Server : Apache System : Linux copper.netcy.com 2.6.32-754.27.1.el6.centos.plus.x86_64 #1 SMP Thu Jan 30 13:54:25 UTC 2020 x86_64 User : montcaro ( 581) PHP Version : 7.4.28 Disable Function : NONE Directory : /home/montcaro/public_html/includes/ |
<?php /** * @file * Helper functions and form handlers used for the authorize.php script. */ /** * Form constructor for the file transfer authorization form. * * Allows the user to choose a FileTransfer type and supply credentials. * * @see authorize_filetransfer_form_validate() * @see authorize_filetransfer_form_submit() * @ingroup forms */ function authorize_filetransfer_form($form, &$form_state) { global $base_url, $is_https; $form = array(); // If possible, we want to post this form securely via HTTPS. $form['#https'] = TRUE; // CSS we depend on lives in modules/system/maintenance.css, which is loaded // via the default maintenance theme. $form['#attached']['js'][] = $base_url . '/misc/authorize.js'; // Get all the available ways to transfer files. if (empty($_SESSION['authorize_filetransfer_info'])) { drupal_set_message(t('Unable to continue, no available methods of file transfer'), 'error'); return array(); } $available_backends = $_SESSION['authorize_filetransfer_info']; if (!$is_https) { $form['information']['https_warning'] = array( '#prefix' => '<div class="messages error">', '#markup' => t('WARNING: You are not using an encrypted connection, so your password will be sent in plain text. <a href="@https-link">Learn more</a>.', array('@https-link' => 'http://drupal.org/https-information')), '#suffix' => '</div>', ); } // Decide on a default backend. if (isset($form_state['values']['connection_settings']['authorize_filetransfer_default'])) { $authorize_filetransfer_default = $form_state['values']['connection_settings']['authorize_filetransfer_default']; } elseif ($authorize_filetransfer_default = variable_get('authorize_filetransfer_default', NULL)); else { $authorize_filetransfer_default = key($available_backends); } $form['information']['main_header'] = array( '#prefix' => '<h3>', '#markup' => t('To continue, provide your server connection details'), '#suffix' => '</h3>', ); $form['connection_settings']['#tree'] = TRUE; $form['connection_settings']['authorize_filetransfer_default'] = array( '#type' => 'select', '#title' => t('Connection method'), '#default_value' => $authorize_filetransfer_default, '#weight' => -10, ); /* * Here we create two submit buttons. For a JS enabled client, they will * only ever see submit_process. However, if a client doesn't have JS * enabled, they will see submit_connection on the first form (when picking * what filetransfer type to use, and submit_process on the second one (which * leads to the actual operation). */ $form['submit_connection'] = array( '#prefix' => "<br style='clear:both'/>", '#name' => 'enter_connection_settings', '#type' => 'submit', '#value' => t('Enter connection settings'), '#weight' => 100, ); $form['submit_process'] = array( '#name' => 'process_updates', '#type' => 'submit', '#value' => t('Continue'), '#weight' => 100, '#attributes' => array('style' => 'display:none'), ); // Build a container for each connection type. foreach ($available_backends as $name => $backend) { $form['connection_settings']['authorize_filetransfer_default']['#options'][$name] = $backend['title']; $form['connection_settings'][$name] = array( '#type' => 'container', '#attributes' => array('class' => array("filetransfer-$name", 'filetransfer')), ); // We can't use #prefix on the container itself since then the header won't // be hidden and shown when the containers are being manipulated via JS. $form['connection_settings'][$name]['header'] = array( '#markup' => '<h4>' . t('@backend connection settings', array('@backend' => $backend['title'])) . '</h4>', ); $form['connection_settings'][$name] += _authorize_filetransfer_connection_settings($name); // Start non-JS code. if (isset($form_state['values']['connection_settings']['authorize_filetransfer_default']) && $form_state['values']['connection_settings']['authorize_filetransfer_default'] == $name) { // If the user switches from JS to non-JS, Drupal (and Batch API) will // barf. This is a known bug: http://drupal.org/node/229825. setcookie('has_js', '', time() - 3600, '/'); unset($_COOKIE['has_js']); // Change the submit button to the submit_process one. $form['submit_process']['#attributes'] = array(); unset($form['submit_connection']); // Activate the proper filetransfer settings form. $form['connection_settings'][$name]['#attributes']['style'] = 'display:block'; // Disable the select box. $form['connection_settings']['authorize_filetransfer_default']['#disabled'] = TRUE; // Create a button for changing the type of connection. $form['connection_settings']['change_connection_type'] = array( '#name' => 'change_connection_type', '#type' => 'submit', '#value' => t('Change connection type'), '#weight' => -5, '#attributes' => array('class' => array('filetransfer-change-connection-type')), ); } // End non-JS code. } return $form; } /** * Generates the Form API array for a given connection backend's settings. * * @param $backend * The name of the backend (e.g. 'ftp', 'ssh', etc). * * @return * Form API array of connection settings for the given backend. * * @see hook_filetransfer_backends() */ function _authorize_filetransfer_connection_settings($backend) { $defaults = variable_get('authorize_filetransfer_connection_settings_' . $backend, array()); $form = array(); // Create an instance of the file transfer class to get its settings form. $filetransfer = authorize_get_filetransfer($backend); if ($filetransfer) { $form = $filetransfer->getSettingsForm(); } // Fill in the defaults based on the saved settings, if any. _authorize_filetransfer_connection_settings_set_defaults($form, NULL, $defaults); return $form; } /** * Sets the default settings on a file transfer connection form recursively. * * The default settings for the file transfer connection forms are saved in * the database. The settings are stored as a nested array in the case of a * settings form that has fieldsets or otherwise uses a nested structure. * Therefore, to properly add defaults, we need to walk through all the * children form elements and process those defaults recursively. * * @param $element * Reference to the Form API form element we're operating on. * @param $key * The key for our current form element, if any. * @param array $defaults * The default settings for the file transfer backend we're operating on. */ function _authorize_filetransfer_connection_settings_set_defaults(&$element, $key, array $defaults) { // If we're operating on a form element which isn't a fieldset, and we have // a default setting saved, stash it in #default_value. if (!empty($key) && isset($defaults[$key]) && isset($element['#type']) && $element['#type'] != 'fieldset') { $element['#default_value'] = $defaults[$key]; } // Now, we walk through all the child elements, and recursively invoke // ourself on each one. Since the $defaults settings array can be nested // (because of #tree, any values inside fieldsets will be nested), if // there's a subarray of settings for the form key we're currently // processing, pass in that subarray to the recursive call. Otherwise, just // pass on the whole $defaults array. foreach (element_children($element) as $child_key) { _authorize_filetransfer_connection_settings_set_defaults($element[$child_key], $child_key, ((isset($defaults[$key]) && is_array($defaults[$key])) ? $defaults[$key] : $defaults)); } } /** * Form validation handler for authorize_filetransfer_form(). * * @see authorize_filetransfer_form() * @see authorize_filetransfer_submit() */ function authorize_filetransfer_form_validate($form, &$form_state) { // Only validate the form if we have collected all of the user input and are // ready to proceed with updating or installing. if ($form_state['triggering_element']['#name'] != 'process_updates') { return; } if (isset($form_state['values']['connection_settings'])) { $backend = $form_state['values']['connection_settings']['authorize_filetransfer_default']; $filetransfer = authorize_get_filetransfer($backend, $form_state['values']['connection_settings'][$backend]); try { if (!$filetransfer) { throw new Exception(t('Error, this type of connection protocol (%backend) does not exist.', array('%backend' => $backend))); } $filetransfer->connect(); } catch (Exception $e) { // The format of this error message is similar to that used on the // database connection form in the installer. form_set_error('connection_settings', t('Failed to connect to the server. The server reports the following message: !message For more help installing or updating code on your server, see the <a href="@handbook_url">handbook</a>.', array( '!message' => '<p class="error">' . $e->getMessage() . '</p>', '@handbook_url' => 'http://drupal.org/documentation/install/modules-themes', ))); } } } /** * Form submission handler for authorize_filetransfer_form(). * * @see authorize_filetransfer_form() * @see authorize_filetransfer_validate() */ function authorize_filetransfer_form_submit($form, &$form_state) { global $base_url; switch ($form_state['triggering_element']['#name']) { case 'process_updates': // Save the connection settings to the DB. $filetransfer_backend = $form_state['values']['connection_settings']['authorize_filetransfer_default']; // If the database is available then try to save our settings. We have // to make sure it is available since this code could potentially (will // likely) be called during the installation process, before the // database is set up. try { $connection_settings = array(); foreach ($form_state['values']['connection_settings'][$filetransfer_backend] as $key => $value) { // We do *not* want to store passwords in the database, unless the // backend explicitly says so via the magic #filetransfer_save form // property. Otherwise, we store everything that's not explicitly // marked with #filetransfer_save set to FALSE. if (!isset($form['connection_settings'][$filetransfer_backend][$key]['#filetransfer_save'])) { if ($form['connection_settings'][$filetransfer_backend][$key]['#type'] != 'password') { $connection_settings[$key] = $value; } } // The attribute is defined, so only save if set to TRUE. elseif ($form['connection_settings'][$filetransfer_backend][$key]['#filetransfer_save']) { $connection_settings[$key] = $value; } } // Set this one as the default authorize method. variable_set('authorize_filetransfer_default', $filetransfer_backend); // Save the connection settings minus the password. variable_set('authorize_filetransfer_connection_settings_' . $filetransfer_backend, $connection_settings); $filetransfer = authorize_get_filetransfer($filetransfer_backend, $form_state['values']['connection_settings'][$filetransfer_backend]); // Now run the operation. authorize_run_operation($filetransfer); } catch (Exception $e) { // If there is no database available, we don't care and just skip // this part entirely. } break; case 'enter_connection_settings': $form_state['rebuild'] = TRUE; break; case 'change_connection_type': $form_state['rebuild'] = TRUE; unset($form_state['values']['connection_settings']['authorize_filetransfer_default']); break; } } /** * Runs the operation specified in $_SESSION['authorize_operation']. * * @param $filetransfer * The FileTransfer object to use for running the operation. */ function authorize_run_operation($filetransfer) { $operation = $_SESSION['authorize_operation']; unset($_SESSION['authorize_operation']); if (!empty($operation['page_title'])) { drupal_set_title($operation['page_title']); } require_once DRUPAL_ROOT . '/' . $operation['file']; call_user_func_array($operation['callback'], array_merge(array($filetransfer), $operation['arguments'])); } /** * Gets a FileTransfer class for a specific transfer method and settings. * * @param $backend * The FileTransfer backend to get the class for. * @param $settings * Array of settings for the FileTransfer. * * @return * An instantiated FileTransfer object for the requested method and settings, * or FALSE if there was an error finding or instantiating it. */ function authorize_get_filetransfer($backend, $settings = array()) { $filetransfer = FALSE; if (!empty($_SESSION['authorize_filetransfer_info'][$backend])) { $backend_info = $_SESSION['authorize_filetransfer_info'][$backend]; if (!empty($backend_info['file'])) { $file = $backend_info['file path'] . '/' . $backend_info['file']; require_once $file; } if (class_exists($backend_info['class'])) { // PHP 5.2 doesn't support $class::factory() syntax, so we have to // use call_user_func_array() until we can require PHP 5.3. $filetransfer = call_user_func_array(array($backend_info['class'], 'factory'), array(DRUPAL_ROOT, $settings)); } } return $filetransfer; }