def destination(destination, replace):
"""
Determines the destination path for a file depending on how replacement of
existing files should be handled.
@param destination A string specifying the desired path.
@param replace Replace behavior when the destination file already exists.
- FILE_EXISTS_REPLACE - Replace the existing file
- FILE_EXISTS_RENAME - Append _{incrementing number} until the filename is
unique
- FILE_EXISTS_ERROR - Do nothing and return False.
@return The destination file path or False if the file already exists and
FILE_EXISTS_ERROR was specified.
"""
if (php.file_exists(destination)):
if replace == FILE_EXISTS_RENAME:
basename = basename(destination)
directory = php.dirname(destination)
destination = file_create_filename(basename, directory)
elif replace == FILE_EXISTS_ERROR:
drupal_set_message(t('The selected file %file could not be copied, \
because a file by that name already exists in the destination.' , \
{'%file' : destination}), 'error')
return False
return destination
def destination(destination, replace):
"""
Determines the destination path for a file depending on how replacement of
existing files should be handled.
@param destination A string specifying the desired path.
@param replace Replace behavior when the destination file already exists.
- FILE_EXISTS_REPLACE - Replace the existing file
- FILE_EXISTS_RENAME - Append _{incrementing number} until the filename is
unique
- FILE_EXISTS_ERROR - Do nothing and return False.
@return The destination file path or False if the file already exists and
FILE_EXISTS_ERROR was specified.
"""
if (php.file_exists(destination)):
if replace == FILE_EXISTS_RENAME:
basename = basename(destination)
directory = php.dirname(destination)
destination = file_create_filename(basename, directory)
elif replace == FILE_EXISTS_ERROR:
drupal_set_message(t('The selected file %file could not be copied, \
because a file by that name already exists in the destination.', \
{'%file' : destination}), 'error')
return False
return destination
def check_location(source, directory=''):
"""
Check if a file is really located inside directory + Should be used to make
sure a file specified is really located within the directory to prevent
exploits.
@code
// Returns False:
file_check_location('/www/example.com/files/../../../etc/passwd', \
'/www/example.com/files')
@endcode
@param source A string set to the file to check.
@param directory A string where the file should be located.
@return FALSE for invalid path or the real path of the source.
"""
check = realpath(source)
if (check):
source = check
else:
# This file does not yet exist
source = realpath(php.dirname(source)) + '/' + basename(source)
directory = realpath(directory)
if (directory and php.strpos(source, directory) != 0):
return False
return source
def check_location(source, directory = ''):
"""
Check if a file is really located inside directory + Should be used to make
sure a file specified is really located within the directory to prevent
exploits.
@code
// Returns False:
file_check_location('/www/example.com/files/../../../etc/passwd', \
'/www/example.com/files')
@endcode
@param source A string set to the file to check.
@param directory A string where the file should be located.
@return FALSE for invalid path or the real path of the source.
"""
check = realpath(source)
if (check):
source = check
else:
# This file does not yet exist
source = realpath(php.dirname(source)) + '/' + basename(source)
directory = realpath(directory)
if (directory and php.strpos(source, directory) != 0):
return False
return source
def rebuild_cache():
"""
Rebuild the database cache of plugin files.
@return
The array of filesystem objects used to rebuild the cache.
"""
# Get current list of plugins
files = drupal_system_listing('\.plugin$', 'plugins', 'name', 0)
# Extract current files from database.
system_get_files_database(files, 'plugin')
ksort(files)
# Set defaults for plugin info
defaults = {
'dependencies' : [],
'dependents' : [],
'description' : '',
'version' : None,
'php' : DRUPAL_MINIMUM_PHP,
}
for filename,file in files.items():
# Look for the info file.
file.info = drupal_parse_info_file(php.dirname(file.filename) + '/' + \
file.name + '.info')
# Skip plugins that don't provide info.
if (php.empty(file.info)):
del(files[filename])
continue
# Merge in defaults and save.
files[filename].info = file.info + defaults
# Invoke hook_system_info_alter() to give installed plugins a chance to
# modify the data in the .info files if necessary.
drupal_alter('system_info', files[filename].info, files[filename])
# Log the critical hooks implemented by this plugin.
bootstrap = 0
for hook in bootstrap_hooks():
if (plugin_hook(file.name, hook)):
bootstrap = 1
break
# Update the contents of the system table:
if (php.isset(file, 'status') or (php.isset(file, 'old_filename') and \
file.old_filename != file.filename)):
db_query(\
"UPDATE {system} SET info = '%s', name = '%s', " + \
"filename = '%s', bootstrap = %d WHERE filename = '%s'", \
php.serialize(files[filename].info), file.name, \
file.filename, bootstrap, file.old_filename)
else:
# This is a new plugin.
files[filename].status = 0
db_query(\
"INSERT INTO {system} (name, info, type, " + \
"filename, status, bootstrap) VALUES " + \
"('%s', '%s', '%s', '%s', %d, %d)", \
file.name, php.serialize(files[filename].info), \
'plugin', file.filename, 0, bootstrap)
files = _plugin_build_dependencies(files)
return files
def rebuild_cache():
"""
Rebuild the database cache of plugin files.
@return
The array of filesystem objects used to rebuild the cache.
"""
# Get current list of plugins
files = drupal_system_listing('\.plugin$', 'plugins', 'name', 0)
# Extract current files from database.
system_get_files_database(files, 'plugin')
ksort(files)
# Set defaults for plugin info
defaults = {
'dependencies': [],
'dependents': [],
'description': '',
'version': None,
'php': DRUPAL_MINIMUM_PHP,
}
for filename, file in files.items():
# Look for the info file.
file.info = drupal_parse_info_file(php.dirname(file.filename) + '/' + \
file.name + '.info')
# Skip plugins that don't provide info.
if (php.empty(file.info)):
del (files[filename])
continue
# Merge in defaults and save.
files[filename].info = file.info + defaults
# Invoke hook_system_info_alter() to give installed plugins a chance to
# modify the data in the .info files if necessary.
drupal_alter('system_info', files[filename].info, files[filename])
# Log the critical hooks implemented by this plugin.
bootstrap = 0
for hook in bootstrap_hooks():
if (plugin_hook(file.name, hook)):
bootstrap = 1
break
# Update the contents of the system table:
if (php.isset(file, 'status') or (php.isset(file, 'old_filename') and \
file.old_filename != file.filename)):
db_query(\
"UPDATE {system} SET info = '%s', name = '%s', " + \
"filename = '%s', bootstrap = %d WHERE filename = '%s'", \
php.serialize(files[filename].info), file.name, \
file.filename, bootstrap, file.old_filename)
else:
# This is a new plugin.
files[filename].status = 0
db_query(\
"INSERT INTO {system} (name, info, type, " + \
"filename, status, bootstrap) VALUES " + \
"('%s', '%s', '%s', '%s', %d, %d)", \
file.name, php.serialize(files[filename].info), \
'plugin', file.filename, 0, bootstrap)
files = _plugin_build_dependencies(files)
return files
def check_path(path):
"""
Checks path to see if it is a directory, or a dir/file.
@param path A string containing a file path + This will be set to the
directory's path.
@return If the directory is not in a Drupal writable directory, False is
returned + Otherwise, the base name of the path is returned.
"""
php.Reference.check(path)
# Check if path is a directory.
if (file_check_directory(path)):
return ''
# Check if path is a possible dir/file.
filename = basename(path)
path = php.dirname(path)
if (file_check_directory(path)):
return filename
return False
def check_path(path):
"""
Checks path to see if it is a directory, or a dir/file.
@param path A string containing a file path + This will be set to the
directory's path.
@return If the directory is not in a Drupal writable directory, False is
returned + Otherwise, the base name of the path is returned.
"""
php.Reference.check(path)
# Check if path is a directory.
if (file_check_directory(path)):
return ''
# Check if path is a possible dir/file.
filename = basename(path)
path = php.dirname(path)
if (file_check_directory(path)):
return filename
return False
def conf_init():
"""
Loads the configuration and sets the base URL, cookie domain, and
session name correctly.
"""
# These will come from settings
# db_url, db_prefix, cookie_domain, conf, installed_profile, update_free_access
if (lib_appglobals.base_url != None):
# Parse fixed base URL from settings.php.
parts = php.parse_url(lib_appglobals.base_url)
if (not php.isset(parts, 'path')):
parts['path'] = ''
lib_appglobals.base_path = parts['path'] + '/'
# Build base_root (everything until first slash after "scheme://").
lib_appglobals.base_root = \
php.substr(lib_appglobals.base_url, 0, \
php.strlen(lib_appglobals.base_url) - \
php.strlen(parts['path']))
else:
# Create base URL
lib_appglobals.base_root = \
('https' if (php.isset(php.SERVER, 'HTTPS') and \
php.SERVER['HTTPS'] == 'on') else 'http')
# As php.SERVER['HTTP_HOST'] is user input, ensure it only contains
# characters allowed in hostnames.
lib_appglobals.base_root += '://' + \
php.preg_replace('/[^a-z0-9-:._]/i', '', \
php.SERVER['HTTP_HOST'])
lib_appglobals.base_url = lib_appglobals.base_root
# php.SERVER['SCRIPT_NAME'] can, in contrast to php.SERVER['PHP_SELF'], not
# be modified by a visitor.
dir = php.trim(php.dirname(php.SERVER['SCRIPT_NAME']), '\,/')
if (len(dir) > 0):
lib_appglobals.base_path = "/dir"
lib_appglobals.base_url += lib_appglobals.base_path
lib_appglobals.base_path += '/'
else:
lib_appglobals.base_path = '/'
if (settings.cookie_domain != None):
# If the user specifies the cookie domain, also use it for session name.
session_name_ = settings.cookie_domain
else:
# Otherwise use base_url as session name, without the protocol
# to use the same session identifiers across http and https.
session_name_ = php.explode('://', lib_appglobals.base_url, 2)[1]
# We escape the hostname because it can be modified by a visitor.
if (not php.empty(php.SERVER['HTTP_HOST'])):
settings.cookie_domain = check_plain(php.SERVER['HTTP_HOST'])
# To prevent session cookies from being hijacked, a user can configure the
# SSL version of their website to only transfer session cookies via SSL by
# using PHP's session.cookie_secure setting. The browser will then use two
# separate session cookies for the HTTPS and HTTP versions of the site. So we
# must use different session identifiers for HTTPS and HTTP to prevent a
# cookie collision.
if (php.ini_get('session.cookie_secure')):
session_name_ += 'SSL'
# Strip leading periods, www., and port numbers from cookie domain.
settings.cookie_domain = php.ltrim(settings.cookie_domain, '.')
if (php.strpos(settings.cookie_domain, 'www.') == 0):
settings.cookie_domain = php.substr(settings.cookie_domain, 4)
settings.cookie_domain = php.explode(':', settings.cookie_domain)
settings.cookie_domain = '.' + settings.cookie_domain[0]
# Per RFC 2109, cookie domains must contain at least one dot other than the
# first. For hosts such as 'localhost' or IP Addresses we don't set a
# cookie domain.
if (php.count(php.explode('.', settings.cookie_domain)) > 2 and not \
php.is_numeric(php.str_replace('.', '', settings.cookie_domain))):
php.ini_set('session.cookie_domain', settings.cookie_domain)
#print session_name;
lib_session.name('SESS' + php.md5(session_name_))
def conf_init():
"""
Loads the configuration and sets the base URL, cookie domain, and
session name correctly.
"""
# These will come from settings
# db_url, db_prefix, cookie_domain, conf, installed_profile, update_free_access
if lib_appglobals.base_url != None:
# Parse fixed base URL from settings.php.
parts = php.parse_url(lib_appglobals.base_url)
if not php.isset(parts, "path"):
parts["path"] = ""
lib_appglobals.base_path = parts["path"] + "/"
# Build base_root (everything until first slash after "scheme://").
lib_appglobals.base_root = php.substr(
lib_appglobals.base_url, 0, php.strlen(lib_appglobals.base_url) - php.strlen(parts["path"])
)
else:
# Create base URL
lib_appglobals.base_root = (
"https" if (php.isset(php.SERVER, "HTTPS") and php.SERVER["HTTPS"] == "on") else "http"
)
# As php.SERVER['HTTP_HOST'] is user input, ensure it only contains
# characters allowed in hostnames.
lib_appglobals.base_root += "://" + php.preg_replace("/[^a-z0-9-:._]/i", "", php.SERVER["HTTP_HOST"])
lib_appglobals.base_url = lib_appglobals.base_root
# php.SERVER['SCRIPT_NAME'] can, in contrast to php.SERVER['PHP_SELF'], not
# be modified by a visitor.
dir = php.trim(php.dirname(php.SERVER["SCRIPT_NAME"]), "\,/")
if len(dir) > 0:
lib_appglobals.base_path = "/dir"
lib_appglobals.base_url += lib_appglobals.base_path
lib_appglobals.base_path += "/"
else:
lib_appglobals.base_path = "/"
if settings.cookie_domain != None:
# If the user specifies the cookie domain, also use it for session name.
session_name_ = settings.cookie_domain
else:
# Otherwise use base_url as session name, without the protocol
# to use the same session identifiers across http and https.
session_name_ = php.explode("://", lib_appglobals.base_url, 2)[1]
# We escape the hostname because it can be modified by a visitor.
if not php.empty(php.SERVER["HTTP_HOST"]):
settings.cookie_domain = check_plain(php.SERVER["HTTP_HOST"])
# To prevent session cookies from being hijacked, a user can configure the
# SSL version of their website to only transfer session cookies via SSL by
# using PHP's session.cookie_secure setting. The browser will then use two
# separate session cookies for the HTTPS and HTTP versions of the site. So we
# must use different session identifiers for HTTPS and HTTP to prevent a
# cookie collision.
if php.ini_get("session.cookie_secure"):
session_name_ += "SSL"
# Strip leading periods, www., and port numbers from cookie domain.
settings.cookie_domain = php.ltrim(settings.cookie_domain, ".")
if php.strpos(settings.cookie_domain, "www.") == 0:
settings.cookie_domain = php.substr(settings.cookie_domain, 4)
settings.cookie_domain = php.explode(":", settings.cookie_domain)
settings.cookie_domain = "." + settings.cookie_domain[0]
# Per RFC 2109, cookie domains must contain at least one dot other than the
# first. For hosts such as 'localhost' or IP Addresses we don't set a
# cookie domain.
if php.count(php.explode(".", settings.cookie_domain)) > 2 and not php.is_numeric(
php.str_replace(".", "", settings.cookie_domain)
):
php.ini_set("session.cookie_domain", settings.cookie_domain)
# print session_name;
lib_session.name("SESS" + php.md5(session_name_))
def hook_init(template):
file = php.dirname(template.filename) + '/template.py'
if (php.file_exists(file)):
lib_theme.processors['template'] = DrupyImport.import_file(file)
