defr/drupal/core: includes/common.inc comparison

comparison includes/common.inc @ 19:3edae6ecd6c6 6.9

Drupal 6.9

author	Franck Deroche <franck@defr.org>
date	Thu, 15 Jan 2009 10:15:56 +0100
parents	8e6257f3ae39
children

comparison

equal deleted inserted replaced

-:f5131a9cd9e5
+:3edae6ecd6c6
 <?php
-// $Id: common.inc,v 1.756.2.37 2008/12/11 17:39:42 goba Exp $
+// $Id: common.inc,v 1.756.2.42 2009/01/14 23:34:07 goba Exp $
 /**
 * @file
 * Common functions that many Drupal modules will need to reference.
 *
 * @return
 *   An object containing the HTTP request headers, response code, headers,
 *   data and redirect status.
 */
 function drupal_http_request($url, $headers = array(), $method = 'GET', $data = NULL, $retry = 3) {
-static $self_test = FALSE;
 $result = new stdClass();
-// Try to clear the drupal_http_request_fails variable if it's set. We
-// can't tie this call to any error because there is no surefire way to
-// tell whether a request has failed, so we add the check to places where
-// some parsing has failed.
-if (!$self_test && variable_get('drupal_http_request_fails', FALSE)) {
-$self_test = TRUE;
-$works = module_invoke('system', 'check_http_request');
-$self_test = FALSE;
-if (!$works) {
-// Do not bother with further operations if we already know that we
-// have no chance.
-$result->error = t("The server can't issue HTTP requests");
-return $result;
-}
-}
 // Parse the URL and make sure we can handle the schema.
 $uri = parse_url($url);
 if ($uri == FALSE) {
 if (!$fp) {
 // When a network error occurs, we use a negative number so it does not
 // clash with the HTTP status codes.
 $result->code = -$errno;
 $result->error = trim($errstr);
+// Mark that this request failed. This will trigger a check of the web
+// server's ability to make outgoing HTTP requests the next time that
+// requirements checking is performed.
+// @see system_requirements()
+variable_set('drupal_http_request_fails', TRUE);
 return $result;
 }
 // Construct the path to act on.
 $path = isset($uri['path']) ? $uri['path'] : '/';
 * Any text within t() can be extracted by translators and changed into
 * the equivalent text in their native language.
 *
 * Special variables called "placeholders" are used to signal dynamic
 * information in a string which should not be translated. Placeholders
-* can also be used for text that may change from time to time
+* can also be used for text that may change from time to time (such as
-* (such as link paths) to be changed without requiring updates to translations.
+* link paths) to be changed without requiring updates to translations.
 *
 * For example:
 * @code
 *   $output = t('There are currently %members and %visitors online.', array(
 *     '%members' => format_plural($total_users, '1 user', '@count users'),
 *   useful for inserting variables into things like e-mail.
 *   @code
 *     $message[] = t("If you don't want to receive such e-mails, you can change your settings at !url.", array('!url' => url("user/$account->uid", array('absolute' => TRUE))));
 *   @endcode
 *
-* - @variable, which indicates that the text should be run through check_plain,
+* - @variable, which indicates that the text should be run through
-*   to escape HTML characters. Use this for any output that's displayed within
+*   check_plain, to escape HTML characters. Use this for any output that's
-*   a Drupal page.
+*   displayed within a Drupal page.
 *   @code
 *     drupal_set_title($title = t("@name's blog", array('@name' => $account->name)));
 *   @endcode
 *
 * - %variable, which indicates that the string should be HTML escaped and
 *   @code
 *     $message = t('%name-from sent %name-to an e-mail.', array('%name-from' => $user->name, '%name-to' => $account->name));
 *   @endcode
 *
 * When using t(), try to put entire sentences and strings in one t() call.
-* This makes it easier for translators, as it provides context as to what each
+* This makes it easier for translators, as it provides context as to what
-* word refers to. HTML markup within translation strings is allowed, but should
+* each word refers to. HTML markup within translation strings is allowed, but
-* be avoided if possible. The exception are embedded links; link titles add a
+* should be avoided if possible. The exception are embedded links; link
-* context for translators, so should be kept in the main string.
+* titles add a context for translators, so should be kept in the main string.
 *
 * Here is an example of incorrect usage of t():
 * @code
 *   $output .= t('<p>Go to the @contact-page.</p>', array('@contact-page' => l(t('contact page'), 'contact')));
 * @endcode
 *
 * @param $string
 *   A string containing the English string to translate.
 * @param $args
 *   An associative array of replacements to make after translation. Incidences
-*   of any key in this array are replaced with the corresponding value.
+*   of any key in this array are replaced with the corresponding value. Based
-*   Based on the first character of the key, the value is escaped and/or themed:
+*   on the first character of the key, the value is escaped and/or themed:
 *    - !variable: inserted as is
 *    - @variable: escape plain text to HTML (check_plain)
 *    - %variable: escape text and theme as a placeholder for user-submitted
 *      content (check_plain + theme_placeholder)
 * @param $langcode
 /**
 * Verify the syntax of the given URL.
 *
 * This function should only be used on actual URLs. It should not be used for
 * Drupal menu paths, which can contain arbitrary characters.
+* Valid values per RFC 3986.
 *
 * @param $url
 *   The URL to verify.
 * @param $absolute
 *   Whether the URL is absolute (beginning with a scheme such as "http:").
 * @return
 *   TRUE if the URL is in a valid format.
 */
 function valid_url($url, $absolute = FALSE) {
-$allowed_characters = '[a-z0-9\/:_\-_\.\?\$,;~=#&%\+]';
 if ($absolute) {
-return preg_match("/^(http|https|ftp):\/\/". $allowed_characters ."+$/i", $url);
+return (bool)preg_match("
+/^                                                      # Start at the beginning of the text
+(?:ftp|https?):\/\/                                     # Look for ftp, http, or https schemes
+(?:                                                     # Userinfo (optional) which is typically
+(?:(?:[\w\.\-\+!$&'\(\)*\+,;=]|%[0-9a-f]{2})+:)*      # a username or a username and password
+(?:[\w\.\-\+%!$&'\(\)*\+,;=]|%[0-9a-f]{2})+@          # combination
+)?
+(?:
+(?:[a-z0-9\-\.]|%[0-9a-f]{2})+                        # A domain name or a IPv4 address
+|(?:\[(?:[0-9a-f]{0,4}:)*(?:[0-9a-f]{0,4})\])         # or a well formed IPv6 address
+)
+(?::[0-9]+)?                                            # Server port number (optional)
+(?:[\/|\?]
+(?:[\w#!:\.\?\+=&@$'~*,;\/\(\)\[\]\-]|%[0-9a-f]{2})   # The path and query (optional)
+*)?
+$/xi", $url);
 }
 else {
-return preg_match("/^". $allowed_characters ."+$/i", $url);
+return (bool)preg_match("/^(?:[\w#!:\.\?\+=&@$'~*,;\/\(\)\[\]\-]|%[0-9a-f]{2})+$/i", $url);
 }
 }
 /**
 * @} End of "defgroup validation".
 */

Mercurial > defr > drupal > core

comparison includes/common.inc @ 19:3edae6ecd6c6 6.9