is called for every page request, both cached
  947. // and non-cached pages, we tried to optimize it as much as possible.
  948. // We deny access if the only matching records in the {access} table have
  949. // status 0 (deny). If any have status 1 (allow), or if there are no
  950. // matching records, we allow access.
  951. $sql = "SELECT 1 FROM {access} WHERE type = '%s' AND LOWER('%s') LIKE LOWER(mask) AND status = %d";
  952. return db_result(db_query_range($sql, $type, $mask, 0, 0, 1)) && !db_result(db_query_range($sql, $type, $mask, 1, 0, 1));
  953. }
  954. /**
  955. * Generates a default anonymous $user object.
  956. *
  957. * @return Object - the user object.
  958. */
  959. function drupal_anonymous_user($session = '') {
  960. $user = new stdClass();
  961. $user->uid = 0;
  962. $user->hostname = ip_address();
  963. $user->roles = array();
  964. $user->roles[DRUPAL_ANONYMOUS_RID] = 'anonymous user';
  965. $user->session = $session;
  966. $user->cache = 0;
  967. return $user;
  968. }
  969. /**
  970. * A string describing a phase of Drupal to load. Each phase adds to the
  971. * previous one, so invoking a later phase automatically runs the earlier
  972. * phases too. The most important usage is that if you want to access the
  973. * Drupal database from a script without loading anything else, you can
  974. * include bootstrap.inc, and call drupal_bootstrap(DRUPAL_BOOTSTRAP_DATABASE).
  975. *
  976. * @param $phase
  977. * A constant. Allowed values are:
  978. * DRUPAL_BOOTSTRAP_CONFIGURATION: initialize configuration.
  979. * DRUPAL_BOOTSTRAP_EARLY_PAGE_CACHE: try to call a non-database cache fetch routine.
  980. * DRUPAL_BOOTSTRAP_DATABASE: initialize database layer.
  981. * DRUPAL_BOOTSTRAP_ACCESS: identify and reject banned hosts.
  982. * DRUPAL_BOOTSTRAP_SESSION: initialize session handling.
  983. * DRUPAL_BOOTSTRAP_LATE_PAGE_CACHE: load bootstrap.inc and module.inc, start
  984. * the variable system and try to serve a page from the cache.
  985. * DRUPAL_BOOTSTRAP_LANGUAGE: identify the language used on the page.
  986. * DRUPAL_BOOTSTRAP_PATH: set $_GET['q'] to Drupal path of request.
  987. * DRUPAL_BOOTSTRAP_FULL: Drupal is fully loaded, validate and fix input data.
  988. */
  989. function drupal_bootstrap($phase) {
  990. static $phases = array(DRUPAL_BOOTSTRAP_CONFIGURATION, DRUPAL_BOOTSTRAP_EARLY_PAGE_CACHE, DRUPAL_BOOTSTRAP_DATABASE, DRUPAL_BOOTSTRAP_ACCESS, DRUPAL_BOOTSTRAP_SESSION, DRUPAL_BOOTSTRAP_LATE_PAGE_CACHE, DRUPAL_BOOTSTRAP_LANGUAGE, DRUPAL_BOOTSTRAP_PATH, DRUPAL_BOOTSTRAP_FULL), $phase_index = 0;
  991. while ($phase >= $phase_index && isset($phases[$phase_index])) {
  992. $current_phase = $phases[$phase_index];
  993. unset($phases[$phase_index++]);
  994. _drupal_bootstrap($current_phase);
  995. }
  996. }
  997. function _drupal_bootstrap($phase) {
  998. global $conf;
  999. switch ($phase) {
  1000. case DRUPAL_BOOTSTRAP_CONFIGURATION:
  1001. drupal_unset_globals();
  1002. // Start a page timer:
  1003. timer_start('page');
  1004. // Initialize the configuration
  1005. conf_init();
  1006. break;
  1007. case DRUPAL_BOOTSTRAP_EARLY_PAGE_CACHE:
  1008. // Allow specifying special cache handlers in settings.php, like
  1009. // using memcached or files for storing cache information.
  1010. require_once variable_get('cache_inc', './includes/cache.inc');
  1011. // If the page_cache_fastpath is set to TRUE in settings.php and
  1012. // page_cache_fastpath (implemented in the special implementation of
  1013. // cache.inc) printed the page and indicated this with a returned TRUE
  1014. // then we are done.
  1015. if (variable_get('page_cache_fastpath', FALSE) && page_cache_fastpath()) {
  1016. exit;
  1017. }
  1018. break;
  1019. case DRUPAL_BOOTSTRAP_DATABASE:
  1020. // Initialize the default database.
  1021. require_once './includes/database.inc';
  1022. db_set_active();
  1023. // Allow specifying alternate lock implementations in settings.php, like
  1024. // those using APC or memcached.
  1025. require_once variable_get('lock_inc', './includes/lock.inc');
  1026. lock_init();
  1027. break;
  1028. case DRUPAL_BOOTSTRAP_ACCESS:
  1029. // Deny access to hosts which were banned - t() is not yet available.
  1030. if (drupal_is_denied('host', ip_address())) {
  1031. header('HTTP/1.1 403 Forbidden');
  1032. print 'Sorry, '. check_plain(ip_address()) .' has been banned.';
  1033. exit();
  1034. }
  1035. break;
  1036. case DRUPAL_BOOTSTRAP_SESSION:
  1037. require_once variable_get('session_inc', './includes/session.inc');
  1038. session_set_save_handler('sess_open', 'sess_close', 'sess_read', 'sess_write', 'sess_destroy_sid', 'sess_gc');
  1039. session_start();
  1040. break;
  1041. case DRUPAL_BOOTSTRAP_LATE_PAGE_CACHE:
  1042. // Initialize configuration variables, using values from settings.php if available.
  1043. $conf = variable_init(isset($conf) ? $conf : array());
  1044. $cache_mode = variable_get('cache', CACHE_DISABLED);
  1045. // Get the page from the cache.
  1046. $cache = $cache_mode == CACHE_DISABLED ? '' : page_get_cache();
  1047. // If the skipping of the bootstrap hooks is not enforced, call hook_boot.
  1048. if (!$cache || $cache_mode != CACHE_AGGRESSIVE) {
  1049. // Load module handling.
  1050. require_once './includes/module.inc';
  1051. bootstrap_invoke_all('boot');
  1052. }
  1053. // If there is a cached page, display it.
  1054. if ($cache) {
  1055. drupal_page_cache_header($cache);
  1056. // If the skipping of the bootstrap hooks is not enforced, call hook_exit.
  1057. if ($cache_mode != CACHE_AGGRESSIVE) {
  1058. bootstrap_invoke_all('exit');
  1059. }
  1060. // We are done.
  1061. exit;
  1062. }
  1063. // Prepare for non-cached page workflow.
  1064. drupal_page_header();
  1065. break;
  1066. case DRUPAL_BOOTSTRAP_LANGUAGE:
  1067. drupal_init_language();
  1068. break;
  1069. case DRUPAL_BOOTSTRAP_PATH:
  1070. require_once './includes/path.inc';
  1071. // Initialize $_GET['q'] prior to loading modules and invoking hook_init().
  1072. drupal_init_path();
  1073. break;
  1074. case DRUPAL_BOOTSTRAP_FULL:
  1075. require_once './includes/common.inc';
  1076. _drupal_bootstrap_full();
  1077. break;
  1078. }
  1079. }
  1080. /**
  1081. * Enables use of the theme system without requiring database access.
  1082. *
  1083. * Loads and initializes the theme system for site installs, updates and when
  1084. * the site is in off-line mode. This also applies when the database fails.
  1085. *
  1086. * @see _drupal_maintenance_theme()
  1087. */
  1088. function drupal_maintenance_theme() {
  1089. require_once './includes/theme.maintenance.inc';
  1090. _drupal_maintenance_theme();
  1091. }
  1092. /**
  1093. * Return the name of the localisation function. Use in code that needs to
  1094. * run both during installation and normal operation.
  1095. */
  1096. function get_t() {
  1097. static $t;
  1098. if (is_null($t)) {
  1099. $t = function_exists('install_main') ? 'st' : 't';
  1100. }
  1101. return $t;
  1102. }
  1103. /**
  1104. * Choose a language for the current page, based on site and user preferences.
  1105. */
  1106. function drupal_init_language() {
  1107. global $language, $user;
  1108. // Ensure the language is correctly returned, even without multilanguage support.
  1109. // Useful for eg. XML/HTML 'lang' attributes.
  1110. if (variable_get('language_count', 1) == 1) {
  1111. $language = language_default();
  1112. }
  1113. else {
  1114. include_once './includes/language.inc';
  1115. $language = language_initialize();
  1116. }
  1117. }
  1118. /**
  1119. * Get a list of languages set up indexed by the specified key
  1120. *
  1121. * @param $field The field to index the list with.
  1122. * @param $reset Boolean to request a reset of the list.
  1123. */
  1124. function language_list($field = 'language', $reset = FALSE) {
  1125. static $languages = NULL;
  1126. // Reset language list
  1127. if ($reset) {
  1128. $languages = NULL;
  1129. }
  1130. // Init language list
  1131. if (!isset($languages)) {
  1132. if (variable_get('language_count', 1) > 1 || module_exists('locale')) {
  1133. $result = db_query('SELECT * FROM {languages} ORDER BY weight ASC, name ASC');
  1134. while ($row = db_fetch_object($result)) {
  1135. $languages['language'][$row->language] = $row;
  1136. }
  1137. }
  1138. else {
  1139. // No locale module, so use the default language only.
  1140. $default = language_default();
  1141. $languages['language'][$default->language] = $default;
  1142. }
  1143. }
  1144. // Return the array indexed by the right field
  1145. if (!isset($languages[$field])) {
  1146. $languages[$field] = array();
  1147. foreach ($languages['language'] as $lang) {
  1148. // Some values should be collected into an array
  1149. if (in_array($field, array('enabled', 'weight'))) {
  1150. $languages[$field][$lang->$field][$lang->language] = $lang;
  1151. }
  1152. else {
  1153. $languages[$field][$lang->$field] = $lang;
  1154. }
  1155. }
  1156. }
  1157. return $languages[$field];
  1158. }
  1159. /**
  1160. * Default language used on the site
  1161. *
  1162. * @param $property
  1163. * Optional property of the language object to return
  1164. */
  1165. function language_default($property = NULL) {
  1166. $language = variable_get('language_default', (object) array('language' => 'en', 'name' => 'English', 'native' => 'English', 'direction' => 0, 'enabled' => 1, 'plurals' => 0, 'formula' => '', 'domain' => '', 'prefix' => '', 'weight' => 0, 'javascript' => ''));
  1167. return $property ? $language->$property : $language;
  1168. }
  1169. /**
  1170. * If Drupal is behind a reverse proxy, we use the X-Forwarded-For header
  1171. * instead of $_SERVER['REMOTE_ADDR'], which would be the IP address
  1172. * of the proxy server, and not the client's.
  1173. *
  1174. * @return
  1175. * IP address of client machine, adjusted for reverse proxy.
  1176. */
  1177. function ip_address() {
  1178. static $ip_address = NULL;
  1179. if (!isset($ip_address)) {
  1180. $ip_address = $_SERVER['REMOTE_ADDR'];
  1181. if (variable_get('reverse_proxy', 0) && array_key_exists('HTTP_X_FORWARDED_FOR', $_SERVER)) {
  1182. // If an array of known reverse proxy IPs is provided, then trust
  1183. // the XFF header if request really comes from one of them.
  1184. $reverse_proxy_addresses = variable_get('reverse_proxy_addresses', array());
  1185. if (!empty($reverse_proxy_addresses) && in_array($ip_address, $reverse_proxy_addresses, TRUE)) {
  1186. // If there are several arguments, we need to check the most
  1187. // recently added one, i.e. the last one.
  1188. $ip_address_parts = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
  1189. $ip_address = array_pop($ip_address_parts);
  1190. }
  1191. }
  1192. }
  1193. return $ip_address;
  1194. }